<div dir="ltr">Ooops, don't commit this, there's a few mistakes here and there :(<br><br><br><br><div class="gmail_quote">On Tue, Aug 26, 2008 at 3:07 PM, Raphael Pinson <span dir="ltr"><<a href="mailto:raphink@gmail.com">raphink@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"># HG changeset patch<br>
# User Raphael Pinson <<a href="mailto:raphink@gmail.com">raphink@gmail.com</a>><br>
# Date 1219756015 -7200<br>
# Node ID dce2521115ff34ad35f06a60c3234dffc6b7be77<br>
# Parent f58164c15e84bb9ec1e6b7b4132be6e56c8cd001<br>
Add OpenVPN lens and associated test<br>
<br>
diff -r f58164c15e84 -r dce2521115ff lenses/openvpn.aug<br>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000<br>
+++ b/lenses/openvpn.aug Tue Aug 26 15:06:55 2008 +0200<br>
@@ -0,0 +1,184 @@<br>
+(* Parsing /etc/openvpn/openvpn.conf *)<br>
+<br>
+module OpenVPN =<br>
+autoload xfm<br>
+<br>
+let sep = Util.del_ws_spc<br>
+let sep_dquote = Util.del_str "\""<br>
+let eol = Util.eol<br>
+let indent = Util.indent<br>
+<br>
+let ip_re = /[0-9\.]+/<br>
+let num_re = /[0-9]+/<br>
+let fn_re = /[^#; \t\n][^#;\n]*[^#; \t\n]|[^#; \t\n]/<br>
+let an_re = /[a-z][a-z0-9_-]*/<br>
+<br>
+let ip = store ip_re<br>
+let num = store num_re<br>
+let filename = store fn_re<br>
+<br>
+let sto_to_dquote = store /[^"\n]+/<br>
+<br>
+let comment = [ indent . label "#comment"<br>
+ . del /[;#][ \t]*/ "# "<br>
+ . store /([^ \t\n].*[^ \t\n]|[^ \t\n])/<br>
+ . eol ]<br>
+<br>
+let empty = Util.empty<br>
+<br>
+<br>
+(* Single values<br>
+ - local => IP<br>
+ - port => num<br>
+ - proto => tcp|udp<br>
+ - dev => (tun|tap)\d*<br>
+ - dev-node => MyTap<br>
+ - ca => filename<br>
+ - cert => filename<br>
+ - key => filename<br>
+ - dh => filename<br>
+ - ifconfig-pool-persist => filename<br>
+ - learn-address => filename<br>
+ - cipher => [A-Z0-9-]+<br>
+ - max-clients => num<br>
+ - user => alphanum<br>
+ - group => alphanum<br>
+ - status => filename<br>
+ - log => filename<br>
+ - log-append => filename<br>
+ - verb => num<br>
+ - mute => num<br>
+ - ns-cert-type => "server"<br>
+ - resolv-retry => "infinite"<br>
+*)<br>
+let single_ip = "local"<br>
+let single_num = "port"<br>
+ | "max-clients"<br>
+ | "verb"<br>
+ | "mute"<br>
+let single_fn = "ca"<br>
+ | "cert"<br>
+ | "key"<br>
+ | "dh"<br>
+ | "ifconfig-pool-persist"<br>
+ | "learn-address"<br>
+ | "status"<br>
+ | "log"<br>
+ | "log-append"<br>
+let single_an = "user"<br>
+ | "group"<br>
+<br>
+<br>
+let single_entry (kw:regexp) (re:regexp)<br>
+ = [ key kw . sep . store re . (eol|comment) ]<br>
+<br>
+let single = single_entry single_num num_re<br>
+ | single_entry single_fn fn_re<br>
+ | single_entry single_an an_re<br>
+ | single_entry "local" ip_re<br>
+ | single_entry "proto" /(tcp|udp)/<br>
+ | single_entry "dev" /(tun|tap)[0-9]*/<br>
+ | single_entry "dev-node" "MyTap"<br>
+ | single_entry "cipher" /[A-Z][A-Z0-9-]*/<br>
+ | single_entry "ns-cert-type" "server"<br>
+ | single_entry "resolv-retry" "infinite"<br>
+<br>
+(* Flags<br>
+ - client-to-client<br>
+ - duplicate-cn<br>
+ - comp-lzo<br>
+ - persist-key<br>
+ - persist-tun<br>
+ - client<br>
+ - remote-random<br>
+ - nobind<br>
+ - mute-replay-warnings<br>
+ - http-proxy-retry<br>
+*)<br>
+<br>
+let flag_words = "client-to-client"<br>
+ | "duplicate-cn"<br>
+ | "comp-lzo"<br>
+ | "persist-key"<br>
+ | "persist-tun"<br>
+ | "client"<br>
+ | "remote-random"<br>
+ | "nobind"<br>
+ | "mute-replay-warnings"<br>
+ | "http-proxy-retry"<br>
+<br>
+let flag_entry (kw:regexp)<br>
+ = [ key kw . (eol|comment) ]<br>
+<br>
+let flag = flag_entry flag_words<br>
+<br>
+<br>
+(* Others<br>
+ - server => IP IP<br>
+ - server-bridge => IP IP IP IP<br>
+ - push => "string"<br>
+ - keepalive => num num<br>
+ - tls-auth => filename [01]<br>
+ - remote => hostname/IP num<br>
+*)<br>
+<br>
+let server = [ key "server" . sep<br>
+ . [ label "address" . ip ] . sep<br>
+ . [ label "netmask" . ip ] . (eol|comment)<br>
+ ]<br>
+<br>
+let server_bridge = [ key "server-bridge" . sep<br>
+ . [ label "address" . ip ] . sep<br>
+ . [ label "netmask" . ip ] . sep<br>
+ . [ label "start" . ip ] . sep<br>
+ . [ label "end" . ip ] . (eol|comment)<br>
+ ]<br>
+<br>
+let push = [ key "push" . sep<br>
+ . sep_dquote<br>
+ . sto_to_dquote<br>
+ . sep_dquote<br>
+ . (eol|comment)<br>
+ ]<br>
+<br>
+let keepalive = [ key "keepalive" . sep<br>
+ . [ label "ping" . num ] . sep<br>
+ . [ label "timeout" . num ] . (eol|comment)<br>
+ ]<br>
+<br>
+let tls_auth = [ key "tls-auth" . sep<br>
+ . [ label "key" . filename ] . sep<br>
+ . [ label "is_client" . store /[01]/ ] . (eol|comment)<br>
+ ]<br>
+<br>
+let remote = [ key "remote" . sep<br>
+ . [ label "server" . filename ] . sep<br>
+ . [ label "port" . num ] . (eol|comment)<br>
+ ]<br>
+<br>
+let http_proxy = [ key "http-proxy" .<br>
+ ( sep . [ label "server" . store /[A-Za-z0-9\._-]+/ ] .<br>
+ ( sep . [ label "port" . num ] )? )?<br>
+ . (eol|comment)<br>
+ ]<br>
+<br>
+let other = server<br>
+ | server_bridge<br>
+ | push<br>
+ | keepalive<br>
+ | tls_auth<br>
+ | remote<br>
+ | http_proxy<br>
+<br>
+<br>
+(* Define lens *)<br>
+<br>
+let lns = (comment|empty|single|flag|other)*<br>
+<br>
+let xfm = transform lns (incl "/etc/openvpn/openvpn.conf")<br>
+<br>
+(* Local Variables: *)<br>
+(* mode: caml *)<br>
+(* End: *)<br>
+<br>
+<br>
diff -r f58164c15e84 -r dce2521115ff lenses/tests/test_openvpn.aug<br>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000<br>
+++ b/lenses/tests/test_openvpn.aug Tue Aug 26 15:06:55 2008 +0200<br>
@@ -0,0 +1,143 @@<br>
+<br>
+module Test_OpenVPN =<br>
+<br>
+let server_conf = "<br>
+local <a href="http://10.0.5.20" target="_blank">10.0.5.20</a><br>
+port 1194<br>
+# TCP or UDP server?<br>
+proto udp<br>
+;dev tap<br>
+dev tun<br>
+<br>
+dev-node MyTap<br>
+ca ca.crt<br>
+cert server.crt<br>
+key server.key # This file should be kept secret<br>
+<br>
+# Diffie hellman parameters.<br>
+dh dh1024.pem<br>
+<br>
+server <a href="http://10.8.0.0" target="_blank">10.8.0.0</a> <a href="http://255.255.255.0" target="_blank">255.255.255.0</a><br>
+ifconfig-pool-persist ipp.txt<br>
+<br>
+server-bridge <a href="http://10.8.0.4" target="_blank">10.8.0.4</a> <a href="http://255.255.255.0" target="_blank">255.255.255.0</a> <a href="http://10.8.0.50" target="_blank">10.8.0.50</a> <a href="http://10.8.0.100" target="_blank">10.8.0.100</a><br>
+push \"route <a href="http://192.168.10.0" target="_blank">192.168.10.0</a> <a href="http://255.255.255.0" target="_blank">255.255.255.0</a>\"<br>
+learn-address ./script<br>
+push \"redirect-gateway\"<br>
+push \"dhcp-option DNS <a href="http://10.8.0.1" target="_blank">10.8.0.1</a>\"<br>
+push \"dhcp-option WINS <a href="http://10.8.0.1" target="_blank">10.8.0.1</a>\"<br>
+client-to-client<br>
+duplicate-cn<br>
+keepalive 10 120<br>
+tls-auth ta.key 0 # This file is secret<br>
+cipher BF-CBC # Blowfish (default)<br>
+;cipher AES-128-CBC # AES<br>
+;cipher DES-EDE3-CBC # Triple-DES<br>
+comp-lzo<br>
+max-clients 100<br>
+user nobody<br>
+group nobody<br>
+persist-key<br>
+persist-tun<br>
+status openvpn-status.log<br>
+log openvpn.log<br>
+log-append openvpn.log<br>
+verb 3<br>
+mute 20<br>
+"<br>
+<br>
+test OpenVPN.lns get server_conf =<br>
+ {}<br>
+ { "local" = "<a href="http://10.0.5.20" target="_blank">10.0.5.20</a>" }<br>
+ { "port" = "1194" }<br>
+ { "#comment" = "TCP or UDP server?" }<br>
+ { "proto" = "udp" }<br>
+ { "#comment" = "dev tap" }<br>
+ { "dev" = "tun" }<br>
+ {}<br>
+ { "dev-node" = "MyTap" }<br>
+ { "ca" = "ca.crt" }<br>
+ { "cert" = "server.crt" }<br>
+ { "key" = "server.key"<br>
+ { "#comment" = "This file should be kept secret" } }<br>
+ {}<br>
+ { "#comment" = "Diffie hellman parameters." }<br>
+ { "dh" = "dh1024.pem" }<br>
+ {}<br>
+ { "server"<br>
+ { "address" = "<a href="http://10.8.0.0" target="_blank">10.8.0.0</a>" }<br>
+ { "netmask" = "<a href="http://255.255.255.0" target="_blank">255.255.255.0</a>" } }<br>
+ { "ifconfig-pool-persist" = "ipp.txt" }<br>
+ {}<br>
+ { "server-bridge"<br>
+ { "address" = "<a href="http://10.8.0.4" target="_blank">10.8.0.4</a>" }<br>
+ { "netmask" = "<a href="http://255.255.255.0" target="_blank">255.255.255.0</a>" }<br>
+ { "start" = "<a href="http://10.8.0.50" target="_blank">10.8.0.50</a>" }<br>
+ { "end" = "<a href="http://10.8.0.100" target="_blank">10.8.0.100</a>" } }<br>
+ { "push" = "route <a href="http://192.168.10.0" target="_blank">192.168.10.0</a> <a href="http://255.255.255.0" target="_blank">255.255.255.0</a>" }<br>
+ { "learn-address" = "./script" }<br>
+ { "push" = "redirect-gateway" }<br>
+ { "push" = "dhcp-option DNS <a href="http://10.8.0.1" target="_blank">10.8.0.1</a>" }<br>
+ { "push" = "dhcp-option WINS <a href="http://10.8.0.1" target="_blank">10.8.0.1</a>" }<br>
+ { "client-to-client" }<br>
+ { "duplicate-cn" }<br>
+ { "keepalive"<br>
+ { "ping" = "10" }<br>
+ { "timeout" = "120" } }<br>
+ { "tls-auth"<br>
+ { "key" = "ta.key" }<br>
+ { "is_client" = "0" }<br>
+ { "#comment" = "This file is secret" } }<br>
+ { "cipher" = "BF-CBC"<br>
+ { "#comment" = "Blowfish (default)" } }<br>
+ { "#comment" = "cipher AES-128-CBC # AES" }<br>
+ { "#comment" = "cipher DES-EDE3-CBC # Triple-DES" }<br>
+ { "comp-lzo" }<br>
+ { "max-clients" = "100" }<br>
+ { "user" = "nobody" }<br>
+ { "group" = "nobody" }<br>
+ { "persist-key" }<br>
+ { "persist-tun" }<br>
+ { "status" = "openvpn-status.log" }<br>
+ { "log" = "openvpn.log" }<br>
+ { "log-append" = "openvpn.log" }<br>
+ { "verb" = "3" }<br>
+ { "mute" = "20" }<br>
+<br>
+<br>
+<br>
+let client_conf = "<br>
+client<br>
+remote my-server-1 1194<br>
+;remote my-server-2 1194<br>
+remote-random<br>
+resolv-retry infinite<br>
+nobind<br>
+http-proxy-retry # retry on connection failures<br>
+http-proxy mytest 1024<br>
+http-proxy mytest2<br>
+http-proxy<br>
+mute-replay-warnings<br>
+ns-cert-type server<br>
+"<br>
+<br>
+test OpenVPN.lns get client_conf =<br>
+ {}<br>
+ { "client" }<br>
+ { "remote"<br>
+ { "server" = "my-server-1" }<br>
+ { "port" = "1194" } }<br>
+ { "#comment" = "remote my-server-2 1194" }<br>
+ { "remote-random" }<br>
+ { "resolv-retry" = "infinite" }<br>
+ { "nobind" }<br>
+ { "http-proxy-retry"<br>
+ { "#comment" = "retry on connection failures" } }<br>
+ { "http-proxy"<br>
+ { "server" = "mytest" }<br>
+ { "port" = "1024" } }<br>
+ { "http-proxy"<br>
+ { "server" = "mytest2" } }<br>
+ { "http-proxy" }<br>
+ { "mute-replay-warnings" }<br>
+ { "ns-cert-type" = "server" }<br>
<br>
_______________________________________________<br>
augeas-devel mailing list<br>
<a href="mailto:augeas-devel@redhat.com">augeas-devel@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/augeas-devel" target="_blank">https://www.redhat.com/mailman/listinfo/augeas-devel</a><br>
</blockquote></div><br></div>