/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

  • Committer: Teddy Hogeborn
  • Date: 2010-09-05 20:19:02 UTC
  • mfrom: (416.1.2 mandos)
  • Revision ID: teddy@fukt.bsnet.se-20100905201902-ivwsc01ecaaqlqg4
* mandos (AvahiService.entry_group_state_changed): Better debug log
                                                   message.
  (AvahiService.server_state_changed): Added debug log message.

* mandos-monitor (isoformat_to_datetime): New function.
  (MandosClientWidget): Show a countdown to disabling if last checker
                        failed.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos
60
60
import fcntl
61
61
import functools
62
62
import cPickle as pickle
 
63
import select
63
64
 
64
65
import dbus
65
66
import dbus.service
192
193
        self.group.Commit()
193
194
    def entry_group_state_changed(self, state, error):
194
195
        """Derived from the Avahi example code"""
195
 
        logger.debug(u"Avahi state change: %i", state)
 
196
        logger.debug(u"Avahi entry group state change: %i", state)
196
197
        
197
198
        if state == avahi.ENTRY_GROUP_ESTABLISHED:
198
199
            logger.debug(u"Zeroconf service established.")
211
212
            self.group = None
212
213
    def server_state_changed(self, state):
213
214
        """Derived from the Avahi example code"""
 
215
        logger.debug(u"Avahi server state change: %i", state)
214
216
        if state == avahi.SERVER_COLLISION:
215
217
            logger.error(u"Zeroconf server name collision")
216
218
            self.remove()
1006
1008
                                      gnutls.connection
1007
1009
                                      .X509Credentials()))
1008
1010
            
1009
 
            line = self.request.makefile().readline()
1010
 
            logger.debug(u"Protocol version: %r", line)
1011
 
            try:
1012
 
                if int(line.strip().split()[0]) > 1:
1013
 
                    raise RuntimeError
1014
 
            except (ValueError, IndexError, RuntimeError), error:
1015
 
                logger.error(u"Unknown protocol version: %s", error)
1016
 
                return
1017
 
            
1018
1011
            # Note: gnutls.connection.X509Credentials is really a
1019
1012
            # generic GnuTLS certificate credentials object so long as
1020
1013
            # no X.509 keys are added to it.  Therefore, we can use it
1032
1025
             .gnutls_priority_set_direct(session._c_object,
1033
1026
                                         priority, None))
1034
1027
            
 
1028
            # Start communication using the Mandos protocol
 
1029
            # Get protocol number
 
1030
            line = self.request.makefile().readline()
 
1031
            logger.debug(u"Protocol version: %r", line)
 
1032
            try:
 
1033
                if int(line.strip().split()[0]) > 1:
 
1034
                    raise RuntimeError
 
1035
            except (ValueError, IndexError, RuntimeError), error:
 
1036
                logger.error(u"Unknown protocol version: %s", error)
 
1037
                return
 
1038
            
 
1039
            # Start GnuTLS connection
1035
1040
            try:
1036
1041
                session.handshake()
1037
1042
            except gnutls.errors.GNUTLSError, error:
1057
1062
                    ipc.write(u"NOTFOUND %s %s\n"
1058
1063
                              % (fpr, unicode(self.client_address)))
1059
1064
                    return
 
1065
                
 
1066
                class ClientProxy(object):
 
1067
                    """Client proxy object.  Not for calling methods."""
 
1068
                    def __init__(self, client):
 
1069
                        self.client = client
 
1070
                    def __getattr__(self, name):
 
1071
                        if name.startswith("ipc_"):
 
1072
                            def tempfunc():
 
1073
                                ipc.write("%s %s\n" % (name[4:].upper(),
 
1074
                                                       self.client.name))
 
1075
                            return tempfunc
 
1076
                        if not hasattr(self.client, name):
 
1077
                            raise AttributeError
 
1078
                        ipc.write(u"GETATTR %s %s\n"
 
1079
                                  % (name, self.client.fingerprint))
 
1080
                        return pickle.load(ipc_return)
 
1081
                clientproxy = ClientProxy(client)
1060
1082
                # Have to check if client.enabled, since it is
1061
1083
                # possible that the client was disabled since the
1062
1084
                # GnuTLS session was established.
1063
 
                ipc.write(u"GETATTR enabled %s\n" % fpr)
1064
 
                enabled = pickle.load(ipc_return)
1065
 
                if not enabled:
1066
 
                    ipc.write(u"DISABLED %s\n" % client.name)
 
1085
                if not clientproxy.enabled:
 
1086
                    clientproxy.ipc_disabled()
1067
1087
                    return
1068
 
                ipc.write(u"SENDING %s\n" % client.name)
 
1088
                
 
1089
                clientproxy.ipc_sending()
1069
1090
                sent_size = 0
1070
1091
                while sent_size < len(client.secret):
1071
1092
                    sent = session.send(client.secret[sent_size:])