From 8f9ec530dd25884e3369a46e6d8dfa90bf621777 Mon Sep 17 00:00:00 2001 From: watanaby <> Date: Sun, 4 Oct 2009 07:26:03 +0000 Subject: [PATCH] Ver.1.5.2: fixed mulfunctions by remained cookie and null http_host. --- opengate/conf/opengatesrv.conf.sample | 5 ++++- opengate/doc/Changes.html | 4 ++++ opengate/javahtml/en/httpkeep.html | 5 ++--- opengate/javahtml/en/index-ssl.html | 2 +- opengate/javahtml/en/index.html | 9 +-------- opengate/javahtml/httpkeep.js | 33 +++++++++++++++++++++++++++------ opengate/javahtml/ja/httpkeep.html | 4 ++-- opengate/opengatesrv/comm-cgi.c | 23 +++++++++++++++-------- opengate/opengatesrv/main.c | 17 ++++++++++------- opengate/opengatesrv/opengateauth.c | 6 ++++-- opengate/opengatesrv/opengatesrv.h | 2 ++ opengate/opengatesrv/watch-client.c | 7 +++++++ 12 files changed, 79 insertions(+), 38 deletions(-) diff --git a/opengate/conf/opengatesrv.conf.sample b/opengate/conf/opengatesrv.conf.sample index d48c861..5706158 100644 --- a/opengate/conf/opengatesrv.conf.sample +++ b/opengate/conf/opengatesrv.conf.sample @@ -125,7 +125,7 @@ httpkeep.js md5.js - + http://www.google.com/ @@ -135,6 +135,9 @@ http://www.yahoo.com/ + + 1 + /usr/sbin/arp /usr/sbin/ndp diff --git a/opengate/doc/Changes.html b/opengate/doc/Changes.html index 983ae54..de64814 100644 --- a/opengate/doc/Changes.html +++ b/opengate/doc/Changes.html @@ -637,6 +637,10 @@ Opengate History Ver.1.5.1 at 2009.9.15
Modified english document. Removed disabled item in conf file. +
+ Ver.1.5.2 at 2009.10.4 +
+ Fixed mulfunctions by remained cookie and null http_host.

diff --git a/opengate/javahtml/en/httpkeep.html b/opengate/javahtml/en/httpkeep.html index ccc8a82..5ddfc22 100644 --- a/opengate/javahtml/en/httpkeep.html +++ b/opengate/javahtml/en/httpkeep.html @@ -66,8 +66,7 @@ Or, minimize this page and load other network programs.

If [Error!] is shown between above two lines or -other malfunction has occured, -please access the network from your home page or another (external) site. +other malfunction has occured, please use another page. Should your browser display any abnormal behavior, please close it and try again. If you enter a value in duration field of authentication page, @@ -77,7 +76,7 @@ the network can be used for that duration of time.

// diff --git a/opengate/javahtml/en/index-ssl.html b/opengate/javahtml/en/index-ssl.html index 7c9f87e..da5449f 100644 --- a/opengate/javahtml/en/index-ssl.html +++ b/opengate/javahtml/en/index-ssl.html @@ -62,7 +62,7 @@ when you want to stop using the network. -

If you have some questions, +

If you have any questions, please contact the network administrator.

Saga University
diff --git a/opengate/javahtml/en/index.html b/opengate/javahtml/en/index.html index 8b61398..449981a 100644 --- a/opengate/javahtml/en/index.html +++ b/opengate/javahtml/en/index.html @@ -63,7 +63,7 @@ when you want to stop using the network. -

If you have some questions, +

If you have any questions, please contact network administrator.

Saga University
@@ -74,10 +74,3 @@ please contact network administrator. - - - - - - - diff --git a/opengate/javahtml/httpkeep.js b/opengate/javahtml/httpkeep.js index 57e75bb..8db858c 100644 --- a/opengate/javahtml/httpkeep.js +++ b/opengate/javahtml/httpkeep.js @@ -5,6 +5,8 @@ var httpObj; var nextKey; var nowKey; var sessionId; +var keepConnect; +var cookieName; function createXMLHttpRequest() { try { return new ActiveXObject("Msxml2.XMLHTTP"); } catch(e) {} @@ -26,12 +28,11 @@ function sendHello(){ rand=Math.random(); nextKey=hex_md5(String(rand)); }catch(e){ - document.getElementById("watchdog").innerHTML = "Error!:1"; + showError(); } } - else{ - document.getElementById("watchdog").innerHTML = "Error!:2"; + showError(); } } @@ -46,28 +47,48 @@ function displayResponse() document.getElementById("dispmsg").innerHTML = hh+':'+mm; if(httpObj.responseText=="hello") sendHello(); }else{ - document.getElementById("dispmsg").innerHTML = "Error!:3"; + showError(); } } }catch(e){ - document.getElementById("watchdog").innerHTML = "Error!:4"; + showError(); + } +} + +function showError(){ + document.getElementById("watchdog").innerHTML = "Error!, Close This page"; + document.getElementById("watchdog").style.backgroundColor = "pink"; + document.title = "Useless Page"; + keepConnect=false; +} + +function clearCookie(){ + if(keepConnect){ + document.cookie = cookieName+"=;"; } } function endHttpkeep(){ + + //clear cookie + clearCookie(); + if(httpObj!=null){ httpObj.abort(); } } -function initHttpkeep(urlArg, sid) +function initHttpkeep(urlArg, sid, ckName) { + // save arguments httpkeepUrl=urlArg; nowKey=hex_md5(sid); + cookieName=ckName; sessionId=sid; rand=Math.random(); nextKey=hex_md5(String(rand)); + keepConnect=true; // set timeout and send hello sendHello(); diff --git a/opengate/javahtml/ja/httpkeep.html b/opengate/javahtml/ja/httpkeep.html index cf5ebce..9c27415 100644 --- a/opengate/javahtml/ja/httpkeep.html +++ b/opengate/javahtml/ja/httpkeep.html @@ -65,7 +65,7 @@ Webの利用には下のボタンを押して表示される別ウインドウを使ってください。

-

上の2本の線の間に[Error!]が表示されるときやその他の不具合がある時は、ホームやその他のサイトからアクセスしなおしてください。それでも改善しない場合はブラウザを終了してから再試行してください。また認証画面の利用時間フィールドに値をいれると、その時間だけ使用することができます。 +

上の2本の線の間に[Error!]が表示されたときは、別のページを利用してください。動作がおかしい時はブラウザを終了してから再試行してください。また認証画面の利用時間フィールドに値をいれると、その時間だけ使用することができます。

@@ -73,7 +73,7 @@ Webの利用には下のボタンを押して表示される別ウインドウを使ってください。 // diff --git a/opengate/opengatesrv/comm-cgi.c b/opengate/opengatesrv/comm-cgi.c index 9b14c9b..a5a42e1 100644 --- a/opengate/opengatesrv/comm-cgi.c +++ b/opengate/opengatesrv/comm-cgi.c @@ -240,7 +240,7 @@ int getAuthCookie(char *cookie, char *userid){ while(ptr!=NULL){ split(ptr, name, value, next); - if(strstr(name[0], "OpengateAuth")!=NULL){ + if(strstr(name[0], COOKIENAME)!=NULL){ strncpy(cookie, value[0], SIDMAXLN); }else if(strstr(name[0], "Userid")!=NULL){ strncpy(userid, value[0], USERMAXLN); @@ -368,6 +368,7 @@ void putClientMsg(char *message) /*********************************************/ /* put accept message and javascript to the client */ +/* httpkeep page is sent in watch-client.c */ /*********************************************/ void putClientAccept(char *userid, char *sessionId, int port, int pid, char *clientAddr4, char *clientAddr6, int ipStatus, int duration, int durationEntered, char *language, char *cookie, int cookieAuth, char *redirectedUrl) { @@ -380,10 +381,10 @@ void putClientAccept(char *userid, char *sessionId, int port, int pid, char *cli char httpkeepUrl[BUFFMAXLN]; char portStr[WORDMAXLN]; char durationStr[WORDMAXLN]; + char *startPageUrl=""; char *pAcceptDoc; char *opengateDir=GetConfValue("OpengateDir"); char *opengateServerName=GetConfValue("OpengateServerName"); - char *startPageUrl=""; int startPageType=atoi(GetConfValue("StartPage/Type")); /* select proper accept doc */ @@ -440,6 +441,12 @@ void putClientAccept(char *userid, char *sessionId, int port, int pid, char *cli return; } + /* if redirect page is not set, use other setting */ + if(isNull(redirectedUrl)){ + if(isNull(GetConfValue("StartPage/Url"))) redirectedUrl=acceptDoc2Url; + else redirectedUrl=GetConfValue("StartPage/Url"); + } + /* create start page url to put information */ if(cookieAuth==1) startPageUrl=redirectedUrl; else if(startPageType==0) startPageUrl=acceptDoc2Url; @@ -449,16 +456,16 @@ void putClientAccept(char *userid, char *sessionId, int port, int pid, char *cli /* write out html headers */ printf("Content-type: text/html\r\n"); - printf("Set-Cookie: OpengateAuth=%s&Userid=%s;\r\n\r\n", cookie, userid); - + printf("Set-Cookie: %s=%s&Userid=%s;path=/;\r\n\r\n", COOKIENAME, cookie, userid); + /* read html document from file and send to web */ while(fgets(buff, BUFFMAXLN, fp)!=NULL){ - + /* length check */ if(strlen(buff)>=BUFFMAXLN-1){ err_msg("ERR at %s#%d: too long line in %s",__FILE__,__LINE__,acceptDocPath); } - + /* replace mark */ htmlReplace(buff, "%%OPENGATESERVERNAME%%", opengateServerName); htmlReplace(buff, "%%OPENGATEDIR%%", opengateDir); @@ -470,11 +477,11 @@ void putClientAccept(char *userid, char *sessionId, int port, int pid, char *cli htmlReplace(buff, "%%TERMINATEURL%%", terminateUrl); htmlReplace(buff, "%%HTTPKEEPURL%%", httpkeepUrl); htmlReplace(buff, "%%STARTURL%%", startPageUrl); - + /* write out */ printf("%s",buff); } - + /* write end */ fputs("\r\n\r\n",stdout); fclose(fp); diff --git a/opengate/opengatesrv/main.c b/opengate/opengatesrv/main.c index 5617592..777a2b5 100644 --- a/opengate/opengatesrv/main.c +++ b/opengate/opengatesrv/main.c @@ -70,7 +70,7 @@ int main(int argc, char **argv) int durationEntered=0; /* the duration value is entered or not */ int authResult=DENY; int authNum=1; /* present authserver number to check user */ - int cookieAuth=FALSE; /* Auth with HTTP-Cookie is enabled */ + int cookieAuth=FALSE; /* Auth with HTTP-Cookie is passed */ /* drop root privilege */ seteuid(getuid()); @@ -104,9 +104,12 @@ int main(int argc, char **argv) return 0; } - /* Try to authentication with cookie data */ - cookieAuth=GetCookieData(userid, clientAddr4, + /* try to authentication with cookie data, */ + /* if cookie auth is enabled. */ + if( (*GetConfValue("EnableCookieAuth")!='0') ){ + cookieAuth=GetCookieData(userid, clientAddr4, &duration,&durationEntered,language); + } /* split user@server to user and server */ SplitId(userid, useridshort, extraId); @@ -119,7 +122,7 @@ int main(int argc, char **argv) /* check enable IP versions */ if((ipStatus=CheckIpVersions(clientAddr4, clientAddr6))==0){ - PutClientMsg("Error: Please contact to the administrator"); + PutClientMsg("Error: Please contact the administrator(1)"); return 0; } @@ -167,7 +170,7 @@ int main(int argc, char **argv) /* set terminate signal handler */ if(Signal(SIGTERM, closeExit)==SIG_ERR){ - PutClientMsg("Error: Please contact to the administrator"); + PutClientMsg("Error: Please contact the administrator(2)"); return 0; } @@ -183,7 +186,7 @@ int main(int argc, char **argv) port=GetListenPort(); if(port<0){ err_msg("ERR at %s#%d: cannot get unused listen port",__FILE__,__LINE__); - PutClientMsg("Error: Please contact to the administrator"); + PutClientMsg("Error: Please contact the administrator(3)"); closeExit(1); } @@ -192,7 +195,7 @@ int main(int argc, char **argv) /* fork */ if((pid=Fork())==-1){ err_msg("ERR at %s#%d: fork error",__FILE__,__LINE__); - PutClientMsg("Error: Please contact to the administrator"); + PutClientMsg("Error: Please contact the administrator(4)"); closeExit(1); } diff --git a/opengate/opengatesrv/opengateauth.c b/opengate/opengatesrv/opengateauth.c index 9f0d091..d00a143 100644 --- a/opengate/opengatesrv/opengateauth.c +++ b/opengate/opengatesrv/opengateauth.c @@ -149,8 +149,10 @@ int main(int argc, char **argv) opengateDir, lang); /*** if http-cookie for opengate authentication exist */ + /* and cookie auth is enabled, */ /* skip authenticaion */ - if(GetAuthCookie(cookie,userid)){ + if( (*GetConfValue("EnableCookieAuth")!='0') + && GetAuthCookie(cookie,userid)){ strncat(htmlFile, GetConfValue("SkipAuthDoc"), BUFFMAXLN); /* ssl or non-ssl protocol */ @@ -162,7 +164,7 @@ int main(int argc, char **argv) } } - /*** if cookie does not exist, request userid and password */ + /*** otherwise, request userid and password */ else{ /* ssl or non-ssl file */ if(!isNull(getenv("SERVER_PORT")) diff --git a/opengate/opengatesrv/opengatesrv.h b/opengate/opengatesrv/opengatesrv.h index 6dd618d..a3fe745 100644 --- a/opengate/opengatesrv/opengatesrv.h +++ b/opengate/opengatesrv/opengatesrv.h @@ -72,6 +72,8 @@ typedef void Sigfunc(int); /* for signal handlers */ #define PAMSERVICENAME "opengate" /* default service name used in PAM */ #define RADIUSCONF "/etc/radius.conf" /* default path to radius.conf */ +#define COOKIENAME "OpengateAuth" /* http-cookie name */ + #define ADDRMAXLN 128 /* maximum address string length */ #define PASSMAXLN 128 /* maximum password string length */ #define USERMAXLN 64 /* maximum userid string length */ diff --git a/opengate/opengatesrv/watch-client.c b/opengate/opengatesrv/watch-client.c index 0ebdfc6..c67ddfb 100644 --- a/opengate/opengatesrv/watch-client.c +++ b/opengate/opengatesrv/watch-client.c @@ -795,6 +795,12 @@ void sendHttpKeepPage(char *userid, char *sessionId, char *language, int port, i return; } + /* if redirect page is not set, use other setting */ + if(isNull(redirectedUrl)){ + if(isNull(GetConfValue("StartPage/Url"))) redirectedUrl=acceptDoc2Url; + else redirectedUrl=GetConfValue("StartPage/Url"); + } + /* create start page url to put information */ if(cookieAuth==1) startPageUrl=redirectedUrl; else if(startPageType==0) startPageUrl=acceptDoc2Url; @@ -831,6 +837,7 @@ void sendHttpKeepPage(char *userid, char *sessionId, char *language, int port, i htmlReplace(buff, "%%OPENGATEPORT%%", portStr); htmlReplace(buff, "%%LANGUAGE%%", language); htmlReplace(buff, "%%STARTURL%%", startPageUrl); + htmlReplace(buff, "%%COOKIENAME%%", COOKIENAME); /* length of chunk in hex */ Writefmt(connfd, "%x\r\n", strlen(buff)); -- 2.11.0