diff options
-rw-r--r-- | Makefile | 73 | ||||
-rwxr-xr-x | openvpn/openvpn.sh | 123 | ||||
-rw-r--r-- | pkg/deps.mk | 28 | ||||
-rw-r--r-- | pkg/osx/Makefile | 51 | ||||
-rwxr-xr-x | pkg/osx/bitmask-wrapper | 3 | ||||
-rw-r--r-- | pkg/osx/install/tun.kext/Info.plist | 36 | ||||
-rwxr-xr-x | pkg/osx/post-inst.sh | 4 | ||||
-rw-r--r-- | pkg/pyinst/pyinst-build.mk | 34 | ||||
-rw-r--r-- | pkg/tools/profile.mk | 23 | ||||
-rw-r--r-- | src/leap/bitmask/services/eip/darwinvpnlauncher.py | 5 |
10 files changed, 212 insertions, 168 deletions
@@ -43,6 +43,8 @@ LRELE = lrelease # pyinst dist dir DIST = dist/bitmask/ +DIST_OSX = dist/Bitmask.app/ +DIST_OSX_RES = dist/Bitmask.app/Contents/Resources/ NEXT_VERSION = $(shell cat pkg/next-version) DIST_VERSION = dist/bitmask-$(NEXT_VERSION)/ GIT_COMMIT = $(shell git rev-parse HEAD) @@ -95,78 +97,11 @@ manpages: apidocs: @sphinx-apidoc -o docs/api src/leap/bitmask -do_cprofile: - python -m cProfile -o bitmask.cprofile src/leap/bitmask/app.py --debug -N - -view_cprofile: - cprofilev bitmask.cprofile - -mailprofile: - gprof2dot -f pstats /tmp/leap_mail_profile.pstats -n 0.2 -e 0.2 | dot -Tpdf -o /tmp/leap_mail_profile.pdf - -do_lineprof: - LEAP_PROFILE_IMAPCMD=1 LEAP_MAIL_MANHOLE=1 kernprof.py -l src/leap/bitmask/app.py --debug - -do_lineprof_offline: - LEAP_PROFILE_IMAPCMD=1 LEAP_MAIL_MANHOLE=1 kernprof.py -l src/leap/bitmask/app.py --offline --debug -N - -view_lineprof: - @python -m line_profiler app.py.lprof | $(EDITOR) - - -resource_graph: - #./pkg/scripts/monitor_resource.zsh `ps aux | grep app.py | head -1 | awk '{print $$2}'` $(RESOURCE_TIME) - ./pkg/scripts/monitor_resource.zsh `pgrep bitmask` $(RESOURCE_TIME) - display bitmask-resources.png - -get_wheels: - pip install --upgrade setuptools - pip install --upgrade pip - pip install wheel - -gather_wheels: - pip wheel --wheel-dir=../wheelhouse pyzmq --build-option "--zmq=bundled" - # because fuck u1db externals, that's why... - pip wheel --wheel-dir=../wheelhouse --allow-external dirspec --allow-unverified dirspec --allow-external u1db --allow-unverified u1db -r pkg/requirements.pip - -install_wheel: - # if it's the first time, you'll need to get_wheels first - pip install --pre --use-wheel --no-index --find-links=../wheelhouse -r pkg/requirements.pip - -gather_deps: - pipdeptree | pkg/scripts/filter-bitmask-deps - -install_base_deps: - for repo in leap_pycommon keymanager leap_mail soledad/common soledad/client; do cd $(CURDIR)/../$$repo && pkg/pip_install_requirements.sh; done - pkg/pip_install_requirements.sh - -pull_leapdeps: - for repo in $(LEAP_REPOS); do cd $(CURDIR)/../$$repo && git pull; done - -checkout_leapdeps_develop: - for repo in $(LEAP_REPOS); do cd $(CURDIR)/../$$repo && git checkout develop; done - git checkout develop - +include pkg/deps.mk +include pkg/tools/profile.mk include pkg/sumo-tarballs.mk include pkg/pyinst/pyinst-build.mk include pkg/branding/branding.mk -pyinst_osx: pyinst - mv dist/Bitmask.app/Contents/MacOS/bitmask dist/Bitmask.app/Contents/MacOS/bitmask-app - cp pkg/osx/bitmask-wrapper dist/Bitmask.app/Contents/MacOS/bitmask - mkdir -p dist/Bitmask.app/Contents/Resources/bitmask-helper - cp pkg/osx/client.up.sh dist/Bitmask.app/Contents/Resources/ - cp pkg/osx/client.down.sh dist/Bitmask.app/Contents/Resources/ - cp pkg/osx/bitmask-helper dist/Bitmask.app/Contents/Resources/bitmask-helper/ - cp pkg/osx/bitmask.pf.conf dist/Bitmask.app/Contents/Resources/bitmask-helper/ - cp pkg/osx/se.leap.bitmask-helper.plist dist/Bitmask.app/Contents/Resources/bitmask-helper/ - cp pkg/osx/post-inst.sh dist/Bitmask.app/Contents/Resources/bitmask-helper/ - cp pkg/osx/daemon.py dist/Bitmask.app/Contents/Resources/bitmask-helper/ - # XXX hack... this contains the gpg binary (brew), but we need to build it from sources. - cp -r src/leap/bitmask/util/apps dist/Bitmask.app/Contents/MacOS/ - # XXX hack... this contains the openvpn binary (brew), but we need to build it from sources. - cp -r src/leap/bitmask/util/openvpn.leap dist/Bitmask.app/Contents/Resources/ - # XXX this should be taken care of by pyinstaller data collector - cp $(VIRTUAL_ENV)/lib/python2.7/site-packages/leap/common/cacert.pem dist/Bitmask.app/Contents/MacOS/ - clean : $(RM) $(COMPILED_UI) $(COMPILED_RESOURCES) $(COMPILED_UI:.py=.pyc) $(COMPILED_RESOURCES:.py=.pyc) diff --git a/openvpn/openvpn.sh b/openvpn/openvpn.sh new file mode 100755 index 00000000..db63c987 --- /dev/null +++ b/openvpn/openvpn.sh @@ -0,0 +1,123 @@ +#!/bin/bash + +set -e +set -x + +mkdir -p ~/openvpn && cd ~/openvpn + +BASE=`pwd` +SRC=$BASE/src +WGET="wget --prefer-family=IPv4" +DEST=$BASE/stuff +LDFLAGS="-L$DEST/lib -Wl" +CPPFLAGS="-I$DEST/include" +CFLAGS="-O3" +CXXFLAGS=$CFLAGS +CONFIGURE="./configure --prefix=/stuff" +MAKE="make -j2" +mkdir -p $SRC + +######## #################################################################### +# ZLIB # #################################################################### +######## #################################################################### + +mkdir $SRC/zlib && cd $SRC/zlib + +if [ ! -f zlib-1.2.8.tar.gz ]; then + $WGET http://zlib.net/zlib-1.2.8.tar.gz +fi +tar zxvf zlib-1.2.8.tar.gz +cd zlib-1.2.8 + +LDFLAGS=$LDFLAGS \ +CPPFLAGS=$CPPFLAGS \ +CFLAGS=$CFLAGS \ +CXXFLAGS=$CXXFLAGS \ +./configure \ +--prefix=/stuff + +$MAKE +make install DESTDIR=$BASE + +########### ################################################################# +# OPENSSL # ################################################################# +########### ################################################################# + +#mkdir -p $SRC/openssl && cd $SRC/openssl +#if [ ! -f openssl-1.0.2f.tar.gz ]; then +# $WGET https://www.openssl.org/source/openssl-1.0.2f.tar.gz +#fi +#tar zxvf openssl-1.0.2f.tar.gz +#cd openssl-1.0.2f + +#./Configure darwin64-x86_64-cc \ +#-Wl \ +#--prefix=/opts zlib \ +#--with-zlib-lib=$DEST/lib \ +#--with-zlib-include=$DEST/include + +#$MAKE +#make install INSTALLTOP=$DEST OPENSSLDIR=$DEST/ssl + +############ ################################################################# +# POLARSSL # ################################################################# +############ ################################################################# + +mkdir -p $SRC/polarssl && cd $SRC/polarssl +if [ ! -f polarssl-1.3.9-gpl.tgz ]; then + $WGET https://tls.mbed.org/download/polarssl-1.3.9-gpl.tgz +fi +tar zxvf polarssl-1.3.9-gpl.tgz +cd polarssl-1.3.9 +mkdir build +cd build +cmake .. +$MAKE +make install DESTDIR=$BASE + +######## #################################################################### +# LZO2 # #################################################################### +######## #################################################################### + +mkdir $SRC/lzo2 && cd $SRC/lzo2 +if [ ! -f lzo-2.09.tar.gz ]; then + $WGET http://www.oberhumer.com/opensource/lzo/download/lzo-2.09.tar.gz +fi +tar zxvf lzo-2.09.tar.gz +cd lzo-2.09 + +LDFLAGS=$LDFLAGS \ +CPPFLAGS=$CPPFLAGS \ +CFLAGS=$CFLAGS \ +CXXFLAGS=$CXXFLAGS \ +$CONFIGURE + +$MAKE +make install DESTDIR=$BASE + +########### ################################################################# +# OPENVPN # ################################################################# +########### ################################################################# + +mkdir $SRC/openvpn && cd $SRC/openvpn +if [ ! -f openvpn-2.3.10.tar.gz ]; then + $WGET http://swupdate.openvpn.org/community/releases/openvpn-2.3.10.tar.gz +fi +tar zxvf openvpn-2.3.10.tar.gz +cd openvpn-2.3.10 + +# OPENSSL_SSL_LIBS=$DEST/lib/ + +POLARSSL_CFLAGS=-I$DEST/usr/local/include \ +POLARSSL_LIBS=$DEST/lib/libpolarssl.a \ +LDFLAGS=$LDFLAGS \ +CPPFLAGS=$CPPFLAGS \ +CFLAGS=$CFLAGS \ +CXXFLAGS=$CXXFLAGS \ +$CONFIGURE \ +--disable-plugin-auth-pam \ +--enable-password-save \ +--with-crypto-library=polarssl + +$MAKE LIBS="-all-static -lssl -lcrypto -lz -llzo2" +make install DESTDIR=$BASE/openvpn diff --git a/pkg/deps.mk b/pkg/deps.mk new file mode 100644 index 00000000..26bed466 --- /dev/null +++ b/pkg/deps.mk @@ -0,0 +1,28 @@ +get_wheels: + pip install --upgrade setuptools + pip install --upgrade pip + pip install wheel + +gather_wheels: + pip wheel --wheel-dir=../wheelhouse pyzmq --build-option "--zmq=bundled" + # because fuck u1db externals, that's why... + pip wheel --wheel-dir=../wheelhouse --allow-external dirspec --allow-unverified dirspec --allow-external u1db --allow-unverified u1db -r pkg/requirements.pip + +install_wheel: + # if it's the first time, you'll need to get_wheels first + pip install --pre --use-wheel --no-index --find-links=../wheelhouse -r pkg/requirements.pip + +gather_deps: + pipdeptree | pkg/scripts/filter-bitmask-deps + +install_base_deps: + for repo in leap_pycommon keymanager leap_mail soledad/common soledad/client; do cd $(CURDIR)/../$$repo && pkg/pip_install_requirements.sh; done + pkg/pip_install_requirements.sh + +pull_leapdeps: + for repo in $(LEAP_REPOS); do cd $(CURDIR)/../$$repo && git pull; done + +checkout_leapdeps_develop: + for repo in $(LEAP_REPOS); do cd $(CURDIR)/../$$repo && git checkout develop; done + git checkout develop + diff --git a/pkg/osx/Makefile b/pkg/osx/Makefile deleted file mode 100644 index 15dfb810..00000000 --- a/pkg/osx/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -OSX = dist/LEAP\ Client.app/Contents/MacOS/ -GITC = `git rev-parse --short HEAD` -DMG = "dist/leap-client-$(GITC).dmg" -INST = "dist/LEAP Client installer.app" -INSTR = "dist/LEAP Client installer.app/Contents/Resources" - -pkg : check-env dist tuntap installer dmg - -dist : - ~/pyinstaller/pyinstaller.py -w -s leap-client.spec - cp -r /opt/local/Library/Frameworks/QtGui.framework/Versions/4/Resources/qt_menu.nib "dist/LEAP Client.app/Contents/Resources" - cp Info.plist "dist/LEAP Client.app/Contents/Info.plist" - cp ../../data/images/leap-client.icns "dist/LEAP Client.app/Contents/Resources/icon-windowed.icns" - -trim: - #XXX this should go properly in pyinstaller spec excludes, but going quick'n'dirty - #XXX adapt to PySide - rm $(OSX)QtSvg $(OSX)QtXml $(OSX)QtNetwork $(OSX)QtOpenGL $(OSX)Qt3Support $(OSX)QtSql - -tuntap: - ./build_tuntaposx clean && ./build_tuntaposx - -installer: - #XXX need to fix some paths there (binary, etc) - platypus -P install/leap-installer.platypus -y $(INST) - # build tuntaposx kernel extension - mkdir $(INSTR)/StartupItems - mkdir $(INSTR)/Extensions - cp -r dist/tun.kext $(INSTR)/Extensions - cp -r dist/tuntaposx/StartupItems/* $(INSTR)/StartupItems - cp install/tun.kext/Info.plist $(INSTR)/Extensions/tun.kext/Contents/ - #copy the binary that we have previously built (not yet) - cp ../../openvpn/build/openvpn.leap $(INSTR) - #copy startup scripts - cp install/client.up.sh $(INSTR) - cp install/client.down.sh $(INSTR) - cp install/ProcessNetworkChanges.plist.template $(INSTR) - #Finally, copy application bundle... - cp -r "dist/LEAP Client.app" $(INSTR) - -dmg : - rm -f $(DMG) - hdiutil create -format UDBZ -srcfolder $(INST) $(DMG) - -check-env: -ifndef VIRTUAL_ENV - $(error WHAT DO YOU THINK VIRTUALENV IS FOR??!! Please go get into one..) -endif - -clean : - rm -rf dist/ build/ diff --git a/pkg/osx/bitmask-wrapper b/pkg/osx/bitmask-wrapper deleted file mode 100755 index 240fc186..00000000 --- a/pkg/osx/bitmask-wrapper +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) -exec $DIR/bitmask-app --debug --danger diff --git a/pkg/osx/install/tun.kext/Info.plist b/pkg/osx/install/tun.kext/Info.plist deleted file mode 100644 index fb69ba85..00000000 --- a/pkg/osx/install/tun.kext/Info.plist +++ /dev/null @@ -1,36 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> -<plist version="1.0"> -<dict> - <key>CFBundleDevelopmentRegion</key> - <string>English</string> - <key>CFBundleExecutable</key> - <string>tun</string> - <key>CFBundleIdentifier</key> - <string>leap.tun</string> - <key>CFBundleInfoDictionaryVersion</key> - <string>6.0</string> - <key>CFBundleName</key> - <string>tun</string> - <key>CFBundlePackageType</key> - <string>KEXT</string> - <key>CFBundleShortVersionString</key> - <string>20120120</string> - <key>CFBundleSignature</key> - <string>????</string> - <key>CFBundleVersion</key> - <string>1.0</string> - <key>OSBundleLibraries</key> - <dict> - <key>com.apple.kpi.mach</key> - <string>8.0</string> - <key>com.apple.kpi.bsd</key> - <string>8.0</string> - <key>com.apple.kpi.libkern</key> - <string>8.0</string> - <key>com.apple.kpi.unsupported</key> - <string>8.0</string> - </dict> -</dict> -</plist> - diff --git a/pkg/osx/post-inst.sh b/pkg/osx/post-inst.sh index 2fc719f0..03dc4d2f 100755 --- a/pkg/osx/post-inst.sh +++ b/pkg/osx/post-inst.sh @@ -1,6 +1,8 @@ #!/bin/sh -# Post-Instalation script +# Bitmask Post-Instalation script cp se.leap.bitmask-helper.plist /Library/LaunchDaemons/ launchctl load /Library/LaunchDaemons/se.leap.bitmask-helper.plist +cp tuntap_20150118.pkg /tmp/ +open /tmp/tuntap_20150118.pkg diff --git a/pkg/pyinst/pyinst-build.mk b/pkg/pyinst/pyinst-build.mk index 9595ad50..835c793c 100644 --- a/pkg/pyinst/pyinst-build.mk +++ b/pkg/pyinst/pyinst-build.mk @@ -12,8 +12,9 @@ pyinst: freeze-ver hash-binaries reset-ver: git checkout -- src/leap/bitmask/_version.py -pyinst-hacks: - cp ../leap_common/src/leap/common/cacert.pem $(DIST) +pyinst-hacks-linux: + # XXX this should be taken care of by pyinstaller data collector + cp $(VIRTUAL_ENV)/lib/python2.7/site-packages/leap/common/cacert.pem $(DIST) mkdir -p $(DIST)pysqlcipher mkdir -p $(DIST)pixelated mkdir -p $(DIST)twisted/web @@ -22,15 +23,17 @@ pyinst-hacks: cp -r $(VIRTUAL_ENV)/lib/python2.7/site-packages/pixelated/assets/ $(DIST)pixelated cp -r $(VIRTUAL_ENV)/lib/python2.7/site-packages/twisted/web/failure.xhtml $(DIST)twisted/web/ +pyinst-hacks-osx: + # XXX this should be taken care of by pyinstaller data collector + cp $(VIRTUAL_ENV)/lib/python2.7/site-packages/leap/common/cacert.pem $(DIST_OSX)Contents/MacOS/ + # XXX need the rest??? + pyinst-trim: rm -f $(DIST)libQtOpenGL.so.4 rm -f $(DIST)libQtSql.so.4 rm -f $(DIST)libQt3Support.so.4 rm -f $(DIST)libaudio.so.2 rm -f $(DIST)libnvidia-* - #rm -f dist/bitmask/libgstvideo-1.0.so.0 - #rm -f dist/bitmask/libgstaudio0.0.so.0 - #rm -f dist/bitmask/libgstreamer-1.0.so.0 pyinst-cleanup: rm -rf $(DIST)config @@ -44,7 +47,7 @@ pyinst-distribution-data: cp pkg/PixelatedWebmail.README $(DIST_VERSION) cp LICENSE $(DIST_VERSION) -pyinst-linux-helpers: +pyinst-helpers-linux: mkdir -p $(DIST_VERSION)apps/eip/files cp $(LEAP_BUILD_DIR)openvpn $(DIST_VERSION)apps/eip/files/leap-openvpn cp pkg/linux/bitmask-root $(DIST_VERSION)apps/eip/files/ @@ -53,6 +56,21 @@ pyinst-linux-helpers: mkdir -p $(DIST_VERSION)apps/mail cp $(LEAP_BUILD_DIR)gpg $(DIST_VERSION)apps/mail +pyinst-helpers-osx: + mkdir -p $(DIST_OSX_RES)bitmask-helper + cp pkg/osx/client.up.sh $(DIST_OSX_RES) + cp pkg/osx/client.down.sh $(DIST_OSX_RES) + cp pkg/osx/bitmask-helper $(DIST_OSX_RES)bitmask-helper/ + cp pkg/osx/bitmask.pf.conf $(DIST_OSX_RES)bitmask-helper/ + cp pkg/osx/se.leap.bitmask-helper.$(DIST_OSX_RES)bitmask-helper/ + cp pkg/osx/post-inst.sh $(DIST_OSX_RES)bitmask-helper/ + cp pkg/osx/daemon.py $(DIST_OSX_RES)bitmask-helper/ + cp /opt/homebrew-cask/Caskroom/tuntap/20150118/tuntap_20150118.pkg $(DIST_OSX_RES) + # TODO get from the path the build script places it + cp ~/leap/openvpn.leap.polarssl $(DIST_OSX_RES)openvpn.leap + # TODO this contains the gpg binary (brew), but we need to compile it statically from sources. + cp -r src/leap/bitmask/util/apps $(DIST_OSX)Contents/MacOS/ + pyinst-tar: cd dist/ && tar cvzf Bitmask.$(NEXT_VERSION).tar.gz bitmask-$(NEXT_VERSION) @@ -62,7 +80,9 @@ pyinst-sign: pyinst-upload: rsync --rsh='ssh' -avztlpog --progress --partial dist/Bitmask.$(NEXT_VERSION).* salmon.leap.se:./ -pyinst-linux: pyinst reset-ver pyinst-hacks pyinst-trim pyinst-cleanup pyinst-distribution-data pyinst-linux-helpers pyinst-tar +pyinst-linux: pyinst reset-ver pyinst-hacks-linux pyinst-trim pyinst-cleanup pyinst-distribution-data pyinst-helpers-linux pyinst-tar + +pyinst-osx: pyinst reset-ver pyinst-hacks-osx pyinst-helpers-osx clean_pkg: rm -rf build dist diff --git a/pkg/tools/profile.mk b/pkg/tools/profile.mk new file mode 100644 index 00000000..8d45c01a --- /dev/null +++ b/pkg/tools/profile.mk @@ -0,0 +1,23 @@ +do_cprofile: + python -m cProfile -o bitmask.cprofile src/leap/bitmask/app.py --debug -N + +view_cprofile: + cprofilev bitmask.cprofile + +mailprofile: + gprof2dot -f pstats /tmp/leap_mail_profile.pstats -n 0.2 -e 0.2 | dot -Tpdf -o /tmp/leap_mail_profile.pdf + +do_lineprof: + LEAP_PROFILE_IMAPCMD=1 LEAP_MAIL_MANHOLE=1 kernprof.py -l src/leap/bitmask/app.py --debug + +do_lineprof_offline: + LEAP_PROFILE_IMAPCMD=1 LEAP_MAIL_MANHOLE=1 kernprof.py -l src/leap/bitmask/app.py --offline --debug -N + +view_lineprof: + @python -m line_profiler app.py.lprof | $(EDITOR) - + +resource_graph: + #./pkg/scripts/monitor_resource.zsh `ps aux | grep app.py | head -1 | awk '{print $$2}'` $(RESOURCE_TIME) + ./pkg/scripts/monitor_resource.zsh `pgrep bitmask` $(RESOURCE_TIME) + display bitmask-resources.png + diff --git a/src/leap/bitmask/services/eip/darwinvpnlauncher.py b/src/leap/bitmask/services/eip/darwinvpnlauncher.py index f1d17698..94161192 100644 --- a/src/leap/bitmask/services/eip/darwinvpnlauncher.py +++ b/src/leap/bitmask/services/eip/darwinvpnlauncher.py @@ -112,7 +112,10 @@ class DarwinVPNLauncher(VPNLauncher): :returns: True if kext is loaded, False otherwise. :rtype: bool """ - return bool(commands.getoutput('kextstat | grep "foo.tun"')) + loaded = bool(commands.getoutput('kextstat | grep "net.sf.tuntaposx.tun"')) + if not loaded: + logger.error("tuntaposx extension not loaded!") + return loaded @classmethod def _get_icon_path(kls): |