To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos
- browse files at revision 518.1.11
- compare with another revision
- download diff
- download tarball
- view history from revision 518.1.11
- Committer: Björn Påhlsson
- Date: 2011-11-27 20:10:13 UTC
- mfrom: (518.2.6 persistent-state-gpgme)
- mto: (518.2.7 persistent-state-gpgme)
- mto: This revision was merged to the branch mainline in revision 524.
- Revision ID: belorn@recompile.se-20111127201013-8boivtsne0xtjlvy
merge
- files modified:
- mandos
added
removed
mandos
378
378
% self.name))
379
379
return ret
380
380
381
def _timedelta_to_milliseconds(td):
381
def timedelta_to_milliseconds(td):
382
382
"Convert a datetime.timedelta() to milliseconds"
383
383
return ((td.days * 24 * 60 * 60 * 1000)
384
384
+ (td.seconds * 1000)
388
388
"""A representation of a client host served by this server.
389
389
390
390
Attributes:
391
_approved: bool(); 'None' if not yet approved/disapproved
391
approved: bool(); 'None' if not yet approved/disapproved
392
392
approval_delay: datetime.timedelta(); Time to wait for approval
393
393
approval_duration: datetime.timedelta(); Duration of one approval
394
394
checker: subprocess.Popen(); a running checker process used
435
435
436
436
def timeout_milliseconds(self):
437
437
"Return the 'timeout' attribute in milliseconds"
438
return _timedelta_to_milliseconds(self.timeout)
438
return timedelta_to_milliseconds(self.timeout)
439
439
440
440
def extended_timeout_milliseconds(self):
441
441
"Return the 'extended_timeout' attribute in milliseconds"
442
return _timedelta_to_milliseconds(self.extended_timeout)
442
return timedelta_to_milliseconds(self.extended_timeout)
443
443
444
444
def interval_milliseconds(self):
445
445
"Return the 'interval' attribute in milliseconds"
446
return _timedelta_to_milliseconds(self.interval)
446
return timedelta_to_milliseconds(self.interval)
447
447
448
448
def approval_delay_milliseconds(self):
449
return _timedelta_to_milliseconds(self.approval_delay)
449
return timedelta_to_milliseconds(self.approval_delay)
450
450
451
451
def __init__(self, name = None, config=None):
452
452
"""Note: the 'checker' key in 'config' sets the
496
496
self.checker_callback_tag = None
497
497
self.checker_command = config["checker"]
498
498
self.current_checker_command = None
499
self._approved = None
499
self.approved = None
500
500
self.approved_by_default = config.get("approved_by_default",
501
501
True)
502
502
self.approvals_pending = 0
602
602
gobject.source_remove(self.disable_initiator_tag)
603
603
if getattr(self, "enabled", False):
604
604
self.disable_initiator_tag = (gobject.timeout_add
605
(_timedelta_to_milliseconds
605
(timedelta_to_milliseconds
606
606
(timeout), self.disable))
607
607
self.expires = datetime.datetime.utcnow() + timeout
608
608
1072
1072
approval_delay = notifychangeproperty(dbus.UInt16,
1073
1073
"ApprovalDelay",
1074
1074
type_func =
1075
_timedelta_to_milliseconds)
1075
timedelta_to_milliseconds)
1076
1076
approval_duration = notifychangeproperty(
1077
1077
dbus.UInt16, "ApprovalDuration",
1078
type_func = _timedelta_to_milliseconds)
1078
type_func = timedelta_to_milliseconds)
1079
1079
host = notifychangeproperty(dbus.String, "Host")
1080
1080
timeout = notifychangeproperty(dbus.UInt16, "Timeout",
1081
1081
type_func =
1082
_timedelta_to_milliseconds)
1082
timedelta_to_milliseconds)
1083
1083
extended_timeout = notifychangeproperty(
1084
1084
dbus.UInt16, "ExtendedTimeout",
1085
type_func = _timedelta_to_milliseconds)
1085
