Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
R
re6stnet
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
2
Issues
2
List
Boards
Labels
Milestones
Merge Requests
4
Merge Requests
4
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
re6stnet
Commits
ecbe625a
Commit
ecbe625a
authored
Jul 17, 2012
by
Guillaume Bury
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Cleaner configuration
parent
5cd60b35
Changes
7
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
59 additions
and
56 deletions
+59
-56
db.py
db.py
+14
-4
plib.py
plib.py
+6
-7
registry.py
registry.py
+6
-7
setup.py
setup.py
+1
-1
tunnel.py
tunnel.py
+8
-21
utils.py
utils.py
+5
-1
vifibnet.py
vifibnet.py
+19
-15
No files found.
db.py
View file @
ecbe625a
import
utils
import
utils
import
sqlite3
import
sqlite3
,
xmlrpclib
import
xmlrpclib
class
PeersDB
:
class
PeerManager
:
def
__init__
(
self
,
dbPath
):
def
__init__
(
self
,
dbPath
):
utils
.
log
(
'Connectiong to peers database'
,
4
)
utils
.
log
(
'Connectiong to peers database'
,
4
)
self
.
db
=
sqlite3
.
connect
(
dbPath
,
isolation_level
=
None
)
self
.
db
=
sqlite3
.
connect
(
dbPath
,
isolation_level
=
None
)
utils
.
log
(
'Preparing peers database'
,
4
)
utils
.
log
(
'Preparing peers database'
,
4
)
...
@@ -37,3 +36,14 @@ class PeersDB:
...
@@ -37,3 +36,14 @@ class PeersDB:
def
unusePeer
(
self
,
id
):
def
unusePeer
(
self
,
id
):
utils
.
log
(
'Updating peers database : unusing peer '
+
str
(
id
),
5
)
utils
.
log
(
'Updating peers database : unusing peer '
+
str
(
id
),
5
)
self
.
db
.
execute
(
"UPDATE peers SET used = 0 WHERE id = ?"
,
(
id
,))
self
.
db
.
execute
(
"UPDATE peers SET used = 0 WHERE id = ?"
,
(
id
,))
def
handle_message
(
msg
):
script_type
,
arg
=
msg
.
split
()
if
script_type
==
'client-connect'
:
utils
.
log
(
'Incomming connection from %s'
%
(
arg
,),
3
)
elif
script_type
==
'client-disconnect'
:
utils
.
log
(
'%s has disconnected'
%
(
arg
,),
3
)
elif
script_type
==
'route-up'
:
utils
.
log
(
'External Ip : '
+
arg
,
3
)
else
:
utils
.
log
(
'Unknow message recieved from the openvpn pipe : '
+
msg
,
1
)
plib.py
View file @
ecbe625a
...
@@ -20,24 +20,23 @@ def openvpn(*args, **kw):
...
@@ -20,24 +20,23 @@ def openvpn(*args, **kw):
# '--ping-exit', '3',
# '--ping-exit', '3',
'--group'
,
'nogroup'
,
'--group'
,
'nogroup'
,
'--verb'
,
str
(
utils
.
config
.
verbose
),
'--verb'
,
str
(
utils
.
config
.
verbose
),
]
+
list
(
args
)
+
utils
.
config
.
openvpn_args
]
+
list
(
args
)
if
utils
.
config
.
verbose
>=
5
:
utils
.
log
(
str
(
args
),
5
)
print
repr
(
args
)
return
subprocess
.
Popen
(
args
,
**
kw
)
return
subprocess
.
