openvpn: Properly remove all RRDs after a connection is removed

author Michael Tremer <michael.tremer@ipfire.org>

Thu, 9 Apr 2015 14:32:39 +0000 (16:32 +0200)

committer Michael Tremer <michael.tremer@ipfire.org>

Thu, 9 Apr 2015 14:32:39 +0000 (16:32 +0200)
author Michael Tremer <michael.tremer@ipfire.org>
Thu, 9 Apr 2015 14:32:39 +0000 (16:32 +0200)
committer Michael Tremer <michael.tremer@ipfire.org>
Thu, 9 Apr 2015 14:32:39 +0000 (16:32 +0200)
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi

index 1e074928f29507143d98d40ba0ab5deeec4b0c21..0f4ed8dfa5b525c2073187ff4387efdffbb3c99a 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -2370,10 +2370,9 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
         
  # CCD end 
  
         
  # CCD end 
  
-###
-###  Delete all RRD's for client
-###
+       # Delete RRDs
         system ("/usr/local/bin/openvpnctrl -drrd $confighash{$cgiparams{'KEY'}}[1]");
         system ("/usr/local/bin/openvpnctrl -drrd $confighash{$cgiparams{'KEY'}}[1]");
+
         delete $confighash{$cgiparams{'KEY'}};
         my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
         &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
         delete $confighash{$cgiparams{'KEY'}};
         my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
         &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
@@ -3068,6 +3067,10 @@ END
         unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
         unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
         delete $confighash{$cgiparams{'KEY'}};
         unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
         unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
         delete $confighash{$cgiparams{'KEY'}};
+
+       # Delete RRD's for collectd
+       system("/usr/local/bin/openvpnctrl", "-drrd", "$confighash{$cgiparams{'KEY'}}[1]", "&>/dev/null");
+
         &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
         #&writeserverconf();
      } else {
         &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
         #&writeserverconf();
      } else {
diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c

index d20cced7743b80bdfc91c1875b54c2e33d0ca337..5d3f8af73b43ba7b8c6f734ae74648c93bfae567 100644 (file)
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -1,3 +1,4 @@
+#define _XOPEN_SOURCE 500
  #include <signal.h>
  #include <stdio.h>
  #include <string.h>
  #include <signal.h>
  #include <stdio.h>
  #include <string.h>
@@ -7,6 +8,7 @@
  #include <arpa/inet.h>
  #include <netinet/in.h>
  #include <fcntl.h>
  #include <arpa/inet.h>
  #include <netinet/in.h>
  #include <fcntl.h>
+#include <ftw.h>
  #include "setuid.h"
  #include "netutil.h"
  #include "libsmooth.h"
  #include "setuid.h"
  #include "netutil.h"
  #include "libsmooth.h"
@@ -572,23 +574,44 @@ int killNet2Net(char *name) {
         return 0;
  }
  
         return 0;
  }
  
-int deleterrd(char *name) {
-       connection *conn = getConnections();
  
  
-       char rrd_file[STRING_SIZE];
-       snprintf(rrd_file, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s/if_octets.rrd", name);
+static int recursive_remove_callback(const char* fpath, const struct stat* sb, int typeflag, struct FTW* ftwbuf) {
+       int rv = remove(fpath);
+       if (rv)
+               perror(fpath);
+
+       return rv;
+}
+
+static int recursive_remove(const char* path) {
+       return nftw(path, recursive_remove_callback, 64, FTW_DEPTH | FTW_PHYS);
+}
  
  
+int deleterrd(char *name) {
         char rrd_dir[STRING_SIZE];
         char rrd_dir[STRING_SIZE];
-       snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s", name);
  
  
+       connection *conn = getConnections();
         while(conn) {
         while(conn) {
-               /* Find only RW-Connections with the given name. */
-               if (((strcmp(conn->type, "host") == 0) && (strcmp(conn->name, name) == 0))) {
-                       remove(rrd_file);
-                       remove(rrd_dir);
-                       return 0;
+               if (strcmp(conn->name, name) != 0) {
+                       conn = conn->next;
+                       continue;
                 }
                 }
-               conn = conn->next;
+
+               // Handle RW connections
+               if (strcmp(conn->type, "host") == 0) {
+                       snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s", name);
+
+               // Handle N2N connections
+               } else if (strcmp(conn->type, "net") == 0) {
+                       snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s-n2n/", name);
+
+               // Unhandled connection type
+               } else {
+                       conn = conn->next;
+                       continue;
+               }
+
+               return recursive_remove(rrd_dir);
         }
  
         return 1;
         }
  
         return 1;
author	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 9 Apr 2015 14:32:39 +0000 (16:32 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 9 Apr 2015 14:32:39 +0000 (16:32 +0200)
html/cgi-bin/ovpnmain.cgi		patch \| blob \| blame \| history
src/misc-progs/openvpnctrl.c		patch \| blob \| blame \| history