Annotation of /trunk/ppp/patches/ppp-2.4.4-auth-fail.patch
Parent Directory | Revision Log
Revision 797 -
(hide annotations)
(download)
Mon May 11 09:46:04 2009 UTC (15 years, 4 months ago) by niro
File size: 5003 byte(s)
Mon May 11 09:46:04 2009 UTC (15 years, 4 months ago) by niro
File size: 5003 byte(s)
-added patches from gentoo
1 | niro | 797 | diff -Nru ppp-2.4.4.orig/pppd/auth.c ppp-2.4.4/pppd/auth.c |
2 | --- ppp-2.4.4.orig/pppd/auth.c 2007-06-14 10:48:44.000000000 +0300 | ||
3 | +++ ppp-2.4.4/pppd/auth.c 2007-06-14 10:49:12.000000000 +0300 | ||
4 | @@ -260,7 +260,7 @@ | ||
5 | struct wordlist **, struct wordlist **, | ||
6 | char *, int)); | ||
7 | static void free_wordlist __P((struct wordlist *)); | ||
8 | -static void auth_script __P((char *)); | ||
9 | +static void auth_script __P((char *, int)); | ||
10 | static void auth_script_done __P((void *)); | ||
11 | static void set_allowed_addrs __P((int, struct wordlist *, struct wordlist *)); | ||
12 | static int some_ip_ok __P((struct wordlist *)); | ||
13 | @@ -683,7 +683,7 @@ | ||
14 | if (auth_script_state == s_up && auth_script_pid == 0) { | ||
15 | update_link_stats(unit); | ||
16 | auth_script_state = s_down; | ||
17 | - auth_script(_PATH_AUTHDOWN); | ||
18 | + auth_script(_PATH_AUTHDOWN, 0); | ||
19 | } | ||
20 | } | ||
21 | if (!doing_multilink) { | ||
22 | @@ -814,7 +814,7 @@ | ||
23 | auth_state = s_up; | ||
24 | if (auth_script_state == s_down && auth_script_pid == 0) { | ||
25 | auth_script_state = s_up; | ||
26 | - auth_script(_PATH_AUTHUP); | ||
27 | + auth_script(_PATH_AUTHUP, 0); | ||
28 | } | ||
29 | } | ||
30 | |||
31 | @@ -913,6 +913,7 @@ | ||
32 | * Authentication failure: take the link down | ||
33 | */ | ||
34 | status = EXIT_PEER_AUTH_FAILED; | ||
35 | + auth_script(_PATH_AUTHFAIL, 1); | ||
36 | lcp_close(unit, "Authentication failed"); | ||
37 | } | ||
38 | |||
39 | @@ -991,6 +992,7 @@ | ||
40 | * authentication secrets. | ||
41 | */ | ||
42 | status = EXIT_AUTH_TOPEER_FAILED; | ||
43 | + auth_script(_PATH_AUTHFAIL, 1); | ||
44 | lcp_close(unit, "Failed to authenticate ourselves to peer"); | ||
45 | } | ||
46 | |||
47 | @@ -1221,6 +1223,8 @@ | ||
48 | if (user[0] == 0) | ||
49 | strlcpy(user, our_name, sizeof(user)); | ||
50 | |||
51 | + script_setenv("LOCALNAME", user, 0); | ||
52 | + | ||
53 | /* | ||
54 | * If we have a default route, require the peer to authenticate | ||
55 | * unless the noauth option was given or the real user is root. | ||
56 | @@ -2522,13 +2526,13 @@ | ||
57 | case s_up: | ||
58 | if (auth_state == s_down) { | ||
59 | auth_script_state = s_down; | ||
60 | - auth_script(_PATH_AUTHDOWN); | ||
61 | + auth_script(_PATH_AUTHDOWN, 0); | ||
62 | } | ||
63 | break; | ||
64 | case s_down: | ||
65 | if (auth_state == s_up) { | ||
66 | auth_script_state = s_up; | ||
67 | - auth_script(_PATH_AUTHUP); | ||
68 | + auth_script(_PATH_AUTHUP, 0); | ||
69 | } | ||
70 | break; | ||
71 | } | ||
72 | @@ -2539,8 +2543,9 @@ | ||
73 | * interface-name peer-name real-user tty speed | ||
74 | */ | ||
75 | static void | ||
76 | -auth_script(script) | ||
77 | +auth_script(script, wait) | ||
78 | char *script; | ||
79 | + int wait; | ||
80 | { | ||
81 | char strspeed[32]; | ||
82 | struct passwd *pw; | ||
