"""
+from __future__ import print_function
+
import string
import time
import sys
import ipaddr
-sys.path.insert(0,"/usr/local/share/secnet")
-sys.path.insert(0,"/usr/share/secnet")
+# entry 0 is "near the executable", or maybe from PYTHONPATH=.,
+# which we don't want to preempt
+sys.path.insert(1,"/usr/local/share/secnet")
+sys.path.insert(1,"/usr/share/secnet")
import ipaddrset
VERSION="0.1.18"
+# Are we being invoked from userv?
+service=0
+# If we are, which group does the caller want to modify?
+group=None
+
+if len(sys.argv)<2:
+ inputfile=None
+ of=sys.stdout
+else:
+ if sys.argv[1]=='-u':
+ if len(sys.argv)!=6:
+ print("Wrong number of arguments")
+ sys.exit(1)
+ service=1
+ header=sys.argv[2]
+ groupfiledir=sys.argv[3]
+ sitesfile=sys.argv[4]
+ group=sys.argv[5]
+ if not os.environ.has_key("USERV_USER"):
+ print("Environment variable USERV_USER not found")
+ sys.exit(1)
+ user=os.environ["USERV_USER"]
+ # Check that group is in USERV_GROUP
+ if not os.environ.has_key("USERV_GROUP"):
+ print("Environment variable USERV_GROUP not found")
+ sys.exit(1)
+ ugs=os.environ["USERV_GROUP"]
+ ok=0
+ for i in string.split(ugs):
+ if group==i: ok=1
+ if not ok:
+ print("caller not in group %s"%group)
+ sys.exit(1)
+ else:
+ if sys.argv[1]=='-P':
+ prefix=sys.argv[2]
+ sys.argv[1:3]=[]
+ if len(sys.argv)>3:
+ print("Too many arguments")
+ sys.exit(1)
+ inputfile=sys.argv[1]
+ of=sys.stdout
+ if len(sys.argv)>2:
+ of=open(sys.argv[2],'w')
+
# Classes describing possible datatypes in the configuration file
class basetype:
"Common protocol for configuration types."
- pass
+ def add(self,obj,w):
+ complain("%s %s already has property %s defined"%
+ (obj.type,obj.name,w[0]))
+
+class conflist:
+ "A list of some kind of configuration type."
+ def __init__(self,subtype,w):
+ self.subtype=subtype
+ self.list=[subtype(w)]
+ def add(self,obj,w):
+ self.list.append(self.subtype(w))
+ def __str__(self):
+ return ', '.join(map(str, self.list))
+def listof(subtype):
+ return lambda w: conflist(subtype, w)
class single_ipaddr (basetype):
"An IP address"
def complain(msg):
"Complain about a particular input line"
global complaints
- print ("%s line %d: "%(file,line))+msg
+ print(("%s line %d: "%(file,line))+msg)
complaints=complaints+1
def moan(msg):
"Complain about something in general"
global complaints
- print msg;
+ print(msg);
complaints=complaints+1
root=level(['root','root']) # All vpns are children of this node
def set_property(obj,w):
"Set a property on a configuration node"
if obj.properties.has_key(w[0]):
- complain("%s %s already has property %s defined"%
- (obj.type,obj.name,w[0]))
+ obj.properties[w[0]].add(obj,w)
else:
obj.properties[w[0]]=keywords[w[0]][0](w)
map(lambda x:"%svpn/%s/all-sites"%(prefix,x),
root.children.keys()),","))
-# Are we being invoked from userv?
-service=0
-# If we are, which group does the caller want to modify?
-group=None
-
line=0
file=None
complaints=0
-if len(sys.argv)<2:
- pfile("stdin",sys.stdin.readlines())
- of=sys.stdout
-else:
- if sys.argv[1]=='-u':
- if len(sys.argv)!=6:
- print "Wrong number of arguments"
- sys.exit(1)
- service=1
- header=sys.argv[2]
- groupfiledir=sys.argv[3]
- sitesfile=sys.argv[4]
- group=sys.argv[5]
- if not os.environ.has_key("USERV_USER"):
- print "Environment variable USERV_USER not found"
- sys.exit(1)
- user=os.environ["USERV_USER"]
- # Check that group is in USERV_GROUP
- if not os.environ.has_key("USERV_GROUP"):
- print "Environment variable USERV_GROUP not found"
- sys.exit(1)
- ugs=os.environ["USERV_GROUP"]
- ok=0
- for i in string.split(ugs):
- if group==i: ok=1
- if not ok:
- print "caller not in group %s"%group
- sys.exit(1)
- headerinput=pfilepath(header,allow_include=True)
- userinput=sys.stdin.readlines()
- pfile("user input",userinput)
- else:
- if sys.argv[1]=='-P':
- prefix=sys.argv[2]
- sys.argv[1:3]=[]
- if len(sys.argv)>3:
- print "Too many arguments"
- sys.exit(1)
- pfilepath(sys.argv[1])
- of=sys.stdout
- if len(sys.argv)>2:
- of=open(sys.argv[2],'w')
-
# Sanity check section
# Delete nodes where leaf=0 that have no children
delempty(n.children[i])
if not live(n.children[i]):
del n.children[i]
-delempty(root)
# Check that all constraints are met (as far as I can tell
# restrict-nets/networks/peer are the only special cases)
for i in n.children.keys():
checkconstraints(n.children[i],new_p,new_ra)
+if service:
+ headerinput=pfilepath(header,allow_include=True)
+ userinput=sys.stdin.readlines()
+ pfile("user input",userinput)
+else:
+ if inputfile is None:
+ pfile("stdin",sys.stdin.readlines())
+ else:
+ pfilepath(inputfile)
+
+delempty(root)
checkconstraints(root,{},ipaddrset.complete_set())
if complaints>0:
- if complaints==1: print "There was 1 problem."
- else: print "There were %d problems."%(complaints)
+ if complaints==1: print("There was 1 problem.")
+ else: print("There were %d problems."%(complaints))
sys.exit(1)
if service: