summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/vpn
AgeCommit message (Collapse)Author
2019-07-10[bug] missing bytes conversionHEADmasterKali Kaneko
2019-07-10[bug] port regex to py3Kali Kaneko
2019-07-09[bug] use python3 for bitmask-rootKali Kaneko
2019-05-23[bug] bitmask-vpn needs tun-ipv6 flagKali Kaneko
2019-01-30[bug] allow tls 1.0 as a workaround for buster/sidKali Kaneko
in systems with newer openssl, tls 1.0 has been disabled. however, this breaks the ability of a client in a newer system to connect with the openvpn servers on providers that are still on stretch. platform needs to be upgraded. -Related: https://0xacab.org/leap/bitmask-vpn/issues/105
2019-01-30[docs] add a small usage hintKali Kaneko
-Resolves: #9378
2019-01-30[style] lintingKali Kaneko
2018-09-06[bug] get openvpn from snap, disable ipv6 workaroundKali Kaneko
when using snap, at least in qubes there's an error if we pick openvpn from the system. if we're executing from a snap, we should pick the snap's openpvn. also disabling for now the ipv6 workaround, since it fails when attempting to setup the i6 addr on the interface. --pull-filter should work here, see https://community.openvpn.net/openvpn/ticket/849
2018-09-06[bug] disable temporarily ipv6 as part of the firewallKali Kaneko
Since we're blocking ipv6, it's nice to avoid resolving dual-stack sites to ipv6, because many tools don't work otherwise. - Resolves: #9027
2018-09-06[bug] search for any openvpn process, the binary name might not matchRuben Pollan
2018-07-23[bug] return allways a valid state from openvpnRuben Pollan
Even if we don't recognize the state that openvpn is providing. Add TCP_CONNECT state as well.
2018-06-13[bug] fix constants import errorkali
2018-06-12[feat] add support for tcp management in bitmask-rootRuben Pollan
2018-04-11[feat] add fw_reload to bitmaskctlRuben Pollan
Some systems remove firewall rules, is usefull to be able to script the reload of those rules in hooks or other custom systems. - Resolves: #9289
2018-04-11[bug] fix importKali Kaneko
2018-04-11[style] pep8Kali Kaneko
2018-04-11several fixes for riseupvpn snapKali Kaneko
- move snap folder to root folder, to allow automated builds - install only polkit file outside of snap - change path of bitmask-root accordingly in bitmask - fix check for polkit file inside snap - change and document the algorithm for picking bitmask-root in linux - add LD_LIBRARY_PATH as an environment entry for bitmask-systray
2018-03-28[refactor] move autostart code into coreRuben Pollan
All the logic to autostart bitmask should not be vpn dependent.
2018-03-28[refactor] move platform constants into leap.bitmaskRuben Pollan
The IS_${platform} constants are used in more places than the vpn module. Let's define them in leap.bitmask.
2018-03-22[pkg] minor adjustments for riseupvpn osx bundleKali Kaneko
- duplicate the scripts folder for riseupvpn - fix renaming of helper - set openvpn path for riseupvpn
2018-03-05[style] pep8Kali Kaneko
2018-03-02[bug] do not use tcp4 version for snapsKali Kaneko
2018-03-02[feat] increase verbosity on vpn checks to ease debuggingKali Kaneko
2018-03-02[bug] fix openvpn path in snap checkKali Kaneko
2018-03-02[bug] fix bitmask-root detection in snapKali Kaneko
2018-03-02[refactor] openvpn path and cmd for snapKali Kaneko
2018-03-02[pkg] add snap openvpn to bitmask-rootKali Kaneko
2018-03-02[bug] fix launching of vpn for snapsKali Kaneko
2018-03-02[bug] debug launchingKali Kaneko
2018-03-01[style] pep8Kali Kaneko
2018-02-19[pkg] osx packaging changes for riseupvpnKali Kaneko
2018-02-15[bug] privcheck takes one argumentKali Kaneko
2018-02-15[style] pep8Kali Kaneko
2018-02-15[bug] do not attempt to stop a non running looping callKali Kaneko
2018-02-15[bug] fix logger instanceKali Kaneko
2018-01-26[style] some wording fixesKali Kaneko
2018-01-26[refactor] yet another readability passRuben Pollan
2018-01-26[refactor] clean up the helpers check to make it more readableRuben Pollan
2018-01-26[bug] don't check for updates on polkit just for its existenceRuben Pollan
We don't update the polkit file normally, for now let's check if it's installed. It should be more clever, detecting wich file is needed, depending on wich bitmask-root will be executed. But for now it's just a dummy check.
2018-01-25[tests] workaround for functional tests in dockerKali Kaneko
polkit doesn't work inside docker.
2018-01-25[bug] do not fail if the provider does not allow anonymous vpnKali Kaneko
Since bonafide was not catching the error 401, an attempt to bootstrap a provider that does not support anonvpn with the new setup was resulting in a json that was containing only an error message. this was producing an error when trying to access the configuration for that provider's EIP section. we now avoid writing a json config file if an error 401 is found, and also catch the exception for a ValueError when the EIP section is not found in the provider's configuration.
2018-01-25[bug] several fixes after reviewKali Kaneko
2018-01-25[feat] report missing polkit properly from main UIKali Kaneko
also refactor and move polkit_agent so that it does not depend on having bitmask on the path.
2018-01-25[bug] check if attribute existsKali Kaneko
2018-01-25[feat] autostart application when user logs inKali Kaneko
2018-01-25[feat] implement autostart for vpnKali Kaneko
2018-01-25[feat] implement vpn status watchdogKali Kaneko
2018-01-25[feat] hardcode tcp4 in vpn connectionsKali Kaneko
for now, we'll be hardcoding tcp as a more reliable alternative, no matter what the provider announces. explicitely specifying ipv4 should fix the case in which vpn fails to start because ipv6 is disabled. -Resolves: #9181, #9129
2018-01-25[feat] support anonymous vpnKali Kaneko
honor the anonymous certificate for the providers that offer it. this still needs a change in bonafide, in which if provider supports anonymous access we still have to download eip-service.json for testing, I assume this has been already manually downloaded.
2018-01-25[feat] get cert automatically on vpn startKali Kaneko