summaryrefslogtreecommitdiff
path: root/src/leap/bitmask
diff options
context:
space:
mode:
authorKali Kaneko (leap communications) <kali@leap.se>2017-02-20 20:39:43 +0100
committerKali Kaneko (leap communications) <kali@leap.se>2017-02-23 00:41:25 +0100
commit25ad6f18057ad7951f74eff35afe25d220952efa (patch)
treebfcb70fde93f73f993a3ae42f7c3def73464e105 /src/leap/bitmask
parent9d7de357a114812c0ed1e04b97ef59b41a40fa47 (diff)
[refactor] rename eip to vpn
Diffstat (limited to 'src/leap/bitmask')
-rwxr-xr-xsrc/leap/bitmask/cli/bitmask_cli.py20
-rw-r--r--src/leap/bitmask/cli/vpn.py (renamed from src/leap/bitmask/cli/eip.py)26
-rw-r--r--src/leap/bitmask/core/dispatcher.py10
-rw-r--r--src/leap/bitmask/vpn/README.rst20
-rw-r--r--src/leap/bitmask/vpn/_checks.py6
-rw-r--r--src/leap/bitmask/vpn/_config.py6
-rw-r--r--src/leap/bitmask/vpn/_control.py6
-rw-r--r--src/leap/bitmask/vpn/errors.py8
-rw-r--r--src/leap/bitmask/vpn/helpers/__init__.py11
-rw-r--r--src/leap/bitmask/vpn/launcher.py28
-rw-r--r--src/leap/bitmask/vpn/launchers/darwin.py14
-rw-r--r--src/leap/bitmask/vpn/launchers/linux.py23
-rw-r--r--src/leap/bitmask/vpn/launchers/windows.py8
-rw-r--r--src/leap/bitmask/vpn/manager.py6
-rw-r--r--src/leap/bitmask/vpn/privilege.py10
-rw-r--r--src/leap/bitmask/vpn/process.py14
-rw-r--r--src/leap/bitmask/vpn/service.py50
-rw-r--r--src/leap/bitmask/vpn/vpn.py (renamed from src/leap/bitmask/vpn/eip.py)10
18 files changed, 139 insertions, 137 deletions
diff --git a/src/leap/bitmask/cli/bitmask_cli.py b/src/leap/bitmask/cli/bitmask_cli.py
index 933b8240..0c037b25 100755
--- a/src/leap/bitmask/cli/bitmask_cli.py
+++ b/src/leap/bitmask/cli/bitmask_cli.py
@@ -25,14 +25,14 @@ import signal
from colorama import Fore
from twisted.internet import reactor, defer
-from leap.bitmask.config import Configuration
-from leap.bitmask.cli.eip import Eip
+from leap.bitmask.cli import command
from leap.bitmask.cli.keys import Keys
+from leap.bitmask.cli.logs import Logs
from leap.bitmask.cli.mail import Mail
-from leap.bitmask.cli.webui import WebUI
-from leap.bitmask.cli import command
from leap.bitmask.cli.user import User
-from leap.bitmask.cli.logs import Logs
+from leap.bitmask.cli.vpn import VPN
+from leap.bitmask.cli.webui import WebUI
+from leap.bitmask.config import Configuration
class BitmaskCLI(command.Command):
@@ -44,10 +44,10 @@ SERVICE COMMANDS:
user Handles Bitmask accounts
mail Bitmask Encrypted Mail
- eip Encrypted Internet Proxy
+ vpn Bitmask VPN
keys Bitmask Keymanager
ui Bitmask User Interface
- logs Manages bitmask daemon logs
+ logs Manages the Bitmask daemon logs
GENERAL COMMANDS:
@@ -74,9 +74,15 @@ OPTIONAL ARGUMENTS:
mail = Mail(self.cfg, self.print_json)
return mail.execute(raw_args)
+<<<<<<< HEAD
def eip(self, raw_args):
eip = Eip(self.cfg, self.print_json)
return eip.execute(raw_args)
+=======
+ def vpn(self, raw_args):
+ vpn = VPN()
+ return vpn.execute(raw_args)
