To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to server.py
- browse files at revision 13
- compare with another revision
- download diff
- download tarball
- view history from revision 13
- Committer: Björn Påhlsson
- Date: 2008-07-20 02:52:20 UTC
- Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- network-hooks.d
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
server.py
1
1
#!/usr/bin/python
2
# -*- mode: python; coding: utf-8 -*-
3
#
4
# Mandos server - give out binary blobs to connecting clients.
5
#
6
# This program is partly derived from an example program for an Avahi
7
# service publisher, downloaded from
8
# <http://avahi.org/wiki/PythonPublishExample>. This includes the
9
# methods "add", "remove", "server_state_changed",
10
# "entry_group_state_changed", "cleanup", and "activate" in the
11
# "AvahiService" class, and some lines in "main".
12
#
13
# Everything else is
14
# Copyright © 2008-2012 Teddy Hogeborn
15
# Copyright © 2008-2012 Björn Påhlsson
16
#
17
# This program is free software: you can redistribute it and/or modify
18
# it under the terms of the GNU General Public License as published by
19
# the Free Software Foundation, either version 3 of the License, or
20
# (at your option) any later version.
21
#
22
# This program is distributed in the hope that it will be useful,
23
# but WITHOUT ANY WARRANTY; without even the implied warranty of
24
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25
# GNU General Public License for more details.
26
#
27
# You should have received a copy of the GNU General Public License
28
# along with this program. If not, see
29
# <http://www.gnu.org/licenses/>.
30
#
31
# Contact the authors at <mandos@recompile.se>.
32
#
33
34
from __future__ import (division, absolute_import, print_function,
35
unicode_literals)
36
37
import SocketServer as socketserver
2
3
from __future__ import division
4
5
import SocketServer
38
6
import socket
39
import argparse
7
import select
8
from optparse import OptionParser
40
9
import datetime
41
10
import errno
42
11
import gnutls.crypto
45
14
import gnutls.library.functions
46
15
import gnutls.library.constants
47
16
import gnutls.library.types
48
import ConfigParser as configparser
17
import ConfigParser
49
18
import sys
50
19
import re
51
20
import os
52
21
import signal
22
from sets import Set
53
23
import subprocess
54
import atexit
55
import stat
56
import logging
57
import logging.handlers
58
import pwd
59
import contextlib
60
import struct
61
import fcntl
62
import functools
63
import cPickle as pickle
64
import multiprocessing
65
import types
66
import binascii
67
import tempfile
68
24
69
25
import dbus
70
import dbus.service
71
26
import gobject
72
27
import avahi
73
28
from dbus.mainloop.glib import DBusGMainLoop
74
29
import ctypes
75
import ctypes.util
76
import xml.dom.minidom
77
import inspect
78
import GnuPGInterface
79
80
try:
81
SO_BINDTODEVICE = socket.SO_BINDTODEVICE
82
except AttributeError:
83
try:
84
from IN import SO_BINDTODEVICE
85
except ImportError:
86
SO_BINDTODEVICE = None
87
88
version = "1.5.3"
89
stored_state_file = "clients.pickle"
90
91
logger = logging.getLogger()
92
syslogger = (logging.handlers.SysLogHandler
93
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
94
address = str("/dev/log")))
95
96
try:
97
if_nametoindex = (ctypes.cdll.LoadLibrary
98
(ctypes.util.find_library("c"))
99
.if_nametoindex)
100
except (OSError, AttributeError):
101
def if_nametoindex(interface):
102
"Get an interface index the hard way, i.e. using fcntl()"
103
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
104
with contextlib.closing(socket.socket()) as s:
105
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
106
struct.pack(str("16s16x"),
107
interface))
108
interface_index = struct.unpack(str("I"),
109
ifreq[16:20])[0]
110
return interface_index
111
112
113
def initlogger(debug, level=logging.WARNING):
114
"""init logger and add loglevel"""
115
116
syslogger.setFormatter(logging.Formatter
117
('Mandos [%(process)d]: %(levelname)s:'
118
' %(message)s'))
119
logger.addHandler(syslogger)
120
121
if debug:
122
console = logging.StreamHandler()
123
console.setFormatter(logging.Formatter('%(asctime)s %(name)s'
124
' [%(process)d]:'
125
' %(levelname)s:'
126
' %(message)s'))
127
logger.addHandler(console)
128
logger.setLevel(level)
129
130
131
class PGPError(Exception):
132
"""Exception if encryption/decryption fails"""
133
pass
134
135
136
class PGPEngine(object):
137
"""A simple class for OpenPGP symmetric encryption & decryption"""
138
def __init__(self):
139
self.gnupg = GnuPGInterface.GnuPG()
140
self.tempdir = tempfile.mkdtemp(prefix="mandos-")
141
self.gnupg = GnuPGInterface.GnuPG()
142
self.gnupg.options.meta_interactive = False
143
self.gnupg.options.homedir = self.tempdir
144
self.gnupg.options.extra_args.extend(['--force-mdc',
145
'--quiet',
146
'--no-use-agent'])
147
148
def __enter__(self):
149
return self
150
151
def __exit__ (self, exc_type, exc_value, traceback):
152
self._cleanup()
153
return False
154
155
def __del__(self):
156
self._cleanup()
157
158
def _cleanup(self):
159
if self.tempdir is not None:
160
# Delete contents of tempdir
161
for root, dirs, files in os.walk(self.tempdir,
162
topdown = False):
163
for filename in files:
164
os.remove(os.path.join(root, filename))
165
for dirname in dirs:
166
os.rmdir(os.path.join(root, dirname))
167
# Remove tempdir
168
os.rmdir(self.tempdir)
169
self.tempdir = None
170
171
def password_encode(self, password):
172
# Passphrase can not be empty and can not contain newlines or
173
# NUL bytes. So we prefix it and hex encode it.
174
return b"mandos" + binascii.hexlify(password)
175
176
def encrypt(self, data, password):
177
self.gnupg.passphrase = self.password_encode(password)
178
with open(os.devnull) as devnull:
179
try:
180
proc = self.gnupg.run(['--symmetric'],
181
create_fhs=['stdin', 'stdout'],
182
attach_fhs={'stderr': devnull})
183
with contextlib.closing(proc.handles['stdin']) as f:
184
f.write(data)
185
with contextlib.closing(proc.handles['stdout']) as f:
186
ciphertext = f.read()
187
proc.wait()
188
except IOError as e:
189
raise PGPError(e)
190
self.gnupg.passphrase = None
191
return ciphertext
192
193
def decrypt(self, data, password):
194
self.gnupg.passphrase = self.password_encode(password)
195
with open(os.devnull) as devnull:
196
try:
197
proc = self.gnupg.run(['--decrypt'],
198
create_fhs=['stdin', 'stdout'],
199
attach_fhs={'stderr': devnull})
200
with contextlib.closing(proc.handles['stdin'] ) as f:
201
f.write(data)
202
with contextlib.closing(proc.handles['stdout']) as f:
203
decrypted_plaintext = f.read()
204
proc.wait()
205
except IOError as e:
206
raise PGPError(e)
207
self.gnupg.passphrase = None
208
return decrypted_plaintext
209
210
211
212
class AvahiError(Exception):
213
def __init__(self, value, *args, **kwargs):
214
self.value = value
215
super(AvahiError, self).__init__(value, *args, **kwargs)
216
def __unicode__(self):
217
return unicode(repr(self.value))
218
219
class AvahiServiceError(AvahiError):
220
pass
221
222
class AvahiGroupError(AvahiError):
223
pass
224
225
226
class AvahiService(object):
227
"""An Avahi (Zeroconf) service.
228
229
Attributes:
230
interface: integer; avahi.IF_UNSPEC or an interface index.
231
Used to optionally bind to the specified interface.
232
name: string; Example: 'Mandos'
233
type: string; Example: '_mandos._tcp'.
234
See <http://www.dns-sd.org/ServiceTypes.html>
235
port: integer; what port to announce
236
TXT: list of strings; TXT record for the service
237
domain: string; Domain to publish on, default to .local if empty.
238
host: string; Host to publish records for, default is localhost
239
max_renames: integer; maximum number of renames
240
rename_count: integer; counter so we only rename after collisions
241
a sensible number of times
242
group: D-Bus Entry Group
243
server: D-Bus Server
244
bus: dbus.SystemBus()
245
"""
246
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
247
servicetype = None, port = None, TXT = None,
248
domain = "", host = "", max_renames = 32768,
249
protocol = avahi.PROTO_UNSPEC, bus = None):
250
self.interface = interface
251
self.name = name
252
self.type = servicetype
253
self.port = port
254
self.TXT = TXT if TXT is not None else []
255
self.domain = domain
256
self.host = host
257
self.rename_count = 0
258
self.max_renames = max_renames
259
self.protocol = protocol
260
self.group = None # our entry group
261
self.server = None
262
self.bus = bus
263
self.entry_group_state_changed_match = None
264
def rename(self):
265
"""Derived from the Avahi example code"""
266
if self.rename_count >= self.max_renames:
267
logger.critical("No suitable Zeroconf service name found"
268
" after %i retries, exiting.",
269
self.rename_count)
270
raise AvahiServiceError("Too many renames")
271
self.name = unicode(self.server
272
.GetAlternativeServiceName(self.name))
273
logger.info("Changing Zeroconf service name to %r ...",
274
self.name)
275
self.remove()
276
try:
277
self.add()
278
except dbus.exceptions.DBusException as error:
279
logger.critical("DBusException: %s", error)
280
self.cleanup()
281
os._exit(1)
282
self.rename_count += 1
283
def remove(self):
284
"""Derived from the Avahi example code"""
285
if self.entry_group_state_changed_match is not None:
286
self.entry_group_state_changed_match.remove()
287
self.entry_group_state_changed_match = None
288
if self.group is not None:
289
self.group.Reset()
290
def add(self):
291
"""Derived from the Avahi example code"""
292
self.remove()
293
if self.group is None:
294
self.group = dbus.Interface(
295
self.bus.get_object(avahi.DBUS_NAME,
296
self.server.EntryGroupNew()),
297
avahi.DBUS_INTERFACE_ENTRY_GROUP)
298
self.entry_group_state_changed_match = (
299
self.group.connect_to_signal(
300
'StateChanged', self.entry_group_state_changed))
301
logger.debug("Adding Zeroconf service '%s' of type '%s' ...",
302
self.name, self.type)
303
self.group.AddService(
304
self.interface,
305
self.protocol,
306
dbus.UInt32(0), # flags
307
self.name, self.type,
308
self.domain, self.host,
309
dbus.UInt16(self.port),
310
avahi.string_array_to_txt_array(self.TXT))
311
self.group.Commit()
312
def entry_group_state_changed(self, state, error):
313
"""Derived from the Avahi example code"""
314
logger.debug("Avahi entry group state change: %i", state)
315
316
if state == avahi.ENTRY_GROUP_ESTABLISHED:
317
logger.debug("Zeroconf service established.")
318
elif state == avahi.ENTRY_GROUP_COLLISION:
319
logger.info("Zeroconf service name collision.")
320
self.rename()
321
elif state == avahi.ENTRY_GROUP_FAILURE:
322
logger.critical("Avahi: Error in group state changed %s",
323
unicode(error))
324
raise AvahiGroupError("State changed: %s"
325
% unicode(error))
326
def cleanup(self):
327
"""Derived from the Avahi example code"""
328
if self.group is not None:
329
try:
330
self.group.Free()
331
except (dbus.exceptions.UnknownMethodException,
332
dbus.exceptions.DBusException):
333
pass
334
self.group = None
335
self.remove()
336
def server_state_changed(self, state, error=None):
337
"""Derived from the Avahi example code"""
338
logger.debug("Avahi server state change: %i", state)
339
bad_states = { avahi.SERVER_INVALID:
340
"Zeroconf server invalid",
341
avahi.SERVER_REGISTERING: None,
342
avahi.SERVER_COLLISION:
343
"Zeroconf server name collision",
344
avahi.SERVER_FAILURE:
345
"Zeroconf server failure" }
346
if state in bad_states:
347
if bad_states[state] is not None:
348
if error is None:
349
logger.error(bad_states[state])
350
else:
351
logger.error(bad_states[state] + ": %r", error)
352
self.cleanup()
353
elif state == avahi.SERVER_RUNNING:
354
self.add()
355
else:
356
if error is None:
357
logger.debug("Unknown state: %r", state)
358
else:
359
logger.debug("Unknown state: %r: %r", state, error)
360
def activate(self):
361
"""Derived from the Avahi example code"""
362
if self.server is None:
363
self.server = dbus.Interface(
364
self.bus.get_object(avahi.DBUS_NAME,
365
avahi.DBUS_PATH_SERVER,
366
follow_name_owner_changes=True),
367
avahi.DBUS_INTERFACE_SERVER)
368
self.server.connect_to_signal("StateChanged",
369
self.server_state_changed)
370
self.server_state_changed(self.server.GetState())
371
372
class AvahiServiceToSyslog(AvahiService):
373
def rename(self):
374
"""Add the new name to the syslog messages"""
375
ret = AvahiService.rename(self)
376
syslogger.setFormatter(logging.Formatter
377
('Mandos (%s) [%%(process)d]:'
378
' %%(levelname)s: %%(message)s'
379
% self.name))
380
return ret
381
382
def timedelta_to_milliseconds(td):
383
"Convert a datetime.timedelta() to milliseconds"
384
return ((td.days * 24 * 60 * 60 * 1000)
385
+ (td.seconds * 1000)
386
+ (td.microseconds // 1000))
387
30
31
import logging
32
import logging.handlers
33
34
# logghandler.setFormatter(logging.Formatter('%(levelname)s %(message)s')
35
36
logger = logging.Logger('mandos')
37
logger.addHandler(logging.handlers.SysLogHandler(facility = logging.handlers.SysLogHandler.LOG_DAEMON))
38
39
# This variable is used to optionally bind to a specified interface.
40
# It is a global variable to fit in with the other variables from the
41
# Avahi server example code.
42
serviceInterface = avahi.IF_UNSPEC
43
# From the Avahi server example code:
44
serviceName = "Mandos"
45
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
46
servicePort = None # Not known at startup
47
serviceTXT = [] # TXT record for the service
48
domain = "" # Domain to publish on, default to .local
49
host = "" # Host to publish records for, default to localhost
50
group = None #our entry group
51
rename_count = 12 # Counter so we only rename after collisions a
52
# sensible number of times
53
# End of Avahi example code
54
55
388
56
class Client(object):
389
57
"""A representation of a client host served by this server.
