From fc8a54a40645412e9c738723e54159bfda40cfde Mon Sep 17 00:00:00 2001 From: kali Date: Thu, 6 Sep 2012 04:18:27 +0900 Subject: openvpn management socket is a temp path on each run --- src/leap/eip/config.py | 23 +++++++++++----- src/leap/eip/eipconnection.py | 10 +++---- src/leap/eip/openvpnconnection.py | 11 +++++--- src/leap/eip/tests/test_config.py | 5 ++-- src/leap/eip/tests/test_openvpnconnection.py | 39 ++++++++++++---------------- 5 files changed, 48 insertions(+), 40 deletions(-) (limited to 'src/leap/eip') diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py index f4b979ce..833519ee 100644 --- a/src/leap/eip/config.py +++ b/src/leap/eip/config.py @@ -1,6 +1,7 @@ import logging import os import platform +import tempfile from leap.util.fileutil import (which, check_and_fix_urw_only) @@ -39,7 +40,15 @@ class EIPServiceConfig(baseconfig.JSONLeapConfig): slug = property(_get_slug, _set_slug) -def build_ovpn_options(daemon=False): +def get_socket_path(): + socket_path = os.path.join( + tempfile.mkdtemp(prefix="leap-tmp"), + 'openvpn.socket') + logger.debug('socket path: %s', socket_path) + return socket_path + + +def build_ovpn_options(daemon=False, socket_path=None): """ build a list of options to be passed in the @@ -98,10 +107,11 @@ def build_ovpn_options(daemon=False): if ourplatform in ("Linux", "Mac"): opts.append('--management') - # XXX get a different sock each time ... - # XXX #505 - opts.append('/tmp/.eip.sock') + if socket_path is None: + socket_path = get_socket_path() + opts.append(socket_path) opts.append('unix') + if ourplatform == "Windows": opts.append('--management') opts.append('localhost') @@ -125,7 +135,8 @@ def build_ovpn_options(daemon=False): return opts -def build_ovpn_command(debug=False, do_pkexec_check=True, vpnbin=None): +def build_ovpn_command(debug=False, do_pkexec_check=True, vpnbin=None, + socket_path=None): """ build a string with the complete openvpn invocation @@ -171,7 +182,7 @@ def build_ovpn_command(debug=False, do_pkexec_check=True, vpnbin=None): command.append(vpn_command) daemon_mode = not debug - for opt in build_ovpn_options(daemon=daemon_mode): + for opt in build_ovpn_options(daemon=daemon_mode, socket_path=socket_path): command.append(opt) # XXX check len and raise proper error diff --git a/src/leap/eip/eipconnection.py b/src/leap/eip/eipconnection.py index ff71dc76..3a879f01 100644 --- a/src/leap/eip/eipconnection.py +++ b/src/leap/eip/eipconnection.py @@ -6,6 +6,7 @@ import logging import Queue from leap.eip.checks import EIPConfigChecker +from leap.eip import config as eipconfig from leap.eip import exceptions as eip_exceptions from leap.eip.openvpnconnection import OpenVPNConnection @@ -30,6 +31,9 @@ class EIPConnection(OpenVPNConnection): self.status = EIPConnectionStatus(callbacks=status_signals) self.config_checker = config_checker() + host = eipconfig.get_socket_path() + kwargs['host'] = host + super(EIPConnection, self).__init__(*args, **kwargs) def has_errors(self): @@ -72,12 +76,6 @@ class EIPConnection(OpenVPNConnection): """ return self.status.current - #def desired_connection_state(self): - #""" - #returns the desired_connection state - #""" - #return self.desired_con_state - def poll_connection_state(self): """ """ diff --git a/src/leap/eip/openvpnconnection.py b/src/leap/eip/openvpnconnection.py index ec8b48bf..2ab0622e 100644 --- a/src/leap/eip/openvpnconnection.py +++ b/src/leap/eip/openvpnconnection.py @@ -26,12 +26,10 @@ class OpenVPNConnection(Connection): def __init__(self, config_file=None, watcher_cb=None, debug=False, - host="/tmp/.eip.sock", + host=None, port="unix", password=None, *args, **kwargs): - #XXX FIXME - #change watcher_cb to line_observer """ :param config_file: configuration file to read from :param watcher_cb: callback to be \ @@ -42,8 +40,12 @@ to be triggered for each one of them. :type watcher_cb: function :type signal_map: dict """ + #XXX FIXME + #change watcher_cb to line_observer + logger.debug('init openvpn connection') self.debug = debug + # XXX if not host: raise ImproperlyConfigured self.config_file = config_file self.watcher_cb = watcher_cb @@ -103,7 +105,8 @@ to be triggered for each one of them. # XXX check also for command-line --command flag try: command, args = eip_config.build_ovpn_command( - debug=self.debug) + debug=self.debug, + socket_path=self.host) except eip_exceptions.EIPNoPolkitAuthAgentAvailable: command = args = None # XXX deprecate diff --git a/src/leap/eip/tests/test_config.py b/src/leap/eip/tests/test_config.py index c73281cc..60300770 100644 --- a/src/leap/eip/tests/test_config.py +++ b/src/leap/eip/tests/test_config.py @@ -71,7 +71,7 @@ class EIPConfigTest(BaseLeapTest): args.append('--management') #XXX hey! #get platform switches here! - args.append('/tmp/.eip.sock') + args.append('/tmp/test.socket') args.append('unix') # certs @@ -114,7 +114,8 @@ class EIPConfigTest(BaseLeapTest): print 'path =', path print 'vpnbin = ', vpnbin command, args = eipconfig.build_ovpn_command( - do_pkexec_check=False, vpnbin=vpnbin) + do_pkexec_check=False, vpnbin=vpnbin, + socket_path="/tmp/test.socket") self.assertEqual(command, self.home + '/bin/openvpn') self.assertEqual(args, self.get_expected_openvpn_args()) diff --git a/src/leap/eip/tests/test_openvpnconnection.py b/src/leap/eip/tests/test_openvpnconnection.py index dea75b55..885c80b3 100644 --- a/src/leap/eip/tests/test_openvpnconnection.py +++ b/src/leap/eip/tests/test_openvpnconnection.py @@ -1,5 +1,7 @@ import logging +import os import platform +import shutil #import socket logging.basicConfig() @@ -12,9 +14,10 @@ except ImportError: from mock import Mock, patch # MagicMock +from leap.eip import config as eipconfig from leap.eip import openvpnconnection -from leap.eip import exceptions as eip_exceptions from leap.eip.udstelnet import UDSTelnet +from leap.testing.basetest import BaseLeapTest _system = platform.system() @@ -46,28 +49,25 @@ class MockedOpenVPNConnection(openvpnconnection.OpenVPNConnection): self.tn = mock_UDSTelnet(self.host, port=self.port) -class OpenVPNConnectionTest(unittest.TestCase): +class OpenVPNConnectionTest(BaseLeapTest): __name__ = "vpnconnection_tests" def setUp(self): - self.manager = MockedOpenVPNConnection() + # XXX this will have to change for win, host=localhost + host = eipconfig.get_socket_path() + self.manager = MockedOpenVPNConnection(host=host) def tearDown(self): - del self.manager - - # - # helpers - # - - # XXX hey, refactor this to basetestclass + # remove the socket folder. + # XXX only if posix. in win, host is localhost, so nothing + # has to be done. + if self.manager.host: + folder, fpath = os.path.split(self.manager.host) + assert folder.startswith('/tmp/leap-tmp') # safety check + shutil.rmtree(folder) - def _missing_test_for_plat(self, do_raise=False): - if do_raise: - raise NotImplementedError( - "This test is not implemented " - "for the running platform: %s" % - _system) + del self.manager # # tests @@ -78,7 +78,7 @@ class OpenVPNConnectionTest(unittest.TestCase): """ check default host for management iface """ - self.assertEqual(self.manager.host, '/tmp/.eip.sock') + self.assertTrue(self.manager.host.startswith('/tmp/leap-tmp')) self.assertEqual(self.manager.port, 'unix') @unittest.skipUnless(_system == "Windows", "win only") @@ -99,11 +99,6 @@ class OpenVPNConnectionTest(unittest.TestCase): self.manager = MockedOpenVPNConnection(port="bad") self.assertEqual(self.manager.port, None) - def test_connect_raises_missing_socket(self): - self.manager = openvpnconnection.OpenVPNConnection() - with self.assertRaises(eip_exceptions.MissingSocketError): - self.manager.connect_to_management() - def test_uds_telnet_called_on_connect(self): self.manager.connect_to_management() mock_UDSTelnet.assert_called_with( -- cgit v1.2.3