X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Fupap.c;h=693c684f084105ccfc764482129a05c00d188956;hp=f6bb3ac83f2321634d2cdf70b12241354eb45747;hb=a3630de20e34796f434a728bfd9cf1a961380c82;hpb=7e30a978e0bc509a843cefe9bec420d980fcaa0f diff --git a/pppd/upap.c b/pppd/upap.c index f6bb3ac..693c684 100644 --- a/pppd/upap.c +++ b/pppd/upap.c @@ -17,9 +17,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#ifndef lint -static char rcsid[] = "$Id: upap.c,v 1.10 1996/07/01 01:21:35 paulus Exp $"; -#endif +#define RCSID "$Id: upap.c,v 1.19 1999/08/13 06:46:21 paulus Exp $" /* * TODO: @@ -27,13 +25,29 @@ static char rcsid[] = "$Id: upap.c,v 1.10 1996/07/01 01:21:35 paulus Exp $"; #include #include -#include -#include -#include #include "pppd.h" #include "upap.h" +static const char rcsid[] = RCSID; + +static bool hide_password; + +/* + * Command-line options. + */ +static option_t pap_option_list[] = { + { "hide-password", o_bool, &hide_password, + "Don't output passwords to log", 1 }, + { "pap-restart", o_int, &upap[0].us_timeouttime, + "Set retransmit timeout for PAP" }, + { "pap-max-authreq", o_int, &upap[0].us_maxtransmits, + "Set max number of transmissions for auth-reqs" }, + { "pap-timeout", o_int, &upap[0].us_reqtimeout, + "Set time limit for peer PAP authentication" }, + { NULL } +}; + /* * Protocol entry points. */ @@ -59,14 +73,16 @@ struct protent pap_protent = { 1, "PAP", NULL, + pap_option_list, + NULL, NULL, NULL }; upap_state upap[NUM_PPP]; /* UPAP state; one for each unit */ -static void upap_timeout __P((caddr_t)); -static void upap_reqtimeout __P((caddr_t)); +static void upap_timeout __P((void *)); +static void upap_reqtimeout __P((void *)); static void upap_rauthreq __P((upap_state *, u_char *, int, int)); static void upap_rauthack __P((upap_state *, u_char *, int, int)); static void upap_rauthnak __P((upap_state *, u_char *, int, int)); @@ -147,7 +163,7 @@ upap_authpeer(unit) u->us_serverstate = UPAPSS_LISTEN; if (u->us_reqtimeout > 0) - TIMEOUT(upap_reqtimeout, (caddr_t) u, u->us_reqtimeout); + TIMEOUT(upap_reqtimeout, u, u->us_reqtimeout); } @@ -156,7 +172,7 @@ upap_authpeer(unit) */ static void upap_timeout(arg) - caddr_t arg; + void *arg; { upap_state *u = (upap_state *) arg; @@ -165,7 +181,7 @@ upap_timeout(arg) if (u->us_transmits >= u->us_maxtransmits) { /* give up in disgust */ - syslog(LOG_ERR, "No response to PAP authenticate-requests"); + error("No response to PAP authenticate-requests"); u->us_clientstate = UPAPCS_BADAUTH; auth_withpeer_fail(u->us_unit, PPP_PAP); return; @@ -180,7 +196,7 @@ upap_timeout(arg) */ static void upap_reqtimeout(arg) - caddr_t arg; + void *arg; { upap_state *u = (upap_state *) arg; @@ -214,7 +230,7 @@ upap_lowerup(unit) else if (u->us_serverstate == UPAPSS_PENDING) { u->us_serverstate = UPAPSS_LISTEN; if (u->us_reqtimeout > 0) - TIMEOUT(upap_reqtimeout, (caddr_t) u, u->us_reqtimeout); + TIMEOUT(upap_reqtimeout, u, u->us_reqtimeout); } } @@ -231,9 +247,9 @@ upap_lowerdown(unit) upap_state *u = &upap[unit]; if (u->us_clientstate == UPAPCS_AUTHREQ) /* Timeout pending? */ - UNTIMEOUT(upap_timeout, (caddr_t) u); /* Cancel timeout */ + UNTIMEOUT(upap_timeout, u); /* Cancel timeout */ if (u->us_serverstate == UPAPSS_LISTEN && u->us_reqtimeout > 0) - UNTIMEOUT(upap_reqtimeout, (caddr_t) u); + UNTIMEOUT(upap_reqtimeout, u); u->us_clientstate = UPAPCS_INITIAL; u->us_serverstate = UPAPSS_INITIAL; @@ -252,11 +268,11 @@ upap_protrej(unit) upap_state *u = &upap[unit]; if (u->us_clientstate == UPAPCS_AUTHREQ) { - syslog(LOG_ERR, "PAP authentication failed due to protocol-reject"); + error("PAP authentication failed due to protocol-reject"); auth_withpeer_fail(unit, PPP_PAP); } if (u->us_serverstate == UPAPSS_LISTEN) { - syslog(LOG_ERR, "PAP authentication of peer failed (protocol-reject)"); + error("PAP authentication of peer failed (protocol-reject)"); auth_peer_fail(unit, PPP_PAP); } upap_lowerdown(unit); @@ -283,18 +299,18 @@ upap_input(unit, inpacket, l) */ inp = inpacket; if (l < UPAP_HEADERLEN) { - UPAPDEBUG((LOG_INFO, "pap_input: rcvd short