check for validity of the remote_ip entry (is ip?)ovpn-invocation

3 files changed, 59 insertions, 5 deletions

diff --git a/src/leap/baseapp/mainwindow.py b/src/leap/baseapp/mainwindow.py
index c54eb97..85129a9 100644
--- a/src/leap/baseapp/mainwindow.py
+++ b/src/leap/baseapp/mainwindow.py
@@ -79,8 +79,17 @@ class LeapWindow(QMainWindow):
             status_signals=(self.statusChange.emit, ),
             debug=self.debugmode)
 
+        #
         # bunch of self checks.
         # XXX move somewhere else alltogether.
+        #
+
+        if self.conductor.missing_provider is True:
+            dialog = ErrorDialog()
+            dialog.criticalMessage(
+                'Missing provider. Add a remote_ip entry '
+                'under section [provider] in eip.cfg',
+                'error')
 
         if self.conductor.missing_vpn_keyfile is True:
             dialog = ErrorDialog()
@@ -92,6 +101,13 @@ class LeapWindow(QMainWindow):
         # os.kill of subprocess fails if we have
         # some of this errors.
 
+        if self.conductor.bad_provider is True:
+            dialog = ErrorDialog()
+            dialog.criticalMessage(
+                'Bad provider entry. Check that remote_ip entry '
+                'has an IP under section [provider] in eip.cfg',
+                'error')
+
         if self.conductor.bad_keyfile_perms is True:
             dialog = ErrorDialog()
             dialog.criticalMessage(
diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py
index 11b0358..8f9d605 100644
--- a/src/leap/eip/conductor.py
+++ b/src/leap/eip/conductor.py
@@ -8,12 +8,16 @@ import logging
 
 from leap.util.coroutines import spawn_and_watch_process
 
-# XXX import eip.config as eipconfig
+# XXX from leap.eip import config as eipconfig
+# from leap.eip import exceptions as eip_exceptions
+
 from leap.eip.config import (get_config, build_ovpn_command,
                              check_or_create_default_vpnconf,
                              check_vpn_keys,
                              EIPNoPkexecAvailable,
                              EIPNoPolkitAuthAgentAvailable,
+                             EIPInitNoProviderError,
+                             EIPInitBadProviderError,
                              EIPInitNoKeyFileError,
                              EIPInitBadKeyFilePermError)
 from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher
@@ -103,6 +107,8 @@ to be triggered for each one of them.
         self.missing_auth_agent = False
         self.bad_keyfile_perms = False
         self.missing_vpn_keyfile = False
+        self.missing_provider = False
+        self.bad_provider = False
 
         self.command = None
         self.args = None
@@ -162,7 +168,14 @@ to be triggered for each one of them.
         """
         # TODO
         # - get --with-openvpn-config from opts
-        check_or_create_default_vpnconf(self.config)
+        try:
+            check_or_create_default_vpnconf(self.config)
+        except EIPInitNoProviderError:
+            logger.error('missing default provider definition')
+            self.missing_provider = True
+        except EIPInitBadProviderError:
+            logger.error('bad provider definition')
+            self.bad_provider = True
 
     def _get_or_create_config(self):
         """
diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py
index 91c3953..6118c9d 100644
--- a/src/leap/eip/config.py
+++ b/src/leap/eip/config.py
@@ -3,6 +3,7 @@ import grp
 import logging
 import os
 import platform
+import socket
 
 from leap.util.fileutil import (which, mkdir_p,
                                 check_and_fix_urw_only)
@@ -24,6 +25,14 @@ class EIPNoPolkitAuthAgentAvailable(Exception):
     pass
 
 
+class EIPInitNoProviderError(Exception):
+    pass
+
+
+class EIPInitBadProviderError(Exception):
+    pass
+
+
 class EIPInitNoKeyFileError(Exception):
     pass
 
@@ -90,6 +99,14 @@ def get_default_provider_path():
     return default_provider_path
 
 
+def validate_ip(ip_str):
+    """
+    raises exception if the ip_str is
+    not a valid representation of an ip
+    """
+    socket.inet_aton(ip_str)
+
+
 def check_or_create_default_vpnconf(config):
     """
     checks that a vpn config file
@@ -118,10 +135,18 @@ def check_or_create_default_vpnconf(config):
     # by now. Get it from a list of gateways
     # instead.
 
-    remote_ip = config.get('provider',
-                           'remote_ip')
+    try:
+        remote_ip = config.get('provider',
+                               'remote_ip')
+        validate_ip(remote_ip)
+
+    except ConfigParser.NoOptionError:
+        raise EIPInitNoProviderError
+
+    except socket.error:
+        # this does not look like an ip, dave
+        raise EIPInitBadProviderError
 
-    # XXX check that IT LOOKS LIKE AN IP!!!
     if config.has_option('provider', 'remote_port'):
         remote_port = config.get('provider',
                                  'remote_port')