--- a/src/conf.c +++ b/src/conf.c @@ -116,7 +116,14 @@ typedef enum { oFWMarkTrusted, oFWMarkBlocked, oBinAuth, - oPreAuth + oPreAuth, + oSplashPageTitle, + oLoginSuccessText, + oAcceptancePolicy, + oRadiusServerIp, + oRadiusServerPort, + oRadiusServerSecret, + oRadiusAuthType } OpCodes; /** @internal @@ -178,6 +185,13 @@ static const struct { { "fw_mark_blocked", oFWMarkBlocked }, { "binauth", oBinAuth }, { "preauth", oPreAuth }, + { "acceptance_policy", oAcceptancePolicy }, + { "splash_page_title", oSplashPageTitle }, + { "login_success_text", oLoginSuccessText }, + { "radius_server_ip", oRadiusServerIp}, + { "radius_server_port", oRadiusServerPort}, + { "radius_server_secret", oRadiusServerSecret}, + { "radius_auth_type", oRadiusAuthType}, { NULL, oBadOption }, }; @@ -269,7 +283,13 @@ config_init(void) config.ip6 = DEFAULT_IP6; config.binauth = NULL; config.preauth = NULL; - + config.acceptance_policy = safe_strdup(DEFAULT_ACCEPTANCE_POLICY); + config.splash_page_title = safe_strdup(DEFAULT_SPLASH_PAGE_TITLE); + config.login_success_text = safe_strdup(DEFAULT_LOGIN_SUCCESS_TEXT); + config.radius_server_secret = NULL; + config.radius_server_port = NULL; + config.radius_server_ip = NULL; + config.radius_auth_type = NULL; // Set up default FirewallRuleSets, and their empty ruleset policies rs = add_ruleset("trusted-users"); rs->emptyrulesetpolicy = safe_strdup(DEFAULT_EMPTY_TRUSTED_USERS_POLICY); @@ -1026,6 +1046,27 @@ config_read(const char *filename) exit(1); } break; + case oAcceptancePolicy: + config.acceptance_policy = safe_strdup(p1); + break; + case oLoginSuccessText: + config.login_success_text = safe_strdup(p1); + break; + case oSplashPageTitle: + config.splash_page_title = safe_strdup(p1); + break; + case oRadiusServerIp: + config.radius_server_ip = safe_strdup(p1); + break; + case oRadiusServerPort: + config.radius_server_port = safe_strdup(p1); + break; + case oRadiusServerSecret: + config.radius_server_secret = safe_strdup(p1); + break; + case oRadiusAuthType: + config.radius_auth_type = safe_strdup(p1); + break; case oBadOption: debug(LOG_ERR, "Bad option %s on line %d in %s", s, linenum, filename); debug(LOG_ERR, "Exiting..."); --- a/src/conf.h +++ b/src/conf.h @@ -52,7 +52,7 @@ #define DEFAULT_DEBUGLEVEL 1 #define DEFAULT_MAXCLIENTS 20 #define DEFAULT_GATEWAY_IPRANGE "0.0.0.0/0" -#define DEFAULT_GATEWAYNAME "openNDS" +#define DEFAULT_GATEWAYNAME "Telecom Infra Project Gateway" #define DEFAULT_GATEWAYPORT 2050 #define DEFAULT_FASPORT 0 #define DEFAULT_LOGIN_OPTION_ENABLED 0 @@ -98,7 +98,9 @@ #define DEFAULT_EMPTY_AUTHENTICATED_USERS_POLICY "RETURN" #define DEFAULT_EMPTY_PREAUTHENTICATED_USERS_POLICY "REJECT" #define DEFAULT_IP6 0 - +#define DEFAULT_SPLASH_PAGE_TITLE "Captive Portal" +#define DEFAULT_ACCEPTANCE_POLICY "Use this network at your own risk. No warranty of any kind " +#define DEFAULT_LOGIN_SUCCESS_TEXT "Welcome to Network" // Firewall targets typedef enum { TARGET_DROP, @@ -195,6 +197,13 @@ typedef struct { int ip6; //@brief enable IPv6 char *binauth; //@brief external authentication program char *preauth; //@brief external preauthentication program + char *acceptance_policy; + char *login_success_text; + char *splash_page_title; + char *radius_server_ip; + char *radius_server_port; + char *radius_server_secret; + char *radius_auth_type; } s_config; // @brief Get the current gateway configuration --- a/src/http_microhttpd.c +++ b/src/http_microhttpd.c @@ -696,7 +696,7 @@ static int show_preauthpage(struct MHD_C uh_urlencode(enc_query, sizeof(enc_query), query, strlen(query)); debug(LOG_DEBUG, "PreAuth: query: %s", query); } - + debug(LOG_WARNING, "Preauth script: querystring:%s ,user_agent:%s", enc_query, enc_user_agent); rc = execute_ret(msg, HTMLMAXSIZE - 1, "%s '%s' '%s'", config->preauth, enc_query, enc_user_agent); if (rc != 0) { @@ -950,7 +950,6 @@ static char *construct_querystring(t_cli char clientif[64] = {0}; s_config *config = config_get_config(); - if (config->fas_secure_enabled == 0) { snprintf(querystr, QUERYMAXLEN, "?clientip=%s&gatewayname=%s&tok=%s", client->ip, config->url_encoded_gw_name, client->token); @@ -959,10 +958,12 @@ static char *construct_querystring(t_cli if (config->fas_hid) { hash_str(hash, sizeof(hash), client->token); debug(LOG_DEBUG, "hid=%s", hash); - snprintf(querystr, QUERYMAXLEN, "?clientip=%s&gatewayname=%s&hid=%s&gatewayaddress=%s", - client->ip, config->url_encoded_gw_name, hash, config->gw_address); + snprintf(querystr, QUERYMAXLEN, "?clientip=%s&gatewayname=%s&hid=%s&gatewayaddress=%s&radiusserverip=%s&radiusserverport=%s&radiusserversecret=%s&radiusauthtype=%s", + client->ip, config->url_encoded_gw_name, hash, config->gw_address, config->radius_server_ip, config->radius_server_port, config->radius_server_secret, config->radius_auth_type); } else { - snprintf(querystr, QUERYMAXLEN, "?clientip=%s&gatewayname=%s", client->ip, config->url_encoded_gw_name); + snprintf(querystr, QUERYMAXLEN,"?clientip=%s&gatewayname=%s&splashpagetitle=%s&acceptancepolicy=%s&loginsuccesstext=%s&redirecturl=%s&radiusserverip=%s&radiusserverport=%s&radiusserversecret=%s&radiusauthtype=%s", + client->ip, config->url_encoded_gw_name, config->splash_page_title, config->acceptance_policy, config->login_success_text, config->redirectURL, config->radius_server_ip, config->radius_server_port, config->radius_server_secret, config->radius_auth_type); + } } else if (config->fas_secure_enabled == 2 || config->fas_secure_enabled == 3) { @@ -1320,6 +1321,10 @@ static void replace_variables( {"token", client->token}, {"uptime", uptime}, {"version", VERSION}, + {"acceptancepolicy", config->acceptance_policy}, + {"loginsuccesstext", config->login_success_text}, + {"splashpagetitle", config->splash_page_title}, + {"redirecturl", config->redirectURL}, {NULL, NULL} }; --- a/src/main.c +++ b/src/main.c @@ -394,7 +394,6 @@ setup_from_config(void) if (config->preauth) { debug(LOG_NOTICE, "Preauth is Enabled - Overiding FAS configuration.\n"); debug(LOG_INFO, "Preauth Script is %s\n", config->preauth); - //override all other FAS settings config->fas_remoteip = safe_strdup(config->gw_ip); config->fas_remotefqdn = NULL;