/mandos/trunk : revision 830

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

Committer: Teddy Hogeborn
Date: 2016-03-12 23:42:38 UTC
Revision ID: teddy@recompile.se-20160312234238-xdszntu18cfwife9

Server: Use python-gi instead of old python-gobject

The python-gobject module is old, deprecated, and replaced with the
python-gi (GObject Introspection) module; use that instead.

* debian/control (Source: mandos/Build-Depends-Indep): Change
"python-gi | python-gobject" to "python-gi".
* mandos: Import "GLib" instead of "GObject"; change all users.
* mandos-monitor: - '' -

Show diffs side-by-side

added added

removed removed

mandos

import xml.dom.minidom

import inspect

# Try to find the value of SO_BINDTODEVICE:

try:

# This is where SO_BINDTODEVICE is in Python 3.3 (or 3.4?) and

# newer, and it is also the most natural place for it:

SO_BINDTODEVICE = socket.SO_BINDTODEVICE

except AttributeError:

try:

# This is where SO_BINDTODEVICE was up to and including Python

# 2.6, and also 3.2:

from IN import SO_BINDTODEVICE

except ImportError:

100

# In Python 2.7 it seems to have been removed entirely.

101

# Try running the C preprocessor:

102

try:

103

cc = subprocess.Popen(["cc", "--language=c", "-E",

104

"/dev/stdin"],

105

stdin=subprocess.PIPE,

106

stdout=subprocess.PIPE)

107

stdout = cc.communicate(

108

"#include <sys/socket.h>\nSO_BINDTODEVICE\n")[0]

109

SO_BINDTODEVICE = int(stdout.splitlines()[-1])

110

except (OSError, ValueError, IndexError):

111

# No value found

112

SO_BINDTODEVICE = None

113

114

if sys.version_info.major == 2:

115

str = unicode

116

117

version = "1.7.10"

100

version = "1.7.5"

118

101

stored_state_file = "clients.pickle"

119

102

120

103

logger = logging.getLogger()

197

180

self.gnupgargs = ['--batch',

198

181

'--homedir', self.tempdir,

199

182

'--force-mdc',

200

'--quiet']

201

# Only GPG version 1 has the --no-use-agent option.

202

if self.gpg == "gpg" or self.gpg.endswith("/gpg"):

203

self.gnupgargs.append("--no-use-agent")

183

'--quiet',

184

'--no-use-agent']

204

185

205

186

def __enter__(self):

206

187

return self

2191

2172

priority = self.server.gnutls_priority

2192

2173

if priority is None:

2193

2174

priority = "NORMAL"

2194

gnutls.priority_set_direct(session._c_object,

2195

priority.encode("utf-8"),

2175

gnutls.priority_set_direct(session._c_object, priority,

2196

2176

None)

2197

2177

2198

2178

# Start communication using the Mandos protocol

2453

2433

"""This overrides the normal server_bind() function

2454

2434

to bind to an interface if one was specified, and also NOT to

2455

2435

bind to an address or port if they were not specified."""

2456

global SO_BINDTODEVICE

2457

2436

if self.interface is not None:

2458

2437

if SO_BINDTODEVICE is None:

2459

# Fall back to a hard-coded value which seems to be

2460

# common enough.

2461

logger.warning("SO_BINDTODEVICE not found, trying 25")

2462

SO_BINDTODEVICE = 25

2463

try:

2464

self.socket.setsockopt(

2465

socket.SOL_SOCKET, SO_BINDTODEVICE,

2466

(self.interface + "\0").encode("utf-8"))

2467

except socket.error as error:

2468

if error.errno == errno.EPERM:

2469

logger.error("No permission to bind to"

2470

" interface %s", self.interface)

2471

elif error.errno == errno.ENOPROTOOPT:

2472

logger.error("SO_BINDTODEVICE not available;"

2473

" cannot bind to interface %s",

2474

self.interface)

2475

elif error.errno == errno.ENODEV:

2476

logger.error("Interface %s does not exist,"

2477

" cannot bind", self.interface)

2478

else:

2479

raise

2438

logger.error("SO_BINDTODEVICE does not exist;"

2439

" cannot bind to interface %s",

2440

self.interface)

2441

else:

2442

try:

2443

self.socket.setsockopt(

2444

socket.SOL_SOCKET, SO_BINDTODEVICE,

2445

(self.interface + "\0").encode("utf-8"))

2446

except socket.error as error:

2447

if error.errno == errno.EPERM:

2448

logger.error("No permission to bind to"

2449

" interface %s", self.interface)

2450

elif error.errno == errno.ENOPROTOOPT:

2451

logger.error("SO_BINDTODEVICE not available;"

2452

" cannot bind to interface %s",

2453

self.interface)

2454

elif error.errno == errno.ENODEV:

2455

logger.error("Interface %s does not exist,"

2456

" cannot bind", self.interface)

2457

else:

2458

raise

2480

2459

# Only bind(2) the socket if we really need to.

2481

2460

if self.server_address[0] or self.server_address[1]:

2482

2461

if not self.server_address[0]:

3221

3200

del pidfile

3222

3201

del pidfilename

3223

3202

3224

for termsig in (signal.SIGHUP, signal.SIGTERM):

3225

GLib.unix_signal_add(GLib.PRIORITY_HIGH, termsig,

3226

lambda: main_loop.quit() and False)

3203

signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())

3204

signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())

3227

3205

3228

3206

if use_dbus:

3229

3207

3328

3306

3329

3307

mandos_dbus_service = MandosDBusService()

3330

3308

3331

# Save modules to variables to exempt the modules from being

3332

# unloaded before the function registered with atexit() is run.

3333

mp = multiprocessing

3334

wn = wnull

3335

3309

def cleanup():

3336

3310

"Cleanup function; run on exit"

3337

3311

if zeroconf:

3338

3312

service.cleanup()

3339

3313

3340

mp.active_children()

3341

wn.close()

3314

multiprocessing.active_children()

3315

wnull.close()

3342

3316

if not (tcp_server.clients or client_settings):

3343

3317

return

3344

3318

Older »