mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 03:52:28 +02:00
client-kill management interface command, when issued on server, will
now send a RESTART message to client. This feature is intended to make UDP clients respond the same as TCP clients in the case where the server issues a RESTART message in order to force the client to reconnect and pull a new options/route list. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5021 e7ae566f-a301-0410-adde-c780ea21d3b5
This commit is contained in:
james
parent
7e6f2d6f50
commit
f25071b66f
11
forward.c
11
forward.c
@ -157,6 +157,8 @@ check_incoming_control_channel_dowork (struct context *c)
|
||||
receive_auth_failed (c, &buf);
|
||||
else if (buf_string_match_head_str (&buf, "PUSH_"))
|
||||
incoming_push_message (c, &buf);
|
||||
else if (buf_string_match_head_str (&buf, "RESTART"))
|
||||
server_pushed_restart (c, &buf);
|
||||
else
|
||||
msg (D_PUSH_ERRORS, "WARNING: Received unknown control message: %s", BSTR (&buf));
|
||||
}
|
||||
@ -181,7 +183,7 @@ check_push_request_dowork (struct context *c)
|
||||
event_timeout_modify_wakeup (&c->c2.push_request_interval, 5);
|
||||
}
|
||||
|
||||
#endif
|
||||
#endif /* P2MP */
|
||||
|
||||
/*
|
||||
* Things that need to happen immediately after connection initiation should go here.
|
||||
@ -328,15 +330,16 @@ check_server_poll_timeout_dowork (struct context *c)
|
||||
}
|
||||
|
||||
/*
|
||||
* Schedule a SIGTERM n_seconds from now.
|
||||
* Schedule a signal n_seconds from now.
|
||||
*/
|
||||
void
|
||||
schedule_exit (struct context *c, const int n_seconds)
|
||||
schedule_exit (struct context *c, const int n_seconds, const int signal)
|
||||
{
|
||||
tls_set_single_session (c->c2.tls_multi);
|
||||
update_time ();
|
||||
reset_coarse_timers (c);
|
||||
event_timeout_init (&c->c2.scheduled_exit, n_seconds, now);
|
||||
c->c2.scheduled_exit_signal = signal;
|
||||
msg (D_SCHED_EXIT, "Delayed exit in %d seconds", n_seconds);
|
||||
}
|
||||
|
||||
@ -346,7 +349,7 @@ schedule_exit (struct context *c, const int n_seconds)
|
||||
void
|
||||
check_scheduled_exit_dowork (struct context *c)
|
||||
{
|
||||
c->sig->signal_received = SIGTERM;
|
||||
c->sig->signal_received = c->c2.scheduled_exit_signal;
|
||||
c->sig->signal_text = "delayed-exit";
|
||||
}
|
||||
|
||||
|
||||
@ -80,7 +80,7 @@ bool send_control_channel_string (struct context *c, const char *str, int msglev
|
||||
void process_ipv4_header (struct context *c, unsigned int flags, struct buffer *buf);
|
||||
|
||||
#if P2MP
|
||||
void schedule_exit (struct context *c, const int n_seconds);
|
||||
void schedule_exit (struct context *c, const int n_seconds, const int signal);
|
||||
#endif
|
||||
|
||||
#endif /* FORWARD_H */
|
||||
|
||||
2
multi.c
2
multi.c
@ -2539,7 +2539,7 @@ management_kill_by_cid (void *arg, const unsigned long cid)
|
||||
struct multi_instance *mi = lookup_by_cid (m, cid);
|
||||
if (mi)
|
||||
{
|
||||
multi_signal_instance (m, mi, SIGTERM);
|
||||
send_restart (&mi->context); /* was: multi_signal_instance (m, mi, SIGTERM); */
|
||||
return true;
|
||||
}
|
||||
else
|
||||
|
||||
@ -436,6 +436,7 @@ struct context_2
|
||||
struct event_timeout server_poll_interval;
|
||||
|
||||
struct event_timeout scheduled_exit;
|
||||
int scheduled_exit_signal;
|
||||
#endif
|
||||
|
||||
/* packet filter */
|
||||
|
||||
28
push.c
28
push.c
@ -72,7 +72,22 @@ receive_auth_failed (struct context *c, const struct buffer *buffer)
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Act on received restart message from server
|
||||
*/
|
||||
void
|
||||
server_pushed_restart (struct context *c, const struct buffer *buffer)
|
||||
{
|
||||
if (c->options.pull)
|
||||
{
|
||||
msg (D_STREAM_ERRORS, "Connection reset command was pushed by server");
|
||||
c->sig->signal_received = SIGUSR1; /* SOFT-SIGUSR1 -- server-pushed connection reset */
|
||||
c->sig->signal_text = "server-pushed-connection-reset";
|
||||
}
|
||||
}
|
||||
|
||||
#if P2MP_SERVER
|
||||
|
||||
/*
|
||||
* Send auth failed message from server to client.
|
||||
*/
|
||||
@ -83,7 +98,7 @@ send_auth_failed (struct context *c, const char *client_reason)
|
||||
static const char auth_failed[] = "AUTH_FAILED";
|
||||
size_t len;
|
||||
|
||||
schedule_exit (c, c->options.scheduled_exit_interval);
|
||||
schedule_exit (c, c->options.scheduled_exit_interval, SIGTERM);
|
||||
|
||||
len = (client_reason ? strlen(client_reason)+1 : 0) + sizeof(auth_failed);
|
||||
if (len > TLS_CHANNEL_BUF_SIZE)
|
||||
@ -99,6 +114,17 @@ send_auth_failed (struct context *c, const char *client_reason)
|
||||
|
||||
gc_free (&gc);
|
||||
}
|
||||
|
||||
/*
|
||||
* Send restart message from server to client.
|
||||
*/
|
||||
void
|
||||
send_restart (struct context *c)
|
||||
{
|
||||
schedule_exit (c, c->options.scheduled_exit_interval, SIGTERM);
|
||||
send_control_channel_string (c, "RESTART", D_PUSH);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
||||
4
push.h
4
push.h
@ -49,6 +49,8 @@ bool send_push_request (struct context *c);
|
||||
|
||||
void receive_auth_failed (struct context *c, const struct buffer *buffer);
|
||||
|
||||
void server_pushed_restart (struct context *c, const struct buffer *buffer);
|
||||
|
||||
#if P2MP_SERVER
|
||||
|
||||
void clone_push_list (struct options *o);
|
||||
@ -64,6 +66,8 @@ void remove_iroutes_from_push_route_list (struct options *o);
|
||||
|
||||
void send_auth_failed (struct context *c, const char *client_reason);
|
||||
|
||||
void send_restart (struct context *c);
|
||||
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
Loading…
Reference in New Issue
Block a user