'networks':None,
'peer':None,
'pubkey':(lambda n,v:"key %s;\n"%v),
+ 'address':(lambda n,v:"address %s;\n"%v),
'mobile':sp,
})
require_properties={
'dh':"Diffie-Hellman group",
'contact':"Site admin contact address",
- 'address':"Site external access address",
'networks':"Networks claimed by the site",
'hash':"hash function",
'peer':"Gateway address of the site",
root=level(['root','root']) # All vpns are children of this node
obstack=[root]
allow_defs=0 # Level above which new definitions are permitted
+prefix=''
def set_property(obj,w):
"Set a property on a configuration node"
else:
obj.properties[w[0]]=keywords[w[0]][0](w)
-def pline(i):
+def pline(i,allow_include=False):
"Process a configuration file line"
global allow_defs, obstack, root
- w=string.split(i)
- if len(w)==0: return
+ w=string.split(i.rstrip('\n'))
+ if len(w)==0: return [i]
keyword=w[0]
current=obstack[len(obstack)-1]
if keyword=='end-definitions':
allow_defs=sitelevel.depth
obstack=[root]
- return
+ return [i]
+ if keyword=='include':
+ if not allow_include:
+ complain("include not permitted here")
+ return []
+ if len(w) != 2:
+ complain("include requires one argument")
+ return []
+ newfile=os.path.join(os.path.dirname(file),w[1])
+ return pfilepath(newfile,allow_include=allow_include)
if levels.has_key(keyword):
# We may go up any number of levels, but only down by one
newdepth=levels[keyword].depth
if nl.depth<allow_defs:
complain("New definitions not allowed at "
"level %d"%nl.depth)
+ # we risk crashing if we continue
+ sys.exit(1)
current.children[w[1]]=nl
current=nl
obstack.append(current)
- return
+ return [i]
if current.allow_properties.has_key(keyword):
set_property(current,w)
- return
+ return [i]
else:
complain("Property %s not allowed at %s level"%
(keyword,current.type))
- return
+ return []
complain("unknown keyword '%s'"%(keyword))
-def pfile(name,lines):
+def pfilepath(pathname,allow_include=False):
+ f=open(pathname)
+ outlines=pfile(pathname,f.readlines(),allow_include=allow_include)
+ f.close()
+ return outlines
+
+def pfile(name,lines,allow_include=False):
"Process a file"
global file,line
file=name
line=0
+ outlines=[]
for i in lines:
line=line+1
if (i[0]=='#'): continue
- if (i[len(i)-1]=='\n'): i=i[:len(i)-1] # strip trailing LF
- pline(i)
+ outlines += pline(i,allow_include=allow_include)
+ return outlines
def outputsites(w):
"Output include file for secnet configuration"
w.write("# Command line: %s\n\n"%string.join(sys.argv))
# Raw VPN data section of file
- w.write("vpn-data {\n")
+ w.write(prefix+"vpn-data {\n")
for i in root.children.values():
i.output_data(w,2,"")
w.write("};\n")
# Per-VPN flattened lists
- w.write("vpn {\n")
+ w.write(prefix+"vpn {\n")
for i in root.children.values():
- i.output_vpnflat(w,2,"vpn-data")
+ i.output_vpnflat(w,2,prefix+"vpn-data")
w.write("};\n")
# Flattened list of sites
- w.write("all-sites %s;\n"%string.join(map(lambda x:"vpn/%s/all-sites"%
- x,root.children.keys()),","))
+ w.write(prefix+"all-sites %s;\n"%string.join(
+ map(lambda x:"%svpn/%s/all-sites"%(prefix,x),
+ root.children.keys()),","))
# Are we being invoked from userv?
service=0
if not ok:
print "caller not in group %s"%group
sys.exit(1)
- f=open(header)
- headerinput=f.readlines()
- f.close()
- pfile(header,headerinput)
+ headerinput=pfilepath(header,allow_include=True)
userinput=sys.stdin.readlines()
pfile("user input",userinput)
else:
+ if sys.argv[1]=='-P':
+ prefix=sys.argv[2]
+ sys.argv[1:3]=[]
if len(sys.argv)>3:
print "Too many arguments"
sys.exit(1)
- f=open(sys.argv[1])
- pfile(sys.argv[1],f.readlines())
- f.close()
+ pfilepath(sys.argv[1])
of=sys.stdout
if len(sys.argv)>2:
of=open(sys.argv[2],'w')
~ian / secnet.git / blobdiff