Enables SUDO Preserve-Env fix for affected OSes automatically (only

Ubuntu/Debian)

openfortigui/debian/control

@@ -6,7 +6,7 @@ Build-Depends: debhelper (>= 8.0.0)
 
 Package: openfortigui
 Architecture: amd64 i386
-Depends: ${shlibs:Depends}, sudo, qttranslations5-l10n, ppp
+Depends: ${shlibs:Depends}, sudo, qttranslations5-l10n, ppp, lsb-release
 Conflicts:
 Replaces:
 Provides: openfortigui

openfortigui/mainwindow.cpp

@@ -171,6 +171,8 @@ MainWindow::MainWindow(QWidget *parent) :
 
     if(main_settings.getValue("gui/main_toolbar_location", 0).toInt() != 0)
         addToolBar(static_cast<Qt::ToolBarArea>(main_settings.getValue("gui/main_toolbar_location", 0).toInt()), this->ui->tbActions);
+
+    doOSChecks();
 }
 
 MainWindow::~MainWindow()
@@ -1155,6 +1157,41 @@ void MainWindow::autostartVPNs()
     }
 }
 
+void MainWindow::doOSChecks()
+{
+    tiConfMain main_settings;
+    QString osname = vpnHelper::getOSCodename();
+    if(osname.isEmpty())
+    {
+        qWarning() << "OS could not be detected, please make sure lsb-release is installed and 'lsb_release --codename -s' returns a valid string/codename, will not apply any OS fixes!";
+        return;
+    }
+
+    QList<QString> sudoPreEnvOSes;
+    sudoPreEnvOSes << "buster" << "bullseye" << "eoan" << "focal" << "groovy";
+    if(sudoPreEnvOSes.contains(osname))
+    {
+        // Check if we need to do work
+        if(main_settings.getValue("checks/sudopresenv", false).toBool() == false || main_settings.getValue("checks/sudopresenv_lastos", "").toString() != osname)
+        {
+            // Detected OS for SUDO-Preserve-Env fix
+            qDebug() << "Detected OS to enable SUDO-Preserve-Env fix, osname::" << osname;
+            main_settings.setValue("main/sudo_preserve_env", true);
+            main_settings.setValue("checks/sudopresenv", true);
+            main_settings.setValue("checks/sudopresenv_lastos", osname);
+            main_settings.sync();
+        }
+        else
+        {
+            qDebug() << "SUDO-Preserve-Env fix already applied";
+        }
+    }
+    else
+    {
+        qDebug() << "OS not affected by SUDO-Preserve-Env fix or no supported OS found, osname::" << osname;
+    }
+}
+
 QStandardItem *MainWindow::getVpnProfileItem(const QString &vpnname, int colum)
 {
     QStandardItem *retitem = 0;

openfortigui/mainwindow.h

@@ -115,6 +115,7 @@ private slots:
     void refreshVpnProfileList();
     void refreshVpnGroupList();
     void autostartVPNs();
+    void doOSChecks();
 
     QStandardItem *getVpnProfileItem(const QString &vpnname, int column);
 

openfortigui/ticonfmain.cpp

@@ -84,6 +84,7 @@ void tiConfMain::initMainConf()
         conf.setValue("paths/localvpngroups", openfortigui_config::vpngroups_local);
         conf.setValue("paths/logs", logs_dir);
         conf.setValue("paths/initd", openfortigui_config::initd_default);
+        conf.setValue("checks/sudopresenv", false);
         conf.sync();
     }
     else
@@ -118,6 +119,12 @@ void tiConfMain::initMainConf()
             conf.setValue("main/changelogrev_read", 0);
             conf.sync();
         }
+
+        if(!conf.contains("checks/sudopresenv"))
+        {
+            conf.setValue("checks/sudopresenv", false);
+            conf.sync();
+        }
     }
 }
 

openfortigui/vpnchangelog.cpp

@@ -60,6 +60,7 @@ void vpnChangelog::buildChangelog()
             <p style=\" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;\"><span style=\" font-weight:600;\">Changes:</span></p> \
             <p style=\" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;\"><span style=\" font-weight:600;\"> </span> - New OTP features: otp_prompt_string, otp_delay (both from openfortivpn), always ask for OTP token option, otp enhancements</p> \
             <p style=\" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;\"><span style=\" font-weight:600;\"> </span> - Update openfortivpn core to version 1.12.3</p> \
+            <p style=\" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;\"><span style=\" font-weight:600;\"> </span> - Enables SUDO Preserve-Env fix for affected OSes automatically (only Ubuntu/Debian)</p> \
             <p style=\"-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-size:14pt; font-weight:600; color:#00851b;\"><br /></p>");
 
     // Version 0.8.2

openfortigui/vpnhelper.cpp

@@ -18,6 +18,7 @@
 #include "vpnhelper.h"
 
 #include <QEventLoop>
+#include <QProcess>
 
 #include "config.h"
 #include <qt5keychain/keychain.h>
@@ -269,3 +270,28 @@ void vpnHelper::ssl_handleErrors()
     ERR_print_errors_fp(stderr);
 }
 
+QString vpnHelper::getOSCodename()
+{
+    return vpnHelper::runCommandwithOutput("lsb_release --codename -s").trimmed();
+}
+
+QString vpnHelper::runCommandwithOutput(const QString &cmd)
+{
+    QProcess proc;
+    proc.start(cmd, QIODevice::ReadOnly);
+    proc.waitForStarted();
+    proc.waitForFinished();
+
+    return proc.readLine();
+}
+
+int vpnHelper::runCommandwithReturnCode(const QString &cmd)
+{
+    QProcess proc;
+    proc.start(cmd, QIODevice::ReadOnly);
+    proc.waitForStarted();
+    proc.waitForFinished();
+
+    return proc.exitCode();
+}
+

openfortigui/vpnhelper.h

@@ -45,6 +45,11 @@ class vpnHelper
     static QString Qaes128_decrypt(const QString &cipher, const QString &key, const QString &iv);
 
     static void ssl_handleErrors(void);
+    static QString getOSCodename();
+
+    static QString runCommandwithOutput(const QString &cmd);
+    static int runCommandwithReturnCode(const QString &cmd);
+
 };
 
 #endif // VPNHELPER_H