diff options
Diffstat (limited to 'ipa-radius-admintools/ipa-addradiusclient')
-rw-r--r-- | ipa-radius-admintools/ipa-addradiusclient | 197 |
1 files changed, 0 insertions, 197 deletions
diff --git a/ipa-radius-admintools/ipa-addradiusclient b/ipa-radius-admintools/ipa-addradiusclient deleted file mode 100644 index a84ea74ba..000000000 --- a/ipa-radius-admintools/ipa-addradiusclient +++ /dev/null @@ -1,197 +0,0 @@ -#! /usr/bin/python -E -# Authors: John Dennis <jdennis@redhat.com> -# -# Copyright (C) 2007 Red Hat -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. -# - -import sys -import os -from optparse import OptionParser - -import ipa.ipaclient as ipaclient -import ipa.ipautil as ipautil -import ipa.config -import ipa.ipaerror -import ipa.radius_util as radius_util - -import xmlrpclib -import kerberos -import ldap - -#------------------------------------------------------------------------------ - -radius_attrs = radius_util.radius_client_attr_to_ldap_attr.keys() -radius_attr_to_ldap_attr = radius_util.radius_client_attr_to_ldap_attr -ldap_attr_to_radius_attr = radius_util.radius_client_ldap_attr_to_radius_attr -mandatory_radius_attrs = ['Client-IP-Address', 'Secret'] -distinguished_attr = 'Client-IP-Address' - -#------------------------------------------------------------------------------ - -def help_option_callback(option, opt_str, value, parser, *args, **kwargs): - parser.print_help() - print - print "Valid interative attributes are:" - print ipautil.format_list(radius_attrs, quote='"') - print - print "Required attributes are:" - print ipautil.format_list(mandatory_radius_attrs, quote='"') - sys.exit(0) - -def main(): - pairs = {} - - opt_parser = OptionParser(add_help_option=False) - - opt_parser.add_option("-a", "--Client-IP-Address", dest="ip_addr", - help="RADIUS client ip address") - opt_parser.add_option("-s", "--Secret", dest="secret", - help="RADIUS client ip address") - opt_parser.add_option("-n", "--Name", dest="name", - help="RADIUS client name") - opt_parser.add_option("-t", "--NAS-Type", dest="nastype", - help="RADIUS client NAS Type") - opt_parser.add_option("-d", "--Description", dest="desc", - help="description of the RADIUS client") - - opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback, - help="detailed help information") - opt_parser.add_option("-i", "--interactive", dest="interactive", action='store_true', default=False, - help="interactive mode, prompts with auto-completion") - opt_parser.add_option("-p", "--pair", dest="pairs", action='append', - help="specify one or more attribute=value pair(s), value may be optionally quoted, pairs are delimited by whitespace") - opt_parser.add_option("-f", "--file", dest="pair_file", - help="attribute=value pair(s) are read from file, value may be optionally quoted, pairs are delimited by whitespace. Reads from stdin if file is -") - opt_parser.add_option("-v", "--verbose", dest="verbose", action='store_true', - help="print information") - - opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0]))) - - ipa.config.add_standard_options(opt_parser) - options, args = opt_parser.parse_args() - - if len(args) < 1: - opt_parser.error('missing %s' % (distinguished_attr)) - - ipa.config.init_config(options) - - ip_addr = args[0] - pairs[distinguished_attr] = ip_addr - - # Get pairs from a file or stdin - if options.pair_file: - try: - av = ipautil.read_pairs_file(options.pair_file) - pairs.update(av) - except Exception, e: - print "ERROR, could not read pairs (%s)" % (e) - - # Get pairs specified on the command line as a named argument - if options.ip_addr: pairs[distinguished_attr] = options.ip_addr - if options.secret: pairs['Secret'] = options.secret - if options.name: pairs['Name'] = options.name - if options.nastype: pairs['NAS-Type'] = options.nastype - if options.desc: pairs['Description'] = options.desc - - # Get pairs specified on the command line as a pair argument - if options.pairs: - for p in options.pairs: - av = ipautil.parse_key_value_pairs(p) - pairs.update(av) - - # Get pairs interactively - if options.interactive: - # Prompt first for mandatory attributes which have not been previously specified - prompted_mandatory_attrs = [] - existing_attrs = pairs.keys() - for attr in mandatory_radius_attrs: - if not attr in existing_attrs: - prompted_mandatory_attrs.append(attr) - - c = ipautil.AttributeValueCompleter(radius_attrs, pairs) - c.open() - av = c.get_pairs("Enter: ", prompted_mandatory_attrs, radius_util.validate) - pairs.update(av) - c.close() - - # FIXME: validation should be moved to xmlrpc server - - # Data collection done, assure mandatory data has been specified - - if pairs.has_key(distinguished_attr) and pairs[distinguished_attr] != ip_addr: - print "ERROR, %s specified on command line (%s) does not match value found in pairs (%s)" % \ - (distinguished_attr, ip_addr, pairs[distinguished_attr]) - return 1 - - valid = True - for attr in mandatory_radius_attrs: - if not pairs.has_key(attr): - valid = False - print "ERROR, %s is mandatory, but has not been specified" % (attr) - if not valid: - return 1 - - # Make sure each attribute is a member of the set of valid attributes - valid = True - for attr,value in pairs.items(): - if attr not in radius_attrs: - valid = False - print "ERROR, %s is not a valid attribute" % (attr) - if not valid: - print "Valid attributes are:" - print ipautil.format_list(radius_attrs, quote='"') - return 1 - - # Makse sure each value is valid - valid = True - for attr,value in pairs.items(): - if not radius_util.validate(attr, value): - valid = False - if not valid: - return 1 - - # Dump what we've got so far - if options.verbose: - print "Pairs:" - for attr,value in pairs.items(): - print "\t%s = %s" % (attr, value) - - radius_entity = radius_util.RadiusClient() - for attr,value in pairs.items(): - radius_entity.setValue(radius_attr_to_ldap_attr[attr], value) - - try: - ipa_client = ipaclient.IPAClient() - ipa_client.add_radius_client(radius_entity) - print "successfully added" - except xmlrpclib.Fault, f: - print f.faultString - return 1 - except kerberos.GSSError, e: - print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) - return 1 - except xmlrpclib.ProtocolError, e: - print "Unable to connect to IPA server: %s" % (e.errmsg) - return 1 - except ipa.ipaerror.IPAError, e: - print "%s" % (e.message) - return 1 - - return 0 - -if __name__ == "__main__": - sys.exit(main()) |