Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
R
re6stnet
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
2
Issues
2
List
Boards
Labels
Milestones
Merge Requests
4
Merge Requests
4
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
re6stnet
Commits
483e034f
Commit
483e034f
authored
Jul 13, 2012
by
Guillaume Bury
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added registry ca and key files
parent
6452f083
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
68 additions
and
23 deletions
+68
-23
client-connect
client-connect
+1
-1
registry.py
registry.py
+16
-10
server/ca.crt
server/ca.crt
+10
-0
server/ca.key
server/ca.key
+28
-0
setup.py
setup.py
+1
-1
vifibnet.py
vifibnet.py
+12
-11
No files found.
client-connect
View file @
483e034f
...
...
@@ -37,5 +37,5 @@ import os, sys
'untrusted_port'
:
'59345'
,
'verb'
:
'3'
}
open
(
sys
.
argv
[
2
],
'w'
).
write
(
'push "setenv external_ip %s"
\
n
'
%
os
.
environ
[
trusted_ip
])
open
(
sys
.
argv
[
2
],
'w'
).
write
(
'push "setenv external_ip %s"
\
n
'
%
os
.
environ
[
'trusted_ip'
])
os
.
write
(
int
(
sys
.
argv
[
1
]),
'%(script_type)s %(common_name)s
\
n
'
%
os
.
environ
)
registry.py
View file @
483e034f
...
...
@@ -20,6 +20,8 @@ class main(object):
parser
=
argparse
.
ArgumentParser
(
description
=
'Peer discovery http server for vifibnet'
)
_
=
parser
.
add_argument
_
(
'host'
,
help
=
'Address of the host server'
)
_
(
'port'
,
type
=
int
,
help
=
'Port of the host server'
)
_
(
'--db'
,
required
=
True
,
help
=
'Path to database file'
)
_
(
'--ca'
,
required
=
True
,
...
...
@@ -64,7 +66,7 @@ class main(object):
print
"Network prefix : %s/%u"
%
(
self
.
network
,
len
(
self
.
network
))
# Starting server
server
=
SimpleXMLRPCServer
((
"localhost"
,
8000
),
requestHandler
=
RequestHandler
,
allow_none
=
True
)
server
=
SimpleXMLRPCServer
((
self
.
config
.
host
,
self
.
config
.
port
),
requestHandler
=
RequestHandler
,
allow_none
=
True
)
server
.
register_instance
(
self
)
server
.
serve_forever
()
...
...
@@ -138,20 +140,24 @@ class main(object):
def
getCa
(
self
,
handler
):
return
crypto
.
dump_certificate
(
crypto
.
FILETYPE_PEM
,
self
.
ca
)
def
getBootstrapPeer
(
self
,
handler
):
# TODO: Insert a flag column for bootstrap ready servers in peers
# ( servers which shouldn't go down or change ip and port as opposed to servers owned by particulars )
return
self
.
db
.
execute
(
"SELECT ip, port proto FROM peers ORDER BY random() LIMIT 1"
).
next
()
def
declare
(
self
,
handler
,
address
):
ip
,
port
,
proto
=
address
client_address
,
_
=
handler
.
client_address
# For Testing purposes only
client_address
=
"2001:db8:42::"
ip1
,
ip2
=
struct
.
unpack
(
'>QQ'
,
socket
.
inet_pton
(
socket
.
AF_INET6
,
client_address
))
ip
=
bin
(
ip1
)[
2
:].
rjust
(
64
,
'0'
)
+
bin
(
ip2
)[
2
:].
rjust
(
64
,
'0'
)
if
ip
.
startswith
(
self
.
network
):
prefix
=
ip
[
len
(
self
.
network
):]
prefix
,
=
self
.
db
.
execute
(
"SELECT prefix FROM vifib WHERE prefix <= ? ORDER BY prefix DESC"
,
(
prefix
,)).
next
()
ip
,
port
,
proto
=
address
client_ip1
,
client_ip2
=
struct
.
unpack
(
'>QQ'
,
socket
.
inet_pton
(
socket
.
