1 /* $OpenBSD: options.c,v 1.26 2013/10/27 18:49:25 guenther Exp $ */ 2 3 /* 4 * options.c - handles option processing for PPP. 5 * 6 * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. The name "Carnegie Mellon University" must not be used to 21 * endorse or promote products derived from this software without 22 * prior written permission. For permission or any legal 23 * details, please contact 24 * Office of Technology Transfer 25 * Carnegie Mellon University 26 * 5000 Forbes Avenue 27 * Pittsburgh, PA 15213-3890 28 * (412) 268-4387, fax: (412) 268-7395 29 * tech-transfer@andrew.cmu.edu 30 * 31 * 4. Redistributions of any form whatsoever must retain the following 32 * acknowledgment: 33 * "This product includes software developed by Computing Services 34 * at Carnegie Mellon University (http://www.cmu.edu/computing/)." 35 * 36 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO 37 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 38 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE 39 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 40 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 41 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 42 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 43 */ 44 45 #include <ctype.h> 46 #include <stdio.h> 47 #include <errno.h> 48 #include <unistd.h> 49 #include <limits.h> 50 #include <stdlib.h> 51 #include <termios.h> 52 #include <syslog.h> 53 #include <string.h> 54 #include <netdb.h> 55 #include <pwd.h> 56 #include <sys/types.h> 57 #include <sys/stat.h> 58 #include <netinet/in.h> 59 #include <arpa/inet.h> 60 #ifdef PPP_FILTER 61 #include <pcap.h> 62 #include <pcap-int.h> /* XXX: To get struct pcap */ 63 #endif 64 65 #include "pppd.h" 66 #include "pathnames.h" 67 #include "patchlevel.h" 68 #include "fsm.h" 69 #include "lcp.h" 70 #include "ipcp.h" 71 #include "upap.h" 72 #include "chap.h" 73 #include "ccp.h" 74 #ifdef CBCP_SUPPORT 75 #include "cbcp.h" 76 #endif 77 78 #include <net/ppp-comp.h> 79 80 #define FALSE 0 81 #define TRUE 1 82 83 #if defined(ultrix) || defined(NeXT) 84 char *strdup(char *); 85 #endif 86 87 #ifndef GIDSET_TYPE 88 #define GIDSET_TYPE gid_t 89 #endif 90 91 /* 92 * Option variables and default values. 93 */ 94 #ifdef PPP_FILTER 95 int dflag = 0; /* Tell libpcap we want debugging */ 96 #endif 97 int debug = 0; /* Debug flag */ 98 int kdebugflag = 0; /* Tell kernel to print debug messages */ 99 int default_device = 1; /* Using /dev/tty or equivalent */ 100 char devnam[MAXPATHLEN] = "/dev/tty"; /* Device name */ 101 int crtscts = 0; /* Use hardware flow control */ 102 int modem = 1; /* Use modem control lines */ 103 int modem_chat = 0; /* Use modem control lines during chat */ 104 int inspeed = 0; /* Input/Output speed requested */ 105 u_int32_t netmask = 0; /* IP netmask to set on interface */ 106 int lockflag = 0; /* Create lock file to lock the serial dev */ 107 int nodetach = 0; /* Don't detach from controlling tty */ 108 char *connector = NULL; /* Script to establish physical link */ 109 char *disconnector = NULL; /* Script to disestablish physical link */ 110 char *welcomer = NULL; /* Script to run after phys link estab. */ 111 int maxconnect = 0; /* Maximum connect time */ 112 char user[MAXNAMELEN]; /* Username for PAP */ 113 char passwd[MAXSECRETLEN]; /* Password for PAP */ 114 int auth_required = 0; /* Peer is required to authenticate */ 115 int persist = 0; /* Reopen link after it goes down */ 116 int uselogin = 0; /* Use /etc/passwd for checking PAP */ 117 int lcp_echo_interval = 0; /* Interval between LCP echo-requests */ 118 int lcp_echo_fails = 0; /* Tolerance to unanswered echo-requests */ 119 char our_name[MAXNAMELEN]; /* Our name for authentication purposes */ 120 char remote_name[MAXNAMELEN]; /* Peer's name for authentication */ 121 int explicit_remote = 0; /* User specified explicit remote name */ 122 int usehostname = 0; /* Use hostname for our_name */ 123 int disable_defaultip = 0; /* Don't use hostname for default IP adrs */ 124 int demand = 0; /* do dial-on-demand */ 125 char *ipparam = NULL; /* Extra parameter for ip up/down scripts */ 126 int cryptpap; /* Passwords in pap-secrets are encrypted */ 127 int idle_time_limit = 0; /* Disconnect if idle for this many seconds */ 128 int holdoff = 30; /* # seconds to pause before reconnecting */ 129 int refuse_pap = 0; /* Set to say we won't do PAP */ 130 int refuse_chap = 0; /* Set to say we won't do CHAP */ 131 132 #ifdef MSLANMAN 133 int ms_lanman = 0; /* Nonzero if use LanMan password instead of NT */ 134 /* Has meaning only with MS-CHAP challenges */ 135 #endif 136 137 struct option_info auth_req_info; 138 struct option_info connector_info; 139 struct option_info disconnector_info; 140 struct option_info welcomer_info; 141 struct option_info devnam_info; 142 #ifdef PPP_FILTER 143 struct bpf_program pass_filter;/* Filter program for packets to pass */ 144 struct bpf_program active_filter; /* Filter program for link-active pkts */ 145 pcap_t pc; /* Fake struct pcap so we can compile expr */ 146 #endif 147 148 /* 149 * Prototypes 150 */ 151 static int setdevname(char *, int); 152 static int setipaddr(char *); 153 static int setspeed(char *); 154 static int setdebug(char **); 155 static int setkdebug(char **); 156 static int setpassive(char **); 157 static int setsilent(char **); 158 static int noopt(char **); 159 static int setnovj(char **); 160 static int setnovjccomp(char **); 161 static int setvjslots(char **); 162 static int reqpap(char **); 163 static int nopap(char **); 164 static int nochap(char **); 165 static int reqchap(char **); 166 static int noaccomp(char **); 167 static int noasyncmap(char **); 168 static int noip(char **); 169 static int nomagicnumber(char **); 170 static int setasyncmap(char **); 171 static int setescape(char **); 172 static int setmru(char **); 173 static int setmtu(char **); 174 #ifdef CBCP_SUPPORT 175 static int setcbcp(char **); 176 #endif 177 static int nomru(char **); 178 static int nopcomp(char **); 179 static int setconnector(char **); 180 static int setdisconnector(char **); 181 static int setwelcomer(char **); 182 static int setmaxconnect(char **); 183 static int setdomain(char **); 184 static int setnetmask(char **); 185 static int setcrtscts(char **); 186 static int setnocrtscts(char **); 187 static int setxonxoff(char **); 188 static int setnodetach(char **); 189 static int setupdetach(char **); 190 static int setmodem(char **); 191 static int setmodem_chat(char **); 192 static int setlocal(char **); 193 static int setlock(char **); 194 static int setname(char **); 195 static int setuser(char **); 196 static int setremote(char **); 197 static int setauth(char **); 198 static int setnoauth(char **); 199 static int readfile(char **); 200 static int callfile(char **); 201 static int setdefaultroute(char **); 202 static int setnodefaultroute(char **); 203 static int setproxyarp(char **); 204 static int setnoproxyarp(char **); 205 static int setpersist(char **); 206 static int setnopersist(char **); 207 static int setdologin(char **); 208 static int setusehostname(char **); 209 static int setnoipdflt(char **); 210 static int setlcptimeout(char **); 211 static int setlcpterm(char **); 212 static int setlcpconf(char **); 213 static int setlcpfails(char **); 214 static int setipcptimeout(char **); 215 static int setipcpterm(char **); 216 static int setipcpconf(char **); 217 static int setipcpfails(char **); 218 static int setpaptimeout(char **); 219 static int setpapreqs(char **); 220 static int setpapreqtime(char **); 221 static int setchaptimeout(char **); 222 static int setchapchal(char **); 223 static int setchapintv(char **); 224 static int setipcpaccl(char **); 225 static int setipcpaccr(char **); 226 static int setlcpechointv(char **); 227 static int setlcpechofails(char **); 228 static int noccp(char **); 229 static int setbsdcomp(char **); 230 static int setnobsdcomp(char **); 231 static int setdeflate(char **); 232 static int setnodeflate(char **); 233 static int setnodeflatedraft(char **); 234 static int setdemand(char **); 235 static int setpred1comp(char **); 236 static int setnopred1comp(char **); 237 static int setipparam(char **); 238 static int setpapcrypt(char **); 239 static int setidle(char **); 240 static int setholdoff(char **); 241 static int setdnsaddr(char **); 242 static int setwinsaddr(char **); 243 static int showversion(char **); 244 static int showhelp(char **); 245 246 #ifdef PPP_FILTER 247 static int setpdebug(char **); 248 static int setpassfilter(char **); 249 static int setactivefilter(char **); 250 #endif 251 252 #ifdef MSLANMAN 253 static int setmslanman(char **); 254 #endif 255 256 static int number_option(char *, u_int32_t *, int); 257 static int int_option(char *, int *); 258 static int readable(int fd); 259 260 /* 261 * Valid arguments. 262 */ 263 static struct cmd { 264 char *cmd_name; 265 int num_args; 266 int (*cmd_func)(char **); 267 } cmds[] = { 268 {"-all", 0, noopt}, /* Don't request/allow any options (useless) */ 269 {"noaccomp", 0, noaccomp}, /* Disable Address/Control compression */ 270 {"-ac", 0, noaccomp}, /* Disable Address/Control compress */ 271 {"default-asyncmap", 0, noasyncmap}, /* Disable asyncmap negoatiation */ 272 {"-am", 0, noasyncmap}, /* Disable asyncmap negotiation */ 273 {"-as", 1, setasyncmap}, /* set the desired async map */ 274 {"-d", 0, setdebug}, /* Increase debugging level */ 275 {"nodetach", 0, setnodetach}, /* Don't detach from controlling tty */ 276 {"-detach", 0, setnodetach}, /* don't fork */ 277 {"updetach", 0, setupdetach}, /* Detach once an NP has come up */ 278 {"noip", 0, noip}, /* Disable IP and IPCP */ 279 {"-ip", 0, noip}, /* Disable IP and IPCP */ 280 {"nomagic", 0, nomagicnumber}, /* Disable magic number negotiation */ 281 {"-mn", 0, nomagicnumber}, /* Disable magic number negotiation */ 282 {"default-mru", 0, nomru}, /* Disable MRU negotiation */ 283 {"-mru", 0, nomru}, /* Disable mru negotiation */ 284 {"-p", 0, setpassive}, /* Set passive mode */ 285 {"nopcomp", 0, nopcomp}, /* Disable protocol field compression */ 286 {"-pc", 0, nopcomp}, /* Disable protocol field compress */ 287 {"require-pap", 0, reqpap}, /* Require PAP authentication from peer */ 288 {"+pap", 0, reqpap}, /* Require PAP auth from peer */ 289 {"refuse-pap", 0, nopap}, /* Don't agree to auth to peer with PAP */ 290 {"-pap", 0, nopap}, /* Don't allow UPAP authentication with peer */ 291 {"require-chap", 0, reqchap}, /* Require CHAP authentication from peer */ 292 {"+chap", 0, reqchap}, /* Require CHAP authentication from peer */ 293 {"refuse-chap", 0, nochap}, /* Don't agree to auth to peer with CHAP */ 294 {"-chap", 0, nochap}, /* Don't allow CHAP authentication with peer */ 295 {"novj", 0, setnovj}, /* Disable VJ compression */ 296 {"-vj", 0, setnovj}, /* disable VJ compression */ 297 {"novjccomp", 0, setnovjccomp}, /* disable VJ connection-ID compression */ 298 {"-vjccomp", 0, setnovjccomp}, /* disable VJ connection-ID compression */ 299 {"vj-max-slots", 1, setvjslots}, /* Set maximum VJ header slots */ 300 {"asyncmap", 1, setasyncmap}, /* set the desired async map */ 301 {"escape", 1, setescape}, /* set chars to escape on transmission */ 302 {"connect", 1, setconnector}, /* A program to set up a connection */ 303 {"disconnect", 1, setdisconnector}, /* program to disconnect serial dev. */ 304 {"welcome", 1, setwelcomer},/* Script to welcome client */ 305 {"maxconnect", 1, setmaxconnect}, /* specify a maximum connect time */ 306 {"crtscts", 0, setcrtscts}, /* set h/w flow control */ 307 {"nocrtscts", 0, setnocrtscts}, /* clear h/w flow control */ 308 {"-crtscts", 0, setnocrtscts}, /* clear h/w flow control */ 309 {"xonxoff", 0, setxonxoff}, /* set s/w flow control */ 310 {"debug", 0, setdebug}, /* Increase debugging level */ 311 {"kdebug", 1, setkdebug}, /* Enable kernel-level debugging */ 312 {"domain", 1, setdomain}, /* Add given domain name to hostname*/ 313 {"mru", 1, setmru}, /* Set MRU value for negotiation */ 314 {"mtu", 1, setmtu}, /* Set our MTU */ 315 #ifdef CBCP_SUPPORT 316 {"callback", 1, setcbcp}, /* Ask for callback */ 317 #endif 318 {"netmask", 1, setnetmask}, /* set netmask */ 319 {"passive", 0, setpassive}, /* Set passive mode */ 320 {"silent", 0, setsilent}, /* Set silent mode */ 321 {"modem", 0, setmodem}, /* Use modem control lines */ 322 {"modem_chat", 0, setmodem_chat}, /* Use modem control lines during chat */ 323 {"local", 0, setlocal}, /* Don't use modem control lines */ 324 {"lock", 0, setlock}, /* Lock serial device (with lock file) */ 325 {"name", 1, setname}, /* Set local name for authentication */ 326 {"user", 1, setuser}, /* Set name for auth with peer */ 327 {"usehostname", 0, setusehostname}, /* Must use hostname for auth. */ 328 {"remotename", 1, setremote}, /* Set remote name for authentication */ 329 {"auth", 0, setauth}, /* Require authentication from peer */ 330 {"noauth", 0, setnoauth}, /* Don't require peer to authenticate */ 331 {"file", 1, readfile}, /* Take options from a file */ 332 {"call", 1, callfile}, /* Take options from a privileged file */ 333 {"defaultroute", 0, setdefaultroute}, /* Add default route */ 334 {"nodefaultroute", 0, setnodefaultroute}, /* disable defaultroute option */ 335 {"-defaultroute", 0, setnodefaultroute}, /* disable defaultroute option */ 336 {"proxyarp", 0, setproxyarp}, /* Add proxy ARP entry */ 337 {"noproxyarp", 0, setnoproxyarp}, /* disable proxyarp option */ 338 {"-proxyarp", 0, setnoproxyarp}, /* disable proxyarp option */ 339 {"persist", 0, setpersist}, /* Keep on reopening connection after close */ 340 {"nopersist", 0, setnopersist}, /* Turn off persist option */ 341 {"demand", 0, setdemand}, /* Dial on demand */ 342 {"login", 0, setdologin}, /* Use system password database for UPAP */ 343 {"noipdefault", 0, setnoipdflt}, /* Don't use name for default IP adrs */ 344 {"lcp-echo-failure", 1, setlcpechofails}, /* consecutive echo failures */ 345 {"lcp-echo-interval", 1, setlcpechointv}, /* time for lcp echo events */ 346 {"lcp-restart", 1, setlcptimeout}, /* Set timeout for LCP */ 347 {"lcp-max-terminate", 1, setlcpterm}, /* Set max #xmits for term-reqs */ 348 {"lcp-max-configure", 1, setlcpconf}, /* Set max #xmits for conf-reqs */ 349 {"lcp-max-failure", 1, setlcpfails}, /* Set max #conf-naks for LCP */ 350 {"ipcp-restart", 1, setipcptimeout}, /* Set timeout for IPCP */ 351 {"ipcp-max-terminate", 1, setipcpterm}, /* Set max #xmits for term-reqs */ 352 {"ipcp-max-configure", 1, setipcpconf}, /* Set max #xmits for conf-reqs */ 353 {"ipcp-max-failure", 1, setipcpfails}, /* Set max #conf-naks for IPCP */ 354 {"pap-restart", 1, setpaptimeout}, /* Set retransmit timeout for PAP */ 355 {"pap-max-authreq", 1, setpapreqs}, /* Set max #xmits for auth-reqs */ 356 {"pap-timeout", 1, setpapreqtime}, /* Set time limit for peer PAP auth. */ 357 {"chap-restart", 1, setchaptimeout}, /* Set timeout for CHAP */ 358 {"chap-max-challenge", 1, setchapchal}, /* Set max #xmits for challenge */ 359 {"chap-interval", 1, setchapintv}, /* Set interval for rechallenge */ 360 {"ipcp-accept-local", 0, setipcpaccl}, /* Accept peer's address for us */ 361 {"ipcp-accept-remote", 0, setipcpaccr}, /* Accept peer's address for it */ 362 {"noccp", 0, noccp}, /* Disable CCP negotiation */ 363 {"-ccp", 0, noccp}, /* Disable CCP negotiation */ 364 {"bsdcomp", 1, setbsdcomp}, /* request BSD-Compress */ 365 {"nobsdcomp", 0, setnobsdcomp}, /* don't allow BSD-Compress */ 366 {"-bsdcomp", 0, setnobsdcomp}, /* don't allow BSD-Compress */ 367 {"deflate", 1, setdeflate}, /* request Deflate compression */ 368 {"nodeflate", 0, setnodeflate}, /* don't allow Deflate compression */ 369 {"-deflate", 0, setnodeflate}, /* don't allow Deflate compression */ 370 {"nodeflatedraft", 0, setnodeflatedraft}, /* don't use draft deflate # */ 371 {"predictor1", 0, setpred1comp}, /* request Predictor-1 */ 372 {"nopredictor1", 0, setnopred1comp},/* don't allow Predictor-1 */ 373 {"-predictor1", 0, setnopred1comp}, /* don't allow Predictor-1 */ 374 {"ipparam", 1, setipparam}, /* set ip script parameter */ 375 {"papcrypt", 0, setpapcrypt}, /* PAP passwords encrypted */ 376 {"idle", 1, setidle}, /* idle time limit (seconds) */ 377 {"holdoff", 1, setholdoff}, /* set holdoff time (seconds) */ 378 {"ms-dns", 1, setdnsaddr}, /* DNS address for the peer's use */ 379 {"ms-wins", 1, setwinsaddr}, /* Nameserver for SMB over TCP/IP for peer */ 380 {"--version", 0, showversion}, /* Show version number */ 381 {"--help", 0, showhelp}, /* Show brief listing of options */ 382 {"-h", 0, showhelp}, /* ditto */ 383 384 #ifdef PPP_FILTER 385 {"pdebug", 1, setpdebug}, /* libpcap debugging */ 386 {"pass-filter", 1, setpassfilter}, /* set filter for packets to pass */ 387 {"active-filter", 1, setactivefilter}, /* set filter for active pkts */ 388 #endif 389 390 #ifdef MSLANMAN 391 {"ms-lanman", 0, setmslanman}, /* Use LanMan psswd when using MS-CHAP */ 392 #endif 393 394 {NULL, 0, NULL} 395 }; 396 397 398 #ifndef IMPLEMENTATION 399 #define IMPLEMENTATION "" 400 #endif 401 402 static const char usage_string[] = "\ 403 pppd version %s patch level %d%s\n\ 404 Usage: %s [ options ], where options are:\n\ 405 <device> Communicate over the named device\n\ 406 <speed> Set the baud rate to <speed>\n\ 407 <loc>:<rem> Set the local and/or remote interface IP\n\ 408 addresses. Either one may be omitted.\n\ 409 asyncmap <n> Set the desired async map to hex <n>\n\ 410 auth Require authentication from peer\n\ 411 connect <p> Invoke shell command <p> to set up the serial line\n\ 412 crtscts Use hardware RTS/CTS flow control\n\ 413 defaultroute Add default route through interface\n\ 414 file <f> Take options from file <f>\n\ 415 modem Use modem control lines\n\ 416 modem_chat Use modem control lines during chat\n\ 417 mru <n> Set MRU value to <n> for negotiation\n\ 418 netmask <n> Set interface netmask to <n>\n\ 419 See pppd(8) for more options.\n\ 420 "; 421 422 static char *current_option; /* the name of the option being parsed */ 423 static int privileged_option; /* set iff the current option came from root */ 424 static char *option_source; /* string saying where the option came from */ 425 426 /* 427 * parse_args - parse a string of arguments from the command line. 428 */ 429 int 430 parse_args(argc, argv) 431 int argc; 432 char **argv; 433 { 434 char *arg; 435 struct cmd *cmdp; 436 int ret; 437 438 privileged_option = privileged; 439 option_source = "command line"; 440 while (argc > 0) { 441 arg = *argv++; 442 --argc; 443 444 /* 445 * First see if it's a command. 446 */ 447 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 448 if (!strcmp(arg, cmdp->cmd_name)) 449 break; 450 451 if (cmdp->cmd_name != NULL) { 452 if (argc < cmdp->num_args) { 453 option_error("too few parameters for option %s", arg); 454 return 0; 455 } 456 current_option = arg; 457 if (!(*cmdp->cmd_func)(argv)) 458 return 0; 459 argc -= cmdp->num_args; 460 argv += cmdp->num_args; 461 462 } else { 463 /* 464 * Maybe a tty name, speed or IP address? 465 */ 466 if ((ret = setdevname(arg, 0)) == 0 467 && (ret = setspeed(arg)) == 0 468 && (ret = setipaddr(arg)) == 0) { 469 option_error("unrecognized option '%s'", arg); 470 usage(); 471 return 0; 472 } 473 if (ret < 0) /* error */ 474 return 0; 475 } 476 } 477 return 1; 478 } 479 480 /* 481 * scan_args - scan the command line arguments to get the tty name, 482 * if specified. 483 */ 484 void 485 scan_args(argc, argv) 486 int argc; 487 char **argv; 488 { 489 char *arg; 490 struct cmd *cmdp; 491 492 while (argc > 0) { 493 arg = *argv++; 494 --argc; 495 496 /* Skip options and their arguments */ 497 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 498 if (!strcmp(arg, cmdp->cmd_name)) 499 break; 500 501 if (cmdp->cmd_name != NULL) { 502 argc -= cmdp->num_args; 503 argv += cmdp->num_args; 504 continue; 505 } 506 507 /* Check if it's a tty name and copy it if so */ 508 (void) setdevname(arg, 1); 509 } 510 } 511 512 /* 513 * usage - print out a message telling how to use the program. 514 */ 515 void 516 usage() 517 { 518 if (phase == PHASE_INITIALIZE) 519 fprintf(stderr, usage_string, VERSION, PATCHLEVEL, IMPLEMENTATION, 520 progname); 521 } 522 523 /* 524 * showhelp - print out usage message and exit. 525 */ 526 static int 527 showhelp(argv) 528 char **argv; 529 { 530 if (phase == PHASE_INITIALIZE) { 531 usage(); 532 exit(0); 533 } 534 return 0; 535 } 536 537 /* 538 * showversion - print out the version number and exit. 539 */ 540 static int 541 showversion(argv) 542 char **argv; 543 { 544 if (phase == PHASE_INITIALIZE) { 545 fprintf(stderr, "pppd version %s patch level %d%s\n", 546 VERSION, PATCHLEVEL, IMPLEMENTATION); 547 exit(0); 548 } 549 return 0; 550 } 551 552 /* 553 * options_from_file - Read a string of options from a file, 554 * and interpret them. 555 */ 556 int 557 options_from_file(filename, must_exist, check_prot, priv) 558 char *filename; 559 int must_exist; 560 int check_prot; 561 int priv; 562 { 563 FILE *f; 564 int i, newline, ret; 565 struct cmd *cmdp; 566 int oldpriv; 567 char *argv[MAXARGS]; 568 char args[MAXARGS][MAXWORDLEN]; 569 char cmd[MAXWORDLEN]; 570 571 if ((f = fopen(filename, "r")) == NULL) { 572 if (!must_exist && errno == ENOENT) 573 return 1; 574 option_error("Can't open options file %s: %m", filename); 575 return 0; 576 } 577 if (check_prot && !readable(fileno(f))) { 578 option_error("Can't open options file %s: access denied", filename); 579 fclose(f); 580 return 0; 581 } 582 583 oldpriv = privileged_option; 584 privileged_option = priv; 585 ret = 0; 586 while (getword(f, cmd, &newline, filename)) { 587 /* 588 * First see if it's a command. 589 */ 590 for (cmdp = cmds; cmdp->cmd_name; cmdp++) 591 if (!strcmp(cmd, cmdp->cmd_name)) 592 break; 593 594 if (cmdp->cmd_name != NULL) { 595 for (i = 0; i < cmdp->num_args; ++i) { 596 if (!getword(f, args[i], &newline, filename)) { 597 option_error( 598 "In file %s: too few parameters for option '%s'", 599 filename, cmd); 600 goto err; 601 } 602 argv[i] = args[i]; 603 } 604 current_option = cmd; 605 if (!(*cmdp->cmd_func)(argv)) 606 goto err; 607 608 } else { 609 /* 610 * Maybe a tty name, speed or IP address? 611 */ 612 if ((i = setdevname(cmd, 0)) == 0 613 && (i = setspeed(cmd)) == 0 614 && (i = setipaddr(cmd)) == 0) { 615 option_error("In file %s: unrecognized option '%s'", 616 filename, cmd); 617 goto err; 618 } 619 if (i < 0) /* error */ 620 goto err; 621 } 622 } 623 ret = 1; 624 625 err: 626 fclose(f); 627 privileged_option = oldpriv; 628 return ret; 629 } 630 631 /* 632 * options_from_user - See if the use has a ~/.ppprc file, 633 * and if so, interpret options from it. 634 */ 635 int 636 options_from_user() 637 { 638 char *user, *path, *file; 639 int ret; 640 struct passwd *pw; 641 642 pw = getpwuid(getuid()); 643 if (pw == NULL || (user = pw->pw_dir) == NULL || user[0] == 0) 644 return 1; 645 file = _PATH_USEROPT; 646 if (asprintf(&path, "%s/%s", user, file) == -1) 647 novm("init file name"); 648 ret = options_from_file(path, 0, 1, privileged); 649 free(path); 650 return ret; 651 } 652 653 /* 654 * options_for_tty - See if an options file exists for the serial 655 * device, and if so, interpret options from it. 656 */ 657 int 658 options_for_tty() 659 { 660 char *dev, *path; 661 int ret; 662 663 dev = devnam; 664 if (strncmp(dev, "/dev/", 5) == 0) 665 dev += 5; 666 if (strcmp(dev, "tty") == 0) 667 return 1; /* don't look for /etc/ppp/options.tty */ 668 if (asprintf(&path, "%s%s", _PATH_TTYOPT, dev) == -1) 669 novm("tty init file name"); 670 ret = options_from_file(path, 0, 0, 1); 671 free(path); 672 return ret; 673 } 674 675 /* 676 * option_error - print a message about an error in an option. 677 * The message is logged, and also sent to 678 * stderr if phase == PHASE_INITIALIZE. 679 */ 680 void 681 option_error(char *fmt, ...) 682 { 683 va_list args; 684 char buf[256]; 685 686 va_start(args, fmt); 687 vfmtmsg(buf, sizeof(buf), fmt, args); 688 va_end(args); 689 if (phase == PHASE_INITIALIZE) 690 fprintf(stderr, "%s: %s\n", progname, buf); 691 syslog(LOG_ERR, "%s", buf); 692 } 693 694 /* 695 * readable - check if a file is readable by the real user. 696 */ 697 static int 698 readable(fd) 699 int fd; 700 { 701 uid_t uid; 702 int ngroups, i; 703 struct stat sbuf; 704 GIDSET_TYPE groups[NGROUPS_MAX]; 705 706 uid = getuid(); 707 if (uid == 0) 708 return 1; 709 if (fstat(fd, &sbuf) != 0) 710 return 0; 711 if (sbuf.st_uid == uid) 712 return sbuf.st_mode & S_IRUSR; 713 if (sbuf.st_gid == getgid()) 714 return sbuf.st_mode & S_IRGRP; 715 ngroups = getgroups(NGROUPS_MAX, groups); 716 for (i = 0; i < ngroups; ++i) 717 if (sbuf.st_gid == groups[i]) 718 return sbuf.st_mode & S_IRGRP; 719 return sbuf.st_mode & S_IROTH; 720 } 721 722 /* 723 * Read a word from a file. 724 * Words are delimited by white-space or by quotes (" or '). 725 * Quotes, white-space and \ may be escaped with \. 726 * \<newline> is ignored. 727 */ 728 int 729 getword(f, word, newlinep, filename) 730 FILE *f; 731 char *word; 732 int *newlinep; 733 char *filename; 734 { 735 int c, len, escape; 736 int quoted, comment; 737 int value, digit, got, n; 738 739 #define isoctal(c) ((c) >= '0' && (c) < '8') 740 741 *newlinep = 0; 742 len = 0; 743 escape = 0; 744 comment = 0; 745 746 /* 747 * First skip white-space and comments. 748 */ 749 for (;;) { 750 c = getc(f); 751 if (c == EOF) 752 break; 753 754 /* 755 * A newline means the end of a comment; backslash-newline 756 * is ignored. Note that we cannot have escape && comment. 757 */ 758 if (c == '\n') { 759 if (!escape) { 760 *newlinep = 1; 761 comment = 0; 762 } else 763 escape = 0; 764 continue; 765 } 766 767 /* 768 * Ignore characters other than newline in a comment. 769 */ 770 if (comment) 771 continue; 772 773 /* 774 * If this character is escaped, we have a word start. 775 */ 776 if (escape) 777 break; 778 779 /* 780 * If this is the escape character, look at the next character. 781 */ 782 if (c == '\\') { 783 escape = 1; 784 continue; 785 } 786 787 /* 788 * If this is the start of a comment, ignore the rest of the line. 789 */ 790 if (c == '#') { 791 comment = 1; 792 continue; 793 } 794 795 /* 796 * A non-whitespace character is the start of a word. 797 */ 798 if (!isspace(c)) 799 break; 800 } 801 802 /* 803 * Save the delimiter for quoted strings. 804 */ 805 if (!escape && (c == '"' || c == '\'')) { 806 quoted = c; 807 c = getc(f); 808 } else 809 quoted = 0; 810 811 /* 812 * Process characters until the end of the word. 813 */ 814 while (c != EOF) { 815 if (escape) { 816 /* 817 * This character is escaped: backslash-newline is ignored, 818 * various other characters indicate particular values 819 * as for C backslash-escapes. 820 */ 821 escape = 0; 822 if (c == '\n') { 823 c = getc(f); 824 continue; 825 } 826 827 got = 0; 828 switch (c) { 829 case 'a': 830 value = '\a'; 831 break; 832 case 'b': 833 value = '\b'; 834 break; 835 case 'f': 836 value = '\f'; 837 break; 838 case 'n': 839 value = '\n'; 840 break; 841 case 'r': 842 value = '\r'; 843 break; 844 case 's': 845 value = ' '; 846 break; 847 case 't': 848 value = '\t'; 849 break; 850 851 default: 852 if (isoctal(c)) { 853 /* 854 * \ddd octal sequence 855 */ 856 value = 0; 857 for (n = 0; n < 3 && isoctal(c); ++n) { 858 value = (value << 3) + (c & 07); 859 c = getc(f); 860 } 861 got = 1; 862 break; 863 } 864 865 if (c == 'x') { 866 /* 867 * \x<hex_string> sequence 868 */ 869 value = 0; 870 c = getc(f); 871 for (n = 0; n < 2 && isxdigit(c); ++n) { 872 digit = toupper(c) - '0'; 873 if (digit > 10) 874 digit += '0' + 10 - 'A'; 875 value = (value << 4) + digit; 876 c = getc (f); 877 } 878 got = 1; 879 break; 880 } 881 882 /* 883 * Otherwise the character stands for itself. 884 */ 885 value = c; 886 break; 887 } 888 889 /* 890 * Store the resulting character for the escape sequence. 891 */ 892 if (len < MAXWORDLEN-1) 893 word[len] = value; 894 ++len; 895 896 if (!got) 897 c = getc(f); 898 continue; 899 900 } 901 902 /* 903 * Not escaped: see if we've reached the end of the word. 904 */ 905 if (quoted) { 906 if (c == quoted) 907 break; 908 } else { 909 if (isspace(c) || c == '#') { 910 ungetc (c, f); 911 break; 912 } 913 } 914 915 /* 916 * Backslash starts an escape sequence. 917 */ 918 if (c == '\\') { 919 escape = 1; 920 c = getc(f); 921 continue; 922 } 923 924 /* 925 * An ordinary character: store it in the word and get another. 926 */ 927 if (len < MAXWORDLEN-1) 928 word[len] = c; 929 ++len; 930 931 c = getc(f); 932 } 933 934 /* 935 * End of the word: check for errors. 936 */ 937 if (c == EOF) { 938 if (ferror(f)) { 939 if (errno == 0) 940 errno = EIO; 941 option_error("Error reading %s: %m", filename); 942 die(1); 943 } 944 /* 945 * If len is zero, then we didn't find a word before the 946 * end of the file. 947 */ 948 if (len == 0) 949 return 0; 950 } 951 952 /* 953 * Warn if the word was too long, and append a terminating null. 954 */ 955 if (len >= MAXWORDLEN) { 956 option_error("warning: word in file %s too long (%.20s...)", 957 filename, word); 958 len = MAXWORDLEN - 1; 959 } 960 word[len] = 0; 961 962 return 1; 963 964 #undef isoctal 965 966 } 967 968 /* 969 * number_option - parse an unsigned numeric parameter for an option. 970 */ 971 static int 972 number_option(str, valp, base) 973 char *str; 974 u_int32_t *valp; 975 int base; 976 { 977 char *ptr; 978 979 *valp = strtoul(str, &ptr, base); 980 if (ptr == str) { 981 option_error("invalid numeric parameter '%s' for %s option", 982 str, current_option); 983 return 0; 984 } 985 return 1; 986 } 987 988 989 /* 990 * int_option - like number_option, but valp is int *, 991 * the base is assumed to be 0, and *valp is not changed 992 * if there is an error. 993 */ 994 static int 995 int_option(str, valp) 996 char *str; 997 int *valp; 998 { 999 u_int32_t v; 1000 1001 if (!number_option(str, &v, 0)) 1002 return 0; 1003 *valp = (int) v; 1004 return 1; 1005 } 1006 1007 1008 /* 1009 * The following procedures parse options. 1010 */ 1011 1012 /* 1013 * readfile - take commands from a file. 1014 */ 1015 static int 1016 readfile(argv) 1017 char **argv; 1018 { 1019 return options_from_file(*argv, 1, 1, privileged_option); 1020 } 1021 1022 /* 1023 * callfile - take commands from /etc/ppp/peers/<name>. 1024 * Name may not contain /../, start with / or ../, or end in /.. 1025 */ 1026 static int 1027 callfile(argv) 1028 char **argv; 1029 { 1030 char *fname, *arg, *p; 1031 int l, ok; 1032 1033 arg = *argv; 1034 ok = 1; 1035 if (arg[0] == '/' || arg[0] == 0) 1036 ok = 0; 1037 else { 1038 for (p = arg; *p != 0; ) { 1039 if (p[0] == '.' && p[1] == '.' && (p[2] == '/' || p[2] == 0)) { 1040 ok = 0; 1041 break; 1042 } 1043 while (*p != '/' && *p != 0) 1044 ++p; 1045 if (*p == '/') 1046 ++p; 1047 } 1048 } 1049 if (!ok) { 1050 option_error("call option value may not contain .. or start with /"); 1051 return 0; 1052 } 1053 1054 l = strlen(arg) + strlen(_PATH_PEERFILES) + 1; 1055 if ((fname = (char *) malloc(l)) == NULL) 1056 novm("call file name"); 1057 strlcpy(fname, _PATH_PEERFILES, l); 1058 strlcat(fname, arg, l); 1059 1060 ok = options_from_file(fname, 1, 1, 1); 1061 1062 free(fname); 1063 return ok; 1064 } 1065 1066 1067 /* 1068 * setdebug - Set debug (command line argument). 1069 */ 1070 static int 1071 setdebug(argv) 1072 char **argv; 1073 { 1074 debug++; 1075 return (1); 1076 } 1077 1078 /* 1079 * setkdebug - Set kernel debugging level. 1080 */ 1081 static int 1082 setkdebug(argv) 1083 char **argv; 1084 { 1085 return int_option(*argv, &kdebugflag); 1086 } 1087 1088 #ifdef PPP_FILTER 1089 /* 1090 * setpdebug - Set libpcap debugging level. 1091 */ 1092 static int 1093 setpdebug(argv) 1094 char **argv; 1095 { 1096 return int_option(*argv, &dflag); 1097 } 1098 1099 /* 1100 * setpassfilter - Set the pass filter for packets 1101 */ 1102 static int 1103 setpassfilter(argv) 1104 char **argv; 1105 { 1106 pc.linktype = DLT_PPP; 1107 pc.snapshot = PPP_HDRLEN; 1108 1109 if (pcap_compile(&pc, &pass_filter, *argv, 1, netmask) == 0) 1110 return 1; 1111 option_error("error in pass-filter expression: %s\n", pcap_geterr(&pc)); 1112 return 0; 1113 } 1114 1115 /* 1116 * setactivefilter - Set the active filter for packets 1117 */ 1118 static int 1119 setactivefilter(argv) 1120 char **argv; 1121 { 1122 pc.linktype = DLT_PPP; 1123 pc.snapshot = PPP_HDRLEN; 1124 1125 if (pcap_compile(&pc, &active_filter, *argv, 1, netmask) == 0) 1126 return 1; 1127 option_error("error in active-filter expression: %s\n", pcap_geterr(&pc)); 1128 return 0; 1129 } 1130 #endif 1131 1132 /* 1133 * noopt - Disable all options. 1134 */ 1135 static int 1136 noopt(argv) 1137 char **argv; 1138 { 1139 BZERO((char *) &lcp_wantoptions[0], sizeof (struct lcp_options)); 1140 BZERO((char *) &lcp_allowoptions[0], sizeof (struct lcp_options)); 1141 BZERO((char *) &ipcp_wantoptions[0], sizeof (struct ipcp_options)); 1142 BZERO((char *) &ipcp_allowoptions[0], sizeof (struct ipcp_options)); 1143 1144 return (1); 1145 } 1146 1147 /* 1148 * noaccomp - Disable Address/Control field compression negotiation. 1149 */ 1150 static int 1151 noaccomp(argv) 1152 char **argv; 1153 { 1154 lcp_wantoptions[0].neg_accompression = 0; 1155 lcp_allowoptions[0].neg_accompression = 0; 1156 return (1); 1157 } 1158 1159 1160 /* 1161 * noasyncmap - Disable async map negotiation. 1162 */ 1163 static int 1164 noasyncmap(argv) 1165 char **argv; 1166 { 1167 lcp_wantoptions[0].neg_asyncmap = 0; 1168 lcp_allowoptions[0].neg_asyncmap = 0; 1169 return (1); 1170 } 1171 1172 1173 /* 1174 * noip - Disable IP and IPCP. 1175 */ 1176 static int 1177 noip(argv) 1178 char **argv; 1179 { 1180 ipcp_protent.enabled_flag = 0; 1181 return (1); 1182 } 1183 1184 1185 /* 1186 * nomagicnumber - Disable magic number negotiation. 1187 */ 1188 static int 1189 nomagicnumber(argv) 1190 char **argv; 1191 { 1192 lcp_wantoptions[0].neg_magicnumber = 0; 1193 lcp_allowoptions[0].neg_magicnumber = 0; 1194 return (1); 1195 } 1196 1197 1198 /* 1199 * nomru - Disable mru negotiation. 1200 */ 1201 static int 1202 nomru(argv) 1203 char **argv; 1204 { 1205 lcp_wantoptions[0].neg_mru = 0; 1206 lcp_allowoptions[0].neg_mru = 0; 1207 return (1); 1208 } 1209 1210 1211 /* 1212 * setmru - Set MRU for negotiation. 1213 */ 1214 static int 1215 setmru(argv) 1216 char **argv; 1217 { 1218 u_int32_t mru; 1219 1220 if (!number_option(*argv, &mru, 0)) 1221 return 0; 1222 lcp_wantoptions[0].mru = mru; 1223 lcp_wantoptions[0].neg_mru = 1; 1224 return (1); 1225 } 1226 1227 1228 /* 1229 * setmru - Set the largest MTU we'll use. 1230 */ 1231 static int 1232 setmtu(argv) 1233 char **argv; 1234 { 1235 u_int32_t mtu; 1236 1237 if (!number_option(*argv, &mtu, 0)) 1238 return 0; 1239 if (mtu < MINMRU || mtu > MAXMRU) { 1240 option_error("mtu option value of %u is too %s", mtu, 1241 (mtu < MINMRU? "small": "large")); 1242 return 0; 1243 } 1244 lcp_allowoptions[0].mru = mtu; 1245 return (1); 1246 } 1247 1248 #ifdef CBCP_SUPPORT 1249 static int 1250 setcbcp(argv) 1251 char **argv; 1252 { 1253 lcp_wantoptions[0].neg_cbcp = 1; 1254 cbcp_protent.enabled_flag = 1; 1255 cbcp[0].us_number = strdup(*argv); 1256 if (cbcp[0].us_number == 0) 1257 novm("callback number"); 1258 cbcp[0].us_type |= (1 << CB_CONF_USER); 1259 cbcp[0].us_type |= (1 << CB_CONF_ADMIN); 1260 return (1); 1261 } 1262 #endif 1263 1264 /* 1265 * nopcomp - Disable Protocol field compression negotiation. 1266 */ 1267 static int 1268 nopcomp(argv) 1269 char **argv; 1270 { 1271 lcp_wantoptions[0].neg_pcompression = 0; 1272 lcp_allowoptions[0].neg_pcompression = 0; 1273 return (1); 1274 } 1275 1276 1277 /* 1278 * setpassive - Set passive mode (don't give up if we time out sending 1279 * LCP configure-requests). 1280 */ 1281 static int 1282 setpassive(argv) 1283 char **argv; 1284 { 1285 lcp_wantoptions[0].passive = 1; 1286 return (1); 1287 } 1288 1289 1290 /* 1291 * setsilent - Set silent mode (don't start sending LCP configure-requests 1292 * until we get one from the peer). 1293 */ 1294 static int 1295 setsilent(argv) 1296 char **argv; 1297 { 1298 lcp_wantoptions[0].silent = 1; 1299 return 1; 1300 } 1301 1302 1303 /* 1304 * nopap - Disable PAP authentication with peer. 1305 */ 1306 static int 1307 nopap(argv) 1308 char **argv; 1309 { 1310 refuse_pap = 1; 1311 return (1); 1312 } 1313 1314 1315 /* 1316 * reqpap - Require PAP authentication from peer. 1317 */ 1318 static int 1319 reqpap(argv) 1320 char **argv; 1321 { 1322 lcp_wantoptions[0].neg_upap = 1; 1323 setauth(NULL); 1324 return 1; 1325 } 1326 1327 /* 1328 * nochap - Disable CHAP authentication with peer. 1329 */ 1330 static int 1331 nochap(argv) 1332 char **argv; 1333 { 1334 refuse_chap = 1; 1335 return (1); 1336 } 1337 1338 1339 /* 1340 * reqchap - Require CHAP authentication from peer. 1341 */ 1342 static int 1343 reqchap(argv) 1344 char **argv; 1345 { 1346 lcp_wantoptions[0].neg_chap = 1; 1347 setauth(NULL); 1348 return (1); 1349 } 1350 1351 1352 /* 1353 * setnovj - disable vj compression 1354 */ 1355 static int 1356 setnovj(argv) 1357 char **argv; 1358 { 1359 ipcp_wantoptions[0].neg_vj = 0; 1360 ipcp_allowoptions[0].neg_vj = 0; 1361 return (1); 1362 } 1363 1364 1365 /* 1366 * setnovjccomp - disable VJ connection-ID compression 1367 */ 1368 static int 1369 setnovjccomp(argv) 1370 char **argv; 1371 { 1372 ipcp_wantoptions[0].cflag = 0; 1373 ipcp_allowoptions[0].cflag = 0; 1374 return 1; 1375 } 1376 1377 1378 /* 1379 * setvjslots - set maximum number of connection slots for VJ compression 1380 */ 1381 static int 1382 setvjslots(argv) 1383 char **argv; 1384 { 1385 int value; 1386 1387 if (!int_option(*argv, &value)) 1388 return 0; 1389 if (value < 2 || value > 16) { 1390 option_error("vj-max-slots value must be between 2 and 16"); 1391 return 0; 1392 } 1393 ipcp_wantoptions [0].maxslotindex = 1394 ipcp_allowoptions[0].maxslotindex = value - 1; 1395 return 1; 1396 } 1397 1398 1399 /* 1400 * setconnector - Set a program to connect to a serial line 1401 */ 1402 static int 1403 setconnector(argv) 1404 char **argv; 1405 { 1406 connector = strdup(*argv); 1407 if (connector == NULL) 1408 novm("connect script"); 1409 connector_info.priv = privileged_option; 1410 connector_info.source = option_source; 1411 1412 return (1); 1413 } 1414 1415 /* 1416 * setdisconnector - Set a program to disconnect from the serial line 1417 */ 1418 static int 1419 setdisconnector(argv) 1420 char **argv; 1421 { 1422 disconnector = strdup(*argv); 1423 if (disconnector == NULL) 1424 novm("disconnect script"); 1425 disconnector_info.priv = privileged_option; 1426 disconnector_info.source = option_source; 1427 1428 return (1); 1429 } 1430 1431 /* 1432 * setwelcomer - Set a program to welcome a client after connection 1433 */ 1434 static int 1435 setwelcomer(argv) 1436 char **argv; 1437 { 1438 welcomer = strdup(*argv); 1439 if (welcomer == NULL) 1440 novm("welcome script"); 1441 welcomer_info.priv = privileged_option; 1442 welcomer_info.source = option_source; 1443 1444 return (1); 1445 } 1446 1447 /* 1448 * setmaxconnect - Set the maximum connect time 1449 */ 1450 static int 1451 setmaxconnect(argv) 1452 char **argv; 1453 { 1454 int value; 1455 1456 if (!int_option(*argv, &value)) 1457 return 0; 1458 if (value < 0) { 1459 option_error("maxconnect time must be positive"); 1460 return 0; 1461 } 1462 if (maxconnect > 0 && (value == 0 || value > maxconnect)) { 1463 option_error("maxconnect time cannot be increased"); 1464 return 0; 1465 } 1466 maxconnect = value; 1467 return 1; 1468 } 1469 1470 /* 1471 * setdomain - Set domain name to append to hostname 1472 */ 1473 static int 1474 setdomain(argv) 1475 char **argv; 1476 { 1477 if (!privileged_option) { 1478 option_error("using the domain option requires root privilege"); 1479 return 0; 1480 } 1481 gethostname(hostname, MAXNAMELEN); 1482 if (**argv != 0) { 1483 if (**argv != '.') 1484 strlcat(hostname, ".", MAXNAMELEN); 1485 strlcat(hostname, *argv, MAXNAMELEN); 1486 } 1487 hostname[MAXNAMELEN-1] = 0; 1488 return (1); 1489 } 1490 1491 1492 /* 1493 * setasyncmap - add bits to asyncmap (what we request peer to escape). 1494 */ 1495 static int 1496 setasyncmap(argv) 1497 char **argv; 1498 { 1499 u_int32_t asyncmap; 1500 1501 if (!number_option(*argv, &asyncmap, 16)) 1502 return 0; 1503 lcp_wantoptions[0].asyncmap |= asyncmap; 1504 lcp_wantoptions[0].neg_asyncmap = 1; 1505 return(1); 1506 } 1507 1508 1509 /* 1510 * setescape - add chars to the set we escape on transmission. 1511 */ 1512 static int 1513 setescape(argv) 1514 char **argv; 1515 { 1516 int n, ret; 1517 char *p, *endp; 1518 1519 p = *argv; 1520 ret = 1; 1521 while (*p) { 1522 n = strtol(p, &endp, 16); 1523 if (p == endp) { 1524 option_error("escape parameter contains invalid hex number '%s'", 1525 p); 1526 return 0; 1527 } 1528 p = endp; 1529 if (n < 0 || (0x20 <= n && n <= 0x3F) || n == 0x5E || n > 0xFF) { 1530 option_error("can't escape character 0x%x", n); 1531 ret = 0; 1532 } else 1533 xmit_accm[0][n >> 5] |= 1 << (n & 0x1F); 1534 while (*p == ',' || *p == ' ') 1535 ++p; 1536 } 1537 return ret; 1538 } 1539 1540 1541 /* 1542 * setspeed - Set the speed. 1543 */ 1544 static int 1545 setspeed(arg) 1546 char *arg; 1547 { 1548 char *ptr; 1549 int spd; 1550 1551 spd = strtol(arg, &ptr, 0); 1552 if (ptr == arg || *ptr != 0 || spd == 0) 1553 return 0; 1554 inspeed = spd; 1555 return 1; 1556 } 1557 1558 1559 /* 1560 * setdevname - Set the device name. 1561 */ 1562 static int 1563 setdevname(cp, quiet) 1564 char *cp; 1565 int quiet; 1566 { 1567 struct stat statbuf; 1568 char dev[MAXPATHLEN]; 1569 1570 if (*cp == 0) 1571 return 0; 1572 1573 if (strncmp("/dev/", cp, 5) != 0) { 1574 strlcpy(dev, "/dev/", sizeof dev); 1575 strlcat(dev, cp, sizeof dev); 1576 cp = dev; 1577 } 1578 1579 /* 1580 * Check if there is a device by this name. 1581 */ 1582 if (stat(cp, &statbuf) < 0) { 1583 if (errno == ENOENT || quiet) 1584 return 0; 1585 option_error("Couldn't stat %s: %m", cp); 1586 return -1; 1587 } 1588 1589 (void) strlcpy(devnam, cp, MAXPATHLEN); 1590 default_device = FALSE; 1591 devnam_info.priv = privileged_option; 1592 devnam_info.source = option_source; 1593 1594 return 1; 1595 } 1596 1597 1598 /* 1599 * setipaddr - Set the IP address 1600 */ 1601 static int 1602 setipaddr(arg) 1603 char *arg; 1604 { 1605 struct hostent *hp; 1606 char *colon; 1607 struct in_addr ina; 1608 u_int32_t local, remote; 1609 ipcp_options *wo = &ipcp_wantoptions[0]; 1610 1611 /* 1612 * IP address pair separated by ":". 