Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

19.7 CaptivePortal auth does not work #3612

Closed
rantwolf opened this issue Jul 29, 2019 · 10 comments
Closed

19.7 CaptivePortal auth does not work #3612

rantwolf opened this issue Jul 29, 2019 · 10 comments
Assignees
@AdSchellevis
Labels
bug Production bug

Comments

@rantwolf
Copy link

Hi.
On 19.7 and 19.7.1 there is an error with the captive portal.
Auth is no longer working.
After the input of the credentials I got an error: "login failed."

Log-file output: "Jul 27 19:24:39 captiveportal[88395]: AUTH ****** (192.168.XXX.27) zone 0"

Things I've done:

  • restart the captiveportal deamon
  • created new vouchers
  • deleted the full CP settings and created new.

Nothing helps...

Issue has been reported by some guys in the forums:
https://forum.opnsense.org/index.php?topic=13599.0
@AdSchellevis AdSchellevis added the incomplete Issue template missing info label Jul 29, 2019
@doctorA
Copy link

doctorA commented Jul 30, 2019

I'm experiencing the same problems with Captive portal:

Describe the bug
I'm running the Captive Portal on 19.7. I have it configured for no authentication/no login with a splash page and an "Accept" button in place of the "Sign in" button.

What happens is the captive portal page pops up and when someone selects the "Accept" button, they get a "Login Failed" error box in pink and access is denied. This happens for everyone.

To Reproduce

  1. Go to 'https://xxx.xxx.xxx.xxx/ui/captiveportal' - Configure/enable captive portal with: Interface: guest wifi interface (separate physical LAN), Authenticate using: none, Always send accounting requests: unchecked, Enforce local group: none, Idle Timeout and Hard Timeout: empty, Concurrent Logins: unchecked, SSL Certificate: none, Hostname: empty, Allowed Addresses: empty, Transparent Proxy (HTTP/HTTPS): unchecked, Custom Template: none, Description: Text.
  2. Save and Apply
  3. User connects to WiFi and is presented with Portal Page. Once they select the "Accept" (without username/password due to no authentication selection), the user receives "Login Failed" in a pink box and Internet Access is not available.

Expected behavior
The user should be able to click the button and get internet access.

Relevant log files
Logs from configd.log:

Jul 30 12:48:04 OPNsense configd.py: [239278e0-6d6f-4d7c-85ae-8f590e150141] Script action failed wit h Command '/usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py /zoneid '0' /username 'anonymous@192.168.1.101' /ip_address '192.168.1.101' /authenticated_via '' /output_type 'json'' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 484, in execute stdout=output_stream, stderr=error_stream) File "/usr/local/lib/python3.7/subprocess.py", line 347, in check_call raise CalledProcessError(retco de, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py /zoneid '0' /username 'anonymous@192.168.1.101' /ip_address '192.168.1.101' /authenticated_via '' /output_type 'json'' returned non-zero exit status 1.

I also tried using the command from issue #3235
#####@OPNsense:~ # /usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py /zoneid '0' /username 'anonymous@192.168.1.101' /ip_address '192.168.1.101'

which displayed the following text:

#####@OPNsense:~ # /usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py /zoneid '0' /username 'anonymous@192.168.1.101' /ip_address '192.168.1.101' Traceback (most recent call last): File "/usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py", line 62, in <module> mac_address=mac_address File "/usr/local/opnsense/scripts/OPNsense/CaptivePortal/lib/db.py", line 134, in add_client """, response) sqlite3.OperationalError: no such table: cp_clients

The exact same entries in configd.log and sqlite error happen if I set the Captive portal to use the voucher server and generate some vouchers. When I try to login by using the voucher I also get a "Login Failed" error box in pink and access is denied,

I get the following entry in the Captive Portal:

captiveportal[2537]: AUTH CzYtuyPw (192.168.1.101) zone 0

Under Services ->Captive Portal ->Vouchers I can see that the entered Voucher had its status changed to Valid, but I still can't login properly.

@AdSchellevis
Copy link
Member

@doctorA sounds like a broken database, can you move or remove /var/captiveportal/captiveportal.sqlite and try again?

@doctorA
Copy link

doctorA commented Jul 30, 2019

@AdSchellevis sorry I forgot to mention that I already deleted the database and tried again, still got the same issue.

AdSchellevis added a commit that referenced this issue Jul 30, 2019
@AdSchellevis
Captive portal, python 3 issue, trying to read script as binary. for #…
e4b5133 
…3612
@AdSchellevis
Copy link
Member

@doctorA can you delete the file again and install the following patch?

opnsense-patch e4b5133

@doctorA
Copy link

doctorA commented Jul 30, 2019

@AdSchellevis thank you very much for such fast response, both the anon and voucher login now work without issues!

fichtner pushed a commit that referenced this issue Jul 30, 2019
@AdSchellevis @fichtner
Captive portal, python 3 issue, trying to read script as binary. for #…
7a7da93 
…3612

(cherry picked from commit e4b5133)
@AdSchellevis
Copy link
Member

AdSchellevis commented Jul 30, 2019
edited
Loading

@doctorA your welcome, let's consider this issue closed.

@AdSchellevis AdSchellevis self-assigned this Jul 30, 2019
@AdSchellevis AdSchellevis added bug Production bug and removed incomplete Issue template missing info labels Jul 30, 2019
@rantwolf
Copy link
Author

rantwolf commented Jul 30, 2019
edited
Loading

Hi.
Sorry for the delay.
I also removed the sqlite file multiple times and applied the patch.
Restarted the captiveportal daemon and after a few tests the whole firewall.
But it doesn't work.
I think I'm going crazy... Is there something that I made wrong?

Output of captiveportal log file.
Jul 30 23:01:11 | captiveportal[4917]: AUTH px7qy (192.168.142.27) zone 0
Jul 30 22:59:59 | captiveportal[4917]: AUTH x8vtf (192.168.142.27) zone 0

And the log from configd
configd.py: [94f0e9bc-be47-4b53-a237-ed1d193c9fbc] Script action failed with Command '/usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py /zoneid '0' /username 'px7qy' /ip_address '192.168.142.27' /authenticated_via 'CPnet' /output_type 'json'' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 484, in execute stdout=output_stream, stderr=error_stream) File "/usr/local/lib/python3.7/subprocess.py", line 347, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py /zoneid '0' /username 'px7qy' /ip_address '192.168.142.27' /authenticated_via 'CPnet' /output_type 'json'' returned non-zero exit status 1

@AdSchellevis
Copy link
Member

@rantwolf easiest test is to check if the output is similar, run:

/usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py /zoneid '0' /username 'px7qy' /ip_address '192.168.142.27' /authenticated_via 'CPnet' /output_type 'json'

@rantwolf
Copy link
Author

rantwolf commented Jul 31, 2019
edited
Loading

Hi Ad.

Got this error.
Traceback (most recent call last): File "/usr/local/opnsense/scripts/OPNsense/CaptivePortal/allow.py", line 62, in <module> mac_address=mac_address File "/usr/local/opnsense/scripts/OPNsense/CaptivePortal/lib/db.py", line 134, in add_client """, response) sqlite3.OperationalError: no such table: cp_clients

After deleting the sqlite file again and restart the daemon now it works.
I don't know why I got this error. I've done all things named above.
Checked every step. I'm so confused. Why was the db file damaged?

A big thanks to you and your help.

@AdSchellevis
Copy link
Member

@rantwolf probably an unclean shutdown of the system, the ufs filesystem isn't very forgiving. good to hear it's solved now.

@RomanJos RomanJos mentioned this issue Dec 23, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AdSchellevis AdSchellevis

Labels
bug Production bug
Milestone
No milestone
Development

No branches or pull requests
3 participants
@doctorA @AdSchellevis @rantwolf