240
251
last_checked_ok: datetime.datetime(); (UTC) or None
241
252
timeout: datetime.timedelta(); How long from last_checked_ok
242
until this client is invalid
253
until this client is disabled
243
254
interval: datetime.timedelta(); How often to start a new checker
244
255
disable_hook: If set, called by disable() as disable_hook(self)
245
256
checker: subprocess.Popen(); a running checker process used
246
257
to see if the client lives.
247
258
'None' if no process is running.
248
259
checker_initiator_tag: a gobject event source tag, or None
249
disable_initiator_tag: - '' -
260
disable_initiator_tag: - '' -
250
261
checker_callback_tag: - '' -
251
262
checker_command: string; External command which is run to check if
252
263
client lives. %() expansions are done at
253
264
runtime with vars(self) as dict, so that for
254
265
instance %(name)s can be used in the command.
255
266
current_checker_command: string; current running checker_command
267
approved_delay: datetime.timedelta(); Time to wait for approval
268
_approved: bool(); 'None' if not yet approved/disapproved
269
approved_duration: datetime.timedelta(); Duration of one approval
259
def _datetime_to_milliseconds(dt):
260
"Convert a datetime.datetime() to milliseconds"
261
return ((dt.days * 24 * 60 * 60 * 1000)
262
+ (dt.seconds * 1000)
263
+ (dt.microseconds // 1000))
273
def _timedelta_to_milliseconds(td):
274
"Convert a datetime.timedelta() to milliseconds"
275
return ((td.days * 24 * 60 * 60 * 1000)
276
+ (td.seconds * 1000)
277
+ (td.microseconds // 1000))
265
279
def timeout_milliseconds(self):
266
280
"Return the 'timeout' attribute in milliseconds"
267
return self._datetime_to_milliseconds(self.timeout)
281
return self._timedelta_to_milliseconds(self.timeout)
269
283
def interval_milliseconds(self):
270
284
"Return the 'interval' attribute in milliseconds"
271
return self._datetime_to_milliseconds(self.interval)
285
return self._timedelta_to_milliseconds(self.interval)
287
def approved_delay_milliseconds(self):
288
return self._timedelta_to_milliseconds(self.approved_delay)
273
290
def __init__(self, name = None, disable_hook=None, config=None):
274
291
"""Note: the 'checker' key in 'config' sets the
309
327
self.checker_command = config[u"checker"]
310
328
self.current_checker_command = None
311
329
self.last_connect = None
330
self._approved = None
331
self.approved_by_default = config.get(u"approved_by_default",
333
self.approved_delay = string_to_delta(
334
config[u"approved_delay"])
335
self.approved_duration = string_to_delta(
336
config[u"approved_duration"])
337
self.changedstate = multiprocessing_manager.Condition(multiprocessing_manager.Lock())
339
def send_changedstate(self):
340
self.changedstate.acquire()
341
self.changedstate.notify_all()
342
self.changedstate.release()
313
344
def enable(self):
314
345
"""Start this client's checker and timeout hooks"""
315
346
if getattr(self, u"enabled", False):
316
347
# Already enabled
349
self.send_changedstate()
318
350
self.last_enabled = datetime.datetime.utcnow()
319
351
# Schedule a new checker to be started an 'interval' from now,
320
352
# and every interval from then on.
321
353
self.checker_initiator_tag = (gobject.timeout_add
322
354
(self.interval_milliseconds(),
323
355
self.start_checker))
324
# Also start a new checker *right now*.
326
356
# Schedule a disable() when 'timeout' has passed
327
357
self.disable_initiator_tag = (gobject.timeout_add
328
358
(self.timeout_milliseconds(),
330
360
self.enabled = True
361
# Also start a new checker *right now*.
364
def disable(self, quiet=True):
333
365
"""Disable this client."""
334
366
if not getattr(self, "enabled", False):
336
logger.info(u"Disabling client %s", self.name)
369
self.send_changedstate()
371
logger.info(u"Disabling client %s", self.name)
337
372
if getattr(self, u"disable_initiator_tag", False):
338
373
gobject.source_remove(self.disable_initiator_tag)
339
374
self.disable_initiator_tag = None
458
498
logger.debug(u"Stopping checker for %(name)s", vars(self))
460
500
os.kill(self.checker.pid, signal.SIGTERM)
462
502
#if self.checker.poll() is None:
463
503
# os.kill(self.checker.pid, signal.SIGKILL)
464
504
except OSError, error:
465
505
if error.errno != errno.ESRCH: # No such process
467
507
self.checker = None
469
def still_valid(self):
470
"""Has the timeout not yet passed for this client?"""
471
if not getattr(self, u"enabled", False):
473
now = datetime.datetime.utcnow()
474
if self.last_checked_ok is None:
475
return now < (self.created + self.timeout)
477
return now < (self.last_checked_ok + self.timeout)
480
class ClientDBus(Client, dbus.service.Object):
509
def dbus_service_property(dbus_interface, signature=u"v",
510
access=u"readwrite", byte_arrays=False):
511
"""Decorators for marking methods of a DBusObjectWithProperties to
512
become properties on the D-Bus.
514
The decorated method will be called with no arguments by "Get"
515
and with one argument by "Set".
517
The parameters, where they are supported, are the same as
518
dbus.service.method, except there is only "signature", since the
519
type from Get() and the type sent to Set() is the same.
521
# Encoding deeply encoded byte arrays is not supported yet by the
522
# "Set" method, so we fail early here:
523
if byte_arrays and signature != u"ay":
524
raise ValueError(u"Byte arrays not supported for non-'ay'"
525
u" signature %r" % signature)
527
func._dbus_is_property = True
528
func._dbus_interface = dbus_interface
529
func._dbus_signature = signature
530
func._dbus_access = access
531
func._dbus_name = func.__name__
532
if func._dbus_name.endswith(u"_dbus_property"):
533
func._dbus_name = func._dbus_name[:-14]
534
func._dbus_get_args_options = {u'byte_arrays': byte_arrays }
539
class DBusPropertyException(dbus.exceptions.DBusException):
540
"""A base class for D-Bus property-related exceptions
542
def __unicode__(self):
543
return unicode(str(self))
546
class DBusPropertyAccessException(DBusPropertyException):
547
"""A property's access permissions disallows an operation.
552
class DBusPropertyNotFound(DBusPropertyException):
553
"""An attempt was made to access a non-existing property.
558
class DBusObjectWithProperties(dbus.service.Object):
559
"""A D-Bus object with properties.
561
Classes inheriting from this can use the dbus_service_property
562
decorator to expose methods as D-Bus properties. It exposes the
563
standard Get(), Set(), and GetAll() methods on the D-Bus.
567
def _is_dbus_property(obj):
568
return getattr(obj, u"_dbus_is_property", False)
570
def _get_all_dbus_properties(self):
571
"""Returns a generator of (name, attribute) pairs
573
return ((prop._dbus_name, prop)
575
inspect.getmembers(self, self._is_dbus_property))
577
def _get_dbus_property(self, interface_name, property_name):
578
"""Returns a bound method if one exists which is a D-Bus
579
property with the specified name and interface.
581
for name in (property_name,
582
property_name + u"_dbus_property"):
583
prop = getattr(self, name, None)
585
or not self._is_dbus_property(prop)
586
or prop._dbus_name != property_name
587
or (interface_name and prop._dbus_interface
588
and interface_name != prop._dbus_interface)):
592
raise DBusPropertyNotFound(self.dbus_object_path + u":"
593
+ interface_name + u"."
596
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"ss",
598
def Get(self, interface_name, property_name):
599
"""Standard D-Bus property Get() method, see D-Bus standard.
601
prop = self._get_dbus_property(interface_name, property_name)
602
if prop._dbus_access == u"write":
603
raise DBusPropertyAccessException(property_name)
605
if not hasattr(value, u"variant_level"):
607
return type(value)(value, variant_level=value.variant_level+1)
609
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"ssv")
610
def Set(self, interface_name, property_name, value):
611
"""Standard D-Bus property Set() method, see D-Bus standard.
613
prop = self._get_dbus_property(interface_name, property_name)
614
if prop._dbus_access == u"read":
615
raise DBusPropertyAccessException(property_name)
616
if prop._dbus_get_args_options[u"byte_arrays"]:
617
# The byte_arrays option is not supported yet on
618
# signatures other than "ay".
619
if prop._dbus_signature != u"ay":
621
value = dbus.ByteArray(''.join(unichr(byte)
625
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"s",
626
out_signature=u"a{sv}")
627
def GetAll(self, interface_name):
628
"""Standard D-Bus property GetAll() method, see D-Bus
631
Note: Will not include properties with access="write".
634
for name, prop in self._get_all_dbus_properties():
636
and interface_name != prop._dbus_interface):
637
# Interface non-empty but did not match
639
# Ignore write-only properties
640
if prop._dbus_access == u"write":
643
if not hasattr(value, u"variant_level"):
646
all[name] = type(value)(value, variant_level=
647
value.variant_level+1)
648
return dbus.Dictionary(all, signature=u"sv")
650
@dbus.service.method(dbus.INTROSPECTABLE_IFACE,
652
path_keyword='object_path',
653
connection_keyword='connection')
654
def Introspect(self, object_path, connection):
655
"""Standard D-Bus method, overloaded to insert property tags.
657
xmlstring = dbus.service.Object.Introspect(self, object_path,
660
document = xml.dom.minidom.parseString(xmlstring)
661
def make_tag(document, name, prop):
662
e = document.createElement(u"property")
663
e.setAttribute(u"name", name)
664
e.setAttribute(u"type", prop._dbus_signature)
665
e.setAttribute(u"access", prop._dbus_access)
667
for if_tag in document.getElementsByTagName(u"interface"):
668
for tag in (make_tag(document, name, prop)
670
in self._get_all_dbus_properties()
671
if prop._dbus_interface
672
== if_tag.getAttribute(u"name")):
673
if_tag.appendChild(tag)
674
# Add the names to the return values for the
675
# "org.freedesktop.DBus.Properties" methods
676
if (if_tag.getAttribute(u"name")
677
== u"org.freedesktop.DBus.Properties"):
678
for cn in if_tag.getElementsByTagName(u"method"):
679
if cn.getAttribute(u"name") == u"Get":
680
for arg in cn.getElementsByTagName(u"arg"):
681
if (arg.getAttribute(u"direction")
683
arg.setAttribute(u"name", u"value")
684
elif cn.getAttribute(u"name") == u"GetAll":
685
for arg in cn.getElementsByTagName(u"arg"):
686
if (arg.getAttribute(u"direction")
688
arg.setAttribute(u"name", u"props")
689
xmlstring = document.toxml(u"utf-8")
691
except (AttributeError, xml.dom.DOMException,
692
xml.parsers.expat.ExpatError), error:
693
logger.error(u"Failed to override Introspection method",
698
class ClientDBus(Client, DBusObjectWithProperties):
481
699
"""A Client class using D-Bus
614
# GetAllProperties - method
615
@dbus.service.method(_interface, out_signature=u"a{sv}")
616
def GetAllProperties(self):
618
return dbus.Dictionary({
619
dbus.String(u"name"):
620
dbus.String(self.name, variant_level=1),
621
dbus.String(u"fingerprint"):
622
dbus.String(self.fingerprint, variant_level=1),
623
dbus.String(u"host"):
624
dbus.String(self.host, variant_level=1),
625
dbus.String(u"created"):
626
self._datetime_to_dbus(self.created,
628
dbus.String(u"last_enabled"):
629
(self._datetime_to_dbus(self.last_enabled,
631
if self.last_enabled is not None
632
else dbus.Boolean(False, variant_level=1)),
633
dbus.String(u"enabled"):
634
dbus.Boolean(self.enabled, variant_level=1),
635
dbus.String(u"last_checked_ok"):
636
(self._datetime_to_dbus(self.last_checked_ok,
638
if self.last_checked_ok is not None
639
else dbus.Boolean (False, variant_level=1)),
640
dbus.String(u"timeout"):
641
dbus.UInt64(self.timeout_milliseconds(),
643
dbus.String(u"interval"):
644
dbus.UInt64(self.interval_milliseconds(),
646
dbus.String(u"checker"):
647
dbus.String(self.checker_command,
649
dbus.String(u"checker_running"):
650
dbus.Boolean(self.checker is not None,
652
dbus.String(u"object_path"):
653
dbus.ObjectPath(self.dbus_object_path,
657
# IsStillValid - method
658
@dbus.service.method(_interface, out_signature=u"b")
659
def IsStillValid(self):
660
return self.still_valid()
662
837
# PropertyChanged - signal
663
838
@dbus.service.signal(_interface, signature=u"sv")
664
839
def PropertyChanged(self, property, value):
668
# ReceivedSecret - signal
669
844
@dbus.service.signal(_interface)
670
def ReceivedSecret(self):
674
849
# Rejected - signal
675
@dbus.service.signal(_interface)
680
# SetChecker - method
681
@dbus.service.method(_interface, in_signature=u"s")
682
def SetChecker(self, checker):
683
"D-Bus setter method"
684
self.checker_command = checker
686
self.PropertyChanged(dbus.String(u"checker"),
687
dbus.String(self.checker_command,
691
@dbus.service.method(_interface, in_signature=u"s")
692
def SetHost(self, host):
693
"D-Bus setter method"
696
self.PropertyChanged(dbus.String(u"host"),
697
dbus.String(self.host, variant_level=1))
699
# SetInterval - method
700
@dbus.service.method(_interface, in_signature=u"t")
701
def SetInterval(self, milliseconds):
702
self.interval = datetime.timedelta(0, 0, 0, milliseconds)
704
self.PropertyChanged(dbus.String(u"interval"),
705
(dbus.UInt64(self.interval_milliseconds(),
709
@dbus.service.method(_interface, in_signature=u"ay",
711
def SetSecret(self, secret):
712
"D-Bus setter method"
713
self.secret = str(secret)
715
# SetTimeout - method
716
@dbus.service.method(_interface, in_signature=u"t")
717
def SetTimeout(self, milliseconds):
718
self.timeout = datetime.timedelta(0, 0, 0, milliseconds)
720
self.PropertyChanged(dbus.String(u"timeout"),
721
(dbus.UInt64(self.timeout_milliseconds(),
850
@dbus.service.signal(_interface, signature=u"s")
851
def Rejected(self, reason):
855
# NeedApproval - signal
856
@dbus.service.signal(_interface, signature=u"db")
857
def NeedApproval(self, timeout, default):
864
@dbus.service.method(_interface, in_signature=u"b")
865
def Approve(self, value):
869
@dbus.service.method(_interface)
871
return self.checked_ok()
724
873
# Enable - method
725
874
@dbus.service.method(_interface)
744
893
def StopChecker(self):
745
894
self.stop_checker()
898
# xxx 3 new properties
901
@dbus_service_property(_interface, signature=u"s", access=u"read")
902
def name_dbus_property(self):
903
return dbus.String(self.name)
905
# fingerprint - property
906
@dbus_service_property(_interface, signature=u"s", access=u"read")
907
def fingerprint_dbus_property(self):
908
return dbus.String(self.fingerprint)
911
@dbus_service_property(_interface, signature=u"s",
913
def host_dbus_property(self, value=None):
914
if value is None: # get
915
return dbus.String(self.host)
918
self.PropertyChanged(dbus.String(u"host"),
919
dbus.String(value, variant_level=1))
922
@dbus_service_property(_interface, signature=u"s", access=u"read")
923
def created_dbus_property(self):
924
return dbus.String(self._datetime_to_dbus(self.created))
926
# last_enabled - property
927
@dbus_service_property(_interface, signature=u"s", access=u"read")
928
def last_enabled_dbus_property(self):
929
if self.last_enabled is None:
930
return dbus.String(u"")
931
return dbus.String(self._datetime_to_dbus(self.last_enabled))
934
@dbus_service_property(_interface, signature=u"b",
936
