mirrors/ppp
0
0
Fork 0
mirror of https://github.com/paulusmack/ppp.git synced 2024-11-23 02:13:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #529 from ppp-project/springclean

Browse Source 
Springclean
This commit is contained in:
Paul Mackerras 2024-10-29 16:42:46 +11:00 committed by GitHub
commit 616102e93b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
29 changed files with 3 additions and 1347 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile.am
View File

@ -1,6 +1,6 @@
ACLOCAL_AMFLAGS="-Im4"
SUBDIRS = chat contrib pppd pppstats pppdump
SUBDIRS = chat pppd pppstats pppdump
if PPP_WITH_PLUGINS
SUBDIRS += pppd/plugins

11
configure.ac
View File

@ -317,22 +317,11 @@ AM_COND_IF([PPP_WITH_FILTER], [
])
])
#
# Some contributions require GTK/GLIB
AC_ARG_WITH([gtk], AS_HELP_STRING([--with-gtk], [Build contributions with the GTK+ interface]))
if test "x${with_gtk}" = "xyes"; then
PKG_CHECK_MODULES([GTK], [gtk+-2.0])
PKG_CHECK_MODULES([GLIB], [glib-2.0])
fi
AM_CONDITIONAL([WITH_GTK], test "x${with_gtk}" = "xyes")
AC_DEFINE_UNQUOTED(PPPD_VERSION, "$VERSION", [Version of pppd])
AC_CONFIG_FILES([
Makefile
chat/Makefile
contrib/Makefile
contrib/pppgetpass/Makefile
include/Makefile
pppd/Makefile
pppd/pppd.pc

1
contrib/Makefile.am
View File

@ -1 +0,0 @@
SUBDIRS = pppgetpass

2
contrib/pppgetpass/.gitignore vendored
View File

@ -1,2 +0,0 @@
pppgetpass.vt
pppgetpass.gtk

17
contrib/pppgetpass/Makefile.am
View File

@ -1,17 +0,0 @@
noinst_PROGRAMS = pppgetpass.vt
pppgetpass_vt_SOURCES = pppgetpass.vt.c
pppgetpass_vt_CPPFLAGS = -Wno-unused-result
if WITH_GTK
noinst_PROGRAMS += pppgetpass.gtk
pppgetpass_gtk_SOURCES = pppgetpass.gtk.c
pppgetpass_gtk_CPPFLAGS = -Wno-deprecated-declarations -Wno-discarded-qualifiers
pppgetpass_gtk_CPPFLAGS += $(GLIB_CFLAGS) $(GTK_CFLAGS)
pppgetpass_gtk_LDADD = $(GLIB_LIBS) $(GTK_LIBS)
endif
EXTRA_DIST = \
pppgetpass.sh \
pppgetpass.8

18
contrib/pppgetpass/pppgetpass.8
View File

@ -1,18 +0,0 @@
.TH PPPGETPASS 8 "26 Sep 1999"
.SH NAME
pppgetpass \- prompt for PAP password
.SH SYNOPSIS
.B pppgetpass
.I client server fd
.SH DESCRIPTION
.B pppgetpass
the outer half of a plugin for PAP password prompting in pppd.
If the peer requires PAP, and the
.B passprompt.so
plugin is loaded into pppd, it will run
.B /usr/sbin/pppgetpass
(or another program specified by the
.B promptprog
option) to prompt the user for the password.
.SH SEE ALSO
pppd(8)

92
contrib/pppgetpass/pppgetpass.gtk.c
View File

@ -1,92 +0,0 @@
#include <glib.h>
#include <gdk/gdk.h>
#include <gtk/gtkwindow.h>
#include <gtk/gtkmain.h>
#include <gtk/gtkbutton.h>
#include <gtk/gtkvbox.h>
#include <gtk/gtklabel.h>
#include <gtk/gtkentry.h>
#include <gtk/gtksignal.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <syslog.h>
int outfd;
int err;
static void okpressed(void *widget, void *clientdata)
{
GtkWidget *answer=clientdata;
gchar *pass;
int passlen;
ssize_t wrote;
(void)widget;
pass=gtk_entry_get_text(GTK_ENTRY(answer));
passlen=strlen(pass);
if(!passlen)
return;
if((wrote=write(outfd, pass, passlen))!=passlen) {
if(wrote<0)
syslog(LOG_ERR, "write error on outpipe: %m");
else
syslog(LOG_ERR, "short write on outpipe");
err=1;
}
gtk_main_quit();
}
int main(int argc, char **argv)
{
GtkWidget *mainwindow, *vbox, *question, *answer, *ok;
char buf[1024];
gtk_init(&argc, &argv);
openlog(argv[0], LOG_PID, LOG_DAEMON);
if(argc!=4) {
syslog(LOG_WARNING, "Usage error");
return 1;
}
outfd=atoi(argv[3]);
mainwindow=gtk_window_new(GTK_WINDOW_TOPLEVEL);
gtk_window_set_title(GTK_WINDOW(mainwindow), "pppgetpass");
gtk_signal_connect(GTK_OBJECT(mainwindow), "destroy",
GTK_SIGNAL_FUNC(gtk_main_quit), 0);
vbox=gtk_vbox_new(FALSE, 5);
gtk_container_add(GTK_CONTAINER(mainwindow), vbox);
gtk_widget_show(vbox);
if(argv[1][0] && argv[2][0])
snprintf(buf, sizeof buf, "Password for PPP client %s on server %s: ", argv[1], argv[2]);
else if(argv[1][0] && !argv[2][0])
snprintf(buf, sizeof buf, "Password for PPP client %s: ", argv[1]);
else if(!argv[1][0] && argv[2][0])
snprintf(buf, sizeof buf, "Password for PPP on server %s: ", argv[2]);
else
snprintf(buf, sizeof buf, "Enter PPP password: ");
question=gtk_label_new(buf);
gtk_box_pack_start(GTK_BOX(vbox), question, FALSE, TRUE, 0);
gtk_widget_show(question);
answer=gtk_entry_new();
gtk_entry_set_visibility(GTK_ENTRY(answer), 0);
gtk_box_pack_start(GTK_BOX(vbox), answer, FALSE, TRUE, 0);
gtk_widget_show(answer);
ok=gtk_button_new_with_label("OK");
gtk_box_pack_start(GTK_BOX(vbox), ok, FALSE, TRUE, 0);
gtk_signal_connect(GTK_OBJECT(ok), "clicked",
GTK_SIGNAL_FUNC(okpressed), answer);
gtk_widget_show(ok);
gtk_widget_show(mainwindow);
gtk_main();
return err;
}

