summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/vpn
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2018-02-28 22:43:02 +0100
committerKali Kaneko <kali@leap.se>2018-03-02 03:54:17 +0100
commitb3549ae8cd496bbb16b7aa67e35717b60378dbf7 (patch)
treea82dcfd852d4419c8d712e3297756687c200a7bb /src/leap/bitmask/vpn
parent64a159436428450aec8170b49d5b3ae895560d79 (diff)
[bug] fix launching of vpn for snaps
Diffstat (limited to 'src/leap/bitmask/vpn')
-rw-r--r--src/leap/bitmask/vpn/constants.py2
-rw-r--r--src/leap/bitmask/vpn/helpers/__init__.py11
-rw-r--r--src/leap/bitmask/vpn/launchers/linux.py33
-rw-r--r--src/leap/bitmask/vpn/privilege.py5
4 files changed, 36 insertions, 15 deletions
diff --git a/src/leap/bitmask/vpn/constants.py b/src/leap/bitmask/vpn/constants.py
index 086d700f..32f35e93 100644
--- a/src/leap/bitmask/vpn/constants.py
+++ b/src/leap/bitmask/vpn/constants.py
@@ -18,6 +18,7 @@
"""
System constants
"""
+import os
import platform
_system = platform.system()
@@ -26,6 +27,7 @@ IS_LINUX = _system == "Linux"
IS_MAC = _system == "Darwin"
IS_UNIX = IS_MAC or IS_LINUX
IS_WIN = _system == "Windows"
+IS_SNAP = os.environ.get('SNAP')
if IS_LINUX:
BITMASK_ROOT_SYSTEM = '/usr/sbin/bitmask-root'
diff --git a/src/leap/bitmask/vpn/helpers/__init__.py b/src/leap/bitmask/vpn/helpers/__init__.py
index 8ec50999..3249456c 100644
--- a/src/leap/bitmask/vpn/helpers/__init__.py
+++ b/src/leap/bitmask/vpn/helpers/__init__.py
@@ -4,11 +4,15 @@ from hashlib import sha512
import os.path
import sys
+from twisted.logger import Logger
+
from leap.bitmask.vpn.constants import IS_LINUX, IS_MAC
from leap.bitmask.vpn import _config
from leap.bitmask.util import STANDALONE
+log = Logger()
+
if IS_LINUX:
from leap.bitmask.vpn.constants import BITMASK_ROOT_SYSTEM
@@ -60,18 +64,25 @@ if IS_LINUX:
_check_openvpn())
def _check_helper():
+ log.debug('Checking whether helper exists')
helper_path = _config.get_bitmask_helper_path()
if not _exists_and_can_read(helper_path):
+ log.debug('Cannot read helpers')
return True
helper_path_digest = digest(helper_path)
if (_exists_and_can_read(BITMASK_ROOT_SYSTEM) and
helper_path_digest == digest(BITMASK_ROOT_SYSTEM)):
+ log.debug('global bitmask-root: %s' % os.path.isfile(BITMASK_ROOT_SYSTEM))
+ log.debug('global bitmask-root: %s' % digest(BITMASK_ROOT_SYSTEM))
return True
if (_exists_and_can_read(BITMASK_ROOT_LOCAL) and
helper_path_digest == digest(BITMASK_ROOT_LOCAL)):
+ log.debug('local bitmask-root: %s' % os.path.isfile(BITMASK_ROOT_LOCAL))
+ log.debug('local bitmask-root: %s' % digest(BITMASK_ROOT_LOCAL))
return True
+ log.debug('No valid bitmask-root found')
return False
def _check_openvpn():
diff --git a/src/leap/bitmask/vpn/launchers/linux.py b/src/leap/bitmask/vpn/launchers/linux.py
index 48977835..3b541d33 100644
--- a/src/leap/bitmask/vpn/launchers/linux.py
+++ b/src/leap/bitmask/vpn/launchers/linux.py
@@ -35,6 +35,7 @@ from leap.bitmask.vpn.privilege import LinuxPolicyChecker
from leap.bitmask.vpn.management import ManagementProtocol
from leap.bitmask.vpn.launcher import VPNLauncher
+IS_SNAP = os.environ.get('SNAP')
TERMINATE_MAXTRIES = 10
TERMINATE_WAIT = 1 # secs
@@ -86,15 +87,19 @@ class LinuxVPNLauncher(VPNLauncher):
class BITMASK_ROOT(object):
def __call__(self):
- current_version = self._version(_config.get_bitmask_helper_path())
+ current_version = self._version(_config.get_bitmask_helper_path())
_sys = constants.BITMASK_ROOT_SYSTEM
_sys_version = 0
+ _local = constants.BITMASK_ROOT_LOCAL
+ _local_version = 0
+
+ if IS_SNAP:
+ return _local
+
if os.path.isfile(_sys):
_sys_version = self._version(_sys)
- _local = constants.BITMASK_ROOT_LOCAL
- _local_version = 0
if os.path.isfile(_local):
_local_version = self._version(_local)
@@ -120,6 +125,12 @@ class LinuxVPNLauncher(VPNLauncher):
class OPENVPN_BIN_PATH(object):
def __call__(self):
+
+ #if IS_SNAP:
+ # this should change when bitmask is also a snap. for now,
+ # snap means RiseupVPN
+ # return '/snap/bin/riseup-vpn/bin/riseup-vpn.openvpn'
+
_sys = constants.OPENVPN_SYSTEM
_local = constants.OPENVPN_LOCAL
# XXX this implies that, for the time being, we prefer the system
@@ -165,37 +176,31 @@ class LinuxVPNLauncher(VPNLauncher):
:return: A VPN command ready to be launched.
:rtype: list
"""
+ print ">>> GET VPN COMMAND"
+
command = []
# we use `super` in order to send the class to use
command = super(LinuxVPNLauncher, kls).get_vpn_command(
vpnconfig, providerconfig, socket_host, socket_port, remotes,
openvpn_verb)
- print("command super %s" % command)
+ #print(">>>command super %s" % str(command))
# XXX DEBUG local variable command referenced before assignment
# this was breaking the snap. re-do in a more robust way.
- command = ["pkexec", "/usr/local/sbin/bitmask-root", "openvpn", "start"] + command
+ #command = ["pkexec", "/usr/local/sbin/bitmask-root", "openvpn", "start"] + command
- """
command.insert(0, force_eval(kls.BITMASK_ROOT))
command.insert(1, "openvpn")
command.insert(2, "start")
- """
- print("Inserted: %s" % command)
+ print(">>>Inserted: %s" % str(command))
- """
if os.getuid() != 0:
- print("OS UID != 0")
policyChecker = LinuxPolicyChecker()
- print("checker %s", policyChecker)
pkexec = policyChecker.get_usable_pkexec()
if pkexec:
command.insert(0, first(pkexec))
- """
-
- print("Final: %s" % command)
return command
def terminate_or_kill(self, terminatefun, killfun, proc):
diff --git a/src/leap/bitmask/vpn/privilege.py b/src/leap/bitmask/vpn/privilege.py
index 9c9ce130..afbca6f0 100644
--- a/src/leap/bitmask/vpn/privilege.py
+++ b/src/leap/bitmask/vpn/privilege.py
@@ -29,7 +29,7 @@ from twisted.logger import Logger
from twisted.python.procutils import which
from leap.bitmask.util import STANDALONE, here
-from .constants import IS_LINUX
+from .constants import IS_LINUX, IS_SNAP
from . import polkit
log = Logger()
@@ -52,6 +52,9 @@ def _helper_installer(action):
raise Exception('Wrong action: %s' % action)
if IS_LINUX:
+ if IS_SNAP:
+ log.debug('Skipping install of helpers, snap should have done that')
+ return
cmd = 'bitmask_helpers ' + action
if STANDALONE:
binary_path = os.path.join(here(), "bitmask")