diff options
Diffstat (limited to 'src/leap/bitmask/services/eip')
| -rw-r--r-- | src/leap/bitmask/services/eip/conductor.py | 9 | ||||
| -rw-r--r-- | src/leap/bitmask/services/eip/darwinvpnlauncher.py | 4 | ||||
| -rw-r--r-- | src/leap/bitmask/services/eip/eipbootstrapper.py | 6 | ||||
| -rw-r--r-- | src/leap/bitmask/services/eip/linuxvpnlauncher.py | 7 | ||||
| -rw-r--r-- | src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py | 2 | ||||
| -rw-r--r-- | src/leap/bitmask/services/eip/vpnlauncher.py | 24 | ||||
| -rw-r--r-- | src/leap/bitmask/services/eip/vpnprocess.py | 19 |
7 files changed, 33 insertions, 38 deletions
diff --git a/src/leap/bitmask/services/eip/conductor.py b/src/leap/bitmask/services/eip/conductor.py index a8821160..bb07809a 100644 --- a/src/leap/bitmask/services/eip/conductor.py +++ b/src/leap/bitmask/services/eip/conductor.py @@ -33,7 +33,7 @@ logger = logging.getLogger(__name__) class EIPConductor(object): - def __init__(self, settings, backend, **kwargs): + def __init__(self, settings, backend, leap_signaler, **kwargs): """ Initializes EIP Conductor. @@ -46,6 +46,7 @@ class EIPConductor(object): self.eip_connection = EIPConnection() self.eip_name = get_service_display_name(EIP_SERVICE) self._settings = settings + self._leap_signaler = leap_signaler self._backend = backend self._eip_status = None @@ -76,7 +77,7 @@ class EIPConductor(object): """ Connect to backend signals. """ - signaler = self._backend.signaler + signaler = self._leap_signaler # for conductor signaler.eip_process_restart_tls.connect(self._do_eip_restart) @@ -201,7 +202,7 @@ class EIPConductor(object): # we bypass the on_eip_disconnected here plug_restart_on_disconnected() self.qtsigs.disconnected_signal.emit() - #QtDelayedCall(0, self.qtsigs.disconnected_signal.emit) + # QtDelayedCall(0, self.qtsigs.disconnected_signal.emit) # ...and reconnect the original signal again, after having used the # diversion QtDelayedCall(500, reconnect_disconnected_signal) @@ -300,7 +301,7 @@ class EIPConductor(object): # XXX FIXME --- check exitcode is != 0 really. # bitmask-root is masking the exitcode, so we might need # to fix it on that side. - #if exitCode != 0 and not self.user_stopped_eip: + # if exitCode != 0 and not self.user_stopped_eip: if not self.user_stopped_eip: eip_status_label = self._eip_status.tr( "{0} finished in an unexpected manner!") diff --git a/src/leap/bitmask/services/eip/darwinvpnlauncher.py b/src/leap/bitmask/services/eip/darwinvpnlauncher.py index 41d75052..f83e0170 100644 --- a/src/leap/bitmask/services/eip/darwinvpnlauncher.py +++ b/src/leap/bitmask/services/eip/darwinvpnlauncher.py @@ -46,7 +46,9 @@ class DarwinVPNLauncher(VPNLauncher): INSTALL_MSG = ("\"Bitmask needs administrative privileges to install " "missing scripts and fix permissions.\"") - INSTALL_PATH = os.path.realpath(os.getcwd() + "/../../") + # Hardcode the installation path for OSX for security, openvpn is + # run as root + INSTALL_PATH = "/Applications/Bitmask.app/" INSTALL_PATH_ESCAPED = os.path.realpath(os.getcwd() + "/../../") OPENVPN_BIN = 'openvpn.leap' OPENVPN_PATH = "%s/Contents/Resources/openvpn" % (INSTALL_PATH,) diff --git a/src/leap/bitmask/services/eip/eipbootstrapper.py b/src/leap/bitmask/services/eip/eipbootstrapper.py index c77977ce..264eac2e 100644 --- a/src/leap/bitmask/services/eip/eipbootstrapper.py +++ b/src/leap/bitmask/services/eip/eipbootstrapper.py @@ -53,7 +53,7 @@ class EIPBootstrapper(AbstractBootstrapper): self._eip_config = None self._download_if_needed = False if signaler is not None: - self._cancel_signal = signaler.EIP_CANCELLED_SETUP + self._cancel_signal = signaler.eip_cancelled_setup def _download_config(self, *args): """ @@ -116,9 +116,9 @@ class EIPBootstrapper(AbstractBootstrapper): self._download_if_needed = download_if_needed cb_chain = [ - (self._download_config, self._signaler.EIP_CONFIG_READY), + (self._download_config, self._signaler.eip_config_ready), (self._download_client_certificates, - self._signaler.EIP_CLIENT_CERTIFICATE_READY) + self._signaler.eip_client_certificate_ready) ] return self.addCallbackChain(cb_chain) diff --git a/src/leap/bitmask/services/eip/linuxvpnlauncher.py b/src/leap/bitmask/services/eip/linuxvpnlauncher.py index 8ec0c050..b6e47f25 100644 --- a/src/leap/bitmask/services/eip/linuxvpnlauncher.py +++ b/src/leap/bitmask/services/eip/linuxvpnlauncher.py @@ -74,6 +74,7 @@ def _is_auth_agent_running(): 'ps aux | grep "polkit-[m]ate-authentication-agent-1"', 'ps aux | grep "[l]xpolkit"', 'ps aux | grep "[g]nome-shell"', + 'ps aux | grep "[f]ingerprint-polkit-agent"', ] is_running = [commands.getoutput(cmd) for cmd in polkit_options] @@ -126,12 +127,6 @@ class LinuxVPNLauncher(VPNLauncher): # LinuxPolicyChecker will give us the right path if standalone. return LinuxPolicyChecker.get_polkit_path() - class RESOLVCONF_BIN_PATH(object): - def __call__(self): - return ("/usr/local/sbin/leap-resolvconf" if flags.STANDALONE else - "/sbin/resolvconf") - # this only will work with debian/ubuntu distros. - OTHER_FILES = (POLKIT_PATH, BITMASK_ROOT, OPENVPN_BIN_PATH) @classmethod diff --git a/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py b/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py index 6640a860..1888f2c9 100644 --- a/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py +++ b/src/leap/bitmask/services/eip/tests/test_eipbootstrapper.py @@ -30,7 +30,7 @@ import time try: import unittest2 as unittest except ImportError: - import unittest + import unittest # noqa - skip 'unused import' warning from nose.twistedtools import deferred, reactor from twisted.internet import threads diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py index 0731bee3..72e19413 100644 --- a/src/leap/bitmask/services/eip/vpnlauncher.py +++ b/src/leap/bitmask/services/eip/vpnlauncher.py @@ -27,7 +27,7 @@ from abc import ABCMeta, abstractmethod from functools import partial from leap.bitmask.config import flags -from leap.bitmask.config.leapsettings import LeapSettings +from leap.bitmask.backend.settings import Settings, GATEWAY_AUTOMATIC from leap.bitmask.config.providerconfig import ProviderConfig from leap.bitmask.platform_init import IS_LINUX from leap.bitmask.services.eip.eipconfig import EIPConfig, VPNGatewaySelector @@ -122,12 +122,12 @@ class VPNLauncher(object): :rtype: list """ gateways = [] - leap_settings = LeapSettings() + settings = Settings() domain = providerconfig.get_domain() - gateway_conf = leap_settings.get_selected_gateway(domain) + gateway_conf = settings.get_selected_gateway(domain) gateway_selector = VPNGatewaySelector(eipconfig) - if gateway_conf == leap_settings.GATEWAY_AUTOMATIC: + if gateway_conf == GATEWAY_AUTOMATIC: gateways = gateway_selector.get_gateways() else: gateways = [gateway_conf] @@ -136,12 +136,6 @@ class VPNLauncher(object): logger.error('No gateway was found!') raise VPNLauncherException('No gateway was found!') - # this only works for selecting the first gateway, as we're - # currently doing. - ccodes = gateway_selector.get_gateways_country_code() - gateway_ccode = ccodes[gateways[0]] - flags.CURRENT_VPN_COUNTRY = gateway_ccode - logger.debug("Using gateways ips: {0}".format(', '.join(gateways))) return gateways @@ -175,11 +169,11 @@ class VPNLauncher(object): leap_assert_type(providerconfig, ProviderConfig) # XXX this still has to be changed on osx and windows accordingly - #kwargs = {} - #openvpn_possibilities = which(kls.OPENVPN_BIN, **kwargs) - #if not openvpn_possibilities: - #raise OpenVPNNotFoundException() - #openvpn = first(openvpn_possibilities) + # kwargs = {} + # openvpn_possibilities = which(kls.OPENVPN_BIN, **kwargs) + # if not openvpn_possibilities: + # raise OpenVPNNotFoundException() + # openvpn = first(openvpn_possibilities) # ----------------------------------------- openvpn_path = force_eval(kls.OPENVPN_BIN_PATH) diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py index b54f2925..d1a3fdaa 100644 --- a/src/leap/bitmask/services/eip/vpnprocess.py +++ b/src/leap/bitmask/services/eip/vpnprocess.py @@ -118,10 +118,10 @@ class VPNObserver(object): """ sig = self._signaler signals = { - "network_unreachable": sig.EIP_NETWORK_UNREACHABLE, - "process_restart_tls": sig.EIP_PROCESS_RESTART_TLS, - "process_restart_ping": sig.EIP_PROCESS_RESTART_PING, - "initialization_completed": sig.EIP_CONNECTED + "network_unreachable": sig.eip_network_unreachable, + "process_restart_tls": sig.eip_process_restart_tls, + "process_restart_ping": sig.eip_process_restart_ping, + "initialization_completed": sig.eip_connected } return signals.get(event.lower()) @@ -255,6 +255,9 @@ class VPN(object): """ Tear the firewall down using the privileged wrapper. """ + if IS_MAC: + # We don't support Mac so far + return True BM_ROOT = force_eval(linuxvpnlauncher.LinuxVPNLauncher.BITMASK_ROOT) exitCode = subprocess.call(["pkexec", BM_ROOT, "firewall", "stop"]) @@ -594,7 +597,7 @@ class VPNManager(object): state = status_step if state != self._last_state: - self._signaler.signal(self._signaler.EIP_STATE_CHANGED, state) + self._signaler.signal(self._signaler.eip_state_changed, state) self._last_state = state def _parse_status_and_notify(self, output): @@ -632,7 +635,7 @@ class VPNManager(object): status = (tun_tap_read, tun_tap_write) if status != self._last_status: - self._signaler.signal(self._signaler.EIP_STATUS_CHANGED, status) + self._signaler.signal(self._signaler.eip_status_changed, status) self._last_status = status def get_state(self): @@ -814,7 +817,7 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager): leap_assert_type(eipconfig, EIPConfig) leap_assert_type(providerconfig, ProviderConfig) - #leap_assert(not self.isRunning(), "Starting process more than once!") + # leap_assert(not self.isRunning(), "Starting process more than once!") self._eipconfig = eipconfig self._providerconfig = providerconfig @@ -869,7 +872,7 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager): if isinstance(exit_code, int): logger.debug("processExited, status %d" % (exit_code,)) self._signaler.signal( - self._signaler.EIP_PROCESS_FINISHED, exit_code) + self._signaler.eip_process_finished, exit_code) self._alive = False def processEnded(self, reason): |