diff options
Diffstat (limited to 'src/leap/gui/firstrun/providersetup.py')
| -rw-r--r-- | src/leap/gui/firstrun/providersetup.py | 158 |
1 files changed, 78 insertions, 80 deletions
diff --git a/src/leap/gui/firstrun/providersetup.py b/src/leap/gui/firstrun/providersetup.py index 042d117c..7904538d 100644 --- a/src/leap/gui/firstrun/providersetup.py +++ b/src/leap/gui/firstrun/providersetup.py @@ -6,10 +6,10 @@ import logging from PyQt4 import QtGui -from leap.base import auth +from leap.base import exceptions as baseexceptions from leap.gui.progress import ValidationPage -from leap.gui.constants import APP_LOGO, pause_for_user +from leap.gui.constants import APP_LOGO logger = logging.getLogger(__name__) @@ -20,18 +20,21 @@ class ProviderSetupValidationPage(ValidationPage): is_signup = self.field("is_signup") self.is_signup = is_signup - self.setTitle("Provider setup") + self.setTitle(self.tr("Provider setup")) self.setSubTitle( - "Doing autoconfig.") + self.tr("Doing autoconfig.")) self.setPixmap( QtGui.QWizard.LogoPixmap, QtGui.QPixmap(APP_LOGO)) - def _do_checks(self, update_signal=None): + def _do_checks(self): """ - executes actual checks in a separate thread + generator that yields actual checks + that are executed in a separate thread """ + curpage = "providersetupvalidation" + full_domain = self.field('provider_domain') wizard = self.wizard() pconfig = wizard.providerconfig @@ -41,68 +44,56 @@ class ProviderSetupValidationPage(ValidationPage): pCertChecker = wizard.providercertchecker( domain=full_domain) - update_signal.emit('head_sentinel', 0) - - ###################################### - if not self.is_signup: - # We come from login page. - # We try a call to an authenticated - # page here as a mean to catch - # srp authentication errors while - # we are still at one page's reach - # of the login credentials input page. - # (so we're able to go back an correct) + def fail(): + self.is_done = False + return False - step = "fetch_eipcert" - update_signal.emit('Validating credentials', 20) + yield(("head_sentinel", 0), lambda: None) - unamek = 'login_userName' - passwk = 'login_userPassword' + ######################## + # 1) fetch ca cert + ######################## - username = self.field(unamek) - password = self.field(passwk) - credentials = username, password - - ################# - # FIXME #BUG #638 - verify = False + def fetchcacert(): + if pconfig: + ca_cert_uri = pconfig.get('ca_cert_uri').geturl() + else: + ca_cert_uri = None + # XXX check scheme == "https" + # XXX passing verify == False because + # we have trusted right before. + # We should check it's the same domain!!! + # (Check with the trusted fingerprints dict + # or something smart) try: - pCertChecker.download_new_client_cert( - credentials=credentials, - verify=verify) + pCertChecker.download_ca_cert( + uri=ca_cert_uri, + verify=False) - except auth.SRPAuthenticationError as exc: - self.set_error( - step, - "Authentication error: %s" % exc.message) - return False + except baseexceptions.LeapException as exc: + logger.error(exc.message) + wizard.set_validation_error( + curpage, exc.usermessage) + return fail() - #pause_for_user() + except Exception as exc: + wizard.set_validation_error( + curpage, exc.message) + return fail() - ####################################### + else: + return True - update_signal.emit('Fetching CA certificate', 30) - #pause_for_user() + yield(('Fetching CA certificate', 30), fetchcacert) - if pconfig: - ca_cert_uri = pconfig.get('ca_cert_uri').geturl() - else: - ca_cert_uri = None + ######################### + # 2) check CA fingerprint + ######################### - # XXX check scheme == "https" - # XXX passing verify == False because - # we have trusted right before. - # We should check it's the same domain!!! - # (Check with the trusted fingerprints dict - # or something smart) - - pCertChecker.download_ca_cert( - uri=ca_cert_uri, - verify=False) - #pause_for_user() - - update_signal.emit('Checking CA fingerprint', 66) + def checkcafingerprint(): + # XXX get the real thing!!! + pass #ca_cert_fingerprint = pconfig.get('ca_cert_fingerprint', None) # XXX get fingerprint dict (types) @@ -115,33 +106,40 @@ class ProviderSetupValidationPage(ValidationPage): # should catch exception #return False - update_signal.emit('Validating api certificate', 90) - - #api_uri = pconfig.get('api_uri', None) - #try: - #api_cert_verified = pCertChecker.verify_api_https(api_uri) - #except requests.exceptions.SSLError as exc: - #logger.error('BUG #638. %s' % exc.message) - # XXX RAISE! See #638 - # bypassing until the hostname is fixed. - # We probably should raise yet-another-warning - # here saying user that the hostname "XX.XX.XX.XX' does not - # match 'foo.bar.baz' - #api_cert_verified = True - - #if not api_cert_verified: - # XXX update validationMsg - # should catch exception - #return False + yield((self.tr("Checking CA fingerprint"), 60), checkcafingerprint) + + ######################### + # 2) check CA fingerprint + ######################### + + def validatecacert(): + pass + #api_uri = pconfig.get('api_uri', None) + #try: + #api_cert_verified = pCertChecker.verify_api_https(api_uri) + #except requests.exceptions.SSLError as exc: + #logger.error('BUG #638. %s' % exc.message) + # XXX RAISE! See #638 + # bypassing until the hostname is fixed. + # We probably should raise yet-another-warning + # here saying user that the hostname "XX.XX.XX.XX' does not + # match 'foo.bar.baz' + #api_cert_verified = True + + #if not api_cert_verified: + # XXX update validationMsg + # should catch exception + #return False + + #??? + #ca_cert_path = checker.ca_cert_path - #pause_for_user() - #ca_cert_path = checker.ca_cert_path + yield((self.tr('Validating api certificate'), 90), validatecacert) self.set_done() - update_signal.emit('end_sentinel', 100) - #pause_for_user() + yield(('end_sentinel', 100), lambda: None) - def _do_validation(self): + def on_checks_validation_ready(self): """ called after _do_checks has finished (connected to checker thread finished signal) |