diff options
| author | gnhb <gnoahb@gmail.com> | 2010-05-29 10:51:00 +0700 |
|---|---|---|
| committer | gnhb <gnoahb@gmail.com> | 2010-05-29 10:51:00 +0700 |
| commit | fda6084959b0cbd010e97330daeccf63b3533902 (patch) | |
| tree | a9e0115124c32cc9ab5413e40be7156dfb5a1d69 /usr/local/www | |
| parent | 3a13f094d51e40b299c461833c2d3691947b77e3 (diff) | |
| parent | 12fa7ea105a69183ba5b97c3ff7de62f97f30dc0 (diff) | |
| download | pfsense-fda6084959b0cbd010e97330daeccf63b3533902.zip pfsense-fda6084959b0cbd010e97330daeccf63b3533902.tar.gz | |
Merge branch 'master' of rcs.pfsense.org:pfsense/mainline
Diffstat (limited to 'usr/local/www')
| -rwxr-xr-x | usr/local/www/diag_dhcp_leases.php | 6 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal.php | 31 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal_filemanager.php | 1 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal_ip.php | 1 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal_mac.php | 12 | ||||
| -rw-r--r-- | usr/local/www/services_captiveportal_vouchers.php | 1 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager.php | 8 | ||||
| -rw-r--r-- | usr/local/www/vpn_ipsec_keys.php | 25 | ||||
| -rw-r--r-- | usr/local/www/vpn_ipsec_keys_edit.php | 11 |
9 files changed, 88 insertions, 8 deletions
diff --git a/usr/local/www/diag_dhcp_leases.php b/usr/local/www/diag_dhcp_leases.php index 58e8351..e8e9409 100755 --- a/usr/local/www/diag_dhcp_leases.php +++ b/usr/local/www/diag_dhcp_leases.php @@ -354,7 +354,7 @@ foreach ($leases as $data) { echo "<tr>\n"; echo "<td class=\"listlr\">{$fspans}{$data['ip']}{$fspane} </td>\n"; if ($data['online'] != "online") { - echo "<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" title=\"send Wake on Lan packet to mac\">{$data['mac']}</a>{$fspane} </td>\n"; + echo "<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" title=\"send Wake on LAN packet to this MAC address\">{$data['mac']}</a>{$fspane} </td>\n"; } else { echo "<td class=\"listr\">{$fspans}{$data['mac']}{$fspane} </td>\n"; } @@ -378,12 +378,12 @@ foreach ($leases as $data) { } echo "<td valign=\"middle\"><a href=\"services_wol_edit.php?if={$data['if']}&mac={$data['mac']}&descr={$data['hostname']}\">"; - echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_wol_all.gif\" width=\"17\" height=\"17\" border=\"0\" title=\"add a Wake on Lan mapping for this MAC address\"></a></td>\n"; + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_wol_all.gif\" width=\"17\" height=\"17\" border=\"0\" title=\"add a Wake on LAN mapping for this MAC address\"></a></td>\n"; /* Only show the button for offline dynamic leases */ if (($data['type'] == "dynamic") && ($data['online'] != "online")) { echo "<td class=\"list\" valign=\"middle\"><a href=\"diag_dhcp_leases.php?deleteip={$data['ip']}&all={$_GET['all']}\">"; - echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"17\" height=\"17\" border=\"0\" title=\"delete this dhcp lease\"></a></td>\n"; + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"17\" height=\"17\" border=\"0\" title=\"delete this DHCP lease\"></a></td>\n"; } echo "</tr>\n"; } diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 6b024d3..331708a 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -57,6 +57,9 @@ if ($_GET['act'] == "viewhtml") { } else if ($_GET['act'] == "viewerrhtml") { echo base64_decode($config['captiveportal']['page']['errtext']); exit; +} else if ($_GET['act'] == "viewlogouthtml") { + echo base64_decode($config['captiveportal']['page']['logouttext']); + exit; } $pconfig['cinterface'] = $config['captiveportal']['interface']; @@ -93,6 +96,7 @@ $pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2']; $pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor']; $pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']); $pconfig['passthrumacadd'] = isset($config['captiveportal']['passthrumacadd']); +$pconfig['passthrumacaddusername'] = isset($config['captiveportal']['passthrumacaddusername']); $pconfig['radmac_format'] = $config['captiveportal']['radmac_format']; if ($_POST) { @@ -194,6 +198,7 @@ if ($_POST) { $config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false; $config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false; $config['captiveportal']['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false; + $config['captiveportal']['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false; $config['captiveportal']['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false; /* file upload? */ @@ -201,6 +206,8 @@ if ($_POST) { $config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name'])); if (is_uploaded_file($_FILES['errfile']['tmp_name'])) $config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name'])); + if (is_uploaded_file($_FILES['logoutfile']['tmp_name'])) + $config['captiveportal']['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name'])); write_config(); @@ -255,6 +262,7 @@ function enable_change(enable_change) { document.iform.radiussession_timeout.disabled = radius_endis; document.iform.htmlfile.disabled = endis; document.iform.errfile.disabled = endis; + document.iform.logoutfile.disabled = endis; document.iform.radiusacctport.disabled = (radius_endis || !document.iform.radacct_enable.checked) && !enable_change; @@ -280,6 +288,7 @@ function enable_change(enable_change) { $tab_array[] = array("Allowed IP addresses", false, "services_captiveportal_ip.php"); $tab_array[] = array("Vouchers", false, "services_captiveportal_vouchers.php"); $tab_array[] = array("File Manager", false, "services_captiveportal_filemanager.php"); + $tab_array[] = array("Auth Logs", false, "diag_logs_auth.php"); display_top_tabs($tab_array); ?> </td></tr> <tr> @@ -370,7 +379,13 @@ to access after they've authenticated.</td> <strong>Enable Pass-through MAC automatic additions</strong><br> If this option is set, a MAC passthrough entry is automatically added after the user has successfully authenticated. Users of that MAC address will never have to authenticate again. To remove the passthrough MAC entry you either have to log in and remove it manually from the <a href="services_captiveportal_mac.php">Pass-through MAC tab</a> or send a POST from another system to remove it. - If this is enabled, RADIUS MAC authentication cannot be used. Also, the logout window will not be shown.</td> + If this is enabled, RADIUS MAC authentication cannot be used. Also, the logout window will not be shown. + <br/><br/> + <input name="passthrumacaddusername" type="checkbox" class="formfld" id="passthrumacaddusername" value="yes" <?php if ($pconfig['passthrumacaddusername']) echo "checked"; ?>> + <strong>Enable Pass-through MAC automatic addition with username</strong><br> + If this option is set, with the automatically MAC passthrough entry created the username, used during authentication, will be saved. + To remove the passthrough MAC entry you either have to log in and remove it manually from the <a href="services_captiveportal_mac.php">Pass-through MAC tab</a> or send a POST from another system to remove it. + </td> </tr> <tr> <td valign="top" class="vncell">Per-user bandwidth restriction</td> @@ -636,6 +651,20 @@ The contents of the HTML/PHP file that you upload here are displayed when an aut You may include "$PORTAL_MESSAGE$", which will be replaced by the error or reply messages from the RADIUS server, if any.</td> </tr> <tr> + <td width="22%" valign="top" class="vncell">Logout<br> + page<br> + contents</td> + <td class="vtable"> + <input name="logoutfile" type="file" class="formfld file" id="logoutfile"><br> + <?php if ($config['captiveportal']['page']['logouttext']): ?