def bootstrap(self, provider):
"""
Second stage of bootstrapping for a provider.
:param provider: URL for the provider
:type provider: unicode
:returns: the defer for the operation running in a thread.
:rtype: twisted.internet.defer.Deferred
"""
d = None
config = ProviderConfig.get_provider_config(provider)
self._provider_config = config
if config is not None:
d = self._provider_bootstrapper.run_provider_setup_checks(
config, download_if_needed=True)
else:
if self._signaler is not None:
self._signaler.signal(
self._signaler.prov_problem_with_provider)
logger.error("Could not load provider configuration.")
self._login_widget.set_enabled(True)
if d is None:
d = defer.Deferred()
return d
def start_smtp_service(self, keymanager, userid, download_if_needed=False):
"""
Starts the SMTP service.
:param keymanager: a transparent proxy that eventually will point to a
Keymanager Instance.
:type keymanager: zope.proxy.ProxyBase
:param userid: the user id, in the form "user@provider"
:type userid: str
:param download_if_needed: True if it should check for mtime
for the file
:type download_if_needed: bool
"""
try:
username, domain = userid.split('@')
except ValueError:
logger.critical("Malformed userid parameter!")
raise MalformedUserId()
self._provider_config = ProviderConfig.get_provider_config(domain)
self._keymanager = keymanager
self._smtp_config = SMTPConfig()
self._userid = userid
self._download_if_needed = download_if_needed
try:
self._download_config_and_cert()
logger.debug("Starting SMTP service.")
self._start_smtp_service()
except NoSMTPHosts:
logger.warning("There is no SMTP host to use.")
except Exception as e:
# TODO: we should handle more specific exceptions in here
logger.exception("Error while bootstrapping SMTP: %r" % (e, ))
def bootstrap(self, provider):
"""
Second stage of bootstrapping for a provider.
:param provider: URL for the provider
:type provider: unicode
:returns: the defer for the operation running in a thread.
:rtype: twisted.internet.defer.Deferred
"""
d = None
config = ProviderConfig.get_provider_config(provider)
self._provider_config = config
if config is not None:
d = self._provider_bootstrapper.run_provider_setup_checks(
config, download_if_needed=True)
else:
if self._signaler is not None:
self._signaler.signal(
self._signaler.prov_problem_with_provider)
logger.error("Could not load provider configuration.")
self._login_widget.set_enabled(True)
if d is None:
d = defer.Deferred()
return d
def nextId(self):
"""
Sets the next page id for the wizard based on wether the user
wants to register a new identity or uses an existing one
"""
if self.currentPage() == self.page(self.INTRO_PAGE):
self._show_register = self.ui.rdoRegister.isChecked()
if self.currentPage() == self.page(self.SETUP_PROVIDER_PAGE):
if self._show_register:
return self.REGISTER_USER_PAGE
else:
return self.SERVICES_PAGE
if self.currentPage() == self.page(self.SELECT_PROVIDER_PAGE):
if self._use_existing_provider:
self._domain = self.ui.cbProviders.currentText()
self._provider_config = ProviderConfig.get_provider_config(
self._domain)
if self._show_register:
return self.REGISTER_USER_PAGE
else:
return self.SERVICES_PAGE
return QtGui.QWizard.nextId(self)
def bootstrap(self, username, domain, password):
"""
Bootstrap Soledad with the user credentials.
Signals:
soledad_download_config
soledad_gen_key
:param user: user's login
:type user: unicode
:param domain: the domain that we are using.
:type domain: unicode
:param password: user's password
:type password: unicode
"""
provider_config = ProviderConfig.get_provider_config(domain)
if provider_config is not None:
self._soledad_defer = threads.deferToThread(
self._soledad_bootstrapper.run_soledad_setup_checks,
provider_config, username, password,
download_if_needed=True)
self._soledad_defer.addCallback(self._set_proxies_cb)
else:
if self._signaler is not None:
self._signaler.signal(self._signaler.SOLEDAD_BOOTSTRAP_FAILED)
logger.error("Could not load provider configuration.")
return self._soledad_defer
def setup_eip(self, domain, skip_network=False):
"""
Initiate the setup for a provider
:param domain: URL for the provider
:type domain: unicode
:param skip_network: Whether checks that involve network should be done
or not
:type skip_network: bool
:returns: the defer for the operation running in a thread.
:rtype: twisted.internet.defer.Deferred
"""
config = ProviderConfig.get_provider_config(domain)
self._provider_config = config
if config is not None:
if skip_network:
return defer.Deferred()
eb = self._eip_bootstrapper
d = eb.run_eip_setup_checks(self._provider_config,
download_if_needed=True)
self._eip_setup_defer = d
return d
else:
raise Exception("No provider setup loaded")
def bootstrap(self, username, domain, password):
"""
Bootstrap Soledad with the user credentials.
Signals:
soledad_download_config
soledad_gen_key
:param user: user's login
:type user: unicode
:param domain: the domain that we are using.
:type domain: unicode
:param password: user's password
:type password: unicode
"""
provider_config = ProviderConfig.get_provider_config(domain)
if provider_config is not None:
sb = self._soledad_bootstrapper
self._soledad_defer = sb.run_soledad_setup_checks(
provider_config, username, password, download_if_needed=True)
self._soledad_defer.addCallback(self._set_proxies_cb)
else:
if self._signaler is not None:
self._signaler.signal(self._signaler.soledad_bootstrap_failed)
logger.error("Could not load provider configuration.")
return self._soledad_defer
def _populate_gateways(self, domain):
"""
SLOT
TRIGGERS:
self.ui.cbProvidersGateway.currentIndexChanged[unicode]
Loads the gateways that the provider provides into the UI for
the user to select.
:param domain: the domain of the provider to load gateways from.
:type domain: str
"""
# We hide the maybe-visible status label after a change
self.ui.lblProvidersGatewayStatus.setVisible(False)
if not domain:
return
try:
# disconnect previously connected save method
self.ui.pbSaveGateway.clicked.disconnect()
except RuntimeError:
pass # Signal was not connected
# set the proper connection for the 'save' button
save_gateway = partial(self._save_selected_gateway, domain)
self.ui.pbSaveGateway.clicked.connect(save_gateway)
eip_config = EIPConfig()
provider_config = ProviderConfig.get_provider_config(domain)
eip_config_path = os.path.join("leap", "providers",
domain, "eip-service.json")
api_version = provider_config.get_api_version()
eip_config.set_api_version(api_version)
eip_loaded = eip_config.load(eip_config_path)
if not eip_loaded or provider_config is None:
self._set_providers_gateway_status(
self.tr("There was a problem with configuration files."),
error=True)
return
gateways = VPNGatewaySelector(eip_config).get_gateways_list()
logger.debug(gateways)
self.ui.cbGateways.clear()
self.ui.cbGateways.addItem(self.AUTOMATIC_GATEWAY_LABEL)
# Add the available gateways and
# select the one stored in configuration file.
selected_gateway = self._settings.get_selected_gateway(domain)
index = 0
for idx, (gw_name, gw_ip) in enumerate(gateways):
gateway = "{0} ({1})".format(gw_name, gw_ip)
self.ui.cbGateways.addItem(gateway, gw_ip)
if gw_ip == selected_gateway:
index = idx + 1
self.ui.cbGateways.setCurrentIndex(index)
def bootstrap(self, username, domain, password):
"""
Bootstrap Soledad with the user credentials.
Signals:
soledad_download_config
soledad_gen_key
:param user: user's login
:type user: unicode
:param domain: the domain that we are using.
:type domain: unicode
:param password: user's password
:type password: unicode
"""
provider_config = ProviderConfig.get_provider_config(domain)
if provider_config is not None:
sb = self._soledad_bootstrapper
self._soledad_defer = sb.run_soledad_setup_checks(
provider_config, username, password,
download_if_needed=True)
self._soledad_defer.addCallback(self._set_proxies_cb)
self._soledad_defer.addCallback(self._set_service_tokens_cb)
self._soledad_defer.addCallback(self._write_tokens_file,
username, domain)
else:
if self._signaler is not None:
self._signaler.signal(self._signaler.soledad_bootstrap_failed)
logger.error("Could not load provider configuration.")
return self._soledad_defer
def setup_eip(self, domain, skip_network=False):
"""
Initiate the setup for a provider
:param domain: URL for the provider
:type domain: unicode
:param skip_network: Whether checks that involve network should be done
or not
:type skip_network: bool
:returns: the defer for the operation running in a thread.
:rtype: twisted.internet.defer.Deferred
"""
config = ProviderConfig.get_provider_config(domain)
self._provider_config = config
if config is not None:
if skip_network:
return defer.Deferred()
eb = self._eip_bootstrapper
d = eb.run_eip_setup_checks(self._provider_config,
download_if_needed=True)
self._eip_setup_defer = d
return d
else:
raise Exception("No provider setup loaded")
def register_user(self, domain, username, password):
"""
Register a user using the domain and password given as parameters.
:param domain: the domain we need to register the user.
:type domain: unicode
:param username: the user name
:type username: unicode
:param password: the password for the username
:type password: unicode
:returns: the defer for the operation running in a thread.
:rtype: twisted.internet.defer.Deferred
"""
config = ProviderConfig.get_provider_config(domain)
self._provider_config = config
if config is not None:
srpregister = SRPRegister(signaler=self._signaler,
provider_config=config)
return threads.deferToThread(
partial(srpregister.register_user, username, password))
else:
if self._signaler is not None:
self._signaler.signal(self._signaler.srp_registration_failed)
logger.error("Could not load provider configuration.")
def register_user(self, domain, username, password):
"""
Register a user using the domain and password given as parameters.
:param domain: the domain we need to register the user.
:type domain: unicode
:param username: the user name
:type username: unicode
:param password: the password for the username
:type password: unicode
:returns: the defer for the operation running in a thread.
:rtype: twisted.internet.defer.Deferred
"""
config = ProviderConfig.get_provider_config(domain)
self._provider_config = config
if config is not None:
srpregister = SRPRegister(signaler=self._signaler,
provider_config=config)
return threads.deferToThread(
partial(srpregister.register_user, username, password))
else:
if self._signaler is not None:
self._signaler.signal(self._signaler.srp_registration_failed)
logger.error("Could not load provider configuration.")
def start_smtp_service(self, keymanager, userid, download_if_needed=False):
"""
Starts the SMTP service.
:param keymanager: a transparent proxy that eventually will point to a
Keymanager Instance.
:type keymanager: zope.proxy.ProxyBase
:param userid: the user id, in the form "user@provider"
:type userid: str
:param download_if_needed: True if it should check for mtime
for the file
:type download_if_needed: bool
"""
try:
username, domain = userid.split('@')
except ValueError:
logger.critical("Malformed userid parameter!")
raise MalformedUserId()
self._provider_config = ProviderConfig.get_provider_config(domain)
self._keymanager = keymanager
self._smtp_config = SMTPConfig()
self._userid = userid
self._download_if_needed = download_if_needed
try:
self._download_config_and_cert()
logger.debug("Starting SMTP service.")
self._start_smtp_service()
except NoSMTPHosts:
logger.warning("There is no SMTP host to use.")
except Exception as e:
# TODO: we should handle more specific exceptions in here
logger.exception("Error while bootstrapping SMTP: %r" % (e, ))
def _get_services(self, domain):
"""
Returns a list of services provided by the given provider.
:param domain: the provider to get the services from.
:type domain: str
:rtype: list of str
"""
services = []
provider_config = ProviderConfig.get_provider_config(domain)
if provider_config is not None:
services = provider_config.get_services()
return services
def _get_services(self, domain):
"""
Returns a list of services provided by the given provider.
:param domain: the provider to get the services from.
:type domain: str
:rtype: list of str
"""
services = []
provider_config = ProviderConfig.get_provider_config(domain)
if provider_config is not None:
services = provider_config.get_services()
return services
def _can_start(self, domain):
"""
Returns True if it has everything that is needed to run EIP,
False otherwise
:param domain: the domain for the provider to check
:type domain: str
"""
if IS_LINUX and not LinuxPolicyChecker.is_up():
logger.error("No polkit agent running.")
return False
provider_config = ProviderConfig.get_provider_config(domain)
if EIP_SERVICE not in provider_config.get_services():
return False
eip_config = eipconfig.EIPConfig()
api_version = provider_config.get_api_version()
eip_config.set_api_version(api_version)
eip_loaded = eip_config.load(eipconfig.get_eipconfig_path(domain))
launcher = get_vpn_launcher()
ovpn_path = force_eval(launcher.OPENVPN_BIN_PATH)
if not os.path.isfile(ovpn_path):
logger.error("Cannot start OpenVPN, binary not found: %s" %
(ovpn_path,))
return False
# check for other problems
if not eip_loaded or provider_config is None:
logger.error("Cannot load provider and eip config, cannot "
"autostart")
return False
client_cert_path = eip_config.\
get_client_cert_path(provider_config, about_to_download=True)
if leap_certs.should_redownload(client_cert_path):
logger.error("The client should redownload the certificate,"
" cannot autostart")
return False
if not os.path.isfile(client_cert_path):
logger.error("Can't find the certificate, cannot autostart")
return False
return True
def _can_start(self, domain):
"""
Returns True if it has everything that is needed to run EIP,
False otherwise
:param domain: the domain for the provider to check
:type domain: str
"""
if not LinuxPolicyChecker.is_up():
logger.error("No polkit agent running.")
return False
eip_config = eipconfig.EIPConfig()
provider_config = ProviderConfig.get_provider_config(domain)
api_version = provider_config.get_api_version()
eip_config.set_api_version(api_version)
eip_loaded = eip_config.load(eipconfig.get_eipconfig_path(domain))
launcher = get_vpn_launcher()
ovpn_path = force_eval(launcher.OPENVPN_BIN_PATH)
if not os.path.isfile(ovpn_path):
logger.error("Cannot start OpenVPN, binary not found: %s" %
(ovpn_path, ))
return False
# check for other problems
if not eip_loaded or provider_config is None:
logger.error("Cannot load provider and eip config, cannot "
"autostart")
return False
client_cert_path = eip_config.\
get_client_cert_path(provider_config, about_to_download=True)
if leap_certs.should_redownload(client_cert_path):
logger.error("The client should redownload the certificate,"
" cannot autostart")
return False
if not os.path.isfile(client_cert_path):
logger.error("Can't find the certificate, cannot autostart")
return False
return True
def get_gateway_country_code(self, domain):
"""
Signal the country code for the currently used gateway for the given
provider.
:param domain: the domain to get country code.
:type domain: str
Signals:
eip_get_gateway_country_code -> str
eip_no_gateway
"""
settings = Settings()
eip_config = eipconfig.EIPConfig()
provider_config = ProviderConfig.get_provider_config(domain)
api_version = provider_config.get_api_version()
eip_config.set_api_version(api_version)
eip_config.load(eipconfig.get_eipconfig_path(domain))
gateway_selector = eipconfig.VPNGatewaySelector(eip_config)
gateway_conf = settings.get_selected_gateway(domain)
if gateway_conf == GATEWAY_AUTOMATIC:
gateways = gateway_selector.get_gateways()
else:
gateways = [gateway_conf]
if not gateways:
self._signaler.signal(self._signaler.eip_no_gateway)
return
# this only works for selecting the first gateway, as we're
# currently doing.
ccodes = gateway_selector.get_gateways_country_code()
gateway_ccode = '' # '' instead of None due to needed signal argument
if ccodes is not None:
gateway_ccode = ccodes[gateways[0]]
self._signaler.signal(self._signaler.eip_get_gateway_country_code,
gateway_ccode)
def get_gateway_country_code(self, domain):
"""
Signal the country code for the currently used gateway for the given
provider.
:param domain: the domain to get country code.
:type domain: str
Signals:
eip_get_gateway_country_code -> str
eip_no_gateway
"""
settings = Settings()
eip_config = eipconfig.EIPConfig()
provider_config = ProviderConfig.get_provider_config(domain)
api_version = provider_config.get_api_version()
eip_config.set_api_version(api_version)
eip_config.load(eipconfig.get_eipconfig_path(domain))
gateway_selector = eipconfig.VPNGatewaySelector(eip_config)
gateway_conf = settings.get_selected_gateway(domain)
if gateway_conf == GATEWAY_AUTOMATIC:
gateways = gateway_selector.get_gateways()
else:
gateways = [gateway_conf]
if not gateways:
self._signaler.signal(self._signaler.eip_no_gateway)
return
# this only works for selecting the first gateway, as we're
# currently doing.
ccodes = gateway_selector.get_gateways_country_code()
gateway_ccode = '' # '' instead of None due to needed signal argument
if ccodes is not None:
gateway_ccode = ccodes[gateways[0]]
self._signaler.signal(self._signaler.eip_get_gateway_country_code,
gateway_ccode)
def get_gateways_list(self, domain):
"""
Signal a list of gateways for the given provider.
:param domain: the domain to get the gateways.
