diff options
| author | kali kaneko (leap communications) <kali@leap.se> | 2021-05-17 17:33:40 +0200 |
|---|---|---|
| committer | kali kaneko (leap communications) <kali@leap.se> | 2021-05-17 17:52:47 +0200 |
| commit | 86d30f2a2edc0d9b9c54b51258a6566e37476849 (patch) | |
| tree | f3f6d52eb6bd976e06a224480914c900338cba44 /pkg/vpn/openvpn.go | |
| parent | 083f4095319b734f33f3e28a9f3234ff9cf6a7d7 (diff) | |
[feat] retry if dns lookup fails
Diffstat (limited to 'pkg/vpn/openvpn.go')
| -rw-r--r-- | pkg/vpn/openvpn.go | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/pkg/vpn/openvpn.go b/pkg/vpn/openvpn.go index 7cfa101..a568a32 100644 --- a/pkg/vpn/openvpn.go +++ b/pkg/vpn/openvpn.go @@ -1,4 +1,4 @@ -// Copyright (C) 2018-2020 LEAP +// Copyright (C) 2018-2021 LEAP // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by @@ -177,6 +177,7 @@ func (b *Bitmask) startOpenVPN() error { } func (b *Bitmask) getCert() (certPath string, err error) { + failed := false persistentCertFile := filepath.Join(config.Path, strings.ToLower(config.Provider)+".pem") if _, err := os.Stat(persistentCertFile); !os.IsNotExist(err) && isValidCert(persistentCertFile) { // reuse cert. for the moment we're not writing one there, this is @@ -191,9 +192,26 @@ func (b *Bitmask) getCert() (certPath string, err error) { log.Println("Fetching certificate to", certPath) cert, err := b.bonafide.GetPemCertificate() if err != nil { - return "", err + log.Println(err) + failed = true } err = ioutil.WriteFile(certPath, cert, 0600) + if err != nil { + failed = true + } + } + } + if failed || !isValidCert(certPath) { + cert, err := b.bonafide.GetPemCertificateNoDNS() + if cert != nil { + log.Println("Successfully did certificate bypass") + err = nil + } else { + err = errors.New("Cannot get vpn certificate") + } + err = ioutil.WriteFile(certPath, cert, 0600) + if err != nil { + failed = true } } return certPath, err |