On 04/01/17 17:56, Yury Shefer wrote: > Hi all, > > Is there any predefined timeout for client-connect/disconnect scripts? > What will happen if the script gets stuck and never return 0 or 1 back > to openvpn process? Will OpenVPN abort/kill the script and fail > authentication or will it deadlock the openvpn server so that new > authentication requests will fail?
AFAIR, there are no timeout mechanisms in any of the code paths related to --plugin and all the various script hooks. I've never tried to do such a lock-up, but yes it is very likely that a failing script or plugin can halt the server completely, resulting in a DoS for other connected and connecting clients. -- kind regards, David Sommerseth
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
