Пример #1
0
    def _openl2tp_start_session(self, myip, gwip, index):
        """Create session."""

        identifier = '%s-%s' % (myip, str(index))

        ppp_profile_name = 'ppp-prof-%s' % identifier
        tunnel_profile_name = 'tunnel-prof-%s' % identifier
        session_profile_name = 'session-prof-%s' % identifier
        peer_profile_name = 'peer-prof-%s' % identifier
        tunnel_name = 'tunnel-%s' % identifier
        session_name = 'session-%s' % identifier

        # FIXME: using now default port without openl2tp patch
        our_port = 1701
        peer_port = 1701

        # ppp profile
        # FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'


        config = 'session create session_name=%s' % session_name
        for i in [ ['tunnel_name', tunnel_name],
                   ['tunnel_id', str(self.tunnel_id)],
###                   ['session_id', str(self.session_id)],
                   ['profile_name', session_profile_name],
                   ['ppp_profile_name', ppp_profile_name],
                   ['user_name', self.username],
                   ['user_password', self.password] ]:
            config += ' %s=%s' % (i[0], i[1])

        config += '\nquit\n'

        # activate session
        _log.debug(self._fmt('openl2tp config for session:\n%s' % config))
        helpers.write_file('/tmp/%s.config' % session_name, config)
        [rv, stdout, stderr] = run_command([constants.CMD_OPENL2TPCONFIG], stdin=config, retval=runcommand.FAIL)

        session_id = None
        tunnel_id = self.tunnel_id

        for l in stderr.split('\n'):
            m = _re_openl2tp_created_session.match(l)
            if m is not None:
                if session_id is not None:
                    _log.warning('second session id (%s), old one was %s; ignoring' % (m.group(2), str(session_id)))
                else:
                    tun = int(m.group(1))
                    if tun != tunnel_id:
                        _log.warning('session id differs from earlier (earlier %s, found %s), ignoring' % (str(tunnel_id), str(tun)))
                    else:
                        session_id = int(m.group(2))

        if session_id is None:
            raise Exception(self._fmt('could not figure session id'))
        _log.info(self._fmt('figured out session id %s' % str(session_id)))

        self.session_id = session_id
Пример #2
0
def run(autologin=False, autologin_user=None):
    gdm_conf = '/etc/gdm/gdm.conf-custom'

    config_vars = {'back_color': constants.GDM_BACKGROUND_COLOR, 'back_themed_color': constants.GDM_GRAPHICAL_THEMED_COLOR}

    if autologin:
        _log.info('Setting GDM autologin to user %s' % autologin_user)
        config_vars.update({'autologin':'******', 'autologin_user': autologin_user})
    else:
        _log.info('Unsetting GDM autologin')
        config_vars.update({'autologin':'******', 'autologin_user': '******'})

    helpers.write_file(gdm_conf, custom_config % config_vars, append=False, perms=0644)
Пример #3
0
def run(autologin=False, autologin_user=None):
    gdm_conf = '/etc/gdm/gdm.conf-custom'

    config_vars = {
        'back_color': constants.GDM_BACKGROUND_COLOR,
        'back_themed_color': constants.GDM_GRAPHICAL_THEMED_COLOR
    }

    if autologin:
        _log.info('Setting GDM autologin to user %s' % autologin_user)
        config_vars.update({
            'autologin': '******',
            'autologin_user': autologin_user
        })
    else:
        _log.info('Unsetting GDM autologin')
        config_vars.update({'autologin': '******', 'autologin_user': '******'})

    helpers.write_file(gdm_conf,
                       custom_config % config_vars,
                       append=False,
                       perms=0644)
Пример #4
0
def write_file(dest, contents, append=False, perms=0755):
    common_helpers.write_file(dest, contents, append=append, perms=perms)
Пример #5
0
def write_file(dest, contents, append=False, perms=0755):
    common_helpers.write_file(dest, contents, append=append, perms=perms)
Пример #6
0
    def _openl2tp_start_session(self, myip, gwip, index):
        """Create session."""

        identifier = '%s-%s' % (myip, str(index))

        ppp_profile_name = 'ppp-prof-%s' % identifier
        tunnel_profile_name = 'tunnel-prof-%s' % identifier
        session_profile_name = 'session-prof-%s' % identifier
        peer_profile_name = 'peer-prof-%s' % identifier
        tunnel_name = 'tunnel-%s' % identifier
        session_name = 'session-%s' % identifier

        # FIXME: using now default port without openl2tp patch
        our_port = 1701
        peer_port = 1701

        # ppp profile
        # FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'

        config = 'session create session_name=%s' % session_name
        for i in [
            ['tunnel_name', tunnel_name],
            ['tunnel_id', str(self.tunnel_id)],
                ###                   ['session_id', str(self.session_id)],
            ['profile_name', session_profile_name],
            ['ppp_profile_name', ppp_profile_name],
            ['user_name', self.username],
            ['user_password', self.password]
        ]:
            config += ' %s=%s' % (i[0], i[1])

        config += '\nquit\n'

        # activate session
        _log.debug(self._fmt('openl2tp config for session:\n%s' % config))
        helpers.write_file('/tmp/%s.config' % session_name, config)
        [rv, stdout, stderr] = run_command([constants.CMD_OPENL2TPCONFIG],
                                           stdin=config,
                                           retval=runcommand.FAIL)

        session_id = None
        tunnel_id = self.tunnel_id

        for l in stderr.split('\n'):
            m = _re_openl2tp_created_session.match(l)
            if m is not None:
                if session_id is not None:
                    _log.warning(
                        'second session id (%s), old one was %s; ignoring' %
                        (m.group(2), str(session_id)))
                else:
                    tun = int(m.group(1))
                    if tun != tunnel_id:
                        _log.warning(
                            'session id differs from earlier (earlier %s, found %s), ignoring'
                            % (str(tunnel_id), str(tun)))
                    else:
                        session_id = int(m.group(2))

        if session_id is None:
            raise Exception(self._fmt('could not figure session id'))
        _log.info(self._fmt('figured out session id %s' % str(session_id)))

        self.session_id = session_id
Пример #7
0
    def _openl2tp_start_tunnel(self, myip, gwip, index):

        identifier = '%s-%s' % (myip, str(index))

        ppp_profile_name = 'ppp-prof-%s' % identifier
        tunnel_profile_name = 'tunnel-prof-%s' % identifier
        session_profile_name = 'session-prof-%s' % identifier
        peer_profile_name = 'peer-prof-%s' % identifier
        tunnel_name = 'tunnel-%s' % identifier
        session_name = 'session-%s' % identifier

        # FIXME: using now default port without openl2tp patch
        our_port = 1701
        peer_port = 1701

        # ppp profile
        # FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'

        # create tunnel - this triggers openl2tp
        #
        # NOTE: 'interface_name' would make life easier, but is not currently
        # supported by Openl2tp.
        #
        # XXX: 'persist', 'interface_name'
        config = 'tunnel create tunnel_name=%s' % tunnel_name  # NB: all on one line here
        for i in [
            ['src_ipaddr', myip],
            ['our_udp_port', str(our_port)],  # XXX: dup from above
            ['peer_udp_port', str(peer_port)],  # XXX: dup from above
            ['dest_ipaddr', gwip],
            ['peer_profile_name', peer_profile_name],
            ['profile_name', tunnel_profile_name],
            ['session_profile_name', session_profile_name],
            ['tunnel_name', tunnel_name],
                ###                   ['tunnel_id', str(self.tunnel_id)],
            ['use_udp_checksums', 'yes']
        ]:
            config += ' %s=%s' % (i[0], i[1])

        config += '\nquit\n'

        # activate tunnel
        _log.debug(self._fmt('openl2tp config for tunnel:\n%s' % config))
        helpers.write_file('/tmp/%s.config' % tunnel_name, config)
        [rv, stdout, stderr] = run_command([constants.CMD_OPENL2TPCONFIG],
                                           stdin=config,
                                           retval=runcommand.FAIL)
        tunnel_id = None

        for l in stderr.split('\n'):
            m = _re_openl2tp_created_tunnel.match(l)
            if m is not None:
                if tunnel_id is not None:
                    _log.warning(
                        self._fmt(
                            'second tunnel id (%s), old one was %s; ignoring' %
                            (m.group(1), str(tunnel_id))))
                else:
                    tunnel_id = int(m.group(1))

        if tunnel_id is None:
            _log.error(
                self._fmt('tunnel out: %d, %s, %s' % (rv, stdout, stderr)))
            raise Exception(self._fmt('could not figure tunnel id'))

        _log.info(self._fmt('figured out tunnel id %s' % int(tunnel_id)))

        self.tunnel_id = tunnel_id
Пример #8
0
    def _openl2tp_config_raw(self, myip, gwip, index):
        """Actual config."""

        identifier = '%s-%s' % (myip, str(index))

        ppp_profile_name = 'ppp-prof-%s' % identifier
        tunnel_profile_name = 'tunnel-prof-%s' % identifier
        session_profile_name = 'session-prof-%s' % identifier
        peer_profile_name = 'peer-prof-%s' % identifier
        tunnel_name = 'tunnel-%s' % identifier
        session_name = 'session-%s' % identifier

        # FIXME: using now default port without openl2tp patch
        our_port = 1701
        peer_port = 1701

        # ppp profile
        # FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'

        config = 'ppp profile create profile_name=%s\n' % ppp_profile_name

        for i in [
            ['default_route', 'no'],
            ['multilink', 'no'],
            ['idle_timeout', '0'],  # no limit
            ['mtu', '1300'],
            ['mru', '1300'],
            ['lcp_echo_interval', '60'],
            ['lcp_echo_failure_count', '5'],
            ['max_connect_time', '0'],  # no limit
            ['max_failure_count', '10'],
            ['trace_flags', trace_flags]
        ]:
            config += 'ppp profile modify profile_name=%s %s=%s\n' % (
                ppp_profile_name, i[0], i[1])

        # Note: all auth options must be on one line

        # XXX: this is for original, unpatched openl2tpd: cannot tell
        # which authentications to require and which refuse with
        # separate options, the solution is to simple allow peer not
        # to authenticate and for the rest use pppd defaults
        # config += 'ppp profile modify profile_name=%s auth_none=yes\n' % ppp_profile_name

        # XXX: this is for new patched openl2tp

        # Note: all auth options must be on one line
        config += 'ppp profile modify profile_name=%s req_none=yes auth_pap=yes auth_chap=yes auth_mschapv1=no auth_mschapv2=no auth_eap=no req_pap=no req_chap=no req_mschapv1=no req_mschapv2=no req_eap=no\n' % ppp_profile_name

        # no encryption
        # config += 'ppp profile modify profile_name=%s mppe=no\n' % ppp_profile_name

        # Note: all compression options must be on one line
        # Request deflate or bsdcomp compression.
        # XXX: no compression
        # config += 'ppp profile modify profile_name=%s comp_mppc=no comp_accomp=yes comp_pcomp=no comp_bsdcomp=no comp_deflate=yes comp_predictor=no comp_vj=no comp_ccomp_vj=no comp_ask_deflate=yes comp_ask_bsdcomp=no\n' % ppp_profile_name
        config += 'ppp profile modify profile_name=%s comp_mppc=no comp_accomp=yes comp_pcomp=no comp_bsdcomp=no comp_deflate=no comp_predictor=no comp_vj=no comp_ccomp_vj=no comp_ask_deflate=no comp_ask_bsdcomp=no\n' % ppp_profile_name

        # tunnel profile
        config += 'tunnel profile create profile_name=%s\n' % tunnel_profile_name

        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'

        for i in [['our_udp_port', str(our_port)],
                  ['peer_udp_port', str(peer_port)], ['mtu', '1460'],
                  ['hello_timeout', '60'], ['retry_timeout', '3'],
                  ['idle_timeout', '0'], ['rx_window_size', '4'],
                  ['tx_window_size', '10'], ['max_retries', '20'],
                  ['framing_caps', 'any'], ['bearer_caps', 'any'],
                  ['trace_flags', trace_flags]]:
            config += 'tunnel profile modify profile_name=%s %s=%s\n' % (
                tunnel_profile_name, i[0], i[1])

        # session profile
        config += 'session profile create profile_name=%s\n' % session_profile_name

        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'

        for i in [['sequencing_required',
                   'no'], ['use_sequence_numbers', 'no'],
                  ['trace_flags', trace_flags]]:
            config += 'session profile modify profile_name=%s %s=%s\n' % (
                session_profile_name, i[0], i[1])

        # peer profile
        config += 'peer profile create profile_name=%s\n' % peer_profile_name

        # XXX: 'lac_lns', 'netmask'
        # 'peer_port' has no effect for some reason
        for i in [
            ['peer_ipaddr', gwip],
            ['peer_port', str(peer_port)],  # XXX: dup from above
            ['ppp_profile_name', ppp_profile_name],
            ['session_profile_name', session_profile_name],
            ['tunnel_profile_name', tunnel_profile_name]
        ]:
            config += 'peer profile modify profile_name=%s %s=%s\n' % (
                peer_profile_name, i[0], i[1])

        config += '\nquit\n'

        # create profiles
        _log.debug(self._fmt('openl2tp config:\n%s' % config))
        helpers.write_file('/tmp/%s.config' % tunnel_profile_name, config)
        run_command([constants.CMD_OPENL2TPCONFIG],
                    stdin=config,
                    retval=runcommand.FAIL)
Пример #9
0
    def _openl2tp_start_tunnel(self, myip, gwip, index):

        identifier = '%s-%s' % (myip, str(index))

        ppp_profile_name = 'ppp-prof-%s' % identifier
        tunnel_profile_name = 'tunnel-prof-%s' % identifier
        session_profile_name = 'session-prof-%s' % identifier
        peer_profile_name = 'peer-prof-%s' % identifier
        tunnel_name = 'tunnel-%s' % identifier
        session_name = 'session-%s' % identifier

        # FIXME: using now default port without openl2tp patch
        our_port = 1701
        peer_port = 1701

        # ppp profile
        # FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'


        # create tunnel - this triggers openl2tp
        #
        # NOTE: 'interface_name' would make life easier, but is not currently
        # supported by Openl2tp.
        #
        # XXX: 'persist', 'interface_name'
        config = 'tunnel create tunnel_name=%s' % tunnel_name  # NB: all on one line here
        for i in [ ['src_ipaddr', myip],
                   ['our_udp_port', str(our_port)],   # XXX: dup from above
                   ['peer_udp_port', str(peer_port)], # XXX: dup from above
                   ['dest_ipaddr', gwip],
                   ['peer_profile_name', peer_profile_name],
                   ['profile_name', tunnel_profile_name],
                   ['session_profile_name', session_profile_name],
                   ['tunnel_name', tunnel_name],
###                   ['tunnel_id', str(self.tunnel_id)],
                   ['use_udp_checksums', 'yes'] ]:
            config += ' %s=%s' % (i[0], i[1])

        config += '\nquit\n'

        # activate tunnel
        _log.debug(self._fmt('openl2tp config for tunnel:\n%s' % config))
        helpers.write_file('/tmp/%s.config' % tunnel_name, config)
        [rv, stdout, stderr] = run_command([constants.CMD_OPENL2TPCONFIG], stdin=config, retval=runcommand.FAIL)
        tunnel_id = None

        for l in stderr.split('\n'):
            m = _re_openl2tp_created_tunnel.match(l)
            if m is not None:
                if tunnel_id is not None:
                    _log.warning(self._fmt('second tunnel id (%s), old one was %s; ignoring' % (m.group(1), str(tunnel_id))))
                else:
                    tunnel_id = int(m.group(1))

        if tunnel_id is None:
            _log.error(self._fmt('tunnel out: %d, %s, %s' % (rv, stdout, stderr)))
            raise Exception(self._fmt('could not figure tunnel id'))

        _log.info(self._fmt('figured out tunnel id %s' % int(tunnel_id)))

        self.tunnel_id = tunnel_id
Пример #10
0
    def _openl2tp_config_raw(self, myip, gwip, index):
        """Actual config."""

        identifier = '%s-%s' % (myip, str(index))

        ppp_profile_name = 'ppp-prof-%s' % identifier
        tunnel_profile_name = 'tunnel-prof-%s' % identifier
        session_profile_name = 'session-prof-%s' % identifier
        peer_profile_name = 'peer-prof-%s' % identifier
        tunnel_name = 'tunnel-%s' % identifier
        session_name = 'session-%s' % identifier

        # FIXME: using now default port without openl2tp patch
        our_port = 1701
        peer_port = 1701

        # ppp profile
        # FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'

        config = 'ppp profile create profile_name=%s\n' % ppp_profile_name

        for i in [ ['default_route', 'no'],
                   ['multilink', 'no'],
                   ['idle_timeout', '0'],  # no limit
                   ['mtu', '1300'],
                   ['mru', '1300'],
                   ['lcp_echo_interval', '60'],
                   ['lcp_echo_failure_count', '5'],
                   ['max_connect_time', '0'],  # no limit
                   ['max_failure_count', '10'],
                   ['trace_flags', trace_flags] ]:
            config += 'ppp profile modify profile_name=%s %s=%s\n' % (ppp_profile_name, i[0], i[1])

        # Note: all auth options must be on one line

        # XXX: this is for original, unpatched openl2tpd: cannot tell
        # which authentications to require and which refuse with
        # separate options, the solution is to simple allow peer not
        # to authenticate and for the rest use pppd defaults
        # config += 'ppp profile modify profile_name=%s auth_none=yes\n' % ppp_profile_name

        # XXX: this is for new patched openl2tp

        # Note: all auth options must be on one line
        config += 'ppp profile modify profile_name=%s req_none=yes auth_pap=yes auth_chap=yes auth_mschapv1=no auth_mschapv2=no auth_eap=no req_pap=no req_chap=no req_mschapv1=no req_mschapv2=no req_eap=no\n' % ppp_profile_name

        # no encryption
        # config += 'ppp profile modify profile_name=%s mppe=no\n' % ppp_profile_name

        # Note: all compression options must be on one line
        # Request deflate or bsdcomp compression.
        # XXX: no compression
        # config += 'ppp profile modify profile_name=%s comp_mppc=no comp_accomp=yes comp_pcomp=no comp_bsdcomp=no comp_deflate=yes comp_predictor=no comp_vj=no comp_ccomp_vj=no comp_ask_deflate=yes comp_ask_bsdcomp=no\n' % ppp_profile_name
        config += 'ppp profile modify profile_name=%s comp_mppc=no comp_accomp=yes comp_pcomp=no comp_bsdcomp=no comp_deflate=no comp_predictor=no comp_vj=no comp_ccomp_vj=no comp_ask_deflate=no comp_ask_bsdcomp=no\n' % ppp_profile_name


        # tunnel profile
        config += 'tunnel profile create profile_name=%s\n' % tunnel_profile_name

        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'


        for i in [ ['our_udp_port', str(our_port)],
                   ['peer_udp_port', str(peer_port)],
                   ['mtu', '1460'],
                   ['hello_timeout', '60'],
                   ['retry_timeout', '3'],
                   ['idle_timeout', '0'],
                   ['rx_window_size', '4'],
                   ['tx_window_size', '10'],
                   ['max_retries', '20'],
                   ['framing_caps', 'any'],
                   ['bearer_caps', 'any'],
                   ['trace_flags', trace_flags] ]:
            config += 'tunnel profile modify profile_name=%s %s=%s\n' % (tunnel_profile_name, i[0], i[1])

        # session profile
        config += 'session profile create profile_name=%s\n' % session_profile_name

        trace_flags = '0'
        if self.debug:
            trace_flags = '2047'

        for i in [ ['sequencing_required', 'no'],
                   ['use_sequence_numbers', 'no'],
                   ['trace_flags', trace_flags] ]:
            config += 'session profile modify profile_name=%s %s=%s\n' % (session_profile_name, i[0], i[1])

        # peer profile
        config += 'peer profile create profile_name=%s\n' % peer_profile_name


        # XXX: 'lac_lns', 'netmask'
        # 'peer_port' has no effect for some reason
        for i in [ ['peer_ipaddr', gwip],
                   ['peer_port', str(peer_port)],  # XXX: dup from above
                   ['ppp_profile_name', ppp_profile_name],
                   ['session_profile_name', session_profile_name],
                   ['tunnel_profile_name', tunnel_profile_name] ]:
            config += 'peer profile modify profile_name=%s %s=%s\n' % (peer_profile_name, i[0], i[1])

        config += '\nquit\n'

        # create profiles
        _log.debug(self._fmt('openl2tp config:\n%s' % config))
        helpers.write_file('/tmp/%s.config' % tunnel_profile_name, config)
        run_command([constants.CMD_OPENL2TPCONFIG], stdin=config, retval=runcommand.FAIL)