def generate_client_conf(self): if not os.path.exists(self._temp_path): os.makedirs(self._temp_path) ovpn_conf_path = os.path.join(self._temp_path, OVPN_CONF_NAME) self.interface = utils.tun_interface_acquire() if self.linked_host: remotes = 'remote %s %s' % ( self.host.link_addr, self.linked_server.port, ) else: remotes = self.linked_server.get_key_remotes(True) client_conf = OVPN_INLINE_LINK_CONF % ( uuid.uuid4().hex, utils.random_name(), self.interface, self.linked_server.protocol, remotes, CIPHERS[self.server.cipher], 4 if self.server.debug else 1, 8 if self.server.debug else 3, self.linked_server.ping_interval, self.linked_server.ping_timeout, ) if self.linked_server.lzo_compression != ADAPTIVE: client_conf += 'comp-lzo no\n' if self.server.debug: self.server.output_link.push_message( 'Server conf:', label=self.output_label, link_server_id=self.linked_server.id, ) for conf_line in client_conf.split('\n'): if conf_line: self.server.output_link.push_message( ' ' + conf_line, label=self.output_label, link_server_id=self.linked_server.id, ) client_conf += JUMBO_FRAMES[self.linked_server.jumbo_frames] client_conf += '<ca>\n%s\n</ca>\n' % self.linked_server.ca_certificate if self.linked_server.tls_auth: client_conf += 'key-direction 1\n<tls-auth>\n%s\n</tls-auth>\n' % ( self.linked_server.tls_auth_key) client_conf += ('<cert>\n%s\n' + \ '</cert>\n') % utils.get_cert_block(self.user.certificate) client_conf += '<key>\n%s\n</key>\n' % (self.user.private_key.strip()) with open(ovpn_conf_path, 'w') as ovpn_conf: os.chmod(ovpn_conf_path, 0600) ovpn_conf.write(client_conf) return ovpn_conf_path
def generate_client_conf(self): if not os.path.exists(self._temp_path): os.makedirs(self._temp_path) ovpn_conf_path = os.path.join(self._temp_path, OVPN_CONF_NAME) self.interface = utils.tun_interface_acquire() if self.linked_host: remotes = 'remote %s %s' % ( self.host.link_addr, self.linked_server.port, ) else: remotes = self.linked_server.get_key_remotes(True) client_conf = OVPN_INLINE_LINK_CONF % ( uuid.uuid4().hex, utils.random_name(), self.interface, self.linked_server.protocol, remotes, CIPHERS[self.server.cipher], 4 if self.server.debug else 1, 8 if self.server.debug else 3, ) if self.linked_server.lzo_compression != ADAPTIVE: client_conf += 'comp-lzo no\n' if self.server.debug: self.server.output_link.push_message( 'Server conf:', label=self.output_label, link_server_id=self.linked_server.id, ) for conf_line in client_conf.split('\n'): if conf_line: self.server.output_link.push_message( ' ' + conf_line, label=self.output_label, link_server_id=self.linked_server.id, ) client_conf += JUMBO_FRAMES[self.linked_server.jumbo_frames] client_conf += '<ca>\n%s\n</ca>\n' % self.linked_server.ca_certificate if self.linked_server.tls_auth: client_conf += 'key-direction 1\n<tls-auth>\n%s\n</tls-auth>\n' % ( self.linked_server.tls_auth_key) client_conf += ('<cert>\n%s\n' + \ '</cert>\n') % utils.get_cert_block(self.user.certificate) client_conf += '<key>\n%s\n</key>\n' % ( self.user.private_key.strip()) with open(ovpn_conf_path, 'w') as ovpn_conf: os.chmod(ovpn_conf_path, 0600) ovpn_conf.write(client_conf) return ovpn_conf_path
def generate_client_conf(self): if not os.path.exists(self._temp_path): os.makedirs(self._temp_path) ovpn_conf_path = os.path.join(self._temp_path, OVPN_CONF_NAME) self.interface = utils.tun_interface_acquire() if self.linked_host: remotes = 'remote %s %s' % ( self.host.link_address or self.host.public_address, self.linked_server.port, ) else: remotes = self.linked_server.get_key_remotes(True) client_conf = OVPN_INLINE_LINK_CONF % ( self.interface, self.linked_server.protocol, remotes, CIPHERS[self.server.cipher], 4 if self.server.debug else 1, 8 if self.server.debug else 3, ) if self.server.lzo_compression != ADAPTIVE: client_conf += 'comp-lzo no\n' if self.server.otp_auth: client_conf += 'auth-user-pass\n' client_conf += JUMBO_FRAMES[self.server.jumbo_frames] client_conf += '<ca>\n%s\n</ca>\n' % utils.get_cert_block( self.server.ca_certificate) if self.server.tls_auth: client_conf += '<tls-auth>\n%s\n</tls-auth>\n' % ( self.server.tls_auth_key) client_conf += ('<cert>\n%s\n' + \ '</cert>\n') % utils.get_cert_block(self.user.certificate) client_conf += '<key>\n%s\n</key>\n' % ( self.user.private_key.strip()) with open(ovpn_conf_path, 'w') as ovpn_conf: os.chmod(ovpn_conf_path, 0600) ovpn_conf.write(client_conf) return ovpn_conf_path
def generate_client_conf(self): if not os.path.exists(self._temp_path): os.makedirs(self._temp_path) ovpn_conf_path = os.path.join(self._temp_path, OVPN_CONF_NAME) self.interface = utils.tun_interface_acquire() if self.linked_host: remotes = 'remote %s %s' % ( self.host.link_address or self.host.public_address, self.linked_server.port, ) else: remotes = self.linked_server.get_key_remotes(True) client_conf = OVPN_INLINE_LINK_CONF % ( uuid.uuid4().hex, utils.random_name(), self.interface, self.linked_server.protocol, remotes, CIPHERS[self.server.cipher], 4 if self.server.debug else 1, 8 if self.server.debug else 3, ) if self.linked_server.lzo_compression != ADAPTIVE: client_conf += 'comp-lzo no\n' if self.linked_server.otp_auth: client_conf += 'auth-user-pass\n' client_conf += JUMBO_FRAMES[self.linked_server.jumbo_frames] client_conf += '<ca>\n%s\n</ca>\n' % self.linked_server.ca_certificate if self.linked_server.tls_auth: client_conf += '<tls-auth>\n%s\n</tls-auth>\n' % ( self.linked_server.tls_auth_key) client_conf += ('<cert>\n%s\n' + \ '</cert>\n') % utils.get_cert_block(self.user.certificate) client_conf += '<key>\n%s\n</key>\n' % (self.user.private_key.strip()) with open(ovpn_conf_path, 'w') as ovpn_conf: os.chmod(ovpn_conf_path, 0600) ovpn_conf.write(client_conf) return ovpn_conf_path
def resources_acquire(self): if self.resource_lock: raise TypeError('Server resource lock already set') self.resource_lock = _resource_locks[self.server.id] self.resource_lock.acquire() self.interface = utils.tun_interface_acquire()