From adc0febaeac0d83246dbd2cc77b2a5d80e41741e Mon Sep 17 00:00:00 2001 From: Selva Nair Date: Tue, 24 Feb 2026 22:30:30 +0100 Subject: [PATCH] Fixup version command on management interface All commands to the management interface are supposed to be responded with either a one-line "SUCCESS:/ERROR:" message or a multi-line reply terminated by "END". But, curently we silently accept the "version n" command wih no response. This causes clients like OpenVPN-GUI lock-up if version command is used, waiting for ever for a reply. Fix this by adding a SUCCESS response if client version is set to a value >= 4. As the highest client version in use until now is 3, this should not affect any work-arounds in existing clients. ERROR response is generated if the version parameter is null which never happens in practice. Change-Id: I76dc80a9d9b29e401b7bbd59e0c46baf751d2e4a Signed-off-by: Selva Nair Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1528 Message-Id: <20260224213036.31845-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35782.html Signed-off-by: Gert Doering --- doc/management-notes.txt | 4 ++++ src/openvpn/manage.c | 9 +++++++++ 2 files changed, 13 insertions(+) diff --git a/doc/management-notes.txt b/doc/management-notes.txt index 1a5c311c..86b74f33 100644 --- a/doc/management-notes.txt +++ b/doc/management-notes.txt @@ -492,6 +492,10 @@ Command examples: version 2 -- Change management version of client to 2 (default = 1) version -- Show the version of OpenVPN and its Management Interface +Note: Until version 3, no response was generated when client sets its +version. This was fixed starting version 4: clients should expect +"SUCCESS: .. " message only when setting the version to >= 4. + COMMAND -- auth-retry --------------------- diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index 37ae6b38..03ff5b37 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -1333,6 +1333,15 @@ set_client_version(struct management *man, const char *version) if (version) { man->connection.client_version = atoi(version); + /* Prior to version 3, we missed to respond to this command. Acknowledge only if version >= 4 */ + if (man->connection.client_version >= 4) + { + msg(M_CLIENT, "SUCCESS: Management client version set to %d", man->connection.client_version); + } + } + else + { + msg(M_CLIENT, "ERROR: Invalid value specified for management client version"); } }