diff options
author | Ruben Pollan <meskio@sindominio.net> | 2017-09-18 17:33:53 +0200 |
---|---|---|
committer | Kali Kaneko <kali@leap.se> | 2017-09-20 17:56:41 +0200 |
commit | d0e4444555df79978aed5cd6c9548e2fd1c63936 (patch) | |
tree | 35817d71b4eee9b4b555df2cf00c53c837fbb4a4 /src/leap/bitmask/vpn/service.py | |
parent | 34c0c10001e0642342d843472867e86f58c62239 (diff) |
[bug] flag vpn_ready == false if cert expired
We were not renewing the vpn cert. Now the UI will trigger a cert
renewal by telling it that is the vpn is not ready if the cert is
expired.
- Resolves: #9059
Diffstat (limited to 'src/leap/bitmask/vpn/service.py')
-rw-r--r-- | src/leap/bitmask/vpn/service.py | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py index c9e1890..1ecfa79 100644 --- a/src/leap/bitmask/vpn/service.py +++ b/src/leap/bitmask/vpn/service.py @@ -22,7 +22,6 @@ VPN service declaration. import json import os -from time import strftime from twisted.internet import defer from twisted.logger import Logger @@ -31,11 +30,14 @@ from leap.bitmask.util import merge_status from leap.bitmask.vpn.gateways import GatewaySelector from leap.bitmask.vpn.fw.firewall import FirewallManager from leap.bitmask.vpn.tunnel import ConfiguredTunnel -from leap.bitmask.vpn._checks import is_service_ready, get_vpn_cert_path +from leap.bitmask.vpn._checks import ( + is_service_ready, + get_vpn_cert_path, + cert_expires +) from leap.bitmask.vpn import privilege, helpers from leap.common.config import get_path_prefix from leap.common.files import check_and_fix_urw_only -from leap.common.certs import get_cert_time_boundaries class ImproperlyConfigured(Exception): @@ -166,7 +168,8 @@ class VPNService(HookableService): ret = {'installed': helpers.check()} if domain: ret['vpn_ready'] = is_service_ready(domain) - ret['cert_expires'] = self._cert_expires(domain) + expiry = cert_expires(domain).strftime('%Y-%m-%dT%H:%M:%SZ') + ret['cert_expires'] = expiry return ret @defer.inlineCallbacks @@ -270,15 +273,6 @@ class VPNService(HookableService): provider, remotes, cert_path, key_path, ca_path, extra_flags) self._firewall = FirewallManager(remotes) - def _cert_expires(self, provider): - path = os.path.join( - self._basepath, "leap", "providers", provider, - "keys", "client", "openvpn.pem") - with open(path, 'r') as f: - cert = f.read() - _, to = get_cert_time_boundaries(cert) - return strftime('%Y-%m-%dT%H:%M:%SZ', to) - def _write_last(self, domain): path = os.path.join(self._basepath, self._last_vpn_path) with open(path, 'w') as f: |