To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to server.py
- browse files at revision 13
- compare with another revision
- download diff
- download tarball
- view history from revision 13
- Committer: Björn Påhlsson
- Date: 2008-07-20 02:52:20 UTC
- Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
- files added:
- ca.pem
- files removed:
- .bzrignore
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
server.py
1
1
#!/usr/bin/python
2
# -*- mode: python; coding: utf-8 -*-
3
#
4
# Mandos server - give out binary blobs to connecting clients.
5
#
6
# This program is partly derived from an example program for an Avahi
7
# service publisher, downloaded from
8
# <http://avahi.org/wiki/PythonPublishExample>. This includes the
9
# methods "add" and "remove" in the "AvahiService" class, the
10
# "server_state_changed" and "entry_group_state_changed" functions,
11
# and some lines in "main".
12
#
13
# Everything else is
14
# Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
15
#
16
# This program is free software: you can redistribute it and/or modify
17
# it under the terms of the GNU General Public License as published by
18
# the Free Software Foundation, either version 3 of the License, or
19
# (at your option) any later version.
20
#
21
# This program is distributed in the hope that it will be useful,
22
# but WITHOUT ANY WARRANTY; without even the implied warranty of
23
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24
# GNU General Public License for more details.
25
#
26
# You should have received a copy of the GNU General Public License
27
# along with this program. If not, see
28
# <http://www.gnu.org/licenses/>.
29
#
30
# Contact the authors at <mandos@fukt.bsnet.se>.
31
#
32
2
33
3
from __future__ import division
34
4
51
21
import signal
52
22
from sets import Set
53
23
import subprocess
54
import atexit
55
import stat
56
import logging
57
import logging.handlers
58
import pwd
59
24
60
25
import dbus
61
26
import gobject
63
28
from dbus.mainloop.glib import DBusGMainLoop
64
29
import ctypes
65
30
66
version = "1.0"
31
import logging
32
import logging.handlers
33
34
# logghandler.setFormatter(logging.Formatter('%(levelname)s %(message)s')
67
35
68
36
logger = logging.Logger('mandos')
69
syslogger = logging.handlers.SysLogHandler\
70
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
71
address = "/dev/log")
72
syslogger.setFormatter(logging.Formatter\
73
('Mandos: %(levelname)s: %(message)s'))
74
logger.addHandler(syslogger)
75
76
console = logging.StreamHandler()
77
console.setFormatter(logging.Formatter('%(name)s: %(levelname)s:'
78
' %(message)s'))
79
logger.addHandler(console)
80
81
class AvahiError(Exception):
82
def __init__(self, value):
83
self.value = value
84
def __str__(self):
85
return repr(self.value)
86
87
class AvahiServiceError(AvahiError):
88
pass
89
90
class AvahiGroupError(AvahiError):
91
pass
92
93
94
class AvahiService(object):
95
"""An Avahi (Zeroconf) service.
96
Attributes:
97
interface: integer; avahi.IF_UNSPEC or an interface index.
98
Used to optionally bind to the specified interface.
99
name: string; Example: 'Mandos'
100
type: string; Example: '_mandos._tcp'.
101
See <http://www.dns-sd.org/ServiceTypes.html>
102
port: integer; what port to announce
103
TXT: list of strings; TXT record for the service
104
domain: string; Domain to publish on, default to .local if empty.
105
host: string; Host to publish records for, default is localhost
106
max_renames: integer; maximum number of renames
107
rename_count: integer; counter so we only rename after collisions
108
a sensible number of times
109
"""
110
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
111
type = None, port = None, TXT = None, domain = "",
112
host = "", max_renames = 32768):
113
self.interface = interface
114
self.name = name
115
self.type = type
116
self.port = port
117
if TXT is None:
118
self.TXT = []
119
else:
120
self.TXT = TXT
121
self.domain = domain
122
self.host = host
123
self.rename_count = 0
124
self.max_renames = max_renames
125
def rename(self):
126
"""Derived from the Avahi example code"""
127
if self.rename_count >= self.max_renames:
128
logger.critical(u"No suitable Zeroconf service name found"
129
u" after %i retries, exiting.",
130
rename_count)
131
raise AvahiServiceError("Too many renames")
132
self.name = server.GetAlternativeServiceName(self.name)
133
logger.info(u"Changing Zeroconf service name to %r ...",
134
str(self.name))
135
syslogger.setFormatter(logging.Formatter\
136
('Mandos (%s): %%(levelname)s:'
137
' %%(message)s' % self.name))
138
self.remove()
139
self.add()
140
self.rename_count += 1
141
def remove(self):
142
"""Derived from the Avahi example code"""
143
if group is not None:
144
group.Reset()
145
def add(self):
146
"""Derived from the Avahi example code"""
147
global group
148
if group is None:
149
group = dbus.Interface\
150
(bus.get_object(avahi.DBUS_NAME,
151
server.EntryGroupNew()),
152
avahi.DBUS_INTERFACE_ENTRY_GROUP)
153
group.connect_to_signal('StateChanged',
154
entry_group_state_changed)
155
logger.debug(u"Adding Zeroconf service '%s' of type '%s' ...",
156
service.name, service.type)
157
group.AddService(
158
self.interface, # interface
159
avahi.PROTO_INET6, # protocol
160
dbus.UInt32(0), # flags
161
self.name, self.type,
162
self.domain, self.host,
163
dbus.UInt16(self.port),
164
avahi.string_array_to_txt_array(self.TXT))
165
group.Commit()
166
167
# From the Avahi example code:
168
group = None # our entry group
37
logger.addHandler(logging.handlers.SysLogHandler(facility = logging.handlers.SysLogHandler.LOG_DAEMON))
38
39
# This variable is used to optionally bind to a specified interface.
40
# It is a global variable to fit in with the other variables from the
41
# Avahi server example code.
42
serviceInterface = avahi.IF_UNSPEC
43
# From the Avahi server example code:
44
serviceName = "Mandos"
45
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
46
servicePort = None # Not known at startup
47
serviceTXT = [] # TXT record for the service
48
domain = "" # Domain to publish on, default to .local
49
host = "" # Host to publish records for, default to localhost
50
group = None #our entry group
51
rename_count = 12 # Counter so we only rename after collisions a
52
# sensible number of times
169
53
# End of Avahi example code
170
54
171
55
176
60
fingerprint: string (40 or 32 hexadecimal digits); used to
177
61
uniquely identify the client
178
62
secret: bytestring; sent verbatim (over TLS) to client
179
host: string; available for use by the checker command
180
created: datetime.datetime(); object creation, not client host
181
last_checked_ok: datetime.datetime() or None if not yet checked OK
182
timeout: datetime.timedelta(); How long from last_checked_ok
183
until this client is invalid
63
fqdn: string (FQDN); available for use by the checker command
64
created: datetime.datetime()
65
last_seen: datetime.datetime() or None if not yet seen
66
timeout: datetime.timedelta(); How long from last_seen until
67
this client is invalid
184
68
interval: datetime.timedelta(); How often to start a new checker
185
69
stop_hook: If set, called by stop() as stop_hook(self)
186
70
checker: subprocess.Popen(); a running checker process used
187
71
to see if the client lives.
188
'None' if no process is running.
72
Is None if no process is running.
189
73
checker_initiator_tag: a gobject event source tag, or None
190
74
stop_initiator_tag: - '' -
191
75
checker_callback_tag: - '' -
192
76
checker_command: string; External command which is run to check if
193
client lives. %() expansions are done at
77
client lives. %()s expansions are done at
194
78
runtime with vars(self) as dict, so that for
195
79
instance %(name)s can be used in the command.
196
80
Private attibutes:
197
81
_timeout: Real variable for 'timeout'
198
82
_interval: Real variable for 'interval'
199
_timeout_milliseconds: Used when calling gobject.timeout_add()
83
_timeout_milliseconds: Used by gobject.timeout_add()
200
84
_interval_milliseconds: - '' -
201
85
"""
202
86
def _set_timeout(self, timeout):
222
106
interval = property(lambda self: self._interval,
223
107
_set_interval)
224
108
del _set_interval
225
def __init__(self, name = None, stop_hook=None, config={}):
226
"""Note: the 'checker' key in 'config' sets the
227
'checker_command' attribute and *not* the 'checker'
228
attribute."""
109
def __init__(self, name=None, options=None, stop_hook=None,
110
fingerprint=None, secret=None, secfile=None, fqdn=None,
111
timeout=None, interval=-1, checker=None):
229
112
self.name = name
230
logger.debug(u"Creating client %r", self.name)
231
# Uppercase and remove spaces from fingerprint for later
232
# comparison purposes with return value from the fingerprint()
233
# function
234
self.fingerprint = config["fingerprint"].upper()\
235
.replace(u" ", u"")
236
logger.debug(u" Fingerprint: %s", self.fingerprint)
237
if "secret" in config:
238
self.secret = config["secret"].decode(u"base64")
239
elif "secfile" in config:
240
sf = open(config["secfile"])
113
# Uppercase and remove spaces from fingerprint
114
# for later comparison purposes with return value of
115
# the fingerprint() function
116
self.fingerprint = fingerprint.upper().replace(u" ", u"")
117
if secret:
118
self.secret = secret.decode(u"base64")
119
elif secfile:
120
sf = open(secfile)
241
121
self.secret = sf.read()
242
122
sf.close()
243
123
else:
244
raise TypeError(u"No secret or secfile for client %s"
245
% self.name)
246
self.host = config.get("host", "")
124
raise RuntimeError(u"No secret or secfile for client %s"
125
% self.name)
126
self.fqdn = fqdn # string
247
127
self.created = datetime.datetime.now()
248
self.last_checked_ok = None
249
self.timeout = string_to_delta(config["timeout"])
250
self.interval = string_to_delta(config["interval"])
128
self.last_seen = None
129
if timeout is None:
130
timeout = options.timeout
131
self.timeout = timeout
132
if interval == -1:
133
interval = options.interval
134
else:
135
interval = string_to_delta(interval)
136
self.interval = interval
251
137
self.stop_hook = stop_hook
252
138
self.checker = None
253
139
self.checker_initiator_tag = None
254
140
self.stop_initiator_tag = None
255
141
self.checker_callback_tag = None
256
self.check_command = config["checker"]
142
self.check_command = checker
257
143
def start(self):
258
"""Start this client's checker and timeout hooks"""
144
"""Start this clients checker and timeout hooks"""
259
145
# Schedule a new checker to be started an 'interval' from now,
260
146
# and every interval from then on.
261
147
self.checker_initiator_tag = gobject.timeout_add\
269
155
self.stop)
270
156
def stop(self):
271
157
"""Stop this client.
272
The possibility that a client might be restarted is left open,
273
but not currently used."""
274
# If this client doesn't have a secret, it is already stopped.
275
if hasattr(self, "secret") and self.secret:
276
logger.info(u"Stopping client %s", self.name)
277
self.secret = None
278
else:
279
return False
280
if getattr(self, "stop_initiator_tag", False):
158
The possibility that this client might be restarted is left
159
open, but not currently used."""
160
logger.debug(u"Stopping client %s", self.name)
161
self.secret = None
162
if self.stop_initiator_tag:
281
163
gobject.source_remove(self.stop_initiator_tag)
282
164
self.stop_initiator_tag = None
283
if getattr(self, "checker_initiator_tag", False):
165
if self.checker_initiator_tag:
284
166
gobject.source_remove(self.checker_initiator_tag)
285
167
self.checker_initiator_tag = None
286
168
self.stop_checker()
289
171
# Do not run this again if called by a gobject.timeout_add
290
172
return False
291
173
def __del__(self):
292
self.stop_hook = None
293
self.stop()
174
# Some code duplication here and in stop()
175
if hasattr(self, "stop_initiator_tag") \
176
and self.stop_initiator_tag:
177
gobject.source_remove(self.stop_initiator_tag)
178
self.stop_initiator_tag = None
179
if hasattr(self, "checker_initiator_tag") \
180
and self.checker_initiator_tag:
181
gobject.source_remove(self.checker_initiator_tag)
182
self.checker_initiator_tag = None
183
self.stop_checker()
294
184
def checker_callback(self, pid, condition):
295
185
"""The checker has completed, so take appropriate actions."""
296
186
now = datetime.datetime.now()
297
self.checker_callback_tag = None
298
self.checker = None
299
187
if os.WIFEXITED(condition) \
300
188
and (os.WEXITSTATUS(condition) == 0):
301
logger.info(u"Checker for %(name)s succeeded",
302
vars(self))
303
self.last_checked_ok = now
189
logger.debug(u"Checker for %(name)s succeeded",
190
vars(self))
191
self.last_seen = now
304
192
gobject.source_remove(self.stop_initiator_tag)
305
193
self.stop_initiator_tag = gobject.timeout_add\
306
194
(self._timeout_milliseconds,
307
195
self.stop)
308
elif not os.WIFEXITED(condition):
196
if not os.WIFEXITED(condition):
309
197
logger.warning(u"Checker for %(name)s crashed?",
310
198
vars(self))
311
199
else:
312
logger.info(u"Checker for %(name)s failed",
313
vars(self))
200
logger.debug(u"Checker for %(name)s failed",
201
vars(self))
202
self.checker = None
203
self.checker_callback_tag = None
314
204
def start_checker(self):
315
205
"""Start a new checker subprocess if one is not running.
316
206
If a checker already exists, leave it running and do
317
207
nothing."""
318
# The reason for not killing a running checker is that if we
319
# did that, then if a checker (for some reason) started
320
# running slowly and taking more than 'interval' time, the
321
# client would inevitably timeout, since no checker would get
322
# a chance to run to completion. If we instead leave running
323
# checkers alone, the checker would have to take more time
324
# than 'timeout' for the client to be declared invalid, which
325
# is as it should be.
326
208
if self.checker is None:
209
logger.debug(u"Starting checker for %s",
210
self.name)
327
211
try:
328
# In case check_command has exactly one % operator
329
command = self.check_command % self.host
212
command = self.check_command % self.fqdn
330
213
except TypeError:
331
# Escape attributes for the shell
332
214
escaped_attrs = dict((key, re.escape(str(val)))
333
215
for key, val in
334
216
vars(self).iteritems())
335
217
try:
336
218
command = self.check_command % escaped_attrs
337
219
except TypeError, error:
338
logger.error(u'Could not format string "%s":'
339
u' %s', self.check_command, error)
220
logger.critical(u'Could not format string "%s": %s',
221
self.check_command, error)
340
222
return True # Try again later
341
223
try:
342
logger.info(u"Starting checker %r for %s",
343
command, self.name)
344
# We don't need to redirect stdout and stderr, since
345
# in normal mode, that is already done by daemon(),
346
# and in debug mode we don't want to. (Stdin is
347
# always replaced by /dev/null.)
348
self.checker = subprocess.Popen(command,
349
close_fds=True,
350
shell=True, cwd="/")
351
self.checker_callback_tag = gobject.child_watch_add\
352
(self.checker.pid,
353
self.checker_callback)
354
except OSError, error:
224
self.checker = subprocess.\
225
Popen(command,
226
stdout=subprocess.PIPE,
227
close_fds=True, shell=True,
228
cwd="/")
229
self.checker_callback_tag = gobject.\
230
child_watch_add(self.checker.pid,
231
self.\
232
checker_callback)
233
except subprocess.OSError, error:
355
234
logger.error(u"Failed to start subprocess: %s",
356
235
error)
357
236
# Re-run this periodically if run by gobject.timeout_add
358
237
return True
359
238
def stop_checker(self):
360
239
"""Force the checker process, if any, to stop."""
361
if self.checker_callback_tag:
362
gobject.source_remove(self.checker_callback_tag)
363
self.checker_callback_tag = None
364
if getattr(self, "checker", None) is None:
240
if not hasattr(self, "checker") or self.checker is None:
365
241
return
366
logger.debug(u"Stopping checker for %(name)s", vars(self))
367
try:
368
os.kill(self.checker.pid, signal.SIGTERM)
369
#os.sleep(0.5)
370
#if self.checker.poll() is None:
371
# os.kill(self.checker.pid, signal.SIGKILL)
372
except OSError, error:
373
if error.errno != errno.ESRCH: # No such process
374
raise
242
gobject.source_remove(self.checker_callback_tag)
243
self.checker_callback_tag = None
244
os.kill(self.checker.pid, signal.SIGTERM)
245
if self.checker.poll() is None:
246
os.kill(self.checker.pid, signal.SIGKILL)
375
247
self.checker = None
376
def still_valid(self):
248
def still_valid(self, now=None):
377
249
"""Has the timeout not yet passed for this client?"""
378
now = datetime.datetime.now()
379
if self.last_checked_ok is None:
250
if now is None:
251
now = datetime.datetime.now()
252
if self.last_seen is None:
380
253
return now < (self.created + self.timeout)
381
254
else:
382
return now < (self.last_checked_ok + self.timeout)
255
return now < (self.last_seen + self.timeout)
383
256
384
257
385
258
def peer_certificate(session):
386
"Return the peer's OpenPGP certificate as a bytestring"
387
259
# If not an OpenPGP certificate...
388
260
if gnutls.library.functions.gnutls_certificate_type_get\
389
261
(session._c_object) \
400
272
401
273
402
274
def fingerprint(openpgp):
403
"Convert an OpenPGP bytestring to a hexdigit fingerprint string"
275
# New empty GnuTLS certificate
276
crt = gnutls.library.types.gnutls_openpgp_crt_t()
277
gnutls.library.functions.gnutls_openpgp_crt_init\
278
(ctypes.byref(crt))
404
279
# New GnuTLS "datum" with the OpenPGP public key
405
280
datum = gnutls.library.types.gnutls_datum_t\
406
281
(ctypes.cast(ctypes.c_char_p(openpgp),
407
282
ctypes.POINTER(ctypes.c_ubyte)),
408
283
ctypes.c_uint(len(openpgp)))
409
# New empty GnuTLS certificate
410
crt = gnutls.library.types.gnutls_openpgp_crt_t()
411
gnutls.library.functions.gnutls_openpgp_crt_init\
412
(ctypes.byref(crt))
413
284
# Import the OpenPGP public key into the certificate
414
gnutls.library.functions.gnutls_openpgp_crt_import\
415
(crt, ctypes.byref(datum),
416
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
417
# Verify the self signature in the key
418
crtverify = ctypes.c_uint();
419
gnutls.library.functions.gnutls_openpgp_crt_verify_self\
420
(crt, 0, ctypes.byref(crtverify))
421
if crtverify.value != 0:
422
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
423
raise gnutls.errors.CertificateSecurityError("Verify failed")
285
ret = gnutls.library.functions.gnutls_openpgp_crt_import\
286
(crt,
287
ctypes.byref(datum),
288
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
424
289
# New buffer for the fingerprint
425
290
buffer = ctypes.create_string_buffer(20)
426
291
buffer_length = ctypes.c_size_t()
442
307
Note: This will run in its own forked process."""
443
308
444
309
def handle(self):
445
logger.info(u"TCP connection from: %s",
310
logger.debug(u"TCP connection from: %s",
446
311
unicode(self.client_address))
447
session = gnutls.connection.ClientSession\
448
(self.request, gnutls.connection.X509Credentials())
449
450
line = self.request.makefile().readline()
451
logger.debug(u"Protocol version: %r", line)
452
try:
453
if int(line.strip().split()[0]) > 1:
454
raise RuntimeError
455
except (ValueError, IndexError, RuntimeError), error:
456
logger.error(u"Unknown protocol version: %s", error)
457
return
458
459
# Note: gnutls.connection.X509Credentials is really a generic
460
# GnuTLS certificate credentials object so long as no X.509
461
# keys are added to it. Therefore, we can use it here despite
462
# using OpenPGP certificates.
312
session = gnutls.connection.ClientSession(self.request,
313
gnutls.connection.\
314
X509Credentials())
463
315
464
316
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
465
317
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
466
318
# "+DHE-DSS"))
467
priority = "NORMAL" # Fallback default, since this
468
# MUST be set.
469
if self.server.settings["priority"]:
470
priority = self.server.settings["priority"]
319
priority = "SECURE256"
320
471
321
gnutls.library.functions.gnutls_priority_set_direct\
472
322
(session._c_object, priority, None);
473
323
474
324
try:
475
325
session.handshake()
476
326
except gnutls.errors.GNUTLSError, error:
477
logger.warning(u"Handshake failed: %s", error)
327
logger.debug(u"Handshake failed: %s", error)
478
328
# Do not run session.bye() here: the session is not
479
329
# established. Just abandon the request.
480
330
return
481
331
try:
482
332
fpr = fingerprint(peer_certificate(session))
483
333
except (TypeError, gnutls.errors.GNUTLSError), error:
484
logger.warning(u"Bad certificate: %s", error)
334
logger.debug(u"Bad certificate: %s", error)
485
335
session.bye()
486
336
return
487
337
logger.debug(u"Fingerprint: %s", fpr)
488
338
client = None
489
for c in self.server.clients:
339
for c in clients:
490
340
if c.fingerprint == fpr:
491
341
client = c
492
342
break
493
if not client:
494
logger.warning(u"Client not found for fingerprint: %s",
495
fpr)
496
session.bye()
497
return
498
343
# Have to check if client.still_valid(), since it is possible
499
344
# that the client timed out while establishing the GnuTLS
500
345
# session.
501
if not client.still_valid():
502
logger.warning(u"Client %(name)s is invalid",
503
vars(client))
346
if (not client) or (not client.still_valid()):
347
if client:
348
logger.debug(u"Client %(name)s is invalid",
349
vars(client))
350
else:
351
logger.debug(u"Client not found for fingerprint: %s",
352
fpr)
504
353
session.bye()
505
354
return
506
355
sent_size = 0
516
365
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
517
366
"""IPv6 TCP server. Accepts 'None' as address and/or port.
518
367
Attributes:
519
settings: Server settings
368
options: Command line options
520
369
clients: Set() of Client objects
521
enabled: Boolean; whether this server is activated yet
522
370
"""
523
371
address_family = socket.AF_INET6
524
372
def __init__(self, *args, **kwargs):
525
if "settings" in kwargs:
526
self.settings = kwargs["settings"]
527
del kwargs["settings"]
373
if "options" in kwargs:
374
self.options = kwargs["options"]
375
del kwargs["options"]
528
376
if "clients" in kwargs:
529
377
self.clients = kwargs["clients"]
530
378
del kwargs["clients"]
531
self.enabled = False
532
379
return super(type(self), self).__init__(*args, **kwargs)
533
380
def server_bind(self):
534
381
"""This overrides the normal server_bind() function
535
382
to bind to an interface if one was specified, and also NOT to
536
383
bind to an address or port if they were not specified."""
537
if self.settings["interface"]:
538
# 25 is from /usr/include/asm-i486/socket.h
539
SO_BINDTODEVICE = getattr(socket, "SO_BINDTODEVICE", 25)
384
if self.options.interface:
385
if not hasattr(socket, "SO_BINDTODEVICE"):
386
# From /usr/include/asm-i486/socket.h
387
socket.SO_BINDTODEVICE = 25
540
388
try:
541
389
self.socket.setsockopt(socket.SOL_SOCKET,
542
SO_BINDTODEVICE,
543
self.settings["interface"])
390
socket.SO_BINDTODEVICE,
391
self.options.interface)
544
392
except socket.error, error:
545
393
if error[0] == errno.EPERM:
546
logger.error(u"No permission to"
547
u" bind to interface %s",
548
self.settings["interface"])
394
logger.warning(u"No permission to"
395
u" bind to interface %s",
396
self.options.interface)
549
397
else:
550
398
raise error
551
399
# Only bind(2) the socket if we really need to.
554
402
in6addr_any = "::"
555
403
self.server_address = (in6addr_any,
556
404
self.server_address[1])
557
elif not self.server_address[1]:
405
elif self.server_address[1] is None:
558
406
self.server_address = (self.server_address[0],
559
407
0)
560
# if self.settings["interface"]:
561
# self.server_address = (self.server_address[0],
562
# 0, # port
563
# 0, # flowinfo
564
# if_nametoindex
565
# (self.settings
566
# ["interface"]))
567
408
return super(type(self), self).server_bind()
568
def server_activate(self):
569
if self.enabled:
570
return super(type(self), self).server_activate()
571
def enable(self):
572
self.enabled = True
573
409
574
410
575
411
def string_to_delta(interval):
585
421
datetime.timedelta(1)
586
422
>>> string_to_delta(u'1w')
587
423
datetime.timedelta(7)
588
>>> string_to_delta('5m 30s')
589
datetime.timedelta(0, 330)
590
424
"""
591
timevalue = datetime.timedelta(0)
592
for s in interval.split():
593
try:
594
suffix=unicode(s[-1])
595
value=int(s[:-1])
596
if suffix == u"d":
597
delta = datetime.timedelta(value)
598
elif suffix == u"s":
599
delta = datetime.timedelta(0, value)
600
elif suffix == u"m":
601
delta = datetime.timedelta(0, 0, 0, 0, value)
602
elif suffix == u"h":
603
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
604
elif suffix == u"w":
605
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
