summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/services/eip
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/bitmask/services/eip')
-rw-r--r--src/leap/bitmask/services/eip/conductor.py9
-rw-r--r--src/leap/bitmask/services/eip/darwinvpnlauncher.py4
-rw-r--r--src/leap/bitmask/services/eip/eipbootstrapper.py6
-rw-r--r--src/leap/bitmask/services/eip/linuxvpnlauncher.py7
-rw-r--r--src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py2
-rw-r--r--src/leap/bitmask/services/eip/vpnlauncher.py24
-rw-r--r--src/leap/bitmask/services/eip/vpnprocess.py19
7 files changed, 33 insertions, 38 deletions
diff --git a/src/leap/bitmask/services/eip/conductor.py b/src/leap/bitmask/services/eip/conductor.py
index a8821160..bb07809a 100644
--- a/src/leap/bitmask/services/eip/conductor.py
+++ b/src/leap/bitmask/services/eip/conductor.py
@@ -33,7 +33,7 @@ logger = logging.getLogger(__name__)
class EIPConductor(object):
- def __init__(self, settings, backend, **kwargs):
+ def __init__(self, settings, backend, leap_signaler, **kwargs):
"""
Initializes EIP Conductor.
@@ -46,6 +46,7 @@ class EIPConductor(object):
self.eip_connection = EIPConnection()
self.eip_name = get_service_display_name(EIP_SERVICE)
self._settings = settings
+ self._leap_signaler = leap_signaler
self._backend = backend
self._eip_status = None
@@ -76,7 +77,7 @@ class EIPConductor(object):
"""
Connect to backend signals.
"""
- signaler = self._backend.signaler
+ signaler = self._leap_signaler
# for conductor
signaler.eip_process_restart_tls.connect(self._do_eip_restart)
@@ -201,7 +202,7 @@ class EIPConductor(object):
# we bypass the on_eip_disconnected here
plug_restart_on_disconnected()
self.qtsigs.disconnected_signal.emit()
- #QtDelayedCall(0, self.qtsigs.disconnected_signal.emit)
+ # QtDelayedCall(0, self.qtsigs.disconnected_signal.emit)
# ...and reconnect the original signal again, after having used the
# diversion
QtDelayedCall(500, reconnect_disconnected_signal)
@@ -300,7 +301,7 @@ class EIPConductor(object):
# XXX FIXME --- check exitcode is != 0 really.
# bitmask-root is masking the exitcode, so we might need
# to fix it on that side.
- #if exitCode != 0 and not self.user_stopped_eip:
+ # if exitCode != 0 and not self.user_stopped_eip:
if not self.user_stopped_eip:
eip_status_label = self._eip_status.tr(
"{0} finished in an unexpected manner!")
diff --git a/src/leap/bitmask/services/eip/darwinvpnlauncher.py b/src/leap/bitmask/services/eip/darwinvpnlauncher.py
index 41d75052..f83e0170 100644
--- a/src/leap/bitmask/services/eip/darwinvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/darwinvpnlauncher.py
@@ -46,7 +46,9 @@ class DarwinVPNLauncher(VPNLauncher):
INSTALL_MSG = ("\"Bitmask needs administrative privileges to install "
"missing scripts and fix permissions.\"")
- INSTALL_PATH = os.path.realpath(os.getcwd() + "/../../")
+ # Hardcode the installation path for OSX for security, openvpn is
+ # run as root
+ INSTALL_PATH = "/Applications/Bitmask.app/"
INSTALL_PATH_ESCAPED = os.path.realpath(os.getcwd() + "/../../")
OPENVPN_BIN = 'openvpn.leap'
OPENVPN_PATH = "%s/Contents/Resources/openvpn" % (INSTALL_PATH,)
diff --git a/src/leap/bitmask/services/eip/eipbootstrapper.py b/src/leap/bitmask/services/eip/eipbootstrapper.py
index c77977ce..264eac2e 100644
--- a/src/leap/bitmask/services/eip/eipbootstrapper.py
+++ b/src/leap/bitmask/services/eip/eipbootstrapper.py
@@ -53,7 +53,7 @@ class EIPBootstrapper(AbstractBootstrapper):
self._eip_config = None
self._download_if_needed = False
if signaler is not None:
- self._cancel_signal = signaler.EIP_CANCELLED_SETUP
+ self._cancel_signal = signaler.eip_cancelled_setup
def _download_config(self, *args):
"""
@@ -116,9 +116,9 @@ class EIPBootstrapper(AbstractBootstrapper):
self._download_if_needed = download_if_needed
cb_chain = [
- (self._download_config, self._signaler.EIP_CONFIG_READY),
+ (self._download_config, self._signaler.eip_config_ready),
(self._download_client_certificates,
- self._signaler.EIP_CLIENT_CERTIFICATE_READY)
+ self._signaler.eip_client_certificate_ready)
]
return self.addCallbackChain(cb_chain)
diff --git a/src/leap/bitmask/services/eip/linuxvpnlauncher.py b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
index 8ec0c050..b6e47f25 100644
--- a/src/leap/bitmask/services/eip/linuxvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
@@ -74,6 +74,7 @@ def _is_auth_agent_running():
'ps aux | grep "polkit-[m]ate-authentication-agent-1"',
'ps aux | grep "[l]xpolkit"',
'ps aux | grep "[g]nome-shell"',
+ 'ps aux | grep "[f]ingerprint-polkit-agent"',
]
is_running = [commands.getoutput(cmd) for cmd in polkit_options]
@@ -126,12 +127,6 @@ class LinuxVPNLauncher(VPNLauncher):
# LinuxPolicyChecker will give us the right path if standalone.
return LinuxPolicyChecker.get_polkit_path()
- class RESOLVCONF_BIN_PATH(object):
- def __call__(self):
- return ("/usr/local/sbin/leap-resolvconf" if flags.STANDALONE else
- "/sbin/resolvconf")
- # this only will work with debian/ubuntu distros.
-
OTHER_FILES = (POLKIT_PATH, BITMASK_ROOT, OPENVPN_BIN_PATH)
@classmethod
diff --git a/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py b/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py
index 6640a860..1888f2c9 100644
--- a/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py
+++ b/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py
@@ -30,7 +30,7 @@ import time
try:
import unittest2 as unittest
except ImportError:
- import unittest
+ import unittest # noqa - skip 'unused import' warning
from nose.twistedtools import deferred, reactor
from twisted.internet import threads
diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py
index 0731bee3..72e19413 100644
--- a/src/leap/bitmask/services/eip/vpnlauncher.py
+++ b/src/leap/bitmask/services/eip/vpnlauncher.py
@@ -27,7 +27,7 @@ from abc import ABCMeta, abstractmethod
from functools import partial
from leap.bitmask.config import flags
-from leap.bitmask.config.leapsettings import LeapSettings
+from leap.bitmask.backend.settings import Settings, GATEWAY_AUTOMATIC
from leap.bitmask.config.providerconfig import ProviderConfig
from leap.bitmask.platform_init import IS_LINUX
from leap.bitmask.services.eip.eipconfig import EIPConfig, VPNGatewaySelector
@@ -122,12 +122,12 @@ class VPNLauncher(object):
:rtype: list
"""
gateways = []
- leap_settings = LeapSettings()
+ settings = Settings()
domain = providerconfig.get_domain()
- gateway_conf = leap_settings.get_selected_gateway(domain)
+ gateway_conf = settings.get_selected_gateway(domain)
gateway_selector = VPNGatewaySelector(eipconfig)
- if gateway_conf == leap_settings.GATEWAY_AUTOMATIC:
+ if gateway_conf == GATEWAY_AUTOMATIC:
gateways = gateway_selector.get_gateways()
else:
gateways = [gateway_conf]
@@ -136,12 +136,6 @@ class VPNLauncher(object):
logger.error('No gateway was found!')
raise VPNLauncherException('No gateway was found!')
