Merge branch 'master' of https://git.erp5.org/repos/vifibnet

Conflicts:
	tunnelmanager.py

TODO

@@ -8,22 +8,18 @@ To be done :
 To be discuss:
     Remove the --no-boot option since we know when no node is avalaible
 
-    When I created PeersDB, I thought only be used to access the DB and not do some logic. 
-        We should decide what it is suppose to do :
-            Just access the DB
-            Or manage the peers
-    
     The organisation of the code
-        vifibnet.py             Just contain the main loop and the init
+        vifibnet.py         Just contain the main loop and the init
         openpvn.py          To launch openvpn processes
         utils.py            Small functions to do some usefull job, also contains the config
         db.py               Function to access the DB (merge with utils ?)
         tunnelmanager.py    To choose wich connection delete/keep/...
         upnpigd.py          To open a port and find the external IP
-    
+
     How we choose which protocol we use :
         IMO, we should use UDP. I've read many times than TCP other TCP can be catastrophic in terme of performance 
         Every time a packet is lost, it is resend 2 times, one for each TCP tunnel
         And many GW allow UDP port forwarding (for bittorent, Xbox, ...) but not TCP port forwarding
 
-    Use peers_db.populate(100) every once in a while ?
+    Use peers_db.populate(100) every once in a while ? -> yes but be warry of the refresh time ( populate
+    the db once every 20s is bad.. )

openvpn-up-client

-#!/bin/sh -e
-ip link set $dev up

openvpn-up-server

-#!/bin/sh -e
-
-ip link set $dev up
-ip addr add $1 dev $dev

openvpn-route-up → ovpn-client

 #!/usr/bin/python -S
-import os, time, sys
+import os, sys
+
+if os.environ['script_type'] == 'up':
+    os.execlp('ip', 'ip', 'link', 'set', os.environ['dev'], 'up')
 
 # Write into pipe external ip address received
 os.write(int(sys.argv[1]), '%(script_type)s %(OPENVPN_external_ip)s\n' % os.environ)
-

openvpn-server-events → ovpn-server

 #!/usr/bin/python -S
-import os, time, sys
 
 # example of os.environ
 {'X509_0_C': 'FR',
@@ -37,10 +36,18 @@ import os, time, sys
  'untrusted_port': '59345',
  'verb': '3'}
 
-# Send to client his external ip address
-if os.environ['script_type'] == 'client-connect':
+script_type = os.environ['script_type']
+if script_type == 'up':
+    from subprocess import call
+    dev = os.environ['dev']
+    sys.exit(call(('ip', 'link', 'set', dev, 'up'))
+          or call(('ip', 'addr', 'add', sys.argv[1], 'dev', dev)))
+
+if script_type == 'client-connect':
+    # Send client its external ip address
     with open(sys.argv[2], 'w') as f:
-        f.write('push "setenv-safe external_ip %s"\n' % os.environ['trusted_ip'])
+        f.write('push "setenv-safe external_ip %s"\n'
+                % os.environ['trusted_ip'])
 
 # Write into pipe connect/disconnect events
 os.write(int(sys.argv[1]), '%(script_type)s %(common_name)s\n' % os.environ)

openvpn.py → plib.py

+#!/usr/bin/env python
 import subprocess
 import utils
 import os
@@ -26,26 +27,29 @@ def openvpn(*args, **kw):
 # ! check working directory before launching up script ?
 
 def server(ip, pipe_fd, *args, **kw):
+    utils.log('Starting server', 3)
     return openvpn(
         '--tls-server',
         '--mode', 'server',
-        '--up', 'openvpn-up-server %s/%u' % (ip, len(utils.config.vifibnet)),
-        '--client-connect', 'openvpn-server-events ' + str(pipe_fd),
-        '--client-disconnect', 'openvpn-server-events ' + str(pipe_fd),
+        '--up', 'ovpn-server %s/%u' % (ip, len(utils.config.vifibnet)),
+        '--client-connect', 'ovpn-server ' + str(pipe_fd),
+        '--client-disconnect', 'ovpn-server ' + str(pipe_fd),
         '--dh', utils.config.dh,
         '--max-clients', str(utils.config.max_clients),
         *args, **kw)
 
 def client(serverIp, pipe_fd, *args, **kw):
+    utils.log('Starting client', 5)
     return openvpn(
         '--nobind',
         '--client',
         '--remote', serverIp,
-        '--up', 'openvpn-up-client',
-        '--route-up', 'openvpn-route-up ' + str(pipe_fd),
+        '--up', 'ovpn-client',
+        '--route-up', 'ovpn-client ' + str(pipe_fd),
         *args, **kw)
 
-def startBabel(**kw):
+def babel(**kw):
+    utils.log('Starting babel', 3)
     args = ['babeld',
             '-C', 'redistribute local ip %s' % (utils.config.internal_ip),
             '-C', 'redistribute local deny',
@@ -63,7 +67,6 @@ def startBabel(**kw):
     if utils.config.babel_state:
         args += '-S', utils.config.babel_state
     args = args + ['vifibnet'] + list(tunnelmanager.free_interface_set)
-    if utils.config.verbose >= 5:
-        print args
+    utils.log(str(args), 5)
     return subprocess.Popen(args, **kw)
 

tunnelmanager.py

 import os, random, traceback
-import openvpn
-import utils
-import db
+import plib, utils, db
 
 free_interface_set = set(('client1', 'client2', 'client3', 'client4', 'client5',
                           'client6', 'client7', 'client8', 'client9', 'client10'))

vifibnet.py

 #!/usr/bin/env python
 import argparse, errno, math, os, select, subprocess, sys, time, traceback
 from OpenSSL import crypto
-import db, openvpn, upnpigd, utils, tunnelmanager
+import db, plib, upnpigd, utils, tunnelmanager
 
 def handle_message(msg):
     script_type, arg = msg.split()
@@ -19,24 +19,22 @@ def handle_message(msg):
 def main():
     # Get arguments
     utils.getConfig()
-    
+
     # Launch babel on all interfaces. WARNING : you have to be root to start babeld
-    utils.log('Starting babel', 3)
-    babel = startBabel(stdout=os.open(os.path.join(utils.config.log, 'vifibnet.babeld.log'), 
+    babel = plib.babel(stdout=os.open(os.path.join(utils.config.log, 'vifibnet.babeld.log'), 
         os.O_WRONLY | os.O_CREAT | os.O_TRUNC), stderr=subprocess.STDOUT)
 
     # Create and open read_only pipe to get connect/disconnect events from openvpn
-    utils.log('Creating pipe for openvpn events', 3)
+    utils.log('Creating pipe for server events', 3)
     r_pipe, write_pipe = os.pipe()
     read_pipe = os.fdopen(r_pipe)
 
-    # setup the tunnel manager 
+    # Setup the tunnel manager
     peers_db = db.PeersDB(utils.config.db)
     tunnelManager = tunnelmanager.TunnelManager(write_pipe, peers_db)
 
    # Establish connections
-    utils.log('Starting openvpn server', 3)
-    serverProcess = openvpn.server(utils.config.internal_ip, write_pipe, '--dev', 'vifibnet',
+    serverProcess = plib.server(utils.config.internal_ip, write_pipe, '--dev', 'vifibnet',
             stdout=os.open(os.path.join(utils.config.log, 'vifibnet.server.log'), os.O_WRONLY | os.O_CREAT | os.O_TRUNC))
     tunnelManager.refresh()