From 076cbbef6edf9d6dc8145f31d0803941d5ad6605 Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Mon, 7 Jul 2014 18:13:22 -0300
Subject: Add support for fingerprint-gui's polkit agent.

Closes #5880.
---
 src/leap/bitmask/services/eip/linuxvpnlauncher.py | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/leap/bitmask/services/eip')

diff --git a/src/leap/bitmask/services/eip/linuxvpnlauncher.py b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
index 8ec0c050..1409d504 100644
--- a/src/leap/bitmask/services/eip/linuxvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
@@ -74,6 +74,7 @@ def _is_auth_agent_running():
         'ps aux | grep "polkit-[m]ate-authentication-agent-1"',
         'ps aux | grep "[l]xpolkit"',
         'ps aux | grep "[g]nome-shell"',
+        'ps aux | grep "[f]ingerprint-polkit-agent"',
     ]
     is_running = [commands.getoutput(cmd) for cmd in polkit_options]
 
-- 
cgit v1.2.3


From 1162895e124191996cc448816ad5b26bad266cfa Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Thu, 10 Jul 2014 11:59:42 -0700
Subject: bitmask-root: rip out all resolvconf code and simply rewrite all DNS
 packets to use the VPN nameserver.

---
 src/leap/bitmask/services/eip/linuxvpnlauncher.py | 6 ------
 1 file changed, 6 deletions(-)

(limited to 'src/leap/bitmask/services/eip')

diff --git a/src/leap/bitmask/services/eip/linuxvpnlauncher.py b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
index 1409d504..b6e47f25 100644
--- a/src/leap/bitmask/services/eip/linuxvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
@@ -127,12 +127,6 @@ class LinuxVPNLauncher(VPNLauncher):
             # LinuxPolicyChecker will give us the right path if standalone.
             return LinuxPolicyChecker.get_polkit_path()
 
-    class RESOLVCONF_BIN_PATH(object):
-        def __call__(self):
-            return ("/usr/local/sbin/leap-resolvconf" if flags.STANDALONE else
-                    "/sbin/resolvconf")
-        # this only will work with debian/ubuntu distros.
-
     OTHER_FILES = (POLKIT_PATH, BITMASK_ROOT, OPENVPN_BIN_PATH)
 
     @classmethod
-- 
cgit v1.2.3


From 6dbd52e2f0d75ad9bf7c2f11e3384d8bab0520c9 Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Wed, 18 Jun 2014 12:37:23 -0300
Subject: Use new backend/signaler and start logic in processes.

---
 src/leap/bitmask/services/eip/conductor.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src/leap/bitmask/services/eip')

diff --git a/src/leap/bitmask/services/eip/conductor.py b/src/leap/bitmask/services/eip/conductor.py
index a8821160..dfd27f3d 100644
--- a/src/leap/bitmask/services/eip/conductor.py
+++ b/src/leap/bitmask/services/eip/conductor.py
@@ -33,7 +33,7 @@ logger = logging.getLogger(__name__)
 
 class EIPConductor(object):
 
-    def __init__(self, settings, backend, **kwargs):
+    def __init__(self, settings, backend, leap_signaler, **kwargs):
         """
         Initializes EIP Conductor.
 
@@ -46,6 +46,7 @@ class EIPConductor(object):
         self.eip_connection = EIPConnection()
         self.eip_name = get_service_display_name(EIP_SERVICE)
         self._settings = settings
+        self._leap_signaler = leap_signaler
         self._backend = backend
 
         self._eip_status = None
@@ -76,7 +77,7 @@ class EIPConductor(object):
         """
         Connect to backend signals.
         """
-        signaler = self._backend.signaler
+        signaler = self._leap_signaler
 
         # for conductor
         signaler.eip_process_restart_tls.connect(self._do_eip_restart)
-- 
cgit v1.2.3


From b66c1643eeb094a0f54d621ec3bf2c93173b767d Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Wed, 11 Jun 2014 15:35:10 -0300
Subject: Lowercase signals names.

---
 src/leap/bitmask/services/eip/eipbootstrapper.py |  6 +++---
 src/leap/bitmask/services/eip/vpnprocess.py      | 14 +++++++-------
 2 files changed, 10 insertions(+), 10 deletions(-)

(limited to 'src/leap/bitmask/services/eip')

diff --git a/src/leap/bitmask/services/eip/eipbootstrapper.py b/src/leap/bitmask/services/eip/eipbootstrapper.py
index c77977ce..264eac2e 100644
--- a/src/leap/bitmask/services/eip/eipbootstrapper.py
+++ b/src/leap/bitmask/services/eip/eipbootstrapper.py
@@ -53,7 +53,7 @@ class EIPBootstrapper(AbstractBootstrapper):
         self._eip_config = None
         self._download_if_needed = False
         if signaler is not None:
-            self._cancel_signal = signaler.EIP_CANCELLED_SETUP
+            self._cancel_signal = signaler.eip_cancelled_setup
 
     def _download_config(self, *args):
         """
@@ -116,9 +116,9 @@ class EIPBootstrapper(AbstractBootstrapper):
         self._download_if_needed = download_if_needed
 
         cb_chain = [
-            (self._download_config, self._signaler.EIP_CONFIG_READY),
+            (self._download_config, self._signaler.eip_config_ready),
             (self._download_client_certificates,
-             self._signaler.EIP_CLIENT_CERTIFICATE_READY)
+             self._signaler.eip_client_certificate_ready)
         ]
 
         return self.addCallbackChain(cb_chain)
diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py
index b54f2925..3bda3059 100644
--- a/src/leap/bitmask/services/eip/vpnprocess.py
+++ b/src/leap/bitmask/services/eip/vpnprocess.py
@@ -118,10 +118,10 @@ class VPNObserver(object):
         """
         sig = self._signaler
         signals = {
-            "network_unreachable": sig.EIP_NETWORK_UNREACHABLE,
-            "process_restart_tls": sig.EIP_PROCESS_RESTART_TLS,
-            "process_restart_ping": sig.EIP_PROCESS_RESTART_PING,
-            "initialization_completed": sig.EIP_CONNECTED
+            "network_unreachable": sig.eip_network_unreachable,
+            "process_restart_tls": sig.eip_process_restart_tls,
+            "process_restart_ping": sig.eip_process_restart_ping,
+            "initialization_completed": sig.eip_connected
         }
         return signals.get(event.lower())
 
@@ -594,7 +594,7 @@ class VPNManager(object):
 
             state = status_step
             if state != self._last_state:
-                self._signaler.signal(self._signaler.EIP_STATE_CHANGED, state)
+                self._signaler.signal(self._signaler.eip_state_changed, state)
                 self._last_state = state
 
     def _parse_status_and_notify(self, output):
@@ -632,7 +632,7 @@ class VPNManager(object):
 
         status = (tun_tap_read, tun_tap_write)
         if status != self._last_status:
-            self._signaler.signal(self._signaler.EIP_STATUS_CHANGED, status)
+            self._signaler.signal(self._signaler.eip_status_changed, status)
             self._last_status = status
 
     def get_state(self):
@@ -869,7 +869,7 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager):
         if isinstance(exit_code, int):
             logger.debug("processExited, status %d" % (exit_code,))
         self._signaler.signal(
-            self._signaler.EIP_PROCESS_FINISHED, exit_code)
+            self._signaler.eip_process_finished, exit_code)
         self._alive = False
 
     def processEnded(self, reason):
-- 
cgit v1.2.3


From 13c0b7cac822a33f7395e3f099a2d37251e2c759 Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Wed, 2 Jul 2014 12:14:59 -0300
Subject: Ask the backend for the country code.

Remove global variable in favor of a helper method that returns the
country code.
Needed in order to split backend/frontend.
---
 src/leap/bitmask/services/eip/vpnlauncher.py | 6 ------
 1 file changed, 6 deletions(-)

(limited to 'src/leap/bitmask/services/eip')

diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py
index 0731bee3..5e2a4743 100644
--- a/src/leap/bitmask/services/eip/vpnlauncher.py
+++ b/src/leap/bitmask/services/eip/vpnlauncher.py
@@ -136,12 +136,6 @@ class VPNLauncher(object):
             logger.error('No gateway was found!')
             raise VPNLauncherException('No gateway was found!')
 
-        # this only works for selecting the first gateway, as we're
-        # currently doing.
-        ccodes = gateway_selector.get_gateways_country_code()
-        gateway_ccode = ccodes[gateways[0]]
-        flags.CURRENT_VPN_COUNTRY = gateway_ccode
-
         logger.debug("Using gateways ips: {0}".format(', '.join(gateways)))
         return gateways
 
-- 
cgit v1.2.3


From 0aee7d6cbc3f2c0b764056966eeddc4057eafd08 Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Fri, 11 Jul 2014 17:24:20 -0300
Subject: Use specific settings for backend.

This way we get rid of Qt on the backend side.
The use of QSettings in the backend was breaking the app on OSX.
---
 src/leap/bitmask/services/eip/vpnlauncher.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/leap/bitmask/services/eip')

diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py
index 5e2a4743..e36fd76b 100644
--- a/src/leap/bitmask/services/eip/vpnlauncher.py
+++ b/src/leap/bitmask/services/eip/vpnlauncher.py
@@ -27,7 +27,7 @@ from abc import ABCMeta, abstractmethod
 from functools import partial
 
 from leap.bitmask.config import flags
-from leap.bitmask.config.leapsettings import LeapSettings
+from leap.bitmask.backend.settings import Settings, GATEWAY_AUTOMATIC
 from leap.bitmask.config.providerconfig import ProviderConfig
 from leap.bitmask.platform_init import IS_LINUX
 from leap.bitmask.services.eip.eipconfig import EIPConfig, VPNGatewaySelector
@@ -122,12 +122,12 @@ class VPNLauncher(object):
         :rtype: list
         """
         gateways = []
-        leap_settings = LeapSettings()
+        settings = Settings()
         domain = providerconfig.get_domain()
-        gateway_conf = leap_settings.get_selected_gateway(domain)
+        gateway_conf = settings.get_selected_gateway(domain)
         gateway_selector = VPNGatewaySelector(eipconfig)
 
-        if gateway_conf == leap_settings.GATEWAY_AUTOMATIC:
+        if gateway_conf == GATEWAY_AUTOMATIC:
             gateways = gateway_selector.get_gateways()
         else:
             gateways = [gateway_conf]
-- 
cgit v1.2.3


From 57ac3750970777bb5b6e372e5eb00f3144098d90 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= <chiiph@leap.se>
Date: Mon, 14 Jul 2014 16:24:59 -0300
Subject: Support EIP in OSX

---
 src/leap/bitmask/services/eip/darwinvpnlauncher.py | 4 +++-
 src/leap/bitmask/services/eip/vpnprocess.py        | 3 +++
 2 files changed, 6 insertions(+), 1 deletion(-)

(limited to 'src/leap/bitmask/services/eip')

diff --git a/src/leap/bitmask/services/eip/darwinvpnlauncher.py b/src/leap/bitmask/services/eip/darwinvpnlauncher.py
index 41d75052..f83e0170 100644
--- a/src/leap/bitmask/services/eip/darwinvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/darwinvpnlauncher.py
@@ -46,7 +46,9 @@ class DarwinVPNLauncher(VPNLauncher):
     INSTALL_MSG = ("\"Bitmask needs administrative privileges to install "
                    "missing scripts and fix permissions.\"")
 
-    INSTALL_PATH = os.path.realpath(os.getcwd() + "/../../")
+    # Hardcode the installation path for OSX for security, openvpn is
+    # run as root
+    INSTALL_PATH = "/Applications/Bitmask.app/"
     INSTALL_PATH_ESCAPED = os.path.realpath(os.getcwd() + "/../../")
     OPENVPN_BIN = 'openvpn.leap'
     OPENVPN_PATH = "%s/Contents/Resources/openvpn" % (INSTALL_PATH,)
diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py
index 3bda3059..1c11a337 100644
--- a/src/leap/bitmask/services/eip/vpnprocess.py
+++ b/src/leap/bitmask/services/eip/vpnprocess.py
@@ -255,6 +255,9 @@ class VPN(object):
         """
         Tear the firewall down using the privileged wrapper.
         """
+        if IS_MAC:
+            # We don't support Mac so far
+            return True
         BM_ROOT = force_eval(linuxvpnlauncher.LinuxVPNLauncher.BITMASK_ROOT)
         exitCode = subprocess.call(["pkexec",
                                     BM_ROOT, "firewall", "stop"])
-- 
cgit v1.2.3


From 432fcab9f838b0bfc81ed8d40d92b4b5d3854f24 Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Wed, 16 Jul 2014 09:39:17 -0300
Subject: Code style fixes.

