/mandos/trunk

#!/usr/bin/python

# -*- mode: python; coding: utf-8; after-save-hook: (lambda () (let ((command (if (and (boundp 'tramp-file-name-structure) (string-match (car tramp-file-name-structure) (buffer-file-name))) (tramp-file-name-localname (tramp-dissect-file-name (buffer-file-name))) (buffer-file-name)))) (if (= (shell-command (format "%s --check" (shell-quote-argument command)) "*Test*") 0) (let ((w (get-buffer-window "*Test*"))) (if w (delete-window w)) (kill-buffer "*Test*")) (display-buffer "*Test*")))); -*-

#

# Mandos Monitor - Control and monitor the Mandos server

#

# Copyright © 2008-2019 Teddy Hogeborn

# Copyright © 2008-2019 Björn Påhlsson

#

# This file is part of Mandos.

#

# Mandos is free software: you can redistribute it and/or modify it

# under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

#     Mandos is distributed in the hope that it will be useful, but

#     WITHOUT ANY WARRANTY; without even the implied warranty of

#     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

#     GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with Mandos.  If not, see <http://www.gnu.org/licenses/>.

#

# Contact the authors at <mandos@recompile.se>.

#

from __future__ import (division, absolute_import, print_function,

                        unicode_literals)

try:

    from future_builtins import *

except ImportError:

    pass

import sys

import argparse

import locale

import datetime

import re

import os

import collections

import json

import unittest

import logging

import io

import tempfile

import contextlib

import dbus

# Show warnings by default

if not sys.warnoptions:

    import warnings

    warnings.simplefilter("default")

log = logging.getLogger(sys.argv[0])

logging.basicConfig(level="INFO", # Show info level messages

                    format="%(message)s") # Show basic log messages

logging.captureWarnings(True)   # Show warnings via the logging system

if sys.version_info.major == 2:

    str = unicode

locale.setlocale(locale.LC_ALL, "")

dbus_busname_domain = "se.recompile"

dbus_busname = dbus_busname_domain + ".Mandos"

server_dbus_path = "/"

server_dbus_interface = dbus_busname_domain + ".Mandos"

client_dbus_interface = dbus_busname_domain + ".Mandos.Client"

del dbus_busname_domain

version = "1.8.3"

try:

    dbus.OBJECT_MANAGER_IFACE

except AttributeError:

    dbus.OBJECT_MANAGER_IFACE = "org.freedesktop.DBus.ObjectManager"

def main():

    parser = argparse.ArgumentParser()

    add_command_line_options(parser)

    options = parser.parse_args()

    check_option_syntax(parser, options)

    clientnames = options.client

    if options.debug:

        log.setLevel(logging.DEBUG)

    try:

        bus = dbus.SystemBus()

        log.debug("D-Bus: Connect to: (busname=%r, path=%r)",

                  dbus_busname, server_dbus_path)

        mandos_dbus_objc = bus.get_object(dbus_busname,

                                          server_dbus_path)

    except dbus.exceptions.DBusException:

        log.critical("Could not connect to Mandos server")

        sys.exit(1)

    mandos_serv = dbus.Interface(mandos_dbus_objc,

                                 dbus_interface=server_dbus_interface)

    mandos_serv_object_manager = dbus.Interface(

        mandos_dbus_objc, dbus_interface=dbus.OBJECT_MANAGER_IFACE)

    # Filter out log message from dbus module

    dbus_logger = logging.getLogger("dbus.proxies")

    class NullFilter(logging.Filter):

        def filter(self, record):

            return False

    dbus_filter = NullFilter()

    try:

        dbus_logger.addFilter(dbus_filter)

        log.debug("D-Bus: %s:%s:%s.GetManagedObjects()", dbus_busname,

                  server_dbus_path, dbus.OBJECT_MANAGER_IFACE)

        all_clients = {path: ifs_and_props[client_dbus_interface]

                       for path, ifs_and_props in

                       mandos_serv_object_manager

                       .GetManagedObjects().items()

                       if client_dbus_interface in ifs_and_props}

    except dbus.exceptions.DBusException as e:

        log.critical("Failed to access Mandos server through D-Bus:"

                     "\n%s", e)

        sys.exit(1)

    finally:

        # restore dbus logger

        dbus_logger.removeFilter(dbus_filter)

    # Compile dict of (clients: properties) to process

    clients = {}

    if not clientnames:

        clients = all_clients

    else:

        for name in clientnames:

            for objpath, properties in all_clients.items():

                if properties["Name"] == name:

                    clients[objpath] = properties

                    break

            else:

                log.critical("Client not found on server: %r", name)

                sys.exit(1)

    # Run all commands on clients

    commands = commands_from_options(options)

    for command in commands:

        command.run(clients, bus, mandos_serv)

def add_command_line_options(parser):

    parser.add_argument("--version", action="version",

                        version="%(prog)s {}".format(version),

                        help="show version number and exit")

    parser.add_argument("-a", "--all", action="store_true",

                        help="Select all clients")

    parser.add_argument("-v", "--verbose", action="store_true",

                        help="Print all fields")

    parser.add_argument("-j", "--dump-json", action="store_true",

                        help="Dump client data in JSON format")

    enable_disable = parser.add_mutually_exclusive_group()

    enable_disable.add_argument("-e", "--enable", action="store_true",

                                help="Enable client")

    enable_disable.add_argument("-d", "--disable",

                                action="store_true",

                                help="disable client")

    parser.add_argument("-b", "--bump-timeout", action="store_true",

                        help="Bump timeout for client")

    start_stop_checker = parser.add_mutually_exclusive_group()

    start_stop_checker.add_argument("--start-checker",

                                    action="store_true",

                                    help="Start checker for client")

    start_stop_checker.add_argument("--stop-checker",

                                    action="store_true",

                                    help="Stop checker for client")

    parser.add_argument("-V", "--is-enabled", action="store_true",

                        help="Check if client is enabled")

    parser.add_argument("-r", "--remove", action="store_true",

                        help="Remove client")

    parser.add_argument("-c", "--checker",

                        help="Set checker command for client")

    parser.add_argument("-t", "--timeout", type=string_to_delta,

                        help="Set timeout for client")

    parser.add_argument("--extended-timeout", type=string_to_delta,

                        help="Set extended timeout for client")

    parser.add_argument("-i", "--interval", type=string_to_delta,

                        help="Set checker interval for client")

    approve_deny_default = parser.add_mutually_exclusive_group()

    approve_deny_default.add_argument(

        "--approve-by-default", action="store_true",

        default=None, dest="approved_by_default",

        help="Set client to be approved by default")

    approve_deny_default.add_argument(

        "--deny-by-default", action="store_false",

        dest="approved_by_default",

        help="Set client to be denied by default")

    parser.add_argument("--approval-delay", type=string_to_delta,

                        help="Set delay before client approve/deny")

    parser.add_argument("--approval-duration", type=string_to_delta,

                        help="Set duration of one client approval")

    parser.add_argument("-H", "--host", help="Set host for client")

    parser.add_argument("-s", "--secret",

                        type=argparse.FileType(mode="rb"),

                        help="Set password blob (file) for client")

    approve_deny = parser.add_mutually_exclusive_group()

    approve_deny.add_argument(

        "-A", "--approve", action="store_true",

        help="Approve any current client request")

    approve_deny.add_argument("-D", "--deny", action="store_true",

                              help="Deny any current client request")

    parser.add_argument("--debug", action="store_true",

                        help="Debug mode (show D-Bus commands)")

    parser.add_argument("--check", action="store_true",

                        help="Run self-test")

    parser.add_argument("client", nargs="*", help="Client name")

def string_to_delta(interval):

    """Parse a string and return a datetime.timedelta"""

    try:

        return rfc3339_duration_to_delta(interval)

    except ValueError as e:

        log.warning("%s - Parsing as pre-1.6.1 interval instead",

                    ' '.join(e.args))

    return parse_pre_1_6_1_interval(interval)

def rfc3339_duration_to_delta(duration):

    """Parse an RFC 3339 "duration" and return a datetime.timedelta

    >>> rfc3339_duration_to_delta("P7D")

    datetime.timedelta(7)

    >>> rfc3339_duration_to_delta("PT60S")

    datetime.timedelta(0, 60)

    >>> rfc3339_duration_to_delta("PT60M")

    datetime.timedelta(0, 3600)

    >>> rfc3339_duration_to_delta("P60M")

    datetime.timedelta(1680)

    >>> rfc3339_duration_to_delta("PT24H")

    datetime.timedelta(1)

    >>> rfc3339_duration_to_delta("P1W")

    datetime.timedelta(7)

    >>> rfc3339_duration_to_delta("PT5M30S")

    datetime.timedelta(0, 330)

    >>> rfc3339_duration_to_delta("P1DT3M20S")

    datetime.timedelta(1, 200)

    >>> # Can not be empty:

    >>> rfc3339_duration_to_delta("")

    Traceback (most recent call last):

    ...

    ValueError: Invalid RFC 3339 duration: u''

    >>> # Must start with "P":

    >>> rfc3339_duration_to_delta("1D")

    Traceback (most recent call last):

    ...

    ValueError: Invalid RFC 3339 duration: u'1D'

    >>> # Must use correct order

    >>> rfc3339_duration_to_delta("PT1S2M")

    Traceback (most recent call last):

    ...

    ValueError: Invalid RFC 3339 duration: u'PT1S2M'

    >>> # Time needs time marker

    >>> rfc3339_duration_to_delta("P1H2S")

    Traceback (most recent call last):

    ...

    ValueError: Invalid RFC 3339 duration: u'P1H2S'

    >>> # Weeks can not be combined with anything else

    >>> rfc3339_duration_to_delta("P1D2W")

    Traceback (most recent call last):

    ...

    ValueError: Invalid RFC 3339 duration: u'P1D2W'

    >>> rfc3339_duration_to_delta("P2W2H")

    Traceback (most recent call last):

    ...

    ValueError: Invalid RFC 3339 duration: u'P2W2H'

    """

    # Parsing an RFC 3339 duration with regular expressions is not

    # possible - there would have to be multiple places for the same

    # values, like seconds.  The current code, while more esoteric, is

    # cleaner without depending on a parsing library.  If Python had a

    # built-in library for parsing we would use it, but we'd like to

    # avoid excessive use of external libraries.

    # New type for defining tokens, syntax, and semantics all-in-one

    Token = collections.namedtuple("Token", (

        "regexp",  # To match token; if "value" is not None, must have

                   # a "group" containing digits

        "value",   # datetime.timedelta or None

        "followers"))           # Tokens valid after this token

    # RFC 3339 "duration" tokens, syntax, and semantics; taken from

    # the "duration" ABNF definition in RFC 3339, Appendix A.

    token_end = Token(re.compile(r"$"), None, frozenset())

    token_second = Token(re.compile(r"(\d+)S"),

                         datetime.timedelta(seconds=1),

                         frozenset((token_end, )))

    token_minute = Token(re.compile(r"(\d+)M"),

                         datetime.timedelta(minutes=1),

                         frozenset((token_second, token_end)))

    token_hour = Token(re.compile(r"(\d+)H"),

                       datetime.timedelta(hours=1),

                       frozenset((token_minute, token_end)))

    token_time = Token(re.compile(r"T"),

                       None,

                       frozenset((token_hour, token_minute,

                                  token_second)))

    token_day = Token(re.compile(r"(\d+)D"),

                      datetime.timedelta(days=1),

                      frozenset((token_time, token_end)))

    token_month = Token(re.compile(r"(\d+)M"),

                        datetime.timedelta(weeks=4),

                        frozenset((token_day, token_end)))

    token_year = Token(re.compile(r"(\d+)Y"),

                       datetime.timedelta(weeks=52),

                       frozenset((token_month, token_end)))

    token_week = Token(re.compile(r"(\d+)W"),

                       datetime.timedelta(weeks=1),

                       frozenset((token_end, )))

    token_duration = Token(re.compile(r"P"), None,

                           frozenset((token_year, token_month,

                                      token_day, token_time,

                                      token_week)))

    # Define starting values:

    # Value so far

    value = datetime.timedelta()

    found_token = None

    # Following valid tokens

    followers = frozenset((token_duration, ))

    # String left to parse

    s = duration

    # Loop until end token is found

    while found_token is not token_end:

        # Search for any currently valid tokens

        for token in followers:

            match = token.regexp.match(s)

            if match is not None:

                # Token found

                if token.value is not None:

                    # Value found, parse digits

                    factor = int(match.group(1), 10)

                    # Add to value so far

                    value += factor * token.value

                # Strip token from string

                s = token.regexp.sub("", s, 1)

                # Go to found token

                found_token = token

                # Set valid next tokens

                followers = found_token.followers

                break

        else:

            # No currently valid tokens were found

            raise ValueError("Invalid RFC 3339 duration: {!r}"

                             .format(duration))

    # End token found

    return value

def parse_pre_1_6_1_interval(interval):

    """Parse an interval string as documented by Mandos before 1.6.1,

    and return a datetime.timedelta

    >>> parse_pre_1_6_1_interval('7d')

    datetime.timedelta(7)

    >>> parse_pre_1_6_1_interval('60s')

    datetime.timedelta(0, 60)

    >>> parse_pre_1_6_1_interval('60m')

    datetime.timedelta(0, 3600)

    >>> parse_pre_1_6_1_interval('24h')

    datetime.timedelta(1)

    >>> parse_pre_1_6_1_interval('1w')

    datetime.timedelta(7)

    >>> parse_pre_1_6_1_interval('5m 30s')

    datetime.timedelta(0, 330)

    >>> parse_pre_1_6_1_interval('')

    datetime.timedelta(0)

    >>> # Ignore unknown characters, allow any order and repetitions

    >>> parse_pre_1_6_1_interval('2dxy7zz11y3m5m')

    datetime.timedelta(2, 480, 18000)

    """

    value = datetime.timedelta(0)

    regexp = re.compile(r"(\d+)([dsmhw]?)")

    for num, suffix in regexp.findall(interval):

        if suffix == "d":

            value += datetime.timedelta(int(num))

        elif suffix == "s":

            value += datetime.timedelta(0, int(num))

        elif suffix == "m":

            value += datetime.timedelta(0, 0, 0, 0, int(num))

        elif suffix == "h":

            value += datetime.timedelta(0, 0, 0, 0, 0, int(num))

        elif suffix == "w":

            value += datetime.timedelta(0, 0, 0, 0, 0, 0, int(num))

        elif suffix == "":

            value += datetime.timedelta(0, 0, 0, int(num))

    return value

def check_option_syntax(parser, options):

    """Apply additional restrictions on options, not expressible in

argparse"""

    def has_actions(options):

        return any((options.enable,

                    options.disable,

                    options.bump_timeout,

                    options.start_checker,

                    options.stop_checker,

                    options.is_enabled,

                    options.remove,

                    options.checker is not None,

                    options.timeout is not None,

                    options.extended_timeout is not None,

                    options.interval is not None,

                    options.approved_by_default is not None,

                    options.approval_delay is not None,

                    options.approval_duration is not None,

                    options.host is not None,

                    options.secret is not None,

                    options.approve,

                    options.deny))

    if has_actions(options) and not (options.client or options.all):

        parser.error("Options require clients names or --all.")

    if options.verbose and has_actions(options):

        parser.error("--verbose can only be used alone.")

    if options.dump_json and (options.verbose

                              or has_actions(options)):

        parser.error("--dump-json can only be used alone.")

    if options.all and not has_actions(options):

        parser.error("--all requires an action.")

    if options.is_enabled and len(options.client) > 1:

        parser.error("--is-enabled requires exactly one client")

    if options.remove:

        options.remove = False

        if has_actions(options) and not options.deny:

            parser.error("--remove can only be combined with --deny")

        options.remove = True

def commands_from_options(options):

    commands = []

    if options.is_enabled:

        commands.append(IsEnabledCmd())

    if options.approve:

        commands.append(ApproveCmd())

    if options.deny:

        commands.append(DenyCmd())

    if options.remove:

        commands.append(RemoveCmd())

    if options.dump_json:

        commands.append(DumpJSONCmd())

    if options.enable:

        commands.append(EnableCmd())

    if options.disable:

        commands.append(DisableCmd())

    if options.bump_timeout:

        commands.append(BumpTimeoutCmd())

    if options.start_checker:

        commands.append(StartCheckerCmd())

    if options.stop_checker:

        commands.append(StopCheckerCmd())

    if options.approved_by_default is not None:

        if options.approved_by_default:

            commands.append(ApproveByDefaultCmd())

        else:

            commands.append(DenyByDefaultCmd())

    if options.checker is not None:

        commands.append(SetCheckerCmd(options.checker))

    if options.host is not None:

        commands.append(SetHostCmd(options.host))

    if options.secret is not None:

        commands.append(SetSecretCmd(options.secret))

    if options.timeout is not None:

        commands.append(SetTimeoutCmd(options.timeout))

    if options.extended_timeout:

        commands.append(

            SetExtendedTimeoutCmd(options.extended_timeout))

    if options.interval is not None:

        commands.append(SetIntervalCmd(options.interval))

    if options.approval_delay is not None:

        commands.append(SetApprovalDelayCmd(options.approval_delay))

    if options.approval_duration is not None:

        commands.append(

            SetApprovalDurationCmd(options.approval_duration))

    # If no command option has been given, show table of clients,

    # optionally verbosely

    if not commands:

        commands.append(PrintTableCmd(verbose=options.verbose))

    return commands

class Command(object):

    """Abstract class for commands"""

    def run(self, clients, bus=None, mandos=None):

        """Normal commands should implement run_on_one_client(), but

        commands which want to operate on all clients at the same time

        can override this run() method instead."""

        self.mandos = mandos

        for clientpath, properties in clients.items():

            log.debug("D-Bus: Connect to: (busname=%r, path=%r)",

                      dbus_busname, str(clientpath))

            client = bus.get_object(dbus_busname, clientpath)

            self.run_on_one_client(client, properties)

class IsEnabledCmd(Command):

    def run(self, clients, bus=None, mandos=None):

        client, properties = next(iter(clients.items()))

        if self.is_enabled(client, properties):

            sys.exit(0)

        sys.exit(1)

    def is_enabled(self, client, properties):

        return properties["Enabled"]

class ApproveCmd(Command):

    def run_on_one_client(self, client, properties):

        log.debug("D-Bus: %s:%s:%s.Approve(True)", dbus_busname,

                  client.__dbus_object_path__, client_dbus_interface)

        client.Approve(dbus.Boolean(True),

                       dbus_interface=client_dbus_interface)

class DenyCmd(Command):

    def run_on_one_client(self, client, properties):

        log.debug("D-Bus: %s:%s:%s.Approve(False)", dbus_busname,

                  client.__dbus_object_path__, client_dbus_interface)

        client.Approve(dbus.Boolean(False),

                       dbus_interface=client_dbus_interface)

class RemoveCmd(Command):

    def run_on_one_client(self, client, properties):

        log.debug("D-Bus: %s:%s:%s.RemoveClient(%r)", dbus_busname,

                  server_dbus_path, server_dbus_interface,

                  str(client.__dbus_object_path__))

        self.mandos.RemoveClient(client.__dbus_object_path__)

class OutputCmd(Command):

    """Abstract class for commands outputting client details"""

    all_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",

                    "Created", "Interval", "Host", "KeyID",

                    "Fingerprint", "CheckerRunning", "LastEnabled",

                    "ApprovalPending", "ApprovedByDefault",

                    "LastApprovalRequest", "ApprovalDelay",

                    "ApprovalDuration", "Checker", "ExtendedTimeout",

                    "Expires", "LastCheckerStatus")

    def run(self, clients, bus=None, mandos=None):

        print(self.output(clients.values()))

    def output(self, clients):

        raise NotImplementedError()

class DumpJSONCmd(OutputCmd):

    def output(self, clients):

        data = {client["Name"]:

                {key: self.dbus_boolean_to_bool(client[key])

                 for key in self.all_keywords}

                for client in clients}

        return json.dumps(data, indent=4, separators=(',', ': '))

    @staticmethod

    def dbus_boolean_to_bool(value):

        if isinstance(value, dbus.Boolean):

            value = bool(value)

        return value

class PrintTableCmd(OutputCmd):

    def __init__(self, verbose=False):

        self.verbose = verbose

    def output(self, clients):

        default_keywords = ("Name", "Enabled", "Timeout",

                            "LastCheckedOK")

        keywords = default_keywords

        if self.verbose:

            keywords = self.all_keywords

        return str(self.TableOfClients(clients, keywords))

    class TableOfClients(object):

        tableheaders = {

            "Name": "Name",

            "Enabled": "Enabled",

            "Timeout": "Timeout",

            "LastCheckedOK": "Last Successful Check",

            "LastApprovalRequest": "Last Approval Request",

            "Created": "Created",

            "Interval": "Interval",

            "Host": "Host",

            "Fingerprint": "Fingerprint",

            "KeyID": "Key ID",

            "CheckerRunning": "Check Is Running",

            "LastEnabled": "Last Enabled",

            "ApprovalPending": "Approval Is Pending",

            "ApprovedByDefault": "Approved By Default",

            "ApprovalDelay": "Approval Delay",

            "ApprovalDuration": "Approval Duration",

            "Checker": "Checker",

            "ExtendedTimeout": "Extended Timeout",

            "Expires": "Expires",

            "LastCheckerStatus": "Last Checker Status",

        }

        def __init__(self, clients, keywords):

            self.clients = clients

            self.keywords = keywords

        def __str__(self):

            return "\n".join(self.rows())

        if sys.version_info.major == 2:

            __unicode__ = __str__

            def __str__(self):

                return str(self).encode(locale.getpreferredencoding())

        def rows(self):

            format_string = self.row_formatting_string()

            rows = [self.header_line(format_string)]

            rows.extend(self.client_line(client, format_string)

                        for client in self.clients)

            return rows

        def row_formatting_string(self):

            "Format string used to format table rows"

            return " ".join("{{{key}:{width}}}".format(

                width=max(len(self.tableheaders[key]),

                          *(len(self.string_from_client(client, key))

                            for client in self.clients)),

                key=key)

                            for key in self.keywords)

        def string_from_client(self, client, key):

            return self.valuetostring(client[key], key)

        @classmethod

        def valuetostring(cls, value, keyword):

            if isinstance(value, dbus.Boolean):

                return "Yes" if value else "No"

            if keyword in ("Timeout", "Interval", "ApprovalDelay",

                           "ApprovalDuration", "ExtendedTimeout"):

                return cls.milliseconds_to_string(value)

            return str(value)

        def header_line(self, format_string):

            return format_string.format(**self.tableheaders)

        def client_line(self, client, format_string):

            return format_string.format(

                **{key: self.string_from_client(client, key)

                   for key in self.keywords})

        @staticmethod

        def milliseconds_to_string(ms):

            td = datetime.timedelta(0, 0, 0, ms)

            return ("{days}{hours:02}:{minutes:02}:{seconds:02}"

                    .format(days="{}T".format(td.days)

                            if td.days else "",

                            hours=td.seconds // 3600,

                            minutes=(td.seconds % 3600) // 60,