+>>>>>>> [refactor] rename eip to vpn
def keys(self, raw_args):
keys = Keys(self.cfg, self.print_json)
diff --git a/src/leap/bitmask/cli/eip.py b/src/leap/bitmask/cli/vpn.py
index f5c97955..ace86777 100644
--- a/src/leap/bitmask/cli/eip.py
+++ b/src/leap/bitmask/cli/vpn.py
@@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
-# eip
+# vpn
# Copyright (C) 2016-2017 LEAP
#
# This program is free software: you can redistribute it and/or modify
@@ -15,26 +15,26 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
-Bitmask Command Line interface: eip
+Bitmask Command Line interface: vpn module
"""
from leap.bitmask.cli import command
-class Eip(command.Command):
- service = 'eip'
- usage = '''{name} eip <subcommand>
+class VPN(command.Command):
+ service = 'vpn'
+ usage = '''{name} vpn <subcommand>
-Bitmask Encrypted Internet Proxy Service
+Bitmask VPN Service
SUBCOMMANDS:
- enable Enable EIP Service
- disable Disable EIP Service
- start Start EIP
- stop Stop EIP
- status Display status about service
- check Check whether EIP service is properly configured
- get_cert Get EIP Certificate from provider
+ enable Enable VPN Service
+ disable Disable VPN Service
+ start Start VPN
+ stop Stop VPN
+ status Display status about the VPN
+ check Check whether VPN service is properly configured
+ get_cert Get VPN Certificate from provider
install Install helpers (needs root)
uninstall Uninstall helpers (needs root)
diff --git a/src/leap/bitmask/core/dispatcher.py b/src/leap/bitmask/core/dispatcher.py
index 36ae1b28..c99bcde0 100644
--- a/src/leap/bitmask/core/dispatcher.py
+++ b/src/leap/bitmask/core/dispatcher.py
@@ -212,24 +212,24 @@ class EIPCmd(SubCommand):
d = eip.stop_vpn()
return d
- @register_method('check')
+ @register_method('dict')
def do_CHECK(self, eip, *parts):
d = eip.do_check()
return d
- @register_method('get_cert')
+ @register_method('dict')
def do_GET_CERT(self, eip, *parts):
# TODO -- attempt to get active provider
provider = parts[2]
d = eip.do_get_cert(provider)
return d
- @register_method('install')
+ @register_method('dict')
def do_INSTALL(self, eip, *parts):
d = eip.do_install()
return d
- @register_method('install')
+ @register_method('dict')
def do_UNINSTALL(self, eip, *parts):
d = eip.do_uninstall()
return d
@@ -538,7 +538,7 @@ def _format_error(failure):
logger.failure('[DISPATCHER] Unexpected error:')
except:
logger.debug('[DISPATCHER] Unexpected error: %r' % failure.value)
- print failure.getTraceback()
+ logger.warn(failure.getTraceback())
# if needed, we could add here the exception type as an extra field
return json.dumps({'error': failure.value.message, 'result': None})
diff --git a/src/leap/bitmask/vpn/README.rst b/src/leap/bitmask/vpn/README.rst
index f08d7abc..eff62ab4 100644
--- a/src/leap/bitmask/vpn/README.rst
+++ b/src/leap/bitmask/vpn/README.rst
@@ -1,7 +1,7 @@
VPN port
--------
What's here is a quick port of the legacy bitmask_client vpn code.
-It only work through the cli right now::
+It only works through the cli right now::
bitmaskctl user create tmp_user_baz002@demo.bitmask.net --pass 1234
signup ok
@@ -11,32 +11,32 @@ It only work through the cli right now::
srp_token iye7s1J7M3_iCdB4gXEAhxs-if3XOCwpKNPnvTC8ycE
uuid b63ac83826c7e1e903ed18f6f7780491
- bitmaskctl eip get_cert demo.bitmask.net
+ bitmaskctl vpn get_cert demo.bitmask.net
get_cert ok
- bitmaskctl eip check
- eip_ready ok
+ bitmaskctl vpn check
+ vpn_ready ok
You also might want to install the helpers (a pop-up should appear, asking for
authentication)::
- bitmaskctl eip install
+ bitmaskctl vpn install
install ok
And finally you should be able to launch the VPN::
- bitmaskctl eip start demo.bitmask.net
+ bitmaskctl vpn start demo.bitmask.net
start ok
result started
- bitmaskctl eip status
+ bitmaskctl vpn status
firewall ON
- EIP AUTH
+ vpn AUTH
- bitmaskctl eip status
+ bitmaskctl vpn status
firewall ON
- EIP CONNECTED
+ vpn CONNECTED
↑↑↑ 11.3 K
↓↓↓ 3.9 K
diff --git a/src/leap/bitmask/vpn/_checks.py b/src/leap/bitmask/vpn/_checks.py
index f4d4ed3d..3921d03b 100644
--- a/src/leap/bitmask/vpn/_checks.py
+++ b/src/leap/bitmask/vpn/_checks.py
@@ -15,14 +15,14 @@ def is_service_ready(provider):
return True
-def get_eip_cert_path(provider):
+def get_vpn_cert_path(provider):
return os.path.join(get_path_prefix(),
'leap', 'providers', provider,
'keys', 'client', 'openvpn.pem')
def _has_valid_cert(provider):
- cert_path = get_eip_cert_path(provider)
+ cert_path = get_vpn_cert_path(provider)
has_file = os.path.isfile(cert_path)
if not has_file:
- raise ImproperlyConfigured('Missing EIP certificate')
+ raise ImproperlyConfigured('Missing VPN certificate')
diff --git a/src/leap/bitmask/vpn/_config.py b/src/leap/bitmask/vpn/_config.py
index 8ae266a1..5f10734d 100644
--- a/src/leap/bitmask/vpn/_config.py
+++ b/src/leap/bitmask/vpn/_config.py
@@ -13,8 +13,8 @@ if IS_LINUX:
'leap.bitmask.vpn.helpers.linux', 'se.leap.bitmask.bundle.policy')
-class _TempEIPConfig(object):
- """Current EIP code on bitmask depends on EIPConfig object, this temporary
+class _TempVPNConfig(object):
+ """Current VPN code on bitmask depends on VPNConfig object, this temporary
implementation helps on the transition."""
def __init__(self, flags, path, ports):
@@ -33,7 +33,7 @@ class _TempEIPConfig(object):
class _TempProviderConfig(object):
- """Current EIP code on bitmask depends on ProviderConfig object, this
+ """Current VPN code on bitmask depends on ProviderConfig object, this
temporary implementation helps on the transition."""
def __init__(self, domain, path):
diff --git a/src/leap/bitmask/vpn/_control.py b/src/leap/bitmask/vpn/_control.py
index bff5c098..8dfe4c64 100644
--- a/src/leap/bitmask/vpn/_control.py
+++ b/src/leap/bitmask/vpn/_control.py
@@ -32,7 +32,7 @@ class VPNControl(object):
OPENVPN_VERB = "openvpn_verb"
- def __init__(self, remotes, eipconfig,
+ def __init__(self, remotes, vpnconfig,
providerconfig, socket_host, socket_port):
self._vpnproc = None
self._pollers = []
@@ -41,7 +41,7 @@ class VPNControl(object):
self._user_stopped = False
self._remotes = remotes
- self._eipconfig = eipconfig
+ self._vpnconfig = vpnconfig
self._providerconfig = providerconfig
self._host = socket_host
self._port = socket_port
@@ -53,7 +53,7 @@ class VPNControl(object):
self._stop_pollers()
vpnproc = VPNProcess(
- self._eipconfig, self._providerconfig, self._host,
+ self._vpnconfig, self._providerconfig, self._host,
self._port, openvpn_verb=7, remotes=self._remotes,
restartfun=self.restart)
diff --git a/src/leap/bitmask/vpn/errors.py b/src/leap/bitmask/vpn/errors.py
index 239ea352..a6c55001 100644
--- a/src/leap/bitmask/vpn/errors.py
+++ b/src/leap/bitmask/vpn/errors.py
@@ -4,11 +4,11 @@
from ._management import OpenVPNAlreadyRunning, AlienOpenVPNAlreadyRunning
from .launcher import OpenVPNNotFoundException, VPNLauncherException
from leap.bitmask.vpn.launchers.linux import (
- EIPNoPolkitAuthAgentAvailable, EIPNoPkexecAvailable)
-from leap.bitmask.vpn.launchers.darwin import EIPNoTunKextLoaded
+ NoPolkitAuthAgentAvailable, NoPkexecAvailable)
+from leap.bitmask.vpn.launchers.darwin import NoTunKextLoaded
__all__ = ["OpenVPNAlreadyRunning", "AlienOpenVPNAlreadyRunning",
"OpenVPNNotFoundException", "VPNLauncherException",
- "EIPNoPolkitAuthAgentAvailable", "EIPNoPkexecAvailable",
- "EIPNoTunKextLoaded"]
+ "NoPolkitAuthAgentAvailable", "NoPkexecAvailable",
+ "NoTunKextLoaded"]
diff --git a/src/leap/bitmask/vpn/helpers/__init__.py b/src/leap/bitmask/vpn/helpers/__init__.py
index dc249286..8905adfd 100644
--- a/src/leap/bitmask/vpn/helpers/__init__.py
+++ b/src/leap/bitmask/vpn/helpers/__init__.py
@@ -1,4 +1,4 @@
-from os import remove
+from os import remove, chmod
from shutil import copyfile
import sys
@@ -14,15 +14,12 @@ if IS_LINUX:
helper_from = _config.get_bitmask_helper_path()
polkit_from = _config.get_bitmask_polkit_policy_path()
copyfile(helper_from, helper_to)
- os.chmod(helper_to, 0744)
+ chmod(helper_to, 0744)
copyfile(polkit_from, polkit_to)
def uninstall():
- try:
- remove(helper_to)
- remove(polkit_to)
- except:
- raise
+ remove(helper_to)
+ remove(polkit_to)
def main():
diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py
index 84f5f662..28910fa7 100644
--- a/src/leap/bitmask/vpn/launcher.py
+++ b/src/leap/bitmask/vpn/launcher.py
@@ -111,14 +111,14 @@ class VPNLauncher(object):
@classmethod
@abstractmethod
- def get_gateways(kls, eipconfig, providerconfig):
+ def get_gateways(kls, vpnconfig, providerconfig):
"""
Return a list with the selected gateways for a given provider, looking
- at the EIP config file.
+ at the VPN config file.
Each item of the list is a tuple containing (gateway, port).
- :param eipconfig: eip configuration object
- :type eipconfig: EIPConfig
+ :param vpnconfig: vpn configuration object
+ :type vpnconfig: VPNConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
@@ -130,7 +130,7 @@ class VPNLauncher(object):
settings = Settings()
domain = providerconfig.get_domain()
gateway_conf = settings.get_selected_gateway(domain)
- gateway_selector = VPNGatewaySelector(eipconfig)
+ gateway_selector = VPNGatewaySelector(vpnconfig)
if gateway_conf == GATEWAY_AUTOMATIC:
gws = gateway_selector.get_gateways()
@@ -142,7 +142,7 @@ class VPNLauncher(object):
raise VPNLauncherException('No gateway was found!')
for idx, gw in enumerate(gws):
- ports = eipconfig.get_gateway_ports(idx)
+ ports = vpnconfig.get_gateway_ports(idx)
the_port = "1194" # default port
@@ -161,7 +161,7 @@ class VPNLauncher(object):
@classmethod
@abstractmethod
- def get_vpn_command(kls, eipconfig, providerconfig,
+ def get_vpn_command(kls, vpnconfig, providerconfig,
socket_host, socket_port, remotes, openvpn_verb=1):
"""
Return the platform-dependant vpn command for launching openvpn.
@@ -170,8 +170,8 @@ class VPNLauncher(object):
OpenVPNNotFoundException,
VPNLauncherException.
- :param eipconfig: eip configuration object
- :type eipconfig: EIPConfig
+ :param vpnconfig: vpn configuration object
+ :type vpnconfig: VPNConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
:param socket_host: either socket path (unix) or socket IP
@@ -185,7 +185,7 @@ class VPNLauncher(object):
:return: A VPN command ready to be launched.
