summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/vpn/service.py
diff options
context:
space:
mode:
authorRuben Pollan <meskio@sindominio.net>2017-09-18 17:33:53 +0200
committerKali Kaneko <kali@leap.se>2017-09-20 17:56:41 +0200
commitd0e4444555df79978aed5cd6c9548e2fd1c63936 (patch)
tree35817d71b4eee9b4b555df2cf00c53c837fbb4a4 /src/leap/bitmask/vpn/service.py
parent34c0c10001e0642342d843472867e86f58c62239 (diff)
[bug] flag vpn_ready == false if cert expired
We were not renewing the vpn cert. Now the UI will trigger a cert renewal by telling it that is the vpn is not ready if the cert is expired. - Resolves: #9059
Diffstat (limited to 'src/leap/bitmask/vpn/service.py')
-rw-r--r--src/leap/bitmask/vpn/service.py20
1 files changed, 7 insertions, 13 deletions
diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py
index c9e1890..1ecfa79 100644
--- a/src/leap/bitmask/vpn/service.py
+++ b/src/leap/bitmask/vpn/service.py
@@ -22,7 +22,6 @@ VPN service declaration.
import json
import os
-from time import strftime
from twisted.internet import defer
from twisted.logger import Logger
@@ -31,11 +30,14 @@ from leap.bitmask.util import merge_status
from leap.bitmask.vpn.gateways import GatewaySelector
from leap.bitmask.vpn.fw.firewall import FirewallManager
from leap.bitmask.vpn.tunnel import ConfiguredTunnel
-from leap.bitmask.vpn._checks import is_service_ready, get_vpn_cert_path
+from leap.bitmask.vpn._checks import (
+ is_service_ready,
+ get_vpn_cert_path,
+ cert_expires
+)
from leap.bitmask.vpn import privilege, helpers
from leap.common.config import get_path_prefix
from leap.common.files import check_and_fix_urw_only
-from leap.common.certs import get_cert_time_boundaries
class ImproperlyConfigured(Exception):
@@ -166,7 +168,8 @@ class VPNService(HookableService):
ret = {'installed': helpers.check()}
if domain:
ret['vpn_ready'] = is_service_ready(domain)
- ret['cert_expires'] = self._cert_expires(domain)
+ expiry = cert_expires(domain).strftime('%Y-%m-%dT%H:%M:%SZ')
+ ret['cert_expires'] = expiry
return ret
@defer.inlineCallbacks
@@ -270,15 +273,6 @@ class VPNService(HookableService):
provider, remotes, cert_path, key_path, ca_path, extra_flags)
self._firewall = FirewallManager(remotes)
- def _cert_expires(self, provider):
- path = os.path.join(
- self._basepath, "leap", "providers", provider,
- "keys", "client", "openvpn.pem")
- with open(path, 'r') as f:
- cert = f.read()
- _, to = get_cert_time_boundaries(cert)
- return strftime('%Y-%m-%dT%H:%M:%SZ', to)
-
def _write_last(self, domain):
path = os.path.join(self._basepath, self._last_vpn_path)
with open(path, 'w') as f: