X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=PLUGINS;h=a655a9c765ef6a29f8b1963a1afbf5ce4adf97a1;hp=2cbb427a5c1031b320fef790f451c1497fd68691;hb=d98ab3805c818bfb58e20ee18e6488a851c1a90d;hpb=315faba747695d905ef13f899e20eaefbf55aa7c

diff --git a/PLUGINS b/PLUGINS
index 2cbb427..a655a9c 100644
--- a/PLUGINS
+++ b/PLUGINS
@@ -98,9 +98,7 @@ to reestablish the link (0 means immediately).
 
 int (*pap_check_hook)(void);
 int (*pap_passwd_hook)(char *user, char *passwd);
-int (*pap_auth_hook)(char *user, int userlen,
-		     char *passwd, int passlen,
-		     char **msgp, int *msglenp,
+int (*pap_auth_hook)(char *user, char *passwd, char **msgp,
 		     struct wordlist **paddrs,
 		     struct wordlist **popts);
 void (*pap_logout_hook)(void);
@@ -147,6 +145,56 @@ pppd's internal `plogout' function.  It can be used for accounting
 purposes.  This hook is deprecated and will be replaced by a notifier.
 
 
+int (*chap_check_hook)(void);
+int (*chap_passwd_hook)(char *user, char *passwd);
+int (*chap_verify_hook)(char *name, char *ourname, int id,
+			struct chap_digest_type *digest,
+			unsigned char *challenge, unsigned char *response,
+			char *message, int message_space)
+
+These hooks are designed to allow a plugin to replace the normal CHAP
+password processing in pppd with something different (e.g. contacting
+an external server).
+
+The chap_check_hook is called to check whether there is any possibility
+that the peer could authenticate itself to us.  If it returns 1, pppd
+will ask the peer to authenticate itself.  If it returns 0, pppd will
+not ask the peer to authenticate itself (but if authentication is
+required, pppd may exit, or terminate the link before network protocol
+negotiation).  If it returns -1, pppd will look in the chap-secrets
+file as it would normally.
+
+The chap_passwd_hook is called to determine what password
+pppd should use in authenticating itself to the peer with CHAP.  The
+user string will already be initialized, by the `user' option, the
+`name' option, or from the hostname, but can be changed if necessary.
+This hook is called only if pppd is a client, not if it is a server.
+
+MAXSECRETLEN bytes of space are available at *passwd.  If this hook
+returns 0, pppd will use the value *passwd; if it returns -1, pppd
+will fail to authenticate.
+
+The chap_verify_hook is called to determine whether the peer's
+response to our CHAP challenge is valid -- it should return 1 if valid
+or 0 if not.  The parameters are:
+
+* name points to a null-terminated string containing the username
+  supplied by the peer, or the remote name specified with the
+  "remotename" option.
+* ourname points to a null-terminated string containing the name of
+  the local machine (the hostname, or the name specified with the
+  "name" option).
+* id is the value of the id field from the challenge.
+* digest points to a chap_digest_type struct, which contains an
+  identifier for the type of digest in use plus function pointers for
+  functions for dealing with digests of that type.
+* challenge points to the challenge as a counted string (length byte
+  followed by the actual challenge bytes).
+* response points to the response as a counted string.
+* message points to an area of message_space bytes in which to store
+  any message that should be returned to the peer.
+
+
 int (*null_auth_hook)(struct wordlist **paddrs,
 		      struct wordlist **popts);
 
@@ -167,6 +215,29 @@ should be stored in *addrp.  If nothing is stored in *addrp, pppd will
 determine the peer's address in the usual manner.
 
 
+int (*allowed_address_hook)(u_int32_t addr)
+
+This hook is called to see if a peer is allowed to use the specified
+address.  If the hook returns 1, the address is accepted.  If it returns
+0, the address is rejected.  If it returns -1, the address is verified
+in the normal away against the appropriate options and secrets files.
+
+
+void (*snoop_recv_hook)(unsigned char *p, int len)
+void (*snoop_send_hook)(unsigned char *p, int len)
+
+These hooks are called whenever pppd receives or sends a packet.  The
+packet is in p; its length is len.  This allows plugins to "snoop in"
+on the pppd conversation.  The hooks may prove useful in implmenting
+L2TP.
+
+
+void (*multilink_join_hook)();
+
+This is called whenever a new link completes LCP negotiation and joins
+the bundle, if we are doing multilink.
+
+
 A plugin registers itself with a notifier by declaring a procedure of
 the form:
 
@@ -213,4 +284,4 @@ Here is a list of the currently-implemented notifiers in pppd.
 
 
 
-## $Id: PLUGINS,v 1.3 2001/05/21 08:34:33 paulus Exp $ ##
+## $Id: PLUGINS,v 1.8 2008/06/15 07:02:18 paulus Exp $ ##