Date: Tue, 14 Apr 1998 18:19:15 +0900 From: Akiya Ishida <aya@ddt.co.jp> To: freebsd-bugs@FreeBSD.ORG Cc: ishida@ddt.co.jp Subject: /usr/sbin/ppp problem on 2.2.6-RELEASE Message-ID: <199804140919.SAA00561@rei.int.ddt.co.jp>
next in thread | raw e-mail | index | archive | help
I found a problem on ppp, happened when you execute /usr/sbin/ppp as
non-root, authenticate with PAP. OS version is 2.2.6-RELEASE.
The PAP authenticate code can NOT get user's password, because its
effective user ID(E-UID) isn't 0(root). PPP sets EUID to UID
(real-UID) on some point after it started. The code gets '*' as
password instead of crypted string.
Here, you can re-create the problem.
1. Create a special account(ppp) for invoke /usr/sbin/ppp.
This account doesn't have password.
Ex. ppp::69:69::0:0:PPP:/tmp:/etc/ppp/ppp-pap-dialup
The login-shell "ppp-pap-dialup" is come from FreeBSD-Handbook,
which executes /usr/sbin/ppp with PAP authentication.
2. Setup PPP client to transmit "ppp^M" after got "login:" and do PAP
authentication. Give your account and password to PPP client, then try
to connect. PPP server doesn't allow you to connect.
Your account must be on the local passwd database to re-create this
problem. If your account is on NIS, PPP can get a password, no problem
occurred.
I made a patch to fix this problem.
Hoping this helps you....
Regards,
Akiya ISHIDA / ishida@ddt.co.jp
Digital Derivative Technologies Japan Inc.
============================
*** pap.c- Thu Feb 19 11:10:50 1998
--- pap.c Tue Apr 14 17:50:55 1998
***************
*** 25,31 ****
#include <sys/param.h>
#include <netinet/in.h>
- #include <pwd.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
--- 25,30 ----
***************
*** 130,142 ****
#ifndef NOPASSWDAUTH
if (Enabled(ConfPasswdAuth)) {
! struct passwd *pwd;
int result;
LogPrintf(LogLCP, "Using PasswdAuth\n");
! result = (pwd = getpwnam(name)) &&
! !strcmp(crypt(key, pwd->pw_passwd), pwd->pw_passwd);
! endpwent();
return result;
}
#endif
--- 129,140 ----
#ifndef NOPASSWDAUTH
if (Enabled(ConfPasswdAuth)) {
! char *passwd;
int result;
LogPrintf(LogLCP, "Using PasswdAuth\n");
! result = (passwd = ID0getpasswd(name)) &&
! !strcmp(crypt(key, passwd), passwd);
return result;
}
#endif
*** id.h- Thu Feb 19 11:10:45 1998
--- id.h Tue Apr 14 15:16:49 1998
***************
*** 40,42 ****
--- 40,43 ----
extern int ID0uu_unlock(const char *);
extern void ID0login(struct utmp *);
extern void ID0logout(const char *);
+ extern char *ID0getpasswd(const char *);
*** id.c- Thu Feb 19 11:10:43 1998
--- id.c Tue Apr 14 15:22:27 1998
***************
*** 210,212 ****
--- 210,227 ----
LogPrintf(LogERROR, "ID0logout: No longer logged in on %s\n", ut.ut_line);
ID0setuser();
}
+
+ #include <pwd.h>
+
+ char *ID0getpasswd(const char *name)
+ {
+ static char passwd[50];
+ struct passwd *pwd;
+
+ ID0set0();
+ if ((pwd = getpwnam(name))==NULL) return NULL;
+ strcpy(passwd, pwd->pw_passwd);
+ endpwent();
+ ID0setuser();
+ return passwd;
+ }
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804140919.SAA00561>