diff options
| -rw-r--r-- | etc/inc/captiveportal.inc | 36 | ||||
| -rw-r--r-- | etc/inc/radius.inc | 10 | ||||
| -rw-r--r-- | usr/local/captiveportal/radius_accounting.inc | 2 | ||||
| -rw-r--r-- | usr/local/captiveportal/radius_authentication.inc | 3 |
4 files changed, 29 insertions, 22 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index e7afdf7..f4de2fa 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -569,7 +569,7 @@ EOD; /* * Remove clients that have been around for longer than the specified amount of time * db file structure: - * timestamp,ipfw_rule_no,clientip,clientmac,username,sessionid,password,session_timeout,idle_timeout,session_terminate_time + * timestamp,ipfw_rule_no,clientip,clientmac,username,sessionid,password,session_timeout,idle_timeout,session_terminate_time,interim_interval * (password is in Base64 and only saved when reauthentication is enabled) */ function captiveportal_prune_old() { @@ -700,15 +700,24 @@ function captiveportal_prune_old() { $cpentry[2], // clientip $cpentry[3]); // clientmac } else if ($cpcfg['reauthenticateacct'] == "interimupdate") { - RADIUS_ACCOUNTING_STOP($cpentry[1], // ruleno - $cpentry[4], // username - $cpentry[5], // sessionid - $cpentry[0], // start time - $radiusservers, - $cpentry[2], // clientip - $cpentry[3], // clientmac - 10, // NAS Request - true); // Interim Updates + $session_time = $pruning_time - $cpentry[0]; + if (!empty($cpentry[10]) && $cpentry[10] > 60) + $interval = $cpentry[10]; + else + $interval = 0; + $past_interval_min = ($session_time > $interval); + $within_interval = ($session_time % $interval >= 0 && $session_time % $interval <= 59); + if (($interval > 0 && $past_interval_min && $within_interval) || $interval === 0) { + RADIUS_ACCOUNTING_STOP($cpentry[1], // ruleno + $cpentry[4], // username + $cpentry[5], // sessionid + $cpentry[0], // start time + $radiusservers, + $cpentry[2], // clientip + $cpentry[3], // clientmac + 10, // NAS Request + true); // Interim Updates + } } } @@ -1211,7 +1220,7 @@ function captiveportal_opendb() { else { $errormsg = ""; $DB = @sqlite_open("{$g['vardb_path']}/captiveportal{$cpzone}.db"); - if (@sqlite_exec($DB, "CREATE TABLE captiveportal (allow_time INTEGER, pipeno INTEGER, ip TEXT, mac TEXT, username TEXT, sessionid TEXT, bpassword TEXT, session_timeout INTEGER, idle_timeout INTEGER, session_terminate_time INTEGER) ", $errormsg)) { + if (@sqlite_exec($DB, "CREATE TABLE captiveportal (allow_time INTEGER, pipeno INTEGER, ip TEXT, mac TEXT, username TEXT, sessionid TEXT, bpassword TEXT, session_timeout INTEGER, idle_timeout INTEGER, session_terminate_time INTEGER, interim_interval INTEGER) ", $errormsg)) { @sqlite_exec($DB, "CREATE UNIQUE INDEX idx_active ON captiveportal (sessionid, username)"); @sqlite_exec($DB, "CREATE INDEX user ON captiveportal (username)"); @sqlite_exec($DB, "CREATE INDEX ip ON captiveportal (ip)"); @@ -1866,15 +1875,16 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut $session_timeout = (!empty($attributes['session_timeout'])) ? $attributes['session_timeout'] : 'NULL'; $idle_timeout = (!empty($attributes['idle_timeout'])) ? $attributes['idle_timeout'] : 'NULL'; $session_terminate_time = (!empty($attributes['session_terminate_time'])) ? $attributes['session_terminate_time'] : 'NULL'; + $interim_interval = (!empty($attributes['interim_interval'])) ? $attributes['interim_interval'] : 'NULL'; /* escape username */ $safe_username = sqlite_escape_string($username); /* encode password in Base64 just in case it contains commas */ $bpassword = base64_encode($password); - $insertquery = "INSERT INTO captiveportal (allow_time, pipeno, ip, mac, username, sessionid, bpassword, session_timeout, idle_timeout, session_terminate_time) "; + $insertquery = "INSERT INTO captiveportal (allow_time, pipeno, ip, mac, username, sessionid, bpassword, session_timeout, idle_timeout, session_terminate_time, interim_interval) "; $insertquery .