summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/bug_5687_switch-eip-off1
-rw-r--r--src/leap/bitmask/backend.py17
-rw-r--r--src/leap/bitmask/gui/mainwindow.py8
-rw-r--r--src/leap/bitmask/services/eip/vpnprocess.py26
4 files changed, 30 insertions, 22 deletions
diff --git a/changes/bug_5687_switch-eip-off b/changes/bug_5687_switch-eip-off
new file mode 100644
index 00000000..4cf0d24a
--- /dev/null
+++ b/changes/bug_5687_switch-eip-off
@@ -0,0 +1 @@
+- Bring firewall down when switching EIP off. Closes: #5687
diff --git a/src/leap/bitmask/backend.py b/src/leap/bitmask/backend.py
index 0ab7040b..d6d5004f 100644
--- a/src/leap/bitmask/backend.py
+++ b/src/leap/bitmask/backend.py
@@ -390,19 +390,19 @@ class EIP(object):
# TODO: are we connected here?
signaler.signal(signaler.EIP_CONNECTED)
- def _do_stop(self, shutdown=False):
+ def _do_stop(self, shutdown=False, restart=False):
"""
Stop the service. This is run in a thread to avoid blocking.
"""
- self._vpn.terminate(shutdown)
+ self._vpn.terminate(shutdown, restart)
if IS_LINUX:
self._wait_for_firewall_down()
- def stop(self, shutdown=False):
+ def stop(self, shutdown=False, restart=False):
"""
Stop the service.
"""
- return threads.deferToThread(self._do_stop, shutdown)
+ return threads.deferToThread(self._do_stop, shutdown, restart)
def _wait_for_firewall_down(self):
"""
@@ -1460,14 +1460,17 @@ class Backend(object):
"""
self._call_queue.put(("eip", "start", None))
- def eip_stop(self, shutdown=False):
+ def eip_stop(self, shutdown=False, restart=False):
"""
Stop the EIP service.
- :param shutdown:
+ :param shutdown: whether this is the final shutdown.
:type shutdown: bool
+
+ :param restart: whether this is part of a restart.
+ :type restart: bool
"""
- self._call_queue.put(("eip", "stop", None, shutdown))
+ self._call_queue.put(("eip", "stop", None, shutdown, restart))
def eip_terminate(self):
"""
diff --git a/src/leap/bitmask/gui/mainwindow.py b/src/leap/bitmask/gui/mainwindow.py
index fc4b4d75..201a24ec 100644
--- a/src/leap/bitmask/gui/mainwindow.py
+++ b/src/leap/bitmask/gui/mainwindow.py
@@ -1680,7 +1680,7 @@ class MainWindow(QtGui.QMainWindow):
self._set_eipstatus_off()
@QtCore.Slot()
- def _stop_eip(self):
+ def _stop_eip(self, restart=False):
"""
TRIGGERS:
self._eip_connection.qtsigs.do_disconnect_signal (via state machine)
@@ -1691,8 +1691,8 @@ class MainWindow(QtGui.QMainWindow):
:param abnormal: whether this was an abnormal termination.
:type abnormal: bool
"""
- self.user_stopped_eip = True
- self._backend.eip_stop()
+ self.user_stopped_eip = not restart
+ self._backend.eip_stop(restart=restart)
self._set_eipstatus_off(False)
self._already_started_eip = False
@@ -1731,7 +1731,7 @@ class MainWindow(QtGui.QMainWindow):
"""
# for some reason, emitting the do_disconnect/do_connect
# signals hangs the UI.
- self._stop_eip()
+ self._stop_eip(restart=True)
QtCore.QTimer.singleShot(2000, self._start_EIP)
def _set_eipstatus_off(self, error=True):
diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py
index 81eac6d9..b068066f 100644
--- a/src/leap/bitmask/services/eip/vpnprocess.py
+++ b/src/leap/bitmask/services/eip/vpnprocess.py
@@ -300,19 +300,24 @@ class VPN(object):
self._vpnproc.aborted = True
self._vpnproc.killProcess()
- def terminate(self, shutdown=False):
+ def terminate(self, shutdown=False, restart=False):
"""
Stops the openvpn subprocess.
Attempts to send a SIGTERM first, and after a timeout
it sends a SIGKILL.
+
+ :param shutdown: whether this is the final shutdown
+ :type shutdown: bool
+ :param restart: whether this stop is part of a hard restart.
+ :type restart: bool
"""
from twisted.internet import reactor
self._stop_pollers()
- # We assume that the only valid shutodowns are initiated
- # by an user action.
- self._user_stopped = shutdown
+ # We assume that the only valid stops are initiated
+ # by an user action, not hard restarts
+ self._user_stopped = not restart
# First we try to be polite and send a SIGTERM...
if self._vpnproc:
@@ -324,13 +329,12 @@ class VPN(object):
reactor.callLater(
self.TERMINATE_WAIT, self._kill_if_left_alive)
- if shutdown:
- if IS_LINUX and self._user_stopped:
- firewall_down = self._tear_down_firewall()
- if firewall_down:
- logger.debug("Firewall down")
- else:
- logger.warning("Could not tear firewall down")
+ if IS_LINUX and self._user_stopped:
+ firewall_down = self._tear_down_firewall()
+ if firewall_down:
+ logger.debug("Firewall down")
+ else:
+ logger.warning("Could not tear firewall down")
def _start_pollers(self):
"""