72 lines
2.7 KiB
Diff
72 lines
2.7 KiB
Diff
--- orig/captiveportal.inc 2013-02-22 15:38:14.000000000 +0100
|
|
+++ new/captiveportal.inc 2013-10-31 17:05:35.016918036 +0100
|
|
@@ -406,19 +406,21 @@
|
|
$cacert = "";
|
|
$key = base64_decode($config['captiveportal']['private-key']);
|
|
/* generate lighttpd configuration */
|
|
- system_generate_lighty_config("{$g['varetc_path']}/lighty-CaptivePortal-SSL.conf",
|
|
+ system_generate_lighty_config("{$g['varetc_path']}/lighty-CaptivePortal-SSL.conf.UNUSED-by-UNIVNAUTES",
|
|
$cert, $key, $cacert, "lighty-CaptivePortal-SSL.pid", "8001", "/usr/local/captiveportal/",
|
|
"cert-portal.pem", "ca-portal.pem", 1, true);
|
|
}
|
|
|
|
/* generate lighttpd configuration */
|
|
- system_generate_lighty_config("{$g['varetc_path']}/lighty-CaptivePortal.conf",
|
|
+ system_generate_lighty_config("{$g['varetc_path']}/lighty-CaptivePortal.conf.UNUSED-by-UNIVNAUTES",
|
|
"", "", "", "lighty-CaptivePortal.pid", "8000", "/usr/local/captiveportal/",
|
|
"cert-portal.pem", "ca-portal.pem", 1, true);
|
|
|
|
@unlink("{$g['varrun_path']}/lighty-CaptivePortal.pid");
|
|
/* attempt to start lighttpd */
|
|
+ /* UNIVNAUTES
|
|
$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-CaptivePortal.conf");
|
|
+ */
|
|
|
|
/* fire up https instance */
|
|
if (isset($config['captiveportal']['httpslogin'])) {
|
|
@@ -580,7 +582,15 @@
|
|
|
|
/* allowed ipfw rules to make allowed hostnames work */
|
|
$cprules .= captiveportal_allowedhostname_configure();
|
|
-
|
|
+
|
|
+ /* UNIVNAUTES : whitelist in table 42 */
|
|
+ $cprules .= <<<EOD
|
|
+# accept every traffic from table 42
|
|
+add 65500 allow ip from any to table(42) in
|
|
+add 65501 allow ip from table(42) to any out
|
|
+table 42 flush
|
|
+EOD;
|
|
+
|
|
/* load rules */
|
|
if ($reinit == true)
|
|
$cprules = "table all flush\nflush\n{$cprules}";
|
|
@@ -609,6 +619,9 @@
|
|
/* Make sure not re-entrancy is allowed in ipfw(4) */
|
|
mwexec("/sbin/sysctl net.inet.ip.fw.one_pass=1");
|
|
|
|
+ /* UNIVNAUTES : populate whitelist */
|
|
+ mwexec_bg("/usr/local/bin/univnautes-update-whitelist.sh reset");
|
|
+
|
|
return $cprules;
|
|
}
|
|
|
|
@@ -1645,6 +1658,7 @@
|
|
$remaining_time = $attributes['session_timeout'];
|
|
|
|
$writecfg = false;
|
|
+ if (!$attributes['univnautes_concurrentlogins'])
|
|
/* Find an existing session */
|
|
if ((isset($config['captiveportal']['noconcurrentlogins'])) && $passthrumac) {
|
|
if (isset($config['captiveportal']['passthrumacadd'])) {
|
|
@@ -1707,7 +1721,8 @@
|
|
unset($cpdb[$sid]);
|
|
break;
|
|
}
|
|
- elseif ((isset($config['captiveportal']['noconcurrentlogins'])) && ($username != 'unauthenticated')) {
|
|
+ elseif (!$attributes['univnautes_concurrentlogins'])
|
|
+ if ((isset($config['captiveportal']['noconcurrentlogins'])) && ($username != 'unauthenticated')) {
|
|
/* on the same username */
|
|
if (strcasecmp($cpentry[4], $username) == 0) {
|
|
/* This user was already logged in so we disconnect the old one */
|