fork/exec implementation (#ce66485e) fails on OpenBSD
Initiating a connection using openconnect
to ocserv-1.1.0 on OpenBSD fails:
$ openconnect 127.0.0.1
POST https://127.0.0.1/
Connected to 127.0.0.1:443
SSL negotiation with 127.0.0.1
SSL connection failure: Error in the pull function.
Failed to open HTTPS connection to 127.0.0.1
Failed to obtain WebVPN cookie
Which seems related to two messages in message.log
:
Jun 17 13:12:29 zeus ocserv[75617]: main: main.c:1116: readlink failed Undefined error: 0
Jun 17 14:19:41 zeus ocserv: error connecting to sec-mod socket '/var/run/ocserv-socket.dbd846af': No such file or directory
The first issue is caused by ocserv
trying to get the full path of the executable by using readlink
on /proc/self/exe
(src/main.c#L1114). OpenBSD does not support procfs
nor is it possible to get the full path of the executable for a process, as this is considered a security/privacy concern.
src/main.c#L1114 has been introduced as part of the new fork/exec implementation (#ce66485e from @Alan_Jowett).
The second issue I do not understand as the socket seems to be temporarily on the system:
$ ls -ltra /var/run/ocserv*
srwx--x--x 1 nobody daemon 0 Jun 17 14:49 /var/run/ocserv-socket.dbd846af
First issue can be easily by using argv[0]. Any idea where to look for the second issue?