1 /* $OpenBSD: options.c,v 1.24 2009/10/27 23:59:53 deraadt Exp $ */ 2 3 /* 4 * options.c - handles option processing for PPP. 5 * 6 * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. The name "Carnegie Mellon University" must not be used to 21 * endorse or promote products derived from this software without 22 * prior written permission. For permission or any legal 23 * details, please contact 24 * Office of Technology Transfer 25 * Carnegie Mellon University 26 * 5000 Forbes Avenue 27 * Pittsburgh, PA 15213-3890 28 * (412) 268-4387, fax: (412) 268-7395 29 * tech-transfer@andrew.cmu.edu 30 * 31 * 4. Redistributions of any form whatsoever must retain the following 32 * acknowledgment: 33 * "This product includes software developed by Computing Services 34 * at Carnegie Mellon University (http://www.cmu.edu/computing/)." 35 * 36 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO 37 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 38 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE 39 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 40 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 41 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 42 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 43 */ 44 45 #include <ctype.h> 46 #include <stdio.h> 47 #include <errno.h> 48 #include <unistd.h> 49 #include <limits.h> 50 #include <stdlib.h> 51 #include <termios.h> 52 #include <syslog.h> 53 #include <string.h> 54 #include <netdb.h> 55 #include <pwd.h> 56 #include <sys/types.h> 57 #include <sys/stat.h> 58 #include <netinet/in.h> 59 #include <arpa/inet.h> 60 #ifdef PPP_FILTER 61 #include <pcap.h> 62 #include <pcap-int.h> /* XXX: To get struct pcap */ 63 #endif 64 65 #include "pppd.h" 66 #include "pathnames.h" 67 #include "patchlevel.h" 68 #include "fsm.h" 69 #include "lcp.h" 70 #include "ipcp.h" 71 #include "upap.h" 72 #include "chap.h" 73 #include "ccp.h" 74 #ifdef CBCP_SUPPORT 75 #include "cbcp.h" 76 #endif 77 78 #include <net/ppp-comp.h> 79 80 #define FALSE 0 81 #define TRUE 1 82 83 #if defined(ultrix) || defined(NeXT) 84 char *strdup(char *); 85 #endif 86 87 #ifndef GIDSET_TYPE 88 #define GIDSET_TYPE gid_t 89 #endif 90 91 /* 92 * Option variables and default values. 93 */ 94 #ifdef PPP_FILTER 95 int dflag = 0; /* Tell libpcap we want debugging */ 96 #endif 97 int debug = 0; /* Debug flag */ 98 int kdebugflag = 0; /* Tell kernel to print debug messages */ 99 int default_device = 1; /* Using /dev/tty or equivalent */ 100 char devnam[MAXPATHLEN] = "/dev/tty"; /* Device name */ 101 int crtscts = 0; /* Use hardware flow control */ 102 int modem = 1; /* Use modem control lines */ 103 int modem_chat = 0; /* Use modem control lines during chat */ 104 int inspeed = 0; /* Input/Output speed requested */ 105 u_int32_t netmask = 0; /* IP netmask to set on interface */ 106 int lockflag = 0; /* Create lock file to lock the serial dev */ 107 int nodetach = 0; /* Don't detach from controlling tty */ 108 char *connector = NULL; /* Script to establish physical link */ 109 char *disconnector = NULL; /* Script to disestablish physical link */ 110 char *welcomer = NULL; /* Script to run after phys link estab. */ 111 int maxconnect = 0; /* Maximum connect time */ 112 char user[MAXNAMELEN]; /* Username for PAP */ 113 char passwd[MAXSECRETLEN]; /* Password for PAP */ 114 int auth_required = 0; /* Peer is required to authenticate */ 115 int defaultroute = 0; /* assign default route through interface */ 116 int proxyarp = 0; /* Set up proxy ARP entry for peer */ 117 int persist = 0; /* Reopen link after it goes down */ 118 int uselogin = 0; /* Use /etc/passwd for checking PAP */ 119 int lcp_echo_interval = 0; /* Interval between LCP echo-requests */ 120 int lcp_echo_fails = 0; /* Tolerance to unanswered echo-requests */ 121 char our_name[MAXNAMELEN]; /* Our name for authentication purposes */ 122 char remote_name[MAXNAMELEN]; /* Peer's name for authentication */ 123 int explicit_remote = 0; /* User specified explicit remote name */ 124 int usehostname = 0; /* Use hostname for our_name */ 125 int disable_defaultip = 0; /* Don't use hostname for default IP adrs */ 126 int demand = 0; /* do dial-on-demand */ 127 char *ipparam = NULL; /* Extra parameter for ip up/down scripts */ 128 int cryptpap; /* Passwords in pap-secrets are encrypted */ 129 int idle_time_limit = 0; /* Disconnect if idle for this many seconds */ 130 int holdoff = 30; /* # seconds to pause before reconnecting */ 131 int refuse_pap = 0; /* Set to say we won't do PAP */ 132 int refuse_chap = 0; /* Set to say we won't do CHAP */ 133 134 #ifdef MSLANMAN 135 int ms_lanman = 0; /* Nonzero if use LanMan password instead of NT */ 136 /* Has meaning only with MS-CHAP challenges */ 137 #endif 138 139 struct option_info auth_req_info; 140 struct option_info connector_info; 141 struct option_info disconnector_info; 142 struct option_info welcomer_info; 143 struct option_info devnam_info; 144 #ifdef PPP_FILTER 145 struct bpf_program pass_filter;/* Filter program for packets to pass */ 146 struct bpf_program active_filter; /* Filter program for link-active pkts */ 147 pcap_t pc; /* Fake struct pcap so we can compile expr */ 148 #endif 149 150 /* 151 * Prototypes 152 */ 153 static int setdevname(char *, int); 154 static int setipaddr(char *); 155 static int setspeed(char *); 156 static int setdebug(char **); 157 static int setkdebug(char **); 158 static int setpassive(char **); 159 static int setsilent(char **); 160 static int noopt(char **); 161 static int setnovj(char **); 162 static int setnovjccomp(char **); 163 static int setvjslots(char **); 164 static int reqpap(char **); 165 static int nopap(char **); 166 static int nochap(char **); 167 static int reqchap(char **); 168 static int noaccomp(char **); 169 static int noasyncmap(char **); 170 static int noip(char **); 171 static int nomagicnumber(char **); 172 static int setasyncmap(char **); 173 static int setescape(char **); 174 static int setmru(char **); 175 static int setmtu(char **); 176 #ifdef CBCP_SUPPORT 177 static int setcbcp(char **); 178 #endif 179 static int nomru(char **); 180 static int nopcomp(char **); 181 static int setconnector(char **); 182 static int setdisconnector(char **); 183 static int setwelcomer(char **); 184 static int setmaxconnect(char **); 185 static int setdomain(char **); 186 static int setnetmask(char **); 187 static int setcrtscts(char **); 188 static int setnocrtscts(char **); 189 static int setxonxoff(char **); 190 static int setnodetach(char **); 191 static int setupdetach(char **); 192 static int setmodem(char **); 193 static int setmodem_chat(char **); 194 static int setlocal(char **); 195 static int setlock(char **); 196 static int setname(char **); 197 static int setuser(char **); 198 static int setremote(char **); 199 static int setauth(char **); 200 static int setnoauth(char **); 201 static int readfile(char **); 202 static int callfile(char **); 203 static int setdefaultroute(char **); 204 static int setnodefaultroute(char **); 205 static int setproxyarp(char **); 206 static int setnoproxyarp(char **); 207 static int setpersist(char **); 208 static int setnopersist(char **); 209 static int setdologin(char **); 210 static int setusehostname(char **); 211 static int setnoipdflt(char **); 212 static int setlcptimeout(char **); 213 static int setlcpterm(char **); 214 static int setlcpconf(char **); 215 static int setlcpfails(char **); 216 static int setipcptimeout(char **); 217 static int setipcpterm(char **); 218 static int setipcpconf(char **); 219 static int setipcpfails(char **); 220 static int setpaptimeout(char **); 221 static int setpapreqs(char **); 222 static int setpapreqtime(char **); 223 static int setchaptimeout(char **); 224 static int setchapchal(char **); 225 static int setchapintv(char **); 226 static int setipcpaccl(char **); 227 static int setipcpaccr(char **); 228 static int setlcpechointv(char **); 229 static int setlcpechofails(char **); 230 static int noccp(char **); 231 static int setbsdcomp(char **); 232 static int setnobsdcomp(char **); 233 static int setdeflate(char **); 234 static int setnodeflate(char **); 235 static int setnodeflatedraft(char **); 236 static int setdemand(char **); 237 static int setpred1comp(char **); 238 static int setnopred1comp(char **); 239 static int setipparam(char **); 240 static int setpapcrypt(char **); 241 static int setidle(char **); 242 static int setholdoff(char **); 243 static int setdnsaddr(char **); 244 static int setwinsaddr(char **); 245 static int showversion(char **); 246 static int showhelp(char **); 247 248 #ifdef PPP_FILTER 249 static int setpdebug(char **); 250 static int setpassfilter(char **); 251 static int setactivefilter(char **); 252 #endif 253 254 #ifdef MSLANMAN 255 static int setmslanman(char **); 256 #endif 257 258 static int number_option(char *, u_int32_t *, int); 259 static int int_option(char *, int *); 260 static int readable(int fd); 261 262 /* 263 * Valid arguments. 264 */ 265 static struct cmd { 266 char *cmd_name; 267 int num_args; 268 int (*cmd_func)(char **); 269 } cmds[] = { 270 {"-all", 0, noopt}, /* Don't request/allow any options (useless) */ 271 {"noaccomp", 0, noaccomp}, /* Disable Address/Control compression */ 272 {"-ac", 0, noaccomp}, /* Disable Address/Control compress */ 273 {"default-asyncmap", 0, noasyncmap}, /* Disable asyncmap negoatiation */ 274 {"-am", 0, noasyncmap}, /* Disable asyncmap negotiation */ 275 {"-as", 1, setasyncmap}, /* set the desired async map */ 276 {"-d", 0, setdebug}, /* Increase debugging level */ 277 {"nodetach", 0, setnodetach}, /* Don't detach from controlling tty */ 278 {"-detach", 0, setnodetach}, /* don't fork */ 279 {"updetach", 0, setupdetach}, /* Detach once an NP has come up */ 280 {"noip", 0, noip}, /* Disable IP and IPCP */ 281 {"-ip", 0, noip}, /* Disable IP and IPCP */ 282 {"nomagic", 0, nomagicnumber}, /* Disable magic number negotiation */ 283 {"-mn", 0, nomagicnumber}, /* Disable magic number negotiation */ 284 {"default-mru", 0, nomru}, /* Disable MRU negotiation */ 285 {"-mru", 0, nomru}, /* Disable mru negotiation */ 286 {"-p", 0, setpassive}, /* Set passive mode */ 287 {"nopcomp", 0, nopcomp}, /* Disable protocol field compression */ 288 {"-pc", 0, nopcomp}, /* Disable protocol field compress */ 289 {"require-pap", 0, reqpap}, /* Require PAP authentication from peer */ 290 {"+pap", 0, reqpap}, /* Require PAP auth from peer */ 291 {"refuse-pap", 0, nopap}, /* Don't agree to auth to peer with PAP */ 292 {"-pap", 0, nopap}, /* Don't allow UPAP authentication with peer */ 293 {"require-chap", 0, reqchap}, /* Require CHAP authentication from peer */ 294 {"+chap", 0, reqchap}, /* Require CHAP authentication from peer */ 295 {"refuse-chap", 0, nochap}, /* Don't agree to auth to peer with CHAP */ 296 {"-chap", 0, nochap}, /* Don't allow CHAP authentication with peer */ 297 {"novj", 0, setnovj}, /* Disable VJ compression */ 298 {"-vj", 0, setnovj}, /* disable VJ compression */ 299 {"novjccomp", 0, setnovjccomp}, /* disable VJ connection-ID compression */ 300 {"-vjccomp", 0, setnovjccomp}, /* disable VJ connection-ID compression */ 301 {"vj-max-slots", 1, setvjslots}, /* Set maximum VJ header slots */ 302 {"asyncmap", 1, setasyncmap}, /* set the desired async map */ 303 {"escape", 1, setescape}, /* set chars to escape on transmission */ 304 {"connect", 1, setconnector}, /* A program to set up a connection */ 305 {"disconnect", 1, setdisconnector}, /* program to disconnect serial dev. */ 306 {"welcome", 1, setwelcomer},/* Script to welcome client */ 307 {"maxconnect", 1, setmaxconnect}, /* specify a maximum connect time */ 308 {"crtscts", 0, setcrtscts}, /* set h/w flow control */ 309 {"nocrtscts", 0, setnocrtscts}, /* clear h/w flow control */ 310 {"-crtscts", 0, setnocrtscts}, /* clear h/w flow control */ 311 {"xonxoff", 0, setxonxoff}, /* set s/w flow control */ 312 {"debug", 0, setdebug}, /* Increase debugging level */ 313 {"kdebug", 1, setkdebug}, /* Enable kernel-level debugging */ 314 {"domain", 1, setdomain}, /* Add given domain name to hostname*/ 315 {"mru", 1, setmru}, /* Set MRU value for negotiation */ 316 {"mtu", 1, setmtu}, /* Set our MTU */ 317 #ifdef CBCP_SUPPORT 318 {"callback", 1, setcbcp}, /* Ask for callback */ 319 #endif 320 {"netmask", 1, setnetmask}, /* set netmask */ 321 {"passive", 0, setpassive}, /* Set passive mode */ 322 {"silent", 0, setsilent}, /* Set silent mode */ 323 {"modem", 0, setmodem}, /* Use modem control lines */ 324 {"modem_chat", 0, setmodem_chat}, /* Use modem control lines during chat */ 325 {"local", 0, setlocal}, /* Don't use modem control lines */ 326 {"lock", 0, setlock}, /* Lock serial device (with lock file) */ 327 {"name", 1, setname}, /* Set local name for authentication */ 328 {"user", 1, setuser}, /* Set name for auth with peer */ 329 {"usehostname", 0, setusehostname}, /* Must use hostname for auth. */ 330 {"remotename", 1, setremote}, /* Set remote name for authentication */ 331 {"auth", 0, setauth}, /* Require authentication from peer */ 332 {"noauth", 0, setnoauth}, /* Don't require peer to authenticate */ 333 {"file", 1, readfile}, /* Take options from a file */ 334 {"call", 1, callfile}, /* Take options from a privileged file */ 335 {"defaultroute", 0, setdefaultroute}, /* Add default route */ 336 {"nodefaultroute", 0, setnodefaultroute}, /* disable defaultroute option */ 337 {"-defaultroute", 0, setnodefaultroute}, /* disable defaultroute option */ 338 {"proxyarp", 0, setproxyarp}, /* Add proxy ARP entry */ 339 {"noproxyarp", 0, setnoproxyarp}, /* disable proxyarp option */ 340 {"-proxyarp", 0, setnoproxyarp}, /* disable proxyarp option */ 341 {"persist", 0, setpersist}, /* Keep on reopening connection after close */ 342 {"nopersist", 0, setnopersist}, /* Turn off persist option */ 343 {"demand", 0, setdemand}, /* Dial on demand */ 344 {"login", 0, setdologin}, /* Use system password database for UPAP */ 345 {"noipdefault", 0, setnoipdflt}, /* Don't use name for default IP adrs */ 346 {"lcp-echo-failure", 1, setlcpechofails}, /* consecutive echo failures */ 347 {"lcp-echo-interval", 1, setlcpechointv}, /* time for lcp echo events */ 348 {"lcp-restart", 1, setlcptimeout}, /* Set timeout for LCP */ 349 {"lcp-max-terminate", 1, setlcpterm}, /* Set max #xmits for term-reqs */ 350 {"lcp-max-configure", 1, setlcpconf}, /* Set max #xmits for conf-reqs */ 351 {"lcp-max-failure", 1, setlcpfails}, /* Set max #conf-naks for LCP */ 352 {"ipcp-restart", 1, setipcptimeout}, /* Set timeout for IPCP */ 353 {"ipcp-max-terminate", 1, setipcpterm}, /* Set max #xmits for term-reqs */ 354 {"ipcp-max-configure", 1, setipcpconf}, /* Set max #xmits for conf-reqs */ 355 {"ipcp-max-failure", 1, setipcpfails}, /* Set max #conf-naks for IPCP */ 356 {"pap-restart", 1, setpaptimeout}, /* Set retransmit timeout for PAP */ 357 {"pap-max-authreq", 1, setpapreqs}, /* Set max #xmits for auth-reqs */ 358 {"pap-timeout", 1, setpapreqtime}, /* Set time limit for peer PAP auth. */ 359 {"chap-restart", 1, setchaptimeout}, /* Set timeout for CHAP */ 360 {"chap-max-challenge", 1, setchapchal}, /* Set max #xmits for challenge */ 361 {"chap-interval", 1, setchapintv}, /* Set interval for rechallenge */ 362 {"ipcp-accept-local", 0, setipcpaccl}, /* Accept peer's address for us */ 363 {"ipcp-accept-remote", 0, setipcpaccr}, /* Accept peer's address for it */ 364 {"noccp", 0, noccp}, /* Disable CCP negotiation */ 365 {"-ccp", 0, noccp}, /* Disable CCP negotiation */ 366 {"bsdcomp", 1, setbsdcomp}, /* request BSD-Compress */ 367 {"nobsdcomp", 0, setnobsdcomp}, /* don't allow BSD-Compress */ 368 {"-bsdcomp", 0, setnobsdcomp}, /* don't allow BSD-Compress */ 369 {"deflate", 1, setdeflate}, /* request Deflate compression */ 370 {"nodeflate", 0, setnodeflate}, /* don't allow Deflate compression */ 371 {"-deflate", 0, setnodeflate}, /* don't allow Deflate compression */ 372 {"nodeflatedraft", 0, setnodeflatedraft}, /* don't use draft deflate # */ 373 {"predictor1", 0, setpred1comp}, /* request Predictor-1 */ 374 {"nopredictor1", 0, setnopred1comp},/* don't allow Predictor-1 */ 375 {"-predictor1", 0, setnopred1comp}, /* don't allow Predictor-1 */ 376 {"ipparam", 1, setipparam}, /* set ip script parameter */ 377 {"papcrypt", 0, setpapcrypt}, /* PAP passwords encrypted */ 378 {"idle", 1, setidle}, /* idle time limit (seconds) */ 379 {"holdoff", 1, setholdoff}, /* set holdoff time (seconds) */ 380 {"ms-dns", 1, setdnsaddr}, /* DNS address for the peer's use */ 381 {"ms-wins", 1, setwinsaddr}, /* Nameserver for SMB over TCP/IP for peer */ 382 {"--version", 0, showversion}, /* Show version number */ 383 {"--help", 0, showhelp}, /* Show brief listing of options */ 384 {"-h", 0, showhelp}, /* ditto */ 385 386 #ifdef PPP_FILTER 387 {"pdebug", 1, setpdebug}, /* libpcap debugging */ 388 {"pass-filter", 1, setpassfilter}, /* set filter for packets to pass */ 389 {"active-filter", 1, setactivefilter}, /* set filter for active pkts */ 390 #endif 391 392 #ifdef MSLANMAN 393 {"ms-lanman", 0, setmslanman}, /* Use LanMan psswd when using MS-CHAP */ 394 #endif 395 396 {NULL, 0, NULL} 397 }; 398 399 400 #ifndef IMPLEMENTATION 401 #define IMPLEMENTATION "" 402 #endif 403 404 static char *usage_string = "\ 405 pppd version %s patch level %d%s\n\ 406 Usage: %s [ options ], where options are:\n\ 407 <device> Communicate over the named device\n\ 408 <speed> Set the baud rate to <speed>\n\ 409 <loc>:<rem> Set the local and/or remote interface IP\n\ 410 addresses. Either one may be omitted.\n\ 411 asyncmap <n> Set the desired async map to hex <n>\n\ 412 auth Require authentication from peer\n\ 413 connect <p> Invoke shell command <p> to set up the serial line\n\ 414 crtscts Use hardware RTS/CTS flow control\n\ 415 defaultroute Add default route through interface\n\ 416 file <f> Take options from file <f>\n\ 417 modem Use modem control lines\n\ 418 modem_chat Use modem control lines during chat\n\ 419 mru <n> Set MRU value to <n> for negotiation\n\ 420 netmask <n> Set interface netmask to <n>\n\ 421 See pppd(8) for more options.\n\ 422 "; 423 424 static char *current_option; /* the name of the option being parsed */ 425 static int privileged_option; /* set iff the current option came from root */ 426 static char *option_source; /* string saying where the option came from */ 427 428 /* 429 * parse_args - parse a string of arguments from the command line. 430 */ 431 int 432 parse_args(argc, argv) 433 int argc; 434 char **argv; 435 { 436 char *arg; 437 struct cmd *cmdp; 438 int ret; 439 440 privileged_option = privileged; 441 option_source = "command line"; 442 while (argc > 0) { 443 arg = *argv++; 444 --argc; 445 446 /* 447 * First see if it's a command. 448 */ 449 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 450 if (!strcmp(arg, cmdp->cmd_name)) 451 break; 452 453 if (cmdp->cmd_name != NULL) { 454 if (argc < cmdp->num_args) { 455 option_error("too few parameters for option %s", arg); 456 return 0; 457 } 458 current_option = arg; 459 if (!(*cmdp->cmd_func)(argv)) 460 return 0; 461 argc -= cmdp->num_args; 462 argv += cmdp->num_args; 463 464 } else { 465 /* 466 * Maybe a tty name, speed or IP address? 467 */ 468 if ((ret = setdevname(arg, 0)) == 0 469 && (ret = setspeed(arg)) == 0 470 && (ret = setipaddr(arg)) == 0) { 471 option_error("unrecognized option '%s'", arg); 472 usage(); 473 return 0; 474 } 475 if (ret < 0) /* error */ 476 return 0; 477 } 478 } 479 return 1; 480 } 481 482 /* 483 * scan_args - scan the command line arguments to get the tty name, 484 * if specified. 485 */ 486 void 487 scan_args(argc, argv) 488 int argc; 489 char **argv; 490 { 491 char *arg; 492 struct cmd *cmdp; 493 494 while (argc > 0) { 495 arg = *argv++; 496 --argc; 497 498 /* Skip options and their arguments */ 499 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 500 if (!strcmp(arg, cmdp->cmd_name)) 501 break; 502 503 if (cmdp->cmd_name != NULL) { 504 argc -= cmdp->num_args; 505 argv += cmdp->num_args; 506 continue; 507 } 508 509 /* Check if it's a tty name and copy it if so */ 510 (void) setdevname(arg, 1); 511 } 512 } 513 514 /* 515 * usage - print out a message telling how to use the program. 516 */ 517 void 518 usage() 519 { 520 if (phase == PHASE_INITIALIZE) 521 fprintf(stderr, usage_string, VERSION, PATCHLEVEL, IMPLEMENTATION, 522 progname); 523 } 524 525 /* 526 * showhelp - print out usage message and exit. 527 */ 528 static int 529 showhelp(argv) 530 char **argv; 531 { 532 if (phase == PHASE_INITIALIZE) { 533 usage(); 534 exit(0); 535 } 536 return 0; 537 } 538 539 /* 540 * showversion - print out the version number and exit. 541 */ 542 static int 543 showversion(argv) 544 char **argv; 545 { 546 if (phase == PHASE_INITIALIZE) { 547 fprintf(stderr, "pppd version %s patch level %d%s\n", 548 VERSION, PATCHLEVEL, IMPLEMENTATION); 549 exit(0); 550 } 551 return 0; 552 } 553 554 /* 555 * options_from_file - Read a string of options from a file, 556 * and interpret them. 557 */ 558 int 559 options_from_file(filename, must_exist, check_prot, priv) 560 char *filename; 561 int must_exist; 562 int check_prot; 563 int priv; 564 { 565 FILE *f; 566 int i, newline, ret; 567 struct cmd *cmdp; 568 int oldpriv; 569 char *argv[MAXARGS]; 570 char args[MAXARGS][MAXWORDLEN]; 571 char cmd[MAXWORDLEN]; 572 573 if ((f = fopen(filename, "r")) == NULL) { 574 if (!must_exist && errno == ENOENT) 575 return 1; 576 option_error("Can't open options file %s: %m", filename); 577 return 0; 578 } 579 if (check_prot && !readable(fileno(f))) { 580 option_error("Can't open options file %s: access denied", filename); 581 fclose(f); 582 return 0; 583 } 584 585 oldpriv = privileged_option; 586 privileged_option = priv; 587 ret = 0; 588 while (getword(f, cmd, &newline, filename)) { 589 /* 590 * First see if it's a command. 591 */ 592 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 593 if (!strcmp(cmd, cmdp->cmd_name)) 594 break; 595 596 if (cmdp->cmd_name != NULL) { 597 for (i = 0; i < cmdp->num_args; ++i) { 598 if (!getword(f, args[i], &newline, filename)) { 599 option_error( 600 "In file %s: too few parameters for option '%s'", 601 filename, cmd); 602 goto err; 603 } 604 argv[i] = args[i]; 605 } 606 current_option = cmd; 607 if (!(*cmdp->cmd_func)(argv)) 608 goto err; 609 610 } else { 611 /* 612 * Maybe a tty name, speed or IP address? 613 */ 614 if ((i = setdevname(cmd, 0)) == 0 615 && (i = setspeed(cmd)) == 0 616 && (i = setipaddr(cmd)) == 0) { 617 option_error("In file %s: unrecognized option '%s'", 618 filename, cmd); 619 goto err; 620 } 621 if (i < 0) /* error */ 622 goto err; 623 } 624 } 625 ret = 1; 626 627 err: 628 fclose(f); 629 privileged_option = oldpriv; 630 return ret; 631 } 632 633 /* 634 * options_from_user - See if the use has a ~/.ppprc file, 635 * and if so, interpret options from it. 636 */ 637 int 638 options_from_user() 639 { 640 char *user, *path, *file; 641 int ret; 642 struct passwd *pw; 643 644 pw = getpwuid(getuid()); 645 if (pw == NULL || (user = pw->pw_dir) == NULL || user[0] == 0) 646 return 1; 647 file = _PATH_USEROPT; 648 if (asprintf(&path, "%s/%s", user, file) == -1) 649 novm("init file name"); 650 ret = options_from_file(path, 0, 1, privileged); 651 free(path); 652 return ret; 653 } 654 655 /* 656 * options_for_tty - See if an options file exists for the serial 657 * device, and if so, interpret options from it. 658 */ 659 int 660 options_for_tty() 661 { 662 char *dev, *path; 663 int ret; 664 665 dev = devnam; 666 if (strncmp(dev, "/dev/", 5) == 0) 667 dev += 5; 668 if (strcmp(dev, "tty") == 0) 669 return 1; /* don't look for /etc/ppp/options.tty */ 670 if (asprintf(&path, "%s%s", _PATH_TTYOPT, dev) == -1) 671 novm("tty init file name"); 672 ret = options_from_file(path, 0, 0, 1); 673 free(path); 674 return ret; 675 } 676 677 /* 678 * option_error - print a message about an error in an option. 679 * The message is logged, and also sent to 680 * stderr if phase == PHASE_INITIALIZE. 681 */ 682 void 683 option_error(char *fmt, ...) 684 { 685 va_list args; 686 char buf[256]; 687 688 va_start(args, fmt); 689 vfmtmsg(buf, sizeof(buf), fmt, args); 690 va_end(args); 691 if (phase == PHASE_INITIALIZE) 692 fprintf(stderr, "%s: %s\n", progname, buf); 693 syslog(LOG_ERR, "%s", buf); 694 } 695 696 /* 697 * readable - check if a file is readable by the real user. 698 */ 699 static int 700 readable(fd) 701 int fd; 702 { 703 uid_t uid; 704 int ngroups, i; 705 struct stat sbuf; 706 GIDSET_TYPE groups[NGROUPS_MAX]; 707 708 uid = getuid(); 709 if (uid == 0) 710 return 1; 711 if (fstat(fd, &sbuf) != 0) 712 return 0; 713 if (sbuf.st_uid == uid) 714 return sbuf.st_mode & S_IRUSR; 715 if (sbuf.st_gid == getgid()) 716 return sbuf.st_mode & S_IRGRP; 717 ngroups = getgroups(NGROUPS_MAX, groups); 718 for (i = 0; i < ngroups; ++i) 719 if (sbuf.st_gid == groups[i]) 720 return sbuf.st_mode & S_IRGRP; 721 return sbuf.st_mode & S_IROTH; 722 } 723 724 /* 725 * Read a word from a file. 726 * Words are delimited by white-space or by quotes (" or '). 727 * Quotes, white-space and \ may be escaped with \. 728 * \<newline> is ignored. 729 */ 730 int 731 getword(f, word, newlinep, filename) 732 FILE *f; 733 char *word; 734 int *newlinep; 735 char *filename; 736 { 737 int c, len, escape; 738 int quoted, comment; 739 int value, digit, got, n; 740 741 #define isoctal(c) ((c) >= '0' && (c) < '8') 742 743 *newlinep = 0; 744 len = 0; 745 escape = 0; 746 comment = 0; 747 748 /* 749 * First skip white-space and comments. 750 */ 751 for (;;) { 752 c = getc(f); 753 if (c == EOF) 754 break; 755 756 /* 757 * A newline means the end of a comment; backslash-newline 758 * is ignored. Note that we cannot have escape && comment. 759 */ 760 if (c == '\n') { 761 if (!escape) { 762 *newlinep = 1; 763 comment = 0; 764 } else 765 escape = 0; 766 continue; 767 } 768 769 /* 770 * Ignore characters other than newline in a comment. 771 */ 772 if (comment) 773 continue; 774 775 /* 776 * If this character is escaped, we have a word start. 777 */ 778 if (escape) 779 break; 780 781 /* 782 * If this is the escape character, look at the next character. 783 */ 784 if (c == '\\') { 785 escape = 1; 786 continue; 787 } 788 789 /* 790 * If this is the start of a comment, ignore the rest of the line. 791 */ 792 if (c == '#') { 793 comment = 1; 794 continue; 795 } 796 797 /* 798 * A non-whitespace character is the start of a word. 799 */ 800 if (!isspace(c)) 801 break; 802 } 803 804 /* 805 * Save the delimiter for quoted strings. 806 */ 807 if (!escape && (c == '"' || c == '\'')) { 808 quoted = c; 809 c = getc(f); 810 } else 811 quoted = 0; 812 813 /* 814 * Process characters until the end of the word. 815 */ 816 while (c != EOF) { 817 if (escape) { 818 /* 819 * This character is escaped: backslash-newline is ignored, 820 * various other characters indicate particular values 821 * as for C backslash-escapes. 822 */ 823 escape = 0; 824 if (c == '\n') { 825 c = getc(f); 826 continue; 827 } 828 829 got = 0; 830 switch (c) { 831 case 'a': 832 value = '\a'; 833 break; 834 case 'b': 835 value = '\b'; 836 break; 837 case 'f': 838 value = '\f'; 839 break; 840 case 'n': 841 value = '\n'; 842 break; 843 case 'r': 844 value = '\r'; 845 break; 846 case 's': 847 value = ' '; 848 break; 849 case 't': 850 value = '\t'; 851 break; 852 853 default: 854 if (isoctal(c)) { 855 /* 856 * \ddd octal sequence 857 */ 858 value = 0; 859 for (n = 0; n < 3 && isoctal(c); ++n) { 860 value = (value << 3) + (c & 07); 861 c = getc(f); 862 } 863 got = 1; 864 break; 865 } 866 867 if (c == 'x') { 868 /* 869 * \x<hex_string> sequence 870 */ 871 value = 0; 872 c = getc(f); 873 for (n = 0; n < 2 && isxdigit(c); ++n) { 874 digit = toupper(c) - '0'; 875 if (digit > 10) 876 digit += '0' + 10 - 'A'; 877 value = (value << 4) + digit; 878 c = getc (f); 879 } 880 got = 1; 881 break; 882 } 883 884 /* 885 * Otherwise the character stands for itself. 886 */ 887 value = c; 888 break; 889 } 890 891 /* 892 * Store the resulting character for the escape sequence. 893 */ 894 if (len < MAXWORDLEN-1) 895 word[len] = value; 896 ++len; 897 898 if (!got) 899 c = getc(f); 900 continue; 901 902 } 903 904 /* 905 * Not escaped: see if we've reached the end of the word. 906 */ 907 if (quoted) { 908 if (c == quoted) 909 break; 910 } else { 911 if (isspace(c) || c == '#') { 912 ungetc (c, f); 913 break; 914 } 915 } 916 917 /* 918 * Backslash starts an escape sequence. 919 */ 920 if (c == '\\') { 921 escape = 1; 922 c = getc(f); 923 continue; 924 } 925 926 /* 927 * An ordinary character: store it in the word and get another. 928 */ 929 if (len < MAXWORDLEN-1) 930 word[len] = c; 931 ++len; 932 933 c = getc(f); 934 } 935 936 /* 937 * End of the word: check for errors. 938 */ 939 if (c == EOF) { 940 if (ferror(f)) { 941 if (errno == 0) 942 errno = EIO; 943 option_error("Error reading %s: %m", filename); 944 die(1); 945 } 946 /* 947 * If len is zero, then we didn't find a word before the 948 * end of the file. 949 */ 950 if (len == 0) 951 return 0; 952 } 953 954 /* 955 * Warn if the word was too long, and append a terminating null. 956 */ 957 if (len >= MAXWORDLEN) { 958 option_error("warning: word in file %s too long (%.20s...)", 959 filename, word); 960 len = MAXWORDLEN - 1; 961 } 962 word[len] = 0; 963 964 return 1; 965 966 #undef isoctal 967 968 } 969 970 /* 971 * number_option - parse an unsigned numeric parameter for an option. 972 */ 973 static int 974 number_option(str, valp, base) 975 char *str; 976 u_int32_t *valp; 977 int base; 978 { 979 char *ptr; 980 981 *valp = strtoul(str, &ptr, base); 982 if (ptr == str) { 983 option_error("invalid numeric parameter '%s' for %s option", 984 str, current_option); 985 return 0; 986 } 987 return 1; 988 } 989 990 991 /* 992 * int_option - like number_option, but valp is int *, 993 * the base is assumed to be 0, and *valp is not changed 994 * if there is an error. 995 */ 996 static int 997 int_option(str, valp) 998 char *str; 999 int *valp; 1000 { 1001 u_int32_t v; 1002 1003 if (!number_option(str, &v, 0)) 1004 return 0; 1005 *valp = (int) v; 1006 return 1; 1007 } 1008 1009 1010 /* 1011 * The following procedures parse options. 1012 */ 1013 1014 /* 1015 * readfile - take commands from a file. 1016 */ 1017 static int 1018 readfile(argv) 1019 char **argv; 1020 { 1021 return options_from_file(*argv, 1, 1, privileged_option); 1022 } 1023 1024 /* 1025 * callfile - take commands from /etc/ppp/peers/<name>. 1026 * Name may not contain /../, start with / or ../, or end in /.. 1027 */ 1028 static int 1029 callfile(argv) 1030 char **argv; 1031 { 1032 char *fname, *arg, *p; 1033 int l, ok; 1034 1035 arg = *argv; 1036 ok = 1; 1037 if (arg[0] == '/' || arg[0] == 0) 1038 ok = 0; 1039 else { 1040 for (p = arg; *p != 0; ) { 1041 if (p[0] == '.' && p[1] == '.' && (p[2] == '/' || p[2] == 0)) { 1042 ok = 0; 1043 break; 1044 } 1045 while (*p != '/' && *p != 0) 1046 ++p; 1047 if (*p == '/') 1048 ++p; 1049 } 1050 } 1051 if (!ok) { 1052 option_error("call option value may not contain .. or start with /"); 1053 return 0; 1054 } 1055 1056 l = strlen(arg) + strlen(_PATH_PEERFILES) + 1; 1057 if ((fname = (char *) malloc(l)) == NULL) 1058 novm("call file name"); 1059 strlcpy(fname, _PATH_PEERFILES, l); 1060 strlcat(fname, arg, l); 1061 1062 ok = options_from_file(fname, 1, 1, 1); 1063 1064 free(fname); 1065 return ok; 1066 } 1067 1068 1069 /* 1070 * setdebug - Set debug (command line argument). 1071 */ 1072 static int 1073 setdebug(argv) 1074 char **argv; 1075 { 1076 debug++; 1077 return (1); 1078 } 1079 1080 /* 1081 * setkdebug - Set kernel debugging level. 1082 */ 1083 static int 1084 setkdebug(argv) 1085 char **argv; 1086 { 1087 return int_option(*argv, &kdebugflag); 1088 } 1089 1090 #ifdef PPP_FILTER 1091 /* 1092 * setpdebug - Set libpcap debugging level. 1093 */ 1094 static int 1095 setpdebug(argv) 1096 char **argv; 1097 { 1098 return int_option(*argv, &dflag); 1099 } 1100 1101 /* 1102 * setpassfilter - Set the pass filter for packets 1103 */ 1104 static int 1105 setpassfilter(argv) 1106 char **argv; 1107 { 1108 pc.linktype = DLT_PPP; 1109 pc.snapshot = PPP_HDRLEN; 1110 1111 if (pcap_compile(&pc, &pass_filter, *argv, 1, netmask) == 0) 1112 return 1; 1113 option_error("error in pass-filter expression: %s\n", pcap_geterr(&pc)); 1114 return 0; 1115 } 1116 1117 /* 1118 * setactivefilter - Set the active filter for packets 1119 */ 1120 static int 1121 setactivefilter(argv) 1122 char **argv; 1123 { 1124 pc.linktype = DLT_PPP; 1125 pc.snapshot = PPP_HDRLEN; 1126 1127 if (pcap_compile(&pc, &active_filter, *argv, 1, netmask) == 0) 1128 return 1; 1129 option_error("error in active-filter expression: %s\n", pcap_geterr(&pc)); 1130 return 0; 1131 } 1132 #endif 1133 1134 /* 1135 * noopt - Disable all options. 1136 */ 1137 static int 1138 noopt(argv) 1139 char **argv; 1140 { 1141 BZERO((char *) &lcp_wantoptions[0], sizeof (struct lcp_options)); 1142 BZERO((char *) &lcp_allowoptions[0], sizeof (struct lcp_options)); 1143 BZERO((char *) &ipcp_wantoptions[0], sizeof (struct ipcp_options)); 1144 BZERO((char *) &ipcp_allowoptions[0], sizeof (struct ipcp_options)); 1145 1146 return (1); 1147 } 1148 1149 /* 1150 * noaccomp - Disable Address/Control field compression negotiation. 1151 */ 1152 static int 1153 noaccomp(argv) 1154 char **argv; 1155 { 1156 lcp_wantoptions[0].neg_accompression = 0; 1157 lcp_allowoptions[0].neg_accompression = 0; 1158 return (1); 1159 } 1160 1161 1162 /* 1163 * noasyncmap - Disable async map negotiation. 1164 */ 1165 static int 1166 noasyncmap(argv) 1167 char **argv; 1168 { 1169 lcp_wantoptions[0].neg_asyncmap = 0; 1170 lcp_allowoptions[0].neg_asyncmap = 0; 1171 return (1); 1172 } 1173 1174 1175 /* 1176 * noip - Disable IP and IPCP. 1177 */ 1178 static int 1179 noip(argv) 1180 char **argv; 1181 { 1182 ipcp_protent.enabled_flag = 0; 1183 return (1); 1184 } 1185 1186 1187 /* 1188 * nomagicnumber - Disable magic number negotiation. 1189 */ 1190 static int 1191 nomagicnumber(argv) 1192 char **argv; 1193 { 1194 lcp_wantoptions[0].neg_magicnumber = 0; 1195 lcp_allowoptions[0].neg_magicnumber = 0; 1196 return (1); 1197 } 1198 1199 1200 /* 1201 * nomru - Disable mru negotiation. 1202 */ 1203 static int 1204 nomru(argv) 1205 char **argv; 1206 { 1207 lcp_wantoptions[0].neg_mru = 0; 1208 lcp_allowoptions[0].neg_mru = 0; 1209 return (1); 1210 } 1211 1212 1213 /* 1214 * setmru - Set MRU for negotiation. 1215 */ 1216 static int 1217 setmru(argv) 1218 char **argv; 1219 { 1220 u_int32_t mru; 1221 1222 if (!number_option(*argv, &mru, 0)) 1223 return 0; 1224 lcp_wantoptions[0].mru = mru; 1225 lcp_wantoptions[0].neg_mru = 1; 1226 return (1); 1227 } 1228 1229 1230 /* 1231 * setmru - Set the largest MTU we'll use. 1232 */ 1233 static int 1234 setmtu(argv) 1235 char **argv; 1236 { 1237 u_int32_t mtu; 1238 1239 if (!number_option(*argv, &mtu, 0)) 1240 return 0; 1241 if (mtu < MINMRU || mtu > MAXMRU) { 1242 option_error("mtu option value of %u is too %s", mtu, 1243 (mtu < MINMRU? "small": "large")); 1244 return 0; 1245 } 1246 lcp_allowoptions[0].mru = mtu; 1247 return (1); 1248 } 1249 1250 #ifdef CBCP_SUPPORT 1251 static int 1252 setcbcp(argv) 1253 char **argv; 1254 { 1255 lcp_wantoptions[0].neg_cbcp = 1; 1256 cbcp_protent.enabled_flag = 1; 1257 cbcp[0].us_number = strdup(*argv); 1258 if (cbcp[0].us_number == 0) 1259 novm("callback number"); 1260 cbcp[0].us_type |= (1 << CB_CONF_USER); 1261 cbcp[0].us_type |= (1 << CB_CONF_ADMIN); 1262 return (1); 1263 } 1264 #endif 1265 1266 /* 1267 * nopcomp - Disable Protocol field compression negotiation. 1268 */ 1269 static int 1270 nopcomp(argv) 1271 char **argv; 1272 { 1273 lcp_wantoptions[0].neg_pcompression = 0; 1274 lcp_allowoptions[0].neg_pcompression = 0; 1275 return (1); 1276 } 1277 1278 1279 /* 1280 * setpassive - Set passive mode (don't give up if we time out sending 1281 * LCP configure-requests). 1282 */ 1283 static int 1284 setpassive(argv) 1285 char **argv; 1286 { 1287 lcp_wantoptions[0].passive = 1; 1288 return (1); 1289 } 1290 1291 1292 /* 1293 * setsilent - Set silent mode (don't start sending LCP configure-requests 1294 * until we get one from the peer). 1295 */ 1296 static int 1297 setsilent(argv) 1298 char **argv; 1299 { 1300 lcp_wantoptions[0].silent = 1; 1301 return 1; 1302 } 1303 1304 1305 /* 1306 * nopap - Disable PAP authentication with peer. 1307 */ 1308 static int 1309 nopap(argv) 1310 char **argv; 1311 { 1312 refuse_pap = 1; 1313 return (1); 1314 } 1315 1316 1317 /* 1318 * reqpap - Require PAP authentication from peer. 1319 */ 1320 static int 1321 reqpap(argv) 1322 char **argv; 1323 { 1324 lcp_wantoptions[0].neg_upap = 1; 1325 setauth(NULL); 1326 return 1; 1327 } 1328 1329 /* 1330 * nochap - Disable CHAP authentication with peer. 1331 */ 1332 static int 1333 nochap(argv) 1334 char **argv; 1335 { 1336 refuse_chap = 1; 1337 return (1); 1338 } 1339 1340 1341 /* 1342 * reqchap - Require CHAP authentication from peer. 1343 */ 1344 static int 1345 reqchap(argv) 1346 char **argv; 1347 { 1348 lcp_wantoptions[0].neg_chap = 1; 1349 setauth(NULL); 1350 return (1); 1351 } 1352 1353 1354 /* 1355 * setnovj - disable vj compression 1356 */ 1357 static int 1358 setnovj(argv) 1359 char **argv; 1360 { 1361 ipcp_wantoptions[0].neg_vj = 0; 1362 ipcp_allowoptions[0].neg_vj = 0; 1363 return (1); 1364 } 1365 1366 1367 /* 1368 * setnovjccomp - disable VJ connection-ID compression 1369 */ 1370 static int 1371 setnovjccomp(argv) 1372 char **argv; 1373 { 1374 ipcp_wantoptions[0].cflag = 0; 1375 ipcp_allowoptions[0].cflag = 0; 1376 return 1; 1377 } 1378 1379 1380 /* 1381 * setvjslots - set maximum number of connection slots for VJ compression 1382 */ 1383 static int 1384 setvjslots(argv) 1385 char **argv; 1386 { 1387 int value; 1388 1389 if (!int_option(*argv, &value)) 1390 return 0; 1391 if (value < 2 || value > 16) { 1392 option_error("vj-max-slots value must be between 2 and 16"); 1393 return 0; 1394 } 1395 ipcp_wantoptions [0].maxslotindex = 1396 ipcp_allowoptions[0].maxslotindex = value - 1; 1397 return 1; 1398 } 1399 1400 1401 /* 1402 * setconnector - Set a program to connect to a serial line 1403 */ 1404 static int 1405 setconnector(argv) 1406 char **argv; 1407 { 1408 connector = strdup(*argv); 1409 if (connector == NULL) 1410 novm("connect script"); 1411 connector_info.priv = privileged_option; 1412 connector_info.source = option_source; 1413 1414 return (1); 1415 } 1416 1417 /* 1418 * setdisconnector - Set a program to disconnect from the serial line 1419 */ 1420 static int 1421 setdisconnector(argv) 1422 char **argv; 1423 { 1424 disconnector = strdup(*argv); 1425 if (disconnector == NULL) 1426 novm("disconnect script"); 1427 disconnector_info.priv = privileged_option; 1428 disconnector_info.source = option_source; 1429 1430 return (1); 1431 } 1432 1433 /* 1434 * setwelcomer - Set a program to welcome a client after connection 1435 */ 1436 static int 1437 setwelcomer(argv) 1438 char **argv; 1439 { 1440 welcomer = strdup(*argv); 1441 if (welcomer == NULL) 1442 novm("welcome script"); 1443 welcomer_info.priv = privileged_option; 1444 welcomer_info.source = option_source; 1445 1446 return (1); 1447 } 1448 1449 /* 1450 * setmaxconnect - Set the maximum connect time 1451 */ 1452 static int 1453 setmaxconnect(argv) 1454 char **argv; 1455 { 1456 int value; 1457 1458 if (!int_option(*argv, &value)) 1459 return 0; 1460 if (value < 0) { 1461 option_error("maxconnect time must be positive"); 1462 return 0; 1463 } 1464 if (maxconnect > 0 && (value == 0 || value > maxconnect)) { 1465 option_error("maxconnect time cannot be increased"); 1466 return 0; 1467 } 1468 maxconnect = value; 1469 return 1; 1470 } 1471 1472 /* 1473 * setdomain - Set domain name to append to hostname 1474 */ 1475 static int 1476 setdomain(argv) 1477 char **argv; 1478 { 1479 if (!privileged_option) { 1480 option_error("using the domain option requires root privilege"); 1481 return 0; 1482 } 1483 gethostname(hostname, MAXNAMELEN); 1484 if (**argv != 0) { 1485 if (**argv != '.') 1486 strlcat(hostname, ".", MAXNAMELEN); 1487 strlcat(hostname, *argv, MAXNAMELEN); 1488 } 1489 hostname[MAXNAMELEN-1] = 0; 1490 return (1); 1491 } 1492 1493 1494 /* 1495 * setasyncmap - add bits to asyncmap (what we request peer to escape). 1496 */ 1497 static int 1498 setasyncmap(argv) 1499 char **argv; 1500 { 1501 u_int32_t asyncmap; 1502 1503 if (!number_option(*argv, &asyncmap, 16)) 1504 return 0; 1505 lcp_wantoptions[0].asyncmap |= asyncmap; 1506 lcp_wantoptions[0].neg_asyncmap = 1; 1507 return(1); 1508 } 1509 1510 1511 /* 1512 * setescape - add chars to the set we escape on transmission. 1513 */ 1514 static int 1515 setescape(argv) 1516 char **argv; 1517 { 1518 int n, ret; 1519 char *p, *endp; 1520 1521 p = *argv; 1522 ret = 1; 1523 while (*p) { 1524 n = strtol(p, &endp, 16); 1525 if (p == endp) { 1526 option_error("escape parameter contains invalid hex number '%s'", 1527 p); 1528 return 0; 1529 } 1530 p = endp; 1531 if (n < 0 || (0x20 <= n && n <= 0x3F) || n == 0x5E || n > 0xFF) { 1532 option_error("can't escape character 0x%x", n); 1533 ret = 0; 1534 } else 1535 xmit_accm[0][n >> 5] |= 1 << (n & 0x1F); 1536 while (*p == ',' || *p == ' ') 1537 ++p; 1538 } 1539 return ret; 1540 } 1541 1542 1543 /* 1544 * setspeed - Set the speed. 1545 */ 1546 static int 1547 setspeed(arg) 1548 char *arg; 1549 { 1550 char *ptr; 1551 int spd; 1552 1553 spd = strtol(arg, &ptr, 0); 1554 if (ptr == arg || *ptr != 0 || spd == 0) 1555 return 0; 1556 inspeed = spd; 1557 return 1; 1558 } 1559 1560 1561 /* 1562 * setdevname - Set the device name. 1563 */ 1564 static int 1565 setdevname(cp, quiet) 1566 char *cp; 1567 int quiet; 1568 { 1569 struct stat statbuf; 1570 char dev[MAXPATHLEN]; 1571 1572 if (*cp == 0) 1573 return 0; 1574 1575 if (strncmp("/dev/", cp, 5) != 0) { 1576 strlcpy(dev, "/dev/", sizeof dev); 1577 strlcat(dev, cp, sizeof dev); 1578 cp = dev; 1579 } 1580 1581 /* 1582 * Check if there is a device by this name. 1583 */ 1584 if (stat(cp, &statbuf) < 0) { 1585 if (errno == ENOENT || quiet) 1586 return 0; 1587 option_error("Couldn't stat %s: %m", cp); 1588 return -1; 1589 } 1590 1591 (void) strlcpy(devnam, cp, MAXPATHLEN); 1592 default_device = FALSE; 1593 devnam_info.priv = privileged_option; 1594 devnam_info.source = option_source; 1595 1596 return 1; 1597 } 1598 1599 1600 /* 1601 * setipaddr - Set the IP address 1602 */ 1603 static int 1604 setipaddr(arg) 1605 char *arg; 1606 { 1607 struct hostent *hp; 1608 char *colon; 1609 struct in_addr ina; 1610 u_int32_t local, remote; 1611 ipcp_options *wo = &ipcp_wantoptions[0]; 1612 1613 /* 1614 * IP address pair separated by ":". 1615 */ 1616 if ((colon = strchr(arg, ':')) == NULL) 1617 return 0; 1618 1619 /* 1620 * If colon first character, then no local addr. 1621 */ 1622 if (colon != arg) { 1623 *colon = '\0'; 1624 if (inet_aton(arg, &ina) == 0) { 1625 if ((hp = gethostbyname(arg)) == NULL) { 1626 option_error("unknown host: %s", arg); 1627 return -1; 1628 } else { 1629 local = *(u_int32_t *)hp->h_addr; 1630 if (our_name[0] == 0) 1631 strlcpy(our_name, arg, MAXNAMELEN); 1632 } 1633 } else 1634 local = ina.s_addr; 1635 if (bad_ip_adrs(local)) { 1636 option_error("bad local IP address %s", ip_ntoa(local)); 1637 return -1; 1638 } 1639 if (local != 0) 1640 wo->ouraddr = local; 1641 *colon = ':'; 1642 } 1643 1644 /* 1645 * If colon last character, then no remote addr. 1646 */ 1647 if (*++colon != '\0') { 1648 if (inet_aton(colon, &ina) == 0) { 1649 if ((hp = gethostbyname(colon)) == NULL) { 1650 option_error("unknown host: %s", colon); 1651 return -1; 1652 } else { 1653 remote = *(u_int32_t *)hp->h_addr; 1654 if (remote_name[0] == 0) 1655 strlcpy(remote_name, colon, MAXNAMELEN); 1656 } 1657 } else 1658 remote = ina.s_addr; 1659 if (bad_ip_adrs(remote)) { 1660 option_error("bad remote IP address %s", ip_ntoa(remote)); 1661 return -1; 1662 } 1663 if (remote != 0) 1664 wo->hisaddr = remote; 1665 } 1666 1667 return 1; 1668 } 1669 1670 1671 /* 1672 * setnoipdflt - disable setipdefault() 1673 */ 1674 static int 1675 setnoipdflt(argv) 1676 char **argv; 1677 { 1678 disable_defaultip = 1; 1679 return 1; 1680 } 1681 1682 1683 /* 1684 * setipcpaccl - accept peer's idea of our address 1685 */ 1686 static int 1687 setipcpaccl(argv) 1688 char **argv; 1689 { 1690 ipcp_wantoptions[0].accept_local = 1; 1691 return 1; 1692 } 1693 1694 1695 /* 1696 * setipcpaccr - accept peer's idea of its address 1697 */ 1698 static int 1699 setipcpaccr(argv) 1700 char **argv; 1701 { 1702 ipcp_wantoptions[0].accept_remote = 1; 1703 return 1; 1704 } 1705 1706 1707 /* 1708 * setnetmask - set the netmask to be used on the interface. 1709 */ 1710 static int 1711 setnetmask(argv) 1712 char **argv; 1713 { 1714 struct in_addr ina; 1715 1716 if (inet_aton(*argv, &ina) == 0 || (netmask & ~ina.s_addr) != 0) { 1717 option_error("invalid netmask value '%s'", *argv); 1718 return (0); 1719 } 1720 1721 netmask = ina.s_addr; 1722 return (1); 1723 } 1724 1725 static int 1726 setcrtscts(argv) 1727 char **argv; 1728 { 1729 crtscts = 1; 1730 return (1); 1731 } 1732 1733 static int 1734 setnocrtscts(argv) 1735 char **argv; 1736 { 1737 crtscts = -1; 1738 return (1); 1739 } 1740 1741 static int 1742 setxonxoff(argv) 1743 char **argv; 1744 { 1745 lcp_wantoptions[0].asyncmap |= 0x000A0000; /* escape ^S and ^Q */ 1746 lcp_wantoptions[0].neg_asyncmap = 1; 1747 1748 crtscts = -2; 1749 return (1); 1750 } 1751 1752 static int 1753 setnodetach(argv) 1754 char **argv; 1755 { 1756 nodetach = 1; 1757 return (1); 1758 } 1759 1760 static int 1761 setupdetach(argv) 1762 char **argv; 1763 { 1764 nodetach = -1; 1765 return (1); 1766 } 1767 1768 static int 1769 setdemand(argv) 1770 char **argv; 1771 { 1772 demand = 1; 1773 persist = 1; 1774 return 1; 1775 } 1776 1777 static int 1778 setmodem(argv) 1779 char **argv; 1780 { 1781 modem = 1; 1782 return 1; 1783 } 1784 1785 static int 1786 setmodem_chat(argv) 1787 char **argv; 1788 { 1789 modem_chat = 1; 1790 return 1; 1791 } 1792 1793 static int 1794 setlocal(argv) 1795 char **argv; 1796 { 1797 modem = 0; 1798 return 1; 1799 } 1800 1801 static int 1802 setlock(argv) 1803 char **argv; 1804 { 1805 lockflag = 1; 1806 return 1; 1807 } 1808 1809 static int 1810 setusehostname(argv) 1811 char **argv; 1812 { 1813 usehostname = 1; 1814 return 1; 1815 } 1816 1817 static int 1818 setname(argv) 1819 char **argv; 1820 { 1821 if (!privileged_option) { 1822 option_error("using the name option requires root privilege"); 1823 return 0; 1824 } 1825 strlcpy(our_name, argv[0], MAXNAMELEN); 1826 return 1; 1827 } 1828 1829 static int 1830 setuser(argv) 1831 char **argv; 1832 { 1833 strlcpy(user, argv[0], MAXNAMELEN); 1834 return 1; 1835 } 1836 1837 static int 1838 setremote(argv) 1839 char **argv; 1840 { 1841 strlcpy(remote_name, argv[0], MAXNAMELEN); 1842 return 1; 1843 } 1844 1845 static int 1846 setauth(argv) 1847 char **argv; 1848 { 1849 auth_required = 1; 1850 if (privileged_option > auth_req_info.priv) { 1851 auth_req_info.priv = privileged_option; 1852 auth_req_info.source = option_source; 1853 } 1854 return 1; 1855 } 1856 1857 static int 1858 setnoauth(argv) 1859 char **argv; 1860 { 1861 if (auth_required && privileged_option < auth_req_info.priv) { 1862 if (auth_req_info.source == NULL) 1863 option_error("cannot override default auth option"); 1864 else 1865 option_error("cannot override auth option set by %s", 1866 auth_req_info.source); 1867 return 0; 1868 } 1869 auth_required = 0; 1870 return 1; 1871 } 1872 1873 static int 1874 setdefaultroute(argv) 1875 char **argv; 1876 { 1877 if (!ipcp_allowoptions[0].default_route) { 1878 option_error("defaultroute option is disabled"); 1879 return 0; 1880 } 1881 ipcp_wantoptions[0].default_route = 1; 1882 return 1; 1883 } 1884 1885 static int 1886 setnodefaultroute(argv) 1887 char **argv; 1888 { 1889 ipcp_allowoptions[0].default_route = 0; 1890 ipcp_wantoptions[0].default_route = 0; 1891 return 1; 1892 } 1893 1894 static int 1895 setproxyarp(argv) 1896 char **argv; 1897 { 1898 if (!ipcp_allowoptions[0].proxy_arp) { 1899 option_error("proxyarp option is disabled"); 1900 return 0; 1901 } 1902 ipcp_wantoptions[0].proxy_arp = 1; 1903 return 1; 1904 } 1905 1906 static int 1907 setnoproxyarp(argv) 1908 char **argv; 1909 { 1910 ipcp_wantoptions[0].proxy_arp = 0; 1911 ipcp_allowoptions[0].proxy_arp = 0; 1912 return 1; 1913 } 1914 1915 static int 1916 setpersist(argv) 1917 char **argv; 1918 { 1919 persist = 1; 1920 return 1; 1921 } 1922 1923 static int 1924 setnopersist(argv) 1925 char **argv; 1926 { 1927 persist = 0; 1928 return 1; 1929 } 1930 1931 static int 1932 setdologin(argv) 1933 char **argv; 1934 { 1935 uselogin = 1; 1936 return 1; 1937 } 1938 1939 /* 1940 * Functions to set the echo interval for modem-less monitors 1941 */ 1942 1943 static int 1944 setlcpechointv(argv) 1945 char **argv; 1946 { 1947 return int_option(*argv, &lcp_echo_interval); 1948 } 1949 1950 static int 1951 setlcpechofails(argv) 1952 char **argv; 1953 { 1954 return int_option(*argv, &lcp_echo_fails); 1955 } 1956 1957 /* 1958 * Functions to set timeouts, max transmits, etc. 1959 */ 1960 static int 1961 setlcptimeout(argv) 1962 char **argv; 1963 { 1964 return int_option(*argv, &lcp_fsm[0].timeouttime); 1965 } 1966 1967 static int 1968 setlcpterm(argv) 1969 char **argv; 1970 { 1971 return int_option(*argv, &lcp_fsm[0].maxtermtransmits); 1972 } 1973 1974 static int 1975 setlcpconf(argv) 1976 char **argv; 1977 { 1978 return int_option(*argv, &lcp_fsm[0].maxconfreqtransmits); 1979 } 1980 1981 static int 1982 setlcpfails(argv) 1983 char **argv; 1984 { 1985 return int_option(*argv, &lcp_fsm[0].maxnakloops); 1986 } 1987 1988 static int 1989 setipcptimeout(argv) 1990 char **argv; 1991 { 1992 return int_option(*argv, &ipcp_fsm[0].timeouttime); 1993 } 1994 1995 static int 1996 setipcpterm(argv) 1997 char **argv; 1998 { 1999 return int_option(*argv, &ipcp_fsm[0].maxtermtransmits); 2000 } 2001 2002 static int 2003 setipcpconf(argv) 2004 char **argv; 2005 { 2006 return int_option(*argv, &ipcp_fsm[0].maxconfreqtransmits); 2007 } 2008 2009 static int 2010 setipcpfails(argv) 2011 char **argv; 2012 { 2013 return int_option(*argv, &lcp_fsm[0].maxnakloops); 2014 } 2015 2016 static int 2017 setpaptimeout(argv) 2018 char **argv; 2019 { 2020 return int_option(*argv, &upap[0].us_timeouttime); 2021 } 2022 2023 static int 2024 setpapreqtime(argv) 2025 char **argv; 2026 { 2027 return int_option(*argv, &upap[0].us_reqtimeout); 2028 } 2029 2030 static int 2031 setpapreqs(argv) 2032 char **argv; 2033 { 2034 return int_option(*argv, &upap[0].us_maxtransmits); 2035 } 2036 2037 static int 2038 setchaptimeout(argv) 2039 char **argv; 2040 { 2041 return int_option(*argv, &chap[0].timeouttime); 2042 } 2043 2044 static int 2045 setchapchal(argv) 2046 char **argv; 2047 { 2048 return int_option(*argv, &chap[0].max_transmits); 2049 } 2050 2051 static int 2052 setchapintv(argv) 2053 char **argv; 2054 { 2055 return int_option(*argv, &chap[0].chal_interval); 2056 } 2057 2058 static int 2059 noccp(argv) 2060 char **argv; 2061 { 2062 ccp_protent.enabled_flag = 0; 2063 return 1; 2064 } 2065 2066 static int 2067 setbsdcomp(argv) 2068 char **argv; 2069 { 2070 int rbits, abits; 2071 char *str, *endp; 2072 2073 str = *argv; 2074 abits = rbits = strtol(str, &endp, 0); 2075 if (endp != str && *endp == ',') { 2076 str = endp + 1; 2077 abits = strtol(str, &endp, 0); 2078 } 2079 if (*endp != 0 || endp == str) { 2080 option_error("invalid parameter '%s' for bsdcomp option", *argv); 2081 return 0; 2082 } 2083 if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS)) 2084 || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) { 2085 option_error("bsdcomp option values must be 0 or %d .. %d", 2086 BSD_MIN_BITS, BSD_MAX_BITS); 2087 return 0; 2088 } 2089 if (rbits > 0) { 2090 ccp_wantoptions[0].bsd_compress = 1; 2091 ccp_wantoptions[0].bsd_bits = rbits; 2092 } else 2093 ccp_wantoptions[0].bsd_compress = 0; 2094 if (abits > 0) { 2095 ccp_allowoptions[0].bsd_compress = 1; 2096 ccp_allowoptions[0].bsd_bits = abits; 2097 } else 2098 ccp_allowoptions[0].bsd_compress = 0; 2099 return 1; 2100 } 2101 2102 static int 2103 setnobsdcomp(argv) 2104 char **argv; 2105 { 2106 ccp_wantoptions[0].bsd_compress = 0; 2107 ccp_allowoptions[0].bsd_compress = 0; 2108 return 1; 2109 } 2110 2111 static int 2112 setdeflate(argv) 2113 char **argv; 2114 { 2115 int rbits, abits; 2116 char *str, *endp; 2117 2118 str = *argv; 2119 abits = rbits = strtol(str, &endp, 0); 2120 if (endp != str && *endp == ',') { 2121 str = endp + 1; 2122 abits = strtol(str, &endp, 0); 2123 } 2124 if (*endp != 0 || endp == str) { 2125 option_error("invalid parameter '%s' for deflate option", *argv); 2126 return 0; 2127 } 2128 if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE)) 2129 || (abits != 0 && (abits < DEFLATE_MIN_SIZE 2130 || abits > DEFLATE_MAX_SIZE))) { 2131 option_error("deflate option values must be 0 or %d .. %d", 2132 DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE); 2133 return 0; 2134 } 2135 if (rbits > 0) { 2136 ccp_wantoptions[0].deflate = 1; 2137 ccp_wantoptions[0].deflate_size = rbits; 2138 } else 2139 ccp_wantoptions[0].deflate = 0; 2140 if (abits > 0) { 2141 ccp_allowoptions[0].deflate = 1; 2142 ccp_allowoptions[0].deflate_size = abits; 2143 } else 2144 ccp_allowoptions[0].deflate = 0; 2145 return 1; 2146 } 2147 2148 static int 2149 setnodeflate(argv) 2150 char **argv; 2151 { 2152 ccp_wantoptions[0].deflate = 0; 2153 ccp_allowoptions[0].deflate = 0; 2154 return 1; 2155 } 2156 2157 static int 2158 setnodeflatedraft(argv) 2159 char **argv; 2160 { 2161 ccp_wantoptions[0].deflate_draft = 0; 2162 ccp_allowoptions[0].deflate_draft = 0; 2163 return 1; 2164 } 2165 2166 static int 2167 setpred1comp(argv) 2168 char **argv; 2169 { 2170 ccp_wantoptions[0].predictor_1 = 1; 2171 ccp_allowoptions[0].predictor_1 = 1; 2172 return 1; 2173 } 2174 2175 static int 2176 setnopred1comp(argv) 2177 char **argv; 2178 { 2179 ccp_wantoptions[0].predictor_1 = 0; 2180 ccp_allowoptions[0].predictor_1 = 0; 2181 return 1; 2182 } 2183 2184 static int 2185 setipparam(argv) 2186 char **argv; 2187 { 2188 ipparam = strdup(*argv); 2189 if (ipparam == NULL) 2190 novm("ipparam string"); 2191 2192 return 1; 2193 } 2194 2195 static int 2196 setpapcrypt(argv) 2197 char **argv; 2198 { 2199 cryptpap = 1; 2200 return 1; 2201 } 2202 2203 static int 2204 setidle(argv) 2205 char **argv; 2206 { 2207 return int_option(*argv, &idle_time_limit); 2208 } 2209 2210 static int 2211 setholdoff(argv) 2212 char **argv; 2213 { 2214 return int_option(*argv, &holdoff); 2215 } 2216 2217 /* 2218 * setdnsaddr - set the dns address(es) 2219 */ 2220 static int 2221 setdnsaddr(argv) 2222 char **argv; 2223 { 2224 struct in_addr ina; 2225 struct hostent *hp; 2226 2227 if (inet_aton(*argv, &ina) == 0) { 2228 if ((hp = gethostbyname(*argv)) == NULL) { 2229 option_error("invalid address parameter '%s' for ms-dns option", 2230 *argv); 2231 return (0); 2232 } 2233 ina.s_addr = *(u_int32_t *)hp->h_addr; 2234 } 2235 2236 /* if there is no primary then update it. */ 2237 if (ipcp_allowoptions[0].dnsaddr[0] == 0) 2238 ipcp_allowoptions[0].dnsaddr[0] = ina.s_addr; 2239 2240 /* always set the secondary address value to the same value. */ 2241 ipcp_allowoptions[0].dnsaddr[1] = ina.s_addr; 2242 2243 return (1); 2244 } 2245 2246 /* 2247 * setwinsaddr - set the wins address(es) 2248 * This is primrarly used with the Samba package under UNIX or for pointing 2249 * the caller to the existing WINS server on a Windows NT platform. 2250 */ 2251 static int 2252 setwinsaddr(argv) 2253 char **argv; 2254 { 2255 struct in_addr ina; 2256 struct hostent *hp; 2257 2258 if (inet_aton(*argv, &ina) == 0) { 2259 if ((hp = gethostbyname(*argv)) == NULL) { 2260 option_error("invalid address parameter '%s' for ms-wins option", 2261 *argv); 2262 return (0); 2263 } 2264 ina.s_addr = *(u_int32_t *)hp->h_addr; 2265 } 2266 2267 /* if there is no primary then update it. */ 2268 if (ipcp_allowoptions[0].winsaddr[0] == 0) 2269 ipcp_allowoptions[0].winsaddr[0] = ina.s_addr; 2270 2271 /* always set the secondary address value to the same value. */ 2272 ipcp_allowoptions[0].winsaddr[1] = ina.s_addr; 2273 2274 return (1); 2275 } 2276 2277 #ifdef MSLANMAN 2278 static int 2279 setmslanman(argv) 2280 char **argv; 2281 { 2282 ms_lanman = 1; 2283 return (1); 2284 } 2285 #endif 2286