diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2006-02-05 19:53:50 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2006-02-05 19:53:50 +0000 |
| commit | 63fff79b85211c5b77417bd08f0f3c2139a430cd (patch) | |
| tree | 5d15c17727677fe0b2b4a7d706b997876c4c609d /etc | |
| parent | fb1d96c3fe02b8e23ac44a2ffb9834a1a710a291 (diff) | |
| download | pfsense-63fff79b85211c5b77417bd08f0f3c2139a430cd.zip pfsense-63fff79b85211c5b77417bd08f0f3c2139a430cd.tar.gz | |
Fix HTTPS captive portal option
Ticket #732
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/captiveportal.inc | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 155b671..acc1461 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -53,6 +53,7 @@ function captiveportal_configure() { /* kill any running mini_httpd */ killbypid("{$g['varrun_path']}/lighty-CaptivePortal.pid"); + killbypid("{$g['varrun_path']}/lighty-CaptivePortal-SSL.pid"); /* kill any running minicron */ killbypid("{$g['varrun_path']}/minicron.pid"); @@ -159,7 +160,7 @@ EOD; mwexec("/sbin/ipfw -f delete set 2"); mwexec("/sbin/ipfw -f delete set 3"); - /* XXX - seems like ipfw cannot accept rules directly on stdin, + /* ipfw cannot accept rules directly on stdin, so we have to write them to a temporary file first */ $fd = @fopen("{$g['tmp_path']}/ipfw.cp.rules", "w"); if (!$fd) { @@ -184,27 +185,32 @@ EOD; */ $use_fastcgi = false; - $cp_port = "8000"; - if(isset($config['captiveportal']['httpslogin'])) { $cert = base64_decode($config['captiveportal']['certificate']); $key = base64_decode($config['captiveportal']['private-key']); - $cp_port = "8001"; + /* generate lighttpd configuration */ + system_generate_lighty_config("{$g['varetc_path']}/lighty-CaptivePortal-SSL.conf", + $cert, $key, "lighty-CaptivePortal-ssl.pid", "8001", "/usr/local/captiveportal/", + "cert-portal.pem", "1", $maxproc, $use_fastcgi, true); } if ($config['captiveportal']['maxproc']) $maxproc = $config['captiveportal']['maxproc']; else $maxproc = 16; - + /* generate lighttpd configuration */ system_generate_lighty_config("{$g['varetc_path']}/lighty-CaptivePortal.conf", - $cert, $key, "lighty-CaptivePortal.pid", $cp_port, "/usr/local/captiveportal/", + "", "", "lighty-CaptivePortal.pid", "8000", "/usr/local/captiveportal/", "cert-portal.pem", "1", $maxproc, $use_fastcgi, true); - + /* attempt to start lighttpd */ $res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-CaptivePortal.conf"); + /* fire up https instance */ + if(isset($config['captiveportal']['httpslogin'])) + $res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-CaptivePortal-SSL.conf"); + /* start pruning process (interval defaults to 60 seconds) */ mwexec("/usr/local/bin/minicron $croninterval {$g['varrun_path']}/minicron.pid " . "/etc/rc.prunecaptiveportal"); @@ -219,7 +225,7 @@ EOD; ($config['captiveportal']['auth_method'] == "radius"))) { $radiusip = $config['captiveportal']['radiusip']; $radiusip2 = ($config['captiveportal']['radiusip2']) ? $config['captiveportal']['radiusip2'] : null; - + if ($config['captiveportal']['radiusport']) $radiusport = $config['captiveportal']['radiusport']; else @@ -721,6 +727,7 @@ function captiveportal_allowedip_configure() { function captiveportal_get_last_activity($ruleno) { $ipfwoutput = ""; + exec("/sbin/ipfw -T list {$ruleno} 2>/dev/null", $ipfwoutput); /* in */ |