7
contrib/pppgetpass/pppgetpass.sh
View File

@ -1,7 +0,0 @@
#!/bin/sh
if [ -z "$DISPLAY" ]; then
exec pppgetpass.vt "$@"
else
exec pppgetpass.gtk "$@"
fi

218
contrib/pppgetpass/pppgetpass.vt.c
View File

@ -1,218 +0,0 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <errno.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <syslog.h>
#include <termios.h>
#include <sys/vt.h>
static int console_owner(uid_t, int);
int main(int argc, char **argv)
{
int console;
uid_t uid;
struct vt_stat origstate;
int openvtnum;
char openvtname[256];
int openvt;
gid_t gid;
int chowned;
FILE *fp;
struct termios t;
char pass[256], *nl;
int outfd, passlen;
ssize_t wrote;
console=open("/dev/console", O_RDWR);
uid=getuid();
gid=getgid();
seteuid(uid);
openlog(argv[0], LOG_PID, LOG_DAEMON);
if(argc!=4) {
syslog(LOG_WARNING, "Usage error");
return 1;
}
if(console<0) {
syslog(LOG_ERR, "open(/dev/console): %m");
return 1;
}
if(ioctl(console, VT_GETSTATE, &origstate)<0) {
syslog(LOG_ERR, "VT_GETSTATE: %m");
return 1;
}
if(uid) {
if(!console_owner(uid, origstate.v_active)) {
int i;
for(i=0;i<64;++i) {
if(i!=origstate.v_active && console_owner(uid, i))
break;
}
if(i==64) {
syslog(LOG_WARNING, "run by uid %lu not at console", (unsigned long)uid);
return 1;
}
}
}
if(ioctl(console, VT_OPENQRY, &openvtnum)<0) {
syslog(LOG_ERR, "VT_OPENQRY: %m");
return 1;
}
if(openvtnum==-1) {
syslog(LOG_ERR, "No free VTs");
return 1;
}
snprintf(openvtname, sizeof openvtname, "/dev/tty%d", openvtnum);
seteuid(0);
openvt=open(openvtname, O_RDWR);
if(openvt<0) {
seteuid(uid);
syslog(LOG_ERR, "open(%s): %m", openvtname);
return 1;
}
chowned=fchown(openvt, uid, gid);
if(chowned<0) {
seteuid(uid);
syslog(LOG_ERR, "fchown(%s): %m", openvtname);
return 1;
}
close(console);
if(ioctl(openvt, VT_ACTIVATE, openvtnum)<0) {
seteuid(uid);
syslog(LOG_ERR, "VT_ACTIVATE(%d): %m", openvtnum);
return 1;
}
while(ioctl(openvt, VT_WAITACTIVE, openvtnum)<0) {
if(errno!=EINTR) {
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
syslog(LOG_ERR, "VT_WAITACTIVE(%d): %m", openvtnum);
return 1;
}
}
seteuid(uid);
fp=fdopen(openvt, "r+");
if(!fp) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
syslog(LOG_ERR, "fdopen(%s): %m", openvtname);
return 1;
}
if(tcgetattr(openvt, &t)<0) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
syslog(LOG_ERR, "tcgetattr(%s): %m", openvtname);
return 1;
}
t.c_lflag &= ~ECHO;
if(tcsetattr(openvt, TCSANOW, &t)<0) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
syslog(LOG_ERR, "tcsetattr(%s): %m", openvtname);
return 1;
}
if(fprintf(fp, "\033[2J\033[H")<0) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
syslog(LOG_ERR, "write error on %s: %m", openvtname);
return 1;
}
if(argv[1][0] && argv[2][0]) {
if(fprintf(fp, "Password for PPP client %s on server %s: ", argv[1], argv[2])<0) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
syslog(LOG_ERR, "write error on %s: %m", openvtname);
return 1;
}
} else if(argv[1][0] && !argv[2][0]) {
if(fprintf(fp, "Password for PPP client %s: ", argv[1])<0) {
syslog(LOG_ERR, "write error on %s: %m", openvtname);
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
return 1;
}
} else if(!argv[1][0] && argv[2][0]) {
if(fprintf(fp, "Password for PPP on server %s: ", argv[2])<0) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
syslog(LOG_ERR, "write error on %s: %m", openvtname);
return 1;
}
} else {
if(fprintf(fp, "Enter PPP password: ")<0) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
syslog(LOG_ERR, "write error on %s: %m", openvtname);
return 1;
}
}
if(!fgets(pass, sizeof pass, fp)) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
if(ferror(fp)) {
syslog(LOG_ERR, "read error on %s: %m", openvtname);
}
return 1;
}
if((nl=strchr(pass, '\n')))
*nl=0;
passlen=strlen(pass);
outfd=atoi(argv[3]);
if((wrote=write(outfd, pass, passlen))!=passlen) {
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
if(wrote<0)
syslog(LOG_ERR, "write error on outpipe: %m");
else
syslog(LOG_ERR, "short write on outpipe");
return 1;
}
seteuid(0);
ioctl(openvt, VT_ACTIVATE, origstate.v_active);
seteuid(uid);
return 0;
}
static int console_owner(uid_t uid, int cons)
{
char name[256];
struct stat st;
snprintf(name, sizeof name, "/dev/tty%d", cons);
if(stat(name, &st)<0) {
if(errno!=ENOENT)
syslog(LOG_ERR, "stat(%s): %m", name);
return 0;
}
return uid==st.st_uid;
}

6
pppd/plugins/Makefile.am
View File

@ -1,4 +1,4 @@
pppd_plugin_LTLIBRARIES = minconn.la passprompt.la passwordfd.la winbind.la
pppd_plugin_LTLIBRARIES = minconn.la passwordfd.la winbind.la
pppd_plugindir = $(PPPD_PLUGIN_DIR)
PLUGIN_CPPFLAGS = -I${top_srcdir}
@ -8,10 +8,6 @@ minconn_la_CPPFLAGS = $(PLUGIN_CPPFLAGS)
minconn_la_LDFLAGS = $(PLUGIN_LDFLAGS)
minconn_la_SOURCES = minconn.c
passprompt_la_CPPFLAGS = $(PLUGIN_CPPFLAGS)
passprompt_la_LDFLAGS = $(PLUGIN_LDFLAGS)
passprompt_la_SOURCES = passprompt.c
passwordfd_la_CPPFLAGS = $(PLUGIN_CPPFLAGS)
passwordfd_la_LDFLAGS = $(PLUGIN_LDFLAGS)
passwordfd_la_SOURCES = passwordfd.c

137
pppd/plugins/passprompt.c
View File

@ -1,137 +0,0 @@
/*
* passprompt.c - pppd plugin to invoke an external PAP password prompter
*
* Copyright 1999 Paul Mackerras, Alan Curry.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*/
#include <errno.h>
#include <unistd.h>
#include <sys/wait.h>
#include <sys/param.h>
#include <limits.h>
#include <stdio.h>
#include <syslog.h>
#include <stdarg.h>
#include <stdint.h>
#include <stdbool.h>
#include <string.h>
#include <pppd/pppd.h>
#include <pppd/upap.h>
#include <pppd/eap.h>
#include <pppd/options.h>
char pppd_version[] = PPPD_VERSION;
static char promptprog[PATH_MAX+1];
static int promptprog_refused = 0;
static struct option options[] = {
{ "promptprog", o_string, promptprog,
"External PAP password prompting program",
OPT_STATIC, NULL, PATH_MAX },
{ NULL }
};
static int promptpass(char *user, char *passwd)
{
int p[2];
pid_t kid;
int readgood, wstat, ret;
ssize_t red;
if (promptprog_refused || promptprog[0] == 0 || access(promptprog, X_OK) < 0)
return -1; /* sorry, can't help */
if (!passwd)
return 1;
if (pipe(p)) {
warn("Can't make a pipe for %s", promptprog);
return 0;
}
if ((kid = fork()) == (pid_t) -1) {
warn("Can't fork to run %s", promptprog);
close(p[0]);
close(p[1]);
return 0;
}
if (!kid) {
/* we are the child, exec the program */
char *argv[5], fdstr[32];
ppp_sys_close();
closelog();
close(p[0]);
ret = seteuid(getuid());
if (ret != 0) {
warn("Couldn't set effective user id");
}
ret = setegid(getgid());
if (ret != 0) {
warn("Couldn't set effective user id");
}
sprintf(fdstr, "%d", p[1]);
argv[0] = promptprog;
argv[1] = strdup(user);
argv[2] = strdup(ppp_remote_name());
argv[3] = fdstr;
argv[4] = 0;
execv(*argv, argv);
_exit(127);
}
/* we are the parent, read the password from the pipe */
close(p[1]);
readgood = 0;
do {
red = read(p[0], passwd + readgood, MAXSECRETLEN-1 - readgood);
if (red == 0)
break;
if (red < 0) {
if (errno == EINTR && !ppp_signaled(SIGTERM))
continue;
error("Can't read secret from %s: %m", promptprog);
readgood = -1;
break;
}
readgood += red;
} while (readgood < MAXSECRETLEN - 1);
close(p[0]);
/* now wait for child to exit */
while (waitpid(kid, &wstat, 0) < 0) {
if (errno != EINTR || ppp_signaled(SIGTERM)) {
warn("error waiting for %s: %m", promptprog);
break;
}
}
if (readgood < 0)
return 0;
passwd[readgood] = 0;
if (!WIFEXITED(wstat))
warn("%s terminated abnormally", promptprog);
if (WEXITSTATUS(wstat)) {
warn("%s exited with code %d", promptprog, WEXITSTATUS(wstat));
/* code when cancel was hit in the prompt prog */
if (WEXITSTATUS(wstat) == 128) {
promptprog_refused = 1;
}
return -1;
}
return 1;
}
void plugin_init(void)
{
ppp_add_options(options);
pap_passwd_hook = promptpass;
#ifdef PPP_WITH_EAPTLS
eaptls_passwd_hook = promptpass;
#endif
}

14
sample/options.ttyXX
View File

@ -1,14 +0,0 @@
# If you need to set up multiple serial lines then copy this file to
# options.<ttyname> for each tty with a modem on it.
#
# The options.tty file will assign an IP address to each PPP connection
# as it comes up. They must all be distinct!
#
# Example:
# options.ttyS1 for com2 under DOS.
#
# Edit the following line so that the first IP address
# mentioned is the ip address of the serial port while the second
# is the IP address of your host
#
hostname-s1:hostname

17
scripts/Makefile.am
View File

@ -1,26 +1,11 @@
EXTRA_SCRIPTS = \
autopppd \
callback \
ip-down.local.add \
ip-up.local.add \
ipv6-down.sample \
ipv6-up.sample \
options-rsh-loc \
options-rsh-rem \
options-ssh-loc \
options-ssh-rem \
plog \
poff \
pon \
pon.1 \
ppp-off \
ppp-on \
ppp-on-dialer \
ppp-on-rsh \
ppp-on-ssh \
README \
redialer \
secure-card
pon.1
EXTRA_DIST= \
$(EXTRA_SCRIPTS)

143
scripts/README
View File

@ -1,143 +0,0 @@
This directory contains a set of scripts which have been used on Linux
as well as Solaris 2.x systems to initiate or maintain a connection
with PPP. The files in this directory were contributed by Al Longyear
(longyear@netcom.com) and Adi Masputra (adi.masputra@sun.com)
------------------------------------------------------------------------
1. README
This file. You are reading it. It is just documentation.
------------------------------------------------------------------------
2. ppp-on
This script will initiate a connection to the PPP system. It will run
the chat program with the connection script as a parameter. This is a
possible security hole. However, it is simple. It is meant to replace
the previous version of ppp-on which was not very functional.
The ppp-on script has entries for the account name, password, IP
addresses, and telephone numbers. The parameters are passed to the
pppd process and, then in turn, to the second part of the connect
script, as a set of environment variables.
Please make sure that you put the full path name to the ppp-on-dialer
script in the reference to it in ppp-on.
------------------------------------------------------------------------
3. ppp-on-dialer
This is the second part to the simple calling script, ppp-on. It
executes the chat program to connect the user with a standard UNIX
style getty/login connection sequence.
------------------------------------------------------------------------
4. callback
This script may be used in lieu of the ppp-on-dialer to permit the
common modem callback sequence. You may need to make changes to the
expected prompt string for the modem.
The script works by disabling the system's detection of the DCD
condition and working on the modem status message "NO CARRIER" which
is generated when the modem disconnects.
It is crude. It does work for my modem connection. Use as you see fit.
------------------------------------------------------------------------
5. redialer
The redialer script is a replacement for the ppp-on-dialer script. It
will do 'attack dialing' or 'demon dialing' of one or more telephone
numbers. The first number which responds will be used for a
connection.
There is a limit of ten attempts and a 15 second delay between dialing
attempts. Both values are set in the script.
------------------------------------------------------------------------
6. ppp-off
This is a script which will terminate the active ppp connection. Use
as either "ppp-off" to terminate ppp0, or "ppp-off <device>" to
terminate the connection on <device>. For example, "ppp-off ppp2" will
terminate the ppp2 connection.
------------------------------------------------------------------------
7. secure-card
This script was written by Jim Isaacson <jcisaac@crl.com>. It is a script
for the 'expect' programming language used with Tcl. You need to have
expect and Tcl installed before this script may be used.
This script will operate with a device marketed under the name "SecureCARD".
This little device is mated with its controller. On the credit card size
device, there is a sequence number which changes on a random basis. In order
for you to connect you need to enter a fixed portion of your account name
and the number which is displayed on this card device. The number must match
the value at the controller in order for the account name to be used.
The problem is that chat uses fixed response strings. In addition, the
timing for running the script may prevent the use of a script that reads the
value before it starts the dial sequence. What was needed was a script which
asked the user at the user's console at the time that it is needed.
This led to the use of expect.
------------------------------------------------------------------------
8. ppp-on-rsh
This script will initiate a PPP connection to a remote machine using rsh.
This is implemented by creating a master/slave pseudo-tty with the slave
pointing to rsh, specifically with the 'pty' and 'notty' options of pppd.
It is assumed that the remote machine contains some sort of trust
mechanisms (such as ~/.rhosts, et al) to allow the local machine to
connect via rsh as root.
------------------------------------------------------------------------
9. ppp-on-ssh
This script will initiate a PPP connection to a remote machine using the
secure shell, or ssh. I've only tested this on ssh 1.x, so those of you
who are running ssh 2.x mahy need to modify the ssh options slightly.
This is implemented by creating a master/slave pseudo-ttyt with the slave
pointing to ssh, specifically with the 'pty' and 'notty' options of pppd.
It is assumed that the remote machine can accept the ssh connection from
the local host, in the sense that all ssh authentication mechanisms have
been properly configured, so that a remote root user can open a ssh
connection.
------------------------------------------------------------------------
10. options-rsh-loc & options-rsh-rem
These options files accompany the ppp-on-rsh script mentioned above. In
theory, you'd want to copy the options-rsh-rem to the remote machine where
in.rshd is running. The only extra option required on the remote machine
options file is the 'notty' option. In addition, all ASCII control characters
[0x00 to 0x1f], plus 0xff, are escaped. This may need to be modified
depending on the rsh (or pseudo-tty) implementation which may differ across
platforms, for further optimizations.
------------------------------------------------------------------------
11. options-ssh-loc & options-ssh-rem
These options files accompany the ppp-on-ssh script mentioned above. I've
only tested this on ssh 1.x, so those of you who are running ssh 2.x need
to modify the ssh options slightly. In theory, you'd want to copy the
options-ssh-rem to the remote machine where sshd daemon is running. The only
extra options required on the remote machine options file is the 'notty'
option. In addition, all ASCII control characters [0x00 to 0x1f], plus 0xff,
are escaped. This may need to be modified depending on the ssh (or
pseudo-tty) implementation which may differ across platforms, for further
optimizations.

