Commit 3ccc14d3 authored by Ulysse Beaugnon's avatar Ulysse Beaugnon

encryption is now optional

parent 4c34833d
Bug :
possible bug in the upnp refresh, when refreshing after a too long time
sometime reading /proc/net/ipv6_table bug
To be done :
test with python 2.6
Choose peer DB size.
Choose the number of peer we ask to the server
Warn babeld about the tunnels wich are about to be deleted. Maybe we could just increase the cost.
Test the package
Package miniupnpc
---------------------------------------------------------------------------------
......@@ -23,5 +19,7 @@ To be done :
Put a section about how to build the package from the sources in the README
http://pdos.csail.mit.edu/p2psim/kingdata/
http://www.eecs.harvard.edu/~syrah/nc/king/lats.n8.gz
http://www.cs.cornell.edu/People/egs/meridian/data.php
......@@ -9,7 +9,7 @@ ovpn_server = os.path.join(here, 'ovpn-server')
ovpn_client = os.path.join(here, 'ovpn-client')
def openvpn(hello_interval, *args, **kw):
def openvpn(hello_interval, encrypt, *args, **kw):
args = ['openvpn',
'--dev-type', 'tap',
'--persist-tun',
......@@ -19,17 +19,19 @@ def openvpn(hello_interval, *args, **kw):
'--ping-exit', str(4 * hello_interval),
'--group', 'nogroup',
] + list(args)
if not encrypt:
args.extend(['--cipher', 'none'])
logging.trace('%s' % (args,))
return subprocess.Popen(args, **kw)
def server(server_ip, ip_length, max_clients, dh_path, pipe_fd, port, proto, hello_interval, *args, **kw):
def server(server_ip, ip_length, max_clients, dh_path, pipe_fd, port, proto, hello_interval, encrypt, *args, **kw):
logging.debug('Starting server...')
if server_ip != '':
script_up = '%s %s/%u' % (ovpn_server, server_ip, 64)
else:
script_up = '%s none' % ovpn_server
return openvpn(hello_interval,
return openvpn(hello_interval, encrypt,
'--tls-server',
'--mode', 'server',
'--up', script_up,
......@@ -42,7 +44,7 @@ def server(server_ip, ip_length, max_clients, dh_path, pipe_fd, port, proto, hel
*args, **kw)
def client(server_address, pipe_fd, hello_interval, *args, **kw):
def client(server_address, pipe_fd, hello_interval, encrypt, *args, **kw):
logging.debug('Starting client...')
remote = ['--nobind',
'--client',
......@@ -57,7 +59,7 @@ def client(server_address, pipe_fd, hello_interval, *args, **kw):
logging.warning('Error "%s" in unpacking address %s for openvpn client'
% (e, server_address,))
remote += args
return openvpn(hello_interval, *remote, **kw)
return openvpn(hello_interval, encrypt, *remote, **kw)
def router(network, internal_ip, interface_list,
......
import os, traceback, time, subprocess, math, logging
import os, traceback, time, subprocess, logging
import random
import plib
# Be carfull the refresh interval should let the routes be established
......@@ -8,9 +9,9 @@ log = None
class Connection:
def __init__(self, address, write_pipe, hello, iface, prefix,
def __init__(self, address, write_pipe, hello, iface, prefix, encrypt,
ovpn_args):
self.process = plib.client(address, write_pipe, hello, '--dev', iface,
self.process = plib.client(address, write_pipe, hello, encrypt, '--dev', iface,
*ovpn_args, stdout=os.open(os.path.join(log,
're6stnet.client.%s.log' % (prefix,)),
os.O_WRONLY | os.O_CREAT | os.O_TRUNC),
......@@ -32,7 +33,8 @@ class Connection:
class TunnelManager:
def __init__(self, write_pipe, peer_db, openvpn_args, hello_interval,
refresh, connection_count, iface_list, network, prefix):
refresh, connection_count, iface_list, network, prefix, nSend,
encrypt):
self._write_pipe = write_pipe
self._peer_db = peer_db
self._connection_dict = {}
......@@ -44,6 +46,8 @@ class TunnelManager:
self._net_len = len(network)
self._iface_list = iface_list
self._prefix = prefix
self._nSend = nSend
self._encrypt = encrypt
self.next_refresh = time.time()
self._next_tunnel_refresh = time.time()
......@@ -97,7 +101,6 @@ class TunnelManager:
tunnel_to_make = self._client_count - len(self._connection_dict)
if tunnel_to_make <= 0:
return
i = 0
logging.trace('Trying to make %i new tunnels...' % tunnel_to_make)
try:
......@@ -107,7 +110,7 @@ class TunnelManager:
iface = self.free_interface_set.pop()
self._connection_dict[prefix] = Connection(address,
self._write_pipe, self._hello, iface,
prefix, self._ovpn_args)
prefix, self._encrypt, self._ovpn_args)
self._iface_to_prefix[iface] = prefix
self._peer_db.usePeer(prefix)
i += 1
......@@ -159,3 +162,6 @@ class TunnelManager:
return False
else:
return True
def notifyPeer(self, peerIp):
pass
......@@ -52,9 +52,8 @@ class Forwarder:
return (self._external_ip, str(external_port), proto)
def refresh(self):
print self._rules
logging.debug('Refreshing port forwarding')
for external_port, local_port, proto in self._rules:
self._u.addportmapping(external_port, proto, self._u.lanaddr,
local_port, 're6stnet openvpn server', '')
self.next_refresh = time.time() + 100
self.next_refresh = time.time() + 500
......@@ -61,6 +61,8 @@ def getConfig():
for the routing protocol''')
# Tunnel options
_('--encrypt', action='store_true',
help='specify that tunnels should be encrypted')
_('--pp', nargs=2, action='append',
help='Port and protocol to be used by other peers to connect')
_('--dh', required=True,
......@@ -139,7 +141,7 @@ def main():
manual, config.pp, 200)
tunnel_manager = tunnel.TunnelManager(write_pipe, peer_db, openvpn_args,
config.hello, config.tunnel_refresh, config.connection_count,
config.iface_list, network, prefix)
config.iface_list, network, prefix, 2, config.encrypt)
peer_db.tunnel_manager = tunnel_manager
# Launch routing protocol. WARNING : you have to be root to start babeld
......@@ -154,7 +156,7 @@ def main():
# Establish connections
server_process = list(plib.server(internal_ip, len(network) + len(prefix),
config.connection_count, config.dh, write_pipe, port,
proto, config.hello, '--dev', iface, *openvpn_args,
proto, config.hello, config.encrypt, '--dev', iface, *openvpn_args,
stdout=os.open(os.path.join(config.log,
're6stnet.server.%s.log' % (proto,)),
os.O_WRONLY | os.O_CREAT | os.O_TRUNC),
......
......@@ -6,7 +6,7 @@
const char* outName = "out.csv";
Results Simulate(int seed, int n, int k, int maxPeer, int maxDistanceFrom, float alivePercent, int runs)
Results Simulate(int seed, int n, int k, int maxPeer, float alivePercent, int runs)
{
Results results(maxPeer, 20);
mt19937 rng(seed);
......@@ -14,20 +14,20 @@ Results Simulate(int seed, int n, int k, int maxPeer, int maxDistanceFrom, floa
for(int r=0; r<runs; r++)
{
Graph graph(n, k, maxPeer, rng);
graph.KillMachines(alivePercent);
results.AddAccessibilitySample(((double)graph.CountUnreachableFrom(0))/((double)n));
//graph.KillMachines(alivePercent);
//results.AddAccessibilitySample(((double)graph.CountUnreachableFrom(0))/((double)n));
//int minCut = graph.GetMinCut();
//if(results.minKConnexity == -1 || results.minKConnexity > minCut)
//results.minKConnexity = minCut;
//results.UpdateArity(graph);
// Compute the shortest path
/*for(int i=0; i<min(graph.size, maxDistanceFrom); i++)
for(int i=0; i<graph.size; i++)
{
int distance[graph.size];
graph.GetDistancesFrom(i, distance);
results.UpdateDistance(distance, graph.size);
}*/
}
/*int distance[graph.size];
float routesCount[graph.size];
......@@ -90,20 +90,20 @@ int main(int argc, char** argv)
FILE* output = fopen(outName, "wt");
int fno = fileno(output);
fprintf(output, "n,k,a,accessibility\n");
fprintf(output, "n,k,a,distance\n");
vector<future<string>> outputStrings;
for(int n=10000; n<=10000; n*=2)
for(int k=5; k<=15; k+=5)
for(float a=0.05; a<1; a+=0.05)
for(int n=10; n<=100000; n*=2)
for(int k=5; k<=50; k+=5)
for(float a=1; a<=1; a+=0.05)
{
int seed = rng();
outputStrings.push_back(async(launch::async, [seed, n, k, a]()
{
Results results = Simulate(seed, n, k, 2.5*k, 10000, a, 100);
Results results = Simulate(seed, n, k, 3*k, a, 1);
ostringstream out;
out << n << "," << k << "," << a << ","
<< results.avgAccessibility
<< results.avgDistance
<< endl;
return out.str();
}));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment