X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=make-secnet-sites;h=547f5724652988189abd03ae46ff93fb2b28339b;hb=c4497addc3984dca4f1d3e77f3d49eaf5c00077a;hp=8e3ec7360f0379d40d4dda703965a5217281225a;hpb=00152558bd7f5c51096fd2fa83e8609aa02aa29c;p=secnet.git diff --git a/make-secnet-sites b/make-secnet-sites index 8e3ec73..547f572 100755 --- a/make-secnet-sites +++ b/make-secnet-sites @@ -54,6 +54,7 @@ import time import sys import os import getopt +import re # The ipaddr library is installed as part of secnet sys.path.append("/usr/local/share/secnet") @@ -108,6 +109,18 @@ class email: def __str__(self): return '<%s>'%(self.addr) +class boolean: + "A boolean" + def __init__(self,w): + if re.match('[TtYy1]',w[1]): + self.b=True + elif re.match('[FfNn0]',w[1]): + self.b=False + else: + complain("invalid boolean value"); + def __str__(self): + return ['False','True'][self.b] + class num: "A decimal number" def __init__(self,w): @@ -148,7 +161,8 @@ keywords={ 'networks':(networks,"Claimed networks"), 'pubkey':(rsakey,"RSA public site key"), 'peer':(single_ipaddr,"Tunnel peer IP address"), - 'address':(address,"External contact address and port") + 'address':(address,"External contact address and port"), + 'mobile':(boolean,"Site is mobile"), } def sp(name,value): @@ -165,7 +179,7 @@ global_properties={ 'setup-retries':sp, 'wait-time':sp, 'renegotiate-time':sp, - 'restrict-nets':(lambda name,value:"# restrict-nets %s\n"%value) + 'restrict-nets':(lambda name,value:"# restrict-nets %s\n"%value), } class level: @@ -252,7 +266,8 @@ class sitelevel(level): 'address':sp, 'networks':None, 'peer':None, - 'pubkey':(lambda n,v:"key %s;\n"%v) + 'pubkey':(lambda n,v:"key %s;\n"%v), + 'mobile':sp, }) require_properties={ 'dh':"Diffie-Hellman group", @@ -261,7 +276,7 @@ class sitelevel(level): 'networks':"Networks claimed by the site", 'hash':"hash function", 'peer':"Gateway address of the site", - 'pubkey':"RSA public key of the site" + 'pubkey':"RSA public key of the site", } def __init__(self,w): level.__init__(self,w) @@ -314,7 +329,7 @@ def set_property(obj,w): else: obj.properties[w[0]]=keywords[w[0]][0](w) -def pline(i): +def pline(i,allow_include=False): "Process a configuration file line" global allow_defs, obstack, root w=string.split(i) @@ -325,6 +340,16 @@ def pline(i): allow_defs=sitelevel.depth obstack=[root] return + if keyword=='include': + if not allow_include: + complain("include not permitted here") + return + if len(w) != 2: + complain("include requires one argument") + return + newfile=os.path.join(os.path.dirname(file),w[1]) + pfilepath(newfile,allow_include=allow_include) + return if levels.has_key(keyword): # We may go up any number of levels, but only down by one newdepth=levels[keyword].depth @@ -364,7 +389,12 @@ def pline(i): complain("unknown keyword '%s'"%(keyword)) -def pfile(name,lines): +def pfilepath(pathname,allow_include=False): + f=open(pathname) + pfile(pathname,f.readlines(),allow_include=allow_include) + f.close() + +def pfile(name,lines,allow_include=False): "Process a file" global file,line file=name @@ -373,7 +403,7 @@ def pfile(name,lines): line=line+1 if (i[0]=='#'): continue if (i[len(i)-1]=='\n'): i=i[:len(i)-1] # strip trailing LF - pline(i) + pline(i,allow_include=allow_include) def outputsites(w): "Output include file for secnet configuration" @@ -435,19 +465,14 @@ else: if not ok: print "caller not in group %s"%group sys.exit(1) - f=open(header) - headerinput=f.readlines() - f.close() - pfile(header,headerinput) + pfilepath(header,allow_include=True) userinput=sys.stdin.readlines() pfile("user input",userinput) else: if len(sys.argv)>3: print "Too many arguments" sys.exit(1) - f=open(sys.argv[1]) - pfile(sys.argv[1],f.readlines()) - f.close() + pfilepath(sys.argv[1],allow_include=True) of=sys.stdout if len(sys.argv)>2: of=open(sys.argv[2],'w')