2011-10-07 19:47:50 +00:00
|
|
|
# emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*-
|
|
|
|
|
# vi: set ft=python sts=4 ts=4 sw=4 noet :
|
|
|
|
|
|
2007-12-14 21:19:00 +00:00
|
|
|
# This file is part of Fail2Ban.
|
|
|
|
|
#
|
|
|
|
|
# Fail2Ban is free software; you can redistribute it and/or modify
|
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
# (at your option) any later version.
|
|
|
|
|
#
|
|
|
|
|
# Fail2Ban is distributed in the hope that it will be useful,
|
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
|
#
|
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
|
# along with Fail2Ban; if not, write to the Free Software
|
2011-11-21 12:20:20 +00:00
|
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
2007-12-14 21:19:00 +00:00
|
|
|
|
|
|
|
|
# Author: Cyril Jaquier
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
__author__ = "Cyril Jaquier"
|
|
|
|
|
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
|
|
|
|
|
__license__ = "GPL"
|
|
|
|
|
|
|
|
|
|
from pickle import dumps, loads, HIGHEST_PROTOCOL
|
2009-08-30 14:03:18 +00:00
|
|
|
from common import helpers
|
2013-04-02 17:11:59 +00:00
|
|
|
import asyncore, asynchat, socket, os, logging, sys, traceback, fcntl
|
2007-12-14 21:19:00 +00:00
|
|
|
|
|
|
|
|
# Gets the instance of the logger.
|
|
|
|
|
logSys = logging.getLogger("fail2ban.server")
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Request handler class.
|
|
|
|
|
#
|
|
|
|
|
# This class extends asynchat in order to provide a request handler for
|
|
|
|
|
# incoming query.
|
|
|
|
|
|
|
|
|
|
class RequestHandler(asynchat.async_chat):
|
|
|
|
|
|
|
|
|
|
END_STRING = "<F2B_END_COMMAND>"
|
|
|
|
|
|
|
|
|
|
def __init__(self, conn, transmitter):
|
|
|
|
|
asynchat.async_chat.__init__(self, conn)
|
|
|
|
|
self.__transmitter = transmitter
|
|
|
|
|
self.__buffer = []
|
|
|
|
|
# Sets the terminator.
|
|
|
|
|
self.set_terminator(RequestHandler.END_STRING)
|
|
|
|
|
|
|
|
|
|
def collect_incoming_data(self, data):
|
2008-02-02 16:59:45 +00:00
|
|
|
#logSys.debug("Received raw data: " + str(data))
|
2007-12-14 21:19:00 +00:00
|
|
|
self.__buffer.append(data)
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Handles a new request.
|
|
|
|
|
#
|
|
|
|
|
# This method is called once we have a complete request.
|
|
|
|
|
|
2007-12-17 19:53:33 +00:00
|
|
|
def found_terminator(self):
|
2007-12-14 21:19:00 +00:00
|
|
|
# Joins the buffer items.
|
|
|
|
|
message = loads("".join(self.__buffer))
|
|
|
|
|
# Gives the message to the transmitter.
|
|
|
|
|
message = self.__transmitter.proceed(message)
|
|
|
|
|
# Serializes the response.
|
|
|
|
|
message = dumps(message, HIGHEST_PROTOCOL)
|
|
|
|
|
# Sends the response to the client.
|
|
|
|
|
self.send(message + RequestHandler.END_STRING)
|
|
|
|
|
# Closes the channel.
|
|
|
|
|
self.close_when_done()
|
|
|
|
|
|
|
|
|
|
def handle_error(self):
|
2013-05-10 02:46:59 +00:00
|
|
|
e1, e2 = helpers.formatExceptionInfo()
|
|
|
|
|
logSys.error("Unexpected communication error: %s" % str(e2))
|
2009-08-30 13:51:17 +00:00
|
|
|
logSys.error(traceback.format_exc().splitlines())
|
2007-12-14 21:19:00 +00:00
|
|
|
self.close()
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Asynchronous server class.
|
|
|
|
|
#
|
|
|
|
|
# This class extends asyncore and dispatches connection requests to
|
|
|
|
|
# RequestHandler.
|
|
|
|
|
|
|
|
|
|
class AsyncServer(asyncore.dispatcher):
|
|
|
|
|
|
|
|
|
|
def __init__(self, transmitter):
|
|
|
|
|
asyncore.dispatcher.__init__(self)
|
|
|
|
|
self.__transmitter = transmitter
|
|
|
|
|
self.__sock = "/var/run/fail2ban/fail2ban.sock"
|
|
|
|
|
self.__init = False
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Returns False as we only read the socket first.
|
|
|
|
|
|
|
|
|
|
def writable(self):
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def handle_accept(self):
|
|
|
|
|
try:
|
|
|
|
|
conn, addr = self.accept()
|
|
|
|
|
except socket.error:
|
|
|
|
|
logSys.warning("Socket error")
|
|
|
|
|
return
|
|
|
|
|
except TypeError:
|
|
|
|
|
logSys.warning("Type error")
|
|
|
|
|
return
|
2013-04-02 17:11:59 +00:00
|
|
|
AsyncServer.__markCloseOnExec(conn)
|
2007-12-14 21:19:00 +00:00
|
|
|
# Creates an instance of the handler class to handle the
|
|
|
|
|
# request/response on the incoming connection.
|
|
|
|
|
RequestHandler(conn, self.__transmitter)
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Starts the communication server.
|
|
|
|
|
#
|
|
|
|
|
# @param sock: socket file.
|
|
|
|
|
# @param force: remove the socket file if exists.
|
|
|
|
|
|
|
|
|
|
def start(self, sock, force):
|
|
|
|
|
self.__sock = sock
|
|
|
|
|
# Remove socket
|
|
|
|
|
if os.path.exists(sock):
|
|
|
|
|
logSys.error("Fail2ban seems to be already running")
|
|
|
|
|
if force:
|
|
|
|
|
logSys.warn("Forcing execution of the server")
|
|
|
|
|
os.remove(sock)
|
|
|
|
|
else:
|
|
|
|
|
raise AsyncServerException("Server already running")
|
|
|
|
|
# Creates the socket.
|
|
|
|
|
self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM)
|
|
|
|
|
self.set_reuse_addr()
|
2007-12-17 19:53:33 +00:00
|
|
|
try:
|
|
|
|
|
self.bind(sock)
|
|
|
|
|
except Exception:
|
|
|
|
|
raise AsyncServerException("Unable to bind socket %s" % self.__sock)
|
2013-04-02 17:11:59 +00:00
|
|
|
AsyncServer.__markCloseOnExec(self.socket)
|
2007-12-14 21:19:00 +00:00
|
|
|
self.listen(1)
|
|
|
|
|
# Sets the init flag.
|
|
|
|
|
self.__init = True
|
|
|
|
|
# TODO Add try..catch
|
2009-08-30 00:36:40 +00:00
|
|
|
# There's a bug report for Python 2.6/3.0 that use_poll=True yields some 2.5 incompatibilities:
|
2009-08-30 13:32:19 +00:00
|
|
|
if sys.version_info >= (2, 6): # if python 2.6 or greater...
|
|
|
|
|
logSys.debug("Detected Python 2.6 or greater. asyncore.loop() not using poll")
|
2009-08-30 13:27:52 +00:00
|
|
|
asyncore.loop(use_poll = False) # fixes the "Unexpected communication problem" issue on Python 2.6 and 3.0
|
2013-03-10 04:18:42 +00:00
|
|
|
else: # pragma: no cover
|
2009-08-30 13:27:52 +00:00
|
|
|
logSys.debug("NOT Python 2.6/3.* - asyncore.loop() using poll")
|
|
|
|
|
asyncore.loop(use_poll = True)
|
2007-12-14 21:19:00 +00:00
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Stops the communication server.
|
|
|
|
|
|
|
|
|
|
def stop(self):
|
|
|
|
|
if self.__init:
|
|
|
|
|
# Only closes the socket if it was initialized first.
|
|
|
|
|
self.close()
|
|
|
|
|
# Remove socket
|
|
|
|
|
if os.path.exists(self.__sock):
|
|
|
|
|
logSys.debug("Removed socket file " + self.__sock)
|
|
|
|
|
os.remove(self.__sock)
|
|
|
|
|
logSys.debug("Socket shutdown")
|
|
|
|
|
|
2013-04-02 17:11:59 +00:00
|
|
|
##
|
|
|
|
|
# Marks socket as close-on-exec to avoid leaking file descriptors when
|
|
|
|
|
# running actions involving command execution.
|
|
|
|
|
|
|
|
|
|
# @param sock: socket file.
|
|
|
|
|
|
|
|
|
|
#@staticmethod
|
|
|
|
|
def __markCloseOnExec(sock):
|
|
|
|
|
fd = sock.fileno()
|
|
|
|
|
flags = fcntl.fcntl(fd, fcntl.F_GETFD)
|
|
|
|
|
fcntl.fcntl(fd, fcntl.F_SETFD, flags|fcntl.FD_CLOEXEC)
|
|
|
|
|
__markCloseOnExec = staticmethod(__markCloseOnExec)
|
2007-12-14 21:19:00 +00:00
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# AsyncServerException is used to wrap communication exceptions.
|
|
|
|
|
|
|
|
|
|
class AsyncServerException(Exception):
|
|
|
|
|
pass
|
