diff options
-rw-r--r-- | init.c | 1 | ||||
-rw-r--r-- | manage.c | 18 | ||||
-rw-r--r-- | manage.h | 2 | ||||
-rw-r--r-- | openvpn.8 | 7 | ||||
-rw-r--r-- | options.c | 9 | ||||
-rw-r--r-- | options.h | 1 |
6 files changed, 37 insertions, 1 deletions
@@ -2468,6 +2468,7 @@ open_management (struct context *c) c->options.management_echo_buffer_size, c->options.management_state_buffer_size, c->options.management_hold, + c->options.management_signal, c->options.management_client, c->options.management_write_peer_info_file, c->options.remap_sigusr1)) @@ -1080,6 +1080,15 @@ man_reset_client_socket (struct management *man, const bool exiting) } if (!exiting) { + if (man->settings.signal_on_disconnect) { + int mysig = man_mod_signal (man, SIGUSR1); + if (mysig >= 0) + { + msg (D_MANAGEMENT, "MANAGEMENT: Triggering management signal"); + throw_signal_soft (mysig, "management-disconnect"); + } + } + if (man->settings.connect_as_client) { msg (D_MANAGEMENT, "MANAGEMENT: Triggering management exit"); @@ -1323,6 +1332,7 @@ man_settings_init (struct man_settings *ms, const int echo_buffer_size, const int state_buffer_size, const bool hold, + const bool signal_on_disconnect, const bool connect_as_client, const char *write_peer_info_file, const int remap_sigusr1) @@ -1355,6 +1365,12 @@ man_settings_init (struct man_settings *ms, ms->hold = hold; /* + * Should OpenVPN be signaled if management + * disconnects? + */ + ms->signal_on_disconnect = signal_on_disconnect; + + /* * Should OpenVPN connect to management interface as a client * rather than a server? */ @@ -1496,6 +1512,7 @@ management_open (struct management *man, const int echo_buffer_size, const int state_buffer_size, const bool hold, + const bool signal_on_disconnect, const bool connect_as_client, const char *write_peer_info_file, const int remap_sigusr1) @@ -1516,6 +1533,7 @@ management_open (struct management *man, echo_buffer_size, state_buffer_size, hold, + signal_on_disconnect, connect_as_client, write_peer_info_file, remap_sigusr1); @@ -205,6 +205,7 @@ struct man_settings { int state_buffer_size; bool server; bool hold; + bool signal_on_disconnect; bool connect_as_client; char *write_peer_info_file; @@ -281,6 +282,7 @@ bool management_open (struct management *man, const int echo_buffer_size, const int state_buffer_size, const bool hold, + const bool signal_on_disconnect, const bool connect_as_client, const char *write_peer_info_file, const int remap_sigusr1); @@ -178,6 +178,7 @@ openvpn \- secure IP tunnel daemon. [\ \fB\-\-lport\fR\ \fIport\fR\ ] [\ \fB\-\-management\-hold\fR\ ] [\ \fB\-\-management\-log\-cache\fR\ \fIn\fR\ ] +[\ \fB\-\-management\-signal\fR\ ] [\ \fB\-\-management\-query\-passwords\fR\ ] [\ \fB\-\-management\fR\ \fIIP\ port\ [pw\-file]\fR\ ] [\ \fB\-\-max\-clients\fR\ \fIn\fR\ ] @@ -2327,6 +2328,12 @@ with the command. .\"********************************************************* .TP +.B --management-signal +Send SIGUSR1 signal to OpenVPN if management session disconnects. +This is useful when you wish to disconnect an OpenVPN session on +user logoff. +.\"********************************************************* +.TP .B --management-log-cache n Cache the most recent .B n @@ -311,6 +311,7 @@ static const char usage_message[] = " and auth-user-pass passwords.\n" "--management-hold : Start " PACKAGE_NAME " in a hibernating state, until a client\n" " of the management interface explicitly starts it.\n" + "--management-signal : Issue SIGUSR1 when management disconnect event occurs.\n" "--management-log-cache n : Cache n lines of log file history for usage\n" " by the management channel.\n" #endif @@ -1200,6 +1201,7 @@ show_settings (const struct options *o) SHOW_BOOL (management_query_passwords); SHOW_BOOL (management_hold); SHOW_BOOL (management_client); + SHOW_BOOL (management_signal); SHOW_STR (management_write_peer_info_file); #endif #ifdef ENABLE_PLUGIN @@ -1527,7 +1529,7 @@ options_postprocess (struct options *options, bool first_time) */ #ifdef ENABLE_MANAGEMENT if (!options->management_addr && - (options->management_query_passwords || options->management_hold + (options->management_query_passwords || options->management_hold || options->management_signal || options->management_client || options->management_write_peer_info_file || options->management_log_history_cache != defaults.management_log_history_cache)) msg (M_USAGE, "--management is not specified, however one or more options which modify the behavior of --management were specified"); @@ -3164,6 +3166,11 @@ add_option (struct options *options, VERIFY_PERMISSION (OPT_P_GENERAL); options->management_hold = true; } + else if (streq (p[0], "management-signal")) + { + VERIFY_PERMISSION (OPT_P_GENERAL); + options->management_signal = true; + } else if (streq (p[0], "management-client")) { VERIFY_PERMISSION (OPT_P_GENERAL); @@ -283,6 +283,7 @@ struct options int management_state_buffer_size; bool management_query_passwords; bool management_hold; + bool management_signal; bool management_client; const char *management_write_peer_info_file; #endif |