def _openl2tp_start_session(self, myip, gwip, index):
"""Create session."""
identifier = '%s-%s' % (myip, str(index))
ppp_profile_name = 'ppp-prof-%s' % identifier
tunnel_profile_name = 'tunnel-prof-%s' % identifier
session_profile_name = 'session-prof-%s' % identifier
peer_profile_name = 'peer-prof-%s' % identifier
tunnel_name = 'tunnel-%s' % identifier
session_name = 'session-%s' % identifier
# FIXME: using now default port without openl2tp patch
our_port = 1701
peer_port = 1701
# ppp profile
# FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
trace_flags = '0'
if self.debug:
trace_flags = '2047'
config = 'session create session_name=%s' % session_name
for i in [ ['tunnel_name', tunnel_name],
['tunnel_id', str(self.tunnel_id)],
### ['session_id', str(self.session_id)],
['profile_name', session_profile_name],
['ppp_profile_name', ppp_profile_name],
['user_name', self.username],
['user_password', self.password] ]:
config += ' %s=%s' % (i[0], i[1])
config += '\nquit\n'
# activate session
_log.debug(self._fmt('openl2tp config for session:\n%s' % config))
helpers.write_file('/tmp/%s.config' % session_name, config)
[rv, stdout, stderr] = run_command([constants.CMD_OPENL2TPCONFIG], stdin=config, retval=runcommand.FAIL)
session_id = None
tunnel_id = self.tunnel_id
for l in stderr.split('\n'):
m = _re_openl2tp_created_session.match(l)
if m is not None:
if session_id is not None:
_log.warning('second session id (%s), old one was %s; ignoring' % (m.group(2), str(session_id)))
else:
tun = int(m.group(1))
if tun != tunnel_id:
_log.warning('session id differs from earlier (earlier %s, found %s), ignoring' % (str(tunnel_id), str(tun)))
else:
session_id = int(m.group(2))
if session_id is None:
raise Exception(self._fmt('could not figure session id'))
_log.info(self._fmt('figured out session id %s' % str(session_id)))
self.session_id = session_id
def run(autologin=False, autologin_user=None):
gdm_conf = '/etc/gdm/gdm.conf-custom'
config_vars = {'back_color': constants.GDM_BACKGROUND_COLOR, 'back_themed_color': constants.GDM_GRAPHICAL_THEMED_COLOR}
if autologin:
_log.info('Setting GDM autologin to user %s' % autologin_user)
config_vars.update({'autologin':'******', 'autologin_user': autologin_user})
else:
_log.info('Unsetting GDM autologin')
config_vars.update({'autologin':'******', 'autologin_user': '******'})
helpers.write_file(gdm_conf, custom_config % config_vars, append=False, perms=0644)
def run(autologin=False, autologin_user=None):
gdm_conf = '/etc/gdm/gdm.conf-custom'
config_vars = {
'back_color': constants.GDM_BACKGROUND_COLOR,
'back_themed_color': constants.GDM_GRAPHICAL_THEMED_COLOR
}
if autologin:
_log.info('Setting GDM autologin to user %s' % autologin_user)
config_vars.update({
'autologin': '******',
'autologin_user': autologin_user
})
else:
_log.info('Unsetting GDM autologin')
config_vars.update({'autologin': '******', 'autologin_user': '******'})
helpers.write_file(gdm_conf,
custom_config % config_vars,
append=False,
perms=0644)
def write_file(dest, contents, append=False, perms=0755):
common_helpers.write_file(dest, contents, append=append, perms=perms)
def write_file(dest, contents, append=False, perms=0755):
common_helpers.write_file(dest, contents, append=append, perms=perms)
def _openl2tp_start_session(self, myip, gwip, index):
"""Create session."""
identifier = '%s-%s' % (myip, str(index))
ppp_profile_name = 'ppp-prof-%s' % identifier
tunnel_profile_name = 'tunnel-prof-%s' % identifier
session_profile_name = 'session-prof-%s' % identifier
peer_profile_name = 'peer-prof-%s' % identifier
tunnel_name = 'tunnel-%s' % identifier
session_name = 'session-%s' % identifier
# FIXME: using now default port without openl2tp patch
our_port = 1701
peer_port = 1701
# ppp profile
# FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
trace_flags = '0'
if self.debug:
trace_flags = '2047'
config = 'session create session_name=%s' % session_name
for i in [
['tunnel_name', tunnel_name],
['tunnel_id', str(self.tunnel_id)],
### ['session_id', str(self.session_id)],
['profile_name', session_profile_name],
['ppp_profile_name', ppp_profile_name],
['user_name', self.username],
['user_password', self.password]
]:
config += ' %s=%s' % (i[0], i[1])
config += '\nquit\n'
# activate session
_log.debug(self._fmt('openl2tp config for session:\n%s' % config))
helpers.write_file('/tmp/%s.config' % session_name, config)
[rv, stdout, stderr] = run_command([constants.CMD_OPENL2TPCONFIG],
stdin=config,
retval=runcommand.FAIL)
session_id = None
tunnel_id = self.tunnel_id
for l in stderr.split('\n'):
m = _re_openl2tp_created_session.match(l)
if m is not None:
if session_id is not None:
_log.warning(
'second session id (%s), old one was %s; ignoring' %
(m.group(2), str(session_id)))
else:
tun = int(m.group(1))
if tun != tunnel_id:
_log.warning(
'session id differs from earlier (earlier %s, found %s), ignoring'
% (str(tunnel_id), str(tun)))
else:
session_id = int(m.group(2))
if session_id is None:
raise Exception(self._fmt('could not figure session id'))
_log.info(self._fmt('figured out session id %s' % str(session_id)))
self.session_id = session_id
def _openl2tp_start_tunnel(self, myip, gwip, index):
identifier = '%s-%s' % (myip, str(index))
ppp_profile_name = 'ppp-prof-%s' % identifier
tunnel_profile_name = 'tunnel-prof-%s' % identifier
session_profile_name = 'session-prof-%s' % identifier
peer_profile_name = 'peer-prof-%s' % identifier
tunnel_name = 'tunnel-%s' % identifier
session_name = 'session-%s' % identifier
# FIXME: using now default port without openl2tp patch
our_port = 1701
peer_port = 1701
# ppp profile
# FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
trace_flags = '0'
if self.debug:
trace_flags = '2047'
# create tunnel - this triggers openl2tp
#
# NOTE: 'interface_name' would make life easier, but is not currently
# supported by Openl2tp.
#
# XXX: 'persist', 'interface_name'
config = 'tunnel create tunnel_name=%s' % tunnel_name # NB: all on one line here
for i in [
['src_ipaddr', myip],
['our_udp_port', str(our_port)], # XXX: dup from above
['peer_udp_port', str(peer_port)], # XXX: dup from above
['dest_ipaddr', gwip],
['peer_profile_name', peer_profile_name],
['profile_name', tunnel_profile_name],
['session_profile_name', session_profile_name],
['tunnel_name', tunnel_name],
### ['tunnel_id', str(self.tunnel_id)],
['use_udp_checksums', 'yes']
]:
config += ' %s=%s' % (i[0], i[1])
config += '\nquit\n'
# activate tunnel
_log.debug(self._fmt('openl2tp config for tunnel:\n%s' % config))
helpers.write_file('/tmp/%s.config' % tunnel_name, config)
[rv, stdout, stderr] = run_command([constants.CMD_OPENL2TPCONFIG],
stdin=config,
retval=runcommand.FAIL)
tunnel_id = None
for l in stderr.split('\n'):
m = _re_openl2tp_created_tunnel.match(l)
if m is not None:
if tunnel_id is not None:
_log.warning(
self._fmt(
'second tunnel id (%s), old one was %s; ignoring' %
(m.group(1), str(tunnel_id))))
else:
tunnel_id = int(m.group(1))
if tunnel_id is None:
_log.error(
self._fmt('tunnel out: %d, %s, %s' % (rv, stdout, stderr)))
raise Exception(self._fmt('could not figure tunnel id'))
_log.info(self._fmt('figured out tunnel id %s' % int(tunnel_id)))
self.tunnel_id = tunnel_id
def _openl2tp_config_raw(self, myip, gwip, index):
"""Actual config."""
identifier = '%s-%s' % (myip, str(index))
ppp_profile_name = 'ppp-prof-%s' % identifier
tunnel_profile_name = 'tunnel-prof-%s' % identifier
session_profile_name = 'session-prof-%s' % identifier
peer_profile_name = 'peer-prof-%s' % identifier
tunnel_name = 'tunnel-%s' % identifier
session_name = 'session-%s' % identifier
# FIXME: using now default port without openl2tp patch
our_port = 1701
peer_port = 1701
# ppp profile
# FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
trace_flags = '0'
if self.debug:
trace_flags = '2047'
config = 'ppp profile create profile_name=%s\n' % ppp_profile_name
for i in [
['default_route', 'no'],
['multilink', 'no'],
['idle_timeout', '0'], # no limit
['mtu', '1300'],
['mru', '1300'],
['lcp_echo_interval', '60'],
['lcp_echo_failure_count', '5'],
['max_connect_time', '0'], # no limit
['max_failure_count', '10'],
['trace_flags', trace_flags]
]:
config += 'ppp profile modify profile_name=%s %s=%s\n' % (
ppp_profile_name, i[0], i[1])
# Note: all auth options must be on one line
# XXX: this is for original, unpatched openl2tpd: cannot tell
# which authentications to require and which refuse with
# separate options, the solution is to simple allow peer not
# to authenticate and for the rest use pppd defaults
# config += 'ppp profile modify profile_name=%s auth_none=yes\n' % ppp_profile_name
# XXX: this is for new patched openl2tp
# Note: all auth options must be on one line
config += 'ppp profile modify profile_name=%s req_none=yes auth_pap=yes auth_chap=yes auth_mschapv1=no auth_mschapv2=no auth_eap=no req_pap=no req_chap=no req_mschapv1=no req_mschapv2=no req_eap=no\n' % ppp_profile_name
# no encryption
# config += 'ppp profile modify profile_name=%s mppe=no\n' % ppp_profile_name
# Note: all compression options must be on one line
# Request deflate or bsdcomp compression.
# XXX: no compression
# config += 'ppp profile modify profile_name=%s comp_mppc=no comp_accomp=yes comp_pcomp=no comp_bsdcomp=no comp_deflate=yes comp_predictor=no comp_vj=no comp_ccomp_vj=no comp_ask_deflate=yes comp_ask_bsdcomp=no\n' % ppp_profile_name
config += 'ppp profile modify profile_name=%s comp_mppc=no comp_accomp=yes comp_pcomp=no comp_bsdcomp=no comp_deflate=no comp_predictor=no comp_vj=no comp_ccomp_vj=no comp_ask_deflate=no comp_ask_bsdcomp=no\n' % ppp_profile_name
# tunnel profile
config += 'tunnel profile create profile_name=%s\n' % tunnel_profile_name
trace_flags = '0'
if self.debug:
trace_flags = '2047'
for i in [['our_udp_port', str(our_port)],
['peer_udp_port', str(peer_port)], ['mtu', '1460'],
['hello_timeout', '60'], ['retry_timeout', '3'],
['idle_timeout', '0'], ['rx_window_size', '4'],
['tx_window_size', '10'], ['max_retries', '20'],
['framing_caps', 'any'], ['bearer_caps', 'any'],
['trace_flags', trace_flags]]:
config += 'tunnel profile modify profile_name=%s %s=%s\n' % (
tunnel_profile_name, i[0], i[1])
# session profile
config += 'session profile create profile_name=%s\n' % session_profile_name
trace_flags = '0'
if self.debug:
trace_flags = '2047'
for i in [['sequencing_required',
'no'], ['use_sequence_numbers', 'no'],
['trace_flags', trace_flags]]:
config += 'session profile modify profile_name=%s %s=%s\n' % (
session_profile_name, i[0], i[1])
# peer profile
config += 'peer profile create profile_name=%s\n' % peer_profile_name
# XXX: 'lac_lns', 'netmask'
# 'peer_port' has no effect for some reason
for i in [
['peer_ipaddr', gwip],
['peer_port', str(peer_port)], # XXX: dup from above
['ppp_profile_name', ppp_profile_name],
['session_profile_name', session_profile_name],
['tunnel_profile_name', tunnel_profile_name]
]:
config += 'peer profile modify profile_name=%s %s=%s\n' % (
peer_profile_name, i[0], i[1])
config += '\nquit\n'
# create profiles
_log.debug(self._fmt('openl2tp config:\n%s' % config))
helpers.write_file('/tmp/%s.config' % tunnel_profile_name, config)
run_command([constants.CMD_OPENL2TPCONFIG],
stdin=config,
retval=runcommand.FAIL)
def _openl2tp_start_tunnel(self, myip, gwip, index):
identifier = '%s-%s' % (myip, str(index))
ppp_profile_name = 'ppp-prof-%s' % identifier
tunnel_profile_name = 'tunnel-prof-%s' % identifier
session_profile_name = 'session-prof-%s' % identifier
peer_profile_name = 'peer-prof-%s' % identifier
tunnel_name = 'tunnel-%s' % identifier
session_name = 'session-%s' % identifier
# FIXME: using now default port without openl2tp patch
our_port = 1701
peer_port = 1701
# ppp profile
# FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
trace_flags = '0'
if self.debug:
trace_flags = '2047'
# create tunnel - this triggers openl2tp
#
# NOTE: 'interface_name' would make life easier, but is not currently
# supported by Openl2tp.
#
# XXX: 'persist', 'interface_name'
config = 'tunnel create tunnel_name=%s' % tunnel_name # NB: all on one line here
for i in [ ['src_ipaddr', myip],
['our_udp_port', str(our_port)], # XXX: dup from above
['peer_udp_port', str(peer_port)], # XXX: dup from above
['dest_ipaddr', gwip],
['peer_profile_name', peer_profile_name],
['profile_name', tunnel_profile_name],
['session_profile_name', session_profile_name],
['tunnel_name', tunnel_name],
### ['tunnel_id', str(self.tunnel_id)],
['use_udp_checksums', 'yes'] ]:
config += ' %s=%s' % (i[0], i[1])
config += '\nquit\n'
# activate tunnel
_log.debug(self._fmt('openl2tp config for tunnel:\n%s' % config))
helpers.write_file('/tmp/%s.config' % tunnel_name, config)
[rv, stdout, stderr] = run_command([constants.CMD_OPENL2TPCONFIG], stdin=config, retval=runcommand.FAIL)
tunnel_id = None
for l in stderr.split('\n'):
m = _re_openl2tp_created_tunnel.match(l)
if m is not None:
if tunnel_id is not None:
_log.warning(self._fmt('second tunnel id (%s), old one was %s; ignoring' % (m.group(1), str(tunnel_id))))
else:
tunnel_id = int(m.group(1))
if tunnel_id is None:
_log.error(self._fmt('tunnel out: %d, %s, %s' % (rv, stdout, stderr)))
raise Exception(self._fmt('could not figure tunnel id'))
_log.info(self._fmt('figured out tunnel id %s' % int(tunnel_id)))
self.tunnel_id = tunnel_id
def _openl2tp_config_raw(self, myip, gwip, index):
"""Actual config."""
identifier = '%s-%s' % (myip, str(index))
ppp_profile_name = 'ppp-prof-%s' % identifier
tunnel_profile_name = 'tunnel-prof-%s' % identifier
session_profile_name = 'session-prof-%s' % identifier
peer_profile_name = 'peer-prof-%s' % identifier
tunnel_name = 'tunnel-%s' % identifier
session_name = 'session-%s' % identifier
# FIXME: using now default port without openl2tp patch
our_port = 1701
peer_port = 1701
# ppp profile
# FIXME: default_route; local_ipaddr; dns_ipaddr_{pri,sec}, wins_ipaddr_{pri,sec}
trace_flags = '0'
if self.debug:
trace_flags = '2047'
config = 'ppp profile create profile_name=%s\n' % ppp_profile_name
for i in [ ['default_route', 'no'],
['multilink', 'no'],
['idle_timeout', '0'], # no limit
['mtu', '1300'],
['mru', '1300'],
['lcp_echo_interval', '60'],
['lcp_echo_failure_count', '5'],
['max_connect_time', '0'], # no limit
['max_failure_count', '10'],
['trace_flags', trace_flags] ]:
config += 'ppp profile modify profile_name=%s %s=%s\n' % (ppp_profile_name, i[0], i[1])
# Note: all auth options must be on one line
# XXX: this is for original, unpatched openl2tpd: cannot tell
# which authentications to require and which refuse with
# separate options, the solution is to simple allow peer not
# to authenticate and for the rest use pppd defaults
# config += 'ppp profile modify profile_name=%s auth_none=yes\n' % ppp_profile_name
# XXX: this is for new patched openl2tp
# Note: all auth options must be on one line
config += 'ppp profile modify profile_name=%s req_none=yes auth_pap=yes auth_chap=yes auth_mschapv1=no auth_mschapv2=no auth_eap=no req_pap=no req_chap=no req_mschapv1=no req_mschapv2=no req_eap=no\n' % ppp_profile_name
# no encryption
# config += 'ppp profile modify profile_name=%s mppe=no\n' % ppp_profile_name
# Note: all compression options must be on one line
# Request deflate or bsdcomp compression.
# XXX: no compression
# config += 'ppp profile modify profile_name=%s comp_mppc=no comp_accomp=yes comp_pcomp=no comp_bsdcomp=no comp_deflate=yes comp_predictor=no comp_vj=no comp_ccomp_vj=no comp_ask_deflate=yes comp_ask_bsdcomp=no\n' % ppp_profile_name
config += 'ppp profile modify profile_name=%s comp_mppc=no comp_accomp=yes comp_pcomp=no comp_bsdcomp=no comp_deflate=no comp_predictor=no comp_vj=no comp_ccomp_vj=no comp_ask_deflate=no comp_ask_bsdcomp=no\n' % ppp_profile_name
# tunnel profile
config += 'tunnel profile create profile_name=%s\n' % tunnel_profile_name
trace_flags = '0'
if self.debug:
trace_flags = '2047'
for i in [ ['our_udp_port', str(our_port)],
['peer_udp_port', str(peer_port)],
['mtu', '1460'],
['hello_timeout', '60'],
['retry_timeout', '3'],
['idle_timeout', '0'],
['rx_window_size', '4'],
['tx_window_size', '10'],
['max_retries', '20'],
['framing_caps', 'any'],
['bearer_caps', 'any'],
['trace_flags', trace_flags] ]:
config += 'tunnel profile modify profile_name=%s %s=%s\n' % (tunnel_profile_name, i[0], i[1])
# session profile
config += 'session profile create profile_name=%s\n' % session_profile_name
trace_flags = '0'
if self.debug:
trace_flags = '2047'
for i in [ ['sequencing_required', 'no'],
['use_sequence_numbers', 'no'],
['trace_flags', trace_flags] ]:
config += 'session profile modify profile_name=%s %s=%s\n' % (session_profile_name, i[0], i[1])
# peer profile
config += 'peer profile create profile_name=%s\n' % peer_profile_name
# XXX: 'lac_lns', 'netmask'
# 'peer_port' has no effect for some reason
for i in [ ['peer_ipaddr', gwip],
['peer_port', str(peer_port)], # XXX: dup from above
['ppp_profile_name', ppp_profile_name],
['session_profile_name', session_profile_name],
['tunnel_profile_name', tunnel_profile_name] ]:
config += 'peer profile modify profile_name=%s %s=%s\n' % (peer_profile_name, i[0], i[1])
config += '\nquit\n'
# create profiles
_log.debug(self._fmt('openl2tp config:\n%s' % config))
helpers.write_file('/tmp/%s.config' % tunnel_profile_name, config)
run_command([constants.CMD_OPENL2TPCONFIG], stdin=config, retval=runcommand.FAIL)