void http_nodogsplash_redirect_remote_auth(request *r, t_auth_target *authtarget) { char *remoteurl; char *encgateway, *encauthaction, *encredir, *enctoken; s_config *config; config = config_get_config(); /* URL encode variables, redirect to remote auth server */ encgateway = httpdUrlEncode(config->gw_name); encauthaction = httpdUrlEncode(authtarget->authaction); encredir = httpdUrlEncode(authtarget->redir); enctoken = httpdUrlEncode(authtarget->token); safe_asprintf(&remoteurl, "%s?gateway=%s&authaction=%s&redir=%s&tok=%s", config->remote_auth_action, encgateway, encauthaction, encredir, enctoken); http_nodogsplash_redirect(r, remoteurl); free(encgateway); free(encauthaction); free(encredir); free(enctoken); free(remoteurl); }
void http_nodogsplash_redirect_remote_auth(request *r, t_auth_target *authtarget,t_client *client) { char *remoteurl; char *encgateway, *encauthaction, *encredir, *enctoken, *encmac; s_config *config; config = config_get_config(); /* URL encode variables, redirect to remote auth server */ //encgateway = httpdUrlEncode(config->gw_name); encauthaction = httpdUrlEncode(authtarget->authaction); encredir = httpdUrlEncode(authtarget->redir); enctoken = httpdUrlEncode(authtarget->token); encmac = httpdUrlEncode(client->mac); safe_asprintf(&remoteurl, "%s:%d%s?uid=%d&authaction=%s&redir=%s&tok=%s&mac=%s", config->auth_server, config->auth_port, config->auth_path, config->uid, encauthaction, encredir, enctoken, encmac); http_nodogsplash_redirect(r, remoteurl); free(encauthaction); free(encredir); free(enctoken); free(remoteurl); }
/** The multipurpose authentication action handler */ void http_nodogsplash_callback_action(request *r, t_auth_target *authtarget, t_authaction action) { t_client *client; char *mac; const char *ip; char *clienttoken = NULL; const char *requesttoken = authtarget->token; const char *redir = authtarget->redir; ip = r->clientAddr; if(!requesttoken) { debug(LOG_NOTICE, "No token in request from ip %s", ip); return; } if(!redir) { debug(LOG_NOTICE, "No redirect in request from ip %s", ip); return; } if (!(mac = arp_get(ip))) { /* We could not get their MAC address */ debug(LOG_NOTICE, "Could not arp MAC address for %s action %d", ip, action); return; } /* We have their MAC address, find them on the client list */ LOCK_CLIENT_LIST(); client = client_list_find(ip,mac); if(client && client->token) { clienttoken = safe_strdup(client->token); } UNLOCK_CLIENT_LIST(); if(!client) { debug(LOG_NOTICE, "Client %s %s action %d is not on client list", ip, mac, action); http_nodogsplash_serve_info(r, "Nodogsplash Error", "You are not on the client list."); free(mac); return; } /* We have a client */ /* Do we have a client token? */ if(!clienttoken) { debug(LOG_NOTICE, "Client %s %s action %d does not have a token", ip, mac, action); free(mac); return; } debug(LOG_DEBUG, "Action %d: %s %s tokens %s, %s", action, ip, mac, clienttoken, requesttoken); debug(LOG_DEBUG, "Redirect: %s", redir); /* Check token match */ if (strcmp(clienttoken,requesttoken)) { /* tokens don't match, reject */ debug(LOG_NOTICE, "Client %s %s tokens %s, %s do not match", r->clientAddr, mac, clienttoken, requesttoken); http_nodogsplash_serve_info(r, "Nodogsplash Error", "Tokens do not match."); free(mac); free(clienttoken); return; } /* Log value of info string, if any */ if(authtarget->info) { debug(LOG_NOTICE, "Client %s %s info: %s", ip, mac, authtarget->info); } /* take action */ switch(action) { case AUTH_MAKE_AUTHENTICATED: auth_client_action(ip,mac,action); http_nodogsplash_redirect(r, redir); break; case AUTH_MAKE_DEAUTHENTICATED: auth_client_action(ip,mac,action); http_nodogsplash_serve_info(r, "Nodogsplash Deny", "Authentication revoked."); break; default: debug(LOG_ERR, "Unknown auth action: %d", action); } free(mac); free(clienttoken); return; }