[ previous ] [ next ] [ threads ]
 
 From:  "=?ISO-8859-1?Q?R=F6nnblom_Jan=E5ke_?= /Teknous" <jan dash ake dot ronnblom at skeria dot skelleftea dot se>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] patch for captiveportal and file locking problems
 Date:  Wed, 12 Dec 2007 17:06:40 +0100
>Hi!
>
>Attached is a patch for a few problem that have plauged us for a long time. 

Hmm, the attachment got removed on my side so here it is:

----< cut >----
--- 1.231/etc/inc/captiveportal.inc	2007-04-07 10:51:24.000000000 +0200
+++ 1.231jar/etc/inc/captiveportal.inc	2007-12-12 16:31:44.000000000 +0100
@@ -419,7 +419,11 @@
 
     $radiusservers = captiveportal_get_radius_servers();
 
-    for ($i = 0; $i < count($cpdb); $i++) {
+ 	/* To make sure we iterate over ALL accounts on every run the count($cpdb)
is moved outside of the loop. Otherwise
+       the loop would evalate count() on every iteration and since $i would
increase and count() would decrement they
+       would meet before we had a chance to iterate over all accounts.*/
+    $no_users = count($cpdb);
+    for ($i = 0; $i < $no_users; $i++) {
 
         $timedout = false;
         $term_cause = 1;
@@ -445,6 +449,9 @@
         /* if an idle timeout is specified, get last activity timestamp from
ipfw */
         if (!$timedout && $idletimeout) {
             $lastact = captiveportal_get_last_activity($cpdb[$i][1]);
+			/* if the user has logged on but not sent any trafic they will never be
logged out.
+			   We "fix" this by setting lastact to the login timestamp */
+			$lastact = $lastact ? $lastact : $cpdb[$i][0];
             if ($lastact && ((time() - $lastact) >= $idletimeout)) {
                 $timedout = true;
                 $term_cause = 4; // Idle-Timeout
@@ -797,25 +804,37 @@
         return false;
 }
 
-/* lock captive portal information, decide that the lock file is stale after
-   10 seconds */
+/* lock captive portal information, decide that the lock file is stale after 
+   10 minutes and EXIT the process to not risk dataloss, issue warning in
syslog every 1 minutes */
 function captiveportal_lock() {
 
         global $lockfile;
 
-        $n = 0;
-        while ($n < 10) {
+        $n = 1;
+        while ($n) {
                 /* open the lock file in append mode to avoid race condition */
                 if ($fd = @fopen($lockfile, "x")) {
                         /* succeeded */
                         fclose($fd);
+						if($n > 10) {
+						    captiveportal_syslog("LOCKINFO: Waiting for lock for $n seconds/s!");
+						}
                         return;
                 } else {
                         /* file locked, wait and try again */
                         sleep(1);
-                        $n++;
+
+						if(($n % 60) == 0) {
+						    captiveportal_syslog("LOCKWARNING: waiting for lock for " . $n/60 .
" minute/s!");
+						    if(($n % 600) == 0) {
+						        captiveportal_syslog("LOCKERROR: waiting for lock for 10
minute/s - EXITING PROCESS!");
+						        die("Can't get a lock");
+						    }
+					    }
                 }
+                $n++;
         }
+		/* we never get here */
 }
 
 /* unlock captive portal information file */
@@ -830,14 +849,22 @@
 /* log successful captive portal authentication to syslog */
 /* part of this code from php.net */
 function captiveportal_logportalauth($user,$mac,$ip,$status, $message = null) {
-    define_syslog_variables();
     $message = trim($message);
-    openlog("logportalauth", LOG_PID, LOG_LOCAL4);
     // Log it
     if (!$message)
-    syslog(LOG_INFO, "$status: $user, $mac, $ip");
+        $message = "$status: $user, $mac, $ip";
     else
-    syslog(LOG_INFO, "$status: $user, $mac, $ip, $message");
+        $message = "$status: $user, $mac, $ip, $message";
+	captiveportal_syslog($message);
+}
+
+/* log simple messages to syslog */
+function captiveportal_syslog($message) {
+    define_syslog_variables();
+    $message = trim($message);
+    openlog("logportalauth", LOG_PID, LOG_LOCAL4);
+    // Log it
+    syslog(LOG_INFO, $message);
     closelog();
 }
 

----< cut >----

=====================================================


Assistentgatan 23
931 77 Skelleftea (Sweden)
-----------------------------------------------------
Phone  : +46-910-58 54 24
Mobile : 070-397 07 43
Fax    : +46-910-58 54 99
URL    : http://skeria.skelleftea.se
-----------------------------------------------------
"Those who do not understand Unix are condemned to reinvent it, poorly." --
Henry Spencer
captiveportal.inc.v2.zip (2.1 KB, application/x-zip-compressed)