Added registry ca and key files

client-connect

@@ -37,5 +37,5 @@ import os, sys
  'untrusted_port': '59345',
  'verb': '3'}
 
-open(sys.argv[2], 'w').write('push "setenv external_ip %s"\n' % os.environ[trusted_ip])
+open(sys.argv[2], 'w').write('push "setenv external_ip %s"\n' % os.environ['trusted_ip'])
 os.write(int(sys.argv[1]), '%(script_type)s %(common_name)s\n' % os.environ)

registry.py

@@ -20,6 +20,8 @@ class main(object):
         parser = argparse.ArgumentParser(
                 description='Peer discovery http server for vifibnet')
         _ = parser.add_argument
+        _('host', help='Address of the host server')
+        _('port', type=int, help='Port of the host server')
         _('--db', required=True,
                 help='Path to database file')
         _('--ca', required=True,
@@ -64,7 +66,7 @@ class main(object):
         print "Network prefix : %s/%u" % (self.network, len(self.network))
 
         # Starting server
-        server = SimpleXMLRPCServer(("localhost", 8000), requestHandler=RequestHandler, allow_none=True)
+        server = SimpleXMLRPCServer((self.config.host, self.config.port), requestHandler=RequestHandler, allow_none=True)
         server.register_instance(self)
         server.serve_forever()
 
@@ -138,20 +140,24 @@ class main(object):
     def getCa(self, handler):
         return crypto.dump_certificate(crypto.FILETYPE_PEM, self.ca)
 
+    def getBootstrapPeer(self, handler):
+        # TODO: Insert a flag column for bootstrap ready servers in peers 
+        # ( servers which shouldn't go down or change ip and port as opposed to servers owned by particulars )
+        return self.db.execute("SELECT ip, port proto FROM peers ORDER BY random() LIMIT 1").next()
+
     def declare(self, handler, address):
+        ip, port, proto = address
         client_address, _ = handler.client_address
-        # For Testing purposes only
-        client_address = "2001:db8:42::"
-        ip1, ip2 = struct.unpack('>QQ', socket.inet_pton(socket.AF_INET6, client_address))
-        ip = bin(ip1)[2:].rjust(64, '0') + bin(ip2)[2:].rjust(64, '0')
-        if ip.startswith(self.network):
-            prefix = ip[len(self.network):]
-            prefix, = self.db.execute("SELECT prefix FROM vifib WHERE prefix <= ? ORDER BY prefix DESC", (prefix,)).next()
-            ip, port, proto = address
+        client_ip1, client_ip2 = struct.unpack('>QQ', socket.inet_pton(socket.AF_INET6, client_address))
+        client_ip = bin(client_ip1)[2:].rjust(64, '0') + bin(client_ip2)[2:].rjust(64, '0')
+        if client_ip.startswith(self.network):
+            prefix = client_ip[len(self.network):]
+            prefix, = self.db.execute("SELECT prefix FROM vifib WHERE prefix <= ? ORDER BY prefix DESC LIMIT 1", (prefix,)).next()
             self.db.execute("INSERT OR REPLACE INTO peers VALUES (?,?,?,?)", (prefix, ip, port, proto))
             return True
         else:
-            print "Unauthorized connection from %s which does not start with %s" % (ip, self.network)
+            # TODO: use log + DO NOT PRINT BINARY IP
+            print "Unauthorized connection from %s which does not start with %s" % (client_ip, self.network)
             return False
 
     def getPeerList(self, handler, n, address):

server/ca.crt

+-----BEGIN CERTIFICATE-----
+MIIBejBkAgcBIAENuABCMA0GCSqGSIb3DQEBBQUAMAAwHhcNMTIwNzEyMTE1OTQz
+WhcNMTMwNzA0MjEyOTQ4WjAeMQswCQYDVQQGEwJGUjEPMA0GA1UEChMGVlBOIEFD
+MAgwAwYBAAMBADANBgkqhkiG9w0BAQUFAAOCAQEAFYuU4QGUcs60LlThDqQhhyN8
+ZFAaHcPROkUkHE5HNqQ1kOjApzneA7lcEV2gO6vO0qmHW5aBfUYQKGxosqiiCtaT
+SD6IltD7qMxx0dtXH0W/SSo7d0JifnZh15isjHi0jEv5Cq3NOKlX0115+HrS/uS2
+scI1ujV9PHUUJiwigb2AZ7gHZP/Ug54yYY+w6Ail85CmZ6txmZvC16obqeRmRZyv
+g7fvNEg9dmuG8Lj/eXZZTZlrRA5jv2NdWjFl09469t3rGFDFFLop+76H10qR3U/F
+Fn8h12o4qLJhIaDV0vRZh9/tg18N0BrBTkX4BET5AD3mqZ6w8xkrs4pVqHM9/A==
+-----END CERTIFICATE-----

