/**
* Allocate and return a pointer to a t_auth_target struct
* encoding information needed to authenticate a client.
* See http_nodogsplash_make_authtarget().
* The struct should be freed by http_nodogsplash_free_authtarget().
*/
t_auth_target *
http_nodogsplash_decode_authtarget(request *r)
{
httpVar *var;
t_auth_target *authtarget;
char *token=NULL, *redir=NULL;
var = httpdGetVariableByName(r,"tok");
if(var && var->value) {
token = var->value;
debug(LOG_DEBUG,"Get token from authserver: %s",token);
} else {
token = "";
debug(LOG_DEBUG,"Did not get token from auth server");
}
var = httpdGetVariableByName(r,"redir");
if(var && var->value) {
redir = var->value;
debug(LOG_DEBUG,"Get redir from authserver: %s",redir);
} else {
redir = "";
debug(LOG_DEBUG,"Did not get redir from auth server");
}
authtarget = http_nodogsplash_make_authtarget(token,redir);
var = httpdGetVariableByName(r,"nodoguser");
if(var && var->value) {
authtarget->username = safe_strdup(var->value);
}
var = httpdGetVariableByName(r,"nodogpass");
if(var && var->value) {
authtarget->password = safe_strdup(var->value);
}
var = httpdGetVariableByName(r,"info");
if(var && var->value) {
authtarget->info = safe_strdup(var->value);
}
var = httpdGetVariableByName(r,"voucher");
if(var && var->value) {
authtarget->voucher = safe_strdup(var->value);
}
return authtarget;
}
/**
* Allocate and return a pointer to a t_auth_target struct
* encoding information needed to authenticate a client.
* See http_nodogsplash_make_authtarget().
* The struct should be freed by http_nodogsplash_free_authtarget().
*/
t_auth_target *
http_nodogsplash_decode_authtarget(request *r)
{
httpVar *var;
t_auth_target *authtarget;
const char *token=NULL, *redir=NULL;
var = httpdGetVariableByName(r,"tok");
if(var && var->value) {
token = var->value;
} else {
token = "";
}
var = httpdGetVariableByName(r,"redir");
if(var && var->value) {
redir = var->value;
} else {
redir = "";
}
authtarget = http_nodogsplash_make_authtarget(token,redir);
var = httpdGetVariableByName(r,"nodoguser");
if(var && var->value) {
authtarget->username = safe_strdup(var->value);
}
var = httpdGetVariableByName(r,"nodogpass");
if(var && var->value) {
authtarget->password = safe_strdup(var->value);
}
var = httpdGetVariableByName(r,"info");
if(var && var->value) {
authtarget->info = safe_strdup(var->value);
}
var = httpdGetVariableByName(r,"voucher");
if(var && var->value) {
authtarget->voucher = safe_strdup(var->value);
}
return authtarget;
}
/** Respond to attempted access from a preauthenticated client.
* Add the client to the client list and serves the splash page.
*/
void
http_nodogsplash_first_contact(request *r)
{
debug(LOG_DEBUG,"[%s]first contact",r->clientAddr);
t_client *client;
t_auth_target *authtarget;
s_config *config;
char *redir, *origurl;
/* only allow GET requests */
if (r->request.method != HTTP_GET) {
http_nodogsplash_405(r);
return;
}
config = config_get_config();
client = http_nodogsplash_add_client(r);
/* http_nodogsplash_add_client() should log and return null on error */
if(!client) return;
/* We just assume protocol http; after all we caught the client by
redirecting port 80 tcp packets
*/
safe_asprintf(&origurl,"%s%s%s%s",
r->request.host,r->request.path,
r->request.query[0]?"?":"",r->request.query);
/* Create redirect URL for this contact as appropriate */
redir = http_nodogsplash_make_redir(origurl);
debug(LOG_DEBUG,"[%s] redirected to:%s",r->clientAddr,redir);
/* Create authtarget with all needed info */
authtarget = http_nodogsplash_make_authtarget(client->token,redir);
free(origurl);
http_nodogsplash_serve_splash(r,authtarget,client,NULL);
http_nodogsplash_free_authtarget(authtarget);
}
/** Respond to attempted access from a preauthenticated client.
* Add the client to the client list and serves the splash page.
*/
void
http_nodogsplash_first_contact(request *r)
{
t_client *client;
t_auth_target *authtarget;
s_config *config;
const char *redir;
char *origurl;
char *data = NULL;
int seconds;
/* only allow GET requests */
if (r->request.method != HTTP_GET) {
http_nodogsplash_405(r);
return;
}
config = config_get_config();
client = http_nodogsplash_add_client(r);
/* http_nodogsplash_add_client() should log and return null on error */
if(!client) return;
/* We just assume protocol http; after all we caught the client by
redirecting port 80 tcp packets
*/
safe_asprintf(&origurl,"http://%s%s%s%s",
r->request.host,r->request.path,
r->request.query[0]?"?":"",r->request.query);
/* Create redirect URL for this contact as appropriate */
redir = http_nodogsplash_make_redir(origurl);
/* Create authtarget with all needed info */
authtarget = http_nodogsplash_make_authtarget(client->token,redir);
free(origurl);
if(config->authenticate_immediately) {
/* Don't serve splash, just authenticate */
http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED);
} else if (config->enable_preauth) {
char cmd_buff[strlen(config->bin_voucher)+strlen(client->mac)+14];
snprintf(cmd_buff, sizeof(cmd_buff), "%s auth_status %s",
config->bin_voucher, client->mac);
data = system_exec(cmd_buff);
if(!data)
goto serve_splash;
seconds = data_extract_bw(data, client);
if(seconds < 1)
goto serve_splash;
debug(LOG_NOTICE, "Remote auth data: client [%s, %s] authenticated %d seconds",
client->mac, client->ip, seconds);
http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED);
client->added_time = time(NULL) - (config->checkinterval * config->clientforceout) + seconds;
free(data);
} else {
/* Serve the splash page (or redirect to remote authenticator) */
serve_splash:
free(data);
http_nodogsplash_serve_splash(r,authtarget, client, NULL);
}
http_nodogsplash_free_authtarget(authtarget);
}
