5 files changed, 105 insertions, 39 deletions
diff --git a/pkg/osx/install/ProcessNetworkChanges.plist.template b/pkg/osx/install/ProcessNetworkChanges.plist.template
index faea8dee..eaf54fcf 100644
--- a/pkg/osx/install/ProcessNetworkChanges.plist.template
+++ b/pkg/osx/install/ProcessNetworkChanges.plist.template
@@ -3,7 +3,7 @@
 <plist version="1.0">
 	<dict>
 		<key>Label</key>
-		<string>net.tunnelblick.openvpn.process-network-changes</string>
+		<string>se.leap.openvpn.process-network-changes</string>
 		<key>ProgramArguments</key>
 		<array>
 			<string>${DIR}/process-network-changes</string>
diff --git a/pkg/osx/install/client.down.sh b/pkg/osx/install/client.down.sh
index 47f00ed7..52ba4de6 100755
--- a/pkg/osx/install/client.down.sh
+++ b/pkg/osx/install/client.down.sh
@@ -2,7 +2,8 @@
 # Note: must be bash; uses bash-specific tricks
 #
 # ******************************************************************************************************************
-# This Tunnelblick script does everything! It handles TUN and TAP interfaces, 
+# Based on the Tunnelblick script that just "does everything!"
+# It handles TUN and TAP interfaces, 
 # pushed configurations and DHCP leases. :)
 # 
 # This is the "Down" version of the script, executed after the connection is 
@@ -11,6 +12,7 @@
 # Created by: Nick Williams (using original code and parts of old Tblk scripts)
 # 
 # ******************************************************************************************************************
+# TODO: review and adapt version 3 of the clientX.down.sh
 
 trap "" TSTP
 trap "" HUP
@@ -22,34 +24,34 @@ readonly LOG_MESSAGE_COMMAND=$(basename "${0}")
 # Quick check - is the configuration there?
 if ! scutil -w State:/Network/OpenVPN &>/dev/null -t 1 ; then
 	# Configuration isn't there, so we forget it
-	echo "$(date '+%a %b %e %T %Y') *Tunnelblick $LOG_MESSAGE_COMMAND: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting."
+	echo "$(date '+%a %b %e %T %Y') *LEAPClient $LOG_MESSAGE_COMMAND: WARNING: No existing OpenVPN DNS configuration found; not tearing down anything; exiting."
 	exit 0
 fi
 
-# NOTE: This script does not use any arguments passed to it by OpenVPN, so it doesn't shift Tunnelblick options out of the argument list
+# NOTE: This script does not use any arguments passed to it by OpenVPN, so it doesn't shift LEAPClient options out of the argument list
 
 # Get info saved by the up script
-TUNNELBLICK_CONFIG="$(/usr/sbin/scutil <<-EOF
+LEAPCLIENT_CONFIG="$(/usr/sbin/scutil <<-EOF
 	open
 	show State:/Network/OpenVPN
 	quit
 EOF)"
 
-ARG_MONITOR_NETWORK_CONFIGURATION="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*MonitorNetwork :' | sed -e 's/^.*: //g')"
-LEASEWATCHER_PLIST_PATH="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*LeaseWatcherPlistPath :' | sed -e 's/^.*: //g')"
-PSID="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*Service :' | sed -e 's/^.*: //g')"
-SCRIPT_LOG_FILE="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*ScriptLogFile :' | sed -e 's/^.*: //g')"
-# Don't need: ARG_RESTORE_ON_DNS_RESET="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*RestoreOnDNSReset :' | sed -e 's/^.*: //g')"
-# Don't need: ARG_RESTORE_ON_WINS_RESET="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*RestoreOnWINSReset :' | sed -e 's/^.*: //g')"
-# Don't need: PROCESS="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*PID :' | sed -e 's/^.*: //g')"
-# Don't need: ARG_IGNORE_OPTION_FLAGS="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*IgnoreOptionFlags :' | sed -e 's/^.*: //g')"
-ARG_TAP="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*IsTapInterface :' | sed -e 's/^.*: //g')"
-bRouteGatewayIsDhcp="$(echo "${TUNNELBLICK_CONFIG}" | grep -i '^[[:space:]]*RouteGatewayIsDhcp :' | sed -e 's/^.*: //g')"
+ARG_MONITOR_NETWORK_CONFIGURATION="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*MonitorNetwork :' | sed -e 's/^.*: //g')"
+LEASEWATCHER_PLIST_PATH="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*LeaseWatcherPlistPath :' | sed -e 's/^.*: //g')"
+PSID="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*Service :' | sed -e 's/^.*: //g')"
+SCRIPT_LOG_FILE="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*ScriptLogFile :' | sed -e 's/^.*: //g')"
+# Don't need: ARG_RESTORE_ON_DNS_RESET="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*RestoreOnDNSReset :' | sed -e 's/^.*: //g')"
+# Don't need: ARG_RESTORE_ON_WINS_RESET="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*RestoreOnWINSReset :' | sed -e 's/^.*: //g')"
+# Don't need: PROCESS="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*PID :' | sed -e 's/^.*: //g')"
+# Don't need: ARG_IGNORE_OPTION_FLAGS="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*IgnoreOptionFlags :' | sed -e 's/^.*: //g')"
+ARG_TAP="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*IsTapInterface :' | sed -e 's/^.*: //g')"
+bRouteGatewayIsDhcp="$(echo "${LEAPCLIENT_CONFIG}" | grep -i '^[[:space:]]*RouteGatewayIsDhcp :' | sed -e 's/^.*: //g')"
 
 # @param String message - The message to log
 logMessage()
 {
-	echo "$(date '+%a %b %e %T %Y') *Tunnelblick $LOG_MESSAGE_COMMAND: "${@} >> "${SCRIPT_LOG_FILE}"
+	echo "$(date '+%a %b %e %T %Y') *LEAP CLient $LOG_MESSAGE_COMMAND: "${@} >> "${SCRIPT_LOG_FILE}"
 }
 
 trim()
@@ -97,7 +99,7 @@ WINS_OLD="$(/usr/sbin/scutil <<-EOF
 	quit
 EOF)"
 TB_NO_SUCH_KEY="<dictionary> {
-  TunnelblickNoSuchKey : true
+  LEAPClientNoSuchKey : true
 }"
 
 if [ "${DNS_OLD}" = "${TB_NO_SUCH_KEY}" ] ; then
diff --git a/pkg/osx/install/client.up.sh b/pkg/osx/install/client.up.sh
index fc7e341a..be9814c2 100755
--- a/pkg/osx/install/client.up.sh
+++ b/pkg/osx/install/client.up.sh
@@ -2,7 +2,8 @@
 # Note: must be bash; uses bash-specific tricks
 #
 # ******************************************************************************************************************
-# This Tunnelblick script does everything! It handles TUN and TAP interfaces, 
+# Taken from the Tunnelblick script that "just does everything!"
+# It handles TUN and TAP interfaces, 
 # pushed configurations, DHCP with DNS and WINS, and renewed DHCP leases. :)
 # 
 # This is the "Up" version of the script, executed after the interface is 
@@ -11,6 +12,7 @@
 # Created by: Nick Williams (using original code and parts of old Tblk scripts)
 # 
 # ******************************************************************************************************************
+# TODO: review and adapt revision 3 of the clientX-up.sh instead
 
 trap "" TSTP
 trap "" HUP
@@ -19,7 +21,7 @@ export PATH="/bin:/sbin:/usr/sbin:/usr/bin"
 
 # Process optional arguments (if any) for the script
 # Each one begins with a "-"
-# They come from Tunnelblick, and come first, before the OpenVPN arguments
+# They come from the leap-client invocation, and come first, before the OpenVPN arguments
 # So we set ARG_ script variables to their values and shift them out of the argument list
 # When we're done, only the OpenVPN arguments remain for the rest of the script to use
 ARG_MONITOR_NETWORK_CONFIGURATION="false"
@@ -63,24 +65,25 @@ readonly ARG_MONITOR_NETWORK_CONFIGURATION ARG_RESTORE_ON_DNS_RESET ARG_RESTORE_
 # then convert to regular config     /Users/Jonathan/Library/Application Support/Tunnelblick/Configurations/Folder/Subfolder/config.ovpn
 #      to get the script log path
 # Note: "/Users/..." works even if the home directory has a different path; it is used in the name of the log file, and is not used as a path to get to anything.
-readonly TBALTPREFIX="/Library/Application Support/Tunnelblick/Users/"
+readonly TBALTPREFIX="/Library/Application Support/LEAP Client/Users/"
 readonly TBALTPREFIXLEN="${#TBALTPREFIX}"
 readonly TBCONFIGSTART="${config:0:$TBALTPREFIXLEN}"
 if [ "$TBCONFIGSTART" = "$TBALTPREFIX" ] ; then
 	readonly TBBASE="${config:$TBALTPREFIXLEN}"
 	readonly TBSUFFIX="${TBBASE#*/}"
 	readonly TBUSERNAME="${TBBASE%%/*}"
-	readonly TBCONFIG="/Users/$TBUSERNAME/Library/Application Support/Tunnelblick/Configurations/$TBSUFFIX"
+	readonly TBCONFIG="/Users/$TBUSERNAME/Library/Application Support/LEAP Client/Configurations/$TBSUFFIX"
 else
     readonly TBCONFIG="${config}"
 fi
 
