summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/vpn/helpers
AgeCommit message (Collapse)Author
2018-01-12Add Qubes DNS support, fixesChristopher Laprise
2018-01-12Add anti-leak rules for qubes-firewallChristopher Laprise
2018-01-09[bug] fix issues with dns resolution with systemd-resolvedRuben Pollan
In ubuntu 17.10 some changes with systemd-resolved broke our firewall, blocking all DNS queries. The masquerade rules in the firewall, that are used to rewrite the source IP address of the DNS queries, were wrongly modifying the queries to systemd-resolved. Let's apply masquerade only to the packets addressed to the nameserver. - Resolves: #9137
2018-01-08[feat] try other gateways if the main one failsRuben Pollan
Removing '--persist-ip' param on openvpn it will try to connect to a different gateway if the first one fails. This means, that in case of network disconnection for some minutes bitmask will keep rotating between the different gateways and one the network comes back it will not connect anymore to the first one, but to the one that was trying at this moment. - Resolves: #9188
2017-12-21[doc] add note about expected paths to bitmask-root itselfKali Kaneko
I should remember this change when we merge elijah's fix again. Hopefully that happens soon enough.
2017-12-21[bug] temporarily revert dnsmasq firewall fixKali Kaneko
It has been reported that, after this fix, dns leaks happen under some circumstances not yet clear. Preparing for a release, we have decided to revert this change until the problem can be properly triaged. This means a broken vpn aartful support for the time being, but a non-leaking master. https://0xacab.org/leap/bitmask-dev/issues/9137 - Related: #9137
2017-12-20[bug] add lock in command dispatcherKali Kaneko
2017-12-07[feat] update bitmask-root if neededRuben Pollan
Chech the hash of the installed bitmask root and sign as not installed if doesn't match the one we have in the bundle. Also for running bitmask-root, if there is more than one (in /usr/local/sbin and /usr/sbin) run the one with higher version number. - Resolves: #9020
2017-12-05[bug] change bitmask-root to work with dnsmasqelijah
2017-11-30[refactor] use /var/run for osx helper socketKali Kaneko
2017-11-02[feature] support deepin polkit agentKali Kaneko
-Resolves: #9119
2017-10-25[feat] support pantheon polkit agentKali Kaneko
Apparently, this would allow us to run in Elementary OS. -Resolves: #9076
2017-10-11[style] pep8Kali Kaneko
2017-10-11[bug] import linux specific constants inside if blockkali
2017-10-09[bug] properly check for local openvpn pathKali Kaneko
- Resolves: #9099
2017-10-03[feat] Update polkit optionsRuben Pollan
2017-09-29[bug] look also from bitmask-root in the debian pathKali Kaneko
2017-09-29[bug] create /usr/local/sbin folder if it does not existKali Kaneko
- Resolves: #9084
2017-09-20[feat] detect if pkexec is present in the systemRuben Pollan
Check it before starting the vpn. - Resolves: #8895
2017-09-15[feat] add --nodaemon param to polkit_agentRuben Pollan
2017-09-15[docs] having the polkits to try in a list sets already a prio to themRuben Pollan
2017-09-15[bug] get the VPN restart working againRuben Pollan
Don't persist-tun on the vpn, so it can restart properly. Also let's match better the options that are sent and taken into account from bitmask-root. - Resolves: #9048
2017-09-10[bug] fix policykit helper pathsKali Kaneko
the debian package was failing because of a bad polkit policy file name.
2017-08-30[tests] do not fail if helper installed in debian pathKali Kaneko
2017-08-30[bug] flatten args to allow keepalive paramsKali Kaneko
2017-08-30[refactor] restart by allowing to send SIGUSR1 to openvpn processKali Kaneko
by properly allowing openvpn to restart when receiving SIGUSR1, we can reserve the hard process restarts for cases in which the process is aborted. this depends on bitmask-root adding --persist-tun and --persist-key as mandatory/allowed parameters.
2017-08-14[bug] proper vpn shutdown in osx bundleskali
the restarting flag was not being set. - Resolves: #8959
2017-06-23[bug] trim whitespace from options stringKali Kaneko
this was producing a bug with parsing options in a recent enough openvpn. - Resolves: #8945
2017-06-21[style] reduce syslog verbosityKali Kaneko (leap communications)
2017-06-21[pkg] improve Packages scriptKali Kaneko
- use relative paths - there's still an absolute path (hardcoded, the REFERENCE FOLDER PATH). This should be changed (sed!) if we want to automate this for CI or for building in different environments: STILL NEEDS SOME MANUAL WORK. - Avoid deleting the build folders by default - Move the plist file to a subfolder
2017-06-16[bug] fail gracefull if watcher process is not aliveKali Kaneko (leap communications)
- plus general pep8 cleanup.
2017-06-13[bug] pick the openvpn binary in the helper tooKali Kaneko (leap communications)
2017-06-13[pkg] reorder osx helper filesKali Kaneko (leap communications)
2017-06-12[bug] make openvpn and firewall able to launchKali Kaneko
with these fixes, I'm able to finally launch openvpn and firewall on osx. :) all that's left for a minimum vpn release is packaging and installing all the helpers in the proper place.
2017-05-31[refactor] factor out installer functionKali Kaneko (leap communications)
2017-05-22[bug] fix lxpolkit pathKali Kaneko (leap communications)
2017-05-22[feat] port the polkit agent launcherKali Kaneko (leap communications)
this commit is porting the polkit launcher from the legacy bitmask client. if no polkit authentication agent is running, it will try to run one that is found in the system. - Resolves: #8836
2017-05-22[pkg] install and use static openvpn from bundleKali Kaneko (leap communications)
2017-04-03[feat] add a check for the installation of the helpers to the APIRuben Pollan
- Resolves: #8786
2017-02-23[refactor] rename eip to vpnKali Kaneko (leap communications)
2017-02-23[feature] eip start/stop workingKali Kaneko (leap communications)
2017-02-23[feature] add install/uninstall command for helpersKali Kaneko (leap communications)
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-13 21:45:06 +0000