From 92957c4b666d6e5fc54275d8857692a12b0fb209 Mon Sep 17 00:00:00 2001 From: Ruben Pollan Date: Wed, 1 Mar 2017 19:32:54 +0100 Subject: [feat] get VPN params from eip-service.json Instead of hardcoding them in the code. --- src/leap/bitmask/vpn/launcher.py | 6 +++++- src/leap/bitmask/vpn/process.py | 13 +------------ src/leap/bitmask/vpn/service.py | 26 +++++++++----------------- 3 files changed, 15 insertions(+), 30 deletions(-) (limited to 'src/leap/bitmask/vpn') diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py index 28910fa7..3006d6da 100644 --- a/src/leap/bitmask/vpn/launcher.py +++ b/src/leap/bitmask/vpn/launcher.py @@ -229,7 +229,11 @@ class VPNLauncher(object): openvpn_configuration = vpnconfig.get_openvpn_configuration() for key, value in openvpn_configuration.items(): - args += ['--%s' % (key,), value] + if type(value) is bool: + if value: + args += ['--%s' % (key,)] + else: + args += ['--%s' % (key,), value] user = getpass.getuser() diff --git a/src/leap/bitmask/vpn/process.py b/src/leap/bitmask/vpn/process.py index 533a45cf..cb67eff3 100644 --- a/src/leap/bitmask/vpn/process.py +++ b/src/leap/bitmask/vpn/process.py @@ -22,24 +22,13 @@ A custom processProtocol launches the VPNProcess and connects to its management interface. """ -import os -import shutil -import socket -import subprocess import sys -from itertools import chain, repeat - -from twisted.internet import defer, protocol, reactor +from twisted.internet import protocol, reactor from twisted.internet import error as internet_error -from twisted.internet.task import LoopingCall from twisted.logger import Logger -from leap.bitmask.vpn.constants import IS_MAC -from leap.bitmask.vpn.utils import first, force_eval from leap.bitmask.vpn.utils import get_vpn_launcher -from leap.bitmask.vpn.launchers import linux -from leap.bitmask.vpn._telnet import UDSTelnet from leap.bitmask.vpn import _status from leap.bitmask.vpn import _management diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py index 60de0f66..c23397cf 100644 --- a/src/leap/bitmask/vpn/service.py +++ b/src/leap/bitmask/vpn/service.py @@ -61,13 +61,14 @@ class VPNService(HookableService): print "Stopping VPN Service..." super(VPNService, self).stopService() + @defer.inlineCallbacks def start_vpn(self, domain): # TODO check if the VPN is started and return an error if it is. - self._setup(domain) + yield self._setup(domain) self._vpn.start() self._started = True self._domain = domain - return {'result': 'started'} + defer.returnValue({'result': 'started'}) def stop_vpn(self): # TODO ----------------------------- @@ -120,32 +121,23 @@ class VPNService(HookableService): ask = privilege.uninstall_helpers() return {'uninstall': 'ok'} + @defer.inlineCallbacks def _setup(self, provider): """Set up VPNManager for a specified provider. :param provider: the provider to use, e.g. 'demo.bitmask.net' :type provider: str""" - # FIXME --------------------------------------------------------- - # XXX picked manually from eip-service.json - remotes = ( - ("198.252.153.84", "1194"), - ("46.165.242.169", "1194"), - ) + bonafide = self.parent.getServiceNamed("bonafide") + config = yield bonafide.do_provider_read(provider, "eip") + remotes = [(gw["ip_address"], gw["capabilities"]["ports"][0]) + for gw in config.gateways] + extra_flags = config.openvpn_configuration prefix = os.path.join(self._basepath, "leap/providers/{0}/keys".format(provider)) cert_path = key_path = prefix + "/client/openvpn.pem" ca_path = prefix + "/ca/cacert.pem" - # FIXME - # XXX picked manually from vpn-service.json - extra_flags = { - "auth": "SHA1", - "cipher": "AES-128-CBC", - "keepalive": "10 30", - "tls-cipher": "DHE-RSA-AES128-SHA", - } - self._vpn = VPNManager(remotes, cert_path, key_path, ca_path, extra_flags) -- cgit v1.2.3