/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos

  • Committer: Teddy Hogeborn
  • Date: 2011-11-27 19:37:54 UTC
  • mto: (237.12.11 mandos-persistent)
  • mto: This revision was merged to the branch mainline in revision 290.
  • Revision ID: teddy@recompile.se-20111127193754-4366e18gmi11kew0
* mandos (_timedelta_to_milliseconds): Renamed to
                                       "timedelta_to_milliseconds";
                                       all callers changed.
  (Client._approved): Bug fix; renamed to "approved" without
                      underscore.  All users changed.
  (ProxyClient): Removed superfluous parens in "if" statements.
  (ClientHandler.handle): Bug fix: Emit NewRequest signal *after*
                          client is found, not before.

Show diffs side-by-side

added added

removed removed

Lines of Context:
377
377
                                % self.name))
378
378
        return ret
379
379
 
380
 
def _timedelta_to_milliseconds(td):
 
380
def timedelta_to_milliseconds(td):
381
381
    "Convert a datetime.timedelta() to milliseconds"
382
382
    return ((td.days * 24 * 60 * 60 * 1000)
383
383
            + (td.seconds * 1000)
387
387
    """A representation of a client host served by this server.
388
388
    
389
389
    Attributes:
390
 
    _approved:   bool(); 'None' if not yet approved/disapproved
 
390
    approved:   bool(); 'None' if not yet approved/disapproved
391
391
    approval_delay: datetime.timedelta(); Time to wait for approval
392
392
    approval_duration: datetime.timedelta(); Duration of one approval
393
393
    checker:    subprocess.Popen(); a running checker process used
434
434
    
435
435
    def timeout_milliseconds(self):
436
436
        "Return the 'timeout' attribute in milliseconds"
437
 
        return _timedelta_to_milliseconds(self.timeout)
 
437
        return timedelta_to_milliseconds(self.timeout)
438
438
    
439
439
    def extended_timeout_milliseconds(self):
440
440
        "Return the 'extended_timeout' attribute in milliseconds"
441
 
        return _timedelta_to_milliseconds(self.extended_timeout)
 
441
        return timedelta_to_milliseconds(self.extended_timeout)
442
442
    
443
443
    def interval_milliseconds(self):
444
444
        "Return the 'interval' attribute in milliseconds"
445
 
        return _timedelta_to_milliseconds(self.interval)
 
445
        return timedelta_to_milliseconds(self.interval)
446
446
    
447
447
    def approval_delay_milliseconds(self):
448
 
        return _timedelta_to_milliseconds(self.approval_delay)
 
448
        return timedelta_to_milliseconds(self.approval_delay)
449
449
    
450
450
    def __init__(self, name = None, config=None):
451
451
        """Note: the 'checker' key in 'config' sets the
495
495
        self.checker_callback_tag = None
496
496
        self.checker_command = config["checker"]
497
497
        self.current_checker_command = None
498
 
        self._approved = None
 
498
        self.approved = None
499
499
        self.approved_by_default = config.get("approved_by_default",
500
500
                                              True)
501
501
        self.approvals_pending = 0
601
601
            gobject.source_remove(self.disable_initiator_tag)
602
602
        if getattr(self, "enabled", False):
603
603
            self.disable_initiator_tag = (gobject.timeout_add
604
 
                                          (_timedelta_to_milliseconds
 
604
                                          (timedelta_to_milliseconds
605
605
                                           (timeout), self.disable))
606
606
            self.expires = datetime.datetime.utcnow() + timeout
607
607
    
1071
1071
    approval_delay = notifychangeproperty(dbus.UInt16,
1072
1072
                                          "ApprovalDelay",
1073
1073
                                          type_func =
1074
 
                                          _timedelta_to_milliseconds)
 
1074
                                          timedelta_to_milliseconds)
1075
1075
    approval_duration = notifychangeproperty(
1076
1076
        dbus.UInt16, "ApprovalDuration",
1077
 
        type_func = _timedelta_to_milliseconds)
 
1077
        type_func = timedelta_to_milliseconds)
1078
1078
    host = notifychangeproperty(dbus.String, "Host")
1079
1079
    timeout = notifychangeproperty(dbus.UInt16, "Timeout",
1080
1080
                                   type_func =
1081
 
                                   _timedelta_to_milliseconds)
 
1081
                                   timedelta_to_milliseconds)
1082
1082
    extended_timeout = notifychangeproperty(
1083
1083
        dbus.UInt16, "ExtendedTimeout",
1084
 
        type_func = _timedelta_to_milliseconds)
 
1084
        type_func = timedelta_to_milliseconds)
1085
1085
    interval = notifychangeproperty(dbus.UInt16,
1086
1086
                                    "Interval",
1087
1087
                                    type_func =
1088
 
                                    _timedelta_to_milliseconds)
 
1088
                                    timedelta_to_milliseconds)
1089
1089
    checker_command = notifychangeproperty(dbus.String, "Checker")
1090
1090
    
1091
1091
    del notifychangeproperty
1133
1133
        return r
1134
1134
    
1135
1135
    def _reset_approved(self):
1136
 
        self._approved = None
 
1136
        self.approved = None
1137
1137
        return False
1138
1138
    
1139
1139
    def approve(self, value=True):
1140
1140
        self.send_changedstate()
1141
 
        self._approved = value
1142
 
        gobject.timeout_add(_timedelta_to_milliseconds
 
1141
        self.approved = value
 
1142
        gobject.timeout_add(timedelta_to_milliseconds
1143
1143
                            (self.approval_duration),
1144
1144
                            self._reset_approved)
1145
1145
    
1259
1259
                           access="readwrite")
1260
1260
    def ApprovalDuration_dbus_property(self, value=None):
1261
1261
        if value is None:       # get
1262
 
            return dbus.UInt64(_timedelta_to_milliseconds(
 
1262
            return dbus.UInt64(timedelta_to_milliseconds(
1263
1263
                    self.approval_duration))
1264
1264
        self.approval_duration = datetime.timedelta(0, 0, 0, value)
1265
1265
    
1334
1334
        gobject.source_remove(self.disable_initiator_tag)
1335
1335
        self.disable_initiator_tag = None
1336
1336
        self.expires = None
1337
 
        time_to_die = _timedelta_to_milliseconds((self
1338
 
                                                  .last_checked_ok
1339
 
                                                  + self.timeout)
1340
 
                                                 - datetime.datetime
1341
 
                                                 .utcnow())
 
1337
        time_to_die = timedelta_to_milliseconds((self
 
1338
                                                 .last_checked_ok
 
1339
                                                 + self.timeout)
 
1340
                                                - datetime.datetime
 
1341
                                                .utcnow())
1342
1342
        if time_to_die <= 0:
1343
1343
            # The timeout has passed
1344
1344
            self.disable()
1414
1414
            raise KeyError()
1415
1415
    
1416
1416
    def __getattribute__(self, name):
1417
 
        if(name == '_pipe'):
 
1417
        if name == '_pipe':
1418
1418
            return super(ProxyClient, self).__getattribute__(name)
1419
1419
        self._pipe.send(('getattr', name))
1420
1420
        data = self._pipe.recv()
1427
1427
            return func
1428
1428
    
1429
1429
    def __setattr__(self, name, value):
1430
 
        if(name == '_pipe'):
 
1430
        if name == '_pipe':
1431
1431
            return super(ProxyClient, self).__setattr__(name, value)
1432
1432
        self._pipe.send(('setattr', name, value))
1433
1433
 
1502
1502
                    logger.warning("Bad certificate: %s", error)
1503
1503
                    return
1504
1504
                logger.debug("Fingerprint: %s", fpr)
1505
 
                if self.server.use_dbus:
1506
 
                    # Emit D-Bus signal
1507
 
                    client.NewRequest(str(self.client_address))
1508
1505
                
1509
1506
                try:
1510
1507
                    client = ProxyClient(child_pipe, fpr,
1512
1509
                except KeyError:
1513
1510
                    return
1514
1511
                
 
1512
                if self.server.use_dbus:
 
1513
                    # Emit D-Bus signal
 
1514
                    client.NewRequest(str(self.client_address))
 
1515
                
1515
1516
                if client.approval_delay:
1516
1517
                    delay = client.approval_delay
1517
1518
                    client.approvals_pending += 1
1526
1527
                            client.Rejected("Disabled")
1527
1528
                        return
1528
1529
                    
1529
 
                    if client._approved or not client.approval_delay:
 
1530
                    if client.approved or not client.approval_delay:
1530
1531
                        #We are approved or approval is disabled
1531
1532
                        break
1532
 
                    elif client._approved is None:
 
1533
                    elif client.approved is None:
1533
1534
                        logger.info("Client %s needs approval",
1534
1535
                                    client.name)
1535
1536
                        if self.server.use_dbus:
1549
1550
                    time = datetime.datetime.now()
1550
1551
                    client.changedstate.acquire()
1551
1552
                    (client.changedstate.wait
1552
 
                     (float(client._timedelta_to_milliseconds(delay)
 
1553
                     (float(client.timedelta_to_milliseconds(delay)
1553
1554
                            / 1000)))
1554
1555
                    client.changedstate.release()
1555
1556
                    time2 = datetime.datetime.now()