- # this only works for selecting the first gateway, as we're
- # currently doing.
- ccodes = gateway_selector.get_gateways_country_code()
- gateway_ccode = ccodes[gateways[0]]
- flags.CURRENT_VPN_COUNTRY = gateway_ccode
-
logger.debug("Using gateways ips: {0}".format(', '.join(gateways)))
return gateways
@@ -175,11 +169,11 @@ class VPNLauncher(object):
leap_assert_type(providerconfig, ProviderConfig)
# XXX this still has to be changed on osx and windows accordingly
- #kwargs = {}
- #openvpn_possibilities = which(kls.OPENVPN_BIN, **kwargs)
- #if not openvpn_possibilities:
- #raise OpenVPNNotFoundException()
- #openvpn = first(openvpn_possibilities)
+ # kwargs = {}
+ # openvpn_possibilities = which(kls.OPENVPN_BIN, **kwargs)
+ # if not openvpn_possibilities:
+ # raise OpenVPNNotFoundException()
+ # openvpn = first(openvpn_possibilities)
# -----------------------------------------
openvpn_path = force_eval(kls.OPENVPN_BIN_PATH)
diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py
index b54f2925..d1a3fdaa 100644
--- a/src/leap/bitmask/services/eip/vpnprocess.py
+++ b/src/leap/bitmask/services/eip/vpnprocess.py
@@ -118,10 +118,10 @@ class VPNObserver(object):
"""
sig = self._signaler
signals = {
- "network_unreachable": sig.EIP_NETWORK_UNREACHABLE,
- "process_restart_tls": sig.EIP_PROCESS_RESTART_TLS,
- "process_restart_ping": sig.EIP_PROCESS_RESTART_PING,
- "initialization_completed": sig.EIP_CONNECTED
+ "network_unreachable": sig.eip_network_unreachable,
+ "process_restart_tls": sig.eip_process_restart_tls,
+ "process_restart_ping": sig.eip_process_restart_ping,
+ "initialization_completed": sig.eip_connected
}
return signals.get(event.lower())
@@ -255,6 +255,9 @@ class VPN(object):
"""
Tear the firewall down using the privileged wrapper.
"""
+ if IS_MAC:
+ # We don't support Mac so far
+ return True
BM_ROOT = force_eval(linuxvpnlauncher.LinuxVPNLauncher.BITMASK_ROOT)
exitCode = subprocess.call(["pkexec",
BM_ROOT, "firewall", "stop"])
@@ -594,7 +597,7 @@ class VPNManager(object):
state = status_step
if state != self._last_state:
- self._signaler.signal(self._signaler.EIP_STATE_CHANGED, state)
+ self._signaler.signal(self._signaler.eip_state_changed, state)
self._last_state = state
def _parse_status_and_notify(self, output):
@@ -632,7 +635,7 @@ class VPNManager(object):
status = (tun_tap_read, tun_tap_write)
if status != self._last_status:
- self._signaler.signal(self._signaler.EIP_STATUS_CHANGED, status)
+ self._signaler.signal(self._signaler.eip_status_changed, status)
self._last_status = status
def get_state(self):
@@ -814,7 +817,7 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager):
leap_assert_type(eipconfig, EIPConfig)
leap_assert_type(providerconfig, ProviderConfig)
- #leap_assert(not self.isRunning(), "Starting process more than once!")
+ # leap_assert(not self.isRunning(), "Starting process more than once!")
self._eipconfig = eipconfig
self._providerconfig = providerconfig
@@ -869,7 +872,7 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager):
if isinstance(exit_code, int):
logger.debug("processExited, status %d" % (exit_code,))
self._signaler.signal(
- self._signaler.EIP_PROCESS_FINISHED, exit_code)
+ self._signaler.eip_process_finished, exit_code)
self._alive = False
def processEnded(self, reason):