To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to server.py
- browse files at revision 15.1.3
- compare with another revision
- download diff
- download tarball
- view history from revision 15.1.3
- Committer: Björn Påhlsson
- Date: 2008-07-21 03:58:36 UTC
- mfrom: (17 mandos)
- mto: This revision was merged to the branch mainline in revision 20.
- Revision ID: belorn@braxen-20080721035836-v7220bmolr608r61
Added getopt_long support for mandosclient and passprompt
Added support for --interface for mandosclient
Added support for --prefix for passprompt
Added support for --interface for mandosclient
Added support for --prefix for passprompt
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
server.py
6
6
# This program is partly derived from an example program for an Avahi
7
7
# service publisher, downloaded from
8
8
# <http://avahi.org/wiki/PythonPublishExample>. This includes the
9
# methods "add", "remove", "server_state_changed",
10
# "entry_group_state_changed", "cleanup", and "activate" in the
11
# "AvahiService" class, and some lines in "main".
9
# following functions: "add_service", "remove_service",
10
# "server_state_changed", "entry_group_state_changed", and some lines
11
# in "main".
12
12
#
13
# Everything else is
14
# Copyright © 2008-2011 Teddy Hogeborn
15
# Copyright © 2008-2011 Björn Påhlsson
13
# Everything else is Copyright © 2007-2008 Teddy Hogeborn and Björn
14
# Påhlsson.
16
15
#
17
16
# This program is free software: you can redistribute it and/or modify
18
17
# it under the terms of the GNU General Public License as published by
25
24
# GNU General Public License for more details.
26
25
#
27
26
# You should have received a copy of the GNU General Public License
28
# along with this program. If not, see
29
# <http://www.gnu.org/licenses/>.
30
#
31
# Contact the authors at <mandos@fukt.bsnet.se>.
32
#
33
34
from __future__ import (division, absolute_import, print_function,
35
unicode_literals)
36
37
import SocketServer as socketserver
27
# along with this program. If not, see <http://www.gnu.org/licenses/>.
28
#
29
# Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
30
# <https://www.fukt.bsnet.se/~teddy/>.
31
#
32
33
from __future__ import division
34
35
import SocketServer
38
36
import socket
39
import argparse
37
import select
38
from optparse import OptionParser
40
39
import datetime
41
40
import errno
42
41
import gnutls.crypto
45
44
import gnutls.library.functions
46
45
import gnutls.library.constants
47
46
import gnutls.library.types
48
import ConfigParser as configparser
47
import ConfigParser
49
48
import sys
50
49
import re
51
50
import os
52
51
import signal
52
from sets import Set
53
53
import subprocess
54
54
import atexit
55
55
import stat
56
56
import logging
57
57
import logging.handlers
58
import pwd
59
import contextlib
60
import struct
61
import fcntl
62
import functools
63
import cPickle as pickle
64
import multiprocessing
65
58
66
59
import dbus
67
import dbus.service
68
60
import gobject
69
61
import avahi
70
62
from dbus.mainloop.glib import DBusGMainLoop
71
63
import ctypes
72
import ctypes.util
73
import xml.dom.minidom
74
import inspect
75
76
try:
77
SO_BINDTODEVICE = socket.SO_BINDTODEVICE
78
except AttributeError:
79
try:
80
from IN import SO_BINDTODEVICE
81
except ImportError:
82
SO_BINDTODEVICE = None
83
84
85
version = "1.3.1"
86
87
#logger = logging.getLogger('mandos')
64
65
# Brief description of the operation of this program:
66
#
67
# This server announces itself as a Zeroconf service. Connecting
68
# clients use the TLS protocol, with the unusual quirk that this
69
# server program acts as a TLS "client" while the connecting clients
70
# acts as a TLS "server". The clients (acting as a TLS "server") must
71
# supply an OpenPGP certificate, and the fingerprint of this
72
# certificate is used by this server to look up (in a list read from a
73
# file at start time) which binary blob to give the client. No other
74
# authentication or authorization is done by this server.
75
76
88
77
logger = logging.Logger('mandos')
89
syslogger = (logging.handlers.SysLogHandler
90
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
91
address = str("/dev/log")))
92
syslogger.setFormatter(logging.Formatter
93
('Mandos [%(process)d]: %(levelname)s:'
94
' %(message)s'))
78
syslogger = logging.handlers.SysLogHandler\
79
(facility = logging.handlers.SysLogHandler.LOG_DAEMON)
80
syslogger.setFormatter(logging.Formatter\
81
('%(levelname)s: %(message)s'))
95
82
logger.addHandler(syslogger)
96
97
console = logging.StreamHandler()
98
console.setFormatter(logging.Formatter('%(name)s [%(process)d]:'
99
' %(levelname)s:'
100
' %(message)s'))
101
logger.addHandler(console)
102
103
class AvahiError(Exception):
104
def __init__(self, value, *args, **kwargs):
105
self.value = value
106
super(AvahiError, self).__init__(value, *args, **kwargs)
107
def __unicode__(self):
108
return unicode(repr(self.value))
109
110
class AvahiServiceError(AvahiError):
111
pass
112
113
class AvahiGroupError(AvahiError):
114
pass
115
116
117
class AvahiService(object):
118
"""An Avahi (Zeroconf) service.
119
120
Attributes:
121
interface: integer; avahi.IF_UNSPEC or an interface index.
122
Used to optionally bind to the specified interface.
123
name: string; Example: 'Mandos'
124
type: string; Example: '_mandos._tcp'.
125
See <http://www.dns-sd.org/ServiceTypes.html>
126
port: integer; what port to announce
127
TXT: list of strings; TXT record for the service
128
domain: string; Domain to publish on, default to .local if empty.
129
host: string; Host to publish records for, default is localhost
130
max_renames: integer; maximum number of renames
131
rename_count: integer; counter so we only rename after collisions
132
a sensible number of times
133
group: D-Bus Entry Group
134
server: D-Bus Server
135
bus: dbus.SystemBus()
136
"""
137
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
138
servicetype = None, port = None, TXT = None,
139
domain = "", host = "", max_renames = 32768,
140
protocol = avahi.PROTO_UNSPEC, bus = None):
141
self.interface = interface
142
self.name = name
143
self.type = servicetype
144
self.port = port
145
self.TXT = TXT if TXT is not None else []
146
self.domain = domain
147
self.host = host
148
self.rename_count = 0
149
self.max_renames = max_renames
150
self.protocol = protocol
151
self.group = None # our entry group
152
self.server = None
153
self.bus = bus
154
self.entry_group_state_changed_match = None
155
def rename(self):
156
"""Derived from the Avahi example code"""
157
if self.rename_count >= self.max_renames:
158
logger.critical("No suitable Zeroconf service name found"
159
" after %i retries, exiting.",
160
self.rename_count)
161
raise AvahiServiceError("Too many renames")
162
self.name = unicode(self.server.GetAlternativeServiceName(self.name))
163
logger.info("Changing Zeroconf service name to %r ...",
164
self.name)
165
syslogger.setFormatter(logging.Formatter
166
('Mandos (%s) [%%(process)d]:'
167
' %%(levelname)s: %%(message)s'
168
% self.name))
169
self.remove()
170
try:
171
self.add()
172
except dbus.exceptions.DBusException as error:
173
logger.critical("DBusException: %s", error)
174
self.cleanup()
175
os._exit(1)
176
self.rename_count += 1
177
def remove(self):
178
"""Derived from the Avahi example code"""
179
if self.entry_group_state_changed_match is not None:
180
self.entry_group_state_changed_match.remove()
181
self.entry_group_state_changed_match = None
182
if self.group is not None:
183
self.group.Reset()
184
def add(self):
185
"""Derived from the Avahi example code"""
186
self.remove()
187
if self.group is None:
188
self.group = dbus.Interface(
189
self.bus.get_object(avahi.DBUS_NAME,
190
self.server.EntryGroupNew()),
191
avahi.DBUS_INTERFACE_ENTRY_GROUP)
192
self.entry_group_state_changed_match = (
193
self.group.connect_to_signal(
194
'StateChanged', self .entry_group_state_changed))
195
logger.debug("Adding Zeroconf service '%s' of type '%s' ...",
196
self.name, self.type)
197
self.group.AddService(
198
self.interface,
199
self.protocol,
200
dbus.UInt32(0), # flags
201
self.name, self.type,
202
self.domain, self.host,
203
dbus.UInt16(self.port),
204
avahi.string_array_to_txt_array(self.TXT))
205
self.group.Commit()
206
def entry_group_state_changed(self, state, error):
207
"""Derived from the Avahi example code"""
208
logger.debug("Avahi entry group state change: %i", state)
209
210
if state == avahi.ENTRY_GROUP_ESTABLISHED:
211
logger.debug("Zeroconf service established.")
212
elif state == avahi.ENTRY_GROUP_COLLISION:
213
logger.info("Zeroconf service name collision.")
214
self.rename()
215
elif state == avahi.ENTRY_GROUP_FAILURE:
216
logger.critical("Avahi: Error in group state changed %s",
217
unicode(error))
218
raise AvahiGroupError("State changed: %s"
219
% unicode(error))
220
def cleanup(self):
221
"""Derived from the Avahi example code"""
222
if self.group is not None:
223
try:
224
self.group.Free()
225
except (dbus.exceptions.UnknownMethodException,
226
dbus.exceptions.DBusException) as e:
227
pass
228
self.group = None
229
self.remove()
230
def server_state_changed(self, state, error=None):
231
"""Derived from the Avahi example code"""
232
logger.debug("Avahi server state change: %i", state)
233
bad_states = { avahi.SERVER_INVALID:
234
"Zeroconf server invalid",
235
avahi.SERVER_REGISTERING: None,
236
avahi.SERVER_COLLISION:
237
"Zeroconf server name collision",
238
avahi.SERVER_FAILURE:
239
"Zeroconf server failure" }
240
if state in bad_states:
241
if bad_states[state] is not None:
242
if error is None:
243
logger.error(bad_states[state])
244
else:
245
logger.error(bad_states[state] + ": %r", error)
246
self.cleanup()
247
elif state == avahi.SERVER_RUNNING:
248
self.add()
249
else:
250
if error is None:
251
logger.debug("Unknown state: %r", state)
252
else:
253
logger.debug("Unknown state: %r: %r", state, error)
254
def activate(self):
255
"""Derived from the Avahi example code"""
256
if self.server is None:
257
self.server = dbus.Interface(
258
self.bus.get_object(avahi.DBUS_NAME,
259
avahi.DBUS_PATH_SERVER,
260
follow_name_owner_changes=True),
261
avahi.DBUS_INTERFACE_SERVER)
262
self.server.connect_to_signal("StateChanged",
263
self.server_state_changed)
264
self.server_state_changed(self.server.GetState())
265
266
267
def _timedelta_to_milliseconds(td):
268
"Convert a datetime.timedelta() to milliseconds"
269
return ((td.days * 24 * 60 * 60 * 1000)
270
+ (td.seconds * 1000)
271
+ (td.microseconds // 1000))
272
83
del syslogger
84
85
# This variable is used to optionally bind to a specified interface.
86
# It is a global variable to fit in with the other variables from the
87
# Avahi example code.
88
serviceInterface = avahi.IF_UNSPEC
89
# From the Avahi example code:
90
serviceName = "Mandos"
91
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
92
servicePort = None # Not known at startup
93
serviceTXT = [] # TXT record for the service
94
domain = "" # Domain to publish on, default to .local
95
host = "" # Host to publish records for, default to localhost
96
group = None #our entry group
97
rename_count = 12 # Counter so we only rename after collisions a
98
# sensible number of times
99
# End of Avahi example code
100
101
273
102
class Client(object):
274
103
"""A representation of a client host served by this server.
275
276
104
Attributes:
277
_approved: bool(); 'None' if not yet approved/disapproved
278
approval_delay: datetime.timedelta(); Time to wait for approval
279
approval_duration: datetime.timedelta(); Duration of one approval
280
checker: subprocess.Popen(); a running checker process used
281
to see if the client lives.
282
'None' if no process is running.
283
checker_callback_tag: a gobject event source tag, or None
284
checker_command: string; External command which is run to check
285
if client lives. %() expansions are done at
105
name: string; from the config file, used in log messages
106
fingerprint: string (40 or 32 hexadecimal digits); used to
107
uniquely identify the client
108
secret: bytestring; sent verbatim (over TLS) to client
109
fqdn: string (FQDN); available for use by the checker command
110
created: datetime.datetime()
111
last_seen: datetime.datetime() or None if not yet seen
112
timeout: datetime.timedelta(); How long from last_seen until
113
this client is invalid
114
interval: datetime.timedelta(); How often to start a new checker
115
stop_hook: If set, called by stop() as stop_hook(self)
116
checker: subprocess.Popen(); a running checker process used
117
to see if the client lives.
118
Is None if no process is running.
119
checker_initiator_tag: a gobject event source tag, or None
120
stop_initiator_tag: - '' -
121
checker_callback_tag: - '' -
122
checker_command: string; External command which is run to check if
123
client lives. %()s expansions are done at
286
124
runtime with vars(self) as dict, so that for
287
125
instance %(name)s can be used in the command.
288
checker_initiator_tag: a gobject event source tag, or None
289
created: datetime.datetime(); (UTC) object creation
290
current_checker_command: string; current running checker_command
291
disable_hook: If set, called by disable() as disable_hook(self)
292
disable_initiator_tag: a gobject event source tag, or None
293
enabled: bool()
294
fingerprint: string (40 or 32 hexadecimal digits); used to
295
uniquely identify the client
296
host: string; available for use by the checker command
297
interval: datetime.timedelta(); How often to start a new checker
298
last_approval_request: datetime.datetime(); (UTC) or None
299
last_checked_ok: datetime.datetime(); (UTC) or None
300
last_enabled: datetime.datetime(); (UTC)
301
name: string; from the config file, used in log messages and
302
D-Bus identifiers
303
secret: bytestring; sent verbatim (over TLS) to client
304
timeout: datetime.timedelta(); How long from last_checked_ok
305
until this client is disabled
306
extended_timeout: extra long timeout when password has been sent
307
runtime_expansions: Allowed attributes for runtime expansion.
308
expires: datetime.datetime(); time (UTC) when a client will be
309
disabled, or None
126
Private attibutes:
127
_timeout: Real variable for 'timeout'
128
_interval: Real variable for 'interval'
129
_timeout_milliseconds: Used by gobject.timeout_add()
130
_interval_milliseconds: - '' -
310
131
"""
311
312
runtime_expansions = ("approval_delay", "approval_duration",
313
"created", "enabled", "fingerprint",
314
"host", "interval", "last_checked_ok",
315
"last_enabled", "name", "timeout")
316
317
def timeout_milliseconds(self):
318
"Return the 'timeout' attribute in milliseconds"
319
return _timedelta_to_milliseconds(self.timeout)
320
321
def extended_timeout_milliseconds(self):
322
"Return the 'extended_timeout' attribute in milliseconds"
323
return _timedelta_to_milliseconds(self.extended_timeout)
324
325
def interval_milliseconds(self):
326
"Return the 'interval' attribute in milliseconds"
327
return _timedelta_to_milliseconds(self.interval)
328
329
def approval_delay_milliseconds(self):
330
return _timedelta_to_milliseconds(self.approval_delay)
331
332
def __init__(self, name = None, disable_hook=None, config=None):
333
"""Note: the 'checker' key in 'config' sets the
334
'checker_command' attribute and *not* the 'checker'
335
attribute."""
132
def _set_timeout(self, timeout):
133
"Setter function for 'timeout' attribute"
134
self._timeout = timeout
135
self._timeout_milliseconds = ((self.timeout.days
136
* 24 * 60 * 60 * 1000)
137
+ (self.timeout.seconds * 1000)
138
+ (self.timeout.microseconds
139
// 1000))
140
timeout = property(lambda self: self._timeout,
141
_set_timeout)
142
del _set_timeout
143
def _set_interval(self, interval):
144
"Setter function for 'interval' attribute"
145
self._interval = interval
146
self._interval_milliseconds = ((self.interval.days
147
* 24 * 60 * 60 * 1000)
148
+ (self.interval.seconds
149
* 1000)
150
+ (self.interval.microseconds
151
// 1000))
152
interval = property(lambda self: self._interval,
153
_set_interval)
154
del _set_interval
155
def __init__(self, name=None, options=None, stop_hook=None,
156
fingerprint=None, secret=None, secfile=None,
157
fqdn=None, timeout=None, interval=-1, checker=None):
158
"""Note: the 'checker' argument sets the 'checker_command'
159
attribute and not the 'checker' attribute.."""
336
160
self.name = name
337
if config is None:
338
config = {}
339
logger.debug("Creating client %r", self.name)
340
# Uppercase and remove spaces from fingerprint for later
341
# comparison purposes with return value from the fingerprint()
342
# function
343
self.fingerprint = (config["fingerprint"].upper()
344
.replace(" ", ""))
345
logger.debug(" Fingerprint: %s", self.fingerprint)
346
if "secret" in config:
347
self.secret = config["secret"].decode("base64")
348
elif "secfile" in config:
349
with open(os.path.expanduser(os.path.expandvars
350
(config["secfile"])),
351
"rb") as secfile:
352
self.secret = secfile.read()
353
else:
354
raise TypeError("No secret or secfile for client %s"
355
% self.name)
356
self.host = config.get("host", "")
357
self.created = datetime.datetime.utcnow()
358
self.enabled = False
359
self.last_approval_request = None
360
self.last_enabled = None
361
self.last_checked_ok = None
362
self.timeout = string_to_delta(config["timeout"])
363
self.extended_timeout = string_to_delta(config["extended_timeout"])
364
self.interval = string_to_delta(config["interval"])
365
self.disable_hook = disable_hook
161
# Uppercase and remove spaces from fingerprint
162
# for later comparison purposes with return value of
163
# the fingerprint() function
164
self.fingerprint = fingerprint.upper().replace(u" ", u"")
165
if secret:
166
self.secret = secret.decode(u"base64")
167
elif secfile:
168
sf = open(secfile)
169
self.secret = sf.read()
170
sf.close()
171
else:
172
raise RuntimeError(u"No secret or secfile for client %s"
173
% self.name)
174
self.fqdn = fqdn # string
175
self.created = datetime.datetime.now()
176
self.last_seen = None
177
if timeout is None:
178
self.timeout = options.timeout
179
else:
180
self.timeout = string_to_delta(timeout)
181
if interval == -1:
182
self.interval = options.interval
183
else:
184
self.interval = string_to_delta(interval)
185
self.stop_hook = stop_hook
366
186
self.checker = None
367
187
self.checker_initiator_tag = None
368
self.disable_initiator_tag = None
369
self.expires = None
188
self.stop_initiator_tag = None
370
189
self.checker_callback_tag = None
371
self.checker_command = config["checker"]
372
self.current_checker_command = None
373
self.last_connect = None
374
self._approved = None
375
self.approved_by_default = config.get("approved_by_default",
376
True)
377
self.approvals_pending = 0
378
self.approval_delay = string_to_delta(
379
config["approval_delay"])
380
self.approval_duration = string_to_delta(
381
config["approval_duration"])
382
self.changedstate = multiprocessing_manager.Condition(multiprocessing_manager.Lock())
383
384
def send_changedstate(self):
385
self.changedstate.acquire()
386
self.changedstate.notify_all()
387
self.changedstate.release()
388
389
def enable(self):
190
self.check_command = checker
191
def start(self):
390
192
"""Start this client's checker and timeout hooks"""
391
if getattr(self, "enabled", False):
392
# Already enabled
393
return
394
self.send_changedstate()
395
193
# Schedule a new checker to be started an 'interval' from now,
396
194
# and every interval from then on.
397
self.checker_initiator_tag = (gobject.timeout_add
398
(self.interval_milliseconds(),
399
self.start_checker))
400
# Schedule a disable() when 'timeout' has passed
401
self.expires = datetime.datetime.utcnow() + self.timeout
402
self.disable_initiator_tag = (gobject.timeout_add
403
(self.timeout_milliseconds(),
404
self.disable))
405
self.enabled = True
406
self.last_enabled = datetime.datetime.utcnow()
195
self.checker_initiator_tag = gobject.timeout_add\
196
(self._interval_milliseconds,
197
self.start_checker)
407
198
# Also start a new checker *right now*.
408
199
self.start_checker()
409
410
def disable(self, quiet=True):
411
"""Disable this client."""
412
if not getattr(self, "enabled", False):
200
# Schedule a stop() when 'timeout' has passed
201
self.stop_initiator_tag = gobject.timeout_add\
202
(self._timeout_milliseconds,
203
self.stop)
204
def stop(self):
205
"""Stop this client.
206
The possibility that this client might be restarted is left
207
open, but not currently used."""
208
# If this client doesn't have a secret, it is already stopped.
209
if self.secret:
210
logger.debug(u"Stopping client %s", self.name)
211
self.secret = None
212
else:
413
213
return False
414
if not quiet:
415
self.send_changedstate()
416
if not quiet:
417
logger.info("Disabling client %s", self.name)
418
if getattr(self, "disable_initiator_tag", False):
419
gobject.source_remove(self.disable_initiator_tag)
420
self.disable_initiator_tag = None
421
self.expires = None
422
if getattr(self, "checker_initiator_tag", False):
214
if hasattr(self, "stop_initiator_tag") \
215
and self.stop_initiator_tag:
216
gobject.source_remove(self.stop_initiator_tag)
217
self.stop_initiator_tag = None
218
if hasattr(self, "checker_initiator_tag") \
219
and self.checker_initiator_tag:
423
220
gobject.source_remove(self.checker_initiator_tag)
424
221
self.checker_initiator_tag = None
425
222
self.stop_checker()
426
if self.disable_hook:
427
self.disable_hook(self)
428
self.enabled = False
223
if self.stop_hook:
224
self.stop_hook(self)
429
225
# Do not run this again if called by a gobject.timeout_add
430
226
return False
431
432
227
def __del__(self):
433
self.disable_hook = None
434
self.disable()
435
436
def checker_callback(self, pid, condition, command):
228
self.stop_hook = None
229
self.stop()
230
def checker_callback(self, pid, condition):
437
231
"""The checker has completed, so take appropriate actions."""
232
now = datetime.datetime.now()
438
233
self.checker_callback_tag = None
439
234
self.checker = None
440
if os.WIFEXITED(condition):
441
exitstatus = os.WEXITSTATUS(condition)
442
if exitstatus == 0:
443
logger.info("Checker for %(name)s succeeded",
444
vars(self))
445
self.checked_ok()
446
else:
447
logger.info("Checker for %(name)s failed",
448
vars(self))
449
else:
450
logger.warning("Checker for %(name)s crashed?",
235
if os.WIFEXITED(condition) \
236
and (os.WEXITSTATUS(condition) == 0):
237
logger.debug(u"Checker for %(name)s succeeded",
238
vars(self))
239
self.last_seen = now
240
gobject.source_remove(self.stop_initiator_tag)
241
self.stop_initiator_tag = gobject.timeout_add\
242
(self._timeout_milliseconds,
243
self.stop)
244
elif not os.WIFEXITED(condition):
245
logger.warning(u"Checker for %(name)s crashed?",
451
246
vars(self))
452
453
def checked_ok(self, timeout=None):
454
"""Bump up the timeout for this client.
455
456
This should only be called when the client has been seen,
457
alive and well.
458
"""
459
if timeout is None:
460
timeout = self.timeout
461
self.last_checked_ok = datetime.datetime.utcnow()
462
gobject.source_remove(self.disable_initiator_tag)
463
self.expires = datetime.datetime.utcnow() + timeout
464
self.disable_initiator_tag = (gobject.timeout_add
465
(_timedelta_to_milliseconds(timeout),
466
self.disable))
467
468
def need_approval(self):
469
self.last_approval_request = datetime.datetime.utcnow()
470
247
else:
248
logger.debug(u"Checker for %(name)s failed",
249
vars(self))
471
250
def start_checker(self):
472
251
"""Start a new checker subprocess if one is not running.
473
474
252
If a checker already exists, leave it running and do
475
253
nothing."""
476
254
# The reason for not killing a running checker is that if we
479
257
# client would inevitably timeout, since no checker would get
480
258
# a chance to run to completion. If we instead leave running
481
259
# checkers alone, the checker would have to take more time
482
# than 'timeout' for the client to be disabled, which is as it
483
# should be.
484
485
# If a checker exists, make sure it is not a zombie
486
try:
487
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
488
except (AttributeError, OSError) as error:
489
if (isinstance(error, OSError)
490
and error.errno != errno.ECHILD):
491
raise error
492
else:
493
if pid:
494
logger.warning("Checker was a zombie")
495
gobject.source_remove(self.checker_callback_tag)
496
self.checker_callback(pid, status,
497
self.current_checker_command)
498
# Start a new checker if needed
260
# than 'timeout' for the client to be declared invalid, which
261
# is as it should be.
499
262
if self.checker is None:
500
263
try:
501
# In case checker_command has exactly one % operator
502
command = self.checker_command % self.host
264
command = self.check_command % self.fqdn
503
265
except TypeError:
504
# Escape attributes for the shell
505
escaped_attrs = dict(
506
(attr,
507
re.escape(unicode(str(getattr(self, attr, "")),
508
errors=
509
'replace')))
510
for attr in
511
self.runtime_expansions)
512
266
escaped_attrs = dict((key, re.escape(str(val)))
267
for key, val in
268
vars(self).iteritems())
513
269
try:
514
command = self.checker_command % escaped_attrs
515
except TypeError as error:
516
logger.error('Could not format string "%s":'
517
' %s', self.checker_command, error)
270
command = self.check_command % escaped_attrs
271
except TypeError, error:
272
logger.critical(u'Could not format string "%s":'
273
u' %s', self.check_command, error)
518
274
return True # Try again later
519
self.current_checker_command = command
520
275
try:
521
logger.info("Starting checker %r for %s",
522
command, self.name)
523
# We don't need to redirect stdout and stderr, since
524
# in normal mode, that is already done by daemon(),
525
# and in debug mode we don't want to. (Stdin is
526
# always replaced by /dev/null.)
527
self.checker = subprocess.Popen(command,
528
close_fds=True,
529
shell=True, cwd="/")
530
self.checker_callback_tag = (gobject.child_watch_add
531
(self.checker.pid,
532
self.checker_callback,
533
data=command))
534
# The checker may have completed before the gobject
535
# watch was added. Check for this.
536
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
537
if pid:
538
gobject.source_remove(self.checker_callback_tag)
539
self.checker_callback(pid, status, command)
540
except OSError as error:
541
logger.error("Failed to start subprocess: %s",
276
logger.debug(u"Starting checker %r for %s",
277
command, self.name)
278
self.checker = subprocess.\
279
Popen(command,
280
close_fds=True, shell=True,
281
cwd="/")
282
self.checker_callback_tag = gobject.child_watch_add\
283
(self.checker.pid,
284
self.checker_callback)
285
except subprocess.OSError, error:
286
logger.error(u"Failed to start subprocess: %s",
542
287
error)
543
288
# Re-run this periodically if run by gobject.timeout_add
544
289
return True
545
546
290
def stop_checker(self):
547
291
"""Force the checker process, if any, to stop."""
548
292
if self.checker_callback_tag:
549
293
gobject.source_remove(self.checker_callback_tag)
550
294
self.checker_callback_tag = None
551
if getattr(self, "checker", None) is None:
295
if not hasattr(self, "checker") or self.checker is None:
552
296
return
553
297
logger.debug("Stopping checker for %(name)s", vars(self))
554
298
try:
555
299
os.kill(self.checker.pid, signal.SIGTERM)
556
#time.sleep(0.5)
300
#os.sleep(0.5)
557
301
#if self.checker.poll() is None:
558
302
# os.kill(self.checker.pid, signal.SIGKILL)
559
except OSError as error:
560
if error.errno != errno.ESRCH: # No such process
303
except OSError, error:
304
if error.errno != errno.ESRCH:
561
305
raise
562
306
self.checker = None
563
564
565
def dbus_service_property(dbus_interface, signature="v",
566
access="readwrite", byte_arrays=False):
567
"""Decorators for marking methods of a DBusObjectWithProperties to
568
become properties on the D-Bus.
569
570
The decorated method will be called with no arguments by "Get"
571
and with one argument by "Set".
572
573
The parameters, where they are supported, are the same as
574
dbus.service.method, except there is only "signature", since the
575
type from Get() and the type sent to Set() is the same.
576
"""
577
# Encoding deeply encoded byte arrays is not supported yet by the
578
# "Set" method, so we fail early here:
579
if byte_arrays and signature != "ay":
580
raise ValueError("Byte arrays not supported for non-'ay'"
581
" signature %r" % signature)
582
def decorator(func):
583
func._dbus_is_property = True
584
func._dbus_interface = dbus_interface
585
func._dbus_signature = signature
586
func._dbus_access = access
587
func._dbus_name = func.__name__
588
if func._dbus_name.endswith("_dbus_property"):
589
func._dbus_name = func._dbus_name[:-14]
590
func._dbus_get_args_options = {'byte_arrays': byte_arrays }
591
return func
592
return decorator
593
594
595
class DBusPropertyException(dbus.exceptions.DBusException):
596
"""A base class for D-Bus property-related exceptions
597
"""
598
def __unicode__(self):
599
return unicode(str(self))
600
601
602
class DBusPropertyAccessException(DBusPropertyException):
603
"""A property's access permissions disallows an operation.
604
"""
605
pass
606
607
608
class DBusPropertyNotFound(DBusPropertyException):
609
"""An attempt was made to access a non-existing property.
610
"""
611
pass
612
613
614
class DBusObjectWithProperties(dbus.service.Object):
615
"""A D-Bus object with properties.
616
617
Classes inheriting from this can use the dbus_service_property
618
decorator to expose methods as D-Bus properties. It exposes the
619
standard Get(), Set(), and GetAll() methods on the D-Bus.
620
"""
621
622
@staticmethod
623
def _is_dbus_property(obj):
624
return getattr(obj, "_dbus_is_property", False)
625
626
def _get_all_dbus_properties(self):
627
"""Returns a generator of (name, attribute) pairs
628
"""
629
return ((prop._dbus_name, prop)
630
for name, prop in
631
inspect.getmembers(self, self._is_dbus_property))
632
633
def _get_dbus_property(self, interface_name, property_name):
634
"""Returns a bound method if one exists which is a D-Bus
635
property with the specified name and interface.
636
"""
637
for name in (property_name,
638
property_name + "_dbus_property"):
639
prop = getattr(self, name, None)
640
if (prop is None
641
or not self._is_dbus_property(prop)
642
or prop._dbus_name != property_name
643
or (interface_name and prop._dbus_interface
644
and interface_name != prop._dbus_interface)):
645
continue
646
return prop
647
# No such property
648
raise DBusPropertyNotFound(self.dbus_object_path + ":"
649
+ interface_name + "."
650
+ property_name)
651
652
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ss",
653
out_signature="v")
654
def Get(self, interface_name, property_name):
655
"""Standard D-Bus property Get() method, see D-Bus standard.
656
"""
657
prop = self._get_dbus_property(interface_name, property_name)
658
if prop._dbus_access == "write":
659
raise DBusPropertyAccessException(property_name)
660
value = prop()
661
if not hasattr(value, "variant_level"):
662
return value
663
return type(value)(value, variant_level=value.variant_level+1)
664
665
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ssv")
666
def Set(self, interface_name, property_name, value):
667
"""Standard D-Bus property Set() method, see D-Bus standard.
668
"""
669
prop = self._get_dbus_property(interface_name, property_name)
670
if prop._dbus_access == "read":
671
raise DBusPropertyAccessException(property_name)
672
if prop._dbus_get_args_options["byte_arrays"]:
673
# The byte_arrays option is not supported yet on
674
# signatures other than "ay".
675
if prop._dbus_signature != "ay":
676
raise ValueError
677
value = dbus.ByteArray(''.join(unichr(byte)
678
for byte in value))
679
prop(value)
680
681
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="s",
682
out_signature="a{sv}")
683
def GetAll(self, interface_name):
684
"""Standard D-Bus property GetAll() method, see D-Bus
685
standard.
686
687
Note: Will not include properties with access="write".
688
"""
689
all = {}
690
for name, prop in self._get_all_dbus_properties():
691
if (interface_name
692
and interface_name != prop._dbus_interface):
693
# Interface non-empty but did not match
694
continue
695
# Ignore write-only properties
696
if prop._dbus_access == "write":
697
continue
698
value = prop()
699
if not hasattr(value, "variant_level"):
700
all[name] = value
701
continue
702
all[name] = type(value)(value, variant_level=
703
value.variant_level+1)
704
return dbus.Dictionary(all, signature="sv")
705
706
@dbus.service.method(dbus.INTROSPECTABLE_IFACE,
707
out_signature="s",
708
path_keyword='object_path',
709
connection_keyword='connection')
710
def Introspect(self, object_path, connection):
711
"""Standard D-Bus method, overloaded to insert property tags.
712
"""
713
xmlstring = dbus.service.Object.Introspect(self, object_path,
714
connection)
715
try:
716
document = xml.dom.minidom.parseString(xmlstring)
717
def make_tag(document, name, prop):
718
e = document.createElement("property")
719
e.setAttribute("name", name)
720
e.setAttribute("type", prop._dbus_signature)
721
e.setAttribute("access", prop._dbus_access)
722
return e
723
for if_tag in document.getElementsByTagName("interface"):
724
for tag in (make_tag(document, name, prop)
725
for name, prop
726
in self._get_all_dbus_properties()
727
if prop._dbus_interface
728
== if_tag.getAttribute("name")):
729
if_tag.appendChild(tag)
730
# Add the names to the return values for the
731
# "org.freedesktop.DBus.Properties" methods
732
if (if_tag.getAttribute("name")
733
== "org.freedesktop.DBus.Properties"):
734
for cn in if_tag.getElementsByTagName("method"):
735
if cn.getAttribute("name") == "Get":
736
for arg in cn.getElementsByTagName("arg"):
737
if (arg.getAttribute("direction")
738
== "out"):
739
arg.setAttribute("name", "value")
740
elif cn.getAttribute("name") == "GetAll":
741
for arg in cn.getElementsByTagName("arg"):
742
if (arg.getAttribute("direction")
743
== "out"):
744
arg.setAttribute("name", "props")
745
xmlstring = document.toxml("utf-8")
746
document.unlink()
747
except (AttributeError, xml.dom.DOMException,
748
xml.parsers.expat.ExpatError) as error:
749
logger.error("Failed to override Introspection method",
750
error)
751
return xmlstring
752
753
754
def datetime_to_dbus (dt, variant_level=0):
755
"""Convert a UTC datetime.datetime() to a D-Bus type."""
756
if dt is None:
757
return dbus.String("", variant_level = variant_level)
758
return dbus.String(dt.isoformat(),
759
variant_level=variant_level)
760
761
762
class ClientDBus(Client, DBusObjectWithProperties):
763
"""A Client class using D-Bus
764
765
Attributes:
766
dbus_object_path: dbus.ObjectPath
767
bus: dbus.SystemBus()
768
"""
769
770
runtime_expansions = (Client.runtime_expansions
771
+ ("dbus_object_path",))
772
773
# dbus.service.Object doesn't use super(), so we can't either.
774
775
def __init__(self, bus = None, *args, **kwargs):
776
self._approvals_pending = 0
777
self.bus = bus
778
Client.__init__(self, *args, **kwargs)
779
# Only now, when this client is initialized, can it show up on
780
# the D-Bus
781
client_object_name = unicode(self.name).translate(
782
{ord("."): ord("_"),
783
ord("-"): ord("_")})
784
self.dbus_object_path = (dbus.ObjectPath
785
("/clients/" + client_object_name))
786
DBusObjectWithProperties.__init__(self, self.bus,
787
self.dbus_object_path)
788
789
def notifychangeproperty(transform_func,
790
dbus_name, type_func=lambda x: x,
791
variant_level=1):
792
""" Modify a variable so that its a property that announce its
793
changes to DBus.
794
transform_fun: Function that takes a value and transform it to
795
DBus type.
796
dbus_name: DBus name of the variable
797
type_func: Function that transform the value before sending it
798
to DBus
799
variant_level: DBus variant level. default: 1
800
"""
801
real_value = [None,]
802
def setter(self, value):
803
old_value = real_value[0]
804
real_value[0] = value
805
if hasattr(self, "dbus_object_path"):
806
if type_func(old_value) != type_func(real_value[0]):
807
dbus_value = transform_func(type_func(real_value[0]),
808
variant_level)
809
self.PropertyChanged(dbus.String(dbus_name),
810
dbus_value)
811
812
return property(lambda self: real_value[0], setter)
813
814
815
expires = notifychangeproperty(datetime_to_dbus, "Expires")
816
approvals_pending = notifychangeproperty(dbus.Boolean,
817
"ApprovalPending",
818
type_func = bool)
819
enabled = notifychangeproperty(dbus.Boolean, "Enabled")
820
last_enabled = notifychangeproperty(datetime_to_dbus,
821
"LastEnabled")
822
checker = notifychangeproperty(dbus.Boolean, "CheckerRunning",
823
type_func = lambda checker: checker is not None)
824
last_checked_ok = notifychangeproperty(datetime_to_dbus,
825
"LastCheckedOK")
826
last_approval_request = notifychangeproperty(datetime_to_dbus,
827
"LastApprovalRequest")
828
approved_by_default = notifychangeproperty(dbus.Boolean,
829
"ApprovedByDefault")
830
approval_delay = notifychangeproperty(dbus.UInt16, "ApprovalDelay",
831
type_func = _timedelta_to_milliseconds)
832
approval_duration = notifychangeproperty(dbus.UInt16, "ApprovalDuration",
833
type_func = _timedelta_to_milliseconds)
834
host = notifychangeproperty(dbus.String, "Host")
835
timeout = notifychangeproperty(dbus.UInt16, "Timeout",
836
type_func = _timedelta_to_milliseconds)
837
extended_timeout = notifychangeproperty(dbus.UInt16, "ExtendedTimeout",
838
type_func = _timedelta_to_milliseconds)
839
interval = notifychangeproperty(dbus.UInt16, "Interval",
840
type_func = _timedelta_to_milliseconds)
841
checker_command = notifychangeproperty(dbus.String, "Checker")
842
843
del notifychangeproperty
844
845
def __del__(self, *args, **kwargs):
846
try:
847
self.remove_from_connection()
848
except LookupError:
849
pass
850
if hasattr(DBusObjectWithProperties, "__del__"):
851
DBusObjectWithProperties.__del__(self, *args, **kwargs)
852
Client.__del__(self, *args, **kwargs)
853
854
def checker_callback(self, pid, condition, command,
855
*args, **kwargs):
856
self.checker_callback_tag = None
857
self.checker = None
858
if os.WIFEXITED(condition):
859
exitstatus = os.WEXITSTATUS(condition)
860
# Emit D-Bus signal
861
self.CheckerCompleted(dbus.Int16(exitstatus),
862
dbus.Int64(condition),
863
dbus.String(command))
864
else:
865
# Emit D-Bus signal
866
self.CheckerCompleted(dbus.Int16(-1),
867
dbus.Int64(condition),
868
dbus.String(command))
869
870
return Client.checker_callback(self, pid, condition, command,
871
*args, **kwargs)
872
873
def start_checker(self, *args, **kwargs):
874
old_checker = self.checker
875
if self.checker is not None:
876
old_checker_pid = self.checker.pid
877
else:
878
old_checker_pid = None
879
r = Client.start_checker(self, *args, **kwargs)
880
# Only if new checker process was started
881
if (self.checker is not None
882
and old_checker_pid != self.checker.pid):
883
# Emit D-Bus signal
884
self.CheckerStarted(self.current_checker_command)
885
return r
886
887
def _reset_approved(self):
888
self._approved = None
889
return False
890
891
def approve(self, value=True):
892
self.send_changedstate()
893
self._approved = value
894
gobject.timeout_add(_timedelta_to_milliseconds
895
(self.approval_duration),
896
self._reset_approved)
897
898
899
## D-Bus methods, signals & properties
900
_interface = "se.bsnet.fukt.Mandos.Client"
901
902
## Signals
903
904
# CheckerCompleted - signal
905
@dbus.service.signal(_interface, signature="nxs")
906
def CheckerCompleted(self, exitcode, waitstatus, command):
907
"D-Bus signal"
908
pass
909
910
# CheckerStarted - signal
911
@dbus.service.signal(_interface, signature="s")
912
def CheckerStarted(self, command):
913
"D-Bus signal"
914
pass
915
916
# PropertyChanged - signal
917
@dbus.service.signal(_interface, signature="sv")
918
def PropertyChanged(self, property, value):
919
"D-Bus signal"
920
pass
921
922
# GotSecret - signal
923
@dbus.service.signal(_interface)
924
def GotSecret(self):
925
"""D-Bus signal
926
Is sent after a successful transfer of secret from the Mandos
927
server to mandos-client
928
"""
929
pass
930
931
# Rejected - signal
932
@dbus.service.signal(_interface, signature="s")
933
def Rejected(self, reason):
934
"D-Bus signal"
935
pass
936
937
# NeedApproval - signal
938
@dbus.service.signal(_interface, signature="tb")
939
def NeedApproval(self, timeout, default):
940
"D-Bus signal"
941
return self.need_approval()
942
943
## Methods
944
945
# Approve - method
946
@dbus.service.method(_interface, in_signature="b")
947
def Approve(self, value):
948
self.approve(value)
949
950
# CheckedOK - method
951
@dbus.service.method(_interface)
952
def CheckedOK(self):
953
self.checked_ok()
954
955
# Enable - method
956
@dbus.service.method(_interface)
957
def Enable(self):
958
"D-Bus method"
959
self.enable()
960
961
# StartChecker - method
962
@dbus.service.method(_interface)
963
def StartChecker(self):
964
"D-Bus method"
965
self.start_checker()
966
967
# Disable - method
968
@dbus.service.method(_interface)
969
def Disable(self):
970
"D-Bus method"
971
self.disable()
972
973
# StopChecker - method
974
@dbus.service.method(_interface)
975
def StopChecker(self):
976
self.stop_checker()
977
978
## Properties
979
980
# ApprovalPending - property
981
@dbus_service_property(_interface, signature="b", access="read")
982
def ApprovalPending_dbus_property(self):
983
return dbus.Boolean(bool(self.approvals_pending))
984
985
# ApprovedByDefault - property
986
@dbus_service_property(_interface, signature="b",
987
access="readwrite")
988
def ApprovedByDefault_dbus_property(self, value=None):
989
if value is None: # get
990
return dbus.Boolean(self.approved_by_default)
991
self.approved_by_default = bool(value)
992
993
# ApprovalDelay - property
994
@dbus_service_property(_interface, signature="t",
995
access="readwrite")
996
def ApprovalDelay_dbus_property(self, value=None):
997
if value is None: # get
998
return dbus.UInt64(self.approval_delay_milliseconds())
999
self.approval_delay = datetime.timedelta(0, 0, 0, value)
1000
1001
# ApprovalDuration - property
1002
@dbus_service_property(_interface, signature="t",
1003
access="readwrite")
1004
def ApprovalDuration_dbus_property(self, value=None):
1005
if value is None: # get
1006
return dbus.UInt64(_timedelta_to_milliseconds(
1007
self.approval_duration))
1008
self.approval_duration = datetime.timedelta(0, 0, 0, value)
1009
1010
# Name - property
1011
@dbus_service_property(_interface, signature="s", access="read")
1012
def Name_dbus_property(self):
1013
return dbus.String(self.name)
1014
1015
# Fingerprint - property
1016
@dbus_service_property(_interface, signature="s", access="read")
1017
def Fingerprint_dbus_property(self):
1018
return dbus.String(self.fingerprint)
1019
1020
# Host - property
1021
@dbus_service_property(_interface, signature="s",
1022
access="readwrite")
1023
def Host_dbus_property(self, value=None):
1024
if value is None: # get
1025
return dbus.String(self.host)
1026
self.host = value
1027
1028
# Created - property
1029
@dbus_service_property(_interface, signature="s", access="read")
1030
def Created_dbus_property(self):
1031
return dbus.String(datetime_to_dbus(self.created))
1032
1033
# LastEnabled - property
1034
@dbus_service_property(_interface, signature="s", access="read")
1035
def LastEnabled_dbus_property(self):
1036
return datetime_to_dbus(self.last_enabled)
1037
1038
# Enabled - property
1039
@dbus_service_property(_interface, signature="b",
1040
access="readwrite")
1041
def Enabled_dbus_property(self, value=None):
1042
if value is None: # get
1043
return dbus.Boolean(self.enabled)
1044
if value:
1045
self.enable()
1046
else:
1047
self.disable()
1048
1049
# LastCheckedOK - property
1050
@dbus_service_property(_interface, signature="s",
1051
access="readwrite")
1052
def LastCheckedOK_dbus_property(self, value=None):
1053
if value is not None:
1054
self.checked_ok()
1055
return
1056
return datetime_to_dbus(self.last_checked_ok)
1057
1058
# Expires - property
1059
@dbus_service_property(_interface, signature="s", access="read")
1060
def Expires_dbus_property(self):
1061
return datetime_to_dbus(self.expires)
1062
1063
# LastApprovalRequest - property
1064
@dbus_service_property(_interface, signature="s", access="read")
1065
def LastApprovalRequest_dbus_property(self):
1066
return datetime_to_dbus(self.last_approval_request)
1067
1068
# Timeout - property
1069
@dbus_service_property(_interface, signature="t",
1070
access="readwrite")
1071
def Timeout_dbus_property(self, value=None):
1072
if value is None: # get
1073
return dbus.UInt64(self.timeout_milliseconds())
1074
self.timeout = datetime.timedelta(0, 0, 0, value)
1075
if getattr(self, "disable_initiator_tag", None) is None:
1076
return
1077
# Reschedule timeout
1078
gobject.source_remove(self.disable_initiator_tag)
1079
self.disable_initiator_tag = None
1080
self.expires = None
1081
time_to_die = (self.
1082
_timedelta_to_milliseconds((self
1083
.last_checked_ok
1084
+ self.timeout)
1085
- datetime.datetime
1086
.utcnow()))
1087
if time_to_die <= 0:
1088
# The timeout has passed
1089
self.disable()
1090
else:
1091
self.expires = (datetime.datetime.utcnow()
1092
+ datetime.timedelta(milliseconds = time_to_die))
1093
self.disable_initiator_tag = (gobject.timeout_add
1094
(time_to_die, self.disable))
1095
1096
# ExtendedTimeout - property
1097
@dbus_service_property(_interface, signature="t",
1098
access="readwrite")
1099
def ExtendedTimeout_dbus_property(self, value=None):
1100
if value is None: # get
1101
return dbus.UInt64(self.extended_timeout_milliseconds())
1102
self.extended_timeout = datetime.timedelta(0, 0, 0, value)
1103
1104
# Interval - property
1105
@dbus_service_property(_interface, signature="t",
1106
access="readwrite")
1107
def Interval_dbus_property(self, value=None):
1108
if value is None: # get
1109
return dbus.UInt64(self.interval_milliseconds())
1110
self.interval = datetime.timedelta(0, 0, 0, value)
1111
if getattr(self, "checker_initiator_tag", None) is None:
1112
return
1113
# Reschedule checker run
1114
gobject.source_remove(self.checker_initiator_tag)
1115
self.checker_initiator_tag = (gobject.timeout_add
1116
(value, self.start_checker))
1117
self.start_checker() # Start one now, too
1118
1119
# Checker - property
1120
@dbus_service_property(_interface, signature="s",
1121
access="readwrite")
1122
def Checker_dbus_property(self, value=None):
1123
if value is None: # get
1124
return dbus.String(self.checker_command)
1125
self.checker_command = value
1126
1127
# CheckerRunning - property
1128
@dbus_service_property(_interface, signature="b",
1129
access="readwrite")
1130
def CheckerRunning_dbus_property(self, value=None):
1131
if value is None: # get
1132
return dbus.Boolean(self.checker is not None)
1133
if value:
1134
self.start_checker()
1135
else:
1136
self.stop_checker()
1137
1138
# ObjectPath - property
1139
@dbus_service_property(_interface, signature="o", access="read")
1140
def ObjectPath_dbus_property(self):
1141
return self.dbus_object_path # is already a dbus.ObjectPath
1142
1143
# Secret = property
1144
@dbus_service_property(_interface, signature="ay",
1145
access="write", byte_arrays=True)
1146
def Secret_dbus_property(self, value):
1147
self.secret = str(value)
1148
1149
del _interface
1150
1151
1152
class ProxyClient(object):
1153
def __init__(self, child_pipe, fpr, address):
1154
self._pipe = child_pipe
1155
self._pipe.send(('init', fpr, address))
1156
if not self._pipe.recv():
1157
raise KeyError()
1158
1159
def __getattribute__(self, name):
1160
if(name == '_pipe'):
1161
return super(ProxyClient, self).__getattribute__(name)
1162
self._pipe.send(('getattr', name))
1163
data = self._pipe.recv()
1164
if data[0] == 'data':
1165
return data[1]
1166
if data[0] == 'function':
1167
def func(*args, **kwargs):
1168
self._pipe.send(('funcall', name, args, kwargs))
1169
return self._pipe.recv()[1]
1170
return func
1171
1172
def __setattr__(self, name, value):
1173
if(name == '_pipe'):
1174
return super(ProxyClient, self).__setattr__(name, value)
1175
self._pipe.send(('setattr', name, value))
1176
1177
1178
class ClientHandler(socketserver.BaseRequestHandler, object):
1179
"""A class to handle client connections.
1180
1181
Instantiated once for each connection to handle it.
307
def still_valid(self, now=None):
308
"""Has the timeout not yet passed for this client?"""
309
if now is None:
310
now = datetime.datetime.now()
311
if self.last_seen is None:
312
return now < (self.created + self.timeout)
313
else:
314
return now < (self.last_seen + self.timeout)
315
316
317
def peer_certificate(session):
318
"Return the peer's OpenPGP certificate as a bytestring"
319
# If not an OpenPGP certificate...
320
if gnutls.library.functions.gnutls_certificate_type_get\
321
(session._c_object) \
322
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP:
323
# ...do the normal thing
324
return session.peer_certificate
325
list_size = ctypes.c_uint()
326
cert_list = gnutls.library.functions.gnutls_certificate_get_peers\
327
(session._c_object, ctypes.byref(list_size))
328
if list_size.value == 0:
329
return None
330
cert = cert_list[0]
331
return ctypes.string_at(cert.data, cert.size)
332
333
334
def fingerprint(openpgp):
335
"Convert an OpenPGP bytestring to a hexdigit fingerprint string"
336
# New empty GnuTLS certificate
337
crt = gnutls.library.types.gnutls_openpgp_crt_t()
338
gnutls.library.functions.gnutls_openpgp_crt_init\
339
(ctypes.byref(crt))
340
# New GnuTLS "datum" with the OpenPGP public key
341
datum = gnutls.library.types.gnutls_datum_t\
342
(ctypes.cast(ctypes.c_char_p(openpgp),
343
ctypes.POINTER(ctypes.c_ubyte)),
344
ctypes.c_uint(len(openpgp)))
345
# Import the OpenPGP public key into the certificate
346
ret = gnutls.library.functions.gnutls_openpgp_crt_import\
347
(crt,
348
ctypes.byref(datum),
349
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
350
# New buffer for the fingerprint
351
buffer = ctypes.create_string_buffer(20)
352
buffer_length = ctypes.c_size_t()
353
# Get the fingerprint from the certificate into the buffer
354
gnutls.library.functions.gnutls_openpgp_crt_get_fingerprint\
355
(crt, ctypes.byref(buffer), ctypes.byref(buffer_length))
356
# Deinit the certificate
357
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
358
# Convert the buffer to a Python bytestring
359
fpr = ctypes.string_at(buffer, buffer_length.value)
360
# Convert the bytestring to hexadecimal notation
361
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
362
return hex_fpr
363
364
365
class tcp_handler(SocketServer.BaseRequestHandler, object):
366
"""A TCP request handler class.
367
Instantiated by IPv6_TCPServer for each request to handle it.
1182
368
Note: This will run in its own forked process."""
1183
369
1184
370
def handle(self):
1185
with contextlib.closing(self.server.child_pipe) as child_pipe:
1186
logger.info("TCP connection from: %s",
1187
unicode(self.client_address))
1188
logger.debug("Pipe FD: %d",
1189
self.server.child_pipe.fileno())
1190
1191
session = (gnutls.connection
1192
.ClientSession(self.request,
1193
gnutls.connection
1194
.X509Credentials()))
1195
1196
# Note: gnutls.connection.X509Credentials is really a
1197
# generic GnuTLS certificate credentials object so long as
1198
# no X.509 keys are added to it. Therefore, we can use it
1199
# here despite using OpenPGP certificates.
1200
1201
#priority = ':'.join(("NONE", "+VERS-TLS1.1",
1202
# "+AES-256-CBC", "+SHA1",
1203
# "+COMP-NULL", "+CTYPE-OPENPGP",
1204
# "+DHE-DSS"))
1205
# Use a fallback default, since this MUST be set.
1206
priority = self.server.gnutls_priority
1207
if priority is None:
1208
priority = "NORMAL"
1209
(gnutls.library.functions
1210
.gnutls_priority_set_direct(session._c_object,
1211
priority, None))
1212
1213
# Start communication using the Mandos protocol
1214
# Get protocol number
1215
line = self.request.makefile().readline()
1216
logger.debug("Protocol version: %r", line)
1217
try:
1218
if int(line.strip().split()[0]) > 1:
1219
raise RuntimeError
1220
except (ValueError, IndexError, RuntimeError) as error:
1221
logger.error("Unknown protocol version: %s", error)
1222
return
1223
1224
# Start GnuTLS connection
1225
try:
1226
session.handshake()
1227
except gnutls.errors.GNUTLSError as error:
1228
logger.warning("Handshake failed: %s", error)
1229
# Do not run session.bye() here: the session is not
1230
# established. Just abandon the request.
1231
return
1232
logger.debug("Handshake succeeded")
1233
1234
approval_required = False
1235
try:
1236
try:
1237
fpr = self.fingerprint(self.peer_certificate
1238
(session))
1239
except (TypeError,
1240
gnutls.errors.GNUTLSError) as error:
1241
logger.warning("Bad certificate: %s", error)
1242
return
1243
logger.debug("Fingerprint: %s", fpr)
1244
1245
try:
1246
client = ProxyClient(child_pipe, fpr,
1247
self.client_address)
1248
except KeyError:
1249
return
1250
1251
if client.approval_delay:
1252
delay = client.approval_delay
1253
client.approvals_pending += 1
1254
approval_required = True
1255
1256
while True:
1257
if not client.enabled:
1258
logger.info("Client %s is disabled",
1259
client.name)
1260
if self.server.use_dbus:
1261
# Emit D-Bus signal
1262
client.Rejected("Disabled")
1263
return
1264
1265
if client._approved or not client.approval_delay:
1266
#We are approved or approval is disabled
1267
break
1268
elif client._approved is None:
1269
logger.info("Client %s needs approval",
1270
client.name)
1271
if self.server.use_dbus:
1272
# Emit D-Bus signal
1273
client.NeedApproval(
1274
client.approval_delay_milliseconds(),
1275
client.approved_by_default)
1276
else:
1277
logger.warning("Client %s was not approved",
1278
client.name)
1279
if self.server.use_dbus:
1280
# Emit D-Bus signal
1281
client.Rejected("Denied")
1282
return
1283
1284
#wait until timeout or approved
1285
#x = float(client._timedelta_to_milliseconds(delay))
1286
time = datetime.datetime.now()
1287
client.changedstate.acquire()
1288
client.changedstate.wait(float(client._timedelta_to_milliseconds(delay) / 1000))
1289
client.changedstate.release()
1290
time2 = datetime.datetime.now()
1291
if (time2 - time) >= delay:
1292
if not client.approved_by_default:
1293
logger.warning("Client %s timed out while"
1294
" waiting for approval",
1295
client.name)
1296
if self.server.use_dbus:
1297
# Emit D-Bus signal
1298
client.Rejected("Approval timed out")
1299
return
1300
else:
1301
break
1302
else:
1303
delay -= time2 - time
1304
1305
sent_size = 0
1306
while sent_size < len(client.secret):
1307
try:
1308
sent = session.send(client.secret[sent_size:])
1309
except gnutls.errors.GNUTLSError as error:
1310
logger.warning("gnutls send failed")
1311
return
1312
logger.debug("Sent: %d, remaining: %d",
1313
sent, len(client.secret)
1314
- (sent_size + sent))
1315
sent_size += sent
1316
1317
logger.info("Sending secret to %s", client.name)
1318
# bump the timeout as if seen
1319
client.checked_ok(client.extended_timeout)
1320
if self.server.use_dbus:
1321
# Emit D-Bus signal
1322
client.GotSecret()
1323
1324
finally:
1325
if approval_required:
1326
client.approvals_pending -= 1
1327
try:
1328
session.bye()
1329
except gnutls.errors.GNUTLSError as error:
1330
logger.warning("GnuTLS bye failed")
1331
1332
@staticmethod
1333
def peer_certificate(session):
1334
"Return the peer's OpenPGP certificate as a bytestring"
1335
# If not an OpenPGP certificate...
1336
if (gnutls.library.functions
1337
.gnutls_certificate_type_get(session._c_object)
1338
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
1339
# ...do the normal thing
1340
return session.peer_certificate
1341
list_size = ctypes.c_uint(1)
1342
cert_list = (gnutls.library.functions
1343
.gnutls_certificate_get_peers
1344
(session._c_object, ctypes.byref(list_size)))
1345
if not bool(cert_list) and list_size.value != 0:
1346
raise gnutls.errors.GNUTLSError("error getting peer"
1347
" certificate")
1348
if list_size.value == 0:
1349
return None
1350
cert = cert_list[0]
1351
return ctypes.string_at(cert.data, cert.size)
1352
1353
@staticmethod
1354
def fingerprint(openpgp):
1355
"Convert an OpenPGP bytestring to a hexdigit fingerprint"
1356
# New GnuTLS "datum" with the OpenPGP public key
1357
datum = (gnutls.library.types
1358
.gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
1359
ctypes.POINTER
1360
(ctypes.c_ubyte)),
1361
ctypes.c_uint(len(openpgp))))
1362
# New empty GnuTLS certificate
1363
crt = gnutls.library.types.gnutls_openpgp_crt_t()
1364
(gnutls.library.functions
1365
.gnutls_openpgp_crt_init(ctypes.byref(crt)))
1366
# Import the OpenPGP public key into the certificate
1367
(gnutls.library.functions
1368
.gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
1369
gnutls.library.constants
1370
.GNUTLS_OPENPGP_FMT_RAW))
1371
# Verify the self signature in the key
1372
crtverify = ctypes.c_uint()
1373
(gnutls.library.functions
1374
.gnutls_openpgp_crt_verify_self(crt, 0,
1375
ctypes.byref(crtverify)))
1376
if crtverify.value != 0:
1377
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1378
raise (gnutls.errors.CertificateSecurityError
1379
("Verify failed"))
1380
# New buffer for the fingerprint
1381
buf = ctypes.create_string_buffer(20)
1382
buf_len = ctypes.c_size_t()
1383
# Get the fingerprint from the certificate into the buffer
1384
(gnutls.library.functions
1385
.gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
1386
ctypes.byref(buf_len)))
1387
# Deinit the certificate
1388
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1389
# Convert the buffer to a Python bytestring
1390
fpr = ctypes.string_at(buf, buf_len.value)
1391
# Convert the bytestring to hexadecimal notation
1392
hex_fpr = ''.join("%02X" % ord(char) for char in fpr)
1393
return hex_fpr
1394
1395
1396
class MultiprocessingMixIn(object):
1397
"""Like socketserver.ThreadingMixIn, but with multiprocessing"""
1398
def sub_process_main(self, request, address):
1399
try:
1400
self.finish_request(request, address)
1401
except:
1402
self.handle_error(request, address)
1403
self.close_request(request)
1404
1405
def process_request(self, request, address):
1406
"""Start a new process to process the request."""
1407
multiprocessing.Process(target = self.sub_process_main,
1408
args = (request, address)).start()
1409
1410
1411
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1412
""" adds a pipe to the MixIn """
1413
def process_request(self, request, client_address):
1414
"""Overrides and wraps the original process_request().
1415
1416
This function creates a new pipe in self.pipe
1417
"""
1418
parent_pipe, self.child_pipe = multiprocessing.Pipe()
1419
1420
super(MultiprocessingMixInWithPipe,
1421
self).process_request(request, client_address)
1422
self.child_pipe.close()
1423
self.add_pipe(parent_pipe)
1424
1425
def add_pipe(self, parent_pipe):
1426
"""Dummy function; override as necessary"""
1427
raise NotImplementedError
1428
1429
1430
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
1431
socketserver.TCPServer, object):
1432
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
1433
371
logger.debug(u"TCP connection from: %s",
372
unicode(self.client_address))
373
session = gnutls.connection.ClientSession(self.request,
374
gnutls.connection.\
375
X509Credentials())
376
377
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
378
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
379
# "+DHE-DSS"))
380
priority = "SECURE256"
381
382
gnutls.library.functions.gnutls_priority_set_direct\
383
(session._c_object, priority, None);
384
385
try:
386
session.handshake()
387
except gnutls.errors.GNUTLSError, error:
388
logger.debug(u"Handshake failed: %s", error)
389
# Do not run session.bye() here: the session is not
390
# established. Just abandon the request.
391
return
392
try:
393
fpr = fingerprint(peer_certificate(session))
394
except (TypeError, gnutls.errors.GNUTLSError), error:
395
logger.debug(u"Bad certificate: %s", error)
396
session.bye()
397
return
398
logger.debug(u"Fingerprint: %s", fpr)
399
client = None
400
for c in self.server.clients:
401
if c.fingerprint == fpr:
402
client = c
403
break
404
# Have to check if client.still_valid(), since it is possible
405
# that the client timed out while establishing the GnuTLS
406
# session.
407
if (not client) or (not client.still_valid()):
408
if client:
409
logger.debug(u"Client %(name)s is invalid",
410
vars(client))
411
else:
412
logger.debug(u"Client not found for fingerprint: %s",
413
fpr)
414
session.bye()
415
return
416
sent_size = 0
417
while sent_size < len(client.secret):
418
sent = session.send(client.secret[sent_size:])
419
logger.debug(u"Sent: %d, remaining: %d",
420
sent, len(client.secret)
421
- (sent_size + sent))
422
sent_size += sent
423
session.bye()
424
425
426
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
427
"""IPv6 TCP server. Accepts 'None' as address and/or port.
1434
428
Attributes:
1435
enabled: Boolean; whether this server is activated yet
1436
interface: None or a network interface name (string)
1437
use_ipv6: Boolean; to use IPv6 or not
429
options: Command line options
430
clients: Set() of Client objects
1438
431
"""
1439
def __init__(self, server_address, RequestHandlerClass,
1440
interface=None, use_ipv6=True):
1441
self.interface = interface
1442
if use_ipv6:
1443
self.address_family = socket.AF_INET6
1444
socketserver.TCPServer.__init__(self, server_address,
1445
RequestHandlerClass)
432
address_family = socket.AF_INET6
433
def __init__(self, *args, **kwargs):
434
if "options" in kwargs:
435
self.options = kwargs["options"]
436
del kwargs["options"]
437
if "clients" in kwargs:
438
self.clients = kwargs["clients"]
439
del kwargs["clients"]
440
return super(type(self), self).__init__(*args, **kwargs)
1446
441
def server_bind(self):
1447
442
"""This overrides the normal server_bind() function
1448
443
to bind to an interface if one was specified, and also NOT to
1449
444
bind to an address or port if they were not specified."""
1450
if self.interface is not None:
1451
if SO_BINDTODEVICE is None:
1452
logger.error("SO_BINDTODEVICE does not exist;"
1453
" cannot bind to interface %s",
1454
self.interface)
1455
else:
1456
try:
1457
self.socket.setsockopt(socket.SOL_SOCKET,
1458
SO_BINDTODEVICE,
1459
str(self.interface
1460
+ '\0'))
1461
except socket.error as error:
1462
if error[0] == errno.EPERM:
1463
logger.error("No permission to"
1464
" bind to interface %s",
1465
self.interface)
1466
elif error[0] == errno.ENOPROTOOPT:
1467
logger.error("SO_BINDTODEVICE not available;"
1468
" cannot bind to interface %s",
1469
self.interface)
1470
else:
1471
raise
445
if self.options.interface:
446
if not hasattr(socket, "SO_BINDTODEVICE"):
447
# From /usr/include/asm-i486/socket.h
448
socket.SO_BINDTODEVICE = 25
449
try:
450
self.socket.setsockopt(socket.SOL_SOCKET,
451
socket.SO_BINDTODEVICE,
452
self.options.interface)
453
except socket.error, error:
454
if error[0] == errno.EPERM:
455
logger.warning(u"No permission to"
456
u" bind to interface %s",
457
self.options.interface)
458
else:
459
raise error
1472
460
# Only bind(2) the socket if we really need to.
1473
461
if self.server_address[0] or self.server_address[1]:
1474
462
if not self.server_address[0]:
1475
if self.address_family == socket.AF_INET6:
1476
any_address = "::" # in6addr_any
1477
else:
1478
any_address = socket.INADDR_ANY
1479
self.server_address = (any_address,
463
in6addr_any = "::"
464
self.server_address = (in6addr_any,
1480
465
self.server_address[1])
1481
elif not self.server_address[1]:
466
elif self.server_address[1] is None:
1482
467
self.server_address = (self.server_address[0],
1483
468
0)
1484
# if self.interface:
1485
# self.server_address = (self.server_address[0],
1486
# 0, # port
1487
# 0, # flowinfo
1488
# if_nametoindex
1489
# (self.interface))
1490
return socketserver.TCPServer.server_bind(self)
1491
1492
1493
class MandosServer(IPv6_TCPServer):
1494
"""Mandos server.
1495
1496
Attributes:
1497
clients: set of Client objects
1498
gnutls_priority GnuTLS priority string
1499
use_dbus: Boolean; to emit D-Bus signals or not
1500
1501
Assumes a gobject.MainLoop event loop.
1502
"""
1503
def __init__(self, server_address, RequestHandlerClass,
1504
interface=None, use_ipv6=True, clients=None,
1505
gnutls_priority=None, use_dbus=True):
1506
self.enabled = False
1507
self.clients = clients
1508
if self.clients is None:
1509
self.clients = set()
1510
self.use_dbus = use_dbus
1511
self.gnutls_priority = gnutls_priority
1512
IPv6_TCPServer.__init__(self, server_address,
1513
RequestHandlerClass,
1514
interface = interface,
1515
use_ipv6 = use_ipv6)
1516
def server_activate(self):
1517
if self.enabled:
1518
return socketserver.TCPServer.server_activate(self)
1519
def enable(self):
1520
self.enabled = True
1521
def add_pipe(self, parent_pipe):
1522
# Call "handle_ipc" for both data and EOF events
1523
gobject.io_add_watch(parent_pipe.fileno(),
1524
gobject.IO_IN | gobject.IO_HUP,
1525
functools.partial(self.handle_ipc,
1526
parent_pipe = parent_pipe))
1527
1528
def handle_ipc(self, source, condition, parent_pipe=None,
1529
client_object=None):
1530
condition_names = {
1531
gobject.IO_IN: "IN", # There is data to read.
1532
gobject.IO_OUT: "OUT", # Data can be written (without
1533
# blocking).
1534
gobject.IO_PRI: "PRI", # There is urgent data to read.
1535
gobject.IO_ERR: "ERR", # Error condition.
1536
gobject.IO_HUP: "HUP" # Hung up (the connection has been
1537
# broken, usually for pipes and
1538
# sockets).
1539
}
1540
conditions_string = ' | '.join(name
1541
for cond, name in
1542
condition_names.iteritems()
1543
if cond & condition)
1544
# error or the other end of multiprocessing.Pipe has closed
1545
if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1546
return False
1547
1548
# Read a request from the child
1549
request = parent_pipe.recv()
1550
command = request[0]
1551
1552
if command == 'init':
1553
fpr = request[1]
1554
address = request[2]
1555
1556
for c in self.clients:
1557
if c.fingerprint == fpr:
1558
client = c
1559
break
1560
else:
1561
logger.info("Client not found for fingerprint: %s, ad"
1562
"dress: %s", fpr, address)
1563
if self.use_dbus:
1564
# Emit D-Bus signal
1565
mandos_dbus_service.ClientNotFound(fpr, address[0])
1566
parent_pipe.send(False)
1567
return False
1568
1569
gobject.io_add_watch(parent_pipe.fileno(),
1570
gobject.IO_IN | gobject.IO_HUP,
1571
functools.partial(self.handle_ipc,
1572
parent_pipe = parent_pipe,
1573
client_object = client))
1574
parent_pipe.send(True)
1575
# remove the old hook in favor of the new above hook on same fileno
1576
return False
1577
if command == 'funcall':
1578
funcname = request[1]
1579
args = request[2]
1580
kwargs = request[3]
1581
1582
parent_pipe.send(('data', getattr(client_object, funcname)(*args, **kwargs)))
1583
1584
if command == 'getattr':
1585
attrname = request[1]
1586
if callable(client_object.__getattribute__(attrname)):
1587
parent_pipe.send(('function',))
1588
else:
1589
parent_pipe.send(('data', client_object.__getattribute__(attrname)))
1590
1591
if command == 'setattr':
1592
attrname = request[1]
1593
value = request[2]
1594
setattr(client_object, attrname, value)
1595
1596
return True
469
return super(type(self), self).server_bind()
1597
470
1598
471
1599
472
def string_to_delta(interval):
1600
473
"""Parse a string and return a datetime.timedelta
1601
474
1602
475
>>> string_to_delta('7d')
1603
476
datetime.timedelta(7)
1604
477
>>> string_to_delta('60s')
1607
480
datetime.timedelta(0, 3600)
1608
481
>>> string_to_delta('24h')
1609
482
datetime.timedelta(1)
1610
>>> string_to_delta('1w')
483
>>> string_to_delta(u'1w')
1611
484
datetime.timedelta(7)
1612
>>> string_to_delta('5m 30s')
1613
datetime.timedelta(0, 330)
1614
485
"""
1615
timevalue = datetime.timedelta(0)
1616
for s in interval.split():
1617
try:
1618
suffix = unicode(s[-1])
1619
value = int(s[:-1])
1620
if suffix == "d":
1621
delta = datetime.timedelta(value)
1622
elif suffix == "s":
1623
delta = datetime.timedelta(0, value)
1624
elif suffix == "m":
1625
delta = datetime.timedelta(0, 0, 0, 0, value)
1626
elif suffix == "h":
1627
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
1628
elif suffix == "w":
1629
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
1630
else:
1631
raise ValueError("Unknown suffix %r" % suffix)
1632
except (ValueError, IndexError) as e:
1633
raise ValueError(*(e.args))
1634
timevalue += delta
1635
return timevalue
486
try:
487
suffix=unicode(interval[-1])
488
value=int(interval[:-1])
489
if suffix == u"d":
490
delta = datetime.timedelta(value)
491
elif suffix == u"s":
492
delta = datetime.timedelta(0, value)
493
elif suffix == u"m":
494
delta = datetime.timedelta(0, 0, 0, 0, value)
495
elif suffix == u"h":
496
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
497
elif suffix == u"w":
498
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
499
else:
500
raise ValueError
501
except (ValueError, IndexError):
502
raise ValueError
503
return delta
504
505
506
def add_service():
507
"""Derived from the Avahi example code"""
508
global group, serviceName, serviceType, servicePort, serviceTXT, \
509
domain, host
510
if group is None:
511
group = dbus.Interface(
512
bus.get_object( avahi.DBUS_NAME,
513
server.EntryGroupNew()),
514
avahi.DBUS_INTERFACE_ENTRY_GROUP)
515
group.connect_to_signal('StateChanged',
516
entry_group_state_changed)
517
logger.debug(u"Adding service '%s' of type '%s' ...",
518
serviceName, serviceType)
519
520
group.AddService(
521
serviceInterface, # interface
522
avahi.PROTO_INET6, # protocol
523
dbus.UInt32(0), # flags
524
serviceName, serviceType,
525
domain, host,
526
dbus.UInt16(servicePort),
527
avahi.string_array_to_txt_array(serviceTXT))
528
group.Commit()
529
530
531
def remove_service():
532
"""From the Avahi example code"""
533
global group
534
535
if not group is None:
536
group.Reset()
537
538
539
def server_state_changed(state):
540
"""Derived from the Avahi example code"""
541
if state == avahi.SERVER_COLLISION:
542
logger.warning(u"Server name collision")
543
remove_service()
544
elif state == avahi.SERVER_RUNNING:
545
add_service()
546
547
548
def entry_group_state_changed(state, error):
549
"""Derived from the Avahi example code"""
550
global serviceName, server, rename_count
551
552
logger.debug(u"state change: %i", state)
553
554
if state == avahi.ENTRY_GROUP_ESTABLISHED:
555
logger.debug(u"Service established.")
556
elif state == avahi.ENTRY_GROUP_COLLISION:
557
558
rename_count = rename_count - 1
559
if rename_count > 0:
560
name = server.GetAlternativeServiceName(name)
561
logger.warning(u"Service name collision, "
562
u"changing name to '%s' ...", name)
563
remove_service()
564
add_service()
565
566
else:
567
logger.error(u"No suitable service name found after %i"
568
u" retries, exiting.", n_rename)
569
killme(1)
570
elif state == avahi.ENTRY_GROUP_FAILURE:
571
logger.error(u"Error in group state changed %s",
572
unicode(error))
573
killme(1)
1636
574
1637
575
1638
576
def if_nametoindex(interface):
1639
"""Call the C function if_nametoindex(), or equivalent
1640
1641
Note: This function cannot accept a unicode string."""
1642
global if_nametoindex
577
"""Call the C function if_nametoindex()"""
1643
578
try:
1644
if_nametoindex = (ctypes.cdll.LoadLibrary
1645
(ctypes.util.find_library("c"))
1646
.if_nametoindex)
579
libc = ctypes.cdll.LoadLibrary("libc.so.6")
580
return libc.if_nametoindex(interface)
1647
581
except (OSError, AttributeError):
1648
logger.warning("Doing if_nametoindex the hard way")
1649
def if_nametoindex(interface):
1650
"Get an interface index the hard way, i.e. using fcntl()"
1651
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
1652
with contextlib.closing(socket.socket()) as s:
1653
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
1654
struct.pack(str("16s16x"),
1655
interface))
1656
interface_index = struct.unpack(str("I"),
1657
ifreq[16:20])[0]
1658
return interface_index
1659
return if_nametoindex(interface)
1660
1661
1662
def daemon(nochdir = False, noclose = False):
582
if "struct" not in sys.modules:
583
import struct
584
if "fcntl" not in sys.modules:
585
import fcntl
586
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
587
s = socket.socket()
588
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
589
struct.pack("16s16x", interface))
590
s.close()
591
interface_index = struct.unpack("I", ifreq[16:20])[0]
592
return interface_index
593
594
595
def daemon(nochdir, noclose):
1663
596
"""See daemon(3). Standard BSD Unix function.
1664
1665
597
This should really exist as os.daemon, but it doesn't (yet)."""
1666
598
if os.fork():
1667
599
sys.exit()
1668
600
os.setsid()
1669
601
if not nochdir:
1670
602
os.chdir("/")
1671
if os.fork():
1672
sys.exit()
1673
603
if not noclose:
1674
604
# Close all standard open file descriptors
1675
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
605
null = os.open("/dev/null", os.O_NOCTTY | os.O_RDWR)
1676
606
if not stat.S_ISCHR(os.fstat(null).st_mode):
1677
607
raise OSError(errno.ENODEV,
1678
"%s not a character device"
1679
% os.path.devnull)
608
"/dev/null not a character device")
1680
609
os.dup2(null, sys.stdin.fileno())
1681
610
os.dup2(null, sys.stdout.fileno())
1682
611
os.dup2(null, sys.stderr.fileno())
1684
613
os.close(null)
1685
614
1686
615
616
def killme(status = 0):
617
logger.debug("Stopping server with exit status %d", status)
618
exitstatus = status
619
if main_loop_started:
620
main_loop.quit()
621
else:
622
sys.exit(status)
623
624
1687
625
def main():
1688
1689
##################################################################
1690
# Parsing of options, both command line and config file
1691
1692
parser = argparse.ArgumentParser()
1693
parser.add_argument("-v", "--version", action="version",
1694
version = "%%(prog)s %s" % version,
1695
help="show version number and exit")
1696
parser.add_argument("-i", "--interface", metavar="IF",
1697
help="Bind to interface IF")
1698
parser.add_argument("-a", "--address",
1699
help="Address to listen for requests on")
1700
parser.add_argument("-p", "--port", type=int,
1701
help="Port number to receive requests on")
1702
parser.add_argument("--check", action="store_true",
1703
help="Run self-test")
1704
parser.add_argument("--debug", action="store_true",
1705
help="Debug mode; run in foreground and log"
1706
" to terminal")
1707
parser.add_argument("--debuglevel", metavar="LEVEL",
1708
help="Debug level for stdout output")
1709
parser.add_argument("--priority", help="GnuTLS"
1710
" priority string (see GnuTLS documentation)")
1711
parser.add_argument("--servicename",
1712
metavar="NAME", help="Zeroconf service name")
1713
parser.add_argument("--configdir",
1714
default="/etc/mandos", metavar="DIR",
1715
help="Directory to search for configuration"
1716
" files")
1717
parser.add_argument("--no-dbus", action="store_false",
1718
dest="use_dbus", help="Do not provide D-Bus"
1719
" system bus interface")
1720
parser.add_argument("--no-ipv6", action="store_false",
1721
dest="use_ipv6", help="Do not use IPv6")
1722
options = parser.parse_args()
626
global exitstatus
627
exitstatus = 0
628
global main_loop_started
629
main_loop_started = False
630
631
parser = OptionParser()
632
parser.add_option("-i", "--interface", type="string",
633
default=None, metavar="IF",
634
help="Bind to interface IF")
635
parser.add_option("-a", "--address", type="string", default=None,
636
help="Address to listen for requests on")
637
parser.add_option("-p", "--port", type="int", default=None,
638
help="Port number to receive requests on")
639
parser.add_option("--timeout", type="string", # Parsed later
640
default="1h",
641
help="Amount of downtime allowed for clients")
642
parser.add_option("--interval", type="string", # Parsed later
643
default="5m",
644
help="How often to check that a client is up")
645
parser.add_option("--check", action="store_true", default=False,
646
help="Run self-test")
647
parser.add_option("--debug", action="store_true", default=False,
648
help="Debug mode")
649
(options, args) = parser.parse_args()
1723
650
1724
651
if options.check:
1725
652
import doctest
1726
653
doctest.testmod()
1727
654
sys.exit()
1728
655
1729
# Default values for config file for server-global settings
1730
server_defaults = { "interface": "",
1731
"address": "",
1732
"port": "",
1733
"debug": "False",
1734
"priority":
1735
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
1736
"servicename": "Mandos",
1737
"use_dbus": "True",
1738
"use_ipv6": "True",
1739
"debuglevel": "",
1740
}
1741
1742
# Parse config file for server-global settings
1743
server_config = configparser.SafeConfigParser(server_defaults)
1744
del server_defaults
1745
server_config.read(os.path.join(options.configdir,
1746
"mandos.conf"))
1747
# Convert the SafeConfigParser object to a dict
1748
server_settings = server_config.defaults()
1749
# Use the appropriate methods on the non-string config options
1750
for option in ("debug", "use_dbus", "use_ipv6"):
1751
server_settings[option] = server_config.getboolean("DEFAULT",
1752
option)
1753
if server_settings["port"]:
1754
server_settings["port"] = server_config.getint("DEFAULT",
1755
"port")
1756
del server_config
1757
1758
# Override the settings from the config file with command line
1759
# options, if set.
1760
for option in ("interface", "address", "port", "debug",
1761
"priority", "servicename", "configdir",
1762
"use_dbus", "use_ipv6", "debuglevel"):
1763
value = getattr(options, option)
1764
if value is not None:
1765
server_settings[option] = value
1766
del options
1767
# Force all strings to be unicode
1768
for option in server_settings.keys():
1769
if type(server_settings[option]) is str:
1770
server_settings[option] = unicode(server_settings[option])
1771
# Now we have our good server settings in "server_settings"
1772
1773
##################################################################
1774
1775
# For convenience
1776
debug = server_settings["debug"]
1777
debuglevel = server_settings["debuglevel"]
1778
use_dbus = server_settings["use_dbus"]
1779
use_ipv6 = server_settings["use_ipv6"]
1780
1781
if server_settings["servicename"] != "Mandos":
1782
syslogger.setFormatter(logging.Formatter
1783
('Mandos (%s) [%%(process)d]:'
1784
' %%(levelname)s: %%(message)s'
1785
% server_settings["servicename"]))
1786
1787
# Parse config file with clients
1788
client_defaults = { "timeout": "5m",
1789
"extended_timeout": "15m",
1790
"interval": "2m",
1791
"checker": "fping -q -- %%(host)s",
1792
"host": "",
1793
"approval_delay": "0s",
1794
"approval_duration": "1s",
1795
}
1796
client_config = configparser.SafeConfigParser(client_defaults)
1797
client_config.read(os.path.join(server_settings["configdir"],
1798
"clients.conf"))
1799
1800
global mandos_dbus_service
1801
mandos_dbus_service = None
1802
1803
tcp_server = MandosServer((server_settings["address"],
1804
server_settings["port"]),
1805
ClientHandler,
1806
interface=(server_settings["interface"]
1807
or None),
1808
use_ipv6=use_ipv6,
1809
gnutls_priority=
1810
server_settings["priority"],
1811
use_dbus=use_dbus)
1812
if not debug:
1813
pidfilename = "/var/run/mandos.pid"
1814
try:
1815
pidfile = open(pidfilename, "w")
1816
except IOError:
1817
logger.error("Could not open file %r", pidfilename)
1818
1819
try:
1820
uid = pwd.getpwnam("_mandos").pw_uid
1821
gid = pwd.getpwnam("_mandos").pw_gid
1822
except KeyError:
1823
try:
1824
uid = pwd.getpwnam("mandos").pw_uid
1825
gid = pwd.getpwnam("mandos").pw_gid
1826
except KeyError:
1827
try:
1828
uid = pwd.getpwnam("nobody").pw_uid
1829
gid = pwd.getpwnam("nobody").pw_gid
1830
except KeyError:
1831
uid = 65534
1832
gid = 65534
1833
try:
1834
os.setgid(gid)
1835
os.setuid(uid)
1836
except OSError as error:
1837
if error[0] != errno.EPERM:
1838
raise error
1839
1840
if not debug and not debuglevel:
1841
syslogger.setLevel(logging.WARNING)
1842
console.setLevel(logging.WARNING)
1843
if debuglevel:
1844
level = getattr(logging, debuglevel.upper())
1845
syslogger.setLevel(level)
1846
console.setLevel(level)
1847
1848
if debug:
1849
# Enable all possible GnuTLS debugging
1850
1851
# "Use a log level over 10 to enable all debugging options."
1852
# - GnuTLS manual
1853
gnutls.library.functions.gnutls_global_set_log_level(11)
1854
1855
@gnutls.library.types.gnutls_log_func
1856
def debug_gnutls(level, string):
1857
logger.debug("GnuTLS: %s", string[:-1])
1858
1859
(gnutls.library.functions
1860
.gnutls_global_set_log_function(debug_gnutls))
1861
1862
# Redirect stdin so all checkers get /dev/null
1863
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1864
os.dup2(null, sys.stdin.fileno())
1865
if null > 2:
1866
os.close(null)
1867
else:
1868
# No console logging
1869
logger.removeHandler(console)
1870
1871
# Need to fork before connecting to D-Bus
1872
if not debug:
1873
# Close all input and output, do double fork, etc.
1874
daemon()
656
# Parse the time arguments
657
try:
658
options.timeout = string_to_delta(options.timeout)
659
except ValueError:
660
parser.error("option --timeout: Unparseable time")
661
try:
662
options.interval = string_to_delta(options.interval)
663
except ValueError:
664
parser.error("option --interval: Unparseable time")
665
666
# Parse config file
667
defaults = { "checker": "fping -q -- %%(fqdn)s" }
668
client_config = ConfigParser.SafeConfigParser(defaults)
669
#client_config.readfp(open("global.conf"), "global.conf")
670
client_config.read("mandos-clients.conf")
1875
671
1876
672
global main_loop
673
global bus
674
global server
1877
675
# From the Avahi example code
1878
676
DBusGMainLoop(set_as_default=True )
1879
677
main_loop = gobject.MainLoop()
1880
678
bus = dbus.SystemBus()
679
server = dbus.Interface(
680
bus.get_object( avahi.DBUS_NAME, avahi.DBUS_PATH_SERVER ),
681
avahi.DBUS_INTERFACE_SERVER )
1881
682
# End of Avahi example code
1882
if use_dbus:
1883
try:
1884
bus_name = dbus.service.BusName("se.bsnet.fukt.Mandos",
1885
bus, do_not_queue=True)
1886
except dbus.exceptions.NameExistsException as e:
1887
logger.error(unicode(e) + ", disabling D-Bus")
1888
use_dbus = False
1889
server_settings["use_dbus"] = False
1890
tcp_server.use_dbus = False
1891
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
1892
service = AvahiService(name = server_settings["servicename"],
1893
servicetype = "_mandos._tcp",
1894
protocol = protocol, bus = bus)
1895
if server_settings["interface"]:
1896
service.interface = (if_nametoindex
1897
(str(server_settings["interface"])))
1898
1899
global multiprocessing_manager
1900
multiprocessing_manager = multiprocessing.Manager()
1901
1902
client_class = Client
1903
if use_dbus:
1904
client_class = functools.partial(ClientDBus, bus = bus)
1905
def client_config_items(config, section):
1906
special_settings = {
1907
"approved_by_default":
1908
lambda: config.getboolean(section,
1909
"approved_by_default"),
1910
}
1911
for name, value in config.items(section):
1912
try:
1913
yield (name, special_settings[name]())
1914
except KeyError:
1915
yield (name, value)
1916
1917
tcp_server.clients.update(set(
1918
client_class(name = section,
1919
config= dict(client_config_items(
1920
client_config, section)))
1921
for section in client_config.sections()))
1922
if not tcp_server.clients:
1923
logger.warning("No clients defined")
1924
683
684
debug = options.debug
685
686
if debug:
687
console = logging.StreamHandler()
688
# console.setLevel(logging.DEBUG)
689
console.setFormatter(logging.Formatter\
690
('%(levelname)s: %(message)s'))
691
logger.addHandler(console)
692
del console
693
694
clients = Set()
695
def remove_from_clients(client):
696
clients.remove(client)
697
if not clients:
698
logger.debug(u"No clients left, exiting")
699
killme()
700
701
clients.update(Set(Client(name=section, options=options,
702
stop_hook = remove_from_clients,
703
**(dict(client_config\
704
.items(section))))
705
for section in client_config.sections()))
706
1925
707
if not debug:
1926
try:
1927
with pidfile:
1928
pid = os.getpid()
1929
pidfile.write(str(pid) + "\n".encode("utf-8"))
1930
del pidfile
1931
except IOError:
1932
logger.error("Could not write to file %r with PID %d",
1933
pidfilename, pid)
1934
except NameError:
1935
# "pidfile" was never created
1936
pass
1937
del pidfilename
1938
1939
signal.signal(signal.SIGINT, signal.SIG_IGN)
1940
1941
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
1942
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
1943
1944
if use_dbus:
1945
class MandosDBusService(dbus.service.Object):
1946
"""A D-Bus proxy object"""
1947
def __init__(self):
1948
dbus.service.Object.__init__(self, bus, "/")
1949
_interface = "se.bsnet.fukt.Mandos"
1950
1951
@dbus.service.signal(_interface, signature="o")
1952
def ClientAdded(self, objpath):
1953
"D-Bus signal"
1954
pass
1955
1956
@dbus.service.signal(_interface, signature="ss")
1957
def ClientNotFound(self, fingerprint, address):
1958
"D-Bus signal"
1959
pass
1960
1961
@dbus.service.signal(_interface, signature="os")
1962
def ClientRemoved(self, objpath, name):
1963
"D-Bus signal"
1964
pass
1965
1966
@dbus.service.method(_interface, out_signature="ao")
1967
def GetAllClients(self):
1968
"D-Bus method"
1969
return dbus.Array(c.dbus_object_path
1970
for c in tcp_server.clients)
1971
1972
@dbus.service.method(_interface,
1973
out_signature="a{oa{sv}}")
1974
def GetAllClientsWithProperties(self):
1975
"D-Bus method"
1976
return dbus.Dictionary(
1977
((c.dbus_object_path, c.GetAll(""))
1978
for c in tcp_server.clients),
1979
signature="oa{sv}")
1980
1981
@dbus.service.method(_interface, in_signature="o")
1982
def RemoveClient(self, object_path):
1983
"D-Bus method"
1984
for c in tcp_server.clients:
1985
if c.dbus_object_path == object_path:
1986
tcp_server.clients.remove(c)
1987
c.remove_from_connection()
1988
# Don't signal anything except ClientRemoved
1989
c.disable(quiet=True)
1990
# Emit D-Bus signal
1991
self.ClientRemoved(object_path, c.name)
1992
return
1993
raise KeyError(object_path)
1994
1995
del _interface
1996
1997
mandos_dbus_service = MandosDBusService()
708
daemon(False, False)
1998
709
1999
710
def cleanup():
2000
711
"Cleanup function; run on exit"
2001
service.cleanup()
2002
2003
while tcp_server.clients:
2004
client = tcp_server.clients.pop()
2005
if use_dbus:
2006
client.remove_from_connection()
2007
client.disable_hook = None
2008
# Don't signal anything except ClientRemoved
2009
client.disable(quiet=True)
2010
if use_dbus:
2011
# Emit D-Bus signal
2012
mandos_dbus_service.ClientRemoved(client.dbus_object_path,
2013
client.name)
2014
2015
atexit.register(cleanup)
2016
2017
for client in tcp_server.clients:
2018
if use_dbus:
2019
# Emit D-Bus signal
2020
mandos_dbus_service.ClientAdded(client.dbus_object_path)
2021
client.enable()
2022
2023
tcp_server.enable()
2024
tcp_server.server_activate()
2025
2026
# Find out what port we got
2027
service.port = tcp_server.socket.getsockname()[1]
2028
if use_ipv6:
2029
logger.info("Now listening on address %r, port %d,"
2030
" flowinfo %d, scope_id %d"
2031
% tcp_server.socket.getsockname())
2032
else: # IPv4
2033
logger.info("Now listening on address %r, port %d"
2034
% tcp_server.socket.getsockname())
2035
2036
#service.interface = tcp_server.socket.getsockname()[3]
2037
2038
try:
712
global group
2039
713
# From the Avahi example code
2040
try:
2041
service.activate()
2042
except dbus.exceptions.DBusException as error:
2043
logger.critical("DBusException: %s", error)
2044
cleanup()
2045
sys.exit(1)
714
if not group is None:
715
group.Free()
716
group = None
2046
717
# End of Avahi example code
2047
718
2048
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
2049
lambda *args, **kwargs:
2050
(tcp_server.handle_request
2051
(*args[2:], **kwargs) or True))
2052
719
while clients:
720
client = clients.pop()
721
client.stop_hook = None
722
client.stop()
723
724
atexit.register(cleanup)
725
726
if not debug:
727
signal.signal(signal.SIGINT, signal.SIG_IGN)
728
signal.signal(signal.SIGHUP, lambda signum, frame: killme())
729
signal.signal(signal.SIGTERM, lambda signum, frame: killme())
730
731
for client in clients:
732
client.start()
733
734
tcp_server = IPv6_TCPServer((options.address, options.port),
735
tcp_handler,
736
options=options,
737
clients=clients)
738
# Find out what random port we got
739
global servicePort
740
servicePort = tcp_server.socket.getsockname()[1]
741
logger.debug(u"Now listening on port %d", servicePort)
742
743
if options.interface is not None:
744
global serviceInterface
745
serviceInterface = if_nametoindex(options.interface)
746
747
# From the Avahi example code
748
server.connect_to_signal("StateChanged", server_state_changed)
749
try:
750
server_state_changed(server.GetState())
751
except dbus.exceptions.DBusException, error:
752
logger.critical(u"DBusException: %s", error)
753
killme(1)
754
# End of Avahi example code
755
756
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
757
lambda *args, **kwargs:
758
tcp_server.handle_request(*args[2:],
759
**kwargs) or True)
760
try:
2053
761
logger.debug("Starting main loop")
762
main_loop_started = True
2054
763
main_loop.run()
2055
except AvahiError as error:
2056
logger.critical("AvahiError: %s", error)
2057
cleanup()
2058
sys.exit(1)
2059
764
except KeyboardInterrupt:
2060
765
if debug:
2061
print("", file=sys.stderr)
2062
logger.debug("Server received KeyboardInterrupt")
2063
logger.debug("Server exiting")
2064
# Must run before the D-Bus bus name gets deregistered
2065
cleanup()
2066
766
print
767
768
sys.exit(exitstatus)
2067
769
2068
770
if __name__ == '__main__':
2069
771
main()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0