diff options
| author | Jon Oberheide <jono@apollo.(none)> | 2012-09-24 00:53:43 -0400 |
|---|---|---|
| committer | Jon Oberheide <jono@apollo.(none)> | 2012-09-24 00:53:43 -0400 |
| commit | 3b890e663508d9b6d9ee3d708de09530bac722b4 (patch) | |
| tree | 6075a58c7dc8058762fb86b16058b840e58b59a0 | |
| parent | 0b4a0af8343c7a459b2b7cf15ce496c2edfcf80a (diff) | |
| download | openvpn-duo-plugin-3b890e663508d9b6d9ee3d708de09530bac722b4.tar.gz openvpn-duo-plugin-3b890e663508d9b6d9ee3d708de09530bac722b4.zip | |
ignore sigchld to avoid leaving behind zombies. fix from jschauma. setting global signal handlers in the plugin isnt ideal, but doesnt appear to interfere with normal openvpn operation.
| -rw-r--r-- | duo_openvpn.c | 33 |
1 files changed, 18 insertions, 15 deletions
diff --git a/duo_openvpn.c b/duo_openvpn.c index 8437907..060d765 100644 --- a/duo_openvpn.c +++ b/duo_openvpn.c @@ -57,28 +57,31 @@ auth_user_pass_verify(struct context *ctx, const char *args[], const char *envp[ return OPENVPN_PLUGIN_FUNC_ERROR; } + /* prevent leaving behind zombies */ + signal(SIGCHLD, SIG_IGN); + pid = fork(); if (pid < 0) { return OPENVPN_PLUGIN_FUNC_ERROR; } - - if (pid == 0) { - if (ctx->ikey && ctx->skey && ctx->host) { - setenv("ikey", ctx->ikey, 1); - setenv("skey", ctx->skey, 1); - setenv("host", ctx->host, 1); - } - - setenv("control", control, 1); - setenv("username", username, 1); - setenv("password", password, 1); - setenv("ipaddr", ipaddr, 1); - execvp(argv[0], argv); - exit(1); + if (pid > 0) { + return OPENVPN_PLUGIN_FUNC_DEFERRED; } + + if (ctx->ikey && ctx->skey && ctx->host) { + setenv("ikey", ctx->ikey, 1); + setenv("skey", ctx->skey, 1); + setenv("host", ctx->host, 1); + } + + setenv("control", control, 1); + setenv("username", username, 1); + setenv("password", password, 1); + setenv("ipaddr", ipaddr, 1); - return OPENVPN_PLUGIN_FUNC_DEFERRED; + execvp(argv[0], argv); + exit(1); } OPENVPN_EXPORT int |