/mandos/trunk : revision 389

55

import logging

56

import logging.handlers

57

import pwd

58

import contextlib

58

from contextlib import closing

59

import struct

60

import fcntl

61

import functools

62

import cPickle as pickle

63

import multiprocessing

64

62

65

63

import dbus

66

64

import dbus.service

81

79

SO_BINDTODEVICE = None

82

80

83

81

84

version = "1.0.14"

82

version = "1.0.12"

85

83

86

#logger = logging.getLogger(u'mandos')

87

84

logger = logging.Logger(u'mandos')

88

85

syslogger = (logging.handlers.SysLogHandler

89

86

(facility = logging.handlers.SysLogHandler.LOG_DAEMON,

157

154

u" after %i retries, exiting.",

158

155

self.rename_count)

159

156

raise AvahiServiceError(u"Too many renames")

160

self.name = unicode(self.server.GetAlternativeServiceName(self.name))

157

self.name = self.server.GetAlternativeServiceName(self.name)

161

158

logger.info(u"Changing Zeroconf service name to %r ...",

162

self.name)

159

unicode(self.name))

163

160

syslogger.setFormatter(logging.Formatter

164

161

(u'Mandos (%s) [%%(process)d]:'

165

162

u' %%(levelname)s: %%(message)s'

166

163

% self.name))

167

164

self.remove()

168

try:

169

self.add()

170

except dbus.exceptions.DBusException, error:

171

logger.critical(u"DBusException: %s", error)

172

self.cleanup()

173

os._exit(1)

165

self.add()

174

166

self.rename_count += 1

175

167

def remove(self):

176

168

"""Derived from the Avahi example code"""

199

191

self.group.Commit()

200

192

def entry_group_state_changed(self, state, error):

201

193

"""Derived from the Avahi example code"""

202

logger.debug(u"Avahi entry group state change: %i", state)

194

logger.debug(u"Avahi state change: %i", state)

203

195

204

196

if state == avahi.ENTRY_GROUP_ESTABLISHED:

205

197

logger.debug(u"Zeroconf service established.")

218

210

self.group = None

219

211

def server_state_changed(self, state):

220

212

"""Derived from the Avahi example code"""

221

logger.debug(u"Avahi server state change: %i", state)

222

213

if state == avahi.SERVER_COLLISION:

223

214

logger.error(u"Zeroconf server name collision")

224

215

self.remove()

251

242

enabled: bool()

252

243

last_checked_ok: datetime.datetime(); (UTC) or None

253

244

timeout: datetime.timedelta(); How long from last_checked_ok

254

until this client is disabled

245

until this client is invalid

255

246

interval: datetime.timedelta(); How often to start a new checker

256

247

disable_hook: If set, called by disable() as disable_hook(self)

257

248

checker: subprocess.Popen(); a running checker process used

265

256

runtime with vars(self) as dict, so that for

266

257

instance %(name)s can be used in the command.

267

258

current_checker_command: string; current running checker_command

268

approval_delay: datetime.timedelta(); Time to wait for approval

269

_approved: bool(); 'None' if not yet approved/disapproved

270

approval_duration: datetime.timedelta(); Duration of one approval

271

259

"""

272

260

273

261

@staticmethod

284

272

def interval_milliseconds(self):

285

273

"Return the 'interval' attribute in milliseconds"

286

274

return self._timedelta_to_milliseconds(self.interval)

287

288

def approval_delay_milliseconds(self):

289

return self._timedelta_to_milliseconds(self.approval_delay)

290

275

291

276

def __init__(self, name = None, disable_hook=None, config=None):

292

277

"""Note: the 'checker' key in 'config' sets the

305

290

if u"secret" in config:

306

291

self.secret = config[u"secret"].decode(u"base64")

307

292

elif u"secfile" in config:

308

with open(os.path.expanduser(os.path.expandvars

309

(config[u"secfile"])),

310

"rb") as secfile:

293

with closing(open(os.path.expanduser

294

(os.path.expandvars

295

(config[u"secfile"])),

296

"rb")) as secfile:

311

297

self.secret = secfile.read()

312

298

else:

313

299

raise TypeError(u"No secret or secfile for client %s"

327

313

self.checker_command = config[u"checker"]

328

314

self.current_checker_command = None

329

315

self.last_connect = None

330

self._approved = None

331

self.approved_by_default = config.get(u"approved_by_default",

332

True)

333

self.approvals_pending = 0

334

self.approval_delay = string_to_delta(

335

config[u"approval_delay"])

336

self.approval_duration = string_to_delta(

337

config[u"approval_duration"])

338

self.changedstate = multiprocessing_manager.Condition(multiprocessing_manager.Lock())

339

316

340

def send_changedstate(self):

341

self.changedstate.acquire()

342

self.changedstate.notify_all()

343

self.changedstate.release()

344

345

317

def enable(self):

346

318

"""Start this client's checker and timeout hooks"""

347

319

if getattr(self, u"enabled", False):

348

320

# Already enabled

349

321

return

350

self.send_changedstate()

351

322

self.last_enabled = datetime.datetime.utcnow()

352

323

# Schedule a new checker to be started an 'interval' from now,

353

324

# and every interval from then on.

354

325

self.checker_initiator_tag = (gobject.timeout_add

355

326

(self.interval_milliseconds(),

356

327

self.start_checker))

328

# Also start a new checker *right now*.

329

self.start_checker()

357

330

# Schedule a disable() when 'timeout' has passed

358

331

self.disable_initiator_tag = (gobject.timeout_add

359

332

(self.timeout_milliseconds(),

360

333

self.disable))

361

334

self.enabled = True

362

# Also start a new checker *right now*.

363

self.start_checker()

364

335

365

def disable(self, quiet=True):

336

def disable(self):

366

337

"""Disable this client."""

