-
Notifications
You must be signed in to change notification settings - Fork 188
/
Copy pathcf3globals.c
156 lines (115 loc) · 5.21 KB
/
cf3globals.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
/*
Copyright 2022 Northern.tech AS
This file is part of CFEngine 3 - written and maintained by Northern.tech AS.
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; version 3.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
To the extent this program is licensed as part of the Enterprise
versions of CFEngine, the applicable Commercial Open Source License
(COSL) may apply to this file if you as a licensee so wish it. See
included file COSL.txt.
*/
#include <cf3.defs.h>
/*****************************************************************************/
/* flags */
/*****************************************************************************/
/*****************************************************************************/
/* operational state */
/*****************************************************************************/
bool FIPS_MODE = false; /* GLOBAL_P */
struct utsname VSYSNAME; /* GLOBAL_E, initialized later */
int CFA_MAXTHREADS = 10; /* GLOBAL_P */
int CF_PERSISTENCE = 10; /* GLOBAL_P */
AgentType THIS_AGENT_TYPE; /* GLOBAL_C, initialized later */
/*****************************************************************************/
/* Internal data structures */
/*****************************************************************************/
long LASTSEENEXPIREAFTER = SECONDS_PER_WEEK; /* GLOBAL_P */
/*****************************************************************************/
/* Compatibility infrastructure */
/*****************************************************************************/
/* The mode policy is evaluated in (normal, dry-run, audit,...) */
EvalMode EVAL_MODE = EVAL_MODE_NORMAL;
/* NB! Check use before changing sizes */
// Note: These were previously all CF_MAXVARSIZE = 1024 size
// However, to avoid problematic truncation, we changed the last 2 to 512,
// thus they will fit into VFQNAME ("%s.%s").
// This RFC indicates that DNS only supports up to 255 bytes, anyway:
// https://tools.ietf.org/html/rfc2181#section-11
char VFQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */
char VUQNAME[CF_MAXVARSIZE / 2] = ""; /* GLOBAL_E */
char VDOMAIN[CF_MAXVARSIZE / 2] = ""; /* GLOBAL_E GLOBAL_P */
/*
Default value for copytype attribute. Loaded by cf-agent from body control
*/
const char *DEFAULT_COPYTYPE = NULL; /* GLOBAL_P */
/*
Keys for the agent. Loaded by LoadSecretKeys.
Used in network protocol and leaked to language.
*/
RSA *PRIVKEY = NULL, *PUBKEY = NULL; /* GLOBAL_X */
/*
First IP address discovered by DetectEnvironment (hence reloaded every policy
change).
Used somewhere in cf-execd, superficially in old-style protocol handshake and
sporadically in other situations.
*/
char VIPADDRESS[CF_MAX_IP_LEN] = ""; /* GLOBAL_E */
/*
Edition-time constant (MD5 for community, something else for Enterprise)
Used as a default hash everywhere (not only in network protocol)
*/
HashMethod CF_DEFAULT_DIGEST; /* GLOBAL_C, initialized later */
int CF_DEFAULT_DIGEST_LEN; /* GLOBAL_C, initialized later */
/*
Holds the "now" time captured at the moment of policy (re)load.
TODO: This variable should be internal to timeout.c, not exposed.
It should only be set by SetStartTime() and read by GetStartTime().
Utilized everywhere "now" start time is needed
*/
time_t CFSTARTTIME; /* GLOBAL_E, initialized later */
/*
Set in cf-agent/cf-runagent (from control body).
Used as a timeout for socket operations in network code.
*/
time_t CONNTIMEOUT = 30; /* seconds */ /* GLOBAL_A GLOBAL_P */
/*
Internal detail of timeout operations. Due to historical reasons
is defined here, not in libpromises/timeout.c
*/
pid_t ALARM_PID = -1; /* GLOBAL_X */
/*
Set in cf-agent (from control body).
Used as a default value for maxfilesize attribute in policy
*/
int EDITFILESIZE = 100000; /* GLOBAL_P */
/*
Set in cf-agent (from control body) and GenericAgentInitialize.
Used as a default value for ifelapsed attribute in policy.
*/
int VIFELAPSED = 1; /* GLOBAL_P */
/*
Set in cf-agent (from control body) and GenericAgentInitialize.
Used as a default value for expireafter attribute in policy.
*/
int VEXPIREAFTER = 120; /* GLOBAL_P */
/*
Set in cf-agent/cf-serverd (from control body).
Utilized in server/client code to bind sockets.
*/
char BINDINTERFACE[CF_MAXVARSIZE]; /* GLOBAL_P */
/*
Set in cf-*.c:CheckOpts and GenericAgentConfigParseArguments.
Utilized in generic_agent.c for
- cf_promises_validated filename
- GenericAgentCheckPolicy
- GenericAgentLoadPolicy (ReadPolicyValidatedFile)
*/
bool MINUSF = false; /* GLOBAL_A */