OpenVPN
common.h
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, see <https://www.gnu.org/licenses/>.
21 */
22
23#ifndef COMMON_H
24#define COMMON_H
25
26#include <stdint.h>
27
28/*
29 * Statistics counters and associated printf format.
30 */
31typedef uint64_t counter_type;
32#define counter_format "%" PRIu64
33
34/*
35 * Time intervals
36 */
37typedef int interval_t;
38
39/*
40 * Used as an upper bound for timeouts.
41 */
42#define BIG_TIMEOUT (60 * 60 * 24 * 7) /* one week (in seconds) */
43
44/*
45 * Printf formats for special types
46 */
47#ifdef _WIN64
48#define ptr_format "0x%016" PRIx64
49#else
50#define ptr_format "0x%08lx"
51#endif
52#define fragment_header_format "0x%08x"
53
54/* these are used to cast the arguments
55 * and MUST match the formats above */
56#ifdef _WIN64
57typedef unsigned long long ptr_type;
58#else
59typedef unsigned long ptr_type;
60#endif
61
62/* the --client-config-dir default file */
63#define CCD_DEFAULT "DEFAULT"
64
65/*
66 * This parameter controls the TLS channel buffer size and the
67 * maximum size of a single TLS message (cleartext).
68 * This parameter must be >= PUSH_BUNDLE_SIZE
69 */
70#define TLS_CHANNEL_BUF_SIZE 2048
71
72/* TLS control buffer minimum size
73 *
74 * A control frame might have IPv6 header (40 byte),
75 * UDP (8 byte), opcode (1), session id (8),
76 * ACK array with 4 ACKs in non-ACK_V1 packets (25 bytes)
77 * tls-crypt(56) or tls-auth(up to 72). To allow secure
78 * renegotiation (dynamic tls-crypt), we set this minimum
79 * to 154, which only allows 16 byte of payload and should
80 * be considered an absolute minimum and not a good value to
81 * set
82 */
83#define TLS_CHANNEL_MTU_MIN 154
84
85/*
86 * This parameter controls the maximum size of a bundle
87 * of pushed options.
88 */
89#define PUSH_BUNDLE_SIZE 1024
90
91/*
92 * In how many seconds does client re-send PUSH_REQUEST if we haven't yet received a reply
93 */
94#define PUSH_REQUEST_INTERVAL 5
95
96/*
97 * Script security warning
98 */
99#define SCRIPT_SECURITY_WARNING \
100 "WARNING: External program may not be called unless '--script-security 2' or higher is enabled. See --help text or man page for detailed info."
101
102#endif /* ifndef COMMON_H */
counter_type
uint64_t counter_type
Definition common.h:31
interval_t
int interval_t
Definition common.h:37
ptr_type
unsigned long ptr_type
Definition common.h:59
Generated by doxygen 1.9.8