From eaca40dffe3f8bd349163e04f4f0489978a40029 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 14 Dec 2010 22:27:32 +0000 Subject: Cleanup of whitespace and use exclusive lock during reconfiguration of vouchers. --- etc/inc/voucher.inc | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index 3b8e1ac..98a5340 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -250,15 +250,15 @@ function voucher_auth($voucher_received, $test = 0) { function voucher_configure() { global $config, $g; - - /* kill any running minicron */ - killbypid("{$g['varrun_path']}/vouchercron.pid"); - if (isset($config['voucher']['enable'])) { + /* kill any running minicron */ + killbypid("{$g['varrun_path']}/vouchercron.pid"); - if ($g['booting']) { + if (isset($config['voucher']['enable'])) + return 0; + + if ($g['booting']) echo "Enabling voucher support... "; - } // start cron if we're asked to save runtime DB periodically // to XML config if it changed @@ -269,7 +269,8 @@ function voucher_configure() { "/etc/rc.savevoucher"); } - $voucherlck = lock('voucher'); + $voucherlck = lock('voucher', LOCK_EX); + /* write public key used to verify vouchers */ $pubkey = base64_decode($config['voucher']['publickey']); $fd = fopen("{$g['varetc_path']}/voucher.public", "w"); @@ -323,8 +324,8 @@ function voucher_configure() { unlock($voucherlck); echo "done\n"; } - } - return 0; + + return 0; } /* write bitstring of used vouchers to ramdisk. @@ -483,4 +484,4 @@ function voucher_save_db_to_config() { return; } -?> \ No newline at end of file +?> -- cgit v1.1 From 666bc4d16174a67f72e3487f9b125ea890739fc0 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 14 Dec 2010 22:39:48 +0000 Subject: Ticket #1087. Cleanup whitespace and also do not rely on having the db dirty flag set for backing up the dbs but always do this! --- etc/inc/voucher.inc | 115 ++++++++++++++++++++++------------------------------ 1 file changed, 49 insertions(+), 66 deletions(-) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index 98a5340..59f4a98 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -88,21 +88,19 @@ EOF; } /* - *Authenticate a voucher and return the remaining time credit in minutes + * Authenticate a voucher and return the remaining time credit in minutes * if $test is set, don't mark the voucher as used nor add it to the list * of active vouchers + * If $test is set, simply test the voucher. Don't change anything + * but return a more verbose error and result message back */ function voucher_auth($voucher_received, $test = 0) { - global $g, $config; - // if $test is set, simply test the voucher. Don't change anything - // but return a more verbose error and result message back - $voucherlck = lock('voucher'); // XMLRPC Call over to the master Voucher node - $a_voucher = &$config['voucher']; + $a_voucher = &$config['voucher']; if($a_voucher['vouchersyncdbip']) { $syncip = $a_voucher['vouchersyncdbip']; $syncport = $a_voucher['vouchersyncport']; @@ -138,9 +136,9 @@ function voucher_auth($voucher_received, $test = 0) { $result = exec("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher.cfg -k {$g['varetc_path']}/voucher.public -- $v"); list($status, $roll, $nr) = explode(" ", $result); if ($status == "OK") { - if (!$first_voucher) - { - $first_voucher = $voucher; // store first voucher. Thats the one we give the timecredit + if (!