1 /**************************************************
2 OpengateM - MAC address authentication system
3 module for Communication through CGI
5 Copyright (C) 2011 Opengate Project Team
6 Written by Yoshiaki Watanabe
8 This program is free software; you can redistribute it and/or
9 modify it under the terms of the GNU General Public License
10 as published by the Free Software Foundation; either version 2
11 of the License, or (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 Email: watanaby@is.saga-u.ac.jp
24 Programmed by Yoshiaki WATANABE
25 **************************************************/
27 #include "opengatemmng.h"
29 /* convert one-char-hex "a" to one-number 0Xa */
30 #define hex2num(x) ((x)>='A' ? ((x) & 0XDF) - 'A' +10 : ((x) - '0'))
32 void split(char content[], char *name[], char *value[], char *next[]);
33 void decode(char *string);
35 char macAddress[ADDRMAXLN]="";
37 /********************************************/
38 /* get Post data from the client */
39 /********************************************/
40 int getPostData(char *content, int contentMaxLength)
44 /* get content sent from web input */
45 if(isNull(getenv("CONTENT_LENGTH"))) return FALSE;
46 contentLen=atoi(getenv("CONTENT_LENGTH"));
47 contentLen++; /* for terminate ch */
49 /* if larger than buffer, cut off */
50 if(contentLen > contentMaxLength) contentLen=contentMaxLength;
51 if(fgets(content, contentLen, stdin) == NULL){
58 /********************************************/
59 /* get language form query string (in url lang=ja) */
60 /********************************************/
61 int getLangFromQueryString(char* language){
64 char queryStr[BUFFMAXLN];
70 /* get default language at the top of lang list */
71 sscanf(GetConfValue("HtmlLangs"), "%s", language);
73 /* if no string, return default */
74 if(isNull(getenv("QUERY_STRING"))) return FALSE;
76 /* get html access parameter string */
77 strncpy(queryStr, getenv("QUERY_STRING"), BUFFMAXLN);
79 /* split language in string [....&lang=ja&.....] */
82 split(ptr, name, value, next);
83 if(strstr(name[0], "lang")!=NULL){
84 if(!isNull(value[0])) strncpy(language, value[0], WORDMAXLN);
92 /********************************************/
93 /* get redirected url form query string */
94 /********************************************/
95 int getRedirectedUrlFromQueryString(char* redirectedUrl){
98 char queryStr[BUFFMAXLN];
104 /* default is null */
105 redirectedUrl[0]='\0';
107 /* if no string, return default */
108 if(isNull(getenv("QUERY_STRING"))) return FALSE;
110 /* get html access parameter string */
111 strncpy(queryStr, getenv("QUERY_STRING"), BUFFMAXLN);
113 /* split language in string [....&redirectedurl=xxxx&.....] */
116 split(ptr, name, value, next);
117 if(strstr(name[0], "redirectedurl")!=NULL){
118 if(!isNull(value[0])) strncpy(redirectedUrl, value[0], BUFFMAXLN);
126 /********************************************/
127 /* get mac address form query string (in url lang=ja) */
128 /********************************************/
129 int getMacAddrFromQueryString(char* macAddress){
132 char queryStr[BUFFMAXLN];
141 /* if no string returns, return default */
142 if(isNull(getenv("QUERY_STRING"))) return FALSE;
144 /* get html access parameter string */
145 strncpy(queryStr, getenv("QUERY_STRING"), BUFFMAXLN);
147 /* split in string [....&macaddr=xxxxx&.....] */
150 split(ptr, name, value, next);
151 if(strstr(name[0], "macaddr")!=NULL){
152 strncpy(macAddress, value[0], WORDMAXLN);
162 /********************************************/
163 /* get userid from environment variable */
164 /* long userid: "userid@extraid" is set */
165 /********************************************/
166 int getUserIdFromEnv(char *userid){
171 /* if shibboleth or httpbasic, get uid from environment var */
173 if(strcmp(GetConfValue("AuthServer/Protocol"), "shibboleth")==0){
175 /* get data from env-variables for uid and org attribute */
176 pEnv=getenvEx(GetConfValue("AuthServer/UidAttribute"),TRUE,TRUE);
178 strncpy(userid, pEnv, USERMAXLN);
180 /* if orp string can be get from env var, concatenate it as uid@org */
181 pEnv=getenvEx(GetConfValue("AuthServer/OrgAttribute"),TRUE,TRUE);
183 strncat(userid, GetConfValue("UserIdSeparator"), USERMAXLN);
184 strncat(userid, pEnv, USERMAXLN);
189 /* get from env-variable for EPPN(edu person principal name) attribute */
191 pEnv=getenvEx(GetConfValue("AuthServer/EppnAttribute"),TRUE,FALSE);
193 strncat(userid, pEnv, USERMAXLN);
199 err_msg("ERR at %s#%d: Cannot get user info from shibboleth",__FILE__,__LINE__);
200 PutMessageToClient("Cannot get user info from shibboleth<br>Check shibboleth setting in .htaccess, conf and others");
206 else if(strcmp(GetConfValue("AuthServer/Protocol"), "httpbasic")==0){
207 if(!isNull(getenv("REMOTE_USER"))){
208 strncpy(userid,getenv("REMOTE_USER"),USERMAXLN);
211 err_msg("ERR at %s#%d: Cannot get user info from httpbasic",__FILE__,__LINE__);
213 PutMessageToClient("Cannot get user info from http basic<br>Check http basic setting in .htaccess and other");
220 /*******************************
221 get userid and password from post string
222 *******************************/
223 int getUserIdFromPostData(char* requestStr, char* userid, char* password){
230 char content[BUFFMAXLN];
232 /* if null string, return */
233 if(isNull(requestStr)) return FALSE;
235 /* copy it to work area */
236 strncpy(content, requestStr, BUFFMAXLN);
238 /* split request item and execute the request */
242 /* pick up next item */
243 split(ptr, name, value, next);
246 if(strcmp(name[0], "userid")==0){
247 strncpy(userid, value[0], USERMAXLN);
251 else if(strcmp(name[0], "password")==0){
252 strncpy(password, value[0], USERMAXLN);
256 /* shift pointer to next item */
260 /* if password is found in request string, clear the string */
261 if(!isNull(password)) requestStr[0]='\0';
266 /********************************************/
267 /* analyze request for checking */
268 /********************************************/
269 int analyzeCheckRequest(char *content, int* status, char* macAddress)
280 /* split request item and execute the request */
284 /* pick up next item */
285 split(ptr, name, value, next);
287 /* if item =status */
288 if(strcmp(name[0], "status")==0){
289 if(strcmp(value[0], "open")==0) *status=OPEN;
290 if(strcmp(value[0], "close")==0) *status=CLOSE;
293 /* if item = macaddr */
294 else if(strcmp(name[0], "macaddr")==0){
295 strncpy(macAddress, value[0], ADDRMAXLN);
299 /* shift pointer to next item */
306 /********************************************/
307 /* analyze request and execute request for registering */
308 /********************************************/
309 int analyzeRegisterRequest(char *content, char* macAddress, char* deviceName, char* mailAddress)
321 /* split request item and execute the request */
325 /* pick up next item */
326 split(ptr, name, value, next);
328 /* if item = macaddr */
329 if(strcmp(name[0], "macaddr")==0){
330 strncpy(macAddress, value[0], ADDRMAXLN);
334 else if(strcmp(name[0], "device")==0){
335 strncpy(deviceName, value[0], WORDMAXLN);
338 else if(strcmp(name[0], "mailaddr")==0){
339 strncpy(mailAddress, value[0], BUFFMAXLN);
343 /* shift pointer to next item */
347 /* if illegal device name, return */
348 if(*deviceName=='\0'){
349 SetMessage(EmptyDeviceName);
352 if(!IsSafeString(deviceName, WORDMAXLN)){
353 SetMessage(IllegalCharInDevice);
357 /* if illegal mail address, return */
358 if(*mailAddress!='\0'){
359 if(!IsSafeString(mailAddress, BUFFMAXLN)){
360 SetMessage(IllegalCharInMailAddr);
365 /* if illegal mac address, return */
366 if(!ConvertMacAddr(macAddress)) return FALSE;
368 /* if already registered in db, return */
369 if(IsMacAddrFoundInMngDb(macAddress)){
370 SetMessage(ExistentMacAddr);
377 /******************************
378 convert mac address to regular format
380 ******************************/
381 int convertMacAddr(char* macAddr){
383 int m[6]; /* mac address sequence */
386 /* normal form is hex:hex:hex:hex:hex:hex */
387 /* or hex-hex-hex-hex-hex-hex */
389 if((sscanf(macAddr, "%x:%x:%x:%x:%x:%x",
390 &m[0],&m[1],&m[2],&m[3],&m[4],&m[5])!=6)
391 && (sscanf(macAddr, "%x-%x-%x-%x-%x-%x",
392 &m[0],&m[1],&m[2],&m[3],&m[4],&m[5])!=6)){
393 SetMessage(IllegalMacAddrForm);
398 SetMessage(IllegalMacAddr);
403 /* format to [01:23:45:67:89:0a] */
404 snprintf(macAddr, ADDRMAXLN, "%02x:%02x:%02x:%02x:%02x:%02x",
405 m[0],m[1],m[2],m[3],m[4],m[5]);
410 /******************************
411 check safe characters string
412 ******************************/
413 int isSafeString(char* str, int length){
414 char allowableChar[]=" !#$&*+,-./:=?[]^_{|}@";
418 /* scan all char in str */
419 for(i=0; i<length; i++){
422 /* if reached to the end of string, return true */
425 /* if alpha or numeric is found, goto next char */
426 if(isalnum(ch)) continue;
428 /* if control or non ascii is found, return false */
429 if( (unsigned)ch < 0x20|| 0x7f < (unsigned)ch) return FALSE;
431 /* if one of above list is found, goto next char */
432 if(strchr(allowableChar, ch)==NULL) return FALSE;
438 /*********************************************/
439 /* put auth request page to client */
440 /*********************************************/
441 int putAuthRequestPageToClient(char *language, char* cgiName, char* docName, char* redirectedUrl)
443 char authdoc[BUFFMAXLN];
445 char buff[BUFFMAXLN];
447 /* make read in path to the retry document */
448 snprintf(authdoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
449 GetConfValue("OpengateDir"),language,docName);
451 /* replace keyword and send out the file */
452 printf("Content-type: text/html\r\n\r\n");
454 if((fp=fopen(authdoc, "r"))==NULL){
455 err_msg("ERR at %s#%d: cannot find file %s",__FILE__,__LINE__, authdoc);
459 while(fgets(buff,BUFFMAXLN,fp)!=NULL){
460 HtmlReplace(buff, "%%CGINAME%%", cgiName);
461 HtmlReplace(buff, "%%REDIRECTEDURL%%", redirectedUrl);
462 if(strstr(buff, "%%ERRORLIST%%")!=NULL){
463 InsertMessageToPage(language);
472 /*********************************************/
473 /* deny message to the client */
