1 2/* 3 * Author: Arvin Schnell <arvin@suse.de> 4 * 5 * This plugin let's you pass the password to the pppd via 6 * a file descriptor. That's easy and secure - no fiddling 7 * with pap- and chap-secrets files. 8 */ 9 10#include <stdio.h> 11#include <errno.h> 12#include <string.h> 13#include <unistd.h> 14 15#include "pppd.h" 16 17char pppd_version[] = VERSION; 18 19static int passwdfd = -1; 20static char save_passwd[MAXSECRETLEN]; 21 22static option_t options[] = { 23 { "passwordfd", o_int, &passwdfd, 24 "Receive password on this file descriptor" }, 25 { NULL } 26}; 27 28static int pwfd_check (void) 29{ 30 return 1; 31} 32 33static int pwfd_passwd (char *user, char *passwd) 34{ 35 int readgood, red; 36 37 if (passwdfd == -1) 38 return -1; 39 40 if (passwd == NULL) 41 return 1; 42 43 if (passwdfd == -2) { 44 strcpy (passwd, save_passwd); 45 return 1; 46 } 47 48 readgood = 0; 49 do { 50 red = read (passwdfd, passwd + readgood, MAXSECRETLEN - 1 - readgood); 51 if (red == 0) 52 break; 53 if (red < 0) { 54 error ("Can't read secret from fd\n"); 55 readgood = -1; 56 break; 57 } 58 readgood += red; 59 } while (readgood < MAXSECRETLEN - 1); 60 61 close (passwdfd); 62 63 if (readgood < 0) 64 return 0; 65 66 passwd[readgood] = 0; 67 strcpy (save_passwd, passwd); 68 passwdfd = -2; 69 70 return 1; 71} 72 73void plugin_init (void) 74{ 75 add_options (options); 76 77 pap_check_hook = pwfd_check; 78 pap_passwd_hook = pwfd_passwd; 79 80 chap_check_hook = pwfd_check; 81 chap_passwd_hook = pwfd_passwd; 82} 83