PATCH: immediate disconnect feature

[wichert@…]

As I mentioned on the list I have a need for immediate disconnect feature. There are some related features already present, but they do not fit my particular use case:

• The standard logout option only logs out the requesting IP address

• The auth server can already return a disconnect authcode when the gateway does its regular update process. This means there will be a, possibly signficant, delay between requesting a disconnect in the auth server and the gateway actually disconnecting someone. When dealing with abuse, spamruns, etc. this is undesirable.

I have implemented this in two patches:

0001-Add-a-basic-disconnect-command.patch

This implements a very basic disconnect command and hooks it into the http server.

0002-Refactor-logout-logic-so-we-can-share-code.patch

This refactors various bits of code so the logout logic is shared between the firewall update process, wdctl_reset and the disconnect handler

This feature requires the patches from #463 to secure the status page: the status page contains enough information to allow abusers to disconnect every user connected to a gateway/

[wichert@…]

Based on discussions with Alex on the list I've added a third patch to this series which protects the disconnect method with HTTP authentication. As a result these patches now need the changes from #453 in order to compile.

[dinesh_nadeera@…]

This feature not include latest svn(Gateway) can you put it their?

[benoitg]

Patches look fine