1
2 /*
3 * Author: Arvin Schnell <arvin@suse.de>
4 *
5 * This plugin let's you pass the password to the pppd via
6 * a file descriptor. That's easy and secure - no fiddling
7 * with pap- and chap-secrets files.
8 */
9
10 #include <stdio.h>
11 #include <errno.h>
12 #include <string.h>
13 #include <unistd.h>
14 #include <stdarg.h>
15 #include <stdbool.h>
16 #include <stdint.h>
17 #include <sys/time.h>
18
19 #include <pppd/pppd.h>
20 #include <pppd/upap.h>
21 #include <pppd/chap.h>
22 #include <pppd/eap.h>
23 #include <pppd/options.h>
24
25 char pppd_version[] = PPPD_VERSION;
26
27 static char save_passwd[MAXSECRETLEN];
28
pwfd_read_password(char ** argv)29 static int pwfd_read_password(char **argv)
30 {
31 ssize_t readgood, red;
32 int passwdfd;
33 char passwd[MAXSECRETLEN];
34
35 if (!ppp_int_option(argv[0], &passwdfd))
36 return 0;
37
38 readgood = 0;
39 do {
40 red = read (passwdfd, passwd + readgood, MAXSECRETLEN - 1 - readgood);
41 if (red == 0)
42 break;
43 if (red < 0) {
44 error ("Can't read secret from fd\n");
45 readgood = -1;
46 break;
47 }
48 readgood += red;
49 } while (readgood < MAXSECRETLEN - 1);
50
51 close (passwdfd);
52
53 if (readgood < 0)
54 return 0;
55
56 passwd[readgood] = 0;
57 strcpy (save_passwd, passwd);
58
59 return 1;
60 }
61
62 static struct option options[] = {
63 { "passwordfd", o_special, pwfd_read_password,
64 "Receive password on this file descriptor" },
65 { NULL }
66 };
67
pwfd_check(void)68 static int pwfd_check (void)
69 {
70 return 1;
71 }
72
pwfd_passwd(char * user,char * passwd)73 static int pwfd_passwd (char *user, char *passwd)
74 {
75 if (passwd != NULL)
76 strcpy(passwd, save_passwd);
77 return 1;
78 }
79
plugin_init(void)80 void plugin_init (void)
81 {
82 ppp_add_options (options);
83
84 pap_check_hook = pwfd_check;
85 pap_passwd_hook = pwfd_passwd;
86
87 chap_check_hook = pwfd_check;
88 chap_passwd_hook = pwfd_passwd;
89
90 #ifdef PPP_WITH_EAPTLS
91 eaptls_passwd_hook = pwfd_passwd;
92 #endif
93 }
94