/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

merge

Show diffs side-by-side

added added

removed removed

Lines of Context:
87
87
 
88
88
version = "1.4.1"
89
89
 
 
90
logger = logging.getLogger()
90
91
stored_state_path = "/var/lib/mandos/clients.pickle"
91
92
 
92
 
#logger = logging.getLogger('mandos')
93
 
logger = logging.Logger('mandos')
94
93
syslogger = (logging.handlers.SysLogHandler
95
94
             (facility = logging.handlers.SysLogHandler.LOG_DAEMON,
96
95
              address = str("/dev/log")))
100
99
logger.addHandler(syslogger)
101
100
 
102
101
console = logging.StreamHandler()
103
 
console.setFormatter(logging.Formatter('%(name)s [%(process)d]:'
 
102
console.setFormatter(logging.Formatter('%(asctime)s %(name)s'
 
103
                                       ' [%(process)d]:'
104
104
                                       ' %(levelname)s:'
105
105
                                       ' %(message)s'))
106
106
logger.addHandler(console)
107
107
 
 
108
 
108
109
class AvahiError(Exception):
109
110
    def __init__(self, value, *args, **kwargs):
110
111
        self.value = value
168
169
                            .GetAlternativeServiceName(self.name))
169
170
        logger.info("Changing Zeroconf service name to %r ...",
170
171
                    self.name)
171
 
        syslogger.setFormatter(logging.Formatter
172
 
                               ('Mandos (%s) [%%(process)d]:'
173
 
                                ' %%(levelname)s: %%(message)s'
174
 
                                % self.name))
175
172
        self.remove()
176
173
        try:
177
174
            self.add()
197
194
                avahi.DBUS_INTERFACE_ENTRY_GROUP)
198
195
        self.entry_group_state_changed_match = (
199
196
            self.group.connect_to_signal(
200
 
                'StateChanged', self .entry_group_state_changed))
 
197
                'StateChanged', self.entry_group_state_changed))
201
198
        logger.debug("Adding Zeroconf service '%s' of type '%s' ...",
202
199
                     self.name, self.type)
203
200
        self.group.AddService(
269
266
                                 self.server_state_changed)
270
267
        self.server_state_changed(self.server.GetState())
271
268
 
 
269
class AvahiServiceToSyslog(AvahiService):
 
270
    def rename(self):
 
271
        """Add the new name to the syslog messages"""
 
272
        ret = AvahiService.rename(self)
 
273
        syslogger.setFormatter(logging.Formatter
 
274
                               ('Mandos (%s) [%%(process)d]:'
 
275
                                ' %%(levelname)s: %%(message)s'
 
276
                                % self.name))
 
277
        return ret
272
278
 
273
279
def _timedelta_to_milliseconds(td):
274
280
    "Convert a datetime.timedelta() to milliseconds"
304
310
    interval:   datetime.timedelta(); How often to start a new checker
305
311
    last_approval_request: datetime.datetime(); (UTC) or None
306
312
    last_checked_ok: datetime.datetime(); (UTC) or None
307
 
    Last_checker_status: integer between 0 and 255 reflecting exit status
308
 
                         of last checker. -1 reflect crashed checker.
 
313
    last_checker_status: integer between 0 and 255 reflecting exit status
 
314
                         of last checker. -1 reflect crashed checker,
 
315
                         or None.
309
316
    last_enabled: datetime.datetime(); (UTC)
310
317
    name:       string; from the config file, used in log messages and
311
318
                        D-Bus identifiers
368
375
        self.last_approval_request = None
369
376
        self.last_enabled = datetime.datetime.utcnow()
370
377
        self.last_checked_ok = None
371
 
        self.last_checker_status = 0
 
378
        self.last_checker_status = None
372
379
        self.timeout = string_to_delta(config["timeout"])
373
380
        self.extended_timeout = string_to_delta(config
374
381
                                                ["extended_timeout"])
400
407
            if not name.startswith("_"):
401
408
                self.client_structure.append(name)
402
409
    
403
 
    
 
410
    # Send notice to process children that client state has changed
404
411
    def send_changedstate(self):
405
 
        self.changedstate.acquire()
406
 
        self.changedstate.notify_all()
407
 
        self.changedstate.release()
 
412
        with self.changedstate:
 
413
            self.changedstate.notify_all()
408
414
    
409
415
    def enable(self):
410
416
        """Start this client's checker and timeout hooks"""
587
593
 
588
594
    # Encrypts a client secret and stores it in a varible encrypted_secret
589
595
    def encrypt_secret(self, key):
590
 
        # Encryption-key need to be specific size, so we hash inputed key
 
596
        # Encryption-key need to be of a specific size, so we hash inputed key
591
597
        hasheng = hashlib.sha256()
592
598
        hasheng.update(key)
593
599
        encryptionkey = hasheng.digest()
606
612
 
607
613
    # Decrypt a encrypted client secret
608
614
    def decrypt_secret(self, key):
609
 
        # Decryption-key need to be specific size, so we hash inputed key
 
615
        # Decryption-key need to be of a specific size, so we hash inputed key
610
616
        hasheng = hashlib.sha256()
611
617
        hasheng.update(key)
612
618
        encryptionkey = hasheng.digest()
1916
1922
    parser.add_argument("--no-ipv6", action="store_false",
1917
1923
                        dest="use_ipv6", help="Do not use IPv6")
1918
1924
    parser.add_argument("--no-restore", action="store_false",
1919
 
                        dest="restore", help="Do not restore old state",
 
1925
                        dest="restore", help="Do not restore stored state",
1920
1926
                        default=True)
1921
1927
 
1922
1928
    options = parser.parse_args()
2038
2044
            raise error
2039
2045
    
2040
2046
    if not debug and not debuglevel:
2041
 
        syslogger.setLevel(logging.WARNING)
2042
 
        console.setLevel(logging.WARNING)
 
2047
        logger.setLevel(logging.WARNING)
2043
2048
    if debuglevel:
2044
2049
        level = getattr(logging, debuglevel.upper())
2045
 
        syslogger.setLevel(level)
2046
 
        console.setLevel(level)
 
2050
        logger.setLevel(level)
2047
2051
    
2048
2052
    if debug:
 
2053
        logger.setLevel(logging.DEBUG)
2049
2054
        # Enable all possible GnuTLS debugging
2050
2055
        
2051
2056
        # "Use a log level over 10 to enable all debugging options."
2092
2097
            server_settings["use_dbus"] = False
2093
2098
            tcp_server.use_dbus = False
2094
2099
    protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
2095
 
    service = AvahiService(name = server_settings["servicename"],
2096
 
                           servicetype = "_mandos._tcp",
2097
 
                           protocol = protocol, bus = bus)
 
2100
    service = AvahiServiceToSyslog(name =
 
2101
                                   server_settings["servicename"],
 
2102
                                   servicetype = "_mandos._tcp",
 
2103
                                   protocol = protocol, bus = bus)
2098
2104
    if server_settings["interface"]:
2099
2105
        service.interface = (if_nametoindex
2100
2106
                             (str(server_settings["interface"])))
2127
2133
    old_client_settings = {}
2128
2134
    clients_data = []
2129
2135
 
 
2136
    # Get client data and settings from last running state. 
2130
2137
    if server_settings["restore"]:
2131
2138
        try:
2132
2139
            with open(stored_state_path, "rb") as stored_state:
2329
2336
            if use_dbus:
2330
2337
                # Emit D-Bus signal
2331
2338
                mandos_dbus_service.ClientRemoved(client
2332
 
                                              .dbus_object_path,
2333
 
                                              client.name)
 
2339
                                                  .dbus_object_path,
 
2340
                                                  client.name)
2334
2341
        client_settings.clear()
2335
2342
    
2336
2343
    atexit.register(cleanup)