hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2025-01-10 08:22:27 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge ppp 2.3.3 -> 2.3.5 changes onto mainline.

Browse Source
This commit is contained in:
Peter Wemm 1998-06-20 18:02:16 +00:00
parent 8bc3cd6211
commit f3af07bd28
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=37069
14 changed files with 487 additions and 354 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

185
usr.sbin/pppd/auth.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char rcsid[] = "$Id: auth.c,v 1.21 1997/12/13 05:27:29 jdp Exp $";
static char rcsid[] = "$Id: auth.c,v 1.22 1998/03/22 05:32:43 peter Exp $";
#endif
#include <stdio.h>
@ -60,14 +60,10 @@ static char rcsid[] = "$Id: auth.c,v 1.21 1997/12/13 05:27:29 jdp Exp $";
#ifdef USE_PAM
#include <security/pam_appl.h>
#include <security/pam_modules.h>
#endif
#ifdef HAS_SHADOW
#include <shadow.h>
#ifndef SVR4
#include <shadow/pwauth.h>
#endif
#ifndef PW_PPP
#define PW_PPP PW_LOGIN
#endif
@ -375,6 +371,8 @@ auth_peer_success(unit, protocol, name, namelen)
*/
auth_set_ip_addr(unit);
script_setenv("PEERNAME", peer_authname);
/*
* If there is no more authentication still to be done,
* proceed to the network (or callback) phase.
@ -460,6 +458,12 @@ np_up(unit, proto)
*/
if (maxconnect > 0)
TIMEOUT(connect_time_expired, 0, maxconnect);
/*
* Detach now, if the updetach option was given.
*/
if (nodetach == -1)
detach();
}
++num_np_up;
}
@ -610,7 +614,6 @@ auth_reset(unit)
if (!have_chap_secret(remote_name, our_name, remote))
go->neg_chap = 0;
}
}
@ -754,15 +757,65 @@ checkfile(fname, name)
}
/*
* This function is needed for PAM. However, it should not be called.
* If it is, return the error code.
* This function is needed for PAM.
*/
#ifdef USE_PAM
static int pam_conv(int num_msg, const struct pam_message **msg,
struct pam_response **resp, void *appdata_ptr)
static char *PAM_username = "";
static char *PAM_password = "";
#ifdef PAM_ESTABLISH_CRED /* new PAM defines :(^ */
#define MY_PAM_STRERROR(err_code) (char *) pam_strerror(pamh,err_code)
#else
#define MY_PAM_STRERROR(err_code) (char *) pam_strerror(err_code)
#endif
static int pam_conv (int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr)
{
return PAM_CONV_ERR;
int count = 0, replies = 0;
struct pam_response *reply = NULL;
int size = 0;
for (count = 0; count < num_msg; count++)
{
size += sizeof (struct pam_response);
reply = realloc (reply, size); /* ANSI: is malloc() if reply==NULL */
if (!reply)
return PAM_CONV_ERR;
switch (msg[count]->msg_style)
{
case PAM_PROMPT_ECHO_ON:
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies++].resp = strdup(PAM_username); /* never NULL */
break;
case PAM_PROMPT_ECHO_OFF:
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies++].resp = strdup(PAM_password); /* never NULL */
break;
case PAM_TEXT_INFO:
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies++].resp = NULL;
break;
case PAM_ERROR_MSG:
default:
free (reply);
return PAM_CONV_ERR;
}
}
if (resp)
*resp = reply;
else
free (reply);
return PAM_SUCCESS;
}
#endif
@ -785,14 +838,12 @@ plogin(user, passwd, msg, msglen)
char **msg;
int *msglen;
{
char *tty;
#ifdef USE_PAM
struct pam_conv pam_conversation;
pam_handle_t *pamh;
int pam_error;
char *pass;
char *dev;
/*
* Fill the pam_conversion structure
*/
@ -800,23 +851,33 @@ plogin(user, passwd, msg, msglen)
pam_conversation.conv = &pam_conv;
pam_error = pam_start ("ppp", user, &pam_conversation, &pamh);
if (pam_error != PAM_SUCCESS) {
*msg = (char *) pam_strerror (pam_error);
*msg = MY_PAM_STRERROR (pam_error);
return UPAP_AUTHNAK;
}
/*
* Define the fields for the credintial validation
*/
(void) pam_set_item (pamh, PAM_AUTHTOK, passwd);
(void) pam_set_item (pamh, PAM_TTY, devnam);
(void) pam_set_item (pamh, PAM_TTY, devnam);
PAM_username = user;
PAM_password = passwd;
/*
* Validate the user
*/
pam_error = pam_authenticate (pamh, PAM_SILENT);
if (pam_error == PAM_SUCCESS)
if (pam_error == PAM_SUCCESS) {
pam_error = pam_acct_mgmt (pamh, PAM_SILENT);
*msg = (char *) pam_strerror (pam_error);
/* start a session for this user. Session closed when link ends. */
if (pam_error == PAM_SUCCESS)
(void) pam_open_session (pamh, PAM_SILENT);
}
*msg = MY_PAM_STRERROR (pam_error);
PAM_username =
PAM_password = "";
/*
* Clean up the mess
*/
@ -832,15 +893,15 @@ plogin(user, passwd, msg, msglen)
struct passwd *pw;
struct utmp utmp;
struct timeval tp;
char *epasswd;
char *tty;
#ifdef HAS_SHADOW
struct spwd *spwd;
struct spwd *getspnam();
extern int isexpired (struct passwd *, struct spwd *); /* in libshadow.a */
#endif
pw = getpwnam(user);
endpwent();
if (pw == NULL) {
return (UPAP_AUTHNAK);
}
@ -867,8 +928,13 @@ plogin(user, passwd, msg, msglen)
endspent();
if (spwd) {
/* check the age of the password entry */
if (isexpired(pw, spwd)) {
syslog(LOG_WARNING,"Expired password for %s",user);
long now = time(NULL) / 86400L;
if ((spwd->sp_expire > 0 && now >= spwd->sp_expire)
|| ((spwd->sp_max >= 0 && spwd->sp_max < 10000)
&& spwd->sp_lstchg >= 0
&& now >= spwd->sp_lstchg + spwd->sp_max)) {
syslog(LOG_WARNING, "Password for %s has expired", user);
return (UPAP_AUTHNAK);
}
pw->pw_passwd = spwd->sp_pwdp;
@ -878,32 +944,23 @@ plogin(user, passwd, msg, msglen)
/*
* If no passwd, don't let them login.
*/
if (pw->pw_passwd[0] != '\0') {
if (pw->pw_passwd == NULL || *pw->pw_passwd == '\0'
|| strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0)
return (UPAP_AUTHNAK);
#ifdef HAS_SHADOW
if ((pw->pw_passwd && pw->pw_passwd[0] == '@'
&& pw_auth (pw->pw_passwd+1, pw->pw_name, PW_PPP, NULL))
|| !valid (passwd, pw)) {
return (UPAP_AUTHNAK);
if (pw->pw_expire) {
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (tp.tv_sec >= pw->pw_expire) {
syslog(LOG_INFO, "pap user %s account expired", user);
return (UPAP_AUTHNAK);
}
#else
epasswd = crypt(passwd, pw->pw_passwd);
if (strcmp(epasswd, pw->pw_passwd)) {
return (UPAP_AUTHNAK);
}
#endif
}
if (pw->pw_expire) {
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (tp.tv_sec >= pw->pw_expire) {
syslog(LOG_INFO, "pap user %s account expired", user);
return (UPAP_AUTHNAK);
}
}
} /* if password */
#endif /* #ifdef USE_PAM */
syslog(LOG_INFO, "user %s logged in", user);
/* These functions are not enabled for PAM. The reason for this is that */
/* there is not necessarily a "passwd" entry for this user. That is */
/* real purpose of 'PAM' -- to virtualize the account data from the */
/* application. If you want to do the same thing, write the entry in */
/* the 'session' hook. */
/* Log in wtmp and utmp using login() */
@ -914,7 +971,7 @@ plogin(user, passwd, msg, msglen)
if (logout(tty)) /* Already entered (by login?) */
logwtmp(tty, "", "");
#ifdef _PATH_LASTLOG
#if defined(_PATH_LASTLOG)
{
struct lastlog ll;
int fd;
@ -929,7 +986,6 @@ plogin(user, passwd, msg, msglen)
}
}
#endif
logged_in = TRUE;
memset((void *)&utmp, 0, sizeof(utmp));
(void)time(&utmp.ut_time);
@ -938,6 +994,11 @@ plogin(user, passwd, msg, msglen)
(void)strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line));
login(&utmp); /* This logs us in wtmp too */
#endif /* #ifdef USE_PAM */
syslog(LOG_INFO, "user %s logged in", user);
logged_in = TRUE;
return (UPAP_AUTHACK);
}
@ -947,15 +1008,36 @@ plogin(user, passwd, msg, msglen)
static void
plogout()
{
#ifdef USE_PAM
struct pam_conv pam_conversation;
pam_handle_t *pamh;
int pam_error;
/*
* Fill the pam_conversion structure. The PAM specification states that the
* session must be able to be closed by a totally different handle from which
* it was created. Hold the PAM group to their own specification!
*/
memset (&pam_conversation, '\0', sizeof (struct pam_conv));
pam_conversation.conv = &pam_conv;
pam_error = pam_start ("ppp", user, &pam_conversation, &pamh);
if (pam_error == PAM_SUCCESS) {
(void) pam_set_item (pamh, PAM_TTY, devnam);
(void) pam_close_session (pamh, PAM_SILENT);
(void) pam_end (pamh, PAM_SUCCESS);
}
#else
char *tty;
tty = devnam;
if (strncmp(tty, "/dev/", 5) == 0)
tty += 5;
logwtmp(tty, "", ""); /* Wipe out wtmp logout entry */
logged_in = FALSE;
logout(tty); /* Wipe out utmp */
#endif
logged_in = FALSE;
}
@ -1172,8 +1254,7 @@ set_allowed_addrs(unit, addrs)
u_int32_t a;
struct hostent *hp;
if (wo->hisaddr == 0 && *p != '!' && *p != '-'
&& strchr(p, '/') == NULL) {
if (*p != '!' && *p != '-' && strchr(p, '/') == NULL) {
hp = gethostbyname(p);
if (hp != NULL && hp->h_addrtype == AF_INET)
a = *(u_int32_t *)hp->h_addr;

