Make user-visible strings translatable
[platform/upstream/openconnect.git] / openconnect-internal.h
1 /*
2  * OpenConnect (SSL + DTLS) VPN client
3  *
4  * Copyright © 2008-2011 Intel Corporation.
5  * Copyright © 2008 Nick Andrew <nick@nick-andrew.net>
6  *
7  * Author: David Woodhouse <dwmw2@infradead.org>
8  *
9  * This program is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU Lesser General Public License
11  * version 2.1, as published by the Free Software Foundation.
12  *
13  * This program is distributed in the hope that it will be useful, but
14  * WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
16  * Lesser General Public License for more details.
17  *
18  * You should have received a copy of the GNU Lesser General Public
19  * License along with this library; if not, write to:
20  *
21  *   Free Software Foundation, Inc.
22  *   51 Franklin Street, Fifth Floor,
23  *   Boston, MA 02110-1301 USA
24  */
25
26 #ifndef __OPENCONNECT_INTERNAL_H__
27 #define __OPENCONNECT_INTERNAL_H__
28
29 #include "openconnect.h"
30
31 #include <openssl/ssl.h>
32 #include <zlib.h>
33 #include <stdint.h>
34 #include <sys/socket.h>
35 #include <sys/select.h>
36 #include <sys/time.h>
37 #include <sys/types.h>
38 #include <unistd.h>
39 #ifdef LIBPROXY_HDR
40 #include LIBPROXY_HDR
41 #endif
42 #ifdef ENABLE_NLS
43 #include <libintl.h>
44 #define _(s) gettext(s)
45 #else
46 #define _(s) s
47 #endif
48 #define N_(s) s
49
50 /****************************************************************************/
51
52 struct pkt {
53         int len;
54         struct pkt *next;
55         unsigned char hdr[8];
56         unsigned char data[];
57 };
58
59 struct vpn_option {
60         char *option;
61         char *value;
62         struct vpn_option *next;
63 };
64
65 #define KA_NONE         0
66 #define KA_DPD          1
67 #define KA_DPD_DEAD     2
68 #define KA_KEEPALIVE    3
69 #define KA_REKEY        4
70
71 struct keepalive_info {
72         int dpd;
73         int keepalive;
74         int rekey;
75         time_t last_rekey;
76         time_t last_tx;
77         time_t last_rx;
78         time_t last_dpd;
79 };
80
81 struct split_include {
82         char *route;
83         struct split_include *next;
84 };
85
86 #define RECONNECT_INTERVAL_MIN  10
87 #define RECONNECT_INTERVAL_MAX  100
88
89 #define CERT_TYPE_UNKNOWN       0
90 #define CERT_TYPE_PEM           1
91 #define CERT_TYPE_PKCS12        2
92 #define CERT_TYPE_TPM           3
93
94 struct openconnect_info {
95         char *redirect_url;
96
97         char *csd_token;
98         char *csd_ticket;
99         char *csd_stuburl;
100         char *csd_starturl;
101         char *csd_waiturl;
102         char *csd_preurl;
103
104         char *csd_scriptname;
105
106 #ifdef LIBPROXY_HDR
107         pxProxyFactory *proxy_factory;
108 #endif
109         char *proxy_type;
110         char *proxy;
111         int proxy_port;
112
113         const char *localname;
114         char *hostname;
115         int port;
116         char *urlpath;
117         const char *cert;
118         const char *sslkey;
119         X509 *cert_x509;
120         int cert_type;
121         char *cert_password;
122         const char *cafile;
123         const char *servercert;
124         const char *xmlconfig;
125         char xmlsha1[(SHA_DIGEST_LENGTH * 2) + 1];
126         char *username;
127         char *password;
128         char *authgroup;
129         int nopasswd;
130         char *dtls_ciphers;
131         uid_t uid_csd;
132         char *csd_wrapper;
133         int uid_csd_given;
134         int no_http_keepalive;
135
136         char *cookie; /* Pointer to within cookies list */
137         struct vpn_option *cookies;
138         struct vpn_option *cstp_options;
139         struct vpn_option *dtls_options;
140
141         SSL_CTX *https_ctx;
142         SSL *https_ssl;
143         struct keepalive_info ssl_times;
144         int owe_ssl_dpd_response;
145         struct pkt *deflate_pkt;
146         struct pkt *current_ssl_pkt;
147
148         z_stream inflate_strm;
149         uint32_t inflate_adler32;
150         z_stream deflate_strm;
151         uint32_t deflate_adler32;
152
153         int disable_ipv6;
154         int reconnect_timeout;
155         int reconnect_interval;
156         int dtls_attempt_period;
157         time_t new_dtls_started;
158         SSL_CTX *dtls_ctx;
159         SSL *dtls_ssl;
160         SSL *new_dtls_ssl;
161         SSL_SESSION *dtls_session;
162         struct keepalive_info dtls_times;
163         unsigned char dtls_session_id[32];
164         unsigned char dtls_secret[48];
165
166         char *dtls_cipher;
167         char *vpnc_script;
168         int script_tun;
169         char *ifname;
170
171         int mtu;
172         const char *banner;
173         const char *vpn_addr;
174         const char *vpn_netmask;
