[Openvpn-devel,2/3] Reactivate record_peer_info in manage.c

Message ID	20220630190549.16675-2-selva.nair@gmail.com
State	Rejected
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Thu, 30 Jun 2022 15:05:48 -0400 Message-Id: <20220630190549.16675-2-selva.nair@gmail.com> In-Reply-To: <20220630190549.16675-1-selva.nair@gmail.com> References: <20220630190549.16675-1-selva.nair@gmail.com> MIME-Version: 1.0 preview: From: Selva Nair --management-client has an obscure and undocumented feature to take a file argument where the peer's address and port are recorded. This has become dead code over time. - reactivate the dead code - make it work with v6 addresses as well - do not exit on error in writing the record Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.222.177 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.222.177 listed in wl.mailspike.net] -0.0 T_SCC_BODY_TEXT_LINE No description available. Subject: [Openvpn-devel] [PATCH 2/3] Reactivate record_peer_info in manage.c Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	[Openvpn-devel,1/3] Log the actual management interface port in use \| expand [Openvpn-devel,1/3] Log the actual management interface port in use [Openvpn-devel,2/3] Reactivate record_peer_info in manage.c [Openvpn-devel,3/3] Log address of management client on accept

Message ID

20220630190549.16675-2-selva.nair@gmail.com

State

Rejected

Headers

From: selva.nair@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Thu, 30 Jun 2022 15:05:48 -0400
Message-Id: <20220630190549.16675-2-selva.nair@gmail.com>
In-Reply-To: <20220630190549.16675-1-selva.nair@gmail.com>
References: <20220630190549.16675-1-selva.nair@gmail.com>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH 2/3] Reactivate record_peer_info in manage.c
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

[Openvpn-devel,1/3] Log the actual management interface port in use | expand

Commit Message

Selva Nair June 30, 2022, 9:05 a.m. UTC

From: Selva Nair <selva.nair@gmail.com>

--management-client has an obscure and undocumented feature
to take a file argument where the peer's address and port are
recorded. This has become dead code over time.

- reactivate the dead code
- make it work with v6 addresses as well
- do not exit on error in writing the record

Signed-off-by: Selva Nair <selva.nair@gmail.com>
---

Alternatively we could remove this "feature" and related code.

 src/openvpn/manage.c | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

Comments

Arne Schwabe June 30, 2022, 12:32 p.m. UTC | #1

Am 30.06.2022 um 21:05 schrieb selva.nair@gmail.com:
> From: Selva Nair <selva.nair@gmail.com>
>
> --management-client has an obscure and undocumented feature
> to take a file argument where the peer's address and port are
> recorded. This has become dead code over time.
>
> - reactivate the dead code
> - make it work with v6 addresses as well
> - do not exit on error in writing the record

This is feature actually useful? If it is dead for a long time and 
nobody noticed, maybe we can just remove it?


Arne

diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index 21c7ccdd..548d3b9a 100644
--- a/src/openvpn/manage.c
+++ b/src/openvpn/manage.c
@@ -1621,23 +1621,19 @@  man_record_peer_info(struct management *man)
     if (man->settings.write_peer_info_file)
     {
         bool success = false;
-#ifdef HAVE_GETSOCKNAME
         if (socket_defined(man->connection.sd_cli))
         {
-            struct sockaddr_in addr;
+            struct sockaddr_storage addr;
             socklen_t addrlen = sizeof(addr);
             int status;
 
-            CLEAR(addr);
             status = getsockname(man->connection.sd_cli, (struct sockaddr *)&addr, &addrlen);
-            if (!status && addrlen == sizeof(addr))
+            if (!status)
             {
-                const in_addr_t a = ntohl(addr.sin_addr.s_addr);
-                const int p = ntohs(addr.sin_port);
                 FILE *fp = platform_fopen(man->settings.write_peer_info_file, "w");
                 if (fp)
                 {
-                    fprintf(fp, "%s\n%d\n", print_in_addr_t(a, 0, &gc), p);
+                    fprintf(fp, "%s\n", print_sockaddr((struct sockaddr *)&addr, &gc));
                     if (!fclose(fp))
                     {
                         success = true;
@@ -1645,12 +1641,10 @@  man_record_peer_info(struct management *man)
                 }
             }
         }
-#endif /* ifdef HAVE_GETSOCKNAME */
         if (!success)
         {
             msg(D_MANAGEMENT, "MANAGEMENT: failed to write peer info to file %s",
                 man->settings.write_peer_info_file);
-            throw_signal_soft(SIGTERM, "management-connect-failed");
         }
     }
     gc_free(&gc);

[Openvpn-devel,2/3] Reactivate record_peer_info in manage.c

Commit Message

Comments

Patch