1 /**************************************************
2 OpengateM - MAC address authentication system
4 Module for mac address registration cgi main
5 This is used for registration of devices without Web browser
6 (devices having Web is registered by using opengatemown page)
7 This page is called from opengatemchk page and
8 registers the address selected in opengatemchk page.
10 Opengatemchk page(operated by administrator) requires ADMIN's auth
11 and set ADMIN cookie. Opengatemreg page(operated by user)
12 requites ADMIN cookie and NORMAL user's auth.
14 Copyright (C) 2011 Opengate Project Team
15 Written by Yoshiaki Watanabe
17 This program is free software; you can redistribute it and/or
18 modify it under the terms of the GNU General Public License
19 as published by the Free Software Foundation; either version 2
20 of the License, or (at your option) any later version.
22 This program is distributed in the hope that it will be useful,
23 but WITHOUT ANY WARRANTY; without even the implied warranty of
24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 GNU General Public License for more details.
27 You should have received a copy of the GNU General Public License
28 along with this program; if not, write to the Free Software
29 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
31 Email: watanaby@is.saga-u.ac.jp
32 **************************************************/
34 #include "opengatemmng.h"
36 /***************************************************/
37 /* main routine called as cgi from Web server */
38 /***************************************************/
39 int main(int argc, char **argv)
41 char language[WORDMAXLN]=""; /* browser prefered language(e.g.:ja,en) */
42 char requestStr[BUFFMAXLN]=""; /* http request string */
43 char macAddress[ADDRMAXLN]=""; /* client MAC address */
44 char mailAddress[BUFFMAXLN]=""; /* user's mail address to get warning */
45 char mailDefault[BUFFMAXLN]=""; /* default address to get warning */
46 char deviceName[BUFFMAXLN]=""; /* client device name */
47 char userId[USERMAXLN]=""; /* user id */
48 char extraId[USERMAXLN]=""; /* extra id used as user@extra */
49 char* progName=""; /* the name of this program in argv[0] */
50 char adminCookie[SIDMAXLN]=""; /* cookie for admin user */
51 int isNatOrRouter=0; /* flag for nat or router insertion (checked in md) */
53 /* drop root privilege */
56 /* if this is executed in shell with '-v' option, show makedir */
58 if(strcmp(argv[1],"-v")==0){
59 printf("makedir: %s\n", MAKEDIR);
61 printf("This is cgi program\n");
62 printf("To show version, run this on console with '-v' option\n");
67 /* save program load path */
68 saveLoadPath(argv[0]);
69 progName = getProgramName();
71 /* prepare config file */
72 if(OpenConfFile()==-1){
73 PutMessageToClient("Check config file by running this cgi on console");
78 errToSyslog(atoi(GetConfValue("Syslog/Enable")));
79 openlog(progName, LOG_PID, atoi(GetConfValue("Syslog/Facility")));
81 /* initialize configuration */
83 if(!InitMngDb()) return 0;
85 /* this page requires both of ADMIN and NORMAL user authentications. */
86 /* any protocol can be set for the two authentications. */
87 /* but in shibboleth or httpbasic, same one cannot be used for both auth. */
88 /* (as twice authentication processing cannot be performed) */
89 if(IsShibOrBasicAuthDuplicated()){
90 PutMessageToClient("Error: Duplicated Shibboleth or HttpBasic setting");
94 /* get items in query string (sent from opengatemchk) */
95 /* the register button in check page calls this cgi */
96 GetLangFromQueryString(language);
97 GetMacAddrFromQueryString(macAddress);
99 /* if accessed via nat or router, return */
100 /* if nat, isNatRouter=NAT(1). if router, isNatRouter=ROUTER(2). */
101 isNatOrRouter=IsNatSuspectedInWorkDb(macAddress);
102 if(isNatOrRouter==NAT || isNatOrRouter==ROUTER){
103 SetMessage(SuspectNat);
104 PutDenyToClient(language);
109 /* if not get admin cookie, return */
110 /* as the admin cookie is set in check page, */
111 /* the existence of cookie certifies the jumping from check page. */
112 if(!IsCorrectCookie(adminCookie, ADMINUSER)){
113 SetMessage(NotSetAdminCookie);
114 PutDenyToClient(language);
118 /* if get mac address in query string, save the mac for cookie */
119 if(!isNull(macAddress)) SaveMacForCookieToWorkDb(adminCookie,macAddress);
122 GetPostData(requestStr, BUFFMAXLN);
124 /* get userid. if not get, exit */
125 if(!GetUserId(requestStr, userId, extraId, language, NORMALUSER,
126 GetConfValue("RegisterCgi"), mailDefault, "")){
131 /* if the registration device count is overflowed the limit, send error */
132 if(CountMacAddrsForUserInMngDb(userId,extraId)
133 >= atoi(GetConfValue("MaxDevices"))){
134 SetMessage(DeviceCountOver);
135 PutDenyToClient(language);
140 /* if some request is sent from client, analyze the request */
141 if(!isNull(requestStr)){
142 if(AnalyzeRegisterRequest(requestStr, macAddress, deviceName, mailAddress)){
144 /* register the new mac info to db */
145 RegistMacAddrToMngDb(macAddress,deviceName,userId,extraId,mailAddress);
146 PutMacModifyLogToMngDb(userId, extraId, macAddress, 'R');
147 SetMessage(RegisterSuccess);
149 /* refresh daemon cache */
150 /* send udp message including the mac address to the service daemon */
151 PutMacAddressToServers(macAddress);
155 /* prepare response and send to client */
156 /* restore mac address sent from opengatemchk */
157 if(isNull(mailAddress)) strcpy(mailAddress, mailDefault);
158 if(isNull(macAddress)) LoadMacForCookieFromWorkDb(adminCookie,macAddress);
160 /* send register page to the client */
161 PutRegisterPageToClient(language, macAddress, deviceName, mailAddress, userId, extraId,ADMIN,"");
169 /**************************************/
170 /* check running of opengatemd daemon */
171 /* and send hup signal to the daemon */
172 /**************************************/
173 void checkDaemonAndSendHupSignal(void){
179 /* get lock file name */
180 lockFileMd=GetConfValue("DaemonLockFile");
182 /* if lock file is not exists, set error */
183 if(stat(lockFileMd, &st)!=0){
184 SetMessage(NoDaemon);
188 /* read pid from the file */
189 if((file=fopen(lockFileMd, "r"))==NULL){
190 err_msg("ERR at %s#%d: cannot open daemon lock file:%s",__FILE__,__LINE__,
195 if(fscanf(file, "%d", &pid)==0){
196 err_msg("ERR at %s#%d: cannot read daemon lock file:%s",__FILE__,__LINE__,
202 /* check the daemon process running */
203 if(kill(pid, 0)!=0 && errno==ESRCH) SetMessage(NoDaemon);
205 /* send kill signal to the pid process if send is enabled */
206 if(atoi(GetConfValue("EnableSendingHup"))){
214 /*************************************
215 ************************************/
216 void CheckDaemonAndSendHupSignal(void){
217 if(debug>1) err_msg("DEBUG:=>checkDaemonAndSendHupSignal( )");
218 checkDaemonAndSendHupSignal();
219 if(debug>1) err_msg("DEBUG:<=checkDaemonAndSendHupSignal( )");