Annotation of embedaddon/coova-chilli/doc/hotspotlogin.cgi, revision 1.1
1.1 ! misho 1: #!/usr/bin/perl
! 2:
! 3: # chilli - ChilliSpot.org. A Wireless LAN Access Point Controller
! 4: # Copyright (C) 2003, 2004 Mondru AB.
! 5: # Copyright (C) 2006-2008 David Bird <david@coova.com>
! 6: #
! 7: # The contents of this file may be used under the terms of the GNU
! 8: # General Public License Version 2, provided that the above copyright
! 9: # notice and this permission notice is included in all copies or
! 10: # substantial portions of the software.
! 11:
! 12: # Redirects from ChilliSpot daemon:
! 13: #
! 14: # Redirection when not yet or already authenticated
! 15: # notyet: ChilliSpot daemon redirects to login page.
! 16: # already: ChilliSpot daemon redirects to success status page.
! 17: #
! 18: # Response to login:
! 19: # already: Attempt to login when already logged in.
! 20: # failed: Login failed
! 21: # success: Login succeded
! 22: #
! 23: # logoff: Response to a logout
! 24:
! 25:
! 26: # Shared secret used to encrypt challenge with. Prevents dictionary attacks.
! 27: # You should change this to your own shared secret.
! 28: $uamsecret = "ht2eb8ej6s4et3rg1ulp";
! 29:
! 30: # Uncomment the following line if you want to use ordinary user-password
! 31: # for radius authentication. Must be used together with $uamsecret.
! 32: #$userpassword=1;
! 33:
! 34: # This code is horrible -- it came that way, and remains that way. A
! 35: # real open-source captive portal for coova-chilli should be built -- david
! 36:
! 37: $loginpath = "/cgi-bin/hotspotlogin.cgi";
! 38:
! 39: use Digest::MD5 qw(md5 md5_hex md5_base64);
! 40:
! 41: # Make sure that the form parameters are clean
! 42: $OK_CHARS='-a-zA-Z0-9_.@&=%!';
! 43: $_ = $input = <STDIN>;
! 44: s/[^$OK_CHARS]/_/go;
! 45: $input = $_;
! 46:
! 47: # Make sure that the get query parameters are clean
! 48: $OK_CHARS='-a-zA-Z0-9_.@&=%!';
! 49: $_ = $query=$ENV{QUERY_STRING};
! 50: s/[^$OK_CHARS]/_/go;
! 51: $query = $_;
! 52:
! 53:
! 54: # If she did not use https tell her that it was wrong.
! 55: if (!($ENV{HTTPS} =~ /^on$/)) {
! 56: print "Content-type: text/html\n\n
! 57: <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
! 58: <html>
! 59: <head>
! 60: <title>ChilliSpot Login Failed</title>
! 61: <meta http-equiv=\"Cache-control\" content=\"no-cache\">
! 62: <meta http-equiv=\"Pragma\" content=\"no-cache\">
! 63: </head>
! 64: <body bgColor = '#c0d8f4'>
! 65: <h1 style=\"text-align: center;\">ChilliSpot Login Failed</h1>
! 66: <center>
! 67: Login must use encrypted connection.
