Include CE_DISABLED status of remote in "remote-entry-get" response
- The response to the management command "remote-entry-get" is
amended to include the status of the remote entry. The status
reads "disabled" if (ce->flag & DISABLED) is true, "enabled"
otherwise.
- Update and correct the description of this option in
management-notes.txt
Example responses:
In response to "remote-entry-get 0"
0,vpn.example.com,udp,enabled
END
Or, in response to "remote-entry-get all"
0,vpn.example.org,udp,enabled
1,vpn.example.com,udp,enabled
2,vpn.example.net,tcp-client,disabled
END
This helps the management client to show only enabled remotes
to the user.
An alternative would require the UI/GUI to have knowledge of
what makes the daemon set CE_DISABLED (--proto-force,
--htttp-proxy-override etc.).
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230111062910.1846688-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/search?l=mid&q=20230111062910.1846688-1-selva.nair@gmail.com
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair authored on 2023/01/11 15:29:10Showing 2 changed files
| ... | ... |
@@ -806,9 +806,12 @@ COMMAND -- remote-entry-get (OpenVPN 2.6+ management version > 3) |
| 806 | 806 |
|
| 807 | 807 |
remote-entry-get <start> [<end>] |
| 808 | 808 |
|
| 809 |
-Retrieve remote entry (host, port and protocol) for index |
|
| 810 |
-<start> or indices from <start> to <end>+1. Alternatively |
|
| 811 |
-<start> = "all" retrieves all remote entries. |
|
| 809 |
+Retrieve remote entry (host, port, protocol, and status) for index |
|
| 810 |
+<start> or indices from <start> to <end>-1. Alternatively |
|
| 811 |
+<start> = "all" retrieves all remote entries. The index is 0-based. |
|
| 812 |
+If the entry is disabled due to protocol or proxy restrictions |
|
| 813 |
+(i.e., ce->flag & CE_DISABLED == 1), the status is returned as "disabled", |
|
| 814 |
+otherwise it reads "enabled" without quotes. |
|
| 812 | 815 |
|
| 813 | 816 |
Example 1: |
| 814 | 817 |
|
| ... | ... |
@@ -818,8 +821,8 @@ Example 1: |
| 818 | 818 |
|
| 819 | 819 |
OpenVPN daemon responds with |
| 820 | 820 |
|
| 821 |
- 1,vpn.example.com,1194,udp |
|
| 822 |
- END |
|
| 821 |
+ 1,vpn.example.com,1194,udp,enabled |
|
| 822 |
+ END |
|
| 823 | 823 |
|
| 824 | 824 |
Example 2: |
| 825 | 825 |
|
| ... | ... |
@@ -829,8 +832,8 @@ Example 2: |
| 829 | 829 |
|
| 830 | 830 |
OpenVPN daemon responds with |
| 831 | 831 |
|
| 832 |
- 1,vpn.example.com,1194,udp |
|
| 833 |
- 2,vpn.example.net,443,tcp-client |
|
| 832 |
+ 1,vpn.example.com,1194,udp,enabled |
|
| 833 |
+ 2,vpn.example.net,443,tcp-client,disabled |
|
| 834 | 834 |
END |
| 835 | 835 |
|
| 836 | 836 |
Example 3: |
| ... | ... |
@@ -840,9 +843,9 @@ Example 3: |
| 840 | 840 |
|
| 841 | 841 |
OpenVPN daemon with 3 connection entries responds with |
| 842 | 842 |
|
| 843 |
- 1,vpn.example.com,1194,udp |
|
| 844 |
- 2,vpn.example.com,443,tcp-client |
|
| 845 |
- 3,vpn.example.net,443,udp |
|
| 843 |
+ 0,vpn.example.com,1194,udp,enabled |
|
| 844 |
+ 1,vpn.example.com,443,tcp-client,enabled |
|
| 845 |
+ 2,vpn.example.net,443,udp,enabled |
|
| 846 | 846 |
END |
| 847 | 847 |
|
| 848 | 848 |
COMMAND -- remote (OpenVPN AS 2.1.5/OpenVPN 2.3 or higher) |
| ... | ... |
@@ -353,13 +353,15 @@ management_callback_remote_entry_get(void *arg, unsigned int index, char **remot |
| 353 | 353 |
{
|
| 354 | 354 |
struct connection_entry *ce = l->array[index]; |
| 355 | 355 |
const char *proto = proto2ascii(ce->proto, ce->af, false); |
| 356 |
+ const char *status = (ce->flags & CE_DISABLED) ? "disabled" : "enabled"; |
|
| 356 | 357 |
|
| 357 |
- /* space for output including 2 commas and a nul */ |
|
| 358 |
- int len = strlen(ce->remote) + strlen(ce->remote_port) + strlen(proto) + 2 + 1; |
|
| 358 |
+ /* space for output including 3 commas and a nul */ |
|
| 359 |
+ int len = strlen(ce->remote) + strlen(ce->remote_port) + strlen(proto) |
|
| 360 |
+ + strlen(status) + 3 + 1; |
|
| 359 | 361 |
char *out = malloc(len); |
| 360 | 362 |
check_malloc_return(out); |
| 361 | 363 |
|
| 362 |
- openvpn_snprintf(out, len, "%s,%s,%s", ce->remote, ce->remote_port, proto); |
|
| 364 |
+ openvpn_snprintf(out, len, "%s,%s,%s,%s", ce->remote, ce->remote_port, proto, status); |
|
| 363 | 365 |
*remote = out; |
| 364 | 366 |
} |
| 365 | 367 |
else |