From ddf7f4d0f11571e36789e84d2f3dfd2355c4ec19 Mon Sep 17 00:00:00 2001
From: jkito <belter@riseup.net>
Date: Sun, 7 Jul 2024 13:54:46 +0530
Subject: [PATCH] Remove re-creation of 'gateways' var in 'startOpenvpn'

this fixes a bug where StartFirewall is called with an empty
'gateways' slice leading to blocking outgoing connections to
the openvpn gateway

in startOpenvpn func's global scope there's a 'gateways' var
which is passed to FirewallStart and the gateways are  added
to the firewall's allow list of IPs, this was re-declared in
the code branch for non-private bridge which is out of scope
where FirewallStart is called, leading to an empty 'gateways'
slice being passed to it
---
 pkg/vpn/openvpn.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pkg/vpn/openvpn.go b/pkg/vpn/openvpn.go
index ae1943d7..c85dcdee 100644
--- a/pkg/vpn/openvpn.go
+++ b/pkg/vpn/openvpn.go
@@ -183,6 +183,7 @@ func (b *Bitmask) startOpenVPN(ctx context.Context) error {
 		var gw bonafide.Gateway
 		var gateways []bonafide.Gateway
 		var proxy string
+		var err error
 
 		gw, gotPrivate := maybeGetPrivateGateway()
 		if gotPrivate {
@@ -202,7 +203,7 @@ func (b *Bitmask) startOpenVPN(ctx context.Context) error {
 
 			log.Debug().Msg("Getting a gateway with obfs4 transport...")
 
-			gateways, err := b.api.GetBestGateways("obfs4")
+			gateways, err = b.api.GetBestGateways("obfs4")
 			if err != nil {
 				return err
 			}
@@ -224,7 +225,7 @@ func (b *Bitmask) startOpenVPN(ctx context.Context) error {
 			}
 		}
 
-		err := b.launch.FirewallStart(gateways)
+		err = b.launch.FirewallStart(gateways)
 		if err != nil {
 			return err
 		}
-- 
GitLab