On Sat, Dec 31, 2022 at 05:40:49PM +0100, Gert Doering wrote:
> On Sat, Dec 17, 2022 at 07:09:34PM -0500, Selva Nair wrote:
> > tldr: Can we get CONNECTED,ERROR instead of CONNECTED,SUCCESS on route
> > errors?
> I think this makes sense.  Not sure how complicated it is, and if we
> can make this before 2.6.0 ("some time in January").

So if I am reading this right, "CONNECTED,<something>" is produced
by management_set_state() -> log_entry_print(), with the "something"
being transported via "detail" -> "e->string".

"CONNECTED" is only produced by init.c::initialization_sequence_completed(),
and there already is a case for "CONNECTED,ERROR" though I don't understand

        if (flags & ISC_ERRORS)
            detail = "ERROR";

(which will also log "Initialization Sequence Completed *With Errors*",
but the rest of that branch might be a bit misleading, as it will
tell systemd "STATUS=Failed")

initialization_sequence_completed() is called from init.c::do_up()
(for client/p2p), forward.c, and mtcp.c/mudp.c (Server).

The "--route-delay" case goes via forward.c::check_add_routes_action(),
which *can* signal ERROR.  init.c::do_up() does not.

Routes are (if no --route-delay) set up by do_init_tun(), which calls
do_route().  So adding an "&flags" parameter to that call chain which sets
ISC_ERROR if a route addition fails might be a viable approach.

... and then I found ROUTE_BEFORE_TUN, ROUTE_AFTER_TUN... which adds
yet another call chain, which is totally irrelevant but would need that
extra argument as well...

And, --route-delay, I need to understand better what the code is doing


"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             g...@greenie.muc.de

Attachment: signature.asc
Description: PGP signature

Openvpn-devel mailing list

Reply via email to