367

338

if not getattr(self, "enabled", False):

368

339

return False

369

if not quiet:

370

self.send_changedstate()

371

if not quiet:

372

logger.info(u"Disabling client %s", self.name)

340

logger.info(u"Disabling client %s", self.name)

373

341

if getattr(self, u"disable_initiator_tag", False):

374

342

gobject.source_remove(self.disable_initiator_tag)

375

343

self.disable_initiator_tag = None

427

395

# client would inevitably timeout, since no checker would get

428

396

# a chance to run to completion. If we instead leave running

429

397

# checkers alone, the checker would have to take more time

430

# than 'timeout' for the client to be disabled, which is as it

431

# should be.

398

# than 'timeout' for the client to be declared invalid, which

399

# is as it should be.

432

400

433

401

# If a checker exists, make sure it is not a zombie

434

402

try:

499

467

logger.debug(u"Stopping checker for %(name)s", vars(self))

500

468

try:

501

469

os.kill(self.checker.pid, signal.SIGTERM)

502

#time.sleep(0.5)

470

#os.sleep(0.5)

503

471

#if self.checker.poll() is None:

504

472

# os.kill(self.checker.pid, signal.SIGKILL)

505

473

except OSError, error:

506

474

if error.errno != errno.ESRCH: # No such process

507

475

raise

508

476

self.checker = None

477

478

def still_valid(self):

479

"""Has the timeout not yet passed for this client?"""

480

if not getattr(self, u"enabled", False):

481

return False

482

now = datetime.datetime.utcnow()

483

if self.last_checked_ok is None:

484

return now < (self.created + self.timeout)

485

else:

486

return now < (self.last_checked_ok + self.timeout)

487

509

488

510

489

def dbus_service_property(dbus_interface, signature=u"v",

511

490

access=u"readwrite", byte_arrays=False):

519

498

dbus.service.method, except there is only "signature", since the

520

499

type from Get() and the type sent to Set() is the same.

521

500

"""

522

# Encoding deeply encoded byte arrays is not supported yet by the

523

# "Set" method, so we fail early here:

524

if byte_arrays and signature != u"ay":

525

raise ValueError(u"Byte arrays not supported for non-'ay'"

526

u" signature %r" % signature)

527

501

def decorator(func):

528

502

func._dbus_is_property = True

529

503

func._dbus_interface = dbus_interface

615

589

if prop._dbus_access == u"read":

616

590

raise DBusPropertyAccessException(property_name)

617

591

if prop._dbus_get_args_options[u"byte_arrays"]:

618

# The byte_arrays option is not supported yet on

619

# signatures other than "ay".

620

if prop._dbus_signature != u"ay":

621

raise ValueError

622

592

value = dbus.ByteArray(''.join(unichr(byte)

623

593

for byte in value))

624

594

prop(value)

706

676

# dbus.service.Object doesn't use super(), so we can't either.

707

677

708

678

def __init__(self, bus = None, *args, **kwargs):

709

self._approvals_pending = 0

710

679

self.bus = bus

711

680

Client.__init__(self, *args, **kwargs)

712

681

# Only now, when this client is initialized, can it show up on

716

685

+ self.name.replace(u".", u"_")))

717

686

DBusObjectWithProperties.__init__(self, self.bus,

718

687

self.dbus_object_path)

719

720

def _get_approvals_pending(self):

721

return self._approvals_pending

722

def _set_approvals_pending(self, value):

723

old_value = self._approvals_pending

724

self._approvals_pending = value

725

bval = bool(value)

726

if (hasattr(self, "dbus_object_path")

727

and bval is not bool(old_value)):

728

dbus_bool = dbus.Boolean(bval, variant_level=1)

729

self.PropertyChanged(dbus.String(u"ApprovalPending"),

730

dbus_bool)

731

732

approvals_pending = property(_get_approvals_pending,

733

_set_approvals_pending)

734

del _get_approvals_pending, _set_approvals_pending

735

688

736

689

@staticmethod

737

690

def _datetime_to_dbus(dt, variant_level=0):

744

697

r = Client.enable(self)

745

698

if oldstate != self.enabled:

746

699

# Emit D-Bus signals

747

self.PropertyChanged(dbus.String(u"Enabled"),

700

self.PropertyChanged(dbus.String(u"enabled"),

748

701

dbus.Boolean(True, variant_level=1))

749

702

self.PropertyChanged(

750

dbus.String(u"LastEnabled"),

703

dbus.String(u"last_enabled"),

751

704

self._datetime_to_dbus(self.last_enabled,

752

705

variant_level=1))

753

706

return r

754

707

755

def disable(self, quiet = False):

708

def disable(self, signal = True):

756

709

oldstate = getattr(self, u"enabled", False)

757

r = Client.disable(self, quiet=quiet)

758

if not quiet and oldstate != self.enabled:

710

r = Client.disable(self)

711

if signal and oldstate != self.enabled:

759

712

# Emit D-Bus signal

760

self.PropertyChanged(dbus.String(u"Enabled"),

713

self.PropertyChanged(dbus.String(u"enabled"),

761

714

dbus.Boolean(False, variant_level=1))

762

715

return r

763

716

775

728

self.checker_callback_tag = None

776

729

self.checker = None

777

730

# Emit D-Bus signal

778

self.PropertyChanged(dbus.String(u"CheckerRunning"),

731

self.PropertyChanged(dbus.String(u"checker_running"),

779

732

dbus.Boolean(False, variant_level=1))

780

733

if os.WIFEXITED(condition):

781

734

exitstatus = os.WEXITSTATUS(condition)

796

749

r = Client.checked_ok(self, *args, **kwargs)

797

750

# Emit D-Bus signal

798

751

self.PropertyChanged(

799

dbus.String(u"LastCheckedOK"),

752

dbus.String(u"last_checked_ok"),

800

753

(self._datetime_to_dbus(self.last_checked_ok,

801

754

variant_level=1)))

802

755

return r

814

767

# Emit D-Bus signal

815

768

self.CheckerStarted(self.current_checker_command)

816

769

self.PropertyChanged(

817

dbus.String(u"CheckerRunning"),

770

dbus.String(u"checker_running"),

818

771

dbus.Boolean(True, variant_level=1))

819

772

return r

820

773

823

776

r = Client.stop_checker(self, *args, **kwargs)

824

777

if (old_checker is not None

825

778

and getattr(self, u"checker", None) is None):

826

self.PropertyChanged(dbus.String(u"CheckerRunning"),

779

self.PropertyChanged(dbus.String(u"checker_running"),

827

780

dbus.Boolean(False, variant_level=1))

828

781

return r

829

830

def _reset_approved(self):

831

self._approved = None

832

return False

833

834

def approve(self, value=True):

835

self.send_changedstate()

836

self._approved = value

837

gobject.timeout_add(self._timedelta_to_milliseconds

838

(self.approval_duration),

839

self._reset_approved)

840

841

842

## D-Bus methods, signals & properties

782

783

## D-Bus methods & signals

843

784

_interface = u"se.bsnet.fukt.Mandos.Client"

844

785

845

## Signals

786

# CheckedOK - method

787

@dbus.service.method(_interface)

788

def CheckedOK(self):

789

return self.checked_ok()

846

790

847

791

# CheckerCompleted - signal

848

792

@dbus.service.signal(_interface, signature=u"nxs")

865

809

# GotSecret - signal

866

810

@dbus.service.signal(_interface)

867

811

def GotSecret(self):

868

"""D-Bus signal

869

Is sent after a successful transfer of secret from the Mandos

870

server to mandos-client

871

"""

812

"D-Bus signal"

872

813

pass

873

814

874

815

# Rejected - signal

875

@dbus.service.signal(_interface, signature=u"s")

876

def Rejected(self, reason):

877

"D-Bus signal"

878

pass

879

880

# NeedApproval - signal

881

@dbus.service.signal(_interface, signature=u"tb")

882

def NeedApproval(self, timeout, default):

883

"D-Bus signal"

884

pass

885

886

## Methods

887

888

# Approve - method

889

@dbus.service.method(_interface, in_signature=u"b")

890

def Approve(self, value):

891

self.approve(value)

892

893

# CheckedOK - method

894

@dbus.service.method(_interface)

895

def CheckedOK(self):

896

return self.checked_ok()

816

@dbus.service.signal(_interface)

817

def Rejected(self):

818

"D-Bus signal"

819

pass

897

820

898

821

# Enable - method

899

822

@dbus.service.method(_interface)

918

841

def StopChecker(self):

919

842

self.stop_checker()

920

843

921

## Properties

922

923

# ApprovalPending - property

924

@dbus_service_property(_interface, signature=u"b", access=u"read")

925

def ApprovalPending_dbus_property(self):

926

return dbus.Boolean(bool(self.approvals_pending))

927

928

# ApprovedByDefault - property

929

@dbus_service_property(_interface, signature=u"b",

930

access=u"readwrite")

931

def ApprovedByDefault_dbus_property(self, value=None):

932

if value is None: # get

933

return dbus.Boolean(self.approved_by_default)

934

self.approved_by_default = bool(value)

935

# Emit D-Bus signal

936

self.PropertyChanged(dbus.String(u"ApprovedByDefault"),

937

dbus.Boolean(value, variant_level=1))

938

939

# ApprovalDelay - property

940

@dbus_service_property(_interface, signature=u"t",

941

access=u"readwrite")

942

def ApprovalDelay_dbus_property(self, value=None):

943

if value is None: # get

944

return dbus.UInt64(self.approval_delay_milliseconds())

945

self.approval_delay = datetime.timedelta(0, 0, 0, value)

946

# Emit D-Bus signal

947

self.PropertyChanged(dbus.String(u"ApprovalDelay"),

948

dbus.UInt64(value, variant_level=1))

949

950

# ApprovalDuration - property

951

@dbus_service_property(_interface, signature=u"t",

952

access=u"readwrite")

953

def ApprovalDuration_dbus_property(self, value=None):

954

if value is None: # get

955

return dbus.UInt64(self._timedelta_to_milliseconds(

956

self.approval_duration))

957

self.approval_duration = datetime.timedelta(0, 0, 0, value)

958

# Emit D-Bus signal

959

self.PropertyChanged(dbus.String(u"ApprovalDuration"),

960

dbus.UInt64(value, variant_level=1))

961

962

# Name - property

844

# name - property

963

845

@dbus_service_property(_interface, signature=u"s", access=u"read")

964

def Name_dbus_property(self):

846

def name_dbus_property(self):

965

847

return dbus.String(self.name)

966

848

967

# Fingerprint - property

849

# fingerprint - property

968

850

@dbus_service_property(_interface, signature=u"s", access=u"read")

969

def Fingerprint_dbus_property(self):

851

def fingerprint_dbus_property(self):

970

852

return dbus.String(self.fingerprint)

971

853

972

# Host - property

854

# host - property

973

855

@dbus_service_property(_interface, signature=u"s",

974

856

access=u"readwrite")

975

def Host_dbus_property(self, value=None):

857

def host_dbus_property(self, value=None):

976

858

if value is None: # get

977

859

return dbus.String(self.host)

978

860

self.host = value

979

861

# Emit D-Bus signal

980

self.PropertyChanged(dbus.String(u"Host"),

862

self.PropertyChanged(dbus.String(u"host"),

981

863

dbus.String(value, variant_level=1))

982

864

983

# Created - property

865

# created - property

984

866

@dbus_service_property(_interface, signature=u"s", access=u"read")

985

def Created_dbus_property(self):

867

def created_dbus_property(self):

986

868

return dbus.String(self._datetime_to_dbus(self.created))

987

869

988

# LastEnabled - property

870

# last_enabled - property

989

871

@dbus_service_property(_interface, signature=u"s", access=u"read")

990

def LastEnabled_dbus_property(self):

872

def last_enabled_dbus_property(self):

991

873

if self.last_enabled is None:

992

874

return dbus.String(u"")

993

875

return dbus.String(self._datetime_to_dbus(self.last_enabled))

994

876

995

# Enabled - property

877

# enabled - property

996

878

@dbus_service_property(_interface, signature=u"b",

997

879

access=u"readwrite")

