diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/leap/crypto/tests/test_srpauth.py | 6 | ||||
-rw-r--r-- | src/leap/platform_init/initializers.py | 21 | ||||
-rw-r--r-- | src/leap/services/eip/vpnlaunchers.py | 41 |
3 files changed, 48 insertions, 20 deletions
diff --git a/src/leap/crypto/tests/test_srpauth.py b/src/leap/crypto/tests/test_srpauth.py index e84a6b37..e3258fd3 100644 --- a/src/leap/crypto/tests/test_srpauth.py +++ b/src/leap/crypto/tests/test_srpauth.py @@ -401,9 +401,9 @@ class SRPAuthTestCase(unittest.TestCase): content.side_effect = JSONDecodeError("", "", 0) with self.assertRaises(srpauth.SRPAuthJSONDecodeError): - self.auth_backend._process_challenge( - salt_B, - username=self.TEST_USER) + self.auth_backend._process_challenge( + salt_B, + username=self.TEST_USER) d.addCallback(partial(threads.deferToThread, wrapper)) diff --git a/src/leap/platform_init/initializers.py b/src/leap/platform_init/initializers.py index 5345f11a..d22d7143 100644 --- a/src/leap/platform_init/initializers.py +++ b/src/leap/platform_init/initializers.py @@ -243,12 +243,9 @@ def _darwin_install_missing_scripts(badexec, notfound): "openvpn") launcher = vpnlaunchers.DarwinVPNLauncher - # TODO should change osascript by use of the proper - # os authorization api. if os.path.isdir(installer_path): fd, tempscript = tempfile.mkstemp(prefix="leap_installer-") try: - cmd = launcher.OSASCRIPT_BIN scriptlines = launcher.cmd_for_missing_scripts(installer_path) with os.fdopen(fd, 'w') as f: f.write(scriptlines) @@ -256,8 +253,9 @@ def _darwin_install_missing_scripts(badexec, notfound): os.chmod(tempscript, st.st_mode | stat.S_IEXEC | stat.S_IXUSR | stat.S_IXGRP | stat.S_IXOTH) - osascript = launcher.OSX_ASADMIN % ("/bin/sh %s" % (tempscript,),) - cmdline = ["%s -e '%s'" % (cmd, osascript)] + cmd, args = launcher().get_cocoasudo_installmissing_cmd() + args.append(tempscript) + cmdline = " ".join([cmd] + args) ret = subprocess.call( cmdline, stdout=subprocess.PIPE, shell=True) @@ -307,13 +305,14 @@ def DarwinInitializer(): ret = msg.exec_() if ret == QtGui.QMessageBox.Yes: - installer_path = os.path.join( - os.getcwd(), - "..", - "Resources", - "tuntap-installer.app") + installer_path = os.path.abspath( + os.path.join( + os.getcwd(), + "..", + "Resources", + "tuntap-installer.app")) if os.path.isdir(installer_path): - cmd = ["open %s" % (installer_path,)] + cmd = ["open '%s'" % (installer_path,)] try: ret = subprocess.call( cmd, stdout=subprocess.PIPE, diff --git a/src/leap/services/eip/vpnlaunchers.py b/src/leap/services/eip/vpnlaunchers.py index 3cee9bbb..a1f7e4cf 100644 --- a/src/leap/services/eip/vpnlaunchers.py +++ b/src/leap/services/eip/vpnlaunchers.py @@ -465,19 +465,26 @@ class DarwinVPNLauncher(VPNLauncher): """ COCOASUDO = "cocoasudo" - # XXX need magic translate for this string + # XXX need the good old magic translate for these strings + # (look for magic in 0.2.0 release) SUDO_MSG = ("LEAP needs administrative privileges to run " "Encrypted Internet.") + INSTALL_MSG = ("\"LEAP needs administrative privileges to install " + "missing scripts and fix permissions.\"") - INSTALL_PATH = "/Applications/LEAP\ Client.app" + INSTALL_PATH = "/Applications/LEAP Client.app" + INSTALL_PATH_ESCAPED = "/Applications/LEAP\ Client.app" OPENVPN_BIN = 'openvpn.leap' OPENVPN_PATH = "%s/Contents/Resources/openvpn" % (INSTALL_PATH,) + OPENVPN_PATH_ESCAPED = "%s/Contents/Resources/openvpn" % ( + INSTALL_PATH_ESCAPED,) UP_SCRIPT = "%s/client.up.sh" % (OPENVPN_PATH,) DOWN_SCRIPT = "%s/client.down.sh" % (OPENVPN_PATH,) OPENVPN_DOWN_PLUGIN = '%s/openvpn-down-root.so' % (OPENVPN_PATH,) UPDOWN_FILES = (UP_SCRIPT, DOWN_SCRIPT, OPENVPN_DOWN_PLUGIN) + OTHER_FILES = [] @classmethod def cmd_for_missing_scripts(kls, frompath): @@ -485,11 +492,12 @@ class DarwinVPNLauncher(VPNLauncher): Returns a command that can copy the missing scripts. :rtype: str """ - to = kls.OPENVPN_PATH - cmd = "#!/bin/sh\nmkdir -p %s\ncp \"%s/\"* %s" % (to, frompath, to) + to = kls.OPENVPN_PATH_ESCAPED + cmd = "#!/bin/sh\nmkdir -p %s\ncp \"%s/\"* %s\nchmod 744 %s/*" % ( + to, frompath, to, to) return cmd - def get_cocoasudo_cmd(self): + def get_cocoasudo_ovpn_cmd(self): """ Returns a string with the cocoasudo command needed to run openvpn as admin with a nice password prompt. The actual command needs to be @@ -506,6 +514,23 @@ class DarwinVPNLauncher(VPNLauncher): return self.COCOASUDO, args + def get_cocoasudo_installmissing_cmd(self): + """ + Returns a string with the cocoasudo command needed to install missing + files as admin with a nice password prompt. The actual command needs to be + appended. + + :rtype: (str, list) + """ + iconpath = os.path.abspath(os.path.join( + os.getcwd(), + "../../../Resources/leap-client.tiff")) + has_icon = os.path.isfile(iconpath) + args = ["--icon=%s" % iconpath] if has_icon else [] + args.append("--prompt=%s" % (self.INSTALL_MSG,)) + + return self.COCOASUDO, args + def get_vpn_command(self, eipconfig=None, providerconfig=None, socket_host=None, socket_port="unix"): """ @@ -619,7 +644,7 @@ class DarwinVPNLauncher(VPNLauncher): '--ca', providerconfig.get_ca_cert_path() ] - command, cargs = self.get_cocoasudo_cmd() + command, cargs = self.get_cocoasudo_ovpn_cmd() cmd_args = cargs + args logger.debug("Running VPN with command:") @@ -710,6 +735,10 @@ class WindowsVPNLauncher(VPNLauncher): '--persist-tun', '--persist-key', '--tls-client', + # We make it log to a file because we cannot attach to the + # openvpn process' stdout since it's a process with more + # privileges than we are + '--log-append', 'eip.log', '--remote-cert-tls', 'server' ] |