From ac00ec313a142e910447857c0e46e6d36c7f2ab2 Mon Sep 17 00:00:00 2001 From: antialias Date: Tue, 21 Aug 2012 10:12:22 -0700 Subject: Error fixes and json commit. --- src/leap/eip/config.py | 31 ++++++++++++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) (limited to 'src/leap/eip/config.py') diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py index 8e55d789..a219fedb 100644 --- a/src/leap/eip/config.py +++ b/src/leap/eip/config.py @@ -2,6 +2,7 @@ import ConfigParser import grp import logging import os +import json import platform import socket @@ -118,8 +119,8 @@ def check_or_create_default_vpnconf(config): 'remote_ip') validate_ip(remote_ip) - except ConfigParser.NoOptionError: - raise EIPInitNoProviderError + except ConfigParser.NoSectionError: + raise eip_exceptions.EIPInitNoProviderError except socket.error: # this does not look like an ip, dave @@ -394,7 +395,7 @@ def check_vpn_keys(config): if not os.path.isfile(keyfile): logger.error('key file %s not found. aborting.', keyfile) - raise EIPInitNoKeyFileError + raise eip_exceptions.EIPInitNoKeyFileError # check proper permission on keys # bad perms? try to fix them @@ -402,3 +403,27 @@ def check_vpn_keys(config): check_and_fix_urw_only(keyfile) except OSError: raise EIPInitBadKeyFilePermError + + +def get_config_json(config_file=None): + """ + will replace get_config function be developing them + in parralel for branch purposes. + @param: configuration file + @type: file + @rparam: configuration turples + @rtype: dictionary + """ + if not config_file: + fpath = get_config_file('eip.json') + if not os.path.isfile(fpath): + dpath, cfile = os.path.split(fpath) + if not os.path.isdir(dpath): + mkdir_p(dpath) + with open(fpath, 'wb') as configfile: + configfile.write() + config_file = open(fpath) + + config = json.load(config_file) + + return config -- cgit v1.2.3 From 5f6064b9dfa102b1115d5e3a6ecfb22cdcf82d14 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 22 Aug 2012 04:47:14 +0900 Subject: config tests --- src/leap/eip/config.py | 72 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 54 insertions(+), 18 deletions(-) (limited to 'src/leap/eip/config.py') diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py index 8e55d789..8c67a258 100644 --- a/src/leap/eip/config.py +++ b/src/leap/eip/config.py @@ -9,15 +9,37 @@ from leap.util.fileutil import (which, mkdir_p, check_and_fix_urw_only) from leap.baseapp.permcheck import (is_pkexec_in_system, is_auth_agent_running) -from leap.eip import exceptions as eip_exceptions logger = logging.getLogger(name=__name__) logger.setLevel('DEBUG') -# XXX this has to be REMOVED -# and all these options passed in the -# command line --> move to build_ovpn_command -# issue #447 +# XXX move exceptions: +# from leap.eip import exceptions as eip_exceptions + + +class EIPNoPkexecAvailable(Exception): + pass + + +class EIPNoPolkitAuthAgentAvailable(Exception): + pass + + +class EIPInitNoProviderError(Exception): + pass + + +class EIPInitBadProviderError(Exception): + pass + + +class EIPInitNoKeyFileError(Exception): + pass + + +class EIPInitBadKeyFilePermError(Exception): + pass + OPENVPN_CONFIG_TEMPLATE = """#Autogenerated by eip-client wizard remote {VPN_REMOTE_HOST} {VPN_REMOTE_PORT} @@ -114,6 +136,10 @@ def check_or_create_default_vpnconf(config): # instead. try: + # XXX by now, we're expecting + # only IP format for remote. + # We should allow also domain names, + # and make a reverse resolv. remote_ip = config.get('provider', 'remote_ip') validate_ip(remote_ip) @@ -158,6 +184,15 @@ def check_or_create_default_vpnconf(config): f.write(ovpn_config) +def get_username(): + return os.getlogin() + + +def get_groupname(): + gid = os.getgroups()[-1] + return grp.getgrgid(gid).gr_name + + def build_ovpn_options(daemon=False): """ build a list of options @@ -175,16 +210,11 @@ def build_ovpn_options(daemon=False): # get user/group name # also from config. - user = os.getlogin() - gid = os.getgroups()[-1] - group = grp.getgrgid(gid).gr_name + user = get_username() + group = get_groupname() opts = [] - #moved to config files - #opts.append('--persist-tun') - #opts.append('--persist-key') - # set user and group opts.append('--user') opts.append('%s' % user) @@ -219,6 +249,8 @@ def build_ovpn_options(daemon=False): opts.append('--config') default_provider_path = get_default_provider_path() + + # XXX get rid of config_file at all ovpncnf = get_config_file( 'openvpn.conf', folder=default_provider_path) @@ -233,7 +265,7 @@ def build_ovpn_options(daemon=False): return opts -def build_ovpn_command(config, debug=False): +def build_ovpn_command(config, debug=False, do_pkexec_check=True): """ build a string with the complete openvpn invocation @@ -251,17 +283,16 @@ def build_ovpn_command(config, debug=False): if config.has_option('openvpn', 'use_pkexec'): use_pkexec = config.get('openvpn', 'use_pkexec') - if platform.system() == "Linux" and use_pkexec: + if platform.system() == "Linux" and use_pkexec and do_pkexec_check: # XXX check for both pkexec (done) # AND a suitable authentication # agent running. - # (until we implement setuid helper) logger.info('use_pkexec set to True') if not is_pkexec_in_system(): logger.error('no pkexec in system') - raise eip_exceptions.EIPNoPkexecAvailable + raise EIPNoPkexecAvailable if not is_auth_agent_running(): logger.warning( @@ -269,7 +300,7 @@ def build_ovpn_command(config, debug=False): "pkexec will use its own text " "based authentication agent. " "that's probably a bad idea") - raise eip_exceptions.EIPNoPolkitAuthAgentAvailable + raise EIPNoPolkitAuthAgentAvailable command.append('pkexec') @@ -283,7 +314,11 @@ def build_ovpn_command(config, debug=False): 'openvpn_binary') if ovpn: - command.append(ovpn) + vpn_command = ovpn + else: + vpn_command = "openvpn" + + command.append(vpn_command) daemon_mode = not debug @@ -291,6 +326,7 @@ def build_ovpn_command(config, debug=False): command.append(opt) # XXX check len and raise proper error + return [command[0], command[1:]] -- cgit v1.2.3 From 6ce22c7ebd293550473bfa5453a2f720dffad3e8 Mon Sep 17 00:00:00 2001 From: antialias Date: Tue, 21 Aug 2012 13:46:01 -0700 Subject: minor pep8 clean up. --- src/leap/eip/config.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src/leap/eip/config.py') diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py index a219fedb..e0151e87 100644 --- a/src/leap/eip/config.py +++ b/src/leap/eip/config.py @@ -403,14 +403,14 @@ def check_vpn_keys(config): check_and_fix_urw_only(keyfile) except OSError: raise EIPInitBadKeyFilePermError - - + + def get_config_json(config_file=None): """ will replace get_config function be developing them in parralel for branch purposes. @param: configuration file - @type: file + @type: file @rparam: configuration turples @rtype: dictionary """ @@ -421,7 +421,7 @@ def get_config_json(config_file=None): if not os.path.isdir(dpath): mkdir_p(dpath) with open(fpath, 'wb') as configfile: - configfile.write() + configfile.flush() config_file = open(fpath) config = json.load(config_file) -- cgit v1.2.3 From 3bd45c8e1e020bebf041bc266c5092a41f944130 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 22 Aug 2012 07:05:39 +0900 Subject: removed dup exceptions --- src/leap/eip/config.py | 28 ---------------------------- 1 file changed, 28 deletions(-) (limited to 'src/leap/eip/config.py') diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py index 8c67a258..a1dc2764 100644 --- a/src/leap/eip/config.py +++ b/src/leap/eip/config.py @@ -13,34 +13,6 @@ from leap.baseapp.permcheck import (is_pkexec_in_system, logger = logging.getLogger(name=__name__) logger.setLevel('DEBUG') -# XXX move exceptions: -# from leap.eip import exceptions as eip_exceptions - - -class EIPNoPkexecAvailable(Exception): - pass - - -class EIPNoPolkitAuthAgentAvailable(Exception): - pass - - -class EIPInitNoProviderError(Exception): - pass - - -class EIPInitBadProviderError(Exception): - pass - - -class EIPInitNoKeyFileError(Exception): - pass - - -class EIPInitBadKeyFilePermError(Exception): - pass - - OPENVPN_CONFIG_TEMPLATE = """#Autogenerated by eip-client wizard remote {VPN_REMOTE_HOST} {VPN_REMOTE_PORT} -- cgit v1.2.3 From 83ac2efaa10de68f7fd35189f6cf272b03d60a30 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 22 Aug 2012 07:46:51 +0900 Subject: fix exceptions location --- src/leap/eip/config.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'src/leap/eip/config.py') diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py index c77bb142..f38268e2 100644 --- a/src/leap/eip/config.py +++ b/src/leap/eip/config.py @@ -10,6 +10,7 @@ from leap.util.fileutil import (which, mkdir_p, check_and_fix_urw_only) from leap.baseapp.permcheck import (is_pkexec_in_system, is_auth_agent_running) +from leap.eip import exceptions as eip_exceptions logger = logging.getLogger(name=__name__) logger.setLevel('DEBUG') @@ -122,7 +123,7 @@ def check_or_create_default_vpnconf(config): except socket.error: # this does not look like an ip, dave - raise EIPInitBadProviderError + raise eip_exceptions.EIPInitBadProviderError if config.has_option('provider', 'remote_port'): remote_port = config.get('provider', @@ -265,7 +266,7 @@ def build_ovpn_command(config, debug=False, do_pkexec_check=True): if not is_pkexec_in_system(): logger.error('no pkexec in system') - raise EIPNoPkexecAvailable + raise eip_exceptions.EIPNoPkexecAvailable if not is_auth_agent_running(): logger.warning( @@ -273,7 +274,7 @@ def build_ovpn_command(config, debug=False, do_pkexec_check=True): "pkexec will use its own text " "based authentication agent. " "that's probably a bad idea") - raise EIPNoPolkitAuthAgentAvailable + raise eip_exceptions.EIPNoPolkitAuthAgentAvailable command.append('pkexec') @@ -410,7 +411,7 @@ def check_vpn_keys(config): try: check_and_fix_urw_only(keyfile) except OSError: - raise EIPInitBadKeyFilePermError + raise eip_exceptions.EIPInitBadKeyFilePermError def get_config_json(config_file=None): -- cgit v1.2.3