GithubFollow/One-KVM
1
0
Fork 0
mirror of https://github.com/mofeng-git/One-KVM.git synced 2025-12-12 01:00:29 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactoring

Browse Source
This commit is contained in:
Maxim Devaev 2022-03-27 03:50:11 +03:00
parent be5f57e03f
commit 6dc1b758b5
3 changed files with 64 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
PKGBUILD
View File

@ -62,7 +62,7 @@ depends=(
python-xlib python-xlib
python-hidapi python-hidapi
python-six python-six
python-radius python-pyrad
libgpiod libgpiod
freetype2 freetype2
"v4l-utils>=1.22.1-1" "v4l-utils>=1.22.1-1"

89
kvmd/plugins/auth/radius.py
View File

@ -19,26 +19,55 @@
# # # #
# ========================================================================== # # ========================================================================== #
#
# For some reason this needs the two following files in / import io
# https://raw.githubusercontent.com/AndrewAubury/kvmd/master/kvmd/plugins/auth/radius.py import textwrap
# https://github.com/pyradius/pyrad/raw/master/example/dictionary.freeradius
#
from typing import Dict from typing import Dict
import pyrad.client
import pyrad.packet
import pyrad.dictionary
from ...yamlconf import Option from ...yamlconf import Option
from ...validators.os import valid_abs_file
from ...validators.net import valid_port from ...validators.net import valid_port
from ...validators.net import valid_ip_or_host from ...validators.net import valid_ip_or_host
from ...validators.basic import valid_int_f1 from ...validators.basic import valid_int_f1
from ...logging import get_logger
from ... import aiotools
from . import BaseAuthService from . import BaseAuthService
from pyrad.client import Client
from pyrad.dictionary import Dictionary # =====
import pyrad.packet _FREERADUIS_DICT = textwrap.dedent("""
# https://github.com/pyradius/pyrad/raw/master/example/dictionary.freeradius
VENDOR FreeRADIUS 11344
BEGIN-VENDOR FreeRADIUS
ATTRIBUTE FreeRADIUS-Statistics-Type 127 integer
VALUE FreeRADIUS-Statistics-Type None 0
VALUE FreeRADIUS-Statistics-Type Authentication 1
VALUE FreeRADIUS-Statistics-Type Accounting 2
VALUE FreeRADIUS-Statistics-Type Proxy-Authentication 4
VALUE FreeRADIUS-Statistics-Type Proxy-Accounting 8
VALUE FreeRADIUS-Statistics-Type Internal 0x10
VALUE FreeRADIUS-Statistics-Type Client 0x20
VALUE FreeRADIUS-Statistics-Type Server 0x40
VALUE FreeRADIUS-Statistics-Type Home-Server 0x80
VALUE FreeRADIUS-Statistics-Type Auth-Acct 0x03
VALUE FreeRADIUS-Statistics-Type Proxy-Auth-Acct 0x0c
VALUE FreeRADIUS-Statistics-Type All 0x1f
END-VENDOR FreeRADIUS
""")
# ===== # =====
@ -48,37 +77,43 @@ class Plugin(BaseAuthService):
host: str, host: str,
port: int, port: int,
secret: str, secret: str,
user: str, timeout: float,
passwd: str,
timeout: int,
) -> None: ) -> None:
self.__host = host self.__host = host
self.__port = port self.__port = port
self.__secret = secret self.__secret = secret
self.__user = user
self.__passwd = passwd
self.__timeout = timeout self.__timeout = timeout
@classmethod @classmethod
def get_plugin_options(cls) -> Dict: def get_plugin_options(cls) -> Dict:
return { return {
"host": Option("localhost",type=valid_ip_or_host), "host": Option("localhost", type=valid_ip_or_host),
"port": Option(1812,type=valid_port), "port": Option(1812, type=valid_port),
"secret": Option(""), "secret": Option(""),
"user": Option(""), "timeout": Option(5, type=valid_int_f1),
"passwd": Option(""),
"timeout": Option(5,type=valid_int_f1),
} }
async def authorize(self, user: str, passwd: str) -> bool: async def authorize(self, user: str, passwd: str) -> bool:
user = user.strip() return (await aiotools.run_async(self.__inner_authorize, user, passwd))
def __inner_authorize(self, user: str, passwd: str) -> bool:
assert user == user.strip()
assert user
try: try:
srv = Client(server=self.__host, secret=self.__secret.encode('ascii'), timeout=self.__timeout, dict=Dictionary("dictionary")) with io.StringIO(_FREERADUIS_DICT) as dct_file:
req = srv.CreateAuthPacket(code=pyrad.packet.AccessRequest, User_Name=user) dct = pyrad.dictionary.Dictionary(dct_file)
req["User-Password"] = req.PwCrypt(passwd) client = pyrad.client.Client(
# send request server=self.__host,
reply = srv.SendPacket(req) authport=self.__port,
return (reply.code == pyrad.packet.AccessAccept) secret=self.__secret.encode("ascii"),
except: timeout=self.__timeout,
dict=dct,
)
request = client.CreateAuthPacket(code=pyrad.packet.AccessRequest, User_Name=user)
request["User-Password"] = request.PwCrypt(passwd)
response = client.SendPacket(request)
return (response.code == pyrad.packet.AccessAccept)
except Exception:
get_logger().exception("Failed RADIUS auth request for user %r", user)
return False return False

1
testenv/requirements.txt
View File

@ -1,4 +1,5 @@
pyghmi pyghmi
spidev spidev
pyrad
types-PyYAML types-PyYAML
types-aiofiles types-aiofiles