From 426814fb4b0e76ff25cec191abe3925815b61cab Mon Sep 17 00:00:00 2001 From: "gasperfele@fri1.uni-lj.si" Date: Mon, 23 Feb 2015 13:57:46 +0000 Subject: Finished radius_mysql_pam task.py git-svn-id: https://svn.lusy.fri.uni-lj.si/kpov-public-svn/kpov-public@281 5cf9fbd1-b2bc-434c-b4b7-e852f4f63414 --- kpov_judge/tasks/radius_mysql_pam/task.py | 71 ++++++++++++++++++++++++------- 1 file changed, 56 insertions(+), 15 deletions(-) diff --git a/kpov_judge/tasks/radius_mysql_pam/task.py b/kpov_judge/tasks/radius_mysql_pam/task.py index 3bdcc12..b53c1b7 100644 --- a/kpov_judge/tasks/radius_mysql_pam/task.py +++ b/kpov_judge/tasks/radius_mysql_pam/task.py @@ -91,7 +91,7 @@ def task(IP_RS, RADIUS_SECRET, RADIUS_USERNAME, RADIUS_PASSWORD, MYSQL_DB_NAME, mysql.sendline('USE {MYSQL_DB_NAME}'.format(**locals())) mysql.expect("mysql>") results['database_connect'] = mysql.before - mysql.sendline('SELECT username, password FROM users;') + mysql.sendline('SELECT UserName, Value FROM radcheck;') mysql.expect("mysql>") results['select_from_users'] = mysql.before mysql.sendline("INSERT INTO radcheck (UserName, Attribute, Value, Op) VALUES ('{MYSQL_TEST_USER}', 'Cleartext-Password', '{MYSQL_TEST_PASSWORD}', ':=');".format(**locals())) @@ -103,13 +103,13 @@ def task(IP_RS, RADIUS_SECRET, RADIUS_USERNAME, RADIUS_PASSWORD, MYSQL_DB_NAME, results['radtest_NOK'] = pexpect.run('radtest {0} {1} {2} 1812 {3}'.format( MYSQL_TEST_USER, "Flügzeug", IP_RS, RADIUS_SECRET)) sT = pxssh.pxssh() - mysql.sendline("UPDATE radcheck SET UserName(value) VALUES('{RADIUS_NEW_PASSWORD}') where UserName='{RADIUS_USERNAME}' Attribute='Cleartext-Password';".format(**locals())) + mysql.sendline("UPDATE radcheck SET value='{RADIUS_NEW_PASSWORD}' where UserName='{RADIUS_USERNAME}' and Attribute='Cleartext-Password';".format(**locals())) sT.login(IP_RS, RADIUS_USERNAME, RADIUS_NEW_PASSWORD) - sT.prompt() - results['login_test'] = sT.before() - print results, mysql.before - mysql.sendline("UPDATE radcheck SET UserName(value) VALUES('{RADIUS_PASSWORD}') where UserName='{RADIUS_USERNAME}' Attribute='Cleartext-Password';".format(**locals())) - mysql.sendline("DELETE FROM radcheck where UserName='{MYSQL_TEST_USER}' and Attribute='Cleartext-Password';") + results['login_test'] = sT.before + mysql.sendline("UPDATE radcheck SET value='{RADIUS_PASSWORD}' where UserName='{RADIUS_USERNAME}' and Attribute='Cleartext-Password';".format(**locals())) + mysql.expect('mysql>') + mysql.sendline("DELETE FROM radcheck where UserName='{MYSQL_TEST_USER}' and Attribute='Cleartext-Password';".format(**locals())) + mysql.expect('mysql>') mysql.sendline('\q'); # Testiranje PAM s testnim uporabnikom return results @@ -128,16 +128,57 @@ def gen_params(user_id, params_meta): def task_check(results, params): import re - score = -9 - if results['NM_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_NM'])) > -1: - score += 3 - if results['static_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_static'])) > -1: - score += 3 - if re.search(r'eth0 +802-.*connected', results['NM_nmcli']): + import pickle + score = 0 + r = random.Random(params['MYSQL_SEED']) + MYSQL_TEST_USER = kpov_random_helpers.username_gen(r) + MYSQL_TEST_PASSWORD = kpov_random_helpers.alnum_gen(r, 7) + RADIUS_NEW_PASSWORD = kpov_random_helpers.alnum_gen(r, 7) + s = "Sending Access-Request of id [0-9]+ to {IP_RS} port 1812\r\n\tUser-Name = \"{RADIUS_USERNAME}\"\r\n\tUser-Password = \"{RADIUS_PASSWORD}\".*Access-Accept packet from host {IP_RS}".format(**params) + #with open('test.pickle', 'w') as f: + # pickle.dump({'pattern': s, 'res': results['Test_RadiusServer']}, f) + if re.search(s, results['Test_RadiusServer'], flags=re.DOTALL): + # print "Test OK" score += 2 - if not re.search(r'eth0 +802-.*connected', results['static_nmcli']): + else: + print (results['Test_RadiusServer'], s) + # Testiranje podatkovne base mysql + s = "Welcome to the MySQL monitor.*Type 'help;' or '\\\\h' for help\\. Type '\\\\c' to clear the current input statement\\.\r\n" + if re.search(s, results['mysql_login'], flags=re.DOTALL): + # print "mysql_login OK" + score += 1 + else: + print (results['mysql_login'], s) + s = " USE {MYSQL_DB_NAME}\r\nReading table information.*Database changed\r\n".format(**params) + if re.search(s, results['database_connect'], flags=re.DOTALL): + # print "database_connect OK" + score += 1 + else: + print (results['database_connect'],) + s = " SELECT UserName, Value FROM radcheck;\r\n.*{RADIUS_USERNAME} *| *{RADIUS_PASSWORD}".format(**params) + if re.search(s, results['select_from_users'], flags=re.DOTALL): + # print "select_from_users OK" score += 2 - score = 0 + else: + print (results['select_from_users'], ) + s = "Sending Access-Request of id [0-9]+ to {0} port 1812\r\n\tUser-Name = \"{1}\"\r\n\tUser-Password = \"{2}\".*Access-Accept packet from host {0}".format(params['IP_RS'], MYSQL_TEST_USER, MYSQL_TEST_PASSWORD) + if re.search(s, results['radtest_OK'], flags=re.DOTALL): + # print "radtest_OK OK" + score += 2 + else: + print (s, results['radtest_OK']) + s = "Sending Access-Request of id [0-9]+ to {0} port 1812\r\n\tUser-Name = \"{1}\"\r\n\tUser-Password = \"Flügzeug\".*rad_recv: Access-Reject packet from host {0}".format(params['IP_RS'], MYSQL_TEST_USER) + if re.search(s, results['radtest_NOK'], flags=re.DOTALL): + # print "radtest_NOK OK" + score += 1 + else: + print (results['radtest_NOK'], s) + s = "{RADIUS_USERNAME}@.*:~\\$".format(**params) + if re.search(s, results['login_test'], flags=re.DOTALL): + # print "login_test OK" + score += 1 + else: + print (results['login_test'],s) return score def prepare_disks(templates, params): -- cgit v1.2.1