[strongSwan] VICI python egg

Noel Kuntze noel at familie-kuntze.de
Tue Apr 14 19:44:36 CEST 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

I am quite new to python and want to use the python egg to do some stuff via vici.
Is this behaviour wanted?

┌─[root][vms][~/vici-python-stuff]
└──╼ python2
Python 2.7.9 (default, Dec 11 2014, 04:42:00)
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import collections.vici
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ImportError: No module named vici
>>> import collections, vici                                                                                                                                                                
>>> strongswan=vici.Session()
>>> foo=collections.OrderedDict(strongswan.list_sas())
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/collections.py", line 52, in __init__
    self.__update(*args, **kwds)
  File "/usr/lib/python2.7/_abcoll.py", line 566, in update
    for key, value in other:
ValueError: need more than 1 value to unpack
>>> bar=strongswan.list_sas()
>>> bar.next()
Exception vici.exception.SessionException: SessionException("Unexpected response type 5, expected '1' (CMD_RESPONSE)",) in <generator object streamed_request at 0x7ff42f05ab40> ignored
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "vici/session.py", line 277, in streamed_request
    confirm=Packet.EVENT_CONFIRM,
vici.exception.SessionException: Unexpected response type 1, expected '5' (EVENT_CONFIRM)
>>> bar.next()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
StopIteration
>>>

The vici python egg is from the 5.3.0 release. I expected the following code to work:


>>> bar=strongswan.list_sas()
>>> bar.next()
Exception vici.exception.SessionException: SessionException("Unexpected response type 5, expected '1' (CMD_RESPONSE)",) in <generator object streamed_request at 0x7ff42f05ab40> ignored
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "vici/session.py", line 277, in streamed_request
    confirm=Packet.EVENT_CONFIRM,
vici.exception.SessionException: Unexpected response type 1, expected '5' (EVENT_CONFIRM)

It works, if I use the following code:

┌─[root][vms][~/vici-python-stuff]
└──╼ python2
Python 2.7.9 (default, Dec 11 2014, 04:42:00)
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import collections,vici
>>> strongswan=vici.Session()
>>> foo=strongswan.list_sas()
>>> foo.next()
OrderedDict([(u'vserver', OrderedDict([(u'uniqueid', '257'), (u'version', '2'), (u'state', 'ESTABLISHED'), (u'local-host', '192.168.178.48'), (u'local-id', 'home.thermi.strangled.net'), (u'remote-host', '37.120.161.220'), (u'remote-id', 'thermi.strangled.net'), (u'initiator-spi', 'bf53f83cc4fb98a5'), (u'responder-spi', '5a62be38d553f927'), (u'encr-alg', 'AES_GCM_16'), (u'encr-keysize', '256'), (u'prf-alg', 'PRF_HMAC_SHA2_256'), (u'dh-group', 'MODP_4096'), (u'established', '2070'), (u'rekey-time', '1371'), (u'child-sas', OrderedDict([(u'vserver', OrderedDict([(u'reqid', '3'), (u'state', 'INSTALLED'), (u'mode', 'TUNNEL'), (u'protocol', 'ESP'), (u'encap', 'yes'), (u'spi-in', 'c6cb18f8'), (u'spi-out', 'c1675275'), (u'cpi-in', '9a4d'), (u'cpi-out', 'e47b'), (u'encr-alg', 'AES_CBC'), (u'encr-keysize', '256'), (u'integ-alg', 'AES_XCBC_96'), (u'dh-group', 'MODP_4096'), (u'esn', '1'), (u'bytes-in', '537934883'), (u'packets-in', '437150'), (u'use-in', '0'), (u'bytes-out', '9908017'),
(u'packets-out', '172222'), (u'use-out', '0'), (u'rekey-time', '1023'), (u'life-time', '1349'), (u'install-time', '631'), (u'local-ts', ['192.168.178.0/24', '172.16.20.0/24']), (u'remote-ts', ['0.0.0.0/0'])]))]))]))])
>>> foo.next()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
StopIteration
>>> foo2=strongswan.list_sas()
>>> foo2.next()
OrderedDict([(u'vserver', OrderedDict([(u'uniqueid', '257'), (u'version', '2'), (u'state', 'ESTABLISHED'), (u'local-host', '192.168.178.48'), (u'local-id', 'home.thermi.strangled.net'), (u'remote-host', '37.120.161.220'), (u'remote-id', 'thermi.strangled.net'), (u'initiator-spi', 'bf53f83cc4fb98a5'), (u'responder-spi', '5a62be38d553f927'), (u'encr-alg', 'AES_GCM_16'), (u'encr-keysize', '256'), (u'prf-alg', 'PRF_HMAC_SHA2_256'), (u'dh-group', 'MODP_4096'), (u'established', '2251'), (u'rekey-time', '1190'), (u'child-sas', OrderedDict([(u'vserver', OrderedDict([(u'reqid', '3'), (u'state', 'INSTALLED'), (u'mode', 'TUNNEL'), (u'protocol', 'ESP'), (u'encap', 'yes'), (u'spi-in', 'c6cb18f8'), (u'spi-out', 'c1675275'), (u'cpi-in', '9a4d'), (u'cpi-out', 'e47b'), (u'encr-alg', 'AES_CBC'), (u'encr-keysize', '256'), (u'integ-alg', 'AES_XCBC_96'), (u'dh-group', 'MODP_4096'), (u'esn', '1'), (u'bytes-in', '653850533'), (u'packets-in', '531620'), (u'use-in', '0'), (u'bytes-out', '12077353'),
(u'packets-out', '209530'), (u'use-out', '0'), (u'rekey-time', '842'), (u'life-time', '1168'), (u'install-time', '812'), (u'local-ts', ['192.168.178.0/24', '172.16.20.0/24']), (u'remote-ts', ['0.0.0.0/0'])]))]))]))])
>>>


I think that the "wrong" code in the first part should behave similiar to the "correct" code here at the bottom.


- -- 

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVLVICAAoJEDg5KY9j7GZYS60P/3mvAhbWxC9h3P81S3yLoXU7
8rBoE22mniFbVznX9dlmUsBxKyRq98Nej4/MNbFuBgGzqYbhrUDk901MDzFjG0KO
zWZwu4cxgo9BgdefIRxYfO3frmLWzczIQFt+wFXFrqiuVyReyRcu2Rntjsxv/1AC
HTXqSIkkhEGjE2rDsLVyrzutT88JR8H5AFlLXaPf03y5VXE4JUr/StMOY90mp+a+
Kzzmgq9u5yDNDbRZgZjr0nmyI/MoQerMtAJr7vsbU++Ll0yvetvrJ8tDMQ3U/E2U
D6Qy6nEu80OGvzUu/bgdHcIwo7Su4zxH27tSQG1sIeZimcvVu2TQcUugoeugI1pI
dYNf5J3PxP24p2Gg+t2DC2146uw0f1zeCFFPJnUTb4CRdOmmOGBodiKLyVGgJnW5
AJDboiMCi7bbpyJz+H6oqPdF3dr7IrM9mn4Xb6HbkjUSSldbNToC357DmEQywVmx
6KlqdfY/xCnHKAMyawnzsCzRz/BB4hFA7iGTrm1hN9fsAryY7pWBZAA7ULEqNDd9
cGPVZAff6uXL7WLEWEhqFcANWaMCu+uJ+XRjG547lYEg7ZyvbrTV7WTyAmn/o3Na
HMshCcsPdGMrqRRHDOLL8z4XkyX6H9xzvyqRFM+PUeRA/pn+i4MnQpc8MLMp+4tu
0/gjFwsDUuKxx2w091EM
=aGPy
-----END PGP SIGNATURE-----

More information about the Users mailing list