Moved initialization, fingerprint and cert inside LeapCertificate class

author: Bruno Wagner <bwgpro@gmail.com> 2015-06-08 18:54:27 -0300
committer: Bruno Wagner <bwgpro@gmail.com> 2015-06-08 18:54:31 -0300
commit: 3e902a70b94d31458c159c641720d38152bbb267 (patch)
tree: 914c4d2f7b8ef701052e6c3067d31c40846d841f /service
parent: f303f0c6d6cc214e3acc989c75f586fc4191ec6f (diff)
5 files changed, 20 insertions, 35 deletions
diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py
index 16319d83..2535b747 100644
--- a/service/pixelated/bitmask_libraries/certs.py
+++ b/service/pixelated/bitmask_libraries/certs.py
@@ -20,37 +20,29 @@ from leap.common import ca_bundle
 
 from .config import AUTO_DETECT_CA_BUNDLE
 
-LEAP_CERT = None
-LEAP_FINGERPRINT = None
-PACKAGED_CERTS_HOME = os.path.abspath(os.path.join(os.path.abspath(__file__), "..", "..", "certificates"))
 
+class LeapCertificate(object):
 
-def init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint):
-    if leap_provider_cert_fingerprint is None:
-        LEAP_CERT = leap_provider_cert or True
-        LEAP_FINGERPRINT = None
-    else:
-        LEAP_FINGERPRINT = leap_provider_cert_fingerprint
-        LEAP_CERT = False
-
-
-def which_bootstrap_cert_fingerprint():
-    return LEAP_FINGERPRINT
-
-
-def refresh_ca_bundle(provider):
-    LeapCertificate(provider).refresh_ca_bundle()
-
+    LEAP_CERT = None
+    LEAP_FINGERPRINT = None
 
-class LeapCertificate(object):
     def __init__(self, provider):
         self._config = provider.config
         self._server_name = provider.server_name
         self._provider = provider
 
+    @staticmethod
+    def set_cert_and_fingerprint(cert_file=None, cert_fingerprint=None):
+        if cert_fingerprint is None:
+            LeapCertificate.LEAP_CERT = cert_file or True
+            LeapCertificate.LEAP_FINGERPRINT = None
+        else:
+            LeapCertificate.LEAP_FINGERPRINT = cert_fingerprint
+            LeapCertificate.LEAP_CERT = False
+
     def auto_detect_bootstrap_ca_bundle(self):
-        if LEAP_CERT is not None:
-            return LEAP_CERT
+        if self.LEAP_CERT is not None:
+            return self.LEAP_CERT
 
         if self._config.bootstrap_ca_cert_bundle == AUTO_DETECT_CA_BUNDLE:
             local_cert = self._local_bootstrap_server_cert()
@@ -91,12 +83,6 @@ class LeapCertificate(object):
         if os.path.isfile(cert_file):
             return cert_file
 
-        cert_file = os.path.join(PACKAGED_CERTS_HOME, '%s.ca.crt' % self._server_name)
-        if os.path.exists(cert_file):
-            return cert_file
-
-        # else download the file
-        cert_file = self._bootstrap_certs_cert_file()
         response = requests.get('https://%s/provider.json' % self._server_name)
         provider_data = json.loads(response.content)
         ca_cert_uri = str(provider_data['ca_cert_uri'])
diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py
index afad66e3..38df504e 100644
--- a/service/pixelated/bitmask_libraries/provider.py
+++ b/service/pixelated/bitmask_libraries/provider.py
@@ -17,7 +17,6 @@ import json
 
 from leap.common.certs import get_digest
 import requests
-from .certs import which_bootstrap_cert_fingerprint
 from .certs import LeapCertificate
 from pixelated.support.tls_adapter import EnforceTLSv1Adapter
 
@@ -100,7 +99,7 @@ class LeapProvider(object):
     def _validated_get(self, url):
         session = requests.session()
         try:
-            session.mount('https://', EnforceTLSv1Adapter(assert_fingerprint=which_bootstrap_cert_fingerprint()))
+            session.mount('https://', EnforceTLSv1Adapter(assert_fingerprint=LeapCertificate.LEAP_FINGERPRINT))
             response = session.get(url, verify=LeapCertificate(self).auto_detect_bootstrap_ca_bundle(), timeout=self.config.timeout_in_s)
             response.raise_for_status()
             return response
diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py
index 12cbd91b..09bf277d 100644
--- a/service/pixelated/bitmask_libraries/session.py
+++ b/service/pixelated/bitmask_libraries/session.py
@@ -24,7 +24,7 @@ from leap.mail.imap.memorystore import MemoryStore
 from leap.mail.imap.soledadstore import SoledadStore
 from pixelated.bitmask_libraries.config import LeapConfig
 from pixelated.bitmask_libraries.provider import LeapProvider
-from pixelated.bitmask_libraries.certs import refresh_ca_bundle
+from pixelated.bitmask_libraries.certs import LeapCertificate
 from twisted.internet import reactor
 from .nicknym import NickNym
 from leap.auth import SRPAuth
@@ -39,7 +39,7 @@ SESSIONS = {}
 def open_leap_session(username, password, server_name, leap_home=DEFAULT_LEAP_HOME):
     config = LeapConfig(leap_home=leap_home)
     provider = LeapProvider(server_name, config)
-    refresh_ca_bundle(provider)
+    LeapCertificate(provider).refresh_ca_bundle()
     session = LeapSessionFactory(provider).create(username, password)
 
     return session
diff --git a/service/pixelated/config/leap.py b/service/pixelated/config/leap.py
index 0248a46f..7a383b17 100644
--- a/service/pixelated/config/leap.py
+++ b/service/pixelated/config/leap.py
@@ -2,7 +2,7 @@ from __future__ import absolute_import
 import random
 from pixelated.config import credentials
 from leap.common.events import server as events_server
-from pixelated.bitmask_libraries import certs
+from pixelated.bitmask_libraries.certs import LeapCertificate
 from pixelated.bitmask_libraries.session import open_leap_session
 
 
@@ -13,7 +13,7 @@ def initialize_leap(leap_provider_cert,
                     leap_home):
     init_monkeypatches()
     provider, user, password = credentials.read(organization_mode, credentials_file)
-    certs.init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint)
+    LeapCertificate.set_cert_and_fingerprint(leap_provider_cert, leap_provider_cert_fingerprint)
     events_server.ensure_server(random.randrange(8000, 11999))
     leap_session = create_leap_session(provider, user, password, leap_home)
     leap_session.start_background_jobs()
diff --git a/service/test/unit/bitmask_libraries/test_provider.py b/service/test/unit/bitmask_libraries/test_provider.py
index 5b5c2034..49627565 100644
--- a/service/test/unit/bitmask_libraries/test_provider.py
+++ b/service/test/unit/bitmask_libraries/test_provider.py
@@ -219,7 +219,7 @@ class LeapProviderTest(AbstractLeapTest):
         session = MagicMock(wraps=requests.session())
         session_func = MagicMock(return_value=session)
 
-        with patch('pixelated.bitmask_libraries.provider.which_bootstrap_cert_fingerprint', return_value='some fingerprint'):
+        with patch('pixelated.bitmask_libraries.certs.LeapCertificate.LEAP_FINGERPRINT', return_value='some fingerprint'):
                 with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func):
                     with patch('pixelated.bitmask_libraries.certs.LeapCertificate.auto_detect_bootstrap_ca_bundle', return_value=False):
                         with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock):
author	Bruno Wagner <bwgpro@gmail.com>	2015-06-08 18:54:27 -0300
committer	Bruno Wagner <bwgpro@gmail.com>	2015-06-08 18:54:31 -0300
commit	3e902a70b94d31458c159c641720d38152bbb267 (patch)
tree	914c4d2f7b8ef701052e6c3067d31c40846d841f /service
parent	f303f0c6d6cc214e3acc989c75f586fc4191ec6f (diff)