summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pkg/osx/Makefile33
-rwxr-xr-xpkg/osx/install/install-leapc.sh2
-rw-r--r--pkg/osx/leap-client.spec5
-rw-r--r--src/leap/eip/checks.py16
-rw-r--r--src/leap/gui/firstrun/providerselect.py2
-rw-r--r--src/leap/util/certs.py17
6 files changed, 54 insertions, 21 deletions
diff --git a/pkg/osx/Makefile b/pkg/osx/Makefile
index b302fa31..f2520fcf 100644
--- a/pkg/osx/Makefile
+++ b/pkg/osx/Makefile
@@ -1,6 +1,10 @@
#WARNING: You need to run this with an activated VIRTUALENV.
OSX = dist/LEAP\ Client.app/Contents/MacOS/
+GITC = `git rev-parse --short HEAD`
+DMG = "dist/leap-client-$(GITC).dmg"
+INST = "dist/LEAP Client installer.app"
+INSTR = "dist/LEAP Client installer.app/Contents/Resources"
pkg : dist trim installer dmg
@@ -16,28 +20,27 @@ trim:
installer:
#XXX need to fix some paths there (binary, etc)
- platypus -P install/leap-installer.platypus -y dist/LEAPClient_installer.app
+ platypus -P install/leap-installer.platypus -y $(INST)
#XXX should build tuntap extensions ourselves
- mkdir "dist/LEAPClient_installer.app/Contents/Resources/StartupItems"
- mkdir "dist/LEAPClient_installer.app/Contents/Resources/Extensions/"
- cp -r /opt/local/Library/StartupItems/tun "dist/LEAPClient_installer.app/Contents/Resources/StartupItems/"
- cp -r /opt/local/Library/StartupItems/tap "dist/LEAPClient_installer.app/Contents/Resources/StartupItems/"
- cp -r /opt/local/Library/Extensions/tun.kext "dist/LEAPClient_installer.app/Contents/Resources/Extensions/"
- cp -r /opt/local/Library/Extensions/tap.kext "dist/LEAPClient_installer.app/Contents/Resources/Extensions/"
+ mkdir $(INSTR)/StartupItems
+ mkdir $(INSTR)/Extensions
+ cp -r /opt/local/Library/StartupItems/tun $(INSTR)/StartupItems
+ cp -r /opt/local/Library/StartupItems/tap $(INSTR)/StartupItems
+ cp -r /opt/local/Library/Extensions/tun.kext $(INSTR)/Extensions
+ cp -r /opt/local/Library/Extensions/tap.kext $(INSTR)/Extensions
#copy the binary that we have previously built
#XXX not building it yet...
- cp ../../openvpn/build/openvpn.leap "dist/LEAPClient_installer.app/Contents/Resources/"
+ cp ../../openvpn/build/openvpn.leap $(INSTR)
#copy startup scripts
- cp install/client.up.sh "dist/LEAP Client.app/Contents/Resources"
- cp install/client.down.sh "dist/LEAP Client.app/Contents/Resources"
- cp install/ProcessNetworkChanges.plist.template "dist/LEAP Client.app/Contents/Resources"
+ cp install/client.up.sh $(INSTR)
+ cp install/client.down.sh $(INSTR)
+ cp install/ProcessNetworkChanges.plist.template $(INSTR)
#Finally, copy application bundle...
- cp -r "dist/LEAP Client.app" "dist/LEAPClient_installer.app/Contents/Resources/"
+ cp -r "dist/LEAP Client.app" $(INSTR)
dmg :
- #TODO: remove if already present
- #rm dist/LEAPClient.dmg
- hdiutil create -format UDBZ -srcfolder "dist/LEAPClient_installer.app/" "dist/LEAP Client Installer.dmg"
+ rm -f $(DMG)
+ hdiutil create -format UDBZ -srcfolder $(INST) $(DMG)
clean :
rm -rf dist/ build/
diff --git a/pkg/osx/install/install-leapc.sh b/pkg/osx/install/install-leapc.sh
index d47b8f45..7a0d3a5e 100755
--- a/pkg/osx/install/install-leapc.sh
+++ b/pkg/osx/install/install-leapc.sh
@@ -14,3 +14,5 @@ echo "Loading tun/tap kernel extension"
/Library/StartupItems/tun/tun start
echo "Installation Finished!"
+
+open /Applications/LEAP\ Client.app/
diff --git a/pkg/osx/leap-client.spec b/pkg/osx/leap-client.spec
index 4a34bb7c..04f45253 100644
--- a/pkg/osx/leap-client.spec
+++ b/pkg/osx/leap-client.spec
@@ -15,7 +15,10 @@ exe = EXE(pyz,
upx=True,
console=False)
coll = COLLECT(exe,
- a.binaries,
+ a.binaries +
+ # this will easitly break if we setup the venv
+ # somewhere else. FIXME
+ [('cacert.pem', '../../../../lib/python2.6/site-packages/requests/cacert.pem', 'DATA')],
a.zipfiles,
a.datas,
strip=True,
diff --git a/src/leap/eip/checks.py b/src/leap/eip/checks.py
index bd158e1e..cc395bcb 100644
--- a/src/leap/eip/checks.py
+++ b/src/leap/eip/checks.py
@@ -3,6 +3,7 @@ import logging
#import platform
import time
import os
+import sys
import gnutls.crypto
#import netifaces
@@ -20,6 +21,7 @@ from leap.eip import config as eipconfig
from leap.eip import constants as eipconstants
from leap.eip import exceptions as eipexceptions
from leap.eip import specs as eipspecs
+from leap.util.certs import get_mac_cabundle
from leap.util.fileutil import mkdir_p
from leap.util.web import get_https_domain_and_port
from leap.util.misc import null_check
@@ -165,13 +167,15 @@ class ProviderCertChecker(object):
if autocacert and verify is True and self.cacert is not None:
logger.debug('verify cert: %s', self.cacert)
verify = self.cacert
+ if sys.platform == "darwin":
+ verify = get_mac_cabundle()
logger.debug('checking https connection')
logger.debug('uri: %s (verify:%s)', uri, verify)
+
try:
self.fetcher.get(uri, verify=verify)
- except requests.exceptions.SSLError: # as exc:
- logger.error("SSLError")
+ except requests.exceptions.SSLError as exc:
raise eipexceptions.HttpsBadCertError
except requests.exceptions.ConnectionError:
@@ -448,9 +452,15 @@ class EIPConfigChecker(object):
domain = config.get('provider', None)
uri = self._get_provider_definition_uri(domain=domain)
+ if sys.platform == "darwin":
+ verify = get_mac_cabundle()
+ else:
+ verify = True
+
self.defaultprovider.load(
from_uri=uri,
- fetcher=self.fetcher)
+ fetcher=self.fetcher,
+ verify=verify)
self.defaultprovider.save()
def fetch_eip_service_config(self, skip_download=False,
diff --git a/src/leap/gui/firstrun/providerselect.py b/src/leap/gui/firstrun/providerselect.py
index 28fb829c..ccecd519 100644
--- a/src/leap/gui/firstrun/providerselect.py
+++ b/src/leap/gui/firstrun/providerselect.py
@@ -287,8 +287,6 @@ class SelectProviderPage(InlineValidationPage):
wizard.set_providerconfig(
eipconfigchecker.defaultprovider.config)
except requests.exceptions.SSLError:
- # XXX we should have catched this before.
- # but cert checking is broken.
return self.fail(self.tr(
"Could not get info from provider."))
except requests.exceptions.ConnectionError:
diff --git a/src/leap/util/certs.py b/src/leap/util/certs.py
new file mode 100644
index 00000000..304db08a
--- /dev/null
+++ b/src/leap/util/certs.py
@@ -0,0 +1,17 @@
+import os
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+def get_mac_cabundle():
+ # hackaround bundle error
+ # XXX this needs a better fix!
+ f = os.path.split(__file__)[0]
+ sep = os.path.sep
+ f_ = sep.join(f.split(sep)[:-2])
+ verify = os.path.join(f_, 'cacert.pem')
+ #logger.error('VERIFY PATH = %s' % verify)
+ exists = os.path.isfile(verify)
+ #logger.error('do exist? %s', exists)
+ return verify