X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fauth.c;h=2f763c11aef515bc273942ca816fcbed4a7db371;hb=e15bba841ee500abc715fccf876fed4dd2462b1b;hp=5c1fbf1f52c92167479069dab68013e738b3b9f9;hpb=61ebd9732d40eade1a74d55302bdb02c2865cb6c;p=ppp.git

diff --git a/pppd/auth.c b/pppd/auth.c
index 5c1fbf1..2f763c1 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -33,7 +33,7 @@
  */
 
 #ifndef lint
-static char rcsid[] = "$Id: auth.c,v 1.41 1999/02/26 10:38:50 paulus Exp $";
+static char rcsid[] = "$Id: auth.c,v 1.43 1999/03/06 11:28:10 paulus Exp $";
 #endif
 
 #include <stdio.h>
@@ -211,14 +211,19 @@ setupapfile(argv)
     lcp_allowoptions[0].neg_upap = 1;
 
     /* open user info file */
-    if ((ufile = fopen(*argv, "r")) == NULL) {
+    seteuid(getuid());
+    ufile = fopen(*argv, "r");
+    seteuid(0);
+    if (ufile == NULL) {
 	option_error("unable to open user login data file %s", *argv);
 	return 0;
     }
+#if 0	/* check done by setting effective UID above */
     if (!readable(fileno(ufile))) {
 	option_error("%s: access denied", *argv);
 	return 0;
     }
+#endif
     check_access(ufile, *argv);
 
     /* get username */
@@ -628,6 +633,13 @@ auth_check_options()
 	wo->neg_upap = 0;
     }
 
+    /*
+     * If we have a default route, require the peer to authenticate
+     * unless the noauth option was given.
+     */
+    if (!auth_required && !allow_any_ip && have_route_to(0))
+	auth_required = 1;
+
     /*
      * Check whether we have appropriate secrets to use
      * to authenticate the peer.