1
#!/usr/bin/python3 -bbI
2
2
# -*- mode: python; coding: utf-8 -*-
4
4
# Mandos Monitor - Control and monitor the Mandos server
6
# Copyright © 2009-2015 Teddy Hogeborn
7
# Copyright © 2009-2015 Björn Påhlsson
9
# This program is free software: you can redistribute it and/or modify
10
# it under the terms of the GNU General Public License as published by
6
# Copyright © 2009-2019 Teddy Hogeborn
7
# Copyright © 2009-2019 Björn Påhlsson
9
# This file is part of Mandos.
11
# Mandos is free software: you can redistribute it and/or modify it
12
# under the terms of the GNU General Public License as published by
11
13
# the Free Software Foundation, either version 3 of the License, or
12
14
# (at your option) any later version.
14
# This program is distributed in the hope that it will be useful,
15
# but WITHOUT ANY WARRANTY; without even the implied warranty of
16
# Mandos is distributed in the hope that it will be useful, but
17
# WITHOUT ANY WARRANTY; without even the implied warranty of
16
18
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17
19
# GNU General Public License for more details.
19
21
# You should have received a copy of the GNU General Public License
20
# along with this program. If not, see
21
# <http://www.gnu.org/licenses/>.
22
# along with Mandos. If not, see <http://www.gnu.org/licenses/>.
23
24
# Contact the authors at <mandos@recompile.se>.
26
26
from __future__ import (division, absolute_import, print_function,
29
30
from future_builtins import *
30
31
except ImportError:
38
41
import urwid.curses_display
41
44
from dbus.mainloop.glib import DBusGMainLoop
45
from gi.repository import GObject as gobject
45
from gi.repository import GLib
51
49
if sys.version_info.major == 2:
54
locale.setlocale(locale.LC_ALL, '')
57
logging.getLogger('dbus.proxies').setLevel(logging.CRITICAL)
54
# Show warnings by default
55
if not sys.warnoptions:
56
warnings.simplefilter("default")
58
log = logging.getLogger(os.path.basename(sys.argv[0]))
59
logging.basicConfig(level="NOTSET", # Show all messages
60
format="%(message)s") # Show basic log messages
62
logging.captureWarnings(True) # Show warnings via the logging system
64
locale.setlocale(locale.LC_ALL, "")
66
logging.getLogger("dbus.proxies").setLevel(logging.CRITICAL)
59
68
# Some useful constants
60
domain = 'se.recompile'
61
server_interface = domain + '.Mandos'
62
client_interface = domain + '.Mandos.Client'
69
domain = "se.recompile"
70
server_interface = domain + ".Mandos"
71
client_interface = domain + ".Mandos.Client"
75
dbus.OBJECT_MANAGER_IFACE
76
except AttributeError:
77
dbus.OBJECT_MANAGER_IFACE = "org.freedesktop.DBus.ObjectManager"
65
80
def isoformat_to_datetime(iso):
66
81
"Parse an ISO 8601 date string to a datetime.datetime()"
78
int(second), # Whole seconds
79
int(fraction*1000000)) # Microseconds
81
class MandosClientPropertyCache(object):
93
int(second), # Whole seconds
94
int(fraction*1000000)) # Microseconds
97
class MandosClientPropertyCache:
82
98
"""This wraps a Mandos Client D-Bus proxy object, caches the
83
99
properties and calls a hook function when any of them are
86
102
def __init__(self, proxy_object=None, properties=None, **kwargs):
87
self.proxy = proxy_object # Mandos Client proxy object
103
self.proxy = proxy_object # Mandos Client proxy object
88
104
self.properties = dict() if properties is None else properties
89
105
self.property_changed_match = (
90
106
self.proxy.connect_to_signal("PropertiesChanged",
91
107
self.properties_changed,
92
108
dbus.PROPERTIES_IFACE,
93
109
byte_arrays=True))
95
111
if properties is None:
96
self.properties.update(
97
self.proxy.GetAll(client_interface,
99
= dbus.PROPERTIES_IFACE))
112
self.properties.update(self.proxy.GetAll(
114
dbus_interface=dbus.PROPERTIES_IFACE))
101
116
super(MandosClientPropertyCache, self).__init__(**kwargs)
103
118
def properties_changed(self, interface, properties, invalidated):
104
119
"""This is called whenever we get a PropertiesChanged signal
105
120
It updates the changed properties in the "properties" dict.
