From: Paul Mackerras Date: Wed, 26 Apr 1995 06:46:31 +0000 (+0000) Subject: added papcrypt option X-Git-Tag: RELEASE_2_3_6~767 X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=commitdiff_plain;h=7ff1691466ad589562e84516e29a4a83bab71e1f added papcrypt option --- diff --git a/pppd/auth.c b/pppd/auth.c index 5660bcb..7d80cb0 100644 --- a/pppd/auth.c +++ b/pppd/auth.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: auth.c,v 1.13 1995/04/24 06:01:54 paulus Exp $"; +static char rcsid[] = "$Id: auth.c,v 1.14 1995/04/26 06:46:22 paulus Exp $"; #endif #include @@ -399,7 +399,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg, msglen) } else { check_access(f, filename); if (scan_authfile(f, user, our_name, secret, &addrs, filename) < 0 - || (secret[0] != 0 && strcmp(passwd, secret) != 0 + || (secret[0] != 0 && (cryptpap || strcmp(passwd, secret) != 0) && strcmp(crypt(passwd, secret), secret) != 0)) { syslog(LOG_WARNING, "upap authentication failure for %s", user); ret = UPAP_AUTHNAK; @@ -492,7 +492,7 @@ login(user, passwd, msg, msglen) #ifdef HAS_SHADOW if ((pw->pw_passwd && pw->pw_passwd[0] == '@' && pw_auth (pw->pw_passwd+1, pw->pw_name, PW_PPP, NULL)) - || !valid (passwd, pw)) { + || !valid (passwd, pw)) { return (UPAP_AUTHNAK); } #else diff --git a/pppd/options.c b/pppd/options.c index 348d843..5c207d7 100644 --- a/pppd/options.c +++ b/pppd/options.c @@ -18,7 +18,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: options.c,v 1.17 1995/04/24 05:54:44 paulus Exp $"; +static char rcsid[] = "$Id: options.c,v 1.18 1995/04/26 06:46:09 paulus Exp $"; #endif #include @@ -87,6 +87,7 @@ char remote_name[MAXNAMELEN]; /* Peer's name for authentication */ int usehostname = 0; /* Use hostname for our_name */ int disable_defaultip = 0; /* Don't use hostname for default IP adrs */ char *ipparam = NULL; /* Extra parameter for ip up/down scripts */ +int cryptpap; /* Passwords in pap-secrets are encrypted */ #ifdef _linux_ int idle_time_limit = 0; @@ -162,6 +163,7 @@ static int setlcpechofails __P((char **)); static int setbsdcomp __P((char **)); static int setnobsdcomp __P((void)); static int setipparam __P((char **)); +static int setpapcrypt __P((void)); static int number_option __P((char *, long *, int)); static int readable __P((int fd)); @@ -244,6 +246,7 @@ static struct cmd { {"bsdcomp", 1, setbsdcomp}, /* request BSD-Compress */ {"-bsdcomp", 0, setnobsdcomp}, /* don't allow BSD-Compress */ {"ipparam", 1, setipparam}, /* set ip script parameter */ + {"papcrypt", 0, setpapcrypt}, /* PAP passwords encrypted */ #ifdef _linux_ {"idle-disconnect", 1, setidle}, /* seconds for disconnect of idle IP */ #endif @@ -1510,10 +1513,10 @@ setbsdcomp(argv) progname); return 0; } - if (rbits != 0 && (rbits < MIN_BSD_BITS || rbits > MAX_BSD_BITS) - || abits != 0 && (abits < MIN_BSD_BITS || abits > MAX_BSD_BITS)) { + if (rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS) + || abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS)) { fprintf(stderr, "%s: bsdcomp option values must be 0 or %d .. %d\n", - progname, MIN_BSD_BITS, MAX_BSD_BITS); + progname, BSD_MIN_BITS, BSD_MAX_BITS); return 0; } if (rbits > 0) { @@ -1548,6 +1551,13 @@ setipparam(argv) return 1; } +static int +setpapcrypt() +{ + cryptpap = 1; + return 1; +} + #ifdef _linux_ static int setidle (argv) char **argv; diff --git a/pppd/pppd.h b/pppd/pppd.h index a13545b..66b0107 100644 --- a/pppd/pppd.h +++ b/pppd/pppd.h @@ -16,7 +16,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: pppd.h,v 1.7 1995/04/24 05:52:37 paulus Exp $ + * $Id: pppd.h,v 1.8 1995/04/26 06:46:31 paulus Exp $ */ /* @@ -84,6 +84,7 @@ extern char remote_name[]; /* Peer's name for authentication */ extern int usehostname; /* Use hostname for our_name */ extern int disable_defaultip; /* Don't use hostname for default IP adrs */ extern char *ipparam; /* Extra parameter for ip up/down scripts */ +extern int cryptpap; /* Others' PAP passwords are encrypted */ /* * Values for phase.