summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile73
-rwxr-xr-xopenvpn/openvpn.sh123
-rw-r--r--pkg/deps.mk28
-rw-r--r--pkg/osx/Makefile51
-rwxr-xr-xpkg/osx/bitmask-wrapper3
-rw-r--r--pkg/osx/install/tun.kext/Info.plist36
-rwxr-xr-xpkg/osx/post-inst.sh4
-rw-r--r--pkg/pyinst/pyinst-build.mk34
-rw-r--r--pkg/tools/profile.mk23
-rw-r--r--src/leap/bitmask/services/eip/darwinvpnlauncher.py5
10 files changed, 212 insertions, 168 deletions
diff --git a/Makefile b/Makefile
index fdfb0381..84497607 100644
--- a/Makefile
+++ b/Makefile
@@ -43,6 +43,8 @@ LRELE = lrelease
# pyinst dist dir
DIST = dist/bitmask/
+DIST_OSX = dist/Bitmask.app/
+DIST_OSX_RES = dist/Bitmask.app/Contents/Resources/
NEXT_VERSION = $(shell cat pkg/next-version)
DIST_VERSION = dist/bitmask-$(NEXT_VERSION)/
GIT_COMMIT = $(shell git rev-parse HEAD)
@@ -95,78 +97,11 @@ manpages:
apidocs:
@sphinx-apidoc -o docs/api src/leap/bitmask
-do_cprofile:
- python -m cProfile -o bitmask.cprofile src/leap/bitmask/app.py --debug -N
-
-view_cprofile:
- cprofilev bitmask.cprofile
-
-mailprofile:
- gprof2dot -f pstats /tmp/leap_mail_profile.pstats -n 0.2 -e 0.2 | dot -Tpdf -o /tmp/leap_mail_profile.pdf
-
-do_lineprof:
- LEAP_PROFILE_IMAPCMD=1 LEAP_MAIL_MANHOLE=1 kernprof.py -l src/leap/bitmask/app.py --debug
-
-do_lineprof_offline:
- LEAP_PROFILE_IMAPCMD=1 LEAP_MAIL_MANHOLE=1 kernprof.py -l src/leap/bitmask/app.py --offline --debug -N
-
-view_lineprof:
- @python -m line_profiler app.py.lprof | $(EDITOR) -
-
-resource_graph:
- #./pkg/scripts/monitor_resource.zsh `ps aux | grep app.py | head -1 | awk '{print $$2}'` $(RESOURCE_TIME)
- ./pkg/scripts/monitor_resource.zsh `pgrep bitmask` $(RESOURCE_TIME)
- display bitmask-resources.png
-
-get_wheels:
- pip install --upgrade setuptools
- pip install --upgrade pip
- pip install wheel
-
-gather_wheels:
- pip wheel --wheel-dir=../wheelhouse pyzmq --build-option "--zmq=bundled"
- # because fuck u1db externals, that's why...
