To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 1151
- compare with another revision
- download diff
- download tarball
- view history from revision 1151
- Committer: Teddy Hogeborn
- Date: 2019-08-05 21:03:31 UTC
- Revision ID: teddy@recompile.se-20190805210331-vut4mdrc129c6ycs
Override lintian warning about old debhelper format
* debian/source/lintian-overrides
(package-uses-old-debhelper-compat-version): New; set to "10".
* debian/source/lintian-overrides
(package-uses-old-debhelper-compat-version): New; set to "10".
- files added:
- debian/mandos-client.templates
- debian/tests
- dracut-module
- files removed:
- initramfs-tools-hook-conf
- files modified:
- .bzrignore
added
removed
mandos
11
11
# "AvahiService" class, and some lines in "main".
12
12
#
13
13
# Everything else is
14
# Copyright © 2008-2016 Teddy Hogeborn
15
# Copyright © 2008-2016 Björn Påhlsson
16
#
17
# This program is free software: you can redistribute it and/or modify
18
# it under the terms of the GNU General Public License as published by
14
# Copyright © 2008-2019 Teddy Hogeborn
15
# Copyright © 2008-2019 Björn Påhlsson
16
#
17
# This file is part of Mandos.
18
#
19
# Mandos is free software: you can redistribute it and/or modify it
20
# under the terms of the GNU General Public License as published by
19
21
# the Free Software Foundation, either version 3 of the License, or
20
22
# (at your option) any later version.
21
23
#
22
# This program is distributed in the hope that it will be useful,
23
# but WITHOUT ANY WARRANTY; without even the implied warranty of
24
# Mandos is distributed in the hope that it will be useful, but
25
# WITHOUT ANY WARRANTY; without even the implied warranty of
24
26
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25
27
# GNU General Public License for more details.
26
28
#
27
29
# You should have received a copy of the GNU General Public License
28
# along with this program. If not, see
29
# <http://www.gnu.org/licenses/>.
30
# along with Mandos. If not, see <http://www.gnu.org/licenses/>.
30
31
#
31
32
# Contact the authors at <mandos@recompile.se>.
32
33
#
79
80
80
81
import dbus
81
82
import dbus.service
83
import gi
82
84
from gi.repository import GLib
83
85
from dbus.mainloop.glib import DBusGMainLoop
84
86
import ctypes
114
116
if sys.version_info.major == 2:
115
117
str = unicode
116
118
117
version = "1.7.13"
119
if sys.version_info < (3, 2):
120
configparser.Configparser = configparser.SafeConfigParser
121
122
version = "1.8.6"
118
123
stored_state_file = "clients.pickle"
119
124
120
125
logger = logging.getLogger()
274
279
275
280
276
281
# Pretend that we have an Avahi module
277
class Avahi(object):
278
"""This isn't so much a class as it is a module-like namespace.
279
It is instantiated once, and simulates having an Avahi module."""
282
class avahi(object):
283
"""This isn't so much a class as it is a module-like namespace."""
280
284
IF_UNSPEC = -1 # avahi-common/address.h
281
285
PROTO_UNSPEC = -1 # avahi-common/address.h
282
286
PROTO_INET = 0 # avahi-common/address.h
286
290
DBUS_INTERFACE_SERVER = DBUS_NAME + ".Server"
287
291
DBUS_PATH_SERVER = "/"
288
292
289
def string_array_to_txt_array(self, t):
293
@staticmethod
294
def string_array_to_txt_array(t):
290
295
return dbus.Array((dbus.ByteArray(s.encode("utf-8"))
291
296
for s in t), signature="ay")
292
297
ENTRY_GROUP_ESTABLISHED = 2 # avahi-common/defs.h
297
302
SERVER_RUNNING = 2 # avahi-common/defs.h
298
303
SERVER_COLLISION = 3 # avahi-common/defs.h
299
304
SERVER_FAILURE = 4 # avahi-common/defs.h
300
avahi = Avahi()
301
305
302
306
303
307
class AvahiError(Exception):
495
499
class AvahiServiceToSyslog(AvahiService):
496
500
def rename(self, *args, **kwargs):
497
501
"""Add the new name to the syslog messages"""
498
ret = AvahiService.rename(self, *args, **kwargs)
502
ret = super(AvahiServiceToSyslog, self).rename(*args, **kwargs)
499
503
syslogger.setFormatter(logging.Formatter(
500
504
'Mandos ({}) [%(process)d]: %(levelname)s: %(message)s'
501
505
.format(self.name)))
503
507
504
508
505
509
# Pretend that we have a GnuTLS module
506
class GnuTLS(object):
507
"""This isn't so much a class as it is a module-like namespace.
