Patch from Jon Dubovsky.
Previously pppd would use its default strategies for working out a
username and password/secret to use if the user gave the empty string
to the user and/or password options. Now we set a flag when an
explicit username is given, and don't do the default username
calculation if the flag is set. Similarly for the password.
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#define RCSID "$Id: auth.c,v 1.113 2007/06/19 02:08:35 carlsonj Exp $"
+#define RCSID "$Id: auth.c,v 1.114 2008/06/15 06:53:06 paulus Exp $"
#include <stdio.h>
#include <stddef.h>
#include <stdio.h>
#include <stddef.h>
bool auth_required = 0; /* Always require authentication from peer */
bool allow_any_ip = 0; /* Allow peer to use any IP address */
bool explicit_remote = 0; /* User specified explicit remote name */
bool auth_required = 0; /* Always require authentication from peer */
bool allow_any_ip = 0; /* Allow peer to use any IP address */
bool explicit_remote = 0; /* User specified explicit remote name */
+bool explicit_user = 0; /* Set if "user" option supplied */
+bool explicit_passwd = 0; /* Set if "password" option supplied */
char remote_name[MAXNAMELEN]; /* Peer's name for authentication */
static char *uafname; /* name of most recent +ua file */
char remote_name[MAXNAMELEN]; /* Peer's name for authentication */
static char *uafname; /* name of most recent +ua file */
OPT_PRIO | OPT_A2STRVAL, &uafname },
{ "user", o_string, user,
OPT_PRIO | OPT_A2STRVAL, &uafname },
{ "user", o_string, user,
- "Set name for auth with peer", OPT_PRIO | OPT_STATIC, NULL, MAXNAMELEN },
+ "Set name for auth with peer", OPT_PRIO | OPT_STATIC,
+ &explicit_user, MAXNAMELEN },
{ "password", o_string, passwd,
"Password for authenticating us to the peer",
{ "password", o_string, passwd,
"Password for authenticating us to the peer",
- OPT_PRIO | OPT_STATIC | OPT_HIDE, NULL, MAXSECRETLEN },
+ OPT_PRIO | OPT_STATIC | OPT_HIDE,
+ &explicit_passwd, MAXSECRETLEN },
{ "usehostname", o_bool, &usehostname,
"Must use hostname for authentication", 1 },
{ "usehostname", o_bool, &usehostname,
"Must use hostname for authentication", 1 },
if (l > 0 && p[l-1] == '\n')
p[l-1] = 0;
if (l > 0 && p[l-1] == '\n')
p[l-1] = 0;
- if (override_value("user", option_priority, fname))
+ if (override_value("user", option_priority, fname)) {
strlcpy(user, u, sizeof(user));
strlcpy(user, u, sizeof(user));
- if (override_value("passwd", option_priority, fname))
+ explicit_user = 1;
+ }
+ if (override_value("passwd", option_priority, fname)) {
strlcpy(passwd, p, sizeof(passwd));
strlcpy(passwd, p, sizeof(passwd));
+ explicit_passwd = 1;
+ }
chap_auth_with_peer(unit, user, CHAP_DIGEST(ho->chap_mdtype));
auth |= CHAP_WITHPEER;
} else if (ho->neg_upap) {
chap_auth_with_peer(unit, user, CHAP_DIGEST(ho->chap_mdtype));
auth |= CHAP_WITHPEER;
} else if (ho->neg_upap) {
+ /* If a blank password was explicitly given as an option, trust
+ the user and don't try to look up one. */
+ if (passwd[0] == 0 && !explicit_passwd) {
passwd_from_file = 1;
if (!get_pap_passwd(passwd))
error("No secret found for PAP login");
passwd_from_file = 1;
if (!get_pap_passwd(passwd))
error("No secret found for PAP login");
/* Default our_name to hostname, and user to our_name */
if (our_name[0] == 0 || usehostname)
strlcpy(our_name, hostname, sizeof(our_name));
/* Default our_name to hostname, and user to our_name */
if (our_name[0] == 0 || usehostname)
strlcpy(our_name, hostname, sizeof(our_name));
+ /* If a blank username was explicitly given as an option, trust
+ the user and don't use our_name */
+ if (user[0] == 0 && !explicit_user)
strlcpy(user, our_name, sizeof(user));
/*
strlcpy(user, our_name, sizeof(user));
/*
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#define RCSID "$Id: options.c,v 1.101 2008/06/03 12:07:13 paulus Exp $"
+#define RCSID "$Id: options.c,v 1.102 2008/06/15 06:53:06 paulus Exp $"
#include <ctype.h>
#include <stdio.h>
#include <ctype.h>
#include <stdio.h>
+ /*
+ * If addr2 wasn't used by any flag (OPT_A2COPY, etc.) but is set,
+ * treat it as a bool and set/clear it based on the OPT_A2CLR bit.
