To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 410
- compare with another revision
- download diff
- download tarball
- view history from revision 410
- Committer: Teddy Hogeborn
- Date: 2009-11-19 18:31:28 UTC
- Revision ID: teddy@fukt.bsnet.se-20091119183128-ttstewh61xmtnil1
* Makefile (LINK_FORTIFY_LD): Bug fix: removed "-fPIE".
* mandos-keygen: Bug fix: Fix quoting for the "--password" option.
* mandos-keygen: Bug fix: Fix quoting for the "--password" option.
- files added:
- dbus-mandos.conf
- files modified:
- Makefile
added
removed
mandos
79
79
SO_BINDTODEVICE = None
80
80
81
81
82
version = "1.0.12"
82
version = "1.0.14"
83
83
84
84
logger = logging.Logger(u'mandos')
85
85
syslogger = (logging.handlers.SysLogHandler
292
292
elif u"secfile" in config:
293
293
with closing(open(os.path.expanduser
294
294
(os.path.expandvars
295
(config[u"secfile"])))) as secfile:
295
(config[u"secfile"])),
296
"rb")) as secfile:
296
297
self.secret = secfile.read()
297
298
else:
298
299
raise TypeError(u"No secret or secfile for client %s"
324
325
self.checker_initiator_tag = (gobject.timeout_add
325
326
(self.interval_milliseconds(),
326
327
self.start_checker))
327
# Also start a new checker *right now*.
328
self.start_checker()
329
328
# Schedule a disable() when 'timeout' has passed
330
329
self.disable_initiator_tag = (gobject.timeout_add
331
330
(self.timeout_milliseconds(),
332
331
self.disable))
333
332
self.enabled = True
333
# Also start a new checker *right now*.
334
self.start_checker()
334
335
335
def disable(self):
336
def disable(self, quiet=True):
336
337
"""Disable this client."""
337
338
if not getattr(self, "enabled", False):
338
339
return False
339
logger.info(u"Disabling client %s", self.name)
340
if not quiet:
341
logger.info(u"Disabling client %s", self.name)
340
342
if getattr(self, u"disable_initiator_tag", False):
341
343
gobject.source_remove(self.disable_initiator_tag)
342
344
self.disable_initiator_tag = None
466
468
logger.debug(u"Stopping checker for %(name)s", vars(self))
467
469
try:
468
470
os.kill(self.checker.pid, signal.SIGTERM)
469
#os.sleep(0.5)
471
#time.sleep(0.5)
470
472
#if self.checker.poll() is None:
471
473
# os.kill(self.checker.pid, signal.SIGKILL)
472
474
except OSError, error:
625
627
"""Standard D-Bus method, overloaded to insert property tags.
626
628
"""
627
629
xmlstring = dbus.service.Object.Introspect(self, object_path,
628
connection)
629
document = xml.dom.minidom.parseString(xmlstring)
630
del xmlstring
631
def make_tag(document, name, prop):
632
e = document.createElement(u"property")
633
e.setAttribute(u"name", name)
634
e.setAttribute(u"type", prop._dbus_signature)
635
e.setAttribute(u"access", prop._dbus_access)
636
return e
637
for if_tag in document.getElementsByTagName(u"interface"):
638
for tag in (make_tag(document, name, prop)
639
for name, prop
640
in self._get_all_dbus_properties()
641
if prop._dbus_interface
642
== if_tag.getAttribute(u"name")):
643
if_tag.appendChild(tag)
644
xmlstring = document.toxml(u"utf-8")
645
document.unlink()
630
connection)
631
try:
632
document = xml.dom.minidom.parseString(xmlstring)
633
def make_tag(document, name, prop):
634
e = document.createElement(u"property")
635
e.setAttribute(u"name", name)
636
e.setAttribute(u"type", prop._dbus_signature)
637
