1 Microsoft Call Back Configuration Protocol.
4 The CBCP is a method by which the Microsoft Windows NT Server may
5 implement additional security. It is possible to configure the server
6 in such a manner so as to require that the client systems which
7 connect with it are required that following a valid authentication to
8 leave a method by which the number may be returned call.
10 It is a requirement of servers so configured that the protocol be
13 So, this set of patches may be applied to the pppd process to enable
14 the cbcp client *only* portion of the specification. It is primarily
15 meant to permit connection with Windows NT Servers.
17 The ietf-working specification may be obtained from ftp.microsoft.com
18 in the developr/rfc directory.
20 The ietf task group has decided to recommend that the LCP sequence be
21 extended to permit the callback operation. For this reason, these
22 patches are not 'part' of pppd but are an adjunct to the code. I
23 hopefully have included enough of the context to permit the patch
24 program so that minor changes to the program should not effect the
25 patch by more than a few lines in the 'fuzz' factor.
29 diff -r --unified=10 ppp-2.2a5.orig/linux/ppp_defs.h ppp-2.2a5/linux/ppp_defs.h
30 --- ppp-2.2a5.orig/linux/ppp_defs.h Sat May 13 12:38:19 1995
31 +++ ppp-2.2a5/linux/ppp_defs.h Sat May 13 13:46:36 1995
33 #define PPP_IP 0x21 /* Internet Protocol */
34 #define PPP_VJC_COMP 0x2d /* VJ compressed TCP */
35 #define PPP_VJC_UNCOMP 0x2f /* VJ uncompressed TCP */
36 #define PPP_COMP 0xfd /* compressed packet */
37 #define PPP_IPCP 0x8021 /* IP Control Protocol */
38 #define PPP_CCP 0x80fd /* Compression Control Protocol */
39 #define PPP_LCP 0xc021 /* Link Control Protocol */
40 #define PPP_PAP 0xc023 /* Password Authentication Protocol */
41 #define PPP_LQR 0xc025 /* Link Quality Report protocol */
42 #define PPP_CHAP 0xc223 /* Cryptographic Handshake Auth. Protocol */
43 +#define PPP_CBCP 0xc029 /* Callback Control Protocol */
46 * Values for FCS calculations.
48 #define PPP_INITFCS 0xffff /* Initial FCS value */
49 #define PPP_GOODFCS 0xf0b8 /* Good final FCS value */
50 #define PPP_FCS(fcs, c) (((fcs) >> 8) ^ fcstab[((fcs) ^ (c)) & 0xff])
53 * A 32-bit unsigned integral type.
54 diff -r --unified=10 ppp-2.2a5.orig/net/ppp_defs.h ppp-2.2a5/net/ppp_defs.h
55 --- ppp-2.2a5.orig/net/ppp_defs.h Sat May 13 12:38:19 1995
56 +++ ppp-2.2a5/net/ppp_defs.h Sat May 13 13:57:14 1995
58 #define PPP_IP 0x21 /* Internet Protocol */
59 #define PPP_VJC_COMP 0x2d /* VJ compressed TCP */
60 #define PPP_VJC_UNCOMP 0x2f /* VJ uncompressed TCP */
61 #define PPP_COMP 0xfd /* compressed packet */
62 #define PPP_IPCP 0x8021 /* IP Control Protocol */
63 #define PPP_CCP 0x80fd /* Compression Control Protocol */
64 #define PPP_LCP 0xc021 /* Link Control Protocol */
65 #define PPP_PAP 0xc023 /* Password Authentication Protocol */
66 #define PPP_LQR 0xc025 /* Link Quality Report protocol */
67 #define PPP_CHAP 0xc223 /* Cryptographic Handshake Auth. Protocol */
68 +#define PPP_CBCP 0xc029 /* Callback Control Protocol */
71 * Values for FCS calculations.
73 #define PPP_INITFCS 0xffff /* Initial FCS value */
74 #define PPP_GOODFCS 0xf0b8 /* Good final FCS value */
75 #define PPP_FCS(fcs, c) (((fcs) >> 8) ^ fcstab[((fcs) ^ (c)) & 0xff])
78 * A 32-bit unsigned integral type.
79 diff -r --unified=10 ppp-2.2a5.orig/pppd/Makefile.aix4 ppp-2.2a5/pppd/Makefile.aix4
80 --- ppp-2.2a5.orig/pppd/Makefile.aix4 Sat May 13 12:38:20 1995
81 +++ ppp-2.2a5/pppd/Makefile.aix4 Sat May 13 14:09:17 1995
83 # $Id: README.cbcp,v 1.1 1997/04/30 05:37:27 paulus Exp $
92 PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap.c md5.c \
93 - auth.c options.c sys-bsd.c sys-str.c sys-aix4.c ccp.c
94 -HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h
95 + auth.c options.c sys-bsd.c sys-str.c sys-aix4.c ccp.c cbcp.c
96 +HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h cbc.h
99 PPPDOBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o \
100 - auth.o options.o sys-aix4.o ccp.o
101 + auth.o options.o sys-aix4.o ccp.o cbcp.o
104 DEBUG_FLAGS = -DDEBUGALL
105 # SECURE_FLAGS = -DREQ_SYSOPTIONS=1
106 COMPILE_FLAGS = -DSTREAMS
108 LIBS= -bI:/lib/pse.exp
109 LOCK_PREFIX=\"/var/locks/LCK..\"
111 CFLAGS = -I.. $(COPTS) $(DEBUG_FLAGS) $(COMPILE_FLAGS) $(SECURE_FLAGS)
112 diff -r --unified=10 ppp-2.2a5.orig/pppd/Makefile.bsd ppp-2.2a5/pppd/Makefile.bsd
113 --- ppp-2.2a5.orig/pppd/Makefile.bsd Sat May 13 12:38:20 1995
114 +++ ppp-2.2a5/pppd/Makefile.bsd Sat May 13 14:09:36 1995
116 # $Id: README.cbcp,v 1.1 1997/04/30 05:37:27 paulus Exp $
119 CFLAGS+= -I.. -DHAVE_PATHS_H
122 SRCS= main.c magic.c fsm.c lcp.c ipcp.c upap.c chap.c md5.c ccp.c \
123 - auth.c options.c sys-bsd.c
124 + auth.c options.c sys-bsd.c cbcp.c
126 # The next line is for NetBSD-current systems.
131 LDADD= -lcrypt -lutil
132 DPADD= ${LIBCRYPT} ${LIBUTIL}
134 .include <bsd.prog.mk>
135 diff -r --unified=10 ppp-2.2a5.orig/pppd/Makefile.linux ppp-2.2a5/pppd/Makefile.linux
136 --- ppp-2.2a5.orig/pppd/Makefile.linux Sat May 13 12:38:20 1995
137 +++ ppp-2.2a5/pppd/Makefile.linux Sat May 13 13:46:36 1995
140 # pppd makefile for Linux
141 # $Id: README.cbcp,v 1.1 1997/04/30 05:37:27 paulus Exp $
147 PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap.c md5.c ccp.c \
148 - auth.c options.c sys-linux.c
149 -HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h
150 + auth.c options.c sys-linux.c cbcp.c
151 +HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h cbcp.h
154 PPPDOBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o ccp.o \
155 - auth.o options.o sys-linux.o
156 + auth.o options.o sys-linux.o cbcp.o
161 # include dependancies if present and backup if as a header file
162 ifeq (.depend,$(wildcard .depend))
164 HEADERS := $(HEADERS) .depend
167 diff -r --unified=10 ppp-2.2a5.orig/pppd/Makefile.osf ppp-2.2a5/pppd/Makefile.osf
168 --- ppp-2.2a5.orig/pppd/Makefile.osf Sat May 13 12:38:20 1995
169 +++ ppp-2.2a5/pppd/Makefile.osf Sat May 13 14:09:54 1995
172 # pppd makefile for OSF/1 on DEC Alpha
173 # $Id: README.cbcp,v 1.1 1997/04/30 05:37:27 paulus Exp $
176 BINDIR = /usr/local/etc
177 MANDIR = /usr/local/man
179 PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap.c md5.c ccp.c \
180 auth.c options.c sys-bsd.c sys-str.c sys-ultrix.c sys-linux.c \
182 -HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h
184 +HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h cbcp.h
187 PPPDOBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o ccp.o \
188 - auth.o options.o sys-osf.o
189 + auth.o options.o sys-osf.o cbcp.o
192 DEBUG_FLAGS = -DDEBUGALL
193 COMPILE_FLAGS = -DSTREAMS -DGIDSET_TYPE=int
197 CFLAGS = -I.. $(COPTS) $(COMPILE_FLAGS)
199 SOURCE= RELNOTES Makefile \
200 diff -r --unified=10 ppp-2.2a5.orig/pppd/Makefile.sol2 ppp-2.2a5/pppd/Makefile.sol2
201 --- ppp-2.2a5.orig/pppd/Makefile.sol2 Sat May 13 12:38:20 1995
202 +++ ppp-2.2a5/pppd/Makefile.sol2 Sat May 13 14:10:09 1995
204 BINDIR = /usr/local/etc
205 MANDIR = /usr/local/man
209 CFLAGS = $(COPTS) -I..
211 INSTALL = /usr/sbin/install
213 OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o ccp.o \
214 - auth.o options.o sys-sol2.o
215 + auth.o options.o sys-sol2.o cbcp.o
218 $(CC) -o pppd $(OBJS) -lnsl
221 $(INSTALL) -f $(BINDIR) -m 4755 -u root pppd
222 $(INSTALL) -f $(MANDIR)/man8 pppd.8
225 rm -f $(OBJS) pppd *~ core
226 diff -r --unified=10 ppp-2.2a5.orig/pppd/Makefile.sun ppp-2.2a5/pppd/Makefile.sun
227 --- ppp-2.2a5.orig/pppd/Makefile.sun Sat May 13 12:38:20 1995
228 +++ ppp-2.2a5/pppd/Makefile.sun Sat May 13 14:10:27 1995
230 # pppd makefile for Suns
231 # $Id: README.cbcp,v 1.1 1997/04/30 05:37:27 paulus Exp $
234 BINDIR = /usr/local/etc
235 MANDIR = /usr/local/man
237 INSTALL= install -o root -g daemon
239 PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap.c md5.c ccp.c \
240 - auth.c options.c sys-bsd.c sys-str.c sys-ultrix.c sys-linux.c
241 -HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h
242 + auth.c options.c sys-bsd.c sys-str.c sys-ultrix.c sys-linux.c cbcp.c
243 +HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h cbcp.h
246 PPPDOBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o ccp.o \
247 - auth.o options.o sys-str.o
248 + auth.o options.o sys-str.o cbcp.o
256 CFLAGS = -I.. $(COPTS) $(DEBUG_FLAGS) $(COMPILE_FLAGS)
258 SOURCE= RELNOTES Makefile \
259 diff -r --unified=10 ppp-2.2a5.orig/pppd/Makefile.ultrix ppp-2.2a5/pppd/Makefile.ultrix
260 --- ppp-2.2a5.orig/pppd/Makefile.ultrix Sat May 13 12:38:20 1995
261 +++ ppp-2.2a5/pppd/Makefile.ultrix Sat May 13 14:10:44 1995
264 # pppd makefile for Ultrix
265 # $Id: README.cbcp,v 1.1 1997/04/30 05:37:27 paulus Exp $
268 BINDIR = /usr/local/etc
269 MANDIR = /usr/local/man
271 PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap.c md5.c ccp.c \
272 - auth.c options.c sys-bsd.c sys-str.c sys-ultrix.c sys-linux.c
273 -HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h
274 + auth.c options.c sys-bsd.c sys-str.c sys-ultrix.c sys-linux.c cbcp.c
275 +HEADERS = callout.h pathnames.h patchlevel.h chap.h md5.h cbcp.h
278 PPPDOBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o ccp.o \
279 - auth.o options.o sys-ultrix.o
280 + auth.o options.o sys-ultrix.o cbcp.o
284 COMPILE_FLAGS = -DNO_DRAND48 -DGIDSET_TYPE=int
288 CFLAGS = -I.. $(COPTS) $(DEBUG_FLAGS) $(COMPILE_FLAGS)
290 SOURCE= RELNOTES Makefile \
291 diff -r --unified=10 ppp-2.2a5.orig/pppd/auth.c ppp-2.2a5/pppd/auth.c
292 --- ppp-2.2a5.orig/pppd/auth.c Sat May 13 12:38:20 1995
293 +++ ppp-2.2a5/pppd/auth.c Sat May 13 13:46:36 1995
296 #define PW_PPP PW_LOGIN
308 #include "pathnames.h"
314 /* Used for storing a sequence of words. Usually malloced. */
317 /* Bits in auth_pending[] */
318 #define UPAP_WITHPEER 1
320 #define CHAP_WITHPEER 4
324 void check_access __P((FILE *, char *));
326 static void network_phase __P((int));
327 +static void callback_phase __P((int));
328 static int login __P((char *, char *, char **, int *));
329 static void logout __P((void));
330 static int null_login __P((int));
331 static int get_upap_passwd __P((void));
332 static int have_upap_secret __P((void));
333 static int have_chap_secret __P((char *, char *));
334 static int scan_authfile __P((FILE *, char *, char *, char *,
335 struct wordlist **, char *));
336 static void free_wordlist __P((struct wordlist *));
338 @@ -140,20 +142,21 @@
341 * LCP has gone down; it will either die or try to re-establish.
350 phase = PHASE_TERMINATE;
354 * The link is established.
355 * Proceed to the Dead, Authenticate or Network phase as appropriate.
358 link_established(unit)
360 @@ -189,36 +192,53 @@
362 ChapAuthWithPeer(unit, our_name, ho->chap_mdtype);
363 auth |= CHAP_WITHPEER;
364 } else if (ho->neg_upap) {
365 upap_authwithpeer(unit, user, passwd);
366 auth |= UPAP_WITHPEER;
368 auth_pending[unit] = auth;
371 - network_phase(unit);
372 + callback_phase(unit);
376 * Proceed to the network phase.
382 phase = PHASE_NETWORK;
388 + * Proceed to the callback phase which may be empty.
391 +callback_phase(unit)
394 + lcp_options *wo = &lcp_wantoptions[unit];
397 + network_phase(unit);
399 + phase = PHASE_CALLBACK;
405 * The peer has failed to authenticate himself using `protocol'.
408 auth_peer_fail(unit, protocol)
412 * Authentication failure: take the link down
415 @@ -242,27 +262,24 @@
419 syslog(LOG_WARNING, "auth_peer_success: unknown protocol %x",
425 * If there is no more authentication still to be done,
426 - * proceed to the network phase.
427 + * go to the next phase.
429 - if ((auth_pending[unit] &= ~bit) == 0) {
430 - phase = PHASE_NETWORK;
434 + if ((auth_pending[unit] &= ~bit) == 0)
435 + callback_phase(unit);
439 * We have failed to authenticate ourselves to the peer using `protocol'.
442 auth_withpeer_fail(unit, protocol)
446 @@ -291,22 +308,23 @@
448 syslog(LOG_WARNING, "auth_peer_success: unknown protocol %x",
454 * If there is no more authentication still being done,
455 * proceed to the network phase.
458 if ((auth_pending[unit] &= ~bit) == 0)
459 - network_phase(unit);
460 + callback_phase(unit);
465 * check_auth_options - called to check authentication options.
470 lcp_options *wo = &lcp_wantoptions[0];
471 @@ -335,21 +353,20 @@
472 if (ao->neg_chap && !have_chap_secret(our_name, remote_name))
474 if (wo->neg_chap && !have_chap_secret(remote_name, our_name))
477 if (auth_required && !wo->neg_chap && !wo->neg_upap) {
479 pppd: peer authentication required but no authentication files accessible\n");
487 * check_passwd - Check the user name and passwd against the PAP secrets
488 * file. If requested, also check against the system password database,
489 * and login the user if OK.
492 * UPAP_AUTHNAK: Authentication failed.
493 diff -r --unified=10 ppp-2.2a5.orig/pppd/cbcp.c ppp-2.2a5/pppd/cbcp.c
494 --- ppp-2.2a5.orig/pppd/cbcp.c Sat May 13 14:08:45 1995
495 +++ ppp-2.2a5/pppd/cbcp.c Sat May 13 14:15:12 1995
498 + * cbcp - Call Back Configuration Protocol.
500 + * Copyright (c) 1995 Pedro Roque Marques
501 + * All rights reserved.
503 + * Redistribution and use in source and binary forms are permitted
504 + * provided that the above copyright notice and this paragraph are
505 + * duplicated in all such forms and that any documentation,
506 + * advertising materials, and other materials related to such
507 + * distribution and use acknowledge that the software was developed
508 + * by Pedro Roque Marques. The name of the author may not be used to
509 + * endorse or promote products derived from this software without
510 + * specific prior written permission.