+ */
if (opt->addr2 && (opt->flags & (OPT_A2COPY|OPT_ENABLE
|OPT_A2PRINTER|OPT_A2STRVAL|OPT_A2LIST|OPT_A2OR)) == 0)
*(bool *)(opt->addr2) = !(opt->flags & OPT_A2CLR);
if (opt->addr2 && (opt->flags & (OPT_A2COPY|OPT_ENABLE
|OPT_A2PRINTER|OPT_A2STRVAL|OPT_A2LIST|OPT_A2OR)) == 0)
*(bool *)(opt->addr2) = !(opt->flags & OPT_A2CLR);
* AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
* AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
- * $Id: pppd.h,v 1.93 2008/06/03 12:06:37 paulus Exp $
+ * $Id: pppd.h,v 1.94 2008/06/15 06:53:06 paulus Exp $
#define OPT_VALUE 0xff /* mask for presupplied value */
#define OPT_HEX 0x100 /* int option is in hex */
#define OPT_NOARG 0x200 /* option doesn't take argument */
#define OPT_VALUE 0xff /* mask for presupplied value */
#define OPT_HEX 0x100 /* int option is in hex */
#define OPT_NOARG 0x200 /* option doesn't take argument */
-#define OPT_OR 0x400 /* OR in argument to value */
-#define OPT_INC 0x800 /* increment value */
+#define OPT_OR 0x400 /* for u32, OR in argument to value */
+#define OPT_INC 0x400 /* for o_int, increment value */
#define OPT_A2OR 0x800 /* for o_bool, OR arg to *(u_char *)addr2 */
#define OPT_PRIV 0x1000 /* privileged option */
#define OPT_STATIC 0x2000 /* string option goes into static array */
#define OPT_A2OR 0x800 /* for o_bool, OR arg to *(u_char *)addr2 */
#define OPT_PRIV 0x1000 /* privileged option */
#define OPT_STATIC 0x2000 /* string option goes into static array */
+#define OPT_NOINCR 0x2000 /* for o_int, value mustn't be increased */
#define OPT_LLIMIT 0x4000 /* check value against lower limit */
#define OPT_ULIMIT 0x8000 /* check value against upper limit */
#define OPT_LIMITS (OPT_LLIMIT|OPT_ULIMIT)
#define OPT_ZEROOK 0x10000 /* 0 value is OK even if not within limits */
#define OPT_HIDE 0x10000 /* for o_string, print value as ?????? */
#define OPT_LLIMIT 0x4000 /* check value against lower limit */
#define OPT_ULIMIT 0x8000 /* check value against upper limit */
#define OPT_LIMITS (OPT_LLIMIT|OPT_ULIMIT)
#define OPT_ZEROOK 0x10000 /* 0 value is OK even if not within limits */
#define OPT_HIDE 0x10000 /* for o_string, print value as ?????? */
-#define OPT_A2LIST 0x10000 /* for o_special, keep list of values */
-#define OPT_A2CLRB 0x10000 /* o_bool, clr val bits in *(u_char *)addr2 */
-#define OPT_NOINCR 0x20000 /* value mustn't be increased */
+#define OPT_A2LIST 0x20000 /* for o_special, keep list of values */
+#define OPT_A2CLRB 0x20000 /* o_bool, clr val bits in *(u_char *)addr2 */
#define OPT_ZEROINF 0x40000 /* with OPT_NOINCR, 0 == infinity */
#define OPT_PRIO 0x80000 /* process option priorities for this option */
#define OPT_PRIOSUB 0x100000 /* subsidiary member of priority group */
#define OPT_ZEROINF 0x40000 /* with OPT_NOINCR, 0 == infinity */
#define OPT_PRIO 0x80000 /* process option priorities for this option */
#define OPT_PRIOSUB 0x100000 /* subsidiary member of priority group */