Ubuntu One Client

Merge lp:~nataliabidart/ubuntuone-client/stable-3-0-update-2.99.91 into lp:ubuntuone-client/stable-3-0

stable-3-0-update-2.99.91
Merge into stable-3-0

Proposed by Natalia Bidart on 2012-03-20

Status:

Merged

Approved by:

Natalia Bidart on 2012-03-21

Approved revision:

1178

Merged at revision:

1177

Proposed branch:

lp:~nataliabidart/ubuntuone-client/stable-3-0-update-2.99.91

Merge into:

lp:ubuntuone-client/stable-3-0

Diff against target:

2909 lines (+2139/-257)

25 files modified

Makefile.am (+3/-1)
bin/u1sdtool (+1/-1)
bin/ubuntuone-proxy-tunnel (+24/-0)
contrib/testing/testcase.py (+15/-1)
data/source_ubuntuone-client.py (+2/-29)
docs/Makefile.am (+0/-1)
docs/man/u1sdtool.1 (+1/-1)
docs/man/ubuntuone-preferences.1 (+0/-16)
tests/platform/linux/test_notification.py (+6/-0)
tests/proxy/__init__.py (+150/-0)
tests/proxy/ssl/dummy.cert (+19/-0)
tests/proxy/ssl/dummy.key (+16/-0)
tests/proxy/test_tunnel_client.py (+212/-0)
tests/proxy/test_tunnel_server.py (+655/-0)
tests/syncdaemon/test_action_queue.py (+102/-137)
tests/syncdaemon/test_tunnel_runner.py (+128/-0)
ubuntuone/platform/constants.py (+5/-0)
ubuntuone/platform/linux/notification.py (+3/-0)
ubuntuone/proxy/__init__.py (+14/-0)
ubuntuone/proxy/common.py (+60/-0)
ubuntuone/proxy/logger.py (+36/-0)
ubuntuone/proxy/tunnel_client.py (+181/-0)
ubuntuone/proxy/tunnel_server.py (+376/-0)
ubuntuone/syncdaemon/action_queue.py (+52/-70)
ubuntuone/syncdaemon/tunnel_runner.py (+78/-0)

To merge this branch:

bzr merge lp:~nataliabidart/ubuntuone-client/stable-3-0-update-2.99.91

Related bugs:

Bug #682954: Typo in man page for u1sdtool, "path's" to "paths"	Medium	Fix Released
Bug #887369: Please use transient hint so notifications in Gnome Shell stay out of the way	Low	Fix Released
Bug #929207: [FFE] Proxy "tunnel" for syncdaemon	High	Fix Released
Bug #929208: [FFE] Tunnel storage protocol if proxy enabled in system settings	High	Fix Released
Bug #956407: Apport recipe attaches old/useless log files	Medium	Fix Released

Link a bug report

Reviewer	Date Requested	Status
Alejandro J. Cura (community)		Approve on 2012-03-21
Roberto Alsina (community)	2012-03-20	Approve on 2012-03-21
Review via email: mp+98535@code.launchpad.net

Commit Message

- Updating from trunk up to revno 1213:

[ Alejandro J. Cura <email address hidden> ]
  - Only allow connections that provide the right cookie thru
    the tunnel (LP: #929207).
  - Use proxy credentials from the keyring (LP: #929207)
  - QNetwork must use the proxy built; forward disconnections in the
    tunnel client.
  - Use the txweb webclient from sso for webcalls, so they can be
    proxied too (LP: #929207, LP: #929212).
  - Tunnel storage protocol if proxy enabled in system settings
    (LP: #929208).
  - A proxy tunnel process to be started when proxies are enabled
    (LP: #929207).
  - A client for the proxy tunnel, to be used by syncdaemon
    (LP: #929207).
  - The infrastructure for a QtNetwork based process to tunnel
    syncdaemon traffic thru proxies (LP: #929207).

[ Roberto Alsina <email address hidden> ]
- Fix tunnel spawning code so that it works on windows.

[ Rodney Dawes <email address hidden> ]
  - Don't attach old useless log files, and clean up the report a
    little (LP: #956407).
  - Fix the typo in the u1sdtool --list-shared help text and man page
    (LP: #682954).
  - Don't install the really old preferences man file we don't need.
  - Set the transient hint on the notifications to True
    (LP: #887369).

Roberto Alsina (ralsina) on 2012-03-21:

review: Approve

Alejandro J. Cura (alecu) wrote on 2012-03-21:

Looks fine.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Natalia Bidart

Ubuntu One hackers

 === modified file 'Makefile.am'
 --- Makefile.am	2012-02-21 20:34:55 +0000
 +++ Makefile.am	2012-03-20 23:05:30 +0000
@@ -19,6 +19,7 @@
  libexec_SCRIPTS =			\
  	bin/ubuntuone-syncdaemon	\
++	bin/ubuntuone-proxy-tunnel      \
  	bin/ubuntuone-login
  clientdefsdir = $(pythonpkgdir)/ubuntuone
@@ -53,7 +54,8 @@
  test: logging.conf $(clientdefs_DATA) Makefile
  	echo "$(PYTHONPATH)"
  	if test "x$(builddir)" == "x$(srcdir)"; then \
--		PYTHONPATH="$(PYTHONPATH)" u1trial -r $(REACTOR) -p tests/platform/windows tests; \
++		PYTHONPATH="$(PYTHONPATH)" u1trial -r $(REACTOR) -p tests/platform/windows,tests/proxy tests; \
++		PYTHONPATH="$(PYTHONPATH)" u1trial -r qt4 -p tests/platform/windows tests/proxy; \
  	fi
  	rm -rf _trial_temp
 === modified file 'bin/u1sdtool'
 --- bin/u1sdtool	2012-01-26 00:46:08 +0000
 +++ bin/u1sdtool	2012-03-20 23:05:30 +0000
@@ -242,7 +242,7 @@
                        help="Share PATH to USER. ")
      parser.add_option("", "--list-shared", dest="list_shared",
                        action="store_true",
--                      help="List the shared path's/shares offered. ")
++                      help="List the shared paths/shares offered. ")
      parser.add_option("", "--create-folder", dest="create_folder",
                        metavar="PATH",
                        help="Create user defined folder in the specified path")
 === added file 'bin/ubuntuone-proxy-tunnel'
 --- bin/ubuntuone-proxy-tunnel	1970-01-01 00:00:00 +0000
 +++ bin/ubuntuone-proxy-tunnel	2012-03-20 23:05:30 +0000
@@ -0,0 +1,24 @@
++#!/usr/bin/python
++#
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++
++"""Ubuntu One tunnel for proxy support."""
++
++import sys
++
++from ubuntuone.proxy.tunnel_server import main
++
++if __name__ == "__main__":
++    main(sys.argv)
 === modified file 'contrib/testing/testcase.py'
 --- contrib/testing/testcase.py	2012-02-09 21:57:00 +0000
 +++ contrib/testing/testcase.py	2012-03-20 23:05:30 +0000
@@ -28,7 +28,7 @@
  from collections import defaultdict
  from functools import wraps
--from twisted.internet import defer
++from twisted.internet import defer, reactor
  from twisted.trial.unittest import TestCase as TwistedTestCase
  from ubuntuone.devtools.testcases import skipIfOS
  from zope.interface import implements
@@ -267,6 +267,17 @@
          return defer.succeed(True)
++class FakeTunnelRunner(object):
++    """A fake proxy.tunnel_client.TunnelRunner."""
++
++    def __init__(self, *args):
++        """Fake a proxy tunnel."""
++
++    def get_client(self):
++        """Always return the reactor."""
++        return defer.succeed(reactor)
++
++
  class BaseTwistedTestCase(TwistedTestCase):
      """Base TestCase with helper methods to handle temp dir.
@@ -276,6 +287,7 @@
          makedirs(path): support read-only shares
      """
      MAX_FILENAME = 32 # some platforms limit lengths of filenames
++    tunnel_runner_class = FakeTunnelRunner
      def mktemp(self, name='temp'):
          """ Customized mktemp that accepts an optional name argument. """
@@ -380,6 +392,8 @@
          # Patch the user home
          self.home_dir = self.mktemp('ubuntuonehacker')
          self.patch(platform, "xdg_home", self.home_dir)
++        self.patch(action_queue.tunnel_runner, "TunnelRunner",
++                   self.tunnel_runner_class)
  class FakeMainTestCase(BaseTwistedTestCase):
 === modified file 'data/source_ubuntuone-client.py'
 --- data/source_ubuntuone-client.py	2011-02-09 14:40:29 +0000
 +++ data/source_ubuntuone-client.py	2012-03-20 23:05:30 +0000
@@ -1,6 +1,6 @@
  # Apport integration for Ubuntu One client
+ #
--# Copyright 2009 Canonical Ltd.
++# Copyright 2009-2012 Canonical Ltd.
+ #
  # This program is free software: you can redistribute it and/or modify it
  # under the terms of the GNU General Public License version 3, as published
@@ -17,7 +17,7 @@
  # pylint: disable-msg=F0401,C0103
  # shut up about apport. We know. We aren't going to backport it for pqm
  import apport
--from apport.hookutils import attach_file_if_exists, packaging
++from apport.hookutils import attach_file_if_exists
  import os.path
  from xdg.BaseDirectory import xdg_cache_home, xdg_config_home
@@ -28,11 +28,8 @@
  u1_client_log = os.path.join(u1_log_path, "syncdaemon.log")
  u1_except_log = os.path.join(u1_log_path, "syncdaemon-exceptions.log")
  u1_invalidnames_log = os.path.join(u1_log_path, "syncdaemon-invalid-names.log")
--u1_oauth_log = os.path.join(u1_log_path, "oauth-login.log")
--u1_prefs_log = os.path.join(u1_log_path, "u1-prefs.log")
  u1_sd_conf = os.path.join("etc", "xdg", "ubuntuone", "syncdaemon.conf")
  u1_usersd_conf = os.path.join(u1_user_config_path, "syncdaemon.conf")
--u1_user_conf = os.path.join(u1_user_config_path, "ubuntuone-client.conf")
  def add_info(report):
@@ -41,35 +38,11 @@
                                    "UbuntuOneSyncdaemonExceptionsLog")
      attach_file_if_exists(report, u1_invalidnames_log,
                                    "UbuntuOneSyncdaemonInvalidNamesLog")
--    attach_file_if_exists(report, u1_oauth_log,
--                                  "UbuntuOneOAuthLoginLog")
--    attach_file_if_exists(report, u1_prefs_log,
--                                  "UbuntuOnePreferencesLog")
      attach_file_if_exists(report, u1_usersd_conf,
                                    "UbuntuOneUserSyncdaemonConfig")
      attach_file_if_exists(report, u1_sd_conf,
                                    "UbuntuOneSyncdaemonConfig")
--    attach_file_if_exists(report, u1_user_conf,
--                                  "UbuntuOneClientConfig")
      if not apport.packaging.is_distro_package(report['Package'].split()[0]):
          report['ThirdParty'] = 'True'
          report['CrashDB'] = 'ubuntuone'
--
--    packages = ['ubuntuone-client',
--                'python-ubuntuone-client',
--                'ubuntuone-client-tools',
--                'ubuntuone-client-gnome',
--                'python-ubuntuone-storageprotocol',
--                'ubuntuone-ppa-beta']
--
--    versions = ''
--    for package in packages:
--        try:
--            version = packaging.get_version(package)
--        except ValueError:
--            version = 'N/A'
--        if version is None:
--            version = 'N/A'
--        versions += '%s %s\n' % (package, version)
--    report['UbuntuOneClientPackages'] = versions
 === modified file 'docs/Makefile.am'
 --- docs/Makefile.am	2011-02-09 14:40:29 +0000
 +++ docs/Makefile.am	2012-03-20 23:05:30 +0000
@@ -2,7 +2,6 @@
  manfilesdir = $(mandir)/man1
  manfiles_DATA =				\
--	man/ubuntuone-preferences.1	\
  	man/u1sdtool.1
  EXTRA_DIST=$(manfiles_DATA)
 === modified file 'docs/man/u1sdtool.1'
 --- docs/man/u1sdtool.1	2011-07-02 22:37:52 +0000
 +++ docs/man/u1sdtool.1	2012-03-20 23:05:30 +0000
@@ -131,7 +131,7 @@
  .RE
  .TP
  \fB\-\-list-shared\fR
--List the shared path's/shares offered.
++List the shared paths/shares offered.
  .TP
  \fB\-\-create-folder\fR=\fIPATH\fR
  Create user defined folder in the specified path
 === removed file 'docs/man/ubuntuone-preferences.1'
 --- docs/man/ubuntuone-preferences.1	2010-02-04 23:47:35 +0000
 +++ docs/man/ubuntuone-preferences.1	1970-01-01 00:00:00 +0000
@@ -1,16 +0,0 @@
--.TH UBUNTUONE-CLIENT-PREFERENCES 1
--
--.SH NAME
--ubuntuone-client-preferences \- A dialog for configuring Ubuntu One
--
--.SH SYNOPSYS
--.B ubutuone-client-preferences
--
--.SH DESCRIPTION
--This manual page briefly documents the
--.BR ubuntuone-client-preferences
--process, which provides a configuration dialog for configuring
--Ubuntu One file sharing.
--
--.SH AUTHOR
--This manual page was written by Rodney Dawes <rodney.dawes@canonical.com>
 === modified file 'tests/platform/linux/test_notification.py'
 --- tests/platform/linux/test_notification.py	2012-01-26 19:28:55 +0000
 +++ tests/platform/linux/test_notification.py	2012-03-20 23:05:30 +0000
@@ -73,6 +73,7 @@
          self._set_up_mock_notify(FAKE_TITLE, FAKE_MESSAGE, ICON_NAME)
          mock_notification = self.mocker.mock()
          self.mocker.result(mock_notification)
++        mock_notification.set_hint('transient', True)
          mock_notification.show()
          self.mocker.replay()
          Notification(FAKE_APP_NAME).send_notification(FAKE_TITLE, FAKE_MESSAGE)
@@ -82,9 +83,11 @@
          self._set_up_mock_notify(FAKE_TITLE, FAKE_MESSAGE, ICON_NAME)
          mock_notification = self.mocker.mock()
          self.mocker.result(mock_notification)
++        mock_notification.set_hint('transient', True)
          mock_notification.show()
          mock_notification.update(
              FAKE_TITLE + '2', FAKE_MESSAGE + '2', ICON_NAME)
++        mock_notification.set_hint('transient', True)
          mock_notification.show()
          self.mocker.replay()
          notifier = Notification(FAKE_APP_NAME)
@@ -96,6 +99,7 @@
          self._set_up_mock_notify(FAKE_TITLE, FAKE_MESSAGE, FAKE_ICON)
          mock_notification = self.mocker.mock()
          self.mocker.result(mock_notification)
++        mock_notification.set_hint('transient', True)
          mock_notification.show()
          self.mocker.replay()
          Notification(FAKE_APP_NAME).send_notification(
@@ -107,9 +111,11 @@
          mock_notification = self.mocker.mock()
          self.mocker.result(mock_notification)
          mock_notification.set_hint_string('x-canonical-append', '')
++        mock_notification.set_hint('transient', True)
          mock_notification.show()
          mock_notification.update(FAKE_TITLE, FAKE_APPENDAGE, ICON_NAME)
          mock_notification.set_hint_string('x-canonical-append', '')
++        mock_notification.set_hint('transient', True)
          mock_notification.show()
          self.mocker.replay()
          notifier = Notification(FAKE_APP_NAME)
 === added directory 'tests/proxy'
 === added file 'tests/proxy/__init__.py'
 --- tests/proxy/__init__.py	1970-01-01 00:00:00 +0000
 +++ tests/proxy/__init__.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,150 @@
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""Tests for the Ubuntu One proxy support."""
++
++from os import path
++from StringIO import StringIO
++
++from twisted.application import internet, service
++from twisted.internet import defer, ssl
++from twisted.web import http, resource, server
++
++SAMPLE_CONTENT = "hello world!"
++SIMPLERESOURCE = "simpleresource"
++DUMMY_KEY_FILENAME = "dummy.key"
++DUMMY_CERT_FILENAME = "dummy.cert"
++FAKE_COOKIE = "fa:ke:co:ok:ie"
++
++
++class SaveHTTPChannel(http.HTTPChannel):
++    """A save protocol to be used in tests."""
++
++    protocolInstance = None
++
++    # pylint: disable=C0103
++    def connectionMade(self):
++        """Keep track of the given protocol."""
++        SaveHTTPChannel.protocolInstance = self
++        http.HTTPChannel.connectionMade(self)
++
++
++class SaveSite(server.Site):
++    """A site that let us know when it's closed."""
++
++    protocol = SaveHTTPChannel
++
++    def __init__(self, *args, **kwargs):
++        """Create a new instance."""
++        server.Site.__init__(self, *args, **kwargs)
++        # we disable the timeout in the tests, we will deal with it manually.
++        # pylint: disable=C0103
++        self.timeOut = None
++
++
++class BaseMockWebServer(object):
++    """A mock webserver for testing"""
++
++    def __init__(self):
++        """Start up this instance."""
++        self.root = self.get_root_resource()
++        self.site = SaveSite(self.root)
++        application = service.Application('web')
++        self.service_collection = service.IServiceCollection(application)
++        #pylint: disable=E1101
++        self.tcpserver = internet.TCPServer(0, self.site)
++        self.tcpserver.setServiceParent(self.service_collection)
++        self.sslserver = internet.SSLServer(0, self.site, self.get_context())
++        self.sslserver.setServiceParent(self.service_collection)
++        self.service_collection.startService()
++
++    def get_dummy_path(self, filename):
++        """Path pointing at the dummy certificate files."""
++        base_path = path.dirname(__file__)
++        return path.join(base_path, "ssl", filename)
++
++    def get_context(self):
++        """Return an ssl context."""
++        key_path = self.get_dummy_path(DUMMY_KEY_FILENAME)
++        cert_path = self.get_dummy_path(DUMMY_CERT_FILENAME)
++        return ssl.DefaultOpenSSLContextFactory(key_path, cert_path)
++
++    def get_root_resource(self):
++        """Get the root resource with all the children."""
++        raise NotImplementedError
++
++    def get_iri(self):
++        """Build the iri for this mock server."""
++        #pylint: disable=W0212
++        port_num = self.tcpserver._port.getHost().port
++        return u"http://0.0.0.0:%d/" % port_num
++
++    def get_ssl_iri(self):
++        """Build the iri for the ssl mock server."""
++        #pylint: disable=W0212
++        port_num = self.sslserver._port.getHost().port
++        return u"https://0.0.0.0:%d/" % port_num
++
++    def stop(self):
++        """Shut it down."""
++        #pylint: disable=E1101
++        if self.site.protocol.protocolInstance:
++            self.site.protocol.protocolInstance.timeoutConnection()
++        return self.service_collection.stopService()
++
++
++class SimpleResource(resource.Resource):
++    """A simple web resource."""
++
++    def __init__(self):
++        """Initialize this mock resource."""
++        resource.Resource.__init__(self)
++        self.rendered = defer.Deferred()
++
++    def render_GET(self, request):
++        """Make a bit of html out of the resource's content."""
++        if not self.rendered.called:
++            self.rendered.callback(None)
++        return SAMPLE_CONTENT
++
++
++class MockWebServer(BaseMockWebServer):
++    """A mock webserver."""
++
++    def __init__(self):
++        """Initialize this mock server."""
++        self.simple_resource = SimpleResource()
++        super(MockWebServer, self).__init__()
++
++    def get_root_resource(self):
++        """Get the root resource with all the children."""
++        root = resource.Resource()
++        root.putChild(SIMPLERESOURCE, self.simple_resource)
++        return root
++
++
++class FakeTransport(StringIO):
++    """A fake transport that stores everything written to it."""
++
++    connected = True
++    disconnecting = False
++    cookie = None
++
++    def loseConnection(self):
++        """Mark the connection as lost."""
++        self.connected = False
++        self.disconnecting = True
++
++    def getPeer(self):
++        """Return the peer IAddress."""
++        return None
 === added directory 'tests/proxy/ssl'
 === added file 'tests/proxy/ssl/dummy.cert'
 --- tests/proxy/ssl/dummy.cert	1970-01-01 00:00:00 +0000
 +++ tests/proxy/ssl/dummy.cert	2012-03-20 23:05:30 +0000
@@ -0,0 +1,19 @@
++-----BEGIN CERTIFICATE-----
++MIIDEDCCAnmgAwIBAgIJAM/bIJ77awBCMA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD
++VQQGEwJBUjETMBEGA1UECAwKRmFrZSBTdGF0ZTESMBAGA1UEBwwJRmFrZSBDaXR5
++MRUwEwYDVQQKDAxGYWtlIENvbXBhbnkxFjAUBgNVBAsMDUZha2UgRGl2aXNpb24x
++EjAQBgNVBAMMCUZha2UgTmFtZTElMCMGCSqGSIb3DQEJARYWZmFrZUBlbWFpbC5h
++ZGRyZXNzLm5vdDAeFw0xMjAyMjIxOTI0MjBaFw0yMjAyMjMxOTI0MjBaMIGgMQsw
++CQYDVQQGEwJBUjETMBEGA1UECAwKRmFrZSBTdGF0ZTESMBAGA1UEBwwJRmFrZSBD
++aXR5MRUwEwYDVQQKDAxGYWtlIENvbXBhbnkxFjAUBgNVBAsMDUZha2UgRGl2aXNp
++b24xEjAQBgNVBAMMCUZha2UgTmFtZTElMCMGCSqGSIb3DQEJARYWZmFrZUBlbWFp
++bC5hZGRyZXNzLm5vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0hbliGty
++HwfZixU609UHBQdbfO+oObrPIrIawWX5FxD6KhX4ei23idmpyYEcXLK4ivNlT4dW
++27bvhtpf6/FBbu9e1YdwcdDNoXajr9Ia4NZJyANgo9b5UIsnyTc45NlnpZgRg5zc
++Oz7Vwwr4qf6r1ljK/I2mAO7rlpH5Ak9J+RkCAwEAAaNQME4wHQYDVR0OBBYEFLwr
++ps/JLNcfpSuuylMnkvImVvkgMB8GA1UdIwQYMBaAFLwrps/JLNcfpSuuylMnkvIm
++VvkgMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAWYDBAr0MgpnBxIne
++WRz8MX0/c7IqrEuZCYMSGnU7PoX3GdNk1Lkif1ufELKSoG8jY16CDgEl26GPxA1k
++Tho7MWSLikLbuQYJs2saF9by0Y/Mrau0auxEnpHZ7pkybeKFnrIqiNKvTVMnjo5T
++FMET5qEOKKvp9IOnezCYX1nYXyY=
++-----END CERTIFICATE-----
 === added file 'tests/proxy/ssl/dummy.key'
 --- tests/proxy/ssl/dummy.key	1970-01-01 00:00:00 +0000
 +++ tests/proxy/ssl/dummy.key	2012-03-20 23:05:30 +0000
@@ -0,0 +1,16 @@
++-----BEGIN PRIVATE KEY-----
++MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANIW5Yhrch8H2YsV
++OtPVBwUHW3zvqDm6zyKyGsFl+RcQ+ioV+Hott4nZqcmBHFyyuIrzZU+HVtu274ba
++X+vxQW7vXtWHcHHQzaF2o6/SGuDWScgDYKPW+VCLJ8k3OOTZZ6WYEYOc3Ds+1cMK
+++Kn+q9ZYyvyNpgDu65aR+QJPSfkZAgMBAAECgYBSxFh7TTExjmsjAyMg700LqyFc
++8CHLVJBkL9ygkqb2cmbMC8nPgJFNSqY8T5Q35OUVQNyJ31zVxJVLAF9H2c0Xy48K
++IkbS/hntyqlJYK1yfTbTHkDiweToE3Lm+55Do1TX04AyvBrwA1O/jNGi4xIlUEAy
++1Bs8MrJ1E/j/XDn9/QJBAOuhPTgG3F7bKuBrQzv98CvC5o2Txf3vLY8nL8V24b3l
++XgqzkDLhUxReBmmkGxZfKAju3+gXFvGGpbP7V8zShg8CQQDkQGs7kArFq/KR/GCh
++CAmJaDWy4LJkSqzDHoJbTrS7YuqN6X6mW1xPRnWpYSxae38fJsCpG3Vq8Mv1Zl32
++VPZXAkEAsAeE9JYri7GwFngLgoXzJr4z/xCmmU5VetyLk7l8a6Eu4E/FKj2rE0wq
++/kDa+5ubDRFntLuLKGSu5gafUST1gQJABhdmBTfp4a6eEaFPntyNDJq4XCa8/Ao2
++JBrrVa57Ckkwg0sI8z2a8A6sUzHhsiR7lwQ8vgaakpkMiGcL+Of5jwJAA/qX3PW+
++9JXbjWxpgh7FHnZJNRZ8xSe47REGA7qS/nIlV9iRuf/9M+k3A5VqitfFxrjPwSyI
++rvKTYkk13dL4hg==
++-----END PRIVATE KEY-----
 === added file 'tests/proxy/test_tunnel_client.py'
 --- tests/proxy/test_tunnel_client.py	1970-01-01 00:00:00 +0000
 +++ tests/proxy/test_tunnel_client.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,212 @@
++# -*- coding: utf8 -*-
++#
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""Tests for the proxy tunnel."""
++
++from twisted.internet import defer, protocol, ssl
++from twisted.trial.unittest import TestCase
++from twisted.web import client
++
++from ubuntuone.devtools.testcases.squid import SquidTestCase
++
++from tests.proxy import (
++    FakeTransport,
++    FAKE_COOKIE,
++    MockWebServer,
++    SAMPLE_CONTENT,
++    SIMPLERESOURCE,
++)
++from ubuntuone.proxy import tunnel_client
++from ubuntuone.proxy.tunnel_client import CRLF, TunnelClient
++from ubuntuone.proxy.tunnel_server import TunnelServer
++
++
++FAKE_HEADER = (
++    "HTTP/1.0 200 Connected!" + CRLF +
++    "Header1: value1" + CRLF +
++    "Header2: value2" + CRLF +
++    CRLF
++)
++
++
++class SavingProtocol(protocol.Protocol):
++    """A protocol that saves all that it receives."""
++
++    def __init__(self):
++        """Initialize this protocol."""
++        self.saved_data = None
++
++    def connectionMade(self):
++        """The connection was made, start saving."""
++        self.saved_data = []
++
++    def dataReceived(self, data):
++        """Save the data received."""
++        self.saved_data.append(data)
++
++    @property
++    def content(self):
++        """All the content so far."""
++        return "".join(self.saved_data)
++
++
++class TunnelClientProtocolTestCase(TestCase):
++    """Tests for the client side tunnel protocol."""
++
++    timeout = 3
++
++    @defer.inlineCallbacks
++    def setUp(self):
++        """Initialize this testcase."""
++        yield super(TunnelClientProtocolTestCase, self).setUp()
++        self.host, self.port = "9.9.9.9", 8765
++        fake_addr = object()
++        self.cookie = FAKE_COOKIE
++        self.other_proto = SavingProtocol()
++        other_factory = protocol.ClientFactory()
++        other_factory.buildProtocol = lambda _addr: self.other_proto
++        tunnel_client_factory = tunnel_client.TunnelClientFactory(self.host,
++                                         self.port, other_factory, self.cookie)
++        tunnel_client_proto = tunnel_client_factory.buildProtocol(fake_addr)
++        tunnel_client_proto.transport = FakeTransport()
++        tunnel_client_proto.connectionMade()
++        self.tunnel_client_proto = tunnel_client_proto
++
++    def test_sends_connect_request(self):
++        """Sends the expected CONNECT request."""
++        expected = tunnel_client.METHOD_LINE % (self.host, self.port)
++        written = self.tunnel_client_proto.transport.getvalue()
++        first_line = written.split(CRLF)[0]
++        self.assertEqual(first_line + CRLF, expected)
++        self.assertTrue(written.endswith(CRLF * 2),
++                        "Ends with a double CRLF")
++
++    def test_sends_cookie_header(self):
++        """Sends the expected cookie header."""
++        expected = "%s: %s" % (tunnel_client.TUNNEL_COOKIE_HEADER, self.cookie)
++        written = self.tunnel_client_proto.transport.getvalue()
++        headers = written.split(CRLF)[1:]
++        self.assertIn(expected, headers)
++
++    def test_handles_successful_connection(self):
++        """A successful connection is handled."""
++        self.tunnel_client_proto.dataReceived(FAKE_HEADER)
++        self.assertEqual(self.tunnel_client_proto.status_code, "200")
++
++    def test_protocol_is_switched(self):
++        """The protocol is switched after the headers are received."""
++        expected = (SAMPLE_CONTENT + CRLF) * 2
++        self.tunnel_client_proto.dataReceived(FAKE_HEADER + SAMPLE_CONTENT)
++        self.other_proto.dataReceived(CRLF + SAMPLE_CONTENT + CRLF)
++        self.assertEqual(self.other_proto.content, expected)
++
++
++class FakeOtherFactory(object):
++    """A fake factory."""
++
++    def __init__(self):
++        """Initialize this fake."""
++        self.started_called = None
++        self.failed_called = None
++        self.lost_called = None
++
++    def startedConnecting(self, *args):
++        """Store the call."""
++        self.started_called = args
++
++    def clientConnectionFailed(self, *args):
++        """Store the call."""
++        self.failed_called = args
++
++    def clientConnectionLost(self, *args):
++        """Store the call."""
++        self.lost_called = args
++
++
++class TunnelClientFactoryTestCase(TestCase):
++    """Tests for the TunnelClientFactory."""
++
++    def test_forwards_started(self):
++        """The factory forwards the startedConnecting call."""
++        fake_other_factory = FakeOtherFactory()
++        tcf = tunnel_client.TunnelClientFactory(None, None, fake_other_factory,
++                                                FAKE_COOKIE)
++        fake_connector = object()
++        tcf.startedConnecting(fake_connector)
++        self.assertEqual(fake_other_factory.started_called, (fake_connector,))
++
++    def test_forwards_failed(self):
++        """The factory forwards the clientConnectionFailed call."""
++        fake_reason = object()
++        fake_other_factory = FakeOtherFactory()
++        tcf = tunnel_client.TunnelClientFactory(None, None, fake_other_factory,
++                                                FAKE_COOKIE)
++        fake_connector = object()
++        tcf.clientConnectionFailed(fake_connector, fake_reason)
++        self.assertEqual(fake_other_factory.failed_called,
++                         (fake_connector, fake_reason))
++
++    def test_forwards_lost(self):
++        """The factory forwards the clientConnectionLost call."""
++        fake_reason = object()
++        fake_other_factory = FakeOtherFactory()
++        tcf = tunnel_client.TunnelClientFactory(None, None, fake_other_factory,
++                                                FAKE_COOKIE)
++        fake_connector = object()
++        tcf.clientConnectionLost(fake_connector, fake_reason)
++        self.assertEqual(fake_other_factory.lost_called,
++                         (fake_connector, fake_reason))
++
++
++class TunnelClientTestCase(SquidTestCase):
++    """Test the client for the tunnel."""
++
++    timeout = 3
++
++    @defer.inlineCallbacks
++    def setUp(self):
++        """Initialize this testcase."""
++        yield super(TunnelClientTestCase, self).setUp()
++        self.ws = MockWebServer()
++        self.addCleanup(self.ws.stop)
++        self.dest_url = self.ws.get_iri().encode("utf-8") + SIMPLERESOURCE
++        self.dest_ssl_url = (self.ws.get_ssl_iri().encode("utf-8") +
++                             SIMPLERESOURCE)
++        self.cookie = FAKE_COOKIE
++        self.tunnel_server = TunnelServer(self.cookie)
++        self.addCleanup(self.tunnel_server.shutdown)
++
++    @defer.inlineCallbacks
++    def test_connects_right(self):
++        """Uses the CONNECT method on the tunnel."""
++        tunnel_client = TunnelClient("0.0.0.0", self.tunnel_server.port,
++                                     self.cookie)
++        factory = client.HTTPClientFactory(self.dest_url)
++        scheme, host, port, path = client._parse(self.dest_url)
++        tunnel_client.connectTCP(host, port, factory)
++        result = yield factory.deferred
++        self.assertEqual(result, SAMPLE_CONTENT)
++
++    @defer.inlineCallbacks
++    def test_starts_tls_connection(self):
++        """TLS is started after connecting; control passed to the client."""
++        tunnel_client = TunnelClient("0.0.0.0", self.tunnel_server.port,
++                                     self.cookie)
++        factory = client.HTTPClientFactory(self.dest_ssl_url)
++        scheme, host, port, path = client._parse(self.dest_ssl_url)
++        context_factory = ssl.ClientContextFactory()
++        tunnel_client.connectSSL(host, port, factory, context_factory)
++        result = yield factory.deferred
++        self.assertEqual(result, SAMPLE_CONTENT)
 === added file 'tests/proxy/test_tunnel_server.py'
 --- tests/proxy/test_tunnel_server.py	1970-01-01 00:00:00 +0000
 +++ tests/proxy/test_tunnel_server.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,655 @@
++# -*- coding: utf8 -*-
++#
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""Tests for the proxy tunnel."""
++
++from StringIO import StringIO
++from urlparse import urlparse
++
++from twisted.internet import defer, protocol, reactor
++from twisted.trial.unittest import TestCase
++from PyQt4.QtCore import QCoreApplication
++from PyQt4.QtNetwork import QAuthenticator
++from ubuntuone.devtools.testcases.squid import SquidTestCase
++
++from tests.proxy import (
++    FakeTransport,
++    FAKE_COOKIE,
++    MockWebServer,
++    SAMPLE_CONTENT,
++    SIMPLERESOURCE,
++)
++from ubuntuone.proxy import tunnel_server
++from ubuntuone.proxy.tunnel_server import CRLF
++
++
++FAKE_SESSION_TEMPLATE = (
++    "CONNECT %s HTTP/1.0" + CRLF +
++    "Header1: value1" + CRLF +
++    "Header2: value2" + CRLF +
++    tunnel_server.TUNNEL_COOKIE_HEADER + ": %s" + CRLF +
++    CRLF +
++    "GET %s HTTP/1.0" + CRLF + CRLF
++)
++
++FAKE_SETTINGS = {
++    "http": {
++        "host": "myhost",
++        "port": 8888,
++    }
++}
++
++SAMPLE_HOST = "samplehost.com"
++SAMPLE_PORT = 443
++
++FAKE_CREDS = {
++    "username": "rhea",
++    "password": "caracolcaracola",
++}
++
++
++class DisconnectingProtocol(protocol.Protocol):
++    """A protocol that just disconnects."""
++
++    def connectionMade(self):
++        """Upon connecting: just disconnect."""
++        self.transport.loseConnection()
++
++
++class DisconnectingClientFactory(protocol.ClientFactory):
++    """A factory that fires a deferred on connection."""
++
++    def __init__(self):
++        """Initialize this instance."""
++        self.connected = defer.Deferred()
++
++    def buildProtocol(self, addr):
++        """The connection was made."""
++        proto = DisconnectingProtocol()
++        if not self.connected.called:
++            self.connected.callback(proto)
++        return proto
++
++
++class FakeProtocol(protocol.Protocol):
++    """A protocol that forwards some data."""
++
++    def __init__(self, factory, data):
++        """Initialize this fake."""
++        self.factory = factory
++        self.data = data
++        self.received_data = []
++
++    def connectionMade(self):
++        """Upon connection: send the stored data."""
++        self.transport.write(self.data)
++
++    def dataReceived(self, data):
++        """Some data was received."""
++        self.received_data.append(data)
++
++    def connectionLost(self, reason):
++        """The connection was lost, return the response."""
++        response = "".join(self.received_data)
++        if not self.factory.response.called:
++            self.factory.response.callback(response)
++
++
++class FakeClientFactory(protocol.ClientFactory):
++    """A factory that forwards some data to the protocol."""
++
++    def __init__(self, data):
++        """Initialize this fake."""
++        self.data = data
++        self.response = defer.Deferred()
++
++    def buildProtocol(self, addr):
++        """The connection was made."""
++        return FakeProtocol(self, self.data)
++
++
++class TunnelIntegrationTestCase(SquidTestCase):
++    """Basic tunnel integration tests."""
++
++    timeout = 3
++
++    @defer.inlineCallbacks
++    def setUp(self):
++        """Initialize this testcase."""
++        yield super(TunnelIntegrationTestCase, self).setUp()
++        self.ws = MockWebServer()
++        self.addCleanup(self.ws.stop)
++        self.dest_url = self.ws.get_iri().encode("utf-8") + SIMPLERESOURCE
++        self.cookie = FAKE_COOKIE
++        self.tunnel_server = tunnel_server.TunnelServer(self.cookie)
++        self.addCleanup(self.tunnel_server.shutdown)
++
++    def test_init(self):
++        """The tunnel is started."""
++        self.assertNotEqual(self.tunnel_server.port, 0)
++
++    @defer.inlineCallbacks
++    def test_accepts_connections(self):
++        """The tunnel accepts incoming connections."""
++        ncf = DisconnectingClientFactory()
++        reactor.connectTCP("0.0.0.0", self.tunnel_server.port, ncf)
++        yield ncf.connected
++
++    @defer.inlineCallbacks
++    def test_complete_connection(self):
++        """Test from the tunnel server down."""
++        url = urlparse(self.dest_url)
++        fake_session = FAKE_SESSION_TEMPLATE % (
++                                    url.netloc, self.cookie, url.path)
++        client = FakeClientFactory(fake_session)
++        reactor.connectTCP("0.0.0.0", self.tunnel_server.port, client)
++        response = yield client.response
++        self.assertIn(SAMPLE_CONTENT, response)
++
++
++class FakeClient(object):
++    """A fake destination client."""
++
++    protocol = None
++    connection_result = defer.succeed(True)
++    credentials = None
++    check_credentials = False
++    proxy_domain = None
++
++    def connect(self, hostport):
++        """Establish a connection with the other end."""
++        if (self.check_credentials and
++            self.protocol.proxy_credentials != FAKE_CREDS):
++            self.proxy_domain = "fake domain"
++            return defer.fail(tunnel_server.ProxyAuthenticationError())
++        return self.connection_result
++
++    def write(self, data):
++        """Write some data to the other end."""
++        if data == 'GET /simpleresource HTTP/1.0\r\n\r\n':
++            self.protocol.transport.write(SAMPLE_CONTENT)
++
++    def stop(self):
++        """Stop this fake client."""
++
++    def close(self):
++        """Reset this client."""
++
++
++
++class ServerTunnelProtocolTestCase(SquidTestCase):
++    """Tests for the ServerTunnelProtocol."""
++
++    @defer.inlineCallbacks
++    def setUp(self):
++        """Initialize this test instance."""
++        yield super(ServerTunnelProtocolTestCase, self).setUp()
++        self.ws = MockWebServer()
++        self.addCleanup(self.ws.stop)