512 + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
513 + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
514 + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
518 +static char rcsid[] = "$Id: README.cbcp,v 1.1 1997/04/30 05:37:27 paulus Exp $";
523 +#include <sys/types.h>
524 +#include <sys/time.h>
533 +cbcp_state cbcp[NUM_PPP];
535 +/* internal prototypes */
537 +void cbcp_recvreq(cbcp_state *us, char *pckt, int len);
538 +void cbcp_resp(cbcp_state *us);
539 +void cbcp_up(cbcp_state *us);
540 +void cbcp_recvack(cbcp_state *us, char *pckt, int len);
541 +void cbcp_send(cbcp_state *us, u_char code, u_char *buf, int len);
544 +void cbcp_init(int iface)
549 + memset(us, 0, sizeof(cbcp_state));
550 + us->us_unit = iface;
551 + us->us_type |= (1 << CB_CONF_NO);
554 +/* lower layer is up */
555 +void cbcp_lowerup(int iface)
557 + cbcp_state *us = &cbcp[iface];
559 + syslog(LOG_DEBUG, "cbcp_lowerup");
560 + syslog(LOG_DEBUG, "want: %d", us->us_type);
562 + if (us->us_type == CB_CONF_USER)
563 + syslog(LOG_DEBUG, "phone no: %s", us->us_number);
566 +void cbcp_open(int unit)
568 + syslog(LOG_DEBUG, "cbcp_open");
571 +void cbcp_close(int unit)
575 +/* process an incomming packet */
576 +void cbcp_input(int unit, u_char *inpacket, int pktlen)
582 + cbcp_state *us = &cbcp[unit];
586 + if (pktlen < CBCP_MINLEN) {
587 + syslog(LOG_ERR, "CBCP packet is too small");
591 + GETCHAR(code, inp);
593 + GETSHORT(len, inp);
596 + if (len > pktlen) {
597 + syslog(LOG_ERR, "CBCP packet: invalid length");
602 + len -= CBCP_MINLEN;
607 + cbcp_recvreq(us, inp, len);
611 + syslog(LOG_DEBUG, "CBCP_RESP received");
615 + if (id != us->us_id)
616 + syslog(LOG_DEBUG, "id doesn't match: expected %d recv %d",
619 + cbcp_recvack(us, inp, len);
627 +/* protocol was rejected by foe */
628 +void cbcp_protrej(int iface)
632 +char *cbcp_codenames[] = {"Request", "Response", "Ack"};
634 +char *cbcp_optionnames[] = { "NoCallback",
638 +/* pretty print a packet */
639 +int cbcp_printpkt(u_char *p, int plen,
640 + void (*printer) __P((void *, char *, ...)),
643 + int code, opt, id, len, olen, delay;
644 + u_char *pstart, *optend;
648 + if (plen < HEADERLEN)
654 + if (len < HEADERLEN || len > plen)
657 + if (code >= 1 && code <= sizeof(cbcp_codenames) / sizeof(char *))
658 + printer(arg, " %s", cbcp_codenames[code-1]);
660 + printer(arg, " code=0x%x", code);
662 + printer(arg, " id=0x%x", id);
673 + if (olen < 2 || olen > len) {
677 + printer(arg, " <");
680 + if (opt >= 1 && opt <= sizeof(cbcp_optionnames) / sizeof(char *))
681 + printer(arg, " %s", cbcp_optionnames[opt-1]);
683 + printer(arg, " option=0x%x", opt);
687 + printer(arg, " delay = %d", delay);
695 + memcpy(str, p, olen - 4);
697 + printer(arg, " number = %s", str);
707 + for (; len > 0; --len) {
709 + printer(arg, " %.2x", code);
715 +/* received CBCP request */
717 +void cbcp_recvreq(cbcp_state *us, char *pckt, int pcktlen)
719 + u_char type, opt_len, delay, addr_type;
726 + syslog(LOG_DEBUG, "length: %d", len);
728 + GETCHAR(type, pckt);
729 + GETCHAR(opt_len, pckt);
732 + GETCHAR(delay, pckt);
734 + us->us_allowed |= (1 << type);
738 + syslog(LOG_DEBUG, "no callback allowed");
742 + syslog(LOG_DEBUG, "user callback allowed");
744 + GETCHAR(addr_type, pckt);
745 + memcpy(address, pckt, opt_len - 4);
746 + address[opt_len - 4] = 0;
748 + syslog(LOG_DEBUG, "address: %s", address);
752 + case CB_CONF_ADMIN:
753 + syslog(LOG_DEBUG, "user admin defined allowed");
765 +void cbcp_resp(cbcp_state *us)
769 + u_char *bufp = buf;
772 + cb_type = us->us_allowed & us->us_type;
773 + syslog(LOG_DEBUG, "cbcp_resp cb_type=%d", cb_type);
777 + lcp_down(us->us_unit);
780 + if (cb_type & ( 1 << CB_CONF_USER ) ) {
781 + syslog(LOG_DEBUG, "cbcp_resp CONF_USER");
782 + PUTCHAR(CB_CONF_USER, bufp);
783 + len = 3 + 1 + strlen(us->us_number) + 1;
784 + PUTCHAR(len , bufp);
785 + PUTCHAR(5, bufp); /* delay */
787 + BCOPY(us->us_number, bufp, strlen(us->us_number) + 1);
788 + cbcp_send(us, CBCP_RESP, buf, len);
792 + if (cb_type & ( 1 << CB_CONF_ADMIN ) ) {
793 + PUTCHAR(CB_CONF_ADMIN, bufp);
795 + PUTCHAR(len , bufp);