AF_INET6
,
client_address
))
client_ip
=
bin
(
client_ip1
)[
2
:].
rjust
(
64
,
'0'
)
+
bin
(
client_ip2
)[
2
:].
rjust
(
64
,
'0'
)
if
client_ip
.
startswith
(
self
.
network
):
prefix
=
client_ip
[
len
(
self
.
network
):]
prefix
,
=
self
.
db
.
execute
(
"SELECT prefix FROM vifib WHERE prefix <= ? ORDER BY prefix DESC LIMIT 1"
,
(
prefix
,)).
next
()
self
.
db
.
execute
(
"INSERT OR REPLACE INTO peers VALUES (?,?,?,?)"
,
(
prefix
,
ip
,
port
,
proto
))
return
True
else
:
print
"Unauthorized connection from %s which does not start with %s"
%
(
ip
,
self
.
network
)
# TODO: use log + DO NOT PRINT BINARY IP
print
"Unauthorized connection from %s which does not start with %s"
%
(
client_ip
,
self
.
network
)
return
False
def
getPeerList
(
self
,
handler
,
n
,
address
):
...
...
server/ca.crt
0 → 100644
View file @
483e034f
-----BEGIN CERTIFICATE-----
MIIBejBkAgcBIAENuABCMA0GCSqGSIb3DQEBBQUAMAAwHhcNMTIwNzEyMTE1OTQz
WhcNMTMwNzA0MjEyOTQ4WjAeMQswCQYDVQQGEwJGUjEPMA0GA1UEChMGVlBOIEFD
MAgwAwYBAAMBADANBgkqhkiG9w0BAQUFAAOCAQEAFYuU4QGUcs60LlThDqQhhyN8
ZFAaHcPROkUkHE5HNqQ1kOjApzneA7lcEV2gO6vO0qmHW5aBfUYQKGxosqiiCtaT
SD6IltD7qMxx0dtXH0W/SSo7d0JifnZh15isjHi0jEv5Cq3NOKlX0115+HrS/uS2
scI1ujV9PHUUJiwigb2AZ7gHZP/Ug54yYY+w6Ail85CmZ6txmZvC16obqeRmRZyv
g7fvNEg9dmuG8Lj/eXZZTZlrRA5jv2NdWjFl09469t3rGFDFFLop+76H10qR3U/F
Fn8h12o4qLJhIaDV0vRZh9/tg18N0BrBTkX4BET5AD3mqZ6w8xkrs4pVqHM9/A==
-----END CERTIFICATE-----
server/ca.key
0 → 100644
View file @
483e034f
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzKdaI1gddt8iN
5MTNMe+bKuVt0Cfq34OUh0y73NQm1HjUMDHiU/5djkBuw+Y8q8OMIwCuN8Pgyp6C
fFivLH3a42ebgxJn2kfU7078gibCEuIPWD9GXQjSgP+7MJVv3q24g4YZTsa6lKJ8
Y1OfP2i2uNR3v7/3BBIsob8pial2kbLgz96L+czDjPOVsV+VH91Mkq6kO7jfNpNo
BHVSXzkQpVupxi86wEFIrkzlAYZRmY0fRcprhovI1iDLpdsJsY/yyPgfXNJk9xhT
lPUoNxyH0EPhGv0KArJZkwlzdDj5RVYYcLTEge374gr1EIMyzex/kN5y1as2tX9l
wXTROc5pAgMBAAECggEAE6L/R4olzojJK3wqcc8KUvh1ov6QkXakBlB6AZEnk4Xw
JFmP7h2EoJ5pw3onLvkoeqCPf4jPKEEs9GJKmhCHTslj3rCUANv0yYrdHmHpe5X0
PvhOHxktUV0gKlUd2+ANLE8GEJoIwARwdq+wR6D8iiJh7yoOETXaBBhKSnQzJbKN
