8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-12-26 00:43:46 +00:00

Support de federez wifi

This commit is contained in:
root 2017-09-13 01:53:06 +00:00
parent 3bb0c917f3
commit 078cf40a82

View file

@ -149,8 +149,9 @@ def authorize(data):
mac = data.get('Calling-Station-Id', None) mac = data.get('Calling-Station-Id', None)
nas = data.get('NAS-IP-Address', data.get('NAS-Identifier', None)) nas = data.get('NAS-IP-Address', data.get('NAS-Identifier', None))
result, log, password = check_user_machine_and_register(nas, user, mac) result, log, password = check_user_machine_and_register(nas, user, mac)
if not result: if not result:
logger.info(log)
return radiusd.RLM_MODULE_REJECT return radiusd.RLM_MODULE_REJECT
else: else:
return (radiusd.RLM_MODULE_UPDATED, return (radiusd.RLM_MODULE_UPDATED,
@ -173,7 +174,7 @@ def post_auth(data):
port = data.get('NAS-Port-Id', data.get('NAS-Port', None)) port = data.get('NAS-Port-Id', data.get('NAS-Port', None))
nas = data.get('NAS-IP-Address', data.get('NAS-Identifier', None)) nas = data.get('NAS-IP-Address', data.get('NAS-Identifier', None))
nas_instance = find_nas_from_request(nas).first() nas_instance = find_nas_from_request(nas)
mac = data.get('Calling-Station-Id', None) mac = data.get('Calling-Station-Id', None)
# Si il s'agit d'un switch # Si il s'agit d'un switch
@ -197,7 +198,6 @@ def post_auth(data):
() ()
) )
# Il s'agit d'une borne WiFi
else: else:
return radiusd.RLM_MODULE_OK return radiusd.RLM_MODULE_OK
@ -212,22 +212,18 @@ def detach(_=None):
return radiusd.RLM_MODULE_OK return radiusd.RLM_MODULE_OK
def find_nas_from_request(nas_id): def find_nas_from_request(nas_id):
if not isinstance(nas_id, int): nas = Interface.objects.filter(Q(domain=Domain.objects.filter(name=nas_id)) | Q(ipv4=IpList.objects.filter(ipv4=nas_id)))
nas = Interface.objects.filter(domain=Domain.objects.filter(name=nas_id)) return nas.first()
else:
nas = Interface.objects.filter(ipv4=nas_id)
return nas
def check_user_machine_and_register(nas_id, username, mac_address): def check_user_machine_and_register(nas_id, username, mac_address):
""" Verifie le username et la mac renseignee. L'enregistre si elle est inconnue. """ Verifie le username et la mac renseignee. L'enregistre si elle est inconnue.
Renvoie le mot de passe ntlm de l'user si tout est ok Renvoie le mot de passe ntlm de l'user si tout est ok
Utilise pour les authentifications en 802.1X""" Utilise pour les authentifications en 802.1X"""
#nas = find_nas_from_request(nas_id).first() nas = find_nas_from_request(nas_id)
#if not nas:
# return (False, 'Nas inconnu %s ' % nas_id, '') if not nas and nas_id != '127.0.0.1':
return (False, 'Nas inconnu %s ' % nas_id, '')
#ipv4 = nas.ipv4
interface = Interface.objects.filter(mac_address=mac_address).first() interface = Interface.objects.filter(mac_address=mac_address).first()
user = User.objects.filter(pseudo=username).first() user = User.objects.filter(pseudo=username).first()
if not user: if not user:
@ -241,8 +237,9 @@ def check_user_machine_and_register(nas_id, username, mac_address):
return (False, u"Machine desactivée", '') return (False, u"Machine desactivée", '')
else: else:
return (True, "Access ok", user.pwd_ntlm) return (True, "Access ok", user.pwd_ntlm)
elif MAC_AUTOCAPTURE: elif MAC_AUTOCAPTURE and nas_id!='127.0.0.1':
result, reason = user.autoregister_machine(mac_address, ipv4.first()) ipv4 = nas.ipv4
result, reason = user.autoregister_machine(mac_address, ipv4)
if result: if result:
return (True, 'Access Ok, Capture de la mac...', user.pwd_ntlm) return (True, 'Access Ok, Capture de la mac...', user.pwd_ntlm)
else: else:
@ -251,8 +248,6 @@ def check_user_machine_and_register(nas_id, username, mac_address):
return (False, "Machine inconnue", '') return (False, "Machine inconnue", '')
def decide_vlan_and_register_switch(nas, port_number, mac_address): def decide_vlan_and_register_switch(nas, port_number, mac_address):
# Get port from switch and port number # Get port from switch and port number
if not nas: if not nas: