From 6e197c1353c788109df07ee6d1242a5c2327e8f9 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 1 Aug 2012 09:58:08 +0900 Subject: fileutil.which implementation --- src/leap/eip/conductor.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index e3adadc4..3ce062aa 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -6,7 +6,7 @@ from __future__ import (division, unicode_literals, print_function) from functools import partial import logging -from leap.utils.coroutines import spawn_and_watch_process +from leap.util.coroutines import spawn_and_watch_process from leap.baseapp.config import get_config, get_vpn_stdout_mockup from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError -- cgit v1.2.3 From 23502b72f8cd8a9ec2fd28387f7788aeef54c2d1 Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 2 Aug 2012 02:21:45 +0900 Subject: create config file if not exist. also locate openvpn binary when building eip configparser defaults. implement half of feature #356 --- src/leap/eip/conductor.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index 3ce062aa..1d5e4b59 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -7,7 +7,8 @@ from functools import partial import logging from leap.util.coroutines import spawn_and_watch_process -from leap.baseapp.config import get_config, get_vpn_stdout_mockup + +from leap.eip.config import get_config, get_vpn_stdout_mockup from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError @@ -39,6 +40,10 @@ class UnrecoverableError(EIPClientError): """ we cannot do anything about it, sorry """ + # XXX we should catch this and raise + # to qtland, so we emit signal + # to translate whatever kind of error + # to user-friendly msg in dialog. pass @@ -78,7 +83,7 @@ to be triggered for each one of them. self.autostart = True - self._get_config() + self._get_or_create_config() def _set_command_mockup(self): """ @@ -88,16 +93,19 @@ to be triggered for each one of them. command, args = get_vpn_stdout_mockup() self.command, self.args = command, args - def _get_config(self): + def _get_or_create_config(self): """ retrieves the config options from defaults or home file, or config file passed in command line. """ config = get_config(config_file=self.config_file) self.config = config + import ipdb;ipdb.set_trace() if config.has_option('openvpn', 'command'): commandline = config.get('openvpn', 'command') + #XXX remove mockup from here. + #it was just for testing early. if commandline == "mockup": self._set_command_mockup() return -- cgit v1.2.3 From 65db011c13aa6bf03867cc0e579f191cbf611ef6 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 3 Aug 2012 06:44:17 +0900 Subject: fix icon change on disconnect --- src/leap/eip/conductor.py | 34 ++++++++++++---------------------- 1 file changed, 12 insertions(+), 22 deletions(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index 1d5e4b59..b1683e7d 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -98,32 +98,40 @@ to be triggered for each one of them. retrieves the config options from defaults or home file, or config file passed in command line. """ + #print('get or create config') config = get_config(config_file=self.config_file) self.config = config - import ipdb;ipdb.set_trace() if config.has_option('openvpn', 'command'): commandline = config.get('openvpn', 'command') + #XXX remove mockup from here. #it was just for testing early. if commandline == "mockup": self._set_command_mockup() return + command_split = commandline.split(' ') command = command_split[0] if len(command_split) > 1: args = command_split[1:] else: args = [] + + # XXX CALL BUILD COMMAND self.command = command - #print("debug: command = %s" % command) self.args = args else: self._set_command_mockup() if config.has_option('openvpn', 'autostart'): - autostart = config.get('openvpn', 'autostart') + autostart = config.getboolean('openvpn', 'autostart') + print('autostart = %s' % autostart) self.autostart = autostart + else: + if config.has_option('DEFAULT', 'autostart'): + autostart = config.getboolean('DEFAULT', 'autostart') + self.autostart = autostart def _launch_openvpn(self): """ @@ -194,7 +202,7 @@ class EIPConductor(OpenVPNConnection): """ self.manager.forget_errors() self._try_connection() - # XXX should capture errors? + # XXX should capture errors here? def disconnect(self): """ @@ -202,25 +210,7 @@ class EIPConductor(OpenVPNConnection): """ self._disconnect() self.status.change_to(self.status.DISCONNECTED) - pass - def shutdown(self): - """ - shutdown and quit - """ - self.desired_con_state = self.status.DISCONNECTED - - def connection_state(self): - """ - returns the current connection state - """ - return self.status.current - - def desired_connection_state(self): - """ - returns the desired_connection state - """ - return self.desired_con_state def poll_connection_state(self): """ -- cgit v1.2.3 From b9c9b5536f9d1648a196e741cdf4570f64c3fb11 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 3 Aug 2012 07:32:47 +0900 Subject: build default invocation command + options if not found in config file. fix #182 and #356 --- src/leap/eip/conductor.py | 26 +++++++------------------- 1 file changed, 7 insertions(+), 19 deletions(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index b1683e7d..bf7f0fb2 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -8,7 +8,7 @@ import logging from leap.util.coroutines import spawn_and_watch_process -from leap.eip.config import get_config, get_vpn_stdout_mockup +from leap.eip.config import get_config, build_ovpn_command from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError @@ -82,21 +82,13 @@ to be triggered for each one of them. self.proto = None self.autostart = True - self._get_or_create_config() - def _set_command_mockup(self): - """ - sets command and args for a command mockup - that just mimics the output from the real thing - """ - command, args = get_vpn_stdout_mockup() - self.command, self.args = command, args - def _get_or_create_config(self): """ retrieves the config options from defaults or home file, or config file passed in command line. + populates command and args to be passed to subprocess. """ #print('get or create config') config = get_config(config_file=self.config_file) @@ -105,12 +97,6 @@ to be triggered for each one of them. if config.has_option('openvpn', 'command'): commandline = config.get('openvpn', 'command') - #XXX remove mockup from here. - #it was just for testing early. - if commandline == "mockup": - self._set_command_mockup() - return - command_split = commandline.split(' ') command = command_split[0] if len(command_split) > 1: @@ -122,11 +108,14 @@ to be triggered for each one of them. self.command = command self.args = args else: - self._set_command_mockup() + # no command in config, we build it up. + # XXX check also for command-line --command flag + command, args = build_ovpn_command(config) + self.command = command + self.args = args if config.has_option('openvpn', 'autostart'): autostart = config.getboolean('openvpn', 'autostart') - print('autostart = %s' % autostart) self.autostart = autostart else: if config.has_option('DEFAULT', 'autostart'): @@ -211,7 +200,6 @@ class EIPConductor(OpenVPNConnection): self._disconnect() self.status.change_to(self.status.DISCONNECTED) - def poll_connection_state(self): """ """ -- cgit v1.2.3 From 81613b2ef70e5d73b7c34eb4b78ee63189b45ab6 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 3 Aug 2012 09:42:14 +0900 Subject: pkexec check --- src/leap/eip/conductor.py | 37 +++++++++++++++++++++++++++---------- 1 file changed, 27 insertions(+), 10 deletions(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index bf7f0fb2..2d6ad764 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -8,7 +8,9 @@ import logging from leap.util.coroutines import spawn_and_watch_process -from leap.eip.config import get_config, build_ovpn_command + +from leap.eip.config import (get_config, build_ovpn_command, + EIPNoPkexecAvailable) from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError @@ -17,6 +19,9 @@ logger = logging.getLogger(name=__name__) # TODO Move exceptions to their own module +class EIPNoCommandError(Exception): + pass + class ConnectionError(Exception): """ @@ -81,6 +86,10 @@ to be triggered for each one of them. self.port = None self.proto = None + self.missing_pkexec = False + self.command = None + self.args = None + self.autostart = True self._get_or_create_config() @@ -94,6 +103,14 @@ to be triggered for each one of them. config = get_config(config_file=self.config_file) self.config = config + if config.has_option('openvpn', 'autostart'): + autostart = config.getboolean('openvpn', 'autostart') + self.autostart = autostart + else: + if config.has_option('DEFAULT', 'autostart'): + autostart = config.getboolean('DEFAULT', 'autostart') + self.autostart = autostart + if config.has_option('openvpn', 'command'): commandline = config.get('openvpn', 'command') @@ -110,18 +127,16 @@ to be triggered for each one of them. else: # no command in config, we build it up. # XXX check also for command-line --command flag - command, args = build_ovpn_command(config) + try: + command, args = build_ovpn_command(config) + except EIPNoPkexecAvailable: + command = args = None + self.missing_pkexec = True + + # XXX if not command, signal error. self.command = command self.args = args - if config.has_option('openvpn', 'autostart'): - autostart = config.getboolean('openvpn', 'autostart') - self.autostart = autostart - else: - if config.has_option('DEFAULT', 'autostart'): - autostart = config.getboolean('DEFAULT', 'autostart') - self.autostart = autostart - def _launch_openvpn(self): """ invocation of openvpn binaries in a subprocess. @@ -152,6 +167,8 @@ to be triggered for each one of them. """ attempts to connect """ + if self.command is None: + raise EIPNoCommandError if self.subp is not None: print('cowardly refusing to launch subprocess again') return -- cgit v1.2.3 From 5c34052ef9261a47947e3e03616fe34b099b9fa4 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 3 Aug 2012 10:18:50 +0900 Subject: stub for daemon mode; disabled by now until #383 is fixed --- src/leap/eip/conductor.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index 2d6ad764..eeb7f8f8 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -59,7 +59,8 @@ class OpenVPNConnection(object): """ # Connection Methods - def __init__(self, config_file=None, watcher_cb=None): + def __init__(self, config_file=None, + watcher_cb=None, debug=False): #XXX FIXME #change watcher_cb to line_observer """ @@ -74,6 +75,8 @@ to be triggered for each one of them. """ # XXX get host/port from config self.manager = OpenVPNManager() + self.debug = debug + print('conductor:%s' % debug) self.config_file = config_file self.watcher_cb = watcher_cb @@ -99,7 +102,6 @@ to be triggered for each one of them. home file, or config file passed in command line. populates command and args to be passed to subprocess. """ - #print('get or create config') config = get_config(config_file=self.config_file) self.config = config @@ -128,7 +130,8 @@ to be triggered for each one of them. # no command in config, we build it up. # XXX check also for command-line --command flag try: - command, args = build_ovpn_command(config) + command, args = build_ovpn_command(config, + debug=self.debug) except EIPNoPkexecAvailable: command = args = None self.missing_pkexec = True -- cgit v1.2.3 From 0bb8cca027ab32a54f6792ab1b1368e2f1845368 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 3 Aug 2012 10:46:22 +0900 Subject: check also for a suitable polkit-authentication-agent running fix #382. --- src/leap/eip/conductor.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index eeb7f8f8..7b927143 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -10,7 +10,7 @@ from leap.util.coroutines import spawn_and_watch_process from leap.eip.config import (get_config, build_ovpn_command, - EIPNoPkexecAvailable) + EIPNoPkexecAvailable, EIPNoPolkitAuthAgentAvailable) from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError @@ -90,6 +90,7 @@ to be triggered for each one of them. self.proto = None self.missing_pkexec = False + self.missing_auth_agent = False self.command = None self.args = None @@ -132,6 +133,9 @@ to be triggered for each one of them. try: command, args = build_ovpn_command(config, debug=self.debug) + except EIPNoPolkitAuthAgentAvailable: + command = args = None + self.missing_auth_agent = True except EIPNoPkexecAvailable: command = args = None self.missing_pkexec = True -- cgit v1.2.3 From 36b0dfacca794e9cb899b5dde2dae3b8bbc6cc43 