++        self.dest_url = self.ws.get_iri().encode("utf-8") + SIMPLERESOURCE
++        self.transport = FakeTransport()
++        self.transport.cookie = FAKE_COOKIE
++        self.fake_client = FakeClient()
++        self.proto = tunnel_server.ServerTunnelProtocol(
++                                                lambda _: self.fake_client)
++        self.fake_client.protocol = self.proto
++        self.proto.transport = self.transport
++        self.cookie_line = "%s: %s" % (tunnel_server.TUNNEL_COOKIE_HEADER,
++                                       FAKE_COOKIE)
++
++    def test_broken_request(self):
++        """Broken request."""
++        self.proto.dataReceived("Broken request." + CRLF)
++        self.assertTrue(self.transport.getvalue().startswith("HTTP/1.0 400 "),
++                        "A broken request must fail.")
++
++    def test_wrong_method(self):
++        """Wrong method."""
++        self.proto.dataReceived("GET http://slashdot.org HTTP/1.0" + CRLF)
++        self.assertTrue(self.transport.getvalue().startswith("HTTP/1.0 405 "),
++                        "Using a wrong method fails.")
++
++    def test_invalid_http_version(self):
++        """Invalid HTTP version."""
++        self.proto.dataReceived("CONNECT 127.0.0.1:9999 HTTP/1.1" + CRLF)
++        self.assertTrue(self.transport.getvalue().startswith("HTTP/1.0 505 "),
++                        "Invalid http version is not allowed.")
++
++    def test_connection_is_established(self):
++        """The response code is sent."""
++        expected = "HTTP/1.0 200 Proxy connection established" + CRLF
++        self.proto.dataReceived("CONNECT 127.0.0.1:9999 HTTP/1.0" + CRLF +
++                                self.cookie_line + CRLF * 2)
++        self.assertTrue(self.transport.getvalue().startswith(expected),
++                        "First line must be the response status")
++
++    def test_connection_fails(self):
++        """The connection to the other end fails, and it's handled."""
++        error = tunnel_server.ConnectionError()
++        self.patch(self.fake_client, "connection_result", defer.fail(error))
++        expected = "HTTP/1.0 500 Connection error" + CRLF
++        self.proto.dataReceived("CONNECT 127.0.0.1:9999 HTTP/1.0" + CRLF +
++                                self.cookie_line + CRLF * 2)
++        self.assertTrue(self.transport.getvalue().startswith(expected),
++                        "The connection should fail at this point.")
++
++    def test_headers_stored(self):
++        """The request headers are stored."""
++        expected = [
++            ("Header1", "value1"),
++            ("Header2", "value2"),
++        ]
++        self.proto.dataReceived("CONNECT 127.0.0.1:9999 HTTP/1.0" + CRLF +
++                                "Header1: value1" + CRLF +
++                                "Header2: value2" + CRLF + CRLF)
++        self.assertEqual(self.proto.received_headers, expected)
++
++    def test_cookie_header_present(self):
++        """The cookie header must be present."""
++        self.proto.received_headers = [
++            (tunnel_server.TUNNEL_COOKIE_HEADER, FAKE_COOKIE),
++        ]
++        self.proto.verify_cookie()
++
++    def test_cookie_header_absent(self):
++        """The tunnel should refuse connections without the cookie."""
++        self.proto.received_headers = []
++        exception = self.assertRaises(tunnel_server.ConnectionError,
++                                      self.proto.verify_cookie)
++        self.assertEqual(exception.code, 418)
++
++    def test_successful_connect(self):
++        """A successful connect thru the tunnel."""
++        url = urlparse(self.dest_url)
++        data = FAKE_SESSION_TEMPLATE % (url.netloc, self.transport.cookie,
++                                        url.path)
++        self.proto.dataReceived(data)
++        lines = self.transport.getvalue().split(CRLF)
++        self.assertEqual(lines[-1], SAMPLE_CONTENT)
++
++    def test_header_split(self):
++        """Test a header with many colons."""
++        self.proto.header_line("key: host:port")
++        self.assertIn("key", dict(self.proto.received_headers))
++
++    @defer.inlineCallbacks
++    def test_keyring_credentials_are_retried(self):
++        """Wrong credentials are retried with values from keyring."""
++        self.fake_client.check_credentials = True
++        self.patch(self.proto, "verify_cookie", lambda: None)
++        self.patch(self.proto, "error_response",
++                   lambda code, desc: self.fail(desc))
++        self.proto.proxy_domain = "xxx"
++        self.patch(tunnel_server.Keyring, "get_credentials",
++                   lambda _, domain: defer.succeed(FAKE_CREDS))
++        yield self.proto.headers_done()
++
++
++class FakeServerTunnelProtocol(object):
++    """A fake ServerTunnelProtocol."""
++
++    def __init__(self):
++        """Initialize this fake tunnel."""
++        self.response_received = defer.Deferred()
++        self.proxy_credentials = None
++
++    def response_data_received(self, data):
++        """Fire the response deferred."""
++        if not self.response_received.called:
++            self.response_received.callback(data)
++
++    def remote_disconnected(self):
++        """The remote server disconnected."""
++
++    def proxy_auth_required(self, proxy, authenticator):
++        """Proxy credentials are needed."""
++        if self.proxy_credentials:
++            authenticator.setUser(self.proxy_credentials["username"])
++            authenticator.setPassword(self.proxy_credentials["password"])
++
++
++class BuildProxyTestCase(TestCase):
++    """Tests for the build_proxy function."""
++
++    def test_socks_is_preferred(self):
++        """Socks overrides all protocols."""
++        settings = {
++            "http": {"host": "httphost", "port": 3128},
++            "https": {"host": "httpshost", "port": 3129},
++            "socks": {"host": "sockshost", "port": 1080},
++        }
++        proxy = tunnel_server.build_proxy(settings)
++        self.assertEqual(proxy.type(), proxy.Socks5Proxy)
++        self.assertEqual(proxy.hostName(), "sockshost")
++        self.assertEqual(proxy.port(), 1080)
++
++    def test_https_beats_http(self):
++        """HTTPS wins over HTTP, since all of SD traffic is https."""
++        settings = {
++            "http": {"host": "httphost", "port": 3128},
++            "https": {"host": "httpshost", "port": 3129},
++        }
++        proxy = tunnel_server.build_proxy(settings)
++        self.assertEqual(proxy.type(), proxy.HttpProxy)
++        self.assertEqual(proxy.hostName(), "httpshost")
++        self.assertEqual(proxy.port(), 3129)
++
++    def test_http_if_no_other_choice(self):
++        """Finally, we use the host configured for HTTP."""
++        settings = {
++            "http": {"host": "httphost", "port": 3128},
++        }
++        proxy = tunnel_server.build_proxy(settings)
++        self.assertEqual(proxy.type(), proxy.HttpProxy)
++        self.assertEqual(proxy.hostName(), "httphost")
++        self.assertEqual(proxy.port(), 3128)
++
++    def test_use_noproxy_as_fallback(self):
++        """If nothing useful, revert to no proxy."""
++        settings = {}
++        proxy = tunnel_server.build_proxy(settings)
++        self.assertEqual(proxy.type(), proxy.DefaultProxy)
++
++
++class RemoteSocketTestCase(SquidTestCase):
++    """Tests for the client that connects to the other side."""
++
++    timeout = 3
++    get_proxy_settings = lambda _: {}
++
++    @defer.inlineCallbacks
++    def setUp(self):
++        """Initialize this testcase."""
++        yield super(RemoteSocketTestCase, self).setUp()
++        self.ws = MockWebServer()
++        self.addCleanup(self.ws.stop)
++        self.dest_url = self.ws.get_iri().encode("utf-8") + SIMPLERESOURCE
++
++        self.addCleanup(tunnel_server.QNetworkProxy.setApplicationProxy,
++                        tunnel_server.QNetworkProxy.applicationProxy())
++        settings = {"http": self.get_proxy_settings()}
++        proxy = tunnel_server.build_proxy(settings)
++        tunnel_server.QNetworkProxy.setApplicationProxy(proxy)
++
++    def test_invalid_port(self):
++        """A request with an invalid port fails with a 400."""
++        protocol = tunnel_server.ServerTunnelProtocol(
++                                                    tunnel_server.RemoteSocket)
++        protocol.transport = FakeTransport()
++        protocol.dataReceived("CONNECT 127.0.0.1:wrong_port HTTP/1.0" +
++                              CRLF * 2)
++
++        status_line = protocol.transport.getvalue()
++        self.assertTrue(status_line.startswith("HTTP/1.0 400 "),
++                        "The port must be an integer.")
++
++    @defer.inlineCallbacks
++    def test_connection_is_finished_when_stopping(self):
++        """The client disconnects when requested."""
++        fake_protocol = FakeServerTunnelProtocol()
++        client = tunnel_server.RemoteSocket(fake_protocol)
++        url = urlparse(self.dest_url)
++        yield client.connect(url.netloc)
++        yield client.stop()
++
++    @defer.inlineCallbacks
++    def test_stop_but_never_connected(self):
++        """Stop but it was never connected."""
++        fake_protocol = FakeServerTunnelProtocol()
++        client = tunnel_server.RemoteSocket(fake_protocol)
++        yield client.stop()
++
++    @defer.inlineCallbacks
++    def test_client_write(self):
++        """Data written to the client is sent to the other side."""
++        fake_protocol = FakeServerTunnelProtocol()
++        client = tunnel_server.RemoteSocket(fake_protocol)
++        self.addCleanup(client.stop)
++        url = urlparse(self.dest_url)
++        yield client.connect(url.netloc)
++        client.write("GET /simpleresource HTTP/1.0" + CRLF * 2)
++        yield self.ws.simple_resource.rendered
++
++    @defer.inlineCallbacks
++    def test_client_read(self):
++        """Data received by the client is written into the transport."""
++        fake_protocol = FakeServerTunnelProtocol()
++        client = tunnel_server.RemoteSocket(fake_protocol)
++        self.addCleanup(client.stop)
++        url = urlparse(self.dest_url)
++        yield client.connect(url.netloc)
++        client.write("GET /simpleresource HTTP/1.0" + CRLF * 2)
++        yield self.ws.simple_resource.rendered
++        data = yield fake_protocol.response_received
++        _headers, content = str(data).split(CRLF * 2, 1)
++        self.assertEqual(content, SAMPLE_CONTENT)
++
++
++class AnonProxyRemoteSocketTestCase(RemoteSocketTestCase):
++    """Tests for the client going thru an anonymous proxy."""
++
++    get_proxy_settings = RemoteSocketTestCase.get_nonauth_proxy_settings
++
++    def parse_headers(self, raw_headers):
++        """Parse the headers."""
++        lines = raw_headers.split(CRLF)
++        header_lines = lines[1:]
++        headers_pairs = (l.split(":", 1) for l in header_lines)
++        return dict((k.lower(), v.strip()) for k, v in headers_pairs)
++
++    @defer.inlineCallbacks
++    def test_verify_client_uses_proxy(self):
++        """Verify that the client uses the proxy."""
++        fake_protocol = FakeServerTunnelProtocol()
++        client = tunnel_server.RemoteSocket(fake_protocol)
++        self.addCleanup(client.stop)
++        url = urlparse(self.dest_url)
++        yield client.connect(url.netloc)
++        client.write("GET /simpleresource HTTP/1.0" + CRLF * 2)
++        yield self.ws.simple_resource.rendered
++        data = yield fake_protocol.response_received
++        raw_headers, _content = str(data).split(CRLF * 2, 1)
++        self.parse_headers(raw_headers)
++
++
++class AuthenticatedProxyRemoteSocketTestCase(AnonProxyRemoteSocketTestCase):
++    """Tests for the client going thru an authenticated proxy."""
++
++    get_proxy_settings = RemoteSocketTestCase.get_auth_proxy_settings
++
++    @defer.inlineCallbacks
++    def test_proxy_authentication_error(self):
++        """The proxy credentials were wrong on purpose."""
++        settings = {"http": self.get_proxy_settings()}
++        settings["http"]["password"] = "wrong password!!!"
++        proxy = tunnel_server.build_proxy(settings)
++        tunnel_server.QNetworkProxy.setApplicationProxy(proxy)
++        fake_protocol = FakeServerTunnelProtocol()
++        client = tunnel_server.RemoteSocket(fake_protocol)
++        self.addCleanup(client.stop)
++        url = urlparse(self.dest_url)
++        yield self.assertFailure(client.connect(url.netloc),
++                                 tunnel_server.ProxyAuthenticationError)
++
++    @defer.inlineCallbacks
++    def test_proxy_nobody_listens(self):
++        """The proxy settings point to a proxy that's unreachable."""
++        settings = dict(http={
++            "host": "127.0.0.1",
++            "port": 83,  # unused port according to /etc/services
++        })
++        proxy = tunnel_server.build_proxy(settings)
++        tunnel_server.QNetworkProxy.setApplicationProxy(proxy)
++        fake_protocol = FakeServerTunnelProtocol()
++        client = tunnel_server.RemoteSocket(fake_protocol)
++        self.addCleanup(client.stop)
++        url = urlparse(self.dest_url)
++        yield self.assertFailure(client.connect(url.netloc),
++                                 tunnel_server.ConnectionError)
++
++    def test_use_credentials(self):
++        """The credentials are used if present."""
++        fake_protocol = FakeServerTunnelProtocol()
++        client = tunnel_server.RemoteSocket(fake_protocol)
++        proxy = tunnel_server.build_proxy(FAKE_SETTINGS)
++        authenticator = QAuthenticator()
++
++        client.proxyAuthenticationRequired.emit(proxy, authenticator)
++        self.assertEqual(proxy.user(), "")
++        self.assertEqual(proxy.password(), "")
++        fake_protocol.proxy_credentials = FAKE_CREDS
++
++        client.proxyAuthenticationRequired.emit(proxy, authenticator)
++        self.assertEqual(authenticator.user(), FAKE_CREDS["username"])
++        self.assertEqual(authenticator.password(), FAKE_CREDS["password"])
++
++
++class FakeNetworkProxyFactoryClass(object):
++    """A fake QNetworkProxyFactory."""
++    last_query = None
++
++    def __init__(self, enabled):
++        """Initialize this fake instance."""
++        if enabled:
++            self.proxy_type = tunnel_server.QNetworkProxy.HttpProxy
++        else:
++            self.proxy_type = tunnel_server.QNetworkProxy.DefaultProxy
++
++    def type(self):
++        """Return the proxy type configured."""
++        return self.proxy_type
++
++    def systemProxyForQuery(self, query):
++        """A list of proxies, but only type() will be called on the first."""
++        return [self]
++
++
++class CheckProxyEnabledTestCase(TestCase):
++    """Tests for the check_proxy_enabled function."""
++
++    @defer.inlineCallbacks
++    def setUp(self):
++        """Initialize this testcase."""
++        yield super(CheckProxyEnabledTestCase, self).setUp()
++        self.app_proxy = []
++
++    def _assert_proxy_state(self, platform, state, assertion):
++        """Assert the proxy is in a given state."""
++        self.patch(tunnel_server.QNetworkProxy, "setApplicationProxy",
++                   lambda proxy: self.app_proxy.append(proxy))
++        self.patch(tunnel_server.sys, "platform", platform)
++        ret = tunnel_server.check_proxy_enabled(SAMPLE_HOST, str(SAMPLE_PORT))
++        self.assertTrue(ret == state, assertion)
++
++    def _assert_proxy_enabled(self, platform):
++        """Assert that the proxy is enabled."""
++        self._assert_proxy_state(platform, True, "Proxy is enabled.")
++
++    def _assert_proxy_disabled(self, platform):