77
scripts/callback
View File

@ -1,77 +0,0 @@
#!/bin/sh
###################################################################
#
# Script to dial the remote system, negotiate the connection, and send
# it the id. Then wait for the modem to disconnect. Reset the modem
# to answer mode and wait for the system to call back.
#
# The telephone number and modempass are used when establishing the
# connection to the modem.
#
PHONE=555-1212
MODEMPASS=modem_identifier
#
# Once the modem calls back, the account name and password are used for
# a UNIX style login operation.
#
ACCOUNT=my_account_name
PASSWORD=my_password
###################################################################
#
# Step 1. Dial the modem and negotiate the initial dialog.
# note: the modem is configured to ignore loss of DCD at this point.
# it is important that this be performed because the loss of DCD
# will normally prevent system from working since 'modem' is used
# for pppd.
#
# The script is terminated normally when the carrier is lost.
#
chat -v \
TIMEOUT 3 \
ABORT '\nBUSY\r' \
ABORT '\nNO ANSWER\r' \
ABORT '\nRINGING\r\n\r\nRINGING\r' \
'' AT \
'OK-+++\c-OK' 'AT&C0&D2S0=0H0' \
TIMEOUT 30 \
OK ATDT$TELEPHONE \
CONNECT '' \
assword: $MODEMPASS \
"\nNO CARRIER\r"
if [ "$?" = "0" ]; then
###################################################################
#
# Step 2. Wait for the call back from the remote. This will wait for at most
# 30 seconds for the call back should the first attempt fail or
# something happen with the callback logic at the remote.
#
# note: when the callback occurs, the DCD setting is re-enabled.
#
# If some voice call should happen during this period, the system will
# answer the telephone and then hang up on them. I realize that this is
# rude, but there is little that this script can do.
#
chat -v \
TIMEOUT 30 \
ABORT '\nVOICE\r' \
'\nRING\r' 'AT&C1A' \
CONNECT '' \
TIMEOUT 10 \
ogin:--ogin: $ACCOUNT \
TIMEOUT 45 \
assword: $PASSWORD
if [ "$?" = "0" ]; then
exit 0
fi
fi
###################################################################
#
# The script has failed. Terminate the connection mode.
#
chat -v TIMEOUT 3 "" AT 'OK-+++\c-OK' 'AT&C1&D2S0=0H0' OK
exit 1

98
scripts/chat-callback
View File

@ -1,98 +0,0 @@
# =====================================================================================
# Chat script to dial our Company PPP account.
# They uses a call-back system to identify us and to reverse
# charge the call cost.
# =====================================================================================
#
ECHO OFF
# All the usual abort strings
ABORT "NO CARRIER"
ABORT "VOICE"
ABORT "BUSY"
ABORT "NO DIALTONE"
ABORT "NO ANSWER"
#
# If calling outside allowed time we get this:
#
ABORT "Access denied"
#
# Modem initialisation stuff
#
TIMEOUT 5
SAY "Initialising modem ...\n"
'' ATE1
'OK\r\n' ATS0=1S11=60X4&K4S42.1=1
#
# Now dial our ISP and wait for connection
#
SAY "Dialling our ISP ...\n"
'OK\r\n' ATDT09834657
TIMEOUT 60
CONNECT \c
SAY "Connected ...\n"
#
# This is the first stage login, we identify ourself so that the remote
# system will agree to call us back.
#
TIMEOUT 30
SAY "Sending Callback login ID ...\n"
name:-BREAK-name: callme
#
# From now on, we must assume no carrier is normal as well
# as receiving a HANGUP signal because it will be the
# case if our ISP clears the call to call us back.
#
CLR_ABORT "NO CARRIER"
HANGUP OFF
#
ABORT "Invalid"
#
# Now send password and wait to see what happens
#
SAY "Sending Callback password ...\n"
word:--word: xvsgsgs
"You will be" \c
#
# What can happen now is:
# either: we get "You will be called back..." which is the successful case
# or: we get "Invalid login" and we abort (bad login ID or password)
# or: we get "NO CARRIER" because of an error, this will not abort
# and we will time out after 30 seconds
# or: we get nothing and we will time out after 30 seconds
#
#
# We reach here if we got "You will be called back..."
#
CLR_ABORT "Invalid"
SAY "Now waiting for Call back ...\n"
#
# The remote system will now hangup and we will get both "NO CARRIER"
# and a hangup signal which are ignored. We now wait for a connection
# for up to 120 seconds. What happens here if somebody else calls before
# the remote system is a bit dangerous:
#
# If a malicious user connects and says 'name:', he will see 'PPPuser'
# If he then says 'word:' he will see the passowrd 'blipblop'. I may not
# know to which systems these belong to, though. It is up to you to consider
# that case and decide wether the risk is too big or not ....
#
TIMEOUT 120
"CONNECT" \c
#
# We have been called, re-arm ABORT on NO CARRIER and normal hangup signal
# behaviour
#
HANGUP ON
ABORT "NO CARRIER"
#
# Second stage login in order to start PPP
#
SAY "Remote system called back, logging in ...\n"
SAY "Sending login ID ...\n"
name:-BREAK-name: PPPuser
SAY "Sending password ...\n"
word:--word: blipblop
SAY "Asking to start PPP ...\n"
'CnetSrv' "ppp default"
"Entering PPP mode" \c
SAY "ISP PPP started ...\n"

20
scripts/ip-down.local.add
View File

@ -1,20 +0,0 @@
#
# This sample code shows you one way to modify your setup to allow automatic
# configuration of your resolv.conf for peer supplied DNS addresses when using
# the `usepeerdns' option.
#
# In my case I just added this to my /etc/ppp/ip-down.local script. You may need to
# create an executable script if one does not exist.
#
# Nick Walker (nickwalker@email.com)
#
if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
if [ -f /etc/ppp/resolv.prev ]; then
cp -f /etc/ppp/resolv.prev /etc/resolv.conf
else
rm -f /etc/resolv.conf
fi
fi

24
scripts/ip-up.local.add
View File

@ -1,24 +0,0 @@
#
# This sample code shows you one way to modify your setup to allow automatic
# configuration of your resolv.conf for peer supplied DNS addresses when using
# the `usepeerdns' option.
#
# In my case I just added this to my /etc/ppp/ip-up.local script. You may need to
# create an executable script if one does not exist.
#
# Nick Walker (nickwalker@email.com)
#
if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
rm -f /etc/ppp/resolv.prev
if [ -f /etc/resolv.conf ]; then
cp /etc/resolv.conf /etc/ppp/resolv.prev
grep domain /etc/ppp/resolv.prev > /etc/resolv.conf
grep search /etc/ppp/resolv.prev >> /etc/resolv.conf
cat /etc/ppp/resolv.conf >> /etc/resolv.conf
else
cp /etc/ppp/resolv.conf /etc
fi
fi

1
scripts/options-rsh-loc
View File

@ -1 +0,0 @@
debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1460

1
scripts/options-rsh-rem
View File

@ -1 +0,0 @@
notty debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1460

1
scripts/options-ssh-loc
View File

@ -1 +0,0 @@
debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1400

1
scripts/options-ssh-rem
View File

@ -1 +0,0 @@
notty debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1400

34
scripts/ppp-off
View File

@ -1,34 +0,0 @@
#!/bin/sh
######################################################################
#
# Determine the device to be terminated.
#
if [ "$1" = "" ]; then
DEVICE=ppp0
else
DEVICE=$1
fi
######################################################################
#
# If the ppp0 pid file is present then the program is running. Stop it.
if [ -r /var/run/$DEVICE.pid ]; then
kill -INT `cat /var/run/$DEVICE.pid`
#
# If the kill did not work then there is no process running for this
# pid. It may also mean that the lock file will be left. You may wish
# to delete the lock file at the same time.
if [ ! "$?" = "0" ]; then
rm -f /var/run/$DEVICE.pid
echo "ERROR: Removed stale pid file"
exit 1
fi
#
# Success. Let pppd clean up its own junk.
echo "PPP link to $DEVICE terminated."
exit 0
fi
#
# The ppp process is not running for ppp0
echo "ERROR: PPP link is not active on $DEVICE"
exit 1

36
scripts/ppp-on
View File

@ -1,36 +0,0 @@
#!/bin/sh
#
# Script to initiate a ppp connection. This is the first part of the
# pair of scripts. This is not a secure pair of scripts as the codes
# are visible with the 'ps' command. However, it is simple.
#
# These are the parameters. Change as needed.
TELEPHONE=555-1212 # The telephone number for the connection
ACCOUNT=george # The account name for logon (as in 'George Burns')
PASSWORD=gracie # The password for this account (and 'Gracie Allen')
LOCAL_IP=0.0.0.0 # Local IP address if known. Dynamic = 0.0.0.0
REMOTE_IP=0.0.0.0 # Remote IP address if desired. Normally 0.0.0.0
NETMASK=255.255.255.0 # The proper netmask if needed
#
# Export them so that they will be available at 'ppp-on-dialer' time.
export TELEPHONE ACCOUNT PASSWORD
#
# This is the location of the script which dials the phone and logs
# in. Please use the absolute file name as the $PATH variable is not
# used on the connect option. (To do so on a 'root' account would be
# a security hole so don't ask.)
#
DIALER_SCRIPT=/etc/ppp/ppp-on-dialer
#
# Initiate the connection
#
# I put most of the common options on this command. Please, don't
# forget the 'lock' option or some programs such as mgetty will not
# work. The asyncmap and escape will permit the PPP link to work with
# a telnet or rlogin connection. You are welcome to make any changes
# as desired. Don't use the 'defaultroute' option if you currently
# have a default route to an ethernet gateway.
#
exec /usr/sbin/pppd debug lock modem crtscts /dev/ttyS0 38400 \
asyncmap 20A0000 escape FF kdebug 0 $LOCAL_IP:$REMOTE_IP \
noipdefault netmask $NETMASK defaultroute connect $DIALER_SCRIPT

17
scripts/ppp-on-dialer
View File

@ -1,17 +0,0 @@
#!/bin/sh
#
# This is part 2 of the ppp-on script. It will perform the connection
# protocol for the desired connection.
#
exec chat -v \
TIMEOUT 3 \
ABORT '\nBUSY\r' \
ABORT '\nNO ANSWER\r' \
ABORT '\nRINGING\r\n\r\nRINGING\r' \
'' \rAT \
'OK-+++\c-OK' ATH0 \
TIMEOUT 30 \
OK ATDT$TELEPHONE \
CONNECT '' \
ogin:--ogin: $ACCOUNT \
assword: $PASSWORD

72
scripts/ppp-on-rsh
View File

@ -1,72 +0,0 @@
#!/bin/sh
#
# A sample script to establish PPP session(s) via rsh
#
# Adi Masputra <adi.masputra@sun.com>
# Jan 24, 2000
#
#
# You'd definitely want to change the following addresses to suit
# your network configuration
#
LOC_IP=10.0.0.1
REM_IP=10.0.0.2
NETMASK=255.255.0.0
export LOC_IP REM_IP
#
# This is the remote peer where in.rshd is running, either
# its hostname or IP address
#
PPPD_RHOST=myremotehost
#
# For this example, we assume that pppd on both local and remote
# machines reside in the same place, /usr/local/bin/pppd
#
PPPD_LOC=/usr/local/bin/pppd
#
# The location of local options file (where rsh client is running).
# Note that the sample options file included in the distribution
# may need further customizations, depending on your needs. The 'noauth'
# option specified in the file is there to simplify the example. In
# reality, you'd probably want to remove such option.
#
PPPD_LOC_OPT=/etc/ppp/options-rsh-loc
#
# The location of remote options file (where in.rshd daemon is running).
# Note that the sample options file included in the distribution
# may need further customizations, depending on your needs. The 'noauth'
# option specified in the file is there to simplify the example. In
# reality, you'd probably want to remove such option. Also note that
# the remote options file need to include the 'notty' option for this
# to work
#
PPPD_REM_OPT=/etc/ppp/options-rsh-rem
#
# The location of rsh client on the local machine
#
RSH_LOC=/bin/rsh
export PPPD_LOC PPPD_LOC_OPT PPPD_REM_OPT PPPD_RHOST RSH_LOC
#
# Uncomment the following to enable IPv6, note that the IPv6 support
# needs to be enabled during compilation
#
# PPPD_IPV6='+ipv6 ipv6cp-use-ipaddr'
export PPPD_IPV6
#
# And execute pppd with the pty option, specifying rsh client as the
# slave side of the pseduo-tty master/slave pair.
#
exec $PPPD_LOC \
pty '$RSH_LOC $PPPD_RHOST $PPPD_LOC $REM_IP:$LOC_IP $PPPD_IPV6 file $PPPD_REM_OPT' \
$LOC_IP:$REM_IP netmask $NETMASK $PPPD_IPV6 file $PPPD_LOC_OPT

76
scripts/ppp-on-ssh
View File

@ -1,76 +0,0 @@
#!/bin/sh
#
# A sample script to establish PPP session(s) via SSH 1.x
#
# Adi Masputra <adi.masputra@sun.com>
# Jan 24, 2000
#
#
# You'd definitely want to change the following addresses to suit
# your network configuration
#
LOC_IP=10.0.0.1
REM_IP=10.0.0.2
NETMASK=255.255.0.0
export LOC_IP REM_IP
#
# This is the remote peer where sshd is running, either
# its hostname or IP address
#
PPPD_RHOST=myremotehost
#
# For this example, we assume that pppd on both local and remote
# machines reside in the same place, /usr/local/bin/pppd
#
PPPD_LOC=/usr/local/bin/pppd
#
# The location of local options file (where ssh client is running).
# Note that the sample options file included in the distribution
# may need further customizations, depending on your needs. The 'noauth'
# option specified in the file is there to simplify the example, although
# some may choose to have it there and rely on ssh authentication
# instead.
#
PPPD_LOC_OPT=/etc/ppp/options-ssh-loc
#
# The location of remote options file (where sshd daemon is running)
# Note that the sample options file included in the distribution
# may need further customizations, depending on your needs. The 'noauth'
# option specified in the file is there to simplify the example, although
# some may choose to have it there and rely on ssh authentication
# instead. Also note that the remote options file need to include the 'notty'
# options for this to work.
#
PPPD_REM_OPT=/etc/ppp/options-ssh-rem
#
# The location of ssh client on the local machine
#
SSH_LOC=/usr/local/bin/ssh
export PPPD_LOC PPPD_LOC_OPT PPPD_REM_OPT PPPD_RHOST SSH_LOC
#
# Uncomment the following to enable IPv6, note that the IPv6 support
# needs to be enabled during compilation
#
# PPPD_IPV6='+ipv6 ipv6cp-use-ipaddr'
export PPPD_IPV6
#
# And execute pppd with the pty option, specifying ssh client as the
# slave side of the pseudo-tty master/slave pair. Note that on this example,
# ssh has been compiled to allow NULL encryption (thus the '-c none' option),
# but in reality, you'd probably want to specify the encryption algorithm.
# See the man page of ssh(1) for details.
#
exec $PPPD_LOC \
pty '$SSH_LOC -c none $PPPD_RHOST $PPPD_LOC $REM_IP:$LOC_IP $PPPD_IPV6 file $PPPD_REM_OPT' \
$LOC_IP:$REM_IP netmask $NETMASK $PPPD_IPV6 file $PPPD_LOC_OPT

