/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos

  • Committer: teddy at recompile
  • Date: 2020-02-07 20:53:34 UTC
  • mto: This revision was merged to the branch mainline in revision 396.
  • Revision ID: teddy@recompile.se-20200207205334-dp41p8c8vw0ytik5
Allow users to more easily alter mandos.service

The sysvinit script uses /etc/default/mandos as an environment file,
and supports adding additional server options to a DAEMON_ARGS
environment variable.  This should be supported by the systemd
service, too.

* mandos.service ([Service]/EnvironmentFile): New; set to
  "/etc/default/mandos ".
  ([Service]/ExecStart): Append "$DAEMON_ARGS".

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
#!/usr/bin/python
2
 
# -*- mode: python; coding: utf-8 -*-
 
1
#!/usr/bin/python3 -bI
 
2
# -*- mode: python; after-save-hook: (lambda () (let ((command (if (fboundp 'file-local-name) (file-local-name (buffer-file-name)) (or (file-remote-p (buffer-file-name) 'localname) (buffer-file-name))))) (if (= (progn (if (get-buffer "*Test*") (kill-buffer "*Test*")) (process-file-shell-command (format "%s --check" (shell-quote-argument command)) nil "*Test*")) 0) (let ((w (get-buffer-window "*Test*"))) (if w (delete-window w))) (progn (with-current-buffer "*Test*" (compilation-mode)) (display-buffer "*Test*" '(display-buffer-in-side-window)))))); coding: utf-8 -*-
3
3
#
4
4
# Mandos server - give out binary blobs to connecting clients.
5
5
#
77
77
import itertools
78
78
import collections
79
79
import codecs
 
80
import unittest
 
81
import random
80
82
 
81
83
import dbus
82
84
import dbus.service
 
85
import gi
83
86
from gi.repository import GLib
84
87
from dbus.mainloop.glib import DBusGMainLoop
85
88
import ctypes
87
90
import xml.dom.minidom
88
91
import inspect
89
92
 
 
93
if sys.version_info.major == 2:
 
94
    __metaclass__ = type
 
95
    str = unicode
 
96
 
 
97
# Add collections.abc.Callable if it does not exist
 
98
try:
 
99
    collections.abc.Callable
 
100
except AttributeError:
 
101
    class abc:
 
102
        Callable = collections.Callable
 
103
    collections.abc = abc
 
104
    del abc
 
105
 
 
106
# Show warnings by default
 
107
if not sys.warnoptions:
 
108
    import warnings
 
109
    warnings.simplefilter("default")
 
110
 
90
111
# Try to find the value of SO_BINDTODEVICE:
91
112
try:
92
113
    # This is where SO_BINDTODEVICE is in Python 3.3 (or 3.4?) and
112
133
            # No value found
113
134
            SO_BINDTODEVICE = None
114
135
 
115
 
if sys.version_info.major == 2:
116
 
    str = unicode
 
136
if sys.version_info < (3, 2):
 
137
    configparser.Configparser = configparser.SafeConfigParser
117
138
 
118
 
version = "1.8.4"
 
139
version = "1.8.9"
119
140
stored_state_file = "clients.pickle"
120
141
 
121
142
logger = logging.getLogger()
 
143
logging.captureWarnings(True)   # Show warnings via the logging system
122
144
syslogger = None
123
145
 
124
146
try:
179
201
    pass
180
202
 
181
203
 
182
 
class PGPEngine(object):
 
204
class PGPEngine:
183
205
    """A simple class for OpenPGP symmetric encryption & decryption"""
184
206
 
185
207
    def __init__(self):
189
211
            output = subprocess.check_output(["gpgconf"])
190
212
            for line in output.splitlines():
191
213
                name, text, path = line.split(b":")
192
 
                if name == "gpg":
 
214
                if name == b"gpg":
193
215
                    self.gpg = path
194
216
                    break
195
217
        except OSError as e:
200
222
                          '--force-mdc',
201
223
                          '--quiet']
202
224
        # Only GPG version 1 has the --no-use-agent option.
203
 
        if self.gpg == "gpg" or self.gpg.endswith("/gpg"):
 
225
        if self.gpg == b"gpg" or self.gpg.endswith(b"/gpg"):
204
226
            self.gnupgargs.append("--no-use-agent")
205
227
 
206
228
    def __enter__(self):
275
297
 
276
298
 
277
299
# Pretend that we have an Avahi module
278
 
class avahi(object):
 
300
class avahi:
279
301
    """This isn't so much a class as it is a module-like namespace."""
280
302
    IF_UNSPEC = -1               # avahi-common/address.h
281
303
    PROTO_UNSPEC = -1            # avahi-common/address.h
315
337
    pass
316
338
 
317
339
 
318
 
class AvahiService(object):
 
340
class AvahiService:
319
341
    """An Avahi (Zeroconf) service.
320
342
 
321
343
    Attributes:
503
525
 
504
526
 
505
527
# Pretend that we have a GnuTLS module
506
 
class gnutls(object):
 
528
class gnutls:
507
529
    """This isn't so much a class as it is a module-like namespace."""
508
530
 
509
531
    library = ctypes.util.find_library("gnutls")
572
594
        pass
573
595
 
574
596
    # Classes
575
 
    class Credentials(object):
 
597
    class Credentials:
576
598
        def __init__(self):
577
599
            self._c_object = gnutls.certificate_credentials_t()
578
600
            gnutls.certificate_allocate_credentials(
582
604
        def __del__(self):
583
605
            gnutls.certificate_free_credentials(self._c_object)
584
606
 
585
 
    class ClientSession(object):
 
607
    class ClientSession:
586
608
        def __init__(self, socket, credentials=None):
587
609
            self._c_object = gnutls.session_t()
588
610
            gnutls_flags = gnutls.CLIENT
814
836
    connection.close()
815
837
 
816
838
 
817
 
class Client(object):
 
839
class Client:
818
840
    """A representation of a client host served by this server.
819
841
 
820
842
    Attributes:
1023
1045
        if self.checker_initiator_tag is not None:
1024
1046
            GLib.source_remove(self.checker_initiator_tag)
1025
1047
        self.checker_initiator_tag = GLib.timeout_add(
1026
 
            int(self.interval.total_seconds() * 1000),
 
1048
            random.randrange(int(self.interval.total_seconds() * 1000
 
1049
                                 + 1)),
1027
1050
            self.start_checker)
1028
1051
        # Schedule a disable() when 'timeout' has passed
1029
1052
        if self.disable_initiator_tag is not None:
1039
1062
        # Read return code from connection (see call_pipe)
1040
1063
        returncode = connection.recv()
1041
1064
        connection.close()
1042
 
        self.checker.join()
 
1065
        if self.checker is not None:
 
1066
            self.checker.join()
1043
1067
        self.checker_callback_tag = None
1044
1068
        self.checker = None
1045
1069
 
1136
1160
                kwargs=popen_args)
1137
1161
            self.checker.start()
1138
1162
            self.checker_callback_tag = GLib.io_add_watch(
1139
 
                pipe[0].fileno(), GLib.IO_IN,
 
1163
                GLib.IOChannel.unix_new(pipe[0].fileno()),
 
1164
                GLib.PRIORITY_DEFAULT, GLib.IO_IN,
1140
1165
                self.checker_callback, pipe[0], command)
1141
1166
        # Re-run this periodically if run by GLib.timeout_add
1142
1167
        return True
1397
1422
                raise ValueError("Byte arrays not supported for non-"
1398
1423
                                 "'ay' signature {!r}"
1399
1424
                                 .format(prop._dbus_signature))
1400
 
            value = dbus.ByteArray(b''.join(chr(byte)
1401
 
                                            for byte in value))
 
1425
            value = dbus.ByteArray(bytes(value))
1402
1426
        prop(value)
1403
1427
 
1404
1428
    @dbus.service.method(dbus.PROPERTIES_IFACE,
2209
2233
    del _interface
2210
2234
 