= "VALUES ({$allow_time}, {$pipeno}, '{$clientip}', '{$clientmac}', '{$safe_username}', '{$sessionid}', '{$bpassword}', "; - $insertquery .= "{$session_timeout}, {$idle_timeout}, {$session_terminate_time})"; + $insertquery .= "{$session_timeout}, {$idle_timeout}, {$session_terminate_time}, {$interim_interval})"; /* store information to database */ captiveportal_write_db($insertquery); diff --git a/etc/inc/radius.inc b/etc/inc/radius.inc index 3607d05..6059b73 100644 --- a/etc/inc/radius.inc +++ b/etc/inc/radius.inc @@ -306,11 +306,8 @@ class Auth_RADIUS extends PEAR { $this->putAttribute(RADIUS_NAS_IP_ADDRESS, $ipaddr, "addr"); // Add support for sending NAS-Identifier - $nasId = ""; - exec("/bin/hostname", $nasId); - if(!$nasId[0]) - $nasId[0] = "{$g['product_name']}"; - $this->putAttribute(RADIUS_NAS_IDENTIFIER, $nasId[0]); + $nasId = php_uname("n"); + $this->putAttribute(RADIUS_NAS_IDENTIFIER, $nasId); } /** @@ -645,7 +642,7 @@ class Auth_RADIUS extends PEAR { break; case 85: /* Acct-Interim-Interval: RFC 2869 */ - $this->attributes['interim-interval'] = radius_cvt_int($datav); + $this->attributes['interim_interval'] = radius_cvt_int($datav); break; } } @@ -1071,6 +1068,7 @@ class Auth_RADIUS_Acct extends Auth_RADIUS $this->putAttribute(RADIUS_ACCT_AUTHENTIC, $this->authentic); } + $this->putStandardAttributes(); } } diff --git a/usr/local/captiveportal/radius_accounting.inc b/usr/local/captiveportal/radius_accounting.inc index 0a1300c..2485f06 100644 --- a/usr/local/captiveportal/radius_accounting.inc +++ b/usr/local/captiveportal/radius_accounting.inc @@ -149,7 +149,6 @@ function RADIUS_ACCOUNTING_START($ruleno, $username, $sessionid, $radiusservers, */ // Default attributes - $racct->putAttribute(RADIUS_SERVICE_TYPE, RADIUS_LOGIN); $racct->putAttribute(RADIUS_NAS_PORT_TYPE, RADIUS_ETHERNET); $racct->putAttribute(RADIUS_NAS_PORT, $nas_port, 'integer'); $racct->putAttribute(RADIUS_ACCT_SESSION_ID, $sessionid); @@ -257,7 +256,6 @@ function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radius define("RADIUS_ACCT_OUTPUT_GIGAWORDS", "53"); // Default attributes - $racct->putAttribute(RADIUS_SERVICE_TYPE, RADIUS_LOGIN); $racct->putAttribute(RADIUS_NAS_PORT_TYPE, RADIUS_ETHERNET); $racct->putAttribute(RADIUS_NAS_PORT, $nas_port, 'integer'); $racct->putAttribute(RADIUS_ACCT_SESSION_ID, $sessionid); diff --git a/usr/local/captiveportal/radius_authentication.inc b/usr/local/captiveportal/radius_authentication.inc index df9a368..92890b8 100644 --- a/usr/local/captiveportal/radius_authentication.inc +++ b/usr/local/captiveportal/radius_authentication.inc @@ -85,7 +85,8 @@ function RADIUS_AUTHENTICATION($username,$password,$radiusservers,$clientip,$cli $radiusvendor = $config['captiveportal'][$cpzone]['radiusvendor'] ? $config['captiveportal'][$cpzone]['radiusvendor'] : null; $radius_protocol = $config['captiveportal'][$cpzone]['radius_protocol']; // Do we even need to set it to NULL? - $retvalue['error'] = $retvalue['reply_message'] = $retvalue['url_redirection'] = $retvalue['session_timeout'] = $retvalue['idle_timeout'] = $retvalue['session_terminate_time'] = null; + $retvalue['error'] = $retvalue['reply_message'] = $retvalue['url_redirection'] = $retvalue['session_timeout'] = null; + $retvalue['idle_timeout'] = $retvalue['session_terminate_time'] = $retvalue['interim_interval'] = null; switch($radiusvendor) { |
