From: Arne Schwabe <arne@rfc2549.org>
Date: Mon, 25 Jan 2021 12:56:21 +0000 (+0100)
Subject: Introduce management client state for AUTH_PENDING notifications
X-Git-Tag: v2.6_beta1~624
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b29f7dffc073ebd2a3b04eac5f7aee2edcf5da49;p=thirdparty%2Fopenvpn.git

Introduce management client state for AUTH_PENDING notifications

This allows a UI client to display the correct state. Technically the
client is still waiting for PUSH_REPLY but for every practical concern
this is a different state as we are waiting for the pending
authentication to finish.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20210125125628.30364-5-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21498.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index ed9dde1ec..169e645fb 100644
--- a/src/openvpn/manage.c
+++ b/src/openvpn/manage.c
@@ -169,6 +169,9 @@ man_state_name(const int state)
         case OPENVPN_STATE_TCP_CONNECT:
             return "TCP_CONNECT";
 
+        case OPENVPN_STATE_AUTH_PENDING:
+            return "AUTH_PENDING";
+
         default:
             return "?";
     }
diff --git a/src/openvpn/manage.h b/src/openvpn/manage.h
index a3364644e..9797842b8 100644
--- a/src/openvpn/manage.h
+++ b/src/openvpn/manage.h
@@ -492,6 +492,8 @@ management_enable_def_auth(const struct management *man)
 #define OPENVPN_STATE_GET_CONFIG    9  /* Downloading configuration from server */
 #define OPENVPN_STATE_RESOLVE       10 /* DNS lookup */
 #define OPENVPN_STATE_TCP_CONNECT   11 /* Connecting to TCP server */
+#define OPENVPN_STATE_AUTH_PENDING  12 /* Waiting in auth-pending mode
+                                        * technically variant of GET_CONFIG */
 
 #define OPENVPN_STATE_CLIENT_BASE   7  /* Base index of client-only states */
 
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 2ceee2c44..9a67e0362 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -248,12 +248,30 @@ parse_auth_pending_keywords(const struct buffer *buffer,
     if (!buf_advance(&buf, strlen("AUTH_PENDING"))
         || !(buf_read_u8(&buf) == ',') || !BLEN(&buf))
     {
+#ifdef ENABLE_MANAGEMENT
+        if (management)
+        {
+            management_set_state(management, OPENVPN_STATE_AUTH_PENDING,
+                                 "", NULL, NULL, NULL, NULL);
+        }
+#endif
+
         return;
     }
 
     /* parse the keywords in the same way that push options are parsed */
     char line[OPTION_LINE_SIZE];
 
+#ifdef ENABLE_MANAGEMENT
+    /* Need to do the management notification with the keywords before
+     * buf_parse is called, as it will insert \0 bytes into the buffer */
+    if (management)
+    {
+        management_set_state(management, OPENVPN_STATE_AUTH_PENDING,
+                             BSTR(&buf), NULL, NULL, NULL, NULL);
+    }
+#endif
+
     while (buf_parse(&buf, ',', line, sizeof(line)))
     {
         if (sscanf(line, "timeout %u", server_timeout) != 1)