2211
2235
 
2212
 
class ProxyClient(object):
 
2236
class ProxyClient:
2213
2237
    def __init__(self, child_pipe, key_id, fpr, address):
2214
2238
        self._pipe = child_pipe
2215
2239
        self._pipe.send(('init', key_id, fpr, address))
2488
2512
        return hex_fpr
2489
2513
 
2490
2514
 
2491
 
class MultiprocessingMixIn(object):
 
2515
class MultiprocessingMixIn:
2492
2516
    """Like socketserver.ThreadingMixIn, but with multiprocessing"""
2493
2517
 
2494
2518
    def sub_process_main(self, request, address):
2506
2530
        return proc
2507
2531
 
2508
2532
 
2509
 
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
 
2533
class MultiprocessingMixInWithPipe(MultiprocessingMixIn):
2510
2534
    """ adds a pipe to the MixIn """
2511
2535
 
2512
2536
    def process_request(self, request, client_address):
2527
2551
 
2528
2552
 
2529
2553
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
2530
 
                     socketserver.TCPServer, object):
 
2554
                     socketserver.TCPServer):
2531
2555
    """IPv6-capable TCP server.  Accepts 'None' as address and/or port
2532
2556
 
2533
2557
    Attributes:
2666
2690
    def add_pipe(self, parent_pipe, proc):
2667
2691
        # Call "handle_ipc" for both data and EOF events
2668
2692
        GLib.io_add_watch(
2669
 
            parent_pipe.fileno(),
2670
 
            GLib.IO_IN | GLib.IO_HUP,
 
2693
            GLib.IOChannel.unix_new(parent_pipe.fileno()),
 
2694
            GLib.PRIORITY_DEFAULT, GLib.IO_IN | GLib.IO_HUP,
2671
2695
            functools.partial(self.handle_ipc,
2672
2696
                              parent_pipe=parent_pipe,
2673
2697
                              proc=proc))
2711
2735
                return False
2712
2736
 
2713
2737
            GLib.io_add_watch(
2714
 
                parent_pipe.fileno(),
2715
 
                GLib.IO_IN | GLib.IO_HUP,
 
2738
                GLib.IOChannel.unix_new(parent_pipe.fileno()),
 
2739
                GLib.PRIORITY_DEFAULT, GLib.IO_IN | GLib.IO_HUP,
2716
2740
                functools.partial(self.handle_ipc,
2717
2741
                                  parent_pipe=parent_pipe,
2718
2742
                                  proc=proc,
2733
2757
        if command == 'getattr':
2734
2758
            attrname = request[1]
2735
2759
            if isinstance(client_object.__getattribute__(attrname),
2736
 
                          collections.Callable):
 
2760
                          collections.abc.Callable):
2737
2761
                parent_pipe.send(('function', ))
2738
2762
            else:
2739
2763
                parent_pipe.send((
2750
2774
def rfc3339_duration_to_delta(duration):
2751
2775
    """Parse an RFC 3339 "duration" and return a datetime.timedelta
2752
2776
 
2753
 
    >>> rfc3339_duration_to_delta("P7D")
2754
 
    datetime.timedelta(7)
2755
 
    >>> rfc3339_duration_to_delta("PT60S")
2756
 
    datetime.timedelta(0, 60)
2757
 
    >>> rfc3339_duration_to_delta("PT60M")
2758
 
    datetime.timedelta(0, 3600)
2759
 
    >>> rfc3339_duration_to_delta("PT24H")
2760
 
    datetime.timedelta(1)
2761
 
    >>> rfc3339_duration_to_delta("P1W")
2762
 
    datetime.timedelta(7)
2763
 
    >>> rfc3339_duration_to_delta("PT5M30S")
2764
 
    datetime.timedelta(0, 330)
2765
 
    >>> rfc3339_duration_to_delta("P1DT3M20S")
2766
 
    datetime.timedelta(1, 200)
 
2777
    >>> rfc3339_duration_to_delta("P7D") == datetime.timedelta(7)
 
2778
    True
 
2779
    >>> rfc3339_duration_to_delta("PT60S") == datetime.timedelta(0, 60)
 
2780
    True
 
2781
    >>> rfc3339_duration_to_delta("PT60M") == datetime.timedelta(0, 3600)
 
2782
    True
 
2783
    >>> rfc3339_duration_to_delta("PT24H") == datetime.timedelta(1)
 
2784
    True
 
2785
    >>> rfc3339_duration_to_delta("P1W") == datetime.timedelta(7)
 
2786
    True
 
2787
    >>> rfc3339_duration_to_delta("PT5M30S") == datetime.timedelta(0, 330)
 
2788
    True
 
2789
    >>> rfc3339_duration_to_delta("P1DT3M20S") == datetime.timedelta(1, 200)
 
2790
    True
2767
2791
    """
2768
2792
 
2769
2793
    # Parsing an RFC 3339 duration with regular expressions is not
2849
2873
def string_to_delta(interval):
2850
2874
    """Parse a string and return a datetime.timedelta
2851
2875
 
2852
 
    >>> string_to_delta('7d')
2853
 
    datetime.timedelta(7)
2854
 
    >>> string_to_delta('60s')
2855
 
    datetime.timedelta(0, 60)
2856
 
    >>> string_to_delta('60m')
2857
 
    datetime.timedelta(0, 3600)
2858
 
    >>> string_to_delta('24h')
2859
 
    datetime.timedelta(1)
2860
 
    >>> string_to_delta('1w')
2861
 
    datetime.timedelta(7)
2862
 
    >>> string_to_delta('5m 30s')
2863
 
    datetime.timedelta(0, 330)
 
2876
    >>> string_to_delta('7d') == datetime.timedelta(7)
 
2877
    True
 
2878
    >>> string_to_delta('60s') == datetime.timedelta(0, 60)
 
2879
    True
 
2880
    >>> string_to_delta('60m') == datetime.timedelta(0, 3600)
 
2881
    True
 
2882
    >>> string_to_delta('24h') == datetime.timedelta(1)
 
2883
    True
 
2884
    >>> string_to_delta('1w') == datetime.timedelta(7)
 
2885
    True
 
2886
    >>> string_to_delta('5m 30s') == datetime.timedelta(0, 330)
 
2887
    True
2864
2888
    """
2865
2889
 
2866
2890
    try:
2968
2992
 
2969
2993
    options = parser.parse_args()
2970
2994
 
2971
 
    if options.check:
2972
 
        import doctest
2973
 
        fail_count, test_count = doctest.testmod()
2974
 
        sys.exit(os.EX_OK if fail_count == 0 else 1)
2975
 
 
2976
2995
    # Default values for config file for server-global settings
2977
2996
    if gnutls.has_rawpk:
2978
2997
        priority = ("SECURE128:!CTYPE-X.509:+CTYPE-RAWPK:!RSA"
2998
3017
    del priority
2999
3018
 
3000
3019
    # Parse config file for server-global settings
3001
 
    server_config = configparser.SafeConfigParser(server_defaults)
 
3020
    server_config = configparser.ConfigParser(server_defaults)
3002
3021
    del server_defaults
3003
3022
    server_config.read(os.path.join(options.configdir, "mandos.conf"))
3004
 
    # Convert the SafeConfigParser object to a dict
 
3023
    # Convert the ConfigParser object to a dict
3005
3024
    server_settings = server_config.defaults()
3006
3025
    # Use the appropriate methods on the non-string config options
3007
3026
    for option in ("debug", "use_dbus", "use_ipv6", "restore",
3079
3098
                                  server_settings["servicename"])))
3080
3099
 
3081
3100
    # Parse config file with clients
3082
 
    client_config = configparser.SafeConfigParser(Client
3083
 
                                                  .client_defaults)
 
3101
    client_config = configparser.ConfigParser(Client.client_defaults)
3084
3102
    client_config.read(os.path.join(server_settings["configdir"],
3085
3103
                                    "clients.conf"))
3086
3104
 
3157
3175
        # Close all input and output, do double fork, etc.
3158
3176
        daemon()
3159
3177
 
3160
 
    # multiprocessing will use threads, so before we use GLib we need
3161
 
    # to inform GLib that threads will be used.
3162
 
    GLib.threads_init()
 
3178
    if gi.version_info < (3, 10, 2):
 
3179
        # multiprocessing will use threads, so before we use GLib we
 
3180
        # need to inform GLib that threads will be used.
 
3181
        GLib.threads_init()
3163
3182
 
3164
3183
    global main_loop
3165
3184
    # From the Avahi example code
3241
3260
                             if isinstance(s, bytes)
3242
3261
                             else s) for s in
3243
3262
                            value["client_structure"]]
3244
 
                        # .name & .host
3245
 
                        for k in ("name", "host"):
 
3263
                        # .name, .host, and .checker_command
 
3264
                        for k in ("name", "host", "checker_command"):
3246
3265
                            if isinstance(value[k], bytes):
3247
3266
                                value[k] = value[k].decode("utf-8")
3248
3267
                        if "key_id" not in value:
3258
3277
                        for key, value in
3259
3278
                        bytes_old_client_settings.items()}
3260
3279
                    del bytes_old_client_settings
3261
 
                    # .host
 
3280
                    # .host and .checker_command
3262
3281
                    for value in old_client_settings.values():
3263
 
                        if isinstance(value["host"], bytes):
3264
 
                            value["host"] = (value["host"]
3265
 
                                             .decode("utf-8"))
 
3282
                        for attribute in ("host", "checker_command"):
 
3283
                            if isinstance(value[attribute], bytes):
 
3284
                                value[attribute] = (value[attribute]
 
3285
                                                    .decode("utf-8"))
3266
3286
            os.remove(stored_state_path)
3267
3287
        except IOError as e:
3268
3288
            if e.errno == errno.ENOENT:
3593
3613
                sys.exit(1)
3594
3614
            # End of Avahi example code
3595
3615
 
3596
 
        GLib.io_add_watch(tcp_server.fileno(), GLib.IO_IN,
3597
 
                          lambda *args, **kwargs:
3598
 
                          (tcp_server.handle_request
3599
 
                           (*args[2:], **kwargs) or True))
 
3616
        GLib.io_add_watch(
 
3617
            GLib.IOChannel.unix_new(tcp_server.fileno()),
 
3618
            GLib.PRIORITY_DEFAULT, GLib.IO_IN,
 
3619
            lambda *args, **kwargs: (tcp_server.handle_request
 
3620
                                     (*args[2:], **kwargs) or True))
3600
3621
 
3601
3622
        logger.debug("Starting main loop")
3602
3623
        main_loop.run()
3612
3633
    # Must run before the D-Bus bus name gets deregistered
3613
3634
    cleanup()
3614
3635
 
 
3636
 
 
3637
def should_only_run_tests():
 
3638
    parser = argparse.ArgumentParser(add_help=False)
 
3639
    parser.add_argument("--check", action='store_true')
 
3640
    args, unknown_args = parser.parse_known_args()
 
3641
    run_tests = args.check
 
3642
    if run_tests:
 
3643
        # Remove --check argument from sys.argv
 
3644
        sys.argv[1:] = unknown_args
 
3645
    return run_tests
 
3646
 
 
3647
# Add all tests from doctest strings
 
3648
def load_tests(loader, tests, none):
 
3649
    import doctest
 
3650
    tests.addTests(doctest.DocTestSuite())
 
3651
    return tests
3615
3652
 
3616
3653
if __name__ == '__main__':
3617
 
    main()
 
3654
    try:
 
3655
        if should_only_run_tests():
 
3656
            # Call using ./mandos --check [--verbose]
 
3657
            unittest.main()
 
3658
        else:
 
3659
            main()
 
3660
    finally:
 
3661
        logging.shutdown()