Daemon should give up trying to launch OpenVPN if it immediately fails to launch X times

cypherpunkengineering / cypherpunk-vpn-desktop

Cypherpunk Privacy VPN app for Windows / MacOS / Linux

Other

0 stars 0 forks source link

Daemon should give up trying to launch OpenVPN if it immediately fails to launch X times #35

Closed wiz closed 7 years ago

wiz commented 7 years ago

If OpenVPN exits after X seconds, it shouldn't be considered an immediate failure, and the current behavior of re-launching it forever is fine.

However, if OpenVPN immediately fails to launch (ie. returns within <1 seconds), this results in a ddos of the local host.

Test case on MacOS:

Turn off all internet connections
Try to connect VPN
Daemon will rapidly try (and fail) to launch OpenVPN in an infinite loop
Wait until hard drive is full from /tmp/daemon.log filling entire disk

nikuhodai commented 7 years ago

Infinite and spammy reconnections fixed by introducing a reconnection limit, but a better fix will come once we refactor the daemon connection state next.

nikuhodai commented 7 years ago

https://github.com/cypherpunkengineering/cypherpunk-vpn-desktop/commit/1e37a178e7db4b3ea7fa6b0c56e7c13a49df04a8