96
scripts/redialer
View File

@ -1,96 +0,0 @@
#!/bin/bash
###################################################################
#
# These parameters control the attack dialing sequence.
#
# Maximum number of attempts to reach the telephone number(s)
MAX_ATTEMPTS=10
# Delay between each of the attempts. This is a parameter to sleep
# so use "15s" for 15 seconds, "1m" for 1 minute, etc.
SLEEP_DELAY=15s
###################################################################
#
# This is a list of telephone numbers. Add new numbers if you wish
# and see the function 'callall' below for the dial process.
PHONE1=555-1212
PHONE2=411
###################################################################
#
# If you use the ppp-on script, then these are passed to this routine
# automatically. There is no need to define them here. If not, then
# you will need to set the values.
#
ACCOUNT=my_account_name
PASSWORD=my_password
###################################################################
#
# Function to initialize the modem and ensure that it is in command
# state. This may not be needed, but it doesn't hurt.
#
function initialize
{
chat -v TIMEOUT 3 '' AT 'OK-+++\c-OK'
return
}
###################################################################
#
# Script to dial a telephone
#
function callnumber
{
chat -v \
ABORT '\nBUSY\r' \
ABORT '\nNO ANSWER\r' \
ABORT '\nRINGING\r\n\r\nRINGING\r' \
'' ATDT$1 \
CONNECT '' \
ogin:--ogin: $ACCOUNT \
assword: $PASSWORD
#
# If the connection was successful then end the whole script with a
# success.
#
if [ "$?" = "0" ]; then
exit 0
fi
return
}
###################################################################
#
# Script to dial any telephone number
#
function callall
{
# echo "dialing attempt number: $1" >/dev/console
callnumber $PHONE1
# callnumber $PHONE2
}
###################################################################
#
# Initialize the modem to ensure that it is in the command state
#
initialize
if [ ! "$?" = "0" ]; then
exit 1
fi
#
# Dial telephone numbers until one answers
#
attempt=0
while : ; do
attempt=`expr $attempt + 1`
callall $attempt
if [ "$attempt" = "$MAX_ATTEMPTS" ]; then
exit 1
fi
sleep "$SLEEP_DELAY"
done

111
scripts/secure-card
View File

@ -1,111 +0,0 @@
#!/usr/bin/expect -f
#
# This script was written by Jim Isaacson <jcisaac@crl.com>. It is
# designed to work as a script to use the SecureCARD(tm) device. This
# little device is mated with a central controller. The number displayed
# on this card changes every so often and you need to enter the number
# along with your user account name in order to gain access. Since chat
# is based upon fixed strings this procedure will not work with chat.
#
# It is included by permission. An excellent reference for the expect
# program used by this script is in the book:
#
# "Exploring Expect"
# by Don Libes
# Published by O'Rielly and Associates
#
send_user "hello, starting ppp\n"
system "stty 19200 -echoe -echo raw < /dev/ttyS3 > /dev/ttyS3"
#
# These are the parameters for the program.
#
set user Pxxxxxx
set password xxxxxxx
set modem /dev/ttyS3
set dialup <put phone number here>
set timeout 60
spawn -noecho -open [open $modem "r+"]
send "AT&F\r"
expect "OK"
send "ATe0v1x4&c1q0&d2&c1s2=128s0=0DT $dialup\r"
set timeout 15
set counter 0
set still_connecting 1
expect {
-re ".*CONNECT.*\n" {
set timeout 5
set still_connecting 0
continue -expect
}
-re ".*CONNECT.*\r" {
set timeout 5
set still_connecting 0
continue -expect
}
-re ".*NO.*CARRIER" {
send_user "Failed to Connect, exiting...\n"
exit
}
-re ".*NO.*DIAL.*TONE" {
send_user "Failed to Connect, exiting...\n"
exit
}
-re ".*VOICE" {
send_user "Failed to Connect, exiting...\n"
exit
}
-re ".*sscode:.*\n" {
continue -expect
}
-re ".*sscode:" {
set timeout -1
expect_user -re "(.*)\n"
send "$expect_out(1,string)\r"
set timeout 30
continue -expect
}
-re ".*Next.*:" {
set timeout -1
expect_user -re "(.*)\n"
send "$expect_out(1,string)\r"
set timeout 30
continue -expect
}
-re "Your.*" {
send "\r"
continue -expect
}
-re ".*in:" {
send "$user\r"
continue -expect
}
-re ".*word:" {
send "$password\r"
}
timeout {
if { $still_connecting > 0 } {
continue -expect
}
set timeout 15
send "\r"
incr counter
if { $counter > 8 } {
send_user "Cannot Connect\n"
exit
} else {
continue -expect
}
}
}
overlay -0 $spawn_id -1 $spawn_id pppd /dev/ttyS3 19200 192.111.187.215: \
crtscts modem defaultroute debug