Popen
(
args
,
**
kw
)
# TODO : set iface up when creating a server/client
# TODO : set iface up when creating a server/client
# ! check working directory before launching up script ?
# ! check working directory before launching up script ?
def
server
(
serverIp
,
pipe_fd
,
*
args
,
**
kw
):
def
server
(
serverIp
,
network
,
max_clients
,
pipe_fd
,
*
args
,
**
kw
):
utils
.
log
(
'Starting server'
,
3
)
utils
.
log
(
'Starting server'
,
3
)
return
openvpn
(
return
openvpn
(
'--tls-server'
,
'--tls-server'
,
'--mode'
,
'server'
,
'--mode'
,
'server'
,
'--up'
,
'ovpn-server %s/%u'
%
(
serverIp
,
len
(
utils
.
config
.
vifibnet
)),
'--up'
,
'ovpn-server %s/%u'
%
(
serverIp
,
len
(
network
)),
'--client-connect'
,
'ovpn-server '
+
str
(
pipe_fd
),
'--client-connect'
,
'ovpn-server '
+
str
(
pipe_fd
),
'--client-disconnect'
,
'ovpn-server '
+
str
(
pipe_fd
),
'--client-disconnect'
,
'ovpn-server '
+
str
(
pipe_fd
),
'--dh'
,
utils
.
config
.
dh
,
'--dh'
,
utils
.
config
.
dh
,
'--max-clients'
,
str
(
utils
.
config
.
max_clients
),
'--max-clients'
,
str
(
max_clients
),
*
args
,
**
kw
)
*
args
,
**
kw
)
def
client
(
serverIp
,
pipe_fd
,
*
args
,
**
kw
):
def
client
(
serverIp
,
pipe_fd
,
*
args
,
**
kw
):
...
@@ -50,7 +49,7 @@ def client(serverIp, pipe_fd, *args, **kw):
...
@@ -50,7 +49,7 @@ def client(serverIp, pipe_fd, *args, **kw):
'--route-up'
,
'ovpn-client '
+
str
(
pipe_fd
),
'--route-up'
,
'ovpn-client '
+
str
(
pipe_fd
),
*
args
,
**
kw
)
*
args
,
**
kw
)
def
babel
(
internal_ip
,
network
,
interface_list
,
**
kw
):
def
babel
(
network
,
internal_ip
,
interface_list
,
**
kw
):
utils
.
log
(
'Starting babel'
,
3
)
utils
.
log
(
'Starting babel'
,
3
)
args
=
[
'babeld'
,
args
=
[
'babeld'
,
'-C'
,
'redistribute local ip %s'
%
(
internal_ip
),
'-C'
,
'redistribute local ip %s'
%
(
internal_ip
),
...
...
registry.py
View file @
ecbe625a
#!/usr/bin/env python
#!/usr/bin/env python
import
argparse
,
math
,
random
,
select
,
smtplib
,
sqlite3
,
string
,
struct
,
socket
,
time
import
argparse
,
math
,
random
,
select
,
smtplib
,
sqlite3
,
string
,
socket
,
time
,
traceback
from
email.mime.text
import
MIMEText
from
functools
import
wraps
from
SimpleXMLRPCServer
import
SimpleXMLRPCServer
,
SimpleXMLRPCRequestHandler
from
SimpleXMLRPCServer
import
SimpleXMLRPCServer
,
SimpleXMLRPCRequestHandler
from
email.mime.text
import
MIMEText
from
OpenSSL
import
crypto
from
OpenSSL
import
crypto
import
traceback
import
utils
# To generate server ca and key with correct serial
# To generate server ca and key with correct serial
# openssl req -nodes -new -x509 -key ca.key -set_serial 0x120010db80042 -days 365 -out ca.crt
# openssl req -nodes -new -x509 -key ca.key -set_serial 0x120010db80042 -days 365 -out ca.crt
...
@@ -73,7 +72,6 @@ class main(object):
...
@@ -73,7 +72,6 @@ class main(object):
else
:
else
:
self
.
db
.
execute
(
"INSERT INTO vifib VALUES ('',null,null)"
)
self
.
db
.
execute
(
"INSERT INTO vifib VALUES ('',null,null)"
)
# Loading certificates
# Loading certificates
with
open
(
self
.
config
.
ca
)
as
f
:
with
open
(
self
.
config
.
ca
)
as
f
:
self
.
ca
=
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
f
.
read
())
self
.
ca
=
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
f
.
read
())
...
@@ -88,6 +86,8 @@ class main(object):
...
@@ -88,6 +86,8 @@ class main(object):
server4
.
register_instance
(
self
)
server4
.
register_instance
(
self
)
server6
=
SimpleXMLRPCServer6
((
'::'
,
self
.
config
.
port
),
requestHandler
=
RequestHandler
,
allow_none
=
True
)
server6
=
SimpleXMLRPCServer6
((
'::'
,
self
.
config
.
port
),
requestHandler
=
RequestHandler
,
allow_none
=
True
)
server6
.
register_instance
(
self
)
server6
.
register_instance
(
self
)
# Main loop
while
True
:
while
True
:
try
:
try
:
r
,
w
,
e
=
select
.
select
([
server4
,
server6
],
[],
[])
r
,
w
,
e
=
select
.
select
([
server4
,
server6
],
[],
[])
...
@@ -179,8 +179,7 @@ class main(object):
...
@@ -179,8 +179,7 @@ class main(object):
def
declare
(
self
,
handler
,
address
):
def
declare
(
self
,
handler
,
address
):
client_address
,
ip
,
port
,
proto
=
address
client_address
,
ip
,
port
,
proto
=
address
#client_address, _ = handler.client_address
#client_address, _ = handler.client_address
client_ip1
,
client_ip2
=
struct
.
unpack
(
'>QQ'
,
socket
.
inet_pton
(
socket
.
AF_INET6
,
client_address
))
client_ip
=
binFromIp
(
client_address
)
client_ip
=
bin
(
client_ip1
)[
2
:].
rjust
(
64
,
'0'
)
+
bin
(
client_ip2
)[
2
:].
rjust
(
64
,
'0'
)
if
client_ip
.
startswith
(
self
.
network
):
if
client_ip
.
startswith
(
self
.
network
):
prefix
=
client_ip
[
len
(
self
.
network
):]
prefix
=
client_ip
[
len
(
self
.
network
):]
prefix
,
=
self
.
db
.
execute
(
"SELECT prefix FROM vifib WHERE prefix <= ? ORDER BY prefix DESC LIMIT 1"
,
(
prefix
,)).
next
()
prefix
,
=
self
.
db
.
execute
(
"SELECT prefix FROM vifib WHERE prefix <= ? ORDER BY prefix DESC LIMIT 1"
,
(
prefix
,)).
next
()
...
...
setup.py
View file @
ecbe625a
#!/usr/bin/env python
#!/usr/bin/env python
from
OpenSSL
import
crypto
import
argparse
,
os
,
subprocess
,
sqlite3
,
sys
,
xmlrpclib
import
argparse
,
os
,
subprocess
,
sqlite3
,
sys
,
xmlrpclib
from
OpenSSL
import
crypto
def
main
():
def
main
():
parser
=
argparse
.
ArgumentParser
(
parser
=
argparse
.
ArgumentParser
(
...
...
tunnel
manager
.py
→
tunnel.py
View file @
ecbe625a
import
os
,
random
,
traceback
import
os
,
random
,
traceback
import
plib
,
utils
,
db
import
plib
,
utils
,
db
class
TunnelManager
:
class
TunnelManager
:
def
__init__
(
self
,
write_pipe
,
peer
s
_db
):
def
__init__
(
self
,
write_pipe
,
peer_db
):
self
.
_write_pipe
=
write_pipe
self
.
_write_pipe
=
write_pipe
self
.
_peer
s_db
=
peers
_db
self
.
_peer
_db
=
peer
_db
self
.
_connection_dict
=
{}
self
.
_connection_dict
=
{}
self
.
client_count
=
client_count
self
.
_
client_count
=
client_count
self
.
refresh_count
=
refresh_count
self
.
