diff options
Diffstat (limited to 'service/pixelated/bitmask_libraries')
-rw-r--r-- | service/pixelated/bitmask_libraries/config.py | 2 | ||||
-rw-r--r-- | service/pixelated/bitmask_libraries/nicknym.py | 30 | ||||
-rw-r--r-- | service/pixelated/bitmask_libraries/provider.py | 2 | ||||
-rw-r--r-- | service/pixelated/bitmask_libraries/session.py | 73 | ||||
-rw-r--r-- | service/pixelated/bitmask_libraries/smtp.py | 2 | ||||
-rw-r--r-- | service/pixelated/bitmask_libraries/soledad.py | 17 |
6 files changed, 74 insertions, 52 deletions
diff --git a/service/pixelated/bitmask_libraries/config.py b/service/pixelated/bitmask_libraries/config.py index efb43411..c521a093 100644 --- a/service/pixelated/bitmask_libraries/config.py +++ b/service/pixelated/bitmask_libraries/config.py @@ -36,7 +36,6 @@ class LeapConfig(object): def __init__(self, leap_home=None, - fetch_interval_in_s=30, timeout_in_s=15, start_background_jobs=False, gpg_binary=discover_gpg_binary()): @@ -45,4 +44,3 @@ class LeapConfig(object): self.timeout_in_s = timeout_in_s self.start_background_jobs = start_background_jobs self.gpg_binary = gpg_binary - self.fetch_interval_in_s = fetch_interval_in_s diff --git a/service/pixelated/bitmask_libraries/nicknym.py b/service/pixelated/bitmask_libraries/nicknym.py index 220d75e5..826ecb58 100644 --- a/service/pixelated/bitmask_libraries/nicknym.py +++ b/service/pixelated/bitmask_libraries/nicknym.py @@ -15,6 +15,7 @@ # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. from leap.keymanager import KeyManager, openpgp, KeyNotFound from .certs import LeapCertificate +from twisted.internet import defer class NickNym(object): @@ -23,28 +24,35 @@ class NickNym(object): self._email = email_address self.keymanager = KeyManager(self._email, nicknym_url, soledad_session.soledad, - token, LeapCertificate(provider).provider_api_cert, provider.api_uri, - provider.api_version, - uuid, config.gpg_binary) + token=token, ca_cert_path=LeapCertificate(provider).provider_api_cert, api_uri=provider.api_uri, + api_version=provider.api_version, + uid=uuid, gpgbinary=config.gpg_binary) + @defer.inlineCallbacks def generate_openpgp_key(self): - if not self._key_exists(self._email): + key_present = yield self._key_exists(self._email) + if not key_present: print "Generating keys - this could take a while..." - self._gen_key() - self._send_key_to_leap() + yield self._gen_key() + # Sending it anyway for now. TODO: This can be better with real checking (downloading pubkey from nicknym) + yield self._send_key_to_leap() + @defer.inlineCallbacks def _key_exists(self, email): try: - self.keymanager.get_key(email, openpgp.OpenPGPKey, private=True, fetch_remote=False) - return True + yield self.fetch_key(email, private=True, fetch_remote=False) + defer.returnValue(True) except KeyNotFound: - return False + defer.returnValue(False) + + def fetch_key(self, email, private=False, fetch_remote=True): + return self.keymanager.get_key(email, openpgp.OpenPGPKey, private=private, fetch_remote=fetch_remote) def _gen_key(self): - self.keymanager.gen_key(openpgp.OpenPGPKey) + return self.keymanager.gen_key(openpgp.OpenPGPKey) def _send_key_to_leap(self): - self.keymanager.send_key(openpgp.OpenPGPKey) + return self.keymanager.send_key(openpgp.OpenPGPKey) def _discover_nicknym_server(provider): diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py index 315ea7f1..b7f82f8a 100644 --- a/service/pixelated/bitmask_libraries/provider.py +++ b/service/pixelated/bitmask_libraries/provider.py @@ -93,7 +93,7 @@ class LeapProvider(object): digest = get_digest(cert_data, method) if fingerprint.strip() != digest: - raise Exception('Certificate fingerprints don\'t match') + raise Exception('Certificate fingerprints