1613 */ 1614 if ((colon = strchr(arg, ':')) == NULL) 1615 return 0; 1616 1617 /* 1618 * If colon first character, then no local addr. 1619 */ 1620 if (colon != arg) { 1621 *colon = '\0'; 1622 if (inet_aton(arg, &ina) == 0) { 1623 if ((hp = gethostbyname(arg)) == NULL) { 1624 option_error("unknown host: %s", arg); 1625 return -1; 1626 } else { 1627 local = *(u_int32_t *)hp->h_addr; 1628 if (our_name[0] == 0) 1629 strlcpy(our_name, arg, MAXNAMELEN); 1630 } 1631 } else 1632 local = ina.s_addr; 1633 if (bad_ip_adrs(local)) { 1634 option_error("bad local IP address %s", ip_ntoa(local)); 1635 return -1; 1636 } 1637 if (local != 0) 1638 wo->ouraddr = local; 1639 *colon = ':'; 1640 } 1641 1642 /* 1643 * If colon last character, then no remote addr. 1644 */ 1645 if (*++colon != '\0') { 1646 if (inet_aton(colon, &ina) == 0) { 1647 if ((hp = gethostbyname(colon)) == NULL) { 1648 option_error("unknown host: %s", colon); 1649 return -1; 1650 } else { 1651 remote = *(u_int32_t *)hp->h_addr; 1652 if (remote_name[0] == 0) 1653 strlcpy(remote_name, colon, MAXNAMELEN); 1654 } 1655 } else 1656 remote = ina.s_addr; 1657 if (bad_ip_adrs(remote)) { 1658 option_error("bad remote IP address %s", ip_ntoa(remote)); 1659 return -1; 1660 } 1661 if (remote != 0) 1662 wo->hisaddr = remote; 1663 } 1664 1665 return 1; 1666 } 1667 1668 1669 /* 1670 * setnoipdflt - disable setipdefault() 1671 */ 1672 static int 1673 setnoipdflt(argv) 1674 char **argv; 1675 { 1676 disable_defaultip = 1; 1677 return 1; 1678 } 1679 1680 1681 /* 1682 * setipcpaccl - accept peer's idea of our address 1683 */ 1684 static int 1685 setipcpaccl(argv) 1686 char **argv; 1687 { 1688 ipcp_wantoptions[0].accept_local = 1; 1689 return 1; 1690 } 1691 1692 1693 /* 1694 * setipcpaccr - accept peer's idea of its address 1695 */ 1696 static int 1697 setipcpaccr(argv) 1698 char **argv; 1699 { 1700 ipcp_wantoptions[0].accept_remote = 1; 1701 return 1; 1702 } 1703 1704 1705 /* 1706 * setnetmask - set the netmask to be used on the interface. 1707 */ 1708 static int 1709 setnetmask(argv) 1710 char **argv; 1711 { 1712 struct in_addr ina; 1713 1714 if (inet_aton(*argv, &ina) == 0 || (netmask & ~ina.s_addr) != 0) { 1715 option_error("invalid netmask value '%s'", *argv); 1716 return (0); 1717 } 1718 1719 netmask = ina.s_addr; 1720 return (1); 1721 } 1722 1723 static int 1724 setcrtscts(argv) 1725 char **argv; 1726 { 1727 crtscts = 1; 1728 return (1); 1729 } 1730 1731 static int 1732 setnocrtscts(argv) 1733 char **argv; 1734 { 1735 crtscts = -1; 1736 return (1); 1737 } 1738 1739 static int 1740 setxonxoff(argv) 1741 char **argv; 1742 { 1743 lcp_wantoptions[0].asyncmap |= 0x000A0000; /* escape ^S and ^Q */ 1744 lcp_wantoptions[0].neg_asyncmap = 1; 1745 1746 crtscts = -2; 1747 return (1); 1748 } 1749 1750 static int 1751 setnodetach(argv) 1752 char **argv; 1753 { 1754 nodetach = 1; 1755 return (1); 1756 } 1757 1758 static int 1759 setupdetach(argv) 1760 char **argv; 1761 { 1762 nodetach = -1; 1763 return (1); 1764 } 1765 1766 static int 1767 setdemand(argv) 1768 char **argv; 1769 { 1770 demand = 1; 1771 persist = 1; 1772 return 1; 1773 } 1774 1775 static int 1776 setmodem(argv) 1777 char **argv; 1778 { 1779 modem = 1; 1780 return 1; 1781 } 1782 1783 static int 1784 setmodem_chat(argv) 1785 char **argv; 1786 { 1787 modem_chat = 1; 1788 return 1; 1789 } 1790 1791 static int 1792 setlocal(argv) 1793 char **argv; 1794 { 1795 modem = 0; 1796 return 1; 1797 } 1798 1799 static int 1800 setlock(argv) 1801 char **argv; 1802 { 1803 lockflag = 1; 1804 return 1; 1805 } 1806 1807 static int 1808 setusehostname(argv) 1809 char **argv; 1810 { 1811 usehostname = 1; 1812 return 1; 1813 } 1814 1815 static int 1816 setname(argv) 1817 char **argv; 1818 { 1819 if (!privileged_option) { 1820 option_error("using the name option requires root privilege"); 1821 return 0; 1822 } 1823 strlcpy(our_name, argv[0], MAXNAMELEN); 1824 return 1; 1825 } 1826 1827 static int 1828 setuser(argv) 1829 char **argv; 1830 { 1831 strlcpy(user, argv[0], MAXNAMELEN); 1832 return 1; 1833 } 1834 1835 static int 1836 setremote(argv) 1837 char **argv; 1838 { 1839 strlcpy(remote_name, argv[0], MAXNAMELEN); 1840 return 1; 1841 } 1842 1843 static int 1844 setauth(argv) 1845 char **argv; 1846 { 1847 auth_required = 1; 1848 if (privileged_option > auth_req_info.priv) { 1849 auth_req_info.priv = privileged_option; 1850 auth_req_info.source = option_source; 1851 } 1852 return 1; 1853 } 1854 1855 static int 1856 setnoauth(argv) 1857 char **argv; 1858 { 1859 if (auth_required && privileged_option < auth_req_info.priv) { 1860 if (auth_req_info.source == NULL) 1861 option_error("cannot override default auth option"); 1862 else 1863 option_error("cannot override auth option set by %s", 1864 auth_req_info.source); 1865 return 0; 1866 } 1867 auth_required = 0; 1868 return 1; 1869 } 1870 1871 static int 1872 setdefaultroute(argv) 1873 char **argv; 1874 { 1875 if (!ipcp_allowoptions[0].default_route) { 1876 option_error("defaultroute option is disabled"); 1877 return 0; 1878 } 1879 ipcp_wantoptions[0].default_route = 1; 1880 return 1; 1881 } 1882 1883 static int 1884 setnodefaultroute(argv) 1885 char **argv; 1886 { 1887 ipcp_allowoptions[0].default_route = 0; 1888 ipcp_wantoptions[0].default_route = 0; 1889 return 1; 1890 } 1891 1892 static int 1893 setproxyarp(argv) 1894 char **argv; 1895 { 1896 if (!ipcp_allowoptions[0].proxy_arp) { 1897 option_error("proxyarp option is disabled"); 1898 return 0; 1899 } 1900 ipcp_wantoptions[0].proxy_arp = 1; 1901 return 1; 1902 } 1903 1904 static int 1905 setnoproxyarp(argv) 1906 char **argv; 1907 { 1908 ipcp_wantoptions[0].proxy_arp = 0; 1909 ipcp_allowoptions[0].proxy_arp = 0; 1910 return 1; 1911 } 1912 1913 static int 1914 setpersist(argv) 1915 char **argv; 1916 { 1917 persist = 1; 1918 return 1; 1919 } 1920 1921 static int 1922 setnopersist(argv) 1923 char **argv; 1924 { 1925 persist = 0; 1926 return 1; 1927 } 1928 1929 static int 1930 setdologin(argv) 1931 char **argv; 1932 { 1933 uselogin = 1; 1934 return 1; 1935 } 1936 1937 /* 1938 * Functions to set the echo interval for modem-less monitors 1939 */ 1940 1941 static int 1942 setlcpechointv(argv) 1943 char **argv; 1944 { 1945 return int_option(*argv, &lcp_echo_interval); 1946 } 1947 1948 static int 1949 setlcpechofails(argv) 1950 char **argv; 1951 { 1952 return int_option(*argv, &lcp_echo_fails); 1953 } 1954 1955 /* 1956 * Functions to set timeouts, max transmits, etc. 1957 */ 1958 static int 1959 setlcptimeout(argv) 1960 char **argv; 1961 { 1962 return int_option(*argv, &lcp_fsm[0].timeouttime); 1963 } 1964 1965 static int 1966 setlcpterm(argv) 1967 char **argv; 1968 { 1969 return int_option(*argv, &lcp_fsm[0].maxtermtransmits); 1970 } 1971 1972 static int 1973 setlcpconf(argv) 1974 char **argv; 1975 { 1976 return int_option(*argv, &lcp_fsm[0].maxconfreqtransmits); 1977 } 1978 1979 static int 1980 setlcpfails(argv) 1981 char **argv; 1982 { 1983 return int_option(*argv, &lcp_fsm[0].maxnakloops); 1984 } 1985 1986 static int 1987 setipcptimeout(argv) 1988 char **argv; 1989 { 1990 return int_option(*argv, &ipcp_fsm[0].timeouttime); 1991 } 1992 1993 static int 1994 setipcpterm(argv) 1995 char **argv; 1996 { 1997 return int_option(*argv, &ipcp_fsm[0].maxtermtransmits); 1998 } 1999 2000 static int 2001 setipcpconf(argv) 2002 char **argv; 2003 { 2004 return int_option(*argv, &ipcp_fsm[0].maxconfreqtransmits); 2005 } 2006 2007 static int 2008 setipcpfails(argv) 2009 char **argv; 2010 { 2011 return int_option(*argv, &lcp_fsm[0].maxnakloops); 2012 } 2013 2014 static int 2015 setpaptimeout(argv) 2016 char **argv; 2017 { 2018 return int_option(*argv, &upap[0].us_timeouttime); 2019 } 2020 2021 static int 2022 setpapreqtime(argv) 2023 char **argv; 2024 { 2025 return int_option(*argv, &upap[0].us_reqtimeout); 2026 } 2027 2028 static int 2029 setpapreqs(argv) 2030 char **argv; 2031 { 2032 return int_option(*argv, &upap[0].us_maxtransmits); 2033 } 2034 2035 static int 2036 setchaptimeout(argv) 2037 char **argv; 2038 { 2039 return int_option(*argv, &chap[0].timeouttime); 2040 } 2041 2042 static int 2043 setchapchal(argv) 2044 char **argv; 2045 { 2046 return int_option(*argv, &chap[0].max_transmits); 2047 } 2048 2049 static int 2050 setchapintv(argv) 2051 char **argv; 2052 { 2053 return int_option(*argv, &chap[0].chal_interval); 2054 } 2055 2056 static int 2057 noccp(argv) 2058 char **argv; 2059 { 2060 ccp_protent.enabled_flag = 0; 2061 return 1; 2062 } 2063 2064 static int 2065 setbsdcomp(argv) 2066 char **argv; 2067 { 2068 int rbits, abits; 2069 char *str, *endp; 2070 2071 str = *argv; 2072 abits = rbits = strtol(str, &endp, 0); 2073 if (endp != str && *endp == ',') { 2074 str = endp + 1; 2075 abits = strtol(str, &endp, 0); 2076 } 2077 if (*endp != 0 || endp == str) { 2078 option_error("invalid parameter '%s' for bsdcomp option", *argv); 2079 return 0; 2080 } 2081 if ((rbits != 0 && (rbits < BSD_MIN_BITS || rbits > BSD_MAX_BITS)) 2082 || (abits != 0 && (abits < BSD_MIN_BITS || abits > BSD_MAX_BITS))) { 2083 option_error("bsdcomp option values must be 0 or %d .. %d", 2084 BSD_MIN_BITS, BSD_MAX_BITS); 2085 return 0; 2086 } 2087 if (rbits > 0) { 2088 ccp_wantoptions[0].bsd_compress = 1; 2089 ccp_wantoptions[0].bsd_bits = rbits; 2090 } else 2091 ccp_wantoptions[0].bsd_compress = 0; 2092 if (abits > 0) { 2093 ccp_allowoptions[0].bsd_compress = 1; 2094 ccp_allowoptions[0].bsd_bits = abits; 2095 } else 2096 ccp_allowoptions[0].bsd_compress = 0; 2097 return 1; 2098 } 2099 2100 static int 2101 setnobsdcomp(argv) 2102 char **argv; 2103 { 2104 ccp_wantoptions[0].bsd_compress = 0; 2105 ccp_allowoptions[0].bsd_compress = 0; 2106 return 1; 2107 } 2108 2109 static int 2110 setdeflate(argv) 2111 char **argv; 2112 { 2113 int rbits, abits; 2114 char *str, *endp; 2115 2116 str = *argv; 2117 abits = rbits = strtol(str, &endp, 0); 2118 if (endp != str && *endp == ',') { 2119 str = endp + 1; 2120 abits = strtol(str, &endp, 0); 2121 } 2122 if (*endp != 0 || endp == str) { 2123 option_error("invalid parameter '%s' for deflate option", *argv); 2124 return 0; 2125 } 2126 if ((rbits != 0 && (rbits < DEFLATE_MIN_SIZE || rbits > DEFLATE_MAX_SIZE)) 2127 || (abits != 0 && (abits < DEFLATE_MIN_SIZE 2128 || abits > DEFLATE_MAX_SIZE))) { 2129 option_error("deflate option values must be 0 or %d .. %d", 2130 DEFLATE_MIN_SIZE, DEFLATE_MAX_SIZE); 2131 return 0; 2132 } 2133 if (rbits > 0) { 2134 ccp_wantoptions[0].deflate = 1; 2135 ccp_wantoptions[0].deflate_size = rbits; 2136 } else 2137 ccp_wantoptions[0].deflate = 0; 2138 if (abits > 0) { 2139 ccp_allowoptions[0].deflate = 1; 2140 ccp_allowoptions[0].deflate_size = abits; 2141 } else 2142 ccp_allowoptions[0].deflate = 0; 2143 return 1; 2144 } 2145 2146 static int 2147 setnodeflate(argv) 2148 char **argv; 2149 { 2150 ccp_wantoptions[0].deflate = 0; 2151 ccp_allowoptions[0].deflate = 0; 2152 return 1; 2153 } 2154 2155 static int 2156 setnodeflatedraft(argv) 2157 char **argv; 2158 { 2159 ccp_wantoptions[0].deflate_draft = 0; 2160 ccp_allowoptions[0].deflate_draft = 0; 2161 return 1; 2162 } 2163 2164 static int 2165 setpred1comp(argv) 2166 char **argv; 2167 { 2168 ccp_wantoptions[0].predictor_1 = 1; 2169 ccp_allowoptions[0].predictor_1 = 1; 2170 return 1; 2171 } 2172 2173 static int 2174 setnopred1comp(argv) 2175 char **argv; 2176 { 2177 ccp_wantoptions[0].predictor_1 = 0; 2178 ccp_allowoptions[0].predictor_1 = 0; 2179 return 1; 2180 } 2181 2182 static int 2183 setipparam(argv) 2184 char **argv; 2185 { 2186 ipparam = strdup(*argv); 2187 if (ipparam == NULL) 2188 novm("ipparam string"); 2189 2190 return 1; 2191 } 2192 2193 static int 2194 setpapcrypt(argv) 2195 char **argv; 2196 { 2197 cryptpap = 1; 2198 return 1; 2199 } 2200 2201 static int 2202 setidle(argv) 2203 char **argv; 2204 { 2205 return int_option(*argv, &idle_time_limit); 2206 } 2207 2208 static int 2209 setholdoff(argv) 2210 char **argv; 2211 { 2212 return int_option(*argv, &holdoff); 2213 } 2214 2215 /* 2216 * setdnsaddr - set the dns address(es) 2217 */ 2218 static int 2219 setdnsaddr(argv) 2220 char **argv; 2221 { 2222 struct in_addr ina; 2223 struct hostent *hp; 2224 2225 if (inet_aton(*argv, &ina) == 0) { 2226 if ((hp = gethostbyname(*argv)) == NULL) { 2227 option_error("invalid address parameter '%s' for ms-dns option", 2228 *argv); 2229 return (0); 2230 } 2231 ina.s_addr = *(u_int32_t *)hp->h_addr; 2232 } 2233 2234 /* if there is no primary then update it. */ 2235 if (ipcp_allowoptions[0].dnsaddr[0] == 0) 2236 ipcp_allowoptions[0].dnsaddr[0] = ina.s_addr; 2237 2238 /* always set the secondary address value to the same value. */ 2239 ipcp_allowoptions[0].dnsaddr[1] = ina.s_addr; 2240 2241 return (1); 2242 } 2243 2244 /* 2245 * setwinsaddr - set the wins address(es) 2246 * This is primrarly used with the Samba package under UNIX or for pointing 2247 * the caller to the existing WINS server on a Windows NT platform. 2248 */ 2249 static int 2250 setwinsaddr(argv) 2251 char **argv; 2252 { 2253 struct in_addr ina; 2254 struct hostent *hp; 2255 2256 if (inet_aton(*argv, &ina) == 0) { 2257 if ((hp = gethostbyname(*argv)) == NULL) { 2258 option_error("invalid address parameter '%s' for ms-wins option", 2259 *argv); 2260 return (0); 2261 } 2262 ina.s_addr = *(u_int32_t *)hp->h_addr; 2263 } 2264 2265 /* if there is no primary then update it. */ 2266 if (ipcp_allowoptions[0].winsaddr[0] == 0) 2267 ipcp_allowoptions[0].winsaddr[0] = ina.s_addr; 2268 2269 /* always set the secondary address value to the same value. */ 2270 ipcp_allowoptions[0].winsaddr[1] = ina.s_addr; 2271 2272 return (1); 2273 } 2274 2275 #ifdef MSLANMAN 2276 static int 2277 setmslanman(argv) 2278 char **argv; 2279 { 2280 ms_lanman = 1; 2281 return (1); 2282 } 2283 #endif 2284