Contents of /trunk/ppp/patches/ppp-2.4.4-auth-fail.patch
Parent Directory | Revision Log
Revision 797 -
(show annotations)
(download)
Mon May 11 09:46:04 2009 UTC (15 years, 4 months ago) by niro
File size: 5003 byte(s)
Mon May 11 09:46:04 2009 UTC (15 years, 4 months ago) by niro
File size: 5003 byte(s)
-added patches from gentoo
1 | diff -Nru ppp-2.4.4.orig/pppd/auth.c ppp-2.4.4/pppd/auth.c |
2 | --- ppp-2.4.4.orig/pppd/auth.c 2007-06-14 10:48:44.000000000 +0300 |
3 | +++ ppp-2.4.4/pppd/auth.c 2007-06-14 10:49:12.000000000 +0300 |
4 | @@ -260,7 +260,7 @@ |
5 | struct wordlist **, struct wordlist **, |
6 | char *, int)); |
7 | static void free_wordlist __P((struct wordlist *)); |
8 | -static void auth_script __P((char *)); |
9 | +static void auth_script __P((char *, int)); |
10 | static void auth_script_done __P((void *)); |
11 | static void set_allowed_addrs __P((int, struct wordlist *, struct wordlist *)); |
12 | static int some_ip_ok __P((struct wordlist *)); |
13 | @@ -683,7 +683,7 @@ |
14 | if (auth_script_state == s_up && auth_script_pid == 0) { |
15 | update_link_stats(unit); |
16 | auth_script_state = s_down; |
17 | - auth_script(_PATH_AUTHDOWN); |
18 | + auth_script(_PATH_AUTHDOWN, 0); |
19 | } |
20 | } |
21 | if (!doing_multilink) { |
22 | @@ -814,7 +814,7 @@ |
23 | auth_state = s_up; |
24 | if (auth_script_state == s_down && auth_script_pid == 0) { |
25 | auth_script_state = s_up; |
26 | - auth_script(_PATH_AUTHUP); |
27 | + auth_script(_PATH_AUTHUP, 0); |
28 | } |
29 | } |
30 | |
31 | @@ -913,6 +913,7 @@ |
32 | * Authentication failure: take the link down |
33 | */ |
34 | status = EXIT_PEER_AUTH_FAILED; |
35 | + auth_script(_PATH_AUTHFAIL, 1); |
36 | lcp_close(unit, "Authentication failed"); |
37 | } |
38 | |
39 | @@ -991,6 +992,7 @@ |
40 | * authentication secrets. |
41 | */ |
42 | status = EXIT_AUTH_TOPEER_FAILED; |
43 | + auth_script(_PATH_AUTHFAIL, 1); |
44 | lcp_close(unit, "Failed to authenticate ourselves to peer"); |
45 | } |
46 | |
47 | @@ -1221,6 +1223,8 @@ |
48 | if (user[0] == 0) |
49 | strlcpy(user, our_name, sizeof(user)); |
50 | |
51 | + script_setenv("LOCALNAME", user, 0); |
52 | + |
53 | /* |
54 | * If we have a default route, require the peer to authenticate |
55 | * unless the noauth option was given or the real user is root. |
56 | @@ -2522,13 +2526,13 @@ |
57 | case s_up: |
58 | if (auth_state == s_down) { |
59 | auth_script_state = s_down; |
60 | - auth_script(_PATH_AUTHDOWN); |
61 | + auth_script(_PATH_AUTHDOWN, 0); |
62 | } |
63 | break; |
64 | case s_down: |
65 | if (auth_state == s_up) { |
66 | auth_script_state = s_up; |
67 | - auth_script(_PATH_AUTHUP); |
68 | + auth_script(_PATH_AUTHUP, 0); |
69 | } |
70 | break; |
71 | } |
72 | @@ -2539,8 +2543,9 @@ |
73 | * interface-name peer-name real-user tty speed |
74 | */ |
75 | static void |
76 | -auth_script(script) |
77 | +auth_script(script, wait) |
78 | char *script; |
79 | + int wait; |
80 | { |
81 | char strspeed[32]; |
82 | struct passwd *pw; |
83 | @@ -2564,5 +2569,8 @@ |
84 | argv[5] = strspeed; |
85 | argv[6] = NULL; |
86 | |
87 | - auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL, 0); |
88 | + if (wait) |
89 | + run_program(script, argv, 0, NULL, NULL, 1); |
90 | + else |
91 | + auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL, 0); |
92 | } |
93 | diff -Nru ppp-2.4.4.orig/pppd/pathnames.h ppp-2.4.4/pppd/pathnames.h |
94 | --- ppp-2.4.4.orig/pppd/pathnames.h 2005-08-26 02:59:34.000000000 +0300 |
95 | +++ ppp-2.4.4/pppd/pathnames.h 2007-06-14 10:49:12.000000000 +0300 |
96 | @@ -27,6 +27,7 @@ |
97 | #define _PATH_IPPREUP _ROOT_PATH "/etc/ppp/ip-pre-up" |
98 | #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up" |
99 | #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down" |
100 | +#define _PATH_AUTHFAIL _ROOT_PATH "/etc/ppp/auth-fail" |
101 | #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." |
102 | #define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors" |
103 | #define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/" |
104 | diff -Nru ppp-2.4.4.orig/pppd/pppd.8 ppp-2.4.4/pppd/pppd.8 |
105 | --- ppp-2.4.4.orig/pppd/pppd.8 2006-06-16 03:01:23.000000000 +0300 |
106 | +++ ppp-2.4.4/pppd/pppd.8 2007-06-14 10:49:12.000000000 +0300 |
107 | @@ -1531,8 +1531,8 @@ |
108 | Pppd invokes scripts at various stages in its processing which can be |
109 | used to perform site-specific ancillary processing. These scripts are |
110 | usually shell scripts, but could be executable code files instead. |
111 | -Pppd does not wait for the scripts to finish (except for the ip-pre-up |
112 | -script). The scripts are |
113 | +Pppd does not wait for the scripts to finish (except for the ip-pre-up, |
114 | +and auth-fail scripts). The scripts are |
115 | executed as root (with the real and effective user-id set to 0), so |
116 | that they can do things such as update routing tables or run |
117 | privileged daemons. Be careful that the contents of these scripts do |
118 | @@ -1560,6 +1560,11 @@ |
119 | The authenticated name of the peer. This is only set if the peer |
120 | authenticates itself. |
121 | .TP |
122 | +.B LOCALNAME |
123 | +The username passed to the user option of the pppd daemon. This is |
124 | +handy to identify which account was used for authentication purposes |
125 | +when multiple accounts are available. |
126 | +.TP |
127 | .B SPEED |
128 | The baud rate of the tty device. |
129 | .TP |
130 | @@ -1612,6 +1617,11 @@ |
131 | /etc/ppp/auth\-up was previously executed. It is executed in the same |
132 | manner with the same parameters as /etc/ppp/auth\-up. |
133 | .TP |
134 | +.B /etc/ppp/auth\-fail |
135 | +A program or script which is executed should authentication fail. pppd |
136 | +waits for this script to finish. It is executed in the same manner, with |
137 | +the same parameters as /etc/ppp/auth\-up. |
138 | +.TP |
139 | .B /etc/ppp/ip\-pre\-up |
140 | A program or script which is executed just before the ppp network |
141 | interface is brought up. It is executed with the same parameters as |