diff options
-rwxr-xr-x | src/leap/bitmask/vpn/helpers/linux/bitmask-root | 9 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/process.py | 3 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/tunnel.py | 22 |
3 files changed, 19 insertions, 15 deletions
diff --git a/src/leap/bitmask/vpn/helpers/linux/bitmask-root b/src/leap/bitmask/vpn/helpers/linux/bitmask-root index 80ac12e..cad082b 100755 --- a/src/leap/bitmask/vpn/helpers/linux/bitmask-root +++ b/src/leap/bitmask/vpn/helpers/linux/bitmask-root @@ -73,7 +73,7 @@ def get_no_group_name(): return None -VERSION = "6" +VERSION = "7" SCRIPT = "bitmask-root" NAMESERVER = "10.42.0.1" BITMASK_CHAIN = "bitmask" @@ -105,7 +105,8 @@ FIXED_FLAGS = [ "--management-signal", "--script-security", "1", "--user", "nobody", - "--remap-usr1", "SIGTERM", + "--persist-key", + "--persist-tun", ] if OPENVPN_GROUP is not None: @@ -121,7 +122,8 @@ ALLOWED_FLAGS = { "--cert": ["FILE"], "--key": ["FILE"], "--ca": ["FILE"], - "--fragment": ["NUMBER"] + "--fragment": ["NUMBER"], + "--keepalive": ["NUMBER", "NUMBER"], } PARAM_FORMATS = { @@ -964,6 +966,7 @@ def main(): else: bail("ERROR: No such command") + if __name__ == "__main__": debug(" ".join(sys.argv)) main() diff --git a/src/leap/bitmask/vpn/process.py b/src/leap/bitmask/vpn/process.py index 19115d6..b9c8456 100644 --- a/src/leap/bitmask/vpn/process.py +++ b/src/leap/bitmask/vpn/process.py @@ -252,7 +252,8 @@ class _VPNProcess(protocol.ProcessProtocol): # shutdown def terminate(self): - self.proto.signal('SIGTERM') + if self.proto: + self.proto.signal('SIGTERM') def kill(self): try: diff --git a/src/leap/bitmask/vpn/tunnel.py b/src/leap/bitmask/vpn/tunnel.py index d9a8be3..7c2274a 100644 --- a/src/leap/bitmask/vpn/tunnel.py +++ b/src/leap/bitmask/vpn/tunnel.py @@ -31,8 +31,6 @@ from .process import VPNProcess # TODO ----------------- refactor -------------------- -# [ ] register change state listener -# emit_async(catalog.VPN_STATUS_CHANGED) # [ ] catch ping-restart # 'NETWORK_UNREACHABLE': ( # 'Network is unreachable (code=101)',), @@ -40,6 +38,8 @@ from .process import VPNProcess # "SIGTERM[soft,tls-error]",), # TODO ----------------- refactor -------------------- +RESTART_WAIT = 2 # in secs + class ConfiguredTunnel(object): @@ -82,8 +82,8 @@ class ConfiguredTunnel(object): defer.returnValue(started) @defer.inlineCallbacks - def stop(self): - stopped = yield self._stop_vpn(restart=False) + def stop(self, restart=False): + stopped = yield self._stop_vpn(restart=restart) defer.returnValue(stopped) # status @@ -110,14 +110,14 @@ class ConfiguredTunnel(object): vpnproc = VPNProcess(*args, **kwargs) self._vpnproc = vpnproc - self.__start_pre_up(vpnproc) - cmd = self.__start_get_cmd(vpnproc) - - running = yield self.__start_spawn_proc(vpnproc, cmd) - if running: + try: + self.__start_pre_up(vpnproc) + cmd = self.__start_get_cmd(vpnproc) + running = yield self.__start_spawn_proc(vpnproc, cmd) vpnproc.pid = running.pid defer.returnValue(True) - else: + except Exception: + # TODO need to propagate the error message properly. defer.returnValue(False) def __start_pre_up(self, proc): @@ -150,7 +150,7 @@ class ConfiguredTunnel(object): def _restart_vpn(self): yield self.stop(restart=True) reactor.callLater( - self.RESTART_WAIT, self.start) + RESTART_WAIT, self.start) @defer.inlineCallbacks def _stop_vpn(self, restart=False): |