390
391
58
Attributes:
392
approved: bool(); 'None' if not yet approved/disapproved
393
approval_delay: datetime.timedelta(); Time to wait for approval
394
approval_duration: datetime.timedelta(); Duration of one approval
395
checker: subprocess.Popen(); a running checker process used
396
to see if the client lives.
397
'None' if no process is running.
398
checker_callback_tag: a gobject event source tag, or None
399
checker_command: string; External command which is run to check
400
if client lives. %() expansions are done at
59
name: string; from the config file, used in log messages
60
fingerprint: string (40 or 32 hexadecimal digits); used to
61
uniquely identify the client
62
secret: bytestring; sent verbatim (over TLS) to client
63
fqdn: string (FQDN); available for use by the checker command
64
created: datetime.datetime()
65
last_seen: datetime.datetime() or None if not yet seen
66
timeout: datetime.timedelta(); How long from last_seen until
67
this client is invalid
68
interval: datetime.timedelta(); How often to start a new checker
69
stop_hook: If set, called by stop() as stop_hook(self)
70
checker: subprocess.Popen(); a running checker process used
71
to see if the client lives.
72
Is None if no process is running.
73
checker_initiator_tag: a gobject event source tag, or None
74
stop_initiator_tag: - '' -
75
checker_callback_tag: - '' -
76
checker_command: string; External command which is run to check if
77
client lives. %()s expansions are done at
401
78
runtime with vars(self) as dict, so that for
402
79
instance %(name)s can be used in the command.
403
checker_initiator_tag: a gobject event source tag, or None
404
created: datetime.datetime(); (UTC) object creation
405
client_structure: Object describing what attributes a client has
406
and is used for storing the client at exit
407
current_checker_command: string; current running checker_command
408
disable_initiator_tag: a gobject event source tag, or None
409
enabled: bool()
410
fingerprint: string (40 or 32 hexadecimal digits); used to
411
uniquely identify the client
412
host: string; available for use by the checker command
413
interval: datetime.timedelta(); How often to start a new checker
414
last_approval_request: datetime.datetime(); (UTC) or None
415
last_checked_ok: datetime.datetime(); (UTC) or None
416
last_checker_status: integer between 0 and 255 reflecting exit
417
status of last checker. -1 reflects crashed
418
checker, -2 means no checker completed yet.
419
last_enabled: datetime.datetime(); (UTC) or None
420
name: string; from the config file, used in log messages and
421
D-Bus identifiers
422
secret: bytestring; sent verbatim (over TLS) to client
423
timeout: datetime.timedelta(); How long from last_checked_ok
424
until this client is disabled
425
extended_timeout: extra long timeout when secret has been sent
426
runtime_expansions: Allowed attributes for runtime expansion.
427
expires: datetime.datetime(); time (UTC) when a client will be
428
disabled, or None
80
Private attibutes:
81
_timeout: Real variable for 'timeout'
82
_interval: Real variable for 'interval'
83
_timeout_milliseconds: Used by gobject.timeout_add()
84
_interval_milliseconds: - '' -
429
85
"""
430
431
runtime_expansions = ("approval_delay", "approval_duration",
432
"created", "enabled", "fingerprint",
433
"host", "interval", "last_checked_ok",
434
"last_enabled", "name", "timeout")
435
client_defaults = { "timeout": "5m",
436
"extended_timeout": "15m",
437
"interval": "2m",
438
"checker": "fping -q -- %%(host)s",
439
"host": "",
440
"approval_delay": "0s",
441
"approval_duration": "1s",
442
"approved_by_default": "True",
443
"enabled": "True",
444
}
445
446
def timeout_milliseconds(self):
447
"Return the 'timeout' attribute in milliseconds"
448
return timedelta_to_milliseconds(self.timeout)
449
450
def extended_timeout_milliseconds(self):
451
"Return the 'extended_timeout' attribute in milliseconds"
452
return timedelta_to_milliseconds(self.extended_timeout)
453
454
def interval_milliseconds(self):
455
"Return the 'interval' attribute in milliseconds"
456
return timedelta_to_milliseconds(self.interval)
457
458
def approval_delay_milliseconds(self):
459
return timedelta_to_milliseconds(self.approval_delay)
460
461
@staticmethod
462
def config_parser(config):
463
"""Construct a new dict of client settings of this form:
464
{ client_name: {setting_name: value, ...}, ...}
465
with exceptions for any special settings as defined above.
466
NOTE: Must be a pure function. Must return the same result
467
value given the same arguments.
468
"""
469
settings = {}
470
for client_name in config.sections():
471
section = dict(config.items(client_name))
472
client = settings[client_name] = {}
473
474
client["host"] = section["host"]
475
# Reformat values from string types to Python types
476
client["approved_by_default"] = config.getboolean(
477
client_name, "approved_by_default")
478
client["enabled"] = config.getboolean(client_name,
479
"enabled")
480
481
client["fingerprint"] = (section["fingerprint"].upper()
482
.replace(" ", ""))
483
if "secret" in section:
484
client["secret"] = section["secret"].decode("base64")
485
elif "secfile" in section:
486
with open(os.path.expanduser(os.path.expandvars
487
(section["secfile"])),
488
"rb") as secfile:
489
client["secret"] = secfile.read()
490
else:
491
raise TypeError("No secret or secfile for section %s"
492
% section)
493
client["timeout"] = string_to_delta(section["timeout"])
494
client["extended_timeout"] = string_to_delta(
495
section["extended_timeout"])
496
client["interval"] = string_to_delta(section["interval"])
497
client["approval_delay"] = string_to_delta(
498
section["approval_delay"])
499
client["approval_duration"] = string_to_delta(
500
section["approval_duration"])
501
client["checker_command"] = section["checker"]
502
client["last_approval_request"] = None
503
client["last_checked_ok"] = None
504
client["last_checker_status"] = -2
505
506
return settings
507
508
509
def __init__(self, settings, name = None):
510
"""Note: the 'checker' key in 'config' sets the
511
'checker_command' attribute and *not* the 'checker'
512
attribute."""
86
def _set_timeout(self, timeout):
87
"Setter function for 'timeout' attribute"
88
self._timeout = timeout
89
self._timeout_milliseconds = ((self.timeout.days
90
* 24 * 60 * 60 * 1000)
91
+ (self.timeout.seconds * 1000)
92
+ (self.timeout.microseconds
93
// 1000))
94
timeout = property(lambda self: self._timeout,
95
_set_timeout)
96
del _set_timeout
97
def _set_interval(self, interval):
98
"Setter function for 'interval' attribute"
99
self._interval = interval
100
self._interval_milliseconds = ((self.interval.days
101
* 24 * 60 * 60 * 1000)
102
+ (self.interval.seconds
103
* 1000)
104
+ (self.interval.microseconds
105
// 1000))
106
interval = property(lambda self: self._interval,
107
_set_interval)
108
del _set_interval
109
def __init__(self, name=None, options=None, stop_hook=None,
110
fingerprint=None, secret=None, secfile=None, fqdn=None,
111
timeout=None, interval=-1, checker=None):
513
112
self.name = name
514
# adding all client settings
515
for setting, value in settings.iteritems():
516
setattr(self, setting, value)
517
518
if self.enabled:
519
if not hasattr(self, "last_enabled"):
520
self.last_enabled = datetime.datetime.utcnow()
521
if not hasattr(self, "expires"):
522
self.expires = (datetime.datetime.utcnow()
523
+ self.timeout)
524
else:
525
self.last_enabled = None
526
self.expires = None
527
528
logger.debug("Creating client %r", self.name)
529
# Uppercase and remove spaces from fingerprint for later
530
# comparison purposes with return value from the fingerprint()
531
# function
532
logger.debug(" Fingerprint: %s", self.fingerprint)
533
self.created = settings.get("created",
534
datetime.datetime.utcnow())
535
536
# attributes specific for this server instance
113
# Uppercase and remove spaces from fingerprint
114
# for later comparison purposes with return value of
115
# the fingerprint() function
116
self.fingerprint = fingerprint.upper().replace(u" ", u"")
117
if secret:
118
self.secret = secret.decode(u"base64")
119
elif secfile:
120
sf = open(secfile)
121
self.secret = sf.read()
122
sf.close()
123
else:
124
raise RuntimeError(u"No secret or secfile for client %s"
125
% self.name)
126
self.fqdn = fqdn # string
127
self.created = datetime.datetime.now()
128
self.last_seen = None
129
if timeout is None:
130
timeout = options.timeout
131
self.timeout = timeout
132
if interval == -1:
133
interval = options.interval
134
else:
135
interval = string_to_delta(interval)
136
self.interval = interval
137
self.stop_hook = stop_hook
537
138
self.checker = None
538
139
self.checker_initiator_tag = None
539
self.disable_initiator_tag = None
140
self.stop_initiator_tag = None
540
141
self.checker_callback_tag = None
541
self.current_checker_command = None
542
self.approved = None
543
self.approvals_pending = 0
544
self.changedstate = (multiprocessing_manager
545
.Condition(multiprocessing_manager
546
.Lock()))
547
self.client_structure = [attr for attr in
548
self.__dict__.iterkeys()
549
if not attr.startswith("_")]
550
self.client_structure.append("client_structure")
551
552
for name, t in inspect.getmembers(type(self),
553
lambda obj:
554
isinstance(obj,
555
property)):
556
if not name.startswith("_"):
557
self.client_structure.append(name)
558
559
# Send notice to process children that client state has changed
560
def send_changedstate(self):
561
with self.changedstate:
562
self.changedstate.notify_all()
563
564
def enable(self):
565
"""Start this client's checker and timeout hooks"""
566
if getattr(self, "enabled", False):
567
# Already enabled
568
return
569
self.send_changedstate()
570
self.expires = datetime.datetime.utcnow() + self.timeout
571
self.enabled = True
572
self.last_enabled = datetime.datetime.utcnow()
573
self.init_checker()
574
575
def disable(self, quiet=True):
576
"""Disable this client."""
577
if not getattr(self, "enabled", False):
578
return False
579
if not quiet:
580
self.send_changedstate()
581
if not quiet:
582
logger.info("Disabling client %s", self.name)
583
if getattr(self, "disable_initiator_tag", False):
584
gobject.source_remove(self.disable_initiator_tag)
585
self.disable_initiator_tag = None
586
self.expires = None
587
if getattr(self, "checker_initiator_tag", False):
588
gobject.source_remove(self.checker_initiator_tag)
589
self.checker_initiator_tag = None
590
self.stop_checker()
591
self.enabled = False
592
# Do not run this again if called by a gobject.timeout_add
593
return False
594
595
def __del__(self):
596
self.disable()
597
598
def init_checker(self):
142
self.check_command = checker
143
def start(self):
144
"""Start this clients checker and timeout hooks"""
599
145
# Schedule a new checker to be started an 'interval' from now,
600
146
# and every interval from then on.
601
self.checker_initiator_tag = (gobject.timeout_add
602
(self.interval_milliseconds(),
603
self.start_checker))
604
# Schedule a disable() when 'timeout' has passed
605
self.disable_initiator_tag = (gobject.timeout_add
606
(self.timeout_milliseconds(),
607
self.disable))
147
self.checker_initiator_tag = gobject.timeout_add\
148
(self._interval_milliseconds,
149
self.start_checker)
608
150
# Also start a new checker *right now*.
609
151
self.start_checker()
610
611
def checker_callback(self, pid, condition, command):
152
# Schedule a stop() when 'timeout' has passed
153
self.stop_initiator_tag = gobject.timeout_add\
154
(self._timeout_milliseconds,
155
self.stop)
156
def stop(self):
157
"""Stop this client.
158
The possibility that this client might be restarted is left
159
open, but not currently used."""
160
logger.debug(u"Stopping client %s", self.name)
161
self.secret = None
162
if self.stop_initiator_tag:
163
gobject.source_remove(self.stop_initiator_tag)
164
self.stop_initiator_tag = None
165
if self.checker_initiator_tag:
166
gobject.source_remove(self.checker_initiator_tag)
167
self.checker_initiator_tag = None
168
self.stop_checker()
169
if self.stop_hook:
170
self.stop_hook(self)
171
# Do not run this again if called by a gobject.timeout_add
172
return False
173
def __del__(self):
174
# Some code duplication here and in stop()
175
if hasattr(self, "stop_initiator_tag") \
176
and self.stop_initiator_tag:
177
gobject.source_remove(self.stop_initiator_tag)
178
self.stop_initiator_tag = None
179
if hasattr(self, "checker_initiator_tag") \
180
and self.checker_initiator_tag:
181
gobject.source_remove(self.checker_initiator_tag)
182
self.checker_initiator_tag = None
183
self.stop_checker()
184
def checker_callback(self, pid, condition):
612
185
"""The checker has completed, so take appropriate actions."""
613
self.checker_callback_tag = None
614
self.checker = None
615
if os.WIFEXITED(condition):
616
self.last_checker_status = os.WEXITSTATUS(condition)
617
if self.last_checker_status == 0:
618
logger.info("Checker for %(name)s succeeded",
619
vars(self))
620
self.checked_ok()
621
else:
622
logger.info("Checker for %(name)s failed",
623
vars(self))
624
else:
625
self.last_checker_status = -1
626
logger.warning("Checker for %(name)s crashed?",
186
now = datetime.datetime.now()
187
if os.WIFEXITED(condition) \
188
and (os.WEXITSTATUS(condition) == 0):
189
logger.debug(u"Checker for %(name)s succeeded",
190
vars(self))
191
self.last_seen = now
192
gobject.source_remove(self.stop_initiator_tag)
193
self.stop_initiator_tag = gobject.timeout_add\
194
(self._timeout_milliseconds,
195
self.stop)
196
if not os.WIFEXITED(condition):
197
logger.warning(u"Checker for %(name)s crashed?",
627
198
vars(self))
628
629
def checked_ok(self):
630
"""Assert that the client has been seen, alive and well."""
631
self.last_checked_ok = datetime.datetime.utcnow()
632
self.last_checker_status = 0
633
self.bump_timeout()
634
635
def bump_timeout(self, timeout=None):
636
"""Bump up the timeout for this client."""
637
if timeout is None:
638
timeout = self.timeout
639
if self.disable_initiator_tag is not None:
640
gobject.source_remove(self.disable_initiator_tag)
641
if getattr(self, "enabled", False):
642
self.disable_initiator_tag = (gobject.timeout_add
643
(timedelta_to_milliseconds
644
(timeout), self.disable))
645
self.expires = datetime.datetime.utcnow() + timeout
646
647
def need_approval(self):
648
self.last_approval_request = datetime.datetime.utcnow()
649
199
else:
200
logger.debug(u"Checker for %(name)s failed",
201
vars(self))
202
self.checker = None
203
self.checker_callback_tag = None
650
204
def start_checker(self):
651
205
"""Start a new checker subprocess if one is not running.
652
653
206
If a checker already exists, leave it running and do
654
207
nothing."""
655
# The reason for not killing a running checker is that if we
656
# did that, then if a checker (for some reason) started
657
# running slowly and taking more than 'interval' time, the
658
# client would inevitably timeout, since no checker would get
659
# a chance to run to completion. If we instead leave running
660
# checkers alone, the checker would have to take more time
661
# than 'timeout' for the client to be disabled, which is as it
662
# should be.
663
664
# If a checker exists, make sure it is not a zombie
665
try:
666
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
667
except (AttributeError, OSError) as error:
668
if (isinstance(error, OSError)
669
and error.errno != errno.ECHILD):
670
raise error
671
else:
672
if pid:
673
logger.warning("Checker was a zombie")
674
gobject.source_remove(self.checker_callback_tag)
675
self.checker_callback(pid, status,
676
self.current_checker_command)
677
# Start a new checker if needed
678
208
if self.checker is None:
209
logger.debug(u"Starting checker for %s",
210
self.name)
679
211
try:
680
# In case checker_command has exactly one % operator
681
command = self.checker_command % self.host
212
command = self.check_command % self.fqdn
682
213
except TypeError:
683
# Escape attributes for the shell
684
escaped_attrs = dict(
685
(attr,
686
re.escape(unicode(str(getattr(self, attr, "")),
687
errors=
688
'replace')))
689
for attr in
690
self.runtime_expansions)
691
214
escaped_attrs = dict((key, re.escape(str(val)))
215
for key, val in
216
vars(self).iteritems())
692
217
try:
693
command = self.checker_command % escaped_attrs
694
except TypeError as error:
695
logger.error('Could not format string "%s":'
696
' %s', self.checker_command, error)
218
command = self.check_command % escaped_attrs
219
except TypeError, error:
220
logger.critical(u'Could not format string "%s": %s',
221
self.check_command, error)
697
222
return True # Try again later
698
self.current_checker_command = command
699
223
try:
700
logger.info("Starting checker %r for %s",
701
command, self.name)
702
# We don't need to redirect stdout and stderr, since
703
# in normal mode, that is already done by daemon(),
704
# and in debug mode we don't want to. (Stdin is
705
# always replaced by /dev/null.)
706
self.checker = subprocess.Popen(command,
707
close_fds=True,
708
shell=True, cwd="/")
709
self.checker_callback_tag = (gobject.child_watch_add
710
(self.checker.pid,
711
self.checker_callback,
712
data=command))
713
# The checker may have completed before the gobject
714
# watch was added. Check for this.
715
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
716
if pid:
717
gobject.source_remove(self.checker_callback_tag)
718
self.checker_callback(pid, status, command)
719
except OSError as error:
720
logger.error("Failed to start subprocess: %s",
224
self.checker = subprocess.\
225
Popen(command,
226
stdout=subprocess.PIPE,
227
close_fds=True, shell=True,
228
cwd="/")
229
self.checker_callback_tag = gobject.\
230
child_watch_add(self.checker.pid,
231
self.\
232
checker_callback)
233
except subprocess.OSError, error:
234
logger.error(u"Failed to start subprocess: %s",
721
235
error)
722
236
# Re-run this periodically if run by gobject.timeout_add
723
237
return True
724
725
238
def stop_checker(self):
726
239
"""Force the checker process, if any, to stop."""
727
if self.checker_callback_tag:
728
gobject.source_remove(self.checker_callback_tag)
729
self.checker_callback_tag = None
730
if getattr(self, "checker", None) is None:
240
if not hasattr(self, "checker") or self.checker is None:
731
241
return
732
logger.debug("Stopping checker for %(name)s", vars(self))
733
try:
734
os.kill(self.checker.pid, signal.SIGTERM)
735
#time.sleep(0.5)
736
#if self.checker.poll() is None:
737
# os.kill(self.checker.pid, signal.SIGKILL)
738
except OSError as error:
739
if error.errno != errno.ESRCH: # No such process
740
raise
741
self.checker = None
742
743
744
def dbus_service_property(dbus_interface, signature="v",
745
access="readwrite", byte_arrays=False):
746
"""Decorators for marking methods of a DBusObjectWithProperties to
747
become properties on the D-Bus.
748
749
The decorated method will be called with no arguments by "Get"
750
and with one argument by "Set".
751
752
The parameters, where they are supported, are the same as
753
dbus.service.method, except there is only "signature", since the
754
type from Get() and the type sent to Set() is the same.
755
"""
756
# Encoding deeply encoded byte arrays is not supported yet by the
757
# "Set" method, so we fail early here:
758
if byte_arrays and signature != "ay":
759
raise ValueError("Byte arrays not supported for non-'ay'"
760
" signature %r" % signature)
761
def decorator(func):
762
func._dbus_is_property = True
763
func._dbus_interface = dbus_interface
764
func._dbus_signature = signature
765
func._dbus_access = access
766
func._dbus_name = func.__name__
767
if func._dbus_name.endswith("_dbus_property"):
768
func._dbus_name = func._dbus_name[:-14]
769
func._dbus_get_args_options = {'byte_arrays': byte_arrays }
770
return func
771
return decorator
772
773
774
class DBusPropertyException(dbus.exceptions.DBusException):
775
"""A base class for D-Bus property-related exceptions
776
"""
777
def __unicode__(self):
778
return unicode(str(self))
779
780
781
class DBusPropertyAccessException(DBusPropertyException):
782
"""A property's access permissions disallows an operation.
783
"""
784
pass
785
786
787
class DBusPropertyNotFound(DBusPropertyException):
788
"""An attempt was made to access a non-existing property.
789
"""
790
pass
791
792
793
class DBusObjectWithProperties(dbus.service.Object):
794
"""A D-Bus object with properties.
795
796
Classes inheriting from this can use the dbus_service_property
797
decorator to expose methods as D-Bus properties. It exposes the
798
standard Get(), Set(), and GetAll() methods on the D-Bus.
799
"""
800
801
@staticmethod
802
def _is_dbus_property(obj):
803
return getattr(obj, "_dbus_is_property", False)
804
805
def _get_all_dbus_properties(self):
806
"""Returns a generator of (name, attribute) pairs
807
"""
808
return ((prop.__get__(self)._dbus_name, prop.__get__(self))
809
for cls in self.__class__.__mro__
810
for name, prop in
811
inspect.getmembers(cls, self._is_dbus_property))
812
813
def _get_dbus_property(self, interface_name, property_name):
814
"""Returns a bound method if one exists which is a D-Bus
815
property with the specified name and interface.
816
"""
817
for cls in self.__class__.__mro__:
818
for name, value in (inspect.getmembers
819
(cls, self._is_dbus_property)):
820
if (value._dbus_name == property_name
821
and value._dbus_interface == interface_name):
822
return value.__get__(self)
823
824
# No such property
825
raise DBusPropertyNotFound(self.dbus_object_path + ":"
826
+ interface_name + "."
827
+ property_name)
828
829
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ss",
830
out_signature="v")
831
def Get(self, interface_name, property_name):
832
"""Standard D-Bus property Get() method, see D-Bus standard.
833
"""
834
prop = self._get_dbus_property(interface_name, property_name)
835
if prop._dbus_access == "write":
836
raise DBusPropertyAccessException(property_name)
837
value = prop()
838
if not hasattr(value, "variant_level"):
839
return value
840
return type(value)(value, variant_level=value.variant_level+1)
841
842
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ssv")
843
def Set(self, interface_name, property_name, value):
844
"""Standard D-Bus property Set() method, see D-Bus standard.
845
"""
846
prop = self._get_dbus_property(interface_name, property_name)
847
if prop._dbus_access == "read":
848
raise DBusPropertyAccessException(property_name)
849
if prop._dbus_get_args_options["byte_arrays"]:
850
# The byte_arrays option is not supported yet on
851
# signatures other than "ay".
852
if prop._dbus_signature != "ay":
853
raise ValueError
854
value = dbus.ByteArray(b''.join(chr(byte)
855
for byte in value))
856
prop(value)
857
858
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="s",
859
out_signature="a{sv}")
860
def GetAll(self, interface_name):
861
"""Standard D-Bus property GetAll() method, see D-Bus
862
standard.
863
864
Note: Will not include properties with access="write".
865
"""
866
properties = {}
867
for name, prop in self._get_all_dbus_properties():
868
if (interface_name
869
and interface_name != prop._dbus_interface):
870
# Interface non-empty but did not match
871
continue
872
# Ignore write-only properties
873
if prop._dbus_access == "write":
874
continue
875
value = prop()
876
if not hasattr(value, "variant_level"):
877
properties[name] = value
878
continue
879
properties[name] = type(value)(value, variant_level=
880
value.variant_level+1)
881
return dbus.Dictionary(properties, signature="sv")
882
883
@dbus.service.method(dbus.INTROSPECTABLE_IFACE,
884
out_signature="s",
885
path_keyword='object_path',
886
connection_keyword='connection')
887
def Introspect(self, object_path, connection):
888
"""Standard D-Bus method, overloaded to insert property tags.
889
"""
890
xmlstring = dbus.service.Object.Introspect(self, object_path,
891
connection)
892
try:
893
document = xml.dom.minidom.parseString(xmlstring)
894
def make_tag(document, name, prop):
895
e = document.createElement("property")
896
e.setAttribute("name", name)
897
e.setAttribute("type", prop._dbus_signature)
898
e.setAttribute("access", prop._dbus_access)
899
return e
900
for if_tag in document.getElementsByTagName("interface"):
901
for tag in (make_tag(document, name, prop)
902
for name, prop
903
in self._get_all_dbus_properties()
904
if prop._dbus_interface
905
== if_tag.getAttribute("name")):
906
if_tag.appendChild(tag)
907
# Add the names to the return values for the
908
# "org.freedesktop.DBus.Properties" methods
909
if (if_tag.getAttribute("name")
910
== "org.freedesktop.DBus.Properties"):
911
for cn in if_tag.getElementsByTagName("method"):
912
if cn.getAttribute("name") == "Get":
913
for arg in cn.getElementsByTagName("arg"):
914
if (arg.getAttribute("direction")
915
== "out"):
916
arg.setAttribute("name", "value")
917
elif cn.getAttribute("name") == "GetAll":
918
for arg in cn.getElementsByTagName("arg"):
919
if (arg.getAttribute("direction")
920
== "out"):
921
arg.setAttribute("name", "props")
922
xmlstring = document.toxml("utf-8")
923
document.unlink()
924
except (AttributeError, xml.dom.DOMException,
925
xml.parsers.expat.ExpatError) as error:
926
logger.error("Failed to override Introspection method",
927
error)
928
return xmlstring
929
930
931
def datetime_to_dbus (dt, variant_level=0):
932
"""Convert a UTC datetime.datetime() to a D-Bus type."""
933
if dt is None:
934
return dbus.String("", variant_level = variant_level)
935
return dbus.String(dt.isoformat(),
936
variant_level=variant_level)
937
938
939
class AlternateDBusNamesMetaclass(DBusObjectWithProperties
940
.__metaclass__):
941
"""Applied to an empty subclass of a D-Bus object, this metaclass
942
will add additional D-Bus attributes matching a certain pattern.
943
"""
944
def __new__(mcs, name, bases, attr):
945
# Go through all the base classes which could have D-Bus
946
# methods, signals, or properties in them
947
for base in (b for b in bases
948
if issubclass(b, dbus.service.Object)):
949
# Go though all attributes of the base class
950
for attrname, attribute in inspect.getmembers(base):
951
# Ignore non-D-Bus attributes, and D-Bus attributes
952
# with the wrong interface name
953
if (not hasattr(attribute, "_dbus_interface")
954
or not attribute._dbus_interface
955
.startswith("se.recompile.Mandos")):
956
continue
957
# Create an alternate D-Bus interface name based on
958
# the current name
959
alt_interface = (attribute._dbus_interface
960
.replace("se.recompile.Mandos",
961
"se.bsnet.fukt.Mandos"))
962
# Is this a D-Bus signal?
963
if getattr(attribute, "_dbus_is_signal", False):
964
# Extract the original non-method function by
965
# black magic
966
nonmethod_func = (dict(
967
zip(attribute.func_code.co_freevars,
968
attribute.__closure__))["func"]
969
.cell_contents)
970
# Create a new, but exactly alike, function
971
# object, and decorate it to be a new D-Bus signal
972
# with the alternate D-Bus interface name
973
new_function = (dbus.service.signal
974
(alt_interface,
975
attribute._dbus_signature)
976
(types.FunctionType(
977
nonmethod_func.func_code,
978
nonmethod_func.func_globals,
979
nonmethod_func.func_name,
980
nonmethod_func.func_defaults,
981
nonmethod_func.func_closure)))
982
# Define a creator of a function to call both the
983
# old and new functions, so both the old and new
984
# signals gets sent when the function is called
985
def fixscope(func1, func2):
986
"""This function is a scope container to pass
987
func1 and func2 to the "call_both" function
988
outside of its arguments"""
989
def call_both(*args, **kwargs):
990
"""This function will emit two D-Bus
991
signals by calling func1 and func2"""
992
func1(*args, **kwargs)
993
func2(*args, **kwargs)
994
return call_both
995
# Create the "call_both" function and add it to
996
# the class
997
attr[attrname] = fixscope(attribute,
998
new_function)
999
# Is this a D-Bus method?
1000
elif getattr(attribute, "_dbus_is_method", False):
1001
# Create a new, but exactly alike, function
1002
# object. Decorate it to be a new D-Bus method
1003
# with the alternate D-Bus interface name. Add it
1004
# to the class.
1005
attr[attrname] = (dbus.service.method
1006
(alt_interface,
1007
attribute._dbus_in_signature,
1008
attribute._dbus_out_signature)
1009
(types.FunctionType
1010
(attribute.func_code,
1011
attribute.func_globals,
1012
attribute.func_name,
1013
attribute.func_defaults,
1014
attribute.func_closure)))
1015
# Is this a D-Bus property?
1016
elif getattr(attribute, "_dbus_is_property", False):
1017
# Create a new, but exactly alike, function
1018
# object, and decorate it to be a new D-Bus
1019
# property with the alternate D-Bus interface
1020
# name. Add it to the class.
1021
attr[attrname] = (dbus_service_property
1022
(alt_interface,
1023
attribute._dbus_signature,
1024
attribute._dbus_access,
1025
attribute
1026
._dbus_get_args_options
1027
["byte_arrays"])
1028
(types.FunctionType
1029
(attribute.func_code,
1030
attribute.func_globals,
1031
attribute.func_name,
1032
attribute.func_defaults,
1033
attribute.func_closure)))
1034
return type.__new__(mcs, name, bases, attr)
1035
1036
1037
class ClientDBus(Client, DBusObjectWithProperties):
1038
"""A Client class using D-Bus
1039
1040
Attributes:
1041
dbus_object_path: dbus.ObjectPath
1042
bus: dbus.SystemBus()
1043
"""
1044
1045
runtime_expansions = (Client.runtime_expansions
1046
+ ("dbus_object_path",))
1047
1048
# dbus.service.Object doesn't use super(), so we can't either.
1049
1050
def __init__(self, bus = None, *args, **kwargs):
1051
self.bus = bus
1052
Client.__init__(self, *args, **kwargs)
1053
# Only now, when this client is initialized, can it show up on
1054
# the D-Bus
1055
client_object_name = unicode(self.name).translate(
1056
{ord("."): ord("_"),
1057
ord("-"): ord("_")})
1058
self.dbus_object_path = (dbus.ObjectPath
1059
("/clients/" + client_object_name))
1060
DBusObjectWithProperties.__init__(self, self.bus,
1061
self.dbus_object_path)
1062
1063
def notifychangeproperty(transform_func,
1064
dbus_name, type_func=lambda x: x,
1065
variant_level=1):
1066
""" Modify a variable so that it's a property which announces
1067
its changes to DBus.
1068
1069
transform_fun: Function that takes a value and a variant_level
1070
and transforms it to a D-Bus type.
1071
dbus_name: D-Bus name of the variable
1072
type_func: Function that transform the value before sending it
1073
to the D-Bus. Default: no transform
1074
variant_level: D-Bus variant level. Default: 1
1075
"""
1076
attrname = "_{0}".format(dbus_name)
1077
def setter(self, value):
1078
if hasattr(self, "dbus_object_path"):
1079
if (not hasattr(self, attrname) or
1080
type_func(getattr(self, attrname, None))
1081
!= type_func(value)):
1082
dbus_value = transform_func(type_func(value),
1083
variant_level
1084
=variant_level)
1085
self.PropertyChanged(dbus.String(dbus_name),
1086
dbus_value)
1087
setattr(self, attrname, value)
1088
1089
return property(lambda self: getattr(self, attrname), setter)
1090
1091
1092
expires = notifychangeproperty(datetime_to_dbus, "Expires")
1093
approvals_pending = notifychangeproperty(dbus.Boolean,
1094
"ApprovalPending",
1095
type_func = bool)
1096
enabled = notifychangeproperty(dbus.Boolean, "Enabled")
1097
last_enabled = notifychangeproperty(datetime_to_dbus,
1098
"LastEnabled")
1099
checker = notifychangeproperty(dbus.Boolean, "CheckerRunning",
1100
type_func = lambda checker:
1101
checker is not None)
1102
last_checked_ok = notifychangeproperty(datetime_to_dbus,
1103
"LastCheckedOK")
1104
last_checker_status = notifychangeproperty(dbus.Int16,
1105
"LastCheckerStatus")
1106
last_approval_request = notifychangeproperty(
1107
datetime_to_dbus, "LastApprovalRequest")
1108
approved_by_default = notifychangeproperty(dbus.Boolean,
1109
"ApprovedByDefault")
1110
approval_delay = notifychangeproperty(dbus.UInt64,
1111
"ApprovalDelay",
1112
type_func =
1113
timedelta_to_milliseconds)
1114
approval_duration = notifychangeproperty(
1115
dbus.UInt64, "ApprovalDuration",
1116
type_func = timedelta_to_milliseconds)
1117
host = notifychangeproperty(dbus.String, "Host")
1118
timeout = notifychangeproperty(dbus.UInt64, "Timeout",
1119
type_func =
1120
timedelta_to_milliseconds)
1121
extended_timeout = notifychangeproperty(
1122
dbus.UInt64, "ExtendedTimeout",
1123
type_func = timedelta_to_milliseconds)
1124
interval = notifychangeproperty(dbus.UInt64,
1125
"Interval",
1126
type_func =
1127
timedelta_to_milliseconds)
1128
checker_command = notifychangeproperty(dbus.String, "Checker")
1129
1130
del notifychangeproperty
1131
1132
def __del__(self, *args, **kwargs):
1133
try:
1134
self.remove_from_connection()
1135
except LookupError:
1136
pass
1137
if hasattr(DBusObjectWithProperties, "__del__"):
1138
DBusObjectWithProperties.__del__(self, *args, **kwargs)
1139
Client.__del__(self, *args, **kwargs)
1140
1141
def checker_callback(self, pid, condition, command,
1142
*args, **kwargs):
242
gobject.source_remove(self.checker_callback_tag)
1143
243
self.checker_callback_tag = None
244
os.kill(self.checker.pid, signal.SIGTERM)
245
if self.checker.poll() is None:
246
os.kill(self.checker.pid, signal.SIGKILL)
1144
247
self.checker = None
1145
if os.WIFEXITED(condition):
1146
exitstatus = os.WEXITSTATUS(condition)
1147
# Emit D-Bus signal
1148
self.CheckerCompleted(dbus.Int16(exitstatus),
1149
dbus.Int64(condition),
1150
dbus.String(command))
1151
else:
1152
# Emit D-Bus signal
1153
self.CheckerCompleted(dbus.Int16(-1),
1154
dbus.Int64(condition),
1155
dbus.String(command))
1156
1157
return Client.checker_callback(self, pid, condition, command,
1158
*args, **kwargs)
1159
1160
def start_checker(self, *args, **kwargs):
1161
old_checker = self.checker
1162
if self.checker is not None:
1163
old_checker_pid = self.checker.pid
1164
else:
1165
old_checker_pid = None
1166
r = Client.start_checker(self, *args, **kwargs)
1167
# Only if new checker process was started
1168
if (self.checker is not None
1169
and old_checker_pid != self.checker.pid):
1170
# Emit D-Bus signal
1171
self.CheckerStarted(self.current_checker_command)
1172
return r
1173
1174
def _reset_approved(self):
1175
self.approved = None
1176
return False
1177
1178
def approve(self, value=True):
1179
self.send_changedstate()
1180
self.approved = value
1181
gobject.timeout_add(timedelta_to_milliseconds
1182
(self.approval_duration),
1183
self._reset_approved)
1184
1185
1186
## D-Bus methods, signals & properties
1187
_interface = "se.recompile.Mandos.Client"
1188
1189
## Signals
1190
1191
# CheckerCompleted - signal
1192
@dbus.service.signal(_interface, signature="nxs")
1193
def CheckerCompleted(self, exitcode, waitstatus, command):
1194
"D-Bus signal"
1195
pass
1196
1197
# CheckerStarted - signal
1198
@dbus.service.signal(_interface, signature="s")
1199
def CheckerStarted(self, command):
1200
"D-Bus signal"
1201
pass
1202
1203
# PropertyChanged - signal
1204
@dbus.service.signal(_interface, signature="sv")
1205
def PropertyChanged(self, property, value):
1206
"D-Bus signal"
1207
pass
1208
1209
# GotSecret - signal
1210
@dbus.service.signal(_interface)
1211
def GotSecret(self):
1212
"""D-Bus signal
1213
Is sent after a successful transfer of secret from the Mandos
1214
server to mandos-client
1215
"""
1216
pass
1217
1218
# Rejected - signal
1219
@dbus.service.signal(_interface, signature="s")
1220
def Rejected(self, reason):
1221
"D-Bus signal"
1222
pass
1223
1224
# NeedApproval - signal
1225
@dbus.service.signal(_interface, signature="tb")
1226
def NeedApproval(self, timeout, default):
1227
"D-Bus signal"
1228
return self.need_approval()
1229
1230
## Methods
1231
1232
# Approve - method
1233
@dbus.service.method(_interface, in_signature="b")
1234
def Approve(self, value):
1235
self.approve(value)
1236
1237
# CheckedOK - method
1238
@dbus.service.method(_interface)
1239
def CheckedOK(self):
1240
self.checked_ok()
1241
1242
# Enable - method
1243
@dbus.service.method(_interface)
1244
def Enable(self):
1245
"D-Bus method"
1246
self.enable()
1247
1248
# StartChecker - method
1249
@dbus.service.method(_interface)
1250
def StartChecker(self):
1251
"D-Bus method"
1252
self.start_checker()
1253
1254
# Disable - method
1255
@dbus.service.method(_interface)
1256
def Disable(self):
1257
"D-Bus method"
1258
self.disable()
1259
1260
# StopChecker - method
1261
@dbus.service.method(_interface)
1262
def StopChecker(self):
1263
self.stop_checker()
1264
1265
## Properties
1266
1267
# ApprovalPending - property
1268
@dbus_service_property(_interface, signature="b", access="read")
1269
def ApprovalPending_dbus_property(self):
1270
return dbus.Boolean(bool(self.approvals_pending))
1271
1272
# ApprovedByDefault - property
1273
@dbus_service_property(_interface, signature="b",
1274
access="readwrite")
1275
def ApprovedByDefault_dbus_property(self, value=None):
1276
if value is None: # get
1277
return dbus.Boolean(self.approved_by_default)
1278
self.approved_by_default = bool(value)
1279
1280
# ApprovalDelay - property
1281
@dbus_service_property(_interface, signature="t",
1282
access="readwrite")
1283
def ApprovalDelay_dbus_property(self, value=None):
1284
if value is None: # get
1285
return dbus.UInt64(self.approval_delay_milliseconds())
1286
self.approval_delay = datetime.timedelta(0, 0, 0, value)
1287
1288
# ApprovalDuration - property
1289
@dbus_service_property(_interface, signature="t",
1290
access="readwrite")
1291
def ApprovalDuration_dbus_property(self, value=None):
1292
if value is None: # get
1293
return dbus.UInt64(timedelta_to_milliseconds(
1294
self.approval_duration))
1295
self.approval_duration = datetime.timedelta(0, 0, 0, value)
1296
1297
# Name - property
1298
@dbus_service_property(_interface, signature="s", access="read")
1299
def Name_dbus_property(self):
1300
return dbus.String(self.name)
1301
1302
# Fingerprint - property
1303
@dbus_service_property(_interface, signature="s", access="read")
1304
def Fingerprint_dbus_property(self):
1305
return dbus.String(self.fingerprint)
1306
1307
# Host - property
1308
@dbus_service_property(_interface, signature="s",
1309
access="readwrite")
1310
def Host_dbus_property(self, value=None):
1311
if value is None: # get
1312
return dbus.String(self.host)
1313
self.host = unicode(value)
1314
1315
# Created - property
1316
@dbus_service_property(_interface, signature="s", access="read")
1317
def Created_dbus_property(self):
1318
return datetime_to_dbus(self.created)
1319
1320
# LastEnabled - property
1321
@dbus_service_property(_interface, signature="s", access="read")
1322
def LastEnabled_dbus_property(self):
1323
return datetime_to_dbus(self.last_enabled)
1324
1325
# Enabled - property
1326
@dbus_service_property(_interface, signature="b",
1327
access="readwrite")
1328
def Enabled_dbus_property(self, value=None):
1329
if value is None: # get
1330
return dbus.Boolean(self.enabled)
1331
if value:
1332
self.enable()
1333
else:
1334
self.disable()
1335
1336
# LastCheckedOK - property
1337
@dbus_service_property(_interface, signature="s",
1338
access="readwrite")
1339
def LastCheckedOK_dbus_property(self, value=None):
1340
if value is not None:
1341
self.checked_ok()
1342
return
1343
return datetime_to_dbus(self.last_checked_ok)
1344
1345
# LastCheckerStatus - property
1346
@dbus_service_property(_interface, signature="n",
1347
access="read")
1348
def LastCheckerStatus_dbus_property(self):
1349
return dbus.Int16(self.last_checker_status)
1350
1351
# Expires - property
1352
@dbus_service_property(_interface, signature="s", access="read")
1353
def Expires_dbus_property(self):
1354
return datetime_to_dbus(self.expires)
1355
1356
# LastApprovalRequest - property
1357
@dbus_service_property(_interface, signature="s", access="read")
1358
def LastApprovalRequest_dbus_property(self):
1359
return datetime_to_dbus(self.last_approval_request)
1360
1361
# Timeout - property
1362
@dbus_service_property(_interface, signature="t",
1363
access="readwrite")
1364
def Timeout_dbus_property(self, value=None):
1365
if value is None: # get
1366
return dbus.UInt64(self.timeout_milliseconds())
1367
self.timeout = datetime.timedelta(0, 0, 0, value)
1368
# Reschedule timeout
1369
if self.enabled:
1370
now = datetime.datetime.utcnow()
1371
time_to_die = timedelta_to_milliseconds(
1372
(self.last_checked_ok + self.timeout) - now)
1373
if time_to_die <= 0:
1374
# The timeout has passed
1375
self.disable()
1376
else:
1377
self.expires = (now +
1378
datetime.timedelta(milliseconds =
1379
time_to_die))
1380
if (getattr(self, "disable_initiator_tag", None)
1381
is None):
1382
return
1383
gobject.source_remove(self.disable_initiator_tag)
1384
self.disable_initiator_tag = (gobject.timeout_add
1385
(time_to_die,
1386
self.disable))
1387
1388
# ExtendedTimeout - property
1389
@dbus_service_property(_interface, signature="t",
1390
access="readwrite")
1391
def ExtendedTimeout_dbus_property(self, value=None):
1392
if value is None: # get
1393
return dbus.UInt64(self.extended_timeout_milliseconds())
1394
self.extended_timeout = datetime.timedelta(0, 0, 0, value)
1395
1396
# Interval - property
1397
@dbus_service_property(_interface, signature="t",
1398
access="readwrite")
1399
def Interval_dbus_property(self, value=None):
1400
if value is None: # get
1401
return dbus.UInt64(self.interval_milliseconds())
1402
self.interval = datetime.timedelta(0, 0, 0, value)
1403
if getattr(self, "checker_initiator_tag", None) is None:
1404
return
1405
if self.enabled:
1406
# Reschedule checker run
1407
gobject.source_remove(self.checker_initiator_tag)
1408
self.checker_initiator_tag = (gobject.timeout_add
1409
(value, self.start_checker))
1410
self.start_checker() # Start one now, too
1411
1412
# Checker - property
1413
@dbus_service_property(_interface, signature="s",
1414
access="readwrite")
1415
def Checker_dbus_property(self, value=None):
1416
if value is None: # get
1417
return dbus.String(self.checker_command)
1418
self.checker_command = unicode(value)
1419
1420
# CheckerRunning - property
1421
@dbus_service_property(_interface, signature="b",
1422
access="readwrite")
1423
def CheckerRunning_dbus_property(self, value=None):
1424
if value is None: # get
1425
return dbus.Boolean(self.checker is not None)
1426
if value:
1427
self.start_checker()
1428
else:
1429
self.stop_checker()
1430
1431
# ObjectPath - property
1432
@dbus_service_property(_interface, signature="o", access="read")
1433
def ObjectPath_dbus_property(self):
1434
return self.dbus_object_path # is already a dbus.ObjectPath
1435
1436
# Secret = property
1437
@dbus_service_property(_interface, signature="ay",
1438
access="write", byte_arrays=True)
1439
def Secret_dbus_property(self, value):
1440
self.secret = str(value)
1441
1442
del _interface
1443
1444
1445
class ProxyClient(object):
1446
def __init__(self, child_pipe, fpr, address):
1447
self._pipe = child_pipe
1448
self._pipe.send(('init', fpr, address))
1449
if not self._pipe.recv():
1450
raise KeyError()
1451
1452
def __getattribute__(self, name):
1453
if name == '_pipe':
1454
return super(ProxyClient, self).__getattribute__(name)
1455
self._pipe.send(('getattr', name))
1456
data = self._pipe.recv()
1457
if data[0] == 'data':
1458
return data[1]
1459
if data[0] == 'function':
1460
def func(*args, **kwargs):
1461
self._pipe.send(('funcall', name, args, kwargs))
1462
return self._pipe.recv()[1]
1463
return func
1464
1465
def __setattr__(self, name, value):
1466
if name == '_pipe':
1467
return super(ProxyClient, self).__setattr__(name, value)
1468
self._pipe.send(('setattr', name, value))
1469
1470
1471
class ClientDBusTransitional(ClientDBus):
1472
__metaclass__ = AlternateDBusNamesMetaclass
1473
1474
1475
class ClientHandler(socketserver.BaseRequestHandler, object):
1476
"""A class to handle client connections.
1477
1478
Instantiated once for each connection to handle it.
248
def still_valid(self, now=None):
249
"""Has the timeout not yet passed for this client?"""
250
if now is None:
251
now = datetime.datetime.now()
252
if self.last_seen is None:
253
return now < (self.created + self.timeout)
254
else:
255
return now < (self.last_seen + self.timeout)
256
257
258
def peer_certificate(session):
259
# If not an OpenPGP certificate...
260
if gnutls.library.functions.gnutls_certificate_type_get\
261
(session._c_object) \
262
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP:
263
# ...do the normal thing
264
return session.peer_certificate
265
list_size = ctypes.c_uint()
266
cert_list = gnutls.library.functions.gnutls_certificate_get_peers\
267
(session._c_object, ctypes.byref(list_size))
268
if list_size.value == 0:
269
return None
270
cert = cert_list[0]
271
return ctypes.string_at(cert.data, cert.size)
272
273
274
def fingerprint(openpgp):
275
# New empty GnuTLS certificate
276
crt = gnutls.library.types.gnutls_openpgp_crt_t()
277
gnutls.library.functions.gnutls_openpgp_crt_init\
278
(ctypes.byref(crt))
279
# New GnuTLS "datum" with the OpenPGP public key
280
datum = gnutls.library.types.gnutls_datum_t\
281
(ctypes.cast(ctypes.c_char_p(openpgp),
282
ctypes.POINTER(ctypes.c_ubyte)),
283
ctypes.c_uint(len(openpgp)))
284
# Import the OpenPGP public key into the certificate
285
ret = gnutls.library.functions.gnutls_openpgp_crt_import\
286
(crt,
287
ctypes.byref(datum),
288
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
289
# New buffer for the fingerprint
290
buffer = ctypes.create_string_buffer(20)
291
buffer_length = ctypes.c_size_t()
292
# Get the fingerprint from the certificate into the buffer
293
gnutls.library.functions.gnutls_openpgp_crt_get_fingerprint\
294
(crt, ctypes.byref(buffer), ctypes.byref(buffer_length))
295
# Deinit the certificate
296
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
297
# Convert the buffer to a Python bytestring
298
fpr = ctypes.string_at(buffer, buffer_length.value)
299
# Convert the bytestring to hexadecimal notation
300
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
301
return hex_fpr
302
303
304
class tcp_handler(SocketServer.BaseRequestHandler, object):
305
"""A TCP request handler class.
306
Instantiated by IPv6_TCPServer for each request to handle it.
1479
307
Note: This will run in its own forked process."""
1480
308
1481
309
def handle(self):
1482
with contextlib.closing(self.server.child_pipe) as child_pipe:
1483
logger.info("TCP connection from: %s",
1484
unicode(self.client_address))
1485
logger.debug("Pipe FD: %d",
1486
self.server.child_pipe.fileno())
1487
1488
session = (gnutls.connection
1489
.ClientSession(self.request,
1490
gnutls.connection
1491
.X509Credentials()))
1492
1493
# Note: gnutls.connection.X509Credentials is really a
1494
# generic GnuTLS certificate credentials object so long as
1495
# no X.509 keys are added to it. Therefore, we can use it
1496
# here despite using OpenPGP certificates.
1497
1498
#priority = ':'.join(("NONE", "+VERS-TLS1.1",
1499
# "+AES-256-CBC", "+SHA1",
1500
# "+COMP-NULL", "+CTYPE-OPENPGP",
1501
# "+DHE-DSS"))
1502
# Use a fallback default, since this MUST be set.
1503
priority = self.server.gnutls_priority
1504
if priority is None:
1505
priority = "NORMAL"
1506
(gnutls.library.functions
1507
.gnutls_priority_set_direct(session._c_object,
1508
priority, None))
1509
1510
# Start communication using the Mandos protocol
1511
# Get protocol number
1512
line = self.request.makefile().readline()
1513
logger.debug("Protocol version: %r", line)
1514
try:
1515
if int(line.strip().split()[0]) > 1:
1516
raise RuntimeError
1517
except (ValueError, IndexError, RuntimeError) as error:
1518
logger.error("Unknown protocol version: %s", error)
1519
return
1520
1521
# Start GnuTLS connection
1522
try:
1523
session.handshake()
1524
except gnutls.errors.GNUTLSError as error:
1525
logger.warning("Handshake failed: %s", error)
1526
# Do not run session.bye() here: the session is not
1527
# established. Just abandon the request.
1528
return
1529
logger.debug("Handshake succeeded")
1530
1531
approval_required = False
1532
try:
1533
try:
1534
fpr = self.fingerprint(self.peer_certificate
1535
(session))
1536
except (TypeError,
1537
gnutls.errors.GNUTLSError) as error:
1538
logger.warning("Bad certificate: %s", error)
1539
return
1540
logger.debug("Fingerprint: %s", fpr)
1541
1542
try:
1543
client = ProxyClient(child_pipe, fpr,
1544
self.client_address)
1545
except KeyError:
1546
return
1547
1548
if client.approval_delay:
1549
delay = client.approval_delay
1550
client.approvals_pending += 1
1551
approval_required = True
1552
1553
while True:
1554
if not client.enabled:
1555
logger.info("Client %s is disabled",
1556
client.name)
1557
if self.server.use_dbus:
1558
# Emit D-Bus signal
1559
client.Rejected("Disabled")
1560
return
1561
1562
if client.approved or not client.approval_delay:
1563
#We are approved or approval is disabled
1564
break
1565
elif client.approved is None:
1566
logger.info("Client %s needs approval",
1567
client.name)
1568
if self.server.use_dbus:
1569
# Emit D-Bus signal
1570
client.NeedApproval(
1571
client.approval_delay_milliseconds(),
1572
client.approved_by_default)
1573
else:
1574
logger.warning("Client %s was not approved",
1575
client.name)
1576
if self.server.use_dbus:
1577
# Emit D-Bus signal
1578
client.Rejected("Denied")
1579
return
1580
1581
#wait until timeout or approved
1582
time = datetime.datetime.now()
1583
client.changedstate.acquire()
1584
(client.changedstate.wait
1585
(float(client.timedelta_to_milliseconds(delay)
1586
/ 1000)))
1587
client.changedstate.release()
1588
time2 = datetime.datetime.now()
1589
if (time2 - time) >= delay:
1590
if not client.approved_by_default:
1591
logger.warning("Client %s timed out while"
1592
" waiting for approval",
1593
client.name)
1594
if self.server.use_dbus:
1595
# Emit D-Bus signal
1596
client.Rejected("Approval timed out")
1597
return
1598
else:
1599
break
1600
else:
1601
delay -= time2 - time
1602
1603
sent_size = 0
1604
while sent_size < len(client.secret):
1605
try:
1606
sent = session.send(client.secret[sent_size:])
1607
except gnutls.errors.GNUTLSError as error:
1608
logger.warning("gnutls send failed")
1609
return
1610
logger.debug("Sent: %d, remaining: %d",
1611
sent, len(client.secret)
1612
- (sent_size + sent))
1613
sent_size += sent
1614
1615
logger.info("Sending secret to %s", client.name)
1616
# bump the timeout using extended_timeout
1617
client.bump_timeout(client.extended_timeout)
1618
if self.server.use_dbus:
1619
# Emit D-Bus signal
1620
client.GotSecret()
1621
1622
finally:
1623
if approval_required:
1624
client.approvals_pending -= 1
1625
try:
1626
session.bye()
1627
except gnutls.errors.GNUTLSError as error:
1628
logger.warning("GnuTLS bye failed")
1629
1630
@staticmethod
1631
def peer_certificate(session):
1632
"Return the peer's OpenPGP certificate as a bytestring"
