From 8b0e4f05b142b73a5ca13f4706fcb6ececbb6911 Mon Sep 17 00:00:00 2001 From: rafael lisboa Date: Mon, 8 Jun 2015 13:59:55 -0300 Subject: move leap certs initialization to the certs module --- service/pixelated/bitmask_libraries/certs.py | 9 +++++++++ service/pixelated/config/leap.py | 13 ++----------- 2 files changed, 11 insertions(+), 11 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index a321e00e..3ca55469 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -25,6 +25,15 @@ LEAP_FINGERPRINT = None PACKAGED_CERTS_HOME = os.path.abspath(os.path.join(os.path.abspath(__file__), "..", "..", "certificates")) +def init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint): + if leap_provider_cert_fingerprint is None: + LEAP_CERT = leap_provider_cert or True + LEAP_FINGERPRINT = None + else: + LEAP_FINGERPRINT = leap_provider_cert_fingerprint + LEAP_CERT = False + + def which_api_CA_bundle(provider): return str(LeapCertificate(provider).api_ca_bundle()) diff --git a/service/pixelated/config/leap.py b/service/pixelated/config/leap.py index f13a3fc7..0248a46f 100644 --- a/service/pixelated/config/leap.py +++ b/service/pixelated/config/leap.py @@ -2,7 +2,7 @@ from __future__ import absolute_import import random from pixelated.config import credentials from leap.common.events import server as events_server -import pixelated.bitmask_libraries.certs as certs +from pixelated.bitmask_libraries import certs from pixelated.bitmask_libraries.session import open_leap_session @@ -13,7 +13,7 @@ def initialize_leap(leap_provider_cert, leap_home): init_monkeypatches() provider, user, password = credentials.read(organization_mode, credentials_file) - init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint) + certs.init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint) events_server.ensure_server(random.randrange(8000, 11999)) leap_session = create_leap_session(provider, user, password, leap_home) leap_session.start_background_jobs() @@ -30,15 +30,6 @@ def create_leap_session(provider, username, password, leap_home): return leap_session -def init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint): - if leap_provider_cert_fingerprint is None: - certs.LEAP_CERT = leap_provider_cert or True - certs.LEAP_FINGERPRINT = None - else: - certs.LEAP_FINGERPRINT = leap_provider_cert_fingerprint - certs.LEAP_CERT = False - - def init_monkeypatches(): import pixelated.extensions.protobuf_socket import pixelated.extensions.sqlcipher_wal -- cgit v1.2.3 From 7b1af2ede753a63c9f584ccf37691917714e9655 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Mon, 8 Jun 2015 18:27:09 -0300 Subject: Fixed certificates initialization and removed which_api_bundle --- service/pixelated/application.py | 1 - service/pixelated/bitmask_libraries/certs.py | 7 +++---- service/pixelated/bitmask_libraries/nicknym.py | 4 ++-- service/pixelated/bitmask_libraries/provider.py | 9 +++++---- service/pixelated/bitmask_libraries/smtp.py | 8 ++++++-- service/pixelated/bitmask_libraries/soledad.py | 5 ++--- service/pixelated/register.py | 4 ++-- service/test/unit/bitmask_libraries/test_certs.py | 12 +++++------- service/test/unit/bitmask_libraries/test_provider.py | 8 ++++---- 9 files changed, 29 insertions(+), 29 deletions(-) (limited to 'service') diff --git a/service/pixelated/application.py b/service/pixelated/application.py index 55946a5e..67990661 100644 --- a/service/pixelated/application.py +++ b/service/pixelated/application.py @@ -15,7 +15,6 @@ # along with Pixelated. If not, see . import sys - from twisted.internet import reactor from twisted.internet.threads import deferToThread from twisted.internet import defer diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index 3ca55469..3d567e53 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -34,10 +34,6 @@ def init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint): LEAP_CERT = False -def which_api_CA_bundle(provider): - return str(LeapCertificate(provider).api_ca_bundle()) - - def which_bootstrap_cert_fingerprint(): return LEAP_FINGERPRINT @@ -59,6 +55,9 @@ class LeapCertificate(object): self._provider = provider def auto_detect_bootstrap_ca_bundle(self): + if LEAP_CERT is not None: + return LEAP_CERT + if self._config.bootstrap_ca_cert_bundle == AUTO_DETECT_CA_BUNDLE: local_cert = self._local_bootstrap_server_cert() if local_cert: diff --git a/service/pixelated/bitmask_libraries/nicknym.py b/service/pixelated/bitmask_libraries/nicknym.py index bee90897..d7c9c7af 100644 --- a/service/pixelated/bitmask_libraries/nicknym.py +++ b/service/pixelated/bitmask_libraries/nicknym.py @@ -14,7 +14,7 @@ # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see . from leap.keymanager import KeyManager, openpgp, KeyNotFound -from .certs import which_api_CA_bundle +from .certs import LeapCertificate class NickNym(object): @@ -23,7 +23,7 @@ class NickNym(object): self._email = '%s@%s' % (username, provider.domain) self.keymanager = KeyManager('%s@%s' % (username, provider.domain), nicknym_url, soledad_session.soledad, - token, which_api_CA_bundle(provider), provider.api_uri, + token, LeapCertificate(provider).api_ca_bundle(), provider.api_uri, provider.api_version, uuid, config.gpg_binary) diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py index 1564c974..afad66e3 100644 --- a/service/pixelated/bitmask_libraries/provider.py +++ b/service/pixelated/bitmask_libraries/provider.py @@ -17,7 +17,8 @@ import json from leap.common.certs import get_digest import requests -from .certs import which_bootstrap_CA_bundle, which_api_CA_bundle, which_bootstrap_cert_fingerprint +from .certs import which_bootstrap_cert_fingerprint +from .certs import LeapCertificate from pixelated.support.tls_adapter import EnforceTLSv1Adapter @@ -100,7 +101,7 @@ class LeapProvider(object): session = requests.session() try: session.mount('https://', EnforceTLSv1Adapter(assert_fingerprint=which_bootstrap_cert_fingerprint())) - response = session.get(url, verify=which_bootstrap_CA_bundle(self), timeout=self.config.timeout_in_s) + response = session.get(url, verify=LeapCertificate(self).auto_detect_bootstrap_ca_bundle(), timeout=self.config.timeout_in_s) response.raise_for_status() return response finally: @@ -115,14 +116,14 @@ class LeapProvider(object): def fetch_soledad_json(self): service_url = "%s/%s/config/soledad-service.json" % ( self.api_uri, self.api_version) - response = requests.get(service_url, verify=which_api_CA_bundle(self), timeout=self.config.timeout_in_s) + response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle(), timeout=self.config.timeout_in_s) response.raise_for_status() return json.loads(response.content) def fetch_smtp_json(self): service_url = '%s/%s/config/smtp-service.json' % ( self.api_uri, self.api_version) - response = requests.get(service_url, verify=which_api_CA_bundle(self), timeout=self.config.timeout_in_s) + response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle(), timeout=self.config.timeout_in_s) response.raise_for_status() return json.loads(response.content) diff --git a/service/pixelated/bitmask_libraries/smtp.py b/service/pixelated/bitmask_libraries/smtp.py index c22601d2..4b6ec719 100644 --- a/service/pixelated/bitmask_libraries/smtp.py +++ b/service/pixelated/bitmask_libraries/smtp.py @@ -17,8 +17,8 @@ import logging import os import requests import random -from .certs import which_api_CA_bundle from leap.mail.smtp import setup_smtp_gateway +from pixelated.bitmask_libraries.certs import LeapCertificate logger = logging.getLogger(__name__) @@ -59,7 +59,11 @@ class LeapSmtp(object): cert_url = '%s/%s/cert' % (self._provider.api_uri, self._provider.api_version) cookies = {"_session_id": self.session_id} - response = requests.get(cert_url, verify=which_api_CA_bundle(self._provider), cookies=cookies, timeout=self._provider.config.timeout_in_s) + response = requests.get( + cert_url, + verify=LeapCertificate(self._provider).api_ca_bundle(), + cookies=cookies, + timeout=self._provider.config.timeout_in_s) response.raise_for_status() client_cert = response.content diff --git a/service/pixelated/bitmask_libraries/soledad.py b/service/pixelated/bitmask_libraries/soledad.py index f3fca95a..207b3e73 100644 --- a/service/pixelated/bitmask_libraries/soledad.py +++ b/service/pixelated/bitmask_libraries/soledad.py @@ -19,8 +19,7 @@ import os from leap.keymanager import KeyManager from leap.soledad.client import Soledad from leap.soledad.common.crypto import WrongMac, UnknownMacMethod -from .certs import which_api_CA_bundle - +from pixelated.bitmask_libraries.certs import LeapCertificate SOLEDAD_TIMEOUT = 120 SOLEDAD_CERT = '/tmp/ca.crt' @@ -68,7 +67,7 @@ class SoledadSession(object): local_db = self._local_db_path() return Soledad(self.user_uuid, unicode(encryption_passphrase), secrets, - local_db, server_url, which_api_CA_bundle(self.provider), self.user_token, defer_encryption=False) + local_db, server_url, LeapCertificate(self.provider).api_ca_bundle(), self.user_token, defer_encryption=False) except (WrongMac, UnknownMacMethod), e: raise SoledadWrongPassphraseException(e) diff --git a/service/pixelated/register.py b/service/pixelated/register.py index 0eac97a7..576c069d 100644 --- a/service/pixelated/register.py +++ b/service/pixelated/register.py @@ -20,7 +20,7 @@ import logging from pixelated.bitmask_libraries import session as leap_session from pixelated.config import arguments from pixelated.config import logger as logger_config -from pixelated.bitmask_libraries.certs import which_api_CA_bundle +from pixelated.bitmask_libraries.certs import LeapCertificate from pixelated.bitmask_libraries.config import LeapConfig from pixelated.bitmask_libraries.provider import LeapProvider from leap.auth import SRPAuth @@ -37,7 +37,7 @@ def register(server_name, username): config = LeapConfig() provider = LeapProvider(server_name, config) password = getpass.getpass('Please enter password for %s: ' % username) - srp_auth = SRPAuth(provider.api_uri, which_api_CA_bundle(provider)) + srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).api_ca_bundle()) if srp_auth.register(username, password): session = leap_session.open_leap_session(username, password, server_name) diff --git a/service/test/unit/bitmask_libraries/test_certs.py b/service/test/unit/bitmask_libraries/test_certs.py index 4a06649d..814f083f 100644 --- a/service/test/unit/bitmask_libraries/test_certs.py +++ b/service/test/unit/bitmask_libraries/test_certs.py @@ -1,6 +1,6 @@ import unittest -from pixelated.bitmask_libraries.certs import which_bootstrap_CA_bundle, which_api_CA_bundle +from pixelated.bitmask_libraries.certs import LeapCertificate from pixelated.bitmask_libraries.config import AUTO_DETECT_CA_BUNDLE from mock import MagicMock, patch @@ -9,27 +9,25 @@ class CertsTest(unittest.TestCase): @patch('pixelated.bitmask_libraries.certs.os.path.isfile') @patch('pixelated.bitmask_libraries.certs.os.path.isdir') - def test_that_which_bootstrap_cert_bundle_returns_byte_string(self, mock_isdir, mock_isfile): + def test_that_which_bootstrap_cert_bundle_returns_string(self, mock_isdir, mock_isfile): mock_isfile.return_value = True mock_isdir.return_value = True config = MagicMock(bootstrap_ca_cert_bundle=AUTO_DETECT_CA_BUNDLE, leap_home='/leap/home') provider = MagicMock(server_name=u'test.leap.net', config=config) - bundle = which_bootstrap_CA_bundle(provider) + bundle = LeapCertificate(provider).auto_detect_bootstrap_ca_bundle() self.assertEqual('/leap/home/providers/test.leap.net/test.leap.net.ca.crt', bundle) - self.assertEqual(str, type(bundle)) @patch('pixelated.bitmask_libraries.certs.os.path.isfile') @patch('pixelated.bitmask_libraries.certs.os.path.isdir') - def test_that_which_bundle_returns_byte_string(self, mock_isdir, mock_isfile): + def test_that_which_bundle_returns_string(self, mock_isdir, mock_isfile): mock_isfile.return_value = True mock_isdir.return_value = True config = MagicMock(bootstrap_ca_cert_bundle=AUTO_DETECT_CA_BUNDLE, ca_cert_bundle=None, leap_home='/some/leap/home') provider = MagicMock(server_name=u'test.leap.net', config=config) - bundle = which_api_CA_bundle(provider) + bundle = LeapCertificate(provider).api_ca_bundle() self.assertEqual('/some/leap/home/providers/test.leap.net/keys/client/api.pem', bundle) - self.assertEqual(str, type(bundle)) diff --git a/service/test/unit/bitmask_libraries/test_provider.py b/service/test/unit/bitmask_libraries/test_provider.py index 0771c7cc..5b5c2034 100644 --- a/service/test/unit/bitmask_libraries/test_provider.py +++ b/service/test/unit/bitmask_libraries/test_provider.py @@ -220,11 +220,11 @@ class LeapProviderTest(AbstractLeapTest): session_func = MagicMock(return_value=session) with patch('pixelated.bitmask_libraries.provider.which_bootstrap_cert_fingerprint', return_value='some fingerprint'): - with patch('pixelated.bitmask_libraries.provider.which_bootstrap_CA_bundle', return_value=False): with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): - with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock): - provider = LeapProvider('some-provider.test', self.config) - provider.fetch_valid_certificate() + with patch('pixelated.bitmask_libraries.certs.LeapCertificate.auto_detect_bootstrap_ca_bundle', return_value=False): + with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock): + provider = LeapProvider('some-provider.test', self.config) + provider.fetch_valid_certificate() session.get.assert_any_call('https://some-provider.test/ca.crt', verify=False, timeout=15) session.mount.assert_called_with('https://', ANY) -- cgit v1.2.3 From f303f0c6d6cc214e3acc989c75f586fc4191ec6f Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Mon, 8 Jun 2015 18:30:14 -0300 Subject: Removed which_bootstrap_ca_bundle --- service/pixelated/bitmask_libraries/certs.py | 6 ------ 1 file changed, 6 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index 3d567e53..16319d83 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -38,12 +38,6 @@ def which_bootstrap_cert_fingerprint(): return LEAP_FINGERPRINT -def which_bootstrap_CA_bundle(provider): - if LEAP_CERT is not None: - return LEAP_CERT - return str(LeapCertificate(provider).auto_detect_bootstrap_ca_bundle()) - - def refresh_ca_bundle(provider): LeapCertificate(provider).refresh_ca_bundle() -- cgit v1.2.3 From 3e902a70b94d31458c159c641720d38152bbb267 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Mon, 8 Jun 2015 18:54:27 -0300 Subject: Moved initialization, fingerprint and cert inside LeapCertificate class --- service/pixelated/bitmask_libraries/certs.py | 42 ++++++++-------------- service/pixelated/bitmask_libraries/provider.py | 3 +- service/pixelated/bitmask_libraries/session.py | 4 +-- service/pixelated/config/leap.py | 4 +-- .../test/unit/bitmask_libraries/test_provider.py | 2 +- 5 files changed, 20 insertions(+), 35 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index 16319d83..2535b747 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -20,37 +20,29 @@ from leap.common import ca_bundle from .config import AUTO_DETECT_CA_BUNDLE -LEAP_CERT = None -LEAP_FINGERPRINT = None -PACKAGED_CERTS_HOME = os.path.abspath(os.path.join(os.path.abspath(__file__), "..", "..", "certificates")) +class LeapCertificate(object): -def init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint): - if leap_provider_cert_fingerprint is None: - LEAP_CERT = leap_provider_cert or True - LEAP_FINGERPRINT = None - else: - LEAP_FINGERPRINT = leap_provider_cert_fingerprint - LEAP_CERT = False - - -def which_bootstrap_cert_fingerprint(): - return LEAP_FINGERPRINT - - -def refresh_ca_bundle(provider): - LeapCertificate(provider).refresh_ca_bundle() - + LEAP_CERT = None + LEAP_FINGERPRINT = None -class LeapCertificate(object): def __init__(self, provider): self._config = provider.config self._server_name = provider.server_name self._provider = provider + @staticmethod + def set_cert_and_fingerprint(cert_file=None, cert_fingerprint=None): + if cert_fingerprint is None: + LeapCertificate.LEAP_CERT = cert_file or True + LeapCertificate.LEAP_FINGERPRINT = None + else: + LeapCertificate.LEAP_FINGERPRINT = cert_fingerprint + LeapCertificate.LEAP_CERT = False + def auto_detect_bootstrap_ca_bundle(self): - if LEAP_CERT is not None: - return LEAP_CERT + if self.LEAP_CERT is not None: + return self.LEAP_CERT if self._config.bootstrap_ca_cert_bundle == AUTO_DETECT_CA_BUNDLE: local_cert = self._local_bootstrap_server_cert() @@ -91,12 +83,6 @@ class LeapCertificate(object): if os.path.isfile(cert_file): return cert_file - cert_file = os.path.join(PACKAGED_CERTS_HOME, '%s.ca.crt' % self._server_name) - if os.path.exists(cert_file): - return cert_file - - # else download the file - cert_file = self._bootstrap_certs_cert_file() response = requests.get('https://%s/provider.json' % self._server_name) provider_data = json.loads(response.content) ca_cert_uri = str(provider_data['ca_cert_uri']) diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py index afad66e3..38df504e 100644 --- a/service/pixelated/bitmask_libraries/provider.py +++ b/service/pixelated/bitmask_libraries/provider.py @@ -17,7 +17,6 @@ import json from leap.common.certs import get_digest import requests -from .certs import which_bootstrap_cert_fingerprint from .certs import LeapCertificate from pixelated.support.tls_adapter import EnforceTLSv1Adapter @@ -100,7 +99,7 @@ class LeapProvider(object): def _validated_get(self, url): session = requests.session() try: - session.mount('https://', EnforceTLSv1Adapter(assert_fingerprint=which_bootstrap_cert_fingerprint())) + session.mount('https://', EnforceTLSv1Adapter(assert_fingerprint=LeapCertificate.LEAP_FINGERPRINT)) response = session.get(url, verify=LeapCertificate(self).auto_detect_bootstrap_ca_bundle(), timeout=self.config.timeout_in_s) response.raise_for_status() return response diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index 12cbd91b..09bf277d 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -24,7 +24,7 @@ from leap.mail.imap.memorystore import MemoryStore from leap.mail.imap.soledadstore import SoledadStore from pixelated.bitmask_libraries.config import LeapConfig from pixelated.bitmask_libraries.provider import LeapProvider -from pixelated.bitmask_libraries.certs import refresh_ca_bundle +from pixelated.bitmask_libraries.certs import LeapCertificate from twisted.internet import reactor from .nicknym import NickNym from leap.auth import SRPAuth @@ -39,7 +39,7 @@ SESSIONS = {} def open_leap_session(username, password, server_name, leap_home=DEFAULT_LEAP_HOME): config = LeapConfig(leap_home=leap_home) provider = LeapProvider(server_name, config) - refresh_ca_bundle(provider) + LeapCertificate(provider).refresh_ca_bundle() session = LeapSessionFactory(provider).create(username, password) return session diff --git a/service/pixelated/config/leap.py b/service/pixelated/config/leap.py index 0248a46f..7a383b17 100644 --- a/service/pixelated/config/leap.py +++ b/service/pixelated/config/leap.py @@ -2,7 +2,7 @@ from __future__ import absolute_import import random from pixelated.config import credentials from leap.common.events import server as events_server -from pixelated.bitmask_libraries import certs +from pixelated.bitmask_libraries.certs import LeapCertificate from pixelated.bitmask_libraries.session import open_leap_session @@ -13,7 +13,7 @@ def initialize_leap(leap_provider_cert, leap_home): init_monkeypatches() provider, user, password = credentials.read(organization_mode, credentials_file) - certs.init_leap_cert(leap_provider_cert, leap_provider_cert_fingerprint) + LeapCertificate.set_cert_and_fingerprint(leap_provider_cert, leap_provider_cert_fingerprint) events_server.ensure_server(random.randrange(8000, 11999)) leap_session = create_leap_session(provider, user, password, leap_home) leap_session.start_background_jobs() diff --git a/service/test/unit/bitmask_libraries/test_provider.py b/service/test/unit/bitmask_libraries/test_provider.py index 5b5c2034..49627565 100644 --- a/service/test/unit/bitmask_libraries/test_provider.py +++ b/service/test/unit/bitmask_libraries/test_provider.py @@ -219,7 +219,7 @@ class LeapProviderTest(AbstractLeapTest): session = MagicMock(wraps=requests.session()) session_func = MagicMock(return_value=session) - with patch('pixelated.bitmask_libraries.provider.which_bootstrap_cert_fingerprint', return_value='some fingerprint'): + with patch('pixelated.bitmask_libraries.certs.LeapCertificate.LEAP_FINGERPRINT', return_value='some fingerprint'): with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): with patch('pixelated.bitmask_libraries.certs.LeapCertificate.auto_detect_bootstrap_ca_bundle', return_value=False): with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock): -- cgit v1.2.3 From 006d753c391d82baa634f112e5d8d06b61eeaaeb Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Mon, 8 Jun 2015 20:34:29 -0300 Subject: Heavy rework on certs, removed most of it, simplified the logic --- service/pixelated/bitmask_libraries/certs.py | 66 ++-------------------- service/pixelated/bitmask_libraries/config.py | 48 ++-------------- service/pixelated/bitmask_libraries/nicknym.py | 2 +- service/pixelated/bitmask_libraries/provider.py | 6 +- service/pixelated/bitmask_libraries/session.py | 13 ----- service/pixelated/bitmask_libraries/smtp.py | 2 +- service/pixelated/bitmask_libraries/soledad.py | 2 +- service/pixelated/config/arguments.py | 4 +- service/pixelated/config/leap.py | 21 ++++--- service/pixelated/register.py | 2 +- service/test/unit/bitmask_libraries/test_certs.py | 30 ++++------ .../test/unit/bitmask_libraries/test_nicknym.py | 21 ++++--- .../test/unit/bitmask_libraries/test_provider.py | 18 +++--- 13 files changed, 66 insertions(+), 169 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index 2535b747..ed6233c1 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -16,9 +16,6 @@ import os import requests import json -from leap.common import ca_bundle - -from .config import AUTO_DETECT_CA_BUNDLE class LeapCertificate(object): @@ -40,70 +37,17 @@ class LeapCertificate(object): LeapCertificate.LEAP_FINGERPRINT = cert_fingerprint LeapCertificate.LEAP_CERT = False - def auto_detect_bootstrap_ca_bundle(self): - if self.LEAP_CERT is not None: - return self.LEAP_CERT - - if self._config.bootstrap_ca_cert_bundle == AUTO_DETECT_CA_BUNDLE: - local_cert = self._local_bootstrap_server_cert() - if local_cert: - return local_cert - else: - return ca_bundle.where() - else: - return self._config.bootstrap_ca_cert_bundle - + @property def api_ca_bundle(self): - if self._provider.config.ca_cert_bundle: - return self._provider.config.ca_cert_bundle - - cert_file = self._api_cert_file() + return os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client', 'api.pem') - if not os.path.isfile(cert_file): - self._download_server_cert(cert_file) - - return cert_file - - def refresh_ca_bundle(self): - cert_file = self._api_cert_file() - self._download_server_cert(cert_file) - - def _api_cert_file(self): - certs_root = self._api_certs_root_path() - return os.path.join(certs_root, 'api.pem') - - def _api_certs_root_path(self): + def setup_ca_bundle(self): path = os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client') if not os.path.isdir(path): os.makedirs(path, 0700) - return path - - def _local_bootstrap_server_cert(self): - cert_file = self._bootstrap_certs_cert_file() - if os.path.isfile(cert_file): - return cert_file + self._download_cert(self.api_ca_bundle) - response = requests.get('https://%s/provider.json' % self._server_name) - provider_data = json.loads(response.content) - ca_cert_uri = str(provider_data['ca_cert_uri']) - - response = requests.get(ca_cert_uri) - with open(cert_file, 'w') as file: - file.write(response.content) - - return cert_file - - def _bootstrap_certs_cert_file(self): - path = os.path.join(self._provider.config.leap_home, 'providers', self._server_name) - if not os.path.isdir(path): - os.makedirs(path, 0700) - - file_path = os.path.join(path, '%s.ca.crt' % self._server_name) - - return file_path - - def _download_server_cert(self, cert_file_name): + def _download_cert(self, cert_file_name): cert = self._provider.fetch_valid_certificate() - with open(cert_file_name, 'w') as file: file.write(cert) diff --git a/service/pixelated/bitmask_libraries/config.py b/service/pixelated/bitmask_libraries/config.py index 8c862d0a..efb43411 100644 --- a/service/pixelated/bitmask_libraries/config.py +++ b/service/pixelated/bitmask_libraries/config.py @@ -13,10 +13,9 @@ # # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see . -from distutils.spawn import find_executable import os -from os.path import expanduser +from distutils.spawn import find_executable def discover_gpg_binary(): @@ -30,54 +29,19 @@ def discover_gpg_binary(): return path -DEFAULT_LEAP_HOME = os.path.join(expanduser("~"), '.leap') - SYSTEM_CA_BUNDLE = True -AUTO_DETECT_CA_BUNDLE = None class LeapConfig(object): - """ - LEAP client configuration - """ - - def __init__(self, leap_home=DEFAULT_LEAP_HOME, bootstrap_ca_cert_bundle=AUTO_DETECT_CA_BUNDLE, - ca_cert_bundle=AUTO_DETECT_CA_BUNDLE, verify_ssl=True, + def __init__(self, + leap_home=None, fetch_interval_in_s=30, - timeout_in_s=15, start_background_jobs=False, gpg_binary=discover_gpg_binary()): - """ - Constructor. - - :param server_name: The LEAP server name, e.g. demo.leap.se - :type server_name: str - - :param user_name: The LEAP account user name, normally the first part of your email, e.g. foobar for foobar@demo.leap.se - :type user_name: str - - :param user_password: The LEAP account password - :type user_password: str - - :param db_passphrase: The passphrase used to encrypt the local soledad database - :type db_passphrase: str - - :param verify_ssl: Set to false to disable strict SSL certificate validation - :type verify_ssl: bool - - :param fetch_interval_in_s: Polling interval for fetching incoming mail from LEAP server - :type fetch_interval_in_s: int - - :param timeout_in_s: Timeout for network operations, e.g. HTTP calls - :type timeout_in_s: int - - :param gpg_binary: Path to the GPG binary (must not be a symlink) - :type gpg_binary: str + timeout_in_s=15, + start_background_jobs=False, + gpg_binary=discover_gpg_binary()): - """ self.leap_home = leap_home - self.bootstrap_ca_cert_bundle = bootstrap_ca_cert_bundle - self.ca_cert_bundle = ca_cert_bundle - self.verify_ssl = verify_ssl self.timeout_in_s = timeout_in_s self.start_background_jobs = start_background_jobs self.gpg_binary = gpg_binary diff --git a/service/pixelated/bitmask_libraries/nicknym.py b/service/pixelated/bitmask_libraries/nicknym.py index d7c9c7af..8220d006 100644 --- a/service/pixelated/bitmask_libraries/nicknym.py +++ b/service/pixelated/bitmask_libraries/nicknym.py @@ -23,7 +23,7 @@ class NickNym(object): self._email = '%s@%s' % (username, provider.domain) self.keymanager = KeyManager('%s@%s' % (username, provider.domain), nicknym_url, soledad_session.soledad, - token, LeapCertificate(provider).api_ca_bundle(), provider.api_uri, + token, LeapCertificate(provider).api_ca_bundle, provider.api_uri, provider.api_version, uuid, config.gpg_binary) diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py index 38df504e..0129480c 100644 --- a/service/pixelated/bitmask_libraries/provider.py +++ b/service/pixelated/bitmask_libraries/provider.py @@ -100,7 +100,7 @@ class LeapProvider(object): session = requests.session() try: session.mount('https://', EnforceTLSv1Adapter(assert_fingerprint=LeapCertificate.LEAP_FINGERPRINT)) - response = session.get(url, verify=LeapCertificate(self).auto_detect_bootstrap_ca_bundle(), timeout=self.config.timeout_in_s) + response = session.get(url, verify=LeapCertificate.LEAP_CERT, timeout=self.config.timeout_in_s) response.raise_for_status() return response finally: @@ -115,14 +115,14 @@ class LeapProvider(object): def fetch_soledad_json(self): service_url = "%s/%s/config/soledad-service.json" % ( self.api_uri, self.api_version) - response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle(), timeout=self.config.timeout_in_s) + response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle, timeout=self.config.timeout_in_s) response.raise_for_status() return json.loads(response.content) def fetch_smtp_json(self): service_url = '%s/%s/config/smtp-service.json' % ( self.api_uri, self.api_version) - response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle(), timeout=self.config.timeout_in_s) + response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle, timeout=self.config.timeout_in_s) response.raise_for_status() return json.loads(response.content) diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index 09bf277d..ad01d495 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -22,29 +22,16 @@ from leap.mail.imap.fetch import LeapIncomingMail from leap.mail.imap.account import SoledadBackedAccount from leap.mail.imap.memorystore import MemoryStore from leap.mail.imap.soledadstore import SoledadStore -from pixelated.bitmask_libraries.config import LeapConfig -from pixelated.bitmask_libraries.provider import LeapProvider -from pixelated.bitmask_libraries.certs import LeapCertificate from twisted.internet import reactor from .nicknym import NickNym from leap.auth import SRPAuth from .soledad import SoledadSessionFactory from .smtp import LeapSmtp -from .config import DEFAULT_LEAP_HOME SESSIONS = {} -def open_leap_session(username, password, server_name, leap_home=DEFAULT_LEAP_HOME): - config = LeapConfig(leap_home=leap_home) - provider = LeapProvider(server_name, config) - LeapCertificate(provider).refresh_ca_bundle() - session = LeapSessionFactory(provider).create(username, password) - - return session - - class LeapSession(object): """ A LEAP session. diff --git a/service/pixelated/bitmask_libraries/smtp.py b/service/pixelated/bitmask_libraries/smtp.py index 4b6ec719..745d88ef 100644 --- a/service/pixelated/bitmask_libraries/smtp.py +++ b/service/pixelated/bitmask_libraries/smtp.py @@ -61,7 +61,7 @@ class LeapSmtp(object): response = requests.get( cert_url, - verify=LeapCertificate(self._provider).api_ca_bundle(), + verify=LeapCertificate(self._provider).api_ca_bundle, cookies=cookies, timeout=self._provider.config.timeout_in_s) response.raise_for_status() diff --git a/service/pixelated/bitmask_libraries/soledad.py b/service/pixelated/bitmask_libraries/soledad.py index 207b3e73..2e0219da 100644 --- a/service/pixelated/bitmask_libraries/soledad.py +++ b/service/pixelated/bitmask_libraries/soledad.py @@ -67,7 +67,7 @@ class SoledadSession(object): local_db = self._local_db_path() return Soledad(self.user_uuid, unicode(encryption_passphrase), secrets, - local_db, server_url, LeapCertificate(self.provider).api_ca_bundle(), self.user_token, defer_encryption=False) + local_db, server_url, LeapCertificate(self.provider).api_ca_bundle, self.user_token, defer_encryption=False) except (WrongMac, UnknownMacMethod), e: raise SoledadWrongPassphraseException(e) diff --git a/service/pixelated/config/arguments.py b/service/pixelated/config/arguments.py index 8899f9a8..72ae6141 100644 --- a/service/pixelated/config/arguments.py +++ b/service/pixelated/config/arguments.py @@ -14,8 +14,8 @@ # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see . +import os import argparse -from pixelated.bitmask_libraries.config import DEFAULT_LEAP_HOME def parse_user_agent_args(): @@ -57,6 +57,6 @@ def parser_add_default_arguments(parser): parser.add_argument('--debug', action='store_true', help='DEBUG mode.') parser.add_argument('--organization-mode', help='Runs the user agent in organization mode, the credentials will be received from the stdin', default=False, action='store_true', dest='organization_mode') parser.add_argument('-c', '--config', dest='credentials_file', metavar='', default=None, help='use specified file for credentials (for test purposes only)') - parser.add_argument('--leap-home', help='The folder where the user agent stores its data. Defaults to ~/.leap', dest='leap_home', default=DEFAULT_LEAP_HOME) + parser.add_argument('--leap-home', help='The folder where the user agent stores its data. Defaults to ~/.leap', dest='leap_home', default=os.path.join(os.path.expanduser("~"), '.leap')) parser.add_argument('-lc', '--leap-provider-cert', metavar='', default=None, help='use specified file for LEAP provider cert authority certificate (url https:///ca.crt)') parser.add_argument('-lf', '--leap-provider-cert-fingerprint', metavar='', default=None, help='use specified fingerprint to validate connection with LEAP provider', dest='leap_provider_cert_fingerprint') diff --git a/service/pixelated/config/leap.py b/service/pixelated/config/leap.py index 7a383b17..f2c025ba 100644 --- a/service/pixelated/config/leap.py +++ b/service/pixelated/config/leap.py @@ -2,8 +2,10 @@ from __future__ import absolute_import import random from pixelated.config import credentials from leap.common.events import server as events_server +from pixelated.bitmask_libraries.config import LeapConfig from pixelated.bitmask_libraries.certs import LeapCertificate -from pixelated.bitmask_libraries.session import open_leap_session +from pixelated.bitmask_libraries.provider import LeapProvider +from pixelated.bitmask_libraries.session import LeapSessionFactory def initialize_leap(leap_provider_cert, @@ -12,21 +14,18 @@ def initialize_leap(leap_provider_cert, organization_mode, leap_home): init_monkeypatches() - provider, user, password = credentials.read(organization_mode, credentials_file) - LeapCertificate.set_cert_and_fingerprint(leap_provider_cert, leap_provider_cert_fingerprint) events_server.ensure_server(random.randrange(8000, 11999)) - leap_session = create_leap_session(provider, user, password, leap_home) - leap_session.start_background_jobs() - return leap_session + provider, username, password = credentials.read(organization_mode, credentials_file) + LeapCertificate.set_cert_and_fingerprint(leap_provider_cert, leap_provider_cert_fingerprint) + config = LeapConfig(leap_home=leap_home) + provider = LeapProvider(provider, config) + LeapCertificate(provider).setup_ca_bundle() + leap_session = LeapSessionFactory(provider).create(username, password) -def create_leap_session(provider, username, password, leap_home): - leap_session = open_leap_session(username, - password, - provider, - leap_home) leap_session.soledad_session.soledad.sync(defer_decryption=False) leap_session.nicknym.generate_openpgp_key() + leap_session.start_background_jobs() return leap_session diff --git a/service/pixelated/register.py b/service/pixelated/register.py index 576c069d..9fa98137 100644 --- a/service/pixelated/register.py +++ b/service/pixelated/register.py @@ -37,7 +37,7 @@ def register(server_name, username): config = LeapConfig() provider = LeapProvider(server_name, config) password = getpass.getpass('Please enter password for %s: ' % username) - srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).api_ca_bundle()) + srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).api_ca_bundle) if srp_auth.register(username, password): session = leap_session.open_leap_session(username, password, server_name) diff --git a/service/test/unit/bitmask_libraries/test_certs.py b/service/test/unit/bitmask_libraries/test_certs.py index 814f083f..150a1f14 100644 --- a/service/test/unit/bitmask_libraries/test_certs.py +++ b/service/test/unit/bitmask_libraries/test_certs.py @@ -1,33 +1,27 @@ import unittest from pixelated.bitmask_libraries.certs import LeapCertificate -from pixelated.bitmask_libraries.config import AUTO_DETECT_CA_BUNDLE from mock import MagicMock, patch class CertsTest(unittest.TestCase): - @patch('pixelated.bitmask_libraries.certs.os.path.isfile') - @patch('pixelated.bitmask_libraries.certs.os.path.isdir') - def test_that_which_bootstrap_cert_bundle_returns_string(self, mock_isdir, mock_isfile): - mock_isfile.return_value = True - mock_isdir.return_value = True - config = MagicMock(bootstrap_ca_cert_bundle=AUTO_DETECT_CA_BUNDLE, leap_home='/leap/home') - provider = MagicMock(server_name=u'test.leap.net', config=config) + def test_set_cert_and_fingerprint_sets_cert(self): + LeapCertificate.set_cert_and_fingerprint('some cert', None) - bundle = LeapCertificate(provider).auto_detect_bootstrap_ca_bundle() + self.assertIsNone(LeapCertificate.LEAP_FINGERPRINT) + self.assertEqual('some cert', LeapCertificate.LEAP_CERT) - self.assertEqual('/leap/home/providers/test.leap.net/test.leap.net.ca.crt', bundle) + def test_set_cert_and_fingerprint_sets_fingerprint(self): + LeapCertificate.set_cert_and_fingerprint(None, 'fingerprint') - @patch('pixelated.bitmask_libraries.certs.os.path.isfile') - @patch('pixelated.bitmask_libraries.certs.os.path.isdir') - def test_that_which_bundle_returns_string(self, mock_isdir, mock_isfile): - mock_isfile.return_value = True - mock_isdir.return_value = True + self.assertEqual('fingerprint', LeapCertificate.LEAP_FINGERPRINT) + self.assertFalse(LeapCertificate.LEAP_CERT) - config = MagicMock(bootstrap_ca_cert_bundle=AUTO_DETECT_CA_BUNDLE, ca_cert_bundle=None, leap_home='/some/leap/home') + def test_api_ca_bundle(self): + config = MagicMock(leap_home='/some/leap/home') provider = MagicMock(server_name=u'test.leap.net', config=config) - bundle = LeapCertificate(provider).api_ca_bundle() + cert = LeapCertificate(provider).api_ca_bundle - self.assertEqual('/some/leap/home/providers/test.leap.net/keys/client/api.pem', bundle) + self.assertEqual('/some/leap/home/providers/test.leap.net/keys/client/api.pem', cert) diff --git a/service/test/unit/bitmask_libraries/test_nicknym.py b/service/test/unit/bitmask_libraries/test_nicknym.py index b892c22c..4e683494 100644 --- a/service/test/unit/bitmask_libraries/test_nicknym.py +++ b/service/test/unit/bitmask_libraries/test_nicknym.py @@ -15,16 +15,17 @@ # along with Pixelated. If not, see . from mock import patch +from test_abstract_leap import AbstractLeapTest from leap.keymanager import openpgp, KeyNotFound from pixelated.bitmask_libraries.nicknym import NickNym -from test_abstract_leap import AbstractLeapTest +from pixelated.bitmask_libraries.certs import LeapCertificate class NickNymTest(AbstractLeapTest): @patch('pixelated.bitmask_libraries.nicknym.KeyManager.__init__', return_value=None) - def test_that_keymanager_is_created(self, init_mock): + def test_that_keymanager_is_created(self, keymanager_init_mock): # given - + LeapCertificate.api_ca_bundle = '/some/path/to/provider_ca_cert' # when NickNym(self.provider, self.config, @@ -34,10 +35,16 @@ class NickNymTest(AbstractLeapTest): self.auth.uuid) # then - init_mock.assert_called_with('test_user@some-server.test', 'https://nicknym.some-server.test:6425/', - self.soledad, self.auth.token, '/some/path/to/provider_ca_cert', - 'https://api.some-server.test:4430', '1', self.auth.uuid, - '/path/to/gpg') + keymanager_init_mock.assert_called_with( + 'test_user@some-server.test', + 'https://nicknym.some-server.test:6425/', + self.soledad, + self.auth.token, + '/some/path/to/provider_ca_cert', + 'https://api.some-server.test:4430', + '1', + self.auth.uuid, + '/path/to/gpg') @patch('pixelated.bitmask_libraries.nicknym.KeyManager') def test_gen_key(self, keymanager_mock): diff --git a/service/test/unit/bitmask_libraries/test_provider.py b/service/test/unit/bitmask_libraries/test_provider.py index 49627565..320fece2 100644 --- a/service/test/unit/bitmask_libraries/test_provider.py +++ b/service/test/unit/bitmask_libraries/test_provider.py @@ -20,6 +20,7 @@ from httmock import all_requests, HTTMock, urlmatch from requests import HTTPError from pixelated.bitmask_libraries.config import LeapConfig from pixelated.bitmask_libraries.provider import LeapProvider +from pixelated.bitmask_libraries.certs import LeapCertificate from test_abstract_leap import AbstractLeapTest from requests import Session import requests @@ -139,7 +140,8 @@ BOOTSTRAP_CA_CERT = '/tmp/bootstrap-ca.crt' class LeapProviderTest(AbstractLeapTest): def setUp(self): - self.config = LeapConfig(verify_ssl=False, leap_home='/tmp/foobar', bootstrap_ca_cert_bundle=BOOTSTRAP_CA_CERT, ca_cert_bundle=CA_CERT) + self.config = LeapConfig(leap_home='/tmp/foobar') + LeapCertificate.set_cert_and_fingerprint(BOOTSTRAP_CA_CERT, None) def test_provider_fetches_provider_json(self): with HTTMock(provider_json_mock): @@ -195,6 +197,7 @@ class LeapProviderTest(AbstractLeapTest): session = MagicMock(wraps=requests.session()) session_func = MagicMock(return_value=session) get_func = MagicMock(wraps=requests.get) + LeapCertificate.LEAP_CERT = BOOTSTRAP_CA_CERT with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func): @@ -207,24 +210,23 @@ class LeapProviderTest(AbstractLeapTest): def test_that_provider_cert_is_used_to_fetch_soledad_json(self): get_func = MagicMock(wraps=requests.get) + LeapCertificate.api_ca_bundle = CA_CERT with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func): with HTTMock(provider_json_mock, soledad_json_mock, not_found_mock): provider = LeapProvider('some-provider.test', self.config) provider.fetch_soledad_json() - get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify=CA_CERT, timeout=15) def test_that_leap_fingerprint_is_validated(self): session = MagicMock(wraps=requests.session()) session_func = MagicMock(return_value=session) + LeapCertificate.set_cert_and_fingerprint(None, 'some fingerprint') - with patch('pixelated.bitmask_libraries.certs.LeapCertificate.LEAP_FINGERPRINT', return_value='some fingerprint'): - with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): - with patch('pixelated.bitmask_libraries.certs.LeapCertificate.auto_detect_bootstrap_ca_bundle', return_value=False): - with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock): - provider = LeapProvider('some-provider.test', self.config) - provider.fetch_valid_certificate() + with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): + with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock): + provider = LeapProvider('some-provider.test', self.config) + provider.fetch_valid_certificate() session.get.assert_any_call('https://some-provider.test/ca.crt', verify=False, timeout=15) session.mount.assert_called_with('https://', ANY) -- cgit v1.2.3 From 3ed44327d7d658a58989e2ed5fb053465faffb26 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Tue, 9 Jun 2015 14:40:54 -0300 Subject: Added extensions to setup.py package --- service/setup.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'service') diff --git a/service/setup.py b/service/setup.py index a894dab7..d0cb967f 100644 --- a/service/setup.py +++ b/service/setup.py @@ -43,7 +43,8 @@ setup(name='pixelated-user-agent', 'pixelated.assets', 'pixelated.certificates', 'pixelated.support', - 'pixelated.resources' + 'pixelated.resources', + 'pixelated.extensions' ], install_requires=[ 'pyasn1==0.1.3', -- cgit v1.2.3 From 7aafd4eb3d18f23beed012f1f2e6865a2da58b43 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Tue, 9 Jun 2015 16:05:45 -0300 Subject: Removed triplicated code to concatenate user mail --- service/pixelated/bitmask_libraries/nicknym.py | 6 +++--- service/pixelated/bitmask_libraries/provider.py | 3 +++ service/pixelated/bitmask_libraries/session.py | 20 ++++++++------------ service/test/unit/bitmask_libraries/test_nicknym.py | 4 ++-- service/test/unit/bitmask_libraries/test_session.py | 4 ---- 5 files changed, 16 insertions(+), 21 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/nicknym.py b/service/pixelated/bitmask_libraries/nicknym.py index 8220d006..bb278cdc 100644 --- a/service/pixelated/bitmask_libraries/nicknym.py +++ b/service/pixelated/bitmask_libraries/nicknym.py @@ -18,10 +18,10 @@ from .certs import LeapCertificate class NickNym(object): - def __init__(self, provider, config, soledad_session, username, token, uuid): + def __init__(self, provider, config, soledad_session, email_address, token, uuid): nicknym_url = _discover_nicknym_server(provider) - self._email = '%s@%s' % (username, provider.domain) - self.keymanager = KeyManager('%s@%s' % (username, provider.domain), nicknym_url, + self._email = email_address + self.keymanager = KeyManager(self._email, nicknym_url, soledad_session.soledad, token, LeapCertificate(provider).api_ca_bundle, provider.api_uri, provider.api_version, diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py index 0129480c..0a22cf4d 100644 --- a/service/pixelated/bitmask_libraries/provider.py +++ b/service/pixelated/bitmask_libraries/provider.py @@ -128,3 +128,6 @@ class LeapProvider(object): def _provider_base_url(self): return 'https://%s' % self.server_name + + def address_for(self, username): + return '%s@%s' % (username, self.domain) diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index ad01d495..2b60662e 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -73,9 +73,8 @@ class LeapSession(object): self.start_background_jobs() def account_email(self): - domain = self.provider.domain name = self.user_auth.username - return '%s@%s' % (name, domain) + return self.provider.address_for(name) def close(self): self.stop_background_jobs() @@ -114,12 +113,13 @@ class LeapSessionFactory(object): srp_auth = SRPAuth(self._provider.api_uri, self._provider.local_ca_crt) auth = srp_auth.authenticate(username, password) + account_email = self._provider.address_for(username) soledad = SoledadSessionFactory.create(self._provider, auth.token, auth.uuid, password) - nicknym = self._create_nicknym(auth.username, auth.token, auth.uuid, soledad) + nicknym = self._create_nicknym(account_email, auth.token, auth.uuid, soledad) account = self._create_account(auth.uuid, soledad) - incoming_mail_fetcher = self._create_incoming_mail_fetcher(nicknym, soledad, account, auth.username) + incoming_mail_fetcher = self._create_incoming_mail_fetcher(nicknym, soledad, account, account_email) smtp = LeapSmtp(self._provider, auth.username, auth.session_id, nicknym.keymanager) @@ -150,17 +150,13 @@ class LeapSessionFactory(object): else: raise - def _create_nicknym(self, username, token, uuid, soledad_session): - return NickNym(self._provider, self._config, soledad_session, username, token, uuid) + def _create_nicknym(self, email_address, token, uuid, soledad_session): + return NickNym(self._provider, self._config, soledad_session, email_address, token, uuid) def _create_account(self, uuid, soledad_session): memstore = MemoryStore(permanent_store=SoledadStore(soledad_session.soledad)) return SoledadBackedAccount(uuid, soledad_session.soledad, memstore) - def _create_incoming_mail_fetcher(self, nicknym, soledad_session, account, username): + def _create_incoming_mail_fetcher(self, nicknym, soledad_session, account, email_address): return LeapIncomingMail(nicknym.keymanager, soledad_session.soledad, account, - self._config.fetch_interval_in_s, self._account_email(username)) - - def _account_email(self, username): - domain = self._provider.domain - return '%s@%s' % (username, domain) + self._config.fetch_interval_in_s, email_address) diff --git a/service/test/unit/bitmask_libraries/test_nicknym.py b/service/test/unit/bitmask_libraries/test_nicknym.py index 4e683494..7e6518b9 100644 --- a/service/test/unit/bitmask_libraries/test_nicknym.py +++ b/service/test/unit/bitmask_libraries/test_nicknym.py @@ -30,7 +30,7 @@ class NickNymTest(AbstractLeapTest): NickNym(self.provider, self.config, self.soledad_session, - self.auth.username, + 'test_user@some-server.test', self.auth.token, self.auth.uuid) @@ -54,7 +54,7 @@ class NickNymTest(AbstractLeapTest): nicknym = NickNym(self.provider, self.config, self.soledad_session, - self.auth.username, + 'test_user@some-server.test', self.auth.token, self.auth.uuid) diff --git a/service/test/unit/bitmask_libraries/test_session.py b/service/test/unit/bitmask_libraries/test_session.py index 62330481..0c662ecb 100644 --- a/service/test/unit/bitmask_libraries/test_session.py +++ b/service/test/unit/bitmask_libraries/test_session.py @@ -60,10 +60,6 @@ class SessionTest(AbstractLeapTest): self.soledad_session.sync.assert_called_once_with() - def test_account_email(self): - session = self._create_session() - self.assertEqual('test_user@some-server.test', session.account_email()) - def _create_session(self): return LeapSession(self.provider, self.auth, self.soledad_session, self.nicknym, self.soledad_account, self.mail_fetcher_mock, self.smtp_mock) -- cgit v1.2.3 From bc130c82cd2167c76c2f46cef2971b168fcc694e Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Tue, 9 Jun 2015 16:28:13 -0300 Subject: clean unused imports after certs and app cleanup --- service/pixelated/application.py | 1 - service/pixelated/bitmask_libraries/certs.py | 2 -- 2 files changed, 3 deletions(-) (limited to 'service') diff --git a/service/pixelated/application.py b/service/pixelated/application.py index 67990661..2ae38c73 100644 --- a/service/pixelated/application.py +++ b/service/pixelated/application.py @@ -14,7 +14,6 @@ # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see . -import sys from twisted.internet import reactor from twisted.internet.threads import deferToThread from twisted.internet import defer diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index ed6233c1..935c252a 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -14,8 +14,6 @@ # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see . import os -import requests -import json class LeapCertificate(object): -- cgit v1.2.3 From 7e05f1e58eaa37dc0de5b47ed10011a202d80ba6 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Tue, 9 Jun 2015 17:15:39 -0300 Subject: Run server is not used anymore --- service/pixelated/runserver.py | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 service/pixelated/runserver.py (limited to 'service') diff --git a/service/pixelated/runserver.py b/service/pixelated/runserver.py deleted file mode 100644 index 7b0a3b4f..00000000 --- a/service/pixelated/runserver.py +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright (c) 2014 ThoughtWorks, Inc. -# -# Pixelated is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Pixelated is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with Pixelated. If not, see . - -from config import initialize - - -if __name__ == '__main__': - initialize() -- cgit v1.2.3 From b509ff2f5faa63cca507505ede3d6708bfc4a8fa Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Tue, 9 Jun 2015 17:33:06 -0300 Subject: AttachmentsResource don't need querier anymore, RootResource doesn't need it too --- service/pixelated/adapter/services/mail_service.py | 3 +++ service/pixelated/config/app_factory.py | 2 +- service/pixelated/resources/attachments_resource.py | 12 ++++++------ service/pixelated/resources/root_resource.py | 5 ++--- 4 files changed, 12 insertions(+), 10 deletions(-) (limited to 'service') diff --git a/service/pixelated/adapter/services/mail_service.py b/service/pixelated/adapter/services/mail_service.py index 4e6b6aa8..233d4d4a 100644 --- a/service/pixelated/adapter/services/mail_service.py +++ b/service/pixelated/adapter/services/mail_service.py @@ -60,6 +60,9 @@ class MailService(object): def mail(self, mail_id): return self.querier.mail(mail_id) + def attachment(self, attachment_id, encoding): + return self.querier.attachment(attachment_id, encoding) + def mail_exists(self, mail_id): return not(not(self.querier.get_header_by_chash(mail_id))) diff --git a/service/pixelated/config/app_factory.py b/service/pixelated/config/app_factory.py index 1c7fb8a1..0a366514 100644 --- a/service/pixelated/config/app_factory.py +++ b/service/pixelated/config/app_factory.py @@ -47,6 +47,6 @@ def init_app(leap_home, leap_session): InputMail.FROM_EMAIL_ADDRESS = leap_session.account_email() resource = RootResource() - resource.initialize(soledad_querier, keymanager, search_engine, mail_service, draft_service) + resource.initialize(keymanager, search_engine, mail_service, draft_service) return resource diff --git a/service/pixelated/resources/attachments_resource.py b/service/pixelated/resources/attachments_resource.py index e0ba1bd1..83c7156d 100644 --- a/service/pixelated/resources/attachments_resource.py +++ b/service/pixelated/resources/attachments_resource.py @@ -27,15 +27,15 @@ class AttachmentResource(Resource): isLeaf = True - def __init__(self, attachment_id, querier): + def __init__(self, mail_service, attachment_id): Resource.__init__(self) self.attachment_id = attachment_id - self.querier = querier + self.mail_service = mail_service def render_GET(self, request): encoding = request.args.get('encoding', [None])[0] filename = request.args.get('filename', [self.attachment_id])[0] - attachment = self.querier.attachment(self.attachment_id, encoding) + attachment = self.mail_service.attachment(self.attachment_id, encoding) request.setHeader(b'Content-Type', b'application/force-download') request.setHeader(b'Content-Disposition', bytes('attachment; filename=' + filename)) @@ -57,9 +57,9 @@ class AttachmentResource(Resource): class AttachmentsResource(Resource): - def __init__(self, querier): + def __init__(self, mail_service): Resource.__init__(self) - self.querier = querier + self.mail_service = mail_service def getChild(self, attachment_id, request): - return AttachmentResource(attachment_id, self.querier) + return AttachmentResource(self.mail_service, attachment_id) diff --git a/service/pixelated/resources/root_resource.py b/service/pixelated/resources/root_resource.py index 4c0c47ac..c1111269 100644 --- a/service/pixelated/resources/root_resource.py +++ b/service/pixelated/resources/root_resource.py @@ -21,10 +21,10 @@ class RootResource(Resource): return self return Resource.getChild(self, path, request) - def initialize(self, querier, keymanager, search_engine, mail_service, draft_service): + def initialize(self, keymanager, search_engine, mail_service, draft_service): self.putChild('assets', File(self._static_folder)) self.putChild('keys', KeysResource(keymanager)) - self.putChild('attachment', AttachmentsResource(querier)) + self.putChild('attachment', AttachmentsResource(mail_service)) self.putChild('contacts', ContactsResource(search_engine)) self.putChild('features', FeaturesResource()) self.putChild('tags', TagsResource(search_engine)) @@ -32,7 +32,6 @@ class RootResource(Resource): self.putChild('mail', MailResource(mail_service)) def _get_static_folder(self): - static_folder = os.path.abspath(os.path.join(os.path.abspath(__file__), "..", "..", "..", "web-ui", "app")) # this is a workaround for packaging if not os.path.exists(static_folder): -- cgit v1.2.3 From 786c26b37a89b6f7afc5524dafd35242688dc13b Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Tue, 9 Jun 2015 18:00:19 -0300 Subject: Extracted services setup in a separate class We removed app factory and moved root resource initialization to application.py --- service/pixelated/application.py | 18 ++++++-- service/pixelated/config/app_factory.py | 52 ---------------------- service/pixelated/config/services.py | 38 ++++++++++++++++ .../test/support/integration/app_test_client.py | 2 +- 4 files changed, 53 insertions(+), 57 deletions(-) delete mode 100644 service/pixelated/config/app_factory.py create mode 100644 service/pixelated/config/services.py (limited to 'service') diff --git a/service/pixelated/application.py b/service/pixelated/application.py index 2ae38c73..6d83c6f7 100644 --- a/service/pixelated/application.py +++ b/service/pixelated/application.py @@ -23,16 +23,26 @@ from OpenSSL import SSL from OpenSSL import crypto from pixelated.config import arguments -from pixelated.resources import loading_page +from pixelated.config.services import Services from pixelated.config.leap import initialize_leap -from pixelated.config import logger, app_factory +from pixelated.config import logger +from pixelated.resources.loading_page import LoadingResource +from pixelated.resources.root_resource import RootResource @defer.inlineCallbacks def start_user_agent(loading_app, host, port, sslkey, sslcert, leap_home, leap_session): yield loading_app.stopListening() - resource = app_factory.init_app(leap_home, leap_session) + services = Services(leap_home, leap_session) + + resource = RootResource() + + resource.initialize( + services.keymanager, + services.search_engine, + services.mail_service, + services.draft_service) if sslkey and sslcert: reactor.listenSSL(port, Site(resource), _ssl_options(sslkey, sslcert), interface=host) @@ -62,7 +72,7 @@ def initialize(): args = arguments.parse_user_agent_args() logger.init(debug=args.debug) - loading_app = reactor.listenTCP(args.port, Site(loading_page.LoadingResource()), interface=args.host) + loading_app = reactor.listenTCP(args.port, Site(LoadingResource()), interface=args.host) deferred = deferToThread( lambda: initialize_leap( diff --git a/service/pixelated/config/app_factory.py b/service/pixelated/config/app_factory.py deleted file mode 100644 index 0a366514..00000000 --- a/service/pixelated/config/app_factory.py +++ /dev/null @@ -1,52 +0,0 @@ -# -# Copyright (c) 2014 ThoughtWorks, Inc. -# -# Pixelated is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Pixelated is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with Pixelated. If not, see . - -from pixelated.resources.root_resource import RootResource -from pixelated.adapter.services.mail_service import MailService -from pixelated.adapter.model.mail import InputMail -from pixelated.adapter.services.mail_sender import MailSender -from pixelated.adapter.services.mailboxes import Mailboxes -from pixelated.adapter.soledad.soledad_querier import SoledadQuerier -from pixelated.adapter.search import SearchEngine -from pixelated.adapter.services.draft_service import DraftService -from pixelated.adapter.listeners.mailbox_indexer_listener import MailboxIndexerListener - - -def init_app(leap_home, leap_session): - keymanager = leap_session.nicknym.keymanager - - soledad_querier = SoledadQuerier(soledad=leap_session.account._soledad) - - search_engine = SearchEngine(soledad_querier, agent_home=leap_home) - pixelated_mail_sender = MailSender(leap_session.account_email(), leap_session.smtp) - - pixelated_mailboxes = Mailboxes(leap_session.account, soledad_querier, search_engine) - - pixelated_mailboxes.add_welcome_mail_for_fresh_user() - - draft_service = DraftService(pixelated_mailboxes) - mail_service = MailService(pixelated_mailboxes, pixelated_mail_sender, soledad_querier, search_engine) - soledad_querier.remove_duplicates() - search_engine.index_mails(mails=mail_service.all_mails(), - callback=soledad_querier.mark_all_as_not_recent) - - MailboxIndexerListener.SEARCH_ENGINE = search_engine - InputMail.FROM_EMAIL_ADDRESS = leap_session.account_email() - - resource = RootResource() - resource.initialize(keymanager, search_engine, mail_service, draft_service) - - return resource diff --git a/service/pixelated/config/services.py b/service/pixelated/config/services.py new file mode 100644 index 00000000..80932a94 --- /dev/null +++ b/service/pixelated/config/services.py @@ -0,0 +1,38 @@ +from pixelated.resources.root_resource import RootResource +from pixelated.adapter.services.mail_service import MailService +from pixelated.adapter.model.mail import InputMail +from pixelated.adapter.services.mail_sender import MailSender +from pixelated.adapter.services.mailboxes import Mailboxes +from pixelated.adapter.soledad.soledad_querier import SoledadQuerier +from pixelated.adapter.search import SearchEngine +from pixelated.adapter.services.draft_service import DraftService +from pixelated.adapter.listeners.mailbox_indexer_listener import MailboxIndexerListener + + +class Services(object): + + def __init__(self, leap_home, leap_session): + keymanager = leap_session.nicknym.keymanager + + soledad_querier = SoledadQuerier(soledad=leap_session.account._soledad) + + search_engine = SearchEngine(soledad_querier, agent_home=leap_home) + pixelated_mail_sender = MailSender(leap_session.account_email(), leap_session.smtp) + + pixelated_mailboxes = Mailboxes(leap_session.account, soledad_querier, search_engine) + + pixelated_mailboxes.add_welcome_mail_for_fresh_user() + + draft_service = DraftService(pixelated_mailboxes) + mail_service = MailService(pixelated_mailboxes, pixelated_mail_sender, soledad_querier, search_engine) + soledad_querier.remove_duplicates() + search_engine.index_mails(mails=mail_service.all_mails(), + callback=soledad_querier.mark_all_as_not_recent) + + MailboxIndexerListener.SEARCH_ENGINE = search_engine + InputMail.FROM_EMAIL_ADDRESS = leap_session.account_email() + + self.keymanager = keymanager + self.search_engine = search_engine + self.mail_service = mail_service + self.draft_service = draft_service diff --git a/service/test/support/integration/app_test_client.py b/service/test/support/integration/app_test_client.py index a1b0c3b8..06c0fd9c 100644 --- a/service/test/support/integration/app_test_client.py +++ b/service/test/support/integration/app_test_client.py @@ -73,7 +73,7 @@ class AppTestClient(object): self.search_engine.index_mails(self.mail_service.all_mails()) self.resource = RootResource() - self.resource.initialize(self.soledad_querier, self.keymanager, self.search_engine, self.mail_service, self.draft_service) + self.resource.initialize(self.keymanager, self.search_engine, self.mail_service, self.draft_service) def _render(self, request, as_json=True): def get_str(_str): -- cgit v1.2.3 From 4bb8e1becefe5a07ee5ec6fbabb44959d85e3a62 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Tue, 9 Jun 2015 18:22:49 -0300 Subject: Broke initialization of services down by parts --- service/pixelated/config/services.py | 55 +++++++++++++++++++++++++++--------- 1 file changed, 41 insertions(+), 14 deletions(-) (limited to 'service') diff --git a/service/pixelated/config/services.py b/service/pixelated/config/services.py index 80932a94..bcfefb88 100644 --- a/service/pixelated/config/services.py +++ b/service/pixelated/config/services.py @@ -12,27 +12,54 @@ from pixelated.adapter.listeners.mailbox_indexer_listener import MailboxIndexerL class Services(object): def __init__(self, leap_home, leap_session): - keymanager = leap_session.nicknym.keymanager soledad_querier = SoledadQuerier(soledad=leap_session.account._soledad) - search_engine = SearchEngine(soledad_querier, agent_home=leap_home) - pixelated_mail_sender = MailSender(leap_session.account_email(), leap_session.smtp) + self.search_engine = self.setup_search_engine( + leap_home, + soledad_querier) - pixelated_mailboxes = Mailboxes(leap_session.account, soledad_querier, search_engine) + pixelated_mailboxes = Mailboxes( + leap_session.account, + soledad_querier, + self.search_engine) - pixelated_mailboxes.add_welcome_mail_for_fresh_user() + self.mail_service = self.setup_mail_service( + leap_session, + soledad_querier, + self.search_engine, + pixelated_mailboxes) + + self.keymanager = self.setup_keymanager(leap_session) + self.draft_service = self.setup_draft_service(pixelated_mailboxes) - draft_service = DraftService(pixelated_mailboxes) - mail_service = MailService(pixelated_mailboxes, pixelated_mail_sender, soledad_querier, search_engine) + self.post_setup(soledad_querier, leap_session) + + def post_setup(self, soledad_querier, leap_session): + self.search_engine.index_mails( + mails=self.mail_service.all_mails(), + callback=soledad_querier.mark_all_as_not_recent) soledad_querier.remove_duplicates() - search_engine.index_mails(mails=mail_service.all_mails(), - callback=soledad_querier.mark_all_as_not_recent) + InputMail.FROM_EMAIL_ADDRESS = leap_session.account_email() + def setup_keymanager(self, leap_session): + return leap_session.nicknym.keymanager + + def setup_search_engine(self, leap_home, soledad_querier): + search_engine = SearchEngine(soledad_querier, agent_home=leap_home) MailboxIndexerListener.SEARCH_ENGINE = search_engine - InputMail.FROM_EMAIL_ADDRESS = leap_session.account_email() + return search_engine + + def setup_mail_service(self, leap_session, soledad_querier, search_engine, pixelated_mailboxes): + pixelated_mailboxes.add_welcome_mail_for_fresh_user() + pixelated_mail_sender = MailSender( + leap_session.account_email(), + leap_session.smtp) + return MailService( + pixelated_mailboxes, + pixelated_mail_sender, + soledad_querier, + search_engine) - self.keymanager = keymanager - self.search_engine = search_engine - self.mail_service = mail_service - self.draft_service = draft_service + def setup_draft_service(self, pixelated_mailboxes): + return DraftService(pixelated_mailboxes) -- cgit v1.2.3 From 031ebd58fd97bebae81e4e17cd7c4a4ed5a493d0 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Wed, 10 Jun 2015 08:56:39 -0300 Subject: Provider web certificate will always be bytestring now, requests complains otherwise --- service/pixelated/bitmask_libraries/certs.py | 12 +++++++---- service/pixelated/bitmask_libraries/nicknym.py | 2 +- service/pixelated/bitmask_libraries/provider.py | 6 +++--- service/pixelated/bitmask_libraries/smtp.py | 2 +- service/pixelated/bitmask_libraries/soledad.py | 10 +--------- service/pixelated/register.py | 2 +- service/test/unit/bitmask_libraries/test_certs.py | 23 +++++++++++++--------- .../test/unit/bitmask_libraries/test_nicknym.py | 2 +- .../test/unit/bitmask_libraries/test_provider.py | 16 +++++++-------- 9 files changed, 38 insertions(+), 37 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index 935c252a..874ab246 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -29,21 +29,25 @@ class LeapCertificate(object): @staticmethod def set_cert_and_fingerprint(cert_file=None, cert_fingerprint=None): if cert_fingerprint is None: - LeapCertificate.LEAP_CERT = cert_file or True + LeapCertificate.LEAP_CERT = str(cert_file) or True LeapCertificate.LEAP_FINGERPRINT = None else: LeapCertificate.LEAP_FINGERPRINT = cert_fingerprint LeapCertificate.LEAP_CERT = False @property - def api_ca_bundle(self): - return os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client', 'api.pem') + def provider_web_cert(self): + return self.LEAP_CERT + + @property + def provider_api_cert(self): + return str(os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client', 'api.pem')) def setup_ca_bundle(self): path = os.path.join(self._provider.config.leap_home, 'providers', self._server_name, 'keys', 'client') if not os.path.isdir(path): os.makedirs(path, 0700) - self._download_cert(self.api_ca_bundle) + self._download_cert(self.provider_api_cert) def _download_cert(self, cert_file_name): cert = self._provider.fetch_valid_certificate() diff --git a/service/pixelated/bitmask_libraries/nicknym.py b/service/pixelated/bitmask_libraries/nicknym.py index bb278cdc..220d75e5 100644 --- a/service/pixelated/bitmask_libraries/nicknym.py +++ b/service/pixelated/bitmask_libraries/nicknym.py @@ -23,7 +23,7 @@ class NickNym(object): self._email = email_address self.keymanager = KeyManager(self._email, nicknym_url, soledad_session.soledad, - token, LeapCertificate(provider).api_ca_bundle, provider.api_uri, + token, LeapCertificate(provider).provider_api_cert, provider.api_uri, provider.api_version, uuid, config.gpg_binary) diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py index 0a22cf4d..e08bfb43 100644 --- a/service/pixelated/bitmask_libraries/provider.py +++ b/service/pixelated/bitmask_libraries/provider.py @@ -100,7 +100,7 @@ class LeapProvider(object): session = requests.session() try: session.mount('https://', EnforceTLSv1Adapter(assert_fingerprint=LeapCertificate.LEAP_FINGERPRINT)) - response = session.get(url, verify=LeapCertificate.LEAP_CERT, timeout=self.config.timeout_in_s) + response = session.get(url, verify=LeapCertificate(self).provider_web_cert, timeout=self.config.timeout_in_s) response.raise_for_status() return response finally: @@ -115,14 +115,14 @@ class LeapProvider(object): def fetch_soledad_json(self): service_url = "%s/%s/config/soledad-service.json" % ( self.api_uri, self.api_version) - response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle, timeout=self.config.timeout_in_s) + response = requests.get(service_url, verify=LeapCertificate(self).provider_api_cert, timeout=self.config.timeout_in_s) response.raise_for_status() return json.loads(response.content) def fetch_smtp_json(self): service_url = '%s/%s/config/smtp-service.json' % ( self.api_uri, self.api_version) - response = requests.get(service_url, verify=LeapCertificate(self).api_ca_bundle, timeout=self.config.timeout_in_s) + response = requests.get(service_url, verify=LeapCertificate(self).provider_api_cert, timeout=self.config.timeout_in_s) response.raise_for_status() return json.loads(response.content) diff --git a/service/pixelated/bitmask_libraries/smtp.py b/service/pixelated/bitmask_libraries/smtp.py index 745d88ef..759a2920 100644 --- a/service/pixelated/bitmask_libraries/smtp.py +++ b/service/pixelated/bitmask_libraries/smtp.py @@ -61,7 +61,7 @@ class LeapSmtp(object): response = requests.get( cert_url, - verify=LeapCertificate(self._provider).api_ca_bundle, + verify=LeapCertificate(self._provider).provider_api_cert, cookies=cookies, timeout=self._provider.config.timeout_in_s) response.raise_for_status() diff --git a/service/pixelated/bitmask_libraries/soledad.py b/service/pixelated/bitmask_libraries/soledad.py index 2e0219da..3700cd67 100644 --- a/service/pixelated/bitmask_libraries/soledad.py +++ b/service/pixelated/bitmask_libraries/soledad.py @@ -35,14 +35,6 @@ class SoledadWrongPassphraseException(Exception): super(SoledadWrongPassphraseException, self).__init__(*args, **kwargs) -class LeapKeyManager(object): - def __init__(self, soledad, leap_session, nicknym_url): - provider = leap_session.provider - self.keymanager = KeyManager(leap_session.account_email(), nicknym_url, soledad, - leap_session.session_id, leap_session.leap_home + '/ca.crt', provider.api_uri, leap_session.api_version, - leap_session.uuid, leap_session.leap_config.gpg_binary) - - class SoledadSessionFactory(object): @classmethod def create(cls, provider, user_token, user_uuid, encryption_passphrase): @@ -67,7 +59,7 @@ class SoledadSession(object): local_db = self._local_db_path() return Soledad(self.user_uuid, unicode(encryption_passphrase), secrets, - local_db, server_url, LeapCertificate(self.provider).api_ca_bundle, self.user_token, defer_encryption=False) + local_db, server_url, LeapCertificate(self.provider).provider_api_cert, self.user_token, defer_encryption=False) except (WrongMac, UnknownMacMethod), e: raise SoledadWrongPassphraseException(e) diff --git a/service/pixelated/register.py b/service/pixelated/register.py index 9fa98137..47c9c3f5 100644 --- a/service/pixelated/register.py +++ b/service/pixelated/register.py @@ -37,7 +37,7 @@ def register(server_name, username): config = LeapConfig() provider = LeapProvider(server_name, config) password = getpass.getpass('Please enter password for %s: ' % username) - srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).api_ca_bundle) + srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).provider_api_cert) if srp_auth.register(username, password): session = leap_session.open_leap_session(username, password, server_name) diff --git a/service/test/unit/bitmask_libraries/test_certs.py b/service/test/unit/bitmask_libraries/test_certs.py index 150a1f14..f1e643c4 100644 --- a/service/test/unit/bitmask_libraries/test_certs.py +++ b/service/test/unit/bitmask_libraries/test_certs.py @@ -6,22 +6,27 @@ from mock import MagicMock, patch class CertsTest(unittest.TestCase): + def setUp(self): + config = MagicMock(leap_home='/some/leap/home') + self.provider = MagicMock(server_name=u'test.leap.net', config=config) + def test_set_cert_and_fingerprint_sets_cert(self): LeapCertificate.set_cert_and_fingerprint('some cert', None) - self.assertIsNone(LeapCertificate.LEAP_FINGERPRINT) - self.assertEqual('some cert', LeapCertificate.LEAP_CERT) + certs = LeapCertificate(self.provider) + + self.assertIsNone(certs.LEAP_FINGERPRINT) + self.assertEqual('some cert', certs.provider_web_cert) def test_set_cert_and_fingerprint_sets_fingerprint(self): LeapCertificate.set_cert_and_fingerprint(None, 'fingerprint') - self.assertEqual('fingerprint', LeapCertificate.LEAP_FINGERPRINT) - self.assertFalse(LeapCertificate.LEAP_CERT) + certs = LeapCertificate(self.provider) - def test_api_ca_bundle(self): - config = MagicMock(leap_home='/some/leap/home') - provider = MagicMock(server_name=u'test.leap.net', config=config) + self.assertEqual('fingerprint', LeapCertificate.LEAP_FINGERPRINT) + self.assertFalse(certs.provider_web_cert) - cert = LeapCertificate(provider).api_ca_bundle + def test_provider_api_cert(self): + certs = LeapCertificate(self.provider).provider_api_cert - self.assertEqual('/some/leap/home/providers/test.leap.net/keys/client/api.pem', cert) + self.assertEqual('/some/leap/home/providers/test.leap.net/keys/client/api.pem', certs) diff --git a/service/test/unit/bitmask_libraries/test_nicknym.py b/service/test/unit/bitmask_libraries/test_nicknym.py index 7e6518b9..ca3b348d 100644 --- a/service/test/unit/bitmask_libraries/test_nicknym.py +++ b/service/test/unit/bitmask_libraries/test_nicknym.py @@ -25,7 +25,7 @@ class NickNymTest(AbstractLeapTest): @patch('pixelated.bitmask_libraries.nicknym.KeyManager.__init__', return_value=None) def test_that_keymanager_is_created(self, keymanager_init_mock): # given - LeapCertificate.api_ca_bundle = '/some/path/to/provider_ca_cert' + LeapCertificate.provider_api_cert = '/some/path/to/provider_ca_cert' # when NickNym(self.provider, self.config, diff --git a/service/test/unit/bitmask_libraries/test_provider.py b/service/test/unit/bitmask_libraries/test_provider.py index 320fece2..fabf5f87 100644 --- a/service/test/unit/bitmask_libraries/test_provider.py +++ b/service/test/unit/bitmask_libraries/test_provider.py @@ -134,14 +134,14 @@ VeJ6 """ -CA_CERT = '/tmp/ca.crt' -BOOTSTRAP_CA_CERT = '/tmp/bootstrap-ca.crt' +PROVIDER_API_CERT = '/tmp/ca.crt' +PROVIDER_WEB_CERT = '/tmp/bootstrap-ca.crt' class LeapProviderTest(AbstractLeapTest): def setUp(self): self.config = LeapConfig(leap_home='/tmp/foobar') - LeapCertificate.set_cert_and_fingerprint(BOOTSTRAP_CA_CERT, None) + LeapCertificate.set_cert_and_fingerprint(PROVIDER_WEB_CERT, None) def test_provider_fetches_provider_json(self): with HTTMock(provider_json_mock): @@ -197,7 +197,7 @@ class LeapProviderTest(AbstractLeapTest): session = MagicMock(wraps=requests.session()) session_func = MagicMock(return_value=session) get_func = MagicMock(wraps=requests.get) - LeapCertificate.LEAP_CERT = BOOTSTRAP_CA_CERT + LeapCertificate.LEAP_CERT = PROVIDER_WEB_CERT with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func): @@ -205,18 +205,18 @@ class LeapProviderTest(AbstractLeapTest): provider = LeapProvider('some-provider.test', self.config) provider.fetch_valid_certificate() - session.get.assert_any_call('https://some-provider.test/ca.crt', verify=BOOTSTRAP_CA_CERT, timeout=15) - session.get.assert_any_call('https://some-provider.test/provider.json', verify=BOOTSTRAP_CA_CERT, timeout=15) + session.get.assert_any_call('https://some-provider.test/ca.crt', verify=PROVIDER_WEB_CERT, timeout=15) + session.get.assert_any_call('https://some-provider.test/provider.json', verify=PROVIDER_WEB_CERT, timeout=15) def test_that_provider_cert_is_used_to_fetch_soledad_json(self): get_func = MagicMock(wraps=requests.get) - LeapCertificate.api_ca_bundle = CA_CERT + LeapCertificate.provider_api_cert = PROVIDER_API_CERT with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func): with HTTMock(provider_json_mock, soledad_json_mock, not_found_mock): provider = LeapProvider('some-provider.test', self.config) provider.fetch_soledad_json() - get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify=CA_CERT, timeout=15) + get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify=PROVIDER_API_CERT, timeout=15) def test_that_leap_fingerprint_is_validated(self): session = MagicMock(wraps=requests.session()) -- cgit v1.2.3 From 1f41801a9355ed55e50ca6f54411565a5b11b093 Mon Sep 17 00:00:00 2001 From: rafael lisboa Date: Wed, 10 Jun 2015 17:01:37 -0300 Subject: Fix bug when not passing leap certificate nor fingerprint --- service/pixelated/bitmask_libraries/certs.py | 2 +- service/test/unit/bitmask_libraries/test_certs.py | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index 874ab246..9d543672 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -29,7 +29,7 @@ class LeapCertificate(object): @staticmethod def set_cert_and_fingerprint(cert_file=None, cert_fingerprint=None): if cert_fingerprint is None: - LeapCertificate.LEAP_CERT = str(cert_file) or True + LeapCertificate.LEAP_CERT = str(cert_file) if cert_file else True LeapCertificate.LEAP_FINGERPRINT = None else: LeapCertificate.LEAP_FINGERPRINT = cert_fingerprint diff --git a/service/test/unit/bitmask_libraries/test_certs.py b/service/test/unit/bitmask_libraries/test_certs.py index f1e643c4..5d447537 100644 --- a/service/test/unit/bitmask_libraries/test_certs.py +++ b/service/test/unit/bitmask_libraries/test_certs.py @@ -1,7 +1,7 @@ import unittest from pixelated.bitmask_libraries.certs import LeapCertificate -from mock import MagicMock, patch +from mock import MagicMock class CertsTest(unittest.TestCase): @@ -26,6 +26,14 @@ class CertsTest(unittest.TestCase): self.assertEqual('fingerprint', LeapCertificate.LEAP_FINGERPRINT) self.assertFalse(certs.provider_web_cert) + def test_set_cert_and_fingerprint_when_none_are_passed(self): + LeapCertificate.set_cert_and_fingerprint(None, None) + + certs = LeapCertificate(self.provider) + + self.assertIsNone(certs.LEAP_FINGERPRINT) + self.assertEqual(True, certs.provider_web_cert) + def test_provider_api_cert(self): certs = LeapCertificate(self.provider).provider_api_cert -- cgit v1.2.3 From 0b8f2c0ba76e97c29c5f0e0f1bdd0313b6cdd744 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Wed, 10 Jun 2015 18:04:55 -0300 Subject: checking keys is a session responsability --- service/pixelated/bitmask_libraries/session.py | 2 ++ service/pixelated/config/leap.py | 5 +---- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index 2b60662e..49116641 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -71,6 +71,8 @@ class LeapSession(object): if self.config.start_background_jobs: self.start_background_jobs() + self.soledad_session.soledad.sync(defer_decryption=False) + self.nicknym.generate_openpgp_key() def account_email(self): name = self.user_auth.username diff --git a/service/pixelated/config/leap.py b/service/pixelated/config/leap.py index f2c025ba..52cd4c8f 100644 --- a/service/pixelated/config/leap.py +++ b/service/pixelated/config/leap.py @@ -18,14 +18,11 @@ def initialize_leap(leap_provider_cert, provider, username, password = credentials.read(organization_mode, credentials_file) LeapCertificate.set_cert_and_fingerprint(leap_provider_cert, leap_provider_cert_fingerprint) - config = LeapConfig(leap_home=leap_home) + config = LeapConfig(leap_home=leap_home, start_background_jobs=True) provider = LeapProvider(provider, config) LeapCertificate(provider).setup_ca_bundle() leap_session = LeapSessionFactory(provider).create(username, password) - leap_session.soledad_session.soledad.sync(defer_decryption=False) - leap_session.nicknym.generate_openpgp_key() - leap_session.start_background_jobs() return leap_session -- cgit v1.2.3 From 5dad86a8b39a4d1012c8fd43d20da75c7ed6f234 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Thu, 11 Jun 2015 18:44:05 -0300 Subject: Removing lost imports --- service/pixelated/bitmask_libraries/soledad.py | 1 - service/pixelated/config/services.py | 1 - service/test/functional/features/environment.py | 2 +- service/test/support/dispatcher/proxy.py | 1 - service/test/unit/bitmask_libraries/test_provider.py | 1 - service/test/unit/maintenance/test_commands.py | 2 +- service/test/unit/resources/test_keys_resources.py | 1 - 7 files changed, 2 insertions(+), 7 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/soledad.py b/service/pixelated/bitmask_libraries/soledad.py index 3700cd67..f0cd9f2f 100644 --- a/service/pixelated/bitmask_libraries/soledad.py +++ b/service/pixelated/bitmask_libraries/soledad.py @@ -16,7 +16,6 @@ import errno import os -from leap.keymanager import KeyManager from leap.soledad.client import Soledad from leap.soledad.common.crypto import WrongMac, UnknownMacMethod from pixelated.bitmask_libraries.certs import LeapCertificate diff --git a/service/pixelated/config/services.py b/service/pixelated/config/services.py index bcfefb88..5cab0985 100644 --- a/service/pixelated/config/services.py +++ b/service/pixelated/config/services.py @@ -1,4 +1,3 @@ -from pixelated.resources.root_resource import RootResource from pixelated.adapter.services.mail_service import MailService from pixelated.adapter.model.mail import InputMail from pixelated.adapter.services.mail_sender import MailSender diff --git a/service/test/functional/features/environment.py b/service/test/functional/features/environment.py index 5dab437f..437529b8 100644 --- a/service/test/functional/features/environment.py +++ b/service/test/functional/features/environment.py @@ -17,7 +17,7 @@ import logging import uuid from test.support.dispatcher.proxy import Proxy -from test.support.integration import AppTestClient, MailBuilder +from test.support.integration import AppTestClient from selenium import webdriver from pixelated.resources.features_resource import FeaturesResource diff --git a/service/test/support/dispatcher/proxy.py b/service/test/support/dispatcher/proxy.py index d4cb95ee..3b154682 100644 --- a/service/test/support/dispatcher/proxy.py +++ b/service/test/support/dispatcher/proxy.py @@ -20,7 +20,6 @@ import traceback import sys import time -from tornado.httpclient import AsyncHTTPClient from tornado.httpserver import HTTPServer import tornado.ioloop import tornado.web diff --git a/service/test/unit/bitmask_libraries/test_provider.py b/service/test/unit/bitmask_libraries/test_provider.py index fabf5f87..1fe5a66d 100644 --- a/service/test/unit/bitmask_libraries/test_provider.py +++ b/service/test/unit/bitmask_libraries/test_provider.py @@ -22,7 +22,6 @@ from pixelated.bitmask_libraries.config import LeapConfig from pixelated.bitmask_libraries.provider import LeapProvider from pixelated.bitmask_libraries.certs import LeapCertificate from test_abstract_leap import AbstractLeapTest -from requests import Session import requests diff --git a/service/test/unit/maintenance/test_commands.py b/service/test/unit/maintenance/test_commands.py index 6f993106..f1bf6e45 100644 --- a/service/test/unit/maintenance/test_commands.py +++ b/service/test/unit/maintenance/test_commands.py @@ -22,7 +22,7 @@ from leap.mail.imap.account import SoledadBackedAccount from leap.mail.imap.fields import WithMsgFields from leap.soledad.client import Soledad from leap.soledad.common.document import SoledadDocument -from mock import MagicMock, ANY +from mock import MagicMock from os.path import join, dirname from twisted.internet import defer, reactor diff --git a/service/test/unit/resources/test_keys_resources.py b/service/test/unit/resources/test_keys_resources.py index fb085cad..be79424b 100644 --- a/service/test/unit/resources/test_keys_resources.py +++ b/service/test/unit/resources/test_keys_resources.py @@ -1,4 +1,3 @@ -import json from mockito import mock, when from leap.keymanager import OpenPGPKey, KeyNotFound from pixelated.resources.keys_resource import KeysResource -- cgit v1.2.3 From 761f4c1232601cb22ce57c38b904c0866f31c577 Mon Sep 17 00:00:00 2001 From: Folker Bernitt Date: Fri, 12 Jun 2015 10:36:26 +0200 Subject: Added missing import for AsyncHTTPClient - accidentally removed in previous commit --- service/test/support/dispatcher/proxy.py | 1 + 1 file changed, 1 insertion(+) (limited to 'service') diff --git a/service/test/support/dispatcher/proxy.py b/service/test/support/dispatcher/proxy.py index 3b154682..d4cb95ee 100644 --- a/service/test/support/dispatcher/proxy.py +++ b/service/test/support/dispatcher/proxy.py @@ -20,6 +20,7 @@ import traceback import sys import time +from tornado.httpclient import AsyncHTTPClient from tornado.httpserver import HTTPServer import tornado.ioloop import tornado.web -- cgit v1.2.3 From 42aa76d8463ffe73d5e22d178f8414cfdbd2730e Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Fri, 12 Jun 2015 15:48:04 -0300 Subject: [refactor] SearchEngine does not need a querier It was used only to retrieve encryption key. This should be done by who is using it. --- service/pixelated/adapter/search/__init__.py | 7 +++---- service/pixelated/config/services.py | 3 ++- service/test/support/integration/app_test_client.py | 2 +- service/test/unit/adapter/search/test_search.py | 6 +----- 4 files changed, 7 insertions(+), 11 deletions(-) (limited to 'service') diff --git a/service/pixelated/adapter/search/__init__.py b/service/pixelated/adapter/search/__init__.py index da8845cc..b8d3e7ca 100644 --- a/service/pixelated/adapter/search/__init__.py +++ b/service/pixelated/adapter/search/__init__.py @@ -35,8 +35,8 @@ class SearchEngine(object): DEFAULT_INDEX_HOME = os.path.join(os.environ['HOME'], '.leap') DEFAULT_TAGS = ['inbox', 'sent', 'drafts', 'trash'] - def __init__(self, soledad_querier, agent_home=DEFAULT_INDEX_HOME): - self.soledad_querier = soledad_querier + def __init__(self, key, agent_home=DEFAULT_INDEX_HOME): + self.key = key self.index_folder = os.path.join(agent_home, 'search_index') if not os.path.exists(self.index_folder): os.makedirs(self.index_folder) @@ -111,8 +111,7 @@ class SearchEngine(object): raw=TEXT(stored=False)) def _create_index(self): - masterkey = self.soledad_querier.get_index_masterkey() - storage = EncryptedFileStorage(self.index_folder, masterkey) + storage = EncryptedFileStorage(self.index_folder, self.key) return FileIndex.create(storage, self._mail_schema(), indexname='mails') def index_mail(self, mail): diff --git a/service/pixelated/config/services.py b/service/pixelated/config/services.py index 5cab0985..b6de3f40 100644 --- a/service/pixelated/config/services.py +++ b/service/pixelated/config/services.py @@ -45,7 +45,8 @@ class Services(object): return leap_session.nicknym.keymanager def setup_search_engine(self, leap_home, soledad_querier): - search_engine = SearchEngine(soledad_querier, agent_home=leap_home) + key = self.soledad_querier.get_index_masterkey() + search_engine = SearchEngine(key, agent_home=leap_home) MailboxIndexerListener.SEARCH_ENGINE = search_engine return search_engine diff --git a/service/test/support/integration/app_test_client.py b/service/test/support/integration/app_test_client.py index 06c0fd9c..52372507 100644 --- a/service/test/support/integration/app_test_client.py +++ b/service/test/support/integration/app_test_client.py @@ -62,7 +62,7 @@ class AppTestClient(object): self.soledad_querier = self._create_soledad_querier(self.soledad, self.INDEX_KEY) self.keymanager = mock() - self.search_engine = SearchEngine(self.soledad_querier, agent_home=soledad_test_folder) + self.search_engine = SearchEngine(self.INDEX_KEY, agent_home=soledad_test_folder) self.mail_sender = self._create_mail_sender() self.account = SoledadBackedAccount(self.ACCOUNT, self.soledad, MagicMock()) diff --git a/service/test/unit/adapter/search/test_search.py b/service/test/unit/adapter/search/test_search.py index 491cb2fc..1d9076a2 100644 --- a/service/test/unit/adapter/search/test_search.py +++ b/service/test/unit/adapter/search/test_search.py @@ -16,7 +16,6 @@ import unittest -from mockito import mock, when from pixelated.adapter.search import SearchEngine from tempdir import TempDir from test.support import test_helper @@ -47,10 +46,7 @@ class SearchEngineTest(unittest.TestCase): def test_encoding(self): # given - soledad_querier = mock() - when(soledad_querier).get_index_masterkey().thenReturn(INDEX_KEY) - - se = SearchEngine(soledad_querier, self.agent_home) + se = SearchEngine(INDEX_KEY, self.agent_home) headers = { 'From': 'foo@bar.tld', -- cgit v1.2.3 From dce8d8c85662dfce403fef99d95af6b0d4a3045a Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Fri, 12 Jun 2015 16:46:04 -0300 Subject: fixes last commit typo, soledad_querier doesnt come from self --- service/pixelated/config/services.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'service') diff --git a/service/pixelated/config/services.py b/service/pixelated/config/services.py index b6de3f40..9523940d 100644 --- a/service/pixelated/config/services.py +++ b/service/pixelated/config/services.py @@ -45,7 +45,7 @@ class Services(object): return leap_session.nicknym.keymanager def setup_search_engine(self, leap_home, soledad_querier): - key = self.soledad_querier.get_index_masterkey() + key = soledad_querier.get_index_masterkey() search_engine = SearchEngine(key, agent_home=leap_home) MailboxIndexerListener.SEARCH_ENGINE = search_engine return search_engine -- cgit v1.2.3 From 8426d04f1b8ac437835780e9ff1ce77a93724dd3 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Fri, 12 Jun 2015 17:27:08 -0300 Subject: [refactor] use flags property on mail Use it instead of reapeating fdoc.content[flags] --- service/pixelated/adapter/model/mail.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'service') diff --git a/service/pixelated/adapter/model/mail.py b/service/pixelated/adapter/model/mail.py index 7c4223de..464e0343 100644 --- a/service/pixelated/adapter/model/mail.py +++ b/service/pixelated/adapter/model/mail.py @@ -393,6 +393,10 @@ class PixelatedMail(Mail): def uid(self): return self.fdoc.content['uid'] + @property + def flags(self): + return self.fdoc.content['flags'] + def save(self): return self.querier.save_mail(self) @@ -407,21 +411,21 @@ class PixelatedMail(Mail): return self.tags def mark_as_read(self): - if Status.SEEN in self.fdoc.content['flags']: + if Status.SEEN in self.flags: return self - self.fdoc.content['flags'].append(Status.SEEN) + self.flags.append(Status.SEEN) self.save() return self def mark_as_unread(self): - if Status.SEEN in self.fdoc.content['flags']: - self.fdoc.content['flags'].remove(Status.SEEN) + if Status.SEEN in self.flags: + self.flags.remove(Status.SEEN) self.save() return self def mark_as_not_recent(self): - if Status.RECENT in self.fdoc.content['flags']: - self.fdoc.content['flags'].remove(Status.RECENT) + if Status.RECENT in self.flags: + self.flags.remove(Status.RECENT) self.save() return self -- cgit v1.2.3 From 9d967fb985586a2db72fe285ee276eab52688e6d Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Fri, 12 Jun 2015 17:28:29 -0300 Subject: [refactor] dont access private soledad instance Get soledad from soledad_session, instead of using the private one from Account. --- service/pixelated/config/services.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'service') diff --git a/service/pixelated/config/services.py b/service/pixelated/config/services.py index 9523940d..f1c7a540 100644 --- a/service/pixelated/config/services.py +++ b/service/pixelated/config/services.py @@ -12,7 +12,7 @@ class Services(object): def __init__(self, leap_home, leap_session): - soledad_querier = SoledadQuerier(soledad=leap_session.account._soledad) + soledad_querier = SoledadQuerier(soledad=leap_session.soledad_session.soledad) self.search_engine = self.setup_search_engine( leap_home, -- cgit v1.2.3 From e438ad68b23258d56dcebf31e095dafcf8423bce Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Sat, 13 Jun 2015 19:41:01 -0300 Subject: [tests] Enabling 2 skipped tests Adapted to run on current application module --- service/test/unit/config/test_app_factory.py | 44 ++++++++++++++++++---------- 1 file changed, 28 insertions(+), 16 deletions(-) (limited to 'service') diff --git a/service/test/unit/config/test_app_factory.py b/service/test/unit/config/test_app_factory.py index a43273c3..b2799d4c 100644 --- a/service/test/unit/config/test_app_factory.py +++ b/service/test/unit/config/test_app_factory.py @@ -4,7 +4,7 @@ from mock import patch, MagicMock, ANY import pixelated -class AppFactoryTest(unittest.TestCase): +class ApplicationTest(unittest.TestCase): class MockConfig: def __init__(self, port, host, sslkey=None, sslcert=None): @@ -14,28 +14,40 @@ class AppFactoryTest(unittest.TestCase): self.sslcert = sslcert self.home = 'leap_home' - @patch('pixelated.config.app_factory.init_app') - @patch('pixelated.config.app_factory.reactor') - @unittest.skip("refactoring startup, need to define a better place to put this") - def test_that_create_app_binds_to_tcp_port_if_no_ssl_options(self, reactor_mock, init_app_mock): + @patch('pixelated.application.reactor') + @patch('pixelated.application.Services') + def test_that_create_app_binds_to_tcp_port_if_no_ssl_options(self, services_mock, reactor_mock): app_mock = MagicMock() leap_session = MagicMock() - config = AppFactoryTest.MockConfig(12345, '127.0.0.1', leap_session) + config = ApplicationTest.MockConfig(12345, '127.0.0.1', leap_session) - create_app(config.home, leap_session, config.host, config.port, config.sslkey, config.sslcert) + d = pixelated.application.start_user_agent(app_mock, config.host, config.port, config.sslkey, config.sslcert, config.home, leap_session) - reactor_mock.listenTCP.assert_called_once_with(12345, ANY, interface='127.0.0.1') + def _assert(_): + services_mock.assert_called_once_with(config.home, leap_session) - @patch('pixelated.config.app_factory.init_app') - @patch('pixelated.config.app_factory.reactor') - @unittest.skip("refactoring startup, need to define a better place to put this") - def test_that_create_app_binds_to_ssl_if_ssl_options(self, reactor_mock, init_app_mock): + reactor_mock.listenTCP.assert_called_once_with(12345, ANY, interface='127.0.0.1') + app_mock.stopListening.assert_called() + + d.addCallback(_assert) + return d + + @patch('pixelated.application.reactor') + @patch('pixelated.application.Services') + def test_that_create_app_binds_to_ssl_if_ssl_options(self, services_mock, reactor_mock): app_mock = MagicMock() leap_session = MagicMock() - pixelated.config.app_factory._ssl_options = lambda x, y: 'options' + pixelated.application._ssl_options = lambda x, y: 'options' + + config = ApplicationTest.MockConfig(12345, '127.0.0.1', sslkey="sslkey", sslcert="sslcert") + + d = pixelated.application.start_user_agent(app_mock, config.host, config.port, config.sslkey, config.sslcert, config.home, leap_session) - config = AppFactoryTest.MockConfig(12345, '127.0.0.1', sslkey="sslkey", sslcert="sslcert") + def _assert(_): + services_mock.assert_called_once_with(config.home, leap_session) - create_app(config.home, leap_session, config.host, config.port, config.sslkey, config.sslcert) + reactor_mock.listenSSL.assert_called_once_with(12345, ANY, 'options', interface='127.0.0.1') + app_mock.stopListening.assert_called() - reactor_mock.listenSSL.assert_called_once_with(12345, ANY, 'options', interface='127.0.0.1') + d.addCallback(_assert) + return d -- cgit v1.2.3 From ff1db7d72d1ee3b3f9de83913bc98cb048bfc207 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Sat, 13 Jun 2015 19:45:11 -0300 Subject: [rename] tested app_factory code is now on application module --- service/test/unit/config/test_app_factory.py | 53 ---------------------------- service/test/unit/test_application.py | 53 ++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 53 deletions(-) delete mode 100644 service/test/unit/config/test_app_factory.py create mode 100644 service/test/unit/test_application.py (limited to 'service') diff --git a/service/test/unit/config/test_app_factory.py b/service/test/unit/config/test_app_factory.py deleted file mode 100644 index b2799d4c..00000000 --- a/service/test/unit/config/test_app_factory.py +++ /dev/null @@ -1,53 +0,0 @@ -import unittest - -from mock import patch, MagicMock, ANY -import pixelated - - -class ApplicationTest(unittest.TestCase): - - class MockConfig: - def __init__(self, port, host, sslkey=None, sslcert=None): - self.port = port - self.host = host - self.sslkey = sslkey - self.sslcert = sslcert - self.home = 'leap_home' - - @patch('pixelated.application.reactor') - @patch('pixelated.application.Services') - def test_that_create_app_binds_to_tcp_port_if_no_ssl_options(self, services_mock, reactor_mock): - app_mock = MagicMock() - leap_session = MagicMock() - config = ApplicationTest.MockConfig(12345, '127.0.0.1', leap_session) - - d = pixelated.application.start_user_agent(app_mock, config.host, config.port, config.sslkey, config.sslcert, config.home, leap_session) - - def _assert(_): - services_mock.assert_called_once_with(config.home, leap_session) - - reactor_mock.listenTCP.assert_called_once_with(12345, ANY, interface='127.0.0.1') - app_mock.stopListening.assert_called() - - d.addCallback(_assert) - return d - - @patch('pixelated.application.reactor') - @patch('pixelated.application.Services') - def test_that_create_app_binds_to_ssl_if_ssl_options(self, services_mock, reactor_mock): - app_mock = MagicMock() - leap_session = MagicMock() - pixelated.application._ssl_options = lambda x, y: 'options' - - config = ApplicationTest.MockConfig(12345, '127.0.0.1', sslkey="sslkey", sslcert="sslcert") - - d = pixelated.application.start_user_agent(app_mock, config.host, config.port, config.sslkey, config.sslcert, config.home, leap_session) - - def _assert(_): - services_mock.assert_called_once_with(config.home, leap_session) - - reactor_mock.listenSSL.assert_called_once_with(12345, ANY, 'options', interface='127.0.0.1') - app_mock.stopListening.assert_called() - - d.addCallback(_assert) - return d diff --git a/service/test/unit/test_application.py b/service/test/unit/test_application.py new file mode 100644 index 00000000..b2799d4c --- /dev/null +++ b/service/test/unit/test_application.py @@ -0,0 +1,53 @@ +import unittest + +from mock import patch, MagicMock, ANY +import pixelated + + +class ApplicationTest(unittest.TestCase): + + class MockConfig: + def __init__(self, port, host, sslkey=None, sslcert=None): + self.port = port + self.host = host + self.sslkey = sslkey + self.sslcert = sslcert + self.home = 'leap_home' + + @patch('pixelated.application.reactor') + @patch('pixelated.application.Services') + def test_that_create_app_binds_to_tcp_port_if_no_ssl_options(self, services_mock, reactor_mock): + app_mock = MagicMock() + leap_session = MagicMock() + config = ApplicationTest.MockConfig(12345, '127.0.0.1', leap_session) + + d = pixelated.application.start_user_agent(app_mock, config.host, config.port, config.sslkey, config.sslcert, config.home, leap_session) + + def _assert(_): + services_mock.assert_called_once_with(config.home, leap_session) + + reactor_mock.listenTCP.assert_called_once_with(12345, ANY, interface='127.0.0.1') + app_mock.stopListening.assert_called() + + d.addCallback(_assert) + return d + + @patch('pixelated.application.reactor') + @patch('pixelated.application.Services') + def test_that_create_app_binds_to_ssl_if_ssl_options(self, services_mock, reactor_mock): + app_mock = MagicMock() + leap_session = MagicMock() + pixelated.application._ssl_options = lambda x, y: 'options' + + config = ApplicationTest.MockConfig(12345, '127.0.0.1', sslkey="sslkey", sslcert="sslcert") + + d = pixelated.application.start_user_agent(app_mock, config.host, config.port, config.sslkey, config.sslcert, config.home, leap_session) + + def _assert(_): + services_mock.assert_called_once_with(config.home, leap_session) + + reactor_mock.listenSSL.assert_called_once_with(12345, ANY, 'options', interface='127.0.0.1') + app_mock.stopListening.assert_called() + + d.addCallback(_assert) + return d -- cgit v1.2.3 From 96616d25a0f4abf1b4c4c9360a5aa8de1ecfad79 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Mon, 15 Jun 2015 16:39:33 -0300 Subject: SMTP now runs with the rest of the background jobs, that means register no longer starts the smtp server --- service/pixelated/bitmask_libraries/provider.py | 1 - service/pixelated/bitmask_libraries/session.py | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py index e08bfb43..315ea7f1 100644 --- a/service/pixelated/bitmask_libraries/provider.py +++ b/service/pixelated/bitmask_libraries/provider.py @@ -26,7 +26,6 @@ class LeapProvider(object): self.server_name = server_name self.config = config self.local_ca_crt = '%s/ca.crt' % self.config.leap_home - self.provider_json = self.fetch_provider_json() @property diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index 49116641..3f548e70 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -82,9 +82,11 @@ class LeapSession(object): self.stop_background_jobs() def start_background_jobs(self): + self.smtp.ensure_running() reactor.callFromThread(self.incoming_mail_fetcher.start_loop) def stop_background_jobs(self): + self.smtp.stop() reactor.callFromThread(self.incoming_mail_fetcher.stop) def sync(self): @@ -125,8 +127,6 @@ class LeapSessionFactory(object): smtp = LeapSmtp(self._provider, auth.username, auth.session_id, nicknym.keymanager) - smtp.ensure_running() - return LeapSession(self._provider, auth, soledad, nicknym, account, incoming_mail_fetcher, smtp) def _lookup_session(self, key): -- cgit v1.2.3 From 1af60867f8f85f87d2186a66ce911392d7b08a05 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Mon, 15 Jun 2015 16:40:19 -0300 Subject: Register now understands fingerprint and certificate arguments again --- service/pixelated/config/arguments.py | 5 ++++- service/pixelated/register.py | 27 ++++++++++++++++++++------- 2 files changed, 24 insertions(+), 8 deletions(-) (limited to 'service') diff --git a/service/pixelated/config/arguments.py b/service/pixelated/config/arguments.py index 72ae6141..56f83421 100644 --- a/service/pixelated/config/arguments.py +++ b/service/pixelated/config/arguments.py @@ -24,6 +24,7 @@ def parse_user_agent_args(): parser_add_default_arguments(parser) parser.add_argument('--host', default='127.0.0.1', help='the host to run the user agent on') + parser.add_argument('--organization-mode', help='Runs the user agent in organization mode, the credentials will be received from the stdin', default=False, action='store_true', dest='organization_mode') parser.add_argument('--port', type=int, default=3333, help='the port to run the user agent on') parser.add_argument('-sk', '--sslkey', metavar='', default=None, help='use specified file as web server\'s SSL key (when using the user-agent together with the pixelated-dispatcher)') parser.add_argument('-sc', '--sslcert', metavar='', default=None, help='use specified file as web server\'s SSL certificate (when using the user-agent together with the pixelated-dispatcher)') @@ -50,12 +51,14 @@ def parse_register_args(): parser = argparse.ArgumentParser(description='Pixelated register') parser.add_argument('provider', metavar='provider', action='store') parser.add_argument('username', metavar='username', action='store') + parser.add_argument('-lc', '--leap-provider-cert', metavar='', default=None, help='use specified file for LEAP provider cert authority certificate (url https:///ca.crt)') + parser.add_argument('-lf', '--leap-provider-cert-fingerprint', metavar='', default=None, help='use specified fingerprint to validate connection with LEAP provider', dest='leap_provider_cert_fingerprint') + parser.add_argument('--leap-home', help='The folder where the user agent stores its data. Defaults to ~/.leap', dest='leap_home', default=os.path.join(os.path.expanduser("~"), '.leap')) return parser.parse_args() def parser_add_default_arguments(parser): parser.add_argument('--debug', action='store_true', help='DEBUG mode.') - parser.add_argument('--organization-mode', help='Runs the user agent in organization mode, the credentials will be received from the stdin', default=False, action='store_true', dest='organization_mode') parser.add_argument('-c', '--config', dest='credentials_file', metavar='', default=None, help='use specified file for credentials (for test purposes only)') parser.add_argument('--leap-home', help='The folder where the user agent stores its data. Defaults to ~/.leap', dest='leap_home', default=os.path.join(os.path.expanduser("~"), '.leap')) parser.add_argument('-lc', '--leap-provider-cert', metavar='', default=None, help='use specified file for LEAP provider cert authority certificate (url https:///ca.crt)') diff --git a/service/pixelated/register.py b/service/pixelated/register.py index 47c9c3f5..11ec9b1f 100644 --- a/service/pixelated/register.py +++ b/service/pixelated/register.py @@ -17,31 +17,39 @@ import re import getpass import logging -from pixelated.bitmask_libraries import session as leap_session from pixelated.config import arguments from pixelated.config import logger as logger_config from pixelated.bitmask_libraries.certs import LeapCertificate from pixelated.bitmask_libraries.config import LeapConfig from pixelated.bitmask_libraries.provider import LeapProvider +from pixelated.bitmask_libraries.session import LeapSessionFactory from leap.auth import SRPAuth logger = logging.getLogger(__name__) -def register(server_name, username): +def register( + server_name, + username, + leap_home, + provider_cert, + provider_cert_fingerprint): + try: validate_username(username) except ValueError: print('Only lowercase letters, digits, . - and _ allowed.') - config = LeapConfig() - provider = LeapProvider(server_name, config) password = getpass.getpass('Please enter password for %s: ' % username) + + LeapCertificate.set_cert_and_fingerprint(provider_cert, provider_cert_fingerprint) + config = LeapConfig(leap_home=leap_home) + provider = LeapProvider(server_name, config) + LeapCertificate(provider).setup_ca_bundle() srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).provider_api_cert) if srp_auth.register(username, password): - session = leap_session.open_leap_session(username, password, server_name) - session.nicknym.generate_openpgp_key() + session = LeapSessionFactory(provider).create(username, password) else: logger.error("Register failed") @@ -55,4 +63,9 @@ def validate_username(username): def initialize(): logger_config.init(debug=False) args = arguments.parse_register_args() - register(args.provider, args.username) + register( + args.provider, + args.username, + args.leap_home, + args.leap_provider_cert, + args.leap_provider_cert_fingerprint) -- cgit v1.2.3 From da1a71479583223a1c4939d51c4d6574af1a32a3 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Mon, 15 Jun 2015 17:07:45 -0300 Subject: [doc] LeapSession docstring now matches reality --- service/pixelated/bitmask_libraries/session.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index 3f548e70..b3140a89 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -39,9 +39,13 @@ class LeapSession(object): Properties: - - ``leap_config`` the configuration for this session (LeapClientConfig). + - ``smtp`` the smtp gateway instance (LeapSmtp). - - ``srp_session`` the secure remote password session to authenticate with LEAP. See http://en.wikipedia.org/wiki/Secure_Remote_Password_protocol (LeapSecureRemotePassword) + - ``config`` the configuration for this session (LeapClientConfig). + + - ``provider`` the responsible for interacting with provider.json (LeapProvider). + + - ``user_auth`` the secure remote password session data after authenticating with LEAP. See http://en.wikipedia.org/wiki/Secure_Remote_Password_protocol (SRPSession) - ``soledad_session`` the soledad session. See https://leap.se/soledad (LeapSecureRemotePassword) -- cgit v1.2.3 From 3522e3ef4898516c8c00bfd8ba4dc8fc489696a1 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Mon, 15 Jun 2015 17:44:40 -0300 Subject: key generation isnt a side effect of start background jobs --- service/pixelated/bitmask_libraries/session.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index b3140a89..cf6bc0f6 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -72,11 +72,11 @@ class LeapSession(object): self.nicknym = nicknym self.account = soledad_account self.incoming_mail_fetcher = incoming_mail_fetcher + self.soledad_session.soledad.sync(defer_decryption=False) + self.nicknym.generate_openpgp_key() if self.config.start_background_jobs: self.start_background_jobs() - self.soledad_session.soledad.sync(defer_decryption=False) - self.nicknym.generate_openpgp_key() def account_email(self): name = self.user_auth.username -- cgit v1.2.3 From a1e2179fadfc0ce7ebc6b30d3c63ac6539f06752 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Mon, 15 Jun 2015 17:47:03 -0300 Subject: [doc] removing constructor docstring, since the one present on class is already explaining this --- service/pixelated/bitmask_libraries/session.py | 7 ------- 1 file changed, 7 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index cf6bc0f6..208dc271 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -57,13 +57,6 @@ class LeapSession(object): """ def __init__(self, provider, user_auth, soledad_session, nicknym, soledad_account, incoming_mail_fetcher, smtp): - """ - Constructor. - - :param leap_config: The config for this LEAP session - :type leap_config: LeapConfig - - """ self.smtp = smtp self.config = provider.config self.provider = provider -- cgit v1.2.3 From c06e13288d3675addb0beb9356692f0551a0a705 Mon Sep 17 00:00:00 2001 From: Jefferson Stachelski Date: Mon, 15 Jun 2015 18:03:46 -0300 Subject: Put False on maintenance to not use organization mode on intialise_leap --- service/pixelated/maintenance.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'service') diff --git a/service/pixelated/maintenance.py b/service/pixelated/maintenance.py index cd55e6f6..b16e0ecf 100644 --- a/service/pixelated/maintenance.py +++ b/service/pixelated/maintenance.py @@ -32,7 +32,7 @@ def initialize(): args.leap_provider_cert, args.leap_provider_cert_fingerprint, args.credentials_file, - args.organization_mode, + False, args.leap_home) execute_command = create_execute_command(args, leap_session) -- cgit v1.2.3 From 8df54482cbbd0f14d10dbf19262624253256dafa Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Tue, 16 Jun 2015 15:08:25 -0300 Subject: Explicit is better than implicit. Trying to apply a little of this: https://www.python.org/dev/peps/pep-0020/ False doesnt point out what is being disabled. The other argument changed only because of arguments order. --- service/pixelated/maintenance.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'service') diff --git a/service/pixelated/maintenance.py b/service/pixelated/maintenance.py index b16e0ecf..91300a0a 100644 --- a/service/pixelated/maintenance.py +++ b/service/pixelated/maintenance.py @@ -32,8 +32,8 @@ def initialize(): args.leap_provider_cert, args.leap_provider_cert_fingerprint, args.credentials_file, - False, - args.leap_home) + organization_mode=False, + leap_home=args.leap_home) execute_command = create_execute_command(args, leap_session) -- cgit v1.2.3 From 7718e546173928dcf4b86da9cd55ee6e05017cac Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Wed, 17 Jun 2015 09:18:12 -0300 Subject: clean up unused variables (flake8 violations) --- service/pixelated/register.py | 2 +- service/test/support/dispatcher/proxy.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'service') diff --git a/service/pixelated/register.py b/service/pixelated/register.py index 11ec9b1f..f917840b 100644 --- a/service/pixelated/register.py +++ b/service/pixelated/register.py @@ -49,7 +49,7 @@ def register( srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).provider_api_cert) if srp_auth.register(username, password): - session = LeapSessionFactory(provider).create(username, password) + LeapSessionFactory(provider).create(username, password) else: logger.error("Register failed") diff --git a/service/test/support/dispatcher/proxy.py b/service/test/support/dispatcher/proxy.py index d4cb95ee..ca3bbc41 100644 --- a/service/test/support/dispatcher/proxy.py +++ b/service/test/support/dispatcher/proxy.py @@ -87,7 +87,7 @@ class MainHandler(tornado.web.RequestHandler): except tornado.httpclient.HTTPError, x: if hasattr(x, 'response') and x.response: self.handle_response(x.response) - except Exception, e: + except Exception: self.set_status(500) self.write("Internal server error:\n" + ''.join(traceback.format_exception(*sys.exc_info()))) self.finish() -- cgit v1.2.3 From f5480053276dd211fd182da7ad6574b7636a8b7d Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Wed, 17 Jun 2015 09:18:30 -0300 Subject: fix missing import --- service/test/functional/features/steps/data_setup.py | 1 + 1 file changed, 1 insertion(+) (limited to 'service') diff --git a/service/test/functional/features/steps/data_setup.py b/service/test/functional/features/steps/data_setup.py index 4e349f05..2a3876fc 100644 --- a/service/test/functional/features/steps/data_setup.py +++ b/service/test/functional/features/steps/data_setup.py @@ -14,6 +14,7 @@ # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see . from test.support.integration import MailBuilder +from behave import given @given('I have a mail in my inbox') -- cgit v1.2.3 From 89c9a1e1836098e2e55a225943d29e6d6474c240 Mon Sep 17 00:00:00 2001 From: Bruno Wagner Date: Thu, 18 Jun 2015 17:07:51 -0300 Subject: SMTP should be getting up properly again The latest changes on the platform caused the user agent to be unable to download the smtp client certificate, receiving a 401 in response. I added the authorization header to the call on the user agent so that is fixed. --- service/pixelated/bitmask_libraries/session.py | 2 +- service/pixelated/bitmask_libraries/smtp.py | 9 ++++++--- service/test/unit/bitmask_libraries/test_smtp.py | 2 +- 3 files changed, 8 insertions(+), 5 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index 208dc271..a7da7614 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -122,7 +122,7 @@ class LeapSessionFactory(object): account = self._create_account(auth.uuid, soledad) incoming_mail_fetcher = self._create_incoming_mail_fetcher(nicknym, soledad, account, account_email) - smtp = LeapSmtp(self._provider, auth.username, auth.session_id, nicknym.keymanager) + smtp = LeapSmtp(self._provider, auth.username, auth.session_id, auth.token, nicknym.keymanager) return LeapSession(self._provider, auth, soledad, nicknym, account, incoming_mail_fetcher, smtp) diff --git a/service/pixelated/bitmask_libraries/smtp.py b/service/pixelated/bitmask_libraries/smtp.py index 759a2920..3e2d1b21 100644 --- a/service/pixelated/bitmask_libraries/smtp.py +++ b/service/pixelated/bitmask_libraries/smtp.py @@ -26,11 +26,12 @@ logger = logging.getLogger(__name__) class LeapSmtp(object): - def __init__(self, provider, username, session_id, keymanager=None): + def __init__(self, provider, username, session_id, user_token, keymanager=None): self.local_smtp_port_number = random.randrange(12000, 16000) self._provider = provider self.username = username self.session_id = session_id + self.user_token = user_token self._keymanager = keymanager self._remote_hostname, self._remote_port = self._discover_remote_smtp_server() self._local_smtp_service_socket = None @@ -58,12 +59,14 @@ class LeapSmtp(object): cert_url = '%s/%s/cert' % (self._provider.api_uri, self._provider.api_version) cookies = {"_session_id": self.session_id} - + headers = {} + headers["Authorization"] = 'Token token="{0}"'.format(self.user_token) response = requests.get( cert_url, verify=LeapCertificate(self._provider).provider_api_cert, cookies=cookies, - timeout=self._provider.config.timeout_in_s) + timeout=self._provider.config.timeout_in_s, + headers=headers) response.raise_for_status() client_cert = response.content diff --git a/service/test/unit/bitmask_libraries/test_smtp.py b/service/test/unit/bitmask_libraries/test_smtp.py index 5987415c..535b1e7a 100644 --- a/service/test/unit/bitmask_libraries/test_smtp.py +++ b/service/test/unit/bitmask_libraries/test_smtp.py @@ -66,7 +66,7 @@ class LeapSmtpTest(AbstractLeapTest): @patch('pixelated.bitmask_libraries.smtp.setup_smtp_gateway') def test_that_start_calls_setup_smtp_gateway(self, gateway_mock): - smtp = LeapSmtp(self.provider, self.auth.username, self.auth.session_id, self.keymanager) + smtp = LeapSmtp(self.provider, self.auth.username, self.auth.session_id, self.auth.token, self.keymanager) port = 500 smtp.local_smtp_port_number = port -- cgit v1.2.3 From ea6e88d0e68309deba304c92d6cae5f31046e8b6 Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Fri, 19 Jun 2015 22:21:47 +0200 Subject: [refactor] Use auth for fewer parameters --- service/pixelated/bitmask_libraries/session.py | 2 +- service/pixelated/bitmask_libraries/smtp.py | 8 ++++---- service/test/unit/bitmask_libraries/test_smtp.py | 8 ++++---- 3 files changed, 9 insertions(+), 9 deletions(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index a7da7614..a9cb15f2 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -122,7 +122,7 @@ class LeapSessionFactory(object): account = self._create_account(auth.uuid, soledad) incoming_mail_fetcher = self._create_incoming_mail_fetcher(nicknym, soledad, account, account_email) - smtp = LeapSmtp(self._provider, auth.username, auth.session_id, auth.token, nicknym.keymanager) + smtp = LeapSmtp(self._provider, auth, nicknym.keymanager) return LeapSession(self._provider, auth, soledad, nicknym, account, incoming_mail_fetcher, smtp) diff --git a/service/pixelated/bitmask_libraries/smtp.py b/service/pixelated/bitmask_libraries/smtp.py index 3e2d1b21..31e56995 100644 --- a/service/pixelated/bitmask_libraries/smtp.py +++ b/service/pixelated/bitmask_libraries/smtp.py @@ -26,12 +26,12 @@ logger = logging.getLogger(__name__) class LeapSmtp(object): - def __init__(self, provider, username, session_id, user_token, keymanager=None): + def __init__(self, provider, auth, keymanager=None): self.local_smtp_port_number = random.randrange(12000, 16000) self._provider = provider - self.username = username - self.session_id = session_id - self.user_token = user_token + self.username = auth.username + self.session_id = auth.session_id + self.user_token = auth.token self._keymanager = keymanager self._remote_hostname, self._remote_port = self._discover_remote_smtp_server() self._local_smtp_service_socket = None diff --git a/service/test/unit/bitmask_libraries/test_smtp.py b/service/test/unit/bitmask_libraries/test_smtp.py index 535b1e7a..ec51c56b 100644 --- a/service/test/unit/bitmask_libraries/test_smtp.py +++ b/service/test/unit/bitmask_libraries/test_smtp.py @@ -53,7 +53,7 @@ class LeapSmtpTest(AbstractLeapTest): self.config.timeout_in_s = 15 def test_that_client_cert_gets_downloaded(self): - smtp = LeapSmtp(self.provider, self.auth.username, self.auth.session_id, self.keymanager) + smtp = LeapSmtp(self.provider, self.auth, self.keymanager) with HTTMock(ca_cert_mock, not_found_mock): smtp._download_client_certificates() @@ -66,7 +66,7 @@ class LeapSmtpTest(AbstractLeapTest): @patch('pixelated.bitmask_libraries.smtp.setup_smtp_gateway') def test_that_start_calls_setup_smtp_gateway(self, gateway_mock): - smtp = LeapSmtp(self.provider, self.auth.username, self.auth.session_id, self.auth.token, self.keymanager) + smtp = LeapSmtp(self.provider, self.auth, self.keymanager) port = 500 smtp.local_smtp_port_number = port @@ -78,14 +78,14 @@ class LeapSmtpTest(AbstractLeapTest): gateway_mock.assert_called_with(keymanager=self.keymanager, smtp_cert=cert_path, smtp_key=cert_path, userid='test_user@some-server.test', smtp_port='1234', encrypted_only=False, smtp_host='smtp.some-sever.test', port=port) def test_that_client_stop_does_nothing_if_not_started(self): - smtp = LeapSmtp(self.provider, self.auth.username, self.auth.session_id, self.keymanager) + smtp = LeapSmtp(self.provider, self.auth, self.keymanager) with HTTMock(not_found_mock): smtp.stop() @patch('pixelated.bitmask_libraries.smtp.setup_smtp_gateway') def test_that_running_smtp_sevice_is_stopped(self, gateway_mock): - smtp = LeapSmtp(self.provider, self.auth.username, self.auth.session_id, self.keymanager) + smtp = LeapSmtp(self.provider, self.auth, self.keymanager) smtp_service = MagicMock() smtp_port = MagicMock() -- cgit v1.2.3 From 0b179c61043a9854fa23b8fd40fd252864ecd021 Mon Sep 17 00:00:00 2001 From: Jefferson Stachelski Date: Wed, 24 Jun 2015 18:22:06 -0300 Subject: #412 Added a sleep to get a enought time to soledad sync the added mails --- service/pixelated/maintenance.py | 3 +++ 1 file changed, 3 insertions(+) (limited to 'service') diff --git a/service/pixelated/maintenance.py b/service/pixelated/maintenance.py index 91300a0a..7170055c 100644 --- a/service/pixelated/maintenance.py +++ b/service/pixelated/maintenance.py @@ -21,9 +21,11 @@ from pixelated.config.leap import initialize_leap from pixelated.config import logger, arguments from leap.mail.imap.fields import WithMsgFields +import time def initialize(): + import time args = arguments.parse_maintenance_args() logger.init(debug=args.debug) @@ -175,6 +177,7 @@ def dump_soledad(args): def shutdown(args): + time.sleep(30) reactor.stop() -- cgit v1.2.3