Commit ecbe625a authored by Guillaume Bury's avatar Guillaume Bury

Cleaner configuration

parent 5cd60b35
import utils
import sqlite3
import xmlrpclib
import sqlite3, xmlrpclib
class PeersDB:
def __init__(self, dbPath):
class PeerManager:
def __init__(self, dbPath):
utils.log('Connectiong to peers database', 4)
self.db = sqlite3.connect(dbPath, isolation_level=None)
utils.log('Preparing peers database', 4)
......@@ -37,3 +36,14 @@ class PeersDB:
def unusePeer(self, id):
utils.log('Updating peers database : unusing peer ' + str(id), 5)
self.db.execute("UPDATE peers SET used = 0 WHERE id = ?", (id,))
def handle_message(msg):
script_type, arg = msg.split()
if script_type == 'client-connect':
utils.log('Incomming connection from %s' % (arg,), 3)
elif script_type == 'client-disconnect':
utils.log('%s has disconnected' % (arg,), 3)
elif script_type == 'route-up':
utils.log('External Ip : ' + arg, 3)
else:
utils.log('Unknow message recieved from the openvpn pipe : ' + msg, 1)
......@@ -20,24 +20,23 @@ def openvpn(*args, **kw):
# '--ping-exit', '3',
'--group', 'nogroup',
'--verb', str(utils.config.verbose),
] + list(args) + utils.config.openvpn_args
if utils.config.verbose >= 5:
print repr(args)
] + list(args)
utils.log(str(args), 5)
return subprocess.Popen(args, **kw)
# TODO : set iface up when creating a server/client
# ! check working directory before launching up script ?
def server(serverIp, pipe_fd, *args, **kw):
def server(serverIp, network, max_clients, pipe_fd, *args, **kw):
utils.log('Starting server', 3)
return openvpn(
'--tls-server',
'--mode', 'server',
'--up', 'ovpn-server %s/%u' % (serverIp, len(utils.config.vifibnet)),
'--up', 'ovpn-server %s/%u' % (serverIp, len(network)),
'--client-connect', 'ovpn-server ' + str(pipe_fd),
'--client-disconnect', 'ovpn-server ' + str(pipe_fd),
'--dh', utils.config.dh,
'--max-clients', str(utils.config.max_clients),
'--max-clients', str(max_clients),
*args, **kw)
def client(serverIp, pipe_fd, *args, **kw):
......@@ -50,7 +49,7 @@ def client(serverIp, pipe_fd, *args, **kw):
'--route-up', 'ovpn-client ' + str(pipe_fd),
*args, **kw)
def babel(internal_ip, network, interface_list, **kw):
def babel(network, internal_ip, interface_list, **kw):
utils.log('Starting babel', 3)
args = ['babeld',
'-C', 'redistribute local ip %s' % (internal_ip),
......
#!/usr/bin/env python
import argparse, math, random, select, smtplib, sqlite3, string, struct, socket, time
from email.mime.text import MIMEText
from functools import wraps
import argparse, math, random, select, smtplib, sqlite3, string, socket, time, traceback
from SimpleXMLRPCServer import SimpleXMLRPCServer, SimpleXMLRPCRequestHandler
from email.mime.text import MIMEText
from OpenSSL import crypto
import traceback
import utils
# To generate server ca and key with correct serial
# openssl req -nodes -new -x509 -key ca.key -set_serial 0x120010db80042 -days 365 -out ca.crt
......@@ -73,7 +72,6 @@ class main(object):
else:
self.db.execute("INSERT INTO vifib VALUES ('',null,null)")
# Loading certificates
with open(self.config.ca) as f:
self.ca = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
......@@ -88,6 +86,8 @@ class main(object):
server4.register_instance(self)
server6 = SimpleXMLRPCServer6(('::', self.config.port), requestHandler=RequestHandler, allow_none=True)
server6.register_instance(self)
# Main loop
while True:
try:
r, w, e = select.select([server4, server6], [], [])
......@@ -179,8 +179,7 @@ class main(object):
def declare(self, handler, address):
client_address, ip, port, proto = address
#client_address, _ = handler.client_address
client_ip1, client_ip2 = struct.unpack('>QQ', socket.inet_pton(socket.AF_INET6, client_address))
client_ip = bin(client_ip1)[2:].rjust(64, '0') + bin(client_ip2)[2:].rjust(64, '0')
client_ip = binFromIp(client_address)
if client_ip.startswith(self.network):
prefix = client_ip[len(self.network):]
prefix, = self.db.execute("SELECT prefix FROM vifib WHERE prefix <= ? ORDER BY prefix DESC LIMIT 1", (prefix,)).next()
......
#!/usr/bin/env python
from OpenSSL import crypto
import argparse, os, subprocess, sqlite3, sys, xmlrpclib
from OpenSSL import crypto
def main():
parser = argparse.ArgumentParser(
......
import os, random, traceback
import plib, utils, db
class TunnelManager:
def __init__(self, write_pipe, peers_db):
def __init__(self, write_pipe, peer_db):
self._write_pipe = write_pipe
self._peers_db = peers_db
self._peer_db = peer_db
self._connection_dict = {}
self.client_count = client_count
self.refresh_count = refresh_count
self._client_count = client_count
self._refresh_count = refresh_count
self.free_interface_set = set(('client1', 'client2', 'client3', 'client4', 'client5',
'client6', 'client7', 'client8', 'client9', 'client10'))
......@@ -25,7 +23,7 @@ class TunnelManager:
if p.poll() != None:
utils.log('Connection with %s has failed with return code %s' % (id, p.returncode), 3)
self.free_interface_set.add(iface)
self.peers_db.unusePeer(id)
self.peer_db.unusePeer(id)
del self.connection_dict[id]
def _removeSomeTunnels(self):
......@@ -38,30 +36,19 @@ class TunnelManager:
p, iface = self._connection_dict.pop(peer_id)
p.kill()
self.free_interface_set.add(iface)
self._peers_db.unusePeer(peer_id)
self._peer_db.unusePeer(peer_id)
def _makeNewTunnels(self):
try:
for peer_id, ip, port, proto in self._peers_db.getUnusedPeers(self._client_count - len(self._connection_dict), self._write_pipe):
for peer_id, ip, port, proto in self._peer_db.getUnusedPeers(self._client_count - len(self._connection_dict), self._write_pipe):
utils.log('Establishing a connection with id %s (%s:%s)' % (peer_id, ip, port), 2)
iface = self.free_interface_set.pop()
self._connection_dict[peer_id] = ( openvpn.client( ip, write_pipe, '--dev', iface, '--proto', proto, '--rport', str(port),
stdout=os.open(os.path.join(utils.config.log, 'vifibnet.client.%s.log' % (peer_id,)),
os.O_WRONLY|os.O_CREAT|os.O_TRUNC) ),
iface)
self._peers_db.usePeer(peer_id)
self._peer_db.usePeer(peer_id)
except KeyError:
utils.log("Can't establish connection with %s : no available interface" % ip, 2)
except Exception:
traceback.print_exc()
def handle_message(msg):
script_type, arg = msg.split()
if script_type == 'client-connect':
utils.log('Incomming connection from %s' % (arg,), 3)
elif script_type == 'client-disconnect':
utils.log('%s has disconnected' % (arg,), 3)
elif script_type == 'route-up':
utils.log('External Ip : ' + arg, 3)
else:
utils.log('Unknow message recieved from the openvpn pipe : ' + msg, 1)
import argparse, time
import argparse, time, struct, socket
from OpenSSL import crypto
......@@ -6,6 +6,10 @@ def log(message, verbose_level):
if config.verbose >= verbose_level:
print time.strftime("%d-%m-%Y %H:%M:%S : " + message)
def binFromIp(ip):
ip1, ip2 = struct.unpack('>QQ', socket.inet_pton(socket.AF_INET6, ip))
return bin(client_ip1)[2:].rjust(64, '0') + bin(client_ip2)[2:].rjust(64, '0')
def ipFromBin(prefix):
prefix = hex(int(prefix, 2))[2:]
ip = ''
......
#!/usr/bin/env python
import argparse, errno, math, os, select, subprocess, sys, time, traceback
from OpenSSL import crypto
import db, plib, upnpigd, utils, tunnelmanager
import db, plib, upnpigd, utils, tunnel
def getConfig():
parser = argparse.ArgumentParser(
......@@ -45,27 +45,31 @@ def getConfig():
def main():
# Get arguments
config = getConfig()
network = utils.networkFromCa(config.ca)
internal_ip = utils.ipFromCert(network, config.cert)
# Init db and tunnels
peer_db = db.PeerManager(utils.config.db)
tunnel_manager = tunnelmanager.TunnelManager(write_pipe, peer_db, config.client_count, config.refresh_count)
# Launch babel on all interfaces. WARNING : you have to be root to start babeld
babel = plib.babel(stdout=os.open(os.path.join(utils.config.log, 'vifibnet.babeld.log'),
babel = plib.babel(network, internal_ip, ['vifibnet'] + tunnel_manager.free_interface_set,
stdout=os.open(os.path.join(utils.config.log, 'vifibnet.babeld.log'),
os.O_WRONLY | os.O_CREAT | os.O_TRUNC), stderr=subprocess.STDOUT)
# Create and open read_only pipe to get connect/disconnect events from openvpn
# Create and open read_only pipe to get server events
utils.log('Creating pipe for server events', 3)
r_pipe, write_pipe = os.pipe()
read_pipe = os.fdopen(r_pipe)
# Setup the tunnel manager
peers_db = db.PeersDB(utils.config.db)
tunnelManager = tunnelmanager.TunnelManager(write_pipe, peers_db, utils.config.client_count, utils.config.refresh_count)
# Establish connections
serverProcess = plib.server(utils.config.internal_ip, write_pipe, '--dev', 'vifibnet',
server_process = plib.server(internal_ip, network, config.max_clients, write_pipe,
'--dev', 'vifibnet', *utils.ovpnArgs(config.openvpn_args, config.ca, config.cert),
stdout=os.open(os.path.join(utils.config.log, 'vifibnet.server.log'), os.O_WRONLY | os.O_CREAT | os.O_TRUNC))
tunnelManager.refresh()
tunnel_manager.refresh()
# Timed refresh initializing
next_refresh = time.time() + utils.config.refresh_time
next_refresh = time.time() + config.refresh_time
# main loop
try:
......@@ -73,11 +77,11 @@ def main():
ready, tmp1, tmp2 = select.select([read_pipe], [], [],
max(0, next_refresh - timhttp://blogs.lesechos.fr/dominique-seux/de-mondialiser-les-telecoms-a11339.htmle.time()))
if ready:
tunnelManager.handle_message(read_pipe.readline())
peer_db.handle_message(read_pipe.readline())
if time.time() >= next_refresh:
peers_db.populate(100)
tunnelManager.refresh()
next_refresh = time.time() + utils.config.refresh_time
peer_db.populate(100)
tunnel_manager.refresh()
next_refresh = time.time() + config.refresh_time
except KeyboardInterrupt:
return 0
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment