From d31bc32ad6e46712d6347a7ae7e7a9bedce01a3f Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Wed, 22 Dec 2010 01:10:27 +0000
Subject: Make the CP locking more granular and make use correctly of
 exclusive/shared locks where appripriate. This speeds up CP login process.

---
 usr/local/captiveportal/index.php | 36 +++++++++---------------------------
 1 file changed, 9 insertions(+), 27 deletions(-)

(limited to 'usr/local/captiveportal')

diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php
index 6cbe1c0..2d7883c 100755
--- a/usr/local/captiveportal/index.php
+++ b/usr/local/captiveportal/index.php
@@ -268,20 +268,14 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
 
 	global $redirurl, $g, $config, $type, $passthrumac, $_POST;
 
-	/* See if a ruleno is passed, if not start locking the sessions because this means there isn't one atm */
-	$captiveshouldunlock = false;
-	if ($ruleno == null) {
-		$cplock = lock('captiveportal');
-		$captiveshouldunlock = true;
+	/* See if a ruleno is passed, if not start sessions because this means there isn't one atm */
+	if ($ruleno == null)
 		$ruleno = captiveportal_get_next_ipfw_ruleno();
-	}
 
 	/* if the pool is empty, return appropriate message and exit */
 	if (is_null($ruleno)) {
 		portal_reply_page($redirurl, "error", "System reached maximum login capacity");
 		log_error("WARNING!  Captive portal has reached maximum login capacity");
-		if ($captiveshouldunlock == true)
-		unlock($cplock);
 		exit;
 	}
 
@@ -367,13 +361,10 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
 		}
 	}
 
-	if ($attributes['voucher'] && $remaining_time <= 0) {
-		unlock($cplock);
+	if ($attributes['voucher'] && $remaining_time <= 0)
 		return 0;       // voucher already used and no time left
-	}
 
 	if (!isset($sessionid)) {
-
 		/* generate unique session ID */
 		$tod = gettimeofday();
 		$sessionid = substr(md5(mt_rand() . $tod['sec'] . $tod['usec'] . $clientip . $clientmac), 0, 16);
@@ -405,7 +396,6 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
 			mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry.rules.tmp");
 			$writecfg = true;
 		} else {
-
 			if ($peruserbw && !empty($bw_up) && is_numeric($bw_up)) {
 				$bw_up_pipeno = $ruleno + 20000;
 				//$bw_up /= 1000; // Scale to Kbit/s
@@ -448,7 +438,6 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
 			if (isset($config['captiveportal']['radacct_enable']) && !empty($radiusservers)) {
 				$acct_val = RADIUS_ACCOUNTING_START($ruleno,
                                 		$username, $sessionid, $radiusservers, $clientip, $clientmac);
-
 				if ($acct_val == 1)
 					captiveportal_logportalauth($username,$clientmac,$clientip,$type,"RADIUS ACCOUNTING FAILED");
 			}
@@ -458,9 +447,6 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
 		}
 	}
 
-	if ($captiveshouldunlock == true)
-		unlock($cplock);
-
 	if ($writecfg == true)
 		write_config();
 
@@ -502,13 +488,11 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
 
 
 /* remove a single client by session ID
-   by Dinesh Nair
+ *  by Dinesh Nair
  */
 function disconnect_client($sessionid, $logoutReason = "LOGOUT", $term_cause = 1) {
-
     global $g, $config;
 
-    $cplock = lock('captiveportal');
     /* read database */
     $cpdb = captiveportal_read_db();
 
@@ -527,8 +511,6 @@ function disconnect_client($sessionid, $logoutReason = "LOGOUT", $term_cause = 1
 
     /* write database */
     captiveportal_write_db($cpdb);
-
-    unlock($cplock);
 }
 
 /*
@@ -555,8 +537,6 @@ function portal_consume_passthrough_credit($clientmac) {
 
 	$updatetimeouts = isset($config['captiveportal']['freelogins_updatetimeouts']);
 
-	$cplock = lock('captiveportal');
-
 	/*
 	 * Read database of used MACs.  Lines are a comma-separated list
 	 * of the time, MAC, then the count of pass-through credits remaining.
@@ -578,7 +558,6 @@ function portal_consume_passthrough_credit($clientmac) {
 						captiveportal_write_usedmacs_db($usedmacs);
 					}
 
-					unlock($cplock);
 					return false;
 				} else {
 					$usedmac[2] -= 1;
@@ -600,13 +579,13 @@ function portal_consume_passthrough_credit($clientmac) {
 	}
 
 	captiveportal_write_usedmacs_db($usedmacs);
-	unlock($cplock);
 	return true;
 }
 
 function captiveportal_read_usedmacs_db() {
 	global $g;
 
+	$cpumaclck = lock('captiveusedmacs');
 	if (file_exists("{$g['vardb_path']}/captiveportal_usedmacs.db")) {
 		$usedmacs = file("{$g['vardb_path']}/captiveportal_usedmacs.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
 		if (!usedmacs)
@@ -614,13 +593,16 @@ function captiveportal_read_usedmacs_db() {
 	} else
 		$usedmacs = array();
 
+	unlock($cpumaclck);
 	return $usedmacs;
 }
 
 function captiveportal_write_usedmacs_db($usedmacs) {
 	global $g;
 
-	file_put_contents("{$g['vardb_path']}/captiveportal_usedmacs.db", implode("\n", $usedmacs));
+	$cpumaclck = lock('captiveusedmacs', LOCK_EX);
+	@file_put_contents("{$g['vardb_path']}/captiveportal_usedmacs.db", implode("\n", $usedmacs));
+	unlock($cpumaclck);
 }
 
 ?>
-- 
cgit v1.1