remove radius_client.py, move contents to radius_util.py

2025-02-25 18:55:28 -06:00 · 2007-11-26 11:12:58 -05:00
parent 2c2069d3ec
commit 4f33d67418
7 changed files with 155 additions and 178 deletions
--- a/ipa-admintools/ipa-addradiusclient
+++ b/ipa-admintools/ipa-addradiusclient
@@ -23,7 +23,6 @@ import os
 from optparse import OptionParser
 import copy
 from ipa.radius_client import *
 import ipa.ipaclient as ipaclient
 import ipa.ipautil as ipautil
 import ipa.config
@@ -121,7 +120,7 @@ def main():
                pass
        c = ipautil.AttributeValueCompleter(radius_attrs, pairs)
        c.open()
-        av = c.get_pairs("Enter: ", interactive_mandatory_attrs, validate)
+        av = c.get_pairs("Enter: ", interactive_mandatory_attrs, radius_util.validate)
        pairs.update(av)
        c.close()
@@ -156,7 +155,7 @@ def main():
    # Makse sure each value is valid
    valid = True
    for attr,value in pairs.items():
-        if not validate(attr, value):
+        if not radius_util.validate(attr, value):
            valid = False
    if not valid:
        return 1
@@ -167,7 +166,7 @@ def main():
        for attr,value in pairs.items():
            print "\t%s = %s" % (attr, value)
-    radius_client = ipa.radius_client.RadiusClient()
+    radius_client = radius_util.RadiusClient()
    for attr,value in pairs.items():
        radius_client.setValue(radius_util.radius_client_attr_to_ldap_attr[attr], value)
--- a/ipa-admintools/ipa-delradiusclient
+++ b/ipa-admintools/ipa-delradiusclient
@@ -22,7 +22,6 @@ import os
 import sys
 from optparse import OptionParser
 import ipa
 from ipa.radius_client import *
 import ipa.ipaclient as ipaclient
 import ipa.ipavalidate as ipavalidate
 import ipa.config
--- a/ipa-admintools/ipa-findradiusclient
+++ b/ipa-admintools/ipa-findradiusclient
@@ -22,7 +22,6 @@ import os
 import sys
 from optparse import OptionParser
 import ipa
 from ipa.radius_client import *
 from ipa import radius_util
 import ipa.ipaclient as ipaclient
 import ipa.ipavalidate as ipavalidate
--- a/ipa-admintools/ipa-radiusclientmod
+++ b/ipa-admintools/ipa-radiusclientmod
@@ -23,7 +23,6 @@ import os
 from optparse import OptionParser
 import copy
 from ipa.radius_client import *
 import ipa.ipaclient as ipaclient
 import ipa.ipautil as ipautil
 import ipa.config
@@ -90,7 +89,7 @@ def main():
    pairs['Client-IP-Address'] = ip_addr
    # Verify client previously exists and get current values
-    radius_client = ipa.radius_client.RadiusClient()
+    radius_client = radius_util.RadiusClient()
    ipa_client = ipaclient.IPAClient()
    try:
        radius_client = ipa_client.get_radius_client_by_ip_addr(ip_addr)
@@ -141,7 +140,7 @@ def main():
                pass
        c = ipautil.AttributeValueCompleter(radius_attrs, pairs)
        c.open()
-        av = c.get_pairs("Enter: ", interactive_mandatory_attrs, validate)
+        av = c.get_pairs("Enter: ", interactive_mandatory_attrs, radius_util.validate)
        pairs.update(av)
        c.close()
@@ -176,7 +175,7 @@ def main():
    # Makse sure each value is valid
    valid = True
    for attr,value in pairs.items():
-        if not validate(attr, value):
+        if not radius_util.validate(attr, value):
            valid = False
    if not valid:
        return 1
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -27,7 +27,7 @@ import user
 import group
 import ipa
 import config
-import radius_client
+import radius_util
 class IPAClient:
@@ -336,7 +336,7 @@ class IPAClient:
 # radius support
    def get_radius_client_by_ip_addr(self, ip_addr, container=None, sattrs=None):
        result = self.transport.get_radius_client_by_ip_addr(ip_addr, container, sattrs)
-        return radius_client.RadiusClient(result)
+        return radius_util.RadiusClient(result)
    def add_radius_client(self,client, container=None):
        client_dict = client.toDict()
--- a/ipa-python/radius_client.py
+++ b/ipa-python/radius_client.py
@@ -1,165 +0,0 @@
 # Authors: John Dennis <jdennis@redhat.com>
 #
 # Copyright (C) 2007  Red Hat
 # see file 'COPYING' for use and warranty information
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
 # published by the Free Software Foundation; version 2 only
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 #
 import getpass
 import re
 from ipa.entity import Entity
 import ipa.ipavalidate as ipavalidate
 __all__ = ['RadiusClient',
           'get_secret',
           'validate_ip_addr',
           'validate_secret',
           'validate_name',
           'validate_nastype',
           'validate_desc',
           'validate',
           ]
 #------------------------------------------------------------------------------
 dotted_octet_re = re.compile(r"^(\d+)\.(\d+)\.(\d+)\.(\d+)(/(\d+))?$")
 dns_re = re.compile(r"^[a-zA-Z][a-zA-Z0-9.-]+$")
 # secret, name, nastype all have 31 char max in freeRADIUS, max ip address len is 255
 valid_secret_len = (1,31)
 valid_name_len = (1,31)
 valid_nastype_len = (1,31)
 valid_ip_addr_len = (1,255)
 valid_ip_addr_msg = '''\
 IP address must be either a DNS name (letters,digits,dot,hyphen, beginning with
 a letter),or a dotted octet followed by an optional mask (e.g 192.168.1.0/24)'''
 valid_desc_msg = "Description must text string"
 #------------------------------------------------------------------------------
 class RadiusClient(Entity):
    def __init2__(self):
        pass
 #------------------------------------------------------------------------------
 def get_secret():
    valid = False
    while (not valid):
        secret = getpass.getpass("Enter Secret: ")
        confirm = getpass.getpass("Confirm Secret: ")
        if (secret != confirm):
            print "Secrets do not match"
            continue
        valid = True
    return secret
 #------------------------------------------------------------------------------
 def valid_ip_addr(text):
    # is it a dotted octet? If so there should be 4 integers seperated
    # by a dot and each integer should be between 0 and 255
    # there may be an optional mask preceded by a slash (e.g. 1.2.3.4/24)
    match = dotted_octet_re.search(text)
    if match:
        # dotted octet notation
        i = 1
        while i <= 4:
            octet = int(match.group(i))
            if octet > 255: return False
            i += 1
        if match.group(5):
            mask = int(match.group(6))
            if mask <= 32:
                return True
            else:
                return False
        return True
    else:
        # DNS name, can contain letters, numbers, dot and hypen, must start with a letter
        if dns_re.search(text): return True
    return False
 def validate_length(value, limits):
    length = len(value)
    if length < limits[0] or length > limits[1]:
        return False
    return True
 def valid_length_msg(name, limits):
    return "%s length must be at least %d and not more than %d" % (name, limits[0], limits[1])
 def err_msg(variable, variable_name=None):
    if variable_name is None: variable_name = 'value'
    print "ERROR: %s = %s" % (variable_name, variable)
 #------------------------------------------------------------------------------
 def validate_ip_addr(ip_addr, variable_name=None):
    if not validate_length(ip_addr, valid_ip_addr_len):
        err_msg(ip_addr, variable_name)
        print valid_length_msg('ip address', valid_ip_addr_len)
        return False
    if not valid_ip_addr(ip_addr):
        err_msg(ip_addr, variable_name)
        print valid_ip_addr_msg
        return False
    return True
 def validate_secret(secret, variable_name=None):
    if not validate_length(secret, valid_secret_len):
        err_msg(secret, variable_name)
        print valid_length_msg('secret', valid_secret_len)
        return False
    return True
 def validate_name(name, variable_name=None):
    if not validate_length(name, valid_name_len):
        err_msg(name, variable_name)
        print valid_length_msg('name', valid_name_len)
        return False
    return True
 def validate_nastype(nastype, variable_name=None):
    if not validate_length(nastype, valid_nastype_len):
        err_msg(nastype, variable_name)
        print valid_length_msg('NAS Type', valid_nastype_len)
        return False
    return True
 def validate_desc(desc, variable_name=None):
    if ipavalidate.plain(desc, notEmpty=True) != 0:
        print valid_desc_msg
        return False
    return True
 def validate(attribute, value):
    if attribute == 'Client-IP-Address':
        return validate_ip_addr(value, attribute)
    if attribute == 'Secret':
        return validate_secret(value, attribute)
    if attribute == 'NAS-Type':
        return validate_nastype(value, attribute)
    if attribute == 'Name':
        return validate_name(value, attribute)
    if attribute == 'Description':
        return validate_desc(value, attribute)
    return True
--- a/ipa-python/radius_util.py
+++ b/ipa-python/radius_util.py
@@ -21,9 +21,12 @@ import sys
 import os
 import re
 import ldap
 import getpass
 import ldap.filter
 from ipa import ipautil
 from ipa.entity import Entity
 import ipa.ipavalidate as ipavalidate
 __all__ = [
@@ -37,6 +40,9 @@ __all__ = [
    'RADIUSD_CONF_TEMPLATE_FILEPATH',
    'RADIUSD',
    'RadiusClient',
    'RadiusProfile',
    'clients_container',
    'radius_clients_basedn',
    'radius_client_filter',
@@ -54,7 +60,15 @@ __all__ = [
    'radius_profile_attr_to_ldap_attr',
    'read_pairs_file',
-]
+
    'get_secret',
    'validate_ip_addr',
    'validate_secret',
    'validate_name',
    'validate_nastype',
    'validate_desc',
    'validate',
    ]
 #------------------------------------------------------------------------------
@@ -71,6 +85,35 @@ RADIUSD_CONF_TEMPLATE_FILEPATH = os.path.join(ipautil.SHARE_DIR,     'radius.rad
 RADIUSD = '/usr/sbin/radiusd'
 #------------------------------------------------------------------------------
 dotted_octet_re = re.compile(r"^(\d+)\.(\d+)\.(\d+)\.(\d+)(/(\d+))?$")
 dns_re = re.compile(r"^[a-zA-Z][a-zA-Z0-9.-]+$")
 # secret, name, nastype all have 31 char max in freeRADIUS, max ip address len is 255
 valid_secret_len = (1,31)
 valid_name_len = (1,31)
 valid_nastype_len = (1,31)
 valid_ip_addr_len = (1,255)
 valid_ip_addr_msg = '''\
 IP address must be either a DNS name (letters,digits,dot,hyphen, beginning with
 a letter),or a dotted octet followed by an optional mask (e.g 192.168.1.0/24)'''
 valid_desc_msg = "Description must text string"
 #------------------------------------------------------------------------------
 class RadiusClient(Entity):
    def __init2__(self):
        pass
 class RadiusProfile(Entity):
    def __init2__(self):
        pass
 #------------------------------------------------------------------------------
 def reverse_map_dict(src_dict):
@@ -232,3 +275,106 @@ def get_ldap_attr_translations():
    #for k,v in ldap_attr_to_radius_attr.items():
    #    print '%s --> %s' % (k,v)
 def get_secret():
    valid = False
    while (not valid):
        secret = getpass.getpass("Enter Secret: ")
        confirm = getpass.getpass("Confirm Secret: ")
        if (secret != confirm):
            print "Secrets do not match"
            continue
        valid = True
    return secret
 #------------------------------------------------------------------------------
 def valid_ip_addr(text):
    # is it a dotted octet? If so there should be 4 integers seperated
    # by a dot and each integer should be between 0 and 255
    # there may be an optional mask preceded by a slash (e.g. 1.2.3.4/24)
    match = dotted_octet_re.search(text)
    if match:
        # dotted octet notation
        i = 1
        while i <= 4:
            octet = int(match.group(i))
            if octet > 255: return False
            i += 1
        if match.group(5):
            mask = int(match.group(6))
            if mask <= 32:
                return True
            else:
                return False
        return True
    else:
        # DNS name, can contain letters, numbers, dot and hypen, must start with a letter
        if dns_re.search(text): return True
    return False
 def validate_length(value, limits):
    length = len(value)
    if length < limits[0] or length > limits[1]:
        return False
    return True
 def valid_length_msg(name, limits):
    return "%s length must be at least %d and not more than %d" % (name, limits[0], limits[1])
 def err_msg(variable, variable_name=None):
    if variable_name is None: variable_name = 'value'
    print "ERROR: %s = %s" % (variable_name, variable)
 #------------------------------------------------------------------------------
 def validate_ip_addr(ip_addr, variable_name=None):
    if not validate_length(ip_addr, valid_ip_addr_len):
        err_msg(ip_addr, variable_name)
        print valid_length_msg('ip address', valid_ip_addr_len)
        return False
    if not valid_ip_addr(ip_addr):
        err_msg(ip_addr, variable_name)
        print valid_ip_addr_msg
        return False
    return True
 def validate_secret(secret, variable_name=None):
    if not validate_length(secret, valid_secret_len):
        err_msg(secret, variable_name)
        print valid_length_msg('secret', valid_secret_len)
        return False
    return True
 def validate_name(name, variable_name=None):
    if not validate_length(name, valid_name_len):
        err_msg(name, variable_name)
        print valid_length_msg('name', valid_name_len)
        return False
    return True
 def validate_nastype(nastype, variable_name=None):
    if not validate_length(nastype, valid_nastype_len):
        err_msg(nastype, variable_name)
        print valid_length_msg('NAS Type', valid_nastype_len)
        return False
    return True
 def validate_desc(desc, variable_name=None):
    if ipavalidate.plain(desc, notEmpty=True) != 0:
        print valid_desc_msg
        return False
    return True
 def validate(attribute, value):
    if attribute == 'Client-IP-Address':
        return validate_ip_addr(value, attribute)
    if attribute == 'Secret':
        return validate_secret(value, attribute)
    if attribute == 'NAS-Type':
        return validate_nastype(value, attribute)
    if attribute == 'Name':
        return validate_name(value, attribute)
    if attribute == 'Description':
        return validate_desc(value, attribute)
    return True