net/ocserv (and ifconfig) unable to destroy tun interfaces post r345045

[Trond Endrestøl]

Hi,

I have a VPN service running net/ocserv 0.12.4_1. Everything is ok 
until the first client disconnects. The main ocserv process hangs 
while destroying the tun interface, waiting indefinitely on 
"tun_cond".

I ran an ocserv executable containing debug symbols through gdb and I 
had a breakpoint on the call to ioctl(fd, SIOCIFDESTROY, &ifr), at 
tun.c:770 of net/ocserv.

The call to ioctl() has apparently a valid file descriptor, fd, and 
the fields of ifr are all zero, save the ifr_name field which contains 
"vpns0" and is properly null terminated.

On the first attempt, I let the code run its course and had to reboot 
to recover.

On the second attempt, I killed the ocserv process from within gdb. I 
ran "ifconfig vpns0 destroy" myself, and ifconfig froze immediately.
Rebooting is the only way to recover.

Reverting to stable/12 r345045 makes ocserv serve the clients again.

My guess is that one or more of r345285, r347378, and/or r348124, all 
related to sys/net/if_tun.c, are to blame.

Can someone verify my claims?

See also:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238500
https://gitlab.com/openconnect/ocserv/issues/213

-- 
Trond.