261
usr.sbin/pppd/ccp.c
View File

@ -26,19 +26,18 @@
*/
#ifndef lint
static char rcsid[] = "$Id: ccp.c,v 1.7 1997/08/19 17:52:33 peter Exp $";
static char rcsid[] = "$Id: ccp.c,v 1.8 1998/03/22 06:57:18 peter Exp $";
#endif
#include <string.h>
#include <syslog.h>
#include <sys/ioctl.h>
#include <sys/types.h>
#include <net/ppp_defs.h>
#include <net/ppp_comp.h>
#include "pppd.h"
#include "fsm.h"
#include "ccp.h"
#include <net/ppp_comp.h>
/*
* Protocol entry points from main code.
@ -116,14 +115,8 @@ static fsm_callbacks ccp_callbacks = {
/*
* Do we want / did we get any compression?
*/
#ifdef CI_BADDEFLATE
#define ANY_COMPRESS(opt) ((opt).deflate || (opt).baddeflate \
|| (opt).bsd_compress \
|| (opt).predictor_1 || (opt).predictor_2)
#else
#define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \
|| (opt).predictor_1 || (opt).predictor_2)
#endif
/*
* Local state (mainly for handling reset-reqs and reset-acks).
@ -157,15 +150,12 @@ ccp_init(unit)
ccp_wantoptions[0].deflate = 1;
ccp_wantoptions[0].deflate_size = DEFLATE_MAX_SIZE;
ccp_wantoptions[0].deflate_correct = 1;
ccp_wantoptions[0].deflate_draft = 1;
ccp_allowoptions[0].deflate = 1;
ccp_allowoptions[0].deflate_size = DEFLATE_MAX_SIZE;
#ifdef CI_BADDEFLATE
ccp_wantoptions[0].baddeflate = 1;
ccp_wantoptions[0].baddeflate_size = DEFLATE_MAX_SIZE;
ccp_allowoptions[0].baddeflate = 1;
ccp_allowoptions[0].baddeflate_size = DEFLATE_MAX_SIZE;
#endif
ccp_allowoptions[0].deflate_correct = 1;
ccp_allowoptions[0].deflate_draft = 1;
ccp_wantoptions[0].bsd_compress = 1;
ccp_wantoptions[0].bsd_bits = BSD_MAX_BITS;
@ -328,23 +318,25 @@ ccp_resetci(f)
go->bsd_compress = 0;
}
if (go->deflate) {
opt_buf[0] = CI_DEFLATE;
opt_buf[1] = CILEN_DEFLATE;
opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_SIZE);
opt_buf[3] = DEFLATE_CHK_SEQUENCE;
if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0)
if (go->deflate_correct) {
opt_buf[0] = CI_DEFLATE;
opt_buf[1] = CILEN_DEFLATE;
opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_SIZE);
opt_buf[3] = DEFLATE_CHK_SEQUENCE;
if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0)
go->deflate_correct = 0;
}
if (go->deflate_draft) {
opt_buf[0] = CI_DEFLATE_DRAFT;
opt_buf[1] = CILEN_DEFLATE;
opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_SIZE);
opt_buf[3] = DEFLATE_CHK_SEQUENCE;
if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0)
go->deflate_draft = 0;
}
if (!go->deflate_correct && !go->deflate_draft)
go->deflate = 0;
}
#ifdef CI_BADDEFLATE
if (go->baddeflate) {
opt_buf[0] = CI_BADDEFLATE;
opt_buf[1] = CILEN_DEFLATE;
opt_buf[2] = DEFLATE_MAKE_OPT(DEFLATE_MIN_SIZE);
opt_buf[3] = DEFLATE_CHK_SEQUENCE;
if (ccp_test(f->unit, opt_buf, CILEN_DEFLATE, 0) <= 0)
go->baddeflate = 0;
}
#endif
if (go->predictor_1) {
opt_buf[0] = CI_PREDICTOR_1;
opt_buf[1] = CILEN_PREDICTOR_1;
@ -370,9 +362,6 @@ ccp_cilen(f)
return (go->bsd_compress? CILEN_BSD_COMPRESS: 0)
+ (go->deflate? CILEN_DEFLATE: 0)
#ifdef CI_BADDEFLATE
+ (go->baddeflate? CILEN_DEFLATE: 0)
#endif
+ (go->predictor_1? CILEN_PREDICTOR_1: 0)
+ (go->predictor_2? CILEN_PREDICTOR_2: 0);
}
@ -396,7 +385,7 @@ ccp_addci(f, p, lenp)
* in case it gets Acked.
*/
if (go->deflate) {
p[0] = CI_DEFLATE;
p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT;
p[1] = CILEN_DEFLATE;
p[2] = DEFLATE_MAKE_OPT(go->deflate_size);
p[3] = DEFLATE_CHK_SEQUENCE;
@ -413,32 +402,14 @@ ccp_addci(f, p, lenp)
--go->deflate_size;
p[2] = DEFLATE_MAKE_OPT(go->deflate_size);
}
}
#ifdef CI_BADDEFLATE
if (go->baddeflate) {
p[0] = CI_BADDEFLATE;
p[1] = CILEN_DEFLATE;
p[2] = DEFLATE_MAKE_OPT(go->baddeflate_size);
p[3] = DEFLATE_CHK_SEQUENCE;
if (p != p0) {
p += CILEN_DEFLATE; /* not the first option */
} else {
for (;;) {
res = ccp_test(f->unit, p, CILEN_DEFLATE, 0);
if (res > 0) {
p += CILEN_DEFLATE;
break;
}
if (res < 0 || go->baddeflate_size <= DEFLATE_MIN_SIZE) {
go->baddeflate = 0;
break;
}
--go->baddeflate_size;
p[2] = DEFLATE_MAKE_OPT(go->baddeflate_size);
}
if (p != p0 && go->deflate_correct && go->deflate_draft) {
p[0] = CI_DEFLATE_DRAFT;
p[1] = CILEN_DEFLATE;
p[2] = p[2 - CILEN_DEFLATE];
p[3] = DEFLATE_CHK_SEQUENCE;
p += CILEN_DEFLATE;
}
}
#endif
if (go->bsd_compress) {
p[0] = CI_BSD_COMPRESS;
p[1] = CILEN_BSD_COMPRESS;
@ -501,7 +472,8 @@ ccp_ackci(f, p, len)
if (go->deflate) {
if (len < CILEN_DEFLATE
|| p[0] != CI_DEFLATE || p[1] != CILEN_DEFLATE
|| p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
|| p[1] != CILEN_DEFLATE
|| p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
|| p[3] != DEFLATE_CHK_SEQUENCE)
return 0;
@ -510,21 +482,17 @@ ccp_ackci(f, p, len)
/* XXX Cope with first/fast ack */
if (len == 0)
return 1;
if (go->deflate_correct && go->deflate_draft) {
if (len < CILEN_DEFLATE
|| p[0] != CI_DEFLATE_DRAFT
|| p[1] != CILEN_DEFLATE
|| p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
|| p[3] != DEFLATE_CHK_SEQUENCE)
return 0;
p += CILEN_DEFLATE;
len -= CILEN_DEFLATE;
}
}
#ifdef CI_BADDEFLATE
if (go->baddeflate) {
if (len < CILEN_DEFLATE
|| p[0] != CI_BADDEFLATE || p[1] != CILEN_DEFLATE
|| p[2] != DEFLATE_MAKE_OPT(go->baddeflate_size)
|| p[3] != DEFLATE_CHK_SEQUENCE)
return 0;
p += CILEN_DEFLATE;
len -= CILEN_DEFLATE;
/* XXX Cope with first/fast ack */
if (p == p0 && len == 0)
return 1;
}
#endif
if (go->bsd_compress) {
if (len < CILEN_BSD_COMPRESS
|| p[0] != CI_BSD_COMPRESS || p[1] != CILEN_BSD_COMPRESS
@ -580,7 +548,8 @@ ccp_nakci(f, p, len)
try = *go;
if (go->deflate && len >= CILEN_DEFLATE
&& p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) {
&& p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
&& p[1] == CILEN_DEFLATE) {
no.deflate = 1;
/*
* Peer wants us to use a different code size or something.
@ -594,27 +563,14 @@ ccp_nakci(f, p, len)
