X-Git-Url: https://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Fauth.c;h=3641b6ea701f11af845331926d308c366103a4d5;hp=424b3e54c1709156ad0812a8540863b2ca7d50c0;hb=6d39c6591f0bb9ff361f8f9a55067deef744804c;hpb=8f09b151a39f156131f85b7d018443d81c7e6308

diff --git a/pppd/auth.c b/pppd/auth.c
index 424b3e5..3641b6e 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -68,7 +68,7 @@
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#define RCSID	"$Id: auth.c,v 1.114 2008/06/15 06:53:06 paulus Exp $"
+#define RCSID	"$Id: auth.c,v 1.117 2008/07/01 12:27:56 paulus Exp $"
 
 #include <stdio.h>
 #include <stddef.h>
@@ -100,6 +100,10 @@
 #endif
 #include <time.h>
 
+#ifdef SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
 #include "pppd.h"
 #include "fsm.h"
 #include "lcp.h"
@@ -115,7 +119,6 @@
 #include "pathnames.h"
 #include "session.h"
 
-static const char rcsid[] = RCSID;
 
 /* Bits in scan_authfile return value */
 #define NONWILD_SERVER	1
@@ -190,6 +193,11 @@ int (*null_auth_hook) __P((struct wordlist **paddrs,
 
 int (*allowed_address_hook) __P((u_int32_t addr)) = NULL;
 
+#ifdef HAVE_MULTILINK
+/* Hook for plugin to hear when an interface joins a multilink bundle */
+void (*multilink_join_hook) __P((void)) = NULL;
+#endif
+
 /* A notifier for when the peer has authenticated itself,
    and we are proceeding to the network phase. */
 struct notifier *auth_up_notifier = NULL;
@@ -421,6 +429,7 @@ setupapfile(argv)
     euid = geteuid();
     if (seteuid(getuid()) == -1) {
 	option_error("unable to reset uid before opening %s: %m", fname);
+        free(fname);
 	return 0;
     }
     ufile = fopen(fname, "r");
@@ -428,6 +437,7 @@ setupapfile(argv)
 	fatal("unable to regain privileges: %m");
     if (ufile == NULL) {
 	option_error("unable to open user login data file %s", fname);
+        free(fname);
 	return 0;
     }
     check_access(ufile, fname);
@@ -438,6 +448,7 @@ setupapfile(argv)
 	|| fgets(p, MAXSECRETLEN - 1, ufile) == NULL) {
 	fclose(ufile);
 	option_error("unable to read user login data file %s", fname);
+        free(fname);
 	return 0;
     }
     fclose(ufile);
@@ -459,6 +470,7 @@ setupapfile(argv)
 	explicit_passwd = 1;
     }
 
+    free(fname);
     return (1);
 }
 
@@ -548,12 +560,11 @@ link_required(unit)
 void start_link(unit)
     int unit;
 {
-    char *msg;
-
+    status = EXIT_CONNECT_FAILED;
     new_phase(PHASE_SERIALCONN);
 
+    hungup = 0;
     devfd = the_channel->connect();
-    msg = "Connect script failed";
     if (devfd < 0)
 	goto fail;
 
@@ -566,7 +577,6 @@ void start_link(unit)
      * gives us.  Thus we don't need the tdb_writelock/tdb_writeunlock.
      */
     fd_ppp = the_channel->establish_ppp(devfd);
-    msg = "ppp establishment failed";
     if (fd_ppp < 0) {
 	status = EXIT_FATAL_ERROR;
 	goto disconnect;
@@ -663,9 +673,11 @@ link_terminated(unit)
 	(*the_channel->cleanup)();
 
     if (doing_multilink && multilink_master) {
-	if (!bundle_terminating)
+	if (!bundle_terminating) {
 	    new_phase(PHASE_MASTER);
-	else
+	    if (master_detach && !detached)
+		detach();
+	} else
 	    mp_bundle_terminated();
     } else
 	new_phase(PHASE_DEAD);
@@ -855,6 +867,8 @@ start_networks(unit)
 #ifdef HAVE_MULTILINK
     if (multilink) {
 	if (mp_join_bundle()) {
+	    if (multilink_join_hook)
+		(*multilink_join_hook)();
 	    if (updetach && !nodetach)
 		detach();
 	    return;
@@ -1092,8 +1106,15 @@ np_up(unit, proto)
 	/*
 	 * Detach now, if the updetach option was given.
 	 */
-	if (updetach && !nodetach)
+	if (updetach && !nodetach) {
+	    dbglog("updetach is set. Now detaching.");
 	    detach();
+#ifdef SYSTEMD
+	} else if (nodetach && up_sdnotify) {
+	    dbglog("up_sdnotify is set. Now notifying systemd: READY=1");
+	    sd_notify(0, "READY=1");
+#endif
+	}
     }
     ++num_np_up;
 }
@@ -1133,7 +1154,6 @@ static void
 check_maxoctets(arg)
     void *arg;
 {
-    int diff;
     unsigned int used;
 
     update_link_stats(ifunit);
@@ -1154,8 +1174,7 @@ check_maxoctets(arg)
 	    used = link_stats.bytes_in+link_stats.bytes_out;
 	    break;
     }
-    diff = maxoctets - used;
-    if(diff < 0) {
+    if (used > maxoctets) {
 	notice("Traffic limit reached. Limit: %u Used: %u", maxoctets, used);
 	status = EXIT_TRAFFIC_LIMIT;
 	lcp_close(0, "Traffic limit");
@@ -1319,7 +1338,7 @@ auth_reset(unit)
     hadchap = -1;
     ao->neg_upap = !refuse_pap && (passwd[0] != 0 || get_pap_passwd(NULL));
     ao->neg_chap = (!refuse_chap || !refuse_mschap || !refuse_mschap_v2)
-	&& (passwd[0] != 0 ||
+	&& ((passwd[0] != 0 || explicit_passwd) ||
 	    (hadchap = have_chap_secret(user, (explicit_remote? remote_name:
 					       NULL), 0, NULL)));
     ao->neg_eap = !refuse_eap && (
@@ -1436,9 +1455,11 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg)
 	    }
 	    if (secret[0] != 0 && !login_secret) {
 		/* password given in pap-secrets - must match */
-		if ((cryptpap || strcmp(passwd, secret) != 0)
-		    && strcmp(crypt(passwd, secret), secret) != 0)
-		    ret = UPAP_AUTHNAK;
+		if (cryptpap || strcmp(passwd, secret) != 0) {
+		    char *cbuf = crypt(passwd, secret);
+		    if (!cbuf || strcmp(cbuf, secret) != 0)
+			ret = UPAP_AUTHNAK;
+		}
 	    }
 	}
 	fclose(f);