def update_radcheck(dataBase, cursor): try: if session_mode == session_modes.DEVICE: cursor.execute( "INSERT INTO radcheck (username, attribute, op, value) SELECT radcheck.username, 'Auth-Type', ':=', 'Reject' FROM radcheck INNER JOIN radacct ON radcheck.username=radacct.username WHERE radcheck.attribute='Session-Timeout' AND TIMESTAMPDIFF(SECOND, radacct.acctstarttime, NOW()) > radcheck.value;") if int(cursor.rowcount) > 0: log("update_rad_check", "we have updated radcheck", log_levels.DEBUG) else: cursor.execute( "INSERT INTO radcheck (username, attribute, op, value) SELECT radcheck.username, 'Auth-Type', ':=', 'Reject' FROM radcheck WHERE radcheck.attribute='Vendor-Specific' AND STR_TO_DATE(radcheck.value, '%Y-%m-%d %H:%i:%s') < STR_TO_DATE(UTC_TIMESTAMP(), '%Y-%m-%d %H:%i:%s');") regen = False if int(cursor.rowcount) > 0: log("update_rad_check", "Regenerating access code for AP mode...", log_levels.INFO) disassociate(cursor) regen = True else: # check for empty db cursor.execute("SELECT * from radcheck where username LIKE 'qwifi%';") if cursor.rowcount == 0: log("update_rad_check", "Generating access code for AP mode...", log_levels.INFO) regen = True if regen: pw_dict = pwgen.gen_user_pass() username = '******' + pw_dict['username'] password = pw_dict['password'] for x in range (3): query = "SELECT username FROM radius.radacct WHERE username = '******';" % username cursor.execute(query) result = cursor.fetchall() if len(result) > 0: # generate new username and password pw_dict = pwgen.gen_user_pass() username = '******' + pw_dict['username'] password = pw_dict['password'] x = x + 1 if x == 3: return 'ERROR: Program could not generate a unique username.' else: break query = "INSERT INTO radcheck SET username='******',attribute='Cleartext-Password',op=':=',value='%(password)s';" % { 'username': username, 'password': password} cursor.execute(query) query = "INSERT INTO radcheck (username,attribute,op,value) VALUES ('%(username)s', 'Vendor-Specific', ':=', DATE_FORMAT(UTC_TIMESTAMP() + INTERVAL %(timeout)s SECOND, '%%Y-%%m-%%d %%H:%%i:%%s'));" % { 'username': username, 'timeout': config.get('session', 'timeout')} cursor.execute(query) dataBase.commit() except MySQLdb.Error, e: db_error("update_rad_check", e) dataBase.rollback() sys.exit()
def get_session_info(config_path, hostapd_conf_path): """ Get a dictionary containing session information. Dictionary keys: ssid -- the SSID of the network username -- the username/identity password -- the password timeout OR end -- the timeout in seconds OR the absolute end time in UTC Returns a string error message if there's a problem. """ config = get_config(config_path) try: db = MySQLdb.connect(config.get('database', 'server'), config.get('database', 'username'), config.get('database', 'password'), config.get('database', 'database')) c = db.cursor() except: return 'Could not connect to the database.' timeout = '' try: timeout = config.getint('session', 'timeout') except ValueError: return 'Unable to read timeout from configuration file.' pw_dict = pwgen.gen_user_pass() username = '******' + pw_dict['username'] password = pw_dict['password'] for x in range (3): query = "SELECT username FROM radius.radacct WHERE username = '******';" % username c.execute(query) result = c.fetchall() if len(result) > 0: # generate new username and password pw_dict = pwgen.gen_user_pass() username = '******' + pw_dict['username'] password = pw_dict['password'] x = x + 1 if x == 3: return 'ERROR: Program could not generate a unique username.' else: break ssid = get_ssid(hostapd_conf_path) try: if config.get('session', 'mode') == 'ap': query = "SELECT username,value FROM radcheck where username LIKE 'qwifi%'" c.execute(query) result = c.fetchall() if len(result) > 0: username = result[0][0] password = result[0][1] else: print "Couldn't find access code for ap mode. A new random code has been generated." query = "INSERT INTO radcheck SET username='******',attribute='Cleartext-Password',op=':=',value='%(password)s';" % { 'username' : username, 'password' : password } c.execute(query) query = "INSERT INTO radcheck (username,attribute,op,value) VALUES ('%(username)s', 'Vendor-Specific', ':=', DATE_FORMAT(UTC_TIMESTAMP() + INTERVAL %(timeout)s SECOND, '%%Y-%%m-%%d %%H:%%i:%%s'));" % { 'username' : username, 'timeout' : timeout } c.execute(query) db.commit() query = "SELECT value FROM radcheck WHERE attribute='Vendor-Specific'" c.execute(query) result = c.fetchall() end = result[0][0]; return {'ssid': ssid, 'username' : username, 'password' : password, 'end': end} else: query = "SELECT DISTINCT username,value FROM radcheck WHERE username LIKE 'qwifi%' AND attribute='Cleartext-Password' AND NOT EXISTS (SELECT username FROM radacct where radacct.username = radcheck.username);" c.execute(query) result = c.fetchall() if len(result) > 0: # we have at least one existing, unused code username = result[0][0] password = result[0][1] query = "SELECT DISTINCT value FROM radcheck WHERE username = '******' AND attribute='Session-Timeout';" % username c.execute(query) result = c.fetchall() if len(result) == 0: return 'No timeout found.' if len(result) > 1: return 'Found %s timeouts (expected 1).' % len(result) else: timeout = result[0][0] else: timeout = config.get('session', 'timeout') # use randomly generated password query = "INSERT INTO radcheck SET username='******',attribute='Cleartext-Password',op=':=',value='%(password)s';" % { 'username' : username, 'password' : password } c.execute(query) query = "INSERT INTO radcheck SET username='******',attribute='Session-Timeout',op=':=',value='%(timeout)s';" % { 'username' : username, 'timeout' : timeout } c.execute(query) query = "INSERT INTO radcheck SET username='******',attribute='Simultaneous-Use',op=':=',value='1';" % { 'username' : username } c.execute(query) db.commit() return {'ssid': ssid, 'username' : username, 'password' : password, 'timeout': timeout} except MySQLdb.Error, e: db.rollback() return str(e)
def update_radcheck(dataBase, cursor): try: if session_mode == session_modes.DEVICE: cursor.execute( "INSERT INTO radcheck (username, attribute, op, value) SELECT radcheck.username, 'Auth-Type', ':=', 'Reject' FROM radcheck INNER JOIN radacct ON radcheck.username=radacct.username WHERE radcheck.attribute='Session-Timeout' AND TIMESTAMPDIFF(SECOND, radacct.acctstarttime, NOW()) > radcheck.value;" ) if int(cursor.rowcount) > 0: log("update_rad_check", "we have updated radcheck", log_levels.DEBUG) else: cursor.execute( "INSERT INTO radcheck (username, attribute, op, value) SELECT radcheck.username, 'Auth-Type', ':=', 'Reject' FROM radcheck WHERE radcheck.attribute='Vendor-Specific' AND STR_TO_DATE(radcheck.value, '%Y-%m-%d %H:%i:%s') < STR_TO_DATE(UTC_TIMESTAMP(), '%Y-%m-%d %H:%i:%s');" ) regen = False if int(cursor.rowcount) > 0: log("update_rad_check", "Regenerating access code for AP mode...", log_levels.INFO) disassociate(cursor) regen = True else: # check for empty db cursor.execute( "SELECT * from radcheck where username LIKE 'qwifi%';") if cursor.rowcount == 0: log("update_rad_check", "Generating access code for AP mode...", log_levels.INFO) regen = True if regen: pw_dict = pwgen.gen_user_pass() username = '******' + pw_dict['username'] password = pw_dict['password'] for x in range(3): query = "SELECT username FROM radius.radacct WHERE username = '******';" % username cursor.execute(query) result = cursor.fetchall() if len(result) > 0: # generate new username and password pw_dict = pwgen.gen_user_pass() username = '******' + pw_dict['username'] password = pw_dict['password'] x = x + 1 if x == 3: return 'ERROR: Program could not generate a unique username.' else: break query = "INSERT INTO radcheck SET username='******',attribute='Cleartext-Password',op=':=',value='%(password)s';" % { 'username': username, 'password': password } cursor.execute(query) query = "INSERT INTO radcheck (username,attribute,op,value) VALUES ('%(username)s', 'Vendor-Specific', ':=', DATE_FORMAT(UTC_TIMESTAMP() + INTERVAL %(timeout)s SECOND, '%%Y-%%m-%%d %%H:%%i:%%s'));" % { 'username': username, 'timeout': config.get('session', 'timeout') } cursor.execute(query) dataBase.commit() except MySQLdb.Error, e: db_error("update_rad_check", e) dataBase.rollback() sys.exit()