1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
/*
Copyright (c) 2012-2014, Matthias Schiffer <mschiffer@universe-factory.net>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/**
\file
Generated configuration
*/
#pragma once
/** Defined if the platform supports the AI_ADDRCONFIG flag to getaddrinfo() */
#cmakedefine HAVE_AI_ADDRCONFIG
/** Defined if the platform defines the \e ethhdr struct */
#cmakedefine HAVE_ETHHDR
/** Defined if the platform defines get_current_dir_name() */
#cmakedefine HAVE_GET_CURRENT_DIR_NAME
/** Defined if the platform supports SO_BINDTODEVICE */
#cmakedefine USE_BINDTODEVICE
/** Defined if the platform supports epoll */
#cmakedefine USE_EPOLL
/** Defined if the platform supports SO_FREEBIND */
#cmakedefine USE_FREEBIND
/** Defined if the platform supports IP_MTU_DISCOVER */
#cmakedefine USE_PMTU
/** Defined if the platform supports IP_PKTINFO */
#cmakedefine USE_PKTINFO
/** Defined if the platform supports SO_MARK */
#cmakedefine USE_PACKET_MARK
/** Defined if the platform supports binding on IPv4 and IPv6 with a single socket */
#cmakedefine USE_MULTIAF_BIND
/** Defined if POSIX capability support is enabled */
#cmakedefine WITH_CAPABILITIES
/** Defined if support for setting user/group related options on the command line is enabled */
#cmakedefine WITH_CMDLINE_USER
/** Defined if support for setting logging related options on the command line is enabled */
#cmakedefine WITH_CMDLINE_LOGGING
/** Defined if support for setting related to the VPN operation (like mode, interface, encryption method) on the command line is enabled */
#cmakedefine WITH_CMDLINE_OPERATION
/** Defined if support for setting handler scripts (e.g. --on-up) on the command line is enabled */
#cmakedefine WITH_CMDLINE_COMMANDS
/** Defined if on-verify support is enabled */
#cmakedefine WITH_VERIFY
/** Defined if systemd support is enabled */
#cmakedefine ENABLE_SYSTEMD
/** Defined if libsodium is used */
#cmakedefine HAVE_LIBSODIUM
/** Defined if OpenSSL is used */
#cmakedefine ENABLE_OPENSSL
/** The maximum depth of nested includes in config files */
#define MAX_CONFIG_DEPTH @MAX_CONFIG_DEPTH_NUM@
/** The interval of periodic maintenance tasks */
#define MAINTENANCE_INTERVAL 10
/** The time after which a keepalive should be sent */
#define KEEPALIVE_TIMEOUT 15
/** The time after with a peer is reset if no traffic is received from it */
#define PEER_STALE_TIME 90
/** The time after which a peer's ethernet address is forgotten if it is not seen */
#define ETH_ADDR_STALE_TIME 300
/** The time after a packet is received and no packets with lower sequence numbers are accepted anymore */
#define REORDER_TIME 10
/** The minimum time that must pass between two on-verify calls on the same peer */
#define MIN_VERIFY_INTERVAL 10
/** How long a peer stays valid after a successful on-verify run */
#define VERIFY_VALID_TIME 60 /* 1 minute */
/** Maximum number of concurrent on-verify runs */
#define VERIFY_LIMIT 32
/** The minimum interval between two handshakes with a peer */
#define MIN_HANDSHAKE_INTERVAL 15
/** The minimum interval between two resolves of the same remote */
#define MIN_RESOLVE_INTERVAL 15
/** How long a session stays valid after a key is negotiated */
#define KEY_VALID 3600 /* 60 minutes */
/** How long an old session stays valid after a new session has been established */
#define KEY_VALID_OLD 60 /* 1 minute */
/** How many seconds after the establishment of a session we want to refresh the session */
#define KEY_REFRESH 3300 /* 55 minutes */
/** A random time up to KEY_REFRESH_SPLAY is subtracted from KEY_REFRESH */
#define KEY_REFRESH_SPLAY 300 /* 5 minutes */
|
