diff mbox series

[Openvpn-devel,1/2] Do not skip ERROR:/SUCCESS: response from management interface

Message ID 20220728034508.15180-1-selva.nair@gmail.com
State Accepted
Headers show
Series [Openvpn-devel,1/2] Do not skip ERROR:/SUCCESS: response from management interface | expand

Commit Message

Selva Nair July 27, 2022, 5:45 p.m. UTC 
From: Selva Nair <selva.nair@gmail.com>

Generally we expect a response of SUCCESS: or ERROR: to every
command sent to the management interface. But, while in
the management-hold state, sending "signal foo" returns only
the following reply (with foo = SIGHUP, SIGUSR1 etc.):

>HOLD:Waiting for hold release:0

Fix by always responding

ERROR: signal 'foo' is currently ignored"
followed by the above line.

Though this is seldom seen in practice[*], such violation of the
protocol could stall clients like the GUI. So fix it.

[*] One way this happens is with SIGHUP sent before the daemon
is on hold state which it enters before the SIGHUP is received.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
---
 src/openvpn/manage.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

Comments

Arne Schwabe July 28, 2022, 2:46 a.m. UTC | #1 
Am 28.07.22 um 05:45 schrieb selva.nair@gmail.com:
> From: Selva Nair <selva.nair@gmail.com>
> 
> Generally we expect a response of SUCCESS: or ERROR: to every
> command sent to the management interface. But, while in
> the management-hold state, sending "signal foo" returns only
> the following reply (with foo = SIGHUP, SIGUSR1 etc.):
> 
>> HOLD:Waiting for hold release:0
> 
> Fix by always responding
> 
> ERROR: signal 'foo' is currently ignored"
> followed by the above line.
> 
> Though this is seldom seen in practice[*], such violation of the
> protocol could stall clients like the GUI. So fix it.
> 
> [*] One way this happens is with SIGHUP sent before the daemon
> is on hold state which it enters before the SIGHUP is received.
> 
Acked-By: Arne Schwabe
Gert Doering Aug. 2, 2022, 1:54 a.m. UTC | #2 
I'm not sure I understand what is happening here, exactly, but since
Arne understands management way better and ACKed this - in it goes :)
(it *looks* harmless enough).

Since I understand this to be a bugfix, applied to 2.5 as well.

Your patch has been applied to the master and release/2.5 branch.

commit 579b78e22feab7fe7cc627355cbb270cd91aebb4 (master)
commit e3c397b0edd86158b8c417f6d396920a7e2eae68 (release/2.5)
Author: Selva Nair
Date:   Wed Jul 27 23:45:07 2022 -0400

     Do not skip ERROR:/SUCCESS: response from management interface

     Signed-off-by: Selva Nair <selva.nair@gmail.com>
     Acked-by: Arne Schwabe <arne@rfc2549.org>
     Message-Id: <20220728034508.15180-1-selva.nair@gmail.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24750.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index 5d58c662..27aa49a8 100644
--- a/src/openvpn/manage.c
+++ b/src/openvpn/manage.c
@@ -426,14 +426,11 @@  man_signal(struct management *man, const char *name)
         }
         else
         {
+            msg(M_CLIENT, "ERROR: signal '%s' is currently ignored", name);
             if (man->persist.special_state_msg)
             {
                 msg(M_CLIENT, "%s", man->persist.special_state_msg);
             }
-            else
-            {
-                msg(M_CLIENT, "ERROR: signal '%s' is currently ignored", name);
-            }
         }
     }
     else