606
else:
607
raise ValueError
608
except (ValueError, IndexError):
425
try:
426
suffix=unicode(interval[-1])
427
value=int(interval[:-1])
428
if suffix == u"d":
429
delta = datetime.timedelta(value)
430
elif suffix == u"s":
431
delta = datetime.timedelta(0, value)
432
elif suffix == u"m":
433
delta = datetime.timedelta(0, 0, 0, 0, value)
434
elif suffix == u"h":
435
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
436
elif suffix == u"w":
437
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
438
else:
609
439
raise ValueError
610
timevalue += delta
611
return timevalue
440
except (ValueError, IndexError):
441
raise ValueError
442
return delta
443
444
445
def add_service():
446
"""From the Avahi server example code"""
447
global group, serviceName, serviceType, servicePort, serviceTXT, \
448
domain, host
449
if group is None:
450
group = dbus.Interface(
451
bus.get_object( avahi.DBUS_NAME,
452
server.EntryGroupNew()),
453
avahi.DBUS_INTERFACE_ENTRY_GROUP)
454
group.connect_to_signal('StateChanged',
455
entry_group_state_changed)
456
logger.debug(u"Adding service '%s' of type '%s' ...",
457
serviceName, serviceType)
458
459
group.AddService(
460
serviceInterface, # interface
461
avahi.PROTO_INET6, # protocol
462
dbus.UInt32(0), # flags
463
serviceName, serviceType,
464
domain, host,
465
dbus.UInt16(servicePort),
466
avahi.string_array_to_txt_array(serviceTXT))
467
group.Commit()
468
469
470
def remove_service():
471
"""From the Avahi server example code"""
472
global group
473
474
if not group is None:
475
group.Reset()
612
476
613
477
614
478
def server_state_changed(state):
615
"""Derived from the Avahi example code"""
479
"""From the Avahi server example code"""
616
480
if state == avahi.SERVER_COLLISION:
617
logger.error(u"Zeroconf server name collision")
618
service.remove()
481
logger.warning(u"Server name collision")
482
remove_service()
619
483
elif state == avahi.SERVER_RUNNING:
620
service.add()
484
add_service()
621
485
622
486
623
487
def entry_group_state_changed(state, error):
624
"""Derived from the Avahi example code"""
625
logger.debug(u"Avahi state change: %i", state)
488
"""From the Avahi server example code"""
489
global serviceName, server, rename_count
490
491
logger.debug(u"state change: %i", state)
626
492
627
493
if state == avahi.ENTRY_GROUP_ESTABLISHED:
628
logger.debug(u"Zeroconf service established.")
494
logger.debug(u"Service established.")
629
495
elif state == avahi.ENTRY_GROUP_COLLISION:
630
logger.warning(u"Zeroconf service name collision.")
631
service.rename()
496
497
rename_count = rename_count - 1
498
if rename_count > 0:
499
name = server.GetAlternativeServiceName(name)
500
logger.warning(u"Service name collision, "
501
u"changing name to '%s' ...", name)
502
remove_service()
503
add_service()
504
505
else:
506
logger.error(u"No suitable service name found "
507
u"after %i retries, exiting.",
508
n_rename)
509
main_loop.quit()
632
510
elif state == avahi.ENTRY_GROUP_FAILURE:
633
logger.critical(u"Avahi: Error in group state changed %s",
634
unicode(error))
635
raise AvahiGroupError("State changed: %s", str(error))
511
logger.error(u"Error in group state changed %s",
512
unicode(error))
513
main_loop.quit()
514
return
515
636
516
637
517
def if_nametoindex(interface):
638
"""Call the C function if_nametoindex(), or equivalent"""
639
global if_nametoindex
518
"""Call the C function if_nametoindex()"""
640
519
try:
641
if "ctypes.util" not in sys.modules:
642
import ctypes.util
643
if_nametoindex = ctypes.cdll.LoadLibrary\
644
(ctypes.util.find_library("c")).if_nametoindex
520
libc = ctypes.cdll.LoadLibrary("libc.so.6")
521
return libc.if_nametoindex(interface)
645
522
except (OSError, AttributeError):
646
523
if "struct" not in sys.modules:
647
524
import struct
648
525
if "fcntl" not in sys.modules:
649
526
import fcntl
650
def if_nametoindex(interface):
651
"Get an interface index the hard way, i.e. using fcntl()"
652
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
653
s = socket.socket()
654
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
655
struct.pack("16s16x", interface))
656
s.close()
657
interface_index = struct.unpack("I", ifreq[16:20])[0]
658
return interface_index
659
return if_nametoindex(interface)
660
661
662
def daemon(nochdir = False, noclose = False):
663
"""See daemon(3). Standard BSD Unix function.
664
This should really exist as os.daemon, but it doesn't (yet)."""
665
if os.fork():
666
sys.exit()
667
os.setsid()
668
if not nochdir:
669
os.chdir("/")
670
if os.fork():
671
sys.exit()
672
if not noclose:
673
# Close all standard open file descriptors
674
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
675
if not stat.S_ISCHR(os.fstat(null).st_mode):
676
raise OSError(errno.ENODEV,
677
"/dev/null not a character device")
678
os.dup2(null, sys.stdin.fileno())
679
os.dup2(null, sys.stdout.fileno())
680
os.dup2(null, sys.stderr.fileno())
681
if null > 2:
682
os.close(null)
683
684
685
def main():
686
global main_loop_started
687
main_loop_started = False
688
689
parser = OptionParser(version = "%%prog %s" % version)
527
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
528
s = socket.socket()
529
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
530
struct.pack("16s16x", interface))
531
s.close()
532
interface_index = struct.unpack("I", ifreq[16:20])[0]
533
return interface_index
534
535
536
if __name__ == '__main__':
537
parser = OptionParser()
690
538
parser.add_option("-i", "--interface", type="string",
691
metavar="IF", help="Bind to interface IF")
692
parser.add_option("-a", "--address", type="string",
693
help="Address to listen for requests on")
694
parser.add_option("-p", "--port", type="int",
539
default=None, metavar="IF",
540
help="Bind to interface IF")
541
parser.add_option("--cert", type="string", default="cert.pem",
542
metavar="FILE",
543
help="Public key certificate PEM file to use")
544
parser.add_option("--key", type="string", default="key.pem",
545
metavar="FILE",
546
help="Private key PEM file to use")
547
parser.add_option("--ca", type="string", default="ca.pem",
548
metavar="FILE",
549
help="Certificate Authority certificate PEM file to use")
550
parser.add_option("--crl", type="string", default="crl.pem",
551
metavar="FILE",
552
help="Certificate Revokation List PEM file to use")
553
parser.add_option("-p", "--port", type="int", default=None,
695
554
help="Port number to receive requests on")
555
parser.add_option("--timeout", type="string", # Parsed later
556
default="1h",
557
help="Amount of downtime allowed for clients")
558
parser.add_option("--interval", type="string", # Parsed later
559
default="5m",
560
help="How often to check that a client is up")
696
561
parser.add_option("--check", action="store_true", default=False,
697
562
help="Run self-test")
698
parser.add_option("--debug", action="store_true",
699
help="Debug mode; run in foreground and log to"
700
" terminal")
701
parser.add_option("--priority", type="string", help="GnuTLS"
702
" priority string (see GnuTLS documentation)")
703
parser.add_option("--servicename", type="string", metavar="NAME",
704
help="Zeroconf service name")
705
parser.add_option("--configdir", type="string",
706
default="/etc/mandos", metavar="DIR",
707
help="Directory to search for configuration"
708
" files")
563
parser.add_option("--debug", action="store_true", default=False,
564
help="Debug mode")
709
565
(options, args) = parser.parse_args()
710
566
711
567
if options.check:
713
569
doctest.testmod()
714
570
sys.exit()
715
571
716
# Default values for config file for server-global settings
717
server_defaults = { "interface": "",
718
"address": "",
719
"port": "",
720
"debug": "False",
721
"priority":
722
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
723
"servicename": "Mandos",
724
}
725
726
# Parse config file for server-global settings
727
server_config = ConfigParser.SafeConfigParser(server_defaults)
728
del server_defaults
729
server_config.read(os.path.join(options.configdir, "mandos.conf"))
730
# Convert the SafeConfigParser object to a dict
731
server_settings = server_config.defaults()
732
# Use getboolean on the boolean config option
733
server_settings["debug"] = server_config.getboolean\
734
("DEFAULT", "debug")
735
del server_config
736
737
# Override the settings from the config file with command line
738
# options, if set.
739
for option in ("interface", "address", "port", "debug",
740
"priority", "servicename", "configdir"):
741
value = getattr(options, option)
742
if value is not None:
743
server_settings[option] = value
744
del options
745
# Now we have our good server settings in "server_settings"
746
747
debug = server_settings["debug"]
748
749
if not debug:
750
syslogger.setLevel(logging.WARNING)
751
console.setLevel(logging.WARNING)
752
753
if server_settings["servicename"] != "Mandos":
754
syslogger.setFormatter(logging.Formatter\
755
('Mandos (%s): %%(levelname)s:'
756
' %%(message)s'
757
% server_settings["servicename"]))
758
759
# Parse config file with clients
760
client_defaults = { "timeout": "1h",
761
"interval": "5m",
762
"checker": "fping -q -- %(host)s",
763
"host": "",
764
}
765
client_config = ConfigParser.SafeConfigParser(client_defaults)
766
client_config.read(os.path.join(server_settings["configdir"],
767
"clients.conf"))
768
769
clients = Set()
770
tcp_server = IPv6_TCPServer((server_settings["address"],
771
server_settings["port"]),
772
tcp_handler,
773
settings=server_settings,
774
clients=clients)
775
pidfilename = "/var/run/mandos.pid"
776
try:
777
pidfile = open(pidfilename, "w")
778
except IOError, error:
779
logger.error("Could not open file %r", pidfilename)
780
781
uid = 65534
782
gid = 65534
783
try:
784
uid = pwd.getpwnam("mandos").pw_uid
785
except KeyError:
786
try:
787
uid = pwd.getpwnam("nobody").pw_uid
788
except KeyError:
789
pass
790
try:
791
gid = pwd.getpwnam("mandos").pw_gid
792
except KeyError:
793
try:
794