try.deflate_size = DEFLATE_SIZE(p[2]);
p += CILEN_DEFLATE;
len -= CILEN_DEFLATE;
if (go->deflate_correct && go->deflate_draft
&& len >= CILEN_DEFLATE && p[0] == CI_DEFLATE_DRAFT
&& p[1] == CILEN_DEFLATE) {
p += CILEN_DEFLATE;
len -= CILEN_DEFLATE;
}
}
#ifdef CI_BADDEFLATE
if (go->baddeflate && len >= CILEN_DEFLATE
&& p[0] == CI_BADDEFLATE && p[1] == CILEN_DEFLATE) {
no.baddeflate = 1;
/*
* Peer wants us to use a different code size or something.
* Stop asking for Deflate if we don't understand his suggestion.
*/
if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL
|| DEFLATE_SIZE(p[2]) < DEFLATE_MIN_SIZE
|| p[3] != DEFLATE_CHK_SEQUENCE)
try.baddeflate = 0;
else if (DEFLATE_SIZE(p[2]) < go->baddeflate_size)
try.baddeflate_size = DEFLATE_SIZE(p[2]);
p += CILEN_DEFLATE;
len -= CILEN_DEFLATE;
}
#endif
if (go->bsd_compress && len >= CILEN_BSD_COMPRESS
&& p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) {
no.bsd_compress = 1;
@ -666,25 +622,30 @@ ccp_rejci(f, p, len)
return -1;
if (go->deflate && len >= CILEN_DEFLATE
&& p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) {
&& p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
&& p[1] == CILEN_DEFLATE) {
if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
|| p[3] != DEFLATE_CHK_SEQUENCE)
return 0; /* Rej is bad */
try.deflate = 0;
if (go->deflate_correct)
try.deflate_correct = 0;
else
try.deflate_draft = 0;
p += CILEN_DEFLATE;
len -= CILEN_DEFLATE;
if (go->deflate_correct && go->deflate_draft
&& len >= CILEN_DEFLATE && p[0] == CI_DEFLATE_DRAFT
&& p[1] == CILEN_DEFLATE) {
if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
|| p[3] != DEFLATE_CHK_SEQUENCE)
return 0; /* Rej is bad */
try.deflate_draft = 0;
p += CILEN_DEFLATE;
len -= CILEN_DEFLATE;
}
if (!try.deflate_correct && !try.deflate_draft)
try.deflate = 0;
}
#ifdef CI_BADDEFLATE
if (go->baddeflate && len >= CILEN_DEFLATE
&& p[0] == CI_BADDEFLATE && p[1] == CILEN_DEFLATE) {
if (p[2] != DEFLATE_MAKE_OPT(go->baddeflate_size)
|| p[3] != DEFLATE_CHK_SEQUENCE)
return 0; /* Rej is bad */
try.baddeflate = 0;
p += CILEN_DEFLATE;
len -= CILEN_DEFLATE;
}
#endif
if (go->bsd_compress && len >= CILEN_BSD_COMPRESS
&& p[0] == CI_BSD_COMPRESS && p[1] == CILEN_BSD_COMPRESS) {
if (p[2] != BSD_MAKE_OPT(BSD_CURRENT_VERSION, go->bsd_bits))
@ -753,7 +714,10 @@ ccp_reqci(f, p, lenp, dont_nak)
switch (type) {
case CI_DEFLATE:
if (!ao->deflate || clen != CILEN_DEFLATE) {
case CI_DEFLATE_DRAFT:
if (!ao->deflate || clen != CILEN_DEFLATE
|| (!ao->deflate_correct && type == CI_DEFLATE)
|| (!ao->deflate_draft && type == CI_DEFLATE_DRAFT)) {
newret = CONFREJ;
break;
}
@ -795,51 +759,6 @@ ccp_reqci(f, p, lenp, dont_nak)
}
break;
#ifdef CI_BADDEFLATE
case CI_BADDEFLATE:
if (!ao->baddeflate || clen != CILEN_DEFLATE) {
newret = CONFREJ;
break;
}
ho->baddeflate = 1;
ho->baddeflate_size = nb = DEFLATE_SIZE(p[2]);
if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL
|| p[3] != DEFLATE_CHK_SEQUENCE
|| nb > ao->baddeflate_size || nb < DEFLATE_MIN_SIZE) {
newret = CONFNAK;
if (!dont_nak) {
p[2] = DEFLATE_MAKE_OPT(ao->baddeflate_size);
p[3] = DEFLATE_CHK_SEQUENCE;
/* fall through to test this #bits below */
} else
break;
}
/*
* Check whether we can do Deflate with the window
* size they want. If the window is too big, reduce
* it until the kernel can cope and nak with that.
* We only check this for the first option.
*/
if (p == p0) {
for (;;) {
res = ccp_test(f->unit, p, CILEN_DEFLATE, 1);
if (res > 0)
break; /* it's OK now */
if (res < 0 || nb == DEFLATE_MIN_SIZE || dont_nak) {
newret = CONFREJ;
p[2] = DEFLATE_MAKE_OPT(ho->baddeflate_size);
break;
}
newret = CONFNAK;
--nb;
p[2] = DEFLATE_MAKE_OPT(nb);
}
}
break;
#endif
case CI_BSD_COMPRESS:
if (!ao->bsd_compress || clen != CILEN_BSD_COMPRESS) {
newret = CONFREJ;
@ -951,21 +870,16 @@ method_name(opt, opt2)
return "(none)";
switch (opt->method) {
case CI_DEFLATE:
case CI_DEFLATE_DRAFT:
if (opt2 != NULL && opt2->deflate_size != opt->deflate_size)
sprintf(result, "Deflate (%d/%d)", opt->deflate_size,
opt2->deflate_size);
sprintf(result, "Deflate%s (%d/%d)",
(opt->method == CI_DEFLATE_DRAFT? "(old#)": ""),
opt->deflate_size, opt2->deflate_size);
else
sprintf(result, "Deflate (%d)", opt->deflate_size);
sprintf(result, "Deflate%s (%d)",
(opt->method == CI_DEFLATE_DRAFT? "(old#)": ""),
opt->deflate_size);
break;
#ifdef CI_BADDEFLATE
case CI_BADDEFLATE:
if (opt2 != NULL && opt2->baddeflate_size != opt->baddeflate_size)
sprintf(result, "Bad-Deflate (%d/%d)", opt->baddeflate_size,
opt2->baddeflate_size);
else
sprintf(result, "Bad-Deflate (%d)", opt->baddeflate_size);
break;
#endif
case CI_BSD_COMPRESS:
if (opt2 != NULL && opt2->bsd_bits != opt->bsd_bits)
sprintf(result, "BSD-Compress (%d/%d)", opt->bsd_bits,
@ -1081,8 +995,11 @@ ccp_printpkt(p, plen, printer, arg)
optend = p + optlen;
switch (code) {
case CI_DEFLATE:
case CI_DEFLATE_DRAFT:
if (optlen >= CILEN_DEFLATE) {
printer(arg, "deflate %d", DEFLATE_SIZE(p[2]));
printer(arg, "deflate%s %d",
(code == CI_DEFLATE_DRAFT? "(old#)": ""),
DEFLATE_SIZE(p[2]));
if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL)
printer(arg, " method %d", DEFLATE_METHOD(p[2]));
if (p[3] != DEFLATE_CHK_SEQUENCE)
@ -1090,18 +1007,6 @@ ccp_printpkt(p, plen, printer, arg)
p += CILEN_DEFLATE;
}
break;
#ifdef CI_BADDEFLATE
case CI_BADDEFLATE:
if (optlen >= CILEN_DEFLATE) {
printer(arg, "baddeflate %d", DEFLATE_SIZE(p[2]));
if (DEFLATE_METHOD(p[2]) != DEFLATE_METHOD_VAL)
printer(arg, " method %d", DEFLATE_METHOD(p[2]));
if (p[3] != DEFLATE_CHK_SEQUENCE)
printer(arg, " check %d", p[3]);
p += CILEN_DEFLATE;
}
break;
#endif
case CI_BSD_COMPRESS:
if (optlen >= CILEN_BSD_COMPRESS) {
printer(arg, "bsd v%d %d", BSD_VERSION(p[2]),

4
usr.sbin/pppd/ccp.h
View File

@ -24,7 +24,7 @@
* OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS,
* OR MODIFICATIONS.
*
* $Id: ccp.h,v 1.5 1997/08/19 17:52:33 peter Exp $
* $Id: ccp.h,v 1.6 1998/03/22 06:57:19 peter Exp $
*/
typedef struct ccp_options {
@ -33,6 +33,8 @@ typedef struct ccp_options {
u_int baddeflate: 1; /* do Deflate? (Magnalink!) */
u_int predictor_1: 1; /* do Predictor-1? */
u_int predictor_2: 1; /* do Predictor-2? */
u_int deflate_correct: 1; /* use correct code for deflate? */
u_int deflate_draft: 1; /* use draft RFC code for deflate? */
u_short bsd_bits; /* # bits/code for BSD Compress */
u_short deflate_size; /* lg(window size) for Deflate */
u_short baddeflate_size; /* lg(window size) for Deflate */

6
usr.sbin/pppd/chap_ms.c
View File

@ -32,7 +32,7 @@
*/
#ifndef lint
static char rcsid[] = "$Id: chap_ms.c,v 1.3 1997/08/19 17:52:35 peter Exp $";
static char rcsid[] = "$Id: chap_ms.c,v 1.4 1998/03/22 05:32:48 peter Exp $";
#endif
#ifdef CHAPMS
@ -44,6 +44,9 @@ static char rcsid[] = "$Id: chap_ms.c,v 1.3 1997/08/19 17:52:35 peter Exp $";
#include <sys/time.h>
#include <syslog.h>
#include <unistd.h>
#ifdef HAVE_CRYPT_H
#include <crypt.h>
#endif
#include "pppd.h"
#include "chap.h"
@ -255,7 +258,6 @@ ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, response)
MD4_CTX md4Context;
u_char hash[MD4_SIGNATURE_SIZE];
u_char unicodePassword[MAX_NT_PASSWORD * 2];
static int low_byte_first = -1;
/* Initialize the Unicode version of the secret (== password). */
/* This implicitly supports 8-bit ISO8859/1 characters. */

14
usr.sbin/pppd/ipcp.c
View File

@ -18,7 +18,7 @@
*/
#ifndef lint
static char rcsid[] = "$Id: ipcp.c,v 1.9 1997/08/19 17:52:38 peter Exp $";
static char rcsid[] = "$Id: ipcp.c,v 1.10 1997/08/22 12:03:54 peter Exp $";
#endif
/*
@ -1157,6 +1157,8 @@ ipcp_up(f)
ipcp_close(f->unit, "Could not determine local IP address");
return;
}
script_setenv("IPLOCAL", ip_ntoa(go->ouraddr));
script_setenv("IPREMOTE", ip_ntoa(ho->hisaddr));
/*
* Check that the peer is allowed to use the IP address it wants.
@ -1409,9 +1411,9 @@ ipcp_printpkt(p, plen, printer, arg)
if (olen == CILEN_ADDRS) {
p += 2;
GETLONG(cilong, p);
printer(arg, "addrs %s", ip_ntoa(htonl(cilong)));
printer(arg, "addrs %I", htonl(cilong));
GETLONG(cilong, p);
printer(arg, " %s", ip_ntoa(htonl(cilong)));
printer(arg, " %I", htonl(cilong));
}
break;
case CI_COMPRESSTYPE:
@ -1435,20 +1437,20 @@ ipcp_printpkt(p, plen, printer, arg)
if (olen == CILEN_ADDR) {
p += 2;
GETLONG(cilong, p);
printer(arg, "addr %s", ip_ntoa(htonl(cilong)));
printer(arg, "addr %I", htonl(cilong));
}
break;
case CI_MS_DNS1:
case CI_MS_DNS2:
p += 2;
GETLONG(cilong, p);
printer(arg, "dns-addr %s", ip_ntoa(htonl(cilong)));
printer(arg, "ms-dns %I", htonl(cilong));
break;
case CI_MS_WINS1:
case CI_MS_WINS2:
p += 2;
GETLONG(cilong, p);
printer(arg, "wins-addr %s", ip_ntoa(htonl(cilong)));
printer(arg, "ms-wins %I", htonl(cilong));
break;
}
while (p < optend) {

6
usr.sbin/pppd/ipcp.h
View File

@ -16,7 +16,7 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $Id$
* $Id: ipcp.h,v 1.8 1997/08/19 17:52:38 peter Exp $
*/
/*
@ -26,10 +26,10 @@
#define CI_COMPRESSTYPE 2 /* Compression Type */
#define CI_ADDR 3
#define CI_MS_WINS1 128 /* Primary WINS value */
#define CI_MS_DNS1 129 /* Primary DNS value */
#define CI_MS_WINS2 130 /* Secondary WINS value */
#define CI_MS_WINS1 130 /* Primary WINS value */
#define CI_MS_DNS2 131 /* Secondary DNS value */
#define CI_MS_WINS2 132 /* Secondary WINS value */
#define MAX_STATES 16 /* from slcompress.h */

23
usr.sbin/pppd/ipxcp.c
View File

@ -19,7 +19,7 @@
#ifdef IPX_CHANGE
#ifndef lint
static char rcsid[] = "$Id$";
static char rcsid[] = "$Id: ipxcp.c,v 1.3 1997/08/19 17:52:39 peter Exp $";
#endif
/*
@ -163,7 +163,7 @@ ipx_ntoa(ipxaddr)
u_int32_t ipxaddr;
{
static char b[64];
sprintf(b, "%lx", ipxaddr);
sprintf(b, "%x", ipxaddr);
return b;
}
@ -336,9 +336,6 @@ static void
ipxcp_resetci(f)
fsm *f;
{
u_int32_t network;
int unit = f->unit;
wo->req_node = wo->neg_node && ao->neg_node;
wo->req_nn = wo->neg_nn && ao->neg_nn;
@ -387,7 +384,6 @@ static int
ipxcp_cilen(f)
fsm *f;
{
int unit = f->unit;
int len;
len = go->neg_nn ? CILEN_NETN : 0;
@ -411,8 +407,6 @@ ipxcp_addci(f, ucp, lenp)
u_char *ucp;
int *lenp;
{
int len = *lenp;
int unit = f->unit;
/*
* Add the options to the record.
*/
@ -462,7 +456,6 @@ ipxcp_ackci(f, p, len)
u_char *p;
int len;
{
int unit = f->unit;
u_short cilen, citype, cishort;
u_char cichar;
u_int32_t cilong;
@ -571,7 +564,6 @@ ipxcp_nakci(f, p, len)
u_char *p;
int len;
{
int unit = f->unit;
u_char citype, cilen, *next;
u_short s;
u_int32_t l;
@ -690,7 +682,6 @@ ipxcp_rejci(f, p, len)
u_char *p;
int len;
{
int unit = f->unit;
u_short cilen, citype, cishort;
u_char cichar;
u_int32_t cilong;
@ -807,17 +798,15 @@ ipxcp_reqci(f, inp, len, reject_if_disagree)
int *len; /* Length of requested CIs */
int reject_if_disagree;
{
int unit = f->unit;
u_char *cip, *next; /* Pointer to current and next CIs */
u_short cilen, citype; /* Parsed len, type */
u_short cishort, ts; /* Parsed short value */
u_int32_t tl, cinetwork, outnet;/* Parsed address values */
u_short cishort; /* Parsed short value */
u_int32_t cinetwork; /* Parsed address values */
int rc = CONFACK; /* Final packet return code */
int orc; /* Individual option return code */
u_char *p; /* Pointer to next char to parse */
u_char *ucp = inp; /* Pointer to current output char */
int l = *len; /* Length left */
u_char maxslotindex, cflag;
/*
* Reset all his options.
@ -1094,7 +1083,6 @@ endswitch:
if (rc != CONFREJ && !ho->neg_node &&
wo->req_nn && !reject_if_disagree) {
u_char *ps;
if (rc == CONFACK) {
rc = CONFNAK;
wo->req_nn = 0; /* don't ask again */
@ -1197,8 +1185,6 @@ static void
ipxcp_down(f)
fsm *f;
{
u_int32_t ournn, network;
IPXCPDEBUG((LOG_INFO, "ipxcp: down"));
cipxfaddr (f->unit);
@ -1216,7 +1202,6 @@ ipxcp_script(f, script)
fsm *f;
char *script;
{
int unit = f->unit;
char strspeed[32], strlocal[32], strremote[32];
char strnetwork[32], strpid[32];
char *argv[14], strproto_lcl[32], strproto_rmt[32];

4
usr.sbin/pppd/magic.c
View File

@ -18,7 +18,7 @@
*/
#ifndef lint
static char rcsid[] = "$Id$";
static char rcsid[] = "$Id: magic.c,v 1.6 1997/08/19 17:52:42 peter Exp $";
#endif
#include <stdio.h>
@ -46,7 +46,7 @@ magic_init()
struct timeval t;
gettimeofday(&t, NULL);
seed = gethostid() ^ t.tv_sec ^ t.tv_usec ^ getpid();
seed = get_host_seed() ^ t.tv_sec ^ t.tv_usec ^ getpid();
srand48(seed);
}

181
usr.sbin/pppd/main.c
View File

@ -18,7 +18,7 @@
*/
#ifndef lint
static char rcsid[] = "$Id: main.c,v 1.15 1997/10/10 09:28:37 peter Exp $";
static char rcsid[] = "$Id: main.c,v 1.16 1998/03/22 05:33:00 peter Exp $";
#endif
#include <stdio.h>
@ -88,11 +88,14 @@ int baud_rate; /* Actual bits/second for serial device */
int hungup; /* terminal has been hung up */
int privileged; /* we're running as real uid root */
int need_holdoff; /* need holdoff period before restarting */
int detached; /* have detached from terminal */
int phase; /* where the link is at */
int kill_link;
int open_ccp_flag;
int redirect_stderr; /* Connector's stderr should go to file */
char **script_env; /* Env. variable values for scripts */
int s_env_nalloc; /* # words avail at script_env */
u_char outpacket_buf[PPP_MRU+PPP_HDRLEN]; /* buffer for outgoing packet */
u_char inpacket_buf[PPP_MRU+PPP_HDRLEN]; /* buffer for incoming packet */
@ -105,6 +108,7 @@ char *no_ppp_msg = "Sorry - this system lacks PPP kernel support\n";
/* Prototypes for procedures local to this file. */
static void create_pidfile __P((void));
static void cleanup __P((void));
static void close_tty __P((void));
static void get_input __P((void));
@ -165,7 +169,6 @@ main(argc, argv)
{
int i, n, fdflags;
struct sigaction sa;
FILE *pidfile;
FILE *iffile;
char *p;
struct passwd *pw;
@ -174,6 +177,7 @@ main(argc, argv)
struct protent *protp;
struct stat statbuf;
int connect_attempts = 0;
char numbuf[16];
phase = PHASE_INITIALIZE;
p = ttyname(0);
@ -181,6 +185,8 @@ main(argc, argv)
strcpy(devnam, p);
strcpy(default_devnam, devnam);
script_env = NULL;
/* Initialize syslog facilities */
#ifdef ULTRIX
openlog("pppd", LOG_PID);
@ -197,6 +203,8 @@ main(argc, argv)
uid = getuid();
privileged = uid == 0;
sprintf(numbuf, "%d", uid);
script_setenv("UID", numbuf);
/*
* Initialize to the standard option set, then parse, in order,
@ -205,7 +213,7 @@ main(argc, argv)
*/
for (i = 0; (protp = protocols[i]) != NULL; ++i)
(*protp->init)(0);
progname = *argv;
if (!options_from_file(_PATH_SYSOPTIONS, !privileged, 0, 1)
@ -243,13 +251,18 @@ main(argc, argv)
exit(1);
}
script_setenv("DEVICE", devnam);
sprintf(numbuf, "%d", baud_rate);
script_setenv("SPEED", numbuf);
/*
* If the user has specified the default device name explicitly,
* pretend they hadn't.
*/
if (!default_device && strcmp(devnam, default_devnam) == 0)
default_device = 1;
redirect_stderr = !nodetach || default_device;
if (default_device)
nodetach = 1;
/*
* Initialize system-dependent stuff and magic number package.
@ -263,10 +276,8 @@ main(argc, argv)
* Detach ourselves from the terminal, if required,
* and identify who is running us.
*/
if (!default_device && !nodetach && daemon(0, 0) < 0) {
perror("Couldn't detach from controlling terminal");
exit(1);
}
if (nodetach == 0)
detach();
pid = getpid();
p = getlogin();
stime = time((time_t *) NULL);
@ -366,16 +377,9 @@ main(argc, argv)
syslog(LOG_INFO, "Using interface ppp%d", ifunit);
(void) sprintf(ifname, "ppp%d", ifunit);
script_setenv("IFNAME", ifname);
/* write pid to file */
(void) sprintf(pidfilename, "%s%s.pid", _PATH_VARRUN, ifname);
if ((pidfile = fopen(pidfilename, "w")) != NULL) {
fprintf(pidfile, "%d\n", pid);
(void) fclose(pidfile);
} else {
syslog(LOG_ERR, "Failed to create pid file %s: %m", pidfilename);
pidfilename[0] = 0;
}
create_pidfile(); /* write pid to file */
/*
* Configure the interface and mark it up, etc.
@ -519,16 +523,7 @@ main(argc, argv)
syslog(LOG_INFO, "Using interface ppp%d", ifunit);
(void) sprintf(ifname, "ppp%d", ifunit);
/* write pid to file */
(void) sprintf(pidfilename, "%s%s.pid", _PATH_VARRUN, ifname);
if ((pidfile = fopen(pidfilename, "w")) != NULL) {
fprintf(pidfile, "%d\n", pid);
(void) fclose(pidfile);
} else {
syslog(LOG_ERR, "Failed to create pid file %s: %m",
pidfilename);
pidfilename[0] = 0;
}
create_pidfile(); /* write pid to file */
/* write interface unit number to file */
for (n = strlen(devnam); n > 0 ; n--)
@ -544,6 +539,8 @@ main(argc, argv)
syslog(LOG_ERR, "Failed to create if file %s: %m", iffilename);
iffilename[0] = 0;
}
script_setenv("IFNAME", ifname);
}
/*
@ -645,6 +642,43 @@ main(argc, argv)
return 0;
}
/*
* detach - detach us from the controlling terminal.
*/
void
detach()
{
if (detached)
return;
if (daemon(0, 0) < 0) {
perror("Couldn't detach from controlling terminal");
die(1);
}
detached = 1;
pid = getpid();
/* update pid file if it has been written already */
if (pidfilename[0])
create_pidfile();
}
/*
* Create a file containing our process ID.
*/
static void
create_pidfile()
{
FILE *pidfile;
(void) sprintf(pidfilename, "%s%s.pid", _PATH_VARRUN, ifname);
if ((pidfile = fopen(pidfilename, "w")) != NULL) {
fprintf(pidfile, "%d\n", pid);
(void) fclose(pidfile);
} else {
syslog(LOG_ERR, "Failed to create pid file %s: %m", pidfilename);
pidfilename[0] = 0;
}
}
/*
* holdoff_end - called via a timeout when the holdoff period ends.
*/
@ -1041,6 +1075,11 @@ static void
bad_signal(sig)
int sig;
{
static int crashed = 0;
if (crashed)
_exit(127);
crashed = 1;
syslog(LOG_ERR, "Fatal signal %d", sig);
if (conn_running)
kill_my_pg(SIGTERM);
@ -1091,9 +1130,9 @@ device_script(program, in, out)
close(out);
}
}
if (redirect_stderr) {
if (nodetach == 0) {
close(2);
errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0644);
errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0600);
if (errfd >= 0 && errfd != 2) {
dup2(errfd, 2);
close(errfd);
@ -1132,7 +1171,6 @@ run_program(prog, args, must_exist)
int must_exist;
{
int pid;
char *nullenv[1];
pid = fork();
if (pid == -1) {
@ -1177,8 +1215,7 @@ run_program(prog, args, must_exist)
/* SysV recommends a second fork at this point. */
/* run the program; give it a null environment */
nullenv[0] = NULL;
execve(prog, args, nullenv);
execve(prog, args, script_env);
if (must_exist || errno != ENOENT)
syslog(LOG_WARNING, "Can't execute %s: %m", prog);
_exit(-1);
@ -1293,10 +1330,9 @@ pr_log __V((void *arg, char *fmt, ...))
fmt = va_arg(pvar, char *);
#endif
vsprintf(buf, fmt, pvar);
n = vfmtmsg(buf, sizeof(buf), fmt, pvar);
va_end(pvar);
n = strlen(buf);
if (linep + n + 1 > line + sizeof(line)) {
syslog(LOG_DEBUG, "%s", line);
linep = line;
@ -1603,3 +1639,78 @@ vfmtmsg(buf, buflen, fmt, args)
*buf = 0;
return buf - buf0;
}
/*
* script_setenv - set an environment variable value to be used
* for scripts that we run (e.g. ip-up, auth-up, etc.)
*/
void
script_setenv(var, value)
char *var, *value;
{
int vl = strlen(var);
int i;
char *p, *newstring;
newstring = (char *) malloc(vl + strlen(value) + 2);
if (newstring == 0)
return;
strcpy(newstring, var);
newstring[vl] = '=';
strcpy(newstring+vl+1, value);
/* check if this variable is already set */
if (script_env != 0) {
for (i = 0; (p = script_env[i]) != 0; ++i) {
if (strncmp(p, var, vl) == 0 && p[vl] == '=') {
free(p);
script_env[i] = newstring;
return;
}
}
} else {
i = 0;
script_env = (char **) malloc(16 * sizeof(char *));
if (script_env == 0)
return;
s_env_nalloc = 16;
}
/* reallocate script_env with more space if needed */
if (i + 1 >= s_env_nalloc) {
int new_n = i + 17;
char **newenv = (char **) realloc((void *)script_env,
new_n * sizeof(char *));
if (newenv == 0)
return;
script_env = newenv;
s_env_nalloc = new_n;
}
script_env[i] = newstring;
script_env[i+1] = 0;
}
/*
* script_unsetenv - remove a variable from the environment
* for scripts.
*/
void
script_unsetenv(var)
char *var;
{
int vl = strlen(var);
int i;
char *p;
if (script_env == 0)
return;
for (i = 0; (p = script_env[i]) != 0; ++i) {
if (strncmp(p, var, vl) == 0 && p[vl] == '=') {
free(p);
while ((script_env[i] = script_env[i+1]) != 0)
++i;
break;
}
}
}

44
usr.sbin/pppd/options.c
View File

@ -18,7 +18,7 @@
*/
#ifndef lint
static char rcsid[] = "$Id: options.c,v 1.17 1998/03/22 05:33:03 peter Exp $";
static char rcsid[] = "$Id: options.c,v 1.18 1998/03/22 06:57:20 peter Exp $";
#endif
#include <ctype.h>
@ -174,6 +174,7 @@ static int setcrtscts __P((char **));
static int setnocrtscts __P((char **));
static int setxonxoff __P((char **));
static int setnodetach __P((char **));
static int setupdetach __P((char **));
static int setmodem __P((char **));
static int setlocal __P((char **));
static int setlock __P((char **));
@ -216,7 +217,7 @@ static int setbsdcomp __P((char **));
static int setnobsdcomp __P((char **));
static int setdeflate __P((char **));
static int setnodeflate __P((char **));
static int setnobaddeflate __P((char **));
static int setnodeflatedraft __P((char **));
static int setdemand __P((char **));
static int setpred1comp __P((char **));
static int setnopred1comp __P((char **));
@ -276,6 +277,7 @@ static struct cmd {
{"-d", 0, setdebug}, /* Increase debugging level */
{"nodetach", 0, setnodetach}, /* Don't detach from controlling tty */
{"-detach", 0, setnodetach}, /* don't fork */
{"updetach", 0, setupdetach}, /* Detach once an NP has come up */
{"noip", 0, noip}, /* Disable IP and IPCP */
{"-ip", 0, noip}, /* Disable IP and IPCP */
{"nomagic", 0, nomagicnumber}, /* Disable magic number negotiation */
@ -371,8 +373,7 @@ static struct cmd {
{"deflate", 1, setdeflate}, /* request Deflate compression */
{"nodeflate", 0, setnodeflate}, /* don't allow Deflate compression */
{"-deflate", 0, setnodeflate}, /* don't allow Deflate compression */
{"nobaddeflate", 0, setnobaddeflate}, /* don't allow (wrong) Deflate */
{"-baddeflate", 0, setnobaddeflate}, /* don't allow (wrong) Deflate */
{"nodeflatedraft", 0, setnodeflatedraft}, /* don't use draft deflate # */
{"predictor1", 0, setpred1comp}, /* request Predictor-1 */
{"nopredictor1", 0, setnopred1comp},/* don't allow Predictor-1 */
{"-predictor1", 0, setnopred1comp}, /* don't allow Predictor-1 */
@ -1854,6 +1855,14 @@ setnodetach(argv)
return (1);
}
static int
setupdetach(argv)
char **argv;
{
nodetach = -1;
return (1);
}
static int
setdemand(argv)
char **argv;
@ -2243,11 +2252,11 @@ setnodeflate(argv)
}
static int
setnobaddeflate(argv)
setnodeflatedraft(argv)
char **argv;
{
ccp_wantoptions[0].baddeflate = 0;
ccp_allowoptions[0].baddeflate = 0;
ccp_wantoptions[0].deflate_draft = 0;
ccp_allowoptions[0].deflate_draft = 0;
return 1;
}
@ -2322,11 +2331,12 @@ setdnsaddr(argv)
dns = *(u_int32_t *)hp->h_addr;
}
if (ipcp_allowoptions[0].dnsaddr[0] == 0) {
/* if there is no primary then update it. */
if (ipcp_allowoptions[0].dnsaddr[0] == 0)
ipcp_allowoptions[0].dnsaddr[0] = dns;
} else {
ipcp_allowoptions[0].dnsaddr[1] = dns;
}
/* always set the secondary address value to the same value. */
ipcp_allowoptions[0].dnsaddr[1] = dns;
return (1);
}
@ -2353,11 +2363,12 @@ setwinsaddr(argv)
wins = *(u_int32_t *)hp->h_addr;
}
if (ipcp_allowoptions[0].winsaddr[0] == 0) {
/* if there is no primary then update it. */
if (ipcp_allowoptions[0].winsaddr[0] == 0)
ipcp_allowoptions[0].winsaddr[0] = wins;
} else {
ipcp_allowoptions[0].winsaddr[1] = wins;
}
/* always set the secondary address value to the same value. */
ipcp_allowoptions[0].winsaddr[1] = wins;
return (1);
}
@ -2453,6 +2464,7 @@ setipxanet(argv)
{
ipxcp_wantoptions[0].accept_network = 1;
ipxcp_allowoptions[0].accept_network = 1;
return 1;
}
static int
@ -2461,6 +2473,7 @@ setipxalcl(argv)
{
ipxcp_wantoptions[0].accept_local = 1;
ipxcp_allowoptions[0].accept_local = 1;
return 1;
}
static int
@ -2469,6 +2482,7 @@ setipxarmt(argv)
{
ipxcp_wantoptions[0].accept_remote = 1;
ipxcp_allowoptions[0].accept_remote = 1;
return 1;
}
static u_char *

6
usr.sbin/pppd/patchlevel.h
View File

@ -1,6 +1,6 @@
/* $Id: patchlevel.h,v 1.7 1997/08/22 12:03:57 peter Exp $ */
#define PATCHLEVEL 3
/* $Id: patchlevel.h,v 1.8 1998/03/22 05:33:05 peter Exp $ */
#define PATCHLEVEL 5
#define VERSION "2.3"
#define IMPLEMENTATION ""
#define DATE "11 December 1997"
#define DATE "4 May 1998"

