Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
Am 14.07.20 um 14:32 schrieb Antonio Quartulli: > can we please add a variable for the index and make all these long lines > saner? Now they are really ugly: > > int idx = defer_state->cur_handler_index; > while (cc_succeeded >&& client_connect_handlers[idx].main != NULL) > > and also the lines in the loop itself. we can but we need to do add defer_state->cur_handler_index = idx; in that case so the idx is saved for the next time the function is called from a deferred context. Or you make it int* idx and do client_connect_handlers[*idx] Arne signature.asc Description: OpenPGP digital signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
Hi,
On 11/07/2020 11:36, Arne Schwabe wrote:
> From: Fabian Knittel
>
> This patch moves the state, that was previously tracked within the
> multi_connection_established() function, into struct client_connect_state.
> The
> multi_connection_established() function can now be exited and re-entered as
> many times as necessary - without losing the client-connect handling state.
>
> The patch also adds the new return value CC_RET_DEFERRED which indicates that
> the handler couldn't complete immediately, and needs to be called later. At
> that point multi_connection_established() will exit without indicating
> completion.
>
> Each client-connect handler now has an (optional) additional call-back: The
> call-back for handling the deferred case. If the main call-back returns
> CC_RET_DEFERRED, the next call to the handler will be through the deferred
> call-back.
>
> Signed-off-by: Fabian Knittel
>
> Patch V3: Use a static struct in multi_instance instead of using
> malloc/free and use two states (deffered with and without
> result) instead of one to eliminate the counter that was
> only tested for > 0.
>
> Patch V5: Use new states in context_auth instead of the extra state
> that the patch series previously used.
>
> Signed-off-by: Arne Schwabe
> ---
> src/openvpn/multi.c | 171 +++---
> src/openvpn/multi.h | 15 +++-
> src/openvpn/openvpn.h | 9 +++
> 3 files changed, 150 insertions(+), 45 deletions(-)
>
> diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
> index f9b8af80..ce73f8a1 100644
> --- a/src/openvpn/multi.c
> +++ b/src/openvpn/multi.c
> @@ -2218,32 +2218,51 @@ multi_client_connect_source_ccd(struct multi_context
> *m,
> return ret;
> }
>
> -static inline bool
> -cc_check_return(int *cc_succeeded_count,
> -enum client_connect_return ret)
> +typedef enum client_connect_return (*multi_client_connect_handler)
> +(struct multi_context *m, struct multi_instance *mi,
> +unsigned int *option_types_found);
> +
> +struct client_connect_handlers
> +{
> +multi_client_connect_handler main;
> +multi_client_connect_handler deferred;
> +};
> +
> +static enum client_connect_return
> +multi_client_connect_fail(struct multi_context *m, struct multi_instance *mi,
> + unsigned int *option_types_found)
> {
> -if (ret == CC_RET_SUCCEEDED)
> +/* Called null call-back. This should never happen. */
> +return CC_RET_FAILED;
> +}
> +
> +static const struct client_connect_handlers client_connect_handlers[] = {
> {
> -(*cc_succeeded_count)++;
> -return true;
> -}
> -else if (ret == CC_RET_FAILED)
> +.main = multi_client_connect_source_ccd,
> +.deferred = multi_client_connect_fail
> +},
> {
> -return false;
> -}
> -else if (ret == CC_RET_SKIPPED)
> +.main = multi_client_connect_call_plugin_v1,
> +.deferred = multi_client_connect_fail
> +},
> {
> -return true;
> -}
> -else
> +.main = multi_client_connect_call_plugin_v2,
> +.deferred = multi_client_connect_fail
> +},
> +{
> +.main = multi_client_connect_call_script,
> +.deferred = multi_client_connect_fail
> +},
> {
> -ASSERT(0);
> +.main = multi_client_connect_mda,
> +.deferred = multi_client_connect_fail
> +},
> +{
> +.main = NULL,
> +.deferred = NULL
> +/* End of list sentinel. */
> }
> -}
> -
> -typedef enum client_connect_return (*multi_client_connect_handler)
> -(struct multi_context *m, struct multi_instance *mi,
> - unsigned int *option_types_found);
> +};
>
> /*
> * Called as soon as the SSL/TLS connection is authenticated.