- pip wheel --wheel-dir=../wheelhouse --allow-external dirspec --allow-unverified dirspec --allow-external u1db --allow-unverified u1db -r pkg/requirements.pip
-
-install_wheel:
- # if it's the first time, you'll need to get_wheels first
- pip install --pre --use-wheel --no-index --find-links=../wheelhouse -r pkg/requirements.pip
-
-gather_deps:
- pipdeptree | pkg/scripts/filter-bitmask-deps
-
-install_base_deps:
- for repo in leap_pycommon keymanager leap_mail soledad/common soledad/client; do cd $(CURDIR)/../$$repo && pkg/pip_install_requirements.sh; done
- pkg/pip_install_requirements.sh
-
-pull_leapdeps:
- for repo in $(LEAP_REPOS); do cd $(CURDIR)/../$$repo && git pull; done
-
-checkout_leapdeps_develop:
- for repo in $(LEAP_REPOS); do cd $(CURDIR)/../$$repo && git checkout develop; done
- git checkout develop
-
+include pkg/deps.mk
+include pkg/tools/profile.mk
include pkg/sumo-tarballs.mk
include pkg/pyinst/pyinst-build.mk
include pkg/branding/branding.mk
-pyinst_osx: pyinst
- mv dist/Bitmask.app/Contents/MacOS/bitmask dist/Bitmask.app/Contents/MacOS/bitmask-app
- cp pkg/osx/bitmask-wrapper dist/Bitmask.app/Contents/MacOS/bitmask
- mkdir -p dist/Bitmask.app/Contents/Resources/bitmask-helper
- cp pkg/osx/client.up.sh dist/Bitmask.app/Contents/Resources/
- cp pkg/osx/client.down.sh dist/Bitmask.app/Contents/Resources/
- cp pkg/osx/bitmask-helper dist/Bitmask.app/Contents/Resources/bitmask-helper/
- cp pkg/osx/bitmask.pf.conf dist/Bitmask.app/Contents/Resources/bitmask-helper/
- cp pkg/osx/se.leap.bitmask-helper.plist dist/Bitmask.app/Contents/Resources/bitmask-helper/
- cp pkg/osx/post-inst.sh dist/Bitmask.app/Contents/Resources/bitmask-helper/
- cp pkg/osx/daemon.py dist/Bitmask.app/Contents/Resources/bitmask-helper/
- # XXX hack... this contains the gpg binary (brew), but we need to build it from sources.
- cp -r src/leap/bitmask/util/apps dist/Bitmask.app/Contents/MacOS/
- # XXX hack... this contains the openvpn binary (brew), but we need to build it from sources.
- cp -r src/leap/bitmask/util/openvpn.leap dist/Bitmask.app/Contents/Resources/
- # XXX this should be taken care of by pyinstaller data collector
- cp $(VIRTUAL_ENV)/lib/python2.7/site-packages/leap/common/cacert.pem dist/Bitmask.app/Contents/MacOS/
-
clean :
$(RM) $(COMPILED_UI) $(COMPILED_RESOURCES) $(COMPILED_UI:.py=.pyc) $(COMPILED_RESOURCES:.py=.pyc)
diff --git a/openvpn/openvpn.sh b/openvpn/openvpn.sh
new file mode 100755
index 00000000..db63c987
--- /dev/null
+++ b/openvpn/openvpn.sh
@@ -0,0 +1,123 @@
+#!/bin/bash
+
+set -e
+set -x
+
+mkdir -p ~/openvpn && cd ~/openvpn
+
+BASE=`pwd`
+SRC=$BASE/src
+WGET="wget --prefer-family=IPv4"
+DEST=$BASE/stuff
+LDFLAGS="-L$DEST/lib -Wl"
+CPPFLAGS="-I$DEST/include"
+CFLAGS="-O3"
+CXXFLAGS=$CFLAGS
+CONFIGURE="./configure --prefix=/stuff"
+MAKE="make -j2"
+mkdir -p $SRC
+
+######## ####################################################################
+# ZLIB # ####################################################################
+######## ####################################################################
+
+mkdir $SRC/zlib && cd $SRC/zlib
+
+if [ ! -f zlib-1.2.8.tar.gz ]; then
+ $WGET http://zlib.net/zlib-1.2.8.tar.gz
+fi
+tar zxvf zlib-1.2.8.tar.gz
+cd zlib-1.2.8
+
+LDFLAGS=$LDFLAGS \
+CPPFLAGS=$CPPFLAGS \
+CFLAGS=$CFLAGS \
+CXXFLAGS=$CXXFLAGS \
+./configure \
+--prefix=/stuff
+
+$MAKE
+make install DESTDIR=$BASE
+
+########### #################################################################
+# OPENSSL # #################################################################
+########### #################################################################
+
+#mkdir -p $SRC/openssl && cd $SRC/openssl
+#if [ ! -f openssl-1.0.2f.tar.gz ]; then
+# $WGET https://www.openssl.org/source/openssl-1.0.2f.tar.gz
+#fi
+#tar zxvf openssl-1.0.2f.tar.gz
+#cd openssl-1.0.2f
+
+#./Configure darwin64-x86_64-cc \
+#-Wl \
+#--prefix=/opts zlib \
+#--with-zlib-lib=$DEST/lib \
+#--with-zlib-include=$DEST/include
+
+#$MAKE
+#make install INSTALLTOP=$DEST OPENSSLDIR=$DEST/ssl
+
+############ #################################################################
+# POLARSSL # #################################################################
+############ #################################################################
+
+mkdir -p $SRC/polarssl && cd $SRC/polarssl
+if [ ! -f polarssl-1.3.9-gpl.tgz ]; then
+ $WGET https://tls.mbed.org/download/polarssl-1.3.9-gpl.tgz
+fi
+tar zxvf polarssl-1.3.9-gpl.tgz
+cd polarssl-1.3.9
+mkdir build
+cd build
+cmake ..
