From 37e783274b55ecf0c57b517f574f6cab5167427e Mon Sep 17 00:00:00 2001 From: Ivan Alejandro Date: Mon, 7 Oct 2013 11:29:28 -0300 Subject: Add support for running lxde polkit agent. --- src/leap/bitmask/services/eip/linuxvpnlauncher.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'src/leap/bitmask/services') diff --git a/src/leap/bitmask/services/eip/linuxvpnlauncher.py b/src/leap/bitmask/services/eip/linuxvpnlauncher.py index c2c28627..efb23285 100644 --- a/src/leap/bitmask/services/eip/linuxvpnlauncher.py +++ b/src/leap/bitmask/services/eip/linuxvpnlauncher.py @@ -61,9 +61,13 @@ def _is_auth_agent_running(): :return: True if it's running, False if it's not. :rtype: boolean """ - ps = 'ps aux | grep polkit-%s-authentication-agent-1' - opts = (ps % case for case in ['[g]nome', '[k]de']) - is_running = map(lambda l: commands.getoutput(l), opts) + # the [x] thing is to avoid grep match itself + polkit_options = [ + 'ps aux | grep polkit-[g]nome-authentication-agent-1', + 'ps aux | grep polkit-[k]de-authentication-agent-1', + 'ps aux | grep [l]xpolkit' + ] + is_running = [commands.getoutput(cmd) for cmd in polkit_options] return any(is_running) -- cgit v1.2.3 From ac51cb85da434b8dfc75ffa800b6d5cbaab1c84a Mon Sep 17 00:00:00 2001 From: Kali Kaneko Date: Sun, 6 Oct 2013 21:50:01 -0400 Subject: openvpn observer reacts to tls-restart, ping-restart and network unreachable. --- src/leap/bitmask/services/eip/connection.py | 1 + src/leap/bitmask/services/eip/vpnlauncher.py | 4 ++ src/leap/bitmask/services/eip/vpnprocess.py | 97 +++++++++++++++++++++++++++- 3 files changed, 99 insertions(+), 3 deletions(-) (limited to 'src/leap/bitmask/services') diff --git a/src/leap/bitmask/services/eip/connection.py b/src/leap/bitmask/services/eip/connection.py index 08b29070..962d9cf2 100644 --- a/src/leap/bitmask/services/eip/connection.py +++ b/src/leap/bitmask/services/eip/connection.py @@ -46,4 +46,5 @@ class EIPConnectionSignals(QtCore.QObject): class EIPConnection(AbstractLEAPConnection): def __init__(self): + # XXX this should be public instead self._qtsigs = EIPConnectionSignals() diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py index 935d75f1..82d8ea48 100644 --- a/src/leap/bitmask/services/eip/vpnlauncher.py +++ b/src/leap/bitmask/services/eip/vpnlauncher.py @@ -241,6 +241,10 @@ class VPNLauncher(object): '--ca', providerconfig.get_ca_cert_path() ] + args += [ + '--ping', '10', + '--ping-restart', '30'] + command_and_args = [openvpn] + args logger.debug("Running VPN with command:") logger.debug(" ".join(command_and_args)) diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py index 707967e0..9baa4c53 100644 --- a/src/leap/bitmask/services/eip/vpnprocess.py +++ b/src/leap/bitmask/services/eip/vpnprocess.py @@ -24,6 +24,8 @@ import psutil.error import shutil import socket +from itertools import chain, repeat + from PySide import QtCore from leap.bitmask.config.providerconfig import ProviderConfig @@ -50,14 +52,93 @@ class VPNSignals(QtCore.QObject): They are instantiated in the VPN object and passed along till the VPNProcess. """ + # signals for the process state_changed = QtCore.Signal(dict) status_changed = QtCore.Signal(dict) process_finished = QtCore.Signal(int) + # signals that come from parsing + # openvpn output + network_unreachable = QtCore.Signal() + process_restart_tls = QtCore.Signal() + process_restart_ping = QtCore.Signal() + def __init__(self): QtCore.QObject.