System: User Manager

From bae8b3e877512740864ffd1e08820b41c71cf72b Mon Sep 17 00:00:00 2001 From: Daniel Stefan Haischt Date: Sun, 9 Sep 2007 21:47:15 +0000 Subject: * added initial release of user- and groupmanager stuff (now being called authng) * this is just a working, unfinished version. It does not work as expected right now. --- packages/authng/bin/patch | Bin 0 -> 41056 bytes packages/authng/diff/authng-fbegin.inc.diff | 15 + packages/authng/diff/authng-globals.inc.diff | 16 + packages/authng/diff/authng-guiconfig.inc.diff | 16 + packages/authng/diff/authng-pfSenseHead.diff | 2128 ++++++++++++++++++++++++ packages/authng/pkg/authng.inc | 78 + packages/authng/pkg/authng.xml | 194 +++ packages/authng/pkg/authng_authgui.inc | 287 ++++ packages/authng/pkg/authng_authmethods.inc | 222 +++ packages/authng/pkg/authng_backends.inc | 234 +++ packages/authng/pkg/authng_classdefs.inc | 466 ++++++ packages/authng/pkg/authng_peers.inc | 471 ++++++ 12 files changed, 4127 insertions(+) create mode 100644 packages/authng/bin/patch create mode 100644 packages/authng/diff/authng-fbegin.inc.diff create mode 100644 packages/authng/diff/authng-globals.inc.diff create mode 100644 packages/authng/diff/authng-guiconfig.inc.diff create mode 100644 packages/authng/diff/authng-pfSenseHead.diff create mode 100644 packages/authng/pkg/authng.inc create mode 100644 packages/authng/pkg/authng.xml create mode 100644 packages/authng/pkg/authng_authgui.inc create mode 100644 packages/authng/pkg/authng_authmethods.inc create mode 100644 packages/authng/pkg/authng_backends.inc create mode 100644 packages/authng/pkg/authng_classdefs.inc create mode 100644 packages/authng/pkg/authng_peers.inc (limited to 'packages') diff --git a/packages/authng/bin/patch b/packages/authng/bin/patch new file mode 100644 index 00000000..f807fa85 Binary files /dev/null and b/packages/authng/bin/patch differ diff --git a/packages/authng/diff/authng-fbegin.inc.diff b/packages/authng/diff/authng-fbegin.inc.diff new file mode 100644 index 00000000..8a38c1b4 --- /dev/null +++ b/packages/authng/diff/authng-fbegin.inc.diff @@ -0,0 +1,15 @@ +Index: usr/local/www/fbegin.inc +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/fbegin.inc,v +retrieving revision 1.104.2.37.2.7 +diff -u -r1.104.2.37.2.7 fbegin.inc +--- usr/local/www/fbegin.inc 31 May 2007 03:21:59 -0000 1.104.2.37.2.7 ++++ usr/local/www/fbegin.inc 8 Sep 2007 21:16:29 -0000 +@@ -127,6 +127,7 @@ + +

Setup wizard

Static routes

++ + + +

diff --git a/packages/authng/diff/authng-globals.inc.diff b/packages/authng/diff/authng-globals.inc.diff new file mode 100644 index 00000000..6dea7e6f --- /dev/null +++ b/packages/authng/diff/authng-globals.inc.diff @@ -0,0 +1,16 @@ +Index: globals.inc +=================================================================== +RCS file: /cvsroot/pfSense/etc/inc/globals.inc,v +retrieving revision 1.40.2.16 +diff -u -r1.40.2.16 globals.inc +--- globals.inc 27 Feb 2007 20:45:31 -0000 1.40.2.16 ++++ globals.inc 9 Sep 2007 20:54:52 -0000 +@@ -47,6 +47,8 @@ + "cf_conf_path" => "/cf/conf", + "www_path" => "/usr/local/www", + "xml_rootobj" => "pfsense", ++ "admin_group" => "admins", ++ "product_name" => "pfSense", + "pppoe_interface" => "ng0", + "n_pptp_units" => 16, /* this value can be overriden in pptp->n_pptp_units */ + "pptp_subnet" => 28, /* this value can be overriden in pptp->pptp_subnet */ diff --git a/packages/authng/diff/authng-guiconfig.inc.diff b/packages/authng/diff/authng-guiconfig.inc.diff new file mode 100644 index 00000000..35b4f3aa --- /dev/null +++ b/packages/authng/diff/authng-guiconfig.inc.diff @@ -0,0 +1,16 @@ +Index: guiconfig.inc +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/guiconfig.inc,v +retrieving revision 1.90.2.31.2.3 +diff -u -r1.90.2.31.2.3 guiconfig.inc +--- guiconfig.inc 10 May 2007 20:49:41 -0000 1.90.2.31.2.3 ++++ guiconfig.inc 9 Sep 2007 19:43:31 -0000 +@@ -41,7 +41,7 @@ + + /* Include authentication routines */ + /* THIS MUST BE ABOVE ALL OTHER CODE */ +-require_once("auth.inc"); ++require_once("authng_authgui.inc"); + + /* parse the configuration and include all configuration functions */ + require_once("config.inc"); diff --git a/packages/authng/diff/authng-pfSenseHead.diff b/packages/authng/diff/authng-pfSenseHead.diff new file mode 100644 index 00000000..2a531271 --- /dev/null +++ b/packages/authng/diff/authng-pfSenseHead.diff @@ -0,0 +1,2128 @@ +Index: usr/local/www/carp_status.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/carp_status.php,v +retrieving revision 1.27.2.3 +diff -u -r1.27.2.3 carp_status.php +--- usr/local/www/carp_status.php 3 Apr 2006 21:05:11 -0000 1.27.2.3 ++++ usr/local/www/carp_status.php 8 Sep 2007 18:31:52 -0000 +@@ -56,6 +56,7 @@ + + $pgtitle = "CARP: Status"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_arp.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_arp.php,v +retrieving revision 1.3.2.4 +diff -u -r1.3.2.4 diag_arp.php +--- usr/local/www/diag_arp.php 19 Mar 2006 22:23:31 -0000 1.3.2.4 ++++ usr/local/www/diag_arp.php 8 Sep 2007 18:32:10 -0000 +@@ -31,6 +31,7 @@ + require("guiconfig.inc"); + $pgtitle = "Diagnostics: ARP Table"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + ?> + + +Index: usr/local/www/diag_backup.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_backup.php,v +retrieving revision 1.70.2.18.2.2 +diff -u -r1.70.2.18.2.2 diag_backup.php +--- usr/local/www/diag_backup.php 3 May 2007 22:16:01 -0000 1.70.2.18.2.2 ++++ usr/local/www/diag_backup.php 8 Sep 2007 18:32:26 -0000 +@@ -225,6 +225,7 @@ + + $pgtitle = "Diagnostics: Backup/restore"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_confbak.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_confbak.php,v +retrieving revision 1.20.2.2 +diff -u -r1.20.2.2 diag_confbak.php +--- usr/local/www/diag_confbak.php 2 Jan 2006 23:46:23 -0000 1.20.2.2 ++++ usr/local/www/diag_confbak.php 8 Sep 2007 18:32:54 -0000 +@@ -50,6 +50,7 @@ + + $pgtitle = "Diagnostics: Configuration History"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_defaults.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_defaults.php,v +retrieving revision 1.6.4.3 +diff -u -r1.6.4.3 diag_defaults.php +--- usr/local/www/diag_defaults.php 28 Apr 2006 02:27:19 -0000 1.6.4.3 ++++ usr/local/www/diag_defaults.php 8 Sep 2007 18:32:58 -0000 +@@ -46,6 +46,7 @@ + + $pgtitle = "Diagnostics: Factory defaults"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_dhcp_leases.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_dhcp_leases.php,v +retrieving revision 1.11.2.17 +diff -u -r1.11.2.17 diag_dhcp_leases.php +--- usr/local/www/diag_dhcp_leases.php 2 Mar 2007 15:31:08 -0000 1.11.2.17 ++++ usr/local/www/diag_dhcp_leases.php 8 Sep 2007 18:33:04 -0000 +@@ -35,6 +35,7 @@ + + $pgtitle = "Diagnostics: DHCP leases"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_dump_states.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_dump_states.php,v +retrieving revision 1.10.2.14.2.1 +diff -u -r1.10.2.14.2.1 diag_dump_states.php +--- usr/local/www/diag_dump_states.php 11 May 2007 17:21:06 -0000 1.10.2.14.2.1 ++++ usr/local/www/diag_dump_states.php 8 Sep 2007 18:33:11 -0000 +@@ -30,6 +30,7 @@ + + $pgtitle = "Diagnostics: Show States"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + /* handle AJAX operations */ + if($_GET['action']) { +Index: usr/local/www/diag_ipsec_sad.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_ipsec_sad.php,v +retrieving revision 1.12.2.3 +diff -u -r1.12.2.3 diag_ipsec_sad.php +--- usr/local/www/diag_ipsec_sad.php 3 Apr 2006 21:05:11 -0000 1.12.2.3 ++++ usr/local/www/diag_ipsec_sad.php 8 Sep 2007 18:33:18 -0000 +@@ -35,6 +35,7 @@ + + $pgtitle = "Diagnostics: IPSec: SA"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_ipsec_spd.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_ipsec_spd.php,v +retrieving revision 1.12.2.2 +diff -u -r1.12.2.2 diag_ipsec_spd.php +--- usr/local/www/diag_ipsec_spd.php 2 Jan 2006 23:46:23 -0000 1.12.2.2 ++++ usr/local/www/diag_ipsec_spd.php 8 Sep 2007 18:33:22 -0000 +@@ -35,6 +35,7 @@ + + $pgtitle = "Diagnostics: IPSec: SPD"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs.php,v +retrieving revision 1.32.2.11 +diff -u -r1.32.2.11 diag_logs.php +--- usr/local/www/diag_logs.php 9 Oct 2006 00:19:17 -0000 1.32.2.11 ++++ usr/local/www/diag_logs.php 8 Sep 2007 18:33:30 -0000 +@@ -56,6 +56,7 @@ + + $pgtitle = "Diagnostics: System logs: System"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_auth.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_auth.php,v +retrieving revision 1.19.2.4 +diff -u -r1.19.2.4 diag_logs_auth.php +--- usr/local/www/diag_logs_auth.php 5 Oct 2006 21:51:02 -0000 1.19.2.4 ++++ usr/local/www/diag_logs_auth.php 8 Sep 2007 18:33:38 -0000 +@@ -43,6 +43,7 @@ + + $pgtitle = "Diagnostics: System logs: Portal Auth"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_dhcp.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_dhcp.php,v +retrieving revision 1.19.2.4 +diff -u -r1.19.2.4 diag_logs_dhcp.php +--- usr/local/www/diag_logs_dhcp.php 5 Oct 2006 21:51:02 -0000 1.19.2.4 ++++ usr/local/www/diag_logs_dhcp.php 8 Sep 2007 18:33:43 -0000 +@@ -45,6 +45,7 @@ + + $pgtitle = "Diagnostics: System logs: DHCP"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_filter.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_filter.php,v +retrieving revision 1.46.2.33.2.1 +diff -u -r1.46.2.33.2.1 diag_logs_filter.php +--- usr/local/www/diag_logs_filter.php 5 Jul 2007 22:31:03 -0000 1.46.2.33.2.1 ++++ usr/local/www/diag_logs_filter.php 8 Sep 2007 18:33:53 -0000 +@@ -173,6 +173,7 @@ + + $pgtitle = "Diagnostics: System logs: Firewall"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_filter_dynamic.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/diag_logs_filter_dynamic.php,v +retrieving revision 1.13.2.16.2.2 +diff -u -r1.13.2.16.2.2 diag_logs_filter_dynamic.php +--- usr/local/www/diag_logs_filter_dynamic.php 4 Jul 2007 20:14:26 -0000 1.13.2.16.2.2 ++++ usr/local/www/diag_logs_filter_dynamic.php 8 Sep 2007 18:34:01 -0000 +@@ -157,6 +157,7 @@ + + $pgtitle = "Diagnostics: System logs: Firewall"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_ipsec.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_ipsec.php,v +retrieving revision 1.30.2.5 +diff -u -r1.30.2.5 diag_logs_ipsec.php +--- usr/local/www/diag_logs_ipsec.php 5 Oct 2006 21:51:02 -0000 1.30.2.5 ++++ usr/local/www/diag_logs_ipsec.php 8 Sep 2007 18:35:14 -0000 +@@ -47,6 +47,7 @@ + + $pgtitle = "Diagnostics: System logs: IPSEC VPN"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_ntpd.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_ntpd.php,v +retrieving revision 1.1.2.4 +diff -u -r1.1.2.4 diag_logs_ntpd.php +--- usr/local/www/diag_logs_ntpd.php 22 Oct 2006 05:30:56 -0000 1.1.2.4 ++++ usr/local/www/diag_logs_ntpd.php 8 Sep 2007 18:35:19 -0000 +@@ -45,6 +45,7 @@ + + $pgtitle = "Diagnostics: System logs: OpenNTPD"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_openvpn.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_openvpn.php,v +retrieving revision 1.2.2.8 +diff -u -r1.2.2.8 diag_logs_openvpn.php +--- usr/local/www/diag_logs_openvpn.php 5 Oct 2006 21:51:02 -0000 1.2.2.8 ++++ usr/local/www/diag_logs_openvpn.php 8 Sep 2007 18:35:24 -0000 +@@ -48,6 +48,7 @@ + } + + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_settings.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_settings.php,v +retrieving revision 1.18.2.8 +diff -u -r1.18.2.8 diag_logs_settings.php +--- usr/local/www/diag_logs_settings.php 5 Oct 2006 21:51:02 -0000 1.18.2.8 ++++ usr/local/www/diag_logs_settings.php 8 Sep 2007 18:35:31 -0000 +@@ -94,6 +94,7 @@ + + $pgtitle = "Diagnostics: System logs: Settings"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_slbd.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_slbd.php,v +retrieving revision 1.3.2.5 +diff -u -r1.3.2.5 diag_logs_slbd.php +--- usr/local/www/diag_logs_slbd.php 5 Oct 2006 21:51:02 -0000 1.3.2.5 ++++ usr/local/www/diag_logs_slbd.php 8 Sep 2007 18:35:36 -0000 +@@ -46,6 +46,7 @@ + + $pgtitle = "Diagnostics: System logs: Load Balancer"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_logs_vpn.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_logs_vpn.php,v +retrieving revision 1.26.2.8 +diff -u -r1.26.2.8 diag_logs_vpn.php +--- usr/local/www/diag_logs_vpn.php 22 Oct 2006 05:30:56 -0000 1.26.2.8 ++++ usr/local/www/diag_logs_vpn.php 8 Sep 2007 18:35:43 -0000 +@@ -70,6 +70,7 @@ + } + + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_packet_capture.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_packet_capture.php,v +retrieving revision 1.2.2.4.2.5 +diff -u -r1.2.2.4.2.5 diag_packet_capture.php +--- usr/local/www/diag_packet_capture.php 1 Jul 2007 05:09:05 -0000 1.2.2.4.2.5 ++++ usr/local/www/diag_packet_capture.php 8 Sep 2007 18:35:53 -0000 +@@ -106,7 +106,9 @@ + + } + $pgtitle = "Diagnostics: Packet Capture"; +-include("head.inc"); ?> ++include("head.inc"); ++echo $pfSenseHead->getHTML(); ++?> + + + +Index: usr/local/www/diag_ping.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/diag_ping.php,v +retrieving revision 1.8.2.6 +diff -u -r1.8.2.6 diag_ping.php +--- usr/local/www/diag_ping.php 25 Apr 2006 22:06:42 -0000 1.8.2.6 ++++ usr/local/www/diag_ping.php 8 Sep 2007 18:36:01 -0000 +@@ -86,7 +86,9 @@ + } + + $pgtitle = "Diagnostics: Ping"; +-include("head.inc"); ?> ++include("head.inc"); ++echo $pfSenseHead->getHTML(); ++?> + + +

+Index: usr/local/www/diag_pkglogs.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_pkglogs.php,v +retrieving revision 1.20.4.1 +diff -u -r1.20.4.1 diag_pkglogs.php +--- usr/local/www/diag_pkglogs.php 2 Jan 2006 23:46:23 -0000 1.20.4.1 ++++ usr/local/www/diag_pkglogs.php 8 Sep 2007 18:36:08 -0000 +@@ -68,6 +68,7 @@ + + $pgtitle = "Diagnostics: Package logs"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_resetstate.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_resetstate.php,v +retrieving revision 1.6.4.2 +diff -u -r1.6.4.2 diag_resetstate.php +--- usr/local/www/diag_resetstate.php 2 Jan 2006 23:46:23 -0000 1.6.4.2 ++++ usr/local/www/diag_resetstate.php 8 Sep 2007 18:36:12 -0000 +@@ -45,6 +45,7 @@ + + $pgtitle = "Diagnostics: Reset state"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_routes.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/diag_routes.php,v +retrieving revision 1.2.2.4 +diff -u -r1.2.2.4 diag_routes.php +--- usr/local/www/diag_routes.php 11 Mar 2006 08:25:22 -0000 1.2.2.4 ++++ usr/local/www/diag_routes.php 8 Sep 2007 18:36:16 -0000 +@@ -34,6 +34,7 @@ + $pgtitle = 'Diagnostics: Routing tables'; + + include('head.inc'); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/diag_traceroute.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/diag_traceroute.php,v +retrieving revision 1.4.2.7 +diff -u -r1.4.2.7 diag_traceroute.php +--- usr/local/www/diag_traceroute.php 25 Apr 2006 22:06:42 -0000 1.4.2.7 ++++ usr/local/www/diag_traceroute.php 8 Sep 2007 18:36:24 -0000 +@@ -32,6 +32,7 @@ + require("guiconfig.inc"); + $pgtitle = "Diagnostics: Traceroute"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + ?> + + +Index: usr/local/www/edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/edit.php,v +retrieving revision 1.35.2.5 +diff -u -r1.35.2.5 edit.php +--- usr/local/www/edit.php 26 Sep 2006 22:49:53 -0000 1.35.2.5 ++++ usr/local/www/edit.php 8 Sep 2007 19:09:08 -0000 +@@ -133,6 +133,7 @@ + $pgtitle = "Diagnostics: Edit File"; + + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/exec.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/exec.php,v +retrieving revision 1.10.4.9 +diff -u -r1.10.4.9 exec.php +--- usr/local/www/exec.php 20 Mar 2007 18:38:33 -0000 1.10.4.9 ++++ usr/local/www/exec.php 8 Sep 2007 19:09:08 -0000 +@@ -52,6 +52,7 @@ + + $pgtitle = "Diagnostics: Execute command"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + ?> + + "; + echo ""; +Index: usr/local/www/firewall_rules_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/firewall_rules_edit.php,v +retrieving revision 1.86.2.34.2.3 +diff -u -r1.86.2.34.2.3 firewall_rules_edit.php +--- usr/local/www/firewall_rules_edit.php 1 Jun 2007 17:12:12 -0000 1.86.2.34.2.3 ++++ usr/local/www/firewall_rules_edit.php 8 Sep 2007 18:45:23 -0000 +@@ -349,10 +349,9 @@ + + $page_filename = "firewall_rules_edit.php"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> +- +- + + + +Index: usr/local/www/firewall_schedule.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/firewall_schedule.php,v +retrieving revision 1.1.2.7.2.2 +diff -u -r1.1.2.7.2.2 firewall_schedule.php +--- usr/local/www/firewall_schedule.php 9 May 2007 02:09:06 -0000 1.1.2.7.2.2 ++++ usr/local/www/firewall_schedule.php 8 Sep 2007 18:45:43 -0000 +@@ -75,6 +75,7 @@ + } + + include("head.inc"); ++echo $pfSenseHead->getHTML(); + ?> + + +Index: usr/local/www/firewall_schedule_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/firewall_schedule_edit.php,v +retrieving revision 1.1.2.15.2.2 +diff -u -r1.1.2.15.2.2 firewall_schedule_edit.php +--- usr/local/www/firewall_schedule_edit.php 7 May 2007 11:46:55 -0000 1.1.2.15.2.2 ++++ usr/local/www/firewall_schedule_edit.php 8 Sep 2007 18:46:49 -0000 +@@ -725,6 +725,9 @@ + + + EOD; ++ ++$pfSenseHead->addScript($jscriptstr); ++echo $pfSenseHead->getHTML(); + ?> + + "> +Index: usr/local/www/firewall_shaper.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/firewall_shaper.php,v +retrieving revision 1.41.2.10 +diff -u -r1.41.2.10 firewall_shaper.php +--- usr/local/www/firewall_shaper.php 25 Mar 2006 00:14:06 -0000 1.41.2.10 ++++ usr/local/www/firewall_shaper.php 8 Sep 2007 18:47:46 -0000 +@@ -189,6 +189,7 @@ + + $pgtitle = "Firewall: Shaper: Rules"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/firewall_shaper_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/firewall_shaper_edit.php,v +retrieving revision 1.28.2.6 +diff -u -r1.28.2.6 firewall_shaper_edit.php +--- usr/local/www/firewall_shaper_edit.php 24 Apr 2006 18:41:52 -0000 1.28.2.6 ++++ usr/local/www/firewall_shaper_edit.php 8 Sep 2007 18:48:15 -0000 +@@ -291,6 +291,8 @@ + $pgtitle = "Firewall: Shaper: Rules: Edit"; + $closehead = false; + include("head.inc"); ++$pfSenseHead->setCloseHead(); ++echo $pfSenseHead->getHTML(); + ?> + + + ++ + + +

