Don't login twice when using passwdauth
Suggested by: Peter Childs <pjchilds@imforei.apana.org.au> Merge the whole module into a few lines in pap.c
This commit is contained in:
Brian Somers
parent
91f7577b37
commit
f0d4fed251
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=29895
@ -1,10 +1,10 @@
|
||||
# $Id: Makefile,v 1.24 1997/09/04 00:38:17 brian Exp $
|
||||
# $Id: Makefile,v 1.25 1997/09/25 00:52:31 brian Exp $
|
||||
|
||||
PROG= ppp
|
||||
SRCS= alias_cmd.c arp.c async.c auth.c ccp.c chap.c chat.c command.c \
|
||||
filter.c fsm.c hdlc.c ip.c ipcp.c lcp.c loadalias.c log.c lqr.c \
|
||||
main.c mbuf.c modem.c os.c pap.c passwdauth.c pred.c route.c \
|
||||
server.c sig.c slcompress.c systems.c timer.c vars.c vjcomp.c
|
||||
main.c mbuf.c modem.c os.c pap.c pred.c route.c server.c sig.c \
|
||||
slcompress.c systems.c timer.c vars.c vjcomp.c
|
||||
CFLAGS+=-Wall
|
||||
LDADD+= -lmd -lcrypt -lutil
|
||||
DPADD+= ${LIBMD} ${LIBCRYPT} ${LIBUTIL}
|
||||
|
||||
@ -18,12 +18,13 @@
|
||||
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* $Id: pap.c,v 1.14 1997/08/25 00:29:24 brian Exp $
|
||||
* $Id: pap.c,v 1.15 1997/09/22 23:59:15 brian Exp $
|
||||
*
|
||||
* TODO:
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <utmp.h>
|
||||
#include <pwd.h>
|
||||
#include "fsm.h"
|
||||
#include "lcp.h"
|
||||
#include "pap.h"
|
||||
@ -39,10 +40,6 @@
|
||||
#include "libutil.h"
|
||||
#endif
|
||||
|
||||
#ifndef NOPASSWDAUTH
|
||||
#include "passwdauth.h"
|
||||
#endif
|
||||
|
||||
static char *papcodes[] = {
|
||||
"???", "REQUEST", "ACK", "NAK"
|
||||
};
|
||||
@ -119,8 +116,14 @@ PapValidate(u_char * name, u_char * key)
|
||||
|
||||
#ifndef NOPASSWDAUTH
|
||||
if (Enabled(ConfPasswdAuth)) {
|
||||
LogPrintf(LogLCP, "PasswdAuth enabled - calling\n");
|
||||
return PasswdAuth(name, key);
|
||||
struct passwd *pwd;
|
||||
int result;
|
||||
|
||||
LogPrintf(LogLCP, "Using PasswdAuth\n");
|
||||
result = (pwd = getpwnam(name)) &&
|
||||
!strcmp(crypt(key, pwd->pw_passwd), pwd->pw_passwd);
|
||||
endpwent();
|
||||
return result;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
@ -1,109 +0,0 @@
|
||||
/*
|
||||
*
|
||||
* passwdauth.c - pjchilds@imforei.apana.org.au
|
||||
*
|
||||
* authenticate user via the password file
|
||||
*
|
||||
* Redistribution and use in source and binary forms are permitted
|
||||
* provided that the above copyright notice and this paragraph are
|
||||
* duplicated in all such forms and that any documentation,
|
||||
* advertising materials, and other materials related to such
|
||||
* distribution and use acknowledge that the software was developed
|
||||
* by the Peter Childs. The name of the author may not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
||||
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <utmp.h>
|
||||
#include <time.h>
|
||||
#ifdef __OpenBSD__
|
||||
#include <util.h>
|
||||
#else
|
||||
#include <libutil.h>
|
||||
#endif
|
||||
#include <pwd.h>
|
||||
#include "fsm.h"
|
||||
#include "passwdauth.h"
|
||||
|
||||
int
|
||||
PasswdAuth(char *name, char *key)
|
||||
{
|
||||
static int logged_in = 0;
|
||||
struct passwd *pwd;
|
||||
char *salt, *ep;
|
||||
struct utmp utmp;
|
||||
|
||||
LogPrintf(LogDEBUG, "PasswdAuth: Called with name %s, key %s\n", name, key);
|
||||
|
||||
if ((pwd = getpwnam(name)))
|
||||
salt = pwd->pw_passwd;
|
||||
else {
|
||||
endpwent();
|
||||
LogPrintf(LogLCP, "PasswdAuth - user (%s) not in passwd file\n", name);
|
||||
return 0; /* false - failed to authenticate (password
|
||||
* not in file) */
|
||||
}
|
||||
|
||||
#ifdef LOCALHACK
|
||||
|
||||
/*
|
||||
* All our PPP usernames start with 'P' so i check that here... if you
|
||||
* don't do this i suggest all your PPP users be members of a group and you
|
||||
* check the guid
|
||||
*/
|
||||
|
||||
if (name[0] != 'P') {
|
||||
LogPrintf(LogLCP, "PasswdAuth - user (%s) not a PPP user\n", name);
|
||||
endpwent();
|
||||
return 0;
|
||||
}
|
||||
#endif /* LOCALHACK */
|
||||
|
||||
ep = crypt(key, salt);
|
||||
|
||||
/* strcmp returns 0 if same */
|
||||
if (strcmp(ep, pwd->pw_passwd) != 0) {
|
||||
LogPrintf(LogLCP, "PasswdAuth - user (%s,%s) authentication failed\n",
|
||||
name, key);
|
||||
endpwent();
|
||||
return 0; /* false - failed to authenticate (didn't
|
||||
* match up) */
|
||||
}
|
||||
|
||||
/*
|
||||
* now we log them in... we have a static login flag so we don't do it
|
||||
* twice :)
|
||||
*/
|
||||
|
||||
if (!logged_in) {
|
||||
(void) time(&utmp.ut_time);
|
||||
(void) strncpy(utmp.ut_name, name, sizeof(utmp.ut_name));
|
||||
|
||||
/*
|
||||
* if the first three chacters are "pap" trim them off before doing utmp
|
||||
* entry (see sample.ppp-pap-dialup
|
||||
*/
|
||||
|
||||
if (strncmp("pap", dstsystem, 3) == 0)
|
||||
(void) strncpy(utmp.ut_line, (char *) (dstsystem + 3), sizeof(utmp.ut_line));
|
||||
else
|
||||
(void) strncpy(utmp.ut_line, dstsystem, sizeof(utmp.ut_line));
|
||||
|
||||
(void) strncpy(utmp.ut_host, "auto-ppp", sizeof(utmp.ut_host));
|
||||
login(&utmp);
|
||||
(void) setlogin(pwd->pw_name);
|
||||
|
||||
LogPrintf(LogLCP, "PasswdAuth has logged in user %s\n", name);
|
||||
|
||||
logged_in = 1;
|
||||
}
|
||||
endpwent();
|
||||
|
||||
return 1;
|
||||
}
|
||||
@ -1,11 +0,0 @@
|
||||
/*
|
||||
* passwdauth.h
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef _PASSWDAUTH_H_
|
||||
#define _PASSWDAUTH_H_
|
||||
|
||||
extern int PasswdAuth(char *, char *);
|
||||
|
||||
#endif
|
||||
Loading…
Reference in New Issue
Block a user