:rtype: list
"""
- # leap_assert_type(eipconfig, EIPConfig)
+ # leap_assert_type(vpnconfig, VPNConfig)
# leap_assert_type(providerconfig, ProviderConfig)
# XXX this still has to be changed on osx and windows accordingly
@@ -212,7 +212,7 @@ class VPNLauncher(object):
if openvpn_verb is not None:
args += ['--verb', '%d' % (openvpn_verb,)]
- # gateways = kls.get_gateways(eipconfig, providerconfig)
+ # gateways = kls.get_gateways(vpnconfig, providerconfig)
gateways = remotes
for ip, port in gateways:
@@ -227,7 +227,7 @@ class VPNLauncher(object):
'server'
]
- openvpn_configuration = eipconfig.get_openvpn_configuration()
+ openvpn_configuration = vpnconfig.get_openvpn_configuration()
for key, value in openvpn_configuration.items():
args += ['--%s' % (key,), value]
@@ -257,8 +257,8 @@ class VPNLauncher(object):
]
args += [
- '--cert', eipconfig.get_client_cert_path(providerconfig),
- '--key', eipconfig.get_client_cert_path(providerconfig),
+ '--cert', vpnconfig.get_client_cert_path(providerconfig),
+ '--key', vpnconfig.get_client_cert_path(providerconfig),
'--ca', providerconfig.get_ca_cert_path()
]
diff --git a/src/leap/bitmask/vpn/launchers/darwin.py b/src/leap/bitmask/vpn/launchers/darwin.py
index f637ae1a..9ae64053 100644
--- a/src/leap/bitmask/vpn/launchers/darwin.py
+++ b/src/leap/bitmask/vpn/launchers/darwin.py
@@ -32,7 +32,7 @@ from leap.common.config import get_path_prefix
logger = Logger()
-class EIPNoTunKextLoaded(VPNLauncherException):
+class NoTunKextLoaded(VPNLauncherException):
pass
@@ -142,18 +142,18 @@ class DarwinVPNLauncher(VPNLauncher):
return kls.COCOASUDO, args
@classmethod
- def get_vpn_command(kls, eipconfig, providerconfig, socket_host,
+ def get_vpn_command(kls, vpnconfig, providerconfig, socket_host,
socket_port="unix", openvpn_verb=1):
"""
Returns the OSX implementation for the vpn launching command.
Might raise:
- EIPNoTunKextLoaded,
+ NoTunKextLoaded,
OpenVPNNotFoundException,
VPNLauncherException.
- :param eipconfig: eip configuration object
- :type eipconfig: EIPConfig
+ :param vpnconfig: vpn configuration object
+ :type vpnconfig: VPNConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
:param socket_host: either socket path (unix) or socket IP
@@ -168,11 +168,11 @@ class DarwinVPNLauncher(VPNLauncher):
:rtype: list
"""
if not kls.is_kext_loaded():
- raise EIPNoTunKextLoaded
+ raise VPNNoTunKextLoaded
# we use `super` in order to send the class to use
command = super(DarwinVPNLauncher, kls).get_vpn_command(
- eipconfig, providerconfig, socket_host, socket_port, openvpn_verb)
+ vpnconfig, providerconfig, socket_host, socket_port, openvpn_verb)
cocoa, cargs = kls.get_cocoasudo_ovpn_cmd()
cargs.extend(command)
diff --git a/src/leap/bitmask/vpn/launchers/linux.py b/src/leap/bitmask/vpn/launchers/linux.py
index b54790f2..0c3864b2 100644
--- a/src/leap/bitmask/vpn/launchers/linux.py
+++ b/src/leap/bitmask/vpn/launchers/linux.py
@@ -38,11 +38,11 @@ COM = commands
flags_STANDALONE = False
-class EIPNoPolkitAuthAgentAvailable(VPNLauncherException):
+class NoPolkitAuthAgentAvailable(VPNLauncherException):
pass
-class EIPNoPkexecAvailable(VPNLauncherException):
+class NoPkexecAvailable(VPNLauncherException):
pass
@@ -77,19 +77,19 @@ class LinuxVPNLauncher(VPNLauncher):
OTHER_FILES = (POLKIT_PATH, BITMASK_ROOT, OPENVPN_BIN_PATH)
@classmethod
- def get_vpn_command(kls, eipconfig, providerconfig, socket_host,
+ def get_vpn_command(kls, vpnconfig, providerconfig, socket_host,
remotes, socket_port="unix", openvpn_verb=1):
"""
Returns the Linux implementation for the vpn launching command.
Might raise:
- EIPNoPkexecAvailable,
- EIPNoPolkitAuthAgentAvailable,
+ NoPkexecAvailable,
+ NoPolkitAuthAgentAvailable,
OpenVPNNotFoundException,
VPNLauncherException.
- :param eipconfig: eip configuration object
- :type eipconfig: EIPConfig
+ :param vpnconfig: vpn configuration object
+ :type vpnconfig: VPNConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
:param socket_host: either socket path (unix) or socket IP
@@ -105,7 +105,7 @@ class LinuxVPNLauncher(VPNLauncher):
"""
# we use `super` in order to send the class to use
command = super(LinuxVPNLauncher, kls).get_vpn_command(
- eipconfig, providerconfig, socket_host, socket_port, remotes,
+ vpnconfig, providerconfig, socket_host, socket_port, remotes,
openvpn_verb)
command.insert(0, force_eval(kls.BITMASK_ROOT))
@@ -113,12 +113,7 @@ class LinuxVPNLauncher(VPNLauncher):
command.insert(2, "start")
policyChecker = LinuxPolicyChecker()
- try:
- pkexec = policyChecker.maybe_pkexec()
- except NoPolkitAuthAgentAvailable:
- raise EIPNoPolkitAuthAgentAvailable()
- except NoPkexecAvailable:
- raise EIPNoPkexecAvailable()
+ pkexec = policyChecker.maybe_pkexec()
if pkexec:
command.insert(0, first(pkexec))
diff --git a/src/leap/bitmask/vpn/launchers/windows.py b/src/leap/bitmask/vpn/launchers/windows.py
index bfaac2fc..bad01ee8 100644
--- a/src/leap/bitmask/vpn/launchers/windows.py
+++ b/src/leap/bitmask/vpn/launchers/windows.py
@@ -38,7 +38,7 @@ class WindowsVPNLauncher(VPNLauncher):
# (and maybe we won't)
@classmethod
- def get_vpn_command(kls, eipconfig, providerconfig, socket_host,
+ def get_vpn_command(kls, vpnconfig, providerconfig, socket_host,
socket_port="9876", openvpn_verb=1):
"""
Returns the Windows implementation for the vpn launching command.
@@ -47,8 +47,8 @@ class WindowsVPNLauncher(VPNLauncher):
OpenVPNNotFoundException,
VPNLauncherException.
- :param eipconfig: eip configuration object
- :type eipconfig: EIPConfig
+ :param vpnconfig: vpn configuration object
+ :type vpnconfig: VPNConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
:param socket_host: either socket path (unix) or socket IP
@@ -68,6 +68,6 @@ class WindowsVPNLauncher(VPNLauncher):
# we use `super` in order to send the class to use
command = super(WindowsVPNLauncher, kls).get_vpn_command(
- eipconfig, providerconfig, socket_host, socket_port, openvpn_verb)
+ vpnconfig, providerconfig, socket_host, socket_port, openvpn_verb)
return command
diff --git a/src/leap/bitmask/vpn/manager.py b/src/leap/bitmask/vpn/manager.py
index bf511b38..ba1ae7c1 100644
--- a/src/leap/bitmask/vpn/manager.py
+++ b/src/leap/bitmask/vpn/manager.py
@@ -23,7 +23,7 @@ import os
import tempfile
from ._control import VPNControl
-from ._config import _TempEIPConfig, _TempProviderConfig
+from ._config import _TempVPNConfig, _TempProviderConfig
from .constants import IS_WIN
@@ -52,12 +52,12 @@ class VPNManager(object):
self._remotes = remotes
- self._eipconfig = _TempEIPConfig(extra_flags, cert_path, ports)
+ self._vpnconfig = _TempVPNConfig(extra_flags, cert_path, ports)
self._providerconfig = _TempProviderConfig(domain, ca_path)
host, port = self._get_management_location()
self._vpn = VPNControl(remotes=remotes,
- eipconfig=self._eipconfig,
+ vpnconfig=self._vpnconfig,
providerconfig=self._providerconfig,
socket_host=host, socket_port=port)
diff --git a/src/leap/bitmask/vpn/privilege.py b/src/leap/bitmask/vpn/privilege.py
index 097f5f8a..b30c5fc7 100644
--- a/src/leap/bitmask/vpn/privilege.py
+++ b/src/leap/bitmask/vpn/privilege.py
@@ -38,10 +38,14 @@ flags_STANDALONE = False
def install_helpers():
+ # TODO check if the command has succeeded, and display error
+ # if failed
commands.getoutput('pkexec bitmask_helpers install')
def uninstall_helpers():
+ # TODO check if the command has succeeded, and display error
+ # if failed
commands.getoutput('pkexec bitmask_helpers uninstall')
@@ -149,11 +153,11 @@ class LinuxPolicyChecker(PolicyChecker):
raise Exception("We couldn't find pkexec")
return pkexec_possibilities
else:
- logger.warning("No polkit auth agent found. pkexec " +
- "will use its own auth agent.")
