From patchwork Sun Jan 1 21:51:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 2963 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp6018120dyk; Sun, 1 Jan 2023 13:52:13 -0800 (PST) X-Google-Smtp-Source: AMrXdXvCxj+C/IZ5R2ygTOomPExaka2vyq+JRrcRe0agytjr9VZPK2FbjXm8jWPRy8t6xg7IazlJ X-Received: by 2002:a17:902:9888:b0:192:ce7e:93b7 with SMTP id s8-20020a170902988800b00192ce7e93b7mr1177694plp.49.1672609933710; Sun, 01 Jan 2023 13:52:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672609933; cv=none; d=google.com; s=arc-20160816; b=pbjZScNicGanyzaZmisK2uIvByhTQYd6Uv6fafiykYVWbTENRz+lYrNF380zC5LjXG GPJF8ENkp3nZ5QAApXmr6SQGhIDCjl5vrYsq+AOrNVmiBC94bS9TM0116BqDpeXxt1dr 0SQ5GVy/yMRQ4zSCex9Aylo4p7ItimW18lyY63MkentE0TMtK5PkocGlvZTWeSfyiD6M vbhfnYBsNm9ZyK5tDam23MJ+HmcZV/tKL3sihbZ59thBeNO1ozJ9INBbFPKUTD1a1Fzc hIyFdLGpPrdvBuu8yNVlWR4Z1JrKq4lhc/+1mVkHXOQNZqkpYPoFepmuFBIe1YGzBVO7 VBSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=Nc+i4/9iEME/K0uRyzUVYPysUJkKA+9H+Q6oVN2+GEM=; b=p4c4SAQm76iTdnoe75OyWvLIXKm+eCTjMN8cyAm0DZQEIgvJKPzU1CSNM/CedS90Ds sRcqziCIcC7ZvVT5JkxBCpxfm5/wk3R/Djo2fK2BXOgmm1OyLHbFFiYomcvRI3GJz+Y8 fCp7IGIXOO+3omKiHGZzxv591xkYJBSjpRzGTsk1O70Cw2BR8WZK5Xm9tgliRH/XWhCO OQtzwERUMQ8n2q0J5qZFPmxuSjHnDYZXpQf58Z5ZZ8NMfTMCZTnS8eSK/BRLKAFavYVj 0S+XiQ918U8V19TVwaCAlclawxkR0ArtY1iezOgrm18ETEDKWzcNoj/PG8j3S7LeXR3g r5Iw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=ehKfuO3d; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=cfGhGNyp; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=BXcH5ZvC; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id j7-20020a170903024700b00182c510591asi31462269plh.246.2023.01.01.13.52.13 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 01 Jan 2023 13:52:13 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=ehKfuO3d; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=cfGhGNyp; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=BXcH5ZvC; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pC6FF-0002gN-JA; Sun, 01 Jan 2023 21:51:53 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pC6FE-0002el-3G for openvpn-devel@lists.sourceforge.net; Sun, 01 Jan 2023 21:51:52 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=RcAEDVKkuI1y+T9PEDNl3bPPACc3DJBpIM0MUEOsS+o=; b=ehKfuO3dNXlR9ZuZie7V+siAZI 3qJpFT71wCuJhdJBMhsavFZcAGo6zpTTc46CrsYzznP+ZN7bTgNppIFs3zKq2QzgMrveQ2a4yKJis 36B67u+PQVXqLX9wczyHUZc71fEQvmek2T7uJJicuFeS87+A857XOQpYdw6ImvtHfRMI=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=RcAEDVKkuI1y+T9PEDNl3bPPACc3DJBpIM0MUEOsS+o=; b=cfGhGNypKGWlTnu1/UCvBjXca7 pJyRCGc2lhFneVC/xNUfnfXdfRYBYCCBPqBuI6SgHXCi/J1a4/bNkH+Q6FX717rmlvu3LiIS1Yigo TBl8+IdRzYcbnilz47lyoCGJVKfbMPPC0x3iczrKaW3cN9NlEfl9s8Y1dzrcIQIJhWxQ=; Received: from mail-il1-f174.google.com ([209.85.166.174]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1pC6F9-00054h-G0 for openvpn-devel@lists.sourceforge.net; Sun, 01 Jan 2023 21:51:51 +0000 Received: by mail-il1-f174.google.com with SMTP id o13so15166133ilc.7 for ; Sun, 01 Jan 2023 13:51:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=RcAEDVKkuI1y+T9PEDNl3bPPACc3DJBpIM0MUEOsS+o=; b=BXcH5ZvCo+quQK1F2mnKqK3WjkTf7jXFqPTLeCyUKQhOyuDXFV/wY9meqKwmuOoEyM kOSp46/P12F+uhNOyk6mKRiVTzclds9XUp6T2huUwFEHCWKlfv8Zrwug7swNJkalXybg RNzJ/ZIdIbf+s7rpBVaqbKptDX6TaI1D/W8OARnt/KH9D4N7L0YOQOcCMywYtInkDjk+ i1Yg/jKPUmayoLXfYtlwddCKmX8dYYZ0SYtl5oDHI5NbRSlluVp5XF9EoyhAKHwpim1X /N/r9/Szfd4AyQmZEithLg2gcDSsoAPWl5JpWaYHXCN84DH2hzv2fpjkoOTdOSpVpYHM /IWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RcAEDVKkuI1y+T9PEDNl3bPPACc3DJBpIM0MUEOsS+o=; b=JFNlBZSqUzimVS+CvBoEUO7LEmwheS3WAx5D+ZVtMoxbJFGOKiSo/fQ7RatTVTTUuR qJuCSiaUYnzdbSUZjLCiMpyq5eyXkLuD9yj65j9roW7zrTl+w7Bl58xpM7o2M7pD+PQg aSzoNtkXPwhowmR1OJNros4SjUsaH+0br8a+a1NA2NH0Rj9pUA7i370Q4/q1EmxKP1re +lg3WrVfETif9KKIF3Bn4SiEqH3OhCokDlhAyxrRti+4uyYxNkStv9welIUVXovOWwhI UDGL5IxeLYWDd6CUW0iT0VBpbUS417dVqhrI2Vf7oL4cRNHKmVdWkZBhxJ+LBnTr9QUc mivg== X-Gm-Message-State: AFqh2kpmKaVhq6rLEqCNCxrRzaV3FC5PUlfWCEo1r8ClQEn3+mvlMN/w 1mSFBaBnHR3EvMDJE/58cxJZ3bHIi2TV9A== X-Received: by 2002:a92:1306:0:b0:30c:4991:2eac with SMTP id 6-20020a921306000000b0030c49912eacmr334996ilt.0.1672609901741; Sun, 01 Jan 2023 13:51:41 -0800 (PST) Received: from uranus.sansel.ca (bras-vprn-tnhlon4053w-lp130-01-70-51-222-66.dsl.bell.ca. [70.51.222.66]) by smtp.gmail.com with ESMTPSA id w11-20020a022a0b000000b0038a44dbbd8fsm8975359jaw.123.2023.01.01.13.51.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 01 Jan 2023 13:51:41 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Sun, 1 Jan 2023 16:51:07 -0500 Message-Id: <20230101215109.1521549-4-selva.nair@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230101215109.1521549-1-selva.nair@gmail.com> References: <20230101215109.1521549-1-selva.nair@gmail.com> MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair Signals are ordered as SIGUSR2, SIGUSR1, SIGHUP, SIGTERM, SIGINT in increasing priority. Lower priority signals are not allowed to overwrite higher ones. This should fix Trac #311, #639 -- SIGTER/SIGINT lost during dns resolution. (except for the Windows-specific bug handled in next commit) Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.166.174 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.166.174 listed in wl.mailspike.net] -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-Headers-End: 1pC6F9-00054h-G0 Subject: [Openvpn-devel] [PATCH 3/5] Assign and honour signal priority order X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1753858633624868161?= X-GMAIL-MSGID: =?utf-8?q?1753858633624868161?= From: Selva Nair Signals are ordered as SIGUSR2, SIGUSR1, SIGHUP, SIGTERM, SIGINT in increasing priority. Lower priority signals are not allowed to overwrite higher ones. This should fix Trac #311, #639 -- SIGTER/SIGINT lost during dns resolution. (except for the Windows-specific bug handled in next commit) On sending SIGTERM during dns resolution, it still takes several seconds to terminate as the signal will get processed only after getaddrinfo times out twice (in phase1 and phase2 inits). Github: fixes OpenVPN/openvpn#205 Note: one has to still wait for address resolution to time out as getaddrinfo() is no interruptible. But a single ctrl-C (and some patience) is enough. Signed-off-by: Selva Nair Acked-By: Arne Schwabe --- src/openvpn/proxy.c | 5 +---- src/openvpn/sig.c | 45 ++++++++++++++++++++++++++++++++------------ src/openvpn/socket.c | 8 ++++++-- src/openvpn/socks.c | 14 ++++---------- 4 files changed, 44 insertions(+), 28 deletions(-) diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index 91121f25..120ba85e 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -1080,10 +1080,7 @@ done: return ret; error: - if (!sig_info->signal_received) - { - register_signal(sig_info, SIGUSR1, "HTTP proxy error"); /* SOFT-SIGUSR1 -- HTTP proxy error */ - } + register_signal(sig_info, SIGUSR1, "HTTP proxy error"); /* SOFT-SIGUSR1 -- HTTP proxy error */ gc_free(&gc); return ret; } diff --git a/src/openvpn/sig.c b/src/openvpn/sig.c index e462b93e..d6b18cb1 