<HttpKeepJS>httpkeep.js</HttpKeepJS>
<Md5JS>md5.js</Md5JS>
- <!-- URL used to retry -->
+ <!-- URL used for retrying -->
<ExternalUrl>http://www.google.com/</ExternalUrl>
<!-- Url to start browsing after authentication -->
<Url>http://www.yahoo.com/</Url>
</StartPage>
+ <!-- authentication by http-cookie is allowed(1) or not(0) -->
+ <EnableCookieAuth>1</EnableCookieAuth>
+
<!-- Related command path -->
<ArpPath>/usr/sbin/arp</ArpPath>
<NdpPath>/usr/sbin/ndp</NdpPath>
Ver.1.5.1 at 2009.9.15
</DT><DD>
Modified english document. Removed disabled item in conf file.
+ </DD><DT>
+ Ver.1.5.2 at 2009.10.4
+ </DT><DD>
+ Fixed mulfunctions by remained cookie and null http_host.
</DD>
</DL>
<P>
<p>If [Error!] is shown between above two lines or
-other malfunction has occured,
-please access the network from your home page or another (external) site.
+other malfunction has occured, please use another page.
Should your browser display any abnormal behavior,
please close it and try again.
If you enter a value in duration field of authentication page,
//<!--
window.open("%%STARTURL%%","window1");
- initHttpkeep("%%HTTPHELLOURL%%","%%SESSIONID%%");
+ initHttpkeep("%%HTTPHELLOURL%%","%%SESSIONID%%","%%COOKIENAME%%");
//-->
</script>
</center>
-<p><font size=+1>If you have some questions,
+<p><font size=+1>If you have any questions,
please contact the network administrator.
<div align=right>Saga University</div>
</center>
-<p><font size=+1>If you have some questions,
+<p><font size=+1>If you have any questions,
please contact network administrator.
<div align=right>Saga University</div>
</HTML>
-
-
-
-
-
-
-
var nextKey;
var nowKey;
var sessionId;
+var keepConnect;
+var cookieName;
function createXMLHttpRequest() {
try { return new ActiveXObject("Msxml2.XMLHTTP"); } catch(e) {}
rand=Math.random();
nextKey=hex_md5(String(rand));
}catch(e){
- document.getElementById("watchdog").innerHTML = "Error!:1";
+ showError();
}
}
-
else{
- document.getElementById("watchdog").innerHTML = "Error!:2";
+ showError();
}
}
document.getElementById("dispmsg").innerHTML = hh+':'+mm;
if(httpObj.responseText=="hello") sendHello();
}else{
- document.getElementById("dispmsg").innerHTML = "Error!:3";
+ showError();
}
}
}catch(e){
- document.getElementById("watchdog").innerHTML = "Error!:4";
+ showError();
+ }
+}
+
+function showError(){
+ document.getElementById("watchdog").innerHTML = "Error!, Close This page";
+ document.getElementById("watchdog").style.backgroundColor = "pink";
+ document.title = "Useless Page";
+ keepConnect=false;
+}
+
+function clearCookie(){
+ if(keepConnect){
+ document.cookie = cookieName+"=;";
}
}
function endHttpkeep(){
+
+ //clear cookie
+ clearCookie();
+
if(httpObj!=null){
httpObj.abort();
}
}
-function initHttpkeep(urlArg, sid)
+function initHttpkeep(urlArg, sid, ckName)
{
+
// save arguments
httpkeepUrl=urlArg;
nowKey=hex_md5(sid);
+ cookieName=ckName;
sessionId=sid;
rand=Math.random();
nextKey=hex_md5(String(rand));
+ keepConnect=true;
// set timeout and send hello
sendHello();
</p>
<hr />
-<p>\e$B>e$N\e(B2\e$BK\$N@~$N4V$K\e(B[Error!]\e$B$,I=<($5$l$k$H$-$d$=$NB>$NIT6q9g$,$"$k;~$O!"%[!<%`$d$=$NB>$N%5%$%H$+$i%"%/%;%9$7$J$*$7$F$/$@$5$$!#$=$l$G$b2~A1$7$J$$>l9g$O%V%i%&%6$r=*N;$7$F$+$i:F;n9T$7$F$/$@$5$$!#$^$?G'>Z2hLL$NMxMQ;~4V%U%#!<%k%I$KCM$r$$$l$k$H!"$=$N;~4V$@$1;HMQ$9$k$3$H$,$G$-$^$9!#\e(B
+<p>\e$B>e$N\e(B2\e$BK\$N@~$N4V$K\e(B[Error!]\e$B$,I=<($5$l$?$H$-$O!"JL$N%Z!<%8$rMxMQ$7$F$/$@$5$$!#F0:n$,$*$+$7$$;~$O%V%i%&%6$r=*N;$7$F$+$i:F;n9T$7$F$/$@$5$$!#$^$?G'>Z2hLL$NMxMQ;~4V%U%#!<%k%I$KCM$r$$$l$k$H!"$=$N;~4V$@$1;HMQ$9$k$3$H$,$G$-$^$9!#\e(B
</p>
//<!--
window.open("%%STARTURL%%","window1");
- initHttpkeep("%%HTTPHELLOURL%%","%%SESSIONID%%");
+ initHttpkeep("%%HTTPHELLOURL%%","%%SESSIONID%%","%%COOKIENAME%%");
//-->
</script>
while(ptr!=NULL){
split(ptr, name, value, next);
- if(strstr(name[0], "OpengateAuth")!=NULL){
+ if(strstr(name[0], COOKIENAME)!=NULL){
strncpy(cookie, value[0], SIDMAXLN);
}else if(strstr(name[0], "Userid")!=NULL){
strncpy(userid, value[0], USERMAXLN);
/*********************************************/
/* put accept message and javascript to the client */
+/* httpkeep page is sent in watch-client.c */
/*********************************************/
void putClientAccept(char *userid, char *sessionId, int port, int pid, char *clientAddr4, char *clientAddr6, int ipStatus, int duration, int durationEntered, char *language, char *cookie, int cookieAuth, char *redirectedUrl)
{
char httpkeepUrl[BUFFMAXLN];
char portStr[WORDMAXLN];
char durationStr[WORDMAXLN];
+ char *startPageUrl="";
char *pAcceptDoc;
char *opengateDir=GetConfValue("OpengateDir");
char *opengateServerName=GetConfValue("OpengateServerName");
- char *startPageUrl="";
int startPageType=atoi(GetConfValue("StartPage/Type"));
/* select proper accept doc */
return;
}
+ /* if redirect page is not set, use other setting */
+ if(isNull(redirectedUrl)){
+ if(isNull(GetConfValue("StartPage/Url"))) redirectedUrl=acceptDoc2Url;
+ else redirectedUrl=GetConfValue("StartPage/Url");
+ }
+
/* create start page url to put information */
if(cookieAuth==1) startPageUrl=redirectedUrl;
else if(startPageType==0) startPageUrl=acceptDoc2Url;
/* write out html headers */
printf("Content-type: text/html\r\n");
- printf("Set-Cookie: OpengateAuth=%s&Userid=%s;\r\n\r\n", cookie, userid);
-
+ printf("Set-Cookie: %s=%s&Userid=%s;path=/;\r\n\r\n", COOKIENAME, cookie, userid);
+
/* read html document from file and send to web */
while(fgets(buff, BUFFMAXLN, fp)!=NULL){
-
+
/* length check */
if(strlen(buff)>=BUFFMAXLN-1){
err_msg("ERR at %s#%d: too long line in %s",__FILE__,__LINE__,acceptDocPath);
}
-
+
/* replace mark */
htmlReplace(buff, "%%OPENGATESERVERNAME%%", opengateServerName);
htmlReplace(buff, "%%OPENGATEDIR%%", opengateDir);
htmlReplace(buff, "%%TERMINATEURL%%", terminateUrl);
htmlReplace(buff, "%%HTTPKEEPURL%%", httpkeepUrl);
htmlReplace(buff, "%%STARTURL%%", startPageUrl);
-
+
/* write out */
printf("%s",buff);
}
-
+
/* write end */
fputs("\r\n\r\n",stdout);
fclose(fp);
int durationEntered=0; /* the duration value is entered or not */
int authResult=DENY;
int authNum=1; /* present authserver number to check user */
- int cookieAuth=FALSE; /* Auth with HTTP-Cookie is enabled */
+ int cookieAuth=FALSE; /* Auth with HTTP-Cookie is passed */
/* drop root privilege */
seteuid(getuid());
return 0;
}
- /* Try to authentication with cookie data */
- cookieAuth=GetCookieData(userid, clientAddr4,
+ /* try to authentication with cookie data, */
+ /* if cookie auth is enabled. */
+ if( (*GetConfValue("EnableCookieAuth")!='0') ){
+ cookieAuth=GetCookieData(userid, clientAddr4,
&duration,&durationEntered,language);
+ }
/* split user@server to user and server */
SplitId(userid, useridshort, extraId);
/* check enable IP versions */
if((ipStatus=CheckIpVersions(clientAddr4, clientAddr6))==0){
- PutClientMsg("Error: Please contact to the administrator");
+ PutClientMsg("Error: Please contact the administrator(1)");
return 0;
}
/* set terminate signal handler */
if(Signal(SIGTERM, closeExit)==SIG_ERR){
- PutClientMsg("Error: Please contact to the administrator");
+ PutClientMsg("Error: Please contact the administrator(2)");
return 0;
}
port=GetListenPort();
if(port<0){
err_msg("ERR at %s#%d: cannot get unused listen port",__FILE__,__LINE__);
- PutClientMsg("Error: Please contact to the administrator");
+ PutClientMsg("Error: Please contact the administrator(3)");
closeExit(1);
}
/* fork */
if((pid=Fork())==-1){
err_msg("ERR at %s#%d: fork error",__FILE__,__LINE__);
- PutClientMsg("Error: Please contact to the administrator");
+ PutClientMsg("Error: Please contact the administrator(4)");
closeExit(1);
}
opengateDir, lang);
/*** if http-cookie for opengate authentication exist */
+ /* and cookie auth is enabled, */
/* skip authenticaion */
- if(GetAuthCookie(cookie,userid)){
+ if( (*GetConfValue("EnableCookieAuth")!='0')
+ && GetAuthCookie(cookie,userid)){
strncat(htmlFile, GetConfValue("SkipAuthDoc"), BUFFMAXLN);
/* ssl or non-ssl protocol */
}
}
- /*** if cookie does not exist, request userid and password */
+ /*** otherwise, request userid and password */
else{
/* ssl or non-ssl file */
if(!isNull(getenv("SERVER_PORT"))
#define PAMSERVICENAME "opengate" /* default service name used in PAM */
#define RADIUSCONF "/etc/radius.conf" /* default path to radius.conf */
+#define COOKIENAME "OpengateAuth" /* http-cookie name */
+
#define ADDRMAXLN 128 /* maximum address string length */
#define PASSMAXLN 128 /* maximum password string length */
#define USERMAXLN 64 /* maximum userid string length */
return;
}
+ /* if redirect page is not set, use other setting */
+ if(isNull(redirectedUrl)){
+ if(isNull(GetConfValue("StartPage/Url"))) redirectedUrl=acceptDoc2Url;
+ else redirectedUrl=GetConfValue("StartPage/Url");
+ }
+
/* create start page url to put information */
if(cookieAuth==1) startPageUrl=redirectedUrl;
else if(startPageType==0) startPageUrl=acceptDoc2Url;
htmlReplace(buff, "%%OPENGATEPORT%%", portStr);
htmlReplace(buff, "%%LANGUAGE%%", language);
htmlReplace(buff, "%%STARTURL%%", startPageUrl);
+ htmlReplace(buff, "%%COOKIENAME%%", COOKIENAME);
/* length of chunk in hex */
Writefmt(connfd, "%x\r\n", strlen(buff));