1. openvpn
  2. Commit ddbfbeca603eedddc12556b28e5cd9b022e9ea63
Browse code

dco_linux: enable extended netlink error reporting

The ovpn netlink code reports more verbose error
strings to help userspace understand what went wrong,
rather than just returning, for example, -EINVAL.

However, userspace must instruct the kernel netlink
subsystem that it wants to receive such strings.

code for parsing such strings has always been present
but it was never used.

Set the socket option which enables such reporting.

Change-Id: I4457b1d7262e0a39c275d33aaef6c4bcbeae6ab3
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250609100216.3997-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31885.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

Antonio Quartulli authored on 2025/06/09 19:02:10
Showing 1 changed files
src/openvpn/dco_linux.c
History View file @ ddbfbec
... ... 
@@ -367,19 +367,19 @@ ovpn_nl_cb_error(struct sockaddr_nl (*nla) __attribute__ ((unused)),
367 367 
     {
368 368 
         len = strnlen((char *)nla_data(tb_msg[NLMSGERR_ATTR_MSG]),
369 369 
                       nla_len(tb_msg[NLMSGERR_ATTR_MSG]));
370 
-        msg(M_WARN, "kernel error: %*s\n", len,
370 
+        msg(M_WARN, "kernel error: %*s", len,
371 371 
             (char *)nla_data(tb_msg[NLMSGERR_ATTR_MSG]));
372 372 
     }
373 373
374 374 
     if (tb_msg[OVPN_NLMSGERR_ATTR_MISS_NEST])
375 375 
     {
376 
-        msg(M_WARN, "kernel error: missing required nesting type %u\n",
376 
+        msg(M_WARN, "kernel error: missing required nesting type %u",
377 377 
             nla_get_u32(tb_msg[OVPN_NLMSGERR_ATTR_MISS_NEST]));
378 378 
     }
379 379
380 380 
     if (tb_msg[OVPN_NLMSGERR_ATTR_MISS_TYPE])
381 381 
     {
382 
-        msg(M_WARN, "kernel error: missing required attribute type %u\n",
382 
+        msg(M_WARN, "kernel error: missing required attribute type %u",
383 383 
             nla_get_u32(tb_msg[OVPN_NLMSGERR_ATTR_MISS_TYPE]));
384 384 
     }
385 385
... ... 
@@ -405,6 +405,11 @@ ovpn_dco_init_netlink(dco_context_t *dco)
405 405 
             nl_geterror(ret));
406 406 
     }
407 407
408 
+    /* enable Extended ACK for detailed error reporting */
409 
+    ret = 1;
410 
+    setsockopt(nl_socket_get_fd(dco->nl_sock), SOL_NETLINK, NETLINK_EXT_ACK,
411 
+               &ret, sizeof(ret));
412 
+
408 413 
     /* set close on exec and non-block on the netlink socket */
409 414 
     set_cloexec(nl_socket_get_fd(dco->nl_sock));
410 415 
     set_nonblock(nl_socket_get_fd(dco->nl_sock));