summaryrefslogtreecommitdiff
path: root/src/leap
diff options
context:
space:
mode:
authorRuben Pollan <meskio@sindominio.net>2017-03-29 12:25:55 +0200
committerKali Kaneko (leap communications) <kali@leap.se>2017-04-03 15:41:20 +0200
commit30d5903c7ed45f54146e4fb83d1ebb997e725a9a (patch)
tree31dbb33f8b151446aa5a59536f5face66e772cea /src/leap
parentef804c1fd5a8ae307aca70853c9224b63d14a731 (diff)
[feat] add the expiration date of the cert to vpn.check
- Resolves: #8807
Diffstat (limited to 'src/leap')
-rw-r--r--src/leap/bitmask/vpn/service.py19
1 files changed, 15 insertions, 4 deletions
diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py
index a7dce3d..5bbcd85 100644
--- a/src/leap/bitmask/vpn/service.py
+++ b/src/leap/bitmask/vpn/service.py
@@ -22,6 +22,7 @@ VPN service declaration.
import os
+from time import strftime
from twisted.internet import defer
from leap.bitmask.hooks import HookableService
@@ -30,6 +31,7 @@ from leap.bitmask.vpn._checks import is_service_ready, get_vpn_cert_path
from leap.bitmask.vpn import privilege, helpers
from leap.common.config import get_path_prefix
from leap.common.files import check_and_fix_urw_only
+from leap.common.certs import get_cert_time_boundaries
class VPNService(HookableService):
@@ -103,6 +105,7 @@ class VPNService(HookableService):
ret = {'installed': helpers.check()}
if domain:
ret['vpn_ready'] = is_service_ready(domain)
+ ret['cert_expires'] = self._cert_expires(domain)
return ret
@defer.inlineCallbacks
@@ -147,14 +150,22 @@ class VPNService(HookableService):
for gw in config.gateways]
extra_flags = config.openvpn_configuration
- prefix = os.path.join(self._basepath,
- "leap/providers/{0}/keys".format(provider))
- cert_path = key_path = prefix + "/client/openvpn.pem"
- ca_path = prefix + "/ca/cacert.pem"
+ prefix = os.path.join(self._basepath, "leap", "providers", provider,
+ "keys")
+ cert_path = key_path = os.path.join(prefix, "client", "openvpn.pem")
+ ca_path = os.path.join(prefix, "ca", "cacert.pem")
self._vpn = VPNManager(provider, remotes, cert_path, key_path, ca_path,
extra_flags)
+ def _cert_expires(self, provider):
+ path = os.path.join(self._basepath, "leap", "providers", provider,
+ "keys", "client", "openvpn.pem")
+ with open(path, 'r') as f:
+ cert = f.read()
+ _, to = get_cert_time_boundaries(cert)
+ return strftime('%Y-%m-%dT%H:%M:%SZ', to)
+
def _write_last(self, domain):
path = os.path.join(self._basepath, self._last_vpn_path)
with open(path, 'w') as f: