def radius_challenge(username, password, host, secret, port, nasip, debug): hostname = gethostname() dict_path = sys.path[0] + "/lib/dicts/dictionary" radius = Client(server=host, secret=secret, authport=port, dict=Dictionary(dict_path)) request = radius.CreateAuthPacket(code=packet.AccessRequest) if debug: print "[DEBUG] assembling packet attributes" request["User-Name"] = username request["NAS-IP-Address"] = nasip request["NAS-Identifier"] = hostname if debug: print "[DEBUG] auth method: mscharpv2" auth = mschap2.MSCHAP2() authAttrs = {} authAttrs = auth.getAuthAttrs(username, password) for key in authAttrs.keys(): request[key] = authAttrs[key] if debug: print "[DEBUG] dumping request attributes..." for key in request.keys(): print "[DEBUG]\t\t %s : %s" % (key, request[key]) tsStart = time() try: reply = radius.SendPacket(request) except packet.PacketError, e: if debug: print e print "CRITICAL: Timeout sending Access-Request" return False
def send(opts): hostname = gethostname() address = gethostbyname(hostname) radius = Client(server=opts["host"], secret=opts["secret"], authport=opts["port"], dict=Dictionary(opts["dict"])) request = radius.CreateAuthPacket(code=packet.AccessRequest) if opts["verbose"]: print "[DEBUG] assembling packet attributes" attrs = { "User-Name": opts["user"], "NAS-Identifier": hostname, "NAS-IP-Address": address } for key in attrs.keys(): request[key] = attrs[key] del attrs if opts["verbose"]: print "[DEBUG] auth method: %s" % opts["type"] if opts["type"] == "mschap2": auth = mschap2.MSCHAP2() elif opts["type"] in ("mschap", "chap", "pap"): print "Unsupported authentication type: %s" % opts["type"] authAttrs = {} authAttrs = auth.getAuthAttrs(opts["user"], opts["pass"]) for key in authAttrs.keys(): request[key] = authAttrs[key] del authAttrs if opts["verbose"]: print "[DEBUG] dumping request attributes..." for key in request.keys(): print "[DEBUG]\t\t %s : %s" % (key, request[key]) tsStart = time() try: reply = radius.SendPacket(request) except: print "CRITICAL: Timeout sending Access-Request" sys.exit(2) tsStop = time() if opts["verbose"]: print "[DEBUG] dumping reply attributes..." for key in reply.keys(): print "[DEBUG]\t\t %s : %s" % (key, reply[key]) if reply.code == packet.AccessAccept: print "OK: Access-Accept in: %0.2f seconds" % (tsStop - tsStart) sys.exit(0) else: print "CRITICAL: Access-Reject in: %0.2f seconds" % (tsStop - tsStart) sys.exit(2)
#!/usr/bin/python import packet from client import Client from dictionary import Dictionary srv=Client(server="localhost", dict=Dictionary("/home/test/rajesh/pyrad-0.8/example/dictionary", "/home/test/rajesh/pyrad-0.8/example/dictionary")) req=srv.CreateAuthPacket(code=packet.AccessRequest, User_Name="rajesh", NAS_Identifier="localhost") req["User-Password"]=req.PwCrypt("rajesh123") reply=srv.SendPacket(req) if reply.code==packet.AccessAccept: print "access accepted" else: print "access denied" print "Attributes returned by server:" for i in reply.keys(): print "%s: %s" % (i, reply[i])