summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorPeter Wemm <peter@FreeBSD.org>1998-03-21 18:01:50 +0000
committerPeter Wemm <peter@FreeBSD.org>1998-03-21 18:01:50 +0000
commit6f761d931465c47e1b208bae6f54de57455e6099 (patch)
tree0b13420261a5c83650ca75925d6592070be46ea7 /usr.sbin
parentfb04b031b09925b2f4ea149752acde144f11ca0e (diff)
Notes
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/pppd/auth.c44
-rw-r--r--usr.sbin/pppd/chap.c7
-rw-r--r--usr.sbin/pppd/chap_ms.c34
-rw-r--r--usr.sbin/pppd/chap_ms.h3
-rw-r--r--usr.sbin/pppd/demand.c4
-rw-r--r--usr.sbin/pppd/lcp.c18
-rw-r--r--usr.sbin/pppd/main.c32
-rw-r--r--usr.sbin/pppd/options.c9
-rw-r--r--usr.sbin/pppd/patchlevel.h6
-rw-r--r--usr.sbin/pppd/sys-bsd.c18
10 files changed, 109 insertions, 66 deletions
diff --git a/usr.sbin/pppd/auth.c b/usr.sbin/pppd/auth.c
index 1dfb148f28cd3..2e00b41916a56 100644
--- a/usr.sbin/pppd/auth.c
+++ b/usr.sbin/pppd/auth.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char rcsid[] = "$Id: auth.c,v 1.32 1997/07/14 03:52:33 paulus Exp $";
+static char rcsid[] = "$Id: auth.c,v 1.35 1997/11/27 06:49:15 paulus Exp $";
#endif
#include <stdio.h>
@@ -46,6 +46,11 @@ static char rcsid[] = "$Id: auth.c,v 1.32 1997/07/14 03:52:33 paulus Exp $";
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
+#include <utmp.h>
+#include <fcntl.h>
+#if defined(_PATH_LASTLOG) && defined(_linux_)
+#include <lastlog.h>
+#endif
#include <netdb.h>
#include <netinet/in.h>
@@ -98,7 +103,7 @@ char peer_authname[MAXNAMELEN];
/* Records which authentication operations haven't completed yet. */
static int auth_pending[NUM_PPP];
-/* Set if we have successfully called login() */
+/* Set if we have successfully called plogin() */
static int logged_in;
/* Set if we have run the /etc/ppp/auth-up script. */
@@ -129,8 +134,8 @@ extern char *crypt __P((const char *, const char *));
static void network_phase __P((int));
static void check_idle __P((void *));
static void connect_time_expired __P((void *));
-static int login __P((char *, char *, char **, int *));
-static void logout __P((void));
+static int plogin __P((char *, char *, char **, int *));
+static void plogout __P((void));
static int null_login __P((int));
static int get_pap_passwd __P((char *));
static int have_pap_secret __P((void));
@@ -141,9 +146,6 @@ static int scan_authfile __P((FILE *, char *, char *, u_int32_t, char *,
static void free_wordlist __P((struct wordlist *));
static void auth_script __P((char *));
static void set_allowed_addrs __P((int, struct wordlist *));
-#ifdef CBCP_SUPPORT
-static void callback_phase __P((int));
-#endif
/*
* An Open on LCP has requested a change from Dead to Establish phase.
@@ -166,7 +168,7 @@ link_terminated(unit)
if (phase == PHASE_DEAD)
return;
if (logged_in)
- logout();
+ plogout();
phase = PHASE_DEAD;
syslog(LOG_NOTICE, "Connection terminated.");
}
@@ -653,7 +655,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg, msglen)
}
if (uselogin && ret == UPAP_AUTHACK) {
- ret = login(user, passwd, msg, msglen);
+ ret = plogin(user, passwd, msg, msglen);
if (ret == UPAP_AUTHNAK) {
syslog(LOG_WARNING, "PAP login failure for %s", user);
}
@@ -706,7 +708,7 @@ static int pam_conv(int num_msg, const struct pam_message **msg,
#endif
/*
- * login - Check the user name and password against the system
+ * plogin - Check the user name and password against the system
* password database, and login the user if OK.
*
* returns:
@@ -716,7 +718,7 @@ static int pam_conv(int num_msg, const struct pam_message **msg,
*/
static int
-login(user, passwd, msg, msglen)
+plogin(user, passwd, msg, msglen)
char *user;
char *passwd;
char **msg;
@@ -810,16 +812,32 @@ login(user, passwd, msg, msglen)
if (strncmp(tty, "/dev/", 5) == 0)
tty += 5;
logwtmp(tty, user, remote_name); /* Add wtmp login entry */
+
+#ifdef _PATH_LASTLOG
+ {
+ struct lastlog ll;
+ int fd;
+
+ if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) {
+ (void)lseek(fd, (off_t)(pw->pw_uid * sizeof(ll)), SEEK_SET);
+ memset((void *)&ll, 0, sizeof(ll));
+ (void)time(&ll.ll_time);
+ (void)strncpy(ll.ll_line, tty, sizeof(ll.ll_line));
+ (void)write(fd, (char *)&ll, sizeof(ll));
+ (void)close(fd);
+ }
+ }
+#endif
logged_in = TRUE;
return (UPAP_AUTHACK);
}
/*
- * logout - Logout the user.
+ * plogout - Logout the user.
*/
static void
-logout()
+plogout()
{
char *tty;
diff --git a/usr.sbin/pppd/chap.c b/usr.sbin/pppd/chap.c
index b418f6f493f00..189eb20ecc2de 100644
--- a/usr.sbin/pppd/chap.c
+++ b/usr.sbin/pppd/chap.c
@@ -34,7 +34,7 @@
*/
#ifndef lint
-static char rcsid[] = "$Id: chap.c,v 1.14 1997/04/30 05:51:08 paulus Exp $";
+static char rcsid[] = "$Id: chap.c,v 1.15 1997/11/27 06:07:48 paulus Exp $";
#endif
/*
@@ -586,9 +586,12 @@ ChapReceiveResponse(cstate, inp, id, len)
}
if (cstate->chal_interval != 0)
TIMEOUT(ChapRechallenge, cstate, cstate->chal_interval);
+ syslog(LOG_NOTICE, "CHAP peer authentication succeeded for %s",
+ rhostname);
} else {
- syslog(LOG_ERR, "CHAP peer authentication failed");
+ syslog(LOG_ERR, "CHAP peer authentication failed for remote host %s",
+ rhostname);
cstate->serverstate = CHAPSS_BADAUTH;
auth_peer_fail(cstate->unit, PPP_CHAP);
}
diff --git a/usr.sbin/pppd/chap_ms.c b/usr.sbin/pppd/chap_ms.c
index 89f95b516c84d..db6f4cfb4a7be 100644
--- a/usr.sbin/pppd/chap_ms.c
+++ b/usr.sbin/pppd/chap_ms.c
@@ -32,15 +32,18 @@
*/
#ifndef lint
-static char rcsid[] = "$Id: chap_ms.c,v 1.4 1997/05/22 06:46:19 paulus Exp $";
+static char rcsid[] = "$Id: chap_ms.c,v 1.5 1997/11/27 06:08:10 paulus Exp $";
#endif
#ifdef CHAPMS
#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
#include <sys/types.h>
#include <sys/time.h>
#include <syslog.h>
+#include <unistd.h>
#include "pppd.h"
#include "chap.h"
@@ -60,8 +63,14 @@ typedef struct {
in case this struct gets padded. */
+static void ChallengeResponse __P((u_char *, u_char *, u_char *));
static void DesEncrypt __P((u_char *, u_char *, u_char *));
static void MakeKey __P((u_char *, u_char *));
+static u_char Get7Bits __P((u_char *, int));
+static void ChapMS_NT __P((char *, int, char *, int, MS_ChapResponse *));
+#ifdef MSLANMAN
+static void ChapMS_LANMan __P((char *, int, char *, int, MS_ChapResponse *));
+#endif
#ifdef USE_CRYPT
static void Expand __P((u_char *, u_char *));
@@ -77,7 +86,7 @@ ChallengeResponse(challenge, pwHash, response)
char ZPasswordHash[21];
BZERO(ZPasswordHash, sizeof(ZPasswordHash));
- BCOPY(pwHash, ZPasswordHash, 16);
+ BCOPY(pwHash, ZPasswordHash, MD4_SIGNATURE_SIZE);
#if 0
log_packet(ZPasswordHash, sizeof(ZPasswordHash), "ChallengeResponse - ZPasswordHash", LOG_DEBUG);
@@ -243,7 +252,8 @@ ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, response)
MS_ChapResponse *response;
{
int i;
- MDstruct md4Context;
+ MD4_CTX md4Context;
+ u_char hash[MD4_SIGNATURE_SIZE];
u_char unicodePassword[MAX_NT_PASSWORD * 2];
static int low_byte_first = -1;
@@ -253,23 +263,19 @@ ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, response)
for (i = 0; i < secret_len; i++)
unicodePassword[i * 2] = (u_char)secret[i];
- MDbegin(&md4Context);
- MDupdate(&md4Context, unicodePassword, secret_len * 2 * 8); /* Unicode is 2 bytes/char, *8 for bit count */
+ MD4Init(&md4Context);
+ MD4Update(&md4Context, unicodePassword, secret_len * 2 * 8); /* Unicode is 2 bytes/char, *8 for bit count */
- if (low_byte_first == -1)
- low_byte_first = (htons((unsigned short int)1) != 1);
- if (low_byte_first == 0)
- MDreverse(&md4Context); /* sfb 961105 */
+ MD4Final(hash, &md4Context); /* Tell MD4 we're done */
- MDupdate(&md4Context, NULL, 0); /* Tell MD4 we're done */
-
- ChallengeResponse(rchallenge, (char *)md4Context.buffer, response->NTResp);
+ ChallengeResponse(rchallenge, hash, response->NTResp);
}
#ifdef MSLANMAN
static u_char *StdText = (u_char *)"KGS!@#$%"; /* key from rasapi32.dll */
-static ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response)
+static void
+ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response)
char *rchallenge;
int rchallenge_len;
char *secret;
@@ -278,7 +284,7 @@ static ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response)
{
int i;
u_char UcasePassword[MAX_NT_PASSWORD]; /* max is actually 14 */
- u_char PasswordHash[16];
+ u_char PasswordHash[MD4_SIGNATURE_SIZE];
/* LANMan password is case insensitive */
BZERO(UcasePassword, sizeof(UcasePassword));
diff --git a/usr.sbin/pppd/chap_ms.h b/usr.sbin/pppd/chap_ms.h
index 2d7c7e918b5af..1f0ea2b4e234e 100644
--- a/usr.sbin/pppd/chap_ms.h
+++ b/usr.sbin/pppd/chap_ms.h
@@ -19,11 +19,12 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
- * $Id: chap_ms.h,v 1.1 1996/05/28 00:42:31 paulus Exp $
+ * $Id: chap_ms.h,v 1.2 1997/11/27 06:08:10 paulus Exp $
*/
#ifndef __CHAPMS_INCLUDE__
+#define MD4_SIGNATURE_SIZE 16 /* 16 bytes in a MD4 message digest */
#define MAX_NT_PASSWORD 256 /* Maximum number of (Unicode) chars in an NT password */
void ChapMS __P((chap_state *, char *, int, char *, int));
diff --git a/usr.sbin/pppd/demand.c b/usr.sbin/pppd/demand.c
index dc13ba75e0ae0..cbd8980b22885 100644
--- a/usr.sbin/pppd/demand.c
+++ b/usr.sbin/pppd/demand.c
@@ -18,7 +18,7 @@
*/
#ifndef lint
-static char rcsid[] = "$Id: demand.c,v 1.6 1997/04/30 05:51:56 paulus Exp $";
+static char rcsid[] = "$Id: demand.c,v 1.7 1997/11/27 06:08:26 paulus Exp $";
#endif
#include <stdio.h>
@@ -35,8 +35,8 @@ static char rcsid[] = "$Id: demand.c,v 1.6 1997/04/30 05:51:56 paulus Exp $";
#include <sys/resource.h>
#include <sys/stat.h>
#include <sys/socket.h>
-#include <net/if.h>
#ifdef PPP_FILTER
+#include <net/if.h>
#include <net/bpf.h>
#include <pcap.h>
#endif
diff --git a/usr.sbin/pppd/lcp.c b/usr.sbin/pppd/lcp.c
index 48c1b5168b64f..0e006935e51f0 100644
--- a/usr.sbin/pppd/lcp.c
+++ b/usr.sbin/pppd/lcp.c
@@ -18,7 +18,7 @@
*/
#ifndef lint
-static char rcsid[] = "$Id: lcp.c,v 1.30 1997/04/30 05:52:59 paulus Exp $";
+static char rcsid[] = "$Id: lcp.c,v 1.31 1997/11/27 06:08:44 paulus Exp $";
#endif
/*
@@ -266,7 +266,7 @@ lcp_lowerup(unit)
*/
ppp_set_xaccm(unit, xmit_accm[unit]);
ppp_send_config(unit, PPP_MRU, 0xffffffff, 0, 0);
- ppp_recv_config(unit, PPP_MRU, 0x00000000,
+ ppp_recv_config(unit, PPP_MRU, 0xffffffff,
wo->neg_pcompression, wo->neg_accompression);
peer_mru[unit] = PPP_MRU;
lcp_allowoptions[unit].asyncmap = xmit_accm[unit][0];
@@ -785,7 +785,7 @@ lcp_nakci(f, p, len)
*/
if (go->neg_mru && go->mru != DEFMRU) {
NAKCISHORT(CI_MRU, neg_mru,
- if (cishort <= wo->mru || cishort < DEFMRU)
+ if (cishort <= wo->mru || cishort <= DEFMRU)
try.mru = cishort;
);
}
@@ -1484,13 +1484,8 @@ lcp_up(f)
ppp_send_config(f->unit, MIN(ao->mru, (ho->neg_mru? ho->mru: PPP_MRU)),
(ho->neg_asyncmap? ho->asyncmap: 0xffffffff),
ho->neg_pcompression, ho->neg_accompression);
- /*
- * If the asyncmap hasn't been negotiated, we really should
- * set the receive asyncmap to ffffffff, but we set it to 0
- * for backwards contemptibility.
- */
ppp_recv_config(f->unit, (go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU),
- (go->neg_asyncmap? go->asyncmap: 0x00000000),
+ (go->neg_asyncmap? go->asyncmap: 0xffffffff),
go->neg_pcompression, go->neg_accompression);
if (ho->neg_mru)
@@ -1519,7 +1514,7 @@ lcp_down(f)
ppp_send_config(f->unit, PPP_MRU, 0xffffffff, 0, 0);
ppp_recv_config(f->unit, PPP_MRU,
- (go->neg_asyncmap? go->asyncmap: 0x00000000),
+ (go->neg_asyncmap? go->asyncmap: 0xffffffff),
go->neg_pcompression, go->neg_accompression);
peer_mru[f->unit] = PPP_MRU;
}
@@ -1807,7 +1802,7 @@ LcpSendEchoRequest (f)
* Detect the failure of the peer at this point.
