From: Heiko Hund Date: Fri, 11 Jul 2025 10:07:00 +0000 (+0200) Subject: mac dns: do not run dns-updown in parallel X-Git-Tag: v2.7_alpha3~34 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bc2c74291b8fce3f7a64346753d56f18cd182886;p=thirdparty%2Fopenvpn.git mac dns: do not run dns-updown in parallel In case more than one openvpn connection is coming up or going down at the same time, there is potential for breakage, since the operations performed are not atomic. Introduce a locking mechanism, which let's scripts run in sequence, to prevent races between them. Change-Id: I7adfaa08df6a17545cca8264d7230b5e65e49719 Signed-off-by: Heiko Hund Acked-by: Arne Schwabe Message-Id: <20250711100700.241668-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32108.html Signed-off-by: Gert Doering --- diff --git a/distro/dns-scripts/macos-dns-updown.sh b/distro/dns-scripts/macos-dns-updown.sh index 73bbee95..fb17b2b0 100644 --- a/distro/dns-scripts/macos-dns-updown.sh +++ b/distro/dns-scripts/macos-dns-updown.sh @@ -26,6 +26,23 @@ # dns_server_1_sni dns.mycorp.in # +lockdir=/var/lock +if [ ! -d "${lockdir}" ]; then + /bin/mkdir "${lockdir}" + /bin/chmod 1777 "${lockdir}" +fi + +i=1 +lockfile="${lockdir}/openvpn-dns-updown.lock" +while ! /usr/bin/shlock -f $lockfile -p $$; do + if [ $((++i)) -gt 10 ]; then + echo "dns-updown failed, could not acquire lock" + exit 1 + fi + sleep 0.2 +done +trap "/bin/rm -f ${lockfile}" EXIT + [ -z "${dns_vars_file}" ] || . "${dns_vars_file}" itf_dns_key="State:/Network/Service/openvpn-${dev}/DNS"