797 + cbcp_send(us, CBCP_RESP, buf, len);
801 + if (cb_type & ( 1 << CB_CONF_NO ) ) {
802 + syslog(LOG_DEBUG, "cbcp_resp CONF_NO");
803 + PUTCHAR(CB_CONF_NO, bufp);
805 + PUTCHAR(len , bufp);
807 + cbcp_send(us, CBCP_RESP, buf, len);
808 + ipcp_open(us->us_unit);
813 +void cbcp_send(cbcp_state *us, u_char code, u_char *buf, int len)
818 + outp = outpacket_buf;
822 + MAKEHEADER(outp, PPP_CBCP);
824 + PUTCHAR(code, outp);
825 + PUTCHAR(us->us_id, outp);
826 + PUTSHORT(outlen, outp);
829 + BCOPY(buf, outp, len);
831 + output(us->us_unit, outpacket_buf, outlen + PPP_HDRLEN);
834 +void cbcp_recvack(cbcp_state *us, char *pckt, int len)
836 + u_char type, delay, addr_type;
841 + GETCHAR(type, pckt);
842 + GETCHAR(opt_len, pckt);
845 + GETCHAR(delay, pckt);
848 + GETCHAR(addr_type, pckt);
849 + memcpy(address, pckt, opt_len - 4);
850 + address[opt_len - 4] = 0;
852 + syslog(LOG_DEBUG, "peer will call: %s", address);
861 +/* ok peer will do callback */
862 +void cbcp_up(cbcp_state *us)
867 diff -r --unified=10 ppp-2.2a5.orig/pppd/cbcp.h ppp-2.2a5/pppd/cbcp.h
868 --- ppp-2.2a5.orig/pppd/cbcp.h Sat May 13 14:08:40 1995
869 +++ ppp-2.2a5/pppd/cbcp.h Sat May 13 13:56:20 1995
874 +typedef struct cbcp_state {
875 + int us_unit; /* Interface unit number */
876 + u_char us_id; /* Current id */
879 + char *us_number; /* Telefone Number */
882 +void cbcp_init __P((int));
883 +void cbcp_open __P((int));
884 +void cbcp_lowerup __P((int));
885 +void cbcp_input __P((int, u_char *, int));
886 +void cbcp_protrej __P((int));
887 +int cbcp_printpkt __P((u_char *, int,
888 + void (*) __P((void *, char *, ...)),
891 +extern cbcp_state cbcp[];
893 +#define CBCP_MINLEN 4
899 +#define CB_CONF_NO 1
900 +#define CB_CONF_USER 2
901 +#define CB_CONF_ADMIN 3
902 +#define CB_CONF_LIST 4
904 diff -r --unified=10 ppp-2.2a5.orig/pppd/lcp.c ppp-2.2a5/pppd/lcp.c
905 --- ppp-2.2a5.orig/pppd/lcp.c Sat May 13 12:38:20 1995
906 +++ ppp-2.2a5/pppd/lcp.c Sat May 13 13:46:36 1995
907 @@ -112,24 +112,26 @@
908 lcp_extcode, /* Called to handle LCP-specific codes */
909 "LCP" /* String name of protocol */
912 int lcp_warnloops = DEFWARNLOOPS; /* Warn about a loopback this often */
915 * Length of each type of configuration option (in octets)
918 +#define CILEN_CHAR 3
919 #define CILEN_SHORT 4 /* CILEN_VOID + sizeof(short) */
920 #define CILEN_CHAP 5 /* CILEN_VOID + sizeof(short) + 1 */
921 #define CILEN_LONG 6 /* CILEN_VOID + sizeof(long) */
922 #define CILEN_LQR 8 /* CILEN_VOID + sizeof(short) + sizeof(long) */
923 +#define CILEN_CBCP 3
925 #define CODENAME(x) ((x) == CONFACK ? "ACK" : \
926 (x) == CONFNAK ? "NAK" : "REJ")
930 * lcp_init - Initialize LCP.
934 @@ -153,32 +155,34 @@
936 wo->neg_asyncmap = 0;
938 wo->neg_chap = 0; /* Set to 1 on server */
939 wo->neg_upap = 0; /* Set to 1 on server */
940 wo->chap_mdtype = CHAP_DIGEST_MD5;
941 wo->neg_magicnumber = 1;
942 wo->neg_pcompression = 1;
943 wo->neg_accompression = 1;
944 wo->neg_lqr = 0; /* no LQR implementation yet */
949 ao->neg_asyncmap = 1;
952 ao->chap_mdtype = CHAP_DIGEST_MD5;
954 ao->neg_magicnumber = 1;
955 ao->neg_pcompression = 1;
956 ao->neg_accompression = 1;
957 ao->neg_lqr = 0; /* no LQR implementation yet */
960 memset(xmit_accm[unit], 0, sizeof(xmit_accm[0]));
961 xmit_accm[unit][3] = 0x60000000;
966 * lcp_open - LCP is allowed to come up.
969 @@ -478,29 +482,31 @@
973 lcp_options *go = &lcp_gotoptions[f->unit];
975 #define LENCIVOID(neg) (neg ? CILEN_VOID : 0)
976 #define LENCICHAP(neg) (neg ? CILEN_CHAP : 0)
977 #define LENCISHORT(neg) (neg ? CILEN_SHORT : 0)
978 #define LENCILONG(neg) (neg ? CILEN_LONG : 0)
979 #define LENCILQR(neg) (neg ? CILEN_LQR: 0)
980 +#define LENCICBCP(neg) (neg ? CILEN_CBCP: 0)
982 * NB: we only ask for one of CHAP and UPAP, even if we will
985 return (LENCISHORT(go->neg_mru) +
986 LENCILONG(go->neg_asyncmap) +
987 LENCICHAP(go->neg_chap) +
988 LENCISHORT(!go->neg_chap && go->neg_upap) +
989 LENCILQR(go->neg_lqr) +
990 + LENCICBCP(go->neg_cbcp) +
991 LENCILONG(go->neg_magicnumber) +
992 LENCIVOID(go->neg_pcompression) +
993 LENCIVOID(go->neg_accompression));
998 * lcp_addci - Add our desired CIs to a packet.
1001 @@ -537,25 +543,33 @@
1002 PUTLONG(val, ucp); \
1004 #define ADDCILQR(opt, neg, val) \
1006 PUTCHAR(opt, ucp); \
1007 PUTCHAR(CILEN_LQR, ucp); \
1008 PUTSHORT(PPP_LQR, ucp); \
1009 PUTLONG(val, ucp); \
1012 +#define ADDCICHAR(opt, neg, val) \
1014 + PUTCHAR(opt, ucp); \
1015 + PUTCHAR(CILEN_CHAR, ucp); \
1016 + PUTCHAR(val, ucp); \
1019 ADDCISHORT(CI_MRU, go->neg_mru, go->mru);
1020 ADDCILONG(CI_ASYNCMAP, go->neg_asyncmap, go->asyncmap);
1021 ADDCICHAP(CI_AUTHTYPE, go->neg_chap, PPP_CHAP, go->chap_mdtype);
1022 ADDCISHORT(CI_AUTHTYPE, !go->neg_chap && go->neg_upap, PPP_PAP);
1023 ADDCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period);
1024 + ADDCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT);
1025 ADDCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber);
1026 ADDCIVOID(CI_PCOMPRESSION, go->neg_pcompression);
1027 ADDCIVOID(CI_ACCOMPRESSION, go->neg_accompression);
1029 if (ucp - start_ucp != *lenp) {
1030 /* this should never happen, because peer_mtu should be 1500 */
1031 syslog(LOG_ERR, "Bug in lcp_addci: wrong length");
1035 @@ -600,20 +614,33 @@
1037 GETCHAR(citype, p); \
1038 GETCHAR(cilen, p); \
1039 if (cilen != CILEN_SHORT || \
1042 GETSHORT(cishort, p); \
1043 if (cishort != val) \
1046 +#define ACKCICHAR(opt, neg, val) \
1048 + if ((len -= CILEN_CHAR) < 0) \
1050 + GETCHAR(citype, p); \
1051 + GETCHAR(cilen, p); \
1052 + if (cilen != CILEN_CHAR || \
1055 + GETCHAR(cichar, p); \
1056 + if (cichar != val) \
1059 #define ACKCICHAP(opt, neg, val, digest) \
1061 if ((len -= CILEN_CHAP) < 0) \
1063 GETCHAR(citype, p); \
1064 GETCHAR(cilen, p); \
1065 if (cilen != CILEN_CHAP || \
1068 GETSHORT(cishort, p); \
1069 @@ -651,20 +678,21 @@
1070 GETLONG(cilong, p); \
1071 if (cilong != val) \
1075 ACKCISHORT(CI_MRU, go->neg_mru, go->mru);
1076 ACKCILONG(CI_ASYNCMAP, go->neg_asyncmap, go->asyncmap);
1077 ACKCICHAP(CI_AUTHTYPE, go->neg_chap, PPP_CHAP, go->chap_mdtype);
1078 ACKCISHORT(CI_AUTHTYPE, !go->neg_chap && go->neg_upap, PPP_PAP);
1079 ACKCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period);
1080 + ACKCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT);
1081 ACKCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber);
1082 ACKCIVOID(CI_PCOMPRESSION, go->neg_pcompression);
1083 ACKCIVOID(CI_ACCOMPRESSION, go->neg_accompression);
1086 * If there are any remaining CIs, then this packet is bad.
1091 @@ -722,20 +750,31 @@
1092 len >= CILEN_CHAP && \
1093 p[1] == CILEN_CHAP && \
1095 len -= CILEN_CHAP; \
1097 GETSHORT(cishort, p); \
1098 GETCHAR(cichar, p); \
1102 +#define NAKCICHAR(opt, neg, code) \
1104 + len >= CILEN_CHAR && \
1105 + p[1] == CILEN_CHAR && \
1107 + len -= CILEN_CHAR; \
1109 + GETCHAR(cichar, p); \
1113 #define NAKCISHORT(opt, neg, code) \
1115 len >= CILEN_SHORT && \
1116 p[1] == CILEN_SHORT && \
1118 len -= CILEN_SHORT; \
1120 GETSHORT(cishort, p); \
1123 @@ -851,20 +890,27 @@
1124 * If they Nak the reporting period, take their value XXX ?
1126 NAKCILQR(CI_QUALITY, neg_lqr,
1127 if (cishort != PPP_LQR)
1130 try.lqr_period = cilong;
1134 + * Only implementing CBCP... not the rest of the callback options
1136 + NAKCICHAR(CI_CALLBACK, neg_cbcp,
1141 * Check for a looped-back line.
1143 NAKCILONG(CI_MAGICNUMBER, neg_magicnumber,
1144 try.magicnumber = magic();
1149 NAKCIVOID(CI_PCOMPRESSION, neg_pcompression,
1150 try.neg_pcompression = 0;
1151 @@ -1045,28 +1091,43 @@
1154 GETSHORT(cishort, p); \
1155 GETLONG(cilong, p); \
1156 /* Check rejected value. */ \
1157 if (cishort != PPP_LQR || cilong != val) \
1160 LCPDEBUG((LOG_INFO,"lcp_rejci rejected LQR opt %d", opt)); \
1162 +#define REJCICBCP(opt, neg, val) \
1164 + len >= CILEN_CBCP && \
1165 + p[1] == CILEN_CBCP && \
1167 + len -= CILEN_CBCP; \
1169 + GETCHAR(cichar, p); \
1170 + /* Check rejected value. */ \
1171 + if (cichar != val) \
1174 + LCPDEBUG((LOG_INFO,"lcp_rejci rejected Callback opt %d", opt)); \
1177 REJCISHORT(CI_MRU, neg_mru, go->mru);
1178 REJCILONG(CI_ASYNCMAP, neg_asyncmap, go->asyncmap);
1179 REJCICHAP(CI_AUTHTYPE, neg_chap, PPP_CHAP, go->chap_mdtype);
1180 if (!go->neg_chap) {
1181 REJCISHORT(CI_AUTHTYPE, neg_upap, PPP_PAP);
1183 REJCILQR(CI_QUALITY, neg_lqr, go->lqr_period);
1184 + REJCICBCP(CI_CALLBACK, neg_cbcp, CBCP_OPT);
1185 REJCILONG(CI_MAGICNUMBER, neg_magicnumber, go->magicnumber);
1186 REJCIVOID(CI_PCOMPRESSION, neg_pcompression);
1187 REJCIVOID(CI_ACCOMPRESSION, neg_accompression);
1190 * If there are any remaining CIs, then this packet is bad.
1195 @@ -1447,20 +1508,21 @@
1197 ppp_recv_config(f->unit, (go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU),
1198 (go->neg_asyncmap? go->asyncmap: 0x00000000),
1199 go->neg_pcompression, go->neg_accompression);
1202 peer_mru[f->unit] = ho->mru;
1204 ChapLowerUp(f->unit); /* Enable CHAP */
1205 upap_lowerup(f->unit); /* Enable UPAP */
1206 + cbcp_lowerup(f->unit); /* Enable CBCP */
1207 ipcp_lowerup(f->unit); /* Enable IPCP */
1208 ccp_lowerup(f->unit); /* Enable CCP */
1209 lcp_echo_lowerup(f->unit); /* Enable echo messages */
1211 link_established(f->unit);
1216 * lcp_down - LCP has gone DOWN.
1217 @@ -1593,20 +1655,34 @@
1221 if (olen >= CILEN_SHORT) {
1223 printer(arg, "quality ");
1224 GETSHORT(cishort, p);
1227 printer(arg, "lqr");
1230 + printer(arg, "0x%x", cishort);
1235 + if (olen >= CILEN_CHAR) {
1237 + printer(arg, "callback ");
1238 + GETSHORT(cishort, p);
1239 + switch (cishort) {
1241 + printer(arg, "CBCP");
1244 printer(arg, "0x%x", cishort);
1248 case CI_MAGICNUMBER:
1249 if (olen == CILEN_LONG) {
1252 diff -r --unified=10 ppp-2.2a5.orig/pppd/lcp.h ppp-2.2a5/pppd/lcp.h
1253 --- ppp-2.2a5.orig/pppd/lcp.h Sat May 13 12:38:20 1995
1254 +++ ppp-2.2a5/pppd/lcp.h Sat May 13 13:46:36 1995
1259 #define CI_MRU 1 /* Maximum Receive Unit */
1260 #define CI_ASYNCMAP 2 /* Async Control Character Map */
1261 #define CI_AUTHTYPE 3 /* Authentication Type */
1262 #define CI_QUALITY 4 /* Quality Protocol */
1263 #define CI_MAGICNUMBER 5 /* Magic Number */
1264 #define CI_PCOMPRESSION 7 /* Protocol Field Compression */
1265 #define CI_ACCOMPRESSION 8 /* Address/Control Field Compression */
1266 +#define CI_CALLBACK 13 /* callback */
1269 * LCP-specific packet types.
1271 #define PROTREJ 8 /* Protocol Reject */
1272 #define ECHOREQ 9 /* Echo Request */
1273 #define ECHOREP 10 /* Echo Reply */
1274 #define DISCREQ 11 /* Discard Request */
1275 +#define CBCP_OPT 6 /* Use callback control protocol */
1278 * The state of options is described by an lcp_options structure.
1280 typedef struct lcp_options {
1281 int passive : 1; /* Don't die if we don't get a response */
1282 int silent : 1; /* Wait for the other end to start first */
1283 int restart : 1; /* Restart vs. exit after close */
1284 int neg_mru : 1; /* Negotiate the MRU? */
1285 int neg_asyncmap : 1; /* Negotiate the async map? */
1286 int neg_upap : 1; /* Ask for UPAP authentication? */
1287 int neg_chap : 1; /* Ask for CHAP authentication? */
1288 int neg_magicnumber : 1; /* Ask for magic number? */
1289 int neg_pcompression : 1; /* HDLC Protocol Field Compression? */
1290 int neg_accompression : 1; /* HDLC Address/Control Field Compression? */
1291 int neg_lqr : 1; /* Negotiate use of Link Quality Reports */
1292 + int neg_cbcp : 1; /* Negotiate use of CBCP */
1293 u_short mru; /* Value of MRU */
1294 u_char chap_mdtype; /* which MD type (hashing algorithm) */
1295 u_int32_t asyncmap; /* Value of async map */
1296 u_int32_t magicnumber;
1297 int numloops; /* Number of loops during magic number neg. */
1298 u_int32_t lqr_period; /* Reporting period for link quality */
1301 extern fsm lcp_fsm[];
1302 extern lcp_options lcp_wantoptions[];
1303 diff -r --unified=10 ppp-2.2a5.orig/pppd/main.c ppp-2.2a5/pppd/main.c
1304 --- ppp-2.2a5.orig/pppd/main.c Sat May 13 12:38:20 1995
1305 +++ ppp-2.2a5/pppd/main.c Sat May 13 13:46:36 1995
1307 #include <sys/socket.h>
1319 #include "pathnames.h"
1320 #include "patchlevel.h"
1323 * If REQ_SYSOPTIONS is defined to 1, pppd will not run unless
1324 * /etc/ppp/options exists.
1326 #ifndef REQ_SYSOPTIONS
1327 #define REQ_SYSOPTIONS 1
1328 @@ -129,20 +130,22 @@
1330 void (*datainput)();
1333 { PPP_LCP, lcp_init, lcp_input, lcp_protrej,
1334 lcp_printpkt, NULL, "LCP" },
1335 { PPP_IPCP, ipcp_init, ipcp_input, ipcp_protrej,
1336 ipcp_printpkt, NULL, "IPCP" },
1337 { PPP_PAP, upap_init, upap_input, upap_protrej,
1338 upap_printpkt, NULL, "PAP" },
1339 + { PPP_CBCP, cbcp_init, cbcp_input, cbcp_protrej,
1340 + cbcp_printpkt, NULL, "CBCP" },
1341 { PPP_CHAP, ChapInit, ChapInput, ChapProtocolReject,
1342 ChapPrintPkt, NULL, "CHAP" },
1343 { PPP_CCP, ccp_init, ccp_input, ccp_protrej,
1344 ccp_printpkt, ccp_datainput, "CCP" },
1347 #define N_PROTO (sizeof(prottbl) / sizeof(prottbl[0]))
1351 diff -r --unified=10 ppp-2.2a5.orig/pppd/options.c ppp-2.2a5/pppd/options.c
1352 --- ppp-2.2a5.orig/pppd/options.c Sat May 13 12:38:21 1995
1353 +++ ppp-2.2a5/pppd/options.c Sat May 13 13:59:24 1995
1355 #include <netinet/in.h>
1358 #include "pathnames.h"
1359 #include "patchlevel.h"
1368 #include <net/ppp-comp.h>
1373 #if defined(ultrix) || defined(NeXT)
1374 char *strdup __P((char *));
1376 @@ -112,20 +113,21 @@
1377 static int reqchap __P((void));
1378 static int setspeed __P((char *));
1379 static int noaccomp __P((void));
1380 static int noasyncmap __P((void));
1381 static int noipaddr __P((void));
1382 static int nomagicnumber __P((void));
1383 static int setasyncmap __P((char **));
1384 static int setescape __P((char **));
1385 static int setmru __P((char **));
1386 static int setmtu __P((char **));
1387 +static int setcbcp __P((char **));
1388 static int nomru __P((void));
1389 static int nopcomp __P((void));
1390 static int setconnector __P((char **));
1391 static int setdisconnector __P((char **));