175         const char *vpn_addr6;
176         const char *vpn_netmask6;
177         const char *vpn_dns[3];
178         const char *vpn_nbns[3];
179         const char *vpn_domain;
180         const char *vpn_proxy_pac;
181         struct split_include *split_includes;
182         struct split_include *split_excludes;
183
184         int select_nfds;
185         fd_set select_rfds;
186         fd_set select_wfds;
187         fd_set select_efds;
188
189 #ifdef __sun__
190         int ip_fd;
191         int tun_muxid;
192 #endif
193         int tun_fd;
194         int ssl_fd;
195         int dtls_fd;
196         int new_dtls_fd;
197
198         struct pkt *incoming_queue;
199         struct pkt *outgoing_queue;
200         int outgoing_qlen;
201         int max_qlen;
202
203         socklen_t peer_addrlen;
204         struct sockaddr *peer_addr;
205         struct sockaddr *dtls_addr;
206
207         int deflate;
208         char *useragent;
209
210         const char *quit_reason;
211
212         void *cbdata;
213         openconnect_validate_peer_cert_vfn validate_peer_cert;
214         openconnect_write_new_config_vfn write_new_config;
215         openconnect_process_auth_form_vfn process_auth_form;
216         openconnect_progress_vfn progress;
217 };
218
219 /* Packet types */
220
221 #define AC_PKT_DATA             0       /* Uncompressed data */
222 #define AC_PKT_DPD_OUT          3       /* Dead Peer Detection */
223 #define AC_PKT_DPD_RESP         4       /* DPD response */
224 #define AC_PKT_DISCONN          5       /* Client disconnection notice */
225 #define AC_PKT_KEEPALIVE        7       /* Keepalive */
226 #define AC_PKT_COMPRESSED       8       /* Compressed data */
227 #define AC_PKT_TERM_SERVER      9       /* Server kick */
228
229 /* Ick */
230 #if OPENSSL_VERSION_NUMBER >= 0x00909000L
231 #define method_const const
232 #else
233 #define method_const
234 #endif
235
236 #define vpn_progress(vpninfo, ...) (vpninfo)->progress ((vpninfo)->cbdata, __VA_ARGS__)
237
238 /****************************************************************************/
239
240 /* tun.c */
241 int setup_tun(struct openconnect_info *vpninfo);
242 int tun_mainloop(struct openconnect_info *vpninfo, int *timeout);
243 void shutdown_tun(struct openconnect_info *vpninfo);
244 void script_reconnect (struct openconnect_info *vpninfo);
245
246 /* dtls.c */
247 unsigned char unhex(const char *data);
248 int setup_dtls(struct openconnect_info *vpninfo);
249 int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout);
250 int dtls_try_handshake(struct openconnect_info *vpninfo);
251 int connect_dtls_socket(struct openconnect_info *vpninfo);
252
253 /* cstp.c */
254 int make_cstp_connection(struct openconnect_info *vpninfo);
255 int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout);
256 int cstp_bye(struct openconnect_info *vpninfo, const char *reason);
257 int cstp_reconnect(struct openconnect_info *vpninfo);
258
259 /* ssl.c */
260 int  __attribute__ ((format (printf, 2, 3)))
261                 openconnect_SSL_printf(SSL *ssl, const char *fmt, ...);
262 int openconnect_SSL_gets(SSL *ssl, char *buf, size_t len);
263 int openconnect_open_https(struct openconnect_info *vpninfo);
264 void openconnect_close_https(struct openconnect_info *vpninfo);
265 int get_cert_md5_fingerprint(struct openconnect_info *vpninfo, X509 *cert,
266                              char *buf);
267 void report_ssl_errors(struct openconnect_info *vpninfo);
268
269 /* mainloop.c */
270 int vpn_add_pollfd(struct openconnect_info *vpninfo, int fd, short events);
271 int vpn_mainloop(struct openconnect_info *vpninfo);
272 int queue_new_packet(struct pkt **q, void *buf, int len);
273 void queue_packet(struct pkt **q, struct pkt *new);
274 int keepalive_action(struct keepalive_info *ka, int *timeout);
275 int ka_stalled_dpd_time(struct keepalive_info *ka, int *timeout);
276
277 extern int killed;
278
279 /* xml.c */
280 int config_lookup_host(struct openconnect_info *vpninfo, const char *host);
281
282 /* auth.c */
283 int parse_xml_response(struct openconnect_info *vpninfo, char *response,
284                        char *request_body, int req_len, const char **method,
285                        const char **request_body_type);
286
287 /* http.c */
288 char *openconnect_create_useragent(const char *base);
289 int process_proxy(struct openconnect_info *vpninfo, int ssl_sock);
290 int internal_parse_url(char *url, char **res_proto, char **res_host,
291                        int *res_port, char **res_path, int default_port);
292
293 /* ssl_ui.c */
294 int set_openssl_ui(void);
295
296 /* securid.c */
297 int generate_securid_tokencodes(struct openconnect_info *vpninfo);
298 int add_securid_pin(char *token, char *pin);
299
300 /* version.c */
301 extern char openconnect_version[];
302
303 #endif /* __OPENCONNECT_INTERNAL_H__ */