class RadAuthClient(protocol.DatagramProtocol): def __init__(self, secret, dictionary, server, port=1812, debug=False, stat_push=None): self.dict = dictionary self.secret = six.b(secret) self.server = server self.authport = port self.debug = debug self.stat_push = stat_push reactor.listenUDP(0, self) def close(self): if self.transport is not None: self.transport.stopListening() self.transport = None def sendAuth(self, **kwargs): User_Password = kwargs.pop("User-Password", None) CHAP_Password = kwargs.pop("CHAP-Password", None) CHAP_Challenge = kwargs.get("CHAP-Challenge") request = message.AuthMessage(dict=self.dict, secret=self.secret, **kwargs) if User_Password: request['User-Password'] = request.PwCrypt(User_Password) if CHAP_Password: if CHAP_Challenge: request['CHAP-Challenge'] = CHAP_Challenge request['CHAP-Password'] = CHAP_Password if self.debug: log.msg("Send radius Auth Request to (%s:%s): %s" % (self.server, self.authport, request.format_str())) self.transport.write(request.RequestPacket(), (self.server, self.authport)) self.stat_push.push("requests") def datagramReceived(self, datagram, (host, port)): try: response = packet.Packet(packet=datagram, dict=self.dict, secret=self.secret) msgs = ['replys'] if response.code == packet.AccessReject: msgs.append('rejects') if response.code == packet.AccessAccept: msgs.append('accepts') self.stat_push.push(",".join(msgs)) if self.debug: log.msg("Received Radius Response from %s: %s" % ((host, port), message.format_packet_str(response))) except Exception as err: log.err('Invalid Response packet from %s: %s' % ((host, port), str(err))) self.stat_push.push("errors")
def coaresp(session): reply = coareq.CreateReply() reply.code = packet.DisconnectACK log.msg("[RADIUSAuthorize] :: Send Authorize radius response: %s" % (message.format_packet_str(reply))) self.transport.write(reply.ReplyPacket(), (host, port)) statusdb.del_client(self.status_dbfile, session.get('session_id'))
class RadiusdAuthorize(protocol.DatagramProtocol): def __init__(self, config, dbengine=None,statcache=None): self.config = config self.dbengine = dbengine self.statcache = statcache self.radloader = RadiusLoader(config,dbengine) def processPacket(self, coareq, (host,port)): session_id = coareq.get_acct_sessionid() session = RadiusSession.sessions.pop(session_id,None) if session: session.stop() reply = coareq.CreateReply() logger.info("[RADIUSAuthorize] :: Send Authorize radius response: %s" % (repr(reply))) if self.config.radius.debug: logger.debug(message.format_packet_str(reply)) self.transport.write(reply.ReplyPacket(), (host, port))
logger.debug(message.format_packet_str(reply)) self.transport.write(reply.ReplyPacket(), (host, port)) def datagramReceived(self, datagram, (host, port)): try: radius = self.radloader.getRadius(host) if not radius: logger.info('[RADIUSAuthorize] :: Dropping Authorize packet from unknown host ' + host) return coa_req = message.CoAMessage(packet=datagram, dict=radius.dict, secret=six.b(radius.secret)) logger.info("[RADIUSAuthorize] :: Received Authorize radius request: %s" % message.format_packet_log(coa_req)) if self.config.radius.debug: logger.debug(message.format_packet_str(coa_req)) self.processPacket(coa_req, (host, port)) except packet.PacketError as err: errstr = 'RadiusError:Dropping invalid packet from {0} {1},{2}'.format( host, port, utils.safeunicode(err)) logger.error(errstr) def run(config, dbengine=None): authorize_protocol = RadiusdAuthorize(config, dbengine=dbengine) reactor.listenUDP(int(config.radius.authorize_port), authorize_protocol, interface=config.radius.host)
reply.code = packet.DisconnectNAK self.transport.write(reply.ReplyPacket(), (host, port)) def datagramReceived(self, datagram, (host, port)): try: if host not in self.radius_addr: log.err( '[RADIUSAuthorize] :: Dropping Authorize packet from unknown host ' + host) return coa_req = message.CoAMessage(packet=datagram, dict=self.dictionary, secret=six.b(self.secret)) log.msg( "[RADIUSAuthorize] :: Received Authorize radius request : %s" % message.format_packet_str(coa_req)) self.processPacket(coa_req, (host, port)) except Exception as err: log.err('RadiusError:Dropping invalid packet from {0} {1}'.format( host, port)) log.err(err) @click.command() @click.option('-c', '--conf', default=CONFIG_FILE, help='txovpn config file') def main(conf): """ OpenVPN status daemon """ config = init_config(conf) nas_addr = config.get('DEFAULT', 'nas_addr') status_file = config.get('DEFAULT', 'statusfile')
def onresp(r): print message.format_packet_str(r) reactor.stop()
class RadiusClient(protocol.DatagramProtocol): def __init__(self, secret, dictionary, server, authport=1812, acctport=1813, debug=False): self.dict = dictionary self.secret = six.b(secret) self.server = server self.authport = authport self.acctport = acctport self.debug = debug reactor.listenUDP(0, self) def close(self): if self.transport is not None: self.transport.stopListening() self.transport = None def onError(self, err): log.err('Packet process error:%s' % str(err)) reactor.callLater(0.01, self.close,) return err def onResult(self, resp): reactor.callLater(0.01, self.close,) return resp def onTimeout(self): if not self.deferrd.called: defer.timeout(self.deferrd) def sendAuth(self, **kwargs): timeout_sec = kwargs.pop('timeout',10) User_Password = kwargs.pop("User-Password",None) CHAP_Password = kwargs.pop("CHAP-Password",None) CHAP_Password_Plaintext = kwargs.pop("CHAP-Password-Plaintext",None) CHAP_Challenge = kwargs.get("CHAP-Challenge") request = message.AuthMessage(dict=self.dict, secret=self.secret, **kwargs) if User_Password: request['User-Password'] = request.PwCrypt(User_Password) if CHAP_Password: if CHAP_Challenge: request['CHAP-Challenge'] = CHAP_Challenge request['CHAP-Password'] = CHAP_Password if CHAP_Password_Plaintext: request['CHAP-Password'] = request.ChapEcrypt(CHAP_Password_Plaintext) if self.debug: log.msg("Send radius Auth Request to (%s:%s): %s" % (self.server, self.authport, request.format_str())) self.transport.write(request.RequestPacket(), (self.server, self.authport)) self.deferrd = defer.Deferred() self.deferrd.addCallbacks(self.onResult,self.onError) reactor.callLater(timeout_sec, self.onTimeout,) return self.deferrd def sendAcct(self, **kwargs): timeout_sec = kwargs.pop('timeout',10) request = message.AcctMessage(dict=self.dict, secret=self.secret, **kwargs) if self.debug: log.msg("Send radius Acct Request to (%s:%s): %s" % (self.server, self.acctport, request.format_str())) self.transport.write(request.RequestPacket(), (self.server, self.acctport)) self.deferrd = defer.Deferred() self.deferrd.addCallbacks(self.onResult,self.onError) reactor.callLater(timeout_sec, self.onTimeout,) return self.deferrd def datagramReceived(self, datagram, (host, port)): try: response = packet.Packet(packet=datagram,dict=self.dict, secret=self.secret) if self.debug: log.msg("Received Radius Response from %s: %s" % ((host, port), message.format_packet_str(response))) self.deferrd.callback(response) except Exception as err: log.err('Invalid Response packet from %s: %s' % ((host, port), str(err))) self.deferrd.errback(err)