> @@ -2273,27 +2292,83 @@ multi_connection_established(struct multi_context *m,
> struct multi_instance *mi)
> return;
> }
>
> -multi_client_connect_handler handlers[] = {
> -multi_client_connect_source_ccd,
> -multi_client_connect_call_plugin_v1,
> -multi_client_connect_call_plugin_v2,
> -multi_client_connect_call_script,
> -multi_client_connect_mda,
> -NULL
> -};
> -
> -unsigned int option_types_found = 0;
> +/* We are only called for the CAS_PENDING_x states, so we
> + * can ignore other states here */
> +bool from_deferred = (mi->context.c2.context_auth != CAS_PENDING);
>
> -int cc_succeeded = true; /* client connect script status */
> -int cc_succeeded_count = 0;
> enum client_connect_return ret;
>
> -multi_client_connect_early_setup(m, mi);
> +struct client_connect_defer_state *defer_state =
> +&(mi->client_connect_defer_state);
>
> -for (int i = 0; cc_succeeded && handlers[i]; i++)
> +/* We are called for the first time */
> +if (!from_deferred)
> {
>
Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
Hi, On Sat, Jul 11, 2020 at 11:36:49AM +0200, Arne Schwabe wrote: > From: Fabian Knittel > > This patch moves the state, that was previously tracked within the > multi_connection_established() function, into struct client_connect_state. > The > multi_connection_established() function can now be exited and re-entered as > many times as necessary - without losing the client-connect handling state. [..] Server side test succeeded... 23... Test sets succeeded: none. Test sets failed: 1 1a 1b 1d 2 2a 2b 2c 2d 3 4 5 6 8 8a 9. 24... Test sets succeeded: 1 1a 1b 1c 1d 1e 2 2a 2b 2c 2d 2e 3 4 4a 5 6 8 8a 9. Test sets failed: none. master... Test sets succeeded: 1 1a 1b 1c 1d 1e 2 2a 2b 2c 2d 2e 3 4 5 6 7 7a 8 8a 9 2f 4b. Test sets failed: none. Didn't look too closely at the patch yet. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
1x typo + 1x gram (in comments)
On 11/07/2020 10:36, Arne Schwabe wrote:
From: Fabian Knittel
This patch moves the state, that was previously tracked within the
multi_connection_established() function, into struct client_connect_state. The
multi_connection_established() function can now be exited and re-entered as
many times as necessary - without losing the client-connect handling state.
The patch also adds the new return value CC_RET_DEFERRED which indicates that
the handler couldn't complete immediately, and needs to be called later. At
that point multi_connection_established() will exit without indicating
completion.
Each client-connect handler now has an (optional) additional call-back: The
call-back for handling the deferred case. If the main call-back returns
CC_RET_DEFERRED, the next call to the handler will be through the deferred
call-back.
Signed-off-by: Fabian Knittel
Patch V3: Use a static struct in multi_instance instead of using
malloc/free and use two states (deffered with and without
deffered -> deferred
result) instead of one to eliminate the counter that was
only tested for > 0.
Patch V5: Use new states in context_auth instead of the extra state
that the patch series previously used.
Signed-off-by: Arne Schwabe
---
src/openvpn/multi.c | 171 +++---
src/openvpn/multi.h | 15 +++-
src/openvpn/openvpn.h | 9 +++
3 files changed, 150 insertions(+), 45 deletions(-)
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index f9b8af80..ce73f8a1 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -2218,32 +2218,51 @@ multi_client_connect_source_ccd(struct multi_context *m,
return ret;
}
-static inline bool
-cc_check_return(int *cc_succeeded_count,
-enum client_connect_return ret)
+typedef enum client_connect_return (*multi_client_connect_handler)
+(struct multi_context *m, struct multi_instance *mi,
+unsigned int *option_types_found);
+
+struct client_connect_handlers
+{
+multi_client_connect_handler main;
+multi_client_connect_handler deferred;
+};
+
+static enum client_connect_return
+multi_client_connect_fail(struct multi_context *m, struct multi_instance *mi,
+ unsigned int *option_types_found)
{
-if (ret == CC_RET_SUCCEEDED)
+/* Called null call-back. This should never happen. */
+return CC_RET_FAILED;
+}
+
+static const struct client_connect_handlers client_connect_handlers[] = {
{
-(*cc_succeeded_count)++;
-return true;
-}
-else if (ret == CC_RET_FAILED)
+.main = multi_client_connect_source_ccd,
+.deferred = multi_client_connect_fail
+},
{
-return false;
-}
-else if (ret == CC_RET_SKIPPED)
+.main = multi_client_connect_call_plugin_v1,
+.deferred = multi_client_connect_fail
+},
{
-return true;
-}
-else
+.main = multi_client_connect_call_plugin_v2,
+.deferred = multi_client_connect_fail
+},
+{
+.main = multi_client_connect_call_script,
+.deferred = multi_client_connect_fail
+},
{
-ASSERT(0);
+.main = multi_client_connect_mda,
+.deferred = multi_client_connect_fail
+},
+{
+.main = NULL,
+.deferred = NULL
+/* End of list sentinel. */
}
-}
-
-typedef enum client_connect_return (*multi_client_connect_handler)
-(struct multi_context *m, struct multi_instance *mi,
- unsigned int *option_types_found);
+};
/*
* Called as soon as the SSL/TLS connection is authenticated.
