def _get_section_radius_listeners(config, section_name):
""" Create listener object for each radius_ip entry in a section
Args:
config (ConfigDict): The raw config section
section_name (str): The name of the config section
Returns:
A list of listener objects
"""
port = config.get_int("port", 1812)
interface = config.get("interface", "*")
all_networks = []
listeners = []
for ip_key in util.get_dynamic_keys(config, "radius_ip"):
try:
ip_str = config.get_str(ip_key)
ip_networks = ip_util.get_ip_networks(ip_str)
all_networks.append(ip_networks)
listeners.append(
RadiusListener(ip_networks, ip_str, port, interface,
section_name))
except Exception:
# we just silently ignore badly formatted IP strings since that will
# reported by other parts of the validator
pass
return listeners
def check_hostname_verification(config, toolbox):
"""
Checks that a user has a hostname in configured for their host if they have ssl_verify_hostname
set to true.
Args:
config (ConfigDict): The config object to check
toolbox (ConfigTestToolbox): Toolbox used to execute the tests
Returns:
list of BaseResult
"""
problems = []
try:
transport_type = config.get_enum("transport", const.AD_TRANSPORTS,
const.AD_TRANSPORT_CLEAR, str.lower)
if transport_type in const.AD_TRANSPORTS_WITH_SSL:
hosts = util.get_dynamic_keys(config, "host")
for host in hosts:
if ip_util.is_valid_single_ip(config.get_str(
host)) and config.get_bool("ssl_verify_hostname"):
problems.append(
IncompatibleValues(
key=host,
type="hostname",
condition="ssl_verify_hostname is enabled",
))
except ConfigError:
problems.append(
SkippedTest(test=check_hostname_verification.__name__,
key="transport"))
return problems
def add_dynamic_keys_to_test_resolver(config, config_test_resolver,
dynamic_test_resolver):
"""Add the dynamic keys and their testers to the config_test_resolver
Args:
config (ConfigDict): The config object to check
config_test_resolver (Dict): All the known config options tied to their tester
dynamic_test_resolver (Dict): The stems of the dynamic keys tied to the tester for that key
"""
for stem in dynamic_test_resolver:
for key in util.get_dynamic_keys(config, stem):
config_test_resolver[key] = dynamic_test_resolver[stem]
def test_config_has_any_dynamic_key(self, config, key, optionally_protected=False):
"""
Tests that some dynamic key exists with the given base
Args:
config (ConfigDict): The config containing the dynamic values to check for
key (str): The base of the key to check against
Returns:
bool: Whether any dynamic key appears which matches the stem
"""
return len(util.get_dynamic_keys(config, key, optionally_protected)) > 0
def check_config_dependencies(config, toolbox):
""" Validates dependencies between config options within an [radius_client] section
Args:
config (ConfigDict): The config object to validate dependencies on
toolbox (ConfigTestToolbox): The toolbox used to execute the tests
Returns:
list of zero or more MissingKey objects
"""
problems = []
# Check that a port given has a matching host
for port in util.get_dynamic_keys(config, 'port'):
host = 'host' + port.lstrip('port')
if not toolbox.test_items_paired(config, port, host):
problems.append(MissingKey(key=host))
return problems