From patchwork Tue Dec 6 10:01:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 6283 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4NRGD24hCSz3xkh for ; Tue, 6 Dec 2022 10:01:54 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4NRGCz1tXKzt7; Tue, 6 Dec 2022 10:01:51 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4NRGCy3xzFz30CP; Tue, 6 Dec 2022 10:01:50 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4NRGCx5TRkz2yTC for ; Tue, 6 Dec 2022 10:01:49 +0000 (UTC) Received: from michael.haj.ipfire.org (michael.haj.ipfire.org [172.28.1.242]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "michael.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4NRGCw1HjDzQT; Tue, 6 Dec 2022 10:01:48 +0000 (UTC) Received: by michael.haj.ipfire.org (Postfix, from userid 0) id 4NRGCv65kkzTjrj; Tue, 6 Dec 2022 10:01:47 +0000 (UTC) From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 1/3] openvpn-authenticator: Avoid infinite loop when losing socket connection Date: Tue, 6 Dec 2022 10:01:42 +0000 Message-Id: <20221206100144.4150532-1-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael Tremer Errors-To: development-bounces@lists.ipfire.org Sender: "Development" This patch will gracefully terminate the daemon when it loses its connection to the OpenVPN daemon. Fixes: #12963 Signed-off-by: Michael Tremer Tested-by: Adolf Belka --- config/ovpn/openvpn-authenticator | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/config/ovpn/openvpn-authenticator b/config/ovpn/openvpn-authenticator index 65844012b..5d9348d7e 100644 --- a/config/ovpn/openvpn-authenticator +++ b/config/ovpn/openvpn-authenticator @@ -116,11 +116,16 @@ class OpenVPNAuthenticator(object): log.info("OpenVPN Authenticator started") - while True: - line = self._read_line() + try: + while True: + line = self._read_line() - if line.startswith(">CLIENT"): - self._client_event(line) + if line.startswith(">CLIENT"): + self._client_event(line) + + # Terminate the daemon when it loses its connection to the OpenVPN daemon + except ConnectionResetError as e: + log.error("Connection to OpenVPN has been lost: %s" % e) log.info("OpenVPN Authenticator terminated") @@ -269,7 +274,7 @@ class OpenVPNAuthenticator(object): @staticmethod def _b64decode(s): return base64.b64decode(s.encode()).decode() - + @staticmethod def _escape(s): return s.replace(" ", "\ ")