diff options
| author | Emīls Piņķis <emils@mullvad.net> | 2019-09-17 11:04:43 +0100 |
|---|---|---|
| committer | Emīls Piņķis <emils@mullvad.net> | 2019-09-18 09:24:20 +0100 |
| commit | 160bf3b77b011f2e1a557b2c28219cdbbd14fee6 (patch) | |
| tree | d1851510fc97e760e34545a0a32bbc29c1bbbdc5 | |
| parent | 714684ff8069fd7338d00d57ea09d8b6a4d680c0 (diff) | |
| download | mullvadvpn-160bf3b77b011f2e1a557b2c28219cdbbd14fee6.tar.xz mullvadvpn-160bf3b77b011f2e1a557b2c28219cdbbd14fee6.zip | |
Ensure that only TCP relays are used when using a bridge
| -rw-r--r-- | CHANGELOG.md | 2 | ||||
| -rw-r--r-- | mullvad-daemon/src/lib.rs | 5 | ||||
| -rw-r--r-- | mullvad-daemon/src/relays.rs | 7 |
3 files changed, 12 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index d608aefd94..6520ee1cc1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -40,6 +40,8 @@ Line wrap the file at 100 chars. Th - Fix old settings deserialization to allow migrating settings from versions older than 2019.6. - Fix various small issues in GUI<->daemon communication. - Make GUI WireGuard key verification resilient to failure. +- Fix issue where daemon would try and connect with UDP when the tunnel protocol is set to OpenVPN + and the bridge mode is set to "On". #### macOS - Unregister the app properly from the OS when running the bundled `uninstall.sh` script. diff --git a/mullvad-daemon/src/lib.rs b/mullvad-daemon/src/lib.rs index 12b7919fd0..55b1970def 100644 --- a/mullvad-daemon/src/lib.rs +++ b/mullvad-daemon/src/lib.rs @@ -55,7 +55,7 @@ use talpid_core::{ tunnel_state_machine::{self, TunnelCommand, TunnelParametersGenerator}, }; use talpid_types::{ - net::{openvpn, TunnelParameters}, + net::{openvpn, TransportProtocol, TunnelParameters}, tunnel::{BlockReason, ParameterGenerationError, TunnelStateTransition}, ErrorExt, }; @@ -618,7 +618,8 @@ where BridgeSettings::Normal(settings) => { let bridge_constraints = InternalBridgeConstraints { location: settings.location.clone(), - transport_protocol: Constraint::Only(endpoint.protocol), + // FIXME: This is temporary while talpid-core only supports TCP proxies + transport_protocol: Constraint::Only(TransportProtocol::Tcp), }; match self.settings.get_bridge_state() { BridgeState::On => { diff --git a/mullvad-daemon/src/relays.rs b/mullvad-daemon/src/relays.rs index cf6f2f4542..eda9e083e2 100644 --- a/mullvad-daemon/src/relays.rs +++ b/mullvad-daemon/src/relays.rs @@ -273,6 +273,13 @@ impl RelaySelector { } Constraint::Only(TunnelProtocol::OpenVpn) => { relay_constraints.openvpn_constraints = original_constraints.openvpn_constraints; + if *bridge_state == BridgeState::On + && relay_constraints.openvpn_constraints.protocol.is_any() + { + // FIXME: This is temporary while talpid-core only supports TCP proxies + relay_constraints.openvpn_constraints.protocol = + Constraint::Only(TransportProtocol::Tcp); + } } Constraint::Only(TunnelProtocol::Wireguard) => { relay_constraints.wireguard_constraints = |