diff options
-rw-r--r-- | changes/bug_5687_switch-eip-off | 1 | ||||
-rw-r--r-- | src/leap/bitmask/backend.py | 17 | ||||
-rw-r--r-- | src/leap/bitmask/gui/mainwindow.py | 8 | ||||
-rw-r--r-- | src/leap/bitmask/services/eip/vpnprocess.py | 26 |
4 files changed, 30 insertions, 22 deletions
diff --git a/changes/bug_5687_switch-eip-off b/changes/bug_5687_switch-eip-off new file mode 100644 index 00000000..4cf0d24a --- /dev/null +++ b/changes/bug_5687_switch-eip-off @@ -0,0 +1 @@ +- Bring firewall down when switching EIP off. Closes: #5687 diff --git a/src/leap/bitmask/backend.py b/src/leap/bitmask/backend.py index 0ab7040b..d6d5004f 100644 --- a/src/leap/bitmask/backend.py +++ b/src/leap/bitmask/backend.py @@ -390,19 +390,19 @@ class EIP(object): # TODO: are we connected here? signaler.signal(signaler.EIP_CONNECTED) - def _do_stop(self, shutdown=False): + def _do_stop(self, shutdown=False, restart=False): """ Stop the service. This is run in a thread to avoid blocking. """ - self._vpn.terminate(shutdown) + self._vpn.terminate(shutdown, restart) if IS_LINUX: self._wait_for_firewall_down() - def stop(self, shutdown=False): + def stop(self, shutdown=False, restart=False): """ Stop the service. """ - return threads.deferToThread(self._do_stop, shutdown) + return threads.deferToThread(self._do_stop, shutdown, restart) def _wait_for_firewall_down(self): """ @@ -1460,14 +1460,17 @@ class Backend(object): """ self._call_queue.put(("eip", "start", None)) - def eip_stop(self, shutdown=False): + def eip_stop(self, shutdown=False, restart=False): """ Stop the EIP service. - :param shutdown: + :param shutdown: whether this is the final shutdown. :type shutdown: bool + + :param restart: whether this is part of a restart. + :type restart: bool """ - self._call_queue.put(("eip", "stop", None, shutdown)) + self._call_queue.put(("eip", "stop", None, shutdown, restart)) def eip_terminate(self): """ diff --git a/src/leap/bitmask/gui/mainwindow.py b/src/leap/bitmask/gui/mainwindow.py index fc4b4d75..201a24ec 100644 --- a/src/leap/bitmask/gui/mainwindow.py +++ b/src/leap/bitmask/gui/mainwindow.py @@ -1680,7 +1680,7 @@ class MainWindow(QtGui.QMainWindow): self._set_eipstatus_off() @QtCore.Slot() - def _stop_eip(self): + def _stop_eip(self, restart=False): """ TRIGGERS: self._eip_connection.qtsigs.do_disconnect_signal (via state machine) @@ -1691,8 +1691,8 @@ class MainWindow(QtGui.QMainWindow): :param abnormal: whether this was an abnormal termination. :type abnormal: bool """ - self.user_stopped_eip = True - self._backend.eip_stop() + self.user_stopped_eip = not restart + self._backend.eip_stop(restart=restart) self._set_eipstatus_off(False) self._already_started_eip = False @@ -1731,7 +1731,7 @@ class MainWindow(QtGui.QMainWindow): """ # for some reason, emitting the do_disconnect/do_connect # signals hangs the UI. - self._stop_eip() + self._stop_eip(restart=True) QtCore.QTimer.singleShot(2000, self._start_EIP) def _set_eipstatus_off(self, error=True): diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py index 81eac6d9..b068066f 100644 --- a/src/leap/bitmask/services/eip/vpnprocess.py +++ b/src/leap/bitmask/services/eip/vpnprocess.py @@ -300,19 +300,24 @@ class VPN(object): self._vpnproc.aborted = True self._vpnproc.killProcess() - def terminate(self, shutdown=False): + def terminate(self, shutdown=False, restart=False): """ Stops the openvpn subprocess. Attempts to send a SIGTERM first, and after a timeout it sends a SIGKILL. + + :param shutdown: whether this is the final shutdown + :type shutdown: bool + :param restart: whether this stop is part of a hard restart. + :type restart: bool """ from twisted.internet import reactor self._stop_pollers() - # We assume that the only valid shutodowns are initiated - # by an user action. - self._user_stopped = shutdown + # We assume that the only valid stops are initiated + # by an user action, not hard restarts + self._user_stopped = not restart # First we try to be polite and send a SIGTERM... if self._vpnproc: @@ -324,13 +329,12 @@ class VPN(object): reactor.callLater( self.TERMINATE_WAIT, self._kill_if_left_alive) - if shutdown: - if IS_LINUX and self._user_stopped: - firewall_down = self._tear_down_firewall() - if firewall_down: - logger.debug("Firewall down") - else: - logger.warning("Could not tear firewall down") + if IS_LINUX and self._user_stopped: + firewall_down = self._tear_down_firewall() + if firewall_down: + logger.debug("Firewall down") + else: + logger.warning("Could not tear firewall down") def _start_pollers(self): """ |