508
It is instantiated once, and simulates having a GnuTLS module."""
510
class gnutls(object):
511
"""This isn't so much a class as it is a module-like namespace."""
509
512
510
513
library = ctypes.util.find_library("gnutls")
511
514
if library is None:
512
515
library = ctypes.util.find_library("gnutls-deb0")
513
516
_library = ctypes.cdll.LoadLibrary(library)
514
517
del library
515
_need_version = b"3.3.0"
516
517
def __init__(self):
518
# Need to use class name "GnuTLS" here, since this method is
519
# called before the assignment to the "gnutls" global variable
520
# happens.
521
if GnuTLS.check_version(self._need_version) is None:
522
raise GnuTLS.Error("Needs GnuTLS {} or later"
523
.format(self._need_version))
524
518
525
519
# Unless otherwise indicated, the constants and types below are
526
520
# all from the gnutls/gnutls.h C header file.
530
524
E_INTERRUPTED = -52
531
525
E_AGAIN = -28
532
526
CRT_OPENPGP = 2
527
CRT_RAWPK = 3
533
528
CLIENT = 2
534
529
SHUT_RDWR = 0
535
530
CRD_CERTIFICATE = 1
536
531
E_NO_CERTIFICATE_FOUND = -49
532
X509_FMT_DER = 0
533
NO_TICKETS = 1<<10
534
ENABLE_RAWPK = 1<<18
535
CTYPE_PEERS = 3
536
KEYID_USE_SHA256 = 1 # gnutls/x509.h
537
537
OPENPGP_FMT_RAW = 0 # gnutls/openpgp.h
538
538
539
539
# Types
562
562
563
563
# Exceptions
564
564
class Error(Exception):
565
# We need to use the class name "GnuTLS" here, since this
566
# exception might be raised from within GnuTLS.__init__,
567
# which is called before the assignment to the "gnutls"
568
# global variable has happened.
569
565
def __init__(self, message=None, code=None, args=()):
570
566
# Default usage is by a message string, but if a return
571
567
# code is passed, convert it to a string with
572
568
# gnutls.strerror()
573
569
self.code = code
574
570
if message is None and code is not None:
575
message = GnuTLS.strerror(code)
576
return super(GnuTLS.Error, self).__init__(
571
message = gnutls.strerror(code)
572
return super(gnutls.Error, self).__init__(
577
573
message, *args)
578
574
579
575
class CertificateSecurityError(Error):
593
589
class ClientSession(object):
594
590
def __init__(self, socket, credentials=None):
595
591
self._c_object = gnutls.session_t()
596
gnutls.init(ctypes.byref(self._c_object), gnutls.CLIENT)
592
gnutls_flags = gnutls.CLIENT
593
if gnutls.check_version(b"3.5.6"):
594
gnutls_flags |= gnutls.NO_TICKETS
595
if gnutls.has_rawpk:
596
gnutls_flags |= gnutls.ENABLE_RAWPK
597
gnutls.init(ctypes.byref(self._c_object), gnutls_flags)
598
del gnutls_flags
597
599
gnutls.set_default_priority(self._c_object)
598
600
gnutls.transport_set_ptr(self._c_object, socket.fileno())
599
601
gnutls.handshake_set_private_extensions(self._c_object,
731
733
check_version.argtypes = [ctypes.c_char_p]
732
734
check_version.restype = ctypes.c_char_p
733
735
734
# All the function declarations below are from gnutls/openpgp.h
735
736
openpgp_crt_init = _library.gnutls_openpgp_crt_init
737
openpgp_crt_init.argtypes = [ctypes.POINTER(openpgp_crt_t)]
738
openpgp_crt_init.restype = _error_code
739
740
openpgp_crt_import = _library.gnutls_openpgp_crt_import
741
openpgp_crt_import.argtypes = [openpgp_crt_t,
742
ctypes.POINTER(datum_t),
743
openpgp_crt_fmt_t]
744
openpgp_crt_import.restype = _error_code
745
746
openpgp_crt_verify_self = _library.gnutls_openpgp_crt_verify_self
747
openpgp_crt_verify_self.argtypes = [openpgp_crt_t, ctypes.c_uint,
748
ctypes.POINTER(ctypes.c_uint)]
749
openpgp_crt_verify_self.restype = _error_code
750
751
openpgp_crt_deinit = _library.gnutls_openpgp_crt_deinit
752
openpgp_crt_deinit.argtypes = [openpgp_crt_t]
753
openpgp_crt_deinit.restype = None
754
755
openpgp_crt_get_fingerprint = (
756
_library.gnutls_openpgp_crt_get_fingerprint)
757
openpgp_crt_get_fingerprint.argtypes = [openpgp_crt_t,
758
ctypes.c_void_p,
759
ctypes.POINTER(
760
ctypes.c_size_t)]
761
openpgp_crt_get_fingerprint.restype = _error_code
736
_need_version = b"3.3.0"
737
if check_version(_need_version) is None:
738
raise self.Error("Needs GnuTLS {} or later"
739
.format(_need_version))
740
741
_tls_rawpk_version = b"3.6.6"
742
has_rawpk = bool(check_version(_tls_rawpk_version))
743
744
if has_rawpk:
745
# Types
746
class pubkey_st(ctypes.Structure):
747
_fields = []
748
pubkey_t = ctypes.POINTER(pubkey_st)
749
750
x509_crt_fmt_t = ctypes.c_int
751
752
# All the function declarations below are from gnutls/abstract.h
753
pubkey_init = _library.gnutls_pubkey_init
754
pubkey_init.argtypes = [ctypes.POINTER(pubkey_t)]
755
pubkey_init.restype = _error_code
756
757
pubkey_import = _library.gnutls_pubkey_import
758
pubkey_import.argtypes = [pubkey_t, ctypes.POINTER(datum_t),
759
x509_crt_fmt_t]
760
pubkey_import.restype = _error_code
761
762
pubkey_get_key_id = _library.gnutls_pubkey_get_key_id
763
pubkey_get_key_id.argtypes = [pubkey_t, ctypes.c_int,
764
ctypes.POINTER(ctypes.c_ubyte),
765
ctypes.POINTER(ctypes.c_size_t)]
766
pubkey_get_key_id.restype = _error_code
767
768
pubkey_deinit = _library.gnutls_pubkey_deinit
769
pubkey_deinit.argtypes = [pubkey_t]
770
pubkey_deinit.restype = None
771
else:
772
# All the function declarations below are from gnutls/openpgp.h
773
774
openpgp_crt_init = _library.gnutls_openpgp_crt_init
775
openpgp_crt_init.argtypes = [ctypes.POINTER(openpgp_crt_t)]
776
openpgp_crt_init.restype = _error_code
777
778
openpgp_crt_import = _library.gnutls_openpgp_crt_import
779
openpgp_crt_import.argtypes = [openpgp_crt_t,
780
ctypes.POINTER(datum_t),
781
openpgp_crt_fmt_t]
782
openpgp_crt_import.restype = _error_code
783
784
openpgp_crt_verify_self = _library.gnutls_openpgp_crt_verify_self
785
openpgp_crt_verify_self.argtypes = [openpgp_crt_t, ctypes.c_uint,
786
ctypes.POINTER(ctypes.c_uint)]
787
openpgp_crt_verify_self.restype = _error_code
788
789
openpgp_crt_deinit = _library.gnutls_openpgp_crt_deinit
790
openpgp_crt_deinit.argtypes = [openpgp_crt_t]
791
openpgp_crt_deinit.restype = None
792
793
openpgp_crt_get_fingerprint = (
794
_library.gnutls_openpgp_crt_get_fingerprint)
795
openpgp_crt_get_fingerprint.argtypes = [openpgp_crt_t,
796
ctypes.c_void_p,
797
ctypes.POINTER(
798
ctypes.c_size_t)]
799
