From patchwork Thu Sep 12 16:53:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 3829 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:24eb:b0:5b9:581e:f939 with SMTP id o11csp898796man; Thu, 12 Sep 2024 09:53:56 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUAORzDjXKmWiSwpcj3l3FMuAsA4OwIFzuuQWrgX7PnC5z4502BPK5wOjEpphHdgCS8kYZKwYmlmTU=@openvpn.net X-Google-Smtp-Source: AGHT+IGw4u5gUujN3/WlWwnTPTv1wVtlmAttVI88x4IYqYrz3ORlJGsSV/fd+ymBBRaKWxUsHsvP X-Received: by 2002:a05:6e02:174f:b0:3a0:5388:494 with SMTP id e9e14a558f8ab-3a084971b1amr38123045ab.23.1726160036755; Thu, 12 Sep 2024 09:53:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1726160036; cv=none; d=google.com; s=arc-20240605; b=TbFcGd5D7u+7CpLPBH9iVcXuHIaNr7ZuLw2goDrNjArO/ErJMeMLmQ2KsHpW6O9gR1 jjRYgTO1o09wCWKkCG1sr0ZpEwu3IqbhSefTShobBCxW4PXX4cIuCnn3ZZOoJgbNHOQD 3Y61aPjU4fswWyZT42sLYmALM0uIZ8vQMs7fwADHKK4vOOrutfw4q7ob9tRVuv2bTwew mC6wwOn5wRHzJzOCPKhQE/q0Xb4zyi31SDOKaZCv+cs/kUPNj6mrKD3ztYMTlCthdZlr u3xxwo9+F5lA8hWNd00f92PSY3I0BvdUt4mJwx7QNKQmDljz0TcvOw9A5V1bG56CGwSS W8Aw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=x6GegNCKIqfEtJPUoDUGm1XQ5OQbmy0RxeSoAQFqK+k=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=OAo07ZRPbeRu+7u/JatzDM2r4Yoceof1OUik4jjGaVK6HaTMFVWxBX2evDyR+j5Ocj FLQun/E9uQGTVKelQwtrgilZq2wYdL/L5NhxVCxOtM8HZI7QQSa90fbU95XvvAlURb/U LYbMZ30RIedQnIKHH8aoPvFQU662OQ34OEGHbHGK/KrhK0tswJS8IqOxhywUxeL+1Ca2 BLuwZ/yvqaHKAS6qej4e7QojhUuzCkt7x2jkSyUCa+Sbdus2+BtnjQMi6u/cCgi8N+L3 iIT/Pc0BFwyg+o6VPWkkJSy60s58DjeK6L4CX44ECP9w9136QF7sueTU8tbtGn7Gztgs Jx9g==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="WnXVN/oo"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=XLV64NV8; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 8926c6da1cb9f-4d35f90aa66si1577798173.138.2024.09.12.09.53.56 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 Sep 2024 09:53:56 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="WnXVN/oo"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=XLV64NV8; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1son4m-0005Ti-Px; Thu, 12 Sep 2024 16:53:49 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1son4l-0005Tb-Q2 for openvpn-devel@lists.sourceforge.net; Thu, 12 Sep 2024 16:53:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=QfQNstKHIDjDZepApll5Eu43MtP+j/jj0VWLHUHk9uM=; b=WnXVN/oodbOYzwBNdUFbS9PnLa k25Qf97D9Nh4Nm7X86S1OjjQdoCnqiNLP3FXXVy8vLQu8hFJk5K1JcuD8hjjRXXKhLwJh/NDK193A s8ZQTsE1sYK6XHp9VQSHHcquWbfbrel2kPxSG7N6/2NmjwTQOKvmxeWSkWhqa1nxTv5Y=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=QfQNstKHIDjDZepApll5Eu43MtP+j/jj0VWLHUHk9uM=; b=XLV64NV8sv5Yhg9N2P8IzHzjYT sKpQJDhnra4iRlSM/chNJ8lz6u5BCcmAsj67Xwq9p1U/vUUcyhtg0O48i6wMg6zeG2tqj4ccdofJw qrvAjqX7Ws1jKksNtFsc/G7pLgFWhFsJ1KsDWvLH3tQOqwyiGdpI+ptxmjO1G+zUcZFM=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1son4k-0002KU-T3 for openvpn-devel@lists.sourceforge.net; Thu, 12 Sep 2024 16:53:48 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 48CGreMK021068 for ; Thu, 12 Sep 2024 18:53:40 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 48CGreKV021067 for openvpn-devel@lists.sourceforge.net; Thu, 12 Sep 2024 18:53:40 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Thu, 12 Sep 2024 18:53:39 +0200 Message-ID: <20240912165339.21058-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.44.2 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: -0.0 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Antonio Quartulli some extra DCO calls may be made after receiving the DEL_PEER notification (i.e. due to timeout), but this will result in an error message due to the peer having disappeared already. Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record X-Headers-End: 1son4k-0002KU-T3 Subject: [Openvpn-devel] [PATCH v1] dco: mark peer as deleted from kernel after receiving CMD_DEL_PEER notification X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1810009986600313165?= X-GMAIL-MSGID: =?utf-8?q?1810009986600313165?= From: Antonio Quartulli some extra DCO calls may be made after receiving the DEL_PEER notification (i.e. due to timeout), but this will result in an error message due to the peer having disappeared already. An extra call might be, for example, an explicit DEL_PEER in the attempt of cleaning the peer state. For this reason, inform userspace that there is no peer in kernel anymore and prevent errors which may result confusing. Change-Id: Ife50e37cd49d55ec81a70319a524ffeaf0625a56 Signed-off-by: Antonio Quartulli Acked-by: Arne Schwabe --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/744 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index 40b7cc4..374ba47 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -1256,6 +1256,8 @@ switch (dco->dco_message_type) { case OVPN_CMD_DEL_PEER: + /* peer is gone, unset ID to prevent more kernel calls */ + c->c2.tls_multi->dco_peer_id = -1; if (dco->dco_del_peer_reason == OVPN_DEL_PEER_REASON_EXPIRED) { msg(D_DCO_DEBUG, "%s: received peer expired notification of for peer-id "