To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 323
- compare with another revision
- download diff
- download tarball
- view history from revision 323
- Committer: Teddy Hogeborn
- Date: 2009-02-25 01:14:29 UTC
- Revision ID: teddy@fukt.bsnet.se-20090225011429-dwz2bj41zqn0w8eo
* initramfs-tools-hook: Add missing terminating `" when setting
mandos_user and mandos_group.
* mandos.conf.xml (SEE ALSO): Improved grammar.
mandos_user and mandos_group.
* mandos.conf.xml (SEE ALSO): Improved grammar.
added
removed
mandos
66
66
import ctypes
67
67
import ctypes.util
68
68
69
version = "1.0.5"
69
version = "1.0.7"
70
70
71
71
logger = logging.Logger('mandos')
72
72
syslogger = (logging.handlers.SysLogHandler
114
114
"""
115
115
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
116
116
servicetype = None, port = None, TXT = None,
117
domain = "", host = "", max_renames = 32768):
117
domain = "", host = "", max_renames = 32768,
118
protocol = avahi.PROTO_UNSPEC):
118
119
self.interface = interface
119
120
self.name = name
120
121
self.type = servicetype
124
125
self.host = host
125
126
self.rename_count = 0
126
127
self.max_renames = max_renames
128
self.protocol = protocol
127
129
def rename(self):
128
130
"""Derived from the Avahi example code"""
129
131
if self.rename_count >= self.max_renames:
158
160
service.name, service.type)
159
161
group.AddService(
160
162
self.interface, # interface
161
avahi.PROTO_INET6, # protocol
163
self.protocol, # protocol
162
164
dbus.UInt32(0), # flags
163
165
self.name, self.type,
164
166
self.domain, self.host,
203
205
client lives. %() expansions are done at
204
206
runtime with vars(self) as dict, so that for
205
207
instance %(name)s can be used in the command.
208
current_checker_command: string; current running checker_command
206
209
use_dbus: bool(); Whether to provide D-Bus interface and signals
207
210
dbus_object_path: dbus.ObjectPath ; only set if self.use_dbus
208
211
"""
257
260
self.disable_initiator_tag = None
258
261
self.checker_callback_tag = None
259
262
self.checker_command = config["checker"]
263
self.current_checker_command = None
260
264
self.last_connect = None
261
265
# Only now, when this client is initialized, can it show up on
262
266
# the D-Bus
377
381
# checkers alone, the checker would have to take more time
378
382
# than 'timeout' for the client to be declared invalid, which
379
383
# is as it should be.
384
385
# If a checker exists, make sure it is not a zombie
386
if self.checker is not None:
387
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
388
if pid:
389
logger.warning("Checker was a zombie")
390
gobject.source_remove(self.checker_callback_tag)
391
self.checker_callback(pid, status,
392
self.current_checker_command)
393
# Start a new checker if needed
380
394
if self.checker is None:
381
395
try:
382
396
# In case checker_command has exactly one % operator
392
406
logger.error(u'Could not format string "%s":'
393
407
u' %s', self.checker_command, error)
394
408
return True # Try again later
409
self.current_checker_command = command
395
410
try:
396
411
logger.info(u"Starting checker %r for %s",
397
412
command, self.name)
738
753
739
754
class IPv6_TCPServer(SocketServer.ForkingMixIn,
740
755
SocketServer.TCPServer, object):
741
"""IPv6 TCP server. Accepts 'None' as address and/or port.
756
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
742
757
Attributes:
743
758
settings: Server settings
744
759
clients: Set() of Client objects
752
767
if "clients" in kwargs:
753
768
self.clients = kwargs["clients"]
754
769
del kwargs["clients"]
770
if "use_ipv6" in kwargs:
771
if not kwargs["use_ipv6"]:
772
self.address_family = socket.AF_INET
773
del kwargs["use_ipv6"]
755
774
self.enabled = False
756
775
super(IPv6_TCPServer, self).__init__(*args, **kwargs)
757
776
def server_bind(self):
775
794
# Only bind(2) the socket if we really need to.
776
795
if self.server_address[0] or self.server_address[1]:
777
796
if not self.server_address[0]:
778
in6addr_any = "::"
779
self.server_address = (in6addr_any,
797
if self.address_family == socket.AF_INET6:
798
any_address = "::" # in6addr_any
799
else:
800
any_address = socket.INADDR_ANY
801
self.server_address = (any_address,
780
802
self.server_address[1])
781
803
elif not self.server_address[1]:
782
804
self.server_address = (self.server_address[0],
929
951
dest="use_dbus",
930
952
help="Do not provide D-Bus system bus"
931
953
" interface")
954
parser.add_option("--no-ipv6", action="store_false",
955
dest="use_ipv6", help="Do not use IPv6")
932
956
options = parser.parse_args()[0]
933
957
934
958
if options.check:
945
969
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
946
970
"servicename": "Mandos",
947
971
"use_dbus": "True",
972
"use_ipv6": "True",
948
973
}
949
974
950
975
# Parse config file for server-global settings
958
983
"debug")
959
984
server_settings["use_dbus"] = server_config.getboolean("DEFAULT",
960
985
"use_dbus")
986
server_settings["use_ipv6"] = server_config.getboolean("DEFAULT",
987
"use_ipv6")
961
988
if server_settings["port"]:
962
989
server_settings["port"] = server_config.getint("DEFAULT",
963
990
"port")
967
994
# options, if set.
968
995
for option in ("interface", "address", "port", "debug",
969
996
"priority", "servicename", "configdir",
970
"use_dbus"):
997
"use_dbus", "use_ipv6"):
971
998
value = getattr(options, option)
972
999
if value is not None:
973
1000
server_settings[option] = value
977
1004
# For convenience
978
1005
debug = server_settings["debug"]
979
1006
use_dbus = server_settings["use_dbus"]
1007
use_ipv6 = server_settings["use_ipv6"]
980
1008
981
1009
if not debug:
982
1010
syslogger.setLevel(logging.WARNING)
1003
1031
server_settings["port"]),
1004
1032
TCP_handler,
1005
1033
settings=server_settings,
1006
clients=clients)
1034
clients=clients, use_ipv6=use_ipv6)
1007
1035
pidfilename = "/var/run/mandos.pid"
1008
1036
try:
1009
1037
pidfile = open(pidfilename, "w")
1045
1073
.gnutls_global_set_log_function(debug_gnutls))
1046
1074
1047
1075
global service
1076
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
1048
1077
service = AvahiService(name = server_settings["servicename"],
1049
servicetype = "_mandos._tcp", )
1078
servicetype = "_mandos._tcp",
1079
protocol = protocol)
1050
1080
if server_settings["interface"]:
1051
1081
service.interface = (if_nametoindex
1052
1082
(server_settings["interface"]))
1179
1209
1180
1210
# Find out what port we got
1181
1211
service.port = tcp_server.socket.getsockname()[1]
1182
logger.info(u"Now listening on address %r, port %d, flowinfo %d,"
1183
u" scope_id %d" % tcp_server.socket.getsockname())
1212
if use_ipv6:
1213
logger.info(u"Now listening on address %r, port %d,"
1214
" flowinfo %d, scope_id %d"
1215
% tcp_server.socket.getsockname())
1216
else: # IPv4
1217
logger.info(u"Now listening on address %r, port %d"
1218
% tcp_server.socket.getsockname())
1184
1219
1185
1220
#service.interface = tcp_server.socket.getsockname()[3]
1186
1221
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0