Hello community,
here is the log from the commit of package smpppd
checked in at Sat Sep 13 12:14:44 CEST 2008.
--------
--- smpppd/smpppd.changes 2008-04-25 15:02:24.000000000 +0200
+++ /mounts/work_src_done/STABLE/smpppd/smpppd.changes 2008-09-11 17:07:17.000000000 +0200
@@ -1,0 +2,6 @@
+Thu Sep 11 17:05:55 CEST 2008 - lnussel@suse.de
+
+- use PolicyKit instead of dialout group to check access
+- support plain chat instead of wvdial, making wvdial optional
+
+-------------------------------------------------------------------
Old:
----
smpppd-1.59_SVN16.tar.bz2
New:
----
smpppd-1.59_SVN28.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ smpppd.spec ++++++
--- /var/tmp/diff_new_pack.R21530/_old 2008-09-13 12:14:20.000000000 +0200
+++ /var/tmp/diff_new_pack.R21530/_new 2008-09-13 12:14:20.000000000 +0200
@@ -1,10 +1,17 @@
#
-# spec file for package smpppd (Version 1.59_SVN16)
+# spec file for package smpppd (Version 1.59_SVN28)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
-# This file and all modifications and additions to the pristine
-# package are under the same license as the package itself.
#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
@@ -13,15 +20,18 @@
Name: smpppd
BuildRequires: gcc-c++ openslp-devel openssl-devel wireless-tools
+BuildRequires: PolicyKit-devel
License: GPL v2 or later
Group: Productivity/Networking/PPP
Summary: SuSE Meta PPP Daemon
-Requires: ppp wvdial pptp wireless-tools /usr/bin/killall
-Version: 1.59_SVN16
+Requires: ppp /usr/bin/killall
+Version: 1.59_SVN28
Release: 1
Source0: smpppd-%version.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: %fillup_prereq %insserv_prereq
+Recommends: wvdial
+Recommends: pptp
%description
The SuSE Meta PPP Daemon is the back-end for kinternet. It is required
@@ -38,6 +48,8 @@
%build
export CXXFLAGS="$RPM_OPT_FLAGS -DNDEBUG"
+export CFLAGS="$RPM_OPT_FLAGS -DNDEBUG"
+test configure -nt configure.in || autoreconf -i
./configure --prefix=%_prefix --sysconf=/etc --mandir=%{_mandir} --docdir=%_defaultdocdir/%name
make %{?jobs:-j%jobs}
@@ -61,7 +73,7 @@
%files
%defattr (-, root, root)
%attr (600, root, root) %config(noreplace) /etc/smpppd.conf
-%attr (640, root, dialout) %config(noreplace) /etc/smpppd-c.conf
+%attr (644, root, dialout) %config(noreplace) /etc/smpppd-c.conf
%config /etc/init.d/smpppd
%{_bindir}/cinternet
%{_bindir}/accounting
@@ -69,9 +81,13 @@
%{_sbindir}/smpppd-ifcfg
%{_sbindir}/smpppd-dhcp
%{_sbindir}/rcsmpppd
+%dir %{_datadir}/PolicyKit
+%dir %{_datadir}/PolicyKit/policy
+%{_datadir}/PolicyKit/policy/org.opensuse.smpppd.policy
+%{_prefix}/lib/smpppd
%attr (700, root, root) %dir /var/lib/smpppd
%attr (750, root, dialout) %dir /var/log/smpppd
-%attr (750, root, dialout) %dir /var/run/smpppd
+%attr (755, root, dialout) %dir /var/run/smpppd
%{_mandir}/man?/*
%doc %_defaultdocdir/smpppd
@@ -86,6 +102,9 @@
%{restart_on_update smpppd}
%changelog
+* Thu Sep 11 2008 lnussel@suse.de
+- use PolicyKit instead of dialout group to check access
+- support plain chat instead of wvdial, making wvdial optional
* Fri Apr 25 2008 lnussel@suse.de
- use latest svn snapshot which includes all previous patches
- prevent endless autoreconnect (bnc#383744)
++++++ smpppd-1.59_SVN16.tar.bz2 -> smpppd-1.59_SVN28.tar.bz2 ++++++
++++ 2834 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/compile new/smpppd-1.59_SVN28/compile
--- old/smpppd-1.59_SVN16/compile 1970-01-01 01:00:00.000000000 +0100
+++ new/smpppd-1.59_SVN28/compile 2008-09-11 17:05:24.000000000 +0200
@@ -0,0 +1,142 @@
+#! /bin/sh
+# Wrapper for compilers which do not understand `-c -o'.
+
+scriptversion=2005-05-14.22
+
+# Copyright (C) 1999, 2000, 2003, 2004, 2005 Free Software Foundation, Inc.
+# Written by Tom Tromey .
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# This file is maintained in Automake, please report
+# bugs to or send patches to
+# .
