To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 441
- compare with another revision
- download diff
- download tarball
- view history from revision 441
- Committer: Teddy Hogeborn
- Date: 2010-09-25 23:52:17 UTC
- Revision ID: teddy@fukt.bsnet.se-20100925235217-4hhqfryz1ste6uw3
* mandos (ClientDBus.__init__): Bug fix: Translate "-" in client names
to "_" in D-Bus object paths.
(MandosServer.handle_ipc): Bug fix: Send only address string to
D-Bus signal, not whole tuple.
* mandos-ctl: New options "--approve-by-default", "--deny-by-default",
"--approval-delay", and "--approval-duration".
* mandos-ctl.xml (SYNOPSIS, OPTIONS): Document new options.
* mandos-monitor (MandosClientWidget.update): Fix spelling.
to "_" in D-Bus object paths.
(MandosServer.handle_ipc): Bug fix: Send only address string to
D-Bus signal, not whole tuple.
* mandos-ctl: New options "--approve-by-default", "--deny-by-default",
"--approval-delay", and "--approval-duration".
* mandos-ctl.xml (SYNOPSIS, OPTIONS): Document new options.
* mandos-monitor (MandosClientWidget.update): Fix spelling.
- files added:
- DBUS-API
- files removed:
- debian/mandos-client.config
- files modified:
- INSTALL
added
removed
mandos
6
6
# This program is partly derived from an example program for an Avahi
7
7
# service publisher, downloaded from
8
8
# <http://avahi.org/wiki/PythonPublishExample>. This includes the
9
# methods "add" and "remove" in the "AvahiService" class, the
10
# "server_state_changed" and "entry_group_state_changed" functions,
11
# and some lines in "main".
9
# methods "add", "remove", "server_state_changed",
10
# "entry_group_state_changed", "cleanup", and "activate" in the
11
# "AvahiService" class, and some lines in "main".
12
12
#
13
13
# Everything else is
14
# Copyright © 2008 Teddy Hogeborn & Björn Påhlsson
14
# Copyright © 2008,2009 Teddy Hogeborn
15
# Copyright © 2008,2009 Björn Påhlsson
15
16
#
16
17
# This program is free software: you can redistribute it and/or modify
17
18
# it under the terms of the GNU General Public License as published by
30
31
# Contact the authors at <mandos@fukt.bsnet.se>.
31
32
#
32
33
33
from __future__ import division
34
from __future__ import division, with_statement, absolute_import
34
35
35
import SocketServer
36
import SocketServer as socketserver
36
37
import socket
37
from optparse import OptionParser
38
import optparse
38
39
import datetime
39
40
import errno
40
41
import gnutls.crypto
43
44
import gnutls.library.functions
44
45
import gnutls.library.constants
45
46
import gnutls.library.types
46
import ConfigParser
47
import ConfigParser as configparser
47
48
import sys
48
49
import re
49
50
import os
50
51
import signal
51
from sets import Set
52
52
import subprocess
53
53
import atexit
54
54
import stat
55
55
import logging
56
56
import logging.handlers
57
57
import pwd
58
import contextlib
59
import struct
60
import fcntl
61
import functools
62
import cPickle as pickle
63
import multiprocessing
58
64
59
65
import dbus
66
import dbus.service
60
67
import gobject
61
68
import avahi
62
69
from dbus.mainloop.glib import DBusGMainLoop
63
70
import ctypes
64
71
import ctypes.util
65
66
version = "1.0"
67
68
logger = logging.Logger('mandos')
69
syslogger = logging.handlers.SysLogHandler\
70
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
71
address = "/dev/log")
72
syslogger.setFormatter(logging.Formatter\
73
('Mandos: %(levelname)s: %(message)s'))
72
import xml.dom.minidom
73
import inspect
74
75
try:
76
SO_BINDTODEVICE = socket.SO_BINDTODEVICE
77
except AttributeError:
78
try:
79
from IN import SO_BINDTODEVICE
80
except ImportError:
81
SO_BINDTODEVICE = None
82
83
84
version = "1.0.14"
85
86
#logger = logging.getLogger(u'mandos')
87
logger = logging.Logger(u'mandos')
88
syslogger = (logging.handlers.SysLogHandler
89
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
90
address = "/dev/log"))
91
syslogger.setFormatter(logging.Formatter
92
(u'Mandos [%(process)d]: %(levelname)s:'
93
u' %(message)s'))
74
94
logger.addHandler(syslogger)
75
95
76
96
console = logging.StreamHandler()
77
console.setFormatter(logging.Formatter('%(name)s: %(levelname)s:'
78
' %(message)s'))
97
console.setFormatter(logging.Formatter(u'%(name)s [%(process)d]:'
98
u' %(levelname)s:'
99
u' %(message)s'))
79
100
logger.addHandler(console)
80
101
81
102
class AvahiError(Exception):
82
def __init__(self, value):
103
def __init__(self, value, *args, **kwargs):
83
104
self.value = value
84
super(AvahiError, self).__init__()
85
def __str__(self):
86
return repr(self.value)
105
super(AvahiError, self).__init__(value, *args, **kwargs)
106
def __unicode__(self):
107
return unicode(repr(self.value))
87
108
88
109
class AvahiServiceError(AvahiError):
89
110
pass
94
115
95
116
class AvahiService(object):
96
117
"""An Avahi (Zeroconf) service.
118
97
119
Attributes:
98
120
interface: integer; avahi.IF_UNSPEC or an interface index.
99
121
Used to optionally bind to the specified interface.
100
name: string; Example: 'Mandos'
101
type: string; Example: '_mandos._tcp'.
122
name: string; Example: u'Mandos'
123
type: string; Example: u'_mandos._tcp'.
102
124
See <http://www.dns-sd.org/ServiceTypes.html>
103
125
port: integer; what port to announce
104
126
TXT: list of strings; TXT record for the service
107
129
max_renames: integer; maximum number of renames
108
130
rename_count: integer; counter so we only rename after collisions
109
131
a sensible number of times
132
group: D-Bus Entry Group
133
server: D-Bus Server
134
bus: dbus.SystemBus()
110
135
"""
111
136
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
112
servicetype = None, port = None, TXT = None, domain = "",
113
host = "", max_renames = 32768):
137
servicetype = None, port = None, TXT = None,
138
domain = u"", host = u"", max_renames = 32768,
139
protocol = avahi.PROTO_UNSPEC, bus = None):
114
140
self.interface = interface
115
141
self.name = name
116
142
self.type = servicetype
117
143
self.port = port
118
if TXT is None:
119
self.TXT = []
120
else:
121
self.TXT = TXT
144
self.TXT = TXT if TXT is not None else []
122
145
self.domain = domain
123
146
self.host = host
124
147
self.rename_count = 0
125
148
self.max_renames = max_renames
149
self.protocol = protocol
150
self.group = None # our entry group
151
self.server = None
152
self.bus = bus
126
153
def rename(self):
127
154
"""Derived from the Avahi example code"""
128
155
if self.rename_count >= self.max_renames:
129
156
logger.critical(u"No suitable Zeroconf service name found"
130
157
u" after %i retries, exiting.",
131
158
self.rename_count)
132
raise AvahiServiceError("Too many renames")
133
self.name = server.GetAlternativeServiceName(self.name)
159
raise AvahiServiceError(u"Too many renames")
160
self.name = unicode(self.server.GetAlternativeServiceName(self.name))
134
161
logger.info(u"Changing Zeroconf service name to %r ...",
135
str(self.name))
136
syslogger.setFormatter(logging.Formatter\
137
('Mandos (%s): %%(levelname)s:'
138
' %%(message)s' % self.name))
162
self.name)
163
syslogger.setFormatter(logging.Formatter
164
(u'Mandos (%s) [%%(process)d]:'
165
u' %%(levelname)s: %%(message)s'
166
% self.name))
139
167
self.remove()
140
self.add()
168
try:
169
self.add()
170
except dbus.exceptions.DBusException, error:
171
logger.critical(u"DBusException: %s", error)
172
self.cleanup()
173
os._exit(1)
141
174
self.rename_count += 1
142
175
def remove(self):
143
176
"""Derived from the Avahi example code"""
144
if group is not None:
145
group.Reset()
177
if self.group is not None:
178
self.group.Reset()
146
179
def add(self):
147
180
"""Derived from the Avahi example code"""
148
global group
149
if group is None:
150
group = dbus.Interface\
151
(bus.get_object(avahi.DBUS_NAME,
152
server.EntryGroupNew()),
153
avahi.DBUS_INTERFACE_ENTRY_GROUP)
154
group.connect_to_signal('StateChanged',
155
entry_group_state_changed)
181
if self.group is None:
182
self.group = dbus.Interface(
183
self.bus.get_object(avahi.DBUS_NAME,
184
self.server.EntryGroupNew()),
185
avahi.DBUS_INTERFACE_ENTRY_GROUP)
186
self.group.connect_to_signal('StateChanged',
187
self
188
.entry_group_state_changed)
156
189
logger.debug(u"Adding Zeroconf service '%s' of type '%s' ...",
157
service.name, service.type)
158
group.AddService(
159
self.interface, # interface
160
avahi.PROTO_INET6, # protocol
161
dbus.UInt32(0), # flags
162
self.name, self.type,
163
self.domain, self.host,
164
dbus.UInt16(self.port),
165
avahi.string_array_to_txt_array(self.TXT))
166
group.Commit()
167
168
# From the Avahi example code:
169
group = None # our entry group
170
# End of Avahi example code
190
self.name, self.type)
191
self.group.AddService(
192
self.interface,
193
self.protocol,
194
dbus.UInt32(0), # flags
195
self.name, self.type,
196
self.domain, self.host,
197
dbus.UInt16(self.port),
198
avahi.string_array_to_txt_array(self.TXT))
199
self.group.Commit()
200
def entry_group_state_changed(self, state, error):
201
"""Derived from the Avahi example code"""
202
logger.debug(u"Avahi entry group state change: %i", state)
203
204
if state == avahi.ENTRY_GROUP_ESTABLISHED:
205
logger.debug(u"Zeroconf service established.")
206
elif state == avahi.ENTRY_GROUP_COLLISION:
207
logger.warning(u"Zeroconf service name collision.")
208
self.rename()
209
elif state == avahi.ENTRY_GROUP_FAILURE:
210
logger.critical(u"Avahi: Error in group state changed %s",
211
unicode(error))
212
raise AvahiGroupError(u"State changed: %s"
213
% unicode(error))
214
def cleanup(self):
215
"""Derived from the Avahi example code"""
216
if self.group is not None:
217
self.group.Free()
218
self.group = None
219
def server_state_changed(self, state):
220
"""Derived from the Avahi example code"""
221
logger.debug(u"Avahi server state change: %i", state)
222
if state == avahi.SERVER_COLLISION:
223
logger.error(u"Zeroconf server name collision")
224
self.remove()
225
elif state == avahi.SERVER_RUNNING:
226
self.add()
227
def activate(self):
228
"""Derived from the Avahi example code"""
229
if self.server is None:
230
self.server = dbus.Interface(
231
self.bus.get_object(avahi.DBUS_NAME,
232
avahi.DBUS_PATH_SERVER),
233
avahi.DBUS_INTERFACE_SERVER)
234
self.server.connect_to_signal(u"StateChanged",
235
self.server_state_changed)
236
self.server_state_changed(self.server.GetState())
171
237
172
238
173
239
class Client(object):
174
240
"""A representation of a client host served by this server.
241
175
242
Attributes:
176
name: string; from the config file, used in log messages
177
fingerprint: string (40 or 32 hexadecimal digits); used to
178
uniquely identify the client
179
secret: bytestring; sent verbatim (over TLS) to client
180
host: string; available for use by the checker command
181
created: datetime.datetime(); object creation, not client host
182
last_checked_ok: datetime.datetime() or None if not yet checked OK
183
timeout: datetime.timedelta(); How long from last_checked_ok
184
until this client is invalid
185
interval: datetime.timedelta(); How often to start a new checker
186
stop_hook: If set, called by stop() as stop_hook(self)
187
checker: subprocess.Popen(); a running checker process used
188
to see if the client lives.
189
'None' if no process is running.
190
checker_initiator_tag: a gobject event source tag, or None
191
stop_initiator_tag: - '' -
243
_approved: bool(); 'None' if not yet approved/disapproved
244
approval_delay: datetime.timedelta(); Time to wait for approval
245
approval_duration: datetime.timedelta(); Duration of one approval
246
checker: subprocess.Popen(); a running checker process used
247
to see if the client lives.
248
'None' if no process is running.
192
249
checker_callback_tag: - '' -
193
checker_command: string; External command which is run to check if
194
client lives. %() expansions are done at
250
checker_command: string; External command which is run to check
251
if client lives. %() expansions are done at
195
252
runtime with vars(self) as dict, so that for
196
253
instance %(name)s can be used in the command.
197
Private attibutes:
198
_timeout: Real variable for 'timeout'
199
_interval: Real variable for 'interval'
200
_timeout_milliseconds: Used when calling gobject.timeout_add()
201
_interval_milliseconds: - '' -
254
checker_initiator_tag: a gobject event source tag, or None
255
created: datetime.datetime(); (UTC) object creation
256
current_checker_command: string; current running checker_command
257
disable_hook: If set, called by disable() as disable_hook(self)
258
disable_initiator_tag: - '' -
259
enabled: bool()
260
fingerprint: string (40 or 32 hexadecimal digits); used to
261
uniquely identify the client
262
host: string; available for use by the checker command
263
interval: datetime.timedelta(); How often to start a new checker
264
last_checked_ok: datetime.datetime(); (UTC) or None
265
last_enabled: datetime.datetime(); (UTC)
266
name: string; from the config file, used in log messages and
267
D-Bus identifiers
268
secret: bytestring; sent verbatim (over TLS) to client
269
timeout: datetime.timedelta(); How long from last_checked_ok
270
until this client is disabled
271
runtime_expansions: Allowed attributes for runtime expansion.
202
272
"""
203
def _set_timeout(self, timeout):
204
"Setter function for 'timeout' attribute"
205
self._timeout = timeout
206
self._timeout_milliseconds = ((self.timeout.days
207
* 24 * 60 * 60 * 1000)
208
+ (self.timeout.seconds * 1000)
209
+ (self.timeout.microseconds
210
// 1000))
211
timeout = property(lambda self: self._timeout,
212
_set_timeout)
213
del _set_timeout
214
def _set_interval(self, interval):
215
"Setter function for 'interval' attribute"
216
self._interval = interval
217
self._interval_milliseconds = ((self.interval.days
218
* 24 * 60 * 60 * 1000)
219
+ (self.interval.seconds
220
* 1000)
221
+ (self.interval.microseconds
222
// 1000))
223
interval = property(lambda self: self._interval,
224
_set_interval)
225
del _set_interval
226
def __init__(self, name = None, stop_hook=None, config=None):
273
274
runtime_expansions = (u"approval_delay", u"approval_duration",
275
u"created", u"enabled", u"fingerprint",
276
u"host", u"interval", u"last_checked_ok",
277
u"last_enabled", u"name", u"timeout")
278
279
@staticmethod
280
def _timedelta_to_milliseconds(td):
281
"Convert a datetime.timedelta() to milliseconds"
282
return ((td.days * 24 * 60 * 60 * 1000)
283
+ (td.seconds * 1000)
284
+ (td.microseconds // 1000))
285
286
def timeout_milliseconds(self):
287
"Return the 'timeout' attribute in milliseconds"
288
return self._timedelta_to_milliseconds(self.timeout)
289
290
def interval_milliseconds(self):
291
"Return the 'interval' attribute in milliseconds"
292
return self._timedelta_to_milliseconds(self.interval)
293
294
def approval_delay_milliseconds(self):
295
return self._timedelta_to_milliseconds(self.approval_delay)
296
297
def __init__(self, name = None, disable_hook=None, config=None):
227
298
"""Note: the 'checker' key in 'config' sets the
228
299
'checker_command' attribute and *not* the 'checker'
229
300
attribute."""
301
self.name = name
230
302
if config is None:
231
303
config = {}
232
self.name = name
233
304
logger.debug(u"Creating client %r", self.name)
234
305
# Uppercase and remove spaces from fingerprint for later
235
306
# comparison purposes with return value from the fingerprint()
236
307
# function
237
self.fingerprint = config["fingerprint"].upper()\
238
.replace(u" ", u"")
308
self.fingerprint = (config[u"fingerprint"].upper()
309
.replace(u" ", u""))
239
310
logger.debug(u" Fingerprint: %s", self.fingerprint)
240
if "secret" in config:
241
self.secret = config["secret"].decode(u"base64")
242
elif "secfile" in config:
243
secfile = open(os.path.expanduser(os.path.expandvars
244
(config["secfile"])))
245
self.secret = secfile.read()
246
secfile.close()
311
if u"secret" in config:
312
self.secret = config[u"secret"].decode(u"base64")
313
elif u"secfile" in config:
314
with open(os.path.expanduser(os.path.expandvars
315
(config[u"secfile"])),
316
"rb") as secfile:
317
self.secret = secfile.read()
247
318
else:
248
319
raise TypeError(u"No secret or secfile for client %s"
249
320
% self.name)
250
self.host = config.get("host", "")
251
self.created = datetime.datetime.now()
321
self.host = config.get(u"host", u"")
322
self.created = datetime.datetime.utcnow()
323
self.enabled = False
324
self.last_enabled = None
252
325
self.last_checked_ok = None
253
self.timeout = string_to_delta(config["timeout"])
254
self.interval = string_to_delta(config["interval"])
255
self.stop_hook = stop_hook
326
self.timeout = string_to_delta(config[u"timeout"])
327
self.interval = string_to_delta(config[u"interval"])
328
self.disable_hook = disable_hook
256
329
self.checker = None
257
330
self.checker_initiator_tag = None
258
self.stop_initiator_tag = None
331
self.disable_initiator_tag = None
259
332
self.checker_callback_tag = None
260
self.check_command = config["checker"]
261
def start(self):
333
self.checker_command = config[u"checker"]
334
self.current_checker_command = None
335
self.last_connect = None
336
self._approved = None
337
self.approved_by_default = config.get(u"approved_by_default",
338
True)
339
self.approvals_pending = 0
340
self.approval_delay = string_to_delta(
341
config[u"approval_delay"])
342
self.approval_duration = string_to_delta(
343
config[u"approval_duration"])
344
self.changedstate = multiprocessing_manager.Condition(multiprocessing_manager.Lock())
345
346
def send_changedstate(self):
347
self.changedstate.acquire()
348
self.changedstate.notify_all()
349
self.changedstate.release()
350
351
def enable(self):
262
352
"""Start this client's checker and timeout hooks"""
353
if getattr(self, u"enabled", False):
354
# Already enabled
355
return
356
self.send_changedstate()
357
self.last_enabled = datetime.datetime.utcnow()
263
358
# Schedule a new checker to be started an 'interval' from now,
264
359
# and every interval from then on.
265
self.checker_initiator_tag = gobject.timeout_add\
266
(self._interval_milliseconds,
267
self.start_checker)
360
self.checker_initiator_tag = (gobject.timeout_add
361
(self.interval_milliseconds(),
362
self.start_checker))
363
# Schedule a disable() when 'timeout' has passed
364
self.disable_initiator_tag = (gobject.timeout_add
365
(self.timeout_milliseconds(),
366
self.disable))
367
self.enabled = True
268
368
# Also start a new checker *right now*.
269
369
self.start_checker()
270
# Schedule a stop() when 'timeout' has passed
271
self.stop_initiator_tag = gobject.timeout_add\
272
(self._timeout_milliseconds,
273
self.stop)
274
def stop(self):
275
"""Stop this client.
276
The possibility that a client might be restarted is left open,
277
but not currently used."""
278
# If this client doesn't have a secret, it is already stopped.
279
if hasattr(self, "secret") and self.secret:
280
logger.info(u"Stopping client %s", self.name)
281
self.secret = None
282
else:
370
371
def disable(self, quiet=True):
372
"""Disable this client."""
373
if not getattr(self, "enabled", False):
283
374
return False
284
if getattr(self, "stop_initiator_tag", False):
285
gobject.source_remove(self.stop_initiator_tag)
286
self.stop_initiator_tag = None
287
if getattr(self, "checker_initiator_tag", False):
375
if not quiet:
376
self.send_changedstate()
377
if not quiet:
378
logger.info(u"Disabling client %s", self.name)
379
if getattr(self, u"disable_initiator_tag", False):
380
gobject.source_remove(self.disable_initiator_tag)
381
self.disable_initiator_tag = None
382
if getattr(self, u"checker_initiator_tag", False):
288
383
gobject.source_remove(self.checker_initiator_tag)
289
384
self.checker_initiator_tag = None
290
385
self.stop_checker()
291
if self.stop_hook:
292
self.stop_hook(self)
386
if self.disable_hook:
387
self.disable_hook(self)
388
self.enabled = False
293
389
# Do not run this again if called by a gobject.timeout_add
294
390
return False
391
295
392
def __del__(self):
296
self.stop_hook = None
297
self.stop()
298
def checker_callback(self, pid, condition):
393
self.disable_hook = None
394
self.disable()
395
396
def checker_callback(self, pid, condition, command):
299
397
"""The checker has completed, so take appropriate actions."""
300
now = datetime.datetime.now()
301
398
self.checker_callback_tag = None
302
399
self.checker = None
303
if os.WIFEXITED(condition) \
304
and (os.WEXITSTATUS(condition) == 0):
305
logger.info(u"Checker for %(name)s succeeded",
306
vars(self))
307
self.last_checked_ok = now
308
gobject.source_remove(self.stop_initiator_tag)
309
self.stop_initiator_tag = gobject.timeout_add\
310
(self._timeout_milliseconds,
311
self.stop)
312
elif not os.WIFEXITED(condition):
400
if os.WIFEXITED(condition):
401
exitstatus = os.WEXITSTATUS(condition)
402
if exitstatus == 0:
403
logger.info(u"Checker for %(name)s succeeded",
404
vars(self))
405
self.checked_ok()
406
else:
407
logger.info(u"Checker for %(name)s failed",
408
vars(self))
409
else:
313
410
logger.warning(u"Checker for %(name)s crashed?",
314
411
vars(self))
315
else:
316
logger.info(u"Checker for %(name)s failed",
317
vars(self))
412
413
def checked_ok(self):
414
"""Bump up the timeout for this client.
415
416
This should only be called when the client has been seen,
417
alive and well.
418
"""
419
self.last_checked_ok = datetime.datetime.utcnow()
420
gobject.source_remove(self.disable_initiator_tag)
421
self.disable_initiator_tag = (gobject.timeout_add
422
(self.timeout_milliseconds(),
423
self.disable))
424
318
425
def start_checker(self):
319
426
"""Start a new checker subprocess if one is not running.
427
320
428
If a checker already exists, leave it running and do
321
429
nothing."""
322
430
# The reason for not killing a running checker is that if we
325
433
# client would inevitably timeout, since no checker would get
326
434
# a chance to run to completion. If we instead leave running
327
435
# checkers alone, the checker would have to take more time
328
# than 'timeout' for the client to be declared invalid, which
329
# is as it should be.
436
# than 'timeout' for the client to be disabled, which is as it
437
# should be.
438
439
# If a checker exists, make sure it is not a zombie
440
try:
441
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
442
except (AttributeError, OSError), error:
443
if (isinstance(error, OSError)
444
and error.errno != errno.ECHILD):
445
raise error
446
else:
447
if pid:
448
logger.warning(u"Checker was a zombie")
449
gobject.source_remove(self.checker_callback_tag)
450
self.checker_callback(pid, status,
451
self.current_checker_command)
452
# Start a new checker if needed
330
453
if self.checker is None:
331
454
try:
332
# In case check_command has exactly one % operator
333
command = self.check_command % self.host
455
# In case checker_command has exactly one % operator
456
command = self.checker_command % self.host
334
457
except TypeError:
335
458
# Escape attributes for the shell
336
escaped_attrs = dict((key, re.escape(str(val)))
337
for key, val in
338
vars(self).iteritems())
459
escaped_attrs = dict(
460
(attr,
461
re.escape(unicode(str(getattr(self, attr, u"")),
462
errors=
463
u'replace')))
464
for attr in
465
self.runtime_expansions)
466
339
467
try:
340
command = self.check_command % escaped_attrs
468
command = self.checker_command % escaped_attrs
341
469
except TypeError, error:
342
470
logger.error(u'Could not format string "%s":'
343
u' %s', self.check_command, error)
471
u' %s', self.checker_command, error)
344
472
return True # Try again later
473
self.current_checker_command = command
345
474
try:
346
475
logger.info(u"Starting checker %r for %s",
347
476
command, self.name)
351
480
# always replaced by /dev/null.)
352
481
self.checker = subprocess.Popen(command,
353
482
close_fds=True,
354
shell=True, cwd="/")
355
self.checker_callback_tag = gobject.child_watch_add\
356
(self.checker.pid,
357
self.checker_callback)
483
shell=True, cwd=u"/")
484
self.checker_callback_tag = (gobject.child_watch_add
485
(self.checker.pid,
486
self.checker_callback,
487
data=command))
488
# The checker may have completed before the gobject
489
# watch was added. Check for this.
490
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
491
if pid:
492
gobject.source_remove(self.checker_callback_tag)
493
self.checker_callback(pid, status, command)
358
494
except OSError, error:
359
495
logger.error(u"Failed to start subprocess: %s",
360
496
error)
361
497
# Re-run this periodically if run by gobject.timeout_add
362
498
return True
499
363
500
def stop_checker(self):
364
501
"""Force the checker process, if any, to stop."""
365
502
if self.checker_callback_tag:
366
503
gobject.source_remove(self.checker_callback_tag)
367
504
self.checker_callback_tag = None
368
if getattr(self, "checker", None) is None:
505
if getattr(self, u"checker", None) is None:
369
506
return
370
507
logger.debug(u"Stopping checker for %(name)s", vars(self))
371
508
try:
372
509
os.kill(self.checker.pid, signal.SIGTERM)
373
#os.sleep(0.5)
510
#time.sleep(0.5)
374
511
#if self.checker.poll() is None:
375
512
# os.kill(self.checker.pid, signal.SIGKILL)
376
513
except OSError, error:
377
514
if error.errno != errno.ESRCH: # No such process
378
515
raise
379
516
self.checker = None
380
def still_valid(self):
381
"""Has the timeout not yet passed for this client?"""
382
now = datetime.datetime.now()
517
518
def dbus_service_property(dbus_interface, signature=u"v",
519
access=u"readwrite", byte_arrays=False):
520
"""Decorators for marking methods of a DBusObjectWithProperties to
521
become properties on the D-Bus.
522
523
The decorated method will be called with no arguments by "Get"
524
and with one argument by "Set".
525
526
The parameters, where they are supported, are the same as
527
dbus.service.method, except there is only "signature", since the
528
type from Get() and the type sent to Set() is the same.
529
"""
530
# Encoding deeply encoded byte arrays is not supported yet by the
531
# "Set" method, so we fail early here:
532
if byte_arrays and signature != u"ay":
533
raise ValueError(u"Byte arrays not supported for non-'ay'"
534
u" signature %r" % signature)
535
def decorator(func):
536
func._dbus_is_property = True
537
func._dbus_interface = dbus_interface
538
func._dbus_signature = signature
539
func._dbus_access = access
540
func._dbus_name = func.__name__
541
if func._dbus_name.endswith(u"_dbus_property"):
542
func._dbus_name = func._dbus_name[:-14]
543
func._dbus_get_args_options = {u'byte_arrays': byte_arrays }
544
return func
545
return decorator
546
547
548
class DBusPropertyException(dbus.exceptions.DBusException):
549
"""A base class for D-Bus property-related exceptions
550
"""
551
def __unicode__(self):
552
return unicode(str(self))
553
554
555
class DBusPropertyAccessException(DBusPropertyException):
556
"""A property's access permissions disallows an operation.
557
"""
558
pass
559
560
561
class DBusPropertyNotFound(DBusPropertyException):
562
"""An attempt was made to access a non-existing property.
563
"""
564
pass
565
566
567
class DBusObjectWithProperties(dbus.service.Object):
568
"""A D-Bus object with properties.
569
570
Classes inheriting from this can use the dbus_service_property
571
decorator to expose methods as D-Bus properties. It exposes the
572
standard Get(), Set(), and GetAll() methods on the D-Bus.
573
"""
574
575
@staticmethod
576
def _is_dbus_property(obj):
577
return getattr(obj, u"_dbus_is_property", False)
578
579
def _get_all_dbus_properties(self):
580
"""Returns a generator of (name, attribute) pairs
581
"""
582
return ((prop._dbus_name, prop)
583
for name, prop in
584
inspect.getmembers(self, self._is_dbus_property))
585
586
def _get_dbus_property(self, interface_name, property_name):
587
"""Returns a bound method if one exists which is a D-Bus
588
property with the specified name and interface.
589
"""
590
for name in (property_name,
591
property_name + u"_dbus_property"):
592
prop = getattr(self, name, None)
593
if (prop is None
594
or not self._is_dbus_property(prop)
595
or prop._dbus_name != property_name
596
or (interface_name and prop._dbus_interface
597
and interface_name != prop._dbus_interface)):
598
continue
599
return prop
600
# No such property
601
raise DBusPropertyNotFound(self.dbus_object_path + u":"
602
+ interface_name + u"."
603
+ property_name)
604
605
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"ss",
606
out_signature=u"v")
607
def Get(self, interface_name, property_name):
608
"""Standard D-Bus property Get() method, see D-Bus standard.
609
"""
610
prop = self._get_dbus_property(interface_name, property_name)
611
if prop._dbus_access == u"write":
612
raise DBusPropertyAccessException(property_name)
613
value = prop()
614
if not hasattr(value, u"variant_level"):
615
return value
616
return type(value)(value, variant_level=value.variant_level+1)
617
618
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"ssv")
619
def Set(self, interface_name, property_name, value):
620
"""Standard D-Bus property Set() method, see D-Bus standard.
621
"""
622
prop = self._get_dbus_property(interface_name, property_name)
623
if prop._dbus_access == u"read":
624
raise DBusPropertyAccessException(property_name)
625
if prop._dbus_get_args_options[u"byte_arrays"]:
626
# The byte_arrays option is not supported yet on
627
# signatures other than "ay".
628
if prop._dbus_signature != u"ay":
629
raise ValueError
630
value = dbus.ByteArray(''.join(unichr(byte)
631
for byte in value))
632
prop(value)
633
634
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature=u"s",
635
out_signature=u"a{sv}")
636
def GetAll(self, interface_name):
637
"""Standard D-Bus property GetAll() method, see D-Bus
638
standard.
639
640
Note: Will not include properties with access="write".
641
"""
642
all = {}
643
for name, prop in self._get_all_dbus_properties():
644
if (interface_name
645
and interface_name != prop._dbus_interface):
646
# Interface non-empty but did not match
647
continue
648
# Ignore write-only properties
649
if prop._dbus_access == u"write":
650
continue
651
value = prop()
652
if not hasattr(value, u"variant_level"):
653
all[name] = value
654
continue
655
all[name] = type(value)(value, variant_level=
656
value.variant_level+1)
657
return dbus.Dictionary(all, signature=u"sv")
658
659
@dbus.service.method(dbus.INTROSPECTABLE_IFACE,
660
out_signature=u"s",
661
path_keyword='object_path',
662
connection_keyword='connection')
663
def Introspect(self, object_path, connection):
664
"""Standard D-Bus method, overloaded to insert property tags.
665
"""
666
xmlstring = dbus.service.Object.Introspect(self, object_path,
667
connection)
668
try:
669
document = xml.dom.minidom.parseString(xmlstring)
670
def make_tag(document, name, prop):
671
e = document.createElement(u"property")
672
e.setAttribute(u"name", name)
673
e.setAttribute(u"type", prop._dbus_signature)
674
e.setAttribute(u"access", prop._dbus_access)
675
return e
676
for if_tag in document.getElementsByTagName(u"interface"):
677
for tag in (make_tag(document, name, prop)
678
for name, prop
679
in self._get_all_dbus_properties()
680
if prop._dbus_interface
681
== if_tag.getAttribute(u"name")):
682
if_tag.appendChild(tag)
683
# Add the names to the return values for the
684
# "org.freedesktop.DBus.Properties" methods
685
if (if_tag.getAttribute(u"name")
686
== u"org.freedesktop.DBus.Properties"):
687
for cn in if_tag.getElementsByTagName(u"method"):
688
if cn.getAttribute(u"name") == u"Get":
689
for arg in cn.getElementsByTagName(u"arg"):
690
if (arg.getAttribute(u"direction")
691
== u"out"):
692
arg.setAttribute(u"name", u"value")
693
elif cn.getAttribute(u"name") == u"GetAll":
694
for arg in cn.getElementsByTagName(u"arg"):
695
if (arg.getAttribute(u"direction")
696
== u"out"):
697
arg.setAttribute(u"name", u"props")
698
xmlstring = document.toxml(u"utf-8")
699
document.unlink()
700
except (AttributeError, xml.dom.DOMException,
701
xml.parsers.expat.ExpatError), error:
702
logger.error(u"Failed to override Introspection method",
703
error)
704
return xmlstring
705
706
707
class ClientDBus(Client, DBusObjectWithProperties):
708
"""A Client class using D-Bus
709
710
Attributes:
711
dbus_object_path: dbus.ObjectPath
712
bus: dbus.SystemBus()
713
"""
714
715
runtime_expansions = (Client.runtime_expansions
716
+ (u"dbus_object_path",))
717
718
# dbus.service.Object doesn't use super(), so we can't either.
719
720
def __init__(self, bus = None, *args, **kwargs):
721
self._approvals_pending = 0
722
self.bus = bus
723
Client.__init__(self, *args, **kwargs)
724
# Only now, when this client is initialized, can it show up on
725
# the D-Bus
726
client_object_name = unicode(self.name).translate(
727
{ord(u"."): ord(u"_"),
728
ord(u"-"): ord(u"_")})
729
self.dbus_object_path = (dbus.ObjectPath
730
(u"/clients/" + client_object_name))
731
DBusObjectWithProperties.__init__(self, self.bus,
732
self.dbus_object_path)
733
734
def _get_approvals_pending(self):
735
return self._approvals_pending
736
def _set_approvals_pending(self, value):
737
old_value = self._approvals_pending
738
self._approvals_pending = value
739
bval = bool(value)
740
if (hasattr(self, "dbus_object_path")
741
and bval is not bool(old_value)):
742
dbus_bool = dbus.Boolean(bval, variant_level=1)
743
self.PropertyChanged(dbus.String(u"ApprovalPending"),
744
dbus_bool)
745
746
approvals_pending = property(_get_approvals_pending,
747
_set_approvals_pending)
748
del _get_approvals_pending, _set_approvals_pending
749
750
@staticmethod
751
def _datetime_to_dbus(dt, variant_level=0):
752
"""Convert a UTC datetime.datetime() to a D-Bus type."""
753
return dbus.String(dt.isoformat(),
754
variant_level=variant_level)
755
756
def enable(self):
757
oldstate = getattr(self, u"enabled", False)
758
r = Client.enable(self)
759
if oldstate != self.enabled:
760
# Emit D-Bus signals
761
self.PropertyChanged(dbus.String(u"Enabled"),
762
dbus.Boolean(True, variant_level=1))
763
self.PropertyChanged(
764
dbus.String(u"LastEnabled"),
765
self._datetime_to_dbus(self.last_enabled,
766
variant_level=1))
767
return r
768
769
def disable(self, quiet = False):
770
oldstate = getattr(self, u"enabled", False)
771
r = Client.disable(self, quiet=quiet)
772
if not quiet and oldstate != self.enabled:
773
# Emit D-Bus signal
774
self.PropertyChanged(dbus.String(u"Enabled"),
775
dbus.Boolean(False, variant_level=1))
776
return r
777
778
def __del__(self, *args, **kwargs):
779
try:
780
self.remove_from_connection()
781
except LookupError:
782
pass
783
if hasattr(DBusObjectWithProperties, u"__del__"):
784
DBusObjectWithProperties.__del__(self, *args, **kwargs)
785
Client.__del__(self, *args, **kwargs)
786
787
def checker_callback(self, pid, condition, command,
788
*args, **kwargs):
789
self.checker_callback_tag = None
790
self.checker = None
791
# Emit D-Bus signal
792
self.PropertyChanged(dbus.String(u"CheckerRunning"),
793
dbus.Boolean(False, variant_level=1))
794
if os.WIFEXITED(condition):
795
exitstatus = os.WEXITSTATUS(condition)
796
# Emit D-Bus signal
797
self.CheckerCompleted(dbus.Int16(exitstatus),
798
dbus.Int64(condition),
799
dbus.String(command))
800
else:
801
# Emit D-Bus signal
802
self.CheckerCompleted(dbus.Int16(-1),
803
dbus.Int64(condition),
804
dbus.String(command))
805
806
return Client.checker_callback(self, pid, condition, command,
807
*args, **kwargs)
808
809
def checked_ok(self, *args, **kwargs):
810
r = Client.checked_ok(self, *args, **kwargs)
811
# Emit D-Bus signal
812
self.PropertyChanged(
813
dbus.String(u"LastCheckedOK"),
814
(self._datetime_to_dbus(self.last_checked_ok,
815
variant_level=1)))
816
return r
817
818
def start_checker(self, *args, **kwargs):
819
old_checker = self.checker
820
if self.checker is not None:
821
old_checker_pid = self.checker.pid
822
else:
823
old_checker_pid = None
824
r = Client.start_checker(self, *args, **kwargs)
825
# Only if new checker process was started
826
if (self.checker is not None
827
and old_checker_pid != self.checker.pid):
828
# Emit D-Bus signal
829
self.CheckerStarted(self.current_checker_command)
830
self.PropertyChanged(
831
dbus.String(u"CheckerRunning"),
832
dbus.Boolean(True, variant_level=1))
833
return r
834
835
def stop_checker(self, *args, **kwargs):
836
old_checker = getattr(self, u"checker", None)
837
r = Client.stop_checker(self, *args, **kwargs)
838
if (old_checker is not None
839
and getattr(self, u"checker", None) is None):
840
self.PropertyChanged(dbus.String(u"CheckerRunning"),
841
dbus.Boolean(False, variant_level=1))
842
return r
843
844
def _reset_approved(self):
845
self._approved = None
846
return False
847
848
def approve(self, value=True):
849
self.send_changedstate()
850
self._approved = value
851
gobject.timeout_add(self._timedelta_to_milliseconds
852
(self.approval_duration),
853
self._reset_approved)
854
855
856
## D-Bus methods, signals & properties
857
_interface = u"se.bsnet.fukt.Mandos.Client"
858
859
## Signals
860
861
# CheckerCompleted - signal
862
@dbus.service.signal(_interface, signature=u"nxs")
863
def CheckerCompleted(self, exitcode, waitstatus, command):
864
"D-Bus signal"
865
pass
866
867
# CheckerStarted - signal
868
@dbus.service.signal(_interface, signature=u"s")
869
def CheckerStarted(self, command):
870
"D-Bus signal"
871
pass
872
873
# PropertyChanged - signal
874
@dbus.service.signal(_interface, signature=u"sv")
875
def PropertyChanged(self, property, value):
876
"D-Bus signal"
877
pass
878
879
# GotSecret - signal
880
@dbus.service.signal(_interface)
881
def GotSecret(self):
882
"""D-Bus signal
883
Is sent after a successful transfer of secret from the Mandos
884
server to mandos-client
885
"""
886
pass
887
888
# Rejected - signal
889
@dbus.service.signal(_interface, signature=u"s")
890
def Rejected(self, reason):
891
"D-Bus signal"
892
pass
893
894
# NeedApproval - signal
895
@dbus.service.signal(_interface, signature=u"tb")
896
def NeedApproval(self, timeout, default):
897
"D-Bus signal"
898
pass
899
900
## Methods
901
902
# Approve - method
903
@dbus.service.method(_interface, in_signature=u"b")
904
def Approve(self, value):
905
self.approve(value)
906
907
# CheckedOK - method
908
@dbus.service.method(_interface)
909
def CheckedOK(self):
910
return self.checked_ok()
911
912
# Enable - method
913
@dbus.service.method(_interface)
914
def Enable(self):
915
"D-Bus method"
916
self.enable()
917
918
# StartChecker - method
919
@dbus.service.method(_interface)
920
def StartChecker(self):
921
"D-Bus method"
922
self.start_checker()
923
924
# Disable - method
925
@dbus.service.method(_interface)
926
def Disable(self):
927
"D-Bus method"
928
self.disable()
929
930
# StopChecker - method
931
@dbus.service.method(_interface)
932
def StopChecker(self):
933
self.stop_checker()
934
935
## Properties
936
937
# ApprovalPending - property
938
@dbus_service_property(_interface, signature=u"b", access=u"read")
939
def ApprovalPending_dbus_property(self):
940
return dbus.Boolean(bool(self.approvals_pending))
941
942
# ApprovedByDefault - property
943
@dbus_service_property(_interface, signature=u"b",
944
access=u"readwrite")
945
def ApprovedByDefault_dbus_property(self, value=None):
946
if value is None: # get
947
return dbus.Boolean(self.approved_by_default)
948
self.approved_by_default = bool(value)
949
# Emit D-Bus signal
950
self.PropertyChanged(dbus.String(u"ApprovedByDefault"),
951
dbus.Boolean(value, variant_level=1))
952
953
# ApprovalDelay - property
954
@dbus_service_property(_interface, signature=u"t",
955
access=u"readwrite")
956
def ApprovalDelay_dbus_property(self, value=None):
957
if value is None: # get
958
return dbus.UInt64(self.approval_delay_milliseconds())
959
self.approval_delay = datetime.timedelta(0, 0, 0, value)
960
# Emit D-Bus signal
961
self.PropertyChanged(dbus.String(u"ApprovalDelay"),
962
dbus.UInt64(value, variant_level=1))
963
964
# ApprovalDuration - property
965
@dbus_service_property(_interface, signature=u"t",
966
access=u"readwrite")
967
def ApprovalDuration_dbus_property(self, value=None):
968
if value is None: # get
969
return dbus.UInt64(self._timedelta_to_milliseconds(
970
self.approval_duration))
971
self.approval_duration = datetime.timedelta(0, 0, 0, value)
972
# Emit D-Bus signal
973
self.PropertyChanged(dbus.String(u"ApprovalDuration"),
974
dbus.UInt64(value, variant_level=1))
975
976
# Name - property
977
@dbus_service_property(_interface, signature=u"s", access=u"read")
978
def Name_dbus_property(self):
979
return dbus.String(self.name)
980
981
# Fingerprint - property
982
@dbus_service_property(_interface, signature=u"s", access=u"read")
983
def Fingerprint_dbus_property(self):
984
return dbus.String(self.fingerprint)
985
986
# Host - property
987
@dbus_service_property(_interface, signature=u"s",
988
access=u"readwrite")
989
def Host_dbus_property(self, value=None):
990
if value is None: # get
991
return dbus.String(self.host)
992
self.host = value
993
# Emit D-Bus signal
994
self.PropertyChanged(dbus.String(u"Host"),
995
dbus.String(value, variant_level=1))
996
997
# Created - property
998
@dbus_service_property(_interface, signature=u"s", access=u"read")
999
def Created_dbus_property(self):
1000
return dbus.String(self._datetime_to_dbus(self.created))
1001
1002
# LastEnabled - property
1003
@dbus_service_property(_interface, signature=u"s", access=u"read")
1004
def LastEnabled_dbus_property(self):
1005
if self.last_enabled is None:
1006
return dbus.String(u"")
1007
return dbus.String(self._datetime_to_dbus(self.last_enabled))
1008
1009
# Enabled - property
1010
@dbus_service_property(_interface, signature=u"b",
1011
access=u"readwrite")
1012
def Enabled_dbus_property(self, value=None):
1013
if value is None: # get
1014
return dbus.Boolean(self.enabled)
1015
if value:
1016
self.enable()
1017
else:
1018
self.disable()
1019
1020
# LastCheckedOK - property
1021
@dbus_service_property(_interface, signature=u"s",
1022
access=u"readwrite")
1023
def LastCheckedOK_dbus_property(self, value=None):
1024
if value is not None:
1025
self.checked_ok()
1026
return
383
1027
if self.last_checked_ok is None:
384
return now < (self.created + self.timeout)
385
else:
386
return now < (self.last_checked_ok + self.timeout)
387
388
389
def peer_certificate(session):
390
"Return the peer's OpenPGP certificate as a bytestring"
391
# If not an OpenPGP certificate...
392
if gnutls.library.functions.gnutls_certificate_type_get\
393
(session._c_object) \
394
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP:
395
# ...do the normal thing
396
return session.peer_certificate
397
list_size = ctypes.c_uint()
398
cert_list = gnutls.library.functions.gnutls_certificate_get_peers\
399
(session._c_object, ctypes.byref(list_size))
400
if list_size.value == 0:
401
return None
402
cert = cert_list[0]
403
return ctypes.string_at(cert.data, cert.size)
404
405
406
def fingerprint(openpgp):
407
"Convert an OpenPGP bytestring to a hexdigit fingerprint string"
408
# New GnuTLS "datum" with the OpenPGP public key
409
datum = gnutls.library.types.gnutls_datum_t\
410
(ctypes.cast(ctypes.c_char_p(openpgp),
411
ctypes.POINTER(ctypes.c_ubyte)),
412
ctypes.c_uint(len(openpgp)))
413
# New empty GnuTLS certificate
414
crt = gnutls.library.types.gnutls_openpgp_crt_t()
415
gnutls.library.functions.gnutls_openpgp_crt_init\
416
(ctypes.byref(crt))
417
# Import the OpenPGP public key into the certificate
418
gnutls.library.functions.gnutls_openpgp_crt_import\
419
(crt, ctypes.byref(datum),
420
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
421
# Verify the self signature in the key
422
crtverify = ctypes.c_uint()
423
gnutls.library.functions.gnutls_openpgp_crt_verify_self\
424
(crt, 0, ctypes.byref(crtverify))
425
if crtverify.value != 0:
426
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
427
raise gnutls.errors.CertificateSecurityError("Verify failed")
428
# New buffer for the fingerprint
429
buf = ctypes.create_string_buffer(20)
430
buf_len = ctypes.c_size_t()
431
# Get the fingerprint from the certificate into the buffer
432
gnutls.library.functions.gnutls_openpgp_crt_get_fingerprint\
433
(crt, ctypes.byref(buf), ctypes.byref(buf_len))
434
# Deinit the certificate
435
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
436
# Convert the buffer to a Python bytestring
437
fpr = ctypes.string_at(buf, buf_len.value)
438
# Convert the bytestring to hexadecimal notation
439
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
440
return hex_fpr
441
442
443
class TCP_handler(SocketServer.BaseRequestHandler, object):
444
"""A TCP request handler class.
445
Instantiated by IPv6_TCPServer for each request to handle it.
1028
return dbus.String(u"")
1029
return dbus.String(self._datetime_to_dbus(self
1030
.last_checked_ok))
1031
1032
# Timeout - property
1033
@dbus_service_property(_interface, signature=u"t",
1034
access=u"readwrite")
1035
def Timeout_dbus_property(self, value=None):
1036
if value is None: # get
1037
return dbus.UInt64(self.timeout_milliseconds())
1038
self.timeout = datetime.timedelta(0, 0, 0, value)
1039
# Emit D-Bus signal
1040
self.PropertyChanged(dbus.String(u"Timeout"),
1041
dbus.UInt64(value, variant_level=1))
1042
if getattr(self, u"disable_initiator_tag", None) is None:
1043
return
1044
# Reschedule timeout
1045
gobject.source_remove(self.disable_initiator_tag)
1046
self.disable_initiator_tag = None
1047
time_to_die = (self.
1048
_timedelta_to_milliseconds((self
1049
.last_checked_ok
1050
+ self.timeout)
1051
- datetime.datetime
1052
.utcnow()))
1053
if time_to_die <= 0:
1054
# The timeout has passed
1055
self.disable()
1056
else:
1057
self.disable_initiator_tag = (gobject.timeout_add
1058
(time_to_die, self.disable))
1059
1060
# Interval - property
1061
@dbus_service_property(_interface, signature=u"t",
1062
access=u"readwrite")
1063
def Interval_dbus_property(self, value=None):
1064
if value is None: # get
1065
return dbus.UInt64(self.interval_milliseconds())
1066
self.interval = datetime.timedelta(0, 0, 0, value)
1067
# Emit D-Bus signal
1068
self.PropertyChanged(dbus.String(u"Interval"),
1069
dbus.UInt64(value, variant_level=1))
1070
if getattr(self, u"checker_initiator_tag", None) is None:
1071
return
1072
# Reschedule checker run
1073
gobject.source_remove(self.checker_initiator_tag)
1074
self.checker_initiator_tag = (gobject.timeout_add
1075
(value, self.start_checker))
1076
self.start_checker() # Start one now, too
1077
1078
# Checker - property
1079
@dbus_service_property(_interface, signature=u"s",
1080
access=u"readwrite")
1081
def Checker_dbus_property(self, value=None):
1082
if value is None: # get
1083
return dbus.String(self.checker_command)
1084
self.checker_command = value
1085
# Emit D-Bus signal
1086
self.PropertyChanged(dbus.String(u"Checker"),
1087
dbus.String(self.checker_command,
1088
variant_level=1))
1089
1090
# CheckerRunning - property
1091
@dbus_service_property(_interface, signature=u"b",
1092
access=u"readwrite")
1093
def CheckerRunning_dbus_property(self, value=None):
1094
if value is None: # get
1095
return dbus.Boolean(self.checker is not None)
1096
if value:
1097
self.start_checker()
1098
else:
1099
self.stop_checker()
1100
1101
# ObjectPath - property
1102
@dbus_service_property(_interface, signature=u"o", access=u"read")
1103
def ObjectPath_dbus_property(self):
1104
return self.dbus_object_path # is already a dbus.ObjectPath
1105
1106
# Secret = property
1107
@dbus_service_property(_interface, signature=u"ay",
1108
access=u"write", byte_arrays=True)
1109
def Secret_dbus_property(self, value):
1110
self.secret = str(value)
1111
1112
del _interface
1113
1114
1115
class ProxyClient(object):
1116
def __init__(self, child_pipe, fpr, address):
1117
self._pipe = child_pipe
1118
self._pipe.send(('init', fpr, address))
1119
if not self._pipe.recv():
1120
raise KeyError()
1121
1122
def __getattribute__(self, name):
1123
if(name == '_pipe'):
1124
return super(ProxyClient, self).__getattribute__(name)
1125
self._pipe.send(('getattr', name))
1126
data = self._pipe.recv()
1127
if data[0] == 'data':
1128
return data[1]
1129
if data[0] == 'function':
1130
def func(*args, **kwargs):
1131
self._pipe.send(('funcall', name, args, kwargs))
1132
return self._pipe.recv()[1]
1133
return func
1134
1135
def __setattr__(self, name, value):
1136
if(name == '_pipe'):
1137
return super(ProxyClient, self).__setattr__(name, value)
1138
self._pipe.send(('setattr', name, value))
1139
1140
1141
class ClientHandler(socketserver.BaseRequestHandler, object):
1142
"""A class to handle client connections.
1143
1144
Instantiated once for each connection to handle it.
446
1145
Note: This will run in its own forked process."""
447
1146
448
1147
def handle(self):
449
logger.info(u"TCP connection from: %s",
450
unicode(self.client_address))
451
session = gnutls.connection.ClientSession\
452
(self.request, gnutls.connection.X509Credentials())
453
454
line = self.request.makefile().readline()
455
logger.debug(u"Protocol version: %r", line)
456
try:
457
if int(line.strip().split()[0]) > 1:
458
raise RuntimeError
459
except (ValueError, IndexError, RuntimeError), error:
460
logger.error(u"Unknown protocol version: %s", error)
461
return
462
463
# Note: gnutls.connection.X509Credentials is really a generic
464
# GnuTLS certificate credentials object so long as no X.509
465
# keys are added to it. Therefore, we can use it here despite
466
# using OpenPGP certificates.
467
468
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
469
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
470
# "+DHE-DSS"))
471
priority = "NORMAL" # Fallback default, since this
472
# MUST be set.
473
if self.server.settings["priority"]:
474
priority = self.server.settings["priority"]
475
gnutls.library.functions.gnutls_priority_set_direct\
476
(session._c_object, priority, None)
477
478
try:
479
session.handshake()
480
except gnutls.errors.GNUTLSError, error:
481
logger.warning(u"Handshake failed: %s", error)
482
# Do not run session.bye() here: the session is not
483
# established. Just abandon the request.
484
return
485
try:
486
fpr = fingerprint(peer_certificate(session))
487
except (TypeError, gnutls.errors.GNUTLSError), error:
488
logger.warning(u"Bad certificate: %s", error)
489
session.bye()
490
return
491
logger.debug(u"Fingerprint: %s", fpr)
492
client = None
493
for c in self.server.clients:
494
if c.fingerprint == fpr:
495
client = c
496
break
497
if not client:
498
logger.warning(u"Client not found for fingerprint: %s",
499
fpr)
500
session.bye()
501
return
502
# Have to check if client.still_valid(), since it is possible
503
# that the client timed out while establishing the GnuTLS
504
# session.
505
if not client.still_valid():
506
logger.warning(u"Client %(name)s is invalid",
507
vars(client))
508
session.bye()
509
return
510
sent_size = 0
511
while sent_size < len(client.secret):
512
sent = session.send(client.secret[sent_size:])
513
logger.debug(u"Sent: %d, remaining: %d",
514
sent, len(client.secret)
515
- (sent_size + sent))
516
sent_size += sent
517
session.bye()
518
519
520
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
521
"""IPv6 TCP server. Accepts 'None' as address and/or port.
1148
with contextlib.closing(self.server.child_pipe) as child_pipe:
1149
logger.info(u"TCP connection from: %s",
1150
unicode(self.client_address))
1151
logger.debug(u"Pipe FD: %d",
1152
self.server.child_pipe.fileno())
1153
1154
session = (gnutls.connection
1155
.ClientSession(self.request,
1156
gnutls.connection
1157
.X509Credentials()))
1158
1159
# Note: gnutls.connection.X509Credentials is really a
1160
# generic GnuTLS certificate credentials object so long as
1161
# no X.509 keys are added to it. Therefore, we can use it
1162
# here despite using OpenPGP certificates.
1163
1164
#priority = u':'.join((u"NONE", u"+VERS-TLS1.1",
1165
# u"+AES-256-CBC", u"+SHA1",
1166
# u"+COMP-NULL", u"+CTYPE-OPENPGP",
1167
# u"+DHE-DSS"))
1168
# Use a fallback default, since this MUST be set.
1169
priority = self.server.gnutls_priority
1170
if priority is None:
1171
priority = u"NORMAL"
1172
(gnutls.library.functions
1173
.gnutls_priority_set_direct(session._c_object,
1174
priority, None))
1175
1176
# Start communication using the Mandos protocol
1177
# Get protocol number
1178
line = self.request.makefile().readline()
1179
logger.debug(u"Protocol version: %r", line)
1180
try:
1181
if int(line.strip().split()[0]) > 1:
1182
raise RuntimeError
1183
except (ValueError, IndexError, RuntimeError), error:
1184
logger.error(u"Unknown protocol version: %s", error)
1185
return
1186
1187
# Start GnuTLS connection
1188
try:
1189
session.handshake()
1190
except gnutls.errors.GNUTLSError, error:
1191
logger.warning(u"Handshake failed: %s", error)
1192
# Do not run session.bye() here: the session is not
1193
# established. Just abandon the request.
1194
return
1195
logger.debug(u"Handshake succeeded")
1196
1197
approval_required = False
1198
try:
1199
try:
1200
fpr = self.fingerprint(self.peer_certificate
1201
(session))
1202
except (TypeError, gnutls.errors.GNUTLSError), error:
1203
logger.warning(u"Bad certificate: %s", error)
1204
return
1205
logger.debug(u"Fingerprint: %s", fpr)
1206
1207
try:
1208
client = ProxyClient(child_pipe, fpr,
1209
self.client_address)
1210
except KeyError:
1211
return
1212
1213
if client.approval_delay:
1214
delay = client.approval_delay
1215
client.approvals_pending += 1
1216
approval_required = True
1217
1218
while True:
1219
if not client.enabled:
1220
logger.warning(u"Client %s is disabled",
1221
client.name)
1222
if self.server.use_dbus:
1223
# Emit D-Bus signal
1224
client.Rejected("Disabled")
1225
return
1226
1227
if client._approved or not client.approval_delay:
1228
#We are approved or approval is disabled
1229
break
1230
elif client._approved is None:
1231
logger.info(u"Client %s needs approval",
1232
client.name)
1233
if self.server.use_dbus:
1234
# Emit D-Bus signal
1235
client.NeedApproval(
1236
client.approval_delay_milliseconds(),
1237
client.approved_by_default)
1238
else:
1239
logger.warning(u"Client %s was not approved",
1240
client.name)
1241
if self.server.use_dbus:
1242
# Emit D-Bus signal
1243
client.Rejected("Denied")
1244
return
1245
1246
#wait until timeout or approved
1247
#x = float(client._timedelta_to_milliseconds(delay))
1248
time = datetime.datetime.now()
1249
client.changedstate.acquire()
1250
client.changedstate.wait(float(client._timedelta_to_milliseconds(delay) / 1000))
1251
client.changedstate.release()
1252
time2 = datetime.datetime.now()
1253
if (time2 - time) >= delay:
1254
if not client.approved_by_default:
1255
logger.warning("Client %s timed out while"
1256
" waiting for approval",
1257
client.name)
1258
if self.server.use_dbus:
1259
# Emit D-Bus signal
1260
client.Rejected("Approval timed out")
1261
return
1262
else:
1263
break
1264
else:
1265
delay -= time2 - time
1266
1267
sent_size = 0
1268
while sent_size < len(client.secret):
1269
try:
1270
sent = session.send(client.secret[sent_size:])
1271
except (gnutls.errors.GNUTLSError), error:
1272
logger.warning("gnutls send failed")
1273
return
1274
logger.debug(u"Sent: %d, remaining: %d",
1275
sent, len(client.secret)
1276
- (sent_size + sent))
1277
sent_size += sent
1278
1279
logger.info(u"Sending secret to %s", client.name)
1280
# bump the timeout as if seen
1281
client.checked_ok()
1282
if self.server.use_dbus:
1283
# Emit D-Bus signal
1284
client.GotSecret()
1285
1286
finally:
1287
if approval_required:
1288
client.approvals_pending -= 1
1289
try:
1290
session.bye()
1291
except (gnutls.errors.GNUTLSError), error:
1292
logger.warning("GnuTLS bye failed")
1293
1294
@staticmethod
1295
def peer_certificate(session):
1296
"Return the peer's OpenPGP certificate as a bytestring"
1297
# If not an OpenPGP certificate...
1298
if (gnutls.library.functions
1299
.gnutls_certificate_type_get(session._c_object)
1300
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
1301
# ...do the normal thing
1302
return session.peer_certificate
1303
list_size = ctypes.c_uint(1)
1304
cert_list = (gnutls.library.functions
1305
.gnutls_certificate_get_peers
1306
(session._c_object, ctypes.byref(list_size)))
1307
if not bool(cert_list) and list_size.value != 0:
1308
raise gnutls.errors.GNUTLSError(u"error getting peer"
1309
u" certificate")
1310
if list_size.value == 0:
1311
return None
1312
cert = cert_list[0]
1313
return ctypes.string_at(cert.data, cert.size)
1314
1315
@staticmethod
1316
def fingerprint(openpgp):
1317
"Convert an OpenPGP bytestring to a hexdigit fingerprint"
1318
# New GnuTLS "datum" with the OpenPGP public key
1319
datum = (gnutls.library.types
1320
.gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
1321
ctypes.POINTER
1322
(ctypes.c_ubyte)),
1323
ctypes.c_uint(len(openpgp))))
1324
# New empty GnuTLS certificate
1325
crt = gnutls.library.types.gnutls_openpgp_crt_t()
1326
(gnutls.library.functions
1327
.gnutls_openpgp_crt_init(ctypes.byref(crt)))
1328
# Import the OpenPGP public key into the certificate
1329
(gnutls.library.functions
1330
.gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
1331
gnutls.library.constants
1332
.GNUTLS_OPENPGP_FMT_RAW))
1333
# Verify the self signature in the key
1334
crtverify = ctypes.c_uint()
1335
(gnutls.library.functions
1336
.gnutls_openpgp_crt_verify_self(crt, 0,
1337
ctypes.byref(crtverify)))
1338
if crtverify.value != 0:
1339
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1340
raise (gnutls.errors.CertificateSecurityError
1341
(u"Verify failed"))
1342
# New buffer for the fingerprint
1343
buf = ctypes.create_string_buffer(20)
1344
buf_len = ctypes.c_size_t()
1345
# Get the fingerprint from the certificate into the buffer
1346
(gnutls.library.functions
1347
.gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
1348
ctypes.byref(buf_len)))
1349
# Deinit the certificate
1350
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1351
# Convert the buffer to a Python bytestring
1352
fpr = ctypes.string_at(buf, buf_len.value)
1353
# Convert the bytestring to hexadecimal notation
1354
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
1355
return hex_fpr
1356
1357
1358
class MultiprocessingMixIn(object):
1359
"""Like socketserver.ThreadingMixIn, but with multiprocessing"""
1360
def sub_process_main(self, request, address):
1361
try:
1362
self.finish_request(request, address)
1363
except:
1364
self.handle_error(request, address)
1365
self.close_request(request)
1366
1367
def process_request(self, request, address):
1368
"""Start a new process to process the request."""
1369
multiprocessing.Process(target = self.sub_process_main,
1370
args = (request, address)).start()
1371
1372
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1373
""" adds a pipe to the MixIn """
1374
def process_request(self, request, client_address):
1375
"""Overrides and wraps the original process_request().
1376
1377
This function creates a new pipe in self.pipe
1378
"""
1379
parent_pipe, self.child_pipe = multiprocessing.Pipe()
1380
1381
super(MultiprocessingMixInWithPipe,
1382
self).process_request(request, client_address)
1383
self.child_pipe.close()
1384
self.add_pipe(parent_pipe)
1385
1386
def add_pipe(self, parent_pipe):
1387
"""Dummy function; override as necessary"""
1388
pass
1389
1390
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
1391
socketserver.TCPServer, object):
1392
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
1393
522
1394
Attributes:
523
settings: Server settings
524
clients: Set() of Client objects
525
1395
enabled: Boolean; whether this server is activated yet
1396
interface: None or a network interface name (string)
1397
use_ipv6: Boolean; to use IPv6 or not
526
1398
"""
527
address_family = socket.AF_INET6
528
def __init__(self, *args, **kwargs):
529
if "settings" in kwargs:
530
self.settings = kwargs["settings"]
531
del kwargs["settings"]
532
if "clients" in kwargs:
533
self.clients = kwargs["clients"]
534
del kwargs["clients"]
535
self.enabled = False
536
super(IPv6_TCPServer, self).__init__(*args, **kwargs)
1399
def __init__(self, server_address, RequestHandlerClass,
1400
interface=None, use_ipv6=True):
1401
self.interface = interface
1402
if use_ipv6:
1403
self.address_family = socket.AF_INET6
1404
socketserver.TCPServer.__init__(self, server_address,
1405
RequestHandlerClass)
537
1406
def server_bind(self):
538
1407
"""This overrides the normal server_bind() function
539
1408
to bind to an interface if one was specified, and also NOT to
540
1409
bind to an address or port if they were not specified."""
541
if self.settings["interface"]:
542
# 25 is from /usr/include/asm-i486/socket.h
543
SO_BINDTODEVICE = getattr(socket, "SO_BINDTODEVICE", 25)
544
try:
545
self.socket.setsockopt(socket.SOL_SOCKET,
546
SO_BINDTODEVICE,
547
self.settings["interface"])
548
except socket.error, error:
549
if error[0] == errno.EPERM:
550
logger.error(u"No permission to"
551
u" bind to interface %s",
552
self.settings["interface"])
553
else:
554
raise error
1410
if self.interface is not None:
1411
if SO_BINDTODEVICE is None:
1412
logger.error(u"SO_BINDTODEVICE does not exist;"
1413
u" cannot bind to interface %s",
1414
self.interface)
1415
else:
1416
try:
1417
self.socket.setsockopt(socket.SOL_SOCKET,
1418
SO_BINDTODEVICE,
1419
str(self.interface
1420
+ u'\0'))
1421
except socket.error, error:
1422
if error[0] == errno.EPERM:
1423
logger.error(u"No permission to"
1424
u" bind to interface %s",
1425
self.interface)
1426
elif error[0] == errno.ENOPROTOOPT:
1427
logger.error(u"SO_BINDTODEVICE not available;"
1428
u" cannot bind to interface %s",
1429
self.interface)
1430
else:
1431
raise
555
1432
# Only bind(2) the socket if we really need to.
556
1433
if self.server_address[0] or self.server_address[1]:
557
1434
if not self.server_address[0]:
558
in6addr_any = "::"
559
self.server_address = (in6addr_any,
1435
if self.address_family == socket.AF_INET6:
1436
any_address = u"::" # in6addr_any
1437
else:
1438
any_address = socket.INADDR_ANY
1439
self.server_address = (any_address,
560
1440
self.server_address[1])
561
1441
elif not self.server_address[1]:
562
1442
self.server_address = (self.server_address[0],
563
1443
0)
564
# if self.settings["interface"]:
1444
# if self.interface:
565
1445
# self.server_address = (self.server_address[0],
566
1446
# 0, # port
567
1447
# 0, # flowinfo
568
1448
# if_nametoindex
569
# (self.settings
570
# ["interface"]))
571
return super(IPv6_TCPServer, self).server_bind()
1449
# (self.interface))
1450
return socketserver.TCPServer.server_bind(self)
1451
1452
1453
class MandosServer(IPv6_TCPServer):
1454
"""Mandos server.
1455
1456
Attributes:
1457
clients: set of Client objects
1458
gnutls_priority GnuTLS priority string
1459
use_dbus: Boolean; to emit D-Bus signals or not
1460
1461
Assumes a gobject.MainLoop event loop.
1462
"""
1463
def __init__(self, server_address, RequestHandlerClass,
1464
interface=None, use_ipv6=True, clients=None,
1465
gnutls_priority=None, use_dbus=True):
1466
self.enabled = False
1467
self.clients = clients
1468
if self.clients is None:
1469
self.clients = set()
1470
self.use_dbus = use_dbus
1471
self.gnutls_priority = gnutls_priority
1472
IPv6_TCPServer.__init__(self, server_address,
1473
RequestHandlerClass,
1474
interface = interface,
1475
use_ipv6 = use_ipv6)
572
1476
def server_activate(self):
573
1477
if self.enabled:
574
return super(IPv6_TCPServer, self).server_activate()
1478
return socketserver.TCPServer.server_activate(self)
575
1479
def enable(self):
576
1480
self.enabled = True
1481
def add_pipe(self, parent_pipe):
1482
# Call "handle_ipc" for both data and EOF events
1483
gobject.io_add_watch(parent_pipe.fileno(),
1484
gobject.IO_IN | gobject.IO_HUP,
1485
functools.partial(self.handle_ipc,
1486
parent_pipe = parent_pipe))
1487
1488
def handle_ipc(self, source, condition, parent_pipe=None,
1489
client_object=None):
1490
condition_names = {
1491
gobject.IO_IN: u"IN", # There is data to read.
1492
gobject.IO_OUT: u"OUT", # Data can be written (without
1493
# blocking).
1494
gobject.IO_PRI: u"PRI", # There is urgent data to read.
1495
gobject.IO_ERR: u"ERR", # Error condition.
1496
gobject.IO_HUP: u"HUP" # Hung up (the connection has been
1497
# broken, usually for pipes and
1498
# sockets).
1499
}
1500
conditions_string = ' | '.join(name
1501
for cond, name in
1502
condition_names.iteritems()
1503
if cond & condition)
1504
# error or the other end of multiprocessing.Pipe has closed
1505
if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1506
return False
1507
1508
# Read a request from the child
1509
request = parent_pipe.recv()
1510
command = request[0]
1511
1512
if command == 'init':
1513
fpr = request[1]
1514
address = request[2]
1515
1516
for c in self.clients:
1517
if c.fingerprint == fpr:
1518
client = c
1519
break
1520
else:
1521
logger.warning(u"Client not found for fingerprint: %s, ad"
1522
u"dress: %s", fpr, address)
1523
if self.use_dbus:
1524
# Emit D-Bus signal
1525
mandos_dbus_service.ClientNotFound(fpr, address[0])
1526
parent_pipe.send(False)
1527
return False
1528
1529
gobject.io_add_watch(parent_pipe.fileno(),
1530
gobject.IO_IN | gobject.IO_HUP,
1531
functools.partial(self.handle_ipc,
1532
parent_pipe = parent_pipe,
1533
client_object = client))
1534
parent_pipe.send(True)
1535
# remove the old hook in favor of the new above hook on same fileno
1536
return False
1537
if command == 'funcall':
1538
funcname = request[1]
1539
args = request[2]
1540
kwargs = request[3]
1541
1542
parent_pipe.send(('data', getattr(client_object, funcname)(*args, **kwargs)))
1543
1544
if command == 'getattr':
1545
attrname = request[1]
1546
if callable(client_object.__getattribute__(attrname)):
1547
parent_pipe.send(('function',))
1548
else:
1549
parent_pipe.send(('data', client_object.__getattribute__(attrname)))
1550
1551
if command == 'setattr':
1552
attrname = request[1]
1553
value = request[2]
1554
setattr(client_object, attrname, value)
1555
1556
return True
577
1557
578
1558
579
1559
def string_to_delta(interval):
580
1560
"""Parse a string and return a datetime.timedelta
581
582
>>> string_to_delta('7d')
1561
1562
>>> string_to_delta(u'7d')
583
1563
datetime.timedelta(7)
584
>>> string_to_delta('60s')
1564
>>> string_to_delta(u'60s')
585
1565
datetime.timedelta(0, 60)
586
>>> string_to_delta('60m')
1566
>>> string_to_delta(u'60m')
587
1567
datetime.timedelta(0, 3600)
588
>>> string_to_delta('24h')
1568
>>> string_to_delta(u'24h')
589
1569
datetime.timedelta(1)
590
1570
>>> string_to_delta(u'1w')
591
1571
datetime.timedelta(7)
592
>>> string_to_delta('5m 30s')
1572
>>> string_to_delta(u'5m 30s')
593
1573
datetime.timedelta(0, 330)
594
1574
"""
595
1575
timevalue = datetime.timedelta(0)
608
1588
elif suffix == u"w":
609
1589
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
610
1590
else:
611
raise ValueError
612
except (ValueError, IndexError):
613
raise ValueError
1591
raise ValueError(u"Unknown suffix %r" % suffix)
1592
except (ValueError, IndexError), e:
1593
raise ValueError(e.message)
614
1594
timevalue += delta
615
1595
return timevalue
616
1596
617
1597
618
def server_state_changed(state):
619
"""Derived from the Avahi example code"""
620
if state == avahi.SERVER_COLLISION:
621
logger.error(u"Zeroconf server name collision")
622
service.remove()
623
elif state == avahi.SERVER_RUNNING:
624
service.add()
625
626
627
def entry_group_state_changed(state, error):
628
"""Derived from the Avahi example code"""
629
logger.debug(u"Avahi state change: %i", state)
630
631
if state == avahi.ENTRY_GROUP_ESTABLISHED:
632
logger.debug(u"Zeroconf service established.")
633
elif state == avahi.ENTRY_GROUP_COLLISION:
634
logger.warning(u"Zeroconf service name collision.")
635
service.rename()
636
elif state == avahi.ENTRY_GROUP_FAILURE:
637
logger.critical(u"Avahi: Error in group state changed %s",
638
unicode(error))
639
raise AvahiGroupError("State changed: %s", str(error))
640
641
1598
def if_nametoindex(interface):
642
"""Call the C function if_nametoindex(), or equivalent"""
1599
"""Call the C function if_nametoindex(), or equivalent
1600
1601
Note: This function cannot accept a unicode string."""
643
1602
global if_nametoindex
644
1603
try:
645
if_nametoindex = ctypes.cdll.LoadLibrary\
646
(ctypes.util.find_library("c")).if_nametoindex
1604
if_nametoindex = (ctypes.cdll.LoadLibrary
1605
(ctypes.util.find_library(u"c"))
1606
.if_nametoindex)
647
1607
except (OSError, AttributeError):
648
if "struct" not in sys.modules:
649
import struct
650
if "fcntl" not in sys.modules:
651
import fcntl
1608
logger.warning(u"Doing if_nametoindex the hard way")
652
1609
def if_nametoindex(interface):
653
1610
"Get an interface index the hard way, i.e. using fcntl()"
654
1611
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
655
s = socket.socket()
656
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
657
struct.pack("16s16x", interface))
658
s.close()
659
interface_index = struct.unpack("I", ifreq[16:20])[0]
1612
with contextlib.closing(socket.socket()) as s:
1613
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
1614
struct.pack(str(u"16s16x"),
1615
interface))
1616
interface_index = struct.unpack(str(u"I"),
1617
ifreq[16:20])[0]
660
1618
return interface_index
661
1619
return if_nametoindex(interface)
662
1620
663
1621
664
1622
def daemon(nochdir = False, noclose = False):
665
1623
"""See daemon(3). Standard BSD Unix function.
1624
666
1625
This should really exist as os.daemon, but it doesn't (yet)."""
667
1626
if os.fork():
668
1627
sys.exit()
669
1628
os.setsid()
670
1629
if not nochdir:
671
os.chdir("/")
1630
os.chdir(u"/")
672
1631
if os.fork():
673
1632
sys.exit()
674
1633
if not noclose:
676
1635
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
677
1636
if not stat.S_ISCHR(os.fstat(null).st_mode):
678
1637
raise OSError(errno.ENODEV,
679
"/dev/null not a character device")
1638
u"%s not a character device"
1639
% os.path.devnull)
680
1640
os.dup2(null, sys.stdin.fileno())
681
1641
os.dup2(null, sys.stdout.fileno())
682
1642
os.dup2(null, sys.stderr.fileno())
685
1645
686
1646
687
1647
def main():
688
parser = OptionParser(version = "%%prog %s" % version)
689
parser.add_option("-i", "--interface", type="string",
690
metavar="IF", help="Bind to interface IF")
691
parser.add_option("-a", "--address", type="string",
692
help="Address to listen for requests on")
693
parser.add_option("-p", "--port", type="int",
694
help="Port number to receive requests on")
695
parser.add_option("--check", action="store_true", default=False,
696
help="Run self-test")
697
parser.add_option("--debug", action="store_true",
698
help="Debug mode; run in foreground and log to"
699
" terminal")
700
parser.add_option("--priority", type="string", help="GnuTLS"
701
" priority string (see GnuTLS documentation)")
702
parser.add_option("--servicename", type="string", metavar="NAME",
703
help="Zeroconf service name")
704
parser.add_option("--configdir", type="string",
705
default="/etc/mandos", metavar="DIR",
706
help="Directory to search for configuration"
707
" files")
1648
1649
##################################################################
1650
# Parsing of options, both command line and config file
1651
1652
parser = optparse.OptionParser(version = "%%prog %s" % version)
1653
parser.add_option("-i", u"--interface", type=u"string",
1654
metavar="IF", help=u"Bind to interface IF")
1655
parser.add_option("-a", u"--address", type=u"string",
1656
help=u"Address to listen for requests on")
1657
parser.add_option("-p", u"--port", type=u"int",
1658
help=u"Port number to receive requests on")
1659
parser.add_option("--check", action=u"store_true",
1660
help=u"Run self-test")
1661
parser.add_option("--debug", action=u"store_true",
1662
help=u"Debug mode; run in foreground and log to"
1663
u" terminal")
1664
parser.add_option("--debuglevel", type=u"string", metavar="Level",
1665
help=u"Debug level for stdout output")
1666
parser.add_option("--priority", type=u"string", help=u"GnuTLS"
1667
u" priority string (see GnuTLS documentation)")
1668
parser.add_option("--servicename", type=u"string",
1669
metavar=u"NAME", help=u"Zeroconf service name")
1670
parser.add_option("--configdir", type=u"string",
1671
default=u"/etc/mandos", metavar=u"DIR",
1672
help=u"Directory to search for configuration"
1673
u" files")
1674
parser.add_option("--no-dbus", action=u"store_false",
1675
dest=u"use_dbus", help=u"Do not provide D-Bus"
1676
u" system bus interface")
1677
parser.add_option("--no-ipv6", action=u"store_false",
1678
dest=u"use_ipv6", help=u"Do not use IPv6")
708
1679
options = parser.parse_args()[0]
709
1680
710
1681
if options.check:
713
1684
sys.exit()
714
1685
715
1686
# Default values for config file for server-global settings
716
server_defaults = { "interface": "",
717
"address": "",
718
"port": "",
719
"debug": "False",
720
"priority":
721
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
722
"servicename": "Mandos",
1687
server_defaults = { u"interface": u"",
1688
u"address": u"",
1689
u"port": u"",
1690
u"debug": u"False",
1691
u"priority":
1692
u"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
1693
u"servicename": u"Mandos",
1694
u"use_dbus": u"True",
1695
u"use_ipv6": u"True",
1696
u"debuglevel": u"",
723
1697
}
724
1698
725
1699
# Parse config file for server-global settings
726
server_config = ConfigParser.SafeConfigParser(server_defaults)
1700
server_config = configparser.SafeConfigParser(server_defaults)
727
1701
del server_defaults
728
server_config.read(os.path.join(options.configdir, "mandos.conf"))
1702
server_config.read(os.path.join(options.configdir,
1703
u"mandos.conf"))
729
1704
# Convert the SafeConfigParser object to a dict
730
1705
server_settings = server_config.defaults()
731
# Use getboolean on the boolean config option
732
server_settings["debug"] = server_config.getboolean\
733
("DEFAULT", "debug")
1706
# Use the appropriate methods on the non-string config options
1707
for option in (u"debug", u"use_dbus", u"use_ipv6"):
1708
server_settings[option] = server_config.getboolean(u"DEFAULT",
1709
option)
1710
if server_settings["port"]:
1711
server_settings["port"] = server_config.getint(u"DEFAULT",
1712
u"port")
734
1713
del server_config
735
1714
736
1715
# Override the settings from the config file with command line
737
1716
# options, if set.
738
for option in ("interface", "address", "port", "debug",
739
"priority", "servicename", "configdir"):
1717
for option in (u"interface", u"address", u"port", u"debug",
1718
u"priority", u"servicename", u"configdir",
1719
u"use_dbus", u"use_ipv6", u"debuglevel"):
740
1720
value = getattr(options, option)
741
1721
if value is not None:
742
1722
server_settings[option] = value
743
1723
del options
1724
# Force all strings to be unicode
1725
for option in server_settings.keys():
1726
if type(server_settings[option]) is str:
1727
server_settings[option] = unicode(server_settings[option])
744
1728
# Now we have our good server settings in "server_settings"
745
1729
746
debug = server_settings["debug"]
747
748
if not debug:
749
syslogger.setLevel(logging.WARNING)
750
console.setLevel(logging.WARNING)
751
752
if server_settings["servicename"] != "Mandos":
753
syslogger.setFormatter(logging.Formatter\
754
('Mandos (%s): %%(levelname)s:'
755
' %%(message)s'
756
% server_settings["servicename"]))
1730
##################################################################
1731
1732
# For convenience
1733
debug = server_settings[u"debug"]
1734
debuglevel = server_settings[u"debuglevel"]
1735
use_dbus = server_settings[u"use_dbus"]
1736
use_ipv6 = server_settings[u"use_ipv6"]
1737
1738
if server_settings[u"servicename"] != u"Mandos":
1739
syslogger.setFormatter(logging.Formatter
1740
(u'Mandos (%s) [%%(process)d]:'
1741
u' %%(levelname)s: %%(message)s'
1742
% server_settings[u"servicename"]))
757
1743
758
1744
# Parse config file with clients
759
client_defaults = { "timeout": "1h",
760
"interval": "5m",
761
"checker": "fping -q -- %(host)s",
762
"host": "",
1745
client_defaults = { u"timeout": u"1h",
1746
u"interval": u"5m",
1747
u"checker": u"fping -q -- %%(host)s",
1748
u"host": u"",
1749
u"approval_delay": u"0s",
1750
u"approval_duration": u"1s",
763
1751
}
764
client_config = ConfigParser.SafeConfigParser(client_defaults)
765
client_config.read(os.path.join(server_settings["configdir"],
766
"clients.conf"))
767
768
clients = Set()
769
tcp_server = IPv6_TCPServer((server_settings["address"],
770
server_settings["port"]),
771
TCP_handler,
772
settings=server_settings,
773
clients=clients)
774
pidfilename = "/var/run/mandos.pid"
775
try:
776
pidfile = open(pidfilename, "w")
777
except IOError, error:
778
logger.error("Could not open file %r", pidfilename)
779
780
uid = 65534
781
gid = 65534
782
try:
783
uid = pwd.getpwnam("mandos").pw_uid
784
except KeyError:
785
try:
786
uid = pwd.getpwnam("nobody").pw_uid
787
except KeyError:
788
pass
789
try:
790
gid = pwd.getpwnam("mandos").pw_gid
791
except KeyError:
792
try:
793
gid = pwd.getpwnam("nogroup").pw_gid
794
except KeyError:
795
pass
796
try:
1752
client_config = configparser.SafeConfigParser(client_defaults)
1753
client_config.read(os.path.join(server_settings[u"configdir"],
1754
u"clients.conf"))
1755
1756
global mandos_dbus_service
1757
mandos_dbus_service = None
1758
1759
tcp_server = MandosServer((server_settings[u"address"],
1760
server_settings[u"port"]),
1761
ClientHandler,
1762
interface=(server_settings[u"interface"]
1763
or None),
1764
use_ipv6=use_ipv6,
1765
gnutls_priority=
1766
server_settings[u"priority"],
1767
use_dbus=use_dbus)
1768
if not debug:
1769
pidfilename = u"/var/run/mandos.pid"
1770
try:
1771
pidfile = open(pidfilename, u"w")
1772
except IOError:
1773
logger.error(u"Could not open file %r", pidfilename)
1774
1775
try:
1776
uid = pwd.getpwnam(u"_mandos").pw_uid
1777
gid = pwd.getpwnam(u"_mandos").pw_gid
1778
except KeyError:
1779
try:
1780
uid = pwd.getpwnam(u"mandos").pw_uid
1781
gid = pwd.getpwnam(u"mandos").pw_gid
1782
except KeyError:
1783
try:
1784
uid = pwd.getpwnam(u"nobody").pw_uid
1785
gid = pwd.getpwnam(u"nobody").pw_gid
1786
except KeyError:
1787
uid = 65534
1788
gid = 65534
1789
try:
1790
os.setgid(gid)
797
1791
os.setuid(uid)
798
os.setgid(gid)
799
1792
except OSError, error:
800
1793
if error[0] != errno.EPERM:
801
1794
raise error
802
1795
803
global service
804
service = AvahiService(name = server_settings["servicename"],
805
servicetype = "_mandos._tcp", )
806
if server_settings["interface"]:
807
service.interface = if_nametoindex\
808
(server_settings["interface"])
1796
if not debug and not debuglevel:
1797
syslogger.setLevel(logging.WARNING)
1798
console.setLevel(logging.WARNING)
1799
if debuglevel:
1800
level = getattr(logging, debuglevel.upper())
1801
syslogger.setLevel(level)
1802
console.setLevel(level)
1803
1804
if debug:
1805
# Enable all possible GnuTLS debugging
1806
1807
# "Use a log level over 10 to enable all debugging options."
1808
# - GnuTLS manual
1809
gnutls.library.functions.gnutls_global_set_log_level(11)
1810
1811
@gnutls.library.types.gnutls_log_func
1812
def debug_gnutls(level, string):
1813
logger.debug(u"GnuTLS: %s", string[:-1])
1814
1815
(gnutls.library.functions
1816
.gnutls_global_set_log_function(debug_gnutls))
1817
1818
# Redirect stdin so all checkers get /dev/null
1819
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
1820
os.dup2(null, sys.stdin.fileno())
1821
if null > 2:
1822
os.close(null)
1823
else:
1824
# No console logging
1825
logger.removeHandler(console)
1826
809
1827
810
1828
global main_loop
811
global bus
812
global server
813
1829
# From the Avahi example code
814
1830
DBusGMainLoop(set_as_default=True )
815
1831
main_loop = gobject.MainLoop()
816
1832
bus = dbus.SystemBus()
817
server = dbus.Interface(bus.get_object(avahi.DBUS_NAME,
818
avahi.DBUS_PATH_SERVER),
819
avahi.DBUS_INTERFACE_SERVER)
820
1833
# End of Avahi example code
821
822
def remove_from_clients(client):
823
clients.remove(client)
824
if not clients:
825
logger.critical(u"No clients left, exiting")
826
sys.exit()
827
828
clients.update(Set(Client(name = section,
829
stop_hook = remove_from_clients,
830
config
831
= dict(client_config.items(section)))
832
for section in client_config.sections()))
833
if not clients:
834
logger.critical(u"No clients defined")
835
sys.exit(1)
836
837
if debug:
838
# Redirect stdin so all checkers get /dev/null
839
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
840
os.dup2(null, sys.stdin.fileno())
841
if null > 2:
842
os.close(null)
843
else:
844
# No console logging
845
logger.removeHandler(console)
1834
if use_dbus:
1835
try:
1836
bus_name = dbus.service.BusName(u"se.bsnet.fukt.Mandos",
1837
bus, do_not_queue=True)
1838
except dbus.exceptions.NameExistsException, e:
1839
logger.error(unicode(e) + u", disabling D-Bus")
1840
use_dbus = False
1841
server_settings[u"use_dbus"] = False
1842
tcp_server.use_dbus = False
1843
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
1844
service = AvahiService(name = server_settings[u"servicename"],
1845
servicetype = u"_mandos._tcp",
1846
protocol = protocol, bus = bus)
1847
if server_settings["interface"]:
1848
service.interface = (if_nametoindex
1849
(str(server_settings[u"interface"])))
1850
1851
if not debug:
846
1852
# Close all input and output, do double fork, etc.
847
1853
daemon()
848
849
try:
850
pid = os.getpid()
851
pidfile.write(str(pid) + "\n")
852
pidfile.close()
853
del pidfile
854
except IOError:
855
logger.error(u"Could not write to file %r with PID %d",
856
pidfilename, pid)
857
except NameError:
858
# "pidfile" was never created
859
pass
860
del pidfilename
1854
1855
global multiprocessing_manager
1856
multiprocessing_manager = multiprocessing.Manager()
1857
1858
client_class = Client
1859
if use_dbus:
1860
client_class = functools.partial(ClientDBus, bus = bus)
1861
def client_config_items(config, section):
1862
special_settings = {
1863
"approved_by_default":
1864
lambda: config.getboolean(section,
1865
"approved_by_default"),
1866
}
1867
for name, value in config.items(section):
1868
try:
1869
yield (name, special_settings[name]())
1870
except KeyError:
1871
yield (name, value)
1872
1873
tcp_server.clients.update(set(
1874
client_class(name = section,
1875
config= dict(client_config_items(
1876
client_config, section)))
1877
for section in client_config.sections()))
1878
if not tcp_server.clients:
1879
logger.warning(u"No clients defined")
1880
1881
if not debug:
1882
try:
1883
with pidfile:
1884
pid = os.getpid()
1885
pidfile.write(str(pid) + "\n")
1886
del pidfile
1887
except IOError:
1888
logger.error(u"Could not write to file %r with PID %d",
1889
pidfilename, pid)
1890
except NameError:
1891
# "pidfile" was never created
1892
pass
1893
del pidfilename
1894
1895
signal.signal(signal.SIGINT, signal.SIG_IGN)
1896
1897
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
1898
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
1899
1900
if use_dbus:
1901
class MandosDBusService(dbus.service.Object):
1902
"""A D-Bus proxy object"""
1903
def __init__(self):
1904
dbus.service.Object.__init__(self, bus, u"/")
1905
_interface = u"se.bsnet.fukt.Mandos"
1906
1907
@dbus.service.signal(_interface, signature=u"o")
1908
def ClientAdded(self, objpath):
1909
"D-Bus signal"
1910
pass
1911
1912
@dbus.service.signal(_interface, signature=u"ss")
1913
def ClientNotFound(self, fingerprint, address):
1914
"D-Bus signal"
1915
pass
1916
1917
@dbus.service.signal(_interface, signature=u"os")
1918
def ClientRemoved(self, objpath, name):
1919
"D-Bus signal"
1920
pass
1921
1922
@dbus.service.method(_interface, out_signature=u"ao")
1923
def GetAllClients(self):
1924
"D-Bus method"
1925
return dbus.Array(c.dbus_object_path
1926
for c in tcp_server.clients)
1927
1928
@dbus.service.method(_interface,
1929
out_signature=u"a{oa{sv}}")
1930
def GetAllClientsWithProperties(self):
1931
"D-Bus method"
1932
return dbus.Dictionary(
1933
((c.dbus_object_path, c.GetAll(u""))
1934
for c in tcp_server.clients),
1935
signature=u"oa{sv}")
1936
1937
@dbus.service.method(_interface, in_signature=u"o")
1938
def RemoveClient(self, object_path):
1939
"D-Bus method"
1940
for c in tcp_server.clients:
1941
if c.dbus_object_path == object_path:
1942
tcp_server.clients.remove(c)
1943
c.remove_from_connection()
1944
# Don't signal anything except ClientRemoved
1945
c.disable(quiet=True)
1946
# Emit D-Bus signal
1947
self.ClientRemoved(object_path, c.name)
1948
return
1949
raise KeyError(object_path)
1950
1951
del _interface
1952
1953
mandos_dbus_service = MandosDBusService()
861
1954
862
1955
def cleanup():
863
1956
"Cleanup function; run on exit"
864
global group
865
# From the Avahi example code
866
if not group is None:
867
group.Free()
868
group = None
869
# End of Avahi example code
1957
service.cleanup()
870
1958
871
while clients:
872
client = clients.pop()
873
client.stop_hook = None
874
client.stop()
1959
while tcp_server.clients:
1960
client = tcp_server.clients.pop()
1961
if use_dbus:
1962
client.remove_from_connection()
1963
client.disable_hook = None
1964
# Don't signal anything except ClientRemoved
1965
client.disable(quiet=True)
1966
if use_dbus:
1967
# Emit D-Bus signal
1968
mandos_dbus_service.ClientRemoved(client.dbus_object_path,
1969
client.name)
875
1970
876
1971
atexit.register(cleanup)
877
1972
878
if not debug:
879
signal.signal(signal.SIGINT, signal.SIG_IGN)
880
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
881
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
882
883
for client in clients:
884
client.start()
1973
for client in tcp_server.clients:
1974
if use_dbus:
1975
# Emit D-Bus signal
1976
mandos_dbus_service.ClientAdded(client.dbus_object_path)
1977
client.enable()
885
1978
886
1979
tcp_server.enable()
887
1980
tcp_server.server_activate()
888
1981
889
1982
# Find out what port we got
890
1983
service.port = tcp_server.socket.getsockname()[1]
891
logger.info(u"Now listening on address %r, port %d, flowinfo %d,"
892
u" scope_id %d" % tcp_server.socket.getsockname())
1984
if use_ipv6:
1985
logger.info(u"Now listening on address %r, port %d,"
1986
" flowinfo %d, scope_id %d"
1987
% tcp_server.socket.getsockname())
1988
else: # IPv4
1989
logger.info(u"Now listening on address %r, port %d"
1990
% tcp_server.socket.getsockname())
893
1991
894
1992
#service.interface = tcp_server.socket.getsockname()[3]
895
1993
896
1994
try:
897
1995
# From the Avahi example code
898
server.connect_to_signal("StateChanged", server_state_changed)
899
1996
try:
900
server_state_changed(server.GetState())
1997
service.activate()
901
1998
except dbus.exceptions.DBusException, error:
902
1999
logger.critical(u"DBusException: %s", error)
2000
cleanup()
903
2001
sys.exit(1)
904
2002
# End of Avahi example code
905
2003
906
2004
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
907
2005
lambda *args, **kwargs:
908
tcp_server.handle_request\
909
(*args[2:], **kwargs) or True)
2006
(tcp_server.handle_request
2007
(*args[2:], **kwargs) or True))
910
2008
911
2009
logger.debug(u"Starting main loop")
912
2010
main_loop.run()
913
2011
except AvahiError, error:
914
logger.critical(u"AvahiError: %s" + unicode(error))
2012
logger.critical(u"AvahiError: %s", error)
2013
cleanup()
915
2014
sys.exit(1)
916
2015
except KeyboardInterrupt:
917
2016
if debug:
918
print
2017
print >> sys.stderr
2018
logger.debug(u"Server received KeyboardInterrupt")
2019
logger.debug(u"Server exiting")
2020
# Must run before the D-Bus bus name gets deregistered
2021
cleanup()
919
2022
920
2023
if __name__ == '__main__':
921
2024
main()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0