Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
Am 14.07.20 um 14:32 schrieb Antonio Quartulli: > can we please add a variable for the index and make all these long lines > saner? Now they are really ugly: > > int idx = defer_state->cur_handler_index; > while (cc_succeeded >&& client_connect_handlers[idx].main != NULL) > > and also the lines in the loop itself. we can but we need to do add defer_state->cur_handler_index = idx; in that case so the idx is saved for the next time the function is called from a deferred context. Or you make it int* idx and do client_connect_handlers[*idx] Arne signature.asc Description: OpenPGP digital signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > From: Fabian Knittel > > This patch moves the state, that was previously tracked within the > multi_connection_established() function, into struct client_connect_state. > The > multi_connection_established() function can now be exited and re-entered as > many times as necessary - without losing the client-connect handling state. > > The patch also adds the new return value CC_RET_DEFERRED which indicates that > the handler couldn't complete immediately, and needs to be called later. At > that point multi_connection_established() will exit without indicating > completion. > > Each client-connect handler now has an (optional) additional call-back: The > call-back for handling the deferred case. If the main call-back returns > CC_RET_DEFERRED, the next call to the handler will be through the deferred > call-back. > > Signed-off-by: Fabian Knittel > > Patch V3: Use a static struct in multi_instance instead of using > malloc/free and use two states (deffered with and without > result) instead of one to eliminate the counter that was > only tested for > 0. > > Patch V5: Use new states in context_auth instead of the extra state > that the patch series previously used. > > Signed-off-by: Arne Schwabe > --- > src/openvpn/multi.c | 171 +++--- > src/openvpn/multi.h | 15 +++- > src/openvpn/openvpn.h | 9 +++ > 3 files changed, 150 insertions(+), 45 deletions(-) > > diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c > index f9b8af80..ce73f8a1 100644 > --- a/src/openvpn/multi.c > +++ b/src/openvpn/multi.c > @@ -2218,32 +2218,51 @@ multi_client_connect_source_ccd(struct multi_context > *m, > return ret; > } > > -static inline bool > -cc_check_return(int *cc_succeeded_count, > -enum client_connect_return ret) > +typedef enum client_connect_return (*multi_client_connect_handler) > +(struct multi_context *m, struct multi_instance *mi, > +unsigned int *option_types_found); > + > +struct client_connect_handlers > +{ > +multi_client_connect_handler main; > +multi_client_connect_handler deferred; > +}; > + > +static enum client_connect_return > +multi_client_connect_fail(struct multi_context *m, struct multi_instance *mi, > + unsigned int *option_types_found) > { > -if (ret == CC_RET_SUCCEEDED) > +/* Called null call-back. This should never happen. */ > +return CC_RET_FAILED; > +} > + > +static const struct client_connect_handlers client_connect_handlers[] = { > { > -(*cc_succeeded_count)++; > -return true; > -} > -else if (ret == CC_RET_FAILED) > +.main = multi_client_connect_source_ccd, > +.deferred = multi_client_connect_fail > +}, > { > -return false; > -} > -else if (ret == CC_RET_SKIPPED) > +.main = multi_client_connect_call_plugin_v1, > +.deferred = multi_client_connect_fail > +}, > { > -return true; > -} > -else > +.main = multi_client_connect_call_plugin_v2, > +.deferred = multi_client_connect_fail > +}, > +{ > +.main = multi_client_connect_call_script, > +.deferred = multi_client_connect_fail > +}, > { > -ASSERT(0); > +.main = multi_client_connect_mda, > +.deferred = multi_client_connect_fail > +}, > +{ > +.main = NULL, > +.deferred = NULL > +/* End of list sentinel. */ > } > -} > - > -typedef enum client_connect_return (*multi_client_connect_handler) > -(struct multi_context *m, struct multi_instance *mi, > - unsigned int *option_types_found); > +}; > > /* > * Called as soon as the SSL/TLS connection is authenticated. > @@ -2273,27 +2292,83 @@ multi_connection_established(struct multi_context *m, > struct multi_instance *mi) > return; > } > > -multi_client_connect_handler handlers[] = { > -multi_client_connect_source_ccd, > -multi_client_connect_call_plugin_v1, > -multi_client_connect_call_plugin_v2, > -multi_client_connect_call_script, > -multi_client_connect_mda, > -NULL > -}; > - > -unsigned int option_types_found = 0; > +/* We are only called for the CAS_PENDING_x states, so we > + * can ignore other states here */ > +bool from_deferred = (mi->context.c2.context_auth != CAS_PENDING); > > -int cc_succeeded = true; /* client connect script status */ > -int cc_succeeded_count = 0; > enum client_connect_return ret; > > -multi_client_connect_early_setup(m, mi); > +struct client_connect_defer_state *defer_state = > +&(mi->client_connect_defer_state); > > -for (int i = 0; cc_succeeded && handlers[i]; i++) > +/* We are called for the first time */ > +if (!from_deferred) > { >
Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
Hi, On Sat, Jul 11, 2020 at 11:36:49AM +0200, Arne Schwabe wrote: > From: Fabian Knittel > > This patch moves the state, that was previously tracked within the > multi_connection_established() function, into struct client_connect_state. > The > multi_connection_established() function can now be exited and re-entered as > many times as necessary - without losing the client-connect handling state. [..] Server side test succeeded... 23... Test sets succeeded: none. Test sets failed: 1 1a 1b 1d 2 2a 2b 2c 2d 3 4 5 6 8 8a 9. 24... Test sets succeeded: 1 1a 1b 1c 1d 1e 2 2a 2b 2c 2d 2e 3 4 4a 5 6 8 8a 9. Test sets failed: none. master... Test sets succeeded: 1 1a 1b 1c 1d 1e 2 2a 2b 2c 2d 2e 3 4 5 6 7 7a 8 8a 9 2f 4b. Test sets failed: none. Didn't look too closely at the patch yet. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
1x typo + 1x gram (in comments) On 11/07/2020 10:36, Arne Schwabe wrote: From: Fabian Knittel This patch moves the state, that was previously tracked within the multi_connection_established() function, into struct client_connect_state. The multi_connection_established() function can now be exited and re-entered as many times as necessary - without losing the client-connect handling state. The patch also adds the new return value CC_RET_DEFERRED which indicates that the handler couldn't complete immediately, and needs to be called later. At that point multi_connection_established() will exit without indicating completion. Each client-connect handler now has an (optional) additional call-back: The call-back for handling the deferred case. If the main call-back returns CC_RET_DEFERRED, the next call to the handler will be through the deferred call-back. Signed-off-by: Fabian Knittel Patch V3: Use a static struct in multi_instance instead of using malloc/free and use two states (deffered with and without deffered -> deferred result) instead of one to eliminate the counter that was only tested for > 0. Patch V5: Use new states in context_auth instead of the extra state that the patch series previously used. Signed-off-by: Arne Schwabe --- src/openvpn/multi.c | 171 +++--- src/openvpn/multi.h | 15 +++- src/openvpn/openvpn.h | 9 +++ 3 files changed, 150 insertions(+), 45 deletions(-) diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index f9b8af80..ce73f8a1 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -2218,32 +2218,51 @@ multi_client_connect_source_ccd(struct multi_context *m, return ret; } -static inline bool -cc_check_return(int *cc_succeeded_count, -enum client_connect_return ret) +typedef enum client_connect_return (*multi_client_connect_handler) +(struct multi_context *m, struct multi_instance *mi, +unsigned int *option_types_found); + +struct client_connect_handlers +{ +multi_client_connect_handler main; +multi_client_connect_handler deferred; +}; + +static enum client_connect_return +multi_client_connect_fail(struct multi_context *m, struct multi_instance *mi, + unsigned int *option_types_found) { -if (ret == CC_RET_SUCCEEDED) +/* Called null call-back. This should never happen. */ +return CC_RET_FAILED; +} + +static const struct client_connect_handlers client_connect_handlers[] = { { -(*cc_succeeded_count)++; -return true; -} -else if (ret == CC_RET_FAILED) +.main = multi_client_connect_source_ccd, +.deferred = multi_client_connect_fail +}, { -return false; -} -else if (ret == CC_RET_SKIPPED) +.main = multi_client_connect_call_plugin_v1, +.deferred = multi_client_connect_fail +}, { -return true; -} -else +.main = multi_client_connect_call_plugin_v2, +.deferred = multi_client_connect_fail +}, +{ +.main = multi_client_connect_call_script, +.deferred = multi_client_connect_fail +}, { -ASSERT(0); +.main = multi_client_connect_mda, +.deferred = multi_client_connect_fail +}, +{ +.main = NULL, +.deferred = NULL +/* End of list sentinel. */ } -} - -typedef enum client_connect_return (*multi_client_connect_handler) -(struct multi_context *m, struct multi_instance *mi, - unsigned int *option_types_found); +}; /* * Called as soon as the SSL/TLS connection is authenticated. @@ -2273,27 +2292,83 @@ multi_connection_established(struct multi_context *m, struct multi_instance *mi) return; } -multi_client_connect_handler handlers[] = { -multi_client_connect_source_ccd, -multi_client_connect_call_plugin_v1, -multi_client_connect_call_plugin_v2, -multi_client_connect_call_script, -multi_client_connect_mda, -NULL -}; - -unsigned int option_types_found = 0; +/* We are only called for the CAS_PENDING_x states, so we + * can ignore other states here */ +bool from_deferred = (mi->context.c2.context_auth != CAS_PENDING); -int cc_succeeded = true; /* client connect script status */ -int cc_succeeded_count = 0; enum client_connect_return ret; -multi_client_connect_early_setup(m, mi); +struct client_connect_defer_state *defer_state = +&(mi->client_connect_defer_state); -for (int i = 0; cc_succeeded && handlers[i]; i++) +/* We are called for the first time */ +if (!from_deferred) { -ret = handlers[i](m, mi, &option_types_found); -cc_succeeded = cc_check_return(&cc_succeeded_count, ret); +defer_state->cur_handler_index = 0; +defer_state->option_ty
[Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
From: Fabian Knittel This patch moves the state, that was previously tracked within the multi_connection_established() function, into struct client_connect_state. The multi_connection_established() function can now be exited and re-entered as many times as necessary - without losing the client-connect handling state. The patch also adds the new return value CC_RET_DEFERRED which indicates that the handler couldn't complete immediately, and needs to be called later. At that point multi_connection_established() will exit without indicating completion. Each client-connect handler now has an (optional) additional call-back: The call-back for handling the deferred case. If the main call-back returns CC_RET_DEFERRED, the next call to the handler will be through the deferred call-back. Signed-off-by: Fabian Knittel Patch V3: Use a static struct in multi_instance instead of using malloc/free and use two states (deffered with and without result) instead of one to eliminate the counter that was only tested for > 0. Patch V5: Use new states in context_auth instead of the extra state that the patch series previously used. Signed-off-by: Arne Schwabe --- src/openvpn/multi.c | 171 +++--- src/openvpn/multi.h | 15 +++- src/openvpn/openvpn.h | 9 +++ 3 files changed, 150 insertions(+), 45 deletions(-) diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index f9b8af80..ce73f8a1 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -2218,32 +2218,51 @@ multi_client_connect_source_ccd(struct multi_context *m, return ret; } -static inline bool -cc_check_return(int *cc_succeeded_count, -enum client_connect_return ret) +typedef enum client_connect_return (*multi_client_connect_handler) +(struct multi_context *m, struct multi_instance *mi, +unsigned int *option_types_found); + +struct client_connect_handlers +{ +multi_client_connect_handler main; +multi_client_connect_handler deferred; +}; + +static enum client_connect_return +multi_client_connect_fail(struct multi_context *m, struct multi_instance *mi, + unsigned int *option_types_found) { -if (ret == CC_RET_SUCCEEDED) +/* Called null call-back. This should never happen. */ +return CC_RET_FAILED; +} + +static const struct client_connect_handlers client_connect_handlers[] = { { -(*cc_succeeded_count)++; -return true; -} -else if (ret == CC_RET_FAILED) +.main = multi_client_connect_source_ccd, +.deferred = multi_client_connect_fail +}, { -return false; -} -else if (ret == CC_RET_SKIPPED) +.main = multi_client_connect_call_plugin_v1, +.deferred = multi_client_connect_fail +}, { -return true; -} -else +.main = multi_client_connect_call_plugin_v2, +.deferred = multi_client_connect_fail +}, +{ +.main = multi_client_connect_call_script, +.deferred = multi_client_connect_fail +}, { -ASSERT(0); +.main = multi_client_connect_mda, +.deferred = multi_client_connect_fail +}, +{ +.main = NULL, +.deferred = NULL +/* End of list sentinel. */ } -} - -typedef enum client_connect_return (*multi_client_connect_handler) -(struct multi_context *m, struct multi_instance *mi, - unsigned int *option_types_found); +}; /* * Called as soon as the SSL/TLS connection is authenticated. @@ -2273,27 +2292,83 @@ multi_connection_established(struct multi_context *m, struct multi_instance *mi) return; } -multi_client_connect_handler handlers[] = { -multi_client_connect_source_ccd, -multi_client_connect_call_plugin_v1, -multi_client_connect_call_plugin_v2, -multi_client_connect_call_script, -multi_client_connect_mda, -NULL -}; - -unsigned int option_types_found = 0; +/* We are only called for the CAS_PENDING_x states, so we + * can ignore other states here */ +bool from_deferred = (mi->context.c2.context_auth != CAS_PENDING); -int cc_succeeded = true; /* client connect script status */ -int cc_succeeded_count = 0; enum client_connect_return ret; -multi_client_connect_early_setup(m, mi); +struct client_connect_defer_state *defer_state = +&(mi->client_connect_defer_state); -for (int i = 0; cc_succeeded && handlers[i]; i++) +/* We are called for the first time */ +if (!from_deferred) { -ret = handlers[i](m, mi, &option_types_found); -cc_succeeded = cc_check_return(&cc_succeeded_count, ret); +defer_state->cur_handler_index = 0; +defer_state->option_types_found = 0; +/* Initially we have no handler that has returned a result */ +mi->context.c2.context_auth = CAS_PENDING