#!/usr/local/bin/perl # chilli - ChilliSpot.org. A Wireless LAN Access Point Controller # Copyright (C) 2003, 2004 Mondru AB. # # The contents of this file may be used under the terms of the GNU # General Public License Version 2, provided that the above copyright # notice and this permission notice is included in all copies or # substantial portions of the software. use CGI; # Shared secret used to encrypt challenge with. Prevents dictionary attacks. # You should change this to your own shared secret. $uamsecret = 'secret'; # Uncomment the following line if you want to use ordinary user-password # for radius authentication. Must be used together with $uamsecret. #$userpassword = 1; $loginpath = "/cgi-bin/hotspotlogin.cgi"; use Digest::MD5 qw(md5 md5_hex md5_base64); my $cgi = new CGI; # Make sure that the get query parameters are clean $OK_CHARS='-a-zA-Z0-9_.@&=%!'; # If she did use https tell her that it was wrong. if (!($ENV{HTTPS} =~ /^on$/)) { print $cgi->header(); print " HotSpot Login Failed

HotSpot Login Failed

Login must use encrypted connection.
"; exit(0); } $uid=$cgi->param('uid'); $res=$cgi->param('res'); $pwd=$cgi->param('pwd'); $chal=$cgi->param('challenge'); $challenge = $chal; $login=$cgi->param('login'); $logout=$cgi->param('logout'); $prelogin=$cgi->param('prelogin'); $uamip=$cgi->param('uamip'); $uamport=$cgi->param('uamport'); $mac=$cgi->param('mac'); $reply=$cgi->param('reply'); $reply =~ s/\+/ /g; $reply =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg; $result = 0; # 0: It was not a form request # 1: Login successful # 2: Login failed # 3: Logged out # 4: Tried to login while already logged in # 5: (unused) # 6: Not logged in yet # If attempt to login if ($login =~ /^login$/) { $chal=$cgi->param('chal'); $hexchal = pack "H32", $chal; if (defined $uamsecret) { $newchal = md5($hexchal, $uamsecret); } else { $newchal = $hexchal; } $response = md5_hex("\0", $pwd, $newchal); $password = unpack "H32", ($pwd ^ $newchal); print $cgi->header(); print " HotSpot Login "; if ((defined $uamsecret) && defined($userpassword)) { print " "; } else { print " "; } print " "; print "

"; print "

Logging in to HotSpot

"; print "
Please wait......
"; exit(0); } # If login successful if ($res =~ /^success$/) { $result = 1; } # If login failed if ($res =~ /^failed$/) { $result = 2; } # If logout successful if ($res =~ /^logoff$/) { $result = 3; } # If tried to login while already logged in if ($res =~ /^already$/) { $result = 4; } # If requested a pop up window if ($res =~ /^popup$/) { $result = 5; } # If not logged in yet if ($res =~ /^logon$/) { $result = 6; } if ($res =~ /^notyet$/) { $result = 6; } # Otherwise it was not a form request # Send out an error message if ($result == 0) { print $cgi->header(); print " HotSpot Login Failed

HotSpot Login Failed

Login must be performed through ChilliSpot daemon.
"; exit(0); } #Generate the output print $cgi->header(); print " HotSpot Login "; if ($result == 1) { print " "; } else { print " "; } print "

"; #print "THE INPUT: $input"; #foreach $key (sort (keys %ENV)) { # print $key, ' = ', $ENV{$key}, "
\n"; #} if ($result == 2) { print "

HotSpot Login Failed

"; if ($reply) { print "
$reply

"; } } if ($result == 6) { print "

Login to HotSpot

"; } if ($result == 2 || $result == 6) { print "
Login:
Password:
"; } if ($result == 1) { print "

Logged in to HotSpot

"; if ($reply) { print "
$reply

"; } print "
Logout
"; } if ($result == 5) { print "

Logged in to HotSpot

Logout
"; } if ($result == 4) { print "

Already logged in to HotSpot

Logout
"; } if ($result == 3) { print "

Logged out from HotSpot

Login
"; } exit(0);