-
Notifications
You must be signed in to change notification settings - Fork 368
Expand file tree
/
Copy pathconfig.h
More file actions
146 lines (126 loc) · 3.52 KB
/
config.h
File metadata and controls
146 lines (126 loc) · 3.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
/*
* Copyright (C) 2015 Adrien Vergé
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef OPENFORTIVPN_CONFIG_H
#define OPENFORTIVPN_CONFIG_H
#include <netinet/in.h>
#include <errno.h>
#include <stdint.h>
#include <string.h>
#define ERR_CFG_UNKNOWN -1
#define ERR_CFG_SEE_ERRNO -2
#define ERR_CFG_EMPTY_FILE -3
#define ERR_CFG_NO_MEM -4
#define ERR_CFG_CANNOT_READ -5
static inline const char *err_cfg_str(int code)
{
if (code == ERR_CFG_SEE_ERRNO)
return strerror(errno);
else if (code == ERR_CFG_EMPTY_FILE)
return "Empty file";
else if (code == ERR_CFG_NO_MEM)
return "Not enough memory";
else if (code == ERR_CFG_CANNOT_READ)
return "Cannot read file";
return "unknown";
}
#if HAVE_USR_SBIN_PPPD
#define PPP_DAEMON "pppd"
#else
#define PPP_DAEMON "ppp"
#endif
#define SHA256LEN (256 / 8)
#define SHA256STRLEN (2 * SHA256LEN + 1)
struct x509_digest {
struct x509_digest *next;
char data[SHA256STRLEN];
};
#define FIELD_SIZE 64
/*
* RFC 6265 does not limit the size of cookies:
* https://www.rfc-editor.org/info/rfc6265
*
* Yet browsers typically limit themselves to ~4K so we are on the safe side:
* http://browsercookielimits.squawky.net/
*/
#define COOKIE_SIZE 4096
/*
* GNU libc used to limit the search list to 256 characters:
* https://unix.stackexchange.com/questions/245849
*
* We believe we are on the safe side using this value.
*/
#define MAX_DOMAIN_LENGTH 256
struct vpn_config {
char gateway_host[FIELD_SIZE + 1];
struct in_addr gateway_ip;
uint16_t gateway_port;
char username[FIELD_SIZE + 1];
char *password;
char otp[FIELD_SIZE + 1];
char *otp_prompt;
unsigned int otp_delay;
int no_ftm_push;
char *pinentry;
char iface_name[FIELD_SIZE + 1];
char realm[FIELD_SIZE + 1];
int set_routes;
int set_dns;
int pppd_use_peerdns;
int use_syslog;
#if HAVE_RESOLVCONF
int use_resolvconf;
#endif
int half_internet_routes;
unsigned int persistent;
#if HAVE_USR_SBIN_PPPD
char *pppd_log;
char *pppd_plugin;
char *pppd_ipparam;
char *pppd_keepalive;
char *pppd_ifname;
char *pppd_call;
#endif
#if HAVE_USR_SBIN_PPP
char *ppp_system;
#endif
char *ca_file;
char *user_cert;
char *user_key;
int insecure_ssl;
int min_tls;
int seclevel_1;
char *cipher_list;
struct x509_digest *cert_whitelist;
int use_engine;
char *user_agent;
char *hostcheck;
char *check_virtual_desktop;
};
int add_trusted_cert(struct vpn_config *cfg, const char *digest);
int strtob(const char *str);
int parse_min_tls(const char *str);
int load_config(struct vpn_config *cfg, const char *filename);
void destroy_vpn_config(struct vpn_config *cfg);
/*
* merge source config into dest
*
* memory allocated dynamically is transferred with this function
* e.g. ownership goes to dest config
*/
void merge_config(struct vpn_config *dest, struct vpn_config *source);
extern const struct vpn_config invalid_cfg;
#endif