/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

  • Committer: Teddy Hogeborn
  • Date: 2008-09-19 16:41:13 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080919164113-j9egog1aqb1dh731
* debian/mandos-client.postinst (create_key): Do not abort on existing
                                              keys.

Show diffs side-by-side

added added

removed removed

Lines of Context:
6
6
# This program is partly derived from an example program for an Avahi
7
7
# service publisher, downloaded from
8
8
# <http://avahi.org/wiki/PythonPublishExample>.  This includes the
9
 
# methods "add", "remove", "server_state_changed",
10
 
# "entry_group_state_changed", "cleanup", and "activate" in the
11
 
# "AvahiService" class, and some lines in "main".
 
9
# methods "add" and "remove" in the "AvahiService" class, the
 
10
# "server_state_changed" and "entry_group_state_changed" functions,
 
11
# and some lines in "main".
12
12
13
13
# Everything else is
14
 
# Copyright © 2008-2011 Teddy Hogeborn
15
 
# Copyright © 2008-2011 Björn Påhlsson
 
14
# Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
16
15
17
16
# This program is free software: you can redistribute it and/or modify
18
17
# it under the terms of the GNU General Public License as published by
28
27
# along with this program.  If not, see
29
28
# <http://www.gnu.org/licenses/>.
30
29
31
 
# Contact the authors at <mandos@recompile.se>.
 
30
# Contact the authors at <mandos@fukt.bsnet.se>.
32
31
33
32
 
34
 
from __future__ import (division, absolute_import, print_function,
35
 
                        unicode_literals)
 
33
from __future__ import division
36
34
 
37
 
import SocketServer as socketserver
 
35
import SocketServer
38
36
import socket
39
 
import argparse
 
37
import select
 
38
from optparse import OptionParser
40
39
import datetime
41
40
import errno
42
41
import gnutls.crypto
45
44
import gnutls.library.functions
46
45
import gnutls.library.constants
47
46
import gnutls.library.types
48
 
import ConfigParser as configparser
 
47
import ConfigParser
49
48
import sys
50
49
import re
51
50
import os
52
51
import signal
 
52
from sets import Set
53
53
import subprocess
54
54
import atexit
55
55
import stat
56
56
import logging
57
57
import logging.handlers
58
58
import pwd
59
 
import contextlib
60
 
import struct
61
 
import fcntl
62
 
import functools
63
 
import cPickle as pickle
64
 
import multiprocessing
65
 
import types
66
59
 
67
60
import dbus
68
 
import dbus.service
69
61
import gobject
70
62
import avahi
71
63
from dbus.mainloop.glib import DBusGMainLoop
72
64
import ctypes
73
 
import ctypes.util
74
 
import xml.dom.minidom
75
 
import inspect
76
 
 
77
 
try:
78
 
    SO_BINDTODEVICE = socket.SO_BINDTODEVICE
79
 
except AttributeError:
80
 
    try:
81
 
        from IN import SO_BINDTODEVICE
82
 
    except ImportError:
83
 
        SO_BINDTODEVICE = None
84
 
 
85
 
 
86
 
version = "1.4.1"
87
 
 
88
 
logger = logging.getLogger()
89
 
syslogger = (logging.handlers.SysLogHandler
90
 
             (facility = logging.handlers.SysLogHandler.LOG_DAEMON,
91
 
              address = str("/dev/log")))
92
 
syslogger.setFormatter(logging.Formatter
93
 
                       ('Mandos [%(process)d]: %(levelname)s:'
94
 
                        ' %(message)s'))
 
65
 
 
66
version = "1.0"
 
67
 
 
68
logger = logging.Logger('mandos')
 
69
syslogger = logging.handlers.SysLogHandler\
 
70
            (facility = logging.handlers.SysLogHandler.LOG_DAEMON,
 
71
             address = "/dev/log")
 
72
syslogger.setFormatter(logging.Formatter\
 
73
                        ('Mandos: %(levelname)s: %(message)s'))
95
74
logger.addHandler(syslogger)
96
75
 
97
76
console = logging.StreamHandler()
98
 
console.setFormatter(logging.Formatter('%(asctime)s %(name)s'
99
 
                                       ' [%(process)d]:'
100
 
                                       ' %(levelname)s:'
 
77
console.setFormatter(logging.Formatter('%(name)s: %(levelname)s:'
101
78
                                       ' %(message)s'))
102
79
logger.addHandler(console)
103
80
 
104
 
 
105
81
class AvahiError(Exception):
106
 
    def __init__(self, value, *args, **kwargs):
 
82
    def __init__(self, value):
107
83
        self.value = value
108
 
        super(AvahiError, self).__init__(value, *args, **kwargs)
109
 
    def __unicode__(self):
110
 
        return unicode(repr(self.value))
 
84
    def __str__(self):
 
85
        return repr(self.value)
111
86
 
112
87
class AvahiServiceError(AvahiError):
113
88
    pass
118
93
 
119
94
class AvahiService(object):
120
95
    """An Avahi (Zeroconf) service.
121
 
    
122
96
    Attributes:
123
97
    interface: integer; avahi.IF_UNSPEC or an interface index.
124
98
               Used to optionally bind to the specified interface.
132
106
    max_renames: integer; maximum number of renames
133
107
    rename_count: integer; counter so we only rename after collisions
134
108
                  a sensible number of times
135
 
    group: D-Bus Entry Group
136
 
    server: D-Bus Server
137
 
    bus: dbus.SystemBus()
138
109
    """
139
110
    def __init__(self, interface = avahi.IF_UNSPEC, name = None,
140
 
                 servicetype = None, port = None, TXT = None,
141
 
                 domain = "", host = "", max_renames = 32768,
142
 
                 protocol = avahi.PROTO_UNSPEC, bus = None):
 
111
                 type = None, port = None, TXT = None, domain = "",
 
112
                 host = "", max_renames = 32768):
143
113
        self.interface = interface
144
114
        self.name = name
145
 
        self.type = servicetype
 
115
        self.type = type
146
116
        self.port = port
147
 
        self.TXT = TXT if TXT is not None else []
 
117
        if TXT is None:
 
118
            self.TXT = []
 
119
        else:
 
120
            self.TXT = TXT
148
121
        self.domain = domain
149
122
        self.host = host
150
123
        self.rename_count = 0
151
124
        self.max_renames = max_renames
152
 
        self.protocol = protocol
153
 
        self.group = None       # our entry group
154
 
        self.server = None
155
 
        self.bus = bus
156
 
        self.entry_group_state_changed_match = None
157
125
    def rename(self):
158
126
        """Derived from the Avahi example code"""
159
127
        if self.rename_count >= self.max_renames:
160
 
            logger.critical("No suitable Zeroconf service name found"
161
 
                            " after %i retries, exiting.",
162
 
                            self.rename_count)
 
128
            logger.critical(u"No suitable Zeroconf service name found"
 
129
                            u" after %i retries, exiting.",
 
130
                            rename_count)
163
131
            raise AvahiServiceError("Too many renames")
164
 
        self.name = unicode(self.server
165
 
                            .GetAlternativeServiceName(self.name))
166
 
        logger.info("Changing Zeroconf service name to %r ...",
167
 
                    self.name)
 
132
        self.name = server.GetAlternativeServiceName(self.name)
 
133
        logger.info(u"Changing Zeroconf service name to %r ...",
 
134
                    str(self.name))
 
135
        syslogger.setFormatter(logging.Formatter\
 
136
                               ('Mandos (%s): %%(levelname)s:'
 
137
                               ' %%(message)s' % self.name))
168
138
        self.remove()
169
 
        try:
170
 
            self.add()
171
 
        except dbus.exceptions.DBusException as error:
172
 
            logger.critical("DBusException: %s", error)
173
 
            self.cleanup()
174
 
            os._exit(1)
 
139
        self.add()
175
140
        self.rename_count += 1
176
141
    def remove(self):
177
142
        """Derived from the Avahi example code"""
178
 
        if self.entry_group_state_changed_match is not None:
179
 
            self.entry_group_state_changed_match.remove()
180
 
            self.entry_group_state_changed_match = None
181
 
        if self.group is not None:
182
 
            self.group.Reset()
 
143
        if group is not None:
 
144
            group.Reset()
183
145
    def add(self):
184
146
        """Derived from the Avahi example code"""
185
 
        self.remove()
186
 
        if self.group is None:
187
 
            self.group = dbus.Interface(
188
 
                self.bus.get_object(avahi.DBUS_NAME,
189
 
                                    self.server.EntryGroupNew()),
190
 
                avahi.DBUS_INTERFACE_ENTRY_GROUP)
191
 
        self.entry_group_state_changed_match = (
192
 
            self.group.connect_to_signal(
193
 
                'StateChanged', self.entry_group_state_changed))
194
 
        logger.debug("Adding Zeroconf service '%s' of type '%s' ...",
195
 
                     self.name, self.type)
196
 
        self.group.AddService(
197
 
            self.interface,
198
 
            self.protocol,
199
 
            dbus.UInt32(0),     # flags
200
 
            self.name, self.type,
201
 
            self.domain, self.host,
202
 
            dbus.UInt16(self.port),
203
 
            avahi.string_array_to_txt_array(self.TXT))
204
 
        self.group.Commit()
205
 
    def entry_group_state_changed(self, state, error):
206
 
        """Derived from the Avahi example code"""
207
 
        logger.debug("Avahi entry group state change: %i", state)
208
 
        
209
 
        if state == avahi.ENTRY_GROUP_ESTABLISHED:
210
 
            logger.debug("Zeroconf service established.")
211
 
        elif state == avahi.ENTRY_GROUP_COLLISION:
212
 
            logger.info("Zeroconf service name collision.")
213
 
            self.rename()
214
 
        elif state == avahi.ENTRY_GROUP_FAILURE:
215
 
            logger.critical("Avahi: Error in group state changed %s",
216
 
                            unicode(error))
217
 
            raise AvahiGroupError("State changed: %s"
218
 
                                  % unicode(error))
219
 
    def cleanup(self):
220
 
        """Derived from the Avahi example code"""
221
 
        if self.group is not None:
222
 
            try:
223
 
                self.group.Free()
224
 
            except (dbus.exceptions.UnknownMethodException,
225
 
                    dbus.exceptions.DBusException) as e:
226
 
                pass
227
 
            self.group = None
228
 
        self.remove()
229
 
    def server_state_changed(self, state, error=None):
230
 
        """Derived from the Avahi example code"""
231
 
        logger.debug("Avahi server state change: %i", state)
232
 
        bad_states = { avahi.SERVER_INVALID:
233
 
                           "Zeroconf server invalid",
234
 
                       avahi.SERVER_REGISTERING: None,
235
 
                       avahi.SERVER_COLLISION:
236
 
                           "Zeroconf server name collision",
237
 
                       avahi.SERVER_FAILURE:
238
 
                           "Zeroconf server failure" }
239
 
        if state in bad_states:
240
 
            if bad_states[state] is not None:
241
 
                if error is None:
242
 
                    logger.error(bad_states[state])
243
 
                else:
244
 
                    logger.error(bad_states[state] + ": %r", error)
245
 
            self.cleanup()
246
 
        elif state == avahi.SERVER_RUNNING:
247
 
            self.add()
248
 
        else:
249
 
            if error is None:
250
 
                logger.debug("Unknown state: %r", state)
251
 
            else:
252
 
                logger.debug("Unknown state: %r: %r", state, error)
253
 
    def activate(self):
254
 
        """Derived from the Avahi example code"""
255
 
        if self.server is None:
256
 
            self.server = dbus.Interface(
257
 
                self.bus.get_object(avahi.DBUS_NAME,
258
 
                                    avahi.DBUS_PATH_SERVER,
259
 
                                    follow_name_owner_changes=True),
260
 
                avahi.DBUS_INTERFACE_SERVER)
261
 
        self.server.connect_to_signal("StateChanged",
262
 
                                 self.server_state_changed)
263
 
        self.server_state_changed(self.server.GetState())
264
 
 
265
 
class AvahiServiceToSyslog(AvahiService):
266
 
    def rename(self):
267
 
        """Add the new name to the syslog messages"""
268
 
        ret = AvahiService.rename(self)
269
 
        syslogger.setFormatter(logging.Formatter
270
 
                               ('Mandos (%s) [%%(process)d]:'
271
 
                                ' %%(levelname)s: %%(message)s'
272
 
                                % self.name))
273
 
        return ret
274
 
 
275
 
def _timedelta_to_milliseconds(td):
276
 
    "Convert a datetime.timedelta() to milliseconds"
277
 
    return ((td.days * 24 * 60 * 60 * 1000)
278
 
            + (td.seconds * 1000)
279
 
            + (td.microseconds // 1000))
280
 
        
 
147
        global group
 
148
        if group is None:
 
149
            group = dbus.Interface\
 
150
                    (bus.get_object(avahi.DBUS_NAME,
 
151
                                    server.EntryGroupNew()),
 
152
                     avahi.DBUS_INTERFACE_ENTRY_GROUP)
 
153
            group.connect_to_signal('StateChanged',
 
154
                                    entry_group_state_changed)
 
155
        logger.debug(u"Adding Zeroconf service '%s' of type '%s' ...",
 
156
                     service.name, service.type)
 
157
        group.AddService(
 
158
                self.interface,         # interface
 
159
                avahi.PROTO_INET6,      # protocol
 
160
                dbus.UInt32(0),         # flags
 
161
                self.name, self.type,
 
162
                self.domain, self.host,
 
163
                dbus.UInt16(self.port),
 
164
                avahi.string_array_to_txt_array(self.TXT))
 
165
        group.Commit()
 
166
 
 
167
# From the Avahi example code:
 
168
group = None                            # our entry group
 
169
# End of Avahi example code
 
170
 
 
171
 
281
172
class Client(object):
282
173
    """A representation of a client host served by this server.
283
 
    
284
174
    Attributes:
285
 
    _approved:   bool(); 'None' if not yet approved/disapproved
286
 
    approval_delay: datetime.timedelta(); Time to wait for approval
287
 
    approval_duration: datetime.timedelta(); Duration of one approval
288
 
    checker:    subprocess.Popen(); a running checker process used
289
 
                                    to see if the client lives.
290
 
                                    'None' if no process is running.
291
 
    checker_callback_tag: a gobject event source tag, or None
292
 
    checker_command: string; External command which is run to check
293
 
                     if client lives.  %() expansions are done at
 
175
    name:      string; from the config file, used in log messages
 
176
    fingerprint: string (40 or 32 hexadecimal digits); used to
 
177
                 uniquely identify the client
 
178
    secret:    bytestring; sent verbatim (over TLS) to client
 
179
    host:      string; available for use by the checker command
 
180
    created:   datetime.datetime(); object creation, not client host
 
181
    last_checked_ok: datetime.datetime() or None if not yet checked OK
 
182
    timeout:   datetime.timedelta(); How long from last_checked_ok
 
183
                                     until this client is invalid
 
184
    interval:  datetime.timedelta(); How often to start a new checker
 
185
    stop_hook: If set, called by stop() as stop_hook(self)
 
186
    checker:   subprocess.Popen(); a running checker process used
 
187
                                   to see if the client lives.
 
188
                                   'None' if no process is running.
 
189
    checker_initiator_tag: a gobject event source tag, or None
 
190
    stop_initiator_tag:    - '' -
 
191
    checker_callback_tag:  - '' -
 
192
    checker_command: string; External command which is run to check if
 
193
                     client lives.  %() expansions are done at
294
194
                     runtime with vars(self) as dict, so that for
295
195
                     instance %(name)s can be used in the command.
296
 
    checker_initiator_tag: a gobject event source tag, or None
297
 
    created:    datetime.datetime(); (UTC) object creation
298
 
    current_checker_command: string; current running checker_command
299
 
    disable_hook:  If set, called by disable() as disable_hook(self)
300
 
    disable_initiator_tag: a gobject event source tag, or None
301
 
    enabled:    bool()
302
 
    fingerprint: string (40 or 32 hexadecimal digits); used to
303
 
                 uniquely identify the client
304
 
    host:       string; available for use by the checker command
305
 
    interval:   datetime.timedelta(); How often to start a new checker
306
 
    last_approval_request: datetime.datetime(); (UTC) or None
307
 
    last_checked_ok: datetime.datetime(); (UTC) or None
308
 
    last_enabled: datetime.datetime(); (UTC)
309
 
    name:       string; from the config file, used in log messages and
310
 
                        D-Bus identifiers
311
 
    secret:     bytestring; sent verbatim (over TLS) to client
312
 
    timeout:    datetime.timedelta(); How long from last_checked_ok
313
 
                                      until this client is disabled
314
 
    extended_timeout:   extra long timeout when password has been sent
315
 
    runtime_expansions: Allowed attributes for runtime expansion.
316
 
    expires:    datetime.datetime(); time (UTC) when a client will be
317
 
                disabled, or None
 
196
    Private attibutes:
 
197
    _timeout: Real variable for 'timeout'
 
198
    _interval: Real variable for 'interval'
 
199
    _timeout_milliseconds: Used when calling gobject.timeout_add()
 
200
    _interval_milliseconds: - '' -
318
201
    """
319
 
    
320
 
    runtime_expansions = ("approval_delay", "approval_duration",
321
 
                          "created", "enabled", "fingerprint",
322
 
                          "host", "interval", "last_checked_ok",
323
 
                          "last_enabled", "name", "timeout")
324
 
    
325
 
    def timeout_milliseconds(self):
326
 
        "Return the 'timeout' attribute in milliseconds"
327
 
        return _timedelta_to_milliseconds(self.timeout)
328
 
    
329
 
    def extended_timeout_milliseconds(self):
330
 
        "Return the 'extended_timeout' attribute in milliseconds"
331
 
        return _timedelta_to_milliseconds(self.extended_timeout)
332
 
    
333
 
    def interval_milliseconds(self):
334
 
        "Return the 'interval' attribute in milliseconds"
335
 
        return _timedelta_to_milliseconds(self.interval)
336
 
    
337
 
    def approval_delay_milliseconds(self):
338
 
        return _timedelta_to_milliseconds(self.approval_delay)
339
 
    
340
 
    def __init__(self, name = None, disable_hook=None, config=None):
 
202
    def _set_timeout(self, timeout):
 
203
        "Setter function for 'timeout' attribute"
 
204
        self._timeout = timeout
 
205
        self._timeout_milliseconds = ((self.timeout.days
 
206
                                       * 24 * 60 * 60 * 1000)
 
207
                                      + (self.timeout.seconds * 1000)
 
208
                                      + (self.timeout.microseconds
 
209
                                         // 1000))
 
210
    timeout = property(lambda self: self._timeout,
 
211
                       _set_timeout)
 
212
    del _set_timeout
 
213
    def _set_interval(self, interval):
 
214
        "Setter function for 'interval' attribute"
 
215
        self._interval = interval
 
216
        self._interval_milliseconds = ((self.interval.days
 
217
                                        * 24 * 60 * 60 * 1000)
 
218
                                       + (self.interval.seconds
 
219
                                          * 1000)
 
220
                                       + (self.interval.microseconds
 
221
                                          // 1000))
 
222
    interval = property(lambda self: self._interval,
 
223
                        _set_interval)
 
224
    del _set_interval
 
225
    def __init__(self, name = None, stop_hook=None, config={}):
341
226
        """Note: the 'checker' key in 'config' sets the
342
227
        'checker_command' attribute and *not* the 'checker'
343
228
        attribute."""
344
229
        self.name = name
345
 
        if config is None:
346
 
            config = {}
347
 
        logger.debug("Creating client %r", self.name)
 
230
        logger.debug(u"Creating client %r", self.name)
348
231
        # Uppercase and remove spaces from fingerprint for later
349
232
        # comparison purposes with return value from the fingerprint()
350
233
        # function
351
 
        self.fingerprint = (config["fingerprint"].upper()
352
 
                            .replace(" ", ""))
353
 
        logger.debug("  Fingerprint: %s", self.fingerprint)
 
234
        self.fingerprint = config["fingerprint"].upper()\
 
235
                           .replace(u" ", u"")
 
236
        logger.debug(u"  Fingerprint: %s", self.fingerprint)
354
237
        if "secret" in config:
355
 
            self.secret = config["secret"].decode("base64")
 
238
            self.secret = config["secret"].decode(u"base64")
356
239
        elif "secfile" in config:
357
 
            with open(os.path.expanduser(os.path.expandvars
358
 
                                         (config["secfile"])),
359
 
                      "rb") as secfile:
360
 
                self.secret = secfile.read()
 
240
            sf = open(config["secfile"])
 
241
            self.secret = sf.read()
 
242
            sf.close()
361
243
        else:
362
 
            raise TypeError("No secret or secfile for client %s"
 
244
            raise TypeError(u"No secret or secfile for client %s"
363
245
                            % self.name)
364
246
        self.host = config.get("host", "")
365
 
        self.created = datetime.datetime.utcnow()
366
 
        self.enabled = False
367
 
        self.last_approval_request = None
368
 
        self.last_enabled = None
 
247
        self.created = datetime.datetime.now()
369
248
        self.last_checked_ok = None
370
249
        self.timeout = string_to_delta(config["timeout"])
371
 
        self.extended_timeout = string_to_delta(config
372
 
                                                ["extended_timeout"])
373
250
        self.interval = string_to_delta(config["interval"])
374
 
        self.disable_hook = disable_hook
 
251
        self.stop_hook = stop_hook
375
252
        self.checker = None
376
253
        self.checker_initiator_tag = None
377
 
        self.disable_initiator_tag = None
378
 
        self.expires = None
 
254
        self.stop_initiator_tag = None
379
255
        self.checker_callback_tag = None
380
 
        self.checker_command = config["checker"]
381
 
        self.current_checker_command = None
382
 
        self.last_connect = None
383
 
        self._approved = None
384
 
        self.approved_by_default = config.get("approved_by_default",
385
 
                                              True)
386
 
        self.approvals_pending = 0
387
 
        self.approval_delay = string_to_delta(
388
 
            config["approval_delay"])
389
 
        self.approval_duration = string_to_delta(
390
 
            config["approval_duration"])
391
 
        self.changedstate = (multiprocessing_manager
392
 
                             .Condition(multiprocessing_manager
393
 
                                        .Lock()))
394
 
    
395
 
    def send_changedstate(self):
396
 
        self.changedstate.acquire()
397
 
        self.changedstate.notify_all()
398
 
        self.changedstate.release()
399
 
    
400
 
    def enable(self):
 
256
        self.check_command = config["checker"]
 
257
    def start(self):
401
258
        """Start this client's checker and timeout hooks"""
402
 
        if getattr(self, "enabled", False):
403
 
            # Already enabled
404
 
            return
405
 
        self.send_changedstate()
406
259
        # Schedule a new checker to be started an 'interval' from now,
407
260
        # and every interval from then on.
408
 
        self.checker_initiator_tag = (gobject.timeout_add
409
 
                                      (self.interval_milliseconds(),
410
 
                                       self.start_checker))
411
 
        # Schedule a disable() when 'timeout' has passed
412
 
        self.expires = datetime.datetime.utcnow() + self.timeout
413
 
        self.disable_initiator_tag = (gobject.timeout_add
414
 
                                   (self.timeout_milliseconds(),
415
 
                                    self.disable))
416
 
        self.enabled = True
417
 
        self.last_enabled = datetime.datetime.utcnow()
 
261
        self.checker_initiator_tag = gobject.timeout_add\
 
262
                                     (self._interval_milliseconds,
 
263
                                      self.start_checker)
418
264
        # Also start a new checker *right now*.
419
265
        self.start_checker()
420
 
    
421
 
    def disable(self, quiet=True):
422
 
        """Disable this client."""
423
 
        if not getattr(self, "enabled", False):
 
266
        # Schedule a stop() when 'timeout' has passed
 
267
        self.stop_initiator_tag = gobject.timeout_add\
 
268
                                  (self._timeout_milliseconds,
 
269
                                   self.stop)
 
270
    def stop(self):
 
271
        """Stop this client.
 
272
        The possibility that a client might be restarted is left open,
 
273
        but not currently used."""
 
274
        # If this client doesn't have a secret, it is already stopped.
 
275
        if hasattr(self, "secret") and self.secret:
 
276
            logger.info(u"Stopping client %s", self.name)
 
277
            self.secret = None
 
278
        else:
424
279
            return False
425
 
        if not quiet:
426
 
            self.send_changedstate()
427
 
        if not quiet:
428
 
            logger.info("Disabling client %s", self.name)
429
 
        if getattr(self, "disable_initiator_tag", False):
430
 
            gobject.source_remove(self.disable_initiator_tag)
431
 
            self.disable_initiator_tag = None
432
 
        self.expires = None
 
280
        if getattr(self, "stop_initiator_tag", False):
 
281
            gobject.source_remove(self.stop_initiator_tag)
 
282
            self.stop_initiator_tag = None
433
283
        if getattr(self, "checker_initiator_tag", False):
434
284
            gobject.source_remove(self.checker_initiator_tag)
435
285
            self.checker_initiator_tag = None
436
286
        self.stop_checker()
437
 
        if self.disable_hook:
438
 
            self.disable_hook(self)
439
 
        self.enabled = False
 
287
        if self.stop_hook:
 
288
            self.stop_hook(self)
440
289
        # Do not run this again if called by a gobject.timeout_add
441
290
        return False
442
 
    
443
291
    def __del__(self):
444
 
        self.disable_hook = None
445
 
        self.disable()
446
 
    
447
 
    def checker_callback(self, pid, condition, command):
 
292
        self.stop_hook = None
 
293
        self.stop()
 
294
    def checker_callback(self, pid, condition):
448
295
        """The checker has completed, so take appropriate actions."""
 
296
        now = datetime.datetime.now()
449
297
        self.checker_callback_tag = None
450
298
        self.checker = None
451
 
        if os.WIFEXITED(condition):
452
 
            exitstatus = os.WEXITSTATUS(condition)
453
 
            if exitstatus == 0:
454
 
                logger.info("Checker for %(name)s succeeded",
455
 
                            vars(self))
456
 
                self.checked_ok()
457
 
            else:
458
 
                logger.info("Checker for %(name)s failed",
459
 
                            vars(self))
460
 
        else:
461
 
            logger.warning("Checker for %(name)s crashed?",
 
299
        if os.WIFEXITED(condition) \
 
300
               and (os.WEXITSTATUS(condition) == 0):
 
301
            logger.info(u"Checker for %(name)s succeeded",
 
302
                        vars(self))
 
303
            self.last_checked_ok = now
 
304
            gobject.source_remove(self.stop_initiator_tag)
 
305
            self.stop_initiator_tag = gobject.timeout_add\
 
306
                                      (self._timeout_milliseconds,
 
307
                                       self.stop)
 
308
        elif not os.WIFEXITED(condition):
 
309
            logger.warning(u"Checker for %(name)s crashed?",
462
310
                           vars(self))
463
 
    
464
 
    def checked_ok(self, timeout=None):
465
 
        """Bump up the timeout for this client.
466
 
        
467
 
        This should only be called when the client has been seen,
468
 
        alive and well.
469
 
        """
470
 
        if timeout is None:
471
 
            timeout = self.timeout
472
 
        self.last_checked_ok = datetime.datetime.utcnow()
473
 
        if self.disable_initiator_tag is not None:
474
 
            gobject.source_remove(self.disable_initiator_tag)
475
 
        if getattr(self, "enabled", False):
476
 
            self.disable_initiator_tag = (gobject.timeout_add
477
 
                                          (_timedelta_to_milliseconds
478
 
                                           (timeout), self.disable))
479
 
            self.expires = datetime.datetime.utcnow() + timeout
480
 
    
481
 
    def need_approval(self):
482
 
        self.last_approval_request = datetime.datetime.utcnow()
483
 
    
 
311
        else:
 
312
            logger.info(u"Checker for %(name)s failed",
 
313
                        vars(self))
484
314
    def start_checker(self):
485
315
        """Start a new checker subprocess if one is not running.
486
 
        
487
316
        If a checker already exists, leave it running and do
488
317
        nothing."""
489
318
        # The reason for not killing a running checker is that if we
492
321
        # client would inevitably timeout, since no checker would get
493
322
        # a chance to run to completion.  If we instead leave running
494
323
        # checkers alone, the checker would have to take more time
495
 
        # than 'timeout' for the client to be disabled, which is as it
496
 
        # should be.
497
 
        
498
 
        # If a checker exists, make sure it is not a zombie
499
 
        try:
500
 
            pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
501
 
        except (AttributeError, OSError) as error:
502
 
            if (isinstance(error, OSError)
503
 
                and error.errno != errno.ECHILD):
504
 
                raise error
505
 
        else:
506
 
            if pid:
507
 
                logger.warning("Checker was a zombie")
508
 
                gobject.source_remove(self.checker_callback_tag)
509
 
                self.checker_callback(pid, status,
510
 
                                      self.current_checker_command)
511
 
        # Start a new checker if needed
 
324
        # than 'timeout' for the client to be declared invalid, which
 
325
        # is as it should be.
512
326
        if self.checker is None:
513
327
            try:
514
 
                # In case checker_command has exactly one % operator
515
 
                command = self.checker_command % self.host
 
328
                # In case check_command has exactly one % operator
 
329
                command = self.check_command % self.host
516
330
            except TypeError:
517
331
                # Escape attributes for the shell
518
 
                escaped_attrs = dict(
519
 
                    (attr,
520
 
                     re.escape(unicode(str(getattr(self, attr, "")),
521
 
                                       errors=
522
 
                                       'replace')))
523
 
                    for attr in
524
 
                    self.runtime_expansions)
525
 
                
 
332
                escaped_attrs = dict((key, re.escape(str(val)))
 
333
                                     for key, val in
 
334
                                     vars(self).iteritems())
526
335
                try:
527
 
                    command = self.checker_command % escaped_attrs
528
 
                except TypeError as error:
529
 
                    logger.error('Could not format string "%s":'
530
 
                                 ' %s', self.checker_command, error)
 
336
                    command = self.check_command % escaped_attrs
 
337
                except TypeError, error:
 
338
                    logger.error(u'Could not format string "%s":'
 
339
                                 u' %s', self.check_command, error)
531
340
                    return True # Try again later
532
 
            self.current_checker_command = command
533
341
            try:
534
 
                logger.info("Starting checker %r for %s",
 
342
                logger.info(u"Starting checker %r for %s",
535
343
                            command, self.name)
536
344
                # We don't need to redirect stdout and stderr, since
537
345
                # in normal mode, that is already done by daemon(),
540
348
                self.checker = subprocess.Popen(command,
541
349
                                                close_fds=True,
542
350
                                                shell=True, cwd="/")
543
 
                self.checker_callback_tag = (gobject.child_watch_add
544
 
                                             (self.checker.pid,
545
 
                                              self.checker_callback,
546
 
                                              data=command))
547
 
                # The checker may have completed before the gobject
548
 
                # watch was added.  Check for this.
549
 
                pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
550
 
                if pid:
551
 
                    gobject.source_remove(self.checker_callback_tag)
552
 
                    self.checker_callback(pid, status, command)
553
 
            except OSError as error:
554
 
                logger.error("Failed to start subprocess: %s",
 
351
                self.checker_callback_tag = gobject.child_watch_add\
 
352
                                            (self.checker.pid,
 
353
                                             self.checker_callback)
 
354
            except OSError, error:
 
355
                logger.error(u"Failed to start subprocess: %s",
555
356
                             error)
556
357
        # Re-run this periodically if run by gobject.timeout_add
557
358
        return True
558
 
    
559
359
    def stop_checker(self):
560
360
        """Force the checker process, if any, to stop."""
561
361
        if self.checker_callback_tag:
563
363
            self.checker_callback_tag = None
564
364
        if getattr(self, "checker", None) is None:
565
365
            return
566
 
        logger.debug("Stopping checker for %(name)s", vars(self))
 
366
        logger.debug(u"Stopping checker for %(name)s", vars(self))
567
367
        try:
568
368
            os.kill(self.checker.pid, signal.SIGTERM)
569
 
            #time.sleep(0.5)
 
369
            #os.sleep(0.5)
570
370
            #if self.checker.poll() is None:
571
371
            #    os.kill(self.checker.pid, signal.SIGKILL)
572
 
        except OSError as error:
 
372
        except OSError, error:
573
373
            if error.errno != errno.ESRCH: # No such process
574
374
                raise
575
375
        self.checker = None
576
 
 
577
 
 
578
 
def dbus_service_property(dbus_interface, signature="v",
579
 
                          access="readwrite", byte_arrays=False):
580
 
    """Decorators for marking methods of a DBusObjectWithProperties to
581
 
    become properties on the D-Bus.
582
 
    
583
 
    The decorated method will be called with no arguments by "Get"
584
 
    and with one argument by "Set".
585
 
    
586
 
    The parameters, where they are supported, are the same as
587
 
    dbus.service.method, except there is only "signature", since the
588
 
    type from Get() and the type sent to Set() is the same.
589
 
    """
590
 
    # Encoding deeply encoded byte arrays is not supported yet by the
591
 
    # "Set" method, so we fail early here:
592
 
    if byte_arrays and signature != "ay":
593
 
        raise ValueError("Byte arrays not supported for non-'ay'"
594
 
                         " signature %r" % signature)
595
 
    def decorator(func):
596
 
        func._dbus_is_property = True
597
 
        func._dbus_interface = dbus_interface
598
 
        func._dbus_signature = signature
599
 
        func._dbus_access = access
600
 
        func._dbus_name = func.__name__
601
 
        if func._dbus_name.endswith("_dbus_property"):
602
 
            func._dbus_name = func._dbus_name[:-14]
603
 
        func._dbus_get_args_options = {'byte_arrays': byte_arrays }
604
 
        return func
605
 
    return decorator
606
 
 
607
 
 
608
 
class DBusPropertyException(dbus.exceptions.DBusException):
609
 
    """A base class for D-Bus property-related exceptions
610
 
    """
611
 
    def __unicode__(self):
612
 
        return unicode(str(self))
613
 
 
614
 
 
615
 
class DBusPropertyAccessException(DBusPropertyException):
616
 
    """A property's access permissions disallows an operation.
617
 
    """
618
 
    pass
619
 
 
620
 
 
621
 
class DBusPropertyNotFound(DBusPropertyException):
622
 
    """An attempt was made to access a non-existing property.
623
 
    """
624
 
    pass
625
 
 
626
 
 
627
 
class DBusObjectWithProperties(dbus.service.Object):
628
 
    """A D-Bus object with properties.
629
 
    
630
 
    Classes inheriting from this can use the dbus_service_property
631
 
    decorator to expose methods as D-Bus properties.  It exposes the
632
 
    standard Get(), Set(), and GetAll() methods on the D-Bus.
633
 
    """
634
 
    
635
 
    @staticmethod
636
 
    def _is_dbus_property(obj):
637
 
        return getattr(obj, "_dbus_is_property", False)
638
 
    
639
 
    def _get_all_dbus_properties(self):
640
 
        """Returns a generator of (name, attribute) pairs
641
 
        """
642
 
        return ((prop.__get__(self)._dbus_name, prop.__get__(self))
643
 
                for cls in self.__class__.__mro__
644
 
                for name, prop in
645
 
                inspect.getmembers(cls, self._is_dbus_property))
646
 
    
647
 
    def _get_dbus_property(self, interface_name, property_name):
648
 
        """Returns a bound method if one exists which is a D-Bus
649
 
        property with the specified name and interface.
650
 
        """
651
 
        for cls in  self.__class__.__mro__:
652
 
            for name, value in (inspect.getmembers
653
 
                                (cls, self._is_dbus_property)):
654
 
                if (value._dbus_name == property_name
655
 
                    and value._dbus_interface == interface_name):
656
 
                    return value.__get__(self)
657
 
        
658
 
        # No such property
659
 
        raise DBusPropertyNotFound(self.dbus_object_path + ":"
660
 
                                   + interface_name + "."
661
 
                                   + property_name)
662
 
    
663
 
    @dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ss",
664
 
                         out_signature="v")
665
 
    def Get(self, interface_name, property_name):
666
 
        """Standard D-Bus property Get() method, see D-Bus standard.
667
 
        """
668
 
        prop = self._get_dbus_property(interface_name, property_name)
669
 
        if prop._dbus_access == "write":
670
 
            raise DBusPropertyAccessException(property_name)
671
 
        value = prop()
672
 
        if not hasattr(value, "variant_level"):
673
 
            return value
674
 
        return type(value)(value, variant_level=value.variant_level+1)
675
 
    
676
 
    @dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ssv")
677
 
    def Set(self, interface_name, property_name, value):
678
 
        """Standard D-Bus property Set() method, see D-Bus standard.
679
 
        """
680
 
        prop = self._get_dbus_property(interface_name, property_name)
681
 
        if prop._dbus_access == "read":
682
 
            raise DBusPropertyAccessException(property_name)
683
 
        if prop._dbus_get_args_options["byte_arrays"]:
684
 
            # The byte_arrays option is not supported yet on
685
 
            # signatures other than "ay".
686
 
            if prop._dbus_signature != "ay":
687
 
                raise ValueError
688
 
            value = dbus.ByteArray(''.join(unichr(byte)
689
 
                                           for byte in value))
690
 
        prop(value)
691
 
    
692
 
    @dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="s",
693
 
                         out_signature="a{sv}")
694
 
    def GetAll(self, interface_name):
695
 
        """Standard D-Bus property GetAll() method, see D-Bus
696
 
        standard.
697
 
        
698
 
        Note: Will not include properties with access="write".
699
 
        """
700
 
        all = {}
701
 
        for name, prop in self._get_all_dbus_properties():
702
 
            if (interface_name
703
 
                and interface_name != prop._dbus_interface):
704
 
                # Interface non-empty but did not match
705
 
                continue
706
 
            # Ignore write-only properties
707
 
            if prop._dbus_access == "write":
708
 
                continue
709
 
            value = prop()
710
 
            if not hasattr(value, "variant_level"):
711
 
                all[name] = value
712
 
                continue
713
 
            all[name] = type(value)(value, variant_level=
714
 
                                    value.variant_level+1)
715
 
        return dbus.Dictionary(all, signature="sv")
716
 
    
717
 
    @dbus.service.method(dbus.INTROSPECTABLE_IFACE,
718
 
                         out_signature="s",
719
 
                         path_keyword='object_path',
720
 
                         connection_keyword='connection')
721
 
    def Introspect(self, object_path, connection):
722
 
        """Standard D-Bus method, overloaded to insert property tags.
723
 
        """
724
 
        xmlstring = dbus.service.Object.Introspect(self, object_path,
725
 
                                                   connection)
726
 
        try:
727
 
            document = xml.dom.minidom.parseString(xmlstring)
728
 
            def make_tag(document, name, prop):
729
 
                e = document.createElement("property")
730
 
                e.setAttribute("name", name)
731
 
                e.setAttribute("type", prop._dbus_signature)
732
 
                e.setAttribute("access", prop._dbus_access)
733
 
                return e
734
 
            for if_tag in document.getElementsByTagName("interface"):
735
 
                for tag in (make_tag(document, name, prop)
736
 
                            for name, prop
737
 
                            in self._get_all_dbus_properties()
738
 
                            if prop._dbus_interface
739
 
                            == if_tag.getAttribute("name")):
740
 
                    if_tag.appendChild(tag)
741
 
                # Add the names to the return values for the
742
 
                # "org.freedesktop.DBus.Properties" methods
743
 
                if (if_tag.getAttribute("name")
744
 
                    == "org.freedesktop.DBus.Properties"):
745
 
                    for cn in if_tag.getElementsByTagName("method"):
746
 
                        if cn.getAttribute("name") == "Get":
747
 
                            for arg in cn.getElementsByTagName("arg"):
748
 
                                if (arg.getAttribute("direction")
749
 
                                    == "out"):
750
 
                                    arg.setAttribute("name", "value")
751
 
                        elif cn.getAttribute("name") == "GetAll":
752
 
                            for arg in cn.getElementsByTagName("arg"):
753
 
                                if (arg.getAttribute("direction")
754
 
                                    == "out"):
755
 
                                    arg.setAttribute("name", "props")
756
 
            xmlstring = document.toxml("utf-8")
757
 
            document.unlink()
758
 
        except (AttributeError, xml.dom.DOMException,
759
 
                xml.parsers.expat.ExpatError) as error:
760
 
            logger.error("Failed to override Introspection method",
761
 
                         error)
762
 
        return xmlstring
763
 
 
764
 
 
765
 
def datetime_to_dbus (dt, variant_level=0):
766
 
    """Convert a UTC datetime.datetime() to a D-Bus type."""
767
 
    if dt is None:
768
 
        return dbus.String("", variant_level = variant_level)
769
 
    return dbus.String(dt.isoformat(),
770
 
                       variant_level=variant_level)
771
 
 
772
 
class AlternateDBusNamesMetaclass(DBusObjectWithProperties
773
 
                                  .__metaclass__):
774
 
    """Applied to an empty subclass of a D-Bus object, this metaclass
775
 
    will add additional D-Bus attributes matching a certain pattern.
776
 
    """
777
 
    def __new__(mcs, name, bases, attr):
778
 
        # Go through all the base classes which could have D-Bus
779
 
        # methods, signals, or properties in them
780
 
        for base in (b for b in bases
781
 
                     if issubclass(b, dbus.service.Object)):
782
 
            # Go though all attributes of the base class
783
 
            for attrname, attribute in inspect.getmembers(base):
784
 
                # Ignore non-D-Bus attributes, and D-Bus attributes
785
 
                # with the wrong interface name
786
 
                if (not hasattr(attribute, "_dbus_interface")
787
 
                    or not attribute._dbus_interface
788
 
                    .startswith("se.recompile.Mandos")):
789
 
                    continue
790
 
                # Create an alternate D-Bus interface name based on
791
 
                # the current name
792
 
                alt_interface = (attribute._dbus_interface
793
 
                                 .replace("se.recompile.Mandos",
794
 
                                          "se.bsnet.fukt.Mandos"))
795
 
                # Is this a D-Bus signal?
796
 
                if getattr(attribute, "_dbus_is_signal", False):
797
 
                    # Extract the original non-method function by
798
 
                    # black magic
799
 
                    nonmethod_func = (dict(
800
 
                            zip(attribute.func_code.co_freevars,
801
 
                                attribute.__closure__))["func"]
802
 
                                      .cell_contents)
803
 
                    # Create a new, but exactly alike, function
804
 
                    # object, and decorate it to be a new D-Bus signal
805
 
                    # with the alternate D-Bus interface name
806
 
                    new_function = (dbus.service.signal
807
 
                                    (alt_interface,
808
 
                                     attribute._dbus_signature)
809
 
                                    (types.FunctionType(
810
 
                                nonmethod_func.func_code,
811
 
                                nonmethod_func.func_globals,
812
 
                                nonmethod_func.func_name,
813
 
                                nonmethod_func.func_defaults,
814
 
                                nonmethod_func.func_closure)))
815
 
                    # Define a creator of a function to call both the
816
 
                    # old and new functions, so both the old and new
817
 
                    # signals gets sent when the function is called
818
 
                    def fixscope(func1, func2):
819
 
                        """This function is a scope container to pass
820
 
                        func1 and func2 to the "call_both" function
821
 
                        outside of its arguments"""
822
 
                        def call_both(*args, **kwargs):
823
 
                            """This function will emit two D-Bus
824
 
                            signals by calling func1 and func2"""
825
 
                            func1(*args, **kwargs)
826
 
                            func2(*args, **kwargs)
827
 
                        return call_both
828
 
                    # Create the "call_both" function and add it to
829
 
                    # the class
830
 
                    attr[attrname] = fixscope(attribute,
831
 
                                              new_function)
832
 
                # Is this a D-Bus method?
833
 
                elif getattr(attribute, "_dbus_is_method", False):
834
 
                    # Create a new, but exactly alike, function
835
 
                    # object.  Decorate it to be a new D-Bus method
836
 
                    # with the alternate D-Bus interface name.  Add it
837
 
                    # to the class.
838
 
                    attr[attrname] = (dbus.service.method
839
 
                                      (alt_interface,
840
 
                                       attribute._dbus_in_signature,
841
 
                                       attribute._dbus_out_signature)
842
 
                                      (types.FunctionType
843
 
                                       (attribute.func_code,
844
 
                                        attribute.func_globals,
845
 
                                        attribute.func_name,
846
 
                                        attribute.func_defaults,
847
 
                                        attribute.func_closure)))
848
 
                # Is this a D-Bus property?
849
 
                elif getattr(attribute, "_dbus_is_property", False):
850
 
                    # Create a new, but exactly alike, function
851
 
                    # object, and decorate it to be a new D-Bus
852
 
                    # property with the alternate D-Bus interface
853
 
                    # name.  Add it to the class.
854
 
                    attr[attrname] = (dbus_service_property
855
 
                                      (alt_interface,
856
 
                                       attribute._dbus_signature,
857
 
                                       attribute._dbus_access,
858
 
                                       attribute
859
 
                                       ._dbus_get_args_options
860
 
                                       ["byte_arrays"])
861
 
                                      (types.FunctionType
862
 
                                       (attribute.func_code,
863
 
                                        attribute.func_globals,
864
 
                                        attribute.func_name,
865
 
                                        attribute.func_defaults,
866
 
                                        attribute.func_closure)))
867
 
        return type.__new__(mcs, name, bases, attr)
868
 
 
869
 
class ClientDBus(Client, DBusObjectWithProperties):
870
 
    """A Client class using D-Bus
871
 
    
872
 
    Attributes:
873
 
    dbus_object_path: dbus.ObjectPath
874
 
    bus: dbus.SystemBus()
875
 
    """
876
 
    
877
 
    runtime_expansions = (Client.runtime_expansions
878
 
                          + ("dbus_object_path",))
879
 
    
880
 
    # dbus.service.Object doesn't use super(), so we can't either.
881
 
    
882
 
    def __init__(self, bus = None, *args, **kwargs):
883
 
        self._approvals_pending = 0
884
 
        self.bus = bus
885
 
        Client.__init__(self, *args, **kwargs)
886
 
        # Only now, when this client is initialized, can it show up on
887
 
        # the D-Bus
888
 
        client_object_name = unicode(self.name).translate(
889
 
            {ord("."): ord("_"),
890
 
             ord("-"): ord("_")})
891
 
        self.dbus_object_path = (dbus.ObjectPath
892
 
                                 ("/clients/" + client_object_name))
893
 
        DBusObjectWithProperties.__init__(self, self.bus,
894
 
                                          self.dbus_object_path)
895
 
        
896
 
    def notifychangeproperty(transform_func,
897
 
                             dbus_name, type_func=lambda x: x,
898
 
                             variant_level=1):
899
 
        """ Modify a variable so that it's a property which announces
900
 
        its changes to DBus.
901
 
 
902
 
        transform_fun: Function that takes a value and a variant_level
903
 
                       and transforms it to a D-Bus type.
904
 
        dbus_name: D-Bus name of the variable
905
 
        type_func: Function that transform the value before sending it
906
 
                   to the D-Bus.  Default: no transform
907
 
        variant_level: D-Bus variant level.  Default: 1
908
 
        """
909
 
        attrname = "_{0}".format(dbus_name)
910
 
        def setter(self, value):
911
 
            if hasattr(self, "dbus_object_path"):
912
 
                if (not hasattr(self, attrname) or
913
 
                    type_func(getattr(self, attrname, None))
914
 
                    != type_func(value)):
915
 
                    dbus_value = transform_func(type_func(value),
916
 
                                                variant_level
917
 
                                                =variant_level)
918
 
                    self.PropertyChanged(dbus.String(dbus_name),
919
 
                                         dbus_value)
920
 
            setattr(self, attrname, value)
921
 
        
922
 
        return property(lambda self: getattr(self, attrname), setter)
923
 
    
924
 
    
925
 
    expires = notifychangeproperty(datetime_to_dbus, "Expires")
926
 
    approvals_pending = notifychangeproperty(dbus.Boolean,
927
 
                                             "ApprovalPending",
928
 
                                             type_func = bool)
929
 
    enabled = notifychangeproperty(dbus.Boolean, "Enabled")
930
 
    last_enabled = notifychangeproperty(datetime_to_dbus,
931
 
                                        "LastEnabled")
932
 
    checker = notifychangeproperty(dbus.Boolean, "CheckerRunning",
933
 
                                   type_func = lambda checker:
934
 
                                       checker is not None)
935
 
    last_checked_ok = notifychangeproperty(datetime_to_dbus,
936
 
                                           "LastCheckedOK")
937
 
    last_approval_request = notifychangeproperty(
938
 
        datetime_to_dbus, "LastApprovalRequest")
939
 
    approved_by_default = notifychangeproperty(dbus.Boolean,
940
 
                                               "ApprovedByDefault")
941
 
    approval_delay = notifychangeproperty(dbus.UInt16,
942
 
                                          "ApprovalDelay",
943
 
                                          type_func =
944
 
                                          _timedelta_to_milliseconds)
945
 
    approval_duration = notifychangeproperty(
946
 
        dbus.UInt16, "ApprovalDuration",
947
 
        type_func = _timedelta_to_milliseconds)
948
 
    host = notifychangeproperty(dbus.String, "Host")
949
 
    timeout = notifychangeproperty(dbus.UInt16, "Timeout",
950
 
                                   type_func =
951
 
                                   _timedelta_to_milliseconds)
952
 
    extended_timeout = notifychangeproperty(
953
 
        dbus.UInt16, "ExtendedTimeout",
954
 
        type_func = _timedelta_to_milliseconds)
955
 
    interval = notifychangeproperty(dbus.UInt16,
956
 
                                    "Interval",
957
 
                                    type_func =
958
 
                                    _timedelta_to_milliseconds)
959
 
    checker_command = notifychangeproperty(dbus.String, "Checker")
960
 
    
961
 
    del notifychangeproperty
962
 
    
963
 
    def __del__(self, *args, **kwargs):
964
 
        try:
965
 
            self.remove_from_connection()
966
 
        except LookupError:
967
 
            pass
968
 
        if hasattr(DBusObjectWithProperties, "__del__"):
969
 
            DBusObjectWithProperties.__del__(self, *args, **kwargs)
970
 
        Client.__del__(self, *args, **kwargs)
971
 
    
972
 
    def checker_callback(self, pid, condition, command,
973
 
                         *args, **kwargs):
974
 
        self.checker_callback_tag = None
975
 
        self.checker = None
976
 
        if os.WIFEXITED(condition):
977
 
            exitstatus = os.WEXITSTATUS(condition)
978
 
            # Emit D-Bus signal
979
 
            self.CheckerCompleted(dbus.Int16(exitstatus),
980
 
                                  dbus.Int64(condition),
981
 
                                  dbus.String(command))
982
 
        else:
983
 
            # Emit D-Bus signal
984
 
            self.CheckerCompleted(dbus.Int16(-1),
985
 
                                  dbus.Int64(condition),
986
 
                                  dbus.String(command))
987
 
        
988
 
        return Client.checker_callback(self, pid, condition, command,
989
 
                                       *args, **kwargs)
990
 
    
991
 
    def start_checker(self, *args, **kwargs):
992
 
        old_checker = self.checker
993
 
        if self.checker is not None:
994
 
            old_checker_pid = self.checker.pid
995
 
        else:
996
 
            old_checker_pid = None
997
 
        r = Client.start_checker(self, *args, **kwargs)
998
 
        # Only if new checker process was started
999
 
        if (self.checker is not None
1000
 
            and old_checker_pid != self.checker.pid):
1001
 
            # Emit D-Bus signal
1002
 
            self.CheckerStarted(self.current_checker_command)
1003
 
        return r
1004
 
    
1005
 
    def _reset_approved(self):
1006
 
        self._approved = None
1007
 
        return False
1008
 
    
1009
 
    def approve(self, value=True):
1010
 
        self.send_changedstate()
1011
 
        self._approved = value
1012
 
        gobject.timeout_add(_timedelta_to_milliseconds
1013
 
                            (self.approval_duration),
1014
 
                            self._reset_approved)
1015
 
    
1016
 
    
1017
 
    ## D-Bus methods, signals & properties
1018
 
    _interface = "se.recompile.Mandos.Client"
1019
 
    
1020
 
    ## Signals
1021
 
    
1022
 
    # CheckerCompleted - signal
1023
 
    @dbus.service.signal(_interface, signature="nxs")
1024
 
    def CheckerCompleted(self, exitcode, waitstatus, command):
1025
 
        "D-Bus signal"
1026
 
        pass
1027
 
    
1028
 
    # CheckerStarted - signal
1029
 
    @dbus.service.signal(_interface, signature="s")
1030
 
    def CheckerStarted(self, command):
1031
 
        "D-Bus signal"
1032
 
        pass
1033
 
    
1034
 
    # PropertyChanged - signal
1035
 
    @dbus.service.signal(_interface, signature="sv")
1036
 
    def PropertyChanged(self, property, value):
1037
 
        "D-Bus signal"
1038
 
        pass
1039
 
    
1040
 
    # GotSecret - signal
1041
 
    @dbus.service.signal(_interface)
1042
 
    def GotSecret(self):
1043
 
        """D-Bus signal
1044
 
        Is sent after a successful transfer of secret from the Mandos
1045
 
        server to mandos-client
1046
 
        """
1047
 
        pass
1048
 
    
1049
 
    # Rejected - signal
1050
 
    @dbus.service.signal(_interface, signature="s")
1051
 
    def Rejected(self, reason):
1052
 
        "D-Bus signal"
1053
 
        pass
1054
 
    
1055
 
    # NeedApproval - signal
1056
 
    @dbus.service.signal(_interface, signature="tb")
1057
 
    def NeedApproval(self, timeout, default):
1058
 
        "D-Bus signal"
1059
 
        return self.need_approval()
1060
 
    
1061
 
    ## Methods
1062
 
    
1063
 
    # Approve - method
1064
 
    @dbus.service.method(_interface, in_signature="b")
1065
 
    def Approve(self, value):
1066
 
        self.approve(value)
1067
 
    
1068
 
    # CheckedOK - method
1069
 
    @dbus.service.method(_interface)
1070
 
    def CheckedOK(self):
1071
 
        self.checked_ok()
1072
 
    
1073
 
    # Enable - method
1074
 
    @dbus.service.method(_interface)
1075
 
    def Enable(self):
1076
 
        "D-Bus method"
1077
 
        self.enable()
1078
 
    
1079
 
    # StartChecker - method
1080
 
    @dbus.service.method(_interface)
1081
 
    def StartChecker(self):
1082
 
        "D-Bus method"
1083
 
        self.start_checker()
1084
 
    
1085
 
    # Disable - method
1086
 
    @dbus.service.method(_interface)
1087
 
    def Disable(self):
1088
 
        "D-Bus method"
1089
 
        self.disable()
1090
 
    
1091
 
    # StopChecker - method
1092
 
    @dbus.service.method(_interface)
1093
 
    def StopChecker(self):
1094
 
        self.stop_checker()
1095
 
    
1096
 
    ## Properties
1097
 
    
1098
 
    # ApprovalPending - property
1099
 
    @dbus_service_property(_interface, signature="b", access="read")
1100
 
    def ApprovalPending_dbus_property(self):
1101
 
        return dbus.Boolean(bool(self.approvals_pending))
1102
 
    
1103
 
    # ApprovedByDefault - property
1104
 
    @dbus_service_property(_interface, signature="b",
1105
 
                           access="readwrite")
1106
 
    def ApprovedByDefault_dbus_property(self, value=None):
1107
 
        if value is None:       # get
1108
 
            return dbus.Boolean(self.approved_by_default)
1109
 
        self.approved_by_default = bool(value)
1110
 
    
1111
 
    # ApprovalDelay - property
1112
 
    @dbus_service_property(_interface, signature="t",
1113
 
                           access="readwrite")
1114
 
    def ApprovalDelay_dbus_property(self, value=None):
1115
 
        if value is None:       # get
1116
 
            return dbus.UInt64(self.approval_delay_milliseconds())
1117
 
        self.approval_delay = datetime.timedelta(0, 0, 0, value)
1118
 
    
1119
 
    # ApprovalDuration - property
1120
 
    @dbus_service_property(_interface, signature="t",
1121
 
                           access="readwrite")
1122
 
    def ApprovalDuration_dbus_property(self, value=None):
1123
 
        if value is None:       # get
1124
 
            return dbus.UInt64(_timedelta_to_milliseconds(
1125
 
                    self.approval_duration))
1126
 
        self.approval_duration = datetime.timedelta(0, 0, 0, value)
1127
 
    
1128
 
    # Name - property
1129
 
    @dbus_service_property(_interface, signature="s", access="read")
1130
 
    def Name_dbus_property(self):
1131
 
        return dbus.String(self.name)
1132
 
    
1133
 
    # Fingerprint - property
1134
 
    @dbus_service_property(_interface, signature="s", access="read")
1135
 
    def Fingerprint_dbus_property(self):
1136
 
        return dbus.String(self.fingerprint)
1137
 
    
1138
 
    # Host - property
1139
 
    @dbus_service_property(_interface, signature="s",
1140
 
                           access="readwrite")
1141
 
    def Host_dbus_property(self, value=None):
1142
 
        if value is None:       # get
1143
 
            return dbus.String(self.host)
1144
 
        self.host = value
1145
 
    
1146
 
    # Created - property
1147
 
    @dbus_service_property(_interface, signature="s", access="read")
1148
 
    def Created_dbus_property(self):
1149
 
        return dbus.String(datetime_to_dbus(self.created))
1150
 
    
1151
 
    # LastEnabled - property
1152
 
    @dbus_service_property(_interface, signature="s", access="read")
1153
 
    def LastEnabled_dbus_property(self):
1154
 
        return datetime_to_dbus(self.last_enabled)
1155
 
    
1156
 
    # Enabled - property
1157
 
    @dbus_service_property(_interface, signature="b",
1158
 
                           access="readwrite")
1159
 
    def Enabled_dbus_property(self, value=None):
1160
 
        if value is None:       # get
1161
 
            return dbus.Boolean(self.enabled)
1162
 
        if value:
1163
 
            self.enable()
1164
 
        else:
1165
 
            self.disable()
1166
 
    
1167
 
    # LastCheckedOK - property
1168
 
    @dbus_service_property(_interface, signature="s",
1169
 
                           access="readwrite")
1170
 
    def LastCheckedOK_dbus_property(self, value=None):
1171
 
        if value is not None:
1172
 
            self.checked_ok()
1173
 
            return
1174
 
        return datetime_to_dbus(self.last_checked_ok)
1175
 
    
1176
 
    # Expires - property
1177
 
    @dbus_service_property(_interface, signature="s", access="read")
1178
 
    def Expires_dbus_property(self):
1179
 
        return datetime_to_dbus(self.expires)
1180
 
    
1181
 
    # LastApprovalRequest - property
1182
 
    @dbus_service_property(_interface, signature="s", access="read")
1183
 
    def LastApprovalRequest_dbus_property(self):
1184
 
        return datetime_to_dbus(self.last_approval_request)
1185
 
    
1186
 
    # Timeout - property
1187
 
    @dbus_service_property(_interface, signature="t",
1188
 
                           access="readwrite")
1189
 
    def Timeout_dbus_property(self, value=None):
1190
 
        if value is None:       # get
1191
 
            return dbus.UInt64(self.timeout_milliseconds())
1192
 
        self.timeout = datetime.timedelta(0, 0, 0, value)
1193
 
        if getattr(self, "disable_initiator_tag", None) is None:
1194
 
            return
1195
 
        # Reschedule timeout
1196
 
        gobject.source_remove(self.disable_initiator_tag)
1197
 
        self.disable_initiator_tag = None
1198
 
        self.expires = None
1199
 
        time_to_die = _timedelta_to_milliseconds((self
1200
 
                                                  .last_checked_ok
1201
 
                                                  + self.timeout)
1202
 
                                                 - datetime.datetime
1203
 
                                                 .utcnow())
1204
 
        if time_to_die <= 0:
1205
 
            # The timeout has passed
1206
 
            self.disable()
1207
 
        else:
1208
 
            self.expires = (datetime.datetime.utcnow()
1209
 
                            + datetime.timedelta(milliseconds =
1210
 
                                                 time_to_die))
1211
 
            self.disable_initiator_tag = (gobject.timeout_add
1212
 
                                          (time_to_die, self.disable))
1213
 
    
1214
 
    # ExtendedTimeout - property
1215
 
    @dbus_service_property(_interface, signature="t",
1216
 
                           access="readwrite")
1217
 
    def ExtendedTimeout_dbus_property(self, value=None):
1218
 
        if value is None:       # get
1219
 
            return dbus.UInt64(self.extended_timeout_milliseconds())
1220
 
        self.extended_timeout = datetime.timedelta(0, 0, 0, value)
1221
 
    
1222
 
    # Interval - property
1223
 
    @dbus_service_property(_interface, signature="t",
1224
 
                           access="readwrite")
1225
 
    def Interval_dbus_property(self, value=None):
1226
 
        if value is None:       # get
1227
 
            return dbus.UInt64(self.interval_milliseconds())
1228
 
        self.interval = datetime.timedelta(0, 0, 0, value)
1229
 
        if getattr(self, "checker_initiator_tag", None) is None:
1230
 
            return
1231
 
        # Reschedule checker run
1232
 
        gobject.source_remove(self.checker_initiator_tag)
1233
 
        self.checker_initiator_tag = (gobject.timeout_add
1234
 
                                      (value, self.start_checker))
1235
 
        self.start_checker()    # Start one now, too
1236
 
    
1237
 
    # Checker - property
1238
 
    @dbus_service_property(_interface, signature="s",
1239
 
                           access="readwrite")
1240
 
    def Checker_dbus_property(self, value=None):
1241
 
        if value is None:       # get
1242
 
            return dbus.String(self.checker_command)
1243
 
        self.checker_command = value
1244
 
    
1245
 
    # CheckerRunning - property
1246
 
    @dbus_service_property(_interface, signature="b",
1247
 
                           access="readwrite")
1248
 
    def CheckerRunning_dbus_property(self, value=None):
1249
 
        if value is None:       # get
1250
 
            return dbus.Boolean(self.checker is not None)
1251
 
        if value:
1252
 
            self.start_checker()
1253
 
        else:
1254
 
            self.stop_checker()
1255
 
    
1256
 
    # ObjectPath - property
1257
 
    @dbus_service_property(_interface, signature="o", access="read")
1258
 
    def ObjectPath_dbus_property(self):
1259
 
        return self.dbus_object_path # is already a dbus.ObjectPath
1260
 
    
1261
 
    # Secret = property
1262
 
    @dbus_service_property(_interface, signature="ay",
1263
 
                           access="write", byte_arrays=True)
1264
 
    def Secret_dbus_property(self, value):
1265
 
        self.secret = str(value)
1266
 
    
1267
 
    del _interface
1268
 
 
1269
 
 
1270
 
class ProxyClient(object):
1271
 
    def __init__(self, child_pipe, fpr, address):
1272
 
        self._pipe = child_pipe
1273
 
        self._pipe.send(('init', fpr, address))
1274
 
        if not self._pipe.recv():
1275
 
            raise KeyError()
1276
 
    
1277
 
    def __getattribute__(self, name):
1278
 
        if(name == '_pipe'):
1279
 
            return super(ProxyClient, self).__getattribute__(name)
1280
 
        self._pipe.send(('getattr', name))
1281
 
        data = self._pipe.recv()
1282
 
        if data[0] == 'data':
1283
 
            return data[1]
1284
 
        if data[0] == 'function':
1285
 
            def func(*args, **kwargs):
1286
 
                self._pipe.send(('funcall', name, args, kwargs))
1287
 
                return self._pipe.recv()[1]
1288
 
            return func
1289
 
    
1290
 
    def __setattr__(self, name, value):
1291
 
        if(name == '_pipe'):
1292
 
            return super(ProxyClient, self).__setattr__(name, value)
1293
 
        self._pipe.send(('setattr', name, value))
1294
 
 
1295
 
class ClientDBusTransitional(ClientDBus):
1296
 
    __metaclass__ = AlternateDBusNamesMetaclass
1297
 
 
1298
 
class ClientHandler(socketserver.BaseRequestHandler, object):
1299
 
    """A class to handle client connections.
1300
 
    
1301
 
    Instantiated once for each connection to handle it.
 
376
    def still_valid(self):
 
377
        """Has the timeout not yet passed for this client?"""
 
378
        now = datetime.datetime.now()
 
379
        if self.last_checked_ok is None:
 
380
            return now < (self.created + self.timeout)
 
381
        else:
 
382
            return now < (self.last_checked_ok + self.timeout)
 
383
 
 
384
 
 
385
def peer_certificate(session):
 
386
    "Return the peer's OpenPGP certificate as a bytestring"
 
387
    # If not an OpenPGP certificate...
 
388
    if gnutls.library.functions.gnutls_certificate_type_get\
 
389
            (session._c_object) \
 
390
           != gnutls.library.constants.GNUTLS_CRT_OPENPGP:
 
391
        # ...do the normal thing
 
392
        return session.peer_certificate
 
393
    list_size = ctypes.c_uint()
 
394
    cert_list = gnutls.library.functions.gnutls_certificate_get_peers\
 
395
        (session._c_object, ctypes.byref(list_size))
 
396
    if list_size.value == 0:
 
397
        return None
 
398
    cert = cert_list[0]
 
399
    return ctypes.string_at(cert.data, cert.size)
 
400
 
 
401
 
 
402
def fingerprint(openpgp):
 
403
    "Convert an OpenPGP bytestring to a hexdigit fingerprint string"
 
404
    # New GnuTLS "datum" with the OpenPGP public key
 
405
    datum = gnutls.library.types.gnutls_datum_t\
 
406
        (ctypes.cast(ctypes.c_char_p(openpgp),
 
407
                     ctypes.POINTER(ctypes.c_ubyte)),
 
408
         ctypes.c_uint(len(openpgp)))
 
409
    # New empty GnuTLS certificate
 
410
    crt = gnutls.library.types.gnutls_openpgp_crt_t()
 
411
    gnutls.library.functions.gnutls_openpgp_crt_init\
 
412
        (ctypes.byref(crt))
 
413
    # Import the OpenPGP public key into the certificate
 
414
    gnutls.library.functions.gnutls_openpgp_crt_import\
 
415
                    (crt, ctypes.byref(datum),
 
416
                     gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
 
417
    # Verify the self signature in the key
 
418
    crtverify = ctypes.c_uint();
 
419
    gnutls.library.functions.gnutls_openpgp_crt_verify_self\
 
420
        (crt, 0, ctypes.byref(crtverify))
 
421
    if crtverify.value != 0:
 
422
        gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
 
423
        raise gnutls.errors.CertificateSecurityError("Verify failed")
 
424
    # New buffer for the fingerprint
 
425
    buffer = ctypes.create_string_buffer(20)
 
426
    buffer_length = ctypes.c_size_t()
 
427
    # Get the fingerprint from the certificate into the buffer
 
428
    gnutls.library.functions.gnutls_openpgp_crt_get_fingerprint\
 
429
        (crt, ctypes.byref(buffer), ctypes.byref(buffer_length))
 
430
    # Deinit the certificate
 
431
    gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
 
432
    # Convert the buffer to a Python bytestring
 
433
    fpr = ctypes.string_at(buffer, buffer_length.value)
 
434
    # Convert the bytestring to hexadecimal notation
 
435
    hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
 
436
    return hex_fpr
 
437
 
 
438
 
 
439
class tcp_handler(SocketServer.BaseRequestHandler, object):
 
440
    """A TCP request handler class.
 
441
    Instantiated by IPv6_TCPServer for each request to handle it.
1302
442
    Note: This will run in its own forked process."""
1303
443
    
1304
444
    def handle(self):
1305
 
        with contextlib.closing(self.server.child_pipe) as child_pipe:
1306
 
            logger.info("TCP connection from: %s",
1307
 
                        unicode(self.client_address))
1308
 
            logger.debug("Pipe FD: %d",
1309
 
                         self.server.child_pipe.fileno())
1310
 
            
1311
 
            session = (gnutls.connection
1312
 
                       .ClientSession(self.request,
1313
 
                                      gnutls.connection
1314
 
                                      .X509Credentials()))
1315
 
            
1316
 
            # Note: gnutls.connection.X509Credentials is really a
1317
 
            # generic GnuTLS certificate credentials object so long as
1318
 
            # no X.509 keys are added to it.  Therefore, we can use it
1319
 
            # here despite using OpenPGP certificates.
1320
 
            
1321
 
            #priority = ':'.join(("NONE", "+VERS-TLS1.1",
1322
 
            #                      "+AES-256-CBC", "+SHA1",
1323
 
            #                      "+COMP-NULL", "+CTYPE-OPENPGP",
1324
 
            #                      "+DHE-DSS"))
1325
 
            # Use a fallback default, since this MUST be set.
1326
 
            priority = self.server.gnutls_priority
1327
 
            if priority is None:
1328
 
                priority = "NORMAL"
1329
 
            (gnutls.library.functions
1330
 
             .gnutls_priority_set_direct(session._c_object,
1331
 
                                         priority, None))
1332
 
            
1333
 
            # Start communication using the Mandos protocol
1334
 
            # Get protocol number
1335
 
            line = self.request.makefile().readline()
1336
 
            logger.debug("Protocol version: %r", line)
1337
 
            try:
1338
 
                if int(line.strip().split()[0]) > 1:
1339
 
                    raise RuntimeError
1340
 
            except (ValueError, IndexError, RuntimeError) as error:
1341
 
                logger.error("Unknown protocol version: %s", error)
1342
 
                return
1343
 
            
1344
 
            # Start GnuTLS connection
1345
 
            try:
1346
 
                session.handshake()
1347
 
            except gnutls.errors.GNUTLSError as error:
1348
 
                logger.warning("Handshake failed: %s", error)
1349
 
                # Do not run session.bye() here: the session is not
1350
 
                # established.  Just abandon the request.
1351
 
                return
1352
 
            logger.debug("Handshake succeeded")
1353
 
            
1354
 
            approval_required = False
1355
 
            try:
1356
 
                try:
1357
 
                    fpr = self.fingerprint(self.peer_certificate
1358
 
                                           (session))
1359
 
                except (TypeError,
1360
 
                        gnutls.errors.GNUTLSError) as error:
1361
 
                    logger.warning("Bad certificate: %s", error)
1362
 
                    return
1363
 
                logger.debug("Fingerprint: %s", fpr)
1364
 
                
1365
 
                try:
1366
 
                    client = ProxyClient(child_pipe, fpr,
1367
 
                                         self.client_address)
1368
 
                except KeyError:
1369
 
                    return
1370
 
                
1371
 
                if client.approval_delay:
1372
 
                    delay = client.approval_delay
1373
 
                    client.approvals_pending += 1
1374
 
                    approval_required = True
1375
 
                
1376
 
                while True:
1377
 
                    if not client.enabled:
1378
 
                        logger.info("Client %s is disabled",
1379
 
                                       client.name)
1380
 
                        if self.server.use_dbus:
1381
 
                            # Emit D-Bus signal
1382
 
                            client.Rejected("Disabled")
1383
 
                        return
1384
 
                    
1385
 
                    if client._approved or not client.approval_delay:
1386
 
                        #We are approved or approval is disabled
1387
 
                        break
1388
 
                    elif client._approved is None:
1389
 
                        logger.info("Client %s needs approval",
1390
 
                                    client.name)
1391
 
                        if self.server.use_dbus:
1392
 
                            # Emit D-Bus signal
1393
 
                            client.NeedApproval(
1394
 
                                client.approval_delay_milliseconds(),
1395
 
                                client.approved_by_default)
1396
 
                    else:
1397
 
                        logger.warning("Client %s was not approved",
1398
 
                                       client.name)
1399
 
                        if self.server.use_dbus:
1400
 
                            # Emit D-Bus signal
1401
 
                            client.Rejected("Denied")
1402
 
                        return
1403
 
                    
1404
 
                    #wait until timeout or approved
1405
 
                    time = datetime.datetime.now()
1406
 
                    client.changedstate.acquire()
1407
 
                    (client.changedstate.wait
1408
 
                     (float(client._timedelta_to_milliseconds(delay)
1409
 
                            / 1000)))
1410
 
                    client.changedstate.release()
1411
 
                    time2 = datetime.datetime.now()
1412
 
                    if (time2 - time) >= delay:
1413
 
                        if not client.approved_by_default:
1414
 
                            logger.warning("Client %s timed out while"
1415
 
                                           " waiting for approval",
1416
 
                                           client.name)
1417
 
                            if self.server.use_dbus:
1418
 
                                # Emit D-Bus signal
1419
 
                                client.Rejected("Approval timed out")
1420
 
                            return
1421
 
                        else:
1422
 
                            break
1423
 
                    else:
1424
 
                        delay -= time2 - time
1425
 
                
1426
 
                sent_size = 0
1427
 
                while sent_size < len(client.secret):
1428
 
                    try:
1429
 
                        sent = session.send(client.secret[sent_size:])
1430
 
                    except gnutls.errors.GNUTLSError as error:
1431
 
                        logger.warning("gnutls send failed")
1432
 
                        return
1433
 
                    logger.debug("Sent: %d, remaining: %d",
1434
 
                                 sent, len(client.secret)
1435
 
                                 - (sent_size + sent))
1436
 
                    sent_size += sent
1437
 
                
1438
 
                logger.info("Sending secret to %s", client.name)
1439
 
                # bump the timeout using extended_timeout
1440
 
                client.checked_ok(client.extended_timeout)
1441
 
                if self.server.use_dbus:
1442
 
                    # Emit D-Bus signal
1443
 
                    client.GotSecret()
1444
 
            
1445
 
            finally:
1446
 
                if approval_required:
1447
 
                    client.approvals_pending -= 1
1448
 
                try:
1449
 
                    session.bye()
1450
 
                except gnutls.errors.GNUTLSError as error:
1451
 
                    logger.warning("GnuTLS bye failed")
1452
 
    
1453
 
    @staticmethod
1454
 
    def peer_certificate(session):
1455
 
        "Return the peer's OpenPGP certificate as a bytestring"
1456
 
        # If not an OpenPGP certificate...
1457
 
        if (gnutls.library.functions
1458
 
            .gnutls_certificate_type_get(session._c_object)
1459
 
            != gnutls.library.constants.GNUTLS_CRT_OPENPGP):
1460
 
            # ...do the normal thing
1461
 
            return session.peer_certificate
1462
 
        list_size = ctypes.c_uint(1)
1463
 
        cert_list = (gnutls.library.functions
1464
 
                     .gnutls_certificate_get_peers
1465
 
                     (session._c_object, ctypes.byref(list_size)))
1466
 
        if not bool(cert_list) and list_size.value != 0:
1467
 
            raise gnutls.errors.GNUTLSError("error getting peer"
1468
 
                                            " certificate")
1469
 
        if list_size.value == 0:
1470
 
            return None
1471
 
        cert = cert_list[0]
1472
 
        return ctypes.string_at(cert.data, cert.size)
1473
 
    
1474
 
    @staticmethod
1475
 
    def fingerprint(openpgp):
1476
 
        "Convert an OpenPGP bytestring to a hexdigit fingerprint"
1477
 
        # New GnuTLS "datum" with the OpenPGP public key
1478
 
        datum = (gnutls.library.types
1479
 
                 .gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
1480
 
                                             ctypes.POINTER
1481
 
                                             (ctypes.c_ubyte)),
1482
 
                                 ctypes.c_uint(len(openpgp))))
1483
 
        # New empty GnuTLS certificate
1484
 
        crt = gnutls.library.types.gnutls_openpgp_crt_t()
1485
 
        (gnutls.library.functions
1486
 
         .gnutls_openpgp_crt_init(ctypes.byref(crt)))
1487
 
        # Import the OpenPGP public key into the certificate
1488
 
        (gnutls.library.functions
1489
 
         .gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
1490
 
                                    gnutls.library.constants
1491
 
                                    .GNUTLS_OPENPGP_FMT_RAW))
1492
 
        # Verify the self signature in the key
1493
 
        crtverify = ctypes.c_uint()
1494
 
        (gnutls.library.functions
1495
 
         .gnutls_openpgp_crt_verify_self(crt, 0,
1496
 
                                         ctypes.byref(crtverify)))
1497
 
        if crtverify.value != 0:
1498
 
            gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1499
 
            raise (gnutls.errors.CertificateSecurityError
1500
 
                   ("Verify failed"))
1501
 
        # New buffer for the fingerprint
1502
 
        buf = ctypes.create_string_buffer(20)
1503
 
        buf_len = ctypes.c_size_t()
1504
 
        # Get the fingerprint from the certificate into the buffer
1505
 
        (gnutls.library.functions
1506
 
         .gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
1507
 
                                             ctypes.byref(buf_len)))
1508
 
        # Deinit the certificate
1509
 
        gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1510
 
        # Convert the buffer to a Python bytestring
1511
 
        fpr = ctypes.string_at(buf, buf_len.value)
1512
 
        # Convert the bytestring to hexadecimal notation
1513
 
        hex_fpr = ''.join("%02X" % ord(char) for char in fpr)
1514
 
        return hex_fpr
1515
 
 
1516
 
 
1517
 
class MultiprocessingMixIn(object):
1518
 
    """Like socketserver.ThreadingMixIn, but with multiprocessing"""
1519
 
    def sub_process_main(self, request, address):
1520
 
        try:
1521
 
            self.finish_request(request, address)
1522
 
        except:
1523
 
            self.handle_error(request, address)
1524
 
        self.close_request(request)
1525
 
    
1526
 
    def process_request(self, request, address):
1527
 
        """Start a new process to process the request."""
1528
 
        proc = multiprocessing.Process(target = self.sub_process_main,
1529
 
                                       args = (request,
1530
 
                                               address))
1531
 
        proc.start()
1532
 
        return proc
1533
 
 
1534
 
 
1535
 
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1536
 
    """ adds a pipe to the MixIn """
1537
 
    def process_request(self, request, client_address):
1538
 
        """Overrides and wraps the original process_request().
1539
 
        
1540
 
        This function creates a new pipe in self.pipe
1541
 
        """
1542
 
        parent_pipe, self.child_pipe = multiprocessing.Pipe()
1543
 
        
1544
 
        proc = MultiprocessingMixIn.process_request(self, request,
1545
 
                                                    client_address)
1546
 
        self.child_pipe.close()
1547
 
        self.add_pipe(parent_pipe, proc)
1548
 
    
1549
 
    def add_pipe(self, parent_pipe, proc):
1550
 
        """Dummy function; override as necessary"""
1551
 
        raise NotImplementedError
1552
 
 
1553
 
 
1554
 
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
1555
 
                     socketserver.TCPServer, object):
1556
 
    """IPv6-capable TCP server.  Accepts 'None' as address and/or port
1557
 
    
 
445
        logger.info(u"TCP connection from: %s",
 
446
                     unicode(self.client_address))
 
447
        session = gnutls.connection.ClientSession\
 
448
                  (self.request, gnutls.connection.X509Credentials())
 
449
        
 
450
        line = self.request.makefile().readline()
 
451
        logger.debug(u"Protocol version: %r", line)
 
452
        try:
 
453
            if int(line.strip().split()[0]) > 1:
 
454
                raise RuntimeError
 
455
        except (ValueError, IndexError, RuntimeError), error:
 
456
            logger.error(u"Unknown protocol version: %s", error)
 
457
            return
 
458
        
 
459
        # Note: gnutls.connection.X509Credentials is really a generic
 
460
        # GnuTLS certificate credentials object so long as no X.509
 
461
        # keys are added to it.  Therefore, we can use it here despite
 
462
        # using OpenPGP certificates.
 
463
        
 
464
        #priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
 
465
        #                "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
 
466
        #                "+DHE-DSS"))
 
467
        priority = "NORMAL"             # Fallback default, since this
 
468
                                        # MUST be set.
 
469
        if self.server.settings["priority"]:
 
470
            priority = self.server.settings["priority"]
 
471
        gnutls.library.functions.gnutls_priority_set_direct\
 
472
            (session._c_object, priority, None);
 
473
        
 
474
        try:
 
475
            session.handshake()
 
476
        except gnutls.errors.GNUTLSError, error:
 
477
            logger.warning(u"Handshake failed: %s", error)
 
478
            # Do not run session.bye() here: the session is not
 
479
            # established.  Just abandon the request.
 
480
            return
 
481
        try:
 
482
            fpr = fingerprint(peer_certificate(session))
 
483
        except (TypeError, gnutls.errors.GNUTLSError), error:
 
484
            logger.warning(u"Bad certificate: %s", error)
 
485
            session.bye()
 
486
            return
 
487
        logger.debug(u"Fingerprint: %s", fpr)
 
488
        client = None
 
489
        for c in self.server.clients:
 
490
            if c.fingerprint == fpr:
 
491
                client = c
 
492
                break
 
493
        if not client:
 
494
            logger.warning(u"Client not found for fingerprint: %s",
 
495
                           fpr)
 
496
            session.bye()
 
497
            return
 
498
        # Have to check if client.still_valid(), since it is possible
 
499
        # that the client timed out while establishing the GnuTLS
 
500
        # session.
 
501
        if not client.still_valid():
 
502
            logger.warning(u"Client %(name)s is invalid",
 
503
                           vars(client))
 
504
            session.bye()
 
505
            return
 
506
        sent_size = 0
 
507
        while sent_size < len(client.secret):
 
508
            sent = session.send(client.secret[sent_size:])
 
509
            logger.debug(u"Sent: %d, remaining: %d",
 
510
                         sent, len(client.secret)
 
511
                         - (sent_size + sent))
 
512
            sent_size += sent
 
513
        session.bye()
 
514
 
 
515
 
 
516
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
 
517
    """IPv6 TCP server.  Accepts 'None' as address and/or port.
1558
518
    Attributes:
 
519
        settings:       Server settings
 
520
        clients:        Set() of Client objects
1559
521
        enabled:        Boolean; whether this server is activated yet
1560
 
        interface:      None or a network interface name (string)
1561
 
        use_ipv6:       Boolean; to use IPv6 or not
1562
522
    """
1563
 
    def __init__(self, server_address, RequestHandlerClass,
1564
 
                 interface=None, use_ipv6=True):
1565
 
        self.interface = interface
1566
 
        if use_ipv6:
1567
 
            self.address_family = socket.AF_INET6
1568
 
        socketserver.TCPServer.__init__(self, server_address,
1569
 
                                        RequestHandlerClass)
 
523
    address_family = socket.AF_INET6
 
524
    def __init__(self, *args, **kwargs):
 
525
        if "settings" in kwargs:
 
526
            self.settings = kwargs["settings"]
 
527
            del kwargs["settings"]
 
528
        if "clients" in kwargs:
 
529
            self.clients = kwargs["clients"]
 
530
            del kwargs["clients"]
 
531
        self.enabled = False
 
532
        return super(type(self), self).__init__(*args, **kwargs)
1570
533
    def server_bind(self):
1571
534
        """This overrides the normal server_bind() function
1572
535
        to bind to an interface if one was specified, and also NOT to
1573
536
        bind to an address or port if they were not specified."""
1574
 
        if self.interface is not None:
1575
 
            if SO_BINDTODEVICE is None:
1576
 
                logger.error("SO_BINDTODEVICE does not exist;"
1577
 
                             " cannot bind to interface %s",
1578
 
                             self.interface)
1579
 
            else:
1580
 
                try:
1581
 
                    self.socket.setsockopt(socket.SOL_SOCKET,
1582
 
                                           SO_BINDTODEVICE,
1583
 
                                           str(self.interface
1584
 
                                               + '\0'))
1585
 
                except socket.error as error:
1586
 
                    if error[0] == errno.EPERM:
1587
 
                        logger.error("No permission to"
1588
 
                                     " bind to interface %s",
1589
 
                                     self.interface)
1590
 
                    elif error[0] == errno.ENOPROTOOPT:
1591
 
                        logger.error("SO_BINDTODEVICE not available;"
1592
 
                                     " cannot bind to interface %s",
1593
 
                                     self.interface)
1594
 
                    else:
1595
 
                        raise
 
537
        if self.settings["interface"]:
 
538
            # 25 is from /usr/include/asm-i486/socket.h
 
539
            SO_BINDTODEVICE = getattr(socket, "SO_BINDTODEVICE", 25)
 
540
            try:
 
541
                self.socket.setsockopt(socket.SOL_SOCKET,
 
542
                                       SO_BINDTODEVICE,
 
543
                                       self.settings["interface"])
 
544
            except socket.error, error:
 
545
                if error[0] == errno.EPERM:
 
546
                    logger.error(u"No permission to"
 
547
                                 u" bind to interface %s",
 
548
                                 self.settings["interface"])
 
549
                else:
 
550
                    raise error
1596
551
        # Only bind(2) the socket if we really need to.
1597
552
        if self.server_address[0] or self.server_address[1]:
1598
553
            if not self.server_address[0]:
1599
 
                if self.address_family == socket.AF_INET6:
1600
 
                    any_address = "::" # in6addr_any
1601
 
                else:
1602
 
                    any_address = socket.INADDR_ANY
1603
 
                self.server_address = (any_address,
 
554
                in6addr_any = "::"
 
555
                self.server_address = (in6addr_any,
1604
556
                                       self.server_address[1])
1605
557
            elif not self.server_address[1]:
1606
558
                self.server_address = (self.server_address[0],
1607
559
                                       0)
1608
 
#                 if self.interface:
 
560
#                 if self.settings["interface"]:
1609
561
#                     self.server_address = (self.server_address[0],
1610
562
#                                            0, # port
1611
563
#                                            0, # flowinfo
1612
564
#                                            if_nametoindex
1613
 
#                                            (self.interface))
1614
 
            return socketserver.TCPServer.server_bind(self)
1615
 
 
1616
 
 
1617
 
class MandosServer(IPv6_TCPServer):
1618
 
    """Mandos server.
1619
 
    
1620
 
    Attributes:
1621
 
        clients:        set of Client objects
1622
 
        gnutls_priority GnuTLS priority string
1623
 
        use_dbus:       Boolean; to emit D-Bus signals or not
1624
 
    
1625
 
    Assumes a gobject.MainLoop event loop.
1626
 
    """
1627
 
    def __init__(self, server_address, RequestHandlerClass,
1628
 
                 interface=None, use_ipv6=True, clients=None,
1629
 
                 gnutls_priority=None, use_dbus=True):
1630
 
        self.enabled = False
1631
 
        self.clients = clients
1632
 
        if self.clients is None:
1633
 
            self.clients = set()
1634
 
        self.use_dbus = use_dbus
1635
 
        self.gnutls_priority = gnutls_priority
1636
 
        IPv6_TCPServer.__init__(self, server_address,
1637
 
                                RequestHandlerClass,
1638
 
                                interface = interface,
1639
 
                                use_ipv6 = use_ipv6)
 
565
#                                            (self.settings
 
566
#                                             ["interface"]))
 
567
            return super(type(self), self).server_bind()
1640
568
    def server_activate(self):
1641
569
        if self.enabled:
1642
 
            return socketserver.TCPServer.server_activate(self)
1643
 
    
 
570
            return super(type(self), self).server_activate()
1644
571
    def enable(self):
1645
572
        self.enabled = True
1646
 
    
1647
 
    def add_pipe(self, parent_pipe, proc):
1648
 
        # Call "handle_ipc" for both data and EOF events
1649
 
        gobject.io_add_watch(parent_pipe.fileno(),
1650
 
                             gobject.IO_IN | gobject.IO_HUP,
1651
 
                             functools.partial(self.handle_ipc,
1652
 
                                               parent_pipe =
1653
 
                                               parent_pipe,
1654
 
                                               proc = proc))
1655
 
    
1656
 
    def handle_ipc(self, source, condition, parent_pipe=None,
1657
 
                   proc = None, client_object=None):
1658
 
        condition_names = {
1659
 
            gobject.IO_IN: "IN",   # There is data to read.
1660
 
            gobject.IO_OUT: "OUT", # Data can be written (without
1661
 
                                    # blocking).
1662
 
            gobject.IO_PRI: "PRI", # There is urgent data to read.
1663
 
            gobject.IO_ERR: "ERR", # Error condition.
1664
 
            gobject.IO_HUP: "HUP"  # Hung up (the connection has been
1665
 
                                    # broken, usually for pipes and
1666
 
                                    # sockets).
1667
 
            }
1668
 
        conditions_string = ' | '.join(name
1669
 
                                       for cond, name in
1670
 
                                       condition_names.iteritems()
1671
 
                                       if cond & condition)
1672
 
        # error, or the other end of multiprocessing.Pipe has closed
1673
 
        if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1674
 
            # Wait for other process to exit
1675
 
            proc.join()
1676
 
            return False
1677
 
        
1678
 
        # Read a request from the child
1679
 
        request = parent_pipe.recv()
1680
 
        command = request[0]
1681
 
        
1682
 
        if command == 'init':
1683
 
            fpr = request[1]
1684
 
            address = request[2]
1685
 
            
1686
 
            for c in self.clients:
1687
 
                if c.fingerprint == fpr:
1688
 
                    client = c
1689
 
                    break
1690
 
            else:
1691
 
                logger.info("Client not found for fingerprint: %s, ad"
1692
 
                            "dress: %s", fpr, address)
1693
 
                if self.use_dbus:
1694
 
                    # Emit D-Bus signal
1695
 
                    mandos_dbus_service.ClientNotFound(fpr,
1696
 
                                                       address[0])
1697
 
                parent_pipe.send(False)
1698
 
                return False
1699
 
            
1700
 
            gobject.io_add_watch(parent_pipe.fileno(),
1701
 
                                 gobject.IO_IN | gobject.IO_HUP,
1702
 
                                 functools.partial(self.handle_ipc,
1703
 
                                                   parent_pipe =
1704
 
                                                   parent_pipe,
1705
 
                                                   proc = proc,
1706
 
                                                   client_object =
1707
 
                                                   client))
1708
 
            parent_pipe.send(True)
1709
 
            # remove the old hook in favor of the new above hook on
1710
 
            # same fileno
1711
 
            return False
1712
 
        if command == 'funcall':
1713
 
            funcname = request[1]
1714
 
            args = request[2]
1715
 
            kwargs = request[3]
1716
 
            
1717
 
            parent_pipe.send(('data', getattr(client_object,
1718
 
                                              funcname)(*args,
1719
 
                                                         **kwargs)))
1720
 
        
1721
 
        if command == 'getattr':
1722
 
            attrname = request[1]
1723
 
            if callable(client_object.__getattribute__(attrname)):
1724
 
                parent_pipe.send(('function',))
1725
 
            else:
1726
 
                parent_pipe.send(('data', client_object
1727
 
                                  .__getattribute__(attrname)))
1728
 
        
1729
 
        if command == 'setattr':
1730
 
            attrname = request[1]
1731
 
            value = request[2]
1732
 
            setattr(client_object, attrname, value)
1733
 
        
1734
 
        return True
1735
573
 
1736
574
 
1737
575
def string_to_delta(interval):
1738
576
    """Parse a string and return a datetime.timedelta
1739
 
    
 
577
 
1740
578
    >>> string_to_delta('7d')
1741
579
    datetime.timedelta(7)
1742
580
    >>> string_to_delta('60s')
1745
583
    datetime.timedelta(0, 3600)
1746
584
    >>> string_to_delta('24h')
1747
585
    datetime.timedelta(1)
1748
 
    >>> string_to_delta('1w')
 
586
    >>> string_to_delta(u'1w')
1749
587
    datetime.timedelta(7)
1750
588
    >>> string_to_delta('5m 30s')
1751
589
    datetime.timedelta(0, 330)
1753
591
    timevalue = datetime.timedelta(0)
1754
592
    for s in interval.split():
1755
593
        try:
1756
 
            suffix = unicode(s[-1])
1757
 
            value = int(s[:-1])
1758
 
            if suffix == "d":
 
594
            suffix=unicode(s[-1])
 
595
            value=int(s[:-1])
 
596
            if suffix == u"d":
1759
597
                delta = datetime.timedelta(value)
1760
 
            elif suffix == "s":
 
598
            elif suffix == u"s":
1761
599
                delta = datetime.timedelta(0, value)
1762
 
            elif suffix == "m":
 
600
            elif suffix == u"m":
1763
601
                delta = datetime.timedelta(0, 0, 0, 0, value)
1764
 
            elif suffix == "h":
 
602
            elif suffix == u"h":
1765
603
                delta = datetime.timedelta(0, 0, 0, 0, 0, value)
1766
 
            elif suffix == "w":
 
604
            elif suffix == u"w":
1767
605
                delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
1768
606
            else:
1769
 
                raise ValueError("Unknown suffix %r" % suffix)
1770
 
        except (ValueError, IndexError) as e:
1771
 
            raise ValueError(*(e.args))
 
607
                raise ValueError
 
608
        except (ValueError, IndexError):
 
609
            raise ValueError
1772
610
        timevalue += delta
1773
611
    return timevalue
1774
612
 
1775
613
 
 
614
def server_state_changed(state):
 
615
    """Derived from the Avahi example code"""
 
616
    if state == avahi.SERVER_COLLISION:
 
617
        logger.error(u"Zeroconf server name collision")
 
618
        service.remove()
 
619
    elif state == avahi.SERVER_RUNNING:
 
620
        service.add()
 
621
 
 
622
 
 
623
def entry_group_state_changed(state, error):
 
624
    """Derived from the Avahi example code"""
 
625
    logger.debug(u"Avahi state change: %i", state)
 
626
    
 
627
    if state == avahi.ENTRY_GROUP_ESTABLISHED:
 
628
        logger.debug(u"Zeroconf service established.")
 
629
    elif state == avahi.ENTRY_GROUP_COLLISION:
 
630
        logger.warning(u"Zeroconf service name collision.")
 
631
        service.rename()
 
632
    elif state == avahi.ENTRY_GROUP_FAILURE:
 
633
        logger.critical(u"Avahi: Error in group state changed %s",
 
634
                        unicode(error))
 
635
        raise AvahiGroupError("State changed: %s", str(error))
 
636
 
1776
637
def if_nametoindex(interface):
1777
 
    """Call the C function if_nametoindex(), or equivalent
1778
 
    
1779
 
    Note: This function cannot accept a unicode string."""
 
638
    """Call the C function if_nametoindex(), or equivalent"""
1780
639
    global if_nametoindex
1781
640
    try:
1782
 
        if_nametoindex = (ctypes.cdll.LoadLibrary
1783
 
                          (ctypes.util.find_library("c"))
1784
 
                          .if_nametoindex)
 
641
        if "ctypes.util" not in sys.modules:
 
642
            import ctypes.util
 
643
        if_nametoindex = ctypes.cdll.LoadLibrary\
 
644
            (ctypes.util.find_library("c")).if_nametoindex
1785
645
    except (OSError, AttributeError):
1786
 
        logger.warning("Doing if_nametoindex the hard way")
 
646
        if "struct" not in sys.modules:
 
647
            import struct
 
648
        if "fcntl" not in sys.modules:
 
649
            import fcntl
1787
650
        def if_nametoindex(interface):
1788
651
            "Get an interface index the hard way, i.e. using fcntl()"
1789
652
            SIOCGIFINDEX = 0x8933  # From /usr/include/linux/sockios.h
1790
 
            with contextlib.closing(socket.socket()) as s:
1791
 
                ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
1792
 
                                    struct.pack(str("16s16x"),
1793
 
                                                interface))
1794
 
            interface_index = struct.unpack(str("I"),
1795
 
                                            ifreq[16:20])[0]
 
653
            s = socket.socket()
 
654
            ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
 
655
                                struct.pack("16s16x", interface))
 
656
            s.close()
 
657
            interface_index = struct.unpack("I", ifreq[16:20])[0]
1796
658
            return interface_index
1797
659
    return if_nametoindex(interface)
1798
660
 
1799
661
 
1800
662
def daemon(nochdir = False, noclose = False):
1801
663
    """See daemon(3).  Standard BSD Unix function.
1802
 
    
1803
664
    This should really exist as os.daemon, but it doesn't (yet)."""
1804
665
    if os.fork():
1805
666
        sys.exit()
1813
674
        null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1814
675
        if not stat.S_ISCHR(os.fstat(null).st_mode):
1815
676
            raise OSError(errno.ENODEV,
1816
 
                          "%s not a character device"
1817
 
                          % os.path.devnull)
 
677
                          "/dev/null not a character device")
1818
678
        os.dup2(null, sys.stdin.fileno())
1819
679
        os.dup2(null, sys.stdout.fileno())
1820
680
        os.dup2(null, sys.stderr.fileno())
1823
683
 
1824
684
 
1825
685
def main():
1826
 
    
1827
 
    ##################################################################
1828
 
    # Parsing of options, both command line and config file
1829
 
    
1830
 
    parser = argparse.ArgumentParser()
1831
 
    parser.add_argument("-v", "--version", action="version",
1832
 
                        version = "%%(prog)s %s" % version,
1833
 
                        help="show version number and exit")
1834
 
    parser.add_argument("-i", "--interface", metavar="IF",
1835
 
                        help="Bind to interface IF")
1836
 
    parser.add_argument("-a", "--address",
1837
 
                        help="Address to listen for requests on")
1838
 
    parser.add_argument("-p", "--port", type=int,
1839
 
                        help="Port number to receive requests on")
1840
 
    parser.add_argument("--check", action="store_true",
1841
 
                        help="Run self-test")
1842
 
    parser.add_argument("--debug", action="store_true",
1843
 
                        help="Debug mode; run in foreground and log"
1844
 
                        " to terminal")
1845
 
    parser.add_argument("--debuglevel", metavar="LEVEL",
1846
 
                        help="Debug level for stdout output")
1847
 
    parser.add_argument("--priority", help="GnuTLS"
1848
 
                        " priority string (see GnuTLS documentation)")
1849
 
    parser.add_argument("--servicename",
1850
 
                        metavar="NAME", help="Zeroconf service name")
1851
 
    parser.add_argument("--configdir",
1852
 
                        default="/etc/mandos", metavar="DIR",
1853
 
                        help="Directory to search for configuration"
1854
 
                        " files")
1855
 
    parser.add_argument("--no-dbus", action="store_false",
1856
 
                        dest="use_dbus", help="Do not provide D-Bus"
1857
 
                        " system bus interface")
1858
 
    parser.add_argument("--no-ipv6", action="store_false",
1859
 
                        dest="use_ipv6", help="Do not use IPv6")
1860
 
    options = parser.parse_args()
 
686
    global main_loop_started
 
687
    main_loop_started = False
 
688
    
 
689
    parser = OptionParser(version = "%%prog %s" % version)
 
690
    parser.add_option("-i", "--interface", type="string",
 
691
                      metavar="IF", help="Bind to interface IF")
 
692
    parser.add_option("-a", "--address", type="string",
 
693
                      help="Address to listen for requests on")
 
694
    parser.add_option("-p", "--port", type="int",
 
695
                      help="Port number to receive requests on")
 
696
    parser.add_option("--check", action="store_true", default=False,
 
697
                      help="Run self-test")
 
698
    parser.add_option("--debug", action="store_true",
 
699
                      help="Debug mode; run in foreground and log to"
 
700
                      " terminal")
 
701
    parser.add_option("--priority", type="string", help="GnuTLS"
 
702
                      " priority string (see GnuTLS documentation)")
 
703
    parser.add_option("--servicename", type="string", metavar="NAME",
 
704
                      help="Zeroconf service name")
 
705
    parser.add_option("--configdir", type="string",
 
706
                      default="/etc/mandos", metavar="DIR",
 
707
                      help="Directory to search for configuration"
 
708
                      " files")
 
709
    (options, args) = parser.parse_args()
1861
710
    
1862
711
    if options.check:
1863
712
        import doctest
1872
721
                        "priority":
1873
722
                        "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
1874
723
                        "servicename": "Mandos",
1875
 
                        "use_dbus": "True",
1876
 
                        "use_ipv6": "True",
1877
 
                        "debuglevel": "",
1878
724
                        }
1879
725
    
1880
726
    # Parse config file for server-global settings
1881
 
    server_config = configparser.SafeConfigParser(server_defaults)
 
727
    server_config = ConfigParser.SafeConfigParser(server_defaults)
1882
728
    del server_defaults
1883
 
    server_config.read(os.path.join(options.configdir,
1884
 
                                    "mandos.conf"))
 
729
    server_config.read(os.path.join(options.configdir, "mandos.conf"))
1885
730
    # Convert the SafeConfigParser object to a dict
1886
731
    server_settings = server_config.defaults()
1887
 
    # Use the appropriate methods on the non-string config options
1888
 
    for option in ("debug", "use_dbus", "use_ipv6"):
1889
 
        server_settings[option] = server_config.getboolean("DEFAULT",
1890
 
                                                           option)
1891
 
    if server_settings["port"]:
1892
 
        server_settings["port"] = server_config.getint("DEFAULT",
1893
 
                                                       "port")
 
732
    # Use getboolean on the boolean config option
 
733
    server_settings["debug"] = server_config.getboolean\
 
734
                               ("DEFAULT", "debug")
1894
735
    del server_config
1895
736
    
1896
737
    # Override the settings from the config file with command line
1897
738
    # options, if set.
1898
739
    for option in ("interface", "address", "port", "debug",
1899
 
                   "priority", "servicename", "configdir",
1900
 
                   "use_dbus", "use_ipv6", "debuglevel"):
 
740
                   "priority", "servicename", "configdir"):
1901
741
        value = getattr(options, option)
1902
742
        if value is not None:
1903
743
            server_settings[option] = value
1904
744
    del options
1905
 
    # Force all strings to be unicode
1906
 
    for option in server_settings.keys():
1907
 
        if type(server_settings[option]) is str:
1908
 
            server_settings[option] = unicode(server_settings[option])
1909
745
    # Now we have our good server settings in "server_settings"
1910
746
    
1911
 
    ##################################################################
1912
 
    
1913
 
    # For convenience
1914
747
    debug = server_settings["debug"]
1915
 
    debuglevel = server_settings["debuglevel"]
1916
 
    use_dbus = server_settings["use_dbus"]
1917
 
    use_ipv6 = server_settings["use_ipv6"]
 
748
    
 
749
    if not debug:
 
750
        syslogger.setLevel(logging.WARNING)
 
751
        console.setLevel(logging.WARNING)
1918
752
    
1919
753
    if server_settings["servicename"] != "Mandos":
1920
 
        syslogger.setFormatter(logging.Formatter
1921
 
                               ('Mandos (%s) [%%(process)d]:'
1922
 
                                ' %%(levelname)s: %%(message)s'
 
754
        syslogger.setFormatter(logging.Formatter\
 
755
                               ('Mandos (%s): %%(levelname)s:'
 
756
                                ' %%(message)s'
1923
757
                                % server_settings["servicename"]))
1924
758
    
1925
759
    # Parse config file with clients
1926
 
    client_defaults = { "timeout": "5m",
1927
 
                        "extended_timeout": "15m",
1928
 
                        "interval": "2m",
1929
 
                        "checker": "fping -q -- %%(host)s",
 
760
    client_defaults = { "timeout": "1h",
 
761
                        "interval": "5m",
 
762
                        "checker": "fping -q -- %(host)s",
1930
763
                        "host": "",
1931
 
                        "approval_delay": "0s",
1932
 
                        "approval_duration": "1s",
1933
764
                        }
1934
 
    client_config = configparser.SafeConfigParser(client_defaults)
 
765
    client_config = ConfigParser.SafeConfigParser(client_defaults)
1935
766
    client_config.read(os.path.join(server_settings["configdir"],
1936
767
                                    "clients.conf"))
1937
768
    
1938
 
    global mandos_dbus_service
1939
 
    mandos_dbus_service = None
1940
 
    
1941
 
    tcp_server = MandosServer((server_settings["address"],
1942
 
                               server_settings["port"]),
1943
 
                              ClientHandler,
1944
 
                              interface=(server_settings["interface"]
1945
 
                                         or None),
1946
 
                              use_ipv6=use_ipv6,
1947
 
                              gnutls_priority=
1948
 
                              server_settings["priority"],
1949
 
                              use_dbus=use_dbus)
1950
 
    if not debug:
1951
 
        pidfilename = "/var/run/mandos.pid"
1952
 
        try:
1953
 
            pidfile = open(pidfilename, "w")
1954
 
        except IOError:
1955
 
            logger.error("Could not open file %r", pidfilename)
1956
 
    
1957
 
    try:
1958
 
        uid = pwd.getpwnam("_mandos").pw_uid
1959
 
        gid = pwd.getpwnam("_mandos").pw_gid
1960
 
    except KeyError:
1961
 
        try:
1962
 
            uid = pwd.getpwnam("mandos").pw_uid
1963
 
            gid = pwd.getpwnam("mandos").pw_gid
1964
 
        except KeyError:
1965
 
            try:
1966
 
                uid = pwd.getpwnam("nobody").pw_uid
1967
 
                gid = pwd.getpwnam("nobody").pw_gid
1968
 
            except KeyError:
1969
 
                uid = 65534
1970
 
                gid = 65534
1971
 
    try:
 
769
    clients = Set()
 
770
    tcp_server = IPv6_TCPServer((server_settings["address"],
 
771
                                 server_settings["port"]),
 
772
                                tcp_handler,
 
773
                                settings=server_settings,
 
774
                                clients=clients)
 
775
    pidfilename = "/var/run/mandos.pid"
 
776
    try:
 
777
        pidfile = open(pidfilename, "w")
 
778
    except IOError, error:
 
779
        logger.error("Could not open file %r", pidfilename)
 
780
    
 
781
    uid = 65534
 
782
    gid = 65534
 
783
    try:
 
784
        uid = pwd.getpwnam("mandos").pw_uid
 
785
    except KeyError:
 
786
        try:
 
787
            uid = pwd.getpwnam("nobody").pw_uid
 
788
        except KeyError:
 
789
            pass
 
790
    try:
 
791
        gid = pwd.getpwnam("mandos").pw_gid
 
792
    except KeyError:
 
793
        try:
 
794
            gid = pwd.getpwnam("nogroup").pw_gid
 
795
        except KeyError:
 
796
            pass
 
797
    try:
 
798
        os.setuid(uid)
1972
799
        os.setgid(gid)
1973
 
        os.setuid(uid)
1974
 
    except OSError as error:
 
800
    except OSError, error:
1975
801
        if error[0] != errno.EPERM:
1976
802
            raise error
1977
803
    
1978
 
    if not debug and not debuglevel:
1979
 
        logger.setLevel(logging.WARNING)
1980
 
    if debuglevel:
1981
 
        level = getattr(logging, debuglevel.upper())
1982
 
        logger.setLevel(level)
 
804
    global service
 
805
    service = AvahiService(name = server_settings["servicename"],
 
806
                           type = "_mandos._tcp", );
 
807
    if server_settings["interface"]:
 
808
        service.interface = if_nametoindex\
 
809
                            (server_settings["interface"])
 
810
    
 
811
    global main_loop
 
812
    global bus
 
813
    global server
 
814
    # From the Avahi example code
 
815
    DBusGMainLoop(set_as_default=True )
 
816
    main_loop = gobject.MainLoop()
 
817
    bus = dbus.SystemBus()
 
818
    server = dbus.Interface(bus.get_object(avahi.DBUS_NAME,
 
819
                                           avahi.DBUS_PATH_SERVER),
 
820
                            avahi.DBUS_INTERFACE_SERVER)
 
821
    # End of Avahi example code
 
822
    
 
823
    def remove_from_clients(client):
 
824
        clients.remove(client)
 
825
        if not clients:
 
826
            logger.critical(u"No clients left, exiting")
 
827
            sys.exit()
 
828
    
 
829
    clients.update(Set(Client(name = section,
 
830
                              stop_hook = remove_from_clients,
 
831
                              config
 
832
                              = dict(client_config.items(section)))
 
833
                       for section in client_config.sections()))
 
834
    if not clients:
 
835
        logger.critical(u"No clients defined")
 
836
        sys.exit(1)
1983
837
    
1984
838
    if debug:
1985
 
        logger.setLevel(logging.DEBUG)
1986
 
        # Enable all possible GnuTLS debugging
1987
 
        
1988
 
        # "Use a log level over 10 to enable all debugging options."
1989
 
        # - GnuTLS manual
1990
 
        gnutls.library.functions.gnutls_global_set_log_level(11)
1991
 
        
1992
 
        @gnutls.library.types.gnutls_log_func
1993
 
        def debug_gnutls(level, string):
1994
 
            logger.debug("GnuTLS: %s", string[:-1])
1995
 
        
1996
 
        (gnutls.library.functions
1997
 
         .gnutls_global_set_log_function(debug_gnutls))
1998
 
        
1999
839
        # Redirect stdin so all checkers get /dev/null
2000
840
        null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
2001
841
        os.dup2(null, sys.stdin.fileno())
2004
844
    else:
2005
845
        # No console logging
2006
846
        logger.removeHandler(console)
2007
 
    
2008
 
    # Need to fork before connecting to D-Bus
2009
 
    if not debug:
2010
847
        # Close all input and output, do double fork, etc.
2011
848
        daemon()
2012
849
    
2013
 
    global main_loop
2014
 
    # From the Avahi example code
2015
 
    DBusGMainLoop(set_as_default=True )
2016
 
    main_loop = gobject.MainLoop()
2017
 
    bus = dbus.SystemBus()
2018
 
    # End of Avahi example code
2019
 
    if use_dbus:
2020
 
        try:
2021
 
            bus_name = dbus.service.BusName("se.recompile.Mandos",
2022
 
                                            bus, do_not_queue=True)
2023
 
            old_bus_name = (dbus.service.BusName
2024
 
                            ("se.bsnet.fukt.Mandos", bus,
2025
 
                             do_not_queue=True))
2026
 
        except dbus.exceptions.NameExistsException as e:
2027
 
            logger.error(unicode(e) + ", disabling D-Bus")
2028
 
            use_dbus = False
2029
 
            server_settings["use_dbus"] = False
2030
 
            tcp_server.use_dbus = False
2031
 
    protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
2032
 
    service = AvahiServiceToSyslog(name =
2033
 
                                   server_settings["servicename"],
2034
 
                                   servicetype = "_mandos._tcp",
2035
 
                                   protocol = protocol, bus = bus)
2036
 
    if server_settings["interface"]:
2037
 
        service.interface = (if_nametoindex
2038
 
                             (str(server_settings["interface"])))
2039
 
    
2040
 
    global multiprocessing_manager
2041
 
    multiprocessing_manager = multiprocessing.Manager()
2042
 
    
2043
 
    client_class = Client
2044
 
    if use_dbus:
2045
 
        client_class = functools.partial(ClientDBusTransitional,
2046
 
                                         bus = bus)
2047
 
    def client_config_items(config, section):
2048
 
        special_settings = {
2049
 
            "approved_by_default":
2050
 
                lambda: config.getboolean(section,
2051
 
                                          "approved_by_default"),
2052
 
            }
2053
 
        for name, value in config.items(section):
2054
 
            try:
2055
 
                yield (name, special_settings[name]())
2056
 
            except KeyError:
2057
 
                yield (name, value)
2058
 
    
2059
 
    tcp_server.clients.update(set(
2060
 
            client_class(name = section,
2061
 
                         config= dict(client_config_items(
2062
 
                        client_config, section)))
2063
 
            for section in client_config.sections()))
2064
 
    if not tcp_server.clients:
2065
 
        logger.warning("No clients defined")
 
850
    try:
 
851
        pid = os.getpid()
 
852
        pidfile.write(str(pid) + "\n")
 
853
        pidfile.close()
 
854
        del pidfile
 
855
    except IOError, err:
 
856
        logger.error(u"Could not write to file %r with PID %d",
 
857
                     pidfilename, pid)
 
858
    except NameError:
 
859
        # "pidfile" was never created
 
860
        pass
 
861
    del pidfilename
 
862
    
 
863
    def cleanup():
 
864
        "Cleanup function; run on exit"
 
865
        global group
 
866
        # From the Avahi example code
 
867
        if not group is None:
 
868
            group.Free()
 
869
            group = None
 
870
        # End of Avahi example code
2066
871
        
 
872
        while clients:
 
873
            client = clients.pop()
 
874
            client.stop_hook = None
 
875
            client.stop()
 
876
    
 
877
    atexit.register(cleanup)
 
878
    
2067
879
    if not debug:
2068
 
        try:
2069
 
            with pidfile:
2070
 
                pid = os.getpid()
2071
 
                pidfile.write(str(pid) + "\n".encode("utf-8"))
2072
 
            del pidfile
2073
 
        except IOError:
2074
 
            logger.error("Could not write to file %r with PID %d",
2075
 
                         pidfilename, pid)
2076
 
        except NameError:
2077
 
            # "pidfile" was never created
2078
 
            pass
2079
 
        del pidfilename
2080
 
        
2081
880
        signal.signal(signal.SIGINT, signal.SIG_IGN)
2082
 
    
2083
881
    signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
2084
882
    signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
2085
883
    
2086
 
    if use_dbus:
2087
 
        class MandosDBusService(dbus.service.Object):
2088
 
            """A D-Bus proxy object"""
2089
 
            def __init__(self):
2090
 
                dbus.service.Object.__init__(self, bus, "/")
2091
 
            _interface = "se.recompile.Mandos"
2092
 
            
2093
 
            @dbus.service.signal(_interface, signature="o")
2094
 
            def ClientAdded(self, objpath):
2095
 
                "D-Bus signal"
2096
 
                pass
2097
 
            
2098
 
            @dbus.service.signal(_interface, signature="ss")
2099
 
            def ClientNotFound(self, fingerprint, address):
2100
 
                "D-Bus signal"
2101
 
                pass
2102
 
            
2103
 
            @dbus.service.signal(_interface, signature="os")
2104
 
            def ClientRemoved(self, objpath, name):
2105
 
                "D-Bus signal"
2106
 
                pass
2107
 
            
2108
 
            @dbus.service.method(_interface, out_signature="ao")
2109
 
            def GetAllClients(self):
2110
 
                "D-Bus method"
2111
 
                return dbus.Array(c.dbus_object_path
2112
 
                                  for c in tcp_server.clients)
2113
 
            
2114
 
            @dbus.service.method(_interface,
2115
 
                                 out_signature="a{oa{sv}}")
2116
 
            def GetAllClientsWithProperties(self):
2117
 
                "D-Bus method"
2118
 
                return dbus.Dictionary(
2119
 
                    ((c.dbus_object_path, c.GetAll(""))
2120
 
                     for c in tcp_server.clients),
2121
 
                    signature="oa{sv}")
2122
 
            
2123
 
            @dbus.service.method(_interface, in_signature="o")
2124
 
            def RemoveClient(self, object_path):
2125
 
                "D-Bus method"
2126
 
                for c in tcp_server.clients:
2127
 
                    if c.dbus_object_path == object_path:
2128
 
                        tcp_server.clients.remove(c)
2129
 
                        c.remove_from_connection()
2130
 
                        # Don't signal anything except ClientRemoved
2131
 
                        c.disable(quiet=True)
2132
 
                        # Emit D-Bus signal
2133
 
                        self.ClientRemoved(object_path, c.name)
2134
 
                        return
2135
 
                raise KeyError(object_path)
2136
 
            
2137
 
            del _interface
2138
 
        
2139
 
        class MandosDBusServiceTransitional(MandosDBusService):
2140
 
            __metaclass__ = AlternateDBusNamesMetaclass
2141
 
        mandos_dbus_service = MandosDBusServiceTransitional()
2142
 
    
2143
 
    def cleanup():
2144
 
        "Cleanup function; run on exit"
2145
 
        service.cleanup()
2146
 
        
2147
 
        multiprocessing.active_children()
2148
 
        while tcp_server.clients:
2149
 
            client = tcp_server.clients.pop()
2150
 
            if use_dbus:
2151
 
                client.remove_from_connection()
2152
 
            client.disable_hook = None
2153
 
            # Don't signal anything except ClientRemoved
2154
 
            client.disable(quiet=True)
2155
 
            if use_dbus:
2156
 
                # Emit D-Bus signal
2157
 
                mandos_dbus_service.ClientRemoved(client
2158
 
                                                  .dbus_object_path,
2159
 
                                                  client.name)
2160
 
    
2161
 
    atexit.register(cleanup)
2162
 
    
2163
 
    for client in tcp_server.clients:
2164
 
        if use_dbus:
2165
 
            # Emit D-Bus signal
2166
 
            mandos_dbus_service.ClientAdded(client.dbus_object_path)
2167
 
        client.enable()
 
884
    for client in clients:
 
885
        client.start()
2168
886
    
2169
887
    tcp_server.enable()
2170
888
    tcp_server.server_activate()
2171
889
    
2172
890
    # Find out what port we got
2173
891
    service.port = tcp_server.socket.getsockname()[1]
2174
 
    if use_ipv6:
2175
 
        logger.info("Now listening on address %r, port %d,"
2176
 
                    " flowinfo %d, scope_id %d"
2177
 
                    % tcp_server.socket.getsockname())
2178
 
    else:                       # IPv4
2179
 
        logger.info("Now listening on address %r, port %d"
2180
 
                    % tcp_server.socket.getsockname())
 
892
    logger.info(u"Now listening on address %r, port %d, flowinfo %d,"
 
893
                u" scope_id %d" % tcp_server.socket.getsockname())
2181
894
    
2182
895
    #service.interface = tcp_server.socket.getsockname()[3]
2183
896
    
2184
897
    try:
2185
898
        # From the Avahi example code
 
899
        server.connect_to_signal("StateChanged", server_state_changed)
2186
900
        try:
2187
 
            service.activate()
2188
 
        except dbus.exceptions.DBusException as error:
2189
 
            logger.critical("DBusException: %s", error)
2190
 
            cleanup()
 
901
            server_state_changed(server.GetState())
 
902
        except dbus.exceptions.DBusException, error:
 
903
            logger.critical(u"DBusException: %s", error)
2191
904
            sys.exit(1)
2192
905
        # End of Avahi example code
2193
906
        
2194
907
        gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
2195
908
                             lambda *args, **kwargs:
2196
 
                             (tcp_server.handle_request
2197
 
                              (*args[2:], **kwargs) or True))
 
909
                             tcp_server.handle_request\
 
910
                             (*args[2:], **kwargs) or True)
2198
911
        
2199
 
        logger.debug("Starting main loop")
 
912
        logger.debug(u"Starting main loop")
 
913
        main_loop_started = True
2200
914
        main_loop.run()
2201
 
    except AvahiError as error:
2202
 
        logger.critical("AvahiError: %s", error)
2203
 
        cleanup()
 
915
    except AvahiError, error:
 
916
        logger.critical(u"AvahiError: %s" + unicode(error))
2204
917
        sys.exit(1)
2205
918
    except KeyboardInterrupt:
2206
919
        if debug:
2207
 
            print("", file=sys.stderr)
2208
 
        logger.debug("Server received KeyboardInterrupt")
2209
 
    logger.debug("Server exiting")
2210
 
    # Must run before the D-Bus bus name gets deregistered
2211
 
    cleanup()
2212
 
 
 
920
            print
2213
921
 
2214
922
if __name__ == '__main__':
2215
923
    main()