/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to server.py

Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.

Show diffs side-by-side

added added

removed removed

Lines of Context:
server.py
87
87
# Avahi example code.
88
88
serviceInterface = avahi.IF_UNSPEC
89
89
# From the Avahi example code:
90
 
serviceName = "Mandos"
 
90
serviceName = None
91
91
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
92
92
servicePort = None                      # Not known at startup
93
93
serviceTXT = []                         # TXT record for the service
152
152
    interval = property(lambda self: self._interval,
153
153
                        _set_interval)
154
154
    del _set_interval
155
 
    def __init__(self, name=None, options=None, stop_hook=None,
156
 
                 fingerprint=None, secret=None, secfile=None,
157
 
                 fqdn=None, timeout=None, interval=-1, checker=None):
 
155
    def __init__(self, name=None, stop_hook=None, fingerprint=None,
 
156
                 secret=None, secfile=None, fqdn=None, timeout=None,
 
157
                 interval=-1, checker=None):
158
158
        """Note: the 'checker' argument sets the 'checker_command'
159
159
        attribute and not the 'checker' attribute.."""
160
160
        self.name = name
 
161
        logger.debug(u"Creating client %r", self.name)
161
162
        # Uppercase and remove spaces from fingerprint
162
163
        # for later comparison purposes with return value of
163
164
        # the fingerprint() function
164
165
        self.fingerprint = fingerprint.upper().replace(u" ", u"")
 
166
        logger.debug(u"  Fingerprint: %s", self.fingerprint)
165
167
        if secret:
166
168
            self.secret = secret.decode(u"base64")
167
169
        elif secfile:
174
176
        self.fqdn = fqdn                # string
175
177
        self.created = datetime.datetime.now()
176
178
        self.last_seen = None
177
 
        if timeout is None:
178
 
            self.timeout = options.timeout
179
 
        else:
180
 
            self.timeout = string_to_delta(timeout)
181
 
        if interval == -1:
182
 
            self.interval = options.interval
183
 
        else:
184
 
            self.interval = string_to_delta(interval)
 
179
        self.timeout = string_to_delta(timeout)
 
180
        self.interval = string_to_delta(interval)
185
181
        self.stop_hook = stop_hook
186
182
        self.checker = None
187
183
        self.checker_initiator_tag = None
377
373
        #priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
378
374
        #                "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
379
375
        #                "+DHE-DSS"))
380
 
        priority = "SECURE256"
381
 
        
 
376
        priority = "NORMAL"
 
377
        if self.server.options.priority:
 
378
            priority = self.server.options.priority
382
379
        gnutls.library.functions.gnutls_priority_set_direct\
383
380
            (session._c_object, priority, None);
384
381
        
636
633
                      help="Address to listen for requests on")
637
634
    parser.add_option("-p", "--port", type="int", default=None,
638
635
                      help="Port number to receive requests on")
639
 
    parser.add_option("--timeout", type="string", # Parsed later
640
 
                      default="1h",
641
 
                      help="Amount of downtime allowed for clients")
642
 
    parser.add_option("--interval", type="string", # Parsed later
643
 
                      default="5m",
644
 
                      help="How often to check that a client is up")
645
636
    parser.add_option("--check", action="store_true", default=False,
646
637
                      help="Run self-test")
647
638
    parser.add_option("--debug", action="store_true", default=False,
648
639
                      help="Debug mode")
 
640
    parser.add_option("--priority", type="string",
 
641
                      default="SECURE256",
 
642
                      help="GnuTLS priority string"
 
643
                      " (see GnuTLS documentation)")
 
644
    parser.add_option("--servicename", type="string",
 
645
                      default="Mandos", help="Zeroconf service name")
649
646
    (options, args) = parser.parse_args()
650
647
    
651
648
    if options.check:
653
650
        doctest.testmod()
654
651
        sys.exit()
655
652
    
656
 
    # Parse the time arguments
657
 
    try:
658
 
        options.timeout = string_to_delta(options.timeout)
659
 
    except ValueError:
660
 
        parser.error("option --timeout: Unparseable time")
661
 
    try:
662
 
        options.interval = string_to_delta(options.interval)
663
 
    except ValueError:
664
 
        parser.error("option --interval: Unparseable time")
665
 
    
666
653
    # Parse config file
667
 
    defaults = { "checker": "fping -q -- %%(fqdn)s" }
 
654
    defaults = { "timeout": "1h",
 
655
                 "interval": "5m",
 
656
                 "checker": "fping -q -- %%(fqdn)s",
 
657
                 }
668
658
    client_config = ConfigParser.SafeConfigParser(defaults)
669
659
    #client_config.readfp(open("global.conf"), "global.conf")
670
660
    client_config.read("mandos-clients.conf")
671
661
    
 
662
    global serviceName
 
663
    serviceName = options.servicename;
 
664
    
672
665
    global main_loop
673
666
    global bus
674
667
    global server
698
691
            logger.debug(u"No clients left, exiting")
699
692
            killme()
700
693
    
701
 
    clients.update(Set(Client(name=section, options=options,
 
694
    clients.update(Set(Client(name=section,
702
695
                              stop_hook = remove_from_clients,
703
696
                              **(dict(client_config\
704
697
                                      .items(section))))