/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to server.py

  • Committer: Teddy Hogeborn
  • Date: 2008-07-21 15:34:44 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080721153444-lugbjkj1oq65ugq3
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
                     $(LANGUAGE).
  (WARN, DEBUG, COVERAGE, LANGUAGE): New.
  (LDFLAGS): New; use $(COVERAGE)

* plugbasedclient.c: Added copyright header.
  (process.buffer_size, process.buffer_length): Changed to "size_t".
  (main): Cast arguments to malloc and realloc.  Detect read errors
          from processes.

* mandosclient.c: Added copyright header.
  (interface): Moved to inside "main".
  (gpg_packet_decrypt): Renamed to "pgp_packet_decrypt"; all callers
                        changed.  Changed "new_packet_capacity" and
                        "new_packet_length" to be ssize_t.  Cast
                        arguments to realloc.
  (debuggnutls): Attribute "level" argument as unused.
  (empty_log): Attribute "level" and "txt" arguments as unused.
  (start_mandos_communication): New argument "if_index".  Bug fix:
                                check ret, no tcp_sd, for errors from
                                setsockopt.  Use "if_index" directly
                                instead of looking up the index.  Loop
                                around fwrite until all data is written.
  (resolve_callback): Attribute "txt", and "flags" as usused.  Added
                      default case to switch.  Also show server host
                      name.  Call start_mandos_communication with
                      "interface".
  (browse_callback): Added default case to switch.
  (main): Variable "interface" moved here.  Cast "srand" argument.
          Bug fix: Call avahi_s_service_browser_new with index of
          "interface", not "eth0".

* passprompt.c: Added copyright header.
  (termination_handler): Attribute "signum" argument as unused.

Show diffs side-by-side

added added

removed removed

Lines of Context:
server.py
87
87
# Avahi example code.
88
88
serviceInterface = avahi.IF_UNSPEC
89
89
# From the Avahi example code:
90
 
serviceName = None
 
90
serviceName = "Mandos"
91
91
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
92
92
servicePort = None                      # Not known at startup
93
93
serviceTXT = []                         # TXT record for the service
152
152
    interval = property(lambda self: self._interval,
153
153
                        _set_interval)
154
154
    del _set_interval
155
 
    def __init__(self, name=None, stop_hook=None, fingerprint=None,
156
 
                 secret=None, secfile=None, fqdn=None, timeout=None,
157
 
                 interval=-1, checker=None):
 
155
    def __init__(self, name=None, options=None, stop_hook=None,
 
156
                 fingerprint=None, secret=None, secfile=None,
 
157
                 fqdn=None, timeout=None, interval=-1, checker=None):
158
158
        """Note: the 'checker' argument sets the 'checker_command'
159
159
        attribute and not the 'checker' attribute.."""
160
160
        self.name = name
161
 
        logger.debug(u"Creating client %r", self.name)
162
161
        # Uppercase and remove spaces from fingerprint
163
162
        # for later comparison purposes with return value of
164
163
        # the fingerprint() function
165
164
        self.fingerprint = fingerprint.upper().replace(u" ", u"")
166
 
        logger.debug(u"  Fingerprint: %s", self.fingerprint)
167
165
        if secret:
168
166
            self.secret = secret.decode(u"base64")
169
167
        elif secfile:
176
174
        self.fqdn = fqdn                # string
177
175
        self.created = datetime.datetime.now()
178
176
        self.last_seen = None
179
 
        self.timeout = string_to_delta(timeout)
180
 
        self.interval = string_to_delta(interval)
 
177
        if timeout is None:
 
178
            self.timeout = options.timeout
 
179
        else:
 
180
            self.timeout = string_to_delta(timeout)
 
181
        if interval == -1:
 
182
            self.interval = options.interval
 
183
        else:
 
184
            self.interval = string_to_delta(interval)
181
185
        self.stop_hook = stop_hook
182
186
        self.checker = None
183
187
        self.checker_initiator_tag = None
373
377
        #priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
374
378
        #                "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
375
379
        #                "+DHE-DSS"))
376
 
        priority = "NORMAL"
377
 
        if self.server.options.priority:
378
 
            priority = self.server.options.priority
 
380
        priority = "SECURE256"
 
381
        
379
382
        gnutls.library.functions.gnutls_priority_set_direct\
380
383
            (session._c_object, priority, None);
381
384
        
633
636
                      help="Address to listen for requests on")
634
637
    parser.add_option("-p", "--port", type="int", default=None,
635
638
                      help="Port number to receive requests on")
 
639
    parser.add_option("--timeout", type="string", # Parsed later
 
640
                      default="1h",
 
641
                      help="Amount of downtime allowed for clients")
 
642
    parser.add_option("--interval", type="string", # Parsed later
 
643
                      default="5m",
 
644
                      help="How often to check that a client is up")
636
645
    parser.add_option("--check", action="store_true", default=False,
637
646
                      help="Run self-test")
638
647
    parser.add_option("--debug", action="store_true", default=False,
639
648
                      help="Debug mode")
640
 
    parser.add_option("--priority", type="string",
641
 
                      default="SECURE256",
642
 
                      help="GnuTLS priority string"
643
 
                      " (see GnuTLS documentation)")
644
 
    parser.add_option("--servicename", type="string",
645
 
                      default="Mandos", help="Zeroconf service name")
646
649
    (options, args) = parser.parse_args()
647
650
    
648
651
    if options.check:
650
653
        doctest.testmod()
651
654
        sys.exit()
652
655
    
 
656
    # Parse the time arguments
 
657
    try:
 
658
        options.timeout = string_to_delta(options.timeout)
 
659
    except ValueError:
 
660
        parser.error("option --timeout: Unparseable time")
 
661
    try:
 
662
        options.interval = string_to_delta(options.interval)
 
663
    except ValueError:
 
664
        parser.error("option --interval: Unparseable time")
 
665
    
653
666
    # Parse config file
654
 
    defaults = { "timeout": "1h",
655
 
                 "interval": "5m",
656
 
                 "checker": "fping -q -- %%(fqdn)s",
657
 
                 }
 
667
    defaults = { "checker": "fping -q -- %%(fqdn)s" }
658
668
    client_config = ConfigParser.SafeConfigParser(defaults)
659
669
    #client_config.readfp(open("global.conf"), "global.conf")
660
670
    client_config.read("mandos-clients.conf")
661
671
    
662
 
    global serviceName
663
 
    serviceName = options.servicename;
664
 
    
665
672
    global main_loop
666
673
    global bus
667
674
    global server
691
698
            logger.debug(u"No clients left, exiting")
692
699
            killme()
693
700
    
694
 
    clients.update(Set(Client(name=section,
 
701
    clients.update(Set(Client(name=section, options=options,
695
702
                              stop_hook = remove_from_clients,
696
703
                              **(dict(client_config\
697
704
                                      .items(section))))