1 /*
2  *  OpenVPN -- An application to securely tunnel IP networks
3  *             over a single TCP/UDP port, with support for SSL/TLS-based
4  *             session authentication and key exchange,
5  *             packet encryption, packet authentication, and
6  *             packet compression.
7  *
8  *  Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net>
9  *
10  *  This program is free software; you can redistribute it and/or modify
11  *  it under the terms of the GNU General Public License version 2
12  *  as published by the Free Software Foundation.
13  *
14  *  This program is distributed in the hope that it will be useful,
15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  *  GNU General Public License for more details.
18  *
19  *  You should have received a copy of the GNU General Public License along
20  *  with this program; if not, write to the Free Software Foundation, Inc.,
21  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifndef OCC_H
25 #define OCC_H
26 
27 #include "forward.h"
28 
29 /* OCC_STRING_SIZE must be set to sizeof (occ_magic) */
30 #define OCC_STRING_SIZE 16
31 
32 /*
33  * OCC (OpenVPN Configuration Control) protocol opcodes.
34  */
35 
36 #define OCC_REQUEST   0         /* request options string from peer */
37 #define OCC_REPLY     1         /* deliver options string to peer */
38 
39 /*
40  * Send an OCC_REQUEST once every OCC_INTERVAL
41  * seconds until a reply is received.
42  *
43  * If we haven't received a reply after
44  * OCC_N_TRIES, give up.
45  */
46 #define OCC_INTERVAL_SECONDS 10
47 #define OCC_N_TRIES          12
48 
49 /*
50  * Other OCC protocol opcodes used to estimate the MTU empirically.
51  */
52 #define OCC_MTU_LOAD_REQUEST   2        /* Ask peer to send a big packet to us */
53 #define OCC_MTU_LOAD           3        /* Send a big packet to peer */
54 #define OCC_MTU_REQUEST        4        /* Ask peer to tell us the largest
55                                          * packet it has received from us so far */
56 #define OCC_MTU_REPLY          5        /* Send largest packet size to peer */
57 
58 /*
59  * Process one command from mtu_load_test_sequence
60  * once every n seconds, if --mtu-test is specified.
61  */
62 #define OCC_MTU_LOAD_INTERVAL_SECONDS 3
63 
64 /*
65  * Send an exit message to remote.
66  */
67 #define OCC_EXIT               6
68 
69 /*
70  * Used to conduct a load test command sequence
71  * of UDP connection for empirical MTU measurement.
72  */
73 struct mtu_load_test
74 {
75     int op;                     /* OCC opcode to send to peer */
76     int delta;                  /* determine packet size to send by using
77                                  * this delta against currently
78                                  * configured MTU */
79 };
80 
81 extern const uint8_t occ_magic[];
82 
83 static inline bool
is_occ_msg(const struct buffer * buf)84 is_occ_msg(const struct buffer *buf)
85 {
86     return buf_string_match_head(buf, occ_magic, OCC_STRING_SIZE);
87 }
88 
89 void process_received_occ_msg(struct context *c);
90 
91 void check_send_occ_req_dowork(struct context *c);
92 
93 void check_send_occ_load_test_dowork(struct context *c);
94 
95 void check_send_occ_msg_dowork(struct context *c);
96 
97 /*
98  * Inline functions
99  */
100 
101 static inline int
occ_reset_op(void)102 occ_reset_op(void)
103 {
104     return -1;
105 }
106 
107 /*
108  * Should we send an OCC_REQUEST message?
109  */
110 static inline void
check_send_occ_req(struct context * c)111 check_send_occ_req(struct context *c)
112 {
113     if (event_timeout_defined(&c->c2.occ_interval)
114         && event_timeout_trigger(&c->c2.occ_interval,
115                                  &c->c2.timeval,
116                                  (!TO_LINK_DEF(c) && c->c2.occ_op < 0) ? ETT_DEFAULT : 0))
117     {
118         check_send_occ_req_dowork(c);
119     }
120 }
121 
122 /*
123  * Should we send an MTU load test?
124  */
125 static inline void
check_send_occ_load_test(struct context * c)126 check_send_occ_load_test(struct context *c)
127 {
128     if (event_timeout_defined(&c->c2.occ_mtu_load_test_interval)
129         && event_timeout_trigger(&c->c2.occ_mtu_load_test_interval,
130                                  &c->c2.timeval,
131                                  (!TO_LINK_DEF(c) && c->c2.occ_op < 0) ? ETT_DEFAULT : 0))
132     {
133         check_send_occ_load_test_dowork(c);
134     }
135 }
136 
137 /*
138  * Should we send an OCC message?
139  */
140 static inline void
check_send_occ_msg(struct context * c)141 check_send_occ_msg(struct context *c)
142 {
143     if (c->c2.occ_op >= 0)
144     {
145         if (!TO_LINK_DEF(c))
146         {
147             check_send_occ_msg_dowork(c);
148         }
149         else
150         {
151             tv_clear(&c->c2.timeval); /* ZERO-TIMEOUT */
152         }
153     }
154 }
155 
156 #endif /* ifndef OCC_H */
157