From f84df66369bdd1f96465b54f57733839af303b45 Mon Sep 17 00:00:00 2001 From: Rene Hadler Date: Thu, 14 May 2020 18:11:25 +0200 Subject: [PATCH] Enables SUDO Preserve-Env fix for affected OSes automatically (only Ubuntu/Debian) --- openfortigui/debian/control | 2 +- openfortigui/mainwindow.cpp | 37 +++++++++++++++++++++++++++++++++++ openfortigui/mainwindow.h | 1 + openfortigui/ticonfmain.cpp | 7 +++++++ openfortigui/vpnchangelog.cpp | 1 + openfortigui/vpnhelper.cpp | 26 ++++++++++++++++++++++++ openfortigui/vpnhelper.h | 5 +++++ 7 files changed, 78 insertions(+), 1 deletion(-) diff --git a/openfortigui/debian/control b/openfortigui/debian/control index c0969e5..239b78a 100644 --- a/openfortigui/debian/control +++ b/openfortigui/debian/control @@ -6,7 +6,7 @@ Build-Depends: debhelper (>= 8.0.0) Package: openfortigui Architecture: amd64 i386 -Depends: ${shlibs:Depends}, sudo, qttranslations5-l10n, ppp +Depends: ${shlibs:Depends}, sudo, qttranslations5-l10n, ppp, lsb-release Conflicts: Replaces: Provides: openfortigui diff --git a/openfortigui/mainwindow.cpp b/openfortigui/mainwindow.cpp index 1572162..8f7ed5d 100644 --- a/openfortigui/mainwindow.cpp +++ b/openfortigui/mainwindow.cpp @@ -171,6 +171,8 @@ MainWindow::MainWindow(QWidget *parent) : if(main_settings.getValue("gui/main_toolbar_location", 0).toInt() != 0) addToolBar(static_cast(main_settings.getValue("gui/main_toolbar_location", 0).toInt()), this->ui->tbActions); + + doOSChecks(); } MainWindow::~MainWindow() @@ -1155,6 +1157,41 @@ void MainWindow::autostartVPNs() } } +void MainWindow::doOSChecks() +{ + tiConfMain main_settings; + QString osname = vpnHelper::getOSCodename(); + if(osname.isEmpty()) + { + qWarning() << "OS could not be detected, please make sure lsb-release is installed and 'lsb_release --codename -s' returns a valid string/codename, will not apply any OS fixes!"; + return; + } + + QList sudoPreEnvOSes; + sudoPreEnvOSes << "buster" << "bullseye" << "eoan" << "focal" << "groovy"; + if(sudoPreEnvOSes.contains(osname)) + { + // Check if we need to do work + if(main_settings.getValue("checks/sudopresenv", false).toBool() == false || main_settings.getValue("checks/sudopresenv_lastos", "").toString() != osname) + { + // Detected OS for SUDO-Preserve-Env fix + qDebug() << "Detected OS to enable SUDO-Preserve-Env fix, osname::" << osname; + main_settings.setValue("main/sudo_preserve_env", true); + main_settings.setValue("checks/sudopresenv", true); + main_settings.setValue("checks/sudopresenv_lastos", osname); + main_settings.sync(); + } + else + { + qDebug() << "SUDO-Preserve-Env fix already applied"; + } + } + else + { + qDebug() << "OS not affected by SUDO-Preserve-Env fix or no supported OS found, osname::" << osname; + } +} + QStandardItem *MainWindow::getVpnProfileItem(const QString &vpnname, int colum) { QStandardItem *retitem = 0; diff --git a/openfortigui/mainwindow.h b/openfortigui/mainwindow.h index 3bccd5e..cbcf9b5 100644 --- a/openfortigui/mainwindow.h +++ b/openfortigui/mainwindow.h @@ -115,6 +115,7 @@ private slots: void refreshVpnProfileList(); void refreshVpnGroupList(); void autostartVPNs(); + void doOSChecks(); QStandardItem *getVpnProfileItem(const QString &vpnname, int column); diff --git a/openfortigui/ticonfmain.cpp b/openfortigui/ticonfmain.cpp index 300c36e..c02bd73 100644 --- a/openfortigui/ticonfmain.cpp +++ b/openfortigui/ticonfmain.cpp @@ -84,6 +84,7 @@ void tiConfMain::initMainConf() conf.setValue("paths/localvpngroups", openfortigui_config::vpngroups_local); conf.setValue("paths/logs", logs_dir); conf.setValue("paths/initd", openfortigui_config::initd_default); + conf.setValue("checks/sudopresenv", false); conf.sync(); } else @@ -118,6 +119,12 @@ void tiConfMain::initMainConf() conf.setValue("main/changelogrev_read", 0); conf.sync(); } + + if(!conf.contains("checks/sudopresenv")) + { + conf.setValue("checks/sudopresenv", false); + conf.sync(); + } } } diff --git a/openfortigui/vpnchangelog.cpp b/openfortigui/vpnchangelog.cpp index 21c167b..8c8c513 100644 --- a/openfortigui/vpnchangelog.cpp +++ b/openfortigui/vpnchangelog.cpp @@ -60,6 +60,7 @@ void vpnChangelog::buildChangelog()

Changes:

\

- New OTP features: otp_prompt_string, otp_delay (both from openfortivpn), always ask for OTP token option, otp enhancements

\

- Update openfortivpn core to version 1.12.3

\ +

- Enables SUDO Preserve-Env fix for affected OSes automatically (only Ubuntu/Debian)

\


"); // Version 0.8.2 diff --git a/openfortigui/vpnhelper.cpp b/openfortigui/vpnhelper.cpp index a5e2219..dba76fa 100644 --- a/openfortigui/vpnhelper.cpp +++ b/openfortigui/vpnhelper.cpp @@ -18,6 +18,7 @@ #include "vpnhelper.h" #include +#include #include "config.h" #include @@ -269,3 +270,28 @@ void vpnHelper::ssl_handleErrors() ERR_print_errors_fp(stderr); } +QString vpnHelper::getOSCodename() +{ + return vpnHelper::runCommandwithOutput("lsb_release --codename -s").trimmed(); +} + +QString vpnHelper::runCommandwithOutput(const QString &cmd) +{ + QProcess proc; + proc.start(cmd, QIODevice::ReadOnly); + proc.waitForStarted(); + proc.waitForFinished(); + + return proc.readLine(); +} + +int vpnHelper::runCommandwithReturnCode(const QString &cmd) +{ + QProcess proc; + proc.start(cmd, QIODevice::ReadOnly); + proc.waitForStarted(); + proc.waitForFinished(); + + return proc.exitCode(); +} + diff --git a/openfortigui/vpnhelper.h b/openfortigui/vpnhelper.h index 519d2e9..3a96558 100644 --- a/openfortigui/vpnhelper.h +++ b/openfortigui/vpnhelper.h @@ -45,6 +45,11 @@ class vpnHelper static QString Qaes128_decrypt(const QString &cipher, const QString &key, const QString &iv); static void ssl_handleErrors(void); + static QString getOSCodename(); + + static QString runCommandwithOutput(const QString &cmd); + static int runCommandwithReturnCode(const QString &cmd); + }; #endif // VPNHELPER_H