diff options
author | Ruben Pollan <meskio@sindominio.net> | 2017-03-01 19:32:54 +0100 |
---|---|---|
committer | Ruben Pollan <meskio@sindominio.net> | 2017-03-03 10:50:54 +0100 |
commit | 92957c4b666d6e5fc54275d8857692a12b0fb209 (patch) | |
tree | 2a0ae0439211b0c6476b5e5854af3db95aedfc4d /src/leap/bitmask/vpn | |
parent | 1accda8a692798fccdd67584b1e4950057faddeb (diff) |
[feat] get VPN params from eip-service.json
Instead of hardcoding them in the code.
Diffstat (limited to 'src/leap/bitmask/vpn')
-rw-r--r-- | src/leap/bitmask/vpn/launcher.py | 6 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/process.py | 13 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/service.py | 26 |
3 files changed, 15 insertions, 30 deletions
diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py index 28910fa..3006d6d 100644 --- a/src/leap/bitmask/vpn/launcher.py +++ b/src/leap/bitmask/vpn/launcher.py @@ -229,7 +229,11 @@ class VPNLauncher(object): openvpn_configuration = vpnconfig.get_openvpn_configuration() for key, value in openvpn_configuration.items(): - args += ['--%s' % (key,), value] + if type(value) is bool: + if value: + args += ['--%s' % (key,)] + else: + args += ['--%s' % (key,), value] user = getpass.getuser() diff --git a/src/leap/bitmask/vpn/process.py b/src/leap/bitmask/vpn/process.py index 533a45c..cb67eff 100644 --- a/src/leap/bitmask/vpn/process.py +++ b/src/leap/bitmask/vpn/process.py @@ -22,24 +22,13 @@ A custom processProtocol launches the VPNProcess and connects to its management interface. """ -import os -import shutil -import socket -import subprocess import sys -from itertools import chain, repeat - -from twisted.internet import defer, protocol, reactor +from twisted.internet import protocol, reactor from twisted.internet import error as internet_error -from twisted.internet.task import LoopingCall from twisted.logger import Logger -from leap.bitmask.vpn.constants import IS_MAC -from leap.bitmask.vpn.utils import first, force_eval from leap.bitmask.vpn.utils import get_vpn_launcher -from leap.bitmask.vpn.launchers import linux -from leap.bitmask.vpn._telnet import UDSTelnet from leap.bitmask.vpn import _status from leap.bitmask.vpn import _management diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py index 60de0f6..c23397c 100644 --- a/src/leap/bitmask/vpn/service.py +++ b/src/leap/bitmask/vpn/service.py @@ -61,13 +61,14 @@ class VPNService(HookableService): print "Stopping VPN Service..." super(VPNService, self).stopService() + @defer.inlineCallbacks def start_vpn(self, domain): # TODO check if the VPN is started and return an error if it is. - self._setup(domain) + yield self._setup(domain) self._vpn.start() self._started = True self._domain = domain - return {'result': 'started'} + defer.returnValue({'result': 'started'}) def stop_vpn(self): # TODO ----------------------------- @@ -120,32 +121,23 @@ class VPNService(HookableService): ask = privilege.uninstall_helpers() return {'uninstall': 'ok'} + @defer.inlineCallbacks def _setup(self, provider): """Set up VPNManager for a specified provider. :param provider: the provider to use, e.g. 'demo.bitmask.net' :type provider: str""" - # FIXME --------------------------------------------------------- - # XXX picked manually from eip-service.json - remotes = ( - ("198.252.153.84", "1194"), - ("46.165.242.169", "1194"), - ) + bonafide = self.parent.getServiceNamed("bonafide") + config = yield bonafide.do_provider_read(provider, "eip") + remotes = [(gw["ip_address"], gw["capabilities"]["ports"][0]) + for gw in config.gateways] + extra_flags = config.openvpn_configuration prefix = os.path.join(self._basepath, "leap/providers/{0}/keys".format(provider)) cert_path = key_path = prefix + "/client/openvpn.pem" ca_path = prefix + "/ca/cacert.pem" - # FIXME - # XXX picked manually from vpn-service.json - extra_flags = { - "auth": "SHA1", - "cipher": "AES-128-CBC", - "keepalive": "10 30", - "tls-cipher": "DHE-RSA-AES128-SHA", - } - self._vpn = VPNManager(remotes, cert_path, key_path, ca_path, extra_flags) |