/mandos/trunk : revision 12

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-monitor

Committer: Teddy Hogeborn
Date: 2008-07-19 18:43:24 UTC
Revision ID: teddy@fukt.bsnet.se-20080719184324-iwhoa5in75xa0u2u

* mandos-clients.conf ([foo]/dn, [foo]/password, [braxen_client]/dn,
                       [braxen_client]/password): Removed.
  ([foo]/fingerprint, [braxen_client]/fingerprint): New.
  ([foo]/checker): New.
  ([foo]/secfile): New.
  ([braxen_client]/secret): New.

* server.py: New "--debug" option to set debug flag.  Removed "cert",
             "key", "ca", "crl", and "cred" variables.  Added default
             value for "checker" config file setting.  Do not pass
             credentials to IPv6_TCPServer constructor.
  (debug): New global debug flag.  Used by most debugging output code.
  (Client.__init__): Keyword argument "dn" replaced by "fingerprint",
                     "password" renamed to "secret", and "passfile"
                     renamed to "secfile".  New keyword argument
                     "checker". All callers changed.
  (Client.dn): Removed.
  (Client.fingerprint): New.
  (Client.password): Renamed to "secret"; all users changed.
  (Client.passfile): Renamed to "secfile"; all users changed.
  (Client.timeout, Client.interval): Changed to be properties; now
                                     automatically updates the
                                     "_timeout_milliseconds" and
                                     "_interval_milliseconds" values.
  (Client.timeout_milliseconds): Renamed to "_timeout_milliseconds".
  (Client.interval_milliseconds): Renamed to "_interval_milliseconds".
  (Client.check_command): New.
  (Client.start_checker): Use the new "check_command" attribute.
  (peer_certificate, fingerprint): New functions.

  (tcp_handler.handle): Use ClientSession with empty credentials
                        object instead of ServerSession.  Set gnutls
                        priority string.  Do not verify peer.  Use
                        fingerprint instead of DN when searching for
                        clients.  Bug fix: Loop sending data so even large
                        secret data strings are sent.
  (IPv6_TCPServer.credentials): Removed.
  (if_nametoindex): Do not import ctypes since that is now imported
                    globally.

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

client.cpp

crl.pem

key.pem

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

DBUS-API

INSTALL

NEWS

README

bugs.xml

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.examples

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/es.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/sv.po

debian/po/templates.pot

debian/rules

debian/source

debian/source/format

debian/source/lintian-overrides

debian/source/local-options

debian/tests

debian/tests/control

debian/upstream

debian/upstream/metadata

debian/upstream/signing-key.asc

debian/watch

default-mandos

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

init.d-mandos

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-hook

initramfs-tools-script

initramfs-tools-script-stop

initramfs-unpack

intro.xml

legalnotice.xml

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos-to-cryptroot-unlock

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

overview.xml

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

sysusers.d-mandos.conf

tmpfiles.d-mandos.conf

files renamed:
clients.conf => mandos-clients.conf

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

mandos-monitor

#!/usr/bin/python3 -bbI

# -*- mode: python; coding: utf-8 -*-

# Mandos Monitor - Control and monitor the Mandos server

# This file is part of Mandos.

# Mandos is free software: you can redistribute it and/or modify it

# under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

# Mandos is distributed in the hope that it will be useful, but

# WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License

# along with Mandos. If not, see <http://www.gnu.org/licenses/>.

# Contact the authors at <mandos@recompile.se>.

from __future__ import (division, absolute_import, print_function,

unicode_literals)

try:

from future_builtins import *

except ImportError:

pass

import sys

import logging

import os

import warnings

import datetime

import locale

import urwid.curses_display

import urwid

from dbus.mainloop.glib import DBusGMainLoop

from gi.repository import GLib

import dbus

if sys.version_info.major == 2:

__metaclass__ = type

str = unicode

input = raw_input

# Show warnings by default

if not sys.warnoptions:

warnings.simplefilter("default")

log = logging.getLogger(os.path.basename(sys.argv[0]))

logging.basicConfig(level="NOTSET", # Show all messages

format="%(message)s") # Show basic log messages

logging.captureWarnings(True) # Show warnings via the logging system

locale.setlocale(locale.LC_ALL, "")

logging.getLogger("dbus.proxies").setLevel(logging.CRITICAL)

# Some useful constants

domain = "se.recompile"

server_interface = domain + ".Mandos"

client_interface = domain + ".Mandos.Client"

version = "1.8.15"

try:

dbus.OBJECT_MANAGER_IFACE

except AttributeError:

dbus.OBJECT_MANAGER_IFACE = "org.freedesktop.DBus.ObjectManager"

def isoformat_to_datetime(iso):

"Parse an ISO 8601 date string to a datetime.datetime()"

if not iso:

return None

d, t = iso.split("T", 1)

year, month, day = d.split("-", 2)

hour, minute, second = t.split(":", 2)

second, fraction = divmod(float(second), 1)

return datetime.datetime(int(year),

int(month),

int(day),

int(hour),

int(minute),

int(second), # Whole seconds

int(fraction*1000000)) # Microseconds

class MandosClientPropertyCache:

"""This wraps a Mandos Client D-Bus proxy object, caches the

properties and calls a hook function when any of them are

100

changed.

101

"""

102

def __init__(self, proxy_object=None, properties=None, **kwargs):

103

self.proxy = proxy_object # Mandos Client proxy object

104

self.properties = dict() if properties is None else properties

105

self.property_changed_match = (

106

self.proxy.connect_to_signal("PropertiesChanged",

107

self.properties_changed,

108

dbus.PROPERTIES_IFACE,

109

byte_arrays=True))

110

111

if properties is None:

112

self.properties.update(self.proxy.GetAll(

113

client_interface,

114

dbus_interface=dbus.PROPERTIES_IFACE))

115

116

super(MandosClientPropertyCache, self).__init__(**kwargs)

117

118

def properties_changed(self, interface, properties, invalidated):

119

"""This is called whenever we get a PropertiesChanged signal

120

It updates the changed properties in the "properties" dict.

121

"""

122

# Update properties dict with new value

123

if interface == client_interface:

124

self.properties.update(properties)

125

126

def delete(self):

127

self.property_changed_match.remove()

128

129

130

class MandosClientWidget(urwid.FlowWidget, MandosClientPropertyCache):

131

"""A Mandos Client which is visible on the screen.

132

"""

133

134

def __init__(self, server_proxy_object=None, update_hook=None,

135

delete_hook=None, **kwargs):

136

# Called on update

137

self.update_hook = update_hook

138

# Called on delete

139

self.delete_hook = delete_hook

140

# Mandos Server proxy object

141

self.server_proxy_object = server_proxy_object

142

143

self._update_timer_callback_tag = None

144

145

# The widget shown normally

146

self._text_widget = urwid.Text("")

147

# The widget shown when we have focus

148

self._focus_text_widget = urwid.Text("")

149

super(MandosClientWidget, self).__init__(**kwargs)

150

self.update()

151

self.opened = False

152

153

self.match_objects = (

154

self.proxy.connect_to_signal("CheckerCompleted",

155

self.checker_completed,

156

client_interface,

157

byte_arrays=True),

158

self.proxy.connect_to_signal("CheckerStarted",

159

self.checker_started,

160

client_interface,

161

byte_arrays=True),

162

self.proxy.connect_to_signal("GotSecret",

163

self.got_secret,

164

client_interface,

165

byte_arrays=True),

166

self.proxy.connect_to_signal("NeedApproval",

167

self.need_approval,

168

client_interface,

169

byte_arrays=True),

170

self.proxy.connect_to_signal("Rejected",

171

self.rejected,

172

client_interface,

173

byte_arrays=True))

174

log.debug("Created client %s", self.properties["Name"])

175

176

def using_timer(self, flag):

177

"""Call this method with True or False when timer should be

178

activated or deactivated.

179

"""

180

if flag and self._update_timer_callback_tag is None:

181

# Will update the shown timer value every second

182

self._update_timer_callback_tag = (

183

GLib.timeout_add(1000,

184

glib_safely(self.update_timer)))

185

elif not (flag or self._update_timer_callback_tag is None):

186

GLib.source_remove(self._update_timer_callback_tag)

187

self._update_timer_callback_tag = None

188

189

def checker_completed(self, exitstatus, condition, command):

190

if exitstatus == 0:

191

log.debug('Checker for client %s (command "%s")'

192

" succeeded", self.properties["Name"], command)

193

self.update()

194

return

195

# Checker failed

196

if os.WIFEXITED(condition):

197

log.info('Checker for client %s (command "%s") failed'

198

" with exit code %d", self.properties["Name"],

199

command, os.WEXITSTATUS(condition))

200

elif os.WIFSIGNALED(condition):

201

log.info('Checker for client %s (command "%s") was'

202

" killed by signal %d", self.properties["Name"],

203

command, os.WTERMSIG(condition))

204

self.update()

205

206

def checker_started(self, command):

207

"""Server signals that a checker started."""

208

log.debug('Client %s started checker "%s"',

209

self.properties["Name"], command)

210

211

def got_secret(self):

212

log.info("Client %s received its secret",

213

self.properties["Name"])

214

215

def need_approval(self, timeout, default):

216

if not default:

217

message = "Client %s needs approval within %f seconds"

218

else:

219

message = "Client %s will get its secret in %f seconds"

220

log.info(message, self.properties["Name"], timeout/1000)

221

222

def rejected(self, reason):

223

log.info("Client %s was rejected; reason: %s",

224

self.properties["Name"], reason)

225

226

def selectable(self):

227

"""Make this a "selectable" widget.

228

This overrides the method from urwid.FlowWidget."""

229

return True

230

231

def rows(self, maxcolrow, focus=False):

232

"""How many rows this widget will occupy might depend on

233

whether we have focus or not.

234

This overrides the method from urwid.FlowWidget"""

235

return self.current_widget(focus).rows(maxcolrow, focus=focus)

236

237

def current_widget(self, focus=False):

238

if focus or self.opened:

239

return self._focus_widget

240

return self._widget

241

242

def update(self):

243

"Called when what is visible on the screen should be updated."

244

# How to add standout mode to a style

245

with_standout = {"normal": "standout",

246

"bold": "bold-standout",

247

"underline-blink":

248

"underline-blink-standout",

249

"bold-underline-blink":

250

"bold-underline-blink-standout",

251

}

252

253

# Rebuild focus and non-focus widgets using current properties

254

255

# Base part of a client. Name!

256

base = "{name}: ".format(name=self.properties["Name"])

257

if not self.properties["Enabled"]:

258

message = "DISABLED"

259

self.using_timer(False)

260

elif self.properties["ApprovalPending"]:

261

timeout = datetime.timedelta(

262

milliseconds=self.properties["ApprovalDelay"])

263

last_approval_request = isoformat_to_datetime(

264

self.properties["LastApprovalRequest"])

265

if last_approval_request is not None:

266

timer = max(timeout - (datetime.datetime.utcnow()

267

- last_approval_request),

268

datetime.timedelta())

269

else:

270

timer = datetime.timedelta()

271

if self.properties["ApprovedByDefault"]:

272

message = "Approval in {}. (d)eny?"

273

else:

274

message = "Denial in {}. (a)pprove?"

275

message = message.format(str(timer).rsplit(".", 1)[0])

276

self.using_timer(True)

277

elif self.properties["LastCheckerStatus"] != 0:

278

# When checker has failed, show timer until client expires

279

expires = self.properties["Expires"]

280

if expires == "":

281

timer = datetime.timedelta(0)

282

else:

283

expires = (datetime.datetime.strptime

284

(expires, "%Y-%m-%dT%H:%M:%S.%f"))

285

timer = max(expires - datetime.datetime.utcnow(),

286

datetime.timedelta())

287

message = ("A checker has failed! Time until client"

288

" gets disabled: {}"

289

.format(str(timer).rsplit(".", 1)[0]))

290

self.using_timer(True)

291

else:

292

message = "enabled"

293

self.using_timer(False)

294

self._text = "{}{}".format(base, message)

295

296

if not urwid.supports_unicode():

297

self._text = self._text.encode("ascii", "replace")

298

textlist = [("normal", self._text)]

299

self._text_widget.set_text(textlist)

300

self._focus_text_widget.set_text([(with_standout[text[0]],

301

text[1])

302

if isinstance(text, tuple)

303

else text

304

for text in textlist])

305

self._widget = self._text_widget

306

self._focus_widget = urwid.AttrWrap(self._focus_text_widget,

307

"standout")

308

# Run update hook, if any

309

if self.update_hook is not None:

310

self.update_hook()

311

312

def update_timer(self):

313

"""called by GLib. Will indefinitely loop until

314

GLib.source_remove() on tag is called

315

"""

316

self.update()

317

return True # Keep calling this

318

319

def delete(self, **kwargs):

320

if self._update_timer_callback_tag is not None:

321

GLib.source_remove(self._update_timer_callback_tag)

322

self._update_timer_callback_tag = None

323

for match in self.match_objects:

324

match.remove()

325

self.match_objects = ()

326

if self.delete_hook is not None:

327

self.delete_hook(self)

328

return super(MandosClientWidget, self).delete(**kwargs)

329

330

def render(self, maxcolrow, focus=False):

331

"""Render differently if we have focus.

332

This overrides the method from urwid.FlowWidget"""

333

return self.current_widget(focus).render(maxcolrow,

334

focus=focus)

335

336

def keypress(self, maxcolrow, key):

337

"""Handle keys.

338

This overrides the method from urwid.FlowWidget"""

339

if key == "+":

340

self.proxy.Set(client_interface, "Enabled",

341

dbus.Boolean(True), ignore_reply=True,

342

dbus_interface=dbus.PROPERTIES_IFACE)

343

elif key == "-":

344

self.proxy.Set(client_interface, "Enabled", False,

345

ignore_reply=True,

346

dbus_interface=dbus.PROPERTIES_IFACE)

347

elif key == "a":

348

self.proxy.Approve(dbus.Boolean(True, variant_level=1),

349

dbus_interface=client_interface,

350

ignore_reply=True)

351

elif key == "d":

352

self.proxy.Approve(dbus.Boolean(False, variant_level=1),

353

dbus_interface=client_interface,

354

ignore_reply=True)

355

elif key == "R" or key == "_" or key == "ctrl k":

356

self.server_proxy_object.RemoveClient(self.proxy

357

.object_path,

358

ignore_reply=True)

359

elif key == "s":

360

self.proxy.Set(client_interface, "CheckerRunning",

361

dbus.Boolean(True), ignore_reply=True,

362

dbus_interface=dbus.PROPERTIES_IFACE)

363

elif key == "S":

364

self.proxy.Set(client_interface, "CheckerRunning",

365

dbus.Boolean(False), ignore_reply=True,

366

dbus_interface=dbus.PROPERTIES_IFACE)

367

elif key == "C":

368

self.proxy.CheckedOK(dbus_interface=client_interface,

369

ignore_reply=True)

370

# xxx

371

# elif key == "p" or key == "=":

372

# self.proxy.pause()

373

# elif key == "u" or key == ":":

374

# self.proxy.unpause()

375

# elif key == "RET":

376

# self.open()

377

else:

378

return key

379

380

def properties_changed(self, interface, properties, invalidated):

381

"""Call self.update() if any properties changed.

382

This overrides the method from MandosClientPropertyCache"""

383

old_values = {key: self.properties.get(key)

384

for key in properties.keys()}

385

super(MandosClientWidget, self).properties_changed(

386

interface, properties, invalidated)

387

if any(old_values[key] != self.properties.get(key)

388

for key in old_values):

389

self.update()

390

391

392

def glib_safely(func, retval=True):

393

def safe_func(*args, **kwargs):

394

try:

395

return func(*args, **kwargs)

396

except Exception:

397

log.exception("")

398

return retval

399

return safe_func

400

401

402

class ConstrainedListBox(urwid.ListBox):

403

"""Like a normal urwid.ListBox, but will consume all "up" or

404

"down" key presses, thus not allowing any containing widgets to

405

use them as an excuse to shift focus away from this widget.

406

"""

407

def keypress(self, *args, **kwargs):

408

ret = (super(ConstrainedListBox, self)

409

.keypress(*args, **kwargs))

410

if ret in ("up", "down"):

411

return

412

return ret

413

414

415

class UserInterface:

416

"""This is the entire user interface - the whole screen

417

with boxes, lists of client widgets, etc.

418

"""

419

def __init__(self, max_log_length=1000):

420

DBusGMainLoop(set_as_default=True)

421

422

self.screen = urwid.curses_display.Screen()

423

424

self.screen.register_palette((

425

("normal",

426

"default", "default", None),

427

("bold",

428

"bold", "default", "bold"),

429

("underline-blink",

430

"underline,blink", "default", "underline,blink"),

431

("standout",

432

"standout", "default", "standout"),

433

("bold-underline-blink",

434

"bold,underline,blink", "default",

435

"bold,underline,blink"),

436

("bold-standout",

437

"bold,standout", "default", "bold,standout"),

438

("underline-blink-standout",

439

"underline,blink,standout", "default",

440

"underline,blink,standout"),

441

("bold-underline-blink-standout",

442

"bold,underline,blink,standout", "default",

443

"bold,underline,blink,standout"),

444

))

445

446

if urwid.supports_unicode():

447

self.divider = "─" # \u2500

448

else:

449

self.divider = "_" # \u005f

450

451

self.screen.start()

452

453

self.size = self.screen.get_cols_rows()

454

455

self.clients = urwid.SimpleListWalker([])

456

self.clients_dict = {}

457

458

# We will add Text widgets to this list

459

self.log = urwid.SimpleListWalker([])

460

self.max_log_length = max_log_length

461

462

# We keep a reference to the log widget so we can remove it

463

# from the ListWalker without it getting destroyed

464

self.logbox = ConstrainedListBox(self.log)

465

466

# This keeps track of whether self.uilist currently has

467

# self.logbox in it or not

468

self.log_visible = True

469

self.log_wrap = "any"

470

471

self.loghandler = UILogHandler(self)

472

473

self.rebuild()

474

self.add_log_line(("bold",

475

"Mandos Monitor version " + version))

476

self.add_log_line(("bold", "q: Quit ?: Help"))

477

478

self.busname = domain + ".Mandos"

479

self.main_loop = GLib.MainLoop()

480

481

def client_not_found(self, key_id, address):

482

log.info("Client with address %s and key ID %s could"

483

" not be found", address, key_id)

484

485

def rebuild(self):

486

"""This rebuilds the User Interface.

487

Call this when the widget layout needs to change"""

488

self.uilist = []

489

# self.uilist.append(urwid.ListBox(self.clients))

490

self.uilist.append(urwid.Frame(ConstrainedListBox(self.

491

clients),

492

# header=urwid.Divider(),

493

header=None,

494

footer=urwid.Divider(

495

div_char=self.divider)))

496

if self.log_visible:

497

self.uilist.append(self.logbox)

498

self.topwidget = urwid.Pile(self.uilist)

499

500

def add_log_line(self, markup):

501

self.log.append(urwid.Text(markup, wrap=self.log_wrap))

502

if self.max_log_length:

503

if len(self.log) > self.max_log_length:

504

del self.log[0:(len(self.log) - self.max_log_length)]

505

self.logbox.set_focus(len(self.logbox.body.contents)-1,

506

coming_from="above")

507

self.refresh()

508

509

def toggle_log_display(self):

510

"""Toggle visibility of the log buffer."""

511

self.log_visible = not self.log_visible

512

self.rebuild()

513

log.debug("Log visibility changed to: %s", self.log_visible)

514

515

def change_log_display(self):

516

"""Change type of log display.

517

Currently, this toggles wrapping of text lines."""

518

if self.log_wrap == "clip":

519

self.log_wrap = "any"

520

else:

521

self.log_wrap = "clip"

522

for textwidget in self.log:

523

textwidget.set_wrap_mode(self.log_wrap)

524

log.debug("Wrap mode: %s", self.log_wrap)

525

526

def find_and_remove_client(self, path, interfaces):

527

"""Find a client by its object path and remove it.

528

529

This is connected to the InterfacesRemoved signal from the

530

Mandos server object."""

531

if client_interface not in interfaces:

532

# Not a Mandos client object; ignore

533

return

534

try:

535

client = self.clients_dict[path]

536

except KeyError:

537

# not found?

538

log.warning("Unknown client %s removed", path)

539

return

540

client.delete()

541

542

def add_new_client(self, path, ifs_and_props):

543

"""Find a client by its object path and remove it.

544

545

This is connected to the InterfacesAdded signal from the

546

Mandos server object.

547

"""

548

if client_interface not in ifs_and_props:

549

# Not a Mandos client object; ignore

550

return

551

client_proxy_object = self.bus.get_object(self.busname, path)

552

self.add_client(MandosClientWidget(

553

server_proxy_object=self.mandos_serv,

554

proxy_object=client_proxy_object,

555

update_hook=self.refresh,

556

delete_hook=self.remove_client,

557

properties=dict(ifs_and_props[client_interface])),

558

path=path)

559

560

def add_client(self, client, path=None):

561

self.clients.append(client)

562

if path is None:

563

path = client.proxy.object_path

564

self.clients_dict[path] = client

565

self.clients.sort(key=lambda c: c.properties["Name"])

566

self.refresh()

567

568

def remove_client(self, client, path=None):

569

self.clients.remove(client)

570

if path is None:

571

path = client.proxy.object_path

572

del self.clients_dict[path]

573

self.refresh()

574

575

def refresh(self):

576

"""Redraw the screen"""

577

canvas = self.topwidget.render(self.size, focus=True)

578

self.screen.draw_screen(self.size, canvas)

579

580

def run(self):

581

"""Start the main loop and exit when it's done."""

582

log.addHandler(self.loghandler)

583

self.orig_log_propagate = log.propagate

584

log.propagate = False

585

self.orig_log_level = log.level

586

log.setLevel("INFO")

587

self.bus = dbus.SystemBus()

588

mandos_dbus_objc = self.bus.get_object(

589

self.busname, "/", follow_name_owner_changes=True)

590

self.mandos_serv = dbus.Interface(

591

mandos_dbus_objc, dbus_interface=server_interface)

592

try:

593

mandos_clients = (self.mandos_serv

594

.GetAllClientsWithProperties())

595

if not mandos_clients:

596

log.warning("Note: Server has no clients.")

597

except dbus.exceptions.DBusException:

598

log.warning("Note: No Mandos server running.")

599

mandos_clients = dbus.Dictionary()

600

601

(self.mandos_serv

602

.connect_to_signal("InterfacesRemoved",

603

self.find_and_remove_client,

604

dbus_interface=dbus.OBJECT_MANAGER_IFACE,

605

byte_arrays=True))

606

(self.mandos_serv

607

.connect_to_signal("InterfacesAdded",

608

self.add_new_client,

609

dbus_interface=dbus.OBJECT_MANAGER_IFACE,

610

byte_arrays=True))

611

(self.mandos_serv

612

.connect_to_signal("ClientNotFound",

613

self.client_not_found,

614

dbus_interface=server_interface,

615

byte_arrays=True))

616

for path, client in mandos_clients.items():

617

client_proxy_object = self.bus.get_object(self.busname,

618

path)

619

self.add_client(MandosClientWidget(

620

server_proxy_object=self.mandos_serv,

621

proxy_object=client_proxy_object,

622

properties=client,

623

update_hook=self.refresh,

624

delete_hook=self.remove_client),

625

path=path)

626

627

self.refresh()

628

self._input_callback_tag = (

629

GLib.io_add_watch(

630

GLib.IOChannel.unix_new(sys.stdin.fileno()),

631

GLib.PRIORITY_DEFAULT, GLib.IO_IN,

632

glib_safely(self.process_input)))

633

self.main_loop.run()

634

# Main loop has finished, we should close everything now

635

GLib.source_remove(self._input_callback_tag)

636

with warnings.catch_warnings():

637

warnings.simplefilter("ignore", BytesWarning)

638

self.screen.stop()

639

640

def stop(self):

641

self.main_loop.quit()

642

log.removeHandler(self.loghandler)

643

log.propagate = self.orig_log_propagate

644

645

def process_input(self, source, condition):

646

keys = self.screen.get_input()

647

translations = {"ctrl n": "down", # Emacs

648

"ctrl p": "up", # Emacs

649

"ctrl v": "page down", # Emacs

650

"meta v": "page up", # Emacs

651

" ": "page down", # less

652

"f": "page down", # less

653

"b": "page up", # less

654

"j": "down", # vi

655

"k": "up", # vi

656

}

657

for key in keys:

658

try:

659

key = translations[key]

660

except KeyError: # :-)

661

pass

662

663

if key == "q" or key == "Q":

664

self.stop()

665

break

666

elif key == "window resize":

667

self.size = self.screen.get_cols_rows()

668

self.refresh()

669

elif key == "ctrl l":

670

self.screen.clear()

671

self.refresh()

672

elif key == "l" or key == "D":

673

self.toggle_log_display()

674

self.refresh()

675

elif key == "w" or key == "i":

676

self.change_log_display()

677

self.refresh()

678

elif key == "?" or key == "f1" or key == "esc":

679

if not self.log_visible:

680

self.log_visible = True

681

self.rebuild()

682

self.add_log_line(("bold",

683

" ".join(("q: Quit",

684

"?: Help",

685

"l: Log window toggle",

686

"TAB: Switch window",

687

"w: Wrap (log lines)",

688

"v: Toggle verbose log",

689

))))

690

self.add_log_line(("bold",

691

" ".join(("Clients:",

692

"+: Enable",

693

"-: Disable",

694

"R: Remove",

695

"s: Start new checker",

696

"S: Stop checker",

697

"C: Checker OK",

698

"a: Approve",

699

"d: Deny",

700

))))

701

self.refresh()

702

elif key == "tab":

703

if self.topwidget.get_focus() is self.logbox:

704

self.topwidget.set_focus(0)

705

else:

706

self.topwidget.set_focus(self.logbox)

707

self.refresh()

708

elif key == "v":

709

if log.level < logging.INFO:

710

log.setLevel(logging.INFO)

711

log.info("Verbose mode: Off")

712

else:

713

log.setLevel(logging.NOTSET)

714

log.info("Verbose mode: On")

715

# elif (key == "end" or key == "meta >" or key == "G"

716

# or key == ">"):

717

# pass # xxx end-of-buffer

718

# elif (key == "home" or key == "meta <" or key == "g"

719

# or key == "<"):

720

# pass # xxx beginning-of-buffer

721

# elif key == "ctrl e" or key == "$":

722

# pass # xxx move-end-of-line

723

# elif key == "ctrl a" or key == "^":

724

# pass # xxx move-beginning-of-line

725

# elif key == "ctrl b" or key == "meta (" or key == "h":

726

# pass # xxx left

727

# elif key == "ctrl f" or key == "meta )" or key == "l":

728

# pass # xxx right

729

# elif key == "a":

730

# pass # scroll up log

731

# elif key == "z":

732

# pass # scroll down log

733

elif self.topwidget.selectable():

734

self.topwidget.keypress(self.size, key)

735

self.refresh()

736

return True

737

738

739

class UILogHandler(logging.Handler):

740

def __init__(self, ui, *args, **kwargs):

741

self.ui = ui

742

super(UILogHandler, self).__init__(*args, **kwargs)

743

self.setFormatter(

744

logging.Formatter("%(asctime)s: %(message)s"))

745

def emit(self, record):

746

msg = self.format(record)

747

if record.levelno > logging.INFO:

748

msg = ("bold", msg)

749

self.ui.add_log_line(msg)

750

751

752

ui = UserInterface()

753

try:

754

ui.run()

755

except KeyboardInterrupt:

756

with warnings.catch_warnings():

757

warnings.filterwarnings("ignore", "", BytesWarning)

758

ui.screen.stop()

759

except Exception:

760

with warnings.catch_warnings():

761

warnings.filterwarnings("ignore", "", BytesWarning)

762

ui.screen.stop()

763

raise

Older »