Bug #1231: ipsec stop produces errors on systems that don't support subsecond sleep - strongSwan

Bug #1231

ipsec stop produces errors on systems that don't support subsecond sleep

Added by Saso Slavicic about 5 years ago. Updated about 5 years ago.

Status:

Closed

Priority:

Low

Assignee:

Tobias Brunner

Category:

starter

Target version:

5.4.0

Start date:

08.12.2015

Due date:

Estimated time:

Affected version:

5.3.5

Resolution:

Fixed

Description

Subsecond sleep is not supported in busybox.
On OpenWRT, stopping ipsec produces errors:

/etc/init.d/ipsec stop
Stopping strongSwan IPsec...
sleep: invalid number '0.1'
sleep: invalid number '0.1'
sleep: invalid number '0.1'
sleep: invalid number '0.1'
sleep: invalid number '0.1'

Associated revisions

Revision 7f527156 (diff)
Added by Tobias Brunner about 5 years ago

ipsec: Fix stop command on systems where sleep(1) only supports integers

Fixes #1231.

History

#1 Updated by Tobias Brunner about 5 years ago

Status changed from New to Feedback

Does sleep 0.1 2>/dev/null suppress the message?

#2 Updated by Saso Slavicic about 5 years ago

Yes.

#3 Updated by Tobias Brunner about 5 years ago

So a simple fix would be to just suppress the error. Or we could do something like this in case detecting and reporting the error takes less than 100ms:

diff --git a/src/ipsec/_ipsec.in b/src/ipsec/_ipsec.in
index 89c7ef753e46..86f7c640ef02 100644
--- a/src/ipsec/_ipsec.in
+++ b/src/ipsec/_ipsec.in
@@ -259,7 +259,7 @@ stop)
             loop=110
             while [ $loop -gt 0 ] ; do
                 kill -0 $spid 2>/dev/null || break
-                sleep 0.1
+                sleep 0.1 2>/dev/null || sleep 1
                 loop=$(($loop - 1))
             done
             if [ $loop -eq 0 ]

#4 Updated by Saso Slavicic about 5 years ago

Sleeping for 1s should also decrease loop by additional 9 iterations...just in case so that it doesn't hang for 110s before issuing kill.

#5 Updated by Tobias Brunner about 5 years ago

So maybe something like this:

diff --git a/src/ipsec/_ipsec.in b/src/ipsec/_ipsec.in
index 89c7ef753e46..7da0fd36d6d1 100644
--- a/src/ipsec/_ipsec.in
+++ b/src/ipsec/_ipsec.in
@@ -259,7 +259,12 @@ stop)
             loop=110
             while [ $loop -gt 0 ] ; do
                 kill -0 $spid 2>/dev/null || break
-                sleep 0.1
+                sleep 0.1 2>/dev/null
+                if [ $? -ne 0 ]
+                then
+                    sleep 1
+                    loop=$(($loop - 9))
+                fi
                 loop=$(($loop - 1))
             done
             if [ $loop -eq 0 ]

#6 Updated by Saso Slavicic about 5 years ago

There shouldn't be any possibility for the loop to be overshot, that last line probably needs to be changed to '-le'.
But I'm probably nitpicking already... :-)

#7 Updated by Tobias Brunner about 5 years ago

There shouldn't be any possibility for the loop to be overshot, that last line probably needs to be changed to '-le'.

You mean in case sleep 0.1 only fails occasionally?

#8 Updated by Saso Slavicic about 5 years ago

Yep...I have no idea if that can happen, but rather be safe than sorry as it doesn't really cost anything.

#9 Updated by Tobias Brunner about 5 years ago

Tracker changed from Issue to Bug
Subject changed from subsecond sleep not supported to ipsec stop produces errors on systems that don't support subsecond sleep
Category set to starter
Status changed from Feedback to Closed
Assignee set to Tobias Brunner
Target version set to 5.4.0
Resolution set to Fixed

Yep...I have no idea if that can happen, but rather be safe than sorry as it doesn't really cost anything.

I guess it's not very likely, but I agree. I pushed the fix to master.

Also available in: Atom PDF

Project

General

Profile

strongSwan

Issues

New issues