smeserver-coova-chilli/contribs7/smeserver-coova-chilli-0.1-bypass_auth_with_squid_fix.patch

diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh
--- smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh       1970-01-01 01:00:00.000000000 +0100
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh     2008-04-15 11:11:43.000000000 +0200
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
+/sbin/iptables -D IN_FROM_CHILLI -s $FRAMED_IP_ADDRESS -p tcp --dport $SQUID_PORT --syn -j ACCEPT
+
diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh
--- smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh 1970-01-01 01:00:00.000000000 +0100
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh       2008-04-15 11:11:18.000000000 +0200
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+SQUID=$(/sbin/e-smith/db configuration getprop squid status)
+
+if [ $SQUID=='enabled' ]; then
+        SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
+        /sbin/iptables -I IN_FROM_CHILLI 7 -s $FRAMED_IP_ADDRESS \
+                -p tcp --dport $SQUID_PORT --syn -j ACCEPT
+fi
+
diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli
--- smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli       2008-04-04 18:27:32.000000000 +0200
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli     2008-04-15 11:14:58.000000000 +0200
@@ -4,12 +4,12 @@
     my $uamsecret = $chilliconf->prop('uamsecret') || '';
     
     if ($radiussecret eq ''){
-       $pass=`/usr/bin/openssl rand -base64 20 | tr -c -d '[:alnum:]'`;
+       $pass=`/usr/bin/openssl rand -base64 20 | tr -c -d '[:graph:]'`;
        $chilliconf->set_prop('radiussecret',$pass);
     }
 
     if ($uamsecret eq ''){
-       $pass=`/usr/bin/openssl rand -base64 20 | tr -c -d '[:alnum:]'`;
+       $pass=`/usr/bin/openssl rand -base64 60 | tr -c -d '[:graph:]'`;
         $chilliconf->set_prop('uamsecret',$pass);
     }
 
diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts
--- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts  1970-01-01 01:00:00.000000000 +0100
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts        2008-04-15 11:12:30.000000000 +0200
@@ -0,0 +1,3 @@
+conup /etc/chilli/conup.sh
+condown /etc/chilli/condown.sh
+
diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules
--- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules    2008-04-07 18:44:16.000000000 +0200
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules  2008-04-15 11:10:40.000000000 +0200
@@ -29,12 +29,6 @@
     /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport ${'httpd-e-smith'}{'TCPPort'} --syn -j ACCEPT
     /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $modSSL{'TCPPort'} --syn -j ACCEPT
     /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $chilliport --syn -j ACCEPT
-END
-if ($squid{'status'} eq 'enabled'){
-    $OUT .= "    /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $squid{'TransparentPort'} --syn -j ACCEPT\n"
-}
-
-$OUT .=<<END;
     /sbin/iptables -A IN_FROM_CHILLI -j denylog
 
     # OUT_TO_CHILLI
1	diff -Nur -x '.orig' -x '.rej' smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh
2	--- smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh 1970-01-01 01:00:00.000000000 +0100
3	+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh 2008-04-15 11:11:43.000000000 +0200
4	@@ -0,0 +1,5 @@
5	+#!/bin/bash
6	+
7	+SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
8	+/sbin/iptables -D IN_FROM_CHILLI -s $FRAMED_IP_ADDRESS -p tcp --dport $SQUID_PORT --syn -j ACCEPT
9	+
10	diff -Nur -x '.orig' -x '.rej' smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh
11	--- smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh 1970-01-01 01:00:00.000000000 +0100
12	+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh 2008-04-15 11:11:18.000000000 +0200
13	@@ -0,0 +1,10 @@
14	+#!/bin/bash
15	+
16	+SQUID=$(/sbin/e-smith/db configuration getprop squid status)
17	+
18	+if [ $SQUID=='enabled' ]; then
19	+ SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
20	+ /sbin/iptables -I IN_FROM_CHILLI 7 -s $FRAMED_IP_ADDRESS \
21	+ -p tcp --dport $SQUID_PORT --syn -j ACCEPT
22	+fi
23	+
24	diff -Nur -x '.orig' -x '.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli
25	--- smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli 2008-04-04 18:27:32.000000000 +0200
26	+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli 2008-04-15 11:14:58.000000000 +0200
27	@@ -4,12 +4,12 @@
28	my $uamsecret = $chilliconf->prop('uamsecret') \|\| '';
29
30	if ($radiussecret eq ''){
31	- $pass=`/usr/bin/openssl rand -base64 20 \| tr -c -d '[:alnum:]'`;
32	+ $pass=`/usr/bin/openssl rand -base64 20 \| tr -c -d '[:graph:]'`;
33	$chilliconf->set_prop('radiussecret',$pass);
34	}
35
36	if ($uamsecret eq ''){
37	- $pass=`/usr/bin/openssl rand -base64 20 \| tr -c -d '[:alnum:]'`;
38	+ $pass=`/usr/bin/openssl rand -base64 60 \| tr -c -d '[:graph:]'`;
39	$chilliconf->set_prop('uamsecret',$pass);
40	}
41
42	diff -Nur -x '.orig' -x '.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts
43	--- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts 1970-01-01 01:00:00.000000000 +0100
44	+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts 2008-04-15 11:12:30.000000000 +0200
45	@@ -0,0 +1,3 @@
46	+conup /etc/chilli/conup.sh
47	+condown /etc/chilli/condown.sh
48	+
49	diff -Nur -x '.orig' -x '.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules
50	--- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules 2008-04-07 18:44:16.000000000 +0200
51	+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules 2008-04-15 11:10:40.000000000 +0200
52	@@ -29,12 +29,6 @@
53	/sbin/iptables -A IN_FROM_CHILLI -p tcp --dport ${'httpd-e-smith'}{'TCPPort'} --syn -j ACCEPT
54	/sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $modSSL{'TCPPort'} --syn -j ACCEPT
55	/sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $chilliport --syn -j ACCEPT
56	-END
57	-if ($squid{'status'} eq 'enabled'){
58	- $OUT .= " /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $squid{'TransparentPort'} --syn -j ACCEPT\n"
59	-}
60	-
61	-$OUT .=<<END;
62	/sbin/iptables -A IN_FROM_CHILLI -j denylog
63
64	# OUT_TO_CHILLI