gid = pwd.getpwnam("nogroup").pw_gid
795
except KeyError:
796
pass
797
try:
798
os.setuid(uid)
799
os.setgid(gid)
800
except OSError, error:
801
if error[0] != errno.EPERM:
802
raise error
803
804
global service
805
service = AvahiService(name = server_settings["servicename"],
806
type = "_mandos._tcp", );
807
if server_settings["interface"]:
808
service.interface = if_nametoindex\
809
(server_settings["interface"])
810
811
global main_loop
812
global bus
813
global server
814
# From the Avahi example code
572
# Parse the time arguments
573
try:
574
options.timeout = string_to_delta(options.timeout)
575
except ValueError:
576
parser.error("option --timeout: Unparseable time")
577
try:
578
options.interval = string_to_delta(options.interval)
579
except ValueError:
580
parser.error("option --interval: Unparseable time")
581
582
# Parse config file
583
defaults = { "checker": "sleep 1; fping -q -- %%(fqdn)s" }
584
client_config = ConfigParser.SafeConfigParser(defaults)
585
#client_config.readfp(open("secrets.conf"), "secrets.conf")
586
client_config.read("mandos-clients.conf")
587
588
# From the Avahi server example code
815
589
DBusGMainLoop(set_as_default=True )
816
590
main_loop = gobject.MainLoop()
817
591
bus = dbus.SystemBus()
818
server = dbus.Interface(bus.get_object(avahi.DBUS_NAME,
819
avahi.DBUS_PATH_SERVER),
820
avahi.DBUS_INTERFACE_SERVER)
592
server = dbus.Interface(
593
bus.get_object( avahi.DBUS_NAME, avahi.DBUS_PATH_SERVER ),
594
avahi.DBUS_INTERFACE_SERVER )
821
595
# End of Avahi example code
822
596
597
debug = options.debug
598
599
clients = Set()
823
600
def remove_from_clients(client):
824
601
clients.remove(client)
825
602
if not clients:
826
logger.critical(u"No clients left, exiting")
827
sys.exit()
603
logger.debug(u"No clients left, exiting")
604
main_loop.quit()
828
605
829
clients.update(Set(Client(name = section,
606
clients.update(Set(Client(name=section, options=options,
830
607
stop_hook = remove_from_clients,
831
config
832
= dict(client_config.items(section)))
608
**(dict(client_config\
609
.items(section))))
833
610
for section in client_config.sections()))
834
if not clients:
835
logger.critical(u"No clients defined")
836
sys.exit(1)
837
838
if debug:
839
# Redirect stdin so all checkers get /dev/null
840
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
841
os.dup2(null, sys.stdin.fileno())
842
if null > 2:
843
os.close(null)
844
else:
845
# No console logging
846
logger.removeHandler(console)
847
# Close all input and output, do double fork, etc.
848
daemon()
849
850
try:
851
pid = os.getpid()
852
pidfile.write(str(pid) + "\n")
853
pidfile.close()
854
del pidfile
855
except IOError, err:
856
logger.error(u"Could not write to file %r with PID %d",
857
pidfilename, pid)
858
except NameError:
859
# "pidfile" was never created
860
pass
861
del pidfilename
862
863
def cleanup():
864
"Cleanup function; run on exit"
865
global group
866
# From the Avahi example code
867
if not group is None:
868
group.Free()
869
group = None
870
# End of Avahi example code
871
872
while clients:
873
client = clients.pop()
874
client.stop_hook = None
875
client.stop()
876
877
atexit.register(cleanup)
878
879
if not debug:
880
signal.signal(signal.SIGINT, signal.SIG_IGN)
881
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
882
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
883
884
611
for client in clients:
885
612
client.start()
886
613
887
tcp_server.enable()
888
tcp_server.server_activate()
889
890
# Find out what port we got
891
service.port = tcp_server.socket.getsockname()[1]
892
logger.info(u"Now listening on address %r, port %d, flowinfo %d,"
893
u" scope_id %d" % tcp_server.socket.getsockname())
894
895
#service.interface = tcp_server.socket.getsockname()[3]
896
614
tcp_server = IPv6_TCPServer((None, options.port),
615
tcp_handler,
616
options=options,
617
clients=clients)
618
# Find out what random port we got
619
servicePort = tcp_server.socket.getsockname()[1]
620
logger.debug(u"Now listening on port %d", servicePort)
621
622
if options.interface is not None:
623
serviceInterface = if_nametoindex(options.interface)
624
625
# From the Avahi server example code
626
server.connect_to_signal("StateChanged", server_state_changed)
627
server_state_changed(server.GetState())
628
# End of Avahi example code
629
630
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
631
lambda *args, **kwargs:
632
tcp_server.handle_request(*args[2:],
633
**kwargs) or True)
897
634
try:
898
# From the Avahi example code
899
server.connect_to_signal("StateChanged", server_state_changed)
900
try:
901
server_state_changed(server.GetState())
902
except dbus.exceptions.DBusException, error:
903
logger.critical(u"DBusException: %s", error)
904
sys.exit(1)
905
# End of Avahi example code
906
907
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
908
lambda *args, **kwargs:
909
tcp_server.handle_request\
910
(*args[2:], **kwargs) or True)
911
912
logger.debug(u"Starting main loop")
913
main_loop_started = True
914
635
main_loop.run()
915
except AvahiError, error:
916
logger.critical(u"AvahiError: %s" + unicode(error))
917
sys.exit(1)
918
636
except KeyboardInterrupt:
919
if debug:
920
print
637
print
638
639
# Cleanup here
921
640
922
if __name__ == '__main__':
923
main()
641
# From the Avahi server example code
642
if not group is None:
643
group.Free()
644
# End of Avahi example code
645
646
for client in clients:
647
client.stop_hook = None
648
client.stop()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0