+$MAKE
+make install DESTDIR=$BASE
+
+######## ####################################################################
+# LZO2 # ####################################################################
+######## ####################################################################
+
+mkdir $SRC/lzo2 && cd $SRC/lzo2
+if [ ! -f lzo-2.09.tar.gz ]; then
+ $WGET http://www.oberhumer.com/opensource/lzo/download/lzo-2.09.tar.gz
+fi
+tar zxvf lzo-2.09.tar.gz
+cd lzo-2.09
+
+LDFLAGS=$LDFLAGS \
+CPPFLAGS=$CPPFLAGS \
+CFLAGS=$CFLAGS \
+CXXFLAGS=$CXXFLAGS \
+$CONFIGURE
+
+$MAKE
+make install DESTDIR=$BASE
+
+########### #################################################################
+# OPENVPN # #################################################################
+########### #################################################################
+
+mkdir $SRC/openvpn && cd $SRC/openvpn
+if [ ! -f openvpn-2.3.10.tar.gz ]; then
+ $WGET http://swupdate.openvpn.org/community/releases/openvpn-2.3.10.tar.gz
+fi
+tar zxvf openvpn-2.3.10.tar.gz
+cd openvpn-2.3.10
+
+# OPENSSL_SSL_LIBS=$DEST/lib/
+
+POLARSSL_CFLAGS=-I$DEST/usr/local/include \
+POLARSSL_LIBS=$DEST/lib/libpolarssl.a \
+LDFLAGS=$LDFLAGS \
+CPPFLAGS=$CPPFLAGS \
+CFLAGS=$CFLAGS \
+CXXFLAGS=$CXXFLAGS \
+$CONFIGURE \
+--disable-plugin-auth-pam \
+--enable-password-save \
+--with-crypto-library=polarssl
+
+$MAKE LIBS="-all-static -lssl -lcrypto -lz -llzo2"
+make install DESTDIR=$BASE/openvpn
diff --git a/pkg/deps.mk b/pkg/deps.mk
new file mode 100644
index 00000000..26bed466
--- /dev/null
+++ b/pkg/deps.mk
@@ -0,0 +1,28 @@
+get_wheels:
+ pip install --upgrade setuptools
+ pip install --upgrade pip
+ pip install wheel
+
+gather_wheels:
+ pip wheel --wheel-dir=../wheelhouse pyzmq --build-option "--zmq=bundled"
+ # because fuck u1db externals, that's why...
+ pip wheel --wheel-dir=../wheelhouse --allow-external dirspec --allow-unverified dirspec --allow-external u1db --allow-unverified u1db -r pkg/requirements.pip
+
+install_wheel:
+ # if it's the first time, you'll need to get_wheels first
+ pip install --pre --use-wheel --no-index --find-links=../wheelhouse -r pkg/requirements.pip
+
+gather_deps:
+ pipdeptree | pkg/scripts/filter-bitmask-deps
+
+install_base_deps:
+ for repo in leap_pycommon keymanager leap_mail soledad/common soledad/client; do cd $(CURDIR)/../$$repo && pkg/pip_install_requirements.sh; done
+ pkg/pip_install_requirements.sh
+
+pull_leapdeps:
+ for repo in $(LEAP_REPOS); do cd $(CURDIR)/../$$repo && git pull; done
+
+checkout_leapdeps_develop:
+ for repo in $(LEAP_REPOS); do cd $(CURDIR)/../$$repo && git checkout develop; done
+ git checkout develop
+
diff --git a/pkg/osx/Makefile b/pkg/osx/Makefile
deleted file mode 100644
index 15dfb810..00000000
--- a/pkg/osx/Makefile
+++ /dev/null
@@ -1,51 +0,0 @@
-OSX = dist/LEAP\ Client.app/Contents/MacOS/
-GITC = `git rev-parse --short HEAD`
-DMG = "dist/leap-client-$(GITC).dmg"
-INST = "dist/LEAP Client installer.app"
-INSTR = "dist/LEAP Client installer.app/Contents/Resources"
-
-pkg : check-env dist tuntap installer dmg
-
-dist :
- ~/pyinstaller/pyinstaller.py -w -s leap-client.spec
- cp -r /opt/local/Library/Frameworks/QtGui.framework/Versions/4/Resources/qt_menu.nib "dist/LEAP Client.app/Contents/Resources"
- cp Info.plist "dist/LEAP Client.app/Contents/Info.plist"
- cp ../../data/images/leap-client.icns "dist/LEAP Client.app/Contents/Resources/icon-windowed.icns"
-
-trim:
- #XXX this should go properly in pyinstaller spec excludes, but going quick'n'dirty
- #XXX adapt to PySide
- rm $(OSX)QtSvg $(OSX)QtXml $(OSX)QtNetwork $(OSX)QtOpenGL $(OSX)Qt3Support $(OSX)QtSql
-
-tuntap:
- ./build_tuntaposx clean && ./build_tuntaposx
-
-installer:
- #XXX need to fix some paths there (binary, etc)
- platypus -P install/leap-installer.platypus -y $(INST)
- # build tuntaposx kernel extension
- mkdir $(INSTR)/StartupItems
- mkdir $(INSTR)/Extensions
- cp -r dist/tun.kext $(INSTR)/Extensions
- cp -r dist/tuntaposx/StartupItems/* $(INSTR)/StartupItems
- cp install/tun.kext/Info.plist $(INSTR)/Extensions/tun.kext/Contents/
- #copy the binary that we have previously built (not yet)
- cp ../../openvpn/build/openvpn.leap $(INSTR)
- #copy startup scripts
- cp install/client.up.sh $(INSTR)
- cp install/client.down.sh $(INSTR)
- cp install/ProcessNetworkChanges.plist.template $(INSTR)
- #Finally, copy application bundle...
- cp -r "dist/LEAP Client.app" $(INSTR)
-
-dmg :
- rm -f $(DMG)
- hdiutil create -format UDBZ -srcfolder $(INST) $(DMG)
-
-check-env:
-ifndef VIRTUAL_ENV
- $(error WHAT DO YOU THINK VIRTUALENV IS FOR??!! Please go get into one..)
-endif
-
-clean :
- rm -rf dist/ build/
diff --git a/pkg/osx/bitmask-wrapper b/pkg/osx/bitmask-wrapper
deleted file mode 100755
index 240fc186..00000000
--- a/pkg/osx/bitmask-wrapper
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-exec $DIR/bitmask-app --debug --danger
diff --git a/pkg/osx/install/tun.kext/Info.plist b/pkg/osx/install/tun.kext/Info.plist
deleted file mode 100644
index fb69ba85..00000000
--- a/pkg/osx/install/tun.kext/Info.plist
+++ /dev/null
@@ -1,36 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
- <key>CFBundleDevelopmentRegion</key>
- <string>English</string>
- <key>CFBundleExecutable</key>
- <string>tun</string>
- <key>CFBundleIdentifier</key>
- <string>leap.tun</string>
- <key>CFBundleInfoDictionaryVersion</key>
- <string>6.0</string>
- <key>CFBundleName</key>
- <string>tun</string>
- <key>CFBundlePackageType</key>
- <string>KEXT</string>
- <key>CFBundleShortVersionString</key>
- <string>20120120</string>
- <key>CFBundleSignature</key>
- <string>????</string>
- <key>CFBundleVersion</key>
- <string>1.0</string>
- <key>OSBundleLibraries</key>
- <dict>
- <key>com.apple.kpi.mach</key>
- <string>8.0</string>
- <key>com.apple.kpi.bsd</key>
- <string>8.0</string>
- <key>com.apple.kpi.libkern</key>
- <string>8.0</string>
- <key>com.apple.kpi.unsupported</key>
- <string>8.0</string>
- </dict>
-</dict>
-</plist>
-
diff --git a/pkg/osx/post-inst.sh b/pkg/osx/post-inst.sh
index 2fc719f0..03dc4d2f 100755
--- a/pkg/osx/post-inst.sh
+++ b/pkg/osx/post-inst.sh
@@ -1,6 +1,8 @@
#!/bin/sh
-# Post-Instalation script
+# Bitmask Post-Instalation script
cp se.leap.bitmask-helper.plist /Library/LaunchDaemons/
launchctl load /Library/LaunchDaemons/se.leap.bitmask-helper.plist
+cp tuntap_20150118.pkg /tmp/
+open /tmp/tuntap_20150118.pkg
diff --git a/pkg/pyinst/pyinst-build.mk b/pkg/pyinst/pyinst-build.mk
index 9595ad50..835c793c 100644
--- a/pkg/pyinst/pyinst-build.mk
+++ b/pkg/pyinst/pyinst-build.mk
@@ -12,8 +12,9 @@ pyinst: freeze-ver hash-binaries
reset-ver:
git checkout -- src/leap/bitmask/_version.py
-pyinst-hacks:
- cp ../leap_common/src/leap/common/cacert.pem $(DIST)
+pyinst-hacks-linux:
+ # XXX this should be taken care of by pyinstaller data collector
+ cp $(VIRTUAL_ENV)/lib/python2.7/site-packages/leap/common/cacert.pem $(DIST)
mkdir -p $(DIST)pysqlcipher
mkdir -p $(DIST)pixelated
mkdir -p $(DIST)twisted/web
@@ -22,15 +23,17 @@ pyinst-hacks:
cp -r $(VIRTUAL_ENV)/lib/python2.7/site-packages/pixelated/assets/ $(DIST)pixelated
cp -r $(VIRTUAL_ENV)/lib/python2.7/site-packages/twisted/web/failure.xhtml $(DIST)twisted/web/
+pyinst-hacks-osx:
+ # XXX this should be taken care of by pyinstaller data collector
+ cp $(VIRTUAL_ENV)/lib/python2.7/site-packages/leap/common/cacert.pem $(DIST_OSX)Contents/MacOS/
+ # XXX need the rest???
+
pyinst-trim:
rm -f $(DIST)libQtOpenGL.so.4
rm -f $(DIST)libQtSql.so.4
rm -f $(DIST)libQt3Support.so.4
rm -f $(DIST)libaudio.so.2
rm -f $(DIST)libnvidia-*
- #rm -f dist/bitmask/libgstvideo-1.0.so.0
- #rm -f dist/bitmask/libgstaudio0.0.so.0
- #rm -f dist/bitmask/libgstreamer-1.0.so.0
pyinst-cleanup:
rm -rf $(DIST)config
@@ -44,7 +47,7 @@ pyinst-distribution-data:
cp pkg/PixelatedWebmail.README $(DIST_VERSION)
cp LICENSE $(DIST_VERSION)
-pyinst-linux-helpers:
+pyinst-helpers-linux:
mkdir -p $(DIST_VERSION)apps/eip/files
cp $(LEAP_BUILD_DIR)openvpn $(DIST_VERSION)apps/eip/files/leap-openvpn
cp pkg/linux/bitmask-root $(DIST_VERSION)apps/eip/files/
@@ -53,6 +56,21 @@ pyinst-linux-helpers:
mkdir -p $(DIST_VERSION)apps/mail
cp $(LEAP_BUILD_DIR)gpg $(DIST_VERSION)apps/mail
+pyinst-helpers-osx:
+ mkdir -p $(DIST_OSX_RES)bitmask-helper
+ cp pkg/osx/client.up.sh $(DIST_OSX_RES)
+ cp pkg/osx/client.down.sh $(DIST_OSX_RES)
+ cp pkg/osx/bitmask-helper $(DIST_OSX_RES)bitmask-helper/
+ cp pkg/osx/bitmask.pf.conf $(DIST_OSX_RES)bitmask-helper/
+ cp pkg/osx/se.leap.bitmask-helper.$(DIST_OSX_RES)bitmask-helper/
+ cp pkg/osx/post-inst.sh $(DIST_OSX_RES)bitmask-helper/
+ cp pkg/osx/daemon.py $(DIST_OSX_RES)bitmask-helper/
+ cp /opt/homebrew-cask/Caskroom/tuntap/20150118/tuntap_20150118.pkg $(DIST_OSX_RES)
+ # TODO get from the path the build script places it
+ cp ~/leap/openvpn.leap.polarssl $(DIST_OSX_RES)openvpn.leap
+ # TODO this contains the gpg binary (brew), but we need to compile it statically from sources.
