def init_db_engine(self): if not self.db_engine: self.db_engine = get_engine(self.config) self.store = Store(self.config,self.db_engine)
def init_db_engine(self): if not self.db_engine: self.db_engine = get_engine(self.config) self.store = Store(self.config, self.db_engine, syslog=self.syslog)
class RadiusServer(object): def __init__(self,config,db_engine=None,daemon=False): self.config = config self.db_engine = db_engine self.daemon = daemon self.tasks = {} self.init_config() self.init_timezone() self.init_db_engine() self.init_protocol() self.init_task() def _check_ssl_config(self): self.use_ssl = False self.privatekey = None self.certificate = None if self.config.has_option('DEFAULT','ssl') and self.config.getboolean('DEFAULT','ssl'): self.privatekey = self.config.get('DEFAULT','privatekey') self.certificate = self.config.get('DEFAULT','certificate') if os.path.exists(self.privatekey) and os.path.exists(self.certificate): self.use_ssl = True def init_config(self): self.logfile = self.config.get('radiusd','logfile') self.standalone = self.config.has_option('DEFAULT','standalone') and \ self.config.getboolean('DEFAULT','standalone') or False self.secret = self.config.get('DEFAULT','secret') self.timezone = self.config.has_option('DEFAULT','tz') and self.config.get('DEFAULT','tz') or "CST-8" self.debug = self.config.getboolean('DEFAULT','debug') self.authport = self.config.getint('radiusd','authport') self.acctport = self.config.getint('radiusd','acctport') self.adminport = self.config.getint('radiusd','adminport') self.radiusd_host = self.config.has_option('radiusd','host') \ and self.config.get('radiusd','host') or '0.0.0.0' #parse dictfile self.dictfile = os.path.join(os.path.split(__file__)[0],'dicts/dictionary') if self.config.has_option('radiusd','dictfile'): if os.path.exists(self.config.get('radiusd','dictfile')): self.dictfile = self.config.get('radiusd','dictfile') # update aescipher utils.aescipher.setup(self.secret) self.encrypt = utils.aescipher.encrypt self.decrypt = utils.aescipher.decrypt #parse ssl self._check_ssl_config() def init_timezone(self): try: os.environ["TZ"] = self.timezone time.tzset() except:pass def init_db_engine(self): if not self.db_engine: self.db_engine = get_engine(self.config) self.store = Store(self.config,self.db_engine) def init_protocol(self): # rundata self.trace = utils.UserTrace() self.runstat = utils.RunStat() self.midware = middleware.Middleware() # init coa clients self.coa_clients = {} for bas in self.store.list_bas(): self.coa_clients[bas['ip_addr']] = CoAClient( bas, dictionary.Dictionary(self.dictfile), debug=self.debug ) self.auth_protocol = RADIUSAccess(self) self.acct_protocol = RADIUSAccounting(self) ws_url = "ws://%s:%s"%(self.radiusd_host,self.adminport) if self.use_ssl: ws_url = "wss://%s:%s"%(self.radiusd_host,self.adminport) self.admin_factory = WebSocketServerFactory(ws_url, debug = False) self.admin_factory.protocol = AdminServerProtocol self.admin_factory.setProtocolOptions(allowHixie76=True) self.admin_factory.protocol.radiusd = self def _check_online_over(self): reactor.callInThread(self.store.check_online_over) def init_task(self): _task = task.LoopingCall(self.auth_protocol.process_delay) _task.start(2.7) _online_task = task.LoopingCall(self._check_online_over) _online_task.start(3600*4) _msg_stat_task = task.LoopingCall(self.runstat.run_stat) _msg_stat_task.start(60) self.tasks['process_delay'] = _task self.tasks['check_online_over'] = _online_task def run_normal(self): if self.debug: log.startLogging(sys.stdout) else: log.startLogging(DailyLogFile.fromFullPath(self.logfile)) log.msg('server listen %s'%self.radiusd_host) reactor.listenUDP(self.authport, self.auth_protocol,interface=self.radiusd_host) reactor.listenUDP(self.acctport, self.acct_protocol,interface=self.radiusd_host) if self.use_ssl: log.msg('WS SSL Enable!') from twisted.internet import ssl sslContext = ssl.DefaultOpenSSLContextFactory(self.privatekey, self.certificate) reactor.listenSSL( self.adminport, self.admin_factory, contextFactory = sslContext, interface=self.radiusd_host ) else: reactor.listenTCP(self.adminport, self.admin_factory,interface=self.radiusd_host) if not self.standalone: reactor.run() def get_coa_client(self,nasaddr): cli = self.coa_clients.get(nasaddr) if not cli: bas = self.store.get_bas(nasaddr) if bas: cli = CoAClient( bas, dictionary.Dictionary(self.dictfile), debug=self.debug ) self.coa_clients[nasaddr] = cli return cli def get_service(self): from twisted.application import service, internet top_service = service.MultiService() internet.UDPServer( self.authport,self.auth_protocol,interface=self.radiusd_host ).setServiceParent(top_service) internet.UDPServer( self.acctport, self.acct_protocol,interface=self.radiusd_host ).setServiceParent(top_service) if self.use_ssl: log.msg('WS SSL Enable!') from twisted.internet import ssl sslContext = ssl.DefaultOpenSSLContextFactory(self.privatekey, self.certificate) internet.SSLServer( self.adminport, self.admin_factory, contextFactory = sslContext, interface=self.radiusd_host ).setServiceParent(top_service) else: log.msg('WS SSL Disable!') internet.TCPServer( self.adminport, self.admin_factory, interface=self.radiusd_host ).setServiceParent(top_service) return top_service
class RadiusServer(object): def __init__(self, config, db_engine=None, daemon=False): self.config = config self.syslog = logger.SysLogger(config) self.db_engine = db_engine self.daemon = daemon self.tasks = {} self.init_config() self.init_timezone() self.init_db_engine() self.init_protocol() self.init_task() def _check_ssl_config(self): self.use_ssl = False self.privatekey = None self.certificate = None if self.config.has_option('DEFAULT', 'ssl') and self.config.getboolean( 'DEFAULT', 'ssl'): self.privatekey = self.config.get('DEFAULT', 'privatekey') self.certificate = self.config.get('DEFAULT', 'certificate') if os.path.exists(self.privatekey) and os.path.exists( self.certificate): self.use_ssl = True def init_config(self): self.logfile = self.config.get('radiusd', 'logfile') self.standalone = self.config.has_option('DEFAULT','standalone') and \ self.config.getboolean('DEFAULT','standalone') or False self.secret = self.config.get('DEFAULT', 'secret') self.timezone = self.config.has_option( 'DEFAULT', 'tz') and self.config.get('DEFAULT', 'tz') or "CST-8" self.debug = self.config.getboolean('DEFAULT', 'debug') self.authport = self.config.getint('radiusd', 'authport') self.acctport = self.config.getint('radiusd', 'acctport') self.adminport = self.config.getint('radiusd', 'adminport') self.radiusd_host = self.config.has_option('radiusd','host') \ and self.config.get('radiusd','host') or '0.0.0.0' #parse dictfile self.dictfile = os.path.join( os.path.split(__file__)[0], 'dicts/dictionary') if self.config.has_option('radiusd', 'dictfile'): if os.path.exists(self.config.get('radiusd', 'dictfile')): self.dictfile = self.config.get('radiusd', 'dictfile') # update aescipher utils.aescipher.setup(self.secret) self.encrypt = utils.aescipher.encrypt self.decrypt = utils.aescipher.decrypt #parse ssl self._check_ssl_config() def init_timezone(self): try: os.environ["TZ"] = self.timezone time.tzset() except: pass def init_db_engine(self): if not self.db_engine: self.db_engine = get_engine(self.config) self.store = Store(self.config, self.db_engine, syslog=self.syslog) def reload_coa_clients(self): for bas in self.store.list_bas(): if bas['ip_addr'] in self.coa_clients: self.coa_clients[bas['ip_addr']].close() self.coa_clients[bas['ip_addr']] = CoAClient(bas, dictionary.Dictionary( self.dictfile), debug=self.debug) def init_protocol(self): # rundata self.trace = utils.UserTrace() self.runstat = utils.RunStat() self.midware = middleware.Middleware() # init coa clients self.coa_clients = {} for bas in self.store.list_bas(): self.coa_clients[bas['ip_addr']] = CoAClient(bas, dictionary.Dictionary( self.dictfile), debug=self.debug) self.auth_protocol = RADIUSAccess(self) self.acct_protocol = RADIUSAccounting(self) ws_url = "ws://%s:%s" % (self.radiusd_host, self.adminport) if self.use_ssl: ws_url = "wss://%s:%s" % (self.radiusd_host, self.adminport) self.admin_factory = WebSocketServerFactory(ws_url, debug=False) self.admin_factory.protocol = AdminServerProtocol self.admin_factory.setProtocolOptions(allowHixie76=True) self.admin_factory.protocol.radiusd = self self.admin_factory.protocol.syslog = self.syslog def _check_online_over(self): reactor.callInThread(self.store.check_online_over) def init_task(self): _task = task.LoopingCall(self.auth_protocol.process_delay) _task.start(2.7) _online_task = task.LoopingCall(self._check_online_over) _online_task.start(3600 * 4) _msg_stat_task = task.LoopingCall(self.runstat.run_stat) _msg_stat_task.start(60) self.tasks['process_delay'] = _task self.tasks['check_online_over'] = _online_task def run_normal(self): log.startLogging(sys.stdout) log.msg('server listen %s' % self.radiusd_host) reactor.listenUDP(self.authport, self.auth_protocol, interface=self.radiusd_host) reactor.listenUDP(self.acctport, self.acct_protocol, interface=self.radiusd_host) if self.use_ssl: log.msg('WS SSL Enable!') from twisted.internet import ssl sslContext = ssl.DefaultOpenSSLContextFactory( self.privatekey, self.certificate) reactor.listenSSL(self.adminport, self.admin_factory, contextFactory=sslContext, interface=self.radiusd_host) else: reactor.listenTCP(self.adminport, self.admin_factory, interface=self.radiusd_host) if not self.standalone: reactor.run() def get_coa_client(self, nasaddr): cli = self.coa_clients.get(nasaddr) if not cli: bas = self.store.get_bas(nasaddr) if bas: cli = CoAClient(bas, dictionary.Dictionary(self.dictfile), debug=self.debug) self.coa_clients[nasaddr] = cli return cli def get_service(self): from twisted.application import service, internet top_service = service.MultiService() internet.UDPServer( self.authport, self.auth_protocol, interface=self.radiusd_host).setServiceParent(top_service) internet.UDPServer( self.acctport, self.acct_protocol, interface=self.radiusd_host).setServiceParent(top_service) if self.use_ssl: log.msg('WS SSL Enable!') from twisted.internet import ssl sslContext = ssl.DefaultOpenSSLContextFactory( self.privatekey, self.certificate) internet.SSLServer( self.adminport, self.admin_factory, contextFactory=sslContext, interface=self.radiusd_host).setServiceParent(top_service) else: log.msg('WS SSL Disable!') internet.TCPServer( self.adminport, self.admin_factory, interface=self.radiusd_host).setServiceParent(top_service) return top_service