1 /* $OpenBSD: options.c,v 1.33 2024/08/21 14:57:05 florian Exp $ */ 2 3 /* 4 * options.c - handles option processing for PPP. 5 * 6 * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. The name "Carnegie Mellon University" must not be used to 21 * endorse or promote products derived from this software without 22 * prior written permission. For permission or any legal 23 * details, please contact 24 * Office of Technology Transfer 25 * Carnegie Mellon University 26 * 5000 Forbes Avenue 27 * Pittsburgh, PA 15213-3890 28 * (412) 268-4387, fax: (412) 268-7395 29 * tech-transfer@andrew.cmu.edu 30 * 31 * 4. Redistributions of any form whatsoever must retain the following 32 * acknowledgment: 33 * "This product includes software developed by Computing Services 34 * at Carnegie Mellon University (http://www.cmu.edu/computing/)." 35 * 36 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO 37 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 38 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE 39 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 40 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 41 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 42 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 43 */ 44 45 #include <sys/types.h> 46 #include <sys/socket.h> 47 #include <sys/stat.h> 48 49 #include <ctype.h> 50 #include <stdio.h> 51 #include <errno.h> 52 #include <unistd.h> 53 #include <limits.h> 54 #include <stdlib.h> 55 #include <termios.h> 56 #include <syslog.h> 57 #include <string.h> 58 #include <netdb.h> 59 #include <pwd.h> 60 #include <netinet/in.h> 61 #include <arpa/inet.h> 62 #ifdef PPP_FILTER 63 #include <pcap.h> 64 #include <pcap-int.h> /* XXX: To get struct pcap */ 65 #endif 66 67 #include "pppd.h" 68 #include "pathnames.h" 69 #include "patchlevel.h" 70 #include "fsm.h" 71 #include "lcp.h" 72 #include "ipcp.h" 73 #include "upap.h" 74 #include "chap.h" 75 #include "ccp.h" 76 #ifdef CBCP_SUPPORT 77 #include "cbcp.h" 78 #endif 79 80 #include <net/ppp-comp.h> 81 82 #define FALSE 0 83 #define TRUE 1 84 85 #if defined(ultrix) || defined(NeXT) 86 char *strdup(char *); 87 #endif 88 89 #ifndef GIDSET_TYPE 90 #define GIDSET_TYPE gid_t 91 #endif 92 93 /* 94 * Option variables and default values. 95 */ 96 #ifdef PPP_FILTER 97 int dflag = 0; /* Tell libpcap we want debugging */ 98 #endif 99 int debug = 0; /* Debug flag */ 100 int kdebugflag = 0; /* Tell kernel to print debug messages */ 101 int default_device = 1; /* Using /dev/tty or equivalent */ 102 char devnam[PATH_MAX] = "/dev/tty"; /* Device name */ 103 int crtscts = 0; /* Use hardware flow control */ 104 int modem = 1; /* Use modem control lines */ 105 int modem_chat = 0; /* Use modem control lines during chat */ 106 int inspeed = 0; /* Input/Output speed requested */ 107 u_int32_t netmask = 0; /* IP netmask to set on interface */ 108 int lockflag = 0; /* Create lock file to lock the serial dev */ 109 int nodetach = 0; /* Don't detach from controlling tty */ 110 char *connector = NULL; /* Script to establish physical link */ 111 char *disconnector = NULL; /* Script to disestablish physical link */ 112 char *welcomer = NULL; /* Script to run after phys link estab. */ 113 int maxconnect = 0; /* Maximum connect time */ 114 char user[MAXNAMELEN]; /* Username for PAP */ 115 char passwd[MAXSECRETLEN]; /* Password for PAP */ 116 int auth_required = 0; /* Peer is required to authenticate */ 117 volatile sig_atomic_t persist = 0; /* Reopen link after it goes down */ 118 int uselogin = 0; /* Use /etc/passwd for checking PAP */ 119 int lcp_echo_interval = 0; /* Interval between LCP echo-requests */ 120 int lcp_echo_fails = 0; /* Tolerance to unanswered echo-requests */ 121 char our_name[MAXNAMELEN]; /* Our name for authentication purposes */ 122 char remote_name[MAXNAMELEN]; /* Peer's name for authentication */ 123 int explicit_remote = 0; /* User specified explicit remote name */ 124 int usehostname = 0; /* Use hostname for our_name */ 125 int disable_defaultip = 0; /* Don't use hostname for default IP adrs */ 126 int demand = 0; /* do dial-on-demand */ 127 char *ipparam = NULL; /* Extra parameter for ip up/down scripts */ 128 int cryptpap; /* Passwords in pap-secrets are encrypted */ 129 int idle_time_limit = 0; /* Disconnect if idle for this many seconds */ 130 int holdoff = 30; /* # seconds to pause before reconnecting */ 131 int refuse_pap = 0; /* Set to say we won't do PAP */ 132 int refuse_chap = 0; /* Set to say we won't do CHAP */ 133 134 #ifdef MSLANMAN 135 int ms_lanman = 0; /* Nonzero if use LanMan password instead of NT */ 136 /* Has meaning only with MS-CHAP challenges */ 137 #endif 138 139 struct option_info auth_req_info; 140 struct option_info connector_info; 141 struct option_info disconnector_info; 142 struct option_info welcomer_info; 143 struct option_info devnam_info; 144 #ifdef PPP_FILTER 145 struct bpf_program pass_filter;/* Filter program for packets to pass */ 146 struct bpf_program active_filter; /* Filter program for link-active pkts */ 147 pcap_t pc; /* Fake struct pcap so we can compile expr */ 148 #endif 149 150 /* 151 * Prototypes 152 */ 153 static int setdevname(char *, int); 154 static int setipaddr(char *); 155 static int setspeed(char *); 156 static int setdebug(char **); 157 static int setkdebug(char **); 158 static int setpassive(char **); 159 static int setsilent(char **); 160 static int noopt(char **); 161 static int setnovj(char **); 162 static int setnovjccomp(char **); 163 static int setvjslots(char **); 164 static int reqpap(char **); 165 static int nopap(char **); 166 static int nochap(char **); 167 static int reqchap(char **); 168 static int noaccomp(char **); 169 static int noasyncmap(char **); 170 static int noip(char **); 171 static int nomagicnumber(char **); 172 static int setasyncmap(char **); 173 static int setescape(char **); 174 static int setmru(char **); 175 static int setmtu(char **); 176 #ifdef CBCP_SUPPORT 177 static int setcbcp(char **); 178 #endif 179 static int nomru(char **); 180 static int nopcomp(char **); 181 static int setconnector(char **); 182 static int setdisconnector(char **); 183 static int setwelcomer(char **); 184 static int setmaxconnect(char **); 185 static int setdomain(char **); 186 static int setnetmask(char **); 187 static int setcrtscts(char **); 188 static int setnocrtscts(char **); 189 static int setxonxoff(char **); 190 static int setnodetach(char **); 191 static int setupdetach(char **); 192 static int setmodem(char **); 193 static int setmodem_chat(char **); 194 static int setlocal(char **); 195 static int setlock(char **); 196 static int setname(char **); 197 static int setuser(char **); 198 static int setremote(char **); 199 static int setauth(char **); 200 static int setnoauth(char **); 201 static int readfile(char **); 202 static int callfile(char **); 203 static int setdefaultroute(char **); 204 static int setnodefaultroute(char **); 205 static int setproxyarp(char **); 206 static int setnoproxyarp(char **); 207 static int setpersist(char **); 208 static int setnopersist(char **); 209 static int setdologin(char **); 210 static int setusehostname(char **); 211 static int setnoipdflt(char **); 212 static int setlcptimeout(char **); 213 static int setlcpterm(char **); 214 static int setlcpconf(char **); 215 static int setlcpfails(char **); 216 static int setipcptimeout(char **); 217 static int setipcpterm(char **); 218 static int setipcpconf(char **); 219 static int setipcpfails(char **); 220 static int setpaptimeout(char **); 221 static int setpapreqs(char **); 222 static int setpapreqtime(char **); 223 static int setchaptimeout(char **); 224 static int setchapchal(char **); 225 static int setchapintv(char **); 226 static int setipcpaccl(char **); 227 static int setipcpaccr(char **); 228 static int setlcpechointv(char **); 229 static int setlcpechofails(char **); 230 static int noccp(char **); 231 static int setbsdcomp(char **); 232 static int setnobsdcomp(char **); 233 static int setdeflate(char **); 234 static int setnodeflate(char **); 235 static int setnodeflatedraft(char **); 236 static int setdemand(char **); 237 static int setpred1comp(char **); 238 static int setnopred1comp(char **); 239 static int setipparam(char **); 240 static int setpapcrypt(char **); 241 static int setidle(char **); 242 static int setholdoff(char **); 243 static int setdnsaddr(char **); 244 static int setwinsaddr(char **); 245 static int showversion(char **); 246 static int showhelp(char **); 247 248 #ifdef PPP_FILTER 249 static int setpdebug(char **); 250 static int setpassfilter(char **); 251 static int setactivefilter(char **); 252 #endif 253 254 #ifdef MSLANMAN 255 static int setmslanman(char **); 256 #endif 257 258 static int number_option(char *, u_int32_t *, int); 259 static int int_option(char *, int *); 260 static int readable(int fd); 261 262 /* 263 * Valid arguments. 264 */ 265 static struct cmd { 266 char *cmd_name; 267 int num_args; 268 int (*cmd_func)(char **); 269 } cmds[] = { 270 {"-all", 0, noopt}, /* Don't request/allow any options (useless) */ 271 {"noaccomp", 0, noaccomp}, /* Disable Address/Control compression */ 272 {"-ac", 0, noaccomp}, /* Disable Address/Control compress */ 273 {"default-asyncmap", 0, noasyncmap}, /* Disable asyncmap negotiation */ 274 {"-am", 0, noasyncmap}, /* Disable asyncmap negotiation */ 275 {"-as", 1, setasyncmap}, /* set the desired async map */ 276 {"-d", 0, setdebug}, /* Increase debugging level */ 277 {"nodetach", 0, setnodetach}, /* Don't detach from controlling tty */ 278 {"-detach", 0, setnodetach}, /* don't fork */ 279 {"updetach", 0, setupdetach}, /* Detach once an NP has come up */ 280 {"noip", 0, noip}, /* Disable IP and IPCP */ 281 {"-ip", 0, noip}, /* Disable IP and IPCP */ 282 {"nomagic", 0, nomagicnumber}, /* Disable magic number negotiation */ 283 {"-mn", 0, nomagicnumber}, /* Disable magic number negotiation */ 284 {"default-mru", 0, nomru}, /* Disable MRU negotiation */ 285 {"-mru", 0, nomru}, /* Disable mru negotiation */ 286 {"-p", 0, setpassive}, /* Set passive mode */ 287 {"nopcomp", 0, nopcomp}, /* Disable protocol field compression */ 288 {"-pc", 0, nopcomp}, /* Disable protocol field compress */ 289 {"require-pap", 0, reqpap}, /* Require PAP authentication from peer */ 290 {"+pap", 0, reqpap}, /* Require PAP auth from peer */ 291 {"refuse-pap", 0, nopap}, /* Don't agree to auth to peer with PAP */ 292 {"-pap", 0, nopap}, /* Don't allow UPAP authentication with peer */ 293 {"require-chap", 0, reqchap}, /* Require CHAP authentication from peer */ 294 {"+chap", 0, reqchap}, /* Require CHAP authentication from peer */ 295 {"refuse-chap", 0, nochap}, /* Don't agree to auth to peer with CHAP */ 296 {"-chap", 0, nochap}, /* Don't allow CHAP authentication with peer */ 297 {"novj", 0, setnovj}, /* Disable VJ compression */ 298 {"-vj", 0, setnovj}, /* disable VJ compression */ 299 {"novjccomp", 0, setnovjccomp}, /* disable VJ connection-ID compression */ 300 {"-vjccomp", 0, setnovjccomp}, /* disable VJ connection-ID compression */ 301 {"vj-max-slots", 1, setvjslots}, /* Set maximum VJ header slots */ 302 {"asyncmap", 1, setasyncmap}, /* set the desired async map */ 303 {"escape", 1, setescape}, /* set chars to escape on transmission */ 304 {"connect", 1, setconnector}, /* A program to set up a connection */ 305 {"disconnect", 1, setdisconnector}, /* program to disconnect serial dev. */ 306 {"welcome", 1, setwelcomer},/* Script to welcome client */ 307 {"maxconnect", 1, setmaxconnect}, /* specify a maximum connect time */ 308 {"crtscts", 0, setcrtscts}, /* set h/w flow control */ 309 {"nocrtscts", 0, setnocrtscts}, /* clear h/w flow control */ 310 {"-crtscts", 0, setnocrtscts}, /* clear h/w flow control */ 311 {"xonxoff", 0, setxonxoff}, /* set s/w flow control */ 312 {"debug", 0, setdebug}, /* Increase debugging level */ 313 {"kdebug", 1, setkdebug}, /* Enable kernel-level debugging */ 314 {"domain", 1, setdomain}, /* Add given domain name to hostname*/ 315 {"mru", 1, setmru}, /* Set MRU value for negotiation */ 316 {"mtu", 1, setmtu}, /* Set our MTU */ 317 #ifdef CBCP_SUPPORT 318 {"callback", 1, setcbcp}, /* Ask for callback */ 319 #endif 320 {"netmask", 1, setnetmask}, /* set netmask */ 321 {"passive", 0, setpassive}, /* Set passive mode */ 322 {"silent", 0, setsilent}, /* Set silent mode */ 323 {"modem", 0, setmodem}, /* Use modem control lines */ 324 {"modem_chat", 0, setmodem_chat}, /* Use modem control lines during chat */ 325 {"local", 0, setlocal}, /* Don't use modem control lines */ 326 {"lock", 0, setlock}, /* Lock serial device (with lock file) */ 327 {"name", 1, setname}, /* Set local name for authentication */ 328 {"user", 1, setuser}, /* Set name for auth with peer */ 329 {"usehostname", 0, setusehostname}, /* Must use hostname for auth. */ 330 {"remotename", 1, setremote}, /* Set remote name for authentication */ 331 {"auth", 0, setauth}, /* Require authentication from peer */ 332 {"noauth", 0, setnoauth}, /* Don't require peer to authenticate */ 333 {"file", 1, readfile}, /* Take options from a file */ 334 {"call", 1, callfile}, /* Take options from a privileged file */ 335 {"defaultroute", 0, setdefaultroute}, /* Add default route */ 336 {"nodefaultroute", 0, setnodefaultroute}, /* disable defaultroute option */ 337 {"-defaultroute", 0, setnodefaultroute}, /* disable defaultroute option */ 338 {"proxyarp", 0, setproxyarp}, /* Add proxy ARP entry */ 339 {"noproxyarp", 0, setnoproxyarp}, /* disable proxyarp option */ 340 {"-proxyarp", 0, setnoproxyarp}, /* disable proxyarp option */ 341 {"persist", 0, setpersist}, /* Keep on reopening connection after close */ 342 {"nopersist", 0, setnopersist}, /* Turn off persist option */ 343 {"demand", 0, setdemand}, /* Dial on demand */ 344 {"login", 0, setdologin}, /* Use system password database for UPAP */ 345 {"noipdefault", 0, setnoipdflt}, /* Don't use name for default IP adrs */ 346 {"lcp-echo-failure", 1, setlcpechofails}, /* consecutive echo failures */ 347 {"lcp-echo-interval", 1, setlcpechointv}, /* time for lcp echo events */ 348 {"lcp-restart", 1, setlcptimeout}, /* Set timeout for LCP */ 349 {"lcp-max-terminate", 1, setlcpterm}, /* Set max #xmits for term-reqs */ 350 {"lcp-max-configure", 1, setlcpconf}, /* Set max #xmits for conf-reqs */ 351 {"lcp-max-failure", 1, setlcpfails}, /* Set max #conf-naks for LCP */ 352 {"ipcp-restart", 1, setipcptimeout}, /* Set timeout for IPCP */ 353 {"ipcp-max-terminate", 1, setipcpterm}, /* Set max #xmits for term-reqs */ 354 {"ipcp-max-configure", 1, setipcpconf}, /* Set max #xmits for conf-reqs */ 355 {"ipcp-max-failure", 1, setipcpfails}, /* Set max #conf-naks for IPCP */ 356 {"pap-restart", 1, setpaptimeout}, /* Set retransmit timeout for PAP */ 357 {"pap-max-authreq", 1, setpapreqs}, /* Set max #xmits for auth-reqs */ 358 {"pap-timeout", 1, setpapreqtime}, /* Set time limit for peer PAP auth. */ 359 {"chap-restart", 1, setchaptimeout}, /* Set timeout for CHAP */ 360 {"chap-max-challenge", 1, setchapchal}, /* Set max #xmits for challenge */ 361 {"chap-interval", 1, setchapintv}, /* Set interval for rechallenge */ 362 {"ipcp-accept-local", 0, setipcpaccl}, /* Accept peer's address for us */ 363 {"ipcp-accept-remote", 0, setipcpaccr}, /* Accept peer's address for it */ 364 {"noccp", 0, noccp}, /* Disable CCP negotiation */ 365 {"-ccp", 0, noccp}, /* Disable CCP negotiation */ 366 {"bsdcomp", 1, setbsdcomp}, /* request BSD-Compress */ 367 {"nobsdcomp", 0, setnobsdcomp}, /* don't allow BSD-Compress */ 368 {"-bsdcomp", 0, setnobsdcomp}, /* don't allow BSD-Compress */ 369 {"deflate", 1, setdeflate}, /* request Deflate compression */ 370 {"nodeflate", 0, setnodeflate}, /* don't allow Deflate compression */ 371 {"-deflate", 0, setnodeflate}, /* don't allow Deflate compression */ 372 {"nodeflatedraft", 0, setnodeflatedraft}, /* don't use draft deflate # */ 373 {"predictor1", 0, setpred1comp}, /* request Predictor-1 */ 374 {"nopredictor1", 0, setnopred1comp},/* don't allow Predictor-1 */ 375 {"-predictor1", 0, setnopred1comp}, /* don't allow Predictor-1 */ 376 {"ipparam", 1, setipparam}, /* set ip script parameter */ 377 {"papcrypt", 0, setpapcrypt}, /* PAP passwords encrypted */ 378 {"idle", 1, setidle}, /* idle time limit (seconds) */ 379 {"holdoff", 1, setholdoff}, /* set holdoff time (seconds) */ 380 {"ms-dns", 1, setdnsaddr}, /* DNS address for the peer's use */ 381 {"ms-wins", 1, setwinsaddr}, /* Nameserver for SMB over TCP/IP for peer */ 382 {"--version", 0, showversion}, /* Show version number */ 383 {"--help", 0, showhelp}, /* Show brief listing of options */ 384 {"-h", 0, showhelp}, /* ditto */ 385 386 #ifdef PPP_FILTER 387 {"pdebug", 1, setpdebug}, /* libpcap debugging */ 388 {"pass-filter", 1, setpassfilter}, /* set filter for packets to pass */ 389 {"active-filter", 1, setactivefilter}, /* set filter for active pkts */ 390 #endif 391 392 #ifdef MSLANMAN 393 {"ms-lanman", 0, setmslanman}, /* Use LanMan psswd when using MS-CHAP */ 394 #endif 395 396 {NULL, 0, NULL} 397 }; 398 399 400 #ifndef IMPLEMENTATION 401 #define IMPLEMENTATION "" 402 #endif 403 404 static const char usage_string[] = "\ 405 pppd version %s patch level %d%s\n\ 406 Usage: %s [ options ], where options are:\n\ 407 <device> Communicate over the named device\n\ 408 <speed> Set the baud rate to <speed>\n\ 409 <loc>:<rem> Set the local and/or remote interface IP\n\ 410 addresses. Either one may be omitted.\n\ 411 asyncmap <n> Set the desired async map to hex <n>\n\ 412 auth Require authentication from peer\n\ 413 connect <p> Invoke shell command <p> to set up the serial line\n\ 414 crtscts Use hardware RTS/CTS flow control\n\ 415 defaultroute Add default route through interface\n\ 416 file <f> Take options from file <f>\n\ 417 modem Use modem control lines\n\ 418 modem_chat Use modem control lines during chat\n\ 419 mru <n> Set MRU value to <n> for negotiation\n\ 420 netmask <n> Set interface netmask to <n>\n\ 421 See pppd(8) for more options.\n\ 422 "; 423 424 static char *current_option; /* the name of the option being parsed */ 425 static int privileged_option; /* set iff the current option came from root */ 426 static char *option_source; /* string saying where the option came from */ 427 428 /* 429 * parse_args - parse a string of arguments from the command line. 430 */ 431 int 432 parse_args(int argc, char **argv) 433 { 434 char *arg; 435 struct cmd *cmdp; 436 int ret; 437 438 privileged_option = privileged; 439 option_source = "command line"; 440 while (argc > 0) { 441 arg = *argv++; 442 --argc; 443 444 /* 445 * First see if it's a command. 446 */ 447 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 448 if (!strcmp(arg, cmdp->cmd_name)) 449 break; 450 451 if (cmdp->cmd_name != NULL) { 452 if (argc < cmdp->num_args) { 453 option_error("too few parameters for option %s", arg); 454 return 0; 455 } 456 current_option = arg; 457 if (!(*cmdp->cmd_func)(argv)) 458 return 0; 459 argc -= cmdp->num_args; 460 argv += cmdp->num_args; 461 462 } else { 463 /* 464 * Maybe a tty name, speed or IP address? 465 */ 466 if ((ret = setdevname(arg, 0)) == 0 467 && (ret = setspeed(arg)) == 0 468 && (ret = setipaddr(arg)) == 0) { 469 option_error("unrecognized option '%s'", arg); 470 usage(); 471 return 0; 472 } 473 if (ret < 0) /* error */ 474 return 0; 475 } 476 } 477 return 1; 478 } 479 480 /* 481 * scan_args - scan the command line arguments to get the tty name, 482 * if specified. 483 */ 484 void 485 scan_args(int argc, char **argv) 486 { 487 char *arg; 488 struct cmd *cmdp; 489 490 while (argc > 0) { 491 arg = *argv++; 492 --argc; 493 494 /* Skip options and their arguments */ 495 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 496 if (!strcmp(arg, cmdp->cmd_name)) 497 break; 498 499 if (cmdp->cmd_name != NULL) { 500 argc -= cmdp->num_args; 501 argv += cmdp->num_args; 502 continue; 503 } 504 505 /* Check if it's a tty name and copy it if so */ 506 (void) setdevname(arg, 1); 507 } 508 } 509 510 /* 511 * usage - print out a message telling how to use the program. 512 */ 513 void 514 usage(void) 515 { 516 if (phase == PHASE_INITIALIZE) 517 fprintf(stderr, usage_string, VERSION, PATCHLEVEL, IMPLEMENTATION, 518 __progname); 519 } 520 521 /* 522 * showhelp - print out usage message and exit. 523 */ 524 static int 525 showhelp(char **argv) 526 { 527 if (phase == PHASE_INITIALIZE) { 528 usage(); 529 exit(0); 530 } 531 return 0; 532 } 533 534 /* 535 * showversion - print out the version number and exit. 536 */ 537 static int 538 showversion(char **argv) 539 { 540 if (phase == PHASE_INITIALIZE) { 541 fprintf(stderr, "pppd version %s patch level %d%s\n", 542 VERSION, PATCHLEVEL, IMPLEMENTATION); 543 exit(0); 544 } 545 return 0; 546 } 547 548 /* 549 * options_from_file - Read a string of options from a file, 550 * and interpret them. 551 */ 552 int 553 options_from_file(char *filename, int must_exist, int check_prot, int priv) 554 { 555 FILE *f; 556 int i, newline, ret; 557 struct cmd *cmdp; 558 int oldpriv; 559 char *argv[MAXARGS]; 560 char args[MAXARGS][MAXWORDLEN]; 561 char cmd[MAXWORDLEN]; 562 563 if ((f = fopen(filename, "r")) == NULL) { 564 if (!must_exist && errno == ENOENT) 565 return 1; 566 option_error("Can't open options file %s: %m", filename); 567 return 0; 568 } 569 if (check_prot && !readable(fileno(f))) { 570 option_error("Can't open options file %s: access denied", filename); 571 fclose(f); 572 return 0; 573 } 574 575 oldpriv = privileged_option; 576 privileged_option = priv; 577 ret = 0; 578 while (getword(f, cmd, &newline, filename)) { 579 /* 580 * First see if it's a command. 581 */ 582 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 583 if (!strcmp(cmd, cmdp->cmd_name)) 584 break; 585 586 if (cmdp->cmd_name != NULL) { 587 for (i = 0; i < cmdp->num_args; ++i) { 588 if (!getword(f, args[i], &newline, filename)) { 589 option_error( 590 "In file %s: too few parameters for option '%s'", 591 filename, cmd); 592 goto err; 593 } 594 argv[i] = args[i]; 595 } 596 current_option = cmd; 597 if (!(*cmdp->cmd_func)(argv)) 598 goto err; 599 600 } else { 601 /* 602 * Maybe a tty name, speed or IP address? 603 */ 604 if ((i = setdevname(cmd, 0)) == 0 605 && (i = setspeed(cmd)) == 0 606 && (i = setipaddr(cmd)) == 0) { 607 option_error("In file %s: unrecognized option '%s'", 608 filename, cmd); 609 goto err; 610 } 611 if (i < 0) /* error */ 612 goto err; 613 } 614 } 615 ret = 1; 616 617 err: 618 fclose(f); 619 privileged_option = oldpriv; 620 return ret; 621 } 622 623 /* 624 * options_from_user - See if the use has a ~/.ppprc file, 625 * and if so, interpret options from it. 626 */ 627 int 628 options_from_user(void) 629 { 630 char *user, *path, *file; 631 int ret; 632 struct passwd *pw; 633 634 pw = getpwuid(getuid()); 635 if (pw == NULL || (user = pw->pw_dir) == NULL || user[0] == 0) 636 return 1; 637 file = _PATH_USEROPT; 638 if (asprintf(&path, "%s/%s", user, file) == -1) 639 novm("init file name"); 640 ret = options_from_file(path, 0, 1, privileged); 641 free(path); 642 return ret; 643 } 644 645 /* 646 * options_for_tty - See if an options file exists for the serial 647 * device, and if so, interpret options from it. 648 */ 649 int 650 options_for_tty(void) 651 { 652 char *dev, *path; 653 int ret; 654 655 dev = devnam; 656 if (strncmp(dev, "/dev/", 5) == 0) 657 dev += 5; 658 if (strcmp(dev, "tty") == 0) 659 return 1; /* don't look for /etc/ppp/options.tty */ 660 if (asprintf(&path, "%s%s", _PATH_TTYOPT, dev) == -1) 661 novm("tty init file name"); 662 ret = options_from_file(path, 0, 0, 1); 663 free(path); 664 return ret; 665 } 666 667 /* 668 * option_error - print a message about an error in an option. 669 * The message is logged, and also sent to 670 * stderr if phase == PHASE_INITIALIZE. 671 */ 672 void 673 option_error(char *fmt, ...) 674 { 675 va_list args; 676 char buf[256]; 677 678 va_start(args, fmt); 679 vfmtmsg(buf, sizeof(buf), fmt, args); 680 va_end(args); 681 if (phase == PHASE_INITIALIZE) 682 fprintf(stderr, "%s: %s\n", __progname, buf); 683 syslog(LOG_ERR, "%s", buf); 684 } 685 686 /* 687 * readable - check if a file is readable by the real user. 688 */ 689 static int 690 readable(int fd) 691 { 692 uid_t uid; 693 int ngroups, i; 694 struct stat sbuf; 695 GIDSET_TYPE groups[NGROUPS_MAX]; 696 697 uid = getuid(); 698 if (uid == 0) 699 return 1; 700 if (fstat(fd, &sbuf) != 0) 701 return 0; 702 if (sbuf.st_uid == uid) 703 return sbuf.st_mode & S_IRUSR; 704 if (sbuf.st_gid == getgid()) 705 return sbuf.st_mode & S_IRGRP; 706 ngroups = getgroups(NGROUPS_MAX, groups); 707 for (i = 0; i < ngroups; ++i) 708 if (sbuf.st_gid == groups[i]) 709 return sbuf.st_mode & S_IRGRP; 710 return sbuf.st_mode & S_IROTH; 711 } 712 713 /* 714 * Read a word from a file. 715 * Words are delimited by white-space or by quotes (" or '). 716 * Quotes, white-space and \ may be escaped with \. 717 * \<newline> is ignored. 718 */ 719 int 720 getword(FILE *f, char *word, int *newlinep, char *filename) 721 { 722 int c, len, escape; 723 int quoted, comment; 724 int value, digit, got, n; 725 726 #define isoctal(c) ((c) >= '0' && (c) < '8') 727 728 *newlinep = 0; 729 len = 0; 730 escape = 0; 731 comment = 0; 732 733 /* 734 * First skip white-space and comments. 735 */ 736 for (;;) { 737 c = getc(f); 738 if (c == EOF) 739 break; 740 741 /* 742 * A newline means the end of a comment; backslash-newline 743 * is ignored. Note that we cannot have escape && comment. 744 */ 745 if (c == '\n') { 746 if (!escape) { 747 *newlinep = 1; 748 comment = 0; 749 } else 750 escape = 0; 751 continue; 752 } 753 754 /* 755 * Ignore characters other than newline in a comment. 756 */ 757 if (comment) 758 continue; 759 760 /* 761 * If this character is escaped, we have a word start. 762 */ 763 if (escape) 764 break; 765 766 /* 767 * If this is the escape character, look at the next character. 768 */ 769 if (c == '\\') { 770 escape = 1; 771 continue; 772 } 773 774 /* 775 * If this is the start of a comment, ignore the rest of the line. 776 */ 777 if (c == '#') { 778 comment = 1; 779 continue; 780 } 781 782 /* 783 * A non-whitespace character is the start of a word. 784 */ 785 if (!isspace(c)) 786 break; 787 } 788 789 /* 790 * Save the delimiter for quoted strings. 791 */ 792 if (!escape && (c == '"' || c == '\'')) { 793 quoted = c; 794 c = getc(f); 795 } else 796 quoted = 0; 797 798 /* 799 * Process characters until the end of the word. 800 */ 801 while (c != EOF) { 802 if (escape) { 803 /* 804 * This character is escaped: backslash-newline is ignored, 805 * various other characters indicate particular values 806 * as for C backslash-escapes. 807 */ 808 escape = 0; 809 if (c == '\n') { 810 c = getc(f); 811 continue; 812 } 813 814 got = 0; 815 switch (c) { 816 case 'a': 817 value = '\a'; 818 break; 819 case 'b': 820 value = '\b'; 821 break; 822 case 'f': 823 value = '\f'; 824 break; 825 case 'n': 826 value = '\n'; 827 break; 828 case 'r': 829 value = '\r'; 830 break; 831 case 's': 832 value = ' '; 833 break; 834 case 't': 835 value = '\t'; 836 break; 837 838 default: 839 if (isoctal(c)) { 840 /* 841 * \ddd octal sequence 842 */ 843 value = 0; 844 for (n = 0; n < 3 && isoctal(c); ++n) { 845 value = (value << 3) + (c & 07); 846 c = getc(f); 847 } 848 got = 1; 849 break; 850 } 851 852 if (c == 'x') { 853 /* 854 * \x<hex_string> sequence 855 */ 856 value = 0; 857 c = getc(f); 858 for (n = 0; n < 2 && isxdigit(c); ++n) { 859 digit = toupper(c) - '0'; 860 if (digit > 10) 861 digit += '0' + 10 - 'A'; 862 value = (value << 4) + digit; 863 c = getc (f); 864 } 865 got = 1; 866 break; 867 } 868 869 /* 870 * Otherwise the character stands for itself. 871 */ 872 value = c; 873 break; 874 } 875 876 /* 877 * Store the resulting character for the escape sequence. 878 */ 879 if (len < MAXWORDLEN) { 880 word[len] = value; 881 ++len; 882 } 883 884 if (!got) 885 c = getc(f); 886 continue; 887 888 } 889 890 /* 891 * Not escaped: see if we've reached the end of the word. 892 */ 893 if (quoted) { 894 if (c == quoted) 895 break; 896 } else { 897 if (isspace(c) || c == '#') { 898 ungetc (c, f); 899 break; 900 } 901 } 902 903 /* 904 * Backslash starts an escape sequence. 905 */ 906 if (c == '\\') { 907 escape = 1; 908 c = getc(f); 909 continue; 910 } 911 912 /* 913 * An ordinary character: store it in the word and get another. 914 */ 915 if (len < MAXWORDLEN) { 916 word[len] = c; 917 ++len; 918 } 919 920 c = getc(f); 921 } 922 923 /* 924 * End of the word: check for errors. 925 */ 926 if (c == EOF) { 927 if (ferror(f)) { 928 if (errno == 0) 929 errno = EIO; 930 option_error("Error reading %s: %m", filename); 931 die(1); 932 } 933 /* 934 * If len is zero, then we didn't find a word before the 935 * end of the file. 936 */ 937 if (len == 0) 938 return 0; 939 } 940 941 /* 942 * Warn if the word was too long, and append a terminating null. 943 */ 944 if (len >= MAXWORDLEN) { 945 option_error("warning: word in file %s too long (%.20s...)", 946 filename, word); 947 len = MAXWORDLEN - 1; 948 } 949 word[len] = 0; 950 951 return 1; 952 953 #undef isoctal 954 955 } 956 957 /* 958 * number_option - parse an unsigned numeric parameter for an option. 959 */ 960 static int 961 number_option(char *str, u_int32_t *valp, int base) 962 { 963 char *ptr; 964 965 *valp = strtoul(str, &ptr, base); 966 if (ptr == str) { 967 option_error("invalid numeric parameter '%s' for %s option", 968 str, current_option); 969 return 0; 970 } 971 return 1; 972 } 973 974 975 /* 976 * int_option - like number_option, but valp is int *, 977 * the base is assumed to be 0, and *valp is not changed 978 * if there is an error. 979 */ 980 static int 981 int_option(char *str, int *valp) 982 { 983 u_int32_t v; 984 985 if (!number_option(str, &v, 0)) 986 return 0; 987 *valp = (int) v; 988 return 1; 989 } 990 991 992 /* 993 * The following procedures parse options. 994 */ 995 996 /* 997 * readfile - take commands from a file. 998 */ 999 static int 1000 readfile(char **argv) 1001 { 1002 return options_from_file(*argv, 1, 1, privileged_option); 1003 } 1004 1005 /* 1006 * callfile - take commands from /etc/ppp/peers/<name>. 1007 * Name may not contain /../, start with / or ../, or end in /.. 1008 */ 1009 static int 1010 callfile(char **argv) 1011 { 1012 char *fname, *arg, *p; 1013 int l, ok; 1014 1015 arg = *argv; 1016 ok = 1; 1017 if (arg[0] == '/' || arg[0] == 0) 1018 ok = 0; 1019 else { 1020 for (p = arg; *p != 0; ) { 1021 if (p[0] == '.' && p[1] == '.' && (p[2] == '/' || p[2] == 0)) { 1022 ok = 0; 1023 break; 1024 } 1025 while (*p != '/' && *p != 0) 1026 ++p; 1027 if (*p == '/') 1028 ++p; 1029 } 1030 } 1031 if (!ok) { 1032 option_error("call option value may not contain .. or start with /"); 1033 return 0; 1034 } 1035 1036 l = strlen(arg) + strlen(_PATH_PEERFILES) + 1; 1037 if ((fname = (char *) malloc(l)) == NULL) 1038 novm("call file name"); 1039 strlcpy(fname, _PATH_PEERFILES, l); 1040 strlcat(fname, arg, l); 1041 1042 ok = options_from_file(fname, 1, 1, 1); 1043 1044 free(fname); 1045 return ok; 1046 } 1047 1048 1049 /* 1050 * setdebug - Set debug (command line argument). 1051 */ 1052 static int 1053 setdebug(char **argv) 1054 { 1055 debug++; 1056 return (1); 1057 } 1058 1059 /* 1060 * setkdebug - Set kernel debugging level. 1061 */ 1062 static int 1063 setkdebug(char **argv) 1064 { 1065 return int_option(*argv, &kdebugflag); 1066 } 1067 1068 #ifdef PPP_FILTER 1069 /* 1070 * setpdebug - Set libpcap debugging level. 1071 */ 1072 static int 1073 setpdebug(char **argv) 1074 { 1075 return int_option(*argv, &dflag); 1076 } 1077 1078 /* 1079 * setpassfilter - Set the pass filter for packets 1080 */ 1081 static int 1082 setpassfilter(char **argv) 1083 { 1084 pc.linktype = DLT_PPP; 1085 pc.snapshot = PPP_HDRLEN; 1086 1087 if (pcap_compile(&pc, &pass_filter, *argv, 1, netmask) == 0) 1088 return 1; 1089 option_error("error in pass-filter expression: %s\n", pcap_geterr(&pc)); 1090 return 0; 1091 } 1092 1093 /* 1094 * setactivefilter - Set the active filter for packets 1095 */ 1096 static int 1097 setactivefilter(char **argv) 1098 { 1099 pc.linktype = DLT_PPP; 1100 pc.snapshot = PPP_HDRLEN; 1101 1102 if (pcap_compile(&pc, &active_filter, *argv, 1, netmask) == 0) 1103 return 1; 1104 option_error("error in active-filter expression: %s\n", pcap_geterr(&pc)); 1105 return 0; 1106 } 1107 #endif 1108 1109 /* 1110 * noopt - Disable all options. 1111 */ 1112 static int 1113 noopt(char **argv) 1114 { 1115 BZERO((char *) &lcp_wantoptions[0], sizeof (struct lcp_options)); 1116 BZERO((char *) &lcp_allowoptions[0], sizeof (struct lcp_options)); 1117 BZERO((char *) &ipcp_wantoptions[0], sizeof (struct ipcp_options)); 1118 BZERO((char *) &ipcp_allowoptions[0], sizeof (struct ipcp_options)); 1119 1120 return (1); 1121 } 1122 1123 /* 1124 * noaccomp - Disable Address/Control field compression negotiation. 1125 */ 1126 static int 1127 noaccomp(char **argv) 1128 { 1129 lcp_wantoptions[0].neg_accompression = 0; 1130 lcp_allowoptions[0].neg_accompression = 0; 1131 return (1); 1132 } 1133 1134 1135 /* 1136 * noasyncmap - Disable async map negotiation. 1137 */ 1138 static int 1139 noasyncmap(char **argv) 1140 { 1141 lcp_wantoptions[0].neg_asyncmap = 0; 1142 lcp_allowoptions[0].neg_asyncmap = 0; 1143 return (1); 1144 } 1145 1146 1147 /* 1148 * noip - Disable IP and IPCP. 1149 */ 1150 static int 1151 noip(char **argv) 1152 { 1153 ipcp_protent.enabled_flag = 0; 1154 return (1); 1155 } 1156 1157 1158 /* 1159 * nomagicnumber - Disable magic number negotiation. 1160 */ 1161 static int 1162 nomagicnumber(char **argv) 1163 { 1164 lcp_wantoptions[0].neg_magicnumber = 0; 1165 lcp_allowoptions[0].neg_magicnumber = 0; 1166 return (1); 1167 } 1168 1169 1170 /* 1171 * nomru - Disable mru negotiation. 1172 */ 1173 static int 1174 nomru(char **argv) 1175 { 1176 lcp_wantoptions[0].neg_mru = 0; 1177 lcp_allowoptions[0].neg_mru = 0; 1178 return (1); 1179 } 1180 1181 1182 /* 1183 * setmru - Set MRU for negotiation. 1184 */ 1185 static int 1186 setmru(char **argv) 1187 { 1188 u_int32_t mru; 1189 1190 if (!number_option(*argv, &mru, 0)) 1191 return 0; 1192 lcp_wantoptions[0].mru = mru; 1193 lcp_wantoptions[0].neg_mru = 1; 1194 return (1); 1195 } 1196 1197 1198 /* 1199 * setmru - Set the largest MTU we'll use. 1200 */ 1201 static int 1202 setmtu(char **argv) 1203 { 1204 u_int32_t mtu; 1205 1206 if (!number_option(*argv, &mtu, 0)) 1207 return 0; 1208 if (mtu < MINMRU || mtu > MAXMRU) { 1209 option_error("mtu option value of %u is too %s", mtu, 1210 (mtu < MINMRU? "small": "large")); 1211 return 0; 1212 } 1213 lcp_allowoptions[0].mru = mtu; 1214 return (1); 1215 } 1216 1217 #ifdef CBCP_SUPPORT 1218 static int 1219 setcbcp(argv) 1220 char **argv; 1221 { 1222 lcp_wantoptions[0].neg_cbcp = 1; 1223 cbcp_protent.enabled_flag = 1; 1224 cbcp[0].us_number = strdup(*argv); 1225 if (cbcp[0].us_number == 0) 1226 novm("callback number"); 1227 cbcp[0].us_type |= (1 << CB_CONF_USER); 1228 cbcp[0].us_type |= (1 << CB_CONF_ADMIN); 1229 return (1); 1230 } 1231 #endif 1232 1233 /* 1234 * nopcomp - Disable Protocol field compression negotiation. 1235 */ 1236 static int 1237 nopcomp(char **argv) 1238 { 1239 lcp_wantoptions[0].neg_pcompression = 0; 1240 lcp_allowoptions[0].neg_pcompression = 0; 1241 return (1); 1242 } 1243 1244 1245 /* 1246 * setpassive - Set passive mode (don't give up if we time out sending 1247 * LCP configure-requests). 1248 */ 1249 static int 1250 setpassive(char **argv) 1251 { 1252 lcp_wantoptions[0].passive = 1; 1253 return (1); 1254 } 1255 1256 1257 /* 1258 * setsilent - Set silent mode (don't start sending LCP configure-requests 1259 * until we get one from the peer). 1260 */ 1261 static int 1262 setsilent(char **argv) 1263 { 1264 lcp_wantoptions[0].silent = 1; 1265 return 1; 1266 } 1267 1268 1269 /* 1270 * nopap - Disable PAP authentication with peer. 1271 */ 1272 static int 1273 nopap(char **argv) 1274 { 1275 refuse_pap = 1; 1276 return (1); 1277 } 1278 1279 1280 /* 1281 * reqpap - Require PAP authentication from peer. 1282 */ 1283 static int 1284 reqpap(char **argv) 1285 { 1286 lcp_wantoptions[0].neg_upap = 1; 1287 setauth(NULL); 1288 return 1; 1289 } 1290 1291 /* 1292 * nochap - Disable CHAP authentication with peer. 1293 */ 1294 static int 1295 nochap(char **argv) 1296 { 1297 refuse_chap = 1; 1298 return (1); 1299 } 1300 1301 1302 /* 1303 * reqchap - Require CHAP authentication from peer. 1304 */ 1305 static int 1306 reqchap(char **argv) 1307 { 1308 lcp_wantoptions[0].neg_chap = 1; 1309 setauth(NULL); 1310 return (1); 1311 } 1312 1313 1314 /* 1315 * setnovj - disable vj compression 1316 */ 1317 static int 1318 setnovj(char **argv) 1319 { 1320 ipcp_wantoptions[0].neg_vj = 0; 1321 ipcp_allowoptions[0].neg_vj = 0; 1322 return (1); 1323 } 1324 1325 1326 /* 1327 * setnovjccomp - disable VJ connection-ID compression 1328 */ 1329 static int 1330 setnovjccomp(char **argv) 1331 { 1332 ipcp_wantoptions[0].cflag = 0; 1333 ipcp_allowoptions[0].cflag = 0; 1334 return 1; 1335 } 1336 1337 1338 /* 1339 * setvjslots - set maximum number of connection slots for VJ compression 1340 */ 1341 static int 1342 setvjslots(char **argv) 1343 { 1344 int value; 1345 1346 if (!int_option(*argv, &value)) 1347 return 0; 1348 if (value < 2 || value > 16) { 1349 option_error("vj-max-slots value must be between 2 and 16"); 1350 return 0; 1351 } 1352 ipcp_wantoptions [0].maxslotindex = 1353 ipcp_allowoptions[0].maxslotindex = value - 1; 1354 return 1; 1355 } 1356 1357 1358 /* 1359 * setconnector - Set a program to connect to a serial line 1360 */ 1361 static int 1362 setconnector(char **argv) 1363 { 1364 connector = strdup(*argv); 1365 if (connector == NULL) 1366 novm("connect script"); 1367 connector_info.priv = privileged_option; 1368 connector_info.source = option_source; 1369 1370 return (1); 1371 } 1372 1373 /* 1374 * setdisconnector - Set a program to disconnect from the serial line 1375 */ 1376 static int 1377 setdisconnector(char **argv) 1378 { 1379 disconnector = strdup(*argv); 1380 if (disconnector == NULL) 1381 novm("disconnect script"); 1382 disconnector_info.priv = privileged_option; 1383 disconnector_info.source = option_source; 1384 1385 return (1); 1386 } 1387 1388 /* 1389 * setwelcomer - Set a program to welcome a client after connection 1390 */ 1391 static int 1392 setwelcomer(char **argv) 1393 { 1394 welcomer = strdup(*argv); 1395 if (welcomer == NULL) 1396 novm("welcome script"); 1397 welcomer_info.priv = privileged_option; 1398 welcomer_info.source = option_source; 1399 1400 return (1); 1401 } 1402 1403 /* 1404 * setmaxconnect - Set the maximum connect time 1405 */ 1406 static int 1407 setmaxconnect(char **argv) 1408 { 1409 int value; 1410 1411 if (!int_option(*argv, &value)) 1412 return 0; 1413 if (value < 0) { 1414 option_error("maxconnect time must be positive"); 1415 return 0; 1416 } 1417 if (maxconnect > 0 && (value == 0 || value > maxconnect)) { 1418 option_error("maxconnect time cannot be increased"); 1419 return 0; 1420 } 1421 maxconnect = value; 1422 return 1; 1423 } 1424 1425 /* 1426 * setdomain - Set domain name to append to hostname 1427 */ 1428 static int 1429 setdomain(char **argv) 1430 { 1431 if (!privileged_option) { 1432 option_error("using the domain option requires root privilege"); 1433 return 0; 1434 } 1435 gethostname(hostname, MAXNAMELEN); 1436 if (**argv != 0) { 1437 if (**argv != '.') 1438 strlcat(hostname, ".", MAXNAMELEN); 1439 strlcat(hostname, *argv, MAXNAMELEN); 1440 } 1441 hostname[MAXNAMELEN-1] = 0; 1442 return (1); 1443 } 1444 1445 1446 /* 1447 * setasyncmap - add bits to asyncmap (what we request peer to escape). 1448 */ 1449 static int 1450 setasyncmap(char **argv) 1451 { 1452 u_int32_t asyncmap; 1453 1454 if (!number_option(*argv, &asyncmap, 16)) 1455 return 0; 1456 lcp_wantoptions[0].asyncmap |= asyncmap; 1457 lcp_wantoptions[0].neg_asyncmap = 1; 1458 return(1); 1459 } 1460 1461 1462 /* 1463 * setescape - add chars to the set we escape on transmission. 1464 */ 1465 static int 1466 setescape(char **argv) 1467 { 1468 int n, ret; 1469 char *p, *endp; 1470 1471 p = *argv; 1472 ret = 1; 1473 while (*p) { 1474 n = strtol(p, &endp, 16); 1475 if (p == endp) { 1476 option_error("escape parameter contains invalid hex number '%s'", 1477 p); 1478 return 0; 1479 } 1480 p = endp; 1481 if (n < 0 || (0x20 <= n && n <= 0x3F) || n == 0x5E || n > 0xFF) { 1482 option_error("can't escape character 0x%x", n); 1483 ret = 0; 1484 } else 1485 xmit_accm[0][n >> 5] |= 1 << (n & 0x1F); 1486 while (*p == ',' || *p == ' ') 1487 ++p; 1488 } 1489 return ret; 1490 } 1491 1492 1493 /* 1494 * setspeed - Set the speed. 1495 */ 1496 static int 1497 setspeed(char *arg) 1498 { 1499 char *ptr; 1500 int spd; 1501 1502 spd = strtol(arg, &ptr, 0); 1503 if (ptr == arg || *ptr != 0 || spd == 0) 1504 return 0; 1505 inspeed = spd; 1506 return 1; 1507 } 1508 1509 1510 /* 1511 * setdevname - Set the device name. 1512 */ 1513 static int 1514 setdevname(char *cp, int quiet) 1515 { 1516 struct stat statbuf; 1517 char dev[PATH_MAX]; 1518 1519 if (*cp == 0) 1520 return 0; 1521 1522 if (strncmp("/dev/", cp, 5) != 0) { 1523 strlcpy(dev, "/dev/", sizeof dev); 1524 strlcat(dev, cp, sizeof dev); 1525 cp = dev; 1526 } 1527 1528 /* 1529 * Check if there is a device by this name. 1530 */ 1531 if (stat(cp, &statbuf) < 0) { 1532 if (errno == ENOENT || quiet) 1533 return 0; 1534 option_error("Couldn't stat %s: %m", cp); 1535 return -1; 1536 } 1537 1538 (void) strlcpy(devnam, cp, PATH_MAX); 1539 default_device = FALSE; 1540 devnam_info.priv = privileged_option; 1541 devnam_info.source = option_source; 1542 1543 return 1; 1544 } 1545 1546 1547 /* 1548 * setipaddr - Set the IP address 1549 */ 1550 static int 1551 setipaddr(char *arg) 1552 { 1553 struct hostent *hp; 1554 char *colon; 1555 struct in_addr ina; 1556 u_int32_t local, remote; 1557 ipcp_options *wo = &ipcp_wantoptions[0]; 1558 1559 /* 1560 * IP address pair separated by ":". 1561 */ 1562 if ((colon = strchr(arg, ':')) == NULL) 1563 return 0; 1564 1565 /* 1566 * If colon first character, then no local addr. 1567 */ 1568 if (colon != arg) { 1569 *colon = '\0'; 1570 if (inet_pton(AF_INET, arg, &ina) != 1) { 1571 if ((hp = gethostbyname(arg)) == NULL) { 1572 option_error("unknown host: %s", arg); 1573 return -1; 1574 } else { 1575 local = *(u_int32_t *)hp->h_addr; 1576 if (our_name[0] == 0) 1577 strlcpy(our_name, arg, MAXNAMELEN); 1578 } 1579 } else 1580 local = ina.s_addr; 1581 if (bad_ip_adrs(local)) { 1582 option_error("bad local IP address %s", ip_ntoa(local)); 1583 return -1; 1584 } 1585 if (local != 0) 1586 wo->ouraddr = local; 1587 *colon = ':'; 1588 } 1589 1590 /* 1591 * If colon last character, then no remote addr. 1592 */ 1593 if (*++colon != '\0') { 1594 if (inet_pton(AF_INET, colon, &ina) != 1) { 1595 if ((hp = gethostbyname(colon)) == NULL) { 1596 option_error("unknown host: %s", colon); 1597 return -1; 1598 } else { 1599 remote = *(u_int32_t *)hp->h_addr; 1600 if (remote_name[0] == 0) 1601 strlcpy(remote_name, colon, MAXNAMELEN); 1602 } 1603 } else 1604 remote = ina.s_addr; 1605 if (bad_ip_adrs(remote)) { 1606 option_error("bad remote IP address %s", ip_ntoa(remote)); 1607 return -1; 1608 } 1609 if (remote != 0) 1610 wo->hisaddr = remote; 1611 } 1612 1613 return 1; 1614 } 1615 1616 1617 /* 1618 * setnoipdflt - disable setipdefault() 1619 */ 1620 static int 1621 setnoipdflt(char **argv) 1622 { 1623 disable_defaultip = 1; 1624 return 1; 1625 } 1626 1627 1628 /* 1629 * setipcpaccl - accept peer's idea of our address 1630 */ 1631 static int 1632 setipcpaccl(char **argv) 1633 { 1634 ipcp_wantoptions[0].accept_local = 1; 1635 return 1; 1636 } 1637 1638 1639 /* 1640 * setipcpaccr - accept peer's idea of its address 1641 */ 1642 static int 1643 setipcpaccr(char **argv) 1644 { 1645 ipcp_wantoptions[0].accept_remote = 1; 1646 return 1; 1647 } 1648 1649 1650 /* 1651 * setnetmask - set the netmask to be used on the interface. 1652 */ 1653 static int 1654 setnetmask(char **argv) 1655 { 1656 struct in_addr ina; 1657 1658 if (inet_pton(AF_INET, *argv, &ina) != 1 || (netmask & ~ina.s_addr) != 0) { 1659 option_error("invalid netmask value '%s'", *argv); 1660 return (0); 1661 } 1662 1663 netmask = ina.s_addr; 1664 return (1); 1665 } 1666 1667 static int 1668 setcrtscts(char **argv) 1669 { 1670 crtscts = 1; 1671 return (1); 1672 } 1673 1674 static int 1675 setnocrtscts(char **argv) 1676 { 1677 crtscts = -1; 1678 return (1); 1679 } 1680 1681 static int 1682 setxonxoff(char **argv) 1683 { 1684 lcp_wantoptions[0].asyncmap |= 0x000A0000; /* escape ^S and ^Q */ 1685 lcp_wantoptions[0].neg_asyncmap = 1; 1686 1687 crtscts = -2; 1688 return (1); 1689 } 1690 1691 static int 1692 setnodetach(char **argv) 1693 { 1694 nodetach = 1; 1695 return (1); 1696 } 1697 1698 static int 1699 setupdetach(char **argv) 1700 { 1701 nodetach = -1; 1702 return (1); 1703 } 1704 1705 static int 1706 setdemand(char **argv) 1707 { 1708 demand = 1; 1709 persist = 1; 1710 return 1; 1711 } 1712 1713 static int 1714 setmodem(char **argv) 1715 { 1716 modem = 1; 1717 return 1; 1718 } 1719 1720 static int 1721 setmodem_chat(char **argv) 1722 { 1723 modem_chat = 1; 1724 return 1; 1725 } 1726 1727 static int 1728 setlocal(char **argv) 1729 { 1730 modem = 0; 1731 return 1; 1732 } 1733 1734 static int 1735 setlock(char **argv) 1736 { 1737 lockflag = 1; 1738 return 1; 1739 } 1740 1741 static int 1742 setusehostname(char **argv) 1743 { 1744 usehostname = 1; 1745 return 1; 1746 } 1747 1748 static int 1749 setname(char **argv) 1750 { 1751 if (!privileged_option) { 1752 option_error("using the name option requires root privilege"); 1753 return 0; 1754 } 1755 strlcpy(our_name, argv[0], MAXNAMELEN); 1756 return 1; 1757 } 1758 1759 static int 1760 setuser(char **argv) 1761 { 1762 strlcpy(user, argv[0], MAXNAMELEN); 1763 return 1; 1764 } 1765 1766 static int 1767 setremote(char **argv) 1768 { 1769 strlcpy(remote_name, argv[0], MAXNAMELEN); 1770 return 1; 1771 } 1772 1773 static int 1774 setauth(char **argv) 1775 { 1776 auth_required = 1; 1777 if (privileged_option > auth_req_info.priv) { 1778 auth_req_info.priv = privileged_option; 1779 auth_req_info.source = option_source; 1780 } 1781 return 1; 1782 } 1783 1784 static int 1785 setnoauth(char **argv) 1786 { 1787 if (auth_required && privileged_option < auth_req_info.priv) { 1788 if (auth_req_info.source == NULL) 1789 option_error("cannot override default auth option"); 1790 else 1791 option_error("cannot override auth option set by %s", 1792 auth_req_info.source); 1793 return 0; 1794 } 1795 auth_required = 0; 1796 return 1; 1797 } 1798 1799 static int 1800 setdefaultroute(char **argv) 1801 { 1802 if (!ipcp_allowoptions[0].default_route) { 1803 option_error("defaultroute option is disabled"); 1804 return 0; 1805 } 1806 ipcp_wantoptions[0].default_route = 1; 1807 return 1; 1808 } 1809 1810 static int 1811 setnodefaultroute(char **argv) 1812 { 1813 ipcp_allowoptions[0].default_route = 0; 1814 ipcp_wantoptions[0].default_route = 0; 1815 return 1; 1816 } 1817 1818 static int 1819 setproxyarp(char **argv) 1820 { 1821 if (!ipcp_allowoptions[0].proxy_arp) { 1822 option_error("proxyarp option is disabled"); 1823 return 0; 1824 } 1825 ipcp_wantoptions[0].proxy_arp = 1; 1826 return 1; 1827 } 1828 1829 static int 1830 setnoproxyarp(char **argv) 1831 { 1832 ipcp_wantoptions[0].proxy_arp = 0; 1833 ipcp_allowoptions[0].proxy_arp = 0; 1834 return 1; 1835 } 1836 1837 static int 1838 setpersist(char **argv) 1839 { 1840 persist = 1; 1841 return 1; 1842 } 1843 1844 static int 1845 setnopersist(char **argv) 1846 { 1847 persist = 0; 1848 return 1; 1849 } 1850 1851 static int 1852 setdologin(char **argv) 1853 { 1854 uselogin = 1; 1855 return 1; 1856 } 1857 1858 /* 1859 * Functions to set the echo interval for modem-less monitors 1860 */ 1861 1862 static int 1863 setlcpechointv(char **argv) 1864 { 1865 return int_option(*argv, &lcp_echo_interval); 1866 } 1867 1868 static int 1869 setlcpechofails(char **argv) 1870 { 1871 return int_option(*argv, &lcp_echo_fails); 1872 } 1873 1874 /* 1875 * Functions to set timeouts, max transmits, etc. 1876 */ 1877 static int 1878 setlcptimeout(char **argv) 1879 { 1880 return int_option(*argv, &lcp_fsm[0].timeouttime); 1881 } 1882 1883 static int 1884 setlcpterm(char **argv) 1885 { 1886 return int_option(*argv, &lcp_fsm[0].maxtermtransmits); 1887 } 1888 1889 static int 1890 setlcpconf(char **argv) 1891 { 1892 return int_option(*argv, &lcp_fsm[0].maxconfreqtransmits); 1893 } 1894 1895 static int 1896 setlcpfails(char **argv) 1897 { 1898 return int_option(*argv, &lcp_fsm[0].maxnakloops); 1899 } 1900 1901 static int 1902 setipcptimeout(char **argv) 1903 { 1904 return int_option(*argv, &ipcp_fsm[0].timeouttime); 1905 } 1906 1907 static int 1908 setipcpterm(char **argv) 1909 { 1910 return int_option(*argv, &ipcp_fsm[0].maxtermtransmits); 1911 } 1912 1913 static int 1914 setipcpconf(char **argv) 1915 { 1916 return int_option(*argv, &ipcp_fsm[0].maxconfreqtransmits); 1917 } 1918 1919 static int 1920 setipcpfails(char **argv) 1921 { 1922 return int_option(*argv, &lcp_fsm[0].maxnakloops); 1923 } 1924 1925 static int 1926 setpaptimeout(char **argv) 1927 { 1928 return int_option(*argv, &upap[0].us_timeouttime); 1929 } 1930 1931 static int 1932 setpapreqtime(char **argv) 1933 { 1934 return int_option(*argv, &upap[0].us_reqtimeout); 1935 } 1936 1937 static int 1938 setpapreqs(char **argv) 1939 { 1940 return int_option(*argv, &upap[0].us_maxtransmits); 1941 } 1942 1943 static int 1944 setchaptimeout(char **argv) 1945 { 1946 return int_option(*argv, &chap[0].timeouttime); 1947 } 1948 1949 static int 1950 setchapchal(char **argv) 1951 { 1952 return int_option(*argv, &chap[0].max_transmits); 1953 } 1954 1955 static int 1956 setchapintv(char **argv) 1957 { 1958 return int_option(*argv, &chap[0].chal_interval); 1959 } 1960 1961 static int 1962 noccp(char **argv) 1963 { 1964 ccp_protent.enabled_flag = 0; 1965 return 1; 1966 } 1967 1968 static int 1969 setbsdcomp(char **argv) 1970 { 1971 int rbits, abits; 1972 char *str, *endp; 1973 1974 str = *argv; 1975 abits = rbits = strtol(str, &endp, 0); 1976 if (endp != str && *endp == ',') { 1977 str = endp + 1; 1978 abits = strtol(str, &endp, 0); 1979 } 1980 if (*endp != 0 || endp == str) { 1981 option_error("invalid parameter '%s' for bsdcomp option", *argv); 1982 return 0; 1983 } 1984 if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS)) 1985 || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) { 1986 option_error("bsdcomp option values must be 0 or %d .. %d", 1987 BSD_MIN_BITS, BSD_MAX_BITS); 1988 return 0; 1989 } 1990 if (rbits > 0) { 1991 ccp_wantoptions[0].bsd_compress = 1; 1992 ccp_wantoptions[0].bsd_bits = rbits; 1993 } else 1994 ccp_wantoptions[0].bsd_compress = 0; 1995 if (abits > 0) { 1996 ccp_allowoptions[0].bsd_compress = 1; 1997 ccp_allowoptions[0].bsd_bits = abits; 1998 } else 1999 ccp_allowoptions[0].bsd_compress = 0; 2000 return 1; 2001 } 2002 2003 static int 2004 setnobsdcomp(char **argv) 2005 { 2006 ccp_wantoptions[0].bsd_compress = 0; 2007 ccp_allowoptions[0].bsd_compress = 0; 2008 return 1; 2009 } 2010 2011 static int 2012 setdeflate(char **argv) 2013 { 2014 int rbits, abits; 2015 char *str, *endp; 2016 2017 str = *argv; 2018 abits = rbits = strtol(str, &endp, 0); 2019 if (endp != str && *endp == ',') { 2020 str = endp + 1; 2021 abits = strtol(str, &endp, 0); 2022 } 2023 if (*endp != 0 || endp == str) { 2024 option_error("invalid parameter '%s' for deflate option", *argv); 2025 return 0; 2026 } 2027 if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE)) 2028 || (abits != 0 && (abits < DEFLATE_MIN_SIZE 2029 || abits > DEFLATE_MAX_SIZE))) { 2030 option_error("deflate option values must be 0 or %d .. %d", 2031 DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE); 2032 return 0; 2033 } 2034 if (rbits > 0) { 2035 ccp_wantoptions[0].deflate = 1; 2036 ccp_wantoptions[0].deflate_size = rbits; 2037 } else 2038 ccp_wantoptions[0].deflate = 0; 2039 if (abits > 0) { 2040 ccp_allowoptions[0].deflate = 1; 2041 ccp_allowoptions[0].deflate_size = abits; 2042 } else 2043 ccp_allowoptions[0].deflate = 0; 2044 return 1; 2045 } 2046 2047 static int 2048 setnodeflate(char **argv) 2049 { 2050 ccp_wantoptions[0].deflate = 0; 2051 ccp_allowoptions[0].deflate = 0; 2052 return 1; 2053 } 2054 2055 static int 2056 setnodeflatedraft(char **argv) 2057 { 2058 ccp_wantoptions[0].deflate_draft = 0; 2059 ccp_allowoptions[0].deflate_draft = 0; 2060 return 1; 2061 } 2062 2063 static int 2064 setpred1comp(char **argv) 2065 { 2066 ccp_wantoptions[0].predictor_1 = 1; 2067 ccp_allowoptions[0].predictor_1 = 1; 2068 return 1; 2069 } 2070 2071 static int 2072 setnopred1comp(char **argv) 2073 { 2074 ccp_wantoptions[0].predictor_1 = 0; 2075 ccp_allowoptions[0].predictor_1 = 0; 2076 return 1; 2077 } 2078 2079 static int 2080 setipparam(char **argv) 2081 { 2082 ipparam = strdup(*argv); 2083 if (ipparam == NULL) 2084 novm("ipparam string"); 2085 2086 return 1; 2087 } 2088 2089 static int 2090 setpapcrypt(char **argv) 2091 { 2092 cryptpap = 1; 2093 return 1; 2094 } 2095 2096 static int 2097 setidle(char **argv) 2098 { 2099 return int_option(*argv, &idle_time_limit); 2100 } 2101 2102 static int 2103 setholdoff(char **argv) 2104 { 2105 return int_option(*argv, &holdoff); 2106 } 2107 2108 /* 2109 * setdnsaddr - set the dns address(es) 2110 */ 2111 static int 2112 setdnsaddr(char **argv) 2113 { 2114 struct in_addr ina; 2115 struct hostent *hp; 2116 2117 if (inet_pton(AF_INET, *argv, &ina) != 1) { 2118 if ((hp = gethostbyname(*argv)) == NULL) { 2119 option_error("invalid address parameter '%s' for ms-dns option", 2120 *argv); 2121 return (0); 2122 } 2123 ina.s_addr = *(u_int32_t *)hp->h_addr; 2124 } 2125 2126 /* if there is no primary then update it. */ 2127 if (ipcp_allowoptions[0].dnsaddr[0] == 0) 2128 ipcp_allowoptions[0].dnsaddr[0] = ina.s_addr; 2129 2130 /* always set the secondary address value to the same value. */ 2131 ipcp_allowoptions[0].dnsaddr[1] = ina.s_addr; 2132 2133 return (1); 2134 } 2135 2136 /* 2137 * setwinsaddr - set the wins address(es) 2138 * This is primrarly used with the Samba package under UNIX or for pointing 2139 * the caller to the existing WINS server on a Windows NT platform. 2140 */ 2141 static int 2142 setwinsaddr(char **argv) 2143 { 2144 struct in_addr ina; 2145 struct hostent *hp; 2146 2147 if (inet_pton(AF_INET, *argv, &ina) != 1) { 2148 if ((hp = gethostbyname(*argv)) == NULL) { 2149 option_error("invalid address parameter '%s' for ms-wins option", 2150 *argv); 2151 return (0); 2152 } 2153 ina.s_addr = *(u_int32_t *)hp->h_addr; 2154 } 2155 2156 /* if there is no primary then update it. */ 2157 if (ipcp_allowoptions[0].winsaddr[0] == 0) 2158 ipcp_allowoptions[0].winsaddr[0] = ina.s_addr; 2159 2160 /* always set the secondary address value to the same value. */ 2161 ipcp_allowoptions[0].winsaddr[1] = ina.s_addr; 2162 2163 return (1); 2164 } 2165 2166 #ifdef MSLANMAN 2167 static int 2168 setmslanman(char **argv) 2169 { 2170 ms_lanman = 1; 2171 return (1); 2172 } 2173 #endif 2174