/mandos/release : revision 24.1.174

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-monitor

Committer: Björn Påhlsson
Date: 2011-06-23 22:27:15 UTC
mto: (237.7.33 trunk)
mto: This revision was merged to the branch mainline in revision 284.
Revision ID: belorn@fukt.bsnet.se-20110623222715-q5wro9ma9iyjl367

* Makefile (CFLAGS): Added "-lrt" to include real time library.
* plugins.d/mandos-client.c: use scandir(3) instead of readdir(3)
                             Prefix all debug output with "Mandos plugin " + program_invocation_short_name
                             Retry servers that failed to provide password.
                             New option --retry SECONDS that sets the interval between rechecking.
                             --retry also controls how often it retries a server when using --connect.
* plugins.d/splashy.c:  Prefix all debug output with "Mandos plugin " + program_invocation_short_name
* plugins.d/usplash.c: --||--
* plugins.d/askpass-fifo.c: --||--
* plugins.d/password-prompt.c: --||--
* plugins.d/plymouth.c: --||--
* mandos: Lower logger level from warning to info on failed client requests because client was disabled or unknown fingerprint.
* plugins.d/plymouth.c (get_pid): bug fix. Was not calling free on direntries.

files removed:
debian/source/local-options

intro.xml

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

files modified:
DBUS-API

Makefile

NEWS

README

TODO

clients.conf

common.ent

dbus-mandos.conf

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.docs

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

mandos-monitor

# Mandos Monitor - Control and monitor the Mandos server

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# You should have received a copy of the GNU General Public License

# along with this program. If not, see <http://www.gnu.org/licenses/>.

# Contact the authors at <mandos@recompile.se>.

# Contact the authors at <mandos@fukt.bsnet.se>.

from __future__ import (division, absolute_import, print_function,

unicode_literals)

from __future__ import division, absolute_import, print_function, unicode_literals

import sys

import os

logging.getLogger('dbus.proxies').setLevel(logging.CRITICAL)

# Some useful constants

domain = 'se.recompile'

domain = 'se.bsnet.fukt'

server_interface = domain + '.Mandos'

client_interface = domain + '.Mandos.Client'

version = "1.5.1"

version = "1.3.0"

# Always run in monochrome mode

urwid.curses_display.curses.has_colors = lambda : False

self.proxy = proxy_object # Mandos Client proxy object

self.properties = dict()

self.property_changed_match = (

self.proxy.connect_to_signal("PropertyChanged",

self.property_changed,

client_interface,

byte_arrays=True))

self.proxy.connect_to_signal("PropertyChanged",

self.property_changed,

client_interface,

byte_arrays=True)

self.properties.update(

self.proxy.GetAll(client_interface,

dbus_interface = dbus.PROPERTIES_IFACE))

100

#XXX This breaks good super behaviour

#XXX This break good super behaviour!

101

# super(MandosClientPropertyCache, self).__init__(

102

100

# *args, **kwargs)

103

101

107

105

"""

108

106

# Update properties dict with new value

109

107

self.properties[property] = value

110

111

def delete(self, *args, **kwargs):

112

self.property_changed_match.remove()

113

super(MandosClientPropertyCache, self).__init__(

114

*args, **kwargs)

115

108

116

109

117

110

class MandosClientWidget(urwid.FlowWidget, MandosClientPropertyCache):

161

154

if self.need_approval:

162

155

self.using_timer(True)

163

156

164

self.match_objects = (

165

self.proxy.connect_to_signal("CheckerCompleted",

166

self.checker_completed,

167

client_interface,

168

byte_arrays=True),

169

self.proxy.connect_to_signal("CheckerStarted",

170

self.checker_started,

171

client_interface,

172

byte_arrays=True),

173

self.proxy.connect_to_signal("GotSecret",

174

self.got_secret,

175

client_interface,

176

byte_arrays=True),

177

self.proxy.connect_to_signal("NeedApproval",

178

self.need_approval,

179

client_interface,

180

byte_arrays=True),

181

self.proxy.connect_to_signal("Rejected",

182

self.rejected,

183

client_interface,

184

byte_arrays=True))

185

#self.logger('Created client %s' % (self.properties["Name"]))

157

self.proxy.connect_to_signal("CheckerCompleted",

158

self.checker_completed,

159

client_interface,

160

byte_arrays=True)

161

self.proxy.connect_to_signal("CheckerStarted",

162

self.checker_started,

163

client_interface,

164

byte_arrays=True)

165

self.proxy.connect_to_signal("GotSecret",

166

self.got_secret,

167

client_interface,

168

byte_arrays=True)

169

self.proxy.connect_to_signal("NeedApproval",

170

self.need_approval,

171

client_interface,

172

byte_arrays=True)

173

self.proxy.connect_to_signal("Rejected",

174

self.rejected,

175

client_interface,

176

byte_arrays=True)

186

177

187

178

def property_changed(self, property=None, value=None):

188

179

super(self, MandosClientWidget).property_changed(property,

200

191

else:

201

192

self._update_timer_callback_lock -= 1

202

193

if old == 0 and self._update_timer_callback_lock:

203

# Will update the shown timer value every second

204

194

self._update_timer_callback_tag = (gobject.timeout_add

205

195

(1000,

206

196

self.update_timer))

242

232

self.update()

243

233

244

234

def checker_started(self, command):

245

"""Server signals that a checker started. This could be useful

246

to log in the future. """

247

235

#self.logger('Client %s started checker "%s"'

248

236

# % (self.properties["Name"], unicode(command)))

249

237

pass

317

305

message = "Denial in %s. (a)pprove?"

318

306

message = message % unicode(timer).rsplit(".", 1)[0]

319

307

elif self.last_checker_failed:

320

# When checker has failed, print a timer until client expires

321

expires = self.properties["Expires"]

322

if expires == "":

323

timer = datetime.timedelta(0)

324

else:

325

expires = datetime.datetime.strptime(expires,

326

'%Y-%m-%dT%H:%M:%S.%f')

327

timer = expires - datetime.datetime.utcnow()

308

timeout = datetime.timedelta(milliseconds

309

= self.properties

310

["Timeout"])

311

last_ok = isoformat_to_datetime(

312

max((self.properties["LastCheckedOK"]

313

or self.properties["Created"]),

314

self.properties["LastEnabled"]))

315

timer = timeout - (datetime.datetime.utcnow() - last_ok)

328

316

message = ('A checker has failed! Time until client'

329

317

' gets disabled: %s'

330

318

% unicode(timer).rsplit(".", 1)[0])

349

337

self.update_hook()

350

338

351

339

def update_timer(self):

352

"""called by gobject. Will indefinitely loop until

353

gobject.source_remove() on tag is called"""

340

"called by gobject"

354

341

self.update()

355

342

return True # Keep calling this

356

343

357

def delete(self, *args, **kwargs):

344

def delete(self):

358

345

if self._update_timer_callback_tag is not None:

359

346

gobject.source_remove(self._update_timer_callback_tag)

360

347

self._update_timer_callback_tag = None

361

for match in self.match_objects:

362

match.remove()

363

self.match_objects = ()

364

348

if self.delete_hook is not None:

365

349

self.delete_hook(self)

366

return super(MandosClientWidget, self).delete(*args, **kwargs)

367

350

368

351

def render(self, maxcolrow, focus=False):

369

352

"""Render differently if we have focus.

499

482

500

483

self.busname = domain + '.Mandos'

501

484

self.main_loop = gobject.MainLoop()

485

self.bus = dbus.SystemBus()

486

mandos_dbus_objc = self.bus.get_object(

487

self.busname, "/", follow_name_owner_changes=True)

488

self.mandos_serv = dbus.Interface(mandos_dbus_objc,

489

dbus_interface

490

= server_interface)

491

try:

492

mandos_clients = (self.mandos_serv

493

.GetAllClientsWithProperties())

494

except dbus.exceptions.DBusException:

495

mandos_clients = dbus.Dictionary()

496

497

(self.mandos_serv

498

.connect_to_signal("ClientRemoved",

499

self.find_and_remove_client,

500

dbus_interface=server_interface,

501

byte_arrays=True))

502

(self.mandos_serv

503

.connect_to_signal("ClientAdded",

504

self.add_new_client,

505

dbus_interface=server_interface,

506

byte_arrays=True))

507

(self.mandos_serv

508

.connect_to_signal("ClientNotFound",

509

self.client_not_found,

510

dbus_interface=server_interface,

511

byte_arrays=True))

512

for path, client in mandos_clients.iteritems():

513

client_proxy_object = self.bus.get_object(self.busname,

514

path)

515

self.add_client(MandosClientWidget(server_proxy_object

516

=self.mandos_serv,

517

proxy_object

518

=client_proxy_object,

519

properties=client,

520

update_hook

521

=self.refresh,

522

delete_hook

523

=self.remove_client,

524

logger

525

=self.log_message),

526

path=path)

502

527

503

528

def client_not_found(self, fingerprint, address):

504

529

self.log_message(("Client with address %s and fingerprint %s"

519

544

self.divider)))

520

545

if self.log_visible:

521

546

self.uilist.append(self.logbox)

547

pass

522

548

self.topwidget = urwid.Pile(self.uilist)

523

549

524

550

def log_message(self, message):

554

580

#self.log_message("Wrap mode: " + self.log_wrap)

555

581

556

582

def find_and_remove_client(self, path, name):

557

"""Find a client by its object path and remove it.

583

"""Find an client from its object path and remove it.

558

584

559

585

This is connected to the ClientRemoved signal from the

560

586

Mandos server object."""

562

588

client = self.clients_dict[path]

563

589

except KeyError:

564

590

# not found?

565

self.log_message("Unknown client %r (%r) removed", name,

566

path)

567

591

return

568

client.delete()

592

self.remove_client(client, path)

569

593

570

594

def add_new_client(self, path):

571

595

client_proxy_object = self.bus.get_object(self.busname, path)

608

632

609

633

def run(self):

610

634

"""Start the main loop and exit when it's done."""

611

self.bus = dbus.SystemBus()

612

mandos_dbus_objc = self.bus.get_object(

613

self.busname, "/", follow_name_owner_changes=True)

614

self.mandos_serv = dbus.Interface(mandos_dbus_objc,

615

dbus_interface

616

= server_interface)

617

try:

618

mandos_clients = (self.mandos_serv

619

.GetAllClientsWithProperties())

620

except dbus.exceptions.DBusException:

621

mandos_clients = dbus.Dictionary()

622

623

(self.mandos_serv

624

.connect_to_signal("ClientRemoved",

625

self.find_and_remove_client,

626

dbus_interface=server_interface,

627

byte_arrays=True))

628

(self.mandos_serv

629

.connect_to_signal("ClientAdded",

630

self.add_new_client,

631

dbus_interface=server_interface,

632

byte_arrays=True))

633

(self.mandos_serv

634

.connect_to_signal("ClientNotFound",

635

self.client_not_found,

636

dbus_interface=server_interface,

637

byte_arrays=True))

638

for path, client in mandos_clients.iteritems():

639

client_proxy_object = self.bus.get_object(self.busname,

640

path)

641

self.add_client(MandosClientWidget(server_proxy_object

642

=self.mandos_serv,

643

proxy_object

644

=client_proxy_object,

645

properties=client,

646

update_hook

647

=self.refresh,

648

delete_hook

649

=self.remove_client,

650

logger

651

=self.log_message),

652

path=path)

653

654

635

self.refresh()

655

636

self._input_callback_tag = (gobject.io_add_watch

656

637

(sys.stdin.fileno(),

Older »