+ cp -r src/leap/bitmask/util/apps $(DIST_OSX)Contents/MacOS/
+
pyinst-tar:
cd dist/ && tar cvzf Bitmask.$(NEXT_VERSION).tar.gz bitmask-$(NEXT_VERSION)
@@ -62,7 +80,9 @@ pyinst-sign:
pyinst-upload:
rsync --rsh='ssh' -avztlpog --progress --partial dist/Bitmask.$(NEXT_VERSION).* salmon.leap.se:./
-pyinst-linux: pyinst reset-ver pyinst-hacks pyinst-trim pyinst-cleanup pyinst-distribution-data pyinst-linux-helpers pyinst-tar
+pyinst-linux: pyinst reset-ver pyinst-hacks-linux pyinst-trim pyinst-cleanup pyinst-distribution-data pyinst-helpers-linux pyinst-tar
+
+pyinst-osx: pyinst reset-ver pyinst-hacks-osx pyinst-helpers-osx
clean_pkg:
rm -rf build dist
diff --git a/pkg/tools/profile.mk b/pkg/tools/profile.mk
new file mode 100644
index 00000000..8d45c01a
--- /dev/null
+++ b/pkg/tools/profile.mk
@@ -0,0 +1,23 @@
+do_cprofile:
+ python -m cProfile -o bitmask.cprofile src/leap/bitmask/app.py --debug -N
+
+view_cprofile:
+ cprofilev bitmask.cprofile
+
+mailprofile:
+ gprof2dot -f pstats /tmp/leap_mail_profile.pstats -n 0.2 -e 0.2 | dot -Tpdf -o /tmp/leap_mail_profile.pdf
+
+do_lineprof:
+ LEAP_PROFILE_IMAPCMD=1 LEAP_MAIL_MANHOLE=1 kernprof.py -l src/leap/bitmask/app.py --debug
+
+do_lineprof_offline:
+ LEAP_PROFILE_IMAPCMD=1 LEAP_MAIL_MANHOLE=1 kernprof.py -l src/leap/bitmask/app.py --offline --debug -N
+
+view_lineprof:
+ @python -m line_profiler app.py.lprof | $(EDITOR) -
+
+resource_graph:
+ #./pkg/scripts/monitor_resource.zsh `ps aux | grep app.py | head -1 | awk '{print $$2}'` $(RESOURCE_TIME)
+ ./pkg/scripts/monitor_resource.zsh `pgrep bitmask` $(RESOURCE_TIME)
+ display bitmask-resources.png
+
diff --git a/src/leap/bitmask/services/eip/darwinvpnlauncher.py b/src/leap/bitmask/services/eip/darwinvpnlauncher.py
index f1d17698..94161192 100644
--- a/src/leap/bitmask/services/eip/darwinvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/darwinvpnlauncher.py
@@ -112,7 +112,10 @@ class DarwinVPNLauncher(VPNLauncher):
:returns: True if kext is loaded, False otherwise.
:rtype: bool
"""
- return bool(commands.getoutput('kextstat | grep "foo.tun"'))
+ loaded = bool(commands.getoutput('kextstat | grep "net.sf.tuntaposx.tun"'))
+ if not loaded:
+ logger.error("tuntaposx extension not loaded!")
+ return loaded
@classmethod
def _get_icon_path(kls):