Fixed internal ip manipulation

7a772d02 · Guillaume Bury · cdd5c554 · 7a772d02 · 7a772d02
Commit 7a772d02 authored Jul 12, 2012 by Guillaume Bury
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 21 deletions

registry.py registry.py +4 -8

vifibnet.py vifibnet.py +26 -13

No files found.
--- a/registry.py
+++ b/registry.py
@@ -20,10 +20,6 @@ class main(object):
        parser = argparse.ArgumentParser(
                description='Peer discovery http server for vifibnet')
        _ = parser.add_argument
-        _('--prefix', required=True,
-                help='Prefix of the network deployed ( example : 2001:db8:42')
-        _('--prefix-len', required=True, type=int,
-                help='Prefix length')
        _('--db', required=True,
                help='Path to database file')
        _('--ca', required=True,
@@ -67,6 +63,7 @@ class main(object):
            self.key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
        # Get vifib network prefix
        self.network = bin(self.ca.get_serial_number())[3:]
+        print "Network prefix : %s/%u" % (self.network, len(self.network))
        # Starting server
        server = SimpleXMLRPCServer(("localhost", 8000), requestHandler=RequestHandler, allow_none=True)
@@ -147,11 +144,10 @@ class main(object):
        client_address, _ = handler.client_address
        # For Testing purposes only
        client_address = "2001:db8:42::"
-        assert(client_address.startswith(self.config.prefix))
        ip1, ip2 = struct.unpack('>QQ', socket.inet_pton(socket.AF_INET6, client_address))
-        ip1 = bin(ip1)[2:].rjust(64, '0')
+        ip = bin(ip1)[2:].rjust(64, '0') + bin(ip2)[2:].rjust(64, '0')
-        ip2 = bin(ip2)[2:].rjust(64, '0')
+        assert(ip.startswith(self.network))
-        prefix = (ip1 + ip2)[self.config.prefix_len:]
+        prefix = ip[len(self.network):]
        prefix, = self.db.execute("SELECT prefix FROM vifib WHERE prefix <= ? ORDER BY prefix DESC", (prefix,)).next()
        ip, port, proto = address
        self.db.execute("INSERT OR REPLACE INTO peers VALUES (?,?,?,?)", (prefix, ip, port, proto))

--- a/vifibnet.py
+++ b/vifibnet.py
@@ -7,8 +7,7 @@ import openvpn
 import random
 import log
-VIFIB_NET = "2001:db8:42:"
+VIFIB_NET = ''
-VIFIB_LEN = 48
 connection_dict = {} # to remember current connections we made
 free_interface_set = set(('client1', 'client2', 'client3', 'client4', 'client5',
                          'client6', 'client7', 'client8', 'client9', 'client10'))
@@ -57,21 +56,24 @@ class PeersDB:
        log.log('Updating peers database : unusing peer ' + str(id), 5)
        self.db.execute("UPDATE peers SET used = 0 WHERE id = ?", (id,))
-# TODO: do everything using 'binary' strings
+def ipFromBin(prefix):
+    prefix = hex(int(prefix, 2))[2:]
+    ip = ''
+    for i in xrange(0, len(prefix) - 1, 4):
+        ip += prefix[i:i+4] + ':'
+    return ip.rstrip(':')
 def ipFromPrefix(prefix, prefix_len):
-    tmp = hex(int(prefix))[2:]
+    prefix = bin(int(prefix))[2:].rjust(prefix_len, '0')
-    tmp = tmp.rjust(int((math.ceil(float(prefix_len) / 4))), '0')
+    ip_t = (config.vifibnet + prefix).ljust(128, '0')
-    ip = VIFIB_NET
+    return ipFromBin(ip_t)
-    for i in xrange(0, len(tmp), 4):
-        ip += tmp[i:i+4] + ':'
-    return ip + ':'
 def startBabel(**kw):
    args = ['babeld',
            '-C', 'redistribute local ip %s' % (config.ip),
            '-C', 'redistribute local deny',
            # Route VIFIB ip adresses
-            '-C', 'in ip %s:/%u' % (VIFIB_NET, VIFIB_LEN),
+            '-C', 'in ip %s::/%u' % (ipFromBin(config.vifibnet), len(config.vifibnet)),
            # Route only addresse in the 'local' network,
            # or other entire networks
            #'-C', 'in ip %s' % (config.ip),
@@ -113,10 +115,12 @@ def getConfig():
            help='Path to babeld state-file')
    _('--verbose', '-v', default=0, type=int,
            help='Defines the verbose level')
+    _('--ca', required=True,
+            help='Path to the certificate authority file')
    _('--cert', required=True,
            help='Path to the certificate file')
    # Temporary args - to be removed
-    # Can be removed, should ip be a global variable ?
+    # ~ Can be removed, should ip be a global variable ?
    _('--ip', required=True,
            help='IPv6 of the server')
    # Openvpn options
@@ -124,16 +128,25 @@ def getConfig():
            help="Common OpenVPN options (e.g. certificates)")
    openvpn.config = config = parser.parse_args()
    log.verbose = config.verbose
+    # Get network prefix from ca.crt
+    with open(config.ca, 'r') as f:
+        ca = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
+        config.vifibnet = bin(ca.get_serial_number())[3:]
+    # Get ip from cert.crt
    with open(config.cert, 'r') as f:
        cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
        subject = cert.get_subject()
        prefix, prefix_len = subject.serialNumber.split('/')
-        ip = ipFromPrefix(prefix, int(prefix_len))
+        config.ip = ipFromPrefix(prefix, int(prefix_len))
-        log.log('Intranet ip : %s' % (ip,), 3)
+        log.log('Intranet ip : %s' % (config.ip,), 3)
+    # Treat openvpn arguments
    if config.openvpn_args[0] == "--":
        del config.openvpn_args[0]
+    config.openvpn_args.append('--ca')
+    config.openvpn_args.append(config.ca)
    config.openvpn_args.append('--cert')
    config.openvpn_args.append(config.cert)
    log.log("Configuration completed", 1)
 def startNewConnection(n, write_pipe):