> + <a href="?act=viewlogouthtml" target="_blank">View current page</a> + <br> + <br> + <?php endif; ?> +The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. +You may include "$PORTAL_MESSAGE$", which will be replaced by the error or reply messages from the RADIUS server, if any.</td> + </tr> + <tr> <td width="22%" valign="top"> </td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)"> diff --git a/usr/local/www/services_captiveportal_filemanager.php b/usr/local/www/services_captiveportal_filemanager.php index 328f293..2c8d815 100755 --- a/usr/local/www/services_captiveportal_filemanager.php +++ b/usr/local/www/services_captiveportal_filemanager.php @@ -137,6 +137,7 @@ include("head.inc"); $tab_array[] = array("Allowed IP addresses", false, "services_captiveportal_ip.php"); $tab_array[] = array("Vouchers", false, "services_captiveportal_vouchers.php"); $tab_array[] = array("File Manager", true, "services_captiveportal_filemanager.php"); + $tab_array[] = array("Auth Logs", false, "diag_logs_auth.php"); display_top_tabs($tab_array); ?> </td></tr> <tr> diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index 4bf2cf9..61e05e5 100755 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -85,6 +85,7 @@ include("head.inc"); $tab_array[] = array("Allowed IP addresses", true, "services_captiveportal_ip.php"); $tab_array[] = array("Vouchers", false, "services_captiveportal_vouchers.php"); $tab_array[] = array("File Manager", false, "services_captiveportal_filemanager.php"); + $tab_array[] = array("Auth Logs", false, "diag_logs_auth.php"); display_top_tabs($tab_array); ?> </td></tr> diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index 7c40b85..3e459f4 100755 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -64,8 +64,15 @@ if ($_POST) { clear_subsystem_dirty('passthrumac'); } - if ($_POST['delmac'] && $_POST['postafterlogin']) { - if (is_array($a_passthrumacs)) { + if ($_POST['postafterlogin']) { + if (!is_array($a_passthrumacs)) + exit; + if ($_POST['username']) { + $mac = captiveportal_passthrumac_findbyname($_POST['username']); + if (!empty($mac)) + $_POST['delmac'] = $mac['mac']; + } + if ($_POST['delmac']) { $found = false; foreach ($a_passthrumacs as $idx => $macent) { if ($macent['mac'] == $_POST['delmac']) { @@ -118,6 +125,7 @@ include("head.inc"); $tab_array[] = array("Allowed IP addresses", false, "services_captiveportal_ip.php"); $tab_array[] = array("Vouchers", false, "services_captiveportal_vouchers.php"); $tab_array[] = array("File Manager", false, "services_captiveportal_filemanager.php"); + $tab_array[] = array("Auth Logs", false, "diag_logs_auth.php"); display_top_tabs($tab_array); ?> </td></tr> diff --git a/usr/local/www/services_captiveportal_vouchers.php b/usr/local/www/services_captiveportal_vouchers.php index c43de08..de305b7 100644 --- a/usr/local/www/services_captiveportal_vouchers.php +++ b/usr/local/www/services_captiveportal_vouchers.php @@ -244,6 +244,7 @@ function enable_change(enable_change) { $tab_array[] = array("Allowed IP addresses", false, "services_captiveportal_ip.php"); $tab_array[] = array("Vouchers", true, "services_captiveportal_vouchers.php"); $tab_array[] = array("File Manager", false, "services_captiveportal_filemanager.php"); + $tab_array[] = array("Auth Logs", false, "diag_logs_auth.php"); display_top_tabs($tab_array); ?> </ul> diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 1224f6a..c3da004 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -158,6 +158,7 @@ if (isAllowedPage("system_usermanager")) { $pconfig['uid'] = $a_user[$id]['uid']; $pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']); $pconfig['priv'] = $a_user[$id]['priv']; + $pconfig['ipsecpsk'] = $a_user[$id]['ipsecpsk']; $pconfig['disabled'] = isset($a_user[$id]['disabled']); } } @@ -270,6 +271,7 @@ if (isAllowedPage("system_usermanager")) { $userent['fullname'] = $_POST['fullname']; $userent['expires'] = $_POST['expires']; $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); + $userent['ipsecpsk'] = $_POST['ipsecpsk']; if($_POST['disabled']) $userent['disabled'] = true; @@ -728,6 +730,12 @@ function sshkeyClicked(obj) { <?