From 7274c4dfc0e827b201a85567540fda8af972bf70 Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 6 Sep 2012 05:33:24 +0900 Subject: pkg.utils.parse_requirements used in setup renamed setup-->pkg because name collision --- pkg/__init__.py | 0 pkg/install_venv.py | 240 +++++++++++++++++++++++++++ pkg/linux/leap.desktop | 13 ++ pkg/linux/polkit/net.openvpn.gui.leap.policy | 23 +++ pkg/requirements.pip | 3 + pkg/scripts/leap | 6 + pkg/test-requirements.pip | 5 + pkg/tools/with_venv.sh | 4 + pkg/utils.py | 42 +++++ 9 files changed, 336 insertions(+) create mode 100644 pkg/__init__.py create mode 100644 pkg/install_venv.py create mode 100644 pkg/linux/leap.desktop create mode 100644 pkg/linux/polkit/net.openvpn.gui.leap.policy create mode 100644 pkg/requirements.pip create mode 100755 pkg/scripts/leap create mode 100644 pkg/test-requirements.pip create mode 100755 pkg/tools/with_venv.sh create mode 100644 pkg/utils.py (limited to 'pkg') diff --git a/pkg/__init__.py b/pkg/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/pkg/install_venv.py b/pkg/install_venv.py new file mode 100644 index 00000000..15385beb --- /dev/null +++ b/pkg/install_venv.py @@ -0,0 +1,240 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 + +# Copyright 2010 United States Government as represented by the +# Administrator of the National Aeronautics and Space Administration. +# All Rights Reserved. +# +# Copyright 2010 OpenStack, LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +""" +Installation script for Nova's development virtualenv +""" + +import optparse +import os +import subprocess +import sys + +ROOT = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) +VENV = os.path.join(ROOT, '.venv') +PIP_REQUIRES = os.path.join(ROOT, 'setup', 'requirements.pip') +TEST_REQUIRES = os.path.join(ROOT, 'setup', 'test-requirements.pip') +PY_VERSION = "python%s.%s" % (sys.version_info[0], sys.version_info[1]) + + +def die(message, *args): + print >> sys.stderr, message % args + sys.exit(1) + + +def check_python_version(): + if sys.version_info < (2, 6): + die("Need Python Version >= 2.6") + + +def run_command_with_code(cmd, redirect_output=True, check_exit_code=True): + """ + Runs a command in an out-of-process shell, returning the + output of that command. Working directory is ROOT. + """ + if redirect_output: + stdout = subprocess.PIPE + else: + stdout = None + + print 'executing command: %s', cmd + proc = subprocess.Popen(cmd, cwd=ROOT, stdout=stdout) + output = proc.communicate()[0] + if check_exit_code and proc.returncode != 0: + die('Command "%s" failed.\n%s', ' '.join(cmd), output) + return (output, proc.returncode) + + +def run_command(cmd, redirect_output=True, check_exit_code=True): + return run_command_with_code(cmd, redirect_output, check_exit_code)[0] + + +class Distro(object): + + def check_cmd(self, cmd): + return bool(run_command(['which', cmd], check_exit_code=False).strip()) + + def install_virtualenv(self): + if self.check_cmd('virtualenv'): + return + + if self.check_cmd('easy_install'): + print 'Installing virtualenv via easy_install...', + if run_command(['easy_install', 'virtualenv']): + print 'Succeeded' + return + else: + print 'Failed' + + die('ERROR: virtualenv not found.\n\nDevelopment' + ' requires virtualenv, please install it using your' + ' favorite package management tool') + + def post_process(self): + """Any distribution-specific post-processing gets done here. + + In particular, this is useful for applying patches to code inside + the venv.""" + pass + + +class Debian(Distro): + """This covers all Debian-based distributions.""" + + def check_pkg(self, pkg): + return run_command_with_code(['dpkg', '-l', pkg], + check_exit_code=False)[1] == 0 + + def apt_install(self, pkg, **kwargs): + run_command(['sudo', 'apt-get', 'install', '-y', pkg], **kwargs) + + def apply_patch(self, originalfile, patchfile): + run_command(['patch', originalfile, patchfile]) + + def install_virtualenv(self): + if self.check_cmd('virtualenv'): + return + + if not self.check_pkg('python-virtualenv'): + self.apt_install('python-virtualenv', check_exit_code=False) + + super(Debian, self).install_virtualenv() + + +class Fedora(Distro): + """This covers all Fedora-based distributions. + + Includes: Fedora, RHEL, CentOS, Scientific Linux""" + + def check_pkg(self, pkg): + return run_command_with_code(['rpm', '-q', pkg], + check_exit_code=False)[1] == 0 + + def yum_install(self, pkg, **kwargs): + run_command(['sudo', 'yum', 'install', '-y', pkg], **kwargs) + + def apply_patch(self, originalfile, patchfile): + run_command(['patch', originalfile, patchfile]) + + def install_virtualenv(self): + if self.check_cmd('virtualenv'): + return + + if not self.check_pkg('python-virtualenv'): + self.yum_install('python-virtualenv', check_exit_code=False) + + super(Fedora, self).install_virtualenv() + + +def get_distro(): + if os.path.exists('/etc/fedora-release') or \ + os.path.exists('/etc/redhat-release'): + return Fedora() + elif os.path.exists('/etc/debian_version'): + return Debian() + else: + return Distro() + + +def check_dependencies(): + get_distro().install_virtualenv() + + +def create_virtualenv(venv=VENV, no_site_packages=True): + """Creates the virtual environment and installs PIP only into the + virtual environment + """ + print 'Creating venv...', + if no_site_packages: + run_command(['virtualenv', '-q', '--no-site-packages', VENV]) + else: + run_command(['virtualenv', '-q', VENV]) + print 'done.' + print 'Installing pip in virtualenv...', + if not run_command(['setup/tools/with_venv.sh', 'easy_install', + 'pip>1.0']).strip(): + die("Failed to install pip.") + print 'done.' + + +def pip_install(*args): + run_command(['setup/tools/with_venv.sh', + 'pip', 'install', '--upgrade'] + list(args), + redirect_output=False) + + +def install_dependencies(venv=VENV): + print 'Installing dependencies with pip (this can take a while)...' + + # First things first, make sure our venv has the latest pip and distribute. + pip_install('pip') + pip_install('distribute') + + pip_install('-r', PIP_REQUIRES) + pip_install('-r', TEST_REQUIRES) + + # " + pthfile = os.path.join(venv, "lib", PY_VERSION, "site-packages", + "leap-client.pth") + f = open(pthfile, 'w') + f.write("%s\n" % ROOT) + + +def post_process(): + get_distro().post_process() + + +def print_help(): + help = """ + To activate the leap virtualenv for the extent of your current + shell session you can run: + + $ source .venv/bin/activate + + Or, if you prefer, you can run commands in the virtualenv on a case by case + basis by running: + + $ setup/tools/with_venv.sh + + Also, make test will automatically use the virtualenv. + """ + print help + + +def parse_args(): + """Parse command-line arguments""" + parser = optparse.OptionParser() + parser.add_option("-n", "--no-site-packages", dest="no_site_packages", + default=False, action="store_true", + help="Do not inherit packages from global Python install") + return parser.parse_args() + + +def main(argv): + (options, args) = parse_args() + check_python_version() + check_dependencies() + create_virtualenv(no_site_packages=options.no_site_packages) + install_dependencies() + post_process() + print_help() + +if __name__ == '__main__': + main(sys.argv) diff --git a/pkg/linux/leap.desktop b/pkg/linux/leap.desktop new file mode 100644 index 00000000..7a6d39d9 --- /dev/null +++ b/pkg/linux/leap.desktop @@ -0,0 +1,13 @@ +[Desktop Entry] +Version=0.1.0 +Encoding=UTF-8 +Name=EIP +Comment=Anonymity and privacy +Comment[en]=Anonymity and privacy +Comment[es]=Anonimato y privacidad +Comment[sv]=Anonymitet och avlyssningsskydd +Exec=leap +Terminal=false +Type=Application +Icon=leap.png +Categories=Network; diff --git a/pkg/linux/polkit/net.openvpn.gui.leap.policy b/pkg/linux/polkit/net.openvpn.gui.leap.policy new file mode 100644 index 00000000..70a22b65 --- /dev/null +++ b/pkg/linux/polkit/net.openvpn.gui.leap.policy @@ -0,0 +1,23 @@ + + + + + LEAP Project + http://leap.se/ + + + Runs the openvpn binary + Ejecuta el binario openvpn + OpenVPN needs that you authenticate to start + OpenVPN necesita autorizacion para comenzar + package-x-generic + + auth_self_keep + auth_self_keep + auth_self_keep + + /usr/sbin/openvpn + + diff --git a/pkg/requirements.pip b/pkg/requirements.pip new file mode 100644 index 00000000..96e76d34 --- /dev/null +++ b/pkg/requirements.pip @@ -0,0 +1,3 @@ +argparse +configuration +requests diff --git a/pkg/scripts/leap b/pkg/scripts/leap new file mode 100755 index 00000000..6e62b597 --- /dev/null +++ b/pkg/scripts/leap @@ -0,0 +1,6 @@ +#!/usr/bin/env python + +from leap.app import main + +if __name__ == "__main__": + main() diff --git a/pkg/test-requirements.pip b/pkg/test-requirements.pip new file mode 100644 index 00000000..26db61c8 --- /dev/null +++ b/pkg/test-requirements.pip @@ -0,0 +1,5 @@ +coverage +mock +nose +pep8==1.1 +sphinx>=1.1.2 diff --git a/pkg/tools/with_venv.sh b/pkg/tools/with_venv.sh new file mode 100755 index 00000000..0e58f1ab --- /dev/null +++ b/pkg/tools/with_venv.sh @@ -0,0 +1,4 @@ +#!/bin/bash +TOOLS=`dirname $0` +VENV=$TOOLS/../../.venv +source $VENV/bin/activate && $@ diff --git a/pkg/utils.py b/pkg/utils.py new file mode 100644 index 00000000..52680ae5 --- /dev/null +++ b/pkg/utils.py @@ -0,0 +1,42 @@ +""" +utils to help in the setup process +""" +import os +import re +import sys + + +# gets reqs from the first matching file +def get_reqs_from_files(reqfiles): + for reqfile in reqfiles: + if os.path.isfile(reqfile): + return open(reqfile, 'r').read().split('\n') + + +def parse_requirements(reqfiles=['requirements.txt', + 'requirements.pip', + 'pkg/requirements.pip']): + requirements = [] + for line in get_reqs_from_files(reqfiles): + # -e git://foo.bar/baz/master#egg=foobar + if re.match(r'\s*-e\s+', line): + requirements.append(re.sub(r'\s*-e\s+.*#egg=(.*)$', r'\1', + line)) + # http://foo.bar/baz/foobar/zipball/master#egg=foobar + elif re.match(r'\s*https?:', line): + requirements.append(re.sub(r'\s*https?:.*#egg=(.*)$', r'\1', + line)) + # -f lines are for index locations, and don't get used here + elif re.match(r'\s*-f\s+', line): + pass + + # argparse is part of the standard library starting with 2.7 + # adding it to the requirements list screws distro installs + elif line == 'argparse' and sys.version_info >= (2, 7): + pass + else: + if line != '': + requirements.append(line) + + #print 'REQUIREMENTS', requirements + return requirements -- cgit v1.2.3 From 877c98a0add6fb3bce3e503098d120377012f6ec Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 6 Sep 2012 05:54:03 +0900 Subject: add git version script --- pkg/version.py | 104 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 pkg/version.py (limited to 'pkg') diff --git a/pkg/version.py b/pkg/version.py new file mode 100644 index 00000000..aa872b29 --- /dev/null +++ b/pkg/version.py @@ -0,0 +1,104 @@ +# -*- coding: utf-8 -*- +# Author: Douglas Creager +# This file is placed into the public domain. + +# Calculates the current version number. If possible, this is the +# output of “git describe”, modified to conform to the versioning +# scheme that setuptools uses. If “git describe” returns an error +# (most likely because we're in an unpacked copy of a release tarball, +# rather than in a git working copy), then we fall back on reading the +# contents of the RELEASE-VERSION file. +# +# To use this script, simply import it your setup.py file, and use the +# results of get_git_version() as your package version: +# +# from version import * +# +# setup( +# version=get_git_version(), +# . +# . +# . +# ) +# +# This will automatically update the RELEASE-VERSION file, if +# necessary. Note that the RELEASE-VERSION file should *not* be +# checked into git; please add it to your top-level .gitignore file. +# +# You'll probably want to distribute the RELEASE-VERSION file in your +# sdist tarballs; to do this, just create a MANIFEST.in file that +# contains the following line: +# +# include RELEASE-VERSION + +__all__ = ("get_git_version") + +from subprocess import Popen, PIPE + + +def call_git_describe(abbrev=4): + try: + p = Popen(['git', 'describe', '--abbrev=%d' % abbrev], + stdout=PIPE, stderr=PIPE) + p.stderr.close() + line = p.stdout.readlines()[0] + return line.strip() + + except: + return None + + +def read_release_version(): + try: + f = open("pkg/RELEASE_VERSION", "r") + + try: + version = f.readlines()[0] + return version.strip() + + finally: + f.close() + + except: + return None + + +def write_release_version(version): + f = open("pkg/RELEASE_VERSION", "w") + f.write("%s\n" % version) + f.close() + + +def get_git_version(abbrev=4): + # Read in the version that's currently in RELEASE-VERSION. + + release_version = read_release_version() + + # First try to get the current version using “git describe”. + + version = call_git_describe(abbrev) + + # If that doesn't work, fall back on the value that's in + # RELEASE-VERSION. + + if version is None: + version = release_version + + # If we still don't have anything, that's an error. + + if version is None: + raise ValueError("Cannot find the version number!") + + # If the current version is different from what's in the + # RELEASE-VERSION file, update the file to be current. + + if version != release_version: + write_release_version(version) + + # Finally, return the current version. + + return version + + +if __name__ == "__main__": + print get_git_version() -- cgit v1.2.3 From 212f9588e458d5c864134caa8dafbef164631671 Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 6 Sep 2012 06:12:08 +0900 Subject: bootstrap setuptools + version fix also test_requires using parse_requirements --- pkg/distribute_setup.py | 515 ++++++++++++++++++++++++++++++++++++++++++++++++ pkg/version.py | 2 + 2 files changed, 517 insertions(+) create mode 100644 pkg/distribute_setup.py (limited to 'pkg') diff --git