:type domain: str
Signals:
eip_get_gateways_list -> list of unicode
eip_get_gateways_list_error
eip_uninitialized_provider
"""
if not self._provider_is_initialized(domain):
if self._signaler is not None:
self._signaler.signal(
self._signaler.eip_uninitialized_provider)
return
provider_config = ProviderConfig.get_provider_config(domain)
if EIP_SERVICE not in provider_config.get_services():
return
eip_config = eipconfig.EIPConfig()
api_version = provider_config.get_api_version()
eip_config.set_api_version(api_version)
eip_loaded = eip_config.load(eipconfig.get_eipconfig_path(domain))
# check for other problems
if not eip_loaded or provider_config is None:
if self._signaler is not None:
self._signaler.signal(
self._signaler.eip_get_gateways_list_error)
return
gateways = eipconfig.VPNGatewaySelector(eip_config).get_gateways_list()
if self._signaler is not None:
self._signaler.signal(
self._signaler.eip_get_gateways_list, gateways)
def login(self, domain, username, password):
"""
Execute the whole authentication process for a user
:param domain: the domain where we need to authenticate.
:type domain: unicode
:param username: username for this session
:type username: str
:param password: password for this user
:type password: str
:returns: the defer for the operation running in a thread.
:rtype: twisted.internet.defer.Deferred
"""
config = ProviderConfig.get_provider_config(domain)
if config is not None:
self._srp_auth = SRPAuth(config, self._signaler)
self._login_defer = self._srp_auth.authenticate(username, password)
return self._login_defer
else:
if self._signaler is not None:
self._signaler.signal(self._signaler.srp_auth_error)
logger.error("Could not load provider configuration.")
def login(self, domain, username, password):
"""
Execute the whole authentication process for a user
:param domain: the domain where we need to authenticate.
:type domain: unicode
:param username: username for this session
:type username: str
:param password: password for this user
:type password: str
:returns: the defer for the operation running in a thread.
:rtype: twisted.internet.defer.Deferred
"""
config = ProviderConfig.get_provider_config(domain)
if config is not None:
self._srp_auth = SRPAuth(config, self._signaler)
self._login_defer = self._srp_auth.authenticate(username, password)
return self._login_defer
else:
if self._signaler is not None:
self._signaler.signal(self._signaler.srp_auth_error)
logger.error("Could not load provider configuration.")
def get_gateways_list(self, domain):
"""
Signal a list of gateways for the given provider.
:param domain: the domain to get the gateways.
:type domain: str
Signals:
eip_get_gateways_list -> list of unicode
eip_get_gateways_list_error
eip_uninitialized_provider
"""
if not self._provider_is_initialized(domain):
if self._signaler is not None:
self._signaler.signal(
self._signaler.EIP_UNINITIALIZED_PROVIDER)
return
eip_config = eipconfig.EIPConfig()
provider_config = ProviderConfig.get_provider_config(domain)
api_version = provider_config.get_api_version()
eip_config.set_api_version(api_version)
eip_loaded = eip_config.load(eipconfig.get_eipconfig_path(domain))
# check for other problems
if not eip_loaded or provider_config is None:
if self._signaler is not None:
self._signaler.signal(
self._signaler.EIP_GET_GATEWAYS_LIST_ERROR)
return
gateways = eipconfig.VPNGatewaySelector(eip_config).get_gateways_list()
if self._signaler is not None:
self._signaler.signal(
self._signaler.EIP_GET_GATEWAYS_LIST, gateways)
def get_gateways_list(self, domain):
"""
Signal a list of gateways for the given provider.
:param domain: the domain to get the gateways.
:type domain: str
Signals:
eip_get_gateways_list -> list of unicode
eip_get_gateways_list_error
eip_uninitialized_provider
"""
if not self._provider_is_initialized(domain):
if self._signaler is not None:
self._signaler.signal(
self._signaler.eip_uninitialized_provider)
return
eip_config = eipconfig.EIPConfig()
provider_config = ProviderConfig.get_provider_config(domain)
api_version = provider_config.get_api_version()
eip_config.set_api_version(api_version)
eip_loaded = eip_config.load(eipconfig.get_eipconfig_path(domain))
# check for other problems
if not eip_loaded or provider_config is None:
if self._signaler is not None:
self._signaler.signal(
self._signaler.eip_get_gateways_list_error)
return
gateways = eipconfig.VPNGatewaySelector(eip_config).get_gateways_list()
if self._signaler is not None:
self._signaler.signal(self._signaler.eip_get_gateways_list,
gateways)