+Index: usr/local/www/status_services.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/status_services.php,v +retrieving revision 1.40.2.19.2.4 +diff -u -r1.40.2.19.2.4 status_services.php +--- usr/local/www/status_services.php 2 Jun 2007 20:47:41 -0000 1.40.2.19.2.4 ++++ usr/local/www/status_services.php 8 Sep 2007 19:03:38 -0000 +@@ -142,6 +142,7 @@ + + $pgtitle = "Status: Services"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/status_slbd_pool.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/status_slbd_pool.php,v +retrieving revision 1.3.2.4.2.1 +diff -u -r1.3.2.4.2.1 status_slbd_pool.php +--- usr/local/www/status_slbd_pool.php 28 Apr 2007 16:46:56 -0000 1.3.2.4.2.1 ++++ usr/local/www/status_slbd_pool.php 8 Sep 2007 19:03:44 -0000 +@@ -47,6 +47,7 @@ + + $pgtitle = "Status: Load Balancer: Pool"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/status_slbd_vs.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/status_slbd_vs.php,v +retrieving revision 1.2.2.2 +diff -u -r1.2.2.2 status_slbd_vs.php +--- usr/local/www/status_slbd_vs.php 8 May 2007 16:29:17 -0000 1.2.2.2 ++++ usr/local/www/status_slbd_vs.php 8 Sep 2007 19:03:50 -0000 +@@ -51,6 +51,7 @@ + + $pgtitle = "Status: Load Balancer: Virtual Server"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/status_upnp.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/status_upnp.php,v +retrieving revision 1.1.2.3.2.1 +diff -u -r1.1.2.3.2.1 status_upnp.php +--- usr/local/www/status_upnp.php 23 May 2007 20:26:19 -0000 1.1.2.3.2.1 ++++ usr/local/www/status_upnp.php 8 Sep 2007 19:04:09 -0000 +@@ -49,7 +49,7 @@ + /* put your custom HTML head content here */ + /* using some of the $pfSenseHead function calls */ + //$pfSenseHead->addMeta(""); +-//echo $pfSenseHead->getHTML(); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/status_wireless.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/status_wireless.php,v +retrieving revision 1.9.2.9 +diff -u -r1.9.2.9 status_wireless.php +--- usr/local/www/status_wireless.php 5 May 2006 21:31:47 -0000 1.9.2.9 ++++ usr/local/www/status_wireless.php 8 Sep 2007 19:04:16 -0000 +@@ -36,6 +36,7 @@ + + $pgtitle = "Diagnostics: Wireless Status"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + $if = $_POST['if']; + if($_GET['if'] <> "") +Index: usr/local/www/system.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system.php,v +retrieving revision 1.41.2.7.2.1 +diff -u -r1.41.2.7.2.1 system.php +--- usr/local/www/system.php 6 Jul 2007 18:30:31 -0000 1.41.2.7.2.1 ++++ usr/local/www/system.php 8 Sep 2007 19:04:21 -0000 +@@ -190,6 +190,7 @@ + + $pgtitle = "System: General Setup"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/system_advanced.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system_advanced.php,v +retrieving revision 1.114.2.46.2.4 +diff -u -r1.114.2.46.2.4 system_advanced.php +--- usr/local/www/system_advanced.php 21 Jul 2007 21:22:18 -0000 1.114.2.46.2.4 ++++ usr/local/www/system_advanced.php 8 Sep 2007 19:04:26 -0000 +@@ -266,6 +266,7 @@ + + $pgtitle = "System: Advanced functions"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/system_advanced_create_certs.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system_advanced_create_certs.php,v +retrieving revision 1.14.4.4 +diff -u -r1.14.4.4 system_advanced_create_certs.php +--- usr/local/www/system_advanced_create_certs.php 19 Jan 2006 05:58:23 -0000 1.14.4.4 ++++ usr/local/www/system_advanced_create_certs.php 8 Sep 2007 19:04:32 -0000 +@@ -140,6 +140,7 @@ + + $pgtitle = "System: Advanced functions: Create Certificates"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/system_firmware.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system_firmware.php,v +retrieving revision 1.73.2.12 +diff -u -r1.73.2.12 system_firmware.php +--- usr/local/www/system_firmware.php 14 Mar 2007 19:22:10 -0000 1.73.2.12 ++++ usr/local/www/system_firmware.php 8 Sep 2007 19:04:47 -0000 +@@ -37,6 +37,7 @@ + if(file_exists($d_firmwarelock_path)) { + $pgtitle = "System: Firmware: Manual Update"; + include("head.inc"); ++ echo $pfSenseHead->getHTML(); + echo "\n"; + include("fbegin.inc"); + echo "

\n"; +@@ -124,6 +125,7 @@ + + $pgtitle = "System: Firmware: Manual Update"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/system_firmware_auto.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system_firmware_auto.php,v +retrieving revision 1.52.4.2 +diff -u -r1.52.4.2 system_firmware_auto.php +--- usr/local/www/system_firmware_auto.php 15 Apr 2006 16:50:47 -0000 1.52.4.2 ++++ usr/local/www/system_firmware_auto.php 8 Sep 2007 19:05:05 -0000 +@@ -41,6 +41,7 @@ + + $pgtitle = "System: Firmware: Auto Update"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/system_firmware_check.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system_firmware_check.php,v +retrieving revision 1.38.4.3 +diff -u -r1.38.4.3 system_firmware_check.php +--- usr/local/www/system_firmware_check.php 15 Apr 2006 16:50:47 -0000 1.38.4.3 ++++ usr/local/www/system_firmware_check.php 8 Sep 2007 19:05:21 -0000 +@@ -39,6 +39,7 @@ + $versions = check_firmware_version(); + $pgtitle = "System: Firmware: Auto Update"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/system_firmware_settings.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system_firmware_settings.php,v +retrieving revision 1.15.2.4 +diff -u -r1.15.2.4 system_firmware_settings.php +--- usr/local/www/system_firmware_settings.php 15 Apr 2006 16:50:47 -0000 1.15.2.4 ++++ usr/local/www/system_firmware_settings.php 8 Sep 2007 19:06:04 -0000 +@@ -57,6 +57,8 @@ + + $pgtitle = "System: Firmware: Settings"; + include("head.inc"); ++$pfSenseHead->setCloseHead(false); ++echo $pfSenseHead->getHTML(); + + ?> + +@@ -88,7 +90,7 @@ + + // --> + +- ++ + + +

+Index: usr/local/www/system_routes.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system_routes.php,v +retrieving revision 1.16.2.4.2.2 +diff -u -r1.16.2.4.2.2 system_routes.php +--- usr/local/www/system_routes.php 10 May 2007 16:06:32 -0000 1.16.2.4.2.2 ++++ usr/local/www/system_routes.php 8 Sep 2007 19:06:11 -0000 +@@ -89,6 +89,7 @@ + + $pgtitle = "System: Static Routes"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/system_routes_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/system_routes_edit.php,v +retrieving revision 1.9.4.4.2.1 +diff -u -r1.9.4.4.2.1 system_routes_edit.php +--- usr/local/www/system_routes_edit.php 10 May 2007 16:06:32 -0000 1.9.4.4.2.1 ++++ usr/local/www/system_routes_edit.php 8 Sep 2007 19:06:16 -0000 +@@ -112,6 +112,7 @@ + + $pgtitle = "System: Static Routes: Edit route"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_ipsec.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_ipsec.php,v +retrieving revision 1.28.2.10.2.5 +diff -u -r1.28.2.10.2.5 vpn_ipsec.php +--- usr/local/www/vpn_ipsec.php 5 Jun 2007 00:23:07 -0000 1.28.2.10.2.5 ++++ usr/local/www/vpn_ipsec.php 8 Sep 2007 19:06:38 -0000 +@@ -84,6 +84,7 @@ + + $pgtitle = "VPN: IPsec"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_ipsec_ca.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_ipsec_ca.php,v +retrieving revision 1.12.4.2 +diff -u -r1.12.4.2 vpn_ipsec_ca.php +--- usr/local/www/vpn_ipsec_ca.php 18 Mar 2007 03:37:06 -0000 1.12.4.2 ++++ usr/local/www/vpn_ipsec_ca.php 8 Sep 2007 19:06:42 -0000 +@@ -48,6 +48,7 @@ + + $pgtitle = "VPN: IPsec: Certificate Authority"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_ipsec_ca_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_ipsec_ca_edit.php,v +retrieving revision 1.12.4.2 +diff -u -r1.12.4.2 vpn_ipsec_ca_edit.php +--- usr/local/www/vpn_ipsec_ca_edit.php 2 Jan 2006 23:46:25 -0000 1.12.4.2 ++++ usr/local/www/vpn_ipsec_ca_edit.php 8 Sep 2007 19:06:47 -0000 +@@ -94,6 +94,7 @@ + + $pgtitle = "VPN: IPsec: Certificate Authority: Edit"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_ipsec_ca_edit_create_cert.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_ipsec_ca_edit_create_cert.php,v +retrieving revision 1.13.4.1 +diff -u -r1.13.4.1 vpn_ipsec_ca_edit_create_cert.php +--- usr/local/www/vpn_ipsec_ca_edit_create_cert.php 2 Jan 2006 23:46:25 -0000 1.13.4.1 ++++ usr/local/www/vpn_ipsec_ca_edit_create_cert.php 8 Sep 2007 19:06:53 -0000 +@@ -143,6 +143,7 @@ + + $pgtitle = "VPN: IPSec: Certificate Authority: Create Certificate"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_ipsec_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_ipsec_edit.php,v +retrieving revision 1.29.2.13.2.1 +diff -u -r1.29.2.13.2.1 vpn_ipsec_edit.php +--- usr/local/www/vpn_ipsec_edit.php 8 May 2007 22:06:49 -0000 1.29.2.13.2.1 ++++ usr/local/www/vpn_ipsec_edit.php 8 Sep 2007 19:06:58 -0000 +@@ -263,6 +263,7 @@ + + $pgtitle = "VPN: IPsec: Edit tunnel"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_ipsec_keys.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_ipsec_keys.php,v +retrieving revision 1.15.4.2.2.1 +diff -u -r1.15.4.2.2.1 vpn_ipsec_keys.php +--- usr/local/www/vpn_ipsec_keys.php 8 May 2007 22:06:49 -0000 1.15.4.2.2.1 ++++ usr/local/www/vpn_ipsec_keys.php 8 Sep 2007 19:07:03 -0000 +@@ -48,6 +48,7 @@ + + $pgtitle = "VPN: IPsec: Keys"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_ipsec_keys_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_ipsec_keys_edit.php,v +retrieving revision 1.11.4.2 +diff -u -r1.11.4.2 vpn_ipsec_keys_edit.php +--- usr/local/www/vpn_ipsec_keys_edit.php 2 Jan 2006 23:46:25 -0000 1.11.4.2 ++++ usr/local/www/vpn_ipsec_keys_edit.php 8 Sep 2007 19:07:07 -0000 +@@ -92,6 +92,7 @@ + + $pgtitle = "VPN: IPsec: Edit pre-shared key"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_ipsec_mobile.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_ipsec_mobile.php,v +retrieving revision 1.12.4.2 +diff -u -r1.12.4.2 vpn_ipsec_mobile.php +--- usr/local/www/vpn_ipsec_mobile.php 18 Mar 2007 03:37:06 -0000 1.12.4.2 ++++ usr/local/www/vpn_ipsec_mobile.php 8 Sep 2007 19:07:11 -0000 +@@ -162,6 +162,7 @@ + + $pgtitle = "VPN: IPsec: Mobile"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn.php,v +retrieving revision 1.13.2.2 +diff -u -r1.13.2.2 vpn_openvpn.php +--- usr/local/www/vpn_openvpn.php 30 Jan 2006 02:25:12 -0000 1.13.2.2 ++++ usr/local/www/vpn_openvpn.php 8 Sep 2007 19:07:16 -0000 +@@ -144,6 +144,7 @@ + + $pgtitle = "VPN: OpenVPN"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_ccd.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn_ccd.php,v +retrieving revision 1.1.2.2 +diff -u -r1.1.2.2 vpn_openvpn_ccd.php +--- usr/local/www/vpn_openvpn_ccd.php 30 Jan 2006 02:25:12 -0000 1.1.2.2 ++++ usr/local/www/vpn_openvpn_ccd.php 8 Sep 2007 19:07:20 -0000 +@@ -95,6 +95,7 @@ + + $pgtitle = "VPN: OpenVPN"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_ccd_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn_ccd_edit.php,v +retrieving revision 1.1.2.2 +diff -u -r1.1.2.2 vpn_openvpn_ccd_edit.php +--- usr/local/www/vpn_openvpn_ccd_edit.php 30 Jan 2006 02:25:12 -0000 1.1.2.2 ++++ usr/local/www/vpn_openvpn_ccd_edit.php 8 Sep 2007 19:07:26 -0000 +@@ -209,6 +209,7 @@ + + $pgtitle = "VPN: OpenVPN: Edit client-specific configuration"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_cli.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn_cli.php,v +retrieving revision 1.16.2.3 +diff -u -r1.16.2.3 vpn_openvpn_cli.php +--- usr/local/www/vpn_openvpn_cli.php 30 Jan 2006 02:25:12 -0000 1.16.2.3 ++++ usr/local/www/vpn_openvpn_cli.php 8 Sep 2007 19:07:31 -0000 +@@ -83,6 +83,7 @@ + + $pgtitle = "VPN: OpenVPN"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_cli_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn_cli_edit.php,v +retrieving revision 1.15.2.3 +diff -u -r1.15.2.3 vpn_openvpn_cli_edit.php +--- usr/local/www/vpn_openvpn_cli_edit.php 30 Jan 2006 02:25:12 -0000 1.15.2.3 ++++ usr/local/www/vpn_openvpn_cli_edit.php 8 Sep 2007 19:07:36 -0000 +@@ -285,6 +285,7 @@ + + $pgtitle = "VPN: OpenVPN: Edit client"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_create_certs.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_openvpn_create_certs.php,v +retrieving revision 1.14.4.2 +diff -u -r1.14.4.2 vpn_openvpn_create_certs.php +--- usr/local/www/vpn_openvpn_create_certs.php 7 Apr 2006 21:36:51 -0000 1.14.4.2 ++++ usr/local/www/vpn_openvpn_create_certs.php 8 Sep 2007 19:07:57 -0000 +@@ -151,6 +151,8 @@ + + $pgtitle = "VPN: OpenVPN: Create Certs"; + include("head.inc"); ++$pfSenseHead->setCloseHead(false); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_crl.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn_crl.php,v +retrieving revision 1.1.2.2 +diff -u -r1.1.2.2 vpn_openvpn_crl.php +--- usr/local/www/vpn_openvpn_crl.php 30 Jan 2006 02:25:12 -0000 1.1.2.2 ++++ usr/local/www/vpn_openvpn_crl.php 8 Sep 2007 19:08:02 -0000 +@@ -76,6 +76,7 @@ + + $pgtitle = "VPN: OpenVPN"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_crl_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn_crl_edit.php,v +retrieving revision 1.1.2.2 +diff -u -r1.1.2.2 vpn_openvpn_crl_edit.php +--- usr/local/www/vpn_openvpn_crl_edit.php 30 Jan 2006 02:25:12 -0000 1.1.2.2 ++++ usr/local/www/vpn_openvpn_crl_edit.php 8 Sep 2007 19:08:07 -0000 +@@ -152,6 +152,7 @@ + + $pgtitle = "VPN: OpenVPN: Edit CRL"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_srv.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn_srv.php,v +retrieving revision 1.1.2.3 +diff -u -r1.1.2.3 vpn_openvpn_srv.php +--- usr/local/www/vpn_openvpn_srv.php 30 Jan 2006 02:25:12 -0000 1.1.2.3 ++++ usr/local/www/vpn_openvpn_srv.php 8 Sep 2007 19:08:11 -0000 +@@ -84,6 +84,7 @@ + + $pgtitle = "VPN: OpenVPN"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_openvpn_srv_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/Attic/vpn_openvpn_srv_edit.php,v +retrieving revision 1.1.2.3 +diff -u -r1.1.2.3 vpn_openvpn_srv_edit.php +--- usr/local/www/vpn_openvpn_srv_edit.php 30 Jan 2006 02:25:12 -0000 1.1.2.3 ++++ usr/local/www/vpn_openvpn_srv_edit.php 8 Sep 2007 19:08:16 -0000 +@@ -513,6 +513,7 @@ + + $pgtitle = "VPN: OpenVPN: Edit server"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_pppoe.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_pppoe.php,v +retrieving revision 1.14.2.8.2.1 +diff -u -r1.14.2.8.2.1 vpn_pppoe.php +--- usr/local/www/vpn_pppoe.php 27 Apr 2007 20:19:26 -0000 1.14.2.8.2.1 ++++ usr/local/www/vpn_pppoe.php 8 Sep 2007 19:08:22 -0000 +@@ -139,6 +139,7 @@ + + $pgtitle = "VPN: PPPoE"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_pppoe_users.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_pppoe_users.php,v +retrieving revision 1.5.2.4.2.1 +diff -u -r1.5.2.4.2.1 vpn_pppoe_users.php +--- usr/local/www/vpn_pppoe_users.php 8 May 2007 22:06:49 -0000 1.5.2.4.2.1 ++++ usr/local/www/vpn_pppoe_users.php 8 Sep 2007 19:08:26 -0000 +@@ -67,6 +67,7 @@ + + $pgtitle = "VPN: PPPoE: Users"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_pppoe_users_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_pppoe_users_edit.php,v +retrieving revision 1.3.2.3 +diff -u -r1.3.2.3 vpn_pppoe_users_edit.php +--- usr/local/www/vpn_pppoe_users_edit.php 11 Mar 2006 20:35:47 -0000 1.3.2.3 ++++ usr/local/www/vpn_pppoe_users_edit.php 8 Sep 2007 19:08:32 -0000 +@@ -113,6 +113,7 @@ + + $pgtitle = "VPN: PPPoE: User: Edit"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_pptp.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_pptp.php,v +retrieving revision 1.21.2.5 +diff -u -r1.21.2.5 vpn_pptp.php +--- usr/local/www/vpn_pptp.php 5 May 2006 02:15:20 -0000 1.21.2.5 ++++ usr/local/www/vpn_pptp.php 8 Sep 2007 19:08:36 -0000 +@@ -148,6 +148,7 @@ + + $pgtitle = "VPN PPTP"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_pptp_users.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_pptp_users.php,v +retrieving revision 1.16.2.3.2.1 +diff -u -r1.16.2.3.2.1 vpn_pptp_users.php +--- usr/local/www/vpn_pptp_users.php 8 May 2007 22:06:49 -0000 1.16.2.3.2.1 ++++ usr/local/www/vpn_pptp_users.php 8 Sep 2007 19:08:42 -0000 +@@ -65,6 +65,7 @@ + + $pgtitle = "VPN: PPTP: Users"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/vpn_pptp_users_edit.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/vpn_pptp_users_edit.php,v +retrieving revision 1.12.4.3 +diff -u -r1.12.4.3 vpn_pptp_users_edit.php +--- usr/local/www/vpn_pptp_users_edit.php 19 Jan 2007 16:39:07 -0000 1.12.4.3 ++++ usr/local/www/vpn_pptp_users_edit.php 8 Sep 2007 19:08:47 -0000 +@@ -110,6 +110,7 @@ + + $pgtitle = "VPN: PPTP: User: Edit"; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + +Index: usr/local/www/wizard.php +=================================================================== +RCS file: /cvsroot/pfSense/usr/local/www/wizard.php,v +retrieving revision 1.46.2.15 +diff -u -r1.46.2.15 wizard.php +--- usr/local/www/wizard.php 6 Feb 2007 19:33:01 -0000 1.46.2.15 ++++ usr/local/www/wizard.php 8 Sep 2007 19:08:58 -0000 +@@ -148,6 +148,7 @@ + + $pgtitle = $title; + include("head.inc"); ++echo $pfSenseHead->getHTML(); + + ?