Deferred Client Connect

[r1155]

I am looking for some assistance with a deferred client connect script. I am running v2.6.8.
My understanding is that the client connect script needs to write a "2" to the client_connect_deferred_file file, then exit with a status code of 0.
When the deferred script is complete, client_connect_deferred_file needs to be rewrote with a "0" for failure or "1" for success, optionally, a user's configuration file.


I have a client connect script that writes "2" to client_connect_deferred_file, then hits a local API via async and immediately exits with status code 0. The API then updates the client_connect_deferred_file when it's done.

My OpenVPN client authenticates, then is stuck with

Code: Select all

'PUSH_REQUEST' (status=1)

In CLI I can see a file in the client_connect_deferred_file path that has a "1". It seems to me that OpenVPN is reading the "2", but then never checks back.

[r1155]

For future readers, It seems that the issue is which process is writing the client_connect_deferred_file. In my case, I had the API endpoint (Python Flask) writing the file, once I switch it to the script that being called it started working.


My previous setup was
python script writes the 2 in the client_connect_deferred_file, then hits the API, the API then writes a 1 client_connect_deferred_file to.

The working state (this needs refinement, I was focused on getting the process to work) is
openvpn calls a bash script, that bash script writes a 2 in client_connect_deferred_file, then runs a python script (the same script as the first one) in the background via &, the python script calls the API, gets all the info it needs, then writes config to client_connect_config_file and a 1 to client_connect_deferred_file.



I tried the original method in multiple ways, all running as root, but it did not work at all.