From 587b76d930847381b65bed534d58b2b425830f09 Mon Sep 17 00:00:00 2001
From: Gabriel Detraz <detraz@crans.org>
Date: Sun, 13 Sep 2015 13:59:33 +0200
Subject: [PATCH] =?UTF-8?q?Aiguillage=20entre=20site=20nas,=20filaire=20et?=
 =?UTF-8?q?=20wifi=20effectu=C3=A9=20dans=20le=20auth.py=20=C3=A0=20pr?=
 =?UTF-8?q?=C3=A9sent=20(r=C3=A8gle=20le=20prb=20de=20segfault=20sous=20je?=
 =?UTF-8?q?ssie)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 freeradius/auth.py                | 23 ++++++++++++++++++-
 freeradius/rlm_python_unifie.conf | 38 +++++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 freeradius/rlm_python_unifie.conf

diff --git a/freeradius/auth.py b/freeradius/auth.py
index 4dc8bca4..cb81317d 100644
--- a/freeradius/auth.py
+++ b/freeradius/auth.py
@@ -274,6 +274,18 @@ def instantiate(*_):
     if TEST_SERVER:
         logger.info('DBG_FREERADIUS is enabled')
 
+@radius_event
+def authorize(data):
+    """Fonction qui aiguille entre nas, wifi et filaire pour authorize
+    On se contecte de faire une verification basique de ce que contien la requète
+    pour déterminer la fonction à utiliser"""
+    if data.get('NAS-Port-Type', '')==u'Ethernet':
+        return authorize_fil(data)
+    elif u"Wireless" in data.get('NAS-Port-Type', ''):
+        return authorize_wifi(data)
+    else:
+        return authorize_nas(data)
+
 @radius_event
 def authorize_wifi(data):
     """Section authorize pour le wifi
@@ -358,7 +370,7 @@ def authorize_fil(data):
     return (radiusd.RLM_MODULE_UPDATED,
 	(),
         (
-          ("Auth-Type", "crans_fil"),
+          ("Auth-Type", "Accept"),
         ),
       )
 
@@ -431,6 +443,15 @@ def authorize_nas(data, ldap):
           ("FreeRADIUS-Client-Virtual-Server", vserver),
         ),
       )
+
+@radius_event
+def post_auth(data):
+    # On cherche quel est le type de machine, et quel sites lui appliquer
+    if data.get('NAS-Port-Type', '')==u'Ethernet':
+       return post_auth_fil(data)
+    elif u"Wireless" in data.get('NAS-Port-Type', ''):
+       return post_auth_wifi(data)
+
 @radius_event
 def post_auth_wifi(data):
     """Appelé une fois que l'authentification est ok.
diff --git a/freeradius/rlm_python_unifie.conf b/freeradius/rlm_python_unifie.conf
new file mode 100644
index 00000000..a29667ed
--- /dev/null
+++ b/freeradius/rlm_python_unifie.conf
@@ -0,0 +1,38 @@
+# Configuration for the Python module.
+#
+#
+
+python crans_unifie {
+        mod_instantiate = freeradius.auth
+        func_instantiate = instantiate
+
+    # Pour le authorize, c'est auth.py qui fait le tri maintenant
+        mod_authorize = freeradius.auth
+        func_authorize = authorize
+
+    # Renseigne le vlan si necessaire
+    # remplacer par dummy_fun pour ignorer le tagging de vlan
+        mod_post_auth = freeradius.auth
+        func_post_auth = post_auth
+
+    # Que faire avant de quitter
+        mod_detach = freeradius.auth
+        func_detach = detach
+
+    # Le reste sert à rien
+        mod_accounting = freeradius.auth
+        func_accounting = dummy_fun
+
+        mod_pre_proxy = freeradius.auth
+        func_pre_proxy = dummy_fun
+
+        mod_post_proxy = freeradius.auth
+        func_post_proxy = dummy_fun
+
+        mod_recv_coa = freeradius.auth
+        func_recv_coa = dummy_fun
+
+        mod_send_coa = freeradius.auth
+        func_send_coa = dummy_fun
+}
+