11.0.0beta

Signed-off-by: Rob White <rob@blue-wave.net>
2026-01-10 04:17:55 -05:00 · 2025-08-22 09:13:29 +01:00
parent d4b77f104b
commit 8879230f98
5 changed files with 32 additions and 43 deletions
--- a/forward_authentication_service/libs/libopennds.sh
+++ b/forward_authentication_service/libs/libopennds.sh
@@ -1539,8 +1539,6 @@ nft_set () {

 				else
 					# OpenWrt
-					ucicmd="uci del dhcp.nds_$nftsetname"
-					echo $ucicmd | uci -q batch
 					ucicmd="set dhcp.nds_$nftsetname='ipset'"
 					echo $ucicmd | uci -q batch
 					ucicmd="add_list dhcp.nds_$nftsetname.name='$nftsetname'"
--- a/src/conf.h
+++ b/src/conf.h
@@ -63,7 +63,7 @@
 #define DEFAULT_LOG_MOUNTPOINT "/tmp"
 #define DEFAULT_MAX_PAGE_SIZE "10240"
 #define DEFAULT_FASPORT "0"
-#define DEFAULT_LOGIN_OPTION_ENABLED "1"
+#define DEFAULT_LOGIN_OPTION_ENABLED "0"
 #define DEFAULT_MAX_LOG_ENTRIES "100"
 #define DEFAULT_USE_OUTDATED_MHD "0"
 #define DEFAULT_ALLOW_PREEMPTIVE_AUTHENTICATION "1"
--- a/src/http_microhttpd.c
+++ b/src/http_microhttpd.c
@@ -1465,20 +1465,20 @@ static char *construct_querystring(struct MHD_Connection *connection, t_client *
 			if (config->fas_hid) {
 				debug(LOG_DEBUG, "hid=%s", client->hid);

-				//if (config->preauth) {
-				//	clientif = safe_calloc(STATUS_BUF);
+				if (config->preauth) {
+					clientif = safe_calloc(STATUS_BUF);

-				//	get_client_interface(clientif, STATUS_BUF, client->mac);
-				//	debug(LOG_DEBUG, "clientif: [%s] url_encoded_gw_name: [%s]", clientif, config->url_encoded_gw_name);
+					get_client_interface(clientif, STATUS_BUF, client->mac);
+					debug(LOG_DEBUG, "clientif: [%s] url_encoded_gw_name: [%s]", clientif, config->url_encoded_gw_name);

-				//	query_str = safe_calloc(QUERYMAXLEN);
+					query_str = safe_calloc(QUERYMAXLEN);

-				//	snprintf(query_str, QUERYMAXLEN,
-				//		"hid=%s",
-				//		client->hid
-				//	);
+					snprintf(query_str, QUERYMAXLEN,
+						"hid=%s",
+						client->hid
+					);

-				//} else {
+				} else {
 					clientif = safe_calloc(STATUS_BUF);

 					get_client_interface(clientif, STATUS_BUF, client->mac);
@@ -1506,7 +1506,7 @@ static char *construct_querystring(struct MHD_Connection *connection, t_client *
 						config->custom_images,
 						config->custom_files
 					);
-				//}
+				}


 				query_str_b64 = safe_calloc(ENC_QUERYSTR);
--- a/src/main.c
+++ b/src/main.c
@@ -279,29 +279,6 @@ init_signals(void)
 	}
 }

-void setup_fasurl(char protocol[8], char *fasurl) {
-	// Setup the FAS URL
-	s_config *config;
-
-	config = config_get_config();
-
-	fasurl = safe_calloc(SMALL_BUF);
-
-	if (strcmp(config->fas_remotefqdn, "disable") == 0 || strcmp(config->fas_remotefqdn, "disabled") == 0) {
-		safe_snprintf(fasurl, SMALL_BUF, "%s://%s:%u%s",
-			protocol, config->fas_remoteip, config->fas_port, config->fas_path);
-		config->fas_url = safe_strdup(fasurl);
-		debug(LOG_DEBUG, "fasurl (ip) is %s\n", fasurl);
-	} else {
-		safe_snprintf(fasurl, SMALL_BUF, "%s://%s:%u%s",
-			protocol, config->fas_remotefqdn, config->fas_port, config->fas_path);
-		config->fas_url = safe_strdup(fasurl);
-		debug(LOG_DEBUG, "fasurl (fqdn) is %s\n", fasurl);
-	}
-
-	free(fasurl);
-}
-
 /**@internal
 * Setup from Configuration values
 */
@@ -606,7 +583,7 @@ setup_from_config(void)
 	}

 	// If fasport not set, override any FAS configuration
-	if (config->login_option_enabled != 0) {
+	if (config->fas_port == 0) {
 		debug(LOG_NOTICE, "Preauth is Enabled - Overriding FAS configuration.\n");
 		debug(LOG_INFO, "Preauth Script is %s\n", config->preauth);

@@ -618,10 +595,10 @@ setup_from_config(void)
 		config->fas_path = safe_strdup(preauth_dir);
 		config->fas_secure_enabled = 1;
 		free(preauth_dir);
-		snprintf(protocol, sizeof(protocol), "http");
-		setup_fasurl(protocol, fasurl);
+	}

-	} else {
+	// If FAS is enabled then set it up
+	if (config->fas_port) {
 		debug(LOG_INFO, "fas_secure_enabled is set to level %d", config->fas_secure_enabled);
 		debug(LOG_INFO, "fasremoteip is %s, fasremotefqdn is %s", config->fas_remoteip, config->fas_remotefqdn);

@@ -725,7 +702,22 @@ setup_from_config(void)
 			snprintf(protocol, sizeof(protocol), "http");
 		}

-		setup_fasurl(protocol, fasurl);
+		// Setup the FAS URL
+		fasurl = safe_calloc(SMALL_BUF);
+
+		if (strcmp(config->fas_remotefqdn, "disable") == 0 || strcmp(config->fas_remotefqdn, "disabled") == 0) {
+			safe_snprintf(fasurl, SMALL_BUF, "%s://%s:%u%s",
+				protocol, config->fas_remoteip, config->fas_port, config->fas_path);
+			config->fas_url = safe_strdup(fasurl);
+			debug(LOG_DEBUG, "fasurl (ip) is %s\n", fasurl);
+		} else {
+			safe_snprintf(fasurl, SMALL_BUF, "%s://%s:%u%s",
+				protocol, config->fas_remotefqdn, config->fas_port, config->fas_path);
+			config->fas_url = safe_strdup(fasurl);
+			debug(LOG_DEBUG, "fasurl (fqdn) is %s\n", fasurl);
+		}
+
+		free(fasurl);

 		// Check if authmon is running and if it is, kill it
 		safe_asprintf(&fasssl, "kill $(pgrep -f \"usr/lib/opennds/authmon.sh\") > /dev/null 2>&1");
--- a/src/util.c
+++ b/src/util.c
@@ -930,7 +930,6 @@ ndsctl_status(FILE *fp)

 	if (config->preauth) {
 		fprintf(fp, "ThemeSpec Core Library: %s\n", config->preauth);
-		fprintf(fp, "ThemeSpec Mode: %d\n", config->login_option_enabled);
 	} else {
 		fprintf(fp, "ThemeSpec: Disabled\n");
 	}