* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-#ifndef lint
-static char rcsid[] = "$Id: options.c,v 1.48 1999/03/06 11:28:10 paulus Exp $";
-#endif
+#define RCSID "$Id: options.c,v 1.66 1999/09/11 12:08:58 paulus Exp $"
#include <ctype.h>
#include <stdio.h>
#include <errno.h>
#include <unistd.h>
-#include <limits.h>
+#include <fcntl.h>
#include <stdlib.h>
#include <termios.h>
#include <syslog.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#ifdef PLUGIN
+#include <dlfcn.h>
+#endif
#ifdef PPP_FILTER
#include <pcap.h>
#include <pcap-int.h> /* XXX: To get struct pcap */
#include <net/ppp-comp.h>
-#define FALSE 0
-#define TRUE 1
-
#if defined(ultrix) || defined(NeXT)
char *strdup __P((char *));
#endif
-#ifndef GIDSET_TYPE
-#define GIDSET_TYPE gid_t
-#endif
+static const char rcsid[] = RCSID;
/*
* Option variables and default values.
int debug = 0; /* Debug flag */
int kdebugflag = 0; /* Tell kernel to print debug messages */
int default_device = 1; /* Using /dev/tty or equivalent */
-char devnam[MAXPATHLEN] = "/dev/tty"; /* Device name */
+char devnam[MAXPATHLEN]; /* Device name */
int crtscts = 0; /* Use hardware flow control */
bool modem = 1; /* Use modem control lines */
int inspeed = 0; /* Input/Output speed requested */
bool lockflag = 0; /* Create lock file to lock the serial dev */
bool nodetach = 0; /* Don't detach from controlling tty */
bool updetach = 0; /* Detach once link is up */
+char *initializer = NULL; /* Script to initialize physical link */
char *connector = NULL; /* Script to establish physical link */
char *disconnector = NULL; /* Script to disestablish physical link */
char *welcomer = NULL; /* Script to run after phys link estab. */
+char *ptycommand = NULL; /* Command to run on other side of pty */
int maxconnect = 0; /* Maximum connect time */
char user[MAXNAMELEN]; /* Username for PAP */
char passwd[MAXSECRETLEN]; /* Password for PAP */
bool persist = 0; /* Reopen link after it goes down */
char our_name[MAXNAMELEN]; /* Our name for authentication purposes */
-char remote_name[MAXNAMELEN]; /* Peer's name for authentication */
-int explicit_remote = 0; /* User specified explicit remote name */
bool demand = 0; /* do dial-on-demand */
char *ipparam = NULL; /* Extra parameter for ip up/down scripts */
int idle_time_limit = 0; /* Disconnect if idle for this many seconds */
int holdoff = 30; /* # seconds to pause before reconnecting */
+bool holdoff_specified; /* true if a holdoff value has been given */
+bool notty = 0; /* Stdin/out is not a tty */
+char *record_file = NULL; /* File to record chars sent/received */
+int using_pty = 0;
+bool sync_serial = 0; /* Device is synchronous serial device */
+int log_to_fd = 1; /* send log messages to this fd too */
+int maxfail = 10; /* max # of unsuccessful connection attempts */
+char linkname[MAXPATHLEN]; /* logical name for link */
+bool tune_kernel; /* may alter kernel settings */
extern option_t auth_options[];
+extern struct stat devstat;
+extern int prepass; /* Doing pre-pass to find device name */
+struct option_info initializer_info;
struct option_info connector_info;
struct option_info disconnector_info;
struct option_info welcomer_info;
struct option_info devnam_info;
+struct option_info ptycommand_info;
#ifdef PPP_FILTER
struct bpf_program pass_filter;/* Filter program for packets to pass */
pcap_t pc; /* Fake struct pcap so we can compile expr */
#endif
+char *current_option; /* the name of the option being parsed */
+int privileged_option; /* set iff the current option came from root */
+char *option_source; /* string saying where the option came from */
+bool log_to_file; /* log_to_fd is a file opened by us */
+
/*
* Prototypes
*/
-static int setdevname __P((char *, int));
+static int setdevname __P((char *));
static int setipaddr __P((char *));
static int setspeed __P((char *));
static int noopt __P((char **));
static int callfile __P((char **));
static int showversion __P((char **));
static int showhelp __P((char **));
+static void usage __P((void));
+static int setlogfile __P((char **));
+#ifdef PLUGIN
+static int loadplugin __P((char **));
+#endif
#ifdef PPP_FILTER
static int setpassfilter __P((char **));
static int setactivefilter __P((char **));
#endif
-
static option_t *find_option __P((char *name));
static int process_option __P((option_t *, char **));
static int n_arguments __P((option_t *));
+static int number_option __P((char *, u_int32_t *, int));
+
+/*
+ * Structure to store extra lists of options.
+ */
+struct option_list {
+ option_t *options;
+ struct option_list *next;
+};
+
+static struct option_list *extra_options = NULL;
/*
* Valid arguments.
"Lock serial device with UUCP-style lock file", 1 },
{ "-all", o_special_noarg, noopt,
"Don't request/allow any LCP or IPCP options (useless)" },
+ { "init", o_string, &initializer,
+ "A program to initialize the device",
+ OPT_A2INFO | OPT_PRIVFIX, &initializer_info },
{ "connect", o_string, &connector,
- "A program to set up a connection", OPT_A2INFO, &connector_info },
+ "A program to set up a connection",
+ OPT_A2INFO | OPT_PRIVFIX, &connector_info },
{ "disconnect", o_string, &disconnector,
- "Program to disconnect serial device", OPT_A2INFO, &disconnector_info },
+ "Program to disconnect serial device",
+ OPT_A2INFO | OPT_PRIVFIX, &disconnector_info },
{ "welcome", o_string, &welcomer,
- "Script to welcome client", OPT_A2INFO, &welcomer_info },
+ "Script to welcome client",
+ OPT_A2INFO | OPT_PRIVFIX, &welcomer_info },
+ { "pty", o_string, &ptycommand,
+ "Script to run on pseudo-tty master side",
+ OPT_A2INFO | OPT_PRIVFIX | OPT_DEVNAM, &ptycommand_info },
+ { "notty", o_bool, ¬ty,
+ "Input/output is not a tty", OPT_DEVNAM | 1 },
+ { "record", o_string, &record_file,
+ "Record characters sent/received to file" },
{ "maxconnect", o_int, &maxconnect,
"Set connection time limit", OPT_LLIMIT|OPT_NOINCR|OPT_ZEROINF },
{ "crtscts", o_int, &crtscts,
{ "local", o_bool, &modem,
"Don't use modem control lines" },
{ "file", o_special, readfile,
- "Take options from a file" },
+ "Take options from a file", OPT_PREPASS },
{ "call", o_special, callfile,
- "Take options from a privileged file" },
+ "Take options from a privileged file", OPT_PREPASS },
{ "persist", o_bool, &persist,
"Keep on reopening connection after close", 1 },
{ "nopersist", o_bool, &persist,
"Turn off persist option" },
{ "demand", o_bool, &demand,
- "Dial on demand", 1, &persist },
+ "Dial on demand", OPT_INITONLY | 1, &persist },
{ "--version", o_special_noarg, showversion,
"Show version number" },
{ "--help", o_special_noarg, showhelp,
"Show brief listing of options" },
{ "-h", o_special_noarg, showhelp,
"Show brief listing of options" },
+ { "sync", o_bool, &sync_serial,
+ "Use synchronous HDLC serial encoding", 1 },
+ { "logfd", o_int, &log_to_fd,
+ "Send log messages to this file descriptor" },
+ { "logfile", o_special, setlogfile,
+ "Append log messages to this file" },
+ { "nolog", o_int, &log_to_fd,
+ "Don't send log messages to any file",
+ OPT_NOARG | OPT_VAL(-1) },
+ { "nologfd", o_int, &log_to_fd,
+ "Don't send log messages to any file descriptor",
+ OPT_NOARG | OPT_VAL(-1) },
+ { "linkname", o_string, linkname,
+ "Set logical name for link",
+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+ { "maxfail", o_int, &maxfail,
+ "Maximum number of unsuccessful connection attempts to allow" },
+ { "ktune", o_bool, &tune_kernel,
+ "Alter kernel settings as necessary", 1 },
+ { "noktune", o_bool, &tune_kernel,
+ "Don't alter kernel settings", 0 },
+#ifdef PLUGIN
+ { "plugin", o_special, loadplugin,
+ "Load a plug-in module into pppd", OPT_PRIV },
+#endif
#ifdef PPP_FILTER
{ "pdebug", o_int, &dflag,
#endif
static char *usage_string = "\
-pppd version %s patch level %d%s\n\
+pppd version %s.%d%s\n\
Usage: %s [ options ], where options are:\n\
<device> Communicate over the named device\n\
<speed> Set the baud rate to <speed>\n\
/*
* parse_args - parse a string of arguments from the command line.
+ * If prepass is true, we are scanning for the device name and only
+ * processing a few options, so error messages are suppressed.
*/
int
parse_args(argc, argv)
/*
* Maybe a tty name, speed or IP address?
*/
- if ((ret = setdevname(arg, 0)) == 0
+ if ((ret = setdevname(arg)) == 0
&& (ret = setspeed(arg)) == 0
- && (ret = setipaddr(arg)) == 0) {
+ && (ret = setipaddr(arg)) == 0
+ && !prepass) {
option_error("unrecognized option '%s'", arg);
usage();
return 0;
return 1;
}
+#if 0
/*
* scan_args - scan the command line arguments to get the tty name,
- * if specified.
+ * if specified. Also checks whether the notty or pty option was given.
*/
void
scan_args(argc, argv)
arg = *argv++;
--argc;
+ if (strcmp(arg, "notty") == 0 || strcmp(arg, "pty") == 0)
+ using_pty = 1;
+
/* Skip options and their arguments */
opt = find_option(arg);
if (opt != NULL) {
(void) setdevname(arg, 1);
}
}
+#endif
/*
* options_from_file - Read a string of options from a file,
int priv;
{
FILE *f;
- int i, newline, ret;
+ int i, newline, ret, err;
option_t *opt;
int oldpriv;
char *oldsource;
if (check_prot)
seteuid(getuid());
f = fopen(filename, "r");
+ err = errno;
if (check_prot)
seteuid(0);
if (f == NULL) {
- if (!must_exist && errno == ENOENT)
+ if (!must_exist && err == ENOENT)
return 1;
+ errno = err;
option_error("Can't open options file %s: %m", filename);
return 0;
}
-#if 0 /* check done by setting effective UID above */
- if (check_prot && !readable(fileno(f))) {
- option_error("Can't open options file %s: access denied", filename);
- fclose(f);
- return 0;
- }
-#endif
oldpriv = privileged_option;
privileged_option = priv;
argv[i] = args[i];
}
current_option = cmd;
+ if ((opt->flags & OPT_DEVEQUIV) && devnam_fixed) {
+ option_error("the %s option may not be used in the %s file",
+ cmd, filename);
+ goto err;
+ }
if (!process_option(opt, argv))
goto err;
continue;
/*
* Maybe a tty name, speed or IP address?
*/
- if ((i = setdevname(cmd, 0)) == 0
+ if ((i = setdevname(cmd)) == 0
&& (i = setspeed(cmd)) == 0
&& (i = setipaddr(cmd)) == 0) {
option_error("In file %s: unrecognized option '%s'",
char *user, *path, *file;
int ret;
struct passwd *pw;
+ size_t pl;
pw = getpwuid(getuid());
if (pw == NULL || (user = pw->pw_dir) == NULL || user[0] == 0)
return 1;
file = _PATH_USEROPT;
- path = malloc(strlen(user) + strlen(file) + 2);
+ pl = strlen(user) + strlen(file) + 2;
+ path = malloc(pl);
if (path == NULL)
novm("init file name");
- strcpy(path, user);
- strcat(path, "/");
- strcat(path, file);
+ slprintf(path, pl, "%s/%s", user, file);
ret = options_from_file(path, 0, 1, privileged);
free(path);
return ret;
{
char *dev, *path, *p;
int ret;
+ size_t pl;
dev = devnam;
if (strncmp(dev, "/dev/", 5) == 0)
dev += 5;
- if (strcmp(dev, "tty") == 0)
+ if (dev[0] == 0 || strcmp(dev, "tty") == 0)
return 1; /* don't look for /etc/ppp/options.tty */
- path = malloc(strlen(_PATH_TTYOPT) + strlen(dev) + 1);
+ pl = strlen(_PATH_TTYOPT) + strlen(dev) + 1;
+ path = malloc(pl);
if (path == NULL)
novm("tty init file name");
- strcpy(path, _PATH_TTYOPT);
+ slprintf(path, pl, "%s%s", _PATH_TTYOPT, dev);
/* Turn slashes into dots, for Solaris case (e.g. /dev/term/a) */
- for (p = path + strlen(path); *dev != 0; ++dev)
- *p++ = (*dev == '/'? '.': *dev);
- *p = 0;
+ for (p = path + strlen(_PATH_TTYOPT); *p != 0; ++p)
+ if (*p == '/')
+ *p = '.';
ret = options_from_file(path, 0, 0, 1);
free(path);
return ret;
}
+/*
+ * options_from_list - process a string of options in a wordlist.
+ */
+int
+options_from_list(w, priv)
+ struct wordlist *w;
+ int priv;
+{
+ char *argv[MAXARGS];
+ option_t *opt;
+ int i, ret = 0;
+
+ privileged_option = priv;
+ option_source = "secrets file";
+
+ while (w != NULL) {
+ /*
+ * First see if it's a command.
+ */
+ opt = find_option(w->word);
+ if (opt != NULL) {
+ int n = n_arguments(opt);
+ struct wordlist *w0 = w;
+ for (i = 0; i < n; ++i) {
+ w = w->next;
+ if (w == NULL) {
+ option_error(
+ "In secrets file: too few parameters for option '%s'",
+ w0->word);
+ goto err;
+ }
+ argv[i] = w->word;
+ }
+ current_option = w0->word;
+ if (!process_option(opt, argv))
+ goto err;
+ continue;
+ }
+
+ /*
+ * Maybe a tty name, speed or IP address?
+ */
+ if ((i = setdevname(w->word)) == 0
+ && (i = setspeed(w->word)) == 0
+ && (i = setipaddr(w->word)) == 0) {
+ option_error("In secrets file: unrecognized option '%s'",
+ w->word);
+ goto err;
+ }
+ if (i < 0) /* error */
+ goto err;
+ }
+ ret = 1;
+
+err:
+ return ret;
+}
+
/*
* find_option - scan the option lists for the various protocols
* looking for an entry with the given name.
* This could be optimized by using a hash table.
*/
static option_t *
-find_option(char *name)
+find_option(name)
+ char *name;
{
option_t *opt;
+ struct option_list *list;
int i;
+ for (list = extra_options; list != NULL; list = list->next)
+ for (opt = list->options; opt->name != NULL; ++opt)
+ if (strcmp(name, opt->name) == 0)
+ return opt;
for (opt = general_options; opt->name != NULL; ++opt)
if (strcmp(name, opt->name) == 0)
return opt;
char *sv;
int (*parser) __P((char **));
+ if ((opt->flags & OPT_PREPASS) == 0 && prepass)
+ return 1;
+ if ((opt->flags & OPT_INITONLY) && phase != PHASE_INITIALIZE) {
+ option_error("it's too late to use the %s option", opt->name);
+ return 0;
+ }
if ((opt->flags & OPT_PRIV) && !privileged_option) {
option_error("using the %s option requires root privilege", opt->name);
return 0;
option_error("%s option is disabled", opt->name);
return 0;
}
+ if ((opt->flags & OPT_PRIVFIX) && !privileged_option) {
+ struct option_info *ip = (struct option_info *) opt->addr2;
+ if (ip && ip->priv) {
+ option_error("%s option cannot be overridden", opt->name);
+ return 0;
+ }
+ }
switch (opt->type) {
case o_bool:
case o_string:
if (opt->flags & OPT_STATIC) {
- if (opt->upper_limit) {
- strncpy((char *)(opt->addr), *argv, opt->upper_limit);
- ((char *)(opt->addr))[opt->upper_limit-1] = 0;
- } else
- strcpy((char *)(opt->addr), *argv);
+ strlcpy((char *)(opt->addr), *argv, opt->upper_limit);
} else {
sv = strdup(*argv);
if (sv == NULL)
* n_arguments - tell how many arguments an option takes
*/
static int
-n_arguments(option_t *opt)
+n_arguments(opt)
+ option_t *opt;
{
return (opt->type == o_bool || opt->type == o_special_noarg
|| (opt->flags & OPT_NOARG))? 0: 1;
}
/*
- * usage - print out a message telling how to use the program.
+ * add_options - add a list of options to the set we grok.
*/
void
+add_options(opt)
+ option_t *opt;
+{
+ struct option_list *list;
+
+ list = malloc(sizeof(*list));
+ if (list == 0)
+ novm("option list entry");
+ list->options = opt;
+ list->next = extra_options;
+ extra_options = list;
+}
+
+/*
+ * usage - print out a message telling how to use the program.
+ */
+static void
usage()
{
if (phase == PHASE_INITIALIZE)
char **argv;
{
if (phase == PHASE_INITIALIZE) {
- fprintf(stderr, "pppd version %s patch level %d%s\n",
+ fprintf(stderr, "pppd version %s.%d%s\n",
VERSION, PATCHLEVEL, IMPLEMENTATION);
exit(0);
}
va_list args;
char buf[256];
-#if __STDC__
+#if defined(__STDC__)
va_start(args, fmt);
#else
char *fmt;
va_start(args);
fmt = va_arg(args, char *);
#endif
- vfmtmsg(buf, sizeof(buf), fmt, args);
+ if (prepass) {
+ va_end(args);
+ return;
+ }
+ vslprintf(buf, sizeof(buf), fmt, args);
va_end(args);
if (phase == PHASE_INITIALIZE)
fprintf(stderr, "%s: %s\n", progname, buf);
syslog(LOG_ERR, "%s", buf);
}
+#if 0
/*
* readable - check if a file is readable by the real user.
*/
int fd;
{
uid_t uid;
- int ngroups, i;
+ int i;
struct stat sbuf;
- GIDSET_TYPE groups[NGROUPS_MAX];
uid = getuid();
if (uid == 0)
return sbuf.st_mode & S_IRUSR;
if (sbuf.st_gid == getgid())
return sbuf.st_mode & S_IRGRP;
- ngroups = getgroups(NGROUPS_MAX, groups);
for (i = 0; i < ngroups; ++i)
if (sbuf.st_gid == groups[i])
return sbuf.st_mode & S_IRGRP;
return sbuf.st_mode & S_IROTH;
}
+#endif
/*
* Read a word from a file.
/*
* number_option - parse an unsigned numeric parameter for an option.
*/
-int
+static int
number_option(str, valp, base)
char *str;
u_int32_t *valp;
l = strlen(arg) + strlen(_PATH_PEERFILES) + 1;
if ((fname = (char *) malloc(l)) == NULL)
novm("call file name");
- strcpy(fname, _PATH_PEERFILES);
- strcat(fname, arg);
+ slprintf(fname, l, "%s%s", _PATH_PEERFILES, arg);
ok = options_from_file(fname, 1, 1, 1);
char *ptr;
int spd;
+ if (prepass)
+ return 1;
spd = strtol(arg, &ptr, 0);
if (ptr == arg || *ptr != 0 || spd == 0)
return 0;
* setdevname - Set the device name.
*/
static int
-setdevname(cp, quiet)
+setdevname(cp)
char *cp;
- int quiet;
{
struct stat statbuf;
char dev[MAXPATHLEN];
return 0;
if (strncmp("/dev/", cp, 5) != 0) {
- strcpy(dev, "/dev/");
- strncat(dev, cp, MAXPATHLEN - 5);
- dev[MAXPATHLEN-1] = 0;
+ strlcpy(dev, "/dev/", sizeof(dev));
+ strlcat(dev, cp, sizeof(dev));
cp = dev;
}
/*
- * Check if there is a device by this name.
+ * Check if there is a character device by this name.
*/
if (stat(cp, &statbuf) < 0) {
- if (errno == ENOENT || quiet)
+ if (errno == ENOENT)
return 0;
option_error("Couldn't stat %s: %m", cp);
return -1;
}
+ if (!S_ISCHR(statbuf.st_mode)) {
+ option_error("%s is not a character device", cp);
+ return -1;
+ }
+
+ if (phase != PHASE_INITIALIZE) {
+ option_error("device name cannot be changed after initialization");
+ return -1;
+ } else if (devnam_fixed) {
+ option_error("per-tty options file may not specify device name");
+ return -1;
+ }
- (void) strncpy(devnam, cp, MAXPATHLEN);
- devnam[MAXPATHLEN-1] = 0;
- default_device = FALSE;
+ if (devnam_info.priv && !privileged_option) {
+ option_error("device name cannot be overridden");
+ return -1;
+ }
+
+ strlcpy(devnam, cp, sizeof(devnam));
+ devstat = statbuf;
+ default_device = 0;
devnam_info.priv = privileged_option;
devnam_info.source = option_source;
*/
if ((colon = strchr(arg, ':')) == NULL)
return 0;
+ if (prepass)
+ return 1;
/*
* If colon first character, then no local addr.
return -1;
} else {
remote = *(u_int32_t *)hp->h_addr;
- if (remote_name[0] == 0) {
- strncpy(remote_name, colon, MAXNAMELEN);
- remote_name[MAXNAMELEN-1] = 0;
- }
+ if (remote_name[0] == 0)
+ strlcpy(remote_name, colon, sizeof(remote_name));
}
}
if (bad_ip_adrs(remote)) {
crtscts = -2;
return (1);
}
+
+static int
+setlogfile(argv)
+ char **argv;
+{
+ int fd, err;
+
+ if (!privileged_option)
+ seteuid(getuid());
+ fd = open(*argv, O_WRONLY | O_APPEND);
+ err = errno;
+ if (!privileged_option)
+ seteuid(0);
+ if (fd < 0) {
+ errno = err;
+ option_error("Can't open log file %s: %m", *argv);
+ return 0;
+ }
+ if (log_to_file && log_to_fd >= 0)
+ close(log_to_fd);
+ log_to_fd = fd;
+ log_to_file = 1;
+ return 1;
+}
+
+#ifdef PLUGIN
+static int
+loadplugin(argv)
+ char **argv;
+{
+ char *arg = *argv;
+ void *handle;
+ const char *err;
+ void (*init) __P((void));
+
+ handle = dlopen(arg, RTLD_GLOBAL | RTLD_NOW);
+ if (handle == 0) {
+ err = dlerror();
+ if (err != 0)
+ option_error("%s", err);
+ option_error("Couldn't load plugin %s", arg);
+ return 0;
+ }
+ init = dlsym(handle, "plugin_init");
+ if (init == 0) {
+ option_error("%s has no initialization entry point", arg);
+ dlclose(handle);
+ return 0;
+ }
+ info("Plugin %s loaded.", arg);
+ (*init)();
+ return 1;
+}
+#endif /* PLUGIN */