def update_radcheck(dataBase, cursor):
try:
if session_mode == session_modes.DEVICE:
cursor.execute(
"INSERT INTO radcheck (username, attribute, op, value) SELECT radcheck.username, 'Auth-Type', ':=', 'Reject' FROM radcheck INNER JOIN radacct ON radcheck.username=radacct.username WHERE radcheck.attribute='Session-Timeout' AND TIMESTAMPDIFF(SECOND, radacct.acctstarttime, NOW()) > radcheck.value;")
if int(cursor.rowcount) > 0:
log("update_rad_check", "we have updated radcheck", log_levels.DEBUG)
else:
cursor.execute(
"INSERT INTO radcheck (username, attribute, op, value) SELECT radcheck.username, 'Auth-Type', ':=', 'Reject' FROM radcheck WHERE radcheck.attribute='Vendor-Specific' AND STR_TO_DATE(radcheck.value, '%Y-%m-%d %H:%i:%s') < STR_TO_DATE(UTC_TIMESTAMP(), '%Y-%m-%d %H:%i:%s');")
regen = False
if int(cursor.rowcount) > 0:
log("update_rad_check", "Regenerating access code for AP mode...", log_levels.INFO)
disassociate(cursor)
regen = True
else: # check for empty db
cursor.execute("SELECT * from radcheck where username LIKE 'qwifi%';")
if cursor.rowcount == 0:
log("update_rad_check", "Generating access code for AP mode...", log_levels.INFO)
regen = True
if regen:
pw_dict = pwgen.gen_user_pass()
username = '******' + pw_dict['username']
password = pw_dict['password']
for x in range (3):
query = "SELECT username FROM radius.radacct WHERE username = '******';" % username
cursor.execute(query)
result = cursor.fetchall()
if len(result) > 0:
# generate new username and password
pw_dict = pwgen.gen_user_pass()
username = '******' + pw_dict['username']
password = pw_dict['password']
x = x + 1
if x == 3:
return 'ERROR: Program could not generate a unique username.'
else:
break
query = "INSERT INTO radcheck SET username='******',attribute='Cleartext-Password',op=':=',value='%(password)s';" % {
'username': username, 'password': password}
cursor.execute(query)
query = "INSERT INTO radcheck (username,attribute,op,value) VALUES ('%(username)s', 'Vendor-Specific', ':=', DATE_FORMAT(UTC_TIMESTAMP() + INTERVAL %(timeout)s SECOND, '%%Y-%%m-%%d %%H:%%i:%%s'));" % {
'username': username, 'timeout': config.get('session', 'timeout')}
cursor.execute(query)
dataBase.commit()
except MySQLdb.Error, e:
db_error("update_rad_check", e)
dataBase.rollback()
sys.exit()
def get_session_info(config_path, hostapd_conf_path):
"""
Get a dictionary containing session information.
Dictionary keys:
ssid -- the SSID of the network
username -- the username/identity
password -- the password
timeout OR end -- the timeout in seconds OR the absolute end time in UTC
Returns a string error message if there's a problem.
"""
config = get_config(config_path)
try:
db = MySQLdb.connect(config.get('database', 'server'),
config.get('database', 'username'),
config.get('database', 'password'),
config.get('database', 'database'))
c = db.cursor()
except:
return 'Could not connect to the database.'
timeout = ''
try:
timeout = config.getint('session', 'timeout')
except ValueError:
return 'Unable to read timeout from configuration file.'
pw_dict = pwgen.gen_user_pass()
username = '******' + pw_dict['username']
password = pw_dict['password']
for x in range (3):
query = "SELECT username FROM radius.radacct WHERE username = '******';" % username
c.execute(query)
result = c.fetchall()
if len(result) > 0:
# generate new username and password
pw_dict = pwgen.gen_user_pass()
username = '******' + pw_dict['username']
password = pw_dict['password']
x = x + 1
if x == 3:
return 'ERROR: Program could not generate a unique username.'
else:
break
ssid = get_ssid(hostapd_conf_path)
try:
if config.get('session', 'mode') == 'ap':
query = "SELECT username,value FROM radcheck where username LIKE 'qwifi%'"
c.execute(query)
result = c.fetchall()
if len(result) > 0:
username = result[0][0]
password = result[0][1]
else:
print "Couldn't find access code for ap mode. A new random code has been generated."
