Include CE_DISABLED status of remote in "remote-entry-get" response

- The response to the management command "remote-entry-get" is amended to include the status of the remote entry. The status reads "disabled" if (ce->flag & DISABLED) is true, "enabled" otherwise. - Update and correct the description of this option in management-notes.txt Example responses: In response to "remote-entry-get 0" 0,vpn.example.com,udp,enabled END Or, in response to "remote-entry-get all" 0,vpn.example.org,udp,enabled 1,vpn.example.com,udp,enabled 2,vpn.example.net,tcp-client,disabled END This helps the management client to show only enabled remotes to the user. An alternative would require the UI/GUI to have knowledge of what makes the daemon set CE_DISABLED (--proto-force, --htttp-proxy-override etc.). Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20230111062910.1846688-1-selva.nair@gmail.com> URL: https://www.mail-archive.com/search?l=mid&q=20230111062910.1846688-1-selva.nair@gmail.com Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-06-09 00:42:51 -04:00 · 2023-01-11 01:29:10 -05:00 · 2023-01-11 01:29:10 -05:00 · eafbedc583
commit eafbedc583
parent 202b34da38
2 changed files with 18 additions and 13 deletions
--- a/doc/management-notes.txt
+++ b/doc/management-notes.txt
@ -806,9 +806,12 @@ COMMAND -- remote-entry-get (OpenVPN 2.6+ management version > 3)

  remote-entry-get <start> [<end>]

-Retrieve remote entry (host, port and protocol) for index
-<start> or indices from <start> to <end>+1. Alternatively
-<start> = "all" retrieves all remote entries.
+Retrieve remote entry (host, port, protocol, and status) for index
+<start> or indices from <start> to <end>-1. Alternatively
+<start> = "all" retrieves all remote entries. The index is 0-based.
+If the entry is disabled due to protocol or proxy restrictions
+(i.e., ce->flag & CE_DISABLED == 1), the status is returned as "disabled",
+otherwise it reads "enabled" without quotes.

 Example 1:

@ -818,8 +821,8 @@ Example 1:

  OpenVPN daemon responds with

-  1,vpn.example.com,1194,udp
-  END
+    1,vpn.example.com,1194,udp,enabled
+    END

 Example 2:

@ -829,8 +832,8 @@ Example 2:

  OpenVPN daemon responds with

-    1,vpn.example.com,1194,udp
-    2,vpn.example.net,443,tcp-client
+    1,vpn.example.com,1194,udp,enabled
+    2,vpn.example.net,443,tcp-client,disabled
    END

 Example 3:
@ -840,9 +843,9 @@ Example 3:

  OpenVPN daemon with 3 connection entries responds with

-    1,vpn.example.com,1194,udp
-    2,vpn.example.com,443,tcp-client
-    3,vpn.example.net,443,udp
+    0,vpn.example.com,1194,udp,enabled
+    1,vpn.example.com,443,tcp-client,enabled
+    2,vpn.example.net,443,udp,enabled
    END

 COMMAND -- remote  (OpenVPN AS 2.1.5/OpenVPN 2.3 or higher)
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@ -353,13 +353,15 @@ management_callback_remote_entry_get(void *arg, unsigned int index, char **remot
    {
        struct connection_entry *ce = l->array[index];
        const char *proto = proto2ascii(ce->proto, ce->af, false);
+        const char *status = (ce->flags & CE_DISABLED) ? "disabled" : "enabled";

-        /* space for output including 2 commas and a nul */
-        int len = strlen(ce->remote) + strlen(ce->remote_port) + strlen(proto) + 2 + 1;
+        /* space for output including 3 commas and a nul */
+        int len = strlen(ce->remote) + strlen(ce->remote_port) + strlen(proto)
+                  + strlen(status) + 3 + 1;
        char *out = malloc(len);
        check_malloc_return(out);

-        openvpn_snprintf(out, len, "%s,%s,%s", ce->remote, ce->remote_port, proto);
+        openvpn_snprintf(out, len, "%s,%s,%s,%s", ce->remote, ce->remote_port, proto, status);
        *remote = out;
    }
    else