diff --git a/Makefile.am b/Makefile.am index 3de35c8..8d3dff8 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,6 @@ ACLOCAL_AMFLAGS="-Im4" -SUBDIRS = chat contrib pppd pppstats pppdump +SUBDIRS = chat pppd pppstats pppdump if PPP_WITH_PLUGINS SUBDIRS += pppd/plugins diff --git a/configure.ac b/configure.ac index f542499..f8f8862 100644 --- a/configure.ac +++ b/configure.ac @@ -317,22 +317,11 @@ AM_COND_IF([PPP_WITH_FILTER], [ ]) ]) -# -# Some contributions require GTK/GLIB -AC_ARG_WITH([gtk], AS_HELP_STRING([--with-gtk], [Build contributions with the GTK+ interface])) -if test "x${with_gtk}" = "xyes"; then - PKG_CHECK_MODULES([GTK], [gtk+-2.0]) - PKG_CHECK_MODULES([GLIB], [glib-2.0]) -fi -AM_CONDITIONAL([WITH_GTK], test "x${with_gtk}" = "xyes") - AC_DEFINE_UNQUOTED(PPPD_VERSION, "$VERSION", [Version of pppd]) AC_CONFIG_FILES([ Makefile chat/Makefile - contrib/Makefile - contrib/pppgetpass/Makefile include/Makefile pppd/Makefile pppd/pppd.pc diff --git a/contrib/Makefile.am b/contrib/Makefile.am deleted file mode 100644 index fb9a390..0000000 --- a/contrib/Makefile.am +++ /dev/null @@ -1 +0,0 @@ -SUBDIRS = pppgetpass diff --git a/contrib/pppgetpass/.gitignore b/contrib/pppgetpass/.gitignore deleted file mode 100644 index 1b8a1c8..0000000 --- a/contrib/pppgetpass/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -pppgetpass.vt -pppgetpass.gtk diff --git a/contrib/pppgetpass/Makefile.am b/contrib/pppgetpass/Makefile.am deleted file mode 100644 index be74d48..0000000 --- a/contrib/pppgetpass/Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ -noinst_PROGRAMS = pppgetpass.vt - -pppgetpass_vt_SOURCES = pppgetpass.vt.c -pppgetpass_vt_CPPFLAGS = -Wno-unused-result - -if WITH_GTK -noinst_PROGRAMS += pppgetpass.gtk - -pppgetpass_gtk_SOURCES = pppgetpass.gtk.c -pppgetpass_gtk_CPPFLAGS = -Wno-deprecated-declarations -Wno-discarded-qualifiers -pppgetpass_gtk_CPPFLAGS += $(GLIB_CFLAGS) $(GTK_CFLAGS) -pppgetpass_gtk_LDADD = $(GLIB_LIBS) $(GTK_LIBS) -endif - -EXTRA_DIST = \ - pppgetpass.sh \ - pppgetpass.8 diff --git a/contrib/pppgetpass/pppgetpass.8 b/contrib/pppgetpass/pppgetpass.8 deleted file mode 100644 index ade5769..0000000 --- a/contrib/pppgetpass/pppgetpass.8 +++ /dev/null @@ -1,18 +0,0 @@ -.TH PPPGETPASS 8 "26 Sep 1999" -.SH NAME -pppgetpass \- prompt for PAP password -.SH SYNOPSIS -.B pppgetpass -.I client server fd -.SH DESCRIPTION -.B pppgetpass -the outer half of a plugin for PAP password prompting in pppd. -If the peer requires PAP, and the -.B passprompt.so -plugin is loaded into pppd, it will run -.B /usr/sbin/pppgetpass -(or another program specified by the -.B promptprog -option) to prompt the user for the password. -.SH SEE ALSO -pppd(8) diff --git a/contrib/pppgetpass/pppgetpass.gtk.c b/contrib/pppgetpass/pppgetpass.gtk.c deleted file mode 100644 index 48ca042..0000000 --- a/contrib/pppgetpass/pppgetpass.gtk.c +++ /dev/null @@ -1,92 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -int outfd; -int err; - -static void okpressed(void *widget, void *clientdata) -{ - GtkWidget *answer=clientdata; - gchar *pass; - int passlen; - ssize_t wrote; - (void)widget; - - pass=gtk_entry_get_text(GTK_ENTRY(answer)); - - passlen=strlen(pass); - if(!passlen) - return; - - if((wrote=write(outfd, pass, passlen))!=passlen) { - if(wrote<0) - syslog(LOG_ERR, "write error on outpipe: %m"); - else - syslog(LOG_ERR, "short write on outpipe"); - err=1; - } - gtk_main_quit(); -} - -int main(int argc, char **argv) -{ - GtkWidget *mainwindow, *vbox, *question, *answer, *ok; - char buf[1024]; - gtk_init(&argc, &argv); - - openlog(argv[0], LOG_PID, LOG_DAEMON); - if(argc!=4) { - syslog(LOG_WARNING, "Usage error"); - return 1; - } - outfd=atoi(argv[3]); - mainwindow=gtk_window_new(GTK_WINDOW_TOPLEVEL); - gtk_window_set_title(GTK_WINDOW(mainwindow), "pppgetpass"); - gtk_signal_connect(GTK_OBJECT(mainwindow), "destroy", - GTK_SIGNAL_FUNC(gtk_main_quit), 0); - - vbox=gtk_vbox_new(FALSE, 5); - gtk_container_add(GTK_CONTAINER(mainwindow), vbox); - gtk_widget_show(vbox); - - if(argv[1][0] && argv[2][0]) - snprintf(buf, sizeof buf, "Password for PPP client %s on server %s: ", argv[1], argv[2]); - else if(argv[1][0] && !argv[2][0]) - snprintf(buf, sizeof buf, "Password for PPP client %s: ", argv[1]); - else if(!argv[1][0] && argv[2][0]) - snprintf(buf, sizeof buf, "Password for PPP on server %s: ", argv[2]); - else - snprintf(buf, sizeof buf, "Enter PPP password: "); - question=gtk_label_new(buf); - gtk_box_pack_start(GTK_BOX(vbox), question, FALSE, TRUE, 0); - gtk_widget_show(question); - - answer=gtk_entry_new(); - gtk_entry_set_visibility(GTK_ENTRY(answer), 0); - gtk_box_pack_start(GTK_BOX(vbox), answer, FALSE, TRUE, 0); - gtk_widget_show(answer); - - ok=gtk_button_new_with_label("OK"); - gtk_box_pack_start(GTK_BOX(vbox), ok, FALSE, TRUE, 0); - gtk_signal_connect(GTK_OBJECT(ok), "clicked", - GTK_SIGNAL_FUNC(okpressed), answer); - gtk_widget_show(ok); - - gtk_widget_show(mainwindow); - gtk_main(); - - return err; -} diff --git a/contrib/pppgetpass/pppgetpass.sh b/contrib/pppgetpass/pppgetpass.sh deleted file mode 100644 index 09c4805..0000000 --- a/contrib/pppgetpass/pppgetpass.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -if [ -z "$DISPLAY" ]; then - exec pppgetpass.vt "$@" -else - exec pppgetpass.gtk "$@" -fi diff --git a/contrib/pppgetpass/pppgetpass.vt.c b/contrib/pppgetpass/pppgetpass.vt.c deleted file mode 100644 index a152088..0000000 --- a/contrib/pppgetpass/pppgetpass.vt.c +++ /dev/null @@ -1,218 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -static int console_owner(uid_t, int); - -int main(int argc, char **argv) -{ - int console; - uid_t uid; - struct vt_stat origstate; - int openvtnum; - char openvtname[256]; - int openvt; - gid_t gid; - int chowned; - FILE *fp; - struct termios t; - char pass[256], *nl; - int outfd, passlen; - ssize_t wrote; - console=open("/dev/console", O_RDWR); - - uid=getuid(); - gid=getgid(); - seteuid(uid); - - openlog(argv[0], LOG_PID, LOG_DAEMON); - - if(argc!=4) { - syslog(LOG_WARNING, "Usage error"); - return 1; - } - - if(console<0) { - syslog(LOG_ERR, "open(/dev/console): %m"); - return 1; - } - - if(ioctl(console, VT_GETSTATE, &origstate)<0) { - syslog(LOG_ERR, "VT_GETSTATE: %m"); - return 1; - } - - if(uid) { - if(!console_owner(uid, origstate.v_active)) { - int i; - for(i=0;i<64;++i) { - if(i!=origstate.v_active && console_owner(uid, i)) - break; - } - if(i==64) { - syslog(LOG_WARNING, "run by uid %lu not at console", (unsigned long)uid); - return 1; - } - } - } - - if(ioctl(console, VT_OPENQRY, &openvtnum)<0) { - syslog(LOG_ERR, "VT_OPENQRY: %m"); - return 1; - } - if(openvtnum==-1) { - syslog(LOG_ERR, "No free VTs"); - return 1; - } - - snprintf(openvtname, sizeof openvtname, "/dev/tty%d", openvtnum); - seteuid(0); - openvt=open(openvtname, O_RDWR); - if(openvt<0) { - seteuid(uid); - syslog(LOG_ERR, "open(%s): %m", openvtname); - return 1; - } - - chowned=fchown(openvt, uid, gid); - if(chowned<0) { - seteuid(uid); - syslog(LOG_ERR, "fchown(%s): %m", openvtname); - return 1; - } - - close(console); - - if(ioctl(openvt, VT_ACTIVATE, openvtnum)<0) { - seteuid(uid); - syslog(LOG_ERR, "VT_ACTIVATE(%d): %m", openvtnum); - return 1; - } - - while(ioctl(openvt, VT_WAITACTIVE, openvtnum)<0) { - if(errno!=EINTR) { - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - syslog(LOG_ERR, "VT_WAITACTIVE(%d): %m", openvtnum); - return 1; - } - } - - seteuid(uid); - fp=fdopen(openvt, "r+"); - if(!fp) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - syslog(LOG_ERR, "fdopen(%s): %m", openvtname); - return 1; - } - - if(tcgetattr(openvt, &t)<0) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - syslog(LOG_ERR, "tcgetattr(%s): %m", openvtname); - return 1; - } - t.c_lflag &= ~ECHO; - if(tcsetattr(openvt, TCSANOW, &t)<0) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - syslog(LOG_ERR, "tcsetattr(%s): %m", openvtname); - return 1; - } - - if(fprintf(fp, "\033[2J\033[H")<0) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - syslog(LOG_ERR, "write error on %s: %m", openvtname); - return 1; - } - if(argv[1][0] && argv[2][0]) { - if(fprintf(fp, "Password for PPP client %s on server %s: ", argv[1], argv[2])<0) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - syslog(LOG_ERR, "write error on %s: %m", openvtname); - return 1; - } - } else if(argv[1][0] && !argv[2][0]) { - if(fprintf(fp, "Password for PPP client %s: ", argv[1])<0) { - syslog(LOG_ERR, "write error on %s: %m", openvtname); - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - return 1; - } - } else if(!argv[1][0] && argv[2][0]) { - if(fprintf(fp, "Password for PPP on server %s: ", argv[2])<0) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - syslog(LOG_ERR, "write error on %s: %m", openvtname); - return 1; - } - } else { - if(fprintf(fp, "Enter PPP password: ")<0) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - syslog(LOG_ERR, "write error on %s: %m", openvtname); - return 1; - } - } - - if(!fgets(pass, sizeof pass, fp)) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - if(ferror(fp)) { - syslog(LOG_ERR, "read error on %s: %m", openvtname); - } - return 1; - } - if((nl=strchr(pass, '\n'))) - *nl=0; - passlen=strlen(pass); - - outfd=atoi(argv[3]); - if((wrote=write(outfd, pass, passlen))!=passlen) { - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - if(wrote<0) - syslog(LOG_ERR, "write error on outpipe: %m"); - else - syslog(LOG_ERR, "short write on outpipe"); - return 1; - } - - seteuid(0); - ioctl(openvt, VT_ACTIVATE, origstate.v_active); - seteuid(uid); - return 0; -} - -static int console_owner(uid_t uid, int cons) -{ - char name[256]; - struct stat st; - snprintf(name, sizeof name, "/dev/tty%d", cons); - if(stat(name, &st)<0) { - if(errno!=ENOENT) - syslog(LOG_ERR, "stat(%s): %m", name); - return 0; - } - return uid==st.st_uid; -} diff --git a/pppd/plugins/Makefile.am b/pppd/plugins/Makefile.am index 2826148..9480d51 100644 --- a/pppd/plugins/Makefile.am +++ b/pppd/plugins/Makefile.am @@ -1,4 +1,4 @@ -pppd_plugin_LTLIBRARIES = minconn.la passprompt.la passwordfd.la winbind.la +pppd_plugin_LTLIBRARIES = minconn.la passwordfd.la winbind.la pppd_plugindir = $(PPPD_PLUGIN_DIR) PLUGIN_CPPFLAGS = -I${top_srcdir} @@ -8,10 +8,6 @@ minconn_la_CPPFLAGS = $(PLUGIN_CPPFLAGS) minconn_la_LDFLAGS = $(PLUGIN_LDFLAGS) minconn_la_SOURCES = minconn.c -passprompt_la_CPPFLAGS = $(PLUGIN_CPPFLAGS) -passprompt_la_LDFLAGS = $(PLUGIN_LDFLAGS) -passprompt_la_SOURCES = passprompt.c - passwordfd_la_CPPFLAGS = $(PLUGIN_CPPFLAGS) passwordfd_la_LDFLAGS = $(PLUGIN_LDFLAGS) passwordfd_la_SOURCES = passwordfd.c diff --git a/pppd/plugins/passprompt.c b/pppd/plugins/passprompt.c deleted file mode 100644 index 7779d51..0000000 --- a/pppd/plugins/passprompt.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * passprompt.c - pppd plugin to invoke an external PAP password prompter - * - * Copyright 1999 Paul Mackerras, Alan Curry. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version - * 2 of the License, or (at your option) any later version. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -char pppd_version[] = PPPD_VERSION; - -static char promptprog[PATH_MAX+1]; -static int promptprog_refused = 0; - -static struct option options[] = { - { "promptprog", o_string, promptprog, - "External PAP password prompting program", - OPT_STATIC, NULL, PATH_MAX }, - { NULL } -}; - -static int promptpass(char *user, char *passwd) -{ - int p[2]; - pid_t kid; - int readgood, wstat, ret; - ssize_t red; - - if (promptprog_refused || promptprog[0] == 0 || access(promptprog, X_OK) < 0) - return -1; /* sorry, can't help */ - - if (!passwd) - return 1; - - if (pipe(p)) { - warn("Can't make a pipe for %s", promptprog); - return 0; - } - if ((kid = fork()) == (pid_t) -1) { - warn("Can't fork to run %s", promptprog); - close(p[0]); - close(p[1]); - return 0; - } - if (!kid) { - /* we are the child, exec the program */ - char *argv[5], fdstr[32]; - ppp_sys_close(); - closelog(); - close(p[0]); - ret = seteuid(getuid()); - if (ret != 0) { - warn("Couldn't set effective user id"); - } - ret = setegid(getgid()); - if (ret != 0) { - warn("Couldn't set effective user id"); - } - sprintf(fdstr, "%d", p[1]); - argv[0] = promptprog; - argv[1] = strdup(user); - argv[2] = strdup(ppp_remote_name()); - argv[3] = fdstr; - argv[4] = 0; - execv(*argv, argv); - _exit(127); - } - - /* we are the parent, read the password from the pipe */ - close(p[1]); - readgood = 0; - do { - red = read(p[0], passwd + readgood, MAXSECRETLEN-1 - readgood); - if (red == 0) - break; - if (red < 0) { - if (errno == EINTR && !ppp_signaled(SIGTERM)) - continue; - error("Can't read secret from %s: %m", promptprog); - readgood = -1; - break; - } - readgood += red; - } while (readgood < MAXSECRETLEN - 1); - close(p[0]); - - /* now wait for child to exit */ - while (waitpid(kid, &wstat, 0) < 0) { - if (errno != EINTR || ppp_signaled(SIGTERM)) { - warn("error waiting for %s: %m", promptprog); - break; - } - } - - if (readgood < 0) - return 0; - passwd[readgood] = 0; - if (!WIFEXITED(wstat)) - warn("%s terminated abnormally", promptprog); - if (WEXITSTATUS(wstat)) { - warn("%s exited with code %d", promptprog, WEXITSTATUS(wstat)); - /* code when cancel was hit in the prompt prog */ - if (WEXITSTATUS(wstat) == 128) { - promptprog_refused = 1; - } - return -1; - } - return 1; -} - -void plugin_init(void) -{ - ppp_add_options(options); - pap_passwd_hook = promptpass; -#ifdef PPP_WITH_EAPTLS - eaptls_passwd_hook = promptpass; -#endif -} diff --git a/sample/options.ttyXX b/sample/options.ttyXX deleted file mode 100644 index d4202f5..0000000 --- a/sample/options.ttyXX +++ /dev/null @@ -1,14 +0,0 @@ -# If you need to set up multiple serial lines then copy this file to -# options. for each tty with a modem on it. -# -# The options.tty file will assign an IP address to each PPP connection -# as it comes up. They must all be distinct! -# -# Example: -# options.ttyS1 for com2 under DOS. -# -# Edit the following line so that the first IP address -# mentioned is the ip address of the serial port while the second -# is the IP address of your host -# -hostname-s1:hostname diff --git a/scripts/Makefile.am b/scripts/Makefile.am index d01903a..d2779cb 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -1,26 +1,11 @@ EXTRA_SCRIPTS = \ autopppd \ - callback \ - ip-down.local.add \ - ip-up.local.add \ ipv6-down.sample \ ipv6-up.sample \ - options-rsh-loc \ - options-rsh-rem \ - options-ssh-loc \ - options-ssh-rem \ plog \ poff \ pon \ - pon.1 \ - ppp-off \ - ppp-on \ - ppp-on-dialer \ - ppp-on-rsh \ - ppp-on-ssh \ - README \ - redialer \ - secure-card + pon.1 EXTRA_DIST= \ $(EXTRA_SCRIPTS) diff --git a/scripts/README b/scripts/README deleted file mode 100644 index 00e032c..0000000 --- a/scripts/README +++ /dev/null @@ -1,143 +0,0 @@ -This directory contains a set of scripts which have been used on Linux -as well as Solaris 2.x systems to initiate or maintain a connection -with PPP. The files in this directory were contributed by Al Longyear -(longyear@netcom.com) and Adi Masputra (adi.masputra@sun.com) - ------------------------------------------------------------------------- - -1. README - -This file. You are reading it. It is just documentation. - ------------------------------------------------------------------------- - -2. ppp-on - -This script will initiate a connection to the PPP system. It will run -the chat program with the connection script as a parameter. This is a -possible security hole. However, it is simple. It is meant to replace -the previous version of ppp-on which was not very functional. - -The ppp-on script has entries for the account name, password, IP -addresses, and telephone numbers. The parameters are passed to the -pppd process and, then in turn, to the second part of the connect -script, as a set of environment variables. - -Please make sure that you put the full path name to the ppp-on-dialer -script in the reference to it in ppp-on. - ------------------------------------------------------------------------- - -3. ppp-on-dialer - -This is the second part to the simple calling script, ppp-on. It -executes the chat program to connect the user with a standard UNIX -style getty/login connection sequence. - ------------------------------------------------------------------------- - -4. callback - -This script may be used in lieu of the ppp-on-dialer to permit the -common modem callback sequence. You may need to make changes to the -expected prompt string for the modem. - -The script works by disabling the system's detection of the DCD -condition and working on the modem status message "NO CARRIER" which -is generated when the modem disconnects. - -It is crude. It does work for my modem connection. Use as you see fit. - ------------------------------------------------------------------------- - -5. redialer - -The redialer script is a replacement for the ppp-on-dialer script. It -will do 'attack dialing' or 'demon dialing' of one or more telephone -numbers. The first number which responds will be used for a -connection. - -There is a limit of ten attempts and a 15 second delay between dialing -attempts. Both values are set in the script. - ------------------------------------------------------------------------- - -6. ppp-off - -This is a script which will terminate the active ppp connection. Use -as either "ppp-off" to terminate ppp0, or "ppp-off " to -terminate the connection on . For example, "ppp-off ppp2" will -terminate the ppp2 connection. - ------------------------------------------------------------------------- - -7. secure-card - -This script was written by Jim Isaacson . It is a script -for the 'expect' programming language used with Tcl. You need to have -expect and Tcl installed before this script may be used. - -This script will operate with a device marketed under the name "SecureCARD". -This little device is mated with its controller. On the credit card size -device, there is a sequence number which changes on a random basis. In order -for you to connect you need to enter a fixed portion of your account name -and the number which is displayed on this card device. The number must match -the value at the controller in order for the account name to be used. - -The problem is that chat uses fixed response strings. In addition, the -timing for running the script may prevent the use of a script that reads the -value before it starts the dial sequence. What was needed was a script which -asked the user at the user's console at the time that it is needed. - -This led to the use of expect. - ------------------------------------------------------------------------- - -8. ppp-on-rsh - -This script will initiate a PPP connection to a remote machine using rsh. -This is implemented by creating a master/slave pseudo-tty with the slave -pointing to rsh, specifically with the 'pty' and 'notty' options of pppd. -It is assumed that the remote machine contains some sort of trust -mechanisms (such as ~/.rhosts, et al) to allow the local machine to -connect via rsh as root. - ------------------------------------------------------------------------- - -9. ppp-on-ssh - -This script will initiate a PPP connection to a remote machine using the -secure shell, or ssh. I've only tested this on ssh 1.x, so those of you -who are running ssh 2.x mahy need to modify the ssh options slightly. -This is implemented by creating a master/slave pseudo-ttyt with the slave -pointing to ssh, specifically with the 'pty' and 'notty' options of pppd. -It is assumed that the remote machine can accept the ssh connection from -the local host, in the sense that all ssh authentication mechanisms have -been properly configured, so that a remote root user can open a ssh -connection. - ------------------------------------------------------------------------- - -10. options-rsh-loc & options-rsh-rem - -These options files accompany the ppp-on-rsh script mentioned above. In -theory, you'd want to copy the options-rsh-rem to the remote machine where -in.rshd is running. The only extra option required on the remote machine -options file is the 'notty' option. In addition, all ASCII control characters -[0x00 to 0x1f], plus 0xff, are escaped. This may need to be modified -depending on the rsh (or pseudo-tty) implementation which may differ across -platforms, for further optimizations. - ------------------------------------------------------------------------- - -11. options-ssh-loc & options-ssh-rem - -These options files accompany the ppp-on-ssh script mentioned above. I've -only tested this on ssh 1.x, so those of you who are running ssh 2.x need -to modify the ssh options slightly. In theory, you'd want to copy the -options-ssh-rem to the remote machine where sshd daemon is running. The only -extra options required on the remote machine options file is the 'notty' -option. In addition, all ASCII control characters [0x00 to 0x1f], plus 0xff, -are escaped. This may need to be modified depending on the ssh (or -pseudo-tty) implementation which may differ across platforms, for further -optimizations. diff --git a/scripts/callback b/scripts/callback deleted file mode 100755 index 1c3d3aa..0000000 --- a/scripts/callback +++ /dev/null @@ -1,77 +0,0 @@ -#!/bin/sh -################################################################### -# -# Script to dial the remote system, negotiate the connection, and send -# it the id. Then wait for the modem to disconnect. Reset the modem -# to answer mode and wait for the system to call back. -# -# The telephone number and modempass are used when establishing the -# connection to the modem. -# -PHONE=555-1212 -MODEMPASS=modem_identifier -# -# Once the modem calls back, the account name and password are used for -# a UNIX style login operation. -# -ACCOUNT=my_account_name -PASSWORD=my_password - -################################################################### -# -# Step 1. Dial the modem and negotiate the initial dialog. -# note: the modem is configured to ignore loss of DCD at this point. -# it is important that this be performed because the loss of DCD -# will normally prevent system from working since 'modem' is used -# for pppd. -# -# The script is terminated normally when the carrier is lost. -# -chat -v \ - TIMEOUT 3 \ - ABORT '\nBUSY\r' \ - ABORT '\nNO ANSWER\r' \ - ABORT '\nRINGING\r\n\r\nRINGING\r' \ - '' AT \ - 'OK-+++\c-OK' 'AT&C0&D2S0=0H0' \ - TIMEOUT 30 \ - OK ATDT$TELEPHONE \ - CONNECT '' \ - assword: $MODEMPASS \ - "\nNO CARRIER\r" - -if [ "$?" = "0" ]; then - -################################################################### -# -# Step 2. Wait for the call back from the remote. This will wait for at most -# 30 seconds for the call back should the first attempt fail or -# something happen with the callback logic at the remote. -# -# note: when the callback occurs, the DCD setting is re-enabled. -# -# If some voice call should happen during this period, the system will -# answer the telephone and then hang up on them. I realize that this is -# rude, but there is little that this script can do. -# - chat -v \ - TIMEOUT 30 \ - ABORT '\nVOICE\r' \ - '\nRING\r' 'AT&C1A' \ - CONNECT '' \ - TIMEOUT 10 \ - ogin:--ogin: $ACCOUNT \ - TIMEOUT 45 \ - assword: $PASSWORD - - if [ "$?" = "0" ]; then - exit 0 - fi -fi - -################################################################### -# -# The script has failed. Terminate the connection mode. -# -chat -v TIMEOUT 3 "" AT 'OK-+++\c-OK' 'AT&C1&D2S0=0H0' OK -exit 1 diff --git a/scripts/chat-callback b/scripts/chat-callback deleted file mode 100644 index d014d6a..0000000 --- a/scripts/chat-callback +++ /dev/null @@ -1,98 +0,0 @@ -# ===================================================================================== -# Chat script to dial our Company PPP account. -# They uses a call-back system to identify us and to reverse -# charge the call cost. -# ===================================================================================== -# -ECHO OFF -# All the usual abort strings -ABORT "NO CARRIER" -ABORT "VOICE" -ABORT "BUSY" -ABORT "NO DIALTONE" -ABORT "NO ANSWER" -# -# If calling outside allowed time we get this: -# -ABORT "Access denied" -# -# Modem initialisation stuff -# -TIMEOUT 5 -SAY "Initialising modem ...\n" -'' ATE1 -'OK\r\n' ATS0=1S11=60X4&K4S42.1=1 -# -# Now dial our ISP and wait for connection -# -SAY "Dialling our ISP ...\n" -'OK\r\n' ATDT09834657 -TIMEOUT 60 -CONNECT \c -SAY "Connected ...\n" -# -# This is the first stage login, we identify ourself so that the remote -# system will agree to call us back. -# -TIMEOUT 30 -SAY "Sending Callback login ID ...\n" -name:-BREAK-name: callme -# -# From now on, we must assume no carrier is normal as well -# as receiving a HANGUP signal because it will be the -# case if our ISP clears the call to call us back. -# -CLR_ABORT "NO CARRIER" -HANGUP OFF -# -ABORT "Invalid" -# -# Now send password and wait to see what happens -# -SAY "Sending Callback password ...\n" -word:--word: xvsgsgs -"You will be" \c -# -# What can happen now is: -# either: we get "You will be called back..." which is the successful case -# or: we get "Invalid login" and we abort (bad login ID or password) -# or: we get "NO CARRIER" because of an error, this will not abort -# and we will time out after 30 seconds -# or: we get nothing and we will time out after 30 seconds -# -# -# We reach here if we got "You will be called back..." -# -CLR_ABORT "Invalid" -SAY "Now waiting for Call back ...\n" -# -# The remote system will now hangup and we will get both "NO CARRIER" -# and a hangup signal which are ignored. We now wait for a connection -# for up to 120 seconds. What happens here if somebody else calls before -# the remote system is a bit dangerous: -# -# If a malicious user connects and says 'name:', he will see 'PPPuser' -# If he then says 'word:' he will see the passowrd 'blipblop'. I may not -# know to which systems these belong to, though. It is up to you to consider -# that case and decide wether the risk is too big or not .... -# -TIMEOUT 120 -"CONNECT" \c -# -# We have been called, re-arm ABORT on NO CARRIER and normal hangup signal -# behaviour -# -HANGUP ON -ABORT "NO CARRIER" -# -# Second stage login in order to start PPP -# -SAY "Remote system called back, logging in ...\n" -SAY "Sending login ID ...\n" -name:-BREAK-name: PPPuser -SAY "Sending password ...\n" -word:--word: blipblop -SAY "Asking to start PPP ...\n" -'CnetSrv' "ppp default" -"Entering PPP mode" \c -SAY "ISP PPP started ...\n" diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add deleted file mode 100644 index b93590e..0000000 --- a/scripts/ip-down.local.add +++ /dev/null @@ -1,20 +0,0 @@ - -# -# This sample code shows you one way to modify your setup to allow automatic -# configuration of your resolv.conf for peer supplied DNS addresses when using -# the `usepeerdns' option. -# -# In my case I just added this to my /etc/ppp/ip-down.local script. You may need to -# create an executable script if one does not exist. -# -# Nick Walker (nickwalker@email.com) -# - -if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then - if [ -f /etc/ppp/resolv.prev ]; then - cp -f /etc/ppp/resolv.prev /etc/resolv.conf - else - rm -f /etc/resolv.conf - fi -fi - diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add deleted file mode 100644 index 8017209..0000000 --- a/scripts/ip-up.local.add +++ /dev/null @@ -1,24 +0,0 @@ - -# -# This sample code shows you one way to modify your setup to allow automatic -# configuration of your resolv.conf for peer supplied DNS addresses when using -# the `usepeerdns' option. -# -# In my case I just added this to my /etc/ppp/ip-up.local script. You may need to -# create an executable script if one does not exist. -# -# Nick Walker (nickwalker@email.com) -# - -if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then - rm -f /etc/ppp/resolv.prev - if [ -f /etc/resolv.conf ]; then - cp /etc/resolv.conf /etc/ppp/resolv.prev - grep domain /etc/ppp/resolv.prev > /etc/resolv.conf - grep search /etc/ppp/resolv.prev >> /etc/resolv.conf - cat /etc/ppp/resolv.conf >> /etc/resolv.conf - else - cp /etc/ppp/resolv.conf /etc - fi -fi - diff --git a/scripts/options-rsh-loc b/scripts/options-rsh-loc deleted file mode 100644 index b015b87..0000000 --- a/scripts/options-rsh-loc +++ /dev/null @@ -1 +0,0 @@ -debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1460 diff --git a/scripts/options-rsh-rem b/scripts/options-rsh-rem deleted file mode 100644 index 4b10bb9..0000000 --- a/scripts/options-rsh-rem +++ /dev/null @@ -1 +0,0 @@ -notty debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1460 diff --git a/scripts/options-ssh-loc b/scripts/options-ssh-loc deleted file mode 100644 index add03d6..0000000 --- a/scripts/options-ssh-loc +++ /dev/null @@ -1 +0,0 @@ -debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1400 diff --git a/scripts/options-ssh-rem b/scripts/options-ssh-rem deleted file mode 100644 index d690722..0000000 --- a/scripts/options-ssh-rem +++ /dev/null @@ -1 +0,0 @@ -notty debug asyncmap FFFFFFFF escape FF kdebug 0 noipdefault nodefaultroute noauth mtu 1400 diff --git a/scripts/ppp-off b/scripts/ppp-off deleted file mode 100755 index a22b5ea..0000000 --- a/scripts/ppp-off +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -###################################################################### -# -# Determine the device to be terminated. -# -if [ "$1" = "" ]; then - DEVICE=ppp0 -else - DEVICE=$1 -fi - -###################################################################### -# -# If the ppp0 pid file is present then the program is running. Stop it. -if [ -r /var/run/$DEVICE.pid ]; then - kill -INT `cat /var/run/$DEVICE.pid` -# -# If the kill did not work then there is no process running for this -# pid. It may also mean that the lock file will be left. You may wish -# to delete the lock file at the same time. - if [ ! "$?" = "0" ]; then - rm -f /var/run/$DEVICE.pid - echo "ERROR: Removed stale pid file" - exit 1 - fi -# -# Success. Let pppd clean up its own junk. - echo "PPP link to $DEVICE terminated." - exit 0 -fi -# -# The ppp process is not running for ppp0 -echo "ERROR: PPP link is not active on $DEVICE" -exit 1 diff --git a/scripts/ppp-on b/scripts/ppp-on deleted file mode 100755 index ab79db4..0000000 --- a/scripts/ppp-on +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# -# Script to initiate a ppp connection. This is the first part of the -# pair of scripts. This is not a secure pair of scripts as the codes -# are visible with the 'ps' command. However, it is simple. -# -# These are the parameters. Change as needed. -TELEPHONE=555-1212 # The telephone number for the connection -ACCOUNT=george # The account name for logon (as in 'George Burns') -PASSWORD=gracie # The password for this account (and 'Gracie Allen') -LOCAL_IP=0.0.0.0 # Local IP address if known. Dynamic = 0.0.0.0 -REMOTE_IP=0.0.0.0 # Remote IP address if desired. Normally 0.0.0.0 -NETMASK=255.255.255.0 # The proper netmask if needed -# -# Export them so that they will be available at 'ppp-on-dialer' time. -export TELEPHONE ACCOUNT PASSWORD -# -# This is the location of the script which dials the phone and logs -# in. Please use the absolute file name as the $PATH variable is not -# used on the connect option. (To do so on a 'root' account would be -# a security hole so don't ask.) -# -DIALER_SCRIPT=/etc/ppp/ppp-on-dialer -# -# Initiate the connection -# -# I put most of the common options on this command. Please, don't -# forget the 'lock' option or some programs such as mgetty will not -# work. The asyncmap and escape will permit the PPP link to work with -# a telnet or rlogin connection. You are welcome to make any changes -# as desired. Don't use the 'defaultroute' option if you currently -# have a default route to an ethernet gateway. -# -exec /usr/sbin/pppd debug lock modem crtscts /dev/ttyS0 38400 \ - asyncmap 20A0000 escape FF kdebug 0 $LOCAL_IP:$REMOTE_IP \ - noipdefault netmask $NETMASK defaultroute connect $DIALER_SCRIPT diff --git a/scripts/ppp-on-dialer b/scripts/ppp-on-dialer deleted file mode 100755 index 7d66765..0000000 --- a/scripts/ppp-on-dialer +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh -# -# This is part 2 of the ppp-on script. It will perform the connection -# protocol for the desired connection. -# -exec chat -v \ - TIMEOUT 3 \ - ABORT '\nBUSY\r' \ - ABORT '\nNO ANSWER\r' \ - ABORT '\nRINGING\r\n\r\nRINGING\r' \ - '' \rAT \ - 'OK-+++\c-OK' ATH0 \ - TIMEOUT 30 \ - OK ATDT$TELEPHONE \ - CONNECT '' \ - ogin:--ogin: $ACCOUNT \ - assword: $PASSWORD diff --git a/scripts/ppp-on-rsh b/scripts/ppp-on-rsh deleted file mode 100755 index 30a50db..0000000 --- a/scripts/ppp-on-rsh +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/sh -# -# A sample script to establish PPP session(s) via rsh -# -# Adi Masputra -# Jan 24, 2000 -# - -# -# You'd definitely want to change the following addresses to suit -# your network configuration -# -LOC_IP=10.0.0.1 -REM_IP=10.0.0.2 -NETMASK=255.255.0.0 - -export LOC_IP REM_IP - -# -# This is the remote peer where in.rshd is running, either -# its hostname or IP address -# -PPPD_RHOST=myremotehost - -# -# For this example, we assume that pppd on both local and remote -# machines reside in the same place, /usr/local/bin/pppd -# -PPPD_LOC=/usr/local/bin/pppd - -# -# The location of local options file (where rsh client is running). -# Note that the sample options file included in the distribution -# may need further customizations, depending on your needs. The 'noauth' -# option specified in the file is there to simplify the example. In -# reality, you'd probably want to remove such option. -# -PPPD_LOC_OPT=/etc/ppp/options-rsh-loc - -# -# The location of remote options file (where in.rshd daemon is running). -# Note that the sample options file included in the distribution -# may need further customizations, depending on your needs. The 'noauth' -# option specified in the file is there to simplify the example. In -# reality, you'd probably want to remove such option. Also note that -# the remote options file need to include the 'notty' option for this -# to work -# -PPPD_REM_OPT=/etc/ppp/options-rsh-rem - -# -# The location of rsh client on the local machine -# -RSH_LOC=/bin/rsh - -export PPPD_LOC PPPD_LOC_OPT PPPD_REM_OPT PPPD_RHOST RSH_LOC - -# -# Uncomment the following to enable IPv6, note that the IPv6 support -# needs to be enabled during compilation -# -# PPPD_IPV6='+ipv6 ipv6cp-use-ipaddr' -export PPPD_IPV6 - -# -# And execute pppd with the pty option, specifying rsh client as the -# slave side of the pseduo-tty master/slave pair. -# -exec $PPPD_LOC \ - pty '$RSH_LOC $PPPD_RHOST $PPPD_LOC $REM_IP:$LOC_IP $PPPD_IPV6 file $PPPD_REM_OPT' \ - $LOC_IP:$REM_IP netmask $NETMASK $PPPD_IPV6 file $PPPD_LOC_OPT - diff --git a/scripts/ppp-on-ssh b/scripts/ppp-on-ssh deleted file mode 100755 index 0e41aca..0000000 --- a/scripts/ppp-on-ssh +++ /dev/null @@ -1,76 +0,0 @@ -#!/bin/sh -# -# A sample script to establish PPP session(s) via SSH 1.x -# -# Adi Masputra -# Jan 24, 2000 -# - -# -# You'd definitely want to change the following addresses to suit -# your network configuration -# -LOC_IP=10.0.0.1 -REM_IP=10.0.0.2 -NETMASK=255.255.0.0 - -export LOC_IP REM_IP - -# -# This is the remote peer where sshd is running, either -# its hostname or IP address -# -PPPD_RHOST=myremotehost - -# -# For this example, we assume that pppd on both local and remote -# machines reside in the same place, /usr/local/bin/pppd -# -PPPD_LOC=/usr/local/bin/pppd - -# -# The location of local options file (where ssh client is running). -# Note that the sample options file included in the distribution -# may need further customizations, depending on your needs. The 'noauth' -# option specified in the file is there to simplify the example, although -# some may choose to have it there and rely on ssh authentication -# instead. -# -PPPD_LOC_OPT=/etc/ppp/options-ssh-loc - -# -# The location of remote options file (where sshd daemon is running) -# Note that the sample options file included in the distribution -# may need further customizations, depending on your needs. The 'noauth' -# option specified in the file is there to simplify the example, although -# some may choose to have it there and rely on ssh authentication -# instead. Also note that the remote options file need to include the 'notty' -# options for this to work. -# -PPPD_REM_OPT=/etc/ppp/options-ssh-rem - -# -# The location of ssh client on the local machine -# -SSH_LOC=/usr/local/bin/ssh - -export PPPD_LOC PPPD_LOC_OPT PPPD_REM_OPT PPPD_RHOST SSH_LOC - -# -# Uncomment the following to enable IPv6, note that the IPv6 support -# needs to be enabled during compilation -# -# PPPD_IPV6='+ipv6 ipv6cp-use-ipaddr' -export PPPD_IPV6 - -# -# And execute pppd with the pty option, specifying ssh client as the -# slave side of the pseudo-tty master/slave pair. Note that on this example, -# ssh has been compiled to allow NULL encryption (thus the '-c none' option), -# but in reality, you'd probably want to specify the encryption algorithm. -# See the man page of ssh(1) for details. -# -exec $PPPD_LOC \ - pty '$SSH_LOC -c none $PPPD_RHOST $PPPD_LOC $REM_IP:$LOC_IP $PPPD_IPV6 file $PPPD_REM_OPT' \ - $LOC_IP:$REM_IP netmask $NETMASK $PPPD_IPV6 file $PPPD_LOC_OPT - diff --git a/scripts/redialer b/scripts/redialer deleted file mode 100755 index d43c42a..0000000 --- a/scripts/redialer +++ /dev/null @@ -1,96 +0,0 @@ -#!