From 1d4a3d68869dd9c416b104399097a6bb0c1bace3 Mon Sep 17 00:00:00 2001 From: "Kali Kaneko (leap communications)" Date: Wed, 1 Feb 2017 14:49:45 +0100 Subject: [feature] new commands: get_cert --- src/leap/bitmask/vpn/service.py | 91 +++++++++++++++++++++++++++-------------- 1 file changed, 60 insertions(+), 31 deletions(-) (limited to 'src/leap/bitmask/vpn/service.py') diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py index d83a9ef8..59e251da 100644 --- a/src/leap/bitmask/vpn/service.py +++ b/src/leap/bitmask/vpn/service.py @@ -22,16 +22,19 @@ EIP service declaration. import os -from twisted.application import service -from twisted.python import log +from twisted.internet import defer from leap.bitmask.hooks import HookableService -from leap.bitmask.vpn import EIPManager +from leap.bitmask.vpn.eip import EIPManager +from leap.bitmask.vpn._checks import is_service_ready, get_eip_cert_path from leap.common.config import get_path_prefix +from leap.common.files import check_and_fix_urw_only class EIPService(HookableService): + name = 'eip' + def __init__(self, basepath=None): """ Initialize EIP service @@ -45,18 +48,66 @@ class EIPService(HookableService): else: self._basepath = basepath + def startService(self): + print "Starting EIP Service..." + # TODO this could trigger a check for validity of the certificates, + # etc. + super(EIPService, self).startService() + + def stopService(self): + print "Stopping EIP Service..." + super(EIPService, self).stopService() + + def start_vpn(self, domain): + self._setup(domain) + self._eip.start() + self._started = True + return "Starting" + + def stop_vpn(self): + if self._started: + self._eip.stop() + self._started = False + return "Stopping" + else: + return "Not started" + + def do_status(self): + # TODO -- get status from a dedicated STATUS CLASS + return {'result': 'running'} + + def do_check(self): + """Check whether the EIP Service is properly configured, + and can be started""" + # TODO either pass a provider, or set a given provider + _ready = is_service_ready('demo.bitmask.net') + return {'eip_ready': 'ok'} + + @defer.inlineCallbacks + def do_get_cert(self, provider): + # fetch vpn cert and store + bonafide = self.parent.getServiceNamed("bonafide") + _, cert_str = yield bonafide.do_get_vpn_cert() + + cert_path = get_eip_cert_path(provider) + cert_dir = os.path.dirname(cert_path) + if not os.path.exists(cert_dir): + os.makedirs(cert_dir, mode=0700) + with open(cert_path, 'w') as outf: + outf.write(cert_str) + check_and_fix_urw_only(cert_path) + defer.returnValue({'get_cert': 'ok'}) + def _setup(self, provider): - """ - Set up EIPManager for a specified provider. + """Set up EIPManager for a specified provider. :param provider: the provider to use, e.g. 'demo.bitmask.net' - :type provider: str - """ + :type provider: str""" # FIXME # XXX picked manually from eip-service.json remotes = ( - ("198.252.153.84", "1194"), - ("46.165.242.169", "1194"), + ("198.252.153.84", "1194 "), + ("46.165.242.169", "1194 "), ) prefix = os.path.join(self._basepath, @@ -76,25 +127,3 @@ class EIPService(HookableService): self._eip = EIPManager(remotes, cert_path, key_path, ca_path, extra_flags) - - def startService(self): - print "Starting EIP Service..." - super(EIPService, self).startService() - - def stopService(self): - print "Stopping EIP Service..." - super(EIPService, self).stopService() - - def do_start(self, domain): - self._setup(domain) - self._eip.start() - self._started = True - return "Starting" - - def do_stop(self): - if self._started: - self._eip.stop() - self._started = False - return "Stopping" - else: - return "Not started" -- cgit v1.2.3