=gettext("Paste an authorized keys file here.");?> </td> </tr> + <tr id="ipsecpskrow" name="ipsecpskrow"> + <td width="22%" valign="top" class="vncell"><?=gettext("IPsec Pre-Shared Key");?></td> + <td width="78%" class="vtable"> + <input name="ipsecpsk" type="text" class="formfld unknown" id="ipsecpsk" size="65" value="<?=htmlspecialchars($pconfig['ipsecpsk']);?>"> + </td> + </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> diff --git a/usr/local/www/vpn_ipsec_keys.php b/usr/local/www/vpn_ipsec_keys.php index 59bb57c..2a232f3 100644 --- a/usr/local/www/vpn_ipsec_keys.php +++ b/usr/local/www/vpn_ipsec_keys.php @@ -46,6 +46,18 @@ if (!is_array($config['ipsec']['mobilekey'])) { ipsec_mobilekey_sort(); $a_secret = &$config['ipsec']['mobilekey']; +$userkeys = array(); +foreach ($config['system']['user'] as $id => $user) { + if (isset($user['ipsecpsk'])) { + $k = array(); + $k["ident"] = $user['name']; + $k["pre-shared-key"] = $user['ipsecpsk']; + $k["id"] = $id; + $userkeys[] = $k; + } +} + + if ($_GET['act'] == "del") { if ($a_secret[$_GET['id']]) { unset($a_secret[$_GET['id']]); @@ -98,6 +110,19 @@ if (is_subsystem_dirty('ipsec')) </table> </td> </tr> + <?php $i = 0; foreach ($userkeys as $secretent): ?> + <tr> + <td class="listlr gray"> + <?=htmlspecialchars($secretent['ident']);?> + </td> + <td class="listr gray"> + <?=htmlspecialchars($secretent['pre-shared-key']);?> + </td> + <td class="list" nowrap><a href="system_usermanager.php?act=edit&id=<?=$secretent['id'];?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit key" width="17" height="17" border="0"></a> + </td> + </tr> + <?php $i++; endforeach; ?> + <?php $i = 0; foreach ($a_secret as $secretent): ?> <tr> <td class="listlr"> diff --git a/usr/local/www/vpn_ipsec_keys_edit.php b/usr/local/www/vpn_ipsec_keys_edit.php index 6e0db5b..20ac6c0 100644 --- a/usr/local/www/vpn_ipsec_keys_edit.php +++ b/usr/local/www/vpn_ipsec_keys_edit.php @@ -56,6 +56,10 @@ if (isset($id) && $a_secret[$id]) { } if ($_POST) { + $userids = array(); + foreach ($config['system']['user'] as $id => $user) { + $userids[$user['name']] = $id; + } unset($input_errors); $pconfig = $_POST; @@ -68,6 +72,9 @@ if ($_POST) { if (preg_match("/[^a-zA-Z0-9@\.\-]/", $_POST['ident'])) $input_errors[] = "The identifier contains invalid characters."; + + if (array_key_exists($_POST['ident'], $userids)) + $input_errors[] = "A user with this name already exists. Add the key to the user instead."; if (!$input_errors && !(isset($id) && $a_secret[$id])) { /* make sure there are no dupes */ @@ -117,7 +124,7 @@ include("head.inc"); <tr> <td valign="top" class="vncellreq">Identifier</td> <td class="vtable"> - <?=$mandfldhtml;?><input name="ident" type="text" class="formfld" id="ident" size="30" value="<?=$pconfig['ident'];?>"> + <?=$mandfldhtml;?><input name="ident" type="text" class="formfld unknown" id="ident" size="30" value="<?=$pconfig['ident'];?>"> <br> This can be either an IP address, fully qualified domain name or an e-mail address. </td> @@ -125,7 +132,7 @@ This can be either an IP address, fully qualified domain name or an e-mail addre <tr> <td width="22%" valign="top" class="vncellreq">Pre-shared key</td> <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="psk" type="text" class="formfld" id="psk" size="40" value="<?=htmlspecialchars($pconfig['psk']);?>"> + <?=$mandfldhtml;?><input name="psk" type="text" class="formfld unknown" id="psk" size="40" value="<?=htmlspecialchars($pconfig['psk']);?>"> </td> </tr> <tr> |