$first_voucher) { + // store first voucher. Thats the one we give the timecredit + $first_voucher = $voucher; $first_voucher_roll = $roll; } // check if we have this ticket on a registered roll for this ticket @@ -191,7 +189,7 @@ function voucher_auth($voucher_received, $test = 0) { } else { $test_result[] = "Access granted for $total_minutes Minutes in total."; } - unlock($voucherlck); + unlock($voucherlck); return $test_result; } @@ -200,7 +198,7 @@ function voucher_auth($voucher_received, $test = 0) { // the user wouldn't know that he used at least one invalid voucher. if ($error) { - unlock($voucherlck); + unlock($voucherlck); if ($total_minutes > 0) // probably not needed, but want to make sure $total_minutes = 0; // we only report -1 (expired) or 0 (no access) return $total_minutes; // well, at least one voucher had errors. Say NO ACCESS @@ -240,9 +238,6 @@ function voucher_auth($voucher_received, $test = 0) { $active_vouchers[$first_voucher_roll][$first_voucher] = "$timestamp,$minutes"; voucher_write_active_db($roll, $active_vouchers[$first_voucher_roll]); - // mark the DB's as dirty. - mark_subsystem_dirty('voucher'); - unlock($voucherlck); return $total_minutes; @@ -275,13 +270,13 @@ function voucher_configure() { $pubkey = base64_decode($config['voucher']['publickey']); $fd = fopen("{$g['varetc_path']}/voucher.public", "w"); if (!$fd) { - printf("Error: cannot write voucher.public\n"); + log_error("Voucher error: cannot write voucher.public\n"); unlock($voucherlck); return 1; } - chmod("{$g['varetc_path']}/voucher.public", 0600); fwrite($fd, $pubkey); fclose($fd); + @chmod("{$g['varetc_path']}/voucher.public", 0600); /* write config file used by voucher binary to decode vouchers */ $fd = fopen("{$g['varetc_path']}/voucher.cfg", "w"); @@ -290,9 +285,9 @@ function voucher_configure() { unlock($voucherlck); return 1; } - chmod("{$g['varetc_path']}/voucher.cfg", 0600); fwrite($fd, "{$config['voucher']['rollbits']},{$config['voucher']['ticketbits']},{$config['voucher']['checksumbits']},{$config['voucher']['magic']},{$config['voucher']['charset']}\n"); fclose($fd); + @chmod("{$g['varetc_path']}/voucher.cfg", 0600); unlock($voucherlck); if ($g['booting']) { @@ -332,53 +327,48 @@ function voucher_configure() { * Bitstring must already be base64_encoded! */ function voucher_write_used_db($roll, $vdb) { - - global $g; - - $fd = fopen("{$g['vardb_path']}/voucher_used_$roll.db", "w"); - if ($fd) { - fwrite($fd, $vdb . "\n"); - fclose($fd); - } else { - voucher_log(LOG_ERR, "cant write {$g['vardb_path']}/voucher_used_$roll.db"); - } + global $g; + + $fd = fopen("{$g['vardb_path']}/voucher_used_$roll.db", "w"); + if ($fd) { + fwrite($fd, $vdb . "\n"); + fclose($fd); + } else + voucher_log(LOG_ERR, "cant write {$g['vardb_path']}/voucher_used_$roll.db"); } /* return assoc array of active vouchers with activation timestamp * voucher is index. */ function voucher_read_active_db($roll) { - - global $g; - - $active = array(); - $dirty = 0; - $file = "{$g['vardb_path']}/voucher_active_$roll.db"; - if (file_exists($file)) { - $fd = fopen($file, "r"); - if ($fd) { - while (!feof($fd)) { - $line = trim(fgets($fd)); - if ($line) { - list($voucher,$timestamp,$minutes) = explode(",", $line); // voucher,timestamp - if ((($timestamp + 60*$minutes) - time()) > 0) { - $active[$voucher] = "$timestamp,$minutes"; - } else { - $dirty=1; - } - } - } - fclose($fd); - if ($dirty) // if we found expired entries, lets save our snapshot - voucher_write_active_db($roll, $active); - } - } - return $active; + global $g; + + $active = array(); + $dirty = 0; + $file = "{$g['vardb_path']}/voucher_active_$roll.db"; + if (file_exists($file)) { + $fd = fopen($file, "r"); + if ($fd) { + while (!feof($fd)) { + $line = trim(fgets($fd)); + if ($line) { + list($voucher,$timestamp,$minutes) = explode(",", $line); // voucher,timestamp + if ((($timestamp + 60*$minutes) - time()) > 0) + $active[$voucher] = "$timestamp,$minutes"; + else + $dirty=1; + } + } + fclose($fd); + if ($dirty) // if we found expired entries, lets save our snapshot + voucher_write_active_db($roll, $active); + } + } + return $active; } /* store array of active vouchers back to DB */ function voucher_write_active_db($roll, $active) { - global $g; $fd = fopen("{$g['vardb_path']}/voucher_active_$roll.db", "w"); @@ -391,7 +381,6 @@ function voucher_write_active_db($roll, $active) { /* return how many vouchers are