_
refresh_count
=
refresh_count
self
.
free_interface_set
=
set
((
'client1'
,
'client2'
,
'client3'
,
'client4'
,
'client5'
,
self
.
free_interface_set
=
set
((
'client1'
,
'client2'
,
'client3'
,
'client4'
,
'client5'
,
'client6'
,
'client7'
,
'client8'
,
'client9'
,
'client10'
))
'client6'
,
'client7'
,
'client8'
,
'client9'
,
'client10'
))
...
@@ -25,7 +23,7 @@ class TunnelManager:
...
@@ -25,7 +23,7 @@ class TunnelManager:
if
p
.
poll
()
!=
None
:
if
p
.
poll
()
!=
None
:
utils
.
log
(
'Connection with %s has failed with return code %s'
%
(
id
,
p
.
returncode
),
3
)
utils
.
log
(
'Connection with %s has failed with return code %s'
%
(
id
,
p
.
returncode
),
3
)
self
.
free_interface_set
.
add
(
iface
)
self
.
free_interface_set
.
add
(
iface
)
self
.
peer
s
_db
.
unusePeer
(
id
)
self
.
peer_db
.
unusePeer
(
id
)
del
self
.
connection_dict
[
id
]
del
self
.
connection_dict
[
id
]
def
_removeSomeTunnels
(
self
):
def
_removeSomeTunnels
(
self
):
...
@@ -38,30 +36,19 @@ class TunnelManager:
...
@@ -38,30 +36,19 @@ class TunnelManager:
p
,
iface
=
self
.
_connection_dict
.
pop
(
peer_id
)
p
,
iface
=
self
.
_connection_dict
.
pop
(
peer_id
)
p
.
kill
()
p
.
kill
()
self
.
free_interface_set
.
add
(
iface
)
self
.
free_interface_set
.
add
(
iface
)
self
.
_peer
s
_db
.
unusePeer
(
peer_id
)
self
.
_peer_db
.
unusePeer
(
peer_id
)
def
_makeNewTunnels
(
self
):
def
_makeNewTunnels
(
self
):
try
:
try
:
for
peer_id
,
ip
,
port
,
proto
in
self
.
_peer
s
_db
.
getUnusedPeers
(
self
.
_client_count
-
len
(
self
.
_connection_dict
),
self
.
_write_pipe
):
for
peer_id
,
ip
,
port
,
proto
in
self
.
_peer_db
.
getUnusedPeers
(
self
.
_client_count
-
len
(
self
.
_connection_dict
),
self
.
_write_pipe
):
utils
.
log
(
'Establishing a connection with id %s (%s:%s)'
%
(
peer_id
,
ip
,
port
),
2
)
utils
.
log
(
'Establishing a connection with id %s (%s:%s)'
%
(
peer_id
,
ip
,
port
),
2
)
iface
=
self
.
free_interface_set
.
pop
()
iface
=
self
.
free_interface_set
.
pop
()
self
.
_connection_dict
[
peer_id
]
=
(
openvpn
.
client
(
ip
,
write_pipe
,
'--dev'
,
iface
,
'--proto'
,
proto
,
'--rport'
,
str
(
port
),
self
.
_connection_dict
[
peer_id
]
=
(
openvpn
.
client
(
ip
,
write_pipe
,
'--dev'
,
iface
,
'--proto'
,
proto
,
'--rport'
,
str
(
port
),
stdout
=
os
.
open
(
os
.
path
.
join
(
utils
.
config
.
log
,
'vifibnet.client.%s.log'
%
(
peer_id
,)),
stdout
=
os
.
open
(
os
.
path
.
join
(
utils
.
config
.
log
,
'vifibnet.client.%s.log'
%
(
peer_id
,)),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
)
),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
)
),
iface
)
iface
)
self
.
_peer
s
_db
.
usePeer
(
peer_id
)
self
.
_peer_db
.
usePeer
(
peer_id
)
except
KeyError
:
except
KeyError
:
utils
.
log
(
"Can't establish connection with %s : no available interface"
%
ip
,
2
)
utils
.
log
(
"Can't establish connection with %s : no available interface"
%
ip
,
2
)
except
Exception
:
except
Exception
:
traceback
.
print_exc
()
traceback
.
print_exc
()
def
handle_message
(
msg
):
script_type
,
arg
=
msg
.
split
()
if
script_type
==
'client-connect'
:
utils
.
log
(
'Incomming connection from %s'
%
(
arg
,),
3
)
elif
script_type
==
'client-disconnect'
:
utils
.
log
(
'%s has disconnected'
%
(
arg
,),
3
)
elif
script_type
==
'route-up'
:
utils
.
log
(
'External Ip : '
+
arg
,
3
)
else
:
utils
.
log
(
'Unknow message recieved from the openvpn pipe : '
+
msg
,
1
)
utils.py
View file @
ecbe625a
import
argparse
,
time
import
argparse
,
time
,
struct
,
socket
from
OpenSSL
import
crypto
from
OpenSSL
import
crypto
...
@@ -6,6 +6,10 @@ def log(message, verbose_level):
...
@@ -6,6 +6,10 @@ def log(message, verbose_level):
if
config
.
verbose
>=
verbose_level
:
if
config
.
verbose
>=
verbose_level
:
print
time
.
strftime
(
"%d-%m-%Y %H:%M:%S : "
+
message
)
print
time
.
strftime
(
"%d-%m-%Y %H:%M:%S : "
+
message
)
def
binFromIp
(
ip
):
ip1
,
ip2
=
struct
.
unpack
(
'>QQ'
,
socket
.
inet_pton
(
socket
.
AF_INET6
,
ip
))
return
bin
(
client_ip1
)[
2
:].
rjust
(
64
,
'0'
)
+
bin
(
client_ip2
)[
2
:].
rjust
(
64
,
'0'
)
def
ipFromBin
(
prefix
):
def
ipFromBin
(
prefix
):
prefix
=
hex
(
int
(
prefix
,
2
))[
2
:]
prefix
=
hex
(
int
(
prefix
,
2
))[
2
:]
ip
=
''
ip
=
''
...
...
vifibnet.py
View file @
ecbe625a
#!/usr/bin/env python
#!/usr/bin/env python
import
argparse
,
errno
,
math
,
os
,
select
,
subprocess
,
sys
,
time
,
traceback
import
argparse
,
errno
,
math
,
os
,
select
,
subprocess
,
sys
,
time
,
traceback
from
OpenSSL
import
crypto
from
OpenSSL
import
crypto
import
db
,
plib
,
upnpigd
,
utils
,
tunnel
manager
import
db
,
plib
,
upnpigd
,
utils
,
tunnel
def
getConfig
():
def
getConfig
():
parser
=
argparse
.
ArgumentParser
(
parser
=
argparse
.
ArgumentParser
(
...
@@ -45,27 +45,31 @@ def getConfig():
...
@@ -45,27 +45,31 @@ def getConfig():
def
main
():
def
main
():
# Get arguments
# Get arguments
config
=
getConfig
()
config
=
getConfig
()
network
=
utils
.
networkFromCa
(
config
.
ca
)
internal_ip
=
utils
.
ipFromCert
(
network
,
config
.
cert
)
# Init db and tunnels
peer_db
=
db
.
PeerManager
(
utils
.
config
.
db
)
tunnel_manager
=
tunnelmanager
.
TunnelManager
(
write_pipe
,
peer_db
,
config
.
client_count
,
config
.
refresh_count
)
# Launch babel on all interfaces. WARNING : you have to be root to start babeld
# Launch babel on all interfaces. WARNING : you have to be root to start babeld
babel
=
plib
.
babel
(
stdout
=
os
.
open
(
os
.
path
.
join
(
utils
.
config
.
log
,
'vifibnet.babeld.log'
),
babel
=
plib
.
babel
(
network
,
internal_ip
,
[
'vifibnet'
]
+
tunnel_manager
.
free_interface_set
,
stdout
=
os
.
open
(
os
.
path
.
join
(
utils
.
config
.
log
,
'vifibnet.babeld.log'
),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
),
stderr
=
subprocess
.
STDOUT
)
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
),
stderr
=
subprocess
.
STDOUT
)
# Create and open read_only pipe to get
connect/disconnect events from openvpn
# Create and open read_only pipe to get
server events
utils
.
log
(
'Creating pipe for server events'
,
3
)
utils
.
log
(
'Creating pipe for server events'
,
3
)
r_pipe
,
write_pipe
=
os
.
pipe
()
r_pipe
,
write_pipe
=
os
.
pipe
()
read_pipe
=
os
.
fdopen
(
r_pipe
)
read_pipe
=
os
.
fdopen
(
r_pipe
)
# Setup the tunnel manager
peers_db
=
db
.
PeersDB
(
utils
.
config
.
db
)
tunnelManager
=
tunnelmanager
.
TunnelManager
(
write_pipe
,
peers_db
,
utils
.
config
.
client_count
,
utils
.
config
.
refresh_count
)
# Establish connections
# Establish connections
serverProcess
=
plib
.
server
(
utils
.
config
.
internal_ip
,
write_pipe
,
'--dev'
,
'vifibnet'
,
server_process
=
plib
.
server
(
internal_ip
,
network
,
config
.
max_clients
,
write_pipe
,
'--dev'
,
'vifibnet'
,
*
utils
.
ovpnArgs
(
config
.
openvpn_args
,
config
.
ca
,
config
.
cert
),
stdout
=
os
.
open
(
os
.
path
.
join
(
utils
.
config
.
log
,
'vifibnet.server.log'
),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
))
stdout
=
os
.
open
(
os
.
path
.
join
(
utils
.
config
.
log
,
'vifibnet.server.log'
),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
))
tunnel
M
anager
.
refresh
()
tunnel
_m
anager
.
refresh
()
# Timed refresh initializing
# Timed refresh initializing
next_refresh
=
time
.
time
()
+
utils
.
config
.
refresh_time
next_refresh
=
time
.
time
()
+
config
.
refresh_time
# main loop
# main loop
try
:
try
:
...
@@ -73,11 +77,11 @@ def main():
...
@@ -73,11 +77,11 @@ def main():
ready
,
tmp1
,
tmp2
=
select
.
select
([
read_pipe
],
[],
[],
ready
,
tmp1
,
tmp2
=
select
.
select
([
read_pipe
],
[],
[],
max
(
0
,
next_refresh
-
timhttp
:
//
blogs
.
lesechos
.
fr
/
dominique
-
seux
/
de
-
mondialiser
-
les
-
telecoms
-
a11339
.
htmle
.
time
()))
max
(
0
,
next_refresh
-
timhttp
:
//
blogs
.
lesechos
.
fr
/
dominique
-
seux
/
de
-
mondialiser
-
les
-
telecoms
-
a11339
.
htmle
.
time
()))
if
ready
:
if
ready
:
tunnelManager
.
handle_message
(
read_pipe
.
readline
())
peer_db
.
handle_message
(
read_pipe
.
readline
())
if
time
.
time
()
>=
next_refresh
:
if
time
.
time
()
>=
next_refresh
:
peer
s
_db
.
populate
(
100
)
peer_db
.
populate
(
100
)
tunnel
M
anager
.
refresh
()
tunnel
_m
anager
.
refresh
()
next_refresh
=
time
.
time
()
+
utils
.
config
.
refresh_time
next_refresh
=
time
.
time
()
+
config
.
refresh_time
except
KeyboardInterrupt
:
except
KeyboardInterrupt
:
return
0
return
0
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment