diff options
| author | Tomás Touceda <chiiph@leap.se> | 2014-06-04 16:14:42 -0300 |
|---|---|---|
| committer | Tomás Touceda <chiiph@leap.se> | 2014-06-04 16:14:42 -0300 |
| commit | 82e1c4b1e3e5dd49b6e868732451a744ba37ba59 (patch) | |
| tree | e16fadc6286fedf1e2ddcd0d4f173a37e7226011 /src/leap/bitmask/services/eip | |
| parent | 5210383ece1dcc4e2150dd1c08cc0ba4106f3b1f (diff) | |
| parent | aba3ea21d83e6e073baf01643b68832530a6f4d0 (diff) | |
Merge remote-tracking branch 'refs/remotes/kali/feature/add-fw-down-button' into develop
Diffstat (limited to 'src/leap/bitmask/services/eip')
| -rw-r--r-- | src/leap/bitmask/services/eip/conductor.py | 41 | ||||
| -rw-r--r-- | src/leap/bitmask/services/eip/vpnprocess.py | 21 |
2 files changed, 44 insertions, 18 deletions
diff --git a/src/leap/bitmask/services/eip/conductor.py b/src/leap/bitmask/services/eip/conductor.py index 53b1fde9..cde53631 100644 --- a/src/leap/bitmask/services/eip/conductor.py +++ b/src/leap/bitmask/services/eip/conductor.py @@ -114,13 +114,19 @@ class EIPConductor(object): """ self.qtsigs.do_connect_signal.emit() + def tear_fw_down(self): + """ + Tear the firewall down. + """ + self._backend.tear_fw_down() + @QtCore.Slot() def _start_eip(self): """ Starts EIP. """ - # FIXME --- pass is_restart parameter to here ??? - is_restart = self._eip_status and self._eip_status.is_restart + st = self._eip_status + is_restart = st and st.is_restart def reconnect(): self.qtsigs.disconnecting_signal.connect(self._stop_eip) @@ -130,6 +136,7 @@ class EIPConductor(object): else: self._eip_status.eip_pre_up() self.user_stopped_eip = False + self._eip_status.hide_fw_down_button() # Until we set an option in the preferences window, we'll assume that # by default we try to autostart. If we switch it off manually, it @@ -138,7 +145,19 @@ class EIPConductor(object): self._eip_status.is_restart = False # DO the backend call! - self._backend.eip_start() + self._backend.eip_start(restart=is_restart) + + def reconnect_stop_signal(self): + """ + Restore the original behaviour associated with the disconnecting + signal, this is, trigger a normal stop, and not a restart one. + """ + + def do_stop(*args): + self._stop_eip(restart=False) + + self.qtsigs.disconnecting_signal.disconnect() + self.qtsigs.disconnecting_signal.connect(do_stop) @QtCore.Slot() def _stop_eip(self, restart=False, failed=False): @@ -178,10 +197,6 @@ class EIPConductor(object): def do_stop(*args): self._stop_eip(restart=False) - def reconnect_stop_signal(): - self.qtsigs.disconnecting_signal.disconnect() - self.qtsigs.disconnecting_signal.connect(do_stop) - if restart: # we bypass the on_eip_disconnected here plug_restart_on_disconnected() @@ -209,7 +224,7 @@ class EIPConductor(object): # XXX needed? if restart: - QtDelayedCall(3000, reconnect_stop_signal) + QtDelayedCall(2000, self.reconnect_stop_signal) @QtCore.Slot() def _do_eip_restart(self): @@ -282,8 +297,11 @@ class EIPConductor(object): signal = self.qtsigs.connection_aborted_signal self._backend.eip_terminate() - # XXX FIXME --- check exitcode is != 0 really - if exitCode != 0 and not self.user_stopped_eip: + # XXX FIXME --- check exitcode is != 0 really. + # bitmask-root is masking the exitcode, so we might need + # to fix it on that side. + #if exitCode != 0 and not self.user_stopped_eip: + if not self.user_stopped_eip: eip_status_label = self._eip_status.tr( "{0} finished in an unexpected manner!") eip_status_label = eip_status_label.format(self.eip_name) @@ -292,6 +310,9 @@ class EIPConductor(object): self._eip_status.set_eip_status(eip_status_label, error=True) signal = self.qtsigs.connection_died_signal + self._eip_status.show_fw_down_button() + msg = self._eip_status.tr("Outgoing traffic is blocked") + self._eip_status.set_eip_message(msg) if exitCode == 0 and IS_MAC: # XXX remove this warning after I fix cocoasudo. diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py index 1de4a851..f56d464e 100644 --- a/src/leap/bitmask/services/eip/vpnprocess.py +++ b/src/leap/bitmask/services/eip/vpnprocess.py @@ -183,6 +183,8 @@ class VPN(object): kwargs['openvpn_verb'] = self._openvpn_verb kwargs['signaler'] = self._signaler + restart = kwargs.pop('restart', False) + # start the main vpn subprocess vpnproc = VPNProcess(*args, **kwargs) @@ -193,8 +195,9 @@ class VPN(object): # we try to bring the firewall up if IS_LINUX: gateways = vpnproc.getGateways() - firewall_up = self._launch_firewall(gateways) - if not firewall_up: + firewall_up = self._launch_firewall(gateways, + restart=restart) + if not restart and not firewall_up: logger.error("Could not bring firewall up, " "aborting openvpn launch.") return @@ -216,7 +219,7 @@ class VPN(object): self._pollers.extend(poll_list) self._start_pollers() - def _launch_firewall(self, gateways): + def _launch_firewall(self, gateways, restart=False): """ Launch the firewall using the privileged wrapper. @@ -231,8 +234,10 @@ class VPN(object): # XXX could check that the iptables rules are in place. BM_ROOT = linuxvpnlauncher.LinuxVPNLauncher.BITMASK_ROOT - exitCode = subprocess.call(["pkexec", - BM_ROOT, "firewall", "start"] + gateways) + cmd = ["pkexec", BM_ROOT, "firewall", "start"] + if restart: + cmd.append("restart") + exitCode = subprocess.call(cmd + gateways) return True if exitCode is 0 else False def is_fw_down(self): @@ -246,7 +251,7 @@ class VPN(object): fw_is_down = lambda: commands.getstatusoutput(fw_up_cmd)[0] == 256 return fw_is_down() - def _tear_down_firewall(self): + def tear_down_firewall(self): """ Tear the firewall down using the privileged wrapper. """ @@ -270,7 +275,7 @@ class VPN(object): # we try to tear the firewall down if IS_LINUX and self._user_stopped: - firewall_down = self._tear_down_firewall() + firewall_down = self.tear_down_firewall() if firewall_down: logger.debug("Firewall down") else: @@ -333,7 +338,7 @@ class VPN(object): self.TERMINATE_WAIT, self._kill_if_left_alive) if IS_LINUX and self._user_stopped: - firewall_down = self._tear_down_firewall() + firewall_down = self.tear_down_firewall() if firewall_down: logger.debug("Firewall down") else: |