Age | Commit message (Collapse) | Author |
|
There was common situations where two provider instances where running
in parallel. And was creating weird errors (like getting wrong api_uri)
because the bootstrap deferreds were global but the Provider objects
not.
I don't like much singletons, but I think now is simpler than before.
- Resolves: #9073
|
|
we make a distinction between the system-wide bitmask-root, which should
be placed there by the maintainers of whatever packages your
distribution uses, and the bitmask-root that is placed by the bundles
(using polkit).
since the bundles copying over the helper from user-writeable folders
is a potential attack vector, we prefer to use the package's version if
present.
also, if we cannot find either, we abort the launching of the VPN. we've
discussed that this might move to the service initialization instead,
but I think the cases in which this is needed should be rare.
I fix also a corner-case in which we were using getcwd() at import time.
if you execute code and then remove the installation path, this will
raise a traceback in bitmaskctl. I think it's nicer to catch the error
properly when starting.
|
|
|
|
|
|
|
|
|
|
|
|
we're doing something that shouldn't be done, that is relying on private
methods of the imap server implementation.
until I get to cleanup properly and submit patches for the several things
we're patching in the imap server implementation, keeping up with the
evolution of the imap server implementation is the only thing to do.
specially when we want to get 0.10 out of the door asap.
|
|
- Resolves: #9084
|
|
whoever wrote this in the first place needs to get introduced to
import-time initialization, even if it was me. one of the nastiest
python gotchas in my opinion :)
|
|
just to make the logic clear.
we should probably check that the file is not empty and it has valid
json (sanitized against the spec).
|
|
here we port the if-modified-since conditional mechanism, so that we
only write the config if it is newer than whan we have.
we also add a line with the status code to the logs, so that it's easier
to debug.
note that the 'configs.json' file is never returning 304.
- Resolves: #8773
|
|
Check it before starting the vpn.
- Resolves: #8895
|
|
We were not renewing the vpn cert. Now the UI will trigger a cert
renewal by telling it that is the vpn is not ready if the cert is
expired.
- Resolves: #9059
|
|
The workaround is no needed anymore, if we do 'GET' instead of 'POST' to
fetch all the provider configuration jsons it works smoothly.
- Resolves: #9056
|
|
- Related: #9012
|
|
|
|
|
|
|
|
Better psutil than ps+grep.
|
|
Don't persist-tun on the vpn, so it can restart properly. Also let's
match better the options that are sent and taken into account from
bitmask-root.
- Resolves: #9048
|
|
This is required for Nylas to be able to send emails though bitmask.
|
|
node-mail chokes if we don't.
|
|
the UI is expecting it there, not inside the result data.
we probably could delete it from the later.
|
|
there was an exception catched, AttributeError, that showed up as a
transient "failed" state.
- Resolves: #9044
|
|
|
|
the debian package was failing because of a bad polkit policy file name.
|
|
- Related: #9010
|
|
So each service can have it's own config section passed to the
constructor.
|
|
Now the default_printer can handle other types than dict, like lists or
strings.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
by properly allowing openvpn to restart when receiving SIGUSR1, we can
reserve the hard process restarts for cases in which the process is
aborted.
this depends on bitmask-root adding --persist-tun and --persist-key as
mandatory/allowed parameters.
|
|
|
|
|