474 /*********************************************/
475 int putDenyToClient(char *language){
476 char denydoc[BUFFMAXLN];
478 char buff[BUFFMAXLN];
480 /* make read in path to the retry document */
481 snprintf(denydoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
482 GetConfValue("OpengateDir"),language,GetConfValue("DenyDoc"));
484 /* replace keyword and send out the file */
485 printf("Content-type: text/html\r\n\r\n");
487 if((fp=fopen(denydoc, "r"))==NULL){
488 err_msg("ERR at %s#%d: cannot find file %s",__FILE__,__LINE__, denydoc);
492 while(fgets(buff,BUFFMAXLN,fp)!=NULL){
493 if(strstr(buff, "%%ERRORLIST%%")!=NULL){
494 InsertMessageToPage(language);
503 /*********************************************/
504 /* put response to client for check request */
505 /*********************************************/
506 int putCheckPageToClient(char *language, char* userId, char* extraId)
508 char responsedoc[BUFFMAXLN];
510 char buff[BUFFMAXLN];
511 char cookie[SIDMAXLN];
512 char* chkCgi=GetConfValue("CheckCgi");
513 char* regCgi=GetConfValue("RegisterCgi");
514 char* timeout=GetConfValue("OpenTimeout");
516 /* make read in path to the document */
517 snprintf(responsedoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
518 GetConfValue("OpengateDir"),language,GetConfValue("CheckDoc"));
521 printf("Content-type: text/html\r\n");
523 /* if no cookie, make, send, and save cookie */
524 if(!GetHttpCookie(cookie,GetConfValue("AuthAdminCookie"))){
525 CreateCookie(cookie);
526 printf("Set-Cookie: %s=%s;path=/;\r\n", GetConfValue("AuthAdminCookie"), cookie);
527 SaveCookieToWorkDb(cookie,userId, extraId, ADMINUSER);
530 /* end of http header */
533 /* replace keyword and send out the file */
534 if((fp=fopen(responsedoc, "r"))==NULL){
535 err_msg("ERR at %s#%d: cannot find file %s",__FILE__,__LINE__, responsedoc);
540 while(fgets(buff,BUFFMAXLN,fp)!=NULL){
541 HtmlReplace(buff, "%%CHECKCGI%%", chkCgi);
542 HtmlReplace(buff, "%%REGISTERCGI%%", regCgi);
543 HtmlReplace(buff, "%%TIMEOUT%%", timeout);
544 HtmlReplace(buff, "%%USERID%%", userId);
546 if(strstr(buff, "%%MACCHECKLIST%%")!=NULL){
547 PutMacCheckListToClient();
549 else if(strstr(buff, "%%ERRORLIST%%")!=NULL){
550 InsertMessageToPage(language);
560 /*********************************************/
561 /* put response to client for register request */
562 /* ownReg:1=the page is controlled by owner, 0=under admin */
563 /*********************************************/
564 int putRegisterPageToClient(char *language, char* macAddress, char* deviceName, char* mailAddress, char* userId, char* extraId, int ownReg, char* redirectedUrl)
566 char responsedoc[BUFFMAXLN];
568 char buff[BUFFMAXLN];
569 char cookie[SIDMAXLN];
574 /* setup cgi and doc */
576 regCgi=GetConfValue("OwnCgi");
577 regDoc=GetConfValue("OwnRegisterDoc");
579 regCgi=GetConfValue("RegisterCgi");
580 regDoc=GetConfValue("RegisterDoc");
582 if(isNull(regCgi) || isNull(regDoc)){
583 err_msg("ERR at %s#%d: cannot find cgi/doc for reg in conf",__FILE__,__LINE__);
587 /* make read in path to the document */
588 snprintf(responsedoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
589 GetConfValue("OpengateDir"),language,regDoc);
592 printf("Content-type: text/html\r\n");
594 /* if no cookie, make, send, and save cookie */
595 if(!GetHttpCookie(cookie, GetConfValue("AuthUserCookie"))){
596 CreateCookie(cookie);
597 printf("Set-Cookie: %s=%s;path=/;\r\n", GetConfValue("AuthUserCookie"), cookie);
598 SaveCookieToWorkDb(cookie, userId, extraId, NORMALUSER);
599 SaveMailDefalutForCookieToWorkDb(cookie, mailAddress);
602 /* end of http header */
605 if((fp=fopen(responsedoc, "r"))==NULL){
606 err_msg("ERR at %s#%d: cannot find file %s",__FILE__,__LINE__, responsedoc);
610 while(fgets(buff,BUFFMAXLN,fp)!=NULL){
611 HtmlReplace(buff, "%%REGISTERCGI%%", regCgi);
612 HtmlReplace(buff, "%%MACADDR%%", macAddress);
613 HtmlReplace(buff, "%%DEVICE%%", deviceName);
614 HtmlReplace(buff, "%%MAILADDR%%", mailAddress);
615 HtmlReplace(buff, "%%USERID%%", userId);
616 HtmlReplace(buff, "%%REDIRECTEDURL%%", redirectedUrl);
618 if(strstr(buff, "%%MACREGLIST%%")!=NULL){
619 PutMacRegListToClient(userId, extraId);
621 else if(strstr(buff, "%%ERRORLIST%%")!=NULL){
622 InsertMessageToPage(language);
632 /*********************************************/
633 /* put mac list in mac check table to the client */
634 /*********************************************/
635 void putMacCheckListToClient(void){
637 char macAddress[ADDRMAXLN];
638 char vendor[WORDMAXLN];
639 char ipv4[ADDRMAXLN];
640 char ipv6[ADDRMAXLN];
645 /* get mac list from db and insert into html table */
646 while(GetNextRowInMacCheckTable(macAddress, ipv4, ipv6)){
648 /* get nic vendor from management db */
649 GetNicVendorFromMngDb(macAddress, vendor, WORDMAXLN);
651 /* is the terminal in use */
652 if(IsSessionFoundInSessionTable(macAddress) ||
653 IsActiveSessionFoundInOpengateSessionTable(macAddress)) inUse=TRUE;
656 /* is the terminal's MAC is registered in DB */
657 foundOnDb = IsMacAddrFoundInMngDb(macAddress);
659 /* print out table row */
660 /* the row is colored, if it is a candidate for registering */
661 /* the terminals inUse/foundInDb may be not the candidate */
662 if(inUse || foundOnDb){
663 printf("<tr align=middle>\n");
665 printf("<tr style='background-color: rgb(255,255,204);' align=middle>\n");
668 /* check radio button in first row */
670 printf("<td><input type='radio' name='macaddr' value='%s' checked></td>\n", macAddress);
673 printf("<td><input type='radio' name='macaddr' value='%s'></td>\n", macAddress);
676 /* show macAddress, vendor, ipv4,ipv6 */
677 printf("<td>%s</td>\n", macAddress);
678 printf("<td>%s</td>\n",vendor);
679 printf("<td>%s</td>\n",ipv4);
680 printf("<td>%s</td>\n",ipv6);
682 /* show flags for inUse/foundInDb */
683 if(inUse) printf("<td>*</td>\n");
684 else printf("<td><br></td>\n");
685 if(foundOnDb) printf("<td>*</td>\n");
686 else printf("<td><br></td>\n");
691 /*********************************************/
692 /* put mac regsitered list the client */
693 /*********************************************/
694 void putMacRegListToClient(char* userId, char* extraId){
696 char deviceName[WORDMAXLN]="";
697 char entryDate[WORDMAXLN]="";
698 char limitDate[WORDMAXLN]="";
699 char status[WORDMAXLN]="";
700 char macAddress[ADDRMAXLN]="";
701 char mailAddress[BUFFMAXLN]="";
703 /* get registered mac list form db and insert */
704 while(GetNextMacAddrFromMngDb(userId,extraId,macAddress,deviceName,
705 entryDate,limitDate,status,mailAddress)){
708 printf("<tr align=middle>\n");
709 printf("<td>%s</td>\n", macAddress);
710 printf("<td>%s</td>\n",deviceName);
711 printf("<td>%s</td>\n",entryDate);
712 printf("<td>%s</td>\n",limitDate);
713 printf("<td>%s</td>\n",status);
714 printf("<td>%s</td>\n",mailAddress);
719 /*********************************************/
720 /* put some message to the client */
721 /*********************************************/
722 void putMessageToClient(char *message)
724 printf("Content-type: text/html\r\n\r\n");
725 printf("<HTML><HEAD><TITLE>OpengateMsg</TITLE></HEAD> \r\n");
726 printf("<BODY>\r\n");
727 printf("%s\r\n", message);
728 printf("</BODY></HTML> \r\n\r\n");
731 /************************************************/
732 /* send page for returning to the previous page */
733 /************************************************/
734 void returnToRedirectedPage(char* redirectedUrl, char* language){
736 char returndoc[BUFFMAXLN];
738 char buff[BUFFMAXLN];
741 /* make read in path to the document */
742 snprintf(returndoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
743 GetConfValue("OpengateDir"),language,GetConfValue("ReturnDoc"));
746 printf("Content-type: text/html\r\n\r\n");
748 if((fp=fopen(returndoc, "r"))==NULL){
749 err_msg("ERR at %s#%d: cannot find file %s",__FILE__,__LINE__, returndoc);
750 printf("Error! \r\n\r\n");
754 if(!isNull(GetConfValue("ReturnWaitTime"))){
755 waitTime=GetConfValue("ReturnWaitTime");
757 while(fgets(buff,BUFFMAXLN,fp)!=NULL){
758 HtmlReplace(buff, "%%WAITTIME%%", waitTime);
759 HtmlReplace(buff, "%%REDIRECTEDURL%%", redirectedUrl);
765 /************************************/
766 /* split value for indicated name */
767 /* in content "name=value&..." */
768 /************************************/
769 void split(char content[], char *name[], char *value[], char *next[])
775 value[0]=content+strlen(content);
779 if((pstr=strchr(name[0],(int)'='))==NULL){
785 /* set value start */
790 if((pstr=strchr(value[0],'&'))==NULL){
803 /**********************************/
804 /* decode text coding in web post */
805 /**********************************/
806 void decode(char *string)
808 char *pcheck, *pinsert;
810 pcheck=pinsert=string;
811 while(*pcheck != '\0'){
814 }else if(*pcheck == '%'){
815 *pinsert=(char)(hex2num(*(pcheck+1))*16 + hex2num(*(pcheck+2)));
827 /*****************************************************/
828 /* replace beforeStr to afterStr in string in buff */
829 /*****************************************************/
830 int htmlReplace(char* buff,char *beforeStr,char *afterStr)
832 char *pBuff , *pNext;
833 char tempBuff[BUFFMAXLN];
835 if(buff==NULL) return 1;
837 strncpy(tempBuff, buff, BUFFMAXLN);
838 strncpy(buff,"",BUFFMAXLN);
840 for(pBuff = tempBuff;
841 (pNext=StrSplit(pBuff, beforeStr)) != NULL;
843 strncat(buff,pBuff,BUFFMAXLN);
844 strncat(buff,afterStr,BUFFMAXLN);
846 strncat(buff,pBuff,BUFFMAXLN);
851 /*****************************************************/
852 /* split a str at delimStr and return the point */
853 /*****************************************************/
854 char* strSplit(char* str,const char* delimStr)
856 char* delimPoint = strstr(str,delimStr);
857 const size_t delimLen = strlen(delimStr);
859 if(delimPoint == NULL) return NULL;
862 delimPoint += delimLen;
868 /**********************/
869 /* get HTTP-Cookie */
870 /**********************/
871 /* cookie string examples
872 "OpengateMmng=de..ac1&Userid=user1"
873 "OpengateMmng=de..ac1&Userid=user1; xxx=..; yyy=.."