/bin/bash -################################################################### -# -# These parameters control the attack dialing sequence. -# -# Maximum number of attempts to reach the telephone number(s) -MAX_ATTEMPTS=10 - -# Delay between each of the attempts. This is a parameter to sleep -# so use "15s" for 15 seconds, "1m" for 1 minute, etc. -SLEEP_DELAY=15s - -################################################################### -# -# This is a list of telephone numbers. Add new numbers if you wish -# and see the function 'callall' below for the dial process. -PHONE1=555-1212 -PHONE2=411 - -################################################################### -# -# If you use the ppp-on script, then these are passed to this routine -# automatically. There is no need to define them here. If not, then -# you will need to set the values. -# -ACCOUNT=my_account_name -PASSWORD=my_password - -################################################################### -# -# Function to initialize the modem and ensure that it is in command -# state. This may not be needed, but it doesn't hurt. -# -function initialize -{ - chat -v TIMEOUT 3 '' AT 'OK-+++\c-OK' - return -} - -################################################################### -# -# Script to dial a telephone -# -function callnumber -{ -chat -v \ - ABORT '\nBUSY\r' \ - ABORT '\nNO ANSWER\r' \ - ABORT '\nRINGING\r\n\r\nRINGING\r' \ - '' ATDT$1 \ - CONNECT '' \ - ogin:--ogin: $ACCOUNT \ - assword: $PASSWORD -# -# If the connection was successful then end the whole script with a -# success. -# - if [ "$?" = "0" ]; then - exit 0 - fi - - return -} - -################################################################### -# -# Script to dial any telephone number -# -function callall -{ -# echo "dialing attempt number: $1" >/dev/console - callnumber $PHONE1 -# callnumber $PHONE2 -} - -################################################################### -# -# Initialize the modem to ensure that it is in the command state -# -initialize -if [ ! "$?" = "0" ]; then - exit 1 -fi - -# -# Dial telephone numbers until one answers -# -attempt=0 -while : ; do - attempt=`expr $attempt + 1` - callall $attempt - if [ "$attempt" = "$MAX_ATTEMPTS" ]; then - exit 1 - fi - sleep "$SLEEP_DELAY" -done diff --git a/scripts/secure-card b/scripts/secure-card deleted file mode 100755 index ae3ae50..0000000 --- a/scripts/secure-card +++ /dev/null @@ -1,111 +0,0 @@ -#!/usr/bin/expect -f -# -# This script was written by Jim Isaacson . It is -# designed to work as a script to use the SecureCARD(tm) device. This -# little device is mated with a central controller. The number displayed -# on this card changes every so often and you need to enter the number -# along with your user account name in order to gain access. Since chat -# is based upon fixed strings this procedure will not work with chat. -# -# It is included by permission. An excellent reference for the expect -# program used by this script is in the book: -# -# "Exploring Expect" -# by Don Libes -# Published by O'Rielly and Associates -# - -send_user "hello, starting ppp\n" - -system "stty 19200 -echoe -echo raw < /dev/ttyS3 > /dev/ttyS3" - -# -# These are the parameters for the program. -# -set user Pxxxxxx -set password xxxxxxx -set modem /dev/ttyS3 -set dialup -set timeout 60 - -spawn -noecho -open [open $modem "r+"] - -send "AT&F\r" -expect "OK" - -send "ATe0v1x4&c1q0&d2&c1s2=128s0=0DT $dialup\r" -set timeout 15 -set counter 0 - -set still_connecting 1 - -expect { - -re ".*CONNECT.*\n" { - set timeout 5 - set still_connecting 0 - continue -expect - } - -re ".*CONNECT.*\r" { - set timeout 5 - set still_connecting 0 - continue -expect - } - -re ".*NO.*CARRIER" { - send_user "Failed to Connect, exiting...\n" - exit - } - -re ".*NO.*DIAL.*TONE" { - send_user "Failed to Connect, exiting...\n" - exit - } - -re ".*VOICE" { - send_user "Failed to Connect, exiting...\n" - exit - } - -re ".*sscode:.*\n" { - continue -expect - } - -re ".*sscode:" { - set timeout -1 - expect_user -re "(.*)\n" - send "$expect_out(1,string)\r" - set timeout 30 - continue -expect - } - -re ".*Next.*:" { - set timeout -1 - expect_user -re "(.*)\n" - send "$expect_out(1,string)\r" - set timeout 30 - continue -expect - } - -re "Your.*" { - send "\r" - continue -expect - } - -re ".*in:" { - send "$user\r" - continue -expect - } - -re ".*word:" { - send "$password\r" - } - - timeout { - if { $still_connecting > 0 } { - continue -expect - } - set timeout 15 - send "\r" - incr counter - if { $counter > 8 } { - send_user "Cannot Connect\n" - exit - } else { - continue -expect - } - } -} - -overlay -0 $spawn_id -1 $spawn_id pppd /dev/ttyS3 19200 192.111.187.215: \ - crtscts modem defaultroute debug