summaryrefslogtreecommitdiffstats
path: root/src/build.h.in
blob: c8a90eb26ca91507d7f5badff7938727da553b2f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
/*
  Copyright (c) 2012-2015, Matthias Schiffer <mschiffer@universe-factory.net>
  All rights reserved.

  Redistribution and use in source and binary forms, with or without
  modification, are permitted provided that the following conditions are met:

    1. Redistributions of source code must retain the above copyright notice,
       this list of conditions and the following disclaimer.
    2. Redistributions in binary form must reproduce the above copyright notice,
       this list of conditions and the following disclaimer in the documentation
       and/or other materials provided with the distribution.

  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
  CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

/**
   \file

   Generated configuration
*/


#pragma once

/** Defined if the platform supports the AI_ADDRCONFIG flag to getaddrinfo() */
#cmakedefine HAVE_AI_ADDRCONFIG

/** Defined if the platform defines get_current_dir_name() */
#cmakedefine HAVE_GET_CURRENT_DIR_NAME

/** Defined if <endian.h> exists */
#cmakedefine HAVE_ENDIAN_H

/** Defined if <sys/endian.h> exists */
#cmakedefine HAVE_SYS_ENDIAN_H

/** Defined if be32toh etc. exist */
#cmakedefine HAVE_LINUX_ENDIAN

/** Defined if the platform defines setresuid() */
#cmakedefine HAVE_SETRESUID

/** Defined if the platform defines setresgid() */
#cmakedefine HAVE_SETRESGID

/** Defined if the platform supports SO_BINDTODEVICE */
#cmakedefine USE_BINDTODEVICE

/** Defined if the platform supports epoll */
#cmakedefine USE_EPOLL

/** Defined if the platform uses select instead of poll */
#cmakedefine USE_SELECT

/** Defined if the platform supports SO_FREEBIND */
#cmakedefine USE_FREEBIND

/** Defined if the platform supports IP_MTU_DISCOVER */
#cmakedefine USE_PMTU

/** Defined if the platform supports IP_PKTINFO */
#cmakedefine USE_PKTINFO

/** Defined if the platform supports SO_MARK */
#cmakedefine USE_PACKET_MARK

/** Defined if the platform supports settings users and groups */
#cmakedefine USE_USER

/** Defined if the platform supports binding on IPv4 and IPv6 with a single socket */
#cmakedefine USE_MULTIAF_BIND


/** Defined if POSIX capability support is enabled */
#cmakedefine WITH_CAPABILITIES

/** Defined if support for setting user/group related options on the command line is enabled */
#cmakedefine WITH_CMDLINE_USER

/** Defined if support for setting logging related options on the command line is enabled */
#cmakedefine WITH_CMDLINE_LOGGING

/** Defined if support for setting related to the VPN operation (like mode, interface, encryption method) on the command line is enabled */
#cmakedefine WITH_CMDLINE_OPERATION

/** Defined if support for setting handler scripts (e.g. --on-up) on the command line is enabled */
#cmakedefine WITH_CMDLINE_COMMANDS

/** Defined if on-verify support is enabled */
#cmakedefine WITH_DYNAMIC_PEERS

/** Defined if status socket support is enabled */
#cmakedefine WITH_STATUS_SOCKET

/** Defined if systemd support is enabled */
#cmakedefine ENABLE_SYSTEMD


/** Defined if libsodium is used */
#cmakedefine HAVE_LIBSODIUM

/** Defined if OpenSSL is used */
#cmakedefine ENABLE_OPENSSL


/** The maximum depth of nested includes in config files */
#define MAX_CONFIG_DEPTH @MAX_CONFIG_DEPTH_NUM@


/** The default handshake interval */
#define DEFAULT_HANDSHAKE_INTERVAL 20000 /* 20 seconds */

/** The default handshake interval jitter */
#define DEFAULT_HANDSHAKE_JITTER 2500	/* 2.5 seconds */

/** The interval of periodic maintenance tasks */
#define MAINTENANCE_INTERVAL 10000	/* 10 seconds */

/** The time after which a keepalive should be sent */
#define KEEPALIVE_TIMEOUT 20000		/* 20 seconds */

/** The time after with a peer is reset if no traffic is received from it */
#define PEER_STALE_TIME 90000		/* 90 seconds */

/** The time after which a peer's ethernet address is forgotten if it is not seen */
#define ETH_ADDR_STALE_TIME 300000	/* 5 minutes */


/** The time after a packet is received and no packets with lower sequence numbers are accepted anymore */
#define REORDER_TIME 10000


/** The minimum time that must pass between two on-verify calls on the same peer */
#define MIN_VERIFY_INTERVAL 10000	/* 10 seconds */

/** How long a peer stays valid after a successful on-verify run */
#define VERIFY_VALID_TIME 60000		/* 1 minute */

/** Maximum number of concurrent on-verify runs */
#define VERIFY_LIMIT 32

/** The minimum interval between two handshakes with a peer */
#define MIN_HANDSHAKE_INTERVAL 15000	/* 15 seconds */

/** The minimum interval between two resolves of the same remote */
#define MIN_RESOLVE_INTERVAL 15000	/* 15 seconds */

/** The number of hash tables for backoff_unknown() */
#define UNKNOWN_TABLES 16

/** The number of entries per unknown peer table */
#define UNKNOWN_ENTRIES 64



/** How long a session stays valid after a key is negotiated */
#define KEY_VALID 3600000		/* 60 minutes */

/** How long an old session stays valid after a new session has been established */
#define KEY_VALID_OLD 60000		/* 1 minute */

/** How many seconds after the establishment of a session we want to refresh the session */
#define KEY_REFRESH 3300000		/* 55 minutes */

/** A random time up to KEY_REFRESH_SPLAY is subtracted from KEY_REFRESH */
#define KEY_REFRESH_SPLAY 300000	/* 5 minutes */