#!/bin/sh # Dirk van Deun 2004, dirk at dinf.vub.ac.be header() { echo "Content-type: text/html\n" } parseparms() { parms=`cat` if [ -z "$parms" ]; then return fi IFS="&" set $parms set $1 for pair { case $pair in user=*) user=${pair#user=} ;; pass=*) pass=${pair#pass=} ;; url=*) url=${pair#url=} ;; esac } user=`echo $user | /var/www/private/urldecode` pass=`echo $pass | /var/www/private/urldecode` url=`echo $url | /var/www/private/urldecode` } geturl() { case $SERVER_PORT in 80) PROTO=http ;; 443) PROTO=https ;; esac if [ -z "$url" ]; then url=$PROTO://$HTTP_HOST$REQUEST_URI fi } form() { cat <<--

IG Airlines login

Use your computer centre account to access the wireless network in this building.

Registration of MAC addresses is not required anymore.

- if [ $PROTO != "https" ]; then cat <<--

- fi } getinfo() { # get the remote mac address from the dhcpd leases file, first searching # for the *last* lease with the correct IP address, then searching for the # ethernet address that goes with it; the grep is only a sanity check REMOTE_MAC=`echo "?lease $REMOTE_ADDR \n/hardware ethernet" \ | ed /var/db/dhcpd.leases 2>/dev/null | tail -1 \ | grep "hardware ethernet" | cut -d " " -f 3` REMOTE_MAC=${REMOTE_MAC%;} # get the date in the format that the leases file uses (but local time) LOCALDATE=`date +%Y/%m/%d\ %H:%M:%S` } checkpass() { if [ `echo "$user\n$pass" | authenticate` != 0.0.0 ]; then # this script has the s-bit set so that it can do pfctl: ../private/dologin $REMOTE_ADDR echo $LOCALDATE $user $REMOTE_ADDR $REMOTE_MAC >>/var/log/natlogins echo "Click here to go on to $url." echo "" else form "Try again" fi } header parseparms geturl if [ -z "$user" ]; then form "Log in" else getinfo checkpass fi