From 7ed49b92ff19205af276dee371174579c8b4c811 Mon Sep 17 00:00:00 2001
From: kali <kali@win>
Date: Wed, 3 Mar 2021 22:59:03 +0100
Subject: [PATCH] [pkg] abort install if we running an old version

stop if:

- bitmask is running (we don't want to mess with the helper if the app
  is running)
- we cannot stop the service for some reason.

powershell gives more flexibility to stop services, but Remove-Service
is not present in PS < 6, so we try to remove the service from the
post-install too (the golang helper will complain about an eventlog
registry key).

this could probably be improved in the helper, but we'll be moving to
the official openvpnserv2 service for 0.21.4. we might want to revisit
the current helper for the firewall/killswitch.
---
 Makefile                                      | 24 ++++++++++++-------
 branding/scripts/getparam                     |  2 +-
 .../packages/bitmaskvpn/meta/install.js       | 24 +++++++++++++++++--
 docs/build.windows.rst                        |  3 ++-
 docs/debug.rst                                | 16 +++++++++++++
 5 files changed, 57 insertions(+), 12 deletions(-)

diff --git a/Makefile b/Makefile
index 0cd6c889..ef6bf916 100644
--- a/Makefile
+++ b/Makefile
@@ -109,21 +109,26 @@ lib/%.a: $(PKGFILES)
 
 relink_vendor:
 	@echo "============RELINK VENDOR============="
-	@echo "PLATFORM: ${PLATFORM}"
+	@echo "PLATFORM: ${PLATFORM} (${UNAME})"
 	@echo "VENDOR_PATH: ${VENDOR_PATH}"
 	@echo "PROVIDER: ${PROVIDER}"
-ifeq ($(UNAME), CYGWIN_NT-10.0)
-	[ -L providers/assets ] || (CYGWIN=winsymlinks:nativestrict ln -s ${PROVIDER}/assets providers/assets)
-endif
-ifneq ($(UNAME), CYGWIN_NT-10.0)
 ifeq ($(PLATFORM), windows)
-	rm -rf providers/assets
+	@rm -rf providers/assets || true
+ifeq ($(UNAME), MINGW64_NT-10.0)
+ifeq ($(VENDOR_PATH), providers)
+	@cp -r providers/${PROVIDER}/assets providers/assets || true
 endif
+endif # end mingw
+ifeq ($(UNAME), CYGWIN_NT-10.0)
+	@[ -L providers/assets ] || (CYGWIN=winsymlinks:nativestrict ln -s ${PROVIDER}/assets providers/assets)
+endif # end cygwin
+else # not windows: linux/osx
 ifeq ($(VENDOR_PATH), providers)
 	@unlink providers/assets || true
 	@ln -s ${PROVIDER}/assets providers/assets || true
 endif
 endif
+
 	@echo "============RELINK VENDOR============="
 
 build_golib: lib/libgoshim.a
@@ -210,11 +215,14 @@ else
 	@cp ${VENDOR_PATH}/assets/icon.ico ${INST_DATA}/icon.ico
 endif
 	@cp ${QTBUILD}/release/${TARGET}.exe ${INST_DATA}${TARGET}.exe
-	# FIXME get the signed binaries with curl from openvpn downloads page - see if we have to adapt the openvpn-build to install tap drivers etc from our installer.
+	# FIXME get the signed binaries with curl from openvpn downloads page.
 	@cp "/c/Program Files/OpenVPN/bin/openvpn.exe" ${INST_DATA}
 	@cp "/c/Program Files/OpenVPN/bin/"*.dll ${INST_DATA}
+ifeq (${RELEASE}, yes)
+	@windeployqt --release --qmldir gui/qml ${INST_DATA}${TARGET}.exe
+else
 	@windeployqt --qmldir gui/qml ${INST_DATA}${TARGET}.exe
-	#@windeployqt --release --qmldir gui/qml ${INST_DATA}${TARGET}.exe
+endif
 	# TODO stage it to shave some time
 	@wget ${TAP_WINDOWS} -O ${INST_DATA}/tap-windows.exe
 endif
diff --git a/branding/scripts/getparam b/branding/scripts/getparam
index 235745df..005abb1f 100755
--- a/branding/scripts/getparam
+++ b/branding/scripts/getparam
@@ -17,7 +17,7 @@ def getData():
     configPath = os.path.join(vendorPath, 'vendor.conf')
     if not os.path.isfile(configPath):
         print("ERROR: path does not exist", configPath)
-        os.exit(1)
+        sys.exit(1)
     config = configparser.ConfigParser()
     config.read(configPath)
     defaultProvider = getDefaultProvider(config)
diff --git a/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js b/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js
index dada9185..b82e0326 100644
--- a/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js
+++ b/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js
@@ -61,6 +61,9 @@ Component.prototype.createOperations = function ()
     if (systemInfo.productType === "osx") {
         preInstallOSX();
     }
+    if (systemInfo.productType === "windows") {
+	preInstallWindows();
+    }
     // This will actually install the files
     component.createOperations();
 
@@ -80,11 +83,28 @@ Component.prototype.createOperations = function ()
     }
 }
 
+function preInstallWindows() {
+    console.log("Pre-installation for Windows: check for running bitmask");
+    component.addOperation(
+	"Execute", "{1}", "powershell", "-NonInteractive", "-NoProfile", "-command", "try {Get-Process $BINNAME} catch { exit 1}",
+	"errormessage=It seems that an old RiseupVPN client is running. Please exit the app and run this installer again.",
+    );
+    /* Remove-Service only introduced in PS 6.0 */
+    component.addElevatedOperation(
+	"Execute", "{0}", "powershell", "-NonInteractive", "-NoProfile", "-command",
+	"try {Get-Service bitmask-helper-v2} catch {exit 0}; try {Stop-Service bitmask-helper-v2} catch {}; try {$$srv = Get-Service bitmask-helper-v2; if ($$srv.Status -eq 'Running') {exit 1} else {exit 0};} catch {exit 0}",
+	"errormessage=It seems that bitmask-helper-v2 service is running, and we could not stop it. Please manually uninstall any previous RiseupVPN or CalyxVPN client and run this installer again.",
+    );
+}
+
 function postInstallWindows() {
     // TODO - check if we're on Windows10 or older, and use the needed tap-windows installer accordingly.
     console.log("Installing OpenVPN tap driver");
-    component.addElevatedOperation("Execute", "@TargetDir@/tap-windows.exe", "/S", "/SELECT_UTILITIES=1");  /* TODO uninstall? */
-    console.log("Now trying to install our helper");
+    component.addElevatedOperation("Execute", "@TargetDir@/tap-windows.exe", "/S", "/SELECT_UTILITIES=1");  /* TODO uninstall */
+    /* remove an existing service, if it is stopped. Remove-Service is only in PS>6, and sc.exe delete leaves some garbage on the registry, so let's use the binary itself */
+    console.log("Removing any previously installer helper...");
+    component.addElevatedOperation("Execute", "{0,1}", "@TargetDir@/helper.exe", "remove");
+    console.log("Now trying to install latest helper");
     component.addElevatedOperation("Execute", "@TargetDir@/helper.exe", "install", "UNDOEXECUTE", "@TargetDir@/helper.exe", "remove");
     component.addElevatedOperation("Execute", "@TargetDir@/helper.exe", "start", "UNDOEXECUTE", "@TargetDir@/helper.exe", "stop");
     console.log("Adding shortcut entries/...");
diff --git a/docs/build.windows.rst b/docs/build.windows.rst
index 93e9d419..a24f4b0b 100644
--- a/docs/build.windows.rst
+++ b/docs/build.windows.rst
@@ -10,10 +10,11 @@ You should instal: make, wget, as well as a recent Qt5 version (for instance, wi
 
 For the installer, install QtIFW for windows (tested with version 3.2.2).
 
-Assuming you have the vendor path in place and correctly configured, all you need to do is `make build_installer`::
+Assuming you have the vendor path in place and correctly configured, all you need to do is `make installer`::
 
   export PATH="/c/Qt/Qt5/bin/":"/c/Qt/QtIFW-3.2.2/bin":$PATH
   export VENDOR_PATH=providers
+  export PROVIDER=riseup
   make vendor && make installer
 
 
diff --git a/docs/debug.rst b/docs/debug.rst
index 76c9d1f5..a154ab0f 100644
--- a/docs/debug.rst
+++ b/docs/debug.rst
@@ -57,3 +57,19 @@ Make sure that "pgrep bitmask-helper" does not return any pid.
 
 Now you can move /Applications/RiseupVPN.app to the Trash, and launch a
 recent installer to get a clean install.
+
+Windows
+-------
+In Windows you can use PowerShell to see if there's an old service Running (it
+can be from RiseupVPN, CalyxVPN, LibraryVPN etc...).
+
+.. code:: powershell
+
+  PS C:\Users\admin> Get-Service bitmask-helper-v2
+
+You can also stop it (needs admin)
+
+.. code:: powershell
+
+  PS C:\Users\admin> Stop-Service bitmask-helper-v2
+
-- 
GitLab