/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-monitor

* mandos-ctl (main): Use D-Bus properties instead of methods.

Show diffs side-by-side

added added

removed removed

Lines of Context:
3
3
4
4
# Mandos Monitor - Control and monitor the Mandos server
5
5
6
 
# Copyright © 2009-2014 Teddy Hogeborn
7
 
# Copyright © 2009-2014 Björn Påhlsson
 
6
# Copyright © 2009-2012 Teddy Hogeborn
 
7
# Copyright © 2009-2012 Björn Påhlsson
8
8
9
9
# This program is free software: you can redistribute it and/or modify
10
10
# it under the terms of the GNU General Public License as published by
17
17
#     GNU General Public License for more details.
18
18
19
19
# You should have received a copy of the GNU General Public License
20
 
# along with this program.  If not, see
21
 
# <http://www.gnu.org/licenses/>.
 
20
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
22
21
23
22
# Contact the authors at <mandos@recompile.se>.
24
23
25
24
 
26
25
from __future__ import (division, absolute_import, print_function,
27
26
                        unicode_literals)
28
 
try:
29
 
    from future_builtins import *
30
 
except ImportError:
31
 
    pass
32
27
 
33
28
import sys
34
29
import os
 
30
import signal
35
31
 
36
32
import datetime
37
33
 
39
35
import urwid
40
36
 
41
37
from dbus.mainloop.glib import DBusGMainLoop
42
 
try:
43
 
    import gobject
44
 
except ImportError:
45
 
    from gi.repository import GObject as gobject
 
38
import gobject
46
39
 
47
40
import dbus
48
41
 
 
42
import UserList
 
43
 
49
44
import locale
50
45
 
51
 
if sys.version_info.major == 2:
52
 
    str = unicode
53
 
 
54
46
locale.setlocale(locale.LC_ALL, '')
55
47
 
56
48
import logging
60
52
domain = 'se.recompile'
61
53
server_interface = domain + '.Mandos'
62
54
client_interface = domain + '.Mandos.Client'
63
 
version = "1.6.9"
 
55
version = "1.5.3"
 
56
 
 
57
# Always run in monochrome mode
 
58
urwid.curses_display.curses.has_colors = lambda : False
 
59
 
 
60
# Urwid doesn't support blinking, but we want it.  Since we have no
 
61
# use for underline on its own, we make underline also always blink.
 
62
urwid.curses_display.curses.A_UNDERLINE |= (
 
63
    urwid.curses_display.curses.A_BLINK)
64
64
 
65
65
def isoformat_to_datetime(iso):
66
66
    "Parse an ISO 8601 date string to a datetime.datetime()"
83
83
    properties and calls a hook function when any of them are
84
84
    changed.
85
85
    """
86
 
    def __init__(self, proxy_object=None, properties=None, **kwargs):
 
86
    def __init__(self, proxy_object=None, *args, **kwargs):
87
87
        self.proxy = proxy_object # Mandos Client proxy object
88
 
        self.properties = dict() if properties is None else properties
 
88
        
 
89
        self.properties = dict()
89
90
        self.property_changed_match = (
90
 
            self.proxy.connect_to_signal("PropertiesChanged",
91
 
                                         self.properties_changed,
92
 
                                         dbus.PROPERTIES_IFACE,
 
91
            self.proxy.connect_to_signal("PropertyChanged",
 
92
                                         self.property_changed,
 
93
                                         client_interface,
93
94
                                         byte_arrays=True))
94
95
        
95
 
        if properties is None:
96
 
            self.properties.update(
97
 
                self.proxy.GetAll(client_interface,
98
 
                                  dbus_interface
99
 
                                  = dbus.PROPERTIES_IFACE))
100
 
        
101
 
        super(MandosClientPropertyCache, self).__init__(**kwargs)
 
96
        self.properties.update(
 
97
            self.proxy.GetAll(client_interface,
 
98
                              dbus_interface = dbus.PROPERTIES_IFACE))
 
99
 
 
100
        #XXX This breaks good super behaviour
 
101
#        super(MandosClientPropertyCache, self).__init__(
 
102
#            *args, **kwargs)
102
103
    
103
 
    def properties_changed(self, interface, properties, invalidated):
104
 
        """This is called whenever we get a PropertiesChanged signal
105
 
        It updates the changed properties in the "properties" dict.
 
104
    def property_changed(self, property=None, value=None):
 
105
        """This is called whenever we get a PropertyChanged signal
 
106
        It updates the changed property in the "properties" dict.
106
107
        """
107
108
        # Update properties dict with new value
108
 
        self.properties.update(properties)
 
109
        self.properties[property] = value
109
110
    
110
 
    def delete(self):
 
111
    def delete(self, *args, **kwargs):
111
112
        self.property_changed_match.remove()
 
113
        super(MandosClientPropertyCache, self).__init__(
 
114
            *args, **kwargs)
112
115
 
113
116
 
114
117
class MandosClientWidget(urwid.FlowWidget, MandosClientPropertyCache):
116
119
    """
117
120
    
118
121
    def __init__(self, server_proxy_object=None, update_hook=None,
119
 
                 delete_hook=None, logger=None, **kwargs):
 
122
                 delete_hook=None, logger=None, *args, **kwargs):
120
123
        # Called on update
121
124
        self.update_hook = update_hook
122
125
        # Called on delete
127
130
        self.logger = logger
128
131
        
129
132
        self._update_timer_callback_tag = None
 
133
        self._update_timer_callback_lock = 0
130
134
        
131
135
        # The widget shown normally
132
136
        self._text_widget = urwid.Text("")
133
137
        # The widget shown when we have focus
134
138
        self._focus_text_widget = urwid.Text("")
135
 
        super(MandosClientWidget, self).__init__(**kwargs)
 
139
        super(MandosClientWidget, self).__init__(
 
140
            update_hook=update_hook, delete_hook=delete_hook,
 
141
            *args, **kwargs)
136
142
        self.update()
137
143
        self.opened = False
138
144
        
 
145
        last_checked_ok = isoformat_to_datetime(self.properties
 
146
                                                ["LastCheckedOK"])
 
147
        
 
148
        if self.properties ["LastCheckerStatus"] != 0:
 
149
            self.using_timer(True)
 
150
        
 
151
        if self.need_approval:
 
152
            self.using_timer(True)
 
153
        
139
154
        self.match_objects = (
140
155
            self.proxy.connect_to_signal("CheckerCompleted",
141
156
                                         self.checker_completed,
157
172
                                         self.rejected,
158
173
                                         client_interface,
159
174
                                         byte_arrays=True))
160
 
        self.logger('Created client {}'
161
 
                    .format(self.properties["Name"]), level=0)
 
175
        #self.logger('Created client {0}'
 
176
        #            .format(self.properties["Name"]))
 
177
    
 
178
    def property_changed(self, property=None, value=None):
 
179
        super(self, MandosClientWidget).property_changed(property,
 
180
                                                         value)
 
181
        if property == "ApprovalPending":
 
182
            using_timer(bool(value))
 
183
        if property == "LastCheckerStatus":
 
184
            using_timer(value != 0)
 
185
            #self.logger('Checker for client {0} (command "{1}") was '
 
186
            #            ' successful'.format(self.properties["Name"],
 
187
            #                                 command))
162
188
    
163
189
    def using_timer(self, flag):
164
190
        """Call this method with True or False when timer should be
165
191
        activated or deactivated.
166
192
        """
167
 
        if flag and self._update_timer_callback_tag is None:
 
193
        old = self._update_timer_callback_lock
 
194
        if flag:
 
195
            self._update_timer_callback_lock += 1
 
196
        else:
 
197
            self._update_timer_callback_lock -= 1
 
198
        if old == 0 and self._update_timer_callback_lock:
168
199
            # Will update the shown timer value every second
169
200
            self._update_timer_callback_tag = (gobject.timeout_add
170
201
                                               (1000,
171
202
                                                self.update_timer))
172
 
        elif not (flag or self._update_timer_callback_tag is None):
 
203
        elif old and self._update_timer_callback_lock == 0:
173
204
            gobject.source_remove(self._update_timer_callback_tag)
174
205
            self._update_timer_callback_tag = None
175
206
    
