From: Christian Hesse <m...@eworm.de>
In non-TLS configuration we wait for the remote peer to connect
before issuing "Initialization Sequence Completed". So prevent to
time out by telling systemd service manager we are ready for now.
Status will be "Non-TLS mode, ready for now. Waiting for peer..."
and changes once the remote peer connects.
This fixes #801 (static key tunnels impossible to start via systemd)
Tested-by: Mantas Mikulėnas <graw...@gmail.com>
Signed-off-by: Christian Hesse <m...@eworm.de>
---
src/openvpn/openvpn.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/src/openvpn/openvpn.c b/src/openvpn/openvpn.c
index 888acda..ae948f9 100644
--- a/src/openvpn/openvpn.c
+++ b/src/openvpn/openvpn.c
@@ -30,6 +30,10 @@
#include "syshead.h"
+#ifdef ENABLE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "init.h"
#include "forward.h"
#include "multi.h"
@@ -73,6 +77,21 @@ tunnel_point_to_point(struct context *c)
return;
}
+#ifdef ENABLE_SYSTEMD
+ /* In non-TLS configuration we wait for the remote peer to connect
+ * before issuing "Initialization Sequence Completed". So prevent to
+ * time out by telling systemd service manager we are ready for now.
+ * Status will be "Non-TLS mode, ready for now. Waiting for peer..."
+ * and changes once the remote peer connects. */
+ if (c->options.tls_client == false
+ && c->options.tls_server == false)
+ {
+ sd_notifyf(0, "READY=1\n"
+ "STATUS=Non-TLS mode, ready for now. Waiting for peer...\n"
+ "MAINPID=%lu", (unsigned long) getpid());
+ }
+#endif
+
/* main event loop */
while (true)
{
--
2.11.0
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
