diff options
author | Peter Wemm <peter@FreeBSD.org> | 1998-03-21 18:01:50 +0000 |
---|---|---|
committer | Peter Wemm <peter@FreeBSD.org> | 1998-03-21 18:01:50 +0000 |
commit | 6f761d931465c47e1b208bae6f54de57455e6099 (patch) | |
tree | 0b13420261a5c83650ca75925d6592070be46ea7 /usr.sbin | |
parent | fb04b031b09925b2f4ea149752acde144f11ca0e (diff) |
Notes
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/pppd/auth.c | 44 | ||||
-rw-r--r-- | usr.sbin/pppd/chap.c | 7 | ||||
-rw-r--r-- | usr.sbin/pppd/chap_ms.c | 34 | ||||
-rw-r--r-- | usr.sbin/pppd/chap_ms.h | 3 | ||||
-rw-r--r-- | usr.sbin/pppd/demand.c | 4 | ||||
-rw-r--r-- | usr.sbin/pppd/lcp.c | 18 | ||||
-rw-r--r-- | usr.sbin/pppd/main.c | 32 | ||||
-rw-r--r-- | usr.sbin/pppd/options.c | 9 | ||||
-rw-r--r-- | usr.sbin/pppd/patchlevel.h | 6 | ||||
-rw-r--r-- | usr.sbin/pppd/sys-bsd.c | 18 |
10 files changed, 109 insertions, 66 deletions
diff --git a/usr.sbin/pppd/auth.c b/usr.sbin/pppd/auth.c index 1dfb148f28cd3..2e00b41916a56 100644 --- a/usr.sbin/pppd/auth.c +++ b/usr.sbin/pppd/auth.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: auth.c,v 1.32 1997/07/14 03:52:33 paulus Exp $"; +static char rcsid[] = "$Id: auth.c,v 1.35 1997/11/27 06:49:15 paulus Exp $"; #endif #include <stdio.h> @@ -46,6 +46,11 @@ static char rcsid[] = "$Id: auth.c,v 1.32 1997/07/14 03:52:33 paulus Exp $"; #include <sys/types.h> #include <sys/stat.h> #include <sys/socket.h> +#include <utmp.h> +#include <fcntl.h> +#if defined(_PATH_LASTLOG) && defined(_linux_) +#include <lastlog.h> +#endif #include <netdb.h> #include <netinet/in.h> @@ -98,7 +103,7 @@ char peer_authname[MAXNAMELEN]; /* Records which authentication operations haven't completed yet. */ static int auth_pending[NUM_PPP]; -/* Set if we have successfully called login() */ +/* Set if we have successfully called plogin() */ static int logged_in; /* Set if we have run the /etc/ppp/auth-up script. */ @@ -129,8 +134,8 @@ extern char *crypt __P((const char *, const char *)); static void network_phase __P((int)); static void check_idle __P((void *)); static void connect_time_expired __P((void *)); -static int login __P((char *, char *, char **, int *)); -static void logout __P((void)); +static int plogin __P((char *, char *, char **, int *)); +static void plogout __P((void)); static int null_login __P((int)); static int get_pap_passwd __P((char *)); static int have_pap_secret __P((void)); @@ -141,9 +146,6 @@ static int scan_authfile __P((FILE *, char *, char *, u_int32_t, char *, static void free_wordlist __P((struct wordlist *)); static void auth_script __P((char *)); static void set_allowed_addrs __P((int, struct wordlist *)); -#ifdef CBCP_SUPPORT -static void callback_phase __P((int)); -#endif /* * An Open on LCP has requested a change from Dead to Establish phase. @@ -166,7 +168,7 @@ link_terminated(unit) if (phase == PHASE_DEAD) return; if (logged_in) - logout(); + plogout(); phase = PHASE_DEAD; syslog(LOG_NOTICE, "Connection terminated."); } @@ -653,7 +655,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg, msglen) } if (uselogin && ret == UPAP_AUTHACK) { - ret = login(user, passwd, msg, msglen); + ret = plogin(user, passwd, msg, msglen); if (ret == UPAP_AUTHNAK) { syslog(LOG_WARNING, "PAP login failure for %s", user); } @@ -706,7 +708,7 @@ static int pam_conv(int num_msg, const struct pam_message **msg, #endif /* - * login - Check the user name and password against the system + * plogin - Check the user name and password against the system * password database, and login the user if OK. * * returns: @@ -716,7 +718,7 @@ static int pam_conv(int num_msg, const struct pam_message **msg, */ static int -login(user, passwd, msg, msglen) +plogin(user, passwd, msg, msglen) char *user; char *passwd; char **msg; @@ -810,16 +812,32 @@ login(user, passwd, msg, msglen) if (strncmp(tty, "/dev/", 5) == 0) tty += 5; logwtmp(tty, user, remote_name); /* Add wtmp login entry */ + +#ifdef _PATH_LASTLOG + { + struct lastlog ll; + int fd; + + if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { + (void)lseek(fd, (off_t)(pw->pw_uid * sizeof(ll)), SEEK_SET); + memset((void *)&ll, 0, sizeof(ll)); + (void)time(&ll.ll_time); + (void)strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); + (void)write(fd, (char *)&ll, sizeof(ll)); + (void)close(fd); + } + } +#endif logged_in = TRUE; return (UPAP_AUTHACK); } /* - * logout - Logout the user. + * plogout - Logout the user. */ static void -logout() +plogout() { char *tty; diff --git a/usr.sbin/pppd/chap.c b/usr.sbin/pppd/chap.c index b418f6f493f00..189eb20ecc2de 100644 --- a/usr.sbin/pppd/chap.c +++ b/usr.sbin/pppd/chap.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: chap.c,v 1.14 1997/04/30 05:51:08 paulus Exp $"; +static char rcsid[] = "$Id: chap.c,v 1.15 1997/11/27 06:07:48 paulus Exp $"; #endif /* @@ -586,9 +586,12 @@ ChapReceiveResponse(cstate, inp, id, len) } if (cstate->chal_interval != 0) TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval); + syslog(LOG_NOTICE, "CHAP peer authentication succeeded for %s", + rhostname); } else { - syslog(LOG_ERR, "CHAP peer authentication failed"); + syslog(LOG_ERR, "CHAP peer authentication failed for remote host %s", + rhostname); cstate->serverstate = CHAPSS_BADAUTH; auth_peer_fail(cstate->unit, PPP_CHAP); } diff --git a/usr.sbin/pppd/chap_ms.c b/usr.sbin/pppd/chap_ms.c index 89f95b516c84d..db6f4cfb4a7be 100644 --- a/usr.sbin/pppd/chap_ms.c +++ b/usr.sbin/pppd/chap_ms.c @@ -32,15 +32,18 @@ */ #ifndef lint -static char rcsid[] = "$Id: chap_ms.c,v 1.4 1997/05/22 06:46:19 paulus Exp $"; +static char rcsid[] = "$Id: chap_ms.c,v 1.5 1997/11/27 06:08:10 paulus Exp $"; #endif #ifdef CHAPMS #include <stdio.h> +#include <string.h> +#include <ctype.h> #include <sys/types.h> #include <sys/time.h> #include <syslog.h> +#include <unistd.h> #include "pppd.h" #include "chap.h" @@ -60,8 +63,14 @@ typedef struct { in case this struct gets padded. */ +static void ChallengeResponse __P((u_char *, u_char *, u_char *)); static void DesEncrypt __P((u_char *, u_char *, u_char *)); static void MakeKey __P((u_char *, u_char *)); +static u_char Get7Bits __P((u_char *, int)); +static void ChapMS_NT __P((char *, int, char *, int, MS_ChapResponse *)); +#ifdef MSLANMAN +static void ChapMS_LANMan __P((char *, int, char *, int, MS_ChapResponse *)); +#endif #ifdef USE_CRYPT static void Expand __P((u_char *, u_char *)); @@ -77,7 +86,7 @@ ChallengeResponse(challenge, pwHash, response) char ZPasswordHash[21]; BZERO(ZPasswordHash, sizeof(ZPasswordHash)); - BCOPY(pwHash, ZPasswordHash, 16); + BCOPY(pwHash, ZPasswordHash, MD4_SIGNATURE_SIZE); #if 0 log_packet(ZPasswordHash, sizeof(ZPasswordHash), "ChallengeResponse - ZPasswordHash", LOG_DEBUG); @@ -243,7 +252,8 @@ ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, response) MS_ChapResponse *response; { int i; - MDstruct md4Context; + MD4_CTX md4Context; + u_char hash[MD4_SIGNATURE_SIZE]; u_char unicodePassword[MAX_NT_PASSWORD * 2]; static int low_byte_first = -1; @@ -253,23 +263,19 @@ ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, response) for (i = 0; i < secret_len; i++) unicodePassword[i * 2] = (u_char)secret[i]; - MDbegin(&md4Context); - MDupdate(&md4Context, unicodePassword, secret_len * 2 * 8); /* Unicode is 2 bytes/char, *8 for bit count */ + MD4Init(&md4Context); + MD4Update(&md4Context, unicodePassword, secret_len * 2 * 8); /* Unicode is 2 bytes/char, *8 for bit count */ - if (low_byte_first == -1) - low_byte_first = (htons((unsigned short int)1) != 1); - if (low_byte_first == 0) - MDreverse(&md4Context); /* sfb 961105 */ + MD4Final(hash, &md4Context); /* Tell MD4 we're done */ - MDupdate(&md4Context, NULL, 0); /* Tell MD4 we're done */ - - ChallengeResponse(rchallenge, (char *)md4Context.buffer, response->NTResp); + ChallengeResponse(rchallenge, hash, response->NTResp); } #ifdef MSLANMAN static u_char *StdText = (u_char *)"KGS!@#$%"; /* key from rasapi32.dll */ -static ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response) +static void +ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response) char *rchallenge; int rchallenge_len; char *secret; @@ -278,7 +284,7 @@ static ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response) { int i; u_char UcasePassword[MAX_NT_PASSWORD]; /* max is actually 14 */ - u_char PasswordHash[16]; + u_char PasswordHash[MD4_SIGNATURE_SIZE]; /* LANMan password is case insensitive */ BZERO(UcasePassword, sizeof(UcasePassword)); diff --git a/usr.sbin/pppd/chap_ms.h b/usr.sbin/pppd/chap_ms.h index 2d7c7e918b5af..1f0ea2b4e234e 100644 --- a/usr.sbin/pppd/chap_ms.h +++ b/usr.sbin/pppd/chap_ms.h @@ -19,11 +19,12 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: chap_ms.h,v 1.1 1996/05/28 00:42:31 paulus Exp $ + * $Id: chap_ms.h,v 1.2 1997/11/27 06:08:10 paulus Exp $ */ #ifndef __CHAPMS_INCLUDE__ +#define MD4_SIGNATURE_SIZE 16 /* 16 bytes in a MD4 message digest */ #define MAX_NT_PASSWORD 256 /* Maximum number of (Unicode) chars in an NT password */ void ChapMS __P((chap_state *, char *, int, char *, int)); diff --git a/usr.sbin/pppd/demand.c b/usr.sbin/pppd/demand.c index dc13ba75e0ae0..cbd8980b22885 100644 --- a/usr.sbin/pppd/demand.c +++ b/usr.sbin/pppd/demand.c @@ -18,7 +18,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: demand.c,v 1.6 1997/04/30 05:51:56 paulus Exp $"; +static char rcsid[] = "$Id: demand.c,v 1.7 1997/11/27 06:08:26 paulus Exp $"; #endif #include <stdio.h> @@ -35,8 +35,8 @@ static char rcsid[] = "$Id: demand.c,v 1.6 1997/04/30 05:51:56 paulus Exp $"; #include <sys/resource.h> #include <sys/stat.h> #include <sys/socket.h> -#include <net/if.h> #ifdef PPP_FILTER +#include <net/if.h> #include <net/bpf.h> #include <pcap.h> #endif diff --git a/usr.sbin/pppd/lcp.c b/usr.sbin/pppd/lcp.c index 48c1b5168b64f..0e006935e51f0 100644 --- a/usr.sbin/pppd/lcp.c +++ b/usr.sbin/pppd/lcp.c @@ -18,7 +18,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: lcp.c,v 1.30 1997/04/30 05:52:59 paulus Exp $"; +static char rcsid[] = "$Id: lcp.c,v 1.31 1997/11/27 06:08:44 paulus Exp $"; #endif /* @@ -266,7 +266,7 @@ lcp_lowerup(unit) */ ppp_set_xaccm(unit, xmit_accm[unit]); ppp_send_config(unit, PPP_MRU, 0xffffffff, 0, 0); - ppp_recv_config(unit, PPP_MRU, 0x00000000, + ppp_recv_config(unit, PPP_MRU, 0xffffffff, wo->neg_pcompression, wo->neg_accompression); peer_mru[unit] = PPP_MRU; lcp_allowoptions[unit].asyncmap = xmit_accm[unit][0]; @@ -785,7 +785,7 @@ lcp_nakci(f, p, len) */ if (go->neg_mru && go->mru != DEFMRU) { NAKCISHORT(CI_MRU, neg_mru, - if (cishort <= wo->mru || cishort < DEFMRU) + if (cishort <= wo->mru || cishort <= DEFMRU) try.mru = cishort; ); } @@ -1484,13 +1484,8 @@ lcp_up(f) ppp_send_config(f->unit, MIN(ao->mru, (ho->neg_mru? ho->mru: PPP_MRU)), (ho->neg_asyncmap? ho->asyncmap: 0xffffffff), ho->neg_pcompression, ho->neg_accompression); - /* - * If the asyncmap hasn't been negotiated, we really should - * set the receive asyncmap to ffffffff, but we set it to 0 - * for backwards contemptibility. - */ ppp_recv_config(f->unit, (go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU), - (go->neg_asyncmap? go->asyncmap: 0x00000000), + (go->neg_asyncmap? go->asyncmap: 0xffffffff), go->neg_pcompression, go->neg_accompression); if (ho->neg_mru) @@ -1519,7 +1514,7 @@ lcp_down(f) ppp_send_config(f->unit, PPP_MRU, 0xffffffff, 0, 0); ppp_recv_config(f->unit, PPP_MRU, - (go->neg_asyncmap? go->asyncmap: 0x00000000), + (go->neg_asyncmap? go->asyncmap: 0xffffffff), go->neg_pcompression, go->neg_accompression); peer_mru[f->unit] = PPP_MRU; } @@ -1807,7 +1802,7 @@ LcpSendEchoRequest (f) * Detect the failure of the peer at this point. */ if (lcp_echo_fails != 0) { - if (lcp_echos_pending++ >= lcp_echo_fails) { + if (lcp_echos_pending >= lcp_echo_fails) { LcpLinkFailure(f); lcp_echos_pending = 0; } @@ -1821,6 +1816,7 @@ LcpSendEchoRequest (f) pktp = pkt; PUTLONG(lcp_magic, pktp); fsm_sdata(f, ECHOREQ, lcp_echo_number++ & 0xFF, pkt, pktp - pkt); + ++lcp_echos_pending; } } diff --git a/usr.sbin/pppd/main.c b/usr.sbin/pppd/main.c index ed73a12b0b9cc..934827dd426fb 100644 --- a/usr.sbin/pppd/main.c +++ b/usr.sbin/pppd/main.c @@ -18,7 +18,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: main.c,v 1.42 1997/07/14 03:53:25 paulus Exp $"; +static char rcsid[] = "$Id: main.c,v 1.43 1997/11/27 06:09:20 paulus Exp $"; #endif #include <stdio.h> @@ -40,7 +40,6 @@ static char rcsid[] = "$Id: main.c,v 1.42 1997/07/14 03:53:25 paulus Exp $"; #include <sys/resource.h> #include <sys/stat.h> #include <sys/socket.h> -#include <net/if.h> #include "pppd.h" #include "magic.h" @@ -69,7 +68,7 @@ extern char *strerror(); #endif /* interface vars */ -char ifname[IFNAMSIZ]; /* Interface name */ +char ifname[32]; /* Interface name */ int ifunit; /* Interface unit number */ char *progname; /* Name of this program */ @@ -161,7 +160,7 @@ main(argc, argv) int argc; char *argv[]; { - int i, nonblock, fdflags; + int i, fdflags; struct sigaction sa; FILE *pidfile; char *p; @@ -449,18 +448,21 @@ main(argc, argv) } else tty_mode = statbuf.st_mode; - /* - * Set line speed, flow control, etc. - * Previously, if we had a connection script, we would set CLOCAL - * while the script was running. But then, if CD was negated - * before the script finished, we would miss it. - */ - set_up_tty(ttyfd, 0); - /* run connection script */ if (connector && connector[0]) { MAINDEBUG((LOG_INFO, "Connecting with <%s>", connector)); + /* + * Set line speed, flow control, etc. + * On most systems we set CLOCAL for now so that we can talk + * to the modem before carrier comes up. But this has the + * side effect that we might miss it if CD drops before we + * get to clear CLOCAL below. On systems where we can talk + * successfully to the modem with CLOCAL clear and CD down, + * we can clear CLOCAL at this point. + */ + set_up_tty(ttyfd, 1); + /* drop dtr to hang up in case modem is off hook */ if (!default_device && modem) { setdtr(ttyfd, FALSE); @@ -474,10 +476,14 @@ main(argc, argv) goto fail; } + syslog(LOG_INFO, "Serial connection established."); sleep(1); /* give it time to set up its terminal */ } + /* set line speed, flow control, etc.; clear CLOCAL if modem option */ + set_up_tty(ttyfd, 0); + /* reopen tty if necessary to wait for carrier */ if (connector == NULL && modem) { while ((i = open(devnam, O_RDWR)) < 0) { @@ -579,7 +585,7 @@ main(argc, argv) } if (!persist) - break; + die(1); if (demand) demand_discard(); diff --git a/usr.sbin/pppd/options.c b/usr.sbin/pppd/options.c index 11af11e853bcc..d8c39837381e9 100644 --- a/usr.sbin/pppd/options.c +++ b/usr.sbin/pppd/options.c @@ -18,7 +18,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: options.c,v 1.39 1997/07/14 03:53:34 paulus Exp $"; +static char rcsid[] = "$Id: options.c,v 1.40 1997/11/27 06:09:34 paulus Exp $"; #endif #include <ctype.h> @@ -159,7 +159,7 @@ static int setescape __P((char **)); static int setmru __P((char **)); static int setmtu __P((char **)); #ifdef CBCP_SUPPORT -static int setcbcp __P((char *)); +static int setcbcp __P((char **)); #endif static int nomru __P((char **)); static int nopcomp __P((char **)); @@ -250,7 +250,7 @@ static int setipxcpfails __P((char **)); #endif /* IPX_CHANGE */ #ifdef MSLANMAN -static int setmslanman __P((void)); +static int setmslanman __P((char **)); #endif static int number_option __P((char *, u_int32_t *, int)); @@ -2544,7 +2544,8 @@ resetipxproto(argv) #ifdef MSLANMAN static int -setmslanman() +setmslanman(argv) + char **argv; { ms_lanman = 1; return (1); diff --git a/usr.sbin/pppd/patchlevel.h b/usr.sbin/pppd/patchlevel.h index f109b9f9b0623..525207489581d 100644 --- a/usr.sbin/pppd/patchlevel.h +++ b/usr.sbin/pppd/patchlevel.h @@ -1,6 +1,6 @@ -/* $Id: patchlevel.h,v 1.29 1997/07/14 03:53:42 paulus Exp $ */ -#define PATCHLEVEL 1 +/* $Id: patchlevel.h,v 1.30 1997/11/27 06:09:44 paulus Exp $ */ +#define PATCHLEVEL 3 #define VERSION "2.3" #define IMPLEMENTATION "" -#define DATE "27 June 97" +#define DATE "11 December 1997" diff --git a/usr.sbin/pppd/sys-bsd.c b/usr.sbin/pppd/sys-bsd.c index 0aee267b6b652..46962dec0ff63 100644 --- a/usr.sbin/pppd/sys-bsd.c +++ b/usr.sbin/pppd/sys-bsd.c @@ -21,8 +21,8 @@ */ #ifndef lint -static char rcsid[] = "$Id: sys-bsd.c,v 1.28 1997/04/30 05:57:46 paulus Exp $"; -#endif +static char rcsid[] = "$Id: sys-bsd.c,v 1.29 1997/11/27 06:10:04 paulus Exp $"; +/* $NetBSD: sys-bsd.c,v 1.1.1.3 1997/09/26 18:53:04 christos Exp $ */ /* * TODO: @@ -58,7 +58,12 @@ static char rcsid[] = "$Id: sys-bsd.c,v 1.28 1997/04/30 05:57:46 paulus Exp $"; #include <netinet/in.h> #if RTM_VERSION >= 3 -#include <netinet/if_ether.h> +#include <sys/param.h> +#if defined(NetBSD) && (NetBSD >= 199703) +#include <netinet/if_inarp.h> +#else /* NetBSD 1.2D or later */ +#include <net/if_ether.h> +#endif #endif #include "pppd.h" @@ -946,6 +951,7 @@ sifaddr(u, o, h, m) u_int32_t o, h, m; { struct ifaliasreq ifra; + struct ifreq ifr; strncpy(ifra.ifra_name, ifname, sizeof(ifra.ifra_name)); SET_SA_FAMILY(ifra.ifra_addr, AF_INET); @@ -957,6 +963,12 @@ sifaddr(u, o, h, m) ((struct sockaddr_in *) &ifra.ifra_mask)->sin_addr.s_addr = m; } else BZERO(&ifra.ifra_mask, sizeof(ifra.ifra_mask)); + BZERO(&ifr, sizeof(ifr)); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); + if (ioctl(sockfd, SIOCDIFADDR, (caddr_t) &ifr) < 0) { + if (errno != EADDRNOTAVAIL) + syslog(LOG_WARNING, "Couldn't remove interface address: %m"); + } if (ioctl(sockfd, SIOCAIFADDR, (caddr_t) &ifra) < 0) { if (errno != EEXIST) { syslog(LOG_ERR, "Couldn't set interface address: %m"); |