no-disconnect-hup
no-suppress-args
cd ~/secnet/sites-test/
-execute ~/secnet/secnet/make-secnet-sites.py -u vpnheader groupfiles sites
+execute ~/secnet/make-secnet-sites.py -u vpnheader groupfiles sites
This program is part of secnet. It relies on the "ipaddr" library from
Cendio Systems AB.
import os
import ipaddr
-VERSION="0.1.3"
+VERSION="0.1.5"
class vpn:
def __init__(self,name):
class dhgroup:
def __init__(self,w):
- self.w=w
+ self.mod=w[1]
+ self.gen=w[2]
def out(self):
- return 'dh diffie-hellman("%s","%s");'%(self.w[1],self.w[2])
+ return 'dh diffie-hellman("%s","%s");'%(self.mod,self.gen)
class hash:
def __init__(self,w):
- self.w=w
- if (w[1]!='md5' and w[1]!='sha1'):
- complain("unknown hash type %s"%(w[1]))
+ self.ht=w[1]
+ if (self.ht!='md5' and self.ht!='sha1'):
+ complain("unknown hash type %s"%(self.ht))
def out(self):
- return 'hash %s;'%(self.w[1])
+ return 'hash %s;'%(self.ht)
class email:
def __init__(self,w):
- self.w=w
+ self.addr=w[1]
def out(self):
- return '# Contact email address: <%s>'%(self.w[1])
+ return '# Contact email address: <%s>'%(self.addr)
class num:
def __init__(self,w):
- self.w=w
+ self.what=w[0]
+ self.n=string.atol(w[1])
def out(self):
- return '%s %s;'%(self.w[0],self.w[1])
+ return '%s %d;'%(self.what,self.n)
class address:
def __init__(self,w):
self.w=w
+ self.adr=w[1]
+ self.port=string.atoi(w[2])
+ if (self.port<1 or self.port>65535):
+ complain("invalid port number")
def out(self):
- return 'address "%s"; port %s;'%(self.w[1],self.w[2])
+ return 'address "%s"; port %d;'%(self.adr,self.port)
class rsakey:
def __init__(self,w):
- self.w=w
+ self.l=string.atoi(w[1])
+ self.e=w[2]
+ self.n=w[3]
def out(self):
- return 'key rsa-public("%s","%s");'%(self.w[2],self.w[3])
+ return 'key rsa-public("%s","%s");'%(self.e,self.n)
class mobileoption:
def __init__(self,w):
self.w=w
def out(self):
- return 'netlink-options "soft";'
+ return '# netlink-options "soft";'
def complain(msg):
global complaints
for i in vpns.values():
w.write(" %s {\n"%(i.name))
for l in i.locations.values():
- slist=map(lambda x:"vpn-data/%s/%s/%s"%
- (i.name,l.name,x.name),
- l.sites.values())
+ tmpl="vpn-data/%s/%s/%%s"%(i.name,l.name)
+ slist=[]
+ for s in l.sites.values(): slist.append(tmpl%s.name)
w.write(" %s %s;\n"%(l.name,string.join(slist,",")))
w.write("\n all-sites %s;\n"%
string.join(i.locations.keys(),","))
print "caller not in group %s"%group
sys.exit(1)
f=open(header)
- pfile(header,f.readlines())
+ headerinput=f.readlines()
f.close()
+ pfile(header,headerinput)
userinput=sys.stdin.readlines()
pfile("user input",userinput)
else:
if service:
# Put the user's input into their group file, and rebuild the main
# sites file
- f=open(groupfiledir+"-tmp/"+group,'w')
+ f=open(groupfiledir+"/T"+group,'w')
f.write("# Section submitted by user %s, %s\n"%
(user,time.asctime(time.localtime(time.time()))))
f.write("# Checked by make-secnet-sites.py version %s\n\n"%VERSION)
for i in userinput: f.write(i)
f.write("\n")
f.close()
- os.rename(groupfiledir+"-tmp/"+group,groupfiledir+"/"+group)
- # XXX rebuild main sites file!
+ os.rename(groupfiledir+"/T"+group,groupfiledir+"/R"+group)
+ f=open(sitesfile+"-tmp",'w')
+ f.write("# sites file autogenerated by make-secnet-sites.py\n")
+ f.write("# generated %s, invoked by %s\n"%
+ (time.asctime(time.localtime(time.time())),user))
+ f.write("# use make-secnet-sites.py to turn this file into a\n")
+ f.write("# valid /etc/secnet/sites.conf file\n\n")
+ for i in headerinput: f.write(i)
+ files=os.listdir(groupfiledir)
+ for i in files:
+ if i[0]=='R':
+ j=open(groupfiledir+"/"+i)
+ f.write(j.read())
+ j.close()
+ f.write("# end of sites file\n")
+ f.close()
+ os.rename(sitesfile+"-tmp",sitesfile)
else:
outputsites(of)