From patchwork Tue Dec 27 02:24:03 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arne Schwabe <arne@rfc2549.org>
X-Patchwork-Id: 2947
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp2355469dyk;
        Mon, 26 Dec 2022 18:25:11 -0800 (PST)
X-Google-Smtp-Source: 
 AMrXdXuGvQqTONNXe7vrdJJGaAZLsvtP71xI4OEfbe4A8zur47TSmkHjMyF8Mdhae9mXPrDo04oB
X-Received: by 2002:a05:6a00:e16:b0:581:12c5:1356 with SMTP id
 bq22-20020a056a000e1600b0058112c51356mr5365506pfb.30.1672107911042;
        Mon, 26 Dec 2022 18:25:11 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1672107911; cv=none;
        d=google.com; s=arc-20160816;
        b=neLv4y7p+H5iuP+872zzAnlpxdEtgkevPcjPBQkMbkxGQFeRBHlY+n63uYfnjX1MAI
         Qwb4HnRurBZcNL3F2M7OV2BUj6KrUhJD2zVbF2wFzlkKQz7uCK5RptEt+YQXf7e27CgX
         moBHshbFBR9SncM9vdOlCmwW9dTKdkIxsuSVdG9upya+KAhydka0ZKbH/t93Cm4OP1oE
         8aosv3sgg8LgRt8M9ehEwsU8B30Lfj0jNr5+WQvmwm4foQ3PEk08gsGEfAOipufr83W8
         8TN6eQvmige6YVvYkaOes5WzSE0TyhvbpBXF2o1KzVQnnH1E6OMVDCu9XsfdveRfuGu7
         oNhA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:references:in-reply-to:message-id:date:to:from
         :dkim-signature:dkim-signature;
        bh=ywxBa0UAKwO0khpgOjEq9Liy6C7G9cjMzY2uH3a/wJs=;
        b=o1SYogyYNxYwbbhL3w0E0fSoK3pZXmmEz+5WbpqTjbuNkPIqQxIE8WeTC8O0Wy48Aa
         fFTwyNfHt9UjKUTTM2fdKGqMlKGYZ84Zta0SBifipJTOg8pmQIa3Sjinr5GzPOs4R9ku
         Un2kEwCpoF+lDXCeI6zOW0MuBbYWwfof+/b4OefKecT0msnkvcwKDPwT85tWMO0WsoY9
         TaeCf0iL442QTTx41/FwB/B8YiDepzWhTUhple2Mh4fE29lyl0ere5UWJt8zV2mNGKbu
         PwbOshD2a0ysYFcNJHKlHRgt5XEsdLoDh9+TTzyptOfK1t1A/F/6oUa3RBwAuukPqXRE
         jUsQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=IVdqkBj5;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b="j/W3gDXH";
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 h9-20020aa79f49000000b0057ffe8888e8si12379957pfr.321.2022.12.26.18.25.10
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 26 Dec 2022 18:25:11 -0800 (PST)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=IVdqkBj5;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b="j/W3gDXH";
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
	by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1p9zdj-0005Ep-CJ;
	Tue, 27 Dec 2022 02:24:27 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <arne@kamera.blinkt.de>) id 1p9zdf-0005Ei-Ov
 for openvpn-devel@lists.sourceforge.net;
 Tue, 27 Dec 2022 02:24:23 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=7Xv2s85sDzdkU/BT8j25i77TwfMabf0zBEsyomcdXGU=; b=IVdqkBj59qdqFNqxNkhHq+JzGr
 ZMRDbxqZeatJJ4dq0a0B7jghPJLO06xKum2i+JDrg99eIbXn+oi9hy924szUta73NVnvdcBwBcwyr
 xAoazsh2IGc3gU9tdFLOp6uhE/bW6WEfMUbB5HJ4fFu3qkAmcslk9JKBf0jeHqBw7Kgg=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id:
 Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=7Xv2s85sDzdkU/BT8j25i77TwfMabf0zBEsyomcdXGU=; b=j/W3gDXHir633/h17z1bG5/88q
 UCHwKwFr7yP9c6XIB9KZh0ug5suKILVFjkvTA9g24APyfkpZleRsb7mLkbAJOVwwtP2sgmDLhyrTn
 Sm3EoUp7R0O83k8nQ9WgljmE75Ve1z5u/ZE+VUIC/7KBJdYxC0Kc/tcDxaNQwpUiDi58=;
Received: from mail.blinkt.de ([192.26.174.232])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1p9zdT-0007HD-DF for openvpn-devel@lists.sourceforge.net;
 Tue, 27 Dec 2022 02:24:18 +0000
Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c])
 by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD))
 (envelope-from <arne@kamera.blinkt.de>) id 1p9zdM-0002Ia-47
 for openvpn-devel@lists.sourceforge.net;
 Tue, 27 Dec 2022 03:24:04 +0100
Received: (nullmailer pid 3468188 invoked by uid 10006);
 Tue, 27 Dec 2022 02:24:04 -0000
From: Arne Schwabe <arne@rfc2549.org>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 27 Dec 2022 03:24:03 +0100
Message-Id: <20221227022404.3468137-3-arne@rfc2549.org>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20221227022404.3468137-1-arne@rfc2549.org>
References: <20221227022404.3468137-1-arne@rfc2549.org>
MIME-Version: 1.0
X-Spam-Score: 0.3 (/)
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-2.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: Signed-off-by: Arne Schwabe <arne@rfc2549.org> ---
 src/openvpn/multi.c
 | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff
 --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 6c6385c6e..50d88f19a
 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3243,
 10 +3243,
 19 @@ process_incoming_del_peer(struct mu [...]
 Content analysis details:   (0.3 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 SPF_NONE               SPF: sender does not publish an SPF Record
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
 mail domains are different
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
X-Headers-End: 1p9zdT-0007HD-DF
Subject: [Openvpn-devel] [PATCH v2 3/4] Ignore
 OVPN_DEL_PEER_REASON_USERSPACE to avoid race conditions
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1753332224651818398?=
X-GMAIL-MSGID: =?utf-8?q?1753332224651818398?=

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/multi.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 6c6385c6e..50d88f19a 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -3243,10 +3243,19 @@ process_incoming_del_peer(struct multi_context *m, struct multi_instance *mi,
             break;
 
         case OVPN_DEL_PEER_REASON_USERSPACE:
-            /* This very likely ourselves but might be another process, so
-             * still process it */
-            reason = "ovpn-dco: userspace request";
-            break;
+            /* We assume that is ourselves. UUnfortunately, sometimes these
+             * events happen with enough delay that they can have an order of
+             *
+             * dco_del_peer x
+             * [new client connecting]
+             * dco_new_peer x
+             * event from dco_del_peer arrives.
+             *
+             * if we do not ignore this we get desynced with the kernel
+             * since we assume the peer-id is free again. The other way would
+             * be to send a dco_del_peer again
+             */
+            return;
     }
 
     /* When kernel already deleted the peer, the socket is no longer