Opened 13 years ago
Closed 12 years ago
#100 closed Bug / Defect (notabug)
UDP sockets do not have the close on exec flag
Reported by: | NickHibma | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | Networking | Version: | OpenVPN 2.0.x (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
UDP sockets do not have the close on exec flag set (Dunno about TCP sockets). The flag is set, but too late.
I execute ntpdate in route-up script and it inherits the 1194 UDP port from openvpn. This is a major problem, as I first do ntpdate, then start the ntpd daemon (which also inherits port 1194) and openvpn fails to start afterwards.
Adding route-delay 1 to the config resolves the issue by delaying the route-up script until after do_init_socket_2() which sets the close-on-exec flag.
I think the close on exec flag should be set on all sockets right after the call to socket() or accept(), not much later.
Example where it goes wrong:
# /usr/local/etc/rc.d/openvpn start Starting openvpn. # sockstat | grep 94 root ntpdate 8019 5 udp4 *:1194 *:* root openvpn 8010 5 udp4 *:1194 *:* root sh 8009 5 udp4 *:1194 *:* ...
Change History (2)
comment:1 Changed 13 years ago by
comment:2 Changed 12 years ago by
Resolution: | → notabug |
---|---|
Status: | new → closed |
Closing due to lack of response.
Can you please try to reproduce this issue on the latest 2.2.0 release? We will not do any more development on the 2.0.x branch. But will take care of bugs in 2.2.x and newer versions.