X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fplugins%2Fpasswordfd.c;fp=pppd%2Fplugins%2Fpasswordfd.c;h=d718f3bdf81d74fd82d2d221e4b260d69d484040;hb=5012ee48c54b55f1f5661666b362c65e417c62b7;hp=0000000000000000000000000000000000000000;hpb=734747f7ef4d64cc7f92ea953c4ab57581c01f8f;p=ppp.git

diff --git a/pppd/plugins/passwordfd.c b/pppd/plugins/passwordfd.c
new file mode 100644
index 0000000..d718f3b
--- /dev/null
+++ b/pppd/plugins/passwordfd.c
@@ -0,0 +1,82 @@
+
+/*
+ *  Author: Arvin Schnell <arvin@suse.de>
+ *
+ *  This plugin let's you pass the password to the pppd via
+ *  a file descriptor. That's easy and secure - no fiddling
+ *  with pap- and chap-secrets files.
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "pppd.h"
+
+char pppd_version[] = VERSION;
+
+static int passwdfd = -1;
+static char save_passwd[MAXSECRETLEN];
+
+static option_t options[] = {
+    { "passwordfd", o_int, &passwdfd,
+      "Receive password on this file descriptor" },
+    { NULL }
+};
+
+static int pwfd_check (void)
+{
+    return 1;
+}
+
+static int pwfd_passwd (char *user, char *passwd)
+{
+    int readgood, red;
+
+    if (passwdfd == -1)
+	return -1;
+
+    if (passwd == NULL)
+	return 1;
+
+    if (passwdfd == -2) {
+	strcpy (passwd, save_passwd);
+	return 1;
+    }
+
+    readgood = 0;
+    do {
+	red = read (passwdfd, passwd + readgood, MAXSECRETLEN - 1 - readgood);
+	if (red == 0)
+	    break;
+	if (red < 0) {
+	    error ("Can't read secret from fd\n");
+	    readgood = -1;
+	    break;
+	}
+	readgood += red;
+    } while (readgood < MAXSECRETLEN - 1);
+
+    close (passwdfd);
+
+    if (readgood < 0)
+	return 0;
+
+    passwd[readgood] = 0;
+    strcpy (save_passwd, passwd);
+    passwdfd = -2;
+
+    return 1;
+}
+
+void plugin_init (void)
+{
+    add_options (options);
+
+    pap_check_hook = pwfd_check;
+    pap_passwd_hook = pwfd_passwd;
+
+    chap_check_hook = pwfd_check;
+    chap_passwd_hook = pwfd_passwd;
+}