/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

  • Committer: Teddy Hogeborn
  • Date: 2009-02-13 05:38:21 UTC
  • Revision ID: teddy@fukt.bsnet.se-20090213053821-03e696gckk4nbjps
Support not using IPv6 in server:

* mandos (AvahiService.__init__): Take new "protocol" parameter.  All
                                  callers changed.
  (IPv6_TCPServer.__init__): Take new "use_ipv6" parameter.  All
                             callers changed.
  (IPv6_TCPServer.server_bind): Create IPv4 socket if not using IPv6.
  (main): New "--no-ipv6" command line option.  New "use_ipv6" config
          option.
* mandos-options.xml ([@id="address"]): Document conditional IPv4
                                        address support.
  ([@id="ipv6"]): New paragraph.
* mandos.conf (use_ipv6): New config option.
* mandos.conf.xml (OPTIONS): Document new "use_dbus" option.
  (EXAMPLE): Changed to use IPv6 link-local address.  Added "use_ipv6"
             option.
* mandos.xml (SYNOPSIS): New "--no-ipv6" option.
  (OPTIONS): Document new "--no-ipv6" option.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos
114
114
    """
115
115
    def __init__(self, interface = avahi.IF_UNSPEC, name = None,
116
116
                 servicetype = None, port = None, TXT = None,
117
 
                 domain = "", host = "", max_renames = 32768):
 
117
                 domain = "", host = "", max_renames = 32768,
 
118
                 protocol = avahi.PROTO_UNSPEC):
118
119
        self.interface = interface
119
120
        self.name = name
120
121
        self.type = servicetype
124
125
        self.host = host
125
126
        self.rename_count = 0
126
127
        self.max_renames = max_renames
 
128
        self.protocol = protocol
127
129
    def rename(self):
128
130
        """Derived from the Avahi example code"""
129
131
        if self.rename_count >= self.max_renames:
158
160
                     service.name, service.type)
159
161
        group.AddService(
160
162
                self.interface,         # interface
161
 
                avahi.PROTO_INET6,      # protocol
 
163
                self.protocol,          # protocol
162
164
                dbus.UInt32(0),         # flags
163
165
                self.name, self.type,
164
166
                self.domain, self.host,
738
740
 
739
741
class IPv6_TCPServer(SocketServer.ForkingMixIn,
740
742
                     SocketServer.TCPServer, object):
741
 
    """IPv6 TCP server.  Accepts 'None' as address and/or port.
 
743
    """IPv6-capable TCP server.  Accepts 'None' as address and/or port.
742
744
    Attributes:
743
745
        settings:       Server settings
744
746
        clients:        Set() of Client objects
752
754
        if "clients" in kwargs:
753
755
            self.clients = kwargs["clients"]
754
756
            del kwargs["clients"]
 
757
        if "use_ipv6" in kwargs:
 
758
            if not kwargs["use_ipv6"]:
 
759
                self.address_family = socket.AF_INET
 
760
            del kwargs["use_ipv6"]
755
761
        self.enabled = False
756
762
        super(IPv6_TCPServer, self).__init__(*args, **kwargs)
757
763
    def server_bind(self):
775
781
        # Only bind(2) the socket if we really need to.
776
782
        if self.server_address[0] or self.server_address[1]:
777
783
            if not self.server_address[0]:
778
 
                in6addr_any = "::"
779
 
                self.server_address = (in6addr_any,
 
784
                if self.address_family == socket.AF_INET6:
 
785
                    any_address = "::" # in6addr_any
 
786
                else:
 
787
                    any_address = socket.INADDR_ANY
 
788
                self.server_address = (any_address,
780
789
                                       self.server_address[1])
781
790
            elif not self.server_address[1]:
782
791
                self.server_address = (self.server_address[0],
929
938
                      dest="use_dbus",
930
939
                      help="Do not provide D-Bus system bus"
931
940
                      " interface")
 
941
    parser.add_option("--no-ipv6", action="store_false",
 
942
                      dest="use_ipv6", help="Do not use IPv6")
932
943
    options = parser.parse_args()[0]
933
944
    
934
945
    if options.check:
945
956
                        "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
946
957
                        "servicename": "Mandos",
947
958
                        "use_dbus": "True",
 
959
                        "use_ipv6": "True",
948
960
                        }
949
961
    
950
962
    # Parse config file for server-global settings
958
970
                                                        "debug")
959
971
    server_settings["use_dbus"] = server_config.getboolean("DEFAULT",
960
972
                                                           "use_dbus")
 
973
    server_settings["use_ipv6"] = server_config.getboolean("DEFAULT",
 
974
                                                           "use_ipv6")
961
975
    if server_settings["port"]:
962
976
        server_settings["port"] = server_config.getint("DEFAULT",
963
977
                                                       "port")
967
981
    # options, if set.
968
982
    for option in ("interface", "address", "port", "debug",
969
983
                   "priority", "servicename", "configdir",
970
 
                   "use_dbus"):
 
984
                   "use_dbus", "use_ipv6"):
971
985
        value = getattr(options, option)
972
986
        if value is not None:
973
987
            server_settings[option] = value
977
991
    # For convenience
978
992
    debug = server_settings["debug"]
979
993
    use_dbus = server_settings["use_dbus"]
 
994
    use_ipv6 = server_settings["use_ipv6"]
980
995
    
981
996
    if not debug:
982
997
        syslogger.setLevel(logging.WARNING)
1003
1018
                                 server_settings["port"]),
1004
1019
                                TCP_handler,
1005
1020
                                settings=server_settings,
1006
 
                                clients=clients)
 
1021
                                clients=clients, use_ipv6=use_ipv6)
1007
1022
    pidfilename = "/var/run/mandos.pid"
1008
1023
    try:
1009
1024
        pidfile = open(pidfilename, "w")
1045
1060
         .gnutls_global_set_log_function(debug_gnutls))
1046
1061
    
1047
1062
    global service
 
1063
    protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
1048
1064
    service = AvahiService(name = server_settings["servicename"],
1049
 
                           servicetype = "_mandos._tcp", )
 
1065
                           servicetype = "_mandos._tcp",
 
1066
                           protocol = protocol)
1050
1067
    if server_settings["interface"]:
1051
1068
        service.interface = (if_nametoindex
1052
1069
                             (server_settings["interface"]))
1179
1196
    
1180
1197
    # Find out what port we got
1181
1198
    service.port = tcp_server.socket.getsockname()[1]
1182
 
    logger.info(u"Now listening on address %r, port %d, flowinfo %d,"
1183
 
                u" scope_id %d" % tcp_server.socket.getsockname())
 
1199
    if use_ipv6:
 
1200
        logger.info(u"Now listening on address %r, port %d,"
 
1201
                    " flowinfo %d, scope_id %d"
 
1202
                    % tcp_server.socket.getsockname())
 
1203
    else:                       # IPv4
 
1204
        logger.info(u"Now listening on address %r, port %d"
 
1205
                    % tcp_server.socket.getsockname())
1184
1206
    
1185
1207
    #service.interface = tcp_server.socket.getsockname()[3]
1186
1208