++        """Assert that the proxy is disabled."""
++        self._assert_proxy_state(platform, False, "Proxy is disabled.")
++
++    def test_platform_linux_enabled(self):
++        """Tests for the linux platform with proxies enabled."""
++        self.patch(tunnel_server.gsettings, "get_proxy_settings",
++                   lambda: FAKE_SETTINGS)
++        self._assert_proxy_enabled("linux3")
++        self.assertEqual(len(self.app_proxy), 1)
++
++    def test_platform_linux_disabled(self):
++        """Tests for the linux platform with proxies disabled."""
++        self.patch(tunnel_server.gsettings, "get_proxy_settings", lambda: {})
++        self._assert_proxy_disabled("linux3")
++        self.assertEqual(len(self.app_proxy), 0)
++
++    def test_platform_other_enabled(self):
++        """Tests for any other platform with proxies enabled."""
++        fake_netproxfact = FakeNetworkProxyFactoryClass(True)
++        self.patch(tunnel_server, "QNetworkProxyFactory", fake_netproxfact)
++        self._assert_proxy_enabled("windows 1.0")
++        self.assertEqual(len(self.app_proxy), 0)
++
++    def test_platform_other_disabled(self):
++        """Tests for any other platform with proxies disabled."""
++        fake_netproxfact = FakeNetworkProxyFactoryClass(False)
++        self.patch(tunnel_server, "QNetworkProxyFactory", fake_netproxfact)
++        self._assert_proxy_disabled("windows 1.0")
++        self.assertEqual(len(self.app_proxy), 0)
++
++
++class FakeQCoreApp(object):
++    """A fake QCoreApplication."""
++
++    fake_instance = None
++
++    def __init__(self, argv):
++        """Initialize this fake."""
++        self.executed = False
++        self.argv = argv
++        FakeQCoreApp.fake_instance = self
++
++    def exec_(self):
++        """Fake the execution of this app."""
++        self.executed = True
++
++    @staticmethod
++    def instance():
++        """But return the real instance."""
++        return QCoreApplication.instance()
++
++
++class MainFunctionTestCase(TestCase):
++    """Tests for the main function of the tunnel server."""
++
++    @defer.inlineCallbacks
++    def setUp(self):
++        """Initialize these testcases."""
++        yield super(MainFunctionTestCase, self).setUp()
++        self.called = []
++        self.proxies_enabled = False
++
++        def fake_is_proxy_enabled(*args):
++            """Store the call, return false."""
++            self.called.append(args)
++            return self.proxies_enabled
++
++        self.patch(tunnel_server, "check_proxy_enabled", fake_is_proxy_enabled)
++        self.fake_stdout = StringIO()
++        self.patch(tunnel_server.sys, "stdout", self.fake_stdout)
++        self.patch(tunnel_server, "QCoreApplication", FakeQCoreApp)
++
++    def test_checks_proxies(self):
++        """Main checks that the proxies are enabled."""
++        tunnel_server.main([])
++        self.assertEqual(len(self.called), 1)
++
++    def test_on_proxies_enabled_prints_port_and_cookie(self):
++        """With proxies enabled print port to stdout and start the mainloop."""
++        self.patch(tunnel_server.uuid, "uuid4", lambda: FAKE_COOKIE)
++        self.proxies_enabled = True
++        port = 443
++        tunnel_server.main(["example.com", str(port)])
++        stdout = self.fake_stdout.getvalue()
++
++        self.assertIn(tunnel_server.TUNNEL_PORT_LABEL + ": ", stdout)
++        cookie_line = tunnel_server.TUNNEL_COOKIE_LABEL + ": " + FAKE_COOKIE
++        self.assertIn(cookie_line, stdout)
++
++    def test_on_proxies_disabled_exit(self):
++        """With proxies disabled, print a message and exit gracefully."""
++        self.proxies_enabled = False
++        tunnel_server.main(["example.com", "443"])
++        self.assertIn("Proxy not enabled.", self.fake_stdout.getvalue())
++        self.assertEqual(FakeQCoreApp.fake_instance, None)
 === modified file 'tests/syncdaemon/test_action_queue.py'
 --- tests/syncdaemon/test_action_queue.py	2012-02-18 16:13:04 +0000
 +++ tests/syncdaemon/test_action_queue.py	2012-03-20 23:05:30 +0000
@@ -23,7 +23,6 @@
  import operator
  import os
  import unittest
--import urllib2
  import uuid
  from functools import wraps
@@ -33,7 +32,7 @@
  from mocker import Mocker, MockerTestCase, ANY, expect
  from oauth import oauth
--from twisted.internet import defer, threads, reactor
++from twisted.internet import defer, reactor
  from twisted.internet import error as twisted_error
  from twisted.python.failure import DefaultException, Failure
  from twisted.web import server
@@ -186,6 +185,35 @@
          return FakeRequest()
++class FakeTunnelClient(object):
++    """A fake proxy.tunnel_client."""
++
++    def __init__(self):
++        """Fake this proxy tunnel."""
++        self.tcp_connected = False
++        self.ssl_connected = False
++
++    def connectTCP(self, *args, **kwargs):
++        """Save the connection thru TCP."""
++        self.tcp_connected = True
++
++    def connectSSL(self, *args, **kwargs):
++        """Save the connection thru SSL."""
++        self.ssl_connected = True
++
++
++class SavingConnectionTunnelRunner(object):
++    """A fake proxy.tunnel_client.TunnelRunner."""
++
++    def __init__(self, *args):
++        """Fake a proxy tunnel."""
++        self.client = FakeTunnelClient()
++
++    def get_client(self):
++        """Always return the reactor."""
++        return defer.succeed(self.client)
++
++
  class TestingProtocol(ActionQueue.protocol):
      """Protocol for testing."""
@@ -370,6 +398,21 @@
                  self.assertEqual(defined_args[0], 'self')
                  self.assertEqual(set(defined_args[1:]), set(evtargs))
++    @defer.inlineCallbacks
++    def test_get_webclient(self):
++        """The webclient is created if it does not exist."""
++        self.assertEqual(self.action_queue.webclient, None)
++        webclient = yield self.action_queue.get_webclient()
++        self.assertNotEqual(webclient, None)
++
++    @defer.inlineCallbacks
++    def test_get_webclient_existing(self):
++        """The webclient is not created again if it exists."""
++        fake_wc = object()
++        self.patch(self.action_queue, "webclient", fake_wc)
++        webclient = yield self.action_queue.get_webclient()
++        self.assertEqual(webclient, fake_wc)
++
  class TestLoggingStorageClient(TwistedTestCase):
      """Tests for ensuring magic hash dont show in logs."""
@@ -1295,6 +1338,28 @@
                                                  "host 1.2.3.4", "port 4321"))
++class TunnelRunnerTestCase(FactoryBaseTestCase):
++    """Tests for the tunnel runner."""
++
++    tunnel_runner_class = SavingConnectionTunnelRunner
++
++    @defer.inlineCallbacks
++    def test_make_connection_uses_tunnelrunner_non_ssl(self):
++        """Check that _make_connection uses TunnelRunner."""
++        self.action_queue.use_ssl = False
++        yield self.action_queue._make_connection(("127.0.0.1", 1234))
++        self.assertTrue(self.action_queue.tunnel_runner.client.tcp_connected,
++                        "connectTCP is called on the client.")
++
++    @defer.inlineCallbacks
++    def test_make_connection_uses_tunnelrunner_ssl(self):
++        """Check that _make_connection uses TunnelRunner."""
++        self.action_queue.use_ssl = True
++        yield self.action_queue._make_connection(("127.0.0.1", 1234))
++        self.assertTrue(self.action_queue.tunnel_runner.client.ssl_connected,
++                        "connectSSL is called on the client.")
++
++
  class ConnectedBaseTestCase(FactoryBaseTestCase):
      """Base test case generating a connected factory."""
@@ -2468,67 +2533,26 @@
          self.assertEqual(NODE, self.command.node_id)
          self.assertEqual(True, self.command.is_public)
--    def test_run_defers_work_to_thread(self):
--        """Test that work is deferred to a thread."""
--        original = threads.deferToThread
--        self.called = False
--
--        def check(function):
--            self.called = True
--            self.assertEqual(
--                self.command._change_public_access_http, function)
--            return defer.Deferred()
--
--        threads.deferToThread = check
--        try:
--            res = self.command._run()
--        finally:
--            threads.deferToThread = original
--
--        self.assertIsInstance(res, defer.Deferred)
--        self.assertTrue(self.called, "deferToThread was called")
--
++    @defer.inlineCallbacks
      def test_change_public_access_http(self):
--        """Test the blocking portion of the command."""
--        self.called = False
--        def check(request):
--            self.called = True
--            url = 'https://one.ubuntu.com/files/api/set_public/%s:%s' % (
++        """Test the command."""
++
++        def check_webcall(request_iri, method=None, post_content=None):
++            """Check the webcall made by this command."""
++            iri = u'https://one.ubuntu.com/files/api/set_public/%s:%s' % (
                  base64.urlsafe_b64encode(VOLUME.bytes).strip("="),
                  base64.urlsafe_b64encode(NODE.bytes).strip("="))
--            self.assertEqual(url, request.get_full_url())
--            self.assertEqual("is_public=True", request.get_data())
--            return StringIO(
--                '{"is_public": true, "public_url": "http://example.com"}')
--
--        from ubuntuone.syncdaemon import action_queue
--        self.patch(action_queue.timestamp_checker, "get_faithful_time",
--                   lambda: 1)
--        action_queue.urlopen = check
--        try:
--            res = self.command._change_public_access_http()
--        finally:
--            action_queue.urlopen = urllib2.urlopen
--
++            self.assertEqual(iri, request_iri)
++            self.assertEqual("is_public=True", post_content)
++            content = '{"is_public": true, "public_url": "http://example.com"}'
++            response = action_queue.txweb.Response(content)
++            return defer.succeed(response)
++
++        self.patch(self.action_queue, "webcall", check_webcall)
++        res = yield self.command._run()
          self.assertEqual(
              {'is_public': True, 'public_url': 'http://example.com'}, res)
--    def test_change_public_access_http_uses_timestamp(self):
--        """The timestamp is used for oauth signing."""
--        fake_timestamp = 12345678
--
--        def fake_urlopen(request):
--            """A fake urlopen."""
--            auth = request.headers["Authorization"]
--            expected = 'oauth_timestamp="%d"' % fake_timestamp
--            self.assertIn(expected, auth)
--            return StringIO("[]")
--
--        self.patch(action_queue.timestamp_checker, "get_faithful_time",
--                   lambda: fake_timestamp)
--        self.patch(action_queue, "urlopen", fake_urlopen)
--        self.command._change_public_access_http()
--
      def test_handle_success_push_event(self):
          """Test AQ_CHANGE_PUBLIC_ACCESS_OK is pushed on success."""
          response = {'is_public': True, 'public_url': 'http://example.com'}
@@ -2541,8 +2565,7 @@
      def test_handle_failure_push_event(self):
          """Test AQ_CHANGE_PUBLIC_ACCESS_ERROR is pushed on failure."""
          msg = 'Something went wrong'
--        failure = Failure(urllib2.HTTPError(
--                "http://example.com", 500, "Error", [], StringIO(msg)))
++        failure = Failure(action_queue.txweb.WebClientError("Misc Error", msg))
          self.command.handle_failure(failure=failure)
          event = ('AQ_CHANGE_PUBLIC_ACCESS_ERROR',
                   {'share_id': VOLUME, 'node_id': NODE, 'error': msg})
@@ -2569,11 +2592,11 @@
          default_url = 'https://one.ubuntu.com/files/api/public_files'
          request_queue = RequestQueue(action_queue=self.action_queue)
          command = GetPublicFiles(request_queue)
--        self.assertEqual(command._url, default_url)
++        self.assertEqual(command._iri, default_url)
          custom_url = 'http://example.com:1234/files/api/public_files'
          command_2 = GetPublicFiles(request_queue,
--                                   base_url='http://example.com:1234')
--        self.assertEqual(command_2._url, custom_url)
++                                   base_iri=u'http://example.com:1234')
++        self.assertEqual(command_2._iri, custom_url)
      def test_change_public_access(self):
          """Test the get_public_files method.."""
@@ -2583,75 +2606,39 @@
          """Test proper inheritance."""
          self.assertTrue(isinstance(self.command, ActionQueueCommand))
--    def test_run_defers_work_to_thread(self):
--        """Test that work is deferred to a thread."""
--        original = threads.deferToThread
--        self.called = False
--
--        def check(function):
--            self.called = True
--            self.assertEqual(
--                self.command._get_public_files_http, function)
--            return defer.Deferred()
--
--        threads.deferToThread = check
--        try:
--            res = self.command._run()
--        finally:
--            threads.deferToThread = original
--
--        self.assertIsInstance(res, defer.Deferred)
--        self.assertTrue(self.called, "deferToThread was called")
--
++    @defer.inlineCallbacks
      def test_get_public_files_http(self):
--        """Test the blocking portion of the command."""
--        self.called = False
++        """Test the _run method of the command."""
          node_id = uuid.uuid4()
          nodekey = '%s' % (base64.urlsafe_b64encode(node_id.bytes).strip("="))
          node_id_2 = uuid.uuid4()
          nodekey_2 = '%s' % (base64.urlsafe_b64encode(
                                                  node_id_2.bytes).strip("="))
          volume_id = uuid.uuid4()
--        def check(request):
--            self.called = True
--            url = 'https://one.ubuntu.com/files/api/public_files'
--            self.assertEqual(url, request.get_full_url())
--            return StringIO(
++
++        def check_webcall(request_iri, method=None):
++            """Check the webcall made by this command."""
++            """Check the webcall made by this command."""
++            iri = u'https://one.ubuntu.com/files/api/public_files'
++            self.assertEqual(method.upper(), "GET")
++            self.assertEqual(iri, request_iri)
++            content = (
                  '[{"nodekey": "%s", "volume_id": null,"public_url": '
                  '"http://example.com"}, '
                  '{"nodekey": "%s", "volume_id": "%s", "public_url": '
                  '"http://example.com"}]' % (nodekey, nodekey_2, volume_id))
--
--        from ubuntuone.syncdaemon import action_queue
--        self.patch(action_queue.timestamp_checker, "get_faithful_time",
--                   lambda: 1)
--        action_queue.urlopen = check
--        try:
--            res = self.command._get_public_files_http()
--        finally:
--            action_queue.urlopen = urllib2.urlopen
++            response = action_queue.txweb.Response(content)
++            return defer.succeed(response)
++
++        self.patch(self.action_queue, "webcall", check_webcall)
++        res = yield self.command._run()
++
          self.assertEqual([{'node_id': str(node_id), 'volume_id': '',
                            'public_url': 'http://example.com'},
                            {'node_id': str(node_id_2),
                             'volume_id': str(volume_id),
                             'public_url': 'http://example.com'}], res)
--    def test_get_public_files_http_uses_timestamp(self):
--        """The timestamp is used for oauth signing."""
