To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to server.py
- browse files at revision 11
- compare with another revision
- download diff
- download tarball
- view history from revision 11
- Committer: Teddy Hogeborn
- Date: 2008-06-30 01:43:39 UTC
- Revision ID: teddy@fukt.bsnet.se-20080630014339-rsuztydpl2w5ml83
* server.py: Rewritten to use Zeroconf (mDNS/DNS-SD) in place of the
old broadcast-UDP-to-port-49001 method.
old broadcast-UDP-to-port-49001 method.
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- plugins.d
- files renamed:
- clients.conf => mandos-clients.conf
- mandos => server.py
- files modified:
- Makefile
added
removed
server.py
1
1
#!/usr/bin/python
2
# -*- mode: python; coding: utf-8 -*-
3
#
4
# Mandos server - give out binary blobs to connecting clients.
5
#
6
# This program is partly derived from an example program for an Avahi
7
# service publisher, downloaded from
8
# <http://avahi.org/wiki/PythonPublishExample>. This includes the
9
# methods "add" and "remove" in the "AvahiService" class, the
10
# "server_state_changed" and "entry_group_state_changed" functions,
11
# and some lines in "main".
12
#
13
# Everything else is
14
# Copyright © 2008 Teddy Hogeborn & Björn Påhlsson
15
#
16
# This program is free software: you can redistribute it and/or modify
17
# it under the terms of the GNU General Public License as published by
18
# the Free Software Foundation, either version 3 of the License, or
19
# (at your option) any later version.
20
#
21
# This program is distributed in the hope that it will be useful,
22
# but WITHOUT ANY WARRANTY; without even the implied warranty of
23
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24
# GNU General Public License for more details.
25
#
26
# You should have received a copy of the GNU General Public License
27
# along with this program. If not, see
28
# <http://www.gnu.org/licenses/>.
29
#
30
# Contact the authors at <mandos@fukt.bsnet.se>.
31
#
32
2
33
3
from __future__ import division
34
4
35
5
import SocketServer
36
6
import socket
7
import select
37
8
from optparse import OptionParser
38
9
import datetime
39
10
import errno
40
11
import gnutls.crypto
41
12
import gnutls.connection
42
13
import gnutls.errors
43
import gnutls.library.functions
44
import gnutls.library.constants
45
import gnutls.library.types
46
14
import ConfigParser
47
15
import sys
48
16
import re
50
18
import signal
51
19
from sets import Set
52
20
import subprocess
53
import atexit
54
import stat
55
import logging
56
import logging.handlers
57
import pwd
58
21
59
22
import dbus
60
23
import gobject
61
24
import avahi
62
25
from dbus.mainloop.glib import DBusGMainLoop
63
import ctypes
64
import ctypes.util
65
66
version = "1.0"
67
68
logger = logging.Logger('mandos')
69
syslogger = logging.handlers.SysLogHandler\
70
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
71
address = "/dev/log")
72
syslogger.setFormatter(logging.Formatter\
73
('Mandos: %(levelname)s: %(message)s'))
74
logger.addHandler(syslogger)
75
76
console = logging.StreamHandler()
77
console.setFormatter(logging.Formatter('%(name)s: %(levelname)s:'
78
' %(message)s'))
79
logger.addHandler(console)
80
81
class AvahiError(Exception):
82
def __init__(self, value):
83
self.value = value
84
super(AvahiError, self).__init__()
85
def __str__(self):
86
return repr(self.value)
87
88
class AvahiServiceError(AvahiError):
89
pass
90
91
class AvahiGroupError(AvahiError):
92
pass
93
94
95
class AvahiService(object):
96
"""An Avahi (Zeroconf) service.
97
Attributes:
98
interface: integer; avahi.IF_UNSPEC or an interface index.
99
Used to optionally bind to the specified interface.
100
name: string; Example: 'Mandos'
101
type: string; Example: '_mandos._tcp'.
102
See <http://www.dns-sd.org/ServiceTypes.html>
103
port: integer; what port to announce
104
TXT: list of strings; TXT record for the service
105
domain: string; Domain to publish on, default to .local if empty.
106
host: string; Host to publish records for, default is localhost
107
max_renames: integer; maximum number of renames
108
rename_count: integer; counter so we only rename after collisions
109
a sensible number of times
110
"""
111
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
112
servicetype = None, port = None, TXT = None, domain = "",
113
host = "", max_renames = 32768):
114
self.interface = interface
115
self.name = name
116
self.type = servicetype
117
self.port = port
118
if TXT is None:
119
self.TXT = []
120
else:
121
self.TXT = TXT
122
self.domain = domain
123
self.host = host
124
self.rename_count = 0
125
self.max_renames = max_renames
126
def rename(self):
127
"""Derived from the Avahi example code"""
128
if self.rename_count >= self.max_renames:
129
logger.critical(u"No suitable Zeroconf service name found"
130
u" after %i retries, exiting.",
131
self.rename_count)
132
raise AvahiServiceError("Too many renames")
133
self.name = server.GetAlternativeServiceName(self.name)
134
logger.info(u"Changing Zeroconf service name to %r ...",
135
str(self.name))
136
syslogger.setFormatter(logging.Formatter\
137
('Mandos (%s): %%(levelname)s:'
138
' %%(message)s' % self.name))
139
self.remove()
140
self.add()
141
self.rename_count += 1
142
def remove(self):
143
"""Derived from the Avahi example code"""
144
if group is not None:
145
group.Reset()
146
def add(self):
147
"""Derived from the Avahi example code"""
148
global group
149
if group is None:
150
group = dbus.Interface\
151
(bus.get_object(avahi.DBUS_NAME,
152
server.EntryGroupNew()),
153
avahi.DBUS_INTERFACE_ENTRY_GROUP)
154
group.connect_to_signal('StateChanged',
155
entry_group_state_changed)
156
logger.debug(u"Adding Zeroconf service '%s' of type '%s' ...",
157
service.name, service.type)
158
group.AddService(
159
self.interface, # interface
160
avahi.PROTO_INET6, # protocol
161
dbus.UInt32(0), # flags
162
self.name, self.type,
163
self.domain, self.host,
164
dbus.UInt16(self.port),
165
avahi.string_array_to_txt_array(self.TXT))
166
group.Commit()
167
168
# From the Avahi example code:
169
group = None # our entry group
26
27
# This variable is used to optionally bind to a specified
28
# interface.
29
serviceInterface = avahi.IF_UNSPEC
30
# It is a global variable to fit in with the rest of the
31
# variables from the Avahi server example code:
32
serviceName = "Mandos"
33
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
34
servicePort = None # Not known at startup
35
serviceTXT = [] # TXT record for the service
36
domain = "" # Domain to publish on, default to .local
37
host = "" # Host to publish records for, default to localhost
38
group = None #our entry group
39
rename_count = 12 # Counter so we only rename after collisions a
40
# sensible number of times
170
41
# End of Avahi example code
171
42
172
43
173
44
class Client(object):
174
45
"""A representation of a client host served by this server.
175
46
Attributes:
176
name: string; from the config file, used in log messages
177
fingerprint: string (40 or 32 hexadecimal digits); used to
178
uniquely identify the client
179
secret: bytestring; sent verbatim (over TLS) to client
180
host: string; available for use by the checker command
181
created: datetime.datetime(); object creation, not client host
182
last_checked_ok: datetime.datetime() or None if not yet checked OK
183
timeout: datetime.timedelta(); How long from last_checked_ok
184
until this client is invalid
47
password: string
48
fqdn: string, FQDN (used by the checker)
49
created: datetime.datetime()
50
last_seen: datetime.datetime() or None if not yet seen
51
timeout: datetime.timedelta(); How long from last_seen until
52
this client is invalid
185
53
interval: datetime.timedelta(); How often to start a new checker
54
timeout_milliseconds: Used by gobject.timeout_add()
55
interval_milliseconds: - '' -
186
56
stop_hook: If set, called by stop() as stop_hook(self)
187
57
checker: subprocess.Popen(); a running checker process used
188
58
to see if the client lives.
189
'None' if no process is running.
59
Is None if no process is running.
190
60
checker_initiator_tag: a gobject event source tag, or None
191
61
stop_initiator_tag: - '' -
192
62
checker_callback_tag: - '' -
193
checker_command: string; External command which is run to check if
194
client lives. %() expansions are done at
195
runtime with vars(self) as dict, so that for
196
instance %(name)s can be used in the command.
197
Private attibutes:
198
_timeout: Real variable for 'timeout'
199
_interval: Real variable for 'interval'
200
_timeout_milliseconds: Used when calling gobject.timeout_add()
201
_interval_milliseconds: - '' -
202
63
"""
203
def _set_timeout(self, timeout):
204
"Setter function for 'timeout' attribute"
205
self._timeout = timeout
206
self._timeout_milliseconds = ((self.timeout.days
64
def __init__(self, name=None, options=None, stop_hook=None,
65
dn=None, password=None, passfile=None, fqdn=None,
66
timeout=None, interval=-1):
67
self.name = name
68
self.dn = dn
69
if password:
70
self.password = password
71
elif passfile:
72
self.password = open(passfile).readall()
73
else:
74
raise RuntimeError(u"No Password or Passfile for client %s"
75
% self.name)
76
self.fqdn = fqdn # string
77
self.created = datetime.datetime.now()
78
self.last_seen = None
79
if timeout is None:
80
timeout = options.timeout
81
self.timeout = timeout
82
self.timeout_milliseconds = ((self.timeout.days
83
* 24 * 60 * 60 * 1000)
84
+ (self.timeout.seconds * 1000)
85
+ (self.timeout.microseconds
86
// 1000))
87
if interval == -1:
88
interval = options.interval
89
else:
90
interval = string_to_delta(interval)
91
self.interval = interval
92
self.interval_milliseconds = ((self.interval.days
207
93
* 24 * 60 * 60 * 1000)
208
+ (self.timeout.seconds * 1000)
209
+ (self.timeout.microseconds
94
+ (self.interval.seconds * 1000)
95
+ (self.interval.microseconds
210
96
// 1000))
211
timeout = property(lambda self: self._timeout,
212
_set_timeout)
213
del _set_timeout
214
def _set_interval(self, interval):
215
"Setter function for 'interval' attribute"
216
self._interval = interval
217
self._interval_milliseconds = ((self.interval.days
218
* 24 * 60 * 60 * 1000)
219
+ (self.interval.seconds
220
* 1000)
221
+ (self.interval.microseconds
222
// 1000))
223
interval = property(lambda self: self._interval,
224
_set_interval)
225
del _set_interval
226
def __init__(self, name = None, stop_hook=None, config=None):
227
"""Note: the 'checker' key in 'config' sets the
228
'checker_command' attribute and *not* the 'checker'
229
attribute."""
230
if config is None:
231
config = {}
232
self.name = name
233
logger.debug(u"Creating client %r", self.name)
234
# Uppercase and remove spaces from fingerprint for later
235
# comparison purposes with return value from the fingerprint()
236
# function
237
self.fingerprint = config["fingerprint"].upper()\
238
.replace(u" ", u"")
239
logger.debug(u" Fingerprint: %s", self.fingerprint)
240
if "secret" in config:
241
self.secret = config["secret"].decode(u"base64")
242
elif "secfile" in config:
243
secfile = open(os.path.expanduser(os.path.expandvars
244
(config["secfile"])))
245
self.secret = secfile.read()
246
secfile.close()
247
else:
248
raise TypeError(u"No secret or secfile for client %s"
249
% self.name)
250
self.host = config.get("host", "")
251
self.created = datetime.datetime.now()
252
self.last_checked_ok = None
253
self.timeout = string_to_delta(config["timeout"])
254
self.interval = string_to_delta(config["interval"])
255
97
self.stop_hook = stop_hook
256
98
self.checker = None
257
99
self.checker_initiator_tag = None
258
100
self.stop_initiator_tag = None
259
101
self.checker_callback_tag = None
260
self.check_command = config["checker"]
261
102
def start(self):
262
"""Start this client's checker and timeout hooks"""
103
"""Start this clients checker and timeout hooks"""
263
104
# Schedule a new checker to be started an 'interval' from now,
264
105
# and every interval from then on.
265
self.checker_initiator_tag = gobject.timeout_add\
266
(self._interval_milliseconds,
267
self.start_checker)
106
self.checker_initiator_tag = gobject.\
107
timeout_add(self.interval_milliseconds,
108
self.start_checker)
268
109
# Also start a new checker *right now*.
269
110
self.start_checker()
270
111
# Schedule a stop() when 'timeout' has passed
271
self.stop_initiator_tag = gobject.timeout_add\
272
(self._timeout_milliseconds,
273
self.stop)
112
self.stop_initiator_tag = gobject.\
113
timeout_add(self.timeout_milliseconds,
114
self.stop)
274
115
def stop(self):
275
116
"""Stop this client.
276
The possibility that a client might be restarted is left open,
277
but not currently used."""
278
# If this client doesn't have a secret, it is already stopped.
279
if hasattr(self, "secret") and self.secret:
280
logger.info(u"Stopping client %s", self.name)
281
self.secret = None
282
else:
283
return False
284
if getattr(self, "stop_initiator_tag", False):
117
The possibility that this client might be restarted is left
118
open, but not currently used."""
119
# print "Stopping client", self.name
120
self.password = None
121
if self.stop_initiator_tag:
285
122
gobject.source_remove(self.stop_initiator_tag)
286
123
self.stop_initiator_tag = None
287
if getattr(self, "checker_initiator_tag", False):
124
if self.checker_initiator_tag:
288
125
gobject.source_remove(self.checker_initiator_tag)
289
126
self.checker_initiator_tag = None
290
127
self.stop_checker()
293
130
# Do not run this again if called by a gobject.timeout_add
294
131
return False
295
132
def __del__(self):
296
self.stop_hook = None
297
self.stop()
133
# Some code duplication here and in stop()
134
if hasattr(self, "stop_initiator_tag") \
135
and self.stop_initiator_tag:
136
gobject.source_remove(self.stop_initiator_tag)
137
self.stop_initiator_tag = None
138
if hasattr(self, "checker_initiator_tag") \
139
and self.checker_initiator_tag:
140
gobject.source_remove(self.checker_initiator_tag)
141
self.checker_initiator_tag = None
142
self.stop_checker()
298
143
def checker_callback(self, pid, condition):
299
144
"""The checker has completed, so take appropriate actions."""
300
145
now = datetime.datetime.now()
301
self.checker_callback_tag = None
302
self.checker = None
303
146
if os.WIFEXITED(condition) \
304
147
and (os.WEXITSTATUS(condition) == 0):
305
logger.info(u"Checker for %(name)s succeeded",
306
vars(self))
307
self.last_checked_ok = now
148
#print "Checker for %(name)s succeeded" % vars(self)
149
self.last_seen = now
308
150
gobject.source_remove(self.stop_initiator_tag)
309
self.stop_initiator_tag = gobject.timeout_add\
310
(self._timeout_milliseconds,
311
self.stop)
312
elif not os.WIFEXITED(condition):
313
logger.warning(u"Checker for %(name)s crashed?",
314
vars(self))
315
else:
316
logger.info(u"Checker for %(name)s failed",
317
vars(self))
151
self.stop_initiator_tag = gobject.\
152
timeout_add(self.timeout_milliseconds,
153
self.stop)
154
#else:
155
# if not os.WIFEXITED(condition):
156
# print "Checker for %(name)s crashed?" % vars(self)
157
# else:
158
# print "Checker for %(name)s failed" % vars(self)
159
self.checker = None
160
self.checker_callback_tag = None
318
161
def start_checker(self):
319
162
"""Start a new checker subprocess if one is not running.
320
163
If a checker already exists, leave it running and do
321
164
nothing."""
322
# The reason for not killing a running checker is that if we
323
# did that, then if a checker (for some reason) started
324
# running slowly and taking more than 'interval' time, the
325
# client would inevitably timeout, since no checker would get
326
# a chance to run to completion. If we instead leave running
327
# checkers alone, the checker would have to take more time
328
# than 'timeout' for the client to be declared invalid, which
329
# is as it should be.
330
165
if self.checker is None:
331
try:
332
# In case check_command has exactly one % operator
333
command = self.check_command % self.host
334
except TypeError:
335
# Escape attributes for the shell
336
escaped_attrs = dict((key, re.escape(str(val)))
337
for key, val in
338
vars(self).iteritems())
339
try:
340
command = self.check_command % escaped_attrs
341
except TypeError, error:
342
logger.error(u'Could not format string "%s":'
343
u' %s', self.check_command, error)
344
return True # Try again later
345
try:
346
logger.info(u"Starting checker %r for %s",
347
command, self.name)
348
# We don't need to redirect stdout and stderr, since
349
# in normal mode, that is already done by daemon(),
350
# and in debug mode we don't want to. (Stdin is
351
# always replaced by /dev/null.)
352
self.checker = subprocess.Popen(command,
353
close_fds=True,
354
shell=True, cwd="/")
355
self.checker_callback_tag = gobject.child_watch_add\
356
(self.checker.pid,
357
self.checker_callback)
358
except OSError, error:
359
logger.error(u"Failed to start subprocess: %s",
360
error)
166
#print "Starting checker for", self.name
167
try:
168
self.checker = subprocess.\
169
Popen("sleep 1; fping -q -- %s"
170
% re.escape(self.fqdn),
171
stdout=subprocess.PIPE,
172
close_fds=True, shell=True,
173
cwd="/")
174
self.checker_callback_tag = gobject.\
175
child_watch_add(self.checker.pid,
176
self.\
177
checker_callback)
178
except subprocess.OSError, error:
179
sys.stderr.write(u"Failed to start subprocess: %s\n"
180
% error)
361
181
# Re-run this periodically if run by gobject.timeout_add
362
182
return True
363
183
def stop_checker(self):
364
184
"""Force the checker process, if any, to stop."""
365
if self.checker_callback_tag:
366
gobject.source_remove(self.checker_callback_tag)
367
self.checker_callback_tag = None
368
if getattr(self, "checker", None) is None:
185
if not hasattr(self, "checker") or self.checker is None:
369
186
return
370
logger.debug(u"Stopping checker for %(name)s", vars(self))
371
try:
372
os.kill(self.checker.pid, signal.SIGTERM)
373
#os.sleep(0.5)
374
#if self.checker.poll() is None:
375
# os.kill(self.checker.pid, signal.SIGKILL)
376
except OSError, error:
377
if error.errno != errno.ESRCH: # No such process
378
raise
187
gobject.source_remove(self.checker_callback_tag)
188
self.checker_callback_tag = None
189
os.kill(self.checker.pid, signal.SIGTERM)
190
if self.checker.poll() is None:
191
os.kill(self.checker.pid, signal.SIGKILL)
379
192
self.checker = None
380
def still_valid(self):
193
def still_valid(self, now=None):
381
194
"""Has the timeout not yet passed for this client?"""
382
now = datetime.datetime.now()
383
if self.last_checked_ok is None:
195
if now is None:
196
now = datetime.datetime.now()
197
if self.last_seen is None:
384
198
return now < (self.created + self.timeout)
385
199
else:
386
return now < (self.last_checked_ok + self.timeout)
387
388
389
def peer_certificate(session):
390
"Return the peer's OpenPGP certificate as a bytestring"
391
# If not an OpenPGP certificate...
392
if gnutls.library.functions.gnutls_certificate_type_get\
393
(session._c_object) \
394
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP:
395
# ...do the normal thing
396
return session.peer_certificate
397
list_size = ctypes.c_uint()
398
cert_list = gnutls.library.functions.gnutls_certificate_get_peers\
399
(session._c_object, ctypes.byref(list_size))
400
if list_size.value == 0:
401
return None
402
cert = cert_list[0]
403
return ctypes.string_at(cert.data, cert.size)
404
405
406
def fingerprint(openpgp):
407
"Convert an OpenPGP bytestring to a hexdigit fingerprint string"
408
# New GnuTLS "datum" with the OpenPGP public key
409
datum = gnutls.library.types.gnutls_datum_t\
410
(ctypes.cast(ctypes.c_char_p(openpgp),
411
ctypes.POINTER(ctypes.c_ubyte)),
412
ctypes.c_uint(len(openpgp)))
413
# New empty GnuTLS certificate
414
crt = gnutls.library.types.gnutls_openpgp_crt_t()
415
gnutls.library.functions.gnutls_openpgp_crt_init\
416
(ctypes.byref(crt))
417
# Import the OpenPGP public key into the certificate
418
gnutls.library.functions.gnutls_openpgp_crt_import\
419
(crt, ctypes.byref(datum),
420
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
421
# Verify the self signature in the key
422
crtverify = ctypes.c_uint()
423
gnutls.library.functions.gnutls_openpgp_crt_verify_self\
424
(crt, 0, ctypes.byref(crtverify))
425
if crtverify.value != 0:
426
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
427
raise gnutls.errors.CertificateSecurityError("Verify failed")
428
# New buffer for the fingerprint
429
buf = ctypes.create_string_buffer(20)
430
buf_len = ctypes.c_size_t()
431
# Get the fingerprint from the certificate into the buffer
432
gnutls.library.functions.gnutls_openpgp_crt_get_fingerprint\
433
(crt, ctypes.byref(buf), ctypes.byref(buf_len))
434
# Deinit the certificate
435
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
436
# Convert the buffer to a Python bytestring
437
fpr = ctypes.string_at(buf, buf_len.value)
438
# Convert the bytestring to hexadecimal notation
439
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
440
return hex_fpr
441
442
443
class TCP_handler(SocketServer.BaseRequestHandler, object):
200
return now < (self.last_seen + self.timeout)
201
202
203
class tcp_handler(SocketServer.BaseRequestHandler, object):
444
204
"""A TCP request handler class.
445
205
Instantiated by IPv6_TCPServer for each request to handle it.
446
206
Note: This will run in its own forked process."""
447
448
207
def handle(self):
449
logger.info(u"TCP connection from: %s",
450
unicode(self.client_address))
451
session = gnutls.connection.ClientSession\
452
(self.request, gnutls.connection.X509Credentials())
453
454
line = self.request.makefile().readline()
455
logger.debug(u"Protocol version: %r", line)
456
try:
457
if int(line.strip().split()[0]) > 1:
458
raise RuntimeError
459
except (ValueError, IndexError, RuntimeError), error:
460
logger.error(u"Unknown protocol version: %s", error)
461
return
462
463
# Note: gnutls.connection.X509Credentials is really a generic
464
# GnuTLS certificate credentials object so long as no X.509
465
# keys are added to it. Therefore, we can use it here despite
466
# using OpenPGP certificates.
467
468
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
469
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
470
# "+DHE-DSS"))
471
priority = "NORMAL" # Fallback default, since this
472
# MUST be set.
473
if self.server.settings["priority"]:
474
priority = self.server.settings["priority"]
475
gnutls.library.functions.gnutls_priority_set_direct\
476
(session._c_object, priority, None)
477
208
#print u"TCP request came"
209
#print u"Request:", self.request
210
#print u"Client Address:", self.client_address
211
#print u"Server:", self.server
212
session = gnutls.connection.ServerSession(self.request,
213
self.server\
214
.credentials)
478
215
try:
479
216
session.handshake()
480
217
except gnutls.errors.GNUTLSError, error:
481
logger.warning(u"Handshake failed: %s", error)
218
#sys.stderr.write(u"Handshake failed: %s\n" % error)
482
219
# Do not run session.bye() here: the session is not
483
220
# established. Just abandon the request.
484
221
return
222
#if session.peer_certificate:
223
# print "DN:", session.peer_certificate.subject
485
224
try:
486
fpr = fingerprint(peer_certificate(session))
487
except (TypeError, gnutls.errors.GNUTLSError), error:
488
logger.warning(u"Bad certificate: %s", error)
225
session.verify_peer()
226
except gnutls.errors.CertificateError, error:
227
#sys.stderr.write(u"Verify failed: %s\n" % error)
489
228
session.bye()
490
229
return
491
logger.debug(u"Fingerprint: %s", fpr)
492
230
client = None
493
for c in self.server.clients:
494
if c.fingerprint == fpr:
231
for c in clients:
232
if c.dn == session.peer_certificate.subject:
495
233
client = c
496
234
break
497
if not client:
498
logger.warning(u"Client not found for fingerprint: %s",
499
fpr)
500
session.bye()
501
return
502
235
# Have to check if client.still_valid(), since it is possible
503
236
# that the client timed out while establishing the GnuTLS
504
237
# session.
505
if not client.still_valid():
506
logger.warning(u"Client %(name)s is invalid",
507
vars(client))
508
session.bye()
509
return
510
sent_size = 0
511
while sent_size < len(client.secret):
512
sent = session.send(client.secret[sent_size:])
513
logger.debug(u"Sent: %d, remaining: %d",
514
sent, len(client.secret)
515
- (sent_size + sent))
516
sent_size += sent
238
if client and client.still_valid():
239
session.send(client.password)
240
else:
241
#if client:
242
# sys.stderr.write(u"Client %(name)s is invalid\n"
243
# % vars(client))
244
#else:
245
# sys.stderr.write(u"Client not found for DN: %s\n"
246
# % session.peer_certificate.subject)
247
#session.send("gazonk")
248
pass
517
249
session.bye()
518
250
519
251
520
252
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
521
253
"""IPv6 TCP server. Accepts 'None' as address and/or port.
522
254
Attributes:
523
settings: Server settings
255
options: Command line options
524
256
clients: Set() of Client objects
525
enabled: Boolean; whether this server is activated yet
257
credentials: GnuTLS X.509 credentials
526
258
"""
527
259
address_family = socket.AF_INET6
528
260
def __init__(self, *args, **kwargs):
529
if "settings" in kwargs:
530
self.settings = kwargs["settings"]
531
del kwargs["settings"]
261
if "options" in kwargs:
262
self.options = kwargs["options"]
263
del kwargs["options"]
532
264
if "clients" in kwargs:
533
265
self.clients = kwargs["clients"]
534
266
del kwargs["clients"]
535
self.enabled = False
536
super(IPv6_TCPServer, self).__init__(*args, **kwargs)
267
if "credentials" in kwargs:
268
self.credentials = kwargs["credentials"]
269
del kwargs["credentials"]
270
return super(type(self), self).__init__(*args, **kwargs)
537
271
def server_bind(self):
538
272
"""This overrides the normal server_bind() function
539
273
to bind to an interface if one was specified, and also NOT to
540
274
bind to an address or port if they were not specified."""
541
if self.settings["interface"]:
542
# 25 is from /usr/include/asm-i486/socket.h
543
SO_BINDTODEVICE = getattr(socket, "SO_BINDTODEVICE", 25)
275
if self.options.interface:
276
if not hasattr(socket, "SO_BINDTODEVICE"):
277
# From /usr/include/asm-i486/socket.h
278
socket.SO_BINDTODEVICE = 25
544
279
try:
545
280
self.socket.setsockopt(socket.SOL_SOCKET,
546
SO_BINDTODEVICE,
547
self.settings["interface"])
281
socket.SO_BINDTODEVICE,
282
self.options.interface)
548
283
except socket.error, error:
549
284
if error[0] == errno.EPERM:
550
logger.error(u"No permission to"
551
u" bind to interface %s",
552
self.settings["interface"])
285
sys.stderr.write(u"Warning: No permission to bind to interface %s\n"
286
% self.options.interface)
553
287
else:
554
288
raise error
555
289
# Only bind(2) the socket if we really need to.
558
292
in6addr_any = "::"
559
293
self.server_address = (in6addr_any,
560
294
self.server_address[1])
561
elif not self.server_address[1]:
295
elif self.server_address[1] is None:
562
296
self.server_address = (self.server_address[0],
563
297
0)
564
# if self.settings["interface"]:
565
# self.server_address = (self.server_address[0],
566
# 0, # port
567
# 0, # flowinfo
568
# if_nametoindex
569
# (self.settings
570
# ["interface"]))
571
return super(IPv6_TCPServer, self).server_bind()
572
def server_activate(self):
573
if self.enabled:
574
return super(IPv6_TCPServer, self).server_activate()
575
def enable(self):
576
self.enabled = True
298
return super(type(self), self).server_bind()
577
299
578
300
579
301
def string_to_delta(interval):
589
311
datetime.timedelta(1)
590
312
>>> string_to_delta(u'1w')
591
313
datetime.timedelta(7)
592
>>> string_to_delta('5m 30s')
593
datetime.timedelta(0, 330)
594
314
"""
595
timevalue = datetime.timedelta(0)
596
for s in interval.split():
597
try:
598
suffix = unicode(s[-1])
599
value = int(s[:-1])
600
if suffix == u"d":
601
delta = datetime.timedelta(value)
602
elif suffix == u"s":
603
delta = datetime.timedelta(0, value)
604
elif suffix == u"m":
605
delta = datetime.timedelta(0, 0, 0, 0, value)
606
elif suffix == u"h":
607
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
608
elif suffix == u"w":
609
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
610
else:
611
raise ValueError
612
except (ValueError, IndexError):
315
try:
316
suffix=unicode(interval[-1])
317
value=int(interval[:-1])
318
if suffix == u"d":
319
delta = datetime.timedelta(value)
320
elif suffix == u"s":
321
delta = datetime.timedelta(0, value)
322
elif suffix == u"m":
323
delta = datetime.timedelta(0, 0, 0, 0, value)
324
elif suffix == u"h":
325
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
326
elif suffix == u"w":
327
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
328
else:
613
329
raise ValueError
614
timevalue += delta
615
return timevalue
330
except (ValueError, IndexError):
331
raise ValueError
332
return delta
333
334
335
def add_service():
336
"""From the Avahi server example code"""
337
global group, serviceName, serviceType, servicePort, serviceTXT, \
338
domain, host
339
if group is None:
340
group = dbus.Interface(
341
bus.get_object( avahi.DBUS_NAME,
342
server.EntryGroupNew()),
343
avahi.DBUS_INTERFACE_ENTRY_GROUP)
344
group.connect_to_signal('StateChanged',
345
entry_group_state_changed)
346
347
# print "Adding service '%s' of type '%s' ..." % (serviceName,
348
# serviceType)
349
350
group.AddService(
351
serviceInterface, # interface
352
avahi.PROTO_INET6, # protocol
353
dbus.UInt32(0), # flags
354
serviceName, serviceType,
355
domain, host,
356
dbus.UInt16(servicePort),
357
avahi.string_array_to_txt_array(serviceTXT))
358
group.Commit()
359
360
361
def remove_service():
362
"""From the Avahi server example code"""
363
global group
364
365
if not group is None:
366
group.Reset()
616
367
617
368
618
369
def server_state_changed(state):
619
"""Derived from the Avahi example code"""
370
"""From the Avahi server example code"""
620
371
if state == avahi.SERVER_COLLISION:
621
logger.error(u"Zeroconf server name collision")
622
service.remove()
372
print "WARNING: Server name collision"
373
remove_service()
623
374
elif state == avahi.SERVER_RUNNING:
624
service.add()
375
add_service()
625
376
626
377
627
378
def entry_group_state_changed(state, error):
628
"""Derived from the Avahi example code"""
629
logger.debug(u"Avahi state change: %i", state)
379
"""From the Avahi server example code"""
380
global serviceName, server, rename_count
381
382
# print "state change: %i" % state
630
383
631
384
if state == avahi.ENTRY_GROUP_ESTABLISHED:
632
logger.debug(u"Zeroconf service established.")
385
pass
386
# print "Service established."
633
387
elif state == avahi.ENTRY_GROUP_COLLISION:
634
logger.warning(u"Zeroconf service name collision.")
635
service.rename()
388
389
rename_count = rename_count - 1
390
if rename_count > 0:
391
name = server.GetAlternativeServiceName(name)
392
print "WARNING: Service name collision, changing name to '%s' ..." % name
393
remove_service()
394
add_service()
395
396
else:
397
print "ERROR: No suitable service name found after %i retries, exiting." % n_rename
398
main_loop.quit()
636
399
elif state == avahi.ENTRY_GROUP_FAILURE:
637
logger.critical(u"Avahi: Error in group state changed %s",
638
unicode(error))
639
raise AvahiGroupError("State changed: %s", str(error))
400
print "Error in group state changed", error
401
main_loop.quit()
402
return
403
640
404
641
405
def if_nametoindex(interface):
642
"""Call the C function if_nametoindex(), or equivalent"""
643
global if_nametoindex
406
"""Call the C function if_nametoindex()"""
644
407
try:
645
if_nametoindex = ctypes.cdll.LoadLibrary\
646
(ctypes.util.find_library("c")).if_nametoindex
647
except (OSError, AttributeError):
408
if "ctypes" not in sys.modules:
409
import ctypes
410
libc = ctypes.cdll.LoadLibrary("libc.so.6")
411
return libc.if_nametoindex(interface)
412
except (ImportError, OSError, AttributeError):
648
413
if "struct" not in sys.modules:
649
414
import struct
650
415
if "fcntl" not in sys.modules:
651
416
import fcntl
652
def if_nametoindex(interface):
653
"Get an interface index the hard way, i.e. using fcntl()"
654
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
655
s = socket.socket()
656
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
657
struct.pack("16s16x", interface))
658
s.close()
659
interface_index = struct.unpack("I", ifreq[16:20])[0]
660
return interface_index
661
return if_nametoindex(interface)
662
663
664
def daemon(nochdir = False, noclose = False):
665
"""See daemon(3). Standard BSD Unix function.
666
This should really exist as os.daemon, but it doesn't (yet)."""
667
if os.fork():
668
sys.exit()
669
os.setsid()
670
if not nochdir:
671
os.chdir("/")
672
if os.fork():
673
sys.exit()
674
if not noclose:
675
# Close all standard open file descriptors
676
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
677
if not stat.S_ISCHR(os.fstat(null).st_mode):
678
raise OSError(errno.ENODEV,
679
"/dev/null not a character device")
680
os.dup2(null, sys.stdin.fileno())
681
os.dup2(null, sys.stdout.fileno())
682
os.dup2(null, sys.stderr.fileno())
683
if null > 2:
684
os.close(null)
685
686
687
def main():
688
parser = OptionParser(version = "%%prog %s" % version)
417
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
418
s = socket.socket()
419
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
420
struct.pack("16s16x", interface))
421
s.close()
422
interface_index = struct.unpack("I", ifreq[16:20])[0]
423
return interface_index
424
425
426
if __name__ == '__main__':
427
parser = OptionParser()
689
428
parser.add_option("-i", "--interface", type="string",
690
metavar="IF", help="Bind to interface IF")
691
parser.add_option("-a", "--address", type="string",
692
help="Address to listen for requests on")
693
parser.add_option("-p", "--port", type="int",
429
default=None, metavar="IF",
430
help="Bind to interface IF")
431
parser.add_option("--cert", type="string", default="cert.pem",
432
metavar="FILE",
433
help="Public key certificate PEM file to use")
434
parser.add_option("--key", type="string", default="key.pem",
435
metavar="FILE",
436
help="Private key PEM file to use")
437
parser.add_option("--ca", type="string", default="ca.pem",
438
metavar="FILE",
439
help="Certificate Authority certificate PEM file to use")
440
parser.add_option("--crl", type="string", default="crl.pem",
441
metavar="FILE",
442
help="Certificate Revokation List PEM file to use")
443
parser.add_option("-p", "--port", type="int", default=None,
694
444
help="Port number to receive requests on")
445
parser.add_option("--timeout", type="string", # Parsed later
446
default="1h",
447
help="Amount of downtime allowed for clients")
448
parser.add_option("--interval", type="string", # Parsed later
449
default="5m",
450
help="How often to check that a client is up")
695
451
parser.add_option("--check", action="store_true", default=False,
696
452
help="Run self-test")
697
parser.add_option("--debug", action="store_true",
698
help="Debug mode; run in foreground and log to"
699
" terminal")
700
parser.add_option("--priority", type="string", help="GnuTLS"
701
" priority string (see GnuTLS documentation)")
702
parser.add_option("--servicename", type="string", metavar="NAME",
703
help="Zeroconf service name")
704
parser.add_option("--configdir", type="string",
705
default="/etc/mandos", metavar="DIR",
706
help="Directory to search for configuration"
707
" files")
708
options = parser.parse_args()[0]
453
(options, args) = parser.parse_args()
709
454
710
455
if options.check:
711
456
import doctest
712
457
doctest.testmod()
713
458
sys.exit()
714
459
715
# Default values for config file for server-global settings
716
server_defaults = { "interface": "",
717
"address": "",
718
"port": "",
719
"debug": "False",
720
"priority":
721
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
722
"servicename": "Mandos",
723
}
724
725
# Parse config file for server-global settings
726
server_config = ConfigParser.SafeConfigParser(server_defaults)
727
del server_defaults
728
server_config.read(os.path.join(options.configdir, "mandos.conf"))
729
# Convert the SafeConfigParser object to a dict
730
server_settings = server_config.defaults()
731
# Use getboolean on the boolean config option
732
server_settings["debug"] = server_config.getboolean\
733
("DEFAULT", "debug")
734
del server_config
735
736
# Override the settings from the config file with command line
737
# options, if set.
738
for option in ("interface", "address", "port", "debug",
739
"priority", "servicename", "configdir"):
740
value = getattr(options, option)
741
if value is not None:
742
server_settings[option] = value
743
del options
744
# Now we have our good server settings in "server_settings"
745
746
debug = server_settings["debug"]
747
748
if not debug:
749
syslogger.setLevel(logging.WARNING)
750
console.setLevel(logging.WARNING)
751
752
if server_settings["servicename"] != "Mandos":
753
syslogger.setFormatter(logging.Formatter\
754
('Mandos (%s): %%(levelname)s:'
755
' %%(message)s'
756
% server_settings["servicename"]))
757
758
# Parse config file with clients
759
client_defaults = { "timeout": "1h",
760
"interval": "5m",
761
"checker": "fping -q -- %(host)s",
762
"host": "",
763
}
764
client_config = ConfigParser.SafeConfigParser(client_defaults)
765
client_config.read(os.path.join(server_settings["configdir"],
766
"clients.conf"))
767
768
clients = Set()
769
tcp_server = IPv6_TCPServer((server_settings["address"],
770
server_settings["port"]),
771
TCP_handler,
772
settings=server_settings,
773
clients=clients)
774
pidfilename = "/var/run/mandos.pid"
775
try:
776
pidfile = open(pidfilename, "w")
777
except IOError, error:
778
logger.error("Could not open file %r", pidfilename)
779
780
uid = 65534
781
gid = 65534
782
try:
783
uid = pwd.getpwnam("mandos").pw_uid
784
except KeyError:
785
try:
786
uid = pwd.getpwnam("nobody").pw_uid
787
except KeyError:
788
pass
789
try:
790
gid = pwd.getpwnam("mandos").pw_gid
791
except KeyError:
792
try:
793
gid = pwd.getpwnam("nogroup").pw_gid
794
except KeyError:
795
pass
796
try:
797
os.setuid(uid)
798
os.setgid(gid)
799
except OSError, error:
800
if error[0] != errno.EPERM:
801
raise error
802
803
global service
804
service = AvahiService(name = server_settings["servicename"],
805
servicetype = "_mandos._tcp", )
806
if server_settings["interface"]:
807
service.interface = if_nametoindex\
808
(server_settings["interface"])
809
810
global main_loop
811
global bus
812
global server
813
# From the Avahi example code
460
# Parse the time arguments
461
try:
462
options.timeout = string_to_delta(options.timeout)
463
except ValueError:
464
parser.error("option --timeout: Unparseable time")
465
try:
466
options.interval = string_to_delta(options.interval)
467
except ValueError:
468
parser.error("option --interval: Unparseable time")
469
470
cert = gnutls.crypto.X509Certificate(open(options.cert).read())
471
key = gnutls.crypto.X509PrivateKey(open(options.key).read())
472
ca = gnutls.crypto.X509Certificate(open(options.ca).read())
473
crl = gnutls.crypto.X509CRL(open(options.crl).read())
474
cred = gnutls.connection.X509Credentials(cert, key, [ca], [crl])
475
476
# Parse config file
477
defaults = {}
478
client_config = ConfigParser.SafeConfigParser(defaults)
479
#client_config.readfp(open("secrets.conf"), "secrets.conf")
480
client_config.read("mandos-clients.conf")
481
482
# From the Avahi server example code
814
483
DBusGMainLoop(set_as_default=True )
815
484
main_loop = gobject.MainLoop()
816
485
bus = dbus.SystemBus()
817
server = dbus.Interface(bus.get_object(avahi.DBUS_NAME,
818
avahi.DBUS_PATH_SERVER),
819
avahi.DBUS_INTERFACE_SERVER)
486
server = dbus.Interface(
487
bus.get_object( avahi.DBUS_NAME, avahi.DBUS_PATH_SERVER ),
488
avahi.DBUS_INTERFACE_SERVER )
820
489
# End of Avahi example code
821
490
491
clients = Set()
822
492
def remove_from_clients(client):
823
493
clients.remove(client)
824
494
if not clients:
825
logger.critical(u"No clients left, exiting")
826
sys.exit()
495
print "No clients left, exiting"
496
main_loop.quit()
827
497
828
clients.update(Set(Client(name = section,
498
clients.update(Set(Client(name=section, options=options,
829
499
stop_hook = remove_from_clients,
830
config
831
= dict(client_config.items(section)))
500
**(dict(client_config\
501
.items(section))))
832
502
for section in client_config.sections()))
833
if not clients:
834
logger.critical(u"No clients defined")
835
sys.exit(1)
836
837
if debug:
838
# Redirect stdin so all checkers get /dev/null
839
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
840
os.dup2(null, sys.stdin.fileno())
841
if null > 2:
842
os.close(null)
843
else:
844
# No console logging
845
logger.removeHandler(console)
846
# Close all input and output, do double fork, etc.
847
daemon()
848
849
try:
850
pid = os.getpid()
851
pidfile.write(str(pid) + "\n")
852
pidfile.close()
853
del pidfile
854
except IOError:
855
logger.error(u"Could not write to file %r with PID %d",
856
pidfilename, pid)
857
except NameError:
858
# "pidfile" was never created
859
pass
860
del pidfilename
861
862
def cleanup():
863
"Cleanup function; run on exit"
864
global group
865
# From the Avahi example code
866
if not group is None:
867
group.Free()
868
group = None
869
# End of Avahi example code
870
871
while clients:
872
client = clients.pop()
873
client.stop_hook = None
874
client.stop()
875
876
atexit.register(cleanup)
877
878
if not debug:
879
signal.signal(signal.SIGINT, signal.SIG_IGN)
880
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
881
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
882
883
503
for client in clients:
884
504
client.start()
885
505
886
tcp_server.enable()
887
tcp_server.server_activate()
888
889
# Find out what port we got
890
service.port = tcp_server.socket.getsockname()[1]
891
logger.info(u"Now listening on address %r, port %d, flowinfo %d,"
892
u" scope_id %d" % tcp_server.socket.getsockname())
893
894
#service.interface = tcp_server.socket.getsockname()[3]
895
506
tcp_server = IPv6_TCPServer((None, options.port),
507
tcp_handler,
508
options=options,
509
clients=clients,
510
credentials=cred)
511
# Find out what random port we got
512
servicePort = tcp_server.socket.getsockname()[1]
513
#sys.stderr.write("Now listening on port %d\n" % servicePort)
514
515
if options.interface is not None:
516
serviceInterface = if_nametoindex(options.interface)
517
518
# From the Avahi server example code
519
server.connect_to_signal("StateChanged", server_state_changed)
520
server_state_changed(server.GetState())
521
# End of Avahi example code
522
523
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
524
lambda *args, **kwargs:
525
tcp_server.handle_request(*args[2:],
526
**kwargs) or True)
896
527
try:
897
# From the Avahi example code
898
server.connect_to_signal("StateChanged", server_state_changed)
899
try:
900
server_state_changed(server.GetState())
901
except dbus.exceptions.DBusException, error:
902
logger.critical(u"DBusException: %s", error)
903
sys.exit(1)
904
# End of Avahi example code
905
906
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
907
lambda *args, **kwargs:
908
tcp_server.handle_request\
909
(*args[2:], **kwargs) or True)
910
911
logger.debug(u"Starting main loop")
912
528
main_loop.run()
913
except AvahiError, error:
914
logger.critical(u"AvahiError: %s" + unicode(error))
915
sys.exit(1)
916
529
except KeyboardInterrupt:
917
if debug:
918
print
530
print
531
532
# Cleanup here
919
533
920
if __name__ == '__main__':
921
main()
534
# From the Avahi server example code
535
if not group is None:
536
group.Free()
537
# End of Avahi example code
538
539
for client in clients:
540
client.stop_hook = None
541
client.stop()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0