11
11
# "AvahiService" class, and some lines in "main".
13
13
# Everything else is
14
# Copyright © 2008-2014 Teddy Hogeborn
15
# Copyright © 2008-2014 Björn Påhlsson
14
# Copyright © 2008-2012 Teddy Hogeborn
15
# Copyright © 2008-2012 Björn Påhlsson
17
17
# This program is free software: you can redistribute it and/or modify
18
18
# it under the terms of the GNU General Public License as published by
114
117
def initlogger(debug, level=logging.WARNING):
115
118
"""init logger and add loglevel"""
118
syslogger = (logging.handlers.SysLogHandler
120
logging.handlers.SysLogHandler.LOG_DAEMON,
121
address = str("/dev/log")))
122
120
syslogger.setFormatter(logging.Formatter
123
121
('Mandos [%(process)d]: %(levelname)s:'
142
140
class PGPEngine(object):
143
141
"""A simple class for OpenPGP symmetric encryption & decryption"""
144
142
def __init__(self):
143
self.gnupg = GnuPGInterface.GnuPG()
145
144
self.tempdir = tempfile.mkdtemp(prefix="mandos-")
146
self.gnupgargs = ['--batch',
147
'--home', self.tempdir,
145
self.gnupg = GnuPGInterface.GnuPG()
146
self.gnupg.options.meta_interactive = False
147
self.gnupg.options.homedir = self.tempdir
148
self.gnupg.options.extra_args.extend(['--force-mdc',
152
152
def __enter__(self):
175
175
def password_encode(self, password):
176
176
# Passphrase can not be empty and can not contain newlines or
177
177
# NUL bytes. So we prefix it and hex encode it.
178
encoded = b"mandos" + binascii.hexlify(password)
179
if len(encoded) > 2048:
180
# GnuPG can't handle long passwords, so encode differently
181
encoded = (b"mandos" + password.replace(b"\\", b"\\\\")
182
.replace(b"\n", b"\\n")
183
.replace(b"\0", b"\\x00"))
178
return b"mandos" + binascii.hexlify(password)
186
180
def encrypt(self, data, password):
187
passphrase = self.password_encode(password)
188
with tempfile.NamedTemporaryFile(dir=self.tempdir
190
passfile.write(passphrase)
192
proc = subprocess.Popen(['gpg', '--symmetric',
196
stdin = subprocess.PIPE,
197
stdout = subprocess.PIPE,
198
stderr = subprocess.PIPE)
199
ciphertext, err = proc.communicate(input = data)
200
if proc.returncode != 0:
181
self.gnupg.passphrase = self.password_encode(password)
182
with open(os.devnull, "w") as devnull:
184
proc = self.gnupg.run(['--symmetric'],
185
create_fhs=['stdin', 'stdout'],
186
attach_fhs={'stderr': devnull})
187
with contextlib.closing(proc.handles['stdin']) as f:
189
with contextlib.closing(proc.handles['stdout']) as f:
190
ciphertext = f.read()
194
self.gnupg.passphrase = None
202
195
return ciphertext
204
197
def decrypt(self, data, password):
205
passphrase = self.password_encode(password)
206
with tempfile.NamedTemporaryFile(dir = self.tempdir
208
passfile.write(passphrase)
210
proc = subprocess.Popen(['gpg', '--decrypt',
214
stdin = subprocess.PIPE,
215
stdout = subprocess.PIPE,
216
stderr = subprocess.PIPE)
217
decrypted_plaintext, err = proc.communicate(input
219
if proc.returncode != 0:
198
self.gnupg.passphrase = self.password_encode(password)
199
with open(os.devnull, "w") as devnull:
201
proc = self.gnupg.run(['--decrypt'],
202
create_fhs=['stdin', 'stdout'],
203
attach_fhs={'stderr': devnull})
204
with contextlib.closing(proc.handles['stdin']) as f:
206
with contextlib.closing(proc.handles['stdout']) as f:
207
decrypted_plaintext = f.read()
211
self.gnupg.passphrase = None
221
212
return decrypted_plaintext
243
234
Used to optionally bind to the specified interface.
244
235
name: string; Example: 'Mandos'
245
236
type: string; Example: '_mandos._tcp'.
246
See <https://www.iana.org/assignments/service-names-port-numbers>
237
See <http://www.dns-sd.org/ServiceTypes.html>
247
238
port: integer; what port to announce
248
239
TXT: list of strings; TXT record for the service
249
240
domain: string; Domain to publish on, default to .local if empty.
395
386
"""Add the new name to the syslog messages"""
396
387
ret = AvahiService.rename(self)
397
388
syslogger.setFormatter(logging.Formatter
398
('Mandos ({}) [%(process)d]:'
389
('Mandos ({0}) [%(process)d]:'
399
390
' %(levelname)s: %(message)s'
400
391
.format(self.name)))
395
def timedelta_to_milliseconds(td):
396
"Convert a datetime.timedelta() to milliseconds"
397
return ((td.days * 24 * 60 * 60 * 1000)
398
+ (td.seconds * 1000)
399
+ (td.microseconds // 1000))
404
402
class Client(object):
405
403
"""A representation of a client host served by this server.
461
458
"enabled": "True",
461
def timeout_milliseconds(self):
462
"Return the 'timeout' attribute in milliseconds"
463
return timedelta_to_milliseconds(self.timeout)
465
def extended_timeout_milliseconds(self):
466
"Return the 'extended_timeout' attribute in milliseconds"
467
return timedelta_to_milliseconds(self.extended_timeout)
469
def interval_milliseconds(self):
470
"Return the 'interval' attribute in milliseconds"
471
return timedelta_to_milliseconds(self.interval)
473
def approval_delay_milliseconds(self):
474
return timedelta_to_milliseconds(self.approval_delay)
465
477
def config_parser(config):
466
478
"""Construct a new dict of client settings of this form:
511
def __init__(self, settings, name = None, server_settings=None):
523
def __init__(self, settings, name = None):
513
if server_settings is None:
515
self.server_settings = server_settings
516
525
# adding all client settings
517
for setting, value in settings.items():
526
for setting, value in settings.iteritems():
518
527
setattr(self, setting, value)
603
612
if self.checker_initiator_tag is not None:
604
613
gobject.source_remove(self.checker_initiator_tag)
605
614
self.checker_initiator_tag = (gobject.timeout_add
607
.total_seconds() * 1000),
615
(self.interval_milliseconds(),
608
616
self.start_checker))
609
617
# Schedule a disable() when 'timeout' has passed
610
618
if self.disable_initiator_tag is not None:
611
619
gobject.source_remove(self.disable_initiator_tag)
612
620
self.disable_initiator_tag = (gobject.timeout_add
614
.total_seconds() * 1000),
621
(self.timeout_milliseconds(),
616
623
# Also start a new checker *right now*.
617
624
self.start_checker()
649
656
self.disable_initiator_tag = None
650
657
if getattr(self, "enabled", False):
651
658
self.disable_initiator_tag = (gobject.timeout_add
652
(int(timeout.total_seconds()
653
* 1000), self.disable))
659
(timedelta_to_milliseconds
660
(timeout), self.disable))
654
661
self.expires = datetime.datetime.utcnow() + timeout
656
663
def need_approval(self):
673
680
# If a checker exists, make sure it is not a zombie
675
682
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
676
except AttributeError:
678
except OSError as error:
679
if error.errno != errno.ECHILD:
683
except (AttributeError, OSError) as error:
684
if (isinstance(error, OSError)
685
and error.errno != errno.ECHILD):
683
689
logger.warning("Checker was a zombie")
687
693
# Start a new checker if needed
688
694
if self.checker is None:
689
695
# Escape attributes for the shell
690
escaped_attrs = { attr:
691
re.escape(unicode(getattr(self,
693
for attr in self.runtime_expansions }
696
escaped_attrs = dict(
697
(attr, re.escape(unicode(getattr(self, attr))))
699
self.runtime_expansions)
695
701
command = self.checker_command % escaped_attrs
696
702
except TypeError as error:
705
711
# in normal mode, that is already done by daemon(),
706
712
# and in debug mode we don't want to. (Stdin is
707
713
# always replaced by /dev/null.)
708
# The exception is when not debugging but nevertheless
709
# running in the foreground; use the previously
712
if (not self.server_settings["debug"]
713
and self.server_settings["foreground"]):
714
popen_args.update({"stdout": wnull,
716
714
self.checker = subprocess.Popen(command,
720
717
except OSError as error:
721
718
logger.error("Failed to start subprocess",
724
720
self.checker_callback_tag = (gobject.child_watch_add
725
721
(self.checker.pid,
726
722
self.checker_callback,
728
724
# The checker may have completed before the gobject
729
725
# watch was added. Check for this.
731
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
732
except OSError as error:
733
if error.errno == errno.ECHILD:
734
# This should never happen
735
logger.error("Child process vanished",
726
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
740
728
gobject.source_remove(self.checker_callback_tag)
741
729
self.checker_callback(pid, status, command)
777
765
# "Set" method, so we fail early here:
778
766
if byte_arrays and signature != "ay":
779
767
raise ValueError("Byte arrays not supported for non-'ay'"
780
" signature {!r}".format(signature))
768
" signature {0!r}".format(signature))
781
769
def decorator(func):
782
770
func._dbus_is_property = True
783
771
func._dbus_interface = dbus_interface
862
850
If called like _is_dbus_thing("method") it returns a function
863
851
suitable for use as predicate to inspect.getmembers().
865
return lambda obj: getattr(obj, "_dbus_is_{}".format(thing),
853
return lambda obj: getattr(obj, "_dbus_is_{0}".format(thing),
868
856
def _get_all_dbus_things(self, thing):
998
984
# Add interface annotation tags
999
985
for annotation, value in dict(
1000
986
itertools.chain.from_iterable(
1001
annotations().items()
987
annotations().iteritems()
1002
988
for name, annotations in
1003
989
self._get_all_dbus_things("interface")
1004
990
if name == if_tag.getAttribute("name")
1006
992
ann_tag = document.createElement("annotation")
1007
993
ann_tag.setAttribute("name", annotation)
1008
994
ann_tag.setAttribute("value", value)
1083
1069
interface_names.add(alt_interface)
1084
1070
# Is this a D-Bus signal?
1085
1071
if getattr(attribute, "_dbus_is_signal", False):
1086
# Extract the original non-method undecorated
1087
# function by black magic
1072
# Extract the original non-method function by
1088
1074
nonmethod_func = (dict(
1089
1075
zip(attribute.func_code.co_freevars,
1090
1076
attribute.__closure__))["func"]
1285
1271
approval_delay = notifychangeproperty(dbus.UInt64,
1286
1272
"ApprovalDelay",
1288
lambda td: td.total_seconds()
1274
timedelta_to_milliseconds)
1290
1275
approval_duration = notifychangeproperty(
1291
1276
dbus.UInt64, "ApprovalDuration",
1292
type_func = lambda td: td.total_seconds() * 1000)
1277
type_func = timedelta_to_milliseconds)
1293
1278
host = notifychangeproperty(dbus.String, "Host")
1294
1279
timeout = notifychangeproperty(dbus.UInt64, "Timeout",
1295
type_func = lambda td:
1296
td.total_seconds() * 1000)
1281
timedelta_to_milliseconds)
1297
1282
extended_timeout = notifychangeproperty(
1298
1283
dbus.UInt64, "ExtendedTimeout",
1299
type_func = lambda td: td.total_seconds() * 1000)
1284
type_func = timedelta_to_milliseconds)
1300
1285
interval = notifychangeproperty(dbus.UInt64,
1303
lambda td: td.total_seconds()
1288
timedelta_to_milliseconds)
1305
1289
checker_command = notifychangeproperty(dbus.String, "Checker")
1307
1291
del notifychangeproperty
1335
1319
*args, **kwargs)
1337
1321
def start_checker(self, *args, **kwargs):
1338
old_checker_pid = getattr(self.checker, "pid", None)
1322
old_checker = self.checker
1323
if self.checker is not None:
1324
old_checker_pid = self.checker.pid
1326
old_checker_pid = None
1339
1327
r = Client.start_checker(self, *args, **kwargs)
1340
1328
# Only if new checker process was started
1341
1329
if (self.checker is not None
1351
1339
def approve(self, value=True):
1352
1340
self.approved = value
1353
gobject.timeout_add(int(self.approval_duration.total_seconds()
1354
* 1000), self._reset_approved)
1341
gobject.timeout_add(timedelta_to_milliseconds
1342
(self.approval_duration),
1343
self._reset_approved)
1355
1344
self.send_changedstate()
1357
1346
## D-Bus methods, signals & properties
1559
1547
gobject.source_remove(self.disable_initiator_tag)
1560
1548
self.disable_initiator_tag = (
1561
1549
gobject.timeout_add(
1562
int((self.expires - now).total_seconds()
1563
* 1000), self.disable))
1550
timedelta_to_milliseconds(self.expires - now),
1565
1553
# ExtendedTimeout - property
1566
1554
@dbus_service_property(_interface, signature="t",
1567
1555
access="readwrite")
1568
1556
def ExtendedTimeout_dbus_property(self, value=None):
1569
1557
if value is None: # get
1570
return dbus.UInt64(self.extended_timeout.total_seconds()
1558
return dbus.UInt64(self.extended_timeout_milliseconds())
1572
1559
self.extended_timeout = datetime.timedelta(0, 0, 0, value)
1574
1561
# Interval - property
1576
1563
access="readwrite")
1577
1564
def Interval_dbus_property(self, value=None):
1578
1565
if value is None: # get
1579
return dbus.UInt64(self.interval.total_seconds() * 1000)
1566
return dbus.UInt64(self.interval_milliseconds())
1580
1567
self.interval = datetime.timedelta(0, 0, 0, value)
1581
1568
if getattr(self, "checker_initiator_tag", None) is None:
1755
1742
#wait until timeout or approved
1756
1743
time = datetime.datetime.now()
1757
1744
client.changedstate.acquire()
1758
client.changedstate.wait(delay.total_seconds())
1745
client.changedstate.wait(
1746
float(timedelta_to_milliseconds(delay)
1759
1748
client.changedstate.release()
1760
1749
time2 = datetime.datetime.now()
1761
1750
if (time2 - time) >= delay:
2169
2158
token_duration = Token(re.compile(r"P"), None,
2170
2159
frozenset((token_year, token_month,
2171
2160
token_day, token_time,
2173
2162
# Define starting values
2174
2163
value = datetime.timedelta() # Value so far
2175
2164
found_token = None
2176
followers = frozenset((token_duration,)) # Following valid tokens
2165
followers = frozenset(token_duration,) # Following valid tokens
2177
2166
s = duration # String left to parse
2178
2167
# Loop until end token is found
2179
2168
while found_token is not token_end:
2239
2228
elif suffix == "w":
2240
2229
delta = datetime.timedelta(0, 0, 0, 0, 0, 0, value)
2242
raise ValueError("Unknown suffix {!r}"
2231
raise ValueError("Unknown suffix {0!r}"
2243
2232
.format(suffix))
2244
except IndexError as e:
2233
except (ValueError, IndexError) as e:
2245
2234
raise ValueError(*(e.args))
2246
2235
timevalue += delta
2247
2236
return timevalue
2262
2251
# Close all standard open file descriptors
2263
2252
null = os.open(os.devnull, os.O_NOCTTY | os.O_RDWR)
2264
2253
if not stat.S_ISCHR(os.fstat(null).st_mode):
2265
raise OSError(errno.ENODEV, "{} not a character device"
2254
raise OSError(errno.ENODEV,
2255
"{0} not a character device"
2266
2256
.format(os.devnull))
2267
2257
os.dup2(null, sys.stdin.fileno())
2268
2258
os.dup2(null, sys.stdout.fileno())
2279
2269
parser = argparse.ArgumentParser()
2280
2270
parser.add_argument("-v", "--version", action="version",
2281
version = "%(prog)s {}".format(version),
2271
version = "%(prog)s {0}".format(version),
2282
2272
help="show version number and exit")
2283
2273
parser.add_argument("-i", "--interface", metavar="IF",
2284
2274
help="Bind to interface IF")
2290
2280
help="Run self-test")
2291
2281
parser.add_argument("--debug", action="store_true",
2292
2282
help="Debug mode; run in foreground and log"
2293
" to terminal", default=None)
2294
2284
parser.add_argument("--debuglevel", metavar="LEVEL",
2295
2285
help="Debug level for stdout output")
2296
2286
parser.add_argument("--priority", help="GnuTLS"
2304
2294
parser.add_argument("--no-dbus", action="store_false",
2305
2295
dest="use_dbus", help="Do not provide D-Bus"
2306
" system bus interface", default=None)
2296
" system bus interface")
2307
2297
parser.add_argument("--no-ipv6", action="store_false",
2308
dest="use_ipv6", help="Do not use IPv6",
2298
dest="use_ipv6", help="Do not use IPv6")
2310
2299
parser.add_argument("--no-restore", action="store_false",
2311
2300
dest="restore", help="Do not restore stored"
2312
" state", default=None)
2313
2302
parser.add_argument("--socket", type=int,
2314
2303
help="Specify a file descriptor to a network"
2315
2304
" socket to use instead of creating one")
2316
2305
parser.add_argument("--statedir", metavar="DIR",
2317
2306
help="Directory to save/restore state in")
2318
2307
parser.add_argument("--foreground", action="store_true",
2319
help="Run in foreground", default=None)
2320
parser.add_argument("--no-zeroconf", action="store_false",
2321
dest="zeroconf", help="Do not use Zeroconf",
2308
help="Run in foreground")
2324
2310
options = parser.parse_args()
2326
2312
if options.check:
2328
fail_count, test_count = doctest.testmod()
2329
sys.exit(os.EX_OK if fail_count == 0 else 1)
2331
2317
# Default values for config file for server-global settings
2332
2318
server_defaults = { "interface": "",
2376
2361
for option in ("interface", "address", "port", "debug",
2377
2362
"priority", "servicename", "configdir",
2378
2363
"use_dbus", "use_ipv6", "debuglevel", "restore",
2379
"statedir", "socket", "foreground", "zeroconf"):
2364
"statedir", "socket", "foreground"):
2380
2365
value = getattr(options, option)
2381
2366
if value is not None:
2382
2367
server_settings[option] = value
2385
2370
for option in server_settings.keys():
2386
2371
if type(server_settings[option]) is str:
2387
2372
server_settings[option] = unicode(server_settings[option])
2388
# Force all boolean options to be boolean
2389
for option in ("debug", "use_dbus", "use_ipv6", "restore",
2390
"foreground", "zeroconf"):
2391
server_settings[option] = bool(server_settings[option])
2392
2373
# Debug implies foreground
2393
2374
if server_settings["debug"]:
2394
2375
server_settings["foreground"] = True
2397
2378
##################################################################
2399
if (not server_settings["zeroconf"] and
2400
not (server_settings["port"]
2401
or server_settings["socket"] != "")):
2402
parser.error("Needs port or socket to work without"
2405
2380
# For convenience
2406
2381
debug = server_settings["debug"]
2407
2382
debuglevel = server_settings["debuglevel"]
2449
2420
gnutls_priority=
2450
2421
server_settings["priority"],
2451
2422
use_dbus=use_dbus,
2423
socketfd=(server_settings["socket"]
2453
2425
if not foreground:
2454
pidfilename = "/run/mandos.pid"
2455
if not os.path.isdir("/run/."):
2456
pidfilename = "/var/run/mandos.pid"
2426
pidfilename = "/var/run/mandos.pid"
2459
2429
pidfile = open(pidfilename, "w")
2525
2495
use_dbus = False
2526
2496
server_settings["use_dbus"] = False
2527
2497
tcp_server.use_dbus = False
2529
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
2530
service = AvahiServiceToSyslog(name =
2531
server_settings["servicename"],
2532
servicetype = "_mandos._tcp",
2533
protocol = protocol, bus = bus)
2534
if server_settings["interface"]:
2535
service.interface = (if_nametoindex
2536
(str(server_settings["interface"])))
2498
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
2499
service = AvahiServiceToSyslog(name =
2500
server_settings["servicename"],
2501
servicetype = "_mandos._tcp",
2502
protocol = protocol, bus = bus)
2503
if server_settings["interface"]:
2504
service.interface = (if_nametoindex
2505
(str(server_settings["interface"])))
2538
2507
global multiprocessing_manager
2539
2508
multiprocessing_manager = multiprocessing.Manager()
2574
2535
"EOFError:", exc_info=e)
2576
2537
with PGPEngine() as pgp:
2577
for client_name, client in clients_data.items():
2578
# Skip removed clients
2579
if client_name not in client_settings:
2538
for client_name, client in clients_data.iteritems():
2582
2539
# Decide which value to use after restoring saved state.
2583
2540
# We have three different values: Old config file,
2584
2541
# new config file, and saved state.
2605
2562
if datetime.datetime.utcnow() >= client["expires"]:
2606
2563
if not client["last_checked_ok"]:
2607
2564
logger.warning(
2608
"disabling client {} - Client never "
2565
"disabling client {0} - Client never "
2609
2566
"performed a successful checker"
2610
2567
.format(client_name))
2611
2568
client["enabled"] = False
2612
2569
elif client["last_checker_status"] != 0:
2613
2570
logger.warning(
2614
"disabling client {} - Client last"
2615
" checker failed with error code {}"
2571
"disabling client {0} - Client "
2572
"last checker failed with error code {1}"
2616
2573
.format(client_name,
2617
2574
client["last_checker_status"]))
2618
2575
client["enabled"] = False
2644
2601
clients_data[client_name] = client_settings[client_name]
2646
2603
# Create all client objects
2647
for client_name, client in clients_data.items():
2604
for client_name, client in clients_data.iteritems():
2648
2605
tcp_server.clients[client_name] = client_class(
2649
name = client_name, settings = client,
2650
server_settings = server_settings)
2606
name = client_name, settings = client)
2652
2608
if not tcp_server.clients:
2653
2609
logger.warning("No clients defined")
2755
2709
# A list of attributes that can not be pickled
2757
exclude = { "bus", "changedstate", "secret",
2758
"checker", "server_settings" }
2711
exclude = set(("bus", "changedstate", "secret",
2759
2713
for name, typ in (inspect.getmembers
2760
2714
(dbus.service.Object)):
2761
2715
exclude.add(name)
2784
2738
except NameError:
2786
2740
if e.errno in (errno.ENOENT, errno.EACCES, errno.EEXIST):
2787
logger.warning("Could not save persistent state: {}"
2741
logger.warning("Could not save persistent state: {0}"
2788
2742
.format(os.strerror(e.errno)))
2790
2744
logger.warning("Could not save persistent state:",
2794
2748
# Delete all clients, and settings from config
2795
2749
while tcp_server.clients:
2819
2773
tcp_server.server_activate()
2821
2775
# Find out what port we got
2823
service.port = tcp_server.socket.getsockname()[1]
2776
service.port = tcp_server.socket.getsockname()[1]
2825
2778
logger.info("Now listening on address %r, port %d,"
2826
2779
" flowinfo %d, scope_id %d",
2832
2785
#service.interface = tcp_server.socket.getsockname()[3]
2836
# From the Avahi example code
2839
except dbus.exceptions.DBusException as error:
2840
logger.critical("D-Bus Exception", exc_info=error)
2843
# End of Avahi example code
2788
# From the Avahi example code
2791
except dbus.exceptions.DBusException as error:
2792
logger.critical("D-Bus Exception", exc_info=error)
2795
# End of Avahi example code
2845
2797
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
2846
2798
lambda *args, **kwargs: