git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Selva Nair <selva.nair@gmail.com>
	Sat, 28 Jan 2023 21:59:00 +0000 (16:59 -0500)
committer	Gert Doering <gert@greenie.muc.de>
	Fri, 21 Jul 2023 20:29:57 +0000 (22:29 +0200)
commit	3abfc0fb5ea522fb5fc45fddbf35c3cc5c8e9ef1
tree	ed3dbab7d1b3e4179c63707f1e827195e71c1abb	tree
parent	64352467845e7a972a8073d35d41450eea24b905	commit \| diff

Improve signal handling using POSIX sigaction

Currently we use the old signal API which follows system-V or
BSD semantics depending on the platform and/or feature-set macros.
Further, signal has many weaknesses which makes proper masking
(deferring) of signals during update not possible.

Improve this:

- Use sigaction to properly mask signals when modifying.

Notes:

Updating signal_reset() is handled in a follow up patch

SIG_SOURCE_CONNECTION_FAILED is retained in a hackish way. This value
has the same meaning as SIG_SOURCE_SOFT everywhere except where the
signal is printed. Looks cosmetic --- could be eliminated?

In pre_init_signal_catch() we ignore some unix signals, but the same
signals from management are not ignored though both are treated as "HARD"
signals. For example, during auth-user-pass query, "kill -SIGUSR1 <pid>"
will be ignored, but "signal SIGUSR1" from management interface will
cause M_FATAL and exit. This is the current behaviour, but could be improved?

This patch was originally submitted as 5/5 of the signals series. Now this
is 1/2 of a new series with signal_reset changes moved to 2/2

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230128215901.2207208-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26087.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/errlevel.h		diff \| blob \| blame \| history
src/openvpn/sig.c		diff \| blob \| blame \| history
src/openvpn/socket.c		diff \| blob \| blame \| history