1
2 /*
3 * Author: Arvin Schnell <arvin@suse.de>
4 *
5 * This plugin let's you pass the password to the pppd via
6 * a file descriptor. That's easy and secure - no fiddling
7 * with pap- and chap-secrets files.
8 */
9
10 #include <stdio.h>
11 #include <errno.h>
12 #include <string.h>
13 #include <unistd.h>
14
15 #include "pppd.h"
16
17 char pppd_version[] = VERSION;
18
19 static int passwdfd = -1;
20 static char save_passwd[MAXSECRETLEN];
21
22 static option_t options[] = {
23 { "passwordfd", o_int, &passwdfd,
24 "Receive password on this file descriptor" },
25 { NULL }
26 };
27
pwfd_check(void)28 static int pwfd_check (void)
29 {
30 return 1;
31 }
32
pwfd_passwd(char * user,char * passwd)33 static int pwfd_passwd (char *user, char *passwd)
34 {
35 int readgood, red;
36
37 if (passwdfd == -1)
38 return -1;
39
40 if (passwd == NULL)
41 return 1;
42
43 if (passwdfd == -2) {
44 strcpy (passwd, save_passwd);
45 return 1;
46 }
47
48 readgood = 0;
49 do {
50 red = read (passwdfd, passwd + readgood, MAXSECRETLEN - 1 - readgood);
51 if (red == 0)
52 break;
53 if (red < 0) {
54 error ("Can't read secret from fd\n");
55 readgood = -1;
56 break;
57 }
58 readgood += red;
59 } while (readgood < MAXSECRETLEN - 1);
60
61 close (passwdfd);
62
63 if (readgood < 0)
64 return 0;
65
66 passwd[readgood] = 0;
67 strcpy (save_passwd, passwd);
68 passwdfd = -2;
69
70 return 1;
71 }
72
plugin_init(void)73 void plugin_init (void)
74 {
75 add_options (options);
76
77 pap_check_hook = pwfd_check;
78 pap_passwd_hook = pwfd_passwd;
79
80 chap_check_hook = pwfd_check;
81 chap_passwd_hook = pwfd_passwd;
82 }
83