| Message ID | 20200719173436.16431-3-arne@rfc2549.org |
|---|---|
| State | Accepted |
| Delegated to: | Gert Doering |
| Headers | show |
| Series | [Openvpn-devel,v8,1/5] Remove CAS_PARTIAL state | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> Stared-at-code, tortured with the test framework master... Test sets succeeded: 1 1a 1b 1c 1d 1e 2 2a 2b 2c 2d 2e 3 4 5 5a 5v1 5v2 5v3 5w1 5w2 5w3 5w4 5y 5z 6 7 7x 8 8a 9 2f 4b. Test sets failed: none. and verified by "looking at logfile in realtime" that it will now, indeed, proceed without delay as soon as the async/deferred client-connect-script has written the final result to the control file: 2020-07-20 08:55:09 us=443291 ... PUSH: Received control message: 'PUSH_REQUEST' 2020-07-20 08:55:14 us=490368 ... PUSH: Received control message: 'PUSH_REQUEST' 2020-07-20 08:55:16 us=407542 OPTIONS IMPORT: reading client specific options ... (without async-push, it will wait for the next PUSH_REQUEST at 08:55:19 - so, 3s faster) In the case of FAIL or DISABLE, the AUTH_FAILED reply will not be sent immediately, but this is not necessary or beneficial - so, fine. Just documenting my findings. Your patch has been applied to the master branch. commit 290bb26990133a895eac68215a7ded7e993ef167 Author: Arne Schwabe Date: Sun Jul 19 19:34:34 2020 +0200 client-connect: Use inotify for the deferred client-connect status file Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20200719173436.16431-3-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20481.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 165a3209..3b73ffde 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -2601,8 +2601,10 @@ multi_connection_established(struct multi_context *m, struct multi_instance *mi) #ifdef ENABLE_ASYNC_PUSH /* - * Called when inotify event is fired, which happens when acf file is closed or deleted. - * Continues authentication and sends push_reply. + * Called when inotify event is fired, which happens when acf + * or connect-status file is closed or deleted. + * Continues authentication and sends push_reply + * (or be deferred again by client-connect) */ void multi_process_file_closed(struct multi_context *m, const unsigned int mpp_flags) @@ -2888,7 +2890,15 @@ multi_process_post(struct multi_context *m, struct multi_instance *mi, const uns { multi_connection_established(m, mi); } - +#if defined(ENABLE_ASYNC_PUSH) && defined(ENABLE_DEF_AUTH) + if (is_cas_pending(mi->context.c2.context_auth) + && mi->client_connect_defer_state.deferred_ret_file) + { + add_inotify_file_watch(m, mi, m->top.c2.inotify_fd, + mi->client_connect_defer_state. + deferred_ret_file); + } +#endif /* tell scheduler to wake us up at some point in the future */ multi_schedule_context_wakeup(m, mi); }
As we never do client-connect and authentication at the same time it is safe to reuse the existing fields for client-connect return status file Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/multi.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-)