Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / autotest / 4c154f092696c4f4facf709b0d3af9b8102d0f89 / . / server / site_linux_server.py
blob: d2fb371aa1e20940f17460ea6b202c9757dac42d [file] [log] [blame]
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]1# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import logging, re, time
6from autotest_lib.client.common_lib import error
Paul Stewart2ee7fdf2011-05-19 16:29:23 -0700[diff] [blame]7from autotest_lib.server import site_linux_system
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]8
Paul Stewart2ee7fdf2011-05-19 16:29:23 -0700[diff] [blame]9class LinuxServer(site_linux_system.LinuxSystem):
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]10 """
11 Linux Server: A machine which hosts network services.
12
13 """
14
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]15 def __init__(self, server, wifi_ip):
Paul Stewart2ee7fdf2011-05-19 16:29:23 -0700[diff] [blame]16 site_linux_system.LinuxSystem.__init__(self, server, {}, "server")
17
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]18 self.server = server # Server host.
19 self.vpn_kind = None
20 self.wifi_ip = wifi_ip
21 self.openvpn_config = {}
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]22
23 def vpn_server_config(self, params):
24 """ Configure & launch the server side of the VPN.
25
26 Parameters, in 'params':
27
28 kind : required
29
30 The kind of VPN which should be configured and
31 launched.
32
33 Valid values:
34
35 openvpn
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]36 l2tpipsec (StrongSwan PSK or certificates)
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]37
38 config: required
39
40 The configuration information associated with
41 the VPN server.
42
43 This is a dict which contains key/value pairs
44 representing the VPN's configuration.
45
46 The values stored in the 'config' param must all be
47 supported by the specified VPN kind.
48 """
49 self.vpn_server_kill({}) # Must be first. Relies on self.vpn_kind.
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]50 self.vpn_kind = params.get('kind', None)
51
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]52 # Launch specified VPN server.
53 if self.vpn_kind is None:
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]54 raise error.TestFail('No VPN kind specified for this test.')
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]55 elif self.vpn_kind == 'openvpn':
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]56 # Read config information & create server configuration file.
57 for k, v in params.get('config', {}).iteritems():
58 self.openvpn_config[k] = v
59 self.server.run("cat <<EOF >/tmp/vpn-server.conf\n%s\nEOF\n" %
60 ('\n'.join( "%s %s" % kv for kv in
61 self.openvpn_config.iteritems())))
62 self.server.run("/usr/sbin/openvpn "
63 "--config /tmp/vpn-server.conf &")
James Simonsen4c154f02011-05-26 15:50:00 -0700[diff] [blame^]64 elif self.vpn_kind in ('l2tpipsec-psk', 'l2tpipsec-cert'):
65 configs = {
66 "/etc/xl2tpd/xl2tpd.conf" :
67 "[global]\n"
68 "\n"
69 "[lns default]\n"
70 " ip range = 192.168.1.128-192.168.1.254\n"
71 " local ip = 192.168.1.99\n"
72 " require chap = yes\n"
73 " refuse pap = yes\n"
74 " require authentication = yes\n"
75 " name = LinuxVPNserver\n"
76 " ppp debug = yes\n"
77 " pppoptfile = /etc/ppp/options.xl2tpd\n"
78 " length bit = yes\n",
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]79
James Simonsen4c154f02011-05-26 15:50:00 -0700[diff] [blame^]80 "/etc/xl2tpd/l2tp-secrets" :
81 "* them l2tp-secret",
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]82
James Simonsen4c154f02011-05-26 15:50:00 -0700[diff] [blame^]83 "/etc/ppp/chap-secrets" :
84 "chapuser * chapsecret *",
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]85
James Simonsen4c154f02011-05-26 15:50:00 -0700[diff] [blame^]86 "/etc/ppp/options.xl2tpd" :
87 "ipcp-accept-local\n"
88 "ipcp-accept-remote\n"
89 "noccp\n"
90 "auth\n"
91 "crtscts\n"
92 "idle 1800\n"
93 "mtu 1410\n"
94 "mru 1410\n"
95 "nodefaultroute\n"
96 "debug\n"
97 "lock\n"
98 "proxyarp\n"
99 "connect-delay 5000\n"
100 }
101 config_choices = {
102 'l2tpipsec-psk': {
103 "/etc/ipsec.conf" :
104 "config setup\n"
105 " charonstart=no\n"
106 " plutostart=yes\n"
107 " plutodebug=%(@plutodebug@)s\n"
108 "conn L2TP\n"
109 " keyexchange=ikev1\n"
110 " authby=psk\n"
111 " pfs=no\n"
112 " rekey=no\n"
113 " left=%(@local-listen-ip@)s\n"
114 " leftprotoport=17/1701\n"
115 " right=%%any\n"
116 " rightprotoport=17/%%any\n"
117 " auto=add\n",
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]118
James Simonsen4c154f02011-05-26 15:50:00 -0700[diff] [blame^]119 "/etc/ipsec.secrets" :
120 "%(@ipsec-secrets@)s %%any : PSK \"password\"",
121 },
122 'l2tpipsec-cert': {
123 "/etc/ipsec.conf" :
124 "config setup\n"
125 " charonstart=no\n"
126 " plutostart=yes\n"
127 " plutodebug=%(@plutodebug@)s\n"
128 "conn L2TP\n"
129 " keyexchange=ikev1\n"
130 " left=%(@local-listen-ip@)s\n"
131 " leftcert=server.crt\n"
132 " leftid=\"C=US, ST=California, L=Mountain View, "
133 "CN=chromelab-wifi-testbed-server.mtv.google.com\"\n"
134 " leftprotoport=17/1701\n"
135 " right=%%any\n"
136 " rightca=\"C=US, ST=California, L=Mountain View, "
137 "CN=chromelab-wifi-testbed-root.mtv.google.com\"\n"
138 " rightprotoport=17/%%any\n"
139 " auto=add\n"
140 " pfs=no\n",
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]141
James Simonsen4c154f02011-05-26 15:50:00 -0700[diff] [blame^]142 "/etc/ipsec.secrets" : ": RSA server.key \"\"\n",
143 },
144 }
145 configs.update(config_choices[self.vpn_kind])
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]146
147 replacements = params.get("replacements", {})
148 # These two replacements must match up to the same
149 # adapter, or a connection will not be established.
150 replacements["@local-listen-ip@"] = "%defaultroute"
151 replacements["@ipsec-secrets@"] = self.server.ip
152
153 for cfg, template in configs.iteritems():
154 contents = template % (replacements)
155 self.server.run("cat <<EOF >%s\n%s\nEOF\n" % (cfg, contents))
156
157 self.server.run("/usr/sbin/ipsec start")
158
159 # Restart xl2tpd to ensure use of newly-created config files.
160 self.server.run("sh /etc/init.d/xl2tpd restart")
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]161 else:
162 raise error.TestFail('(internal error): No config case '
163 'for VPN kind (%s)' % self.vpn_kind)
164
165 def vpn_server_kill(self, params):
166 """ Kill the VPN server. """
167 if self.vpn_kind is not None:
168 if self.vpn_kind == 'openvpn':
169 self.server.run("pkill /usr/sbin/openvpn")
James Simonsen4c154f02011-05-26 15:50:00 -0700[diff] [blame^]170 elif self.vpn_kind in ('l2tpipsec-psk', 'l2tpipsec-cert'):
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]171 self.server.run("/usr/sbin/ipsec stop")
Taylor Hutt9963dc12011-03-08 09:52:23 -0800[diff] [blame]172 else:
173 raise error.TestFail('(internal error): No kill case '
174 'for VPN kind (%s)' % self.vpn_kind)
Taylor Hutt0084cba2011-04-08 06:45:57 -0700[diff] [blame]175 self.vpn_kind = None