To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 1186
- compare with another revision
- download diff
- download tarball
- view history from revision 1186
- Committer: Teddy Hogeborn
- Date: 2019-11-03 19:17:57 UTC
- Revision ID: teddy@recompile.se-20191103191757-1hdpp0u5fxa8iumo
INSTALL: Add "-" argument to "su" invocations.
- files removed:
- debian/po/nl.po
- files modified:
- .bzrignore
added
removed
mandos
11
11
# "AvahiService" class, and some lines in "main".
12
12
#
13
13
# Everything else is
14
# Copyright © 2008-2020 Teddy Hogeborn
15
# Copyright © 2008-2020 Björn Påhlsson
14
# Copyright © 2008-2019 Teddy Hogeborn
15
# Copyright © 2008-2019 Björn Påhlsson
16
16
#
17
17
# This file is part of Mandos.
18
18
#
78
78
import collections
79
79
import codecs
80
80
import unittest
81
import random
82
import shlex
83
81
84
82
import dbus
85
83
import dbus.service
93
91
94
92
if sys.version_info.major == 2:
95
93
__metaclass__ = type
96
str = unicode
97
98
# Add collections.abc.Callable if it does not exist
99
try:
100
collections.abc.Callable
101
except AttributeError:
102
class abc:
103
Callable = collections.Callable
104
collections.abc = abc
105
del abc
106
107
# Add shlex.quote if it does not exist
108
try:
109
shlex.quote
110
except AttributeError:
111
shlex.quote = re.escape
112
94
113
95
# Show warnings by default
114
96
if not sys.warnoptions:
140
122
# No value found
141
123
SO_BINDTODEVICE = None
142
124
125
if sys.version_info.major == 2:
126
str = unicode
127
143
128
if sys.version_info < (3, 2):
144
129
configparser.Configparser = configparser.SafeConfigParser
145
130
146
version = "1.8.14"
131
version = "1.8.9"
147
132
stored_state_file = "clients.pickle"
148
133
149
134
logger = logging.getLogger()
524
509
class AvahiServiceToSyslog(AvahiService):
525
510
def rename(self, *args, **kwargs):
526
511
"""Add the new name to the syslog messages"""
527
ret = super(AvahiServiceToSyslog, self).rename(*args,
528
**kwargs)
512
ret = super(AvahiServiceToSyslog, self).rename(*args, **kwargs)
529
513
syslogger.setFormatter(logging.Formatter(
530
514
'Mandos ({}) [%(process)d]: %(levelname)s: %(message)s'
531
515
.format(self.name)))
775
759
776
760
x509_crt_fmt_t = ctypes.c_int
777
761
778
# All the function declarations below are from
779
# gnutls/abstract.h
762
# All the function declarations below are from gnutls/abstract.h
780
763
pubkey_init = _library.gnutls_pubkey_init
781
764
pubkey_init.argtypes = [ctypes.POINTER(pubkey_t)]
782
765
pubkey_init.restype = _error_code
796
779
pubkey_deinit.argtypes = [pubkey_t]
797
780
pubkey_deinit.restype = None
798
781
else:
799
# All the function declarations below are from
800
# gnutls/openpgp.h
782
# All the function declarations below are from gnutls/openpgp.h
801
783
802
784
openpgp_crt_init = _library.gnutls_openpgp_crt_init
803
785
openpgp_crt_init.argtypes = [ctypes.POINTER(openpgp_crt_t)]
809
791
openpgp_crt_fmt_t]
810
792
openpgp_crt_import.restype = _error_code
811
793
812
openpgp_crt_verify_self = \
813
_library.gnutls_openpgp_crt_verify_self
814
openpgp_crt_verify_self.argtypes = [
815
openpgp_crt_t,
816
ctypes.c_uint,
817
ctypes.POINTER(ctypes.c_uint),
818
]
794
openpgp_crt_verify_self = _library.gnutls_openpgp_crt_verify_self
795
openpgp_crt_verify_self.argtypes = [openpgp_crt_t, ctypes.c_uint,
796
ctypes.POINTER(ctypes.c_uint)]
819
797
openpgp_crt_verify_self.restype = _error_code
820
798
821
799
openpgp_crt_deinit = _library.gnutls_openpgp_crt_deinit
1059
1037
if self.checker_initiator_tag is not None:
1060
1038
GLib.source_remove(self.checker_initiator_tag)
1061
1039
self.checker_initiator_tag = GLib.timeout_add(
1062
random.randrange(int(self.interval.total_seconds() * 1000
1063
+ 1)),
1040
int(self.interval.total_seconds() * 1000),
1064
1041
self.start_checker)
1065
1042
# Schedule a disable() when 'timeout' has passed
1066
1043
if self.disable_initiator_tag is not None:
1141
1118
if self.checker is None:
1142
1119
# Escape attributes for the shell
1143
1120
escaped_attrs = {
1144
attr: shlex.quote(str(getattr(self, attr)))
1121
attr: re.escape(str(getattr(self, attr)))
1145
1122
for attr in self.runtime_expansions}
1146
1123
try:
1147
1124
command = self.checker_command % escaped_attrs
1436
1413
raise ValueError("Byte arrays not supported for non-"
1437
1414
"'ay' signature {!r}"
1438
1415
.format(prop._dbus_signature))
1439
value = dbus.ByteArray(bytes(value))
1416
value = dbus.ByteArray(b''.join(chr(byte)
1417
for byte in value))
1440
1418
prop(value)
1441
1419
1442
1420
@dbus.service.method(dbus.PROPERTIES_IFACE,
2475
2453
buf = ctypes.create_string_buffer(32)
2476
2454
buf_len = ctypes.c_size_t(len(buf))
2477
2455
# Get the key ID from the raw public key into the buffer
2478
gnutls.pubkey_get_key_id(
2479
pubkey,
2480
gnutls.KEYID_USE_SHA256,
2481
ctypes.cast(ctypes.byref(buf),
2482
ctypes.POINTER(ctypes.c_ubyte)),
2483
ctypes.byref(buf_len))
2456
gnutls.pubkey_get_key_id(pubkey,
2457
gnutls.KEYID_USE_SHA256,
2458
ctypes.cast(ctypes.byref(buf),
2459
ctypes.POINTER(ctypes.c_ubyte)),
2460
ctypes.byref(buf_len))
2484
2461
# Deinit the certificate
2485
2462
gnutls.pubkey_deinit(pubkey)
2486
2463
2731
2708
address = request[3]
2732
2709
2733
2710
for c in self.clients.values():
2734
if key_id == ("E3B0C44298FC1C149AFBF4C8996FB924"
2735
"27AE41E4649B934CA495991B7852B855"):
2711
if key_id == "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855":
2736
2712
continue
2737
2713
if key_id and c.key_id == key_id:
2738
2714
client = c
2773
2749
if command == 'getattr':
2774
2750
attrname = request[1]
2775
2751
if isinstance(client_object.__getattribute__(attrname),
2776
collections.abc.Callable):
2752
collections.Callable):
2777
2753
parent_pipe.send(('function', ))
2778
2754
else:
2779
2755
parent_pipe.send((
2790
2766
def rfc3339_duration_to_delta(duration):
2791
2767
"""Parse an RFC 3339 "duration" and return a datetime.timedelta
2792
2768
2793
>>> timedelta = datetime.timedelta
2794
>>> rfc3339_duration_to_delta("P7D") == timedelta(7)
2795
True
2796
>>> rfc3339_duration_to_delta("PT60S") == timedelta(0, 60)
2797
True
2798
>>> rfc3339_duration_to_delta("PT60M") == timedelta(0, 3600)
2799
True
2800
>>> rfc3339_duration_to_delta("PT24H") == timedelta(1)
2801
True
2802
>>> rfc3339_duration_to_delta("P1W") == timedelta(7)
2803
True
2804
>>> rfc3339_duration_to_delta("PT5M30S") == timedelta(0, 330)
2805
True
2806
>>> rfc3339_duration_to_delta("P1DT3M20S") == timedelta(1, 200)
2807
True
2808
>>> del timedelta
2769
>>> rfc3339_duration_to_delta("P7D") == datetime.timedelta(7)
2770
True
2771
>>> rfc3339_duration_to_delta("PT60S") == datetime.timedelta(0, 60)
2772
True
2773
>>> rfc3339_duration_to_delta("PT60M") == datetime.timedelta(0, 3600)
2774
True
2775
>>> rfc3339_duration_to_delta("PT24H") == datetime.timedelta(1)
2776
True
2777
>>> rfc3339_duration_to_delta("P1W") == datetime.timedelta(7)
2778
True
2779
>>> rfc3339_duration_to_delta("PT5M30S") == datetime.timedelta(0, 330)
2780
True
2781
>>> rfc3339_duration_to_delta("P1DT3M20S") == datetime.timedelta(1, 200)
2782
True
2809
2783
"""
2810
2784
2811
2785
# Parsing an RFC 3339 duration with regular expressions is not
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0