diff options
| author | Eivind Næss <eivnaes@yahoo.com> | 2023-01-20 22:12:58 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-21 17:12:58 +1100 |
| commit | ba7f7e053daae846a54a1d08d3d133a5f1266ace (patch) | |
| tree | 3da27cf3ca6d6eb76e3f9a05db4c5676591d5002 | |
| parent | 76016e1b948b7d9675b4e0750d1f943d96d9523b (diff) | |
| download | ppp-ba7f7e053daae846a54a1d08d3d133a5f1266ace.tar.gz | |
Header file reorganization and cleaning up the public API for pppd version 2.5.0 (#379)
This commit does several things, being a squash-and-merge of a series
of changes; squashed in order not to break bisection.
* Clean up pppd.h, moving declarations that should only be accessed by
pppd code (not by users of pppd) to a new pppd-private.h. Also,
other parts of pppd.h were moved to multilink.h, chap.h, eap.h,
eui64.h, and a new options.h.
* Provide an API for access to data that is needed by plugins (in no
particular order):
- ifname
- ifunit
- remote_name
- remote_number
- peer_authname
- status (now called "code" internally)
- phase
- doing_multilink
- multilink_master
- idle_time_limit
- link_connect_time
- max_connect_time
- link_stats
- ipparam
- hostname
- got_sigterm
- got_sigusr2
- got_sighup
- session_number
- maxoctets
- maxoctets_dir
- debug
- persist
- devnam
- modem
- peer_authname
- sync_serial
* Update the version number to 2.5.0.
* Detect availability of stddef.h and stdarg.h.
* Rename some headers:
- pppcrypt.c/h to crypto_ms.c/h
- ppp-crypto.c/h to crypto.c/h
- ppp-crypto-priv.h to crypto-priv.h
- chap-new.c/h to chap.c/h
* Remove chap-md5.h, crypto-priv.h, eap-tls.h, etc. from the list of
header files to be installed.
* Provide typedefs for the hook functions.
* Provide a typedef for the "phase" variable.
* Provide a typedef for the link statistics array.
* Remove the option_t typedef.
* Rename the following functions by adding a "ppp_" prefix (with the
intention that these are a "public" API for use by plugins):
- option_error
- add_options
- int_option,
- options_from_file
- script_setenv
- bad_ip_adrs,
- netif_get/set_mtu (renamed to ppp_get/set_mtu)
- get_time
- timeout
- untimeout
- safe_fork
- sys_close
- set_session_number
- update_link_stats (renamed to ppp_get_link_stats)
- add_notifier (renamed to ppp_add_notify)
- remove_notifier (renamed to ppp_del_notify)
- generic_[dis]establish_ppp (to ppp_generic_[dis]establish)
* Rename ppp_devnam to ppp_devname.
* Rename ppp_available() to ppp_check_kernel_support().
* Use unsigned char instead of u_char, unsigned short instead of
u_short, uint32_t instead of u_int32_t.
* Add const to some declarations
* Update comments
* Change the interface for notifiers to use an enum to identify which
notifier is to be modified.
* Provide an API for getting the path to a file, with an enum to
identify different types of file.
* Link plugins with the -DPLUGIN flag
[paulus@ozlabs.org - wrote commit message]
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
79 files changed, 2651 insertions, 1591 deletions
diff --git a/.github/workflows/ubuntu.yaml b/.github/workflows/ubuntu.yaml index 536aaf3..971c21f 100644 --- a/.github/workflows/ubuntu.yaml +++ b/.github/workflows/ubuntu.yaml @@ -5,7 +5,7 @@ jobs: build_and_test: runs-on: ubuntu-latest env: - configure_flags: --enable-ipxcp --enable-multilink --enable-systemd + configure_flags: --enable-multilink --enable-systemd steps: - uses: actions/checkout@v2 diff --git a/configure.ac b/configure.ac index 184213e..7dd2625 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ AC_PREREQ([2.69]) AC_INIT([ppp], - [2.4.10-dev], + [2.5.0], [https://github.com/ppp-project/ppp]) m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])]) @@ -51,6 +51,8 @@ AC_CHECK_HEADERS([ \ crypt.h \ paths.h \ shadow.h \ + stddef.h \ + stdarg.h \ sys/dlpi.h \ sys/ioctl.h \ sys/socket.h \ diff --git a/pppd/Makefile.am b/pppd/Makefile.am index 55d926b..c93a86a 100644 --- a/pppd/Makefile.am +++ b/pppd/Makefile.am @@ -2,7 +2,7 @@ sbin_PROGRAMS = pppd dist_man8_MANS = pppd.8 check_PROGRAMS = -utest_chap_SOURCES = chap_ms.c utils.c pppcrypt.c +utest_chap_SOURCES = chap_ms.c utils.c crypto_ms.c utest_chap_CPPFLAGS = -DUNIT_TEST utest_chap_LDFLAGS = @@ -10,12 +10,12 @@ utest_peap_SOURCES = peap.c utils.c mppe.c utest_peap_CPPFLAGS = -DUNIT_TEST utest_peap_LDFLAGS = -utest_crypto_SOURCES = ppp-crypto.c +utest_crypto_SOURCES = crypto.c utest_crypto_CPPFLAGS = -DUNIT_TEST utest_crypto_LDFLAGS = -utest_pppcrypt_SOURCES = pppcrypt.c -utest_pppcrypt_CPPFLAGS = -DUNIT_TEST_PPPCRYPT +utest_pppcrypt_SOURCES = crypto_ms.c +utest_pppcrypt_CPPFLAGS = -DUNIT_TEST_MSCRYPTO utest_pppcrypt_LDFLAGS = check_PROGRAMS += utest_crypto @@ -32,11 +32,11 @@ pppd_includedir = $(includedir)/pppd pppd_include_HEADERS = \ cbcp.h \ ccp.h \ - chap-md5.h \ + chap.h \ chap_ms.h \ - chap-new.h \ + crypto.h \ + crypto_ms.h \ eap.h \ - eap-tls.h \ ecp.h \ eui64.h \ fsm.h \ @@ -45,24 +45,30 @@ pppd_include_HEADERS = \ lcp.h \ magic.h \ mppe.h \ - pathnames.h \ - peap.h \ + multilink.h \ pppd.h \ + options.h \ pppdconf.h \ - pppcrypt.h \ - ppp-crypto.h \ - ppp-crypto-priv.h \ session.h \ + upap.h + +# Headers to be distributed, but not installed in /usr/include/pppd +noinst_HEADERS = \ + chap-md5.h \ + crypto-priv.h \ + eap-tls.h \ + pathnames.h \ + peap.h \ + pppd-private.h \ spinlock.h \ tls.h \ - tdb.h \ - upap.h + tdb.h pppd_SOURCES = \ auth.c \ ccp.c \ chap-md5.c \ - chap-new.c \ + chap.c \ demand.c \ eap.c \ ecp.c \ @@ -82,7 +88,8 @@ pppd_LDFLAGS = pppd_LIBS = if LINUX -pppd_SOURCES += sys-linux.c termios_linux.h +pppd_SOURCES += sys-linux.c +noinst_HEADERS += termios_linux.h pppd_LIBS += $(CRYPT_LIBS) $(UTIL_LIBS) endif @@ -93,12 +100,12 @@ pppd_LIBS += -lsocket -lnsl endif if PPP_WITH_CHAPMS -pppd_SOURCES += chap_ms.c pppcrypt.c +pppd_SOURCES += chap_ms.c crypto_ms.c check_PROGRAMS += utest_chap check_PROGRAMS += utest_pppcrypt else if WITH_SRP -pppd_SOURCES += pppcrypt.c +pppd_SOURCES += crypto_ms.c check_PROGRAMS += utest_pppcrypt endif endif @@ -156,21 +163,21 @@ pppd_SOURCES += peap.c check_PROGRAMS += utest_peap endif -noinst_LTLIBRARIES = libppp_crypt.la -libppp_crypt_la_SOURCES=ppp-crypto.c ppp-md5.c ppp-md4.c ppp-sha1.c ppp-des.c +noinst_LTLIBRARIES = libppp_crypto.la +libppp_crypto_la_SOURCES=crypto.c ppp-md5.c ppp-md4.c ppp-sha1.c ppp-des.c if PPP_WITH_OPENSSL -libppp_crypt_la_CPPFLAGS=$(OPENSSL_INCLUDES) -libppp_crypt_la_LDFLAGS=$(OPENSSL_LDFLAGS) -libppp_crypt_la_LIBADD=$(OPENSSL_LIBS) +libppp_crypto_la_CPPFLAGS=$(OPENSSL_INCLUDES) +libppp_crypto_la_LDFLAGS=$(OPENSSL_LDFLAGS) +libppp_crypto_la_LIBADD=$(OPENSSL_LIBS) endif -utest_peap_LDADD = libppp_crypt.la -utest_chap_LDADD = libppp_crypt.la -utest_crypto_LDADD = libppp_crypt.la -utest_pppcrypt_LDADD = libppp_crypt.la +utest_peap_LDADD = libppp_crypto.la +utest_chap_LDADD = libppp_crypto.la +utest_crypto_LDADD = libppp_crypto.la +utest_pppcrypt_LDADD = libppp_crypto.la -pppd_LIBS += libppp_crypt.la +pppd_LIBS += libppp_crypto.la if WITH_SYSTEMD pppd_CPPFLAGS += $(SYSTEMD_CFLAGS) diff --git a/pppd/auth.c b/pppd/auth.c index 5c64f28..d27f630 100644 --- a/pppd/auth.c +++ b/pppd/auth.c @@ -113,14 +113,15 @@ #include <systemd/sd-daemon.h> #endif -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "fsm.h" #include "lcp.h" #include "ccp.h" #include "ecp.h" #include "ipcp.h" #include "upap.h" -#include "chap-new.h" +#include "chap.h" #include "eap.h" #ifdef PPP_WITH_EAPTLS #include "eap-tls.h" @@ -128,6 +129,7 @@ #ifdef PPP_WITH_CBCP #include "cbcp.h" #endif +#include "multilink.h" #include "pathnames.h" #include "session.h" @@ -179,28 +181,26 @@ static bool default_auth; int (*idle_time_hook)(struct ppp_idle *) = NULL; /* Hook for a plugin to say whether we can possibly authenticate any peer */ -int (*pap_check_hook)(void) = NULL; +pap_check_hook_fn *pap_check_hook = NULL; /* Hook for a plugin to check the PAP user and password */ -int (*pap_auth_hook)(char *user, char *passwd, char **msgp, - struct wordlist **paddrs, - struct wordlist **popts) = NULL; +pap_auth_hook_fn *pap_auth_hook = NULL; /* Hook for a plugin to know about the PAP user logout */ -void (*pap_logout_hook)(void) = NULL; +pap_logout_hook_fn *pap_logout_hook = NULL; /* Hook for a plugin to get the PAP password for authenticating us */ -int (*pap_passwd_hook)(char *user, char *passwd) = NULL; +pap_passwd_hook_fn *pap_passwd_hook = NULL; /* Hook for a plugin to say if we can possibly authenticate a peer using CHAP */ -int (*chap_check_hook)(void) = NULL; +chap_check_hook_fn *chap_check_hook = NULL; /* Hook for a plugin to get the CHAP password for authenticating us */ -int (*chap_passwd_hook)(char *user, char *passwd) = NULL; +chap_passwd_hook_fn *chap_passwd_hook = NULL; #ifdef PPP_WITH_EAPTLS /* Hook for a plugin to get the EAP-TLS password for authenticating us */ -int (*eaptls_passwd_hook)(char *user, char *passwd) = NULL; +eaptls_passwd_hook_fn *eaptls_passwd_hook = NULL; #endif /* Hook for a plugin to say whether it is OK if the peer @@ -210,11 +210,6 @@ int (*null_auth_hook)(struct wordlist **paddrs, int (*allowed_address_hook)(u_int32_t addr) = NULL; -#ifdef PPP_WITH_MULTILINK -/* Hook for plugin to hear when an interface joins a multilink bundle */ -void (*multilink_join_hook)(void) = NULL; -#endif - /* A notifier for when the peer has authenticated itself, and we are proceeding to the network phase. */ struct notifier *auth_up_notifier = NULL; @@ -322,7 +317,7 @@ static void check_maxoctets (void *); /* * Authentication-related options. */ -option_t auth_options[] = { +struct option auth_options[] = { { "auth", o_bool, &auth_required, "Require authentication from peer", OPT_PRIO | 1 }, { "noauth", o_bool, &auth_required, @@ -469,6 +464,36 @@ option_t auth_options[] = { { NULL } }; +const char * +ppp_remote_name() +{ + return remote_name; +} + +const char * +ppp_get_remote_number(void) +{ + return remote_number; +} + +void +ppp_set_remote_number(const char *buf) +{ + if (buf) { + strlcpy(remote_number, buf, sizeof(remote_number)); + } +} + +const char * +ppp_peer_authname(char *buf, size_t bufsz) +{ + if (buf && bufsz > 0) { + strlcpy(buf, peer_authname, bufsz); + return buf; + } + return peer_authname; +} + /* * setupapfile - specifies UPAP info for authenticating with peer. */ @@ -489,7 +514,7 @@ setupapfile(char **argv) novm("+ua file name"); euid = geteuid(); if (seteuid(getuid()) == -1) { - option_error("unable to reset uid before opening %s: %m", fname); + ppp_option_error("unable to reset uid before opening %s: %m", fname); free(fname); return 0; } @@ -497,7 +522,7 @@ setupapfile(char **argv) if (seteuid(euid) == -1) fatal("unable to regain privileges: %m"); if (ufile == NULL) { - option_error("unable to open user login data file %s", fname); + ppp_option_error("unable to open user login data file %s", fname); free(fname); return 0; } @@ -508,7 +533,7 @@ setupapfile(char **argv) if (fgets(u, MAXNAMELEN - 1, ufile) == NULL || fgets(p, MAXSECRETLEN - 1, ufile) == NULL) { fclose(ufile); - option_error("unable to read user login data file %s", fname); + ppp_option_error("unable to read user login data file %s", fname); free(fname); return 0; } @@ -547,7 +572,7 @@ privgroup(char **argv) g = getgrnam(*argv); if (g == 0) { - option_error("group %s is unknown", *argv); + ppp_option_error("group %s is unknown", *argv); return 0; } for (i = 0; i < ngroups; ++i) { @@ -616,7 +641,7 @@ link_required(int unit) */ void start_link(int unit) { - status = EXIT_CONNECT_FAILED; + ppp_set_status(EXIT_CONNECT_FAILED); new_phase(PHASE_SERIALCONN); hungup = 0; @@ -634,7 +659,7 @@ void start_link(int unit) */ fd_ppp = the_channel->establish_ppp(devfd); if (fd_ppp < 0) { - status = EXIT_FATAL_ERROR; + ppp_set_status(EXIT_FATAL_ERROR); goto disconnect; } @@ -646,12 +671,12 @@ void start_link(int unit) * incoming events (reply, timeout, etc.). */ if (ifunit >= 0) - notice("Connect: %s <--> %s", ifname, ppp_devnam); + notice("Connect: %s <--> %s", ifname, ppp_devname); else - notice("Starting negotiation on %s", ppp_devnam); + notice("Starting negotiation on %s", ppp_devname); add_fd(fd_ppp); - status = EXIT_NEGOTIATION_FAILED; + ppp_set_status(EXIT_NEGOTIATION_FAILED); new_phase(PHASE_ESTABLISH); lcp_lowerup(0); @@ -675,7 +700,7 @@ void start_link(int unit) void link_terminated(int unit) { - if (phase == PHASE_DEAD || phase == PHASE_MASTER) + if (in_phase(PHASE_DEAD) || in_phase(PHASE_MASTER)) return; new_phase(PHASE_DISCONNECT); @@ -684,7 +709,7 @@ link_terminated(int unit) } session_end(devnam); - if (!doing_multilink) { + if (!mp_on()) { notice("Connection terminated."); print_link_stats(); } else @@ -695,9 +720,8 @@ link_terminated(int unit) * can happen that another pppd gets the same unit and then * we delete its pid file. */ - if (!doing_multilink && !demand) + if (!demand && !mp_on()) remove_pidfiles(); - /* * If we may want to bring the link up again, transfer * the ppp unit back to the loopback. Set the @@ -707,14 +731,14 @@ link_terminated(int unit) remove_fd(fd_ppp); clean_check(); the_channel->disestablish_ppp(devfd); - if (doing_multilink) + if (mp_on()) mp_exit_bundle(); fd_ppp = -1; } if (!hungup) lcp_lowerdown(0); - if (!doing_multilink && !demand) - script_unsetenv("IFNAME"); + if (!mp_on() && !demand) + ppp_script_unsetenv("IFNAME"); /* * Run disconnector script, if requested. @@ -727,7 +751,7 @@ link_terminated(int unit) if (the_channel->cleanup) (*the_channel->cleanup)(); - if (doing_multilink && multilink_master) { + if (mp_on() && mp_master()) { if (!bundle_terminating) { new_phase(PHASE_MASTER); if (master_detach && !detached) @@ -748,14 +772,15 @@ link_down(int unit) notify(link_down_notifier, 0); auth_state = s_down; if (auth_script_state == s_up && auth_script_pid == 0) { - update_link_stats(unit); + ppp_get_link_stats(NULL); auth_script_state = s_down; auth_script(PPP_PATH_AUTHDOWN); } } - if (!doing_multilink) { + if (!mp_on()) + { upper_layers_down(unit); - if (phase != PHASE_DEAD && phase != PHASE_MASTER) + if (!in_phase(PHASE_DEAD) && !in_phase(PHASE_MASTER)) new_phase(PHASE_ESTABLISH); } /* XXX if doing_multilink, should do something to stop @@ -799,13 +824,11 @@ link_established(int unit) /* * Tell higher-level protocols that LCP is up. */ - if (!doing_multilink) { + if (!mp_on()) for (i = 0; (protp = protocols[i]) != NULL; ++i) if (protp->protocol != PPP_LCP && protp->enabled_flag && protp->lowerup != NULL) (*protp->lowerup)(unit); - } - if (!auth_required && noauth_addrs != NULL) set_allowed_addrs(unit, NULL, NULL); @@ -821,7 +844,7 @@ link_established(int unit) set_allowed_addrs(unit, NULL, NULL); } else if (!wo->neg_upap || uselogin || !null_login(unit)) { warn("peer refused to authenticate: terminating link"); - status = EXIT_PEER_AUTH_FAILED; + ppp_set_status(EXIT_PEER_AUTH_FAILED); lcp_close(unit, "peer refused to authenticate"); return; } @@ -831,14 +854,14 @@ link_established(int unit) if (need_peer_eap && !ao->neg_eap) { warn("eap required to authenticate us but no suitable secrets"); lcp_close(unit, "couldn't negotiate eap"); - status = EXIT_AUTH_TOPEER_FAILED; + ppp_set_status(EXIT_AUTH_TOPEER_FAILED); return; } if (need_peer_eap && !ho->neg_eap) { warn("peer doesn't want to authenticate us with eap"); lcp_close(unit, "couldn't negotiate eap"); - status = EXIT_PEER_AUTH_FAILED; + ppp_set_status(EXIT_PEER_AUTH_FAILED); return; } #endif @@ -996,7 +1019,7 @@ auth_peer_fail(int unit, int protocol) /* * Authentication failure: take the link down */ - status = EXIT_PEER_AUTH_FAILED; + ppp_set_status(EXIT_PEER_AUTH_FAILED); lcp_close(unit, "Authentication failed"); } @@ -1044,7 +1067,7 @@ auth_peer_success(int unit, int protocol, int prot_flavor, namelen = sizeof(peer_authname) - 1; BCOPY(name, peer_authname, namelen); peer_authname[namelen] = 0; - script_setenv("PEERNAME", peer_authname, 0); + ppp_script_setenv("PEERNAME", peer_authname, 0); /* Save the authentication method for later. */ auth_done[unit] |= bit; @@ -1071,7 +1094,7 @@ auth_withpeer_fail(int unit, int protocol) * is no point in persisting without any way to get updated * authentication secrets. */ - status = EXIT_AUTH_TOPEER_FAILED; + ppp_set_status(EXIT_AUTH_TOPEER_FAILED); lcp_close(unit, "Failed to authenticate ourselves to peer"); } @@ -1143,14 +1166,14 @@ np_up(int unit, int proto) /* * At this point we consider that the link has come up successfully. */ - status = EXIT_OK; + ppp_set_status(EXIT_OK); unsuccess = 0; new_phase(PHASE_RUNNING); if (idle_time_hook != 0) tlim = (*idle_time_hook)(NULL); else - tlim = idle_time_limit; + tlim = ppp_get_max_idle_time(); if (tlim > 0) TIMEOUT(check_idle, NULL, tlim); @@ -1158,9 +1181,13 @@ np_up(int unit, int proto) * Set a timeout to close the connection once the maximum * connect time has expired. */ - if (maxconnect > 0) - TIMEOUT(connect_time_expired, 0, maxconnect); + if (ppp_get_max_connect_time() > 0) + TIMEOUT(connect_time_expired, 0, ppp_get_max_connect_time()); + /* + * Configure a check to see if session has outlived it's limit + * in terms of octets + */ if (maxoctets > 0) TIMEOUT(check_maxoctets, NULL, maxoctets_timeout); @@ -1206,33 +1233,41 @@ np_finished(int unit, int proto) } } +/* + * Periodic callback to check if session has reached its limit. The period defaults + * to 1 second and is configurable by setting "mo-timeout" in configuration + */ static void check_maxoctets(void *arg) { unsigned int used; - - update_link_stats(ifunit); - link_stats_valid=0; - - switch(maxoctets_dir) { - case PPP_OCTETS_DIRECTION_IN: - used = link_stats.bytes_in; - break; - case PPP_OCTETS_DIRECTION_OUT: - used = link_stats.bytes_out; - break; - case PPP_OCTETS_DIRECTION_MAXOVERAL: - case PPP_OCTETS_DIRECTION_MAXSESSION: - used = (link_stats.bytes_in > link_stats.bytes_out) ? link_stats.bytes_in : link_stats.bytes_out; - break; - default: - used = link_stats.bytes_in+link_stats.bytes_out; - break; + ppp_link_stats_st stats; + + if (ppp_get_link_stats(&stats)) { + switch(maxoctets_dir) { + case PPP_OCTETS_DIRECTION_IN: + used = stats.bytes_in; + break; + case PPP_OCTETS_DIRECTION_OUT: + used = stats.bytes_out; + break; + case PPP_OCTETS_DIRECTION_MAXOVERAL: + case PPP_OCTETS_DIRECTION_MAXSESSION: + used = (stats.bytes_in > stats.bytes_out) + ? stats.bytes_in + : stats.bytes_out; + break; + default: + used = stats.bytes_in+stats.bytes_out; + break; + } } + if (used > maxoctets) { notice("Traffic limit reached. Limit: %u Used: %u", maxoctets, used); - status = EXIT_TRAFFIC_LIMIT; + ppp_set_status(EXIT_TRAFFIC_LIMIT); lcp_close(0, "Traffic limit"); + link_stats_print = 0; need_holdoff = 0; } else { TIMEOUT(check_maxoctets, NULL, maxoctets_timeout); @@ -1256,12 +1291,12 @@ check_idle(void *arg) tlim = idle_time_hook(&idle); } else { itime = MIN(idle.xmit_idle, idle.recv_idle); - tlim = idle_time_limit - itime; + tlim = ppp_get_max_idle_time() - itime; } if (tlim <= 0) { /* link is idle: shut it down. */ notice("Terminating connection due to lack of activity."); - status = EXIT_IDLE_TIMEOUT; + ppp_set_status(EXIT_IDLE_TIMEOUT); lcp_close(0, "Link inactive"); need_holdoff = 0; } else { @@ -1276,7 +1311,7 @@ static void connect_time_expired(void *arg) { info("Connect time expired"); - status = EXIT_CONNECT_TIME; + ppp_set_status(EXIT_CONNECT_TIME); lcp_close(0, "Connect time expired"); /* Close connection */ } @@ -1292,7 +1327,8 @@ auth_check_options(void) /* Default our_name to hostname, and user to our_name */ if (our_name[0] == 0 || usehostname) - strlcpy(our_name, hostname, sizeof(our_name)); + strlcpy(our_name, hostname, sizeof(our_name)); + /* If a blank username was explicitly given as an option, trust the user and don't use our_name */ if (user[0] == 0 && !explicit_user) @@ -1354,21 +1390,21 @@ auth_check_options(void) if (auth_required && !can_auth && noauth_addrs == NULL) { if (default_auth) { - option_error( + ppp_option_error( "By default the remote system is required to authenticate itself"); - option_error( + ppp_option_error( "(because this system has a default route to the internet)"); } else if (explicit_remote) - option_error( + ppp_option_error( "The remote system (%s) is required to authenticate itself", remote_name); else - option_error( + ppp_option_error( "The remote system is required to authenticate itself"); - option_error( + ppp_option_error( "but I couldn't find any suitable secret (password) for it to use to do so."); if (lacks_ip) - option_error( + ppp_option_error( "(None of the available passwords would let it use an IP address.)"); exit(1); @@ -2049,7 +2085,7 @@ auth_ip_addr(int unit, u_int32_t addr) int ok; /* don't allow loopback or multicast address */ - if (bad_ip_adrs(addr)) + if (ppp_bad_ip_addr(addr)) return 0; if (allowed_address_hook) { @@ -2077,12 +2113,10 @@ ip_addr_check(u_int32_t addr, struct permitted_ip *addrs) } /* - * bad_ip_adrs - return 1 if the IP address is one we don't want - * to use, such as an address in the loopback net or a multicast address. - * addr is in network byte order. + * Check if given addr in network byte order is in the looback network, or a multicast address. */ -int -bad_ip_adrs(u_int32_t addr) +bool +ppp_bad_ip_addr(u_int32_t addr) { addr = ntohl(addr); return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET diff --git a/pppd/cbcp.c b/pppd/cbcp.c index 87bf9c0..8c33cf6 100644 --- a/pppd/cbcp.c +++ b/pppd/cbcp.c @@ -41,10 +41,11 @@ #include <sys/types.h> #include <sys/time.h> -#include "pppd.h" +#include "pppd-private.h" #include "cbcp.h" #include "fsm.h" #include "lcp.h" +#include "options.h" /* @@ -52,7 +53,7 @@ */ static int setcbcp (char **); -static option_t cbcp_option_list[] = { +static struct option cbcp_option_list[] = { { "callback", o_special, (void *)setcbcp, "Ask for callback", OPT_PRIO | OPT_A2STRVAL, &cbcp[0].us_number }, { NULL } @@ -461,6 +462,6 @@ static void cbcp_up(cbcp_state *us) { persist = 0; - status = EXIT_CALLBACK; + ppp_set_status(EXIT_CALLBACK); lcp_close(0, "Call me back, please"); } @@ -42,7 +42,8 @@ #include <linux/ppp-comp.h> #endif -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "fsm.h" #include "ccp.h" @@ -75,7 +76,7 @@ static char deflate_value[8]; bool refuse_mppe_stateful = 1; /* Allow stateful mode? */ #endif -static option_t ccp_option_list[] = { +static struct option ccp_option_list[] = { { "noccp", o_bool, &ccp_protent.enabled_flag, "Disable CCP negotiation" }, { "-ccp", o_bool, &ccp_protent.enabled_flag, @@ -276,12 +277,12 @@ setbsdcomp(char **argv) abits = strtol(str, &endp, 0); } if (*endp != 0 || endp == str) { - option_error("invalid parameter '%s' for bsdcomp option", *argv); + ppp_option_error("invalid parameter '%s' for bsdcomp option", *argv); return 0; } if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS)) || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) { - option_error("bsdcomp option values must be 0 or %d .. %d", + ppp_option_error("bsdcomp option values must be 0 or %d .. %d", BSD_MIN_BITS, BSD_MAX_BITS); return 0; } @@ -314,13 +315,13 @@ setdeflate(char **argv) abits = strtol(str, &endp, 0); } if (*endp != 0 || endp == str) { - option_error("invalid parameter '%s' for deflate option", *argv); + ppp_option_error("invalid parameter '%s' for deflate option", *argv); return 0; } if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE)) || (abits != 0 && (abits < DEFLATE_MIN_SIZE || abits > DEFLATE_MAX_SIZE))) { - option_error("deflate option values must be 0 or %d .. %d", + ppp_option_error("deflate option values must be 0 or %d .. %d", DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE); return 0; } @@ -1175,9 +1176,9 @@ ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak) * because MPPE frames **grow**. The kernel [must] * allocate MPPE_PAD extra bytes in xmit buffers. */ - mtu = netif_get_mtu(f->unit); + mtu = ppp_get_mtu(f->unit); if (mtu) - netif_set_mtu(f->unit, mtu - MPPE_PAD); + ppp_set_mtu(f->unit, mtu - MPPE_PAD); else newret = CONFREJ; } @@ -41,9 +41,9 @@ typedef struct ccp_options { bool predictor_2; /* do Predictor-2? */ bool deflate_correct; /* use correct code for deflate? */ bool deflate_draft; /* use draft RFC code for deflate? */ - u_char mppe; /* MPPE bitfield */ - u_short bsd_bits; /* # bits/code for BSD Compress */ - u_short deflate_size; /* lg(window size) for Deflate */ + unsigned char mppe; /* MPPE bitfield */ + unsigned short bsd_bits; /* # bits/code for BSD Compress */ + unsigned short deflate_size; /* lg(window size) for Deflate */ short method; /* code for chosen compression method */ } ccp_options; diff --git a/pppd/chap-md5.c b/pppd/chap-md5.c index 8bcbbba..0b76d9a 100644 --- a/pppd/chap-md5.c +++ b/pppd/chap-md5.c @@ -36,11 +36,11 @@ #include <stdlib.h> #include <string.h> -#include "pppd.h" -#include "chap-new.h" +#include "pppd-private.h" +#include "chap.h" #include "chap-md5.h" #include "magic.h" -#include "ppp-crypto.h" +#include "crypto.h" #define MD5_MIN_CHALLENGE 16 #define MD5_MAX_CHALLENGE 24 diff --git a/pppd/chap-new.c b/pppd/chap.c index 565713f..2411b95 100644 --- a/pppd/chap-new.c +++ b/pppd/chap.c @@ -36,9 +36,10 @@ #include <stdlib.h> #include <string.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "session.h" -#include "chap-new.h" +#include "chap.h" #include "chap-md5.h" #ifdef PPP_WITH_CHAPMS @@ -51,10 +52,7 @@ int chap_mdtype_all = MDTYPE_ALL; /* Hook for a plugin to validate CHAP challenge */ -int (*chap_verify_hook)(char *name, char *ourname, int id, - struct chap_digest_type *digest, - unsigned char *challenge, unsigned char *response, - char *message, int message_space) = NULL; +chap_verify_hook_fn *chap_verify_hook = NULL; /* * Option variables. @@ -68,7 +66,7 @@ int chapms_strip_domain = 0; /* * Command-line options. */ -static option_t chap_option_list[] = { +static struct option chap_option_list[] = { { "chap-restart", o_int, &chap_server_timeout_time, "Set timeout for CHAP (as server)", OPT_PRIO }, { "chap-max-challenge", o_int, &chap_max_transmits, @@ -129,10 +127,7 @@ static void chap_client_timeout(void *arg); static void chap_generate_challenge(struct chap_server_state *ss); static void chap_handle_response(struct chap_server_state *ss, int code, unsigned char *pkt, int len); -static int chap_verify_response(char *name, char *ourname, int id, - struct chap_digest_type *digest, - unsigned char *challenge, unsigned char *response, - char *message, int message_space); +static chap_verify_hook_fn chap_verify_response; static void chap_respond(struct chap_client_state *cs, int id, unsigned char *pkt, int len); static void chap_handle_status(struct chap_client_state *cs, int code, int id, @@ -345,9 +340,8 @@ chap_handle_response(struct chap_server_state *ss, int id, { int response_len, ok, mlen; unsigned char *response, *p; - char *name = NULL; /* initialized to shut gcc up */ - int (*verifier)(char *, char *, int, struct chap_digest_type *, - unsigned char *, unsigned char *, char *, int); + char *name = NULL; + chap_verify_hook_fn *verifier; char rname[MAXNAMELEN+1]; if ((ss->flags & LOWERUP) == 0) diff --git a/pppd/chap-new.h b/pppd/chap.h index 9ebec54..e693fc9 100644 --- a/pppd/chap-new.h +++ b/pppd/chap.h @@ -92,6 +92,7 @@ extern int chap_mdtype_all; ((digest) == CHAP_MD5)? (mdtype) & MDTYPE_MD5: \ 0 + /* * The code for each digest type has to supply one of these. */ @@ -116,11 +117,38 @@ struct chap_digest_type { struct chap_digest_type *next; }; -/* Hook for a plugin to validate CHAP challenge */ -extern int (*chap_verify_hook)(char *name, char *ourname, int id, +/* + * This function will return a value of 1 to indicate that a plugin intend to supply + * a username or a password to pppd through the chap_passwd_hook callback. + * + * Return a value > 0 to avoid parsing the chap-secrets file. + */ +typedef int (chap_check_hook_fn)(void); +extern chap_check_hook_fn *chap_check_hook; + +/* + * A plugin can chose to supply its own user and password overriding whatever + * has been provided by the configuration. Hook is only valid when pppd is + * acting as a client. + * + * The maximum size of the user argument is always MAXNAMELEN + * The length of the password is always MAXWORDLEN, however; secrets can't be + * longer than MAXSECRETLEN + * + * Return a value < 0 to fail the connection. + */ +typedef int (chap_passwd_hook_fn)(char *user, char *password); +extern chap_passwd_hook_fn *chap_passwd_hook; + +/* + * A plugin can chose to replace the default chap_verify_response function with + * one of their own. + */ +typedef int (chap_verify_hook_fn)(char *name, char *ourname, int id, struct chap_digest_type *digest, unsigned char *challenge, unsigned char *response, char *message, int message_space); +extern chap_verify_hook_fn *chap_verify_hook; /* Called by digest code to register a digest type */ extern void chap_register_digest(struct chap_digest_type *); diff --git a/pppd/chap_ms.c b/pppd/chap_ms.c index 704052f..c34b6aa 100644 --- a/pppd/chap_ms.c +++ b/pppd/chap_ms.c @@ -93,13 +93,14 @@ #include <linux/ppp-comp.h> #endif -#include "pppd.h" -#include "chap-new.h" +#include "pppd-private.h" +#include "options.h" +#include "chap.h" #include "chap_ms.h" #include "magic.h" #include "mppe.h" -#include "ppp-crypto.h" -#include "pppcrypt.h" +#include "crypto.h" +#include "crypto_ms.h" #ifdef UNIT_TEST #undef PPP_WITH_MPPE @@ -139,7 +140,7 @@ static char *mschap2_peer_challenge = NULL; /* * Command-line options. */ -static option_t chapms_option_list[] = { +static struct option chapms_option_list[] = { #ifdef PPP_WITH_MSLANMAN { "ms-lanman", o_bool, &ms_lanman, "Use LanMan passwd when using MS-CHAP", 1 }, @@ -538,7 +539,7 @@ ChallengeHash(u_char PeerChallenge[16], u_char *rchallenge, PPP_MD_CTX* ctx; u_char hash[SHA_DIGEST_LENGTH]; int hash_len; - char *user; + const char *user; /* remove domain from "domain\username" */ if ((user = strrchr(username, '\\')) != NULL) @@ -835,7 +836,7 @@ ChapMS(u_char *rchallenge, char *secret, int secret_len, * Authenticator Response. */ void -ChapMS2(u_char *rchallenge, u_char *PeerChallenge, +ChapMS2(unsigned char *rchallenge, unsigned char *PeerChallenge, char *user, char *secret, int secret_len, unsigned char *response, u_char authResponse[], int authenticator) { @@ -894,7 +895,7 @@ chapms_init(void) { chap_register_digest(&chapms_digest); chap_register_digest(&chapms2_digest); - add_options(chapms_option_list); + ppp_add_options(chapms_option_list); } #else diff --git a/pppd/chap_ms.h b/pppd/chap_ms.h index 5397a22..e5f4c28 100644 --- a/pppd/chap_ms.h +++ b/pppd/chap_ms.h @@ -78,7 +78,7 @@ void ChapMS (u_char *, char *, int, u_char *); void ChapMS2 (u_char *, u_char *, char *, char *, int, u_char *, u_char[MS_AUTH_RESPONSE_LENGTH+1], int); -void ChallengeHash (u_char[16], u_char *, char *, u_char[8]); +void ChallengeHash (u_char[16], u_char *, char *, u_char[8]); /** diff --git a/pppd/ppp-crypto-priv.h b/pppd/crypto-priv.h index 984f08a..6c9d152 100644 --- a/pppd/ppp-crypto-priv.h +++ b/pppd/crypto-priv.h @@ -29,7 +29,7 @@ #ifndef PPP_CRYPTO_PRIV_H #define PPP_CRYPTO_PRIV_H -#include "ppp-crypto.h" +#include "crypto.h" #define MAX_KEY_SIZE 32 #define MAX_IV_SIZE 32 diff --git a/pppd/ppp-crypto.c b/pppd/crypto.c index ca74327..905f11d 100644 --- a/pppd/ppp-crypto.c +++ b/pppd/crypto.c @@ -35,8 +35,8 @@ #include <stdlib.h> #include <string.h> -#include "ppp-crypto.h" -#include "ppp-crypto-priv.h" +#include "crypto.h" +#include "crypto-priv.h" #ifdef PPP_WITH_OPENSSL #include <openssl/opensslv.h> diff --git a/pppd/ppp-crypto.h b/pppd/crypto.h index cb9da86..af85179 100644 --- a/pppd/ppp-crypto.h +++ b/pppd/crypto.h @@ -48,20 +48,46 @@ struct _PPP_MD; typedef struct _PPP_MD_CTX PPP_MD_CTX; typedef struct _PPP_MD PPP_MD; - +/* + * Create a new Message Digest context object + */ PPP_MD_CTX *PPP_MD_CTX_new(); -void PPP_MD_CTX_free(PPP_MD_CTX*); +/* + * Free the Message Digest context + */ +void PPP_MD_CTX_free(PPP_MD_CTX*); +/* + * Fetch the MD4 algorithm + */ const PPP_MD *PPP_md4(void); + +/* + * Fetch the MD5 algorithm + */ const PPP_MD *PPP_md5(void); -const PPP_MD *PPP_sha1(void); +/* + * Fetch the SHA1 algorithm + */ +const PPP_MD *PPP_sha1(void); +/* + * Initializes a context object + */ int PPP_DigestInit(PPP_MD_CTX *ctx, const PPP_MD *type); + +/* + * For each iteration update the context with more input + */ int PPP_DigestUpdate(PPP_MD_CTX *ctx, const void *data, size_t cnt); + +/* + * Perform the final operation, and output the digest + */ int PPP_DigestFinal(PPP_MD_CTX *ctx, unsigned char *out, unsigned int *outlen); @@ -73,28 +99,57 @@ typedef struct _PPP_CIPHER_CTX PPP_CIPHER_CTX; typedef struct _PPP_CIPHER PPP_CIPHER; +/* + * Create a new Cipher Context + */ PPP_CIPHER_CTX *PPP_CIPHER_CTX_new(void); + +/* + * Release the Cipher Context + */ void PPP_CIPHER_CTX_free(PPP_CIPHER_CTX *ctx); +/* + * Fetch the DES in ECB mode cipher algorithm + */ const PPP_CIPHER *PPP_des_ecb(void); +/* + * Set the particular data directly + */ void PPP_CIPHER_CTX_set_cipher_data(PPP_CIPHER_CTX *ctx, const unsigned char *key); +/* + * Initialize the crypto operation + */ int PPP_CipherInit(PPP_CIPHER_CTX *ctx, const PPP_CIPHER *cipher, const unsigned char *key, const unsigned char *iv, int encr); +/* + * Encrypt input data, and store it in the output buffer + */ int PPP_CipherUpdate(PPP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl); +/* + * Finish the crypto operation, and fetch any outstanding bytes + */ int PPP_CipherFinal(PPP_CIPHER_CTX *ctx, unsigned char *out, int *outl); +/* + * Global initialization, must be called once per process + */ int PPP_crypto_init(); + +/* + * Global deinitialization + */ int PPP_crypto_deinit(); #endif diff --git a/pppd/pppcrypt.c b/pppd/crypto_ms.c index cc4f5f7..81f3a76 100644 --- a/pppd/pppcrypt.c +++ b/pppd/crypto_ms.c @@ -38,8 +38,8 @@ #include <stddef.h> -#include "pppcrypt.h" -#include "ppp-crypto.h" +#include "crypto.h" +#include "crypto_ms.h" /* @@ -182,7 +182,7 @@ DesDecrypt(unsigned char *cipher, unsigned char *key, unsigned char *clear) return (retval); } -#ifdef UNIT_TEST_PPPCRYPT +#ifdef UNIT_TEST_MSCRYPTO #include <string.h> #include <stdio.h> diff --git a/pppd/pppcrypt.h b/pppd/crypto_ms.h index 9083594..9083594 100644 --- a/pppd/pppcrypt.h +++ b/pppd/crypto_ms.h diff --git a/pppd/demand.c b/pppd/demand.c index d610d69..c2eeb41 100644 --- a/pppd/demand.c +++ b/pppd/demand.c @@ -51,7 +51,7 @@ #include <pcap-bpf.h> #endif -#include "pppd.h" +#include "pppd-private.h" #include "fsm.h" #include "ipcp.h" #include "lcp.h" @@ -97,7 +97,7 @@ demand_conf(void) flush_flag = 0; fcs = PPP_INITFCS; - netif_set_mtu(0, MIN(lcp_allowoptions[0].mru, PPP_MRU)); + ppp_set_mtu(0, MIN(lcp_allowoptions[0].mru, PPP_MRU)); if (ppp_send_config(0, PPP_MRU, (u_int32_t) 0, 0, 0) < 0 || ppp_recv_config(0, PPP_MRU, (u_int32_t) 0, 0, 0) < 0) fatal("Couldn't set up demand-dialled PPP interface: %m"); diff --git a/pppd/eap-tls.c b/pppd/eap-tls.c index a7e444d..d70557e 100644 --- a/pppd/eap-tls.c +++ b/pppd/eap-tls.c @@ -51,7 +51,7 @@ #include <openssl/x509v3.h> #include <openssl/pkcs12.h> -#include "pppd.h" +#include "pppd-private.h" #include "tls.h" #include "eap.h" #include "eap-tls.h" @@ -63,10 +63,11 @@ #include <assert.h> #include <errno.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "pathnames.h" -#include "ppp-crypto.h" -#include "pppcrypt.h" +#include "crypto.h" +#include "crypto_ms.h" #include "eap.h" #ifdef PPP_WITH_PEAP #include "peap.h" @@ -86,8 +87,8 @@ #endif /* PPP_WITH_EAPTLS */ #ifdef PPP_WITH_CHAPMS +#include "chap.h" #include "chap_ms.h" -#include "chap-new.h" extern int chapms_strip_domain; #endif /* PPP_WITH_CHAPMS */ @@ -100,7 +101,7 @@ static char *pn_secret = NULL; /* Pseudonym generating secret */ /* * Command-line options. */ -static option_t eap_option_list[] = { +static struct option eap_option_list[] = { { "eap-restart", o_int, &eap_states[0].es_server.ea_timeout, "Set retransmit timeout for EAP Requests (server)" }, { "eap-max-sreq", o_int, &eap_states[0].es_server.ea_maxrequests, @@ -2344,8 +2345,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len) #endif /* PPP_WITH_EAPTLS */ #ifdef PPP_WITH_CHAPMS u_char opcode; - int (*chap_verifier)(char *, char *, int, struct chap_digest_type *, - unsigned char *, unsigned char *, char *, int); + chap_verify_hook_fn *chap_verifier; char response_message[256]; #endif /* PPP_WITH_CHAPMS */ @@ -145,11 +145,11 @@ struct eap_auth { char *ea_name; /* Our name */ char *ea_peer; /* Peer's name */ void *ea_session; /* Authentication library linkage */ - u_char *ea_skey; /* Shared encryption key */ + unsigned char *ea_skey; /* Shared encryption key */ int ea_timeout; /* Time to wait (for retransmit/fail) */ int ea_maxrequests; /* Max Requests allowed */ - u_short ea_namelen; /* Length of our name */ - u_short ea_peerlen; /* Length of peer's name */ + unsigned short ea_namelen; /* Length of our name */ + unsigned short ea_peerlen; /* Length of peer's name */ enum eap_state_code ea_state; #ifdef PPP_WITH_EAPTLS enum eap_state_code ea_prev_state; @@ -157,11 +157,11 @@ struct eap_auth { #ifdef PPP_WITH_CHAPMS struct chap_digest_type *digest; #endif - u_char ea_id; /* Current id */ - u_char ea_requests; /* Number of Requests sent/received */ - u_char ea_responses; /* Number of Responses */ - u_char ea_type; /* One of EAPT_* */ - u_int32_t ea_keyflags; /* SRP shared key usage flags */ + unsigned char ea_id; /* Current id */ + unsigned char ea_requests; /* Number of Requests sent/received */ + unsigned char ea_responses; /* Number of Responses */ + unsigned char ea_type; /* One of EAPT_* */ + uint32_t ea_keyflags; /* SRP shared key usage flags */ #ifdef PPP_WITH_EAPTLS bool ea_using_eaptls; #endif @@ -183,7 +183,7 @@ typedef struct eap_state { bool es_usepseudo; /* Use SRP Pseudonym if offered one */ int es_usedpseudo; /* Set if we already sent PN */ int es_challen; /* Length of challenge string */ - u_char es_challenge[MAX_CHALLENGE_LENGTH]; + unsigned char es_challenge[MAX_CHALLENGE_LENGTH]; } eap_state; /* @@ -206,6 +206,11 @@ void eap_authpeer (int unit, char *localname); extern struct protent eap_protent; +#ifdef PPP_WITH_EAPTLS +typedef int (eaptls_passwd_hook_fn)(char *user, char *passwd); +extern eaptls_passwd_hook_fn *eaptls_passwd_hook; +#endif + #ifdef __cplusplus } #endif @@ -63,11 +63,12 @@ #include <string.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "fsm.h" #include "ecp.h" -static option_t ecp_option_list[] = { +static struct option ecp_option_list[] = { { "noecp", o_bool, &ecp_protent.enabled_flag, "Disable ECP negotiation" }, { "-ecp", o_bool, &ecp_protent.enabled_flag, diff --git a/pppd/eui64.c b/pppd/eui64.c index 7978c06..bc84e8d 100644 --- a/pppd/eui64.c +++ b/pppd/eui64.c @@ -38,7 +38,7 @@ #include "config.h" #endif -#include "pppd.h" +#include "pppd-private.h" /* diff --git a/pppd/eui64.h b/pppd/eui64.h index f29200b..f809342 100644 --- a/pppd/eui64.h +++ b/pppd/eui64.h @@ -38,9 +38,36 @@ #include "pppdconf.h" -#if !defined(PPP_WITH_IPV6CP) -#error "this file should only be included when PPP_WITH_IPV6CP is defined" -#endif /* not defined(PPP_WITH_IPV6CP) */ +#if defined(SOL2) +#include <netinet/in.h> + +typedef union { + uint8_t e8[8]; /* lower 64-bit IPv6 address */ + uint32_t e32[2]; /* lower 64-bit IPv6 address */ +} eui64_t; + +/* + * Declare the two below, since in.h only defines them when _KERNEL + * is declared - which shouldn't be true when dealing with user-land programs + */ +#define s6_addr8 _S6_un._S6_u8 +#define s6_addr32 _S6_un._S6_u32 + +#else /* else if not defined(SOL2) */ + +/* + * TODO: + * + * Maybe this should be done by processing struct in6_addr directly... + */ +typedef union +{ + u_int8_t e8[8]; + u_int16_t e16[4]; + u_int32_t e32[2]; +} eui64_t; + +#endif /* defined(SOL2) */ #define eui64_iszero(e) (((e).e32[0] | (e).e32[1]) == 0) #define eui64_equals(e, o) (((e).e32[0] == (o).e32[0]) && \ @@ -54,7 +54,7 @@ #include <string.h> #include <sys/types.h> -#include "pppd.h" +#include "pppd-private.h" #include "fsm.h" @@ -72,9 +72,9 @@ typedef struct fsm { int protocol; /* Data Link Layer Protocol field value */ int state; /* State */ int flags; /* Contains option bits */ - u_char id; /* Current id */ - u_char reqid; /* Current request id */ - u_char seen_ack; /* Have received valid Ack/Nak/Rej to Req */ + unsigned char id; /* Current id */ + unsigned char reqid; /* Current request id */ + unsigned char seen_ack; /* Have received valid Ack/Nak/Rej to Req */ int timeouttime; /* Timeout time in milliseconds */ int maxconfreqtransmits; /* Maximum Configure-Request transmissions */ int retransmits; /* Number of retransmissions left */ @@ -92,15 +92,15 @@ typedef struct fsm_callbacks { void (*resetci)(fsm *); /* Reset our Configuration Information */ int (*cilen)(fsm *); /* Length of our Configuration Information */ void (*addci) /* Add our Configuration Information */ - (fsm *, u_char *, int *); + (fsm *, unsigned char *, int *); int (*ackci) /* ACK our Configuration Information */ - (fsm *, u_char *, int); + (fsm *, unsigned char *, int); int (*nakci) /* NAK our Configuration Information */ - (fsm *, u_char *, int, int); + (fsm *, unsigned char *, int, int); int (*rejci) /* Reject our Configuration Information */ - (fsm *, u_char *, int); + (fsm *, unsigned char *, int); int (*reqci) /* Request peer's Configuration Information */ - (fsm *, u_char *, int *, int); + (fsm *, unsigned char *, int *, int); void (*up)(fsm *); /* Called when fsm reaches OPENED state */ void (*down)(fsm *); /* Called when fsm leaves OPENED state */ void (*starting)(fsm *); /* Called when we want the lower layer */ @@ -108,7 +108,7 @@ typedef struct fsm_callbacks { void (*protreject)(int); /* Called when Protocol-Reject received */ void (*retransmit)(fsm *); /* Retransmission is necessary */ int (*extcode) /* Called when unknown code received */ - (fsm *, int, int, u_char *, int); + (fsm *, int, int, unsigned char *, int); char *proto_name; /* String name for protocol (for messages) */ } fsm_callbacks; @@ -153,9 +153,9 @@ void fsm_lowerup (fsm *); void fsm_lowerdown (fsm *); void fsm_open (fsm *); void fsm_close (fsm *, char *); -void fsm_input (fsm *, u_char *, int); +void fsm_input (fsm *, unsigned char *, int); void fsm_protreject (fsm *); -void fsm_sdata (fsm *, int, int, u_char *, int); +void fsm_sdata (fsm *, int, int, unsigned char *, int); /* diff --git a/pppd/ipcp.c b/pppd/ipcp.c index 776f06f..5d9ff11 100644 --- a/pppd/ipcp.c +++ b/pppd/ipcp.c @@ -44,10 +44,6 @@ #include "config.h" #endif -/* - * TODO: - */ - #include <stdio.h> #include <string.h> #include <stdlib.h> @@ -59,7 +55,8 @@ #include <arpa/inet.h> #include <net/if.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "fsm.h" #include "ipcp.h" #include "pathnames.h" @@ -71,19 +68,16 @@ ipcp_options ipcp_gotoptions[NUM_PPP]; /* Options that peer ack'd */ ipcp_options ipcp_allowoptions[NUM_PPP]; /* Options we allow peer to request */ ipcp_options ipcp_hisoptions[NUM_PPP]; /* Options that we ack'd */ +char *ipparam = NULL; /* Extra parameter for ip up/down scripts */ u_int32_t netmask = 0; /* IP netmask to set on interface */ bool disable_defaultip = 0; /* Don't use hostname for default IP adrs */ bool noremoteip = 0; /* Let him have no IP address */ -/* Hook for a plugin to know when IP protocol has come up */ -void (*ip_up_hook)(void) = NULL; - -/* Hook for a plugin to know when IP protocol has come down */ -void (*ip_down_hook)(void) = NULL; +ip_up_hook_fn *ip_up_hook = NULL; +ip_down_hook_fn *ip_down_hook = NULL; +ip_choose_hook_fn *ip_choose_hook = NULL; -/* Hook for a plugin to choose the remote IP address */ -void (*ip_choose_hook)(u_int32_t *) = NULL; /* Notifiers for when IPCP goes up and down */ struct notifier *ip_up_notifier = NULL; @@ -142,9 +136,9 @@ static int setdnsaddr (char **); static int setwinsaddr (char **); static int setnetmask (char **); int setipaddr (char *, char **, int); -static void printipaddr (option_t *, void (*)(void *, char *,...),void *); +static void printipaddr (struct option *, void (*)(void *, char *,...),void *); -static option_t ipcp_option_list[] = { +static struct option ipcp_option_list[] = { { "noip", o_bool, &ipcp_protent.enabled_flag, "Disable IP and IPCP" }, { "-ip", o_bool, &ipcp_protent.enabled_flag, @@ -337,10 +331,10 @@ setvjslots(char **argv) { int value; - if (!int_option(*argv, &value)) + if (!ppp_int_option(*argv, &value)) return 0; if (value < 2 || value > 16) { - option_error("vj-max-slots value must be between 2 and 16"); + ppp_option_error("vj-max-slots value must be between 2 and 16"); return 0; } ipcp_wantoptions [0].maxslotindex = @@ -361,7 +355,7 @@ setdnsaddr(char **argv) dns = inet_addr(*argv); if (dns == (u_int32_t) -1) { if ((hp = gethostbyname(*argv)) == NULL) { - option_error("invalid address parameter '%s' for ms-dns option", + ppp_option_error("invalid address parameter '%s' for ms-dns option", *argv); return 0; } @@ -396,7 +390,7 @@ setwinsaddr(char **argv) wins = inet_addr(*argv); if (wins == (u_int32_t) -1) { if ((hp = gethostbyname(*argv)) == NULL) { - option_error("invalid address parameter '%s' for ms-wins option", + ppp_option_error("invalid address parameter '%s' for ms-wins option", *argv); return 0; } @@ -447,13 +441,13 @@ setipaddr(char *arg, char **argv, int doit) *colon = '\0'; if ((local = inet_addr(arg)) == (u_int32_t) -1) { if ((hp = gethostbyname(arg)) == NULL) { - option_error("unknown host: %s", arg); + ppp_option_error("unknown host: %s", arg); return 0; } local = *(u_int32_t *)hp->h_addr; } - if (bad_ip_adrs(local)) { - option_error("bad local IP address %s", ip_ntoa(local)); + if (ppp_bad_ip_addr(local)) { + ppp_option_error("bad local IP address %s", ip_ntoa(local)); return 0; } if (local != 0) @@ -468,15 +462,15 @@ setipaddr(char *arg, char **argv, int doit) if (*++colon != '\0' && option_priority >= prio_remote) { if ((remote = inet_addr(colon)) == (u_int32_t) -1) { if ((hp = gethostbyname(colon)) == NULL) { - option_error("unknown host: %s", colon); + ppp_option_error("unknown host: %s", colon); return 0; } remote = *(u_int32_t *)hp->h_addr; if (remote_name[0] == 0) strlcpy(remote_name, colon, sizeof(remote_name)); } - if (bad_ip_adrs(remote)) { - option_error("bad remote IP address %s", ip_ntoa(remote)); + if (ppp_bad_ip_addr(remote)) { + ppp_option_error("bad remote IP address %s", ip_ntoa(remote)); return 0; } if (remote != 0) @@ -488,7 +482,7 @@ setipaddr(char *arg, char **argv, int doit) } static void -printipaddr(option_t *opt, void (*printer) (void *, char *, ...), void *arg) +printipaddr(struct option *opt, void (*printer) (void *, char *, ...), void *arg) { ipcp_options *wo = &ipcp_wantoptions[0]; @@ -519,7 +513,7 @@ setnetmask(char **argv) mask = htonl(mask); if (n == 0 || p[n] != 0 || (netmask & ~mask) != 0) { - option_error("invalid netmask value '%s'", *argv); + ppp_option_error("invalid netmask value '%s'", *argv); return 0; } @@ -560,6 +554,11 @@ parse_dotted_ip(char *p, u_int32_t *vp) return p - p0; } +const char *ppp_ipparam() +{ + return ipparam; +} + /* * ipcp_init - Initialize IPCP. @@ -1737,7 +1736,7 @@ ip_check_options(void) wo->accept_local = 1; /* don't insist on this default value */ if ((hp = gethostbyname(hostname)) != NULL) { local = *(u_int32_t *)hp->h_addr; - if (local != 0 && !bad_ip_adrs(local)) + if (local != 0 && !ppp_bad_ip_addr(local)) wo->ouraddr = local; } } @@ -1832,29 +1831,29 @@ ipcp_up(fsm *f) warn("Could not determine remote IP address: defaulting to %I", ho->hisaddr); } - script_setenv("IPLOCAL", ip_ntoa(go->ouraddr), 0); + ppp_script_setenv("IPLOCAL", ip_ntoa(go->ouraddr), 0); if (ho->hisaddr != 0) - script_setenv("IPREMOTE", ip_ntoa(ho->hisaddr), 1); + ppp_script_setenv("IPREMOTE", ip_ntoa(ho->hisaddr), 1); if (!go->req_dns1) go->dnsaddr[0] = 0; if (!go->req_dns2) go->dnsaddr[1] = 0; if (go->dnsaddr[0]) - script_setenv("DNS1", ip_ntoa(go->dnsaddr[0]), 0); + ppp_script_setenv("DNS1", ip_ntoa(go->dnsaddr[0]), 0); if (go->dnsaddr[1]) - script_setenv("DNS2", ip_ntoa(go->dnsaddr[1]), 0); + ppp_script_setenv("DNS2", ip_ntoa(go->dnsaddr[1]), 0); if (usepeerdns && (go->dnsaddr[0] || go->dnsaddr[1])) { - script_setenv("USEPEERDNS", "1", 0); + ppp_script_setenv("USEPEERDNS", "1", 0); create_resolv(go->dnsaddr[0], go->dnsaddr[1]); } if (go->winsaddr[0]) - script_setenv("WINS1", ip_ntoa(go->winsaddr[0]), 0); + ppp_script_setenv("WINS1", ip_ntoa(go->winsaddr[0]), 0); if (go->winsaddr[1]) - script_setenv("WINS2", ip_ntoa(go->winsaddr[1]), 0); + ppp_script_setenv("WINS2", ip_ntoa(go->winsaddr[1]), 0); if (usepeerwins && (go->winsaddr[0] || go->winsaddr[1])) - script_setenv("USEPEERWINS", "1", 0); + ppp_script_setenv("USEPEERWINS", "1", 0); /* * Check that the peer is allowed to use the IP address it wants. @@ -1879,17 +1878,17 @@ ipcp_up(fsm *f) wo->replace_default_route); if (go->ouraddr != wo->ouraddr) { warn("Local IP address changed to %I", go->ouraddr); - script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); + ppp_script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); wo->ouraddr = go->ouraddr; } else - script_unsetenv("OLDIPLOCAL"); + ppp_script_unsetenv("OLDIPLOCAL"); if (ho->hisaddr != wo->hisaddr) { warn("Remote IP address changed to %I", ho->hisaddr); if (wo->hisaddr != 0) - script_setenv("OLDIPREMOTE", ip_ntoa(wo->hisaddr), 0); + ppp_script_setenv("OLDIPREMOTE", ip_ntoa(wo->hisaddr), 0); wo->hisaddr = ho->hisaddr; } else - script_unsetenv("OLDIPREMOTE"); + ppp_script_unsetenv("OLDIPREMOTE"); /* Set the interface to the new addresses */ mask = GetMask(go->ouraddr); @@ -2016,7 +2015,7 @@ ipcp_down(fsm *f) * before the interface is marked down. */ /* XXX more correct: we must get the stats before running the notifiers, * at least for the radius plugin */ - update_link_stats(f->unit); + ppp_get_link_stats(NULL); notify(ip_down_notifier, 0); if (ip_down_hook) ip_down_hook(); diff --git a/pppd/ipcp.h b/pppd/ipcp.h index 0e44931..97b5e6b 100644 --- a/pppd/ipcp.h +++ b/pppd/ipcp.h @@ -85,9 +85,9 @@ typedef struct ipcp_options { int vj_protocol; /* protocol value to use in VJ option */ int maxslotindex; /* values for RFC1332 VJ compression neg. */ bool cflag; - u_int32_t ouraddr, hisaddr; /* Addresses in NETWORK BYTE ORDER */ - u_int32_t dnsaddr[2]; /* Primary and secondary MS DNS entries */ - u_int32_t winsaddr[2]; /* Primary and secondary MS WINS entries */ + uint32_t ouraddr, hisaddr; /* Addresses in NETWORK BYTE ORDER */ + uint32_t dnsaddr[2]; /* Primary and secondary MS DNS entries */ + uint32_t winsaddr[2]; /* Primary and secondary MS WINS entries */ } ipcp_options; extern fsm ipcp_fsm[]; @@ -96,8 +96,26 @@ extern ipcp_options ipcp_gotoptions[]; extern ipcp_options ipcp_allowoptions[]; extern ipcp_options ipcp_hisoptions[]; -char *ip_ntoa(u_int32_t); +char *ip_ntoa(uint32_t); extern struct protent ipcp_protent; +/* + * Hook for a plugin to know when IP protocol has come up + */ +typedef void (ip_up_hook_fn)(void); +extern ip_up_hook_fn *ip_up_hook; + +/* + * Hook for a plugin to know when IP protocol has come down + */ +typedef void (ip_down_hook_fn)(void); +extern ip_down_hook_fn *ip_down_hook; + +/* + * Hook for a plugin to choose the remote IP address + */ +typedef void (ip_choose_hook_fn)(uint32_t *); +extern ip_choose_hook_fn *ip_choose_hook; + #endif /* PPP_IPCP_H */ diff --git a/pppd/ipv6cp.c b/pppd/ipv6cp.c index 5a99841..795f8a9 100644 --- a/pppd/ipv6cp.c +++ b/pppd/ipv6cp.c @@ -162,7 +162,8 @@ #include <netinet/in.h> #include <arpa/inet.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "fsm.h" #include "eui64.h" #include "ipcp.h" @@ -183,11 +184,8 @@ static int default_route_set[NUM_PPP]; /* Have set up a default route */ static int ipv6cp_is_up; static bool ipv6cp_noremote; -/* Hook for a plugin to know when IPv6 protocol has come up */ -void (*ipv6_up_hook)(void) = NULL; - -/* Hook for a plugin to know when IPv6 protocol has come down */ -void (*ipv6_down_hook)(void) = NULL; +ipv6_up_hook_fn *ipv6_up_hook = NULL; +ipv6_down_hook_fn *ipv6_down_hook = NULL; /* Notifiers for when IPCPv6 goes up and down */ struct notifier *ipv6_up_notifier = NULL; @@ -231,10 +229,10 @@ static fsm_callbacks ipv6cp_callbacks = { /* IPV6CP callback routines */ * Command-line options. */ static int setifaceid (char **arg); -static void printifaceid (option_t *, +static void printifaceid (struct option *, void (*)(void *, char *, ...), void *); -static option_t ipv6cp_option_list[] = { +static struct option ipv6cp_option_list[] = { { "ipv6", o_special, (void *)setifaceid, "Set interface identifiers for IPV6", OPT_A2PRINTER, (void *)printifaceid }, @@ -373,7 +371,7 @@ setifaceid(char **argv) *comma = '\0'; if (inet_pton(AF_INET6, arg, &addr) == 0 || !VALIDID(addr)) { - option_error("Illegal interface identifier (local): %s", arg); + ppp_option_error("Illegal interface identifier (local): %s", arg); return 0; } @@ -390,7 +388,7 @@ setifaceid(char **argv) */ if (*comma != 0 && *++comma != '\0') { if (inet_pton(AF_INET6, comma, &addr) == 0 || !VALIDID(addr)) { - option_error("Illegal interface identifier (remote): %s", comma); + ppp_option_error("Illegal interface identifier (remote): %s", comma); return 0; } if (option_priority >= prio_remote) { @@ -408,7 +406,7 @@ setifaceid(char **argv) char *llv6_ntoa(eui64_t ifaceid); static void -printifaceid(option_t *opt, void (*printer) (void *, char *, ...), void *arg) +printifaceid(struct option *opt, void (*printer) (void *, char *, ...), void *arg) { ipv6cp_options *wo = &ipv6cp_wantoptions[0]; @@ -1302,9 +1300,9 @@ ipv6cp_up(fsm *f) return; } } - script_setenv("LLLOCAL", llv6_ntoa(go->ourid), 0); + ppp_script_setenv("LLLOCAL", llv6_ntoa(go->ourid), 0); if (!eui64_iszero(ho->hisid)) - script_setenv("LLREMOTE", llv6_ntoa(ho->hisid), 0); + ppp_script_setenv("LLREMOTE", llv6_ntoa(ho->hisid), 0); #ifdef IPV6CP_COMP /* set tcp compression */ @@ -1398,7 +1396,7 @@ static void ipv6cp_down(fsm *f) { IPV6CPDEBUG(("ipv6cp: down")); - update_link_stats(f->unit); + ppp_get_link_stats(NULL); notify(ipv6_down_notifier, 0); if (ipv6_down_hook) ipv6_down_hook(); diff --git a/pppd/ipv6cp.h b/pppd/ipv6cp.h index 172b6eb..d6e626e 100644 --- a/pppd/ipv6cp.h +++ b/pppd/ipv6cp.h @@ -174,4 +174,16 @@ extern ipv6cp_options ipv6cp_hisoptions[]; extern struct protent ipv6cp_protent; +/* + * Hook for a plugin to know when IPv6 protocol has come up + */ +typedef void (ipv6_up_hook_fn)(void); +extern ipv6_up_hook_fn *ipv6_up_hook; + +/* + * Hook for a plugin to know when IPv6 protocol has come down + */ +typedef void (ipv6_down_hook_fn)(void); +extern ipv6_down_hook_fn *ipv6_down_hook; + #endif @@ -48,13 +48,14 @@ #include <string.h> #include <stdlib.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "fsm.h" #include "lcp.h" #include "eap.h" -#include "chap-new.h" +#include "chap.h" #include "magic.h" - +#include "multilink.h" /* * When the link comes up we want to be able to wait for a short while, @@ -82,7 +83,7 @@ static int setendpoint(char **); static void printendpoint(option_t *, void (*)(void *, char *, ...), void *); #endif /* PPP_WITH_MULTILINK */ -static option_t lcp_option_list[] = { +static struct option lcp_option_list[] = { /* LCP options */ { "-all", o_special_noarg, (void *)noopt, "Don't request/allow any LCP options" }, @@ -312,7 +313,7 @@ setendpoint(char **argv) lcp_wantoptions[0].neg_endpoint = 1; return 1; } - option_error("Can't parse '%s' as an endpoint discriminator", *argv); + ppp_option_error("Can't parse '%s' as an endpoint discriminator", *argv); return 0; } @@ -389,11 +390,11 @@ lcp_close(int unit, char *reason) fsm *f = &lcp_fsm[unit]; int oldstate; - if (phase != PHASE_DEAD && phase != PHASE_MASTER) + if (!in_phase(PHASE_DEAD) && !in_phase(PHASE_MASTER)) new_phase(PHASE_TERMINATE); if (f->flags & DELAYED_UP) { - untimeout(lcp_delayed_up, f); + UNTIMEOUT(lcp_delayed_up, f); f->state = STOPPED; } oldstate = f->state; @@ -435,7 +436,7 @@ lcp_lowerup(int unit) if (listen_time != 0) { f->flags |= DELAYED_UP; - timeout(lcp_delayed_up, f, 0, listen_time * 1000); + ppp_timeout(lcp_delayed_up, f, 0, listen_time * 1000); } else fsm_lowerup(f); } @@ -451,7 +452,7 @@ lcp_lowerdown(int unit) if (f->flags & DELAYED_UP) { f->flags &= ~DELAYED_UP; - untimeout(lcp_delayed_up, f); + UNTIMEOUT(lcp_delayed_up, f); } else fsm_lowerdown(&lcp_fsm[unit]); } @@ -482,7 +483,7 @@ lcp_input(int unit, u_char *p, int len) if (f->flags & DELAYED_UP) { f->flags &= ~DELAYED_UP; - untimeout(lcp_delayed_up, f); + UNTIMEOUT(lcp_delayed_up, f); fsm_lowerup(f); } fsm_input(f, p, len); @@ -1276,7 +1277,7 @@ lcp_nakci(fsm *f, u_char *p, int len, int treat_as_reject) if (looped_back) { if (++try.numloops >= lcp_loopbackfail) { notice("Serial line is looped back."); - status = EXIT_LOOPBACK; + ppp_set_status(EXIT_LOOPBACK); lcp_close(f->unit, "Loopback detected"); } } else @@ -1872,7 +1873,7 @@ lcp_up(fsm *f) #ifdef PPP_WITH_MULTILINK if (!(multilink && go->neg_mrru && ho->neg_mrru)) #endif /* PPP_WITH_MULTILINK */ - netif_set_mtu(f->unit, MIN(MIN(mtu, mru), ao->mru)); + ppp_set_mtu(f->unit, MIN(MIN(mtu, mru), ao->mru)); ppp_send_config(f->unit, mtu, (ho->neg_asyncmap? ho->asyncmap: 0xffffffff), ho->neg_pcompression, ho->neg_accompression); @@ -2186,7 +2187,7 @@ void LcpLinkFailure (fsm *f) if (f->state == OPENED) { info("No response to %d echo-requests", lcp_echos_pending); notice("Serial link appears to be disconnected."); - status = EXIT_PEER_DEAD; + ppp_set_status(EXIT_PEER_DEAD); lcp_close(f->unit, "Peer not responding"); } } @@ -84,6 +84,14 @@ /* Value used as data for CI_CALLBACK option */ #define CBCP_OPT 6 /* Use callback control protocol */ +/* An endpoint discriminator, used with multilink. */ +#define MAX_ENDP_LEN 20 /* maximum length of discriminator value */ +struct epdisc { + unsigned char class; + unsigned char length; + unsigned char value[MAX_ENDP_LEN]; +}; + /* * The state of options is described by an lcp_options structure. */ @@ -106,11 +114,11 @@ typedef struct lcp_options { bool neg_endpoint; /* negotiate endpoint discriminator */ int mru; /* Value of MRU */ int mrru; /* Value of MRRU, and multilink enable */ - u_char chap_mdtype; /* which MD types (hashing algorithm) */ - u_int32_t asyncmap; /* Value of async map */ - u_int32_t magicnumber; + unsigned char chap_mdtype; /* which MD types (hashing algorithm) */ + uint32_t asyncmap; /* Value of async map */ + uint32_t magicnumber; int numloops; /* Number of loops during magic number neg. */ - u_int32_t lqr_period; /* Reporting period for LQR 1/100ths second */ + uint32_t lqr_period; /* Reporting period for LQR 1/100ths second */ struct epdisc endpoint; /* endpoint discriminator */ } lcp_options; @@ -128,7 +136,7 @@ void lcp_open(int); void lcp_close(int, char *); void lcp_lowerup(int); void lcp_lowerdown(int); -void lcp_sprotrej(int, u_char *, int); /* send protocol reject */ +void lcp_sprotrej(int, unsigned char *, int); /* send protocol reject */ extern struct protent lcp_protent; diff --git a/pppd/magic.c b/pppd/magic.c index 6a5a7eb..5e50f1d 100644 --- a/pppd/magic.c +++ b/pppd/magic.c @@ -50,7 +50,7 @@ #include <sys/types.h> #include <sys/time.h> -#include "pppd.h" +#include "pppd-private.h" #include "magic.h" diff --git a/pppd/main.c b/pppd/main.c index b302c08..1a2a446 100644 --- a/pppd/main.c +++ b/pppd/main.c @@ -95,7 +95,8 @@ #include <inttypes.h> #include <net/if.