1 /* 2 * Copyright (C) 2016 Red Hat, Inc. 3 * 4 * Author: Nikos Mavrogiannopoulos 5 * 6 * This file is part of ocserv. 7 * 8 * ocserv is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU Lesser General Public License 10 * as published by the Free Software Foundation; either version 2.1 of 11 * the License, or (at your option) any later version. 12 * 13 * This library is distributed in the hope that it will be useful, but 14 * WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * Lesser General Public License for more details. 17 * 18 * You should have received a copy of the GNU Lesser General Public License 19 * along with this program. If not, see <http://www.gnu.org/licenses/> 20 */ 21 #ifndef DEFS_H 22 #define DEFS_H 23 24 #include <syslog.h> 25 26 /* syslog value extensions */ 27 #define LOG_HTTP_DEBUG 2048 28 #define LOG_TRANSFER_DEBUG 2049 29 #define LOG_SENSITIVE 2050 30 31 32 /* User Disconnect reasons (must be > 0) */ 33 #define REASON_ANY 1 34 #define REASON_USER_DISCONNECT 2 35 #define REASON_SERVER_DISCONNECT 3 36 #define REASON_IDLE_TIMEOUT 4 37 #define REASON_DPD_TIMEOUT 5 38 #define REASON_ERROR 6 39 #define REASON_SESSION_TIMEOUT 7 40 #define REASON_TEMP_DISCONNECT 8 41 #define REASON_HEALTH_PROBE 9 42 43 /* Timeout (secs) for communication between main and sec-mod */ 44 #define MAIN_SEC_MOD_TIMEOUT 120 45 #define MAX_WAIT_SECS 3 46 47 /* Debug definitions for logger */ 48 #define DEBUG_BASIC 1 49 #define DEBUG_INFO 2 50 #define DEBUG_DEBUG 3 51 #define DEBUG_HTTP 4 52 #define DEBUG_TRANSFERRED 5 53 #define DEBUG_SENSITIVE 8 54 #define DEBUG_TLS 9 55 56 /* Authentication states */ 57 enum { 58 PS_AUTH_INACTIVE, /* no comm with worker */ 59 PS_AUTH_FAILED, /* tried authentication but failed */ 60 PS_AUTH_INIT, /* worker has sent an auth init msg */ 61 PS_AUTH_CONT, /* worker has sent an auth cont msg */ 62 PS_AUTH_COMPLETED /* successful authentication */ 63 }; 64 65 /* IPC protocol commands */ 66 typedef enum { 67 AUTH_COOKIE_REP = 2, 68 AUTH_COOKIE_REQ = 4, 69 RESUME_STORE_REQ = 6, 70 RESUME_DELETE_REQ = 7, 71 RESUME_FETCH_REQ = 8, 72 RESUME_FETCH_REP = 9, 73 CMD_UDP_FD = 10, 74 CMD_TUN_MTU = 11, 75 CMD_TERMINATE = 12, 76 CMD_SESSION_INFO = 13, 77 CMD_BAN_IP = 16, 78 CMD_BAN_IP_REPLY = 17, 79 CMD_LATENCY_STATS_DELTA = 18, 80 81 /* from worker to sec-mod */ 82 CMD_SEC_AUTH_INIT = 120, 83 CMD_SEC_AUTH_CONT, 84 CMD_SEC_AUTH_REPLY, 85 CMD_SEC_DECRYPT, 86 CMD_SEC_SIGN, 87 CMD_SEC_SIGN_DATA, 88 CMD_SEC_SIGN_HASH, 89 CMD_SEC_GET_PK, 90 CMD_SEC_CLI_STATS, 91 92 /* from main to sec-mod and vice versa */ 93 MIN_SECM_CMD=239, 94 CMD_SECM_SESSION_OPEN, /* sync: reply is CMD_SECM_SESSION_REPLY */ 95 CMD_SECM_SESSION_CLOSE, /* sync: reply is CMD_SECM_CLI_STATS */ 96 CMD_SECM_SESSION_REPLY, 97 CMD_SECM_BAN_IP, 98 CMD_SECM_BAN_IP_REPLY, 99 CMD_SECM_CLI_STATS, 100 CMD_SECM_LIST_COOKIES, 101 CMD_SECM_LIST_COOKIES_REPLY, 102 CMD_SECM_STATS, /* sent periodically */ 103 CMD_SECM_RELOAD, 104 CMD_SECM_RELOAD_REPLY, 105 106 MAX_SECM_CMD, 107 } cmd_request_t; 108 109 /* Error codes */ 110 #define ERR_SUCCESS 0 111 #define ERR_BAD_COMMAND -2 112 #define ERR_AUTH_FAIL -3 113 #define ERR_AUTH_CONTINUE -4 114 #define ERR_WAIT_FOR_SCRIPT -5 115 #define ERR_MEM -6 116 #define ERR_READ_CONFIG -7 117 #define ERR_NO_IP -8 118 #define ERR_PARSING -9 119 #define ERR_EXEC -10 120 #define ERR_PEER_TERMINATED -11 121 #define ERR_CTL -12 122 #define ERR_NO_CMD_FD -13 123 124 #define ERR_WORKER_TERMINATED ERR_PEER_TERMINATED 125 126 #endif 127