107
122
# Update properties dict with new value
108
self.properties.update(properties)
123
if interface == client_interface:
124
self.properties.update(properties)
110
126
def delete(self):
111
127
self.property_changed_match.remove()
158
172
client_interface,
159
173
byte_arrays=True))
160
self.logger('Created client {}'
161
.format(self.properties["Name"]), level=0)
174
log.debug("Created client %s", self.properties["Name"])
163
176
def using_timer(self, flag):
164
177
"""Call this method with True or False when timer should be
165
178
activated or deactivated.
167
180
if flag and self._update_timer_callback_tag is None:
168
181
# Will update the shown timer value every second
169
self._update_timer_callback_tag = (gobject.timeout_add
182
self._update_timer_callback_tag = (
183
GLib.timeout_add(1000,
184
glib_safely(self.update_timer)))
172
185
elif not (flag or self._update_timer_callback_tag is None):
173
gobject.source_remove(self._update_timer_callback_tag)
186
GLib.source_remove(self._update_timer_callback_tag)
174
187
self._update_timer_callback_tag = None
176
def checker_completed(self, exitstatus, signal, command):
189
def checker_completed(self, exitstatus, condition, command):
177
190
if exitstatus == 0:
178
self.logger('Checker for client {} (command "{}")'
179
' succeeded'.format(self.properties["Name"],
191
log.debug('Checker for client %s (command "%s")'
192
" succeeded", self.properties["Name"], command)
185
self.logger('Checker for client {} (command "{}") failed'
187
.format(self.properties["Name"], command,
190
self.logger('Checker for client {} (command "{}") was'
191
' killed by signal {}'
192
.format(self.properties["Name"], command,
195
self.logger('Checker for client {} completed'
197
.format(self.properties["Name"]))
196
if os.WIFEXITED(condition):
197
log.info('Checker for client %s (command "%s") failed'
198
" with exit code %d", self.properties["Name"],
199
command, os.WEXITSTATUS(condition))
200
elif os.WIFSIGNALED(condition):
201
log.info('Checker for client %s (command "%s") was'
202
" killed by signal %d", self.properties["Name"],
203
command, os.WTERMSIG(condition))
200
206
def checker_started(self, command):
201
207
"""Server signals that a checker started."""
202
self.logger('Client {} started checker "{}"'
203
.format(self.properties["Name"],
208
log.debug('Client %s started checker "%s"',
209
self.properties["Name"], command)
206
211
def got_secret(self):
207
self.logger('Client {} received its secret'
208
.format(self.properties["Name"]))
212
log.info("Client %s received its secret",
213
self.properties["Name"])
210
215
def need_approval(self, timeout, default):
212
message = 'Client {} needs approval within {} seconds'
217
message = "Client %s needs approval within %f seconds"
214
message = 'Client {} will get its secret in {} seconds'
215
self.logger(message.format(self.properties["Name"],
219
message = "Client %s will get its secret in %f seconds"
220
log.info(message, self.properties["Name"], timeout/1000)
218
222
def rejected(self, reason):
219
self.logger('Client {} was rejected; reason: {}'
220
.format(self.properties["Name"], reason))
223
log.info("Client %s was rejected; reason: %s",
224
self.properties["Name"], reason)
222
226
def selectable(self):
223
227
"""Make this a "selectable" widget.
224
228
This overrides the method from urwid.FlowWidget."""
227
231
def rows(self, maxcolrow, focus=False):
228
232
"""How many rows this widget will occupy might depend on
229
233
whether we have focus or not.
230
234
This overrides the method from urwid.FlowWidget"""
231
235
return self.current_widget(focus).rows(maxcolrow, focus=focus)
233
237
def current_widget(self, focus=False):
234
238
if focus or self.opened:
235
239
return self._focus_widget
236
240
return self._widget
238
242
def update(self):
239
243
"Called when what is visible on the screen should be updated."
