lwipopenvpn fails if stdin/stdout are redirected

cron2 commented 1 week ago

So, t_client test with lwipovpn. Works great if run from the CLI, log file visible.

Running with stdin (only!) redirected

SU ../bin/openvpn.master --client ...  --dev-node unix:/home/gert/lwip-build/lwipovpn --log /tmp/l.txt </dev/null

leads to

2024-11-04 08:36:50 ROUTE_GATEWAY 194.97.140.30/255.255.255.224 IFACE=vtnet0 HWADDR=bc:24:11:bf:7a:d4
2024-11-04 08:36:50 GDG6: remote_host_ipv6=2001:608:0:814::f000:11
2024-11-04 08:36:50 ROUTE6_GATEWAY :: ON_LINK IFACE=vtnet0
2024-11-04 08:36:50 Socket Buffers: R=[16384->65536] S=[2048->65536]
2024-11-04 08:36:50 Socket Buffers: R=[16384->65536] S=[2048->65536]
2024-11-04 08:36:50 /home/gert/lwip-build/lwipovpn
2024-11-04 08:36:50 unix device [internal:af_unix] opened
2024-11-04 08:36:50 Initialization Sequence Completed
2024-11-04 08:36:50 Data Channel: cipher 'AES-256-GCM', peer-id: 1, compression: 'lz4'
2024-11-04 08:36:50 Timers: ping 10, ping-restart 30
2024-11-04 08:36:50 Protocol options: protocol-flags cc-exit tls-ekm dyn-tls-crypt
SNMP private MIB start, detecting sensors.
lwipovpn init complete: type=tun mtu=1500 local_ip=194.97.145.74 netmask=255.255.255.248 gw=194.97.145.73 local_ipv6=2001:608:3:814::1000
2024-11-04 08:36:50 write to TUN/TAP : Connection reset by peer (fd=-1,code=54)
2024-11-04 08:36:50 write to TUN/TAP : Destination address required (fd=-1,code=39)
2024-11-04 08:36:51 Child process PID 61757 for afunix dead? Return code: 0
2024-11-04 08:36:51 write to TUN/TAP : No error: 0 (fd=-1,code=0)
2024-11-04 08:36:51 write to TUN/TAP : Destination address required (fd=-1,code=39)
2024-11-04 08:36:52 event_wait : Interrupted system call (fd=-1,code=4)
2024-11-04 08:36:50 ROUTE_GATEWAY 194.97.140.30/255.255.255.224 IFACE=vtnet0 HWADDR=bc:24:11:bf:7a:d4
2024-11-04 08:36:50 GDG6: remote_host_ipv6=2001:608:0:814::f000:11
2024-11-04 08:36:50 ROUTE6_GATEWAY :: ON_LINK IFACE=vtnet0
2024-11-04 08:36:50 Socket Buffers: R=[16384->65536] S=[2048->65536]
2024-11-04 08:36:50 Socket Buffers: R=[16384->65536] S=[2048->65536]
2024-11-04 08:36:50 /home/gert/lwip-build/lwipovpn
2024-11-04 08:36:50 unix device [internal:af_unix] opened
2024-11-04 08:36:50 Initialization Sequence Completed
2024-11-04 08:36:50 Data Channel: cipher 'AES-256-GCM', peer-id: 1, compression: 'lz4'
2024-11-04 08:36:50 Timers: ping 10, ping-restart 30
2024-11-04 08:36:50 Protocol options: protocol-flags cc-exit tls-ekm dyn-tls-crypt
SNMP private MIB start, detecting sensors.
lwipovpn init complete: type=tun mtu=1500 local_ip=194.97.145.74 netmask=255.255.255.248 gw=194.97.145.73 local_ipv6=2001:608:3:814::1000
2024-11-04 08:36:50 write to TUN/TAP : Connection reset by peer (fd=-1,code=54)
2024-11-04 08:36:50 write to TUN/TAP : Destination address required (fd=-1,code=39)
2024-11-04 08:36:51 Child process PID 61757 for afunix dead? Return code: 0
2024-11-04 08:36:51 write to TUN/TAP : No error: 0 (fd=-1,code=0)
2024-11-04 08:36:51 write to TUN/TAP : Destination address required (fd=-1,code=39)
2024-11-04 08:36:52 event_wait : Interrupted system call (fd=-1,code=4)

so, lwipovpn seems to die/crash right away. This is on FreeBSD 13.3, but @mattock seems to experience the same thing on Linux.

Running truss...

SU truss -f -o /tmp/l2.txt ... openvpn ...
61776: <new process>
61775: fork()                                    = 61776 (0xf150)
61776: thr_self(0x828c2e000)                     = 0 (0x0)
61776: execve("/home/gert/lwip-build/lwipovpn",0x828c375a8,0x828c51808) EJUSTRETURN
...
61776: thr_new(0x829ae9bb0,0x68)                 = 0 (0x0)
61776: write(1,"SNMP private MIB start, detectin"...,43) = 43 (0x2b)
61776: sendto(4,"E\0\0_\0\0\0\0\M^?\^Q\^T7\M-Ba"...,95,0,NULL,0) = 95 (0x5f)
61776: sendto(4,"E\0\0G\0\^A\0\0\M^?\^Q\^TN\M-Ba"...,71,0,NULL,0) = 71 (0x47)
61776: write(1,"lwipovpn init complete: type=tun"...,138) = 138 (0x8a)
61776: _umtx_op(0x8257ab9c8,UMTX_OP_NWAKE_PRIVATE,0x1,0x0,0x0) = 0 (0x0)
61776: _umtx_op(0x82355ffa8,UMTX_OP_WAIT_UINT_PRIVATE,0x0,0x0,0x0) = 0 (0x0)
61776: select(1,{ 0 },0x0,0x0,{ 0.000000 })      = 1 (0x1)
61776: <thread 101353 exited>

this is a bit inconclusive (there is no actual error, and I can't see "what other threads do") - and then truss just exits?! - so "something in lwipovpn acts up if stdin is not a tty? (</tmp/somefile.txt has the same effect).

Maybe strace on Linux is more helpful here? Or just stare-at-code ;-)

cron2 commented 1 week ago

(technically this is not quite likely "an OpenVPN" issue but "lwipovpn", but I put it in here because I'm looking at this from the OpenVPN testing point of view...)

mattock commented 1 week ago

strace.log attached. Tested with https://github.com/mattock/openvpn/blob/lwip_debug/tests/lwip.sh except that client was launched like this:

strace -o /tmp/strace.log -f ../src/openvpn/openvpn --client --nobind --remote-cert-tls server --persist-tun --verb 3 --resolv-retry infinite --connect-retry-max 3 --server-poll-timeout 5 --explicit-exit-notify 3 --script-security 2 --dev null --dev-node unix:lwipovpnbuild/lwipovpn --up ./null_client_up.sh --ca ./../sample/sample-keys/ca.crt --cert ./../sample/sample-keys/client.crt --key ./../sample/sample-keys/client.key --tls-auth ./../sample/sample-keys/ta.key 1 --remote 127.0.0.1 1194 udp --proto udp --writepid lwip_client.pid --setenv pid lwip_client.pid --log lwip_client.log </dev/null

OpenVPN / openvpn

lwipopenvpn fails if stdin/stdout are redirected #638