83 | @@ -2564,5 +2569,8 @@ | ||
84 | argv[5] = strspeed; | ||
85 | argv[6] = NULL; | ||
86 | |||
87 | - auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL, 0); | ||
88 | + if (wait) | ||
89 | + run_program(script, argv, 0, NULL, NULL, 1); | ||
90 | + else | ||
91 | + auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL, 0); | ||
92 | } | ||
93 | diff -Nru ppp-2.4.4.orig/pppd/pathnames.h ppp-2.4.4/pppd/pathnames.h | ||
94 | --- ppp-2.4.4.orig/pppd/pathnames.h 2005-08-26 02:59:34.000000000 +0300 | ||
95 | +++ ppp-2.4.4/pppd/pathnames.h 2007-06-14 10:49:12.000000000 +0300 | ||
96 | @@ -27,6 +27,7 @@ | ||
97 | #define _PATH_IPPREUP _ROOT_PATH "/etc/ppp/ip-pre-up" | ||
98 | #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up" | ||
99 | #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down" | ||
100 | +#define _PATH_AUTHFAIL _ROOT_PATH "/etc/ppp/auth-fail" | ||
101 | #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." | ||
102 | #define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors" | ||
103 | #define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/" | ||
104 | diff -Nru ppp-2.4.4.orig/pppd/pppd.8 ppp-2.4.4/pppd/pppd.8 | ||
105 | --- ppp-2.4.4.orig/pppd/pppd.8 2006-06-16 03:01:23.000000000 +0300 | ||
106 | +++ ppp-2.4.4/pppd/pppd.8 2007-06-14 10:49:12.000000000 +0300 | ||
107 | @@ -1531,8 +1531,8 @@ | ||
108 | Pppd invokes scripts at various stages in its processing which can be | ||
109 | used to perform site-specific ancillary processing. These scripts are | ||
110 | usually shell scripts, but could be executable code files instead. | ||
111 | -Pppd does not wait for the scripts to finish (except for the ip-pre-up | ||
112 | -script). The scripts are | ||
113 | +Pppd does not wait for the scripts to finish (except for the ip-pre-up, | ||
114 | +and auth-fail scripts). The scripts are | ||
115 | executed as root (with the real and effective user-id set to 0), so | ||
116 | that they can do things such as update routing tables or run | ||
117 | privileged daemons. Be careful that the contents of these scripts do | ||
118 | @@ -1560,6 +1560,11 @@ | ||
119 | The authenticated name of the peer. This is only set if the peer | ||
120 | authenticates itself. | ||
121 | .TP | ||
122 | +.B LOCALNAME | ||
123 | +The username passed to the user option of the pppd daemon. This is | ||
124 | +handy to identify which account was used for authentication purposes | ||
125 | +when multiple accounts are available. | ||
126 | +.TP | ||
127 | .B SPEED | ||
128 | The baud rate of the tty device. | ||
129 | .TP | ||
130 | @@ -1612,6 +1617,11 @@ | ||
131 | /etc/ppp/auth\-up was previously executed. It is executed in the same | ||
132 | manner with the same parameters as /etc/ppp/auth\-up. | ||
133 | .TP | ||
134 | +.B /etc/ppp/auth\-fail | ||
135 | +A program or script which is executed should authentication fail. pppd | ||
136 | +waits for this script to finish. It is executed in the same manner, with | ||
137 | +the same parameters as /etc/ppp/auth\-up. | ||
138 | +.TP | ||
139 | .B /etc/ppp/ip\-pre\-up | ||
140 | A program or script which is executed just before the ppp network | ||
141 | interface is brought up. It is executed with the same parameters as |