/** The auth callback responds to a request to serve from the authdir */
void
http_nodogsplash_callback_auth(httpd *webserver, request *r)
{
s_config *config;
t_client *client;
t_auth_target *authtarget;
char /**ip, *mac,*/ *msg = NULL, *data = NULL;
int seconds;
client = http_nodogsplash_add_client(r);
/* http_nodogsplash_add_client() should log and return null on error */
if(!client) return;
/* Get info we need from request, and do action */
authtarget = http_nodogsplash_decode_authtarget(r);
config = config_get_config();
if (config->bin_voucher && ((authtarget->voucher) || (config->force_voucher))) {
if (!client)
goto serve_splash;
if (!authtarget->voucher || !http_isAlphaNum(authtarget->voucher))
goto serve_splash;
char cmd_buff[strlen(config->bin_voucher)+strlen(client->mac)+strlen(authtarget->voucher)+16];
snprintf(cmd_buff, sizeof(cmd_buff), "%s auth_voucher %s %s",
config->bin_voucher, client->mac, authtarget->voucher);
data = system_exec(cmd_buff);
if (!data)
goto serve_splash;
seconds = data_extract_bw(data, client);
if(seconds < 1)
goto serve_splash;
debug(LOG_NOTICE, "Remote voucher: client [%s, %s] authenticated %d seconds",
client->mac, client->ip, seconds);
free(data);
http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED);
client->added_time = time(NULL) - (config->checkinterval * config->clientforceout) + seconds;
} else if(http_nodogsplash_check_userpass(r,authtarget)) {
http_nodogsplash_callback_action (r,authtarget,AUTH_MAKE_AUTHENTICATED);
} else {
/* Password check failed; just serve them the splash page again */
serve_splash:
if (data) {
msg = strchr(data, ' ');
if (msg)
msg++;
}
http_nodogsplash_serve_splash(r,authtarget,client,msg);
free(data);
}
http_nodogsplash_free_authtarget(authtarget);
}
/** The deny callback responds to a request to serve from the denydir */
void
http_nodogsplash_callback_deny(httpd *webserver, request *r)
{
t_auth_target *authtarget;
/* Get info we need from request, and do action */
authtarget = http_nodogsplash_decode_authtarget(r);
http_nodogsplash_callback_action (r,authtarget,AUTH_MAKE_DEAUTHENTICATED );
http_nodogsplash_free_authtarget(authtarget);
}
/** The auth callback responds to a request to serve from the authdir */
void
http_nodogsplash_callback_auth(httpd *webserver, request *r)
{
s_config *config;
t_client *client;
t_auth_target *authtarget;
char /**ip, *mac,*/ *msg = NULL, cmd_buff[255], *data = NULL;
int seconds;
client = http_nodogsplash_add_client(r);
/* http_nodogsplash_add_client() should log and return null on error */
if(!client)
return;
/* Get info we need from request, and do action */
authtarget = http_nodogsplash_decode_authtarget(r);
//认证
http_nodogsplash_callback_action (r,authtarget,AUTH_MAKE_AUTHENTICATED);
http_nodogsplash_free_authtarget(authtarget);
}
/** Respond to attempted access from a preauthenticated client.
* Add the client to the client list and serves the splash page.
*/
void
http_nodogsplash_first_contact(request *r)
{
t_client *client;
t_auth_target *authtarget;
s_config *config;
const char *redir;
char *origurl;
char *data = NULL;
int seconds;
/* only allow GET requests */
if (r->request.method != HTTP_GET) {
http_nodogsplash_405(r);
return;
}
config = config_get_config();
client = http_nodogsplash_add_client(r);
/* http_nodogsplash_add_client() should log and return null on error */
if(!client) return;
/* We just assume protocol http; after all we caught the client by
redirecting port 80 tcp packets
*/
safe_asprintf(&origurl,"http://%s%s%s%s",
r->request.host,r->request.path,
r->request.query[0]?"?":"",r->request.query);
/* Create redirect URL for this contact as appropriate */
redir = http_nodogsplash_make_redir(origurl);
/* Create authtarget with all needed info */
authtarget = http_nodogsplash_make_authtarget(client->token,redir);
free(origurl);
if(config->authenticate_immediately) {
/* Don't serve splash, just authenticate */
http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED);
} else if (config->enable_preauth) {
char cmd_buff[strlen(config->bin_voucher)+strlen(client->mac)+14];
snprintf(cmd_buff, sizeof(cmd_buff), "%s auth_status %s",
config->bin_voucher, client->mac);
data = system_exec(cmd_buff);
if(!data)
goto serve_splash;
seconds = data_extract_bw(data, client);
if(seconds < 1)
goto serve_splash;
debug(LOG_NOTICE, "Remote auth data: client [%s, %s] authenticated %d seconds",
client->mac, client->ip, seconds);
http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED);
client->added_time = time(NULL) - (config->checkinterval * config->clientforceout) + seconds;
free(data);
} else {
/* Serve the splash page (or redirect to remote authenticator) */
serve_splash:
free(data);
http_nodogsplash_serve_splash(r,authtarget, client, NULL);
}
http_nodogsplash_free_authtarget(authtarget);
}