src: start to prune varrun_path foo

Style and sanity splatter all over while at it.

src: start to prune varrun_path foo
Style and sanity splatter all over while at it.
6b3bff0f · Franco Fichtner · ca9ab9b6 · 6b3bff0f · 6b3bff0f
Commit 6b3bff0f authored Apr 23, 2015 by Franco Fichtner
Hide whitespace changes
Inline Side-by-side

Showing with 46 additions and 40 deletions

auth.inc src/etc/inc/auth.inc +32 -29

captiveportal.inc src/etc/inc/captiveportal.inc +14 -11

No files found.
--- a/src/etc/inc/auth.inc
+++ b/src/etc/inc/auth.inc
@@ -203,7 +203,7 @@ function index_groups()

 	$groupindex = array();

-	if (is_array($config['system']['group'])) {
+	if (isset($config['system']['group'])) {
 		$i = 0;
 		foreach($config['system']['group'] as $groupent) {
 			$groupindex[$groupent['name']] = $i;
@@ -261,7 +261,7 @@ function &getGroupEntryByGID($gid)
 {
 	global $config;

-	if (is_array($config['system']['group'])) {
+	if (isset($config['system']['group'])) {
 		foreach ($config['system']['group'] as & $group) {
 			if ($group['gid'] == $gid) {
 				return $group;
@@ -518,7 +518,8 @@ function local_user_get_groups($user, $all = false)
 	global $config;

 	$groups = array();
-	if (!is_array($config['system']['group'])) {
+
+	if (!isset($config['system']['group'])) {
 		return $groups;
 	}

@@ -540,8 +541,9 @@ function local_user_set_groups($user, $new_groups = null)
 {
 	global $config, $groupindex;

-	if (!is_array($config['system']['group']))
+	if (!isset($config['system']['group'])) {
 		return;
+	}

 	$cur_groups = local_user_get_groups($user, true);
 	$mod_groups = array();
@@ -680,33 +682,31 @@ function ldap_test_connection($authcfg)

 function ldap_setup_caenv($authcfg)
 {
-	global $g;
-
 	require_once("certs.inc");

 	unset($caref);
+
 	if (empty($authcfg['ldap_caref']) || !strstr($authcfg['ldap_urltype'], "SSL")) {
 		putenv('LDAPTLS_REQCERT=never');
 		return;
-	} else {
-		$caref = lookup_ca($authcfg['ldap_caref']);
-		if (!$caref) {
-			log_error(sprintf(gettext("LDAP: Could not lookup CA by reference for host %s."), $authcfg['ldap_caref']));
-			/* XXX: Prevent for credential leaking since we cannot setup the CA env. Better way? */
-			putenv('LDAPTLS_REQCERT=hard');
-			return;
-		}
-		if (!is_dir("{$g['varrun_path']}/certs"))
-			@mkdir("{$g['varrun_path']}/certs");
-		if (file_exists("{$g['varrun_path']}/certs/{$caref['refid']}.ca"))
-			@unlink("{$g['varrun_path']}/certs/{$caref['refid']}.ca");
-		file_put_contents("{$g['varrun_path']}/certs/{$caref['refid']}.ca", base64_decode($caref['crt']));
-		@chmod("{$g['varrun_path']}/certs/{$caref['refid']}.ca", 0600);
+	}
+
+	$caref = lookup_ca($authcfg['ldap_caref']);
+	if (!$caref) {
+		log_error(sprintf(gettext("LDAP: Could not lookup CA by reference for host %s."), $authcfg['ldap_caref']));
+		/* XXX: Prevent for credential leaking since we cannot setup the CA env. Better way? */
 		putenv('LDAPTLS_REQCERT=hard');
-		/* XXX: Probably even the hashed link should be created for this? */
-		putenv("LDAPTLS_CACERTDIR={$g['varrun_path']}/certs");
-		putenv("LDAPTLS_CACERT={$g['varrun_path']}/certs/{$caref['refid']}.ca");
+		return;
 	}
+
+	@mkdir("/var/run/certs");
+	@unlink("/var/run/certs/{$caref['refid']}.ca");
+	file_put_contents("/var/run/certs/{$caref['refid']}.ca", base64_decode($caref['crt']));
+	@chmod("/var/run/certs/{$caref['refid']}.ca", 0600);
+	putenv('LDAPTLS_REQCERT=hard');
+	/* XXX: Probably even the hashed link should be created for this? */
+	putenv("LDAPTLS_CACERTDIR=/var/run/certs");
+	putenv("LDAPTLS_CACERT=/var/run/certs/{$caref['refid']}.ca");
 }

 function ldap_test_bind($authcfg)
@@ -1261,12 +1261,14 @@ function auth_get_authserver_list() {
 	return $list;
 }