e.setAttribute(u"access", prop._dbus_access)
638
return e
639
for if_tag in document.getElementsByTagName(u"interface"):
640
for tag in (make_tag(document, name, prop)
641
for name, prop
642
in self._get_all_dbus_properties()
643
if prop._dbus_interface
644
== if_tag.getAttribute(u"name")):
645
if_tag.appendChild(tag)
646
# Add the names to the return values for the
647
# "org.freedesktop.DBus.Properties" methods
648
if (if_tag.getAttribute(u"name")
649
== u"org.freedesktop.DBus.Properties"):
650
for cn in if_tag.getElementsByTagName(u"method"):
651
if cn.getAttribute(u"name") == u"Get":
652
for arg in cn.getElementsByTagName(u"arg"):
653
if (arg.getAttribute(u"direction")
654
== u"out"):
655
arg.setAttribute(u"name", u"value")
656
elif cn.getAttribute(u"name") == u"GetAll":
657
for arg in cn.getElementsByTagName(u"arg"):
658
if (arg.getAttribute(u"direction")
659
== u"out"):
660
arg.setAttribute(u"name", u"props")
661
xmlstring = document.toxml(u"utf-8")
662
document.unlink()
663
except (AttributeError, xml.dom.DOMException,
664
xml.parsers.expat.ExpatError), error:
665
logger.error(u"Failed to override Introspection method",
666
error)
646
667
return xmlstring
647
668
648
669
685
706
variant_level=1))
686
707
return r
687
708
688
def disable(self, signal = True):
709
def disable(self, quiet = False):
689
710
oldstate = getattr(self, u"enabled", False)
690
r = Client.disable(self)
691
if signal and oldstate != self.enabled:
711
r = Client.disable(self, quiet=quiet)
712
if not quiet and oldstate != self.enabled:
692
713
# Emit D-Bus signal
693
714
self.PropertyChanged(dbus.String(u"enabled"),
694
715
dbus.Boolean(False, variant_level=1))
786
807
"D-Bus signal"
787
808
pass
788
809
789
# ReceivedSecret - signal
810
# GotSecret - signal
790
811
@dbus.service.signal(_interface)
791
def ReceivedSecret(self):
812
def GotSecret(self):
792
813
"D-Bus signal"
793
814
pass
794
815
1259
1280
cmd, args = cmdline.rstrip(u"\r\n").split(None, 1)
1260
1281
1261
1282
if cmd == u"NOTFOUND":
1262
logger.warning(u"Client not found for fingerprint: %s",
1263
args)
1283
fpr, address = args.split(None, 1)
1284
logger.warning(u"Client not found for fingerprint: %s, ad"
1285
u"dress: %s", fpr, address)
1264
1286
if self.use_dbus:
1265
1287
# Emit D-Bus signal
1266
mandos_dbus_service.ClientNotFound(args)
1288
mandos_dbus_service.ClientNotFound(fpr, address)
1267
1289
elif cmd == u"INVALID":
1268
1290
for client in self.clients:
1269
1291
if client.name == args:
1281
1303
client.checked_ok()
1282
1304
if self.use_dbus:
1283
1305
# Emit D-Bus signal
1284
client.ReceivedSecret()
1306
client.GotSecret()
1285
1307
break
1286
1308
else:
1287
1309
logger.error(u"Sending secret to unknown client %s",
1325
1347
elif suffix == u"w":
1326
1348
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
1327
1349
else:
1328
raise ValueError
1329
except (ValueError, IndexError):
1330
raise ValueError
1350
raise ValueError(u"Unknown suffix %r" % suffix)
1351
except (ValueError, IndexError), e:
1352
raise ValueError(e.message)
1331
1353
timevalue += delta
1332
1354
return timevalue
1333
1355
1372
1394
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1373
1395
if not stat.S_ISCHR(os.fstat(null).st_mode):
1374
1396
raise OSError(errno.ENODEV,
1375
u"/dev/null not a character device")
1397
u"%s not a character device"
1398
% os.path.devnull)
1376
1399
os.dup2(null, sys.stdin.fileno())
1377
1400
os.dup2(null, sys.stdout.fileno())
1378
1401
os.dup2(null, sys.stderr.fileno())
1545
1568
bus = dbus.SystemBus()
1546
1569
# End of Avahi example code
1547
1570
if use_dbus:
1548
bus_name = dbus.service.BusName(u"se.bsnet.fukt.Mandos", bus)
1571
try:
1572
bus_name = dbus.service.BusName(u"se.bsnet.fukt.Mandos",
1573
bus, do_not_queue=True)
1574
except dbus.exceptions.NameExistsException, e:
1575
logger.error(unicode(e) + u", disabling D-Bus")
1576
use_dbus = False
1577
server_settings[u"use_dbus"] = False
1578
tcp_server.use_dbus = False
1549
1579
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
1550
1580
service = AvahiService(name = server_settings[u"servicename"],
1551
1581
servicetype = u"_mandos._tcp",
1589
1619
pass
1590
1620
del pidfilename
1591
1621
1592
def cleanup():
1593
"Cleanup function; run on exit"
1594
service.cleanup()
1595
1596
while tcp_server.clients:
1597
client = tcp_server.clients.pop()
1598
client.disable_hook = None
1599
client.disable()
1600
1601
atexit.register(cleanup)
1602
1603
1622
if not debug:
1604
1623
signal.signal(signal.SIGINT, signal.SIG_IGN)
1605
1624
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
1617
1636
"D-Bus signal"
1618
1637
pass
1619
1638
1620
@dbus.service.signal(_interface, signature=u"s")
1621
def ClientNotFound(self, fingerprint):
1639
@dbus.service.signal(_interface, signature=u"ss")
1640
def ClientNotFound(self, fingerprint, address):
1622
1641
"D-Bus signal"
1623
1642
pass
1624
1643
1650
1669
tcp_server.clients.remove(c)
1651
1670
c.remove_from_connection()
1652
1671
# Don't signal anything except ClientRemoved
1653
c.disable(signal=False)
1672
c.disable(quiet=True)
1654
1673
# Emit D-Bus signal
1655
1674
self.ClientRemoved(object_path, c.name)
1656
1675
return
1657
raise KeyError
1676
raise KeyError(object_path)
1658
1677
1659
1678
del _interface
1660
1679
1661
1680
mandos_dbus_service = MandosDBusService()
1662
1681
1682
def cleanup():
1683
"Cleanup function; run on exit"
1684
service.cleanup()
1685
1686
while tcp_server.clients:
1687
client = tcp_server.clients.pop()
1688
if use_dbus:
1689
client.remove_from_connection()
1690
client.disable_hook = None
1691
# Don't signal anything except ClientRemoved
1692
client.disable(quiet=True)
1693
if use_dbus:
1694
# Emit D-Bus signal
1695
mandos_dbus_service.ClientRemoved(client.dbus_object_path,
1696
client.name)
1697
1698
atexit.register(cleanup)
1699
1663
1700
for client in tcp_server.clients:
1664
1701
if use_dbus:
1665
1702
# Emit D-Bus signal
1688
1725
service.activate()
1689
1726
except dbus.exceptions.DBusException, error:
1690
1727
logger.critical(u"DBusException: %s", error)
1728
cleanup()
1691
1729
sys.exit(1)
1692
1730
# End of Avahi example code
1693
1731
1700
1738
main_loop.run()
1701
1739
except AvahiError, error:
1702
1740
logger.critical(u"AvahiError: %s", error)
1741
cleanup()
1703
1742
sys.exit(1)
1704
1743
except KeyboardInterrupt:
1705
1744
if debug:
1706
1745
print >> sys.stderr
1707
1746
logger.debug(u"Server received KeyboardInterrupt")
1708
1747
logger.debug(u"Server exiting")
1748
# Must run before the D-Bus bus name gets deregistered
1749
cleanup()
1709
1750
1710
1751
if __name__ == '__main__':
1711
1752
main()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0