From f292d910ae8bf98448dd02cd26e9e4f2ed8f6339 Mon Sep 17 00:00:00 2001 From: Kali Kaneko Date: Mon, 21 Sep 2015 15:51:34 -0400 Subject: [bug] add compatibility mode for platform < 0.8 there was a bug in plaform that made webapp not serve correctly the smtp certificates. with this fallback, we try to support platforms < 0.8, although we should deprecate this behavior in bitmask 0.10 --- src/leap/bitmask/services/mail/smtpbootstrapper.py | 25 +++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/src/leap/bitmask/services/mail/smtpbootstrapper.py b/src/leap/bitmask/services/mail/smtpbootstrapper.py index a1b520ef..a577509e 100644 --- a/src/leap/bitmask/services/mail/smtpbootstrapper.py +++ b/src/leap/bitmask/services/mail/smtpbootstrapper.py @@ -18,6 +18,9 @@ SMTP bootstrapping """ import os +import warnings + +from requests.exceptions import HTTPError from leap.bitmask.config.providerconfig import ProviderConfig from leap.bitmask.crypto.certs import download_client_cert @@ -99,9 +102,25 @@ class SMTPBootstrapper(AbstractBootstrapper): check_and_fix_urw_only(client_cert_path) return - download_client_cert(self._provider_config, - client_cert_path, - self._session, kind="smtp") + try: + download_client_cert(self._provider_config, + client_cert_path, + self._session, kind="smtp") + except HTTPError as exc: + if exc.message.startswith('403 Client Error'): + logger.debug( + 'Auth problem downloading smtp certificate... ' + 'It might be a provider problem, will try ' + 'fetching from vpn pool') + warnings.warn( + 'Compatibility hack for platform 0.7 not fully ' + 'supporting smtp certificates. Will be deprecated in ' + 'bitmask 0.10') + download_client_cert(self._provider_config, + client_cert_path, + self._session, kind="vpn") + else: + raise def _start_smtp_service(self): """ -- cgit v1.2.3