From patchwork Fri Oct 25 11:21:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 3912 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:3a4c:b0:5b9:581e:f939 with SMTP id n12csp923090mao; Fri, 25 Oct 2024 04:22:27 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWBvx4UWxJovMoXmMXeXlWXhudMW5kkOod/mmEyDJHECXg5mGkcc38qhyR0dqRXKgMFks25la0Hcos=@openvpn.net X-Google-Smtp-Source: AGHT+IHgVXjeOTtpH/2zHu3/muiIp1eVCgNNLxNVDoSIjaWzqBH7gdkpst1yRl2RqdyNud9lSzXl X-Received: by 2002:a05:6e02:12ef:b0:3a3:9801:b668 with SMTP id e9e14a558f8ab-3a4d5977eb6mr103685955ab.15.1729855347556; Fri, 25 Oct 2024 04:22:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1729855347; cv=none; d=google.com; s=arc-20240605; b=X3LiKdG3O1MscZMaaa2wZKkk0IVIW6PJ83QyYzLMP1LtXjnM4iYxOp438MHbGfWCal qkkPHUBrABUM4oNRBDmbMIQEkFpJSqcC17izo4oMdxATFtRaCbvUl2WNGxhOoO5PFXs9 3ecZcd6nAlsdbLS6LE6nrM+wjSujrKnj4NWzivzOCS8y9LzAhJGUjOa8glHvq/SrBCTf 7ZDD6UNkvrExkjQ8s8sWMUflJnXrIaiC+kPtul04jYM9cf15sEJy3W1KiBlYSTECtqgW FjOGnNhUaRXXHdPtfffOq9ijdZA1U4G8QRRjC+gFyh5fQq/a4Z7HSTJL9EWU0zsQTCT/ Pagw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:mime-version:cc:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:references :in-reply-to:to:from:message-id:date:dkim-signature:dkim-signature; bh=quA2SrttsNOm4WWQeCY6JubQ2k3yHRC/uxTAn032vOE=; fh=m5MEDbhAmdOO5Qbujp76oGS5B16xsN3kqxE5VUwB0ew=; b=c5l6L/hKQ+khtuzoaI91QDh+QMKk3USneFV1L3XJZaIsvsMw3xEoEvOpgsNBMmZYov m5eq3o9NNgDLQFQNIVg0uXOKInIfG2bh38y4jlhw2GcZ2G+ciGa23h0zt5PAkMKxM6pG JkNwLDG4wRFtkKFlPHEBxQYzVbjX2dnon/GtZQIMHrBKss58UYJzJqfqieUUcVfOuzPZ A8klNQBFNa9M4K9BO02LFAT5nmih//vkGvbvj7taEyY/1W6S5clp7oWCv2bLl3Y1Zjby 9gWnxu7XL5u2MsRDRX9kFOmGqWYrE1mu7qMeeT6ucE0WgL8fGy+G2RLqD5MM8tlIvGaa uAxQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=AspG1wpr; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=PHVyaold; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id e9e14a558f8ab-3a4e6e54930si4960215ab.104.2024.10.25.04.22.27 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 25 Oct 2024 04:22:27 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=AspG1wpr; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=PHVyaold; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1t4IOW-00023W-8r; Fri, 25 Oct 2024 11:22:15 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1t4IOO-00023M-R7 for openvpn-devel@lists.sourceforge.net; Fri, 25 Oct 2024 11:22:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Subject:Cc:To:From: Message-Id:Date:Sender:Reply-To:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=ccZuS631Ubi78eGbwsexAu23jsxFbs+gXvjUXYSj7/k=; b=AspG1wprN6uhoFhkZptBdVNduz owspB3eckyl6+ShmHavTCJLswIeKGWHZoH0BYYjrdQuqOb0uVfLMAcjqtyQEktyKMMw3WTJjj3XFP uDzfUcIr+WyCKoBIW81g68F740j2+CxRy7bnJx9m9Rr8lPSSKjLbf8Uu0X0XlS/hDEfg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Subject:Cc:To:From:Message-Id:Date:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=ccZuS631Ubi78eGbwsexAu23jsxFbs+gXvjUXYSj7/k=; b=PHVyaoldgjGs4QBSM6TJTsPYrh AUmVqMPB/Gqq7PL3vRA5y74kTP9nZ8HNycwM/S+j0Kdq8rvTzmcxgERylJRbjSSZV69T4blblD9zU 36RA2jWry6ZjePDNJcgkQODl958z+cyv0CTLV/u3PGZ2oAMCN1EkPu4aWlnNMxDQhNBU=; Received: from chekov.greenie.muc.de ([193.149.48.178]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1t4ION-0003r3-0E for openvpn-devel@lists.sourceforge.net; Fri, 25 Oct 2024 11:22:08 +0000 Received: from chekov.greenie.muc.de (localhost [IPv6:0:0:0:0:0:0:0:1]) by chekov.greenie.muc.de (8.18.1/8.18.1) with ESMTPS id 49PBLsXg064613 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Fri, 25 Oct 2024 13:21:54 +0200 (CEST) (envelope-from gert@chekov.greenie.muc.de) Received: (from gert@localhost) by chekov.greenie.muc.de (8.18.1/8.18.1/Submit) id 49PBLsu6064612; Fri, 25 Oct 2024 13:21:54 +0200 (CEST) (envelope-from gert) Date: Fri, 25 Oct 2024 13:21:54 +0200 (CEST) Message-Id: <202410251121.49PBLsu6064612@chekov.greenie.muc.de> From: Gert Doering To: =?unknown-8bit?q?Samuli_Sepp=E4nen_=3Csamuli=2Eseppanen=40gmail=2Ecom=3E?= X-Patchwork-State: Accepted In-Reply-To: <20241025103632.4413-1-gert@greenie.muc.de> References: <20241025103632.4413-1-gert@greenie.muc.de> X-Spam-Score: 0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Tested this quite extensively up to v9 ; -) - by intentionally making openvpn server misbehave (ignoring first 2 signals sent to it) with this patch --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3864,6 +3864,10 @@ multi_push_restart_schedule_exit(struct multi_context *m, bool next_server) bool multi_process_signal(struct multi_context *m [...] Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.2 PP_MIME_FAKE_ASCII_TEXT BODY: MIME text/plain claims to be ASCII but isn't X-Headers-End: 1t4ION-0003r3-0E Subject: [Openvpn-devel] [PATCH applied] Re: t_server_null: forcibly kill misbehaving servers X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: openvpn-devel@lists.sourceforge.net MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1813881938708271398?= X-GMAIL-MSGID: =?utf-8?q?1813884801060215976?= Tested this quite extensively up to v9 ;-) - by intentionally making openvpn server misbehave (ignoring first 2 signals sent to it) with this patch see from the buildbot fail mails what happened and if this is "infra problem" or "incoming patch problem". BB + GHA agree that this is fine, for the non-broken-server case ;-) Your patch has been applied to the master branch. commit 37db7fe37afb555de651314a04c537fd7fbaa280 Author: Samuli Seppänen Date: Fri Oct 25 12:36:31 2024 +0200 t_server_null: forcibly kill misbehaving servers Signed-off-by: Samuli Seppänen Acked-by: Gert Doering Message-Id: <20241025103632.4413-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29655.html Signed-off-by: Gert Doering --- kind regards, Gert Doering --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3864,6 +3864,10 @@ multi_push_restart_schedule_exit(struct multi_context *m, bool next_server) bool multi_process_signal(struct multi_context *m) { +static int n=0; + if (n++ < 1 ) + { msg(M_INFO, "MPS: ignore signal"); signal_reset(m->top.sig,0); return false; } + .. and v9 now properly reports this as "test fail" plus shows the (previously root-owned and unreadable) log file, so we can more easily