[Openvpn-users] connecting to management interface from client-connect script?

[Aleksandar Ivanisevic]

Hi,

are there any restrictions on contacting the management interface from a 
client-connect script?

tried everything i can think of: telnet, nc, socat, even curl, but although 
everything works when calling the script from the command line, nothing comes 
back from it when called from the server itself calls it, even ran an strace, 
it connects and then just nothing comes back

connect(3, {sa_family=AF_INET, sin_port=htons(5001), 
sin_addr=inet_addr("127.0.0.1")}, 16) = -1 EINPROGRESS (Operation now in 
progress)
poll([{fd=3, events=POLLOUT|POLLWRNORM}], 1, 0) = 1 ([{fd=3, 
revents=POLLOUT|POLLWRNORM}])
getsockopt(3, SOL_SOCKET, SO_ERROR, [0], [4]) = 0
getpeername(3, {sa_family=AF_INET, sin_port=htons(5001), 
sin_addr=inet_addr("127.0.0.1")}, [128->16]) = 0
getsockname(3, {sa_family=AF_INET, sin_port=htons(55836), 
sin_addr=inet_addr("127.0.0.1")}, [128->16]) = 0
poll([{fd=3, events=POLLIN}], 1, 100)   = 0 (Timeout)
read(0, "status 3\n", 102400)           = 9
poll([{fd=3, events=POLLOUT}], 1, -1)   = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "status 3\n", 9, MSG_NOSIGNAL, NULL, 0) = 9
poll([{fd=3, events=POLLIN}], 1, 100)   = 0 (Timeout)
read(0, "", 102400)                     = 0
poll([{fd=3, events=POLLIN}], 1, 100)   = 0 (Timeout)
read(0, "", 102400)                     = 0
poll([{fd=3, events=POLLIN}], 1, 100)   = 0 (Timeout)
read(0, "", 102400)                     = 0
poll([{fd=3, events=POLLIN}], 1, 100)   = 0 (Timeout)
read(0, "", 102400)                     = 0
close(3)                                = 0

any hints?

$ /usr/sbin/openvpn --version
OpenVPN 2.4.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] 
[MH/PKTINFO] [AEAD] built on Apr 21 2020
library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2018 OpenVPN Inc <sa...@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no 
enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes 
enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown 
enable_dlopen_self=unknown enable_dlopen_self_static=unknown 
enable_fast_install=needless enable_fragment=yes enable_iproute2=yes 
enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no 
enable_management=yes enable_multihome=yes enable_pam_dlopen=no 
enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes 
enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes 
enable_selinux=no enable_server=yes enable_shared=yes 
enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no 
enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes 
enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes 
with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes 
with_mem_check=no with_sysroot=no
support@qbs01:~/config/vpn$ cat /etc/debian_version
10.8

_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users