From 29af9f8e1c4e67235264c86f9013f917b377715f Mon Sep 17 00:00:00 2001
From: James McMurray <jamesmcm03@gmail.com>
Date: Fri, 6 Jan 2023 13:40:45 +0100
Subject: [PATCH] Fix Mullvad Wireguard configs with new naming

- Stops configs for same cities being overwritten due to the new naming
  convention
- Server listing is now sorted
- Added some documentation for OpenVPN DNS issues
---
 USERGUIDE.md                                  | 16 ++++++++++++++++
 src/list_configs.rs                           |  8 ++++++--
 .../src/config/providers/mullvad/wireguard.rs | 19 ++++++++++++++-----
 vopono_core/src/network/openvpn.rs            |  7 +++++--
 4 files changed, 41 insertions(+), 9 deletions(-)

diff --git a/USERGUIDE.md b/USERGUIDE.md
index 529f1c7..3ef1c28 100644
--- a/USERGUIDE.md
+++ b/USERGUIDE.md
@@ -188,6 +188,16 @@ API access in [the client area webpage](https://airvpn.org/apisettings/) when ru
 Note that ports for forwarding must also be added in [the client area webpage](https://airvpn.org/ports/), 
 and it is also possible to configure the VPN tunnel [DNS settings there](https://airvpn.org/dns/).
 
+#### Connection / hostname resolution issues
+
+If you face issues with OpenVPN resolving the remote host, try generating the VPN provider config files with IP addresses instead.
+
+e.g. the error may appear as follows:
+
+```
+2023-01-06 13:19:18 RESOLVE: Cannot resolve host address: ro-buh-ovpn-002.mullvad.net:1197 (Name or service not known)
+```
+
 #### TCP support and custom ports
 
 By default vopono uses the UDP configuration of the VPN providers.
@@ -525,3 +535,9 @@ sudo ip netns exec ping 8.8.8.8
 ```
 
 See issues #40, #24, #2, and #1 for previous troubleshooting of issues.
+
+### DNS / name resolution issues
+
+When encountering issues in name resolution (e.g. with OpenVPN resolving remote host names), please
+first try generating the VPN provider config files with IP addresses instead to see whether the issue
+is connection/firewall related or solely a DNS / hostname resolution issue.
diff --git a/src/list_configs.rs b/src/list_configs.rs
index 8d37598..4ba93be 100644
--- a/src/list_configs.rs
+++ b/src/list_configs.rs
@@ -38,11 +38,13 @@ pub fn print_configs(cmd: ServersCommand) -> anyhow::Result<()> {
     if (cmd.protocol.is_none() && provider.get_dyn_openvpn_provider().is_ok())
         || cmd.protocol.clone().map(|x| x.to_variant()) == Some(Protocol::OpenVpn)
     {
-        let openvpn_configs = get_configs_from_alias(
+        let mut openvpn_configs = get_configs_from_alias(
             &provider.get_dyn_openvpn_provider()?.openvpn_dir()?,
             &prefix,
         );
 
+        openvpn_configs.sort_by_key(|c| c.file_name().unwrap().to_str().unwrap().to_owned());
+
         for config in openvpn_configs {
             println!(
                 "{}\topenvpn\t{}",
@@ -55,11 +57,13 @@ pub fn print_configs(cmd: ServersCommand) -> anyhow::Result<()> {
     if (cmd.protocol.is_none() && provider.get_dyn_wireguard_provider().is_ok())
         || cmd.protocol.map(|x| x.to_variant()) == Some(Protocol::Wireguard)
     {
-        let wg_configs = get_configs_from_alias(
+        let mut wg_configs = get_configs_from_alias(
             &provider.get_dyn_wireguard_provider()?.wireguard_dir()?,
             &prefix,
         );
 
+        wg_configs.sort_by_key(|c| c.file_name().unwrap().to_str().unwrap().to_owned());
+
         for config in wg_configs {
             println!(
                 "{}\twireguard\t{}",
diff --git a/vopono_core/src/config/providers/mullvad/wireguard.rs b/vopono_core/src/config/providers/mullvad/wireguard.rs
index dd6998b..1b3b535 100644
--- a/vopono_core/src/config/providers/mullvad/wireguard.rs
+++ b/vopono_core/src/config/providers/mullvad/wireguard.rs
@@ -109,11 +109,20 @@ impl WireguardProvider for Mullvad {
                 peer: wireguard_peer,
             };
 
-            let host = relay
-                .hostname
-                .split('-')
-                .next()
-                .unwrap_or_else(|| panic!("Failed to split hostname: {}", relay.hostname));
+            let host = if relay.hostname.chars().filter(|c| *c == '-').count() > 1 {
+                // New naming convention -  at-vie-wg-001
+                let substrings: Vec<&str> = relay.hostname.split('-').collect();
+
+                substrings[0].to_owned() + substrings[1] + substrings[3]
+            } else {
+                // Old naming convention - au10-wireguard
+                relay
+                    .hostname
+                    .split('-')
+                    .next()
+                    .unwrap_or_else(|| panic!("Failed to split hostname: {}", relay.hostname))
+                    .to_owned()
+            };
 
             let country = relay.country_name.to_lowercase().replace(' ', "_");
             let path = wireguard_dir.join(format!("{country}-{host}.conf"));
diff --git a/vopono_core/src/network/openvpn.rs b/vopono_core/src/network/openvpn.rs
index 91d4c06..234f1ce 100644
--- a/vopono_core/src/network/openvpn.rs
+++ b/vopono_core/src/network/openvpn.rs
@@ -1,7 +1,7 @@
 use super::firewall::Firewall;
 use super::netns::NetworkNamespace;
 use crate::config::vpn::OpenVpnProtocol;
-use crate::util::{check_process_running, vopono_dir};
+use crate::util::{check_process_running, set_config_permissions, vopono_dir};
 use anyhow::{anyhow, Context};
 use log::{debug, error, info};
 use regex::Regex;
@@ -51,7 +51,7 @@ impl OpenVpn {
         }
 
         let config_file_path = config_file.canonicalize().context("Invalid path given")?;
-
+        set_config_permissions()?;
         info!("Launching OpenVPN...");
         let mut command_vec = ([
             "openvpn",
@@ -78,6 +78,9 @@ impl OpenVpn {
             debug!("Detected IPv6 enabled in /sys/module/ipv6/parameters/disable");
         }
 
+        // Only try once for DNS resolution / remote host connection
+        command_vec.push("--connect-retry-max");
+        command_vec.push("1");
         // Ignore Windows-specific command
         command_vec.push("--pull-filter");
         command_vec.push("ignore");