> + diff --git a/packages/authng/pkg/authng.inc b/packages/authng/pkg/authng.inc new file mode 100644 index 00000000..a9b95838 --- /dev/null +++ b/packages/authng/pkg/authng.inc @@ -0,0 +1,78 @@ + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +require_once("authng_authmethods.inc"); +require_once("authng_backends.inc"); +require_once("authng_peers.inc"); + +// TODO: Define user- and groupindex array + +// get principal store type from config.xml +$principalStore = $config['system']['webgui']['principal_store']; +// get PeerFactory instance +$peerFactory =& PeerFactory::getInstance(); +// get the actual UserPeer that holds the user index +$userPeer =& $peerFactory->getUserPeerByPrincipalStore($principalStore); +// get the actual GroupPeer that holds the user index +$groupPeer =& $peerFactory->getGroupPeerByPrincipalStore($principalStore); +// get AuthMethodFactory instance +$authMethodFactory =& AuthMethodFactory::getInstance(); +// get BackendFactory instance +$backendFactory =& BackendFactory::getInstance(); +// get the actual auth method +$authMethod =& $authMethodFactory->getAuthMethodByName($config['system']['webgui']['auth_method']); +// get the actual backend +$backend =& $backendFactory->getBackendByName($config['system']['webgui']['backing_method']); + +function syncPackageAuthNG() { +} + +function installPackageAuthNG() { + mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-pfSenseHead.diff"); + mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-fbegin.inc.diff"); + mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-guiconfig.inc.diff"); + mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-globals.inc.diff"); +} + +function deinstallPackageAuthNG() { + mwexec("cd / && /usr/bin/patch -R < /usr/local/pkg/authng-pfSenseHead.diff"); + mwexec("cd / && /usr/bin/patch -R < /usr/local/pkg/authng-fbegin.inc.diff"); + mwexec("cd / && /usr/bin/patch -R < /usr/local/pkg/authng-guiconfig.inc.diff"); + mwexec("cd / && /usr/bin/patch -R < /usr/local/pkg/authng-globals.inc.diff"); +} +?> \ No newline at end of file diff --git a/packages/authng/pkg/authng.xml b/packages/authng/pkg/authng.xml new file mode 100644 index 00000000..cebcea93 --- /dev/null +++ b/packages/authng/pkg/authng.xml @@ -0,0 +1,194 @@ + + + + + + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + + + This package provides a user- and groupmanager which + allows to add arbitrary groups to the system and assign + them to a particular group. + + Permission control is provided on a per group basis. + + + This package is supposed to be run on RELENG based pfSense systems. + + Currently there are no FAQ items provided. + authng + 1.0 + System: User Manager + /usr/local/pkg/authng.inc + + + Auth Manager +

System

+ /system_usermanager.php + + + + + ['installedpackages']['authng']['config'] + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/authng/www/php/system_usermanager.php + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/authng/www/php/system_usermanager_edit.php + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/authng/www/php/system_usermanager_settings.php + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/authng/www/php/system_groupmanager.php + + + /usr/local/www/ + 0755 + http://www.pfsense.com/packages/config/authng/www/php/head.inc + + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/pkg/authng_classdefs.inc + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/pkg/authng_peers.inc + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/pkg/authng.inc + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/pkg/authng_backends.inc + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/pkg/authng_authmethods.inc + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/pkg/authng_authgui.inc + + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/diff/authng-pfSenseHead.diff + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/diff/authng-fbegin.inc.diff + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/diff/authng-globals.inc.diff + + + /usr/local/pkg/ + 0755 + http://www.pfsense.com/packages/config/authng/diff/authng-guiconfig.inc.diff + + + + /usr/bin/ + 0755 + http://www.pfsense.com/packages/config/authng/bin/patch + + + + + syncPackageAuthNG(); + + + installPackageAuthNG(); + + + deinstallPackageAuthNG(); + + diff --git a/packages/authng/pkg/authng_authgui.inc b/packages/authng/pkg/authng_authgui.inc new file mode 100644 index 00000000..0556883e --- /dev/null +++ b/packages/authng/pkg/authng_authgui.inc @@ -0,0 +1,287 @@ + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +require_once("authng.inc"); + +/* Authenticate user - exit if failed (we should have a callback for this maybe) */ +if (empty($authMethod)) { print "auth_method missing!\n"; } +if (empty($backend)) { print "backing_method missing!\n"; } +if (!$authMethod->authenticate($backend)) { exit; } + +/* scriptname is set in headjs.php if the user did try to access a page other + * than index.php without beeing logged in. + */ +if (isset($_POST['scriptname']) && isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { + pfSenseHeader("{$_POST['scriptname']}"); + exit; +} + +$allowed = array(); + +// Once here, the user has authenticated with the web server. +// Now, we give them access only to the appropriate pages for their group. +if (!(isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))) { + $allowed[] = ''; + if (isset($config['system']['group'][$groupindex[$config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['groupname']]]['pages'][0]['page'])) { + $useridx = $userindex[$HTTP_SERVER_VARS['AUTH_USER']]; + $grouidx = $groupindex[$config['system']['user'][$useridx]]; + $allowed = &$config['system']['group'][$groupidx]['pages'][0]['page']; + } + + $group = $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['groupname']; + /* get the group homepage, to be able to forward + * the user to this particular PHP page. + */ + getGroupHomePage($group) == "" ? $home = "/index.php" : $home = "/" . getGroupHomePage($group); + + /* okay but if the user realy tries to explicitely access a particular + * page, set $home to that page instead. + */ + if (isset($_POST['scriptname']) && $_POST['scriptname'] <> "/" && $_POST['scriptname'] <> "/index.php") + $home = basename($_POST['scriptname']); + + // If the user is attempting to hit the default page, set it to specifically look for /index.php. + // Without this, any user would have access to the index page. + //if ($_SERVER['SCRIPT_NAME'] == '/') + // $_SERVER['SCRIPT_NAME'] = $home; + + // Strip the leading / from the currently requested PHP page + if (!in_array(basename($_SERVER['SCRIPT_NAME']),$allowed)) { + // The currently logged in user is not allowed to access the page + // they are attempting to go to. Redirect them to an allowed page. + + if(stristr($_SERVER['SCRIPT_NAME'],"sajax")) { + echo "||Access to AJAX has been disallowed for this user."; + exit; + } + + if ($home <> "" && in_array($home, $allowed)) { + pfSenseHeader("{$home}"); + exit; + } else { + header("HTTP/1.0 401 Unauthorized"); + header("Status: 401 Unauthorized"); + + echo display_error_form("401", "401 Unauthorized. Authorization required."); + exit; + } + } + + if (isset($_SESSION['Logged_In'])) { + /* + * only forward if the user has just logged in + * TODO: session auth based - may be an issue. + */ + if ($_SERVER['SCRIPT_NAME'] <> $home && empty($_SESSION['First_Visit'])) { + $_SESSION['First_Visit'] = "False"; + pfSenseHeader("{$home}"); + exit; + } + } +} + +function display_error_form($http_code, $desc) { + global $g; + + $htmlstr = << + + + + An error occurred: {$http_code} + + + + + + + + + +

{$desc}

+ + + +EOD; + + return $htmlstr; +} + +function display_login_form() { + require_once("globals.inc"); + global $g; + + if(isAjax()) { + if (isset($_POST['login'])) { + if($_SESSION['Logged_In'] <> "True") { + isset($_SESSION['Login_Error']) ? $login_error = $_SESSION['Login_Error'] : $login_error = "unknown reason"; + echo "showajaxmessage('Invalid login ({$login_error}).');"; + } + if (file_exists("{$g['tmp_path']}/webconfigurator.lock")) { + $whom = file_get_contents("{$g['tmp_path']}/webconfigurator.lock"); + echo "showajaxmessage('This device is currently beeing maintained by: {$whom}.');"; + } + } + exit; + } + +?> + + + + + + <?=gettext("Login"); ?> + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/packages/authng/pkg/authng_authmethods.inc b/packages/authng/pkg/authng_authmethods.inc new file mode 100644 index 00000000..15e15566 --- /dev/null +++ b/packages/authng/pkg/authng_authmethods.inc @@ -0,0 +1,222 @@ + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +class AbstractAuthMethod { + function authenticate($backend) { + trigger_error('AbstractAuthMethod::authenticate() needs to be overridden in a subclass.', E_USER_ERROR); + } +} + +class BasicAuthMethod extends AbstractAuthMethod { + function authenticate($backend) { + global $HTTP_SERVER_VARS; + + /* Check for AUTH_USER */ + if ($HTTP_SERVER_VARS['PHP_AUTH_USER'] <> "") { + $HTTP_SERVER_VARS['AUTH_USER'] = $HTTP_SERVER_VARS['PHP_AUTH_USER']; + $HTTP_SERVER_VARS['AUTH_PW'] = $HTTP_SERVER_VARS['PHP_AUTH_PW']; + } + if (!isset($HTTP_SERVER_VARS['AUTH_USER'])) { + require_once("authng_authgui.inc"); + header("WWW-Authenticate: Basic realm=\".\""); + header("HTTP/1.0 401 Unauthorized"); + display_error_form("401", gettext("You must enter valid credentials to access this resource.")); + exit; + } else { + return $backend($HTTP_SERVER_VARS['AUTH_USER'],$HTTP_SERVER_VARS['AUTH_PW']); + } + } +} + +class SessionAuthMethod extends AbstractAuthMethod { + function authenticate($backend) { + global $g, $HTTP_SERVER_VARS, $userindex, $config; + + session_start(); + + /* Validate incoming login request */ + if (isset($_POST['login'])) { + if ($backend($_POST['usernamefld'], $_POST['passwordfld'])) { + $_SESSION['Logged_In'] = "True"; + $_SESSION['Username'] = $_POST['usernamefld']; + $_SESSION['last_access'] = time(); + } else { + $_SESSION['Login_Error'] = "Username or password incorrect."; + } + } + + /* Show login page if they aren't logged in */ + if (empty($_SESSION['Logged_In'])) { + + /* Don't display login forms to AJAX */ + if (isAjax()) + return false; + + require_once("authng_authgui.inc"); + display_login_form(); + return false; + } else { + /* If session timeout isn't set, we don't mark sessions stale */ + if (!isset($config['system']['webgui']['session_timeout']) or + $config['system']['webgui']['session_timeout'] == 0 or + $config['system']['webgui']['session_timeout'] == "") + $_SESSION['last_access'] = time(); + else + /* Check for stale session */ + if ($_SESSION['last_access'] < (time() - ($config['system']['webgui']['session_timeout'] * 60))) + $_GET['logout'] = true; + else + /* only update if it wasn't ajax */ + if (!isAjax()) + $_SESSION['last_access'] = time(); + + /* user hit the logout button */ + if (isset($_GET['logout'])) { + if (hasLockAbility($_SESSION['Username'])) { + unlink_if_exists("{$g['tmp_path']}/webconfigurator.lock"); + } + + /* wipe out $_SESSION */ + $_SESSION = array(); + + if (isset($_COOKIE[session_name()])) { + setcookie(session_name(), '', time()-42000, '/'); + } + + /* and destroy it */ + session_destroy(); + + $scriptName = split("/", $_SERVER["SCRIPT_FILENAME"]); + $scriptElms = count($scriptName); + $scriptName = $scriptName[$scriptElms-1]; + + if (isAjax()) + return false; + + /* redirect to page the user is on, it'll prompt them to login again */ + pfSenseHeader($scriptName); + + return false; + + /* user wants to explicitely delete the log file. + * Requires a particular privilege. + */ + } else if ($_GET['deletelock'] && hasLockAbility($_SESSION['Username'])) { + unlink_if_exists("{$g['tmp_path']}/webconfigurator.lock"); + $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; + return true; + + /* this is for debugging purpose if you do not want to use Ajax + * to submit a HTML form. It basically disables the observation + * of the submit event and hence does not trigger Ajax. + */ + } else if ($_GET['disable_ajax']) { + $_SESSION['NO_AJAX'] = "True"; + $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; + return true; + + /* Same to re-enable Ajax. + */ + } else if ($_GET['enable_ajax']) { + unset($_SESSION['NO_AJAX']); + $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; + return true; + + /* user wants to explicitely create a lock. + * Requires a particular privilege. + */ + } else if ($_GET['createlock'] && hasLockAbility($_SESSION['Username'])) { + $fd = fopen("{$g['tmp_path']}/webconfigurator.lock", "w"); + fputs($fd, "{$_SERVER['REMOTE_ADDR']} (" . + getRealName($_SESSION['Username']) . ")"); + fclose($fd); + /* if the user did delete the lock manually, do not + * re-create it while the session is valide. + */ + $_SESSION['Lock_Created'] = "True"; + $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; + return true; + + /* proceed with the login process */ + } else { + /* if the user is allowed to create a lock, + * create it once per session. + */ + if (hasLockAbility($_SESSION['Username']) && + ! isset($_SESSION['Lock_Created'])) { + + $fd = fopen("{$g['tmp_path']}/webconfigurator.lock", "w"); + fputs($fd, "{$_SERVER['REMOTE_ADDR']} (" . + getRealName($_SESSION['Username']) . ")"); + fclose($fd); + /* if the user did delete the lock manually, do not + * re-create it while the session is valide. + */ + $_SESSION['Lock_Created'] = "True"; + + /* give regular users a chance to automatically invalidate + * a lock if its older than a particular time. + */ + } else if (! hasLockAbility($_SESSION['Username']) && + file_exists("{$g['tmp_path']}/webconfigurator.lock")) { + + $offset = 12; //hours + $mtime = filemtime("{$g['tmp_path']}/webconfigurator.lock"); + $now_minus_offset = mktime(date("H") - $offset, 0, 0, date("m"), date("d"), date("Y")); + + if (($mtime - $now_minus_offset) < $mtime) { + require_once("auth/authgui.inc"); + display_login_form(); + return false; + } else { + /* file is older than mtime + offset which may + * indicate a stale lockfile, hence we are going + * to remove it. + */ + unlink_if_exists("{$g['tmp_path']}/webconfigurator.lock"); + } + } + + $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; + return true; + } // end if + } // end if + } // end function +} + +?> \ No newline at end of file diff --git a/packages/authng/pkg/authng_backends.inc b/packages/authng/pkg/authng_backends.inc new file mode 100644 index 00000000..1b58e6c1 --- /dev/null +++ b/packages/authng/pkg/authng_backends.inc @@ -0,0 +1,234 @@ + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +class AbstractBackend { + function authenticate($username, $passwd) { + trigger_error('AbstractBackend::authenticate() needs to be overridden in a subclass.', E_USER_ERROR); + } +} + +class HtpasswdBackend extends AbstractBackend { + function HtpasswdBackend() { + } + + function authenticate($username, $passd) { + $authfile = file("/var/run/htpasswd"); + + /* sanity check to ensure that /usr/local/www/.htpasswd doesn't exist */ + unlink_if_exists("/usr/local/www/.htpasswd"); + + $matches=""; + if(!($line = array_shift(preg_grep("/^$username:.*$/", $authfile)))) + return false; + + /* Get crypted password */ + preg_match("/^$username:((\\$1\\$[.\d\w_\/]{8}\\$)[.\d\w_\/]{22})$/", $line, $matches); + $pass = $matches[1]; + $salt = $matches[2]; + + /* Encrypt entered password with salt + * And finally validate password + */ + if ($pass == crypt($passwd, $salt)) + return true; + else + return false; + } +} + +class PasswdBackend extends AbstractBackend { + function PasswdBackend() { + } + + function authenticate($username, $passd) { + $authfile = file("/etc/master.passwd"); + + $matches=""; + + /* Check to see if user even exists */ + if(!($line = array_shift(preg_grep("/^$username:.*$/", $authfile)))) + return false; + + /* Get crypted password */ + preg_match("/^$username:((\\$1\\$[.\d\w_\/]{8}\\$)[.\d\w_\/]{22})$/", $line, $matches); + $pass = $matches[1]; + $salt = $matches[2]; + + /* Encrypt entered password with salt + * And finally validate password + */ + if ($pass == crypt($passwd, $salt)) + return true; + else + return false; + } +} + +class PamBackend extends AbstractBackend { + function PamBackend() { + } + + function authenticate($username, $passd) { + /* we do not support blank pwds, don't we? */ + if ($username == "" || passwd == "") { return false; } + + if(! extension_loaded( 'pam_auth' )) { + if(! @dl( 'pam_auth.so' )) { + return false; + } else { + /* no php file no auth, sorry */ + if (! file_exists("/etc/pam.d/php")) { + if (! file_exists("/etc/pam.d")) { mkdir("/etc/pam.d"); } + + $pam_php = <<addServer($radsrv['ipaddr'], $radsrv['port'], $radsrv['sharedsecret']); + } + + if (!$rauth->start()) { + $retvalue['auth_val'] = 1; + $retvalue['error'] = $rauth->getError(); + if ($debug) + printf("Radius start: %s", $retvalue['error']); + } + + // XXX - billm - somewhere in here we need to handle securid challenge/response + + // Send request + $result = $rauth->send(); + + if (PEAR::isError($result)) { + $retvalue['auth_val'] = 1; + $retvalue['error'] = $result->getMessage(); + if ($debug) + printf("Radius send failed: %s", $retvalue['error']); + } else if ($result === true) { + $retvalue['auth_val'] = 2; + if ($debug) + printf (gettext("Radius Auth succeeded")); + $ret = true; + } else { + $retvalue['auth_val'] = 3; + if ($debug) + printf (gettext("Radius Auth rejected")); + } + // close OO RADIUS_AUTHENTICATION + $rauth->close(); + + return $ret; + } // end function +} + +class LdapBackend extends AbstractBackend { + function LdapBackend() { + } + + function authenticate($username, $passwd) { + $ldapserver = $config['system']['ldap']['server']; + $ldapport = isset($config['system']['ldap']['port']) ? $config['system']['ldap']['server'] : 389; + $retval = false; + + $connection = ldap_connect($ldapserver, $ldapport) + or die("Could not connect to $ldaphost"); + + if ($connection) { + $bind = ldap_bind($connection); + + if ($bind) { + $basedn = $config['system']['ldap']['basedn']; + $result = ldap_search($connection, $basedn, "uid={$username}"); + $info = ldap_get_entries($connection, $result); + $userPassword = $info[0]['userPassword']; + + if ($userPassword == $passwd) { + $retval = true; + } else { + $retval = false; + } + } // end if + } // end if + + return $retval; + } +} +?