#!/usr/bin/perl ############################################################################### # # # IPFire.org - A linux based firewall # # Copyright (C) 2016 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see . # # # ############################################################################### #use strict; use HTML::Entities(); use File::Basename; # enable only the following on debugging purpose #use warnings; #use CGI::Carp 'fatalsToBrowser'; require '/var/ipfire/general-functions.pl'; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; my %selected = (); my $coupons = "${General::swroot}/captive/coupons"; my %couponhash = (); my $logo = "${General::swroot}/captive/logo.dat"; my %settings=(); my %mainsettings; my %color; my %cgiparams=(); my %netsettings=(); my %checked=(); my $errormessage=''; my $clients="${General::swroot}/captive/clients"; my %clientshash=(); my $settingsfile="${General::swroot}/captive/settings"; unless (-e $settingsfile) { system("touch $settingsfile"); } &Header::getcgihash(\%cgiparams); &General::readhash("${General::swroot}/main/settings", \%mainsettings); &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); &General::readhash("$settingsfile", \%settings) if(-f $settingsfile); &General::readhash("${General::swroot}/ethernet/settings", \%netsettings); &Header::showhttpheaders(); if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) { my $file = $cgiparams{'logo'}; if ($file) { # Check if the file extension is PNG/JPEG chomp $file; my ($name, $path, $ext) = fileparse($file, qr/\.[^.]*$/); if ($ext ne ".png" && $ext ne ".jpg" && $ext ne ".jpeg") { $errormessage = $Lang::tr{'Captive wrong ext'}; } } $settings{'ENABLE_GREEN'} = $cgiparams{'ENABLE_GREEN'}; $settings{'ENABLE_BLUE'} = $cgiparams{'ENABLE_BLUE'}; $settings{'AUTH'} = $cgiparams{'AUTH'}; $settings{'TITLE'} = $cgiparams{'TITLE'}; $settings{'COLOR'} = $cgiparams{'COLOR'}; $settings{'SESSION_TIME'} = $cgiparams{'SESSION_TIME'}; if (!$errormessage){ #Check if we need to upload a new logo if ($file) { # Save logo my ($filehandle) = CGI::upload("logo"); # XXX check filesize open(FILE, ">$logo"); binmode $filehandle; while (<$filehandle>) { print FILE; } close(FILE); } &General::writehash("$settingsfile", \%settings); # Save terms $cgiparams{'TERMS'} = &Header::escape($cgiparams{'TERMS'}); open(FH, ">:utf8", "/var/ipfire/captive/terms.txt") or die("$!"); print FH $cgiparams{'TERMS'}; close(FH); $cgiparams{'TERMS'} = ""; #execute binary to reload firewall rules system("/usr/local/bin/captivectrl"); if ($cgiparams{'ENABLE_BLUE'} eq 'on'){ system("/usr/local/bin/wirelessctrl"); } } } if ($cgiparams{'ACTION'} eq "$Lang::tr{'Captive generate coupon'}") { # Check expiry time if ($cgiparams{'EXP_HOUR'} + $cgiparams{'EXP_DAY'} + $cgiparams{'EXP_WEEK'} + $cgiparams{'EXP_MONTH'} == 0 && $cgiparams{'UNLIMITED'} == '') { $errormessage = $Lang::tr{'Captive noexpiretime'}; } #check valid remark if ($cgiparams{'REMARK'} ne '' && !&validremark($cgiparams{'REMARK'})){ $errormessage=$Lang::tr{'fwhost err remark'}; } if (!$errormessage) { # Remember selected values foreach my $val (("UNLIMITED", "EXP_HOUR", "EXP_DAY", "EXP_WEEK", "EXP_MONTH")) { $settings{$val} = $cgiparams{$val}; } &General::writehash($settingsfile, \%settings); &General::readhasharray($coupons, \%couponhash) if (-e $coupons); my $now = time(); # Calculate expiry time in seconds my $expires = 0; if ($settings{'UNLIMITED'} ne 'on') { $expires += $settings{'EXP_HOUR'}; $expires += $settings{'EXP_DAY'}; $expires += $settings{'EXP_WEEK'}; $expires += $settings{'EXP_MONTH'}; } my $count = $cgiparams{'COUNT'} || 1; while($count-- > 0) { # Generate a new code my $code = &gencode(); # Check if the coupon code already exists foreach my $key (keys %couponhash) { if($couponhash{$key}[1] eq $code) { # Code already exists, so try again $code = ""; $count++; last; } } next if ($code eq ""); # Get a new key from hash my $key = &General::findhasharraykey(\%couponhash); # Initialize all fields foreach my $i (0 .. 3) { $couponhash{$key}[$i] = ""; } $couponhash{$key}[0] = $now; $couponhash{$key}[1] = $code; $couponhash{$key}[2] = $expires; $couponhash{$key}[3] = $cgiparams{'REMARK'}; } # Save everything to disk &General::writehasharray($coupons, \%couponhash); } } if ($cgiparams{'ACTION'} eq 'delete-coupon') { #deletes an already generated but unused voucher #read all generated vouchers &General::readhasharray($coupons, \%couponhash) if (-e $coupons); foreach my $key (keys %couponhash) { if($cgiparams{'key'} eq $couponhash{$key}[0]){ #write logenty with decoded remark my $rem=HTML::Entities::decode_entities($couponhash{$key}[4]); &General::log("Captive", "Delete unused coupon $couponhash{$key}[1] $couponhash{$key}[2] hours valid expires on $couponhash{$key}[3] remark $rem"); #delete line from hash delete $couponhash{$key}; last; } } #write back hash &General::writehasharray($coupons, \%couponhash); } if ($cgiparams{'ACTION'} eq 'delete-client') { #delete voucher and connection in use #read all active clients &General::readhasharray($clients, \%clientshash) if (-e $clients); foreach my $key (keys %clientshash) { if($cgiparams{'key'} eq $clientshash{$key}[0]){ #prepare log entry with decoded remark my $rem=HTML::Entities::decode_entities($clientshash{$key}[7]); #write logentry &General::log("Captive", "Deleted client in use $clientshash{$key}[1] $clientshash{$key}[2] hours valid expires on $clientshash{$key}[3] remark $rem - Connection will be terminated"); #delete line from hash delete $clientshash{$key}; last; } } #write back hash &General::writehasharray("$clients", \%clientshash); #reload firewallrules to kill connection of client system("/usr/local/bin/captivectrl"); } #open webpage, print header and open box &Header::openpage($Lang::tr{'Captive menu'}, 1, ''); &Header::openbigbox(); # If an error message exists, show a box with the error message if ($errormessage) { &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); print $errormessage; &Header::closebox(); } # Prints the config box on the website &Header::openbox('100%', 'left', $Lang::tr{'Captive config'}); print <\n END ; #check which parameters have to be enabled (from settings file) $checked{'ENABLE_GREEN'}{'off'} = ''; $checked{'ENABLE_GREEN'}{'on'} = ''; $checked{'ENABLE_GREEN'}{$settings{'ENABLE_GREEN'}} = "checked='checked'"; $checked{'ENABLE_BLUE'}{'off'} = ''; $checked{'ENABLE_BLUE'}{'on'} = ''; $checked{'ENABLE_BLUE'}{$settings{'ENABLE_BLUE'}} = "checked='checked'"; $checked{'UNLIMITED'}{'off'} = ''; $checked{'UNLIMITED'}{'on'} = ''; $checked{'UNLIMITED'}{$settings{'UNLIMITED'}} = "checked='checked'"; $selected{'AUTH'} = (); $selected{'AUTH'}{'COUPON'} = ""; $selected{'AUTH'}{'TERMS'} = ""; $selected{'AUTH'}{$settings{'AUTH'}} = "selected"; if ($netsettings{'GREEN_DEV'}){ print ""; } if ($netsettings{'BLUE_DEV'}){ print ""; } print< END ; if ($settings{'AUTH'} eq 'TERMS') { $selected{'SESSION_TIME'} = (); $selected{'SESSION_TIME'}{'0'} = ""; $selected{'SESSION_TIME'}{'3600'} = ""; $selected{'SESSION_TIME'}{'28800'} = ""; $selected{'SESSION_TIME'}{'86400'} = ""; $selected{'SESSION_TIME'}{'604800'} = ""; $selected{'SESSION_TIME'}{'18144000'} = ""; $selected{'SESSION_TIME'}{$settings{'SESSION_TIME'}} = "selected"; print < END } print< END if (-e $logo) { print < END } my $terms = &getterms(); print <
$Lang::tr{'Captive active on'} Green
$Lang::tr{'Captive active on'} Blue
$Lang::tr{'Captive authentication'}
$Lang::tr{'Captive client session expiry time'}

$Lang::tr{'Captive branding'}
$Lang::tr{'Captive title'}
$Lang::tr{'Captive brand color'}
$Lang::tr{'Captive upload logo'}
$Lang::tr{'Captive upload logo recommendations'}
$Lang::tr{'Captive logo uploaded'} $Lang::tr{'yes'}
END &Header::closebox(); #if settings is set to use coupons, the coupon part has to be displayed if ($settings{'AUTH'} eq 'COUPON') { &coupons(); } # Show active clients &show_clients(); sub getterms() { my @ret; open(FILE, "<:utf8", "/var/ipfire/captive/terms.txt"); while() { push(@ret, HTML::Entities::decode_entities($_)); } close(FILE); return join(/\n/, @ret); } sub gencode(){ #generate a random code only letters from A-Z except 'O' and 0-9 my @chars = ("A".."N", "P".."Z", "0".."9"); my $randomstring; $randomstring .= $chars[rand @chars] for 1..8; return $randomstring; } sub coupons() { &Header::openbox('100%', 'left', $Lang::tr{'Captive generate coupon'}); print <
$Lang::tr{'Captive vouchervalid'} END #print hour-dropdownbox my $hrs=3600; print "
$Lang::tr{'hours'} $Lang::tr{'days'} $Lang::tr{'weeks'} $Lang::tr{'months'}
"; #print day-dropdownbox my $days=3600*24; print ""; #print week-dropdownbox my $week=3600*24*7; print ""; #print month-dropdownbox my $month=3600*24*30; print "
$Lang::tr{'remark'}
END &Header::closebox(); # Show all coupons if exist if (! -z $coupons) { &show_coupons(); } } sub show_coupons() { &General::readhasharray($coupons, \%couponhash) if (-e $coupons); #if there are already generated but unsused coupons, print a table &Header::openbox('100%', 'left', $Lang::tr{'Captive issued coupons'}); print < $Lang::tr{'Captive coupon'} $Lang::tr{'Captive expiry time'} $Lang::tr{'remark'} $Lang::tr{'delete'} END foreach my $key (keys %couponhash) { my $expirytime = $Lang::tr{'Captive nolimit'}; if ($couponhash{$key}[2] > 0) { $expirytime = &General::format_time($couponhash{$key}[2]); } if ($count++ % 2) { $col="bgcolor='$color{'color20'}'"; } else { $col="bgcolor='$color{'color22'}'"; } print < $couponhash{$key}[1] $expirytime $couponhash{$key}[3]
END } print ""; &Header::closebox(); } sub show_clients() { # if there are active clients which use coupons show table return if ( -z $clients || ! -f $clients ); my $count=0; my $col; &Header::openbox('100%', 'left', $Lang::tr{'Captive clients'}); print < $Lang::tr{'Captive coupon'} $Lang::tr{'Captive activated'} $Lang::tr{'Captive expiry time'} $Lang::tr{'Captive mac'} $Lang::tr{'remark'} $Lang::tr{'delete'} END &General::readhasharray($clients, \%clientshash) if (-e $clients); foreach my $key (keys %clientshash) { #calculate time from clientshash (starttime) my $starttime = sub{sprintf '%02d.%02d.%04d %02d:%02d', $_[3], $_[4]+1, $_[5]+1900, $_[2], $_[1] }->(localtime($clientshash{$key}[2])); #calculate endtime from clientshash my $endtime; if ($clientshash{$key}[3] eq '0'){ $endtime=$Lang::tr{'Captive nolimit'}; } else { $endtime = sub{sprintf '%02d.%02d.%04d %02d:%02d', $_[3], $_[4]+1, $_[5]+1900, $_[2], $_[1] }->(localtime($clientshash{$key}[2]+$clientshash{$key}[3])); } if ($count++ % 2) { $col="bgcolor='$color{'color20'}'"; } else { $col="bgcolor='$color{'color22'}'"; } my $coupon = ($clientshash{$key}[4] eq "LICENSE") ? $Lang::tr{'Captive terms short'} : $clientshash{$key}[4]; print < $coupon $starttime $endtime $clientshash{$key}[0] $clientshash{$key}[5]
END } print ""; &Header::closebox(); } sub validremark { # Checks a hostname against RFC1035 my $remark = $_[0]; # Each part should be at least two characters in length # but no more than 63 characters if (length ($remark) < 1 || length ($remark) > 255) { return 0;} # Only valid characters are a-z, A-Z, 0-9 and - if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:;\|_()\/\s]*$/) { return 0;} # First character can only be a letter or a digit if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÖÄÜ0-9]*$/) { return 0;} # Last character can only be a letter or a digit if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÖÄÜ0-9.:;_)]*$/) { return 0;} return 1; } &Header::closebigbox(); &Header::closepage();