summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/leap/crypto/tests/test_srpauth.py6
-rw-r--r--src/leap/platform_init/initializers.py21
-rw-r--r--src/leap/services/eip/vpnlaunchers.py41
3 files changed, 48 insertions, 20 deletions
diff --git a/src/leap/crypto/tests/test_srpauth.py b/src/leap/crypto/tests/test_srpauth.py
index e84a6b37..e3258fd3 100644
--- a/src/leap/crypto/tests/test_srpauth.py
+++ b/src/leap/crypto/tests/test_srpauth.py
@@ -401,9 +401,9 @@ class SRPAuthTestCase(unittest.TestCase):
content.side_effect = JSONDecodeError("", "", 0)
with self.assertRaises(srpauth.SRPAuthJSONDecodeError):
- self.auth_backend._process_challenge(
- salt_B,
- username=self.TEST_USER)
+ self.auth_backend._process_challenge(
+ salt_B,
+ username=self.TEST_USER)
d.addCallback(partial(threads.deferToThread, wrapper))
diff --git a/src/leap/platform_init/initializers.py b/src/leap/platform_init/initializers.py
index 5345f11a..d22d7143 100644
--- a/src/leap/platform_init/initializers.py
+++ b/src/leap/platform_init/initializers.py
@@ -243,12 +243,9 @@ def _darwin_install_missing_scripts(badexec, notfound):
"openvpn")
launcher = vpnlaunchers.DarwinVPNLauncher
- # TODO should change osascript by use of the proper
- # os authorization api.
if os.path.isdir(installer_path):
fd, tempscript = tempfile.mkstemp(prefix="leap_installer-")
try:
- cmd = launcher.OSASCRIPT_BIN
scriptlines = launcher.cmd_for_missing_scripts(installer_path)
with os.fdopen(fd, 'w') as f:
f.write(scriptlines)
@@ -256,8 +253,9 @@ def _darwin_install_missing_scripts(badexec, notfound):
os.chmod(tempscript, st.st_mode | stat.S_IEXEC | stat.S_IXUSR |
stat.S_IXGRP | stat.S_IXOTH)
- osascript = launcher.OSX_ASADMIN % ("/bin/sh %s" % (tempscript,),)
- cmdline = ["%s -e '%s'" % (cmd, osascript)]
+ cmd, args = launcher().get_cocoasudo_installmissing_cmd()
+ args.append(tempscript)
+ cmdline = " ".join([cmd] + args)
ret = subprocess.call(
cmdline, stdout=subprocess.PIPE,
shell=True)
@@ -307,13 +305,14 @@ def DarwinInitializer():
ret = msg.exec_()
if ret == QtGui.QMessageBox.Yes:
- installer_path = os.path.join(
- os.getcwd(),
- "..",
- "Resources",
- "tuntap-installer.app")
+ installer_path = os.path.abspath(
+ os.path.join(
+ os.getcwd(),
+ "..",
+ "Resources",
+ "tuntap-installer.app"))
if os.path.isdir(installer_path):
- cmd = ["open %s" % (installer_path,)]
+ cmd = ["open '%s'" % (installer_path,)]
try:
ret = subprocess.call(
cmd, stdout=subprocess.PIPE,
diff --git a/src/leap/services/eip/vpnlaunchers.py b/src/leap/services/eip/vpnlaunchers.py
index 3cee9bbb..a1f7e4cf 100644
--- a/src/leap/services/eip/vpnlaunchers.py
+++ b/src/leap/services/eip/vpnlaunchers.py
@@ -465,19 +465,26 @@ class DarwinVPNLauncher(VPNLauncher):
"""
COCOASUDO = "cocoasudo"
- # XXX need magic translate for this string
+ # XXX need the good old magic translate for these strings
+ # (look for magic in 0.2.0 release)
SUDO_MSG = ("LEAP needs administrative privileges to run "
"Encrypted Internet.")
+ INSTALL_MSG = ("\"LEAP needs administrative privileges to install "
+ "missing scripts and fix permissions.\"")
- INSTALL_PATH = "/Applications/LEAP\ Client.app"
+ INSTALL_PATH = "/Applications/LEAP Client.app"
+ INSTALL_PATH_ESCAPED = "/Applications/LEAP\ Client.app"
OPENVPN_BIN = 'openvpn.leap'
OPENVPN_PATH = "%s/Contents/Resources/openvpn" % (INSTALL_PATH,)
+ OPENVPN_PATH_ESCAPED = "%s/Contents/Resources/openvpn" % (
+ INSTALL_PATH_ESCAPED,)
UP_SCRIPT = "%s/client.up.sh" % (OPENVPN_PATH,)
DOWN_SCRIPT = "%s/client.down.sh" % (OPENVPN_PATH,)
OPENVPN_DOWN_PLUGIN = '%s/openvpn-down-root.so' % (OPENVPN_PATH,)
UPDOWN_FILES = (UP_SCRIPT, DOWN_SCRIPT, OPENVPN_DOWN_PLUGIN)
+ OTHER_FILES = []
@classmethod
def cmd_for_missing_scripts(kls, frompath):
@@ -485,11 +492,12 @@ class DarwinVPNLauncher(VPNLauncher):
Returns a command that can copy the missing scripts.
:rtype: str
"""
- to = kls.OPENVPN_PATH
- cmd = "#!/bin/sh\nmkdir -p %s\ncp \"%s/\"* %s" % (to, frompath, to)
+ to = kls.OPENVPN_PATH_ESCAPED
+ cmd = "#!/bin/sh\nmkdir -p %s\ncp \"%s/\"* %s\nchmod 744 %s/*" % (
+ to, frompath, to, to)
return cmd
- def get_cocoasudo_cmd(self):
+ def get_cocoasudo_ovpn_cmd(self):
"""
Returns a string with the cocoasudo command needed to run openvpn
as admin with a nice password prompt. The actual command needs to be
@@ -506,6 +514,23 @@ class DarwinVPNLauncher(VPNLauncher):
return self.COCOASUDO, args
+ def get_cocoasudo_installmissing_cmd(self):
+ """
+ Returns a string with the cocoasudo command needed to install missing
+ files as admin with a nice password prompt. The actual command needs to be
+ appended.
+
+ :rtype: (str, list)
+ """
+ iconpath = os.path.abspath(os.path.join(
+ os.getcwd(),
+ "../../../Resources/leap-client.tiff"))
+ has_icon = os.path.isfile(iconpath)
+ args = ["--icon=%s" % iconpath] if has_icon else []
+ args.append("--prompt=%s" % (self.INSTALL_MSG,))
+
+ return self.COCOASUDO, args
+
def get_vpn_command(self, eipconfig=None, providerconfig=None,
socket_host=None, socket_port="unix"):
"""
@@ -619,7 +644,7 @@ class DarwinVPNLauncher(VPNLauncher):
'--ca', providerconfig.get_ca_cert_path()
]
- command, cargs = self.get_cocoasudo_cmd()
+ command, cargs = self.get_cocoasudo_ovpn_cmd()
cmd_args = cargs + args
logger.debug("Running VPN with command:")
@@ -710,6 +735,10 @@ class WindowsVPNLauncher(VPNLauncher):
'--persist-tun',
'--persist-key',
'--tls-client',
+ # We make it log to a file because we cannot attach to the
+ # openvpn process' stdout since it's a process with more
+ # privileges than we are
+ '--log-append', 'eip.log',
'--remote-cert-tls',
'server'
]