summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2017-10-06[bug] use sytem-wide bitmask-root, if foundKali Kaneko
we make a distinction between the system-wide bitmask-root, which should be placed there by the maintainers of whatever packages your distribution uses, and the bitmask-root that is placed by the bundles (using polkit). since the bundles copying over the helper from user-writeable folders is a potential attack vector, we prefer to use the package's version if present. also, if we cannot find either, we abort the launching of the VPN. we've discussed that this might move to the service initialization instead, but I think the cases in which this is needed should be rare. I fix also a corner-case in which we were using getcwd() at import time. if you execute code and then remove the installation path, this will raise a traceback in bitmaskctl. I think it's nicer to catch the error properly when starting.
2017-10-03[feat] Update polkit optionsRuben Pollan
2017-09-29[style] pep8Kali Kaneko
2017-09-29[bug] look also from bitmask-root in the debian pathKali Kaneko
2017-09-29[bug] fixes needed to launch vpn on mac after refactorkali
2017-09-29[bug] check for pkexec only in linuxkali
2017-09-29[bug] workaround for using private parseMbox functionKali Kaneko
we're doing something that shouldn't be done, that is relying on private methods of the imap server implementation. until I get to cleanup properly and submit patches for the several things we're patching in the imap server implementation, keeping up with the evolution of the imap server implementation is the only thing to do. specially when we want to get 0.10 out of the door asap.
2017-09-29[bug] create /usr/local/sbin folder if it does not existKali Kaneko
- Resolves: #9084
2017-09-21[bug] fix initialization of default parameter to mutable data structureKali Kaneko
whoever wrote this in the first place needs to get introduced to import-time initialization, even if it was me. one of the nastiest python gotchas in my opinion :)
2017-09-21[bug] do not send if-modified-header if file does not existKali Kaneko
just to make the logic clear. we should probably check that the file is not empty and it has valid json (sanitized against the spec).
2017-09-20[feat] check if there are newest configuration filesKali Kaneko
here we port the if-modified-since conditional mechanism, so that we only write the config if it is newer than whan we have. we also add a line with the status code to the logs, so that it's easier to debug. note that the 'configs.json' file is never returning 304. - Resolves: #8773
2017-09-20[feat] detect if pkexec is present in the systemRuben Pollan
Check it before starting the vpn. - Resolves: #8895
2017-09-20[bug] flag vpn_ready == false if cert expiredRuben Pollan
We were not renewing the vpn cert. Now the UI will trigger a cert renewal by telling it that is the vpn is not ready if the cert is expired. - Resolves: #9059
2017-09-18[bug] we need to use 'GET' method to fetch provider configsRuben Pollan
The workaround is no needed anymore, if we do 'GET' instead of 'POST' to fetch all the provider configuration jsons it works smoothly. - Resolves: #9056
2017-09-15[feat] wait up to 20 seconds for polkit to be launchedRuben Pollan
- Related: #9012
2017-09-15[refactor] remove unused 'is_missing_policy_permissions'Ruben Pollan
2017-09-15[feat] add --nodaemon param to polkit_agentRuben Pollan
2017-09-15[docs] having the polkits to try in a list sets already a prio to themRuben Pollan
2017-09-15[feat] use psutil to discover polkit processRuben Pollan
Better psutil than ps+grep.
2017-09-15[bug] get the VPN restart working againRuben Pollan
Don't persist-tun on the vpn, so it can restart properly. Also let's match better the options that are sent and taken into account from bitmask-root. - Resolves: #9048
2017-09-15[feat] Add 7bit to the list of supported encodingsSimon Fondrie-Teitler
This is required for Nylas to be able to send emails though bitmask.
2017-09-13[bug] send UIDNEXT on selectKali Kaneko
node-mail chokes if we don't.
2017-09-10[bug] add the error as an upper level attribute of the dictKali Kaneko
the UI is expecting it there, not inside the result data. we probably could delete it from the later.
2017-09-10[bug] avoid bogus failed statusKali Kaneko
there was an exception catched, AttributeError, that showed up as a transient "failed" state. - Resolves: #9044
2017-09-10[bug] mark vpn as failed if it had some problem startingKali Kaneko
2017-09-10[bug] fix policykit helper pathsKali Kaneko
the debian package was failing because of a bad polkit policy file name.
2017-08-31[feat] expose an API to set/get/list gateway preferencesRuben Pollan
- Related: #9010
2017-08-31[feat] add the posibility of extracting a section of the configRuben Pollan
So each service can have it's own config section passed to the constructor.
2017-08-31[feat] make the cli default_printer more genericRuben Pollan
Now the default_printer can handle other types than dict, like lists or strings.
2017-08-31[feat] list vpn gateways in the order that they are going to be usedRuben Pollan
2017-08-31[refactor] make the VPN location formating in the cliRuben Pollan
2017-08-30[refactor] remove verbose debug infoKali Kaneko
2017-08-30[bug] catch data tuple with len 5Kali Kaneko
2017-08-30[bug] fix typo in logger usageKali Kaneko
2017-08-30[bug] add initial ts assignmentKali Kaneko
2017-08-30[bug] assign initial empty stateKali Kaneko
2017-08-30[bug] assert vpn management folder existsKali Kaneko
2017-08-30[bug] return if cannot parse stateKali Kaneko
2017-08-30[tests] do not fail if helper installed in debian pathKali Kaneko
2017-08-30[tests] fix check-ip scriptKali Kaneko
2017-08-30[refactor] mark the listener as implementer of IStateListenerKali Kaneko
2017-08-30[refactor] change status to "failed"Kali Kaneko
2017-08-30[refactor] remove error importKali Kaneko
2017-08-30[feature] comment out debugging stdoutKali Kaneko
2017-08-30[bug] flatten args to allow keepalive paramsKali Kaneko
2017-08-30[docs] document restarts a bit betterKali Kaneko
2017-08-30[refactor] restart by allowing to send SIGUSR1 to openvpn processKali Kaneko
by properly allowing openvpn to restart when receiving SIGUSR1, we can reserve the hard process restarts for cases in which the process is aborted. this depends on bitmask-root adding --persist-tun and --persist-key as mandatory/allowed parameters.
2017-08-30[refactor] add state listener to signal state transition to UIKali Kaneko
2017-08-30[refactor] catch failuresKali Kaneko
2017-08-30[feature] allow integer for management verbosityKali Kaneko