874 "xxx=..; yyy=..; OpengateMmng=de..ac1&Userid=user1"
876 int getHttpCookie(char *cookie, char* cookieName){
877 char content[BUFFMAXLN];
887 /* if exist cookie, copy it to work area */
888 if(isNull(getenv("HTTP_COOKIE"))) return FALSE;
889 strncpy(content, getenv("HTTP_COOKIE"), BUFFMAXLN);
892 /* search 'OpengateMmng' cookie string (terminated by ; or \0) */
894 if((ptrNext=strstr(ptr, "; "))==NULL) break; /* search "; " */
895 *ptrNext='\0'; /* overwrite string end */
896 ptrNext++; /* pointer to next string */
897 while(!isNull(ptrNext)&&*ptrNext==' ') ptrNext++; /* skip spaces */
898 if(strstr(ptr, cookieName)==ptr) break; /* exit at matching */
899 ptr=ptrNext; /* check next string */
902 /* get valuses of cookie from "OpengateMmng=de..ac1" */
904 split(ptr, name, value, next);
906 if(strstr(name[0], cookieName)!=NULL){
907 strncpy(cookie, value[0], SIDMAXLN);
912 if(isNull(cookie)) return FALSE;
916 /*************************************
917 compare received cookie to previously saved one
918 *************************************/
919 int isCorrectCookie(char* cookie, int userType){
920 char userId[USERMAXLN];
921 char extraId[USERMAXLN];
923 /* compare http received cookie and DB readin cookie */
926 GetHttpCookie(cookie, GetConfValue("AuthUserCookie"));
927 if(IsCookieFoundInWorkDb(cookie,userId,extraId,NORMALUSER)) return TRUE;
930 GetHttpCookie(cookie, GetConfValue("AuthAdminCookie"));
931 if(IsCookieFoundInWorkDb(cookie,userId,extraId,ADMINUSER)) return TRUE;
937 /********************************************/
938 /* analyze update request and execute request */
939 /********************************************/
940 int analyzeUpdateRequestAndExecute(char *requestStr, char* userId, char* extraId)
946 char macAddr[ADDRMAXLN];
947 int modified=FALSE; /* database modification is executed */
949 char content[BUFFMAXLN];
951 /* if null string, return */
952 if(isNull(requestStr)) return FALSE;
954 /* copy request string to work area */
955 strncpy(content, requestStr, BUFFMAXLN);
957 /* split request item and execute the request */
961 /* pick up next item */
962 split(ptr, name, value, next);
964 /* if item=delete, execute delete */
965 if(strcmp(value[0], "delete")==0){
966 strncpy(macAddr, name[0], ADDRMAXLN);
968 if(ConvertMacAddr(macAddr)){
969 ret=DelMacAddrFromMngDb(macAddr);
972 PutMacModifyLogToMngDb(userId, extraId, macAddr, 'D');
973 PutMacAddressToServers(macAddr);
978 /* if item = extend, execute extend */
979 else if(strcmp(value[0], "extend")==0){
980 strncpy(macAddr, name[0], ADDRMAXLN);
982 if(ConvertMacAddr(macAddr)){
983 ret=RenewMacAddrInMngDb(macAddr);
986 PutMacModifyLogToMngDb(userId, extraId, macAddr, 'E');
987 PutMacAddressToServers(macAddr);
992 /* if item = pause, execute pause */
993 else if(strcmp(value[0], "pause")==0){
994 strncpy(macAddr, name[0], ADDRMAXLN);
996 if(ConvertMacAddr(macAddr)){
997 ret=PauseMacAddrInMngDb(macAddr);
1000 PutMacModifyLogToMngDb(userId, extraId, macAddr, 'P');
1001 PutMacAddressToServers(macAddr);
1006 /* shift pointer to next item */
1014 /*********************************************/
1015 /* put response to client */
1016 /* ownUpdate:1=page is controlled by owner, 0=under admin */
1017 /*********************************************/
1018 int putUpdatePageToClient(char *language, char* userId, char* extraId, int ownUpdate, char* redirectedUrl)
1020 char responsedoc[BUFFMAXLN];
1022 char buff[BUFFMAXLN];
1023 char cookie[SIDMAXLN];
1026 char mailDefault[BUFFMAXLN];
1028 /* select update page for owner or administrator */
1030 updateCgi=GetConfValue("OwnCgi");
1031 updateDoc=GetConfValue("OwnUpdateDoc");
1033 updateCgi=GetConfValue("UpdateCgi");
1034 updateDoc=GetConfValue("UpdateDoc");
1036 if(isNull(updateCgi) || isNull(updateDoc)){
1037 err_msg("ERR at %s#%d: cannot find cgi/doc for update in conf",__FILE__,__LINE__);
1041 /* make read in path to the retry document */
1042 snprintf(responsedoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
1043 GetConfValue("OpengateDir"),language,updateDoc);
1046 printf("Content-type: text/html\r\n");
1048 /* if no cookie, make, send, and save cookie */
1049 if(!GetHttpCookie(cookie, GetConfValue("AuthUserCookie"))){
1050 CreateCookie(cookie);
1051 printf("Set-Cookie: %s=%s;path=/;\r\n", GetConfValue("AuthUserCookie"), cookie);
1052 SaveCookieToWorkDb(cookie,userId, extraId, NORMALUSER);
1053 MakeMailDefault(userId, extraId, mailDefault);
1054 SaveMailDefalutForCookieToWorkDb(cookie, mailDefault);
1057 /* end of http header */
1060 if((fp=fopen(responsedoc, "r"))==NULL){
1061 err_msg("ERR at %s#%d: cannot find file %s",__FILE__,__LINE__, responsedoc);
1065 while(fgets(buff,BUFFMAXLN,fp)!=NULL){
1066 HtmlReplace(buff, "%%CGINAME%%", updateCgi);
1067 HtmlReplace(buff, "%%USERID%%", userId);
1068 HtmlReplace(buff, "%%REDIRECTEDURL%%", redirectedUrl);
1070 if(strstr(buff, "%%MACLIST%%")!=NULL){
1071 PutMacListToClient(userId,extraId);
1073 else if(strstr(buff, "%%USAGELOG%%")!=NULL){
1074 PutUsageLogToClient(userId, extraId, language);
1076 else if(strstr(buff, "%%ERRORLIST%%")!=NULL){
1077 InsertMessageToPage(language);
1087 /*********************************************/
1088 /* put mac list the client */
1089 /*********************************************/
1090 void putMacListToClient(char* userId, char* extraId){
1092 char deviceName[WORDMAXLN];
1093 char entryDate[WORDMAXLN];
1094 char limitDate[WORDMAXLN];
1095 char status[WORDMAXLN];
1096 char macAddr[ADDRMAXLN];
1097 char mailAddress[BUFFMAXLN];
1099 /* make rows for deletion and extending */
1100 /* get registered mac list form db and insert */
1101 while(GetNextMacAddrFromMngDb(userId,extraId,macAddr,deviceName,
1102 entryDate,limitDate,status,mailAddress)){
1103 printf("<tr align=middle>\n");
1105 printf("<td><input type=radio name=%s value=extend checked></td>\n",macAddr);
1106 printf("<td><input type=radio name=%s value=pause></td>\n",macAddr);
1107 printf("<td><input type=radio name=%s value=delete></td>\n",macAddr);
1109 printf("<td>-</td>\n");
1110 printf("<td>-</td>\n");
1111 printf("<td>-</td>\n");
1113 printf("<td>%s</td>\n", macAddr);
1114 printf("<td>%s</td>\n",deviceName);
1115 printf("<td>%s</td>\n",entryDate);
1116 printf("<td>%s</td>\n",limitDate);
1117 printf("<td>%s</td>\n",status);
1122 /*********************************************/
1123 /* put usage log to the client */
1124 /*********************************************/
1125 void putUsageLogToClient(char *userId, char* extraId, char* language){
1127 char macAddr[ADDRMAXLN];
1128 char deviceName[WORDMAXLN];
1129 char openTime[WORDMAXLN];
1130 char gatewayName[WORDMAXLN];
1132 char str[WORDMAXLN];
1135 /* get usage log form db and insert as html table row */
1136 while(GetNextUsageLogFromMngDb(userId,extraId,macAddr,deviceName,
1137 openTime,gatewayName,&weekday)){
1139 /* split hostname only */
1140 if((p=strchr(gatewayName,'.'))!=NULL) *p='\0';
1142 /* put out table row */
1143 printf("<tr align=middle>\n");
1144 printf("<td>%s</td>\n", macAddr);
1145 printf("<td>%s</td>\n",deviceName);
1146 printf("<td>%s</td>\n",openTime);
1147 printf("<td>%s</td>\n",WeekdayStr(weekday, str, language));
1148 printf("<td>%s</td>\n",gatewayName);
1153 /**********************************************/
1154 /* check allowable http-agent defined in conf */
1155 /**********************************************/
1156 int isAccessedFromAllowableAgent(void){
1159 char* pRegExPattern=NULL;
1162 /* get agent string. if not, return false */
1163 if( isNull(pAgent=getenv("HTTP_USER_AGENT")) ) return FALSE;
1165 /* get first reg expression in conf. if not, return true(not define=allow all) */
1166 if(isNull(pRegExPattern=GetFirstConfValue("AllowableAgentPattern"))){
1170 /* loop for patterns in conf */
1171 while(!isNull(pRegExPattern)){
1173 /* if agent is matched to reg ex, return true. */
1174 /* last-arg 1 means case sensitive */
1175 if(RegExMatch(pAgent, pRegExPattern, 1)){
1180 /* get next reg expression in conf */
1181 pRegExPattern=GetNextConfValue();
1184 /* if fail, print message */
1186 err_msg("ERR at %s#%d: http-agent[%s] is not allowed in conf file",__FILE__,__LINE__, pAgent);
1193 /*******************************/
1194 /*******************************/
1196 int GetPostData(char *content, int contentMaxLength){
1198 if(debug>1) err_msg("DEBUG:=>getPostData(%d)", contentMaxLength);
1199 ret=getPostData(content, contentMaxLength);
1200 if(debug>1) err_msg("DEBUG:%d<=getPostData(..)",ret);
1204 int GetLangFromQueryString(char* language){
1206 if(debug>1) err_msg("DEBUG:=>getLangFromQueryString( )");
1207 ret=getLangFromQueryString(language);
1208 if(debug>1) err_msg("DEBUG:%d<=getLangFromQueryString(%s)",ret,language);
1212 int GetRedirectedUrlFromQueryString(char* redirectedUrl){
1214 if(debug>1) err_msg("DEBUG:=>getRedirectedUrlFromQueryString( )");
1215 ret=getRedirectedUrlFromQueryString(redirectedUrl);
1216 if(debug>1) err_msg("DEBUG:%d<=getRedirectedUrlFromQueryString(%s)",ret,redirectedUrl);
1220 int GetMacAddrFromQueryString(char* macAddress){
1222 if(debug>1) err_msg("DEBUG:=>getMacAddrFromQueryString( )");
1223 ret=getMacAddrFromQueryString(macAddress);
1224 if(debug>1) err_msg("DEBUG:%d<=getMacAddrFromQueryString(%s)",ret,macAddress);
1228 int AnalyzeCheckRequest(char *content, int* status, char* macAddress){
1230 if(debug>1) err_msg("DEBUG:=>analyzeCheckRequest(%s)", content);
1231 ret=analyzeCheckRequest(content, status, macAddress);
1232 if(debug>1) err_msg("DEBUG:%d<=analyzeCheckRequest(%d,%s)",ret,*status, macAddress);
1236 int AnalyzeRegisterRequest(char *content, char* macAddress, char* deviceName, char* mailAddress){
1238 if(debug>1) err_msg("DEBUG:=>analyzeRegisterRequest(%s)", content);
1239 ret=analyzeRegisterRequest(content, macAddress, deviceName, mailAddress);
1240 if(debug>1) err_msg("DEBUG:%d<=analyzeRegisterRequest(%s,%s,%s)",ret, macAddress, deviceName, mailAddress);
1244 int PutDenyToClient(char *language){
1246 if(debug>1) err_msg("DEBUG:=>putDenyToClient(%s)",language);
1247 ret=putDenyToClient(language);
1248 if(debug>1) err_msg("DEBUG:(%d)<=putDenyToClient( )",ret);
1252 int PutCheckPageToClient(char *language, char* userId, char* extraId){
1254 if(debug>1) err_msg("DEBUG:=>putCheckPageToClient(%s,%s,%s)",
1255 language,userId,extraId);
1256 ret=putCheckPageToClient(language,userId,extraId);
1257 if(debug>1) err_msg("DEBUG:(%d)<=putCheckPageToClient( )",ret);
1261 int PutRegisterPageToClient(char *language, char* macAddress, char* deviceName, char* mailAddress, char* userId, char* extraId, int ownReg, char* redirectedUrl){
1263 if(debug>1) err_msg("DEBUG:=>putRegisterPageToClient(%s,%s,%s,%s,%s,%s,%d,%s)", language,macAddress,deviceName,mailAddress,userId,extraId,ownReg, redirectedUrl);
1264 ret=putRegisterPageToClient(language, macAddress, deviceName, mailAddress, userId, extraId, ownReg, redirectedUrl);
1265 if(debug>1) err_msg("DEBUG:(%d)<=putRegisterPageToClient( )",ret);
1269 void PutMacCheckListToClient(void){
1270 if(debug>1) err_msg("DEBUG:=>putMacCheckListToClient( )");
1271 putMacCheckListToClient();
1272 if(debug>1) err_msg("DEBUG:<=putMacCheckListToClient( )");
1275 void PutMacRegListToClient(char* userId, char* extraId){
1276 if(debug>1) err_msg("DEBUG:=>putMacRegListToClient( )");
1277 putMacRegListToClient(userId, extraId);
1278 if(debug>1) err_msg("DEBUG:<=putMacRegListToClient( )");
1281 void PutMessageToClient(char *message){
1282 if(debug>1) err_msg("DEBUG:=>putMessageToClient(%s)",message);
1283 putMessageToClient(message);
1284 if(debug>1) err_msg("DEBUG:<=putMessageToClient( )");
1287 void ReturnToRedirectedPage(char* redirectedUrl, char* language){
1288 if(debug>1) err_msg("DEBUG:=>returnToRedirectedPage(%s,%s)",redirectedUrl,language);
1289 returnToRedirectedPage(redirectedUrl, language);
1290 if(debug>1) err_msg("DEBUG:<=returnToRedirectedPage( )");
1293 int ConvertMacAddr(char* macAddr){
1295 if(debug>1) err_msg("DEBUG:=>convertMacAddr(%s)", macAddr);
1296 ret=convertMacAddr(macAddr);
1297 if(debug>1) err_msg("DEBUG:(%d)<=convertMacAddr(%s)",ret,macAddr);
1301 int IsSafeString(char* str, int length){
1303 if(debug>1) err_msg("DEBUG:=>isSafeString(%s,%d)",str,length);
1304 ret=isSafeString(str,length);
1305 if(debug>1) err_msg("DEBUG:(%d)<=isSafeString( )",ret);
1309 int HtmlReplace(char* buff,char *beforeStr,char *afterStr){
1311 if(debug>2) err_msg("DEBUG:=>htmlReplace(%s,%s,%s)",buff,beforeStr,afterStr);
1312 ret = htmlReplace(buff, beforeStr, afterStr);
1313 if(debug>2) err_msg("DEBUG:(%d)<=htmlReplace( )",ret);
1317 char* StrSplit(char* str,const char* delimStr){
1319 if(debug>2) err_msg("DEBUG:=>strSplit(%s,%s)",str,delimStr);
1320 ret = strSplit(str, delimStr);
1321 if(debug>2) err_msg("DEBUG:(%s)<=strSplit( )",ret);
1325 int GetHttpCookie(char *cookie, char* cookieName){
1327 if(debug>1) err_msg("DEBUG:=>getHttpCookie(%s)", cookieName);
1328 ret = getHttpCookie(cookie, cookieName);
1329 if(debug>1) err_msg("DEBUG:(%d)<=getHttpCookie(%s)",ret, cookie);
1333 int IsCorrectCookie(char* cookie, int userType){
1335 if(debug>1) err_msg("DEBUG:=> isCorrectCookie(%d)", userType);
1336 ret = isCorrectCookie(cookie,userType);
1337 if(debug>1) err_msg("DEBUG:(%d)<= isCorrectCookie(%s)",ret,cookie);
1341 int GetUserIdFromEnv(char *userid){
1343 if(debug>1) err_msg("DEBUG:=>getUserIdFromEnv(%s)",userid);
1344 ret = getUserIdFromEnv(userid);
1345 if(debug>1) err_msg("DEBUG:(%d)<=getUserIdFromEnv( )",ret);
1349 int GetUserIdFromPostData(char* requestStr, char* userid, char* password){
1351 if(debug>1) err_msg("DEBUG:=>getUserIdFromPostData(..)");
1352 ret = getUserIdFromPostData(requestStr,userid,password);
1353 if(debug>1) err_msg("DEBUG:(%d)<=getUserIdFromPostData(,%s,password)",ret,userid);
1357 int PutAuthRequestPageToClient(char *language, char* cgiName, char* docName, char* redirectedUrl){
1359 if(debug>1) err_msg("DEBUG:=>putAuthRequestPageToClient(%s,%s,%s)",language,cgiName, docName, redirectedUrl);
1360 ret=putAuthRequestPageToClient(language,cgiName, docName, redirectedUrl);
1361 if(debug>1) err_msg("DEBUG:(%d)<=putAuthRequestPageToClient( )",ret);
1365 int AnalyzeUpdateRequestAndExecute(char *content, char* userId, char* extraId){
1368 if(debug>1) err_msg("DEBUG:=>analyzeUpdateRequestAndExecute(%s,%s,%s)", content,userId,extraId);
1369 ret=analyzeUpdateRequestAndExecute(content,userId,extraId);
1370 if(debug>1) err_msg("DEBUG:%d<=analyzeUpdateRequestAndExecute( )",ret);
1374 int PutUpdatePageToClient(char *language, char* userId, char* extraId, int ownUpdate, char* redirectedUrl){
1376 if(debug>1) err_msg("DEBUG:=>putUpdatePageToClient(%s,%s,%s,%d,%s)",
1377 language,userId,extraId,ownUpdate,redirectedUrl);
1378 ret=putUpdatePageToClient(language,userId,extraId,ownUpdate,redirectedUrl);
1379 if(debug>1) err_msg("DEBUG:(%d)<=putUpdatePageToClient( )",ret);
1383 void PutMacListToClient(char *userId, char* extraId){
1384 if(debug>1) err_msg("DEBUG:=>putMacListToClient(%s,%s)",userId,extraId);
1385 putMacListToClient(userId,extraId);
1386 if(debug>1) err_msg("DEBUG:<=putMacListToClient( )");
1389 void PutUsageLogToClient(char *userId, char* extraId, char* language){
1390 if(debug>1) err_msg("DEBUG:=>putUsageLogToClient(%s,%s,%s)",userId,extraId,language);
1391 putUsageLogToClient(userId,extraId,language);
1392 if(debug>1) err_msg("DEBUG:<=putUsageLogToClient( )");
1395 int IsAccessedFromAllowableAgent(void){
1397 if(debug>1) err_msg("DEBUG:=>isAccessedFromAllowableAgent( )");
1398 ret=isAccessedFromAllowableAgent();
1399 if(debug>1) err_msg("DEBUG:(%d)<=isAccessedFromAllowableAgent( )",ret);