Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'qubesos/pr/200'

Browse Source 
* qubesos/pr/200:
  Removed self.rules != old_rules
  Avoid UTC datetime
  Wrong init var to bool and missing call to total_seconds()

Fixes QubesOS/qubes-issues#3661
This commit is contained in:
Marek Marczykowski-Górecki 2018-03-20 01:19:58 +01:00
commit 93bccf583e
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
1 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
qubes/firewall.py
View File

@ -204,7 +204,7 @@ class SpecialTarget(RuleChoice):
class Expire(RuleOption): class Expire(RuleOption):
def __init__(self, untrusted_value): def __init__(self, untrusted_value):
super(Expire, self).__init__(untrusted_value) super(Expire, self).__init__(untrusted_value)
self.datetime = datetime.datetime.utcfromtimestamp(int(untrusted_value)) self.datetime = datetime.datetime.fromtimestamp(int(untrusted_value))
@property @property
def rule(self): def rule(self):
@ -216,7 +216,7 @@ class Expire(RuleOption):
@property @property
def expired(self): def expired(self):
return self.datetime < datetime.datetime.utcnow() return self.datetime < datetime.datetime.now()
class Comment(RuleOption): class Comment(RuleOption):
@ -546,17 +546,15 @@ class Firewall(object):
def _expire_rules(self): def _expire_rules(self):
'''Function called to reload expired rules''' '''Function called to reload expired rules'''
old_rules = self.rules
self.load() self.load()
if self.rules != old_rules: # this will both save rules skipping those expired and trigger
# this will both save rules skipping those expired and trigger # QubesDB update; and possibly schedule another timer
# QubesDB update; and possibly schedule another timer self.save()
self.save()
def save(self): def save(self):
'''Save firewall rules to a file''' '''Save firewall rules to a file'''
firewall_conf = os.path.join(self.vm.dir_path, self.vm.firewall_conf) firewall_conf = os.path.join(self.vm.dir_path, self.vm.firewall_conf)
nearest_expire = False nearest_expire = None
xml_root = lxml.etree.Element('firewall', version=str(2)) xml_root = lxml.etree.Element('firewall', version=str(2))
@ -595,7 +593,7 @@ class Firewall(object):
# necessary must be the same as time module; calculate delay and # necessary must be the same as time module; calculate delay and
# use call_later instead # use call_later instead
expire_when = nearest_expire - datetime.datetime.now() expire_when = nearest_expire - datetime.datetime.now()
loop.call_later(expire_when, self._expire_rules) loop.call_later(expire_when.total_seconds(), self._expire_rules)
def qdb_entries(self, addr_family=None): def qdb_entries(self, addr_family=None):
'''Return firewall settings serialized for QubesDB entries '''Return firewall settings serialized for QubesDB entries