header.")); + UPAPDEBUG(("pap_input: rcvd short header.")); return; } GETCHAR(code, inp); GETCHAR(id, inp); GETSHORT(len, inp); if (len < UPAP_HEADERLEN) { - UPAPDEBUG((LOG_INFO, "pap_input: rcvd illegal length.")); + UPAPDEBUG(("pap_input: rcvd illegal length.")); return; } if (len > l) { - UPAPDEBUG((LOG_INFO, "pap_input: rcvd short packet.")); + UPAPDEBUG(("pap_input: rcvd short packet.")); return; } len -= UPAP_HEADERLEN; @@ -337,8 +353,6 @@ upap_rauthreq(u, inp, id, len) char *msg; int msglen; - UPAPDEBUG((LOG_INFO, "pap_rauth: Rcvd id %d.", id)); - if (u->us_serverstate < UPAPSS_LISTEN) return; @@ -359,20 +373,20 @@ upap_rauthreq(u, inp, id, len) * Parse user/passwd. */ if (len < sizeof (u_char)) { - UPAPDEBUG((LOG_INFO, "pap_rauth: rcvd short packet.")); + UPAPDEBUG(("pap_rauth: rcvd short packet.")); return; } GETCHAR(ruserlen, inp); len -= sizeof (u_char) + ruserlen + sizeof (u_char); if (len < 0) { - UPAPDEBUG((LOG_INFO, "pap_rauth: rcvd short packet.")); + UPAPDEBUG(("pap_rauth: rcvd short packet.")); return; } ruser = (char *) inp; INCPTR(ruserlen, inp); GETCHAR(rpasswdlen, inp); if (len < rpasswdlen) { - UPAPDEBUG((LOG_INFO, "pap_rauth: rcvd short packet.")); + UPAPDEBUG(("pap_rauth: rcvd short packet.")); return; } rpasswd = (char *) inp; @@ -395,7 +409,7 @@ upap_rauthreq(u, inp, id, len) } if (u->us_reqtimeout > 0) - UNTIMEOUT(upap_reqtimeout, (caddr_t) u); + UNTIMEOUT(upap_reqtimeout, u); } @@ -412,7 +426,6 @@ upap_rauthack(u, inp, id, len) u_char msglen; char *msg; - UPAPDEBUG((LOG_INFO, "pap_rauthack: Rcvd id %d.", id)); if (u->us_clientstate != UPAPCS_AUTHREQ) /* XXX */ return; @@ -420,17 +433,19 @@ upap_rauthack(u, inp, id, len) * Parse message. */ if (len < sizeof (u_char)) { - UPAPDEBUG((LOG_INFO, "pap_rauthack: rcvd short packet.")); + UPAPDEBUG(("pap_rauthack: rcvd short packet.")); return; } GETCHAR(msglen, inp); - len -= sizeof (u_char); - if (len < msglen) { - UPAPDEBUG((LOG_INFO, "pap_rauthack: rcvd short packet.")); - return; + if (msglen > 0) { + len -= sizeof (u_char); + if (len < msglen) { + UPAPDEBUG(("pap_rauthack: rcvd short packet.")); + return; + } + msg = (char *) inp; + PRINTMSG(msg, msglen); } - msg = (char *) inp; - PRINTMSG(msg, msglen); u->us_clientstate = UPAPCS_OPEN; @@ -451,7 +466,6 @@ upap_rauthnak(u, inp, id, len) u_char msglen; char *msg; - UPAPDEBUG((LOG_INFO, "pap_rauthnak: Rcvd id %d.", id)); if (u->us_clientstate != UPAPCS_AUTHREQ) /* XXX */ return; @@ -459,21 +473,23 @@ upap_rauthnak(u, inp, id, len) * Parse message. */ if (len < sizeof (u_char)) { - UPAPDEBUG((LOG_INFO, "pap_rauthnak: rcvd short packet.")); + UPAPDEBUG(("pap_rauthnak: rcvd short packet.")); return; } GETCHAR(msglen, inp); - len -= sizeof (u_char); - if (len < msglen) { - UPAPDEBUG((LOG_INFO, "pap_rauthnak: rcvd short packet.")); - return; + if (msglen > 0) { + len -= sizeof (u_char); + if (len < msglen) { + UPAPDEBUG(("pap_rauthnak: rcvd short packet.")); + return; + } + msg = (char *) inp; + PRINTMSG(msg, msglen); } - msg = (char *) inp; - PRINTMSG(msg, msglen); u->us_clientstate = UPAPCS_BADAUTH; - syslog(LOG_ERR, "PAP authentication failed"); + error("PAP authentication failed"); auth_withpeer_fail(u->us_unit, PPP_PAP); } @@ -505,9 +521,7 @@ upap_sauthreq(u) output(u->us_unit, outpacket_buf, outlen + PPP_HDRLEN); - UPAPDEBUG((LOG_INFO, "pap_sauth: Sent id %d.", u->us_id)); - - TIMEOUT(upap_timeout, (caddr_t) u, u->us_timeouttime); + TIMEOUT(upap_timeout, u, u->us_timeouttime); ++u->us_transmits; u->us_clientstate = UPAPCS_AUTHREQ; } @@ -536,8 +550,6 @@ upap_sresp(u, code, id, msg, msglen) PUTCHAR(msglen, outp); BCOPY(msg, outp, msglen); output(u->us_unit, outpacket_buf, outlen + PPP_HDRLEN); - - UPAPDEBUG((LOG_INFO, "pap_sresp: Sent code %d, id %d.", code, id)); } /* @@ -591,7 +603,10 @@ upap_printpkt(p, plen, printer, arg) printer(arg, " user="); print_string(user, ulen, printer, arg); printer(arg, " password="); - print_string(pwd, wlen, printer, arg); + if (!hide_password) + print_string(pwd, wlen, printer, arg); + else + printer(arg, ""); break; case UPAP_AUTHACK: case UPAP_AUTHNAK: