class Version(amp.Command): """Identifies protocol version of server and client. Client initiates by sending its protocol version (just a running integer). If server accepts the version, that protocol version will be used throughout the protocol after this exchange. Note that there is no version negotiation: the server either understands or doesn't understand the client version; all flexibility is in the server. The 'info' strings exchanged are intended to contain software version, build, debug/release and other such identifying information. It could contain, for instance, 'vpnease server 1.2.3 rev 12345, built on dapper-builder2 <date>'. The info string allows one to identify the client software, should something go wrong in the protocol initiation. """ arguments = [('version', amp.Integer()), ('info', amp.Unicode())] response = [('info', amp.Unicode())] fatalErrors = {UnsupportedProtocolVersionError: 'UnsupportedProtocolVersionError'}
class RequestTestLicense(amp.Command): """Request a test license. Requires that an Identify exchange has been run, resulting in at least an anonymous state. Installation UUID in the session state must be set, as the server uses the installation UUID as part of deciding what test license to give. """ arguments = [] response = [('licenseKey', amp.Unicode())] errors = {TestLicenseDeniedError: 'TestLicenseDeniedError'}
class Identify4(amp.Command): """The Identify command performs several core managements functions in the VPNease product. This is a revised Identify for VPNEase 1.2, no changes yet but a separate name was allocated because protocol version was bumped for CA key rollover anyway. """ arguments = [('isPrimary', amp.Boolean()), # primary or non-primary connection ('licenseKey', amp.Unicode()), # e.g. 'AAAAT-ABJ3H-J89W3-YMCMW-XL7VF' ('bootUuid', amp.Unicode()), # e.g. 'e123c692-1b52-48f3-8d53-7325d6bbacb9' ('installationUuid', amp.Unicode()), # e.g. '263ac363-6fd5-4065-839e-f8c007c5a4bb' ('cookieUuid', amp.Unicode()), # e.g. '254434fd-63df-4736-a8dc-0d96d3daf0d1' ('address', amp.Unicode()), # e.g. '10.0.0.1', as seen by l2tp server ('port', amp.Integer()), # e.g. 12345, as seen by l2tp server ('softwareVersion', amp.Unicode()), # processable, <major>.<minor>.<revision> (%d.%d.%d) ('softwareBuildInfo', amp.Unicode()), # freeform ('hardwareType', amp.Unicode()), # XXX: currently unused ('hardwareInfo', amp.Unicode()), # freeform (memory, macs, etc) ('automaticUpdates', amp.Boolean()), # True if admin elected for automatic updates ('isLiveCd', amp.Boolean())] # True if Live CD environment, False if installed response = [('softwareBuildInfo', amp.Unicode()), # freeform server build info ('serverInfo', amp.Unicode()), # freeform to identify a particular server ('cookieUuid', amp.Unicode()), # cookie UUID to be stored and used in later Identify2 ('clientAddressSeenByServer', amp.Unicode()), # client address as seen by management server (Identify3) ('clientPortSeenByServer', amp.Integer()), # client port as seen by management server (Identify3) ('behindNat', amp.Boolean()), # client seems to be behind a NAT device (Identify3) ('licenseMaxRemoteAccessConnections', amp.Integer()), # max # concurrent client connections ('licenseMaxSiteToSiteConnections', amp.Integer()), # max # site-to-site mode connections (client or server) ('licenseValidityStart', UtcDateTime()), # license invalid before (stop working, recheck); normative ('licenseValidityEnd', UtcDateTime()), # license invalid after (stop working, recheck); normative ('licenseRecheckLatestAt', UtcDateTime()), # license valid, but start rechecking asap at this point ('licenseString', amp.Unicode()), # show in UI, set by subscription admin ('licenseStatus', amp.Unicode()), # license status: VALID / DISABLED / UNKNOWN ('isDemoLicense', amp.Boolean()), # is demo license? ('demoValidityStart', UtcDateTime()), # demo validity start; informative ('demoValidityEnd', UtcDateTime()), # demo validity end (allows computation of expiry); informative ('currentUtcTime', UtcDateTime()), # server timestamp (time response was sent) for rough sync ('updateAvailable', amp.Boolean()), # based on software-version; informative ('updateNeeded', amp.Boolean()), # if True, client must update; normative ('updateImmediately', amp.Boolean()), # if True, client must check for updates immediately; normative ('updateForced', amp.Boolean()), # update forced (regardless of 'automatic-updates'); informative ('aptSourcesList', amp.Unicode()), # apt sources.list; ignore unless updateNeeded = True! ('repositoryKeys', amp.Unicode()), # repository keys in ASCII encoded format ('changeLog', amp.Unicode())] # changelog of vpnease package errors = {InvalidLicenseError: 'InvalidLicenseError'}
class RequestReidentify(amp.Command): """Server requests a reidentify ASAP.""" arguments = [('reason', amp.Unicode())] # freeform string to explain reason for reidentify (for logging) response = []
class Identify(amp.Command): """The Identify command performs several core managements functions in the VPNease product. If the license key is known to the management server, the connection will be associated with the license key and related rights after a successful Identify command. In practice, 'authenticated' commands require a license key. It is possible to distinguish rights associated with a particular license key in a more fine grained manner, too. Note that all data in the identify is conceptually available to all later commands. For instance, RequestTestLicense() may verify that the same installation UUID not be granted two test licenses, etc. (Whether the data is actually copied to any state variables is an implementation matter.) License information is always returned, unless the license is unparseable. License status will signify whether the license was actually accepted. A note about validity: * licenseValidityStart and licenseValidityEnd are the effective validity parameters that a server must obey. This interval of validity is not usually related in any way to the validity of the actual product license purchased by the subscriber. For instance, if the subscriber's license is to the end of year 2007, licenseValidityEnd is still typically ~1 week from current time until the end of the year is reached. The intent of this validity period is to specify the time during which product license can be assumed valid without further checking. * For demo licenses, demo validity start and end indicate how the demo will last and are 'non-changing': each request should yield the same values. These values allow a gateway to compute demo license expiry time for instance ("7 days left"). This information is for display purposes only. The actual service provided by the product should still follow licenseValidityStart and licenseValidityEnd. """ arguments = [('isPrimary', amp.Boolean()), # primary or non-primary connection ('licenseKey', amp.Unicode()), # e.g. 'AAAAT-ABJ3H-J89W3-YMCMW-XL7VF' ('bootUuid', amp.Unicode()), # e.g. 'e123c692-1b52-48f3-8d53-7325d6bbacb9' ('installationUuid', amp.Unicode()), # e.g. '263ac363-6fd5-4065-839e-f8c007c5a4bb' ('address', amp.Unicode()), # e.g. '10.0.0.1', as seen by l2tp server ('port', amp.Integer()), # e.g. 12345, as seen by l2tp server ('softwareVersion', amp.Unicode()), # processable, <major>.<minor>.<revision> (%d.%d.%d) ('softwareBuildInfo', amp.Unicode()), # freeform ('hardwareType', amp.Unicode()), # XXX: currently unused ('hardwareInfo', amp.Unicode()), # freeform (memory, macs, etc) ('automaticUpdates', amp.Boolean()), # True if admin elected for automatic updates ('isLiveCd', amp.Boolean())] # True if Live CD environment, False if installed response = [('softwareBuildInfo', amp.Unicode()), # freeform server build info ('serverInfo', amp.Unicode()), # freeform to identify a particular server ('licenseMaxRemoteAccessConnections', amp.Integer()), # max # concurrent client connections ('licenseMaxSiteToSiteConnections', amp.Integer()), # max # site-to-site mode connections (client or server) ('licenseValidityStart', UtcDateTime()), # license invalid before (stop working, recheck); normative ('licenseValidityEnd', UtcDateTime()), # license invalid after (stop working, recheck); normative ('licenseRecheckLatestAt', UtcDateTime()), # license valid, but start rechecking asap at this point ('licenseString', amp.Unicode()), # show in UI, set by subscription admin ('licenseStatus', amp.Unicode()), # license status: VALID / DISABLED / UNKNOWN ('isDemoLicense', amp.Boolean()), # is demo license? ('demoValidityStart', UtcDateTime()), # demo validity start; informative ('demoValidityEnd', UtcDateTime()), # demo validity end (allows computation of expiry); informative ('currentUtcTime', UtcDateTime()), # server timestamp (time response was sent) for rough sync ('updateAvailable', amp.Boolean()), # based on software-version; informative ('updateNeeded', amp.Boolean()), # if True, client must update; normative ('updateImmediately', amp.Boolean()), # if True, client must check for updates immediately; normative ('updateForced', amp.Boolean()), # update forced (regardless of 'automatic-updates'); informative ('aptSourcesList', amp.Unicode()), # apt sources.list; ignore unless updateNeeded = True! ('repositoryKeys', amp.Unicode()), # repository keys in ASCII encoded format ('changeLog', amp.Unicode())] # changelog of vpnease package errors = {InvalidLicenseError: 'InvalidLicenseError'}