don\'t match! Expected [%s] but got [%s]' % (fingerprint.strip(), digest)) def _validated_get(self, url): session = requests.session() diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index a9cb15f2..7abe2a63 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -18,16 +18,15 @@ import traceback import sys import os -from leap.mail.imap.fetch import LeapIncomingMail -from leap.mail.imap.account import SoledadBackedAccount -from leap.mail.imap.memorystore import MemoryStore -from leap.mail.imap.soledadstore import SoledadStore +from leap.mail.incoming.service import IncomingMail from twisted.internet import reactor from .nicknym import NickNym from leap.auth import SRPAuth +from pixelated.adapter.mailstore import LeapMailStore from .soledad import SoledadSessionFactory from .smtp import LeapSmtp - +from leap.mail.imap.account import IMAPAccount +from twisted.internet import defer SESSIONS = {} @@ -47,48 +46,66 @@ class LeapSession(object): - ``user_auth`` the secure remote password session data after authenticating with LEAP. See http://en.wikipedia.org/wiki/Secure_Remote_Password_protocol (SRPSession) + - ``mail_store`` the MailStore to access the users mails + - ``soledad_session`` the soledad session. See https://leap.se/soledad (LeapSecureRemotePassword) - ``nicknym`` the nicknym instance. See https://leap.se/nicknym (NickNym) - - ``account`` the actual leap mail account. Implements Twisted imap4.IAccount and imap4.INamespacePresenter (SoledadBackedAccount) - - ``incoming_mail_fetcher`` Background job for fetching incoming mails from LEAP server (LeapIncomingMail) """ - def __init__(self, provider, user_auth, soledad_session, nicknym, soledad_account, incoming_mail_fetcher, smtp): + def __init__(self, provider, user_auth, mail_store, soledad_session, nicknym, smtp): self.smtp = smtp self.config = provider.config self.provider = provider self.user_auth = user_auth + self.mail_store = mail_store self.soledad_session = soledad_session self.nicknym = nicknym - self.account = soledad_account - self.incoming_mail_fetcher = incoming_mail_fetcher - self.soledad_session.soledad.sync(defer_decryption=False) - self.nicknym.generate_openpgp_key() - if self.config.start_background_jobs: - self.start_background_jobs() + @defer.inlineCallbacks + def initial_sync(self): + yield self.sync() + yield self.after_first_sync() + defer.returnValue(self) + + @defer.inlineCallbacks + def after_first_sync(self): + yield self.nicknym.generate_openpgp_key() + self.account = self._create_account(self.account_email, self.soledad_session) + self.incoming_mail_fetcher = yield self._create_incoming_mail_fetcher( + self.nicknym, + self.soledad_session, + self.account, + self.account_email()) + reactor.callFromThread(self.incoming_mail_fetcher.startService) + + def _create_account(self, user_mail, soledad_session): + account = IMAPAccount(user_mail, soledad_session.soledad) + return account def account_email(self): name = self.user_auth.username return self.provider.address_for(name) def close(self): - self.stop_background_jobs() + self.stop_background_jobs - def start_background_jobs(self): - self.smtp.ensure_running() - reactor.callFromThread(self.incoming_mail_fetcher.start_loop) + @defer.inlineCallbacks + def _create_incoming_mail_fetcher(self, nicknym, soledad_session, account, user_mail): + inbox = yield account.callWhenReady(lambda _: account.getMailbox('INBOX')) + defer.returnValue(IncomingMail(nicknym.keymanager, + soledad_session.soledad, + inbox.collection, + user_mail)) def stop_background_jobs(self): - self.smtp.stop() - reactor.callFromThread(self.incoming_mail_fetcher.stop) + reactor.callFromThread(self.incoming_mail_fetcher.stopService) def sync(self): try: - self.soledad_session.sync() + return self.soledad_session.sync() except: traceback.print_exc(file=sys.stderr) raise @@ -117,14 +134,13 @@ class LeapSessionFactory(object): account_email = self._provider.address_for(username) soledad = SoledadSessionFactory.create(self._provider, auth.token, auth.uuid, password) + mail_store = LeapMailStore(soledad.soledad) nicknym = self._create_nicknym(account_email, auth.token, auth.uuid, soledad) - account = self._create_account(auth.uuid, soledad) - incoming_mail_fetcher = self._create_incoming_mail_fetcher(nicknym, soledad, account, account_email) smtp = LeapSmtp(self._provider, auth, nicknym.keymanager) - return LeapSession(self._provider, auth, soledad, nicknym, account, incoming_mail_fetcher, smtp) + return LeapSession(self._provider, auth, mail_store, soledad, nicknym, smtp) def _lookup_session(self, key): global SESSIONS @@ -152,10 +168,5 @@ class LeapSessionFactory(object): def _create_nicknym(self, email_address, token, uuid, soledad_session): return NickNym(self._provider, self._config, soledad_session, email_address, token, uuid) - def _create_account(self, uuid, soledad_session): - memstore = MemoryStore(permanent_store=SoledadStore(soledad_session.soledad)) - return SoledadBackedAccount(uuid, soledad_session.soledad, memstore) - - def _create_incoming_mail_fetcher(self, nicknym, soledad_session, account, email_address): - return LeapIncomingMail(nicknym.keymanager, soledad_session.soledad, account, - self._config.fetch_interval_in_s, email_address) + # memstore = MemoryStore(permanent_store=SoledadStore(soledad_session.soledad)) + # return SoledadBackedAccount(uuid, soledad_session.soledad, memstore) diff --git a/service/pixelated/bitmask_libraries/smtp.py b/service/pixelated/bitmask_libraries/smtp.py index 31e56995..ff2792fb 100644 --- a/service/pixelated/bitmask_libraries/smtp.py +++ b/service/pixelated/bitmask_libraries/smtp.py @@ -88,7 +88,7 @@ class LeapSmtp(object): self._local_smtp_service, self._local_smtp_service_socket = setup_smtp_gateway( port=self.local_smtp_port_number, - userid=email, + userid=str(email), keymanager=self._keymanager, smtp_host=self._remote_hostname.encode('UTF-8'), smtp_port=self._remote_port, diff --git a/service/pixelated/bitmask_libraries/soledad.py b/service/pixelated/bitmask_libraries/soledad.py index f0cd9f2f..0546a158 100644 --- a/service/pixelated/bitmask_libraries/soledad.py +++ b/service/pixelated/bitmask_libraries/soledad.py @@ -17,7 +17,7 @@ import errno import os from leap.soledad.client import Soledad -from leap.soledad.common.crypto import WrongMac, UnknownMacMethod +from leap.soledad.common.crypto import WrongMacError, UnknownMacMethodError from pixelated.bitmask_libraries.certs import LeapCertificate SOLEDAD_TIMEOUT = 120 @@ -57,10 +57,16 @@ class SoledadSession(object): secrets = self._secrets_path() local_db = self._local_db_path() - return Soledad(self.user_uuid, unicode(encryption_passphrase), secrets, - local_db, server_url, LeapCertificate(self.provider).provider_api_cert, self.user_token, defer_encryption=False) + return Soledad(self.user_uuid, + passphrase=unicode(encryption_passphrase), + secrets_path=secrets, + local_db_path=local_db, server_url=server_url, + cert_file=LeapCertificate(self.provider).provider_api_cert, + shared_db=None, + auth_token=self.user_token, + defer_encryption=False) - except (WrongMac, UnknownMacMethod), e: + except (WrongMacError, UnknownMacMethodError), e: raise SoledadWrongPassphraseException(e) def _leap_path(self): @@ -82,8 +88,7 @@ class SoledadSession(object): raise def sync(self): - if self.soledad.need_sync(self.soledad.server_url): - self.soledad.sync() + return self.soledad.sync() def _discover_soledad_server(self): try: |