[bug] do not fail if the provider does not allow anonymous vpn

Since bonafide was not catching the error 401, an attempt to bootstrap a
provider that does not support anonvpn with the new setup was resulting
in a json that was containing only an error message.

this was producing an error when trying to access the configuration for
that provider's EIP section.

we now avoid writing a json config file if an error 401 is found, and
also catch the exception for a ValueError when the EIP section is not
found in the provider's configuration.

1 files changed, 8 insertions, 2 deletions

diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py
index 6d273e23..9faedd95 100644
--- a/src/leap/bitmask/vpn/service.py
+++ b/src/leap/bitmask/vpn/service.py
@@ -315,7 +315,13 @@ class VPNService(HookableService):
             yield bonafide.do_provider_create(provider_id)
 
         provider = yield bonafide.do_provider_read(provider_id)
-        config = yield bonafide.do_provider_read(provider_id, 'eip')
+        try:
+            config = yield bonafide.do_provider_read(provider_id, 'eip')
+        except ValueError:
+            exc = Exception('Cannot find EIP section for provider %s. '
+                            'Is it fully bootstrapped?' % provider_id)
+            exc.expected = True
+            raise exc
 
         sorted_gateways = self._get_gateways(config)
         extra_flags = config.openvpn_configuration
@@ -324,7 +330,7 @@ class VPNService(HookableService):
         anonvpn = self._has_anonvpn(provider)
 
         ready = self.do_check(provider_id).get('vpn_ready', False)
-        if not ready:
+        if not ready and anonvpn:
             yield self._maybe_get_anon_cert(anonvpn, provider_id)
 
         if not os.path.isfile(ca_path):