diff options
| author | David Lönnhager <david.l@mullvad.net> | 2021-03-08 13:41:10 +0100 |
|---|---|---|
| committer | David Lönnhager <david.l@mullvad.net> | 2021-03-15 16:45:22 +0100 |
| commit | 600dd8d7a6823bacd421e4fa69e0ee732d2f29c1 (patch) | |
| tree | fab3b1b92134f3af69d9788a2bc0de4ac1bef6a8 | |
| parent | 8eec1a1cc0aded8b451e881c30fd35c42bd3a844 (diff) | |
| download | mullvadvpn-600dd8d7a6823bacd421e4fa69e0ee732d2f29c1.tar.xz mullvadvpn-600dd8d7a6823bacd421e4fa69e0ee732d2f29c1.zip | |
Stop automatic key rotation if the account token is invalid
| -rw-r--r-- | mullvad-daemon/src/wireguard.rs | 31 | ||||
| -rw-r--r-- | mullvad-rpc/src/lib.rs | 3 |
2 files changed, 23 insertions, 11 deletions
diff --git a/mullvad-daemon/src/wireguard.rs b/mullvad-daemon/src/wireguard.rs index 3fa39a1455..9f285c0c35 100644 --- a/mullvad-daemon/src/wireguard.rs +++ b/mullvad-daemon/src/wireguard.rs @@ -156,6 +156,14 @@ impl KeyManager { } } + fn should_retry(error: &RestError) -> bool { + if let RestError::ApiError(_status, code) = &error { + code != mullvad_rpc::INVALID_ACCOUNT && code != mullvad_rpc::KEY_LIMIT_REACHED + } else { + true + } + } + /// Generate a new private key asynchronously. The new keys will be sent to the daemon channel. pub async fn spawn_key_generation_task( @@ -181,11 +189,7 @@ impl KeyManager { match response { Ok(addresses) => Ok(addresses), Err(err) => { - let should_retry = if let RestError::ApiError(_status, code) = &err { - code != mullvad_rpc::KEY_LIMIT_REACHED - } else { - true - }; + let should_retry = Self::should_retry(&err); let _ = error_tx.send(InternalDaemonEvent::WgKeyEvent(( error_account, Err(Self::map_rpc_error(err)), @@ -373,12 +377,17 @@ impl KeyManager { log::error!("Account has too many keys, stopping automatic rotation"); return; } - Err(err) => { - log::error!( - "{}. Retrying in {} seconds", - err.display_chain_with_msg("Key rotation failed:"), - AUTOMATIC_ROTATION_RETRY_DELAY.as_secs(), - ); + Err(Error::RestError(err)) => { + if Self::should_retry(&err) { + log::error!( + "{}. Retrying in {} seconds", + err.display_chain_with_msg("Key rotation failed:"), + AUTOMATIC_ROTATION_RETRY_DELAY.as_secs(), + ); + } else { + log::debug!("{}", err.display_chain_with_msg("Stopping automatic rotation")); + return; + } } } } diff --git a/mullvad-rpc/src/lib.rs b/mullvad-rpc/src/lib.rs index 1b02ec0f2e..96260775f8 100644 --- a/mullvad-rpc/src/lib.rs +++ b/mullvad-rpc/src/lib.rs @@ -38,6 +38,9 @@ pub const VOUCHER_USED: &str = "VOUCHER_USED"; /// Error code returned by the Mullvad API if the voucher code is invalid. pub const INVALID_VOUCHER: &str = "INVALID_VOUCHER"; +/// Error code returned by the Mullvad API if the account token is invalid. +pub const INVALID_ACCOUNT: &str = "INVALID_ACCOUNT"; + const API_HOST: &str = "api.mullvad.net"; pub const API_IP_CACHE_FILENAME: &str = "api-ip-address.txt"; const API_IP: IpAddr = IpAddr::V4(Ipv4Addr::new(193, 138, 218, 78)); |