Age | Commit message (Collapse) | Author |
|
|
|
polkit doesn't work inside docker.
|
|
|
|
Since bonafide was not catching the error 401, an attempt to bootstrap a
provider that does not support anonvpn with the new setup was resulting
in a json that was containing only an error message.
this was producing an error when trying to access the configuration for
that provider's EIP section.
we now avoid writing a json config file if an error 401 is found, and
also catch the exception for a ValueError when the EIP section is not
found in the provider's configuration.
|
|
|
|
|
|
for some usages, specially with autostart enabled, user might want to
launch only the systray.
this commit implements a simple ``--nowindow`` switch that just avoids
showing the main window for now. in the future, we can have a different
entrypoint that just launches bitmaskd and a minimal systray widget.
I'm not documenting this feature properly since I think this is still
missing some functionality: the ability to switch on and off the vpn,
and the ability to pass the --autostart as a flag to the bitmask
entrypoint.
|
|
also refactor and move polkit_agent so that it does not depend on having
bitmask on the path.
|
|
|
|
|
|
|
|
|
|
for now, we'll be hardcoding tcp as a more reliable alternative, no
matter what the provider announces.
explicitely specifying ipv4 should fix the case in which vpn fails to
start because ipv6 is disabled.
-Resolves: #9181, #9129
|
|
honor the anonymous certificate for the providers that offer it.
this still needs a change in bonafide, in which if provider supports
anonymous access we still have to download eip-service.json
for testing, I assume this has been already manually downloaded.
|
|
|
|
|
|
- Resolves: #9202
|
|
|
|
|
|
|
|
|
|
In ubuntu 17.10 some changes with systemd-resolved broke our firewall,
blocking all DNS queries. The masquerade rules in the firewall, that
are used to rewrite the source IP address of the DNS queries, were
wrongly modifying the queries to systemd-resolved.
Let's apply masquerade only to the packets addressed to the nameserver.
- Resolves: #9137
|
|
|
|
|
|
- Resolves: #9191
|
|
it was a bit confusing before.
|
|
|
|
|
|
Removing '--persist-ip' param on openvpn it will try to connect to a
different gateway if the first one fails. This means, that in case of
network disconnection for some minutes bitmask will keep rotating
between the different gateways and one the network comes back it will
not connect anymore to the first one, but to the one that was trying at
this moment.
- Resolves: #9188
|
|
|
|
|
|
|
|
|
|
After e2e tests seem reliable now we should not allow them to fail
anymore.
|
|
This makes builds not error when the virtualenv version of a package
doesn't match the system one. It also helps ensure builds on different
machines bundle the same version of packages.
|
|
|
|
|
|
|
|
this commit deprecates qtwebkit usage.
|
|
used from both entrypoints for linux and mac apps.
|
|
|
|
- Move all tests into a single test stage
- Move docker and package builds in a single
build stage
- Remove dependencies between stages
|
|
|
|
|
|
|
|
|
|
Also pull in cython and restructure the package.
|
|
some juggling to make systray (qt5 for now) and browser (pywebview,
native) start and stop coordinatedly.
I will explore a more lightweight systray for coming releases.
|
|
|
|
If you try to fetch the incoming service while it's still starting it
throws a KeyError.
- Resolves: #9174
|