From 12fd795d924055603617fd039782a3df47f0a6c8 Mon Sep 17 00:00:00 2001 From: brian Date: Tue, 18 Nov 1997 00:20:29 +0000 Subject: Notice that ppp has closed the connection properly. Remove the timeout hack to notice that ppp has closed the connection. Remove the ``special case'' hacks for "quit" and "bye", as pppctl now exits immediately when the connection is closed by ppp. Suggest a secure "set server" line for connecting ppp & pppctl. Tidy up and correct a few man page typos. --- usr.sbin/pppctl/pppctl.8 | 57 ++++++++++++++++++++-------------------------- usr.sbin/pppctl/pppctl.c | 59 +++++++++++++++++++----------------------------- 2 files changed, 47 insertions(+), 69 deletions(-) (limited to 'usr.sbin/pppctl') diff --git a/usr.sbin/pppctl/pppctl.8 b/usr.sbin/pppctl/pppctl.8 index 6c778d6..a617f04 100644 --- a/usr.sbin/pppctl/pppctl.8 +++ b/usr.sbin/pppctl/pppctl.8 @@ -1,4 +1,4 @@ -.\" $Id: pppctl.8,v 1.5 1997/11/07 02:54:46 brian Exp $ +.\" $Id: pppctl.8,v 1.6 1997/11/07 20:20:14 brian Exp $ .Dd 26 June 1997 .Os FreeBSD .Dt PPPCTL 8 @@ -49,7 +49,9 @@ daemon. If any semi-colon characters are found, they are treated as .Ar command delimiters, allowing more than one .Ar command -in a given "session". For example: +in a given +.Sq session . +For example: pppctl 3000 set timeout 300\\; show timeout @@ -75,14 +77,14 @@ The following command line options are available: Display all data sent to and received from the .Nm ppp daemon. Normally, -.Nm pppctl +.Nm displays only non-prompt lines received. This option is ignored in interactive mode. .It Fl t Ar n Use a timeout of .Ar n -instead of the default 2 seconds. This may be required if you -wish to control a daemon over a slow (or even a dialup) link. +instead of the default 2 seconds when connecting. This may be required +if you wish to control a daemon over a slow (or even a dialup) link. .It Fl p Ar passwd Specify the password required by the .Nm ppp @@ -93,49 +95,37 @@ will prompt for a password once it has successfully connected to .El .Sh EXAMPLES -Assuming you want to run +If you run .Nm ppp in .Fl auto -mode, +mode, .Nm -can be used to automate many frequent tasks. Use of the +can be used to automate many frequent tasks (you can actually control +.Nm ppp +in any mode except interactive mode). Use of the .Fl p -option is discouraged (even in scripts that aren't readably by others) +option is discouraged (even in scripts that aren't readable by others) as a .Xr ps 1 listing may reveal your secret. .Pp -In order to have -.Nm ppp -create a socket for use with -.Nm pppctl , -you will need to define a password for your local system: -.Bd -literal -offset indent -# touch /etc/ppp/ppp.secret -# chown root.wheel /etc/ppp/ppp.secret -# chmod 400 /etc/ppp/ppp.secret -# echo "`hostname -s` MyPassword" >>/etc/ppp/ppp.secret -.Ed - -.Pp -The most secure way to allow easy, secure +The best way to allow easy, secure .Nm -access, and to make sure you can distinguish between multiple invocations -of -.Nm ppp -is to create a local server socket in +access is to create a local server socket in .Pa /etc/ppp/ppp.conf -(in the correct section): +(in the correct section) like this: .Bd -literal -offset indent -set server /var/run/internet 0666 +set server /var/run/internet "" 0177 .Ed This will instruct .Nm ppp -to create a local domain socket rather than the tcp socket that's created -by default. Refer to the +to create a local domain socket, with srw------- permissions and no +password, allowing access only to the user that invoked +.Nm ppp . +Refer to the .Xr ppp 8 man page for further details. @@ -145,7 +135,7 @@ You can now create some easy-access scripts. To connect to the internet: .Bd -literal -offset indent #! /bin/sh test $# -eq 0 && time=300 || time=$1 -exec pppctl -t 60 /var/run/internet set timeout $time\\; dial +exec pppctl /var/run/internet set timeout $time\\; dial .Ed .Pp @@ -176,7 +166,7 @@ exec pppctl /var/run/internet "$@" .Sh ENVIRONMENT VARIABLES The following environment variables are understood by -.Nm pppctl +.Nm when in interactive mode: .Bl -tag -width XXXXXXXXXX .It Dv EL_SIZE @@ -195,6 +185,7 @@ commands in .Xr editline 3 , .Xr editrc 5 , .Xr ppp 8 , +.Xr ps 1 , .Xr services 5 .Sh HISTORY diff --git a/usr.sbin/pppctl/pppctl.c b/usr.sbin/pppctl/pppctl.c index 253983c..0e18c6f 100644 --- a/usr.sbin/pppctl/pppctl.c +++ b/usr.sbin/pppctl/pppctl.c @@ -7,7 +7,9 @@ #include #include +#include #include +#include #include #include #include @@ -26,7 +28,7 @@ Usage() fprintf(stderr, " -v tells pppctl to output all" " conversation\n"); fprintf(stderr, " -t n specifies a timeout of n" - " seconds (default 2)\n"); + " seconds when connecting (default 2)\n"); fprintf(stderr, " -p passwd specifies your password\n"); return 1; } @@ -54,25 +56,19 @@ GetPrompt(EditLine *e) } static int -Receive(int fd, unsigned TimeoutVal, int display) +Receive(int fd, int display) { int Result; - struct sigaction act, oact; int len; char *last; - TimedOut = 0; - if (TimeoutVal) { - act.sa_handler = Timeout; - sigemptyset(&act.sa_mask); - act.sa_flags = 0; - sigaction(SIGALRM, &act, &oact); - alarm(TimeoutVal); - } - prompt = Buffer; len = 0; while (Result = read(fd, Buffer+len, sizeof(Buffer)-len-1), Result != -1) { + if (Result == 0 && errno != EINTR) { + Result = -1; + break; + } len += Result; Buffer[len] = '\0'; if (TimedOut) { @@ -98,10 +94,6 @@ Receive(int fd, unsigned TimeoutVal, int display) if (last > Buffer+3 && !strncmp(last-3, " on", 3)) { /* a password is required ! */ if (display & REC_PASSWD) { - if (TimeoutVal) { - alarm(0); - sigaction(SIGALRM, &oact, 0); - } /* password time */ if (!passwd) passwd = getpass("Password: "); @@ -111,7 +103,7 @@ Receive(int fd, unsigned TimeoutVal, int display) write(1, Buffer, strlen(Buffer)); write(fd, Buffer, strlen(Buffer)); memset(Buffer, '\0', strlen(Buffer)); - return Receive(fd, TimeoutVal, display & ~REC_PASSWD); + return Receive(fd, display & ~REC_PASSWD); } Result = 1; } else @@ -120,17 +112,11 @@ Receive(int fd, unsigned TimeoutVal, int display) } } - if (TimedOut) - Result = -1; - - if (TimeoutVal) { - alarm(0); - sigaction(SIGALRM, &oact, 0); - } return Result; } static int data = -1; +static jmp_buf pppdead; static void check_fd(int sig) @@ -139,12 +125,18 @@ check_fd(int sig) struct timeval t; fd_set f; static char buf[LINELEN]; + int len; FD_ZERO(&f); FD_SET(data, &f); t.tv_sec = t.tv_usec = 0; - if (select(data+1, &f, NULL, NULL, &t) > 0) - write(1, buf, read(data, buf, sizeof buf)); + if (select(data+1, &f, NULL, NULL, &t) > 0) { + len = read(data, buf, sizeof buf); + if (len > 0) + write(1, buf, len); + else + longjmp(pppdead, -1); + } } } @@ -152,12 +144,11 @@ static const char * smartgets(EditLine *e, int *count, int fd) { const char *result; - /* struct itimerval it; */ data = fd; signal(SIGALRM, check_fd); ualarm(500000, 500000); - result = el_gets(e, count); + result = setjmp(pppdead) ? NULL : el_gets(e, count); ualarm(0,0); signal(SIGALRM, SIG_DFL); data = -1; @@ -312,7 +303,7 @@ main(int argc, char **argv) len += strlen(Command+len); } - switch (Receive(fd, TimeoutVal, verbose | REC_PASSWD)) + switch (Receive(fd, verbose | REC_PASSWD)) { case 1: fprintf(stderr, "Password incorrect\n"); @@ -348,14 +339,10 @@ main(int argc, char **argv) if (len > 1) history(hist, H_ENTER, l); write(fd, l, len); - if (!strcasecmp(l, "quit\n") || - !strcasecmp(l, "bye\n")) /* ok, we're cheating */ + if (Receive(fd, REC_SHOW) != 0) break; - if (Receive(fd, TimeoutVal, REC_SHOW) != 0) { - fprintf(stderr, "Connection closed\n"); - break; - } } + fprintf(stderr, "Connection closed\n"); el_end(edit); history_end(hist); } else { @@ -372,7 +359,7 @@ main(int argc, char **argv) if (verbose) write(1, Buffer, strlen(Buffer)); write(fd, Buffer, strlen(Buffer)); - if (Receive(fd, TimeoutVal, verbose | REC_SHOW) != 0) { + if (Receive(fd, verbose | REC_SHOW) != 0) { fprintf(stderr, "No reply from ppp\n"); break; } -- cgit v1.1