Skip to content
Toggle navigation
Toggle navigation
This project
Loading...
Sign in
nexedi
/
re6stnet
Go to a project
Toggle navigation
Toggle navigation pinning
Projects
Groups
Snippets
Help
Project
Activity
Repository
Graphs
Issues
0
Merge Requests
2
Wiki
Snippets
Network
Create a new issue
Commits
Issue Boards
Files
Commits
Network
Compare
Branches
Tags
Commit 8e0a7ede
authored
2012-07-16 13:22:55 +0200
by
Guillaume Bury
Browse Files
Options
Browse Files
Tag
Download
Email Patches
Plain Diff
Fix for peers db creation
1 parent
dc4ef785
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
56 additions
and
35 deletions
client-connect
ipchange
openvpn.py
registry.py
setup.py
up-client
up-server
vifibnet.py
client-connect
View file @
8e0a7ed
...
...
@@ -37,5 +37,8 @@ import os, sys
'untrusted_port'
:
'59345'
,
'verb'
:
'3'
}
# Send to client his external ip address
open
(
sys
.
argv
[
2
],
'w'
)
.
write
(
'push "setenv external_ip
%
s"
\n
'
%
os
.
environ
[
'trusted_ip'
])
# Write into pipe connect/disconnect events
os
.
write
(
int
(
sys
.
argv
[
1
]),
'
%(script_type)
s
%(common_name)
s
\n
'
%
os
.
environ
)
ipchange
View file @
8e0a7ed
#!/usr/bin/python -S
import
os
,
sys
# Write into pipe external ip address received
os
.
write
(
int
(
sys
.
argv
[
1
]),
'
%(script_type)
s
%(external_ip)
s
\n
'
%
os
.
environ
)
openvpn.py
View file @
8e0a7ed
...
...
@@ -29,7 +29,7 @@ def server(ip, pipe_fd, *args, **kw):
'--tls-server'
,
'--mode'
,
'server'
,
'--duplicate-cn'
,
# XXX : to be removed
'--up'
,
'up-server
'
+
ip
,
'--up'
,
'up-server
%
s/
%
u'
%
(
ip
,
len
(
config
.
vifibnet
))
,
'--client-connect'
,
'client-connect '
+
str
(
pipe_fd
),
'--client-disconnect'
,
'client-connect '
+
str
(
pipe_fd
),
'--dh'
,
config
.
dh
,
...
...
registry.py
View file @
8e0a7ed
...
...
@@ -169,7 +169,9 @@ class main(object):
# TODO: Insert a flag column for bootstrap ready servers in peers
# ( servers which shouldn't go down or change ip and port as opposed to servers owned by particulars )
# that way, we also ascertain that the server sent is not the new node....
return
self
.
db
.
execute
(
"SELECT ip, port proto FROM peers ORDER BY random() LIMIT 1"
)
.
next
()
ip
,
port
,
proto
=
self
.
db
.
execute
(
"SELECT ip, port, proto FROM peers ORDER BY random() LIMIT 1"
)
.
next
()
print
"Sending bootstrap peer (
%
s,
%
s,
%
s)"
%
(
ip
,
port
,
proto
)
return
ip
,
port
,
proto
def
declare
(
self
,
handler
,
address
):
client_address
,
ip
,
port
,
proto
=
address
...
...
setup.py
View file @
8e0a7ed
#!/usr/bin/env python
from
OpenSSL
import
crypto
import
argparse
,
os
,
subprocess
,
xmlrpclib
import
argparse
,
os
,
subprocess
,
sqlite3
,
sys
,
xmlrpclib
def
main
():
parser
=
argparse
.
ArgumentParser
(
description
=
'Setup script for vifib'
)
_
=
parser
.
add_argument
_
(
'--ca-only'
,
action
=
'store_true'
,
help
=
'To only get CA form server'
)
_
(
'--db-only'
,
action
=
'store_true'
,
help
=
'To only get CA and setup peer db with bootstrap peer'
)
_
(
'--server'
,
required
=
True
,
help
=
'Address of the server delivering certifiactes'
)
_
(
'--port'
,
required
=
True
,
type
=
int
,
...
...
@@ -20,9 +24,43 @@ def main():
print
"Sorry, request argument was incorrect, there must be an even number of request arguments"
sys
.
exit
(
1
)
# Establish connection with server
s
=
xmlrpclib
.
ServerProxy
(
'http://
%
s:
%
u'
%
(
config
.
server
,
config
.
port
))
# Get CA
ca
=
s
.
getCa
()
with
open
(
os
.
path
.
join
(
config
.
dir
,
'ca.pem'
),
'w'
)
as
f
:
f
.
write
(
ca
)
if
config
.
ca_only
:
sys
.
exit
(
0
)
# Create and initialize peers DB
boot_ip
,
boot_port
,
boot_proto
=
s
.
getBootstrapPeer
()
db
=
sqlite3
.
connect
(
os
.
path
.
join
(
config
.
dir
,
'peers.db'
),
isolation_level
=
None
)
try
:
db
.
execute
(
"""CREATE TABLE peers (
id INTEGER PRIMARY KEY AUTOINCREMENT,
ip TEXT NOT NULL,
port INTEGER NOT NULL,
proto TEXT NOT NULL,
used INTEGER NOT NULL default 0,
date INTEGER DEFAULT (strftime('
%
s', 'now')))"""
)
db
.
execute
(
"CREATE INDEX _peers_used ON peers(used)"
)
db
.
execute
(
"CREATE UNIQUE INDEX _peers_address ON peers(ip, port, proto)"
)
db
.
execute
(
"INSERT INTO peers (ip, port, proto) VALUES (?,?,?)"
,
(
boot_ip
,
boot_port
,
boot_proto
))
except
sqlite3
.
OperationalError
,
e
:
if
e
.
args
[
0
]
==
'table peers already exists'
:
print
"Table peers already exists, leaving it as it is"
else
:
print
"sqlite3.OperationalError :"
+
e
.
args
[
0
]
sys
.
exit
(
1
)
if
config
.
db_only
:
sys
.
exit
(
0
)
# Get token
email
=
raw_input
(
'Please enter your email address : '
)
s
=
xmlrpclib
.
ServerProxy
(
'http://
%
s:
%
u'
%
(
config
.
server
,
config
.
port
))
_
=
s
.
requestToken
(
email
)
token
=
raw_input
(
'Please enter your token : '
)
...
...
@@ -42,39 +80,18 @@ def main():
req
.
sign
(
pkey
,
'sha1'
)
req
=
crypto
.
dump_certificate_request
(
crypto
.
FILETYPE_PEM
,
req
)
# Get certificates and bootstrap peers
ca
=
s
.
getCa
()
# Get certificate
cert
=
s
.
requestCertificate
(
token
,
req
)
boot_ip
,
boot_port
,
boot_proto
=
s
.
getBootstrapPeer
()
# Generating dh file
if
not
os
.
access
(
os
.
path
.
join
(
config
.
dir
,
'dh2048.pem'
),
os
.
F_OK
):
subprocess
.
call
([
'openssl'
,
'dhparam'
,
'-out'
,
os
.
path
.
join
(
config
.
dir
,
'dh2048.pem'
),
'2048'
])
# Store cert and key
with
open
(
os
.
path
.
join
(
config
.
dir
,
'cert.key'
),
'w'
)
as
f
:
f
.
write
(
key
)
with
open
(
os
.
path
.
join
(
config
.
dir
,
'cert.crt'
),
'w'
)
as
f
:
f
.
write
(
cert
)
with
open
(
os
.
path
.
join
(
config
.
dir
,
'ca.pem'
),
'w'
)
as
f
:
f
.
write
(
ca
)
# Create and initialize peers DB
self
.
db
=
sqlite3
.
connect
(
os
.
path
.
join
(
config
.
dir
,
'peers.db'
),
isolation_level
=
None
)
try
:
self
.
db
.
execute
(
"""CREATE TABLE peers (
id INTEGER PRIMARY KEY AUTOINCREMENT,
ip TEXT NOT NULL,
port INTEGER NOT NULL,
proto TEXT NOT NULL,
used INTEGER NOT NULL default 0,
date INTEGER DEFAULT strftime('
%
s', 'now'))"""
)
self
.
db
.
execute
(
"CREATE INDEX _peers_used ON peers(used)"
)
self
.
db
.
execute
(
"CREATE INDEX _peers_address ON peers(ip, port, proto)"
)
self
.
db
.
execute
(
"INSERT INTO peers (ip, port, proto) VALUES (?,?,?)"
,
(
boot_ip
,
boot_port
,
boot_proto
))
except
sqlite3
.
OperationalError
,
e
:
if
e
.
args
[
0
]
==
'table peers already exists'
:
print
"Table peers already exists, leaving it as it is"
# Generating dh file
if
not
os
.
access
(
os
.
path
.
join
(
config
.
dir
,
'dh2048.pem'
),
os
.
F_OK
):
subprocess
.
call
([
'openssl'
,
'dhparam'
,
'-out'
,
os
.
path
.
join
(
config
.
dir
,
'dh2048.pem'
),
'2048'
])
print
"Certificate setup complete."
...
...
up-client
View file @
8e0a7ed
#!/bin/sh -e
ifconfig
$dev
up
ip link
set
$dev
up
up-server
View file @
8e0a7ed
#!/bin/sh -e
i
fconfig
$dev
up
i
fconfig
$dev
inet6 add
$1
i
p link
set
$dev
up
i
p addr add
$1
dev
$dev
vifibnet.py
View file @
8e0a7ed
...
...
@@ -35,7 +35,7 @@ class PeersDB:
port
=
1194
proto
=
'udp'
new_peer_list
=
self
.
proxy
.
getPeerList
(
n
,
(
config
.
internal_ip
,
config
.
external_ip
,
port
,
proto
))
self
.
db
.
executemany
(
"INSERT OR
REPLACE INTO peers (ip, port, proto) VALUES (?,?,?
)"
,
new_peer_list
)
self
.
db
.
executemany
(
"INSERT OR
IGNORE INTO peers (ip, port, proto, used) VALUES (?,?,?,0
)"
,
new_peer_list
)
self
.
db
.
execute
(
"DELETE FROM peers WHERE ip = ?"
,
(
config
.
external_ip
,))
def
getUnusedPeers
(
self
,
nPeers
):
...
...
Write
Preview
Styling with
Markdown
is supported
Attach a file
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to post a comment