diff options
| author | Renato Botelho <renato.botelho@bluepex.com> | 2010-06-18 08:15:21 -0300 |
|---|---|---|
| committer | Renato Botelho <renato.botelho@bluepex.com> | 2010-06-18 08:15:21 -0300 |
| commit | 2edfbe9e8a1876962e37b6ac559fb4f6d9cbc060 (patch) | |
| tree | aa41e3e31e62b73901569f3d1f5a899b79599f92 | |
| parent | 6132751b0a44d6eb404f09c4d693b2381624c072 (diff) | |
| parent | 36ff7f81ca06925903ee8565872454d038753d4b (diff) | |
| download | pfsense-2edfbe9e8a1876962e37b6ac559fb4f6d9cbc060.zip pfsense-2edfbe9e8a1876962e37b6ac559fb4f6d9cbc060.tar.gz | |
Merge remote branch 'mainline/master'
| -rw-r--r-- | etc/inc/auth.inc | 20 | ||||
| -rw-r--r-- | etc/inc/captiveportal.inc | 21 | ||||
| -rw-r--r-- | etc/inc/shaper.inc | 6 | ||||
| -rw-r--r-- | usr/local/captiveportal/radius_accounting.inc | 6 | ||||
| -rw-r--r-- | usr/local/captiveportal/radius_authentication.inc | 15 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal.php | 38 | ||||
| -rwxr-xr-x | usr/local/www/wizard.php | 7 |
7 files changed, 84 insertions, 29 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 2e580b1..f9b9d21 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -1098,11 +1098,15 @@ function session_auth() { $_SESSION['Username'] = $_POST['usernamefld']; $_SESSION['last_access'] = time(); log_error("Successful login for user '{$_POST['usernamefld']}' from: {$_SERVER['REMOTE_ADDR']}"); - require_once("functions.inc"); + $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; if (isset($_POST['postafterlogin'])) return true; - else - pfSenseHeader("/{$page}"); + else { + if (empty($page)) + $page = "/"; + header("Location: {$page}"); + } + exit; } else { /* give the user an error message */ $_SESSION['Login_Error'] = "Username or Password incorrect"; @@ -1177,20 +1181,14 @@ function session_auth() { * to submit a HTML form. It basically diables the observation * of the submit event and hence does not trigger Ajax. */ - if ($_GET['disable_ajax']) { + if ($_GET['disable_ajax']) $_SESSION['NO_AJAX'] = "True"; - $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; - return true; - } /* * Same to re-enable Ajax. */ - if ($_GET['enable_ajax']) { + if ($_GET['enable_ajax']) unset($_SESSION['NO_AJAX']); - $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; - return true; - } $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; return true; diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 83d8b31..1b34717 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -1248,10 +1248,21 @@ function getNasID() function getNasIP() { - $nasIp = get_interface_ip(); - if(!$nasIp) - $nasIp = "0.0.0.0"; - return $nasIp; + global $config; + + if (empty($config['captiveportal']['radiussrcip_attribute'])) + $nasIp = get_interface_ip(); + else { + if (is_ipaddr($config['captiveportal']['radiussrcip_attribute'])) + $nasIp = $config['captiveportal']['radiussrcip_attribute']; + else + $nasIp = get_interface_ip($config['captiveportal']['radiussrcip_attribute']); + } + + if(!is_ipaddr($nasIp)) + $nasIp = "0.0.0.0"; + + return $nasIp; } function portal_ip_from_client_ip($cliip) { @@ -1278,4 +1289,4 @@ function portal_ip_from_client_ip($cliip) { return false; } -?>
\ No newline at end of file +?> diff --git a/etc/inc/shaper.inc b/etc/inc/shaper.inc index 0729557..85090bb 100644 --- a/etc/inc/shaper.inc +++ b/etc/inc/shaper.inc @@ -1081,7 +1081,7 @@ class priq_queue { $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\""; if ($this->GetEnabled() == "on") $form .= " CHECKED"; - $form .= " ><span class=\"vexpl\"> Enable/Disable queue and its childs</span>"; + $form .= " ><span class=\"vexpl\"> Enable/Disable queue and its children</span>"; $form .= "</td></tr>"; $form .= "<tr>"; $form .= "<td width=\"22%\" valign=\"top\" class=\"vncellreq\">"; @@ -2929,7 +2929,7 @@ class dnpipe_class extends dummynet_class { $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\""; if ($this->GetEnabled() == "on") $form .= " CHECKED"; - $form .= " ><span class=\"vexpl\"> Enable/Disable limiter and its childs</span>"; + $form .= " ><span class=\"vexpl\"> Enable/Disable limiter and its children</span>"; $form .= "</td></tr>"; $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>"; $form .= "<td class=\"vncellreq\">"; @@ -3172,7 +3172,7 @@ class dnqueue_class extends dummynet_class { $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\""; if ($this->GetEnabled() == "on") $form .= " CHECKED"; - $form .= " ><span class=\"vexpl\"> Enable/Disable queue and its childs</span>"; + $form .= " ><span class=\"vexpl\"> Enable/Disable queue and its children</span>"; $form .= "</td></tr>"; $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>"; $form .