__init__(self) +class VPNObserver(object): + """ + A class containing different patterns in the openvpn output that + we can react upon. + """ + + # TODO this is i18n-sensitive, right? + # in that case, we should add the translations :/ + # until we find something better. + + _events = { + 'NETWORK_UNREACHABLE': ( + 'Network is unreachable (code=101)',), + 'PROCESS_RESTART_TLS': ( + "SIGUSR1[soft,tls-error]",), + 'PROCESS_RESTART_PING': ( + "SIGUSR1[soft,ping-restart]",), + 'INITIALIZATION_COMPLETED': ( + "Initialization Sequence Completed",), + } + + def __init__(self, qtsigs): + """ + Initializer. Keeps a reference to the passed qtsigs object + :param qtsigs: an object containing the different qt signals to + be used to communicate with different parts of + the application (the EIP state machine, for instance). + """ + self._qtsigs = qtsigs + + def watch(self, line): + """ + Inspects line searching for the different patterns. If a match + is found, try to emit the corresponding signal. + + :param line: a line of openvpn output + :type line: str + """ + chained_iter = chain(*[ + zip(repeat(key, len(l)), l) + for key, l in self._events.iteritems()]) + for event, pattern in chained_iter: + if pattern in line: + logger.debug('pattern matched! %s' % pattern) + break + else: + return + + sig = self._get_signal(event) + if sig: + sig.emit() + return + else: + logger.debug( + 'We got %s event from openvpn output but we ' + 'could not find a matching signal for it.' + % event) + + def _get_signal(self, event): + """ + Tries to get the matching signal from the eip signals + objects based on the name of the passed event (in lowercase) + + :param event: the name of the event that we want to get a signal + for + :type event: str + :returns: a QtSignal, or None + :rtype: QtSignal or None + """ + return getattr(self._qtsigs, event.lower(), None) + + class OpenVPNAlreadyRunning(Exception): message = ("Another openvpn instance is already running, and could " "not be stopped.") @@ -160,10 +241,14 @@ class VPN(object): tries += 1 reactor.callLater(self.TERMINATE_WAIT, self._kill_if_left_alive, tries) + return # after running out of patience, we try a killProcess logger.debug("Process did not died. Sending a SIGKILL.") - self.killit() + try: + self.killit() + except OSError: + logger.error("Could not kill process!") def killit(self): """ @@ -654,6 +739,7 @@ class VPNManager(object): raise OpenVPNAlreadyRunning + class VPNProcess(protocol.ProcessProtocol, VPNManager): """ A ProcessProtocol class that can be used to spawn a process that will @@ -703,8 +789,12 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager): self._last_status = None self._alive = False + # XXX use flags, maybe, instead of passing + # the parameter around. self._openvpn_verb = openvpn_verb + self._vpn_observer = VPNObserver(qtsigs) + # processProtocol methods def connectionMade(self): @@ -726,8 +816,9 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager): .. seeAlso: `http://twistedmatrix.com/documents/13.0.0/api/twisted.internet.protocol.ProcessProtocol.html` # noqa """ # truncate the newline - # should send this to the logging window - vpnlog.info(data[:-1]) + line = data[:-1] + vpnlog.info(line) + self._vpn_observer.watch(line) def processExited(self, reason): """ -- cgit v1.2.3 From b4d68f51db92564d5af6db71a092f7f6b48b93aa Mon Sep 17 00:00:00 2001 From: Kali Kaneko Date: Wed, 9 Oct 2013 23:37:20 -0300 Subject: catch u1db errors --- src/leap/bitmask/services/soledad/soledadbootstrapper.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/leap/bitmask/services') diff --git a/src/leap/bitmask/services/soledad/soledadbootstrapper.py b/src/leap/bitmask/services/soledad/soledadbootstrapper.py index 7968dd6a..409389be 100644 --- a/src/leap/bitmask/services/soledad/soledadbootstrapper.py +++ b/src/leap/bitmask/services/soledad/soledadbootstrapper.py @@ -264,6 +264,10 @@ class SoledadBootstrapper(AbstractBootstrapper): logger.error("Error while initializing soledad " "(unauthorized).") self.soledad_failed.emit() + except u1db_errors.HTTPError as exc: + logger.exception("Error whie initializing soledad " + "(HTTPError)") + self.soledad_failed.emit() except Exception as exc: logger.exception("Unhandled error while initializating " "soledad: %r" % (exc,)) -- cgit v1.2.3 From c8f754eed56a7937da0eece0b1a5bc4e1d8135e2 Mon Sep 17 00:00:00 2001 From: Kali Kaneko Date: Fri, 11 Oct 2013 11:31:34 -0300 Subject: updated strings to 0.3.4 release --- src/leap/bitmask/services/eip/vpnlauncher.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/leap/bitmask/services') diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py index 82d8ea48..2ac4c325 100644 --- a/src/leap/bitmask/services/eip/vpnlauncher.py +++ b/src/leap/bitmask/services/eip/vpnlauncher.py @@ -164,7 +164,7 @@ class VPNLauncher(object): if not gateways: logger.error('No gateway was found!') - raise VPNLauncherException(kls.tr('No gateway was found!')) + raise VPNLauncherException('No gateway was found!') logger.debug("Using gateways ips: {0}".format(', '.join(gateways))) -- cgit v1.2.3 From 23107e1cf7670b0ee01c73284bbf9d7a21e4a92c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= Date: Mon, 14 Oct 2013 15:34:42 -0300 Subject: Default UP/DOWN_SCRIPTs to None and add them only if not None --- src/leap/bitmask/services/eip/vpnlauncher.py | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) (limited to 'src/leap/bitmask/services') diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py index 2ac4c325..bce3599b 100644 --- a/src/leap/bitmask/services/eip/vpnlauncher.py +++ b/src/leap/bitmask/services/eip/vpnlauncher.py @@ -102,6 +102,8 @@ class VPNLauncher(object): UPDOWN_FILES = None OTHER_FILES = None + UP_SCRIPT = None + DOWN_SCRIPT = None @classmethod @abstractmethod @@ -211,15 +213,17 @@ class VPNLauncher(object): '--script-security', '2' ] - if _has_updown_scripts(kls.UP_SCRIPT): - args += [ - '--up', '\"%s\"' % (kls.UP_SCRIPT,), - ] - - if _has_updown_scripts(kls.DOWN_SCRIPT): - args += [ - '--down', '\"%s\"' % (kls.DOWN_SCRIPT,) - ] + if kls.UP_SCRIPT is not None: + if _has_updown_scripts(kls.UP_SCRIPT): + args += [ + '--up', '\"%s\"' % (kls.UP_SCRIPT,), + ] + + if kls.DOWN_SCRIPT is not None: + if _has_updown_scripts(kls.DOWN_SCRIPT): + args += [ + '--down', '\"%s\"' % (kls.DOWN_SCRIPT,) + ] ########################################################### # For the time being we are disabling the usage of the -- cgit v1.2.3 From e1e946cd78e0a30a88aca1a24624fcf0878753be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= Date: Mon, 14 Oct 2013 15:35:09 -0300 Subject: Use .exe extension on windows --- src/leap/bitmask/services/soledad/soledadbootstrapper.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/leap/bitmask/services') diff --git a/src/leap/bitmask/services/soledad/soledadbootstrapper.py b/src/leap/bitmask/services/soledad/soledadbootstrapper.py index 409389be..4619ba80 100644 --- a/src/leap/bitmask/services/soledad/soledadbootstrapper.py +++ b/src/leap/bitmask/services/soledad/soledadbootstrapper.py @@ -34,6 +34,7 @@ from leap.bitmask.services.abstractbootstrapper import AbstractBootstrapper from leap.bitmask.services.soledad.soledadconfig import SoledadConfig from leap.bitmask.util import is_file, is_empty_file from leap.bitmask.util import get_path_prefix +from leap.bitmask.platform_init import IS_WIN from leap.common.check import leap_assert, leap_assert_type, leap_check from leap.common.files import which from leap.keymanager import KeyManager, openpgp @@ -319,11 +320,12 @@ class SoledadBootstrapper(AbstractBootstrapper): :returns: the gpg binary path :rtype: str """ - # TODO: Fix for Windows gpgbin = None if flags.STANDALONE: gpgbin = os.path.join( get_path_prefix(), "..", "apps", "mail", "gpg") + if IS_WIN: + gpgbin += ".exe" else: try: gpgbin_options = which("gpg") -- cgit v1.2.3 From a0d827d28e7aba2e55be9b1cbf04292e6c385c34 Mon Sep 17 00:00:00 2001 From: Ivan Alejandro Date: Tue, 15 Oct 2013 11:46:08 -0300 Subject: Fix pep8 violations. --- src/leap/bitmask/services/eip/vpnprocess.py | 1 - 1 file changed, 1 deletion(-) (limited to 'src/leap/bitmask/services') diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py index 9baa4c53..19e1aa7b 100644 --- a/src/leap/bitmask/services/eip/vpnprocess.py +++ b/src/leap/bitmask/services/eip/vpnprocess.py @@ -739,7 +739,6 @@ class VPNManager(object): raise OpenVPNAlreadyRunning - class VPNProcess(protocol.ProcessProtocol, VPNManager): """ A ProcessProtocol class that can be used to spawn a process that will -- cgit v1.2.3