-function getUserGroups($username, $authcfg) {
+function getUserGroups($username, $authcfg)
+{
 	global $config;

 	$allowed_groups = array();
+	$member_groups = array();

-	switch($authcfg['type']) {
+	switch ($authcfg['type']) {
        case 'ldap':
 		$allowed_groups = @ldap_get_groups($username, $authcfg);
 		break;
@@ -1278,11 +1280,12 @@ function getUserGroups($username, $authcfg) {
 		break;
 	}

-	$member_groups = array();
-        if (is_array($config['system']['group'])) {
-                foreach ($config['system']['group'] as $group)
-                        if (in_array($group['name'], $allowed_groups))
+        if (isset($config['system']['group'])) {
+                foreach ($config['system']['group'] as $group) {
+                        if (in_array($group['name'], $allowed_groups)) {
 				$member_groups[] = $group['name'];
+			}
+		}
 	}

 	return $member_groups;

--- a/src/etc/inc/captiveportal.inc
+++ b/src/etc/inc/captiveportal.inc
@@ -405,7 +405,7 @@ function captiveportal_configure_zone($cpcfg) {
        } else
            captiveportal_syslog("Reconfiguring captive portal({$cpcfg['zone']}).");
        /* kill any running minicron */
-        killbypid("{$g['varrun_path']}/cp_prunedb_{$cpzone}.pid");
+        killbypid("/var/run/cp_prunedb_{$cpzone}.pid");

        /* initialize minicron interval value */
        $croninterval = $cpcfg['croninterval'] ? $cpcfg['croninterval'] : 60;
@@ -521,19 +521,23 @@ EOD;
        captiveportal_write_elements();

        /* kill any running mini_httpd */
-        killbypid("{$g['varrun_path']}/lighty-{$cpzone}-CaptivePortal.pid");
-        killbypid("{$g['varrun_path']}/lighty-{$cpzone}-CaptivePortal-SSL.pid");
+        killbypid("/var/run/lighty-{$cpzone}-CaptivePortal.pid");
+        killbypid("/var/run/lighty-{$cpzone}-CaptivePortal-SSL.pid");

        /* start up the webserving daemon */
        captiveportal_init_webgui_zone($cpcfg);

        /* Kill any existing prunecaptiveportal processes */
-        if (file_exists("{$g['varrun_path']}/cp_prunedb_{$cpzone}.pid"))
-            killbypid("{$g['varrun_path']}/cp_prunedb_{$cpzone}.pid");
+        killbypid("/var/run/cp_prunedb_{$cpzone}.pid");

        /* start pruning process (interval defaults to 60 seconds) */
-        mwexec("/usr/local/bin/minicron $croninterval {$g['varrun_path']}/cp_prunedb_{$cpzone}.pid " .
-            "/usr/local/etc/rc.prunecaptiveportal {$cpzone}");
+        mwexecf(
+		'/usr/local/bin/minicron %s %s %s %s',
+		 $croninterval,
+		"/var/run/cp_prunedb_{$cpzone}.pid",
+		'/usr/local/etc/rc.prunecaptiveportal',
+		$cpzone
+	);

        /* generate radius server database */
        unlink_if_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db");
@@ -546,9 +550,9 @@ EOD;
        }

    } else {
-        killbypid("{$g['varrun_path']}/lighty-{$cpzone}-CaptivePortal.pid");
-        killbypid("{$g['varrun_path']}/lighty-{$cpzone}-CaptivePortal-SSL.pid");
-        killbypid("{$g['varrun_path']}/cp_prunedb_{$cpzone}.pid");
+        killbypid("/var/run/lighty-{$cpzone}-CaptivePortal.pid");
+        killbypid("/var/run/lighty-{$cpzone}-CaptivePortal-SSL.pid");
+        killbypid("/var/run/cp_prunedb_{$cpzone}.pid");
        @unlink("{$g['varetc_path']}/captiveportal_{$cpzone}.html");
        @unlink("{$g['varetc_path']}/captiveportal-{$cpzone}-error.html");
        @unlink("{$g['varetc_path']}/captiveportal-{$cpzone}-logout.html");
@@ -567,7 +571,6 @@ EOD;
        /* Release allocated pipes for this zone */
        captiveportal_free_dnrules();

-
        if (empty($config['captiveportal']))
            set_single_sysctl("net.link.ether.ipfw", "0");
        else {