From 92957c4b666d6e5fc54275d8857692a12b0fb209 Mon Sep 17 00:00:00 2001 From: Ruben Pollan Date: Wed, 1 Mar 2017 19:32:54 +0100 Subject: [feat] get VPN params from eip-service.json Instead of hardcoding them in the code. --- src/leap/bitmask/bonafide/_protocol.py | 4 ++++ src/leap/bitmask/bonafide/config.py | 18 ++++++++++++++---- src/leap/bitmask/bonafide/service.py | 4 +++- src/leap/bitmask/core/dispatcher.py | 5 ++++- src/leap/bitmask/vpn/launcher.py | 6 +++++- src/leap/bitmask/vpn/process.py | 13 +------------ src/leap/bitmask/vpn/service.py | 26 +++++++++----------------- 7 files changed, 40 insertions(+), 36 deletions(-) (limited to 'src') diff --git a/src/leap/bitmask/bonafide/_protocol.py b/src/leap/bitmask/bonafide/_protocol.py index 91b8b24..391aa8d 100644 --- a/src/leap/bitmask/bonafide/_protocol.py +++ b/src/leap/bitmask/bonafide/_protocol.py @@ -177,6 +177,10 @@ class BonafideProtocol(object): provider = config.Provider(provider_id, autoconf=autoconf) return provider.callWhenMainConfigReady(provider.config) + def do_get_service(self, provider_id, service, autoconf=False): + provider = config.Provider(provider_id, autoconf=autoconf) + return provider.callWhenMainConfigReady(provider.config, service) + def do_provider_delete(self, provider_id): return config.delete_provider(provider_id) diff --git a/src/leap/bitmask/bonafide/config.py b/src/leap/bitmask/bonafide/config.py index ba45465..1002edb 100644 --- a/src/leap/bitmask/bonafide/config.py +++ b/src/leap/bitmask/bonafide/config.py @@ -234,10 +234,20 @@ class Provider(object): return False return True - def config(self): - if not self._provider_config: - self._load_provider_json() - return self._provider_config.dict() + def config(self, service=None): + if not service: + if not self._provider_config: + self._load_provider_json() + return self._provider_config.dict() + + path = self._get_service_config_path(service) + try: + with open(path, 'r') as config: + config = Record(**json.load(config)) + except IOError: + raise ValueError("Service " + service + + " not found in provider " + self._domain) + return config def bootstrap(self): domain = self._domain diff --git a/src/leap/bitmask/bonafide/service.py b/src/leap/bitmask/bonafide/service.py index dc57917..0a78813 100644 --- a/src/leap/bitmask/bonafide/service.py +++ b/src/leap/bitmask/bonafide/service.py @@ -111,7 +111,9 @@ class BonafideService(HookableService): def do_provider_create(self, domain): return self._bonafide.do_get_provider(domain, autoconf=True) - def do_provider_read(self, domain): + def do_provider_read(self, domain, service=None): + if service: + return self._bonafide.do_get_service(domain, service) return self._bonafide.do_get_provider(domain) def do_provider_delete(self, domain): diff --git a/src/leap/bitmask/core/dispatcher.py b/src/leap/bitmask/core/dispatcher.py index 075dfd8..29a07e6 100644 --- a/src/leap/bitmask/core/dispatcher.py +++ b/src/leap/bitmask/core/dispatcher.py @@ -86,7 +86,10 @@ class ProviderCmd(SubCommand): @register_method("{'domain': str, 'api_uri': str, 'api_version': str}") def do_READ(self, bonafide, *parts): domain = parts[2] - return bonafide.do_provider_read(domain) + service = None + if len(parts) > 3: + service = parts[3] + return bonafide.do_provider_read(domain, service) @register_method("") def do_DELETE(self, bonafide, *parts): diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py index 28910fa..3006d6d 100644 --- a/src/leap/bitmask/vpn/launcher.py +++ b/src/leap/bitmask/vpn/launcher.py @@ -229,7 +229,11 @@ class VPNLauncher(object): openvpn_configuration = vpnconfig.get_openvpn_configuration() for key, value in openvpn_configuration.items(): - args += ['--%s' % (key,), value] + if type(value) is bool: + if value: + args += ['--%s' % (key,)] + else: + args += ['--%s' % (key,), value] user = getpass.getuser() diff --git a/src/leap/bitmask/vpn/process.py b/src/leap/bitmask/vpn/process.py index 533a45c..cb67eff 100644 --- a/src/leap/bitmask/vpn/process.py +++ b/src/leap/bitmask/vpn/process.py @@ -22,24 +22,13 @@ A custom processProtocol launches the VPNProcess and connects to its management interface. """ -import os -import shutil -import socket -import subprocess import sys -from itertools import chain, repeat - -from twisted.internet import defer, protocol, reactor +from twisted.internet import protocol, reactor from twisted.internet import error as internet_error -from twisted.internet.task import LoopingCall from twisted.logger import Logger -from leap.bitmask.vpn.constants import IS_MAC -from leap.bitmask.vpn.utils import first, force_eval from leap.bitmask.vpn.utils import get_vpn_launcher -from leap.bitmask.vpn.launchers import linux -from leap.bitmask.vpn._telnet import UDSTelnet from leap.bitmask.vpn import _status from leap.bitmask.vpn import _management diff --git a/src/leap/bitmask/vpn/service.py b/src/leap/bitmask/vpn/service.py index 60de0f6..c23397c 100644 --- a/src/leap/bitmask/vpn/service.py +++ b/src/leap/bitmask/vpn/service.py @@ -61,13 +61,14 @@ class VPNService(HookableService): print "Stopping VPN Service..." super(VPNService, self).stopService() + @defer.inlineCallbacks def start_vpn(self, domain): # TODO check if the VPN is started and return an error if it is. - self._setup(domain) + yield self._setup(domain) self._vpn.start() self._started = True self._domain = domain - return {'result': 'started'} + defer.returnValue({'result': 'started'}) def stop_vpn(self): # TODO ----------------------------- @@ -120,32 +121,23 @@ class VPNService(HookableService): ask = privilege.uninstall_helpers() return {'uninstall': 'ok'} + @defer.inlineCallbacks def _setup(self, provider): """Set up VPNManager for a specified provider. :param provider: the provider to use, e.g. 'demo.bitmask.net' :type provider: str""" - # FIXME --------------------------------------------------------- - # XXX picked manually from eip-service.json - remotes = ( - ("198.252.153.84", "1194"), - ("46.165.242.169", "1194"), - ) + bonafide = self.parent.getServiceNamed("bonafide") + config = yield bonafide.do_provider_read(provider, "eip") + remotes = [(gw["ip_address"], gw["capabilities"]["ports"][0]) + for gw in config.gateways] + extra_flags = config.openvpn_configuration prefix = os.path.join(self._basepath, "leap/providers/{0}/keys".format(provider)) cert_path = key_path = prefix + "/client/openvpn.pem" ca_path = prefix + "/ca/cacert.pem" - # FIXME - # XXX picked manually from vpn-service.json - extra_flags = { - "auth": "SHA1", - "cipher": "AES-128-CBC", - "keepalive": "10 30", - "tls-cipher": "DHE-RSA-AES128-SHA", - } - self._vpn = VPNManager(remotes, cert_path, key_path, ca_path, extra_flags) -- cgit v1.2.3