/mandos/trunk : revision 421

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

Committer: Teddy Hogeborn
Date: 2010-09-11 18:34:55 UTC
mfrom: (24.1.162 mandos)
Revision ID: teddy@fukt.bsnet.se-20100911183455-kmzttvbywdbfbepm

Merge from Björn.

files added:
plugins.d/plymouth.c

files removed:
plugins.d/plymouth

files modified:
Makefile

TODO

mandos

mandos-ctl

mandos-monitor

plugin-runner.c

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

mandos

157

u" after %i retries, exiting.",

158

self.rename_count)

159

raise AvahiServiceError(u"Too many renames")

160

self.name = self.server.GetAlternativeServiceName(self.name)

160

self.name = unicode(self.server.GetAlternativeServiceName(self.name))

161

logger.info(u"Changing Zeroconf service name to %r ...",

162

unicode(self.name))

162

self.name)

163

syslogger.setFormatter(logging.Formatter

164

(u'Mandos (%s) [%%(process)d]:'

165

u' %%(levelname)s: %%(message)s'

166

% self.name))

167

self.remove()

168

self.add()

168

try:

169

self.add()

170

except dbus.exceptions.DBusException, error:

171

logger.critical(u"DBusException: %s", error)

172

self.cleanup()

173

os._exit(1)

169

174

self.rename_count += 1

170

175

def remove(self):

171

176

"""Derived from the Avahi example code"""

194

199

self.group.Commit()

195

200

def entry_group_state_changed(self, state, error):

196

201

"""Derived from the Avahi example code"""

197

logger.debug(u"Avahi state change: %i", state)

202

logger.debug(u"Avahi entry group state change: %i", state)

198

203

199

204

if state == avahi.ENTRY_GROUP_ESTABLISHED:

200

205

logger.debug(u"Zeroconf service established.")

213

218

self.group = None

214

219

def server_state_changed(self, state):

215

220

"""Derived from the Avahi example code"""

221

logger.debug(u"Avahi server state change: %i", state)

216

222

if state == avahi.SERVER_COLLISION:

217

223

logger.error(u"Zeroconf server name collision")

218

224

self.remove()

304

310

"rb") as secfile:

305

311

self.secret = secfile.read()

306

312

else:

307

#XXX Need to allow secret on demand!

308

313

raise TypeError(u"No secret or secfile for client %s"

309

314

% self.name)

310

315

self.host = config.get(u"host", u"")

712

717

DBusObjectWithProperties.__init__(self, self.bus,

713

718

self.dbus_object_path)

714

719

715

#Could possible return a bool(self._approvals_pending),

716

#but this could mess up approvals_pending += 1 XXX

717

720

def _get_approvals_pending(self):

718

721

return self._approvals_pending

719

722

def _set_approvals_pending(self, value):

859

862

pass

860

863

861

864

# GotSecret - signal

862

# XXXTEDDY Is sent after succesfull transfer of secret from mandos-server to mandos-client

863

865

@dbus.service.signal(_interface)

864

866

def GotSecret(self):

865

"D-Bus signal"

867

"""D-Bus signal

868

Is sent after a successful transfer of secret from the Mandos

869

server to mandos-client

870

"""

866

871

pass

867

872

868

873

# Rejected - signal

1231

1236

1232

1237

sent_size = 0

1233

1238

while sent_size < len(client.secret):

1234

# XXX handle session exception

1235

sent = session.send(client.secret[sent_size:])

1239

try:

1240

sent = session.send(client.secret[sent_size:])

1241

except (gnutls.errors.GNUTLSError), error:

1242

logger.warning("gnutls send failed")

1243

return

1236

1244

logger.debug(u"Sent: %d, remaining: %d",

1237

1245

sent, len(client.secret)

1238

1246

- (sent_size + sent))

1248

1256

finally:

1249

1257

if approval_required:

1250

1258

client.approvals_pending -= 1

1251

session.bye()

1259

try:

1260

session.bye()

1261

except (gnutls.errors.GNUTLSError), error:

1262

logger.warning("gnutls bye failed")

1252

1263

1253

1264

@staticmethod

1254

1265

def peer_certificate(session):

1463

1474

logger.debug(u"Handling IPC: FD = %d, condition = %s", source,

1464

1475

conditions_string)

1465

1476

1466

# XXXTEDDY error or the other end of multiprocessing.Pipe has closed

1467

if condition & gobject.IO_HUP or condition & gobject.IO_ERR:

