110
128
logger.setLevel(level)
131
class PGPError(Exception):
132
"""Exception if encryption/decryption fails"""
136
class PGPEngine(object):
137
"""A simple class for OpenPGP symmetric encryption & decryption"""
139
self.gnupg = GnuPGInterface.GnuPG()
140
self.tempdir = tempfile.mkdtemp(prefix="mandos-")
141
self.gnupg = GnuPGInterface.GnuPG()
142
self.gnupg.options.meta_interactive = False
143
self.gnupg.options.homedir = self.tempdir
144
self.gnupg.options.extra_args.extend(['--force-mdc',
150
def __exit__ (self, exc_type, exc_value, traceback):
158
if self.tempdir is not None:
159
# Delete contents of tempdir
160
for root, dirs, files in os.walk(self.tempdir,
162
for filename in files:
163
os.remove(os.path.join(root, filename))
165
os.rmdir(os.path.join(root, dirname))
167
os.rmdir(self.tempdir)
170
def password_encode(self, password):
171
# Passphrase can not be empty and can not contain newlines or
172
# NUL bytes. So we prefix it and hex encode it.
173
return b"mandos" + binascii.hexlify(password)
175
def encrypt(self, data, password):
176
self.gnupg.passphrase = self.password_encode(password)
177
with open(os.devnull) as devnull:
179
proc = self.gnupg.run(['--symmetric'],
180
create_fhs=['stdin', 'stdout'],
181
attach_fhs={'stderr': devnull})
182
with contextlib.closing(proc.handles['stdin']) as f:
184
with contextlib.closing(proc.handles['stdout']) as f:
185
ciphertext = f.read()
189
self.gnupg.passphrase = None
192
def decrypt(self, data, password):
193
self.gnupg.passphrase = self.password_encode(password)
194
with open(os.devnull) as devnull:
196
proc = self.gnupg.run(['--decrypt'],
197
create_fhs=['stdin', 'stdout'],
198
attach_fhs={'stderr': devnull})
199
with contextlib.closing(proc.handles['stdin'] ) as f:
201
with contextlib.closing(proc.handles['stdout']) as f:
202
decrypted_plaintext = f.read()
206
self.gnupg.passphrase = None
207
return decrypted_plaintext
113
211
class AvahiError(Exception):
114
212
def __init__(self, value, *args, **kwargs):
115
213
self.value = value
596
703
self.checker = None
598
# Encrypts a client secret and stores it in a varible encrypted_secret
599
def encrypt_secret(self, key):
600
# Encryption-key need to be of a specific size, so we hash inputed key
601
hasheng = hashlib.sha256()
603
encryptionkey = hasheng.digest()
605
# Create validation hash so we know at decryption if it was sucessful
606
hasheng = hashlib.sha256()
607
hasheng.update(self.secret)
608
validationhash = hasheng.digest()
611
iv = os.urandom(Crypto.Cipher.AES.block_size)
612
ciphereng = Crypto.Cipher.AES.new(encryptionkey,
613
Crypto.Cipher.AES.MODE_CFB, iv)
614
ciphertext = ciphereng.encrypt(validationhash+self.secret)
615
self.encrypted_secret = (ciphertext, iv)
617
# Decrypt a encrypted client secret
618
def decrypt_secret(self, key):
619
# Decryption-key need to be of a specific size, so we hash inputed key
620
hasheng = hashlib.sha256()
622
encryptionkey = hasheng.digest()
624
# Decrypt encrypted secret
625
ciphertext, iv = self.encrypted_secret
626
ciphereng = Crypto.Cipher.AES.new(encryptionkey,
627
Crypto.Cipher.AES.MODE_CFB, iv)
628
plain = ciphereng.decrypt(ciphertext)
630
# Validate decrypted secret to know if it was succesful
631
hasheng = hashlib.sha256()
632
validationhash = plain[:hasheng.digest_size]
633
secret = plain[hasheng.digest_size:]
634
hasheng.update(secret)
636
# if validation fails, we use key as new secret. Otherwhise, we use
637
# the decrypted secret
638
if hasheng.digest() == validationhash:
642
del self.encrypted_secret
645
706
def dbus_service_property(dbus_interface, signature="v",
646
707
access="readwrite", byte_arrays=False):
2136
2185
"approved_by_default":
2137
2186
lambda section:
2138
2187
client_config.getboolean(section, "approved_by_default"),
2190
client_config.getboolean(section, "enabled"),
2140
2192
# Construct a new dict of client settings of this form:
2141
2193
# { client_name: {setting_name: value, ...}, ...}
2142
2194
# with exceptions for any special settings as defined above
2143
2195
client_settings = dict((clientname,
2145
(value if setting not in special_settings
2146
else special_settings[setting](clientname)))
2147
for setting, value in client_config.items(clientname)))
2198
if setting not in special_settings
2199
else special_settings[setting]
2201
for setting, value in
2202
client_config.items(clientname)))
2148
2203
for clientname in client_config.sections())
2150
2205
old_client_settings = {}
2151
2206
clients_data = []
2153
# Get client data and settings from last running state.
2208
# Get client data and settings from last running state.
2154
2209
if server_settings["restore"]:
2156
2211
with open(stored_state_path, "rb") as stored_state:
2157
clients_data, old_client_settings = pickle.load(stored_state)
2212
clients_data, old_client_settings = (pickle.load
2158
2214
os.remove(stored_state_path)
2159
2215
except IOError as e:
2160
logger.warning("Could not load persistant state: {0}".format(e))
2216
logger.warning("Could not load persistent state: {0}"
2161
2218
if e.errno != errno.ENOENT:
2164
for client in clients_data:
2165
client_name = client["name"]
2167
# Decide which value to use after restoring saved state.
2168
# We have three different values: Old config file,
2169
# new config file, and saved state.
2170
# New config value takes precedence if it differs from old
2171
# config value, otherwise use saved state.
2172
for name, value in client_settings[client_name].items():
2221
with PGPEngine() as pgp:
2222
for client in clients_data:
2223
client_name = client["name"]
2225
# Decide which value to use after restoring saved state.
2226
# We have three different values: Old config file,
2227
# new config file, and saved state.
2228
# New config value takes precedence if it differs from old
2229
# config value, otherwise use saved state.
2230
for name, value in client_settings[client_name].items():
2232
# For each value in new config, check if it
2233
# differs from the old config value (Except for
2234
# the "secret" attribute)
2235
if (name != "secret" and
2236
value != old_client_settings[client_name]
2238
setattr(client, name, value)
2242
# Clients who has passed its expire date can still be
2243
# enabled if its last checker was sucessful. Clients
2244
# whose checker failed before we stored its state is
2245
# assumed to have failed all checkers during downtime.
2246
if client["enabled"] and client["last_checked_ok"]:
2247
if ((datetime.datetime.utcnow()
2248
- client["last_checked_ok"])
2249
> client["interval"]):
2250
if client["last_checker_status"] != 0:
2251
client["enabled"] = False
2253
client["expires"] = (datetime.datetime
2255
+ client["timeout"])
2257
client["changedstate"] = (multiprocessing_manager
2259
(multiprocessing_manager
2262
new_client = (ClientDBusTransitional.__new__
2263
(ClientDBusTransitional))
2264
tcp_server.clients[client_name] = new_client
2265
new_client.bus = bus
2266
for name, value in client.iteritems():
2267
setattr(new_client, name, value)
2268
client_object_name = unicode(client_name).translate(
2269
{ord("."): ord("_"),
2270
ord("-"): ord("_")})
2271
new_client.dbus_object_path = (dbus.ObjectPath
2273
+ client_object_name))
2274
DBusObjectWithProperties.__init__(new_client,
2279
tcp_server.clients[client_name] = (Client.__new__
2281
for name, value in client.iteritems():
2282
setattr(tcp_server.clients[client_name],
2174
# For each value in new config, check if it differs
2175
# from the old config value (Except for the "secret"
2177
if name != "secret" and value != old_client_settings[client_name][name]:
2178
setattr(client, name, value)
2182
# Clients who has passed its expire date, can still be enabled if its
2183
# last checker was sucessful. Clients who checkers failed before we
2184
# stored it state is asumed to had failed checker during downtime.
2185
if client["enabled"] and client["last_checked_ok"]:
2186
if ((datetime.datetime.utcnow() - client["last_checked_ok"])
2187
> client["interval"]):
2188
if client["last_checker_status"] != 0:
2189
client["enabled"] = False
2191
client["expires"] = datetime.datetime.utcnow() + client["timeout"]
2193
client["changedstate"] = (multiprocessing_manager
2194
.Condition(multiprocessing_manager
2197
new_client = ClientDBusTransitional.__new__(ClientDBusTransitional)
2198
tcp_server.clients[client_name] = new_client
2199
new_client.bus = bus
2200
for name, value in client.iteritems():
2201
setattr(new_client, name, value)
2202
client_object_name = unicode(client_name).translate(
2203
{ord("."): ord("_"),
2204
ord("-"): ord("_")})
2205
new_client.dbus_object_path = (dbus.ObjectPath
2206
("/clients/" + client_object_name))
2207
DBusObjectWithProperties.__init__(new_client,
2209
new_client.dbus_object_path)
2211
tcp_server.clients[client_name] = Client.__new__(Client)
2212
for name, value in client.iteritems():
2213
setattr(tcp_server.clients[client_name], name, value)
2215
tcp_server.clients[client_name].decrypt_secret(
2216
client_settings[client_name]["secret"])
2286
tcp_server.clients[client_name].secret = (
2287
pgp.decrypt(tcp_server.clients[client_name]
2289
client_settings[client_name]
2292
# If decryption fails, we use secret from new settings
2293
tcp_server.clients[client_name].secret = (
2294
client_settings[client_name]["secret"])
2218
2296
# Create/remove clients based on new changes made to config
2219
2297
for clientname in set(old_client_settings) - set(client_settings):
2220
2298
del tcp_server.clients[clientname]
2221
2299
for clientname in set(client_settings) - set(old_client_settings):
2222
tcp_server.clients[clientname] = (client_class(name = clientname,
2300
tcp_server.clients[clientname] = (client_class(name
2224
2303
client_settings
2228
2306
if not tcp_server.clients:
2229
2307
logger.warning("No clients defined")
2312
2390
multiprocessing.active_children()
2313
2391
if not (tcp_server.clients or client_settings):
2316
# Store client before exiting. Secrets are encrypted with key based
2317
# on what config file has. If config file is removed/edited, old
2318
# secret will thus be unrecovable.
2394
# Store client before exiting. Secrets are encrypted with key
2395
# based on what config file has. If config file is
2396
# removed/edited, old secret will thus be unrecovable.
2320
for client in tcp_server.clients.itervalues():
2321
client.encrypt_secret(client_settings[client.name]["secret"])
2325
# A list of attributes that will not be stored when shuting down.
2326
exclude = set(("bus", "changedstate", "secret"))
2327
for name, typ in inspect.getmembers(dbus.service.Object):
2330
client_dict["encrypted_secret"] = client.encrypted_secret
2331
for attr in client.client_structure:
2332
if attr not in exclude:
2333
client_dict[attr] = getattr(client, attr)
2335
clients.append(client_dict)
2336
del client_settings[client.name]["secret"]
2398
with PGPEngine() as pgp:
2399
for client in tcp_server.clients.itervalues():
2400
key = client_settings[client.name]["secret"]
2401
client.encrypted_secret = pgp.encrypt(client.secret,
2405
# A list of attributes that will not be stored when
2407
exclude = set(("bus", "changedstate", "secret"))
2408
for name, typ in (inspect.getmembers
2409
(dbus.service.Object)):
2412
client_dict["encrypted_secret"] = (client
2414
for attr in client.client_structure:
2415
if attr not in exclude:
2416
client_dict[attr] = getattr(client, attr)
2418
clients.append(client_dict)
2419
del client_settings[client.name]["secret"]
2339
with os.fdopen(os.open(stored_state_path, os.O_CREAT|os.O_WRONLY|os.O_TRUNC, 0600), "wb") as stored_state:
2422
with os.fdopen(os.open(stored_state_path,
2423
os.O_CREAT|os.O_WRONLY|os.O_TRUNC,
2424
0600), "wb") as stored_state:
2340
2425
pickle.dump((clients, client_settings), stored_state)
2341
except IOError as e:
2342
logger.warning("Could not save persistant state: {0}".format(e))
2343
if e.errno != errno.ENOENT:
2426
except (IOError, OSError) as e:
2427
logger.warning("Could not save persistent state: {0}"
2429
if e.errno not in (errno.ENOENT, errno.EACCES):
2346
2432
# Delete all clients, and settings from config
2347
2433
while tcp_server.clients:
2348
2434
name, client = tcp_server.clients.popitem()