From a57c73e33f4937a5050f76ca5224e88801db4afe Mon Sep 17 00:00:00 2001
From: Kali Kaneko <kali@leap.se>
Date: Tue, 16 Jan 2018 23:40:42 +0100
Subject: [feat] hardcode tcp4 in vpn connections

for now, we'll be hardcoding tcp as a more reliable alternative, no
matter what the provider announces.

explicitely specifying ipv4 should fix the case in which vpn fails to
start because ipv6 is disabled.

-Resolves: #9181, #9129
---
 docs/changelog.rst                              | 1 +
 src/leap/bitmask/vpn/helpers/linux/bitmask-root | 7 +++++--
 src/leap/bitmask/vpn/launcher.py                | 3 ++-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/docs/changelog.rst b/docs/changelog.rst
index 69b314ee..86f07ea4 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -12,6 +12,7 @@ Features
 - `#6914 <https://0xacab.org/leap/bitmask-dev/issues/6914>`_: expose an API to retreive message status.
 - `#9188 <https://0xacab.org/leap/bitmask-dev/issues/9188>`_: try other gateways if the main one fails.
 - `#9125 <https://0xacab.org/leap/bitmask-dev/issues/9125>`_: port to use qtwebengine for rendering UI.
+- `#9181 <https://0xacab.org/leap/bitmask-dev/issues/9181>`_: hardcode tcp4 in the vpn connection parameters.
 - Set a windows title, so that Bitmask windows can be programmatically manipulated.
 - Support anonymous vpn.
 
diff --git a/src/leap/bitmask/vpn/helpers/linux/bitmask-root b/src/leap/bitmask/vpn/helpers/linux/bitmask-root
index b39be582..6b9870e7 100755
--- a/src/leap/bitmask/vpn/helpers/linux/bitmask-root
+++ b/src/leap/bitmask/vpn/helpers/linux/bitmask-root
@@ -84,7 +84,10 @@ def get_no_group_name():
 
 VERSION = "8"
 SCRIPT = "bitmask-root"
-NAMESERVER = "10.42.0.1"
+NAMESERVER_TCP = "10.41.0.1"
+NAMESERVER_UDP = "10.42.0.1"
+# for the time being, we're hardcoding tcp on connection params.
+NAMESERVER = NAMESERVER_TCP
 BITMASK_CHAIN = "bitmask"
 BITMASK_CHAIN_NAT_OUT = "bitmask"
 BITMASK_CHAIN_NAT_POST = "bitmask_postrouting"
@@ -138,7 +141,7 @@ ALLOWED_FLAGS = {
 
 PARAM_FORMATS = {
     "NUMBER": lambda s: re.match("^\d+$", s),
-    "PROTO": lambda s: re.match("^(tcp|udp)$", s),
+    "PROTO": lambda s: re.match("^(tcp|udp|tcp4|udp4)$", s),
     "IP": lambda s: is_valid_address(s),
     "CIPHER": lambda s: re.match("^[A-Z0-9-]+$", s),
     "USER": lambda s: re.match(
diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py
index a8e7c1f5..48146453 100644
--- a/src/leap/bitmask/vpn/launcher.py
+++ b/src/leap/bitmask/vpn/launcher.py
@@ -153,7 +153,8 @@ class VPNLauncher(object):
         gateways = remotes
 
         for ip, port in gateways:
-            args += ['--remote', ip, port, 'udp']
+            # we're hardcoding tcpv4 for now
+            args += ['--remote', ip, port, 'tcp4']
 
         args += [
             '--client',
-- 
cgit v1.2.3