372
358
self.host = config.get("host", "")
373
359
self.created = datetime.datetime.utcnow()
375
361
self.last_approval_request = None
376
self.last_enabled = datetime.datetime.utcnow()
362
self.last_enabled = None
377
363
self.last_checked_ok = None
378
self.last_checker_status = None
379
364
self.timeout = string_to_delta(config["timeout"])
380
365
self.extended_timeout = string_to_delta(config
381
366
["extended_timeout"])
382
367
self.interval = string_to_delta(config["interval"])
368
self.disable_hook = disable_hook
383
369
self.checker = None
384
370
self.checker_initiator_tag = None
385
371
self.disable_initiator_tag = None
386
self.expires = datetime.datetime.utcnow() + self.timeout
387
373
self.checker_callback_tag = None
388
374
self.checker_command = config["checker"]
389
375
self.current_checker_command = None
376
self.last_connect = None
390
377
self._approved = None
391
378
self.approved_by_default = config.get("approved_by_default",
398
385
self.changedstate = (multiprocessing_manager
399
386
.Condition(multiprocessing_manager
401
self.client_structure = [attr for attr
402
in self.__dict__.iterkeys()
403
if not attr.startswith("_")]
404
self.client_structure.append("client_structure")
407
for name, t in inspect.getmembers(type(self),
411
if not name.startswith("_"):
412
self.client_structure.append(name)
414
# Send notice to process children that client state has changed
415
389
def send_changedstate(self):
416
with self.changedstate:
417
self.changedstate.notify_all()
390
self.changedstate.acquire()
391
self.changedstate.notify_all()
392
self.changedstate.release()
419
394
def enable(self):
420
395
"""Start this client's checker and timeout hooks"""
422
397
# Already enabled
424
399
self.send_changedstate()
400
# Schedule a new checker to be started an 'interval' from now,
401
# and every interval from then on.
402
self.checker_initiator_tag = (gobject.timeout_add
403
(self.interval_milliseconds(),
405
# Schedule a disable() when 'timeout' has passed
425
406
self.expires = datetime.datetime.utcnow() + self.timeout
407
self.disable_initiator_tag = (gobject.timeout_add
408
(self.timeout_milliseconds(),
426
410
self.enabled = True
427
411
self.last_enabled = datetime.datetime.utcnow()
412
# Also start a new checker *right now*.
430
415
def disable(self, quiet=True):
431
416
"""Disable this client."""
443
428
gobject.source_remove(self.checker_initiator_tag)
444
429
self.checker_initiator_tag = None
445
430
self.stop_checker()
431
if self.disable_hook:
432
self.disable_hook(self)
446
433
self.enabled = False
447
434
# Do not run this again if called by a gobject.timeout_add
450
437
def __del__(self):
438
self.disable_hook = None
453
def init_checker(self):
454
# Schedule a new checker to be started an 'interval' from now,
455
# and every interval from then on.
456
self.checker_initiator_tag = (gobject.timeout_add
457
(self.interval_milliseconds(),
459
# Schedule a disable() when 'timeout' has passed
460
self.disable_initiator_tag = (gobject.timeout_add
461
(self.timeout_milliseconds(),
463
# Also start a new checker *right now*.
467
441
def checker_callback(self, pid, condition, command):
468
442
"""The checker has completed, so take appropriate actions."""
469
443
self.checker_callback_tag = None
470
444
self.checker = None
471
445
if os.WIFEXITED(condition):
472
self.last_checker_status = os.WEXITSTATUS(condition)
473
if self.last_checker_status == 0:
446
exitstatus = os.WEXITSTATUS(condition)
474
448
logger.info("Checker for %(name)s succeeded",
476
450
self.checked_ok()
596
569
self.checker = None
598
# Encrypts a client secret and stores it in a varible
600
def encrypt_secret(self, key):
601
# Encryption-key need to be of a specific size, so we hash
603
hasheng = hashlib.sha256()
605
encryptionkey = hasheng.digest()
607
# Create validation hash so we know at decryption if it was
609
hasheng = hashlib.sha256()
610
hasheng.update(self.secret)
611
validationhash = hasheng.digest()
614
iv = os.urandom(Crypto.Cipher.AES.block_size)
615
ciphereng = Crypto.Cipher.AES.new(encryptionkey,
616
Crypto.Cipher.AES.MODE_CFB, iv)
617
ciphertext = ciphereng.encrypt(validationhash+self.secret)
618
self.encrypted_secret = (ciphertext, iv)
620
# Decrypt a encrypted client secret
621
def decrypt_secret(self, key):
622
# Decryption-key need to be of a specific size, so we hash
624
hasheng = hashlib.sha256()
626
encryptionkey = hasheng.digest()
628
# Decrypt encrypted secret
629
ciphertext, iv = self.encrypted_secret
630
ciphereng = Crypto.Cipher.AES.new(encryptionkey,
631
Crypto.Cipher.AES.MODE_CFB, iv)
632
plain = ciphereng.decrypt(ciphertext)
634
# Validate decrypted secret to know if it was succesful
635
hasheng = hashlib.sha256()
636
validationhash = plain[:hasheng.digest_size]
637
secret = plain[hasheng.digest_size:]
638
hasheng.update(secret)
640
# If validation fails, we use key as new secret. Otherwise, we
641
# use the decrypted secret
642
if hasheng.digest() == validationhash:
646
del self.encrypted_secret
649
572
def dbus_service_property(dbus_interface, signature="v",
650
573
access="readwrite", byte_arrays=False):
2108
2024
server_settings["use_dbus"] = False
2109
2025
tcp_server.use_dbus = False
2110
2026
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
2111
service = AvahiServiceToSyslog(name =
2112
server_settings["servicename"],
2113
servicetype = "_mandos._tcp",
2114
protocol = protocol, bus = bus)
2027
service = AvahiService(name = server_settings["servicename"],
2028
servicetype = "_mandos._tcp",
2029
protocol = protocol, bus = bus)
2115
2030
if server_settings["interface"]:
2116
2031
service.interface = (if_nametoindex
2117
2032
(str(server_settings["interface"])))
2124
2039
client_class = functools.partial(ClientDBusTransitional,
2127
special_settings = {
2128
# Some settings need to be accessd by special methods;
2129
# booleans need .getboolean(), etc. Here is a list of them:
2130
"approved_by_default":
2132
client_config.getboolean(section, "approved_by_default"),
2134
# Construct a new dict of client settings of this form:
2135
# { client_name: {setting_name: value, ...}, ...}
2136
# with exceptions for any special settings as defined above
2137
client_settings = dict((clientname,
2140
setting not in special_settings
2141
else special_settings[setting]
2144
in client_config.items(clientname)))
2145
for clientname in client_config.sections())
2147
old_client_settings = {}
2150
# Get client data and settings from last running state.
2151
if server_settings["restore"]:
2153
with open(stored_state_path, "rb") as stored_state:
2154
clients_data, old_client_settings = (
2155
pickle.load(stored_state))
2156
os.remove(stored_state_path)
2157
except IOError as e:
2158
logger.warning("Could not load persistant state: {0}"
2160
if e.errno != errno.ENOENT:
2163
for client in clients_data:
2164
client_name = client["name"]
2166
# Decide which value to use after restoring saved state.
2167
# We have three different values: Old config file,
2168
# new config file, and saved state.
2169
# New config value takes precedence if it differs from old
2170
# config value, otherwise use saved state.
2171
for name, value in client_settings[client_name].items():
2041
def client_config_items(config, section):
2042
special_settings = {
2043
"approved_by_default":
2044
lambda: config.getboolean(section,
2045
"approved_by_default"),
2047
for name, value in config.items(section):
2173
# For each value in new config, check if it differs
2174
# from the old config value (Except for the "secret"
2176
if (name != "secret" and
2177
value != old_client_settings[client_name][name]):
2178
setattr(client, name, value)
2049
yield (name, special_settings[name]())
2179
2050
except KeyError:
2182
# Clients who has passed its expire date, can still be enabled
2183
# if its last checker was sucessful. Clients who checkers
2184
# failed before we stored it state is asumed to had failed
2185
# checker during downtime.
2186
if client["enabled"] and client["last_checked_ok"]:
2187
if ((datetime.datetime.utcnow()
2188
- client["last_checked_ok"]) > client["interval"]):
2189
if client["last_checker_status"] != 0:
2190
client["enabled"] = False
2192
client["expires"] = (datetime.datetime.utcnow()
2193
+ client["timeout"])
2195
client["changedstate"] = (multiprocessing_manager
2196
.Condition(multiprocessing_manager
2199
new_client = ClientDBusTransitional.__new__(
2200
ClientDBusTransitional)
2201
tcp_server.clients[client_name] = new_client
2202
new_client.bus = bus
2203
for name, value in client.iteritems():
2204
setattr(new_client, name, value)
2205
new_client._approvals_pending = 0
2206
new_client.add_to_dbus()
2208
tcp_server.clients[client_name] = Client.__new__(Client)
2209
for name, value in client.iteritems():
2210
setattr(tcp_server.clients[client_name], name, value)
2212
tcp_server.clients[client_name].decrypt_secret(
2213
client_settings[client_name]["secret"])
2215
# Create/remove clients based on new changes made to config
2216
for clientname in set(old_client_settings) - set(client_settings):
2217
del tcp_server.clients[clientname]
2218
for clientname in set(client_settings) - set(old_client_settings):
2219
tcp_server.clients[clientname] = client_class(name
2053
tcp_server.clients.update(set(
2054
client_class(name = section,
2055
config= dict(client_config_items(
2056
client_config, section)))
2057
for section in client_config.sections()))
2225
2058
if not tcp_server.clients:
2226
2059
logger.warning("No clients defined")
2280
2112
return dbus.Dictionary(
2281
2113
((c.dbus_object_path, c.GetAll(""))
2282
for c in tcp_server.clients.itervalues()),
2114
for c in tcp_server.clients),
2283
2115
signature="oa{sv}")
2285
2117
@dbus.service.method(_interface, in_signature="o")
2286
2118
def RemoveClient(self, object_path):
2288
for c in tcp_server.clients.itervalues():
2120
for c in tcp_server.clients:
2289
2121
if c.dbus_object_path == object_path:
2290
del tcp_server.clients[c.name]
2122
tcp_server.clients.remove(c)
2291
2123
c.remove_from_connection()
2292
2124
# Don't signal anything except ClientRemoved
2293
2125
c.disable(quiet=True)
2307
2139
service.cleanup()
2309
2141
multiprocessing.active_children()
2310
if not (tcp_server.clients or client_settings):
2313
# Store client before exiting. Secrets are encrypted with key
2314
# based on what config file has. If config file is
2315
# removed/edited, old secret will thus be unrecovable.
2317
for client in tcp_server.clients.itervalues():
2318
client.encrypt_secret(
2319
client_settings[client.name]["secret"])
2323
# A list of attributes that will not be stored when
2325
exclude = set(("bus", "changedstate", "secret"))
2326
for name, typ in inspect.getmembers(dbus.service.Object):
2329
client_dict["encrypted_secret"] = client.encrypted_secret
2330
for attr in client.client_structure:
2331
if attr not in exclude:
2332
client_dict[attr] = getattr(client, attr)
2334
clients.append(client_dict)
2335
del client_settings[client.name]["secret"]
2338
with os.fdopen(os.open(stored_state_path,
2339
os.O_CREAT|os.O_WRONLY|os.O_TRUNC,
2340
stat.S_IRUSR | stat.S_IWUSR),
2341
"wb") as stored_state:
2342
pickle.dump((clients, client_settings), stored_state)
2343
except IOError as e:
2344
logger.warning("Could not save persistant state: {0}"
2346
if e.errno != errno.ENOENT:
2349
# Delete all clients, and settings from config
2350
2142
while tcp_server.clients:
2351
name, client = tcp_server.clients.popitem()
2143
client = tcp_server.clients.pop()
2353
2145
client.remove_from_connection()
2146
client.disable_hook = None
2354
2147
# Don't signal anything except ClientRemoved
2355
2148
client.disable(quiet=True)