/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos

* mandos (peer_certificate): Handle NULL pointer from
                             "gnutls_certificate_get_peers" slightly
                             better.
  (TCP_handler.handle): Added some extra debug output.

  (MandosServer.GetAllClients,
  MandosServer.GetAllClientsWithProperties,
  MandosServer.RemoveClient): Added doc string.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos
73
73
             (facility = logging.handlers.SysLogHandler.LOG_DAEMON,
74
74
              address = "/dev/log"))
75
75
syslogger.setFormatter(logging.Formatter
76
 
                       ('Mandos [%(process)d]: %(levelname)s:'
77
 
                        ' %(message)s'))
 
76
                       ('Mandos: %(levelname)s: %(message)s'))
78
77
logger.addHandler(syslogger)
79
78
 
80
79
console = logging.StreamHandler()
81
 
console.setFormatter(logging.Formatter('%(name)s [%(process)d]:'
82
 
                                       ' %(levelname)s: %(message)s'))
 
80
console.setFormatter(logging.Formatter('%(name)s: %(levelname)s:'
 
81
                                       ' %(message)s'))
83
82
logger.addHandler(console)
84
83
 
85
84
class AvahiError(Exception):
677
676
        # using OpenPGP certificates.
678
677
        
679
678
        #priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
680
 
        #                     "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
681
 
        #                     "+DHE-DSS"))
 
679
        #                "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
 
680
        #                "+DHE-DSS"))
682
681
        # Use a fallback default, since this MUST be set.
683
682
        priority = self.server.settings.get("priority", "NORMAL")
684
683
        (gnutls.library.functions
700
699
            session.bye()
701
700
            return
702
701
        logger.debug(u"Fingerprint: %s", fpr)
703
 
        
704
702
        for c in self.server.clients:
705
703
            if c.fingerprint == fpr:
706
704
                client = c
765
763
                                 u" bind to interface %s",
766
764
                                 self.settings["interface"])
767
765
                else:
768
 
                    raise
 
766
                    raise error
769
767
        # Only bind(2) the socket if we really need to.
770
768
        if self.server_address[0] or self.server_address[1]:
771
769
            if not self.server_address[0]:
792
790
 
793
791
def string_to_delta(interval):
794
792
    """Parse a string and return a datetime.timedelta
795
 
    
 
793
 
796
794
    >>> string_to_delta('7d')
797
795
    datetime.timedelta(7)
798
796
    >>> string_to_delta('60s')
1001
999
    pidfilename = "/var/run/mandos.pid"
1002
1000
    try:
1003
1001
        pidfile = open(pidfilename, "w")
1004
 
    except IOError:
 
1002
    except IOError, error:
1005
1003
        logger.error("Could not open file %r", pidfilename)
1006
1004
    
1007
1005
    try:
1019
1017
                uid = 65534
1020
1018
                gid = 65534
1021
1019
    try:
 
1020
        os.setuid(uid)
1022
1021
        os.setgid(gid)
1023
 
        os.setuid(uid)
1024
1022
    except OSError, error:
1025
1023
        if error[0] != errno.EPERM:
1026
1024
            raise error
1027
1025
    
1028
 
    # Enable all possible GnuTLS debugging
1029
 
    if debug:
1030
 
        # "Use a log level over 10 to enable all debugging options."
1031
 
        # - GnuTLS manual
1032
 
        gnutls.library.functions.gnutls_global_set_log_level(11)
1033
 
        
1034
 
        @gnutls.library.types.gnutls_log_func
1035
 
        def debug_gnutls(level, string):
1036
 
            logger.debug("GnuTLS: %s", string[:-1])
1037
 
        
1038
 
        (gnutls.library.functions
1039
 
         .gnutls_global_set_log_function(debug_gnutls))
1040
 
    
1041
1026
    global service
1042
1027
    service = AvahiService(name = server_settings["servicename"],
1043
1028
                           servicetype = "_mandos._tcp", )
1200
1185
        sys.exit(1)
1201
1186
    except KeyboardInterrupt:
1202
1187
        if debug:
1203
 
            print >> sys.stderr
1204
 
        logger.debug("Server received KeyboardInterrupt")
1205
 
    logger.debug("Server exiting")
 
1188
            print
1206
1189
 
1207
1190
if __name__ == '__main__':
1208
1191
    main()