def enabled_dbus_property(self, value=None):
937
if value is None: # get
938
return dbus.Boolean(self.enabled)
944
# last_checked_ok - property
945
@dbus_service_property(_interface, signature=u"s",
947
def last_checked_ok_dbus_property(self, value=None):
948
if value is not None:
951
if self.last_checked_ok is None:
952
return dbus.String(u"")
953
return dbus.String(self._datetime_to_dbus(self
957
@dbus_service_property(_interface, signature=u"t",
959
def timeout_dbus_property(self, value=None):
960
if value is None: # get
961
return dbus.UInt64(self.timeout_milliseconds())
962
self.timeout = datetime.timedelta(0, 0, 0, value)
964
self.PropertyChanged(dbus.String(u"timeout"),
965
dbus.UInt64(value, variant_level=1))
966
if getattr(self, u"disable_initiator_tag", None) is None:
969
gobject.source_remove(self.disable_initiator_tag)
970
self.disable_initiator_tag = None
972
_timedelta_to_milliseconds((self
978
# The timeout has passed
981
self.disable_initiator_tag = (gobject.timeout_add
982
(time_to_die, self.disable))
984
# interval - property
985
@dbus_service_property(_interface, signature=u"t",
987
def interval_dbus_property(self, value=None):
988
if value is None: # get
989
return dbus.UInt64(self.interval_milliseconds())
990
self.interval = datetime.timedelta(0, 0, 0, value)
992
self.PropertyChanged(dbus.String(u"interval"),
993
dbus.UInt64(value, variant_level=1))
994
if getattr(self, u"checker_initiator_tag", None) is None:
996
# Reschedule checker run
997
gobject.source_remove(self.checker_initiator_tag)
998
self.checker_initiator_tag = (gobject.timeout_add
999
(value, self.start_checker))
1000
self.start_checker() # Start one now, too
1002
# checker - property
1003
@dbus_service_property(_interface, signature=u"s",
1004
access=u"readwrite")
1005
def checker_dbus_property(self, value=None):
1006
if value is None: # get
1007
return dbus.String(self.checker_command)
1008
self.checker_command = value
1010
self.PropertyChanged(dbus.String(u"checker"),
1011
dbus.String(self.checker_command,
1014
# checker_running - property
1015
@dbus_service_property(_interface, signature=u"b",
1016
access=u"readwrite")
1017
def checker_running_dbus_property(self, value=None):
1018
if value is None: # get
1019
return dbus.Boolean(self.checker is not None)
1021
self.start_checker()
1025
# object_path - property
1026
@dbus_service_property(_interface, signature=u"o", access=u"read")
1027
def object_path_dbus_property(self):
1028
return self.dbus_object_path # is already a dbus.ObjectPath
1031
@dbus_service_property(_interface, signature=u"ay",
1032
access=u"write", byte_arrays=True)
1033
def secret_dbus_property(self, value):
1034
self.secret = str(value)
1039
class ProxyClient(object):
1040
def __init__(self, child_pipe, fpr, address):
1041
self._pipe = child_pipe
1042
self._pipe.send(('init', fpr, address))
1043
if not self._pipe.recv():
1046
def __getattribute__(self, name):
1047
if(name == '_pipe'):
1048
return super(ProxyClient, self).__getattribute__(name)
1049
self._pipe.send(('getattr', name))
1050
data = self._pipe.recv()
1051
if data[0] == 'data':
1053
if data[0] == 'function':
1054
def func(*args, **kwargs):
1055
self._pipe.send(('funcall', name, args, kwargs))
1056
return self._pipe.recv()[1]
1059
def __setattr__(self, name, value):
1060
if(name == '_pipe'):
1061
return super(ProxyClient, self).__setattr__(name, value)
1062
self._pipe.send(('setattr', name, value))
750
1065
class ClientHandler(socketserver.BaseRequestHandler, object):
751
1066
"""A class to handle client connections.
754
1069
Note: This will run in its own forked process."""
756
1071
def handle(self):
757
logger.info(u"TCP connection from: %s",
758
unicode(self.client_address))
759
logger.debug(u"IPC Pipe FD: %d", self.server.pipe[1])
760
# Open IPC pipe to parent process
761
with closing(os.fdopen(self.server.pipe[1], u"w", 1)) as ipc:
1072
with contextlib.closing(self.server.child_pipe) as child_pipe:
1073
logger.info(u"TCP connection from: %s",
1074
unicode(self.client_address))
1075
logger.debug(u"Pipe FD: %d",
1076
self.server.child_pipe.fileno())
762
1078
session = (gnutls.connection
763
1079
.ClientSession(self.request,
764
1080
gnutls.connection
765
1081
.X509Credentials()))
767
line = self.request.makefile().readline()
768
logger.debug(u"Protocol version: %r", line)
770
if int(line.strip().split()[0]) > 1:
772
except (ValueError, IndexError, RuntimeError), error:
773
logger.error(u"Unknown protocol version: %s", error)
776
1083
# Note: gnutls.connection.X509Credentials is really a
777
1084
# generic GnuTLS certificate credentials object so long as
778
1085
# no X.509 keys are added to it. Therefore, we can use it
779
1086
# here despite using OpenPGP certificates.
781
1088
#priority = u':'.join((u"NONE", u"+VERS-TLS1.1",
782
1089
# u"+AES-256-CBC", u"+SHA1",
783
1090
# u"+COMP-NULL", u"+CTYPE-OPENPGP",
800
1119
logger.debug(u"Handshake succeeded")
802
fpr = self.fingerprint(self.peer_certificate(session))
803
except (TypeError, gnutls.errors.GNUTLSError), error:
804
logger.warning(u"Bad certificate: %s", error)
807
logger.debug(u"Fingerprint: %s", fpr)
809
for c in self.server.clients:
810
if c.fingerprint == fpr:
814
ipc.write(u"NOTFOUND %s %s\n"
815
% (fpr, unicode(self.client_address)))
818
# Have to check if client.still_valid(), since it is
819
# possible that the client timed out while establishing
820
# the GnuTLS session.
821
if not client.still_valid():
822
ipc.write(u"INVALID %s\n" % client.name)
825
ipc.write(u"SENDING %s\n" % client.name)
827
while sent_size < len(client.secret):
828
sent = session.send(client.secret[sent_size:])
829
logger.debug(u"Sent: %d, remaining: %d",
830
sent, len(client.secret)
831
- (sent_size + sent))
1122
fpr = self.fingerprint(self.peer_certificate
1124
except (TypeError, gnutls.errors.GNUTLSError), error:
1125
logger.warning(u"Bad certificate: %s", error)
1127
logger.debug(u"Fingerprint: %s", fpr)
1130
client = ProxyClient(child_pipe, fpr,
1131
self.client_address)
1135
delay = client.approved_delay
1137
if not client.enabled:
1138
logger.warning(u"Client %s is disabled",
1140
if self.server.use_dbus:
1142
client.Rejected("Disabled")
1144
if client._approved is None:
1145
logger.info(u"Client %s need approval",
1147
if self.server.use_dbus:
1149
client.NeedApproval(
1150
client.approved_delay_milliseconds(),
1151
client.approved_by_default)
1152
elif client._approved:
1153
#We have a password and are approved
1156
logger.warning(u"Client %s was not approved",
1158
if self.server.use_dbus:
1160
client.Rejected("Disapproved")
1163
#wait until timeout or approved
1164
#x = float(client._timedelta_to_milliseconds(delay))
1165
time = datetime.datetime.now()
1166
client.changedstate.acquire()
1167
client.changedstate.wait(float(client._timedelta_to_milliseconds(delay) / 1000))
1168
client.changedstate.release()
1169
time2 = datetime.datetime.now()
1170
if (time2 - time) >= delay:
1171
if not client.approved_by_default:
1172
logger.warning("Client %s timed out while"
1173
" waiting for approval",
1175
if self.server.use_dbus:
1177
client.Rejected("Time out")
1182
delay -= time2 - time
1185
while sent_size < len(client.secret):
1186
# XXX handle session exception
1187
sent = session.send(client.secret[sent_size:])
1188
logger.debug(u"Sent: %d, remaining: %d",
1189
sent, len(client.secret)
1190
- (sent_size + sent))
1193
logger.info(u"Sending secret to %s", client.name)
1194
# bump the timeout as if seen
1196
if self.server.use_dbus:
836
1204
def peer_certificate(session):
899
class ForkingMixInWithPipe(socketserver.ForkingMixIn, object):
900
"""Like socketserver.ForkingMixIn, but also pass a pipe."""
1267
class MultiprocessingMixIn(object):
1268
"""Like socketserver.ThreadingMixIn, but with multiprocessing"""
1269
def sub_process_main(self, request, address):
1271
self.finish_request(request, address)
1273
self.handle_error(request, address)
1274
self.close_request(request)
1276
def process_request(self, request, address):
1277
"""Start a new process to process the request."""
1278
multiprocessing.Process(target = self.sub_process_main,
1279
args = (request, address)).start()
1281
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1282
""" adds a pipe to the MixIn """
901
1283
def process_request(self, request, client_address):
902
1284
"""Overrides and wraps the original process_request().
904
1286
This function creates a new pipe in self.pipe
906
self.pipe = os.pipe()
907
super(ForkingMixInWithPipe,
1288
parent_pipe, self.child_pipe = multiprocessing.Pipe()
1290
super(MultiprocessingMixInWithPipe,
908
1291
self).process_request(request, client_address)
909
os.close(self.pipe[1]) # close write end
910
self.add_pipe(self.pipe[0])
911
def add_pipe(self, pipe):
1292
self.add_pipe(parent_pipe)
1293
def add_pipe(self, parent_pipe):
912
1294
"""Dummy function; override as necessary"""
916
class IPv6_TCPServer(ForkingMixInWithPipe,
1297
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
917
1298
socketserver.TCPServer, object):
918
1299
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
1029
1411
logger.debug(u"Handling IPC: FD = %d, condition = %s", source,
1030
1412
conditions_string)
1032
# Turn the pipe file descriptor into a Python file object
1033
if source not in file_objects:
1034
file_objects[source] = os.fdopen(source, u"r", 1)
1414
# Read a request from the child
1415
request = parent_pipe.recv()
1416
command = request[0]
1036
# Read a line from the file object
1037
cmdline = file_objects[source].readline()
1038
if not cmdline: # Empty line means end of file
1039
# close the IPC pipe
1040
file_objects[source].close()
1041
del file_objects[source]
1043
# Stop calling this function
1418
if command == 'init':
1420
address = request[2]
1422
for c in self.clients:
1423
if c.fingerprint == fpr:
1427
logger.warning(u"Client not found for fingerprint: %s, ad"
1428
u"dress: %s", fpr, address)
1431
mandos_dbus_service.ClientNotFound(fpr, address)
1432
parent_pipe.send(False)
1435
gobject.io_add_watch(parent_pipe.fileno(),
1436
gobject.IO_IN | gobject.IO_HUP,
1437
functools.partial(self.handle_ipc,
1438
parent_pipe = parent_pipe,
1439
client_object = client))
1440
parent_pipe.send(True)
1441
# remove the old hook in favor of the new above hook on same fileno
1046
logger.debug(u"IPC command: %r", cmdline)
1048
# Parse and act on command
1049
cmd, args = cmdline.rstrip(u"\r\n").split(None, 1)
1051
if cmd == u"NOTFOUND":
1052
logger.warning(u"Client not found for fingerprint: %s",
1056
mandos_dbus_service.ClientNotFound(args)
1057
elif cmd == u"INVALID":
1058
for client in self.clients:
1059
if client.name == args:
1060
logger.warning(u"Client %s is invalid", args)
1066
logger.error(u"Unknown client %s is invalid", args)
1067
elif cmd == u"SENDING":
1068
for client in self.clients:
1069
if client.name == args:
1070
logger.info(u"Sending secret to %s", client.name)
1074
client.ReceivedSecret()
1077
logger.error(u"Sending secret to unknown client %s",
1080
logger.error(u"Unknown IPC command: %r", cmdline)
1082
# Keep calling this function
1443
if command == 'funcall':
1444
funcname = request[1]
1448
parent_pipe.send(('data', getattr(client_object, funcname)(*args, **kwargs)))
1450
if command == 'getattr':
1451
attrname = request[1]
1452
if callable(client_object.__getattribute__(attrname)):
1453
parent_pipe.send(('function',))
1455
parent_pipe.send(('data', client_object.__getattribute__(attrname)))
1457
if command == 'setattr':
1458
attrname = request[1]
1460
setattr(client_object, attrname, value)