| Message ID | 20210125125628.30364-5-arne@rfc2549.org |
|---|---|
| State | Accepted |
| Headers | show |
| Series | Pending authentication improvements | expand |
Since I already acked v1, I checked that v2 is no different to v1.
I got a compilation error because 03/11 is broken, but it is unrelated
to this patch.
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Your patch has been applied to the master branch.
As this is not depending on 03/11, I've applied it out of sequence.
One typo fixed ("techhnically"). Test run on the client, unsurprisingly
no breakage - I have nothing that excercises the new code yet, but
it still looks very reasonable :-)
commit b29f7dffc073ebd2a3b04eac5f7aee2edcf5da49
Author: Arne Schwabe
Date: Mon Jan 25 13:56:21 2021 +0100
Introduce management client state for AUTH_PENDING notifications
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20210125125628.30364-5-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21498.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
--
kind regards,
Gert Doering
diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index 98a9a4cc..df987f53 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -169,6 +169,9 @@ man_state_name(const int state) case OPENVPN_STATE_TCP_CONNECT: return "TCP_CONNECT"; + case OPENVPN_STATE_AUTH_PENDING: + return "AUTH_PENDING"; + default: return "?"; } diff --git a/src/openvpn/manage.h b/src/openvpn/manage.h index aaa3b848..2f94b10c 100644 --- a/src/openvpn/manage.h +++ b/src/openvpn/manage.h @@ -493,6 +493,8 @@ management_enable_def_auth(const struct management *man) #define OPENVPN_STATE_GET_CONFIG 9 /* Downloading configuration from server */ #define OPENVPN_STATE_RESOLVE 10 /* DNS lookup */ #define OPENVPN_STATE_TCP_CONNECT 11 /* Connecting to TCP server */ +#define OPENVPN_STATE_AUTH_PENDING 12 /* Waiting in auth-pending mode + * techhnically variant of GET_CONFIG */ #define OPENVPN_STATE_CLIENT_BASE 7 /* Base index of client-only states */ diff --git a/src/openvpn/push.c b/src/openvpn/push.c index e68fda9f..7d3cf806 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -248,12 +248,30 @@ parse_auth_pending_keywords(const struct buffer *buffer, if (!buf_advance(&buf, strlen("AUTH_PENDING")) || !(buf_read_u8(&buf) == ',') || !BLEN(&buf)) { +#ifdef ENABLE_MANAGEMENT + if (management) + { + management_set_state(management, OPENVPN_STATE_AUTH_PENDING, + "", NULL, NULL, NULL, NULL); + } +#endif + return; } /* parse the keywords in the same way that push options are parsed */ char line[OPTION_LINE_SIZE]; +#ifdef ENABLE_MANAGEMENT + /* Need to do the management notification with the keywords before + * buf_parse is called, as it will insert \0 bytes into the buffer */ + if (management) + { + management_set_state(management, OPENVPN_STATE_AUTH_PENDING, + BSTR(&buf), NULL, NULL, NULL, NULL); + } +#endif + while (buf_parse(&buf, ',', line, sizeof(line))) { if (sscanf(line, "timeout %u", server_timeout) != 1)
This allows a UI client to display the correct state. Technically the client is still waiting for PUSH_REPLY but for every practical concern this is a different state as we are waiting for the pending authentication to finish. Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/manage.c | 3 +++ src/openvpn/manage.h | 2 ++ src/openvpn/push.c | 18 ++++++++++++++++++ 3 files changed, 23 insertions(+)