Opened 13 years ago
Closed 11 years ago
#109 closed Bug / Defect (fixed)
Error not flushed to management interface during FATAL errors
Reported by: | crookies | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | Generic / unclassified | Version: | OpenVPN 2.1.0 / 2.1.1 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
When a FATAL error occurs, the management interface client is disconnected before whole messages have been sent on the socket.
Example:
Management interface output
1024 bit RSA >LOG:1301498789,I,[197176-app1.apro.talk2m.com_client] Peer Connection Initiated with 10.0.0.14:3128 >LOG:1301498790,,MANAGEMENT: >STATE:1301498790,GET_CONFIG,,, >STATE:1301498790,GET_CONFIG,,, >LOG:1301498792,,SENT CONTROL [197176-app1.apro.talk2m.com_client]: 'PUSH_REQUES T' (status=1) Connection to host lost.
Corresponding Log output
Wed Mar 30 17:26:29 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Mar 30 17:26:29 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Wed Mar 30 17:26:29 2011 [197176-app1.apro.talk2m.com_client] Peer Connection Initiated with 10.0.0.14:3128 Wed Mar 30 17:26:30 2011 MANAGEMENT: >STATE:1301498790,GET_CONFIG,,, Wed Mar 30 17:26:32 2011 SENT CONTROL [197176-app1.apro.talk2m.com_client]: 'PUSH_REQUEST' (status=1) Wed Mar 30 17:26:32 2011 PUSH: Received control message: 'PUSH_REPLY,ping 10,ping-exit 40,ifconfig 10.7.0.2 255.254.0.0' Wed Mar 30 17:26:32 2011 OPTIONS IMPORT: timers and/or timeouts modified Wed Mar 30 17:26:32 2011 OPTIONS IMPORT: --ifconfig/up options modified Wed Mar 30 17:26:32 2011 MANAGEMENT: Client disconnected Wed Mar 30 17:26:32 2011 There are no TAP-Win32 adapters on this system. You should be able to create a TAP-Win32 adapter by going to Start -> All Programs -> OpenVPN -> Add a new TAP-Win32 virtual ethernet adapter. Wed Mar 30 17:26:32 2011 Exiting
If we look at the manage.c file, the man_output_list_push_finalize function is called after the man_reset_client_socket is called
This was tested in 2.1.4 (the problem does not appear in 2.0.5)
Change History (2)
comment:1 Changed 13 years ago by
comment:2 Changed 11 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
This was fixed in James' SVN tree at revision 7587:
r7587 | james | 2011-09-03 02:49:45 +0300 (sab, 03 set 2011) | 7 lines Fixed management interface bug where >FATAL notifications were not being output properly because the management interface socket was being closed before the >FATAL notification could be transmitted. Version 2.1.14
Also, if we look at src/openvpn/manage.c, we see that the man_output_list_push_finalize function is called before the man_reset_client_socket function now. Closing this bug...
Can you please attach client and server configuration files which can be used for testing? If you use SSL key/certificates, please use those found in the source tree under ./sample-keys/
Further can you explain exactly how this FATAL error is triggered?