def generate_client_conf(self):
if not os.path.exists(self._temp_path):
os.makedirs(self._temp_path)
ovpn_conf_path = os.path.join(self._temp_path, OVPN_CONF_NAME)
self.interface = utils.tun_interface_acquire()
if self.linked_host:
remotes = 'remote %s %s' % (
self.host.link_addr,
self.linked_server.port,
)
else:
remotes = self.linked_server.get_key_remotes(True)
client_conf = OVPN_INLINE_LINK_CONF % (
uuid.uuid4().hex,
utils.random_name(),
self.interface,
self.linked_server.protocol,
remotes,
CIPHERS[self.server.cipher],
4 if self.server.debug else 1,
8 if self.server.debug else 3,
self.linked_server.ping_interval,
self.linked_server.ping_timeout,
)
if self.linked_server.lzo_compression != ADAPTIVE:
client_conf += 'comp-lzo no\n'
if self.server.debug:
self.server.output_link.push_message(
'Server conf:',
label=self.output_label,
link_server_id=self.linked_server.id,
)
for conf_line in client_conf.split('\n'):
if conf_line:
self.server.output_link.push_message(
' ' + conf_line,
label=self.output_label,
link_server_id=self.linked_server.id,
)
client_conf += JUMBO_FRAMES[self.linked_server.jumbo_frames]
client_conf += '<ca>\n%s\n</ca>\n' % self.linked_server.ca_certificate
if self.linked_server.tls_auth:
client_conf += 'key-direction 1\n<tls-auth>\n%s\n</tls-auth>\n' % (
self.linked_server.tls_auth_key)
client_conf += ('<cert>\n%s\n' + \
'</cert>\n') % utils.get_cert_block(self.user.certificate)
client_conf += '<key>\n%s\n</key>\n' % (self.user.private_key.strip())
with open(ovpn_conf_path, 'w') as ovpn_conf:
os.chmod(ovpn_conf_path, 0600)
ovpn_conf.write(client_conf)
return ovpn_conf_path
def generate_client_conf(self):
if not os.path.exists(self._temp_path):
os.makedirs(self._temp_path)
ovpn_conf_path = os.path.join(self._temp_path, OVPN_CONF_NAME)
self.interface = utils.tun_interface_acquire()
if self.linked_host:
remotes = 'remote %s %s' % (
self.host.link_addr,
self.linked_server.port,
)
else:
remotes = self.linked_server.get_key_remotes(True)
client_conf = OVPN_INLINE_LINK_CONF % (
uuid.uuid4().hex,
utils.random_name(),
self.interface,
self.linked_server.protocol,
remotes,
CIPHERS[self.server.cipher],
4 if self.server.debug else 1,
8 if self.server.debug else 3,
)
if self.linked_server.lzo_compression != ADAPTIVE:
client_conf += 'comp-lzo no\n'
if self.server.debug:
self.server.output_link.push_message(
'Server conf:',
label=self.output_label,
link_server_id=self.linked_server.id,
)
for conf_line in client_conf.split('\n'):
if conf_line:
self.server.output_link.push_message(
' ' + conf_line,
label=self.output_label,
link_server_id=self.linked_server.id,
)
client_conf += JUMBO_FRAMES[self.linked_server.jumbo_frames]
client_conf += '<ca>\n%s\n</ca>\n' % self.linked_server.ca_certificate
if self.linked_server.tls_auth:
client_conf += 'key-direction 1\n<tls-auth>\n%s\n</tls-auth>\n' % (
self.linked_server.tls_auth_key)
client_conf += ('<cert>\n%s\n' + \
'</cert>\n') % utils.get_cert_block(self.user.certificate)
client_conf += '<key>\n%s\n</key>\n' % (
self.user.private_key.strip())
with open(ovpn_conf_path, 'w') as ovpn_conf:
os.chmod(ovpn_conf_path, 0600)
ovpn_conf.write(client_conf)
return ovpn_conf_path
def generate_client_conf(self):
if not os.path.exists(self._temp_path):
os.makedirs(self._temp_path)
ovpn_conf_path = os.path.join(self._temp_path, OVPN_CONF_NAME)
self.interface = utils.tun_interface_acquire()
if self.linked_host:
remotes = 'remote %s %s' % (
self.host.link_address or self.host.public_address,
self.linked_server.port,
)
else:
remotes = self.linked_server.get_key_remotes(True)
client_conf = OVPN_INLINE_LINK_CONF % (
self.interface,
self.linked_server.protocol,
remotes,
CIPHERS[self.server.cipher],
4 if self.server.debug else 1,
8 if self.server.debug else 3,
)
if self.server.lzo_compression != ADAPTIVE:
client_conf += 'comp-lzo no\n'
if self.server.otp_auth:
client_conf += 'auth-user-pass\n'
client_conf += JUMBO_FRAMES[self.server.jumbo_frames]
client_conf += '<ca>\n%s\n</ca>\n' % utils.get_cert_block(
self.server.ca_certificate)
if self.server.tls_auth:
client_conf += '<tls-auth>\n%s\n</tls-auth>\n' % (
self.server.tls_auth_key)
client_conf += ('<cert>\n%s\n' + \
'</cert>\n') % utils.get_cert_block(self.user.certificate)
client_conf += '<key>\n%s\n</key>\n' % (
self.user.private_key.strip())
with open(ovpn_conf_path, 'w') as ovpn_conf:
os.chmod(ovpn_conf_path, 0600)
ovpn_conf.write(client_conf)
return ovpn_conf_path
def generate_client_conf(self):
if not os.path.exists(self._temp_path):
os.makedirs(self._temp_path)
ovpn_conf_path = os.path.join(self._temp_path, OVPN_CONF_NAME)
self.interface = utils.tun_interface_acquire()
if self.linked_host:
remotes = 'remote %s %s' % (
self.host.link_address or self.host.public_address,
self.linked_server.port,
)
else:
remotes = self.linked_server.get_key_remotes(True)
client_conf = OVPN_INLINE_LINK_CONF % (
uuid.uuid4().hex,
utils.random_name(),
self.interface,
self.linked_server.protocol,
remotes,
CIPHERS[self.server.cipher],
4 if self.server.debug else 1,
8 if self.server.debug else 3,
)
if self.linked_server.lzo_compression != ADAPTIVE:
client_conf += 'comp-lzo no\n'
if self.linked_server.otp_auth:
client_conf += 'auth-user-pass\n'
client_conf += JUMBO_FRAMES[self.linked_server.jumbo_frames]
client_conf += '<ca>\n%s\n</ca>\n' % self.linked_server.ca_certificate
if self.linked_server.tls_auth:
client_conf += '<tls-auth>\n%s\n</tls-auth>\n' % (
self.linked_server.tls_auth_key)
client_conf += ('<cert>\n%s\n' + \
'</cert>\n') % utils.get_cert_block(self.user.certificate)
client_conf += '<key>\n%s\n</key>\n' % (self.user.private_key.strip())
with open(ovpn_conf_path, 'w') as ovpn_conf:
os.chmod(ovpn_conf_path, 0600)
ovpn_conf.write(client_conf)
return ovpn_conf_path
def resources_acquire(self):
if self.resource_lock:
raise TypeError('Server resource lock already set')
self.resource_lock = _resource_locks[self.server.id]
self.resource_lock.acquire()
self.interface = utils.tun_interface_acquire()
def resources_acquire(self):
if self.resource_lock:
raise TypeError('Server resource lock already set')
self.resource_lock = _resource_locks[self.server.id]
self.resource_lock.acquire()
self.interface = utils.tun_interface_acquire()