--        fake_timestamp = 12345678
--
--        def fake_urlopen(request):
--            """A fake urlopen."""
--            auth = request.headers["Authorization"]
--            expected = 'oauth_timestamp="%d"' % fake_timestamp
--            self.assertIn(expected, auth)
--            return StringIO("[]")
--
--        self.patch(action_queue.timestamp_checker, "get_faithful_time",
--                   lambda: fake_timestamp)
--        self.patch(action_queue, "urlopen", fake_urlopen)
--        self.command._get_public_files_http()
--
      def test_handle_success_push_event(self):
          """Test AQ_PUBLIC_FILES_LIST_OK is pushed on success."""
          response = [{'node_id': uuid.uuid4(), 'volume_id':None,
@@ -2663,8 +2650,7 @@
      def test_handle_failure_push_event(self):
          """Test AQ_PUBLIC_FILES_LIST_ERROR is pushed on failure."""
          msg = 'Something went wrong'
--        failure = Failure(urllib2.HTTPError(
--                "http://example.com", 500, "Error", [], StringIO(msg)))
++        failure = Failure(action_queue.txweb.WebClientError("Misc Error", msg))
          self.command.handle_failure(failure=failure)
          event = ('AQ_PUBLIC_FILES_LIST_ERROR', {'error': msg})
          self.assertIn(event, self.command.action_queue.event_queue.events)
@@ -3649,27 +3635,6 @@
          self.assertEqual('share_name', name)
          self.assertTrue(read_only)
--    @defer.inlineCallbacks
--    def test_create_share_http_uses_timestamp(self):
--        """The timestamp is used for oauth signing."""
--        fake_timestamp = 12345678
--
--        def fake_urlopen(request):
--            """A fake urlopen."""
--            auth = request.headers["Authorization"]
--            expected = 'oauth_timestamp="%d"' % fake_timestamp
--            self.assertIn(expected, auth)
--
--        self.patch(action_queue.timestamp_checker, "get_faithful_time",
--                   lambda: fake_timestamp)
--        self.patch(action_queue, "urlopen", fake_urlopen)
--        self.user_connect()
--        command = CreateShare(self.request_queue, 'node_id',
--                              'share_to@example.com', 'share_name',
--                              ACCESS_LEVEL_RO, 'marker', 'path')
--        self.assertTrue(command.use_http, 'CreateShare should be in http mode')
--        yield command._run()
--
      def test_possible_markers(self):
          """Test that it returns the correct values."""
          cmd = CreateShare(self.request_queue, 'node_id', 'shareto@example.com',
 === added file 'tests/syncdaemon/test_tunnel_runner.py'
 --- tests/syncdaemon/test_tunnel_runner.py	1970-01-01 00:00:00 +0000
 +++ tests/syncdaemon/test_tunnel_runner.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,128 @@
++# -*- coding: utf8 -*-
++#
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""Tests for the proxy tunnel runner."""
++
++import os
++import sys
++
++from twisted.internet import defer, error, reactor, task
++from twisted.trial.unittest import TestCase
++
++from tests.proxy import FAKE_COOKIE
++from ubuntuone.proxy import tunnel_client
++from ubuntuone.syncdaemon import tunnel_runner
++
++FAKE_HOST = "fs-1.two.ubuntu.com"
++FAKE_PORT = 443
++
++
++class TunnelRunnerConstructorTestCase(TestCase):
++    """Test the tunnel runner constructor."""
++
++    timeout = 3
++
++    def raise_import_error(self, *args):
++        """Raise an import error."""
++        raise ImportError
++
++    @defer.inlineCallbacks
++    def test_proxy_support_not_installed(self):
++        """The proxy support binary package is not installed."""
++        self.patch(tunnel_runner.TunnelRunner, "start_process",
++                   self.raise_import_error)
++        tr = tunnel_runner.TunnelRunner(FAKE_HOST, FAKE_PORT)
++        client = yield tr.get_client()
++        self.assertEqual(client, reactor)
++
++
++class TunnelRunnerTestCase(TestCase):
++    """Tests for the TunnelRunner."""
++
++    timeout = 3
++
++    @defer.inlineCallbacks
++    def setUp(self):
++        """Initialize this testcase."""
++        yield super(TunnelRunnerTestCase, self).setUp()
++        self.spawned = []
++        self.patch(tunnel_client.reactor, "spawnProcess",
++                   lambda *args, **kwargs: self.spawned.append((args, kwargs)))
++        self.process_protocol = None
++        self.process_protocol_class = tunnel_client.TunnelProcessProtocol
++        self.patch(tunnel_client, "TunnelProcessProtocol",
++                   self.storing_process_protocol_factory)
++        self.tr = tunnel_runner.TunnelRunner("fs-1.one.ubuntu.com", 443)
++
++    def storing_process_protocol_factory(self, *args, **kwargs):
++        """Store the process protocol just created."""
++        self.process_protocol = self.process_protocol_class(*args, **kwargs)
++        return self.process_protocol
++
++    def test_tunnel_process_is_started(self):
++        """The tunnel process is started."""
++        self.assertEqual(len(self.spawned), 1,
++                        "The tunnel process is started.")
++
++    @defer.inlineCallbacks
++    def test_tunnel_process_get_client_yielded_twice(self):
++        """The get_client method can be yielded twice."""
++        self.process_protocol.processExited(error.ProcessTerminated(1))
++        client = yield self.tr.get_client()
++        client = yield self.tr.get_client()
++        self.assertNotEqual(client, None)
++
++    @defer.inlineCallbacks
++    def test_tunnel_process_exits_with_error(self):
++        """The tunnel process exits with an error."""
++        self.process_protocol.processExited(error.ProcessTerminated(1))
++        client = yield self.tr.get_client()
++        self.assertEqual(client, reactor)
++
++    @defer.inlineCallbacks
++    def test_tunnel_process_exits_gracefully(self):
++        """The tunnel process exits gracefully."""
++        self.process_protocol.processExited(error.ProcessDone(0))
++        client = yield self.tr.get_client()
++        self.assertEqual(client, reactor)
++
++    @defer.inlineCallbacks
++    def test_tunnel_process_prints_random_garbage_and_timeouts(self):
++        """The tunnel process prints garbage and timeouts."""
++        clock = task.Clock()
++        self.patch(tunnel_client, "reactor", clock)
++        self.process_protocol.connectionMade()
++        self.process_protocol.outReceived("Random garbage")
++        clock.advance(self.process_protocol.timeout)
++        client = yield self.tr.get_client()
++        self.assertEqual(client, clock)
++
++    @defer.inlineCallbacks
++    def test_tunnel_process_prints_port_number_and_cookie(self):
++        """The tunnel process prints the port number."""
++        received = "%s: %d\n%s: %s\n" % (
++                                tunnel_client.TUNNEL_PORT_LABEL, FAKE_PORT,
++                                tunnel_client.TUNNEL_COOKIE_LABEL, FAKE_COOKIE)
++        self.process_protocol.outReceived(received)
++        client = yield self.tr.get_client()
++        self.assertEqual(client.tunnel_port, FAKE_PORT)
++        self.assertEqual(client.cookie, FAKE_COOKIE)
++
++    def test_frozen_path(self):
++        """Ensure the path is correct if sys is frozen."""
++        sys.frozen = "Yes"
++        self.addCleanup(delattr, sys, "frozen")
++        self.assertEqual(os.path.dirname(self.tr.get_process_path()),
++            os.path.dirname(sys.executable))
 === modified file 'ubuntuone/platform/constants.py'
 --- ubuntuone/platform/constants.py	2011-12-08 20:56:10 +0000
 +++ ubuntuone/platform/constants.py	2012-03-20 23:05:30 +0000
@@ -21,7 +21,12 @@
  import sys
++TUNNEL_EXECUTABLE = "ubuntuone-proxy-tunnel"
++
  if sys.platform == "win32":
      HASHQUEUE_DELAY = 3.0
++    if getattr(sys, "frozen", None) is not None:
++        # Only use the .exe suffix in windows+frozen
++        TUNNEL_EXECUTABLE += ".exe"
  else:
      HASHQUEUE_DELAY = 0.5
 === modified file 'ubuntuone/platform/linux/notification.py'
 --- ubuntuone/platform/linux/notification.py	2012-01-25 22:40:02 +0000
 +++ ubuntuone/platform/linux/notification.py	2012-03-20 23:05:30 +0000
@@ -68,6 +68,9 @@
                  self.notification = Notify.Notification(title, message, icon)
          else:
              self.notification.update(title, message, icon)
++
          if append:
              self.notification.set_hint_string('x-canonical-append', '')
++
++        self.notification.set_hint('transient', True)
          self.notification.show()
 === added directory 'ubuntuone/proxy'
 === added file 'ubuntuone/proxy/__init__.py'
 --- ubuntuone/proxy/__init__.py	1970-01-01 00:00:00 +0000
 +++ ubuntuone/proxy/__init__.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,14 @@
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""Ubuntu One proxy support."""
 === added file 'ubuntuone/proxy/common.py'
 --- ubuntuone/proxy/common.py	1970-01-01 00:00:00 +0000
 +++ ubuntuone/proxy/common.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,60 @@
++# -*- coding: utf8 -*-
++#
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""Common classes to the tunnel client and server."""
++
++from twisted.protocols import basic
++
++CRLF = "\r\n"
++TUNNEL_PORT_LABEL = "Tunnel port"
++TUNNEL_COOKIE_LABEL = "Tunnel cookie"
++TUNNEL_COOKIE_HEADER = "Proxy-Tunnel-Cookie"
++
++
++class BaseTunnelProtocol(basic.LineReceiver):
++    """CONNECT base protocol for tunnelling connections."""
++
++    delimiter = CRLF
++
++    def __init__(self):
++        """Initialize this protocol."""
++        self._first_line = True
++        self.received_headers = []
++
++    def header_line(self, line):
++        """Handle each header line received."""
++        key, value = line.split(":", 1)
++        value = value.strip()
++        self.received_headers.append((key, value))
++
++    def lineReceived(self, line):
++        """Process a line in the header."""
++        if self._first_line:
++            self._first_line = False
++            self.handle_first_line(line)
++        else:
++            if line:
++                self.header_line(line)
++            else:
++                self.setRawMode()
++                self.headers_done()
++
++    def remote_disconnected(self):
++        """The remote end closed the connection."""
++        self.transport.loseConnection()
++
++    def format_headers(self, headers):
++        """Format some headers as a few response lines."""
++        return "".join("%s: %s" % item + CRLF for item in headers.items())
 === added file 'ubuntuone/proxy/logger.py'
 --- ubuntuone/proxy/logger.py	1970-01-01 00:00:00 +0000
 +++ ubuntuone/proxy/logger.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,36 @@
++# ubuntuone.syncdaemon.logger - logging utilities
++#
++# Copyright 2009-2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++
++"""SyncDaemon logging utilities and config."""
++
++import logging
++import os
++
++from ubuntuone.logger import (
++    basic_formatter,
++    CustomRotatingFileHandler,
++)
++
++from ubuntuone.platform.xdg_base_directory import ubuntuone_log_dir
++
++
++LOGFILENAME = os.path.join(ubuntuone_log_dir, 'proxy.log')
++logger = logging.getLogger("ubuntuone.proxy")
++logger.setLevel(logging.DEBUG)
++handler = CustomRotatingFileHandler(filename=LOGFILENAME)
++handler.setFormatter(basic_formatter)
++handler.setLevel(logging.DEBUG)
++logger.addHandler(handler)
 === added file 'ubuntuone/proxy/tunnel_client.py'
 --- ubuntuone/proxy/tunnel_client.py	1970-01-01 00:00:00 +0000
 +++ ubuntuone/proxy/tunnel_client.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,181 @@
++# -*- coding: utf8 -*-
++#
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""Client for the tunnel protocol."""
++
++import logging
++
++from twisted.internet import protocol, reactor
++
++from ubuntuone.proxy.common import (
++    BaseTunnelProtocol,
++    CRLF,
++    TUNNEL_COOKIE_LABEL,
++    TUNNEL_COOKIE_HEADER,
++    TUNNEL_PORT_LABEL,
++)
++
++METHOD_LINE = "CONNECT %s:%d HTTP/1.0" + CRLF
++LOCALHOST = "127.0.0.1"
++logger = logging.getLogger("ubuntuone.Proxy.TunnelClient")
++
++
++class TunnelClientProtocol(BaseTunnelProtocol):
++    """Client protocol for the handshake part of the tunnel."""
++
++    def connectionMade(self):
++        """The connection to the tunnel was made so send request."""
++        method_line = METHOD_LINE % (self.factory.tunnel_host,
++                                     self.factory.tunnel_port)
++        headers = {
++            "User-Agent": "Ubuntu One tunnel client",
++            TUNNEL_COOKIE_HEADER: self.factory.cookie,
++        }
++        self.transport.write(method_line +
++                             self.format_headers(headers) +
++                             CRLF)
++
++    def handle_first_line(self, line):
++        """The first line received is the status line."""
++        try:
++            proto_version, self.status_code, description = line.split(" ", 2)
++        except ValueError:
++            self.transport.loseConnection()
++
++    def headers_done(self):
++        """All the headers have arrived. Time to switch protocols."""
++        remaining_data = self.clearLineBuffer()
++        if self.status_code != "200":
++            self.transport.loseConnection()
++            return
++        addr = self.transport.getPeer()
++        other_protocol = self.factory.other_factory.buildProtocol(addr)
++        self.transport.protocol = other_protocol
++        other_protocol.transport = self.transport
++        self.transport = None
++        if self.factory.context_factory:
++            other_protocol.transport.startTLS(self.factory.context_factory)
++        other_protocol.connectionMade()
++        if remaining_data:
++            other_protocol.dataReceived(remaining_data)
++
++
++class TunnelClientFactory(protocol.ClientFactory):
++    """A factory for Tunnel Client Protocols."""
++
++    protocol = TunnelClientProtocol
++
++    def __init__(self, tunnel_host, tunnel_port, other_factory, cookie,
++                 context_factory=None):
++        """Initialize this factory."""
++        self.tunnel_host = tunnel_host
++        self.tunnel_port = tunnel_port
++        self.other_factory = other_factory
++        self.context_factory = context_factory
++        self.cookie = cookie
++
++    def startedConnecting(self, connector):
++        """Forward this call to the other factory."""
++        self.other_factory.startedConnecting(connector)
++
++    def clientConnectionFailed(self, connector, reason):
++        """Forward this call to the other factory."""
++        self.other_factory.clientConnectionFailed(connector, reason)
++
++    def clientConnectionLost(self, connector, reason):
++        """Forward this call to the other factory."""
++        self.other_factory.clientConnectionLost(connector, reason)
++
++
++class TunnelClient(object):
++    """A client for the proxy tunnel."""
++
++    def __init__(self, tunnel_host, tunnel_port, cookie):
++        """Initialize this client."""
++        self.tunnel_host = tunnel_host
++        self.tunnel_port = tunnel_port
++        self.cookie = cookie
++
++    def connectTCP(self, host, port, factory, *args, **kwargs):
++        """A connectTCP going thru the tunnel."""
++        logger.info("Connecting (TCP) to %r:%r via tunnel at %r:%r",
++                    host, port, self.tunnel_host, self.tunnel_port)
++        tunnel_factory = TunnelClientFactory(host, port, factory, self.cookie)
++        return reactor.connectTCP(self.tunnel_host, self.tunnel_port,
++                                  tunnel_factory, *args, **kwargs)
++
++    def connectSSL(self, host, port, factory,
++                   contextFactory, *args, **kwargs):
++        """A connectSSL going thru the tunnel."""
++        logger.info("Connecting (SSL) to %r:%r via tunnel at %r:%r",
++                    host, port, self.tunnel_host, self.tunnel_port)
++        tunnel_factory = TunnelClientFactory(host, port, factory, self.cookie,
++                                      contextFactory)
++        return reactor.connectTCP(self.tunnel_host, self.tunnel_port,
++                                  tunnel_factory, *args, **kwargs)
++
++
++class TunnelProcessProtocol(protocol.ProcessProtocol):
++    """The dialog thru stdout with the tunnel server."""
++
++    timeout = 5
++
++    def __init__(self, client_d):
++        """Initialize this protocol."""
++        self.client_d = client_d
++        self.timer = None
++        self.port = None
++        self.cookie = None
++
++    def connectionMade(self):
++        """The process has started, start a timer."""
++        logger.info("Tunnel process started.")
++        self.timer = reactor.callLater(self.timeout, self.process_timeouted)
++
++    def process_timeouted(self):
++        """The process took too long to reply."""
++        if not self.client_d.called:
++            logger.info("Timeout while waiting for tunnel process.")
++            self.client_d.callback(reactor)
++
++    def finish_timeout(self):
++        """Stop the timer from firing."""
++        if self.timer and self.timer.active():
++            self.timer.cancel()
++
++    def processExited(self, status):
++        """The tunnel process has exited with some error code."""
++        self.finish_timeout()
++        logger.info("Tunnel process exit status %r.", status)
++        if not self.client_d.called:
++            self.client_d.callback(reactor)
++
++    def outReceived(self, data):
++        """Receive the port number."""
++        if self.client_d.called:
++            return
++
++        for line in data.split("\n"):
++            if line.startswith(TUNNEL_PORT_LABEL):
++                _header, port = line.split(":", 1)
++                self.port = int(port.strip())
++            if line.startswith(TUNNEL_COOKIE_LABEL):
++                _header, cookie = line.split(":", 1)
++                self.cookie = cookie.strip()
++
++        if self.port and self.cookie:
++            logger.info("Tunnel process listening on port %r.", self.port)
++            client = TunnelClient(LOCALHOST, self.port, self.cookie)
++            self.client_d.callback(client)
 === added file 'ubuntuone/proxy/tunnel_server.py'
 --- ubuntuone/proxy/tunnel_server.py	1970-01-01 00:00:00 +0000
 +++ ubuntuone/proxy/tunnel_server.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,376 @@
++# -*- coding: utf8 -*-
++#
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""A tunnel through proxies.
++
++The layers in a tunneled proxied connection:
++
++↓ tunnelclient - initiates tcp to tunnelserver, request outward connection
++↕ client protocol - started after the tunneclient gets connected
++---process boundary---
++↕ tunnelserver - creates a tunnel instance per incoming connection
++↕ tunnel - hold a qtcpsocket to tunnelclient, and srvtunnelproto to the remote
++↕ servertunnelprotocol - gets CONNECT from tunnelclient, creates a remotesocket
++↕ remotesocket - connects to the destination server via a proxy
++↕ proxy server - goes thru firewalls
++↑ server - dialogues with the client protocol
++
++"""
++
++import sys
++import uuid
++
++from PyQt4.QtCore import QCoreApplication, QTimer
++from PyQt4.QtNetwork import (
++    QAbstractSocket,
++    QHostAddress,
++    QNetworkProxy,
++    QNetworkProxyQuery,
++    QNetworkProxyFactory,
++    QTcpServer,
++    QTcpSocket,
++)
++from twisted.internet import defer, interfaces
++from zope.interface import implements
++
++from ubuntu_sso.keyring import Keyring
++from ubuntu_sso.utils.webclient import gsettings
++from ubuntuone.proxy.common import (
++    BaseTunnelProtocol,
++    CRLF,
++    TUNNEL_COOKIE_HEADER,
++    TUNNEL_COOKIE_LABEL,
++    TUNNEL_PORT_LABEL,
++)
++from ubuntuone.proxy.logger import logger
++
++DEFAULT_CODE = 500
++DEFAULT_DESCRIPTION = "Connection error"
++
++
++class ConnectionError(Exception):
++    """The client failed connecting to the destination."""
++
++    def __init__(self, code=DEFAULT_CODE, description=DEFAULT_DESCRIPTION):
++        self.code = code
++        self.description = description
++
++
++class ProxyAuthenticationError(ConnectionError):
++    """Credentials mismatch going thru a proxy."""
++
++
++def build_proxy(settings_groups):
++    """Create a QNetworkProxy from these settings."""
++    proxy_groups = [
++        ("socks", QNetworkProxy.Socks5Proxy),
++        ("https", QNetworkProxy.HttpProxy),
++        ("http", QNetworkProxy.HttpProxy),
++    ]
++    for group, proxy_type in proxy_groups:
++        if group not in settings_groups:
++            continue
++        settings = settings_groups[group]
++        if "host" in settings and "port" in settings:
++            return QNetworkProxy(proxy_type,
++                                 hostName=settings.get("host", ""),
++                                 port=settings.get("port", 0),
++                                 user=settings.get("username", ""),
++                                 password=settings.get("password", ""))
++    logger.error("No proxy correctly configured.")
++    return QNetworkProxy(QNetworkProxy.DefaultProxy)
++
++
++class RemoteSocket(QTcpSocket):
++    """A dumb connection through a proxy to a destination hostport."""
++
++    def __init__(self, tunnel_protocol):
++        """Initialize this object."""
++        super(RemoteSocket, self).__init__()
++        self.protocol = tunnel_protocol
++        self.connected_d = defer.Deferred()
++        self.connected.connect(self.handle_connected)
++        self.proxyAuthenticationRequired.connect(self.handle_auth_required)
++        self.buffered_data = []
++
++    def handle_connected(self):
++        """When connected, send all pending data."""
++        self.disconnected.connect(self.handle_disconnected)
++        self.connected_d.callback(None)
++        for d in self.buffered_data:
++            logger.debug("writing remote: %d bytes", len(d))
++            super(RemoteSocket, self).write(d)
++        self.buffered_data = []
++
++    def handle_disconnected(self):
++        """Do something with disconnections."""
++        logger.debug("Remote socket disconnected")
++        self.protocol.remote_disconnected()
++
++    def write(self, data):
++        """Write data to the remote end, buffering if not connected."""
++        if self.state() == QAbstractSocket.ConnectedState:
++            logger.debug("writing remote: %d bytes", len(data))
++            super(RemoteSocket, self).write(data)
++        else:
++            self.buffered_data.append(data)
++
++    def connect(self, hostport):
++        """Try to establish the connection to the remote end."""
++        host, port = hostport.split(":")
++
++        try:
++            port = int(port)
++        except ValueError:
++            raise ConnectionError(400, "Destination port must be an integer.")
++
++        self.readyRead.connect(self.handle_ready_read)
++        self.error.connect(self.handle_error)
++        self.connectToHost(host, port)
++
++        return self.connected_d
++
++    def handle_auth_required(self, proxy, authenticator):
++        """Handle the proxyAuthenticationRequired signal."""
++        self.protocol.proxy_auth_required(proxy, authenticator)
++
++    def handle_error(self, socket_error):
++        """Some error happened while connecting."""
++        error_description = "%s (%d)" % (self.errorString(), socket_error)
++        logger.error("connection error: %s", error_description)
++        if self.connected_d.called:
++            return
++
++        if socket_error == self.ProxyAuthenticationRequiredError:
++            error = ProxyAuthenticationError(407, error_description)
++        else:
++            error = ConnectionError(500, error_description)
++
++        self.connected_d.errback(error)
++
++    def handle_ready_read(self):
++        """Forward data from the remote end to the parent protocol."""
++        data = self.readAll()
++        self.protocol.response_data_received(data)
++
++    @defer.inlineCallbacks
++    def stop(self):
++        """Finish and cleanup."""
++        self.disconnectFromHost()
++        while self.state() != self.UnconnectedState:
++            d = defer.Deferred()
++            QTimer.singleShot(100, lambda: d.callback(None))
++            yield d
++
++
++class ServerTunnelProtocol(BaseTunnelProtocol):
++    """CONNECT sever protocol for tunnelling connections."""
++
++    def __init__(self, client_class):
++        """Initialize this protocol."""
++        BaseTunnelProtocol.__init__(self)
++        self.hostport = ""
++        self.client = None
++        self.client_class = client_class
++        self.proxy_credentials = None
++        self.proxy_domain = None
++
++    def error_response(self, code, description):
++        """Write a response with an error, and disconnect."""
++        self.write_transport("HTTP/1.0 %d %s" % (code, description) + CRLF * 2)
++        self.transport.loseConnection()
++        if self.client:
++            self.client.stop()
++        self.clearLineBuffer()
++
++    def write_transport(self, data):
++        """Write a response in the transport."""
++        self.transport.write(data)
++
++    def proxy_auth_required(self, proxy, authenticator):
++        """Proxy authentication is required."""
++        logger.info("auth_required %r, %r, %r", self.proxy_credentials,
++                    proxy.hostName(), self.proxy_domain)
++        if self.proxy_credentials and proxy.hostName() == self.proxy_domain:
++            logger.info("Credentials added to authenticator: %r.",
++                        self.proxy_credentials)
++            authenticator.setUser(self.proxy_credentials["username"])
++            authenticator.setPassword(self.proxy_credentials["password"])
++        else:
++            logger.info("Credentials needed, but none available.")
++            self.proxy_domain = proxy.hostName()
++
++    def handle_first_line(self, line):
++        """Special handling for the first line received."""
++        try:
++            method, hostport, proto_version = line.split(" ", 2)
++            if proto_version != "HTTP/1.0":
++                self.error_response(505, "HTTP Version Not Supported")
++                return
++            if method != "CONNECT":
++                self.error_response(405, "Only the CONNECT method is allowed")
++                return
++            self.hostport = hostport
++        except ValueError:
++            self.error_response(400, "Bad request")
++
++    def verify_cookie(self):
++        """Fail if the cookie is wrong or missing."""
++        cookie_received = dict(self.received_headers).get(TUNNEL_COOKIE_HEADER)
++        if cookie_received != self.transport.cookie:
++            raise ConnectionError(418, "Please see RFC 2324")
++
++    @defer.inlineCallbacks
++    def headers_done(self):
++        """An empty line was received, start connecting and switch mode."""
++        try:
++            self.verify_cookie()
++            try:
++                logger.info("Connecting once")
++                self.client = self.client_class(self)
++                yield self.client.connect(self.hostport)
++            except ProxyAuthenticationError:
++                if not self.proxy_domain:
++                    logger.info("No proxy domain defined")
++                    raise
++
++                credentials = yield Keyring().get_credentials(
++                                                str(self.proxy_domain))
++                if "username" in credentials:
++                    self.proxy_credentials = credentials
++                logger.info("Connecting again with keyring credentials")
++                self.client = self.client_class(self)
++                yield self.client.connect(self.hostport)
++                logger.info("Connected with keyring credentials")
++
++            response_headers = {
++                "Server": "Ubuntu One proxy tunnel",
++            }
++            self.write_transport("HTTP/1.0 200 Proxy connection established" +
++                                 CRLF + self.format_headers(response_headers) +
++                                 CRLF)
++        except ConnectionError as e:
++            logger.exception("Connection error")
++            self.error_response(e.code, e.description)
++        except Exception:
++            logger.exception("Unhandled problem while connecting")
++
++    def rawDataReceived(self, data):
++        """Tunnel all raw data straight to the other side."""
++        self.client.write(data)
++
++    def response_data_received(self, data):
++        """Return data coming from the other side."""
++        self.write_transport(data)
++
++
++class Tunnel(object):
++    """An instance of a running tunnel."""
++
++    implements(interfaces.ITransport)
++
++    def __init__(self, local_socket, cookie):
++        """Initialize this Tunnel instance."""
++        self.cookie = cookie
++        self.disconnecting = False
++        self.local_socket = local_socket
++        self.protocol = ServerTunnelProtocol(RemoteSocket)
++        self.protocol.transport = self
++        local_socket.readyRead.connect(self.server_ready_read)
++        local_socket.disconnected.connect(self.local_disconnected)
++
++    def server_ready_read(self):
++        """Data available on the local end. Move it forward."""
++        data = bytes(self.local_socket.readAll())
++        self.protocol.dataReceived(data)
++
++    def write(self, data):
++        """Data available on the remote end. Bring it back."""
++        logger.debug("writing local: %d bytes", len(data))
++        self.local_socket.write(data)
++
++    def loseConnection(self):
++        """The remote end disconnected."""
++        logger.debug("disconnecting local end.")
++        self.local_socket.close()
++
++    def local_disconnected(self):
++        """The local end disconnected."""
++        logger.debug("The local socket got disconnected.")
++        # TODO: handle this case in an upcoming branch
++
++
++class TunnelServer(object):
++    """A server for tunnel instances."""
++
++    def __init__(self, cookie):
++        """Initialize this tunnel instance."""
++        self.tunnels = []
++        self.cookie = cookie
++        self.server = QTcpServer(QCoreApplication.instance())
++        self.server.newConnection.connect(self.new_connection)
++        self.server.listen(QHostAddress.LocalHost, 0)
++        logger.info("Starting tunnel server at port %d", self.port)
++
++    def new_connection(self):
++        """On a new connection create a new tunnel instance."""
++        logger.info("New connection made")
++        local_socket = self.server.nextPendingConnection()
++        tunnel = Tunnel(local_socket, self.cookie)
++        self.tunnels.append(tunnel)
++
++    def shutdown(self):
++        """Terminate every connection."""
++        # TODO: handle this gracefully in an upcoming branch
++
++    @property
++    def port(self):
++        """The port where this server listens."""
++        return self.server.serverPort()
++
++
++def check_proxy_enabled(host, port):
++    """Check if the proxy is enabled."""
++    port = int(port)
++    if sys.platform.startswith("linux"):
++        settings = gsettings.get_proxy_settings()
++        enabled = len(settings) > 0
++        if enabled:
++            proxy = build_proxy(settings)
++            QNetworkProxy.setApplicationProxy(proxy)
++        else:
++            logger.info("Proxy is disabled.")
++        return enabled
++    else:
++        query = QNetworkProxyQuery(host, port)
++        proxies = QNetworkProxyFactory.systemProxyForQuery(query)
++        return len(proxies) and proxies[0].type() != QNetworkProxy.DefaultProxy
++
++
++def main(argv):
++    """The main function for the tunnel server."""
++    if not check_proxy_enabled(*argv[1:]):
++        sys.stdout.write("Proxy not enabled.")
++        sys.stdout.flush()
++    else:
++        from dbus.mainloop.qt import DBusQtMainLoop
++        DBusQtMainLoop(set_as_default=True)
++        app = QCoreApplication(argv)
++        cookie = str(uuid.uuid4())
++        tunnel_server = TunnelServer(cookie)
++        sys.stdout.write("%s: %d\n" % (TUNNEL_PORT_LABEL, tunnel_server.port) +
++                         "%s: %s\n" % (TUNNEL_COOKIE_LABEL, cookie))
++        sys.stdout.flush()
++        app.exec_()
 === modified file 'ubuntuone/syncdaemon/action_queue.py'
 --- ubuntuone/syncdaemon/action_queue.py	2012-02-09 21:57:00 +0000
 +++ ubuntuone/syncdaemon/action_queue.py	2012-03-20 23:05:30 +0000
@@ -31,19 +31,18 @@
  from collections import deque, defaultdict
  from functools import partial
  from urllib import urlencode
--from urllib2 import urlopen, Request, HTTPError
  from urlparse import urljoin
  import OpenSSL.SSL
  from zope.interface import implements
--from twisted.internet import reactor, defer, threads, task
++from twisted.internet import reactor, defer, task
  from twisted.internet import error as twisted_errors
  from twisted.names import client as dns_client
  from twisted.python.failure import Failure, DefaultException
  from oauth import oauth
--from ubuntu_sso.utils import timestamp_checker
++from ubuntu_sso.utils.webclient import txweb
  from ubuntuone import clientdefs
  from ubuntuone.platform import platform, remove_file
  from ubuntuone.storageprotocol import protocol_pb2, content_hash
@@ -57,6 +56,7 @@
  from ubuntuone.syncdaemon.logger import mklog, TRACE
  from ubuntuone.syncdaemon.volume_manager import ACCESS_LEVEL_RW
  from ubuntuone.syncdaemon import config, offload_queue
++from ubuntuone.syncdaemon import tunnel_runner
  logger = logging.getLogger("ubuntuone.SyncDaemon.ActionQueue")
@@ -684,6 +684,8 @@
          # credentials
          self.token = None
          self.consumer = None
++        self.credentials = None
++        self.webclient = None
          self.client = None  # an instance of self.protocol
@@ -699,6 +701,7 @@
          self.zip_queue = ZipQueue()
          self.conditions_locker = ConditionsLocker()
          self.disk_queue = offload_queue.OffloadQueue()
++        self.tunnel_runner = tunnel_runner.TunnelRunner(self.host, self.port)
          self.estimated_free_space = {}
          event_queue.subscribe(self)
@@ -728,6 +731,7 @@
      def handle_SYS_USER_CONNECT(self, access_token):
          """Stow the access token away for later use."""
++        self.credentials = access_token
          self.token = oauth.OAuthToken(access_token['token'],
                                        access_token['token_secret'])
          self.consumer = oauth.OAuthConsumer(access_token['consumer_key'],
@@ -816,16 +820,37 @@
          else:
              return defer.succeed((self.host, self.port))
++
++    @defer.inlineCallbacks
++    def webcall(self, iri, **kwargs):
++        """Perform a web call to the api servers."""
++        webclient = yield self.get_webclient()
++        response = yield webclient.request(iri,
++                             oauth_credentials=self.credentials, **kwargs)
++        defer.returnValue(response)
++
++    @defer.inlineCallbacks
++    def get_webclient(self):
++        """Get the webclient, creating it if needed."""
++        if self.webclient is None:
++            client = yield self.tunnel_runner.get_client()
++            self.webclient = txweb.WebClient(connector=client,
++                                             appname="Ubuntu One",
++                                             oauth_sign_plain=True)
++        defer.returnValue(self.webclient)
++
++    @defer.inlineCallbacks
      def _make_connection(self, result):
          """Do the real connect call."""
          host, port = result
          ssl_context = get_ssl_context(self.disable_ssl_verify)
++        client = yield self.tunnel_runner.get_client()
          if self.use_ssl:
--            self.connector = reactor.connectSSL(host, port, factory=self,
++            self.connector = client.connectSSL(host, port, factory=self,
                                              contextFactory=ssl_context,
                                              timeout=self.connection_timeout)
          else:
--            self.connector = reactor.connectTCP(host, port, self,
++            self.connector = client.connectTCP(host, port, self,
                                              timeout=self.connection_timeout)
      def connect(self):
@@ -1774,36 +1799,23 @@
          if share_to and re.match(EREGEX, share_to):
              self.use_http = True
++    @defer.inlineCallbacks
      def _create_share_http(self, node_id, user, name, read_only):
          """Create a share using the HTTP Web API method."""
--        url = "https://one.ubuntu.com/files/api/offer_share/"
--        method = oauth.OAuthSignatureMethod_PLAINTEXT()
--        timestamp = timestamp_checker.get_faithful_time()
--        parameters = {"oauth_timestamp": timestamp}
--        request = oauth.OAuthRequest.from_consumer_and_token(
--            http_url=url,
--            http_method="POST",
--            parameters=parameters,
--            oauth_consumer=self.action_queue.consumer,
--            token=self.action_queue.token)
--        request.sign_request(method, self.action_queue.consumer,
--                             self.action_queue.token)
++        iri = u"https://one.ubuntu.com/files/api/offer_share/"
          data = dict(offer_to_email=user,
                      read_only=read_only,
                      node_id=node_id,
                      share_name=name)
          pdata = urlencode(data)
--        headers = request.to_header()
--        req = Request(url, pdata, headers)
--        urlopen(req)
++        yield self.action_queue.webcall(iri, method="POST", post_content=pdata)
      def _run(self):
          """Do the actual running."""
          if self.use_http:
              # External user, do the HTTP REST method
--            return threads.deferToThread(self._create_share_http,
--                                         self.node_id, self.share_to,
++            return self._create_share_http(self.node_id, self.share_to,
                                           self.name,
                                           self.access_level != ACCESS_LEVEL_RW)
          else:
@@ -1827,7 +1839,7 @@
          """It didn't work! Push the event."""
          self.action_queue.event_queue.push('AQ_CREATE_SHARE_ERROR',
                                             marker=self.marker,
--                                           error=failure.getErrorMessage())
++                                           error=failure.value[1])
      def _acquire_pathlock(self):
          """Acquire pathlock."""
@@ -2109,6 +2121,7 @@
          self.node_id = node_id
          self.is_public = is_public
++    @defer.inlineCallbacks
      def _change_public_access_http(self):
          """Change public access using the HTTP Web API method."""
@@ -2119,28 +2132,16 @@
                  base64.urlsafe_b64encode(self.share_id.bytes).strip("="),
                  node_key)
--        url = "https://one.ubuntu.com/files/api/set_public/%s" % (node_key,)
--        method = oauth.OAuthSignatureMethod_PLAINTEXT()
--        timestamp = timestamp_checker.get_faithful_time()
--        parameters = {"oauth_timestamp": timestamp}
--        request = oauth.OAuthRequest.from_consumer_and_token(
--            http_url=url,
--            http_method="POST",
--            parameters=parameters,
--            oauth_consumer=self.action_queue.consumer,
--            token=self.action_queue.token)
--        request.sign_request(method, self.action_queue.consumer,
--                             self.action_queue.token)
++        iri = u"https://one.ubuntu.com/files/api/set_public/%s" % (node_key,)
          data = dict(is_public=bool(self.is_public))
          pdata = urlencode(data)
--        headers = request.to_header()
--        req = Request(url, pdata, headers)
--        response = urlopen(req)
--        return simplejson.load(response)
++        response = yield self.action_queue.webcall(iri, method="POST",
++                                                   post_content=pdata)
++        defer.returnValue(simplejson.loads(response.content))
      def _run(self):
          """See ActionQueueCommand."""
--        return threads.deferToThread(self._change_public_access_http)
++        return self._change_public_access_http()
      def handle_success(self, success):
          """See ActionQueueCommand."""
@@ -2152,51 +2153,36 @@
      def handle_failure(self, failure):
          """It didn't work! Push the event."""
--        if issubclass(failure.type, HTTPError):
--            message = failure.value.read()
--        else:
--            message = failure.getErrorMessage()
          self.action_queue.event_queue.push('AQ_CHANGE_PUBLIC_ACCESS_ERROR',
                                             share_id=self.share_id,
                                             node_id=self.node_id,
--                                           error=message)
++                                           error=failure.value[1])
  class GetPublicFiles(ActionQueueCommand):
      """Get the list of public files."""
--    __slots__ = ('_url',)
++    __slots__ = ('_iri',)
      logged_attrs = ActionQueueCommand.logged_attrs + __slots__
--    def __init__(self, request_queue, base_url='https://one.ubuntu.com'):
++    def __init__(self, request_queue, base_iri=u'https://one.ubuntu.com'):
          super(GetPublicFiles, self).__init__(request_queue)
--        self._url = urljoin(base_url, 'files/api/public_files')
++        self._iri = urljoin(base_iri, u'files/api/public_files')
++    @defer.inlineCallbacks
      def _get_public_files_http(self):
          """Get public files list using the HTTP Web API method."""
--        method = oauth.OAuthSignatureMethod_PLAINTEXT()
--        timestamp = timestamp_checker.get_faithful_time()
--        parameters = {"oauth_timestamp": timestamp}
--        request = oauth.OAuthRequest.from_consumer_and_token(
--            http_url=self._url,
--            http_method="GET",
--            parameters=parameters,
--            oauth_consumer=self.action_queue.consumer,
--            token=self.action_queue.token)
--        request.sign_request(method, self.action_queue.consumer,
--                             self.action_queue.token)
--        headers = request.to_header()
--        req = Request(self._url, headers=headers)
--        response = urlopen(req)
--        files = simplejson.load(response)
++        response = yield self.action_queue.webcall(self._iri, method="GET")
++
++        files = simplejson.loads(response.content)
          # translate nodekeys to (volume_id, node_id)
          for pf in files:
              _, node_id = self.split_nodekey(pf.pop('nodekey'))
              volume_id = pf['volume_id']
              pf['volume_id'] = '' if volume_id is None else volume_id
              pf['node_id'] = node_id
--        return files
++        defer.returnValue(files)
      @property
      def uniqueness(self):
@@ -2209,7 +2195,7 @@
      def _run(self):
          """See ActionQueueCommand."""
--        return threads.deferToThread(self._get_public_files_http)
++        return self._get_public_files_http()
      def handle_success(self, success):
          """See ActionQueueCommand."""
@@ -2218,12 +2204,8 @@
      def handle_failure(self, failure):
          """It didn't work! Push the event."""
--        if issubclass(failure.type, HTTPError):
--            message = failure.value.read()
--        else:
--            message = failure.getErrorMessage()
          self.action_queue.event_queue.push('AQ_PUBLIC_FILES_LIST_ERROR',
--                                           error=message)
++                                           error=failure.value[1])
      def split_nodekey(self, nodekey):
          """Split a node key into a share_id, node_id."""
 === added file 'ubuntuone/syncdaemon/tunnel_runner.py'
 --- ubuntuone/syncdaemon/tunnel_runner.py	1970-01-01 00:00:00 +0000
 +++ ubuntuone/syncdaemon/tunnel_runner.py	2012-03-20 23:05:30 +0000
@@ -0,0 +1,78 @@
++# -*- coding: utf8 -*-
++#
++# Copyright 2012 Canonical Ltd.
++#
++# This program is free software: you can redistribute it and/or modify it
++# under the terms of the GNU General Public License version 3, as published
++# by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranties of
++# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++# PURPOSE.  See the GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License along
++# with this program.  If not, see <http://www.gnu.org/licenses/>.
++"""Run the tunnel process and start a client, with a reactor as a fallback."""
++
++import logging
++import sys
++
++from os import path
++
++from twisted.internet import defer, reactor
++
++from ubuntuone.platform.constants import TUNNEL_EXECUTABLE
++
++logger = logging.getLogger("ubuntuone.SyncDaemon.TunnelRunner")
++
++
++class TunnelRunner(object):
++    """Run a tunnel process."""
++
++    def __init__(self, host, port):
++        """Start this runner instance."""
++        self.client_d = defer.Deferred()
++        try:
++            self.start_process(host, port)
++        except ImportError:
++            logger.info("Proxy support not installed.")
++            self.client_d.callback(reactor)
++
++    def start_process(self, host, port):
++        """Start the tunnel process."""
++        from ubuntuone.proxy.tunnel_client import TunnelProcessProtocol
++        protocol = TunnelProcessProtocol(self.client_d)
++        process_path = self.get_process_path()
++        args = [TUNNEL_EXECUTABLE, host, str(port)]
++        reactor.spawnProcess(protocol, process_path, env=None, args=args)
++
++    def get_process_path(self):
++        """Get the path to the tunnel process."""
++        # In a frozen setting, all binaries are in the same path
++        if getattr(sys, "frozen", None) is not None:
++            return path.join(path.dirname(
++                path.abspath(sys.executable)), TUNNEL_EXECUTABLE)
++
++        # This works when we are running from sources
++        filename = path.join(path.dirname(__file__), "..", "..", "bin",
++                             TUNNEL_EXECUTABLE)
++        if path.isfile(filename):
++            return filename
++
++        # Use the configured LIBEXECDIR
++        from ubuntuone.clientdefs import LIBEXECDIR
++        return path.join(LIBEXECDIR, TUNNEL_EXECUTABLE)
++
++    def get_client(self):
++        """A deferred with the reactor or a tunnel client."""
++
++        def client_selected(result, d):
++            """The tunnel_client or the reactor were selected."""
++            d.callback(result)
++            # make sure the result is available for next callback
++            return result
++
++        d = defer.Deferred()
++        self.client_d.addCallback(client_selected, d)
++        return d

Ubuntu One Client

Merge lp:~nataliabidart/ubuntuone-client/stable-3-0-update-2.99.91 into lp:ubuntuone-client/stable-3-0

Commit Message

Description of the Change

Preview Diff

Subscribers