*/
if (lcp_echo_fails != 0) {
- if (lcp_echos_pending++ >= lcp_echo_fails) {
+ if (lcp_echos_pending >= lcp_echo_fails) {
LcpLinkFailure(f);
lcp_echos_pending = 0;
}
@@ -1821,6 +1816,7 @@ LcpSendEchoRequest (f)
pktp = pkt;
PUTLONG(lcp_magic, pktp);
fsm_sdata(f, ECHOREQ, lcp_echo_number++ & 0xFF, pkt, pktp - pkt);
+ ++lcp_echos_pending;
}
}
diff --git a/usr.sbin/pppd/main.c b/usr.sbin/pppd/main.c
index ed73a12b0b9cc..934827dd426fb 100644
--- a/usr.sbin/pppd/main.c
+++ b/usr.sbin/pppd/main.c
@@ -18,7 +18,7 @@
*/
#ifndef lint
-static char rcsid[] = "$Id: main.c,v 1.42 1997/07/14 03:53:25 paulus Exp $";
+static char rcsid[] = "$Id: main.c,v 1.43 1997/11/27 06:09:20 paulus Exp $";
#endif
#include <stdio.h>
@@ -40,7 +40,6 @@ static char rcsid[] = "$Id: main.c,v 1.42 1997/07/14 03:53:25 paulus Exp $";
#include <sys/resource.h>
#include <sys/stat.h>
#include <sys/socket.h>
-#include <net/if.h>
#include "pppd.h"
#include "magic.h"
@@ -69,7 +68,7 @@ extern char *strerror();
#endif
/* interface vars */
-char ifname[IFNAMSIZ]; /* Interface name */
+char ifname[32]; /* Interface name */
int ifunit; /* Interface unit number */
char *progname; /* Name of this program */
@@ -161,7 +160,7 @@ main(argc, argv)
int argc;
char *argv[];
{
- int i, nonblock, fdflags;
+ int i, fdflags;
struct sigaction sa;
FILE *pidfile;
char *p;
@@ -449,18 +448,21 @@ main(argc, argv)
} else
tty_mode = statbuf.st_mode;
- /*
- * Set line speed, flow control, etc.
- * Previously, if we had a connection script, we would set CLOCAL
- * while the script was running. But then, if CD was negated
- * before the script finished, we would miss it.
- */
- set_up_tty(ttyfd, 0);
-
/* run connection script */
if (connector && connector[0]) {
MAINDEBUG((LOG_INFO, "Connecting with <%s>", connector));
+ /*
+ * Set line speed, flow control, etc.
+ * On most systems we set CLOCAL for now so that we can talk
+ * to the modem before carrier comes up. But this has the
+ * side effect that we might miss it if CD drops before we
+ * get to clear CLOCAL below. On systems where we can talk
+ * successfully to the modem with CLOCAL clear and CD down,
+ * we can clear CLOCAL at this point.
+ */
+ set_up_tty(ttyfd, 1);
+
/* drop dtr to hang up in case modem is off hook */
if (!default_device && modem) {
setdtr(ttyfd, FALSE);
@@ -474,10 +476,14 @@ main(argc, argv)
goto fail;
}
+
syslog(LOG_INFO, "Serial connection established.");
sleep(1); /* give it time to set up its terminal */
}
+ /* set line speed, flow control, etc.; clear CLOCAL if modem option */
+ set_up_tty(ttyfd, 0);
+
/* reopen tty if necessary to wait for carrier */
if (connector == NULL && modem) {
while ((i = open(devnam, O_RDWR)) < 0) {
@@ -579,7 +585,7 @@ main(argc, argv)
}
if (!persist)
- break;
+ die(1);
if (demand)
demand_discard();
diff --git a/usr.sbin/pppd/options.c b/usr.sbin/pppd/options.c
index 11af11e853bcc..d8c39837381e9 100644
--- a/usr.sbin/pppd/options.c
+++ b/usr.sbin/pppd/options.c
@@ -18,7 +18,7 @@
*/
#ifndef lint
-static char rcsid[] = "$Id: options.c,v 1.39 1997/07/14 03:53:34 paulus Exp $";
+static char rcsid[] = "$Id: options.c,v 1.40 1997/11/27 06:09:34 paulus Exp $";
#endif
#include <ctype.h>
@@ -159,7 +159,7 @@ static int setescape __P((char **));
static int setmru __P((char **));
static int setmtu __P((char **));
#ifdef CBCP_SUPPORT
-static int setcbcp __P((char *));
+static int setcbcp __P((char **));
#endif
static int nomru __P((char **));
static int nopcomp __P((char **));
@@ -250,7 +250,7 @@ static int setipxcpfails __P((char **));
#endif /* IPX_CHANGE */
#ifdef MSLANMAN
-static int setmslanman __P((void));
+static int setmslanman __P((char **));
#endif
static int number_option __P((char *, u_int32_t *, int));
@@ -2544,7 +2544,8 @@ resetipxproto(argv)
#ifdef MSLANMAN
static int
-setmslanman()
+setmslanman(argv)
+ char **argv;
{
ms_lanman = 1;
return (1);
diff --git a/usr.sbin/pppd/patchlevel.h b/usr.sbin/pppd/patchlevel.h
index f109b9f9b0623..525207489581d 100644
--- a/usr.sbin/pppd/patchlevel.h
+++ b/usr.sbin/pppd/patchlevel.h
@@ -1,6 +1,6 @@
-/* $Id: patchlevel.h,v 1.29 1997/07/14 03:53:42 paulus Exp $ */
-#define PATCHLEVEL 1
+/* $Id: patchlevel.h,v 1.30 1997/11/27 06:09:44 paulus Exp $ */
+#define PATCHLEVEL 3
#define VERSION "2.3"
#define IMPLEMENTATION ""
-#define DATE "27 June 97"
+#define DATE "11 December 1997"
diff --git a/usr.sbin/pppd/sys-bsd.c b/usr.sbin/pppd/sys-bsd.c
index 0aee267b6b652..46962dec0ff63 100644
--- a/usr.sbin/pppd/sys-bsd.c
+++ b/usr.sbin/pppd/sys-bsd.c
@@ -21,8 +21,8 @@
*/
#ifndef lint
-static char rcsid[] = "$Id: sys-bsd.c,v 1.28 1997/04/30 05:57:46 paulus Exp $";
-#endif
+static char rcsid[] = "$Id: sys-bsd.c,v 1.29 1997/11/27 06:10:04 paulus Exp $";
+/* $NetBSD: sys-bsd.c,v 1.1.1.3 1997/09/26 18:53:04 christos Exp $ */
/*
* TODO:
@@ -58,7 +58,12 @@ static char rcsid[] = "$Id: sys-bsd.c,v 1.28 1997/04/30 05:57:46 paulus Exp $";
#include <netinet/in.h>
#if RTM_VERSION >= 3
-#include <netinet/if_ether.h>
+#include <sys/param.h>
+#if defined(NetBSD) && (NetBSD >= 199703)
+#include <netinet/if_inarp.h>
+#else /* NetBSD 1.2D or later */
+#include <net/if_ether.h>
+#endif
#endif
#include "pppd.h"
@@ -946,6 +951,7 @@ sifaddr(u, o, h, m)
u_int32_t o, h, m;
{
struct ifaliasreq ifra;
+ struct ifreq ifr;
strncpy(ifra.ifra_name, ifname, sizeof(ifra.ifra_name));
SET_SA_FAMILY(ifra.ifra_addr, AF_INET);
@@ -957,6 +963,12 @@ sifaddr(u, o, h, m)
((struct sockaddr_in *) &ifra.ifra_mask)->sin_addr.s_addr = m;
} else
BZERO(&ifra.ifra_mask, sizeof(ifra.ifra_mask));
+ BZERO(&ifr, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+ if (ioctl(sockfd, SIOCDIFADDR, (caddr_t) &ifr) < 0) {
+ if (errno != EADDRNOTAVAIL)
+ syslog(LOG_WARNING, "Couldn't remove interface address: %m");
+ }
if (ioctl(sockfd, SIOCAIFADDR, (caddr_t) &ifra) < 0) {
if (errno != EEXIST) {
syslog(LOG_ERR, "Couldn't set interface address: %m");