a/pkg/distribute_setup.py b/pkg/distribute_setup.py new file mode 100644 index 00000000..8f5b0637 --- /dev/null +++ b/pkg/distribute_setup.py @@ -0,0 +1,515 @@ +#!python +"""Bootstrap distribute installation + +If you want to use setuptools in your package's setup.py, just include this +file in the same directory with it, and add this to the top of your setup.py:: + + from distribute_setup import use_setuptools + use_setuptools() + +If you want to require a specific version of setuptools, set a download +mirror, or use an alternate download directory, you can do so by supplying +the appropriate options to ``use_setuptools()``. + +This file can also be run as a script to install or upgrade setuptools. +""" +import os +import sys +import time +import fnmatch +import tempfile +import tarfile +from distutils import log + +try: + from site import USER_SITE +except ImportError: + USER_SITE = None + +try: + import subprocess + + def _python_cmd(*args): + args = (sys.executable,) + args + return subprocess.call(args) == 0 + +except ImportError: + # will be used for python 2.3 + def _python_cmd(*args): + args = (sys.executable,) + args + # quoting arguments if windows + if sys.platform == 'win32': + def quote(arg): + if ' ' in arg: + return '"%s"' % arg + return arg + args = [quote(arg) for arg in args] + return os.spawnl(os.P_WAIT, sys.executable, *args) == 0 + +DEFAULT_VERSION = "0.6.28" +DEFAULT_URL = "http://pypi.python.org/packages/source/d/distribute/" +SETUPTOOLS_FAKED_VERSION = "0.6c11" + +SETUPTOOLS_PKG_INFO = """\ +Metadata-Version: 1.0 +Name: setuptools +Version: %s +Summary: xxxx +Home-page: xxx +Author: xxx +Author-email: xxx +License: xxx +Description: xxx +""" % SETUPTOOLS_FAKED_VERSION + + +def _install(tarball, install_args=()): + # extracting the tarball + tmpdir = tempfile.mkdtemp() + log.warn('Extracting in %s', tmpdir) + old_wd = os.getcwd() + try: + os.chdir(tmpdir) + tar = tarfile.open(tarball) + _extractall(tar) + tar.close() + + # going in the directory + subdir = os.path.join(tmpdir, os.listdir(tmpdir)[0]) + os.chdir(subdir) + log.warn('Now working in %s', subdir) + + # installing + log.warn('Installing Distribute') + if not _python_cmd('setup.py', 'install', *install_args): + log.warn('Something went wrong during the installation.') + log.warn('See the error message above.') + finally: + os.chdir(old_wd) + + +def _build_egg(egg, tarball, to_dir): + # extracting the tarball + tmpdir = tempfile.mkdtemp() + log.warn('Extracting in %s', tmpdir) + old_wd = os.getcwd() + try: + os.chdir(tmpdir) + tar = tarfile.open(tarball) + _extractall(tar) + tar.close() + + # going in the directory + subdir = os.path.join(tmpdir, os.listdir(tmpdir)[0]) + os.chdir(subdir) + log.warn('Now working in %s', subdir) + + # building an egg + log.warn('Building a Distribute egg in %s', to_dir) + _python_cmd('setup.py', '-q', 'bdist_egg', '--dist-dir', to_dir) + + finally: + os.chdir(old_wd) + # returning the result + log.warn(egg) + if not os.path.exists(egg): + raise IOError('Could not build the egg.') + + +def _do_download(version, download_base, to_dir, download_delay): + egg = os.path.join(to_dir, 'distribute-%s-py%d.%d.egg' + % (version, sys.version_info[0], sys.version_info[1])) + if not os.path.exists(egg): + tarball = download_setuptools(version, download_base, + to_dir, download_delay) + _build_egg(egg, tarball, to_dir) + sys.path.insert(0, egg) + import setuptools + setuptools.bootstrap_install_from = egg + + +def use_setuptools(version=DEFAULT_VERSION, download_base=DEFAULT_URL, + to_dir=os.curdir, download_delay=15, no_fake=True): + # making sure we use the absolute path + to_dir = os.path.abspath(to_dir) + was_imported = 'pkg_resources' in sys.modules or \ + 'setuptools' in sys.modules + try: + try: + import pkg_resources + if not hasattr(pkg_resources, '_distribute'): + if not no_fake: + _fake_setuptools() + raise ImportError + except ImportError: + return _do_download(version, download_base, to_dir, download_delay) + try: + pkg_resources.require("distribute>=" + version) + return + except pkg_resources.VersionConflict: + e = sys.exc_info()[1] + if was_imported: + sys.stderr.write( + "The required version of distribute (>=%s) is not available,\n" + "and can't be installed while this script is running. Please\n" + "install a more recent version first, using\n" + "'easy_install -U distribute'." + "\n\n(Currently using %r)\n" % (version, e.args[0])) + sys.exit(2) + else: + del pkg_resources, sys.modules['pkg_resources'] # reload ok + return _do_download(version, download_base, to_dir, + download_delay) + except pkg_resources.DistributionNotFound: + return _do_download(version, download_base, to_dir, + download_delay) + finally: + if not no_fake: + _create_fake_setuptools_pkg_info(to_dir) + + +def download_setuptools(version=DEFAULT_VERSION, download_base=DEFAULT_URL, + to_dir=os.curdir, delay=15): + """Download distribute from a specified location and return its filename + + `version` should be a valid distribute version number that is available + as an egg for download under the `download_base` URL (which should end + with a '/'). `to_dir` is the directory where the egg will be downloaded. + `delay` is the number of seconds to pause before an actual download + attempt. + """ + # making sure we use the absolute path + to_dir = os.path.abspath(to_dir) + try: + from urllib.request import urlopen + except ImportError: + from urllib2 import urlopen + tgz_name = "distribute-%s.tar.gz" % version + url = download_base + tgz_name + saveto = os.path.join(to_dir, tgz_name) + src = dst = None + if not os.path.exists(saveto): # Avoid repeated downloads + try: + log.warn("Downloading %s", url) + src = urlopen(url) + # Read/write all in one block, so we don't create a corrupt file + # if the download is interrupted. + data = src.read() + dst = open(saveto, "wb") + dst.write(data) + finally: + if src: + src.close() + if dst: + dst.close() + return os.path.realpath(saveto) + + +def _no_sandbox(function): + def __no_sandbox(*args, **kw): + try: + from setuptools.sandbox import DirectorySandbox + if not hasattr(DirectorySandbox, '_old'): + def violation(*args): + pass + DirectorySandbox._old = DirectorySandbox._violation + DirectorySandbox._violation = violation + patched = True + else: + patched = False + except ImportError: + patched = False + + try: + return function(*args, **kw) + finally: + if patched: + DirectorySandbox._violation = DirectorySandbox._old + del DirectorySandbox._old + + return __no_sandbox + + +def _patch_file(path, content): + """Will backup the file then patch it""" + existing_content = open(path).read() + if existing_content == content: + # already patched + log.warn('Already patched.') + return False + log.warn('Patching...') + _rename_path(path) + f = open(path, 'w') + try: + f.write(content) + finally: + f.close() + return True + +_patch_file = _no_sandbox(_patch_file) + + +def _same_content(path, content): + return open(path).read() == content + + +def _rename_path(path): + new_name = path + '.OLD.%s' % time.time() + log.warn('Renaming %s into %s', path, new_name) + os.rename(path, new_name) + return new_name + + +def _remove_flat_installation(placeholder): + if not os.path.isdir(placeholder): + log.warn('Unkown installation at %s', placeholder) + return False + found = False + for file in os.listdir(placeholder): + if fnmatch.fnmatch(file, 'setuptools*.egg-info'): + found = True + break + if not found: + log.warn('Could not locate setuptools*.egg-info') + return + + log.warn('Removing elements out of the way...') + pkg_info = os.path.join(placeholder, file) + if os.path.isdir(pkg_info): + patched = _patch_egg_dir(pkg_info) + else: + patched = _patch_file(pkg_info, SETUPTOOLS_PKG_INFO) + + if not patched: + log.warn('%s already patched.', pkg_info) + return False + # now let's move the files out of the way + for element in ('setuptools', 'pkg_resources.py', 'site.py'): + element = os.path.join(placeholder, element) + if os.path.exists(element): + _rename_path(element) + else: + log.warn('Could not find the %s element of the ' + 'Setuptools distribution', element) + return True + +_remove_flat_installation = _no_sandbox(_remove_flat_installation) + + +def _after_install(dist): + log.warn('After install bootstrap.') + placeholder = dist.get_command_obj('install').install_purelib + _create_fake_setuptools_pkg_info(placeholder) + + +def _create_fake_setuptools_pkg_info(placeholder): + if not placeholder or not os.path.exists(placeholder): + log.warn('Could not find the install location') + return + pyver = '%s.%s' % (sys.version_info[0], sys.version_info[1]) + setuptools_file = 'setuptools-%s-py%s.egg-info' % \ + (SETUPTOOLS_FAKED_VERSION, pyver) + pkg_info = os.path.join(placeholder, setuptools_file) + if os.path.exists(pkg_info): + log.warn('%s already exists', pkg_info) + return + + if not os.access(pkg_info, os.W_OK): + log.warn("Don't have permissions to write %s, skipping", pkg_info) + + log.warn('Creating %s', pkg_info) + f = open(pkg_info, 'w') + try: + f.write(SETUPTOOLS_PKG_INFO) + finally: + f.close() + + pth_file = os.path.join(placeholder, 'setuptools.pth') + log.warn('Creating %s', pth_file) + f = open(pth_file, 'w') + try: + f.write(os.path.join(os.curdir, setuptools_file)) + finally: + f.close() + +_create_fake_setuptools_pkg_info = _no_sandbox( + _create_fake_setuptools_pkg_info +) + + +def _patch_egg_dir(path): + # let's check if it's already patched + pkg_info = os.path.join(path, 'EGG-INFO', 'PKG-INFO') + if os.path.exists(pkg_info): + if _same_content(pkg_info, SETUPTOOLS_PKG_INFO): + log.warn('%s already patched.', pkg_info) + return False + _rename_path(path) + os.mkdir(path) + os.mkdir(os.path.join(path, 'EGG-INFO')) + pkg_info = os.path.join(path, 'EGG-INFO', 'PKG-INFO') + f = open(pkg_info, 'w') + try: + f.write(SETUPTOOLS_PKG_INFO) + finally: + f.close() + return True + +_patch_egg_dir = _no_sandbox(_patch_egg_dir) + + +def _before_install(): + log.warn('Before install bootstrap.') + _fake_setuptools() + + +def _under_prefix(location): + if 'install' not in sys.argv: + return True + args = sys.argv[sys.argv.index('install') + 1:] + for index, arg in enumerate(args): + for option in ('--root', '--prefix'): + if arg.startswith('%s=' % option): + top_dir = arg.split('root=')[-1] + return location.startswith(top_dir) + elif arg == option: + if len(args) > index: + top_dir = args[index + 1] + return location.startswith(top_dir) + if arg == '--user' and USER_SITE is not None: + return location.startswith(USER_SITE) + return True + + +def _fake_setuptools(): + log.warn('Scanning installed packages') + try: + import pkg_resources + except ImportError: + # we're cool + log.warn('Setuptools or Distribute does not seem to be installed.') + return + ws = pkg_resources.working_set + try: + setuptools_dist = ws.find( + pkg_resources.Requirement.parse('setuptools', replacement=False) + ) + except TypeError: + # old distribute API + setuptools_dist = ws.find( + pkg_resources.Requirement.parse('setuptools') + ) + + if setuptools_dist is None: + log.warn('No setuptools distribution found') + return + # detecting if it was already faked + setuptools_location = setuptools_dist.location + log.warn('Setuptools installation detected at %s', setuptools_location) + + # if --root or --preix was provided, and if + # setuptools is not located in them, we don't patch it + if not _under_prefix(setuptools_location): + log.warn('Not patching, --root or --prefix is installing Distribute' + ' in another location') + return + + # let's see if its an egg + if not setuptools_location.endswith('.egg'): + log.warn('Non-egg installation') + res = _remove_flat_installation(setuptools_location) + if not res: + return + else: + log.warn('Egg installation') + pkg_info = os.path.join(setuptools_location, 'EGG-INFO', 'PKG-INFO') + if (os.path.exists(pkg_info) and + _same_content(pkg_info, SETUPTOOLS_PKG_INFO)): + log.warn('Already patched.') + return + log.warn('Patching...') + # let's create a fake egg replacing setuptools one + res = _patch_egg_dir(setuptools_location) + if not res: + return + log.warn('Patched done.') + _relaunch() + + +def _relaunch(): + log.warn('Relaunching...') + # we have to relaunch the process + # pip marker to avoid a relaunch bug + _cmd = ['-c', 'install', '--single-version-externally-managed'] + if sys.argv[:3] == _cmd: + sys.argv[0] = 'setup.py' + args = [sys.executable] + sys.argv + sys.exit(subprocess.call(args)) + + +def _extractall(self, path=".", members=None): + """Extract all members from the archive to the current working + directory and set owner, modification time and permissions on + directories afterwards. `path' specifies a different directory + to extract to. `members' is optional and must be a subset of the + list returned by getmembers(). + """ + import copy + import operator + from tarfile import ExtractError + directories = [] + + if members is None: + members = self + + for tarinfo in members: + if tarinfo.isdir(): + # Extract directories with a safe mode. + directories.append(tarinfo) + tarinfo = copy.copy(tarinfo) + tarinfo.mode = 448 # decimal for oct 0700 + self.extract(tarinfo, path) + + # Reverse sort directories. + if sys.version_info < (2, 4): + def sorter(dir1, dir2): + return cmp(dir1.name, dir2.name) + directories.sort(sorter) + directories.reverse() + else: + directories.sort(key=operator.attrgetter('name'), reverse=True) + + # Set correct owner, mtime and filemode on directories. + for tarinfo in directories: + dirpath = os.path.join(path, tarinfo.name) + try: + self.chown(tarinfo, dirpath) + self.utime(tarinfo, dirpath) + self.chmod(tarinfo, dirpath) + except ExtractError: + e = sys.exc_info()[1] + if self.errorlevel > 1: + raise + else: + self._dbg(1, "tarfile: %s" % e) + + +def _build_install_args(argv): + install_args = [] + user_install = '--user' in argv + if user_install and sys.version_info < (2, 6): + log.warn("--user requires Python 2.6 or later") + raise SystemExit(1) + if user_install: + install_args.append('--user') + return install_args + + +def main(argv, version=DEFAULT_VERSION): + """Install or upgrade setuptools and EasyInstall""" + tarball = download_setuptools() + _install(tarball, _build_install_args(argv)) + + +if __name__ == '__main__': + main(sys.argv[1:]) diff --git a/pkg/version.py b/pkg/version.py index aa872b29..6366be84 100644 --- a/pkg/version.py +++ b/pkg/version.py @@ -89,6 +89,8 @@ def get_git_version(abbrev=4): if version is None: raise ValueError("Cannot find the version number!") + version = ''.join(version.split('/')[1:]) + # If the current version is different from what's in the # RELEASE-VERSION file, update the file to be current. -- cgit v1.2.3 From c6ec834446cd6772ff900a0637c7296746f53320 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 7 Sep 2012 04:18:45 +0900 Subject: tox initial file. using global site-packages because of the unability to pip install PyQt4. postmkvenv workaround for PyQt libs for manual use. pip install breaks because they don't have a standard setup.py installation process --- pkg/install_pyqt.sh | 10 ++++++++++ pkg/postmkvenv.sh | 19 +++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100755 pkg/install_pyqt.sh create mode 100755 pkg/postmkvenv.sh (limited to 'pkg') diff --git a/pkg/install_pyqt.sh b/pkg/install_pyqt.sh new file mode 100755 index 00000000..d6739816 --- /dev/null +++ b/pkg/install_pyqt.sh @@ -0,0 +1,10 @@ +#!/bin/sh +pip install sip # fails +cd build/sip +python configure.py +make && make install +cd ../.. +pip install PyQt # fails +cd build/PyQt +python configure.py +make && make install diff --git a/pkg/postmkvenv.sh b/pkg/postmkvenv.sh new file mode 100755 index 00000000..99e364c0 --- /dev/null +++ b/pkg/postmkvenv.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# This hook is run after a new virtualenv is activated. +# ~/.virtualenvs/postmkvirtualenv + +# Symlinks PyQt4 from global installation into virtualenv site-packages + +LIBS=( PyQt4 sip.so ) + +PYTHON_VERSION=python$(python -c "import sys; print (str(sys.version_info[0])+'.'+str(sys.version_info[1]))") +VAR=( $(which -a $PYTHON_VERSION) ) + +GET_PYTHON_LIB_CMD="from distutils.sysconfig import get_python_lib; print (get_python_lib())" +LIB_VIRTUALENV_PATH=$(python -c "$GET_PYTHON_LIB_CMD") +LIB_SYSTEM_PATH=$(${VAR[-1]} -c "$GET_PYTHON_LIB_CMD") + +for LIB in ${LIBS[@]} +do + ln -s $LIB_SYSTEM_PATH/$LIB $LIB_VIRTUALENV_PATH/$LIB +done -- cgit v1.2.3 From ffe551fdbbade14e1a8de84ac48064aa7b45e2c1 Mon Sep 17 00:00:00 2001 From: antialias Date: Mon, 10 Sep 2012 19:59:30 -0400 Subject: Implemented basic networks checks: valid interface, default route, and can ping the listed gateway. --- pkg/requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 96e76d34..e201906f 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -1,3 +1,4 @@ argparse configuration +ping requests -- cgit v1.2.3 From 44812233d76f683b63f09901334b964242d238f4 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 12 Sep 2012 07:02:29 +0900 Subject: add netifaces to requirements --- pkg/requirements.pip | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index e201906f..3d8e11df 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -1,4 +1,5 @@ argparse configuration -ping requests +ping +netifaces -- cgit v1.2.3 From 18109193b239be6e7ecc4c2d07c9c999e33081f8 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 12 Sep 2012 21:29:49 +0000 Subject: checks for systray in unity --- pkg/postmkvenv.sh | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'pkg') diff --git a/pkg/postmkvenv.sh b/pkg/postmkvenv.sh index 99e364c0..efdbc2fb 100755 --- a/pkg/postmkvenv.sh +++ b/pkg/postmkvenv.sh @@ -1,8 +1,12 @@ #!/bin/bash # This hook is run after a new virtualenv is activated. # ~/.virtualenvs/postmkvirtualenv +# tested and working in debian # Symlinks PyQt4 from global installation into virtualenv site-packages +# XXX TODO: +# script fails in ubuntu, with path: /usr/lib/pymodules/python2.7/PyQt4 +# use import PyQt4; PyQt4.__path__ instead LIBS=( PyQt4 sip.so ) -- cgit v1.2.3 From 79764a5624acee85bcd03cd315c3d834a9a25a02 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 12 Sep 2012 10:00:29 +0900 Subject: time boundary check of certificate using gnutls --- pkg/requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 3d8e11df..91257a07 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -3,3 +3,4 @@ configuration requests ping netifaces +python-gnutls -- cgit v1.2.3 From ea13e9a04786fbb6c461690097361e48e8ca94ce Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 13 Sep 2012 03:22:31 +0900 Subject: add versioneer --- pkg/version.py | 106 --------------------------------------------------------- 1 file changed, 106 deletions(-) delete mode 100644 pkg/version.py (limited to 'pkg') diff --git a/pkg/version.py b/pkg/version.py deleted file mode 100644 index 6366be84..00000000 --- a/pkg/version.py +++ /dev/null @@ -1,106 +0,0 @@ -# -*- coding: utf-8 -*- -# Author: Douglas Creager -# This file is placed into the public domain. - -# Calculates the current version number. If possible, this is the -# output of “git describe”, modified to conform to the versioning -# scheme that setuptools uses. If “git describe” returns an error -# (most likely because we're in an unpacked copy of a release tarball, -# rather than in a git working copy), then we fall back on reading the -# contents of the RELEASE-VERSION file. -# -# To use this script, simply import it your setup.py file, and use the -# results of get_git_version() as your package version: -# -# from version import * -# -# setup( -# version=get_git_version(), -# . -# . -# . -# ) -# -# This will automatically update the RELEASE-VERSION file, if -# necessary. Note that the RELEASE-VERSION file should *not* be -# checked into git; please add it to your top-level .gitignore file. -# -# You'll probably want to distribute the RELEASE-VERSION file in your -# sdist tarballs; to do this, just create a MANIFEST.in file that -# contains the following line: -# -# include RELEASE-VERSION - -__all__ = ("get_git_version") - -from subprocess import Popen, PIPE - - -def call_git_describe(abbrev=4): - try: - p = Popen(['git', 'describe', '--abbrev=%d' % abbrev], - stdout=PIPE, stderr=PIPE) - p.stderr.close() - line = p.stdout.readlines()[0] - return line.strip() - - except: - return None - - -def read_release_version(): - try: - f = open("pkg/RELEASE_VERSION", "r") - - try: - version = f.readlines()[0] - return version.strip() - - finally: - f.close() - - except: - return None - - -def write_release_version(version): - f = open("pkg/RELEASE_VERSION", "w") - f.write("%s\n" % version) - f.close() - - -def get_git_version(abbrev=4): - # Read in the version that's currently in RELEASE-VERSION. - - release_version = read_release_version() - - # First try to get the current version using “git describe”. - - version = call_git_describe(abbrev) - - # If that doesn't work, fall back on the value that's in - # RELEASE-VERSION. - - if version is None: - version = release_version - - # If we still don't have anything, that's an error. - - if version is None: - raise ValueError("Cannot find the version number!") - - version = ''.join(version.split('/')[1:]) - - # If the current version is different from what's in the - # RELEASE-VERSION file, update the file to be current. - - if version != release_version: - write_release_version(version) - - # Finally, return the current version. - - return version - - -if __name__ == "__main__": - print get_git_version() -- cgit v1.2.3 From 430b6326d06d81c44d534543c8e9684a5c0fcb15 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 14 Sep 2012 04:18:43 +0900 Subject: force 1.1.9 version of python-gnutls --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 91257a07..5eeabf5c 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -3,4 +3,4 @@ configuration requests ping netifaces -python-gnutls +python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 -- cgit v1.2.3 From 5343d884d0ad6efd4f3b24826361773675842c4d Mon Sep 17 00:00:00 2001 From: antialias Date: Mon, 17 Sep 2012 17:22:33 -0400 Subject: 1) changed src to pkg in the path to successfully create .venv environ. 2) uses distribute instead of setuptools. 3) creates symlinks to PyQT and sip.so. --- pkg/install_venv.py | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) (limited to 'pkg') diff --git a/pkg/install_venv.py b/pkg/install_venv.py index 15385beb..17dfb984 100644 --- a/pkg/install_venv.py +++ b/pkg/install_venv.py @@ -29,8 +29,8 @@ import sys ROOT = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) VENV = os.path.join(ROOT, '.venv') -PIP_REQUIRES = os.path.join(ROOT, 'setup', 'requirements.pip') -TEST_REQUIRES = os.path.join(ROOT, 'setup', 'test-requirements.pip') +PIP_REQUIRES = os.path.join(ROOT, 'pkg', 'requirements.pip') +TEST_REQUIRES = os.path.join(ROOT, 'pkg', 'test-requirements.pip') PY_VERSION = "python%s.%s" % (sys.version_info[0], sys.version_info[1]) @@ -108,6 +108,10 @@ class Debian(Distro): def apply_patch(self, originalfile, patchfile): run_command(['patch', originalfile, patchfile]) + def post_process(self): + #symlink qt in virtualenv + run_command(['pkg/tools/with_venv.sh', 'pkg/postmkvenv.sh']) + def install_virtualenv(self): if self.check_cmd('virtualenv'): return @@ -163,19 +167,22 @@ def create_virtualenv(venv=VENV, no_site_packages=True): """ print 'Creating venv...', if no_site_packages: - run_command(['virtualenv', '-q', '--no-site-packages', VENV]) + #setuptools and virtualenv don't play nicely together, + #so we create the virtualenv with the distribute package instead. + #See: view-source:http://pypi.python.org/pypi/distribute + run_command(['virtualenv', '-q', '--distribute', '--no-site-packages', VENV]) else: - run_command(['virtualenv', '-q', VENV]) + run_command(['virtualenv', '-q', '--distribute', VENV]) print 'done.' print 'Installing pip in virtualenv...', - if not run_command(['setup/tools/with_venv.sh', 'easy_install', + if not run_command(['pkg/tools/with_venv.sh', 'easy_install', 'pip>1.0']).strip(): die("Failed to install pip.") print 'done.' def pip_install(*args): - run_command(['setup/tools/with_venv.sh', + run_command(['pkg/tools/with_venv.sh', 'pip', 'install', '--upgrade'] + list(args), redirect_output=False) @@ -211,7 +218,7 @@ def print_help(): Or, if you prefer, you can run commands in the virtualenv on a case by case basis by running: - $ setup/tools/with_venv.sh + $ pkg/tools/with_venv.sh Also, make test will automatically use the virtualenv. """ -- cgit v1.2.3 From 0d35f2a82bf15504ace2135af3e0c66ae1c16874 Mon Sep 17 00:00:00 2001 From: kali Date: Tue, 18 Sep 2012 11:11:43 +0900 Subject: do_branding command added to setup --- pkg/branding/__init__.py | 15 +++++++++++++++ pkg/branding/config.py | 11 +++++++++++ 2 files changed, 26 insertions(+) create mode 100644 pkg/branding/__init__.py create mode 100644 pkg/branding/config.py (limited to 'pkg') diff --git a/pkg/branding/__init__.py b/pkg/branding/__init__.py new file mode 100644 index 00000000..0bd6befb --- /dev/null +++ b/pkg/branding/__init__.py @@ -0,0 +1,15 @@ +from .config import APP_BASE_NAME, APP_PREFIX, BRANDED_BUILD, BRANDED_OPTS + + +def get_name(): + if BRANDED_BUILD is True: + return APP_PREFIX + BRANDED_OPTS.get('short_name', 'name_unknown') + else: + return APP_BASE_NAME + + +def get_shortname(): + if BRANDED_BUILD is True: + return BRANDED_OPTS.get('short_name', 'name_unknown') + +__all__ = ['get_name'] diff --git a/pkg/branding/config.py b/pkg/branding/config.py new file mode 100644 index 00000000..665cfbda --- /dev/null +++ b/pkg/branding/config.py @@ -0,0 +1,11 @@ +# Configuration file for branding + +BRANDED_BUILD = True + +APP_BASE_NAME = "leap-client" +APP_PREFIX = "%s-" % APP_BASE_NAME + +BRANDED_OPTS = { + 'short_name': "springbok", + 'provider_domain': "springbok", + 'provider_ca_path': "data/branding/cacert.pem"} -- cgit v1.2.3 From 1ad0ef0a6e428ed37fe76ba91660db0bae7af857 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 21 Sep 2012 01:22:34 +0900 Subject: updated policy so it does not ask for pw --- pkg/linux/polkit/net.openvpn.gui.leap.policy | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'pkg') diff --git a/pkg/linux/polkit/net.openvpn.gui.leap.policy b/pkg/linux/polkit/net.openvpn.gui.leap.policy index 70a22b65..50f991a3 100644 --- a/pkg/linux/polkit/net.openvpn.gui.leap.policy +++ b/pkg/linux/polkit/net.openvpn.gui.leap.policy @@ -14,9 +14,9 @@ OpenVPN necesita autorizacion para comenzar package-x-generic - auth_self_keep - auth_self_keep - auth_self_keep + yes + yes + yes /usr/sbin/openvpn -- cgit v1.2.3 From 30570bd89c04a56b35b91a0bc1d5fc00bb6ad266 Mon Sep 17 00:00:00 2001 From: kali Date: Mon, 24 Sep 2012 22:21:50 +0900 Subject: add schema to JSONLeapConfig classes and a jsonvalidate function too, that calls to jsonchemea.validate(self, data) with self.schema We're using the specs to both purposes now: * providing a type casting system for our config options (work in progress for the type casting) * json schema validation --- pkg/requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 5eeabf5c..78d8624a 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -4,3 +4,4 @@ requests ping netifaces python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 +jsonschema -- cgit v1.2.3 From d0540e808749ff9f9e90ec5e055168f5f408e51b Mon Sep 17 00:00:00 2001 From: antialias Date: Mon, 1 Oct 2012 16:58:39 -0400 Subject: Now throws a CriticalError when an pre-exisiting openvpn istance is found. --- pkg/requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 5eeabf5c..a958d53f 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -2,5 +2,6 @@ argparse configuration requests ping +psutil netifaces python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 -- cgit v1.2.3 From ba5a7218e96c68d79d148fa2bd430ab81f380252 Mon Sep 17 00:00:00 2001 From: kali Date: Tue, 2 Oct 2012 06:44:39 +0900 Subject: removed configuration lib from deps --- pkg/requirements.pip | 1 - 1 file changed, 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 78d8624a..6bbc53fe 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -1,5 +1,4 @@ argparse -configuration requests ping netifaces -- cgit v1.2.3 From 7a58425cbb090acb3777b602bd3350581f7b30e8 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 3 Oct 2012 21:23:38 +0900 Subject: updated readme with some clarifications hopefully it's a bit more clear now. developer: feedback welcome. are you able to get it running with the instructions listed here? --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 6bbc53fe..aef934fb 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -1,4 +1,4 @@ -argparse +argparse # only for python 2.6 requests ping netifaces -- cgit v1.2.3 From 87a3deb2c419eb7cb6ab6937042310cf5d0370c0 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 5 Oct 2012 05:31:47 +0900 Subject: added srp dependency --- pkg/requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index aef934fb..f244879b 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -4,3 +4,4 @@ ping netifaces python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 jsonschema +srp -- cgit v1.2.3 From 7c659fed65f08f2b52f0320c99a456679749e3f3 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 5 Oct 2012 09:30:50 +0900 Subject: use keyring to store user password using a quite lame cryptedfile by the moment until dbus bug makes gnome-keyring usable again or we come up with the encrypted database solution. we might want to explore the option of using this python-keyring with the different native backends for win and macosx. for now: we generate a random secret that we store in the qsettings file. so, the whole thing is just to avoid plaintext stuff. for this, we could have done rot13, haha. --- pkg/requirements.pip | 2 ++ 1 file changed, 2 insertions(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index f244879b..d6c6713f 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -5,3 +5,5 @@ netifaces python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 jsonschema srp +pycrypto +keyring -- cgit v1.2.3 From bf8c6b19b05e73a6e59b8884e1d26a730df6188b Mon Sep 17 00:00:00 2001 From: kali Date: Mon, 8 Oct 2012 08:33:06 +0900 Subject: another pass towards a clearer README --- pkg/requirements.pip | 3 +++ 1 file changed, 3 insertions(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 2406884d..e5338744 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -1,3 +1,6 @@ +# in order of addition to the project. +# do not change it, we will freeze the requirements before tagging a release. + argparse # only for python 2.6 requests ping -- cgit v1.2.3 From 205324734626a5dece03fc871448d0f71bbfb46d Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 24 Oct 2012 04:25:46 +0900 Subject: removed branding info from branding config file So we officially can say this is a generic client now. Branding config file is still at pkg/branding/config.py Note that with this change the package is called now leap-client so you will have to remove old installs of leap-foo-client in your path (from previous branded builds). Changing the package name was an AWFUL and painful idea, and we will not do that again. (launcher is another story). Lesson learned. --- pkg/branding/config.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'pkg') diff --git a/pkg/branding/config.py b/pkg/branding/config.py index 665cfbda..bcacc3bc 100644 --- a/pkg/branding/config.py +++ b/pkg/branding/config.py @@ -1,11 +1,11 @@ # Configuration file for branding -BRANDED_BUILD = True +BRANDED_BUILD = False APP_BASE_NAME = "leap-client" APP_PREFIX = "%s-" % APP_BASE_NAME BRANDED_OPTS = { - 'short_name': "springbok", - 'provider_domain': "springbok", - 'provider_ca_path': "data/branding/cacert.pem"} + 'short_name': "", + 'provider_domain': "", + 'provider_ca_path': ""} -- cgit v1.2.3 From 18be85f13abc6bc94a3725950ec16ad1adec0ab8 Mon Sep 17 00:00:00 2001 From: kali Date: Tue, 11 Dec 2012 01:40:05 +0900 Subject: fetch only if not changed-since config file timestamp Changing this now to be able to test different providers by just updating our local config file. --- pkg/requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index e5338744..5664aa5e 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -11,3 +11,4 @@ jsonschema srp pycrypto keyring +python-dateutil -- cgit v1.2.3 From 0c2275222cf77bf5975a25a75ab0e50ac752bc9e Mon Sep 17 00:00:00 2001 From: kali Date: Mon, 17 Dec 2012 04:35:16 +0900 Subject: fix srp authentication cookies --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 5664aa5e..c573009e 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -8,7 +8,7 @@ psutil netifaces python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 jsonschema -srp +srp>=1.0.1 pycrypto keyring python-dateutil -- cgit v1.2.3 From 2be35ae3a89071df58bae2513d0a7e9a68239f57 Mon Sep 17 00:00:00 2001 From: kali Date: Tue, 18 Dec 2012 05:56:55 +0900 Subject: relax srp requirement (breaks install) --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index c573009e..49b56274 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -8,7 +8,7 @@ psutil netifaces python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 jsonschema -srp>=1.0.1 +srp # >=1.0.1 MUST HAVE 1.0.1 BUGFIX, but upstream DID NOT UPDATE setup.py so it conflicts pycrypto keyring python-dateutil -- cgit v1.2.3 From 34cdc516cbdef476d0329fff5d09d6eb0e85431f Mon Sep 17 00:00:00 2001 From: kali Date: Tue, 18 Dec 2012 07:17:56 +0900 Subject: freeze requests requirement lower than 1.0 srp auth breaking with 1.0 api --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 49b56274..d7dc2c91 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -2,7 +2,7 @@ # do not change it, we will freeze the requirements before tagging a release. argparse # only for python 2.6 -requests +requests<1.0.0 ping psutil netifaces -- cgit v1.2.3 From 1834c0e5207d3edb0002558715aaf30676e6d847 Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 27 Dec 2012 02:58:26 +0900 Subject: updated requirements for soledad --- pkg/requirements.pip | 4 ++++ pkg/test-requirements.pip | 1 + 2 files changed, 5 insertions(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index d7dc2c91..e7ccb97a 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -12,3 +12,7 @@ srp # >=1.0.1 MUST HAVE 1.0.1 BUGFIX, but upstream DID NOT UPDATE setup.py so i pycrypto keyring python-dateutil +python-gnupg +u1db +oauth +couchdb diff --git a/pkg/test-requirements.pip b/pkg/test-requirements.pip index 26db61c8..081d5479 100644 --- a/pkg/test-requirements.pip +++ b/pkg/test-requirements.pip @@ -1,3 +1,4 @@ +unittest2 coverage mock nose -- cgit v1.2.3 From b4af406e6cf233d939e3dfa5b5c9b2241b6d8ea0 Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 27 Dec 2012 03:09:34 +0900 Subject: import fixes for soledad --- pkg/test-requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/test-requirements.pip b/pkg/test-requirements.pip index 081d5479..11ccf4eb 100644 --- a/pkg/test-requirements.pip +++ b/pkg/test-requirements.pip @@ -1,4 +1,4 @@ -unittest2 +unittest2 # TODO we should include this dep only for python2.6 coverage mock nose -- cgit v1.2.3 From 5a99186cbc1b4fc8dbd317b56f3a620b2a9f79a4 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 28 Dec 2012 02:27:29 +0900 Subject: add bootstrap script to repo --- pkg/scripts/leap | 6 ----- pkg/scripts/leap_client_bootstrap.sh | 50 ++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 6 deletions(-) delete mode 100755 pkg/scripts/leap create mode 100644 pkg/scripts/leap_client_bootstrap.sh (limited to 'pkg') diff --git a/pkg/scripts/leap b/pkg/scripts/leap deleted file mode 100755 index 6e62b597..00000000 --- a/pkg/scripts/leap +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env python - -from leap.app import main - -if __name__ == "__main__": - main() diff --git a/pkg/scripts/leap_client_bootstrap.sh b/pkg/scripts/leap_client_bootstrap.sh new file mode 100644 index 00000000..6c302d3f --- /dev/null +++ b/pkg/scripts/leap_client_bootstrap.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +# Installs requirements, and +# clones the latest leap-client + +# depends on: +# openvpn git-core libgnutls-dev python-dev python-qt4 python-setuptools python-virtualenv + +# Escape code +esc=`echo -en "\033"` + +# Set colors +cc_green="${esc}[0;32m" +cc_yellow="${esc}[0;33m" +cc_blue="${esc}[0;34m" +cc_red="${esc}[0;31m" +cc_normal=`echo -en "${esc}[m\017"` + +echo "${cc_yellow}" +echo "~~~~~~~~~~~~~~~~~~~~~~" +echo "LEAP " +echo "client bootstrapping " +echo "~~~~~~~~~~~~~~~~~~~~~~" +echo "" +echo "${cc_green}Creating virtualenv...${cc_normal}" + +mkdir leap-client-testbuild +virtualenv leap-client-testbuild +source leap-client-testbuild/bin/activate + +echo "${cc_green}Installing leap client...${cc_normal}" + +# Clone latest git (develop branch) +# change "develop" for any other branch you want. + + +pip install -e 'git://leap.se/leap_client@develop#egg=leap-client' + +cd leap-client-testbuild + +# symlink the pyqt libraries to the system libs +./src/leap-client/pkg/postmkvenv.sh + +echo "${cc_green}leap-client installed! =)" +echo "${cc_yellow}" +echo "Launch it with: " +echo "~~~~~~~~~~~~~~~~~~~~~~" +echo "bin/leap-client" +echo "~~~~~~~~~~~~~~~~~~~~~~" +echo "${cc_normal}" -- cgit v1.2.3 From 4ad663b935fa1845d426dde99a8272942b620e11 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 2 Jan 2013 18:06:13 +0900 Subject: initial OSX packaging --- pkg/osx/Info.plist | 22 ++++++++++++++++++++++ pkg/osx/Makefile | 17 +++++++++++++++++ pkg/osx/README.rst | 10 ++++++++++ pkg/osx/leap-client.spec | 32 ++++++++++++++++++++++++++++++++ pkg/postmkvenv.sh | 17 ++++++++++++++++- 5 files changed, 97 insertions(+), 1 deletion(-) create mode 100644 pkg/osx/Info.plist create mode 100644 pkg/osx/Makefile create mode 100644 pkg/osx/README.rst create mode 100644 pkg/osx/leap-client.spec (limited to 'pkg') diff --git a/pkg/osx/Info.plist b/pkg/osx/Info.plist new file mode 100644 index 00000000..e90d920a --- /dev/null +++ b/pkg/osx/Info.plist @@ -0,0 +1,22 @@ + + + + + CFBundleDisplayName + leap-client + CFBundleExecutable + MacOS/app + CFBundleIconFile + icon-windowed.icns + CFBundleInfoDictionaryVersion + 6.0 + CFBundleName + leap-client + CFBundlePackageType + APPL + CFBundleShortVersionString + 1 + LSBackgroundOnly + + + diff --git a/pkg/osx/Makefile b/pkg/osx/Makefile new file mode 100644 index 00000000..54fbf14a --- /dev/null +++ b/pkg/osx/Makefile @@ -0,0 +1,17 @@ +pkg : dist dmg + +dist : + ~/pyinstaller/pyinstaller.py -w -s leap-client.spec + cp -r /opt/local/Library/Frameworks/QtGui.framework/Versions/4/Resources/qt_menu.nib "dist/LEAP Client.app/Contents/Resources" + cp Info.plist "dist/LEAP Client.app/Contents/Info.plist" + cp ../../data/images/leap-client.icns "dist/LEAP Client.app/Contents/Resources/icon-windowed.icns" + + +dmg : + #TODO: remove if already present + #rm dist/LEAPClient.dmg + hdiutil create -format UDBZ -srcfolder "dist/LEAP Client.app/" "dist/LEAP Client.dmg" + +clean : + rm -rf dist/ build/ + diff --git a/pkg/osx/README.rst b/pkg/osx/README.rst new file mode 100644 index 00000000..dfd8fc16 --- /dev/null +++ b/pkg/osx/README.rst @@ -0,0 +1,10 @@ +freezing the app +---------------- +just type, from this dir:: + + $ make dist + $ make dmg + +For doing both things:: + + $ make pkg diff --git a/pkg/osx/leap-client.spec b/pkg/osx/leap-client.spec new file mode 100644 index 00000000..4a34bb7c --- /dev/null +++ b/pkg/osx/leap-client.spec @@ -0,0 +1,32 @@ +# -*- mode: python -*- +a = Analysis(['../../src/leap/app.py'], + pathex=[ + '../../src/leap', + '/Users/kaliy/leap/leap-client-testbuild/src/leap-client/pkg/osx'], + hiddenimports=['atexit'], + hookspath=None) +pyz = PYZ(a.pure) +exe = EXE(pyz, + a.scripts, + exclude_binaries=1, + name=os.path.join('build/pyi.darwin/leap-client', 'app'), + debug=False, + strip=True, + upx=True, + console=False) +coll = COLLECT(exe, + a.binaries, + a.zipfiles, + a.datas, + strip=True, + upx=True, + name=os.path.join('dist', 'app')) +app = BUNDLE(coll, + name=os.path.join('dist', 'leap-client.app')) + +import sys +if sys.platform.startswith("darwin"): + app = BUNDLE(coll, + name=os.path.join('dist', 'LEAP Client.app'), + appname='LEAP Client', + version=1) diff --git a/pkg/postmkvenv.sh b/pkg/postmkvenv.sh index efdbc2fb..593b11da 100755 --- a/pkg/postmkvenv.sh +++ b/pkg/postmkvenv.sh @@ -8,6 +8,14 @@ # script fails in ubuntu, with path: /usr/lib/pymodules/python2.7/PyQt4 # use import PyQt4; PyQt4.__path__ instead +platform='unknown' +unamestr=`uname` +if [[ "$unamestr" == 'Linux' ]]; then + platform='linux' +elif [[ "$unamestr" == 'Darwin' ]]; then + platform='darwin' +fi + LIBS=( PyQt4 sip.so ) PYTHON_VERSION=python$(python -c "import sys; print (str(sys.version_info[0])+'.'+str(sys.version_info[1]))") @@ -15,7 +23,14 @@ VAR=( $(which -a $PYTHON_VERSION) ) GET_PYTHON_LIB_CMD="from distutils.sysconfig import get_python_lib; print (get_python_lib())" LIB_VIRTUALENV_PATH=$(python -c "$GET_PYTHON_LIB_CMD") -LIB_SYSTEM_PATH=$(${VAR[-1]} -c "$GET_PYTHON_LIB_CMD") + +if [[ $platform == 'linux' ]]; then + LIB_SYSTEM_PATH=$(${VAR[-1]} -c "$GET_PYTHON_LIB_CMD") +elif [[ $platform == 'darwin' ]]; then + LIB_SYSTEM_PATH=$(/opt/local/bin/python2.6 -c "$GET_PYTHON_LIB_CMD") +else + echo "unsupported platform; not doing symlinks" +fi for LIB in ${LIBS[@]} do -- cgit v1.2.3 From 7c7e303ad66333d34fb6829deb8c3c3e81e1b328 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 2 Jan 2013 18:20:27 +0900 Subject: merge osx readme --- pkg/osx/README.rst | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'pkg') diff --git a/pkg/osx/README.rst b/pkg/osx/README.rst index dfd8fc16..e69de29b 100644 --- a/pkg/osx/README.rst +++ b/pkg/osx/README.rst @@ -1,10 +0,0 @@ -freezing the app ----------------- -just type, from this dir:: - - $ make dist - $ make dmg - -For doing both things:: - - $ make pkg -- cgit v1.2.3 From e35eb606faef1ccd06201a0b38a462375426cedd Mon Sep 17 00:00:00 2001 From: kali Date: Mon, 7 Jan 2013 21:10:41 +0900 Subject: Working OSX installer workflow. Using platypus for installer. Working installer at 17.6MB compressed. --- pkg/osx/Makefile | 32 +- pkg/osx/README.rst | 60 +++ .../install/ProcessNetworkChanges.plist.template | 16 + pkg/osx/install/client.down.sh | 146 +++++ pkg/osx/install/client.up.sh | 596 +++++++++++++++++++++ pkg/osx/install/install-leapc.sh | 16 + pkg/osx/install/leap-installer.platypus | 90 ++++ 7 files changed, 953 insertions(+), 3 deletions(-) create mode 100644 pkg/osx/install/ProcessNetworkChanges.plist.template create mode 100755 pkg/osx/install/client.down.sh create mode 100755 pkg/osx/install/client.up.sh create mode 100755 pkg/osx/install/install-leapc.sh create mode 100644 pkg/osx/install/leap-installer.platypus (limited to 'pkg') diff --git a/pkg/osx/Makefile b/pkg/osx/Makefile index 54fbf14a..b302fa31 100644 --- a/pkg/osx/Makefile +++ b/pkg/osx/Makefile @@ -1,4 +1,8 @@ -pkg : dist dmg +#WARNING: You need to run this with an activated VIRTUALENV. + +OSX = dist/LEAP\ Client.app/Contents/MacOS/ + +pkg : dist trim installer dmg dist : ~/pyinstaller/pyinstaller.py -w -s leap-client.spec @@ -6,12 +10,34 @@ dist : cp Info.plist "dist/LEAP Client.app/Contents/Info.plist" cp ../../data/images/leap-client.icns "dist/LEAP Client.app/Contents/Resources/icon-windowed.icns" +trim: + #XXX this should go properly in pyinstaller spec excludes, but going quick'n'dirty + rm $(OSX)QtSvg $(OSX)QtXml $(OSX)QtNetwork $(OSX)QtOpenGL $(OSX)Qt3Support $(OSX)QtSql + +installer: + #XXX need to fix some paths there (binary, etc) + platypus -P install/leap-installer.platypus -y dist/LEAPClient_installer.app + #XXX should build tuntap extensions ourselves + mkdir "dist/LEAPClient_installer.app/Contents/Resources/StartupItems" + mkdir "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" + cp -r /opt/local/Library/StartupItems/tun "dist/LEAPClient_installer.app/Contents/Resources/StartupItems/" + cp -r /opt/local/Library/StartupItems/tap "dist/LEAPClient_installer.app/Contents/Resources/StartupItems/" + cp -r /opt/local/Library/Extensions/tun.kext "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" + cp -r /opt/local/Library/Extensions/tap.kext "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" + #copy the binary that we have previously built + #XXX not building it yet... + cp ../../openvpn/build/openvpn.leap "dist/LEAPClient_installer.app/Contents/Resources/" + #copy startup scripts + cp install/client.up.sh "dist/LEAP Client.app/Contents/Resources" + cp install/client.down.sh "dist/LEAP Client.app/Contents/Resources" + cp install/ProcessNetworkChanges.plist.template "dist/LEAP Client.app/Contents/Resources" + #Finally, copy application bundle... + cp -r "dist/LEAP Client.app" "dist/LEAPClient_installer.app/Contents/Resources/" dmg : #TODO: remove if already present #rm dist/LEAPClient.dmg - hdiutil create -format UDBZ -srcfolder "dist/LEAP Client.app/" "dist/LEAP Client.dmg" + hdiutil create -format UDBZ -srcfolder "dist/LEAPClient_installer.app/" "dist/LEAP Client Installer.dmg" clean : rm -rf dist/ build/ - diff --git a/pkg/osx/README.rst b/pkg/osx/README.rst index e69de29b..48d96ffb 100644 --- a/pkg/osx/README.rst +++ b/pkg/osx/README.rst @@ -0,0 +1,60 @@ +environment setup in osx +======================== +(I rm'd my README by mistake at some point. Re-do). + +basically you need this to setup your environment: + +# check and consolidate + +# install xcode and macports +# port -v selfupdate +# port install python26 +# port install python_select # unneeded? +# port install py26-pyqt4 +# port install py26-twisted +# port install py26-pip +# port install py26-virtualenv +# port install git-core +# port install gnutls +# port install platypus + +Requirements +============ +pyinstaller (in ~/pyinstaller) +platypus (tested with latest macports) + +... + install environment as usual, + inside virtualenv. + +.. note:: there is something missing here, about troubles building gnutls extension, + I think I ended by symlinking global install via macports. + +Pyinstaller fix for sip api +--------------------------- +We need a workaround for setting the right sip api. +Paste this in the top of pyinstaller/support/rthooks/pyi_rth_qt4plugins.py:: + + import sip + sip.setapi('QString', 2) + sip.setapi('QVariant', 2) + +See www.pyinstaller.org/wiki/Recipe/PyQtChangeApiVersion. + +Building the package +==================== + +Building the binary +------------------- +We use the scripts in openvpn/build.zsh +The packaging Makefile is expecting the final binary in the location:: + + ../../openvpn/build/openvpn.leap + +Running the build +----------------- +IMPORTANT: activate the VIRTUALENV FIRST! +(you will get an import error otherwise) + +For running all steps at once:: + + make pkg diff --git a/pkg/osx/install/ProcessNetworkChanges.plist.template b/pkg/osx/install/ProcessNetworkChanges.plist.template new file mode 100644 index 00000000..faea8dee --- /dev/null +++ b/pkg/osx/install/ProcessNetworkChanges.plist.template @@ -0,0 +1,16 @@ + + + + + Label + net.tunnelblick.openvpn.process-network-changes + ProgramArguments + + ${DIR}/process-network-changes + + WatchPaths + + /Library/Preferences/SystemConfiguration + + + diff --git a/pkg/osx/install/client.down.sh b/pkg/osx/install/client.down.sh new file mode 100755 index 00000000..47f00ed7 --- /dev/null +++ b/pkg/osx/install/client.down.sh @@ -0,0 +1,146 @@ +#!/bin/bash -e +# Note: must be bash; uses bash-specific tricks +# +# ****************************************************************************************************************** +# This Tunnelblick script does everything! It handles TUN and TAP interfaces, +# pushed configurations and DHCP leases. :) +# +# This is the "Down" version of the script, executed after the connection is +# closed. +# +# Created by: Nick Williams (using original code and parts of old Tblk scripts) +# +# ****************************************************************************************************************** + +trap "" TSTP +trap "" HUP +trap "" INT +export PATH="/bin:/sbin:/usr/sbin:/usr/bin" + +readonly LOG_MESSAGE_COMMAND=$(basename "${0}") + +# Quick check - is the configuration there? +if ! scutil -w State:/Network/OpenVPN &>/dev/null -t 1 ; then + # Configuration isn't there, so we forget it + echo "$(date '+%a %b %e %T %Y') *Tunnelblick $LOG_MESSAGE_COMMAND: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting." + exit 0 +fi + +# NOTE: This script does not use any arguments passed to it by OpenVPN, so it doesn't shift Tunnelblick options out of the argument list + +# Get info saved by the up script +TUNNELBLICK_CONFIG="$(/usr/sbin/scutil <<-EOF + open + show State:/Network/OpenVPN + quit +EOF)" + +ARG_MONITOR_NETWORK_CONFIGURATION="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*MonitorNetwork :' | sed -e 's/^.*: //g')" +LEASEWATCHER_PLIST_PATH="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*LeaseWatcherPlistPath :' | sed -e 's/^.*: //g')" +PSID="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*Service :' | sed -e 's/^.*: //g')" +SCRIPT_LOG_FILE="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*ScriptLogFile :' | sed -e 's/^.*: //g')" +# Don't need: ARG_RESTORE_ON_DNS_RESET="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*RestoreOnDNSReset :' | sed -e 's/^.*: //g')" +# Don't need: ARG_RESTORE_ON_WINS_RESET="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*RestoreOnWINSReset :' | sed -e 's/^.*: //g')" +# Don't need: PROCESS="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*PID :' | sed -e 's/^.*: //g')" +# Don't need: ARG_IGNORE_OPTION_FLAGS="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*IgnoreOptionFlags :' | sed -e 's/^.*: //g')" +ARG_TAP="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*IsTapInterface :' | sed -e 's/^.*: //g')" +bRouteGatewayIsDhcp="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*RouteGatewayIsDhcp :' | sed -e 's/^.*: //g')" + +# @param String message - The message to log +logMessage() +{ + echo "$(date '+%a %b %e %T %Y') *Tunnelblick $LOG_MESSAGE_COMMAND: "${@} >> "${SCRIPT_LOG_FILE}" +} + +trim() +{ + echo ${@} +} + +if ${ARG_TAP} ; then + if [ "$bRouteGatewayIsDhcp" == "true" ]; then + if [ -z "$dev" ]; then + logMessage "Cannot configure TAP interface for DHCP without \$dev being defined. Device may not have disconnected properly." + else + set +e + ipconfig set "$dev" NONE 2>/dev/null + set -e + fi + fi +fi + +# Issue warning if the primary service ID has changed +PSID_CURRENT="$( (scutil | grep Service | sed -e 's/.*Service : //')<<- EOF + open + show State:/Network/OpenVPN + quit +EOF)" +if [ "${PSID}" != "${PSID_CURRENT}" ] ; then + logMessage "Ignoring change of Network Primary Service from ${PSID} to ${PSID_CURRENT}" +fi + +# Remove leasewatcher +if ${ARG_MONITOR_NETWORK_CONFIGURATION} ; then + launchctl unload "${LEASEWATCHER_PLIST_PATH}" + logMessage "Cancelled monitoring of system configuration changes" +fi + +# Restore configurations +DNS_OLD="$(/usr/sbin/scutil <<-EOF + open + show State:/Network/OpenVPN/OldDNS + quit +EOF)" +WINS_OLD="$(/usr/sbin/scutil <<-EOF + open + show State:/Network/OpenVPN/OldSMB + quit +EOF)" +TB_NO_SUCH_KEY=" { + TunnelblickNoSuchKey : true +}" + +if [ "${DNS_OLD}" = "${TB_NO_SUCH_KEY}" ] ; then + scutil <<- EOF + open + remove State:/Network/Service/${PSID}/DNS + quit +EOF +else + scutil <<- EOF + open + get State:/Network/OpenVPN/OldDNS + set State:/Network/Service/${PSID}/DNS + quit +EOF +fi + +if [ "${WINS_OLD}" = "${TB_NO_SUCH_KEY}" ] ; then + scutil <<- EOF + open + remove State:/Network/Service/${PSID}/SMB + quit +EOF +else + scutil <<- EOF + open + get State:/Network/OpenVPN/OldSMB + set State:/Network/Service/${PSID}/SMB + quit +EOF +fi + +logMessage "Restored the DNS and WINS configurations" + +# Remove our system configuration data +scutil <<- EOF + open + remove State:/Network/OpenVPN/SMB + remove State:/Network/OpenVPN/DNS + remove State:/Network/OpenVPN/OldSMB + remove State:/Network/OpenVPN/OldDNS + remove State:/Network/OpenVPN + quit +EOF + +exit 0 diff --git a/pkg/osx/install/client.up.sh b/pkg/osx/install/client.up.sh new file mode 100755 index 00000000..fc7e341a --- /dev/null +++ b/pkg/osx/install/client.up.sh @@ -0,0 +1,596 @@ +#!/bin/bash -e +# Note: must be bash; uses bash-specific tricks +# +# ****************************************************************************************************************** +# This Tunnelblick script does everything! It handles TUN and TAP interfaces, +# pushed configurations, DHCP with DNS and WINS, and renewed DHCP leases. :) +# +# This is the "Up" version of the script, executed after the interface is +# initialized. +# +# Created by: Nick Williams (using original code and parts of old Tblk scripts) +# +# ****************************************************************************************************************** + +trap "" TSTP +trap "" HUP +trap "" INT +export PATH="/bin:/sbin:/usr/sbin:/usr/bin" + +# Process optional arguments (if any) for the script +# Each one begins with a "-" +# They come from Tunnelblick, and come first, before the OpenVPN arguments +# So we set ARG_ script variables to their values and shift them out of the argument list +# When we're done, only the OpenVPN arguments remain for the rest of the script to use +ARG_MONITOR_NETWORK_CONFIGURATION="false" +ARG_RESTORE_ON_DNS_RESET="false" +ARG_RESTORE_ON_WINS_RESET="false" +ARG_TAP="false" +ARG_IGNORE_OPTION_FLAGS="" + +while [ {$#} ] ; do + if [ "$1" = "-m" ] ; then # Handle the arguments we know about + ARG_MONITOR_NETWORK_CONFIGURATION="true" # by setting ARG_ script variables to their values + shift # Then shift them out + elif [ "$1" = "-d" ] ; then + ARG_RESTORE_ON_DNS_RESET="true" + shift + elif [ "$1" = "-w" ] ; then + ARG_RESTORE_ON_WINS_RESET="true" + shift + elif [ "$1" = "-a" ] ; then + ARG_TAP="true" + shift + elif [ "${1:0:2}" = "-i" ] ; then + ARG_IGNORE_OPTION_FLAGS="${1}" + shift + elif [ "${1:0:2}" = "-a" ] ; then + ARG_IGNORE_OPTION_FLAGS="${1}" + shift + else + if [ "${1:0:1}" = "-" ] ; then # Shift out Tunnelblick arguments (they start with "-") that we don't understand + shift # so the rest of the script sees only the OpenVPN arguments + else + break + fi + fi +done + +readonly ARG_MONITOR_NETWORK_CONFIGURATION ARG_RESTORE_ON_DNS_RESET ARG_RESTORE_ON_WINS_RESET ARG_TAP ARG_IGNORE_OPTION_FLAGS + +# Note: The script log path name is constructed from the path of the regular config file, not the shadow copy +# if the config is shadow copy, e.g. /Library/Application Support/Tunnelblick/Users/Jonathan/Folder/Subfolder/config.ovpn +# then convert to regular config /Users/Jonathan/Library/Application Support/Tunnelblick/Configurations/Folder/Subfolder/config.ovpn +# to get the script log path +# Note: "/Users/..." works even if the home directory has a different path; it is used in the name of the log file, and is not used as a path to get to anything. +readonly TBALTPREFIX="/Library/Application Support/Tunnelblick/Users/" +readonly TBALTPREFIXLEN="${#TBALTPREFIX}" +readonly TBCONFIGSTART="${config:0:$TBALTPREFIXLEN}" +if [ "$TBCONFIGSTART" = "$TBALTPREFIX" ] ; then + readonly TBBASE="${config:$TBALTPREFIXLEN}" + readonly TBSUFFIX="${TBBASE#*/}" + readonly TBUSERNAME="${TBBASE%%/*}" + readonly TBCONFIG="/Users/$TBUSERNAME/Library/Application Support/Tunnelblick/Configurations/$TBSUFFIX" +else + readonly TBCONFIG="${config}" +fi + +readonly CONFIG_PATH_DASHES_SLASHES="$(echo "${TBCONFIG}" | sed -e 's/-/--/g' | sed -e 's/\//-S/g')" +readonly SCRIPT_LOG_FILE="/Library/Application Support/Tunnelblick/Logs/${CONFIG_PATH_DASHES_SLASHES}.script.log" + +readonly TB_RESOURCE_PATH=$(dirname "${0}") + +LEASEWATCHER_PLIST_PATH="/Library/Application Support/Tunnelblick/LeaseWatch.plist" + +readonly OSVER="$(sw_vers | grep 'ProductVersion:' | grep -o '10\.