1477

# error or the other end of multiprocessing.Pipe has closed

1478

if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):

1468

1479

return False

1469

1480

1470

1481

# Read a request from the child

1624

1635

parser.add_option("--debug", action=u"store_true",

1625

1636

help=u"Debug mode; run in foreground and log to"

1626

1637

u" terminal")

1638

parser.add_option("--debuglevel", type=u"string", metavar="Level",

1639

help=u"Debug level for stdout output")

1627

1640

parser.add_option("--priority", type=u"string", help=u"GnuTLS"

1628

1641

u" priority string (see GnuTLS documentation)")

1629

1642

parser.add_option("--servicename", type=u"string",

1654

1667

u"servicename": u"Mandos",

1655

1668

u"use_dbus": u"True",

1656

1669

u"use_ipv6": u"True",

1670

u"debuglevel": u"",

1657

1671

}

1658

1672

1659

1673

# Parse config file for server-global settings

1676

1690

# options, if set.

1677

1691

for option in (u"interface", u"address", u"port", u"debug",

1678

1692

u"priority", u"servicename", u"configdir",

1679

u"use_dbus", u"use_ipv6"):

1693

u"use_dbus", u"use_ipv6", u"debuglevel"):

1680

1694

value = getattr(options, option)

1681

1695

if value is not None:

1682

1696

server_settings[option] = value

1691

1705

1692

1706

# For convenience

1693

1707

debug = server_settings[u"debug"]

1708

debuglevel = server_settings[u"debuglevel"]

1694

1709

use_dbus = server_settings[u"use_dbus"]

1695

1710

use_ipv6 = server_settings[u"use_ipv6"]

1696

1697

if not debug:

1698

syslogger.setLevel(logging.WARNING)

1699

console.setLevel(logging.WARNING)

1700

1711

1701

1712

if server_settings[u"servicename"] != u"Mandos":

1702

1713

syslogger.setFormatter(logging.Formatter

1703

1714

(u'Mandos (%s) [%%(process)d]:'

1722

1733

tcp_server = MandosServer((server_settings[u"address"],

1723

1734

server_settings[u"port"]),

1724

1735

ClientHandler,

1725

interface=server_settings[u"interface"],

1736

interface=(server_settings[u"interface"]

1737

or None),

1726

1738

use_ipv6=use_ipv6,

1727

1739

gnutls_priority=

1728

1740

server_settings[u"priority"],

1755

1767

raise error

1756

1768

1757

1769

# Enable all possible GnuTLS debugging

1770

1771

1772

if not debug and not debuglevel:

1773

syslogger.setLevel(logging.WARNING)

1774

console.setLevel(logging.WARNING)

1775

if debuglevel:

1776

level = getattr(logging, debuglevel.upper())

1777

syslogger.setLevel(level)

1778

console.setLevel(level)

1779

1758

1780

if debug:

1759

1781

# "Use a log level over 10 to enable all debugging options."

1760

1782

# - GnuTLS manual

1766

1788

1767

1789

(gnutls.library.functions

1768

1790

.gnutls_global_set_log_function(debug_gnutls))

1791

1792

# Redirect stdin so all checkers get /dev/null

1793

null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)

1794

os.dup2(null, sys.stdin.fileno())

1795

if null > 2:

1796

os.close(null)

1797

else:

1798

# No console logging

1799

logger.removeHandler(console)

1800

1769

1801

1770

1802

global main_loop

1771

1803

# From the Avahi example code

1790

1822

service.interface = (if_nametoindex

1791

1823

(str(server_settings[u"interface"])))

1792

1824

1825

if not debug:

1826

# Close all input and output, do double fork, etc.

1827

daemon()

1828

1793

1829

global multiprocessing_manager

1794

1830

multiprocessing_manager = multiprocessing.Manager()

1795

1831

1815

1851

for section in client_config.sections()))

1816

1852

if not tcp_server.clients:

1817

1853

logger.warning(u"No clients defined")

1818

1819

if debug:

1820

# Redirect stdin so all checkers get /dev/null

1821

null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)

1822

os.dup2(null, sys.stdin.fileno())

1823

if null > 2:

1824

os.close(null)

1825

else:

1826

# No console logging

1827

logger.removeHandler(console)

1828

# Close all input and output, do double fork, etc.

1829

daemon()

1830

1854

1831

1855

try:

1832

1856

with pidfile:

1833

1857

pid = os.getpid()

Older »