1
#!/usr/bin/python3 -bbI
2
2
# -*- mode: python; coding: utf-8 -*-
4
4
# Mandos Monitor - Control and monitor the Mandos server
6
# Copyright © 2009-2015 Teddy Hogeborn
7
# Copyright © 2009-2015 Björn Påhlsson
9
# This program is free software: you can redistribute it and/or modify
10
# it under the terms of the GNU General Public License as published by
6
# Copyright © 2009-2019 Teddy Hogeborn
7
# Copyright © 2009-2019 Björn Påhlsson
9
# This file is part of Mandos.
11
# Mandos is free software: you can redistribute it and/or modify it
12
# under the terms of the GNU General Public License as published by
11
13
# the Free Software Foundation, either version 3 of the License, or
12
14
# (at your option) any later version.
14
# This program is distributed in the hope that it will be useful,
15
# but WITHOUT ANY WARRANTY; without even the implied warranty of
16
# Mandos is distributed in the hope that it will be useful, but
17
# WITHOUT ANY WARRANTY; without even the implied warranty of
16
18
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17
19
# GNU General Public License for more details.
19
21
# You should have received a copy of the GNU General Public License
20
# along with this program. If not, see
21
# <http://www.gnu.org/licenses/>.
22
# along with Mandos. If not, see <http://www.gnu.org/licenses/>.
23
24
# Contact the authors at <mandos@recompile.se>.
26
27
from __future__ import (division, absolute_import, print_function,
38
41
import urwid.curses_display
41
44
from dbus.mainloop.glib import DBusGMainLoop
45
from gi.repository import GObject as gobject
45
from gi.repository import GLib
51
49
if sys.version_info.major == 2:
54
locale.setlocale(locale.LC_ALL, '')
57
logging.getLogger('dbus.proxies').setLevel(logging.CRITICAL)
53
log = logging.getLogger(os.path.basename(sys.argv[0]))
54
logging.basicConfig(level="NOTSET", # Show all messages
55
format="%(message)s") # Show basic log messages
57
logging.captureWarnings(True) # Show warnings via the logging system
59
locale.setlocale(locale.LC_ALL, "")
61
logging.getLogger("dbus.proxies").setLevel(logging.CRITICAL)
59
63
# Some useful constants
60
domain = 'se.recompile'
61
server_interface = domain + '.Mandos'
62
client_interface = domain + '.Mandos.Client'
64
domain = "se.recompile"
65
server_interface = domain + ".Mandos"
66
client_interface = domain + ".Mandos.Client"
70
dbus.OBJECT_MANAGER_IFACE
71
except AttributeError:
72
dbus.OBJECT_MANAGER_IFACE = "org.freedesktop.DBus.ObjectManager"
65
75
def isoformat_to_datetime(iso):
66
76
"Parse an ISO 8601 date string to a datetime.datetime()"
78
int(second), # Whole seconds
79
int(fraction*1000000)) # Microseconds
81
class MandosClientPropertyCache(object):
88
int(second), # Whole seconds
89
int(fraction*1000000)) # Microseconds
92
class MandosClientPropertyCache:
82
93
"""This wraps a Mandos Client D-Bus proxy object, caches the
83
94
properties and calls a hook function when any of them are
86
97
def __init__(self, proxy_object=None, properties=None, **kwargs):
87
self.proxy = proxy_object # Mandos Client proxy object
98
self.proxy = proxy_object # Mandos Client proxy object
88
99
self.properties = dict() if properties is None else properties
89
100
self.property_changed_match = (
90
101
self.proxy.connect_to_signal("PropertiesChanged",
91
102
self.properties_changed,
92
103
dbus.PROPERTIES_IFACE,
93
104
byte_arrays=True))
95
106
if properties is None:
96
self.properties.update(
97
self.proxy.GetAll(client_interface,
99
= dbus.PROPERTIES_IFACE))
107
self.properties.update(self.proxy.GetAll(
109
dbus_interface=dbus.PROPERTIES_IFACE))
101
111
super(MandosClientPropertyCache, self).__init__(**kwargs)
103
113
def properties_changed(self, interface, properties, invalidated):
104
114
"""This is called whenever we get a PropertiesChanged signal
105
115
It updates the changed properties in the "properties" dict.