type_func = timedelta_to_milliseconds)
1086
1086
interval = notifychangeproperty(dbus.UInt16,
1087
1087
"Interval",
1088
1088
type_func =
1089
_timedelta_to_milliseconds)
1089
timedelta_to_milliseconds)
1090
1090
checker_command = notifychangeproperty(dbus.String, "Checker")
1091
1091
1092
1092
del notifychangeproperty
1134
1134
return r
1135
1135
1136
1136
def _reset_approved(self):
1137
self._approved = None
1137
self.approved = None
1138
1138
return False
1139
1139
1140
1140
def approve(self, value=True):
1141
1141
self.send_changedstate()
1142
self._approved = value
1143
gobject.timeout_add(_timedelta_to_milliseconds
1142
self.approved = value
1143
gobject.timeout_add(timedelta_to_milliseconds
1144
1144
(self.approval_duration),
1145
1145
self._reset_approved)
1146
1146
1260
1260
access="readwrite")
1261
1261
def ApprovalDuration_dbus_property(self, value=None):
1262
1262
if value is None: # get
1263
return dbus.UInt64(_timedelta_to_milliseconds(
1263
return dbus.UInt64(timedelta_to_milliseconds(
1264
1264
self.approval_duration))
1265
1265
self.approval_duration = datetime.timedelta(0, 0, 0, value)
1266
1266
1335
1335
gobject.source_remove(self.disable_initiator_tag)
1336
1336
self.disable_initiator_tag = None
1337
1337
self.expires = None
1338
time_to_die = _timedelta_to_milliseconds((self
1339
.last_checked_ok
1340
+ self.timeout)
1341
- datetime.datetime
1342
.utcnow())
1338
time_to_die = timedelta_to_milliseconds((self
1339
.last_checked_ok
1340
+ self.timeout)
1341
- datetime.datetime
1342
.utcnow())
1343
1343
if time_to_die <= 0:
1344
1344
# The timeout has passed
1345
1345
self.disable()
1415
1415
raise KeyError()
1416
1416
1417
1417
def __getattribute__(self, name):
1418
if(name == '_pipe'):
1418
if name == '_pipe':
1419
1419
return super(ProxyClient, self).__getattribute__(name)
1420
1420
self._pipe.send(('getattr', name))
1421
1421
data = self._pipe.recv()
1428
1428
return func
1429
1429
1430
1430
def __setattr__(self, name, value):
1431
if(name == '_pipe'):
1431
if name == '_pipe':
1432
1432
return super(ProxyClient, self).__setattr__(name, value)
1433
1433
self._pipe.send(('setattr', name, value))
1434
1434
1503
1503
logger.warning("Bad certificate: %s", error)
1504
1504
return
1505
1505
logger.debug("Fingerprint: %s", fpr)
1506
if self.server.use_dbus:
1507
# Emit D-Bus signal
1508
client.NewRequest(str(self.client_address))
1509
1506
1510
1507
try:
1511
1508
client = ProxyClient(child_pipe, fpr,
1513
1510
except KeyError:
1514
1511
return
1515
1512
1513
if self.server.use_dbus:
1514
# Emit D-Bus signal
1515
client.NewRequest(str(self.client_address))
1516
1516
1517
if client.approval_delay:
1517
1518
delay = client.approval_delay
1518
1519
client.approvals_pending += 1
1527
1528
client.Rejected("Disabled")
1528
1529
return
1529
1530
1530
if client._approved or not client.approval_delay:
1531
if client.approved or not client.approval_delay:
1531
1532
#We are approved or approval is disabled
1532
1533
break
1533
elif client._approved is None:
1534
elif client.approved is None:
1534
1535
logger.info("Client %s needs approval",
1535
1536
client.name)
1536
1537
if self.server.use_dbus:
1550
1551
time = datetime.datetime.now()
1551
1552
client.changedstate.acquire()
1552
1553
(client.changedstate.wait
1553
(float(client._timedelta_to_milliseconds(delay)
1554
(float(client.timedelta_to_milliseconds(delay)
1554
1555
/ 1000)))
1555
1556
client.changedstate.release()
1556
1557
time2 = datetime.datetime.now()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0