Merge pull request #511 from nodogsplash/4.4.1beta

Add missing NULL parameter and fix script failures

forward_authentication_service/PreAuth/demo-preauth-remote-image.sh

@@ -31,8 +31,8 @@ get_image_file() {
 		ln -s /tmp/remote /etc/nodogsplash/htdocs/images/remote
 	fi
 
-	md5=$(echo -e $imageurl | md5sum);
-	filename=$(echo -e $md5 | awk -F" -" {'print($1)'});
+	md5=$(echo -e "$imageurl" | md5sum);
+	filename=$(echo -e "$md5" | awk -F" -" {'print($1)'});
 	filename="$filename.$imagetype"
 
 	if [ ! -f "$imagepath/$filename" ]; then
@@ -44,7 +44,7 @@ htmlentityencode() {
 	entitylist="s/\"/\&quot;/ s/>/\&gt;/ s/</\&lt;/"
 	local buffer="$1"
 	for entity in $entitylist; do
-		entityencoded=$(echo $buffer | sed $entity)
+		entityencoded=$(echo "$buffer" | sed "$entity")
 		buffer=$entityencoded
 	done
 }
@@ -53,7 +53,7 @@ htmlentitydecode() {
 	entitylist="s/\&quot;/\"/ s/\&gt;/>/ s/\&lt;/</"
 	local buffer="$1"
 	for entity in $entitylist; do
-		entitydecoded=$(echo $buffer | sed $entity)
+		entitydecoded=$(echo "$buffer" | sed "$entity")
 		buffer=$entitydecoded
 	done
 }
@@ -66,9 +66,9 @@ get_client_zone () {
 
 	client_mac=$(ip -4 neigh |grep "$clientip" | awk '{print $5}')
 	client_if_string=$(/usr/lib/nodogsplash/get_client_interface.sh $client_mac)
-	client_if=$(echo $client_if_string | awk '{printf $1}')
-	client_meshnode=$(echo $client_if_string | awk '{printf $2}' | awk -F ':' '{print $1$2$3$4$5$6}')
-	local_mesh_if=$(echo $client_if_string | awk '{printf $3}')
+	client_if=$(echo "$client_if_string" | awk '{printf $1}')
+	client_meshnode=$(echo "$client_if_string" | awk '{printf $2}' | awk -F ':' '{print $1$2$3$4$5$6}')
+	local_mesh_if=$(echo "$client_if_string" | awk '{printf $3}')
 
 	if [ ! -z "$client_meshnode" ]; then
 		client_zone="MeshZone:$client_meshnode"
@@ -82,17 +82,17 @@ write_log () {
 	min_freespace_to_log_ratio=10
 	datetime=$(date)
 
-	if [ ! -f $logfile ]; then
+	if [ ! -f "$logfile" ]; then
 		echo "$datetime, New log file created" > $logfile
 	fi
 
 	ndspid=$(ps | grep nodogsplash | awk -F ' ' 'NR==2 {print $1}')
 	filesize=$(ls -s -1 $logfile | awk -F' ' '{print $1}')
-	available=$(df |grep /tmp | awk -F ' ' '{print $4}')
+	available=$(df |grep /tmp | awk -F ' ' '$6=="/tmp"{print $4}')
 	sizeratio=$(($available/$filesize))
 
 	if [ $sizeratio -ge $min_freespace_to_log_ratio ]; then
-		htmlentitydecode $username
+		htmlentitydecode "$username"
 		userinfo="username=$entitydecoded, emailAddress=$emailaddr"
 		clientinfo="macaddress=$clientmac, clientzone=$client_zone, useragent=$user_agent"
 		echo "$datetime, $userinfo, $clientinfo" >> $logfile
@@ -162,17 +162,24 @@ user_agent=$(printf "${user_agent_enc//%/\\x}")
 
 
 # Parse for the variables returned by NDS:
-queryvarlist="clientip gatewayname hid redir status username emailaddr"
+hid_present=$(echo "$query_enc" | grep "hid")
+
+if [ -z "$hid_present" ]; then
+	queryvarlist="clientip gatewayname redir status username emailaddr"
+else
+	queryvarlist="clientip gatewayname hid redir status username emailaddr"
+fi
 
 for var in $queryvarlist; do
-	nextvar=$(echo $queryvarlist | awk '{for(i=1;i<=NF;i++) if ($i=="'$var'") printf $(i+1)}')
+	nextvar=$(echo "$queryvarlist" | awk '{for(i=1;i<=NF;i++) if ($i=="'$var'") printf $(i+1)}')
 	eval $var=$(echo "$query_enc" | awk -F "$var%3d" '{print $2}' | awk -F "%2c%20$nextvar%3d" '{print $1}')
 done
 
 # URL decode vars that need it:
+
 gatewayname=$(printf "${gatewayname//%/\\x}")
 username=$(printf "${username//%/\\x}")
-htmlentityencode $username
+htmlentityencode "$username"
 username=$entityencoded
 emailaddr=$(printf "${emailaddr//%/\\x}")
 
@@ -262,15 +269,15 @@ login_form="
 "
 
 # Output the page common header
-echo -e $header
+echo -e "$header"
 
 # Check if the client is already logged in and has tapped "back" on their browser
 # Make this a friendly message explaining they are good to go
-if [ $status == "authenticated" ]; then
+if [ "$status" == "authenticated" ]; then
 	echo "<p><big-red>You are already logged in and have access to the Internet.</big-red></p>"
 	echo "<hr>"
 	echo "<p><italic-black>You can use your Browser, Email and other network Apps as you normally would.</italic-black></p>"
-	echo -e $footer
+	echo -e "$footer"
 	exit 0
 fi
 
@@ -283,11 +290,11 @@ fi
 #
 # Note also $clientip, $gatewayname and $requested (redir) must always be preserved
 #
-if [ -z $username ] || [ -z $emailaddr ]; then
+if [ -z "$username" ] || [ -z "$emailaddr" ]; then
 	echo "<big-red>Welcome!</big-red><br>
 		<med-blue>You are connected to $client_zone</med-blue><br>
 		<italic-black>To access the Internet you must enter your Name and Email Address</italic-black><hr>"
-	echo -e $login_form
+	echo -e "$login_form"
 else
 	# If we got here, we have both the username and emailaddr fields as completed on the login page on the client,
 	# so we will now call ndsctl to get client data we need to authenticate and add to our log.
@@ -300,10 +307,10 @@ else
 	varlist="id ip mac added active duration token state downloaded avg_down_speed uploaded avg_up_speed"
 	clientinfo=$(ndsctl json $clientip)
 
-	if [ -z $clientinfo ]; then
+	if [ -z "$clientinfo" ]; then
 		echo "<big-red>Sorry!</big-red><italic-black> The portal is busy, please try again.</italic-black><hr>"
-		echo -e $login_form
-		echo -e $footer
+		echo -e "$login_form"
+		echo -e "$footer"
 		exit 0
 	else
 		for var in $varlist; do
@@ -341,7 +348,7 @@ else
 fi
 
 # Output the page footer
-echo -e $footer
+echo -e "$footer"
 
 # The output of this script could of course be much more complex and
 # could easily be used to conduct a dialogue with the client user.

forward_authentication_service/PreAuth/demo-preauth.sh

@@ -9,7 +9,7 @@ htmlentityencode() {
 	entitylist="s/\"/\&quot;/ s/>/\&gt;/ s/</\&lt;/"
 	local buffer="$1"
 	for entity in $entitylist; do
-		entityencoded=$(echo $buffer | sed $entity)
+		entityencoded=$(echo "$buffer" | sed "$entity")
 		buffer=$entityencoded
 	done
 }
@@ -18,7 +18,7 @@ htmlentitydecode() {
 	entitylist="s/\&quot;/\"/ s/\&gt;/>/ s/\&lt;/</"
 	local buffer="$1"
 	for entity in $entitylist; do
-		entitydecoded=$(echo $buffer | sed $entity)
+		entitydecoded=$(echo "$buffer" | sed "$entity")
 		buffer=$entitydecoded
 	done
 }
@@ -31,9 +31,9 @@ get_client_zone () {
 
 	client_mac=$(ip -4 neigh |grep "$clientip" | awk '{print $5}')
 	client_if_string=$(/usr/lib/nodogsplash/get_client_interface.sh $client_mac)
-	client_if=$(echo $client_if_string | awk '{printf $1}')
-	client_meshnode=$(echo $client_if_string | awk '{printf $2}' | awk -F ':' '{print $1$2$3$4$5$6}')
-	local_mesh_if=$(echo $client_if_string | awk '{printf $3}')
+	client_if=$(echo "$client_if_string" | awk '{printf $1}')
+	client_meshnode=$(echo "$client_if_string" | awk '{printf $2}' | awk -F ':' '{print $1$2$3$4$5$6}')
+	local_mesh_if=$(echo "$client_if_string" | awk '{printf $3}')
 
 	if [ ! -z "$client_meshnode" ]; then
 		client_zone="MeshZone:$client_meshnode"
@@ -47,17 +47,17 @@ write_log () {
 	min_freespace_to_log_ratio=10
 	datetime=$(date)
 
-	if [ ! -f $logfile ]; then
+	if [ ! -f "$logfile" ]; then
 		echo "$datetime, New log file created" > $logfile
 	fi
 
 	ndspid=$(ps | grep nodogsplash | awk -F ' ' 'NR==2 {print $1}')
 	filesize=$(ls -s -1 $logfile | awk -F' ' '{print $1}')
-	available=$(df |grep /tmp | awk -F ' ' '{print $4}')
+	available=$(df |grep /tmp | awk -F ' ' '$6=="/tmp"{print $4}')
 	sizeratio=$(($available/$filesize))
 
 	if [ $sizeratio -ge $min_freespace_to_log_ratio ]; then
-		htmlentitydecode $username
+		htmlentitydecode "$username"
 		userinfo="username=$entitydecoded, emailAddress=$emailaddr"
 		clientinfo="macaddress=$clientmac, clientzone=$client_zone, useragent=$user_agent"
 		echo "$datetime, $userinfo, $clientinfo" >> $logfile
@@ -127,17 +127,24 @@ user_agent=$(printf "${user_agent_enc//%/\\x}")
 
 
 # Parse for the variables returned by NDS:
-queryvarlist="clientip gatewayname hid redir status username emailaddr"
+hid_present=$(echo "$query_enc" | grep "hid")
+
+if [ -z "$hid_present" ]; then
+	queryvarlist="clientip gatewayname redir status username emailaddr"
+else
+	queryvarlist="clientip gatewayname hid redir status username emailaddr"
+fi
 
 for var in $queryvarlist; do
-	nextvar=$(echo $queryvarlist | awk '{for(i=1;i<=NF;i++) if ($i=="'$var'") printf $(i+1)}')
+	nextvar=$(echo "$queryvarlist" | awk '{for(i=1;i<=NF;i++) if ($i=="'$var'") printf $(i+1)}')
 	eval $var=$(echo "$query_enc" | awk -F "$var%3d" '{print $2}' | awk -F "%2c%20$nextvar%3d" '{print $1}')
 done
 
 # URL decode vars that need it:
+
 gatewayname=$(printf "${gatewayname//%/\\x}")
 username=$(printf "${username//%/\\x}")
-htmlentityencode $username
+htmlentityencode "$username"
 username=$entityencoded
 emailaddr=$(printf "${emailaddr//%/\\x}")
 
@@ -216,15 +223,15 @@ login_form="
 "
 
 # Output the page common header
-echo -e $header
+echo -e "$header"
 
 # Check if the client is already logged in and has tapped "back" on their browser
 # Make this a friendly message explaining they are good to go
-if [ $status == "authenticated" ]; then
+if [ "$status" == "authenticated" ]; then
 	echo "<p><big-red>You are already logged in and have access to the Internet.</big-red></p>"
 	echo "<hr>"
 	echo "<p><italic-black>You can use your Browser, Email and other network Apps as you normally would.</italic-black></p>"
-	echo -e $footer
+	echo -e "$footer"
 	exit 0
 fi
 
@@ -237,11 +244,11 @@ fi
 #
 # Note also $clientip, $gatewayname and $requested (redir) must always be preserved
 #
-if [ -z $username ] || [ -z $emailaddr ]; then
+if [ -z "$username" ] || [ -z "$emailaddr" ]; then
 	echo "<big-red>Welcome!</big-red><br>
 		<med-blue>You are connected to $client_zone</med-blue><br>
 		<italic-black>To access the Internet you must enter your Name and Email Address</italic-black><hr>"
-	echo -e $login_form
+	echo -e "$login_form"
 else
 	# If we got here, we have both the username and emailaddr fields as completed on the login page on the client,
 	# so we will now call ndsctl to get client data we need to authenticate and add to our log.
@@ -254,10 +261,10 @@ else
 	varlist="id ip mac added active duration token state downloaded avg_down_speed uploaded avg_up_speed"
 	clientinfo=$(ndsctl json $clientip)
 
-	if [ -z $clientinfo ]; then
+	if [ -z "$clientinfo" ]; then
 		echo "<big-red>Sorry!</big-red><italic-black> The portal is busy, please try again.</italic-black><hr>"
-		echo -e $login_form
-		echo -e $footer
+		echo -e "$login_form"
+		echo -e "$footer"
 		exit 0
 	else
 		for var in $varlist; do
@@ -295,7 +302,7 @@ else
 fi
 
 # Output the page footer
-echo -e $footer
+echo -e "$footer"
 
 # The output of this script could of course be much more complex and
 # could easily be used to conduct a dialogue with the client user.

forward_authentication_service/libs/get_client_interface.sh

@@ -22,7 +22,7 @@ mac=$1
 
 # exit if mac not passed
 
-if [  $(echo $mac | awk -F ':' '{print NF}') != 6 ]; then
+if [  $(echo "$mac" | awk -F ':' '{print NF}') != 6 ]; then
 	echo "
   Usage: get_client_interface.sh [clientmac]
 
@@ -43,12 +43,10 @@ fi
 
 # Get default interface
 # This will be the interface NDS is bound to eg. br-lan
-#clientlocalip=$(ip -4 neigh | awk -F ' ' 'match($s,"'"$mac"' ")>0 {printf $1}')
-#ping=$(ping -W 1 -c 1 $clientlocalip)
-#clientlocalif=$(ip -4 neigh | awk -F ' ' 'match($s,"'"$mac"' REACHABLE")>0 {printf $3}')
+
 clientlocalif=$(ip -4 neigh | awk -F ' ' 'match($s,"'"$mac"' ")>0 {printf $3}')
 
-if [ -z $clientlocalif ]; then
+if [ -z "$clientlocalif" ]; then
 	# The client has gone offline eg battery saving or switched to another ssid
 	echo "Client $mac is not online" | logger -p "daemon.info" -s -t "NDS-Library[$pid]"
 	exit 1

forward_authentication_service/libs/get_client_token.sh

@@ -8,7 +8,7 @@ clientip=$1
 
 # exit if ip not passed
 
-if [  $(echo $clientip | awk -F '.' '{print NF}') != 4 ]; then
+if [  $(echo "$clientip" | awk -F '.' '{print NF}') != 4 ]; then
 	echo "
   Usage: get_client_token.sh [clientip]
 
@@ -44,11 +44,11 @@ wait_for_ndsctl () {
 wait_for_ndsctl
 client_token=$(ndsctl json $clientip | awk -F '"' '$2=="token"{printf $4}')
 
-if [ -z $client_token ]; then
+if [ -z "$client_token" ]; then
 	pid=$(ps | grep get_client_token | awk -F ' ' 'NR==2 {print $1}')
 	echo "client at [$clientip] is not preauthenticated" | logger -p "daemon.warn" -s -t "NDS-Library[$pid]"
 	exit 1
 else
-	echo $client_token
+	echo "$client_token"
 fi
 exit 0

src/main.c

@@ -273,7 +273,7 @@ main_loop(void)
 							libmicrohttpd_cb, NULL,
 							MHD_OPTION_CONNECTION_TIMEOUT, (unsigned int) 120,
 							MHD_OPTION_LISTENING_ADDRESS_REUSE, 1,
-							MHD_OPTION_UNESCAPE_CALLBACK, unescape,
+							MHD_OPTION_UNESCAPE_CALLBACK, unescape, NULL,
 							MHD_OPTION_END)) == NULL) {
 		debug(LOG_ERR, "Could not create web server: %s", strerror(errno));
 		exit(1);