/mandos/trunk : revision 24.1.150

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

Committer: Björn Påhlsson
Date: 2010-08-22 18:35:37 UTC
mto: (24.1.154 mandos) (237.4.3 mandos-release)
mto: This revision was merged to the branch mainline in revision 421.
Revision ID: belorn@fukt.bsnet.se-20100822183537-6trr1puyjvk14ejg

* mandos: Added ClientDBus.approve_pending property.  Exposed
          approved_by_default, approved_delay, approved_duration as
          D-Bus properties.

files modified:
mandos

Show diffs side-by-side

added added

removed removed

mandos

231

self.server_state_changed(self.server.GetState())

232

233

234

# XXX Need to add:

235

# approved_by_default (Config option for each client)

236

# approved_delay (config option for each client)

237

# approved_duration (config option for each client)

238

234

class Client(object):

239

235

"""A representation of a client host served by this server.

240

236

327

323

self.checker_command = config[u"checker"]

328

324

self.current_checker_command = None

329

325

self.last_connect = None

326

self.approvals_pending = 0

330

327

self._approved = None

331

328

self.approved_by_default = config.get(u"approved_by_default",

332

329

False)

816

813

def approve(self, value=True):

817

814

self._approved = value

818

815

gobject.timeout_add(self._timedelta_to_milliseconds(self.approved_duration, self._reset_approved))

816

817

def approved_pending(self):

818

return self.approvals_pending > 0

819

820

821

## D-Bus methods, signals & properties

821

822

_interface = u"se.bsnet.fukt.Mandos.Client"

895

896

897

## Properties

897

898

# xxx 3 new properties

899

# approved_pending - property

900

@dbus_service_property(_interface, signature=u"b", access=u"read")

901

def approved_pending_dbus_property(self):

902

return dbus.Boolean(self.approved_pending())

903

904

# approved_by_default - property

905

@dbus_service_property(_interface, signature=u"b",

906

access=u"readwrite")

907

def approved_by_default_dbus_property(self):

908

return dbus.Boolean(self.approved_by_default)

909

910

# approved_delay - property

911

@dbus_service_property(_interface, signature=u"t",

912

access=u"readwrite")

913

def approved_delay_dbus_property(self):

914

return dbus.UInt64(self.approved_delay_milliseconds())

915

916

# approved_duration - property

917

@dbus_service_property(_interface, signature=u"t",

918

access=u"readwrite")

919

def approved_duration_dbus_property(self):

920

return dbus.UInt64(self._timedelta_to_milliseconds(

921

self.approved_duration))

899

922

900

923

# name - property

901

924

@dbus_service_property(_interface, signature=u"s", access=u"read")

1117

1140

# established. Just abandon the request.

1118

1141

return

1119

1142

logger.debug(u"Handshake succeeded")

1143

1144

approval_required = False

1120

1145

try:

1121

1146

try:

1122

1147

fpr = self.fingerprint(self.peer_certificate

1132

1157

except KeyError:

1133

1158

return

1134

1159

1135

delay = client.approved_delay

1160

if client.approved_delay:

1161

delay = client.approved_delay

1162

client.approvals_pending += 1

1163

approval_required = True

1164

1136

1165

while True:

1137

1166

if not client.enabled:

1138

1167

logger.warning(u"Client %s is disabled",

1141

1170

# Emit D-Bus signal

1142

1171

client.Rejected("Disabled")

1143

1172

return

1144

if client._approved is None:

1173

1174

if client._approved or not client.approved_delay:

1175

#We are approved or approval is disabled

1176

break

1177

elif client._approved is None:

1145

1178

logger.info(u"Client %s need approval",

1146

1179

client.name)

1147

1180

if self.server.use_dbus:

1149

1182

client.NeedApproval(

1150

1183

client.approved_delay_milliseconds(),

1151

1184

client.approved_by_default)

1152

elif client._approved:

1153

#We have a password and are approved

1154

break

1155

1185

else:

1156

1186

logger.warning(u"Client %s was not approved",

1157

1187

client.name)

1158

1188

if self.server.use_dbus:

1159

# Emit D-Bus signal

1189

# Emit D-Bus signal

1160

1190

client.Rejected("Disapproved")

1161

1191

return

1162

1192

1196

1226

if self.server.use_dbus:

1197

1227

# Emit D-Bus signal

1198

1228

client.GotSecret()

1199

1229

1200

1230

finally:

1231

if approval_required:

1232

client.approvals_pending -= 1

1201

1233

session.bye()

1202

1234

1203

1235

@staticmethod

1738

1770

client_class = functools.partial(ClientDBus, bus = bus)

1739

1771

def client_config_items(config, section):

1740

1772

special_settings = {

1741

"approve_by_default":

1773

"approved_by_default":

1742

1774

lambda: config.getboolean(section,

1743

"approve_by_default"),

1775

"approved_by_default"),

1744

1776

}

1745

1777

for name, value in config.items(section):

1746

1778

try:

1747

yield special_settings[name]()

1779

yield (name, special_settings[name]())

1748

1780

except KeyError:

1749

1781

yield (name, value)

1750

1782

Older »