From a30f9aa576ca7291236a9715c55a7cffcc31e1af Mon Sep 17 00:00:00 2001 From: "gasperfele@fri1.uni-lj.si" Date: Tue, 3 Feb 2015 13:20:46 +0000 Subject: Started work on gen_params and prepare_disks git-svn-id: https://svn.lusy.fri.uni-lj.si/kpov-public-svn/kpov-public@263 5cf9fbd1-b2bc-434c-b4b7-e852f4f63414 --- kpov_judge/tasks/openvpn_simple_smb/task.py | 46 +++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 13 deletions(-) (limited to 'kpov_judge/tasks') diff --git a/kpov_judge/tasks/openvpn_simple_smb/task.py b/kpov_judge/tasks/openvpn_simple_smb/task.py index efec2e3..d57804c 100644 --- a/kpov_judge/tasks/openvpn_simple_smb/task.py +++ b/kpov_judge/tasks/openvpn_simple_smb/task.py @@ -8,9 +8,12 @@ instructions = { Postavi tri navidezne racunalnike - SimpleArbiter z diska SimpleArbiterVPN ter VPNClient1 in VPNClient2, ki jima nastavite pravilne mrežne nastavitve (medsebojna povezava in povezava na splet). Na vse racunalnike namestite OpenVPN in program za nadzor nad virtualnimi napravami (s katerim kreirate napravo tap). -Strežnik SimpleArbiterVPN naj generira skupno skrivnost (*.key), katero shranite v imenik /vpn in jo na VPNCLient uporabite -skupaj z konfiguracijsko datoteko za OpenVPN povezavo. Nato poskrbite, da bo VPNClient na navideznem omrežju prek NFS omogočil -dostop do imenika /home/test/DIRNAME, pri čemer DIRNAME preberite na SimpleArbiter. + +Na strežniku SimpleArbiterVPN že teče VPN strežnik, ki uporablja skrivnost, ki jo najdete tudi na VPNClient1. +Na VPNClient1 vzpostavite VPN tako, da napišete primerno konf. datoteko. + +Nato poskrbite, da bo VPNClient1 na navideznem omrežju prek NFS omogočil +dostop do imenika /home/tester/DIRNAME, pri čemer DIRNAME preberite na SimpleArbiter. V ta imenik skopirajte datoteke, ki so prek SMB dostopne na SimpleArbiter. """, 'en':u""" @@ -99,9 +102,11 @@ networks = { #Tukaj sem generiral tri parametre, prosil bi če se upoštevajo pri Tasku. params_meta = { 'IP_SimpleArbiterVPN': {'descriptions':{'si':'IP za SimpleArbiter'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, + 'IP_VPNArbiter': {'descriptions':{'si':'IP za SimpleArbiter na VPN'}, 'w': False, 'public': False, 'type': 'IP', 'generated': True}, 'IP_VPNClient1': {'descriptions':{'si':'IP za 1. klienta'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, 'IP_VPNClient2': {'descriptions':{'si':'IP za 2. klienta'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, 'DIRNAME': {'descriptions':{'si':'Imenik, dostopen prek NFS'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, + 'secret_random_seed': {'descriptions':{'si':'Seme za skrivnost'}, 'w': False, 'public': False, 'type': None, 'generated': True}, } @@ -259,14 +264,14 @@ def gen_params(user_id, params_meta): #Tukaj sem generiral te tri parametre (ime skupne skrivnosti je heidi ) #(ime imenika kjer naj bo shranjena skupna skrivnost naj bo openvpn) #(HASH bo naključno generiran niz iz user_id s katerim se bo preverjalo plagiatorstvo) - params['IME_KLJUCA']="heidi.key" - params['IME_IMENIKA']="openvpn" - hash="" - alpha=["1","2","3","4","5","6","7","8","9","0"] - rnd = random.Random(alpha) - for x in id: - hash+=chr(int(x)+80)+rnd - params['HASH']=hash + import random + r = Random.random(user_id) + net = kpov_random_helpers.IPv4_subnet_gen(r, '10.168.0.0', 24) + params['IP_VPNClient1'], params['IP_VPNClient2'], params['IP_VPNArbiter'] = kpov_random_helpers.IPv4_addr_gen(r, net, 3) + params['DIRNAME'] = kpov_random_helpers.fname_gen(r, extension=False) + 'IP_VPNClient1': {'descriptions':{'si':'IP za 1. klienta'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, + 'IP_VPNClient2': {'descriptions':{'si':'IP za 2. klienta'}, 'w': False, 'public': True, 'type': 'IP', 'generated': True}, + params['secret_random_seed']=str(r.random()) return params @@ -302,6 +307,21 @@ def prepare_disks(templates, params): #guestmount -a d -m /dev/VG/LV -m /dev/sda1:/boot --ro /mnt #asistent je pocasnela :) - - pass + r = random.Random(params['secret_random_seed']) + s = "\n".[ + "".join([r.choice("0123456789abcdef") for i in xrange(16)]) + for i in xrange(16)] + s = """-----BEGIN OpenVPN Static Key V1----- +{} +-----END OpenVPN Static Key V1----- +""" + keyfile = kpov_random_helpers.fname_gen(r, extension=False) + ".key" + templates['SimpleArbiterVPN'].write("/etc/openvpn/secret.key", s) + netaddr_s = """auto tap0 +iface tap0 inet static + address {} + netmask 255.255.255.0 +""".format(params['IP_VPNArbiter']) + templates['SimpleArbiterVPN'].write_a("/etc/network/interfaces", netaddr_s) + templates['VPNClient1'].write("/home/tester/" + keyfile, s) -- cgit v1.2.1