Aiguillage entre site nas, filaire et wifi effectué dans le auth.py à présent (règle le prb de segfault sous jessie)
This commit is contained in:
Gabriel Detraz
parent
4915d64e90
commit
587b76d930
2 changed files with 60 additions and 1 deletions
|
|
@ -274,6 +274,18 @@ def instantiate(*_):
|
|||
if TEST_SERVER:
|
||||
logger.info('DBG_FREERADIUS is enabled')
|
||||
|
||||
@radius_event
|
||||
def authorize(data):
|
||||
"""Fonction qui aiguille entre nas, wifi et filaire pour authorize
|
||||
On se contecte de faire une verification basique de ce que contien la requète
|
||||
pour déterminer la fonction à utiliser"""
|
||||
if data.get('NAS-Port-Type', '')==u'Ethernet':
|
||||
return authorize_fil(data)
|
||||
elif u"Wireless" in data.get('NAS-Port-Type', ''):
|
||||
return authorize_wifi(data)
|
||||
else:
|
||||
return authorize_nas(data)
|
||||
|
||||
@radius_event
|
||||
def authorize_wifi(data):
|
||||
"""Section authorize pour le wifi
|
||||
|
|
@ -358,7 +370,7 @@ def authorize_fil(data):
|
|||
return (radiusd.RLM_MODULE_UPDATED,
|
||||
(),
|
||||
(
|
||||
("Auth-Type", "crans_fil"),
|
||||
("Auth-Type", "Accept"),
|
||||
),
|
||||
)
|
||||
|
||||
|
|
@ -431,6 +443,15 @@ def authorize_nas(data, ldap):
|
|||
("FreeRADIUS-Client-Virtual-Server", vserver),
|
||||
),
|
||||
)
|
||||
|
||||
@radius_event
|
||||
def post_auth(data):
|
||||
# On cherche quel est le type de machine, et quel sites lui appliquer
|
||||
if data.get('NAS-Port-Type', '')==u'Ethernet':
|
||||
return post_auth_fil(data)
|
||||
elif u"Wireless" in data.get('NAS-Port-Type', ''):
|
||||
return post_auth_wifi(data)
|
||||
|
||||
@radius_event
|
||||
def post_auth_wifi(data):
|
||||
"""Appelé une fois que l'authentification est ok.
|
||||
|
|
|
|||
38
freeradius/rlm_python_unifie.conf
Normal file
38
freeradius/rlm_python_unifie.conf
Normal file
|
|
@ -0,0 +1,38 @@
|
|||
# Configuration for the Python module.
|
||||
#
|
||||
#
|
||||
|
||||
python crans_unifie {
|
||||
mod_instantiate = freeradius.auth
|
||||
func_instantiate = instantiate
|
||||
|
||||
# Pour le authorize, c'est auth.py qui fait le tri maintenant
|
||||
mod_authorize = freeradius.auth
|
||||
func_authorize = authorize
|
||||
|
||||
# Renseigne le vlan si necessaire
|
||||
# remplacer par dummy_fun pour ignorer le tagging de vlan
|
||||
mod_post_auth = freeradius.auth
|
||||
func_post_auth = post_auth
|
||||
|
||||
# Que faire avant de quitter
|
||||
mod_detach = freeradius.auth
|
||||
func_detach = detach
|
||||
|
||||
# Le reste sert à rien
|
||||
mod_accounting = freeradius.auth
|
||||
func_accounting = dummy_fun
|
||||
|
||||
mod_pre_proxy = freeradius.auth
|
||||
func_pre_proxy = dummy_fun
|
||||
|
||||
mod_post_proxy = freeradius.auth
|
||||
func_post_proxy = dummy_fun
|
||||
|
||||
mod_recv_coa = freeradius.auth
|
||||
func_recv_coa = dummy_fun
|
||||
|
||||
mod_send_coa = freeradius.auth
|
||||
func_send_coa = dummy_fun
|
||||
}
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue