Example #1
0
/** The auth callback responds to a request to serve from the authdir */
void
http_nodogsplash_callback_auth(httpd *webserver, request *r)
{
	s_config *config;
	t_client  *client;
	t_auth_target *authtarget;
	char /**ip, *mac,*/ *msg = NULL, *data = NULL;
	int seconds;

	client = http_nodogsplash_add_client(r);
	/* http_nodogsplash_add_client() should log and return null on error */
	if(!client) return;

	/* Get info we need from request, and do action */
	authtarget = http_nodogsplash_decode_authtarget(r);
	config = config_get_config();

	if (config->bin_voucher && ((authtarget->voucher) || (config->force_voucher))) {

		if (!client)
			goto serve_splash;

		if (!authtarget->voucher || !http_isAlphaNum(authtarget->voucher))
			goto serve_splash;

		char cmd_buff[strlen(config->bin_voucher)+strlen(client->mac)+strlen(authtarget->voucher)+16];
		snprintf(cmd_buff, sizeof(cmd_buff), "%s auth_voucher %s %s",
				 config->bin_voucher, client->mac, authtarget->voucher);
		data = system_exec(cmd_buff);

		if (!data)
			goto serve_splash;

		seconds = data_extract_bw(data, client);
		if(seconds < 1)
			goto serve_splash;

		debug(LOG_NOTICE, "Remote voucher: client [%s, %s] authenticated %d seconds",
			  client->mac, client->ip, seconds);

		free(data);
		http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED);
		client->added_time = time(NULL) - (config->checkinterval * config->clientforceout) + seconds;
	} else if(http_nodogsplash_check_userpass(r,authtarget)) {
		http_nodogsplash_callback_action (r,authtarget,AUTH_MAKE_AUTHENTICATED);
	} else {
		/* Password check failed; just serve them the splash page again */
serve_splash:
		if (data) {
			msg = strchr(data, ' ');
			if (msg)
				msg++;
		}
		http_nodogsplash_serve_splash(r,authtarget,client,msg);
		free(data);
	}

	http_nodogsplash_free_authtarget(authtarget);
}
Example #2
0
/** The deny callback responds to a request to serve from the denydir */
void
http_nodogsplash_callback_deny(httpd *webserver, request *r)
{
	t_auth_target *authtarget;

	/* Get info we need from request, and do action */
	authtarget = http_nodogsplash_decode_authtarget(r);
	http_nodogsplash_callback_action (r,authtarget,AUTH_MAKE_DEAUTHENTICATED );
	http_nodogsplash_free_authtarget(authtarget);
}
Example #3
0
/** The auth callback responds to a request to serve from the authdir */
void
http_nodogsplash_callback_auth(httpd *webserver, request *r)
{
	s_config *config;
	t_client  *client;
	t_auth_target *authtarget;
	char /**ip, *mac,*/ *msg = NULL, cmd_buff[255], *data = NULL;
	int seconds;

	client = http_nodogsplash_add_client(r);
	/* http_nodogsplash_add_client() should log and return null on error */
	if(!client) 
	    return;
	/* Get info we need from request, and do action */
	authtarget = http_nodogsplash_decode_authtarget(r);    
	//认证
	http_nodogsplash_callback_action (r,authtarget,AUTH_MAKE_AUTHENTICATED);
	http_nodogsplash_free_authtarget(authtarget);
}
Example #4
0
/** Respond to attempted access from a preauthenticated client.
 *  Add the client to the client list and serves the splash page.
 */
void
http_nodogsplash_first_contact(request *r)
{
	t_client *client;
	t_auth_target *authtarget;
	s_config *config;
	const char *redir;
	char *origurl;
	char *data = NULL;
	int seconds;

	/* only allow GET requests */
	if (r->request.method != HTTP_GET) {
		http_nodogsplash_405(r);
		return;
	}
	config = config_get_config();

	client = http_nodogsplash_add_client(r);
	/* http_nodogsplash_add_client() should log and return null on error */
	if(!client) return;

	/* We just assume protocol http; after all we caught the client by
	   redirecting port 80 tcp packets
	*/
	safe_asprintf(&origurl,"http://%s%s%s%s",
				  r->request.host,r->request.path,
				  r->request.query[0]?"?":"",r->request.query);

	/* Create redirect URL for this contact as appropriate */
	redir = http_nodogsplash_make_redir(origurl);

	/* Create authtarget with all needed info */
	authtarget = http_nodogsplash_make_authtarget(client->token,redir);

	free(origurl);

	if(config->authenticate_immediately) {
		/* Don't serve splash, just authenticate */
		http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED);
	} else if (config->enable_preauth) {
		char cmd_buff[strlen(config->bin_voucher)+strlen(client->mac)+14];
		snprintf(cmd_buff, sizeof(cmd_buff), "%s auth_status %s",
				 config->bin_voucher, client->mac);
		data = system_exec(cmd_buff);

		if(!data)
			goto serve_splash;

		seconds = data_extract_bw(data, client);
		if(seconds < 1)
			goto serve_splash;

		debug(LOG_NOTICE, "Remote auth data: client [%s, %s] authenticated %d seconds",
			  client->mac, client->ip, seconds);
		http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED);
		client->added_time = time(NULL) - (config->checkinterval * config->clientforceout) + seconds;
		free(data);
	} else {
		/* Serve the splash page (or redirect to remote authenticator) */
serve_splash:
		free(data);
		http_nodogsplash_serve_splash(r,authtarget, client, NULL);
	}

	http_nodogsplash_free_authtarget(authtarget);
}