query = "INSERT INTO radcheck SET username='******',attribute='Cleartext-Password',op=':=',value='%(password)s';" % { 'username' : username, 'password' : password }
c.execute(query)
query = "INSERT INTO radcheck (username,attribute,op,value) VALUES ('%(username)s', 'Vendor-Specific', ':=', DATE_FORMAT(UTC_TIMESTAMP() + INTERVAL %(timeout)s SECOND, '%%Y-%%m-%%d %%H:%%i:%%s'));" % { 'username' : username, 'timeout' : timeout }
c.execute(query)
db.commit()
query = "SELECT value FROM radcheck WHERE attribute='Vendor-Specific'"
c.execute(query)
result = c.fetchall()
end = result[0][0];
return {'ssid': ssid, 'username' : username, 'password' : password, 'end': end}
else:
query = "SELECT DISTINCT username,value FROM radcheck WHERE username LIKE 'qwifi%' AND attribute='Cleartext-Password' AND NOT EXISTS (SELECT username FROM radacct where radacct.username = radcheck.username);"
c.execute(query)
result = c.fetchall()
if len(result) > 0: # we have at least one existing, unused code
username = result[0][0]
password = result[0][1]
query = "SELECT DISTINCT value FROM radcheck WHERE username = '******' AND attribute='Session-Timeout';" % username
c.execute(query)
result = c.fetchall()
if len(result) == 0:
return 'No timeout found.'
if len(result) > 1:
return 'Found %s timeouts (expected 1).' % len(result)
else:
timeout = result[0][0]
else:
timeout = config.get('session', 'timeout')
# use randomly generated password
query = "INSERT INTO radcheck SET username='******',attribute='Cleartext-Password',op=':=',value='%(password)s';" % { 'username' : username, 'password' : password }
c.execute(query)
query = "INSERT INTO radcheck SET username='******',attribute='Session-Timeout',op=':=',value='%(timeout)s';" % { 'username' : username, 'timeout' : timeout }
c.execute(query)
query = "INSERT INTO radcheck SET username='******',attribute='Simultaneous-Use',op=':=',value='1';" % { 'username' : username }
c.execute(query)
db.commit()
return {'ssid': ssid, 'username' : username, 'password' : password, 'timeout': timeout}
except MySQLdb.Error, e:
db.rollback()
return str(e)
def update_radcheck(dataBase, cursor):
try:
if session_mode == session_modes.DEVICE:
cursor.execute(
"INSERT INTO radcheck (username, attribute, op, value) SELECT radcheck.username, 'Auth-Type', ':=', 'Reject' FROM radcheck INNER JOIN radacct ON radcheck.username=radacct.username WHERE radcheck.attribute='Session-Timeout' AND TIMESTAMPDIFF(SECOND, radacct.acctstarttime, NOW()) > radcheck.value;"
)
if int(cursor.rowcount) > 0:
log("update_rad_check", "we have updated radcheck",
log_levels.DEBUG)
else:
cursor.execute(
"INSERT INTO radcheck (username, attribute, op, value) SELECT radcheck.username, 'Auth-Type', ':=', 'Reject' FROM radcheck WHERE radcheck.attribute='Vendor-Specific' AND STR_TO_DATE(radcheck.value, '%Y-%m-%d %H:%i:%s') < STR_TO_DATE(UTC_TIMESTAMP(), '%Y-%m-%d %H:%i:%s');"
)
regen = False
if int(cursor.rowcount) > 0:
log("update_rad_check",
"Regenerating access code for AP mode...", log_levels.INFO)
disassociate(cursor)
regen = True
else: # check for empty db
cursor.execute(
"SELECT * from radcheck where username LIKE 'qwifi%';")
if cursor.rowcount == 0:
log("update_rad_check",
"Generating access code for AP mode...",
log_levels.INFO)
regen = True
if regen:
pw_dict = pwgen.gen_user_pass()
username = '******' + pw_dict['username']
password = pw_dict['password']
for x in range(3):
query = "SELECT username FROM radius.radacct WHERE username = '******';" % username
cursor.execute(query)
result = cursor.fetchall()
if len(result) > 0:
# generate new username and password
pw_dict = pwgen.gen_user_pass()
username = '******' + pw_dict['username']
password = pw_dict['password']
x = x + 1
if x == 3:
return 'ERROR: Program could not generate a unique username.'
else:
break
query = "INSERT INTO radcheck SET username='******',attribute='Cleartext-Password',op=':=',value='%(password)s';" % {
'username': username,
'password': password
}
cursor.execute(query)
query = "INSERT INTO radcheck (username,attribute,op,value) VALUES ('%(username)s', 'Vendor-Specific', ':=', DATE_FORMAT(UTC_TIMESTAMP() + INTERVAL %(timeout)s SECOND, '%%Y-%%m-%%d %%H:%%i:%%s'));" % {
'username': username,
'timeout': config.get('session', 'timeout')
}
cursor.execute(query)
dataBase.commit()
except MySQLdb.Error, e:
db_error("update_rad_check", e)
dataBase.rollback()
sys.exit()