@@ -2273,27 +2292,83 @@ multi_connection_established(struct multi_context *m,
struct multi_instance *mi)
return;
}
-multi_client_connect_handler handlers[] = {
-multi_client_connect_source_ccd,
-multi_client_connect_call_plugin_v1,
-multi_client_connect_call_plugin_v2,
-multi_client_connect_call_script,
-multi_client_connect_mda,
-NULL
-};
-
-unsigned int option_types_found = 0;
+/* We are only called for the CAS_PENDING_x states, so we
+ * can ignore other states here */
+bool from_deferred = (mi->context.c2.context_auth != CAS_PENDING);
-int cc_succeeded = true; /* client connect script status */
-int cc_succeeded_count = 0;
enum client_connect_return ret;
-multi_client_connect_early_setup(m, mi);
+struct client_connect_defer_state *defer_state =
+&(mi->client_connect_defer_state);
-for (int i = 0; cc_succeeded && handlers[i]; i++)
+/* We are called for the first time */
+if (!from_deferred)
{
-ret = handlers[i](m, mi, &option_types_found);
-cc_succeeded = cc_check_return(&cc_succeeded_count, ret);
+defer_state->cur_handler_index = 0;
+defer_state->option_ty
[Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
From: Fabian Knittel
This patch moves the state, that was previously tracked within the
multi_connection_established() function, into struct client_connect_state. The
multi_connection_established() function can now be exited and re-entered as
many times as necessary - without losing the client-connect handling state.
The patch also adds the new return value CC_RET_DEFERRED which indicates that
the handler couldn't complete immediately, and needs to be called later. At
that point multi_connection_established() will exit without indicating
completion.
Each client-connect handler now has an (optional) additional call-back: The
call-back for handling the deferred case. If the main call-back returns
CC_RET_DEFERRED, the next call to the handler will be through the deferred
call-back.
Signed-off-by: Fabian Knittel
Patch V3: Use a static struct in multi_instance instead of using
malloc/free and use two states (deffered with and without
result) instead of one to eliminate the counter that was
only tested for > 0.
Patch V5: Use new states in context_auth instead of the extra state
that the patch series previously used.
Signed-off-by: Arne Schwabe
---
src/openvpn/multi.c | 171 +++---
src/openvpn/multi.h | 15 +++-
src/openvpn/openvpn.h | 9 +++
3 files changed, 150 insertions(+), 45 deletions(-)
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index f9b8af80..ce73f8a1 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -2218,32 +2218,51 @@ multi_client_connect_source_ccd(struct multi_context *m,
return ret;
}
-static inline bool
-cc_check_return(int *cc_succeeded_count,
-enum client_connect_return ret)
+typedef enum client_connect_return (*multi_client_connect_handler)
+(struct multi_context *m, struct multi_instance *mi,
+unsigned int *option_types_found);
+
+struct client_connect_handlers
+{
+multi_client_connect_handler main;
+multi_client_connect_handler deferred;
+};
+
+static enum client_connect_return
+multi_client_connect_fail(struct multi_context *m, struct multi_instance *mi,
+ unsigned int *option_types_found)
{
-if (ret == CC_RET_SUCCEEDED)
+/* Called null call-back. This should never happen. */
+return CC_RET_FAILED;
+}
+
+static const struct client_connect_handlers client_connect_handlers[] = {
{
-(*cc_succeeded_count)++;
-return true;
-}
-else if (ret == CC_RET_FAILED)
+.main = multi_client_connect_source_ccd,
+.deferred = multi_client_connect_fail
+},
{
-return false;
-}
-else if (ret == CC_RET_SKIPPED)
+.main = multi_client_connect_call_plugin_v1,
+.deferred = multi_client_connect_fail
+},
{
-return true;
-}
-else
+.main = multi_client_connect_call_plugin_v2,
+.deferred = multi_client_connect_fail
+},
+{
+.main = multi_client_connect_call_script,
+.deferred = multi_client_connect_fail
+},
{
-ASSERT(0);
+.main = multi_client_connect_mda,
+.deferred = multi_client_connect_fail
+},
+{
+.main = NULL,
+.deferred = NULL
+/* End of list sentinel. */
}
-}
-
-typedef enum client_connect_return (*multi_client_connect_handler)
-(struct multi_context *m, struct multi_instance *mi,
- unsigned int *option_types_found);
+};
/*
* Called as soon as the SSL/TLS connection is authenticated.
@@ -2273,27 +2292,83 @@ multi_connection_established(struct multi_context *m,
struct multi_instance *mi)
return;
}
-multi_client_connect_handler handlers[] = {
-multi_client_connect_source_ccd,
-multi_client_connect_call_plugin_v1,
-multi_client_connect_call_plugin_v2,
-multi_client_connect_call_script,
-multi_client_connect_mda,
-NULL
-};
-
-unsigned int option_types_found = 0;
+/* We are only called for the CAS_PENDING_x states, so we
+ * can ignore other states here */
+bool from_deferred = (mi->context.c2.context_auth != CAS_PENDING);
-int cc_succeeded = true; /* client connect script status */
-int cc_succeeded_count = 0;
enum client_connect_return ret;
-multi_client_connect_early_setup(m, mi);
+struct client_connect_defer_state *defer_state =
+&(mi->client_connect_defer_state);
-for (int i = 0; cc_succeeded && handlers[i]; i++)
+/* We are called for the first time */
+if (!from_deferred)
{
-ret = handlers[i](m, mi, &option_types_found);
-cc_succeeded = cc_check_return(&cc_succeeded_count, ret);
+defer_state->cur_handler_index = 0;
+defer_state->option_types_found = 0;
+/* Initially we have no handler that has returned a result */
+mi->context.c2.context_auth = CAS_PENDING