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "magic.h" #include "fsm.h" #include "lcp.h" @@ -104,12 +105,13 @@ #include "ipv6cp.h" #endif #include "upap.h" -#include "chap-new.h" +#include "chap.h" #include "eap.h" #include "ccp.h" #include "ecp.h" #include "pathnames.h" -#include "ppp-crypto.h" +#include "crypto.h" +#include "multilink.h" #ifdef PPP_WITH_TDB #include "tdb.h" @@ -123,7 +125,6 @@ #include "atcp.h" #endif - /* interface vars */ char ifname[IFNAMSIZ]; /* Interface name */ int ifunit; /* Interface unit number */ @@ -134,7 +135,6 @@ char *progname; /* Name of this program */ char hostname[MAXNAMELEN]; /* Our hostname */ static char pidfilename[MAXPATHLEN]; /* name of pid file */ static char linkpidfile[MAXPATHLEN]; /* name of linkname pid file */ -char ppp_devnam[MAXPATHLEN]; /* name of PPP tty (maybe ttypx) */ uid_t uid; /* Our real user-id */ struct notifier *pidchange = NULL; struct notifier *phasechange = NULL; @@ -146,7 +146,7 @@ int hungup; /* terminal has been hung up */ int privileged; /* we're running as real uid root */ int need_holdoff; /* need holdoff period before restarting */ int detached; /* have detached from terminal */ -volatile int status; /* exit status for pppd */ +volatile int code; /* exit status for pppd */ int unsuccess; /* # unsuccessful connection attempts */ int do_callback; /* != 0 if we should do callback next */ int doing_callback; /* != 0 if we are doing callback */ @@ -171,7 +171,7 @@ static int fd_loop; /* fd for getting demand-dial packets */ int fd_devnull; /* fd for /dev/null */ int devfd = -1; /* fd of underlying device */ int fd_ppp = -1; /* fd for talking PPP */ -int phase; /* where the link is at */ +ppp_phase_t phase; /* where the link is at */ int kill_link; int asked_to_quit; int open_ccp_flag; @@ -206,6 +206,7 @@ static struct pppd_stats old_link_stats; struct pppd_stats link_stats; unsigned link_connect_time; int link_stats_valid; +int link_stats_print; int error_count; @@ -261,6 +262,72 @@ void print_link_stats(void); extern char *getlogin(void); int main(int, char *[]); +const char *ppp_hostname() +{ + return hostname; +} + +bool ppp_signaled(int sig) +{ + if (sig == SIGTERM) + return !!got_sigterm; + if (sig == SIGUSR2) + return !!got_sigusr2; + if (sig == SIGHUP) + return !!got_sighup; + return false; +} + +ppp_exit_code_t ppp_status() +{ + return code; +} + +void ppp_set_status(ppp_exit_code_t value) +{ + code = value; +} + +void ppp_set_session_number(int number) +{ + ppp_session_number = number; +} + +int ppp_get_session_number() +{ + return ppp_session_number; +} + +const char *ppp_ifname() +{ + return ifname; +} + +int ppp_get_ifname(char *buf, size_t bufsz) +{ + if (buf) { + return strlcpy(buf, ifname, bufsz); + } + return false; +} + +void ppp_set_ifname(const char *name) +{ + if (ifname) { + strlcpy(ifname, name, sizeof(ifname)); + } +} + +int ppp_ifunit() +{ + return ifunit; +} + +int ppp_get_link_uptime() +{ + return link_connect_time; +} + /* * PPP Data Link Layer "protocol" table. * One entry per supported protocol. @@ -305,6 +372,7 @@ main(int argc, char *argv[]) strlcpy(path_ipv6down, PPP_PATH_IPV6DOWN, MAXPATHLEN); #endif link_stats_valid = 0; + link_stats_print = 1; new_phase(PHASE_INITIALIZE); script_env = NULL; @@ -312,8 +380,8 @@ main(int argc, char *argv[]) /* Initialize syslog facilities */ reopen_log(); - if (gethostname(hostname, MAXNAMELEN) < 0 ) { - option_error("Couldn't get hostname: %m"); + if (gethostname(hostname, sizeof(hostname)) < 0 ) { + ppp_option_error("Couldn't get hostname: %m"); exit(1); } hostname[MAXNAMELEN-1] = 0; @@ -324,7 +392,7 @@ main(int argc, char *argv[]) uid = getuid(); privileged = uid == 0; slprintf(numbuf, sizeof(numbuf), "%d", uid); - script_setenv("ORIG_UID", numbuf, 0); + ppp_script_setenv("ORIG_UID", numbuf, 0); ngroups = getgroups(NGROUPS_MAX, groups); @@ -351,7 +419,7 @@ main(int argc, char *argv[]) * Parse, in order, the system options file, the user's options file, * and the command line arguments. */ - if (!options_from_file(PPP_PATH_SYSOPTIONS, !privileged, 0, 1) + if (!ppp_options_from_file(PPP_PATH_SYSOPTIONS, !privileged, 0, 1) || !options_from_user() || !parse_args(argc-1, argv+1)) exit(EXIT_OPTION_ERROR); @@ -376,13 +444,13 @@ main(int argc, char *argv[]) * Check that we are running as root. */ if (geteuid() != 0) { - option_error("must be root to run %s, since it is not setuid-root", + ppp_option_error("must be root to run %s, since it is not setuid-root", argv[0]); exit(EXIT_NOT_ROOT); } - if (!ppp_available()) { - option_error("%s", no_ppp_msg); + if (!ppp_check_kernel_support()) { + ppp_option_error("%s", no_ppp_msg); exit(EXIT_NO_KERNEL_SUPPORT); } @@ -393,9 +461,7 @@ main(int argc, char *argv[]) if (!sys_check_options()) exit(EXIT_OPTION_ERROR); auth_check_options(); -#ifdef PPP_WITH_MULTILINK mp_check_options(); -#endif for (i = 0; (protp = protocols[i]) != NULL; ++i) if (protp->check_options != NULL) (*protp->check_options)(); @@ -457,12 +523,12 @@ main(int argc, char *argv[]) p = "(unknown)"; } syslog(LOG_NOTICE, "pppd %s started by %s, uid %d", VERSION, p, uid); - script_setenv("PPPLOGNAME", p, 0); + ppp_script_setenv("PPPLOGNAME", p, 0); if (devnam[0]) - script_setenv("DEVICE", devnam, 1); + ppp_script_setenv("DEVICE", devnam, 1); slprintf(numbuf, sizeof(numbuf), "%d", getpid()); - script_setenv("PPPD_PID", numbuf, 1); + ppp_script_setenv("PPPD_PID", numbuf, 1); setup_signals(); @@ -493,7 +559,7 @@ main(int argc, char *argv[]) listen_time = 0; need_holdoff = 1; devfd = -1; - status = EXIT_OK; + code = EXIT_OK; ++unsuccess; doing_callback = do_callback; do_callback = 0; @@ -523,10 +589,10 @@ main(int argc, char *argv[]) info("Starting link"); } - get_time(&start_time); - script_unsetenv("CONNECT_TIME"); - script_unsetenv("BYTES_SENT"); - script_unsetenv("BYTES_RCVD"); + ppp_get_time(&start_time); + ppp_script_unsetenv("CONNECT_TIME"); + ppp_script_unsetenv("BYTES_SENT"); + ppp_script_unsetenv("BYTES_RCVD"); lcp_open(0); /* Start protocol */ start_link(0); @@ -590,7 +656,7 @@ main(int argc, char *argv[]) } PPP_crypto_deinit(); - die(status); + die(code); return 0; } @@ -621,15 +687,15 @@ handle_events(void) info("Hangup (SIGHUP)"); kill_link = 1; got_sighup = 0; - if (status != EXIT_HANGUP) - status = EXIT_USER_REQUEST; + if (code != EXIT_HANGUP) + code = EXIT_USER_REQUEST; } if (got_sigterm) { info("Terminating on signal %d", got_sigterm); kill_link = 1; asked_to_quit = 1; persist = 0; - status = EXIT_USER_REQUEST; + code = EXIT_USER_REQUEST; got_sigterm = 0; } if (got_sigchld) { @@ -747,9 +813,9 @@ set_ifunit(int iskey) else slprintf(ifname, sizeof(ifname), "%s%d", PPP_DRV_NAME, ifunit); info("Using interface %s", ifname); - script_setenv("IFNAME", ifname, iskey); + ppp_script_setenv("IFNAME", ifname, iskey); slprintf(ifkey, sizeof(ifkey), "%d", ifunit); - script_setenv("UNIT", ifkey, iskey); + ppp_script_setenv("UNIT", ifkey, iskey); if (iskey) { create_pidfile(getpid()); /* write pid to file */ create_linkpidfile(getpid()); @@ -796,7 +862,7 @@ detach(void) if (log_default) log_to_fd = -1; slprintf(numbuf, sizeof(numbuf), "%d", getpid()); - script_setenv("PPPD_PID", numbuf, 1); + ppp_script_setenv("PPPD_PID", numbuf, 1); /* wait for parent to finish updating pid & lock files and die */ close(pipefd[1]); @@ -840,7 +906,7 @@ create_linkpidfile(int pid) if (linkname[0] == 0) return; - script_setenv("LINKNAME", linkname, 1); + ppp_script_setenv("LINKNAME", linkname, 1); slprintf(linkpidfile, sizeof(linkpidfile), "%sppp-%s.pid", PPP_PATH_VARRUN, linkname); if ((pidfile = fopen(linkpidfile, "w")) != NULL) { @@ -1043,14 +1109,14 @@ get_input(void) return; if (len == 0) { - if (bundle_eof && multilink_master) { + if (bundle_eof && mp_master()) { notice("Last channel has disconnected"); mp_bundle_terminated(); return; } notice("Modem hangup"); hungup = 1; - status = EXIT_HANGUP; + code = EXIT_HANGUP; lcp_lowerdown(0); /* serial link is no longer available */ link_terminated(0); return; @@ -1154,7 +1220,7 @@ ppp_recv_config(int unit, int mru, u_int32_t accm, int pcomp, int accomp) * new_phase - signal the start of a new phase of pppd's operation. */ void -new_phase(int p) +new_phase(ppp_phase_t p) { phase = p; if (new_phase_hook) @@ -1162,13 +1228,20 @@ new_phase(int p) notify(phasechange, p); } +bool +in_phase(ppp_phase_t p) +{ + return (phase == p); +} + /* * die - clean up state and exit with the specified status. */ void die(int status) { - if (!doing_multilink || multilink_master) + + if (!mp_on() || mp_master()) print_link_stats(); cleanup(); notify(exitnotify, status); @@ -1204,12 +1277,12 @@ print_link_stats(void) /* * Print connect time and statistics. */ - if (link_stats_valid) { + if (link_stats_print && link_stats_valid) { int t = (link_connect_time + 5) / 6; /* 1/10ths of minutes */ info("Connect time %d.%d minutes.", t/10, t%10); info("Sent %u bytes, received %u bytes.", link_stats.bytes_out, link_stats.bytes_in); - link_stats_valid = 0; + link_stats_print = 0; } } @@ -1221,7 +1294,7 @@ reset_link_stats(int u) { if (!get_ppp_stats(u, &old_link_stats)) return; - get_time(&start_time); + ppp_get_time(&start_time); } /* @@ -1234,7 +1307,7 @@ update_link_stats(int u) char numbuf[32]; if (!get_ppp_stats(u, &link_stats) - || get_time(&now) < 0) + || ppp_get_time(&now) < 0) return; link_connect_time = now.tv_sec - start_time.tv_sec; link_stats_valid = 1; @@ -1245,11 +1318,24 @@ update_link_stats(int u) link_stats.pkts_out -= old_link_stats.pkts_out; slprintf(numbuf, sizeof(numbuf), "%u", link_connect_time); - script_setenv("CONNECT_TIME", numbuf, 0); + ppp_script_setenv("CONNECT_TIME", numbuf, 0); snprintf(numbuf, sizeof(numbuf), "%" PRIu64, link_stats.bytes_out); - script_setenv("BYTES_SENT", numbuf, 0); + ppp_script_setenv("BYTES_SENT", numbuf, 0); snprintf(numbuf, sizeof(numbuf), "%" PRIu64, link_stats.bytes_in); - script_setenv("BYTES_RCVD", numbuf, 0); + ppp_script_setenv("BYTES_RCVD", numbuf, 0); +} + +bool +ppp_get_link_stats(ppp_link_stats_st *stats) +{ + update_link_stats(0); + if (stats != NULL && + link_stats_valid) { + + memcpy(stats, &link_stats, sizeof(*stats)); + return true; + } + return false; } @@ -1267,7 +1353,7 @@ static struct timeval timenow; /* Current time */ * timeout - Schedule a timeout. */ void -timeout(void (*func)(void *), void *arg, int secs, int usecs) +ppp_timeout(void (*func)(void *), void *arg, int secs, int usecs) { struct callout *newp, *p, **pp; @@ -1278,7 +1364,7 @@ timeout(void (*func)(void *), void *arg, int secs, int usecs) fatal("Out of memory in timeout()!"); newp->c_arg = arg; newp->c_func = func; - get_time(&timenow); + ppp_get_time(&timenow); newp->c_time.tv_sec = timenow.tv_sec + secs; newp->c_time.tv_usec = timenow.tv_usec + usecs; if (newp->c_time.tv_usec >= 1000000) { @@ -1303,7 +1389,7 @@ timeout(void (*func)(void *), void *arg, int secs, int usecs) * untimeout - Unschedule a timeout. */ void -untimeout(void (*func)(void *), void *arg) +ppp_untimeout(void (*func)(void *), void *arg) { struct callout **copp, *freep; @@ -1330,7 +1416,7 @@ calltimeout(void) while (callout != NULL) { p = callout; - if (get_time(&timenow) < 0) + if (ppp_get_time(&timenow) < 0) fatal("Failed to get time of day: %m"); if (!(p->c_time.tv_sec < timenow.tv_sec || (p->c_time.tv_sec == timenow.tv_sec @@ -1354,7 +1440,7 @@ timeleft(struct timeval *tvp) if (callout == NULL) return NULL; - get_time(&timenow); + ppp_get_time(&timenow); tvp->tv_sec = callout->c_time.tv_sec - timenow.tv_sec; tvp->tv_usec = callout->c_time.tv_usec - timenow.tv_usec; if (tvp->tv_usec < 0) { @@ -1533,14 +1619,14 @@ bad_signal(int sig) } /* - * safe_fork - Create a child process. The child closes all the + * ppp_safe_fork - Create a child process. The child closes all the * file descriptors that we don't want to leak to a script. * The parent waits for the child to do this before returning. * This also arranges for the specified fds to be dup'd to * fds 0, 1, 2 in the child. */ pid_t -safe_fork(int infd, int outfd, int errfd) +ppp_safe_fork(int infd, int outfd, int errfd) { pid_t pid; int fd, pipefd[2]; @@ -1571,7 +1657,7 @@ safe_fork(int infd, int outfd, int errfd) } /* Executing in the child */ - sys_close(); + ppp_sys_close(); #ifdef PPP_WITH_TDB if (pppdb != NULL) tdb_close(pppdb); @@ -1680,7 +1766,7 @@ device_script(char *program, int in, int out, int dont_wait) errfd = open(PPP_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0644); ++conn_running; - pid = safe_fork(in, out, errfd); + pid = ppp_safe_fork(in, out, errfd); if (pid != 0 && log_to_fd < 0) close(errfd); @@ -1730,7 +1816,7 @@ device_script(char *program, int in, int out, int dont_wait) * and update the script environment. Note that we intentionally do * not update the TDB. These changes are layered on top right before * exec. It is not possible to use script_setenv() or - * script_unsetenv() safely after this routine is run. + * ppp_script_unsetenv() safely after this routine is run. */ static void update_script_environment(void) @@ -1774,7 +1860,7 @@ update_script_environment(void) * reap_kids) iff the return value is > 0. */ pid_t -run_program(char *prog, char **args, int must_exist, void (*done)(void *), void *arg, int wait) +run_program(char *prog, char * const *args, int must_exist, void (*done)(void *), void *arg, int wait) { int pid, status, ret; struct stat sbuf; @@ -1793,7 +1879,7 @@ run_program(char *prog, char **args, int must_exist, void (*done)(void *), void return 0; } - pid = safe_fork(fd_devnull, fd_devnull, fd_devnull); + pid = ppp_safe_fork(fd_devnull, fd_devnull, fd_devnull); if (pid == -1) { error("Failed to create child process for %s: %m", prog); return -1; @@ -1942,21 +2028,44 @@ reap_kids(void) return 0; } + +struct notifier **get_notifier_by_type(ppp_notify_t type) +{ + struct notifier **list[NF_MAX_NOTIFY] = { + [NF_PID_CHANGE ] = &pidchange, + [NF_PHASE_CHANGE] = &phasechange, + [NF_EXIT ] = &exitnotify, + [NF_SIGNALED ] = &sigreceived, + [NF_IP_UP ] = &ip_up_notifier, + [NF_IP_DOWN ] = &ip_down_notifier, + [NF_IPV6_UP ] = &ipv6_up_notifier, + [NF_IPV6_DOWN ] = &ipv6_down_notifier, + [NF_AUTH_UP ] = &auth_up_notifier, + [NF_LINK_DOWN ] = &link_down_notifier, + [NF_FORK ] = &fork_notifier, + }; + return list[type]; +} + /* * add_notifier - add a new function to be called when something happens. */ void -add_notifier(struct notifier **notif, notify_func func, void *arg) +ppp_add_notify(ppp_notify_t type, ppp_notify_fn *func, void *arg) { - struct notifier *np; - - np = malloc(sizeof(struct notifier)); - if (np == 0) - novm("notifier struct"); - np->next = *notif; - np->func = func; - np->arg = arg; - *notif = np; + struct notifier **notif = get_notifier_by_type(type); + if (notif) { + + struct notifier *np = malloc(sizeof(struct notifier)); + if (np == 0) + novm("notifier struct"); + np->next = *notif; + np->func = func; + np->arg = arg; + *notif = np; + } else { + error("Could not find notifier function for: %d", type); + } } /* @@ -1964,16 +2073,21 @@ add_notifier(struct notifier **notif, notify_func func, void *arg) * be called when something happens. */ void -remove_notifier(struct notifier **notif, notify_func func, void *arg) +ppp_del_notify(ppp_notify_t type, ppp_notify_fn *func, void *arg) { - struct notifier *np; - - for (; (np = *notif) != 0; notif = &np->next) { - if (np->func == func && np->arg == arg) { - *notif = np->next; - free(np); - break; + struct notifier **notif = get_notifier_by_type(type); + if (notif) { + struct notifier *np; + + for (; (np = *notif) != 0; notif = &np->next) { + if (np->func == func && np->arg == arg) { + *notif = np->next; + free(np); + break; + } } + } else { + error("Could not find notifier function for: %d", type); } } @@ -2001,11 +2115,11 @@ novm(char *msg) } /* - * script_setenv - set an environment variable value to be used + * ppp_script_setenv - set an environment variable value to be used * for scripts that we run (e.g. ip-up, auth-up, etc.) */ void -script_setenv(char *var, char *value, int iskey) +ppp_script_setenv(char *var, char *value, int iskey) { size_t varl = strlen(var); size_t vl = varl + strlen(value) + 2; @@ -2062,11 +2176,11 @@ script_setenv(char *var, char *value, int iskey) } /* - * script_unsetenv - remove a variable from the environment + * ppp_script_unsetenv - remove a variable from the environment * for scripts. */ void -script_unsetenv(char *var) +ppp_script_unsetenv(char *var) { int vl = strlen(var); int i; diff --git a/pppd/mppe.c b/pppd/mppe.c index c1bc4d3..da10338 100644 --- a/pppd/mppe.c +++ b/pppd/mppe.c @@ -35,12 +35,12 @@ #include <string.h> -#include "pppd.h" +#include "pppd-private.h" #include "fsm.h" #include "ccp.h" #include "chap_ms.h" #include "mppe.h" -#include "ppp-crypto.h" +#include "crypto.h" u_char mppe_send_key[MPPE_MAX_KEY_SIZE]; u_char mppe_recv_key[MPPE_MAX_KEY_SIZE]; diff --git a/pppd/mppe.h b/pppd/mppe.h index f1c53c3..9292fe8 100644 --- a/pppd/mppe.h +++ b/pppd/mppe.h @@ -72,7 +72,7 @@ /* Build a CI from mppe opts (see RFC 3078) */ #define MPPE_OPTS_TO_CI(opts, ci) \ do { \ - u_char *ptr = ci; /* u_char[4] */ \ + unsigned char *ptr = ci; /* unsigned char[4] */ \ \ /* H bit */ \ if (opts & MPPE_OPT_STATEFUL) \ @@ -94,7 +94,7 @@ /* The reverse of the above */ #define MPPE_CI_TO_OPTS(ci, opts) \ do { \ - u_char *ptr = ci; /* u_char[4] */ \ + unsigned char *ptr = ci; /* unsigned char[4] */ \ \ opts = 0; \ \ @@ -128,19 +128,6 @@ #if PPP_WITH_MPPE -/* - * NOTE: - * Access to these variables directly is discuraged. Please - * change your code to use below accessor functions. - */ - -/* The key material generated which is used for MPPE send key */ -extern u_char mppe_send_key[MPPE_MAX_KEY_SIZE]; -/* The key material generated which is used for MPPE recv key */ -extern u_char mppe_recv_key[MPPE_MAX_KEY_SIZE]; -/* Keys are set if value is non-zero */ -extern int mppe_keys_set; - /* These values are the RADIUS attribute values--see RFC 2548. */ #define MPPE_ENC_POL_ENC_ALLOWED 1 #define MPPE_ENC_POL_ENC_REQUIRED 2 @@ -154,17 +141,17 @@ void mppe_set_enc_types (int policy, int types); * Set the MPPE send and recv keys. NULL values for keys are ignored * and input values are cleared to avoid leaving them on the stack */ -void mppe_set_keys(u_char *send_key, u_char *recv_key, int keylen); +void mppe_set_keys(unsigned char *send_key, unsigned char *recv_key, int keylen); /* * Get the MPPE recv key */ -int mppe_get_recv_key(u_char *recv_key, int length); +int mppe_get_recv_key(unsigned char *recv_key, int length); /* * Get the MPPE send key */ -int mppe_get_send_key(u_char *send_key, int length); +int mppe_get_send_key(unsigned char *send_key, int length); /* * Clear the MPPE keys diff --git a/pppd/multilink.c b/pppd/multilink.c index 6f17cf8..4bb0b2b 100644 --- a/pppd/multilink.c +++ b/pppd/multilink.c @@ -41,10 +41,11 @@ #include <netinet/in.h> #include <unistd.h> -#include "pppd.h" +#include "pppd-private.h" #include "fsm.h" #include "lcp.h" #include "tdb.h" +#include "multilink.h" bool endpoint_specified; /* user gave explicit endpoint discriminator */ char *bundle_id; /* identifier for our bundle */ @@ -78,6 +79,18 @@ static int owns_unit(TDB_DATA pid, int unit); #define process_exists(n) (kill((n), 0) == 0 || errno != ESRCH) +multilink_join_hook_fn *multilink_join_hook = NULL; + +bool mp_master() +{ + return multilink_master; +} + +bool mp_on() +{ + return doing_multilink; +} + void mp_check_options(void) { @@ -139,12 +152,12 @@ mp_join_bundle(void) if (demand) { /* already have a bundle */ cfg_bundle(0, 0, 0, 0); - netif_set_mtu(0, mtu); + ppp_set_mtu(0, mtu); return 0; } make_new_bundle(0, 0, 0, 0); set_ifunit(1); - netif_set_mtu(0, mtu); + ppp_set_mtu(0, mtu); return 0; } @@ -189,8 +202,8 @@ mp_join_bundle(void) mtu = MIN(ho->mrru, ao->mru); if (demand) { cfg_bundle(go->mrru, ho->mrru, go->neg_ssnhf, ho->neg_ssnhf); - netif_set_mtu(0, mtu); - script_setenv("BUNDLE", bundle_id + 7, 1); + ppp_set_mtu(0, mtu); + ppp_script_setenv("BUNDLE", bundle_id + 7, 1); return 0; } @@ -224,7 +237,7 @@ mp_join_bundle(void) /* attach to existing unit */ if (bundle_attach(unit)) { set_ifunit(0); - script_setenv("BUNDLE", bundle_id + 7, 0); + ppp_script_setenv("BUNDLE", bundle_id + 7, 0); make_bundle_links(1); unlock_db(); info("Link attached to %s", ifname); @@ -236,8 +249,8 @@ mp_join_bundle(void) /* we have to make a new bundle */ make_new_bundle(go->mrru, ho->mrru, go->neg_ssnhf, ho->neg_ssnhf); set_ifunit(1); - netif_set_mtu(0, mtu); - script_setenv("BUNDLE", bundle_id + 7, 1); + ppp_set_mtu(0, mtu); + ppp_script_setenv("BUNDLE", bundle_id + 7, 1); make_bundle_links(0); unlock_db(); info("New bundle %s created", ifname); @@ -273,7 +286,7 @@ void mp_bundle_terminated(void) print_link_stats(); if (!demand) { remove_pidfiles(); - script_unsetenv("IFNAME"); + ppp_script_unsetenv("IFNAME"); } lock_db(); @@ -449,7 +462,7 @@ get_default_epdisc(struct epdisc *ep) hp = gethostbyname(hostname); if (hp != NULL) { addr = *(u_int32_t *)hp->h_addr; - if (!bad_ip_adrs(addr)) { + if (!ppp_bad_ip_addr(addr)) { addr = ntohl(addr); if (!LOCAL_IP_ADDR(addr)) { ep->class = EPD_IP; diff --git a/pppd/multilink.h b/pppd/multilink.h new file mode 100644 index 0000000..e4639bb --- /dev/null +++ b/pppd/multilink.h @@ -0,0 +1,112 @@ +/* + * multilink.h - support routines for multilink. + * + * Copyright (c) 2000-2002 Paul Mackerras. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. The name(s) of the authors of this software must not be used to + * endorse or promote products derived from this software without + * prior written permission. + * + * 3. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by Paul Mackerras + * <paulus@samba.org>". + * + * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO + * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN + * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef PPP_MULTILINK_H +#define PPP_MULTILINK_H + +#include "pppdconf.h" + +/* + * values for epdisc.class + */ +#define EPD_NULL 0 /* null discriminator, no data */ +#define EPD_LOCAL 1 +#define EPD_IP 2 +#define EPD_MAC 3 +#define EPD_MAGIC 4 +#define EPD_PHONENUM 5 + +struct epdisc; + +#ifdef PPP_WITH_MULTILINK + +/* + * Check multilink-related options + */ +void mp_check_options(void); + +/* + * Join our link to an appropriate bundle + */ +int mp_join_bundle(void); + +/* + * Disconnected our link from the bundle + */ +void mp_exit_bundle(void); + +/* + * Multipoint bundle terminated + */ +void mp_bundle_terminated(void); + +/* + * Acting as a multilink master + */ +bool mp_master(); + +/* + * Was multilink negotiated + */ +bool mp_on(); + +/* + * Convert an endpoint discriminator to a string + */ +char *epdisc_to_str(struct epdisc *); + +/* + * Convert a string to an endpoint discriminator + */ +int str_to_epdisc(struct epdisc *, char *); + +/* + * Hook for plugin to hear when an interface joins a multilink bundle + */ +typedef void (multilink_join_hook_fn)(void); +extern multilink_join_hook_fn *multilink_join_hook; + +#else + +#define mp_check_options(x) ((void)0) +#define mp_join_bundle(x) ((void)0) +#define mp_exit_bundle(x) ((void)0) +#define mp_bundle_terminated(x) ((void)0) + +static inline bool mp_on() { + return false; +} + +static inline bool mp_master() { + return false; +} + +#endif // PPP_WITH_MULTILINK +#endif // PPP_MULTILINK_H diff --git a/pppd/options.c b/pppd/options.c index cea09e3..f2ff59d 100644 --- a/pppd/options.c +++ b/pppd/options.c @@ -77,7 +77,9 @@ #endif #endif /* PPP_WITH_FILTER */ -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" +#include "upap.h" #include "pathnames.h" #if defined(ultrix) || defined(NeXT) @@ -97,7 +99,6 @@ struct option_value { int debug = 0; /* Debug flag */ int kdebugflag = 0; /* Tell kernel to print debug messages */ int default_device = 1; /* Using /dev/tty or equivalent */ -char devnam[MAXPATHLEN]; /* Device name */ bool nodetach = 0; /* Don't detach from controlling tty */ bool updetach = 0; /* Detach once link is up */ bool master_detach; /* Detach when we're (only) multilink master */ @@ -110,7 +111,6 @@ char passwd[MAXSECRETLEN]; /* Password for PAP */ bool persist = 0; /* Reopen link after it goes down */ char our_name[MAXNAMELEN]; /* Our name for authentication purposes */ bool demand = 0; /* do dial-on-demand */ -char *ipparam = NULL; /* Extra parameter for ip up/down scripts */ int idle_time_limit = 0; /* Disconnect if idle for this many seconds */ int holdoff = 30; /* # seconds to pause before reconnecting */ bool holdoff_specified; /* true if a holdoff value has been given */ @@ -140,11 +140,11 @@ char path_ipv6down[MAXPATHLEN]; /* pathname of ipv6-down script */ #endif unsigned int maxoctets = 0; /* default - no limit */ -int maxoctets_dir = 0; /* default - sum of traffic */ +session_limit_dir_t maxoctets_dir = PPP_OCTETS_DIRECTION_SUM; /* default - sum of traffic */ int maxoctets_timeout = 1; /* default 1 second */ -extern option_t auth_options[]; +extern struct option auth_options[]; extern struct stat devstat; #ifdef PPP_WITH_FILTER @@ -152,7 +152,7 @@ struct bpf_program pass_filter;/* Filter program for packets to pass */ struct bpf_program active_filter; /* Filter program for link-active pkts */ #endif -static option_t *curopt; /* pointer to option being processed */ +static struct option *curopt; /* pointer to option being processed */ char *current_option; /* the name of the option being parsed */ int privileged_option; /* set iff the current option came from root */ char *option_source; /* string saying where the option came from */ @@ -186,20 +186,20 @@ static int setactivefilter(char **); static int setmodir(char **); static int user_setenv(char **); -static void user_setprint(option_t *, printer_func, void *); +static void user_setprint(struct option *, printer_func, void *); static int user_unsetenv(char **); -static void user_unsetprint(option_t *, printer_func, void *); +static void user_unsetprint(struct option *, printer_func, void *); -static option_t *find_option(char *name); -static int process_option(option_t *, char *, char **); -static int n_arguments(option_t *); +static struct option *find_option(char *name); +static int process_option(struct option *, char *, char **); +static int n_arguments(struct option *); static int number_option(char *, u_int32_t *, int); /* * Structure to store extra lists of options. */ struct option_list { - option_t *options; + struct option *options; struct option_list *next; }; @@ -208,7 +208,7 @@ static struct option_list *extra_options = NULL; /* * Valid arguments. */ -option_t general_options[] = { +struct option general_options[] = { { "debug", o_int, &debug, "Increase debugging level", OPT_INC | OPT_NOARG | 1 }, { "-d", o_int, &debug, @@ -395,6 +395,104 @@ option_t general_options[] = { #define IMPLEMENTATION "" #endif +int +ppp_get_max_idle_time() +{ + return idle_time_limit; +} + +void +ppp_set_max_idle_time(unsigned int max) +{ + idle_time_limit = max; +} + +int +ppp_get_max_connect_time() +{ + return maxconnect; +} + +void +ppp_set_max_connect_time(unsigned int max) +{ + maxconnect = max; +} + +void +ppp_set_session_limit(unsigned int octets) +{ + maxoctets = octets; +} + +void +ppp_set_session_limit_dir(unsigned int dir) +{ + if (dir > 4) + dir = PPP_OCTETS_DIRECTION_SUM; + maxoctets_dir = (session_limit_dir_t) dir; +} + +bool +debug_on() +{ + return !!debug; +} + +int +ppp_get_path(ppp_path_t type, char *buf, size_t bufsz) +{ + const char *path; + + if (buf && bufsz > 0) { + switch (type) { + case PPP_DIR_LOG: + path = PPP_PATH_VARLOG; + break; + case PPP_DIR_RUNTIME: + path = PPP_PATH_VARRUN; + break; + case PPP_DIR_PLUGIN: + path = PPP_PATH_PLUGIN; + break; + case PPP_DIR_CONF: + path = PPP_PATH_CONFDIR; + break; + } + return strlcpy(buf, path, bufsz); + } + return -1; +} + +int +ppp_get_filepath(ppp_path_t type, const char *name, char *buf, size_t bufsz) +{ + const char *path; + + if (buf && bufsz > 0) { + switch (type) { + case PPP_DIR_LOG: + path = PPP_PATH_VARLOG; + break; + case PPP_DIR_RUNTIME: + path = PPP_PATH_VARRUN; + break; + case PPP_DIR_PLUGIN: + path = PPP_PATH_PLUGIN; + break; + case PPP_DIR_CONF: + path = PPP_PATH_CONFDIR; + break; + } + return slprintf(buf, bufsz, "%s/%s", path, name); + } + return -1; +} + +bool ppp_persist() +{ + return !!persist; +} /* * parse_args - parse a string of arguments from the command line. @@ -403,7 +501,7 @@ int parse_args(int argc, char **argv) { char *arg; - option_t *opt; + struct option *opt; int n; privileged_option = privileged; @@ -414,13 +512,13 @@ parse_args(int argc, char **argv) --argc; opt = find_option(arg); if (opt == NULL) { - option_error("unrecognized option '%s'", arg); + ppp_option_error("unrecognized option '%s'", arg); usage(); return 0; } n = n_arguments(opt); if (argc < n) { - option_error("too few parameters for option %s", arg); + ppp_option_error("too few parameters for option %s", arg); return 0; } if (!process_option(opt, arg, argv)) @@ -436,11 +534,11 @@ parse_args(int argc, char **argv) * and interpret them. */ int -options_from_file(char *filename, int must_exist, int check_prot, int priv) +ppp_options_from_file(char *filename, int must_exist, int check_prot, int priv) { FILE *f; int i, newline, ret, err; - option_t *opt; + struct option *opt; int oldpriv, n; char *oldsource; uid_t euid; @@ -450,7 +548,7 @@ options_from_file(char *filename, int must_exist, int check_prot, int priv) euid = geteuid(); if (check_prot && seteuid(getuid()) == -1) { - option_error("unable to drop privileges to open %s: %m", filename); + ppp_option_error("unable to drop privileges to open %s: %m", filename); return 0; } f = fopen(filename, "r"); @@ -464,7 +562,7 @@ options_from_file(char *filename, int must_exist, int check_prot, int priv) warn("Warning: can't open options file %s: %m", filename); return 1; } - option_error("Can't open options file %s: %m", filename); + ppp_option_error("Can't open options file %s: %m", filename); return 0; } @@ -478,14 +576,14 @@ options_from_file(char *filename, int must_exist, int check_prot, int priv) while (getword(f, cmd, &newline, filename)) { opt = find_option(cmd); if (opt == NULL) { - option_error("In file %s: unrecognized option '%s'", + ppp_option_error("In file %s: unrecognized option '%s'", filename, cmd); goto err; } n = n_arguments(opt); for (i = 0; i < n; ++i) { if (!getword(f, args[i], &newline, filename)) { - option_error( + ppp_option_error( "In file %s: too few parameters for option '%s'", filename, cmd); goto err; @@ -526,7 +624,7 @@ options_from_user(void) novm("init file name"); slprintf(path, pl, "%s/%s", user, file); option_priority = OPRIO_CFGFILE; - ret = options_from_file(path, 0, 1, privileged); + ret = ppp_options_from_file(path, 0, 1, privileged); free(path); return ret; } @@ -561,7 +659,7 @@ options_for_tty(void) if (*p == '/') *p = '.'; option_priority = OPRIO_CFGFILE; - ret = options_from_file(path, 0, 0, 1); + ret = ppp_options_from_file(path, 0, 0, 1); free(path); return ret; } @@ -573,7 +671,7 @@ int options_from_list(struct wordlist *w, int priv) { char *argv[MAXARGS]; - option_t *opt; + struct option *opt; int i, n, ret = 0; struct wordlist *w0; @@ -584,7 +682,7 @@ options_from_list(struct wordlist *w, int priv) while (w != NULL) { opt = find_option(w->word); if (opt == NULL) { - option_error("In secrets file: unrecognized option '%s'", + ppp_option_error("In secrets file: unrecognized option '%s'", w->word); goto err; } @@ -593,7 +691,7 @@ options_from_list(struct wordlist *w, int priv) for (i = 0; i < n; ++i) { w = w->next; if (w == NULL) { - option_error( + ppp_option_error( "In secrets file: too few parameters for option '%s'", w0->word); goto err; @@ -611,10 +709,10 @@ err: } /* - * match_option - see if this option matches an option_t structure. + * match_option - see if this option matches an option structure. */ static int -match_option(char *name, option_t *opt, int dowild) +match_option(char *name, struct option *opt, int dowild) { int (*match)(char *, char **, int); @@ -631,10 +729,10 @@ match_option(char *name, option_t *opt, int dowild) * looking for an entry with the given name. * This could be optimized by using a hash table. */ -static option_t * +static struct option * find_option(char *name) { - option_t *opt; + struct option *opt; struct option_list *list; int i, dowild; @@ -665,7 +763,7 @@ find_option(char *name) * process_option - process one new-style option. */ static int -process_option(option_t *opt, char *cmd, char **argv) +process_option(struct option *opt, char *cmd, char **argv) { u_int32_t v; int iv, a; @@ -674,7 +772,7 @@ process_option(option_t *opt, char *cmd, char **argv) int (*wildp)(char *, char **, int); char *optopt = (opt->type == o_wild)? "": " option"; int prio = option_priority; - option_t *mainopt = opt; + struct option *mainopt = opt; current_option = opt->name; if ((opt->flags & OPT_PRIVFIX) && privileged_option) @@ -685,7 +783,7 @@ process_option(option_t *opt, char *cmd, char **argv) if (prio < mainopt->priority) { /* new value doesn't override old */ if (prio == OPRIO_CMDLINE && mainopt->priority > OPRIO_ROOT) { - option_error("%s%s set in %s cannot be overridden\n", + ppp_option_error("%s%s set in %s cannot be overridden\n", opt->name, optopt, mainopt->source); return 0; } @@ -696,22 +794,22 @@ process_option(option_t *opt, char *cmd, char **argv) opt->name, optopt, option_source); } - if ((opt->flags & OPT_INITONLY) && phase != PHASE_INITIALIZE) { - option_error("%s%s cannot be changed after initialization", + if ((opt->flags & OPT_INITONLY) && !in_phase(PHASE_INITIALIZE)) { + ppp_option_error("%s%s cannot be changed after initialization", opt->name, optopt); return 0; } if ((opt->flags & OPT_PRIV) && !privileged_option) { - option_error("using the %s%s requires root privilege", + ppp_option_error("using the %s%s requires root privilege", opt->name, optopt); return 0; } if ((opt->flags & OPT_ENABLE) && *(bool *)(opt->addr2) == 0) { - option_error("%s%s is disabled", opt->name, optopt); + ppp_option_error("%s%s is disabled", opt->name, optopt); return 0; } if ((opt->flags & OPT_DEVEQUIV) && devnam_fixed) { - option_error("the %s%s may not be changed in %s", + ppp_option_error("the %s%s may not be changed in %s", opt->name, optopt, option_source); return 0; } @@ -733,7 +831,7 @@ process_option(option_t *opt, char *cmd, char **argv) case o_int: iv = 0; if ((opt->flags & OPT_NOARG) == 0) { - if (!int_option(*argv, &iv)) + if (!ppp_int_option(*argv, &iv)) return 0; if ((((opt->flags & OPT_LLIMIT) && iv < opt->lower_limit) || ((opt->flags & OPT_ULIMIT) && iv > opt->upper_limit)) @@ -741,15 +839,15 @@ process_option(option_t *opt, char *cmd, char **argv) char *zok = (opt->flags & OPT_ZEROOK)? " zero or": ""; switch (opt->flags & OPT_LIMITS) { case OPT_LLIMIT: - option_error("%s value must be%s >= %d", + ppp_option_error("%s value must be%s >= %d", opt->name, zok, opt->lower_limit); break; case OPT_ULIMIT: - option_error("%s value must be%s <= %d", + ppp_option_error("%s value must be%s <= %d", opt->name, zok, opt->upper_limit); break; case OPT_LIMITS: - option_error("%s value must be%s between %d and %d", + ppp_option_error("%s value must be%s between %d and %d", opt->name, zok, opt->lower_limit, opt->upper_limit); break; } @@ -766,7 +864,7 @@ process_option(option_t *opt, char *cmd, char **argv) int oldv = *(int *)(opt->addr); if ((opt->flags & OPT_ZEROINF) ? (oldv != 0 && (iv == 0 || iv > oldv)) : (iv > oldv)) { - option_error("%s value cannot be increased", opt->name); + ppp_option_error("%s value cannot be increased", opt->name); return 0; } } @@ -863,7 +961,7 @@ process_option(option_t *opt, char *cmd, char **argv) int override_value(char *option, int priority, const char *source) { - option_t *opt; + struct option *opt; opt = find_option(option); if (opt == NULL) @@ -882,7 +980,7 @@ override_value(char *option, int priority, const char *source) * n_arguments - tell how many arguments an option takes */ static int -n_arguments(option_t *opt) +n_arguments(struct option *opt) { return (opt->type == o_bool || opt->type == o_special_noarg || (opt->flags & OPT_NOARG))? 