---
 src/leap/bitmask/services/eip/conductor.py                  |  4 ++--
 src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py |  2 +-
 src/leap/bitmask/services/eip/vpnlauncher.py                | 10 +++++-----
 src/leap/bitmask/services/eip/vpnprocess.py                 |  2 +-
 4 files changed, 9 insertions(+), 9 deletions(-)

(limited to 'src/leap/bitmask/services/eip')

diff --git a/src/leap/bitmask/services/eip/conductor.py b/src/leap/bitmask/services/eip/conductor.py
index dfd27f3d..bb07809a 100644
--- a/src/leap/bitmask/services/eip/conductor.py
+++ b/src/leap/bitmask/services/eip/conductor.py
@@ -202,7 +202,7 @@ class EIPConductor(object):
             # we bypass the on_eip_disconnected here
             plug_restart_on_disconnected()
             self.qtsigs.disconnected_signal.emit()
-            #QtDelayedCall(0, self.qtsigs.disconnected_signal.emit)
+            # QtDelayedCall(0, self.qtsigs.disconnected_signal.emit)
             # ...and reconnect the original signal again, after having used the
             # diversion
             QtDelayedCall(500, reconnect_disconnected_signal)
@@ -301,7 +301,7 @@ class EIPConductor(object):
         # XXX FIXME --- check exitcode is != 0 really.
         # bitmask-root is masking the exitcode, so we might need
         # to fix it on that side.
-        #if exitCode != 0 and not self.user_stopped_eip:
+        # if exitCode != 0 and not self.user_stopped_eip:
         if not self.user_stopped_eip:
             eip_status_label = self._eip_status.tr(
                 "{0} finished in an unexpected manner!")
diff --git a/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py b/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py
index 6640a860..1888f2c9 100644
--- a/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py
+++ b/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py
@@ -30,7 +30,7 @@ import time
 try:
     import unittest2 as unittest
 except ImportError:
-    import unittest
+    import unittest  # noqa - skip 'unused import' warning
 
 from nose.twistedtools import deferred, reactor
 from twisted.internet import threads
diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py
index e36fd76b..72e19413 100644
--- a/src/leap/bitmask/services/eip/vpnlauncher.py
+++ b/src/leap/bitmask/services/eip/vpnlauncher.py
@@ -169,11 +169,11 @@ class VPNLauncher(object):
         leap_assert_type(providerconfig, ProviderConfig)
 
         # XXX this still has to be changed on osx and windows accordingly
-        #kwargs = {}
-        #openvpn_possibilities = which(kls.OPENVPN_BIN, **kwargs)
-        #if not openvpn_possibilities:
-            #raise OpenVPNNotFoundException()
-        #openvpn = first(openvpn_possibilities)
+        # kwargs = {}
+        # openvpn_possibilities = which(kls.OPENVPN_BIN, **kwargs)
+        # if not openvpn_possibilities:
+        #     raise OpenVPNNotFoundException()
+        # openvpn = first(openvpn_possibilities)
         # -----------------------------------------
         openvpn_path = force_eval(kls.OPENVPN_BIN_PATH)
 
diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py
index 1c11a337..d1a3fdaa 100644
--- a/src/leap/bitmask/services/eip/vpnprocess.py
+++ b/src/leap/bitmask/services/eip/vpnprocess.py
@@ -817,7 +817,7 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager):
         leap_assert_type(eipconfig, EIPConfig)
         leap_assert_type(providerconfig, ProviderConfig)
 
-        #leap_assert(not self.isRunning(), "Starting process more than once!")
+        # leap_assert(not self.isRunning(), "Starting process more than once!")
 
         self._eipconfig = eipconfig
         self._providerconfig = providerconfig
-- 
cgit v1.2.3