From: deraadt Date: Tue, 10 Dec 1996 07:58:29 +0000 (+0000) Subject: PPP autologin code from freebsd; do not use until pppd has been checked for security... X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=cf0bd59320997b412c09b27a074fabaa6e7bbb98;p=openbsd PPP autologin code from freebsd; do not use until pppd has been checked for security... --- diff --git a/libexec/getty/gettytab.5 b/libexec/getty/gettytab.5 index fa17e6d9ecd..dac31429b55 100644 --- a/libexec/getty/gettytab.5 +++ b/libexec/getty/gettytab.5 @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" from: @(#)gettytab.5 8.4 (Berkeley) 4/19/94 -.\" $Id: gettytab.5,v 1.2 1996/08/11 05:41:42 deraadt Exp $ +.\" $Id: gettytab.5,v 1.3 1996/12/10 07:58:29 deraadt Exp $ .\" .Dd April 19, 1994 .Dt GETTYTAB 5 @@ -149,6 +149,7 @@ hangup line on last close .It "pe bool false use printer (hard copy) erase algorithm" .It "pf num 0 delay" between first prompt and following flush (seconds) +.It "pp str unused PPP authentication program" .It "ps bool false line connected to a" .Tn MICOM port selector @@ -351,6 +352,12 @@ implementation. does not check parity of input characters in .Dv RAW mode. +.Pp +If +.Em \&pp +string is specified and a PPP link bringup sequence is recognized, +getty will invoke the program referenced by the pp option. This +can be used to handle incoming PPP calls. .Sh SEE ALSO .Xr login 1 , .Xr gethostname 2 , diff --git a/libexec/getty/gettytab.h b/libexec/getty/gettytab.h index 155b774fc61..702e6e76407 100644 --- a/libexec/getty/gettytab.h +++ b/libexec/getty/gettytab.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * from: @(#)gettytab.h 8.2 (Berkeley) 3/30/94 - * $Id: gettytab.h,v 1.1.1.1 1995/10/18 08:43:17 deraadt Exp $ + * $Id: gettytab.h,v 1.2 1996/12/10 07:58:31 deraadt Exp $ */ /* @@ -85,6 +85,7 @@ struct gettyflags { #define FL gettystrs[21].value #define WE gettystrs[22].value #define LN gettystrs[23].value +#define PP gettystrs[25].value /* * Numeric definitions. diff --git a/libexec/getty/init.c b/libexec/getty/init.c index dc9b9f44956..3353bd016a1 100644 --- a/libexec/getty/init.c +++ b/libexec/getty/init.c @@ -33,7 +33,7 @@ #ifndef lint /*static char sccsid[] = "from: @(#)init.c 8.1 (Berkeley) 6/4/93";*/ -static char rcsid[] = "$Id: init.c,v 1.2 1996/05/17 22:41:16 deraadt Exp $"; +static char rcsid[] = "$Id: init.c,v 1.3 1996/12/10 07:58:33 deraadt Exp $"; #endif /* not lint */ /* @@ -73,6 +73,7 @@ struct gettystrs gettystrs[] = { { "fl", &tmode.c_cc[VDISCARD] },/* flush output */ { "we", &tmode.c_cc[VWERASE] }, /* word erase */ { "ln", &tmode.c_cc[VLNEXT] }, /* literal next */ + { "pp" }, /* ppp login program */ { 0 } }; diff --git a/libexec/getty/main.c b/libexec/getty/main.c index 06fdaf02dcf..44b2b942c1e 100644 --- a/libexec/getty/main.c +++ b/libexec/getty/main.c @@ -39,7 +39,7 @@ static char copyright[] = #ifndef lint /*static char sccsid[] = "from: @(#)main.c 8.1 (Berkeley) 6/20/93";*/ -static char rcsid[] = "$Id: main.c,v 1.4 1996/05/22 12:10:13 deraadt Exp $"; +static char rcsid[] = "$Id: main.c,v 1.5 1996/12/10 07:58:34 deraadt Exp $"; #endif /* not lint */ #include @@ -73,6 +73,16 @@ static char rcsid[] = "$Id: main.c,v 1.4 1996/05/22 12:10:13 deraadt Exp $"; */ #define GETTY_TIMEOUT 60 /* seconds */ +/* defines for auto detection of incoming PPP calls (->PAP/CHAP) */ + +#define PPP_FRAME 0x7e /* PPP Framing character */ +#define PPP_STATION 0xff /* "All Station" character */ +#define PPP_ESCAPE 0x7d /* Escape Character */ +#define PPP_CONTROL 0x03 /* PPP Control Field */ +#define PPP_CONTROL_ESCAPED 0x23 /* PPP Control Field, escaped */ +#define PPP_LCP_HI 0xc0 /* LCP protocol - high byte */ +#define PPP_LCP_LOW 0x21 /* LCP protocol - low byte */ + struct termios tmode, omode; int crmod, digit, lower, upper; @@ -167,6 +177,7 @@ main(argc, argv) long allflags; int repcnt = 0, failopenlogged = 0; struct rlimit limit; + int rval; signal(SIGINT, SIG_IGN); /* @@ -284,7 +295,11 @@ main(argc, argv) signal(SIGALRM, dingdong); alarm(TO); } - if (getname()) { + if ((rval = getname()) == 2) { + execle(PP, "ppplogin", ttyn, (char *) 0, env); + syslog(LOG_ERR, "%s: %m", PP); + exit(1); + } else if (rval) { register int i; oflush(); @@ -336,7 +351,9 @@ getname() { register int c; register char *np; - char cs; + unsigned char cs; + int ppp_state; + int ppp_connection = 0; /* * Interrupt may happen if we use CBREAK mode @@ -365,6 +382,34 @@ getname() exit(0); if ((c = cs&0177) == 0) return (0); + + /* + * PPP detection state machine.. + * Look for sequences: + * PPP_FRAME, PPP_STATION, PPP_ESCAPE, PPP_CONTROL_ESCAPED or + * PPP_FRAME, PPP_STATION, PPP_CONTROL (deviant from RFC) + * See RFC1662. + * Derived from code from Michael Hancock + * and Erik 'PPP' Olson + */ + if (PP && cs == PPP_FRAME) { + ppp_state = 1; + } else if (ppp_state == 1 && cs == PPP_STATION) { + ppp_state = 2; + } else if (ppp_state == 2 && cs == PPP_ESCAPE) { + ppp_state = 3; + } else if ((ppp_state == 2 && cs == PPP_CONTROL) || + (ppp_state == 3 && cs == PPP_CONTROL_ESCAPED)) { + ppp_state = 4; + } else if (ppp_state == 4 && cs == PPP_LCP_HI) { + ppp_state = 5; + } else if (ppp_state == 5 && cs == PPP_LCP_LOW) { + ppp_connection = 1; + break; + } else { + ppp_state = 0; + } + if (c == EOT) exit(1); if (c == '\r' || c == '\n' || np >= &name[sizeof name]) { @@ -410,7 +455,7 @@ getname() for (np = name; *np; np++) if (isupper(*np)) *np = tolower(*np); - return (1); + return (1 + ppp_connection); } static void