Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
O
OpnSense
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kulya
OpnSense
Commits
f3d9e10b
Commit
f3d9e10b
authored
Dec 29, 2014
by
Ad Schellevis
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fixes for captive portal voucher, locking issues etc.
parent
3ee4024a
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
15 additions
and
41 deletions
+15
-41
captiveportal.inc
src/etc/inc/captiveportal.inc
+14
-6
voucher.inc
src/etc/inc/voucher.inc
+0
-34
CPClient.php
...nsense/mvc/app/models/OPNsense/CaptivePortal/CPClient.php
+1
-1
No files found.
src/etc/inc/captiveportal.inc
View file @
f3d9e10b
...
...
@@ -119,7 +119,6 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
$dwfaultbw_down
=
isset
(
$config
[
'captiveportal'
][
$cpzone
][
'bwdefaultdn'
])
?
$config
[
'captiveportal'
][
$cpzone
][
'bwdefaultdn'
]
:
0
;
$bw_up
=
isset
(
$attributes
[
'bw_up'
])
?
round
(
intval
(
$attributes
[
'bw_up'
])
/
1000
,
2
)
:
$dwfaultbw_up
;
$bw_down
=
isset
(
$attributes
[
'bw_down'
])
?
round
(
intval
(
$attributes
[
'bw_down'
])
/
1000
,
2
)
:
$dwfaultbw_down
;
$session_terminate_time
=
(
!
empty
(
$attributes
[
'session_terminate_time'
]))
?
$attributes
[
'session_terminate_time'
]
:
'NULL'
;
$interim_interval
=
(
!
empty
(
$attributes
[
'interim_interval'
]))
?
$attributes
[
'interim_interval'
]
:
'NULL'
;
$session_timeout
=
0
;
...
...
@@ -127,7 +126,8 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
$session_timeout
=
$attributes
[
'session_timeout'
]
;
}
elseif
(
is_numeric
(
$config
[
'captiveportal'
][
$cpzone
][
"timeout"
])
){
$session_timeout
=
$config
[
'captiveportal'
][
$cpzone
][
"timeout"
];
// calculate to seconds for timeout parameters ( config in minutes )
$session_timeout
=
$config
[
'captiveportal'
][
$cpzone
][
"timeout"
]
*
60
;
}
$idle_timeout
=
0
;
...
...
@@ -135,10 +135,18 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
$idle_timeout
=
$attributes
[
'idle_timeout'
]
;
}
elseif
(
is_numeric
(
$config
[
'captiveportal'
][
$cpzone
][
"idletimeout"
])
){
$idle_timeout
=
$config
[
'captiveportal'
][
$cpzone
][
"idletimeout"
];
// calculate to seconds for timeout parameters ( config in minutes )
$idle_timeout
=
$config
[
'captiveportal'
][
$cpzone
][
"idletimeout"
]
*
60
;
}
$session_terminate_time
=
0
;
if
(
array_key_exists
(
"session_timeout"
,
$attributes
)
)
{
$session_terminate_time
=
$attributes
[
'session_terminate_time'
]
;
}
if
(
$attributes
[
'voucher'
])
{
$db
=
new
OPNsense\CaptivePortal\DB
(
$cpzone
);
$clients
=
$db
->
listClients
(
array
(
"username"
=>
$username
),
null
,
null
);
...
...
@@ -146,11 +154,11 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
// user is already connected, disconnect old session
$cpc
->
disconnect
(
$cpzone
,
$client
->
sessionid
);
// calculate new session end time for this voucher
$session_terminate_time
=
$client
->
allow_time
+
$client
->
session_timeout
-
time
()
;
// calculate new session end time for this voucher
( session connection time + timeout - now, correct with 1 second to trap exact cleanup hit)
$session_terminate_time
=
$client
->
allow_time
+
$client
->
session_timeout
-
time
()
-
1
;
}
if
(
$session_terminate_time
<
=
0
)
{
if
(
$session_terminate_time
<
0
)
{
// no time left for voucher
return
0
;
}
...
...
src/etc/inc/voucher.inc
View file @
f3d9e10b
...
...
@@ -221,17 +221,6 @@ function voucher_expire($voucher_received) {
$cpdb
=
new
OPNsense\CaptivePortal\DB
(
$cpzone
);
$cpc
=
new
OPNsense\CaptivePortal\CPClient
();
// XMLRPC Call over to the master Voucher node
if
(
!
empty
(
$config
[
'voucher'
][
$cpzone
][
'vouchersyncdbip'
]))
{
$syncip
=
$config
[
'voucher'
][
$cpzone
][
'vouchersyncdbip'
];
$syncport
=
$config
[
'voucher'
][
$cpzone
][
'vouchersyncport'
];
$syncpass
=
$config
[
'voucher'
][
$cpzone
][
'vouchersyncpass'
];
$vouchersyncusername
=
$config
[
'voucher'
][
$cpzone
][
'vouchersyncusername'
];
xmlrpc_sync_voucher_expire
(
$voucher_received
,
$syncip
,
$syncport
,
$syncpass
,
$vouchersyncusername
);
}
$voucherlck
=
lock
(
"voucher
{
$cpzone
}
"
,
LOCK_EX
);
// read rolls into assoc array with rollid as key and minutes as value
$tickets_per_roll
=
array
();
$minutes_per_roll
=
array
();
...
...
@@ -316,7 +305,6 @@ function voucher_expire($voucher_received) {
unset
(
$cpdb
);
unset
(
$cpc
);
unlock
(
$voucherlck
);
return
true
;
}
...
...
@@ -334,17 +322,6 @@ function voucher_auth($voucher_received, $test = 0) {
if
(
!
isset
(
$config
[
'voucher'
][
$cpzone
][
'enable'
]))
return
0
;
// XMLRPC Call over to the master Voucher node
if
(
!
empty
(
$config
[
'voucher'
][
$cpzone
][
'vouchersyncdbip'
]))
{
$syncip
=
$config
[
'voucher'
][
$cpzone
][
'vouchersyncdbip'
];
$syncport
=
$config
[
'voucher'
][
$cpzone
][
'vouchersyncport'
];
$syncpass
=
$config
[
'voucher'
][
$cpzone
][
'vouchersyncpass'
];
$vouchersyncusername
=
$config
[
'voucher'
][
$cpzone
][
'vouchersyncusername'
];
$remote_time_used
=
xmlrpc_sync_used_voucher
(
$voucher_received
,
$syncip
,
$syncport
,
$syncpass
,
$vouchersyncusername
);
}
$voucherlck
=
lock
(
"voucher
{
$cpzone
}
"
,
LOCK_EX
);
// read rolls into assoc array with rollid as key and minutes as value
$tickets_per_roll
=
array
();
$minutes_per_roll
=
array
();
...
...
@@ -429,7 +406,6 @@ function voucher_auth($voucher_received, $test = 0) {
}
else
{
$test_result
[]
=
sprintf
(
gettext
(
"Access granted for %d Minutes in total."
),
$total_minutes
);
}
unlock
(
$voucherlck
);
return
$test_result
;
}
...
...
@@ -438,20 +414,11 @@ function voucher_auth($voucher_received, $test = 0) {
// Discussion: we could return the time remaining for good vouchers, but then
// the user wouldn't know that he used at least one invalid voucher.
if
(
$error
)
{
unlock
(
$voucherlck
);
if
(
$total_minutes
>
0
)
// probably not needed, but want to make sure
$total_minutes
=
0
;
// we only report -1 (expired) or 0 (no access)
return
$total_minutes
;
// well, at least one voucher had errors. Say NO ACCESS
}
// If we did a XMLRPC sync earlier check the timeleft
if
(
!
empty
(
$config
[
'voucher'
][
$cpzone
][
'vouchersyncdbip'
]))
{
if
(
!
is_null
(
$remote_time_used
))
$total_minutes
=
$remote_time_used
;
else
if
(
$remote_time_used
<
$total_minutes
)
$total_minutes
-=
$remote_time_used
;
}
// All given vouchers were valid and this isn't simply a test.
// Write back the used DB's
if
(
is_array
(
$bitstring
))
{
...
...
@@ -482,7 +449,6 @@ function voucher_auth($voucher_received, $test = 0) {
/* Triger a sync of the vouchers on config */
send_event
(
"service sync vouchers"
);
unlock
(
$voucherlck
);
return
$total_minutes
;
}
...
...
src/opnsense/mvc/app/models/OPNsense/CaptivePortal/CPClient.php
View file @
f3d9e10b
...
...
@@ -651,7 +651,7 @@ class CPClient {
// if session timeout is reached, disconnect
if
(
is_numeric
(
$client
->
session_timeout
)
&&
$client
->
session_timeout
>
0
)
{
if
(((
time
()
-
$client
->
allow_time
)
/
60
)
>
$client
->
session_timeout
)
{
if
(((
time
()
-
$client
->
allow_time
)
)
>
$client
->
session_timeout
)
{
$this
->
disconnect
(
$cpzonename
,
$client
->
sessionid
);
$this
->
logportalauth
(
$cpzonename
,
$client
->
username
,
$client
->
mac
,
$client
->
ip
,
$status
=
"SESSION TIMEOUT"
);
continue
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment