diff options
author | John Dennis <jdennis@redhat.com> | 2007-11-13 20:22:18 -0500 |
---|---|---|
committer | John Dennis <jdennis@redhat.com> | 2007-11-13 20:22:18 -0500 |
commit | c4bf859bfb95a1e0ebc4501317ff4e8665ac590d (patch) | |
tree | 4504dd8ec88868af21dd3b054cb40eedaefac951 /ipa-python | |
parent | eab5a89d4a3e8159348b5a709cd4401c9784f058 (diff) | |
download | freeipa-c4bf859bfb95a1e0ebc4501317ff4e8665ac590d.tar.gz freeipa-c4bf859bfb95a1e0ebc4501317ff4e8665ac590d.tar.xz freeipa-c4bf859bfb95a1e0ebc4501317ff4e8665ac590d.zip |
move radius client utility code to common radius_client.py so it can be shared
Diffstat (limited to 'ipa-python')
-rw-r--r-- | ipa-python/radius_client.py | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/ipa-python/radius_client.py b/ipa-python/radius_client.py index 44deb746..d21273d8 100644 --- a/ipa-python/radius_client.py +++ b/ipa-python/radius_client.py @@ -1,7 +1,138 @@ +# Authors: John Dennis <jdennis@redhat.com> +# +# Copyright (C) 2007 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +import getpass +import re + from ipa.entity import Entity +__all__ = ['RadiusClient', + 'get_secret', + 'validate_ip_addr', + 'validate_secret', + 'validate_name', + 'validate_nastype', + 'validate_desc', + ] + +#------------------------------------------------------------------------------ + +dotted_octet_RE = re.compile(r"^(\d+)\.(\d+)\.(\d+)\.(\d+)(/(\d+))?$") +dns_RE = re.compile(r"^[a-zA-Z][a-zA-Z.-]+$") +# secret, name, nastype all have 31 char max in freeRADIUS, max ip address len is 255 +valid_secret_len = (1,31) +valid_name_len = (1,31) +valid_nastype_len = (1,31) +valid_ip_addr_len = (1,255) + +valid_ip_addr_msg = "IP address must be either a DNS name or a dotted octet with optional mask" +valid_desc_msg = "Description must text string" + +#------------------------------------------------------------------------------ + class RadiusClient(Entity): def __init2__(self): pass + +#------------------------------------------------------------------------------ + +def get_secret(): + valid = False + while (not valid): + secret = getpass.getpass("Enter Secret: ") + confirm = getpass.getpass("Confirm Secret: ") + if (secret != confirm): + print "Secrets do not match" + continue + valid = True + return secret + +#------------------------------------------------------------------------------ + +def valid_ip_addr(text): + + # is it a dotted octet? If so there should be 4 integers seperated + # by a dot and each integer should be between 0 and 255 + # there may be an optional mask preceded by a slash (e.g. 1.2.3.4/24) + match = dotted_octet_RE.search(text) + if match: + # dotted octet notation + i = 1 + while i <= 4: + octet = int(match.group(i)) + if octet > 255: return False + i += 1 + if match.group(5): + mask = int(match.group(6)) + if mask <= 32: + return True + else: + return False + return True + else: + # DNS name, can contain letters, dot and hypen + if dns_RE.search(text): return True + return False + +def validate_length(value, limits): + length = len(value) + if length < limits[0] or length > limits[1]: + return False + return True + +def valid_length_msg(name, limits): + return "%s length must be at least %d and not more than %d" % (name, limits[0], limits[1]) + +#------------------------------------------------------------------------------ + +def validate_ip_addr(ip_addr): + if not validate_length(ip_addr, valid_ip_addr_len): + print valid_length_msg('ip address', valid_ip_addr_len) + return False + if not valid_ip_addr(ip_addr): + print valid_ip_addr_msg + return False + return True + +def validate_secret(secret): + if not validate_length(secret, valid_secret_len): + print valid_length_msg('secret', valid_secret_len) + return False + return True + +def validate_name(name): + if not validate_length(name, valid_name_len): + print valid_length_msg('name', valid_name_len) + return False + return True + +def validate_nastype(nastype): + if not validate_length(nastype, valid_nastype_len): + print valid_length_msg('NAS Type', valid_nastype_len) + return False + return True + +def validate_desc(desc): + if ipavalidate.plain(desc, notEmpty=True) != 0: + print valid_desc_msg + return False + return True + |