Add radius scripts

install/radius_install

@@ -0,0 +1,10 @@
+#! /bin/bash 
+
+apt-get install libssl-dev  libgnutls28-dev  gcc python2.7-dev libldap2-dev libacl1-dev libtalloc-dev libsasl2-dev
+cd /tmp
+wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.9.tar.gz 
+tar -xzf freeradius-server-3.0.9.tar.gz 
+cd freeradius-server-3.0.9
+./configure
+make
+make install

install/radius_prepare

@@ -0,0 +1,75 @@
+#! /bin/bash
+
+
+
+cd /usr/local/etc/raddb/certs/
+
+capass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
+srvpass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
+
+#ca
+cafile=ca.cnf
+sed -i -e '/\[ req \]/,/^\[/ s/.*input_password.*/input_password		= '$capass'/' $cafile
+sed -i -e '/\[ req \]/,/^\[/ s/.*output_password.*/output_password		= '$capass'/' $cafile
+
+sed -i -e '/\[certificate_authority\]/,/^\[/ s/.*countryName.*/countryName		= PL/' $cafile
+sed -i -e '/\[certificate_authority\]/,/^\[/ s/.*stateOrProvinceName.*/stateOrProvinceName		= Radius/' $cafile
+sed -i -e '/\[certificate_authority\]/,/^\[/ s/.*localityName.*/localityName		= Poland/' $cafile
+sed -i -e '/\[certificate_authority\]/,/^\[/ s/.*organizationName.*/organizationName		= nettemp.pl/' $cafile
+sed -i -e '/\[certificate_authority\]/,/^\[/ s/.*emailAddress.*/emailAddress		= [email protected]/' $cafile
+sed -i -e '/\[certificate_authority\]/,/^\[/ s/.*commonName.*/commonName		= "Local nettemp"/' $cafile
+
+sed -i -e '/\[ CA_default \]/,/^\[/ s/.*default_days.*/default_days		= 1825/' $cafile
+
+#server
+serverfile=server.cnf
+
+sed -i -e '/\[ req \]/,/^\[/ s/.*input_password.*/input_password		= '$srvpass'/' $serverfile
+sed -i -e '/\[ req \]/,/^\[/ s/.*output_password.*/output_password		= '$srvpass'/' $serverfile
+
+sed -i -e '/\[server\]/,/^\[/ s/.*countryName.*/countryName		= PL/' $serverfile
+sed -i -e '/\[server\]/,/^\[/ s/.*stateOrProvinceName.*/stateOrProvinceName		= Radius/' $serverfile
+sed -i -e '/\[server\]/,/^\[/ s/.*localityName.*/localityName		= Poland/' $serverfile
+sed -i -e '/\[server\]/,/^\[/ s/.*organizationName.*/organizationName		= nettemp.pl/' $serverfile
+sed -i -e '/\[server\]/,/^\[/ s/.*emailAddress.*/emailAddress		= [email protected]/' $serverfile
+sed -i -e '/\[server\]/,/^\[/ s/.*commonName.*/commonName		= "Local nettemp"/' $serverfile
+
+sed -i -e '/\[ CA_default \]/,/^\[/ s/.*default_days.*/default_days		= 1825/' $serverfile
+
+
+#client
+clientfile=client.cnf
+sed -i -e '/\[client\]/,/^\[/ s/.*countryName.*/countryName		= PL/' $clientfile
+sed -i -e '/\[client\]/,/^\[/ s/.*stateOrProvinceName.*/stateOrProvinceName		= Radius/' $clientfile
+sed -i -e '/\[client\]/,/^\[/ s/.*localityName.*/localityName		= Poland/' $clientfile
+sed -i -e '/\[client\]/,/^\[/ s/.*organizationName.*/organizationName		= nettemp.pl/' $clientfile
+sed -i -e '/\[client\]/,/^\[/ s/.*emailAddress.*/emailAddress		= [email protected]/' $clientfile
+sed -i -e '/\[client\]/,/^\[/ s/.*commonName.*/commonName		= "Local nettemp"/' $clientfile
+
+sed -i -e '/\[ CA_default \]/,/^\[/ s/.*default_days.*/default_days		= 365/' $clientfile
+
+#make
+
+rm -f *.pem *.der *.csr *.crt *.key *.p12 serial* index.txt*
+rm -rf CA
+mkdir -p CA
+make ca
+make server
+
+# default CLR
+
+capass=$(grep output_password ca.cnf | sed 's/.*=//;s/^ *//')
+openssl ca -gencrl -keyfile ca.key -key $capass -cert ca.pem -out CA/crl.pem -config ./ca.cnf
+cp ca.pem CA/
+c_rehash CA/
+
+
+#eap
+cp ../mods-available/eap ../mods-available/eap.org
+sed -i -e 's/.*private_key_password.*/private_key_password		= '$srvpass'/' ../mods-available/eap
+sed -i -e 's/.*ca_file = ${cadir}\/ca.pem.*/#ca_file = ${cadir}\/ca.pem/' ../mods-available/eap
+sed -i -e 's/.*check_crl =.*/check_crl = yes/' ../mods-available/eap
+sed -i -e 's/.*ca_path = ${cadir}.*/ca_path = ${cadir}\/CA/' ../mods-available/eap
+sed -i -e 's/.*check_cert_cn = %{User-Name}.*/check_cert_cn = %{User-Name}/' ../mods-available/eap
+
+

