To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 24.2.1
- compare with another revision
- download diff
- download tarball
- view history from revision 24.2.1
- Committer: teddy at bsnet
- Date: 2010-08-23 19:23:15 UTC
- mto: (24.1.154 mandos)
- mto: This revision was merged to the branch mainline in revision 421.
- Revision ID: teddy@fukt.bsnet.se-20100823192315-pefgye0l6cavcejs
* debian/control (mandos/Depends): Added "python-urwid".
* mandos (Client.approved_by_default): Changed default to "True".
(Client.approved_delay): Changed default to "0s".
(ClientDBus.GotSecret, ClientDBus.Rejected,
ClientDBus.NeedApproval): Emit "PropertyChanged" signal for the
"approved_pending" property.
* mandos (Client.approved_by_default): Changed default to "True".
(Client.approved_delay): Changed default to "0s".
(ClientDBus.GotSecret, ClientDBus.Rejected,
ClientDBus.NeedApproval): Emit "PropertyChanged" signal for the
"approved_pending" property.
added
removed
mandos
83
83
84
84
version = "1.0.14"
85
85
86
#logger = logging.getLogger(u'mandos')
87
86
logger = logging.Logger(u'mandos')
88
87
syslogger = (logging.handlers.SysLogHandler
89
88
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
99
98
u' %(message)s'))
100
99
logger.addHandler(console)
101
100
101
multiprocessing_manager = multiprocessing.Manager()
102
102
103
class AvahiError(Exception):
103
104
def __init__(self, value, *args, **kwargs):
104
105
self.value = value
157
158
u" after %i retries, exiting.",
158
159
self.rename_count)
159
160
raise AvahiServiceError(u"Too many renames")
160
self.name = unicode(self.server.GetAlternativeServiceName(self.name))
161
self.name = self.server.GetAlternativeServiceName(self.name)
161
162
logger.info(u"Changing Zeroconf service name to %r ...",
162
self.name)
163
unicode(self.name))
163
164
syslogger.setFormatter(logging.Formatter
164
165
(u'Mandos (%s) [%%(process)d]:'
165
166
u' %%(levelname)s: %%(message)s'
166
167
% self.name))
167
168
self.remove()
168
try:
169
self.add()
170
except dbus.exceptions.DBusException, error:
171
logger.critical(u"DBusException: %s", error)
172
self.cleanup()
173
os._exit(1)
169
self.add()
174
170
self.rename_count += 1
175
171
def remove(self):
176
172
"""Derived from the Avahi example code"""
199
195
self.group.Commit()
200
196
def entry_group_state_changed(self, state, error):
201
197
"""Derived from the Avahi example code"""
202
logger.debug(u"Avahi entry group state change: %i", state)
198
logger.debug(u"Avahi state change: %i", state)
203
199
204
200
if state == avahi.ENTRY_GROUP_ESTABLISHED:
205
201
logger.debug(u"Zeroconf service established.")
218
214
self.group = None
219
215
def server_state_changed(self, state):
220
216
"""Derived from the Avahi example code"""
221
logger.debug(u"Avahi server state change: %i", state)
222
217
if state == avahi.SERVER_COLLISION:
223
218
logger.error(u"Zeroconf server name collision")
224
219
self.remove()
265
260
runtime with vars(self) as dict, so that for
266
261
instance %(name)s can be used in the command.
267
262
current_checker_command: string; current running checker_command
268
approval_delay: datetime.timedelta(); Time to wait for approval
263
approved_delay: datetime.timedelta(); Time to wait for approval
269
264
_approved: bool(); 'None' if not yet approved/disapproved
270
approval_duration: datetime.timedelta(); Duration of one approval
265
approved_duration: datetime.timedelta(); Duration of one approval
271
266
"""
272
267
273
268
@staticmethod
285
280
"Return the 'interval' attribute in milliseconds"
286
281
return self._timedelta_to_milliseconds(self.interval)
287
282
288
def approval_delay_milliseconds(self):
289
return self._timedelta_to_milliseconds(self.approval_delay)
283
def approved_delay_milliseconds(self):
284
return self._timedelta_to_milliseconds(self.approved_delay)
290
285
291
286
def __init__(self, name = None, disable_hook=None, config=None):
292
287
"""Note: the 'checker' key in 'config' sets the
310
305
"rb") as secfile:
311
306
self.secret = secfile.read()
312
307
else:
308
#XXX Need to allow secret on demand!
313
309
raise TypeError(u"No secret or secfile for client %s"
314
310
% self.name)
315
311
self.host = config.get(u"host", u"")
327
323
self.checker_command = config[u"checker"]
328
324
self.current_checker_command = None
329
325
self.last_connect = None
326
self.approvals_pending = 0
330
327
self._approved = None
331
328
self.approved_by_default = config.get(u"approved_by_default",
332
329
True)
333
self.approvals_pending = 0
334
self.approval_delay = string_to_delta(
335
config[u"approval_delay"])
336
self.approval_duration = string_to_delta(
337
config[u"approval_duration"])
330
self.approved_delay = string_to_delta(
331
config[u"approved_delay"])
332
self.approved_duration = string_to_delta(
333
config[u"approved_duration"])
338
334
self.changedstate = multiprocessing_manager.Condition(multiprocessing_manager.Lock())
339
335
340
336
def send_changedstate(self):
341
337
self.changedstate.acquire()
342
338
self.changedstate.notify_all()
706
702
# dbus.service.Object doesn't use super(), so we can't either.
707
703
708
704
def __init__(self, bus = None, *args, **kwargs):
709
self._approvals_pending = 0
710
705
self.bus = bus
711
706
Client.__init__(self, *args, **kwargs)
712
707
# Only now, when this client is initialized, can it show up on
716
711
+ self.name.replace(u".", u"_")))
717
712
DBusObjectWithProperties.__init__(self, self.bus,
718
713
self.dbus_object_path)
719
720
def _get_approvals_pending(self):
721
return self._approvals_pending
722
def _set_approvals_pending(self, value):
723
old_value = self._approvals_pending
724
self._approvals_pending = value
725
bval = bool(value)
726
if (hasattr(self, "dbus_object_path")
727
and bval is not bool(old_value)):
728
dbus_bool = dbus.Boolean(bval, variant_level=1)
729
self.PropertyChanged(dbus.String(u"ApprovalPending"),
730
dbus_bool)
731
732
approvals_pending = property(_get_approvals_pending,
733
_set_approvals_pending)
734
del _get_approvals_pending, _set_approvals_pending
735
714
736
715
@staticmethod
737
716
def _datetime_to_dbus(dt, variant_level=0):
744
723
r = Client.enable(self)
745
724
if oldstate != self.enabled:
746
725
# Emit D-Bus signals
747
self.PropertyChanged(dbus.String(u"Enabled"),
726
self.PropertyChanged(dbus.String(u"enabled"),
748
727
dbus.Boolean(True, variant_level=1))
749
728
self.PropertyChanged(
750
dbus.String(u"LastEnabled"),
729
dbus.String(u"last_enabled"),
751
730
self._datetime_to_dbus(self.last_enabled,
752
731
variant_level=1))
753
732
return r
757
736
r = Client.disable(self, quiet=quiet)
758
737
if not quiet and oldstate != self.enabled:
759
738
# Emit D-Bus signal
760
self.PropertyChanged(dbus.String(u"Enabled"),
739
self.PropertyChanged(dbus.String(u"enabled"),
761
740
dbus.Boolean(False, variant_level=1))
762
741
return r
763
742
775
754
self.checker_callback_tag = None
776
755
self.checker = None
777
756
# Emit D-Bus signal
778
self.PropertyChanged(dbus.String(u"CheckerRunning"),
757
self.PropertyChanged(dbus.String(u"checker_running"),
779
758
dbus.Boolean(False, variant_level=1))
780
759
if os.WIFEXITED(condition):
781
760
exitstatus = os.WEXITSTATUS(condition)
796
775
r = Client.checked_ok(self, *args, **kwargs)
797
776
# Emit D-Bus signal
798
777
self.PropertyChanged(
799
dbus.String(u"LastCheckedOK"),
778
dbus.String(u"last_checked_ok"),
800
779
(self._datetime_to_dbus(self.last_checked_ok,
801
780
variant_level=1)))
802
781
return r
814
793
# Emit D-Bus signal
815
794
self.CheckerStarted(self.current_checker_command)
816
795
self.PropertyChanged(
817
dbus.String(u"CheckerRunning"),
796
dbus.String(u"checker_running"),
818
797
dbus.Boolean(True, variant_level=1))
819
798
return r
820
799
823
802
r = Client.stop_checker(self, *args, **kwargs)
824
803
if (old_checker is not None
825
804
and getattr(self, u"checker", None) is None):
826
self.PropertyChanged(dbus.String(u"CheckerRunning"),
805
self.PropertyChanged(dbus.String(u"checker_running"),
827
806
dbus.Boolean(False, variant_level=1))
828
807
return r
829
808
832
811
return False
833
812
834
813
def approve(self, value=True):
835
self.send_changedstate()
836
814
self._approved = value
837
gobject.timeout_add(self._timedelta_to_milliseconds
838
(self.approval_duration),
839
self._reset_approved)
815
gobject.timeout_add(self._timedelta_to_milliseconds(self.approved_duration, self._reset_approved))
816
817
def approved_pending(self):
818
return self.approvals_pending > 0
840
819
841
820
842
821
## D-Bus methods, signals & properties
865
844
# GotSecret - signal
866
845
@dbus.service.signal(_interface)
867
846
def GotSecret(self):
868
"""D-Bus signal
869
Is sent after a successful transfer of secret from the Mandos
870
server to mandos-client
871
"""
872
pass
847
"D-Bus signal"
848
if self.approved_pending():
849
self.PropertyChanged(dbus.String(u"checker_running"),
850
dbus.Boolean(False, variant_level=1))
873
851
874
852
# Rejected - signal
875
853
@dbus.service.signal(_interface, signature=u"s")
876
854
def Rejected(self, reason):
877
855
"D-Bus signal"
878
pass
856
if self.approved_pending():
857
self.PropertyChanged(dbus.String(u"checker_running"),
858
dbus.Boolean(False, variant_level=1))
879
859
880
860
# NeedApproval - signal
881
@dbus.service.signal(_interface, signature=u"tb")
861
@dbus.service.signal(_interface, signature=u"db")
882
862
def NeedApproval(self, timeout, default):
883
863
"D-Bus signal"
884
pass
864
if not self.approved_pending():
865
self.PropertyChanged(dbus.String(u"approved_pending"),
866
dbus.Boolean(True, variant_level=1))
885
867
886
868
## Methods
887
869
920
902
921
903
## Properties
922
904
923
# ApprovalPending - property
905
# approved_pending - property
924
906
@dbus_service_property(_interface, signature=u"b", access=u"read")
925
def ApprovalPending_dbus_property(self):
926
return dbus.Boolean(bool(self.approvals_pending))
907
def approved_pending_dbus_property(self):
908
return dbus.Boolean(self.approved_pending())
927
909
928
# ApprovedByDefault - property
910
# approved_by_default - property
929
911
@dbus_service_property(_interface, signature=u"b",
930
912
access=u"readwrite")
931
def ApprovedByDefault_dbus_property(self, value=None):
932
if value is None: # get
933
return dbus.Boolean(self.approved_by_default)
934
self.approved_by_default = bool(value)
935
# Emit D-Bus signal
936
self.PropertyChanged(dbus.String(u"ApprovedByDefault"),
937
dbus.Boolean(value, variant_level=1))
938
939
# ApprovalDelay - property
940
@dbus_service_property(_interface, signature=u"t",
941
access=u"readwrite")
942
def ApprovalDelay_dbus_property(self, value=None):
943
if value is None: # get
944
return dbus.UInt64(self.approval_delay_milliseconds())
945
self.approval_delay = datetime.timedelta(0, 0, 0, value)
946
# Emit D-Bus signal
947
self.PropertyChanged(dbus.String(u"ApprovalDelay"),
948
dbus.UInt64(value, variant_level=1))
949
950
# ApprovalDuration - property
951
@dbus_service_property(_interface, signature=u"t",
952
access=u"readwrite")
953
def ApprovalDuration_dbus_property(self, value=None):
954
if value is None: # get
955
return dbus.UInt64(self._timedelta_to_milliseconds(
956
self.approval_duration))
957
self.approval_duration = datetime.timedelta(0, 0, 0, value)
958
# Emit D-Bus signal
959
self.PropertyChanged(dbus.String(u"ApprovalDuration"),
960
dbus.UInt64(value, variant_level=1))
961
962
# Name - property
913
def approved_by_default_dbus_property(self):
914
return dbus.Boolean(self.approved_by_default)
915
916
# approved_delay - property
917
@dbus_service_property(_interface, signature=u"t",
918
access=u"readwrite")
919
def approved_delay_dbus_property(self):
920
return dbus.UInt64(self.approved_delay_milliseconds())
921
922
# approved_duration - property
923
@dbus_service_property(_interface, signature=u"t",
924
access=u"readwrite")
925
def approved_duration_dbus_property(self):
926
return dbus.UInt64(self._timedelta_to_milliseconds(
927
self.approved_duration))
928
929
# name - property
963
930
@dbus_service_property(_interface, signature=u"s", access=u"read")
964
def Name_dbus_property(self):
931
def name_dbus_property(self):
965
932
return dbus.String(self.name)
966
933
967
# Fingerprint - property
934
# fingerprint - property
968
935
@dbus_service_property(_interface, signature=u"s", access=u"read")
969
def Fingerprint_dbus_property(self):
936
def fingerprint_dbus_property(self):
970
937
return dbus.String(self.fingerprint)
971
938
972
# Host - property
939
# host - property
973
940
@dbus_service_property(_interface, signature=u"s",
974
941
access=u"readwrite")
975
def Host_dbus_property(self, value=None):
942
def host_dbus_property(self, value=None):
976
943
if value is None: # get
977
944
return dbus.String(self.host)
978
945
self.host = value
979
946
# Emit D-Bus signal
980
self.PropertyChanged(dbus.String(u"Host"),
947
self.PropertyChanged(dbus.String(u"host"),
981
948
dbus.String(value, variant_level=1))
982
949
983
# Created - property
950
# created - property
984
951
@dbus_service_property(_interface, signature=u"s", access=u"read")
985
def Created_dbus_property(self):
952
def created_dbus_property(self):
986
953
return dbus.String(self._datetime_to_dbus(self.created))
987
954
988
# LastEnabled - property
955
# last_enabled - property
989
956
@dbus_service_property(_interface, signature=u"s", access=u"read")
990
def LastEnabled_dbus_property(self):
957
def last_enabled_dbus_property(self):
991
958
if self.last_enabled is None:
992
959
return dbus.String(u"")
993
960
return dbus.String(self._datetime_to_dbus(self.last_enabled))
994
961
995
# Enabled - property
962
# enabled - property
996
963
@dbus_service_property(_interface, signature=u"b",
997
964
access=u"readwrite")
998
def Enabled_dbus_property(self, value=None):
965
def enabled_dbus_property(self, value=None):
999
966
if value is None: # get
1000
967
return dbus.Boolean(self.enabled)
1001
968
if value:
1003
970
else:
1004
971
self.disable()
1005
972
1006
# LastCheckedOK - property
973
# last_checked_ok - property
1007
974
@dbus_service_property(_interface, signature=u"s",
1008
975
access=u"readwrite")
1009
def LastCheckedOK_dbus_property(self, value=None):
976
def last_checked_ok_dbus_property(self, value=None):
1010
977
if value is not None:
1011
978
self.checked_ok()
1012
979
return
1015
982
