From d908a262680fa50ea2dcef9a866d9f03af65ce6f Mon Sep 17 00:00:00 2001
From: "Kali Kaneko (leap communications)" <kali@leap.se>
Date: Sun, 5 Mar 2017 00:08:24 +0100
Subject: [bug] revert vpn options from config

bitmask-root is not able to parse some options, and is aborting the vpn
connection in my tests. we need to debug that carefully, hardcoding some
options for now and leaving this to be done post-0.9.5
---
 src/leap/bitmask/vpn/service.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'src/leap/bitmask/vpn/service.py')

diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py
index c23397cf..7bf25126 100644
--- a/src/leap/bitmask/vpn/service.py
+++ b/src/leap/bitmask/vpn/service.py
@@ -132,7 +132,16 @@ class VPNService(HookableService):
         config = yield bonafide.do_provider_read(provider, "eip")
         remotes = [(gw["ip_address"], gw["capabilities"]["ports"][0])
                    for gw in config.gateways]
-        extra_flags = config.openvpn_configuration
+        # FIXME -- bitmask-root cannot parse some options!
+        # extra_flags = config.openvpn_configuration
+        # XXX picked manually from vpn-service.json
+        extra_flags = {
+            "auth": "SHA1",
+            "cipher": "AES-128-CBC",
+            "keepalive": "10 30",
+            "tls-cipher": "DHE-RSA-AES128-SHA",
+        }
+
 
         prefix = os.path.join(self._basepath,
                               "leap/providers/{0}/keys".format(provider))
-- 
cgit v1.2.3