openpgp_crt_get_fingerprint.restype = _error_code
800
801
if check_version(b"3.6.4"):
802
certificate_type_get2 = _library.gnutls_certificate_type_get2
803
certificate_type_get2.argtypes = [session_t, ctypes.c_int]
804
certificate_type_get2.restype = _error_code
762
805
763
806
# Remove non-public functions
764
807
del _error_code, _retry_on_error
765
# Create the global "gnutls" object, simulating a module
766
gnutls = GnuTLS()
767
808
768
809
769
810
def call_pipe(connection, # : multiprocessing.Connection
784
825
approved: bool(); 'None' if not yet approved/disapproved
785
826
approval_delay: datetime.timedelta(); Time to wait for approval
786
827
approval_duration: datetime.timedelta(); Duration of one approval
787
checker: subprocess.Popen(); a running checker process used
788
to see if the client lives.
789
'None' if no process is running.
828
checker: multiprocessing.Process(); a running checker process used
829
to see if the client lives. 'None' if no process is
830
running.
790
831
checker_callback_tag: a GLib event source tag, or None
791
832
checker_command: string; External command which is run to check
792
833
if client lives. %() expansions are done at
800
841
disable_initiator_tag: a GLib event source tag, or None
801
842
enabled: bool()
802
843
fingerprint: string (40 or 32 hexadecimal digits); used to
803
uniquely identify the client
844
uniquely identify an OpenPGP client
845
key_id: string (64 hexadecimal digits); used to uniquely identify
846
a client using raw public keys
804
847
host: string; available for use by the checker command
805
848
interval: datetime.timedelta(); How often to start a new checker
806
849
last_approval_request: datetime.datetime(); (UTC) or None
824
867
"""
825
868
826
869
runtime_expansions = ("approval_delay", "approval_duration",
827
"created", "enabled", "expires",
870
"created", "enabled", "expires", "key_id",
828
871
"fingerprint", "host", "interval",
829
872
"last_approval_request", "last_checked_ok",
830
873
"last_enabled", "name", "timeout")
860
903
client["enabled"] = config.getboolean(client_name,
861
904
"enabled")
862
905
863
# Uppercase and remove spaces from fingerprint for later
864
# comparison purposes with return value from the
865
# fingerprint() function
906
# Uppercase and remove spaces from key_id and fingerprint
907
# for later comparison purposes with return value from the
908
# key_id() and fingerprint() functions
909
client["key_id"] = (section.get("key_id", "").upper()
910
.replace(" ", ""))
866
911
client["fingerprint"] = (section["fingerprint"].upper()
867
912
.replace(" ", ""))
868
913
if "secret" in section:
912
957
self.expires = None
913
958
914
959
logger.debug("Creating client %r", self.name)
960
logger.debug(" Key ID: %s", self.key_id)
915
961
logger.debug(" Fingerprint: %s", self.fingerprint)
916
962
self.created = settings.get("created",
917
963
datetime.datetime.utcnow())
994
1040
def checker_callback(self, source, condition, connection,
995
1041
command):
996
1042
"""The checker has completed, so take appropriate actions."""