NoIm7SNnRSZhGSd+cECFFVdhkSrUApL5CodhHaEVZchrO8rbUeHoa5QTAe14lkO/
7UezQHw6/Ma8YfXSsCTgngoM/gvZRR9iHK6Kj/oL/JWZ939wKeLrdnWSflEHtOyv
9XYODYcY0PQfGCOh3gWWllhe0SX5jZFsklxTnq9x7QKBgQDtM0kZOEATB29bDuA9
mhvOluQYcSRtNa6scMJbY4kkGY2fbHZQHqse2iL+6DjnYO2oxnWZSySfk1JCSyA3
F845LLnPVNvvoT0bUAGlsWfg4+k57uthi5jg15JSGqmCuO3zfYRPje2O5ZrZJRKe
hhsAPLOkfastXzlpOBQkaLeAbwKBgQDBXQDbYK/EenGyWK2ULeAMpcUmYNaaaWFI
UM5I8QDQHTK2x3LCQDaNwuK+W/7z/GKJ5G1hMqYDaQY7yC+ngpCp0TDNVgnfoRja
VY8hwWrWVGettPpozXWRKiZRWZfILgIsv49//lW0Xvw+GU/4pSmnFj6o2ZaY8bdi
2NuumoJapwKBgGqfOgWHHm4vUmPZDP1Dz6oOc5t1CE266riCuyq/VD8Q6XM3Gvuq
vXrRzRdOJX4EOPA7vVLZzy2X2EsKYAHDxqQ2sZM77t0JWmFzljn3w9z4Nbcf6Vhg
mqi+3fvgFkA3hmaEDjyAbL9mADQJkRQG7g4uOwX+ozpy6micl5lCJPIrAoGAAKYr
RpFAhcxTbWHW01SEGAbGbqaMkeAgr3l199C3S/uNHAf3XqeQh1FMKY9tf6wtOIFH
zLe6zvAfUTwOzOUnTyqgm0/aoKGNz83RuS9JCIcoAfFFlex6pI4bqtI+LDHbWAMc
nDViXESlXCABoLgNN75fX3m7g6/sCazor+Fc5qkCgYEAjWm1mwj+qaL31/nLZ2eE
PbV6paORRRvKDA2I7qb/FGEQmselhdI/2V5felyuJ1yNfFEwpY9A0n93Bj77DmjM
SVALmLZgnks0OZ6ZXZ5SpO7P48k5m00+ikec/Eojfy0TrxeCMxk+kC1qv7g0lpMP
n6LSHs8XW5znCNoS86UTVcc=
-----END PRIVATE KEY-----
setup.py
View file @
483e034f
...
...
@@ -18,7 +18,7 @@ def main():
config
=
parser
.
parse_args
()
if
config
.
req
and
len
(
config
.
req
)
%
2
==
1
:
print
"Sorry, request argument was incorrect, there must be an even number of request arguments"
exit
(
1
)
sys
.
exit
(
1
)
# Get token
email
=
raw_input
(
'Please enter your email address : '
)
...
...
vifibnet.py
View file @
483e034f
...
...
@@ -7,7 +7,6 @@ import openvpn
import
random
import
log
VIFIB_NET
=
''
connection_dict
=
{}
# to remember current connections we made
free_interface_set
=
set
((
'client1'
,
'client2'
,
'client3'
,
'client4'
,
'client5'
,
'client6'
,
'client7'
,
'client8'
,
'client9'
,
'client10'
))
...
...
@@ -34,15 +33,14 @@ class PeersDB:
except
sqlite3
.
OperationalError
,
e
:
if
e
.
args
[
0
]
!=
'table peers already exists'
:
raise
RuntimeError
else
:
self
.
populateDB
(
100
)
def
populateDB
(
self
,
n
):
log
.
log
(
'Populating Peers DB'
,
2
)
(
ip
,
port
)
=
upnpigd
.
GetExternalInfo
(
1194
)
port
=
1194
proto
=
'udp'
new_peer_list
=
self
.
proxy
.
getPeerList
(
n
,
(
ip
,
port
,
proto
))
self
.
db
.
executemany
(
"INSERT INTO peers (ip, port, proto) VALUES (?,?,?)"
,
new_peer_list
)
new_peer_list
=
self
.
proxy
.
getPeerList
(
n
,
(
config
.
external_ip
,
port
,
proto
))
self
.
db
.
executemany
(
"INSERT OR REPLACE INTO peers (ip, port, proto) VALUES (?,?,?)"
,
new_peer_list
)
self
.
db
.
execute
(
"DELETE FROM peers WHERE ip = ?"
,
(
config
.
external_ip
,))
def
getUnusedPeers
(
self
,
nPeers
):
return
self
.
db
.
execute
(
"SELECT id, ip, port, proto FROM peers WHERE used = 0 "
...
...
@@ -70,13 +68,13 @@ def ipFromPrefix(prefix, prefix_len):
def
startBabel
(
**
kw
):
args
=
[
'babeld'
,
'-C'
,
'redistribute local ip %s'
%
(
config
.
ip
),
'-C'
,
'redistribute local ip %s'
%
(
config
.
i
nternal_i
p
),
'-C'
,
'redistribute local deny'
,
# Route VIFIB ip adresses
'-C'
,
'in ip %s::/%u'
%
(
ipFromBin
(
config
.
vifibnet
),
len
(
config
.
vifibnet
)),
# Route only addresse in the 'local' network,
# or other entire networks
#'-C', 'in ip %s' % (config.ip),
#'-C', 'in ip %s' % (config.i
nternal_i
p),
#'-C', 'in ip ::/0 le %s' % network_mask,
# Don't route other addresses
'-C'
,
'in deny'
,
...
...
@@ -119,6 +117,8 @@ def getConfig():
help
=
'Path to the certificate authority file'
)
_
(
'--cert'
,
required
=
True
,
help
=
'Path to the certificate file'
)
_
(
'--ip'
,
required
=
True
,
dest
=
'external_ip'
,
help
=
'Ip address of the machine on the internet'
)
# Openvpn options
_
(
'openvpn_args'
,
nargs
=
argparse
.
REMAINDER
,
help
=
"Common OpenVPN options (e.g. certificates)"
)
...
...
@@ -133,8 +133,8 @@ def getConfig():
cert
=
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
f
.
read
())
subject
=
cert
.
get_subject
()
prefix
,
prefix_len
=
subject
.
serialNumber
.
split
(
'/'
)
config
.
ip
=
ipFromPrefix
(
prefix
,
int
(
prefix_len
))
log
.
log
(
'Intranet ip : %s'
%
(
config
.
ip
,),
3
)
config
.
i
nternal_i
p
=
ipFromPrefix
(
prefix
,
int
(
prefix_len
))
log
.
log
(
'Intranet ip : %s'
%
(
config
.
i
nternal_i
p
,),
3
)
# Treat openvpn arguments
if
config
.
openvpn_args
[
0
]
==
"--"
:
del
config
.
openvpn_args
[
0
]
...
...
@@ -230,13 +230,14 @@ def main():
# Establish connections
log
.
log
(
'Starting openvpn server'
,
3
)
serverProcess
=
openvpn
.
server
(
config
.
ip
,
write_pipe
,
'--dev'
,
'vifibnet'
,
serverProcess
=
openvpn
.
server
(
config
.
i
nternal_i
p
,
write_pipe
,
'--dev'
,
'vifibnet'
,
stdout
=
os
.
open
(
os
.
path
.
join
(
config
.
log
,
'vifibnet.server.log'
),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
))
startNewConnection
(
config
.
client_count
,
write_pipe
)
# Timed refresh initializing
next_refresh
=
time
.
time
()
+
config
.
refresh_time
# TODO: use peers_db.populate(100) every once in a while ?
# main loop
try
:
while
True
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment