/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-monitor

  • Committer: Teddy Hogeborn
  • Date: 2011-03-08 19:12:56 UTC
  • mfrom: (472 trunk)
  • mto: (237.4.29 release)
  • mto: This revision was merged to the branch mainline in revision 473.
  • Revision ID: teddy@fukt.bsnet.se-20110308191256-mjcukty9on3z0yhd
Merge from trunk.

Show diffs side-by-side

added added

removed removed

Lines of Context:
3
3
4
4
# Mandos Monitor - Control and monitor the Mandos server
5
5
6
 
# Copyright © 2009-2012 Teddy Hogeborn
7
 
# Copyright © 2009-2012 Björn Påhlsson
 
6
# Copyright © 2009-2011 Teddy Hogeborn
 
7
# Copyright © 2009-2011 Björn Påhlsson
8
8
9
9
# This program is free software: you can redistribute it and/or modify
10
10
# it under the terms of the GNU General Public License as published by
19
19
# You should have received a copy of the GNU General Public License
20
20
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
21
21
22
 
# Contact the authors at <mandos@recompile.se>.
 
22
# Contact the authors at <mandos@fukt.bsnet.se>.
23
23
24
24
 
25
 
from __future__ import (division, absolute_import, print_function,
26
 
                        unicode_literals)
 
25
from __future__ import division, absolute_import, print_function, unicode_literals
27
26
 
28
27
import sys
29
28
import os
49
48
logging.getLogger('dbus.proxies').setLevel(logging.CRITICAL)
50
49
 
51
50
# Some useful constants
52
 
domain = 'se.recompile'
 
51
domain = 'se.bsnet.fukt'
53
52
server_interface = domain + '.Mandos'
54
53
client_interface = domain + '.Mandos.Client'
55
 
version = "1.5.3"
 
54
version = "1.2.3"
56
55
 
57
56
# Always run in monochrome mode
58
57
urwid.curses_display.curses.has_colors = lambda : False
87
86
        self.proxy = proxy_object # Mandos Client proxy object
88
87
        
89
88
        self.properties = dict()
90
 
        self.property_changed_match = (
91
 
            self.proxy.connect_to_signal("PropertyChanged",
92
 
                                         self.property_changed,
93
 
                                         client_interface,
94
 
                                         byte_arrays=True))
 
89
        self.proxy.connect_to_signal("PropertyChanged",
 
90
                                     self.property_changed,
 
91
                                     client_interface,
 
92
                                     byte_arrays=True)
95
93
        
96
94
        self.properties.update(
97
95
            self.proxy.GetAll(client_interface,
98
96
                              dbus_interface = dbus.PROPERTIES_IFACE))
99
97
 
100
 
        #XXX This breaks good super behaviour
 
98
        #XXX This break good super behaviour!
101
99
#        super(MandosClientPropertyCache, self).__init__(
102
100
#            *args, **kwargs)
103
101
    
107
105
        """
108
106
        # Update properties dict with new value
109
107
        self.properties[property] = value
110
 
    
111
 
    def delete(self, *args, **kwargs):
112
 
        self.property_changed_match.remove()
113
 
        super(MandosClientPropertyCache, self).__init__(
114
 
            *args, **kwargs)
115
108
 
116
109
 
117
110
class MandosClientWidget(urwid.FlowWidget, MandosClientPropertyCache):
131
124
        
132
125
        self._update_timer_callback_tag = None
133
126
        self._update_timer_callback_lock = 0
 
127
        self.last_checker_failed = False
134
128
        
135
129
        # The widget shown normally
136
130
        self._text_widget = urwid.Text("")
144
138
        
145
139
        last_checked_ok = isoformat_to_datetime(self.properties
146
140
                                                ["LastCheckedOK"])
 
141
        if last_checked_ok is None:
 
142
            self.last_checker_failed = True
 
143
        else:
 
144
            self.last_checker_failed = ((datetime.datetime.utcnow()
 
145
                                         - last_checked_ok)
 
146
                                        > datetime.timedelta
 
147
                                        (milliseconds=
 
148
                                         self.properties
 
149
                                         ["Interval"]))
147
150
        
148
 
        if self.properties ["LastCheckerStatus"] != 0:
 
151
        if self.last_checker_failed:
149
152
            self.using_timer(True)
150
153
        
151
154
        if self.need_approval:
152
155
            self.using_timer(True)
153
156
        
154
 
        self.match_objects = (
155
 
            self.proxy.connect_to_signal("CheckerCompleted",
156
 
                                         self.checker_completed,
157
 
                                         client_interface,
158
 
                                         byte_arrays=True),
159
 
            self.proxy.connect_to_signal("CheckerStarted",
160
 
                                         self.checker_started,
161
 
                                         client_interface,
162
 
                                         byte_arrays=True),
163
 
            self.proxy.connect_to_signal("GotSecret",
164
 
                                         self.got_secret,
165
 
                                         client_interface,
166
 
                                         byte_arrays=True),
167
 
            self.proxy.connect_to_signal("NeedApproval",
168
 
                                         self.need_approval,
169
 
                                         client_interface,
170
 
                                         byte_arrays=True),
171
 
            self.proxy.connect_to_signal("Rejected",
172
 
                                         self.rejected,
173
 
                                         client_interface,
174
 
                                         byte_arrays=True))
175
 
        #self.logger('Created client %s' % (self.properties["Name"]))
 
157
        self.proxy.connect_to_signal("CheckerCompleted",
 
158
                                     self.checker_completed,
 
159
                                     client_interface,
 
160
                                     byte_arrays=True)
 
161
        self.proxy.connect_to_signal("CheckerStarted",
 
162
                                     self.checker_started,
 
163
                                     client_interface,
 
164
                                     byte_arrays=True)
 
165
        self.proxy.connect_to_signal("GotSecret",
 
166
                                     self.got_secret,
 
167
                                     client_interface,
 
168
                                     byte_arrays=True)
 
169
        self.proxy.connect_to_signal("NeedApproval",
 
170
                                     self.need_approval,
 
171
                                     client_interface,
 
172
                                     byte_arrays=True)
 
173
        self.proxy.connect_to_signal("Rejected",
 
174
                                     self.rejected,
 
175
                                     client_interface,
 
176
                                     byte_arrays=True)
176
177
    
177
178
    def property_changed(self, property=None, value=None):
178
179
        super(self, MandosClientWidget).property_changed(property,
179
180
                                                         value)
180
181
        if property == "ApprovalPending":
181
182
            using_timer(bool(value))
182
 
        if property == "LastCheckerStatus":
183
 
            using_timer(value != 0)
184
 
            #self.logger('Checker for client %s (command "%s")'
185
 
            #            ' was successful'
186
 
            #            % (self.properties["Name"], command))
187
 
    
 
183
        
188
184
    def using_timer(self, flag):
189
185
        """Call this method with True or False when timer should be
190
186
        activated or deactivated.
195
191
        else:
196
192
            self._update_timer_callback_lock -= 1
197
193
        if old == 0 and self._update_timer_callback_lock:
198
 
            # Will update the shown timer value every second
199
194
            self._update_timer_callback_tag = (gobject.timeout_add
200
195
                                               (1000,
201
196
                                                self.update_timer))
205
200
    
206
201
    def checker_completed(self, exitstatus, condition, command):
207
202
        if exitstatus == 0:
 
203
            if self.last_checker_failed:
 
204
                self.last_checker_failed = False
 
205
                self.using_timer(False)
 
206
            #self.logger('Checker for client %s (command "%s")'
 
207
            #            ' was successful'
 
208
            #            % (self.properties["Name"], command))
208
209
            self.update()
209
210
            return
210
211
        # Checker failed
 
212
        if not self.last_checker_failed:
 
213
            self.last_checker_failed = True
 
214
            self.using_timer(True)
211
215
        if os.WIFEXITED(condition):
212
216
            self.logger('Checker for client %s (command "%s")'
213
217
                        ' failed with exit code %s'
228
232
        self.update()
229
233
    
230
234
    def checker_started(self, command):
231
 
        """Server signals that a checker started. This could be useful
232
 
           to log in the future. """
233
235
        #self.logger('Client %s started checker "%s"'
234
236
        #            % (self.properties["Name"], unicode(command)))
235
237
        pass
236
238
    
237
239
    def got_secret(self):
 
240
        self.last_checker_failed = False
238
241
        self.logger('Client %s received its secret'
239
242
                    % self.properties["Name"])
240
243
    
301
304
            else:
302
305
                message = "Denial in %s. (a)pprove?"
303
306
            message = message % unicode(timer).rsplit(".", 1)[0]
304
 
        elif self.properties["LastCheckerStatus"] != 0:
305
 
            # When checker has failed, print a timer until client expires
306
 
            expires = self.properties["Expires"]
307
 
            if expires == "":
308
 
                timer = datetime.timedelta(0)
309
 
            else:
310
 
                expires = datetime.datetime.strptime(expires,
311
 
                                                     '%Y-%m-%dT%H:%M:%S.%f')
312
 
                timer = expires - datetime.datetime.utcnow()
 
307
        elif self.last_checker_failed:
 
308
            timeout = datetime.timedelta(milliseconds
 
309
                                         = self.properties
 
310
                                         ["Timeout"])
 
311
            last_ok = isoformat_to_datetime(
 
312
                max((self.properties["LastCheckedOK"]
 
313
                     or self.properties["Created"]),
 
314
                    self.properties["LastEnabled"]))
 
315
            timer = timeout - (datetime.datetime.utcnow() - last_ok)
313
316
            message = ('A checker has failed! Time until client'
314
317
                       ' gets disabled: %s'
315
318
                           % unicode(timer).rsplit(".", 1)[0])
334
337
            self.update_hook()
335
338
    
336
339
    def update_timer(self):
337
 
        """called by gobject. Will indefinitely loop until
338
 
        gobject.source_remove() on tag is called"""
 
340
        "called by gobject"
339
341
        self.update()
340
342
        return True             # Keep calling this
341
343
    
342
 
    def delete(self, *args, **kwargs):
 
344
    def delete(self):
343
345
        if self._update_timer_callback_tag is not None:
344
346
            gobject.source_remove(self._update_timer_callback_tag)
345
347
            self._update_timer_callback_tag = None
346
 
        for match in self.match_objects:
347
 
            match.remove()
348
 
        self.match_objects = ()
349
348
        if self.delete_hook is not None:
350
349
            self.delete_hook(self)
351
 
        return super(MandosClientWidget, self).delete(*args, **kwargs)
352
350
    
353
351
    def render(self, maxcolrow, focus=False):
354
352
        """Render differently if we have focus.
360
358
        """Handle keys.
361
359
        This overrides the method from urwid.FlowWidget"""
362
360
        if key == "+":
363
 
            self.proxy.Enable(dbus_interface = client_interface,
364
 
                              ignore_reply=True)
 
361
            self.proxy.Enable(dbus_interface = client_interface)
365
362
        elif key == "-":
366
 
            self.proxy.Disable(dbus_interface = client_interface,
367
 
                               ignore_reply=True)
 
363
            self.proxy.Disable(dbus_interface = client_interface)
368
364
        elif key == "a":
369
365
            self.proxy.Approve(dbus.Boolean(True, variant_level=1),
370
 
                               dbus_interface = client_interface,
371
 
                               ignore_reply=True)
 
366
                               dbus_interface = client_interface)
372
367
        elif key == "d":
373
368
            self.proxy.Approve(dbus.Boolean(False, variant_level=1),
374
 
                                  dbus_interface = client_interface,
375
 
                               ignore_reply=True)
 
369
                                  dbus_interface = client_interface)
376
370
        elif key == "R" or key == "_" or key == "ctrl k":
377
371
            self.server_proxy_object.RemoveClient(self.proxy
378
 
                                                  .object_path,
379
 
                                                  ignore_reply=True)
 
372
                                                  .object_path)
380
373
        elif key == "s":
381
 
            self.proxy.StartChecker(dbus_interface = client_interface,
382
 
                                    ignore_reply=True)
 
374
            self.proxy.StartChecker(dbus_interface = client_interface)
383
375
        elif key == "S":
384
 
            self.proxy.StopChecker(dbus_interface = client_interface,
385
 
                                   ignore_reply=True)
 
376
            self.proxy.StopChecker(dbus_interface = client_interface)
386
377
        elif key == "C":
387
 
            self.proxy.CheckedOK(dbus_interface = client_interface,
388
 
                                 ignore_reply=True)
 
378
            self.proxy.CheckedOK(dbus_interface = client_interface)
389
379
        # xxx
390
380
#         elif key == "p" or key == "=":
391
381
#             self.proxy.pause()
484
474
        
485
475
        self.busname = domain + '.Mandos'
486
476
        self.main_loop = gobject.MainLoop()
 
477
        self.bus = dbus.SystemBus()
 
478
        mandos_dbus_objc = self.bus.get_object(
 
479
            self.busname, "/", follow_name_owner_changes=True)
 
480
        self.mandos_serv = dbus.Interface(mandos_dbus_objc,
 
481
                                          dbus_interface
 
482
                                          = server_interface)
 
483
        try:
 
484
            mandos_clients = (self.mandos_serv
 
485
                              .GetAllClientsWithProperties())
 
486
        except dbus.exceptions.DBusException:
 
487
            mandos_clients = dbus.Dictionary()
 
488
        
 
489
        (self.mandos_serv
 
490
         .connect_to_signal("ClientRemoved",
 
491
                            self.find_and_remove_client,
 
492
                            dbus_interface=server_interface,
 
493
                            byte_arrays=True))
 
494
        (self.mandos_serv
 
495
         .connect_to_signal("ClientAdded",
 
496
                            self.add_new_client,
 
497
                            dbus_interface=server_interface,
 
498
                            byte_arrays=True))
 
499
        (self.mandos_serv
 
500
         .connect_to_signal("ClientNotFound",
 
501
                            self.client_not_found,
 
502
                            dbus_interface=server_interface,
 
503
                            byte_arrays=True))
 
504
        for path, client in mandos_clients.iteritems():
 
505
            client_proxy_object = self.bus.get_object(self.busname,
 
506
                                                      path)
 
507
            self.add_client(MandosClientWidget(server_proxy_object
 
508
                                               =self.mandos_serv,
 
509
                                               proxy_object
 
510
                                               =client_proxy_object,
 
511
                                               properties=client,
 
512
                                               update_hook
 
513
                                               =self.refresh,
 
514
                                               delete_hook
 
515
                                               =self.remove_client,
 
516
                                               logger
 
517
                                               =self.log_message),
 
518
                            path=path)
487
519
    
488
520
    def client_not_found(self, fingerprint, address):
489
521
        self.log_message(("Client with address %s and fingerprint %s"
504
536
                                                     self.divider)))
505
537
        if self.log_visible:
506
538
            self.uilist.append(self.logbox)
 
539
            pass
507
540
        self.topwidget = urwid.Pile(self.uilist)
508
541
    
509
542
    def log_message(self, message):
539
572
        #self.log_message("Wrap mode: " + self.log_wrap)
540
573
    
541
574
    def find_and_remove_client(self, path, name):
542
 
        """Find a client by its object path and remove it.
 
575
        """Find an client from its object path and remove it.
543
576
        
544
577
        This is connected to the ClientRemoved signal from the
545
578
        Mandos server object."""
547
580
            client = self.clients_dict[path]
548
581
        except KeyError:
549
582
            # not found?
550
 
            self.log_message("Unknown client %r (%r) removed", name,
551
 
                             path)
552
583
            return
553
 
        client.delete()
 
584
        self.remove_client(client, path)
554
585
    
555
586
    def add_new_client(self, path):
556
587
        client_proxy_object = self.bus.get_object(self.busname, path)
593
624
    
594
625
    def run(self):
595
626
        """Start the main loop and exit when it's done."""
596
 
        self.bus = dbus.SystemBus()
597
 
        mandos_dbus_objc = self.bus.get_object(
598
 
            self.busname, "/", follow_name_owner_changes=True)
599
 
        self.mandos_serv = dbus.Interface(mandos_dbus_objc,
600
 
                                          dbus_interface
601
 
                                          = server_interface)
602
 
        try:
603
 
            mandos_clients = (self.mandos_serv
604
 
                              .GetAllClientsWithProperties())
605
 
        except dbus.exceptions.DBusException:
606
 
            mandos_clients = dbus.Dictionary()
607
 
        
608
 
        (self.mandos_serv
609
 
         .connect_to_signal("ClientRemoved",
610
 
                            self.find_and_remove_client,
611
 
                            dbus_interface=server_interface,
612
 
                            byte_arrays=True))
613
 
        (self.mandos_serv
614
 
         .connect_to_signal("ClientAdded",
615
 
                            self.add_new_client,
616
 
                            dbus_interface=server_interface,
617
 
                            byte_arrays=True))
618
 
        (self.mandos_serv
619
 
         .connect_to_signal("ClientNotFound",
620
 
                            self.client_not_found,
621
 
                            dbus_interface=server_interface,
622
 
                            byte_arrays=True))
623
 
        for path, client in mandos_clients.iteritems():
624
 
            client_proxy_object = self.bus.get_object(self.busname,
625
 
                                                      path)
626
 
            self.add_client(MandosClientWidget(server_proxy_object
627
 
                                               =self.mandos_serv,
628
 
                                               proxy_object
629
 
                                               =client_proxy_object,
630
 
                                               properties=client,
631
 
                                               update_hook
632
 
                                               =self.refresh,
633
 
                                               delete_hook
634
 
                                               =self.remove_client,
635
 
                                               logger
636
 
                                               =self.log_message),
637
 
                            path=path)
638
 
 
639
627
        self.refresh()
640
628
        self._input_callback_tag = (gobject.io_add_watch
641
629
                                    (sys.stdin.fileno(),