0: 1; @@ -892,7 +990,7 @@ n_arguments(option_t *opt) * add_options - add a list of options to the set we grok. */ void -add_options(option_t *opt) +ppp_add_options(struct option *opt) { struct option_list *list; @@ -918,7 +1016,7 @@ check_options(void) * print_option - print out an option and its value */ static void -print_option(option_t *opt, option_t *mainopt, printer_func printer, void *arg) +print_option(struct option *opt, struct option *mainopt, printer_func printer, void *arg) { int i, v; char *p; @@ -980,8 +1078,8 @@ print_option(option_t *opt, option_t *mainopt, printer_func printer, void *arg) printer(arg, " "); } if (opt->flags & OPT_A2PRINTER) { - void (*oprt)(option_t *, printer_func, void *); - oprt = (void (*)(option_t *, printer_func, void *)) + void (*oprt)(struct option *, printer_func, void *); + oprt = (void (*)(struct option *, printer_func, void *)) opt->addr2; (*oprt)(opt, printer, arg); } else if (opt->flags & OPT_A2STRVAL) { @@ -1017,7 +1115,7 @@ print_option(option_t *opt, option_t *mainopt, printer_func printer, void *arg) * array of options. */ static void -print_option_list(option_t *opt, printer_func printer, void *arg) +print_option_list(struct option *opt, printer_func printer, void *arg) { while (opt->name != NULL) { if (opt->priority != OPRIO_DEFAULT @@ -1055,7 +1153,7 @@ static void usage(void) { FILE *fp = stderr; - if (phase == PHASE_INITIALIZE) { + if (in_phase(PHASE_INITIALIZE)) { fprintf(fp, "%s v%s\n", PACKAGE_NAME, PACKAGE_VERSION); fprintf(fp, "Copyright (C) 1999-2022 Paul Mackerras, and others. All rights reserved.\n\n"); @@ -1089,7 +1187,7 @@ usage(void) static int showhelp(char **argv) { - if (phase == PHASE_INITIALIZE) { + if (in_phase(PHASE_INITIALIZE)) { usage(); exit(0); } @@ -1102,7 +1200,7 @@ showhelp(char **argv) static int showversion(char **argv) { - if (phase == PHASE_INITIALIZE) { + if (in_phase(PHASE_INITIALIZE)) { fprintf(stdout, "pppd version %s\n", VERSION); exit(0); } @@ -1113,9 +1211,9 @@ showversion(char **argv) * Print a set of options including the name of the group of options */ static void -showopts_list(FILE *fp, const char *title, option_t *list, ...) +showopts_list(FILE *fp, const char *title, struct option *list, ...) { - option_t *opt = list; + struct option *opt = list; va_list varg; if (opt && opt->name) { @@ -1165,12 +1263,12 @@ showopts(void) } /* - * option_error - print a message about an error in an option. + * ppp_option_error - print a message about an error in an option. * The message is logged, and also sent to - * stderr if phase == PHASE_INITIALIZE. + * stderr if in_phase(PHASE_INITIALIZE). */ void -option_error(char *fmt, ...) +ppp_option_error(char *fmt, ...) { va_list args; char buf[1024]; @@ -1178,7 +1276,7 @@ option_error(char *fmt, ...) va_start(args, fmt); vslprintf(buf, sizeof(buf), fmt, args); va_end(args); - if (phase == PHASE_INITIALIZE) + if (in_phase(PHASE_INITIALIZE)) fprintf(stderr, "%s: %s\n", progname, buf); syslog(LOG_ERR, "%s", buf); } @@ -1425,7 +1523,7 @@ getword(FILE *f, char *word, int *newlinep, char *filename) if (ferror(f)) { if (errno == 0) errno = EIO; - option_error("Error reading %s: %m", filename); + ppp_option_error("Error reading %s: %m", filename); die(1); } /* @@ -1435,7 +1533,7 @@ getword(FILE *f, char *word, int *newlinep, char *filename) if (len == 0) return 0; if (quoted) - option_error("warning: quoted word runs to end of file (%.20s...)", + ppp_option_error("warning: quoted word runs to end of file (%.20s...)", filename, word); } @@ -1443,7 +1541,7 @@ getword(FILE *f, char *word, int *newlinep, char *filename) * Warn if the word was too long, and append a terminating null. */ if (len >= MAXWORDLEN) { - option_error("warning: word in file %s too long (%.20s...)", + ppp_option_error("warning: word in file %s too long (%.20s...)", filename, word); len = MAXWORDLEN - 1; } @@ -1465,7 +1563,7 @@ number_option(char *str, u_int32_t *valp, int base) *valp = strtoul(str, &ptr, base); if (ptr == str) { - option_error("invalid numeric parameter '%s' for %s option", + ppp_option_error("invalid numeric parameter '%s' for %s option", str, current_option); return 0; } @@ -1479,7 +1577,7 @@ number_option(char *str, u_int32_t *valp, int base) * if there is an error. */ int -int_option(char *str, int *valp) +ppp_int_option(char *str, int *valp) { u_int32_t v; @@ -1500,7 +1598,7 @@ int_option(char *str, int *valp) static int readfile(char **argv) { - return options_from_file(*argv, 1, 1, privileged_option); + return ppp_options_from_file(*argv, 1, 1, privileged_option); } /* @@ -1530,7 +1628,7 @@ callfile(char **argv) } } if (!ok) { - option_error("call option value may not contain .. or start with /"); + ppp_option_error("call option value may not contain .. or start with /"); return 0; } @@ -1538,9 +1636,9 @@ callfile(char **argv) if ((fname = (char *) malloc(l)) == NULL) novm("call file name"); slprintf(fname, l, "%s%s", PPP_PATH_PEERFILES, arg); - script_setenv("CALL_FILE", arg, 0); + ppp_script_setenv("CALL_FILE", arg, 0); - ok = options_from_file(fname, 1, 1, 1); + ok = ppp_options_from_file(fname, 1, 1, 1); free(fname); return ok; @@ -1558,7 +1656,7 @@ setpassfilter(char **argv) pc = pcap_open_dead(DLT_PPP_PPPD, 65535); if (pcap_compile(pc, &pass_filter, *argv, 1, netmask) == -1) { - option_error("error in pass-filter expression: %s\n", + ppp_option_error("error in pass-filter expression: %s\n", pcap_geterr(pc)); ret = 0; } @@ -1578,7 +1676,7 @@ setactivefilter(char **argv) pc = pcap_open_dead(DLT_PPP_PPPD, 65535); if (pcap_compile(pc, &active_filter, *argv, 1, netmask) == -1) { - option_error("error in active-filter expression: %s\n", + ppp_option_error("error in active-filter expression: %s\n", pcap_geterr(pc)); ret = 0; } @@ -1613,7 +1711,7 @@ setlogfile(char **argv) euid = geteuid(); if (!privileged_option && seteuid(getuid()) == -1) { - option_error("unable to drop permissions to open %s: %m", *argv); + ppp_option_error("unable to drop permissions to open %s: %m", *argv); return 0; } fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644); @@ -1624,7 +1722,7 @@ setlogfile(char **argv) fatal("unable to regain privileges: %m"); if (fd < 0) { errno = err; - option_error("Can't open log file %s: %m", *argv); + ppp_option_error("Can't open log file %s: %m", *argv); return 0; } strlcpy(logfile_name, *argv, sizeof(logfile_name)); @@ -1678,20 +1776,20 @@ loadplugin(char **argv) if (handle == 0) { err = dlerror(); if (err != 0) - option_error("%s", err); - option_error("Couldn't load plugin %s", arg); + ppp_option_error("%s", err); + ppp_option_error("Couldn't load plugin %s", arg); goto err; } init = (void (*)(void))dlsym(handle, "plugin_init"); if (init == 0) { - option_error("%s has no initialization entry point", arg); + ppp_option_error("%s has no initialization entry point", arg); goto errclose; } vers = (const char *) dlsym(handle, "pppd_version"); if (vers == 0) { warn("Warning: plugin %s has no version information", arg); } else if (strcmp(vers, VERSION) != 0) { - option_error("Plugin %s is for pppd version %s, this is %s", + ppp_option_error("Plugin %s is for pppd version %s, this is %s", arg, vers, VERSION); goto errclose; } @@ -1719,11 +1817,11 @@ user_setenv(char **argv) struct userenv *uep, **insp; if ((eqp = strchr(arg, '=')) == NULL) { - option_error("missing = in name=value: %s", arg); + ppp_option_error("missing = in name=value: %s", arg); return 0; } if (eqp == arg) { - option_error("missing variable name: %s", arg); + ppp_option_error("missing variable name: %s", arg); return 0; } for (uep = userenv_list; uep != NULL; uep = uep->ue_next) { @@ -1764,7 +1862,7 @@ user_setenv(char **argv) } static void -user_setprint(option_t *opt, printer_func printer, void *arg) +user_setprint(struct option *opt, printer_func printer, void *arg) { struct userenv *uep, *uepnext; @@ -1790,11 +1888,11 @@ user_unsetenv(char **argv) char *arg = argv[0]; if (strchr(arg, '=') != NULL) { - option_error("unexpected = in name: %s", arg); + ppp_option_error("unexpected = in name: %s", arg); return 0; } if (*arg == '\0') { - option_error("missing variable name for unset"); + ppp_option_error("missing variable name for unset"); return 0; } for (uep = userenv_list; uep != NULL; uep = uep->ue_next) { @@ -1832,7 +1930,7 @@ user_unsetenv(char **argv) } static void -user_unsetprint(option_t *opt, printer_func printer, void *arg) +user_unsetprint(struct option *opt, printer_func printer, void *arg) { struct userenv *uep, *uepnext; diff --git a/pppd/options.h b/pppd/options.h new file mode 100644 index 0000000..61d2bab --- /dev/null +++ b/pppd/options.h @@ -0,0 +1,114 @@ +/* + * options.h - header declarations for option processing for PPP. + * + * Copyright (c) 2000-2002 Paul Mackerras. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. The name(s) of the authors of this software must not be used to + * endorse or promote products derived from this software without + * prior written permission. + * + * 3. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by Paul Mackerras + * <paulus@samba.org>". + * + * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO + * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN + * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef PPP_OPTIONS_H +#define PPP_OPTIONS_H + +enum opt_type { + o_special_noarg, + o_special, + o_bool, + o_int, + o_uint32, + o_string, + o_wild +}; + +struct option { + char *name; /* name of the option */ + enum opt_type type; + void *addr; + char *description; + unsigned int flags; + void *addr2; + int upper_limit; + int lower_limit; + const char *source; + short int priority; + short int winner; +}; + +typedef struct option option_t; + +/* Values for flags */ +#define OPT_VALUE 0xff /* mask for presupplied value */ +#define OPT_HEX 0x100 /* int option is in hex */ +#define OPT_NOARG 0x200 /* option doesn't take argument */ +#define OPT_OR 0x400 /* for u32, OR in argument to value */ +#define OPT_INC 0x400 /* for o_int, increment value */ +#define OPT_A2OR 0x800 /* for o_bool, OR arg to *(u_char *)addr2 */ +#define OPT_PRIV 0x1000 /* privileged option */ +#define OPT_STATIC 0x2000 /* string option goes into static array */ +#define OPT_NOINCR 0x2000 /* for o_int, value mustn't be increased */ +#define OPT_LLIMIT 0x4000 /* check value against lower limit */ +#define OPT_ULIMIT 0x8000 /* check value against upper limit */ +#define OPT_LIMITS (OPT_LLIMIT|OPT_ULIMIT) +#define OPT_ZEROOK 0x10000 /* 0 value is OK even if not within limits */ +#define OPT_HIDE 0x10000 /* for o_string, print value as ?????? */ +#define OPT_A2LIST 0x20000 /* for o_special, keep list of values */ +#define OPT_A2CLRB 0x20000 /* o_bool, clr val bits in *(u_char *)addr2 */ +#define OPT_ZEROINF 0x40000 /* with OPT_NOINCR, 0 == infinity */ +#define OPT_PRIO 0x80000 /* process option priorities for this option */ +#define OPT_PRIOSUB 0x100000 /* subsidiary member of priority group */ +#define OPT_ALIAS 0x200000 /* option is alias for previous option */ +#define OPT_A2COPY 0x400000 /* addr2 -> second location to rcv value */ +#define OPT_ENABLE 0x800000 /* use *addr2 as enable for option */ +#define OPT_A2CLR 0x1000000 /* clear *(bool *)addr2 */ +#define OPT_PRIVFIX 0x2000000 /* user can't override if set by root */ +#define OPT_INITONLY 0x4000000 /* option can only be set in init phase */ +#define OPT_DEVEQUIV 0x8000000 /* equiv to device name */ +#define OPT_DEVNAM (OPT_INITONLY | OPT_DEVEQUIV) +#define OPT_A2PRINTER 0x10000000 /* *addr2 printer_func to print option */ +#define OPT_A2STRVAL 0x20000000 /* *addr2 points to current string value */ +#define OPT_NOPRINT 0x40000000 /* don't print this option at all */ + +#define OPT_VAL(x) ((x) & OPT_VALUE) + +/* Values for priority */ +#define OPRIO_DEFAULT 0 /* a default value */ +#define OPRIO_CFGFILE 1 /* value from a configuration file */ +#define OPRIO_CMDLINE 2 /* value from the command line */ +#define OPRIO_SECFILE 3 /* value from options in a secrets file */ +#define OPRIO_ROOT 100 /* added to priority if OPT_PRIVFIX && root */ + +/* Add additional supported options by e.g. plug-in */ +void ppp_add_options(struct option *options); + +/* Parse options from an options file */ +int ppp_options_from_file(char *filename, int must_exist, int check_prot, + int privileged); + +/* Simplified number_option for decimal ints */ +int ppp_int_option(char *name, int *value); + +/* Print an error message about an option */ +void ppp_option_error(char *fmt, ...); + +#endif diff --git a/pppd/peap.c b/pppd/peap.c index d6e5fcf..243a8bd 100644 --- a/pppd/peap.c +++ b/pppd/peap.c @@ -47,6 +47,10 @@ * https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-peap */ +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -57,10 +61,10 @@ #include <openssl/rand.h> #include <openssl/err.h> -#include "pppd.h" +#include "pppd-private.h" #include "eap.h" #include "tls.h" -#include "chap-new.h" +#include "chap.h" #include "chap_ms.h" #include "mppe.h" #include "peap.h" @@ -436,6 +440,7 @@ void peap_do_inner_eap(u_char *in_buf, int in_len, eap_state *esp, int id, } case CHAP_FAILURE: { + u_char status = CHAP_FAILURE; psm->chap->handle_failure(in_buf, in_len); PUTCHAR(EAPT_MSCHAPV2, outp); PUTCHAR(status, outp); diff --git a/pppd/plugins/minconn.c b/pppd/plugins/minconn.c index 82bef48..9e9735f 100644 --- a/pppd/plugins/minconn.c +++ b/pppd/plugins/minconn.c @@ -35,13 +35,25 @@ #include <stddef.h> #include <time.h> +#include <stdint.h> +#include <stdbool.h> +#include <stdarg.h> +#include <sys/types.h> + #include <pppd/pppd.h> +#include <pppd/options.h> + +#if !defined(SOL2) +#include <linux/ppp_defs.h> +#else +#include <net/ppp_defs.h> +#endif char pppd_version[] = PPPD_VERSION; static int minconnect = 0; -static option_t my_options[] = { +static struct option my_options[] = { { "minconnect", o_int, &minconnect, "Set minimum connect time before idle timeout applies" }, { NULL } @@ -52,16 +64,16 @@ static int my_get_idle(struct ppp_idle *idle) time_t t; if (idle == NULL) - return minconnect? minconnect: idle_time_limit; + return minconnect ? minconnect: ppp_get_max_idle_time(); t = idle->xmit_idle; if (idle->recv_idle < t) t = idle->recv_idle; - return idle_time_limit - t; + return ppp_get_max_idle_time() - t; } void plugin_init(void) { info("plugin_init"); - add_options(my_options); + ppp_add_options(my_options); idle_time_hook = my_get_idle; } diff --git a/pppd/plugins/passprompt.c b/pppd/plugins/passprompt.c index 14a199f..7779d51 100644 --- a/pppd/plugins/passprompt.c +++ b/pppd/plugins/passprompt.c @@ -14,15 +14,24 @@ #include <sys/wait.h> #include <sys/param.h> #include <limits.h> +#include <stdio.h> #include <syslog.h> +#include <stdarg.h> +#include <stdint.h> +#include <stdbool.h> +#include <string.h> + #include <pppd/pppd.h> +#include <pppd/upap.h> +#include <pppd/eap.h> +#include <pppd/options.h> char pppd_version[] = PPPD_VERSION; static char promptprog[PATH_MAX+1]; static int promptprog_refused = 0; -static option_t options[] = { +static struct option options[] = { { "promptprog", o_string, promptprog, "External PAP password prompting program", OPT_STATIC, NULL, PATH_MAX }, @@ -55,7 +64,7 @@ static int promptpass(char *user, char *passwd) if (!kid) { /* we are the child, exec the program */ char *argv[5], fdstr[32]; - sys_close(); + ppp_sys_close(); closelog(); close(p[0]); ret = seteuid(getuid()); @@ -66,10 +75,10 @@ static int promptpass(char *user, char *passwd) if (ret != 0) { warn("Couldn't set effective user id"); } - argv[0] = promptprog; - argv[1] = user; - argv[2] = remote_name; sprintf(fdstr, "%d", p[1]); + argv[0] = promptprog; + argv[1] = strdup(user); + argv[2] = strdup(ppp_remote_name()); argv[3] = fdstr; argv[4] = 0; execv(*argv, argv); @@ -84,7 +93,7 @@ static int promptpass(char *user, char *passwd) if (red == 0) break; if (red < 0) { - if (errno == EINTR && !got_sigterm) + if (errno == EINTR && !ppp_signaled(SIGTERM)) continue; error("Can't read secret from %s: %m", promptprog); readgood = -1; @@ -96,7 +105,7 @@ static int promptpass(char *user, char *passwd) /* now wait for child to exit */ while (waitpid(kid, &wstat, 0) < 0) { - if (errno != EINTR || got_sigterm) { + if (errno != EINTR || ppp_signaled(SIGTERM)) { warn("error waiting for %s: %m", promptprog); break; } @@ -120,7 +129,7 @@ static int promptpass(char *user, char *passwd) void plugin_init(void) { - add_options(options); + ppp_add_options(options); pap_passwd_hook = promptpass; #ifdef PPP_WITH_EAPTLS eaptls_passwd_hook = promptpass; diff --git a/pppd/plugins/passwordfd.c b/pppd/plugins/passwordfd.c index 6f8bc6f..c1f782e 100644 --- a/pppd/plugins/passwordfd.c +++ b/pppd/plugins/passwordfd.c @@ -11,15 +11,23 @@ #include <errno.h> #include <string.h> #include <unistd.h> +#include <stdarg.h> +#include <stdbool.h> +#include <stdint.h> +#include <sys/time.h> #include <pppd/pppd.h> +#include <pppd/upap.h> +#include <pppd/chap.h> +#include <pppd/eap.h> +#include <pppd/options.h> char pppd_version[] = PPPD_VERSION; static int passwdfd = -1; static char save_passwd[MAXSECRETLEN]; -static option_t options[] = { +static struct option options[] = { { "passwordfd", o_int, &passwdfd, "Receive password on this file descriptor" }, { NULL } @@ -72,7 +80,7 @@ static int pwfd_passwd (char *user, char *passwd) void plugin_init (void) { - add_options (options); + ppp_add_options (options); pap_check_hook = pwfd_check; pap_passwd_hook = pwfd_passwd; diff --git a/pppd/plugins/pppoatm/pppoatm.c b/pppd/plugins/pppoatm/pppoatm.c index 5ac03c8..207e5bf 100644 --- a/pppd/plugins/pppoatm/pppoatm.c +++ b/pppd/plugins/pppoatm/pppoatm.c @@ -24,9 +24,11 @@ #include <net/if.h> #include <sys/ioctl.h> #include <sys/param.h> +#include <stdbool.h> +#include <stdarg.h> #include <pppd/pppd.h> -#include <pppd/pathnames.h> +#include <pppd/options.h> #include <pppd/fsm.h> /* Needed for lcp.h to include cleanly */ #include <pppd/lcp.h> @@ -42,8 +44,9 @@ static int pppoatm_max_mtu, pppoatm_max_mru; static int setdevname_pppoatm(const char *cp, const char **argv, int doit); struct channel pppoa_channel; static int pppoa_fd = -1; +static char devnam[MAXNAMELEN]; -static option_t pppoa_options[] = { +static struct option pppoa_options[] = { { "device name", o_wild, (void *) &setdevname_pppoatm, "ATM service provider IDs: VPI.VCI", OPT_DEVNAM | OPT_PRIVFIX | OPT_NOARG | OPT_A2STRVAL | OPT_STATIC, @@ -90,6 +93,7 @@ static int setdevname_pppoatm(const char *cp, const char **argv, int doit) memcpy(&pvcaddr, &addr, sizeof pvcaddr); strlcpy(devnam, cp, MAXPATHLEN); + ppp_set_devnam(devnam); devstat.st_mode = S_IFSOCK; if (the_channel != &pppoa_channel) { the_channel = &pppoa_channel; @@ -163,7 +167,7 @@ static int connect_pppoatm(void) pppoatm_max_mtu = lcp_allowoptions[0].mru; pppoatm_max_mru = lcp_wantoptions[0].mru; set_line_discipline_pppoatm(fd); - strlcpy(ppp_devnam, devnam, MAXPATHLEN); + ppp_set_pppdevnam(devnam); pppoa_fd = fd; return fd; } @@ -177,13 +181,13 @@ void plugin_init(void) { #ifdef linux extern int new_style_driver; /* From sys-linux.c */ - if (!ppp_available() && !new_style_driver) + if (!ppp_check_kernel_support() && !new_style_driver) fatal("Kernel doesn't support ppp_generic - " "needed for PPPoATM"); #else fatal("No PPPoATM support on this OS"); #endif - add_options(pppoa_options); + ppp_add_options(pppoa_options); } struct channel pppoa_channel = { @@ -192,8 +196,8 @@ struct channel pppoa_channel = { .check_options = NULL, .connect = &connect_pppoatm, .disconnect = &disconnect_pppoatm, - .establish_ppp = &generic_establish_ppp, - .disestablish_ppp = &generic_disestablish_ppp, + .establish_ppp = &ppp_generic_establish, + .disestablish_ppp = &ppp_generic_disestablish, .send_config = NULL, .recv_config = NULL, .close = NULL, diff --git a/pppd/plugins/pppoe/Makefile.am b/pppd/plugins/pppoe/Makefile.am index 5fea701..4ce0a48 100644 --- a/pppd/plugins/pppoe/Makefile.am +++ b/pppd/plugins/pppoe/Makefile.am @@ -6,7 +6,7 @@ dist_man8_MANS = pppoe-discovery.8 noinst_HEADERS = \ pppoe.h -pppoe_la_CPPFLAGS = -I${top_srcdir} -DSYSCONFDIR=\"${sysconfdir}\" +pppoe_la_CPPFLAGS = -I${top_srcdir} -DSYSCONFDIR=\"${sysconfdir}\" -DPLUGIN pppoe_la_LDFLAGS = -module -avoid-version pppoe_la_SOURCES = plugin.c discovery.c if.c common.c diff --git a/pppd/plugins/pppoe/config.h.in b/pppd/plugins/pppoe/config.h.in index 0c4d9da..d447f5e 100644 --- a/pppd/plugins/pppoe/config.h.in +++ b/pppd/plugins/pppoe/config.h.in @@ -45,6 +45,21 @@ /* Define to 1 if you have the <unistd.h> header file. */ #undef HAVE_UNISTD_H +/* Define to 1 if you have the <stdarg.h> header file. */ +#undef HAVE_STDARG_H + +/* Define to 1 if you have the <stdbool.h> header file. */ +#undef HAVE_STDBOOL_H + +/* Define to 1 if you have the <stddef.h> header file. */ +#undef HAVE_STDDEF_H + +/* Define to 1 if you have the <stdint.h> header file. */ +#undef HAVE_STDINT_H + +/* Define to 1 if you have the <stdint.h> header file. */ +#undef HAVE_SYS_TYPES_H + /* The size of `unsigned int', as computed by sizeof. */ #undef SIZEOF_UNSIGNED_INT diff --git a/pppd/plugins/pppoe/discovery.c b/pppd/plugins/pppoe/discovery.c index a5c2c62..ccb88b2 100644 --- a/pppd/plugins/pppoe/discovery.c +++ b/pppd/plugins/pppoe/discovery.c @@ -44,6 +44,15 @@ static char const RCSID[] = #include <signal.h> +#ifdef PLUGIN +#define signaled(x) ppp_signaled(x) +#define get_time(x) ppp_get_time(x) +#else +int signaled(int signal); +int get_time(struct timeval *tv); + +#endif + /* Calculate time remaining until *exp, return 0 if now >= *exp */ static int time_left(struct timeval *diff, struct timeval *exp) { @@ -404,7 +413,7 @@ waitForPADO(PPPoEConnection *conn, int timeout) while(1) { r = select(conn->discoverySocket+1, &readable, NULL, NULL, &tv); - if (r >= 0 || errno != EINTR || got_sigterm) break; + if (r >= 0 || errno != EINTR || signaled(SIGTERM)) break; } if (r < 0) { error("select (waitForPADO): %m"); @@ -595,7 +604,7 @@ waitForPADS(PPPoEConnection *conn, int timeout) while(1) { r = select(conn->discoverySocket+1, &readable, NULL, NULL, &tv); - if (r >= 0 || errno != EINTR || got_sigterm) break; + if (r >= 0 || errno != EINTR || signaled(SIGTERM)) break; } if (r < 0) { error("select (waitForPADS): %m"); @@ -666,7 +675,7 @@ discovery1(PPPoEConnection *conn) do { padiAttempts++; - if (got_sigterm || padiAttempts > conn->discoveryAttempts) { + if (signaled(SIGTERM) || padiAttempts > conn->discoveryAttempts) { warn("Timeout waiting for PADO packets"); close(conn->discoverySocket); conn->discoverySocket = -1; @@ -697,7 +706,7 @@ discovery2(PPPoEConnection *conn) do { padrAttempts++; - if (got_sigterm || padrAttempts > conn->discoveryAttempts) { + if (signaled(SIGTERM) || padrAttempts > conn->discoveryAttempts) { warn("Timeout waiting for PADS packets"); close(conn->discoverySocket); conn->discoverySocket = -1; diff --git a/pppd/plugins/pppoe/if.c b/pppd/plugins/pppoe/if.c index a3c3848..87e5f6e 100644 --- a/pppd/plugins/pppoe/if.c +++ b/pppd/plugins/pppoe/if.c @@ -205,7 +205,7 @@ sendPacket(PPPoEConnection *conn, int sock, PPPoEPacket *pkt, int size) { int err; - if (debug) + if (debug_on()) pppoe_log_packet("Send ", pkt); #if defined(HAVE_STRUCT_SOCKADDR_LL) err = send(sock, pkt, size, 0); @@ -240,7 +240,7 @@ receivePacket(int sock, PPPoEPacket *pkt, int *size) error("error receiving pppoe packet: %m"); return -1; } - if (debug) + if (debug_on()) pppoe_log_packet("Recv ", pkt); return 0; } diff --git a/pppd/plugins/pppoe/plugin.c b/pppd/plugins/pppoe/plugin.c index 7020565..ee9d343 100644 --- a/pppd/plugins/pppoe/plugin.c +++ b/pppd/plugins/pppoe/plugin.c @@ -49,13 +49,12 @@ static char const RCSID[] = #include <linux/if_pppox.h> #include <pppd/pppd.h> +#include <pppd/options.h> #include <pppd/fsm.h> #include <pppd/lcp.h> #include <pppd/ipcp.h> #include <pppd/ccp.h> -#define PPP_PATH_ETHOPT SYSCONFDIR "/ppp/options." - char pppd_version[] = PPPD_VERSION; /* From sys-linux.c in pppd -- MUST FIX THIS! */ @@ -70,9 +69,10 @@ unsigned char pppoe_reqd_mac_addr[6]; static char *pppoe_host_uniq; static int pppoe_padi_timeout = PADI_TIMEOUT; static int pppoe_padi_attempts = MAX_PADI_ATTEMPTS; +static char devnam[MAXNAMELEN]; static int PPPoEDevnameHook(char *cmd, char **argv, int doit); -static option_t Options[] = { +static struct option Options[] = { { "device name", o_wild, (void *) &PPPoEDevnameHook, "PPPoE device name", OPT_DEVNAM | OPT_PRIVFIX | OPT_NOARG | OPT_A2STRVAL | OPT_STATIC, @@ -148,6 +148,7 @@ PPPOEConnectDevice(void) struct sockaddr_pppox sp; struct ifreq ifr; int s; + char remote_number[MAXNAMELEN]; /* Open session socket before discovery phase, to avoid losing session */ /* packets sent by peer just after PADS packet (noted on some Cisco */ @@ -196,7 +197,7 @@ PPPOEConnectDevice(void) conn->acName = acName; conn->serviceName = pppd_pppoe_service; - strlcpy(ppp_devnam, devnam, MAXPATHLEN); + ppp_set_pppdevnam(devnam); if (existingSession) { unsigned int mac[ETH_ALEN]; int i, ses; @@ -235,7 +236,7 @@ PPPOEConnectDevice(void) } /* Set PPPoE session-number for further consumption */ - ppp_session_number = ntohs(conn->session); + ppp_set_session_number(ntohs(conn->session)); sp.sa_family = AF_PPPOX; sp.sa_protocol = PX_PROTO_OE; @@ -251,17 +252,10 @@ PPPOEConnectDevice(void) (unsigned) conn->peerEth[3], (unsigned) conn->peerEth[4], (unsigned) conn->peerEth[5]); + warn("Connected to %s via interface %s", remote_number, conn->ifName); + ppp_set_remote_number(remote_number); - warn("Connected to %02X:%02X:%02X:%02X:%02X:%02X via interface %s", - (unsigned) conn->peerEth[0], - (unsigned) conn->peerEth[1], - (unsigned) conn->peerEth[2], - (unsigned) conn->peerEth[3], - (unsigned) conn->peerEth[4], - (unsigned) conn->peerEth[5], - conn->ifName); - - script_setenv("MACREMOTE", remote_number, 0); + ppp_script_setenv("MACREMOTE", remote_number, 0); if (connect(conn->sessionSocket, (struct sockaddr *) &sp, sizeof(struct sockaddr_pppox)) < 0) { @@ -325,13 +319,17 @@ PPPOEDisconnectDevice(void) static void PPPOEDeviceOptions(void) { + char name[MAXPATHLEN]; char buf[MAXPATHLEN]; - strlcpy(buf, PPP_PATH_ETHOPT, MAXPATHLEN); - strlcat(buf, devnam, MAXPATHLEN); - if (!options_from_file(buf, 0, 0, 1)) - exit(EXIT_OPTION_ERROR); - + slprintf(name, sizeof(name), "options.