Changes in config : it is now fully included in utils
[re6stnet.git] / utils.py
1 import time
2 import argparse
3 from OpenSSL import crypto
4
5 config = None
6
7 def log(message, verbose_level):
8 if config.verbose >= verbose_level:
9 print time.strftime("%d-%m-%Y %H:%M:%S : " + message)
10
11 def ipFromBin(prefix):
12 prefix = hex(int(prefix, 2))[2:]
13 ip = ''
14 for i in xrange(0, len(prefix) - 1, 4):
15 ip += prefix[i:i+4] + ':'
16 return ip.rstrip(':')
17
18 def ipFromPrefix(vifibnet, prefix, prefix_len):
19 prefix = bin(int(prefix))[2:].rjust(prefix_len, '0')
20 ip_t = (vifibnet + prefix).ljust(128, '0')
21 return ipFromBin(ip_t)
22
23 def getConfig():
24 global config
25 parser = argparse.ArgumentParser(
26 description='Resilient virtual private network application')
27 _ = parser.add_argument
28 # Server address MUST be a vifib address ( else requests will be denied )
29 _('--server', required=True,
30 help='Address for peer discovery server')
31 _('--server-port', required=True, type=int,
32 help='Peer discovery server port')
33 _('-l', '--log', default='/var/log',
34 help='Path to vifibnet logs directory')
35 _('--client-count', default=2, type=int,
36 help='Number of client connections')
37 # TODO: use maxpeer
38 _('--max-clients', default=10, type=int,
39 help='the number of peers that can connect to the server')
40 _('--refresh-time', default=300, type=int,
41 help='the time (seconds) to wait before changing the connections')
42 _('--refresh-count', default=1, type=int,
43 help='The number of connections to drop when refreshing the connections')
44 _('--db', default='/var/lib/vifibnet/peers.db',
45 help='Path to peers database')
46 _('--dh', required=True,
47 help='Path to dh file')
48 _('--babel-state', default='/var/lib/vifibnet/babel_state',
49 help='Path to babeld state-file')
50 _('--verbose', '-v', default=0, type=int,
51 help='Defines the verbose level')
52 _('--ca', required=True,
53 help='Path to the certificate authority file')
54 _('--cert', required=True,
55 help='Path to the certificate file')
56 _('--ip', required=True, dest='external_ip',
57 help='Ip address of the machine on the internet')
58 # Openvpn options
59 _('openvpn_args', nargs=argparse.REMAINDER,
60 help="Common OpenVPN options (e.g. certificates)")
61 config = parser.parse_args()
62
63 # Get network prefix from ca.crt
64 with open(config.ca, 'r') as f:
65 ca = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
66 config.vifibnet = bin(ca.get_serial_number())[3:]
67
68 # Get ip from cert.crt
69 with open(config.cert, 'r') as f:
70 cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
71 subject = cert.get_subject()
72 prefix, prefix_len = subject.CN.split('/')
73 config.internal_ip = ipFromPrefix(config.vifibnet, prefix, int(prefix_len))
74 log('Intranet ip : %s' % (config.internal_ip,), 3)
75
76 # Treat openvpn arguments
77 if config.openvpn_args[0] == "--":
78 del config.openvpn_args[0]
79 config.openvpn_args.append('--ca')
80 config.openvpn_args.append(config.ca)
81 config.openvpn_args.append('--cert')
82 config.openvpn_args.append(config.cert)
83
84 log("Configuration completed", 1)