176
207
    def checker_completed(self, exitstatus, condition, command):
177
208
        if exitstatus == 0:
178
 
            self.logger('Checker for client {} (command "{}")'
179
 
                        ' succeeded'.format(self.properties["Name"],
180
 
                                            command), level=0)
181
209
            self.update()
182
210
            return
183
211
        # Checker failed
184
212
        if os.WIFEXITED(condition):
185
 
            self.logger('Checker for client {} (command "{}") failed'
186
 
                        ' with exit code {}'
 
213
            self.logger('Checker for client {0} (command "{1}")'
 
214
                        ' failed with exit code {2}'
187
215
                        .format(self.properties["Name"], command,
188
216
                                os.WEXITSTATUS(condition)))
189
217
        elif os.WIFSIGNALED(condition):
190
 
            self.logger('Checker for client {} (command "{}") was'
191
 
                        ' killed by signal {}'
 
218
            self.logger('Checker for client {0} (command "{1}") was'
 
219
                        ' killed by signal {2}'
192
220
                        .format(self.properties["Name"], command,
193
221
                                os.WTERMSIG(condition)))
194
222
        elif os.WCOREDUMP(condition):
195
 
            self.logger('Checker for client {} (command "{}") dumped'
196
 
                        ' core'.format(self.properties["Name"],
197
 
                                       command))
 
223
            self.logger('Checker for client {0} (command "{1}")'
 
224
                        ' dumped core'
 
225
                        .format(self.properties["Name"], command))
198
226
        else:
199
 
            self.logger('Checker for client {} completed'
 
227
            self.logger('Checker for client {0} completed'
200
228
                        ' mysteriously'
201
229
                        .format(self.properties["Name"]))
202
230
        self.update()
203
231
    
204
232
    def checker_started(self, command):
205
 
        """Server signals that a checker started."""
206
 
        self.logger('Client {} started checker "{}"'
207
 
                    .format(self.properties["Name"],
208
 
                            command), level=0)
 
233
        """Server signals that a checker started. This could be useful
 
234
           to log in the future. """
 
235
        #self.logger('Client {0} started checker "{1}"'
 
236
        #            .format(self.properties["Name"],
 
237
        #                    unicode(command)))
 
238
        pass
209
239
    
210
240
    def got_secret(self):
211
 
        self.logger('Client {} received its secret'
 
241
        self.logger('Client {0} received its secret'
212
242
                    .format(self.properties["Name"]))
213
243
    
214
244
    def need_approval(self, timeout, default):
215
245
        if not default:
216
 
            message = 'Client {} needs approval within {} seconds'
 
246
            message = 'Client {0} needs approval within {1} seconds'
217
247
        else:
218
 
            message = 'Client {} will get its secret in {} seconds'
 
248
            message = 'Client {0} will get its secret in {1} seconds'
219
249
        self.logger(message.format(self.properties["Name"],
220
250
                                   timeout/1000))
 
251
        self.using_timer(True)
221
252
    
222
253
    def rejected(self, reason):
223
 
        self.logger('Client {} was rejected; reason: {}'
 
254
        self.logger('Client {0} was rejected; reason: {1}'
224
255
                    .format(self.properties["Name"], reason))
225
256
    
226
257
    def selectable(self):
249
280
                          "bold-underline-blink":
250
281
                              "bold-underline-blink-standout",
251
282
                          }
252
 
        
 
283
 
253
284
        # Rebuild focus and non-focus widgets using current properties
254
 
        
 
285
 
255
286
        # Base part of a client. Name!
256
287
        base = '{name}: '.format(name=self.properties["Name"])
257
288
        if not self.properties["Enabled"]:
258
289
            message = "DISABLED"
259
 
            self.using_timer(False)
260
290
        elif self.properties["ApprovalPending"]:
261
291
            timeout = datetime.timedelta(milliseconds
262
292
                                         = self.properties
264
294
            last_approval_request = isoformat_to_datetime(
265
295
                self.properties["LastApprovalRequest"])
266
296
            if last_approval_request is not None:
267
 
                timer = max(timeout - (datetime.datetime.utcnow()
268
 
                                       - last_approval_request),
269
 
                            datetime.timedelta())
 
297
                timer = timeout - (datetime.datetime.utcnow()
 
298
                                   - last_approval_request)
270
299
            else:
271
300
                timer = datetime.timedelta()
272
301
            if self.properties["ApprovedByDefault"]:
273
 
                message = "Approval in {}. (d)eny?"
 