85
usr.sbin/pppd/pppd.8
View File

@ -1,5 +1,5 @@
.\" manual page [] for pppd 2.3
.\" $Id: pppd.8,v 1.16 1997/10/10 09:28:38 peter Exp $
.\" $Id: pppd.8,v 1.17 1997/10/18 01:29:18 peter Exp $
.\" SH section heading
.\" SS subsection heading
.\" LP paragraph
@ -654,7 +654,7 @@ the initial /dev/ is removed from the terminal name, and any remaining
.PP
An options file is parsed into a series of words, delimited by
whitespace. Whitespace can be included in a word by enclosing the
word in quotes ("). A backslash (\\) quotes the following character.
word in double-quotes ("). A backslash (\\) quotes the following character.
A hash (#) starts a comment, which continues until the end of the
line. There is no restriction on using the \fIfile\fR or \fIcall\fR
options within an options file.
@ -965,10 +965,46 @@ causes other debugging messages to be logged.
.LP
Debugging can also be enabled or disabled by sending a SIGUSR1 signal
to the pppd process. This signal acts as a toggle.
.SH FILES
.SH SCRIPTS
Pppd invokes scripts at various stages in its processing which can be
used to perform site-specific ancillary processing. These scripts are
usually shell scripts, but could be executable code files instead.
Pppd does not wait for the scripts to finish. The scripts are
executed as root (with the real and effective user-id set to 0), so
that they can do things such as update routing tables or run
privileged daemons. Be careful that the contents of these scripts do
not compromise your system's security. Pppd runs the scripts with
standard input, output and error redirected to /dev/null, and with an
environment that is empty except for some environment variables that
give information about the link. The environment variables that pppd
sets are:
.TP
.B /var/run/ppp\fIn\fB.pid \fR(BSD or Linux), \fB/etc/ppp/ppp\fIn\fB.pid \fR(others)
Process-ID for pppd process on ppp interface unit \fIn\fR.
.B DEVICE
The name of the serial tty device being used.
.TP
.B IFNAME
The name of the network interface being used.
.TP
.B IPLOCAL
The IP address for the local end of the link. This is only set when
IPCP has come up.
.TP
.B IPREMOTE
The IP address for the remote end of the link. This is only set when
IPCP has come up.
.TP
.B PEERNAME
The authenticated name of the peer. This is only set if the peer
authenticates itself.
.TP
.B SPEED
The baud rate of the tty device.
.TP
.B UID
The real user-id of the user who invoked pppd.
.P
Pppd invokes the following scripts, if they exist. It is not an error
if they don't exist.
.TP
.B /etc/ppp/auth-up
A program or script which is executed after the remote system
@ -976,11 +1012,8 @@ successfully authenticates itself. It is executed with the parameters
.IP
\fIinterface-name peer-name user-name tty-device speed\fR
.IP
and with its standard input, output and error redirected to
/dev/null. This program or script is executed with the real and
effective user-IDs set to root, and with an empty environment. (Note
that this script is not executed if the peer doesn't authenticate
itself, for example when the \fInoauth\fR option is used.)
Note that this script is not executed if the peer doesn't authenticate
itself, for example when the \fInoauth\fR option is used.
.TP
.B /etc/ppp/auth-down
A program or script which is executed when the link goes down, if
@ -994,25 +1027,13 @@ executed with the parameters
.IP
\fIinterface-name tty-device speed local-IP-address
remote-IP-address ipparam\fR
.IP
and with its standard input,
output and error streams redirected to /dev/null.
.IP
This program or script is executed with the real and effective
user-IDs set to root. This is so that it can be used to manipulate
routes, run privileged daemons (e.g. \fIsendmail\fR), etc. Be
careful that the contents of the /etc/ppp/ip-up and /etc/ppp/ip-down
scripts do not compromise your system's security.
.IP
This program or script is executed with an empty environment, so you
must either specify a PATH or use full pathnames.
.TP
.B /etc/ppp/ip-down
A program or script which is executed when the link is no longer
available for sending and receiving IP packets. This script can be
used for undoing the effects of the /etc/ppp/ip-up script. It is
invoked in the same manner and with the same parameters as the ip-up
script, and the same security considerations apply.
script.
.TP
.B /etc/ppp/ipx-up
A program or script which is executed when the link is available for
@ -1023,10 +1044,6 @@ executed with the parameters
remote-IPX-node-address local-IPX-routing-protocol remote-IPX-routing-protocol
local-IPX-router-name remote-IPX-router-name ipparam pppd-pid\fR
.IP
and with its standard input,
output and error streams redirected to /dev/null.
.br
.IP
The local-IPX-routing-protocol and remote-IPX-routing-protocol field
may be one of the following:
.IP
@ -1037,21 +1054,17 @@ RIP to indicate that RIP/SAP should be used
NLSP to indicate that Novell NLSP should be used
.br
RIP NLSP to indicate that both RIP/SAP and NLSP should be used
.br
.IP
This program or script is executed with the real and effective
user-IDs set to root, and with an empty environment. This is so
that it can be used to manipulate routes, run privileged daemons (e.g.
\fIripd\fR), etc. Be careful that the contents of the /etc/ppp/ipx-up
and /etc/ppp/ipx-down scripts do not compromise your system's
security.
.TP
.B /etc/ppp/ipx-down
A program or script which is executed when the link is no longer
available for sending and receiving IPX packets. This script can be
used for undoing the effects of the /etc/ppp/ipx-up script. It is
invoked in the same manner and with the same parameters as the ipx-up
script, and the same security considerations apply.
script.
.SH FILES
.TP
.B /var/run/ppp\fIn\fB.pid \fR(BSD or Linux), \fB/etc/ppp/ppp\fIn\fB.pid \fR(others)
Process-ID for pppd process on ppp interface unit \fIn\fR.
.TP
.B /etc/ppp/pap-secrets
Usernames, passwords and IP addresses for PAP authentication. This

8
usr.sbin/pppd/pppd.h
View File

@ -16,7 +16,7 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* $Id: pppd.h,v 1.10 1997/10/10 06:02:57 peter Exp $
* $Id: pppd.h,v 1.11 1997/10/10 09:28:38 peter Exp $
*/
/*
@ -68,6 +68,8 @@ extern int redirect_stderr;/* Connector's stderr should go to file */
extern char peer_authname[];/* Authenticated name of peer */
extern int privileged; /* We were run by real-uid root */
extern int need_holdoff; /* Need holdoff period after link terminates */
extern char **script_env; /* Environment variables for scripts */
extern int detached; /* Have detached from controlling tty */
/*
* Variables set by command-line options.
@ -176,6 +178,7 @@ extern struct protent *protocols[];
*/
/* Procedures exported from main.c. */
void detach __P((void)); /* Detach from controlling tty */
void die __P((int)); /* Cleanup and exit */
void quit __P((void)); /* like die(1) */
void novm __P((char *)); /* Say we ran out of memory, and die */
@ -195,6 +198,8 @@ void print_string __P((char *, int, void (*) (void *, char *, ...),
void *)); /* Format a string for output */
int fmtmsg __P((char *, int, char *, ...)); /* sprintf++ */
int vfmtmsg __P((char *, int, char *, va_list)); /* vsprintf++ */
void script_setenv __P((char *, char *)); /* set script env var */
void script_unsetenv __P((char *)); /* unset script env var */
/* Procedures exported from auth.c */
void link_required __P((int)); /* we are starting to use the link */
@ -294,6 +299,7 @@ void unlock __P((void)); /* Delete previously-created lock file */
int daemon __P((int, int)); /* Detach us from terminal session */
void logwtmp __P((const char *, const char *, const char *));
/* Write entry to wtmp file */
int get_host_seed __P((void)); /* Get host-dependent random number seed */
#ifdef PPP_FILTER
int set_filters __P((struct bpf_program *pass, struct bpf_program *active));
/* Set filter programs in kernel */

14
usr.sbin/pppd/sys-bsd.c
View File

@ -21,7 +21,7 @@
*/
#ifndef lint
static char rcsid[] = "$Id: sys-bsd.c,v 1.12 1998/01/16 17:38:53 bde Exp $";
static char rcsid[] = "$Id: sys-bsd.c,v 1.13 1998/03/22 05:33:08 peter Exp $";
#endif
/* $NetBSD: sys-bsd.c,v 1.1.1.3 1997/09/26 18:53:04 christos Exp $ */
@ -68,6 +68,9 @@ static char rcsid[] = "$Id: sys-bsd.c,v 1.12 1998/01/16 17:38:53 bde Exp $";
#if (NetBSD >= 199703)
#include <netinet/if_inarp.h>
#else /* NetBSD 1.2D or later */
#ifdef __FreeBSD__
#include <netinet/if_ether.h>
#else
#include <net/if_ether.h>
#endif
#else
@ -1498,6 +1501,15 @@ GetMask(addr)
return mask;
}
/*
* Use the hostid as part of the random number seed.
*/
int
get_host_seed()
{
return gethostid();
}
/*
* lock - create a lock file for the named lock device
*/