240
244
# How to add standout mode to a style
241
with_standout = { "normal": "standout",
242
"bold": "bold-standout",
244
"underline-blink-standout",
245
"bold-underline-blink":
246
"bold-underline-blink-standout",
245
with_standout = {"normal": "standout",
246
"bold": "bold-standout",
248
"underline-blink-standout",
249
"bold-underline-blink":
250
"bold-underline-blink-standout",
249
253
# Rebuild focus and non-focus widgets using current properties
251
255
# Base part of a client. Name!
252
base = '{name}: '.format(name=self.properties["Name"])
256
base = "{name}: ".format(name=self.properties["Name"])
253
257
if not self.properties["Enabled"]:
254
258
message = "DISABLED"
255
259
self.using_timer(False)
256
260
elif self.properties["ApprovalPending"]:
257
timeout = datetime.timedelta(milliseconds
261
timeout = datetime.timedelta(
262
milliseconds=self.properties["ApprovalDelay"])
260
263
last_approval_request = isoformat_to_datetime(
261
264
self.properties["LastApprovalRequest"])
262
265
if last_approval_request is not None:
322
326
if self.delete_hook is not None:
323
327
self.delete_hook(self)
324
328
return super(MandosClientWidget, self).delete(**kwargs)
326
330
def render(self, maxcolrow, focus=False):
327
331
"""Render differently if we have focus.
328
332
This overrides the method from urwid.FlowWidget"""
329
333
return self.current_widget(focus).render(maxcolrow,
332
336
def keypress(self, maxcolrow, key):
334
338
This overrides the method from urwid.FlowWidget"""
336
340
self.proxy.Set(client_interface, "Enabled",
337
dbus.Boolean(True), ignore_reply = True,
338
dbus_interface = dbus.PROPERTIES_IFACE)
341
dbus.Boolean(True), ignore_reply=True,
342
dbus_interface=dbus.PROPERTIES_IFACE)
340
344
self.proxy.Set(client_interface, "Enabled", False,
342
dbus_interface = dbus.PROPERTIES_IFACE)
346
dbus_interface=dbus.PROPERTIES_IFACE)
344
348
self.proxy.Approve(dbus.Boolean(True, variant_level=1),
345
dbus_interface = client_interface,
349
dbus_interface=client_interface,
346
350
ignore_reply=True)
348
352
self.proxy.Approve(dbus.Boolean(False, variant_level=1),
349
dbus_interface = client_interface,
353
dbus_interface=client_interface,
350
354
ignore_reply=True)
351
355
elif key == "R" or key == "_" or key == "ctrl k":
352
356
self.server_proxy_object.RemoveClient(self.proxy
354
358
ignore_reply=True)
356
360
self.proxy.Set(client_interface, "CheckerRunning",
357
dbus.Boolean(True), ignore_reply = True,
358
dbus_interface = dbus.PROPERTIES_IFACE)
361
dbus.Boolean(True), ignore_reply=True,
362
dbus_interface=dbus.PROPERTIES_IFACE)
360
364
self.proxy.Set(client_interface, "CheckerRunning",
361
dbus.Boolean(False), ignore_reply = True,
362
dbus_interface = dbus.PROPERTIES_IFACE)
365
dbus.Boolean(False), ignore_reply=True,
366
dbus_interface=dbus.PROPERTIES_IFACE)
364
self.proxy.CheckedOK(dbus_interface = client_interface,
368
self.proxy.CheckedOK(dbus_interface=client_interface,
365
369
ignore_reply=True)
367
371
# elif key == "p" or key == "=":
392
def glib_safely(func, retval=True):
393
def safe_func(*args, **kwargs):
395
return func(*args, **kwargs)
388
402
class ConstrainedListBox(urwid.ListBox):
389
403
"""Like a normal urwid.ListBox, but will consume all "up" or
390
404
"down" key presses, thus not allowing any containing widgets to
391
405
use them as an excuse to shift focus away from this widget.
393
407
def keypress(self, *args, **kwargs):
394
ret = super(ConstrainedListBox, self).keypress(*args, **kwargs)
408
ret = (super(ConstrainedListBox, self)
409
.keypress(*args, **kwargs))
395
410
if ret in ("up", "down"):
400
class UserInterface(object):
401
416
"""This is the entire user interface - the whole screen
402
417
with boxes, lists of client widgets, etc.
404
def __init__(self, max_log_length=1000, log_level=1):
419
def __init__(self, max_log_length=1000):
405
420
DBusGMainLoop(set_as_default=True)
407
422
self.screen = urwid.curses_display.Screen()
409
424
self.screen.register_palette((
411
426
"default", "default", None),
426
442
"bold,underline,blink,standout", "default",
427
443
"bold,underline,blink,standout"),
430
446
if urwid.supports_unicode():
431
self.divider = "─" # \u2500
432
#self.divider = "━" # \u2501
447
self.divider = "─" # \u2500
434
#self.divider = "-" # \u002d
435
self.divider = "_" # \u005f
449
self.divider = "_" # \u005f
437
451
self.screen.start()
439
453
self.size = self.screen.get_cols_rows()
441
455
self.clients = urwid.SimpleListWalker([])
442
456
self.clients_dict = {}
444
458
# We will add Text widgets to this list
459
self.log = urwid.SimpleListWalker([])
446
460
self.max_log_length = max_log_length
448
self.log_level = log_level
450
462
# We keep a reference to the log widget so we can remove it
451
463
# from the ListWalker without it getting destroyed
452
464
self.logbox = ConstrainedListBox(self.log)
454
466
# This keeps track of whether self.uilist currently has
455
467
# self.logbox in it or not
456
468
self.log_visible = True
457
469
self.log_wrap = "any"
471
self.loghandler = UILogHandler(self)
460
self.log_message_raw(("bold",
461
"Mandos Monitor version " + version))
462
self.log_message_raw(("bold",
465
self.busname = domain + '.Mandos'
466
self.main_loop = gobject.MainLoop()
468
def client_not_found(self, fingerprint, address):
469
self.log_message("Client with address {} and fingerprint {}"
470
" could not be found"
471
.format(address, fingerprint))
474
self.add_log_line(("bold",
475
"Mandos Monitor version " + version))
476
self.add_log_line(("bold", "q: Quit ?: Help"))
478
self.busname = domain + ".Mandos"
479
self.main_loop = GLib.MainLoop()
481
def client_not_found(self, key_id, address):
482
log.info("Client with address %s and key ID %s could"
483
" not be found", address, key_id)
473
485
def rebuild(self):
474
486
"""This rebuilds the User Interface.
475
487
Call this when the widget layout needs to change"""
477
#self.uilist.append(urwid.ListBox(self.clients))
489
# self.uilist.append(urwid.ListBox(self.clients))
478
490
self.uilist.append(urwid.Frame(ConstrainedListBox(self.
480
#header=urwid.Divider(),
492
# header=urwid.Divider(),
483
urwid.Divider(div_char=
494
footer=urwid.Divider(
495
div_char=self.divider)))
485
496
if self.log_visible:
486
497
self.uilist.append(self.logbox)
487
498
self.topwidget = urwid.Pile(self.uilist)
489
def log_message(self, message, level=1):
490
"""Log message formatted with timestamp"""
491
if level < self.log_level:
493
timestamp = datetime.datetime.now().isoformat()
494
self.log_message_raw("{}: {}".format(timestamp, message),
497
def log_message_raw(self, markup, level=1):
498
"""Add a log message to the log buffer."""
499
if level < self.log_level:
500
def add_log_line(self, markup):
501
501
self.log.append(urwid.Text(markup, wrap=self.log_wrap))
502
if (self.max_log_length
503
and len(self.log) > self.max_log_length):
504
del self.log[0:len(self.log)-self.max_log_length-1]
505
self.logbox.set_focus(len(self.logbox.body.contents),
502
if self.max_log_length:
503
if len(self.log) > self.max_log_length:
504
del self.log[0:(len(self.log) - self.max_log_length)]
505
self.logbox.set_focus(len(self.logbox.body.contents)-1,
506
506
coming_from="above")
509
509
def toggle_log_display(self):
510
510
"""Toggle visibility of the log buffer."""
511
511
self.log_visible = not self.log_visible
513
self.log_message("Log visibility changed to: {}"
514
.format(self.log_visible), level=0)
513
log.debug("Log visibility changed to: %s", self.log_visible)
516
515
def change_log_display(self):
517
516
"""Change type of log display.
518
517
Currently, this toggles wrapping of text lines."""
522
521
self.log_wrap = "clip"
523
522
for textwidget in self.log:
524
523
textwidget.set_wrap_mode(self.log_wrap)
525
self.log_message("Wrap mode: {}".format(self.log_wrap),
528
def find_and_remove_client(self, path, name):
524
log.debug("Wrap mode: %s", self.log_wrap)
526
def find_and_remove_client(self, path, interfaces):
529
527
"""Find a client by its object path and remove it.
531
This is connected to the ClientRemoved signal from the
529
This is connected to the InterfacesRemoved signal from the
532
530
Mandos server object."""
531
if client_interface not in interfaces:
532
# Not a Mandos client object; ignore
534
535
client = self.clients_dict[path]
537
self.log_message("Unknown client {!r} ({!r}) removed"
538
log.warning("Unknown client %s removed", path)
542
def add_new_client(self, path):
542
def add_new_client(self, path, ifs_and_props):
543
"""Find a client by its object path and remove it.
545
This is connected to the InterfacesAdded signal from the
546
Mandos server object.
548
if client_interface not in ifs_and_props:
549
# Not a Mandos client object; ignore
543
551
client_proxy_object = self.bus.get_object(self.busname, path)
544
self.add_client(MandosClientWidget(server_proxy_object
547
=client_proxy_object,
552
self.add_client(MandosClientWidget(
553
server_proxy_object=self.mandos_serv,
554
proxy_object=client_proxy_object,
555
update_hook=self.refresh,
556
delete_hook=self.remove_client,
557
properties=dict(ifs_and_props[client_interface])),
556
560
def add_client(self, client, path=None):
557
561
self.clients.append(client)
560
564
self.clients_dict[path] = client
561
565
self.clients.sort(key=lambda c: c.properties["Name"])
564
568
def remove_client(self, client, path=None):
565
569
self.clients.remove(client)
567
571
path = client.proxy.object_path
568
572
del self.clients_dict[path]
571
575
def refresh(self):
572
576
"""Redraw the screen"""
573
577
canvas = self.topwidget.render(self.size, focus=True)
574
578
self.screen.draw_screen(self.size, canvas)
577
581
"""Start the main loop and exit when it's done."""
582
log.addHandler(self.loghandler)
583
self.orig_log_propagate = log.propagate
584
log.propagate = False
585
self.orig_log_level = log.level
578
587
self.bus = dbus.SystemBus()
579
588
mandos_dbus_objc = self.bus.get_object(
580
589
self.busname, "/", follow_name_owner_changes=True)
581
self.mandos_serv = dbus.Interface(mandos_dbus_objc,
590
self.mandos_serv = dbus.Interface(
591
mandos_dbus_objc, dbus_interface=server_interface)
585
593
mandos_clients = (self.mandos_serv
586
594
.GetAllClientsWithProperties())
587
595
if not mandos_clients:
588
self.log_message_raw(("bold", "Note: Server has no clients."))
596
log.warning("Note: Server has no clients.")
589
597
except dbus.exceptions.DBusException:
590
self.log_message_raw(("bold", "Note: No Mandos server running."))
598
log.warning("Note: No Mandos server running.")
591
599
mandos_clients = dbus.Dictionary()
593
601
(self.mandos_serv
594
.connect_to_signal("ClientRemoved",
602
.connect_to_signal("InterfacesRemoved",
595
603
self.find_and_remove_client,
596
dbus_interface=server_interface,
604
dbus_interface=dbus.OBJECT_MANAGER_IFACE,
597
605
byte_arrays=True))
598
606
(self.mandos_serv
599
.connect_to_signal("ClientAdded",
607
.connect_to_signal("InterfacesAdded",
600
608
self.add_new_client,
601
dbus_interface=server_interface,
609
dbus_interface=dbus.OBJECT_MANAGER_IFACE,
602
610
byte_arrays=True))
603
611
(self.mandos_serv
604
612
.connect_to_signal("ClientNotFound",
608
616
for path, client in mandos_clients.items():
609
617
client_proxy_object = self.bus.get_object(self.busname,
611
self.add_client(MandosClientWidget(server_proxy_object
614
=client_proxy_object,
619
self.add_client(MandosClientWidget(
620
server_proxy_object=self.mandos_serv,
621
proxy_object=client_proxy_object,
623
update_hook=self.refresh,
624
delete_hook=self.remove_client),
625
self._input_callback_tag = (gobject.io_add_watch
628
self._input_callback_tag = (
630
GLib.IOChannel.unix_new(sys.stdin.fileno()),
631
GLib.PRIORITY_DEFAULT, GLib.IO_IN,
632
glib_safely(self.process_input)))
629
633
self.main_loop.run()
630
634
# Main loop has finished, we should close everything now
631
gobject.source_remove(self._input_callback_tag)
635
GLib.source_remove(self._input_callback_tag)
636
with warnings.catch_warnings():
637
warnings.simplefilter("ignore", BytesWarning)
635
641
self.main_loop.quit()
642
log.removeHandler(self.loghandler)
643
log.propagate = self.orig_log_propagate
637
645
def process_input(self, source, condition):
638
646
keys = self.screen.get_input()
639
translations = { "ctrl n": "down", # Emacs
640
"ctrl p": "up", # Emacs
641
"ctrl v": "page down", # Emacs
642
"meta v": "page up", # Emacs
643
" ": "page down", # less
644
"f": "page down", # less
645
"b": "page up", # less
647
translations = {"ctrl n": "down", # Emacs
648
"ctrl p": "up", # Emacs
649
"ctrl v": "page down", # Emacs
650
"meta v": "page up", # Emacs
651
" ": "page down", # less
652
"f": "page down", # less
653
"b": "page up", # less
651
659
key = translations[key]
652
660
except KeyError: # :-)
655
663
if key == "q" or key == "Q":
699
706
self.topwidget.set_focus(self.logbox)
702
if self.log_level == 0:
704
self.log_message("Verbose mode: Off")
709
if log.level < logging.INFO:
710
log.setLevel(logging.INFO)
711
log.info("Verbose mode: Off")
707
self.log_message("Verbose mode: On")
708
#elif (key == "end" or key == "meta >" or key == "G"
710
# pass # xxx end-of-buffer
711
#elif (key == "home" or key == "meta <" or key == "g"
713
# pass # xxx beginning-of-buffer
714
#elif key == "ctrl e" or key == "$":
715
# pass # xxx move-end-of-line
716
#elif key == "ctrl a" or key == "^":
717
# pass # xxx move-beginning-of-line
718
#elif key == "ctrl b" or key == "meta (" or key == "h":
720
#elif key == "ctrl f" or key == "meta )" or key == "l":
723
# pass # scroll up log
725
# pass # scroll down log
713
log.setLevel(logging.NOTSET)
714
log.info("Verbose mode: On")
715
# elif (key == "end" or key == "meta >" or key == "G"
717
# pass # xxx end-of-buffer
718
# elif (key == "home" or key == "meta <" or key == "g"
720
# pass # xxx beginning-of-buffer
721
# elif key == "ctrl e" or key == "$":
722
# pass # xxx move-end-of-line
723
# elif key == "ctrl a" or key == "^":
724
# pass # xxx move-beginning-of-line
725
# elif key == "ctrl b" or key == "meta (" or key == "h":
727
# elif key == "ctrl f" or key == "meta )" or key == "l":
730
# pass # scroll up log
732
# pass # scroll down log
726
733
elif self.topwidget.selectable():
727
734
self.topwidget.keypress(self.size, key)
739
class UILogHandler(logging.Handler):
740
def __init__(self, ui, *args, **kwargs):
742
super(UILogHandler, self).__init__(*args, **kwargs)
744
logging.Formatter("%(asctime)s: %(message)s"))
745
def emit(self, record):
746
msg = self.format(record)
747
if record.levelno > logging.INFO:
749
self.ui.add_log_line(msg)
731
752
ui = UserInterface()
734
755
except KeyboardInterrupt:
736
except Exception as e:
737
ui.log_message(str(e))
756
with warnings.catch_warnings():
757
warnings.filterwarnings("ignore", "", BytesWarning)
760
with warnings.catch_warnings():
761
warnings.filterwarnings("ignore", "", BytesWarning)