Mon Sep 17 00:00:00 2001 From: kali Date: Tue, 7 Aug 2012 04:14:06 +0900 Subject: build default provider openvpn config. preparation for completion of #356, #355, #354, #182 if no default openvpn config is present, we build one with a preset template and the remote_ip of the eip service as the only input. right now we're taking it from the eip.cfg file. --- src/leap/eip/conductor.py | 58 ++++++++++++++++++++++++++++++++++------------- 1 file changed, 42 insertions(+), 16 deletions(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index 7b927143..243f1fde 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -5,12 +5,15 @@ from __future__ import (division, unicode_literals, print_function) #import threading from functools import partial import logging +import os from leap.util.coroutines import spawn_and_watch_process from leap.eip.config import (get_config, build_ovpn_command, - EIPNoPkexecAvailable, EIPNoPolkitAuthAgentAvailable) + check_or_create_default_vpnconf, + EIPNoPkexecAvailable, + EIPNoPolkitAuthAgentAvailable) from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError @@ -51,6 +54,10 @@ class UnrecoverableError(EIPClientError): # to user-friendly msg in dialog. pass +# +# Openvpn related classes +# + class OpenVPNConnection(object): """ @@ -76,7 +83,7 @@ to be triggered for each one of them. # XXX get host/port from config self.manager = OpenVPNManager() self.debug = debug - print('conductor:%s' % debug) + #print('conductor:%s' % debug) self.config_file = config_file self.watcher_cb = watcher_cb @@ -97,23 +104,20 @@ to be triggered for each one of them. self.autostart = True self._get_or_create_config() - def _get_or_create_config(self): - """ - retrieves the config options from defaults or - home file, or config file passed in command line. - populates command and args to be passed to subprocess. - """ - config = get_config(config_file=self.config_file) - self.config = config - + def _set_autostart(self): + config = self.config if config.has_option('openvpn', 'autostart'): - autostart = config.getboolean('openvpn', 'autostart') + autostart = config.getboolean('openvpn', + 'autostart') self.autostart = autostart else: if config.has_option('DEFAULT', 'autostart'): - autostart = config.getboolean('DEFAULT', 'autostart') + autostart = config.getboolean('DEFAULT', + 'autostart') self.autostart = autostart + def _set_ovpn_command(self): + config = self.config if config.has_option('openvpn', 'command'): commandline = config.get('openvpn', 'command') @@ -124,7 +128,6 @@ to be triggered for each one of them. else: args = [] - # XXX CALL BUILD COMMAND self.command = command self.args = args else: @@ -144,6 +147,29 @@ to be triggered for each one of them. self.command = command self.args = args + def _check_ovpn_config(self): + """ + checks if there is a default openvpn config. + if not, it writes one with info from the provider + definition file + """ + # TODO + # - get --with-openvpn-config from opts + check_or_create_default_vpnconf(self.config) + + def _get_or_create_config(self): + """ + retrieves the config options from defaults or + home file, or config file passed in command line. + populates command and args to be passed to subprocess. + """ + config = get_config(config_file=self.config_file) + self.config = config + + self._set_autostart() + self._set_ovpn_command() + self._check_ovpn_config() + def _launch_openvpn(self): """ invocation of openvpn binaries in a subprocess. @@ -167,8 +193,8 @@ to be triggered for each one of them. self.subp = subp self.watcher = watcher - conn_result = self.status.CONNECTED - return conn_result + #conn_result = self.status.CONNECTED + #return conn_result def _try_connection(self): """ -- cgit v1.2.3 From 530e10214a6f018909714b288d997df13ab4f9df Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 8 Aug 2012 06:53:10 +0900 Subject: check for bad permissions on vpn key files --- src/leap/eip/conductor.py | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index 243f1fde..3f40f068 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -5,15 +5,16 @@ from __future__ import (division, unicode_literals, print_function) #import threading from functools import partial import logging -import os from leap.util.coroutines import spawn_and_watch_process - +# XXX import eip.config as eipconfig from leap.eip.config import (get_config, build_ovpn_command, check_or_create_default_vpnconf, + check_vpn_keys, EIPNoPkexecAvailable, - EIPNoPolkitAuthAgentAvailable) + EIPNoPolkitAuthAgentAvailable, + EIPInitBadKeyFilePermError) from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError @@ -21,6 +22,7 @@ logger = logging.getLogger(name=__name__) # TODO Move exceptions to their own module +# eip.exceptions class EIPNoCommandError(Exception): pass @@ -98,11 +100,14 @@ to be triggered for each one of them. self.missing_pkexec = False self.missing_auth_agent = False + self.bad_keyfile_perms = False + self.command = None self.args = None self.autostart = True self._get_or_create_config() + self._check_vpn_keys() def _set_autostart(self): config = self.config @@ -170,6 +175,16 @@ to be triggered for each one of them. self._set_ovpn_command() self._check_ovpn_config() + def _check_vpn_keys(self): + """ + checks for correct permissions on vpn keys + """ + try: + check_vpn_keys(self.config) + except EIPInitBadKeyFilePermError: + logger.error('error while checking vpn keys') + self.bad_keyfile_perms = True + def _launch_openvpn(self): """ invocation of openvpn binaries in a subprocess. -- cgit v1.2.3 From e81ddf7648e1075a15d8add11cd975a73aa09926 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 8 Aug 2012 07:01:27 +0900 Subject: catch missing keyfile error --- src/leap/eip/conductor.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index 3f40f068..11b0358c 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -14,6 +14,7 @@ from leap.eip.config import (get_config, build_ovpn_command, check_vpn_keys, EIPNoPkexecAvailable, EIPNoPolkitAuthAgentAvailable, + EIPInitNoKeyFileError, EIPInitBadKeyFilePermError) from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError @@ -101,6 +102,7 @@ to be triggered for each one of them. self.missing_pkexec = False self.missing_auth_agent = False self.bad_keyfile_perms = False + self.missing_vpn_keyfile = False self.command = None self.args = None @@ -181,6 +183,8 @@ to be triggered for each one of them. """ try: check_vpn_keys(self.config) + except EIPInitNoKeyFileError: + self.missing_vpn_keyfile = True except EIPInitBadKeyFilePermError: logger.error('error while checking vpn keys') self.bad_keyfile_perms = True -- cgit v1.2.3 From c217bd1f1456cf10ceabf698ea6f4dd8f636f454 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 8 Aug 2012 07:22:36 +0900 Subject: check for validity of the remote_ip entry (is ip?) --- src/leap/eip/conductor.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'src/leap/eip/conductor.py') diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index 11b0358c..8f9d6051 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -8,12 +8,16 @@ import logging from leap.util.coroutines import spawn_and_watch_process -# XXX import eip.config as eipconfig +# XXX from leap.eip import config as eipconfig +# from leap.eip import exceptions as eip_exceptions + from leap.eip.config import (get_config, build_ovpn_command, check_or_create_default_vpnconf, check_vpn_keys, EIPNoPkexecAvailable, EIPNoPolkitAuthAgentAvailable, + EIPInitNoProviderError, + EIPInitBadProviderError, EIPInitNoKeyFileError, EIPInitBadKeyFilePermError) from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher @@ -103,6 +107,8 @@ to be triggered for each one of them. self.missing_auth_agent = False self.bad_keyfile_perms = False self.missing_vpn_keyfile = False + self.missing_provider = False + self.bad_provider = False self.command = None self.args = None @@ -162,7 +168,14 @@ to be triggered for each one of them. """ # TODO # - get --with-openvpn-config from opts - check_or_create_default_vpnconf(self.config) + try: + check_or_create_default_vpnconf(self.config) + except EIPInitNoProviderError: + logger.error('missing default provider definition') + self.missing_provider = True + except EIPInitBadProviderError: + logger.error('bad provider definition') + self.bad_provider = True def _get_or_create_config(self): """ -- cgit v1.2.3