embedaddon/coova-chilli/doc/hotspotlogin.cgi - view

File: [ELWIX - Embedded LightWeight unIX -] / embedaddon / coova-chilli / doc / hotspotlogin.cgi
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 22:48:25 2012 UTC (13 years, 1 month ago) by misho
Branches: coova-chilli, MAIN
CVS tags: v1_0_12, HEAD

coova-chilli

1: #!/usr/bin/perl 2: 3: # chilli - ChilliSpot.org. A Wireless LAN Access Point Controller 4: # Copyright (C) 2003, 2004 Mondru AB. 5: # Copyright (C) 2006-2008 David Bird <david@coova.com> 6: # 7: # The contents of this file may be used under the terms of the GNU 8: # General Public License Version 2, provided that the above copyright 9: # notice and this permission notice is included in all copies or 10: # substantial portions of the software. 11: 12: # Redirects from ChilliSpot daemon: 13: # 14: # Redirection when not yet or already authenticated 15: # notyet: ChilliSpot daemon redirects to login page. 16: # already: ChilliSpot daemon redirects to success status page. 17: # 18: # Response to login: 19: # already: Attempt to login when already logged in. 20: # failed: Login failed 21: # success: Login succeded 22: # 23: # logoff: Response to a logout 24: 25: 26: # Shared secret used to encrypt challenge with. Prevents dictionary attacks. 27: # You should change this to your own shared secret. 28: $uamsecret = "ht2eb8ej6s4et3rg1ulp"; 29: 30: # Uncomment the following line if you want to use ordinary user-password 31: # for radius authentication. Must be used together with $uamsecret. 32: #$userpassword=1; 33: 34: # This code is horrible -- it came that way, and remains that way. A 35: # real open-source captive portal for coova-chilli should be built -- david 36: 37: $loginpath = "/cgi-bin/hotspotlogin.cgi"; 38: 39: use Digest::MD5 qw(md5 md5_hex md5_base64); 40: 41: # Make sure that the form parameters are clean 42: $OK_CHARS='-a-zA-Z0-9_.@&=%!'; 43: $_ = $input = <STDIN>; 44: s/[^$OK_CHARS]/_/go; 45: $input = $_; 46: 47: # Make sure that the get query parameters are clean 48: $OK_CHARS='-a-zA-Z0-9_.@&=%!'; 49: $_ = $query=$ENV{QUERY_STRING}; 50: s/[^$OK_CHARS]/_/go; 51: $query = $_; 52: 53: 54: # If she did not use https tell her that it was wrong. 55: if (!($ENV{HTTPS} =~ /^on$/)) { 56: print "Content-type: text/html\n\n 57: <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> 58: <html> 59: <head> 60: <title>ChilliSpot Login Failed</title> 61: <meta http-equiv=\"Cache-control\" content=\"no-cache\"> 62: <meta http-equiv=\"Pragma\" content=\"no-cache\"> 63: </head> 64: <body bgColor = '#c0d8f4'> 65: <h1 style=\"text-align: center;\">ChilliSpot Login Failed</h1> 66: <center> 67: Login must use encrypted connection. 68: </center> 69: </body> 70:  82: </html> 83: "; 84: exit(0); 85: } 86: 87: 88: #Read form parameters which we care about 89: @array = split('&',$input); 90: foreach $var ( @array ) 91: { 92: @array2 = split('=',$var); 93: if ($array2[0] =~ /^username$/i) { $username = $array2[1]; } 94: if ($array2[0] =~ /^password$/i) { $password = $array2[1]; } 95: if ($array2[0] =~ /^challenge$/) { $challenge = $array2[1]; } 96: if ($array2[0] =~ /^button$/) { $button = $array2[1]; } 97: if ($array2[0] =~ /^logout$/) { $logout = $array2[1]; } 98: if ($array2[0] =~ /^prelogin$/) { $prelogin = $array2[1]; } 99: if ($array2[0] =~ /^res$/) { $res = $array2[1]; } 100: if ($array2[0] =~ /^uamip$/) { $uamip = $array2[1]; } 101: if ($array2[0] =~ /^uamport$/) { $uamport = $array2[1]; } 102: if ($array2[0] =~ /^userurl$/) { $userurl = $array2[1]; } 103: if ($array2[0] =~ /^timeleft$/) { $timeleft = $array2[1]; } 104: if ($array2[0] =~ /^redirurl$/) { $redirurl = $array2[1]; } 105: } 106: 107: #Read query parameters which we care about 108: @array = split('&',$query); 109: foreach $var ( @array ) 110: { 111: @array2 = split('=',$var); 112: if ($array2[0] =~ /^username$/i) { $username = $array2[1]; } 113: if ($array2[0] =~ /^password$/i) { $password = $array2[1]; } 114: if ($array2[0] =~ /^res$/) { $res = $array2[1]; } 115: if ($array2[0] =~ /^challenge$/) { $challenge = $array2[1]; } 116: if ($array2[0] =~ /^uamip$/) { $uamip = $array2[1]; } 117: if ($array2[0] =~ /^uamport$/) { $uamport = $array2[1]; } 118: if ($array2[0] =~ /^reply$/) { $reply = $array2[1]; } 119: if ($array2[0] =~ /^userurl$/) { $userurl = $array2[1]; } 120: if ($array2[0] =~ /^timeleft$/) { $timeleft = $array2[1]; } 121: if ($array2[0] =~ /^redirurl$/) { $redirurl = $array2[1]; } 122: } 123: 124: 125: $reply =~ s/\+/ /g; 126: $reply =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg; 127: 128: $userurldecode = $userurl; 129: $userurldecode =~ s/\+/ /g; 130: $userurldecode =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg; 131: 132: $redirurldecode = $redirurl; 133: $redirurldecode =~ s/\+/ /g; 134: $redirurldecode =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg; 135: 136: $password =~ s/\+/ /g; 137: $password =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg; 138: 139: # If attempt to login 140: if ($button =~ /^Login$/) { 141: $hexchal = pack "H32", $challenge; 142: if (defined $uamsecret) { 143: $newchal = md5($hexchal, $uamsecret); 144: } 145: else { 146: $newchal = $hexchal; 147: } 148: $response = md5_hex("\0", $password, $newchal); 149: $pappassword = unpack "H32", ($password ^ $newchal); 150: #sleep 5; 151: print "Content-type: text/html\n\n"; 152: print "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> 153: <html> 154: <head> 155: <title>ChilliSpot Login</title> 156: <meta http-equiv=\"Cache-control\" content=\"no-cache\"> 157: <meta http-equiv=\"Pragma\" content=\"no-cache\">"; 158: if ((defined $uamsecret) && defined($userpassword)) { 159: print " <meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&password=$pappassword\">"; 160: } else { 161: print " <meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&response=$response&userurl=$userurl\">"; 162: } 163: print "</head> 164: <body bgColor = '#c0d8f4'>"; 165: print "<h1 style=\"text-align: center;\">Logging in to ChilliSpot</h1>"; 166: print " 167: <center> 168: Please wait...... 169: </center> 170: </body> 171:  188: </html> 189: "; 190: exit(0); 191: } 192: 193: 194: # Default: It was not a form request 195: $result = 0; 196: 197: # If login successful 198: if ($res =~ /^success$/) { 199: $result = 1; 200: } 201: 202: # If login failed 203: if ($res =~ /^failed$/) { 204: $result = 2; 205: } 206: 207: # If logout successful 208: if ($res =~ /^logoff$/) { 209: $result = 3; 210: } 211: 212: # If tried to login while already logged in 213: if ($res =~ /^already$/) { 214: $result = 4; 215: } 216: 217: # If not logged in yet 218: if ($res =~ /^notyet$/) { 219: $result = 5; 220: } 221: 222: # If login from smart client 223: if ($res =~ /^smartclient$/) { 224: $result = 6; 225: } 226: 227: # If requested a logging in pop up window 228: if ($res =~ /^popup1$/) { 229: $result = 11; 230: } 231: 232: # If requested a success pop up window 233: if ($res =~ /^popup2$/) { 234: $result = 12; 235: } 236: 237: # If requested a logout pop up window 238: if ($res =~ /^popup3$/) { 239: $result = 13; 240: } 241: 242: 243: # Otherwise it was not a form request 244: # Send out an error message 245: if ($result == 0) { 246: print "Content-type: text/html\n\n 247: <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> 248: <html> 249: <head> 250: <title>ChilliSpot Login Failed</title> 251: <meta http-equiv=\"Cache-control\" content=\"no-cache\"> 252: <meta http-equiv=\"Pragma\" content=\"no-cache\"> 253: </head> 254: <body bgColor = '#c0d8f4'> 255: <h1 style=\"text-align: center;\">ChilliSpot Login Failed</h1> 256: <center> 257: Login must be performed through ChilliSpot daemon. 258: </center> 259: </body> 260: </html> 261: "; 262: exit(0); 263: } 264: 265: #Generate the output 266: print "Content-type: text/html\n\n 267: <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> 268: <html> 269: <head> 270: <title>ChilliSpot Login</title> 271: <meta http-equiv=\"Cache-control\" content=\"no-cache\"> 272: <meta http-equiv=\"Pragma\" content=\"no-cache\"> 273: <SCRIPT LANGUAGE=\"JavaScript\"> 274: var blur = 0; 275: var starttime = new Date(); 276: var startclock = starttime.getTime(); 277: var mytimeleft = 0; 278: 279: function doTime() { 280: window.setTimeout( \"doTime()\", 1000 ); 281: t = new Date(); 282: time = Math.round((t.getTime() - starttime.getTime())/1000); 283: if (mytimeleft) { 284: time = mytimeleft - time; 285: if (time <= 0) { 286: window.location = \"$loginpath?res=popup3&uamip=$uamip&uamport=$uamport\"; 287: } 288: } 289: if (time < 0) time = 0; 290: hours = (time - (time % 3600)) / 3600; 291: time = time - (hours * 3600); 292: mins = (time - (time % 60)) / 60; 293: secs = time - (mins * 60); 294: if (hours < 10) hours = \"0\" + hours; 295: if (mins < 10) mins = \"0\" + mins; 296: if (secs < 10) secs = \"0\" + secs; 297: title = \"Online time: \" + hours + \":\" + mins + \":\" + secs; 298: if (mytimeleft) { 299: title = \"Remaining time: \" + hours + \":\" + mins + \":\" + secs; 300: } 301: if(document.all || document.getElementById){ 302: document.title = title; 303: } 304: else { 305: self.status = title; 306: } 307: } 308: 309: function popUp(URL) { 310: if (self.name != \"chillispot_popup\") { 311: chillispot_popup = window.open(URL, 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=375'); 312: } 313: } 314: 315: function doOnLoad(result, URL, userurl, redirurl, timeleft) { 316: if (timeleft) { 317: mytimeleft = timeleft; 318: } 319: if ((result == 1) && (self.name == \"chillispot_popup\")) { 320: doTime(); 321: } 322: if ((result == 1) && (self.name != \"chillispot_popup\")) { 323: chillispot_popup = window.open(URL, 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=375'); 324: } 325: if ((result == 2) || result == 5) { 326: document.form1.UserName.focus() 327: } 328: if ((result == 2) && (self.name != \"chillispot_popup\")) { 329: chillispot_popup = window.open('', 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=400,height=200'); 330: chillispot_popup.close(); 331: } 332: if ((result == 12) && (self.name == \"chillispot_popup\")) { 333: doTime(); 334: if (redirurl) { 335: opener.location = redirurl; 336: } 337: else if (opener.home) { 338: opener.home(); 339: } 340: else { 341: opener.location = \"about:home\"; 