From 00b8cbaa31d48326b36928228269ac14276fd5ee Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Thu, 19 Feb 2015 14:12:15 -0300
Subject: Fall back to plain ZMQ if Curve is not available.

Use global flag for ZMQ_HAS_CURVE.
Closes #6646
---
 src/leap/bitmask/backend/signaler.py | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

(limited to 'src/leap/bitmask/backend/signaler.py')

diff --git a/src/leap/bitmask/backend/signaler.py b/src/leap/bitmask/backend/signaler.py
index 43cba994..a8498d11 100644
--- a/src/leap/bitmask/backend/signaler.py
+++ b/src/leap/bitmask/backend/signaler.py
@@ -26,6 +26,7 @@ import zmq
 
 from leap.bitmask.backend.api import SIGNALS
 from leap.bitmask.backend.utils import get_frontend_certificates
+from leap.bitmask.config import flags
 
 import logging
 logger = logging.getLogger(__name__)
@@ -49,15 +50,16 @@ class Signaler(object):
         logger.debug("Connecting to signaling server...")
         socket = context.socket(zmq.REQ)
 
-        # public, secret = zmq.curve_keypair()
-        client_keys = zmq.curve_keypair()
-        socket.curve_publickey = client_keys[0]
-        socket.curve_secretkey = client_keys[1]
+        if flags.ZMQ_HAS_CURVE:
+            # public, secret = zmq.curve_keypair()
+            client_keys = zmq.curve_keypair()
+            socket.curve_publickey = client_keys[0]
+            socket.curve_secretkey = client_keys[1]
 
-        # The client must know the server's public key to make a CURVE
-        # connection.
-        public, _ = get_frontend_certificates()
-        socket.curve_serverkey = public
+            # The client must know the server's public key to make a CURVE
+            # connection.
+            public, _ = get_frontend_certificates()
+            socket.curve_serverkey = public
 
         socket.setsockopt(zmq.RCVTIMEO, 1000)
         socket.setsockopt(zmq.LINGER, 0)  # Terminate early
-- 
cgit v1.2.3


From e3ddc783ca9fb21105845d275a4b38ad6b2cd3e2 Mon Sep 17 00:00:00 2001
From: Kali Kaneko <kali@leap.se>
Date: Mon, 23 Feb 2015 11:54:16 -0400
Subject: Use unix sockets for the fallback, and set permissions

... on them, to user-writeable only.

I think we could consider ipc for the curve-case too, at least for the
platforms that support them.
---
 src/leap/bitmask/backend/signaler.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/leap/bitmask/backend/signaler.py')

diff --git a/src/leap/bitmask/backend/signaler.py b/src/leap/bitmask/backend/signaler.py
index a8498d11..aec2f606 100644
--- a/src/leap/bitmask/backend/signaler.py
+++ b/src/leap/bitmask/backend/signaler.py
@@ -37,8 +37,11 @@ class Signaler(object):
     Signaler client.
     Receives signals from the backend and sends to the signaling server.
     """
-    PORT = "5667"
-    SERVER = "tcp://localhost:%s" % PORT
+    if flags.ZMQ_HAS_CURVE:
+        PORT = "5667"
+        SERVER = "tcp://localhost:%s" % PORT
+    else:
+        SERVER = "ipc:///tmp/bitmask.socket.1"
     POLL_TIMEOUT = 2000  # ms
     POLL_TRIES = 500
 
-- 
cgit v1.2.3