From 0fbe7d51ee47a48e37a08959850e140bb0aaf971 Mon Sep 17 00:00:00 2001
From: John Crispin <john@phrozen.org>
Date: Wed, 28 Sep 2022 14:43:45 +0200
Subject: [PATCH] various captive portal improvements

Signed-off-by: John Crispin <john@phrozen.org>
---
 renderer/templates/services/captive.uc |  4 ++
 renderer/templates/spotfilter.uc       |  2 +-
 schema/service.captive.radius.yml      |  5 +++
 schema/service.captive.uam.yml         |  9 +++++
 schema/service.captive.yml             |  5 +++
 schemareader.uc                        | 53 ++++++++++++++++++++++++++
 ucentral.schema.json                   | 15 ++++++++
 7 files changed, 92 insertions(+), 1 deletion(-)

diff --git a/renderer/templates/services/captive.uc b/renderer/templates/services/captive.uc
index ec6c7c5..7db088a 100644
--- a/renderer/templates/services/captive.uc
+++ b/renderer/templates/services/captive.uc
@@ -28,6 +28,7 @@ else {
 
 set uspot.config.auth_mode={{ s(captive.auth_mode) }}
 set uspot.config.web_root={{ b(captive.web_root) }}
+set uspot.config.idle_timeout={{ captive.idle_timeout }}
 
 {% if (captive.auth_mode in [ 'radius', 'uam']): %}
 set uspot.radius.auth_server={{ s(captive.auth_server) }}
@@ -36,6 +37,7 @@ set uspot.radius.auth_secret={{ s(captive.auth_secret) }}
 set uspot.radius.acct_server={{ s(captive.acct_server) }}
 set uspot.radius.acct_port={{ s(captive.acct_port) }}
 set uspot.radius.acct_secret={{ s(captive.acct_secret) }}
+set uspot.radius.acct_interval={{ captive.acct_interval }}
 {% endif %}
 
 {% if (captive.auth_mode == 'uam'): %}
@@ -44,6 +46,7 @@ set uspot.uam.uam_secret={{ s(captive.uam_secret) }}
 set uspot.uam.uam_server={{ s(captive.uam_server) }}
 set uspot.uam.nasid={{ s(captive.nasid) }}
 set uspot.uam.nasmac={{ s(captive.nasmac || serial) }}
+set uspot.uam.ssid={{ s(captive.ssid) }}
 
 {%
 let math = require('math');
@@ -144,4 +147,5 @@ add_list uhttpd.@uhttpd[-1].listen_http='0.0.0.0:{{ captive.uam_port }}'
 add_list uhttpd.@uhttpd[-1].listen_http='[::]:{{ captive.uam_port }}'
 set uhttpd.@uhttpd[-1].home=/tmp/ucentral/www-uspot
 add_list uhttpd.@uhttpd[-1].ucode_prefix='/logon=/usr/share/uspot/handler-uam.uc'
+add_list uhttpd.@uhttpd[-1].ucode_prefix='/logoff=/usr/share/uspot/handler-uam.uc'
 {% endif %}
diff --git a/renderer/templates/spotfilter.uc b/renderer/templates/spotfilter.uc
index 8740846..f250cfd 100644
--- a/renderer/templates/spotfilter.uc
+++ b/renderer/templates/spotfilter.uc
@@ -14,7 +14,7 @@ let config = {
 	config: {
 		default_class: 0,
 		default_dns_class: 1,
-		client_autoremove: 0,
+		client_autoremove: false,
 		class: [
 			{
 				index: 0,
diff --git a/schema/service.captive.radius.yml b/schema/service.captive.radius.yml
index d95e270..259382a 100644
--- a/schema/service.captive.radius.yml
+++ b/schema/service.captive.radius.yml
@@ -48,3 +48,8 @@ properties:
     type: string
     examples:
     - secret
+  acct-interval:
+    description:
+       The timeout used for interim messages.
+    type: integer
+    default: 600
diff --git a/schema/service.captive.uam.yml b/schema/service.captive.uam.yml
index 3283415..0ff9a61 100644
--- a/schema/service.captive.uam.yml
+++ b/schema/service.captive.uam.yml
@@ -72,3 +72,12 @@ properties:
     type: string
     examples:
     - secret
+  acct-interval:
+    description:
+       The timeout used for interim messages.
+    type: integer
+    default: 600
+  ssid:
+    description:
+      The name of the SSID that shall be sent as part of the UAM redirect.
+    type: string
diff --git a/schema/service.captive.yml b/schema/service.captive.yml
index b2ac8ab..e495d37 100644
--- a/schema/service.captive.yml
+++ b/schema/service.captive.yml
@@ -17,3 +17,8 @@ allOf:
           A base64 encoded TAR file with the custom web-root.
         type: string
         format: uc-base64
+      idle-timeout:
+        description:
+          How long may a client be idle before getting removed.
+        type: integer
+        default: 600
diff --git a/schemareader.uc b/schemareader.uc
index d6f03fe..f78a5a5 100644
--- a/schemareader.uc
+++ b/schemareader.uc
@@ -7244,6 +7244,20 @@ function instantiateServiceCaptiveRadius(location, value, errors) {
 			obj.acct_secret = parseAcctSecret(location + "/acct-secret", value["acct-secret"], errors);
 		}
 
+		function parseAcctInterval(location, value, errors) {
+			if (type(value) != "int")
+				push(errors, [ location, "must be of type integer" ]);
+
+			return value;
+		}
+
+		if (exists(value, "acct-interval")) {
+			obj.acct_interval = parseAcctInterval(location + "/acct-interval", value["acct-interval"], errors);
+		}
+		else {
+			obj.acct_interval = 600;
+		}
+
 		return obj;
 	}
 
@@ -7517,6 +7531,31 @@ function instantiateServiceCaptiveUam(location, value, errors) {
 			obj.acct_secret = parseAcctSecret(location + "/acct-secret", value["acct-secret"], errors);
 		}
 
+		function parseAcctInterval(location, value, errors) {
+			if (type(value) != "int")
+				push(errors, [ location, "must be of type integer" ]);
+
+			return value;
+		}
+
+		if (exists(value, "acct-interval")) {
+			obj.acct_interval = parseAcctInterval(location + "/acct-interval", value["acct-interval"], errors);
+		}
+		else {
+			obj.acct_interval = 600;
+		}
+
+		function parseSsid(location, value, errors) {
+			if (type(value) != "string")
+				push(errors, [ location, "must be of type string" ]);
+
+			return value;
+		}
+
+		if (exists(value, "ssid")) {
+			obj.ssid = parseSsid(location + "/ssid", value["ssid"], errors);
+		}
+
 		return obj;
 	}
 
@@ -7666,6 +7705,20 @@ function instantiateServiceCaptive(location, value, errors) {
 				obj.web_root = parseWebRoot(location + "/web-root", value["web-root"], errors);
 			}
 
+			function parseIdleTimeout(location, value, errors) {
+				if (type(value) != "int")
+					push(errors, [ location, "must be of type integer" ]);
+
+				return value;
+			}
+
+			if (exists(value, "idle-timeout")) {
+				obj.idle_timeout = parseIdleTimeout(location + "/idle-timeout", value["idle-timeout"], errors);
+			}
+			else {
+				obj.idle_timeout = 600;
+			}
+
 			return obj;
 		}
 
diff --git a/ucentral.schema.json b/ucentral.schema.json
index af1b343..7935939 100644
--- a/ucentral.schema.json
+++ b/ucentral.schema.json
@@ -2640,6 +2640,10 @@
                     "examples": [
                         "secret"
                     ]
+                },
+                "acct-interval": {
+                    "type": "integer",
+                    "default": 600
                 }
             }
         },
@@ -2728,6 +2732,13 @@
                     "examples": [
                         "secret"
                     ]
+                },
+                "acct-interval": {
+                    "type": "integer",
+                    "default": 600
+                },
+                "ssid": {
+                    "type": "string"
                 }
             }
         },
@@ -2761,6 +2772,10 @@
                         "web-root": {
                             "type": "string",
                             "format": "uc-base64"
+                        },
+                        "idle-timeout": {
+                            "type": "integer",
+                            "default": 600
                         }
                     }
                 }