[feat] get VPN params from eip-service.json

Instead of hardcoding them in the code.
author: Ruben Pollan <meskio@sindominio.net> 2017-03-01 19:32:54 +0100
committer: Ruben Pollan <meskio@sindominio.net> 2017-03-03 10:50:54 +0100
commit: 92957c4b666d6e5fc54275d8857692a12b0fb209 (patch)
tree: 2a0ae0439211b0c6476b5e5854af3db95aedfc4d /src
parent: 1accda8a692798fccdd67584b1e4950057faddeb (diff)
7 files changed, 40 insertions, 36 deletions
diff --git a/src/leap/bitmask/bonafide/_protocol.py b/src/leap/bitmask/bonafide/_protocol.py
index 91b8b242..391aa8df 100644
--- a/src/leap/bitmask/bonafide/_protocol.py
+++ b/src/leap/bitmask/bonafide/_protocol.py
@@ -177,6 +177,10 @@ class BonafideProtocol(object):
         provider = config.Provider(provider_id, autoconf=autoconf)
         return provider.callWhenMainConfigReady(provider.config)
 
+    def do_get_service(self, provider_id, service, autoconf=False):
+        provider = config.Provider(provider_id, autoconf=autoconf)
+        return provider.callWhenMainConfigReady(provider.config, service)
+
     def do_provider_delete(self, provider_id):
         return config.delete_provider(provider_id)
 
diff --git a/src/leap/bitmask/bonafide/config.py b/src/leap/bitmask/bonafide/config.py
index ba454651..1002edbd 100644
--- a/src/leap/bitmask/bonafide/config.py
+++ b/src/leap/bitmask/bonafide/config.py
@@ -234,10 +234,20 @@ class Provider(object):
             return False
         return True
 
-    def config(self):
-        if not self._provider_config:
-            self._load_provider_json()
-        return self._provider_config.dict()
+    def config(self, service=None):
+        if not service:
+            if not self._provider_config:
+                self._load_provider_json()
+            return self._provider_config.dict()
+
+        path = self._get_service_config_path(service)
+        try:
+            with open(path, 'r') as config:
+                config = Record(**json.load(config))
+        except IOError:
+            raise ValueError("Service " + service +
+                             " not found in provider " + self._domain)
+        return config
 
     def bootstrap(self):
         domain = self._domain
diff --git a/src/leap/bitmask/bonafide/service.py b/src/leap/bitmask/bonafide/service.py
index dc579179..0a78813b 100644
--- a/src/leap/bitmask/bonafide/service.py
+++ b/src/leap/bitmask/bonafide/service.py
@@ -111,7 +111,9 @@ class BonafideService(HookableService):
     def do_provider_create(self, domain):
         return self._bonafide.do_get_provider(domain, autoconf=True)
 
-    def do_provider_read(self, domain):
+    def do_provider_read(self, domain, service=None):
+        if service:
+            return self._bonafide.do_get_service(domain, service)
         return self._bonafide.do_get_provider(domain)
 
     def do_provider_delete(self, domain):
diff --git a/src/leap/bitmask/core/dispatcher.py b/src/leap/bitmask/core/dispatcher.py
index 075dfd82..29a07e6d 100644
--- a/src/leap/bitmask/core/dispatcher.py
+++ b/src/leap/bitmask/core/dispatcher.py
@@ -86,7 +86,10 @@ class ProviderCmd(SubCommand):
     @register_method("{'domain': str, 'api_uri': str, 'api_version': str}")
     def do_READ(self, bonafide, *parts):
         domain = parts[2]
-        return bonafide.do_provider_read(domain)
+        service = None
+        if len(parts) > 3:
+            service = parts[3]
+        return bonafide.do_provider_read(domain, service)
 
     @register_method("")
     def do_DELETE(self, bonafide, *parts):
diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py
index 28910fa7..3006d6da 100644
--- a/src/leap/bitmask/vpn/launcher.py
+++ b/src/leap/bitmask/vpn/launcher.py
@@ -229,7 +229,11 @@ class VPNLauncher(object):
 
         openvpn_configuration = vpnconfig.get_openvpn_configuration()
         for key, value in openvpn_configuration.items():
-            args += ['--%s' % (key,), value]
+            if type(value) is bool:
+                if value:
+                    args += ['--%s' % (key,)]
+            else:
+                args += ['--%s' % (key,), value]
 
         user = getpass.getuser()
 
diff --git a/src/leap/bitmask/vpn/process.py b/src/leap/bitmask/vpn/process.py
index 533a45cf..cb67eff3 100644
--- a/src/leap/bitmask/vpn/process.py
+++ b/src/leap/bitmask/vpn/process.py
@@ -22,24 +22,13 @@ A custom processProtocol launches the VPNProcess and connects to its management
 interface.
 """
 
-import os
-import shutil
-import socket
-import subprocess
 import sys
 
-from itertools import chain, repeat
-
-from twisted.internet import defer, protocol, reactor
+from twisted.internet import protocol, reactor
 from twisted.internet import error as internet_error
-from twisted.internet.task import LoopingCall
 from twisted.logger import Logger
 
-from leap.bitmask.vpn.constants import IS_MAC
-from leap.bitmask.vpn.utils import first, force_eval
 from leap.bitmask.vpn.utils import get_vpn_launcher
-from leap.bitmask.vpn.launchers import linux
-from leap.bitmask.vpn._telnet import UDSTelnet
 from leap.bitmask.vpn import _status
 from leap.bitmask.vpn import _management
 
diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py
index 60de0f66..c23397cf 100644
--- a/src/leap/bitmask/vpn/service.py
+++ b/src/leap/bitmask/vpn/service.py
@@ -61,13 +61,14 @@ class VPNService(HookableService):
         print "Stopping VPN Service..."
         super(VPNService, self).stopService()
 
+    @defer.inlineCallbacks
     def start_vpn(self, domain):
         # TODO check if the VPN is started and return an error if it is.
-        self._setup(domain)
+        yield self._setup(domain)
         self._vpn.start()
         self._started = True
         self._domain = domain
-        return {'result': 'started'}
+        defer.returnValue({'result': 'started'})
 
     def stop_vpn(self):
         # TODO -----------------------------
@@ -120,32 +121,23 @@ class VPNService(HookableService):
         ask = privilege.uninstall_helpers()
         return {'uninstall': 'ok'}
 
+    @defer.inlineCallbacks
     def _setup(self, provider):
         """Set up VPNManager for a specified provider.
 
         :param provider: the provider to use, e.g. 'demo.bitmask.net'
         :type provider: str"""
 
-        # FIXME ---------------------------------------------------------
-        # XXX picked manually from eip-service.json
-        remotes = (
-            ("198.252.153.84", "1194"),
-            ("46.165.242.169", "1194"),
-        )
+        bonafide = self.parent.getServiceNamed("bonafide")
+        config = yield bonafide.do_provider_read(provider, "eip")
+        remotes = [(gw["ip_address"], gw["capabilities"]["ports"][0])
+                   for gw in config.gateways]
+        extra_flags = config.openvpn_configuration
 
         prefix = os.path.join(self._basepath,
                               "leap/providers/{0}/keys".format(provider))
         cert_path = key_path = prefix + "/client/openvpn.pem"
         ca_path = prefix + "/ca/cacert.pem"
 
-        # FIXME
-        # XXX picked manually from vpn-service.json
-        extra_flags = {
-            "auth": "SHA1",
-            "cipher": "AES-128-CBC",
-            "keepalive": "10 30",
-            "tls-cipher": "DHE-RSA-AES128-SHA",
-        }
-
         self._vpn = VPNManager(remotes, cert_path, key_path, ca_path,
                                extra_flags)
author	Ruben Pollan <meskio@sindominio.net>	2017-03-01 19:32:54 +0100
committer	Ruben Pollan <meskio@sindominio.net>	2017-03-03 10:50:54 +0100
commit	92957c4b666d6e5fc54275d8857692a12b0fb209 (patch)
tree	2a0ae0439211b0c6476b5e5854af3db95aedfc4d /src
parent	1accda8a692798fccdd67584b1e4950057faddeb (diff)