 readonly CONFIG_PATH_DASHES_SLASHES="$(echo "${TBCONFIG}" | sed -e 's/-/--/g' | sed -e 's/\//-S/g')"
-readonly SCRIPT_LOG_FILE="/Library/Application Support/Tunnelblick/Logs/${CONFIG_PATH_DASHES_SLASHES}.script.log"
 
+# XXX PUT LOGS SOMEWHERE BETTER
+readonly SCRIPT_LOG_FILE="/Users/$LEAPUSER/.config/leap/logs/${CONFIG_PATH_DASHES_SLASHES}.script.log"
 readonly TB_RESOURCE_PATH=$(dirname "${0}")
 
-LEASEWATCHER_PLIST_PATH="/Library/Application Support/Tunnelblick/LeaseWatch.plist"
+LEASEWATCHER_PLIST_PATH="/Users/$LEAPUSER/.config/leap/logs/LeaseWatch.plist"
 
 readonly OSVER="$(sw_vers | grep 'ProductVersion:' | grep -o '10\.[0-9]*')"
 
@@ -92,7 +95,7 @@ bRouteGatewayIsDhcp="false"
 readonly LOG_MESSAGE_COMMAND=$(basename "${0}")
 logMessage()
 {
-	echo "$(date '+%a %b %e %T %Y') *Tunnelblick $LOG_MESSAGE_COMMAND: "${@} >> "${SCRIPT_LOG_FILE}"
+	echo "$(date '+%a %b %e %T %Y') *LEAP Client $LOG_MESSAGE_COMMAND: "${@} >> "${SCRIPT_LOG_FILE}"
 }
 
 # @param String string - Content to trim
@@ -270,7 +273,7 @@ EOF )"
 	fi
 	
 	# Now, do the aggregation
-	# Save the openvpn process ID and the Network Primary Service ID, leasewather.plist path, logfile path, and optional arguments from Tunnelblick,
+	# Save the openvpn process ID and the Network Primary Service ID, leasewather.plist path, logfile path, and optional arguments from LEAP Client,
 	# then save old and new DNS and WINS settings
 	# PPID is a bash-script variable that contains the process ID of the parent of the process running the script (i.e., OpenVPN's process ID)
 	# config is an environmental variable set to the configuration path by OpenVPN prior to running this up script
@@ -290,7 +293,7 @@ EOF )"
 		CORRECT_OLD_WINS_KEY="State:"
 	fi
 	
-    # If we are not expecting any WINS value, add <TunnelblickNoSuchKey : true> to the expected WINS setup
+    # If we are not expecting any WINS value, add <LEAPClientNoSuchKey : true> to the expected WINS setup
     NO_NOSUCH_KEY_WINS="#"
     if [ "${NO_NB}" = "#" -a "${AGG_WINS}" = "#" -a "${NO_WG}" = "#" ] ; then
         NO_NOSUCH_KEY_WINS=""
@@ -315,14 +318,14 @@ EOF )"
 		set State:/Network/OpenVPN
 		
 		# First, back up the device's current DNS and WINS configurations
-		# Indicate 'no such key' by a dictionary with a single entry: "TunnelblickNoSuchKey : true"
+		# Indicate 'no such key' by a dictionary with a single entry: "LEAPClientNoSuchKey : true"
 		d.init
-		d.add TunnelblickNoSuchKey true
+		d.add LEAPClientNoSuchKey true
 		get ${CORRECT_OLD_DNS_KEY}/Network/Service/${PSID}/DNS
 		set State:/Network/OpenVPN/OldDNS
 		
 		d.init
-		d.add TunnelblickNoSuchKey true
+		d.add LEAPClientNoSuchKey true
 		get ${CORRECT_OLD_WINS_KEY}/Network/Service/${PSID}/SMB
 		set State:/Network/OpenVPN/OldSMB
 		
@@ -353,7 +356,7 @@ EOF )"
 		${NO_NB}d.add NetBIOSName ${STATIC_NETBIOSNAME}
 		${AGG_WINS}d.add WINSAddresses * ${ALL_WINS_SERVERS}
 		${NO_WG}d.add Workgroup ${STATIC_WORKGROUP}
-        ${NO_NOSUCH_KEY_WINS}d.add TunnelblickNoSuchKey true
+        ${NO_NOSUCH_KEY_WINS}d.add LEAPClientNoSuchKey true
 		set State:/Network/OpenVPN/SMB
 		
 		# We are done
diff --git a/pkg/osx/install/install-leapc.sh b/pkg/osx/install/install-leapc.sh
index 2ecfc08e..ec3c2834 100755
--- a/pkg/osx/install/install-leapc.sh
+++ b/pkg/osx/install/install-leapc.sh
@@ -1,17 +1,42 @@
-#!/bin/sh
-echo "Installing LEAP Client in /Applications"
-cp -r "LEAP Client.app" "/Applications"
+#!/bin/bash
 
-echo "Copying openvpn binary"
+# LEAP CLient Installer Script.
+#
+# Copyright (C) 2013 LEAP Encryption Access Project
+#
+# This file is part of LEAP Client, as
+# available from http://leap.se/. This file is free software;
+# you can redistribute it and/or modify it under the terms of the GNU
+# General Public License (GPL) as published by the Free Software
+# Foundation, in version 2 as it comes in the "COPYING" file of the
+# LEAP Client distribution. LEAP Client is distributed in the
+# hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
+#
+
+set -e
+
+destlibs=/opt/local/lib
+leapdir=/Applications/LEAP\ Client.app
+leaplibs=${leapdir}/Contents/MacOS
+tunstartup=/Library/StartupItems/tun/tun
+
+echo "Installing LEAP Client in /Applications..."
+cp -r "LEAP Client.app" /Applications
+
+echo "Copying openvpn binary..."
 cp -r openvpn.leap /usr/bin 
 
-echo "Installing tun/tap drivers"
+echo "Installing tun/tap drivers..."
+test -f $tunstartup && $tunstartup stop
+
+test -d /Library/Extensions || mkdir -p /Library/Extensions
+test -d /Library/StartupItems || mkdir -p /Library/StartupItems
+
 cp -r Extensions/* /Library/Extensions
 cp -r StartupItems/* /Library/StartupItems
 
-echo "Loading tun/tap kernel extension"
-/Library/StartupItems/tun/tun start
+echo "Loading tun/tap kernel extension..."
 
-echo "Installation Finished!"
+$tunstartup start
 
-ln -s /Applications/LEAP\ Client.app/ /Volumes/LEAP\ Client\ installer/
+echo "Installation Finished!"
diff --git a/pkg/osx/install/tun.kext/Info.plist b/pkg/osx/install/tun.kext/Info.plist
new file mode 100644
index 00000000..fb69ba85
--- /dev/null
+++ b/pkg/osx/install/tun.kext/Info.plist
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>English</string>
+	<key>CFBundleExecutable</key>
+	<string>tun</string>
+	<key>CFBundleIdentifier</key>
+	<string>leap.tun</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>tun</string>
+	<key>CFBundlePackageType</key>
+	<string>KEXT</string>
+	<key>CFBundleShortVersionString</key>
+	<string>20120120</string>
+	<key>CFBundleSignature</key>
+	<string>????</string>
+	<key>CFBundleVersion</key>
+	<string>1.0</string>
+	<key>OSBundleLibraries</key>
+	<dict>
+		<key>com.apple.kpi.mach</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.bsd</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.libkern</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.unsupported</key>
+		<string>8.0</string>
+	</dict>
+</dict>
+</plist>
+