1633
# If not an OpenPGP certificate...
1634
if (gnutls.library.functions
1635
.gnutls_certificate_type_get(session._c_object)
1636
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
1637
# ...do the normal thing
1638
return session.peer_certificate
1639
list_size = ctypes.c_uint(1)
1640
cert_list = (gnutls.library.functions
1641
.gnutls_certificate_get_peers
1642
(session._c_object, ctypes.byref(list_size)))
1643
if not bool(cert_list) and list_size.value != 0:
1644
raise gnutls.errors.GNUTLSError("error getting peer"
1645
" certificate")
1646
if list_size.value == 0:
1647
return None
1648
cert = cert_list[0]
1649
return ctypes.string_at(cert.data, cert.size)
1650
1651
@staticmethod
1652
def fingerprint(openpgp):
1653
"Convert an OpenPGP bytestring to a hexdigit fingerprint"
1654
# New GnuTLS "datum" with the OpenPGP public key
1655
datum = (gnutls.library.types
1656
.gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
1657
ctypes.POINTER
1658
(ctypes.c_ubyte)),
1659
ctypes.c_uint(len(openpgp))))
1660
# New empty GnuTLS certificate
1661
crt = gnutls.library.types.gnutls_openpgp_crt_t()
1662
(gnutls.library.functions
1663
.gnutls_openpgp_crt_init(ctypes.byref(crt)))
1664
# Import the OpenPGP public key into the certificate
1665
(gnutls.library.functions
1666
.gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
1667
gnutls.library.constants
1668
.GNUTLS_OPENPGP_FMT_RAW))
1669
# Verify the self signature in the key
1670
crtverify = ctypes.c_uint()
1671
(gnutls.library.functions
1672
.gnutls_openpgp_crt_verify_self(crt, 0,
1673
ctypes.byref(crtverify)))
1674
if crtverify.value != 0:
1675
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1676
raise (gnutls.errors.CertificateSecurityError
1677
("Verify failed"))
1678
# New buffer for the fingerprint
1679
buf = ctypes.create_string_buffer(20)
1680
buf_len = ctypes.c_size_t()
1681
# Get the fingerprint from the certificate into the buffer
1682
(gnutls.library.functions
1683
.gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
1684
ctypes.byref(buf_len)))
1685
# Deinit the certificate
1686
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1687
# Convert the buffer to a Python bytestring
1688
fpr = ctypes.string_at(buf, buf_len.value)
1689
# Convert the bytestring to hexadecimal notation
1690
hex_fpr = binascii.hexlify(fpr).upper()
1691
return hex_fpr
1692
1693
1694
class MultiprocessingMixIn(object):
1695
"""Like socketserver.ThreadingMixIn, but with multiprocessing"""
1696
def sub_process_main(self, request, address):
1697
try:
1698
self.finish_request(request, address)
1699
except Exception:
1700
self.handle_error(request, address)
1701
self.close_request(request)
1702
1703
def process_request(self, request, address):
1704
"""Start a new process to process the request."""
1705
proc = multiprocessing.Process(target = self.sub_process_main,
1706
args = (request,
1707
address))
1708
proc.start()
1709
return proc
1710
1711
1712
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1713
""" adds a pipe to the MixIn """
1714
def process_request(self, request, client_address):
1715
"""Overrides and wraps the original process_request().
1716
1717
This function creates a new pipe in self.pipe
1718
"""
1719
parent_pipe, self.child_pipe = multiprocessing.Pipe()
1720
1721
proc = MultiprocessingMixIn.process_request(self, request,
1722
client_address)
1723
self.child_pipe.close()
1724
self.add_pipe(parent_pipe, proc)
1725
1726
def add_pipe(self, parent_pipe, proc):
1727
"""Dummy function; override as necessary"""
1728
raise NotImplementedError
1729
1730
1731
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
1732
socketserver.TCPServer, object):
1733
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
1734
310
logger.debug(u"TCP connection from: %s",
311
unicode(self.client_address))
312
session = gnutls.connection.ClientSession(self.request,
313
gnutls.connection.\
314
X509Credentials())
315
316
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
317
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
318
# "+DHE-DSS"))
319
priority = "SECURE256"
320
321
gnutls.library.functions.gnutls_priority_set_direct\
322
(session._c_object, priority, None);
323
324
try:
325
session.handshake()
326
except gnutls.errors.GNUTLSError, error:
327
logger.debug(u"Handshake failed: %s", error)
328
# Do not run session.bye() here: the session is not
329
# established. Just abandon the request.
330
return
331
try:
332
fpr = fingerprint(peer_certificate(session))
333
except (TypeError, gnutls.errors.GNUTLSError), error:
334
logger.debug(u"Bad certificate: %s", error)
335
session.bye()
336
return
337
logger.debug(u"Fingerprint: %s", fpr)
338
client = None
339
for c in clients:
340
if c.fingerprint == fpr:
341
client = c
342
break
343
# Have to check if client.still_valid(), since it is possible
344
# that the client timed out while establishing the GnuTLS
345
# session.
346
if (not client) or (not client.still_valid()):
347
if client:
348
logger.debug(u"Client %(name)s is invalid",
349
vars(client))
350
else:
351
logger.debug(u"Client not found for fingerprint: %s",
352
fpr)
353
session.bye()
354
return
355
sent_size = 0
356
while sent_size < len(client.secret):
357
sent = session.send(client.secret[sent_size:])
358
logger.debug(u"Sent: %d, remaining: %d",
359
sent, len(client.secret)
360
- (sent_size + sent))
361
sent_size += sent
362
session.bye()
363
364
365
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
366
"""IPv6 TCP server. Accepts 'None' as address and/or port.
1735
367
Attributes:
1736
enabled: Boolean; whether this server is activated yet
1737
interface: None or a network interface name (string)
1738
use_ipv6: Boolean; to use IPv6 or not
368
options: Command line options
369
clients: Set() of Client objects
1739
370
"""
1740
def __init__(self, server_address, RequestHandlerClass,
1741
interface=None, use_ipv6=True):
1742
self.interface = interface
1743
if use_ipv6:
1744
self.address_family = socket.AF_INET6
1745
socketserver.TCPServer.__init__(self, server_address,
1746
RequestHandlerClass)
371
address_family = socket.AF_INET6
372
def __init__(self, *args, **kwargs):
373
if "options" in kwargs:
374
self.options = kwargs["options"]
375
del kwargs["options"]
376
if "clients" in kwargs:
377
self.clients = kwargs["clients"]
378
del kwargs["clients"]
379
return super(type(self), self).__init__(*args, **kwargs)
1747
380
def server_bind(self):
1748
381
"""This overrides the normal server_bind() function
1749
382
to bind to an interface if one was specified, and also NOT to
1750
383
bind to an address or port if they were not specified."""
1751
if self.interface is not None:
1752
if SO_BINDTODEVICE is None:
1753
logger.error("SO_BINDTODEVICE does not exist;"
1754
" cannot bind to interface %s",
1755
self.interface)
1756
else:
1757
try:
1758
self.socket.setsockopt(socket.SOL_SOCKET,
1759
SO_BINDTODEVICE,
1760
str(self.interface
1761
+ '\0'))
1762
except socket.error as error:
1763
if error[0] == errno.EPERM:
1764
logger.error("No permission to"
1765
" bind to interface %s",
1766
self.interface)
1767
elif error[0] == errno.ENOPROTOOPT:
1768
logger.error("SO_BINDTODEVICE not available;"
1769
" cannot bind to interface %s",
1770
self.interface)
1771
else:
1772
raise
384
if self.options.interface:
385
if not hasattr(socket, "SO_BINDTODEVICE"):
386
# From /usr/include/asm-i486/socket.h
387
socket.SO_BINDTODEVICE = 25
388
try:
389
self.socket.setsockopt(socket.SOL_SOCKET,
390
socket.SO_BINDTODEVICE,
391
self.options.interface)
392
except socket.error, error:
393
if error[0] == errno.EPERM:
394
logger.warning(u"No permission to"
395
u" bind to interface %s",
396
self.options.interface)
397
else:
398
raise error
1773
399
# Only bind(2) the socket if we really need to.
1774
400
if self.server_address[0] or self.server_address[1]:
1775
401
if not self.server_address[0]:
1776
if self.address_family == socket.AF_INET6:
1777
any_address = "::" # in6addr_any
1778
else:
1779
any_address = socket.INADDR_ANY
1780
self.server_address = (any_address,
402
in6addr_any = "::"
403
self.server_address = (in6addr_any,
1781
404
self.server_address[1])
1782
elif not self.server_address[1]:
405
elif self.server_address[1] is None:
1783
406
self.server_address = (self.server_address[0],
1784
407
0)
1785
# if self.interface:
1786
# self.server_address = (self.server_address[0],
1787
# 0, # port
1788
# 0, # flowinfo
1789
# if_nametoindex
1790
# (self.interface))
1791
return socketserver.TCPServer.server_bind(self)
1792
1793
1794
class MandosServer(IPv6_TCPServer):
1795
"""Mandos server.
1796
1797
Attributes:
1798
clients: set of Client objects
1799
gnutls_priority GnuTLS priority string
1800
use_dbus: Boolean; to emit D-Bus signals or not
1801
1802
Assumes a gobject.MainLoop event loop.
1803
"""
1804
def __init__(self, server_address, RequestHandlerClass,
1805
interface=None, use_ipv6=True, clients=None,
1806
gnutls_priority=None, use_dbus=True):
1807
self.enabled = False
1808
self.clients = clients
1809
if self.clients is None:
1810
self.clients = {}
1811
self.use_dbus = use_dbus
1812
self.gnutls_priority = gnutls_priority
1813
IPv6_TCPServer.__init__(self, server_address,
1814
RequestHandlerClass,
1815
interface = interface,
1816
use_ipv6 = use_ipv6)
1817
def server_activate(self):
1818
if self.enabled:
1819
return socketserver.TCPServer.server_activate(self)
1820
1821
def enable(self):
1822
self.enabled = True
1823
1824
def add_pipe(self, parent_pipe, proc):
1825
# Call "handle_ipc" for both data and EOF events
1826
gobject.io_add_watch(parent_pipe.fileno(),
1827
gobject.IO_IN | gobject.IO_HUP,
1828
functools.partial(self.handle_ipc,
1829
parent_pipe =
1830
parent_pipe,
1831
proc = proc))
1832
1833
def handle_ipc(self, source, condition, parent_pipe=None,
1834
proc = None, client_object=None):
1835
condition_names = {
1836
gobject.IO_IN: "IN", # There is data to read.
1837
gobject.IO_OUT: "OUT", # Data can be written (without
1838
# blocking).
1839
gobject.IO_PRI: "PRI", # There is urgent data to read.
1840
gobject.IO_ERR: "ERR", # Error condition.
1841
gobject.IO_HUP: "HUP" # Hung up (the connection has been
1842
# broken, usually for pipes and
1843
# sockets).
1844
}
1845
conditions_string = ' | '.join(name
1846
for cond, name in
1847
condition_names.iteritems()
1848
if cond & condition)
1849
# error, or the other end of multiprocessing.Pipe has closed
1850
if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1851
# Wait for other process to exit
1852
proc.join()
1853
return False
1854
1855
# Read a request from the child
1856
request = parent_pipe.recv()
1857
command = request[0]
1858
1859
if command == 'init':
1860
fpr = request[1]
1861
address = request[2]
1862
1863
for c in self.clients.itervalues():
1864
if c.fingerprint == fpr:
1865
client = c
1866
break
1867
else:
1868
logger.info("Client not found for fingerprint: %s, ad"
1869
"dress: %s", fpr, address)
1870
if self.use_dbus:
1871
# Emit D-Bus signal
1872
mandos_dbus_service.ClientNotFound(fpr,
1873
address[0])
1874
parent_pipe.send(False)
1875
return False
1876
1877
gobject.io_add_watch(parent_pipe.fileno(),
1878
gobject.IO_IN | gobject.IO_HUP,
1879
functools.partial(self.handle_ipc,
1880
parent_pipe =
1881
parent_pipe,
1882
proc = proc,
1883
client_object =
1884
client))
1885
parent_pipe.send(True)
1886
# remove the old hook in favor of the new above hook on
1887
# same fileno
1888
return False
1889
if command == 'funcall':
1890
funcname = request[1]
1891
args = request[2]
1892
kwargs = request[3]
1893
1894
parent_pipe.send(('data', getattr(client_object,
1895
funcname)(*args,
1896
**kwargs)))
1897
1898
if command == 'getattr':
1899
attrname = request[1]
1900
if callable(client_object.__getattribute__(attrname)):
1901
parent_pipe.send(('function',))
1902
else:
1903
parent_pipe.send(('data', client_object
1904
.__getattribute__(attrname)))
1905
1906
if command == 'setattr':
1907
attrname = request[1]
1908
value = request[2]
1909
setattr(client_object, attrname, value)
1910
1911
return True
408
return super(type(self), self).server_bind()
1912
409
1913
410
1914
411
def string_to_delta(interval):
1915
412
"""Parse a string and return a datetime.timedelta
1916
413
1917
414
>>> string_to_delta('7d')
1918
415
datetime.timedelta(7)
1919
416
>>> string_to_delta('60s')
1922
419
datetime.timedelta(0, 3600)
1923
420
>>> string_to_delta('24h')
1924
421
datetime.timedelta(1)
1925
>>> string_to_delta('1w')
422
>>> string_to_delta(u'1w')
1926
423
datetime.timedelta(7)
1927
>>> string_to_delta('5m 30s')
1928
datetime.timedelta(0, 330)
1929
424
"""
1930
timevalue = datetime.timedelta(0)
1931
for s in interval.split():
1932
try:
1933
suffix = unicode(s[-1])
1934
value = int(s[:-1])
1935
if suffix == "d":
1936
delta = datetime.timedelta(value)
1937
elif suffix == "s":
1938
delta = datetime.timedelta(0, value)
1939
elif suffix == "m":
1940
delta = datetime.timedelta(0, 0, 0, 0, value)
1941
elif suffix == "h":
1942
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
1943
elif suffix == "w":
1944
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
1945
else:
1946
raise ValueError("Unknown suffix %r" % suffix)
1947
except (ValueError, IndexError) as e:
1948
raise ValueError(*(e.args))
1949
timevalue += delta
1950
return timevalue
1951
1952
1953
def daemon(nochdir = False, noclose = False):
1954
"""See daemon(3). Standard BSD Unix function.
1955
1956
This should really exist as os.daemon, but it doesn't (yet)."""
1957
if os.fork():
1958
sys.exit()
1959
os.setsid()
1960
if not nochdir:
1961
os.chdir("/")
1962
if os.fork():
1963
sys.exit()
1964
if not noclose:
1965
# Close all standard open file descriptors
1966
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1967
if not stat.S_ISCHR(os.fstat(null).st_mode):
1968
raise OSError(errno.ENODEV,
1969
"%s not a character device"
1970
% os.path.devnull)
1971
os.dup2(null, sys.stdin.fileno())
1972
os.dup2(null, sys.stdout.fileno())
1973
os.dup2(null, sys.stderr.fileno())
1974
if null > 2:
1975
os.close(null)
1976
1977
1978
def main():
1979
1980
##################################################################
1981
# Parsing of options, both command line and config file
1982
1983
parser = argparse.ArgumentParser()
1984
parser.add_argument("-v", "--version", action="version",
1985
version = "%%(prog)s %s" % version,
1986
help="show version number and exit")
1987
parser.add_argument("-i", "--interface", metavar="IF",
1988
help="Bind to interface IF")
1989
parser.add_argument("-a", "--address",
1990
help="Address to listen for requests on")
1991
parser.add_argument("-p", "--port", type=int,
1992
help="Port number to receive requests on")
1993
parser.add_argument("--check", action="store_true",
1994
help="Run self-test")
1995
parser.add_argument("--debug", action="store_true",
1996
help="Debug mode; run in foreground and log"
1997
" to terminal")
1998
parser.add_argument("--debuglevel", metavar="LEVEL",
1999
help="Debug level for stdout output")
2000
parser.add_argument("--priority", help="GnuTLS"
2001
" priority string (see GnuTLS documentation)")
2002
parser.add_argument("--servicename",
2003
metavar="NAME", help="Zeroconf service name")
2004
parser.add_argument("--configdir",
2005
default="/etc/mandos", metavar="DIR",
2006
help="Directory to search for configuration"
2007
" files")
2008
parser.add_argument("--no-dbus", action="store_false",
2009
dest="use_dbus", help="Do not provide D-Bus"
2010
" system bus interface")
2011
parser.add_argument("--no-ipv6", action="store_false",
2012
dest="use_ipv6", help="Do not use IPv6")
2013
parser.add_argument("--no-restore", action="store_false",
2014
dest="restore", help="Do not restore stored"
2015
" state")
2016
parser.add_argument("--statedir", metavar="DIR",
2017
help="Directory to save/restore state in")
2018
2019
options = parser.parse_args()
425
try:
426
suffix=unicode(interval[-1])
427
value=int(interval[:-1])
428
if suffix == u"d":
429
delta = datetime.timedelta(value)
430
elif suffix == u"s":
431
delta = datetime.timedelta(0, value)
432
elif suffix == u"m":
433
delta = datetime.timedelta(0, 0, 0, 0, value)
434
elif suffix == u"h":
435
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
436
elif suffix == u"w":
437
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
438
else:
439
raise ValueError
440
except (ValueError, IndexError):
441
raise ValueError
442
return delta
443
444
445
def add_service():
446
"""From the Avahi server example code"""
447
global group, serviceName, serviceType, servicePort, serviceTXT, \
448
domain, host
449
if group is None:
450
group = dbus.Interface(
451
bus.get_object( avahi.DBUS_NAME,
452
server.EntryGroupNew()),
453
avahi.DBUS_INTERFACE_ENTRY_GROUP)
454
group.connect_to_signal('StateChanged',
455
entry_group_state_changed)
456
logger.debug(u"Adding service '%s' of type '%s' ...",
457
serviceName, serviceType)
458
459
group.AddService(
460
serviceInterface, # interface
461
avahi.PROTO_INET6, # protocol
462
dbus.UInt32(0), # flags
463
serviceName, serviceType,
464
domain, host,
465
dbus.UInt16(servicePort),
466
avahi.string_array_to_txt_array(serviceTXT))
467
group.Commit()
468
469
470
def remove_service():
471
"""From the Avahi server example code"""
472
global group
473
474
if not group is None:
475
group.Reset()
476
477
478
def server_state_changed(state):
479
"""From the Avahi server example code"""
480
if state == avahi.SERVER_COLLISION:
481
logger.warning(u"Server name collision")
482
remove_service()
483
elif state == avahi.SERVER_RUNNING:
484
add_service()
485
486
487
def entry_group_state_changed(state, error):
488
"""From the Avahi server example code"""
489
global serviceName, server, rename_count
490
491
logger.debug(u"state change: %i", state)
492
493
if state == avahi.ENTRY_GROUP_ESTABLISHED:
494
logger.debug(u"Service established.")
495
elif state == avahi.ENTRY_GROUP_COLLISION:
496
497
rename_count = rename_count - 1
498
if rename_count > 0:
499
name = server.GetAlternativeServiceName(name)
500
logger.warning(u"Service name collision, "
501
u"changing name to '%s' ...", name)
502
remove_service()
503
add_service()
504
505
else:
506
logger.error(u"No suitable service name found "
507
u"after %i retries, exiting.",
508
n_rename)
509
main_loop.quit()
510
elif state == avahi.ENTRY_GROUP_FAILURE:
511
logger.error(u"Error in group state changed %s",
512
unicode(error))
513
main_loop.quit()
514
return
515
516
517
def if_nametoindex(interface):
518
"""Call the C function if_nametoindex()"""
519
try:
520
libc = ctypes.cdll.LoadLibrary("libc.so.6")
521
return libc.if_nametoindex(interface)
522
except (OSError, AttributeError):
523
if "struct" not in sys.modules:
524
import struct
525
if "fcntl" not in sys.modules:
526
import fcntl
527
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
528
s = socket.socket()
529
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
530
struct.pack("16s16x", interface))
531
s.close()
532
interface_index = struct.unpack("I", ifreq[16:20])[0]
533
return interface_index
534
535
536
if __name__ == '__main__':
537
parser = OptionParser()
538
parser.add_option("-i", "--interface", type="string",
539
default=None, metavar="IF",
540
help="Bind to interface IF")
541
parser.add_option("--cert", type="string", default="cert.pem",
542
metavar="FILE",
543
help="Public key certificate PEM file to use")
544
parser.add_option("--key", type="string", default="key.pem",
545
metavar="FILE",
546
help="Private key PEM file to use")
547
parser.add_option("--ca", type="string", default="ca.pem",
548
metavar="FILE",
549
help="Certificate Authority certificate PEM file to use")
550
parser.add_option("--crl", type="string", default="crl.pem",
551
metavar="FILE",
552
help="Certificate Revokation List PEM file to use")
553
parser.add_option("-p", "--port", type="int", default=None,
554
help="Port number to receive requests on")
555
parser.add_option("--timeout", type="string", # Parsed later
556
default="1h",
557
help="Amount of downtime allowed for clients")
558
parser.add_option("--interval", type="string", # Parsed later
559
default="5m",
560
help="How often to check that a client is up")
561
parser.add_option("--check", action="store_true", default=False,
562
help="Run self-test")
563
parser.add_option("--debug", action="store_true", default=False,
564
help="Debug mode")
565
(options, args) = parser.parse_args()
2020
566
2021
567
if options.check:
2022
568
import doctest
2023
569
doctest.testmod()
2024
570
sys.exit()
2025
571
2026
# Default values for config file for server-global settings
2027
server_defaults = { "interface": "",
2028
"address": "",
2029
"port": "",
2030
"debug": "False",
2031
"priority":
2032
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
2033
"servicename": "Mandos",
2034
"use_dbus": "True",
2035
"use_ipv6": "True",
2036
"debuglevel": "",
2037
"restore": "True",
2038
"statedir": "/var/lib/mandos"
2039
}
2040
2041
# Parse config file for server-global settings
2042
server_config = configparser.SafeConfigParser(server_defaults)
2043
del server_defaults
2044
server_config.read(os.path.join(options.configdir,
2045
"mandos.conf"))
2046
# Convert the SafeConfigParser object to a dict
2047
server_settings = server_config.defaults()
2048
# Use the appropriate methods on the non-string config options
2049
for option in ("debug", "use_dbus", "use_ipv6"):
2050
server_settings[option] = server_config.getboolean("DEFAULT",
2051
option)
2052
if server_settings["port"]:
2053
server_settings["port"] = server_config.getint("DEFAULT",
2054
"port")
2055
del server_config
2056
2057
# Override the settings from the config file with command line
2058
# options, if set.
2059
for option in ("interface", "address", "port", "debug",
2060
"priority", "servicename", "configdir",
2061
"use_dbus", "use_ipv6", "debuglevel", "restore",
2062
"statedir"):
2063
value = getattr(options, option)
2064
if value is not None:
2065
server_settings[option] = value
2066
del options
2067
# Force all strings to be unicode
2068
for option in server_settings.keys():
2069
if type(server_settings[option]) is str:
2070
server_settings[option] = unicode(server_settings[option])
2071
# Now we have our good server settings in "server_settings"
2072
2073
##################################################################
2074
2075
# For convenience
2076
debug = server_settings["debug"]
2077
debuglevel = server_settings["debuglevel"]
2078
use_dbus = server_settings["use_dbus"]
2079
use_ipv6 = server_settings["use_ipv6"]
2080
stored_state_path = os.path.join(server_settings["statedir"],
2081
stored_state_file)
2082
2083
if debug:
2084
initlogger(debug, logging.DEBUG)
2085
else:
2086
if not debuglevel:
2087
initlogger(debug)
2088
else:
2089
level = getattr(logging, debuglevel.upper())
2090
initlogger(debug, level)
2091
2092
if server_settings["servicename"] != "Mandos":
2093
syslogger.setFormatter(logging.Formatter
2094
('Mandos (%s) [%%(process)d]:'
2095
' %%(levelname)s: %%(message)s'
2096
% server_settings["servicename"]))
2097
2098
# Parse config file with clients
2099
client_config = configparser.SafeConfigParser(Client
2100
.client_defaults)
2101
client_config.read(os.path.join(server_settings["configdir"],
2102
"clients.conf"))
2103
2104
global mandos_dbus_service
2105
mandos_dbus_service = None
2106
2107
tcp_server = MandosServer((server_settings["address"],
2108
server_settings["port"]),
2109
ClientHandler,
2110
interface=(server_settings["interface"]
2111
or None),
2112
use_ipv6=use_ipv6,
2113
gnutls_priority=
2114
server_settings["priority"],
2115
use_dbus=use_dbus)
2116
if not debug:
2117
pidfilename = "/var/run/mandos.pid"
2118
try:
2119
pidfile = open(pidfilename, "w")
2120
except IOError:
2121
logger.error("Could not open file %r", pidfilename)
2122
2123
try:
2124
uid = pwd.getpwnam("_mandos").pw_uid
2125
gid = pwd.getpwnam("_mandos").pw_gid
2126
except KeyError:
2127
try:
2128
uid = pwd.getpwnam("mandos").pw_uid
2129
gid = pwd.getpwnam("mandos").pw_gid
2130
except KeyError:
2131
try:
2132
uid = pwd.getpwnam("nobody").pw_uid
2133
gid = pwd.getpwnam("nobody").pw_gid
2134
except KeyError:
2135
uid = 65534
2136
gid = 65534
2137
try:
2138
os.setgid(gid)
2139
os.setuid(uid)
2140
except OSError as error:
2141
if error[0] != errno.EPERM:
2142
raise error
2143
2144
if debug:
2145
# Enable all possible GnuTLS debugging
2146
2147
# "Use a log level over 10 to enable all debugging options."
2148
# - GnuTLS manual
2149
gnutls.library.functions.gnutls_global_set_log_level(11)
2150
2151
@gnutls.library.types.gnutls_log_func
2152
def debug_gnutls(level, string):
2153
logger.debug("GnuTLS: %s", string[:-1])
2154
2155
(gnutls.library.functions
2156
.gnutls_global_set_log_function(debug_gnutls))
2157
2158
# Redirect stdin so all checkers get /dev/null
2159
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
2160
os.dup2(null, sys.stdin.fileno())
2161
if null > 2:
2162
os.close(null)
2163
2164
# Need to fork before connecting to D-Bus
2165
if not debug:
