Fixed some typos
[re6stnet.git] / vifibnet.py
1 #!/usr/bin/env python
2 import argparse, errno, math, os, select, subprocess, sys, time, traceback
3 from OpenSSL import crypto
4 import db, plib, upnpigd, utils, tunnel
5
6 def getConfig():
7 parser = argparse.ArgumentParser(
8 description='Resilient virtual private network application')
9 _ = parser.add_argument
10 # Server address MUST be a vifib address ( else requests will be denied )
11 _('--server', required=True,
12 help='Address for peer discovery server')
13 _('--server-port', required=True, type=int,
14 help='Peer discovery server port')
15 _('-l', '--log', default='/var/log',
16 help='Path to vifibnet logs directory')
17 _('--client-count', default=2, type=int,
18 help='Number of client connections')
19 # TODO: use maxpeer
20 _('--max-clients', default=10, type=int,
21 help='the number of peers that can connect to the server')
22 _('--refresh-time', default=300, type=int,
23 help='the time (seconds) to wait before changing the connections')
24 _('--refresh-count', default=1, type=int,
25 help='The number of connections to drop when refreshing the connections')
26 _('--db', default='/var/lib/vifibnet/peers.db',
27 help='Path to peers database')
28 _('--dh', required=True,
29 help='Path to dh file')
30 _('--babel-state', default='/var/lib/vifibnet/babel_state',
31 help='Path to babeld state-file')
32 _('--verbose', '-v', default=0, type=int,
33 help='Defines the verbose level')
34 _('--ca', required=True,
35 help='Path to the certificate authority file')
36 _('--cert', required=True,
37 help='Path to the certificate file')
38 _('--ip', required=True, dest='external_ip',
39 help='Ip address of the machine on the internet')
40 # Openvpn options
41 _('openvpn_args', nargs=argparse.REMAINDER,
42 help="Common OpenVPN options (e.g. certificates)")
43 return parser.parse_args()
44
45 def main():
46 # Get arguments
47 config = getConfig()
48 network = utils.networkFromCa(config.ca)
49 internal_ip = utils.ipFromCert(network, config.cert)
50 openvpn_args = utils.ovpnArgs(config.openvpn_args, config.ca, config.cert)
51
52 # Get real port and proto ?
53 port = 1194
54 proto = 'udp'
55
56 # Set global variables
57 tunnel.log = config.log
58 utils.verbose = plib.verbose = config.verbose
59
60 # Create and open read_only pipe to get server events
61 utils.log('Creating pipe for server events', 3)
62 r_pipe, write_pipe = os.pipe()
63 read_pipe = os.fdopen(r_pipe)
64
65 # Init db and tunnels
66 peer_db = db.PeerManager(config.db, config.server, config.server_port)
67 tunnel_manager = tunnel.TunnelManager(write_pipe, peer_db, config.client_count, config.refresh_count, openvpn_args)
68
69 # Launch babel on all interfaces. WARNING : you have to be root to start babeld
70 interface_list = ['vifibnet'] + list(tunnel_manager.free_interface_set)
71 router = plib.router(network, internal_ip, interface_list,
72 stdout=os.open(os.path.join(config.log, 'vifibnet.babeld.log'),
73 os.O_WRONLY | os.O_CREAT | os.O_TRUNC), stderr=subprocess.STDOUT)
74
75 # Establish connections
76 server_process = plib.server(internal_ip, network, config.max_clients, config.dh, write_pipe,
77 '--dev', 'vifibnet', *openvpn_args,
78 stdout=os.open(os.path.join(config.log, 'vifibnet.server.log'), os.O_WRONLY | os.O_CREAT | os.O_TRUNC))
79 tunnel_manager.refresh()
80
81 # Timed refresh initializing
82 next_refresh = time.time() + config.refresh_time
83
84 # main loop
85 try:
86 while True:
87 ready, tmp1, tmp2 = select.select([read_pipe], [], [],
88 max(0, next_refresh - time.time()))
89 if ready:
90 peer_db.handle_message(read_pipe.readline())
91 if time.time() >= next_refresh:
92 peer_db.populate(100, (internal_ip, config.external_ip, port, proto))
93 tunnel_manager.refresh()
94 next_refresh = time.time() + config.refresh_time
95 except KeyboardInterrupt:
96 return 0
97
98 if __name__ == "__main__":
99 main()
100