Fixed babel + added log directory

client-connect

 #!/usr/bin/python -S
 import os, sys
-import pdb; pdb.set_trace()
-os.write(int(sys.argv[1]), 'CLIENT_CONNECTED ' + os.environ['trusted_ip'] + '\n')
+
+# example of os.environ
+{'X509_0_C': 'FR',
+ 'X509_0_CN': 'ulm',
+ 'X509_0_O': 'Guillaume Bury',
+ 'X509_0_OU': 'VPN',
+ 'X509_1_C': 'FR',
+ 'X509_1_CN': 'Guillaume Bury CA',
+ 'X509_1_O': 'Guillaume Bury',
+ 'X509_1_OU': 'VPN',
+ 'common_name': 'ulm',
+ 'daemon': '0',
+ 'daemon_log_redirect': '0',
+ 'daemon_pid': '11637',
+ 'daemon_start_time': '1341568405',
+ 'dev': 'vifibnet',
+ 'link_mtu': '1573',
+ 'local_port_1': '1194',
+ 'proto_1': 'udp',
+ 'remote_port_1': '1194',
+ 'script_context': 'init',
+ 'script_type': 'client-connect',
+ 'time_ascii': 'Fri Jul  6 11:53:31 2012',
+ 'time_unix': '1341568411',
+ 'tls_digest_0': '2d:eb:f3:05:5d:bf:17:62:dd:ef:d4:bb:30:c0:5b:b7:ef:e3:e8:a6',
+ 'tls_digest_1': '43:1c:a1:22:ca:c0:a0:f5:b0:c6:65:6f:33:29:b2:bb:1d:04:43:9a',
+ 'tls_id_0': '/C=FR/O=Guillaume_Bury/OU=VPN/CN=ulm',
+ 'tls_id_1': '/C=FR/O=Guillaume_Bury/OU=VPN/CN=Guillaume_Bury_CA',
+ 'tls_serial_0': '02',
+ 'tls_serial_1': 'CC3019BC1CFA5141',
+ 'trusted_ip': '192.0.2.25',
+ 'trusted_port': '59345',
+ 'tun_mtu': '1500',
+ 'untrusted_ip': '192.0.2.25',
+ 'untrusted_port': '59345',
+ 'verb': '3'}
+
+os.write(int(sys.argv[1]), '%(script_type)s %(common_name)s\n' % os.environ)

client-disconnect

-#!/usr/bin/python -S
-import os, sys
-os.write(int(sys.argv[1]), 'CLIENT_DISCONNECTED ' + os.environ['trusted_ip'] + '\n')
-

main.py

@@ -43,7 +43,7 @@ class PeersDB:
         self.db.execute("UPDATE peers SET used = 0 WHERE id = ?", (id,))
 
 
-def startBabel():
+def startBabel(**kw):
     args = ['babeld',
             '-C', 'redistribute local ip %s' % (config.ip),
             '-C', 'redistribute local deny',
@@ -54,30 +54,27 @@ def startBabel():
             #'-C', 'in ip %s' % (config.ip),
             #'-C', 'in ip ::/0 le %s' % network_mask,
             # Don't route other addresses
-            '-C', 'in ip deny',
+            '-C', 'in deny',
             '-d', str(config.verbose),
             '-s',
             ]
     if config.babel_state:
         args += '-S', config.babel_state
-    log_message("Starting babel daemon",2)
-    return subprocess.Popen(args + list(free_interface_set))
+    return subprocess.Popen(args + ['vifibnet'] + list(free_interface_set), **kw)
 
 def getConfig():
     global config
     parser = argparse.ArgumentParser(
             description='Resilient virtual private network application')
     _ = parser.add_argument
-    _('--server-log', default='/var/log/vifibnet.server.log',
-            help='Path to openvpn server log file')
-    _('--client-log', default='/var/log',
-            help='Path to openvpn client log directory')
+    _('--log-directory', default='/var/log',
+            help='Path to vifibnet logs directory')
     _('--client-count', default=2, type=int,
-            help='the number servers the peers try to connect to')
+            help='Number of client connections')
     # TODO : use maxpeer
     _('--max-peer', default=10, type=int,
             help='the number of peers that can connect to the server')
-    _('--refresh-time', default=20, type=int,
+    _('--refresh-time', default=60, type=int,
             help='the time (seconds) to wait before changing the connections')
     _('--refresh-count', default=1, type=int,
             help='The number of connections to drop when refreshing the connections')
@@ -105,7 +102,7 @@ def startNewConnection(n):
             log_message('Establishing a connection with id %s (%s:%s)' % (id,ip,port), 2)
             iface = free_interface_set.pop()
             connection_dict[id] = ( openvpn.client( ip, '--dev', iface, '--proto', proto, '--rport', str(port),
-                stdout=os.open('%s/vifibnet.client.%s.log' % (config.client_log, id), os.O_WRONLY|os.O_CREAT|os.O_TRUNC) ),
+                stdout=os.open('%s/vifibnet.client.%s.log' % (config.log_directory, id), os.O_WRONLY|os.O_CREAT|os.O_TRUNC) ),
                 iface)
             peers_db.usePeer(id)
     except KeyError:
@@ -150,12 +147,12 @@ def refreshConnections():
     startNewConnection(config.client_count - len(connection_dict))
 
 def handle_message(msg):
-    words = msg.split()
-    if words[0] == 'CLIENT_CONNECTED':
-        log_message('Incomming connection from ' + words[1], 3)
+    script_type, common_name = msg.split()
+    if script_type == 'client-connect':
+        log_message('Incomming connection from %s' % (common_name,), 3)
         # TODO :  check if we are not already connected to it
-    elif words[0] == 'CLIENT_DISCONNECTED':
-        log_message(words[1] + ' has disconnected', 3)
+    elif script_type == 'client-disconnect':
+        log_message('%s has disconnected' % (common_name,), 3)
     else:
         log_message('Unknow message recieved from the openvpn pipe : ' + msg, 1)
 
@@ -170,7 +167,8 @@ def main():
 
     # Launch babel on all interfaces
     log_message('Starting babel', 3)
-    babel = startBabel()
+    babel = startBabel(stdout=os.open('%s/babeld.log' % (config.log_directory,), os.O_WRONLY|os.O_CREAT|os.O_TRUNC),
+                        stderr=subprocess.STDOUT)
 
     # Create and open read_only pipe to get connect/disconnect events from openvpn
     log_message('Creating pipe for openvpn events', 3)
@@ -179,9 +177,8 @@ def main():
 
     # Establish connections
     log_message('Starting openvpn server', 3)
-    serverProcess = openvpn.server(config.ip, write_pipe,
-            '--dev', 'vifibnet',
-            stdout=os.open(config.server_log, os.O_WRONLY|os.O_CREAT|os.O_TRUNC))
+    serverProcess = openvpn.server(config.ip, write_pipe, '--dev', 'vifibnet',
+            stdout=os.open('%s/vifibnet.server.log' % (config.log_directory,), os.O_WRONLY|os.O_CREAT|os.O_TRUNC))
     startNewConnection(config.client_count)
 
     # Timed refresh initializing

openvpn.py

@@ -8,12 +8,12 @@ def openvpn(*args, **kw):
         '--persist-key',
         '--script-security', '2',
         '--user', 'nobody',
-        '--ping', '1', 
             # I don't kown how Babel works, but if it test the
             # connection often, the ping directive might not be needed
             # if it test the connection very often, we could also decrease
-            # ping-exit to 1 sec 
-        '--ping-exit', '3', 
+            # ping-exit to 1 sec
+            # '--ping', '1',
+            # '--ping-exit', '3',
         '--group', 'nogroup',
         '--verb', str(config.verbose),
         ] + list(args) + config.openvpn_args
@@ -31,7 +31,7 @@ def server(ip, pipe_fd, *args, **kw):
         '--duplicate-cn', # XXX : to be removed
         '--up', 'up-server ' + ip,
         '--client-connect', 'client-connect ' + str(pipe_fd),
-        '--client-disconnect', 'client-disconnect ' + str(pipe_fd),
+        '--client-disconnect', 'client-connect ' + str(pipe_fd),
         '--dh', config.dh,
         *args, **kw)