%s", devnam); + if (ppp_get_filepath(PPP_DIR_CONF, name, buf, sizeof(buf)) < sizeof(buf)) { + if (!ppp_options_from_file(buf, 0, 0, 1)) { + exit(EXIT_OPTION_ERROR); + } + } else { + exit(EXIT_OPTION_ERROR); + } } struct channel pppoe_channel; @@ -395,10 +393,11 @@ PPPoEDevnameHook(char *cmd, char **argv, int doit) if (the_channel != &pppoe_channel) { the_channel = &pppoe_channel; - modem = 0; + ppp_set_modem(0); PPPOEInitDevice(); } + ppp_set_devnam(devnam); return 1; } @@ -417,11 +416,11 @@ PPPoEDevnameHook(char *cmd, char **argv, int doit) void plugin_init(void) { - if (!ppp_available() && !new_style_driver) { + if (!ppp_check_kernel_support() && !new_style_driver) { fatal("Linux kernel does not support PPPoE -- are you running 2.4.x?"); } - add_options(Options); + ppp_add_options(Options); info("PPPoE plugin from pppd %s", PPPD_VERSION); } @@ -435,7 +434,7 @@ void pppoe_check_options(void) if (sscanf(pppoe_reqd_mac, "%x:%x:%x:%x:%x:%x", &mac[0], &mac[1], &mac[2], &mac[3], &mac[4], &mac[5]) != 6) { - option_error("cannot parse pppoe-mac option value"); + ppp_option_error("cannot parse pppoe-mac option value"); exit(EXIT_OPTION_ERROR); } for (i = 0; i < 6; ++i) @@ -477,8 +476,8 @@ struct channel pppoe_channel = { .check_options = pppoe_check_options, .connect = &PPPOEConnectDevice, .disconnect = &PPPOEDisconnectDevice, - .establish_ppp = &generic_establish_ppp, - .disestablish_ppp = &generic_disestablish_ppp, + .establish_ppp = &ppp_generic_establish, + .disestablish_ppp = &ppp_generic_disestablish, .send_config = NULL, .recv_config = &PPPOERecvConfig, .close = NULL, diff --git a/pppd/plugins/pppoe/pppoe-discovery.c b/pppd/plugins/pppoe/pppoe-discovery.c index b698bca..15a80fb 100644 --- a/pppd/plugins/pppoe/pppoe-discovery.c +++ b/pppd/plugins/pppoe/pppoe-discovery.c @@ -22,6 +22,8 @@ #include <time.h> #include <signal.h> #include <sys/time.h> +#include <stdbool.h> +#include <stdint.h> #include "pppoe.h" @@ -124,6 +126,17 @@ get_time(struct timeval *tv) return gettimeofday(tv, NULL); } +int signaled(int signal) { + if (signal == SIGTERM) + return got_sigterm; + return 0; +} + +bool debug_on() +{ + return !!debug; +} + static void term_handler(int signum) { diff --git a/pppd/plugins/pppoe/pppoe.h b/pppd/plugins/pppoe/pppoe.h index 1517e34..9360edd 100644 --- a/pppd/plugins/pppoe/pppoe.h +++ b/pppd/plugins/pppoe/pppoe.h @@ -322,3 +322,10 @@ do {\ #define NOT_UNICAST(e) ((e[0] & 0x01) != 0) #define BROADCAST(e) ((e[0] & e[1] & e[2] & e[3] & e[4] & e[5]) == 0xFF) #define NOT_BROADCAST(e) ((e[0] & e[1] & e[2] & e[3] & e[4] & e[5]) != 0xFF) + +#ifndef MIN +#define MIN(a, b) ((a) < (b)? (a): (b)) +#endif +#ifndef MAX +#define MAX(a, b) ((a) > (b)? (a): (b)) +#endif diff --git a/pppd/plugins/pppol2tp/openl2tp.c b/pppd/plugins/pppol2tp/openl2tp.c index 2ba8707..940d2bc 100644 --- a/pppd/plugins/pppol2tp/openl2tp.c +++ b/pppd/plugins/pppol2tp/openl2tp.c @@ -29,17 +29,22 @@ #include <sys/ioctl.h> #include <sys/socket.h> #include <sys/un.h> +#include <sys/time.h> #include <netinet/in.h> #include <signal.h> #include <linux/version.h> #include <linux/sockios.h> +#include <stdarg.h> +#include <stdbool.h> +#include <stdio.h> #include <pppd/pppd.h> -#include <pppd/pathnames.h> +#include <pppd/options.h> #include <pppd/fsm.h> #include <pppd/lcp.h> #include <pppd/ccp.h> #include <pppd/ipcp.h> +#include <pppd/multilink.h> #ifndef aligned_u64 @@ -71,7 +76,9 @@ static void (*old_pppol2tp_send_accm_hook)(int tunnel_id, int session_id, uint32_t recv_accm) = NULL; static void (*old_pppol2tp_ip_updown_hook)(int tunnel_id, int session_id, int up) = NULL; -static void (*old_multilink_join_hook)(void) = NULL; +#ifdef PPP_WITH_MULTILINK +static multilink_join_hook_fn *old_multilink_join_hook = NULL; +#endif /***************************************************************************** * OpenL2TP interface. @@ -177,8 +184,12 @@ static void openl2tp_ppp_updown_ind(int tunnel_id, int session_id, int up) uint16_t tid = tunnel_id; uint16_t sid = session_id; uint8_t state = up; - int unit = ifunit; - char *user_name = NULL; + int unit = 0; + char ifname[MAXNAMELEN]; + char user_name[MAXNAMELEN]; + + unit = ppp_ifunit(); + ppp_get_ifname(ifname, sizeof(ifname)); if (openl2tp_fd < 0) { result = openl2tp_client_create(); @@ -187,9 +198,8 @@ static void openl2tp_ppp_updown_ind(int tunnel_id, int session_id, int up) } } - if (peer_authname[0] != '\0') { - user_name = strdup(peer_authname); - } + if (!ppp_peer_authname(user_name, sizeof(user_name))) + user_name[0] = '\0'; msg->msg_signature = OPENL2TP_MSG_SIGNATURE; msg->msg_type = OPENL2TP_MSG_TYPE_PPP_UPDOWN_IND; @@ -225,7 +235,7 @@ static void openl2tp_ppp_updown_ind(int tunnel_id, int session_id, int up) memcpy(&tlv->tlv_value[0], ifname, tlv->tlv_len); msg->msg_len += sizeof(*tlv) + ALIGN32(tlv->tlv_len); - if (user_name != NULL) { + if (user_name[0] != '\0') { tlv = (void *) &msg->msg_data[msg->msg_len]; tlv->tlv_type = OPENL2TP_TLV_TYPE_PPP_USER_NAME; tlv->tlv_len = strlen(user_name) + 1; @@ -249,9 +259,6 @@ out: (*old_pppol2tp_ip_updown_hook)(tunnel_id, session_id, up); } - if (user_name != NULL) - free(user_name); - return; } @@ -273,14 +280,16 @@ out: * multilink bundle. *****************************************************************************/ +#ifdef PPP_WITH_MULTILINK static void openl2tp_multilink_join_ind(void) { - if (doing_multilink && !multilink_master) { + if (mp_on() && !mp_master()) { /* send event only if not master */ openl2tp_ppp_updown_ind(pppol2tp_tunnel_id, pppol2tp_session_id, 1); } } +#endif /***************************************************************************** * Application init @@ -294,7 +303,9 @@ void plugin_init(void) old_pppol2tp_ip_updown_hook = pppol2tp_ip_updown_hook; pppol2tp_ip_updown_hook = openl2tp_ppp_updown_ind; +#ifdef PPP_WITH_MULTILINK old_multilink_join_hook = multilink_join_hook; multilink_join_hook = openl2tp_multilink_join_ind; +#endif } diff --git a/pppd/plugins/pppol2tp/pppol2tp.c b/pppd/plugins/pppol2tp/pppol2tp.c index c1eaa9a..b808df2 100644 --- a/pppd/plugins/pppol2tp/pppol2tp.c +++ b/pppd/plugins/pppol2tp/pppol2tp.c @@ -28,8 +28,14 @@ #include <net/if.h> #include <sys/ioctl.h> #include <sys/socket.h> +#include <sys/time.h> +#include <sys/types.h> #include <netinet/in.h> #include <signal.h> +#include <stdbool.h> +#include <stdarg.h> +#include <stdio.h> + #include <linux/version.h> #include <linux/sockios.h> @@ -46,7 +52,7 @@ #include <linux/if_pppol2tp.h> #include <pppd/pppd.h> -#include <pppd/pathnames.h> +#include <pppd/options.h> #include <pppd/fsm.h> #include <pppd/lcp.h> #include <pppd/ccp.h> @@ -86,7 +92,7 @@ void (*pppol2tp_send_accm_hook)(int tunnel_id, int session_id, /* Hook provided to allow other plugins to handle IP up/down */ void (*pppol2tp_ip_updown_hook)(int tunnel_id, int session_id, int up) = NULL; -static option_t pppol2tp_options[] = { +static struct option pppol2tp_options[] = { { "pppol2tp", o_special, &setdevname_pppol2tp, "FD for PPPoL2TP socket", OPT_DEVNAM | OPT_A2STRVAL, &pppol2tp_fd_str }, @@ -133,7 +139,7 @@ static int setdevname_pppol2tp(char **argv) if (device_got_set) return 0; - if (!int_option(*argv, &pppol2tp_fd)) + if (!ppp_int_option(*argv, &pppol2tp_fd)) return 0; if(getsockname(pppol2tp_fd, (struct sockaddr *)&s, &len) < 0) { @@ -158,7 +164,7 @@ static int setdevname_pppol2tp(char **argv) /* Setup option defaults. Compression options are disabled! */ - modem = 0; + ppp_set_modem(false); lcp_allowoptions[0].neg_accompression = 1; lcp_wantoptions[0].neg_accompression = 0; @@ -199,7 +205,7 @@ static void disconnect_pppol2tp(void) } static void send_config_pppol2tp(int mtu, - u_int32_t asyncmap, + uint32_t asyncmap, int pcomp, int accomp) { @@ -217,14 +223,14 @@ static void send_config_pppol2tp(int mtu, fd = socket(AF_INET, SOCK_DGRAM, 0); if (fd >= 0) { memset (&ifr, '\0', sizeof (ifr)); - strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); + ppp_get_ifname(ifr.ifr_name, sizeof(ifr.ifr_name)); strlcpy(ifr.ifr_newname, pppol2tp_ifname, sizeof(ifr.ifr_name)); ioctl(fd, SIOCSIFNAME, (caddr_t) &ifr); - strlcpy(ifname, pppol2tp_ifname, 32); + ppp_set_ifname(pppol2tp_ifname); if (pppol2tp_debug_mask & PPPOL2TP_MSG_CONTROL) { dbglog("ppp%d: interface name %s", - ifunit, ifname); + ppp_ifunit(), ppp_ifname()); } } close(fd); @@ -234,7 +240,7 @@ static void send_config_pppol2tp(int mtu, warn("Overriding mtu %d to %d", mtu, lcp_allowoptions[0].mru); mtu = lcp_allowoptions[0].mru; } - netif_set_mtu(ifunit, mtu); + ppp_set_mtu(ppp_ifunit(), mtu); reorderto[0] = '\0'; if (pppol2tp_reorder_timeout > 0) @@ -279,7 +285,7 @@ static void send_config_pppol2tp(int mtu, } static void recv_config_pppol2tp(int mru, - u_int32_t asyncmap, + uint32_t asyncmap, int pcomp, int accomp) { @@ -288,7 +294,7 @@ static void recv_config_pppol2tp(int mru, lcp_allowoptions[0].mru); mru = lcp_allowoptions[0].mru; } - if ((ifunit >= 0) && ioctl(pppol2tp_fd, PPPIOCSMRU, (caddr_t) &mru) < 0) + if ((ppp_ifunit() >= 0) && ioctl(pppol2tp_fd, PPPIOCSMRU, (caddr_t) &mru) < 0) error("Couldn't set PPP MRU: %m"); } @@ -496,22 +502,22 @@ void plugin_init(void) { #if defined(__linux__) extern int new_style_driver; /* From sys-linux.c */ - if (!ppp_available() && !new_style_driver) + if (!ppp_check_kernel_support() && !new_style_driver) fatal("Kernel doesn't support ppp_generic - " "needed for PPPoL2TP"); #else fatal("No PPPoL2TP support on this OS"); #endif - add_options(pppol2tp_options); + ppp_add_options(pppol2tp_options); /* Hook up ip up/down notifiers to send indicator to openl2tpd * that the link is up */ - add_notifier(&ip_up_notifier, pppol2tp_ip_up, NULL); - add_notifier(&ip_down_notifier, pppol2tp_ip_down, NULL); -#ifdef INET6 - add_notifier(&ipv6_up_notifier, pppol2tp_ip_up, NULL); - add_notifier(&ipv6_down_notifier, pppol2tp_ip_down, NULL); + ppp_add_notify(NF_IP_UP, pppol2tp_ip_up, NULL); + ppp_add_notify(NF_IP_DOWN, pppol2tp_ip_down, NULL); +#ifdef PPP_WITH_IPV6CP + ppp_add_notify(NF_IPV6_UP, pppol2tp_ip_up, NULL); + ppp_add_notify(NF_IPV6_DOWN, pppol2tp_ip_down, NULL); #endif } @@ -521,8 +527,8 @@ struct channel pppol2tp_channel = { .check_options = &pppol2tp_check_options, .connect = &connect_pppol2tp, .disconnect = &disconnect_pppol2tp, - .establish_ppp = &generic_establish_ppp, - .disestablish_ppp = &generic_disestablish_ppp, + .establish_ppp = &ppp_generic_establish, + .disestablish_ppp = &ppp_generic_disestablish, .send_config = &send_config_pppol2tp, .recv_config = &recv_config_pppol2tp, .close = NULL, diff --git a/pppd/plugins/radius/avpair.c b/pppd/plugins/radius/avpair.c index 0dc9a85..9b5c39c 100644 --- a/pppd/plugins/radius/avpair.c +++ b/pppd/plugins/radius/avpair.c @@ -31,7 +31,7 @@ static void rc_extract_vendor_specific_attributes(int attrlen, * */ -VALUE_PAIR *rc_avpair_add (VALUE_PAIR **list, int attrid, void *pval, int len, +VALUE_PAIR *rc_avpair_add (VALUE_PAIR **list, int attrid, const void *pval, int len, int vendorcode) { VALUE_PAIR *vp; @@ -57,7 +57,7 @@ VALUE_PAIR *rc_avpair_add (VALUE_PAIR **list, int attrid, void *pval, int len, * */ -int rc_avpair_assign (VALUE_PAIR *vp, void *pval, int len) +int rc_avpair_assign (VALUE_PAIR *vp, const void *pval, int len) { int result = -1; @@ -65,19 +65,19 @@ int rc_avpair_assign (VALUE_PAIR *vp, void *pval, int len) { case PW_TYPE_STRING: - if (((len == 0) && (strlen ((char *) pval)) > AUTH_STRING_LEN) + if (((len == 0) && (strlen ((const char *) pval)) > AUTH_STRING_LEN) || (len > AUTH_STRING_LEN)) { error("rc_avpair_assign: bad attribute length"); return result; } if (len > 0) { - memcpy(vp->strvalue, (char *)pval, len); + memcpy(vp->strvalue, (const char *)pval, len); vp->strvalue[len] = '\0'; vp->lvalue = len; } else { - strncpy ((char*) vp->strvalue, (char *) pval, AUTH_STRING_LEN); - vp->lvalue = strlen((char *) pval); + strncpy ((char*) vp->strvalue, (const char *) pval, AUTH_STRING_LEN); + vp->lvalue = strlen((const char *) pval); } result = 0; @@ -107,7 +107,7 @@ int rc_avpair_assign (VALUE_PAIR *vp, void *pval, int len) * */ -VALUE_PAIR *rc_avpair_new (int attrid, void *pval, int len, int vendorcode) +VALUE_PAIR *rc_avpair_new (int attrid, const void *pval, int len, int vendorcode) { VALUE_PAIR *vp = (VALUE_PAIR *) NULL; DICT_ATTR *pda; diff --git a/pppd/plugins/radius/buildreq.c b/pppd/plugins/radius/buildreq.c index 562790a..c1fda5a 100644 --- a/pppd/plugins/radius/buildreq.c +++ b/pppd/plugins/radius/buildreq.c @@ -327,7 +327,7 @@ int rc_acct_using_server(SERVER *acctserver, if ((adt_vp = rc_avpair_add(&(data.send_pairs), PW_ACCT_DELAY_TIME, &dtime.tv_sec, 0, VENDOR_NONE)) == NULL) return (ERROR_RC); - get_time(&start_time); + ppp_get_time(&start_time); result = ERROR_RC; for(i=0; (i<acctserver->max) && (result != OK_RC) && (result != BADRESP_RC) ; i++) @@ -339,7 +339,7 @@ int rc_acct_using_server(SERVER *acctserver, rc_buildreq(&data, PW_ACCOUNTING_REQUEST, acctserver->name[i], acctserver->port[i], timeout, retries); - get_time(&dtime); + ppp_get_time(&dtime); dtime.tv_sec -= start_time.tv_sec; rc_avpair_assign(adt_vp, &dtime.tv_sec, 0); diff --git a/pppd/plugins/radius/clientid.c b/pppd/plugins/radius/clientid.c index 09ec3d0..b1bbc47 100644 --- a/pppd/plugins/radius/clientid.c +++ b/pppd/plugins/radius/clientid.c @@ -101,7 +101,7 @@ int rc_read_mapfile(char *filename) * Returns: port id, zero if no entry found */ -UINT4 rc_map2id(char *name) +UINT4 rc_map2id(const char *name) { struct map2id_s *p; char ttyname[PATH_MAX]; diff --git a/pppd/plugins/radius/ip_util.c b/pppd/plugins/radius/ip_util.c index 1f6a76e..f443185 100644 --- a/pppd/plugins/radius/ip_util.c +++ b/pppd/plugins/radius/ip_util.c @@ -26,7 +26,7 @@ * Returns: 0 on failure */ -UINT4 rc_get_ipaddr (char *host) +UINT4 rc_get_ipaddr (const char *host) { struct hostent *hp; @@ -51,7 +51,7 @@ UINT4 rc_get_ipaddr (char *host) * */ -int rc_good_ipaddr (char *addr) +int rc_good_ipaddr (const char *addr) { int dot_count; int digit_count; @@ -127,7 +127,7 @@ UINT4 rc_own_ipaddress(void) static UINT4 this_host_ipaddr = 0; if (!this_host_ipaddr) { - if ((this_host_ipaddr = rc_get_ipaddr (hostname)) == 0) { + if ((this_host_ipaddr = rc_get_ipaddr (ppp_hostname())) == 0) { error("rc_own_ipaddress: couldn't get own IP address"); return 0; } diff --git a/pppd/plugins/radius/md5.c b/pppd/plugins/radius/md5.c index 5a3903d..ec3a7dd 100644 --- a/pppd/plugins/radius/md5.c +++ b/pppd/plugins/radius/md5.c @@ -3,7 +3,7 @@ */ #include <stddef.h> -#include <pppd/ppp-crypto.h> +#include <pppd/crypto.h> int rc_md5_calc(unsigned char *out, const unsigned char *in, unsigned int inl) { diff --git a/pppd/plugins/radius/radattr.c b/pppd/plugins/radius/radattr.c index 16f7fba..8db94da 100644 --- a/pppd/plugins/radius/radattr.c +++ b/pppd/plugins/radius/radattr.c @@ -19,6 +19,10 @@ static char const RCSID[] = #include <stdio.h> #include <sys/stat.h> +#include <sys/types.h> +#include <stdint.h> +#include <stdarg.h> +#include <stdbool.h> #include <pppd/pppd.h> #include "radiusclient.h" @@ -47,11 +51,11 @@ plugin_init(void) /* calling cleanup() on link down is problematic because print_attributes() is called only after PAP or CHAP authentication, but not when the link should go up again for any other reason */ - add_notifier(&link_down_notifier, cleanup, NULL); + ppp_add_notify(NF_LINK_DOWN, cleanup, NULL); #endif /* Just in case... */ - add_notifier(&exitnotify, cleanup, NULL); + ppp_add_notify(NF_EXIT, cleanup, NULL); info("RADATTR plugin initialized."); } @@ -75,7 +79,7 @@ print_attributes(VALUE_PAIR *vp) int cnt = 0; mode_t old_umask; - slprintf(fname, sizeof(fname), "/var/run/radattr.%s", ifname); + slprintf(fname, sizeof(fname), "/var/run/radattr.%s", ppp_ifname()); old_umask = umask(077); fp = fopen(fname, "w"); umask(old_umask); @@ -110,7 +114,7 @@ cleanup(void *opaque, int arg) { char fname[512]; - slprintf(fname, sizeof(fname), "/var/run/radattr.%s", ifname); + slprintf(fname, sizeof(fname), "/var/run/radattr.%s", ppp_get_ifname(NULL,0)); (void) remove(fname); dbglog("RADATTR plugin removed file %s.", fname); } diff --git a/pppd/plugins/radius/radius.c b/pppd/plugins/radius/radius.c index c6dfdc1..b4bc896 100644 --- a/pppd/plugins/radius/radius.c +++ b/pppd/plugins/radius/radius.c @@ -33,14 +33,18 @@ static char const RCSID[] = #include <string.h> #include <netinet/in.h> #include <stdlib.h> +#include <stdarg.h> +#include <stdbool.h> #include <pppd/pppd.h> -#include <pppd/chap-new.h> +#include <pppd/options.h> +#include <pppd/chap.h> +#include <pppd/upap.h> #ifdef PPP_WITH_CHAPMS #include <pppd/chap_ms.h> #ifdef PPP_WITH_MPPE #include <pppd/mppe.h> -#include <pppd/ppp-crypto.h> +#include <pppd/crypto.h> #endif #endif #include <pppd/fsm.h> @@ -70,28 +74,20 @@ static option_t Options[] = { { NULL } }; -static int radius_secret_check(void); -static int radius_pap_auth(char *user, - char *passwd, - char **msgp, - struct wordlist **paddrs, - struct wordlist **popts); -static int radius_chap_verify(char *user, char *ourname, int id, - struct chap_digest_type *digest, - unsigned char *challenge, - unsigned char *response, - char *message, int message_space); +static pap_check_hook_fn radius_secret_check; +static pap_auth_hook_fn radius_pap_auth; +static chap_verify_hook_fn radius_chap_verify; static void radius_ip_up(void *opaque, int arg); static void radius_ip_down(void *opaque, int arg); -static void make_username_realm(char *user); +static void make_username_realm(const char *user); static int radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info, struct chap_digest_type *digest, unsigned char *challenge, char *message, int message_space); static void radius_choose_ip(u_int32_t *addrp); static int radius_init(char *msg); -static int get_client_port(char *ifname); +static int get_client_port(const char *ifname); static int radius_allowed_address(u_int32_t addr); static void radius_acct_interim(void *); #ifdef PPP_WITH_MPPE @@ -160,15 +156,15 @@ plugin_init(void) ip_choose_hook = radius_choose_ip; allowed_address_hook = radius_allowed_address; - add_notifier(&ip_up_notifier, radius_ip_up, NULL); - add_notifier(&ip_down_notifier, radius_ip_down, NULL); + ppp_add_notify(NF_IP_UP, radius_ip_up, NULL); + ppp_add_notify(NF_IP_DOWN, radius_ip_down, NULL); memset(&rstate, 0, sizeof(rstate)); strlcpy(rstate.config_file, "/etc/radiusclient/radiusclient.conf", sizeof(rstate.config_file)); - add_options(Options); + ppp_add_options(Options); info("RADIUS plugin initialized."); } @@ -252,6 +248,8 @@ radius_pap_auth(char *user, UINT4 av_type; int result; static char radius_msg[BUF_LEN]; + const char *remote_number; + const char *ipparam; radius_msg[0] = 0; *msgp = radius_msg; @@ -274,7 +272,7 @@ radius_pap_auth(char *user, /* Hack... the "port" is the ppp interface number. Should really be the tty */ - rstate.client_port = get_client_port(portnummap ? devnam : ifname); + rstate.client_port = get_client_port(portnummap ? ppp_devnam() : ppp_ifname()); av_type = PW_FRAMED; rc_avpair_add(&send, PW_SERVICE_TYPE, &av_type, 0, VENDOR_NONE); @@ -284,7 +282,9 @@ radius_pap_auth(char *user, rc_avpair_add(&send, PW_USER_NAME, rstate.user , 0, VENDOR_NONE); rc_avpair_add(&send, PW_USER_PASSWORD, passwd, 0, VENDOR_NONE); - if (*remote_number) { + remote_number = ppp_get_remote_number(); + ipparam = ppp_ipparam(); + if (remote_number) { rc_avpair_add(&send, PW_CALLING_STATION_ID, remote_number, 0, VENDOR_NONE); } else if (ipparam) @@ -349,6 +349,8 @@ radius_chap_verify(char *user, char *ourname, int id, #else REQUEST_INFO *req_info = NULL; #endif + const char *remote_number; + const char *ipparam; challenge_len = *challenge++; response_len = *response++; @@ -374,7 +376,7 @@ radius_chap_verify(char *user, char *ourname, int id, /* Put user with potentially realm added in rstate.user */ if (!rstate.done_chap_once) { make_username_realm(user); - rstate.client_port = get_client_port (portnummap ? devnam : ifname); + rstate.client_port = get_client_port (portnummap ? ppp_devnam() : ppp_ifname()); if (radius_pre_auth_hook) { radius_pre_auth_hook(rstate.user, &rstate.authserver, @@ -451,7 +453,9 @@ radius_chap_verify(char *user, char *ourname, int id, #endif } - if (*remote_number) { + remote_number = ppp_get_remote_number(); + ipparam = ppp_ipparam(); + if (remote_number) { rc_avpair_add(&send, PW_CALLING_STATION_ID, remote_number, 0, VENDOR_NONE); } else if (ipparam) @@ -504,7 +508,7 @@ radius_chap_verify(char *user, char *ourname, int id, * then the default realm from the radiusclient config file is added. ***********************************************************************/ static void -make_username_realm(char *user) +make_username_realm(const char *user) { char *default_realm; @@ -590,27 +594,27 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info, case PW_SESSION_TIMEOUT: /* Session timeout */ - maxconnect = vp->lvalue; + ppp_set_max_connect_time(vp->lvalue); break; case PW_FILTER_ID: /* packet filter, will be handled via ip-(up|down) script */ - script_setenv("RADIUS_FILTER_ID", (char*) vp->strvalue, 1); + ppp_script_setenv("RADIUS_FILTER_ID", (char*) vp->strvalue, 1); break; case PW_FRAMED_ROUTE: /* route, will be handled via ip-(up|down) script */ - script_setenv("RADIUS_FRAMED_ROUTE", (char*) vp->strvalue, 1); + ppp_script_setenv("RADIUS_FRAMED_ROUTE", (char*) vp->strvalue, 1); break; case PW_IDLE_TIMEOUT: /* idle parameter */ - idle_time_limit = vp->lvalue; + ppp_set_max_idle_time(vp->lvalue); break; case PW_SESSION_OCTETS_LIMIT: /* Session traffic limit */ - maxoctets = vp->lvalue; + ppp_set_session_limit(vp->lvalue); break; case PW_OCTETS_DIRECTION: /* Session traffic limit direction check */ - maxoctets_dir = ( vp->lvalue > 4 ) ? 0 : vp->lvalue ; + ppp_set_session_limit_dir(vp->lvalue); break; case PW_ACCT_INTERIM_INTERVAL: /* Send accounting updates every few seconds */ @@ -631,7 +635,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info, } else if (remote != 0xfffffffe) { /* 0xfffffffe means NAS should select an ip address */ remote = htonl(vp->lvalue); - if (bad_ip_adrs (remote)) { + if (ppp_bad_ip_addr (remote)) { slprintf(msg, BUF_LEN, "RADIUS: bad remote IP address %I for %s", remote, rstate.user); return -1; @@ -651,7 +655,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info, } /* else too big for our buffer - ignore it */ break; case PW_FRAMED_MTU: - netif_set_mtu(rstate.client_port,MIN(netif_get_mtu(rstate.client_port),vp->lvalue)); + ppp_set_mtu(rstate.client_port,MIN(ppp_get_mtu(rstate.client_port),vp->lvalue)); break; } @@ -986,6 +990,8 @@ radius_acct_start(void) VALUE_PAIR *send = NULL; ipcp_options *ho = &ipcp_hisoptions[0]; u_int32_t hisaddr; + const char *remote_number; + const char *ipparam; if (!rstate.initialized) { return; @@ -1013,7 +1019,9 @@ radius_acct_start(void) av_type = PW_PPP; rc_avpair_add(&send, PW_FRAMED_PROTOCOL, &av_type, 0, VENDOR_NONE); - if (*remote_number) { + remote_number = ppp_get_remote_number(); + ipparam = ppp_ipparam(); + if (remote_number) { rc_avpair_add(&send, PW_CALLING_STATION_ID, remote_number, 0, VENDOR_NONE); } else if (ipparam) @@ -1023,7 +1031,7 @@ radius_acct_start(void) rc_avpair_add(&send, PW_ACCT_AUTHENTIC, &av_type, 0, VENDOR_NONE); - av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); + av_type = ( ppp_using_pty() ? PW_VIRTUAL : ( ppp_sync_serial() ? PW_SYNC : PW_ASYNC ) ); rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); hisaddr = ho->hisaddr; @@ -1051,7 +1059,7 @@ radius_acct_start(void) /* Kick off periodic accounting reports */ if (rstate.acct_interim_interval) { - TIMEOUT(radius_acct_interim, NULL, rstate.acct_interim_interval); + ppp_timeout(radius_acct_interim, NULL, rstate.acct_interim_interval, 0); } } @@ -1072,13 +1080,16 @@ radius_acct_stop(void) ipcp_options *ho = &ipcp_hisoptions[0]; u_int32_t hisaddr; int result; + const char *remote_number; + const char *ipparam; + ppp_link_stats_st stats; if (!rstate.initialized) { return; } if (rstate.acct_interim_interval) - UNTIMEOUT(radius_acct_interim, NULL); + ppp_untimeout(radius_acct_interim, NULL); rc_avpair_add(&send, PW_ACCT_SESSION_ID, rstate.session_id, 0, VENDOR_NONE); @@ -1101,45 +1112,47 @@ radius_acct_stop(void) av_type = PW_RADIUS; rc_avpair_add(&send, PW_ACCT_AUTHENTIC, &av_type, 0, VENDOR_NONE); + if (ppp_get_link_stats(&stats)) { - if (link_stats_valid) { - av_type = link_connect_time; + av_type = ppp_get_link_uptime(); rc_avpair_add(&send, PW_ACCT_SESSION_TIME, &av_type, 0, VENDOR_NONE); - av_type = link_stats.bytes_out & 0xFFFFFFFF; + av_type = stats.bytes_out & 0xFFFFFFFF; rc_avpair_add(&send, PW_ACCT_OUTPUT_OCTETS, &av_type, 0, VENDOR_NONE); - if (link_stats.bytes_out > 0xFFFFFFFF) { - av_type = link_stats.bytes_out >> 32; + if (stats.bytes_out > 0xFFFFFFFF) { + av_type = stats.bytes_out >> 32; rc_avpair_add(&send, PW_ACCT_OUTPUT_GIGAWORDS, &av_type, 0, VENDOR_NONE); } - av_type = link_stats.bytes_in & 0xFFFFFFFF; + av_type = stats.bytes_in & 0xFFFFFFFF; rc_avpair_add(&send, PW_ACCT_INPUT_OCTETS, &av_type, 0, VENDOR_NONE); - if (link_stats.bytes_in > 0xFFFFFFFF) { - av_type = link_stats.bytes_in >> 32; + if (stats.bytes_in > 0xFFFFFFFF) { + av_type = stats.bytes_in >> 32; rc_avpair_add(&send, PW_ACCT_INPUT_GIGAWORDS, &av_type, 0, VENDOR_NONE); } - av_type = link_stats.pkts_out; + av_type = stats.pkts_out; rc_avpair_add(&send, PW_ACCT_OUTPUT_PACKETS, &av_type, 0, VENDOR_NONE); - av_type = link_stats.pkts_in; + av_type = stats.pkts_in; rc_avpair_add(&send, PW_ACCT_INPUT_PACKETS, &av_type, 0, VENDOR_NONE); } - if (*remote_number) { + remote_number = ppp_get_remote_number(); + ipparam = ppp_ipparam(); + if (remote_number) { rc_avpair_add(&send, PW_CALLING_STATION_ID, remote_number, 0, VENDOR_NONE); } else if (ipparam) rc_avpair_add(&send, PW_CALLING_STATION_ID, ipparam, 0, VENDOR_NONE); - av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); + av_type = ( ppp_using_pty() ? PW_VIRTUAL : ( ppp_sync_serial() ? PW_SYNC : PW_ASYNC ) ); rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); av_type = PW_NAS_ERROR; - switch( status ) { + switch( ppp_status() ) { case EXIT_OK: av_type = PW_USER_REQUEST; break; @@ -1230,6 +1243,9 @@ radius_acct_interim(void *ignored) ipcp_options *ho = &ipcp_hisoptions[0]; u_int32_t hisaddr; int result; + const char *remote_number; + const char *ipparam; + ppp_link_stats_st stats; if (!rstate.initialized) { return; @@ -1256,45 +1272,43 @@ radius_acct_interim(void *ignored) av_type = PW_RADIUS; rc_avpair_add(&send, PW_ACCT_AUTHENTIC, &av_type, 0, VENDOR_NONE); - /* Update link stats */ - update_link_stats(0); + if (ppp_get_link_stats(&stats)) { - if (link_stats_valid) { - link_stats_valid = 0; /* Force later code to update */ - - av_type = link_connect_time; + av_type = ppp_get_link_uptime(); rc_avpair_add(&send, PW_ACCT_SESSION_TIME, &av_type, 0, VENDOR_NONE); - av_type = link_stats.bytes_out & 0xFFFFFFFF; + av_type = stats.bytes_out & 0xFFFFFFFF; rc_avpair_add(&send, PW_ACCT_OUTPUT_OCTETS, &av_type, 0, VENDOR_NONE); - if (link_stats.bytes_out > 0xFFFFFFFF) { - av_type = link_stats.bytes_out >> 32; + if (stats.bytes_out > 0xFFFFFFFF) { + av_type = stats.bytes_out >> 32; rc_avpair_add(&send, PW_ACCT_OUTPUT_GIGAWORDS, &av_type, 0, VENDOR_NONE); } - av_type = link_stats.bytes_in & 0xFFFFFFFF; + av_type = stats.bytes_in & 0xFFFFFFFF; rc_avpair_add(&send, PW_ACCT_INPUT_OCTETS, &av_type, 0, VENDOR_NONE); - if (link_stats.bytes_in > 0xFFFFFFFF) { - av_type = link_stats.bytes_in >> 32; + if (stats.bytes_in > 0xFFFFFFFF) { + av_type = stats.bytes_in >> 32; rc_avpair_add(&send, PW_ACCT_INPUT_GIGAWORDS, &av_type, 0, VENDOR_NONE); } - av_type = link_stats.pkts_out; + av_type = stats.pkts_out; rc_avpair_add(&send, PW_ACCT_OUTPUT_PACKETS, &av_type, 0, VENDOR_NONE); - av_type = link_stats.pkts_in; + av_type = stats.pkts_in; rc_avpair_add(&send, PW_ACCT_INPUT_PACKETS, &av_type, 0, VENDOR_NONE); } - if (*remote_number) { + remote_number = ppp_get_remote_number(); + ipparam = ppp_ipparam(); + if (remote_number) { rc_avpair_add(&send, PW_CALLING_STATION_ID, remote_number, 0, VENDOR_NONE); } else if (ipparam) rc_avpair_add(&send, PW_CALLING_STATION_ID, ipparam, 0, VENDOR_NONE); - av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); + av_type = ( ppp_using_pty() ? PW_VIRTUAL : ( ppp_sync_serial() ? PW_SYNC : PW_ASYNC ) ); rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); hisaddr = ho->hisaddr; @@ -1320,7 +1334,7 @@ radius_acct_interim(void *ignored) rc_avpair_free(send); /* Schedule another one */ - TIMEOUT(radius_acct_interim, NULL, rstate.acct_interim_interval); + ppp_timeout(radius_acct_interim, NULL, rstate.acct_interim_interval, 0); } /********************************************************************** @@ -1417,7 +1431,7 @@ radius_init(char *msg) * Extracts the port number from the interface name ***********************************************************************/ static int -get_client_port(char *ifname) +get_client_port(const char *ifname) { int port; if (sscanf(ifname, "ppp%d", &port) == 1) { diff --git a/pppd/plugins/radius/radiusclient.h b/pppd/plugins/radius/radiusclient.h index 777e120..5292ce1 100644 --- a/pppd/plugins/radius/radiusclient.h +++ b/pppd/plugins/radius/radiusclient.h @@ -20,7 +20,10 @@ #include <sys/types.h> #include <stdio.h> #include <time.h> +#include <stdbool.h> + #include <pppd/pppd.h> +#include <pppd/options.h> #ifndef _UINT4_T /* This works for all machines that Linux runs on... */ @@ -399,9 +402,9 @@ typedef struct env /* avpair.c */ -VALUE_PAIR *rc_avpair_add(VALUE_PAIR **, int, void *, int, int); -int rc_avpair_assign(VALUE_PAIR *, void *, int); -VALUE_PAIR *rc_avpair_new(int, void *, int, int); +VALUE_PAIR *rc_avpair_add(VALUE_PAIR **, int, const void *, int, int); +int rc_avpair_assign(VALUE_PAIR *, const void *, int); +VALUE_PAIR *rc_avpair_new(int, const void *, int, int); VALUE_PAIR *rc_avpair_gen(AUTH_HDR *); VALUE_PAIR *rc_avpair_get(VALUE_PAIR *, UINT4); VALUE_PAIR *rc_avpair_copy(VALUE_PAIR *); @@ -427,7 +430,7 @@ int rc_check(char *, unsigned short, char *); /* clientid.c */ int rc_read_mapfile(char *); -UINT4 rc_map2id(char *); +UINT4 rc_map2id(const char *); /* config.c */ @@ -449,8 +452,8 @@ VENDOR_DICT * rc_dict_getvendor(int); /* ip_util.c */ -UINT4 rc_get_ipaddr(char *); -int rc_good_ipaddr(char *); +UINT4 rc_get_ipaddr(const char *); +int rc_good_ipaddr(const char *); const char *rc_ip_hostname(UINT4); UINT4 rc_own_ipaddress(void); UINT4 rc_own_bind_ipaddress(void); diff --git a/pppd/plugins/radius/radrealms.c b/pppd/plugins/radius/radrealms.c index 27955e0..a0dde00 100644 --- a/pppd/plugins/radius/radrealms.c +++ b/pppd/plugins/radius/radrealms.c @@ -21,6 +21,11 @@ static char const RCSID[] = #include <string.h> #include <stdlib.h> #include <sys/param.h> +#include <stdbool.h> +#include <stdint.h> +#include <stdarg.h> +#include <sys/types.h> + #include <pppd/pppd.h> #include "radiusclient.h" @@ -69,7 +74,7 @@ lookup_realm(char const *user, } if ((fd = fopen(radrealms_config, "r")) == NULL) { - option_error("cannot open %s", radrealms_config); + ppp_option_error("cannot open %s", radrealms_config); free(auths); free(accts); return; @@ -89,7 +94,7 @@ lookup_realm(char const *user, if (p == NULL || (strcmp(p, "authserver") !=0 && strcmp(p, "acctserver"))) { fclose(fd); - option_error("%s: invalid line %d: %s", radrealms_config, + ppp_option_error("%s: invalid line %d: %s", radrealms_config, line, buffer); free(auths); free(accts); @@ -105,7 +110,7 @@ lookup_realm(char const *user, if ((p = strtok(NULL, "\t ")) == NULL) { fclose(fd); - option_error("%s: realm name missing on line %d: %s", + ppp_option_error("%s: realm name missing on line %d: %s", radrealms_config, line, buffer); free(auths); free(accts); @@ -117,7 +122,7 @@ lookup_realm(char const *user, info(" - Matched realm %s", p); if ((p = strtok(NULL, ":")) == NULL) { fclose(fd); - option_error("%s: server address missing on line %d: %s", + ppp_option_error("%s: server address missing on line %d: %s", radrealms_config, line, buffer); free(auths); free(accts); @@ -127,7 +132,7 @@ lookup_realm(char const *user, info(" - Address is '%s'",p); if ((p = strtok(NULL, "\t ")) == NULL) { fclose(fd); - option_error("%s: server port missing on line %d: %s", + ppp_option_error("%s: server port missing on line %d: %s", radrealms_config, line, buffer); free(auths); free(accts); @@ -155,6 +160,6 @@ plugin_init(void) { radius_pre_auth_hook = lookup_realm; - add_options(Options); + ppp_add_options(Options); info("RADIUS Realms plugin initialized."); } diff --git a/pppd/plugins/radius/sendserver.c b/pppd/plugins/radius/sendserver.c index acf78e5..6553b0e 100644 --- a/pppd/plugins/radius/sendserver.c +++ b/pppd/plugins/radius/sendserver.c @@ -17,6 +17,7 @@ #include <includes.h> #include <radiusclient.h> #include <pathnames.h> +#include <signal.h> static void rc_random_vector (unsigned char *); static int rc_check_reply (AUTH_HDR *, int, char *, unsigned char *, unsigned char); @@ -303,7 +304,7 @@ int rc_send_server (SEND_DATA *data, char *msg, REQUEST_INFO *info) FD_SET (sockfd, &readfds); if (select (sockfd + 1, &readfds, NULL, NULL, &authtime) < 0) { - if (errno == EINTR && !got_sigterm) + if (errno == EINTR && !ppp_signaled(SIGTERM)) continue; error("rc_send_server: select: %m"); memset (secret, '\0', sizeof (secret)); diff --git a/pppd/plugins/winbind.c b/pppd/plugins/winbind.c index 1843d6c..7f930df 100644 --- a/pppd/plugins/winbind.c +++ b/pppd/plugins/winbind.c @@ -45,14 +45,20 @@ #include <stdlib.h> #include <errno.h> #include <ctype.h> +#include <stdbool.h> +#include <stdarg.h> +#include <stdint.h> +#include <stdio.h> #include <pppd/pppd.h> -#include <pppd/chap-new.h> +#include <pppd/options.h> +#include <pppd/chap.h> #include <pppd/chap_ms.h> +#include <pppd/upap.h> #include <pppd/fsm.h> #include <pppd/ipcp.h> #include <pppd/mppe.h> -#include <pppd/ppp-crypto.h> +#include <pppd/crypto.h> #define BUF_LEN 1024 @@ -67,7 +73,7 @@ static int set_ntlm_auth(char **argv) p = argv[0]; if (p[0] != '/') { - option_error("ntlm_auth-helper argument must be full path"); + ppp_option_error("ntlm_auth-helper argument must be full path"); return 0; } p = strdup(p); @@ -81,26 +87,16 @@ static int set_ntlm_auth(char **argv) return 1; } -static option_t Options[] = { +static struct option Options[] = { { "ntlm_auth-helper", o_special, (void *) &set_ntlm_auth, "Path to ntlm_auth executable", OPT_PRIV }, { NULL } }; -static int -winbind_secret_check(void); - -static int winbind_pap_auth(char *user, - char *passwd, - char **msgp, - struct wordlist **paddrs, - struct wordlist **popts); -static int winbind_chap_verify(char *user, char *ourname, int id, - struct chap_digest_type *digest, - unsigned char *challenge, - unsigned char *response, - char *message, int message_space); -static int winbind_allowed_address(u_int32_t addr); +static pap_check_hook_fn winbind_secret_check; +static pap_auth_hook_fn winbind_pap_auth; +static chap_verify_hook_fn winbind_chap_verify; +static int winbind_allowed_address(uint32_t addr); char pppd_version[] = PPPD_VERSION; @@ -127,7 +123,7 @@ plugin_init(void) /* Don't ask the peer for anything other than MS-CHAP or MS-CHAP V2 */ chap_mdtype_all &= (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT); - add_options(Options); + ppp_add_options(Options); info("WINBIND plugin initialized."); } @@ -285,7 +281,7 @@ unsigned int run_ntlm_auth(const char *username, return NOT_AUTHENTICATED; } - forkret = safe_fork(child_in[0], child_out[1], 2); + forkret = ppp_safe_fork(child_in[0], child_out[1], 2); if (forkret == -1) { if (error_string) { *error_string = strdup("fork failed!"); @@ -448,7 +444,7 @@ unsigned int run_ntlm_auth(const char *username, return NOT_AUTHENTICATED; } - while ((wait(&status) == -1) && errno == EINTR && !got_sigterm) + while ((wait(&status) == -1) && errno == EINTR && !ppp_signaled(SIGTERM)) ; if ((authenticated == AUTHENTICATED) && nt_key && !got_user_session_key) { @@ -523,7 +519,7 @@ winbind_chap_verify(char *user, char *ourname, int id, int challenge_len, response_len; char domainname[256]; char *domain; - char *username; + const char *username; char *p; unsigned char saresponse[MS_AUTH_RESPONSE_LENGTH+1]; @@ -669,7 +665,7 @@ winbind_chap_verify(char *user, char *ourname, int id, } static int -winbind_allowed_address(u_int32_t addr) +winbind_allowed_address(uint32_t addr) { ipcp_options *wo = &ipcp_wantoptions[0]; if (wo->hisaddr !=0 && wo->hisaddr == addr) { diff --git a/pppd/ppp-des.c b/pppd/ppp-des.c index 695caa4..3ef8f95 100644 --- a/pppd/ppp-des.c +++ b/pppd/ppp-des.c @@ -43,7 +43,7 @@ #include <stdlib.h> #include <string.h> -#include "ppp-crypto-priv.h" +#include "crypto-priv.h" #ifdef OPENSSL_HAVE_DES diff --git a/pppd/ppp-md4.c b/pppd/ppp-md4.c index 305bfa8..aa5fece 100644 --- a/pppd/ppp-md4.c +++ b/pppd/ppp-md4.c @@ -35,7 +35,7 @@ #include <stdio.h> #include <stdlib.h> -#include "ppp-crypto-priv.h" +#include "crypto-priv.h" #ifdef OPENSSL_HAVE_MD4 diff --git a/pppd/ppp-md5.c b/pppd/ppp-md5.c index dffb046..ac39c01 100644 --- a/pppd/ppp-md5.c +++ b/pppd/ppp-md5.c @@ -36,7 +36,7 @@ #include <stdlib.h> #include <string.h> -#include "ppp-crypto-priv.h" +#include "crypto-priv.h" #ifdef OPENSSL_HAVE_MD5 #include <openssl/evp.h> diff --git a/pppd/ppp-sha1.c b/pppd/ppp-sha1.c index 437c8ba..ab4dcd5 100644 --- a/pppd/ppp-sha1.c +++ b/pppd/ppp-sha1.c @@ -36,7 +36,7 @@ #include <stdlib.h> #include <stddef.h> -#include "ppp-crypto-priv.h" +#include "crypto-priv.h" /* #define SHA1HANDSOFF * Copies data before messing with it. */ diff --git a/pppd/pppd-private.h b/pppd/pppd-private.h new file mode 100644 index 0000000..2883e46 --- /dev/null +++ b/pppd/pppd-private.h @@ -0,0 +1,625 @@ +/* + * pppd-private.h - PPP daemon private declarations. + * + * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The name "Carnegie Mellon University" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For permission or any legal + * details, please contact + * Office of Technology Transfer + * Carnegie Mellon University + * 5000 Forbes Avenue + * Pittsburgh, PA 15213-3890 + * (412) 268-4387, fax: (412) 268-7395 + * tech-transfer@andrew.cmu.edu + * + * 4. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by Computing Services + * at Carnegie Mellon University (http://www.cmu.edu/computing/)." + * + * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO + * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE + * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN + * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * $Id: pppd.h,v 1.96 2008/06/23 11:47:18 paulus Exp $ + */ + +#ifndef PPP_PPPD_PRIVATE_H +#define PPP_PPPD_PRIVATE_H + +#include <stdio.h> /* for FILE */ +#include <stdlib.h> /* for encrypt */ +#include <unistd.h> /* for setkey */ +#if defined(SOL2) +#include <net/ppp_defs.h> +#else +#include <linux/ppp_defs.h> +#endif + +#include "pppd.h" + +#ifdef PPP_WITH_IPV6CP +#include "eui64.h" +#endif + +/* + * If PPP_DRV_NAME is not defined, use the default "ppp" as the device name. + * Where should PPP_DRV_NAME come from? Do we include it here? + */ +#if !defined(PPP_DRV_NAME) +#define PPP_DRV_NAME "ppp" +#endif /* !defined(PPP_DRV_NAME) */ + + +#ifndef GIDSET_TYPE +#define GIDSET_TYPE gid_t +#endif + +/* Structure representing a list of permitted IP addresses. */ +struct permitted_ip { + int permit; /* 1 = permit, 0 = forbid */ + u_int32_t base; /* match if (addr & mask) == base */ + u_int32_t mask; /* base and mask are in network byte order */ +}; + +struct notifier { + struct notifier *next; + ppp_notify_fn *func; + void *arg; +}; + +/* + * Global variables. + */ + +extern int hungup; /* Physical layer has disconnected */ +extern int ifunit; /* Interface unit number */ +extern char ifname[]; /* Interface name (IFNAMSIZ) */ +extern char hostname[]; /* Our hostname */ +extern unsigned char outpacket_buf[]; /* Buffer for outgoing packets */ +extern int devfd; /* fd of underlying device */ +extern int fd_ppp; /* fd for talking PPP */ +extern int baud_rate; /* Current link speed in bits/sec */ +extern char *progname; /* Name of this program */ +extern int redirect_stderr;/* Connector's stderr should go to file */ +extern char peer_authname[];/* Authenticated name of peer */ +extern int auth_done[NUM_PPP]; /* Methods actually used for auth */ +extern int privileged; /* We were run by real-uid root */ +extern int need_holdoff; /* Need holdoff period after link terminates */ +extern char **script_env; /* Environment variables for scripts */ +extern int detached; /* Have detached from controlling tty */ +extern GIDSET_TYPE groups[]; /* groups the user is in */ +extern int ngroups; /* How many groups valid in groups */ +extern int link_stats_valid; /* set if link_stats is valid */ +extern int link_stats_print; /* set if link_stats is to be printed on link termination */ +extern int log_to_fd; /* logging to this fd as well as syslog */ +extern bool log_default; /* log_to_fd is default (stdout) */ +extern char *no_ppp_msg; /* message to print if ppp not in kernel */ +extern bool devnam_fixed; /* can no longer change devnam */ +extern int unsuccess; /* # unsuccessful connection attempts */ +extern int do_callback; /* set if we want to do callback next */ +extern int doing_callback; /* set if this is a callback */ +extern int error_count; /* # of times error() has been called */ +extern char ppp_devname[]; /* name of PPP tty (maybe ttypx) */ +extern int fd_devnull; /* fd open to /dev/null */ + +extern int listen_time; /* time to listen first (ms) */ +extern bool bundle_eof; +extern bool bundle_terminating; + +extern struct notifier *pidchange; /* for notifications of pid changing */ +extern struct notifier *phasechange; /* for notifications of phase changes */ +extern struct notifier *exitnotify; /* for notification that we're exiting */ +extern struct notifier *sigreceived; /* notification of received signal */ +extern struct notifier *ip_up_notifier; /* IPCP has come up */ +extern struct notifier *ip_down_notifier; /* IPCP has gone down */ +extern struct notifier *ipv6_up_notifier; /* IPV6CP has come up */ +extern struct notifier *ipv6_down_notifier; /* IPV6CP has gone down */ +extern struct notifier *auth_up_notifier; /* peer has authenticated */ +extern struct notifier *link_down_notifier; /* link has gone down */ +extern struct notifier *fork_notifier; /* we are a new child process */ + + +/* Values for do_callback and doing_callback */ +#define CALLBACK_DIALIN 1 /* we are expecting the call back */ +#define CALLBACK_DIALOUT 2 /* we are dialling out to call back */ + +/* + * Variables set by command-line options. + */ + +extern int debug; /* Debug flag */ +extern int kdebugflag; /* Tell kernel to print debug messages */ +extern int default_device; /* Using /dev/tty or equivalent */ +extern char devnam[]; /* Device name */ +extern char remote_number[MAXNAMELEN]; /* Remote telephone number, if avail. */ +extern int ppp_session_number; /* Session number (eg PPPoE session) */ +extern int crtscts; /* Use hardware flow control */ +extern int stop_bits; /* Number of serial port stop bits */ +extern bool modem; /* Use modem control lines */ +extern int inspeed; /* Input/Output speed requested */ +extern u_int32_t netmask; /* IP netmask to set on interface */ +extern bool lockflag; /* Create lock file to lock the serial dev */ +extern bool nodetach; /* Don't detach from controlling tty */ +#ifdef SYSTEMD +extern bool up_sdnotify; /* Notify systemd once link is up (implies nodetach) */ +#endif +extern bool updetach; /* Detach from controlling tty when link up */ +extern bool master_detach; /* Detach when multilink master without link (options.c) */ +extern char *initializer; /* Script to initialize physical link */ +extern char *connect_script; /* Script to establish physical link */ +extern char *disconnect_script; /* Script to disestablish physical link */ +extern char *welcomer; /* Script to welcome client after connection */ +extern char *ptycommand; /* Command to run on other side of pty */ +extern char user[MAXNAMELEN];/* Our name for authenticating ourselves */ +extern char passwd[MAXSECRETLEN]; /* Password for PAP or CHAP */ +extern bool auth_required; /* Peer is required to authenticate */ +extern bool persist; /* Reopen link after it goes down */ +extern bool uselogin; /* Use /etc/passwd for checking PAP */ +extern bool session_mgmt; /* Do session management (login records) */ +extern char our_name[MAXNAMELEN];/* Our name for authentication purposes */ +extern char remote_name[MAXNAMELEN]; /* Peer's name for authentication */ +extern bool explicit_remote;/* remote_name specified with remotename opt */ +extern bool demand; /* Do dial-on-demand */ +extern char *ipparam; /* Extra parameter for ip up/down scripts */ +extern bool cryptpap; /* Others' PAP passwords are encrypted */ +extern int holdoff; /* Dead time before restarting */ +extern bool holdoff_specified; /* true if user gave a holdoff value */ +extern bool notty; /* Stdin/out is not a tty */ +extern char *pty_socket; /* Socket to connect to pty */ +extern char *record_file; /* File to record chars sent/received */ +extern int maxfail; /* Max # of unsuccessful connection attempts */ +extern char linkname[]; /* logical name for link */ +extern bool tune_kernel; /* May alter kernel settings as necessary */ +extern int connect_delay; /* Time to delay after connect script */ +extern int max_data_rate; /* max bytes/sec through charshunt */ +extern int req_unit; /* interface unit number to use */ +extern char path_ipup[]; /* pathname of ip-up script */ +extern char path_ipdown[]; /* pathname of ip-down script */ +extern char req_ifname[]; /* interface name to use (IFNAMSIZ) */ +extern bool multilink; /* enable multilink operation (options.c) */ +extern bool noendpoint; /* don't send or accept endpt. discrim. */ +extern char *bundle_name; /* bundle name for multilink */ +extern bool dump_options; /* print out option values */ +extern bool show_options; /* show all option names and descriptions */ +extern bool dryrun; /* check everything, print options, exit */ +extern int child_wait; /* # seconds to wait for children at end */ +extern char *current_option; /* the name of the option being parsed */ +extern int privileged_option; /* set iff the current option came from root */ +extern char *option_source; /* string saying where the option came from */ +extern int option_priority; /* priority of current options */ + +#ifdef PPP_WITH_IPV6CP +extern char path_ipv6up[]; /* pathname of ipv6-up script */ +extern char path_ipv6down[]; /* pathname of ipv6-down script */ +#endif + +#if defined(PPP_WITH_EAPTLS) || defined(PPP_WITH_PEAP) +#define TLS_VERIFY_NONE "none" +#define TLS_VERIFY_NAME "name" +#define TLS_VERIFY_SUBJECT "subject" +#define TLS_VERIFY_SUFFIX "suffix" + +extern char *crl_dir; +extern char *crl_file; +extern char *ca_path; +extern char *cacert_file; + +extern char *max_tls_version; +extern bool tls_verify_key_usage; +extern char *tls_verify_method; +#endif /* PPP_WITH_EAPTLS || PPP_WITH_PEAP */ + +#ifdef PPP_WITH_EAPTLS +extern char *pkcs12_file; +#endif /* PPP_WITH_EAPTLS */ + +typedef enum { + PPP_OCTETS_DIRECTION_SUM, + PPP_OCTETS_DIRECTION_IN, + PPP_OCTETS_DIRECTION_OUT, + PPP_OCTETS_DIRECTION_MAXOVERAL, + PPP_OCTETS_DIRECTION_MAXSESSION /* Same as MAXOVERALL, but a little different for RADIUS */ +} session_limit_dir_t; + +extern unsigned int maxoctets; /* Maximum octetes per session (in bytes) */ +extern session_limit_dir_t maxoctets_dir; /* Direction */ +extern int maxoctets_timeout; /* Timeout for check of octets limit */ + +#ifdef PPP_WITH_FILTER +extern struct bpf_program pass_filter; /* Filter for pkts to pass */ +extern struct bpf_program active_filter; /* Filter for link-active pkts */ +#endif + +#ifdef PPP_WITH_MSLANMAN +extern bool ms_lanman; /* Use LanMan password instead of NT */ + /* Has meaning only with MS-CHAP challenges */ +#endif + +/* Values for auth_pending, auth_done */ +#define PAP_WITHPEER 0x1 +#define PAP_PEER 0x2 +#define CHAP_WITHPEER 0x4 +#define CHAP_PEER 0x8 +#define EAP_WITHPEER 0x10 +#define EAP_PEER 0x20 + +/* Values for auth_done only */ +#define CHAP_MD5_WITHPEER 0x40 +#define CHAP_MD5_PEER 0x80 +#define CHAP_MS_SHIFT 8 /* LSB position for MS auths */ +#define CHAP_MS_WITHPEER 0x100 +#define CHAP_MS_PEER 0x200 +#define CHAP_MS2_WITHPEER 0x400 +#define CHAP_MS2_PEER 0x800 + + +/* + * This structure contains environment variables that are set or unset + * by the user. + */ +struct userenv { + struct userenv *ue_next; + char *ue_value; /* value (set only) */ + bool ue_isset; /* 1 for set, 0 for unset */ + bool ue_priv; /* from privileged source */ + const char *ue_source; /* source name */ + char ue_name[1]; /* variable name */ +}; + +extern struct userenv *userenv_list; + +/* + * Prototypes. + */ + +/* Procedures exported from main.c. */ +void set_ifunit(int); /* set stuff that depends on ifunit */ +void detach(void); /* Detach from controlling tty */ +void die(int); /* Cleanup and exit */ +void quit(void); /* like die(1) */ + +void record_child(int, char *, void (*) (void *), void *, int); +int device_script(char *cmd, int in, int out, int dont_wait); + /* Run `cmd' with given stdin and stdout */ +pid_t run_program(char *prog, char * const * args, int must_exist, + void (*done)(void *), void *arg, int wait); + /* Run program prog with args in child */ +void reopen_log(void); /* (re)open the connection to syslog */ +void print_link_stats(void); /* Print stats, if available */ +void reset_link_stats(int); /* Reset (init) stats when link goes up */ +void new_phase(ppp_phase_t); /* signal start of new phase */ +bool in_phase(ppp_phase_t); +void notify(struct notifier *, int); +int ppp_send_config(int, int, u_int32_t, int, int); +int ppp_recv_config(int, int, u_int32_t, int, int); +const char *protocol_name(int); +void remove_pidfiles(void); +void lock_db(void); +void unlock_db(void); + +/* Procedures exported from tty.c. */ +void tty_init(void); + +void print_string(char *, int, printer_func, void *); + /* Format a string for output */ +ssize_t complete_read(int, void *, size_t); + /* read a complete buffer */ + +/* Procedures exported from auth.c */ +void link_required(int); /* we are starting to use the link */ +void start_link(int); /* bring the link up now */ +void link_terminated(int); /* we are finished with the link */ +void link_down(int); /* the LCP layer has left the Opened state */ +void upper_layers_down(int);/* take all NCPs down */ +void link_established(int); /* the link is up; authenticate now */ +void start_networks(int); /* start all the network control protos */ +void continue_networks(int); /* start network [ip, etc] control protos */ +void np_up(int, int); /* a network protocol has come up */ +void np_down(int, int); /* a network protocol has gone down */ +void np_finished(int, int); /* a network protocol no longer needs link */ +void auth_peer_fail(int, int); + /* peer failed to authenticate itself */ +void auth_peer_success(int, int, int, char *, int); + /* peer successfully authenticated itself */ +void auth_withpeer_fail(int, int); + /* we failed to authenticate ourselves */ +void auth_withpeer_success(int, int, int); + /* we successfully authenticated ourselves */ +void auth_check_options(void); + /* check authentication options supplied */ +void auth_reset(int); /* check what secrets we have */ +int check_passwd(int, char *, int, char *, int, char **); + /* Check peer-supplied username/password */ +int get_secret(int, char *, char *, char *, int *, int); + /* get "secret" for chap */ +int get_srp_secret(int unit, char *client, char *server, char *secret, + int am_server); +int auth_ip_addr(int, u_int32_t); + /* check if IP address is authorized */ +int auth_number(void); /* check if remote number is authorized */ + +/* Procedures exported from demand.c */ +void demand_conf(void); /* config interface(s) for demand-dial */ +void demand_block(void); /* set all NPs to queue up packets */ +void demand_unblock(void); /* set all NPs to pass packets */ +void demand_discard(void); /* set all NPs to discard packets */ +void demand_rexmit(int); /* retransmit saved frames for an NP */ +int loop_chars(unsigned char *, int); /* process chars from loopback */ +int loop_frame(unsigned char *, int); /* should we bring link up? */ + +/* Procedures exported from sys-*.c */ +void sys_init(void); /* Do system-dependent initialization */ +void sys_cleanup(void); /* Restore system state before exiting */ +int sys_check_options(void); /* Check options specified */ +int get_pty(int *, int *, char *, int); /* Get pty master/slave */ +int open_ppp_loopback(void); /* Open loopback for demand-dialling */ +int tty_establish_ppp(int); /* Turn serial port into a ppp interface */ +void tty_disestablish_ppp(int); /* Restore port to normal operation */ +void make_new_bundle(int, int, int, int); /* Create new bundle */ +int bundle_attach(int); /* Attach link to existing bundle */ +void cfg_bundle(int, int, int, int); /* Configure existing bundle */ +void destroy_bundle(void); /* Tell driver to destroy bundle */ +void clean_check(void); /* Check if line was 8-bit clean */ +void set_up_tty(int, int); /* Set up port's speed, parameters, etc. */ +void restore_tty(int); /* Restore port's original parameters */ +void setdtr(int, int); /* Raise or lower port's DTR line */ +void output(int, unsigned char *, int); /* Output a PPP packet */ +void wait_input(struct timeval *); + /* Wait for input, with timeout */ +void add_fd(int); /* Add fd to set to wait for */ +void remove_fd(int); /* Remove fd from set to wait for */ +int read_packet(unsigned char *); /* Read PPP packet */ +int get_loop_output(void); /* Read pkts from loopback */ +void tty_send_config(int, u_int32_t, int, int); + /* Configure i/f transmit parameters */ +void tty_set_xaccm(ext_accm); + /* Set extended transmit ACCM */ +void tty_recv_config(int, u_int32_t, int, int); + /* Configure i/f receive parameters */ +int ccp_test(int, unsigned char *, int, int); + /* Test support for compression scheme */ +void ccp_flags_set(int, int, int); + /* Set kernel CCP state */ +int ccp_fatal_error(int); /* Test for fatal decomp error in kernel */ +int get_idle_time(int, struct ppp_idle *); + /* Find out how long link has been idle */ +int get_ppp_stats(int, struct pppd_stats *); + /* Return link statistics */ +int sifvjcomp(int, int, int, int); + /* Configure VJ TCP header compression */ +int sifup(int); /* Configure i/f up for one protocol */ +int sifnpmode(int u, int proto, enum NPmode mode); + /* Set mode for handling packets for proto */ +int sifdown(int); /* Configure i/f down for one protocol */ +int sifaddr(int, u_int32_t, u_int32_t, u_int32_t); + /* Configure IPv4 addresses for i/f */ +int cifaddr(int, u_int32_t, u_int32_t); + /* Reset i/f IP addresses */ +#ifdef PPP_WITH_IPV6CP +int sif6up(int); /* Configure i/f up for IPv6 */ +int sif6down(int); /* Configure i/f down for IPv6 */ +int sif6addr(int, eui64_t, eui64_t); + /* Configure IPv6 addresses for i/f */ +int cif6addr(int, eui64_t, eui64_t); + /* Remove an IPv6 address from i/f */ +#endif +int sifdefaultroute(int, u_int32_t, u_int32_t, bool replace_default_rt); + /* Create default route through i/f */ +int cifdefaultroute(int, u_int32_t, u_int32_t); + /* Delete default route through i/f */ +#ifdef PPP_WITH_IPV6CP +int sif6defaultroute(int, eui64_t, eui64_t); + /* Create default IPv6 route through i/f */ +int cif6defaultroute(int, eui64_t, eui64_t); + /* Delete default IPv6 route through i/f */ +#endif +int sifproxyarp(int, u_int32_t); + /* Add proxy ARP entry for peer */ +int cifproxyarp(int, u_int32_t); + /* Delete proxy ARP entry for peer */ +u_int32_t GetMask(u_int32_t); /* Get appropriate netmask for address */ +int lock(char *); /* Create lock file for device */ +int relock(int); /* Rewrite lock file with new pid */ +void unlock(void); /* Delete previously-created lock file */ +void logwtmp(const char *, const char *, const char *); + /* Write entry to wtmp file */ +int get_host_seed(void); /* Get host-dependent random number seed */ +int have_route_to(u_int32_t); /* Check if route to addr exists */ +#ifdef PPP_WITH_FILTER +int set_filters(struct bpf_program *pass, struct bpf_program *active); + /* Set filter programs in kernel */ +#endif +int get_if_hwaddr(unsigned char *addr, char *name); +int get_first_ether_hwaddr(unsigned char *addr); + +/* Procedures exported from options.c */ +int setipaddr(char *, char **, int); /* Set local/remote ip addresses */ +int parse_args(int argc, char **argv); + /* Parse options from arguments given */ +int getword(FILE *f, char *word, int *newlinep, char *filename); + /* Read a word from a file */ +int options_from_user(void); /* Parse options from user's .ppprc */ +int options_for_tty(void); /* Parse options from /etc/ppp/options.tty */ +struct wordlist; +int options_from_list(struct wordlist *, int privileged); + /* Parse options from a wordlist */ +void check_options(void); /* check values after all options parsed */ +int override_value(char *, int, const char *); + /* override value if permitted by priority */ +void print_options(printer_func, void *); + /* print out values of all options */ +void showopts(void); + /* show all option names and description */ +int parse_dotted_ip(char *, u_int32_t *); + +/* + * Inline versions of get/put char/short/long. + * Pointer is advanced; we assume that both arguments + * are lvalues and will already be in registers. + * cp MUST be unsigned char *. + */ +#define GETCHAR(c, cp) { \ + (c) = *(cp)++; \ +} +#define PUTCHAR(c, cp) { \ + *(cp)++ = (unsigned char) (c); \ +} + + +#define GETSHORT(s, cp) { \ + (s) = *(cp)++ << 8; \ + (s) |= *(cp)++; \ +} +#define PUTSHORT(s, cp) { \ + *(cp)++ = (unsigned char) ((s) >> 8); \ + *(cp)++ = (unsigned char) (s); \ +} + +#define GETLONG(l, cp) { \ + (l) = *(cp)++ << 8; \ + (l) |= *(cp)++; (l) <<= 8; \ + (l) |= *(cp)++; (l) <<= 8; \ + (l) |= *(cp)++; \ +} +#define PUTLONG(l, cp) { \ + *(cp)++ = (unsigned char) ((l) >> 24); \ + *(cp)++ = (unsigned char) ((l) >> 16); \ + *(cp)++ = (unsigned char) ((l) >> 8); \ + *(cp)++ = (unsigned char) (l); \ +} + +#define INCPTR(n, cp) ((cp) += (n)) +#define DECPTR(n, cp) ((cp) -= (n)) + +/* + * System dependent definitions for user-level 4.3BSD UNIX implementation. + */ + +#define TIMEOUT(r, f, t) ppp_timeout((r), (f), (t), 0) +#define UNTIMEOUT(r, f) ppp_untimeout((r), (f)) + +#define BCOPY(s, d, l) memcpy(d, s, l) +#define BZERO(s, n) memset(s, 0, n) +#define BCMP(s1, s2, l) memcmp(s1, s2, l) + +#define PRINTMSG(m, l) { info("Remote message: %0.*v", l, m); } + +/* + * MAKEHEADER - Add Header fields to a packet. + */ +#define MAKEHEADER(p, t) { \ + PUTCHAR(PPP_ALLSTATIONS, p); \ + PUTCHAR(PPP_UI, p); \ + PUTSHORT(t, p); } + +/* + * Debug macros. Slightly useful for finding bugs in pppd, not particularly + * useful for finding out why your connection isn't being established. + */ +#ifdef DEBUGALL +#define DEBUGMAIN 1 +#define DEBUGFSM 1 +#define DEBUGLCP 1 +#define DEBUGIPCP 1 +#define DEBUGIPV6CP 1 +#define DEBUGUPAP 1 +#define DEBUGCHAP 1 +#endif + +#ifndef LOG_PPP /* we use LOG_LOCAL2 for syslog by default */ +#if defined(DEBUGMAIN) || defined(DEBUGFSM) || defined(DEBUGSYS) \ + || defined(DEBUGLCP) || defined(DEBUGIPCP) || defined(DEBUGUPAP) \ + || defined(DEBUGCHAP) || defined(DEBUG) || defined(DEBUGIPV6CP) +#define LOG_PPP LOG_LOCAL2 +#else +#define LOG_PPP LOG_DAEMON +#endif +#endif /* LOG_PPP */ + +#ifdef DEBUGMAIN +#define MAINDEBUG(x) if (debug) dbglog x +#else +#define MAINDEBUG(x) +#endif + +#ifdef DEBUGSYS +#define SYSDEBUG(x) if (debug) dbglog x +#else +#define SYSDEBUG(x) +#endif + +#ifdef DEBUGFSM +#define FSMDEBUG(x) if (debug) dbglog x +#else +#define FSMDEBUG(x) +#endif + +#ifdef DEBUGLCP +#define LCPDEBUG(x) if (debug) dbglog x +#else +#define LCPDEBUG(x) +#endif + +#ifdef DEBUGIPCP +#define IPCPDEBUG(x) if (debug) dbglog x +#else +#define IPCPDEBUG(x) +#endif + +#ifdef DEBUGIPV6CP +#define IPV6CPDEBUG(x) if (debug) dbglog x +#else +#define IPV6CPDEBUG(x) +#endif + +#ifdef DEBUGUPAP +#define UPAPDEBUG(x) if (debug) dbglog x +#else +#define UPAPDEBUG(x) +#endif + +#ifdef DEBUGCHAP +#define CHAPDEBUG(x) if (debug) dbglog x +#else +#define CHAPDEBUG(x) +#endif + +#ifndef SIGTYPE +#if defined(sun) || defined(SYSV) || defined(POSIX_SOURCE) +#define SIGTYPE void +#else +#define SIGTYPE int +#endif /* defined(sun) || defined(SYSV) || defined(POSIX_SOURCE) */ +#endif /* SIGTYPE */ + +#ifndef MIN +#define MIN(a, b) ((a) < (b)? (a): (b)) +#endif +#ifndef MAX +#define MAX(a, b) ((a) > (b)? (a): (b)) +#endif + +#ifndef offsetof +#define offsetof(type, member) ((size_t) &((type *)0)->member) +#endif + +#endif diff --git a/pppd/pppd.h b/pppd/pppd.h index d4bc043..135fd35 100644 --- a/pppd/pppd.h +++ b/pppd/pppd.h @@ -38,159 +38,118 @@ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * $Id: pppd.h,v 1.96 2008/06/23 11:47:18 paulus Exp $ */ #ifndef PPP_PPPD_H #define PPP_PPPD_H -#include "pppdconf.h" - -#include <stdio.h> /* for FILE */ -#include <stdlib.h> /* for encrypt */ -#include <unistd.h> /* for setkey */ +#ifdef HAVE_STDARG_H #include <stdarg.h> -#include <stdint.h> -#include <sys/types.h> /* for u_int32_t, if defined */ -#if defined(SOL2) -#include <net/ppp_defs.h> -#else -#include <linux/ppp_defs.h> #endif -#ifdef PPP_WITH_IPV6CP -#if defined(SOL2) -#include <netinet/in.h> - -typedef union { - uint8_t e8[8]; /* lower 64-bit IPv6 address */ - uint32_t e32[2]; /* lower 64-bit IPv6 address */ -} eui64_t; - -/* - * Declare the two below, since in.h only defines them when _KERNEL - * is declared - which shouldn't be true when dealing with user-land programs - */ -#define s6_addr8 _S6_un._S6_u8 -#define s6_addr32 _S6_un._S6_u32 +#ifdef HAVE_STDBOOL_H +#include <stdbool.h> +#endif -#else /* else if not defined(SOL2) */ +#ifdef HAVE_STDDEF_H +#include <stddef.h> +#endif -/* - * TODO: - * - * Maybe this should be done by processing struct in6_addr directly... - */ -typedef union -{ - u_int8_t e8[8]; - u_int16_t e16[4]; - u_int32_t e32[2]; -} eui64_t; +#ifdef HAVE_STDINT_H +#include <stdint.h> +#endif -#endif /* defined(SOL2) */ +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> #endif +#include "pppdconf.h" + /* - * Limits. + * Limits */ - #define NUM_PPP 1 /* One PPP interface supported (per process) */ #define MAXWORDLEN 1024 /* max length of word in file (incl null) */ #define MAXARGS 1 /* max # args to a command */ #define MAXNAMELEN 256 /* max length of hostname or name for auth */ #define MAXSECRETLEN 256 /* max length of password or secret */ + /* - * If PPP_DRV_NAME is not defined, use the default "ppp" as the device name. - * Where should PPP_DRV_NAME come from? Do we include it here? + * Values for phase. */ -#if !defined(PPP_DRV_NAME) -#define PPP_DRV_NAME "ppp" -#endif /* !defined(PPP_DRV_NAME) */ +typedef enum ppp_phase +{ + PHASE_DEAD, + PHASE_INITIALIZE, + PHASE_SERIALCONN, + PHASE_DORMANT, + PHASE_ESTABLISH, + PHASE_AUTHENTICATE, + PHASE_CALLBACK, + PHASE_NETWORK, + PHASE_RUNNING, + PHASE_TERMINATE, + PHASE_DISCONNECT, + PHASE_HOLDOFF, + PHASE_MASTER, +} ppp_phase_t; /* - * Option descriptor structure. + * Values for exit codes */ +typedef enum ppp_exit_code +{ + EXIT_OK = 0, + EXIT_FATAL_ERROR = 1, + EXIT_OPTION_ERROR = 2, + EXIT_NOT_ROOT = 3, + EXIT_NO_KERNEL_SUPPORT = 4, + EXIT_USER_REQUEST = 5, + EXIT_LOCK_FAILED = 6, + EXIT_OPEN_FAILED = 7, + EXIT_CONNECT_FAILED = 8, + EXIT_PTYCMD_FAILED = 9, + EXIT_NEGOTIATION_FAILED = 10, + EXIT_PEER_AUTH_FAILED = 11, + EXIT_IDLE_TIMEOUT = 12, + EXIT_CONNECT_TIME = 13, + EXIT_CALLBACK = 14, + EXIT_PEER_DEAD = 15, + EXIT_HANGUP = 16, + EXIT_LOOPBACK = 17, + EXIT_INIT_FAILED = 18, + EXIT_AUTH_TOPEER_FAILED = 19, + EXIT_TRAFFIC_LIMIT = 20, + EXIT_CNID_AUTH_FAILED = 21 +} ppp_exit_code_t; -typedef unsigned char bool; - -enum opt_type { - o_special_noarg = 0, - o_special = 1, - o_bool, - o_int, - o_uint32, - o_string, - o_wild -}; - -typedef struct { - char *name; /* name of the option */ - enum opt_type type; - void *addr; - char *description; - unsigned int flags; - void *addr2; - int upper_limit; - int lower_limit; - const char *source; - short int priority; - short int winner; -} option_t; - -/* Values for flags */ -#define OPT_VALUE 0xff /* mask for presupplied value */ -#define OPT_HEX 0x100 /* int option is in hex */ -#define OPT_NOARG 0x200 /* option doesn't take argument */ -#define OPT_OR 0x400 /* for u32, OR in argument to value */ -#define OPT_INC 0x400 /* for o_int, increment value */ -#define OPT_A2OR 0x800 /* for o_bool, OR arg to *(u_char *)addr2 */ -#define OPT_PRIV 0x1000 /* privileged option */ -#define OPT_STATIC 0x2000 /* string option goes into static array */ -#define OPT_NOINCR 0x2000 /* for o_int, value mustn't be increased */ -#define OPT_LLIMIT 0x4000 /* check value against lower limit */ -#define OPT_ULIMIT 0x8000 /* check value against upper limit */ -#define OPT_LIMITS (OPT_LLIMIT|OPT_ULIMIT) -#define OPT_ZEROOK 0x10000 /* 0 value is OK even if not within limits */ -#define OPT_HIDE 0x10000 /* for o_string, print value as ?????? */ -#define OPT_A2LIST 0x20000 /* for o_special, keep list of values */ -#define OPT_A2CLRB 0x20000 /* o_bool, clr val bits in *(u_char *)addr2 */ -#define OPT_ZEROINF 0x40000 /* with OPT_NOINCR, 0 == infinity */ -#define OPT_PRIO 0x80000 /* process option priorities for this option */ -#define OPT_PRIOSUB 0x100000 /* subsidiary member of priority group */ -#define OPT_ALIAS 0x200000 /* option is alias for previous option */ -#define OPT_A2COPY 0x400000 /* addr2 -> second location to rcv value */ -#define OPT_ENABLE 0x800000 /* use *addr2 as enable for option */ -#define OPT_A2CLR 0x1000000 /* clear *(bool *)addr2 */ -#define OPT_PRIVFIX 0x2000000 /* user can't override if set by root */ -#define OPT_INITONLY 0x4000000 /* option can only be set in init phase */ -#define OPT_DEVEQUIV 0x8000000 /* equiv to device name */ -#define OPT_DEVNAM (OPT_INITONLY | OPT_DEVEQUIV) -#define OPT_A2PRINTER 0x10000000 /* *addr2 printer_func to print option */ -#define OPT_A2STRVAL 0x20000000 /* *addr2 points to current string value */ -#define OPT_NOPRINT 0x40000000 /* don't print this option at all */ - -#define OPT_VAL(x) ((x) & OPT_VALUE) - -/* Values for priority */ -#define OPRIO_DEFAULT 0 /* a default value */ -#define OPRIO_CFGFILE 1 /* value from a configuration file */ -#define OPRIO_CMDLINE 2 /* value from the command line */ -#define OPRIO_SECFILE 3 /* value from options in a secrets file */ -#define OPRIO_ROOT 100 /* added to priority if OPT_PRIVFIX && root */ - -#ifndef GIDSET_TYPE -#define GIDSET_TYPE gid_t -#endif - -/* Structure representing a list of permitted IP addresses. */ -struct permitted_ip { - int permit; /* 1 = permit, 0 = forbid */ - u_int32_t base; /* match if (addr & mask) == base */ - u_int32_t mask; /* base and mask are in network byte order */ -}; +/* + * Type of notifier callbacks + */ +typedef enum +{ + NF_PID_CHANGE, + NF_PHASE_CHANGE, + NF_EXIT, + NF_SIGNALED, + NF_IP_UP, + NF_IP_DOWN, + NF_IPV6_UP, + NF_IPV6_DOWN, + NF_AUTH_UP, + NF_LINK_DOWN, + NF_FORK, + NF_MAX_NOTIFY +} ppp_notify_t; + +typedef enum +{ + PPP_DIR_LOG, + PPP_DIR_RUNTIME, + PPP_DIR_CONF, + PPP_DIR_PLUGIN, +} ppp_path_t; /* * Unfortunately, the linux kernel driver uses a different structure @@ -198,268 +157,36 @@ struct permitted_ip { * This structure serves as a common representation for the bits * pppd needs. */ -struct pppd_stats { +struct pppd_stats +{ uint64_t bytes_in; uint64_t bytes_out; unsigned int pkts_in; unsigned int pkts_out; }; +typedef struct pppd_stats ppp_link_stats_st; -/* Used for storing a sequence of words. Usually malloced. */ +/* + * Used for storing a sequence of words. Usually malloced. + */ struct wordlist { struct wordlist *next; char *word; }; -/* An endpoint discriminator, used with multilink. */ -#define MAX_ENDP_LEN 20 /* maximum length of discriminator value */ -struct epdisc { - unsigned char class; - unsigned char length; - unsigned char value[MAX_ENDP_LEN]; -}; - -/* values for epdisc.class */ -#define EPD_NULL 0 /* null discriminator, no data */ -#define EPD_LOCAL 1 -#define EPD_IP 2 -#define EPD_MAC 3 -#define EPD_MAGIC 4 -#define EPD_PHONENUM 5 - -typedef void (*notify_func)(void *, int); +struct option; typedef void (*printer_func)(void *, char *, ...); -struct notifier { - struct notifier *next; - notify_func func; - void *arg; -}; - -/* - * Global variables. - */ - -extern int got_sigterm; /* SIGINT or SIGTERM was received */ -extern int hungup; /* Physical layer has disconnected */ -extern int ifunit; /* Interface unit number */ -extern char ifname[]; /* Interface name (IFNAMSIZ) */ -extern char hostname[]; /* Our hostname */ -extern u_char outpacket_buf[]; /* Buffer for outgoing packets */ -extern int devfd; /* fd of underlying device */ -extern int fd_ppp; /* fd for talking PPP */ -extern int phase; /* Current state of link - see values below */ -extern int baud_rate; /* Current link speed in bits/sec */ -extern char *progname; /* Name of this program */ -extern int redirect_stderr;/* Connector's stderr should go to file */ -extern char peer_authname[];/* Authenticated name of peer */ -extern int auth_done[NUM_PPP]; /* Methods actually used for auth */ -extern int privileged; /* We were run by real-uid root */ -extern int need_holdoff; /* Need holdoff period after link terminates */ -extern char **script_env; /* Environment variables for scripts */ -extern int detached; /* Have detached from controlling tty */ -extern GIDSET_TYPE groups[]; /* groups the user is in */ -extern int ngroups; /* How many groups valid in groups */ -extern struct pppd_stats link_stats; /* byte/packet counts etc. for link */ -extern int link_stats_valid; /* set if link_stats is valid */ -extern unsigned link_connect_time; /* time the link was up for */ -extern int using_pty; /* using pty as device (notty or pty opt.) */ -extern int log_to_fd; /* logging to this fd as well as syslog */ -extern bool log_default; /* log_to_fd is default (stdout) */ -extern char *no_ppp_msg; /* message to print if ppp not in kernel */ -extern volatile int status; /* exit status for pppd */ -extern bool devnam_fixed; /* can no longer change devnam */ -extern int unsuccess; /* # unsuccessful connection attempts */ -extern int do_callback; /* set if we want to do callback next */ -extern int doing_callback; /* set if this is a callback */ -extern int error_count; /* # of times error() has been called */ -extern char ppp_devnam[]; /* name of PPP tty (maybe ttypx) */ -extern char remote_number[MAXNAMELEN]; /* Remote telephone number, if avail. */ -extern int ppp_session_number; /* Session number (eg PPPoE session) */ -extern int fd_devnull; /* fd open to /dev/null */ - -extern int listen_time; /* time to listen first (ms) */ -extern bool doing_multilink; -extern bool multilink_master; -extern bool bundle_eof; -extern bool bundle_terminating; - -extern struct notifier *pidchange; /* for notifications of pid changing */ -extern struct notifier *phasechange; /* for notifications of phase changes */ -extern struct notifier *exitnotify; /* for notification that we're exiting */ -extern struct notifier *sigreceived; /* notification of received signal */ -extern struct notifier *ip_up_notifier; /* IPCP has come up */ -extern struct notifier *ip_down_notifier; /* IPCP has gone down */ -extern struct notifier *ipv6_up_notifier; /* IPV6CP has come up */ -extern struct notifier *ipv6_down_notifier; /* IPV6CP has gone down */ -extern struct notifier *auth_up_notifier; /* peer has authenticated */ -extern struct notifier *link_down_notifier; /* link has gone down */ -extern struct notifier *fork_notifier; /* we are a new child process */ - -/* Values for do_callback and doing_callback */ -#define CALLBACK_DIALIN 1 /* we are expecting the call back */ -#define CALLBACK_DIALOUT 2 /* we are dialling out to call back */ - -/* - * Variables set by command-line options. - */ - -extern int debug; /* Debug flag */ -extern int kdebugflag; /* Tell kernel to print debug messages */ -extern int default_device; /* Using /dev/tty or equivalent */ -extern char devnam[]; /* Device name */ -extern int crtscts; /* Use hardware flow control */ -extern int stop_bits; /* Number of serial port stop bits */ -extern bool modem; /* Use modem control lines */ -extern int inspeed; /* Input/Output speed requested */ -extern u_int32_t netmask; /* IP netmask to set on interface */ -extern bool lockflag; /* Create lock file to lock the serial dev */ -extern bool nodetach; /* Don't detach from controlling tty */ -#ifdef SYSTEMD -extern bool up_sdnotify; /* Notify systemd once link is up (implies nodetach) */ -#endif -extern bool updetach; /* Detach from controlling tty when link up */ -extern bool master_detach; /* Detach when multilink master without link */ -extern char *initializer; /* Script to initialize physical link */ -extern char *connect_script; /* Script to establish physical link */ -extern char *disconnect_script; /* Script to disestablish physical link */ -extern char *welcomer; /* Script to welcome client after connection */ -extern char *ptycommand; /* Command to run on other side of pty */ -extern int maxconnect; /* Maximum connect time (seconds) */ -extern char user[MAXNAMELEN];/* Our name for authenticating ourselves */ -extern char passwd[MAXSECRETLEN]; /* Password for PAP or CHAP */ -extern bool auth_required; /* Peer is required to authenticate */ -extern bool persist; /* Reopen link after it goes down */ -extern bool uselogin; /* Use /etc/passwd for checking PAP */ -extern bool session_mgmt; /* Do session management (login records) */ -extern char our_name[MAXNAMELEN];/* Our name for authentication purposes */ -extern char remote_name[MAXNAMELEN]; /* Peer's name for authentication */ -extern bool explicit_remote;/* remote_name specified with remotename opt */ -extern bool demand; /* Do dial-on-demand */ -extern char *ipparam; /* Extra parameter for ip up/down scripts */ -extern bool cryptpap; /* Others' PAP passwords are encrypted */ -extern int idle_time_limit;/* Shut down link if idle for this long */ -extern int holdoff; /* Dead time before restarting */ -extern bool holdoff_specified; /* true if user gave a holdoff value */ -extern bool notty; /* Stdin/out is not a tty */ -extern char *pty_socket; /* Socket to connect to pty */ -extern char *record_file; /* File to record chars sent/received */ -extern bool sync_serial; /* Device is synchronous serial device */ -extern int maxfail; /* Max # of unsuccessful connection attempts */ -extern char linkname[]; /* logical name for link */ -extern bool tune_kernel; /* May alter kernel settings as necessary */ -extern int connect_delay; /* Time to delay after connect script */ -extern int max_data_rate; /* max bytes/sec through charshunt */ -extern int req_unit; /* interface unit number to use */ -extern char path_ipup[]; /* pathname of ip-up script */ -extern char path_ipdown[]; /* pathname of ip-down script */ -extern char req_ifname[]; /* interface name to use (IFNAMSIZ) */ -extern bool multilink; /* enable multilink operation */ -extern bool noendpoint; /* don't send or accept endpt. discrim. */ -extern char *bundle_name; /* bundle name for multilink */ -extern bool dump_options; /* print out option values */ -extern bool show_options; /* show all option names and descriptions */ -extern bool dryrun; /* check everything, print options, exit */ -extern int child_wait; /* # seconds to wait for children at end */ - -#ifdef PPP_WITH_IPV6CP -extern char path_ipv6up[]; /* pathname of ipv6-up script */ -extern char path_ipv6down[]; /* pathname of ipv6-down script */ -#endif - -#if defined(PPP_WITH_EAPTLS) || defined(PPP_WITH_PEAP) -#define TLS_VERIFY_NONE "none" -#define TLS_VERIFY_NAME "name" -#define TLS_VERIFY_SUBJECT "subject" -#define TLS_VERIFY_SUFFIX "suffix" - -extern char *crl_dir; -extern char *crl_file; -extern char *ca_path; -extern char *cacert_file; - -extern char *max_tls_version; -extern bool tls_verify_key_usage; -extern char *tls_verify_method; -#endif /* PPP_WITH_EAPTLS || PPP_WITH_PEAP */ - -#ifdef PPP_WITH_EAPTLS -extern char *pkcs12_file; -#endif /* PPP_WITH_EAPTLS */ - -extern unsigned int maxoctets; /* Maximum octetes per session (in bytes) */ -extern int maxoctets_dir; /* Direction : - 0 - in+out (default) - 1 - in - 2 - out - 3 - max(in,out) */ -extern int maxoctets_timeout; /* Timeout for check of octets limit */ -#define PPP_OCTETS_DIRECTION_SUM 0 -#define PPP_OCTETS_DIRECTION_IN 1 -#define PPP_OCTETS_DIRECTION_OUT 2 -#define PPP_OCTETS_DIRECTION_MAXOVERAL 3 -/* same as previos, but little different on RADIUS side */ -#define PPP_OCTETS_DIRECTION_MAXSESSION 4 - -#ifdef PPP_WITH_FILTER -extern struct bpf_program pass_filter; /* Filter for pkts to pass */ -extern struct bpf_program active_filter; /* Filter for link-active pkts */ -#endif - -#ifdef PPP_WITH_MSLANMAN -extern bool ms_lanman; /* Use LanMan password instead of NT */ - /* Has meaning only with MS-CHAP challenges */ -#endif - -/* Values for auth_pending, auth_done */ -#define PAP_WITHPEER 0x1 -#define PAP_PEER 0x2 -#define CHAP_WITHPEER 0x4 -#define CHAP_PEER 0x8 -#define EAP_WITHPEER 0x10 -#define EAP_PEER 0x20 - -/* Values for auth_done only */ -#define CHAP_MD5_WITHPEER 0x40 -#define CHAP_MD5_PEER 0x80 -#define CHAP_MS_SHIFT 8 /* LSB position for MS auths */ -#define CHAP_MS_WITHPEER 0x100 -#define CHAP_MS_PEER 0x200 -#define CHAP_MS2_WITHPEER 0x400 -#define CHAP_MS2_PEER 0x800 - -extern char *current_option; /* the name of the option being parsed */ -extern int privileged_option; /* set iff the current option came from root */ -extern char *option_source; /* string saying where the option came from */ -extern int option_priority; /* priority of current options */ - /* - * Values for phase. - */ -#define PHASE_DEAD 0 -#define PHASE_INITIALIZE 1 -#define PHASE_SERIALCONN 2 -#define PHASE_DORMANT 3 -#define PHASE_ESTABLISH 4 -#define PHASE_AUTHENTICATE 5 -#define PHASE_CALLBACK 6 -#define PHASE_NETWORK 7 -#define PHASE_RUNNING 8 -#define PHASE_TERMINATE 9 -#define PHASE_DISCONNECT 10 -#define PHASE_HOLDOFF 11 -#define PHASE_MASTER 12 - -/* - * The following struct gives the addresses of procedures to call - * for a particular protocol. + * The following struct gives the addresses of procedures to call for a particular protocol. */ struct protent { - u_short protocol; /* PPP protocol number */ + /* PPP protocol number */ + unsigned short protocol; /* Initialization procedure */ void (*init)(int unit); /* Process a received packet */ - void (*input)(int unit, u_char *pkt, int len); + void (*input)(int unit, unsigned char *pkt, int len); /* Process a received protocol-reject */ void (*protrej)(int unit); /* Lower layer has come up */ @@ -471,34 +198,37 @@ struct protent { /* Close the protocol */ void (*close)(int unit, char *reason); /* Print a packet in readable form */ - int (*printpkt)(u_char *pkt, int len, printer_func printer, void *arg); + int (*printpkt)(unsigned char *pkt, int len, printer_func printer, void *arg); /* Process a received data packet */ - void (*datainput)(int unit, u_char *pkt, int len); - bool enabled_flag; /* 0 iff protocol is disabled */ - char *name; /* Text name of protocol */ - char *data_name; /* Text name of corresponding data protocol */ - option_t *options; /* List of command-line options */ + void (*datainput)(int unit, unsigned char *pkt, int len); + /* 0 iff protocol is disabled */ + bool enabled_flag; + /* Text name of protocol */ + char *name; + /* Text name of corresponding data protocol */ + char *data_name; + /* List of command-line options */ + struct option *options; /* Check requested options, assign defaults */ void (*check_options)(void); /* Configure interface for demand-dial */ int (*demand_conf)(int unit); /* Say whether to bring up link for this pkt */ - int (*active_pkt)(u_char *pkt, int len); + int (*active_pkt)(unsigned char *pkt, int len); }; /* Table of pointers to supported protocols */ extern struct protent *protocols[]; + /* - * This struct contains pointers to a set of procedures for - * doing operations on a "channel". A channel provides a way - * to send and receive PPP packets - the canonical example is - * a serial port device in PPP line discipline (or equivalently - * with PPP STREAMS modules pushed onto it). + * This struct contains pointers to a set of procedures for doing operations on a "channel". + * A channel provides a way to send and receive PPP packets - the canonical example is a serial + * port device in PPP line discipline (or equivalently with PPP STREAMS modules pushed onto it). */ struct channel { /* set of options for this channel */ - option_t *options; + struct option *options; /* find and process a per-channel options file */ void (*process_extra_options)(void); /* check all the options that have been given */ @@ -512,9 +242,9 @@ struct channel { /* take the channel out of PPP `mode', restore loopback if demand */ void (*disestablish_ppp)(int); /* set the transmit-side PPP parameters of the channel */ - void (*send_config)(int, u_int32_t, int, int); + void (*send_config)(int, uint32_t, int, int); /* set the receive-side PPP parameters of the channel */ - void (*recv_config)(int, u_int32_t, int, int); + void (*recv_config)(int, uint32_t, int, int); /* cleanup on error or normal exit */ void (*cleanup)(void); /* close the device, called in children after fork */ @@ -523,470 +253,325 @@ struct channel { extern struct channel *the_channel; + /* - * This structure contains environment variables that are set or unset - * by the user. + * Functions for string formatting and debugging */ -struct userenv { - struct userenv *ue_next; - char *ue_value; /* value (set only) */ - bool ue_isset; /* 1 for set, 0 for unset */ - bool ue_priv; /* from privileged source */ - const char *ue_source; /* source name */ - char ue_name[1]; /* variable name */ -}; -extern struct userenv *userenv_list; - -/* - * Prototypes. - */ - -/* Procedures exported from main.c. */ -void set_ifunit(int); /* set stuff that depends on ifunit */ -void detach(void); /* Detach from controlling tty */ -void die(int); /* Cleanup and exit */ -void quit(void); /* like die(1) */ -void novm(char *); /* Say we ran out of memory, and die */ -void timeout(void (*func)(void *), void *arg, int s, int us); - /* Call func(arg) after s.us seconds */ -void untimeout(void (*func)(void *), void *arg); - /* Cancel call to func(arg) */ -void record_child(int, char *, void (*) (void *), void *, int); -pid_t safe_fork(int, int, int); /* Fork & close stuff in child */ -int device_script(char *cmd, int in, int out, int dont_wait); - /* Run `cmd' with given stdin and stdout */ -pid_t run_program(char *prog, char **args, int must_exist, - void (*done)(void *), void *arg, int wait); - /* Run program prog with args in child */ -void reopen_log(void); /* (re)open the connection to syslog */ -void print_link_stats(void); /* Print stats, if available */ -void reset_link_stats(int); /* Reset (init) stats when link goes up */ -void update_link_stats(int); /* Get stats at link termination */ -void script_setenv(char *, char *, int); /* set script env var */ -void script_unsetenv(char *); /* unset script env var */ -void new_phase(int); /* signal start of new phase */ -void add_notifier(struct notifier **, notify_func, void *); -void remove_notifier(struct notifier **, notify_func, void *); -void notify(struct notifier *, int); -int ppp_send_config(int, int, u_int32_t, int, int); -int ppp_recv_config(int, int, u_int32_t, int, int); -const char *protocol_name(int); -void remove_pidfiles(void); -void lock_db(void); -void unlock_db(void); - -/* Procedures exported from tty.c. */ -void tty_init(void); - -/* Procedures exported from utils.c. */ -void log_packet(u_char *, int, char *, int); - /* Format a packet and log it with syslog */ -void print_string(char *, int, printer_func, void *); - /* Format a string for output */ -int slprintf(char *, int, char *, ...); /* sprintf++ */ -int vslprintf(char *, int, char *, va_list); /* vsprintf++ */ -size_t strlcpy(char *, const char *, size_t); /* safe strcpy */ -size_t strlcat(char *, const char *, size_t); /* safe strncpy */ -void dbglog(char *, ...); /* log a debug message */ -void info(char *, ...); /* log an informational message */ -void notice(char *, ...); /* log a notice-level message */ -void warn(char *, ...); /* log a warning message */ -void error(char *, ...); /* log an error message */ -void fatal(char *, ...); /* log an error message and die(1) */ -void init_pr_log(const char *, int); /* initialize for using pr_log */ -void pr_log(void *, char *, ...); /* printer fn, output to syslog */ -void end_pr_log(void); /* finish up after using pr_log */ -void dump_packet(const char *, u_char *, int); - /* dump packet to debug log if interesting */ -ssize_t complete_read(int, void *, size_t); - /* read a complete buffer */ - -/* Procedures exported from auth.c */ -void link_required(int); /* we are starting to use the link */ -void start_link(int); /* bring the link up now */ -void link_terminated(int); /* we are finished with the link */ -void link_down(int); /* the LCP layer has left the Opened state */ -void upper_layers_down(int);/* take all NCPs down */ -void link_established(int); /* the link is up; authenticate now */ -void start_networks(int); /* start all the network control protos */ -void continue_networks(int); /* start network [ip, etc] control protos */ -void np_up(int, int); /* a network protocol has come up */ -void np_down(int, int); /* a network protocol has gone down */ -void np_finished(int, int); /* a network protocol no longer needs link */ -void auth_peer_fail(int, int); - /* peer failed to authenticate itself */ -void auth_peer_success(int, int, int, char *, int); - /* peer successfully authenticated itself */ -void auth_withpeer_fail(int, int); - /* we failed to authenticate ourselves */ -void auth_withpeer_success(int, int, int); - /* we successfully authenticated ourselves */ -void auth_check_options(void); - /* check authentication options supplied */ -void auth_reset(int); /* check what secrets we have */ -int check_passwd(int, char *, int, char *, int, char **); - /* Check peer-supplied username/password */ -int get_secret(int, char *, char *, char *, int *, int); - /* get "secret" for chap */ -int get_srp_secret(int unit, char *client, char *server, char *secret, - int am_server); -int auth_ip_addr(int, u_int32_t); - /* check if IP address is authorized */ -int auth_number(void); /* check if remote number is authorized */ -int bad_ip_adrs(u_int32_t); - /* check if IP address is unreasonable */ - -/* Procedures exported from demand.c */ -void demand_conf(void); /* config interface(s) for demand-dial */ -void demand_block(void); /* set all NPs to queue up packets */ -void demand_unblock(void); /* set all NPs to pass packets */ -void demand_discard(void); /* set all NPs to discard packets */ -void demand_rexmit(int); /* retransmit saved frames for an NP */ -int loop_chars(unsigned char *, int); /* process chars from loopback */ -int loop_frame(unsigned char *, int); /* should we bring link up? */ - -/* Procedures exported from multilink.c */ -#ifdef PPP_WITH_MULTILINK -void mp_check_options(void); /* Check multilink-related options */ -int mp_join_bundle(void); /* join our link to an appropriate bundle */ -void mp_exit_bundle(void); /* have disconnected our link from bundle */ -void mp_bundle_terminated(void); -char *epdisc_to_str(struct epdisc *); /* string from endpoint discrim. */ -int str_to_epdisc(struct epdisc *, char *); /* endpt disc. from str */ -#else -#define mp_bundle_terminated() /* nothing */ -#define mp_exit_bundle() /* nothing */ -#define doing_multilink 0 -#define multilink_master 0 -#endif +/* Is debug enabled */ +bool debug_on(); -/* Procedures exported from sys-*.c */ -void sys_init(void); /* Do system-dependent initialization */ -void sys_cleanup(void); /* Restore system state before exiting */ -int sys_check_options(void); /* Check options specified */ -void sys_close(void); /* Clean up in a child before execing */ -int ppp_available(void); /* Test whether ppp kernel support exists */ -int get_pty(int *, int *, char *, int); /* Get pty master/slave */ -int open_ppp_loopback(void); /* Open loopback for demand-dialling */ -int tty_establish_ppp(int); /* Turn serial port into a ppp interface */ -void tty_disestablish_ppp(int); /* Restore port to normal operation */ -void generic_disestablish_ppp(int dev_fd); /* Restore device setting */ -int generic_establish_ppp(int dev_fd); /* Make a ppp interface */ -void make_new_bundle(int, int, int, int); /* Create new bundle */ -int bundle_attach(int); /* Attach link to existing bundle */ -void cfg_bundle(int, int, int, int); /* Configure existing bundle */ -void destroy_bundle(void); /* Tell driver to destroy bundle */ -void clean_check(void); /* Check if line was 8-bit clean */ -void set_up_tty(int, int); /* Set up port's speed, parameters, etc. */ -void restore_tty(int); /* Restore port's original parameters */ -void setdtr(int, int); /* Raise or lower port's DTR line */ -void output(int, u_char *, int); /* Output a PPP packet */ -void wait_input(struct timeval *); - /* Wait for input, with timeout */ -void add_fd(int); /* Add fd to set to wait for */ -void remove_fd(int); /* Remove fd from set to wait for */ -int read_packet(u_char *); /* Read PPP packet */ -int get_loop_output(void); /* Read pkts from loopback */ -void tty_send_config(int, u_int32_t, int, int); - /* Configure i/f transmit parameters */ -void tty_set_xaccm(ext_accm); - /* Set extended transmit ACCM */ -void tty_recv_config(int, u_int32_t, int, int); - /* Configure i/f receive parameters */ -int ccp_test(int, u_char *, int, int); - /* Test support for compression scheme */ -void ccp_flags_set(int, int, int); - /* Set kernel CCP state */ -int ccp_fatal_error(int); /* Test for fatal decomp error in kernel */ -int get_idle_time(int, struct ppp_idle *); - /* Find out how long link has been idle */ -int get_ppp_stats(int, struct pppd_stats *); - /* Return link statistics */ -void netif_set_mtu(int, int); /* Set PPP interface MTU */ -int netif_get_mtu(int); /* Get PPP interface MTU */ -int sifvjcomp(int, int, int, int); - /* Configure VJ TCP header compression */ -int sifup(int); /* Configure i/f up for one protocol */ -int sifnpmode(int u, int proto, enum NPmode mode); - /* Set mode for handling packets for proto */ -int sifdown(int); /* Configure i/f down for one protocol */ -int sifaddr(int, u_int32_t, u_int32_t, u_int32_t); - /* Configure IPv4 addresses for i/f */ -int cifaddr(int, u_int32_t, u_int32_t); - /* Reset i/f IP addresses */ -#ifdef PPP_WITH_IPV6CP -int sif6up(int); /* Configure i/f up for IPv6 */ -int sif6down(int); /* Configure i/f down for IPv6 */ -int sif6addr(int, eui64_t, eui64_t); - /* Configure IPv6 addresses for i/f */ -int cif6addr(int, eui64_t, eui64_t); - /* Remove an IPv6 address from i/f */ -#endif -int sifdefaultroute(int, u_int32_t, u_int32_t, bool replace_default_rt); - /* Create default route through i/f */ -int cifdefaultroute(int, u_int32_t, u_int32_t); - /* Delete default route through i/f */ -#ifdef PPP_WITH_IPV6CP -int sif6defaultroute(int, eui64_t, eui64_t); - /* Create default IPv6 route through i/f */ -int cif6defaultroute(int, eui64_t, eui64_t); - /* Delete default IPv6 route through i/f */ -#endif -int sifproxyarp(int, u_int32_t); - /* Add proxy ARP entry for peer */ -int cifproxyarp(int, u_int32_t); - /* Delete proxy ARP entry for peer */ -u_int32_t GetMask(u_int32_t); /* Get appropriate netmask for address */ -int lock(char *); /* Create lock file for device */ -int relock(int); /* Rewrite lock file with new pid */ -void unlock(void); /* Delete previously-created lock file */ -void logwtmp(const char *, const char *, const char *); - /* Write entry to wtmp file */ -int get_host_seed(void); /* Get host-dependent random number seed */ -int have_route_to(u_int32_t); /* Check if route to addr exists */ -#ifdef PPP_WITH_FILTER -int set_filters(struct bpf_program *pass, struct bpf_program *active); - /* Set filter programs in kernel */ -#endif -int get_if_hwaddr(u_char *addr, char *name); -int get_first_ether_hwaddr(u_char *addr); -int get_time(struct timeval *); - /* Get current time, monotonic if possible. */ - -/* Procedures exported from options.c */ -int setipaddr(char *, char **, int); /* Set local/remote ip addresses */ -int parse_args(int argc, char **argv); - /* Parse options from arguments given */ -int options_from_file(char *filename, int must_exist, int check_prot, - int privileged); - /* Parse options from an options file */ -int options_from_user(void); /* Parse options from user's .ppprc */ -int options_for_tty(void); /* Parse options from /etc/ppp/options.tty */ -int options_from_list(struct wordlist *, int privileged); - /* Parse options from a wordlist */ -int getword(FILE *f, char *word, int *newlinep, char *filename); - /* Read a word from a file */ -void option_error(char *fmt, ...); - /* Print an error message about an option */ -int int_option(char *, int *); - /* Simplified number_option for decimal ints */ -void add_options(option_t *); /* Add extra options */ -void check_options(void); /* check values after all options parsed */ -int override_value(char *, int, const char *); - /* override value if permitted by priority */ -void print_options(printer_func, void *); - /* print out values of all options */ -void showopts(void); - /* show all option names and description */ -int parse_dotted_ip(char *, u_int32_t *); - -/* - * Hooks to enable plugins to change various things. +/* Safe sprintf++ */ +int slprintf(char *, int, char *, ...); + +/* vsprintf++ */ +int vslprintf(char *, int, char *, va_list); + +/* safe strcpy */ +size_t strlcpy(char *, const char *, size_t); + +/* safe strncpy */ +size_t strlcat(char *, const char *, size_t); + +/* log a debug message */ +void dbglog(char *, ...); + +/* log an informational message */ +void info(char *, ...); + +/* log a notice-level message */ +void notice(char *, ...); + +/* log a warning message */ +void warn(char *, ...); + +/* log an error message */ +void error(char *, ...); + +/* log an error message and die(1) */ +void fatal(char *, ...); + +/* Say we ran out of memory, and die */ +void novm(char *); + +/* Format a packet and log it with syslog */ +void log_packet(unsigned char *, int, char *, int); + +/* dump packet to debug log if interesting */ +void dump_packet(const char *, unsigned char *, int); + +/* initialize for using pr_log */ +void init_pr_log(const char *, int); + +/* printer fn, output to syslog */ +void pr_log(void *, char *, ...); + +/* finish up after using pr_log */ +void end_pr_log(void); + +/* + * Get the current exist status of pppd */ -extern int (*new_phase_hook)(int); -extern int (*idle_time_hook)(struct ppp_idle *); -extern int (*holdoff_hook)(void); -extern int (*pap_check_hook)(void); -extern int (*pap_auth_hook)(char *user, char *passwd, char **msgp, - struct wordlist **paddrs, - struct wordlist **popts); -extern void (*pap_logout_hook)(void); -extern int (*pap_passwd_hook)(char *user, char *passwd); -extern int (*allowed_address_hook)(u_int32_t addr); -extern void (*ip_up_hook)(void); -extern void (*ip_down_hook)(void); -extern void (*ip_choose_hook)(u_int32_t *); -extern void (*ipv6_up_hook)(void); -extern void (*ipv6_down_hook)(void); - -extern int (*chap_check_hook)(void); -extern int (*chap_passwd_hook)(char *user, char *passwd); -extern void (*multilink_join_hook)(void); - -#ifdef PPP_WITH_EAPTLS -extern int (*eaptls_passwd_hook)(char *user, char *passwd); -#endif +ppp_exit_code_t ppp_status(); -/* Let a plugin snoop sent and received packets. Useful for L2TP */ -extern void (*snoop_recv_hook)(unsigned char *p, int len); -extern void (*snoop_send_hook)(unsigned char *p, int len); +/* + * Set the exit status + */ +void ppp_set_status(ppp_exit_code_t code); /* - * Inline versions of get/put char/short/long. - * Pointer is advanced; we assume that both arguments - * are lvalues and will already be in registers. - * cp MUST be u_char *. - */ -#define GETCHAR(c, cp) { \ - (c) = *(cp)++; \ -} -#define PUTCHAR(c, cp) { \ - *(cp)++ = (u_char) (c); \ -} - - -#define GETSHORT(s, cp) { \ - (s) = *(cp)++ << 8; \ - (s) |= *(cp)++; \ -} -#define PUTSHORT(s, cp) { \ - *(cp)++ = (u_char) ((s) >> 8); \ - *(cp)++ = (u_char) (s); \ -} - -#define GETLONG(l, cp) { \ - (l) = *(cp)++ << 8; \ - (l) |= *(cp)++; (l) <<= 8; \ - (l) |= *(cp)++; (l) <<= 8; \ - (l) |= *(cp)++; \ -} -#define PUTLONG(l, cp) { \ - *(cp)++ = (u_char) ((l) >> 24); \ - *(cp)++ = (u_char) ((l) >> 16); \ - *(cp)++ = (u_char) ((l) >> 8); \ - *(cp)++ = (u_char) (l); \ -} - -#define INCPTR(n, cp) ((cp) += (n)) -#define DECPTR(n, cp) ((cp) -= (n)) - -/* - * System dependent definitions for user-level 4.3BSD UNIX implementation. - */ - -#define TIMEOUT(r, f, t) timeout((r), (f), (t), 0) -#define UNTIMEOUT(r, f) untimeout((r), (f)) - -#define BCOPY(s, d, l) memcpy(d, s, l) -#define BZERO(s, n) memset(s, 0, n) -#define BCMP(s1, s2, l) memcmp(s1, s2, l) - -#define PRINTMSG(m, l) { info("Remote message: %0.*v", l, m); } - -/* - * MAKEHEADER - Add Header fields to a packet. - */ -#define MAKEHEADER(p, t) { \ - PUTCHAR(PPP_ALLSTATIONS, p); \ - PUTCHAR(PPP_UI, p); \ - PUTSHORT(t, p); } - -/* - * Exit status values. - */ -#define EXIT_OK 0 -#define EXIT_FATAL_ERROR 1 -#define EXIT_OPTION_ERROR 2 -#define EXIT_NOT_ROOT 3 -#define EXIT_NO_KERNEL_SUPPORT 4 -#define EXIT_USER_REQUEST 5 -#define EXIT_LOCK_FAILED 6 -#define EXIT_OPEN_FAILED 7 -#define EXIT_CONNECT_FAILED 8 -#define EXIT_PTYCMD_FAILED 9 -#define EXIT_NEGOTIATION_FAILED 10 -#define EXIT_PEER_AUTH_FAILED 11 -#define EXIT_IDLE_TIMEOUT 12 -#define EXIT_CONNECT_TIME 13 -#define EXIT_CALLBACK 14 -#define EXIT_PEER_DEAD 15 -#define EXIT_HANGUP 16 -#define EXIT_LOOPBACK 17 -#define EXIT_INIT_FAILED 18 -#define EXIT_AUTH_TOPEER_FAILED 19 -#define EXIT_TRAFFIC_LIMIT 20 -#define EXIT_CNID_AUTH_FAILED 21 - -/* - * Debug macros. Slightly useful for finding bugs in pppd, not particularly - * useful for finding out why your connection isn't being established. - */ -#ifdef DEBUGALL -#define DEBUGMAIN 1 -#define DEBUGFSM 1 -#define DEBUGLCP 1 -#define DEBUGIPCP 1 -#define DEBUGIPV6CP 1 -#define DEBUGUPAP 1 -#define DEBUGCHAP 1 -#endif + * Configure the session's maximum number of octets + */ +void ppp_set_session_limit(unsigned int octets); -#ifndef LOG_PPP /* we use LOG_LOCAL2 for syslog by default */ -#if defined(DEBUGMAIN) || defined(DEBUGFSM) || defined(DEBUGSYS) \ - || defined(DEBUGLCP) || defined(DEBUGIPCP) || defined(DEBUGUPAP) \ - || defined(DEBUGCHAP) || defined(DEBUG) || defined(DEBUGIPV6CP) -#define LOG_PPP LOG_LOCAL2 -#else -#define LOG_PPP LOG_DAEMON -#endif -#endif /* LOG_PPP */ +/* + * Which direction to limit the number of octets + */ +void ppp_set_session_limit_dir(unsigned int direction); -#ifdef DEBUGMAIN -#define MAINDEBUG(x) if (debug) dbglog x -#else -#define MAINDEBUG(x) -#endif +/* + * Get the current link stats, returns true when valid and false if otherwise + */ +bool ppp_get_link_stats(ppp_link_stats_st *stats); -#ifdef DEBUGSYS -#define SYSDEBUG(x) if (debug) dbglog x -#else -#define SYSDEBUG(x) -#endif +/* + * Get pppd's notion of time + */ +int ppp_get_time(struct timeval *); -#ifdef DEBUGFSM -#define FSMDEBUG(x) if (debug) dbglog x -#else -#define FSMDEBUG(x) -#endif +/* + * Schedule a callback in s.us seconds from now + */ +typedef void (*ppp_timer_cb)(void *arg); +void ppp_timeout(ppp_timer_cb func, void *arg, int s, int us); -#ifdef DEBUGLCP -#define LCPDEBUG(x) if (debug) dbglog x -#else -#define LCPDEBUG(x) -#endif +/* + * Cancel any pending timer callbacks + */ +void ppp_untimeout(void (*func)(void *), void *arg); -#ifdef DEBUGIPCP -#define IPCPDEBUG(x) if (debug) dbglog x -#else -#define IPCPDEBUG(x) -#endif +/* + * Clean up in a child before execing + */ +void ppp_sys_close(void); -#ifdef DEBUGIPV6CP -#define IPV6CPDEBUG(x) if (debug) dbglog x -#else -#define IPV6CPDEBUG(x) -#endif +/* + * Fork & close stuff in child + */ +pid_t ppp_safe_fork(int, int, int); -#ifdef DEBUGUPAP -#define UPAPDEBUG(x) if (debug) dbglog x -#else -#define UPAPDEBUG(x) -#endif +/* + * Get the current hostname + */ +const char *ppp_hostname(); -#ifdef DEBUGCHAP -#define CHAPDEBUG(x) if (debug) dbglog x -#else -#define CHAPDEBUG(x) -#endif +/* + * Is pppd using pty as a device (opposed to notty or pty opt). + */ +bool ppp_using_pty(); -#ifndef SIGTYPE -#if defined(sun) || defined(SYSV) || defined(POSIX_SOURCE) -#define SIGTYPE void -#else -#define SIGTYPE int -#endif /* defined(sun) || defined(SYSV) || defined(POSIX_SOURCE) */ -#endif /* SIGTYPE */ +/* + * Device is synchronous serial device + */ +bool ppp_sync_serial(); -#ifndef MIN -#define MIN(a, b) ((a) < (b)? (a): (b)) -#endif -#ifndef MAX -#define MAX(a, b) ((a) > (b)? (a): (b)) -#endif +/* + * Modem mode + */ +bool ppp_get_modem(); -#ifndef offsetof -#define offsetof(type, member) ((size_t) &((type *)0)->member) -#endif +/* + * Control the mode of the tty terminal + */ +void ppp_set_modem(bool on); + +/* + * Set the current session number, e.g. for PPPoE + */ +void ppp_set_session_number(int number); + +/* + * Set the current session number, e.g. for PPPoE + */ +int ppp_get_session_number(void); + +/* + * Check if pppd got signaled, returns 0 if not signaled, returns -1 on failure, and the signal number when signaled. + */ +bool ppp_signaled(int sig); + +/* + * Maximum connect time in seconds + */ +int ppp_get_max_connect_time(void); + +/* + * Set the maximum connect time in seconds + */ +void ppp_set_max_connect_time(unsigned int max); + +/* + * Get the link idle time before shutting the link down + */ +int ppp_get_max_idle_time(void); + +/* + * Set the link idle time before shutting the link down + */ +void ppp_set_max_idle_time(unsigned int idle); + +/* + * Get the duration the link was up (uptime) + */ +int ppp_get_link_uptime(); + +/* + * Get the ipparam configured with pppd + */ +const char *ppp_ipparam(); + +/* + * check if IP address is unreasonable + */ +bool ppp_bad_ip_addr(uint32_t); + +/* + * Expose an environment variable to scripts + */ +void ppp_script_setenv(char *, char *, int); + +/* + * Unexpose an environment variable to scripts + */ +void ppp_script_unsetenv(char *); + +/* + * Test whether ppp kernel support exists + */ +int ppp_check_kernel_support(void); + +/* + * Restore device setting + */ +void ppp_generic_disestablish(int dev_fd); + +/* + * Set the interface MTU + */ +void ppp_set_mtu(int, int); + +/* + * Get the interface MTU + */ +int ppp_get_mtu(int); + +/* + * Make a ppp interface + */ +int ppp_generic_establish(int dev_fd); + +/* + * Get the peer's authentication name + */ +const char *ppp_peer_authname(char *buf, size_t bufsz); + +/* + * Get the remote name + */ +const char *ppp_remote_name(); + +/* + * Get the remote number (if set), otherwise return NULL + */ +const char *ppp_get_remote_number(void); + +/* + * Set the remote number, typically it's a MAC address + */ +void ppp_set_remote_number(const char *buf); + +/* + * Get the current interface unit for the pppX device + */ +int ppp_ifunit(); + +/* + * Get the current interface name + */ +const char *ppp_ifname(); + +/* + * Get the current interface name + */ +int ppp_get_ifname(char *buf, size_t bufsz); + +/* + * Set the current interface name, ifname is a \0 terminated string + */ +void ppp_set_ifname(const char *ifname); + +/* + * Set the original devnam (prior to any renaming, etc). + */ +int ppp_set_pppdevnam(const char *name); + +/* + * Get the original devnam (prior to any renaming, etc). + */ +const char *ppp_pppdevnam(); + +/* + * Get the current devnam, e.g. /dev/ttyS0, /dev/ptmx + */ +const char *ppp_devnam(); + +/* + * Set the device name + */ +int ppp_set_devnam(const char *name); + +/* + * Definition for the notify callback function + * ctx - contextual argument provided with the registration + * arg - anything passed by the notification, e.g. phase, pid, etc + */ +typedef void (ppp_notify_fn)(void *ctx, int arg); + +/* + * Add a callback notification for when a given event has occured + */ +void ppp_add_notify(ppp_notify_t type, ppp_notify_fn *func, void *ctx); + +/* + * Remove a callback notification previously registered + */ +void ppp_del_notify(ppp_notify_t type, ppp_notify_fn *func, void *ctx); + +/* + * Get the path prefix in which a file is installed + */ +int ppp_get_path(ppp_path_t type, char *buf, size_t bufsz); + +/* + * Get the file with path prefix + */ +int ppp_get_filepath(ppp_path_t type, const char *name, char *buf, size_t bufsz); + +/* + * Check if pppd is to re-open link after it goes down + */ +bool ppp_persist(); + +/* + * Hooks to enable plugins to hook into various parts of the code + */ + +struct ppp_idle; /* Declared in <linux/ppp_defs.h> */ +extern int (*idle_time_hook)(struct ppp_idle *); +extern int (*new_phase_hook)(int); +extern int (*holdoff_hook)(void); +extern int (*allowed_address_hook)(uint32_t addr); +extern void (*snoop_recv_hook)(unsigned char *p, int len); +extern void (*snoop_send_hook)(unsigned char *p, int len); #endif /* PPP_PPPD_H */ diff --git a/pppd/session.c b/pppd/session.c index 8ab5b8b..025f08a 100644 --- a/pppd/session.c +++ b/pppd/session.c @@ -89,7 +89,7 @@ #include <utmp.h> #include <fcntl.h> #include <unistd.h> -#include "pppd.h" +#include "pppd-private.h" #include "session.h" #ifdef PPP_WITH_PAM diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c index 7beb977..561b150 100644 --- a/pppd/sys-linux.c +++ b/pppd/sys-linux.c @@ -159,7 +159,8 @@ #define IFLA_PPP_DEV_FD 1 #endif -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "fsm.h" #include "ipcp.h" @@ -167,6 +168,8 @@ #include "eui64.h" #endif /* PPP_WITH_IPV6CP */ +#include "multilink.h" + #ifdef PPP_WITH_FILTER #include <pcap-bpf.h> #include <linux/filter.h> @@ -547,10 +550,10 @@ void sys_cleanup(void) /******************************************************************** * - * sys_close - Clean up in a child process before execing. + * ppp_sys_close - Clean up in a child process before execing. */ void -sys_close(void) +ppp_sys_close(void) { if (new_style_driver && ppp_dev_fd >= 0) close(ppp_dev_fd); @@ -614,7 +617,7 @@ int tty_establish_ppp (int tty_fd) #ifndef N_SYNC_PPP #define N_SYNC_PPP 14 #endif - ppp_disc = (new_style_driver && sync_serial)? N_SYNC_PPP: N_PPP; + ppp_disc = (new_style_driver && ppp_sync_serial())? N_SYNC_PPP: N_PPP; if (ioctl(tty_fd, TIOCSETD, &ppp_disc) < 0) { if ( ! ok_error (errno) ) { error("Couldn't set tty to PPP discipline: %m"); @@ -622,7 +625,7 @@ int tty_establish_ppp (int tty_fd) } } - ret_fd = generic_establish_ppp(tty_fd); + ret_fd = ppp_generic_establish(tty_fd); #define SC_RCVB (SC_RCV_B7_0 | SC_RCV_B7_1 | SC_RCV_EVNP | SC_RCV_ODDP) #define SC_LOGB (SC_DEBUG | SC_LOG_INPKT | SC_LOG_OUTPKT | SC_LOG_RAWIN \ @@ -643,7 +646,7 @@ int tty_establish_ppp (int tty_fd) * * generic_establish_ppp - Turn the fd into a ppp interface. */ -int generic_establish_ppp (int fd) +int ppp_generic_establish (int fd) { int x; @@ -780,16 +783,16 @@ void tty_disestablish_ppp(int tty_fd) flushfailed: initfdflags = -1; - generic_disestablish_ppp(tty_fd); + ppp_generic_disestablish(tty_fd); } /******************************************************************** * - * generic_disestablish_ppp - Restore device components to normal + * ppp_generic_disestablish - Restore device components to normal * operation, and reconnect the ppp unit to the loopback if in demand * mode. This shouldn't call die() because it's called from die(). */ -void generic_disestablish_ppp(int dev_fd) +void ppp_generic_disestablish(int dev_fd) { if (new_style_driver) { close(ppp_fd); @@ -797,7 +800,7 @@ void generic_disestablish_ppp(int dev_fd) if (demand) { modify_flags(ppp_dev_fd, 0, SC_LOOP_TRAFFIC); looped = 1; - } else if (!doing_multilink && ppp_dev_fd >= 0) { + } else if (!mp_on() && ppp_dev_fd >= 0) { close(ppp_dev_fd); remove_fd(ppp_dev_fd); ppp_dev_fd = -1; @@ -1503,7 +1506,7 @@ int read_packet (unsigned char *buf) error("read /dev/ppp: %m"); if (nr < 0 && errno == ENXIO) nr = 0; - if (nr == 0 && doing_multilink) { + if (nr == 0 && mp_on()) { remove_fd(ppp_dev_fd); bundle_eof = 1; } @@ -1549,7 +1552,7 @@ get_loop_output(void) * netif_set_mtu - set the MTU on the PPP network interface. */ void -netif_set_mtu(int unit, int mtu) +ppp_set_mtu(int unit, int mtu) { struct ifreq ifr; @@ -1565,7 +1568,7 @@ netif_set_mtu(int unit, int mtu) * netif_get_mtu - get the MTU on the PPP network interface. */ int -netif_get_mtu(int unit) +ppp_get_mtu(int unit) { struct ifreq ifr; @@ -1600,7 +1603,7 @@ void tty_send_config(int mtu, u_int32_t asyncmap, int pcomp, int accomp) } x = (pcomp? SC_COMP_PROT: 0) | (accomp? SC_COMP_AC: 0) - | (sync_serial? SC_SYNC: 0); + | (ppp_sync_serial()? SC_SYNC: 0); modify_flags(ppp_fd, SC_COMP_PROT|SC_COMP_AC|SC_SYNC, x); } @@ -2857,11 +2860,11 @@ ppp_registered(void) /******************************************************************** * - * ppp_available - check whether the system has any ppp interfaces + * ppp_check_kernel_support - check whether the system has any ppp interfaces * (in fact we check whether we can do an ioctl on ppp0). */ -int ppp_available(void) +int ppp_check_kernel_support(void) { int s, ok, fd; struct ifreq ifr; @@ -3674,7 +3677,7 @@ int get_host_seed(void) { int h; - char *p = hostname; + const char *p; h = 407; for (p = hostname; *p != 0; ++p) @@ -3691,7 +3694,7 @@ int sys_check_options(void) { if (demand && driver_is_old) { - option_error("demand dialling is not supported by kernel driver " + ppp_option_error("demand dialling is not supported by kernel driver " "version %d.%d.%d", driver_version, driver_modification, driver_patch); return 0; @@ -3708,7 +3711,7 @@ sys_check_options(void) * get_time - Get current time, monotonic if possible. */ int -get_time(struct timeval *tv) +ppp_get_time(struct timeval *tv) { /* Old glibc (< 2.3.4) does define CLOCK_MONOTONIC, but kernel may have it. * Runtime checking makes it safe. */ diff --git a/pppd/sys-solaris.c b/pppd/sys-solaris.c index d903721..e41b0e2 100644 --- a/pppd/sys-solaris.c +++ b/pppd/sys-solaris.c @@ -135,7 +135,7 @@ #include <pcap.h> #endif -#include "pppd.h" +#include "pppd-private.h" #include "fsm.h" #include "lcp.h" #include "ipcp.h" @@ -820,7 +820,7 @@ sys_cleanup(void) * sys_close - Clean up in a child process before execing. */ void -sys_close(void) +ppp_sys_close(void) { close(ipfd); #if defined(PPP_WITH_IPV6CP) && defined(SOL2) @@ -865,10 +865,10 @@ daemon(int nochdir, int noclose) #endif /* - * ppp_available - check whether the system has any ppp interfaces + * ppp_check_kernel_support - check whether the system has any ppp interfaces */ int -ppp_available(void) +ppp_check_kernel_support(void) { struct stat buf; @@ -915,7 +915,7 @@ tty_establish_ppp(int fd) /* Push the async hdlc module and the compressor module. */ tty_npushed = 0; - if(!sync_serial) { + if(!ppp_sync_serial()) { if (ioctl(fd, I_PUSH, AHDLC_MOD_NAME) < 0) { error("Couldn't push PPP Async HDLC module: %m"); return -1; @@ -1160,12 +1160,12 @@ set_up_tty(int fd, int local) struct termiox tiox; #endif - if (!sync_serial && tcgetattr(fd, &tios) < 0) + if (!ppp_sync_serial() && tcgetattr(fd, &tios) < 0) fatal("tcgetattr: %m"); #ifndef CRTSCTS termiox_ok = 1; - if (!sync_serial && ioctl (fd, TCGETX, &tiox) < 0) { + if (!ppp_sync_serial() && ioctl (fd, TCGETX, &tiox) < 0) { termiox_ok = 0; if (errno != ENOTTY) error("TCGETX: %m"); @@ -1177,7 +1177,7 @@ set_up_tty(int fd, int local) #ifndef CRTSCTS inittermiox = tiox; #endif - if (!sync_serial) + if (!ppp_sync_serial()) ioctl(fd, TIOCGWINSZ, &wsinfo); } @@ -1225,21 +1225,21 @@ set_up_tty(int fd, int local) * We can't proceed if the serial port speed is 0, * since that implies that the serial port is disabled. */ - if ((speed == B0) && !sync_serial) + if ((speed == B0) && !ppp_sync_serial()) fatal("Baud rate for %s is 0; need explicit baud rate", devnam); } - if (!sync_serial && tcsetattr(fd, TCSAFLUSH, &tios) < 0) + if (!ppp_sync_serial() && tcsetattr(fd, TCSAFLUSH, &tios) < 0) fatal("tcsetattr: %m"); #ifndef CRTSCTS - if (!sync_serial && termiox_ok && ioctl (fd, TCSETXF, &tiox) < 0){ + if (!ppp_sync_serial() && termiox_ok && ioctl (fd, TCSETXF, &tiox) < 0){ error("TCSETXF: %m"); } #endif baud_rate = inspeed = baud_rate_of(speed); - if (!sync_serial) + if (!ppp_sync_serial()) restore_term = 1; } @@ -1259,16 +1259,16 @@ restore_tty(int fd) */ inittermios.c_lflag &= ~(ECHO | ECHONL); } - if (!sync_serial && tcsetattr(fd, TCSAFLUSH, &inittermios) < 0) + if (!ppp_sync_serial() && tcsetattr(fd, TCSAFLUSH, &inittermios) < 0) if (!hungup && errno != ENXIO) warn("tcsetattr: %m"); #ifndef CRTSCTS - if (!sync_serial && ioctl (fd, TCSETXF, &inittermiox) < 0){ + if (!ppp_sync_serial() && ioctl (fd, TCSETXF, &inittermiox) < 0){ if (!hungup && errno != ENXIO) error("TCSETXF: %m"); } #endif - if (!sync_serial) + if (!ppp_sync_serial()) ioctl(fd, TIOCSWINSZ, &wsinfo); restore_term = 0; } @@ -1460,10 +1460,10 @@ get_loop_output(void) } /* - * netif_set_mtu - set the MTU on the PPP network interface. + * ppp_set_mtu - set the MTU on the PPP network interface. */ void -netif_set_mtu(int unit, int mtu) +ppp_set_mtu(int unit, int mtu) { struct ifreq ifr; #if defined(PPP_WITH_IPV6CP) && defined(SOL2) @@ -1497,10 +1497,10 @@ netif_set_mtu(int unit, int mtu) /* - * netif_get_mtu - get the MTU on the PPP network interface. + * ppp_get_mtu - get the MTU on the PPP network interface. */ int -netif_get_mtu(int unit) +ppp_get_mtu(int unit) { struct ifreq ifr; @@ -1532,7 +1532,7 @@ tty_send_config(int mtu, u_int32_t asyncmap, int pcomp, int accomp) error("Couldn't set MTU: %m"); } if (fdmuxid >= 0) { - if (!sync_serial) { + if (!ppp_sync_serial()) { if (strioctl(pppfd, PPPIO_XACCM, &asyncmap, sizeof(asyncmap), 0) < 0) error("Couldn't set transmit ACCM: %m"); } @@ -1550,7 +1550,7 @@ tty_send_config(int mtu, u_int32_t asyncmap, int pcomp, int accomp) void tty_set_xaccm(ext_accm accm) { - if (sync_serial) + if (ppp_sync_serial()) return; if (fdmuxid >= 0 @@ -1578,7 +1578,7 @@ tty_recv_config(int mru, u_int32_t asyncmap, int pcomp, int accomp) error("Couldn't set MRU: %m"); } if (fdmuxid >= 0) { - if (!sync_serial) { + if (!ppp_sync_serial()) { if (strioctl(pppfd, PPPIO_RACCM, &asyncmap, sizeof(asyncmap), 0) < 0) error("Couldn't set receive ACCM: %m"); } @@ -1636,7 +1636,7 @@ get_ppp_stats(int u, struct pppd_stats *stats) { struct ppp_stats s; - if (!sync_serial && + if (!ppp_sync_serial() && strioctl(pppfd, PPPIO_GETSTAT, &s, 0, sizeof(s)) < 0) { error("Couldn't get link statistics: %m"); return 0; @@ -2313,7 +2313,7 @@ dlpi_get_reply(int fd, union DL_primitives *reply, int expected_prim, size_t max pfd.events = POLLIN | POLLPRI; do { n = poll(&pfd, 1, 1000); - } while (n == -1 && errno == EINTR && !got_sigterm); + } while (n == -1 && errno == EINTR && !ppp_signaled(SIGTERM)); if (n <= 0) return -1; @@ -2744,7 +2744,7 @@ get_pty(int *master_fdp, int *slave_fdp, char *slave_name, int uid) * get_time - Get current time, monotonic if possible. */ int -get_time(struct timeval *tv) +ppp_get_time(struct timeval *tv) { return gettimeofday(tv, NULL); } @@ -26,12 +26,16 @@ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + #include <string.h> #include <openssl/ssl.h> #include <openssl/err.h> #include <openssl/x509v3.h> -#include "pppd.h" +#include "pppd-private.h" #include "tls.h" /** @@ -95,7 +95,8 @@ #include <netinet/in.h> #include <arpa/inet.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "fsm.h" #include "lcp.h" @@ -111,7 +112,7 @@ static int setdevname(char *, char **, int); static int setspeed(char *, char **, int); static int setxonxoff(char **); static int setescape(char **); -static void printescape(option_t *, void (*)(void *, char *,...),void *); +static void printescape(struct option *, void (*)(void *, char *,...),void *); static void finish_tty(void); static int start_charshunt(int, int); static void stop_charshunt(void *, int); @@ -136,6 +137,8 @@ int locked; /* lock() has succeeded */ struct stat devstat; /* result of stat() on devnam */ /* option variables */ +char devnam[MAXPATHLEN]; /* Device name */ +char ppp_devname[MAXPATHLEN];/* name of PPP tty (maybe ttypx) */ int crtscts = 0; /* Use hardware flow control */ int stop_bits = 1; /* Number of serial port stop bits */ bool modem = 1; /* Use modem control lines */ @@ -164,7 +167,7 @@ extern int privopen; /* don't lock, open device as root */ u_int32_t xmit_accm[8]; /* extended transmit ACCM */ /* option descriptors */ -option_t tty_options[] = { +static struct option tty_options[] = { /* device name must be first, or change connect_tty() below! */ { "device name", o_wild, (void *) &setdevname, "Serial port device name", @@ -261,6 +264,61 @@ struct channel tty_channel = { &tty_close_fds }; +bool +ppp_sync_serial() +{ + return sync_serial; +} + +bool +ppp_get_modem() +{ + return modem; +} + +void +ppp_set_modem(bool on) +{ + modem = on; +} + +bool +ppp_using_pty() +{ + return using_pty; +} + +int +ppp_set_pppdevnam(const char *name) +{ + if (name) { + return strlcpy(ppp_devname, name, sizeof(ppp_devname)); + } + return -1; +} + +const char * +ppp_pppdevnam() +{ + return ppp_devname; +} + +const char * +ppp_devnam() +{ + return devnam; +} + +int +ppp_set_devnam(const char *name) +{ + if (name) { + return strlcpy(devnam, name, sizeof(devnam)); + } + return -1; +} + + /* * setspeed - Set the serial port baud rate. * If doit is 0, the call is to check whether this option is @@ -309,12 +367,12 @@ setdevname(char *cp, char **argv, int doit) if (stat(cp, &statbuf) < 0) { if (!doit) return errno != ENOENT; - option_error("Couldn't stat %s: %m", cp); + ppp_option_error("Couldn't stat %s: %m", cp); return 0; } if (!S_ISCHR(statbuf.st_mode)) { if (doit) - option_error("%s is not a character device", cp); + ppp_option_error("%s is not a character device", cp); return 0; } @@ -351,13 +409,13 @@ setescape(char **argv) while (*p) { n = strtol(p, &endp, 16); if (p == endp) { - option_error("escape parameter contains invalid hex number '%s'", + ppp_option_error("escape parameter contains invalid hex number '%s'", p); return 0; } p = endp; if (n < 0 || n == 0x5E || n > 0xFF) { - option_error("can't escape character 0x%x", n); + ppp_option_error("can't escape character 0x%x", n); ret = 0; } else xmit_accm[n >> 5] |= 1 << (n & 0x1F); @@ -369,7 +427,7 @@ setescape(char **argv) } static void -printescape(option_t *opt, void (*printer)(void *, char *, ...), void *arg) +printescape(struct option *opt, void (*printer)(void *, char *, ...), void *arg) { int n; int first = 1; @@ -394,7 +452,7 @@ printescape(option_t *opt, void (*printer)(void *, char *, ...), void *arg) */ void tty_init(void) { - add_notifier(&pidchange, maybe_relock, 0); + ppp_add_notify(NF_PID_CHANGE, maybe_relock, 0); the_channel = &tty_channel; xmit_accm[3] = 0x60000000; } @@ -411,7 +469,7 @@ void tty_process_extra_options(void) if (default_device) { char *p; if (!isatty(0) || (p = ttyname(0)) == NULL) { - option_error("no device specified and stdin is not a tty"); + ppp_option_error("no device specified and stdin is not a tty"); exit(EXIT_OPTION_ERROR); } strlcpy(devnam, p, MAXPATHLEN); @@ -441,12 +499,12 @@ tty_check_options(void) int fdflags; if (demand && notty) { - option_error("demand-dialling is incompatible with notty"); + ppp_option_error("demand-dialling is incompatible with notty"); exit(EXIT_OPTION_ERROR); } if (demand && connect_script == 0 && ptycommand == NULL && pty_socket == NULL) { - option_error("connect script is required for demand-dialling\n"); + ppp_option_error("connect script is required for demand-dialling\n"); exit(EXIT_OPTION_ERROR); } /* default holdoff to 0 if no connect script has been given */ @@ -455,16 +513,16 @@ tty_check_options(void) if (using_pty) { if (!default_device) { - option_error("%s option precludes specifying device name", + ppp_option_error("%s option precludes specifying device name", pty_socket? "socket": notty? "notty": "pty"); exit(EXIT_OPTION_ERROR); } if (ptycommand != NULL && notty) { - option_error("pty option is incompatible with notty option"); + ppp_option_error("pty option is incompatible with notty option"); exit(EXIT_OPTION_ERROR); } if (pty_socket != NULL && (ptycommand != NULL || notty)) { - option_error("socket option is incompatible with pty and notty"); + ppp_option_error("socket option is incompatible with pty and notty"); exit(EXIT_OPTION_ERROR); } default_device = notty; @@ -518,14 +576,14 @@ int connect_tty(void) * Get a pty master/slave pair if the pty, notty, socket, * or record options were specified. */ - strlcpy(ppp_devnam, devnam, MAXPATHLEN); + strlcpy(ppp_devname, devnam, MAXPATHLEN); pty_master = -1; pty_slave = -1; real_ttyfd = -1; if (using_pty || record_file != NULL) { - if (!get_pty(&pty_master, &pty_slave, ppp_devnam, uid)) { + if (!get_pty(&pty_master, &pty_slave, ppp_devname, uid)) { error("Couldn't allocate pseudo-tty"); - status = EXIT_FATAL_ERROR; + ppp_set_status(EXIT_FATAL_ERROR); return -1; } set_up_tty(pty_slave, 1); @@ -534,7 +592,7 @@ int connect_tty(void) /* * Lock the device if we've been asked to. */ - status = EXIT_LOCK_FAILED; + ppp_set_status(EXIT_LOCK_FAILED); if (lockflag && !privopen) { if (lock(devnam) < 0) goto errret; @@ -560,7 +618,7 @@ int connect_tty(void) if (prio < OPRIO_ROOT && seteuid(uid) == -1) { error("Unable to drop privileges before opening %s: %m\n", devnam); - status = EXIT_OPEN_FAILED; + ppp_set_status(EXIT_OPEN_FAILED); goto errret; } real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0); @@ -572,7 +630,7 @@ int connect_tty(void) errno = err; if (err != EINTR) { error("Failed to open %s: %m", devnam); - status = EXIT_OPEN_FAILED; + ppp_set_status(EXIT_OPEN_FAILED); } if (!persist || err != EINTR) goto errret; @@ -615,7 +673,7 @@ int connect_tty(void) * If the pty, socket, notty and/or record option was specified, * start up the character shunt now. */ - status = EXIT_PTYCMD_FAILED; + ppp_set_status(EXIT_PTYCMD_FAILED); if (ptycommand != NULL) { if (record_file != NULL) { int ipipe[2], opipe[2], ok; @@ -681,7 +739,7 @@ int connect_tty(void) if (initializer && initializer[0]) { if (device_script(initializer, ttyfd, ttyfd, 0) < 0) { error("Initializer script failed"); - status = EXIT_INIT_FAILED; + ppp_set_status(EXIT_INIT_FAILED); goto errretf; } if (got_sigterm) { @@ -694,7 +752,7 @@ int connect_tty(void) if (connector && connector[0]) { if (device_script(connector, ttyfd, ttyfd, 0) < 0) { error("Connect script failed"); - status = EXIT_CONNECT_FAILED; + ppp_set_status(EXIT_CONNECT_FAILED); goto errretf; } if (got_sigterm) { @@ -721,7 +779,7 @@ int connect_tty(void) break; if (errno != EINTR) { error("Failed to reopen %s: %m", devnam); - status = EXIT_OPEN_FAILED; + ppp_set_status(EXIT_OPEN_FAILED); } if (!persist || errno != EINTR || hungup || got_sigterm) goto errret; @@ -730,7 +788,7 @@ int connect_tty(void) } slprintf(numbuf, sizeof(numbuf), "%d", baud_rate); - script_setenv("SPEED", numbuf, 0); + ppp_script_setenv("SPEED", numbuf, 0); /* run welcome script, if any */ if (welcomer && welcomer[0]) { @@ -911,7 +969,7 @@ start_charshunt(int ifd, int ofd) { int cpid, ret; - cpid = safe_fork(ifd, ofd, (log_to_fd >= 0? log_to_fd: 2)); + cpid = ppp_safe_fork(ifd, ofd, (log_to_fd >= 0? log_to_fd: 2)); if (cpid == -1) { error("Can't fork process for character shunt: %m"); return 0; @@ -1054,7 +1112,7 @@ charshunt(int ifd, int ofd, char *record_file) pty_readable = stdin_readable = 1; ilevel = olevel = 0; - get_time(&levelt); + ppp_get_time(&levelt); if (max_data_rate) { max_level = max_data_rate / 10; if (max_level < 100) @@ -1103,7 +1161,7 @@ charshunt(int ifd, int ofd, char *record_file) int nbt; struct timeval now; - get_time(&now); + ppp_get_time(&now); dt = (now.tv_sec - levelt.tv_sec + (now.tv_usec - levelt.tv_usec) / 1e6); nbt = (int)(dt * max_data_rate); diff --git a/pppd/upap.c b/pppd/upap.c index 1fcff09..822fb0a 100644 --- a/pppd/upap.c +++ b/pppd/upap.c @@ -51,7 +51,8 @@ #include <stdio.h> #include <string.h> -#include "pppd.h" +#include "pppd-private.h" +#include "options.h" #include "upap.h" @@ -60,7 +61,7 @@ static bool hide_password = 1; /* * Command-line options. */ -static option_t pap_option_list[] = { +static struct option pap_option_list[] = { { "hide-password", o_bool, &hide_password, "Don't output passwords to log", OPT_PRIO | 1 }, { "show-password", o_bool, &hide_password, diff --git a/pppd/upap.h b/pppd/upap.h index af09cd9..e6058be 100644 --- a/pppd/upap.h +++ b/pppd/upap.h @@ -71,7 +71,7 @@ typedef struct upap_state { int us_passwdlen; /* Password length */ int us_clientstate; /* Client state */ int us_serverstate; /* Server state */ - u_char us_id; /* Current id */ + unsigned char us_id; /* Current id */ int us_timeouttime; /* Timeout (seconds) for auth-req retrans. */ int us_transmits; /* Number of auth-reqs sent */ int us_maxtransmits; /* Maximum number of auth-reqs to send */ @@ -113,4 +113,37 @@ void upap_authpeer(int); extern struct protent pap_protent; +typedef int (pap_check_hook_fn)(void); +typedef int (pap_auth_hook_fn)(char *user, char *passwd, char **msgp, + struct wordlist **paddrs, + struct wordlist **popts); +typedef void (pap_logout_hook_fn)(void); +typedef int (pap_passwd_hook_fn)(char *user, char *passwd); + +/* + * This function will return a value of 1 to indicate that a plugin intent to + * supply a username or a password through the pap_auth_hook callback. + * + * A return value of > 0 will avoid parsing pap-secrets file. + */ +extern pap_check_hook_fn *pap_check_hook; + +/* + * This hook is used to check if a username and password matches against the + * PAP secrets. + */ +extern pap_auth_hook_fn *pap_auth_hook; + +/* + * Hook for plugin to know about PAP user logout. + */ +extern pap_logout_hook_fn *pap_logout_hook; + +/* + * A plugin can chose to supply its own user and password overriding what + * previously has been configured. Hook is only valid when pppd is acting + * as a client + */ +extern pap_passwd_hook_fn *pap_passwd_hook; + #endif // PPP_UPAP_H diff --git a/pppd/utils.c b/pppd/utils.c index bd82e2b..c1bdbbb 100644 --- a/pppd/utils.c +++ b/pppd/utils.c @@ -58,7 +58,7 @@ #include <sys/mkdev.h> #endif -#include "pppd.h" +#include "pppd-private.h" #include "fsm.h" #include "lcp.h" #include "pathnames.h" @@ -768,7 +768,7 @@ complete_read(int fd, void *buf, size_t count) for (done = 0; done < count; ) { nb = read(fd, ptr, count - done); if (nb < 0) { - if (errno == EINTR && !got_sigterm) + if (errno == EINTR && !ppp_signaled(SIGTERM)) continue; return -1; } |