Main Page | Data Structures | Directories | File List | Data Fields

wifidog-1.1.3_beta2/src/auth.c

00001 /********************************************************************\
00002  * This program is free software; you can redistribute it and/or    *
00003  * modify it under the terms of the GNU General Public License as   *
00004  * published by the Free Software Foundation; either version 2 of   *
00005  * the License, or (at your option) any later version.              *
00006  *                                                                  *
00007  * This program is distributed in the hope that it will be useful,  *
00008  * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
00009  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
00010  * GNU General Public License for more details.                     *
00011  *                                                                  *
00012  * You should have received a copy of the GNU General Public License*
00013  * along with this program; if not, contact:                        *
00014  *                                                                  *
00015  * Free Software Foundation           Voice:  +1-617-542-5942       *
00016  * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
00017  * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
00018  *                                                                  *
00019 \********************************************************************/
00020 
00021 /* $Id: auth.c 935 2006-01-31 22:22:04 -0500 (Tue, 31 Jan 2006) benoitg $ */
00027 #define _GNU_SOURCE
00028 
00029 #include <stdio.h>
00030 #include <stdlib.h>
00031 #include <pthread.h>
00032 #include <string.h>
00033 #include <stdarg.h>
00034 #include <sys/types.h>
00035 #include <sys/socket.h>
00036 #include <unistd.h>
00037 #include <syslog.h>
00038 
00039 #include "httpd.h"
00040 #include "http.h"
00041 #include "safe.h"
00042 #include "conf.h"
00043 #include "debug.h"
00044 #include "auth.h"
00045 #include "centralserver.h"
00046 #include "fw_iptables.h"
00047 #include "firewall.h"
00048 #include "client_list.h"
00049 #include "util.h"
00050 
00051 /* Defined in clientlist.c */
00052 extern  pthread_mutex_t client_list_mutex;
00053 
00054 /* Defined in util.c */
00055 extern long served_this_session;
00056 
00062 void
00063 thread_client_timeout_check(void *arg)
00064 {
00065         pthread_cond_t          cond = PTHREAD_COND_INITIALIZER;
00066         pthread_mutex_t         cond_mutex = PTHREAD_MUTEX_INITIALIZER;
00067         struct  timespec        timeout;
00068         
00069         while (1) {
00070                 /* Sleep for config.checkinterval seconds... */
00071           timeout.tv_sec = time(NULL) + config_get_config()->checkinterval;
00072                 timeout.tv_nsec = 0;
00073 
00074                 /* Mutex must be locked for pthread_cond_timedwait... */
00075                 pthread_mutex_lock(&cond_mutex);
00076                 
00077                 /* Thread safe "sleep" */
00078                 pthread_cond_timedwait(&cond, &cond_mutex, &timeout);
00079 
00080                 /* No longer needs to be locked */
00081                 pthread_mutex_unlock(&cond_mutex);
00082         
00083                 debug(LOG_DEBUG, "Running fw_counter()");
00084         
00085                 fw_sync_with_authserver();
00086         }
00087 }
00088 
00092 void
00093 authenticate_client(request *r)
00094 {
00095         t_client        *client;
00096         t_authresponse  auth_response;
00097         char    *ip,
00098                 *mac,
00099                 *token;
00100         char *newlocation = NULL;
00101         char *protocol = NULL;
00102         s_config        *config = NULL;
00103         t_auth_serv     *auth_server = NULL;
00104         int port = 80;
00105 
00106         LOCK_CLIENT_LIST();
00107 
00108         client = client_list_find_by_ip(r->clientAddr);
00109 
00110         if (client == NULL) {
00111                 debug(LOG_ERR, "Could not find client for %s", ip);
00112                 UNLOCK_CLIENT_LIST();
00113                 return;
00114         }
00115         
00116         mac = safe_strdup(client->mac);
00117         token = safe_strdup(client->token);
00118         
00119         UNLOCK_CLIENT_LIST();
00120                 
00121         auth_server_request(&auth_response, REQUEST_TYPE_LOGIN, r->clientAddr, mac, token, 0, 0);
00122         
00123         LOCK_CLIENT_LIST();
00124         
00125         /* can't trust the client to still exist */
00126         client = client_list_find(r->clientAddr, mac);
00127         
00128         if (client == NULL) {
00129                 debug(LOG_ERR, "Could not find client node for %s (%s)", r->clientAddr, mac);
00130                 UNLOCK_CLIENT_LIST();
00131                 free(token);
00132                 free(mac);
00133                 return;
00134         }
00135         
00136         free(token);
00137         free(mac);
00138 
00139         /* Prepare some variables we'll need below */
00140         config = config_get_config();
00141         auth_server = get_auth_server();
00142 
00143         if (auth_server->authserv_use_ssl) {
00144                 protocol = "https";
00145                 port = auth_server->authserv_ssl_port;
00146         } else {
00147                 protocol = "http";
00148                 port = auth_server->authserv_http_port;
00149         }
00150 
00151         switch(auth_response.authcode) {
00152 
00153         case AUTH_ERROR:
00154                 /* Error talking to central server */
00155                 debug(LOG_ERR, "Got %d from central server authenticating token %s from %s at %s", auth_response, client->token, client->ip, client->mac);
00156                 http_wifidog_header(r, "Error!");
00157                 httpdOutput(r, "Error: We did not get a valid answer from the central server");
00158                 http_wifidog_footer(r);
00159                 break;
00160 
00161         case AUTH_DENIED:
00162                 /* Central server said invalid token */
00163                 debug(LOG_INFO, "Got DENIED from central server authenticating token %s from %s at %s - redirecting them to denied message", client->token, client->ip, client->mac);
00164                 safe_asprintf(&newlocation, "Location: %s://%s:%d%sgw_message.php?message=denied",
00165                         protocol,
00166                         auth_server->authserv_hostname,
00167                         port,
00168                         auth_server->authserv_path
00169                 );
00170                 httpdSetResponse(r, "307 Redirect to denied message\n");
00171                 httpdAddHeader(r, newlocation);
00172                 free(newlocation);
00173                 http_wifidog_header(r, "Redirection to message");
00174                 httpdPrintf(r, "Please <a href='%s://%s:%d%sgw_message.php?message=denied'>click here</a>.",
00175                         protocol,
00176                         auth_server->authserv_hostname,
00177                         port,
00178                         auth_server->authserv_path
00179                 );
00180                 http_wifidog_footer(r);
00181                 break;
00182 
00183     case AUTH_VALIDATION:
00184                 /* They just got validated for X minutes to check their email */
00185                 debug(LOG_INFO, "Got VALIDATION from central server authenticating token %s from %s at %s - adding to firewall and redirecting them to activate message", client->token, client->ip, client->mac);
00186                 client->fw_connection_state = FW_MARK_PROBATION;
00187                 fw_allow(client->ip, client->mac, FW_MARK_PROBATION);
00188                 safe_asprintf(&newlocation, "Location: %s://%s:%d%sgw_message.php?message=activate",
00189                         protocol,
00190                         auth_server->authserv_hostname,
00191                         port,
00192                         auth_server->authserv_path
00193                 );
00194                 httpdSetResponse(r, "307 Redirect to activate message\n");
00195                 httpdAddHeader(r, newlocation);
00196                 free(newlocation);
00197                 http_wifidog_header(r, "Redirection to message");
00198                 httpdPrintf(r, "Please <a href='%s://%s:%d%sgw_message.php?message=activate'>click here</a>.",
00199                         protocol,
00200                         auth_server->authserv_hostname,
00201                         port,
00202                         auth_server->authserv_path
00203                 );
00204                 http_wifidog_footer(r);
00205             break;
00206 
00207     case AUTH_ALLOWED:
00208                 /* Logged in successfully as a regular account */
00209                 debug(LOG_INFO, "Got ALLOWED from central server authenticating token %s from %s at %s - adding to firewall and redirecting them to portal", client->token, client->ip, client->mac);
00210                 client->fw_connection_state = FW_MARK_KNOWN;
00211                 fw_allow(client->ip, client->mac, FW_MARK_KNOWN);
00212         served_this_session++;
00213                 safe_asprintf(&newlocation, "Location: %s://%s:%d%sportal/?gw_id=%s",
00214                         protocol,
00215                         auth_server->authserv_hostname,
00216                         port,
00217                         auth_server->authserv_path,
00218                         config->gw_id
00219                 );
00220                 httpdSetResponse(r, "307 Redirect to portal\n");
00221                 httpdAddHeader(r, newlocation);
00222                 free(newlocation);
00223                 http_wifidog_header(r, "Redirection to portal");
00224                 httpdPrintf(r, "Please <a href='%s://%s:%d%sportal/?gw_id=%s'>click here</a> for the portal.",
00225                         protocol,
00226                         auth_server->authserv_hostname,
00227                         port,
00228                         auth_server->authserv_path,
00229                         config->gw_id
00230                 );
00231                 http_wifidog_footer(r);
00232             break;
00233 
00234     case AUTH_VALIDATION_FAILED:
00235                  /* Client had X minutes to validate account by email and didn't = too late */
00236                 debug(LOG_INFO, "Got VALIDATION_FAILED from central server authenticating token %s from %s at %s - redirecting them to failed_validation message", client->token, client->ip, client->mac);
00237                 safe_asprintf(&newlocation, "Location: %s://%s:%d%sgw_message.php?message=failed_validation",
00238                         protocol,
00239                         auth_server->authserv_hostname,
00240                         port,
00241                         auth_server->authserv_path
00242                 );
00243                 httpdSetResponse(r, "307 Redirect to failed validation message\n");
00244                 httpdAddHeader(r, newlocation);
00245                 free(newlocation);
00246                 http_wifidog_header(r, "Redirection to message");
00247                 httpdPrintf(r, "Please <a href='%s://%s:%d%sgw_message.php?message=failed_validation'>click here</a>.",
00248                         protocol,
00249                         auth_server->authserv_hostname,
00250                         port,
00251                         auth_server->authserv_path
00252                 );
00253                 http_wifidog_footer(r);
00254             break;
00255 
00256     default:
00257                 debug(LOG_WARNING, "I don't know what the validation code %d means for token %s from %s at %s - sending error message", auth_response.authcode, client->token, client->ip, client->mac);
00258                 http_wifidog_header(r, "Internal error");
00259                 httpdOutput(r, "We can not validate your request at this time");
00260                 http_wifidog_footer(r);
00261             break;
00262 
00263         }
00264 
00265         UNLOCK_CLIENT_LIST();
00266         return;
00267 }
00268 
00269 

Generated on Tue Jan 31 23:13:15 2006 for WifiDog by  doxygen 1.4.4