2166
# Close all input and output, do double fork, etc.
2167
daemon()
2168
2169
gobject.threads_init()
2170
2171
global main_loop
2172
# From the Avahi example code
572
# Parse the time arguments
573
try:
574
options.timeout = string_to_delta(options.timeout)
575
except ValueError:
576
parser.error("option --timeout: Unparseable time")
577
try:
578
options.interval = string_to_delta(options.interval)
579
except ValueError:
580
parser.error("option --interval: Unparseable time")
581
582
# Parse config file
583
defaults = { "checker": "sleep 1; fping -q -- %%(fqdn)s" }
584
client_config = ConfigParser.SafeConfigParser(defaults)
585
#client_config.readfp(open("secrets.conf"), "secrets.conf")
586
client_config.read("mandos-clients.conf")
587
588
# From the Avahi server example code
2173
589
DBusGMainLoop(set_as_default=True )
2174
590
main_loop = gobject.MainLoop()
2175
591
bus = dbus.SystemBus()
2176
# End of Avahi example code
2177
if use_dbus:
2178
try:
2179
bus_name = dbus.service.BusName("se.recompile.Mandos",
2180
bus, do_not_queue=True)
2181
old_bus_name = (dbus.service.BusName
2182
("se.bsnet.fukt.Mandos", bus,
2183
do_not_queue=True))
2184
except dbus.exceptions.NameExistsException as e:
2185
logger.error(unicode(e) + ", disabling D-Bus")
2186
use_dbus = False
2187
server_settings["use_dbus"] = False
2188
tcp_server.use_dbus = False
2189
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
2190
service = AvahiServiceToSyslog(name =
2191
server_settings["servicename"],
2192
servicetype = "_mandos._tcp",
2193
protocol = protocol, bus = bus)
2194
if server_settings["interface"]:
2195
service.interface = (if_nametoindex
2196
(str(server_settings["interface"])))
2197
2198
global multiprocessing_manager
2199
multiprocessing_manager = multiprocessing.Manager()
2200
2201
client_class = Client
2202
if use_dbus:
2203
client_class = functools.partial(ClientDBusTransitional,
2204
bus = bus)
2205
2206
client_settings = Client.config_parser(client_config)
2207
old_client_settings = {}
2208
clients_data = {}
2209
2210
# Get client data and settings from last running state.
2211
if server_settings["restore"]:
2212
try:
2213
with open(stored_state_path, "rb") as stored_state:
2214
clients_data, old_client_settings = (pickle.load
2215
(stored_state))
2216
os.remove(stored_state_path)
2217
except IOError as e:
2218
logger.warning("Could not load persistent state: {0}"
2219
.format(e))
2220
if e.errno != errno.ENOENT:
2221
raise
2222
except EOFError as e:
2223
logger.warning("Could not load persistent state: "
2224
"EOFError: {0}".format(e))
2225
2226
with PGPEngine() as pgp:
2227
for client_name, client in clients_data.iteritems():
2228
# Decide which value to use after restoring saved state.
2229
# We have three different values: Old config file,
2230
# new config file, and saved state.
2231
# New config value takes precedence if it differs from old
2232
# config value, otherwise use saved state.
2233
for name, value in client_settings[client_name].items():
2234
try:
2235
# For each value in new config, check if it
2236
# differs from the old config value (Except for
2237
# the "secret" attribute)
2238
if (name != "secret" and
2239
value != old_client_settings[client_name]
2240
[name]):
2241
client[name] = value
2242
except KeyError:
2243
pass
2244
2245
# Clients who has passed its expire date can still be
2246
# enabled if its last checker was successful. Clients
2247
# whose checker succeeded before we stored its state is
2248
# assumed to have successfully run all checkers during
2249
# downtime.
2250
if client["enabled"]:
2251
if datetime.datetime.utcnow() >= client["expires"]:
2252
if not client["last_checked_ok"]:
2253
logger.warning(
2254
"disabling client {0} - Client never "
2255
"performed a successful checker"
2256
.format(client_name))
2257
client["enabled"] = False
2258
elif client["last_checker_status"] != 0:
2259
logger.warning(
2260
"disabling client {0} - Client "
2261
"last checker failed with error code {1}"
2262
.format(client_name,
2263
client["last_checker_status"]))
2264
client["enabled"] = False
2265
else:
2266
client["expires"] = (datetime.datetime
2267
.utcnow()
2268
+ client["timeout"])
2269
logger.debug("Last checker succeeded,"
2270
" keeping {0} enabled"
2271
.format(client_name))
2272
try:
2273
client["secret"] = (
2274
pgp.decrypt(client["encrypted_secret"],
2275
client_settings[client_name]
2276
["secret"]))
2277
except PGPError:
2278
# If decryption fails, we use secret from new settings
2279
logger.debug("Failed to decrypt {0} old secret"
2280
.format(client_name))
2281
client["secret"] = (
2282
client_settings[client_name]["secret"])
2283
2284
2285
# Add/remove clients based on new changes made to config
2286
for client_name in (set(old_client_settings)
2287
- set(client_settings)):
2288
del clients_data[client_name]
2289
for client_name in (set(client_settings)
2290
- set(old_client_settings)):
2291
clients_data[client_name] = client_settings[client_name]
2292
2293
# Create all client objects
2294
for client_name, client in clients_data.iteritems():
2295
tcp_server.clients[client_name] = client_class(
2296
name = client_name, settings = client)
2297
2298
if not tcp_server.clients:
2299
logger.warning("No clients defined")
2300
2301
if not debug:
2302
try:
2303
with pidfile:
2304
pid = os.getpid()
2305
pidfile.write(str(pid) + "\n".encode("utf-8"))
2306
del pidfile
2307
except IOError:
2308
logger.error("Could not write to file %r with PID %d",
2309
pidfilename, pid)
2310
except NameError:
2311
# "pidfile" was never created
2312
pass
2313
del pidfilename
2314
signal.signal(signal.SIGINT, signal.SIG_IGN)
2315
2316
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
2317
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
2318
2319
if use_dbus:
2320
class MandosDBusService(dbus.service.Object):
2321
"""A D-Bus proxy object"""
2322
def __init__(self):
2323
dbus.service.Object.__init__(self, bus, "/")
2324
_interface = "se.recompile.Mandos"
2325
2326
@dbus.service.signal(_interface, signature="o")
2327
def ClientAdded(self, objpath):
2328
"D-Bus signal"
2329
pass
2330
2331
@dbus.service.signal(_interface, signature="ss")
2332
def ClientNotFound(self, fingerprint, address):
2333
"D-Bus signal"
2334
pass
2335
2336
@dbus.service.signal(_interface, signature="os")
2337
def ClientRemoved(self, objpath, name):
2338
"D-Bus signal"
2339
pass
2340
2341
@dbus.service.method(_interface, out_signature="ao")
2342
def GetAllClients(self):
2343
"D-Bus method"
2344
return dbus.Array(c.dbus_object_path
2345
for c in
2346
tcp_server.clients.itervalues())
2347
2348
@dbus.service.method(_interface,
2349
out_signature="a{oa{sv}}")
2350
def GetAllClientsWithProperties(self):
2351
"D-Bus method"
2352
return dbus.Dictionary(
2353
((c.dbus_object_path, c.GetAll(""))
2354
for c in tcp_server.clients.itervalues()),
2355
signature="oa{sv}")
2356
2357
@dbus.service.method(_interface, in_signature="o")
2358
def RemoveClient(self, object_path):
2359
"D-Bus method"
2360
for c in tcp_server.clients.itervalues():
2361
if c.dbus_object_path == object_path:
2362
del tcp_server.clients[c.name]
2363
c.remove_from_connection()
2364
# Don't signal anything except ClientRemoved
2365
c.disable(quiet=True)
2366
# Emit D-Bus signal
2367
self.ClientRemoved(object_path, c.name)
2368
return
2369
raise KeyError(object_path)
2370
2371
del _interface
2372
2373
class MandosDBusServiceTransitional(MandosDBusService):
2374
__metaclass__ = AlternateDBusNamesMetaclass
2375
mandos_dbus_service = MandosDBusServiceTransitional()
2376
2377
def cleanup():
2378
"Cleanup function; run on exit"
2379
service.cleanup()
2380
2381
multiprocessing.active_children()
2382
if not (tcp_server.clients or client_settings):
2383
return
2384
2385
# Store client before exiting. Secrets are encrypted with key
2386
# based on what config file has. If config file is
2387
# removed/edited, old secret will thus be unrecovable.
2388
clients = {}
2389
with PGPEngine() as pgp:
2390
for client in tcp_server.clients.itervalues():
2391
key = client_settings[client.name]["secret"]
2392
client.encrypted_secret = pgp.encrypt(client.secret,
2393
key)
2394
client_dict = {}
2395
2396
# A list of attributes that can not be pickled
2397
# + secret.
2398
exclude = set(("bus", "changedstate", "secret",
2399
"checker"))
2400
for name, typ in (inspect.getmembers
2401
(dbus.service.Object)):
2402
exclude.add(name)
2403
2404
client_dict["encrypted_secret"] = (client
2405
.encrypted_secret)
2406
for attr in client.client_structure:
2407
if attr not in exclude:
2408
client_dict[attr] = getattr(client, attr)
2409
2410
clients[client.name] = client_dict
2411
del client_settings[client.name]["secret"]
2412
2413
try:
2414
tempfd, tempname = tempfile.mkstemp(suffix=".pickle",
2415
prefix="clients-",
2416
dir=os.path.dirname
2417
(stored_state_path))
2418
with os.fdopen(tempfd, "wb") as stored_state:
2419
pickle.dump((clients, client_settings), stored_state)
2420
os.rename(tempname, stored_state_path)
2421
except (IOError, OSError) as e:
2422
logger.warning("Could not save persistent state: {0}"
2423
.format(e))
2424
if not debug:
2425
try:
2426
os.remove(tempname)
2427
except NameError:
2428
pass
2429
if e.errno not in set((errno.ENOENT, errno.EACCES,
2430
errno.EEXIST)):
2431
raise e
2432
2433
# Delete all clients, and settings from config
2434
while tcp_server.clients:
2435
name, client = tcp_server.clients.popitem()
2436
if use_dbus:
2437
client.remove_from_connection()
2438
# Don't signal anything except ClientRemoved
2439
client.disable(quiet=True)
2440
if use_dbus:
2441
# Emit D-Bus signal
2442
mandos_dbus_service.ClientRemoved(client
2443
.dbus_object_path,
2444
client.name)
2445
client_settings.clear()
2446
2447
atexit.register(cleanup)
2448
2449
for client in tcp_server.clients.itervalues():
2450
if use_dbus:
2451
# Emit D-Bus signal
2452
mandos_dbus_service.ClientAdded(client.dbus_object_path)
2453
# Need to initiate checking of clients
2454
if client.enabled:
2455
client.init_checker()
2456
2457
tcp_server.enable()
2458
tcp_server.server_activate()
2459
2460
# Find out what port we got
2461
service.port = tcp_server.socket.getsockname()[1]
2462
if use_ipv6:
2463
logger.info("Now listening on address %r, port %d,"
2464
" flowinfo %d, scope_id %d"
2465
% tcp_server.socket.getsockname())
2466
else: # IPv4
2467
logger.info("Now listening on address %r, port %d"
2468
% tcp_server.socket.getsockname())
2469
2470
#service.interface = tcp_server.socket.getsockname()[3]
2471
592
server = dbus.Interface(
593
bus.get_object( avahi.DBUS_NAME, avahi.DBUS_PATH_SERVER ),
594
avahi.DBUS_INTERFACE_SERVER )
595
# End of Avahi example code
596
597
debug = options.debug
598
599
clients = Set()
600
def remove_from_clients(client):
601
clients.remove(client)
602
if not clients:
603
logger.debug(u"No clients left, exiting")
604
main_loop.quit()
605
606
clients.update(Set(Client(name=section, options=options,
607
stop_hook = remove_from_clients,
608
**(dict(client_config\
609
.items(section))))
610
for section in client_config.sections()))
611
for client in clients:
612
client.start()
613
614
tcp_server = IPv6_TCPServer((None, options.port),
615
tcp_handler,
616
options=options,
617
clients=clients)
618
# Find out what random port we got
619
servicePort = tcp_server.socket.getsockname()[1]
620
logger.debug(u"Now listening on port %d", servicePort)
621
622
if options.interface is not None:
623
serviceInterface = if_nametoindex(options.interface)
624
625
# From the Avahi server example code
626
server.connect_to_signal("StateChanged", server_state_changed)
627
server_state_changed(server.GetState())
628
# End of Avahi example code
629
630
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
631
lambda *args, **kwargs:
632
tcp_server.handle_request(*args[2:],
633
**kwargs) or True)
2472
634
try:
2473
# From the Avahi example code
2474
try:
2475
service.activate()
2476
except dbus.exceptions.DBusException as error:
2477
logger.critical("DBusException: %s", error)
2478
cleanup()
2479
sys.exit(1)
2480
# End of Avahi example code
2481
2482
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
2483
lambda *args, **kwargs:
2484
(tcp_server.handle_request
2485
(*args[2:], **kwargs) or True))
2486
2487
logger.debug("Starting main loop")
2488
635
main_loop.run()
2489
except AvahiError as error:
2490
logger.critical("AvahiError: %s", error)
2491
cleanup()
2492
sys.exit(1)
2493
636
except KeyboardInterrupt:
2494
if debug:
2495
print("", file=sys.stderr)
2496
logger.debug("Server received KeyboardInterrupt")
2497
logger.debug("Server exiting")
2498
# Must run before the D-Bus bus name gets deregistered
2499
cleanup()
637
print
638
639
# Cleanup here
2500
640
2501
if __name__ == '__main__':
2502
main()
641
# From the Avahi server example code
642
if not group is None:
643
group.Free()
644
# End of Avahi example code
645
646
for client in clients:
647
client.stop_hook = None
648
client.stop()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0