*/
#ifndef lint
-static char rcsid[] = "$Id: auth.c,v 1.13 1995/04/24 06:01:54 paulus Exp $";
+static char rcsid[] = "$Id: auth.c,v 1.15.2.1 1995/06/01 07:01:21 paulus Exp $";
#endif
#include <stdio.h>
#include "ccp.h"
#include "pathnames.h"
-#ifdef sparc
+#if defined(sparc) && !defined(NeXT)
#include <alloca.h>
#endif /*sparc*/
/* Records which authentication operations haven't completed yet. */
static int auth_pending[NUM_PPP];
+
+/* Set if we have successfully called login() */
static int logged_in;
+
+/* List of addresses which the peer may use. */
static struct wordlist *addresses[NUM_PPP];
+/* Number of network protocols which we have opened. */
+static int num_np_open;
+
+/* Number of network protocols which have come up. */
+static int num_np_up;
+
/* Bits in auth_pending[] */
#define UPAP_WITHPEER 1
#define UPAP_PEER 2
void check_access __P((FILE *, char *));
static void network_phase __P((int));
+static void check_idle __P((caddr_t));
static int login __P((char *, char *, char **, int *));
static void logout __P((void));
static int null_login __P((int));
int unit;
{
phase = PHASE_NETWORK;
+ num_np_open = 1;
ipcp_open(unit);
ccp_open(unit);
}
}
+/*
+ * np_up - a network protocol has come up.
+ */
+void
+np_up(unit, proto)
+ int unit, proto;
+{
+ if (num_np_up == 0 && idle_time_limit > 0) {
+ TIMEOUT(check_idle, NULL, idle_time_limit);
+ }
+ ++num_np_up;
+}
+
+/*
+ * np_down - a network protocol has gone down.
+ */
+void
+np_down(unit, proto)
+ int unit, proto;
+{
+ if (--num_np_up == 0 && idle_time_limit > 0) {
+ UNTIMEOUT(check_idle, NULL);
+ }
+}
+
+/*
+ * np_finished - a network protocol has finished using the link.
+ */
+void
+np_finished(unit, proto)
+ int unit, proto;
+{
+ if (--num_np_open <= 0) {
+ /* no further use for the link: shut up shop. */
+ lcp_close(0);
+ }
+}
+
+/*
+ * check_idle - check whether the link has been idle for long
+ * enough that we can shut it down.
+ */
+static void
+check_idle(arg)
+ caddr_t arg;
+{
+ struct ppp_idle idle;
+ time_t itime;
+
+ if (!get_idle_time(0, &idle))
+ return;
+ itime = MIN(idle.xmit_idle, idle.recv_idle);
+ if (itime >= idle_time_limit) {
+ /* link is idle: shut it down. */
+ syslog(LOG_INFO, "Terminating connection due to lack of activity.");
+ lcp_close(0);
+ } else {
+ TIMEOUT(check_idle, NULL, idle_time_limit - itime);
+ }
+}
+
/*
* check_auth_options - called to check authentication options.
*/
} else {
check_access(f, filename);
if (scan_authfile(f, user, our_name, secret, &addrs, filename) < 0
- || (secret[0] != 0 && strcmp(passwd, secret) != 0
+ || (secret[0] != 0 && (cryptpap || strcmp(passwd, secret) != 0)
&& strcmp(crypt(passwd, secret), secret) != 0)) {
syslog(LOG_WARNING, "upap authentication failure for %s", user);
ret = UPAP_AUTHNAK;
#ifdef HAS_SHADOW
if ((pw->pw_passwd && pw->pw_passwd[0] == '@'
&& pw_auth (pw->pw_passwd+1, pw->pw_name, PW_PPP, NULL))
- || !valid (passwd, pw)) {
+ || !valid (passwd, pw)) {
return (UPAP_AUTHNAK);
}
#else