diff options
author | jim-p <jimp@pfsense.org> | 2017-05-08 11:19:46 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2017-05-08 11:19:46 -0400 |
commit | d4e42c54a2b7d9c955b11ad3034a186a73159f1a (patch) | |
tree | c95a029b3e0edb99cb835a4608e7f0f73d92fd0e /src/etc/inc | |
parent | 1ba646755d1d62ad7ca1aa75b9c7e5adee7d1260 (diff) | |
download | pfsense-d4e42c54a2b7d9c955b11ad3034a186a73159f1a.zip pfsense-d4e42c54a2b7d9c955b11ad3034a186a73159f1a.tar.gz |
Only cache CP RADIUS Auth credentials when reauthentication is enabled. Fixes #7528
Diffstat (limited to 'src/etc/inc')
-rw-r--r-- | src/etc/inc/captiveportal.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/etc/inc/captiveportal.inc b/src/etc/inc/captiveportal.inc index e3c7b7b..22138fe 100644 --- a/src/etc/inc/captiveportal.inc +++ b/src/etc/inc/captiveportal.inc @@ -2301,7 +2301,7 @@ function portal_allow($clientip, $clientmac, $username, $password = null, $attri $safe_username = SQLite3::escapeString($username); /* encode password in Base64 just in case it contains commas */ - $bpassword = base64_encode($password); + $bpassword = (isset($config['captiveportal'][$cpzone]['reauthenticate'])) ? base64_encode($password) : ''; $insertquery = "INSERT INTO captiveportal (allow_time, pipeno, ip, mac, username, sessionid, bpassword, session_timeout, idle_timeout, session_terminate_time, interim_interval, radiusctx) "; $insertquery .= "VALUES ({$allow_time}, {$pipeno}, '{$clientip}', '{$clientmac}', '{$safe_username}', '{$sessionid}', '{$bpassword}', "; $insertquery .= "{$session_timeout}, {$idle_timeout}, {$session_terminate_time}, {$interim_interval}, '{$radiusctx}')"; |