summaryrefslogtreecommitdiff
path: root/service/pixelated
diff options
context:
space:
mode:
Diffstat (limited to 'service/pixelated')
-rw-r--r--service/pixelated/bitmask_libraries/certs.py12
-rw-r--r--service/pixelated/bitmask_libraries/nicknym.py2
-rw-r--r--service/pixelated/bitmask_libraries/provider.py6
-rw-r--r--service/pixelated/bitmask_libraries/smtp.py2
-rw-r--r--service/pixelated/bitmask_libraries/soledad.py10
-rw-r--r--service/pixelated/register.py2
6 files changed, 15 insertions, 19 deletions
diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py
index 935c252a..874ab246 100644
--- a/service/pixelated/bitmask_libraries/certs.py
+++ b/service/pixelated/bitmask_libraries/certs.py
@@ -29,21 +29,25 @@ class LeapCertificate(object):
@staticmethod
def set_cert_and_fingerprint(cert_file=None, cert_fingerprint=None):
if cert_fingerprint is None:
- LeapCertificate.LEAP_CERT = cert_file or True
+ LeapCertificate.LEAP_CERT = str(cert_file) or True
LeapCertificate.LEAP_FINGERPRINT = None
else:
LeapCertificate.LEAP_FINGERPRINT = cert_fingerprint
LeapCertificate.LEAP_CERT = False
@property
- def api_ca_bundle(self):
- return os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client', 'api.pem')
+ def provider_web_cert(self):
+ return self.LEAP_CERT
+
+ @property
+ def provider_api_cert(self):
+ return str(os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client', 'api.pem'))
def setup_ca_bundle(self):
path = os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client')
if not os.path.isdir(path):
os.makedirs(path, 0700)
- self._download_cert(self.api_ca_bundle)
+ self._download_cert(self.provider_api_cert)
def _download_cert(self, cert_file_name):
cert = self._provider.fetch_valid_certificate()
diff --git a/service/pixelated/bitmask_libraries/nicknym.py b/service/pixelated/bitmask_libraries/nicknym.py
index bb278cdc..220d75e5 100644
--- a/service/pixelated/bitmask_libraries/nicknym.py
+++ b/service/pixelated/bitmask_libraries/nicknym.py
@@ -23,7 +23,7 @@ class NickNym(object):
self._email = email_address
self.keymanager = KeyManager(self._email, nicknym_url,
soledad_session.soledad,
- token, LeapCertificate(provider).api_ca_bundle, provider.api_uri,
+ token, LeapCertificate(provider).provider_api_cert, provider.api_uri,
provider.api_version,
uuid, config.gpg_binary)
diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py
index 0a22cf4d..e08bfb43 100644
--- a/service/pixelated/bitmask_libraries/provider.py
+++ b/service/pixelated/bitmask_libraries/provider.py
@@ -100,7 +100,7 @@ class LeapProvider(object):
session = requests.session()
try:
session.mount('https://', EnforceTLSv1Adapter(assert_fingerprint=LeapCertificate.LEAP_FINGERPRINT))
- response = session.get(url, verify=LeapCertificate.LEAP_CERT, timeout=self.config.timeout_in_s)
+ response = session.get(url, verify=LeapCertificate(self).provider_web_cert, timeout=self.config.timeout_in_s)
response.raise_for_status()
return response
finally:
@@ -115,14 +115,14 @@ class LeapProvider(object):
def fetch_soledad_json(self):
service_url = "%s/%s/config/soledad-service.json" % (
self.api_uri, self.api_version)
- response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle, timeout=self.config.timeout_in_s)
+ response = requests.get(service_url, verify=LeapCertificate(self).provider_api_cert, timeout=self.config.timeout_in_s)
response.raise_for_status()
return json.loads(response.content)
def fetch_smtp_json(self):
service_url = '%s/%s/config/smtp-service.json' % (
self.api_uri, self.api_version)
- response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle, timeout=self.config.timeout_in_s)
+ response = requests.get(service_url, verify=LeapCertificate(self).provider_api_cert, timeout=self.config.timeout_in_s)
response.raise_for_status()
return json.loads(response.content)
diff --git a/service/pixelated/bitmask_libraries/smtp.py b/service/pixelated/bitmask_libraries/smtp.py
index 745d88ef..759a2920 100644
--- a/service/pixelated/bitmask_libraries/smtp.py
+++ b/service/pixelated/bitmask_libraries/smtp.py
@@ -61,7 +61,7 @@ class LeapSmtp(object):
response = requests.get(
cert_url,
- verify=LeapCertificate(self._provider).api_ca_bundle,
+ verify=LeapCertificate(self._provider).provider_api_cert,
cookies=cookies,
timeout=self._provider.config.timeout_in_s)
response.raise_for_status()
diff --git a/service/pixelated/bitmask_libraries/soledad.py b/service/pixelated/bitmask_libraries/soledad.py
index 2e0219da..3700cd67 100644
--- a/service/pixelated/bitmask_libraries/soledad.py
+++ b/service/pixelated/bitmask_libraries/soledad.py
@@ -35,14 +35,6 @@ class SoledadWrongPassphraseException(Exception):
super(SoledadWrongPassphraseException, self).__init__(*args, **kwargs)
-class LeapKeyManager(object):
- def __init__(self, soledad, leap_session, nicknym_url):
- provider = leap_session.provider
- self.keymanager = KeyManager(leap_session.account_email(), nicknym_url, soledad,
- leap_session.session_id, leap_session.leap_home + '/ca.crt', provider.api_uri, leap_session.api_version,
- leap_session.uuid, leap_session.leap_config.gpg_binary)
-
-
class SoledadSessionFactory(object):
@classmethod
def create(cls, provider, user_token, user_uuid, encryption_passphrase):
@@ -67,7 +59,7 @@ class SoledadSession(object):
local_db = self._local_db_path()
return Soledad(self.user_uuid, unicode(encryption_passphrase), secrets,
- local_db, server_url, LeapCertificate(self.provider).api_ca_bundle, self.user_token, defer_encryption=False)
+ local_db, server_url, LeapCertificate(self.provider).provider_api_cert, self.user_token, defer_encryption=False)
except (WrongMac, UnknownMacMethod), e:
raise SoledadWrongPassphraseException(e)
diff --git a/service/pixelated/register.py b/service/pixelated/register.py
index 9fa98137..47c9c3f5 100644
--- a/service/pixelated/register.py
+++ b/service/pixelated/register.py
@@ -37,7 +37,7 @@ def register(server_name, username):
config = LeapConfig()
provider = LeapProvider(server_name, config)
password = getpass.getpass('Please enter password for %s: ' % username)
- srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).api_ca_bundle)
+ srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).provider_api_cert)
if srp_auth.register(username, password):
session = leap_session.open_leap_session(username, password, server_name)