To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 296
- compare with another revision
- download diff
- download tarball
- view history from revision 296
- Committer: Teddy Hogeborn
- Date: 2012-01-15 21:02:37 UTC
- mfrom: (237.7.106 trunk)
- Revision ID: teddy@recompile.se-20120115210237-6mcl2zuoxyn5smr5
Merge from trunk.
- files added:
- DBUS-API
- debian/source
- network-hooks.d
- files removed:
- debian/mandos-client.config
- files modified:
- .bzrignore
added
removed
mandos
6
6
# This program is partly derived from an example program for an Avahi
7
7
# service publisher, downloaded from
8
8
# <http://avahi.org/wiki/PythonPublishExample>. This includes the
9
# methods "add" and "remove" in the "AvahiService" class, the
10
# "server_state_changed" and "entry_group_state_changed" functions,
11
# and some lines in "main".
9
# methods "add", "remove", "server_state_changed",
10
# "entry_group_state_changed", "cleanup", and "activate" in the
11
# "AvahiService" class, and some lines in "main".
12
12
#
13
13
# Everything else is
14
# Copyright © 2008 Teddy Hogeborn
15
# Copyright © 2008 Björn Påhlsson
14
# Copyright © 2008-2012 Teddy Hogeborn
15
# Copyright © 2008-2012 Björn Påhlsson
16
16
#
17
17
# This program is free software: you can redistribute it and/or modify
18
18
# it under the terms of the GNU General Public License as published by
28
28
# along with this program. If not, see
29
29
# <http://www.gnu.org/licenses/>.
30
30
#
31
# Contact the authors at <mandos@fukt.bsnet.se>.
31
# Contact the authors at <mandos@recompile.se>.
32
32
#
33
33
34
from __future__ import division, with_statement, absolute_import
34
from __future__ import (division, absolute_import, print_function,
35
unicode_literals)
35
36
36
import SocketServer
37
import SocketServer as socketserver
37
38
import socket
38
from optparse import OptionParser
39
import argparse
39
40
import datetime
40
41
import errno
41
42
import gnutls.crypto
44
45
import gnutls.library.functions
45
46
import gnutls.library.constants
46
47
import gnutls.library.types
47
import ConfigParser
48
import ConfigParser as configparser
48
49
import sys
49
50
import re
50
51
import os
51
52
import signal
52
from sets import Set
53
53
import subprocess
54
54
import atexit
55
55
import stat
56
56
import logging
57
57
import logging.handlers
58
58
import pwd
59
from contextlib import closing
59
import contextlib
60
import struct
61
import fcntl
62
import functools
63
import cPickle as pickle
64
import multiprocessing
65
import types
66
import binascii
67
import tempfile
60
68
61
69
import dbus
62
70
import dbus.service
65
73
from dbus.mainloop.glib import DBusGMainLoop
66
74
import ctypes
67
75
import ctypes.util
68
69
version = "1.0.2"
70
71
logger = logging.Logger('mandos')
76
import xml.dom.minidom
77
import inspect
78
import GnuPGInterface
79
80
try:
81
SO_BINDTODEVICE = socket.SO_BINDTODEVICE
82
except AttributeError:
83
try:
84
from IN import SO_BINDTODEVICE
85
except ImportError:
86
SO_BINDTODEVICE = None
87
88
version = "1.5.2"
89
stored_state_file = "clients.pickle"
90
91
logger = logging.getLogger()
72
92
syslogger = (logging.handlers.SysLogHandler
73
93
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
74
address = "/dev/log"))
75
syslogger.setFormatter(logging.Formatter
76
('Mandos: %(levelname)s: %(message)s'))
77
logger.addHandler(syslogger)
78
79
console = logging.StreamHandler()
80
console.setFormatter(logging.Formatter('%(name)s: %(levelname)s:'
81
' %(message)s'))
82
logger.addHandler(console)
94
address = str("/dev/log")))
95
96
try:
97
if_nametoindex = (ctypes.cdll.LoadLibrary
98
(ctypes.util.find_library("c"))
99
.if_nametoindex)
100
except (OSError, AttributeError):
101
def if_nametoindex(interface):
102
"Get an interface index the hard way, i.e. using fcntl()"
103
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
104
with contextlib.closing(socket.socket()) as s:
105
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
106
struct.pack(str("16s16x"),
107
interface))
108
interface_index = struct.unpack(str("I"),
109
ifreq[16:20])[0]
110
return interface_index
111
112
113
def initlogger(debug, level=logging.WARNING):
114
"""init logger and add loglevel"""
115
116
syslogger.setFormatter(logging.Formatter
117
('Mandos [%(process)d]: %(levelname)s:'
118
' %(message)s'))
119
logger.addHandler(syslogger)
120
121
if debug:
122
console = logging.StreamHandler()
123
console.setFormatter(logging.Formatter('%(asctime)s %(name)s'
124
' [%(process)d]:'
125
' %(levelname)s:'
126
' %(message)s'))
127
logger.addHandler(console)
128
logger.setLevel(level)
129
130
131
class PGPError(Exception):
132
"""Exception if encryption/decryption fails"""
133
pass
134
135
136
class PGPEngine(object):
137
"""A simple class for OpenPGP symmetric encryption & decryption"""
138
def __init__(self):
139
self.gnupg = GnuPGInterface.GnuPG()
140
self.tempdir = tempfile.mkdtemp(prefix="mandos-")
141
self.gnupg = GnuPGInterface.GnuPG()
142
self.gnupg.options.meta_interactive = False
143
self.gnupg.options.homedir = self.tempdir
144
self.gnupg.options.extra_args.extend(['--force-mdc',
145
'--quiet',
146
'--no-use-agent'])
147
148
def __enter__(self):
149
return self
150
151
def __exit__ (self, exc_type, exc_value, traceback):
152
self._cleanup()
153
return False
154
155
def __del__(self):
156
self._cleanup()
157
158
def _cleanup(self):
159
if self.tempdir is not None:
160
# Delete contents of tempdir
161
for root, dirs, files in os.walk(self.tempdir,
162
topdown = False):
163
for filename in files:
164
os.remove(os.path.join(root, filename))
165
for dirname in dirs:
166
os.rmdir(os.path.join(root, dirname))
167
# Remove tempdir
168
os.rmdir(self.tempdir)
169
self.tempdir = None
170
171
def password_encode(self, password):
172
# Passphrase can not be empty and can not contain newlines or
173
# NUL bytes. So we prefix it and hex encode it.
174
return b"mandos" + binascii.hexlify(password)
175
176
def encrypt(self, data, password):
177
self.gnupg.passphrase = self.password_encode(password)
178
with open(os.devnull) as devnull:
179
try:
180
proc = self.gnupg.run(['--symmetric'],
181
create_fhs=['stdin', 'stdout'],
182
attach_fhs={'stderr': devnull})
183
with contextlib.closing(proc.handles['stdin']) as f:
184
f.write(data)
185
with contextlib.closing(proc.handles['stdout']) as f:
186
ciphertext = f.read()
187
proc.wait()
188
except IOError as e:
189
raise PGPError(e)
190
self.gnupg.passphrase = None
191
return ciphertext
192
193
def decrypt(self, data, password):
194
self.gnupg.passphrase = self.password_encode(password)
195
with open(os.devnull) as devnull:
196
try:
197
proc = self.gnupg.run(['--decrypt'],
198
create_fhs=['stdin', 'stdout'],
199
attach_fhs={'stderr': devnull})
200
with contextlib.closing(proc.handles['stdin'] ) as f:
201
f.write(data)
202
with contextlib.closing(proc.handles['stdout']) as f:
203
decrypted_plaintext = f.read()
204
proc.wait()
205
except IOError as e:
206
raise PGPError(e)
207
self.gnupg.passphrase = None
208
return decrypted_plaintext
209
210
83
211
84
212
class AvahiError(Exception):
85
def __init__(self, value):
213
def __init__(self, value, *args, **kwargs):
86
214
self.value = value
87
super(AvahiError, self).__init__()
88
def __str__(self):
89
return repr(self.value)
215
super(AvahiError, self).__init__(value, *args, **kwargs)
216
def __unicode__(self):
217
return unicode(repr(self.value))
90
218
91
219
class AvahiServiceError(AvahiError):
92
220
pass
97
225
98
226
class AvahiService(object):
99
227
"""An Avahi (Zeroconf) service.
228
100
229
Attributes:
101
230
interface: integer; avahi.IF_UNSPEC or an interface index.
102
231
Used to optionally bind to the specified interface.
110
239
max_renames: integer; maximum number of renames
111
240
rename_count: integer; counter so we only rename after collisions
112
241
a sensible number of times
242
group: D-Bus Entry Group
243
server: D-Bus Server
244
bus: dbus.SystemBus()
113
245
"""
114
246
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
115
247
servicetype = None, port = None, TXT = None,
116
domain = "", host = "", max_renames = 32768):
248
domain = "", host = "", max_renames = 32768,
249
protocol = avahi.PROTO_UNSPEC, bus = None):
117
250
self.interface = interface
118
251
self.name = name
119
252
self.type = servicetype
123
256
self.host = host
124
257
self.rename_count = 0
125
258
self.max_renames = max_renames
259
self.protocol = protocol
260
self.group = None # our entry group
261
self.server = None
262
self.bus = bus
263
self.entry_group_state_changed_match = None
126
264
def rename(self):
127
265
"""Derived from the Avahi example code"""
128
266
if self.rename_count >= self.max_renames:
129
logger.critical(u"No suitable Zeroconf service name found"
130
u" after %i retries, exiting.",
267
logger.critical("No suitable Zeroconf service name found"
268
" after %i retries, exiting.",
131
269
self.rename_count)
132
270
raise AvahiServiceError("Too many renames")
133
self.name = server.GetAlternativeServiceName(self.name)
134
logger.info(u"Changing Zeroconf service name to %r ...",
135
str(self.name))
136
syslogger.setFormatter(logging.Formatter
137
('Mandos (%s): %%(levelname)s:'
138
' %%(message)s' % self.name))
271
self.name = unicode(self.server
272
.GetAlternativeServiceName(self.name))
273
logger.info("Changing Zeroconf service name to %r ...",
274
self.name)
139
275
self.remove()
140
self.add()
276
try:
277
self.add()
278
except dbus.exceptions.DBusException as error:
279
logger.critical("DBusException: %s", error)
280
self.cleanup()
281
os._exit(1)
141
282
self.rename_count += 1
142
283
def remove(self):
143
284
"""Derived from the Avahi example code"""
144
if group is not None:
145
group.Reset()
285
if self.entry_group_state_changed_match is not None:
286
self.entry_group_state_changed_match.remove()
287
self.entry_group_state_changed_match = None
288
if self.group is not None:
289
self.group.Reset()
146
290
def add(self):
147
291
"""Derived from the Avahi example code"""
148
global group
149
if group is None:
150
group = dbus.Interface(bus.get_object
151
(avahi.DBUS_NAME,
152
server.EntryGroupNew()),
153
avahi.DBUS_INTERFACE_ENTRY_GROUP)
154
group.connect_to_signal('StateChanged',
155
entry_group_state_changed)
156
logger.debug(u"Adding Zeroconf service '%s' of type '%s' ...",
157
service.name, service.type)
158
group.AddService(
159
self.interface, # interface
160
avahi.PROTO_INET6, # protocol
161
dbus.UInt32(0), # flags
162
self.name, self.type,
163
self.domain, self.host,
164
dbus.UInt16(self.port),
165
avahi.string_array_to_txt_array(self.TXT))
166
group.Commit()
167
168
# From the Avahi example code:
169
group = None # our entry group
170
# End of Avahi example code
171
172
173
class Client(dbus.service.Object):
292
self.remove()
293
if self.group is None:
294
self.group = dbus.Interface(
295
self.bus.get_object(avahi.DBUS_NAME,
296
self.server.EntryGroupNew()),
297
avahi.DBUS_INTERFACE_ENTRY_GROUP)
298
self.entry_group_state_changed_match = (
299
self.group.connect_to_signal(
300
'StateChanged', self.entry_group_state_changed))
301
logger.debug("Adding Zeroconf service '%s' of type '%s' ...",
302
self.name, self.type)
303
self.group.AddService(
304
self.interface,
305
self.protocol,
306
dbus.UInt32(0), # flags
307
self.name, self.type,
308
self.domain, self.host,
309
dbus.UInt16(self.port),
310
avahi.string_array_to_txt_array(self.TXT))
311
self.group.Commit()
312
def entry_group_state_changed(self, state, error):
313
"""Derived from the Avahi example code"""
314
logger.debug("Avahi entry group state change: %i", state)
315
316
if state == avahi.ENTRY_GROUP_ESTABLISHED:
317
logger.debug("Zeroconf service established.")
318
elif state == avahi.ENTRY_GROUP_COLLISION:
319
logger.info("Zeroconf service name collision.")
320
self.rename()
321
elif state == avahi.ENTRY_GROUP_FAILURE:
322
logger.critical("Avahi: Error in group state changed %s",
323
unicode(error))
324
raise AvahiGroupError("State changed: %s"
325
% unicode(error))
326
def cleanup(self):
327
"""Derived from the Avahi example code"""
328
if self.group is not None:
329
try:
330
self.group.Free()
331
except (dbus.exceptions.UnknownMethodException,
332
dbus.exceptions.DBusException):
333
pass
334
self.group = None
335
self.remove()
336
def server_state_changed(self, state, error=None):
337
"""Derived from the Avahi example code"""
338
logger.debug("Avahi server state change: %i", state)
339
bad_states = { avahi.SERVER_INVALID:
340
"Zeroconf server invalid",
341
avahi.SERVER_REGISTERING: None,
342
avahi.SERVER_COLLISION:
343
"Zeroconf server name collision",
344
avahi.SERVER_FAILURE:
345
"Zeroconf server failure" }
346
if state in bad_states:
347
if bad_states[state] is not None:
348
if error is None:
349
logger.error(bad_states[state])
350
else:
351
logger.error(bad_states[state] + ": %r", error)
352
self.cleanup()
353
elif state == avahi.SERVER_RUNNING:
354
self.add()
355
else:
356
if error is None:
357
logger.debug("Unknown state: %r", state)
358
else:
359
logger.debug("Unknown state: %r: %r", state, error)
360
def activate(self):
361
"""Derived from the Avahi example code"""
362
if self.server is None:
363
self.server = dbus.Interface(
364
self.bus.get_object(avahi.DBUS_NAME,
365
avahi.DBUS_PATH_SERVER,
366
follow_name_owner_changes=True),
367
avahi.DBUS_INTERFACE_SERVER)
368
self.server.connect_to_signal("StateChanged",
369
self.server_state_changed)
370
self.server_state_changed(self.server.GetState())
371
372
class AvahiServiceToSyslog(AvahiService):
373
def rename(self):
374
"""Add the new name to the syslog messages"""
375
ret = AvahiService.rename(self)
376
syslogger.setFormatter(logging.Formatter
377
('Mandos (%s) [%%(process)d]:'
378
' %%(levelname)s: %%(message)s'
379
% self.name))
380
return ret
381
382
def timedelta_to_milliseconds(td):
383
"Convert a datetime.timedelta() to milliseconds"
384
return ((td.days * 24 * 60 * 60 * 1000)
385
+ (td.seconds * 1000)
386
+ (td.microseconds // 1000))
387
388
class Client(object):
174
389
"""A representation of a client host served by this server.
390
175
391
Attributes:
176
name: string; from the config file, used in log messages
392
approved: bool(); 'None' if not yet approved/disapproved
393
approval_delay: datetime.timedelta(); Time to wait for approval
394
approval_duration: datetime.timedelta(); Duration of one approval
395
checker: subprocess.Popen(); a running checker process used
396
to see if the client lives.
397
'None' if no process is running.
398
checker_callback_tag: a gobject event source tag, or None
399
checker_command: string; External command which is run to check
400
if client lives. %() expansions are done at
401
runtime with vars(self) as dict, so that for
402
instance %(name)s can be used in the command.
403
checker_initiator_tag: a gobject event source tag, or None
404
created: datetime.datetime(); (UTC) object creation
405
client_structure: Object describing what attributes a client has
406
and is used for storing the client at exit
407
current_checker_command: string; current running checker_command
408
disable_initiator_tag: a gobject event source tag, or None
409
enabled: bool()
177
410
fingerprint: string (40 or 32 hexadecimal digits); used to
178
411
uniquely identify the client
179
secret: bytestring; sent verbatim (over TLS) to client
180
host: string; available for use by the checker command
181
created: datetime.datetime(); (UTC) object creation
182
started: datetime.datetime(); (UTC) last started
412
host: string; available for use by the checker command
413
interval: datetime.timedelta(); How often to start a new checker
414
last_approval_request: datetime.datetime(); (UTC) or None
183
415
last_checked_ok: datetime.datetime(); (UTC) or None
184
timeout: datetime.timedelta(); How long from last_checked_ok
185
until this client is invalid
186
interval: datetime.timedelta(); How often to start a new checker
187
stop_hook: If set, called by stop() as stop_hook(self)
188
checker: subprocess.Popen(); a running checker process used
189
to see if the client lives.
190
'None' if no process is running.
191
checker_initiator_tag: a gobject event source tag, or None
192
stop_initiator_tag: - '' -
193
checker_callback_tag: - '' -
194
checker_command: string; External command which is run to check if
195
client lives. %() expansions are done at
196
runtime with vars(self) as dict, so that for
197
instance %(name)s can be used in the command.
198
Private attibutes:
199
_timeout: Real variable for 'timeout'
200
_interval: Real variable for 'interval'
201
_timeout_milliseconds: Used when calling gobject.timeout_add()
202
_interval_milliseconds: - '' -
416
last_checker_status: integer between 0 and 255 reflecting exit
417
status of last checker. -1 reflects crashed
418
checker, -2 means no checker completed yet.
419
last_enabled: datetime.datetime(); (UTC) or None
420
name: string; from the config file, used in log messages and
421
D-Bus identifiers
422
secret: bytestring; sent verbatim (over TLS) to client
423
timeout: datetime.timedelta(); How long from last_checked_ok
424
until this client is disabled
425
extended_timeout: extra long timeout when secret has been sent
426
runtime_expansions: Allowed attributes for runtime expansion.
427
expires: datetime.datetime(); time (UTC) when a client will be
428
disabled, or None
203
429
"""
204
def _set_timeout(self, timeout):
205
"Setter function for the 'timeout' attribute"
206
self._timeout = timeout
207
self._timeout_milliseconds = ((self.timeout.days
208
* 24 * 60 * 60 * 1000)
209
+ (self.timeout.seconds * 1000)
210
+ (self.timeout.microseconds
211
// 1000))
212
# Emit D-Bus signal
213
self.TimeoutChanged(self._timeout_milliseconds)
214
timeout = property(lambda self: self._timeout, _set_timeout)
215
del _set_timeout
216
217
def _set_interval(self, interval):
218
"Setter function for the 'interval' attribute"
219
self._interval = interval
220
self._interval_milliseconds = ((self.interval.days
221
* 24 * 60 * 60 * 1000)
222
+ (self.interval.seconds
223
* 1000)
224
+ (self.interval.microseconds
225
// 1000))
226
# Emit D-Bus signal
227
self.IntervalChanged(self._interval_milliseconds)
228
interval = property(lambda self: self._interval, _set_interval)
229
del _set_interval
230
231
def __init__(self, name = None, stop_hook=None, config=None):
430
431
runtime_expansions = ("approval_delay", "approval_duration",
432
"created", "enabled", "fingerprint",
433
"host", "interval", "last_checked_ok",
434
"last_enabled", "name", "timeout")
435
client_defaults = { "timeout": "5m",
436
"extended_timeout": "15m",
437
"interval": "2m",
438
"checker": "fping -q -- %%(host)s",
439
"host": "",
440
"approval_delay": "0s",
441
"approval_duration": "1s",
442
"approved_by_default": "True",
443
"enabled": "True",
444
}
445
446
def timeout_milliseconds(self):
447
"Return the 'timeout' attribute in milliseconds"
448
return timedelta_to_milliseconds(self.timeout)
449
450
def extended_timeout_milliseconds(self):
451
"Return the 'extended_timeout' attribute in milliseconds"
452
return timedelta_to_milliseconds(self.extended_timeout)
453
454
def interval_milliseconds(self):
455
"Return the 'interval' attribute in milliseconds"
456
return timedelta_to_milliseconds(self.interval)
457
458
def approval_delay_milliseconds(self):
459
return timedelta_to_milliseconds(self.approval_delay)
460
461
@staticmethod
462
def config_parser(config):
463
"""Construct a new dict of client settings of this form:
464
{ client_name: {setting_name: value, ...}, ...}
465
with exceptions for any special settings as defined above.
466
NOTE: Must be a pure function. Must return the same result
467
value given the same arguments.
468
"""
469
settings = {}
470
for client_name in config.sections():
471
section = dict(config.items(client_name))
472
client = settings[client_name] = {}
473
474
client["host"] = section["host"]
475
# Reformat values from string types to Python types
476
client["approved_by_default"] = config.getboolean(
477
client_name, "approved_by_default")
478
client["enabled"] = config.getboolean(client_name,
479
"enabled")
480
481
client["fingerprint"] = (section["fingerprint"].upper()
482
.replace(" ", ""))
483
if "secret" in section:
484
client["secret"] = section["secret"].decode("base64")
485
elif "secfile" in section:
486
with open(os.path.expanduser(os.path.expandvars
487
(section["secfile"])),
488
"rb") as secfile:
489
client["secret"] = secfile.read()
490
else:
491
raise TypeError("No secret or secfile for section %s"
492
% section)
493
client["timeout"] = string_to_delta(section["timeout"])
494
client["extended_timeout"] = string_to_delta(
495
section["extended_timeout"])
496
client["interval"] = string_to_delta(section["interval"])
497
client["approval_delay"] = string_to_delta(
498
section["approval_delay"])
499
client["approval_duration"] = string_to_delta(
500
section["approval_duration"])
501
client["checker_command"] = section["checker"]
502
client["last_approval_request"] = None
503
client["last_checked_ok"] = None
504
client["last_checker_status"] = -2
505
506
return settings
507
508
509
def __init__(self, settings, name = None):
232
510
"""Note: the 'checker' key in 'config' sets the
233
511
'checker_command' attribute and *not* the 'checker'
234
512
attribute."""
235
dbus.service.Object.__init__(self, bus,
236
"/Mandos/clients/%s"
237
% name.replace(".", "_"))
238
if config is None:
239
config = {}
240
513
self.name = name
241
logger.debug(u"Creating client %r", self.name)
514
# adding all client settings
515
for setting, value in settings.iteritems():
516
setattr(self, setting, value)
517
518
if self.enabled:
519
if not hasattr(self, "last_enabled"):
520
self.last_enabled = datetime.datetime.utcnow()
521
if not hasattr(self, "expires"):
522
self.expires = (datetime.datetime.utcnow()
523
+ self.timeout)
524
else:
525
self.last_enabled = None
526
self.expires = None
527
528
logger.debug("Creating client %r", self.name)
242
529
# Uppercase and remove spaces from fingerprint for later
243
530
# comparison purposes with return value from the fingerprint()
244
531
# function
245
self.fingerprint = (config["fingerprint"].upper()
246
.replace(u" ", u""))
247
logger.debug(u" Fingerprint: %s", self.fingerprint)
248
if "secret" in config:
249
self.secret = config["secret"].decode(u"base64")
250
elif "secfile" in config:
251
with closing(open(os.path.expanduser
252
(os.path.expandvars
253
(config["secfile"])))) as secfile:
254
self.secret = secfile.read()
255
else:
256
raise TypeError(u"No secret or secfile for client %s"
257
% self.name)
258
self.host = config.get("host", "")
259
self.created = datetime.datetime.utcnow()
260
self.started = None
261
self.last_checked_ok = None
262
self.timeout = string_to_delta(config["timeout"])
263
self.interval = string_to_delta(config["interval"])
264
self.stop_hook = stop_hook
532
logger.debug(" Fingerprint: %s", self.fingerprint)
533
self.created = settings.get("created",
534
datetime.datetime.utcnow())
535
536
# attributes specific for this server instance
265
537
self.checker = None
266
538
self.checker_initiator_tag = None
267
self.stop_initiator_tag = None
539
self.disable_initiator_tag = None
268
540
self.checker_callback_tag = None
269
self.check_command = config["checker"]
270
271
def start(self):
541
self.current_checker_command = None
542
self.approved = None
543
self.approvals_pending = 0
544
self.changedstate = (multiprocessing_manager
545
.Condition(multiprocessing_manager
546
.Lock()))
547
self.client_structure = [attr for attr in
548
self.__dict__.iterkeys()
549
if not attr.startswith("_")]
550
self.client_structure.append("client_structure")
551
552
for name, t in inspect.getmembers(type(self),
553
lambda obj:
554
isinstance(obj,
555
property)):
556
if not name.startswith("_"):
557
self.client_structure.append(name)
558
559
# Send notice to process children that client state has changed
560
def send_changedstate(self):
561
with self.changedstate:
562
self.changedstate.notify_all()
563
564
def enable(self):
272
565
"""Start this client's checker and timeout hooks"""
273
self.started = datetime.datetime.utcnow()
566
if getattr(self, "enabled", False):
567
# Already enabled
568
return
569
self.send_changedstate()
570
self.expires = datetime.datetime.utcnow() + self.timeout
571
self.enabled = True
572
self.last_enabled = datetime.datetime.utcnow()
573
self.init_checker()
574
575
def disable(self, quiet=True):
576
"""Disable this client."""
577
if not getattr(self, "enabled", False):
578
return False
579
if not quiet:
580
self.send_changedstate()
581
if not quiet:
582
logger.info("Disabling client %s", self.name)
583
if getattr(self, "disable_initiator_tag", False):
584
gobject.source_remove(self.disable_initiator_tag)
585
self.disable_initiator_tag = None
586
self.expires = None
587
if getattr(self, "checker_initiator_tag", False):
588
gobject.source_remove(self.checker_initiator_tag)
589
self.checker_initiator_tag = None
590
self.stop_checker()
591
self.enabled = False
592
# Do not run this again if called by a gobject.timeout_add
593
return False
594
595
def __del__(self):
596
self.disable()
597
598
def init_checker(self):
274
599
# Schedule a new checker to be started an 'interval' from now,
275
600
# and every interval from then on.
276
601
self.checker_initiator_tag = (gobject.timeout_add
277
(self._interval_milliseconds,
602
(self.interval_milliseconds(),
278
603
self.start_checker))
604
# Schedule a disable() when 'timeout' has passed
605
self.disable_initiator_tag = (gobject.timeout_add
606
(self.timeout_milliseconds(),
607
self.disable))
279
608
# Also start a new checker *right now*.
280
609
self.start_checker()
281
# Schedule a stop() when 'timeout' has passed
282
self.stop_initiator_tag = (gobject.timeout_add
283
(self._timeout_milliseconds,
284
self.stop))
285
# Emit D-Bus signal
286
self.StateChanged(True)
287
288
def stop(self):
289
"""Stop this client."""
290
if getattr(self, "started", None) is not None:
291
logger.info(u"Stopping client %s", self.name)
292
else:
293
return False
294
if getattr(self, "stop_initiator_tag", False):
295
gobject.source_remove(self.stop_initiator_tag)
296
self.stop_initiator_tag = None
297
if getattr(self, "checker_initiator_tag", False):
298
gobject.source_remove(self.checker_initiator_tag)
299
self.checker_initiator_tag = None
300
self.stop_checker()
301
if self.stop_hook:
302
self.stop_hook(self)
303
self.started = None
304
# Emit D-Bus signal
305
self.StateChanged(False)
306
# Do not run this again if called by a gobject.timeout_add
307
return False
308
309
def __del__(self):
310
self.stop_hook = None
311
self.stop()
312
313
def checker_callback(self, pid, condition):
610
611
def checker_callback(self, pid, condition, command):
314
612
"""The checker has completed, so take appropriate actions."""
315
613
self.checker_callback_tag = None
316
614
self.checker = None
317
if (os.WIFEXITED(condition)
318
and (os.WEXITSTATUS(condition) == 0)):
319
logger.info(u"Checker for %(name)s succeeded",
320
vars(self))
321
# Emit D-Bus signal
322
self.CheckerCompleted(True)
323
self.bump_timeout()
324
elif not os.WIFEXITED(condition):
325
logger.warning(u"Checker for %(name)s crashed?",
615
if os.WIFEXITED(condition):
616
self.last_checker_status = os.WEXITSTATUS(condition)
617
if self.last_checker_status == 0:
618
logger.info("Checker for %(name)s succeeded",
619
vars(self))
620
self.checked_ok()
621
else:
622
logger.info("Checker for %(name)s failed",
623
vars(self))
624
else:
625
self.last_checker_status = -1
626
logger.warning("Checker for %(name)s crashed?",
326
627
vars(self))
327
# Emit D-Bus signal
328
self.CheckerCompleted(False)
329
else:
330
logger.info(u"Checker for %(name)s failed",
331
vars(self))
332
# Emit D-Bus signal
333
self.CheckerCompleted(False)
334
628
335
def bump_timeout(self):
336
"""Bump up the timeout for this client.
337
This should only be called when the client has been seen,
338
alive and well.
339
"""
629
def checked_ok(self):
630
"""Assert that the client has been seen, alive and well."""
340
631
self.last_checked_ok = datetime.datetime.utcnow()
341
gobject.source_remove(self.stop_initiator_tag)
342
self.stop_initiator_tag = (gobject.timeout_add
343
(self._timeout_milliseconds,
344
self.stop))
632
self.last_checker_status = 0
633
self.bump_timeout()
634
635
def bump_timeout(self, timeout=None):
636
"""Bump up the timeout for this client."""
637
if timeout is None:
638
timeout = self.timeout
639
if self.disable_initiator_tag is not None:
640
gobject.source_remove(self.disable_initiator_tag)
641
if getattr(self, "enabled", False):
642
self.disable_initiator_tag = (gobject.timeout_add
643
(timedelta_to_milliseconds
644
(timeout), self.disable))
645
self.expires = datetime.datetime.utcnow() + timeout
646
647
def need_approval(self):
648
self.last_approval_request = datetime.datetime.utcnow()
345
649
346
650
def start_checker(self):
347
651
"""Start a new checker subprocess if one is not running.
652
348
653
If a checker already exists, leave it running and do
349
654
nothing."""
350
655
# The reason for not killing a running checker is that if we
353
658
# client would inevitably timeout, since no checker would get
354
659
# a chance to run to completion. If we instead leave running
355
660
# checkers alone, the checker would have to take more time
356
# than 'timeout' for the client to be declared invalid, which
357
# is as it should be.
661
# than 'timeout' for the client to be disabled, which is as it
662
# should be.
663
664
# If a checker exists, make sure it is not a zombie
665
try:
666
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
667
except (AttributeError, OSError) as error:
668
if (isinstance(error, OSError)
669
and error.errno != errno.ECHILD):
670
raise error
671
else:
672
if pid:
673
logger.warning("Checker was a zombie")
674
gobject.source_remove(self.checker_callback_tag)
675
self.checker_callback(pid, status,
676
self.current_checker_command)
677
# Start a new checker if needed
358
678
if self.checker is None:
359
679
try:
360
# In case check_command has exactly one % operator
361
command = self.check_command % self.host
680
# In case checker_command has exactly one % operator
681
command = self.checker_command % self.host
362
682
except TypeError:
363
683
# Escape attributes for the shell
364
escaped_attrs = dict((key, re.escape(str(val)))
365
for key, val in
366
vars(self).iteritems())
684
escaped_attrs = dict(
685
(attr,
686
re.escape(unicode(str(getattr(self, attr, "")),
687
errors=
688
'replace')))
689
for attr in
690
self.runtime_expansions)
691
367
692
try:
368
command = self.check_command % escaped_attrs
369
except TypeError, error:
370
logger.error(u'Could not format string "%s":'
371
u' %s', self.check_command, error)
693
command = self.checker_command % escaped_attrs
694
except TypeError as error:
695
logger.error('Could not format string "%s":'
696
' %s', self.checker_command, error)
372
697
return True # Try again later
698
self.current_checker_command = command
373
699
try:
374
logger.info(u"Starting checker %r for %s",
700
logger.info("Starting checker %r for %s",
375
701
command, self.name)
376
702
# We don't need to redirect stdout and stderr, since
377
703
# in normal mode, that is already done by daemon(),
382
708
shell=True, cwd="/")
383
709
self.checker_callback_tag = (gobject.child_watch_add
384
710
(self.checker.pid,
385
self.checker_callback))
386
# Emit D-Bus signal
387
self.CheckerStarted(command)
388
except OSError, error:
389
logger.error(u"Failed to start subprocess: %s",
711
self.checker_callback,
712
data=command))
713
# The checker may have completed before the gobject
714
# watch was added. Check for this.
715
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
716
if pid:
717
gobject.source_remove(self.checker_callback_tag)
718
self.checker_callback(pid, status, command)
719
except OSError as error:
720
logger.error("Failed to start subprocess: %s",
390
721
error)
391
722
# Re-run this periodically if run by gobject.timeout_add
392
723
return True
398
729
self.checker_callback_tag = None
399
730
if getattr(self, "checker", None) is None:
400
731
return
401
logger.debug(u"Stopping checker for %(name)s", vars(self))
732
logger.debug("Stopping checker for %(name)s", vars(self))
402
733
try:
403
734
os.kill(self.checker.pid, signal.SIGTERM)
404
#os.sleep(0.5)
735
#time.sleep(0.5)
405
736
#if self.checker.poll() is None:
406
737
# os.kill(self.checker.pid, signal.SIGKILL)
407
except OSError, error:
738
except OSError as error:
408
739
if error.errno != errno.ESRCH: # No such process
409
740
raise
410
741
self.checker = None
411
412
def still_valid(self):
413
"""Has the timeout not yet passed for this client?"""
414
if not self.started:
415
return False
416
now = datetime.datetime.utcnow()
417
if self.last_checked_ok is None:
418
return now < (self.created + self.timeout)
419
else:
420
return now < (self.last_checked_ok + self.timeout)
421
422
## D-Bus methods & signals
423
_interface = u"org.mandos_system.Mandos.Client"
424
425
def _datetime_to_dbus_struct(dt):
426
return dbus.Struct(dt.year, dt.month, dt.day, dt.hour,
427
dt.minute, dt.second, dt.microsecond,
428
signature="nyyyyyu")
429
430
# BumpTimeout - method
431
BumpTimeout = dbus.service.method(_interface)(bump_timeout)
432
BumpTimeout.__name__ = "BumpTimeout"
433
434
# IntervalChanged - signal
435
@dbus.service.signal(_interface, signature="t")
436
def IntervalChanged(self, t):
437
"D-Bus signal"
438
pass
742
743
744
def dbus_service_property(dbus_interface, signature="v",
745
access="readwrite", byte_arrays=False):
746
"""Decorators for marking methods of a DBusObjectWithProperties to
747
become properties on the D-Bus.
748
749
The decorated method will be called with no arguments by "Get"
750
and with one argument by "Set".
751
752
The parameters, where they are supported, are the same as
753
dbus.service.method, except there is only "signature", since the
754
type from Get() and the type sent to Set() is the same.
755
"""
756
# Encoding deeply encoded byte arrays is not supported yet by the
757
# "Set" method, so we fail early here:
758
if byte_arrays and signature != "ay":
759
raise ValueError("Byte arrays not supported for non-'ay'"
760
" signature %r" % signature)
761
def decorator(func):
762
func._dbus_is_property = True
763
func._dbus_interface = dbus_interface
764
func._dbus_signature = signature
765
func._dbus_access = access
766
func._dbus_name = func.__name__
767
if func._dbus_name.endswith("_dbus_property"):
768
func._dbus_name = func._dbus_name[:-14]
769
func._dbus_get_args_options = {'byte_arrays': byte_arrays }
770
return func
771
return decorator
772
773
774
class DBusPropertyException(dbus.exceptions.DBusException):
775
"""A base class for D-Bus property-related exceptions
776
"""
777
def __unicode__(self):
778
return unicode(str(self))
779
780
781
class DBusPropertyAccessException(DBusPropertyException):
782
"""A property's access permissions disallows an operation.
783
"""
784
pass
785
786
787
class DBusPropertyNotFound(DBusPropertyException):
788
"""An attempt was made to access a non-existing property.
789
"""
790
pass
791
792
793
class DBusObjectWithProperties(dbus.service.Object):
794
"""A D-Bus object with properties.
795
796
Classes inheriting from this can use the dbus_service_property
797
decorator to expose methods as D-Bus properties. It exposes the
798
standard Get(), Set(), and GetAll() methods on the D-Bus.
799
"""
800
801
@staticmethod
802
def _is_dbus_property(obj):
803
return getattr(obj, "_dbus_is_property", False)
804
805
def _get_all_dbus_properties(self):
806
"""Returns a generator of (name, attribute) pairs
807
"""
808
return ((prop.__get__(self)._dbus_name, prop.__get__(self))
809
for cls in self.__class__.__mro__
810
for name, prop in
811
inspect.getmembers(cls, self._is_dbus_property))
812
813
def _get_dbus_property(self, interface_name, property_name):
814
"""Returns a bound method if one exists which is a D-Bus
815
property with the specified name and interface.
816
"""
817
for cls in self.__class__.__mro__:
818
for name, value in (inspect.getmembers
819
(cls, self._is_dbus_property)):
820
if (value._dbus_name == property_name
821
and value._dbus_interface == interface_name):
822
return value.__get__(self)
823
824
# No such property
825
raise DBusPropertyNotFound(self.dbus_object_path + ":"
826
+ interface_name + "."
827
+ property_name)
828
829
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ss",
830
out_signature="v")
831
def Get(self, interface_name, property_name):
832
"""Standard D-Bus property Get() method, see D-Bus standard.
833
"""
834
prop = self._get_dbus_property(interface_name, property_name)
835
if prop._dbus_access == "write":
836
raise DBusPropertyAccessException(property_name)
837
value = prop()
838
if not hasattr(value, "variant_level"):
839
return value
840
return type(value)(value, variant_level=value.variant_level+1)
841
842
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ssv")
843
def Set(self, interface_name, property_name, value):
844
"""Standard D-Bus property Set() method, see D-Bus standard.
845
"""
846
prop = self._get_dbus_property(interface_name, property_name)
847
if prop._dbus_access == "read":
848
raise DBusPropertyAccessException(property_name)
849
if prop._dbus_get_args_options["byte_arrays"]:
850
# The byte_arrays option is not supported yet on
851
# signatures other than "ay".
852
if prop._dbus_signature != "ay":
853
raise ValueError
854
value = dbus.ByteArray(b''.join(chr(byte)
855
for byte in value))
856
prop(value)
857
858
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="s",
859
out_signature="a{sv}")
860
def GetAll(self, interface_name):
861
"""Standard D-Bus property GetAll() method, see D-Bus
862
standard.
863
864
Note: Will not include properties with access="write".
865
"""
866
properties = {}
867
for name, prop in self._get_all_dbus_properties():
868
if (interface_name
869
and interface_name != prop._dbus_interface):
870
# Interface non-empty but did not match
871
continue
872
# Ignore write-only properties
873
if prop._dbus_access == "write":
874
continue
875
value = prop()
876
if not hasattr(value, "variant_level"):
877
properties[name] = value
878
continue
879
properties[name] = type(value)(value, variant_level=
880
value.variant_level+1)
881
return dbus.Dictionary(properties, signature="sv")
882
883
@dbus.service.method(dbus.INTROSPECTABLE_IFACE,
884
out_signature="s",
885
path_keyword='object_path',
886
connection_keyword='connection')
887
def Introspect(self, object_path, connection):
888
"""Standard D-Bus method, overloaded to insert property tags.
889
"""
890
xmlstring = dbus.service.Object.Introspect(self, object_path,
891
connection)
892
try:
893
document = xml.dom.minidom.parseString(xmlstring)
894
def make_tag(document, name, prop):
895
e = document.createElement("property")
896
e.setAttribute("name", name)
897
e.setAttribute("type", prop._dbus_signature)
898
e.setAttribute("access", prop._dbus_access)
899
return e
900
for if_tag in document.getElementsByTagName("interface"):
901
for tag in (make_tag(document, name, prop)
902
for name, prop
903
in self._get_all_dbus_properties()
904
if prop._dbus_interface
905
== if_tag.getAttribute("name")):
906
if_tag.appendChild(tag)
907
# Add the names to the return values for the
908
# "org.freedesktop.DBus.Properties" methods
909
if (if_tag.getAttribute("name")
910
== "org.freedesktop.DBus.Properties"):
911
for cn in if_tag.getElementsByTagName("method"):
912
if cn.getAttribute("name") == "Get":
913
for arg in cn.getElementsByTagName("arg"):
914
if (arg.getAttribute("direction")
915
== "out"):
916
arg.setAttribute("name", "value")
917
elif cn.getAttribute("name") == "GetAll":
918
for arg in cn.getElementsByTagName("arg"):
919
if (arg.getAttribute("direction")
920
== "out"):
921
arg.setAttribute("name", "props")
922
xmlstring = document.toxml("utf-8")
923
document.unlink()
924
except (AttributeError, xml.dom.DOMException,
925
xml.parsers.expat.ExpatError) as error:
926
logger.error("Failed to override Introspection method",
927
error)
928
return xmlstring
929
930
931
def datetime_to_dbus (dt, variant_level=0):
932
"""Convert a UTC datetime.datetime() to a D-Bus type."""
933
if dt is None:
934
return dbus.String("", variant_level = variant_level)
935
return dbus.String(dt.isoformat(),
936
variant_level=variant_level)
937
938
939
class AlternateDBusNamesMetaclass(DBusObjectWithProperties
940
.__metaclass__):
941
"""Applied to an empty subclass of a D-Bus object, this metaclass
942
will add additional D-Bus attributes matching a certain pattern.
943
"""
944
def __new__(mcs, name, bases, attr):
945
# Go through all the base classes which could have D-Bus
946
# methods, signals, or properties in them
947
for base in (b for b in bases
948
if issubclass(b, dbus.service.Object)):
949
# Go though all attributes of the base class
950
for attrname, attribute in inspect.getmembers(base):
951
# Ignore non-D-Bus attributes, and D-Bus attributes
952
# with the wrong interface name
953
if (not hasattr(attribute, "_dbus_interface")
954
or not attribute._dbus_interface
955
.startswith("se.recompile.Mandos")):
956
continue
957
# Create an alternate D-Bus interface name based on
958
# the current name
959
alt_interface = (attribute._dbus_interface
960
.replace("se.recompile.Mandos",
961
"se.bsnet.fukt.Mandos"))
962
# Is this a D-Bus signal?
963
if getattr(attribute, "_dbus_is_signal", False):
964
# Extract the original non-method function by
965
# black magic
966
nonmethod_func = (dict(
967
zip(attribute.func_code.co_freevars,
968
attribute.__closure__))["func"]
969
.cell_contents)
970
# Create a new, but exactly alike, function
971
# object, and decorate it to be a new D-Bus signal
972
# with the alternate D-Bus interface name
973
new_function = (dbus.service.signal
974
(alt_interface,
975
attribute._dbus_signature)
976
(types.FunctionType(
977
nonmethod_func.func_code,
978
nonmethod_func.func_globals,
979
nonmethod_func.func_name,
980
nonmethod_func.func_defaults,
981
nonmethod_func.func_closure)))
982
# Define a creator of a function to call both the
983
# old and new functions, so both the old and new
984
# signals gets sent when the function is called
985
def fixscope(func1, func2):
986
"""This function is a scope container to pass
987
func1 and func2 to the "call_both" function
988
outside of its arguments"""
989
def call_both(*args, **kwargs):
990
"""This function will emit two D-Bus
991
signals by calling func1 and func2"""
992
func1(*args, **kwargs)
993
func2(*args, **kwargs)
994
return call_both
995
# Create the "call_both" function and add it to
996
# the class
997
attr[attrname] = fixscope(attribute,
998
new_function)
999
# Is this a D-Bus method?
1000
elif getattr(attribute, "_dbus_is_method", False):
1001
# Create a new, but exactly alike, function
1002
# object. Decorate it to be a new D-Bus method
1003
# with the alternate D-Bus interface name. Add it
1004
# to the class.
1005
attr[attrname] = (dbus.service.method
1006
(alt_interface,
1007
attribute._dbus_in_signature,
1008
attribute._dbus_out_signature)
1009
(types.FunctionType
1010
(attribute.func_code,
1011
attribute.func_globals,
1012
attribute.func_name,
1013
attribute.func_defaults,
1014
attribute.func_closure)))
1015
# Is this a D-Bus property?
1016
elif getattr(attribute, "_dbus_is_property", False):
1017
# Create a new, but exactly alike, function
1018
# object, and decorate it to be a new D-Bus
1019
# property with the alternate D-Bus interface
1020
# name. Add it to the class.
1021
attr[attrname] = (dbus_service_property
1022
(alt_interface,
1023
attribute._dbus_signature,
1024
attribute._dbus_access,
1025
attribute
1026
._dbus_get_args_options
1027
["byte_arrays"])
1028
(types.FunctionType
1029
(attribute.func_code,
1030
attribute.func_globals,
1031
attribute.func_name,
1032
attribute.func_defaults,
1033
attribute.func_closure)))
1034
return type.__new__(mcs, name, bases, attr)
1035
1036
1037
class ClientDBus(Client, DBusObjectWithProperties):
1038
"""A Client class using D-Bus
1039
1040
Attributes:
1041
dbus_object_path: dbus.ObjectPath
1042
bus: dbus.SystemBus()
1043
"""
1044
1045
runtime_expansions = (Client.runtime_expansions
1046
+ ("dbus_object_path",))
1047
1048
# dbus.service.Object doesn't use super(), so we can't either.
1049
1050
def __init__(self, bus = None, *args, **kwargs):
1051
self.bus = bus
1052
Client.__init__(self, *args, **kwargs)
1053
# Only now, when this client is initialized, can it show up on
1054
# the D-Bus
1055
client_object_name = unicode(self.name).translate(
1056
{ord("."): ord("_"),
1057
ord("-"): ord("_")})
1058
self.dbus_object_path = (dbus.ObjectPath
1059
("/clients/" + client_object_name))
1060
DBusObjectWithProperties.__init__(self, self.bus,
1061
self.dbus_object_path)
1062
1063
def notifychangeproperty(transform_func,
1064
dbus_name, type_func=lambda x: x,
1065
variant_level=1):
1066
""" Modify a variable so that it's a property which announces
1067
its changes to DBus.
1068
1069
transform_fun: Function that takes a value and a variant_level
1070
and transforms it to a D-Bus type.
1071
dbus_name: D-Bus name of the variable
1072
type_func: Function that transform the value before sending it
1073
to the D-Bus. Default: no transform
1074
variant_level: D-Bus variant level. Default: 1
1075
"""
1076
attrname = "_{0}".format(dbus_name)
1077
def setter(self, value):
1078
if hasattr(self, "dbus_object_path"):
1079
if (not hasattr(self, attrname) or
1080
type_func(getattr(self, attrname, None))
1081
!= type_func(value)):
1082
dbus_value = transform_func(type_func(value),
1083
variant_level
1084
=variant_level)
1085
self.PropertyChanged(dbus.String(dbus_name),
1086
dbus_value)
1087
setattr(self, attrname, value)
1088
1089
return property(lambda self: getattr(self, attrname), setter)
1090
1091
1092
expires = notifychangeproperty(datetime_to_dbus, "Expires")
1093
approvals_pending = notifychangeproperty(dbus.Boolean,
1094
"ApprovalPending",
1095
type_func = bool)
1096
enabled = notifychangeproperty(dbus.Boolean, "Enabled")
1097
last_enabled = notifychangeproperty(datetime_to_dbus,
1098
"LastEnabled")
1099
checker = notifychangeproperty(dbus.Boolean, "CheckerRunning",
1100
type_func = lambda checker:
1101
checker is not None)
1102
last_checked_ok = notifychangeproperty(datetime_to_dbus,
1103
"LastCheckedOK")
1104
last_checker_status = notifychangeproperty(dbus.Int16,
1105
"LastCheckerStatus")
1106
last_approval_request = notifychangeproperty(
1107
datetime_to_dbus, "LastApprovalRequest")
1108
approved_by_default = notifychangeproperty(dbus.Boolean,
1109
"ApprovedByDefault")
1110
approval_delay = notifychangeproperty(dbus.UInt64,
1111
"ApprovalDelay",
1112
type_func =
1113
timedelta_to_milliseconds)
1114
approval_duration = notifychangeproperty(
1115
dbus.UInt64, "ApprovalDuration",
1116
type_func = timedelta_to_milliseconds)
1117
host = notifychangeproperty(dbus.String, "Host")
1118
timeout = notifychangeproperty(dbus.UInt64, "Timeout",
1119
type_func =
1120
timedelta_to_milliseconds)
1121
extended_timeout = notifychangeproperty(
1122
dbus.UInt64, "ExtendedTimeout",
1123
type_func = timedelta_to_milliseconds)
1124
interval = notifychangeproperty(dbus.UInt64,
1125
"Interval",
1126
type_func =
1127
timedelta_to_milliseconds)
1128
checker_command = notifychangeproperty(dbus.String, "Checker")
1129
1130
del notifychangeproperty
1131
1132
def __del__(self, *args, **kwargs):
1133
try:
1134
self.remove_from_connection()
1135
except LookupError:
1136
pass
1137
if hasattr(DBusObjectWithProperties, "__del__"):
1138
DBusObjectWithProperties.__del__(self, *args, **kwargs)
1139
Client.__del__(self, *args, **kwargs)
1140
1141
def checker_callback(self, pid, condition, command,
1142
*args, **kwargs):
1143
self.checker_callback_tag = None
1144
self.checker = None
1145
if os.WIFEXITED(condition):
1146
exitstatus = os.WEXITSTATUS(condition)
1147
# Emit D-Bus signal
1148
self.CheckerCompleted(dbus.Int16(exitstatus),
1149
dbus.Int64(condition),
1150
dbus.String(command))
1151
else:
1152
# Emit D-Bus signal
1153
self.CheckerCompleted(dbus.Int16(-1),
1154
dbus.Int64(condition),
1155
dbus.String(command))
1156
1157
return Client.checker_callback(self, pid, condition, command,
1158
*args, **kwargs)
1159
1160
def start_checker(self, *args, **kwargs):
1161
old_checker = self.checker
1162
if self.checker is not None:
1163
old_checker_pid = self.checker.pid
1164
else:
1165
old_checker_pid = None
1166
r = Client.start_checker(self, *args, **kwargs)
1167
# Only if new checker process was started
1168
if (self.checker is not None
1169
and old_checker_pid != self.checker.pid):
1170
# Emit D-Bus signal
1171
self.CheckerStarted(self.current_checker_command)
1172
return r
1173
1174
def _reset_approved(self):
1175
self.approved = None
1176
return False
1177
1178
def approve(self, value=True):
1179
self.send_changedstate()
1180
self.approved = value
1181
gobject.timeout_add(timedelta_to_milliseconds
1182
(self.approval_duration),
1183
self._reset_approved)
1184
1185
1186
## D-Bus methods, signals & properties
1187
_interface = "se.recompile.Mandos.Client"
1188
1189
## Signals
439
1190
440
1191
# CheckerCompleted - signal
441
@dbus.service.signal(_interface, signature="b")
442
def CheckerCompleted(self, success):
1192
@dbus.service.signal(_interface, signature="nxs")
1193
def CheckerCompleted(self, exitcode, waitstatus, command):
443
1194
"D-Bus signal"
444
1195
pass
445
1196
446
# CheckerIsRunning - method
447
@dbus.service.method(_interface, out_signature="b")
448
def CheckerIsRunning(self):
449
"D-Bus getter method"
450
return self.checker is not None
451
452
1197
# CheckerStarted - signal
453
1198
@dbus.service.signal(_interface, signature="s")
454
1199
def CheckerStarted(self, command):
455
1200
"D-Bus signal"
456
1201
pass
457
1202
458
# GetChecker - method
459
@dbus.service.method(_interface, out_signature="s")
460
def GetChecker(self):
461
"D-Bus getter method"
462
return self.checker_command
463
464
# GetCreated - method
465
@dbus.service.method(_interface, out_signature="(nyyyyyu)")
466
def GetCreated(self):
467
"D-Bus getter method"
468
return datetime_to_dbus_struct(self.created)
469
470
# GetFingerprint - method
471
@dbus.service.method(_interface, out_signature="s")
472
def GetFingerprint(self):
473
"D-Bus getter method"
474
return self.fingerprint
475
476
# GetHost - method
477
@dbus.service.method(_interface, out_signature="s")
478
def GetHost(self):
479
"D-Bus getter method"
480
return self.host
481
482
# GetInterval - method
483
@dbus.service.method(_interface, out_signature="t")
484
def GetInterval(self):
485
"D-Bus getter method"
486
return self._interval_milliseconds
487
488
# GetName - method
489
@dbus.service.method(_interface, out_signature="s")
490
def GetName(self):
491
"D-Bus getter method"
492
return self.name
493
494
# GetStarted - method
495
@dbus.service.method(_interface, out_signature="(nyyyyyu)")
496
def GetStarted(self):
497
"D-Bus getter method"
498
if self.started is not None:
499
return datetime_to_dbus_struct(self.started)
500
else:
501
return dbus.Struct(0, 0, 0, 0, 0, 0, 0,
502
signature="nyyyyyu")
503
504
# GetTimeout - method
505
@dbus.service.method(_interface, out_signature="t")
506
def GetTimeout(self):
507
"D-Bus getter method"
508
return self._timeout_milliseconds
509
510
# SetChecker - method
511
@dbus.service.method(_interface, in_signature="s")
512
def SetChecker(self, checker):
513
"D-Bus setter method"
514
self.checker_command = checker
515
516
# SetHost - method
517
@dbus.service.method(_interface, in_signature="s")
518
def SetHost(self, host):
519
"D-Bus setter method"
520
self.host = host
521
522
# SetInterval - method
523
@dbus.service.method(_interface, in_signature="t")
524
def SetInterval(self, milliseconds):
525
self.interval = datetime.timdeelta(0, 0, 0, milliseconds)
526
527
# SetTimeout - method
528
@dbus.service.method(_interface, in_signature="t")
529
def SetTimeout(self, milliseconds):
530
self.timeout = datetime.timedelta(0, 0, 0, milliseconds)
531
532
# SetSecret - method
533
@dbus.service.method(_interface, in_signature="ay",
534
byte_arrays=True)
535
def SetSecret(self, secret):
536
"D-Bus setter method"
537
self.secret = str(secret)
538
539
# Start - method
540
Start = dbus.service.method(_interface)(start)
541
Start.__name__ = "Start"
1203
# PropertyChanged - signal
1204
@dbus.service.signal(_interface, signature="sv")
1205
def PropertyChanged(self, property, value):
1206
"D-Bus signal"
1207
pass
1208
1209
# GotSecret - signal
1210
@dbus.service.signal(_interface)
1211
def GotSecret(self):
1212
"""D-Bus signal
1213
Is sent after a successful transfer of secret from the Mandos
1214
server to mandos-client
1215
"""
1216
pass
1217
1218
# Rejected - signal
1219
@dbus.service.signal(_interface, signature="s")
1220
def Rejected(self, reason):
1221
"D-Bus signal"
1222
pass
1223
1224
# NeedApproval - signal
1225
@dbus.service.signal(_interface, signature="tb")
1226
def NeedApproval(self, timeout, default):
1227
"D-Bus signal"
1228
return self.need_approval()
1229
1230
## Methods
1231
1232
# Approve - method
1233
@dbus.service.method(_interface, in_signature="b")
1234
def Approve(self, value):
1235
self.approve(value)
1236
1237
# CheckedOK - method
1238
@dbus.service.method(_interface)
1239
def CheckedOK(self):
1240
self.checked_ok()
1241
1242
# Enable - method
1243
@dbus.service.method(_interface)
1244
def Enable(self):
1245
"D-Bus method"
1246
self.enable()
542
1247
543
1248
# StartChecker - method
544
StartChecker = dbus.service.method(_interface)(start_checker)
545
StartChecker.__name__ = "StartChecker"
546
547
# StateChanged - signal
548
@dbus.service.signal(_interface, signature="b")
549
def StateChanged(self, started):
550
"D-Bus signal"
551
pass
552
553
# StillValid - method
554
StillValid = (dbus.service.method(_interface, out_signature="b")
555
(still_valid))
556
StillValid.__name__ = "StillValid"
557
558
# Stop - method
559
Stop = dbus.service.method(_interface)(stop)
560
Stop.__name__ = "Stop"
1249
@dbus.service.method(_interface)
1250
def StartChecker(self):
1251
"D-Bus method"
1252
self.start_checker()
1253
1254
# Disable - method
1255
@dbus.service.method(_interface)
1256
def Disable(self):
1257
"D-Bus method"
1258
self.disable()
561
1259
562
1260
# StopChecker - method
563
StopChecker = dbus.service.method(_interface)(stop_checker)
564
StopChecker.__name__ = "StopChecker"
565
566
# TimeoutChanged - signal
567
@dbus.service.signal(_interface, signature="t")
568
def TimeoutChanged(self, t):
569
"D-Bus signal"
570
pass
571
572
del _datetime_to_dbus_struct
1261
@dbus.service.method(_interface)
1262
def StopChecker(self):
1263
self.stop_checker()
1264
1265
## Properties
1266
1267
# ApprovalPending - property
1268
@dbus_service_property(_interface, signature="b", access="read")
1269
def ApprovalPending_dbus_property(self):
1270
return dbus.Boolean(bool(self.approvals_pending))
1271
1272
# ApprovedByDefault - property
1273
@dbus_service_property(_interface, signature="b",
1274
access="readwrite")
1275
def ApprovedByDefault_dbus_property(self, value=None):
1276
if value is None: # get
1277
return dbus.Boolean(self.approved_by_default)
1278
self.approved_by_default = bool(value)
1279
1280
# ApprovalDelay - property
1281
@dbus_service_property(_interface, signature="t",
1282
access="readwrite")
1283
def ApprovalDelay_dbus_property(self, value=None):
1284
if value is None: # get
1285
return dbus.UInt64(self.approval_delay_milliseconds())
1286
self.approval_delay = datetime.timedelta(0, 0, 0, value)
1287
1288
# ApprovalDuration - property
1289
@dbus_service_property(_interface, signature="t",
1290
access="readwrite")
1291
def ApprovalDuration_dbus_property(self, value=None):
1292
if value is None: # get
1293
return dbus.UInt64(timedelta_to_milliseconds(
1294
self.approval_duration))
1295
self.approval_duration = datetime.timedelta(0, 0, 0, value)
1296
1297
# Name - property
1298
@dbus_service_property(_interface, signature="s", access="read")
1299
def Name_dbus_property(self):
1300
return dbus.String(self.name)
1301
1302
# Fingerprint - property
1303
@dbus_service_property(_interface, signature="s", access="read")
1304
def Fingerprint_dbus_property(self):
1305
return dbus.String(self.fingerprint)
1306
1307
# Host - property
1308
@dbus_service_property(_interface, signature="s",
1309
access="readwrite")
1310
def Host_dbus_property(self, value=None):
1311
if value is None: # get
1312
return dbus.String(self.host)
1313
self.host = unicode(value)
1314
1315
# Created - property
1316
@dbus_service_property(_interface, signature="s", access="read")
1317
def Created_dbus_property(self):
1318
return datetime_to_dbus(self.created)
1319
1320
# LastEnabled - property
1321
@dbus_service_property(_interface, signature="s", access="read")
1322
def LastEnabled_dbus_property(self):
1323
return datetime_to_dbus(self.last_enabled)
1324
1325
# Enabled - property
1326
@dbus_service_property(_interface, signature="b",
1327
access="readwrite")
1328
def Enabled_dbus_property(self, value=None):
1329
if value is None: # get
1330
return dbus.Boolean(self.enabled)
1331
if value:
1332
self.enable()
1333
else:
1334
self.disable()
1335
1336
# LastCheckedOK - property
1337
@dbus_service_property(_interface, signature="s",
1338
access="readwrite")
1339
def LastCheckedOK_dbus_property(self, value=None):
1340
if value is not None:
1341
self.checked_ok()
1342
return
1343
return datetime_to_dbus(self.last_checked_ok)
1344
1345
# LastCheckerStatus - property
1346
@dbus_service_property(_interface, signature="n",
1347
access="read")
1348
def LastCheckerStatus_dbus_property(self):
1349
return dbus.Int16(self.last_checker_status)
1350
1351
# Expires - property
1352
@dbus_service_property(_interface, signature="s", access="read")
1353
def Expires_dbus_property(self):
1354
return datetime_to_dbus(self.expires)
1355
1356
# LastApprovalRequest - property
1357
@dbus_service_property(_interface, signature="s", access="read")
1358
def LastApprovalRequest_dbus_property(self):
1359
return datetime_to_dbus(self.last_approval_request)
1360
1361
# Timeout - property
1362
@dbus_service_property(_interface, signature="t",
1363
access="readwrite")
1364
def Timeout_dbus_property(self, value=None):
1365
if value is None: # get
1366
return dbus.UInt64(self.timeout_milliseconds())
1367
self.timeout = datetime.timedelta(0, 0, 0, value)
1368
# Reschedule timeout
1369
if self.enabled:
1370
now = datetime.datetime.utcnow()
1371
time_to_die = timedelta_to_milliseconds(
1372
(self.last_checked_ok + self.timeout) - now)
1373
if time_to_die <= 0:
1374
# The timeout has passed
1375
self.disable()
1376
else:
1377
self.expires = (now +
1378
datetime.timedelta(milliseconds =
1379
time_to_die))
1380
if (getattr(self, "disable_initiator_tag", None)
1381
is None):
1382
return
1383
gobject.source_remove(self.disable_initiator_tag)
1384
self.disable_initiator_tag = (gobject.timeout_add
1385
(time_to_die,
1386
self.disable))
1387
1388
# ExtendedTimeout - property
1389
@dbus_service_property(_interface, signature="t",
1390
access="readwrite")
1391
def ExtendedTimeout_dbus_property(self, value=None):
1392
if value is None: # get
1393
return dbus.UInt64(self.extended_timeout_milliseconds())
1394
self.extended_timeout = datetime.timedelta(0, 0, 0, value)
1395
1396
# Interval - property
1397
@dbus_service_property(_interface, signature="t",
1398
access="readwrite")
1399
def Interval_dbus_property(self, value=None):
1400
if value is None: # get
1401
return dbus.UInt64(self.interval_milliseconds())
1402
self.interval = datetime.timedelta(0, 0, 0, value)
1403
if getattr(self, "checker_initiator_tag", None) is None:
1404
return
1405
if self.enabled:
1406
# Reschedule checker run
1407
gobject.source_remove(self.checker_initiator_tag)
1408
self.checker_initiator_tag = (gobject.timeout_add
1409
(value, self.start_checker))
1410
self.start_checker() # Start one now, too
1411
1412
# Checker - property
1413
@dbus_service_property(_interface, signature="s",
1414
access="readwrite")
1415
def Checker_dbus_property(self, value=None):
1416
if value is None: # get
1417
return dbus.String(self.checker_command)
1418
self.checker_command = unicode(value)
1419
1420
# CheckerRunning - property
1421
@dbus_service_property(_interface, signature="b",
1422
access="readwrite")
1423
def CheckerRunning_dbus_property(self, value=None):
1424
if value is None: # get
1425
return dbus.Boolean(self.checker is not None)
1426
if value:
1427
self.start_checker()
1428
else:
1429
self.stop_checker()
1430
1431
# ObjectPath - property
1432
@dbus_service_property(_interface, signature="o", access="read")
1433
def ObjectPath_dbus_property(self):
1434
return self.dbus_object_path # is already a dbus.ObjectPath
1435
1436
# Secret = property
1437
@dbus_service_property(_interface, signature="ay",
1438
access="write", byte_arrays=True)
1439
def Secret_dbus_property(self, value):
1440
self.secret = str(value)
1441
573
1442
del _interface
574
1443
575
1444
576
def peer_certificate(session):
577
"Return the peer's OpenPGP certificate as a bytestring"
578
# If not an OpenPGP certificate...
579
if (gnutls.library.functions
580
.gnutls_certificate_type_get(session._c_object)
581
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
582
# ...do the normal thing
583
return session.peer_certificate
584
list_size = ctypes.c_uint()
585
cert_list = (gnutls.library.functions
586
.gnutls_certificate_get_peers
587
(session._c_object, ctypes.byref(list_size)))
588
if list_size.value == 0:
589
return None
590
cert = cert_list[0]
591
return ctypes.string_at(cert.data, cert.size)
592
593
594
def fingerprint(openpgp):
595
"Convert an OpenPGP bytestring to a hexdigit fingerprint string"
596
# New GnuTLS "datum" with the OpenPGP public key
597
datum = (gnutls.library.types
598
.gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
599
ctypes.POINTER
600
(ctypes.c_ubyte)),
601
ctypes.c_uint(len(openpgp))))
602
# New empty GnuTLS certificate
603
crt = gnutls.library.types.gnutls_openpgp_crt_t()
604
(gnutls.library.functions
605
.gnutls_openpgp_crt_init(ctypes.byref(crt)))
606
# Import the OpenPGP public key into the certificate
607
(gnutls.library.functions
608
.gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
609
gnutls.library.constants
610
.GNUTLS_OPENPGP_FMT_RAW))
611
# Verify the self signature in the key
612
crtverify = ctypes.c_uint()
613
(gnutls.library.functions
614
.gnutls_openpgp_crt_verify_self(crt, 0, ctypes.byref(crtverify)))
615
if crtverify.value != 0:
616
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
617
raise gnutls.errors.CertificateSecurityError("Verify failed")
618
# New buffer for the fingerprint
619
buf = ctypes.create_string_buffer(20)
620
buf_len = ctypes.c_size_t()
621
# Get the fingerprint from the certificate into the buffer
622
(gnutls.library.functions
623
.gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
624
ctypes.byref(buf_len)))
625
# Deinit the certificate
626
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
627
# Convert the buffer to a Python bytestring
628
fpr = ctypes.string_at(buf, buf_len.value)
629
# Convert the bytestring to hexadecimal notation
630
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
631
return hex_fpr
632
633
634
class TCP_handler(SocketServer.BaseRequestHandler, object):
635
"""A TCP request handler class.
636
Instantiated by IPv6_TCPServer for each request to handle it.
1445
class ProxyClient(object):
1446
def __init__(self, child_pipe, fpr, address):
1447
self._pipe = child_pipe
1448
self._pipe.send(('init', fpr, address))
1449
if not self._pipe.recv():
1450
raise KeyError()
1451
1452
def __getattribute__(self, name):
1453
if name == '_pipe':
1454
return super(ProxyClient, self).__getattribute__(name)
1455
self._pipe.send(('getattr', name))
1456
data = self._pipe.recv()
1457
if data[0] == 'data':
1458
return data[1]
1459
if data[0] == 'function':
1460
def func(*args, **kwargs):
1461
self._pipe.send(('funcall', name, args, kwargs))
1462
return self._pipe.recv()[1]
1463
return func
1464
1465
def __setattr__(self, name, value):
1466
if name == '_pipe':
1467
return super(ProxyClient, self).__setattr__(name, value)
1468
self._pipe.send(('setattr', name, value))
1469
1470
1471
class ClientDBusTransitional(ClientDBus):
1472
__metaclass__ = AlternateDBusNamesMetaclass
1473
1474
1475
class ClientHandler(socketserver.BaseRequestHandler, object):
1476
"""A class to handle client connections.
1477
1478
Instantiated once for each connection to handle it.
637
1479
Note: This will run in its own forked process."""
638
1480
639
1481
def handle(self):
640
logger.info(u"TCP connection from: %s",
641
unicode(self.client_address))
642
session = (gnutls.connection
643
.ClientSession(self.request,
644
gnutls.connection
645
.X509Credentials()))
646
647
line = self.request.makefile().readline()
648
logger.debug(u"Protocol version: %r", line)
649
try:
650
if int(line.strip().split()[0]) > 1:
651
raise RuntimeError
652
except (ValueError, IndexError, RuntimeError), error:
653
logger.error(u"Unknown protocol version: %s", error)
654
return
655
656
# Note: gnutls.connection.X509Credentials is really a generic
657
# GnuTLS certificate credentials object so long as no X.509
658
# keys are added to it. Therefore, we can use it here despite
659
# using OpenPGP certificates.
660
661
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
662
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
663
# "+DHE-DSS"))
664
# Use a fallback default, since this MUST be set.
665
priority = self.server.settings.get("priority", "NORMAL")
666
(gnutls.library.functions
667
.gnutls_priority_set_direct(session._c_object,
668
priority, None))
669
670
try:
671
session.handshake()
672
except gnutls.errors.GNUTLSError, error:
673
logger.warning(u"Handshake failed: %s", error)
674
# Do not run session.bye() here: the session is not
675
# established. Just abandon the request.
676
return
677
try:
678
fpr = fingerprint(peer_certificate(session))
679
except (TypeError, gnutls.errors.GNUTLSError), error:
680
logger.warning(u"Bad certificate: %s", error)
681
session.bye()
682
return
683
logger.debug(u"Fingerprint: %s", fpr)
684
for c in self.server.clients:
685
if c.fingerprint == fpr:
686
client = c
687
break
688
else:
689
logger.warning(u"Client not found for fingerprint: %s",
690
fpr)
691
session.bye()
692
return
693
# Have to check if client.still_valid(), since it is possible
694
# that the client timed out while establishing the GnuTLS
695
# session.
696
if not client.still_valid():
697
logger.warning(u"Client %(name)s is invalid",
698
vars(client))
699
session.bye()
700
return
701
## This won't work here, since we're in a fork.
702
# client.bump_timeout()
703
sent_size = 0
704
while sent_size < len(client.secret):
705
sent = session.send(client.secret[sent_size:])
706
logger.debug(u"Sent: %d, remaining: %d",
707
sent, len(client.secret)
708
- (sent_size + sent))
709
sent_size += sent
710
session.bye()
711
712
713
class IPv6_TCPServer(SocketServer.ForkingMixIn,
714
SocketServer.TCPServer, object):
715
"""IPv6 TCP server. Accepts 'None' as address and/or port.
1482
with contextlib.closing(self.server.child_pipe) as child_pipe:
1483
logger.info("TCP connection from: %s",
1484
unicode(self.client_address))
1485
logger.debug("Pipe FD: %d",
1486
self.server.child_pipe.fileno())
1487
1488
session = (gnutls.connection
1489
.ClientSession(self.request,
1490
gnutls.connection
1491
.X509Credentials()))
1492
1493
# Note: gnutls.connection.X509Credentials is really a
1494
# generic GnuTLS certificate credentials object so long as
1495
# no X.509 keys are added to it. Therefore, we can use it
1496
# here despite using OpenPGP certificates.
1497
1498
#priority = ':'.join(("NONE", "+VERS-TLS1.1",
1499
# "+AES-256-CBC", "+SHA1",
1500
# "+COMP-NULL", "+CTYPE-OPENPGP",
1501
# "+DHE-DSS"))
1502
# Use a fallback default, since this MUST be set.
1503
priority = self.server.gnutls_priority
1504
if priority is None:
1505
priority = "NORMAL"
1506
(gnutls.library.functions
1507
.gnutls_priority_set_direct(session._c_object,
1508
priority, None))
1509
1510
# Start communication using the Mandos protocol
1511
# Get protocol number
1512
line = self.request.makefile().readline()
1513
logger.debug("Protocol version: %r", line)
1514
try:
1515
if int(line.strip().split()[0]) > 1:
1516
raise RuntimeError
1517
except (ValueError, IndexError, RuntimeError) as error:
1518
logger.error("Unknown protocol version: %s", error)
1519
return
1520
1521
# Start GnuTLS connection
1522
try:
1523
session.handshake()
1524
except gnutls.errors.GNUTLSError as error:
1525
logger.warning("Handshake failed: %s", error)
1526
# Do not run session.bye() here: the session is not
1527
# established. Just abandon the request.
1528
return
1529
logger.debug("Handshake succeeded")
1530
1531
approval_required = False
1532
try:
1533
try:
1534
fpr = self.fingerprint(self.peer_certificate
1535
(session))
1536
except (TypeError,
1537
gnutls.errors.GNUTLSError) as error:
1538
logger.warning("Bad certificate: %s", error)
1539
return
1540
logger.debug("Fingerprint: %s", fpr)
1541
1542
try:
1543
client = ProxyClient(child_pipe, fpr,
1544
self.client_address)
1545
except KeyError:
1546
return
1547
1548
if client.approval_delay:
1549
delay = client.approval_delay
1550
client.approvals_pending += 1
1551
approval_required = True
1552
1553
while True:
1554
if not client.enabled:
1555
logger.info("Client %s is disabled",
1556
client.name)
1557
if self.server.use_dbus:
1558
# Emit D-Bus signal
1559
client.Rejected("Disabled")
1560
return
1561
1562
if client.approved or not client.approval_delay:
1563
#We are approved or approval is disabled
1564
break
1565
elif client.approved is None:
1566
logger.info("Client %s needs approval",
1567
client.name)
1568
if self.server.use_dbus:
1569
# Emit D-Bus signal
1570
client.NeedApproval(
1571
client.approval_delay_milliseconds(),
1572
client.approved_by_default)
1573
else:
1574
logger.warning("Client %s was not approved",
1575
client.name)
1576
if self.server.use_dbus:
1577
# Emit D-Bus signal
1578
client.Rejected("Denied")
1579
return
1580
1581
#wait until timeout or approved
1582
time = datetime.datetime.now()
1583
client.changedstate.acquire()
1584
(client.changedstate.wait
1585
(float(client.timedelta_to_milliseconds(delay)
1586
/ 1000)))
1587
client.changedstate.release()
1588
time2 = datetime.datetime.now()
1589
if (time2 - time) >= delay:
1590
if not client.approved_by_default:
1591
logger.warning("Client %s timed out while"
1592
" waiting for approval",
1593
client.name)
1594
if self.server.use_dbus:
1595
# Emit D-Bus signal
1596
client.Rejected("Approval timed out")
1597
return
1598
else:
1599
break
1600
else:
1601
delay -= time2 - time
1602
1603
sent_size = 0
1604
while sent_size < len(client.secret):
1605
try:
1606
sent = session.send(client.secret[sent_size:])
1607
except gnutls.errors.GNUTLSError as error:
1608
logger.warning("gnutls send failed")
1609
return
1610
logger.debug("Sent: %d, remaining: %d",
1611
sent, len(client.secret)
1612
- (sent_size + sent))
1613
sent_size += sent
1614
1615
logger.info("Sending secret to %s", client.name)
1616
# bump the timeout using extended_timeout
1617
client.bump_timeout(client.extended_timeout)
1618
if self.server.use_dbus:
1619
# Emit D-Bus signal
1620
client.GotSecret()
1621
1622
finally:
1623
if approval_required:
1624
client.approvals_pending -= 1
1625
try:
1626
session.bye()
1627
except gnutls.errors.GNUTLSError as error:
1628
logger.warning("GnuTLS bye failed")
1629
1630
@staticmethod
1631
def peer_certificate(session):
1632
"Return the peer's OpenPGP certificate as a bytestring"
1633
# If not an OpenPGP certificate...
1634
if (gnutls.library.functions
1635
.gnutls_certificate_type_get(session._c_object)
1636
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
1637
# ...do the normal thing
1638
return session.peer_certificate
1639
list_size = ctypes.c_uint(1)
1640
cert_list = (gnutls.library.functions
1641
.gnutls_certificate_get_peers
1642
(session._c_object, ctypes.byref(list_size)))
1643
if not bool(cert_list) and list_size.value != 0:
1644
raise gnutls.errors.GNUTLSError("error getting peer"
1645
" certificate")
1646
if list_size.value == 0:
1647
return None
1648
cert = cert_list[0]
1649
return ctypes.string_at(cert.data, cert.size)
1650
1651
@staticmethod
1652
def fingerprint(openpgp):
1653
"Convert an OpenPGP bytestring to a hexdigit fingerprint"
1654
# New GnuTLS "datum" with the OpenPGP public key
1655
datum = (gnutls.library.types
1656
.gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
1657
ctypes.POINTER
1658
(ctypes.c_ubyte)),
1659
ctypes.c_uint(len(openpgp))))
1660
# New empty GnuTLS certificate
1661
crt = gnutls.library.types.gnutls_openpgp_crt_t()
1662
(gnutls.library.functions
1663
.gnutls_openpgp_crt_init(ctypes.byref(crt)))
1664
# Import the OpenPGP public key into the certificate
1665
(gnutls.library.functions
1666
.gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
1667
gnutls.library.constants
1668
.GNUTLS_OPENPGP_FMT_RAW))
1669
# Verify the self signature in the key
1670
crtverify = ctypes.c_uint()
1671
(gnutls.library.functions
1672
.gnutls_openpgp_crt_verify_self(crt, 0,
1673
ctypes.byref(crtverify)))
1674
if crtverify.value != 0:
1675
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1676
raise (gnutls.errors.CertificateSecurityError
1677
("Verify failed"))
1678
# New buffer for the fingerprint
1679
buf = ctypes.create_string_buffer(20)
1680
buf_len = ctypes.c_size_t()
1681
# Get the fingerprint from the certificate into the buffer
1682
(gnutls.library.functions
1683
.gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
1684
ctypes.byref(buf_len)))
1685
# Deinit the certificate
1686
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1687
# Convert the buffer to a Python bytestring
1688
fpr = ctypes.string_at(buf, buf_len.value)
1689
# Convert the bytestring to hexadecimal notation
1690
hex_fpr = binascii.hexlify(fpr).upper()
1691
return hex_fpr
1692
1693
1694
class MultiprocessingMixIn(object):
1695
"""Like socketserver.ThreadingMixIn, but with multiprocessing"""
1696
def sub_process_main(self, request, address):
1697
try:
1698
self.finish_request(request, address)
1699
except Exception:
1700
self.handle_error(request, address)
1701
self.close_request(request)
1702
1703
def process_request(self, request, address):
1704
"""Start a new process to process the request."""
1705
proc = multiprocessing.Process(target = self.sub_process_main,
1706
args = (request,
1707
address))
1708
proc.start()
1709
return proc
1710
1711
1712
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1713
""" adds a pipe to the MixIn """
1714
def process_request(self, request, client_address):
1715
"""Overrides and wraps the original process_request().
1716
1717
This function creates a new pipe in self.pipe
1718
"""
1719
parent_pipe, self.child_pipe = multiprocessing.Pipe()
1720
1721
proc = MultiprocessingMixIn.process_request(self, request,
1722
client_address)
1723
self.child_pipe.close()
1724
self.add_pipe(parent_pipe, proc)
1725
1726
def add_pipe(self, parent_pipe, proc):
1727
"""Dummy function; override as necessary"""
1728
raise NotImplementedError
1729
1730
1731
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
1732
socketserver.TCPServer, object):
1733
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
1734
716
1735
Attributes:
717
settings: Server settings
718
clients: Set() of Client objects
719
1736
enabled: Boolean; whether this server is activated yet
1737
interface: None or a network interface name (string)
1738
use_ipv6: Boolean; to use IPv6 or not
720
1739
"""
721
address_family = socket.AF_INET6
722
def __init__(self, *args, **kwargs):
723
if "settings" in kwargs:
724
self.settings = kwargs["settings"]
725
del kwargs["settings"]
726
if "clients" in kwargs:
727
self.clients = kwargs["clients"]
728
del kwargs["clients"]
729
self.enabled = False
730
super(IPv6_TCPServer, self).__init__(*args, **kwargs)
1740
def __init__(self, server_address, RequestHandlerClass,
1741
interface=None, use_ipv6=True):
1742
self.interface = interface
1743
if use_ipv6:
1744
self.address_family = socket.AF_INET6
1745
socketserver.TCPServer.__init__(self, server_address,
1746
RequestHandlerClass)
731
1747
def server_bind(self):
732
1748
"""This overrides the normal server_bind() function
733
1749
to bind to an interface if one was specified, and also NOT to
734
1750
bind to an address or port if they were not specified."""
735
if self.settings["interface"]:
736
# 25 is from /usr/include/asm-i486/socket.h
737
SO_BINDTODEVICE = getattr(socket, "SO_BINDTODEVICE", 25)
738
try:
739
self.socket.setsockopt(socket.SOL_SOCKET,
740
SO_BINDTODEVICE,
741
self.settings["interface"])
742
except socket.error, error:
743
if error[0] == errno.EPERM:
744
logger.error(u"No permission to"
745
u" bind to interface %s",
746
self.settings["interface"])
747
else:
748
raise error
1751
if self.interface is not None:
1752
if SO_BINDTODEVICE is None:
1753
logger.error("SO_BINDTODEVICE does not exist;"
1754
" cannot bind to interface %s",
1755
self.interface)
1756
else:
1757
try:
1758
self.socket.setsockopt(socket.SOL_SOCKET,
1759
SO_BINDTODEVICE,
1760
str(self.interface
1761
+ '\0'))
1762
except socket.error as error:
1763
if error[0] == errno.EPERM:
1764
logger.error("No permission to"
1765
" bind to interface %s",
1766
self.interface)
1767
elif error[0] == errno.ENOPROTOOPT:
1768
logger.error("SO_BINDTODEVICE not available;"
1769
" cannot bind to interface %s",
1770
self.interface)
1771
else:
1772
raise
749
1773
# Only bind(2) the socket if we really need to.
750
1774
if self.server_address[0] or self.server_address[1]:
751
1775
if not self.server_address[0]:
752
in6addr_any = "::"
753
self.server_address = (in6addr_any,
1776
if self.address_family == socket.AF_INET6:
1777
any_address = "::" # in6addr_any
1778
else:
1779
any_address = socket.INADDR_ANY
1780
self.server_address = (any_address,
754
1781
self.server_address[1])
755
1782
elif not self.server_address[1]:
756
1783
self.server_address = (self.server_address[0],
757
1784
0)
758
# if self.settings["interface"]:
1785
# if self.interface:
759
1786
# self.server_address = (self.server_address[0],
760
1787
# 0, # port
761
1788
# 0, # flowinfo
762
1789
# if_nametoindex
763
# (self.settings
764
# ["interface"]))
765
return super(IPv6_TCPServer, self).server_bind()
1790
# (self.interface))
1791
return socketserver.TCPServer.server_bind(self)
1792
1793
1794
class MandosServer(IPv6_TCPServer):
1795
"""Mandos server.
1796
1797
Attributes:
1798
clients: set of Client objects
1799
gnutls_priority GnuTLS priority string
1800
use_dbus: Boolean; to emit D-Bus signals or not
1801
1802
Assumes a gobject.MainLoop event loop.
1803
"""
1804
def __init__(self, server_address, RequestHandlerClass,
1805
interface=None, use_ipv6=True, clients=None,
1806
gnutls_priority=None, use_dbus=True):
1807
self.enabled = False
1808
self.clients = clients
1809
if self.clients is None:
1810
self.clients = {}
1811
self.use_dbus = use_dbus
1812
self.gnutls_priority = gnutls_priority
1813
IPv6_TCPServer.__init__(self, server_address,
1814
RequestHandlerClass,
1815
interface = interface,
1816
use_ipv6 = use_ipv6)
766
1817
def server_activate(self):
767
1818
if self.enabled:
768
return super(IPv6_TCPServer, self).server_activate()
1819
return socketserver.TCPServer.server_activate(self)
1820
769
1821
def enable(self):
770
1822
self.enabled = True
1823
1824
def add_pipe(self, parent_pipe, proc):
1825
# Call "handle_ipc" for both data and EOF events
1826
gobject.io_add_watch(parent_pipe.fileno(),
1827
gobject.IO_IN | gobject.IO_HUP,
1828
functools.partial(self.handle_ipc,
1829
parent_pipe =
1830
parent_pipe,
1831
proc = proc))
1832
1833
def handle_ipc(self, source, condition, parent_pipe=None,
1834
proc = None, client_object=None):
1835
condition_names = {
1836
gobject.IO_IN: "IN", # There is data to read.
1837
gobject.IO_OUT: "OUT", # Data can be written (without
1838
# blocking).
1839
gobject.IO_PRI: "PRI", # There is urgent data to read.
1840
gobject.IO_ERR: "ERR", # Error condition.
1841
gobject.IO_HUP: "HUP" # Hung up (the connection has been
1842
# broken, usually for pipes and
1843
# sockets).
1844
}
1845
conditions_string = ' | '.join(name
1846
for cond, name in
1847
condition_names.iteritems()
1848
if cond & condition)
1849
# error, or the other end of multiprocessing.Pipe has closed
1850
if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1851
# Wait for other process to exit
1852
proc.join()
1853
return False
1854
1855
# Read a request from the child
1856
request = parent_pipe.recv()
1857
command = request[0]
1858
1859
if command == 'init':
1860
fpr = request[1]
1861
address = request[2]
1862
1863
for c in self.clients.itervalues():
1864
if c.fingerprint == fpr:
1865
client = c
1866
break
1867
else:
1868
logger.info("Client not found for fingerprint: %s, ad"
1869
"dress: %s", fpr, address)
1870
if self.use_dbus:
1871
# Emit D-Bus signal
1872
mandos_dbus_service.ClientNotFound(fpr,
1873
address[0])
1874
parent_pipe.send(False)
1875
return False
1876
1877
gobject.io_add_watch(parent_pipe.fileno(),
1878
gobject.IO_IN | gobject.IO_HUP,
1879
functools.partial(self.handle_ipc,
1880
parent_pipe =
1881
parent_pipe,
1882
proc = proc,
1883
client_object =
1884
client))
1885
parent_pipe.send(True)
1886
# remove the old hook in favor of the new above hook on
1887
# same fileno
1888
return False
1889
if command == 'funcall':
1890
funcname = request[1]
1891
args = request[2]
1892
kwargs = request[3]
1893
1894
parent_pipe.send(('data', getattr(client_object,
1895
funcname)(*args,
1896
**kwargs)))
1897
1898
if command == 'getattr':
1899
attrname = request[1]
1900
if callable(client_object.__getattribute__(attrname)):
1901
parent_pipe.send(('function',))
1902
else:
1903
parent_pipe.send(('data', client_object
1904
.__getattribute__(attrname)))
1905
1906
if command == 'setattr':
1907
attrname = request[1]
1908
value = request[2]
1909
setattr(client_object, attrname, value)
1910
1911
return True
771
1912
772
1913
773
1914
def string_to_delta(interval):
774
1915
"""Parse a string and return a datetime.timedelta
775
1916
776
1917
>>> string_to_delta('7d')
777
1918
datetime.timedelta(7)
778
1919
>>> string_to_delta('60s')
781
1922
datetime.timedelta(0, 3600)
782
1923
>>> string_to_delta('24h')
783
1924
datetime.timedelta(1)
784
>>> string_to_delta(u'1w')
1925
>>> string_to_delta('1w')
785
1926
datetime.timedelta(7)
786
1927
>>> string_to_delta('5m 30s')
787
1928
datetime.timedelta(0, 330)
791
1932
try:
792
1933
suffix = unicode(s[-1])
793
1934
value = int(s[:-1])
794
if suffix == u"d":
1935
if suffix == "d":
795
1936
delta = datetime.timedelta(value)
796
elif suffix == u"s":
1937
elif suffix == "s":
797
1938
delta = datetime.timedelta(0, value)
798
elif suffix == u"m":
1939
elif suffix == "m":
799
1940
delta = datetime.timedelta(0, 0, 0, 0, value)
800
elif suffix == u"h":
1941
elif suffix == "h":
801
1942
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
802
elif suffix == u"w":
1943
elif suffix == "w":
803
1944
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
804
1945
else:
805
raise ValueError
806
except (ValueError, IndexError):
807
raise ValueError
1946
raise ValueError("Unknown suffix %r" % suffix)
1947
except (ValueError, IndexError) as e:
1948
raise ValueError(*(e.args))
808
1949
timevalue += delta
809
1950
return timevalue
810
1951
811
1952
812
def server_state_changed(state):
813
"""Derived from the Avahi example code"""
814
if state == avahi.SERVER_COLLISION:
815
logger.error(u"Zeroconf server name collision")
816
service.remove()
817
elif state == avahi.SERVER_RUNNING:
818
service.add()
819
820
821
def entry_group_state_changed(state, error):
822
"""Derived from the Avahi example code"""
823
logger.debug(u"Avahi state change: %i", state)
824
825
if state == avahi.ENTRY_GROUP_ESTABLISHED:
826
logger.debug(u"Zeroconf service established.")
827
elif state == avahi.ENTRY_GROUP_COLLISION:
828
logger.warning(u"Zeroconf service name collision.")
829
service.rename()
830
elif state == avahi.ENTRY_GROUP_FAILURE:
831
logger.critical(u"Avahi: Error in group state changed %s",
832
unicode(error))
833
raise AvahiGroupError("State changed: %s", str(error))
834
835
def if_nametoindex(interface):
836
"""Call the C function if_nametoindex(), or equivalent"""
837
global if_nametoindex
838
try:
839
if_nametoindex = (ctypes.cdll.LoadLibrary
840
(ctypes.util.find_library("c"))
841
.if_nametoindex)
842
except (OSError, AttributeError):
843
if "struct" not in sys.modules:
844
import struct
845
if "fcntl" not in sys.modules:
846
import fcntl
847
def if_nametoindex(interface):
848
"Get an interface index the hard way, i.e. using fcntl()"
849
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
850
with closing(socket.socket()) as s:
851
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
852
struct.pack("16s16x", interface))
853
interface_index = struct.unpack("I", ifreq[16:20])[0]
854
return interface_index
855
return if_nametoindex(interface)
856
857
858
1953
def daemon(nochdir = False, noclose = False):
859
1954
"""See daemon(3). Standard BSD Unix function.
1955
860
1956
This should really exist as os.daemon, but it doesn't (yet)."""
861
1957
if os.fork():
862
1958
sys.exit()
870
1966
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
871
1967
if not stat.S_ISCHR(os.fstat(null).st_mode):
872
1968
raise OSError(errno.ENODEV,
873
"/dev/null not a character device")
1969
"%s not a character device"
1970
% os.path.devnull)
874
1971
os.dup2(null, sys.stdin.fileno())
875
1972
os.dup2(null, sys.stdout.fileno())
876
1973
os.dup2(null, sys.stderr.fileno())
879
1976
880
1977
881
1978
def main():
882
parser = OptionParser(version = "%%prog %s" % version)
883
parser.add_option("-i", "--interface", type="string",
884
metavar="IF", help="Bind to interface IF")
885
parser.add_option("-a", "--address", type="string",
886
help="Address to listen for requests on")
887
parser.add_option("-p", "--port", type="int",
888
help="Port number to receive requests on")
889
parser.add_option("--check", action="store_true", default=False,
890
help="Run self-test")
891
parser.add_option("--debug", action="store_true",
892
help="Debug mode; run in foreground and log to"
893
" terminal")
894
parser.add_option("--priority", type="string", help="GnuTLS"
895
" priority string (see GnuTLS documentation)")
896
parser.add_option("--servicename", type="string", metavar="NAME",
897
help="Zeroconf service name")
898
parser.add_option("--configdir", type="string",
899
default="/etc/mandos", metavar="DIR",
900
help="Directory to search for configuration"
901
" files")
902
options = parser.parse_args()[0]
1979
1980
##################################################################
1981
# Parsing of options, both command line and config file
1982
1983
parser = argparse.ArgumentParser()
1984
parser.add_argument("-v", "--version", action="version",
1985
version = "%%(prog)s %s" % version,
1986
help="show version number and exit")
1987
parser.add_argument("-i", "--interface", metavar="IF",
1988
help="Bind to interface IF")
1989
parser.add_argument("-a", "--address",
1990
help="Address to listen for requests on")
1991
parser.add_argument("-p", "--port", type=int,
1992
help="Port number to receive requests on")
1993
parser.add_argument("--check", action="store_true",
1994
help="Run self-test")
1995
parser.add_argument("--debug", action="store_true",
1996
help="Debug mode; run in foreground and log"
1997
" to terminal")
1998
parser.add_argument("--debuglevel", metavar="LEVEL",
1999
help="Debug level for stdout output")
2000
parser.add_argument("--priority", help="GnuTLS"
2001
" priority string (see GnuTLS documentation)")
2002
parser.add_argument("--servicename",
2003
metavar="NAME", help="Zeroconf service name")
2004
parser.add_argument("--configdir",
2005
default="/etc/mandos", metavar="DIR",
2006
help="Directory to search for configuration"
2007
" files")
2008
parser.add_argument("--no-dbus", action="store_false",
2009
dest="use_dbus", help="Do not provide D-Bus"
2010
" system bus interface")
2011
parser.add_argument("--no-ipv6", action="store_false",
2012
dest="use_ipv6", help="Do not use IPv6")
2013
parser.add_argument("--no-restore", action="store_false",
2014
dest="restore", help="Do not restore stored"
2015
" state")
2016
parser.add_argument("--statedir", metavar="DIR",
2017
help="Directory to save/restore state in")
2018
2019
options = parser.parse_args()
903
2020
904
2021
if options.check:
905
2022
import doctest
914
2031
"priority":
915
2032
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
916
2033
"servicename": "Mandos",
2034
"use_dbus": "True",
2035
"use_ipv6": "True",
2036
"debuglevel": "",
2037
"restore": "True",
2038
"statedir": "/var/lib/mandos"
917
2039
}
918
2040
919
2041
# Parse config file for server-global settings
920
server_config = ConfigParser.SafeConfigParser(server_defaults)
2042
server_config = configparser.SafeConfigParser(server_defaults)
921
2043
del server_defaults
922
server_config.read(os.path.join(options.configdir, "mandos.conf"))
2044
server_config.read(os.path.join(options.configdir,
2045
"mandos.conf"))
923
2046
# Convert the SafeConfigParser object to a dict
924
2047
server_settings = server_config.defaults()
925
# Use getboolean on the boolean config option
926
server_settings["debug"] = (server_config.getboolean
927
("DEFAULT", "debug"))
2048
# Use the appropriate methods on the non-string config options
2049
for option in ("debug", "use_dbus", "use_ipv6"):
2050
server_settings[option] = server_config.getboolean("DEFAULT",
2051
option)
2052
if server_settings["port"]:
2053
server_settings["port"] = server_config.getint("DEFAULT",
2054
"port")
928
2055
del server_config
929
2056
930
2057
# Override the settings from the config file with command line
931
2058
# options, if set.
932
2059
for option in ("interface", "address", "port", "debug",
933
"priority", "servicename", "configdir"):
2060
"priority", "servicename", "configdir",
2061
"use_dbus", "use_ipv6", "debuglevel", "restore",
2062
"statedir"):
934
2063
value = getattr(options, option)
935
2064
if value is not None:
936
2065
server_settings[option] = value
937
2066
del options
2067
# Force all strings to be unicode
2068
for option in server_settings.keys():
2069
if type(server_settings[option]) is str:
2070
server_settings[option] = unicode(server_settings[option])
938
2071
# Now we have our good server settings in "server_settings"
939
2072
2073
##################################################################
2074
2075
# For convenience
940
2076
debug = server_settings["debug"]
2077
debuglevel = server_settings["debuglevel"]
2078
use_dbus = server_settings["use_dbus"]
2079
use_ipv6 = server_settings["use_ipv6"]
2080
stored_state_path = os.path.join(server_settings["statedir"],
2081
stored_state_file)
941
2082
942
if not debug:
943
syslogger.setLevel(logging.WARNING)
944
console.setLevel(logging.WARNING)
2083
if debug:
2084
initlogger(debug, logging.DEBUG)
2085
else:
2086
if not debuglevel:
2087
initlogger(debug)
2088
else:
2089
level = getattr(logging, debuglevel.upper())
2090
initlogger(debug, level)
945
2091
946
2092
if server_settings["servicename"] != "Mandos":
947
2093
syslogger.setFormatter(logging.Formatter
948
('Mandos (%s): %%(levelname)s:'
949
' %%(message)s'
2094
('Mandos (%s) [%%(process)d]:'
2095
' %%(levelname)s: %%(message)s'
950
2096
% server_settings["servicename"]))
951
2097
952
2098
# Parse config file with clients
953
client_defaults = { "timeout": "1h",
954
"interval": "5m",
955
"checker": "fping -q -- %(host)s",
956
"host": "",
957
}
958
client_config = ConfigParser.SafeConfigParser(client_defaults)
2099
client_config = configparser.SafeConfigParser(Client
2100
.client_defaults)
959
2101
client_config.read(os.path.join(server_settings["configdir"],
960
2102
"clients.conf"))
961
2103
962
clients = Set()
963
tcp_server = IPv6_TCPServer((server_settings["address"],
964
server_settings["port"]),
965
TCP_handler,
966
settings=server_settings,
967
clients=clients)
968
pidfilename = "/var/run/mandos.pid"
969
try:
970
pidfile = open(pidfilename, "w")
971
except IOError, error:
972
logger.error("Could not open file %r", pidfilename)
973
974
uid = 65534
975
gid = 65534
976
try:
977
uid = pwd.getpwnam("mandos").pw_uid
978
except KeyError:
979
try:
980
uid = pwd.getpwnam("nobody").pw_uid
981
except KeyError:
982
pass
983
try:
984
gid = pwd.getpwnam("mandos").pw_gid
985
except KeyError:
986
try:
987
gid = pwd.getpwnam("nogroup").pw_gid
988
except KeyError:
989
pass
990
try:
2104
global mandos_dbus_service
2105
mandos_dbus_service = None
2106
2107
tcp_server = MandosServer((server_settings["address"],
2108
server_settings["port"]),
2109
ClientHandler,
2110
interface=(server_settings["interface"]
2111
or None),
2112
use_ipv6=use_ipv6,
2113
gnutls_priority=
2114
server_settings["priority"],
2115
use_dbus=use_dbus)
2116
if not debug:
2117
pidfilename = "/var/run/mandos.pid"
2118
try:
2119
pidfile = open(pidfilename, "w")
2120
except IOError:
2121
logger.error("Could not open file %r", pidfilename)
2122
2123
try:
2124
uid = pwd.getpwnam("_mandos").pw_uid
2125
gid = pwd.getpwnam("_mandos").pw_gid
2126
except KeyError:
2127
try:
2128
uid = pwd.getpwnam("mandos").pw_uid
2129
gid = pwd.getpwnam("mandos").pw_gid
2130
except KeyError:
2131
try:
2132
uid = pwd.getpwnam("nobody").pw_uid
2133
gid = pwd.getpwnam("nobody").pw_gid
2134
except KeyError:
2135
uid = 65534
2136
gid = 65534
2137
try:
2138
os.setgid(gid)
991
2139
os.setuid(uid)
992
os.setgid(gid)
993
except OSError, error:
2140
except OSError as error:
994
2141
if error[0] != errno.EPERM:
995
2142
raise error
996
2143
997
global service
998
service = AvahiService(name = server_settings["servicename"],
999
servicetype = "_mandos._tcp", )
1000
if server_settings["interface"]:
1001
service.interface = (if_nametoindex
1002
(server_settings["interface"]))
2144
if debug:
2145
# Enable all possible GnuTLS debugging
2146
2147
# "Use a log level over 10 to enable all debugging options."
2148
# - GnuTLS manual
2149
gnutls.library.functions.gnutls_global_set_log_level(11)
2150
2151
@gnutls.library.types.gnutls_log_func
2152
def debug_gnutls(level, string):
2153
logger.debug("GnuTLS: %s", string[:-1])
2154
2155
(gnutls.library.functions
2156
.gnutls_global_set_log_function(debug_gnutls))
2157
2158
# Redirect stdin so all checkers get /dev/null
2159
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
2160
os.dup2(null, sys.stdin.fileno())
2161
if null > 2:
2162
os.close(null)
2163
2164
# Need to fork before connecting to D-Bus
2165
if not debug:
2166
# Close all input and output, do double fork, etc.
2167
daemon()
2168
2169
gobject.threads_init()
1003
2170
1004
2171
global main_loop
1005
global bus
1006
global server
1007
2172
# From the Avahi example code
1008
2173
DBusGMainLoop(set_as_default=True )
1009
2174
main_loop = gobject.MainLoop()
1010
2175
bus = dbus.SystemBus()
1011
server = dbus.Interface(bus.get_object(avahi.DBUS_NAME,
1012
avahi.DBUS_PATH_SERVER),
1013
avahi.DBUS_INTERFACE_SERVER)
1014
2176
# End of Avahi example code
1015
bus_name = dbus.service.BusName(u"org.mandos-system.Mandos", bus)
1016
1017
def remove_from_clients(client):
1018
clients.remove(client)
1019
if not clients:
1020
logger.critical(u"No clients left, exiting")
1021
sys.exit()
1022
1023
clients.update(Set(Client(name = section,
1024
stop_hook = remove_from_clients,
1025
config
1026
= dict(client_config.items(section)))
1027
for section in client_config.sections()))
1028
if not clients:
1029
logger.critical(u"No clients defined")
1030
sys.exit(1)
1031
1032
if debug:
1033
# Redirect stdin so all checkers get /dev/null
1034
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1035
os.dup2(null, sys.stdin.fileno())
1036
if null > 2:
1037
os.close(null)
1038
else:
1039
# No console logging
1040
logger.removeHandler(console)
1041
# Close all input and output, do double fork, etc.
1042
daemon()
1043
1044
try:
1045
pid = os.getpid()
1046
pidfile.write(str(pid) + "\n")
1047
pidfile.close()
1048
del pidfile
1049
except IOError:
1050
logger.error(u"Could not write to file %r with PID %d",
1051
pidfilename, pid)
1052
except NameError:
1053
# "pidfile" was never created
1054
pass
1055
del pidfilename
2177
if use_dbus:
2178
try:
2179
bus_name = dbus.service.BusName("se.recompile.Mandos",
2180
bus, do_not_queue=True)
2181
old_bus_name = (dbus.service.BusName
2182
("se.bsnet.fukt.Mandos", bus,
2183
do_not_queue=True))
2184
except dbus.exceptions.NameExistsException as e:
2185
logger.error(unicode(e) + ", disabling D-Bus")
2186
use_dbus = False
2187
server_settings["use_dbus"] = False
2188
tcp_server.use_dbus = False
2189
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
2190
service = AvahiServiceToSyslog(name =
2191
server_settings["servicename"],
2192
servicetype = "_mandos._tcp",
2193
protocol = protocol, bus = bus)
2194
if server_settings["interface"]:
2195
service.interface = (if_nametoindex
2196
(str(server_settings["interface"])))
2197
2198
global multiprocessing_manager
2199
multiprocessing_manager = multiprocessing.Manager()
2200
2201
client_class = Client
2202
if use_dbus:
2203
client_class = functools.partial(ClientDBusTransitional,
2204
bus = bus)
2205
2206
client_settings = Client.config_parser(client_config)
2207
old_client_settings = {}
2208
clients_data = {}
2209
2210
# Get client data and settings from last running state.
2211
if server_settings["restore"]:
2212
try:
2213
with open(stored_state_path, "rb") as stored_state:
2214
clients_data, old_client_settings = (pickle.load
2215
(stored_state))
2216
os.remove(stored_state_path)
2217
except IOError as e:
2218
logger.warning("Could not load persistent state: {0}"
2219
.format(e))
2220
if e.errno != errno.ENOENT:
2221
raise
2222
except EOFError as e:
2223
logger.warning("Could not load persistent state: "
2224
"EOFError: {0}".format(e))
2225
2226
with PGPEngine() as pgp:
2227
for client_name, client in clients_data.iteritems():
2228
# Decide which value to use after restoring saved state.
2229
# We have three different values: Old config file,
2230
# new config file, and saved state.
2231
# New config value takes precedence if it differs from old
2232
# config value, otherwise use saved state.
2233
for name, value in client_settings[client_name].items():
2234
try:
2235
# For each value in new config, check if it
2236
# differs from the old config value (Except for
2237
# the "secret" attribute)
2238
if (name != "secret" and
2239
value != old_client_settings[client_name]
2240
[name]):
2241
client[name] = value
2242
except KeyError:
2243
pass
2244
2245
# Clients who has passed its expire date can still be
2246
# enabled if its last checker was successful. Clients
2247
# whose checker succeeded before we stored its state is
2248
# assumed to have successfully run all checkers during
2249
# downtime.
2250
if client["enabled"]:
2251
if datetime.datetime.utcnow() >= client["expires"]:
2252
if not client["last_checked_ok"]:
2253
logger.warning(
2254
"disabling client {0} - Client never "
2255
"performed a successful checker"
2256
.format(client_name))
2257
client["enabled"] = False
2258
elif client["last_checker_status"] != 0:
2259
logger.warning(
2260
"disabling client {0} - Client "
2261
"last checker failed with error code {1}"
2262
.format(client_name,
2263
client["last_checker_status"]))
2264
client["enabled"] = False
2265
else:
2266
client["expires"] = (datetime.datetime
2267
.utcnow()
2268
+ client["timeout"])
2269
logger.debug("Last checker succeeded,"
2270
" keeping {0} enabled"
2271
.format(client_name))
2272
try:
2273
client["secret"] = (
2274
pgp.decrypt(client["encrypted_secret"],
2275
client_settings[client_name]
2276
["secret"]))
2277
except PGPError:
2278
# If decryption fails, we use secret from new settings
2279
logger.debug("Failed to decrypt {0} old secret"
2280
.format(client_name))
2281
client["secret"] = (
2282
client_settings[client_name]["secret"])
2283
2284
2285
# Add/remove clients based on new changes made to config
2286
for client_name in (set(old_client_settings)
2287
- set(client_settings)):
2288
del clients_data[client_name]
2289
for client_name in (set(client_settings)
2290
- set(old_client_settings)):
2291
clients_data[client_name] = client_settings[client_name]
2292
2293
# Create all client objects
2294
for client_name, client in clients_data.iteritems():
2295
tcp_server.clients[client_name] = client_class(
2296
name = client_name, settings = client)
2297
2298
if not tcp_server.clients:
2299
logger.warning("No clients defined")
2300
2301
if not debug:
2302
try:
2303
with pidfile:
2304
pid = os.getpid()
2305
pidfile.write(str(pid) + "\n".encode("utf-8"))
2306
del pidfile
2307
except IOError:
2308
logger.error("Could not write to file %r with PID %d",
2309
pidfilename, pid)
2310
except NameError:
2311
# "pidfile" was never created
2312
pass
2313
del pidfilename
2314
signal.signal(signal.SIGINT, signal.SIG_IGN)
2315
2316
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
2317
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
2318
2319
if use_dbus:
2320
class MandosDBusService(dbus.service.Object):
2321
"""A D-Bus proxy object"""
2322
def __init__(self):
2323
dbus.service.Object.__init__(self, bus, "/")
2324
_interface = "se.recompile.Mandos"
2325
2326
@dbus.service.signal(_interface, signature="o")
2327
def ClientAdded(self, objpath):
2328
"D-Bus signal"
2329
pass
2330
2331
@dbus.service.signal(_interface, signature="ss")
2332
def ClientNotFound(self, fingerprint, address):
2333
"D-Bus signal"
2334
pass
2335
2336
@dbus.service.signal(_interface, signature="os")
2337
def ClientRemoved(self, objpath, name):
2338
"D-Bus signal"
2339
pass
2340
2341
@dbus.service.method(_interface, out_signature="ao")
2342
def GetAllClients(self):
2343
"D-Bus method"
2344
return dbus.Array(c.dbus_object_path
2345
for c in
2346
tcp_server.clients.itervalues())
2347
2348
@dbus.service.method(_interface,
2349
out_signature="a{oa{sv}}")
2350
def GetAllClientsWithProperties(self):
2351
"D-Bus method"
2352
return dbus.Dictionary(
2353
((c.dbus_object_path, c.GetAll(""))
2354
for c in tcp_server.clients.itervalues()),
2355
signature="oa{sv}")
2356
2357
@dbus.service.method(_interface, in_signature="o")
2358
def RemoveClient(self, object_path):
2359
"D-Bus method"
2360
for c in tcp_server.clients.itervalues():
2361
if c.dbus_object_path == object_path:
2362
del tcp_server.clients[c.name]
2363
c.remove_from_connection()
2364
# Don't signal anything except ClientRemoved
2365
c.disable(quiet=True)
2366
# Emit D-Bus signal
2367
self.ClientRemoved(object_path, c.name)
2368
return
2369
raise KeyError(object_path)
2370
2371
del _interface
2372
2373
class MandosDBusServiceTransitional(MandosDBusService):
2374
__metaclass__ = AlternateDBusNamesMetaclass
2375
mandos_dbus_service = MandosDBusServiceTransitional()
1056
2376
1057
2377
def cleanup():
1058
2378
"Cleanup function; run on exit"
1059
global group
1060
# From the Avahi example code
1061
if not group is None:
1062
group.Free()
1063
group = None
1064
# End of Avahi example code
1065
1066
while clients:
1067
client = clients.pop()
1068
client.stop_hook = None
1069
client.stop()
2379
service.cleanup()
2380
2381
multiprocessing.active_children()
2382
if not (tcp_server.clients or client_settings):
2383
return
2384
2385
# Store client before exiting. Secrets are encrypted with key
2386
# based on what config file has. If config file is
2387
# removed/edited, old secret will thus be unrecovable.
2388
clients = {}
2389
with PGPEngine() as pgp:
2390
for client in tcp_server.clients.itervalues():
2391
key = client_settings[client.name]["secret"]
2392
client.encrypted_secret = pgp.encrypt(client.secret,
2393
key)
2394
client_dict = {}
2395
2396
# A list of attributes that can not be pickled
2397
# + secret.
2398
exclude = set(("bus", "changedstate", "secret",
2399
"checker"))
2400
for name, typ in (inspect.getmembers
2401
(dbus.service.Object)):
2402
exclude.add(name)
2403
2404
client_dict["encrypted_secret"] = (client
2405
.encrypted_secret)
2406
for attr in client.client_structure:
2407
if attr not in exclude:
2408
client_dict[attr] = getattr(client, attr)
2409
2410
clients[client.name] = client_dict
2411
del client_settings[client.name]["secret"]
2412
2413
try:
2414
tempfd, tempname = tempfile.mkstemp(suffix=".pickle",
2415
prefix="clients-",
2416
dir=os.path.dirname
2417
(stored_state_path))
2418
with os.fdopen(tempfd, "wb") as stored_state:
2419
pickle.dump((clients, client_settings), stored_state)
2420
os.rename(tempname, stored_state_path)
2421
except (IOError, OSError) as e:
2422
logger.warning("Could not save persistent state: {0}"
2423
.format(e))
2424
if not debug:
2425
try:
2426
os.remove(tempname)
2427
except NameError:
2428
pass
2429
if e.errno not in set((errno.ENOENT, errno.EACCES,
2430
errno.EEXIST)):
2431
raise e
2432
2433
# Delete all clients, and settings from config
2434
while tcp_server.clients:
2435
name, client = tcp_server.clients.popitem()
2436
if use_dbus:
2437
client.remove_from_connection()
2438
# Don't signal anything except ClientRemoved
2439
client.disable(quiet=True)
2440
if use_dbus:
2441
# Emit D-Bus signal
2442
mandos_dbus_service.ClientRemoved(client
2443
.dbus_object_path,
2444
client.name)
2445
client_settings.clear()
1070
2446
1071
2447
atexit.register(cleanup)
1072
2448
1073
if not debug:
1074
signal.signal(signal.SIGINT, signal.SIG_IGN)
1075
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
1076
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
1077
1078
for client in clients:
1079
client.start()
2449
for client in tcp_server.clients.itervalues():
2450
if use_dbus:
2451
# Emit D-Bus signal
2452
mandos_dbus_service.ClientAdded(client.dbus_object_path)
2453
# Need to initiate checking of clients
2454
if client.enabled:
2455
client.init_checker()
1080
2456
1081
2457
tcp_server.enable()
1082
2458
tcp_server.server_activate()
1083
2459
1084
2460
# Find out what port we got
1085
2461
service.port = tcp_server.socket.getsockname()[1]
1086
logger.info(u"Now listening on address %r, port %d, flowinfo %d,"
1087
u" scope_id %d" % tcp_server.socket.getsockname())
2462
if use_ipv6:
2463
logger.info("Now listening on address %r, port %d,"
2464
" flowinfo %d, scope_id %d"
2465
% tcp_server.socket.getsockname())
2466
else: # IPv4
2467
logger.info("Now listening on address %r, port %d"
2468
% tcp_server.socket.getsockname())
1088
2469
1089
2470
#service.interface = tcp_server.socket.getsockname()[3]
1090
2471
1091
2472
try:
1092
2473
# From the Avahi example code
1093
server.connect_to_signal("StateChanged", server_state_changed)
1094
2474
try:
1095
server_state_changed(server.GetState())
1096
except dbus.exceptions.DBusException, error:
1097
logger.critical(u"DBusException: %s", error)
2475
service.activate()
2476
except dbus.exceptions.DBusException as error:
2477
logger.critical("DBusException: %s", error)
2478
cleanup()
1098
2479
sys.exit(1)
1099
2480
# End of Avahi example code
1100
2481
1103
2484
(tcp_server.handle_request
1104
2485
(*args[2:], **kwargs) or True))
1105
2486
1106
logger.debug(u"Starting main loop")
2487
logger.debug("Starting main loop")
1107
2488
main_loop.run()
1108
except AvahiError, error:
1109
logger.critical(u"AvahiError: %s" + unicode(error))
2489
except AvahiError as error:
2490
logger.critical("AvahiError: %s", error)
2491
cleanup()
1110
2492
sys.exit(1)
1111
2493
except KeyboardInterrupt:
1112
2494
if debug:
1113
print
2495
print("", file=sys.stderr)
2496
logger.debug("Server received KeyboardInterrupt")
2497
logger.debug("Server exiting")
2498
# Must run before the D-Bus bus name gets deregistered
2499
cleanup()
1114
2500
1115
2501
if __name__ == '__main__':
1116
2502
main()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0