Ubuntu Push Notifications

Merge lp:~ralsina/ubuntu-push/merge-automatic into lp:ubuntu-push

merge-automatic
Merge into trunk

Proposed by Roberto Alsina on 2014-09-10

Status:	Merged
Approved by:	Roberto Alsina on 2014-09-10
Approved revision:	no longer in the source branch.
Merged at revision:	131
Proposed branch:	lp:~ralsina/ubuntu-push/merge-automatic
Merge into:	lp:ubuntu-push
Diff against target:	934 lines (+296/-151) 23 files modified bus/unitygreeter/unitygreeter.go (+52/-0) client/service/postal.go (+14/-0) client/service/postal_test.go (+15/-11) client/session/session_test.go (+4/-25) debian/changelog (+7/-0) docs/example-client/main.qml (+8/-0) docs/example-client/manifest.json (+2/-2) sampleconfigs/dev.json (+1/-1) server/acceptance/acceptance_test.go (+1/-1) server/acceptance/ssl/README (+1/-1) server/acceptance/ssl/testing.cert (+7/-7) server/acceptance/ssl/testing.key (+7/-7) server/acceptance/suites/broadcast.go (+1/-1) server/acceptance/suites/suite.go (+1/-1) server/config_test.go (+12/-11) server/dev/server.go (+2/-2) server/listener/listener.go (+4/-13) server/listener/listener_test.go (+9/-17) server/runner_devices.go (+2/-29) server/runner_http.go (+6/-1) server/runner_test.go (+45/-6) server/tlsconfig.go (+53/-0) testing/tls.go (+42/-15)
To merge this branch:	bzr merge lp:~ralsina/ubuntu-push/merge-automatic
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Roberto Alsina (community)			Approve on 2014-09-10
Review via email: mp+234136@code.launchpad.net

Commit message

Updates from the automatic branch

Description of the change

Updates from the automatic branch

Revision history for this message

Roberto Alsina (ralsina) on 2014-09-10:

review: Approve

lp:~ralsina/ubuntu-push/merge-automatic updated on 2014-09-10

131. By Roberto Alsina on 2014-09-10: Updates from the automatic branch
Approved by: Roberto Alsina

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Roberto Alsina

Stuart Bishop

Ubuntu Push Hackers

 === added directory 'bus/unitygreeter'
 === added file 'bus/unitygreeter/unitygreeter.go'
 --- bus/unitygreeter/unitygreeter.go	1970-01-01 00:00:00 +0000
 +++ bus/unitygreeter/unitygreeter.go	2014-09-10 15:12:43 +0000
@@ -0,0 +1,52 @@
++/*
++ Copyright 2014 Canonical Ltd.
++
++ This program is free software: you can redistribute it and/or modify it
++ under the terms of the GNU General Public License version 3, as published
++ by the Free Software Foundation.
++
++ This program is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranties of
++ MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++ PURPOSE.  See the GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License along
++ with this program.  If not, see <http://www.gnu.org/licenses/>.
++*/
++
++// Package unitygreeter retrieves information about the Unity Greeter
++// using Unity's dbus interface
++package unitygreeter
++
++import (
++	"launchpad.net/ubuntu-push/bus"
++	"launchpad.net/ubuntu-push/logger"
++)
++
++// Well known address for the UnityGreeter API
++var BusAddress bus.Address = bus.Address{
++	Interface: "com.canonical.UnityGreeter",
++	Path:      "/",
++	Name:      "com.canonical.UnityGreeter",
++}
++
++// UnityGreeter encapsulates info needed to call out to the UnityGreeter API
++type UnityGreeter struct {
++	bus bus.Endpoint
++	log logger.Logger
++}
++
++// New returns a new UnityGreeter that'll use the provided bus.Endpoint
++func New(endp bus.Endpoint, log logger.Logger) *UnityGreeter {
++	return &UnityGreeter{endp, log}
++}
++
++// GetUnityGreeter returns the window stack state
++func (greeter *UnityGreeter) IsActive() bool {
++	result, err := greeter.bus.GetProperty("IsActive")
++	if err != nil {
++		greeter.log.Errorf("GetUnityGreeter call returned %v", err)
++		return false
++	}
++	return result.(bool)
++}
 === modified file 'client/service/postal.go'
 --- client/service/postal.go	2014-08-21 19:05:15 +0000
 +++ client/service/postal.go	2014-09-10 15:12:43 +0000
@@ -27,6 +27,7 @@
  	"launchpad.net/ubuntu-push/bus/emblemcounter"
  	"launchpad.net/ubuntu-push/bus/haptic"
  	"launchpad.net/ubuntu-push/bus/notifications"
++	"launchpad.net/ubuntu-push/bus/unitygreeter"
  	"launchpad.net/ubuntu-push/bus/windowstack"
  	"launchpad.net/ubuntu-push/click"
  	"launchpad.net/ubuntu-push/click/cblacklist"
@@ -76,6 +77,7 @@
  	EmblemCounterEndp bus.Endpoint
  	HapticEndp        bus.Endpoint
  	NotificationsEndp bus.Endpoint
++	UnityGreeterEndp  bus.Endpoint
  	WindowStackEndp   bus.Endpoint
  	// presenters:
  	Presenters    []Presenter
@@ -85,6 +87,7 @@
  	sound         *sounds.Sound
  	// the url dispatcher, used for stuff.
  	urlDispatcher urldispatcher.URLDispatcher
++	unityGreeter  *unitygreeter.UnityGreeter
  	windowStack   *windowstack.WindowStack
  	// fallback values for simplified notification usage
  	fallbackVibration *launch_helper.Vibration
@@ -115,6 +118,7 @@
  	svc.NotificationsEndp = bus.SessionBus.Endpoint(notifications.BusAddress, log)
  	svc.EmblemCounterEndp = bus.SessionBus.Endpoint(emblemcounter.BusAddress, log)
  	svc.HapticEndp = bus.SessionBus.Endpoint(haptic.BusAddress, log)
++	svc.UnityGreeterEndp = bus.SessionBus.Endpoint(unitygreeter.BusAddress, log)
  	svc.WindowStackEndp = bus.SessionBus.Endpoint(windowstack.BusAddress, log)
  	svc.msgHandler = svc.messageHandler
  	svc.launchers = launch_helper.DefaultLaunchers(log)
@@ -169,6 +173,7 @@
  	} else {
  		svc.HelperPool = launch_helper.NewHelperPool(svc.launchers, svc.Log)
+ 	}
++	svc.unityGreeter = unitygreeter.New(svc.UnityGreeterEndp, svc.Log)
  	svc.windowStack = windowstack.New(svc.WindowStackEndp, svc.Log)
  	go svc.consumeHelperResults(svc.HelperPool.Start())
@@ -224,6 +229,7 @@
  		{"notifications", svc.NotificationsEndp},
  		{"emblemcounter", svc.EmblemCounterEndp},
  		{"haptic", svc.HapticEndp},
++		{"unitygreeter", svc.UnityGreeterEndp},
  		{"windowstack", svc.WindowStackEndp},
+ 	}
  	for _, endp := range endps {
@@ -414,6 +420,14 @@
  		// no need to log, (it's been logged already)
  		return false
+ 	}
++
++	if output.Notification.Card != nil && output.Notification.Card.Popup {
++		if svc.unityGreeter.IsActive() {
++			// Screen is locked, ensure popup is false
++			output.Notification.Card.Popup = false
++		}
++	}
++
  	if !svc.windowStack.IsAppFocused(app) {
  		if isBlacklisted(app) {
  			svc.Log.Debugf("notification skipped (except emblem counter) because app is blacklisted")
 === modified file 'client/service/postal_test.go'
 --- client/service/postal_test.go	2014-09-01 14:32:51 +0000