marked used on a roll */ function voucher_used_count($roll) { - global $g; $bitstring = voucher_read_used_db($roll); @@ -408,7 +397,6 @@ function voucher_used_count($roll) { } function voucher_read_used_db($roll) { - global $g; $vdb = ""; @@ -426,10 +414,9 @@ function voucher_read_used_db($roll) { } function voucher_unlink_db($roll) { - global $g; - unlink("{$g['vardb_path']}/voucher_used_$roll.db"); - unlink("{$g['vardb_path']}/voucher_active_$roll.db"); + @unlink("{$g['vardb_path']}/voucher_used_$roll.db"); + @unlink("{$g['vardb_path']}/voucher_active_$roll.db"); } /* we share the log with captiveportal for now */ @@ -446,20 +433,15 @@ function voucher_log($priority, $message) { * Called during reboot -> system_reboot_cleanup() and minicron */ function voucher_save_db_to_config() { - global $config, $g; if (!isset($config['voucher']['enable']) || $config['voucher']['saveinterval'] == 0) return; // no vouchers or don't want to save DB's - if (!is_subsystem_dirty('voucher')) - return; // nothing changed. - - $voucherlck = lock('voucher'); + $voucherlck = lock('voucher', LOCK_EX); // walk all active rolls and save runtime DB's to flash $a_roll = &$config['voucher']['roll']; -// foreach ($a_roll as $rollent) { while (list($key, $value) = each($a_roll)) { $rollent = &$a_roll[$key]; $roll = $rollent['number']; @@ -478,8 +460,9 @@ function voucher_save_db_to_config() { } $rollent['active'] = $db; } - clear_subsystem_dirty('voucher'); + unlock($voucherlck); + write_config(); return; } -- cgit v1.1 From f5c05fcc613728bc5a18898b4799e8e5a8df7529 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 14 Dec 2010 22:48:45 +0000 Subject: Make voucher xmlrpc error checking the same as others. --- etc/inc/voucher.inc | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index 59f4a98..f7cd1d5 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -63,14 +63,12 @@ EOF; $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); $resp = $cli->send($msg, "250"); - if(!$resp) { + if(!is_object($resp)) { $error = "A communications error occurred while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("CaptivePortalVoucherSync", $error, "Communications error occurred", ""); return array("timeleft" => "0"); } elseif($resp->faultCode()) { - $cli->setDebug(1); - $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("CaptivePortalVoucherSync", $error, "Error code received", ""); @@ -84,7 +82,8 @@ EOF; write_config("Captive Portal Voucher database synchronized with {$url}"); voucher_configure(); } - return $toreturn['timeleft']; + + return $toreturn['timeleft']; } /* -- cgit v1.1 From 451e4a05edd8f1a65dde0e32f7d6015c3c20cfcb Mon Sep 17 00:00:00 2001 From: Erik Fonnesbeck Date: Wed, 15 Dec 2010 17:14:52 -0700 Subject: Fix condition that needed to be negated after a recent layout change here and prevent a PHP warning if there are no voucher rolls. Fixes #1106 --- etc/inc/voucher.inc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index f7cd1d5..ddd8ab4 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -248,7 +248,7 @@ function voucher_configure() { /* kill any running minicron */ killbypid("{$g['varrun_path']}/vouchercron.pid"); - if (isset($config['voucher']['enable'])) + if (!isset($config['voucher']['enable'])) return 0; if ($g['booting']) @@ -295,6 +295,7 @@ function voucher_configure() { $a_roll = &$config['voucher']['roll']; $voucherlck = lock('voucher'); + if (is_array($a_roll)) foreach ($a_roll as $rollent) { $roll = $rollent['number']; -- cgit v1.1 From 7afb7ea90030af16cc6da390d8862a65bf11cb04 Mon Sep 17 00:00:00 2001 From: Ermal Date: Fri, 17 Dec 2010 23:28:03 +0000 Subject: Safe belts to avoid errors. --- etc/inc/voucher.inc | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index ddd8ab4..5c1d132 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -108,12 +108,16 @@ function voucher_auth($voucher_received, $test = 0) { $remote_time_used = xmlrpc_sync_used_voucher($voucher_received, $syncip, $syncport, $syncpass, $vouchersyncusername); } - // read rolls into assoc array with rollid as key and minutes as value - $a_roll = &$config['voucher']['roll']; - foreach ($a_roll as $rollent) { - $tickets_per_roll[$rollent['number']] = $rollent['count']; - $minutes_per_roll[$rollent['number']] = $rollent['minutes']; - } + // read rolls into assoc array with rollid as key and minutes as value + $tickets_per_roll = array(); + $minutes_per_roll = array(); + if (is_array($config['voucher']['roll'])) { + $a_roll = &$config['voucher']['roll']; + foreach ($a_roll as $rollent) { + $tickets_per_roll[$rollent['number']] = $rollent['count']; + $minutes_per_roll[$rollent['number']] = $rollent['minutes']; + } + } // split into an array. Useful for multiple vouchers given $a_vouchers_received = split("[\t\n\r ]+",$voucher_received); @@ -289,13 +293,12 @@ function voucher_configure() { @chmod("{$g['varetc_path']}/voucher.cfg", 0600); unlock($voucherlck); - if ($g['booting']) { + if ($g['booting'] && is_array($config['voucher']['roll'])) { // create active and used DB per roll on ramdisk from config $a_roll = &$config['voucher']['roll']; $voucherlck = lock('voucher'); - if (is_array($a_roll)) foreach ($a_roll as $rollent) { $roll = $rollent['number']; -- cgit v1.1 From 4ac251b8634a52fb5879a37af123e824b6fc8a24 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Wed, 22 Dec 2010 10:29:52 -0500 Subject: Log voucher errors. Fix whitespace. Remove trailing c/r --- etc/inc/voucher.inc | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index 5c1d132..ab6fac1 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -166,6 +166,7 @@ function voucher_auth($voucher_received, $test = 0) { $mask = 1 << ($nr % 8); if (ord($bitstring[$roll][$pos]) & $mask) { $test_result[] = "$voucher ($roll/$nr) already used and expired"; + log_error("$voucher ($roll/$nr) already used and expired"); $total_minutes = -1; // voucher expired $error++; } else { @@ -177,10 +178,12 @@ function voucher_auth($voucher_received, $test = 0) { } } else { $test_result[] = "$voucher ($roll/$nr): not found on any registererd Roll"; + log_error("$voucher ($roll/$nr): not found on any registererd Roll"); } } else { // hmm, thats weird ... not what I expected $test_result[] = "$voucher invalid: $result !!"; + log_error("$voucher invalid: $result !!"); $error++; } } @@ -192,7 +195,7 @@ function voucher_auth($voucher_received, $test = 0) { } else { $test_result[] = "Access granted for $total_minutes Minutes in total."; } - unlock($voucherlck); + unlock($voucherlck); return $test_result; } @@ -201,7 +204,7 @@ function voucher_auth($voucher_received, $test = 0) { // the user wouldn't know that he used at least one invalid voucher. if ($error) { - unlock($voucherlck); + unlock($voucherlck); if ($total_minutes > 0) // probably not needed, but want to make sure $total_minutes = 0; // we only report -1 (expired) or 0 (no access) return $total_minutes; // well, at least one voucher had errors. Say NO ACCESS @@ -274,7 +277,7 @@ function voucher_configure() { $fd = fopen("{$g['varetc_path']}/voucher.public", "w"); if (!$fd) { log_error("Voucher error: cannot write voucher.public\n"); - unlock($voucherlck); + unlock($voucherlck); return 1; } fwrite($fd, $pubkey); @@ -291,13 +294,13 @@ function voucher_configure() { fwrite($fd, "{$config['voucher']['rollbits']},{$config['voucher']['ticketbits']},{$config['voucher']['checksumbits']},{$config['voucher']['magic']},{$config['voucher']['charset']}\n"); fclose($fd); @chmod("{$g['varetc_path']}/voucher.cfg", 0600); - unlock($voucherlck); + unlock($voucherlck); if ($g['booting'] && is_array($config['voucher']['roll'])) { // create active and used DB per roll on ramdisk from config $a_roll = &$config['voucher']['roll']; - $voucherlck = lock('voucher'); + $voucherlck = lock('voucher'); foreach ($a_roll as $rollent) { @@ -319,7 +322,7 @@ function voucher_configure() { voucher_write_active_db($roll, $active_vouchers); } - unlock($voucherlck); + unlock($voucherlck); echo "done\n"; } @@ -470,4 +473,4 @@ function voucher_save_db_to_config() { return; } -?> +?> \ No newline at end of file -- cgit v1.1 From 4d5bbdfbc372f7a766837a71214c56daadfb44ce Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Wed, 22 Dec 2010 10:32:56 -0500 Subject: White space fixes and (C) for both Ermal and myself --- etc/inc/voucher.inc | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index ab6fac1..5e8884e 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -1,6 +1,8 @@ . + Copyright (C) 2010 Ermal Luci + Copyright (C) 2010 Scott Ullrich + Copyright (C) 2007 Marcel Wiget All rights reserved. Redistribution and use in source and binary forms, with or without @@ -140,7 +142,7 @@ function voucher_auth($voucher_received, $test = 0) { list($status, $roll, $nr) = explode(" ", $result); if ($status == "OK") { if (!$first_voucher) { - // store first voucher. Thats the one we give the timecredit + // store first voucher. Thats the one we give the timecredit $first_voucher = $voucher; $first_voucher_roll = $roll; } @@ -455,7 +457,7 @@ function voucher_save_db_to_config() { $rollent['used'] = base64_encode($bitmask); $active_vouchers = voucher_read_active_db($roll); $db = array(); - $dbi = 1; + $dbi = 1; foreach($active_vouchers as $voucher => $line) { list($timestamp,$minutes) = explode(",", $line); $activent['voucher'] = $voucher; -- cgit v1.1 From 34507786be2695aa7942a95bba8869abf23420a8 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Wed, 22 Dec 2010 11:41:07 -0500 Subject: Use captiveportal_syslog() --- etc/inc/voucher.inc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index 5e8884e..f17fe28 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -168,7 +168,7 @@ function voucher_auth($voucher_received, $test = 0) { $mask = 1 << ($nr % 8); if (ord($bitstring[$roll][$pos]) & $mask) { $test_result[] = "$voucher ($roll/$nr) already used and expired"; - log_error("$voucher ($roll/$nr) already used and expired"); + captiveportal_syslog("$voucher ($roll/$nr) already used and expired"); $total_minutes = -1; // voucher expired $error++; } else { @@ -180,12 +180,12 @@ function voucher_auth($voucher_received, $test = 0) { } } else { $test_result[] = "$voucher ($roll/$nr): not found on any registererd Roll"; - log_error("$voucher ($roll/$nr): not found on any registererd Roll"); + captiveportal_syslog("$voucher ($roll/$nr): not found on any registererd Roll"); } } else { // hmm, thats weird ... not what I expected $test_result[] = "$voucher invalid: $result !!"; - log_error("$voucher invalid: $result !!"); + captiveportal_syslog("$voucher invalid: $result !!"); $error++; } } @@ -278,7 +278,7 @@ function voucher_configure() { $pubkey = base64_decode($config['voucher']['publickey']); $fd = fopen("{$g['varetc_path']}/voucher.public", "w"); if (!$fd) { - log_error("Voucher error: cannot write voucher.public\n"); + captiveportal_syslog("Voucher error: cannot write voucher.public\n"); unlock($voucherlck); return 1; } -- cgit v1.1 From 4e8d55ddc814fd8a329f6b96e4d58b3522f5a18d Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Wed, 22 Dec 2010 11:42:20 -0500 Subject: Include captiveportal.inc if captiveportal_syslog() is not defined. --- etc/inc/voucher.inc | 2 ++ 1 file changed, 2 insertions(+) (limited to 'etc/inc/voucher.inc') diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index f17fe28..febb0f7 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -34,6 +34,8 @@ */ /* include all configuration functions */ +if(!function_exists('captiveportal_syslog')) + require_once("captiveportal.inc"); function xmlrpc_sync_used_voucher($voucher_received, $syncip, $port, $password, $username) { global $g, $config; -- cgit v1.1