302
                message = "Approval in {0}. (d)eny?"
274
303
            else:
275
 
                message = "Denial in {}. (a)pprove?"
276
 
            message = message.format(str(timer).rsplit(".", 1)[0])
277
 
            self.using_timer(True)
 
304
                message = "Denial in {0}. (a)pprove?"
 
305
            message = message.format(unicode(timer).rsplit(".", 1)[0])
278
306
        elif self.properties["LastCheckerStatus"] != 0:
279
 
            # When checker has failed, show timer until client expires
 
307
            # When checker has failed, print a timer until client expires
280
308
            expires = self.properties["Expires"]
281
309
            if expires == "":
282
310
                timer = datetime.timedelta(0)
283
311
            else:
284
 
                expires = (datetime.datetime.strptime
285
 
                           (expires, '%Y-%m-%dT%H:%M:%S.%f'))
286
 
                timer = max(expires - datetime.datetime.utcnow(),
287
 
                            datetime.timedelta())
 
312
                expires = datetime.datetime.strptime(expires,
 
313
                                                     '%Y-%m-%dT%H:%M:%S.%f')
 
314
                timer = expires - datetime.datetime.utcnow()
288
315
            message = ('A checker has failed! Time until client'
289
 
                       ' gets disabled: {}'
290
 
                       .format(str(timer).rsplit(".", 1)[0]))
291
 
            self.using_timer(True)
 
316
                       ' gets disabled: {0}'
 
317
                       .format(unicode(timer).rsplit(".", 1)[0]))
292
318
        else:
293
319
            message = "enabled"
294
 
            self.using_timer(False)
295
 
        self._text = "{}{}".format(base, message)
296
 
        
 
320
        self._text = "{0}{1}".format(base, message)
 
321
            
297
322
        if not urwid.supports_unicode():
298
323
            self._text = self._text.encode("ascii", "replace")
299
324
        textlist = [("normal", self._text)]
316
341
        self.update()
317
342
        return True             # Keep calling this
318
343
    
319
 
    def delete(self, **kwargs):
 
344
    def delete(self, *args, **kwargs):
320
345
        if self._update_timer_callback_tag is not None:
321
346
            gobject.source_remove(self._update_timer_callback_tag)
322
347
            self._update_timer_callback_tag = None
325
350
        self.match_objects = ()
326
351
        if self.delete_hook is not None:
327
352
            self.delete_hook(self)
328
 
        return super(MandosClientWidget, self).delete(**kwargs)
 
353
        return super(MandosClientWidget, self).delete(*args, **kwargs)
329
354
    
330
355
    def render(self, maxcolrow, focus=False):
331
356
        """Render differently if we have focus.
373
398
        else:
374
399
            return key
375
400
    
376
 
    def properties_changed(self, interface, properties, invalidated):
377
 
        """Call self.update() if any properties changed.
 
401
    def property_changed(self, property=None, value=None,
 
402
                         *args, **kwargs):
 
403
        """Call self.update() if old value is not new value.
378
404
        This overrides the method from MandosClientPropertyCache"""
379
 
        old_values = { key: self.properties.get(key)
380
 
                       for key in properties.keys() }
381
 
        super(MandosClientWidget, self).properties_changed(
382
 
            interface, properties, invalidated)
383
 
        if any(old_values[key] != self.properties.get(key)
384
 
               for key in old_values):
 
405
        property_name = unicode(property)
 
406
        old_value = self.properties.get(property_name)
 
407
        super(MandosClientWidget, self).property_changed(
 
408
            property=property, value=value, *args, **kwargs)
 
409
        if self.properties.get(property_name) != old_value:
385
410
            self.update()
386
411
 
387
412
 
390
415
    "down" key presses, thus not allowing any containing widgets to
391
416
    use them as an excuse to shift focus away from this widget.
392
417
    """
393
 
    def keypress(self, *args, **kwargs):
394
 
        ret = super(ConstrainedListBox, self).keypress(*args, **kwargs)
 
418
    def keypress(self, maxcolrow, key):
 
419
        ret = super(ConstrainedListBox, self).keypress(maxcolrow, key)
395
420
        if ret in ("up", "down"):
396
421
            return
397
422
        return ret
401
426
    """This is the entire user interface - the whole screen
402
427
    with boxes, lists of client widgets, etc.
403
428
    """
404
 
    def __init__(self, max_log_length=1000, log_level=1):
 
429
    def __init__(self, max_log_length=1000):
405
430
        DBusGMainLoop(set_as_default=True)
406
431
        
407
432
        self.screen = urwid.curses_display.Screen()
410
435
                ("normal",
411
436
                 "default", "default", None),
412
437
                ("bold",
413
 
                 "bold", "default", "bold"),
 
438
                 "default", "default", "bold"),
414
439
                ("underline-blink",
415
 
                 "underline,blink", "default", "underline,blink"),
 
440
                 "default", "default", "underline"),
416
441
                ("standout",
417
 
                 "standout", "default", "standout"),
 
442
                 "default", "default", "standout"),
418
443
                ("bold-underline-blink",
419
 
                 "bold,underline,blink", "default", "bold,underline,blink"),
 
444
                 "default", "default", ("bold", "underline")),
420
445
                ("bold-standout",
421
 
                 "bold,standout", "default", "bold,standout"),
 
446
                 "default", "default", ("bold", "standout")),
422
447
                ("underline-blink-standout",
423
 
                 "underline,blink,standout", "default",
424
 
                 "underline,blink,standout"),
 
448
                 "default", "default", ("underline", "standout")),
425
449
                ("bold-underline-blink-standout",
426
 
                 "bold,underline,blink,standout", "default",
427
 
                 "bold,underline,blink,standout"),
 
450
                 "default", "default", ("bold", "underline",
 
451
                                          "standout")),
428
452
                ))
429
453
        
430
454
        if urwid.supports_unicode():
445
469
        self.log = []
446
470
        self.max_log_length = max_log_length
447
471
        
448
 
        self.log_level = log_level
449
 
        
450
472
        # We keep a reference to the log widget so we can remove it
451
473
        # from the ListWalker without it getting destroyed
452
474
        self.logbox = ConstrainedListBox(self.log)
466
488
        self.main_loop = gobject.MainLoop()
467
489
    
468
490
    def client_not_found(self, fingerprint, address):
469
 
        self.log_message("Client with address {} and fingerprint {}"
470
 
                         " could not be found"
 
491
        self.log_message("Client with address {0} and fingerprint"
 
492
                         " {1} could not be found"
471
493
                         .format(address, fingerprint))
472
494
    
473
495
    def rebuild(self):
486
508
            self.uilist.append(self.logbox)
487
509
        self.topwidget = urwid.Pile(self.uilist)
488
510
    
489
 
    def log_message(self, message, level=1):
490
 
        """Log message formatted with timestamp"""
491
 
        if level < self.log_level:
492
 
            return
 
511
    def log_message(self, message):
493
512
        timestamp = datetime.datetime.now().isoformat()
494
 
        self.log_message_raw("{}: {}".format(timestamp, message),
495
 
                             level=level)
 
513
        self.log_message_raw(timestamp + ": " + message)
496
514
    
497
 
    def log_message_raw(self, markup, level=1):
 
515
    def log_message_raw(self, markup):
498
516
        """Add a log message to the log buffer."""
499
 
        if level < self.log_level:
500
 
            return
501
517
        self.log.append(urwid.Text(markup, wrap=self.log_wrap))
502
518
        if (self.max_log_length
503
519
            and len(self.log) > self.max_log_length):
510
526
        """Toggle visibility of the log buffer."""
511
527
        self.log_visible = not self.log_visible
512
528
        self.rebuild()
513
 
        self.log_message("Log visibility changed to: {}"
514
 
                         .format(self.log_visible), level=0)
 
529
        #self.log_message("Log visibility changed to: "
 
530
        #                 + unicode(self.log_visible))
515
531
    
516
532
    def change_log_display(self):
517
533
        """Change type of log display.
522
538
            self.log_wrap = "clip"
523
539
        for textwidget in self.log:
524
540
            textwidget.set_wrap_mode(self.log_wrap)
525
 
        self.log_message("Wrap mode: {}".format(self.log_wrap),
526
 
                         level=0)
 
541
        #self.log_message("Wrap mode: " + self.log_wrap)
527
542
    
528
543
    def find_and_remove_client(self, path, name):
529
544
        """Find a client by its object path and remove it.
534
549
            client = self.clients_dict[path]
535
550
        except KeyError:
536
551
            # not found?
537
 
            self.log_message("Unknown client {!r} ({!r}) removed"
 
552
            self.log_message("Unknown client {0!r} ({1!r}) removed"
538
553
                             .format(name, path))
539
554
            return
540
555
        client.delete()
558
573
        if path is None:
559
574
            path = client.proxy.object_path
560
575
        self.clients_dict[path] = client
561
 
        self.clients.sort(key=lambda c: c.properties["Name"])
 
576
        self.clients.sort(None, lambda c: c.properties["Name"])
562
577
        self.refresh()
563
578
    
564
579
    def remove_client(self, client, path=None):
566
581
        if path is None:
567
582
            path = client.proxy.object_path
568
583
        del self.clients_dict[path]
 
584
        if not self.clients_dict:
 
585
            # Work around bug in Urwid 0.9.8.3 - if a SimpleListWalker
 
586
            # is completely emptied, we need to recreate it.
 
587
            self.clients = urwid.SimpleListWalker([])
 
588
            self.rebuild()
569
589
        self.refresh()
570
590
    
571
591
    def refresh(self):
584
604
        try:
585
605
            mandos_clients = (self.mandos_serv
586
606
                              .GetAllClientsWithProperties())
587
 
            if not mandos_clients:
588
 
                self.log_message_raw(("bold", "Note: Server has no clients."))
589
607
        except dbus.exceptions.DBusException:
590
 
            self.log_message_raw(("bold", "Note: No Mandos server running."))
591
608
            mandos_clients = dbus.Dictionary()
592
609
        
593
610
        (self.mandos_serv
605
622
                            self.client_not_found,
606
623
                            dbus_interface=server_interface,
607
624
                            byte_arrays=True))
608
 
        for path, client in mandos_clients.items():
 
625
        for path, client in mandos_clients.iteritems():
609
626
            client_proxy_object = self.bus.get_object(self.busname,
610
627
                                                      path)
611
628
            self.add_client(MandosClientWidget(server_proxy_object
620
637
                                               logger
621
638
                                               =self.log_message),
622
639
                            path=path)
623
 
        
 
640
 
624
641
        self.refresh()
625
642
        self._input_callback_tag = (gobject.io_add_watch
626
643
                                    (sys.stdin.fileno(),
658
675
            elif key == "window resize":
659
676
                self.size = self.screen.get_cols_rows()
660
677
                self.refresh()
661
 
            elif key == "ctrl l":
662
 
                self.screen.clear()
 
678
            elif key == "\f":  # Ctrl-L
663
679
                self.refresh()
664
680
            elif key == "l" or key == "D":
665
681
                self.toggle_log_display()
677
693
                                            "?: Help",
678
694
                                            "l: Log window toggle",
679
695
                                            "TAB: Switch window",
680
 
                                            "w: Wrap (log lines)",
681
 
                                            "v: Toggle verbose log",
682
 
                                            ))))
 
696
                                            "w: Wrap (log)"))))
683
697
                self.log_message_raw(("bold",
684
698
                                      "  "
685
699
                                      .join(("Clients:",
698
712
                else:
699
713
                    self.topwidget.set_focus(self.logbox)
700
714
                self.refresh()
701
 
            elif key == "v":
702
 
                if self.log_level == 0:
703
 
                    self.log_level = 1
704
 
                    self.log_message("Verbose mode: Off")
705
 
                else:
706
 
                    self.log_level = 0
707
 
                    self.log_message("Verbose mode: On")
708
715
            #elif (key == "end" or key == "meta >" or key == "G"
709
716
            #      or key == ">"):
710
717
            #    pass            # xxx end-of-buffer
733
740
    ui.run()
734
741
except KeyboardInterrupt:
735
742
    ui.screen.stop()
736
 
except Exception as e:
737
 
    ui.log_message(str(e))
 
743
except Exception, e:
 
744
    ui.log_message(unicode(e))
738
745
    ui.screen.stop()
739
746
    raise