1 /* 2 Copyright 2021 Northern.tech AS 3 4 This file is part of CFEngine 3 - written and maintained by Northern.tech AS. 5 6 This program is free software; you can redistribute it and/or modify it 7 under the terms of the GNU General Public License as published by the 8 Free Software Foundation; version 3. 9 10 This program is distributed in the hope that it will be useful, 11 but WITHOUT ANY WARRANTY; without even the implied warranty of 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 GNU General Public License for more details. 14 15 You should have received a copy of the GNU General Public License 16 along with this program; if not, write to the Free Software 17 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 18 19 To the extent this program is licensed as part of the Enterprise 20 versions of CFEngine, the applicable Commercial Open Source License 21 (COSL) may apply to this file if you as a licensee so wish it. See 22 included file COSL.txt. 23 */ 24 25 #include <cf3.defs.h> 26 27 /*****************************************************************************/ 28 /* flags */ 29 /*****************************************************************************/ 30 31 32 /*****************************************************************************/ 33 /* operational state */ 34 /*****************************************************************************/ 35 36 bool FIPS_MODE = false; /* GLOBAL_P */ 37 38 struct utsname VSYSNAME; /* GLOBAL_E, initialized later */ 39 40 int CFA_MAXTHREADS = 10; /* GLOBAL_P */ 41 int CF_PERSISTENCE = 10; /* GLOBAL_P */ 42 43 AgentType THIS_AGENT_TYPE; /* GLOBAL_C, initialized later */ 44 45 /*****************************************************************************/ 46 /* Internal data structures */ 47 /*****************************************************************************/ 48 49 long LASTSEENEXPIREAFTER = SECONDS_PER_WEEK; /* GLOBAL_P */ 50 51 /*****************************************************************************/ 52 /* Compatibility infrastructure */ 53 /*****************************************************************************/ 54 55 /* The mode policy is evaluated in (normal, dry-run, audit,...) */ 56 EvalMode EVAL_MODE = EVAL_MODE_NORMAL; 57 58 /* NB! Check use before changing sizes */ 59 // Note: These were previously all CF_MAXVARSIZE = 1024 size 60 // However, to avoid problematic truncation, we changed the last 2 to 512, 61 // thus they will fit into VFQNAME ("%s.%s"). 62 // This RFC indicates that DNS only supports up to 255 bytes, anyway: 63 // https://tools.ietf.org/html/rfc2181#section-11 64 char VFQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */ 65 char VUQNAME[CF_MAXVARSIZE / 2] = ""; /* GLOBAL_E */ 66 char VDOMAIN[CF_MAXVARSIZE / 2] = ""; /* GLOBAL_E GLOBAL_P */ 67 68 /* 69 Default value for copytype attribute. Loaded by cf-agent from body control 70 */ 71 const char *DEFAULT_COPYTYPE = NULL; /* GLOBAL_P */ 72 73 /* 74 Keys for the agent. Loaded by LoadSecretKeys. 75 76 Used in network protocol and leaked to language. 77 */ 78 RSA *PRIVKEY = NULL, *PUBKEY = NULL; /* GLOBAL_X */ 79 80 /* 81 First IP address discovered by DetectEnvironment (hence reloaded every policy 82 change). 83 84 Used somewhere in cf-execd, superficially in old-style protocol handshake and 85 sporadically in other situations. 86 */ 87 char VIPADDRESS[CF_MAX_IP_LEN] = ""; /* GLOBAL_E */ 88 89 /* 90 Edition-time constant (MD5 for community, something else for Enterprise) 91 92 Used as a default hash everywhere (not only in network protocol) 93 */ 94 HashMethod CF_DEFAULT_DIGEST; /* GLOBAL_C, initialized later */ 95 int CF_DEFAULT_DIGEST_LEN; /* GLOBAL_C, initialized later */ 96 97 /* 98 Holds the "now" time captured at the moment of policy (re)load. 99 100 TODO: This variable should be internal to timeout.c, not exposed. 101 It should only be set by SetStartTime() and read by GetStartTime(). 102 103 Utilized everywhere "now" start time is needed 104 */ 105 time_t CFSTARTTIME; /* GLOBAL_E, initialized later */ 106 107 /* 108 Set in cf-agent/cf-runagent (from control body). 109 110 Used as a timeout for socket operations in network code. 111 */ 112 time_t CONNTIMEOUT = 30; /* seconds */ /* GLOBAL_A GLOBAL_P */ 113 114 /* 115 Internal detail of timeout operations. Due to historical reasons 116 is defined here, not in libpromises/timeout.c 117 */ 118 pid_t ALARM_PID = -1; /* GLOBAL_X */ 119 120 /* 121 Set in cf-agent (from control body). 122 123 Used as a default value for maxfilesize attribute in policy 124 */ 125 int EDITFILESIZE = 100000; /* GLOBAL_P */ 126 127 /* 128 Set in cf-agent (from control body) and GenericAgentInitialize. 129 130 Used as a default value for ifelapsed attribute in policy. 131 */ 132 int VIFELAPSED = 1; /* GLOBAL_P */ 133 134 /* 135 Set in cf-agent (from control body) and GenericAgentInitialize. 136 137 Used as a default value for expireafter attribute in policy. 138 */ 139 int VEXPIREAFTER = 120; /* GLOBAL_P */ 140 141 /* 142 Set in cf-agent/cf-serverd (from control body). 143 144 Utilized in server/client code to bind sockets. 145 */ 146 char BINDINTERFACE[CF_MAXVARSIZE]; /* GLOBAL_P */ 147 148 /* 149 Set in cf-*.c:CheckOpts and GenericAgentConfigParseArguments. 150 151 Utilized in generic_agent.c for 152 - cf_promises_validated filename 153 - GenericAgentCheckPolicy 154 - GenericAgentLoadPolicy (ReadPolicyValidatedFile) 155 */ 156 bool MINUSF = false; /* GLOBAL_A */ 157