config has now be moved to utils. Still a lot of hack with config to be removed
[re6stnet.git] / utils.py
1 import time
2 import argparse
3 from OpenSSL import crypto
4
5 def log(message, verbose_level):
6 if config.verbose >= verbose_level:
7 print time.strftime("%d-%m-%Y %H:%M:%S : " + message)
8
9 def ipFromBin(prefix):
10 prefix = hex(int(prefix, 2))[2:]
11 ip = ''
12 for i in xrange(0, len(prefix) - 1, 4):
13 ip += prefix[i:i+4] + ':'
14 return ip.rstrip(':')
15
16 def ipFromPrefix(vifibnet, prefix, prefix_len):
17 prefix = bin(int(prefix))[2:].rjust(prefix_len, '0')
18 ip_t = (vifibnet + prefix).ljust(128, '0')
19 return ipFromBin(ip_t)
20
21 def getConfig():
22 global config
23 parser = argparse.ArgumentParser(
24 description='Resilient virtual private network application')
25 _ = parser.add_argument
26 # Server address MUST be a vifib address ( else requests will be denied )
27 _('--server', required=True,
28 help='Address for peer discovery server')
29 _('--server-port', required=True, type=int,
30 help='Peer discovery server port')
31 _('-l', '--log', default='/var/log',
32 help='Path to vifibnet logs directory')
33 _('--client-count', default=2, type=int,
34 help='Number of client connections')
35 # TODO: use maxpeer
36 _('--max-clients', default=10, type=int,
37 help='the number of peers that can connect to the server')
38 _('--refresh-time', default=300, type=int,
39 help='the time (seconds) to wait before changing the connections')
40 _('--refresh-count', default=1, type=int,
41 help='The number of connections to drop when refreshing the connections')
42 _('--db', default='/var/lib/vifibnet/peers.db',
43 help='Path to peers database')
44 _('--dh', required=True,
45 help='Path to dh file')
46 _('--babel-state', default='/var/lib/vifibnet/babel_state',
47 help='Path to babeld state-file')
48 _('--verbose', '-v', default=0, type=int,
49 help='Defines the verbose level')
50 _('--ca', required=True,
51 help='Path to the certificate authority file')
52 _('--cert', required=True,
53 help='Path to the certificate file')
54 _('--ip', required=True, dest='external_ip',
55 help='Ip address of the machine on the internet')
56 # Openvpn options
57 _('openvpn_args', nargs=argparse.REMAINDER,
58 help="Common OpenVPN options (e.g. certificates)")
59 config = parser.parse_args()
60
61 # Get network prefix from ca.crt
62 with open(config.ca, 'r') as f:
63 ca = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
64 config.vifibnet = bin(ca.get_serial_number())[3:]
65
66 # Get ip from cert.crt
67 with open(config.cert, 'r') as f:
68 cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
69 subject = cert.get_subject()
70 prefix, prefix_len = subject.CN.split('/')
71 config.internal_ip = ipFromPrefix(config.vifibnet, prefix, int(prefix_len))
72 log('Intranet ip : %s' % (config.internal_ip,), 3)
73
74 # Treat openvpn arguments
75 if config.openvpn_args[0] == "--":
76 del config.openvpn_args[0]
77 config.openvpn_args.append('--ca')
78 config.openvpn_args.append(config.ca)
79 config.openvpn_args.append('--cert')
80 config.openvpn_args.append(config.cert)
81
82 log("Configuration completed", 1)