From 0ca001c29e6ce7ab9de76639ef93bda79af51504 Mon Sep 17 00:00:00 2001 From: Ruben Pollan Date: Wed, 13 Sep 2017 00:05:12 +0200 Subject: [bug] get the VPN restart working again Don't persist-tun on the vpn, so it can restart properly. Also let's match better the options that are sent and taken into account from bitmask-root. - Resolves: #9048 --- src/leap/bitmask/vpn/helpers/linux/bitmask-root | 4 +++- src/leap/bitmask/vpn/launcher.py | 8 -------- 2 files changed, 3 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/leap/bitmask/vpn/helpers/linux/bitmask-root b/src/leap/bitmask/vpn/helpers/linux/bitmask-root index 19b1376e..21cfe56f 100755 --- a/src/leap/bitmask/vpn/helpers/linux/bitmask-root +++ b/src/leap/bitmask/vpn/helpers/linux/bitmask-root @@ -106,7 +106,8 @@ FIXED_FLAGS = [ "--script-security", "1", "--user", "nobody", "--persist-key", - "--persist-tun", + "--persist-local-ip", + "--persist-remote-ip", ] if OPENVPN_GROUP is not None: @@ -124,6 +125,7 @@ ALLOWED_FLAGS = { "--ca": ["FILE"], "--fragment": ["NUMBER"], "--keepalive": ["NUMBER", "NUMBER"], + "--verb": ["NUMBER"], } PARAM_FORMATS = { diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py index 71173a06..6dd01596 100644 --- a/src/leap/bitmask/vpn/launcher.py +++ b/src/leap/bitmask/vpn/launcher.py @@ -181,18 +181,10 @@ class VPNLauncher(object): args += [ '--management-signal', '--management', socket_host, socket_port, - '--script-security', '2', '--ca', providerconfig.get_ca_cert_path(), '--cert', vpnconfig.get_client_cert_path(providerconfig), '--key', vpnconfig.get_client_cert_path(providerconfig) ] - if not IS_MAC: - args += [ - '--ping', '5', - '--ping-restart', '10', - '--persist-key', - '--persist-local-ip', '--persist-remote-ip'] - command_and_args = [openvpn_path] + args return command_and_args -- cgit v1.2.3