To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to server.py
- browse files at revision 24
- compare with another revision
- download diff
- download tarball
- view history from revision 24
- Committer: Teddy Hogeborn
- Date: 2008-07-22 01:59:47 UTC
- Revision ID: teddy@fukt.bsnet.se-20080722015947-y7o6keji020nvrhw
* Makefile (OPTIMIZE): New; optimize for size.
(CFLAGS): Use $(OPTIMIZE).
(CFLAGS): Use $(OPTIMIZE).
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
server.py
6
6
# This program is partly derived from an example program for an Avahi
7
7
# service publisher, downloaded from
8
8
# <http://avahi.org/wiki/PythonPublishExample>. This includes the
9
# methods "add", "remove", "server_state_changed",
10
# "entry_group_state_changed", "cleanup", and "activate" in the
11
# "AvahiService" class, and some lines in "main".
9
# following functions: "add_service", "remove_service",
10
# "server_state_changed", "entry_group_state_changed", and some lines
11
# in "main".
12
12
#
13
# Everything else is
14
# Copyright © 2008,2009 Teddy Hogeborn
15
# Copyright © 2008,2009 Björn Påhlsson
13
# Everything else is Copyright © 2007-2008 Teddy Hogeborn and Björn
14
# Påhlsson.
16
15
#
17
16
# This program is free software: you can redistribute it and/or modify
18
17
# it under the terms of the GNU General Public License as published by
25
24
# GNU General Public License for more details.
26
25
#
27
26
# You should have received a copy of the GNU General Public License
28
# along with this program. If not, see
29
# <http://www.gnu.org/licenses/>.
30
#
31
# Contact the authors at <mandos@fukt.bsnet.se>.
32
#
33
34
from __future__ import division, with_statement, absolute_import
35
36
import SocketServer as socketserver
27
# along with this program. If not, see <http://www.gnu.org/licenses/>.
28
#
29
# Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
30
# <https://www.fukt.bsnet.se/~teddy/>.
31
#
32
33
from __future__ import division
34
35
import SocketServer
37
36
import socket
38
import optparse
37
import select
38
from optparse import OptionParser
39
39
import datetime
40
40
import errno
41
41
import gnutls.crypto
44
44
import gnutls.library.functions
45
45
import gnutls.library.constants
46
46
import gnutls.library.types
47
import ConfigParser as configparser
47
import ConfigParser
48
48
import sys
49
49
import re
50
50
import os
51
51
import signal
52
from sets import Set
52
53
import subprocess
53
54
import atexit
54
55
import stat
55
56
import logging
56
57
import logging.handlers
57
import pwd
58
import contextlib
59
import struct
60
import fcntl
61
import functools
62
import cPickle as pickle
63
import multiprocessing
64
58
65
59
import dbus
66
import dbus.service
67
60
import gobject
68
61
import avahi
69
62
from dbus.mainloop.glib import DBusGMainLoop
70
63
import ctypes
71
import ctypes.util
72
import xml.dom.minidom
73
import inspect
74
75
try:
76
SO_BINDTODEVICE = socket.SO_BINDTODEVICE
77
except AttributeError:
78
try:
79
from IN import SO_BINDTODEVICE
80
except ImportError:
81
SO_BINDTODEVICE = None
82
83
84
version = "1.0.14"
85
86
#logger = logging.getLogger(u'mandos')
87
logger = logging.Logger(u'mandos')
88
syslogger = (logging.handlers.SysLogHandler
89
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
90
address = "/dev/log"))
91
syslogger.setFormatter(logging.Formatter
92
(u'Mandos [%(process)d]: %(levelname)s:'
93
u' %(message)s'))
64
65
# Brief description of the operation of this program:
66
#
67
# This server announces itself as a Zeroconf service. Connecting
68
# clients use the TLS protocol, with the unusual quirk that this
69
# server program acts as a TLS "client" while the connecting clients
70
# acts as a TLS "server". The clients (acting as a TLS "server") must
71
# supply an OpenPGP certificate, and the fingerprint of this
72
# certificate is used by this server to look up (in a list read from a
73
# file at start time) which binary blob to give the client. No other
74
# authentication or authorization is done by this server.
75
76
77
logger = logging.Logger('mandos')
78
syslogger = logging.handlers.SysLogHandler\
79
(facility = logging.handlers.SysLogHandler.LOG_DAEMON)
80
syslogger.setFormatter(logging.Formatter\
81
('%(levelname)s: %(message)s'))
94
82
logger.addHandler(syslogger)
95
96
console = logging.StreamHandler()
97
console.setFormatter(logging.Formatter(u'%(name)s [%(process)d]:'
98
u' %(levelname)s:'
99
u' %(message)s'))
100
logger.addHandler(console)
101
102
class AvahiError(Exception):
103
def __init__(self, value, *args, **kwargs):
104
self.value = value
105
super(AvahiError, self).__init__(value, *args, **kwargs)
106
def __unicode__(self):
107
return unicode(repr(self.value))
108
109
class AvahiServiceError(AvahiError):
110
pass
111
112
class AvahiGroupError(AvahiError):
113
pass
114
115
116
class AvahiService(object):
117
"""An Avahi (Zeroconf) service.
118
119
Attributes:
120
interface: integer; avahi.IF_UNSPEC or an interface index.
121
Used to optionally bind to the specified interface.
122
name: string; Example: u'Mandos'
123
type: string; Example: u'_mandos._tcp'.
124
See <http://www.dns-sd.org/ServiceTypes.html>
125
port: integer; what port to announce
126
TXT: list of strings; TXT record for the service
127
domain: string; Domain to publish on, default to .local if empty.
128
host: string; Host to publish records for, default is localhost
129
max_renames: integer; maximum number of renames
130
rename_count: integer; counter so we only rename after collisions
131
a sensible number of times
132
group: D-Bus Entry Group
133
server: D-Bus Server
134
bus: dbus.SystemBus()
135
"""
136
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
137
servicetype = None, port = None, TXT = None,
138
domain = u"", host = u"", max_renames = 32768,
139
protocol = avahi.PROTO_UNSPEC, bus = None):
140
self.interface = interface
141
self.name = name
142
self.type = servicetype
143
self.port = port
144
self.TXT = TXT if TXT is not None else []
145
self.domain = domain
146
self.host = host
147
self.rename_count = 0
148
self.max_renames = max_renames
149
self.protocol = protocol
150
self.group = None # our entry group
151
self.server = None
152
self.bus = bus
153
def rename(self):
154
"""Derived from the Avahi example code"""
155
if self.rename_count >= self.max_renames:
156
logger.critical(u"No suitable Zeroconf service name found"
157
u" after %i retries, exiting.",
158
self.rename_count)
159
raise AvahiServiceError(u"Too many renames")
160
self.name = unicode(self.server.GetAlternativeServiceName(self.name))
161
logger.info(u"Changing Zeroconf service name to %r ...",
162
self.name)
163
syslogger.setFormatter(logging.Formatter
164
(u'Mandos (%s) [%%(process)d]:'
165
u' %%(levelname)s: %%(message)s'
166
% self.name))
167
self.remove()
168
try:
169
self.add()
170
except dbus.exceptions.DBusException, error:
171
logger.critical(u"DBusException: %s", error)
172
self.cleanup()
173
os._exit(1)
174
self.rename_count += 1
175
def remove(self):
176
"""Derived from the Avahi example code"""
177
if self.group is not None:
178
self.group.Reset()
179
def add(self):
180
"""Derived from the Avahi example code"""
181
if self.group is None:
182
self.group = dbus.Interface(
183
self.bus.get_object(avahi.DBUS_NAME,
184
self.server.EntryGroupNew()),
185
avahi.DBUS_INTERFACE_ENTRY_GROUP)
186
self.group.connect_to_signal('StateChanged',
187
self
188
.entry_group_state_changed)
189
logger.debug(u"Adding Zeroconf service '%s' of type '%s' ...",
190
self.name, self.type)
191
self.group.AddService(
192
self.interface,
193
self.protocol,
194
dbus.UInt32(0), # flags
195
self.name, self.type,
196
self.domain, self.host,
197
dbus.UInt16(self.port),
198
avahi.string_array_to_txt_array(self.TXT))
199
self.group.Commit()
200
def entry_group_state_changed(self, state, error):
201
"""Derived from the Avahi example code"""
202
logger.debug(u"Avahi entry group state change: %i", state)
203
204
if state == avahi.ENTRY_GROUP_ESTABLISHED:
205
logger.debug(u"Zeroconf service established.")
206
elif state == avahi.ENTRY_GROUP_COLLISION:
207
logger.warning(u"Zeroconf service name collision.")
208
self.rename()
209
elif state == avahi.ENTRY_GROUP_FAILURE:
210
logger.critical(u"Avahi: Error in group state changed %s",
211
unicode(error))
212
raise AvahiGroupError(u"State changed: %s"
213
% unicode(error))
214
def cleanup(self):
215
"""Derived from the Avahi example code"""
216
if self.group is not None:
217
self.group.Free()
218
self.group = None
219
def server_state_changed(self, state):
220
"""Derived from the Avahi example code"""
221
logger.debug(u"Avahi server state change: %i", state)
222
if state == avahi.SERVER_COLLISION:
223
logger.error(u"Zeroconf server name collision")
224
self.remove()
225
elif state == avahi.SERVER_RUNNING:
226
self.add()
227
def activate(self):
228
"""Derived from the Avahi example code"""
229
if self.server is None:
230
self.server = dbus.Interface(
231
self.bus.get_object(avahi.DBUS_NAME,
232
avahi.DBUS_PATH_SERVER),
233
avahi.DBUS_INTERFACE_SERVER)
234
self.server.connect_to_signal(u"StateChanged",
235
self.server_state_changed)
236
self.server_state_changed(self.server.GetState())
83
del syslogger
84
85
# This variable is used to optionally bind to a specified interface.
86
# It is a global variable to fit in with the other variables from the
87
# Avahi example code.
88
serviceInterface = avahi.IF_UNSPEC
89
# From the Avahi example code:
90
serviceName = "Mandos"
91
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
92
servicePort = None # Not known at startup
93
serviceTXT = [] # TXT record for the service
94
domain = "" # Domain to publish on, default to .local
95
host = "" # Host to publish records for, default to localhost
96
group = None #our entry group
97
rename_count = 12 # Counter so we only rename after collisions a
98
# sensible number of times
99
# End of Avahi example code
237
100
238
101
239
102
class Client(object):
240
103
"""A representation of a client host served by this server.
241
242
104
Attributes:
243
name: string; from the config file, used in log messages and
244
D-Bus identifiers
105
name: string; from the config file, used in log messages
245
106
fingerprint: string (40 or 32 hexadecimal digits); used to
246
107
uniquely identify the client
247
secret: bytestring; sent verbatim (over TLS) to client
248
host: string; available for use by the checker command
249
created: datetime.datetime(); (UTC) object creation
250
last_enabled: datetime.datetime(); (UTC)
251
enabled: bool()
252
last_checked_ok: datetime.datetime(); (UTC) or None
253
timeout: datetime.timedelta(); How long from last_checked_ok
254
until this client is disabled
255
interval: datetime.timedelta(); How often to start a new checker
256
disable_hook: If set, called by disable() as disable_hook(self)
257
checker: subprocess.Popen(); a running checker process used
258
to see if the client lives.
259
'None' if no process is running.
108
secret: bytestring; sent verbatim (over TLS) to client
109
fqdn: string (FQDN); available for use by the checker command
110
created: datetime.datetime()
111
last_seen: datetime.datetime() or None if not yet seen
112
timeout: datetime.timedelta(); How long from last_seen until
113
this client is invalid
114
interval: datetime.timedelta(); How often to start a new checker
115
stop_hook: If set, called by stop() as stop_hook(self)
116
checker: subprocess.Popen(); a running checker process used
117
to see if the client lives.
118
Is None if no process is running.
260
119
checker_initiator_tag: a gobject event source tag, or None
261
disable_initiator_tag: - '' -
120
stop_initiator_tag: - '' -
262
121
checker_callback_tag: - '' -
263
122
checker_command: string; External command which is run to check if
264
client lives. %() expansions are done at
123
client lives. %()s expansions are done at
265
124
runtime with vars(self) as dict, so that for
266
125
instance %(name)s can be used in the command.
267
current_checker_command: string; current running checker_command
268
approved_delay: datetime.timedelta(); Time to wait for approval
269
_approved: bool(); 'None' if not yet approved/disapproved
270
approved_duration: datetime.timedelta(); Duration of one approval
126
Private attibutes:
127
_timeout: Real variable for 'timeout'
128
_interval: Real variable for 'interval'
129
_timeout_milliseconds: Used by gobject.timeout_add()
130
_interval_milliseconds: - '' -
271
131
"""
272
273
@staticmethod
274
def _timedelta_to_milliseconds(td):
275
"Convert a datetime.timedelta() to milliseconds"
276
return ((td.days * 24 * 60 * 60 * 1000)
277
+ (td.seconds * 1000)
278
+ (td.microseconds // 1000))
279
280
def timeout_milliseconds(self):
281
"Return the 'timeout' attribute in milliseconds"
282
return self._timedelta_to_milliseconds(self.timeout)
283
284
def interval_milliseconds(self):
285
"Return the 'interval' attribute in milliseconds"
286
return self._timedelta_to_milliseconds(self.interval)
287
288
def approved_delay_milliseconds(self):
289
return self._timedelta_to_milliseconds(self.approved_delay)
290
291
def __init__(self, name = None, disable_hook=None, config=None):
292
"""Note: the 'checker' key in 'config' sets the
293
'checker_command' attribute and *not* the 'checker'
294
attribute."""
132
def _set_timeout(self, timeout):
133
"Setter function for 'timeout' attribute"
134
self._timeout = timeout
135
self._timeout_milliseconds = ((self.timeout.days
136
* 24 * 60 * 60 * 1000)
137
+ (self.timeout.seconds * 1000)
138
+ (self.timeout.microseconds
139
// 1000))
140
timeout = property(lambda self: self._timeout,
141
_set_timeout)
142
del _set_timeout
143
def _set_interval(self, interval):
144
"Setter function for 'interval' attribute"
145
self._interval = interval
146
self._interval_milliseconds = ((self.interval.days
147
* 24 * 60 * 60 * 1000)
148
+ (self.interval.seconds
149
* 1000)
150
+ (self.interval.microseconds
151
// 1000))
152
interval = property(lambda self: self._interval,
153
_set_interval)
154
del _set_interval
155
def __init__(self, name=None, options=None, stop_hook=None,
156
fingerprint=None, secret=None, secfile=None,
157
fqdn=None, timeout=None, interval=-1, checker=None):
158
"""Note: the 'checker' argument sets the 'checker_command'
159
attribute and not the 'checker' attribute.."""
295
160
self.name = name
296
if config is None:
297
config = {}
298
logger.debug(u"Creating client %r", self.name)
299
# Uppercase and remove spaces from fingerprint for later
300
# comparison purposes with return value from the fingerprint()
301
# function
302
self.fingerprint = (config[u"fingerprint"].upper()
303
.replace(u" ", u""))
304
logger.debug(u" Fingerprint: %s", self.fingerprint)
305
if u"secret" in config:
306
self.secret = config[u"secret"].decode(u"base64")
307
elif u"secfile" in config:
308
with open(os.path.expanduser(os.path.expandvars
309
(config[u"secfile"])),
310
"rb") as secfile:
311
self.secret = secfile.read()
312
else:
313
raise TypeError(u"No secret or secfile for client %s"
314
% self.name)
315
self.host = config.get(u"host", u"")
316
self.created = datetime.datetime.utcnow()
317
self.enabled = False
318
self.last_enabled = None
319
self.last_checked_ok = None
320
self.timeout = string_to_delta(config[u"timeout"])
321
self.interval = string_to_delta(config[u"interval"])
322
self.disable_hook = disable_hook
161
# Uppercase and remove spaces from fingerprint
162
# for later comparison purposes with return value of
163
# the fingerprint() function
164
self.fingerprint = fingerprint.upper().replace(u" ", u"")
165
if secret:
166
self.secret = secret.decode(u"base64")
167
elif secfile:
168
sf = open(secfile)
169
self.secret = sf.read()
170
sf.close()
171
else:
172
raise RuntimeError(u"No secret or secfile for client %s"
173
% self.name)
174
self.fqdn = fqdn # string
175
self.created = datetime.datetime.now()
176
self.last_seen = None
177
if timeout is None:
178
self.timeout = options.timeout
179
else:
180
self.timeout = string_to_delta(timeout)
181
if interval == -1:
182
self.interval = options.interval
183
else:
184
self.interval = string_to_delta(interval)
185
self.stop_hook = stop_hook
323
186
self.checker = None
324
187
self.checker_initiator_tag = None
325
self.disable_initiator_tag = None
188
self.stop_initiator_tag = None
326
189
self.checker_callback_tag = None
327
self.checker_command = config[u"checker"]
328
self.current_checker_command = None
329
self.last_connect = None
330
self._approved = None
331
self.approved_by_default = config.get(u"approved_by_default",
332
True)
333
self.approvals_pending = 0
334
self.approved_delay = string_to_delta(
335
config[u"approved_delay"])
336
self.approved_duration = string_to_delta(
337
config[u"approved_duration"])
338
self.changedstate = multiprocessing_manager.Condition(multiprocessing_manager.Lock())
339
340
def send_changedstate(self):
341
self.changedstate.acquire()
342
self.changedstate.notify_all()
343
self.changedstate.release()
344
345
def enable(self):
190
self.check_command = checker
191
def start(self):
346
192
"""Start this client's checker and timeout hooks"""
347
if getattr(self, u"enabled", False):
348
# Already enabled
349
return
350
self.send_changedstate()
351
self.last_enabled = datetime.datetime.utcnow()
352
193
# Schedule a new checker to be started an 'interval' from now,
353
194
# and every interval from then on.
354
self.checker_initiator_tag = (gobject.timeout_add
355
(self.interval_milliseconds(),
356
self.start_checker))
357
# Schedule a disable() when 'timeout' has passed
358
self.disable_initiator_tag = (gobject.timeout_add
359
(self.timeout_milliseconds(),
360
self.disable))
361
self.enabled = True
195
self.checker_initiator_tag = gobject.timeout_add\
196
(self._interval_milliseconds,
197
self.start_checker)
362
198
# Also start a new checker *right now*.
363
199
self.start_checker()
364
365
def disable(self, quiet=True):
366
"""Disable this client."""
367
if not getattr(self, "enabled", False):
200
# Schedule a stop() when 'timeout' has passed
201
self.stop_initiator_tag = gobject.timeout_add\
202
(self._timeout_milliseconds,
203
self.stop)
204
def stop(self):
205
"""Stop this client.
206
The possibility that this client might be restarted is left
207
open, but not currently used."""
208
# If this client doesn't have a secret, it is already stopped.
209
if self.secret:
210
logger.debug(u"Stopping client %s", self.name)
211
self.secret = None
212
else:
368
213
return False
369
if not quiet:
370
self.send_changedstate()
371
if not quiet:
372
logger.info(u"Disabling client %s", self.name)
373
if getattr(self, u"disable_initiator_tag", False):
374
gobject.source_remove(self.disable_initiator_tag)
375
self.disable_initiator_tag = None
376
if getattr(self, u"checker_initiator_tag", False):
214
if hasattr(self, "stop_initiator_tag") \
215
and self.stop_initiator_tag:
216
gobject.source_remove(self.stop_initiator_tag)
217
self.stop_initiator_tag = None
218
if hasattr(self, "checker_initiator_tag") \
219
and self.checker_initiator_tag:
377
220
gobject.source_remove(self.checker_initiator_tag)
378
221
self.checker_initiator_tag = None
379
222
self.stop_checker()
380
if self.disable_hook:
381
self.disable_hook(self)
382
self.enabled = False
223
if self.stop_hook:
224
self.stop_hook(self)
383
225
# Do not run this again if called by a gobject.timeout_add
384
226
return False
385
386
227
def __del__(self):
387
self.disable_hook = None
388
self.disable()
389
390
def checker_callback(self, pid, condition, command):
228
self.stop_hook = None
229
self.stop()
230
def checker_callback(self, pid, condition):
391
231
"""The checker has completed, so take appropriate actions."""
232
now = datetime.datetime.now()
392
233
self.checker_callback_tag = None
393
234
self.checker = None
394
if os.WIFEXITED(condition):
395
exitstatus = os.WEXITSTATUS(condition)
396
if exitstatus == 0:
397
logger.info(u"Checker for %(name)s succeeded",
398
vars(self))
399
self.checked_ok()
400
else:
401
logger.info(u"Checker for %(name)s failed",
402
vars(self))
403
else:
235
if os.WIFEXITED(condition) \
236
and (os.WEXITSTATUS(condition) == 0):
237
logger.debug(u"Checker for %(name)s succeeded",
238
vars(self))
239
self.last_seen = now
240
gobject.source_remove(self.stop_initiator_tag)
241
self.stop_initiator_tag = gobject.timeout_add\
242
(self._timeout_milliseconds,
243
self.stop)
244
elif not os.WIFEXITED(condition):
404
245
logger.warning(u"Checker for %(name)s crashed?",
405
246
vars(self))
406
407
def checked_ok(self):
408
"""Bump up the timeout for this client.
409
410
This should only be called when the client has been seen,
411
alive and well.
412
"""
413
self.last_checked_ok = datetime.datetime.utcnow()
414
gobject.source_remove(self.disable_initiator_tag)
415
self.disable_initiator_tag = (gobject.timeout_add
416
(self.timeout_milliseconds(),
417
self.disable))
418
247
else:
248
logger.debug(u"Checker for %(name)s failed",
249
vars(self))
419
250
def start_checker(self):
420
251
"""Start a new checker subprocess if one is not running.
421
422
252
If a checker already exists, leave it running and do
423
253
nothing."""
