def buildInterface(self, config):
fqdn_tooltip = tr("IP address, FQDN or Hostname")
self.controller_ip = QLineEdit()
self.texts.add(self.controller_ip)
self.connect(self.controller_ip, SIGNAL('textChanged(QString)'), self.setControllerIp)
self.form.addRow(tr('Authentication server'), self.controller_ip)
self.controller_ip.setToolTip(help_ps_tooltip)
self.connect(self.controller_ip, SIGNAL('returnPressed()'), self.signalModified)
self.ps_message_area = MessageArea()
self.empty_ps_label = QLabel()
self.form.addRow(self.empty_ps_label, self.ps_message_area)
self.empty_ps_label.hide()
self.ps_message_area.hide()
self.ps_message_area.setMessage(help_ps_title, help_ps_message_area)
self.wins_ip = IpOrHostnameOrFqdnEdit(accept_empty=True)
self.texts.add(self.wins_ip)
self.connect(self.wins_ip, SIGNAL('textChanged(QString)'), self.setWinsIp)
self.form.addRow(tr('WINS server (optional)'), self.wins_ip)
self.wins_ip.setToolTip(
"%s\n%s" % (
fqdn_tooltip, tr("This field is useful if the AD and EdenWall appliances don't share the same subnet")
)
)
self.connect(self.wins_ip, SIGNAL('returnPressed()'), self.signalModified)
for args in (
('domain', tr('Active Directory Domain'), self.setDomain),
('dns_domain', tr('Active Directory DNS Domain (if different from the AD domain)'), self.setDNSDomain),
('workgroup', tr('Workgroup (optional)'), self.setWorkgroup)
):
setattr(self, args[0], self.addTextInput(*args[1:]))
#flagWriteAccess(text_input)
self.netbios_name = QLabel()
self.form.addRow(tr("Netbios name"), self.netbios_name)
for args in (
('user', tr('Name used to join the domain'), self.setUser),
('password', tr('Password used to join the domain'), self.setPassword, False)
):
setattr(self, args[0], self.addTextInput(*args[1:]))
#flagWriteAccess(text_input)
#flagWriteAccess(password_server)
self.connect(self.controller_ip, SIGNAL('textEdited(QString)'), self.helpPS)
self.connect(self.controller_ip, SIGNAL('editingFinished()'), self.noHelpPS)
self.ad_status = ADStatus()
self.form.addRow('', self.ad_status)
def _buildGui(self):
frame = QFrame()
layout = QVBoxLayout(frame)
layout.addWidget(QLabel(tr("<H1>Mobile VPN</H1>")))
self.activation_box = QGroupBox(tr("Feature Activation"))
self.activation = QGridLayout(self.activation_box)
# enabled checkbox:
self.enabledCheckBox = QCheckBox()
self.mainwindow.writeAccessNeeded(self.enabledCheckBox)
self.connect(self.enabledCheckBox, SIGNAL('toggled(bool)'),
self.setEnabled)
self.enabledLabel = QLabel(tr('Enable Mobile VPN'))
self.activation.addWidget(self.enabledLabel, 0, 0)
self.activation.addWidget(self.enabledCheckBox, 0, 1)
layout.addWidget(self.activation_box)
options_box = QGroupBox(tr("Network Configuration"))
options = QFormLayout(options_box)
self.serverIpEdit = IpOrHostnameOrFqdnEdit()
self.connect(self.serverIpEdit, SIGNAL('editingFinished()'),
self.setServer)
self.protocolComboBox = QComboBox()
self.protocolComboBox.addItem('tcp')
self.protocolComboBox.addItem('udp')
self.connect(self.protocolComboBox,
SIGNAL('currentIndexChanged(QString)'), self.setProtocol)
self.portEdit = PortEdit()
self.connect(self.portEdit, SIGNAL('editingFinished()'), self.setPort)
self.clientNetNetworkEdit = NetworkEdit()
self.connect(self.clientNetNetworkEdit, SIGNAL('editingFinished()'),
self.setClientNetwork)
self.redirectCheckBox = QCheckBox()
self.connect(self.redirectCheckBox, SIGNAL('toggled(bool)'),
self.setRedirect)
options.addRow(tr("Server public address (for client configuration)"),
self.serverIpEdit)
options.addRow(tr("Protocol"), self.protocolComboBox)
options.addRow(tr("Port"), self.portEdit)
options.addRow(tr("Virtual network address of VPN clients"), self.clientNetNetworkEdit)
options.addRow(tr("Redirect default gateway through the VPN"),
self.redirectCheckBox)
self.pushed_routes = self._mkPushedRoutes(5)
options.addRow(QLabel(tr("This VPN's routed networks")))
options.addRow(self.pushed_routes)
self.connect(self.pushed_routes, SIGNAL('textChanged()'), self.setModified)
self.connect(self.pushed_routes, SIGNAL('textChanged()'), self.setPushedRoutes)
layout.addWidget(options_box)
self.pki_embed = PkiEmbedWidget(self.client, self, "openvpn", PkiEmbedWidget.SHOW_ALL | PkiEmbedWidget.CRL_OPTIONAL, self.setModified)
layout.addWidget(self.pki_embed)
self.mainwindow.writeAccessNeeded(
self.serverIpEdit, self.protocolComboBox, self.portEdit,
self.clientNetNetworkEdit, self.redirectCheckBox,
self.pushed_routes, self.pki_embed)
getClientConfigButton = QPushButton(tr('Get client configuration'))
self.connect(getClientConfigButton, SIGNAL('clicked()'),
self.getClientConfig)
layout.addWidget(getClientConfigButton)
layout.addStretch()
self.setWidget(frame)
self.setWidgetResizable(True)
class ADBaseWidget(DirectoryWidget):
def __init__(self, config, specific_config, mainwindow, parent=None):
DirectoryWidget.__init__(self, config, specific_config, mainwindow, parent=None)
self.qhostname_object = QHostnameObject.getInstance()
self.buildInterface(config)
self.updateView()
self._poll()
def register_qobjects(self):
self.qhostname_object.registerCallbacks(
self.acceptHostnameChange,
self.handleHostnameChange,
attach=self
)
def _poll(self):
self.ad_status.fetch_data(self.mainwindow.client)
timer = QTimer()
timer.setSingleShot(True)
timer.setInterval(20000) # ms
timer.start()
self.connect(timer, SIGNAL('timeout()'), self._poll)
self.connect(self, SIGNAL('destroyed()'), timer.stop)
def unregister_qobjects(self):
self.qhostname_object.forget(self)
def updateView(self, config=None):
if config is None:
config = self.specific_config
self.setText(self.controller_ip, config.controller_ip)
self.setDefaultText(self.user, config.user)
self.setDefaultText(self.password, config.password)
self.setDefaultText(self.workgroup, config.workgroup)
self.setDefaultText(self.domain, config.domain)
self.setDefaultText(self.dns_domain, config.dns_domain)
self.setText(self.wins_ip, config.wins_ip)
self.displayHostname()
def acceptHostnameChange(self):
button = QMessageBox.warning(
self,
tr("Hostname change"),
tr("Warning: this hostname change will cause the appliance to register again on Active Directory."),
QMessageBox.Cancel | QMessageBox.Ok
)
if button == QMessageBox.Ok:
self.signalModified()
return True
return False
def handleHostnameChange(self):
self.displayHostname()
def displayHostname(self):
self.netbios_name.setText(u"<b>%s</b>" % unicode(self.qhostname_object.hostnamecfg.hostname))
def buildInterface(self, config):
fqdn_tooltip = tr("IP address, FQDN or Hostname")
self.controller_ip = QLineEdit()
self.texts.add(self.controller_ip)
self.connect(self.controller_ip, SIGNAL('textChanged(QString)'), self.setControllerIp)
self.form.addRow(tr('Authentication server'), self.controller_ip)
self.controller_ip.setToolTip(help_ps_tooltip)
self.connect(self.controller_ip, SIGNAL('returnPressed()'), self.signalModified)
self.ps_message_area = MessageArea()
self.empty_ps_label = QLabel()
self.form.addRow(self.empty_ps_label, self.ps_message_area)
self.empty_ps_label.hide()
self.ps_message_area.hide()
self.ps_message_area.setMessage(help_ps_title, help_ps_message_area)
self.wins_ip = IpOrHostnameOrFqdnEdit(accept_empty=True)
self.texts.add(self.wins_ip)
self.connect(self.wins_ip, SIGNAL('textChanged(QString)'), self.setWinsIp)
self.form.addRow(tr('WINS server (optional)'), self.wins_ip)
self.wins_ip.setToolTip(
"%s\n%s" % (
fqdn_tooltip, tr("This field is useful if the AD and EdenWall appliances don't share the same subnet")
)
)
self.connect(self.wins_ip, SIGNAL('returnPressed()'), self.signalModified)
for args in (
('domain', tr('Active Directory Domain'), self.setDomain),
('dns_domain', tr('Active Directory DNS Domain (if different from the AD domain)'), self.setDNSDomain),
('workgroup', tr('Workgroup (optional)'), self.setWorkgroup)
):
setattr(self, args[0], self.addTextInput(*args[1:]))
#flagWriteAccess(text_input)
self.netbios_name = QLabel()
self.form.addRow(tr("Netbios name"), self.netbios_name)
for args in (
('user', tr('Name used to join the domain'), self.setUser),
('password', tr('Password used to join the domain'), self.setPassword, False)
):
setattr(self, args[0], self.addTextInput(*args[1:]))
#flagWriteAccess(text_input)
#flagWriteAccess(password_server)
self.connect(self.controller_ip, SIGNAL('textEdited(QString)'), self.helpPS)
self.connect(self.controller_ip, SIGNAL('editingFinished()'), self.noHelpPS)
self.ad_status = ADStatus()
self.form.addRow('', self.ad_status)
def helpPS(self, text):
self.ps_message_area.show()
def noHelpPS(self):
self.controller_ip.setText(
unicode(
self.controller_ip.text()
).strip()
)
self.ps_message_area.hide()
def setControllerIp(self, server):
self.specific_config.controller_ip = unicode(server).strip()
self.signalModified()
def setWinsIp(self, server):
self.specific_config.wins_ip = unicode(server)
self.signalModified()
def setDomain(self, domain):
self.specific_config.domain = domain
def setDNSDomain(self, domain):
self.specific_config.dns_domain = domain
def setUser(self, user):
self.specific_config.user = user
def setPassword(self, password):
self.specific_config.password = password
def setWorkgroup(self, workgroup):
self.specific_config.workgroup = workgroup
def signalModified(self):
self.config.org = self.specific_config
DirectoryWidget.signalModified(self)
class RoadWarriorFrontend(ScrollArea):
COMPONENT = 'openvpn'
LABEL = tr('Mobile VPN')
REQUIREMENTS = ('openvpn',)
ICON = ':/icons/vpn.png'
def __init__(self, client, parent):
ScrollArea.__init__(self)
if not EDENWALL:
raise NuConfModuleDisabled("Roadwarrior")
self.loaded_done = False
self.mainwindow = parent
self.client = client
self.modified = False
self.error_message = ''
self._buildGui()
self.qopenvpnobject = QOpenVpnObject.getInstance()
self.qopenvpnobject.openvpn = self.client.call('openvpn',
'getOpenVpnConfig')
# FIXME: Remove isValid() or call it more even?
self.isValid()
self.resetConf()
def _buildGui(self):
frame = QFrame()
layout = QVBoxLayout(frame)
layout.addWidget(QLabel(tr("<H1>Mobile VPN</H1>")))
self.activation_box = QGroupBox(tr("Feature Activation"))
self.activation = QGridLayout(self.activation_box)
# enabled checkbox:
self.enabledCheckBox = QCheckBox()
self.mainwindow.writeAccessNeeded(self.enabledCheckBox)
self.connect(self.enabledCheckBox, SIGNAL('toggled(bool)'),
self.setEnabled)
self.enabledLabel = QLabel(tr('Enable Mobile VPN'))
self.activation.addWidget(self.enabledLabel, 0, 0)
self.activation.addWidget(self.enabledCheckBox, 0, 1)
layout.addWidget(self.activation_box)
options_box = QGroupBox(tr("Network Configuration"))
options = QFormLayout(options_box)
self.serverIpEdit = IpOrHostnameOrFqdnEdit()
self.connect(self.serverIpEdit, SIGNAL('editingFinished()'),
self.setServer)
self.protocolComboBox = QComboBox()
self.protocolComboBox.addItem('tcp')
self.protocolComboBox.addItem('udp')
self.connect(self.protocolComboBox,
SIGNAL('currentIndexChanged(QString)'), self.setProtocol)
self.portEdit = PortEdit()
self.connect(self.portEdit, SIGNAL('editingFinished()'), self.setPort)
self.clientNetNetworkEdit = NetworkEdit()
self.connect(self.clientNetNetworkEdit, SIGNAL('editingFinished()'),
self.setClientNetwork)
self.redirectCheckBox = QCheckBox()
self.connect(self.redirectCheckBox, SIGNAL('toggled(bool)'),
self.setRedirect)
options.addRow(tr("Server public address (for client configuration)"),
self.serverIpEdit)
options.addRow(tr("Protocol"), self.protocolComboBox)
options.addRow(tr("Port"), self.portEdit)
options.addRow(tr("Virtual network address of VPN clients"), self.clientNetNetworkEdit)
options.addRow(tr("Redirect default gateway through the VPN"),
self.redirectCheckBox)
self.pushed_routes = self._mkPushedRoutes(5)
options.addRow(QLabel(tr("This VPN's routed networks")))
options.addRow(self.pushed_routes)
self.connect(self.pushed_routes, SIGNAL('textChanged()'), self.setModified)
self.connect(self.pushed_routes, SIGNAL('textChanged()'), self.setPushedRoutes)
layout.addWidget(options_box)
self.pki_embed = PkiEmbedWidget(self.client, self, "openvpn", PkiEmbedWidget.SHOW_ALL | PkiEmbedWidget.CRL_OPTIONAL, self.setModified)
layout.addWidget(self.pki_embed)
self.mainwindow.writeAccessNeeded(
self.serverIpEdit, self.protocolComboBox, self.portEdit,
self.clientNetNetworkEdit, self.redirectCheckBox,
self.pushed_routes, self.pki_embed)
getClientConfigButton = QPushButton(tr('Get client configuration'))
self.connect(getClientConfigButton, SIGNAL('clicked()'),
self.getClientConfig)
layout.addWidget(getClientConfigButton)
layout.addStretch()
self.setWidget(frame)
self.setWidgetResizable(True)
def _mkPushedRoutes(self, lines):
pushed_routes = NetworkListEdit()
pushed_routes.setMaximumHeight(
pushed_routes.fontMetrics().height() * lines
)
return pushed_routes
def loaded(self):
self.loaded_done = True
def isLoaded(self):
return self.loaded_done
def isModified(self):
return self.modified
def isValid(self):
valid, msg = self.qopenvpnobject.openvpn.isValidWithMsg()
if msg is not None:
self.error_message = msg
cert_validity = self.pki_embed.validate()
if cert_validity is not None:
if msg is None:
self.error_message = ''
self.error_message += '<br/>' + cert_validity + '<br/>'
self.mainwindow.addToInfoArea(cert_validity, category=COLOR_ERROR)
valid = False
return valid
def resetConf(self):
self.qopenvpnobject.openvpn = self.client.call('openvpn',
'getOpenVpnConfig')
self.serverIpEdit.setText(unicode(self.qopenvpnobject.openvpn.server))
self.portEdit.setText(unicode(self.qopenvpnobject.openvpn.port))
index = self.protocolComboBox.findText(
unicode(self.qopenvpnobject.openvpn.protocol))
if index != -1:
self.protocolComboBox.setCurrentIndex(index)
self.clientNetNetworkEdit.setText(
self.qopenvpnobject.openvpn.client_network)
for input_widget in (self.serverIpEdit, self.portEdit):
input_widget.validColor()
if self.qopenvpnobject.openvpn.enabled:
self.enabledCheckBox.setChecked(self.qopenvpnobject.openvpn.enabled)
self.redirectCheckBox.setChecked(self.qopenvpnobject.openvpn.redirect)
# Certificates configuration
ssl_conf = self.qopenvpnobject.openvpn.getSSLDict()
self.pki_embed.setConfig(ssl_conf)
pushed_routes = self.qopenvpnobject.openvpn.manual_pushed_routes
self.pushed_routes.clear()
for net in pushed_routes:
self.pushed_routes.append("%s\n" % net)
self.setModified(False)
def saveConf(self, message):
conf = self.pki_embed.getConfig()
self.qopenvpnobject.openvpn.setSSLDict(conf)
serialized = self.qopenvpnobject.openvpn.serialize(downgrade=True)
self.client.call("openvpn", 'setOpenVpnConfig', serialized, message)
def setModified(self, isModified=True, message=u""):
if isModified:
self.modified = True
self.mainwindow.setModified(self, True)
if message:
self.mainwindow.addToInfoArea(unicode(message))
if self.isLoaded():
self.qopenvpnobject.post_modify()
else:
self.modified = False
def error(self, message):
self.mainwindow.addToInfoArea(message, category=COLOR_ERROR)
def getClientConfig(self):
filename = QFileDialog.getSaveFileName(self, tr('Select a destination'),
QString(u'client.ovpn'))
if not filename:
return
async = self.client.async()
self.desc = tr('Client configuration')
async.call(
"openvpn", 'getClientConfig',
callback = self.successDiag,
errback = self.errorDiag,
callbackArgs=(filename, self.desc)
)
def successDiag(self, file_, filename, desc):
with open(filename, 'wb') as fd:
fd.write(decodeFileContent(file_))
self.mainwindow.addToInfoArea(tr("%s saved in '%s'.") % (desc,
filename))
def errorDiag(self, error):
self.mainwindow.addToInfoArea(tr("Fetching %s failed.") % self.desc)
warning = QMessageBox(self)
warning.setWindowTitle(tr('Fetching diagnostic failed'))
warning.setText(tr('An error has occurred while fetching %s.') %
self.desc)
warning.setDetailedText(exceptionAsUnicode(error))
warning.setIcon(QMessageBox.Warning)
warning.exec_()
def setEnabled(self, value):
if value != self.qopenvpnobject.openvpn.enabled:
self.qopenvpnobject.openvpn.setEnabled(value)
self.setModified()
def setServer(self):
value = self.serverIpEdit.text()
if value != self.qopenvpnobject.openvpn.server:
self.qopenvpnobject.openvpn.setServer(value)
self.setModified()
def setPort(self):
value = self.portEdit.text()
if value != self.qopenvpnobject.openvpn.port:
self.qopenvpnobject.openvpn.setPort(value)
self.setModified()
def setProtocol(self, value):
if value != self.qopenvpnobject.openvpn.protocol:
self.qopenvpnobject.openvpn.setProtocol(value)
self.setModified()
def setClientNetwork(self):
value = self.clientNetNetworkEdit.text()
if value != self.qopenvpnobject.openvpn.client_network:
self.qopenvpnobject.openvpn.setClientNetwork(value)
self.setModified()
def setRedirect(self, value):
if value != self.qopenvpnobject.openvpn.redirect:
self.qopenvpnobject.openvpn.setRedirect(value)
self.setModified()
#disable pushed_routes when redirecting default gw
enable = (not value) and (not self.mainwindow.isReadOnly())
self.pushed_routes.setEnabled(enable)
def setPushedRoutes(self):
if self.pushed_routes.isValid():
pushed_routes = tuple(self.pushed_routes.value())
self.qopenvpnobject.openvpn.manual_pushed_routes = pushed_routes
def onApplyFinished(self):
self.pki_embed.feed()