> \ No newline at end of file diff --git a/packages/authng/pkg/authng_classdefs.inc b/packages/authng/pkg/authng_classdefs.inc new file mode 100644 index 00000000..a61361b3 --- /dev/null +++ b/packages/authng/pkg/authng_classdefs.inc @@ -0,0 +1,466 @@ + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +class SingletonInterface extends Object { + function __construct() { + // Perform object initialization here. + } + + function &__getInstanceImp($name) { + static $instances = array(); + if (!isset($instances[$name])) { + $instances[$name] = new $name(); // No changes necessary here. + } + return $instances[$name]; + } + + function &getInstance() { + trigger_error('SingletonInterface::getInstance() needs to be overridden in a subclass.', E_USER_ERROR); + } +} + +class AuthMethodFactory extends SingletonInterface { + function __construct() { + // Perform object initialization here. + parent::__construct(); + } + + function &getInstance() { + return parent::__getInstanceImp('AuthMethodFactory'); + } + + function &getBackendByName($name) { + $result = null; + + /* Each name links to an entry in config.xml + * Example: session + */ + switch ($name) { + case "htpasswd": + $result = new HtpasswdBackend(); + break; + case "pam": + $result = new PamBackend(); + break; + case "radius": + $result = new RadiusBackend(); + break; + case "passwd": + $result = new PasswdBackend(); + break; + case "ldap": + $result = new LdapBackend(); + break; + default: + } + + return $result; + } +} + +class BackendFactory extends SingletonInterface { + function __construct() { + // Perform object initialization here. + parent::__construct(); + } + + function &getInstance() { + return parent::__getInstanceImp('BackendFactory'); + } + + function &getAuthMethodByName($name) { + $result = null; + + /* Each name links to an entry in config.xml + * Example: htpasswd + */ + switch ($name) { + case "session": + $result = new SessionAuthMethod(); + break; + case "basic": + $result = new BasicAuthMethod(); + break; + default: + } + + return $result; + } +} + +class AuthngAuxiliary { + /* ========================================================================== */ + /* == Auxiliary Functions == */ + /* ========================================================================== */ + function &getSystemAdminNames() { + global $config, $g, $userindex; + $adminUsers = array(); + + if (is_array($config['system']['user'])) { + foreach($config['system']['user'] as $user){ + if (isSystemAdmin($user['name'])) { + $adminUsers[] = $user['name']; + } + } // end foreach + } // end if + + return $adminUsers; + } // end function + + function assignUID($username = "") { + global $userindex, $config, $g; + + if ($username == "") { return; } + + $nextuid = $config['system']['nextuid']; + $user =& $config['system']['user'][$userindex[$username]]; + + if (empty($user['uid'])) { + $user['uid'] = $nextuid; + $nextuid++; + $config['system']['nextuid'] = $nextuid; + + write_config(); + + return $user; + } // end if + } // end function +} + +class AuthngPrivilege { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + var $id; + var $name; + var $description; + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function AuthngPrivilege() { + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + function getId() { + return $this->id; + } + + function setId($id) { + $this->id = $id; + } + + function getName() { + return $this->name; + } + + function setName($name) { + $this->name = $name; + } + + function getDescription() { + return $this->description; + } + + function setDescription($desc) { + $this->description = $desc; + } +} + +class SystemPrivileges { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + var $privileges = array(); + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function SystemPrivileges() { + $newPriv = new Privilege(); + $newPriv->setId("lockwc"); + $newPriv->setName("Lock webConfigurator"); + $newPriv->setDescription("Indicates whether this user will lock access to the webConfigurator for other users."); + + $this->privileges[$newPriv->getId()] = $newPriv; + + $newPriv = new Privilege(); + $newPriv->setId("lock-ipages"); + $newPriv->setName("Lock individual pages"); + $newPriv->setDescription("Indicates whether this user will lock individual " . + "HTML pages after having accessed a particular page" . + "(the lock will be freed if the user leaves or " . + "saves the page form)."); + + $this->privileges[$newPriv->getId()] = $newPriv; + + $newPriv = new Privilege(); + $newPriv->setId("hasshell"); + $newPriv->setName("Has shell access"); + $newPriv->setDescription("Indicates whether this user is able to login for " . + "example via SSH."); + + $this->privileges[$newPriv->getId()] = $newPriv; + + $newPriv = new Privilege(); + $newPriv->setId("copyfiles"); + $newPriv->setName("Is allowed to copy files"); + $newPriv->setDescription("Indicates whether this user is allowed to copy files " . + "onto the {$g['product_name']} appliance via SCP/SFTP. " . + "If you are going to use this privilege, you must install " . + "scponly on the appliance (Hint: pkg_add -r scponly)."); + + $this->privileges[$newPriv->getId()] = $newPriv; + + $newPriv = new Privilege(); + $newPriv->setId("isroot"); + $newPriv->setName("Is root user"); + $newPriv->setDescription("This user is associated with the UNIX root user " . + "(you should associate this privilege only with one " . + "single user)."); + + $this->privileges[$newPriv->getId()] = $newPriv; + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + function getPrivileges() { + return $this->privileges; + } + + function setPrivileges($privs) { + $this->privileges = $privs; + } + + function getPrivilegeById($id) { + return $this->privileges[$id]; + } + + function setPrivilegeById($privilege, $id) { + return $this->privileges[$id] = $privilege; + } +} + +class AuthngUser { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + var $name; + var $fullname; + var $scope; + var $groupname; + var $password; + var $uid; + var $systemAdmin = false; + var $unixRoot = false; + var $privileges = array(); + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function AuthngUser() { + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + function isSystemAdmin() { + return $this->systemAdmin; + } + + function setIsSystemAdmin($flag = false) { + $this->systemAdmin = $flag; + } + + function isUNIXRoot() { + return $this->unixRoot; + } + + function setIsUNIXRoot($flag = false) { + $this->unixRoot = $flag; + } + + function getName() { + return $this->name; + } + + function setName($name) { + $this->name = $name; + } + + function getFullname() { + return $this->fullname; + } + + function setFullname($name) { + $this->fullname = $name; + } + + function getScope() { + return $this->scope; + } + + function setScope($scope) { + $this->scope = $scope; + } + + function getGroupname() { + return $this->groupname; + } + + function setGroupname($name) { + $this->groupname = $name; + } + + function getPassword() { + return $this->password; + } + + function setPassword($pwd) { + $this->password = $pwd; + } + + function getUid() { + return $this->uid; + } + + function setUid($uid) { + $this->uid = $uid; + } + + function getPrivileges() { + return $this->privileges; + } + + function setPrivileges($privs) { + $this->privileges = $privs; + } + + function addPrivilege($priv) { + $this->privileges[] = $priv; + } +} + +class AuthngGroup { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + var $name; + var $description; + var $scope; + var $pages = array(); + var $home; + var $gid; + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function AuthngGroup() { + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + function getName() { + return $this->name; + } + + function setName($name) { + $this->name = $name; + } + + function getDescription() { + return $this->description; + } + + function setDescription($desc) { + $this->description = $desc; + } + + function getScope() { + return $this->scope; + } + + function setScope($scope) { + $this->scope = $scope; + } + + function getPages() { + return $this->pages; + } + + function setPages($pages) { + $this->pages = $pages; + } + function getHome() { + return $this->home; + } + + function setHome($home) { + $this->home = $home; + } + + function getGid() { + return $this->gid; + } + + function setGid($gid) { + $this->gid = $gid; + } + + function addPage($page) { + $this->pages[] = $page; + } +} + +?> \ No newline at end of file diff --git a/packages/authng/pkg/authng_peers.inc b/packages/authng/pkg/authng_peers.inc new file mode 100644 index 00000000..cc75c94c --- /dev/null +++ b/packages/authng/pkg/authng_peers.inc @@ -0,0 +1,471 @@ + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +require_once("authng_classdefs"); + +class PeerFactory extends SingletonInterface { + function __construct() { + // Perform object initialization here. + parent::__construct(); + } + + function &getInstance() { + return parent::__getInstanceImp('PeerFactory'); + } + + function &getGroupPeerByPrincipalStore($store) { + $result = null; + + /* Each name links to an entry in config.xml + * Example: xml + */ + switch ($name) { + case "xml": + $result = new XMLGroupPeer(); + break; + case "ldap": + trigger_error('PeerFactory::getGroupPeerByPrincipal() LDAP peer type is not supported.', E_USER_ERROR); + break; + case "db": + trigger_error('PeerFactory::getGroupPeerByPrincipal() DB peer type is not supported.', E_USER_ERROR); + break; + default: + } + + return $result; + } + + function &getUserPeerByPrincipalStore($store) { + $result = null; + + /* Each name links to an entry in config.xml + * Example: xml + */ + switch ($name) { + case "xml": + $result = new XMLUserPeer(); + break; + case "ldap": + trigger_error('PeerFactory::getGroupPeerByPrincipal() LDAP peer type is not supported.', E_USER_ERROR); + break; + case "db": + trigger_error('PeerFactory::getGroupPeerByPrincipal() DB peer type is not supported.', E_USER_ERROR); + break; + default: + } + + return $result; + } +} + +/** + * @author Daniel S. Haischt + * @abstract + */ +class AbstractPrivilegePeer { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + var $privilege_index; + var $privileges; + var $userPeer; + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function AbstractPrivilegePeer() { + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + function setUserPeer($peer) { + $this->userPeer = $peer; + } + + function getUserPeer() { + return $this->userPeer; + } + + /** + * @return mixed int array of priv indexes + */ + function getPrivilegeIndex() { + return $this->privilege_index; + } + + /** + * @param string a priv name + * @return int the index that corresponds to a username + */ + function getPrivilegeIndexByID($id) { + return $this->privilege_index[$id]; + } + + /** + * @param int an index + * @return mixed an instance of AuthngPrivilege + */ + function getPrivilegeByIndex($index) { + return $this->privileges[$index]; + } +} + +/** + * @author Daniel S. Haischt + * @abstract + */ +class AbstractUserPeer { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + var $user_index; + var $users; + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function AbstractUserPeer() { + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + /** + * @return mixed int array of user indexes + */ + function getUserIndex() { + return $this->user_index; + } + + /** + * @param string a username + * @return int the index that corresponds to a username + */ + function getUserIndexByName($username) { + return $this->user_index[$username]; + } + + /** + * @param int an index + * @return mixed an instance of AuthngUser + */ + function getUserByIndex($index) { + return $this->users[$index]; + } +} + +/** + * @author Daniel S. Haischt + * @abstract + */ +class AbstractGroupPeer { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + var $group_index; + var $groups; + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function AbstractGroupPeer() { + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + function getGroupIndex() { + return $this->group_index; + } + + function getGroupIndexByName($groupname) { + return $this->group_index[$groupname]; + } + + function getGroupByIndex($index) { + return $this->groups[$index]; + } +} + +/** + * @author Daniel S. Haischt + */ +class XMLPrivilegePeer extends AbstractPrivilegePeer { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function XMLPrivilegePeer($userPeer) { + global $g, $config; + + parent::AbstractPrivilegePeer(); + + $this->setUserPeer($peer); + + foreach ($peer->users as $userent) { + foreach ($userent->getPrivileges() as $privent) { + $this->privileges[$userent->getName()] = $privent; + } + } + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + /* ========================================================================== */ + /* == Helper Methods == */ + /* ========================================================================== */ + + function addPrivilegeFromEnt(&$ent) { + $newPrivilege = new AuthngUser(); + $newPrivilege->setId($ent['id']); + $newPrivilege->setName($ent['name']); + $newPrivilege->setDescription($ent['description']); + $newPrivilege->setPassword($ent['password']); + $newPrivilege->setUid($ent['uid']); + + $this->privileges[] = $newPrivilege; + } + + function setPrivilegeID($id, $name, $username) { + $userid = getPrivilegeIndexByName($username); + $user = $config['system']['user'][$userid]; + } + + function setFullName($id, $name) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['fullname'] = $name; + } + + function setGroupName($id, $name) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['groupname'] = $name; + } + + function setPassword($id, $pwd) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['password'] = $pwd; + } + + function setUid($id, $uid) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['uid'] = $uid; + } +} + +/** + * @author Daniel S. Haischt + */ +class XMLUserPeer extends AbstractUserPeer { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function XMLUserPeer() { + global $g, $config; + + parent::AbstractUserPeer(); + + if (isset($config['system']['user'])) { + $i = 0; + + foreach($config['system']['user'] as $userent) { + $this->user_index[$userent['name']] = $i; + $i++; + } + } + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + /* ========================================================================== */ + /* == Helper Methods == */ + /* ========================================================================== */ + + function addUserFromEnt(&$ent) { + $newUser = new AuthngUser(); + $newUser->setName($ent['name']); + $newUser->setFullname($ent['fullname']); + $newUser->setGroupname($ent['groupname']); + $newUser->setPassword($ent['password']); + $newUser->setUid($ent['uid']); + + if ($ent['priv'] && is_array($ent['priv'])) { + foreach ($ent['priv'] as $privent) { + $newPrivilege = new Privilege(); + $newPrivilege->setId($privent['id']); + $newPrivilege->setName($privent['name']); + $newPrivilege->setDescription($privent['description']); + + $newUser->addPrivilege($newPrivilege); + } + } + + $this->users[] = $newUser; + } + + function setUserName($id, $name) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['name'] = $name; + } + + function setFullName($id, $name) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['fullname'] = $name; + } + + function setGroupName($id, $name) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['groupname'] = $name; + } + + function setPassword($id, $pwd) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['password'] = $pwd; + } + + function setUid($id, $uid) { + $userid = getUserIndexByName($id); + $config['system']['user'][$userid]['uid'] = $uid; + } +} + +/** + * @author Daniel S. Haischt + */ +class XMLGroupPeer extends AbstractGroupPeer { + /* ========================================================================== */ + /* == Class Members == */ + /* ========================================================================== */ + + /* ========================================================================== */ + /* == Constructor == */ + /* ========================================================================== */ + + function XMLGroupPeer() { + global $g, $config; + + parent::AbstractGroupPeer(); + + if (isset($config['system']['group'])) { + $i = 0; + + foreach($config['system']['group'] as $groupent) { + $this->group_index[$groupent['name']] = $i; + $i++; + } + } + } + + /* ========================================================================== */ + /* == Accessors == */ + /* ========================================================================== */ + + /* ========================================================================== */ + /* == Helper Methods == */ + /* ========================================================================== */ + + function addGroupFromEnt(&$ent) { + $newGoup = new AuthngGroup(); + $newGoup->setName($ent['name']); + $newGoup->setDescription($ent['description']); + $newGoup->setScope($ent['scope']); + $newGoup->setHome($ent['home']); + $newGoup->setGid($ent['gid']); + + if ($ent['pages'] && is_array($ent['gid'])) { + foreach ($ent['pages'] as $pageent) { + $newGoup->addPage($pageent); + } + } + + $this->groups[] = $newGoup; + } + + function setGroupName($id, $name) { + $groupid = getGroupIndexByName($id); + $config['system']['group'][$groupid]['name'] = $name; + } + + function setGroupDescription($id, $desc) { + $groupid = getGroupIndexByName($id); + $config['system']['group'][$groupid]['description'] = $desc; + } + + function setGroupScope($id, $scope) { + $groupid = getGroupIndexByName($id); + $config['system']['group'][$groupid]['scope'] = $scope; + } + + function setGroupHome($id, $home) { + $groupid = getGroupIndexByName($id); + $config['system']['group'][$groupid]['home'] = $home; + } + + function setGroupGid($id, $gid) { + $groupid = getGroupIndexByName($id); + $config['system']['group'][$groupid]['gid'] = $gid; + } + + function addPageToGroup($id, $page) { + $groupid = getGroupIndexByName($id); + $config['system']['group'][$groupid]['pages'][] = $page; + } +} +?> -- cgit v1.2.3