add a tunnelblick configuration bundle to the ZIP file

785f140c · ale · 6fe1f337 · 785f140c
Commit 785f140c authored Jan 07, 2012 by ale
--- a/autovpn/vpn_app.py
+++ b/autovpn/vpn_app.py
@@ -38,6 +38,20 @@ key %(cn)s.key
 ns-cert-type server
 '''

+TBLK_PLIST_TEMPLATE = '''<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+  <key>CFBundleIdentifier</key>
+  <string>%(bundle_identifier)s</string>
+  <key>CFBundleVersion</key>
+  <string>1</string>
+  <key>TBPackageVersion</key>
+  <string>1</string>
+  <key>TBSharePackage</key>
+  <string>private</string>
+</plist>
+'''
+
 README_TEMPLATE = '''
 VPN client configuration
 ========================
@@ -81,6 +95,13 @@ You can then configure the VPN using NetworkManager itself, use
 certificates contained in this ZIP file.


+OSX
+---
+
+The ZIP file contains a configuration for Tunnelblick. Double-click
+on it and it will install itself automatically.
+
+
 References
 ----------

@@ -154,17 +175,26 @@ def new_cert_dl():

    # Create the zipfile in-memory, with all the files the user needs.
    vars = {'cn': cn,
+            'bundle_identifier': '.'.join(
+                current_app.config['VPN_ENDPOINT'].split('.')[::-1]) + '.' + cn,
            'vpn_endpoint': current_app.config['VPN_ENDPOINT'],
            'vpn_site': current_app.config['VPN_SITE_URL'],
            'expiry_date': expiry_date.strftime('%Y/%m/%d')}
+    crt_pem = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
+    key_pem = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
    manifest = [
        ('ca.crt', g.ca.get_ca()),
-        ('%s.crt' % cn, 
-         crypto.dump_certificate(crypto.FILETYPE_PEM, cert)),
-        ('%s.key' % cn,
-         crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)),
+        ('%s.crt' % cn, crt_pem),
+        ('%s.key' % cn, key_pem),
        ('openvpn-%s.conf' % cn, OPENVPN_CONFIG_TEMPLATE % vars),
        ('README.txt', README_TEMPLATE % vars),
+
+        # Tunnelblick configuration for OSX
+        ('%s.tblk/Contents/Info.plist' % cn, TBLK_PLIST_TEMPLATE % vars),
+        ('%s.tblk/Resources/config.ovpn' % cn, OPENVPN_CONFIG_TEMPLATE % vars),
+        ('%s.tblk/Resources/ca.crt' % cn, g.ca.get_ca()),
+        ('%s.tblk/Resources/%s.crt' % (cn, cn), crt_pem),
+        ('%s.tblk/Resources/%s.key' % (cn, cn), key_pem),
        ]

    zbuf = StringIO()