freeradius/auth.py: enregistrement IP 1er conn
Lorsque la mac est en <automatique>, si l'IP est également absente, assigne une nouvelle IP.
This commit is contained in:
Daniel STAN
parent
0706c41119
commit
275934c23c
1 changed files with 32 additions and 8 deletions
|
|
@ -179,9 +179,31 @@ def get_prise_chbre(data):
|
||||||
return prise, chbre
|
return prise, chbre
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
def realm_of_machine(machine):
|
||||||
|
"""Renvoie le `realm` d'une machine. Don't ask"""
|
||||||
|
if isinstance(machine, lc_ldap.objets.machineFixe):
|
||||||
|
return 'fil'
|
||||||
|
elif isinstance(machine, lc_ldap.objets.machineWifi):
|
||||||
|
return 'wifi-adh'
|
||||||
|
else:
|
||||||
|
raise NotImplementedError('Only fil and wifi realm supported')
|
||||||
|
|
||||||
|
def get_fresh_rid(machine):
|
||||||
|
"""Génère un rid tout frais pour la machine. Fonction kludge"""
|
||||||
|
lockId = machine.conn.lockholder.newid()
|
||||||
|
realm = realm_of_machine(machine)
|
||||||
|
try:
|
||||||
|
return machine.conn._find_id('rid', realm, lockId)
|
||||||
|
finally:
|
||||||
|
machine.conn.lockholder.purge(lockId)
|
||||||
|
|
||||||
@use_ldap_admin
|
@use_ldap_admin
|
||||||
def register_mac(data, machine, conn):
|
def register_mac(data, machine, conn):
|
||||||
"""Enregistre la mac actuelle sur une machine donnée."""
|
"""Enregistre la mac actuelle sur une machine donnée."""
|
||||||
|
# TODO lc_ldap devrait posséder une fonction pour passer en rw depuis un ro
|
||||||
|
if 'w' not in machine.mode:
|
||||||
|
machine = conn.search(dn=machine.dn, scope=ldap.SCOPE_BASE, mode='rw')[0]
|
||||||
|
|
||||||
mac = data.get('Calling-Station-Id', None)
|
mac = data.get('Calling-Station-Id', None)
|
||||||
if mac is None:
|
if mac is None:
|
||||||
radiusd.radlog(radiusd.L_ERR, 'Cannot find MAC')
|
radiusd.radlog(radiusd.L_ERR, 'Cannot find MAC')
|
||||||
|
|
@ -193,18 +215,20 @@ def register_mac(data, machine, conn):
|
||||||
radiusd.radlog(radiusd.L_ERR, 'Cannot format MAC !')
|
radiusd.radlog(radiusd.L_ERR, 'Cannot format MAC !')
|
||||||
return
|
return
|
||||||
|
|
||||||
# TODO lc_ldap devrait posséder une fonction pour passer en rw depuis un ro
|
|
||||||
machine = conn.search(dn=machine.dn, scope=ldap.SCOPE_BASE, mode='rw')[0]
|
|
||||||
with machine:
|
with machine:
|
||||||
radiusd.radlog(radiusd.L_INFO, 'Registering mac %s' % mac)
|
logger.info('Registering mac %s' % mac)
|
||||||
machine['macAddress'] = mac
|
machine['macAddress'] = mac
|
||||||
machine.history_add(u'auth.py', u'macAddress (<automatique> -> %s)' % mac)
|
if not machine.get('rid', None):
|
||||||
|
logger.info('Registering rid')
|
||||||
|
machine['rid'] = get_fresh_rid(machine)
|
||||||
|
machine['ipHostNumber'] = u'<automatique>'
|
||||||
machine.validate_changes()
|
machine.validate_changes()
|
||||||
|
machine.history_gen()
|
||||||
machine.save()
|
machine.save()
|
||||||
radiusd.radlog(radiusd.L_INFO, 'Mac set')
|
# This part is pure kludge
|
||||||
radiusd.radlog(radiusd.L_INFO, 'Triggering komaz')
|
logger.info('...Success. Now triggering firewall')
|
||||||
trigger_generate('odlyd')
|
trigger_generate('odlyd')
|
||||||
radiusd.radlog(radiusd.L_INFO, 'done ! (triggered komaz)')
|
logger.info('done ! (triggered firewall)')
|
||||||
|
|
||||||
@radius_event
|
@radius_event
|
||||||
@use_ldap_admin
|
@use_ldap_admin
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue