summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2018-01-23 01:18:46 +0100
committerKali Kaneko <kali@leap.se>2018-01-25 01:19:20 +0100
commitb3e9efc82a04cd0f896b38dbe155a4191db393e5 (patch)
tree28a1a071b8bf40f055bae31b07fa06051259bb67
parentbfd941fa8f7938698a5c5693d601c098250284e5 (diff)
[bug] do not fail if the provider does not allow anonymous vpn
Since bonafide was not catching the error 401, an attempt to bootstrap a provider that does not support anonvpn with the new setup was resulting in a json that was containing only an error message. this was producing an error when trying to access the configuration for that provider's EIP section. we now avoid writing a json config file if an error 401 is found, and also catch the exception for a ValueError when the EIP section is not found in the provider's configuration.
-rw-r--r--src/leap/bitmask/bonafide/_http.py8
-rw-r--r--src/leap/bitmask/vpn/autostart.py2
-rw-r--r--src/leap/bitmask/vpn/service.py10
3 files changed, 16 insertions, 4 deletions
diff --git a/src/leap/bitmask/bonafide/_http.py b/src/leap/bitmask/bonafide/_http.py
index a1120ab7..8121a336 100644
--- a/src/leap/bitmask/bonafide/_http.py
+++ b/src/leap/bitmask/bonafide/_http.py
@@ -51,6 +51,10 @@ class Unchanged(Exception):
pass
+class Forbidden(Exception):
+ pass
+
+
# TODO this should be ported to use treq client.
def httpRequest(agent, url, values=None, headers=None,
@@ -83,6 +87,8 @@ def httpRequest(agent, url, values=None, headers=None,
log.debug("RESPONSE %s %s %s" % (method, response.code, url))
if response.code == 204:
d = defer.succeed('')
+ elif response.code == 401:
+ raise Forbidden()
if saveto and mtime and response.code == 304:
log.debug('304 (Not modified): %s' % url)
raise Unchanged()
@@ -104,7 +110,7 @@ def httpRequest(agent, url, values=None, headers=None,
return d
def passthru(failure):
- failure.trap(Unchanged)
+ failure.trap(Unchanged, Forbidden)
d = agent.request(method, url, Headers(headers),
StringProducer(data) if data else None)
diff --git a/src/leap/bitmask/vpn/autostart.py b/src/leap/bitmask/vpn/autostart.py
index 858ea4ab..0572e9d5 100644
--- a/src/leap/bitmask/vpn/autostart.py
+++ b/src/leap/bitmask/vpn/autostart.py
@@ -20,7 +20,7 @@ Terminal=false
Leave an autostart file in the user's autostart path.
The bundle could in principle find its own path and add
- the path to the bitmaskd binary in the Exec entry.
+ the path to the bitmaskd binary in the Exec entry.
But for now it's simpler to do autostart only for the debian packages
or any other method that puts bitmask in the path.
On the other hand, we want to reduce the modifications that the bundle
diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py
index 6d273e23..9faedd95 100644
--- a/src/leap/bitmask/vpn/service.py
+++ b/src/leap/bitmask/vpn/service.py
@@ -315,7 +315,13 @@ class VPNService(HookableService):
yield bonafide.do_provider_create(provider_id)
provider = yield bonafide.do_provider_read(provider_id)
- config = yield bonafide.do_provider_read(provider_id, 'eip')
+ try:
+ config = yield bonafide.do_provider_read(provider_id, 'eip')
+ except ValueError:
+ exc = Exception('Cannot find EIP section for provider %s. '
+ 'Is it fully bootstrapped?' % provider_id)
+ exc.expected = True
+ raise exc
sorted_gateways = self._get_gateways(config)
extra_flags = config.openvpn_configuration
@@ -324,7 +330,7 @@ class VPNService(HookableService):
anonvpn = self._has_anonvpn(provider)
ready = self.do_check(provider_id).get('vpn_ready', False)
- if not ready:
+ if not ready and anonvpn:
yield self._maybe_get_anon_cert(anonvpn, provider_id)
if not os.path.isfile(ca_path):