diff options
| author | Ermal <eri@pfsense.org> | 2011-09-07 19:59:56 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2011-09-07 19:59:56 +0000 |
| commit | ebc0e4b6fdaed4d774e7e312994b4dc34ec095fa (patch) | |
| tree | 3c45a668523e56d2136450c1c1755a35b64e1ce2 /usr/local/captiveportal | |
| parent | 5b4f3f1b6055ed2577bf973aff52d6f609bb40b7 (diff) | |
| download | pfsense-ebc0e4b6fdaed4d774e7e312994b4dc34ec095fa.zip pfsense-ebc0e4b6fdaed4d774e7e312994b4dc34ec095fa.tar.gz | |
Add support for multiple radius server to be used during authentication
Diffstat (limited to 'usr/local/captiveportal')
| -rwxr-xr-x | usr/local/captiveportal/index.php | 30 |
1 files changed, 24 insertions, 6 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 9ed509f..04f0cc6 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -107,6 +107,11 @@ if (file_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db")) { $radmac_enable = TRUE; } +/* find radius context */ +$radiusctx = 'first'; +if ($_POST['auth_user2']) + $radiusctx = 'second'; + if ($_POST['logout_id']) { echo <<<EOD <HTML> @@ -126,7 +131,7 @@ setTimeout('window.close();',5000) ; EOD; captiveportal_disconnect_client($_POST['logout_id']); exit; -} else if ($clientmac && $radmac_enable && portal_mac_radius($clientmac,$clientip)) { +} else if ($clientmac && $radmac_enable && portal_mac_radius($clientmac,$clientip, $radiusctx)) { /* radius functions handle everything so we exit here since we're done */ exit; @@ -164,8 +169,15 @@ EOD; } else if ($_POST['accept'] && $radius_enable) { - if ($_POST['auth_user'] && $_POST['auth_pass']) { - $auth_list = radius($_POST['auth_user'],$_POST['auth_pass'],$clientip,$clientmac,"USER LOGIN"); + if (($_POST['auth_user'] && $_POST['auth_pass']) || ($_POST['auth_user2'] && $_POST['auth_pass2'])) { + if (!empty($_POST['auth_user'])) { + $user = $_POST['auth_user']; + $paswd = $_POST['auth_pass']; + } else if (!empty($_POST['auth_user2'])) { + $user = $_POST['auth_user2']; + $paswd = $_POST['auth_pass2']; + } + $auth_list = radius($user,$paswd,$clientip,$clientmac,"USER LOGIN", $radiusctx); $type = "error"; if (!empty($auth_list['url_redirection'])) { $redirurl = $auth_list['url_redirection']; @@ -173,15 +185,21 @@ EOD; } if ($auth_list['auth_val'] == 1) { - captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"ERROR",$auth_list['error']); + captiveportal_logportalauth($user,$clientmac,$clientip,"ERROR",$auth_list['error']); portal_reply_page($redirurl, $type, $auth_list['error'] ? $auth_list['error'] : $errormsg); } else if ($auth_list['auth_val'] == 3) { - captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"FAILURE",$auth_list['reply_message']); + captiveportal_logportalauth($user,$clientmac,$clientip,"FAILURE",$auth_list['reply_message']); portal_reply_page($redirurl, $type, $auth_list['reply_message'] ? $auth_list['reply_message'] : $errormsg); } } else { - captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"ERROR"); + if (!empty($_POST['auth_user'])) + $user = $_POST['auth_user']; + else if (!empty($_POST['auth_user2'])) + $user = $_POST['auth_user2']; + else + $user = 'unknown'; + captiveportal_logportalauth($user ,$clientmac,$clientip,"ERROR"); portal_reply_page($redirurl, "error", $errormsg); } |