[0-9]*')" + +readonly DEFAULT_DOMAIN_NAME="openvpn" + +bRouteGatewayIsDhcp="false" + +# @param String message - The message to log +readonly LOG_MESSAGE_COMMAND=$(basename "${0}") +logMessage() +{ + echo "$(date '+%a %b %e %T %Y') *Tunnelblick $LOG_MESSAGE_COMMAND: "${@} >> "${SCRIPT_LOG_FILE}" +} + +# @param String string - Content to trim +trim() +{ + echo ${@} +} + +# @param String[] dnsServers - The name servers to use +# @param String domainName - The domain name to use +# @param \optional String[] winsServers - The WINS servers to use +setDnsServersAndDomainName() +{ + declare -a vDNS=("${!1}") + domain=$2 + declare -a vWINS=("${!3}") + + set +e # "grep" will return error status (1) if no matches are found, so don't fail on individual errors + + PSID=$( (scutil | grep PrimaryService | sed -e 's/.*PrimaryService : //')<<- EOF + open + show State:/Network/Global/IPv4 + quit +EOF ) + + STATIC_DNS_CONFIG="$( (scutil | sed -e 's/^[[:space:]]*[[:digit:]]* : //g' | tr '\n' ' ')<<- EOF + open + show Setup:/Network/Service/${PSID}/DNS + quit +EOF )" + if echo "${STATIC_DNS_CONFIG}" | grep -q "ServerAddresses" ; then + readonly STATIC_DNS="$(trim "$( echo "${STATIC_DNS_CONFIG}" | sed -e 's/^.*ServerAddresses[^{]*{[[:space:]]*\([^}]*\)[[:space:]]*}.*$/\1/g' )")" + fi + if echo "${STATIC_DNS_CONFIG}" | grep -q "SearchDomains" ; then + readonly STATIC_SEARCH="$(trim "$( echo "${STATIC_DNS_CONFIG}" | sed -e 's/^.*SearchDomains[^{]*{[[:space:]]*\([^}]*\)[[:space:]]*}.*$/\1/g' )")" + fi + + STATIC_WINS_CONFIG="$( (scutil | sed -e 's/^[[:space:]]*[[:digit:]]* : //g' | tr '\n' ' ')<<- EOF + open + show Setup:/Network/Service/${PSID}/SMB + quit +EOF )" + STATIC_WINS_SERVERS="" + STATIC_WORKGROUP="" + STATIC_NETBIOSNAME="" + if echo "${STATIC_WINS_CONFIG}" | grep -q "WINSAddresses" ; then + STATIC_WINS_SERVERS="$(trim "$( echo "${STATIC_WINS_CONFIG}" | sed -e 's/^.*WINSAddresses[^{]*{[[:space:]]*\([^}]*\)[[:space:]]*}.*$/\1/g' )")" + fi + if echo "${STATIC_WINS_CONFIG}" | grep -q "Workgroup" ; then + STATIC_WORKGROUP="$(trim "$( echo "${STATIC_WINS_CONFIG}" | sed -e 's/^.*Workgroup : \([^[:space:]]*\).*$/\1/g' )")" + fi + if echo "${STATIC_WINS_CONFIG}" | grep -q "NetBIOSName" ; then + STATIC_NETBIOSNAME="$(trim "$( echo "${STATIC_WINS_CONFIG}" | sed -e 's/^.*NetBIOSName : \([^[:space:]]*\).*$/\1/g' )")" + fi + readonly STATIC_WINS_SERVERS STATIC_WORKGROUP STATIC_NETBIOSNAME + + if [ ${#vDNS[*]} -eq 0 ] ; then + DYN_DNS="false" + ALL_DNS="${STATIC_DNS}" + elif [ -n "${STATIC_DNS}" ] ; then + case "${OSVER}" in + 10.6 | 10.7 ) + # Do nothing - in 10.6 we don't aggregate our configurations, apparently + DYN_DNS="false" + ALL_DNS="${STATIC_DNS}" + ;; + 10.4 | 10.5 ) + DYN_DNS="true" + # We need to remove duplicate DNS entries, so that our reference list matches MacOSX's + SDNS="$(echo "${STATIC_DNS}" | tr ' ' '\n')" + (( i=0 )) + for n in "${vDNS[@]}" ; do + if echo "${SDNS}" | grep -q "${n}" ; then + unset vDNS[${i}] + fi + (( i++ )) + done + if [ ${#vDNS[*]} -gt 0 ] ; then + ALL_DNS="$(trim "${STATIC_DNS}" "${vDNS[*]}")" + else + DYN_DNS="false" + ALL_DNS="${STATIC_DNS}" + fi + ;; + esac + else + DYN_DNS="true" + ALL_DNS="$(trim "${vDNS[*]}")" + fi + readonly DYN_DNS ALL_DNS + + if [ ${#vWINS[*]} -eq 0 ] ; then + DYN_WINS="false" + ALL_WINS_SERVERS="${STATIC_WINS_SERVERS}" + elif [ -n "${STATIC_WINS_SERVERS}" ] ; then + case "${OSVER}" in + 10.6 | 10.7 ) + # Do nothing - in 10.6 we don't aggregate our configurations, apparently + DYN_WINS="false" + ALL_WINS_SERVERS="${STATIC_WINS_SERVERS}" + ;; + 10.4 | 10.5 ) + DYN_WINS="true" + # We need to remove duplicate WINS entries, so that our reference list matches MacOSX's + SWINS="$(echo "${STATIC_WINS_SERVERS}" | tr ' ' '\n')" + (( i=0 )) + for n in "${vWINS[@]}" ; do + if echo "${SWINS}" | grep -q "${n}" ; then + unset vWINS[${i}] + fi + (( i++ )) + done + if [ ${#vWINS[*]} -gt 0 ] ; then + ALL_WINS_SERVERS="$(trim "${STATIC_WINS_SERVERS}" "${vWINS[*]}")" + else + DYN_WINS="false" + ALL_WINS_SERVERS="${STATIC_WINS_SERVERS}" + fi + ;; + esac + else + DYN_WINS="true" + ALL_WINS_SERVERS="$(trim "${vWINS[*]}")" + fi + readonly DYN_WINS ALL_WINS_SERVERS + + # We double-check that our search domain isn't already on the list + SEARCH_DOMAIN="${domain}" + case "${OSVER}" in + 10.6 | 10.7 ) + # Do nothing - in 10.6 we don't aggregate our configurations, apparently + if [ -n "${STATIC_SEARCH}" ] ; then + ALL_SEARCH="${STATIC_SEARCH}" + SEARCH_DOMAIN="" + else + ALL_SEARCH="${SEARCH_DOMAIN}" + fi + ;; + 10.4 | 10.5 ) + if echo "${STATIC_SEARCH}" | tr ' ' '\n' | grep -q "${SEARCH_DOMAIN}" ; then + SEARCH_DOMAIN="" + fi + if [ -z "${SEARCH_DOMAIN}" ] ; then + ALL_SEARCH="${STATIC_SEARCH}" + else + ALL_SEARCH="$(trim "${STATIC_SEARCH}" "${SEARCH_DOMAIN}")" + fi + ;; + esac + readonly SEARCH_DOMAIN ALL_SEARCH + + if ! ${DYN_DNS} ; then + NO_DNS="#" + fi + if ! ${DYN_WINS} ; then + NO_WS="#" + fi + if [ -z "${SEARCH_DOMAIN}" ] ; then + NO_SEARCH="#" + fi + if [ -z "${STATIC_WORKGROUP}" ] ; then + NO_WG="#" + fi + if [ -z "${STATIC_NETBIOSNAME}" ] ; then + NO_NB="#" + fi + if [ -z "${ALL_DNS}" ] ; then + AGG_DNS="#" + fi + if [ -z "${ALL_SEARCH}" ] ; then + AGG_SEARCH="#" + fi + if [ -z "${ALL_WINS_SERVERS}" ] ; then + AGG_WINS="#" + fi + + # Now, do the aggregation + # Save the openvpn process ID and the Network Primary Service ID, leasewather.plist path, logfile path, and optional arguments from Tunnelblick, + # then save old and new DNS and WINS settings + # PPID is a bash-script variable that contains the process ID of the parent of the process running the script (i.e., OpenVPN's process ID) + # config is an environmental variable set to the configuration path by OpenVPN prior to running this up script + logMessage "Up to two 'No such key' warnings are normal and may be ignored" + + # If DNS is manually set, it overrides the DHCP setting, which isn't reflected in 'State:/Network/Service/${PSID}/DNS' + if echo "${STATIC_DNS_CONFIG}" | grep -q "ServerAddresses" ; then + CORRECT_OLD_DNS_KEY="Setup:" + else + CORRECT_OLD_DNS_KEY="State:" + fi + + # If WINS is manually set, it overrides the DHCP setting, which isn't reflected in 'State:/Network/Service/${PSID}/DNS' + if echo "${STATIC_WINS_CONFIG}" | grep -q "WINSAddresses" ; then + CORRECT_OLD_WINS_KEY="Setup:" + else + CORRECT_OLD_WINS_KEY="State:" + fi + + # If we are not expecting any WINS value, add to the expected WINS setup + NO_NOSUCH_KEY_WINS="#" + if [ "${NO_NB}" = "#" -a "${AGG_WINS}" = "#" -a "${NO_WG}" = "#" ] ; then + NO_NOSUCH_KEY_WINS="" + fi + readonly NO_NOSUCH_KEY_WINS + + set -e # We instruct bash that it CAN again fail on errors + + scutil <<- EOF + open + d.init + d.add PID # ${PPID} + d.add Service ${PSID} + d.add LeaseWatcherPlistPath "${LEASEWATCHER_PLIST_PATH}" + d.add ScriptLogFile "${SCRIPT_LOG_FILE}" + d.add MonitorNetwork "${ARG_MONITOR_NETWORK_CONFIGURATION}" + d.add RestoreOnDNSReset "${ARG_RESTORE_ON_DNS_RESET}" + d.add RestoreOnWINSReset "${ARG_RESTORE_ON_WINS_RESET}" + d.add IgnoreOptionFlags "${ARG_IGNORE_OPTION_FLAGS}" + d.add IsTapInterface "${ARG_TAP}" + d.add RouteGatewayIsDhcp "${bRouteGatewayIsDhcp}" + set State:/Network/OpenVPN + + # First, back up the device's current DNS and WINS configurations + # Indicate 'no such key' by a dictionary with a single entry: "TunnelblickNoSuchKey : true" + d.init + d.add TunnelblickNoSuchKey true + get ${CORRECT_OLD_DNS_KEY}/Network/Service/${PSID}/DNS + set State:/Network/OpenVPN/OldDNS + + d.init + d.add TunnelblickNoSuchKey true + get ${CORRECT_OLD_WINS_KEY}/Network/Service/${PSID}/SMB + set State:/Network/OpenVPN/OldSMB + + # Second, initialize the new DNS map + d.init + ${NO_DNS}d.add ServerAddresses * ${vDNS[*]} + ${NO_SEARCH}d.add SearchDomains * ${SEARCH_DOMAIN} + d.add DomainName ${domain} + set State:/Network/Service/${PSID}/DNS + + # Third, initialize the WINS map + d.init + ${NO_NB}d.add NetBIOSName ${STATIC_NETBIOSNAME} + ${NO_WS}d.add WINSAddresses * ${vWINS[*]} + ${NO_WG}d.add Workgroup ${STATIC_WORKGROUP} + set State:/Network/Service/${PSID}/SMB + + # Now, initialize the maps that will be compared against the system-generated map + # which means that we will have to aggregate configurations of statically-configured + # nameservers, and statically-configured search domains + d.init + ${AGG_DNS}d.add ServerAddresses * ${ALL_DNS} + ${AGG_SEARCH}d.add SearchDomains * ${ALL_SEARCH} + d.add DomainName ${domain} + set State:/Network/OpenVPN/DNS + + d.init + ${NO_NB}d.add NetBIOSName ${STATIC_NETBIOSNAME} + ${AGG_WINS}d.add WINSAddresses * ${ALL_WINS_SERVERS} + ${NO_WG}d.add Workgroup ${STATIC_WORKGROUP} + ${NO_NOSUCH_KEY_WINS}d.add TunnelblickNoSuchKey true + set State:/Network/OpenVPN/SMB + + # We are done + quit +EOF + + logMessage "Saved the DNS and WINS configurations for later use" + + if ${ARG_MONITOR_NETWORK_CONFIGURATION} ; then + if [ "${ARG_IGNORE_OPTION_FLAGS:0:2}" = "-a" ] ; then + # Generate an updated plist with the path for process-network-changes + readonly LEASEWATCHER_TEMPLATE_PATH="$(dirname "${0}")/ProcessNetworkChanges.plist.template" + sed -e "s|\${DIR}|$(dirname "${0}")|g" "${LEASEWATCHER_TEMPLATE_PATH}" > "${LEASEWATCHER_PLIST_PATH}" + launchctl load "${LEASEWATCHER_PLIST_PATH}" + logMessage "Set up to monitor system configuration with process-network-changes" + else + # Generate an updated plist with the path for leasewatch + readonly LEASEWATCHER_TEMPLATE_PATH="$(dirname "${0}")/LeaseWatch.plist.template" + sed -e "s|\${DIR}|$(dirname "${0}")|g" "${LEASEWATCHER_TEMPLATE_PATH}" > "${LEASEWATCHER_PLIST_PATH}" + launchctl load "${LEASEWATCHER_PLIST_PATH}" + logMessage "Set up to monitor system configuration with leasewatch" + fi + fi +} + +configureDhcpDns() +{ + # whilst ipconfig will have created the neccessary Network Service keys, the DNS + # settings won't actually be used by OS X unless the SupplementalMatchDomains key + # is added + # ref. + # - is there a way to extract the domains from the SC dictionary and re-insert + # as SupplementalMatchDomains? i.e. not requiring the ipconfig domain_name call? + + # - wait until we get a lease before extracting the DNS domain name and merging into SC + # - despite it's name, ipconfig waitall doesn't (but maybe one day it will :-) + ipconfig waitall + + unset test_domain_name + unset test_name_server + + set +e # We instruct bash NOT to exit on individual command errors, because if we need to wait longer these commands will fail + + # usually takes at least a few seconds to get a DHCP lease + sleep 3 + n=0 + while [ -z "$test_domain_name" -a -z "$test_name_server" -a $n -lt 5 ] + do + logMessage "Sleeping for $n seconds to wait for DHCP to finish setup." + sleep $n + n=`expr $n + 1` + + if [ -z "$test_domain_name" ]; then + test_domain_name=`ipconfig getoption $dev domain_name 2>/dev/null` + fi + + if [ -z "$test_name_server" ]; then + test_name_server=`ipconfig getoption $dev domain_name_server 2>/dev/null` + fi + done + + sGetPacketOutput=`ipconfig getpacket $dev` + + set -e # We instruct bash that it CAN again fail on individual errors + + #echo "`date` test_domain_name = $test_domain_name, test_name_server = $test_name_server, sGetPacketOutput = $sGetPacketOutput" + + unset aNameServers + unset aWinsServers + + nNameServerIndex=1 + nWinsServerIndex=1 + + if [ "$sGetPacketOutput" ]; then + sGetPacketOutput_FirstLine=`echo "$sGetPacketOutput"|head -n 1` + #echo $sGetPacketOutput_FirstLine + + if [ "$sGetPacketOutput_FirstLine" == "op = BOOTREPLY" ]; then + set +e # "grep" will return error status (1) if no matches are found, so don't fail on individual errors + + for tNameServer in `echo "$sGetPacketOutput"|grep "domain_name_server"|grep -Eo "\{([0-9\.]+)(, [0-9\.]+)*\}"|grep -Eo "([0-9\.]+)"`; do + aNameServers[nNameServerIndex-1]="$(trim "$tNameServer")" + let nNameServerIndex++ + done + + for tWINSServer in `echo "$sGetPacketOutput"|grep "nb_over_tcpip_name_server"|grep -Eo "\{([0-9\.]+)(, [0-9\.]+)*\}"|grep -Eo "([0-9\.]+)"`; do + aWinsServers[nWinsServerIndex-1]="$(trim "$tWINSServer")" + let nWinsServerIndex++ + done + + sDomainName=`echo "$sGetPacketOutput"|grep "domain_name "|grep -Eo ": [-A-Za-z0-9\-\.]+"|grep -Eo "[-A-Za-z0-9\-\.]+"` + sDomainName="$(trim "$sDomainName")" + + if [ ${#aNameServers[*]} -gt 0 -a "$sDomainName" ]; then + logMessage "Retrieved name server(s) [ ${aNameServers[@]} ], domain name [ $sDomainName ], and WINS server(s) [ ${aWinsServers[@]} ]" + setDnsServersAndDomainName aNameServers[@] "$sDomainName" aWinsServers[@] + return 0 + elif [ ${#aNameServers[*]} -gt 0 ]; then + logMessage "Retrieved name server(s) [ ${aNameServers[@]} ] and WINS server(s) [ ${aWinsServers[@]} ] and using default domain name [ $DEFAULT_DOMAIN_NAME ]" + setDnsServersAndDomainName aNameServers[@] "$DEFAULT_DOMAIN_NAME" aWinsServers[@] + return 0 + else + # Should we return 1 here and indicate an error, or attempt the old method? + logMessage "No useful information extracted from DHCP/BOOTP packet. Attempting legacy configuration." + fi + + set -e # We instruct bash that it CAN again fail on errors + else + # Should we return 1 here and indicate an error, or attempt the old method? + logMessage "No DHCP/BOOTP packet found on interface. Attempting legacy configuration." + fi + fi + + unset sDomainName + unset sNameServer + unset aNameServers + + sDomainName=`ipconfig getoption $dev domain_name 2>/dev/null` + sNameServer=`ipconfig getoption $dev domain_name_server 2>/dev/null` + + sDomainName="$(trim "$sDomainName")" + sNameServer="$(trim "$sNameServer")" + + declare -a aWinsServers=( ) # Declare empty WINS array to avoid any useless error messages + + if [ "$sDomainName" -a "$sNameServer" ]; then + aNameServers[0]=$sNameServer + logMessage "Retrieved name server [ $sNameServer ], domain name [ $sDomainName ], and no WINS servers" + setDnsServersAndDomainName aNameServers[@] "$sDomainName" aWinsServers[@] + elif [ "$sNameServer" ]; then + aNameServers[0]=$sNameServer + logMessage "Retrieved name server [ $sNameServer ] and no WINS servers, and using default domain name [ $DEFAULT_DOMAIN_NAME ]" + setDnsServersAndDomainName aNameServers[@] "$DEFAULT_DOMAIN_NAME" aWinsServers[@] + elif [ "$sDomainName" ]; then + logMessage "WARNING: Retrieved domain name [ $sDomainName ] but no name servers from OpenVPN (DHCP), which is not sufficient to make network/DNS configuration changes." + if ${ARG_MONITOR_NETWORK_CONFIGURATION} ; then + logMessage "Will NOT monitor for other network configuration changes." + fi + else + logMessage "WARNING: No DNS information received from OpenVPN (DHCP), so no network/DNS configuration changes need to be made." + if ${ARG_MONITOR_NETWORK_CONFIGURATION} ; then + logMessage "Will NOT monitor for other network configuration changes." + fi + fi + + return 0 +} + +configureOpenVpnDns() +{ + unset vForOptions + unset vOptions + unset aNameServers + unset aWinsServers + + nOptionIndex=1 + nNameServerIndex=1 + nWinsServerIndex=1 + + while vForOptions=foreign_option_$nOptionIndex; [ -n "${!vForOptions}" ]; do + vOptions[nOptionIndex-1]=${!vForOptions} + case ${vOptions[nOptionIndex-1]} in + *DOMAIN* ) + sDomainName="$(trim "${vOptions[nOptionIndex-1]//dhcp-option DOMAIN /}")" + ;; + *DNS* ) + aNameServers[nNameServerIndex-1]="$(trim "${vOptions[nOptionIndex-1]//dhcp-option DNS /}")" + let nNameServerIndex++ + ;; + *WINS* ) + aWinsServers[nWinsServerIndex-1]="$(trim "${vOptions[nOptionIndex-1]//dhcp-option WINS /}")" + let nWinsServerIndex++ + ;; + * ) + logMessage "Unknown: 'foreign_option_${nOptionIndex}' = '${vOptions[nOptionIndex-1]}'" + ;; + esac + let nOptionIndex++ + done + + if [ ${#aNameServers[*]} -gt 0 -a "$sDomainName" ]; then + logMessage "Retrieved name server(s) [ ${aNameServers[@]} ], domain name [ $sDomainName ], and WINS server(s) [ ${aWinsServers[@]} ]" + setDnsServersAndDomainName aNameServers[@] "$sDomainName" aWinsServers[@] + elif [ ${#aNameServers[*]} -gt 0 ]; then + logMessage "Retrieved name server(s) [ ${aNameServers[@]} ] and WINS server(s) [ ${aWinsServers[@]} ] and using default domain name [ $DEFAULT_DOMAIN_NAME ]" + setDnsServersAndDomainName aNameServers[@] "$DEFAULT_DOMAIN_NAME" aWinsServers[@] + else + # Should we maybe just return 1 here to indicate an error? Does this mean that something bad has happened? + logMessage "No DNS information recieved from OpenVPN, so no network configuration changes need to be made." + if ${ARG_MONITOR_NETWORK_CONFIGURATION} ; then + logMessage "Will NOT monitor for other network configuration changes." + fi + fi + + return 0 +} + +# We sleep here to allow time for OS X to process network settings +sleep 2 + +EXIT_CODE=0 + +if ${ARG_TAP} ; then + # Still need to do: Look for route-gateway dhcp (TAP isn't always DHCP) + bRouteGatewayIsDhcp="false" + if [ -z "${route_vpn_gateway}" -o "$route_vpn_gateway" == "dhcp" -o "$route_vpn_gateway" == "DHCP" ]; then + bRouteGatewayIsDhcp="true" + fi + + if [ "$bRouteGatewayIsDhcp" == "true" ]; then + if [ -z "$dev" ]; then + logMessage "Cannot configure TAP interface for DHCP without \$dev being defined. Exiting." + exit 1 + fi + + ipconfig set "$dev" DHCP + + configureDhcpDns & + elif [ "$foreign_option_1" == "" ]; then + logMessage "No network configuration changes need to be made." + if ${ARG_MONITOR_NETWORK_CONFIGURATION} ; then + logMessage "Will NOT monitor for other network configuration changes." + fi + else + configureOpenVpnDns + EXIT_CODE=$? + fi +else + if [ "$foreign_option_1" == "" ]; then + logMessage "No network configuration changes need to be made." + if ${ARG_MONITOR_NETWORK_CONFIGURATION} ; then + logMessage "Will NOT monitor for other network configuration changes." + fi + else + configureOpenVpnDns + EXIT_CODE=$? + fi +fi + +exit $EXIT_CODE diff --git a/pkg/osx/install/install-leapc.sh b/pkg/osx/install/install-leapc.sh new file mode 100755 index 00000000..d47b8f45 --- /dev/null +++ b/pkg/osx/install/install-leapc.sh @@ -0,0 +1,16 @@ +#!/bin/sh +echo "Installing LEAP Client in /Applications" +cp -r "LEAP Client.app" "/Applications" + +echo "Copying openvpn binary" +cp -r openvpn.leap /usr/bin + + +echo "Installing tun/tap drivers" +cp -r Extensions/* /Library/Extensions +cp -r StartupItems/* /Library/StartupItems + +echo "Loading tun/tap kernel extension" +/Library/StartupItems/tun/tun start + +echo "Installation Finished!" diff --git a/pkg/osx/install/leap-installer.platypus b/pkg/osx/install/leap-installer.platypus new file mode 100644 index 00000000..9150961e --- /dev/null +++ b/pkg/osx/install/leap-installer.platypus @@ -0,0 +1,90 @@ + + + + + AcceptsFiles + + AcceptsText + + Authentication + + Author + Kali Yuga + BundledFiles + + Creator + Platypus-4.7 + DeclareService + + Destination + MyPlatypusApp.app + DestinationOverride + + DevelopmentVersion + + DocIcon + + Droppable + + ExecutablePath + /opt/local/share/platypus/ScriptExec + FileTypes + + **** + fold + + IconPath + + Identifier + se.leap.LEAPClientInstaller + Interpreter + /bin/sh + InterpreterArgs + + Name + LEAPClient Installer + NibPath + /opt/local/share/platypus/MainMenu.nib + OptimizeApplication + + Output + Progress Bar + RemainRunning + + Role + Viewer + ScriptArgs + + ScriptPath + ./install/install-leapc.sh + Secure + + ShowInDock + + StatusItemDisplayType + Text + StatusItemIcon + + + StatusItemTitle + MyPlatypusApp + Suffixes + + * + + TextBackground + #ffffff + TextEncoding + 4 + TextFont + Monaco + TextForeground + #000000 + TextSize + 10 + UseXMLPlistFormat + + Version + 1.0 + + -- cgit v1.2.3 From dc1466ea1384ea6263f3711b10f38365e0d727bc Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 9 Jan 2013 02:08:12 +0900 Subject: bump srp requirement due to critical bugfix --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index e7ccb97a..dbb04cbc 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -8,7 +8,7 @@ psutil netifaces python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 jsonschema -srp # >=1.0.1 MUST HAVE 1.0.1 BUGFIX, but upstream DID NOT UPDATE setup.py so it conflicts +srp>=1.0.2 pycrypto keyring python-dateutil -- cgit v1.2.3 From f55dcd717a946651492142ed198853b1c667254b Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 10 Jan 2013 02:00:21 +0900 Subject: renamed connection page --- pkg/dev-reqs.pip | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 pkg/dev-reqs.pip (limited to 'pkg') diff --git a/pkg/dev-reqs.pip b/pkg/dev-reqs.pip new file mode 100644 index 00000000..44799a26 --- /dev/null +++ b/pkg/dev-reqs.pip @@ -0,0 +1,4 @@ +ipython +ipdb +pdb4qt +pygeoip -- cgit v1.2.3 From ade0eded09176fd687d1ee30724468c048d15065 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 11 Jan 2013 09:16:49 +0900 Subject: fix for missing cacert bundle frozen app cannot find requests cacert bundle. added to Resources to get us going. --- pkg/osx/Makefile | 33 ++++++++++++++++++--------------- pkg/osx/install/install-leapc.sh | 2 ++ pkg/osx/leap-client.spec | 5 ++++- 3 files changed, 24 insertions(+), 16 deletions(-) (limited to 'pkg') diff --git a/pkg/osx/Makefile b/pkg/osx/Makefile index b302fa31..f2520fcf 100644 --- a/pkg/osx/Makefile +++ b/pkg/osx/Makefile @@ -1,6 +1,10 @@ #WARNING: You need to run this with an activated VIRTUALENV. OSX = dist/LEAP\ Client.app/Contents/MacOS/ +GITC = `git rev-parse --short HEAD` +DMG = "dist/leap-client-$(GITC).dmg" +INST = "dist/LEAP Client installer.app" +INSTR = "dist/LEAP Client installer.app/Contents/Resources" pkg : dist trim installer dmg @@ -16,28 +20,27 @@ trim: installer: #XXX need to fix some paths there (binary, etc) - platypus -P install/leap-installer.platypus -y dist/LEAPClient_installer.app + platypus -P install/leap-installer.platypus -y $(INST) #XXX should build tuntap extensions ourselves - mkdir "dist/LEAPClient_installer.app/Contents/Resources/StartupItems" - mkdir "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" - cp -r /opt/local/Library/StartupItems/tun "dist/LEAPClient_installer.app/Contents/Resources/StartupItems/" - cp -r /opt/local/Library/StartupItems/tap "dist/LEAPClient_installer.app/Contents/Resources/StartupItems/" - cp -r /opt/local/Library/Extensions/tun.kext "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" - cp -r /opt/local/Library/Extensions/tap.kext "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" + mkdir $(INSTR)/StartupItems + mkdir $(INSTR)/Extensions + cp -r /opt/local/Library/StartupItems/tun $(INSTR)/StartupItems + cp -r /opt/local/Library/StartupItems/tap $(INSTR)/StartupItems + cp -r /opt/local/Library/Extensions/tun.kext $(INSTR)/Extensions + cp -r /opt/local/Library/Extensions/tap.kext $(INSTR)/Extensions #copy the binary that we have previously built #XXX not building it yet... - cp ../../openvpn/build/openvpn.leap "dist/LEAPClient_installer.app/Contents/Resources/" + cp ../../openvpn/build/openvpn.leap $(INSTR) #copy startup scripts - cp install/client.up.sh "dist/LEAP Client.app/Contents/Resources" - cp install/client.down.sh "dist/LEAP Client.app/Contents/Resources" - cp install/ProcessNetworkChanges.plist.template "dist/LEAP Client.app/Contents/Resources" + cp install/client.up.sh $(INSTR) + cp install/client.down.sh $(INSTR) + cp install/ProcessNetworkChanges.plist.template $(INSTR) #Finally, copy application bundle... - cp -r "dist/LEAP Client.app" "dist/LEAPClient_installer.app/Contents/Resources/" + cp -r "dist/LEAP Client.app" $(INSTR) dmg : - #TODO: remove if already present - #rm dist/LEAPClient.dmg - hdiutil create -format UDBZ -srcfolder "dist/LEAPClient_installer.app/" "dist/LEAP Client Installer.dmg" + rm -f $(DMG) + hdiutil create -format UDBZ -srcfolder $(INST) $(DMG) clean : rm -rf dist/ build/ diff --git a/pkg/osx/install/install-leapc.sh b/pkg/osx/install/install-leapc.sh index d47b8f45..7a0d3a5e 100755 --- a/pkg/osx/install/install-leapc.sh +++ b/pkg/osx/install/install-leapc.sh @@ -14,3 +14,5 @@ echo "Loading tun/tap kernel extension" /Library/StartupItems/tun/tun start echo "Installation Finished!" + +open /Applications/LEAP\ Client.app/ diff --git a/pkg/osx/leap-client.spec b/pkg/osx/leap-client.spec index 4a34bb7c..04f45253 100644 --- a/pkg/osx/leap-client.spec +++ b/pkg/osx/leap-client.spec @@ -15,7 +15,10 @@ exe = EXE(pyz, upx=True, console=False) coll = COLLECT(exe, - a.binaries, + a.binaries + + # this will easitly break if we setup the venv + # somewhere else. FIXME + [('cacert.pem', '../../../../lib/python2.6/site-packages/requests/cacert.pem', 'DATA')], a.zipfiles, a.datas, strip=True, -- cgit v1.2.3 From f90f9df1d09e12ba64e9401530684d5a36220ad3 Mon Sep 17 00:00:00 2001 From: kali Date: Tue, 15 Jan 2013 22:17:56 +0900 Subject: todo about ping_gateway function --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index dbb04cbc..fa40c490 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -3,7 +3,7 @@ argparse # only for python 2.6 requests<1.0.0 -ping +ping # don't use it! needs root. psutil netifaces python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 -- cgit v1.2.3 From 67506fe6ba55ac7eaf4cbfd3606bff34a1214c11 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 16 Jan 2013 01:33:50 +0900 Subject: add update resolv.conf script --- pkg/linux/leap-update-resolv-conf | 90 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 pkg/linux/leap-update-resolv-conf (limited to 'pkg') diff --git a/pkg/linux/leap-update-resolv-conf b/pkg/linux/leap-update-resolv-conf new file mode 100644 index 00000000..a54802e3 --- /dev/null +++ b/pkg/linux/leap-update-resolv-conf @@ -0,0 +1,90 @@ +#!