Ejemplo n.º 1
0
def read(logger, name, config):
    '''
    Create a static tunnel from the given configuration object.
    '''

    mode = util.enum_get(config["mode"], ["gre", "gretap"])
    local = util.ip_address_get(config["local"])
    remote = util.ip_address_get(config["remote"])
    address = util.ip_address_get(config["address"])
    netmask = util.netmask_get(config["netmask"], util.ip_address_is_v6(address))

    key = util.integer_get(config["key"], minval=0) if "key" in config else None
    ikey = util.integer_get(config["ikey"], minval=0) if "ikey" in config else None
    okey = util.integer_get(config["okey"], minval=0) if "okey" in config else None

    if key is None and ikey is not None and okey is None:
        raise ReadError("ikey defined but okey undefined in overlay '%s'" % name)

    if key is None and ikey is None and okey is not None:
        raise ReadError("okey defined but ikey undefined in overlay '%s'" % name)

    return Tunnel(
        logger, name,
        mode, local, remote, address, netmask,
        key, ikey, okey,
    )
Ejemplo n.º 2
0
def read(logger, name, config):
    '''
    Create a static tuntap from the given configuration object.
    '''

    mode = util.enum_get(config["mode"], ["tun", "tap"])
    address = util.ip_address_get(config["address"])
    netmask = util.netmask_get(config["netmask"], util.ip_address_is_v6(address))
    uid = util.integer_get(config["uid"], minval=0) if "uid" in config else None
    gid = util.integer_get(config["gid"], minval=0) if "gid" in config else None

    return Tuntap(logger, name,
            mode, address, netmask, uid, gid)
Ejemplo n.º 3
0
def read(args):
    '''
    Create a daemon object using the given argument dictionary.
    '''

    # Load the global configuration file (if specified),
    # and create a ValueReader based on that and the given arguments.
    global_conf = args["global_conf"] if "global_conf" in args else None
    global_config = util.config(global_conf)["global"] if global_conf else None

    reader = ValueReader(args, global_conf, global_config)

    # Get enough configuration to start a logger.
    log = reader.get("log")

    log_level = util.enum_get(
        reader.get("log-level", default="INFO"),
        ["NOTSET", "DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"],
    )

    # Start the logger.
    lg = logger.create(log, log_level, "l3overlay")
    lg.start()

    # Log exceptions for the rest of the initialisation process.
    try:
        if global_config:
            lg.debug("loaded global configuration file '%s'" % global_conf)

        # Get (general) global configuration.
        dry_run = reader.boolean_get("dry-run", default=False)

        use_ipsec = reader.boolean_get("use-ipsec", default=True)
        ipsec_manage = reader.boolean_get("ipsec-manage", default=True)

        _psk = reader.get("ipsec-psk", args_optional=True)
        ipsec_psk = util.hex_get_string(_psk, min=6, max=64) if _psk is not None else None

        # Get required directory paths.
        lib_dir = reader.path_get(
            "lib-dir",
            default = os.path.join(util.path_root(), "var", "lib", "l3overlay"),
        )
        overlay_dir = os.path.join(lib_dir, "overlays")

        fwbuilder_script_dir = reader.path_get(
            "fwbuilder-script-dir",
            default = util.path_search("fwbuilder-scripts"),
        )
        overlay_conf_dir = reader.path_get(
            "overlay-conf-dir",
            default = util.path_search("overlays"),
        )
        template_dir = reader.path_get(
            "template-dir",
            default = util.path_search("templates"),
        )

        # Get required file paths.
        pid = reader.path_get(
            "pid",
            default = os.path.join(util.path_root(), "var", "run", "l3overlayd.pid"),
        )

        ipsec_conf = reader.path_get(
            "ipsec-conf",
            default = os.path.join(util.path_root(), "etc", "ipsec.d", "l3overlay.conf"),
        )
        ipsec_secrets = reader.path_get(
            "ipsec-secrets",
            default = os.path.join(util.path_root(), "etc",
                    "ipsec.secrets" if ipsec_manage else "ipsec.l3overlay.secrets"),
        )

        # Get overlay configuration file paths.
        overlay_confs = args["overlay_conf"]

        if overlay_confs is not None:
            if isinstance(overlay_confs, str):
                overlay_confs = tuple(util.path_get(overlay_confs, relative_dir=os.getcwd()))
            elif isinstance(overlay_confs, list) or isinstance(overlay_confs, dict):
                overlay_confs = tuple((util.path_get(oc, relative_dir=os.getcwd()) for oc in overlay_confs))
            else:
                raise ReadError("expected string, list or dict for overlay_confs, got %s: %s" %
                        (type(overlay_confs), overlay_confs))

        elif overlay_conf_dir is not None:
            overlay_confs = tuple((os.path.join(overlay_conf_dir, oc) for oc in os.listdir(overlay_conf_dir)))

        else:
            raise NoOverlayConfError()

        lg.debug("Global configuration:")
        lg.debug("  dry-run = %s" % dry_run)
        lg.debug("  use-ipsec = %s" % use_ipsec)
        lg.debug("  ipsec-manage = %s" % ipsec_manage)
        lg.debug("  ipsec-psk = %s" %
                ("<redacted, length %i>" % len(ipsec_psk) if ipsec_psk else None))
        lg.debug("  lib-dir = %s" % lib_dir)
        lg.debug("  fwbuilder-script-dir = %s" % fwbuilder_script_dir)
        lg.debug("  overlay-conf-dir = %s" % overlay_conf_dir)
        lg.debug("  template-dir = %s" % template_dir)
        lg.debug("")


        lg.debug("Overlay configuration files:")
        for overlay_conf in overlay_confs:
            lg.debug("  %s" % overlay_conf)
        lg.debug("")

        # Create the application state for each overlay.
        overlays = {}

        for overlay_conf in overlay_confs:
            o = overlay.read(log, log_level, conf=overlay_conf)
            overlays[o.name] = o

        # Return a set up daemon object.
        return Daemon(
            dry_run, lg,
            log, log_level, use_ipsec, ipsec_manage, ipsec_psk,
            lib_dir, overlay_dir,
            fwbuilder_script_dir, overlay_conf_dir, template_dir,
            pid, ipsec_conf, ipsec_secrets,
            overlays,
        )

    except Exception as e:
        lg.exception(e)
        raise