Attention is currently required from: flichtenheld. Hello flichtenheld,
I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/855?usp=email to look at the new patch set (#2). Change subject: Improve error reporting from AF_UNIX tun/tap support ...................................................................... Improve error reporting from AF_UNIX tun/tap support When having a non-existent lwipovpn binary or similar problems, the error reporting would often only report read error that were harder to identify the real problem. Add the openvpn_waitpid_check method that checks for error conditions and reports a better message in cases of problems. Change-Id: I81cbecd19018290d85c6c77fba7769f040d66233 Signed-off-by: Arne Schwabe <a...@rfc2549.org> --- M src/openvpn/run_command.c M src/openvpn/run_command.h M src/openvpn/tun_afunix.c 3 files changed, 72 insertions(+), 8 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/55/855/2 diff --git a/src/openvpn/run_command.c b/src/openvpn/run_command.c index d757823..39c2ea7 100644 --- a/src/openvpn/run_command.c +++ b/src/openvpn/run_command.c @@ -107,6 +107,45 @@ } bool +openvpn_waitpid_check(pid_t pid, const char *msg_prefix, int msglevel) +{ + if (pid == 0) + { + return false; + } + int status; + pid_t pidret = waitpid(pid, &status, WNOHANG); + if (pidret != pid) + { + return true; + } + + if (WIFEXITED(status)) + { + int exitcode = WEXITSTATUS(status); + + if (exitcode == OPENVPN_EXECVE_FAILURE) + { + msg(msglevel, "%scould not execute external program (exit code 127)", + msg_prefix); + } + else + { + msg(msglevel, "%sexternal program exited with error status: %d", + msg_prefix, exitcode); + } + + } + else if (WIFSIGNALED(status)) + { + msg(msglevel, "%sexternal program received signal %d", + msg_prefix, WTERMSIG(status)); + } + + return false; +} + +bool openvpn_execve_allowed(const unsigned int flags) { if (flags & S_SCRIPT) diff --git a/src/openvpn/run_command.h b/src/openvpn/run_command.h index c92edbc..31ed089 100644 --- a/src/openvpn/run_command.h +++ b/src/openvpn/run_command.h @@ -59,6 +59,19 @@ int openvpn_execve_check(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *error_message); + +/** Checks if a running process is still running. This is mainly useful + * for processes started with \c S_NOWAITPID + * @param pid pid of the process to be checked + * @param msg_prefix prefixed of the message that be printed + * @param msglevel msglevel of the messages to be printed + * @return true if the process is still running, false if + * an error condition occurred + */ +bool +openvpn_waitpid_check(pid_t pid, const char *msg_prefix, + int msglevel); + /** * Will run a script and return the exit code of the script if between * 0 and 255, -1 otherwise diff --git a/src/openvpn/tun_afunix.c b/src/openvpn/tun_afunix.c index 6b6c159..c626993 100644 --- a/src/openvpn/tun_afunix.c +++ b/src/openvpn/tun_afunix.c @@ -47,9 +47,12 @@ #include <signal.h> #include <stdlib.h> + + static void tun_afunix_exec_child(const char *dev_node, struct tuntap *tt, struct env_set *env) { + const char *msgprefix = "ERROR: failure executing process for tun:"; struct argv argv = argv_new(); /* since we know that dev-node starts with unix: we can just skip that @@ -58,10 +61,12 @@ argv_printf(&argv, "%s", program); - argv_msg(M_INFO, &argv); tt->afunix.childprocess = openvpn_execve_check(&argv, env, S_NOWAITPID, - "ERROR: failure executing " - "process for tun"); + msgprefix); + if (!openvpn_waitpid_check(tt->afunix.childprocess, msgprefix, M_WARN)) + { + tt->afunix.childprocess = 0; + } argv_free(&argv); } @@ -138,20 +143,27 @@ ssize_t write_tun_afunix(struct tuntap *tt, uint8_t *buf, int len) { - int ret; - pid_t pidret = waitpid(tt->afunix.childprocess, &ret, WNOHANG); - if (pidret == tt->afunix.childprocess) + const char *msg = "ERROR: failure during write to AF_UNIX socket: "; + if (!openvpn_waitpid_check(tt->afunix.childprocess, msg, M_WARN)) { - msg(M_INFO, "Child process PID %d for afunix dead? Return code: %d", - tt->afunix.childprocess, ret); + tt->afunix.childprocess = 0; return -ENXIO; } + return write(tt->fd, buf, len); } ssize_t read_tun_afunix(struct tuntap *tt, uint8_t *buf, int len) { + const char *msg = "ERROR: failure during read from AF_UNIX socket: "; + if (!openvpn_waitpid_check(tt->afunix.childprocess, msg, M_WARN)) + { + tt->afunix.childprocess = 0; + } + /* do an actual read on the file descriptor even in the error case since + * we otherwise loop on this on this from select and spam the console + * with error messages */ return read(tt->fd, buf, len); } #else /* ifndef WIN32 */ -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/855?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I81cbecd19018290d85c6c77fba7769f040d66233 Gerrit-Change-Number: 855 Gerrit-PatchSet: 2 Gerrit-Owner: plaisthos <arne-open...@rfc2549.org> Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-Attention: flichtenheld <fr...@lichtenheld.com> Gerrit-MessageType: newpatchset
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel