protonvpn-cli icon indicating copy to clipboard operation
protonvpn-cli copied to clipboard

Published 20 hours ago verified publisher icon ProtonVPN

Avoid overwriting modified DNS upon restore

Open elias-pap opened this issue 6 years ago • 3 comments

In openvpn_disconnect(), "modify_dns revert_to_backup" is called to restore DNS to the value backed-up by openvpn_connect(). However, DNS might change after the backup and before a --disconnect is issued. In that case, --disconnect causes a needless overwrite of DNS with an old value, that might as well break the internet connection.

Use case:

  • Client connects to protonvpn.
  • Client changes access point. Internet connection breaks.
  • Client issues a --disconnect to restore internet connection.
  • Internet connection remains broken due to DNS overwrite. New --connect attempts will fail.

elias-pap avatar Jul 27 '19 23:07 elias-pap

There is a mistake at line 370 (Custom DNS). To avoid this and make the code more readable, both echo -e… should be replaced by cp "/etc/resolv.conf" "$(get_protonvpn_cli_home)/.resolv.conf.protonvpn_applied_backup"

Tamaranch avatar Jul 28 '19 08:07 Tamaranch

There is a mistake at line 370 (Custom DNS).

Thanks for pointing that out.

To avoid this and make the code more readable, both echo -e… should be replaced by cp "/etc/resolv.conf" "$(get_protonvpn_cli_home)/.resolv.conf.protonvpn_applied_backup"

Not really, because someone might change the resolv.conf in between (although it is quite unlikely to happen). I guess tee is the best/cleaner solution.

elias-pap avatar Jul 28 '19 11:07 elias-pap

Yes, you're right! :)

Tamaranch avatar Jul 28 '19 13:07 Tamaranch