server/ca.key

+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzKdaI1gddt8iN
+5MTNMe+bKuVt0Cfq34OUh0y73NQm1HjUMDHiU/5djkBuw+Y8q8OMIwCuN8Pgyp6C
+fFivLH3a42ebgxJn2kfU7078gibCEuIPWD9GXQjSgP+7MJVv3q24g4YZTsa6lKJ8
+Y1OfP2i2uNR3v7/3BBIsob8pial2kbLgz96L+czDjPOVsV+VH91Mkq6kO7jfNpNo
+BHVSXzkQpVupxi86wEFIrkzlAYZRmY0fRcprhovI1iDLpdsJsY/yyPgfXNJk9xhT
+lPUoNxyH0EPhGv0KArJZkwlzdDj5RVYYcLTEge374gr1EIMyzex/kN5y1as2tX9l
+wXTROc5pAgMBAAECggEAE6L/R4olzojJK3wqcc8KUvh1ov6QkXakBlB6AZEnk4Xw
+JFmP7h2EoJ5pw3onLvkoeqCPf4jPKEEs9GJKmhCHTslj3rCUANv0yYrdHmHpe5X0
+PvhOHxktUV0gKlUd2+ANLE8GEJoIwARwdq+wR6D8iiJh7yoOETXaBBhKSnQzJbKN
+NoIm7SNnRSZhGSd+cECFFVdhkSrUApL5CodhHaEVZchrO8rbUeHoa5QTAe14lkO/
+7UezQHw6/Ma8YfXSsCTgngoM/gvZRR9iHK6Kj/oL/JWZ939wKeLrdnWSflEHtOyv
+9XYODYcY0PQfGCOh3gWWllhe0SX5jZFsklxTnq9x7QKBgQDtM0kZOEATB29bDuA9
+mhvOluQYcSRtNa6scMJbY4kkGY2fbHZQHqse2iL+6DjnYO2oxnWZSySfk1JCSyA3
+F845LLnPVNvvoT0bUAGlsWfg4+k57uthi5jg15JSGqmCuO3zfYRPje2O5ZrZJRKe
+hhsAPLOkfastXzlpOBQkaLeAbwKBgQDBXQDbYK/EenGyWK2ULeAMpcUmYNaaaWFI
+UM5I8QDQHTK2x3LCQDaNwuK+W/7z/GKJ5G1hMqYDaQY7yC+ngpCp0TDNVgnfoRja
+VY8hwWrWVGettPpozXWRKiZRWZfILgIsv49//lW0Xvw+GU/4pSmnFj6o2ZaY8bdi
+2NuumoJapwKBgGqfOgWHHm4vUmPZDP1Dz6oOc5t1CE266riCuyq/VD8Q6XM3Gvuq
+vXrRzRdOJX4EOPA7vVLZzy2X2EsKYAHDxqQ2sZM77t0JWmFzljn3w9z4Nbcf6Vhg
+mqi+3fvgFkA3hmaEDjyAbL9mADQJkRQG7g4uOwX+ozpy6micl5lCJPIrAoGAAKYr
+RpFAhcxTbWHW01SEGAbGbqaMkeAgr3l199C3S/uNHAf3XqeQh1FMKY9tf6wtOIFH
+zLe6zvAfUTwOzOUnTyqgm0/aoKGNz83RuS9JCIcoAfFFlex6pI4bqtI+LDHbWAMc
+nDViXESlXCABoLgNN75fX3m7g6/sCazor+Fc5qkCgYEAjWm1mwj+qaL31/nLZ2eE
+PbV6paORRRvKDA2I7qb/FGEQmselhdI/2V5felyuJ1yNfFEwpY9A0n93Bj77DmjM
+SVALmLZgnks0OZ6ZXZ5SpO7P48k5m00+ikec/Eojfy0TrxeCMxk+kC1qv7g0lpMP
+n6LSHs8XW5znCNoS86UTVcc=
+-----END PRIVATE KEY-----

setup.py

@@ -18,7 +18,7 @@ def main():
     config = parser.parse_args()
     if config.req and len(config.req) % 2 == 1:
         print "Sorry, request argument was incorrect, there must be an even number of request arguments"
-        exit(1)
+        sys.exit(1)
 
     # Get token
     email = raw_input('Please enter your email address : ')

vifibnet.py

@@ -7,7 +7,6 @@ import openvpn
 import random
 import log
 
-VIFIB_NET = ''
 connection_dict = {} # to remember current connections we made
 free_interface_set = set(('client1', 'client2', 'client3', 'client4', 'client5',
                           'client6', 'client7', 'client8', 'client9', 'client10'))
@@ -34,15 +33,14 @@ class PeersDB:
         except sqlite3.OperationalError, e:
             if e.args[0] != 'table peers already exists':
                 raise RuntimeError
-        else:
-            self.populateDB(100)
 
     def populateDB(self, n):
         log.log('Populating Peers DB', 2)
-        (ip, port) = upnpigd.GetExternalInfo(1194)
+        port = 1194
         proto = 'udp'
-        new_peer_list = self.proxy.getPeerList(n, (ip, port, proto))
-        self.db.executemany("INSERT INTO peers (ip, port, proto) VALUES (?,?,?)", new_peer_list)
+        new_peer_list = self.proxy.getPeerList(n, (config.external_ip, port, proto))
+        self.db.executemany("INSERT OR REPLACE INTO peers (ip, port, proto) VALUES (?,?,?)", new_peer_list)
+        self.db.execute("DELETE FROM peers WHERE ip = ?", (config.external_ip,))
 
     def getUnusedPeers(self, nPeers):
         return self.db.execute("SELECT id, ip, port, proto FROM peers WHERE used = 0 "
@@ -70,13 +68,13 @@ def ipFromPrefix(prefix, prefix_len):
 
 def startBabel(**kw):
     args = ['babeld',
-            '-C', 'redistribute local ip %s' % (config.ip),
+            '-C', 'redistribute local ip %s' % (config.internal_ip),
             '-C', 'redistribute local deny',
             # Route VIFIB ip adresses
             '-C', 'in ip %s::/%u' % (ipFromBin(config.vifibnet), len(config.vifibnet)),
             # Route only addresse in the 'local' network,
             # or other entire networks
-            #'-C', 'in ip %s' % (config.ip),
+            #'-C', 'in ip %s' % (config.internal_ip),
             #'-C', 'in ip ::/0 le %s' % network_mask,
             # Don't route other addresses
             '-C', 'in deny',
@@ -119,6 +117,8 @@ def getConfig():
             help='Path to the certificate authority file')
     _('--cert', required=True,
             help='Path to the certificate file')
+    _('--ip', required=True, dest='external_ip',
+            help='Ip address of the machine on the internet')
     # Openvpn options
     _('openvpn_args', nargs=argparse.REMAINDER,
             help="Common OpenVPN options (e.g. certificates)")
@@ -133,8 +133,8 @@ def getConfig():
         cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
         subject = cert.get_subject()
         prefix, prefix_len = subject.serialNumber.split('/')
-        config.ip = ipFromPrefix(prefix, int(prefix_len))
-        log.log('Intranet ip : %s' % (config.ip,), 3)
+        config.internal_ip = ipFromPrefix(prefix, int(prefix_len))
+        log.log('Intranet ip : %s' % (config.internal_ip,), 3)
     # Treat openvpn arguments
     if config.openvpn_args[0] == "--":
         del config.openvpn_args[0]
@@ -230,13 +230,14 @@ def main():
 
     # Establish connections
     log.log('Starting openvpn server', 3)
-    serverProcess = openvpn.server(config.ip, write_pipe, '--dev', 'vifibnet',
+    serverProcess = openvpn.server(config.internal_ip, write_pipe, '--dev', 'vifibnet',
             stdout=os.open(os.path.join(config.log, 'vifibnet.server.log'), os.O_WRONLY | os.O_CREAT | os.O_TRUNC))
     startNewConnection(config.client_count, write_pipe)
 
     # Timed refresh initializing
     next_refresh = time.time() + config.refresh_time
 
+    # TODO: use peers_db.populate(100) every once in a while ?
     # main loop
     try:
         while True: