Beispiel #1
0
 def ldap_get_user(self, uid=None):
     '''
     获取ldap用户详情,失败返None
     '''
     obj = self.ldapconn
     obj.protocal_version = ldap.VERSION3
     searchScope = ldap.SCOPE_SUBTREE
     retrieveAttributes = None
     searchFilter = "cn=" + uid
     try:
         ldap_result_id = obj.search(self.base_dn, searchScope,
                                     searchFilter, retrieveAttributes)
         result_type, result_data = obj.result(ldap_result_id, 0)
         if result_type == ldap.RES_SEARCH_ENTRY:
             username = result_data[0][1]['cn'][0]
             mail = result_data[0][1]['mail'][0]
             displayName = result_data[0][1]['displayName'][0]
             sn = result_data[0][1]['sn'][0]
             result = {
                 'username': username,
                 'mail': mail,
                 'displayName': displayName,
                 'sn': sn
             }
             return result
         else:
             return None
     except ldap.LDAPError, e:
         log().error(str(e))
Beispiel #2
0
def rollback(creds, nodes):  #, img, hostname):
    '''
    Rollbacks to old image version on the device.
    @args:
        - img: old image from the config files we save.
        - hostname: hostname.
    '''
    # print(f'old images under rollback {img}')

    try:
        for node in nodes:
            connection, cisco = common.find_type(node, creds)
            session = netmiko.ConnectHandler(**connection)
            model = common.get_interface_by_model(session, cisco=cisco)
            # image = config[model]['image']

            print(f'Hostname i have {node}')
            image = config[model]['image']

            regex = image.split('-')[0]
            lines = session.send_command(f'dir | inc {regex}').split('\n')
            for line in lines:
                ## retrieving old image
                if image not in line:
                    img = re.findall(r'' + regex + '.*', line)[0]
                    print(f'Rollback to {img} for {hostname}')
                    ##TODO: umcomment when ready to
                    set_boot(session, img, hostname)
                    if 'cs' in node:
                        bootvar = session.send_command('show boot')
                    else:
                        bootvar = session.send_command('show bootvar')
                    print(bootvar)
                    reload_3 = input(
                        "\n\nSuccess! - proceed with reload ? (y/n) ... ")
                    if reload_3 == 'y':
                        try:
                            ##TODO: umcomment when ready to reload
                            # reload(session)
                            print("Reloading ... ")
                        except:
                            print("NOT Reloading ... ")
            # with open(f"/home/few7/device-ios-upgrade/run_conf/{node}-running-config.txt") as fo:
            #     for line in fo:
            #         # print(f'Im inside the while {line}')
            #         if img in line:
            #             ##UNCOMMENT ONES READY
            #             common.set_boot(session ,img, hostname)
            #             common.reload(session)
            #             ##COMMENT OUT LATER
            #             print(f' The line which has the image :{img} is {line}')

    except Exception as e:
        common.log(f'{node} - rollback() Error -> {str(e)}')
        print(f'{node} - Exception in rollback {e}')
Beispiel #3
0
 def __init__(self, ldap_host=None, base_dn=None, user=None, password=None):
     self.base_dn = base_dn
     self.ldap_host = ldap_host
     self.user = user
     self.password = password
     try:
         self.ldapconn = ldap.initialize(ldap_host)
         self.ldapconn.simple_bind(user, password)
     except ldap.LDAPError, e:
         log().error(str(e))
         print e
Beispiel #4
0
 def ldap_get(self, uid=None, passwd=None):
     '''
     验证ldap账号密码,成功返True,失败返False
     '''
     target_cn = self._ldap_search_dn(uid)
     if not target_cn:
         return False
     try:
         client = ldap.initialize(self.ldap_host)
         client.simple_bind_s(target_cn, passwd)
         client.unbind_s()
         return True
     except ldap.LDAPError, e:
         log().error(str(e))
         return False
Beispiel #5
0
 def status(self):
     '''
     验证初始化ldap账号密码,以及ldap地址是否正确
     '''
     ldap_client = ldap.initialize(self.ldap_host)
     try:
         ldap_client.simple_bind_s(self.user, self.password)
         ldap_client.unbind_s()
         return {"status": True}
     except Exception as e:
         log().error(str(e))
         return {
             "status": False,
             "msg": "ldap初始化管理员账号密码或ldap地址有误,详情:{0}".format(str(e))
         }
Beispiel #6
0
    def _ldap_search_dn(self, uid=None):
        obj = self.ldapconn
        obj.protocal_version = ldap.VERSION3
        searchScope = ldap.SCOPE_SUBTREE
        retrieveAttributes = None
        searchFilter = "cn=" + uid

        try:
            ldap_result_id = obj.search(self.base_dn, searchScope,
                                        searchFilter, retrieveAttributes)
            result_type, result_data = obj.result(ldap_result_id, 0)
            if result_type == ldap.RES_SEARCH_ENTRY:
                return result_data[0][0]
            else:
                return None
        except ldap.LDAPError, e:
            log().error(str(e))
Beispiel #7
0
def handle_file_reception(a_socket, an_address, filename, total_length,
                          storage_dir, verbose):

    path = storage_dir + '/' + filename
    file = open(path, 'wb')

    a_socket.settimeout(TIMEOUT_SECONDS)
    first_ack = ack_message(filename, 0)
    a_socket.sendto(first_ack.encode(), an_address)
    total_received = 0

    while total_received < total_length:
        print("Porcentaje recibido: {}%".format(total_received / total_length *
                                                100))
        timeouts = 0
        sender_address = None
        while sender_address != an_address and timeouts < MAX_TIMEOUTS:
            try:
                raw_received, sender_address = a_socket.\
                    recvfrom(MAX_PACKET_SIZE)
            except timeout:
                log("Timeout {}".format(timeouts), verbose)
                a_socket.sendto(
                    ack_message(filename, total_received).encode(), an_address)
                timeouts += 1

        headers_and_data = raw_received.split(
            bytes('DATA' + HEADER_SEP, encoding='utf-8'), 1)
        headers = headers_and_data[0].decode().split(HEADER_SEP)
        data = headers_and_data[1]
        offset = int(headers[2])

        if offset != total_received:
            a_socket.sendto(
                ack_message(filename, total_received).encode(), an_address)
            continue
        file.write(data)
        total_received += len(data)
        log("Se envia ACK con offset {}".format(total_received), verbose)
        a_socket.sendto(
            ack_message(filename, total_received).encode(), an_address)
    handle_fin_receptor(a_socket, an_address, filename, total_length, verbose)
    print("Fin de recepción")
Beispiel #8
0
def list_model(creds, nodes):
    '''
    Lists models of the device or at a particular site.
    @args:
        - creds: username and password
        - nodes: a list of devices
    '''
    try:
        print('Hostname \t Model')
        connection, cisco = common.find_type(nodes)
        node = connection['ip']
        if connection:
            ssh_session = netmiko.ConnectHandler(**connection)
            model = common.get_interface_by_model(ssh_session, cisco=cisco)
            print(f'{node} \t {model}')
            ssh_session.disconnect()

    except Exception as e:
        common.log(f'{node} - exception in list_model: {e}')
        print(f'{node} - exception in list_model : {e}')
Beispiel #9
0
def upload_file(server_address, src, name, verbose):
    print('UDP: upload_file({}, {}, {})'.format(server_address, src, name))

    if not os.path.isfile(src):
        print("Error: el archivo no existe")
        return

    global client_socket

    client_socket = socket(AF_INET, SOCK_DGRAM)
    client_socket.settimeout(TIMEOUT_SECONDS)
    total_length = os.path.getsize(src)
    total_uploaded = 0
    f = open(src, 'rb')
    first_acked = False
    total_uploaded = 0
    while total_uploaded < total_length:
        print("Subidos: {} de {} [{}%]".format(
            total_uploaded, total_length, total_uploaded / total_length * 100))
        if not first_acked:
            to_send = initial_message(name, total_length).encode()
            data_length = 0
        else:
            to_send, data_length = upload_message(name, total_uploaded, f)

        total_uploaded += data_length
        acked = False
        send_message = True
        timeouts = 0
        while not acked and timeouts < MAX_TIMEOUTS:
            if send_message:
                log(
                    "Enviado paquete con offset {} y {} bytes de datos".format(
                        total_uploaded - data_length, data_length), verbose)
                client_socket.sendto(to_send, server_address)
            sender_address = None
            while sender_address != server_address:
                try:
                    raw_data, sender_address = client_socket.\
                        recvfrom(MAX_PACKET_SIZE)
                except timeout:
                    timeouts += 1
                    send_message = True
                    log("Timeout nro {}".format(timeouts), verbose)
                    break
            if sender_address != server_address:
                continue
            headers = raw_data.decode().split(HEADER_SEP)
            if headers[0] == 'ACK' and headers[1] == name:
                send_message = False
                log("Recibido ACK con offset {}".format(headers[2]), verbose)
                if int(headers[2]) == total_uploaded:
                    first_acked = True
                    acked = True
    handle_fin_emisor(client_socket, server_address, name, total_length,
                      verbose)
    print("Fin de transmisión")
    f.close()
Beispiel #10
0
 def cnupdatepass(self, cn, passwd):
     '''
     更改ldap密码,成功返True,失败返error
     '''
     dn = 'cn={0},{1}'.format(cn, self.base_dn)
     try:
         result = self.ldapconn.search_s(dn, ldap.SCOPE_SUBTREE,
                                         'cn=%s' % cn)
         oldpass = result[0][1]['userPassword']
         oldwifipass = result[0][1]['sambaNTPassword']
         newpass = '******' + b64encode(hashlib.md5(passwd).digest())
         wifipass = binascii.hexlify(
             hashlib.new('md4', passwd.encode('utf-16le')).digest())
         old = {'userPassword': oldpass, 'sambaNTPassword': oldwifipass}
         new = {"sambaNTPassword": [wifipass], "userPassword": [newpass]}
         mlist = modlist.modifyModlist(old, new)
         self.ldapconn.modify_s(dn, mlist)
         return {"status": True}
     except ldap.LDAPError as e:
         log().error(str(e))
         return {
             "status": False,
             "msg": "ldap更改密码错误,详情: {0}".format(str(e))
         }
Beispiel #11
0
def upload(creds, nodes, config, running_configs):
    '''
    Uploads IOS file(s) to the device or a particular site.
    @args:
        - creds: username and password
        - nodes: a list of devices
        - config: file with devices' models and images
    '''
    try:
        # print(f'Nodes i get {nodes}')
        for node in nodes:
            connection, cisco = common.find_type(node, creds)

            ##SAVE RUNING CONFIG
            print(f'node is : {node}')
            run_file = connection['ip'] + "-running-config.txt"
            print(
                f'\nSaving running config into file: {running_configs}/{run_file} \n'
            )
            common.archive_run(connection, f'{running_configs}/{run_file}')
            common.log(
                f'{node} - Saving running config into file: {running_configs}/{run_file}'
            )

            session = netmiko.ConnectHandler(**connection)
            if cisco == False:
                model = common.get_interface_by_model(session, cisco=cisco)
            else:
                model = common.get_interface_by_model(session, cisco=cisco)

            threads = []
            print(f'node just before the if condition {node}')
            if node != None:
                # print('the if Condition is failing')
                # ssh_session = netmiko.ConnectHandler(**connection)

                print(f'config under the upload {model}')
                if model in config:
                    th = Thread(target=common.upload_ios_file,
                                args=(connection, config, model))
                    threads.append(th)
                else:
                    common.log(
                        f'{node} - Please add {model} model to config.json ')
                    print(f'{node} - Please add {model} model to config.json')

            for th in threads:
                th.start()

            for th in threads:
                th.join()

    except Exception as e:
        common.log(f'{node} - exception : {e}')
        print(f'{node} - exception in upload under actions  : {e}')
Beispiel #12
0
def handle_file_sending(a_socket, an_address, filename, storage_dir, verbose):
    a_socket.settimeout(TIMEOUT_SECONDS)
    path = storage_dir + '/' + filename
    if not os.path.isfile(path):
        a_socket.sendto(ERROR_MESSAGE.encode(), an_address)
        return

    total_length = os.path.getsize(path)
    f = open(path, 'rb')
    total_sent = 0
    while total_sent < total_length:
        print("Porcentaje enviado: {}%".format(total_sent / total_length *
                                               100))
        to_send, data_length = download_message(f, filename, total_sent,
                                                total_length, DATA_LENGTH)
        total_sent += data_length
        acked = False
        timeouts = 0
        send_message = True
        while (not acked and timeouts < MAX_TIMEOUTS):
            if send_message:
                log(
                    "Se envia paquete con offset {} y {} bytes de datos".
                    format(total_sent - data_length, data_length), verbose)
                a_socket.sendto(to_send, an_address)
            sender_address = None
            while sender_address != an_address:
                try:
                    raw_data, sender_address = a_socket.\
                        recvfrom(MAX_PACKET_SIZE)
                except timeout:
                    send_message = True
                    timeouts += 1
                    log("Timeout nro {}".format(timeouts), verbose)
                    break

            if sender_address != an_address:
                continue

            message = raw_data.decode().split(HEADER_SEP)
            if message[0] == 'ACK' and message[1] == filename:
                send_message = False
                log("Recibido ACK con offset {}".format(message[2]), verbose)
                if int(message[2]) == total_sent:
                    acked = True
        if not acked:
            break
    handle_fin_emisor(a_socket, an_address, filename, total_length, verbose)
    print("Fin de transmisión")
    f.close()
Beispiel #13
0
def download_file(server_address, name, dst, verbose):
    print('UDP: download_file({}, {}, {})'.format(server_address, name, dst))
    global client_socket

    client_socket = socket(AF_INET, SOCK_DGRAM)
    f = open(dst, 'wb')
    total_length = int(1e10)  # Muy alto
    client_socket.sendto(initial_message(name).encode(), server_address)
    total_received = 0
    client_socket.settimeout(3)

    while total_received < total_length:
        try:
            raw_received, sender_address = client_socket\
                .recvfrom(MAX_PACKET_SIZE)
        except timeout:
            if verbose:
                log("Timeout", verbose)
            if total_received == 0:
                client_socket.sendto(
                    initial_message(name).encode(), server_address)
            continue

        if sender_address != server_address:
            continue

        headers_and_data = raw_received.\
            split(bytes('DATA' + SEP, encoding='utf-8'), 1)
        headers = headers_and_data[0].decode().split(SEP)

        if headers[0] != 'DOWNLOAD' and headers[1] != name:
            print("Ha ocurrido un error, fin de la descarga")
            break

        data = headers_and_data[1]

        offset = int(headers[2])
        if total_received == 0:
            total_length = int(headers[3])

        if offset != total_received:
            log("Envío ACK con offset {}".format(total_received), verbose)
            client_socket.sendto(
                ack_message(name, total_received).encode(), server_address)
            continue
        f.write(data)
        total_received += len(data)
        log(
            "Recibido paquete con offset {} y {} bytes de datos".format(
                offset, len(data)), verbose)
        client_socket.sendto(
            ack_message(name, total_received).encode(), server_address)
        log("Envío ACK con offset {}".format(total_received), verbose)

        print("Porcentaje recibido: {}%".format(total_received / total_length *
                                                100))

    if total_received == total_length:
        handle_fin_receptor(client_socket, server_address, name, total_length,
                            verbose)
    print("Fin de recepción")
    f.close()
Beispiel #14
0
def upgrade_ios(creds, nodes, config):
    '''
    upgrade_ios IOS file(s) to the device or a particular site.
    @args:
        - creds: username and password
        - nodes: a list of devices
        - config: file with devices' models and images
    '''

    try:
        print(nodes)
        for node in nodes:

            connection, cisco = common.find_type(node, creds)
            # node = connection['ip']
            # print(connection)

            session = netmiko.ConnectHandler(**connection)
            model = common.get_interface_by_model(session, cisco=cisco)
            image = config[model]['image']
            md5 = config[model]['md5']
            # print(md5)

            # is_device_up = common.waiting_for_device(node, creds)

            common.log(f'{node} - is upgrading to IOS : {image}')
            print(f'{node} - is upgrading to IOS : {image}')
            verify_md5 = common.verify_md5(session, image, md5, node)

            if verify_md5 == True:
                ##TODO: umcomment when ready to boot
                common.log(f'{node} - md5 validated Successfull..!')
                print(f'{node} - md5 validated Successfull..!')
                boot = input(
                    f"\n{node} - proceed with changing boot ? (y/n): ")
                common.log(boot)
                # response = subprocess.check_output([f"{mute}, f'{node}'])
                # print(response)

                if boot == 'y':
                    common.set_boot(session, image, node)
                    if 'cs' in node:
                        bootvar = session.send_command('show boot')
                    else:
                        bootvar = session.send_command('show bootvar')
                    # print(bootvar)
                    print(f'{node} - Preforming pre checks ')
                    common.pre_post_reload_check(node, creds)

                    common.log(f'\n{node} - {bootvar}')
                    accept_reload = input(
                        "\n\nSuccess! - proceed with reload ? (y/n): ")
                    common.log(f'\n{node} - {accept_reload}')
                    if accept_reload == 'y':
                        try:
                            ##TODO: umcomment when ready to reload
                            print('Im reloading now\n ')
                            common.reload(session, node)
                            # is_device_up = common.waiting_for_device(node, creds)
                            # sleep(10)
                            common.waiting_for_device(node, creds)

                            print('reloading completed')

                        except Exception as e:
                            common.log(f'{node} - unable to reload {e} ...')
                            print(f'{node} - unable to reload {e} ... ')
                    else:
                        common.log(f'{node} - Aborting reload')
                        print(f'\n{node} - Aborting reload !!!\n\n')
            else:
                common.log(
                    f'{node} - Error veryfiing md5 checksum on device, quitting !!!'
                )
                print(
                    f'\n\n{node} - Error veryfiing md5 checksum on device, quitting !!!\n\n'
                )

            session.disconnect()

    except Exception as e:
        common.log(f'{node} - upgrade_ios() Error -> {str(e)}')
        print(f'{node} - exception in upgrade_ios : {e}')