998

def Enabled_dbus_property(self, value=None):

880

def enabled_dbus_property(self, value=None):

999

881

if value is None: # get

1000

882

return dbus.Boolean(self.enabled)

1001

883

if value:

1003

885

else:

1004

886

self.disable()

1005

887

1006

# LastCheckedOK - property

888

# last_checked_ok - property

1007

889

@dbus_service_property(_interface, signature=u"s",

1008

890

access=u"readwrite")

1009

def LastCheckedOK_dbus_property(self, value=None):

891

def last_checked_ok_dbus_property(self, value=None):

1010

892

if value is not None:

1011

893

self.checked_ok()

1012

894

return

1015

897

return dbus.String(self._datetime_to_dbus(self

1016

898

.last_checked_ok))

1017

899

1018

# Timeout - property

900

# timeout - property

1019

901

@dbus_service_property(_interface, signature=u"t",

1020

902

access=u"readwrite")

1021

def Timeout_dbus_property(self, value=None):

903

def timeout_dbus_property(self, value=None):

1022

904

if value is None: # get

1023

905

return dbus.UInt64(self.timeout_milliseconds())

1024

906

self.timeout = datetime.timedelta(0, 0, 0, value)

1025

907

# Emit D-Bus signal

1026

self.PropertyChanged(dbus.String(u"Timeout"),

908

self.PropertyChanged(dbus.String(u"timeout"),

1027

909

dbus.UInt64(value, variant_level=1))

1028

910

if getattr(self, u"disable_initiator_tag", None) is None:

1029

911

return

1043

925

self.disable_initiator_tag = (gobject.timeout_add

1044

926

(time_to_die, self.disable))

1045

927

1046

# Interval - property

928

# interval - property

1047

929

@dbus_service_property(_interface, signature=u"t",

1048

930

access=u"readwrite")

1049

def Interval_dbus_property(self, value=None):

931

def interval_dbus_property(self, value=None):

1050

932

if value is None: # get

1051

933

return dbus.UInt64(self.interval_milliseconds())

1052

934

self.interval = datetime.timedelta(0, 0, 0, value)

1053

935

# Emit D-Bus signal

1054

self.PropertyChanged(dbus.String(u"Interval"),

936

self.PropertyChanged(dbus.String(u"interval"),

1055

937

dbus.UInt64(value, variant_level=1))

1056

938

if getattr(self, u"checker_initiator_tag", None) is None:

1057

939

return

1061

943

(value, self.start_checker))

1062

944

self.start_checker() # Start one now, too

1063

945

1064

# Checker - property

946

# checker - property

1065

947

@dbus_service_property(_interface, signature=u"s",

1066

948

access=u"readwrite")

1067

def Checker_dbus_property(self, value=None):

949

def checker_dbus_property(self, value=None):

1068

950

if value is None: # get

1069

951

return dbus.String(self.checker_command)

1070

952

self.checker_command = value

1071

953

# Emit D-Bus signal

1072

self.PropertyChanged(dbus.String(u"Checker"),

954

self.PropertyChanged(dbus.String(u"checker"),

1073

955

dbus.String(self.checker_command,

1074

956

variant_level=1))

1075

957

1076

# CheckerRunning - property

958

# checker_running - property

1077

959

@dbus_service_property(_interface, signature=u"b",

1078

960

access=u"readwrite")

1079

def CheckerRunning_dbus_property(self, value=None):

961

def checker_running_dbus_property(self, value=None):

1080

962

if value is None: # get

1081

963

return dbus.Boolean(self.checker is not None)

1082

964

if value:

1084

966

else:

1085

967

self.stop_checker()

1086

968

1087

# ObjectPath - property

969

# object_path - property

1088

970

@dbus_service_property(_interface, signature=u"o", access=u"read")

1089

def ObjectPath_dbus_property(self):

971

def object_path_dbus_property(self):

1090

972

return self.dbus_object_path # is already a dbus.ObjectPath

1091

973

1092

# Secret = property

974

# secret = property

1093

975

@dbus_service_property(_interface, signature=u"ay",

1094

976

access=u"write", byte_arrays=True)

1095

def Secret_dbus_property(self, value):

977

def secret_dbus_property(self, value):

1096

978

self.secret = str(value)

1097

979

1098

980

del _interface

1099

981

1100

982

1101

class ProxyClient(object):

1102

def __init__(self, child_pipe, fpr, address):

1103

self._pipe = child_pipe

1104

self._pipe.send(('init', fpr, address))

1105

if not self._pipe.recv():

1106

raise KeyError()

1107

1108

def __getattribute__(self, name):

1109

if(name == '_pipe'):

1110

return super(ProxyClient, self).__getattribute__(name)

1111

self._pipe.send(('getattr', name))

1112

data = self._pipe.recv()

1113

if data[0] == 'data':

1114

return data[1]

1115

if data[0] == 'function':

1116

def func(*args, **kwargs):

1117

self._pipe.send(('funcall', name, args, kwargs))

1118

return self._pipe.recv()[1]

1119

return func

1120

1121

def __setattr__(self, name, value):

1122

if(name == '_pipe'):

1123

return super(ProxyClient, self).__setattr__(name, value)

1124

self._pipe.send(('setattr', name, value))

1125

1126

1127

983

class ClientHandler(socketserver.BaseRequestHandler, object):

1128

984

"""A class to handle client connections.

1129

985

1131

987

Note: This will run in its own forked process."""

1132

988

1133

989

def handle(self):

1134

with contextlib.closing(self.server.child_pipe) as child_pipe:

1135

logger.info(u"TCP connection from: %s",

1136

unicode(self.client_address))

1137

logger.debug(u"Pipe FD: %d",

1138

self.server.child_pipe.fileno())

1139

990

logger.info(u"TCP connection from: %s",

991

unicode(self.client_address))

992

logger.debug(u"IPC Pipe FD: %d", self.server.pipe[1])

993

# Open IPC pipe to parent process

994

with closing(os.fdopen(self.server.pipe[1], u"w", 1)) as ipc:

1140

995

session = (gnutls.connection

1141

996

.ClientSession(self.request,

1142

997

gnutls.connection

1143

998

.X509Credentials()))

1144

999

1000

line = self.request.makefile().readline()

1001

logger.debug(u"Protocol version: %r", line)

1002

try:

1003

if int(line.strip().split()[0]) > 1:

1004

raise RuntimeError

1005

except (ValueError, IndexError, RuntimeError), error:

1006

logger.error(u"Unknown protocol version: %s", error)

1007

return

1008

1145

1009

# Note: gnutls.connection.X509Credentials is really a

1146

1010

# generic GnuTLS certificate credentials object so long as

1147

1011

# no X.509 keys are added to it. Therefore, we can use it

1148

1012

# here despite using OpenPGP certificates.

1149

1013

1150

1014

#priority = u':'.join((u"NONE", u"+VERS-TLS1.1",

1151

1015

# u"+AES-256-CBC", u"+SHA1",

1152

1016

# u"+COMP-NULL", u"+CTYPE-OPENPGP",

1158

1022

(gnutls.library.functions

1159

1023

.gnutls_priority_set_direct(session._c_object,

1160

1024

priority, None))

1161

1162

# Start communication using the Mandos protocol

1163

# Get protocol number

1164

line = self.request.makefile().readline()

1165

logger.debug(u"Protocol version: %r", line)

1166

try:

1167

if int(line.strip().split()[0]) > 1:

1168

raise RuntimeError

1169

except (ValueError, IndexError, RuntimeError), error:

1170

logger.error(u"Unknown protocol version: %s", error)

1171

return

1172

1173

# Start GnuTLS connection

1025

1174

1026

try:

1175

1027

session.handshake()

1176

1028

except gnutls.errors.GNUTLSError, error:

1179

1031

# established. Just abandon the request.

1180

1032

return

1181

1033

logger.debug(u"Handshake succeeded")

1182

1183

approval_required = False

1184

1034

try:

1185

try:

1186

fpr = self.fingerprint(self.peer_certificate

1187

(session))

1188

except (TypeError, gnutls.errors.GNUTLSError), error:

1189

logger.warning(u"Bad certificate: %s", error)

1190

return

1191

logger.debug(u"Fingerprint: %s", fpr)

1192

1193

try:

1194

client = ProxyClient(child_pipe, fpr,

1195

self.client_address)

1196

except KeyError:

1197

return

1198

1199

if client.approval_delay:

1200

delay = client.approval_delay

1201

client.approvals_pending += 1

1202

approval_required = True

1203

1204

while True:

1205

if not client.enabled:

1206

logger.warning(u"Client %s is disabled",

1207

client.name)

1208

if self.server.use_dbus:

1209

# Emit D-Bus signal

1210

client.Rejected("Disabled")

1211

return

1212

1213

if client._approved or not client.approval_delay:

1214

#We are approved or approval is disabled

1215

break

1216

elif client._approved is None:

1217

logger.info(u"Client %s needs approval",

1218

client.name)

1219

if self.server.use_dbus:

1220

# Emit D-Bus signal

1221

client.NeedApproval(

1222

client.approval_delay_milliseconds(),

1223

client.approved_by_default)

1224

else:

1225

logger.warning(u"Client %s was not approved",

1226

client.name)

1227

if self.server.use_dbus:

1228

# Emit D-Bus signal

1229

client.Rejected("Denied")

1230

return

1231

1232

#wait until timeout or approved

1233

#x = float(client._timedelta_to_milliseconds(delay))

1234

time = datetime.datetime.now()

1235

client.changedstate.acquire()

1236

client.changedstate.wait(float(client._timedelta_to_milliseconds(delay) / 1000))

1237

client.changedstate.release()

1238

time2 = datetime.datetime.now()

1239

if (time2 - time) >= delay:

1240

if not client.approved_by_default:

1241

logger.warning("Client %s timed out while"

1242

" waiting for approval",

1243

client.name)

1244

if self.server.use_dbus:

1245

# Emit D-Bus signal

1246

client.Rejected("Approval timed out")

1247

return

1248

else:

1249

break

1250

else:

1251

delay -= time2 - time

1252

1253

sent_size = 0

1254

while sent_size < len(client.secret):

1255

try:

1256

sent = session.send(client.secret[sent_size:])

1257

except (gnutls.errors.GNUTLSError), error:

1258

logger.warning("gnutls send failed")

1259

return

1260

logger.debug(u"Sent: %d, remaining: %d",

1261

sent, len(client.secret)

1262

- (sent_size + sent))

1263

sent_size += sent

1264

1265

logger.info(u"Sending secret to %s", client.name)

1266

# bump the timeout as if seen

1267

client.checked_ok()

1268

if self.server.use_dbus:

1269

# Emit D-Bus signal

1270

client.GotSecret()

1035

fpr = self.fingerprint(self.peer_certificate(session))

1036

except (TypeError, gnutls.errors.GNUTLSError), error:

1037

logger.warning(u"Bad certificate: %s", error)

1038

session.bye()

1039

return

1040

logger.debug(u"Fingerprint: %s", fpr)

1271

1041

1272

finally:

1273

if approval_required:

1274

client.approvals_pending -= 1

1275

try:

1276

session.bye()

1277

except (gnutls.errors.GNUTLSError), error:

1278

logger.warning("GnuTLS bye failed")

1042

for c in self.server.clients:

1043

if c.fingerprint == fpr:

1044

client = c

1045

break

1046

else:

1047

ipc.write(u"NOTFOUND %s %s\n"

1048

% (fpr, unicode(self.client_address)))

1049

session.bye()

1050

return

1051

# Have to check if client.still_valid(), since it is

1052

# possible that the client timed out while establishing

1053

# the GnuTLS session.

1054

if not client.still_valid():

1055

ipc.write(u"INVALID %s\n" % client.name)

1056

session.bye()

1057

return

1058

ipc.write(u"SENDING %s\n" % client.name)

1059

sent_size = 0

1060

while sent_size < len(client.secret):

1061

sent = session.send(client.secret[sent_size:])

1062

logger.debug(u"Sent: %d, remaining: %d",

1063

sent, len(client.secret)

1064

- (sent_size + sent))

1065

sent_size += sent

1066

session.bye()

1279

1067

1280

1068

@staticmethod

1281

1069

def peer_certificate(session):

1341

1129

return hex_fpr

1342

1130

1343

1131

1344

class MultiprocessingMixIn(object):

1345

"""Like socketserver.ThreadingMixIn, but with multiprocessing"""

1346

def sub_process_main(self, request, address):

1347

try:

1348

self.finish_request(request, address)

1349

except:

1350

self.handle_error(request, address)

1351

self.close_request(request)

1352

1353

def process_request(self, request, address):

1354

"""Start a new process to process the request."""

1355

multiprocessing.Process(target = self.sub_process_main,

1356

args = (request, address)).start()

1357

1358

class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):

1359

""" adds a pipe to the MixIn """

1132

class ForkingMixInWithPipe(socketserver.ForkingMixIn, object):

1133

"""Like socketserver.ForkingMixIn, but also pass a pipe."""

1360

1134

def process_request(self, request, client_address):

1361

1135

"""Overrides and wraps the original process_request().

1362

1136

1363

1137

This function creates a new pipe in self.pipe

1364

1138

"""

1365

parent_pipe, self.child_pipe = multiprocessing.Pipe()

1366

1367

super(MultiprocessingMixInWithPipe,

1139

self.pipe = os.pipe()

1140

super(ForkingMixInWithPipe,

1368

1141

self).process_request(request, client_address)

1369

self.child_pipe.close()

1370

self.add_pipe(parent_pipe)

1371

1372

def add_pipe(self, parent_pipe):

1142

os.close(self.pipe[1]) # close write end

1143

self.add_pipe(self.pipe[0])

1144

def add_pipe(self, pipe):

1373

1145

"""Dummy function; override as necessary"""

1374

pass

1375

1376

class IPv6_TCPServer(MultiprocessingMixInWithPipe,

1146

os.close(pipe)

1147

1148

1149

class IPv6_TCPServer(ForkingMixInWithPipe,

1377

1150

socketserver.TCPServer, object):

1378

1151

"""IPv6-capable TCP server. Accepts 'None' as address and/or port

1379

1152

1464

1237

return socketserver.TCPServer.server_activate(self)

1465

1238

def enable(self):

1466

1239

self.enabled = True

1467

def add_pipe(self, parent_pipe):

1240

def add_pipe(self, pipe):

1468

1241

# Call "handle_ipc" for both data and EOF events

1469

gobject.io_add_watch(parent_pipe.fileno(),

1470

gobject.IO_IN | gobject.IO_HUP,

1471

functools.partial(self.handle_ipc,

1472

parent_pipe = parent_pipe))

1473

1474

def handle_ipc(self, source, condition, parent_pipe=None,

1475

client_object=None):

1242

gobject.io_add_watch(pipe, gobject.IO_IN | gobject.IO_HUP,

1243

self.handle_ipc)

1244

def handle_ipc(self, source, condition, file_objects={}):

1476

1245

condition_names = {

1477

1246

gobject.IO_IN: u"IN", # There is data to read.

1478

1247

gobject.IO_OUT: u"OUT", # Data can be written (without

1487

1256

for cond, name in

1488

1257

condition_names.iteritems()

1489

1258

if cond & condition)

1490

# error or the other end of multiprocessing.Pipe has closed

1491

if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):

1492

return False

1493

1494

# Read a request from the child

1495

request = parent_pipe.recv()

1496

command = request[0]

1497

1498

if command == 'init':

1499

fpr = request[1]

1500

address = request[2]

1501

1502

for c in self.clients:

1503

if c.fingerprint == fpr:

1504

client = c

1505

break

1506

else:

1507

logger.warning(u"Client not found for fingerprint: %s, ad"

1508

u"dress: %s", fpr, address)

1509

if self.use_dbus:

1510

# Emit D-Bus signal

1511

mandos_dbus_service.ClientNotFound(fpr, address)

1512

parent_pipe.send(False)

1513

return False

1514

1515

gobject.io_add_watch(parent_pipe.fileno(),

1516

gobject.IO_IN | gobject.IO_HUP,

1517

functools.partial(self.handle_ipc,

1518

parent_pipe = parent_pipe,

1519

client_object = client))

1520

parent_pipe.send(True)

1521

# remove the old hook in favor of the new above hook on same fileno

1522

return False

1523

if command == 'funcall':

1524

funcname = request[1]

1525

args = request[2]

1526

kwargs = request[3]

1527

1528

parent_pipe.send(('data', getattr(client_object, funcname)(*args, **kwargs)))

1529

1530

if command == 'getattr':

1531

attrname = request[1]

1532

if callable(client_object.__getattribute__(attrname)):

1533

parent_pipe.send(('function',))

1534

else:

1535

parent_pipe.send(('data', client_object.__getattribute__(attrname)))

1536

1537

if command == 'setattr':

1538

attrname = request[1]

1539

value = request[2]

1540

setattr(client_object, attrname, value)

1541

1259

logger.debug(u"Handling IPC: FD = %d, condition = %s", source,

1260

conditions_string)

1261

1262

# Turn the pipe file descriptor into a Python file object

1263

if source not in file_objects:

1264

file_objects[source] = os.fdopen(source, u"r", 1)

1265

1266

# Read a line from the file object

1267

cmdline = file_objects[source].readline()

1268

if not cmdline: # Empty line means end of file

1269

# close the IPC pipe

1270

file_objects[source].close()

1271

del file_objects[source]

1272

1273

# Stop calling this function

1274

return False

1275

1276

logger.debug(u"IPC command: %r", cmdline)

1277

1278

# Parse and act on command

1279

cmd, args = cmdline.rstrip(u"\r\n").split(None, 1)

1280

1281

if cmd == u"NOTFOUND":

1282

logger.warning(u"Client not found for fingerprint: %s",

1283

args)

1284

if self.use_dbus:

1285

# Emit D-Bus signal

1286

mandos_dbus_service.ClientNotFound(args)

1287

elif cmd == u"INVALID":

1288

for client in self.clients:

1289

if client.name == args:

1290

logger.warning(u"Client %s is invalid", args)

1291

if self.use_dbus:

1292

# Emit D-Bus signal

1293

client.Rejected()

1294

break

1295

else:

1296

logger.error(u"Unknown client %s is invalid", args)

1297

elif cmd == u"SENDING":

1298

for client in self.clients:

1299

if client.name == args:

1300

logger.info(u"Sending secret to %s", client.name)

1301

client.checked_ok()

1302

if self.use_dbus:

1303

# Emit D-Bus signal

1304

client.GotSecret()

1305

break

1306

else:

1307

logger.error(u"Sending secret to unknown client %s",

1308

args)

1309

else:

1310

logger.error(u"Unknown IPC command: %r", cmdline)

1311

1312

# Keep calling this function

1542

1313

return True

1543

1314

1544

1315

1574

1345

elif suffix == u"w":

1575

1346

delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)

1576

1347

else:

1577

raise ValueError(u"Unknown suffix %r" % suffix)

1578

except (ValueError, IndexError), e:

1579

raise ValueError(e.message)

1348

raise ValueError

1349

except (ValueError, IndexError):

1350

raise ValueError

1580

1351

timevalue += delta

1581

1352

return timevalue

1582

1353

1595

1366

def if_nametoindex(interface):

1596

1367

"Get an interface index the hard way, i.e. using fcntl()"

1597

1368

SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h

1598

with contextlib.closing(socket.socket()) as s:

1369

with closing(socket.socket()) as s:

1599

1370

ifreq = fcntl.ioctl(s, SIOCGIFINDEX,

1600

1371

struct.pack(str(u"16s16x"),

1601

1372

interface))

1647

1418

parser.add_option("--debug", action=u"store_true",

1648

1419

help=u"Debug mode; run in foreground and log to"

1649

1420

u" terminal")

1650

parser.add_option("--debuglevel", type=u"string", metavar="Level",

1651

help=u"Debug level for stdout output")

1652

1421

parser.add_option("--priority", type=u"string", help=u"GnuTLS"

1653

1422

u" priority string (see GnuTLS documentation)")

1654

1423

parser.add_option("--servicename", type=u"string",

1679

1448

u"servicename": u"Mandos",

1680

1449

u"use_dbus": u"True",

1681

1450

u"use_ipv6": u"True",

1682

u"debuglevel": u"",

1683

1451

}

1684

1452

1685

1453

# Parse config file for server-global settings

1702

1470

# options, if set.

1703

1471

for option in (u"interface", u"address", u"port", u"debug",

1704

1472

u"priority", u"servicename", u"configdir",

1705

u"use_dbus", u"use_ipv6", u"debuglevel"):

1473

u"use_dbus", u"use_ipv6"):

1706

1474

value = getattr(options, option)

1707

1475

if value is not None:

1708

1476

server_settings[option] = value

1717

1485

1718

1486

# For convenience

1719

1487

debug = server_settings[u"debug"]

1720

debuglevel = server_settings[u"debuglevel"]

1721

1488

use_dbus = server_settings[u"use_dbus"]

1722

1489

use_ipv6 = server_settings[u"use_ipv6"]

1723

1490

1491

if not debug:

1492

syslogger.setLevel(logging.WARNING)

1493

console.setLevel(logging.WARNING)

1494

1724

1495

if server_settings[u"servicename"] != u"Mandos":

1725

1496

syslogger.setFormatter(logging.Formatter

1726

1497

(u'Mandos (%s) [%%(process)d]:'

1732

1503

u"interval": u"5m",

1733

1504

u"checker": u"fping -q -- %%(host)s",

1734

1505

u"host": u"",

1735

u"approval_delay": u"0s",

1736

u"approval_duration": u"1s",

1737

1506

}

1738

1507

client_config = configparser.SafeConfigParser(client_defaults)

1739

1508

client_config.read(os.path.join(server_settings[u"configdir"],

1745

1514

tcp_server = MandosServer((server_settings[u"address"],

1746

1515

server_settings[u"port"]),

1747

1516

ClientHandler,

1748

interface=(server_settings[u"interface"]

1749

or None),

1517

interface=server_settings[u"interface"],

1750

1518

use_ipv6=use_ipv6,

1751

1519

gnutls_priority=

1752

1520

server_settings[u"priority"],

1778

1546

if error[0] != errno.EPERM:

1779

1547

raise error

1780

1548

1781

if not debug and not debuglevel:

1782

syslogger.setLevel(logging.WARNING)

1783

console.setLevel(logging.WARNING)

1784

if debuglevel:

1785

level = getattr(logging, debuglevel.upper())

1786

syslogger.setLevel(level)

1787

console.setLevel(level)

1788

1549

# Enable all possible GnuTLS debugging

1789

1550

if debug:

1790

# Enable all possible GnuTLS debugging

1791

1792

1551

# "Use a log level over 10 to enable all debugging options."

1793

1552

# - GnuTLS manual

1794

1553

gnutls.library.functions.gnutls_global_set_log_level(11)

1799

1558

1800

1559

(gnutls.library.functions

1801

1560

.gnutls_global_set_log_function(debug_gnutls))

1802

1803

# Redirect stdin so all checkers get /dev/null

1804

null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)

1805

os.dup2(null, sys.stdin.fileno())

1806

if null > 2:

1807

os.close(null)

1808

else:

1809

# No console logging

1810

logger.removeHandler(console)

1811

1812

1561

1813

1562

global main_loop

1814

1563

# From the Avahi example code

1817

1566

bus = dbus.SystemBus()

1818

1567

# End of Avahi example code

1819

1568

if use_dbus:

1820

try:

1821

bus_name = dbus.service.BusName(u"se.bsnet.fukt.Mandos",

1822

bus, do_not_queue=True)

1823

except dbus.exceptions.NameExistsException, e:

1824

logger.error(unicode(e) + u", disabling D-Bus")

1825

use_dbus = False

1826

server_settings[u"use_dbus"] = False

1827

tcp_server.use_dbus = False

1569

bus_name = dbus.service.BusName(u"se.bsnet.fukt.Mandos", bus)

1828

1570

protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET

1829

1571

service = AvahiService(name = server_settings[u"servicename"],

1830

1572

servicetype = u"_mandos._tcp",

1832

1574

if server_settings["interface"]:

1833

1575

service.interface = (if_nametoindex

1834

1576

(str(server_settings[u"interface"])))

1835

1836

if not debug:

1837

# Close all input and output, do double fork, etc.

1838

daemon()

1839

1840

global multiprocessing_manager

1841

multiprocessing_manager = multiprocessing.Manager()

1842

1577

1843

1578

client_class = Client

1844

1579

if use_dbus:

1845

1580

client_class = functools.partial(ClientDBus, bus = bus)

1846

def client_config_items(config, section):

1847

special_settings = {

1848

"approved_by_default":

1849

lambda: config.getboolean(section,

1850

"approved_by_default"),

1851

}

1852

for name, value in config.items(section):

1853

try:

1854

yield (name, special_settings[name]())

1855

except KeyError:

1856

yield (name, value)

1857

1858

1581

tcp_server.clients.update(set(

1859

1582

client_class(name = section,

1860

config= dict(client_config_items(

1861

client_config, section)))

1583

config= dict(client_config.items(section)))

1862

1584

for section in client_config.sections()))

1863

1585

if not tcp_server.clients:

1864

1586

logger.warning(u"No clients defined")

1865

1587

1588

if debug:

1589

# Redirect stdin so all checkers get /dev/null

1590

null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)

1591

os.dup2(null, sys.stdin.fileno())

1592

if null > 2:

1593

os.close(null)

1594

else:

1595

# No console logging

1596

logger.removeHandler(console)

1597

# Close all input and output, do double fork, etc.

1598

daemon()

1599

1866

1600

try:

1867

with pidfile:

1601

with closing(pidfile):

1868

1602

pid = os.getpid()

1869

1603

pidfile.write(str(pid) + "\n")

1870

1604

del pidfile

1876

1610

pass

1877

1611

del pidfilename

1878

1612

1613

def cleanup():

1614

"Cleanup function; run on exit"

1615

service.cleanup()

1616

1617

while tcp_server.clients:

1618

client = tcp_server.clients.pop()

1619

client.disable_hook = None

1620

client.disable()

1621

1622

atexit.register(cleanup)

1623

1879

1624

if not debug:

1880

1625

signal.signal(signal.SIGINT, signal.SIG_IGN)

1881

1626

signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())

1888

1633

dbus.service.Object.__init__(self, bus, u"/")

1889

1634

_interface = u"se.bsnet.fukt.Mandos"

1890

1635

1891

@dbus.service.signal(_interface, signature=u"o")

1892

def ClientAdded(self, objpath):

1636

@dbus.service.signal(_interface, signature=u"oa{sv}")

1637

def ClientAdded(self, objpath, properties):

1893

1638

"D-Bus signal"

1894

1639

pass

1895

1640

1896

@dbus.service.signal(_interface, signature=u"ss")

1897

def ClientNotFound(self, fingerprint, address):

1641

@dbus.service.signal(_interface, signature=u"s")

1642

def ClientNotFound(self, fingerprint):

1898

1643

"D-Bus signal"

1899

1644

pass

1900

1645

1926

1671

tcp_server.clients.remove(c)

1927

1672

c.remove_from_connection()

1928

1673

# Don't signal anything except ClientRemoved

1929

c.disable(quiet=True)

1674

c.disable(signal=False)

1930

1675

# Emit D-Bus signal

1931

1676

self.ClientRemoved(object_path, c.name)

1932

1677

return

1933

raise KeyError(object_path)

1678

raise KeyError

1934

1679

1935

1680

del _interface

1936

1681

1937

1682

mandos_dbus_service = MandosDBusService()

1938

1683

1939

def cleanup():

1940

"Cleanup function; run on exit"

1941

service.cleanup()

1942

1943

while tcp_server.clients:

1944

client = tcp_server.clients.pop()

1945

if use_dbus:

1946

client.remove_from_connection()

1947

client.disable_hook = None

1948

# Don't signal anything except ClientRemoved

1949

client.disable(quiet=True)

1950

if use_dbus:

1951

# Emit D-Bus signal

1952

mandos_dbus_service.ClientRemoved(client.dbus_object_path,

1953

client.name)

1954

1955

atexit.register(cleanup)

1956

1957

1684

for client in tcp_server.clients:

1958

1685

if use_dbus:

1959

1686

# Emit D-Bus signal

1960

mandos_dbus_service.ClientAdded(client.dbus_object_path)

1687

mandos_dbus_service.ClientAdded(client.dbus_object_path,

1688

client.GetAll(u""))

1961

1689

client.enable()

1962

1690

1963

1691

tcp_server.enable()

1981

1709

service.activate()

1982

1710

except dbus.exceptions.DBusException, error:

1983

1711

logger.critical(u"DBusException: %s", error)

1984

cleanup()

1985

1712

sys.exit(1)

1986

1713

# End of Avahi example code

1987

1714

1994

1721

main_loop.run()

1995

1722

except AvahiError, error:

1996

1723

logger.critical(u"AvahiError: %s", error)

1997

cleanup()

1998

1724

sys.exit(1)

1999

1725

except KeyboardInterrupt:

2000

1726

if debug:

2001

1727

print >> sys.stderr

2002

1728

logger.debug(u"Server received KeyboardInterrupt")

2003

1729

logger.debug(u"Server exiting")

2004

# Must run before the D-Bus bus name gets deregistered

2005

cleanup()

2006

1730

2007

1731

if __name__ == '__main__':

2008

1732

main()