1392 static int setdomain __P((char **));
1393 static int setnetmask __P((char **));
1394 static int setcrtscts __P((void));
1395 static int setnocrtscts __P((void));
1396 static int setxonxoff __P((void));
1397 static int setnodetach __P((void));
1398 @@ -202,20 +204,21 @@
1399 {"connect", 1, setconnector}, /* A program to set up a connection */
1400 {"disconnect", 1, setdisconnector}, /* program to disconnect serial dev. */
1401 {"crtscts", 0, setcrtscts}, /* set h/w flow control */
1402 {"-crtscts", 0, setnocrtscts}, /* clear h/w flow control */
1403 {"xonxoff", 0, setxonxoff}, /* set s/w flow control */
1404 {"debug", 0, setdebug}, /* Increase debugging level */
1405 {"kdebug", 1, setkdebug}, /* Enable kernel-level debugging */
1406 {"domain", 1, setdomain}, /* Add given domain name to hostname*/
1407 {"mru", 1, setmru}, /* Set MRU value for negotiation */
1408 {"mtu", 1, setmtu}, /* Set our MTU */
1409 + {"cb", 1, setcbcp}, /* Set CBCP */
1410 {"netmask", 1, setnetmask}, /* set netmask */
1411 {"passive", 0, setpassive}, /* Set passive mode */
1412 {"silent", 0, setsilent}, /* Set silent mode */
1413 {"modem", 0, setmodem}, /* Use modem control lines */
1414 {"local", 0, setlocal}, /* Don't use modem control lines */
1415 {"lock", 0, setlock}, /* Lock serial device (with lock file) */
1416 {"name", 1, setname}, /* Set local name for authentication */
1417 {"user", 1, setuser}, /* Set username for PAP auth with peer */
1418 {"usehostname", 0, setusehostname}, /* Must use hostname for auth. */
1419 {"remotename", 1, setremote}, /* Set remote name for authentication */
1420 @@ -775,20 +778,31 @@
1422 if (mtu < MINMRU || mtu > MAXMRU) {
1423 fprintf(stderr, "mtu option value of %ld is too %s\n", mtu,
1424 (mtu < MINMRU? "small": "large"));
1427 lcp_allowoptions[0].mru = mtu;
1435 + lcp_wantoptions[0].neg_cbcp = 1;
1437 + cbcp[0].us_number = (char *) malloc(strlen(*argv) + 1);
1438 + strcpy(cbcp[0].us_number, *argv);
1439 + cbcp[0].us_type |= (1 << CB_CONF_USER);
1444 * nopcomp - Disable Protocol field compression negotiation.
1449 lcp_wantoptions[0].neg_pcompression = 0;
1450 lcp_allowoptions[0].neg_pcompression = 0;
1452 diff -r --unified=10 ppp-2.2a5.orig/pppd/pppd.8 ppp-2.2a5/pppd/pppd.8
1453 --- ppp-2.2a5.orig/pppd/pppd.8 Sat May 13 12:38:21 1995
1454 +++ ppp-2.2a5/pppd/pppd.8 Sat May 13 13:52:26 1995
1455 @@ -221,20 +221,31 @@
1457 Don't agree to authenticate using PAP.
1460 Require the peer to authenticate itself using CHAP [Cryptographic
1461 Handshake Authentication Protocol] authentication.
1464 Don't agree to authenticate using CHAP.
1466 +.B cb \fItelephone_number
1467 +Configure the current execution of pppd to negotiate the \fIclient\fR
1468 +portion of '\fIC\fRall \fIB\fRack \fIC\fRonfiguration
1469 +\fIP\fRrotocol'. The use of this protocol will permit the client to
1470 +authenticate itself with the server and then supply a telephone number
1471 +for the reverse connection. Once the telephone number is accepted, the
1472 +connection will be terminated. You should then wait for the server to
1473 +recall your location and re-authenticate yourself. This second step
1474 +will require a second execution of \fIpppd\fR. This second execution should
1475 +not include the \fIcb\fR option.
1478 Disable negotiation of Van Jacobson style IP header compression (use
1479 default, i.e. no compression).
1482 Request that the peer compress packets that it sends, using the
1483 BSD-Compress scheme, with a maximum code size of \fInr\fR bits, and
1484 agree to compress packets sent to the peer with a maximum code size of
1485 \fInt\fR bits. If \fInt\fR is not specified, it defaults to the value
1486 given for \fInr\fR. Values in the range 9 to 15 may be used for
1487 diff -r --unified=10 ppp-2.2a5.orig/pppd/pppd.h ppp-2.2a5/pppd/pppd.h
1488 --- ppp-2.2a5.orig/pppd/pppd.h Sat May 13 12:38:21 1995
1489 +++ ppp-2.2a5/pppd/pppd.h Sat May 13 13:46:36 1995
1491 extern int disable_defaultip; /* Don't use hostname for default IP adrs */
1492 extern char *ipparam; /* Extra parameter for ip up/down scripts */
1493 extern int cryptpap; /* Others' PAP passwords are encrypted */
1498 #define PHASE_DEAD 0
1499 #define PHASE_ESTABLISH 1
1500 #define PHASE_AUTHENTICATE 2
1501 -#define PHASE_NETWORK 3
1502 -#define PHASE_TERMINATE 4
1503 +#define PHASE_CALLBACK 3
1504 +#define PHASE_NETWORK 4
1505 +#define PHASE_TERMINATE 5
1510 void quit __P((void)); /* Cleanup and exit */
1511 void timeout __P((void (*)(), caddr_t, int));
1512 /* Look-alike of kernel's timeout() */
1513 void untimeout __P((void (*)(), caddr_t));
1514 /* Look-alike of kernel's untimeout() */
1515 void output __P((int, u_char *, int));