From patchwork Fri Jul 11 10:07:00 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 4304 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:3846:b0:671:5a2c:6455 with SMTP id n6csp9637384mal; Fri, 11 Jul 2025 03:23:51 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWK1+4nKysGjFhgxR0zlWP6Y4JWOxXIpU+zOlJ0IBZvIlgktsclkfBO/wRWDHDCTgfwY5BVX66qgF4=@openvpn.net X-Google-Smtp-Source: AGHT+IGPPAHDmjb5f1bflIrtWt4fHmRdQxSCqhfcBTZI8Z7H1Tl654GhrAUkGcZaaWRGY4gexpSz X-Received: by 2002:a05:6870:790c:b0:2bc:7007:5145 with SMTP id 586e51a60fabf-2ff26766defmr1980492fac.9.1752229431659; Fri, 11 Jul 2025 03:23:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1752229431; cv=none; d=google.com; s=arc-20240605; b=DDL8de7jPY17rzhd0+xxBnoG9Lrd54IzjmTSOVRFeN1WEWrt+x3KMP2bMWTS6aQgYo 9BVPh0lKt2oQg5JX3nYWjhd9yZ1J9eF5q82KoEHTms/67eyaMD+ut2fN7lSYhvbxdmvC 4r5PxXIvH1K/z8PpbIl+Vq7jahAspLlzbFfr6W3miGasigrI3UFNp03+BQBq3+B6W+YR nYrPI7VJ1jlyz+2yZFQOi8Zfp10cRBVJgtKIQMTdTm4fi/daYdyTXAB0qvP77CpqvdlX YBO6ScbcGQJN/u+IGzU3TZxkTPfy1UnECZ0WYRQyB4QKJE76TpwfJC/X+RJDnwiaXpXS RTbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature:dkim-signature; bh=MuCsljqAJ48BMMOOSlXZWij6l1qBRqw4hduJRg02mI8=; fh=CfxSpwd5kfiMJoL3kcov7PTxVKT7pGe/79idnx9XlBs=; b=Sh73y2JmDqyG9cP4eOP+I32UAK1LGFBTPM6IacsU/axVUsF49aVjTH7ZxDIvKa6zfj +EnxmdoOf/Wi+MSN9mug5MPjspErvEKQH8iANdVqvUUG/9uGGX5SqlSQyPog4tnL+9zC LM4rGVHK2o7olUtdGgrozXxBuLi39+sRlKUTB+NNFIN2iEqOyMFtXGlsr+KiU+40OzcR WUQS/MkyV3JyPuZ1b2L+birVI1UnQegucoU5/CgFP23hvDLz95J5Pm+v6ukNASU88Fk/ vleCTV24zqgFe/K7+2YL6U51B65CKgWAlRMA/ntPmCAF2yDEcPnZmZGTqNzcYz+JMguZ p9Aw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=bQu2poAl; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=jjq9VVao; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=IBfC+gX8; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=VXcXqNP8; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-2ff116a4f0fsi2245638fac.149.2025.07.11.03.23.51 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 11 Jul 2025 03:23:51 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=bQu2poAl; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=jjq9VVao; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=IBfC+gX8; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=VXcXqNP8; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-Id:Date:To:From:Sender: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MuCsljqAJ48BMMOOSlXZWij6l1qBRqw4hduJRg02mI8=; b=bQu2poAlRPO/6US9UhogwBL2O0 iC6OXl/b8vBbW83NldmaXeJCWaUA+K8L/ohdFV4bvQvr1cyrrcfcpgFy3rVuvHnyQaRx4RzVVcqCp Ydr1nbHTpqKhbRdWmE6Uitf+zkh55heGaO5QnURH6rGsJRUYE3ffFEC7MEwwGrQfZ/nU=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1uaAuv-0005CM-II; Fri, 11 Jul 2025 10:23:45 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1uaAuu-0005CD-IH for openvpn-devel@lists.sourceforge.net; Fri, 11 Jul 2025 10:23:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=3Io5gKKsqZCBWtDh7zMnmwVYZBWpCuoItXKOe5ALb8o=; b=jjq9VVaoHBukTlZbulYWw+WXQO vQtYjZ7oBF3MAsysJB0XKEvDflgNJMZgYHjIgzwXAN5vGYL+x+aTEfd/IRuKWi1iwc3KQdXg4jdH6 PkeajCuIpoiq5T+zRK7Oqs3R9OxtzEsIDE1nD+qj3jZmSRVEDQ2yKU6njkgtJeZBDTOc=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=3Io5gKKsqZCBWtDh7zMnmwVYZBWpCuoItXKOe5ALb8o=; b=IBfC+gX80bgmElOy2AvETJIDR4 00ek3JIJk2yuEEm7ZQp6pp5r+P+wr1WjdRpHXhushpNuB14yKsTkO1kz+GtWHk2Ct69LWpE4dzAhQ H36GdsdyIi8VglmW/3PHfeEubTVGk10Ib263uColMV8LxTd1MDyL4nX6zZMCb6K5cGoc=; Received: from mout-p-101.mailbox.org ([80.241.56.151]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1uaAut-0004qu-SS for openvpn-devel@lists.sourceforge.net; Fri, 11 Jul 2025 10:23:44 +0000 Received: from smtp102.mailbox.org (smtp102.mailbox.org [IPv6:2001:67c:2050:b231:465::102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4bdnSQ0bThz9smc; Fri, 11 Jul 2025 12:07:02 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com; s=MBO0001; t=1752228422; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3Io5gKKsqZCBWtDh7zMnmwVYZBWpCuoItXKOe5ALb8o=; b=VXcXqNP8IByUkYbUJ7F2lrSI5Ho7Fase73r8ejeBM92IlSkke14BDIKvJr5MQogm+QKOZD h/HhZ/deLgvu77cOaOc2pO4tdnY/O/bup581lIYKHdp+ePTjpoZ2G+FfkawhlqJiL86WvW f7zuOz1ieGXRbYZO+W3EL03bfD3oZfoEvzKX+gmZdNTV9EM/GWOrqLck9FOwoa8jCbSHdR p7i1Xek19+B7wLWDMecOvxCkxCh9Wmf0DNzhTkqQDCBLM9E4bZpaQbVanDwnoNqfdE1Mxg YRtHDGjz1hA+rhLGBdQP+GgKh2iiFgjya0UBK+KTKoVY4w218h/xYbOqkDkeEw== Authentication-Results: outgoing_mbo_mout; dkim=none; spf=pass (outgoing_mbo_mout: domain of frank@lichtenheld.com designates 2001:67c:2050:b231:465::102 as permitted sender) smtp.mailfrom=frank@lichtenheld.com From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Fri, 11 Jul 2025 12:07:00 +0200 Message-Id: <20250711100700.241668-1-frank@lichtenheld.com> In-Reply-To: References: MIME-Version: 1.0 X-Rspamd-Queue-Id: 4bdnSQ0bThz9smc X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Heiko Hund In case more than one openvpn connection is coming up or going down at the same time, there is potential for breakage, since the operations performed are not atomic. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-Headers-End: 1uaAut-0004qu-SS Subject: [Openvpn-devel] [PATCH v4] mac dns: do not run dns-updown in parallel X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Arne Schwabe Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1837345728389736442?= X-GMAIL-MSGID: =?utf-8?q?1837345728389736442?= From: Heiko Hund In case more than one openvpn connection is coming up or going down at the same time, there is potential for breakage, since the operations performed are not atomic. Introduce a locking mechanism, which let's scripts run in sequence, to prevent races between them. Change-Id: I7adfaa08df6a17545cca8264d7230b5e65e49719 Signed-off-by: Heiko Hund Acked-by: Arne Schwabe --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1076 This mail reflects revision 4 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe diff --git a/distro/dns-scripts/macos-dns-updown.sh b/distro/dns-scripts/macos-dns-updown.sh index 73bbee9..fb17b2b0 100644 --- a/distro/dns-scripts/macos-dns-updown.sh +++ b/distro/dns-scripts/macos-dns-updown.sh @@ -26,6 +26,23 @@ # dns_server_1_sni dns.mycorp.in # +lockdir=/var/lock +if [ ! -d "${lockdir}" ]; then + /bin/mkdir "${lockdir}" + /bin/chmod 1777 "${lockdir}" +fi + +i=1 +lockfile="${lockdir}/openvpn-dns-updown.lock" +while ! /usr/bin/shlock -f $lockfile -p $$; do + if [ $((++i)) -gt 10 ]; then + echo "dns-updown failed, could not acquire lock" + exit 1 + fi + sleep 0.2 +done +trap "/bin/rm -f ${lockfile}" EXIT + [ -z "${dns_vars_file}" ] || . "${dns_vars_file}" itf_dns_key="State:/Network/Service/openvpn-${dev}/DNS"