100644 --- a/src/openvpn/sig.c +++ b/src/openvpn/sig.c @@ -47,16 +47,17 @@ struct signal_info siginfo_static; /* GLOBAL */ struct signame { int value; + int priority; const char *upper; const char *lower; }; static const struct signame signames[] = { - { SIGINT, "SIGINT", "sigint"}, - { SIGTERM, "SIGTERM", "sigterm" }, - { SIGHUP, "SIGHUP", "sighup" }, - { SIGUSR1, "SIGUSR1", "sigusr1" }, - { SIGUSR2, "SIGUSR2", "sigusr2" } + { SIGINT, 5, "SIGINT", "sigint"}, + { SIGTERM, 4, "SIGTERM", "sigterm" }, + { SIGHUP, 3, "SIGHUP", "sighup" }, + { SIGUSR1, 2, "SIGUSR1", "sigusr1" }, + { SIGUSR2, 1, "SIGUSR2", "sigusr2" } }; int @@ -73,6 +74,19 @@ parse_signal(const char *signame) return -1; } +static int +signal_priority(int sig) +{ + for (size_t i = 0; i < SIZE(signames); ++i) + { + if (sig == signames[i].value) + { + return signames[i].priority; + } + } + return -1; +} + const char * signal_name(const int sig, const bool upper) { @@ -103,16 +117,22 @@ signal_description(const int signum, const char *sigtext) void throw_signal(const int signum) { - siginfo_static.signal_received = signum; - siginfo_static.source = SIG_SOURCE_HARD; + if (signal_priority(signum) >= signal_priority(siginfo_static.signal_received)) + { + siginfo_static.signal_received = signum; + siginfo_static.source = SIG_SOURCE_HARD; + } } void throw_signal_soft(const int signum, const char *signal_text) { - siginfo_static.signal_received = signum; - siginfo_static.source = SIG_SOURCE_SOFT; - siginfo_static.signal_text = signal_text; + if (signal_priority(signum) >= signal_priority(siginfo_static.signal_received)) + { + siginfo_static.signal_received = signum; + siginfo_static.source = SIG_SOURCE_SOFT; + siginfo_static.signal_text = signal_text; + } } void @@ -472,9 +492,10 @@ process_signal(struct context *c) void register_signal(struct signal_info *si, int sig, const char *text) { - if (si->signal_received != SIGTERM) + if (signal_priority(sig) >= signal_priority(si->signal_received)) { si->signal_received = sig; + si->signal_text = text; + si->source = SIG_SOURCE_SOFT; } - si->signal_text = text; } diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index faaa2748..59d89352 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -2277,8 +2277,12 @@ link_socket_init_phase2(struct context *c) done: if (sig_save.signal_received) { - /* This can potentially lose a saved high priority signal -- to be fixed */ - if (!sig_info->signal_received) + /* Always restore the saved signal -- register/throw_signal will handle priority */ + if (sig_save.source == SIG_SOURCE_HARD && sig_info == &siginfo_static) + { + throw_signal(sig_save.signal_received); + } + else { register_signal(sig_info, sig_save.signal_received, sig_save.signal_text); } diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index b2ca3744..8f2ae226 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -499,11 +499,8 @@ establish_socks_proxy_passthru(struct socks_proxy_info *p, return; error: - if (!sig_info->signal_received) - { - /* SOFT-SIGUSR1 -- socks error */ - register_signal(sig_info, SIGUSR1, "socks-error"); - } + /* SOFT-SIGUSR1 -- socks error */ + register_signal(sig_info, SIGUSR1, "socks-error"); return; } @@ -543,11 +540,8 @@ establish_socks_proxy_udpassoc(struct socks_proxy_info *p, return; error: - if (!sig_info->signal_received) - { - /* SOFT-SIGUSR1 -- socks error */ - register_signal(sig_info, SIGUSR1, "socks-error"); - } + /* SOFT-SIGUSR1 -- socks error */ + register_signal(sig_info, SIGUSR1, "socks-error"); return; }