summaryrefslogtreecommitdiff
path: root/src/leap/bitmask
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/bitmask')
-rw-r--r--src/leap/bitmask/crypto/srpauth.py60
-rw-r--r--src/leap/bitmask/gui/mainwindow.py24
2 files changed, 45 insertions, 39 deletions
diff --git a/src/leap/bitmask/crypto/srpauth.py b/src/leap/bitmask/crypto/srpauth.py
index b46f0ea6..179520d5 100644
--- a/src/leap/bitmask/crypto/srpauth.py
+++ b/src/leap/bitmask/crypto/srpauth.py
@@ -171,9 +171,6 @@ class SRPAuth(QtCore.QObject):
self._srp_user = None
self._srp_a = None
- # Error msg displayed if the username or the password is invalid
- self._WRONG_USER_PASS = self.tr("Invalid username or password.")
-
# User credentials stored for password changing checks
self._username = None
self._password = None
@@ -267,14 +264,11 @@ class SRPAuth(QtCore.QObject):
# Clean up A value, we don't need it anymore
self._srp_a = None
except requests.exceptions.ConnectionError as e:
- logger.error("No connection made (salt): %r" %
- (e,))
- raise SRPAuthConnectionError("Could not establish a "
- "connection")
+ logger.error("No connection made (salt): {0!r}".format(e))
+ raise SRPAuthConnectionError()
except Exception as e:
logger.error("Unknown error: %r" % (e,))
- raise SRPAuthenticationError("Unknown error: %r" %
- (e,))
+ raise SRPAuthenticationError()
content, mtime = reqhelper.get_content(init_session)
@@ -283,23 +277,22 @@ class SRPAuth(QtCore.QObject):
"Status code = %r. Content: %r" %
(init_session.status_code, content))
if init_session.status_code == 422:
- raise SRPAuthBadUserOrPassword(self._WRONG_USER_PASS)
+ logger.error("Invalid username or password.")
+ raise SRPAuthBadUserOrPassword()
- raise SRPAuthBadStatusCode(self.tr("There was a problem with"
- " authentication"))
+ logger.error("There was a problem with authentication.")
+ raise SRPAuthBadStatusCode()
json_content = json.loads(content)
salt = json_content.get("salt", None)
B = json_content.get("B", None)
if salt is None:
- logger.error("No salt parameter sent")
- raise SRPAuthNoSalt(self.tr("The server did not send "
- "the salt parameter"))
+ logger.error("The server didn't send the salt parameter.")
+ raise SRPAuthNoSalt()
if B is None:
- logger.error("No B parameter sent")
- raise SRPAuthNoB(self.tr("The server did not send "
- "the B parameter"))
+ logger.error("The server didn't send the B parameter.")
+ raise SRPAuthNoB()
return salt, B
@@ -330,8 +323,7 @@ class SRPAuth(QtCore.QObject):
unhex_B = self._safe_unhexlify(B)
except (TypeError, ValueError) as e:
logger.error("Bad data from server: %r" % (e,))
- raise SRPAuthBadDataFromServer(
- self.tr("The data sent from the server had errors"))
+ raise SRPAuthBadDataFromServer()
M = self._srp_user.process_challenge(unhex_salt, unhex_B)
auth_url = "%s/%s/%s/%s" % (self._provider_config.get_api_uri(),
@@ -352,13 +344,13 @@ class SRPAuth(QtCore.QObject):
timeout=REQUEST_TIMEOUT)
except requests.exceptions.ConnectionError as e:
logger.error("No connection made (HAMK): %r" % (e,))
- raise SRPAuthConnectionError(self.tr("Could not connect to "
- "the server"))
+ raise SRPAuthConnectionError()
try:
content, mtime = reqhelper.get_content(auth_result)
except JSONDecodeError:
- raise SRPAuthJSONDecodeError("Bad JSON content in auth result")
+ logger.error("Bad JSON content in auth result.")
+ raise SRPAuthJSONDecodeError()
if auth_result.status_code == 422:
error = ""
@@ -372,14 +364,13 @@ class SRPAuth(QtCore.QObject):
"received: %s", (content,))
logger.error("[%s] Wrong password (HAMK): [%s]" %
(auth_result.status_code, error))
- raise SRPAuthBadUserOrPassword(self._WRONG_USER_PASS)
+ raise SRPAuthBadUserOrPassword()
if auth_result.status_code not in (200,):
logger.error("No valid response (HAMK): "
"Status code = %s. Content = %r" %
(auth_result.status_code, content))
- raise SRPAuthBadStatusCode(self.tr("Unknown error (%s)") %
- (auth_result.status_code,))
+ raise SRPAuthBadStatusCode()
return json.loads(content)
@@ -400,8 +391,7 @@ class SRPAuth(QtCore.QObject):
token = json_content.get("token", None)
except Exception as e:
logger.error(e)
- raise SRPAuthBadDataFromServer("Something went wrong with the "
- "login")
+ raise SRPAuthBadDataFromServer()
self.set_uuid(uuid)
self.set_token(token)
@@ -409,8 +399,7 @@ class SRPAuth(QtCore.QObject):
if M2 is None or self.get_uuid() is None:
logger.error("Something went wrong. Content = %r" %
(json_content,))
- raise SRPAuthBadDataFromServer(self.tr("Problem getting data "
- "from server"))
+ raise SRPAuthBadDataFromServer()
events_signal(
proto.CLIENT_UID, content=uuid,
@@ -436,22 +425,19 @@ class SRPAuth(QtCore.QObject):
unhex_M2 = self._safe_unhexlify(M2)
except TypeError:
logger.error("Bad data from server (HAWK)")
- raise SRPAuthBadDataFromServer(self.tr("Bad data from server"))
+ raise SRPAuthBadDataFromServer()
self._srp_user.verify_session(unhex_M2)
if not self._srp_user.authenticated():
- logger.error("Auth verification failed")
- raise SRPAuthVerificationFailed(self.tr("Auth verification "
- "failed"))
+ logger.error("Auth verification failed.")
+ raise SRPAuthVerificationFailed()
logger.debug("Session verified.")
session_id = self._session.cookies.get(self.SESSION_ID_KEY, None)
if not session_id:
logger.error("Bad cookie from server (missing _session_id)")
- raise SRPAuthNoSessionId(self.tr("Session cookie "
- "verification "
- "failed"))
+ raise SRPAuthNoSessionId()
events_signal(
proto.CLIENT_SESSION_ID, content=session_id,
diff --git a/src/leap/bitmask/gui/mainwindow.py b/src/leap/bitmask/gui/mainwindow.py
index 004d135b..949dcb03 100644
--- a/src/leap/bitmask/gui/mainwindow.py
+++ b/src/leap/bitmask/gui/mainwindow.py
@@ -32,7 +32,10 @@ from leap.bitmask import __version_hash__ as VERSION_HASH
from leap.bitmask.config import flags
from leap.bitmask.config.leapsettings import LeapSettings
from leap.bitmask.config.providerconfig import ProviderConfig
+
+from leap.bitmask.crypto import srpauth
from leap.bitmask.crypto.srpauth import SRPAuth
+
from leap.bitmask.gui.loggerwindow import LoggerWindow
from leap.bitmask.gui.advanced_key_management import AdvancedKeyManagement
from leap.bitmask.gui.login import LoginWidget
@@ -1051,13 +1054,30 @@ class MainWindow(QtGui.QMainWindow):
# as we are doing with the prov_cancelled_setup signal.
# After we move srpauth to the backend, we need to update this.
logger.error("Error logging in, {0!r}".format(failure))
+
if failure.check(CancelledError):
logger.debug("Defer cancelled.")
failure.trap(Exception)
self._set_login_cancelled()
+ return
+ elif failure.check(srpauth.SRPAuthBadUserOrPassword):
+ msg = self.tr("Invalid username or password.")
+ elif failure.check(srpauth.SRPAuthBadStatusCode,
+ srpauth.SRPAuthenticationError,
+ srpauth.SRPAuthVerificationFailed,
+ srpauth.SRPAuthNoSessionId,
+ srpauth.SRPAuthNoSalt, srpauth.SRPAuthNoB,
+ srpauth.SRPAuthBadDataFromServer,
+ srpauth.SRPAuthJSONDecodeError):
+ msg = self.tr("There was a server problem with authentication.")
+ elif failure.check(srpauth.SRPAuthConnectionError):
+ msg = self.tr("Could not establish a connection.")
else:
- self._login_widget.set_status(str(failure.value))
- self._login_widget.set_enabled(True)
+ # this shouldn't happen, but just in case.
+ msg = self.tr("Unknown error: {0!r}".format(failure.value))
+
+ self._login_widget.set_status(msg)
+ self._login_widget.set_enabled(True)
def _cancel_login(self):
"""