aboutsummaryrefslogtreecommitdiffstats
path: root/config/squid3
diff options
context:
space:
mode:
authorMarcello Coutinho <marcellocoutinho@gmail.com>2014-12-29 23:37:56 -0200
committerCharlie Root <root@proxy03.lab.local>2014-12-29 23:37:56 -0200
commit1aab45a41e4f0bc3b493bac0cbd25a32bff129ac (patch)
tree11e7530747c9356efe1851b8d247cdcdfe072e98 /config/squid3
parent28c552b11ab71035755720ff2a6092f45b961439 (diff)
downloadpfsense-packages-1aab45a41e4f0bc3b493bac0cbd25a32bff129ac.tar.gz
pfsense-packages-1aab45a41e4f0bc3b493bac0cbd25a32bff129ac.tar.bz2
pfsense-packages-1aab45a41e4f0bc3b493bac0cbd25a32bff129ac.zip
squid3.4 - update compile args
fix captive portal check_ip for 2.2 fix ssl_bump with no authentication bump package version
Diffstat (limited to 'config/squid3')
-rw-r--r--config/squid3/34/check_ip.php56
-rwxr-xr-xconfig/squid3/34/squid.inc5
2 files changed, 34 insertions, 27 deletions
diff --git a/config/squid3/34/check_ip.php b/config/squid3/34/check_ip.php
index a3f07204..5865037b 100644
--- a/config/squid3/34/check_ip.php
+++ b/config/squid3/34/check_ip.php
@@ -3,7 +3,7 @@
/* $Id$ */
/*
check_ip.php
- Copyright (C) 2013-2014 Marcello Coutinho
+ Copyright (C) 2013-2015 Marcello Coutinho
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -27,6 +27,7 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
+require_once("config.inc");
error_reporting(0);
// stdin loop
if (! defined(STDIN)) {
@@ -39,40 +40,24 @@ while( !feof(STDIN)){
$line = trim(fgets(STDIN));
// %SRC
-$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
unset($cp_db);
-if ($pf_version > 2.0){
- $dir="/var/db";
- $files=scandir($dir);
- foreach ($files as $file){
- if (preg_match("/captive.*db/",$file)){
- $dbhandle = sqlite_open("$dir/$file", 0666, $error);
- if ($dbhandle){
- $query = "select * from captiveportal";
- $result = sqlite_array_query($dbhandle, $query, SQLITE_ASSOC);
- if ($result){
- foreach ($result as $rownum => $row){
- $cp_db[$rownum]=implode(",",$row);
- }
- sqlite_close($dbhandle);
- }
- }
+$files=scandir($g['vardb_path']);
+foreach ($files as $file){
+ if (preg_match("/captive.*db/",$file)){
+ $result=squid_cp_read_db("{$g['vardb_path']}/{$file}");
+ foreach ($result as $rownum => $row){
+ $cp_db[$rownum]=implode(",",$row);
}
- }
+ }
}
-else{
- $filename="/var/db/captiveportal.db";
- if (file_exists($filename))
- $cp_db=file($filename);
-}
$usuario="";
- // 1376630450,2,172.16.3.65,00:50:56:9c:00:c7,admin,e1779ea20d0a11c7,,,,
+ //1419045939,1419045939,2000,2000,192.168.10.11,192.168.10.11,08:00:27:5c:e1:ee,08:00:27:5c:e1:ee,marcello,marcello,605a1f46e2d64556,605a1f46e2d64556,,,,,,,,,,,first,first
if (is_array($cp_db)){
foreach ($cp_db as $cpl){
$fields=explode(",",$cpl);
- if ($fields[2] != "" && $fields[2]==$line)
- $usuario=$fields[4];
+ if ($fields[4] != "" && $fields[4]==$line)
+ $usuario=$fields[8];
}
}
if ($usuario !="")
@@ -82,5 +67,22 @@ else{
fwrite (STDOUT, "{$resposta}\n");
unset($cp_db);
}
+
+/* read captive portal DB into array */
+function squid_cp_read_db($file) {
+ $cpdb = array();
+ $DB = new SQLite3($file);
+ if ($DB) {
+ $response = $DB->query("SELECT * FROM captiveportal");
+ if ($response != FALSE) {
+ while ($row = $response->fetchArray())
+ $cpdb[] = $row;
+ }
+ $DB->close();
+ }
+
+ return $cpdb;
+}
+
?>
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index a2917515..0e5a173c 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -1698,6 +1698,11 @@ function squid_resync_auth() {
$conf .="http_access deny sglog\n";
}
if ($auth_method == 'none' ) {
+ // SSL interception acl options part 2 without authentication
+ if ($settingsconfig['ssl_proxy'] == "on"){
+ $conf .= "always_direct allow all\n";
+ $conf .= "ssl_bump server-first all\n";
+ }
$conf .="# Setup allowed acls\n";
$allowed = array('allowed_subnets');
if ($settingsconfig['allow_interface'] == 'on') {