107
117
# Update properties dict with new value
108
self.properties.update(properties)
118
if interface == client_interface:
119
self.properties.update(properties)
110
121
def delete(self):
111
122
self.property_changed_match.remove()
158
167
client_interface,
159
168
byte_arrays=True))
160
self.logger('Created client {}'
161
.format(self.properties["Name"]), level=0)
169
log.debug("Created client %s", self.properties["Name"])
163
171
def using_timer(self, flag):
164
172
"""Call this method with True or False when timer should be
165
173
activated or deactivated.
167
175
if flag and self._update_timer_callback_tag is None:
168
176
# Will update the shown timer value every second
169
self._update_timer_callback_tag = (gobject.timeout_add
177
self._update_timer_callback_tag = (
178
GLib.timeout_add(1000,
179
glib_safely(self.update_timer)))
172
180
elif not (flag or self._update_timer_callback_tag is None):
173
gobject.source_remove(self._update_timer_callback_tag)
181
GLib.source_remove(self._update_timer_callback_tag)
174
182
self._update_timer_callback_tag = None
176
184
def checker_completed(self, exitstatus, condition, command):
177
185
if exitstatus == 0:
178
self.logger('Checker for client {} (command "{}")'
179
' succeeded'.format(self.properties["Name"],
186
log.debug('Checker for client %s (command "%s")'
187
" succeeded", self.properties["Name"], command)
184
191
if os.WIFEXITED(condition):
185
self.logger('Checker for client {} (command "{}") failed'
187
.format(self.properties["Name"], command,
188
os.WEXITSTATUS(condition)))
192
log.info('Checker for client %s (command "%s") failed'
193
" with exit code %d", self.properties["Name"],
194
command, os.WEXITSTATUS(condition))
189
195
elif os.WIFSIGNALED(condition):
190
self.logger('Checker for client {} (command "{}") was'
191
' killed by signal {}'
192
.format(self.properties["Name"], command,
193
os.WTERMSIG(condition)))
196
log.info('Checker for client %s (command "%s") was'
197
" killed by signal %d", self.properties["Name"],
198
command, os.WTERMSIG(condition))
196
201
def checker_started(self, command):
197
202
"""Server signals that a checker started."""
198
self.logger('Client {} started checker "{}"'
199
.format(self.properties["Name"],
203
log.debug('Client %s started checker "%s"',
204
self.properties["Name"], command)
202
206
def got_secret(self):
203
self.logger('Client {} received its secret'
204
.format(self.properties["Name"]))
207
log.info("Client %s received its secret",
208
self.properties["Name"])
206
210
def need_approval(self, timeout, default):
208
message = 'Client {} needs approval within {} seconds'
212
message = "Client %s needs approval within %f seconds"
210
message = 'Client {} will get its secret in {} seconds'
211
self.logger(message.format(self.properties["Name"],
214
message = "Client %s will get its secret in %f seconds"
215
log.info(message, self.properties["Name"], timeout/1000)
214
217
def rejected(self, reason):
215
self.logger('Client {} was rejected; reason: {}'
216
.format(self.properties["Name"], reason))
218
log.info("Client %s was rejected; reason: %s",
219
self.properties["Name"], reason)
218
221
def selectable(self):
219
222
"""Make this a "selectable" widget.
220
223
This overrides the method from urwid.FlowWidget."""
223
226
def rows(self, maxcolrow, focus=False):
224
227
"""How many rows this widget will occupy might depend on
225
228
whether we have focus or not.
226
229
This overrides the method from urwid.FlowWidget"""
227
230
return self.current_widget(focus).rows(maxcolrow, focus=focus)
229
232
def current_widget(self, focus=False):
230
233
if focus or self.opened:
231
234
return self._focus_widget
232
235
return self._widget
234
237
def update(self):
235
238
"Called when what is visible on the screen should be updated."
236
239
# How to add standout mode to a style
237
with_standout = { "normal": "standout",
238
"bold": "bold-standout",
240
"underline-blink-standout",
241
"bold-underline-blink":
242
"bold-underline-blink-standout",
240
with_standout = {"normal": "standout",
241
"bold": "bold-standout",
243
"underline-blink-standout",
244
"bold-underline-blink":
245
"bold-underline-blink-standout",
245
248
# Rebuild focus and non-focus widgets using current properties
247
250
# Base part of a client. Name!
248
base = '{name}: '.format(name=self.properties["Name"])
251
base = "{name}: ".format(name=self.properties["Name"])
249
252
if not self.properties["Enabled"]:
250
253
message = "DISABLED"
251
254
self.using_timer(False)
252
255
elif self.properties["ApprovalPending"]:
253
timeout = datetime.timedelta(milliseconds
256
timeout = datetime.timedelta(
257
milliseconds=self.properties["ApprovalDelay"])
256
258
last_approval_request = isoformat_to_datetime(
257
259
self.properties["LastApprovalRequest"])
258
260
if last_approval_request is not None:
318
321
if self.delete_hook is not None:
319
322
self.delete_hook(self)
320
323
return super(MandosClientWidget, self).delete(**kwargs)
322
325
def render(self, maxcolrow, focus=False):
323
326
"""Render differently if we have focus.
324
327
This overrides the method from urwid.FlowWidget"""
325
328
return self.current_widget(focus).render(maxcolrow,
328
331
def keypress(self, maxcolrow, key):
330
333
This overrides the method from urwid.FlowWidget"""
332
335
self.proxy.Set(client_interface, "Enabled",
333
dbus.Boolean(True), ignore_reply = True,
334
dbus_interface = dbus.PROPERTIES_IFACE)
336
dbus.Boolean(True), ignore_reply=True,
337
dbus_interface=dbus.PROPERTIES_IFACE)
336
339
self.proxy.Set(client_interface, "Enabled", False,
338
dbus_interface = dbus.PROPERTIES_IFACE)
341
dbus_interface=dbus.PROPERTIES_IFACE)
340
343
self.proxy.Approve(dbus.Boolean(True, variant_level=1),
341
dbus_interface = client_interface,
344
dbus_interface=client_interface,
342
345
ignore_reply=True)
344
347
self.proxy.Approve(dbus.Boolean(False, variant_level=1),
345
dbus_interface = client_interface,
348
dbus_interface=client_interface,
346
349
ignore_reply=True)
347
350
elif key == "R" or key == "_" or key == "ctrl k":
348
351
self.server_proxy_object.RemoveClient(self.proxy
350
353
ignore_reply=True)
352
355
self.proxy.Set(client_interface, "CheckerRunning",
353
dbus.Boolean(True), ignore_reply = True,
354
dbus_interface = dbus.PROPERTIES_IFACE)
356
dbus.Boolean(True), ignore_reply=True,
357
dbus_interface=dbus.PROPERTIES_IFACE)
356
359
self.proxy.Set(client_interface, "CheckerRunning",
357
dbus.Boolean(False), ignore_reply = True,
358
dbus_interface = dbus.PROPERTIES_IFACE)
360
dbus.Boolean(False), ignore_reply=True,
361
dbus_interface=dbus.PROPERTIES_IFACE)
360
self.proxy.CheckedOK(dbus_interface = client_interface,
363
self.proxy.CheckedOK(dbus_interface=client_interface,
361
364
ignore_reply=True)
363
366
# elif key == "p" or key == "=":
387
def glib_safely(func, retval=True):
388
def safe_func(*args, **kwargs):
390
return func(*args, **kwargs)
384
397
class ConstrainedListBox(urwid.ListBox):
385
398
"""Like a normal urwid.ListBox, but will consume all "up" or
386
399
"down" key presses, thus not allowing any containing widgets to
387
400
use them as an excuse to shift focus away from this widget.
389
402
def keypress(self, *args, **kwargs):
390
ret = super(ConstrainedListBox, self).keypress(*args, **kwargs)
403
ret = (super(ConstrainedListBox, self)
404
.keypress(*args, **kwargs))
391
405
if ret in ("up", "down"):
396
class UserInterface(object):
397
411
"""This is the entire user interface - the whole screen
398
412
with boxes, lists of client widgets, etc.
400
def __init__(self, max_log_length=1000, log_level=1):
414
def __init__(self, max_log_length=1000):
401
415
DBusGMainLoop(set_as_default=True)
403
417
self.screen = urwid.curses_display.Screen()
405
419
self.screen.register_palette((
407
421
"default", "default", None),
422
437
"bold,underline,blink,standout", "default",
423
438
"bold,underline,blink,standout"),
426
441
if urwid.supports_unicode():
427
self.divider = "─" # \u2500
428
#self.divider = "━" # \u2501
442
self.divider = "─" # \u2500
430
#self.divider = "-" # \u002d
431
self.divider = "_" # \u005f
444
self.divider = "_" # \u005f
433
446
self.screen.start()
435
448
self.size = self.screen.get_cols_rows()
437
450
self.clients = urwid.SimpleListWalker([])
438
451
self.clients_dict = {}
440
453
# We will add Text widgets to this list
454
self.log = urwid.SimpleListWalker([])
442
455
self.max_log_length = max_log_length
444
self.log_level = log_level
446
457
# We keep a reference to the log widget so we can remove it
447
458
# from the ListWalker without it getting destroyed
448
459
self.logbox = ConstrainedListBox(self.log)
450
461
# This keeps track of whether self.uilist currently has
451
462
# self.logbox in it or not
452
463
self.log_visible = True
453
464
self.log_wrap = "any"
466
self.loghandler = UILogHandler(self)
456
self.log_message_raw(("bold",
457
"Mandos Monitor version " + version))
458
self.log_message_raw(("bold",
461
self.busname = domain + '.Mandos'
462
self.main_loop = gobject.MainLoop()
464
def client_not_found(self, fingerprint, address):
465
self.log_message("Client with address {} and fingerprint {}"
466
" could not be found"
467
.format(address, fingerprint))
469
self.add_log_line(("bold",
470
"Mandos Monitor version " + version))
471
self.add_log_line(("bold", "q: Quit ?: Help"))
473
self.busname = domain + ".Mandos"
474
self.main_loop = GLib.MainLoop()
476
def client_not_found(self, key_id, address):
477
log.info("Client with address %s and key ID %s could"
478
" not be found", address, key_id)
469
480
def rebuild(self):
470
481
"""This rebuilds the User Interface.
471
482
Call this when the widget layout needs to change"""
473
#self.uilist.append(urwid.ListBox(self.clients))
484
# self.uilist.append(urwid.ListBox(self.clients))
474
485
self.uilist.append(urwid.Frame(ConstrainedListBox(self.
476
#header=urwid.Divider(),
487
# header=urwid.Divider(),
479
urwid.Divider(div_char=
489
footer=urwid.Divider(
490
div_char=self.divider)))
481
491
if self.log_visible:
482
492
self.uilist.append(self.logbox)
483
493
self.topwidget = urwid.Pile(self.uilist)
485
def log_message(self, message, level=1):
486
"""Log message formatted with timestamp"""
487
if level < self.log_level:
489
timestamp = datetime.datetime.now().isoformat()
490
self.log_message_raw("{}: {}".format(timestamp, message),
493
def log_message_raw(self, markup, level=1):
494
"""Add a log message to the log buffer."""
495
if level < self.log_level:
495
def add_log_line(self, markup):
497
496
self.log.append(urwid.Text(markup, wrap=self.log_wrap))
498
if (self.max_log_length
499
and len(self.log) > self.max_log_length):
500
del self.log[0:len(self.log)-self.max_log_length-1]
501
self.logbox.set_focus(len(self.logbox.body.contents),
497
if self.max_log_length:
498
if len(self.log) > self.max_log_length:
499
del self.log[0:(len(self.log) - self.max_log_length)]
500
self.logbox.set_focus(len(self.logbox.body.contents)-1,
502
501
coming_from="above")
505
504
def toggle_log_display(self):
506
505
"""Toggle visibility of the log buffer."""
507
506
self.log_visible = not self.log_visible
509
self.log_message("Log visibility changed to: {}"
510
.format(self.log_visible), level=0)
508
log.debug("Log visibility changed to: %s", self.log_visible)
512
510
def change_log_display(self):
513
511
"""Change type of log display.
514
512
Currently, this toggles wrapping of text lines."""
518
516
self.log_wrap = "clip"
519
517
for textwidget in self.log:
520
518
textwidget.set_wrap_mode(self.log_wrap)
521
self.log_message("Wrap mode: {}".format(self.log_wrap),
524
def find_and_remove_client(self, path, name):
519
log.debug("Wrap mode: %s", self.log_wrap)
521
def find_and_remove_client(self, path, interfaces):
525
522
"""Find a client by its object path and remove it.
527
This is connected to the ClientRemoved signal from the
524
This is connected to the InterfacesRemoved signal from the
528
525
Mandos server object."""
526
if client_interface not in interfaces:
527
# Not a Mandos client object; ignore
530
530
client = self.clients_dict[path]
533
self.log_message("Unknown client {!r} ({!r}) removed"
533
log.warning("Unknown client %s removed", path)
538
def add_new_client(self, path):
537
def add_new_client(self, path, ifs_and_props):
538
"""Find a client by its object path and remove it.
540
This is connected to the InterfacesAdded signal from the
541
Mandos server object.
543
if client_interface not in ifs_and_props:
544
# Not a Mandos client object; ignore
539
546
client_proxy_object = self.bus.get_object(self.busname, path)
540
self.add_client(MandosClientWidget(server_proxy_object
543
=client_proxy_object,
547
self.add_client(MandosClientWidget(
548
server_proxy_object=self.mandos_serv,
549
proxy_object=client_proxy_object,
550
update_hook=self.refresh,
551
delete_hook=self.remove_client,
552
properties=dict(ifs_and_props[client_interface])),
552
555
def add_client(self, client, path=None):
553
556
self.clients.append(client)
556
559
self.clients_dict[path] = client
557
560
self.clients.sort(key=lambda c: c.properties["Name"])
560
563
def remove_client(self, client, path=None):
561
564
self.clients.remove(client)
563
566
path = client.proxy.object_path
564
567
del self.clients_dict[path]
567
570
def refresh(self):
568
571
"""Redraw the screen"""
569
572
canvas = self.topwidget.render(self.size, focus=True)
570
573
self.screen.draw_screen(self.size, canvas)
573
576
"""Start the main loop and exit when it's done."""
577
log.addHandler(self.loghandler)
578
self.orig_log_propagate = log.propagate
579
log.propagate = False
580
self.orig_log_level = log.level
574
582
self.bus = dbus.SystemBus()
575
583
mandos_dbus_objc = self.bus.get_object(
576
584
self.busname, "/", follow_name_owner_changes=True)
577
self.mandos_serv = dbus.Interface(mandos_dbus_objc,
585
self.mandos_serv = dbus.Interface(
586
mandos_dbus_objc, dbus_interface=server_interface)
581
588
mandos_clients = (self.mandos_serv
582
589
.GetAllClientsWithProperties())
583
590
if not mandos_clients:
584
self.log_message_raw(("bold", "Note: Server has no clients."))
591
log.warning("Note: Server has no clients.")
585
592
except dbus.exceptions.DBusException:
586
self.log_message_raw(("bold", "Note: No Mandos server running."))
593
log.warning("Note: No Mandos server running.")
587
594
mandos_clients = dbus.Dictionary()
589
596
(self.mandos_serv
590
.connect_to_signal("ClientRemoved",
597
.connect_to_signal("InterfacesRemoved",
591
598
self.find_and_remove_client,
592
dbus_interface=server_interface,
599
dbus_interface=dbus.OBJECT_MANAGER_IFACE,
593
600
byte_arrays=True))
594
601
(self.mandos_serv
595
.connect_to_signal("ClientAdded",
602
.connect_to_signal("InterfacesAdded",
596
603
self.add_new_client,
597
dbus_interface=server_interface,
604
dbus_interface=dbus.OBJECT_MANAGER_IFACE,
598
605
byte_arrays=True))
599
606
(self.mandos_serv
600
607
.connect_to_signal("ClientNotFound",
604
611
for path, client in mandos_clients.items():
605
612
client_proxy_object = self.bus.get_object(self.busname,
607
self.add_client(MandosClientWidget(server_proxy_object
610
=client_proxy_object,
614
self.add_client(MandosClientWidget(
615
server_proxy_object=self.mandos_serv,
616
proxy_object=client_proxy_object,
618
update_hook=self.refresh,
619
delete_hook=self.remove_client),
621
self._input_callback_tag = (gobject.io_add_watch
623
self._input_callback_tag = (
625
GLib.IOChannel.unix_new(sys.stdin.fileno()),
626
GLib.PRIORITY_DEFAULT, GLib.IO_IN,
627
glib_safely(self.process_input)))
625
628
self.main_loop.run()
626
629
# Main loop has finished, we should close everything now
627
gobject.source_remove(self._input_callback_tag)
630
GLib.source_remove(self._input_callback_tag)
631
with warnings.catch_warnings():
632
warnings.simplefilter("ignore", BytesWarning)
631
636
self.main_loop.quit()
637
log.removeHandler(self.loghandler)
638
log.propagate = self.orig_log_propagate
633
640
def process_input(self, source, condition):
634
641
keys = self.screen.get_input()
635
translations = { "ctrl n": "down", # Emacs
636
"ctrl p": "up", # Emacs
637
"ctrl v": "page down", # Emacs
638
"meta v": "page up", # Emacs
639
" ": "page down", # less
640
"f": "page down", # less
641
"b": "page up", # less
642
translations = {"ctrl n": "down", # Emacs
643
"ctrl p": "up", # Emacs
644
"ctrl v": "page down", # Emacs
645
"meta v": "page up", # Emacs
646
" ": "page down", # less
647
"f": "page down", # less
648
"b": "page up", # less
647
654
key = translations[key]
648
655
except KeyError: # :-)
651
658
if key == "q" or key == "Q":
695
701
self.topwidget.set_focus(self.logbox)
698
if self.log_level == 0:
700
self.log_message("Verbose mode: Off")
704
if log.level < logging.INFO:
705
log.setLevel(logging.INFO)
706
log.info("Verbose mode: Off")
703
self.log_message("Verbose mode: On")
704
#elif (key == "end" or key == "meta >" or key == "G"
706
# pass # xxx end-of-buffer
707
#elif (key == "home" or key == "meta <" or key == "g"
709
# pass # xxx beginning-of-buffer
710
#elif key == "ctrl e" or key == "$":
711
# pass # xxx move-end-of-line
712
#elif key == "ctrl a" or key == "^":
713
# pass # xxx move-beginning-of-line
714
#elif key == "ctrl b" or key == "meta (" or key == "h":
716
#elif key == "ctrl f" or key == "meta )" or key == "l":
719
# pass # scroll up log
721
# pass # scroll down log
708
log.setLevel(logging.NOTSET)
709
log.info("Verbose mode: On")
710
# elif (key == "end" or key == "meta >" or key == "G"
712
# pass # xxx end-of-buffer
713
# elif (key == "home" or key == "meta <" or key == "g"
715
# pass # xxx beginning-of-buffer
716
# elif key == "ctrl e" or key == "$":
717
# pass # xxx move-end-of-line
718
# elif key == "ctrl a" or key == "^":
719
# pass # xxx move-beginning-of-line
720
# elif key == "ctrl b" or key == "meta (" or key == "h":
722
# elif key == "ctrl f" or key == "meta )" or key == "l":
725
# pass # scroll up log
727
# pass # scroll down log
722
728
elif self.topwidget.selectable():
723
729
self.topwidget.keypress(self.size, key)
734
class UILogHandler(logging.Handler):
735
def __init__(self, ui, *args, **kwargs):
737
super(UILogHandler, self).__init__(*args, **kwargs)
739
logging.Formatter("%(asctime)s: %(message)s"))
740
def emit(self, record):
741
msg = self.format(record)
742
if record.levelno > logging.INFO:
744
self.ui.add_log_line(msg)
727
747
ui = UserInterface()
730
750
except KeyboardInterrupt:
732
except Exception as e:
733
ui.log_message(str(e))
751
with warnings.catch_warnings():
752
warnings.filterwarnings("ignore", "", BytesWarning)
755
with warnings.catch_warnings():
756
warnings.filterwarnings("ignore", "", BytesWarning)