= "<td class=\"vncellreq\">"; diff --git a/usr/local/captiveportal/radius_accounting.inc b/usr/local/captiveportal/radius_accounting.inc index 688af74..f57757a 100644 --- a/usr/local/captiveportal/radius_accounting.inc +++ b/usr/local/captiveportal/radius_accounting.inc @@ -67,7 +67,11 @@ function RADIUS_ACCOUNTING_START($ruleno, $username, $sessionid, $radiusservers, break; default: - $calledstationid = get_interface_ip("wan"); + if (is_ipaddr($config['captiveportal']['radiussrcip_attribute'])) + $calledstationid = $config['captiveportal']['radiussrcip_attribute']; + else + $calledstationid = get_interface_ip($config['captiveportal']['radiussrcip_attribute']); + $callingstationid = $clientmac; $callingstationid = $clientmac; } diff --git a/usr/local/captiveportal/radius_authentication.inc b/usr/local/captiveportal/radius_authentication.inc index 7f37b03..1f7e2b5 100644 --- a/usr/local/captiveportal/radius_authentication.inc +++ b/usr/local/captiveportal/radius_authentication.inc @@ -61,13 +61,16 @@ function RADIUS_AUTHENTICATION($username,$password,$radiusservers,$clientip,$cli switch($radiusvendor) { case 'cisco': - $calledstationid = $clientmac; - $callingstationid = $clientip; - break; - + $calledstationid = $clientmac; + $callingstationid = $clientip; + break; default: - $calledstationid = get_interface_ip("wan"); - $callingstationid = $clientmac; + if (is_ipaddr($config['captiveportal']['radiussrcip_attribute'])) + $calledstationid = $config['captiveportal']['radiussrcip_attribute']; + else + $calledstationid = get_interface_ip($config['captiveportal']['radiussrcip_attribute']); + $callingstationid = $clientmac; + break; } // Create our instance diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 5206535..fc5a1a9 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -98,6 +98,7 @@ $pconfig['radiuskey'] = $config['captiveportal']['radiuskey']; $pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2']; $pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor']; $pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']); +$pconfig['radiussrcip_attribute'] = $config['captiveportal']['radiussrcip_attribute']; $pconfig['passthrumacadd'] = isset($config['captiveportal']['passthrumacadd']); $pconfig['passthrumacaddusername'] = isset($config['captiveportal']['passthrumacaddusername']); $pconfig['radmac_format'] = $config['captiveportal']['radmac_format']; @@ -200,6 +201,7 @@ if ($_POST) { $config['captiveportal']['radiuskey2'] = $_POST['radiuskey2']; $config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false; $config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false; + $config['captiveportal']['radiussrcip_attribute'] = $_POST['radiussrcip_attribute']; $config['captiveportal']['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false; $config['captiveportal']['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false; $config['captiveportal']['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false; @@ -263,6 +265,7 @@ function enable_change(enable_change) { document.iform.noconcurrentlogins.disabled = endis; document.iform.radiusvendor.disabled = radius_endis; document.iform.radiussession_timeout.disabled = radius_endis; + document.iform.radiussrcip_attribute.disabled = radius_endis; document.iform.htmlfile.disabled = endis; document.iform.errfile.disabled = endis; document.iform.logoutfile.disabled = endis; @@ -528,6 +531,41 @@ value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td> </tr> <tr> + <td class="vncell" valign="top">Radius ip attribute</td> + <td> + <select name="radiussrcip_attribute" id="radiussrcip_attribute"> + <?php $iflist = get_configured_interface_with_descr(); + foreach ($iflist as $ifdesc => $ifdescr) { + $ipaddr = get_interface_ip($ifdesc); + if (is_ipaddr($ipaddr)) { + $selected = ""; + if ($ipaddr == $pconfig['radiussrcip_attribute']) + $ifdesc = "selected"; + echo "<option value='{$ifdesc}' {$selected}>{$ifdescr} - {$ipaddr}</option>\n"; + } + } + if (is_array($config['virtualip']['vip'])) { + foreach ($config['virtualip']['vip'] as $sn) { + if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") { + $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); + $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); + $len = $end - $start; + + for ($i = 0; $i <= $len; $i++) { + $snip = long2ip32($start+$i); + echo "<option value='{$snip}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$snip}") . "></option>\n"; + } + } else + echo "<option value='{$sn['subnet']}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$sn['subnet']}") . "></option>\n"; + } + } + ?> + </select><br/> + Choose the ip to use for calling station attribute. + </td> + </tr> + + <tr> <td class="vncell" valign="top">Session-Timeout</td> <td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong>Use RADIUS Session-Timeout attributes</strong><br> When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute.</td> diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index 8a5c78f..a59e83d 100755 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -136,14 +136,15 @@ function update_config_field($field, $updatetext, $unset, $arraynum, $field_type * item is a checkbox, it should have the value "on" * if it was checked */ - $text = "unset(\$config" . $field_conv . ");"; + $var = "\$config{$field_conv}"; + $text = "if (isset({$var})) unset({$var});"; eval($text); return; } if($field_type == "interfaces_selection") { - $text = "unset(\$config" . $field_conv . ");"; - eval($text); + $var = "\$config{$field_conv}"; + $text = "if (isset({$var})) unset({$var});"; $text = "\$config" . $field_conv . " = \"" . $updatetext . "\";"; eval($text); return; |
