To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 249
- compare with another revision
- download diff
- download tarball
- view history from revision 249
- Committer: Teddy Hogeborn
- Date: 2009-01-23 16:49:50 UTC
- mfrom: (237.2.44 mandos)
- Revision ID: teddy@fukt.bsnet.se-20090123164950-o9xpip46ib4i6n23
Merge from trunk; miscellaneous small fixes. Major points: A lintian
warning (long line in plugin-runner manual page) eliminated as
requested by sponsor, one bug fixed (bashism in mandos-keygen), and
one small inconsistency fixed (server is now started after install).
warning (long line in plugin-runner manual page) eliminated as
requested by sponsor, one bug fixed (bashism in mandos-keygen), and
one small inconsistency fixed (server is now started after install).
added
removed
mandos
595
595
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
596
596
# ...do the normal thing
597
597
return session.peer_certificate
598
list_size = ctypes.c_uint(1)
598
list_size = ctypes.c_uint()
599
599
cert_list = (gnutls.library.functions
600
600
.gnutls_certificate_get_peers
601
601
(session._c_object, ctypes.byref(list_size)))
602
if not bool(cert_list) and list_size.value != 0:
603
raise gnutls.errors.GNUTLSError("error getting peer"
604
" certificate")
605
602
if list_size.value == 0:
606
603
return None
607
604
cert = cert_list[0]
691
688
# Do not run session.bye() here: the session is not
692
689
# established. Just abandon the request.
693
690
return
694
logger.debug(u"Handshake succeeded")
695
691
try:
696
692
fpr = fingerprint(peer_certificate(session))
697
693
except (TypeError, gnutls.errors.GNUTLSError), error:
699
695
session.bye()
700
696
return
701
697
logger.debug(u"Fingerprint: %s", fpr)
702
703
698
for c in self.server.clients:
704
699
if c.fingerprint == fpr:
705
700
client = c
791
786
792
787
def string_to_delta(interval):
793
788
"""Parse a string and return a datetime.timedelta
794
789
795
790
>>> string_to_delta('7d')
796
791
datetime.timedelta(7)
797
792
>>> string_to_delta('60s')
920
915
" files")
921
916
parser.add_option("--no-dbus", action="store_false",
922
917
dest="use_dbus",
923
help="Do not provide D-Bus system bus"
924
" interface")
918
help=optparse.SUPPRESS_HELP) # XXX: Not done yet
925
919
options = parser.parse_args()[0]
926
920
927
921
if options.check:
946
940
server_config.read(os.path.join(options.configdir, "mandos.conf"))
947
941
# Convert the SafeConfigParser object to a dict
948
942
server_settings = server_config.defaults()
949
# Use the appropriate methods on the non-string config options
950
server_settings["debug"] = server_config.getboolean("DEFAULT",
951
"debug")
952
server_settings["use_dbus"] = server_config.getboolean("DEFAULT",
953
"use_dbus")
954
if server_settings["port"]:
955
server_settings["port"] = server_config.getint("DEFAULT",
956
"port")
943
# Use getboolean on the boolean config options
944
server_settings["debug"] = (server_config.getboolean
945
("DEFAULT", "debug"))
946
server_settings["use_dbus"] = (server_config.getboolean
947
("DEFAULT", "use_dbus"))
957
948
del server_config
958
949
959
950
# Override the settings from the config file with command line
970
961
# For convenience
971
962
debug = server_settings["debug"]
972
963
use_dbus = server_settings["use_dbus"]
973
974
def sigsegvhandler(signum, frame):
975
raise RuntimeError('Segmentation fault')
964
use_dbus = False # XXX: Not done yet
976
965
977
966
if not debug:
978
967
syslogger.setLevel(logging.WARNING)
979
968
console.setLevel(logging.WARNING)
980
else:
981
signal.signal(signal.SIGSEGV, sigsegvhandler)
982
969
983
970
if server_settings["servicename"] != "Mandos":
984
971
syslogger.setFormatter(logging.Formatter
1023
1010
uid = 65534
1024
1011
gid = 65534
1025
1012
try:
1013
os.setuid(uid)
1026
1014
os.setgid(gid)
1027
os.setuid(uid)
1028
1015
except OSError, error:
1029
1016
if error[0] != errno.EPERM:
1030
1017
raise error
1031
1018
1032
# Enable all possible GnuTLS debugging
1033
if debug:
1034
# "Use a log level over 10 to enable all debugging options."
1035
# - GnuTLS manual
1036
gnutls.library.functions.gnutls_global_set_log_level(11)
1037
1038
@gnutls.library.types.gnutls_log_func
1039
def debug_gnutls(level, string):
1040
logger.debug("GnuTLS: %s", string[:-1])
1041
1042
(gnutls.library.functions
1043
.gnutls_global_set_log_function(debug_gnutls))
1044
1045
1019
global service
1046
1020
service = AvahiService(name = server_settings["servicename"],
1047
1021
servicetype = "_mandos._tcp", )
1136
1110
1137
1111
@dbus.service.method(_interface, out_signature="ao")
1138
1112
def GetAllClients(self):
1139
"D-Bus method"
1140
1113
return dbus.Array(c.dbus_object_path for c in clients)
1141
1114
1142
1115
@dbus.service.method(_interface, out_signature="a{oa{sv}}")
1143
1116
def GetAllClientsWithProperties(self):
1144
"D-Bus method"
1145
1117
return dbus.Dictionary(
1146
1118
((c.dbus_object_path, c.GetAllProperties())
1147
1119
for c in clients),
1149
1121
1150
1122
@dbus.service.method(_interface, in_signature="o")
1151
1123
def RemoveClient(self, object_path):
1152
"D-Bus method"
1153
1124
for c in clients:
1154
1125
if c.dbus_object_path == object_path:
1155
1126
clients.remove(c)
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0