! 68: </center>
! 69: </body>
! 70: <!--
! 71: <?xml version=\"1.0\" encoding=\"UTF-8\"?>
! 72: <WISPAccessGatewayParam
! 73: xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"
! 74: xsi:noNamespaceSchemaLocation=\"http://www.acmewisp.com/WISPAccessGatewayParam.xsd\">
! 75: <AuthenticationReply>
! 76: <MessageType>120</MessageType>
! 77: <ResponseCode>102</ResponseCode>
! 78: <ReplyMessage>Login must use encrypted connection</ReplyMessage>
! 79: </AuthenticationReply>
! 80: </WISPAccessGatewayParam>
! 81: -->
! 82: </html>
! 83: ";
! 84: exit(0);
! 85: }
! 86:
! 87:
! 88: #Read form parameters which we care about
! 89: @array = split('&',$input);
! 90: foreach $var ( @array )
! 91: {
! 92: @array2 = split('=',$var);
! 93: if ($array2[0] =~ /^username$/i) { $username = $array2[1]; }
! 94: if ($array2[0] =~ /^password$/i) { $password = $array2[1]; }
! 95: if ($array2[0] =~ /^challenge$/) { $challenge = $array2[1]; }
! 96: if ($array2[0] =~ /^button$/) { $button = $array2[1]; }
! 97: if ($array2[0] =~ /^logout$/) { $logout = $array2[1]; }
! 98: if ($array2[0] =~ /^prelogin$/) { $prelogin = $array2[1]; }
! 99: if ($array2[0] =~ /^res$/) { $res = $array2[1]; }
! 100: if ($array2[0] =~ /^uamip$/) { $uamip = $array2[1]; }
! 101: if ($array2[0] =~ /^uamport$/) { $uamport = $array2[1]; }
! 102: if ($array2[0] =~ /^userurl$/) { $userurl = $array2[1]; }
! 103: if ($array2[0] =~ /^timeleft$/) { $timeleft = $array2[1]; }
! 104: if ($array2[0] =~ /^redirurl$/) { $redirurl = $array2[1]; }
! 105: }
! 106:
! 107: #Read query parameters which we care about
! 108: @array = split('&',$query);
! 109: foreach $var ( @array )
! 110: {
! 111: @array2 = split('=',$var);
! 112: if ($array2[0] =~ /^username$/i) { $username = $array2[1]; }
! 113: if ($array2[0] =~ /^password$/i) { $password = $array2[1]; }
! 114: if ($array2[0] =~ /^res$/) { $res = $array2[1]; }
! 115: if ($array2[0] =~ /^challenge$/) { $challenge = $array2[1]; }
! 116: if ($array2[0] =~ /^uamip$/) { $uamip = $array2[1]; }
! 117: if ($array2[0] =~ /^uamport$/) { $uamport = $array2[1]; }
! 118: if ($array2[0] =~ /^reply$/) { $reply = $array2[1]; }
! 119: if ($array2[0] =~ /^userurl$/) { $userurl = $array2[1]; }
! 120: if ($array2[0] =~ /^timeleft$/) { $timeleft = $array2[1]; }
! 121: if ($array2[0] =~ /^redirurl$/) { $redirurl = $array2[1]; }
! 122: }
! 123:
! 124:
! 125: $reply =~ s/\+/ /g;
! 126: $reply =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
! 127:
! 128: $userurldecode = $userurl;
! 129: $userurldecode =~ s/\+/ /g;
! 130: $userurldecode =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
! 131:
! 132: $redirurldecode = $redirurl;
! 133: $redirurldecode =~ s/\+/ /g;
! 134: $redirurldecode =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
! 135:
! 136: $password =~ s/\+/ /g;
! 137: $password =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
! 138:
! 139: # If attempt to login
! 140: if ($button =~ /^Login$/) {
! 141: $hexchal = pack "H32", $challenge;
! 142: if (defined $uamsecret) {
! 143: $newchal = md5($hexchal, $uamsecret);
! 144: }
! 145: else {
! 146: $newchal = $hexchal;
! 147: }
! 148: $response = md5_hex("\0", $password, $newchal);
! 149: $pappassword = unpack "H32", ($password ^ $newchal);
! 150: #sleep 5;
! 151: print "Content-type: text/html\n\n";
! 152: print "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
! 153: <html>
! 154: <head>
! 155: <title>ChilliSpot Login</title>
! 156: <meta http-equiv=\"Cache-control\" content=\"no-cache\">
! 157: <meta http-equiv=\"Pragma\" content=\"no-cache\">";
! 158: if ((defined $uamsecret) && defined($userpassword)) {
! 159: print " <meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&password=$pappassword\">";
! 160: } else {
! 161: print " <meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&response=$response&userurl=$userurl\">";
! 162: }
! 163: print "</head>
! 164: <body bgColor = '#c0d8f4'>";
! 165: print "<h1 style=\"text-align: center;\">Logging in to ChilliSpot</h1>";
! 166: print "
! 167: <center>
! 168: Please wait......
! 169: </center>
! 170: </body>
! 171: <!--
! 172: <?xml version=\"1.0\" encoding=\"UTF-8\"?>
! 173: <WISPAccessGatewayParam
! 174: xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"
! 175: xsi:noNamespaceSchemaLocation=\"http://www.acmewisp.com/WISPAccessGatewayParam.xsd\">
! 176: <AuthenticationReply>
! 177: <MessageType>120</MessageType>
! 178: <ResponseCode>201</ResponseCode>
! 179: ";
! 180: if ((defined $uamsecret) && defined($userpassword)) {
! 181: print "<LoginResultsURL>http://$uamip:$uamport/logon?username=$username&password=$pappassword</LoginResultsURL>";
! 182: } else {
! 183: print "<LoginResultsURL>http://$uamip:$uamport/logon?username=$username&response=$response&userurl=$userurl</LoginResultsURL>";
! 184: }
! 185: print "</AuthenticationReply>
! 186: </WISPAccessGatewayParam>
! 187: -->
! 188: </html>
! 189: ";
! 190: exit(0);
! 191: }
! 192:
! 193:
! 194: # Default: It was not a form request
! 195: $result = 0;
! 196:
! 197: # If login successful
! 198: if ($res =~ /^success$/) {
! 199: $result = 1;
! 200: }
! 201:
! 202: # If login failed
! 203: if ($res =~ /^failed$/) {
! 204: $result = 2;
! 205: }
! 206:
! 207: # If logout successful
! 208: if ($res =~ /^logoff$/) {
! 209: $result = 3;
! 210: }
! 211:
! 212: # If tried to login while already logged in
! 213: if ($res =~ /^already$/) {
! 214: $result = 4;
! 215: }
! 216:
! 217: # If not logged in yet
! 218: if ($res =~ /^notyet$/) {
! 219: $result = 5;
! 220: }
! 221:
! 222: # If login from smart client
! 223: if ($res =~ /^smartclient$/) {
! 224: $result = 6;
! 225: }
! 226:
! 227: # If requested a logging in pop up window
! 228: if ($res =~ /^popup1$/) {
! 229: $result = 11;
! 230: }
! 231:
! 232: # If requested a success pop up window
! 233: if ($res =~ /^popup2$/) {
! 234: $result = 12;
! 235: }
! 236:
! 237: # If requested a logout pop up window
! 238: if ($res =~ /^popup3$/) {
! 239: $result = 13;
! 240: }
! 241:
! 242:
! 243: # Otherwise it was not a form request
! 244: # Send out an error message
! 245: if ($result == 0) {
! 246: print "Content-type: text/html\n\n
! 247: <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
! 248: <html>
! 249: <head>
! 250: <title>ChilliSpot Login Failed</title>
! 251: <meta http-equiv=\"Cache-control\" content=\"no-cache\">
! 252: <meta http-equiv=\"Pragma\" content=\"no-cache\">
! 253: </head>
! 254: <body bgColor = '#c0d8f4'>
! 255: <h1 style=\"text-align: center;\">ChilliSpot Login Failed</h1>
! 256: <center>
! 257: Login must be performed through ChilliSpot daemon.
! 258: </center>
! 259: </body>
! 260: </html>
! 261: ";
! 262: exit(0);
! 263: }
! 264:
! 265: #Generate the output
! 266: print "Content-type: text/html\n\n
! 267: <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
! 268: <html>
! 269: <head>
! 270: <title>ChilliSpot Login</title>
! 271: <meta http-equiv=\"Cache-control\" content=\"no-cache\">
! 272: <meta http-equiv=\"Pragma\" content=\"no-cache\">
! 273: <SCRIPT LANGUAGE=\"JavaScript\">
! 274: var blur = 0;
! 275: var starttime = new Date();
! 276: var startclock = starttime.getTime();
! 277: var mytimeleft = 0;
! 278:
! 279: function doTime() {
! 280: window.setTimeout( \"doTime()\", 1000 );
! 281: t = new Date();
! 282: time = Math.round((t.getTime() - starttime.getTime())/1000);
! 283: if (mytimeleft) {
! 284: time = mytimeleft - time;
! 285: if (time <= 0) {
! 286: window.location = \"$loginpath?res=popup3&uamip=$uamip&uamport=$uamport\";
! 287: }
! 288: }
! 289: if (time < 0) time = 0;
! 290: hours = (time - (time % 3600)) / 3600;
! 291: time = time - (hours * 3600);
! 292: mins = (time - (time % 60)) / 60;
! 293: secs = time - (mins * 60);
! 294: if (hours < 10) hours = \"0\" + hours;
! 295: if (mins < 10) mins = \"0\" + mins;
! 296: if (secs < 10) secs = \"0\" + secs;
! 297: title = \"Online time: \" + hours + \":\" + mins + \":\" + secs;
! 298: if (mytimeleft) {
! 299: title = \"Remaining time: \" + hours + \":\" + mins + \":\" + secs;
! 300: }
! 301: if(document.all || document.getElementById){
! 302: document.title = title;
! 303: }
! 304: else {
! 305: self.status = title;
! 306: }
! 307: }
! 308:
! 309: function popUp(URL) {
! 310: if (self.name != \"chillispot_popup\") {
! 311: chillispot_popup = window.open(URL, 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=375');
! 312: }
! 313: }
! 314:
! 315: function doOnLoad(result, URL, userurl, redirurl, timeleft) {
! 316: if (timeleft) {
! 317: mytimeleft = timeleft;
! 318: }
! 319: if ((result == 1) && (self.name == \"chillispot_popup\")) {
! 320: doTime();
! 321: }
! 322: if ((result == 1) && (self.name != \"chillispot_popup\")) {
! 323: chillispot_popup = window.open(URL, 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=375');
! 324: }
! 325: if ((result == 2) || result == 5) {
! 326: document.form1.UserName.focus()
! 327: }
! 328: if ((result == 2) && (self.name != \"chillispot_popup\")) {
! 329: chillispot_popup = window.open('', 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=400,height=200');
! 330: chillispot_popup.close();
! 331: }
! 332: if ((result == 12) && (self.name == \"chillispot_popup\")) {
! 333: doTime();
! 334: if (redirurl) {
! 335: opener.location = redirurl;
! 336: }
! 337: else if (opener.home) {
! 338: opener.home();
! 339: }
! 340: else {
! 341: opener.location = \"about:home\";
! 342: }
! 343: self.focus();
! 344: blur = 0;
! 345: }
! 346: if ((result == 13) && (self.name == \"chillispot_popup\")) {
! 347: self.focus();
! 348: blur = 1;
! 349: }
! 350: }
! 351:
! 352: function doOnBlur(result) {
! 353: if ((result == 12) && (self.name == \"chillispot_popup\")) {
! 354: if (blur == 0) {
! 355: blur = 1;
! 356: self.focus();
! 357: }
! 358: }
! 359: }
! 360: </script>
! 361: </head>
! 362: <body onLoad=\"javascript:doOnLoad($result, '$loginpath?res=popup2&uamip=$uamip&uamport=$uamport&userurl=$userurl&redirurl=$redirurl&timeleft=$timeleft','$userurldecode', '$redirurldecode', '$timeleft')\" onBlur = \"javascript:doOnBlur($result)\" bgColor = '#c0d8f4'>";
! 363:
! 364:
! 365: # if (!window.opener) {
! 366: # document.bgColor = '#c0d8f4';
! 367: # }
! 368:
! 369: #print "THE INPUT: $input";
! 370: #foreach $key (sort (keys %ENV)) {
! 371: # print $key, ' = ', $ENV{$key}, "<br>\n";
! 372: #}
! 373:
! 374: if ($result == 2) {
! 375: print "
! 376: <h1 style=\"text-align: center;\">ChilliSpot Login Failed</h1>";
! 377: if ($reply) {
! 378: print "<center> $reply </BR></BR></center>";
! 379: }
! 380: }
! 381:
! 382: if ($result == 5) {
! 383: print "
! 384: <h1 style=\"text-align: center;\">ChilliSpot Login</h1>";
! 385: }
! 386:
! 387: if ($result == 2 || $result == 5) {
! 388: print "
! 389: <form name=\"form1\" method=\"post\" action=\"$loginpath\">
! 390: <INPUT TYPE=\"hidden\" NAME=\"challenge\" VALUE=\"$challenge\">
! 391: <INPUT TYPE=\"hidden\" NAME=\"uamip\" VALUE=\"$uamip\">
! 392: <INPUT TYPE=\"hidden\" NAME=\"uamport\" VALUE=\"$uamport\">
! 393: <INPUT TYPE=\"hidden\" NAME=\"userurl\" VALUE=\"$userurl\">
! 394: <center>
! 395: <table border=\"0\" cellpadding=\"5\" cellspacing=\"0\" style=\"width: 217px;\">
! 396: <tbody>
! 397: <tr>
! 398: <td align=\"right\">Username:</td>
! 399: <td><input STYLE=\"font-family: Arial\" type=\"text\" name=\"UserName\" size=\"20\" maxlength=\"128\"></td>
! 400: </tr>
! 401: <tr>
! 402: <td align=\"right\">Password:</td>
! 403: <td><input STYLE=\"font-family: Arial\" type=\"password\" name=\"Password\" size=\"20\" maxlength=\"128\"></td>
! 404: </tr>
! 405: <tr>
! 406: <td align=\"center\" colspan=\"2\" height=\"23\"><input type=\"submit\" name=\"button\" value=\"Login\" onClick=\"javascript:popUp('$loginpath?res=popup1&uamip=$uamip&uamport=$uamport')\"></td>
! 407: </tr>
! 408: </tbody>
! 409: </table>
! 410: </center>
! 411: </form>
! 412: </body>
! 413: </html>";
! 414: }
! 415:
! 416: if ($result == 1) {
! 417: print "
! 418: <h1 style=\"text-align: center;\">Logged in to ChilliSpot</h1>";
! 419:
! 420: if ($reply) {
! 421: print "<center> $reply </BR></BR></center>";
! 422: }
! 423:
! 424: print "
! 425: <center>
! 426: <a href=\"http://$uamip:$uamport/logoff\">Logout</a>
! 427: </center>
! 428: </body>
! 429: </html>";
! 430: }
! 431:
! 432: if (($result == 4) || ($result == 12)) {
! 433: print "
! 434: <h1 style=\"text-align: center;\">Logged in to ChilliSpot</h1>
! 435: <center>
! 436: <a href=\"http://$uamip:$uamport/logoff\">Logout</a>
! 437: </center>
! 438: </body>
! 439: </html>";
! 440: }
! 441:
! 442:
! 443: if ($result == 11) {
! 444: print "<h1 style=\"text-align: center;\">Logging in to ChilliSpot</h1>";
! 445: print "
! 446: <center>
! 447: Please wait......
! 448: </center>
! 449: </body>
! 450: </html>";
! 451: }
! 452:
! 453:
! 454: if (($result == 3) || ($result == 13)) {
! 455: print "
! 456: <h1 style=\"text-align: center;\">Logged out from ChilliSpot</h1>
! 457: <center>
! 458: <a href=\"http://$uamip:$uamport/prelogin\">Login</a>
! 459: </center>
! 460: </body>
! 461: </html>";
! 462: }
! 463:
! 464:
! 465: exit(0);
! 466:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to hotspotlogin.cgi CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / coova-chilli / doc