return dbus.String(self._datetime_to_dbus(self
1016
983
.last_checked_ok))
1017
984
1018
# Timeout - property
985
# timeout - property
1019
986
@dbus_service_property(_interface, signature=u"t",
1020
987
access=u"readwrite")
1021
def Timeout_dbus_property(self, value=None):
988
def timeout_dbus_property(self, value=None):
1022
989
if value is None: # get
1023
990
return dbus.UInt64(self.timeout_milliseconds())
1024
991
self.timeout = datetime.timedelta(0, 0, 0, value)
1025
992
# Emit D-Bus signal
1026
self.PropertyChanged(dbus.String(u"Timeout"),
993
self.PropertyChanged(dbus.String(u"timeout"),
1027
994
dbus.UInt64(value, variant_level=1))
1028
995
if getattr(self, u"disable_initiator_tag", None) is None:
1029
996
return
1043
1010
self.disable_initiator_tag = (gobject.timeout_add
1044
1011
(time_to_die, self.disable))
1045
1012
1046
# Interval - property
1013
# interval - property
1047
1014
@dbus_service_property(_interface, signature=u"t",
1048
1015
access=u"readwrite")
1049
def Interval_dbus_property(self, value=None):
1016
def interval_dbus_property(self, value=None):
1050
1017
if value is None: # get
1051
1018
return dbus.UInt64(self.interval_milliseconds())
1052
1019
self.interval = datetime.timedelta(0, 0, 0, value)
1053
1020
# Emit D-Bus signal
1054
self.PropertyChanged(dbus.String(u"Interval"),
1021
self.PropertyChanged(dbus.String(u"interval"),
1055
1022
dbus.UInt64(value, variant_level=1))
1056
1023
if getattr(self, u"checker_initiator_tag", None) is None:
1057
1024
return
1061
1028
(value, self.start_checker))
1062
1029
self.start_checker() # Start one now, too
1063
1030
1064
# Checker - property
1031
# checker - property
1065
1032
@dbus_service_property(_interface, signature=u"s",
1066
1033
access=u"readwrite")
1067
def Checker_dbus_property(self, value=None):
1034
def checker_dbus_property(self, value=None):
1068
1035
if value is None: # get
1069
1036
return dbus.String(self.checker_command)
1070
1037
self.checker_command = value
1071
1038
# Emit D-Bus signal
1072
self.PropertyChanged(dbus.String(u"Checker"),
1039
self.PropertyChanged(dbus.String(u"checker"),
1073
1040
dbus.String(self.checker_command,
1074
1041
variant_level=1))
1075
1042
1076
# CheckerRunning - property
1043
# checker_running - property
1077
1044
@dbus_service_property(_interface, signature=u"b",
1078
1045
access=u"readwrite")
1079
def CheckerRunning_dbus_property(self, value=None):
1046
def checker_running_dbus_property(self, value=None):
1080
1047
if value is None: # get
1081
1048
return dbus.Boolean(self.checker is not None)
1082
1049
if value:
1084
1051
else:
1085
1052
self.stop_checker()
1086
1053
1087
# ObjectPath - property
1054
# object_path - property
1088
1055
@dbus_service_property(_interface, signature=u"o", access=u"read")
1089
def ObjectPath_dbus_property(self):
1056
def object_path_dbus_property(self):
1090
1057
return self.dbus_object_path # is already a dbus.ObjectPath
1091
1058
1092
# Secret = property
1059
# secret = property
1093
1060
@dbus_service_property(_interface, signature=u"ay",
1094
1061
access=u"write", byte_arrays=True)
1095
def Secret_dbus_property(self, value):
1062
def secret_dbus_property(self, value):
1096
1063
self.secret = str(value)
1097
1064
1098
1065
del _interface
1196
1163
except KeyError:
1197
1164
return
1198
1165
1199
if client.approval_delay:
1200
delay = client.approval_delay
1166
if client.approved_delay:
1167
delay = client.approved_delay
1201
1168
client.approvals_pending += 1
1202
1169
approval_required = True
1203
1170
1210
1177
client.Rejected("Disabled")
1211
1178
return
1212
1179
1213
if client._approved or not client.approval_delay:
1180
if client._approved or not client.approved_delay:
1214
1181
#We are approved or approval is disabled
1215
1182
break
1216
1183
elif client._approved is None:
1217
logger.info(u"Client %s needs approval",
1184
logger.info(u"Client %s need approval",
1218
1185
client.name)
1219
1186
if self.server.use_dbus:
1220
1187
# Emit D-Bus signal
1221
1188
client.NeedApproval(
1222
client.approval_delay_milliseconds(),
1189
client.approved_delay_milliseconds(),
1223
1190
client.approved_by_default)
1224
1191
else:
1225
1192
logger.warning(u"Client %s was not approved",
1226
1193
client.name)
1227
1194
if self.server.use_dbus:
1228
1195
# Emit D-Bus signal
1229
client.Rejected("Denied")
1196
client.Rejected("Disapproved")
1230
1197
return
1231
1198
1232
1199
#wait until timeout or approved
1243
1210
client.name)
1244
1211
if self.server.use_dbus:
1245
1212
# Emit D-Bus signal
1246
client.Rejected("Approval timed out")
1213
client.Rejected("Time out")
1247
1214
return
1248
1215
else:
1249
1216
break
1252
1219
1253
1220
sent_size = 0
1254
1221
while sent_size < len(client.secret):
1255
try:
1256
sent = session.send(client.secret[sent_size:])
1257
except (gnutls.errors.GNUTLSError), error:
1258
logger.warning("gnutls send failed")
1259
return
1222
# XXX handle session exception
1223
sent = session.send(client.secret[sent_size:])
1260
1224
logger.debug(u"Sent: %d, remaining: %d",
1261
1225
sent, len(client.secret)
1262
1226
- (sent_size + sent))
1272
1236
finally:
1273
1237
if approval_required:
1274
1238
client.approvals_pending -= 1
1275
try:
1276
session.bye()
1277
except (gnutls.errors.GNUTLSError), error:
1278
logger.warning("GnuTLS bye failed")
1239
session.bye()
1279
1240
1280
1241
@staticmethod
1281
1242
def peer_certificate(session):
1366
1327
1367
1328
super(MultiprocessingMixInWithPipe,
1368
1329
self).process_request(request, client_address)
1369
self.child_pipe.close()
1370
1330
self.add_pipe(parent_pipe)
1371
1372
1331
def add_pipe(self, parent_pipe):
1373
1332
"""Dummy function; override as necessary"""
1374
1333
pass
1487
1446
for cond, name in
1488
1447
condition_names.iteritems()
1489
1448
if cond & condition)
1490
# error or the other end of multiprocessing.Pipe has closed
1491
if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1492
return False
1449
logger.debug(u"Handling IPC: FD = %d, condition = %s", source,
1450
conditions_string)
1493
1451
1494
1452
# Read a request from the child
1495
1453
request = parent_pipe.recv()
1533
1491
parent_pipe.send(('function',))
1534
1492
else:
1535
1493
parent_pipe.send(('data', client_object.__getattribute__(attrname)))
1536
1494
1537
1495
if command == 'setattr':
1538
1496
attrname = request[1]
1539
1497
value = request[2]
1540
1498
setattr(client_object, attrname, value)
1541
1499
1542
1500
return True
1543
1501
1544
1502
1647
1605
parser.add_option("--debug", action=u"store_true",
1648
1606
help=u"Debug mode; run in foreground and log to"
1649
1607
u" terminal")
1650
parser.add_option("--debuglevel", type=u"string", metavar="Level",
1651
help=u"Debug level for stdout output")
1652
1608
parser.add_option("--priority", type=u"string", help=u"GnuTLS"
1653
1609
u" priority string (see GnuTLS documentation)")
1654
1610
parser.add_option("--servicename", type=u"string",
1679
1635
u"servicename": u"Mandos",
1680
1636
u"use_dbus": u"True",
1681
1637
u"use_ipv6": u"True",
1682
u"debuglevel": u"",
1683
1638
}
1684
1639
1685
1640
# Parse config file for server-global settings
1702
1657
# options, if set.
1703
1658
for option in (u"interface", u"address", u"port", u"debug",
1704
1659
u"priority", u"servicename", u"configdir",
1705
u"use_dbus", u"use_ipv6", u"debuglevel"):
1660
u"use_dbus", u"use_ipv6"):
1706
1661
value = getattr(options, option)
1707
1662
if value is not None:
1708
1663
server_settings[option] = value
1717
1672
1718
1673
# For convenience
1719
1674
debug = server_settings[u"debug"]
1720
debuglevel = server_settings[u"debuglevel"]
1721
1675
use_dbus = server_settings[u"use_dbus"]
1722
1676
use_ipv6 = server_settings[u"use_ipv6"]
1723
1677
1678
if not debug:
1679
syslogger.setLevel(logging.WARNING)
1680
console.setLevel(logging.WARNING)
1681
1724
1682
if server_settings[u"servicename"] != u"Mandos":
1725
1683
syslogger.setFormatter(logging.Formatter
1726
1684
(u'Mandos (%s) [%%(process)d]:'
1732
1690
u"interval": u"5m",
1733
1691
u"checker": u"fping -q -- %%(host)s",
1734
1692
u"host": u"",
1735
u"approval_delay": u"0s",
1736
u"approval_duration": u"1s",
1693
u"approved_delay": u"0s",
1694
u"approved_duration": u"1s",
1737
1695
}
1738
1696
client_config = configparser.SafeConfigParser(client_defaults)
1739
1697
client_config.read(os.path.join(server_settings[u"configdir"],
1745
1703
tcp_server = MandosServer((server_settings[u"address"],
1746
1704
server_settings[u"port"]),
1747
1705
ClientHandler,
1748
interface=(server_settings[u"interface"]
1749
or None),
1706
interface=server_settings[u"interface"],
1750
1707
use_ipv6=use_ipv6,
1751
1708
gnutls_priority=
1752
1709
server_settings[u"priority"],
1778
1735
if error[0] != errno.EPERM:
1779
1736
raise error
1780
1737
1781
if not debug and not debuglevel:
1782
syslogger.setLevel(logging.WARNING)
1783
console.setLevel(logging.WARNING)
1784
if debuglevel:
1785
level = getattr(logging, debuglevel.upper())
1786
syslogger.setLevel(level)
1787
console.setLevel(level)
1788
1738
# Enable all possible GnuTLS debugging
1789
1739
if debug:
1790
# Enable all possible GnuTLS debugging
1791
1792
1740
# "Use a log level over 10 to enable all debugging options."
1793
1741
# - GnuTLS manual
1794
1742
gnutls.library.functions.gnutls_global_set_log_level(11)
1799
1747
1800
1748
(gnutls.library.functions
1801
1749
.gnutls_global_set_log_function(debug_gnutls))
1802
1803
# Redirect stdin so all checkers get /dev/null
1804
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1805
os.dup2(null, sys.stdin.fileno())
1806
if null > 2:
1807
os.close(null)
1808
else:
1809
# No console logging
1810
logger.removeHandler(console)
1811
1812
1750
1813
1751
global main_loop
1814
1752
# From the Avahi example code
1832
1770
if server_settings["interface"]:
1833
1771
service.interface = (if_nametoindex
1834
1772
(str(server_settings[u"interface"])))
1835
1836
if not debug:
1837
# Close all input and output, do double fork, etc.
1838
daemon()
1839
1840
global multiprocessing_manager
1841
multiprocessing_manager = multiprocessing.Manager()
1842
1773
1843
1774
client_class = Client
1844
1775
if use_dbus:
1862
1793
for section in client_config.sections()))
1863
1794
if not tcp_server.clients:
1864
1795
logger.warning(u"No clients defined")
1865
1796
1797
if debug:
1798
# Redirect stdin so all checkers get /dev/null
1799
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1800
os.dup2(null, sys.stdin.fileno())
1801
if null > 2:
1802
os.close(null)
1803
else:
1804
# No console logging
1805
logger.removeHandler(console)
1806
# Close all input and output, do double fork, etc.
1807
daemon()
1808
1866
1809
try:
1867
1810
with pidfile:
1868
1811
pid = os.getpid()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0