/bin/bash +# +# Parses options from openvpn to update resolv.conf +# +# The only way to enforce that a linux system will not leak DNS +# queries is to replace /etc/resolv.conf with a file that only +# has the DNS resolver specified by the VPN. +# +# That is what this script does. This is what resolvconf is for, +# but sadly it does not always work. +# +# Example envs set from openvpn: +# foreign_option_1='dhcp-option DNS 193.43.27.132' +# foreign_option_2='dhcp-option DNS 193.43.27.133' +# foreign_option_3='dhcp-option DOMAIN be.bnc.ch' +# + +function up() { + + comment=$( +cat < /etc/resolv.conf +} + +function down() { + if [ -f /etc/resolv.conf.bak ] ; then + unlink /etc/resolv.conf + mv /etc/resolv.conf.bak /etc/resolv.conf + fi +} + +case $script_type in + up) up ;; + down) down ;; +esac -- cgit v1.2.3 From 42c4ee53a8311164d82d10b1f6d19ae7604346c6 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 16 Jan 2013 06:03:05 +0900 Subject: add libgnutls lib to osx build --- pkg/osx/install/install-leapc.sh | 9 ++++++++- pkg/osx/leap-client.spec | 6 +++++- 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'pkg') diff --git a/pkg/osx/install/install-leapc.sh b/pkg/osx/install/install-leapc.sh index 7a0d3a5e..a2435adf 100755 --- a/pkg/osx/install/install-leapc.sh +++ b/pkg/osx/install/install-leapc.sh @@ -5,6 +5,13 @@ cp -r "LEAP Client.app" "/Applications" echo "Copying openvpn binary" cp -r openvpn.leap /usr/bin +echo "Installing gnutls" +mkdir -p /opt/local/lib +mv -f "/Applications/LEAP Client.app/Contents/MacOS/libgnutls.26.dylib" /opt/local/lib +mv -f "/Applications/LEAP Client.app/Contents/MacOS/libgnutls-extra.26.dylib" /opt/local/lib +ln -sf /opt/local/lib/libgnutls.26.dylib /opt/local/lib/libgnutls.dylib +ln -sf /opt/local/lib/libgnutls-extra.26.dylib /opt/local/lib/libgnutls-extra.dylib + echo "Installing tun/tap drivers" cp -r Extensions/* /Library/Extensions @@ -15,4 +22,4 @@ echo "Loading tun/tap kernel extension" echo "Installation Finished!" -open /Applications/LEAP\ Client.app/ +ln -s /Applications/LEAP\ Client.app/ /Volumes/LEAP\ Client\ installer/ diff --git a/pkg/osx/leap-client.spec b/pkg/osx/leap-client.spec index 04f45253..65496469 100644 --- a/pkg/osx/leap-client.spec +++ b/pkg/osx/leap-client.spec @@ -18,7 +18,11 @@ coll = COLLECT(exe, a.binaries + # this will easitly break if we setup the venv # somewhere else. FIXME - [('cacert.pem', '../../../../lib/python2.6/site-packages/requests/cacert.pem', 'DATA')], + [('cacert.pem', '../../../../lib/python2.6/site-packages/requests/cacert.pem', 'DATA'), + # XXX osx only + ('libgnutls.26.dylib', '/opt/local/lib/libgnutls.26.dylib', 'BINARY'), + ('libgnutls-extra.26.dylib', '/opt/local/lib/libgnutls-extra.26.dylib', 'BINARY'), + ], a.zipfiles, a.datas, strip=True, -- cgit v1.2.3 From 68af5b2f807ac8acd9525d46d37cfd2a28a06b47 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 16 Jan 2013 23:33:46 +0900 Subject: fix ctypes dependency discovery for libgnutls --- pkg/osx/install/install-leapc.sh | 8 -------- pkg/osx/leap-client.spec | 3 --- 2 files changed, 11 deletions(-) (limited to 'pkg') diff --git a/pkg/osx/install/install-leapc.sh b/pkg/osx/install/install-leapc.sh index a2435adf..2ecfc08e 100755 --- a/pkg/osx/install/install-leapc.sh +++ b/pkg/osx/install/install-leapc.sh @@ -5,14 +5,6 @@ cp -r "LEAP Client.app" "/Applications" echo "Copying openvpn binary" cp -r openvpn.leap /usr/bin -echo "Installing gnutls" -mkdir -p /opt/local/lib -mv -f "/Applications/LEAP Client.app/Contents/MacOS/libgnutls.26.dylib" /opt/local/lib -mv -f "/Applications/LEAP Client.app/Contents/MacOS/libgnutls-extra.26.dylib" /opt/local/lib -ln -sf /opt/local/lib/libgnutls.26.dylib /opt/local/lib/libgnutls.dylib -ln -sf /opt/local/lib/libgnutls-extra.26.dylib /opt/local/lib/libgnutls-extra.dylib - - echo "Installing tun/tap drivers" cp -r Extensions/* /Library/Extensions cp -r StartupItems/* /Library/StartupItems diff --git a/pkg/osx/leap-client.spec b/pkg/osx/leap-client.spec index 65496469..75bf991b 100644 --- a/pkg/osx/leap-client.spec +++ b/pkg/osx/leap-client.spec @@ -19,9 +19,6 @@ coll = COLLECT(exe, # this will easitly break if we setup the venv # somewhere else. FIXME [('cacert.pem', '../../../../lib/python2.6/site-packages/requests/cacert.pem', 'DATA'), - # XXX osx only - ('libgnutls.26.dylib', '/opt/local/lib/libgnutls.26.dylib', 'BINARY'), - ('libgnutls-extra.26.dylib', '/opt/local/lib/libgnutls-extra.26.dylib', 'BINARY'), ], a.zipfiles, a.datas, -- cgit v1.2.3 From d6c8cb0f12e8924820c296a8114a7899f61e5180 Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 17 Jan 2013 05:54:16 +0900 Subject: (osx) detect which interface is traffic going thru --- pkg/requirements.pip | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index fa40c490..69d435dc 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -1,5 +1,5 @@ # in order of addition to the project. -# do not change it, we will freeze the requirements before tagging a release. +# do not change the ordering. argparse # only for python 2.6 requests<1.0.0 @@ -16,3 +16,4 @@ python-gnupg u1db oauth couchdb +sh -- cgit v1.2.3 From 6fb952397573f4bc90f4cd9e72b49fcf6256e95c Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 17 Jan 2013 08:07:45 +0900 Subject: localize exit country if we can only if we can find the geoip database, which comes with geoip-database in debian. we will have to think more about this in the future but it's nice to have now for testing. --- pkg/requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 69d435dc..813a9c62 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -17,3 +17,4 @@ u1db oauth couchdb sh +pygeoip -- cgit v1.2.3 From 8226d6032b6db0c15ff70e377f87f4acfdd21787 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 23 Jan 2013 07:02:58 +0900 Subject: working up/down resolv-conf script --- pkg/linux/README | 4 ++ pkg/linux/leap-update-resolv-conf | 90 --------------------------------------- pkg/linux/resolv-update | 90 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 94 insertions(+), 90 deletions(-) create mode 100644 pkg/linux/README delete mode 100644 pkg/linux/leap-update-resolv-conf create mode 100755 pkg/linux/resolv-update (limited to 'pkg') diff --git a/pkg/linux/README b/pkg/linux/README new file mode 100644 index 00000000..7410789b --- /dev/null +++ b/pkg/linux/README @@ -0,0 +1,4 @@ += Files = +In GNU/Linux, we expect these files to be in place: + +resolv-update -> /etc/leap/resolv-update diff --git a/pkg/linux/leap-update-resolv-conf b/pkg/linux/leap-update-resolv-conf deleted file mode 100644 index a54802e3..00000000 --- a/pkg/linux/leap-update-resolv-conf +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/bash -# -# Parses options from openvpn to update resolv.conf -# -# The only way to enforce that a linux system will not leak DNS -# queries is to replace /etc/resolv.conf with a file that only -# has the DNS resolver specified by the VPN. -# -# That is what this script does. This is what resolvconf is for, -# but sadly it does not always work. -# -# Example envs set from openvpn: -# foreign_option_1='dhcp-option DNS 193.43.27.132' -# foreign_option_2='dhcp-option DNS 193.43.27.133' -# foreign_option_3='dhcp-option DOMAIN be.bnc.ch' -# - -function up() { - - comment=$( -cat < /etc/resolv.conf -} - -function down() { - if [ -f /etc/resolv.conf.bak ] ; then - unlink /etc/resolv.conf - mv /etc/resolv.conf.bak /etc/resolv.conf - fi -} - -case $script_type in - up) up ;; - down) down ;; -esac diff --git a/pkg/linux/resolv-update b/pkg/linux/resolv-update new file mode 100755 index 00000000..a54802e3 --- /dev/null +++ b/pkg/linux/resolv-update @@ -0,0 +1,90 @@ +#!/bin/bash +# +# Parses options from openvpn to update resolv.conf +# +# The only way to enforce that a linux system will not leak DNS +# queries is to replace /etc/resolv.conf with a file that only +# has the DNS resolver specified by the VPN. +# +# That is what this script does. This is what resolvconf is for, +# but sadly it does not always work. +# +# Example envs set from openvpn: +# foreign_option_1='dhcp-option DNS 193.43.27.132' +# foreign_option_2='dhcp-option DNS 193.43.27.133' +# foreign_option_3='dhcp-option DOMAIN be.bnc.ch' +# + +function up() { + + comment=$( +cat < /etc/resolv.conf +} + +function down() { + if [ -f /etc/resolv.conf.bak ] ; then + unlink /etc/resolv.conf + mv /etc/resolv.conf.bak /etc/resolv.conf + fi +} + +case $script_type in + up) up ;; + down) down ;; +esac -- cgit v1.2.3 From 39430cf8c1f9b7118586b1a1f232168fb2d5730b Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 24 Jan 2013 07:36:51 +0900 Subject: switch dependency to pyopenssl --- pkg/requirements.pip | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 813a9c62..4108d259 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -3,18 +3,20 @@ argparse # only for python 2.6 requests<1.0.0 -ping # don't use it! needs root. psutil netifaces -python-gnutls==1.1.9 # see https://bugs.launchpad.net/ubuntu/+source/python-gnutls/+bug/1027129 +pyopenssl jsonschema srp>=1.0.2 pycrypto keyring python-dateutil +sh +pygeoip # optional +#ping # to be deprecated + +# soledad deps -- will move to its own repo soon python-gnupg u1db oauth couchdb -sh -pygeoip -- cgit v1.2.3 From 9cdc193c587631986e579c1ba37a8b982be01238 Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 24 Jan 2013 18:47:41 +0900 Subject: all tests green again plus: * added soledad test requirements * removed soledad from run_tests run (+1K tests failing) * added option to run All tests to run_tests script * pep8 cleanup --- pkg/test-requirements.pip | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'pkg') diff --git a/pkg/test-requirements.pip b/pkg/test-requirements.pip index 11ccf4eb..43bec43c 100644 --- a/pkg/test-requirements.pip +++ b/pkg/test-requirements.pip @@ -4,3 +4,8 @@ mock nose pep8==1.1 sphinx>=1.1.2 +nose-exclude + +# for soledad * to be splitted * +testscenarios +testtools -- cgit v1.2.3 From 8cbbc4199ab474bd4d392202eb6e93a0aea677b5 Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 24 Jan 2013 23:49:54 +0900 Subject: test requirements for soledad --- pkg/test-requirements.pip | 2 ++ 1 file changed, 2 insertions(+) (limited to 'pkg') diff --git a/pkg/test-requirements.pip b/pkg/test-requirements.pip index 43bec43c..edd53b16 100644 --- a/pkg/test-requirements.pip +++ b/pkg/test-requirements.pip @@ -1,3 +1,4 @@ +six>=1.1,<1.2 # soledad req (nose2) unittest2 # TODO we should include this dep only for python2.6 coverage mock @@ -7,5 +8,6 @@ sphinx>=1.1.2 nose-exclude # for soledad * to be splitted * +nose2 testscenarios testtools -- cgit v1.2.3 From cfeddae5b94a6ab9883f3226702dee31850d638f Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 24 Jan 2013 23:50:39 +0900 Subject: ping still in use... --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 4108d259..9b521a95 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -13,7 +13,7 @@ keyring python-dateutil sh pygeoip # optional -#ping # to be deprecated +ping # to be deprecated # soledad deps -- will move to its own repo soon python-gnupg -- cgit v1.2.3 From 66c40125df7c39d0a83cfa2fc2873de6bfbc7496 Mon Sep 17 00:00:00 2001 From: antialias Date: Thu, 24 Jan 2013 11:08:26 -0500 Subject: added tox to test-requirements.pip --- pkg/test-requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/test-requirements.pip b/pkg/test-requirements.pip index edd53b16..d60439ea 100644 --- a/pkg/test-requirements.pip +++ b/pkg/test-requirements.pip @@ -6,6 +6,7 @@ nose pep8==1.1 sphinx>=1.1.2 nose-exclude +tox # for soledad * to be splitted * nose2 -- cgit v1.2.3 From ea00bc02d9722a670067667df752921d2c824389 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 25 Jan 2013 07:00:10 +0900 Subject: use dirspec --- pkg/requirements.pip | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 9b521a95..19bd8514 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -14,6 +14,7 @@ python-dateutil sh pygeoip # optional ping # to be deprecated +dirspec # soledad deps -- will move to its own repo soon python-gnupg -- cgit v1.2.3 From aaeb78c2a93025b6a7c72d136336f16acccbc23c Mon Sep 17 00:00:00 2001 From: antialias Date: Thu, 24 Jan 2013 17:07:12 -0500 Subject: removed ping and root dependency (1456). improved default network request (771). fixed ERROR "cannot concatenate 'str' and 'list' objects" (1449). --- pkg/requirements.pip | 1 - 1 file changed, 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 9b521a95..a8a50fd3 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -13,7 +13,6 @@ keyring python-dateutil sh pygeoip # optional -ping # to be deprecated # soledad deps -- will move to its own repo soon python-gnupg -- cgit v1.2.3 From 46e1040b7c64b3d1c7c6edae5ae0ad3eeacdf6ab Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 25 Jan 2013 08:02:19 +0900 Subject: add zope.interface dep --- pkg/requirements.pip | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 0b0aef26..116f6492 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -12,9 +12,13 @@ pycrypto keyring python-dateutil sh -pygeoip # optional dirspec +pygeoip # optional + +# email +zope.interface + # soledad deps -- will move to its own repo soon python-gnupg u1db -- cgit v1.2.3 From 2814a28b5bd9bb15953cfd2ed31b1ef4dbf396bf Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 25 Jan 2013 18:22:45 +0900 Subject: add twisted as email dependency --- pkg/requirements.pip | 2 ++ 1 file changed, 2 insertions(+) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 116f6492..5b0b0d18 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -17,7 +17,9 @@ dirspec pygeoip # optional # email + zope.interface +twisted>=12.3.0 # soledad deps -- will move to its own repo soon python-gnupg -- cgit v1.2.3 From e33c500ad3006670158493f2a12afc015610894d Mon Sep 17 00:00:00 2001 From: kali Date: Mon, 28 Jan 2013 04:48:21 +0900 Subject: change dirspec dep by pyxdg --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 5b0b0d18..cbfbe8fb 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -12,7 +12,7 @@ pycrypto keyring python-dateutil sh -dirspec +pyxdg pygeoip # optional -- cgit v1.2.3 From 10a2303fe2d21999bce56940daecb78576f5b741 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 30 Jan 2013 06:49:58 +0900 Subject: remove soledad / email requirements for 0.2 release --- pkg/requirements.pip | 11 ----------- pkg/test-requirements.pip | 6 ------ 2 files changed, 17 deletions(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index cbfbe8fb..89b0ad3b 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -15,14 +15,3 @@ sh pyxdg pygeoip # optional - -# email - -zope.interface -twisted>=12.3.0 - -# soledad deps -- will move to its own repo soon -python-gnupg -u1db -oauth -couchdb diff --git a/pkg/test-requirements.pip b/pkg/test-requirements.pip index d60439ea..a7349bfc 100644 --- a/pkg/test-requirements.pip +++ b/pkg/test-requirements.pip @@ -1,4 +1,3 @@ -six>=1.1,<1.2 # soledad req (nose2) unittest2 # TODO we should include this dep only for python2.6 coverage mock @@ -7,8 +6,3 @@ pep8==1.1 sphinx>=1.1.2 nose-exclude tox - -# for soledad * to be splitted * -nose2 -testscenarios -testtools -- cgit v1.2.3 From 4067a488564b0a5558d3a6ad0aa542292fd98fcc Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 31 Jan 2013 07:45:01 +0900 Subject: add comment about jsonschema ver --- pkg/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg') diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 89b0ad3b..839722de 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -6,7 +6,7 @@ requests<1.0.0 psutil netifaces pyopenssl -jsonschema +jsonschema #>0.7 srp>=1.0.2 pycrypto keyring -- cgit v1.2.3