diff options
author | kali <kali@leap.se> | 2012-08-30 05:37:44 +0900 |
---|---|---|
committer | kali <kali@leap.se> | 2012-08-30 05:37:44 +0900 |
commit | b79a08b84e52871b1e1254f65ff774a6f0857608 (patch) | |
tree | a1f8df63200b57093d532abca70abe3482044121 | |
parent | 5e77b77765154850fb708e6ea188fcf7ba99fdce (diff) |
move extra options from config template to cl opts
-rw-r--r-- | src/leap/eip/config.py | 44 | ||||
-rw-r--r-- | src/leap/eip/tests/test_config.py | 51 |
2 files changed, 75 insertions, 20 deletions
diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py index b6c38a77..a9de60b2 100644 --- a/src/leap/eip/config.py +++ b/src/leap/eip/config.py @@ -63,6 +63,7 @@ class EIPServiceConfig(baseconfig.JSONLeapConfig): slug = property(_get_slug, _set_slug) +# XXX deprecate by #447 def check_or_create_default_vpnconf(config): """ checks that a vpn config file @@ -162,6 +163,26 @@ def build_ovpn_options(daemon=False): opts = [] + opts.append('--mode') + opts.append('client') + + opts.append('--dev') + # XXX same in win? + opts.append('tun') + opts.append('--persist-tun') + opts.append('--persist-key') + + # remote + # XXX get remote from eip.json + opts.append('--remote') + opts.append('testprovider.example.org') + opts.append('1194') + opts.append('udp') + + opts.append('--tls-client') + opts.append('--remote-cert-tls') + opts.append('server') + # set user and group opts.append('--user') opts.append('%s' % user) @@ -179,6 +200,7 @@ def build_ovpn_options(daemon=False): ourplatform = platform.system() if ourplatform in ("Linux", "Mac"): opts.append('--management') + # XXX get a different sock each time ... opts.append('/tmp/.eip.sock') opts.append('unix') if ourplatform == "Windows": @@ -187,21 +209,13 @@ def build_ovpn_options(daemon=False): # XXX which is a good choice? opts.append('7777') - # remaining config options will go in a file - - # NOTE: we will build this file from - # the service definition file. - # XXX override from --with-openvpn-config - - opts.append('--config') - - default_provider_path = baseconfig.get_default_provider_path() - - # XXX get rid of config_file at all - ovpncnf = baseconfig.get_config_file( - 'openvpn.conf', - folder=default_provider_path) - opts.append(ovpncnf) + # certs + opts.append('--cert') + opts.append(eipspecs.client_cert_path()) + opts.append('--key') + opts.append(eipspecs.client_cert_path()) + opts.append('--ca') + opts.append(eipspecs.provider_ca_path()) # we cannot run in daemon mode # with the current subp setting. diff --git a/src/leap/eip/tests/test_config.py b/src/leap/eip/tests/test_config.py index 16219648..c3a8075e 100644 --- a/src/leap/eip/tests/test_config.py +++ b/src/leap/eip/tests/test_config.py @@ -48,6 +48,23 @@ class EIPConfigTest(BaseLeapTest): username = self.get_username() groupname = self.get_groupname() + args.append('--mode') + args.append('client') + args.append('--dev') + #does this have to be tap for win?? + args.append('tun') + args.append('--persist-tun') + args.append('--persist-key') + args.append('--remote') + args.append('testprovider.example.org') + # XXX get port!? + args.append('1194') + # XXX get proto + args.append('udp') + args.append('--tls-client') + args.append('--remote-cert-tls') + args.append('server') + args.append('--user') args.append(username) args.append('--group') @@ -55,16 +72,40 @@ class EIPConfigTest(BaseLeapTest): args.append('--management-client-user') args.append(username) args.append('--management-signal') - args.append('--management') + args.append('--management') #XXX hey! #get platform switches here! args.append('/tmp/.eip.sock') args.append('unix') - args.append('--config') - args.append(os.path.expanduser( - '~/.config/leap/providers/%s/openvpn.conf' - % constants.DEFAULT_TEST_PROVIDER)) + + # certs + # XXX get values from specs? + args.append('--cert') + args.append(os.path.join( + self.home, + '.config', 'leap', 'providers', + 'testprovider.example.org', + 'keys', 'client', + 'openvpn.pem')) + args.append('--key') + args.append(os.path.join( + self.home, + '.config', 'leap', 'providers', + 'testprovider.example.org', + 'keys', 'client', + 'openvpn.pem')) + args.append('--ca') + args.append(os.path.join( + self.home, + '.config', 'leap', 'providers', + 'testprovider.example.org', + 'keys', 'ca', + 'testprovider-ca-cert.pem')) + #args.append('--config') + #args.append(os.path.expanduser( + #'~/.config/leap/providers/%s/openvpn.conf' + #% constants.DEFAULT_TEST_PROVIDER)) return args # build command string |