- OM PARIKH
- Sophomore, Part-time blockchain Layer 2 scaling intern @ Matic
- Member @ Appwrite, contributed to 10+ OSS projects
- Github Stackoverflow Ethereum-StackExchange LinkedIn
- Implement ipsec add command to make it easier to add connections
- This requires experience with python3, bash, conf files and Makefile
ipsec add <args>is intended to generate config file from the arguments provided via CLI and hence making the software more user-friendly- After successful implementation, it should be able to parse all args which are part of config file as per docs, write them in a config file section-wise and include the generated file into main(default, ipsec.conf) config file.
- Read the General documentation and Developer documentation
- set up dev env on Linux machine
- Tried several client and server configurations using amazon EC2 for VPN
- Subscribed to mailing and joined IRC community
- Walked through the libreswan codebase and tried to understand architecture
- Studied the previous pull request and open issues, especially ones closely related to the task statement
- building the core scripts for CLI parsing and creating config file
- adding tests and steps for CI/CD pipeline
- writing extensive documentation
- from what i understand, all CLI commands scripts are place under programs/ folder
- Each subcommand has atleast 3 files in their subdirectory, .in file which deals with all parsing, XML file/s dealing with metadata and docs realated stuff and Makefile.
- I will use python for writing core logic and have studied the past PRs implementing the similiar functionality
- For parsing the arguments passed via CLI, i will use argparse and OS module.
- After parsing the relevant flags and validating the arguments, A dict with key as section name will have dict as object, having key value pairs parsed from args. For example,
so that, it will be easier to write .conf file and do the necessary testing.\{ "mytunnel" : { "leftid": "@west", "left": "192.1.2.23", "leftrsasigkey": "0sAwEAAb42X0gw....." "rightrsasigkey": "0sAwEAAesFfVZqFzRA9F..."," "authby": "rsasig", "auto": "add" } } - Make provision for default values if arguments are not provided
- For writing the .conf file from dict object, I think it would be better to make a new file such as
/etc/generated.confand include it intoipsec.conf. There are multiple choices available for writing the object as specificed ipsec format in docs, plain-text string formatting, ipsecparse if use of external libs are permitted and ConfigParse's write method (will require some research to modify default writing format). - Expeceted time : 70 hours (+/- 10 hours) for a beta working version, before first evalutation
- As this utility is aimed at users not wanting to write .conf, i will provide very clear documentation with examples, defaults values, and advance usage (incase somebody wants to modify the behaviour)
- It will include modifications under docs/ and adding XML file
- Expected time: 35 hours (+/- 5 hours)
- This will go under programs/testing (and maybe some more directories which i am unaware of currently)
- I will get more familiar with how testing works in libreswan and add the required test cases including empty input test, proper error ouptupt, edge cases covering, etc.
- After finishing writing tests, make necessary changes to docker environment if needed and include it in the CI pipeline
- Expected time: 40 hours (+/- 7 hours)
- Get more familiar with CI and testing guidelines
- Discuss about the default values of the arguments if not passed and other implementation specific details
- Get more comfortable with codebase and differnt entry points of execution
- I will be able to devote 45+ hours a week at minimum
- After finishing primary task, i can work pending issues with elliptic-curve encyption, arch linux and debian packaging, more test coverage, etc.
- It would be also good to add
ipsec remove <args>command