From 8497f01e1a942a9b87539ccefc00626e8e5ae760 Mon Sep 17 00:00:00 2001 From: "black.box (Unzoner) team@belodetek.io" Date: Sun, 3 Dec 2023 11:41:15 -0800 Subject: [PATCH] fix client-vpn reconnect --- unzoner/.balena/balena.yml | 3 --- unzoner/Dockerfile.template | 23 ++++------------------- unzoner/src/main.py | 30 ++++++++++++++++-------------- unzoner/src/tests/run | 2 +- 4 files changed, 21 insertions(+), 37 deletions(-) diff --git a/unzoner/.balena/balena.yml b/unzoner/.balena/balena.yml index c03f6a6..6ebdfce 100644 --- a/unzoner/.balena/balena.yml +++ b/unzoner/.balena/balena.yml @@ -18,9 +18,6 @@ build-variables: # FIXME: https://sources.debian.org/patches/sniproxy/0.6.0-2/ - BUILD_SNIPROXY_VERSION=0.6.0 - BUILD_SNIPROXY=0 - # project abandoned http://wanproxy.org/) - - BUILD_WANPROXY_VERSION=0.8.0 - - BUILD_WANPROXY=0 # https://nuitka.net/ - COMPILE_CODE=1 # (e.g.) dig +short us.{{ DNS_SUB_DOMAIN }}.{{ DNS_DOMAIN }} diff --git a/unzoner/Dockerfile.template b/unzoner/Dockerfile.template index a195e74..245d400 100644 --- a/unzoner/Dockerfile.template +++ b/unzoner/Dockerfile.template @@ -14,8 +14,6 @@ ARG BUILD_OPENVPN ARG BUILD_OPENVPN_VERSION ARG BUILD_SNIPROXY ARG BUILD_SNIPROXY_VERSION -ARG BUILD_WANPROXY -ARG BUILD_WANPROXY_VERSION ARG COMPILE_CODE ARG DNS_SUB_DOMAIN @@ -73,10 +71,7 @@ RUN if [ "$BUILD_OPENSSL" = '1' ]; then \ # https://stackoverflow.com/a/39006247/1559300 RUN if [ "$BUILD_OPENVPN" = '1' ]; then \ - set -x; (wget --retry-on-host-error --retry-connrefused --waitretry=2 -q \ - https://swupdate.openvpn.org/community/releases/openvpn-$BUILD_OPENVPN_VERSION.tar.gz \ - || curl --fail --retry 3 https://swupdate.openvpn.org/community/releases/openvpn-$BUILD_OPENVPN_VERSION.tar.gz \ - -o openvpn-$BUILD_OPENVPN_VERSION.tar.gz) \ + set -x; curl --retry 3 -sFo openvpn-$BUILD_OPENVPN_VERSION.tar.gz https://swupdate.openvpn.org/community/releases/openvpn-$BUILD_OPENVPN_VERSION.tar.gz \ && tar -xvf openvpn-$BUILD_OPENVPN_VERSION.tar.gz && cd openvpn-$BUILD_OPENVPN_VERSION \ && if [ "$BUILD_OPENSSL" = '1' ]; then CFLAGS='-I/usr/local/ssl/include -Wl,-rpath=/usr/local/ssl/lib -Wl,-rpath=/usr/local/ssl/lib64 -L/usr/local/ssl/lib -L/usr/local/ssl/lib64' ./configure; else ./configure; fi \ && make -j $(nproc) && make check && make install \ @@ -92,23 +87,13 @@ RUN if [ "$BUILD_SNIPROXY" = '1' ]; then \ && make install; fi RUN if [ "$BUILD_BIRD" = '1' ]; then \ - wget --retry-on-host-error --retry-connrefused --waitretry=2 -q \ - https://bird.network.cz/download/bird-$BUILD_BIRD_VERSION.tar.gz \ + curl --retry 3 -sFo bird-$BUILD_BIRD_VERSION.tar.gz https://bird.network.cz/download/bird-$BUILD_BIRD_VERSION.tar.gz \ && tar -xvf bird-$BUILD_BIRD_VERSION.tar.gz && cd bird-$BUILD_BIRD_VERSION \ && mkdir -p tools/ \ - && wget --retry-on-host-error --retry-connrefused --waitretry=2 -qO tools/config.guess \ - 'http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD' \ - && wget --retry-on-host-error --retry-connrefused --waitretry=2 -qO tools/config.sub \ - 'http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD' \ + && curl --retry 3 -sFo tools/config.guess 'http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD' \ + && curl --retry 3 -sFo tools/config.sub 'http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD' \ && autoreconf && ./configure && make -j $(nproc) && make install; fi -RUN if [ "$BUILD_WANPROXY" = '1' ]; then \ - wget --retry-on-host-error --retry-connrefused --waitretry=2 -q \ - http://wanproxy.org/releases/wanproxy-$BUILD_WANPROXY_VERSION.tar.gz \ - && tar zxf wanproxy-$BUILD_WANPROXY_VERSION.tar.gz \ - && cd wanproxy-$BUILD_WANPROXY_VERSION/programs/wanproxy \ - && make && cp wanproxy /usr/local/sbin; fi - WORKDIR /root ENV VIRTUAL_ENV=/root/venv3 diff --git a/unzoner/src/main.py b/unzoner/src/main.py index 973da10..750934d 100755 --- a/unzoner/src/main.py +++ b/unzoner/src/main.py @@ -397,7 +397,7 @@ def main(): except (IndexError, TypeError, AttributeError): pass - if not connected and not connecting: + if not connected and not connecting: # connect client-vpn if i == 1: connecting = True log('vpn-client-state: cycle={} connecting={} family={}'.format( @@ -410,7 +410,10 @@ def main(): family=AF ) c_pid = c_proc.pid + connected = True + connecting = False except AssertionError as e: + connected = False connecting = False print('exception-handler in {}: {}'.format(this, repr(e))) if DEBUG: print_exc() @@ -456,19 +459,18 @@ def main(): )) if i % LOOP_CYCLE == 0: # at the end of the cycle - if not connected and connecting: # if client-vpn still connecting, kill and restart - try: - shell_check_output_cmd('ip link | grep {}'.format(TUN_IFACE)) - geo_result = get_geo_location() - assert geo_result, '{}: client tunnel down'.format(this) - print('client-vpn-geo: {}'.format(geo_result)) - except AssertionError as e: - print('exception-handler in {}: {}'.format(this, repr(e))) - if DEBUG: print_exc() - connected = False - connecting = False - c_proc.terminate() - c_pid = None + try: + shell_check_output_cmd('ip link | grep {}'.format(TUN_IFACE)) + geo_result = get_geo_location() + assert geo_result, '{}: client tunnel down'.format(this) + print('client-vpn-geo: {}'.format(geo_result)) + except AssertionError as e: + print('exception-handler in {}: {}'.format(this, repr(e))) + if DEBUG: print_exc() + connected = False + connecting = False + c_proc.terminate() + c_pid = None try: log_client_stats(status=connected, country=c_country) diff --git a/unzoner/src/tests/run b/unzoner/src/tests/run index b78f87c..41302c1 100755 --- a/unzoner/src/tests/run +++ b/unzoner/src/tests/run @@ -16,7 +16,7 @@ function finish() { trap finish EXIT function install_venv() { - python3.9 -m venv src/tests/venv + python3 -m venv src/tests/venv export PATH="$(pwd)/src/tests/venv/bin:${PATH}"