[Openvpn-devel,2/2] Allow repeated cycles through remotes when management-query-remote is in use

Message ID 1521522224-18829-2-git-send-email-selva.nair@gmail.com
State New
Headers show
Series
  • [Openvpn-devel,1/2] Persist management-query-remote and proxy prompts
Related show

Commit Message

Selva Nair March 20, 2018, 5:03 a.m.
From: Selva Nair <selva.nair@gmail.com>

(i) Let the management-client predictably cycle through remote entries. This
is done by not aborting after two cycles. The client can abort or restart
the connection  using  signals (USR/HUP/TERM) as necessary.

In the current behaviour, the daemon can unexpectedly exit when the last remote
is skipped. When management-query-remote is not in use, the behaviour is
unchanged.

(ii) Do not count skipping a remote as an unsuccessful connection attempt.
As the latter count is used for backoff it should count only failed attempts.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
---
 src/openvpn/init.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

Patch

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 413563a..c63dc67 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -468,14 +468,6 @@  next_connection_entry(struct context *c)
                         c->c1.link_socket_addr.remote_list;
                 }
 
-                /*
-                 * Increase the number of connection attempts
-                 * If this is connect-retry-max * size(l)
-                 * OpenVPN will quit
-                 */
-
-                c->options.unsuccessful_attempts++;
-
                 if (++l->current >= l->len)
                 {
 
@@ -501,6 +493,9 @@  next_connection_entry(struct context *c)
         {
             /* allow management interface to override connection entry details */
             ce_defined = ce_management_query_remote(c);
+
+            /* ignore cycles when management-query-remote is in use */
+            n_cycles = 0;
             if (IS_SIG(c))
             {
                 break;
@@ -517,6 +512,7 @@  next_connection_entry(struct context *c)
 #endif
     } while (!ce_defined);
 
+    c->options.unsuccessful_attempts++;
     /* Check if this connection attempt would bring us over the limit */
     if (c->options.connect_retry_max > 0
         && c->options.unsuccessful_attempts > (l->len  * c->options.connect_retry_max))