/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl

  • Committer: Teddy Hogeborn
  • Date: 2019-02-10 08:41:14 UTC
  • Revision ID: teddy@recompile.se-20190210084114-u91mijrxtifvzra5
Bug fix: Only create TLS key with certtool, and read correct key file

* debian/mandos-client.postinst (create_keys): Remove any bad keys
                                               created by 1.8.0-1.
                                               Only create TLS keys if
                                               certtool succeeds.
* debian/mandos.postinst (configure): Remove any bad keys from
                                      clients.conf, and inform the
                                      user if any were found.
* debian/mandos.templates (mandos/removed_bad_key_ids): New message.
* mandos (MandosServer.handle_ipc): Do not trust a key_id with a known
                                    bad key ID.
* mandos-keygen (keygen): Only create TLS keys if certtool succeeds.
  (password): Bug fix: Generate key_id correctly, and only output
              key_id if TLS key exists.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos-ctl
1
1
#!/usr/bin/python
2
 
# -*- mode: python; coding: utf-8; after-save-hook: (lambda () (let ((command (if (and (boundp 'tramp-file-name-structure) (string-match (car tramp-file-name-structure) (buffer-file-name))) (tramp-file-name-localname (tramp-dissect-file-name (buffer-file-name))) (buffer-file-name)))) (if (= (shell-command (format "%s --check" (shell-quote-argument command)) "*Test*") 0) (let ((w (get-buffer-window "*Test*"))) (if w (delete-window w)) (kill-buffer "*Test*")) (display-buffer "*Test*")))); -*-
 
2
# -*- mode: python; coding: utf-8 -*-
3
3
#
4
4
# Mandos Monitor - Control and monitor the Mandos server
5
5
#
40
40
import os
41
41
import collections
42
42
import json
43
 
import unittest
44
43
 
45
44
import dbus
46
45
 
77
76
server_path = "/"
78
77
server_interface = domain + ".Mandos"
79
78
client_interface = domain + ".Mandos.Client"
80
 
version = "1.8.3"
 
79
version = "1.8.0"
81
80
 
82
81
 
83
82
try:
346
345
    if options.all and not has_actions(options):
347
346
        parser.error("--all requires an action.")
348
347
 
 
348
    if options.check:
 
349
        import doctest
 
350
        fail_count, test_count = doctest.testmod()
 
351
        sys.exit(os.EX_OK if fail_count == 0 else 1)
 
352
 
349
353
    try:
350
354
        bus = dbus.SystemBus()
351
355
        mandos_dbus_objc = bus.get_object(busname, server_path)
489
493
                client.Approve(dbus.Boolean(False),
490
494
                               dbus_interface=client_interface)
491
495
 
492
 
 
493
 
def should_only_run_tests():
494
 
    parser = argparse.ArgumentParser(add_help=False)
495
 
    parser.add_argument("--check", action='store_true')
496
 
    args, unknown_args = parser.parse_known_args()
497
 
    run_tests = args.check
498
 
    if run_tests:
499
 
        # Remove --check argument from sys.argv
500
 
        sys.argv[1:] = unknown_args
501
 
    return run_tests
502
 
 
503
 
# Add all tests from doctest strings
504
 
def load_tests(loader, tests, none):
505
 
    import doctest
506
 
    tests.addTests(doctest.DocTestSuite())
507
 
    return tests
508
496
 
509
497
if __name__ == "__main__":
510
 
    if should_only_run_tests():
511
 
        # Call using ./tdd-python-script --check [--verbose]
512
 
        unittest.main()
513
 
    else:
514
 
        main()
 
498
    main()