modules/gpio/html/gpio_trigger.php

@@ -80,12 +80,13 @@
 ?>
      <form action="" method="post" style=" display:inline!important;">
 	 <select name="trigger_delay" onchange="this.form.submit()">
-	    <option <?php echo $a['trigger_delay'] == "" ? 'selected="selected"' : ''; ?> value="">Delay 0</option>
-	    <option <?php echo $a['trigger_delay'] == "5" ? 'selected="selected"' : ''; ?> value="5">Delay 5 sec</option>
-	    <option <?php echo $a['trigger_delay'] == "30" ? 'selected="selected"' : ''; ?> value="30">Delay 30 sec</option>
-	    <option <?php echo $a['trigger_delay'] == "60" ? 'selected="selected"' : ''; ?> value="60">Delay 1 min</option>
-	    <option <?php echo $a['trigger_delay'] == "120" ? 'selected="selected"' : ''; ?> value="120">Delay 2 min</option>
-	    <option <?php echo $a['trigger_delay'] == "360" ? 'selected="selected"' : ''; ?> value="360">Delay 5 min</option>
+	    <option <?php echo $a['trigger_delay'] == "" ? 'selected="selected"' : ''; ?> value="">Start delay 0</option>
+	    <option <?php echo $a['trigger_delay'] == "5" ? 'selected="selected"' : ''; ?> value="5">Start delay 5 sec</option>
+	    <option <?php echo $a['trigger_delay'] == "10" ? 'selected="selected"' : ''; ?> value="10">Start delay 10 sec</option>
+	    <option <?php echo $a['trigger_delay'] == "30" ? 'selected="selected"' : ''; ?> value="30">Start delay 30 sec</option>
+	    <option <?php echo $a['trigger_delay'] == "60" ? 'selected="selected"' : ''; ?> value="60">Start delay 1 min</option>
+	    <option <?php echo $a['trigger_delay'] == "120" ? 'selected="selected"' : ''; ?> value="120">Start delay 2 min</option>
+	    <option <?php echo $a['trigger_delay'] == "360" ? 'selected="selected"' : ''; ?> value="360">Start delay 5 min</option>
 	</select> 
 	<input type="hidden" name="gpio" value="<?php echo $a['gpio']; ?>"/>
 	<input type="hidden" name="trigger_delay1" value="trigger_delay1" />

modules/radius/EAP_TLS_client

@@ -0,0 +1,39 @@
+#! /bin/bash
+
+user="$1"
+mail="$2"
+days="$3"
+
+if [[ ! -n "$user" || ! -n "$mail" ]]; then
+    echo "No user or email or days"
+    echo "ex. client test [email protected] 365"
+    exit 0
+fi
+
+cd /usr/local/etc/raddb/certs
+mkdir -p users/$user
+
+clientfile=client.cnf
+pass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
+
+if [ -n "$days" ]; then
+sed -i -e '/\[ CA_default \]/,/^\[/ s/.*default_days.*/default_days		= '$days'/' $clientfile
+fi
+
+sed -i -e '/\[ req \]/,/^\[/ s/.*input_password.*/input_password		= '$pass'/' $clientfile
+sed -i -e '/\[ req \]/,/^\[/ s/.*output_password.*/output_password	= '$pass'/' $clientfile
+sed -i -e '/\[client\]/,/^\[/ s/.*emailAddress.*/emailAddress		= '$mail'/' $clientfile
+sed -i -e '/\[client\]/,/^\[/ s/.*commonName.*/commonName		= '$user'/' $clientfile
+
+make client
+
+openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12  -passin pass:$pass -passout pass:$pass -name "RADIUS Nettemp"
+
+
+mv client.p12 users/$user/export.p12
+mv client.pem users/$user/$user.pem
+rm $mail.pem
+echo "$pass" > users/$user/pass.txt
+
+
+/var/www/nettemp/modules/mail/mail_test $mail "WiFi certificate form RADIUS "  "This is Your certificate file and export password: $(cat users/$user/pass.txt)" users/$user/export.p12

modules/radius/EAP_TLS_revoke

@@ -0,0 +1,15 @@
+#! /bin/bash
+
+cd /usr/local/etc/raddb/certs
+
+user="users/$1/$1.pem"
+name="$1"
+
+capass=$(grep output_password ca.cnf | sed 's/.*=//;s/^ *//')
+
+openssl ca -revoke $user -keyfile ca.key -key $capass -cert ca.pem -config ./ca.cnf
+openssl ca -gencrl -keyfile ca.key -key $capass -cert ca.pem -out CA/crl.pem -config ./ca.cnf
+
+rm CA/ca.pem
+cp ca.pem CA/
+c_rehash CA/