Exemplo n.º 1
0
 def init_db_engine(self):
     if not self.db_engine:
         self.db_engine = get_engine(self.config)
     self.store = Store(self.config,self.db_engine)
Exemplo n.º 2
0
 def init_db_engine(self):
     if not self.db_engine:
         self.db_engine = get_engine(self.config)
     self.store = Store(self.config, self.db_engine, syslog=self.syslog)
Exemplo n.º 3
0
class RadiusServer(object):
    
    def __init__(self,config,db_engine=None,daemon=False):
        self.config = config
        self.db_engine = db_engine
        self.daemon = daemon
        self.tasks = {}
        self.init_config()
        self.init_timezone()
        self.init_db_engine()
        self.init_protocol()
        self.init_task()
        
    def _check_ssl_config(self):
        self.use_ssl = False
        self.privatekey = None
        self.certificate = None
        if self.config.has_option('DEFAULT','ssl') and self.config.getboolean('DEFAULT','ssl'):
            self.privatekey = self.config.get('DEFAULT','privatekey')
            self.certificate = self.config.get('DEFAULT','certificate')
            if os.path.exists(self.privatekey) and os.path.exists(self.certificate):
                self.use_ssl = True
        
    def init_config(self):
        self.logfile = self.config.get('radiusd','logfile')
        self.standalone = self.config.has_option('DEFAULT','standalone') and \
            self.config.getboolean('DEFAULT','standalone') or False
        self.secret = self.config.get('DEFAULT','secret')
        self.timezone = self.config.has_option('DEFAULT','tz') and self.config.get('DEFAULT','tz') or "CST-8"
        self.debug = self.config.getboolean('DEFAULT','debug')
        self.authport = self.config.getint('radiusd','authport')
        self.acctport = self.config.getint('radiusd','acctport')
        self.adminport = self.config.getint('radiusd','adminport')
        self.radiusd_host = self.config.has_option('radiusd','host') \
            and self.config.get('radiusd','host') or  '0.0.0.0'
        #parse dictfile
        self.dictfile = os.path.join(os.path.split(__file__)[0],'dicts/dictionary')
        if self.config.has_option('radiusd','dictfile'):
            if os.path.exists(self.config.get('radiusd','dictfile')):
                self.dictfile = self.config.get('radiusd','dictfile')

        # update aescipher
        utils.aescipher.setup(self.secret)
        self.encrypt = utils.aescipher.encrypt
        self.decrypt = utils.aescipher.decrypt
        #parse ssl
        self._check_ssl_config()
        
    def init_timezone(self):
        try:
            os.environ["TZ"] = self.timezone
            time.tzset()
        except:pass
    
    def init_db_engine(self):
        if not self.db_engine:
            self.db_engine = get_engine(self.config)
        self.store = Store(self.config,self.db_engine)
        
    def init_protocol(self):
        # rundata
        self.trace = utils.UserTrace()
        self.runstat = utils.RunStat()
        self.midware = middleware.Middleware()
        # init coa clients
        self.coa_clients = {}
        for bas in self.store.list_bas():
            self.coa_clients[bas['ip_addr']] = CoAClient(
                bas,
                dictionary.Dictionary(self.dictfile),
                debug=self.debug
            )
        self.auth_protocol = RADIUSAccess(self)
        self.acct_protocol = RADIUSAccounting(self)
        
        ws_url = "ws://%s:%s"%(self.radiusd_host,self.adminport)
        if self.use_ssl:
            ws_url = "wss://%s:%s"%(self.radiusd_host,self.adminport)

        self.admin_factory = WebSocketServerFactory(ws_url, debug = False)
        self.admin_factory.protocol = AdminServerProtocol
        self.admin_factory.setProtocolOptions(allowHixie76=True)
        self.admin_factory.protocol.radiusd = self
        
    def _check_online_over(self):
        reactor.callInThread(self.store.check_online_over)

    def init_task(self):
        _task = task.LoopingCall(self.auth_protocol.process_delay)
        _task.start(2.7)
        _online_task = task.LoopingCall(self._check_online_over)
        _online_task.start(3600*4)
        _msg_stat_task = task.LoopingCall(self.runstat.run_stat)
        _msg_stat_task.start(60)
        self.tasks['process_delay'] = _task
        self.tasks['check_online_over'] = _online_task
        
    def run_normal(self):
        if self.debug:
            log.startLogging(sys.stdout)
        else:
            log.startLogging(DailyLogFile.fromFullPath(self.logfile))
        log.msg('server listen %s'%self.radiusd_host)  
        reactor.listenUDP(self.authport, self.auth_protocol,interface=self.radiusd_host)
        reactor.listenUDP(self.acctport, self.acct_protocol,interface=self.radiusd_host)
        if self.use_ssl:
            log.msg('WS SSL Enable!')
            from twisted.internet import ssl
            sslContext = ssl.DefaultOpenSSLContextFactory(self.privatekey, self.certificate)
            reactor.listenSSL(
                self.adminport,
                self.admin_factory,
                contextFactory = sslContext,
                interface=self.radiusd_host
            )
        else:
            reactor.listenTCP(self.adminport, self.admin_factory,interface=self.radiusd_host)
        if not self.standalone:
            reactor.run()

    def get_coa_client(self,nasaddr):
        cli = self.coa_clients.get(nasaddr)
        if not cli:
            bas = self.store.get_bas(nasaddr)
            if bas:
                cli = CoAClient(
                    bas,
                    dictionary.Dictionary(self.dictfile),
                    debug=self.debug
                )
                self.coa_clients[nasaddr] = cli
        return cli


    def get_service(self):
        from twisted.application import service, internet
        top_service = service.MultiService()
        
        internet.UDPServer(
            self.authport,self.auth_protocol,interface=self.radiusd_host
        ).setServiceParent(top_service)
        
        internet.UDPServer(
            self.acctport, self.acct_protocol,interface=self.radiusd_host
        ).setServiceParent(top_service)
        
        if self.use_ssl:
            log.msg('WS SSL Enable!')
            from twisted.internet import ssl
            sslContext = ssl.DefaultOpenSSLContextFactory(self.privatekey, self.certificate)
            internet.SSLServer(
                self.adminport,
                self.admin_factory,
                contextFactory = sslContext,
                interface=self.radiusd_host
            ).setServiceParent(top_service)
        else:
            log.msg('WS SSL Disable!')       
            internet.TCPServer(
                self.adminport,
                self.admin_factory,
                interface=self.radiusd_host
            ).setServiceParent(top_service)
        return top_service
Exemplo n.º 4
0
class RadiusServer(object):
    def __init__(self, config, db_engine=None, daemon=False):
        self.config = config
        self.syslog = logger.SysLogger(config)
        self.db_engine = db_engine
        self.daemon = daemon
        self.tasks = {}
        self.init_config()
        self.init_timezone()
        self.init_db_engine()
        self.init_protocol()
        self.init_task()

    def _check_ssl_config(self):
        self.use_ssl = False
        self.privatekey = None
        self.certificate = None
        if self.config.has_option('DEFAULT', 'ssl') and self.config.getboolean(
                'DEFAULT', 'ssl'):
            self.privatekey = self.config.get('DEFAULT', 'privatekey')
            self.certificate = self.config.get('DEFAULT', 'certificate')
            if os.path.exists(self.privatekey) and os.path.exists(
                    self.certificate):
                self.use_ssl = True

    def init_config(self):
        self.logfile = self.config.get('radiusd', 'logfile')
        self.standalone = self.config.has_option('DEFAULT','standalone') and \
            self.config.getboolean('DEFAULT','standalone') or False
        self.secret = self.config.get('DEFAULT', 'secret')
        self.timezone = self.config.has_option(
            'DEFAULT', 'tz') and self.config.get('DEFAULT', 'tz') or "CST-8"
        self.debug = self.config.getboolean('DEFAULT', 'debug')
        self.authport = self.config.getint('radiusd', 'authport')
        self.acctport = self.config.getint('radiusd', 'acctport')
        self.adminport = self.config.getint('radiusd', 'adminport')
        self.radiusd_host = self.config.has_option('radiusd','host') \
            and self.config.get('radiusd','host') or  '0.0.0.0'
        #parse dictfile
        self.dictfile = os.path.join(
            os.path.split(__file__)[0], 'dicts/dictionary')
        if self.config.has_option('radiusd', 'dictfile'):
            if os.path.exists(self.config.get('radiusd', 'dictfile')):
                self.dictfile = self.config.get('radiusd', 'dictfile')

        # update aescipher
        utils.aescipher.setup(self.secret)
        self.encrypt = utils.aescipher.encrypt
        self.decrypt = utils.aescipher.decrypt
        #parse ssl
        self._check_ssl_config()

    def init_timezone(self):
        try:
            os.environ["TZ"] = self.timezone
            time.tzset()
        except:
            pass

    def init_db_engine(self):
        if not self.db_engine:
            self.db_engine = get_engine(self.config)
        self.store = Store(self.config, self.db_engine, syslog=self.syslog)

    def reload_coa_clients(self):
        for bas in self.store.list_bas():

            if bas['ip_addr'] in self.coa_clients:
                self.coa_clients[bas['ip_addr']].close()

            self.coa_clients[bas['ip_addr']] = CoAClient(bas,
                                                         dictionary.Dictionary(
                                                             self.dictfile),
                                                         debug=self.debug)

    def init_protocol(self):
        # rundata
        self.trace = utils.UserTrace()
        self.runstat = utils.RunStat()
        self.midware = middleware.Middleware()
        # init coa clients
        self.coa_clients = {}
        for bas in self.store.list_bas():
            self.coa_clients[bas['ip_addr']] = CoAClient(bas,
                                                         dictionary.Dictionary(
                                                             self.dictfile),
                                                         debug=self.debug)
        self.auth_protocol = RADIUSAccess(self)
        self.acct_protocol = RADIUSAccounting(self)

        ws_url = "ws://%s:%s" % (self.radiusd_host, self.adminport)
        if self.use_ssl:
            ws_url = "wss://%s:%s" % (self.radiusd_host, self.adminport)

        self.admin_factory = WebSocketServerFactory(ws_url, debug=False)
        self.admin_factory.protocol = AdminServerProtocol
        self.admin_factory.setProtocolOptions(allowHixie76=True)
        self.admin_factory.protocol.radiusd = self
        self.admin_factory.protocol.syslog = self.syslog

    def _check_online_over(self):
        reactor.callInThread(self.store.check_online_over)

    def init_task(self):
        _task = task.LoopingCall(self.auth_protocol.process_delay)
        _task.start(2.7)
        _online_task = task.LoopingCall(self._check_online_over)
        _online_task.start(3600 * 4)
        _msg_stat_task = task.LoopingCall(self.runstat.run_stat)
        _msg_stat_task.start(60)
        self.tasks['process_delay'] = _task
        self.tasks['check_online_over'] = _online_task

    def run_normal(self):
        log.startLogging(sys.stdout)
        log.msg('server listen %s' % self.radiusd_host)
        reactor.listenUDP(self.authport,
                          self.auth_protocol,
                          interface=self.radiusd_host)
        reactor.listenUDP(self.acctport,
                          self.acct_protocol,
                          interface=self.radiusd_host)
        if self.use_ssl:
            log.msg('WS SSL Enable!')
            from twisted.internet import ssl
            sslContext = ssl.DefaultOpenSSLContextFactory(
                self.privatekey, self.certificate)
            reactor.listenSSL(self.adminport,
                              self.admin_factory,
                              contextFactory=sslContext,
                              interface=self.radiusd_host)
        else:
            reactor.listenTCP(self.adminport,
                              self.admin_factory,
                              interface=self.radiusd_host)
        if not self.standalone:
            reactor.run()

    def get_coa_client(self, nasaddr):
        cli = self.coa_clients.get(nasaddr)
        if not cli:
            bas = self.store.get_bas(nasaddr)
            if bas:
                cli = CoAClient(bas,
                                dictionary.Dictionary(self.dictfile),
                                debug=self.debug)
                self.coa_clients[nasaddr] = cli
        return cli

    def get_service(self):
        from twisted.application import service, internet
        top_service = service.MultiService()

        internet.UDPServer(
            self.authport, self.auth_protocol,
            interface=self.radiusd_host).setServiceParent(top_service)

        internet.UDPServer(
            self.acctport, self.acct_protocol,
            interface=self.radiusd_host).setServiceParent(top_service)

        if self.use_ssl:
            log.msg('WS SSL Enable!')
            from twisted.internet import ssl
            sslContext = ssl.DefaultOpenSSLContextFactory(
                self.privatekey, self.certificate)
            internet.SSLServer(
                self.adminport,
                self.admin_factory,
                contextFactory=sslContext,
                interface=self.radiusd_host).setServiceParent(top_service)
        else:
            log.msg('WS SSL Disable!')
            internet.TCPServer(
                self.adminport,
                self.admin_factory,
                interface=self.radiusd_host).setServiceParent(top_service)
        return top_service