X-Git-Url: http://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fauth.c;h=b0bcdcf4a9d59349dd2872f344a4450c7bb0fdae;hb=39c06d616dd4c9443ed390969e58cd53ca1e314d;hp=cda341a2f6b266f968df166ede94084912f2db8a;hpb=f53a48eb9d74db3c71938e114b7f489c339bc003;p=ppp.git

diff --git a/pppd/auth.c b/pppd/auth.c
index cda341a..b0bcdcf 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -73,7 +73,7 @@
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#define RCSID	"$Id: auth.c,v 1.90 2002/12/04 23:03:32 paulus Exp $"
+#define RCSID	"$Id: auth.c,v 1.94 2003/03/09 09:52:19 etbe Exp $"
 
 #include <stdio.h>
 #include <stddef.h>
@@ -428,7 +428,8 @@ setupapfile(argv)
 
     /* get username */
     if (fgets(u, MAXNAMELEN - 1, ufile) == NULL
-	|| fgets(p, MAXSECRETLEN - 1, ufile) == NULL){
+	|| fgets(p, MAXSECRETLEN - 1, ufile) == NULL) {
+	fclose(ufile);
 	option_error("unable to read user login data file %s", fname);
 	return 0;
     }
@@ -605,6 +606,9 @@ link_established(unit)
 	    && protp->lowerup != NULL)
 	    (*protp->lowerup)(unit);
 
+    if (!auth_required && noauth_addrs != NULL)
+	set_allowed_addrs(unit, NULL, NULL);
+
     if (auth_required && !(go->neg_upap || go->neg_chap || go->neg_eap)) {
 	/*
 	 * We wanted the peer to authenticate itself, and it refused:
@@ -1146,6 +1150,14 @@ auth_check_options()
 
 	exit(1);
     }
+
+    /*
+     * Early check for remote number authorization.
+     */
+    if (!auth_number()) {
+	warn("calling number %q is not authorized", remote_number);
+	exit(EXIT_CNID_AUTH_FAILED);
+    }
 }
 
 /*
@@ -1974,7 +1986,7 @@ set_allowed_addrs(unit, addrs, opts)
 	} else {
 	    np = getnetbyname (ptr_word);
 	    if (np != NULL && np->n_addrtype == AF_INET) {
-		a = htonl (*(u_int32_t *)np->n_net);
+		a = htonl ((u_int32_t)np->n_net);
 		if (ptr_mask == NULL) {
 		    /* calculate appropriate mask for net */
 		    ah = ntohl(a);