+ logger.warn("No polkit auth agent found. pkexec " +
+ "will use its own auth agent.")
raise NoPolkitAuthAgentAvailable()
else:
- logger.warning("System has no pkexec")
+ logger.warn("System has no pkexec")
raise NoPkexecAvailable()
@classmethod
diff --git a/src/leap/bitmask/vpn/process.py b/src/leap/bitmask/vpn/process.py
index c2941d01..533a45cf 100644
--- a/src/leap/bitmask/vpn/process.py
+++ b/src/leap/bitmask/vpn/process.py
@@ -57,13 +57,13 @@ class VPNProcess(protocol.ProcessProtocol, _management.VPNManagement):
programmatically.
"""
- # TODO do we really need the eipconfig/providerconfig objects in here???
+ # TODO do we really need the vpnconfig/providerconfig objects in here???
- def __init__(self, eipconfig, providerconfig, socket_host, socket_port,
+ def __init__(self, vpnconfig, providerconfig, socket_host, socket_port,
openvpn_verb, remotes, restartfun=None):
"""
- :param eipconfig: eip configuration object
- :type eipconfig: EIPConfig
+ :param vpnconfig: vpn configuration object
+ :type vpnconfig: VPNConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
@@ -81,7 +81,7 @@ class VPNProcess(protocol.ProcessProtocol, _management.VPNManagement):
"""
_management.VPNManagement.__init__(self)
- self._eipconfig = eipconfig
+ self._vpnconfig = vpnconfig
self._providerconfig = providerconfig
self._socket_host = socket_host
self._socket_port = socket_port
@@ -201,7 +201,7 @@ class VPNProcess(protocol.ProcessProtocol, _management.VPNManagement):
:rtype: list of str
"""
command = self._launcher.get_vpn_command(
- eipconfig=self._eipconfig,
+ vpnconfig=self._vpnconfig,
providerconfig=self._providerconfig,
socket_host=self._socket_host,
socket_port=self._socket_port,
@@ -224,7 +224,7 @@ class VPNProcess(protocol.ProcessProtocol, _management.VPNManagement):
:rtype: list
"""
gateways_ports = self._launcher.get_gateways(
- self._eipconfig, self._providerconfig)
+ self._vpnconfig, self._providerconfig)
# filter out ports since we don't need that info
return [gateway for gateway, port in gateways_ports]
diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py
index bbde1044..10818ed7 100644
--- a/src/leap/bitmask/vpn/service.py
+++ b/src/leap/bitmask/vpn/service.py
@@ -17,7 +17,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
-EIP service declaration.
+VPN service declaration.
"""
import os
@@ -25,8 +25,8 @@ import os
from twisted.internet import defer
from leap.bitmask.hooks import HookableService
-from leap.bitmask.vpn.eip import EIPManager
-from leap.bitmask.vpn._checks import is_service_ready, get_eip_cert_path
+from leap.bitmask.vpn.vpn import VPNManager
+from leap.bitmask.vpn._checks import is_service_ready, get_vpn_cert_path
from leap.bitmask.vpn._config import get_bitmask_helper_path
from leap.bitmask.vpn._config import get_bitmask_polkit_policy_path
from leap.bitmask.vpn import privilege
@@ -34,18 +34,19 @@ from leap.common.config import get_path_prefix
from leap.common.files import check_and_fix_urw_only
-class EIPService(HookableService):
+class VPNService(HookableService):
- name = 'eip'
+ name = 'vpn'
def __init__(self, basepath=None):
"""
- Initialize EIP service
+ Initialize VPN service
"""
- super(EIPService, self).__init__()
+ super(VPNService, self).__init__()
self._started = False
- self._eip = None
+ self._vpn = None
+ self._domain = ''
if basepath is None:
self._basepath = get_path_prefix()
@@ -53,36 +54,39 @@ class EIPService(HookableService):
self._basepath = basepath
def startService(self):
- print "Starting EIP Service..."
+ print "Starting VPN Service..."
# TODO this could trigger a check for validity of the certificates,
# etc.
- super(EIPService, self).startService()
+ super(VPNService, self).startService()
def stopService(self):
- print "Stopping EIP Service..."
- super(EIPService, self).stopService()
+ print "Stopping VPN Service..."
+ super(VPNService, self).stopService()
def start_vpn(self, domain):
+ # TODO check if the VPN is started and return an error if it is.
self._setup(domain)
- self._eip.start()
+ self._vpn.start()
self._started = True
+ self._domain = domain
return {'result': 'started'}
def stop_vpn(self):
if self._started:
- self._eip.stop()
+ self._vpn.stop()
self._started = False
return {'result': 'stopped'}
def do_status(self):
- if self._eip:
- status = self._eip.get_status()
+ if self._vpn:
+ status = self._vpn.get_status()
else:
- status = {'EIP': 'OFF'}
+ status = {'VPN': 'OFF'}
+ status['domain'] = self._domain
return status
def do_check(self):
- """Check whether the EIP Service is properly configured,
+ """Check whether the VPN Service is properly configured,
and can be started"""
# TODO either pass a provider, or set a given provider
_ready = is_service_ready('demo.bitmask.net')
@@ -90,7 +94,7 @@ class EIPService(HookableService):
result = 'ok'
else:
result = 'no'
- return {'eip_ready': result}
+ return {'vpn_ready': result}
@defer.inlineCallbacks
def do_get_cert(self, provider):
@@ -98,7 +102,7 @@ class EIPService(HookableService):
bonafide = self.parent.getServiceNamed("bonafide")
_, cert_str = yield bonafide.do_get_vpn_cert()
- cert_path = get_eip_cert_path(provider)
+ cert_path = get_vpn_cert_path(provider)
cert_dir = os.path.dirname(cert_path)
if not os.path.exists(cert_dir):
os.makedirs(cert_dir, mode=0700)
@@ -116,7 +120,7 @@ class EIPService(HookableService):
return {'uninstall': 'ok'}
def _setup(self, provider):
- """Set up EIPManager for a specified provider.
+ """Set up VPNManager for a specified provider.
:param provider: the provider to use, e.g. 'demo.bitmask.net'
:type provider: str"""
@@ -134,7 +138,7 @@ class EIPService(HookableService):
ca_path = prefix + "/ca/cacert.pem"
# FIXME
- # XXX picked manually from eip-service.json
+ # XXX picked manually from vpn-service.json
extra_flags = {
"auth": "SHA1",
"cipher": "AES-128-CBC",
@@ -142,5 +146,5 @@ class EIPService(HookableService):
"tls-cipher": "DHE-RSA-AES128-SHA",
}
- self._eip = EIPManager(remotes, cert_path, key_path, ca_path,
+ self._vpn = VPNManager(remotes, cert_path, key_path, ca_path,
extra_flags)
diff --git a/src/leap/bitmask/vpn/eip.py b/src/leap/bitmask/vpn/vpn.py
index 0c47cc32..94fee8b5 100644
--- a/src/leap/bitmask/vpn/eip.py
+++ b/src/leap/bitmask/vpn/vpn.py
@@ -22,7 +22,7 @@ from leap.bitmask.vpn.manager import VPNManager
from leap.bitmask.vpn.fw.firewall import FirewallManager
-class EIPManager(object):
+class VPNManager(object):
def __init__(self, remotes, cert, key, ca, flags):
@@ -31,11 +31,6 @@ class EIPManager(object):
self._firewall = FirewallManager(remotes)
def start(self):
- """
- Start EIP service (firewall and vpn)
-
- This may raise exceptions, see errors.py
- """
print(Fore.BLUE + "Firewall: starting..." + Fore.RESET)
fw_ok = self._firewall.start()
if not fw_ok:
@@ -74,9 +69,10 @@ class EIPManager(object):
def get_status(self):
vpn_status = self._vpn.status
+ # TODO use firewall.is_up instead
fw_status = self._firewall.status
- result = {'EIP': vpn_status,
+ result = {'VPN': vpn_status,
'firewall': fw_status}
if vpn_status == 'CONNECTED':
traffic = self._vpn.traffic_status