summaryrefslogtreecommitdiff
path: root/src/leap/bitmask
AgeCommit message (Collapse)Author
2018-03-02[bug] fix openvpn path in snap checkKali Kaneko
2018-03-02[bug] fix bitmask-root detection in snapKali Kaneko
2018-03-02[refactor] openvpn path and cmd for snapKali Kaneko
2018-03-02[pkg] add snap openvpn to bitmask-rootKali Kaneko
2018-03-02[bug] fix launching of vpn for snapsKali Kaneko
2018-03-02[bug] snap pwd is read-onlyKali Kaneko
2018-03-02[bug] debug launchingKali Kaneko
2018-03-02[pkg] set systray path on snapsKali Kaneko
2018-03-01[style] pep8Kali Kaneko
2018-03-01[bug] catch errors while cleaning upKali Kaneko
2018-02-23[feat] put the socket in the snap folder if definedRuben Pollan
On snap is better if we don't put stuff in /tmp but in $SNAP
2018-02-19[pkg] osx packaging changes for riseupvpnKali Kaneko
2018-02-15[bug] privcheck takes one argumentKali Kaneko
2018-02-15[pkg] add --no-pie to CFLAGS for wrapperKali Kaneko
-Resolves: #9232
2018-02-15[pkg] packaging fixes for anonvpn bundleKali Kaneko
2018-02-15[refactor] refactor function to skip start from cliKali Kaneko
2018-02-15[bug] remove stale pidfileKali Kaneko
- Resolves: #9229
2018-02-15[style] pep8Kali Kaneko
2018-02-15[bug] bitmaskctl status should not start bitmaskdKali Kaneko
-Resolves: #9244
2018-02-15[bug] do not attempt to stop a non running looping callKali Kaneko
2018-02-15[feat] implement fallback to webkit for bundlesKali Kaneko
in the end, depending on webengine didn't seem to be such a great idea: it makes bundles more complex, heavy and brittle. I tried compiling qt5 and the maintained qtwebkit fork, but that had also its own set of problems (lastly, pyinstaller didn't work properly; pyqt also adds a lot of garbage even if you disabled lots of modules you don't need). so, this is a fallback to a stretch-based build. it fixes the libGL library by adding the right version into the bundle. in this commit I also add a dockerfile for an image that can build bundles by installing pip dependencies directly in the system. this has the advantage that the build process is very fast, but the downside that a new image needs to be pushed to the registry each time that new dependencies are added; we'll also miss any bug due to introducing new dependncies (but hopefully it will be catched by other steps in the CI). The good side of it is that it reduces the need for some hacks in the build process when bundling from a virtualenv.
2018-02-15[bug] fix logger instanceKali Kaneko
2018-02-15[bug] fail gracefully on dummy importsKali Kaneko
2018-02-15[bug] fail gracefully if we do not have mail depsKali Kaneko
2018-02-15[feat] anonvpn entrypointsKali Kaneko
2018-02-15[feat] help string for bitmask guiKali Kaneko
- Resolves: #8794
2018-01-26[style] some wording fixesKali Kaneko
2018-01-26[refactor] yet another readability passRuben Pollan
2018-01-26[refactor] clean up the helpers check to make it more readableRuben Pollan
2018-01-26[bug] don't check for updates on polkit just for its existenceRuben Pollan
We don't update the polkit file normally, for now let's check if it's installed. It should be more clever, detecting wich file is needed, depending on wich bitmask-root will be executed. But for now it's just a dummy check.
2018-01-25[tests] workaround for functional tests in dockerKali Kaneko
polkit doesn't work inside docker.
2018-01-25[bug] fixed function callKali Kaneko
2018-01-25[bug] do not fail if the provider does not allow anonymous vpnKali Kaneko
Since bonafide was not catching the error 401, an attempt to bootstrap a provider that does not support anonvpn with the new setup was resulting in a json that was containing only an error message. this was producing an error when trying to access the configuration for that provider's EIP section. we now avoid writing a json config file if an error 401 is found, and also catch the exception for a ValueError when the EIP section is not found in the provider's configuration.
2018-01-25[feat] use new assets for systray iconsKali Kaneko
2018-01-25[bug] several fixes after reviewKali Kaneko
2018-01-25[feat] implement --nowindow flag to display only systrayKali Kaneko
for some usages, specially with autostart enabled, user might want to launch only the systray. this commit implements a simple ``--nowindow`` switch that just avoids showing the main window for now. in the future, we can have a different entrypoint that just launches bitmaskd and a minimal systray widget. I'm not documenting this feature properly since I think this is still missing some functionality: the ability to switch on and off the vpn, and the ability to pass the --autostart as a flag to the bitmask entrypoint.
2018-01-25[feat] report missing polkit properly from main UIKali Kaneko
also refactor and move polkit_agent so that it does not depend on having bitmask on the path.
2018-01-25[bug] check if attribute existsKali Kaneko
2018-01-25[feat] autostart application when user logs inKali Kaneko
2018-01-25[feat] implement autostart for vpnKali Kaneko
2018-01-25[feat] implement vpn status watchdogKali Kaneko
2018-01-25[feat] hardcode tcp4 in vpn connectionsKali Kaneko
for now, we'll be hardcoding tcp as a more reliable alternative, no matter what the provider announces. explicitely specifying ipv4 should fix the case in which vpn fails to start because ipv6 is disabled. -Resolves: #9181, #9129
2018-01-25[feat] support anonymous vpnKali Kaneko
honor the anonymous certificate for the providers that offer it. this still needs a change in bonafide, in which if provider supports anonymous access we still have to download eip-service.json for testing, I assume this has been already manually downloaded.
2018-01-25[feat] get cert automatically on vpn startKali Kaneko
2018-01-16[bug] fix the systemctl runRuben Pollan
2018-01-12[bug] Accept any character for message-idRuben Pollan
- Resolves: #9202
2018-01-12[feat] bump bitmask-root versionRuben Pollan
2018-01-12Add Qubes DNS support, fixesChristopher Laprise
2018-01-12Add anti-leak rules for qubes-firewallChristopher Laprise
2018-01-09[bug] fix issues with dns resolution with systemd-resolvedRuben Pollan
In ubuntu 17.10 some changes with systemd-resolved broke our firewall, blocking all DNS queries. The masquerade rules in the firewall, that are used to rewrite the source IP address of the DNS queries, were wrongly modifying the queries to systemd-resolved. Let's apply masquerade only to the packets addressed to the nameserver. - Resolves: #9137