From 0ca001c29e6ce7ab9de76639ef93bda79af51504 Mon Sep 17 00:00:00 2001
From: Ruben Pollan <meskio@sindominio.net>
Date: Wed, 13 Sep 2017 00:05:12 +0200
Subject: [bug] get the VPN restart working again
Don't persist-tun on the vpn, so it can restart properly. Also let's
match better the options that are sent and taken into account from
bitmask-root.
- Resolves: #9048
---
src/leap/bitmask/vpn/helpers/linux/bitmask-root | 4 +++-
src/leap/bitmask/vpn/launcher.py | 8 --------
2 files changed, 3 insertions(+), 9 deletions(-)
(limited to 'src')
diff --git a/src/leap/bitmask/vpn/helpers/linux/bitmask-root b/src/leap/bitmask/vpn/helpers/linux/bitmask-root
index 19b1376e..21cfe56f 100755
--- a/src/leap/bitmask/vpn/helpers/linux/bitmask-root
+++ b/src/leap/bitmask/vpn/helpers/linux/bitmask-root
@@ -106,7 +106,8 @@ FIXED_FLAGS = [
"--script-security", "1",
"--user", "nobody",
"--persist-key",
- "--persist-tun",
+ "--persist-local-ip",
+ "--persist-remote-ip",
]
if OPENVPN_GROUP is not None:
@@ -124,6 +125,7 @@ ALLOWED_FLAGS = {
"--ca": ["FILE"],
"--fragment": ["NUMBER"],
"--keepalive": ["NUMBER", "NUMBER"],
+ "--verb": ["NUMBER"],
}
PARAM_FORMATS = {
diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py
index 71173a06..6dd01596 100644
--- a/src/leap/bitmask/vpn/launcher.py
+++ b/src/leap/bitmask/vpn/launcher.py
@@ -181,18 +181,10 @@ class VPNLauncher(object):
args += [
'--management-signal',
'--management', socket_host, socket_port,
- '--script-security', '2',
'--ca', providerconfig.get_ca_cert_path(),
'--cert', vpnconfig.get_client_cert_path(providerconfig),
'--key', vpnconfig.get_client_cert_path(providerconfig)
]
- if not IS_MAC:
- args += [
- '--ping', '5',
- '--ping-restart', '10',
- '--persist-key',
- '--persist-local-ip', '--persist-remote-ip']
-
command_and_args = [openvpn_path] + args
return command_and_args
--
cgit v1.2.3