feat: disconnect clients immediately on certificate revocation (#1432)

## Summary Adds immediate client disconnect when a certificate is revoked, via OpenVPN management interface. Previously, revoked clients stayed connected until they voluntarily disconnected or the server restarted. Fixes #1199 ## Changes - Enable management interface (Unix socket at `/var/run/openvpn/server.sock`) - Add `disconnectClient()` function to send `kill` command on revoke - Add `socat` dependency for socket communication
2025-12-20 02:27:01 +01:00 · 2025-12-18 11:32:50 +01:00
parent 9289770e8b
commit b443b75375
5 changed files with 142 additions and 43 deletions
--- a/test/Dockerfile.server
+++ b/test/Dockerfile.server
@@ -15,6 +15,7 @@ ENV ENABLE_NFTABLES=${ENABLE_NFTABLES}

 # Install basic dependencies based on the OS
 # dnsutils/bind-utils provides dig for DNS testing with Unbound
+# Note: socat is installed by openvpn-install.sh during OpenVPN installation
 RUN if command -v apt-get >/dev/null; then \
        apt-get update && apt-get install -y --no-install-recommends \
            iproute2 iptables curl procps systemd systemd-sysv dnsutils jq \