github/openNDS
1
1
Fork 0
mirror of https://github.com/openNDS/openNDS.git synced 2026-05-04 03:01:32 -04:00
Code Issues Packages Projects Releases Wiki Activity

remove unused settings

Browse Source 
RemoteAuthenticatorAction, EnablePreAuth, BinVoucher, ForceVoucher, PasswordAuthentication, UsernameAuthentication, PasswordAttempts, Username, Password
This commit is contained in:
Moritz Warning
2018-07-28 17:16:01 +02:00
parent 8f74c633ec
commit fded4fa17a
8 changed files with 0 additions and 257 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
resources/nodogsplash.conf
View File

@@ -255,47 +255,6 @@ FirewallRuleSet users-to-router {
#
# TrustedMACList 00:00:CA:FE:BA:BE, 00:00:C0:01:D0:0D
# Parameter: PasswordAuthentication
# Default: no
# Set to yes (or true or 1), to require a password matching
# the Password parameter to be supplied when authenticating.
#
#
# PasswordAuthentication no
# Parameter: Password
# Default: none
# Whitespace delimited string that is compared to user-supplied
# password when authenticating.
#
#
# Password nodog
# Parameter: UsernameAuthentication
# Default: no
# Set to yes (or true or 1), to require a username matching
# the Username parameter to be supplied when authenticating.
#
#
# UsernameAuthentication no
# Parameter: Username
# Default: none
# Whitespace delimited string that is compared to user-supplied
# username when authenticating.
#
#
# Username guest
# Parameter: PasswordAttempts
# Default: 5
# Integer number of failed password/username entries before
# a user is forced to reauthenticate.
#
#
# PasswordAttempts 5
# Parameter: TrafficControl
# Default: no
#

1
src/client_list.h
View File

@@ -47,7 +47,6 @@ typedef struct _t_client {
unsigned int fw_connection_state; /**< @brief Connection state in the firewall */
time_t added_time; /**< @brief Time client added to list */
t_counters counters; /**< @brief Counters for input/output of the client. */
int attempts; /**< @brief Number of authentication attempts */
int download_limit; /**< @brief Download limit, kb/s */
int upload_limit; /**< @brief Upload limit, kb/s */
int idx;

99
src/conf.c
View File

@@ -71,15 +71,6 @@ typedef enum {
oGatewayIPRange,
oGatewayAddress,
oGatewayPort,
oRemoteAuthenticatorAction,
oEnablePreAuth,
oBinVoucher,
oForceVoucher,
oPasswordAuthentication,
oUsernameAuthentication,
oPasswordAttempts,
oUsername,
oPassword,
oHTTPDMaxConn,
oWebRoot,
oSplashPage,
@@ -128,15 +119,6 @@ static const struct {
{ "gatewayiprange", oGatewayIPRange },
{ "gatewayaddress", oGatewayAddress },
{ "gatewayport", oGatewayPort },
{ "remoteauthenticatoraction", oRemoteAuthenticatorAction },
{ "enablepreauth", oEnablePreAuth },
{ "binvoucher", oBinVoucher },
{ "forcevoucher", oForceVoucher },
{ "passwordauthentication", oPasswordAuthentication },
{ "usernameauthentication", oUsernameAuthentication },
{ "passwordattempts", oPasswordAttempts },
{ "username", oUsername },
{ "password", oPassword },
{ "webroot", oWebRoot },
{ "splashpage", oSplashPage },
{ "imagesdir", oImagesDir },
@@ -207,7 +189,6 @@ config_init(void)
config.gw_iprange = safe_strdup(DEFAULT_GATEWAY_IPRANGE);
config.gw_address = NULL;
config.gw_port = DEFAULT_GATEWAYPORT;
config.remote_auth_action = NULL;
config.webroot = safe_strdup(DEFAULT_WEBROOT);
config.splashpage = safe_strdup(DEFAULT_SPLASHPAGE);
config.infoskelpage = safe_strdup(DEFAULT_INFOSKELPAGE);
@@ -220,11 +201,6 @@ config_init(void)
config.clientforceout = DEFAULT_CLIENTFORCEOUT;
config.checkinterval = DEFAULT_CHECKINTERVAL;
config.daemon = -1;
config.passwordauth = DEFAULT_PASSWORD_AUTH;
config.usernameauth = DEFAULT_USERNAME_AUTH;
config.passwordattempts = DEFAULT_PASSWORD_ATTEMPTS;
config.username = NULL;
config.password = NULL;
config.authenticate_immediately = DEFAULT_AUTHENTICATE_IMMEDIATELY;
config.set_mss = DEFAULT_SET_MSS;
config.mss_value = DEFAULT_MSS_VALUE;
@@ -758,22 +734,6 @@ config_read(const char *filename)
exit(-1);
}
break;
case oRemoteAuthenticatorAction:
config.remote_auth_action = safe_strdup(p1);
break;
case oEnablePreAuth:
value = parse_boolean_value(p1);
if (value != - 1)
config.enable_preauth = value;
break;
case oBinVoucher:
config.bin_voucher = safe_strdup(p1);
break;
case oForceVoucher:
value = parse_boolean_value(p1);
if (value != - 1)
config.force_voucher = value;
break;
case oFirewallRuleSet:
parse_firewall_ruleset(p1, fd, filename, &linenum);
break;
@@ -833,37 +793,6 @@ config_read(const char *filename)
exit(-1);
}
break;
case oPasswordAuthentication:
if ((value = parse_boolean_value(p1)) != -1) {
config.passwordauth = value;
} else {
debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
debug(LOG_ERR, "Exiting...");
exit(-1);
}
break;
case oUsernameAuthentication:
if ((value = parse_boolean_value(p1)) != -1) {
config.usernameauth = value;
} else {
debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
debug(LOG_ERR, "Exiting...");
exit(-1);
}
break;
case oPasswordAttempts:
if (sscanf(p1, "%d", &config.passwordattempts) < 1) {
debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
debug(LOG_ERR, "Exiting...");
exit(-1);
}
break;
case oUsername:
set_username(p1);
break;
case oPassword:
set_password(p1);
break;
case oSetMSS:
if ((value = parse_boolean_value(p1)) != -1) {
config.set_mss = value;
@@ -1363,34 +1292,6 @@ int set_log_level(int level)
return 0;
}
/** Set the gateway password.
* Return 0 on success.
*/
int set_password(const char s[])
{
char *old = config.password;
if (s) {
config.password = safe_strdup(s);
if (old) free(old);
return 0;
}
return 1;
}
/** Set the gateway username.
* Return 0 on success.
*/
int set_username(const char s[])
{
char *old = config.username;
if (s) {
config.username = safe_strdup(s);
if (old) free(old);
return 0;
}
return 1;
}
/** Verifies if the configuration is complete and valid. Terminates the program if it isn't */
void
config_validate(void)

14
src/conf.h
View File

@@ -64,9 +64,6 @@
#define DEFAULT_AUTHDIR "nodogsplash_auth"
#define DEFAULT_DENYDIR "nodogsplash_deny"
#define DEFAULT_MACMECHANISM MAC_BLOCK
#define DEFAULT_PASSWORD_AUTH 0
#define DEFAULT_USERNAME_AUTH 0
#define DEFAULT_PASSWORD_ATTEMPTS 5
#define DEFAULT_AUTHENTICATE_IMMEDIATELY 0
#define DEFAULT_SET_MSS 1
#define DEFAULT_MSS_VALUE 0
@@ -151,10 +148,6 @@ typedef struct {
char *gw_address; /**< @brief Internal IP address for our web server */
char *gw_mac; /**< @brief MAC address of the interface we manage */
unsigned int gw_port; /**< @brief Port the webserver will run on */
char *remote_auth_action; /**< @brief Path for remote auth */
char enable_preauth; /**< @brief enable pre-authentication support */
char *bin_voucher; /**< @brief enable voucher support */
char force_voucher; /**< @brief force voucher */
char *webroot; /**< @brief Directory containing splash pages, etc. */
char *splashpage; /**< @brief Name of main splash page */
char *infoskelpage; /**< @brief Name of info skeleton page */
@@ -163,11 +156,6 @@ typedef struct {
char *redirectURL; /**< @brief URL to direct client to after authentication */
char *authdir; /**< @brief Notional relative dir for authentication URL */
char *denydir; /**< @brief Notional relative dir for denial URL */
int passwordauth; /**< @brief boolean, whether to use password authentication */
int usernameauth; /**< @brief boolean, whether to use username authentication */
char *username; /**< @brief Username for username authentication */
char *password; /**< @brief Password for password authentication */
int passwordattempts; /**< @brief Number of attempted password authentications allowed */
int clienttimeout; /**< @brief How many CheckIntervals before an inactive client must be re-authenticated */
int clientforceout; /**< @brief How many CheckIntervals before a client must be re-authenticated */
int checkinterval; /**< @brief Period the the client timeout check thread will run, in seconds */
@@ -240,8 +228,6 @@ int check_mac_format(const char[]);
/** config API, used in commandline.c */
int set_log_level(int);
int set_password(const char[]);
int set_username(const char[]);
#define LOCK_CONFIG() do { \
debug(LOG_DEBUG, "Locking config"); \

44
src/ndsctl.c
View File

@@ -64,8 +64,6 @@ static void ndsctl_untrust(void);
static void ndsctl_auth(void);
static void ndsctl_deauth(void);
static void ndsctl_loglevel(void);
static void ndsctl_username(void);
static void ndsctl_password(void);
/** @internal
* @brief Print usage
@@ -96,8 +94,6 @@ usage(void)
" trust mac Trust the given MAC address\n"
" untrust mac Untrust the given MAC address\n"
" loglevel n Set logging level to n\n"
" password pass Set gateway password\n"
" username name Set gateway username\n"
"\n"
);
}
@@ -229,22 +225,6 @@ parse_commandline(int argc, char **argv)
exit(1);
}
config.param = strdup(*(argv + optind + 1));
} else if (strcmp(*(argv + optind), "password") == 0) {
config.command = NDSCTL_PASSWORD;
if ((argc - (optind + 1)) <= 0) {
fprintf(stderr, "ndsctl: Error: You must specify a password\n");
usage();
exit(1);
}
config.param = strdup(*(argv + optind + 1));
} else if (strcmp(*(argv + optind), "username") == 0) {
config.command = NDSCTL_USERNAME;
if ((argc - (optind + 1)) <= 0) {
fprintf(stderr, "ndsctl: Error: You must specify a username\n");
usage();
exit(1);
}
config.param = strdup(*(argv + optind + 1));
} else {
fprintf(stderr, "ndsctl: Error: Invalid command \"%s\"\n", *(argv + optind));
usage();
@@ -396,22 +376,6 @@ ndsctl_loglevel(void)
"Failed to set log level to %s.\n");
}
void
ndsctl_password(void)
{
ndsctl_action("password",
"Password set to %s.\n",
"Failed to set password to %s.\n");
}
void
ndsctl_username(void)
{
ndsctl_action("username",
"Username set to %s.\n",
"Failed to set username to %s.\n");
}
void
ndsctl_deauth(void)
{
@@ -536,14 +500,6 @@ main(int argc, char **argv)
ndsctl_loglevel();
break;
case NDSCTL_PASSWORD:
ndsctl_password();
break;
case NDSCTL_USERNAME:
ndsctl_username();
break;
default:
/* XXX NEVER REACHED */
fprintf(stderr, "Unknown opcode: %d\n", config.command);

2
src/ndsctl.h
View File

@@ -45,8 +45,6 @@
#define NDSCTL_AUTH 11
#define NDSCTL_DEAUTH 12
#define NDSCTL_LOGLEVEL 13
#define NDSCTL_PASSWORD 14
#define NDSCTL_USERNAME 15
#define NDSCTL_CLIENTS 16
#define NDSCTL_JSON 17

48
src/ndsctl_thread.c
View File

@@ -71,8 +71,6 @@ static void ndsctl_untrust(FILE *fp, char *arg);
static void ndsctl_auth(FILE *fp, char *arg);
static void ndsctl_deauth(FILE *fp, char *arg);
static void ndsctl_loglevel(FILE *fp, char *arg);
static void ndsctl_password(FILE *fp, char *arg);
static void ndsctl_username(FILE *fp, char *arg);
static int socket_set_non_blocking(int sockfd);
@@ -275,10 +273,6 @@ ndsctl_handler(int fd)
ndsctl_deauth(fp, (request + 7));
} else if (strncmp(request, "loglevel", 8) == 0) {
ndsctl_loglevel(fp, (request + 9));
} else if (strncmp(request, "password", 8) == 0) {
ndsctl_password(fp, (request + 9));
} else if (strncmp(request, "username", 8) == 0) {
ndsctl_username(fp, (request + 9));
}
if (!done) {
@@ -508,48 +502,6 @@ ndsctl_loglevel(FILE *fp, char *arg)
debug(LOG_DEBUG, "Exiting ndsctl_loglevel.");
}
static void
ndsctl_password(FILE *fp, char *arg)
{
debug(LOG_DEBUG, "Entering ndsctl_password...");
LOCK_CONFIG();
debug(LOG_DEBUG, "Argument: [%s]", arg);
if (!set_password(arg)) {
fprintf(fp, "Yes");
debug(LOG_NOTICE, "Set password to %s.", arg);
} else {
fprintf(fp, "No");
}
UNLOCK_CONFIG();
debug(LOG_DEBUG, "Exiting ndsctl_password.");
}
static void
ndsctl_username(FILE *fp, char *arg)
{
debug(LOG_DEBUG, "Entering ndsctl_username...");
LOCK_CONFIG();
debug(LOG_DEBUG, "Argument: [%s]", arg);
if (!set_username(arg)) {
fprintf(fp, "Yes");
debug(LOG_NOTICE, "Set username to %s.", arg);
} else {
fprintf(fp, "No");
}
UNLOCK_CONFIG();
debug(LOG_DEBUG, "Exiting ndsctl_username.");
}
static int
socket_set_non_blocking(int sockfd)
{

8
src/util.c
View File

@@ -415,14 +415,6 @@ ndsctl_status(FILE *fp)
fprintf(fp, "Redirect URL: %s\n", config->redirectURL);
}
if (config->passwordauth) {
fprintf(fp, "Gateway password: %s\n", config->password);
}
if (config->usernameauth) {
fprintf(fp, "Gateway username: %s\n", config->username);
}
fprintf(fp, "Traffic control: %s\n", config->traffic_control ? "yes" : "no");
if (config->traffic_control) {