424
254
# The reason for not killing a running checker is that if we
427
257
# client would inevitably timeout, since no checker would get
428
258
# a chance to run to completion. If we instead leave running
429
259
# checkers alone, the checker would have to take more time
430
# than 'timeout' for the client to be disabled, which is as it
431
# should be.
432
433
# If a checker exists, make sure it is not a zombie
434
try:
435
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
436
except (AttributeError, OSError), error:
437
if (isinstance(error, OSError)
438
and error.errno != errno.ECHILD):
439
raise error
440
else:
441
if pid:
442
logger.warning(u"Checker was a zombie")
443
gobject.source_remove(self.checker_callback_tag)
444
self.checker_callback(pid, status,
445
self.current_checker_command)
446
# Start a new checker if needed
260
# than 'timeout' for the client to be declared invalid, which
261
# is as it should be.
447
262
if self.checker is None:
448
263
try:
449
# In case checker_command has exactly one % operator
450
command = self.checker_command % self.host
264
command = self.check_command % self.fqdn
451
265
except TypeError:
452
# Escape attributes for the shell
453
escaped_attrs = dict((key,
454
re.escape(unicode(str(val),
455
errors=
456
u'replace')))
266
escaped_attrs = dict((key, re.escape(str(val)))
457
267
for key, val in
458
268
vars(self).iteritems())
459
269
try:
460
command = self.checker_command % escaped_attrs
270
command = self.check_command % escaped_attrs
461
271
except TypeError, error:
462
logger.error(u'Could not format string "%s":'
463
u' %s', self.checker_command, error)
272
logger.critical(u'Could not format string "%s":'
273
u' %s', self.check_command, error)
464
274
return True # Try again later
465
self.current_checker_command = command
466
275
try:
467
logger.info(u"Starting checker %r for %s",
468
command, self.name)
469
# We don't need to redirect stdout and stderr, since
470
# in normal mode, that is already done by daemon(),
471
# and in debug mode we don't want to. (Stdin is
472
# always replaced by /dev/null.)
473
self.checker = subprocess.Popen(command,
474
close_fds=True,
475
shell=True, cwd=u"/")
476
self.checker_callback_tag = (gobject.child_watch_add
477
(self.checker.pid,
478
self.checker_callback,
479
data=command))
480
# The checker may have completed before the gobject
481
# watch was added. Check for this.
482
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
483
if pid:
484
gobject.source_remove(self.checker_callback_tag)
485
self.checker_callback(pid, status, command)
486
except OSError, error:
276
logger.debug(u"Starting checker %r for %s",
277
command, self.name)
278
self.checker = subprocess.\
279
Popen(command,
280
close_fds=True, shell=True,
281
cwd="/")
282
self.checker_callback_tag = gobject.child_watch_add\
283
(self.checker.pid,
284
self.checker_callback)
285
except subprocess.OSError, error:
487
286
logger.error(u"Failed to start subprocess: %s",
488
287
error)
489
288
# Re-run this periodically if run by gobject.timeout_add
490
289
return True
491
492
290
def stop_checker(self):
493
291
"""Force the checker process, if any, to stop."""
494
292
if self.checker_callback_tag:
495
293
gobject.source_remove(self.checker_callback_tag)
496
294
self.checker_callback_tag = None
497
if getattr(self, u"checker", None) is None:
295
if not hasattr(self, "checker") or self.checker is None:
498
296
return
499
logger.debug(u"Stopping checker for %(name)s", vars(self))
297
logger.debug("Stopping checker for %(name)s", vars(self))
500
298
try:
501
299
os.kill(self.checker.pid, signal.SIGTERM)
502
#time.sleep(0.5)
300
#os.sleep(0.5)
503
301
#if self.checker.poll() is None:
504
302
# os.kill(self.checker.pid, signal.SIGKILL)
505
303
except OSError, error:
506
if error.errno != errno.ESRCH: # No such process
304
if error.errno != errno.ESRCH:
507
305
raise
508
306
self.checker = None
509
510
def dbus_service_property(dbus_interface, signature=u"v",
511
access=u"readwrite", byte_arrays=False):
512
"""Decorators for marking methods of a DBusObjectWithProperties to
513
become properties on the D-Bus.
514
515
The decorated method will be called with no arguments by "Get"
516
and with one argument by "Set".
517
518
The parameters, where they are supported, are the same as
519
dbus.service.method, except there is only "signature", since the
520
type from Get() and the type sent to Set() is the same.
521
"""
522
# Encoding deeply encoded byte arrays is not supported yet by the
523
# "Set" method, so we fail early here:
524
if byte_arrays and signature != u"ay":
525
raise ValueError(u"Byte arrays not supported for non-'ay'"
526
u" signature %r" % signature)
527
def decorator(func):
528
func._dbus_is_property = True
529
func._dbus_interface = dbus_interface
530
func._dbus_signature = signature
531
func._dbus_access = access
532
func._dbus_name = func.__name__
533
if func._dbus_name.endswith(u"_dbus_property"):
534
func._dbus_name = func._dbus_name[:-14]
535
func._dbus_get_args_options = {u'byte_arrays': byte_arrays }
536
return func
537
return decorator
538
539
540
class DBusPropertyException(dbus.exceptions.DBusException):
541
"""A base class for D-Bus property-related exceptions
542
"""
543
def __unicode__(self):
544
return unicode(str(self))
545
546
547
class DBusPropertyAccessException(DBusPropertyException):
548
"""A property's access permissions disallows an operation.
549
"""
550
pass
551
552
553
class DBusPropertyNotFound(DBusPropertyException):
554
"""An attempt was made to access a non-existing property.
555
"""
556
pass
557
558
559
class DBusObjectWithProperties(dbus.service.Object):
560
"""A D-Bus object with properties.
561
562
Classes inheriting from this can use the dbus_service_property
563
decorator to expose methods as D-Bus properties. It exposes the
564
standard Get(), Set(), and GetAll() methods on the D-Bus.
565
"""
566
567
@staticmethod
568
def _is_dbus_property(obj):
569
return getattr(obj, u"_dbus_is_property", False)
570
571
def _get_all_dbus_properties(self):
572
"""Returns a generator of (name, attribute) pairs
573
"""
574
return ((prop._dbus_name, prop)
575
for name, prop in
576
inspect.getmembers(self, self._is_dbus_property))
577
578
def _get_dbus_property(self, interface_name, property_name):
579
"""Returns a bound method if one exists which is a D-Bus
580
property with the specified name and interface.
581
"""
582
for name in (property_name,
583
property_name + u"_dbus_property"):
584
prop = getattr(self, name, None)
585
if (prop is None
586
or not self._is_dbus_property(prop)
587
or prop._dbus_name != property_name
588
or (interface_name and prop._dbus_interface
589
and interface_name != prop._dbus_interface)):
590
continue
591
return prop
592
# No such property
593
raise DBusPropertyNotFound(self.dbus_object_path + u":"
594
+ interface_name + u"."
595
+ property_name)
596
597
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"ss",
598
out_signature=u"v")
599
def Get(self, interface_name, property_name):
600
"""Standard D-Bus property Get() method, see D-Bus standard.
601
"""
602
prop = self._get_dbus_property(interface_name, property_name)
603
if prop._dbus_access == u"write":
604
raise DBusPropertyAccessException(property_name)
605
value = prop()
606
if not hasattr(value, u"variant_level"):
607
return value
608
return type(value)(value, variant_level=value.variant_level+1)
609
610
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"ssv")
611
def Set(self, interface_name, property_name, value):
612
"""Standard D-Bus property Set() method, see D-Bus standard.
613
"""
614
prop = self._get_dbus_property(interface_name, property_name)
615
if prop._dbus_access == u"read":
616
raise DBusPropertyAccessException(property_name)
617
if prop._dbus_get_args_options[u"byte_arrays"]:
618
# The byte_arrays option is not supported yet on
619
# signatures other than "ay".
620
if prop._dbus_signature != u"ay":
621
raise ValueError
622
value = dbus.ByteArray(''.join(unichr(byte)
623
for byte in value))
624
prop(value)
625
626
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"s",
627
out_signature=u"a{sv}")
628
def GetAll(self, interface_name):
629
"""Standard D-Bus property GetAll() method, see D-Bus
630
standard.
631
632
Note: Will not include properties with access="write".
633
"""
634
all = {}
635
for name, prop in self._get_all_dbus_properties():
636
if (interface_name
637
and interface_name != prop._dbus_interface):
638
# Interface non-empty but did not match
639
continue
640
# Ignore write-only properties
641
if prop._dbus_access == u"write":
642
continue
643
value = prop()
644
if not hasattr(value, u"variant_level"):
645
all[name] = value
646
continue
647
all[name] = type(value)(value, variant_level=
648
value.variant_level+1)
649
return dbus.Dictionary(all, signature=u"sv")
650
651
@dbus.service.method(dbus.INTROSPECTABLE_IFACE,
652
out_signature=u"s",
653
path_keyword='object_path',
654
connection_keyword='connection')
655
def Introspect(self, object_path, connection):
656
"""Standard D-Bus method, overloaded to insert property tags.
657
"""
658
xmlstring = dbus.service.Object.Introspect(self, object_path,
659
connection)
660
try:
661
document = xml.dom.minidom.parseString(xmlstring)
662
def make_tag(document, name, prop):
663
e = document.createElement(u"property")
664
e.setAttribute(u"name", name)
665
e.setAttribute(u"type", prop._dbus_signature)
666
e.setAttribute(u"access", prop._dbus_access)
667
return e
668
for if_tag in document.getElementsByTagName(u"interface"):
669
for tag in (make_tag(document, name, prop)
670
for name, prop
671
in self._get_all_dbus_properties()
672
if prop._dbus_interface
673
== if_tag.getAttribute(u"name")):
674
if_tag.appendChild(tag)
675
# Add the names to the return values for the
676
# "org.freedesktop.DBus.Properties" methods
677
if (if_tag.getAttribute(u"name")
678
== u"org.freedesktop.DBus.Properties"):
679
for cn in if_tag.getElementsByTagName(u"method"):
680
if cn.getAttribute(u"name") == u"Get":
681
for arg in cn.getElementsByTagName(u"arg"):
682
if (arg.getAttribute(u"direction")
683
== u"out"):
684
arg.setAttribute(u"name", u"value")
685
elif cn.getAttribute(u"name") == u"GetAll":
686
for arg in cn.getElementsByTagName(u"arg"):
687
if (arg.getAttribute(u"direction")
688
== u"out"):
689
arg.setAttribute(u"name", u"props")
690
xmlstring = document.toxml(u"utf-8")
691
document.unlink()
692
except (AttributeError, xml.dom.DOMException,
693
xml.parsers.expat.ExpatError), error:
694
logger.error(u"Failed to override Introspection method",
695
error)
696
return xmlstring
697
698
699
class ClientDBus(Client, DBusObjectWithProperties):
700
"""A Client class using D-Bus
701
702
Attributes:
703
dbus_object_path: dbus.ObjectPath
704
bus: dbus.SystemBus()
705
"""
706
# dbus.service.Object doesn't use super(), so we can't either.
707
708
def __init__(self, bus = None, *args, **kwargs):
709
self._approvals_pending = 0
710
self.bus = bus
711
Client.__init__(self, *args, **kwargs)
712
# Only now, when this client is initialized, can it show up on
713
# the D-Bus
714
self.dbus_object_path = (dbus.ObjectPath
715
(u"/clients/"
716
+ self.name.replace(u".", u"_")))
717
DBusObjectWithProperties.__init__(self, self.bus,
718
self.dbus_object_path)
719
720
def _get_approvals_pending(self):
721
return self._approvals_pending
722
def _set_approvals_pending(self, value):
723
old_value = self._approvals_pending
724
self._approvals_pending = value
725
bval = bool(value)
726
if (hasattr(self, "dbus_object_path")
727
and bval is not bool(old_value)):
728
dbus_bool = dbus.Boolean(bval, variant_level=1)
729
self.PropertyChanged(dbus.String(u"approved_pending"),
730
dbus_bool)
731
732
approvals_pending = property(_get_approvals_pending,
733
_set_approvals_pending)
734
del _get_approvals_pending, _set_approvals_pending
735
736
@staticmethod
737
def _datetime_to_dbus(dt, variant_level=0):
738
"""Convert a UTC datetime.datetime() to a D-Bus type."""
739
return dbus.String(dt.isoformat(),
740
variant_level=variant_level)
741
742
def enable(self):
743
oldstate = getattr(self, u"enabled", False)
744
r = Client.enable(self)
745
if oldstate != self.enabled:
746
# Emit D-Bus signals
747
self.PropertyChanged(dbus.String(u"enabled"),
748
dbus.Boolean(True, variant_level=1))
749
self.PropertyChanged(
750
dbus.String(u"last_enabled"),
751
self._datetime_to_dbus(self.last_enabled,
752
variant_level=1))
753
return r
754
755
def disable(self, quiet = False):
756
oldstate = getattr(self, u"enabled", False)
757
r = Client.disable(self, quiet=quiet)
758
if not quiet and oldstate != self.enabled:
759
# Emit D-Bus signal
760
self.PropertyChanged(dbus.String(u"enabled"),
761
dbus.Boolean(False, variant_level=1))
762
return r
763
764
def __del__(self, *args, **kwargs):
765
try:
766
self.remove_from_connection()
767
except LookupError:
768
pass
769
if hasattr(DBusObjectWithProperties, u"__del__"):
770
DBusObjectWithProperties.__del__(self, *args, **kwargs)
771
Client.__del__(self, *args, **kwargs)
772
773
def checker_callback(self, pid, condition, command,
774
*args, **kwargs):
775
self.checker_callback_tag = None
776
self.checker = None
777
# Emit D-Bus signal
778
self.PropertyChanged(dbus.String(u"checker_running"),
779
dbus.Boolean(False, variant_level=1))
780
if os.WIFEXITED(condition):
781
exitstatus = os.WEXITSTATUS(condition)
782
# Emit D-Bus signal
783
self.CheckerCompleted(dbus.Int16(exitstatus),
784
dbus.Int64(condition),
785
dbus.String(command))
786
else:
787
# Emit D-Bus signal
788
self.CheckerCompleted(dbus.Int16(-1),
789
dbus.Int64(condition),
790
dbus.String(command))
791
792
return Client.checker_callback(self, pid, condition, command,
793
*args, **kwargs)
794
795
def checked_ok(self, *args, **kwargs):
796
r = Client.checked_ok(self, *args, **kwargs)
797
# Emit D-Bus signal
798
self.PropertyChanged(
799
dbus.String(u"last_checked_ok"),
800
(self._datetime_to_dbus(self.last_checked_ok,
801
variant_level=1)))
802
return r
803
804
def start_checker(self, *args, **kwargs):
805
old_checker = self.checker
806
if self.checker is not None:
807
old_checker_pid = self.checker.pid
808
else:
809
old_checker_pid = None
810
r = Client.start_checker(self, *args, **kwargs)
811
# Only if new checker process was started
812
if (self.checker is not None
813
and old_checker_pid != self.checker.pid):
814
# Emit D-Bus signal
815
self.CheckerStarted(self.current_checker_command)
816
self.PropertyChanged(
817
dbus.String(u"checker_running"),
818
dbus.Boolean(True, variant_level=1))
819
return r
820
821
def stop_checker(self, *args, **kwargs):
822
old_checker = getattr(self, u"checker", None)
823
r = Client.stop_checker(self, *args, **kwargs)
824
if (old_checker is not None
825
and getattr(self, u"checker", None) is None):
826
self.PropertyChanged(dbus.String(u"checker_running"),
827
dbus.Boolean(False, variant_level=1))
828
return r
829
830
def _reset_approved(self):
831
self._approved = None
832
return False
833
834
def approve(self, value=True):
835
self.send_changedstate()
836
self._approved = value
837
gobject.timeout_add(self._timedelta_to_milliseconds(self.approved_duration),
838
self._reset_approved)
839
840
841
## D-Bus methods, signals & properties
842
_interface = u"se.bsnet.fukt.Mandos.Client"
843
844
## Signals
845
846
# CheckerCompleted - signal
847
@dbus.service.signal(_interface, signature=u"nxs")
848
def CheckerCompleted(self, exitcode, waitstatus, command):
849
"D-Bus signal"
850
pass
851
852
# CheckerStarted - signal
853
@dbus.service.signal(_interface, signature=u"s")
854
def CheckerStarted(self, command):
855
"D-Bus signal"
856
pass
857
858
# PropertyChanged - signal
859
@dbus.service.signal(_interface, signature=u"sv")
860
def PropertyChanged(self, property, value):
861
"D-Bus signal"
862
pass
863
864
# GotSecret - signal
865
@dbus.service.signal(_interface)
866
def GotSecret(self):
867
"""D-Bus signal
868
Is sent after a successful transfer of secret from the Mandos
869
server to mandos-client
870
"""
871
pass
872
873
# Rejected - signal
874
@dbus.service.signal(_interface, signature=u"s")
875
def Rejected(self, reason):
876
"D-Bus signal"
877
pass
878
879
# NeedApproval - signal
880
@dbus.service.signal(_interface, signature=u"db")
881
def NeedApproval(self, timeout, default):
882
"D-Bus signal"
883
pass
884
885
## Methods
886
887
# Approve - method
888
@dbus.service.method(_interface, in_signature=u"b")
889
def Approve(self, value):
890
self.approve(value)
891
892
# CheckedOK - method
893
@dbus.service.method(_interface)
894
def CheckedOK(self):
895
return self.checked_ok()
896
897
# Enable - method
898
@dbus.service.method(_interface)
899
def Enable(self):
900
"D-Bus method"
901
self.enable()
902
903
# StartChecker - method
904
@dbus.service.method(_interface)
905
def StartChecker(self):
906
"D-Bus method"
907
self.start_checker()
908
909
# Disable - method
910
@dbus.service.method(_interface)
911
def Disable(self):
912
"D-Bus method"
913
self.disable()
914
915
# StopChecker - method
916
@dbus.service.method(_interface)
917
def StopChecker(self):
918
self.stop_checker()
919
920
## Properties
921
922
# approved_pending - property
923
@dbus_service_property(_interface, signature=u"b", access=u"read")
924
def approved_pending_dbus_property(self):
925
return dbus.Boolean(bool(self.approvals_pending))
926
927
# approved_by_default - property
928
@dbus_service_property(_interface, signature=u"b",
929
access=u"readwrite")
930
def approved_by_default_dbus_property(self):
931
return dbus.Boolean(self.approved_by_default)
932
933
# approved_delay - property
934
@dbus_service_property(_interface, signature=u"t",
935
access=u"readwrite")
936
def approved_delay_dbus_property(self):
937
return dbus.UInt64(self.approved_delay_milliseconds())
938
939
# approved_duration - property
940
@dbus_service_property(_interface, signature=u"t",
941
access=u"readwrite")
942
def approved_duration_dbus_property(self):
943
return dbus.UInt64(self._timedelta_to_milliseconds(
944
self.approved_duration))
945
946
# name - property
947
@dbus_service_property(_interface, signature=u"s", access=u"read")
948
def name_dbus_property(self):
949
return dbus.String(self.name)
950
951
# fingerprint - property
952
@dbus_service_property(_interface, signature=u"s", access=u"read")
953
def fingerprint_dbus_property(self):
954
return dbus.String(self.fingerprint)
955
956
# host - property
957
@dbus_service_property(_interface, signature=u"s",
958
access=u"readwrite")
959
def host_dbus_property(self, value=None):
960
if value is None: # get
961
return dbus.String(self.host)
962
self.host = value
963
# Emit D-Bus signal
964
self.PropertyChanged(dbus.String(u"host"),
965
dbus.String(value, variant_level=1))
966
967
# created - property
968
@dbus_service_property(_interface, signature=u"s", access=u"read")
969
def created_dbus_property(self):
970
return dbus.String(self._datetime_to_dbus(self.created))
971
972
# last_enabled - property
973
@dbus_service_property(_interface, signature=u"s", access=u"read")
974
def last_enabled_dbus_property(self):
975
if self.last_enabled is None:
976
return dbus.String(u"")
977
return dbus.String(self._datetime_to_dbus(self.last_enabled))
978
979
# enabled - property
980
@dbus_service_property(_interface, signature=u"b",
981
access=u"readwrite")
982
def enabled_dbus_property(self, value=None):
983
if value is None: # get
984
return dbus.Boolean(self.enabled)
985
if value:
986
self.enable()
987
else:
988
self.disable()
989
990
# last_checked_ok - property
991
@dbus_service_property(_interface, signature=u"s",
992
access=u"readwrite")
993
def last_checked_ok_dbus_property(self, value=None):
994
if value is not None:
995
self.checked_ok()
996
return
997
if self.last_checked_ok is None:
998
return dbus.String(u"")
999
return dbus.String(self._datetime_to_dbus(self
1000
.last_checked_ok))
1001
1002
# timeout - property
1003
@dbus_service_property(_interface, signature=u"t",
1004
access=u"readwrite")
1005
def timeout_dbus_property(self, value=None):
1006
if value is None: # get
1007
return dbus.UInt64(self.timeout_milliseconds())
1008
self.timeout = datetime.timedelta(0, 0, 0, value)
1009
# Emit D-Bus signal
1010
self.PropertyChanged(dbus.String(u"timeout"),
1011
dbus.UInt64(value, variant_level=1))
1012
if getattr(self, u"disable_initiator_tag", None) is None:
1013
return
1014
# Reschedule timeout
1015
gobject.source_remove(self.disable_initiator_tag)
1016
self.disable_initiator_tag = None
1017
time_to_die = (self.
1018
_timedelta_to_milliseconds((self
1019
.last_checked_ok
1020
+ self.timeout)
1021
- datetime.datetime
1022
.utcnow()))
1023
if time_to_die <= 0:
1024
# The timeout has passed
1025
self.disable()
1026
else:
1027
self.disable_initiator_tag = (gobject.timeout_add
1028
(time_to_die, self.disable))
1029
1030
# interval - property
1031
@dbus_service_property(_interface, signature=u"t",
1032
access=u"readwrite")
1033
def interval_dbus_property(self, value=None):
1034
if value is None: # get
1035
return dbus.UInt64(self.interval_milliseconds())
1036
self.interval = datetime.timedelta(0, 0, 0, value)
1037
# Emit D-Bus signal
1038
self.PropertyChanged(dbus.String(u"interval"),
1039
dbus.UInt64(value, variant_level=1))
1040
if getattr(self, u"checker_initiator_tag", None) is None:
1041
return
1042
# Reschedule checker run
1043
gobject.source_remove(self.checker_initiator_tag)
1044
self.checker_initiator_tag = (gobject.timeout_add
1045
(value, self.start_checker))
1046
self.start_checker() # Start one now, too
1047
1048
# checker - property
1049
@dbus_service_property(_interface, signature=u"s",
1050
access=u"readwrite")
1051
def checker_dbus_property(self, value=None):
1052
if value is None: # get
1053
return dbus.String(self.checker_command)
1054
self.checker_command = value
1055
# Emit D-Bus signal
1056
self.PropertyChanged(dbus.String(u"checker"),
1057
dbus.String(self.checker_command,
1058
variant_level=1))
1059
1060
# checker_running - property
1061
@dbus_service_property(_interface, signature=u"b",
1062
access=u"readwrite")
1063
def checker_running_dbus_property(self, value=None):
1064
if value is None: # get
1065
return dbus.Boolean(self.checker is not None)
1066
if value:
1067
self.start_checker()
1068
else:
1069
self.stop_checker()
1070
1071
# object_path - property
1072
@dbus_service_property(_interface, signature=u"o", access=u"read")
1073
def object_path_dbus_property(self):
1074
return self.dbus_object_path # is already a dbus.ObjectPath
1075
1076
# secret = property
1077
@dbus_service_property(_interface, signature=u"ay",
1078
access=u"write", byte_arrays=True)
1079
def secret_dbus_property(self, value):
1080
self.secret = str(value)
1081
1082
del _interface
1083
1084
1085
class ProxyClient(object):
1086
def __init__(self, child_pipe, fpr, address):
1087
self._pipe = child_pipe
1088
self._pipe.send(('init', fpr, address))
1089
if not self._pipe.recv():
1090
raise KeyError()
1091
1092
def __getattribute__(self, name):
1093
if(name == '_pipe'):
1094
return super(ProxyClient, self).__getattribute__(name)
1095
self._pipe.send(('getattr', name))
1096
data = self._pipe.recv()
1097
if data[0] == 'data':
1098
return data[1]
1099
if data[0] == 'function':
1100
def func(*args, **kwargs):
1101
self._pipe.send(('funcall', name, args, kwargs))
1102
return self._pipe.recv()[1]
1103
return func
1104
1105
def __setattr__(self, name, value):
1106
if(name == '_pipe'):
1107
return super(ProxyClient, self).__setattr__(name, value)
1108
self._pipe.send(('setattr', name, value))
1109
1110
1111
class ClientHandler(socketserver.BaseRequestHandler, object):
1112
"""A class to handle client connections.
1113
1114
Instantiated once for each connection to handle it.
307
def still_valid(self, now=None):
308
"""Has the timeout not yet passed for this client?"""
309
if now is None:
310
now = datetime.datetime.now()
311
if self.last_seen is None:
312
return now < (self.created + self.timeout)
313
else:
314
return now < (self.last_seen + self.timeout)
315
316
317
def peer_certificate(session):
318
"Return the peer's OpenPGP certificate as a bytestring"
319
# If not an OpenPGP certificate...
320
if gnutls.library.functions.gnutls_certificate_type_get\
321
(session._c_object) \
322
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP:
323
# ...do the normal thing
324
return session.peer_certificate
325
list_size = ctypes.c_uint()
326
cert_list = gnutls.library.functions.gnutls_certificate_get_peers\
327
(session._c_object, ctypes.byref(list_size))
328
if list_size.value == 0:
329
return None
330
cert = cert_list[0]
331
return ctypes.string_at(cert.data, cert.size)
332
333
334
def fingerprint(openpgp):
335
"Convert an OpenPGP bytestring to a hexdigit fingerprint string"
336
# New empty GnuTLS certificate
337
crt = gnutls.library.types.gnutls_openpgp_crt_t()
338
gnutls.library.functions.gnutls_openpgp_crt_init\
339
(ctypes.byref(crt))
340
# New GnuTLS "datum" with the OpenPGP public key
341
datum = gnutls.library.types.gnutls_datum_t\
342
(ctypes.cast(ctypes.c_char_p(openpgp),
343
ctypes.POINTER(ctypes.c_ubyte)),
344
ctypes.c_uint(len(openpgp)))
345
# Import the OpenPGP public key into the certificate
346
ret = gnutls.library.functions.gnutls_openpgp_crt_import\
347
(crt,
348
ctypes.byref(datum),
349
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
350
# New buffer for the fingerprint
351
buffer = ctypes.create_string_buffer(20)
352
buffer_length = ctypes.c_size_t()
353
# Get the fingerprint from the certificate into the buffer
354
gnutls.library.functions.gnutls_openpgp_crt_get_fingerprint\
355
(crt, ctypes.byref(buffer), ctypes.byref(buffer_length))
356
# Deinit the certificate
357
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
358
# Convert the buffer to a Python bytestring
359
fpr = ctypes.string_at(buffer, buffer_length.value)
360
# Convert the bytestring to hexadecimal notation
361
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
362
return hex_fpr
363
364
365
class tcp_handler(SocketServer.BaseRequestHandler, object):
366
"""A TCP request handler class.
367
Instantiated by IPv6_TCPServer for each request to handle it.
1115
368
Note: This will run in its own forked process."""
1116
369
1117
370
def handle(self):
1118
with contextlib.closing(self.server.child_pipe) as child_pipe:
1119
logger.info(u"TCP connection from: %s",
1120
unicode(self.client_address))
1121
logger.debug(u"Pipe FD: %d",
1122
self.server.child_pipe.fileno())
1123
1124
session = (gnutls.connection
1125
.ClientSession(self.request,
1126
gnutls.connection
1127
.X509Credentials()))
1128
1129
# Note: gnutls.connection.X509Credentials is really a
1130
# generic GnuTLS certificate credentials object so long as
1131
# no X.509 keys are added to it. Therefore, we can use it
1132
# here despite using OpenPGP certificates.
1133
1134
#priority = u':'.join((u"NONE", u"+VERS-TLS1.1",
1135
# u"+AES-256-CBC", u"+SHA1",
1136
# u"+COMP-NULL", u"+CTYPE-OPENPGP",
1137
# u"+DHE-DSS"))
1138
# Use a fallback default, since this MUST be set.
1139
priority = self.server.gnutls_priority
1140
if priority is None:
1141
priority = u"NORMAL"
1142
(gnutls.library.functions
1143
.gnutls_priority_set_direct(session._c_object,
1144
priority, None))
1145
1146
# Start communication using the Mandos protocol
1147
# Get protocol number
1148
line = self.request.makefile().readline()
1149
logger.debug(u"Protocol version: %r", line)
1150
try:
1151
if int(line.strip().split()[0]) > 1:
1152
raise RuntimeError
1153
except (ValueError, IndexError, RuntimeError), error:
1154
logger.error(u"Unknown protocol version: %s", error)
1155
return
1156
1157
# Start GnuTLS connection
1158
try:
1159
session.handshake()
1160
except gnutls.errors.GNUTLSError, error:
1161
logger.warning(u"Handshake failed: %s", error)
1162
# Do not run session.bye() here: the session is not
1163
# established. Just abandon the request.
1164
return
1165
logger.debug(u"Handshake succeeded")
1166
1167
approval_required = False
1168
try:
1169
try:
1170
fpr = self.fingerprint(self.peer_certificate
1171
(session))
1172
except (TypeError, gnutls.errors.GNUTLSError), error:
1173
logger.warning(u"Bad certificate: %s", error)
1174
return
1175
logger.debug(u"Fingerprint: %s", fpr)
1176
1177
try:
1178
client = ProxyClient(child_pipe, fpr,
1179
self.client_address)
1180
except KeyError:
1181
return
1182
1183
if client.approved_delay:
1184
delay = client.approved_delay
1185
client.approvals_pending += 1
1186
approval_required = True
1187
1188
while True:
1189
if not client.enabled:
1190
logger.warning(u"Client %s is disabled",
1191
client.name)
1192
if self.server.use_dbus:
1193
# Emit D-Bus signal
1194
client.Rejected("Disabled")
1195
return
1196
1197
if client._approved or not client.approved_delay:
1198
#We are approved or approval is disabled
1199
break
1200
elif client._approved is None:
1201
logger.info(u"Client %s need approval",
1202
client.name)
1203
if self.server.use_dbus:
1204
# Emit D-Bus signal
1205
client.NeedApproval(
1206
client.approved_delay_milliseconds(),
1207
client.approved_by_default)
1208
else:
1209
logger.warning(u"Client %s was not approved",
1210
client.name)
1211
if self.server.use_dbus:
1212
# Emit D-Bus signal
1213
client.Rejected("Disapproved")
1214
return
1215
1216
#wait until timeout or approved
1217
#x = float(client._timedelta_to_milliseconds(delay))
1218
time = datetime.datetime.now()
1219
client.changedstate.acquire()
1220
client.changedstate.wait(float(client._timedelta_to_milliseconds(delay) / 1000))
1221
client.changedstate.release()
1222
time2 = datetime.datetime.now()
1223
if (time2 - time) >= delay:
1224
if not client.approved_by_default:
1225
logger.warning("Client %s timed out while"
1226
" waiting for approval",
1227
client.name)
1228
if self.server.use_dbus:
1229
# Emit D-Bus signal
1230
client.Rejected("Time out")
1231
return
1232
else:
1233
break
1234
else:
1235
delay -= time2 - time
1236
1237
sent_size = 0
1238
while sent_size < len(client.secret):
1239
try:
1240
sent = session.send(client.secret[sent_size:])
1241
except (gnutls.errors.GNUTLSError), error:
1242
logger.warning("gnutls send failed")
1243
return
1244
logger.debug(u"Sent: %d, remaining: %d",
1245
sent, len(client.secret)
1246
- (sent_size + sent))
1247
sent_size += sent
1248
1249
logger.info(u"Sending secret to %s", client.name)
1250
# bump the timeout as if seen
1251
client.checked_ok()
1252
if self.server.use_dbus:
1253
# Emit D-Bus signal
1254
client.GotSecret()
1255
1256
finally:
1257
if approval_required:
1258
client.approvals_pending -= 1
1259
try:
1260
session.bye()
1261
except (gnutls.errors.GNUTLSError), error:
1262
logger.warning("gnutls bye failed")
1263
1264
@staticmethod
1265
def peer_certificate(session):
1266
"Return the peer's OpenPGP certificate as a bytestring"
1267
# If not an OpenPGP certificate...
1268
if (gnutls.library.functions
1269
.gnutls_certificate_type_get(session._c_object)
1270
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
1271
# ...do the normal thing
1272
return session.peer_certificate
1273
list_size = ctypes.c_uint(1)
1274
cert_list = (gnutls.library.functions
1275
.gnutls_certificate_get_peers
1276
(session._c_object, ctypes.byref(list_size)))
1277
if not bool(cert_list) and list_size.value != 0:
1278
raise gnutls.errors.GNUTLSError(u"error getting peer"
1279
u" certificate")
1280
if list_size.value == 0:
1281
return None
1282
cert = cert_list[0]
1283
return ctypes.string_at(cert.data, cert.size)
1284
1285
@staticmethod
1286
def fingerprint(openpgp):
1287
"Convert an OpenPGP bytestring to a hexdigit fingerprint"
1288
# New GnuTLS "datum" with the OpenPGP public key
1289
datum = (gnutls.library.types
1290
.gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
1291
ctypes.POINTER
1292
(ctypes.c_ubyte)),
1293
ctypes.c_uint(len(openpgp))))
1294
# New empty GnuTLS certificate
1295
crt = gnutls.library.types.gnutls_openpgp_crt_t()
1296
(gnutls.library.functions
1297
.gnutls_openpgp_crt_init(ctypes.byref(crt)))
1298
# Import the OpenPGP public key into the certificate
1299
(gnutls.library.functions
1300
.gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
1301
gnutls.library.constants
1302
.GNUTLS_OPENPGP_FMT_RAW))
1303
# Verify the self signature in the key
1304
crtverify = ctypes.c_uint()
1305
(gnutls.library.functions
1306
.gnutls_openpgp_crt_verify_self(crt, 0,
1307
ctypes.byref(crtverify)))
1308
if crtverify.value != 0:
1309
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1310
raise (gnutls.errors.CertificateSecurityError
1311
(u"Verify failed"))
1312
# New buffer for the fingerprint
1313
buf = ctypes.create_string_buffer(20)
1314
buf_len = ctypes.c_size_t()
1315
# Get the fingerprint from the certificate into the buffer
1316
(gnutls.library.functions
1317
.gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
1318
ctypes.byref(buf_len)))
1319
# Deinit the certificate
1320
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1321
# Convert the buffer to a Python bytestring
1322
fpr = ctypes.string_at(buf, buf_len.value)
1323
# Convert the bytestring to hexadecimal notation
1324
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
1325
return hex_fpr
1326
1327
1328
class MultiprocessingMixIn(object):
1329
"""Like socketserver.ThreadingMixIn, but with multiprocessing"""
1330
def sub_process_main(self, request, address):
1331
try:
1332
self.finish_request(request, address)
1333
except:
1334
self.handle_error(request, address)
1335
self.close_request(request)
1336
1337
def process_request(self, request, address):
1338
"""Start a new process to process the request."""
1339
multiprocessing.Process(target = self.sub_process_main,
1340
args = (request, address)).start()
1341
1342
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1343
""" adds a pipe to the MixIn """
1344
def process_request(self, request, client_address):
1345
"""Overrides and wraps the original process_request().
1346
1347
This function creates a new pipe in self.pipe
1348
"""
1349
parent_pipe, self.child_pipe = multiprocessing.Pipe()
1350
1351
super(MultiprocessingMixInWithPipe,
1352
self).process_request(request, client_address)
1353
self.child_pipe.close()
1354
self.add_pipe(parent_pipe)
1355
1356
def add_pipe(self, parent_pipe):
1357
"""Dummy function; override as necessary"""
1358
pass
1359
1360
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
1361
socketserver.TCPServer, object):
1362
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
1363
371
logger.debug(u"TCP connection from: %s",
372
unicode(self.client_address))
373
session = gnutls.connection.ClientSession(self.request,
374
gnutls.connection.\
375
X509Credentials())
376
377
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
378
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
379
# "+DHE-DSS"))
380
priority = "SECURE256"
381
382
gnutls.library.functions.gnutls_priority_set_direct\
383
(session._c_object, priority, None);
384
385
try:
386
session.handshake()
387
except gnutls.errors.GNUTLSError, error:
388
logger.debug(u"Handshake failed: %s", error)
389
# Do not run session.bye() here: the session is not
390
# established. Just abandon the request.
391
return
392
try:
393
fpr = fingerprint(peer_certificate(session))
394
except (TypeError, gnutls.errors.GNUTLSError), error:
395
logger.debug(u"Bad certificate: %s", error)
396
session.bye()
397
return
398
logger.debug(u"Fingerprint: %s", fpr)
399
client = None
400
for c in self.server.clients:
401
if c.fingerprint == fpr:
402
client = c
403
break
404
# Have to check if client.still_valid(), since it is possible
405
# that the client timed out while establishing the GnuTLS
406
# session.
407
if (not client) or (not client.still_valid()):
408
if client:
409
logger.debug(u"Client %(name)s is invalid",
410
vars(client))
411
else:
412
logger.debug(u"Client not found for fingerprint: %s",
413
fpr)
414
session.bye()
415
return
416
sent_size = 0
417
while sent_size < len(client.secret):
418
sent = session.send(client.secret[sent_size:])
419
logger.debug(u"Sent: %d, remaining: %d",
420
sent, len(client.secret)
421
- (sent_size + sent))
422
sent_size += sent
423
session.bye()
424
425
426
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
427
"""IPv6 TCP server. Accepts 'None' as address and/or port.
1364
428
Attributes:
1365
enabled: Boolean; whether this server is activated yet
1366
interface: None or a network interface name (string)
1367
use_ipv6: Boolean; to use IPv6 or not
429
options: Command line options
430
clients: Set() of Client objects
1368
431
"""
1369
def __init__(self, server_address, RequestHandlerClass,
1370
interface=None, use_ipv6=True):
1371
self.interface = interface
1372
if use_ipv6:
1373
self.address_family = socket.AF_INET6
1374
socketserver.TCPServer.__init__(self, server_address,
1375
RequestHandlerClass)
432
address_family = socket.AF_INET6
433
def __init__(self, *args, **kwargs):
434
if "options" in kwargs:
435
self.options = kwargs["options"]
436
del kwargs["options"]
437
if "clients" in kwargs:
438
self.clients = kwargs["clients"]
439
del kwargs["clients"]
440
return super(type(self), self).__init__(*args, **kwargs)
1376
441
def server_bind(self):
1377
442
"""This overrides the normal server_bind() function
1378
443
to bind to an interface if one was specified, and also NOT to
1379
444
bind to an address or port if they were not specified."""
1380
if self.interface is not None:
1381
if SO_BINDTODEVICE is None:
1382
logger.error(u"SO_BINDTODEVICE does not exist;"
1383
u" cannot bind to interface %s",
1384
self.interface)
1385
else:
1386
try:
1387
self.socket.setsockopt(socket.SOL_SOCKET,
1388
SO_BINDTODEVICE,
1389
str(self.interface
1390
+ u'\0'))
1391
except socket.error, error:
1392
if error[0] == errno.EPERM:
1393
logger.error(u"No permission to"
1394
u" bind to interface %s",
1395
self.interface)
1396
elif error[0] == errno.ENOPROTOOPT:
1397
logger.error(u"SO_BINDTODEVICE not available;"
1398
u" cannot bind to interface %s",
1399
self.interface)
1400
else:
1401
raise
445
if self.options.interface:
446
if not hasattr(socket, "SO_BINDTODEVICE"):
447
# From /usr/include/asm-i486/socket.h
448
socket.SO_BINDTODEVICE = 25
449
try:
450
self.socket.setsockopt(socket.SOL_SOCKET,
451
socket.SO_BINDTODEVICE,
452
self.options.interface)
453
except socket.error, error:
454
if error[0] == errno.EPERM:
455
logger.warning(u"No permission to"
456
u" bind to interface %s",
457
self.options.interface)
458
else:
459
raise error
1402
460
# Only bind(2) the socket if we really need to.
1403
461
if self.server_address[0] or self.server_address[1]:
1404
462
if not self.server_address[0]:
1405
if self.address_family == socket.AF_INET6:
1406
any_address = u"::" # in6addr_any
1407
else:
1408
any_address = socket.INADDR_ANY
1409
self.server_address = (any_address,
463
in6addr_any = "::"
464
self.server_address = (in6addr_any,
1410
465
self.server_address[1])
1411
elif not self.server_address[1]:
466
elif self.server_address[1] is None:
1412
467
self.server_address = (self.server_address[0],
1413
468
0)
1414
# if self.interface:
1415
# self.server_address = (self.server_address[0],
1416
# 0, # port
1417
# 0, # flowinfo
1418
# if_nametoindex
1419
# (self.interface))
1420
return socketserver.TCPServer.server_bind(self)
1421
1422
1423
class MandosServer(IPv6_TCPServer):
1424
"""Mandos server.
1425
1426
Attributes:
1427
clients: set of Client objects
1428
gnutls_priority GnuTLS priority string
1429
use_dbus: Boolean; to emit D-Bus signals or not
1430
1431
Assumes a gobject.MainLoop event loop.
1432
"""
1433
def __init__(self, server_address, RequestHandlerClass,
1434
interface=None, use_ipv6=True, clients=None,
1435
gnutls_priority=None, use_dbus=True):
1436
self.enabled = False
1437
self.clients = clients
1438
if self.clients is None:
1439
self.clients = set()
1440
self.use_dbus = use_dbus
1441
self.gnutls_priority = gnutls_priority
1442
IPv6_TCPServer.__init__(self, server_address,
1443
RequestHandlerClass,
1444
interface = interface,
1445
use_ipv6 = use_ipv6)
1446
def server_activate(self):
1447
if self.enabled:
1448
return socketserver.TCPServer.server_activate(self)
1449
def enable(self):
1450
self.enabled = True
1451
def add_pipe(self, parent_pipe):
1452
# Call "handle_ipc" for both data and EOF events
1453
gobject.io_add_watch(parent_pipe.fileno(),
1454
gobject.IO_IN | gobject.IO_HUP,
1455
functools.partial(self.handle_ipc,
1456
parent_pipe = parent_pipe))
1457
1458
def handle_ipc(self, source, condition, parent_pipe=None,
1459
client_object=None):
1460
condition_names = {
1461
gobject.IO_IN: u"IN", # There is data to read.
1462
gobject.IO_OUT: u"OUT", # Data can be written (without
1463
# blocking).
1464
gobject.IO_PRI: u"PRI", # There is urgent data to read.
1465
gobject.IO_ERR: u"ERR", # Error condition.
1466
gobject.IO_HUP: u"HUP" # Hung up (the connection has been
1467
# broken, usually for pipes and
1468
# sockets).
1469
}
1470
conditions_string = ' | '.join(name
1471
for cond, name in
1472
condition_names.iteritems()
1473
if cond & condition)
1474
logger.debug(u"Handling IPC: FD = %d, condition = %s", source,
1475
conditions_string)
1476
1477
# error or the other end of multiprocessing.Pipe has closed
1478
if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1479
return False
1480
1481
# Read a request from the child
1482
request = parent_pipe.recv()
1483
logger.debug(u"IPC request: %s", repr(request))
1484
command = request[0]
1485
1486
if command == 'init':
1487
fpr = request[1]
1488
address = request[2]
1489
1490
for c in self.clients:
1491
if c.fingerprint == fpr:
1492
client = c
1493
break
1494
else:
1495
logger.warning(u"Client not found for fingerprint: %s, ad"
1496
u"dress: %s", fpr, address)
1497
if self.use_dbus:
1498
# Emit D-Bus signal
1499
mandos_dbus_service.ClientNotFound(fpr, address)
1500
parent_pipe.send(False)
1501
return False
1502
1503
gobject.io_add_watch(parent_pipe.fileno(),
1504
gobject.IO_IN | gobject.IO_HUP,
1505
functools.partial(self.handle_ipc,
1506
parent_pipe = parent_pipe,
1507
client_object = client))
1508
parent_pipe.send(True)
1509
# remove the old hook in favor of the new above hook on same fileno
1510
return False
1511
if command == 'funcall':
1512
funcname = request[1]
1513
args = request[2]
1514
kwargs = request[3]
1515
1516
parent_pipe.send(('data', getattr(client_object, funcname)(*args, **kwargs)))
1517
1518
if command == 'getattr':
1519
attrname = request[1]
1520
if callable(client_object.__getattribute__(attrname)):
1521
parent_pipe.send(('function',))
1522
else:
1523
parent_pipe.send(('data', client_object.__getattribute__(attrname)))
1524
1525
if command == 'setattr':
1526
attrname = request[1]
1527
value = request[2]
1528
setattr(client_object, attrname, value)
1529
1530
return True
469
return super(type(self), self).server_bind()
1531
470
1532
471
1533
472
def string_to_delta(interval):
1534
473
"""Parse a string and return a datetime.timedelta
1535
1536
>>> string_to_delta(u'7d')
474
475
>>> string_to_delta('7d')
1537
476
datetime.timedelta(7)
1538
>>> string_to_delta(u'60s')
477
>>> string_to_delta('60s')
1539
478
datetime.timedelta(0, 60)
1540
>>> string_to_delta(u'60m')
479
>>> string_to_delta('60m')
1541
480
datetime.timedelta(0, 3600)
1542
>>> string_to_delta(u'24h')
481
>>> string_to_delta('24h')
1543
482
datetime.timedelta(1)
1544
483
>>> string_to_delta(u'1w')
1545
484
datetime.timedelta(7)
1546
>>> string_to_delta(u'5m 30s')
1547
datetime.timedelta(0, 330)
1548
485
"""
1549
timevalue = datetime.timedelta(0)
1550
for s in interval.split():
1551
try:
1552
suffix = unicode(s[-1])
1553
value = int(s[:-1])
1554
if suffix == u"d":
1555
delta = datetime.timedelta(value)
1556
elif suffix == u"s":
1557
delta = datetime.timedelta(0, value)
1558
elif suffix == u"m":
1559
delta = datetime.timedelta(0, 0, 0, 0, value)
1560
elif suffix == u"h":
1561
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
1562
elif suffix == u"w":
1563
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
1564
else:
1565
raise ValueError(u"Unknown suffix %r" % suffix)
1566
except (ValueError, IndexError), e:
1567
raise ValueError(e.message)
1568
timevalue += delta
1569
return timevalue
486
try:
487
suffix=unicode(interval[-1])
488
value=int(interval[:-1])
489
if suffix == u"d":
490
delta = datetime.timedelta(value)
491
elif suffix == u"s":
492
delta = datetime.timedelta(0, value)
493
elif suffix == u"m":
494
delta = datetime.timedelta(0, 0, 0, 0, value)
495
elif suffix == u"h":
496
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
497
elif suffix == u"w":
498
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
499
else:
500
raise ValueError
501
except (ValueError, IndexError):
502
raise ValueError
503
return delta
504
505
506
def add_service():
507
"""Derived from the Avahi example code"""
508
global group, serviceName, serviceType, servicePort, serviceTXT, \
509
domain, host
510
if group is None:
511
group = dbus.Interface(
512
bus.get_object( avahi.DBUS_NAME,
513
server.EntryGroupNew()),
514
avahi.DBUS_INTERFACE_ENTRY_GROUP)
515
group.connect_to_signal('StateChanged',
516
entry_group_state_changed)
517
logger.debug(u"Adding service '%s' of type '%s' ...",
518
serviceName, serviceType)
519
520
group.AddService(
521
serviceInterface, # interface
522
avahi.PROTO_INET6, # protocol
523
dbus.UInt32(0), # flags
524
serviceName, serviceType,
525
domain, host,
526
dbus.UInt16(servicePort),
527
avahi.string_array_to_txt_array(serviceTXT))
528
group.Commit()
529
530
531
def remove_service():
532
"""From the Avahi example code"""
533
global group
534
535
if not group is None:
536
group.Reset()
537
538
539
def server_state_changed(state):
540
"""Derived from the Avahi example code"""
541
if state == avahi.SERVER_COLLISION:
542
logger.warning(u"Server name collision")
543
remove_service()
544
elif state == avahi.SERVER_RUNNING:
545
add_service()
546
547
548
def entry_group_state_changed(state, error):
549
"""Derived from the Avahi example code"""
550
global serviceName, server, rename_count
551
552
logger.debug(u"state change: %i", state)
553
554
if state == avahi.ENTRY_GROUP_ESTABLISHED:
555
logger.debug(u"Service established.")
556
elif state == avahi.ENTRY_GROUP_COLLISION:
557
558
rename_count = rename_count - 1
559
if rename_count > 0:
560
name = server.GetAlternativeServiceName(name)
561
logger.warning(u"Service name collision, "
562
u"changing name to '%s' ...", name)
563
remove_service()
564
add_service()
565
566
else:
567
logger.error(u"No suitable service name found after %i"
568
u" retries, exiting.", n_rename)
569
killme(1)
570
elif state == avahi.ENTRY_GROUP_FAILURE:
571
logger.error(u"Error in group state changed %s",
572
unicode(error))
573
killme(1)
1570
574
1571
575
1572
576
def if_nametoindex(interface):
1573
"""Call the C function if_nametoindex(), or equivalent
1574
1575
Note: This function cannot accept a unicode string."""
1576
global if_nametoindex
577
"""Call the C function if_nametoindex()"""
1577
578
try:
1578
if_nametoindex = (ctypes.cdll.LoadLibrary
1579
(ctypes.util.find_library(u"c"))
1580
.if_nametoindex)
579
libc = ctypes.cdll.LoadLibrary("libc.so.6")
580
return libc.if_nametoindex(interface)
1581
581
except (OSError, AttributeError):
1582
logger.warning(u"Doing if_nametoindex the hard way")
1583
def if_nametoindex(interface):
1584
"Get an interface index the hard way, i.e. using fcntl()"
1585
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
1586
with contextlib.closing(socket.socket()) as s:
1587
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
1588
struct.pack(str(u"16s16x"),
1589
interface))
1590
interface_index = struct.unpack(str(u"I"),
1591
ifreq[16:20])[0]
1592
return interface_index
1593
return if_nametoindex(interface)
1594
1595
1596
def daemon(nochdir = False, noclose = False):
582
if "struct" not in sys.modules:
583
import struct
584
if "fcntl" not in sys.modules:
585
import fcntl
586
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
587
s = socket.socket()
588
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
589
struct.pack("16s16x", interface))
590
s.close()
591
interface_index = struct.unpack("I", ifreq[16:20])[0]
592
return interface_index
593
594
595
def daemon(nochdir, noclose):
1597
596
"""See daemon(3). Standard BSD Unix function.
1598
1599
597
This should really exist as os.daemon, but it doesn't (yet)."""
1600
598
if os.fork():
1601
599
sys.exit()
1602
600
os.setsid()
1603
601
if not nochdir:
1604
os.chdir(u"/")
1605
if os.fork():
1606
sys.exit()
602
os.chdir("/")
1607
603
if not noclose:
1608
604
# Close all standard open file descriptors
1609
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
605
null = os.open("/dev/null", os.O_NOCTTY | os.O_RDWR)
1610
606
if not stat.S_ISCHR(os.fstat(null).st_mode):
1611
607
raise OSError(errno.ENODEV,
1612
u"%s not a character device"
1613
% os.path.devnull)
608
"/dev/null not a character device")
1614
609
os.dup2(null, sys.stdin.fileno())
1615
610
os.dup2(null, sys.stdout.fileno())
1616
611
os.dup2(null, sys.stderr.fileno())
1618
613
os.close(null)
1619
614
1620
615
616
def killme(status = 0):
617
logger.debug("Stopping server with exit status %d", status)
618
exitstatus = status
619
if main_loop_started:
620
main_loop.quit()
621
else:
622
sys.exit(status)
623
624
1621
625
def main():
1622
1623
##################################################################
1624
# Parsing of options, both command line and config file
1625
1626
parser = optparse.OptionParser(version = "%%prog %s" % version)
1627
parser.add_option("-i", u"--interface", type=u"string",
1628
metavar="IF", help=u"Bind to interface IF")
1629
parser.add_option("-a", u"--address", type=u"string",
1630
help=u"Address to listen for requests on")
1631
parser.add_option("-p", u"--port", type=u"int",
1632
help=u"Port number to receive requests on")
1633
parser.add_option("--check", action=u"store_true",
1634
help=u"Run self-test")
1635
parser.add_option("--debug", action=u"store_true",
1636
help=u"Debug mode; run in foreground and log to"
1637
u" terminal")
1638
parser.add_option("--debuglevel", type=u"string", metavar="Level",
1639
help=u"Debug level for stdout output")
1640
parser.add_option("--priority", type=u"string", help=u"GnuTLS"
1641
u" priority string (see GnuTLS documentation)")
1642
parser.add_option("--servicename", type=u"string",
1643
metavar=u"NAME", help=u"Zeroconf service name")
1644
parser.add_option("--configdir", type=u"string",
1645
default=u"/etc/mandos", metavar=u"DIR",
1646
help=u"Directory to search for configuration"
1647
u" files")
1648
parser.add_option("--no-dbus", action=u"store_false",
1649
dest=u"use_dbus", help=u"Do not provide D-Bus"
1650
u" system bus interface")
1651
parser.add_option("--no-ipv6", action=u"store_false",
1652
dest=u"use_ipv6", help=u"Do not use IPv6")
1653
options = parser.parse_args()[0]
626
global exitstatus
627
exitstatus = 0
628
global main_loop_started
629
main_loop_started = False
630
631
parser = OptionParser()
632
parser.add_option("-i", "--interface", type="string",
633
default=None, metavar="IF",
634
help="Bind to interface IF")
635
parser.add_option("-a", "--address", type="string", default=None,
636
help="Address to listen for requests on")
637
parser.add_option("-p", "--port", type="int", default=None,
638
help="Port number to receive requests on")
639
parser.add_option("--timeout", type="string", # Parsed later
640
default="1h",
641
help="Amount of downtime allowed for clients")
642
parser.add_option("--interval", type="string", # Parsed later
643
default="5m",
644
help="How often to check that a client is up")
645
parser.add_option("--check", action="store_true", default=False,
646
help="Run self-test")
647
parser.add_option("--debug", action="store_true", default=False,
648
help="Debug mode")
649
(options, args) = parser.parse_args()
1654
650
1655
651
if options.check:
1656
652
import doctest
1657
653
doctest.testmod()
1658
654
sys.exit()
1659
655
1660
# Default values for config file for server-global settings
1661
server_defaults = { u"interface": u"",
1662
u"address": u"",
1663
u"port": u"",
1664
u"debug": u"False",
1665
u"priority":
1666
u"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
1667
u"servicename": u"Mandos",
1668
u"use_dbus": u"True",
1669
u"use_ipv6": u"True",
1670
u"debuglevel": u"",
1671
}
1672
1673
# Parse config file for server-global settings
1674
server_config = configparser.SafeConfigParser(server_defaults)
1675
del server_defaults
1676
server_config.read(os.path.join(options.configdir,
1677
u"mandos.conf"))
1678
# Convert the SafeConfigParser object to a dict
1679
server_settings = server_config.defaults()
1680
# Use the appropriate methods on the non-string config options
1681
for option in (u"debug", u"use_dbus", u"use_ipv6"):
1682
server_settings[option] = server_config.getboolean(u"DEFAULT",
1683
option)
1684
if server_settings["port"]:
1685
server_settings["port"] = server_config.getint(u"DEFAULT",
1686
u"port")
1687
del server_config
1688
1689
# Override the settings from the config file with command line
1690
# options, if set.
1691
for option in (u"interface", u"address", u"port", u"debug",
1692
u"priority", u"servicename", u"configdir",
1693
u"use_dbus", u"use_ipv6", u"debuglevel"):
1694
value = getattr(options, option)
1695
if value is not None:
1696
server_settings[option] = value
1697
del options
1698
# Force all strings to be unicode
1699
for option in server_settings.keys():
1700
if type(server_settings[option]) is str:
1701
server_settings[option] = unicode(server_settings[option])
1702
# Now we have our good server settings in "server_settings"
1703
1704
##################################################################
1705
1706
# For convenience
1707
debug = server_settings[u"debug"]
1708
debuglevel = server_settings[u"debuglevel"]
1709
use_dbus = server_settings[u"use_dbus"]
1710
use_ipv6 = server_settings[u"use_ipv6"]
1711
1712
if server_settings[u"servicename"] != u"Mandos":
1713
syslogger.setFormatter(logging.Formatter
1714
(u'Mandos (%s) [%%(process)d]:'
1715
u' %%(levelname)s: %%(message)s'
1716
% server_settings[u"servicename"]))
1717
1718
# Parse config file with clients
1719
client_defaults = { u"timeout": u"1h",
1720
u"interval": u"5m",
1721
u"checker": u"fping -q -- %%(host)s",
1722
u"host": u"",
1723
u"approved_delay": u"0s",
1724
u"approved_duration": u"1s",
1725
}
1726
client_config = configparser.SafeConfigParser(client_defaults)
1727
client_config.read(os.path.join(server_settings[u"configdir"],
1728
u"clients.conf"))
1729
1730
global mandos_dbus_service
1731
mandos_dbus_service = None
1732
1733
tcp_server = MandosServer((server_settings[u"address"],
1734
server_settings[u"port"]),
1735
ClientHandler,
1736
interface=server_settings[u"interface"],
1737
use_ipv6=use_ipv6,
1738
gnutls_priority=
1739
server_settings[u"priority"],
1740
use_dbus=use_dbus)
1741
pidfilename = u"/var/run/mandos.pid"
1742
try:
1743
pidfile = open(pidfilename, u"w")
1744
except IOError:
1745
logger.error(u"Could not open file %r", pidfilename)
1746
1747
try:
1748
uid = pwd.getpwnam(u"_mandos").pw_uid
1749
gid = pwd.getpwnam(u"_mandos").pw_gid
1750
except KeyError:
1751
try:
1752
uid = pwd.getpwnam(u"mandos").pw_uid
1753
gid = pwd.getpwnam(u"mandos").pw_gid
1754
except KeyError:
1755
try:
1756
uid = pwd.getpwnam(u"nobody").pw_uid
1757
gid = pwd.getpwnam(u"nobody").pw_gid
1758
except KeyError:
1759
uid = 65534
1760
gid = 65534
1761
try:
1762
os.setgid(gid)
1763
os.setuid(uid)
1764
except OSError, error:
1765
if error[0] != errno.EPERM:
1766
raise error
1767
1768
# Enable all possible GnuTLS debugging
1769
1770
1771
if not debug and not debuglevel:
1772
syslogger.setLevel(logging.WARNING)
1773
console.setLevel(logging.WARNING)
1774
if debuglevel:
1775
level = getattr(logging, debuglevel.upper())
1776
syslogger.setLevel(level)
1777
console.setLevel(level)
1778
1779
if debug:
1780
# "Use a log level over 10 to enable all debugging options."
1781
# - GnuTLS manual
1782
gnutls.library.functions.gnutls_global_set_log_level(11)
1783
1784
@gnutls.library.types.gnutls_log_func
1785
def debug_gnutls(level, string):
1786
logger.debug(u"GnuTLS: %s", string[:-1])
1787
1788
(gnutls.library.functions
1789
.gnutls_global_set_log_function(debug_gnutls))
1790
1791
# Redirect stdin so all checkers get /dev/null
1792
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1793
os.dup2(null, sys.stdin.fileno())
1794
if null > 2:
1795
os.close(null)
1796
else:
1797
# No console logging
1798
logger.removeHandler(console)
1799
656
# Parse the time arguments
657
try:
658
options.timeout = string_to_delta(options.timeout)
659
except ValueError:
660
parser.error("option --timeout: Unparseable time")
661
try:
662
options.interval = string_to_delta(options.interval)
663
except ValueError:
664
parser.error("option --interval: Unparseable time")
665
666
# Parse config file
667
defaults = { "checker": "fping -q -- %%(fqdn)s" }
668
client_config = ConfigParser.SafeConfigParser(defaults)
669
#client_config.readfp(open("global.conf"), "global.conf")
670
client_config.read("mandos-clients.conf")
1800
671
1801
672
global main_loop
673
global bus
674
global server
1802
675
# From the Avahi example code
1803
676
DBusGMainLoop(set_as_default=True )
1804
677
main_loop = gobject.MainLoop()
1805
678
bus = dbus.SystemBus()
679
server = dbus.Interface(
680
bus.get_object( avahi.DBUS_NAME, avahi.DBUS_PATH_SERVER ),
681
avahi.DBUS_INTERFACE_SERVER )
1806
682
# End of Avahi example code
1807
if use_dbus:
1808
try:
1809
bus_name = dbus.service.BusName(u"se.bsnet.fukt.Mandos",
1810
bus, do_not_queue=True)
1811
except dbus.exceptions.NameExistsException, e:
1812
logger.error(unicode(e) + u", disabling D-Bus")
1813
use_dbus = False
1814
server_settings[u"use_dbus"] = False
1815
tcp_server.use_dbus = False
1816
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
1817
service = AvahiService(name = server_settings[u"servicename"],
1818
servicetype = u"_mandos._tcp",
1819
protocol = protocol, bus = bus)
1820
if server_settings["interface"]:
1821
service.interface = (if_nametoindex
1822
(str(server_settings[u"interface"])))
1823
1824
if not debug:
1825
# Close all input and output, do double fork, etc.
1826
daemon()
1827
1828
global multiprocessing_manager
1829
multiprocessing_manager = multiprocessing.Manager()
1830
1831
client_class = Client
1832
if use_dbus:
1833
client_class = functools.partial(ClientDBus, bus = bus)
1834
def client_config_items(config, section):
1835
special_settings = {
1836
"approved_by_default":
1837
lambda: config.getboolean(section,
1838
"approved_by_default"),
1839
}
1840
for name, value in config.items(section):
1841
try:
1842
yield (name, special_settings[name]())
1843
except KeyError:
1844
yield (name, value)
1845
1846
tcp_server.clients.update(set(
1847
client_class(name = section,
1848
config= dict(client_config_items(
1849
client_config, section)))
1850
for section in client_config.sections()))
1851
if not tcp_server.clients:
1852
logger.warning(u"No clients defined")
1853
1854
try:
1855
with pidfile:
1856
pid = os.getpid()
1857
pidfile.write(str(pid) + "\n")
1858
del pidfile
1859
except IOError:
1860
logger.error(u"Could not write to file %r with PID %d",
1861
pidfilename, pid)
1862
except NameError:
1863
# "pidfile" was never created
1864
pass
1865
del pidfilename
1866
1867
if not debug:
1868
signal.signal(signal.SIGINT, signal.SIG_IGN)
1869
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
1870
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
1871
1872
if use_dbus:
1873
class MandosDBusService(dbus.service.Object):
1874
"""A D-Bus proxy object"""
1875
def __init__(self):
1876
dbus.service.Object.__init__(self, bus, u"/")
1877
_interface = u"se.bsnet.fukt.Mandos"
1878
1879
@dbus.service.signal(_interface, signature=u"o")
1880
def ClientAdded(self, objpath):
1881
"D-Bus signal"
1882
pass
1883
1884
@dbus.service.signal(_interface, signature=u"ss")
1885
def ClientNotFound(self, fingerprint, address):
1886
"D-Bus signal"
1887
pass
1888
1889
@dbus.service.signal(_interface, signature=u"os")
1890
def ClientRemoved(self, objpath, name):
1891
"D-Bus signal"
1892
pass
1893
1894
@dbus.service.method(_interface, out_signature=u"ao")
1895
def GetAllClients(self):
1896
"D-Bus method"
1897
return dbus.Array(c.dbus_object_path
1898
for c in tcp_server.clients)
1899
1900
@dbus.service.method(_interface,
1901
out_signature=u"a{oa{sv}}")
1902
def GetAllClientsWithProperties(self):
1903
"D-Bus method"
1904
return dbus.Dictionary(
1905
((c.dbus_object_path, c.GetAll(u""))
1906
for c in tcp_server.clients),
1907
signature=u"oa{sv}")
1908
1909
@dbus.service.method(_interface, in_signature=u"o")
1910
def RemoveClient(self, object_path):
1911
"D-Bus method"
1912
for c in tcp_server.clients:
1913
if c.dbus_object_path == object_path:
1914
tcp_server.clients.remove(c)
1915
c.remove_from_connection()
1916
# Don't signal anything except ClientRemoved
1917
c.disable(quiet=True)
1918
# Emit D-Bus signal
1919
self.ClientRemoved(object_path, c.name)
1920
return
1921
raise KeyError(object_path)
1922
1923
del _interface
1924
1925
mandos_dbus_service = MandosDBusService()
683
684
debug = options.debug
685
686
if debug:
687
console = logging.StreamHandler()
688
# console.setLevel(logging.DEBUG)
689
console.setFormatter(logging.Formatter\
690
('%(levelname)s: %(message)s'))
691
logger.addHandler(console)
692
del console
693
694
clients = Set()
695
def remove_from_clients(client):
696
clients.remove(client)
697
if not clients:
698
logger.debug(u"No clients left, exiting")
699
killme()
700
701
clients.update(Set(Client(name=section, options=options,
702
stop_hook = remove_from_clients,
703
**(dict(client_config\
704
.items(section))))
705
for section in client_config.sections()))
706
707
if not debug:
708
daemon(False, False)
1926
709
1927
710
def cleanup():
1928
711
"Cleanup function; run on exit"
1929
service.cleanup()
1930
1931
while tcp_server.clients:
1932
client = tcp_server.clients.pop()
1933
if use_dbus:
1934
client.remove_from_connection()
1935
client.disable_hook = None
1936
# Don't signal anything except ClientRemoved
1937
client.disable(quiet=True)
1938
if use_dbus:
1939
# Emit D-Bus signal
1940
mandos_dbus_service.ClientRemoved(client.dbus_object_path,
1941
client.name)
1942
1943
atexit.register(cleanup)
1944
1945
for client in tcp_server.clients:
1946
if use_dbus:
1947
# Emit D-Bus signal
1948
mandos_dbus_service.ClientAdded(client.dbus_object_path)
1949
client.enable()
1950
1951
tcp_server.enable()
1952
tcp_server.server_activate()
1953
1954
# Find out what port we got
1955
service.port = tcp_server.socket.getsockname()[1]
1956
if use_ipv6:
1957
logger.info(u"Now listening on address %r, port %d,"
1958
" flowinfo %d, scope_id %d"
1959
% tcp_server.socket.getsockname())
1960
else: # IPv4
1961
logger.info(u"Now listening on address %r, port %d"
1962
% tcp_server.socket.getsockname())
1963
1964
#service.interface = tcp_server.socket.getsockname()[3]
1965
1966
try:
712
global group
1967
713
# From the Avahi example code
1968
try:
1969
service.activate()
1970
except dbus.exceptions.DBusException, error:
1971
logger.critical(u"DBusException: %s", error)
1972
cleanup()
1973
sys.exit(1)
714
if not group is None:
715
group.Free()
716
group = None
1974
717
# End of Avahi example code
1975
718
1976
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
1977
lambda *args, **kwargs:
1978
(tcp_server.handle_request
1979
(*args[2:], **kwargs) or True))
1980
1981
logger.debug(u"Starting main loop")
719
while clients:
720
client = clients.pop()
721
client.stop_hook = None
722
client.stop()
723
724
atexit.register(cleanup)
725
726
if not debug:
727
signal.signal(signal.SIGINT, signal.SIG_IGN)
728
signal.signal(signal.SIGHUP, lambda signum, frame: killme())
729
signal.signal(signal.SIGTERM, lambda signum, frame: killme())
730
731
for client in clients:
732
client.start()
733
734
tcp_server = IPv6_TCPServer((options.address, options.port),
735
tcp_handler,
736
options=options,
737
clients=clients)
738
# Find out what random port we got
739
global servicePort
740
servicePort = tcp_server.socket.getsockname()[1]
741
logger.debug(u"Now listening on port %d", servicePort)
742
743
if options.interface is not None:
744
global serviceInterface
745
serviceInterface = if_nametoindex(options.interface)
746
747
# From the Avahi example code
748
server.connect_to_signal("StateChanged", server_state_changed)
749
try:
750
server_state_changed(server.GetState())
751
except dbus.exceptions.DBusException, error:
752
logger.critical(u"DBusException: %s", error)
753
killme(1)
754
# End of Avahi example code
755
756
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
757
lambda *args, **kwargs:
758
tcp_server.handle_request(*args[2:],
759
**kwargs) or True)
760
try:
761
logger.debug("Starting main loop")
762
main_loop_started = True
1982
763
main_loop.run()
1983
except AvahiError, error:
1984
logger.critical(u"AvahiError: %s", error)
1985
cleanup()
1986
sys.exit(1)
1987
764
except KeyboardInterrupt:
1988
765
if debug:
1989
print >> sys.stderr
1990
logger.debug(u"Server received KeyboardInterrupt")
1991
logger.debug(u"Server exiting")
1992
# Must run before the D-Bus bus name gets deregistered
1993
cleanup()
766
print
767
768
sys.exit(exitstatus)
1994
769
1995
770
if __name__ == '__main__':
1996
771
main()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0