342: } 343: self.focus(); 344: blur = 0; 345: } 346: if ((result == 13) && (self.name == \"chillispot_popup\")) { 347: self.focus(); 348: blur = 1; 349: } 350: } 351: 352: function doOnBlur(result) { 353: if ((result == 12) && (self.name == \"chillispot_popup\")) { 354: if (blur == 0) { 355: blur = 1; 356: self.focus(); 357: } 358: } 359: } 360: </script> 361: </head> 362: <body onLoad=\"javascript:doOnLoad($result, '$loginpath?res=popup2&uamip=$uamip&uamport=$uamport&userurl=$userurl&redirurl=$redirurl&timeleft=$timeleft','$userurldecode', '$redirurldecode', '$timeleft')\" onBlur = \"javascript:doOnBlur($result)\" bgColor = '#c0d8f4'>"; 363: 364: 365: # if (!window.opener) { 366: # document.bgColor = '#c0d8f4'; 367: # } 368: 369: #print "THE INPUT: $input"; 370: #foreach $key (sort (keys %ENV)) { 371: # print $key, ' = ', $ENV{$key}, "<br>\n"; 372: #} 373: 374: if ($result == 2) { 375: print " 376: <h1 style=\"text-align: center;\">ChilliSpot Login Failed</h1>"; 377: if ($reply) { 378: print "<center> $reply </BR></BR></center>"; 379: } 380: } 381: 382: if ($result == 5) { 383: print " 384: <h1 style=\"text-align: center;\">ChilliSpot Login</h1>"; 385: } 386: 387: if ($result == 2 || $result == 5) { 388: print " 389: <form name=\"form1\" method=\"post\" action=\"$loginpath\"> 390: <INPUT TYPE=\"hidden\" NAME=\"challenge\" VALUE=\"$challenge\"> 391: <INPUT TYPE=\"hidden\" NAME=\"uamip\" VALUE=\"$uamip\"> 392: <INPUT TYPE=\"hidden\" NAME=\"uamport\" VALUE=\"$uamport\"> 393: <INPUT TYPE=\"hidden\" NAME=\"userurl\" VALUE=\"$userurl\"> 394: <center> 395: <table border=\"0\" cellpadding=\"5\" cellspacing=\"0\" style=\"width: 217px;\"> 396: <tbody> 397: <tr> 398: <td align=\"right\">Username:</td> 399: <td><input STYLE=\"font-family: Arial\" type=\"text\" name=\"UserName\" size=\"20\" maxlength=\"128\"></td> 400: </tr> 401: <tr> 402: <td align=\"right\">Password:</td> 403: <td><input STYLE=\"font-family: Arial\" type=\"password\" name=\"Password\" size=\"20\" maxlength=\"128\"></td> 404: </tr> 405: <tr> 406: <td align=\"center\" colspan=\"2\" height=\"23\"><input type=\"submit\" name=\"button\" value=\"Login\" onClick=\"javascript:popUp('$loginpath?res=popup1&uamip=$uamip&uamport=$uamport')\"></td> 407: </tr> 408: </tbody> 409: </table> 410: </center> 411: </form> 412: </body> 413: </html>"; 414: } 415: 416: if ($result == 1) { 417: print " 418: <h1 style=\"text-align: center;\">Logged in to ChilliSpot</h1>"; 419: 420: if ($reply) { 421: print "<center> $reply </BR></BR></center>"; 422: } 423: 424: print " 425: <center> 426: <a href=\"http://$uamip:$uamport/logoff\">Logout</a> 427: </center> 428: </body> 429: </html>"; 430: } 431: 432: if (($result == 4) || ($result == 12)) { 433: print " 434: <h1 style=\"text-align: center;\">Logged in to ChilliSpot</h1> 435: <center> 436: <a href=\"http://$uamip:$uamport/logoff\">Logout</a> 437: </center> 438: </body> 439: </html>"; 440: } 441: 442: 443: if ($result == 11) { 444: print "<h1 style=\"text-align: center;\">Logging in to ChilliSpot</h1>"; 445: print " 446: <center> 447: Please wait...... 448: </center> 449: </body> 450: </html>"; 451: } 452: 453: 454: if (($result == 3) || ($result == 13)) { 455: print " 456: <h1 style=\"text-align: center;\">Logged out from ChilliSpot</h1> 457: <center> 458: <a href=\"http://$uamip:$uamport/prelogin\">Login</a> 459: </center> 460: </body> 461: </html>"; 462: } 463: 464: 465: exit(0); 466: