Message ID | 20200711093655.23686-7-arne@rfc2549.org |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,v5,01/14] Allow changing fallback cipher from ccd files/client-connect | expand |
1x typo On 11/07/2020 10:36, Arne Schwabe wrote: > This deviates from Fabian's original patch that relied on the now > removed connection_established bool as pointer being NULL or non NULL as > implicit third state and makeing connection_established as a substate of makeing -> making > (cas_context == CAS_PENDING) > > Signed-off-by: Arne Schwabe <arne@rfc2549.org> > > Patch V5: extend cas_context with two new states instead adding an > extra mini state machine. > > Signed-off-by: Arne Schwabe <arne@rfc2549.org> > --- > src/openvpn/multi.c | 2 +- > src/openvpn/multi.h | 1 + > src/openvpn/openvpn.h | 24 +++++++++++++++++------- > 3 files changed, 19 insertions(+), 8 deletions(-) > > diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c > index 83848fdc..f9b8af80 100644 > --- a/src/openvpn/multi.c > +++ b/src/openvpn/multi.c > @@ -2163,7 +2163,7 @@ multi_client_connect_early_setup(struct multi_context *m, > * Try to source a dynamic config file from the > * --client-config-dir directory. > */ > -enum client_connect_return > +static enum client_connect_return > multi_client_connect_source_ccd(struct multi_context *m, > struct multi_instance *mi, > unsigned int *option_types_found) > diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h > index 4fb4d0b6..1d30dcc6 100644 > --- a/src/openvpn/multi.h > +++ b/src/openvpn/multi.h > @@ -62,6 +62,7 @@ struct deferred_signal_schedule_entry > struct timeval wakeup; > }; > > + > /** > * Server-mode state structure for one single VPN tunnel. > * > diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h > index a1308852..7c469b01 100644 > --- a/src/openvpn/openvpn.h > +++ b/src/openvpn/openvpn.h > @@ -210,6 +210,21 @@ struct context_1 > #endif > }; > > + > +/* client authentication state, CAS_SUCCEEDED must be 0 since > + * non multi code path still checks this variable but does not initialise it > + * so the code depends on zero initialisation */ > +enum client_connect_status { > + CAS_SUCCEEDED=0, > + CAS_PENDING, > + CAS_FAILED, > + CAS_PARTIAL, /**< Variant of CAS_FAILED: at least one > + * client-connect script/plugin succeeded > + * while a later one in the chain failed > + * (we still need cleanup compared to FAILED) > + */ > +}; > + > /** > * Level 2 %context containing state that is reset on both \c SIGHUP and > * \c SIGUSR1 restarts. > @@ -444,13 +459,8 @@ struct context_2 > int push_ifconfig_ipv6_netbits; > struct in6_addr push_ifconfig_ipv6_remote; > > - /* client authentication state, CAS_SUCCEEDED must be 0 */ > -#define CAS_SUCCEEDED 0 > -#define CAS_PENDING 1 > -#define CAS_FAILED 2 > -#define CAS_PARTIAL 3 /* at least one client-connect script/plugin > - * succeeded while a later one in the chain failed */ > - int context_auth; > + > + enum client_connect_status context_auth; > > struct event_timeout push_request_interval; > int n_sent_push_requests; >
Hi, On Sat, Jul 11, 2020 at 11:36:48AM +0200, Arne Schwabe wrote: > This deviates from Fabian's original patch that relied on the now > removed connection_established bool as pointer being NULL or non NULL as > implicit third state and makeing connection_established as a substate of > (cas_context == CAS_PENDING) > > Signed-off-by: Arne Schwabe <arne@rfc2549.org> > > Patch V5: extend cas_context with two new states instead adding an > extra mini state machine. 23... Test sets succeeded: 1 1a 1b 1d 2 2a 2b 2c 2d 3 4 5 6 8 8a 9. Test sets failed: none. 24... Test sets succeeded: 1 1a 1b 1c 1d 1e 2 2b 2c 2d 2e 3 4 4a 5 6 8 8a 9. Test sets failed: 2a. master... Test sets succeeded: 1 1a 1b 1c 1d 1e 2 2a 2b 2c 2d 2e 3 4 5 6 7 7a 8 8a 9 2f 4b. Test sets failed: none. For the changes in this patch, this is a reasonably conclusive test. gert
Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > This deviates from Fabian's original patch that relied on the now > removed connection_established bool as pointer being NULL or non NULL as > implicit third state and makeing connection_established as a substate of > (cas_context == CAS_PENDING) > > Signed-off-by: Arne Schwabe <arne@rfc2549.org> > > Patch V5: extend cas_context with two new states instead adding an > extra mini state machine. > > Signed-off-by: Arne Schwabe <arne@rfc2549.org> > --- > src/openvpn/multi.c | 2 +- > src/openvpn/multi.h | 1 + > src/openvpn/openvpn.h | 24 +++++++++++++++++------- > 3 files changed, 19 insertions(+), 8 deletions(-) > > diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c > index 83848fdc..f9b8af80 100644 > --- a/src/openvpn/multi.c > +++ b/src/openvpn/multi.c > @@ -2163,7 +2163,7 @@ multi_client_connect_early_setup(struct multi_context *m, > * Try to source a dynamic config file from the > * --client-config-dir directory. > */ > -enum client_connect_return > +static enum client_connect_return I don't think this change belongs to this patch .... ? > multi_client_connect_source_ccd(struct multi_context *m, > struct multi_instance *mi, > unsigned int *option_types_found) > diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h > index 4fb4d0b6..1d30dcc6 100644 > --- a/src/openvpn/multi.h > +++ b/src/openvpn/multi.h > @@ -62,6 +62,7 @@ struct deferred_signal_schedule_entry > struct timeval wakeup; > }; > > + > /** > * Server-mode state structure for one single VPN tunnel. > * > diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h > index a1308852..7c469b01 100644 > --- a/src/openvpn/openvpn.h > +++ b/src/openvpn/openvpn.h > @@ -210,6 +210,21 @@ struct context_1 > #endif > }; > > + > +/* client authentication state, CAS_SUCCEEDED must be 0 since > + * non multi code path still checks this variable but does not initialise it > + * so the code depends on zero initialisation */ > +enum client_connect_status { > + CAS_SUCCEEDED=0, Please add spaces around '=' > + CAS_PENDING, > + CAS_FAILED, > + CAS_PARTIAL, /**< Variant of CAS_FAILED: at least one > + * client-connect script/plugin succeeded > + * while a later one in the chain failed > + * (we still need cleanup compared to FAILED) > + */ > +}; > + > /** > * Level 2 %context containing state that is reset on both \c SIGHUP and > * \c SIGUSR1 restarts. > @@ -444,13 +459,8 @@ struct context_2 > int push_ifconfig_ipv6_netbits; > struct in6_addr push_ifconfig_ipv6_remote; > > - /* client authentication state, CAS_SUCCEEDED must be 0 */ > -#define CAS_SUCCEEDED 0 > -#define CAS_PENDING 1 > -#define CAS_FAILED 2 > -#define CAS_PARTIAL 3 /* at least one client-connect script/plugin > - * succeeded while a later one in the chain failed */ > - int context_auth; > + > + enum client_connect_status context_auth; > > struct event_timeout push_request_interval; > int n_sent_push_requests; > The rest looks good and makes sense. Using enum is always better as the compiler (and the reader) has extra information about how a variable can be used. I believe the first chunk with the +static should be moved somewhere else...but other than that and the missing-spaces comment: Acked-by: Antonio Quartulli <antonio@openvpn.net>
Your patch has been applied to the master branch. Fixed the typo in the commit message as requested. Tested yesterday on client and server testbed, which tests all these states. I have not modified the "static" hunk - it would be a better fit in another patch, but it's useful, reasonably harmless and does not warrant a new round with a "v6" for two patches just to move this hunk. commit 4d500451e8b19deadb619d4ecf977363c6560a2e Author: Arne Schwabe Date: Sat Jul 11 11:36:48 2020 +0200 client-connect: Change cas_context from int to enum Signed-off-by: Arne Schwabe <arne@rfc2549.org> Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Antonio Quartulli <a@unstable.cc> Message-Id: <20200711093655.23686-7-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20292.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 83848fdc..f9b8af80 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -2163,7 +2163,7 @@ multi_client_connect_early_setup(struct multi_context *m, * Try to source a dynamic config file from the * --client-config-dir directory. */ -enum client_connect_return +static enum client_connect_return multi_client_connect_source_ccd(struct multi_context *m, struct multi_instance *mi, unsigned int *option_types_found) diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h index 4fb4d0b6..1d30dcc6 100644 --- a/src/openvpn/multi.h +++ b/src/openvpn/multi.h @@ -62,6 +62,7 @@ struct deferred_signal_schedule_entry struct timeval wakeup; }; + /** * Server-mode state structure for one single VPN tunnel. * diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h index a1308852..7c469b01 100644 --- a/src/openvpn/openvpn.h +++ b/src/openvpn/openvpn.h @@ -210,6 +210,21 @@ struct context_1 #endif }; + +/* client authentication state, CAS_SUCCEEDED must be 0 since + * non multi code path still checks this variable but does not initialise it + * so the code depends on zero initialisation */ +enum client_connect_status { + CAS_SUCCEEDED=0, + CAS_PENDING, + CAS_FAILED, + CAS_PARTIAL, /**< Variant of CAS_FAILED: at least one + * client-connect script/plugin succeeded + * while a later one in the chain failed + * (we still need cleanup compared to FAILED) + */ +}; + /** * Level 2 %context containing state that is reset on both \c SIGHUP and * \c SIGUSR1 restarts. @@ -444,13 +459,8 @@ struct context_2 int push_ifconfig_ipv6_netbits; struct in6_addr push_ifconfig_ipv6_remote; - /* client authentication state, CAS_SUCCEEDED must be 0 */ -#define CAS_SUCCEEDED 0 -#define CAS_PENDING 1 -#define CAS_FAILED 2 -#define CAS_PARTIAL 3 /* at least one client-connect script/plugin - * succeeded while a later one in the chain failed */ - int context_auth; + + enum client_connect_status context_auth; struct event_timeout push_request_interval; int n_sent_push_requests;