997
self.checker_callback_tag = None
998
self.checker = None
999
1043
# Read return code from connection (see call_pipe)
1000
1044
returncode = connection.recv()
1001
1045
connection.close()
1046
self.checker.join()
1047
self.checker_callback_tag = None
1048
self.checker = None
1002
1049
1003
1050
if returncode >= 0:
1004
1051
self.last_checker_status = returncode
1461
1508
exc_info=error)
1462
1509
return xmlstring
1463
1510
1511
1464
1512
try:
1465
1513
dbus.OBJECT_MANAGER_IFACE
1466
1514
except AttributeError:
1998
2046
def Name_dbus_property(self):
1999
2047
return dbus.String(self.name)
2000
2048
2049
# KeyID - property
2050
@dbus_annotations(
2051
{"org.freedesktop.DBus.Property.EmitsChangedSignal": "const"})
2052
@dbus_service_property(_interface, signature="s", access="read")
2053
def KeyID_dbus_property(self):
2054
return dbus.String(self.key_id)
2055
2001
2056
# Fingerprint - property
2002
2057
@dbus_annotations(
2003
2058
{"org.freedesktop.DBus.Property.EmitsChangedSignal": "const"})
2159
2214
2160
2215
2161
2216
class ProxyClient(object):
2162
def __init__(self, child_pipe, fpr, address):
2217
def __init__(self, child_pipe, key_id, fpr, address):
2163
2218
self._pipe = child_pipe
2164
self._pipe.send(('init', fpr, address))
2219
self._pipe.send(('init', key_id, fpr, address))
2165
2220
if not self._pipe.recv():
2166
raise KeyError(fpr)
2221
raise KeyError(key_id or fpr)
2167
2222
2168
2223
def __getattribute__(self, name):
2169
2224
if name == '_pipe':
2236
2291
2237
2292
approval_required = False
2238
2293
try:
2239
try:
2240
fpr = self.fingerprint(
2241
self.peer_certificate(session))
2242
except (TypeError, gnutls.Error) as error:
2243
logger.warning("Bad certificate: %s", error)
2244
return
2245
logger.debug("Fingerprint: %s", fpr)
2246
2247
try:
2248
client = ProxyClient(child_pipe, fpr,
2294
if gnutls.has_rawpk:
2295
fpr = b""
2296
try:
2297
key_id = self.key_id(
2298
self.peer_certificate(session))
2299
except (TypeError, gnutls.Error) as error:
2300
logger.warning("Bad certificate: %s", error)
2301
return
2302
logger.debug("Key ID: %s", key_id)
2303
2304
else:
2305
key_id = b""
2306
try:
2307
fpr = self.fingerprint(
2308
self.peer_certificate(session))
2309
except (TypeError, gnutls.Error) as error:
2310
logger.warning("Bad certificate: %s", error)
2311
return
2312
logger.debug("Fingerprint: %s", fpr)
2313
2314
try:
2315
client = ProxyClient(child_pipe, key_id, fpr,
2249
2316
self.client_address)
2250
2317
except KeyError:
2251
2318
return
2328
2395
2329
2396
@staticmethod
2330
2397
def peer_certificate(session):
2331
"Return the peer's OpenPGP certificate as a bytestring"
2332
# If not an OpenPGP certificate...
2333
if (gnutls.certificate_type_get(session._c_object)
2334
!= gnutls.CRT_OPENPGP):
2398
"Return the peer's certificate as a bytestring"
2399
try:
2400
cert_type = gnutls.certificate_type_get2(session._c_object,
2401
gnutls.CTYPE_PEERS)
2402
except AttributeError:
2403
cert_type = gnutls.certificate_type_get(session._c_object)
2404
if gnutls.has_rawpk:
2405
valid_cert_types = frozenset((gnutls.CRT_RAWPK,))
2406
else:
2407
valid_cert_types = frozenset((gnutls.CRT_OPENPGP,))
2408
# If not a valid certificate type...
2409
if cert_type not in valid_cert_types:
2410
logger.info("Cert type %r not in %r", cert_type,
2411
valid_cert_types)
2335
2412
# ...return invalid data
2336
2413
return b""
2337
2414
list_size = ctypes.c_uint(1)
2345
2422
return ctypes.string_at(cert.data, cert.size)
2346
2423
2347
2424
@staticmethod
2425
def key_id(certificate):
2426
"Convert a certificate bytestring to a hexdigit key ID"
2427
# New GnuTLS "datum" with the public key
2428
datum = gnutls.datum_t(
2429
ctypes.cast(ctypes.c_char_p(certificate),
2430
ctypes.POINTER(ctypes.c_ubyte)),
2431
ctypes.c_uint(len(certificate)))
2432
# XXX all these need to be created in the gnutls "module"
2433
# New empty GnuTLS certificate
2434
pubkey = gnutls.pubkey_t()
2435
gnutls.pubkey_init(ctypes.byref(pubkey))
2436
# Import the raw public key into the certificate
2437
gnutls.pubkey_import(pubkey,
2438
ctypes.byref(datum),
2439
gnutls.X509_FMT_DER)
2440
# New buffer for the key ID
2441
buf = ctypes.create_string_buffer(32)
2442
buf_len = ctypes.c_size_t(len(buf))
2443
# Get the key ID from the raw public key into the buffer
2444
gnutls.pubkey_get_key_id(pubkey,
2445
gnutls.KEYID_USE_SHA256,
2446
ctypes.cast(ctypes.byref(buf),
2447
ctypes.POINTER(ctypes.c_ubyte)),
2448
ctypes.byref(buf_len))
2449
# Deinit the certificate
2450
gnutls.pubkey_deinit(pubkey)
2451
2452
# Convert the buffer to a Python bytestring
2453
key_id = ctypes.string_at(buf, buf_len.value)
2454
# Convert the bytestring to hexadecimal notation
2455
hex_key_id = binascii.hexlify(key_id).upper()
2456
return hex_key_id
2457
2458
@staticmethod
2348
2459
def fingerprint(openpgp):
2349
2460
"Convert an OpenPGP bytestring to a hexdigit fingerprint"
2350
2461
# New GnuTLS "datum" with the OpenPGP public key
2364
2475
ctypes.byref(crtverify))
2365
2476
if crtverify.value != 0:
2366
2477
gnutls.openpgp_crt_deinit(crt)
2367
raise gnutls.CertificateSecurityError("Verify failed")
2478
raise gnutls.CertificateSecurityError(code
2479
=crtverify.value)
2368
2480
# New buffer for the fingerprint
2369
2481
buf = ctypes.create_string_buffer(20)
2370
2482
buf_len = ctypes.c_size_t()
2498
2610
raise
2499
2611
# Only bind(2) the socket if we really need to.
2500
2612
if self.server_address[0] or self.server_address[1]:
2613
if self.server_address[1]:
2614
self.allow_reuse_address = True
2501
2615
if not self.server_address[0]:
2502
2616
if self.address_family == socket.AF_INET6:
2503
2617
any_address = "::" # in6addr_any
2577
2691
command = request[0]
2578
2692
2579
2693
if command == 'init':
2580
fpr = request[1]
2581
address = request[2]
2694
key_id = request[1].decode("ascii")
2695
fpr = request[2].decode("ascii")
2696
address = request[3]
2582
2697
2583
2698
for c in self.clients.values():
2584
if c.fingerprint == fpr:
2699
if key_id == "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855":
2700
continue
2701
if key_id and c.key_id == key_id:
2702
client = c
2703
break
2704
if fpr and c.fingerprint == fpr:
2585
2705
client = c
2586
2706
break
2587
2707
else:
2588
logger.info("Client not found for fingerprint: %s, ad"
2589
"dress: %s", fpr, address)
2708
logger.info("Client not found for key ID: %s, address"
2709
": %s", key_id or fpr, address)
2590
2710
if self.use_dbus:
2591
2711
# Emit D-Bus signal
2592
mandos_dbus_service.ClientNotFound(fpr,
2712
mandos_dbus_service.ClientNotFound(key_id or fpr,
2593
2713
address[0])
2594
2714
parent_pipe.send(False)
2595
2715
return False
2858
2978
sys.exit(os.EX_OK if fail_count == 0 else 1)
2859
2979
2860
2980
# Default values for config file for server-global settings
2981
if gnutls.has_rawpk:
2982
priority = ("SECURE128:!CTYPE-X.509:+CTYPE-RAWPK:!RSA"
2983
":!VERS-ALL:+VERS-TLS1.3:%PROFILE_ULTRA")
2984
else:
2985
priority = ("SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA"
2986
":+SIGN-DSA-SHA256")
2861
2987
server_defaults = {"interface": "",
2862
2988
"address": "",
2863
2989
"port": "",
2864
2990
"debug": "False",
2865
"priority":
2866
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA"
2867
":+SIGN-DSA-SHA256",
2991
"priority": priority,
2868
2992
"servicename": "Mandos",
2869
2993
"use_dbus": "True",
2870
2994
"use_ipv6": "True",
2875
2999
"foreground": "False",
2876
3000
"zeroconf": "True",
2877
3001
}
3002
del priority
2878
3003
2879
3004
# Parse config file for server-global settings
2880
server_config = configparser.SafeConfigParser(server_defaults)
3005
server_config = configparser.ConfigParser(server_defaults)
2881
3006
del server_defaults
2882
3007
server_config.read(os.path.join(options.configdir, "mandos.conf"))
2883
# Convert the SafeConfigParser object to a dict
3008
# Convert the ConfigParser object to a dict
2884
3009
server_settings = server_config.defaults()
2885
3010
# Use the appropriate methods on the non-string config options
2886
for option in ("debug", "use_dbus", "use_ipv6", "foreground"):
3011
for option in ("debug", "use_dbus", "use_ipv6", "restore",
3012
"foreground", "zeroconf"):
2887
3013
server_settings[option] = server_config.getboolean("DEFAULT",
2888
3014
option)
2889
3015
if server_settings["port"]:
2957
3083
server_settings["servicename"])))
2958
3084
2959
3085
# Parse config file with clients
2960
client_config = configparser.SafeConfigParser(Client
2961
.client_defaults)
3086
client_config = configparser.ConfigParser(Client.client_defaults)
2962
3087
client_config.read(os.path.join(server_settings["configdir"],
2963
3088
"clients.conf"))
2964
3089
3035
3160
# Close all input and output, do double fork, etc.
3036
3161
daemon()
3037
3162
3038
# multiprocessing will use threads, so before we use GLib we need
3039
# to inform GLib that threads will be used.
3040
GLib.threads_init()
3163
if gi.version_info < (3, 10, 2):
3164
# multiprocessing will use threads, so before we use GLib we
3165
# need to inform GLib that threads will be used.
3166
GLib.threads_init()
3041
3167
3042
3168
global main_loop
3043
3169
# From the Avahi example code
3123
3249
for k in ("name", "host"):
3124
3250
if isinstance(value[k], bytes):
3125
3251
value[k] = value[k].decode("utf-8")
3252
if "key_id" not in value:
3253
value["key_id"] = ""
3254
elif "fingerprint" not in value:
3255
value["fingerprint"] = ""
3126
3256
# old_client_settings
3127
3257
# .keys()
3128
3258
old_client_settings = {
3265
3395
pass
3266
3396
3267
3397
@dbus.service.signal(_interface, signature="ss")
3268
def ClientNotFound(self, fingerprint, address):
3398
def ClientNotFound(self, key_id, address):
3269
3399
"D-Bus signal"
3270
3400
pass
3271
3401
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0