From 8879230f989dfc0393ef995c96fbe06f5ab0d391 Mon Sep 17 00:00:00 2001 From: Rob White Date: Fri, 22 Aug 2025 09:13:29 +0100 Subject: [PATCH] 11.0.0beta Signed-off-by: Rob White --- .../libs/libopennds.sh | 2 - src/conf.h | 2 +- src/http_microhttpd.c | 22 ++++----- src/main.c | 48 ++++++++----------- src/util.c | 1 - 5 files changed, 32 insertions(+), 43 deletions(-) diff --git a/forward_authentication_service/libs/libopennds.sh b/forward_authentication_service/libs/libopennds.sh index 0e6632f..1cb72fc 100755 --- a/forward_authentication_service/libs/libopennds.sh +++ b/forward_authentication_service/libs/libopennds.sh @@ -1539,8 +1539,6 @@ nft_set () { else # OpenWrt - ucicmd="uci del dhcp.nds_$nftsetname" - echo $ucicmd | uci -q batch ucicmd="set dhcp.nds_$nftsetname='ipset'" echo $ucicmd | uci -q batch ucicmd="add_list dhcp.nds_$nftsetname.name='$nftsetname'" diff --git a/src/conf.h b/src/conf.h index c9f96ce..f40597e 100644 --- a/src/conf.h +++ b/src/conf.h @@ -63,7 +63,7 @@ #define DEFAULT_LOG_MOUNTPOINT "/tmp" #define DEFAULT_MAX_PAGE_SIZE "10240" #define DEFAULT_FASPORT "0" -#define DEFAULT_LOGIN_OPTION_ENABLED "1" +#define DEFAULT_LOGIN_OPTION_ENABLED "0" #define DEFAULT_MAX_LOG_ENTRIES "100" #define DEFAULT_USE_OUTDATED_MHD "0" #define DEFAULT_ALLOW_PREEMPTIVE_AUTHENTICATION "1" diff --git a/src/http_microhttpd.c b/src/http_microhttpd.c index 6b48071..8c7e478 100644 --- a/src/http_microhttpd.c +++ b/src/http_microhttpd.c @@ -1465,20 +1465,20 @@ static char *construct_querystring(struct MHD_Connection *connection, t_client * if (config->fas_hid) { debug(LOG_DEBUG, "hid=%s", client->hid); - //if (config->preauth) { - // clientif = safe_calloc(STATUS_BUF); + if (config->preauth) { + clientif = safe_calloc(STATUS_BUF); - // get_client_interface(clientif, STATUS_BUF, client->mac); - // debug(LOG_DEBUG, "clientif: [%s] url_encoded_gw_name: [%s]", clientif, config->url_encoded_gw_name); + get_client_interface(clientif, STATUS_BUF, client->mac); + debug(LOG_DEBUG, "clientif: [%s] url_encoded_gw_name: [%s]", clientif, config->url_encoded_gw_name); - // query_str = safe_calloc(QUERYMAXLEN); + query_str = safe_calloc(QUERYMAXLEN); - // snprintf(query_str, QUERYMAXLEN, - // "hid=%s", - // client->hid - // ); + snprintf(query_str, QUERYMAXLEN, + "hid=%s", + client->hid + ); - //} else { + } else { clientif = safe_calloc(STATUS_BUF); get_client_interface(clientif, STATUS_BUF, client->mac); @@ -1506,7 +1506,7 @@ static char *construct_querystring(struct MHD_Connection *connection, t_client * config->custom_images, config->custom_files ); - //} + } query_str_b64 = safe_calloc(ENC_QUERYSTR); diff --git a/src/main.c b/src/main.c index 36bacd7..ed8f570 100644 --- a/src/main.c +++ b/src/main.c @@ -279,29 +279,6 @@ init_signals(void) } } -void setup_fasurl(char protocol[8], char *fasurl) { - // Setup the FAS URL - s_config *config; - - config = config_get_config(); - - fasurl = safe_calloc(SMALL_BUF); - - if (strcmp(config->fas_remotefqdn, "disable") == 0 || strcmp(config->fas_remotefqdn, "disabled") == 0) { - safe_snprintf(fasurl, SMALL_BUF, "%s://%s:%u%s", - protocol, config->fas_remoteip, config->fas_port, config->fas_path); - config->fas_url = safe_strdup(fasurl); - debug(LOG_DEBUG, "fasurl (ip) is %s\n", fasurl); - } else { - safe_snprintf(fasurl, SMALL_BUF, "%s://%s:%u%s", - protocol, config->fas_remotefqdn, config->fas_port, config->fas_path); - config->fas_url = safe_strdup(fasurl); - debug(LOG_DEBUG, "fasurl (fqdn) is %s\n", fasurl); - } - - free(fasurl); -} - /**@internal * Setup from Configuration values */ @@ -606,7 +583,7 @@ setup_from_config(void) } // If fasport not set, override any FAS configuration - if (config->login_option_enabled != 0) { + if (config->fas_port == 0) { debug(LOG_NOTICE, "Preauth is Enabled - Overriding FAS configuration.\n"); debug(LOG_INFO, "Preauth Script is %s\n", config->preauth); @@ -618,10 +595,10 @@ setup_from_config(void) config->fas_path = safe_strdup(preauth_dir); config->fas_secure_enabled = 1; free(preauth_dir); - snprintf(protocol, sizeof(protocol), "http"); - setup_fasurl(protocol, fasurl); + } - } else { + // If FAS is enabled then set it up + if (config->fas_port) { debug(LOG_INFO, "fas_secure_enabled is set to level %d", config->fas_secure_enabled); debug(LOG_INFO, "fasremoteip is %s, fasremotefqdn is %s", config->fas_remoteip, config->fas_remotefqdn); @@ -725,7 +702,22 @@ setup_from_config(void) snprintf(protocol, sizeof(protocol), "http"); } - setup_fasurl(protocol, fasurl); + // Setup the FAS URL + fasurl = safe_calloc(SMALL_BUF); + + if (strcmp(config->fas_remotefqdn, "disable") == 0 || strcmp(config->fas_remotefqdn, "disabled") == 0) { + safe_snprintf(fasurl, SMALL_BUF, "%s://%s:%u%s", + protocol, config->fas_remoteip, config->fas_port, config->fas_path); + config->fas_url = safe_strdup(fasurl); + debug(LOG_DEBUG, "fasurl (ip) is %s\n", fasurl); + } else { + safe_snprintf(fasurl, SMALL_BUF, "%s://%s:%u%s", + protocol, config->fas_remotefqdn, config->fas_port, config->fas_path); + config->fas_url = safe_strdup(fasurl); + debug(LOG_DEBUG, "fasurl (fqdn) is %s\n", fasurl); + } + + free(fasurl); // Check if authmon is running and if it is, kill it safe_asprintf(&fasssl, "kill $(pgrep -f \"usr/lib/opennds/authmon.sh\") > /dev/null 2>&1"); diff --git a/src/util.c b/src/util.c index 6ec6304..1f569c4 100644 --- a/src/util.c +++ b/src/util.c @@ -930,7 +930,6 @@ ndsctl_status(FILE *fp) if (config->preauth) { fprintf(fp, "ThemeSpec Core Library: %s\n", config->preauth); - fprintf(fp, "ThemeSpec Mode: %d\n", config->login_option_enabled); } else { fprintf(fp, "ThemeSpec: Disabled\n"); }