 +++ client/service/postal_test.go	2014-09-10 15:12:43 +0000
@@ -161,17 +161,18 @@
+ }
  type postalSuite struct {
--	log          *helpers.TestLogger
--	cfg          *PostalServiceSetup
--	bus          bus.Endpoint
--	notifBus     bus.Endpoint
--	counterBus   bus.Endpoint
--	hapticBus    bus.Endpoint
--	winStackBus  bus.Endpoint
--	fakeLauncher *fakeHelperLauncher
--	getTempDir   func(string) (string, error)
--	oldIsBlisted func(*click.AppId) bool
--	blacklisted  bool
++	log             *helpers.TestLogger
++	cfg             *PostalServiceSetup
++	bus             bus.Endpoint
++	notifBus        bus.Endpoint
++	counterBus      bus.Endpoint
++	hapticBus       bus.Endpoint
++	unityGreeterBus bus.Endpoint
++	winStackBus     bus.Endpoint
++	fakeLauncher    *fakeHelperLauncher
++	getTempDir      func(string) (string, error)
++	oldIsBlisted    func(*click.AppId) bool
++	blacklisted     bool
+ }
  type ualPostalSuite struct {
@@ -194,6 +195,7 @@
  	ps.notifBus = testibus.NewTestingEndpoint(condition.Work(true), condition.Work(true))
  	ps.counterBus = testibus.NewTestingEndpoint(condition.Work(true), condition.Work(true))
  	ps.hapticBus = testibus.NewTestingEndpoint(condition.Work(true), condition.Work(true))
++	ps.unityGreeterBus = testibus.NewTestingEndpoint(condition.Work(true), condition.Work(true), false)
  	ps.winStackBus = testibus.NewTestingEndpoint(condition.Work(true), condition.Work(true), []windowstack.WindowsInfo{})
  	ps.fakeLauncher = &fakeHelperLauncher{ch: make(chan []byte)}
  	ps.blacklisted = false
@@ -226,6 +228,7 @@
  	pst.NotificationsEndp = ps.notifBus
  	pst.EmblemCounterEndp = ps.counterBus
  	pst.HapticEndp = ps.hapticBus
++	pst.UnityGreeterEndp = ps.unityGreeterBus
  	pst.WindowStackEndp = ps.winStackBus
  	pst.launchers = map[string]launch_helper.HelperLauncher{}
  	return pst
@@ -543,6 +546,7 @@
  	svc.EmblemCounterEndp = endp
  	svc.HapticEndp = endp
  	svc.NotificationsEndp = endp
++	svc.UnityGreeterEndp = ps.unityGreeterBus
  	svc.WindowStackEndp = ps.winStackBus
  	svc.launchers = map[string]launch_helper.HelperLauncher{}
  	svc.fallbackVibration = &launch_helper.Vibration{Pattern: []uint32{1}}
 === modified file 'client/session/session_test.go'
 --- client/session/session_test.go	2014-08-26 16:05:28 +0000
 +++ client/session/session_test.go	2014-09-10 15:12:43 +0000
@@ -1489,14 +1489,7 @@
  func (cs *clientSessionSuite) TestDialBadServerName(c *C) {
  	// a borked server name
--	cert, err := tls.X509KeyPair(helpers.TestCertPEMBlock, helpers.TestKeyPEMBlock)
--	c.Assert(err, IsNil)
--	tlsCfg := &tls.Config{
--		Certificates:           []tls.Certificate{cert},
--		SessionTicketsDisabled: true,
--	}
--
--	lst, err := tls.Listen("tcp", "localhost:0", tlsCfg)
++	lst, err := tls.Listen("tcp", "localhost:0", helpers.TestTLSServerConfig)
  	c.Assert(err, IsNil)
  	// advertise
  	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -1541,19 +1534,12 @@
  func (cs *clientSessionSuite) TestDialWorks(c *C) {
  	// happy path thoughts
--	cert, err := tls.X509KeyPair(helpers.TestCertPEMBlock, helpers.TestKeyPEMBlock)
--	c.Assert(err, IsNil)
--	tlsCfg := &tls.Config{
--		Certificates:           []tls.Certificate{cert},
--		SessionTicketsDisabled: true,
--	}
--
--	lst, err := tls.Listen("tcp", "localhost:0", tlsCfg)
++	lst, err := tls.Listen("tcp", "localhost:0", helpers.TestTLSServerConfig)
  	c.Assert(err, IsNil)
  	// advertise
  	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
  		b, err := json.Marshal(map[string]interface{}{
--			"domain": "localhost",
++			"domain": "push-delivery",
  			"hosts":  []string{"nowhere", lst.Addr().String()},
  		})
  		if err != nil {
@@ -1649,14 +1635,7 @@
  func (cs *clientSessionSuite) TestDialWorksDirect(c *C) {
  	// happy path thoughts
--	cert, err := tls.X509KeyPair(helpers.TestCertPEMBlock, helpers.TestKeyPEMBlock)
--	c.Assert(err, IsNil)
--	tlsCfg := &tls.Config{
--		Certificates:           []tls.Certificate{cert},
--		SessionTicketsDisabled: true,
--	}
--
--	lst, err := tls.Listen("tcp", "localhost:0", tlsCfg)
++	lst, err := tls.Listen("tcp", "localhost:0", helpers.TestTLSServerConfig)
  	c.Assert(err, IsNil)
  	sess, err := NewSession(lst.Addr().String(), dialTestConf, "wah", cs.lvls, cs.log)
  	c.Assert(err, IsNil)
 === modified file 'debian/changelog'
 --- debian/changelog	2014-09-08 18:05:12 +0000
 +++ debian/changelog	2014-09-10 15:12:43 +0000
@@ -1,3 +1,10 @@
++ubuntu-push (0.64.1) UNRELEASED; urgency=medium
++
++  [ Roberto Alsina ]
++  * Don't show popups if the screen is locked.
++
++ -- Roberto Alsina <ralsina@yoga>  Wed, 10 Sep 2014 12:08:36 -0300
++
  ubuntu-push (0.64+14.10.20140908-0ubuntu1) utopic; urgency=medium
    [ Roberto Alsina ]
 === modified file 'docs/example-client/main.qml'
 --- docs/example-client/main.qml	2014-09-05 14:40:39 +0000
 +++ docs/example-client/main.qml	2014-09-10 15:12:43 +0000
@@ -46,6 +46,7 @@
          id: nickEdit
          focus: true
          placeholderText: "Your nickname"
++        inputMethodHints: Qt.ImhNoAutoUppercase | Qt.ImhNoPredictiveText | Qt.ImhPreferLowercase
          anchors.left: parent.left
          anchors.right: loginButton.left
          anchors.top: parent.top
@@ -85,6 +86,7 @@
      TextField {
          id: messageEdit
++        inputMethodHints: Qt.ImhNoAutoUppercase | Qt.ImhNoPredictiveText | Qt.ImhPreferLowercase
          anchors.right: parent.right
          anchors.left: parent.left
          anchors.top: nickEdit.bottom
@@ -223,6 +225,7 @@
                      text: "Enable Notifications"
                      control: Switch {
                          id: annoyingSwitch
++                        checked: true
+                     }
+                 }
                  ListItem.Standard {
@@ -230,6 +233,7 @@
                      enabled: annoyingSwitch.checked
                      control: Switch {
                          id: popupSwitch
++                        checked: true
+                     }
+                 }
                  ListItem.Standard {
@@ -237,6 +241,7 @@
                      enabled: annoyingSwitch.checked
                      control: Switch {
                          id: persistSwitch
++                        checked: true
+                     }
+                 }
                  ListItem.Standard {
@@ -244,6 +249,7 @@
                      enabled: annoyingSwitch.checked
                      control: Switch {
                          id: soundSwitch
++                        checked: true
+                     }
+                 }
                  ListItem.Standard {
@@ -251,6 +257,7 @@
                      enabled: annoyingSwitch.checked
                      control: Switch {
                          id: vibrateSwitch
++                        checked: true
+                     }
+                 }
                  ListItem.Standard {
@@ -258,6 +265,7 @@
                      enabled: annoyingSwitch.checked
                      control: Slider {
                          id: counterSlider
++                        value: 42
+                     }
+                 }
+             }
 === modified file 'docs/example-client/manifest.json'
 --- docs/example-client/manifest.json	2014-09-05 14:40:39 +0000
 +++ docs/example-client/manifest.json	2014-09-10 15:12:43 +0000
@@ -14,6 +14,6 @@
      },
      "maintainer": "Roberto Alsina <roberto.alsina@canonical.com>",
      "name": "com.ubuntu.developer.ralsina.hello",
--    "title": "ubuntu-push-example",
--    "version": "0.4"
++    "title": "Hello",
++    "version": "0.4.2"
+ }
 === modified file 'sampleconfigs/dev.json'
 --- sampleconfigs/dev.json	2014-07-15 17:14:07 +0000
 +++ sampleconfigs/dev.json	2014-09-10 15:12:43 +0000
@@ -10,5 +10,5 @@
      "http_read_timeout": "5s",
      "http_write_timeout": "5s",
      "max_notifications_per_app": 25,
--    "delivery_domain": "localhost"
++    "delivery_domain": "push-delivery"
+ }
 === modified file 'server/acceptance/acceptance_test.go'
 --- server/acceptance/acceptance_test.go	2014-05-02 09:56:49 +0000
 +++ server/acceptance/acceptance_test.go	2014-09-10 15:12:43 +0000
@@ -34,7 +34,7 @@
  	cfg := make(map[string]interface{})
  	suites.FillServerConfig(cfg, addr)
  	suites.FillHTTPServerConfig(cfg, httpAddr)
--	cfg["delivery_domain"] = "localhost"
++	cfg["delivery_domain"] = "push-delivery"
  	return cfg
+ }
 === modified file 'server/acceptance/ssl/README'
 --- server/acceptance/ssl/README	2014-02-21 16:17:28 +0000
 +++ server/acceptance/ssl/README	2014-09-10 15:12:43 +0000
@@ -3,6 +3,6 @@
  Generated with:
--  go run /usr/lib/go/src/pkg/crypto/tls/generate_cert.go -ca -host localhost -rsa-bits 512 -duration 87600h
++  go run /usr/lib/go/src/pkg/crypto/tls/generate_cert.go -ca -host push-delivery -rsa-bits 512 -duration 87600h
  and then renamed.
 === modified file 'server/acceptance/ssl/testing.cert'
 --- server/acceptance/ssl/testing.cert	2014-01-14 15:35:20 +0000
 +++ server/acceptance/ssl/testing.cert	2014-09-10 15:12:43 +0000
@@ -1,10 +1,10 @@
  -----BEGIN CERTIFICATE-----
  MIIBYzCCAQ+gAwIBAgIBADALBgkqhkiG9w0BAQUwEjEQMA4GA1UEChMHQWNtZSBD
--bzAeFw0xMzEyMTkyMDU1NDNaFw0yMzEyMTcyMDU1NDNaMBIxEDAOBgNVBAoTB0Fj
--bWUgQ28wWjALBgkqhkiG9w0BAQEDSwAwSAJBAPw+niki17X2qALE2A2AzE1q5dvK
--9CI4OduRtT9IgbFLC6psqAT21NA+QbY17nWSSpyP65zkMkwKXrbDzstwLPkCAwEA
--AaNUMFIwDgYDVR0PAQH/BAQDAgCkMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1Ud
--EwEB/wQFMAMBAf8wGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/AAABMAsGCSqGSIb3
--DQEBBQNBAFqiVI+Km2XPSO+pxITaPvhmuzg+XG3l1+2di3gL+HlDobocjBqRctRU
--YySO32W07acjGJmCHUKpCJuq9X8hpmk=
++bzAeFw0xNDA4MjkxMjQyMDFaFw0yNDA4MjYxMjQyMDFaMBIxEDAOBgNVBAoTB0Fj
++bWUgQ28wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA1FT6lkow0eky+Dnj2Z4nTrTF
++DgcKOt9Wr4B4gRH1bWmRqScOPxyHA5YodN7O1w8X8sdWko9puf59I1sWWr5LNwID
++AQABo1IwUDAOBgNVHQ8BAf8EBAMCAKQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD
++VR0TAQH/BAUwAwEB/zAYBgNVHREEETAPgg1wdXNoLWRlbGl2ZXJ5MAsGCSqGSIb3
++DQEBBQNBABtWCdMFkhIO8+oM3vugOWle9WJZ1FCRWD+cMl76mI1lhmNF4lvEZG47
++xUjekA1+heU39WpOEzZSybrOdiEaGbI=
  -----END CERTIFICATE-----
 === modified file 'server/acceptance/ssl/testing.key'
 --- server/acceptance/ssl/testing.key	2014-01-14 15:35:20 +0000
 +++ server/acceptance/ssl/testing.key	2014-09-10 15:12:43 +0000
@@ -1,9 +1,9 @@
  -----BEGIN RSA PRIVATE KEY-----
--MIIBPAIBAAJBAPw+niki17X2qALE2A2AzE1q5dvK9CI4OduRtT9IgbFLC6psqAT2
--1NA+QbY17nWSSpyP65zkMkwKXrbDzstwLPkCAwEAAQJAKwXbIBULScP6QA6m8xam
--wgWbkvN41GVWqPafPV32kPBvKwSc+M1e+JR7g3/xPZE7TCELcfYi4yXEHZZI3Pbh
--oQIhAP/UsgJbsfH1GFv8Y8qGl5l/kmwwkwHhuKvEC87Yur9FAiEA/GlQv3ZfaXnT
--lcCFT0aL02O0RDiRYyMUG/JAZQJs6CUCIQCHO5SZYIUwxIGK5mCNxxXOAzyQSiD7
--hqkKywf+4FvfDQIhALa0TLyqJFom0t7c4iIGAIRc8UlIYQSPiajI64+x9775AiEA
--0v4fgSK/Rq059zW1753JjuB6aR0Uh+3RqJII4dUR1Wg=
++MIIBOgIBAAJBANRU+pZKMNHpMvg549meJ060xQ4HCjrfVq+AeIER9W1pkaknDj8c
++hwOWKHTeztcPF/LHVpKPabn+fSNbFlq+SzcCAwEAAQJBAIOO+4xu/3yv/rKqO7C0
++Oyqa+pVMa1w60R0AfqmKFQTqiTgevM77uqjpW1+t0hpK20nyj6MUIPaL+9kZgp7t
++mnECIQDqw79PXSzudf10XGy9ve5bRazINHxQYgJ7FvlTT6JhdQIhAOeJxq9zcKni
++69ueO1ualz0hn8w6uHPsG9FlZ8C+7Jh7AiAWJgebjjfZ+4nA+6NKt2uQct9dOA5u
++awC+6ij1ojK4rQIgNEqAbcWDj0qpe8sLms+aEntSjJxCZiPP0IW3XeeApZsCIDwo
++x+YyxXQWJlf9L5TNYPRo+KFEdk3Cew0lv6QNs+xe
  -----END RSA PRIVATE KEY-----
 === modified file 'server/acceptance/suites/broadcast.go'
 --- server/acceptance/suites/broadcast.go	2014-08-15 09:33:48 +0000
 +++ server/acceptance/suites/broadcast.go	2014-09-10 15:12:43 +0000
@@ -261,7 +261,7 @@
  	host, err := gh.Get()
  	c.Assert(err, IsNil)
  	expected := &gethosts.Host{
--		Domain: "localhost",
++		Domain: "push-delivery",
  		Hosts:  []string{s.ServerAddr},
+ 	}
  	c.Check(host, DeepEquals, expected)
 === modified file 'server/acceptance/suites/suite.go'
 --- server/acceptance/suites/suite.go	2014-08-27 21:19:51 +0000
 +++ server/acceptance/suites/suite.go	2014-09-10 15:12:43 +0000
@@ -111,7 +111,7 @@
+ }
  func testClientSession(addr string, deviceId, model, imageChannel string, reportPings bool) *acceptance.ClientSession {
--	tlsConfig, err := kit.MakeTLSConfig("", false, helpers.SourceRelative("../ssl/testing.cert"), "")
++	tlsConfig, err := kit.MakeTLSConfig("push-delivery", false, helpers.SourceRelative("../ssl/testing.cert"), "")
  	if err != nil {
  		panic(fmt.Sprintf("could not read ssl/testing.cert: %v", err))
+ 	}
 === modified file 'server/config_test.go'
 --- server/config_test.go	2014-02-10 23:19:08 +0000
 +++ server/config_test.go	2014-09-10 15:12:43 +0000
@@ -26,6 +26,7 @@
  	. "launchpad.net/gocheck"
  	"launchpad.net/ubuntu-push/config"
++	helpers "launchpad.net/ubuntu-push/testing"
+ )
  type configSuite struct{}
@@ -52,22 +53,22 @@
  	c.Check(cfg.Addr(), Equals, "127.0.0.1:9999")
+ }
--func (s *configSuite) TestDevicesParsedConfigLoadFinish(c *C) {
++func (s *configSuite) TestTLSParsedConfigLoadPEMs(c *C) {
  	tmpDir := c.MkDir()
--	cfg := &DevicesParsedConfig{
++	cfg := &TLSParsedConfig{
  		ParsedKeyPEMFile:  "key.key",
  		ParsedCertPEMFile: "cert.cert",
+ 	}
--	err := cfg.FinishLoad(tmpDir)
++	err := cfg.LoadPEMs(tmpDir)
  	c.Check(err, ErrorMatches, "reading key_pem_file:.*no such file.*")
--	err = ioutil.WriteFile(filepath.Join(tmpDir, "key.key"), []byte("KeY"), os.ModePerm)
++	err = ioutil.WriteFile(filepath.Join(tmpDir, "key.key"), helpers.TestKeyPEMBlock, os.ModePerm)
  	c.Assert(err, IsNil)
--	err = cfg.FinishLoad(tmpDir)
++	err = cfg.LoadPEMs(tmpDir)
  	c.Check(err, ErrorMatches, "reading cert_pem_file:.*no such file.*")
--	err = ioutil.WriteFile(filepath.Join(tmpDir, "cert.cert"), []byte("CeRt"), os.ModePerm)
--	c.Assert(err, IsNil)
--	err = cfg.FinishLoad(tmpDir)
--	c.Assert(err, IsNil)
--	c.Check(string(cfg.KeyPEMBlock()), Equals, "KeY")
--	c.Check(string(cfg.CertPEMBlock()), Equals, "CeRt")
++	err = ioutil.WriteFile(filepath.Join(tmpDir, "cert.cert"), helpers.TestCertPEMBlock, os.ModePerm)
++	c.Assert(err, IsNil)
++	err = cfg.LoadPEMs(tmpDir)
++	c.Assert(err, IsNil)
++	tlsCfg := cfg.TLSServerConfig()
++	c.Check(tlsCfg.Certificates, HasLen, 1)
+ }
 === modified file 'server/dev/server.go'
 --- server/dev/server.go	2014-07-08 15:08:52 +0000
 +++ server/dev/server.go	2014-09-10 15:12:43 +0000
@@ -64,7 +64,7 @@
  	if err != nil {
  		server.BootLogFatalf("reading config: %v", err)
+ 	}
--	err = cfg.DevicesParsedConfig.FinishLoad(filepath.Dir(cfgFpaths[len(cfgFpaths)-1]))
++	err = cfg.DevicesParsedConfig.LoadPEMs(filepath.Dir(cfgFpaths[len(cfgFpaths)-1]))
  	if err != nil {
  		server.BootLogFatalf("reading config: %v", err)
+ 	}
@@ -95,7 +95,7 @@
  		})
  	})
  	handler := api.PanicTo500Handler(mux, logger)
--	go server.HTTPServeRunner(nil, handler, &cfg.HTTPServeParsedConfig)()
++	go server.HTTPServeRunner(nil, handler, &cfg.HTTPServeParsedConfig, nil)()
  	// listen for device connections
  	server.DevicesRunner(lst, func(conn net.Conn) error {
  		track := session.NewTracker(logger)
 === modified file 'server/listener/listener.go'
 --- server/listener/listener.go	2014-03-06 19:21:44 +0000
 +++ server/listener/listener.go	2014-09-10 15:12:43 +0000
@@ -30,10 +30,8 @@
  type DeviceListenerConfig interface {
  	// Addr to listen on.
  	Addr() string
--	// TLS key
--	KeyPEMBlock() []byte
--	// TLS cert
--	CertPEMBlock() []byte
++	// TLS config
++	TLSServerConfig() *tls.Config
+ }
  // DeviceListener listens and setup sessions from device connections.
@@ -52,15 +50,8 @@
  			return nil, err
+ 		}
+ 	}
--	cert, err := tls.X509KeyPair(cfg.CertPEMBlock(), cfg.KeyPEMBlock())
--	if err != nil {
--		return nil, err
--	}
--	tlsCfg := &tls.Config{
--		Certificates:           []tls.Certificate{cert},
--		SessionTicketsDisabled: true,
--	}
--	return &DeviceListener{tls.NewListener(lst, tlsCfg)}, err
++	tlsCfg := cfg.TLSServerConfig()
++	return &DeviceListener{tls.NewListener(lst, tlsCfg)}, nil
+ }
  // handleTemporary checks and handles if the error is just a temporary network
 === modified file 'server/listener/listener_test.go'
 --- server/listener/listener_test.go	2014-08-04 14:47:00 +0000
 +++ server/listener/listener_test.go	2014-09-10 15:12:43 +0000
@@ -18,7 +18,6 @@
  import (
  	"crypto/tls"
--	"crypto/x509"
  	"net"
  	"os/exec"
  	"regexp"
@@ -68,12 +67,8 @@
  	return cfg.addr
+ }
--func (cfg *testDevListenerCfg) KeyPEMBlock() []byte {
--	return helpers.TestKeyPEMBlock
--}
--
--func (cfg *testDevListenerCfg) CertPEMBlock() []byte {
--	return helpers.TestCertPEMBlock
++func (cfg *testDevListenerCfg) TLSServerConfig() *tls.Config {
++	return helpers.TestTLSServerConfig
+ }
  func (s *listenerSuite) TestDeviceListen(c *C) {
@@ -130,11 +125,8 @@
  	return err
+ }
--func testTlsDial(c *C, addr string) (net.Conn, error) {
--	cp := x509.NewCertPool()
--	ok := cp.AppendCertsFromPEM((&testDevListenerCfg{}).CertPEMBlock())
--	c.Assert(ok, Equals, true)
--	return tls.Dial("tcp", addr, &tls.Config{RootCAs: cp})
++func testTlsDial(addr string) (net.Conn, error) {
++	return tls.Dial("tcp", addr, helpers.TestTLSClientConfig)
+ }
  func testWriteByte(c *C, conn net.Conn, toWrite uint32) {
@@ -159,11 +151,11 @@
  		errCh <- lst.AcceptLoop(testSession, s.testlog)
  	}()
  	listenerAddr := lst.Addr().String()
--	conn1, err := testTlsDial(c, listenerAddr)
++	conn1, err := testTlsDial(listenerAddr)
  	c.Assert(err, IsNil)
  	defer conn1.Close()
  	testWriteByte(c, conn1, '1')
--	conn2, err := testTlsDial(c, listenerAddr)
++	conn2, err := testTlsDial(listenerAddr)
  	c.Assert(err, IsNil)
  	defer conn2.Close()
  	testWriteByte(c, conn2, '2')
@@ -203,7 +195,7 @@
  	res, err := cmd.Output()
  	c.Assert(err, IsNil)
  	c.Assert(string(res), Matches, "(?s).*timed out.*")
--	conn2, err := testTlsDial(c, listenerAddr)
++	conn2, err := testTlsDial(listenerAddr)
  	c.Assert(err, IsNil)
  	defer conn2.Close()
  	testWriteByte(c, conn2, '2')
@@ -225,7 +217,7 @@
  		}, s.testlog)
  	}()
  	listenerAddr := lst.Addr().String()
--	_, err = testTlsDial(c, listenerAddr)
++	_, err = testTlsDial(listenerAddr)
  	c.Assert(err, Not(IsNil))
  	lst.Close()
  	c.Check(<-errCh, ErrorMatches, ".*use of closed.*")
@@ -244,7 +236,7 @@
  	}()
  	listenerAddr := lst.Addr().String()
  	c.Check(listenerAddr, Equals, foreignLst.Addr().String())
--	conn1, err := testTlsDial(c, listenerAddr)
++	conn1, err := testTlsDial(listenerAddr)
  	c.Assert(err, IsNil)
  	defer conn1.Close()
  	testWriteByte(c, conn1, '1')
 === modified file 'server/runner_devices.go'
 --- server/runner_devices.go	2014-03-12 12:34:18 +0000
 +++ server/runner_devices.go	2014-09-10 15:12:43 +0000
@@ -17,7 +17,6 @@
  package server
  import (
--	"fmt"
  	"net"
  	"syscall"
  	"time"
@@ -36,26 +35,8 @@
  	ParsedSessionQueueSize config.ConfigQueueSize `json:"session_queue_size"`
  	ParsedBrokerQueueSize  config.ConfigQueueSize `json:"broker_queue_size"`
  	// device listener configuration
--	ParsedAddr        config.ConfigHostPort `json:"addr"`
--	ParsedKeyPEMFile  string                `json:"key_pem_file"`
--	ParsedCertPEMFile string                `json:"cert_pem_file"`
--	// private post-processed config
--	certPEMBlock []byte
--	keyPEMBlock  []byte
--}
--
--func (cfg *DevicesParsedConfig) FinishLoad(baseDir string) error {
--	keyPEMBlock, err := config.LoadFile(cfg.ParsedKeyPEMFile, baseDir)
--	if err != nil {
--		return fmt.Errorf("reading key_pem_file: %v", err)
--	}
--	certPEMBlock, err := config.LoadFile(cfg.ParsedCertPEMFile, baseDir)
--	if err != nil {
--		return fmt.Errorf("reading cert_pem_file: %v", err)
--	}
--	cfg.keyPEMBlock = keyPEMBlock
--	cfg.certPEMBlock = certPEMBlock
--	return nil
++	ParsedAddr config.ConfigHostPort `json:"addr"`
++	TLSParsedConfig
+ }
  func (cfg *DevicesParsedConfig) PingInterval() time.Duration {
@@ -78,14 +59,6 @@
  	return cfg.ParsedAddr.HostPort()
+ }
--func (cfg *DevicesParsedConfig) KeyPEMBlock() []byte {
--	return cfg.keyPEMBlock
--}
--
--func (cfg *DevicesParsedConfig) CertPEMBlock() []byte {
--	return cfg.certPEMBlock
--}
--
  // DevicesRunner returns a function to accept device connections.
  // If adoptLst is not nil it will be used as the underlying listener, instead
  // of creating one, wrapped in a TLS layer.
 === modified file 'server/runner_http.go'
 --- server/runner_http.go	2014-03-25 19:02:18 +0000
 +++ server/runner_http.go	2014-09-10 15:12:43 +0000
@@ -17,6 +17,7 @@
  package server
  import (
++	"crypto/tls"
  	"net"
  	"net/http"
@@ -32,7 +33,8 @@
  // HTTPServeRunner returns a function to serve HTTP requests.
  // If httpLst is not nil it will be used as the underlying listener.
--func HTTPServeRunner(httpLst net.Listener, h http.Handler, parsedCfg *HTTPServeParsedConfig) func() {
++// If tlsCfg is not nit server over TLS with the config.
++func HTTPServeRunner(httpLst net.Listener, h http.Handler, parsedCfg *HTTPServeParsedConfig, tlsCfg *tls.Config) func() {
  	if httpLst == nil {
  		var err error
  		httpLst, err = net.Listen("tcp", parsedCfg.ParsedHTTPAddr.HostPort())
@@ -46,6 +48,9 @@
  		ReadTimeout:  parsedCfg.ParsedHTTPReadTimeout.TimeDuration(),
  		WriteTimeout: parsedCfg.ParsedHTTPWriteTimeout.TimeDuration(),
+ 	}
++	if tlsCfg != nil {
++		httpLst = tls.NewListener(httpLst, tlsCfg)
++	}
  	return func() {
  		err := srv.Serve(httpLst)
  		if err != nil {
 === modified file 'server/runner_test.go'
 --- server/runner_test.go	2014-03-25 19:02:18 +0000
 +++ server/runner_test.go	2014-09-10 15:12:43 +0000
@@ -17,6 +17,7 @@
  package server
  import (
++	"crypto/tls"
  	"fmt"
  	"io/ioutil"
  	"net"
@@ -68,7 +69,7 @@
  func (s *runnerSuite) TestHTTPServeRunner(c *C) {
  	errCh := make(chan interface{}, 1)
  	h := http.HandlerFunc(testHandle)
--	runner := HTTPServeRunner(nil, h, &testHTTPServeParsedConfig)
++	runner := HTTPServeRunner(nil, h, &testHTTPServeParsedConfig, nil)
  	c.Assert(s.lst, Not(IsNil))
  	defer s.lst.Close()
  	c.Check(s.kind, Equals, "http")
@@ -89,16 +90,25 @@
  	c.Check(<-errCh, Matches, "accepting http connections:.*closed.*")
+ }
++func cert() tls.Certificate {
++	cert, err := tls.X509KeyPair(helpers.TestCertPEMBlock, helpers.TestKeyPEMBlock)
++	if err != nil {
++		panic(err)
++	}
++	return cert
++}
++
  var testDevicesParsedConfig = DevicesParsedConfig{
  	ParsedPingInterval:     config.ConfigTimeDuration{60 * time.Second},
  	ParsedExchangeTimeout:  config.ConfigTimeDuration{10 * time.Second},
  	ParsedBrokerQueueSize:  config.ConfigQueueSize(1000),
  	ParsedSessionQueueSize: config.ConfigQueueSize(10),
  	ParsedAddr:             "127.0.0.1:0",
--	ParsedKeyPEMFile:       "",
--	ParsedCertPEMFile:      "",
--	keyPEMBlock:            helpers.TestKeyPEMBlock,
--	certPEMBlock:           helpers.TestCertPEMBlock,
++	TLSParsedConfig: TLSParsedConfig{
++		ParsedKeyPEMFile:  "",
++		ParsedCertPEMFile: "",
++		cert:              cert(),
++	},
+ }
  func (s *runnerSuite) TestDevicesRunner(c *C) {
@@ -135,7 +145,36 @@
  	lst0, err := net.Listen("tcp", "127.0.0.1:0")
  	c.Assert(err, IsNil)
  	defer lst0.Close()
--	HTTPServeRunner(lst0, nil, &testHTTPServeParsedConfig)
++	HTTPServeRunner(lst0, nil, &testHTTPServeParsedConfig, nil)
  	c.Assert(s.lst, Equals, lst0)
  	c.Check(s.kind, Equals, "http")
+ }
++
++func (s *runnerSuite) TestHTTPServeRunnerTLS(c *C) {
++	errCh := make(chan interface{}, 1)
++	h := http.HandlerFunc(testHandle)
++	runner := HTTPServeRunner(nil, h, &testHTTPServeParsedConfig, helpers.TestTLSServerConfig)
++	c.Assert(s.lst, Not(IsNil))
++	defer s.lst.Close()
++	c.Check(s.kind, Equals, "http")
++	go func() {
++		defer func() {
++			errCh <- recover()
++		}()
++		runner()
++	}()
++	cli := http.Client{
++		Transport: &http.Transport{
++			TLSClientConfig: helpers.TestTLSClientConfig,
++		},
++	}
++	resp, err := cli.Get(fmt.Sprintf("https://%s/", s.lst.Addr()))
++	c.Assert(err, IsNil)
++	defer resp.Body.Close()
++	c.Assert(resp.StatusCode, Equals, 200)
++	body, err := ioutil.ReadAll(resp.Body)
++	c.Assert(err, IsNil)
++	c.Check(string(body), Equals, "yay!\n")
++	s.lst.Close()
++	c.Check(<-errCh, Matches, "accepting http connections:.*closed.*")
++}
 === added file 'server/tlsconfig.go'
 --- server/tlsconfig.go	1970-01-01 00:00:00 +0000
 +++ server/tlsconfig.go	2014-09-10 15:12:43 +0000
@@ -0,0 +1,53 @@
++/*
++ Copyright 2013-2014 Canonical Ltd.
++
++ This program is free software: you can redistribute it and/or modify it
++ under the terms of the GNU General Public License version 3, as published
++ by the Free Software Foundation.
++
++ This program is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranties of
++ MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
++ PURPOSE.  See the GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License along
++ with this program.  If not, see <http://www.gnu.org/licenses/>.
++*/
++
++package server
++
++import (
++	"crypto/tls"
++	"fmt"
++
++	"launchpad.net/ubuntu-push/config"
++)
++
++// A TLSParsedConfig holds and can be used to parse a tls server config.
++type TLSParsedConfig struct {
++	ParsedKeyPEMFile  string `json:"key_pem_file"`
++	ParsedCertPEMFile string `json:"cert_pem_file"`
++	// private post-processed config
++	cert tls.Certificate
++}
++
++func (cfg *TLSParsedConfig) LoadPEMs(baseDir string) error {
++	keyPEMBlock, err := config.LoadFile(cfg.ParsedKeyPEMFile, baseDir)
++	if err != nil {
++		return fmt.Errorf("reading key_pem_file: %v", err)
++	}
++	certPEMBlock, err := config.LoadFile(cfg.ParsedCertPEMFile, baseDir)
++	if err != nil {
++		return fmt.Errorf("reading cert_pem_file: %v", err)
++	}
++	cfg.cert, err = tls.X509KeyPair(certPEMBlock, keyPEMBlock)
++	return err
++}
++
++func (cfg *TLSParsedConfig) TLSServerConfig() *tls.Config {
++	tlsCfg := &tls.Config{
++		Certificates:           []tls.Certificate{cfg.cert},
++		SessionTicketsDisabled: true,
++	}
++	return tlsCfg
++}
 === modified file 'testing/tls.go'
 --- testing/tls.go	2014-01-21 21:36:07 +0000
 +++ testing/tls.go	2014-09-10 15:12:43 +0000
@@ -16,26 +16,53 @@
  package testing
--// key&cert generated with go run /usr/lib/go/src/pkg/crypto/tls/generate_cert.go -ca -host localhost -rsa-bits 512 -duration 87600h
++import (
++	"crypto/tls"
++	"crypto/x509"
++)
++
++// key&cert generated with go run /usr/lib/go/src/pkg/crypto/tls/generate_cert.go -ca -host push-delivery -rsa-bits 512 -duration 87600h
  var (
  	TestKeyPEMBlock = []byte(`-----BEGIN RSA PRIVATE KEY-----
--MIIBPAIBAAJBAPw+niki17X2qALE2A2AzE1q5dvK9CI4OduRtT9IgbFLC6psqAT2
--1NA+QbY17nWSSpyP65zkMkwKXrbDzstwLPkCAwEAAQJAKwXbIBULScP6QA6m8xam
--wgWbkvN41GVWqPafPV32kPBvKwSc+M1e+JR7g3/xPZE7TCELcfYi4yXEHZZI3Pbh
--oQIhAP/UsgJbsfH1GFv8Y8qGl5l/kmwwkwHhuKvEC87Yur9FAiEA/GlQv3ZfaXnT
--lcCFT0aL02O0RDiRYyMUG/JAZQJs6CUCIQCHO5SZYIUwxIGK5mCNxxXOAzyQSiD7
--hqkKywf+4FvfDQIhALa0TLyqJFom0t7c4iIGAIRc8UlIYQSPiajI64+x9775AiEA
--0v4fgSK/Rq059zW1753JjuB6aR0Uh+3RqJII4dUR1Wg=
++MIIBOgIBAAJBANRU+pZKMNHpMvg549meJ060xQ4HCjrfVq+AeIER9W1pkaknDj8c
++hwOWKHTeztcPF/LHVpKPabn+fSNbFlq+SzcCAwEAAQJBAIOO+4xu/3yv/rKqO7C0
++Oyqa+pVMa1w60R0AfqmKFQTqiTgevM77uqjpW1+t0hpK20nyj6MUIPaL+9kZgp7t
++mnECIQDqw79PXSzudf10XGy9ve5bRazINHxQYgJ7FvlTT6JhdQIhAOeJxq9zcKni
++69ueO1ualz0hn8w6uHPsG9FlZ8C+7Jh7AiAWJgebjjfZ+4nA+6NKt2uQct9dOA5u
++awC+6ij1ojK4rQIgNEqAbcWDj0qpe8sLms+aEntSjJxCZiPP0IW3XeeApZsCIDwo
++x+YyxXQWJlf9L5TNYPRo+KFEdk3Cew0lv6QNs+xe
  -----END RSA PRIVATE KEY-----`)
  	TestCertPEMBlock = []byte(`-----BEGIN CERTIFICATE-----
  MIIBYzCCAQ+gAwIBAgIBADALBgkqhkiG9w0BAQUwEjEQMA4GA1UEChMHQWNtZSBD
--bzAeFw0xMzEyMTkyMDU1NDNaFw0yMzEyMTcyMDU1NDNaMBIxEDAOBgNVBAoTB0Fj
--bWUgQ28wWjALBgkqhkiG9w0BAQEDSwAwSAJBAPw+niki17X2qALE2A2AzE1q5dvK
--9CI4OduRtT9IgbFLC6psqAT21NA+QbY17nWSSpyP65zkMkwKXrbDzstwLPkCAwEA
--AaNUMFIwDgYDVR0PAQH/BAQDAgCkMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1Ud
--EwEB/wQFMAMBAf8wGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/AAABMAsGCSqGSIb3
--DQEBBQNBAFqiVI+Km2XPSO+pxITaPvhmuzg+XG3l1+2di3gL+HlDobocjBqRctRU
--YySO32W07acjGJmCHUKpCJuq9X8hpmk=
++bzAeFw0xNDA4MjkxMjQyMDFaFw0yNDA4MjYxMjQyMDFaMBIxEDAOBgNVBAoTB0Fj
++bWUgQ28wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA1FT6lkow0eky+Dnj2Z4nTrTF
++DgcKOt9Wr4B4gRH1bWmRqScOPxyHA5YodN7O1w8X8sdWko9puf59I1sWWr5LNwID
++AQABo1IwUDAOBgNVHQ8BAf8EBAMCAKQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD
++VR0TAQH/BAUwAwEB/zAYBgNVHREEETAPgg1wdXNoLWRlbGl2ZXJ5MAsGCSqGSIb3
++DQEBBQNBABtWCdMFkhIO8+oM3vugOWle9WJZ1FCRWD+cMl76mI1lhmNF4lvEZG47
++xUjekA1+heU39WpOEzZSybrOdiEaGbI=
  -----END CERTIFICATE-----`)
+ )
++
++// test tls server & client config
++var TestTLSServerConfig, TestTLSClientConfig *tls.Config
++
++func init() {
++	cert, err := tls.X509KeyPair(TestCertPEMBlock, TestKeyPEMBlock)
++	if err != nil {
++		panic(err)
++	}
++	TestTLSServerConfig = &tls.Config{
++		Certificates: []tls.Certificate{cert},
++	}
++	cp := x509.NewCertPool()
++	ok := cp.AppendCertsFromPEM(TestCertPEMBlock)
++	if !ok {
++		panic("failed to parse test cert")
++	}
++	TestTLSClientConfig = &tls.Config{
++		RootCAs:    cp,
++		ServerName: "push-delivery",
++	}
++}