summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/vpn/_management.py
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2017-08-22 16:38:13 -0400
committerKali Kaneko <kali@leap.se>2017-08-30 16:17:56 -0400
commit49a421188febe06e66412260a828b92a543fbe99 (patch)
treed9389cface18ad2927186f9210e648711c3052a9 /src/leap/bitmask/vpn/_management.py
parent46eff942e4e3b3c7ddbecd170dd7d5078b8debc0 (diff)
[refactor] integrate new management protocol
Diffstat (limited to 'src/leap/bitmask/vpn/_management.py')
-rw-r--r--src/leap/bitmask/vpn/_management.py136
1 files changed, 1 insertions, 135 deletions
diff --git a/src/leap/bitmask/vpn/_management.py b/src/leap/bitmask/vpn/_management.py
index d05790c..4cc582f 100644
--- a/src/leap/bitmask/vpn/_management.py
+++ b/src/leap/bitmask/vpn/_management.py
@@ -7,6 +7,7 @@ from twisted.logger import Logger
import psutil
try:
+ # TODO - we can deprecate this error
# psutil < 2.0.0
from psutil.error import AccessDenied as psutil_AccessDenied
PSUTIL_2 = False
@@ -17,144 +18,9 @@ except ImportError:
-class OpenVPNAlreadyRunning(Exception):
- message = ("Another openvpn instance is already running, and could "
- "not be stopped.")
-class AlienOpenVPNAlreadyRunning(Exception):
- message = ("Another openvpn instance is already running, and could "
- "not be stopped because it was not launched by LEAP.")
-
-
-class ImproperlyConfigured(Exception):
- pass
-
-
-class Management(object):
-
-
- def terminate(self, shutdown=False):
- """
- Attempts to terminate openvpn by sending a SIGTERM.
- """
- if self.is_connected():
- self._send_command("signal SIGTERM")
- if shutdown:
- _cleanup_tempfiles()
-
# TODO -- finish porting ----------------------------------------------------
-def _cleanup_tempfiles(self):
- """
- Remove all temporal files we might have left behind.
-
- Iif self.port is 'unix', we have created a temporal socket path that,
- under normal circumstances, we should be able to delete.
- """
- if self._socket_port == "unix":
- tempfolder = _first(os.path.split(self._host))
- if tempfolder and os.path.isdir(tempfolder):
- try:
- shutil.rmtree(tempfolder)
- except OSError:
- self.log.error(
- 'Could not delete tmpfolder %s' % tempfolder)
-
-def _get_openvpn_process():
- """
- Looks for openvpn instances running.
-
- :rtype: process
- """
- openvpn_process = None
- for p in psutil.process_iter():
- try:
- # XXX Not exact!
- # Will give false positives.
- # we should check that cmdline BEGINS
- # with openvpn or with our wrapper
- # (pkexec / osascript / whatever)
-
- # This needs more work, see #3268, but for the moment
- # we need to be able to filter out arguments in the form
- # --openvpn-foo, since otherwise we are shooting ourselves
- # in the feet.
-
- if PSUTIL_2:
- cmdline = p.cmdline()
- else:
- cmdline = p.cmdline
- if any(map(lambda s: s.find(
- "LEAPOPENVPN") != -1, cmdline)):
- openvpn_process = p
- break
- except psutil_AccessDenied:
- pass
- return openvpn_process
-
-def _stop_if_already_running():
- """
- Checks if VPN is already running and tries to stop it.
-
- Might raise OpenVPNAlreadyRunning.
-
- :return: True if stopped, False otherwise
-
- """
- process = _get_openvpn_process()
- if not process:
- self.log.debug('Could not find openvpn process while '
- 'trying to stop it.')
- return
-
- log.debug('OpenVPN is already running, trying to stop it...')
- cmdline = process.cmdline
-
- manag_flag = "--management"
-
- if isinstance(cmdline, list) and manag_flag in cmdline:
-
- # we know that our invocation has this distinctive fragment, so
- # we use this fingerprint to tell other invocations apart.
- # this might break if we change the configuration path in the
- # launchers
-
- def smellslikeleap(s):
- return "leap" in s and "providers" in s
-
- if not any(map(smellslikeleap, cmdline)):
- self.log.debug("We cannot stop this instance since we do not "
- "recognise it as a leap invocation.")
- raise AlienOpenVPNAlreadyRunning
-
- try:
- index = cmdline.index(manag_flag)
- host = cmdline[index + 1]
- port = cmdline[index + 2]
- self.log.debug("Trying to connect to %s:%s"
- % (host, port))
- _connect()
-
- # XXX this has a problem with connections to different
- # remotes. So the reconnection will only work when we are
- # terminating instances left running for the same provider.
- # If we are killing an openvpn instance configured for another
- # provider, we will get:
- # TLS Error: local/remote TLS keys are out of sync
- # However, that should be a rare case right now.
- self._send_command("signal SIGTERM")
- except (Exception, AssertionError):
- log.failure('Problem trying to terminate OpenVPN')
- else:
- log.debug('Could not find the expected openvpn command line.')
- process = _get_openvpn_process()
- if process is None:
- self.log.debug('Successfully finished already running '
- 'openvpn process.')
- return True
- else:
- self.log.warn('Unable to terminate OpenVPN')
- raise OpenVPNAlreadyRunning