diff options
| -rw-r--r-- | pkg/osx/Makefile | 33 | ||||
| -rwxr-xr-x | pkg/osx/install/install-leapc.sh | 2 | ||||
| -rw-r--r-- | pkg/osx/leap-client.spec | 5 | ||||
| -rw-r--r-- | src/leap/eip/checks.py | 16 | ||||
| -rw-r--r-- | src/leap/gui/firstrun/providerselect.py | 2 | ||||
| -rw-r--r-- | src/leap/util/certs.py | 17 |
6 files changed, 54 insertions, 21 deletions
diff --git a/pkg/osx/Makefile b/pkg/osx/Makefile index b302fa31..f2520fcf 100644 --- a/pkg/osx/Makefile +++ b/pkg/osx/Makefile @@ -1,6 +1,10 @@ #WARNING: You need to run this with an activated VIRTUALENV. OSX = dist/LEAP\ Client.app/Contents/MacOS/ +GITC = `git rev-parse --short HEAD` +DMG = "dist/leap-client-$(GITC).dmg" +INST = "dist/LEAP Client installer.app" +INSTR = "dist/LEAP Client installer.app/Contents/Resources" pkg : dist trim installer dmg @@ -16,28 +20,27 @@ trim: installer: #XXX need to fix some paths there (binary, etc) - platypus -P install/leap-installer.platypus -y dist/LEAPClient_installer.app + platypus -P install/leap-installer.platypus -y $(INST) #XXX should build tuntap extensions ourselves - mkdir "dist/LEAPClient_installer.app/Contents/Resources/StartupItems" - mkdir "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" - cp -r /opt/local/Library/StartupItems/tun "dist/LEAPClient_installer.app/Contents/Resources/StartupItems/" - cp -r /opt/local/Library/StartupItems/tap "dist/LEAPClient_installer.app/Contents/Resources/StartupItems/" - cp -r /opt/local/Library/Extensions/tun.kext "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" - cp -r /opt/local/Library/Extensions/tap.kext "dist/LEAPClient_installer.app/Contents/Resources/Extensions/" + mkdir $(INSTR)/StartupItems + mkdir $(INSTR)/Extensions + cp -r /opt/local/Library/StartupItems/tun $(INSTR)/StartupItems + cp -r /opt/local/Library/StartupItems/tap $(INSTR)/StartupItems + cp -r /opt/local/Library/Extensions/tun.kext $(INSTR)/Extensions + cp -r /opt/local/Library/Extensions/tap.kext $(INSTR)/Extensions #copy the binary that we have previously built #XXX not building it yet... - cp ../../openvpn/build/openvpn.leap "dist/LEAPClient_installer.app/Contents/Resources/" + cp ../../openvpn/build/openvpn.leap $(INSTR) #copy startup scripts - cp install/client.up.sh "dist/LEAP Client.app/Contents/Resources" - cp install/client.down.sh "dist/LEAP Client.app/Contents/Resources" - cp install/ProcessNetworkChanges.plist.template "dist/LEAP Client.app/Contents/Resources" + cp install/client.up.sh $(INSTR) + cp install/client.down.sh $(INSTR) + cp install/ProcessNetworkChanges.plist.template $(INSTR) #Finally, copy application bundle... - cp -r "dist/LEAP Client.app" "dist/LEAPClient_installer.app/Contents/Resources/" + cp -r "dist/LEAP Client.app" $(INSTR) dmg : - #TODO: remove if already present - #rm dist/LEAPClient.dmg - hdiutil create -format UDBZ -srcfolder "dist/LEAPClient_installer.app/" "dist/LEAP Client Installer.dmg" + rm -f $(DMG) + hdiutil create -format UDBZ -srcfolder $(INST) $(DMG) clean : rm -rf dist/ build/ diff --git a/pkg/osx/install/install-leapc.sh b/pkg/osx/install/install-leapc.sh index d47b8f45..7a0d3a5e 100755 --- a/pkg/osx/install/install-leapc.sh +++ b/pkg/osx/install/install-leapc.sh @@ -14,3 +14,5 @@ echo "Loading tun/tap kernel extension" /Library/StartupItems/tun/tun start echo "Installation Finished!" + +open /Applications/LEAP\ Client.app/ diff --git a/pkg/osx/leap-client.spec b/pkg/osx/leap-client.spec index 4a34bb7c..04f45253 100644 --- a/pkg/osx/leap-client.spec +++ b/pkg/osx/leap-client.spec @@ -15,7 +15,10 @@ exe = EXE(pyz, upx=True, console=False) coll = COLLECT(exe, - a.binaries, + a.binaries + + # this will easitly break if we setup the venv + # somewhere else. FIXME + [('cacert.pem', '../../../../lib/python2.6/site-packages/requests/cacert.pem', 'DATA')], a.zipfiles, a.datas, strip=True, diff --git a/src/leap/eip/checks.py b/src/leap/eip/checks.py index bd158e1e..cc395bcb 100644 --- a/src/leap/eip/checks.py +++ b/src/leap/eip/checks.py @@ -3,6 +3,7 @@ import logging #import platform import time import os +import sys import gnutls.crypto #import netifaces @@ -20,6 +21,7 @@ from leap.eip import config as eipconfig from leap.eip import constants as eipconstants from leap.eip import exceptions as eipexceptions from leap.eip import specs as eipspecs +from leap.util.certs import get_mac_cabundle from leap.util.fileutil import mkdir_p from leap.util.web import get_https_domain_and_port from leap.util.misc import null_check @@ -165,13 +167,15 @@ class ProviderCertChecker(object): if autocacert and verify is True and self.cacert is not None: logger.debug('verify cert: %s', self.cacert) verify = self.cacert + if sys.platform == "darwin": + verify = get_mac_cabundle() logger.debug('checking https connection') logger.debug('uri: %s (verify:%s)', uri, verify) + try: self.fetcher.get(uri, verify=verify) - except requests.exceptions.SSLError: # as exc: - logger.error("SSLError") + except requests.exceptions.SSLError as exc: raise eipexceptions.HttpsBadCertError except requests.exceptions.ConnectionError: @@ -448,9 +452,15 @@ class EIPConfigChecker(object): domain = config.get('provider', None) uri = self._get_provider_definition_uri(domain=domain) + if sys.platform == "darwin": + verify = get_mac_cabundle() + else: + verify = True + self.defaultprovider.load( from_uri=uri, - fetcher=self.fetcher) + fetcher=self.fetcher, + verify=verify) self.defaultprovider.save() def fetch_eip_service_config(self, skip_download=False, diff --git a/src/leap/gui/firstrun/providerselect.py b/src/leap/gui/firstrun/providerselect.py index 28fb829c..ccecd519 100644 --- a/src/leap/gui/firstrun/providerselect.py +++ b/src/leap/gui/firstrun/providerselect.py @@ -287,8 +287,6 @@ class SelectProviderPage(InlineValidationPage): wizard.set_providerconfig( eipconfigchecker.defaultprovider.config) except requests.exceptions.SSLError: - # XXX we should have catched this before. - # but cert checking is broken. return self.fail(self.tr( "Could not get info from provider.")) except requests.exceptions.ConnectionError: diff --git a/src/leap/util/certs.py b/src/leap/util/certs.py new file mode 100644 index 00000000..304db08a --- /dev/null +++ b/src/leap/util/certs.py @@ -0,0 +1,17 @@ +import os +import logging + +logger = logging.getLogger(__name__) + + +def get_mac_cabundle(): + # hackaround bundle error + # XXX this needs a better fix! + f = os.path.split(__file__)[0] + sep = os.path.sep + f_ = sep.join(f.split(sep)[:-2]) + verify = os.path.join(f_, 'cacert.pem') + #logger.error('VERIFY PATH = %s' % verify) + exists = os.path.isfile(verify) + #logger.error('do exist? %s', exists) + return verify |