From 0c15f2abae7bddbf3311d83aca33aca1aa5761c8 Mon Sep 17 00:00:00 2001 From: "kali kaneko (leap communications)" Date: Mon, 27 Jan 2020 17:32:43 -0600 Subject: add auth to eip-service --- Makefile | 10 ++++++++-- config/demo.yaml | 2 ++ scripts/simplevpn.py | 15 +++++++++++++-- scripts/templates/eip-service.json.jinja | 1 + 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 1481a5a..35877d5 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,9 @@ +CONFIG=config/demo.yaml +EIP_TEMPLATE=scripts/templates/eip-service.json.jinja +EIP_SERVICE=deploy/public/3/eip-service.json +PROVIDER_TEMPLATE=scripts/templates/provider.json.jinja +PROVIDER=deploy/public/provider.json + build: go build cmd/vpnweb/vpnweb.go demo-sip: @@ -11,8 +17,8 @@ gen-shapeshifter: scripts/gen-shapeshifter-state.py deploy/shapeshifter-state gen-provider: mkdir -p deploy/public/3 - python3 scripts/simplevpn.py --file=eip --config=config/demo.yaml --template=scripts/templates/eip-service.json.jinja --obfs4_state deploy/shapeshifter-state > deploy/public/3/eip-service.json - python3 scripts/simplevpn.py --file=provider --config=config/demo.yaml --template=scripts/templates/provider.json.jinja > deploy/public/provider.json + @python3 scripts/simplevpn.py --file=eip --config=$(CONFIG) --template=$(EIP_TEMPLATE) --obfs4_state deploy/shapeshifter-state > $(EIP_SERVICE) || echo "ERROR: see $(EIP_SERVICE) for output" + @python3 scripts/simplevpn.py --file=provider --config=$(CONFIG) --template=$(PROVIDER_TEMPLATE) > $(PROVIDER) || echo "ERROR: see $(PROVIDER) for output" populate: cp test/1/* public/1/ cp test/files/ca.crt public/ diff --git a/config/demo.yaml b/config/demo.yaml index 91d0430..92b68ba 100644 --- a/config/demo.yaml +++ b/config/demo.yaml @@ -1,3 +1,5 @@ +auth: sip + openvpn: - auth: SHA1 diff --git a/scripts/simplevpn.py b/scripts/simplevpn.py index 02f4cb1..94adb36 100755 --- a/scripts/simplevpn.py +++ b/scripts/simplevpn.py @@ -1,11 +1,13 @@ #!/usr/bin/env python3 import argparse -import os +import os, sys import yaml from jinja2 import Template +AUTH_METHODS = ["anon", "sip"] + class EIPConfig: def __init__(self): @@ -13,6 +15,7 @@ class EIPConfig: self.locations = dict() self.gateways = dict() self.provider = dict() + self.auth = "" def parseConfig(provider_config): @@ -20,6 +23,7 @@ def parseConfig(provider_config): config = yaml.load(conf.read()) eip = EIPConfig() eip.openvpn.update(yamlListToDict(config['openvpn'])) + configureAuth(eip, config) for loc in config['locations']: eip.locations.update(yamlIdListToDict(loc)) @@ -28,6 +32,12 @@ def parseConfig(provider_config): eip.provider.update(yamlListToDict(config['provider'])) return eip +def configureAuth(eip, config): + auth = config.get('auth', 'anon') + if auth not in AUTH_METHODS: + print("ERROR: unknown auth method", auth) + sys.exit(1) + eip.auth = auth def yamlListToDict(values): vals = {} @@ -77,7 +87,8 @@ def produceEipConfig(config, obfs4_state, template): print(t.render( locations=config.locations, gateways=config.gateways, - openvpn=dictToStr(config.openvpn))) + openvpn=dictToStr(config.openvpn), + auth=config.auth)) def produceProviderConfig(config, template): diff --git a/scripts/templates/eip-service.json.jinja b/scripts/templates/eip-service.json.jinja index 189a422..5d55168 100644 --- a/scripts/templates/eip-service.json.jinja +++ b/scripts/templates/eip-service.json.jinja @@ -28,5 +28,6 @@ } }{{ "," if not loop.last }}{% endfor %} ], + "auth": "{{ auth }}", "openvpn_configuration": {{ openvpn|tojson(indent=8) }} } -- cgit v1.2.3