Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/855?usp=email
to look at the new patch set (#2).
Change subject: Improve error reporting from AF_UNIX tun/tap support
......................................................................
Improve error reporting from AF_UNIX tun/tap support
When having a non-existent lwipovpn binary or similar problems, the
error reporting would often only report read error that were harder to
identify the real problem. Add the openvpn_waitpid_check method
that checks for error conditions and reports a better message in cases
of problems.
Change-Id: I81cbecd19018290d85c6c77fba7769f040d66233
Signed-off-by: Arne Schwabe <a...@rfc2549.org>
---
M src/openvpn/run_command.c
M src/openvpn/run_command.h
M src/openvpn/tun_afunix.c
3 files changed, 72 insertions(+), 8 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/55/855/2
diff --git a/src/openvpn/run_command.c b/src/openvpn/run_command.c
index d757823..39c2ea7 100644
--- a/src/openvpn/run_command.c
+++ b/src/openvpn/run_command.c
@@ -107,6 +107,45 @@
}
bool
+openvpn_waitpid_check(pid_t pid, const char *msg_prefix, int msglevel)
+{
+ if (pid == 0)
+ {
+ return false;
+ }
+ int status;
+ pid_t pidret = waitpid(pid, &status, WNOHANG);
+ if (pidret != pid)
+ {
+ return true;
+ }
+
+ if (WIFEXITED(status))
+ {
+ int exitcode = WEXITSTATUS(status);
+
+ if (exitcode == OPENVPN_EXECVE_FAILURE)
+ {
+ msg(msglevel, "%scould not execute external program (exit code
127)",
+ msg_prefix);
+ }
+ else
+ {
+ msg(msglevel, "%sexternal program exited with error status: %d",
+ msg_prefix, exitcode);
+ }
+
+ }
+ else if (WIFSIGNALED(status))
+ {
+ msg(msglevel, "%sexternal program received signal %d",
+ msg_prefix, WTERMSIG(status));
+ }
+
+ return false;
+}
+
+bool
openvpn_execve_allowed(const unsigned int flags)
{
if (flags & S_SCRIPT)
diff --git a/src/openvpn/run_command.h b/src/openvpn/run_command.h
index c92edbc..31ed089 100644
--- a/src/openvpn/run_command.h
+++ b/src/openvpn/run_command.h
@@ -59,6 +59,19 @@
int openvpn_execve_check(const struct argv *a, const struct env_set *es,
const unsigned int flags, const char *error_message);
+
+/** Checks if a running process is still running. This is mainly useful
+ * for processes started with \c S_NOWAITPID
+ * @param pid pid of the process to be checked
+ * @param msg_prefix prefixed of the message that be printed
+ * @param msglevel msglevel of the messages to be printed
+ * @return true if the process is still running, false if
+ * an error condition occurred
+ */
+bool
+openvpn_waitpid_check(pid_t pid, const char *msg_prefix,
+ int msglevel);
+
/**
* Will run a script and return the exit code of the script if between
* 0 and 255, -1 otherwise
diff --git a/src/openvpn/tun_afunix.c b/src/openvpn/tun_afunix.c
index 6b6c159..c626993 100644
--- a/src/openvpn/tun_afunix.c
+++ b/src/openvpn/tun_afunix.c
@@ -47,9 +47,12 @@
#include <signal.h>
#include <stdlib.h>
+
+
static void
tun_afunix_exec_child(const char *dev_node, struct tuntap *tt, struct env_set
*env)
{
+ const char *msgprefix = "ERROR: failure executing process for tun:";
struct argv argv = argv_new();
/* since we know that dev-node starts with unix: we can just skip that
@@ -58,10 +61,12 @@
argv_printf(&argv, "%s", program);
- argv_msg(M_INFO, &argv);
tt->afunix.childprocess = openvpn_execve_check(&argv, env, S_NOWAITPID,
- "ERROR: failure executing "
- "process for tun");
+ msgprefix);
+ if (!openvpn_waitpid_check(tt->afunix.childprocess, msgprefix, M_WARN))
+ {
+ tt->afunix.childprocess = 0;
+ }
argv_free(&argv);
}
@@ -138,20 +143,27 @@
ssize_t
write_tun_afunix(struct tuntap *tt, uint8_t *buf, int len)
{
- int ret;
- pid_t pidret = waitpid(tt->afunix.childprocess, &ret, WNOHANG);
- if (pidret == tt->afunix.childprocess)
+ const char *msg = "ERROR: failure during write to AF_UNIX socket: ";
+ if (!openvpn_waitpid_check(tt->afunix.childprocess, msg, M_WARN))
{
- msg(M_INFO, "Child process PID %d for afunix dead? Return code: %d",
- tt->afunix.childprocess, ret);
+ tt->afunix.childprocess = 0;
return -ENXIO;
}
+
return write(tt->fd, buf, len);
}
ssize_t
read_tun_afunix(struct tuntap *tt, uint8_t *buf, int len)
{
+ const char *msg = "ERROR: failure during read from AF_UNIX socket: ";
+ if (!openvpn_waitpid_check(tt->afunix.childprocess, msg, M_WARN))
+ {
+ tt->afunix.childprocess = 0;
+ }
+ /* do an actual read on the file descriptor even in the error case since
+ * we otherwise loop on this on this from select and spam the console
+ * with error messages */
return read(tt->fd, buf, len);
}
#else /* ifndef WIN32 */
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/855?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I81cbecd19018290d85c6c77fba7769f040d66233
Gerrit-Change-Number: 855
Gerrit-PatchSet: 2
Gerrit-Owner: plaisthos <arne-open...@rfc2549.org>
Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com>
Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Gerrit-Attention: flichtenheld <fr...@lichtenheld.com>
Gerrit-MessageType: newpatchset
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
