To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to server.py
- browse files at revision 16
- compare with another revision
- download diff
- download tarball
- view history from revision 16
- Committer: Teddy Hogeborn
- Date: 2008-07-21 01:50:31 UTC
- Revision ID: teddy@fukt.bsnet.se-20080721015031-ivjiclli2j06hwgs
* Makefile: Include targets for all binaries.
* plugins.d/Makefile: Do nothing but call the parent Makefile.
* server.py: Added copyright statement and information.
(Client.__init__): Added doc string.
(Client.stop): Bug fix: Only log message if stopping for the first
time. Check if the "stop_initiator_tag" and
"checker_initiator_tag" attributes exist before using
them.
(Client.__del__): Call self.stop() instead of doing things here.
(Client.checker_callback): Set self.checker_callback_tag and
self.checker to None unconditionally and
immediately.
(Client.stop_checker): Added some checks to handle multiple calls.
(tcp_handler.handle): Use "self.server.clients" instead of "clients".
(__main__): Moved all code to the "main" function.
(main): New. New option "--address". Instantiate IPv6_TCPServer
with "options.address". Log before starting main loop.
(main.cleanup) Use "clients.pop()" to remove clients from the set as
they are stopped.
* plugins.d/Makefile: Do nothing but call the parent Makefile.
* server.py: Added copyright statement and information.
(Client.__init__): Added doc string.
(Client.stop): Bug fix: Only log message if stopping for the first
time. Check if the "stop_initiator_tag" and
"checker_initiator_tag" attributes exist before using
them.
(Client.__del__): Call self.stop() instead of doing things here.
(Client.checker_callback): Set self.checker_callback_tag and
self.checker to None unconditionally and
immediately.
(Client.stop_checker): Added some checks to handle multiple calls.
(tcp_handler.handle): Use "self.server.clients" instead of "clients".
(__main__): Moved all code to the "main" function.
(main): New. New option "--address". Instantiate IPv6_TCPServer
with "options.address". Log before starting main loop.
(main.cleanup) Use "clients.pop()" to remove clients from the set as
they are stopped.
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
server.py
6
6
# This program is partly derived from an example program for an Avahi
7
7
# service publisher, downloaded from
8
8
# <http://avahi.org/wiki/PythonPublishExample>. This includes the
9
# methods "add", "remove", "server_state_changed",
10
# "entry_group_state_changed", "cleanup", and "activate" in the
11
# "AvahiService" class, and some lines in "main".
9
# following functions: "add_service", "remove_service",
10
# "server_state_changed", "entry_group_state_changed", and some lines
11
# in "main".
12
12
#
13
# Everything else is
14
# Copyright © 2008,2009 Teddy Hogeborn
15
# Copyright © 2008,2009 Björn Påhlsson
13
# Everything else is Copyright © 2007-2008 Teddy Hogeborn and Björn
14
# Påhlsson.
16
15
#
17
16
# This program is free software: you can redistribute it and/or modify
18
17
# it under the terms of the GNU General Public License as published by
25
24
# GNU General Public License for more details.
26
25
#
27
26
# You should have received a copy of the GNU General Public License
28
# along with this program. If not, see
29
# <http://www.gnu.org/licenses/>.
30
#
31
# Contact the authors at <mandos@fukt.bsnet.se>.
32
#
33
34
from __future__ import division, with_statement, absolute_import
35
36
import SocketServer as socketserver
27
# along with this program. If not, see <http://www.gnu.org/licenses/>.
28
#
29
# Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
30
# <https://www.fukt.bsnet.se/~teddy/>.
31
#
32
33
from __future__ import division
34
35
import SocketServer
37
36
import socket
38
import optparse
37
import select
38
from optparse import OptionParser
39
39
import datetime
40
40
import errno
41
41
import gnutls.crypto
44
44
import gnutls.library.functions
45
45
import gnutls.library.constants
46
46
import gnutls.library.types
47
import ConfigParser as configparser
47
import ConfigParser
48
48
import sys
49
49
import re
50
50
import os
51
51
import signal
52
from sets import Set
52
53
import subprocess
53
54
import atexit
54
55
import stat
55
56
import logging
56
57
import logging.handlers
57
import pwd
58
import contextlib
59
import struct
60
import fcntl
61
import functools
62
import cPickle as pickle
63
import multiprocessing
64
58
65
59
import dbus
66
import dbus.service
67
60
import gobject
68
61
import avahi
69
62
from dbus.mainloop.glib import DBusGMainLoop
70
63
import ctypes
71
import ctypes.util
72
import xml.dom.minidom
73
import inspect
74
75
try:
76
SO_BINDTODEVICE = socket.SO_BINDTODEVICE
77
except AttributeError:
78
try:
79
from IN import SO_BINDTODEVICE
80
except ImportError:
81
SO_BINDTODEVICE = None
82
83
84
version = "1.0.14"
85
86
#logger = logging.getLogger(u'mandos')
87
logger = logging.Logger(u'mandos')
88
syslogger = (logging.handlers.SysLogHandler
89
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
90
address = "/dev/log"))
91
syslogger.setFormatter(logging.Formatter
92
(u'Mandos [%(process)d]: %(levelname)s:'
93
u' %(message)s'))
64
65
# Brief description of the operation of this program:
66
#
67
# This server announces itself as a Zeroconf service. Connecting
68
# clients use the TLS protocol, with the unusual quirk that this
69
# server program acts as a TLS "client" while the connecting clients
70
# acts as a TLS "server". The clients (acting as a TLS "server") must
71
# supply an OpenPGP certificate, and the fingerprint of this
72
# certificate is used by this server to look up (in a list read from a
73
# file at start time) which binary blob to give the client. No other
74
# authentication or authorization is done by this server.
75
76
77
logger = logging.Logger('mandos')
78
syslogger = logging.handlers.SysLogHandler\
79
(facility = logging.handlers.SysLogHandler.LOG_DAEMON)
80
syslogger.setFormatter(logging.Formatter\
81
('%(levelname)s: %(message)s'))
94
82
logger.addHandler(syslogger)
95
96
console = logging.StreamHandler()
97
console.setFormatter(logging.Formatter(u'%(name)s [%(process)d]:'
98
u' %(levelname)s:'
99
u' %(message)s'))
100
logger.addHandler(console)
101
102
class AvahiError(Exception):
103
def __init__(self, value, *args, **kwargs):
104
self.value = value
105
super(AvahiError, self).__init__(value, *args, **kwargs)
106
def __unicode__(self):
107
return unicode(repr(self.value))
108
109
class AvahiServiceError(AvahiError):
110
pass
111
112
class AvahiGroupError(AvahiError):
113
pass
114
115
116
class AvahiService(object):
117
"""An Avahi (Zeroconf) service.
118
119
Attributes:
120
interface: integer; avahi.IF_UNSPEC or an interface index.
121
Used to optionally bind to the specified interface.
122
name: string; Example: u'Mandos'
123
type: string; Example: u'_mandos._tcp'.
124
See <http://www.dns-sd.org/ServiceTypes.html>
125
port: integer; what port to announce
126
TXT: list of strings; TXT record for the service
127
domain: string; Domain to publish on, default to .local if empty.
128
host: string; Host to publish records for, default is localhost
129
max_renames: integer; maximum number of renames
130
rename_count: integer; counter so we only rename after collisions
131
a sensible number of times
132
group: D-Bus Entry Group
133
server: D-Bus Server
134
bus: dbus.SystemBus()
135
"""
136
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
137
servicetype = None, port = None, TXT = None,
138
domain = u"", host = u"", max_renames = 32768,
139
protocol = avahi.PROTO_UNSPEC, bus = None):
140
self.interface = interface
141
self.name = name
142
self.type = servicetype
143
self.port = port
144
self.TXT = TXT if TXT is not None else []
145
self.domain = domain
146
self.host = host
147
self.rename_count = 0
148
self.max_renames = max_renames
149
self.protocol = protocol
150
self.group = None # our entry group
151
self.server = None
152
self.bus = bus
153
def rename(self):
154
"""Derived from the Avahi example code"""
155
if self.rename_count >= self.max_renames:
156
logger.critical(u"No suitable Zeroconf service name found"
157
u" after %i retries, exiting.",
158
self.rename_count)
159
raise AvahiServiceError(u"Too many renames")
160
self.name = unicode(self.server.GetAlternativeServiceName(self.name))
161
logger.info(u"Changing Zeroconf service name to %r ...",
162
self.name)
163
syslogger.setFormatter(logging.Formatter
164
(u'Mandos (%s) [%%(process)d]:'
165
u' %%(levelname)s: %%(message)s'
166
% self.name))
167
self.remove()
168
self.add()
169
self.rename_count += 1
170
def remove(self):
171
"""Derived from the Avahi example code"""
172
if self.group is not None:
173
self.group.Reset()
174
def add(self):
175
"""Derived from the Avahi example code"""
176
if self.group is None:
177
self.group = dbus.Interface(
178
self.bus.get_object(avahi.DBUS_NAME,
179
self.server.EntryGroupNew()),
180
avahi.DBUS_INTERFACE_ENTRY_GROUP)
181
self.group.connect_to_signal('StateChanged',
182
self
183
.entry_group_state_changed)
184
logger.debug(u"Adding Zeroconf service '%s' of type '%s' ...",
185
self.name, self.type)
186
self.group.AddService(
187
self.interface,
188
self.protocol,
189
dbus.UInt32(0), # flags
190
self.name, self.type,
191
self.domain, self.host,
192
dbus.UInt16(self.port),
193
avahi.string_array_to_txt_array(self.TXT))
194
self.group.Commit()
195
def entry_group_state_changed(self, state, error):
196
"""Derived from the Avahi example code"""
197
logger.debug(u"Avahi state change: %i", state)
198
199
if state == avahi.ENTRY_GROUP_ESTABLISHED:
200
logger.debug(u"Zeroconf service established.")
201
elif state == avahi.ENTRY_GROUP_COLLISION:
202
logger.warning(u"Zeroconf service name collision.")
203
self.rename()
204
elif state == avahi.ENTRY_GROUP_FAILURE:
205
logger.critical(u"Avahi: Error in group state changed %s",
206
unicode(error))
207
raise AvahiGroupError(u"State changed: %s"
208
% unicode(error))
209
def cleanup(self):
210
"""Derived from the Avahi example code"""
211
if self.group is not None:
212
self.group.Free()
213
self.group = None
214
def server_state_changed(self, state):
215
"""Derived from the Avahi example code"""
216
if state == avahi.SERVER_COLLISION:
217
logger.error(u"Zeroconf server name collision")
218
self.remove()
219
elif state == avahi.SERVER_RUNNING:
220
self.add()
221
def activate(self):
222
"""Derived from the Avahi example code"""
223
if self.server is None:
224
self.server = dbus.Interface(
225
self.bus.get_object(avahi.DBUS_NAME,
226
avahi.DBUS_PATH_SERVER),
227
avahi.DBUS_INTERFACE_SERVER)
228
self.server.connect_to_signal(u"StateChanged",
229
self.server_state_changed)
230
self.server_state_changed(self.server.GetState())
83
del syslogger
84
85
# This variable is used to optionally bind to a specified interface.
86
# It is a global variable to fit in with the other variables from the
87
# Avahi example code.
88
serviceInterface = avahi.IF_UNSPEC
89
# From the Avahi example code:
90
serviceName = "Mandos"
91
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
92
servicePort = None # Not known at startup
93
serviceTXT = [] # TXT record for the service
94
domain = "" # Domain to publish on, default to .local
95
host = "" # Host to publish records for, default to localhost
96
group = None #our entry group
97
rename_count = 12 # Counter so we only rename after collisions a
98
# sensible number of times
99
# End of Avahi example code
231
100
232
101
233
102
class Client(object):
234
103
"""A representation of a client host served by this server.
235
236
104
Attributes:
237
name: string; from the config file, used in log messages and
238
D-Bus identifiers
105
name: string; from the config file, used in log messages
239
106
fingerprint: string (40 or 32 hexadecimal digits); used to
240
107
uniquely identify the client
241
secret: bytestring; sent verbatim (over TLS) to client
242
host: string; available for use by the checker command
243
created: datetime.datetime(); (UTC) object creation
244
last_enabled: datetime.datetime(); (UTC)
245
enabled: bool()
246
last_checked_ok: datetime.datetime(); (UTC) or None
247
timeout: datetime.timedelta(); How long from last_checked_ok
248
until this client is disabled
249
interval: datetime.timedelta(); How often to start a new checker
250
disable_hook: If set, called by disable() as disable_hook(self)
251
checker: subprocess.Popen(); a running checker process used
252
to see if the client lives.
253
'None' if no process is running.
108
secret: bytestring; sent verbatim (over TLS) to client
109
fqdn: string (FQDN); available for use by the checker command
110
created: datetime.datetime()
111
last_seen: datetime.datetime() or None if not yet seen
112
timeout: datetime.timedelta(); How long from last_seen until
113
this client is invalid
114
interval: datetime.timedelta(); How often to start a new checker
115
stop_hook: If set, called by stop() as stop_hook(self)
116
checker: subprocess.Popen(); a running checker process used
117
to see if the client lives.
118
Is None if no process is running.
254
119
checker_initiator_tag: a gobject event source tag, or None
255
disable_initiator_tag: - '' -
120
stop_initiator_tag: - '' -
256
121
checker_callback_tag: - '' -
257
122
checker_command: string; External command which is run to check if
258
client lives. %() expansions are done at
123
client lives. %()s expansions are done at
259
124
runtime with vars(self) as dict, so that for
260
125
instance %(name)s can be used in the command.
261
current_checker_command: string; current running checker_command
262
approved_delay: datetime.timedelta(); Time to wait for approval
263
_approved: bool(); 'None' if not yet approved/disapproved
264
approved_duration: datetime.timedelta(); Duration of one approval
126
Private attibutes:
127
_timeout: Real variable for 'timeout'
128
_interval: Real variable for 'interval'
129
_timeout_milliseconds: Used by gobject.timeout_add()
130
_interval_milliseconds: - '' -
265
131
"""
266
267
@staticmethod
268
def _timedelta_to_milliseconds(td):
269
"Convert a datetime.timedelta() to milliseconds"
270
return ((td.days * 24 * 60 * 60 * 1000)
271
+ (td.seconds * 1000)
272
+ (td.microseconds // 1000))
273
274
def timeout_milliseconds(self):
275
"Return the 'timeout' attribute in milliseconds"
276
return self._timedelta_to_milliseconds(self.timeout)
277
278
def interval_milliseconds(self):
279
"Return the 'interval' attribute in milliseconds"
280
return self._timedelta_to_milliseconds(self.interval)
281
282
def approved_delay_milliseconds(self):
283
return self._timedelta_to_milliseconds(self.approved_delay)
284
285
def __init__(self, name = None, disable_hook=None, config=None):
286
"""Note: the 'checker' key in 'config' sets the
287
'checker_command' attribute and *not* the 'checker'
288
attribute."""
132
def _set_timeout(self, timeout):
133
"Setter function for 'timeout' attribute"
134
self._timeout = timeout
135
self._timeout_milliseconds = ((self.timeout.days
136
* 24 * 60 * 60 * 1000)
137
+ (self.timeout.seconds * 1000)
138
+ (self.timeout.microseconds
139
// 1000))
140
timeout = property(lambda self: self._timeout,
141
_set_timeout)
142
del _set_timeout
143
def _set_interval(self, interval):
144
"Setter function for 'interval' attribute"
145
self._interval = interval
146
self._interval_milliseconds = ((self.interval.days
147
* 24 * 60 * 60 * 1000)
148
+ (self.interval.seconds
149
* 1000)
150
+ (self.interval.microseconds
151
// 1000))
152
interval = property(lambda self: self._interval,
153
_set_interval)
154
del _set_interval
155
def __init__(self, name=None, options=None, stop_hook=None,
156
fingerprint=None, secret=None, secfile=None,
157
fqdn=None, timeout=None, interval=-1, checker=None):
158
"""Note: the 'checker' argument sets the 'checker_command'
159
attribute and not the 'checker' attribute.."""
289
160
self.name = name
290
if config is None:
291
config = {}
292
logger.debug(u"Creating client %r", self.name)
293
# Uppercase and remove spaces from fingerprint for later
294
# comparison purposes with return value from the fingerprint()
295
# function
296
self.fingerprint = (config[u"fingerprint"].upper()
297
.replace(u" ", u""))
298
logger.debug(u" Fingerprint: %s", self.fingerprint)
299
if u"secret" in config:
300
self.secret = config[u"secret"].decode(u"base64")
301
elif u"secfile" in config:
302
with open(os.path.expanduser(os.path.expandvars
303
(config[u"secfile"])),
304
"rb") as secfile:
305
self.secret = secfile.read()
306
else:
307
raise TypeError(u"No secret or secfile for client %s"
308
% self.name)
309
self.host = config.get(u"host", u"")
310
self.created = datetime.datetime.utcnow()
311
self.enabled = False
312
self.last_enabled = None
313
self.last_checked_ok = None
314
self.timeout = string_to_delta(config[u"timeout"])
315
self.interval = string_to_delta(config[u"interval"])
316
self.disable_hook = disable_hook
161
# Uppercase and remove spaces from fingerprint
162
# for later comparison purposes with return value of
163
# the fingerprint() function
164
self.fingerprint = fingerprint.upper().replace(u" ", u"")
165
if secret:
166
self.secret = secret.decode(u"base64")
167
elif secfile:
168
sf = open(secfile)
169
self.secret = sf.read()
170
sf.close()
171
else:
172
raise RuntimeError(u"No secret or secfile for client %s"
173
% self.name)
174
self.fqdn = fqdn # string
175
self.created = datetime.datetime.now()
176
self.last_seen = None
177
if timeout is None:
178
self.timeout = options.timeout
179
else:
180
self.timeout = string_to_delta(timeout)
181
if interval == -1:
182
self.interval = options.interval
183
else:
184
self.interval = string_to_delta(interval)
185
self.stop_hook = stop_hook
317
186
self.checker = None
318
187
self.checker_initiator_tag = None
319
self.disable_initiator_tag = None
188
self.stop_initiator_tag = None
320
189
self.checker_callback_tag = None
321
self.checker_command = config[u"checker"]
322
self.current_checker_command = None
323
self.last_connect = None
324
self._approved = None
325
self.approved_by_default = config.get(u"approved_by_default",
326
True)
327
self.approvals_pending = 0
328
self.approved_delay = string_to_delta(
329
config[u"approved_delay"])
330
self.approved_duration = string_to_delta(
331
config[u"approved_duration"])
332
self.changedstate = multiprocessing_manager.Condition(multiprocessing_manager.Lock())
333
334
def send_changedstate(self):
335
self.changedstate.acquire()
336
self.changedstate.notify_all()
337
self.changedstate.release()
338
339
def enable(self):
190
self.check_command = checker
191
def start(self):
340
192
"""Start this client's checker and timeout hooks"""
341
if getattr(self, u"enabled", False):
342
# Already enabled
343
return
344
self.send_changedstate()
345
self.last_enabled = datetime.datetime.utcnow()
346
193
# Schedule a new checker to be started an 'interval' from now,
347
194
# and every interval from then on.
348
self.checker_initiator_tag = (gobject.timeout_add
349
(self.interval_milliseconds(),
350
self.start_checker))
351
# Schedule a disable() when 'timeout' has passed
352
self.disable_initiator_tag = (gobject.timeout_add
353
(self.timeout_milliseconds(),
354
self.disable))
355
self.enabled = True
195
self.checker_initiator_tag = gobject.timeout_add\
196
(self._interval_milliseconds,
197
self.start_checker)
356
198
# Also start a new checker *right now*.
357
199
self.start_checker()
358
359
def disable(self, quiet=True):
360
"""Disable this client."""
361
if not getattr(self, "enabled", False):
200
# Schedule a stop() when 'timeout' has passed
201
self.stop_initiator_tag = gobject.timeout_add\
202
(self._timeout_milliseconds,
203
self.stop)
204
def stop(self):
205
"""Stop this client.
206
The possibility that this client might be restarted is left
207
open, but not currently used."""
208
# If this client doesn't have a secret, it is already stopped.
209
if self.secret:
210
logger.debug(u"Stopping client %s", self.name)
211
self.secret = None
212
else:
362
213
return False
363
if not quiet:
364
self.send_changedstate()
365
if not quiet:
366
logger.info(u"Disabling client %s", self.name)
367
if getattr(self, u"disable_initiator_tag", False):
368
gobject.source_remove(self.disable_initiator_tag)
369
self.disable_initiator_tag = None
370
if getattr(self, u"checker_initiator_tag", False):
214
if hasattr(self, "stop_initiator_tag") \
215
and self.stop_initiator_tag:
216
gobject.source_remove(self.stop_initiator_tag)
217
self.stop_initiator_tag = None
218
if hasattr(self, "checker_initiator_tag") \
219
and self.checker_initiator_tag:
371
220
gobject.source_remove(self.checker_initiator_tag)
372
221
self.checker_initiator_tag = None
373
222
self.stop_checker()
374
if self.disable_hook:
375
self.disable_hook(self)
376
self.enabled = False
223
if self.stop_hook:
224
self.stop_hook(self)
377
225
# Do not run this again if called by a gobject.timeout_add
378
226
return False
379
380
227
def __del__(self):
381
self.disable_hook = None
382
self.disable()
383
384
def checker_callback(self, pid, condition, command):
228
self.stop_hook = None
229
self.stop()
230
def checker_callback(self, pid, condition):
385
231
"""The checker has completed, so take appropriate actions."""
232
now = datetime.datetime.now()
386
233
self.checker_callback_tag = None
387
234
self.checker = None
388
if os.WIFEXITED(condition):
389
exitstatus = os.WEXITSTATUS(condition)
390
if exitstatus == 0:
391
logger.info(u"Checker for %(name)s succeeded",
392
vars(self))
393
self.checked_ok()
394
else:
395
logger.info(u"Checker for %(name)s failed",
396
vars(self))
397
else:
235
if os.WIFEXITED(condition) \
236
and (os.WEXITSTATUS(condition) == 0):
237
logger.debug(u"Checker for %(name)s succeeded",
238
vars(self))
239
self.last_seen = now
240
gobject.source_remove(self.stop_initiator_tag)
241
self.stop_initiator_tag = gobject.timeout_add\
242
(self._timeout_milliseconds,
243
self.stop)
244
elif not os.WIFEXITED(condition):
398
245
logger.warning(u"Checker for %(name)s crashed?",
399
246
vars(self))
400
401
def checked_ok(self):
402
"""Bump up the timeout for this client.
403
404
This should only be called when the client has been seen,
405
alive and well.
406
"""
407
self.last_checked_ok = datetime.datetime.utcnow()
408
gobject.source_remove(self.disable_initiator_tag)
409
self.disable_initiator_tag = (gobject.timeout_add
410
(self.timeout_milliseconds(),
411
self.disable))
412
247
else:
248
logger.debug(u"Checker for %(name)s failed",
249
vars(self))
413
250
def start_checker(self):
414
251
"""Start a new checker subprocess if one is not running.
415
416
252
If a checker already exists, leave it running and do
417
253
nothing."""
418
254
# The reason for not killing a running checker is that if we
421
257
# client would inevitably timeout, since no checker would get
422
258
# a chance to run to completion. If we instead leave running
423
259
# checkers alone, the checker would have to take more time
424
# than 'timeout' for the client to be disabled, which is as it
425
# should be.
426
427
# If a checker exists, make sure it is not a zombie
428
try:
429
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
430
except (AttributeError, OSError), error:
431
if (isinstance(error, OSError)
432
and error.errno != errno.ECHILD):
433
raise error
434
else:
435
if pid:
436
logger.warning(u"Checker was a zombie")
437
gobject.source_remove(self.checker_callback_tag)
438
self.checker_callback(pid, status,
439
self.current_checker_command)
440
# Start a new checker if needed
260
# than 'timeout' for the client to be declared invalid, which
261
# is as it should be.
441
262
if self.checker is None:
442
263
try:
443
# In case checker_command has exactly one % operator
444
command = self.checker_command % self.host
264
command = self.check_command % self.fqdn
445
265
except TypeError:
446
# Escape attributes for the shell
447
escaped_attrs = dict((key,
448
re.escape(unicode(str(val),
449
errors=
450
u'replace')))
266
escaped_attrs = dict((key, re.escape(str(val)))
451
267
for key, val in
452
268
vars(self).iteritems())
453
269
try:
454
command = self.checker_command % escaped_attrs
270
command = self.check_command % escaped_attrs
455
271
except TypeError, error:
456
logger.error(u'Could not format string "%s":'
457
u' %s', self.checker_command, error)
272
logger.critical(u'Could not format string "%s":'
273
u' %s', self.check_command, error)
458
274
return True # Try again later
459
self.current_checker_command = command
460
275
try:
461
logger.info(u"Starting checker %r for %s",
462
command, self.name)
463
# We don't need to redirect stdout and stderr, since
464
# in normal mode, that is already done by daemon(),
465
# and in debug mode we don't want to. (Stdin is
466
# always replaced by /dev/null.)
467
self.checker = subprocess.Popen(command,
468
close_fds=True,
469
shell=True, cwd=u"/")
470
self.checker_callback_tag = (gobject.child_watch_add
471
(self.checker.pid,
472
self.checker_callback,
473
data=command))
474
# The checker may have completed before the gobject
475
# watch was added. Check for this.
476
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
477
if pid:
478
gobject.source_remove(self.checker_callback_tag)
479
self.checker_callback(pid, status, command)
480
except OSError, error:
276
logger.debug(u"Starting checker %r for %s",
277
command, self.name)
278
self.checker = subprocess.\
279
Popen(command,
280
close_fds=True, shell=True,
281
cwd="/")
282
self.checker_callback_tag = gobject.child_watch_add\
283
(self.checker.pid,
284
self.checker_callback)
285
except subprocess.OSError, error:
481
286
logger.error(u"Failed to start subprocess: %s",
482
287
error)
483
288
# Re-run this periodically if run by gobject.timeout_add
484
289
return True
485
486
290
def stop_checker(self):
487
291
"""Force the checker process, if any, to stop."""
488
292
if self.checker_callback_tag:
489
293
gobject.source_remove(self.checker_callback_tag)
490
294
self.checker_callback_tag = None
491
if getattr(self, u"checker", None) is None:
295
if not hasattr(self, "checker") or self.checker is None:
492
296
return
493
logger.debug(u"Stopping checker for %(name)s", vars(self))
297
logger.debug("Stopping checker for %(name)s", vars(self))
494
298
try:
495
299
os.kill(self.checker.pid, signal.SIGTERM)
496
#time.sleep(0.5)
300
#os.sleep(0.5)
497
301
#if self.checker.poll() is None:
498
302
# os.kill(self.checker.pid, signal.SIGKILL)
499
303
except OSError, error:
500
if error.errno != errno.ESRCH: # No such process
304
if error.errno != errno.ESRCH:
501
305
raise
502
306
self.checker = None
503
504
def dbus_service_property(dbus_interface, signature=u"v",
505
access=u"readwrite", byte_arrays=False):
506
"""Decorators for marking methods of a DBusObjectWithProperties to
507
become properties on the D-Bus.
508
509
The decorated method will be called with no arguments by "Get"
510
and with one argument by "Set".
511
512
The parameters, where they are supported, are the same as
513
dbus.service.method, except there is only "signature", since the
514
type from Get() and the type sent to Set() is the same.
515
"""
516
# Encoding deeply encoded byte arrays is not supported yet by the
517
# "Set" method, so we fail early here:
518
if byte_arrays and signature != u"ay":
519
raise ValueError(u"Byte arrays not supported for non-'ay'"
520
u" signature %r" % signature)
521
def decorator(func):
522
func._dbus_is_property = True
523
func._dbus_interface = dbus_interface
524
func._dbus_signature = signature
525
func._dbus_access = access
526
func._dbus_name = func.__name__
527
if func._dbus_name.endswith(u"_dbus_property"):
528
func._dbus_name = func._dbus_name[:-14]
529
func._dbus_get_args_options = {u'byte_arrays': byte_arrays }
530
return func
531
return decorator
532
533
534
class DBusPropertyException(dbus.exceptions.DBusException):
535
"""A base class for D-Bus property-related exceptions
536
"""
537
def __unicode__(self):
538
return unicode(str(self))
539
540
541
class DBusPropertyAccessException(DBusPropertyException):
542
"""A property's access permissions disallows an operation.
543
"""
544
pass
545
546
547
class DBusPropertyNotFound(DBusPropertyException):
548
"""An attempt was made to access a non-existing property.
549
"""
550
pass
551
552
553
class DBusObjectWithProperties(dbus.service.Object):
554
"""A D-Bus object with properties.
555
556
Classes inheriting from this can use the dbus_service_property
557
decorator to expose methods as D-Bus properties. It exposes the
558
standard Get(), Set(), and GetAll() methods on the D-Bus.
559
"""
560
561
@staticmethod
562
def _is_dbus_property(obj):
563
return getattr(obj, u"_dbus_is_property", False)
564
565
def _get_all_dbus_properties(self):
566
"""Returns a generator of (name, attribute) pairs
567
"""
568
return ((prop._dbus_name, prop)
569
for name, prop in
570
inspect.getmembers(self, self._is_dbus_property))
571
572
def _get_dbus_property(self, interface_name, property_name):
573
"""Returns a bound method if one exists which is a D-Bus
574
property with the specified name and interface.
575
"""
576
for name in (property_name,
577
property_name + u"_dbus_property"):
578
prop = getattr(self, name, None)
579
if (prop is None
580
or not self._is_dbus_property(prop)
581
or prop._dbus_name != property_name
582
or (interface_name and prop._dbus_interface
583
and interface_name != prop._dbus_interface)):
584
continue
585
return prop
586
# No such property
587
raise DBusPropertyNotFound(self.dbus_object_path + u":"
588
+ interface_name + u"."
589
+ property_name)
590
591
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"ss",
592
out_signature=u"v")
593
def Get(self, interface_name, property_name):
594
"""Standard D-Bus property Get() method, see D-Bus standard.
595
"""
596
prop = self._get_dbus_property(interface_name, property_name)
597
if prop._dbus_access == u"write":
598
raise DBusPropertyAccessException(property_name)
599
value = prop()
600
if not hasattr(value, u"variant_level"):
601
return value
602
return type(value)(value, variant_level=value.variant_level+1)
603
604
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"ssv")
605
def Set(self, interface_name, property_name, value):
606
"""Standard D-Bus property Set() method, see D-Bus standard.
607
"""
608
prop = self._get_dbus_property(interface_name, property_name)
609
if prop._dbus_access == u"read":
610
raise DBusPropertyAccessException(property_name)
611
if prop._dbus_get_args_options[u"byte_arrays"]:
612
# The byte_arrays option is not supported yet on
613
# signatures other than "ay".
614
if prop._dbus_signature != u"ay":
615
raise ValueError
616
value = dbus.ByteArray(''.join(unichr(byte)
617
for byte in value))
618
prop(value)
619
620
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"s",
621
out_signature=u"a{sv}")
622
def GetAll(self, interface_name):
623
"""Standard D-Bus property GetAll() method, see D-Bus
624
standard.
625
626
Note: Will not include properties with access="write".
627
"""
628
all = {}
629
for name, prop in self._get_all_dbus_properties():
630
if (interface_name
631
and interface_name != prop._dbus_interface):
632
# Interface non-empty but did not match
633
continue
634
# Ignore write-only properties
635
if prop._dbus_access == u"write":
636
continue
637
value = prop()
638
if not hasattr(value, u"variant_level"):
639
all[name] = value
640
continue
641
all[name] = type(value)(value, variant_level=
642
value.variant_level+1)
643
return dbus.Dictionary(all, signature=u"sv")
644
645
@dbus.service.method(dbus.INTROSPECTABLE_IFACE,
646
out_signature=u"s",
647
path_keyword='object_path',
648
connection_keyword='connection')
649
def Introspect(self, object_path, connection):
650
"""Standard D-Bus method, overloaded to insert property tags.
651
"""
652
xmlstring = dbus.service.Object.Introspect(self, object_path,
653
connection)
654
try:
655
document = xml.dom.minidom.parseString(xmlstring)
656
def make_tag(document, name, prop):
657
e = document.createElement(u"property")
658
e.setAttribute(u"name", name)
659
e.setAttribute(u"type", prop._dbus_signature)
660
e.setAttribute(u"access", prop._dbus_access)
661
return e
662
for if_tag in document.getElementsByTagName(u"interface"):
663
for tag in (make_tag(document, name, prop)
664
for name, prop
665
in self._get_all_dbus_properties()
666
if prop._dbus_interface
667
== if_tag.getAttribute(u"name")):
668
if_tag.appendChild(tag)
669
# Add the names to the return values for the
670
# "org.freedesktop.DBus.Properties" methods
671
if (if_tag.getAttribute(u"name")
672
== u"org.freedesktop.DBus.Properties"):
673
for cn in if_tag.getElementsByTagName(u"method"):
674
if cn.getAttribute(u"name") == u"Get":
675
for arg in cn.getElementsByTagName(u"arg"):
676
if (arg.getAttribute(u"direction")
677
== u"out"):
678
arg.setAttribute(u"name", u"value")
679
elif cn.getAttribute(u"name") == u"GetAll":
680
for arg in cn.getElementsByTagName(u"arg"):
681
if (arg.getAttribute(u"direction")
682
== u"out"):
683
arg.setAttribute(u"name", u"props")
684
xmlstring = document.toxml(u"utf-8")
685
document.unlink()
686
except (AttributeError, xml.dom.DOMException,
687
xml.parsers.expat.ExpatError), error:
688
logger.error(u"Failed to override Introspection method",
689
error)
690
return xmlstring
691
692
693
class ClientDBus(Client, DBusObjectWithProperties):
694
"""A Client class using D-Bus
695
696
Attributes:
697
dbus_object_path: dbus.ObjectPath
698
bus: dbus.SystemBus()
699
"""
700
# dbus.service.Object doesn't use super(), so we can't either.
701
702
def __init__(self, bus = None, *args, **kwargs):
703
self._approvals_pending = 0
704
self.bus = bus
705
Client.__init__(self, *args, **kwargs)
706
# Only now, when this client is initialized, can it show up on
707
# the D-Bus
708
self.dbus_object_path = (dbus.ObjectPath
709
(u"/clients/"
710
+ self.name.replace(u".", u"_")))
711
DBusObjectWithProperties.__init__(self, self.bus,
712
self.dbus_object_path)
713
714
def _get_approvals_pending(self):
715
return self._approvals_pending
716
def _set_approvals_pending(self, value):
717
old_value = self._approvals_pending
718
self._approvals_pending = value
719
bval = bool(value)
720
if (hasattr(self, "dbus_object_path")
721
and bval is not bool(old_value)):
722
dbus_bool = dbus.Boolean(bval, variant_level=1)
723
self.PropertyChanged(dbus.String(u"approved_pending"),
724
dbus_bool)
725
726
approvals_pending = property(_get_approvals_pending,
727
_set_approvals_pending)
728
del _get_approvals_pending, _set_approvals_pending
729
730
@staticmethod
731
def _datetime_to_dbus(dt, variant_level=0):
732
"""Convert a UTC datetime.datetime() to a D-Bus type."""
733
return dbus.String(dt.isoformat(),
734
variant_level=variant_level)
735
736
def enable(self):
737
oldstate = getattr(self, u"enabled", False)
738
r = Client.enable(self)
739
if oldstate != self.enabled:
740
# Emit D-Bus signals
741
self.PropertyChanged(dbus.String(u"enabled"),
742
dbus.Boolean(True, variant_level=1))
743
self.PropertyChanged(
744
dbus.String(u"last_enabled"),
745
self._datetime_to_dbus(self.last_enabled,
746
variant_level=1))
747
return r
748
749
def disable(self, quiet = False):
750
oldstate = getattr(self, u"enabled", False)
751
r = Client.disable(self, quiet=quiet)
752
if not quiet and oldstate != self.enabled:
753
# Emit D-Bus signal
754
self.PropertyChanged(dbus.String(u"enabled"),
755
dbus.Boolean(False, variant_level=1))
756
return r
757
758
def __del__(self, *args, **kwargs):
759
try:
760
self.remove_from_connection()
761
except LookupError:
762
pass
763
if hasattr(DBusObjectWithProperties, u"__del__"):
764
DBusObjectWithProperties.__del__(self, *args, **kwargs)
765
Client.__del__(self, *args, **kwargs)
766
767
def checker_callback(self, pid, condition, command,
768
*args, **kwargs):
769
self.checker_callback_tag = None
770
self.checker = None
771
# Emit D-Bus signal
772
self.PropertyChanged(dbus.String(u"checker_running"),
773
dbus.Boolean(False, variant_level=1))
774
if os.WIFEXITED(condition):
775
exitstatus = os.WEXITSTATUS(condition)
776
# Emit D-Bus signal
777
self.CheckerCompleted(dbus.Int16(exitstatus),
778
dbus.Int64(condition),
779
dbus.String(command))
780
else:
781
# Emit D-Bus signal
782
self.CheckerCompleted(dbus.Int16(-1),
783
dbus.Int64(condition),
784
dbus.String(command))
785
786
return Client.checker_callback(self, pid, condition, command,
787
*args, **kwargs)
788
789
def checked_ok(self, *args, **kwargs):
790
r = Client.checked_ok(self, *args, **kwargs)
791
# Emit D-Bus signal
792
self.PropertyChanged(
793
dbus.String(u"last_checked_ok"),
794
(self._datetime_to_dbus(self.last_checked_ok,
795
variant_level=1)))
796
return r
797
798
def start_checker(self, *args, **kwargs):
799
old_checker = self.checker
800
if self.checker is not None:
801
old_checker_pid = self.checker.pid
802
else:
803
old_checker_pid = None
804
r = Client.start_checker(self, *args, **kwargs)
805
# Only if new checker process was started
806
if (self.checker is not None
807
and old_checker_pid != self.checker.pid):
808
# Emit D-Bus signal
809
self.CheckerStarted(self.current_checker_command)
810
self.PropertyChanged(
811
dbus.String(u"checker_running"),
812
dbus.Boolean(True, variant_level=1))
813
return r
814
815
def stop_checker(self, *args, **kwargs):
816
old_checker = getattr(self, u"checker", None)
817
r = Client.stop_checker(self, *args, **kwargs)
818
if (old_checker is not None
819
and getattr(self, u"checker", None) is None):
820
self.PropertyChanged(dbus.String(u"checker_running"),
821
dbus.Boolean(False, variant_level=1))
822
return r
823
824
def _reset_approved(self):
825
self._approved = None
826
return False
827
828
def approve(self, value=True):
829
self.send_changedstate()
830
self._approved = value
831
gobject.timeout_add(self._timedelta_to_milliseconds(self.approved_duration),
832
self._reset_approved)
833
834
835
## D-Bus methods, signals & properties
836
_interface = u"se.bsnet.fukt.Mandos.Client"
837
838
## Signals
839
840
# CheckerCompleted - signal
841
@dbus.service.signal(_interface, signature=u"nxs")
842
def CheckerCompleted(self, exitcode, waitstatus, command):
843
"D-Bus signal"
844
pass
845
846
# CheckerStarted - signal
847
@dbus.service.signal(_interface, signature=u"s")
848
def CheckerStarted(self, command):
849
"D-Bus signal"
850
pass
851
852
# PropertyChanged - signal
853
@dbus.service.signal(_interface, signature=u"sv")
854
def PropertyChanged(self, property, value):
855
"D-Bus signal"
856
pass
857
858
# GotSecret - signal
859
@dbus.service.signal(_interface)
860
def GotSecret(self):
861
"""D-Bus signal
862
Is sent after a successful transfer of secret from the Mandos
863
server to mandos-client
864
"""
865
pass
866
867
# Rejected - signal
868
@dbus.service.signal(_interface, signature=u"s")
869
def Rejected(self, reason):
870
"D-Bus signal"
871
pass
872
873
# NeedApproval - signal
874
@dbus.service.signal(_interface, signature=u"db")
875
def NeedApproval(self, timeout, default):
876
"D-Bus signal"
877
pass
878
879
## Methods
880
881
# Approve - method
882
@dbus.service.method(_interface, in_signature=u"b")
883
def Approve(self, value):
884
self.approve(value)
885
886
# CheckedOK - method
887
@dbus.service.method(_interface)
888
def CheckedOK(self):
889
return self.checked_ok()
890
891
# Enable - method
892
@dbus.service.method(_interface)
893
def Enable(self):
894
"D-Bus method"
895
self.enable()
896
897
# StartChecker - method
898
@dbus.service.method(_interface)
899
def StartChecker(self):
900
"D-Bus method"
901
self.start_checker()
902
903
# Disable - method
904
@dbus.service.method(_interface)
905
def Disable(self):
906
"D-Bus method"
907
self.disable()
908
909
# StopChecker - method
910
@dbus.service.method(_interface)
911
def StopChecker(self):
912
self.stop_checker()
913
914
## Properties
915
916
# approved_pending - property
917
@dbus_service_property(_interface, signature=u"b", access=u"read")
918
def approved_pending_dbus_property(self):
919
return dbus.Boolean(bool(self.approvals_pending))
920
921
# approved_by_default - property
922
@dbus_service_property(_interface, signature=u"b",
923
access=u"readwrite")
924
def approved_by_default_dbus_property(self):
925
return dbus.Boolean(self.approved_by_default)
926
927
# approved_delay - property
928
@dbus_service_property(_interface, signature=u"t",
929
access=u"readwrite")
930
def approved_delay_dbus_property(self):
931
return dbus.UInt64(self.approved_delay_milliseconds())
932
933
# approved_duration - property
934
@dbus_service_property(_interface, signature=u"t",
935
access=u"readwrite")
936
def approved_duration_dbus_property(self):
937
return dbus.UInt64(self._timedelta_to_milliseconds(
938
self.approved_duration))
939
940
# name - property
941
@dbus_service_property(_interface, signature=u"s", access=u"read")
942
def name_dbus_property(self):
943
return dbus.String(self.name)
944
945
# fingerprint - property
946
@dbus_service_property(_interface, signature=u"s", access=u"read")
947
def fingerprint_dbus_property(self):
948
return dbus.String(self.fingerprint)
949
950
# host - property
951
@dbus_service_property(_interface, signature=u"s",
952
access=u"readwrite")
953
def host_dbus_property(self, value=None):
954
if value is None: # get
955
return dbus.String(self.host)
956
self.host = value
957
# Emit D-Bus signal
958
self.PropertyChanged(dbus.String(u"host"),
959
dbus.String(value, variant_level=1))
960
961
# created - property
962
@dbus_service_property(_interface, signature=u"s", access=u"read")
963
def created_dbus_property(self):
964
return dbus.String(self._datetime_to_dbus(self.created))
965
966
# last_enabled - property
967
@dbus_service_property(_interface, signature=u"s", access=u"read")
968
def last_enabled_dbus_property(self):
969
if self.last_enabled is None:
970
return dbus.String(u"")
971
return dbus.String(self._datetime_to_dbus(self.last_enabled))
972
973
# enabled - property
974
@dbus_service_property(_interface, signature=u"b",
975
access=u"readwrite")
976
def enabled_dbus_property(self, value=None):
977
if value is None: # get
978
return dbus.Boolean(self.enabled)
979
if value:
980
self.enable()
981
else:
982
self.disable()
983
984
# last_checked_ok - property
985
@dbus_service_property(_interface, signature=u"s",
986
access=u"readwrite")
987
def last_checked_ok_dbus_property(self, value=None):
988
if value is not None:
989
self.checked_ok()
990
return
991
if self.last_checked_ok is None:
992
return dbus.String(u"")
993
return dbus.String(self._datetime_to_dbus(self
994
.last_checked_ok))
995
996
# timeout - property
997
@dbus_service_property(_interface, signature=u"t",
998
access=u"readwrite")
999
def timeout_dbus_property(self, value=None):
1000
if value is None: # get
1001
return dbus.UInt64(self.timeout_milliseconds())
1002
self.timeout = datetime.timedelta(0, 0, 0, value)
1003
# Emit D-Bus signal
1004
self.PropertyChanged(dbus.String(u"timeout"),
1005
dbus.UInt64(value, variant_level=1))
1006
if getattr(self, u"disable_initiator_tag", None) is None:
1007
return
1008
# Reschedule timeout
1009
gobject.source_remove(self.disable_initiator_tag)
1010
self.disable_initiator_tag = None
1011
time_to_die = (self.
1012
_timedelta_to_milliseconds((self
1013
.last_checked_ok
1014
+ self.timeout)
1015
- datetime.datetime
1016
.utcnow()))
1017
if time_to_die <= 0:
1018
# The timeout has passed
1019
self.disable()
1020
else:
1021
self.disable_initiator_tag = (gobject.timeout_add
1022
(time_to_die, self.disable))
1023
1024
# interval - property
1025
@dbus_service_property(_interface, signature=u"t",
1026
access=u"readwrite")
1027
def interval_dbus_property(self, value=None):
1028
if value is None: # get
1029
return dbus.UInt64(self.interval_milliseconds())
1030
self.interval = datetime.timedelta(0, 0, 0, value)
1031
# Emit D-Bus signal
1032
self.PropertyChanged(dbus.String(u"interval"),
1033
dbus.UInt64(value, variant_level=1))
1034
if getattr(self, u"checker_initiator_tag", None) is None:
1035
return
1036
# Reschedule checker run
1037
gobject.source_remove(self.checker_initiator_tag)
1038
self.checker_initiator_tag = (gobject.timeout_add
1039
(value, self.start_checker))
1040
self.start_checker() # Start one now, too
1041
1042
# checker - property
1043
@dbus_service_property(_interface, signature=u"s",
1044
access=u"readwrite")
1045
def checker_dbus_property(self, value=None):
1046
if value is None: # get
1047
return dbus.String(self.checker_command)
1048
self.checker_command = value
1049
# Emit D-Bus signal
1050
self.PropertyChanged(dbus.String(u"checker"),
1051
dbus.String(self.checker_command,
1052
variant_level=1))
1053
1054
# checker_running - property
1055
@dbus_service_property(_interface, signature=u"b",
1056
access=u"readwrite")
1057
def checker_running_dbus_property(self, value=None):
1058
if value is None: # get
1059
return dbus.Boolean(self.checker is not None)
1060
if value:
1061
self.start_checker()
1062
else:
1063
self.stop_checker()
1064
1065
# object_path - property
1066
@dbus_service_property(_interface, signature=u"o", access=u"read")
1067
def object_path_dbus_property(self):
1068
return self.dbus_object_path # is already a dbus.ObjectPath
1069
1070
# secret = property
1071
@dbus_service_property(_interface, signature=u"ay",
1072
access=u"write", byte_arrays=True)
1073
def secret_dbus_property(self, value):
1074
self.secret = str(value)
1075
1076
del _interface
1077
1078
1079
class ProxyClient(object):
1080
def __init__(self, child_pipe, fpr, address):
1081
self._pipe = child_pipe
1082
self._pipe.send(('init', fpr, address))
1083
if not self._pipe.recv():
1084
raise KeyError()
1085
1086
def __getattribute__(self, name):
1087
if(name == '_pipe'):
1088
return super(ProxyClient, self).__getattribute__(name)
1089
self._pipe.send(('getattr', name))
1090
data = self._pipe.recv()
1091
if data[0] == 'data':
1092
return data[1]
1093
if data[0] == 'function':
1094
def func(*args, **kwargs):
1095
self._pipe.send(('funcall', name, args, kwargs))
1096
return self._pipe.recv()[1]
1097
return func
1098
1099
def __setattr__(self, name, value):
1100
if(name == '_pipe'):
1101
return super(ProxyClient, self).__setattr__(name, value)
1102
self._pipe.send(('setattr', name, value))
1103
1104
1105
class ClientHandler(socketserver.BaseRequestHandler, object):
1106
"""A class to handle client connections.
1107
1108
Instantiated once for each connection to handle it.
307
def still_valid(self, now=None):
308
"""Has the timeout not yet passed for this client?"""
309
if now is None:
310
now = datetime.datetime.now()
311
if self.last_seen is None:
312
return now < (self.created + self.timeout)
313
else:
314
return now < (self.last_seen + self.timeout)
315
316
317
def peer_certificate(session):
318
"Return the peer's OpenPGP certificate as a bytestring"
319
# If not an OpenPGP certificate...
320
if gnutls.library.functions.gnutls_certificate_type_get\
321
(session._c_object) \
322
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP:
323
# ...do the normal thing
324
return session.peer_certificate
325
list_size = ctypes.c_uint()
326
cert_list = gnutls.library.functions.gnutls_certificate_get_peers\
327
(session._c_object, ctypes.byref(list_size))
328
if list_size.value == 0:
329
return None
330
cert = cert_list[0]
331
return ctypes.string_at(cert.data, cert.size)
332
333
334
def fingerprint(openpgp):
335
"Convert an OpenPGP bytestring to a hexdigit fingerprint string"
336
# New empty GnuTLS certificate
337
crt = gnutls.library.types.gnutls_openpgp_crt_t()
338
gnutls.library.functions.gnutls_openpgp_crt_init\
339
(ctypes.byref(crt))
340
# New GnuTLS "datum" with the OpenPGP public key
341
datum = gnutls.library.types.gnutls_datum_t\
342
(ctypes.cast(ctypes.c_char_p(openpgp),
343
ctypes.POINTER(ctypes.c_ubyte)),
344
ctypes.c_uint(len(openpgp)))
345
# Import the OpenPGP public key into the certificate
346
ret = gnutls.library.functions.gnutls_openpgp_crt_import\
347
(crt,
348
ctypes.byref(datum),
349
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
350
# New buffer for the fingerprint
351
buffer = ctypes.create_string_buffer(20)
352
buffer_length = ctypes.c_size_t()
353
# Get the fingerprint from the certificate into the buffer
354
gnutls.library.functions.gnutls_openpgp_crt_get_fingerprint\
355
(crt, ctypes.byref(buffer), ctypes.byref(buffer_length))
356
# Deinit the certificate
357
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
358
# Convert the buffer to a Python bytestring
359
fpr = ctypes.string_at(buffer, buffer_length.value)
360
# Convert the bytestring to hexadecimal notation
361
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
362
return hex_fpr
363
364
365
class tcp_handler(SocketServer.BaseRequestHandler, object):
366
"""A TCP request handler class.
367
Instantiated by IPv6_TCPServer for each request to handle it.
1109
368
Note: This will run in its own forked process."""
1110
369
1111
370
def handle(self):
1112
with contextlib.closing(self.server.child_pipe) as child_pipe:
1113
logger.info(u"TCP connection from: %s",
1114
unicode(self.client_address))
1115
logger.debug(u"Pipe FD: %d",
1116
self.server.child_pipe.fileno())
1117
1118
session = (gnutls.connection
1119
.ClientSession(self.request,
1120
gnutls.connection
1121
.X509Credentials()))
1122
1123
# Note: gnutls.connection.X509Credentials is really a
1124
# generic GnuTLS certificate credentials object so long as
1125
# no X.509 keys are added to it. Therefore, we can use it
1126
# here despite using OpenPGP certificates.
1127
1128
#priority = u':'.join((u"NONE", u"+VERS-TLS1.1",
1129
# u"+AES-256-CBC", u"+SHA1",
1130
# u"+COMP-NULL", u"+CTYPE-OPENPGP",
1131
# u"+DHE-DSS"))
1132
# Use a fallback default, since this MUST be set.
1133
priority = self.server.gnutls_priority
1134
if priority is None:
1135
priority = u"NORMAL"
1136
(gnutls.library.functions
1137
.gnutls_priority_set_direct(session._c_object,
1138
priority, None))
1139
1140
# Start communication using the Mandos protocol
1141
# Get protocol number
1142
line = self.request.makefile().readline()
1143
logger.debug(u"Protocol version: %r", line)
1144
try:
1145
if int(line.strip().split()[0]) > 1:
1146
raise RuntimeError
1147
except (ValueError, IndexError, RuntimeError), error:
1148
logger.error(u"Unknown protocol version: %s", error)
1149
return
1150
1151
# Start GnuTLS connection
1152
try:
1153
session.handshake()
1154
except gnutls.errors.GNUTLSError, error:
1155
logger.warning(u"Handshake failed: %s", error)
1156
# Do not run session.bye() here: the session is not
1157
# established. Just abandon the request.
1158
return
1159
logger.debug(u"Handshake succeeded")
1160
1161
approval_required = False
1162
try:
1163
try:
1164
fpr = self.fingerprint(self.peer_certificate
1165
(session))
1166
except (TypeError, gnutls.errors.GNUTLSError), error:
1167
logger.warning(u"Bad certificate: %s", error)
1168
return
1169
logger.debug(u"Fingerprint: %s", fpr)
1170
1171
try:
1172
client = ProxyClient(child_pipe, fpr,
1173
self.client_address)
1174
except KeyError:
1175
return
1176
1177
if client.approved_delay:
1178
delay = client.approved_delay
1179
client.approvals_pending += 1
1180
approval_required = True
1181
1182
while True:
1183
if not client.enabled:
1184
logger.warning(u"Client %s is disabled",
1185
client.name)
1186
if self.server.use_dbus:
1187
# Emit D-Bus signal
1188
client.Rejected("Disabled")
1189
return
1190
1191
if client._approved or not client.approved_delay:
1192
#We are approved or approval is disabled
1193
break
1194
elif client._approved is None:
1195
logger.info(u"Client %s need approval",
1196
client.name)
1197
if self.server.use_dbus:
1198
# Emit D-Bus signal
1199
client.NeedApproval(
1200
client.approved_delay_milliseconds(),
1201
client.approved_by_default)
1202
else:
1203
logger.warning(u"Client %s was not approved",
1204
client.name)
1205
if self.server.use_dbus:
1206
# Emit D-Bus signal
1207
client.Rejected("Disapproved")
1208
return
1209
1210
#wait until timeout or approved
1211
#x = float(client._timedelta_to_milliseconds(delay))
1212
time = datetime.datetime.now()
1213
client.changedstate.acquire()
1214
client.changedstate.wait(float(client._timedelta_to_milliseconds(delay) / 1000))
1215
client.changedstate.release()
1216
time2 = datetime.datetime.now()
1217
if (time2 - time) >= delay:
1218
if not client.approved_by_default:
1219
logger.warning("Client %s timed out while"
1220
" waiting for approval",
1221
client.name)
1222
if self.server.use_dbus:
1223
# Emit D-Bus signal
1224
client.Rejected("Time out")
1225
return
1226
else:
1227
break
1228
else:
1229
delay -= time2 - time
1230
1231
sent_size = 0
1232
while sent_size < len(client.secret):
1233
try:
1234
sent = session.send(client.secret[sent_size:])
1235
except (gnutls.errors.GNUTLSError), error:
1236
logger.warning("gnutls send failed")
1237
return
1238
logger.debug(u"Sent: %d, remaining: %d",
1239
sent, len(client.secret)
1240
- (sent_size + sent))
1241
sent_size += sent
1242
1243
logger.info(u"Sending secret to %s", client.name)
1244
# bump the timeout as if seen
1245
client.checked_ok()
1246
if self.server.use_dbus:
1247
# Emit D-Bus signal
1248
client.GotSecret()
1249
1250
finally:
1251
if approval_required:
1252
client.approvals_pending -= 1
1253
try:
1254
session.bye()
1255
except (gnutls.errors.GNUTLSError), error:
1256
logger.warning("gnutls bye failed")
1257
1258
@staticmethod
1259
def peer_certificate(session):
1260
"Return the peer's OpenPGP certificate as a bytestring"
1261
# If not an OpenPGP certificate...
1262
if (gnutls.library.functions
1263
.gnutls_certificate_type_get(session._c_object)
1264
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
1265
# ...do the normal thing
1266
return session.peer_certificate
1267
list_size = ctypes.c_uint(1)
1268
cert_list = (gnutls.library.functions
1269
.gnutls_certificate_get_peers
1270
(session._c_object, ctypes.byref(list_size)))
1271
if not bool(cert_list) and list_size.value != 0:
1272
raise gnutls.errors.GNUTLSError(u"error getting peer"
1273
u" certificate")
1274
if list_size.value == 0:
1275
return None
1276
cert = cert_list[0]
1277
return ctypes.string_at(cert.data, cert.size)
1278
1279
@staticmethod
1280
def fingerprint(openpgp):
1281
"Convert an OpenPGP bytestring to a hexdigit fingerprint"
1282
# New GnuTLS "datum" with the OpenPGP public key
1283
datum = (gnutls.library.types
1284
.gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
1285
ctypes.POINTER
1286
(ctypes.c_ubyte)),
1287
ctypes.c_uint(len(openpgp))))
1288
# New empty GnuTLS certificate
1289
crt = gnutls.library.types.gnutls_openpgp_crt_t()
1290
(gnutls.library.functions
1291
.gnutls_openpgp_crt_init(ctypes.byref(crt)))
1292
# Import the OpenPGP public key into the certificate
1293
(gnutls.library.functions
1294
.gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
1295
gnutls.library.constants
1296
.GNUTLS_OPENPGP_FMT_RAW))
1297
# Verify the self signature in the key
1298
crtverify = ctypes.c_uint()
1299
(gnutls.library.functions
1300
.gnutls_openpgp_crt_verify_self(crt, 0,
1301
ctypes.byref(crtverify)))
1302
if crtverify.value != 0:
1303
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1304
raise (gnutls.errors.CertificateSecurityError
1305
(u"Verify failed"))
1306
# New buffer for the fingerprint
1307
buf = ctypes.create_string_buffer(20)
1308
buf_len = ctypes.c_size_t()
1309
# Get the fingerprint from the certificate into the buffer
1310
(gnutls.library.functions
1311
.gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
1312
ctypes.byref(buf_len)))
1313
# Deinit the certificate
1314
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1315
# Convert the buffer to a Python bytestring
1316
fpr = ctypes.string_at(buf, buf_len.value)
1317
# Convert the bytestring to hexadecimal notation
1318
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
1319
return hex_fpr
1320
1321
1322
class MultiprocessingMixIn(object):
1323
"""Like socketserver.ThreadingMixIn, but with multiprocessing"""
1324
def sub_process_main(self, request, address):
1325
try:
1326
self.finish_request(request, address)
1327
except:
1328
self.handle_error(request, address)
1329
self.close_request(request)
1330
1331
def process_request(self, request, address):
1332
"""Start a new process to process the request."""
1333
multiprocessing.Process(target = self.sub_process_main,
1334
args = (request, address)).start()
1335
1336
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1337
""" adds a pipe to the MixIn """
1338
def process_request(self, request, client_address):
1339
"""Overrides and wraps the original process_request().
1340
1341
This function creates a new pipe in self.pipe
1342
"""
1343
parent_pipe, self.child_pipe = multiprocessing.Pipe()
1344
1345
super(MultiprocessingMixInWithPipe,
1346
self).process_request(request, client_address)
1347
self.child_pipe.close()
1348
self.add_pipe(parent_pipe)
1349
1350
def add_pipe(self, parent_pipe):
1351
"""Dummy function; override as necessary"""
1352
pass
1353
1354
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
1355
socketserver.TCPServer, object):
1356
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
1357
371
logger.debug(u"TCP connection from: %s",
372
unicode(self.client_address))
373
session = gnutls.connection.ClientSession(self.request,
374
gnutls.connection.\
375
X509Credentials())
376
377
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
378
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
379
# "+DHE-DSS"))
380
priority = "SECURE256"
381
382
gnutls.library.functions.gnutls_priority_set_direct\
383
(session._c_object, priority, None);
384
385
try:
386
session.handshake()
387
except gnutls.errors.GNUTLSError, error:
388
logger.debug(u"Handshake failed: %s", error)
389
# Do not run session.bye() here: the session is not
390
# established. Just abandon the request.
391
return
392
try:
393
fpr = fingerprint(peer_certificate(session))
394
except (TypeError, gnutls.errors.GNUTLSError), error:
395
logger.debug(u"Bad certificate: %s", error)
396
session.bye()
397
return
398
logger.debug(u"Fingerprint: %s", fpr)
399
client = None
400
for c in self.server.clients:
401
if c.fingerprint == fpr:
402
client = c
403
break
404
# Have to check if client.still_valid(), since it is possible
405
# that the client timed out while establishing the GnuTLS
406
# session.
407
if (not client) or (not client.still_valid()):
408
if client:
409
logger.debug(u"Client %(name)s is invalid",
410
vars(client))
411
else:
412
logger.debug(u"Client not found for fingerprint: %s",
413
fpr)
414
session.bye()
415
return
416
sent_size = 0
417
while sent_size < len(client.secret):
418
sent = session.send(client.secret[sent_size:])
419
logger.debug(u"Sent: %d, remaining: %d",
420
sent, len(client.secret)
421
- (sent_size + sent))
422
sent_size += sent
423
session.bye()
424
425
426
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
427
"""IPv6 TCP server. Accepts 'None' as address and/or port.
1358
428
Attributes:
1359
enabled: Boolean; whether this server is activated yet
1360
interface: None or a network interface name (string)
1361
use_ipv6: Boolean; to use IPv6 or not
429
options: Command line options
430
clients: Set() of Client objects
1362
431
"""
1363
def __init__(self, server_address, RequestHandlerClass,
1364
interface=None, use_ipv6=True):
1365
self.interface = interface
1366
if use_ipv6:
1367
self.address_family = socket.AF_INET6
1368
socketserver.TCPServer.__init__(self, server_address,
1369
RequestHandlerClass)
432
address_family = socket.AF_INET6
433
def __init__(self, *args, **kwargs):
434
if "options" in kwargs:
435
self.options = kwargs["options"]
436
del kwargs["options"]
437
if "clients" in kwargs:
438
self.clients = kwargs["clients"]
439
del kwargs["clients"]
440
return super(type(self), self).__init__(*args, **kwargs)
1370
441
def server_bind(self):
1371
442
"""This overrides the normal server_bind() function
1372
443
to bind to an interface if one was specified, and also NOT to
1373
444
bind to an address or port if they were not specified."""
1374
if self.interface is not None:
1375
if SO_BINDTODEVICE is None:
1376
logger.error(u"SO_BINDTODEVICE does not exist;"
1377
u" cannot bind to interface %s",
1378
self.interface)
1379
else:
1380
try:
1381
self.socket.setsockopt(socket.SOL_SOCKET,
1382
SO_BINDTODEVICE,
1383
str(self.interface
1384
+ u'\0'))
1385
except socket.error, error:
1386
if error[0] == errno.EPERM:
1387
logger.error(u"No permission to"
1388
u" bind to interface %s",
1389
self.interface)
1390
elif error[0] == errno.ENOPROTOOPT:
1391
logger.error(u"SO_BINDTODEVICE not available;"
1392
u" cannot bind to interface %s",
1393
self.interface)
1394
else:
1395
raise
445
if self.options.interface:
446
if not hasattr(socket, "SO_BINDTODEVICE"):
447
# From /usr/include/asm-i486/socket.h
448
socket.SO_BINDTODEVICE = 25
449
try:
450
self.socket.setsockopt(socket.SOL_SOCKET,
451
socket.SO_BINDTODEVICE,
452
self.options.interface)
453
except socket.error, error:
454
if error[0] == errno.EPERM:
455
logger.warning(u"No permission to"
456
u" bind to interface %s",
457
self.options.interface)
458
else:
459
raise error
1396
460
# Only bind(2) the socket if we really need to.
1397
461
if self.server_address[0] or self.server_address[1]:
1398
462
if not self.server_address[0]:
1399
if self.address_family == socket.AF_INET6:
1400
any_address = u"::" # in6addr_any
1401
else:
1402
any_address = socket.INADDR_ANY
1403
self.server_address = (any_address,
463
in6addr_any = "::"
464
self.server_address = (in6addr_any,
1404
465
self.server_address[1])
1405
elif not self.server_address[1]:
466
elif self.server_address[1] is None:
1406
467
self.server_address = (self.server_address[0],
1407
468
0)
1408
# if self.interface:
1409
# self.server_address = (self.server_address[0],
1410
# 0, # port
1411
# 0, # flowinfo
1412
# if_nametoindex
1413
# (self.interface))
1414
return socketserver.TCPServer.server_bind(self)
1415
1416
1417
class MandosServer(IPv6_TCPServer):
1418
"""Mandos server.
1419
1420
Attributes:
1421
clients: set of Client objects
1422
gnutls_priority GnuTLS priority string
1423
use_dbus: Boolean; to emit D-Bus signals or not
1424
1425
Assumes a gobject.MainLoop event loop.
1426
"""
1427
def __init__(self, server_address, RequestHandlerClass,
1428
interface=None, use_ipv6=True, clients=None,
1429
gnutls_priority=None, use_dbus=True):
1430
self.enabled = False
1431
self.clients = clients
1432
if self.clients is None:
1433
self.clients = set()
1434
self.use_dbus = use_dbus
1435
self.gnutls_priority = gnutls_priority
1436
IPv6_TCPServer.__init__(self, server_address,
1437
RequestHandlerClass,
1438
interface = interface,
1439
use_ipv6 = use_ipv6)
1440
def server_activate(self):
1441
if self.enabled:
1442
return socketserver.TCPServer.server_activate(self)
1443
def enable(self):
1444
self.enabled = True
1445
def add_pipe(self, parent_pipe):
1446
# Call "handle_ipc" for both data and EOF events
1447
gobject.io_add_watch(parent_pipe.fileno(),
1448
gobject.IO_IN | gobject.IO_HUP,
1449
functools.partial(self.handle_ipc,
1450
parent_pipe = parent_pipe))
1451
1452
def handle_ipc(self, source, condition, parent_pipe=None,
1453
client_object=None):
1454
condition_names = {
1455
gobject.IO_IN: u"IN", # There is data to read.
1456
gobject.IO_OUT: u"OUT", # Data can be written (without
1457
# blocking).
1458
gobject.IO_PRI: u"PRI", # There is urgent data to read.
1459
gobject.IO_ERR: u"ERR", # Error condition.
1460
gobject.IO_HUP: u"HUP" # Hung up (the connection has been
1461
# broken, usually for pipes and
1462
# sockets).
1463
}
1464
conditions_string = ' | '.join(name
1465
for cond, name in
1466
condition_names.iteritems()
1467
if cond & condition)
1468
logger.debug(u"Handling IPC: FD = %d, condition = %s", source,
1469
conditions_string)
1470
1471
# error or the other end of multiprocessing.Pipe has closed
1472
if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1473
return False
1474
1475
# Read a request from the child
1476
request = parent_pipe.recv()
1477
logger.debug(u"IPC request: %s", repr(request))
1478
command = request[0]
1479
1480
if command == 'init':
1481
fpr = request[1]
1482
address = request[2]
1483
1484
for c in self.clients:
1485
if c.fingerprint == fpr:
1486
client = c
1487
break
1488
else:
1489
logger.warning(u"Client not found for fingerprint: %s, ad"
1490
u"dress: %s", fpr, address)
1491
if self.use_dbus:
1492
# Emit D-Bus signal
1493
mandos_dbus_service.ClientNotFound(fpr, address)
1494
parent_pipe.send(False)
1495
return False
1496
1497
gobject.io_add_watch(parent_pipe.fileno(),
1498
gobject.IO_IN | gobject.IO_HUP,
1499
functools.partial(self.handle_ipc,
1500
parent_pipe = parent_pipe,
1501
client_object = client))
1502
parent_pipe.send(True)
1503
# remove the old hook in favor of the new above hook on same fileno
1504
return False
1505
if command == 'funcall':
1506
funcname = request[1]
1507
args = request[2]
1508
kwargs = request[3]
1509
1510
parent_pipe.send(('data', getattr(client_object, funcname)(*args, **kwargs)))
1511
1512
if command == 'getattr':
1513
attrname = request[1]
1514
if callable(client_object.__getattribute__(attrname)):
1515
parent_pipe.send(('function',))
1516
else:
1517
parent_pipe.send(('data', client_object.__getattribute__(attrname)))
1518
1519
if command == 'setattr':
1520
attrname = request[1]
1521
value = request[2]
1522
setattr(client_object, attrname, value)
1523
1524
return True
469
return super(type(self), self).server_bind()
1525
470
1526
471
1527
472
def string_to_delta(interval):
1528
473
"""Parse a string and return a datetime.timedelta
1529
1530
>>> string_to_delta(u'7d')
474
475
>>> string_to_delta('7d')
1531
476
datetime.timedelta(7)
1532
>>> string_to_delta(u'60s')
477
>>> string_to_delta('60s')
1533
478
datetime.timedelta(0, 60)
1534
>>> string_to_delta(u'60m')
479
>>> string_to_delta('60m')
1535
480
datetime.timedelta(0, 3600)
1536
>>> string_to_delta(u'24h')
481
>>> string_to_delta('24h')
1537
482
datetime.timedelta(1)
1538
483
>>> string_to_delta(u'1w')
1539
484
datetime.timedelta(7)
1540
>>> string_to_delta(u'5m 30s')
1541
datetime.timedelta(0, 330)
1542
485
"""
1543
timevalue = datetime.timedelta(0)
1544
for s in interval.split():
1545
try:
1546
suffix = unicode(s[-1])
1547
value = int(s[:-1])
1548
if suffix == u"d":
1549
delta = datetime.timedelta(value)
1550
elif suffix == u"s":
1551
delta = datetime.timedelta(0, value)
1552
elif suffix == u"m":
1553
delta = datetime.timedelta(0, 0, 0, 0, value)
1554
elif suffix == u"h":
1555
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
1556
elif suffix == u"w":
1557
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
1558
else:
1559
raise ValueError(u"Unknown suffix %r" % suffix)
1560
except (ValueError, IndexError), e:
1561
raise ValueError(e.message)
1562
timevalue += delta
1563
return timevalue
486
try:
487
suffix=unicode(interval[-1])
488
value=int(interval[:-1])
489
if suffix == u"d":
490
delta = datetime.timedelta(value)
491
elif suffix == u"s":
492
delta = datetime.timedelta(0, value)
493
elif suffix == u"m":
494
delta = datetime.timedelta(0, 0, 0, 0, value)
495
elif suffix == u"h":
496
delta = datetime.timedelta(0, 0, 0, 0, 0, value)
497
elif suffix == u"w":
498
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
499
else:
500
raise ValueError
501
except (ValueError, IndexError):
502
raise ValueError
503
return delta
504
505
506
def add_service():
507
"""Derived from the Avahi example code"""
508
global group, serviceName, serviceType, servicePort, serviceTXT, \
509
domain, host
510
if group is None:
511
group = dbus.Interface(
512
bus.get_object( avahi.DBUS_NAME,
513
server.EntryGroupNew()),
514
avahi.DBUS_INTERFACE_ENTRY_GROUP)
515
group.connect_to_signal('StateChanged',
516
entry_group_state_changed)
517
logger.debug(u"Adding service '%s' of type '%s' ...",
518
serviceName, serviceType)
519
520
group.AddService(
521
serviceInterface, # interface
522
avahi.PROTO_INET6, # protocol
523
dbus.UInt32(0), # flags
524
serviceName, serviceType,
525
domain, host,
526
dbus.UInt16(servicePort),
527
avahi.string_array_to_txt_array(serviceTXT))
528
group.Commit()
529
530
531
def remove_service():
532
"""From the Avahi example code"""
533
global group
534
535
if not group is None:
536
group.Reset()
537
538
539
def server_state_changed(state):
540
"""Derived from the Avahi example code"""
541
if state == avahi.SERVER_COLLISION:
542
logger.warning(u"Server name collision")
543
remove_service()
544
elif state == avahi.SERVER_RUNNING:
545
add_service()
546
547
548
def entry_group_state_changed(state, error):
549
"""Derived from the Avahi example code"""
550
global serviceName, server, rename_count
551
552
logger.debug(u"state change: %i", state)
553
554
if state == avahi.ENTRY_GROUP_ESTABLISHED:
555
logger.debug(u"Service established.")
556
elif state == avahi.ENTRY_GROUP_COLLISION:
557
558
rename_count = rename_count - 1
559
if rename_count > 0:
560
name = server.GetAlternativeServiceName(name)
561
logger.warning(u"Service name collision, "
562
u"changing name to '%s' ...", name)
563
remove_service()
564
add_service()
565
566
else:
567
logger.error(u"No suitable service name found after %i"
568
u" retries, exiting.", n_rename)
569
killme(1)
570
elif state == avahi.ENTRY_GROUP_FAILURE:
571
logger.error(u"Error in group state changed %s",
572
unicode(error))
573
killme(1)
1564
574
1565
575
1566
576
def if_nametoindex(interface):
1567
"""Call the C function if_nametoindex(), or equivalent
1568
1569
Note: This function cannot accept a unicode string."""
1570
global if_nametoindex
577
"""Call the C function if_nametoindex()"""
1571
578
try:
1572
if_nametoindex = (ctypes.cdll.LoadLibrary
1573
(ctypes.util.find_library(u"c"))
1574
.if_nametoindex)
579
libc = ctypes.cdll.LoadLibrary("libc.so.6")
580
return libc.if_nametoindex(interface)
1575
581
except (OSError, AttributeError):
1576
logger.warning(u"Doing if_nametoindex the hard way")
1577
def if_nametoindex(interface):
1578
"Get an interface index the hard way, i.e. using fcntl()"
1579
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
1580
with contextlib.closing(socket.socket()) as s:
1581
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
1582
struct.pack(str(u"16s16x"),
1583
interface))
1584
interface_index = struct.unpack(str(u"I"),
1585
ifreq[16:20])[0]
1586
return interface_index
1587
return if_nametoindex(interface)
1588
1589
1590
def daemon(nochdir = False, noclose = False):
582
if "struct" not in sys.modules:
583
import struct
584
if "fcntl" not in sys.modules:
585
import fcntl
586
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
587
s = socket.socket()
588
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
589
struct.pack("16s16x", interface))
590
s.close()
591
interface_index = struct.unpack("I", ifreq[16:20])[0]
592
return interface_index
593
594
595
def daemon(nochdir, noclose):
1591
596
"""See daemon(3). Standard BSD Unix function.
1592
1593
597
This should really exist as os.daemon, but it doesn't (yet)."""
1594
598
if os.fork():
1595
599
sys.exit()
1596
600
os.setsid()
1597
601
if not nochdir:
1598
os.chdir(u"/")
1599
if os.fork():
1600
sys.exit()
602
os.chdir("/")
1601
603
if not noclose:
1602
604
# Close all standard open file descriptors
1603
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
605
null = os.open("/dev/null", os.O_NOCTTY | os.O_RDWR)
1604
606
if not stat.S_ISCHR(os.fstat(null).st_mode):
1605
607
raise OSError(errno.ENODEV,
1606
u"%s not a character device"
1607
% os.path.devnull)
608
"/dev/null not a character device")
1608
609
os.dup2(null, sys.stdin.fileno())
1609
610
os.dup2(null, sys.stdout.fileno())
1610
611
os.dup2(null, sys.stderr.fileno())
1612
613
os.close(null)
1613
614
1614
615
616
def killme(status = 0):
617
logger.debug("Stopping server with exit status %d", status)
618
exitstatus = status
619
if main_loop_started:
620
main_loop.quit()
621
else:
622
sys.exit(status)
623
624
1615
625
def main():
1616
1617
##################################################################
1618
# Parsing of options, both command line and config file
1619
1620
parser = optparse.OptionParser(version = "%%prog %s" % version)
1621
parser.add_option("-i", u"--interface", type=u"string",
1622
metavar="IF", help=u"Bind to interface IF")
1623
parser.add_option("-a", u"--address", type=u"string",
1624
help=u"Address to listen for requests on")
1625
parser.add_option("-p", u"--port", type=u"int",
1626
help=u"Port number to receive requests on")
1627
parser.add_option("--check", action=u"store_true",
1628
help=u"Run self-test")
1629
parser.add_option("--debug", action=u"store_true",
1630
help=u"Debug mode; run in foreground and log to"
1631
u" terminal")
1632
parser.add_option("--debuglevel", type=u"string", metavar="Level",
1633
help=u"Debug level for stdout output")
1634
parser.add_option("--priority", type=u"string", help=u"GnuTLS"
1635
u" priority string (see GnuTLS documentation)")
1636
parser.add_option("--servicename", type=u"string",
1637
metavar=u"NAME", help=u"Zeroconf service name")
1638
parser.add_option("--configdir", type=u"string",
1639
default=u"/etc/mandos", metavar=u"DIR",
1640
help=u"Directory to search for configuration"
1641
u" files")
1642
parser.add_option("--no-dbus", action=u"store_false",
1643
dest=u"use_dbus", help=u"Do not provide D-Bus"
1644
u" system bus interface")
1645
parser.add_option("--no-ipv6", action=u"store_false",
1646
dest=u"use_ipv6", help=u"Do not use IPv6")
1647
options = parser.parse_args()[0]
626
global exitstatus
627
exitstatus = 0
628
global main_loop_started
629
main_loop_started = False
630
631
parser = OptionParser()
632
parser.add_option("-i", "--interface", type="string",
633
default=None, metavar="IF",
634
help="Bind to interface IF")
635
parser.add_option("-a", "--address", type="string", default=None,
636
help="Address to listen for requests on")
637
parser.add_option("-p", "--port", type="int", default=None,
638
help="Port number to receive requests on")
639
parser.add_option("--timeout", type="string", # Parsed later
640
default="1h",
641
help="Amount of downtime allowed for clients")
642
parser.add_option("--interval", type="string", # Parsed later
643
default="5m",
644
help="How often to check that a client is up")
645
parser.add_option("--check", action="store_true", default=False,
646
help="Run self-test")
647
parser.add_option("--debug", action="store_true", default=False,
648
help="Debug mode")
649
(options, args) = parser.parse_args()
1648
650
1649
651
if options.check:
1650
652
import doctest
1651
653
doctest.testmod()
1652
654
sys.exit()
1653
655
1654
# Default values for config file for server-global settings
1655
server_defaults = { u"interface": u"",
1656
u"address": u"",
1657
u"port": u"",
1658
u"debug": u"False",
1659
u"priority":
1660
u"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
1661
u"servicename": u"Mandos",
1662
u"use_dbus": u"True",
1663
u"use_ipv6": u"True",
1664
u"debuglevel": u"",
1665
}
1666
1667
# Parse config file for server-global settings
1668
server_config = configparser.SafeConfigParser(server_defaults)
1669
del server_defaults
1670
server_config.read(os.path.join(options.configdir,
1671
u"mandos.conf"))
1672
# Convert the SafeConfigParser object to a dict
1673
server_settings = server_config.defaults()
1674
# Use the appropriate methods on the non-string config options
1675
for option in (u"debug", u"use_dbus", u"use_ipv6"):
1676
server_settings[option] = server_config.getboolean(u"DEFAULT",
1677
option)
1678
if server_settings["port"]:
1679
server_settings["port"] = server_config.getint(u"DEFAULT",
1680
u"port")
1681
del server_config
1682
1683
# Override the settings from the config file with command line
1684
# options, if set.
1685
for option in (u"interface", u"address", u"port", u"debug",
1686
u"priority", u"servicename", u"configdir",
1687
u"use_dbus", u"use_ipv6", u"debuglevel"):
1688
value = getattr(options, option)
1689
if value is not None:
1690
server_settings[option] = value
1691
del options
1692
# Force all strings to be unicode
1693
for option in server_settings.keys():
1694
if type(server_settings[option]) is str:
1695
server_settings[option] = unicode(server_settings[option])
1696
# Now we have our good server settings in "server_settings"
1697
1698
##################################################################
1699
1700
# For convenience
1701
debug = server_settings[u"debug"]
1702
debuglevel = server_settings[u"debuglevel"]
1703
use_dbus = server_settings[u"use_dbus"]
1704
use_ipv6 = server_settings[u"use_ipv6"]
1705
1706
if server_settings[u"servicename"] != u"Mandos":
1707
syslogger.setFormatter(logging.Formatter
1708
(u'Mandos (%s) [%%(process)d]:'
1709
u' %%(levelname)s: %%(message)s'
1710
% server_settings[u"servicename"]))
1711
1712
# Parse config file with clients
1713
client_defaults = { u"timeout": u"1h",
1714
u"interval": u"5m",
1715
u"checker": u"fping -q -- %%(host)s",
1716
u"host": u"",
1717
u"approved_delay": u"0s",
1718
u"approved_duration": u"1s",
1719
}
1720
client_config = configparser.SafeConfigParser(client_defaults)
1721
client_config.read(os.path.join(server_settings[u"configdir"],
1722
u"clients.conf"))
1723
1724
global mandos_dbus_service
1725
mandos_dbus_service = None
1726
1727
tcp_server = MandosServer((server_settings[u"address"],
1728
server_settings[u"port"]),
1729
ClientHandler,
1730
interface=server_settings[u"interface"],
1731
use_ipv6=use_ipv6,
1732
gnutls_priority=
1733
server_settings[u"priority"],
1734
use_dbus=use_dbus)
1735
pidfilename = u"/var/run/mandos.pid"
1736
try:
1737
pidfile = open(pidfilename, u"w")
1738
except IOError:
1739
logger.error(u"Could not open file %r", pidfilename)
1740
1741
try:
1742
uid = pwd.getpwnam(u"_mandos").pw_uid
1743
gid = pwd.getpwnam(u"_mandos").pw_gid
1744
except KeyError:
1745
try:
1746
uid = pwd.getpwnam(u"mandos").pw_uid
1747
gid = pwd.getpwnam(u"mandos").pw_gid
1748
except KeyError:
1749
try:
1750
uid = pwd.getpwnam(u"nobody").pw_uid
1751
gid = pwd.getpwnam(u"nobody").pw_gid
1752
except KeyError:
1753
uid = 65534
1754
gid = 65534
1755
try:
1756
os.setgid(gid)
1757
os.setuid(uid)
1758
except OSError, error:
1759
if error[0] != errno.EPERM:
1760
raise error
1761
1762
# Enable all possible GnuTLS debugging
1763
1764
1765
if not debug and not debuglevel:
1766
syslogger.setLevel(logging.WARNING)
1767
console.setLevel(logging.WARNING)
1768
if debuglevel:
1769
level = getattr(logging, debuglevel.upper())
1770
syslogger.setLevel(level)
1771
console.setLevel(level)
1772
1773
if debug:
1774
# "Use a log level over 10 to enable all debugging options."
1775
# - GnuTLS manual
1776
gnutls.library.functions.gnutls_global_set_log_level(11)
1777
1778
@gnutls.library.types.gnutls_log_func
1779
def debug_gnutls(level, string):
1780
logger.debug(u"GnuTLS: %s", string[:-1])
1781
1782
(gnutls.library.functions
1783
.gnutls_global_set_log_function(debug_gnutls))
1784
1785
# Redirect stdin so all checkers get /dev/null
1786
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1787
os.dup2(null, sys.stdin.fileno())
1788
if null > 2:
1789
os.close(null)
1790
else:
1791
# No console logging
1792
logger.removeHandler(console)
1793
656
# Parse the time arguments
657
try:
658
options.timeout = string_to_delta(options.timeout)
659
except ValueError:
660
parser.error("option --timeout: Unparseable time")
661
try:
662
options.interval = string_to_delta(options.interval)
663
except ValueError:
664
parser.error("option --interval: Unparseable time")
665
666
# Parse config file
667
defaults = { "checker": "fping -q -- %%(fqdn)s" }
668
client_config = ConfigParser.SafeConfigParser(defaults)
669
#client_config.readfp(open("global.conf"), "global.conf")
670
client_config.read("mandos-clients.conf")
1794
671
1795
672
global main_loop
673
global bus
674
global server
1796
675
# From the Avahi example code
1797
676
DBusGMainLoop(set_as_default=True )
1798
677
main_loop = gobject.MainLoop()
1799
678
bus = dbus.SystemBus()
679
server = dbus.Interface(
680
bus.get_object( avahi.DBUS_NAME, avahi.DBUS_PATH_SERVER ),
681
avahi.DBUS_INTERFACE_SERVER )
1800
682
# End of Avahi example code
1801
if use_dbus:
1802
try:
1803
bus_name = dbus.service.BusName(u"se.bsnet.fukt.Mandos",
1804
bus, do_not_queue=True)
1805
except dbus.exceptions.NameExistsException, e:
1806
logger.error(unicode(e) + u", disabling D-Bus")
1807
use_dbus = False
1808
server_settings[u"use_dbus"] = False
1809
tcp_server.use_dbus = False
1810
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
1811
service = AvahiService(name = server_settings[u"servicename"],
1812
servicetype = u"_mandos._tcp",
1813
protocol = protocol, bus = bus)
1814
if server_settings["interface"]:
1815
service.interface = (if_nametoindex
1816
(str(server_settings[u"interface"])))
1817
1818
if not debug:
1819
# Close all input and output, do double fork, etc.
1820
daemon()
1821
1822
global multiprocessing_manager
1823
multiprocessing_manager = multiprocessing.Manager()
1824
1825
client_class = Client
1826
if use_dbus:
1827
client_class = functools.partial(ClientDBus, bus = bus)
1828
def client_config_items(config, section):
1829
special_settings = {
1830
"approved_by_default":
1831
lambda: config.getboolean(section,
1832
"approved_by_default"),
1833
}
1834
for name, value in config.items(section):
1835
try:
1836
yield (name, special_settings[name]())
1837
except KeyError:
1838
yield (name, value)
1839
1840
tcp_server.clients.update(set(
1841
client_class(name = section,
1842
config= dict(client_config_items(
1843
client_config, section)))
1844
for section in client_config.sections()))
1845
if not tcp_server.clients:
1846
logger.warning(u"No clients defined")
1847
1848
try:
1849
with pidfile:
1850
pid = os.getpid()
1851
pidfile.write(str(pid) + "\n")
1852
del pidfile
1853
except IOError:
1854
logger.error(u"Could not write to file %r with PID %d",
1855
pidfilename, pid)
1856
except NameError:
1857
# "pidfile" was never created
1858
pass
1859
del pidfilename
1860
1861
if not debug:
1862
signal.signal(signal.SIGINT, signal.SIG_IGN)
1863
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
1864
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
1865
1866
if use_dbus:
1867
class MandosDBusService(dbus.service.Object):
1868
"""A D-Bus proxy object"""
1869
def __init__(self):
1870
dbus.service.Object.__init__(self, bus, u"/")
1871
_interface = u"se.bsnet.fukt.Mandos"
1872
1873
@dbus.service.signal(_interface, signature=u"o")
1874
def ClientAdded(self, objpath):
1875
"D-Bus signal"
1876
pass
1877
1878
@dbus.service.signal(_interface, signature=u"ss")
1879
def ClientNotFound(self, fingerprint, address):
1880
"D-Bus signal"
1881
pass
1882
1883
@dbus.service.signal(_interface, signature=u"os")
1884
def ClientRemoved(self, objpath, name):
1885
"D-Bus signal"
1886
pass
1887
1888
@dbus.service.method(_interface, out_signature=u"ao")
1889
def GetAllClients(self):
1890
"D-Bus method"
1891
return dbus.Array(c.dbus_object_path
1892
for c in tcp_server.clients)
1893
1894
@dbus.service.method(_interface,
1895
out_signature=u"a{oa{sv}}")
1896
def GetAllClientsWithProperties(self):
1897
"D-Bus method"
1898
return dbus.Dictionary(
1899
((c.dbus_object_path, c.GetAll(u""))
1900
for c in tcp_server.clients),
1901
signature=u"oa{sv}")
1902
1903
@dbus.service.method(_interface, in_signature=u"o")
1904
def RemoveClient(self, object_path):
1905
"D-Bus method"
1906
for c in tcp_server.clients:
1907
if c.dbus_object_path == object_path:
1908
tcp_server.clients.remove(c)
1909
c.remove_from_connection()
1910
# Don't signal anything except ClientRemoved
1911
c.disable(quiet=True)
1912
# Emit D-Bus signal
1913
self.ClientRemoved(object_path, c.name)
1914
return
1915
raise KeyError(object_path)
1916
1917
del _interface
1918
1919
mandos_dbus_service = MandosDBusService()
683
684
debug = options.debug
685
686
if debug:
687
console = logging.StreamHandler()
688
# console.setLevel(logging.DEBUG)
689
console.setFormatter(logging.Formatter\
690
('%(levelname)s: %(message)s'))
691
logger.addHandler(console)
692
del console
693
694
clients = Set()
695
def remove_from_clients(client):
696
clients.remove(client)
697
if not clients:
698
logger.debug(u"No clients left, exiting")
699
killme()
700
701
clients.update(Set(Client(name=section, options=options,
702
stop_hook = remove_from_clients,
703
**(dict(client_config\
704
.items(section))))
705
for section in client_config.sections()))
706
707
if not debug:
708
daemon(False, False)
1920
709
1921
710
def cleanup():
1922
711
"Cleanup function; run on exit"
1923
service.cleanup()
1924
1925
while tcp_server.clients:
1926
client = tcp_server.clients.pop()
1927
if use_dbus:
1928
client.remove_from_connection()
1929
client.disable_hook = None
1930
# Don't signal anything except ClientRemoved
1931
client.disable(quiet=True)
1932
if use_dbus:
1933
# Emit D-Bus signal
1934
mandos_dbus_service.ClientRemoved(client.dbus_object_path,
1935
client.name)
1936
1937
atexit.register(cleanup)
1938
1939
for client in tcp_server.clients:
1940
if use_dbus:
1941
# Emit D-Bus signal
1942
mandos_dbus_service.ClientAdded(client.dbus_object_path)
1943
client.enable()
1944
1945
tcp_server.enable()
1946
tcp_server.server_activate()
1947
1948
# Find out what port we got
1949
service.port = tcp_server.socket.getsockname()[1]
1950
if use_ipv6:
1951
logger.info(u"Now listening on address %r, port %d,"
1952
" flowinfo %d, scope_id %d"
1953
% tcp_server.socket.getsockname())
1954
else: # IPv4
1955
logger.info(u"Now listening on address %r, port %d"
1956
% tcp_server.socket.getsockname())
1957
1958
#service.interface = tcp_server.socket.getsockname()[3]
1959
1960
try:
712
global group
1961
713
# From the Avahi example code
1962
try:
1963
service.activate()
1964
except dbus.exceptions.DBusException, error:
1965
logger.critical(u"DBusException: %s", error)
1966
cleanup()
1967
sys.exit(1)
714
if not group is None:
715
group.Free()
716
group = None
1968
717
# End of Avahi example code
1969
718
1970
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
1971
lambda *args, **kwargs:
1972
(tcp_server.handle_request
1973
(*args[2:], **kwargs) or True))
1974
1975
logger.debug(u"Starting main loop")
719
while clients:
720
client = clients.pop()
721
client.stop_hook = None
722
client.stop()
723
724
atexit.register(cleanup)
725
726
if not debug:
727
signal.signal(signal.SIGINT, signal.SIG_IGN)
728
signal.signal(signal.SIGHUP, lambda signum, frame: killme())
729
signal.signal(signal.SIGTERM, lambda signum, frame: killme())
730
731
for client in clients:
732
client.start()
733
734
tcp_server = IPv6_TCPServer((options.address, options.port),
735
tcp_handler,
736
options=options,
737
clients=clients)
738
# Find out what random port we got
739
global servicePort
740
servicePort = tcp_server.socket.getsockname()[1]
741
logger.debug(u"Now listening on port %d", servicePort)
742
743
if options.interface is not None:
744
global serviceInterface
745
serviceInterface = if_nametoindex(options.interface)
746
747
# From the Avahi example code
748
server.connect_to_signal("StateChanged", server_state_changed)
749
try:
750
server_state_changed(server.GetState())
751
except dbus.exceptions.DBusException, error:
752
logger.critical(u"DBusException: %s", error)
753
killme(1)
754
# End of Avahi example code
755
756
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
757
lambda *args, **kwargs:
758
tcp_server.handle_request(*args[2:],
759
**kwargs) or True)
760
try:
761
logger.debug("Starting main loop")
762
main_loop_started = True
1976
763
main_loop.run()
1977
except AvahiError, error:
1978
logger.critical(u"AvahiError: %s", error)
1979
cleanup()
1980
sys.exit(1)
1981
764
except KeyboardInterrupt:
1982
765
if debug:
1983
print >> sys.stderr
1984
logger.debug(u"Server received KeyboardInterrupt")
1985
logger.debug(u"Server exiting")
1986
# Must run before the D-Bus bus name gets deregistered
1987
cleanup()
766
print
767
768
sys.exit(exitstatus)
1988
769
1989
770
if __name__ == '__main__':
1990
771
main()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0