diff options
author | Kali Kaneko <kali@leap.se> | 2018-01-23 01:18:46 +0100 |
---|---|---|
committer | Kali Kaneko <kali@leap.se> | 2018-01-25 01:19:20 +0100 |
commit | b3e9efc82a04cd0f896b38dbe155a4191db393e5 (patch) | |
tree | 28a1a071b8bf40f055bae31b07fa06051259bb67 | |
parent | bfd941fa8f7938698a5c5693d601c098250284e5 (diff) |
[bug] do not fail if the provider does not allow anonymous vpn
Since bonafide was not catching the error 401, an attempt to bootstrap a
provider that does not support anonvpn with the new setup was resulting
in a json that was containing only an error message.
this was producing an error when trying to access the configuration for
that provider's EIP section.
we now avoid writing a json config file if an error 401 is found, and
also catch the exception for a ValueError when the EIP section is not
found in the provider's configuration.
-rw-r--r-- | src/leap/bitmask/bonafide/_http.py | 8 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/autostart.py | 2 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/service.py | 10 |
3 files changed, 16 insertions, 4 deletions
diff --git a/src/leap/bitmask/bonafide/_http.py b/src/leap/bitmask/bonafide/_http.py index a1120ab7..8121a336 100644 --- a/src/leap/bitmask/bonafide/_http.py +++ b/src/leap/bitmask/bonafide/_http.py @@ -51,6 +51,10 @@ class Unchanged(Exception): pass +class Forbidden(Exception): + pass + + # TODO this should be ported to use treq client. def httpRequest(agent, url, values=None, headers=None, @@ -83,6 +87,8 @@ def httpRequest(agent, url, values=None, headers=None, log.debug("RESPONSE %s %s %s" % (method, response.code, url)) if response.code == 204: d = defer.succeed('') + elif response.code == 401: + raise Forbidden() if saveto and mtime and response.code == 304: log.debug('304 (Not modified): %s' % url) raise Unchanged() @@ -104,7 +110,7 @@ def httpRequest(agent, url, values=None, headers=None, return d def passthru(failure): - failure.trap(Unchanged) + failure.trap(Unchanged, Forbidden) d = agent.request(method, url, Headers(headers), StringProducer(data) if data else None) diff --git a/src/leap/bitmask/vpn/autostart.py b/src/leap/bitmask/vpn/autostart.py index 858ea4ab..0572e9d5 100644 --- a/src/leap/bitmask/vpn/autostart.py +++ b/src/leap/bitmask/vpn/autostart.py @@ -20,7 +20,7 @@ Terminal=false Leave an autostart file in the user's autostart path. The bundle could in principle find its own path and add - the path to the bitmaskd binary in the Exec entry. + the path to the bitmaskd binary in the Exec entry. But for now it's simpler to do autostart only for the debian packages or any other method that puts bitmask in the path. On the other hand, we want to reduce the modifications that the bundle diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py index 6d273e23..9faedd95 100644 --- a/src/leap/bitmask/vpn/service.py +++ b/src/leap/bitmask/vpn/service.py @@ -315,7 +315,13 @@ class VPNService(HookableService): yield bonafide.do_provider_create(provider_id) provider = yield bonafide.do_provider_read(provider_id) - config = yield bonafide.do_provider_read(provider_id, 'eip') + try: + config = yield bonafide.do_provider_read(provider_id, 'eip') + except ValueError: + exc = Exception('Cannot find EIP section for provider %s. ' + 'Is it fully bootstrapped?' % provider_id) + exc.expected = True + raise exc sorted_gateways = self._get_gateways(config) extra_flags = config.openvpn_configuration @@ -324,7 +330,7 @@ class VPNService(HookableService): anonvpn = self._has_anonvpn(provider) ready = self.do_check(provider_id).get('vpn_ready', False) - if not ready: + if not ready and anonvpn: yield self._maybe_get_anon_cert(anonvpn, provider_id) if not os.path.isfile(ca_path): |