1 files changed, 59 insertions, 42 deletions

diff --git a/src/leap/eip/openvpnconnection.py b/src/leap/eip/openvpnconnection.py
index d93bc40f..4104bd0e 100644
--- a/src/leap/eip/openvpnconnection.py
+++ b/src/leap/eip/openvpnconnection.py
@@ -25,7 +25,6 @@ class OpenVPNConnection(Connection):
     """
 
     def __init__(self,
-                 #config_file=None,
                  watcher_cb=None,
                  debug=False,
                  host=None,
@@ -64,7 +63,7 @@ to be triggered for each one of them.
         #XXX workaround for signaling
         #the ui that we don't know how to
         #manage a connection error
-        self.with_errors = False
+        #self.with_errors = False
 
         self.command = None
         self.args = None
@@ -96,6 +95,7 @@ to be triggered for each one of them.
         # XXX check also for command-line --command flag
         try:
             command, args = eip_config.build_ovpn_command(
+                provider=self.provider,
                 debug=self.debug,
                 socket_path=self.host,
                 ovpn_verbosity=self.ovpn_verbosity)
@@ -115,7 +115,7 @@ to be triggered for each one of them.
         checks for correct permissions on vpn keys
         """
         try:
-            eip_config.check_vpn_keys()
+            eip_config.check_vpn_keys(provider=self.provider)
         except eip_exceptions.EIPInitBadKeyFilePermError:
             logger.error('Bad VPN Keys permission!')
             # do nothing now
@@ -179,42 +179,28 @@ to be triggered for each one of them.
         terminates openvpn child subprocess
         """
         if self.subp:
-            self._stop()
+            try:
+                self._stop()
+            except eip_exceptions.ConnectionRefusedError:
+                logger.warning(
+                    'unable to send sigterm signal to openvpn: '
+                    'connection refused.')
+
+            # XXX kali --
+            # I think this will block if child process
+            # does not return.
+            # Maybe we can .poll() for a given
+            # interval and exit in any case.
+
             RETCODE = self.subp.wait()
             if RETCODE:
-                logger.error('cannot terminate subprocess! '
-                             '(maybe openvpn still running?)')
-
-    def _stop(self):
-        """
-        stop openvpn process
-        """
-        logger.debug("disconnecting...")
-        self._send_command("signal SIGTERM\n")
-
-        if self.subp:
-            return True
-
-        #shutting openvpn failured
-        #try patching in old openvpn host and trying again
-        process = self._get_openvpn_process()
-        if process:
-            self.host = \
-                process.cmdline[process.cmdline.index("--management") + 1]
-            self._send_command("signal SIGTERM\n")
-
-            #make sure the process was terminated
-            process = self._get_openvpn_process()
-            if not process:
-                logger.debug("Exisiting OpenVPN Process Terminated")
-                return True
-            else:
-                logger.error("Unable to terminate exisiting OpenVPN Process.")
-                return False
-
-        return True
+                logger.error(
+                    'cannot terminate subprocess! Retcode %s'
+                    '(We might have left openvpn running)' % RETCODE)
 
     def _get_openvpn_process(self):
+        # plist = [p for p in psutil.get_process_list() if p.name == "openvpn"]
+        # return plist[0] if plist else None
         for process in psutil.get_process_list():
             if process.name == "openvpn":
                 return process
@@ -247,8 +233,8 @@ to be triggered for each one of them.
         #self.tn.read_until('ENTER PASSWORD:', 2)
         #self.tn.write(self.password + '\n')
         #self.tn.read_until('SUCCESS:', 2)
-
-        self._seek_to_eof()
+        if self.tn:
+            self._seek_to_eof()
         return True
 
     def _seek_to_eof(self):
@@ -293,12 +279,7 @@ to be triggered for each one of them.
                 self.connect_to_management()
             except eip_exceptions.MissingSocketError:
                 logger.warning('missing management socket')
-                # This should only happen briefly during
-                # the first invocation. Race condition make
-                # the polling begin before management socket
-                # is ready
                 return []
-                #return self.make_error()
         try:
             if hasattr(self, 'tn'):
                 self.tn.write(cmd + "\n")
@@ -376,6 +357,42 @@ to be triggered for each one of them.
         """
         return self._send_command("status 2")
 
+    def _stop(self):
+        """
+        stop openvpn process
+        by sending SIGTERM to the management
+        interface
+        """
+        logger.debug("disconnecting...")
+        if self.connected():
+            self._send_command("signal SIGTERM\n")
+
+        if self.subp:
+            return True
+
+        #shutting openvpn failured
+        #try patching in old openvpn host and trying again
+        process = self._get_openvpn_process()
+        if process:
+            logger.debug('process :%s' % process)
+            cmdline = process.cmdline
+
+            if isinstance(cmdline, list):
+                _index = cmdline.index("--management")
+                self.host = cmdline[_index + 1]
+                self._send_command("signal SIGTERM\n")
+
+            #make sure the process was terminated
+            process = self._get_openvpn_process()
+            if not process:
+                logger.debug("Existing OpenVPN Process Terminated")
+                return True
+            else:
+                logger.error("Unable to terminate existing OpenVPN Process.")
+                return False
+
+        return True
+
     #
     # parse  info
     #