+
+case $1 in
+ '')
+ echo "$0: No command. Try \`$0 --help' for more information." 1>&2
+ exit 1;
+ ;;
+ -h | --h*)
+ cat <<\EOF
+Usage: compile [--help] [--version] PROGRAM [ARGS]
+
+Wrapper for compilers which do not understand `-c -o'.
+Remove `-o dest.o' from ARGS, run PROGRAM with the remaining
+arguments, and rename the output as expected.
+
+If you are trying to build a whole package this is not the
+right script to run: please start by reading the file `INSTALL'.
+
+Report bugs to .
+EOF
+ exit $?
+ ;;
+ -v | --v*)
+ echo "compile $scriptversion"
+ exit $?
+ ;;
+esac
+
+ofile=
+cfile=
+eat=
+
+for arg
+do
+ if test -n "$eat"; then
+ eat=
+ else
+ case $1 in
+ -o)
+ # configure might choose to run compile as `compile cc -o foo foo.c'.
+ # So we strip `-o arg' only if arg is an object.
+ eat=1
+ case $2 in
+ *.o | *.obj)
+ ofile=$2
+ ;;
+ *)
+ set x "$@" -o "$2"
+ shift
+ ;;
+ esac
+ ;;
+ *.c)
+ cfile=$1
+ set x "$@" "$1"
+ shift
+ ;;
+ *)
+ set x "$@" "$1"
+ shift
+ ;;
+ esac
+ fi
+ shift
+done
+
+if test -z "$ofile" || test -z "$cfile"; then
+ # If no `-o' option was seen then we might have been invoked from a
+ # pattern rule where we don't need one. That is ok -- this is a
+ # normal compilation that the losing compiler can handle. If no
+ # `.c' file was seen then we are probably linking. That is also
+ # ok.
+ exec "$@"
+fi
+
+# Name of file we expect compiler to create.
+cofile=`echo "$cfile" | sed -e 's|^.*/||' -e 's/\.c$/.o/'`
+
+# Create the lock directory.
+# Note: use `[/.-]' here to ensure that we don't use the same name
+# that we are using for the .o file. Also, base the name on the expected
+# object file name, since that is what matters with a parallel build.
+lockdir=`echo "$cofile" | sed -e 's|[/.-]|_|g'`.d
+while true; do
+ if mkdir "$lockdir" >/dev/null 2>&1; then
+ break
+ fi
+ sleep 1
+done
+# FIXME: race condition here if user kills between mkdir and trap.
+trap "rmdir '$lockdir'; exit 1" 1 2 15
+
+# Run the compile.
+"$@"
+ret=$?
+
+if test -f "$cofile"; then
+ mv "$cofile" "$ofile"
+elif test -f "${cofile}bj"; then
+ mv "${cofile}bj" "$ofile"
+fi
+
+rmdir "$lockdir"
+exit $ret
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/config.h.in new/smpppd-1.59_SVN28/config.h.in
--- old/smpppd-1.59_SVN16/config.h.in 2008-04-25 15:09:58.000000000 +0200
+++ new/smpppd-1.59_SVN28/config.h.in 2008-09-11 17:05:24.000000000 +0200
@@ -27,6 +27,9 @@
/* Define to 1 if you have the header file. */
#undef HAVE_UNISTD_H
+/* Define to 1 if your C compiler doesn't accept -c and -o together. */
+#undef NO_MINUS_C_MINUS_O
+
/* Name of package */
#undef PACKAGE
@@ -50,3 +53,6 @@
/* Version number of package */
#undef VERSION
+
+/* Define if we should use PolicyKit */
+#undef WITH_POLICYKIT
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/configure.in new/smpppd-1.59_SVN28/configure.in
--- old/smpppd-1.59_SVN16/configure.in 2008-04-25 14:58:49.000000000 +0200
+++ new/smpppd-1.59_SVN28/configure.in 2008-09-11 17:05:04.000000000 +0200
@@ -7,6 +7,7 @@
AM_INIT_AUTOMAKE([1.6 dist-bzip2 no-dist-gzip -Wall])
AC_PROG_CC
+AM_PROG_CC_C_O
AC_PROG_CPP
AC_PROG_CXX
AC_PROG_INSTALL
@@ -23,6 +24,16 @@
AC_MSG_ERROR(Headers for libslp are missing.)
fi
+AC_MSG_CHECKING([whether PolicyKit support is requested])
+AC_ARG_WITH(policykit, AS_HELP_STRING([--with-policykit], [whether to use PolicyKit vor local authentication (default=yes)]),,[with_policykit=yes])
+AC_MSG_RESULT([$with_policykit])
+AM_CONDITIONAL(WITH_POLICYKIT, test "x$with_policykit" != xno)
+
+if test x"$with_policykit" != xno; then
+ PKG_CHECK_MODULES(PolicyKit, [polkit dbus-1])
+ AC_DEFINE_UNQUOTED(WITH_POLICYKIT,1,[Define if we should use PolicyKit])
+fi
+
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_FILES([
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/doc/smpppd-c.conf.5 new/smpppd-1.59_SVN28/doc/smpppd-c.conf.5
--- old/smpppd-1.59_SVN16/doc/smpppd-c.conf.5 2008-01-31 16:33:12.000000000 +0100
+++ new/smpppd-1.59_SVN28/doc/smpppd-c.conf.5 2008-09-11 17:05:03.000000000 +0200
@@ -32,7 +32,7 @@
\fBgateway
Connect to smpppd running on the gateway.
.TP
-\fBcondig-file
+\fBconfig-file
Connect to smpppd as specified in this file.
.TP
\fBslp
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/misc/Makefile.am new/smpppd-1.59_SVN28/misc/Makefile.am
--- old/smpppd-1.59_SVN16/misc/Makefile.am 2008-04-25 14:58:49.000000000 +0200
+++ new/smpppd-1.59_SVN28/misc/Makefile.am 2008-09-11 17:05:04.000000000 +0200
@@ -2,4 +2,9 @@
# Makefile.am for smpppd/misc
#
+if WITH_POLICYKIT
+polkit_policydir = $(datadir)/PolicyKit/policy
+dist_polkit_policy_DATA = org.opensuse.smpppd.policy
+endif
+
EXTRA_DIST = smpppd.conf smpppd-c.conf rc.smpppd
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/misc/org.opensuse.smpppd.policy new/smpppd-1.59_SVN28/misc/org.opensuse.smpppd.policy
--- old/smpppd-1.59_SVN16/misc/org.opensuse.smpppd.policy 1970-01-01 01:00:00.000000000 +0100
+++ new/smpppd-1.59_SVN28/misc/org.opensuse.smpppd.policy 2008-09-11 17:05:04.000000000 +0200
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
+
+<!--
+Policy definitions for smpppd
+-->
+
+<policyconfig>
+
+ <action id="org.opensuse.smpppd.connect">
+ <description>connect to smpppd to control dial connections</description>
+ <message>System policy prevents connection to smpppd</message>
+ <defaults>
+ auth_admin_keep_always
+ auth_admin_keep_always
+ yes
+ </defaults>
+ </action>
+
+</policyconfig>
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/check-polkit-auth.c new/smpppd-1.59_SVN28/smpppd/check-polkit-auth.c
--- old/smpppd-1.59_SVN16/smpppd/check-polkit-auth.c 1970-01-01 01:00:00.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/check-polkit-auth.c 2008-09-11 17:05:03.000000000 +0200
@@ -0,0 +1,304 @@
+/* check polkit authorizations
+ * Copyright (C) 2008 SUSE LINUX Products GmbH
+ *
+ * Author: Ludwig Nussel
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#define _GNU_SOURCE
+
+#ifdef HAVE_CONFIG_H
+# include
+#endif
+
+#include
+#include
+#include
+#include
+
+#include
+#include
+
+static int debug_lvl;
+
+static uid_t session_uid;
+static const char* priv_name;
+
+#define IF_ERROR_PRINT(error) \
+ do { if(dbus_error_is_set(&error)) { \
+ fprintf(stderr, "%s: %s", error.name, error.message); \
+ dbus_error_free(&error); \
+ } } while(0)
+
+static dbus_bool_t is_session_authorized(polkit_bool_t is_active, polkit_bool_t is_local, const char* session_id, const char* seat_id);
+
+static char* ck_session_get_seat_id(DBusConnection *conn, const char* session)
+{
+ DBusError error;
+ DBusMessage *message;
+ DBusMessage *reply;
+ DBusMessageIter iter;
+ char* ret = NULL;
+
+ dbus_error_init(&error);
+
+ message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
+ session,
+ "org.freedesktop.ConsoleKit.Session",
+ "GetSeatId");
+
+ reply = dbus_connection_send_with_reply_and_block (conn, message, -1, &error);
+ if (reply == NULL || dbus_error_is_set (&error)) {
+ IF_ERROR_PRINT(error);
+ goto out;
+ }
+
+ dbus_message_iter_init (reply, &iter);
+ if((dbus_message_iter_get_arg_type (&iter)) != DBUS_TYPE_OBJECT_PATH) {
+ fprintf(stderr, "method returned unexpected type '%s'\n", dbus_message_get_signature(reply));
+ goto out;
+ }
+
+ dbus_message_iter_get_basic(&iter, &ret);
+
+out:
+ dbus_message_unref (message);
+ dbus_message_unref (reply);
+
+ return ret?strdup(ret):NULL;
+}
+
+static dbus_bool_t ck_session_is_local(DBusConnection *conn, const char* session)
+{
+ DBusError error;
+ DBusMessage *message;
+ DBusMessage *reply;
+ DBusMessageIter iter;
+ dbus_bool_t ret = FALSE;
+
+ dbus_error_init(&error);
+
+ message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
+ session,
+ "org.freedesktop.ConsoleKit.Session",
+ "IsLocal");
+
+ reply = dbus_connection_send_with_reply_and_block (conn, message, -1, &error);
+ if (reply == NULL || dbus_error_is_set (&error)) {
+ IF_ERROR_PRINT(error);
+ goto out;
+ }
+
+ dbus_message_iter_init (reply, &iter);
+ if((dbus_message_iter_get_arg_type (&iter)) != DBUS_TYPE_BOOLEAN) {
+ fprintf(stderr, "method returned unexpected type '%s'\n", dbus_message_get_signature(reply));
+ goto out;
+ }
+
+ dbus_message_iter_get_basic(&iter, &ret);
+
+out:
+ dbus_message_unref (message);
+ dbus_message_unref (reply);
+
+ return ret;
+}
+
+static dbus_bool_t ck_session_is_active(DBusConnection *conn, const char* session)
+{
+ DBusError error;
+ DBusMessage *message;
+ DBusMessage *reply;
+ DBusMessageIter iter;
+ dbus_bool_t ret = FALSE;
+
+ dbus_error_init(&error);
+
+ message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
+ session,
+ "org.freedesktop.ConsoleKit.Session",
+ "IsActive");
+
+ reply = dbus_connection_send_with_reply_and_block (conn, message, -1, &error);
+ if (reply == NULL || dbus_error_is_set (&error)) {
+ IF_ERROR_PRINT(error);
+ goto out;
+ }
+
+ dbus_message_iter_init (reply, &iter);
+ if((dbus_message_iter_get_arg_type (&iter)) != DBUS_TYPE_BOOLEAN) {
+ fprintf(stderr, "method returned unexpected type '%s'\n", dbus_message_get_signature(reply));
+ goto out;
+ }
+
+ dbus_message_iter_get_basic(&iter, &ret);
+
+out:
+ dbus_message_unref (message);
+ dbus_message_unref (reply);
+
+ return ret;
+}
+
+static dbus_bool_t have_authorized_session()
+{
+ DBusError error;
+ DBusConnection *conn = NULL;
+ DBusMessage *message = NULL;
+ DBusMessage *reply = NULL;
+ DBusMessageIter iter;
+ DBusMessageIter sub_iter;
+ char* session_id = NULL;
+ int current_type;
+ dbus_bool_t ret = FALSE;
+
+ dbus_error_init(&error);
+ conn = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
+ if(!conn) {
+ IF_ERROR_PRINT(error);
+ goto out;
+ }
+
+ message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
+ "/org/freedesktop/ConsoleKit/Manager",
+ "org.freedesktop.ConsoleKit.Manager",
+ "GetSessionsForUnixUser");
+
+ if(!dbus_message_append_args(message, DBUS_TYPE_UINT32, &session_uid, DBUS_TYPE_INVALID)) {
+ fprintf(stderr, "failed to append args\n");
+ goto out;
+ }
+
+ reply = dbus_connection_send_with_reply_and_block (conn, message, -1, &error);
+ if (reply == NULL || dbus_error_is_set (&error)) {
+ IF_ERROR_PRINT(error);
+ goto out;
+ }
+
+ dbus_message_iter_init (reply, &iter);
+ if((dbus_message_iter_get_arg_type (&iter)) != DBUS_TYPE_ARRAY) {
+ fprintf(stderr, "expected 'ao', got '%s'\n", dbus_message_get_signature(reply));
+ goto out;
+ }
+ dbus_message_iter_recurse (&iter, &sub_iter);
+
+ while ((current_type = dbus_message_iter_get_arg_type (&sub_iter)) == DBUS_TYPE_OBJECT_PATH) {
+ dbus_bool_t is_local;
+ dbus_bool_t is_active;
+ char* seat_id;
+ dbus_message_iter_get_basic(&sub_iter, &session_id);
+ is_local = ck_session_is_local(conn, session_id);
+ is_active = ck_session_is_active(conn, session_id);
+ seat_id = ck_session_get_seat_id(conn, session_id);
+ if(seat_id && is_session_authorized(is_active, is_local, session_id, seat_id)) {
+ ret = TRUE;
+ }
+ free(seat_id);
+ dbus_message_iter_next (&sub_iter);
+ }
+
+out:
+ dbus_message_unref (message);
+ dbus_message_unref (reply);
+
+ return ret;
+}
+
+/* partially based on code in hal-acl-tool */
+static dbus_bool_t is_session_authorized(polkit_bool_t is_active, polkit_bool_t is_local, const char* session_id, const char* seat_id)
+{
+ PolKitError *p_error = NULL;
+ PolKitContext *pk_context = NULL;
+
+ PolKitResult pk_result;
+ PolKitSeat *pk_seat;
+ PolKitSession *pk_session;
+ PolKitAction *pk_action;
+ int ret = FALSE;
+
+#define PFX "/org/freedesktop/ConsoleKit/"
+ if(strlen(session_id) <= strlen(PFX) || strlen(seat_id) <= strlen(PFX))
+ return ret;
+
+ session_id += strlen(PFX);
+ seat_id += strlen(PFX);
+#undef PFX
+
+ pk_context = polkit_context_new ();
+ if (!polkit_context_init (pk_context, &p_error)) {
+ fprintf (stderr, "could not init PolicyKit context: %s\n", polkit_error_get_error_message (p_error));
+ polkit_error_free(p_error);
+ return ret;
+ }
+
+ pk_seat = polkit_seat_new ();
+ polkit_seat_set_ck_objref (pk_seat, seat_id);
+ pk_session = polkit_session_new ();
+ polkit_session_set_seat (pk_session, pk_seat);
+ polkit_seat_unref (pk_seat);
+ polkit_session_set_ck_objref (pk_session, session_id);
+ polkit_session_set_uid (pk_session, session_uid);
+ polkit_session_set_ck_is_active (pk_session, is_active);
+ polkit_session_set_ck_is_local (pk_session, is_local);
+ /* polkit_session_set_ck_remote_host (pk_session, );*/
+
+ pk_action = polkit_action_new();
+ polkit_action_set_action_id (pk_action, priv_name);
+
+ /* Now ask PolicyKit if the given session should have access */
+ pk_result = polkit_context_is_session_authorized (pk_context,
+ pk_action,
+ pk_session,
+ &p_error);
+
+ if(debug_lvl) printf("%s, %s ", session_id, seat_id);
+ if(pk_result != POLKIT_RESULT_YES) {
+ if(polkit_error_is_set(p_error)) {
+ fprintf(stderr, "Error: %s\n", polkit_error_get_error_message (p_error));
+ polkit_error_free(p_error);
+ }
+ if(debug_lvl) printf ("unauthorized\n");
+ } else {
+ if(debug_lvl) printf ("authorized\n");
+ ret = TRUE;
+ }
+
+ polkit_action_unref (pk_action);
+ polkit_session_unref (pk_session);
+ polkit_context_unref(pk_context);
+
+ return ret;
+}
+
+int main(int argc, char* argv[])
+{
+ int argi = 1;
+ if(argc - argi) {
+ if(!strcmp(argv[argi], "--debug")) {
+ ++argi;
+ debug_lvl = 1;
+ }
+ }
+ if(argc - argi != 2) {
+ fprintf(stderr, "Usage: %s [--debug] <uid> <privilege>\n", program_invocation_short_name);
+ return 1;
+ }
+
+ session_uid = atol(argv[argi]);
+ priv_name = argv[argi+1];
+
+ return !have_authorized_session();
+}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/connection-config.cc new/smpppd-1.59_SVN28/smpppd/connection-config.cc
--- old/smpppd-1.59_SVN16/smpppd/connection-config.cc 2008-01-31 16:46:15.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/connection-config.cc 2008-09-11 17:05:03.000000000 +0200
@@ -46,7 +46,9 @@
reconnect = false;
reconnect_delay = 15;
- reconnect_exits = 256;
+ /* used to be 1<<8 but that could lead to repeated dial attempts
+ * that are hard to stop */;
+ reconnect_exits = 0;
do_accounting = DFL_DO_ACCOUNTING;
alive_interval = DFL_ALIVE_INTERVAL;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/defines.h new/smpppd-1.59_SVN28/smpppd/defines.h
--- old/smpppd-1.59_SVN16/smpppd/defines.h 2008-01-31 16:46:15.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/defines.h 2008-09-11 17:05:03.000000000 +0200
@@ -31,6 +31,10 @@
#define _PATH_WVDIAL "/usr/bin/wvdial"
#endif
+#ifndef _PATH_CHAT
+#define _PATH_CHAT "/usr/sbin/chat"
+#endif
+
#define _SMPPPD "smpppd"
#define _PATH_SMPPPD "/usr/sbin/" _SMPPPD
@@ -71,5 +75,6 @@
#define DFL_DO_ACCOUNTING true
#define DFL_ALIVE_INTERVAL (15 * 60)
+#define POLKIT_PRIV_CONNECT "org.opensuse.smpppd.connect"
#endif
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/frontend.cc new/smpppd-1.59_SVN28/smpppd/frontend.cc
--- old/smpppd-1.59_SVN16/smpppd/frontend.cc 2008-01-31 16:46:15.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/frontend.cc 2008-09-11 17:05:03.000000000 +0200
@@ -119,7 +119,6 @@
void
Frontend::write_main_status ()
{
-fprintf(stderr, "FROTEND %d\n", have_default_route );
write_line ("BEGIN MAIN STATUS 1");
write_line ("have-default-route %s", have_default_route ? "yes" : "no" );
write_line ("END MAIN STATUS");
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/Makefile.am new/smpppd-1.59_SVN28/smpppd/Makefile.am
--- old/smpppd-1.59_SVN16/smpppd/Makefile.am 2008-04-25 14:58:49.000000000 +0200
+++ new/smpppd-1.59_SVN28/smpppd/Makefile.am 2008-09-11 17:05:03.000000000 +0200
@@ -2,10 +2,19 @@
# Makefile.am for smpppd/smpppd
#
+AM_CPPFLAGS = -DPACKAGE_LIB_DIR=\"$(pkglibdir)\"
+
bin_PROGRAMS = cinternet accounting
sbin_PROGRAMS = smpppd smpppd-ifcfg
sbin_SCRIPTS = smpppd-dhcp
noinst_PROGRAMS = test1 test2
+pkglib_PROGRAMS =
+
+if WITH_POLICYKIT
+pkglib_PROGRAMS += check-polkit-auth
+endif
+check_polkit_auth_LDADD = $(PolicyKit_LIBS)
+check_polkit_auth_CFLAGS = $(PolicyKit_CFLAGS)
smpppd_SOURCES = \
smpppd.cc smpppd.h \
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/modem.cc new/smpppd-1.59_SVN28/smpppd/modem.cc
--- old/smpppd-1.59_SVN16/smpppd/modem.cc 2008-04-25 14:58:49.000000000 +0200
+++ new/smpppd-1.59_SVN28/smpppd/modem.cc 2008-09-11 17:05:03.000000000 +0200
@@ -27,7 +27,7 @@
{
dprintf ("%s\n", __PRETTY_FUNCTION__);
- wvdial_conf = "/var/run/smpppd/wvdial-" +
+ chat_script = "/var/run/smpppd/chat-" +
modemconfig->ifcfg_filename.substr (6, string::npos) + ".conf";
}
@@ -44,8 +44,8 @@
// Ugly, I know.
accounting_down (0);
- if (access (wvdial_conf.c_str (), R_OK) == 0)
- unlink (wvdial_conf.c_str ());
+ if (access (chat_script.c_str (), R_OK) == 0)
+ unlink (chat_script.c_str ());
}
@@ -56,14 +56,14 @@
// absolutely sufficient to remove a potential old file and create
// the new one with the exclusive flag.
- if (access (wvdial_conf.c_str (), R_OK) == 0)
- unlink (wvdial_conf.c_str ());
+ if (access (chat_script.c_str (), R_OK) == 0)
+ unlink (chat_script.c_str ());
- FILE* fout = my_fopen (wvdial_conf.c_str (), O_CREAT | O_EXCL | O_WRONLY,
+ FILE* fout = my_fopen (chat_script.c_str (), O_CREAT | O_EXCL | O_WRONLY,
0600, "w");
if (!fout) {
logit (true, "error: can't open `%s' for writing: %s",
- wvdial_conf.c_str (), strerror (errno));
+ chat_script.c_str (), strerror (errno));
return false;
}
@@ -94,6 +94,51 @@
return true;
}
+bool
+Modem::write_chat ()
+{
+ // since only root has write permission in /var/run/smpppd/ it's
+ // absolutely sufficient to remove a potential old file and create
+ // the new one with the exclusive flag.
+
+ if (access (chat_script.c_str (), R_OK) == 0)
+ unlink (chat_script.c_str ());
+
+ FILE* fout = my_fopen (chat_script.c_str (), O_CREAT | O_EXCL | O_WRONLY,
+ 0600, "w");
+ if (!fout) {
+ logit (true, "error: can't open `%s' for writing: %s",
+ chat_script.c_str (), strerror (errno));
+ return false;
+ }
+
+ fprintf (fout,
+ "ECHO OFF\n"
+ "ABORT \"NO CARRIER\"\n"
+ "ABORT \"VOICE\"\n"
+ "ABORT \"BUSY\"\n"
+ "ABORT \"NO DIALTONE\"\n"
+ "ABORT \"NO ANSWER\"\n"
+ "TIMEOUT 5\n"
+ "SAY \"initializing modem ...\\n\"\n"
+ "'' AT\n");
+
+ for (int i = 0; i < 9; i++)
+ if (!modemconfig->init_str[i].empty())
+ fprintf (fout, "OK\\r\\n '%s'\n", modemconfig->init_str[i].c_str ());
+
+ fprintf (fout, "SAY \"dialing %s%s\\n\"\n", modemconfig->dial_prefix.c_str(), modemconfig->phone.c_str());
+ string cmd = modemconfig->dial_command + modemconfig->dial_prefix + modemconfig->phone;
+ fprintf (fout, "OK\\r\\n '%s'\n", cmd.c_str());
+ fprintf (fout, "TIMEOUT 60\n"
+ "CONNECT \\c\n"
+ "SAY \"connected\\n\"\n"
+ );
+
+ fclose (fout);
+
+ return true;
+}
bool
Modem::start ()
@@ -131,16 +176,29 @@
if (modemconfig->chat_script == "wvdial")
{
- if (!write_wvdial ())
+ if (!check_ext_prog (_PATH_WVDIAL))
return false;
- if (!check_ext_prog (_PATH_WVDIAL))
+ if (!write_wvdial ())
return false;
chat_cmd = _PATH_WVDIAL " --chat";
if (!modemconfig->debug)
chat_cmd += " --no-syslog";
- chat_cmd += " --config " + wvdial_conf + " smpppd";
+ chat_cmd += " --config " + chat_script + " smpppd";
+ }
+ else if (modemconfig->chat_script == "chat")
+ {
+ if (!check_ext_prog (_PATH_CHAT))
+ return false;
+
+ if (!write_chat ())
+ return false;
+
+ chat_cmd = _PATH_CHAT " -s";
+ if(modemconfig->debug)
+ chat_cmd += " -v";
+ chat_cmd += " -f " + chat_script;
}
else
{
@@ -250,8 +308,8 @@
pppd_ifname = "";
status_callback ();
- if (access (wvdial_conf.c_str (), R_OK) == 0)
- unlink (wvdial_conf.c_str ());
+ if (access (chat_script.c_str (), R_OK) == 0)
+ unlink (chat_script.c_str ());
stop_requested = true;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/modem-config.cc new/smpppd-1.59_SVN28/smpppd/modem-config.cc
--- old/smpppd-1.59_SVN16/smpppd/modem-config.cc 2008-01-31 16:46:15.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/modem-config.cc 2008-09-11 17:05:03.000000000 +0200
@@ -18,7 +18,7 @@
ModemConfig::ModemConfig ()
: ConnectionConfig (),
device (""),
- chat_script ("wvdial"),
+ chat_script (""),
dial_prefix_regex ("")
{
dprintf ("%s\n", __PRETTY_FUNCTION__);
@@ -148,7 +148,24 @@
return false;
}
- if (phone.empty () && chat_script == "wvdial") {
+ if (chat_script.empty()) {
+ if (access (_PATH_WVDIAL, X_OK) == 0) {
+ chat_script = "wvdial";
+ } else if (!stupidmode) {
+ *error_message = "stupidmode disabled but wvdial not available.";
+ return false;
+ } else if (compuserve) {
+ *error_message = "compuserve mode enabled but wvdial not available.";
+ return false;
+ } else if (access (_PATH_CHAT, X_OK) == 0) {
+ chat_script = "chat";
+ } else {
+ *error_message = "Configuration does not specify a chat script.";
+ return false;
+ }
+ }
+
+ if (phone.empty () && chat_script.substr(0,1) != "/") {
*error_message = "Configuration does not specify a phone number.";
return false;
}
@@ -186,19 +203,16 @@
config->push_back ("chat-script " + qap (chat_script));
- if (chat_script == "wvdial")
- {
- config->push_back ("phone " + qap (phone));
- config->push_back ("dial-command " + qap (dial_command));
- config->push_back ("dial-prefix " + qap (dial_prefix));
- config->push_back ("dial-prefix-regex " + qap (dial_prefix_regex));
- config->push_back ("stupid-mode " + tostring (stupidmode));
-
- for (int i = 0; i < 9; i++)
- if (!init_str[i].empty ())
- config->push_back ("init" + tostring (i + 1) +
- " " + qap (init_str[i]));
- }
+ config->push_back ("phone " + qap (phone));
+ config->push_back ("dial-command " + qap (dial_command));
+ config->push_back ("dial-prefix " + qap (dial_prefix));
+ config->push_back ("dial-prefix-regex " + qap (dial_prefix_regex));
+ config->push_back ("stupid-mode " + tostring (stupidmode));
+
+ for (int i = 0; i < 9; i++)
+ if (!init_str[i].empty ())
+ config->push_back ("init" + tostring (i + 1) +
+ " " + qap (init_str[i]));
config->push_back ("max-number-of-links 1");
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/modem.h new/smpppd-1.59_SVN28/smpppd/modem.h
--- old/smpppd-1.59_SVN16/smpppd/modem.h 2008-01-31 16:33:12.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/modem.h 2008-09-11 17:05:03.000000000 +0200
@@ -45,12 +45,13 @@
void analyse (const string&);
bool write_wvdial ();
+ bool write_chat ();
Process pppd;
Stream* pppd_log;
- // the filename used for the temporary wvdial config file
- string wvdial_conf;
+ // the filename used for the temporary wvdial config file/chat script
+ string chat_script;
Modem (const Modem&); // disallow
Modem& operator = (const Modem&); // disallow
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/server.cc new/smpppd-1.59_SVN28/smpppd/server.cc
--- old/smpppd-1.59_SVN16/smpppd/server.cc 2008-01-31 16:33:12.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/server.cc 2008-09-11 17:05:03.000000000 +0200
@@ -251,9 +251,9 @@
continue;
}
- if (line == "error: failed to authenticated") {
+ if (line.substr(0, 7) == "error: ") {
if (verbose)
- fprintf (stderr, "error: authentication at smpppd failed\n");
+ fprintf (stderr, "smpppd refused the connection: %s\n", line.substr(7).c_str());
return FAILURE;
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/smpppd.cc new/smpppd-1.59_SVN28/smpppd/smpppd.cc
--- old/smpppd-1.59_SVN16/smpppd/smpppd.cc 2008-01-31 16:46:15.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/smpppd.cc 2008-09-11 17:05:03.000000000 +0200
@@ -134,7 +134,7 @@
ifcfgs.push_back (tmp);
}
- system ("/usr/bin/killall -q -USR1 " _SMPPPD_IFCFG);
+ (void)system ("/usr/bin/killall -q -USR1 " _SMPPPD_IFCFG);
}
@@ -201,7 +201,7 @@
int fd = open (path, O_RDONLY);
if (fd == -1)
{
- printf ("open failed: %m\n");
+ dprintf ("open failed: %m\n");
return -1;
}
@@ -219,7 +219,7 @@
if (fcntl (fd, F_SETSIG, SIGRTMIN) != 0)
{
- printf ("fcntl failed: %m\n");
+ dprintf ("fcntl failed: %m\n");
close (fd);
return -1;
}
@@ -227,7 +227,7 @@
if (fcntl (fd, F_NOTIFY, DN_MULTISHOT | DN_CREATE | DN_MODIFY |
DN_DELETE | DN_RENAME) != 0)
{
- printf ("fcntl failed: %m\n");
+ dprintf ("fcntl failed: %m\n");
close (fd);
return -1;
}
@@ -252,10 +252,12 @@
}
-void
+static void
overview ()
{
#ifndef NDEBUG
+ if(debug_level < 3)
+ return;
printf ("overview:\n");
@@ -485,6 +487,154 @@
}
void
+handle_backend_connection(Ifcfg* cfg)
+{
+ struct sockaddr_in clientname;
+ socklen_t size = sizeof (sockaddr_in);
+ int status = accept (cfg->sockfd, (struct sockaddr*) &clientname,
+ &size);
+ if (status < 0) {
+ perror ("accept"); // FIXME
+ exit (EXIT_FAILURE);
+ }
+
+ fcntl (status, F_SETFD, fcntl (status, F_GETFD) | FD_CLOEXEC);
+
+ struct ucred cred;
+ socklen_t len = sizeof (cred);
+ if (getsockopt (status, SOL_SOCKET, SO_PEERCRED, &cred, &len) != 0) {
+ cred.uid = (uid_t)(-1);
+ syslog (LOG_NOTICE, "can't determine uid for connection on local backend socket %s: %m\n", cfg->ifcfg.c_str());
+ }
+
+ if (myconfig.debug)
+ syslog (LOG_INFO, "connected on local backend socket %s "
+ "from uid %d", cfg->ifcfg.c_str (), cred.uid);
+
+ dprintf ("connected on local backend socket %s from uid %d\n",
+ cfg->ifcfg.c_str (), cred.uid);
+
+ if (cfg->backend) // should not happen
+ delete cfg->backend;
+
+ cfg->backend = new Backend (status);
+}
+
+void
+handle_local_frontend_connection()
+{
+ struct sockaddr_in clientname;
+ socklen_t size = sizeof (sockaddr_in);
+ int status = accept (sockfd1, (struct sockaddr*) &clientname, &size);
+ if (status < 0) {
+ perror ("accept"); // FIXME
+ exit (EXIT_FAILURE);
+ }
+
+ fcntl (status, F_SETFD, fcntl (status, F_GETFD) | FD_CLOEXEC);
+
+ struct ucred cred;
+ socklen_t len = sizeof (cred);
+ if (getsockopt (status, SOL_SOCKET, SO_PEERCRED, &cred, &len) != 0) {
+ syslog (LOG_NOTICE, "can't determine uid for connection on local frontend socket: %m\n");
+ close(status);
+ return;
+ }
+
+ if (myconfig.debug)
+ syslog (LOG_INFO, "connected on local frontend socket from "
+ "uid %d", cred.uid);
+
+ dprintf ("connected on local frontend socket from uid %d\n",
+ cred.uid);
+
+#ifdef WITH_POLICYKIT
+ if(cred.uid) // root is always allowed
+ {
+ // TODO: find a way to do this asynchronously
+ Process polkit;
+
+ polkit << PACKAGE_LIB_DIR "/check-polkit-auth";
+ char uidstr[128];
+ snprintf(uidstr, sizeof(uidstr), "%u", cred.uid);
+ polkit << uidstr;
+ polkit << POLKIT_PRIV_CONNECT;
+
+ if(!polkit.start())
+ {
+ dprintf ("can't check for polkit authentication");
+ syslog (LOG_WARNING, "can't check for polkit authentication");
+ }
+
+ polkit.wait_for_dead();
+ if(!polkit.normal_exit() || polkit.exit_status() != 0)
+ {
+ const char err[] = "error: unprivileged, missing " POLKIT_PRIV_CONNECT " \r\n";
+ dprintf ("uid %d is not authenticated by PolicyKit\n", cred.uid);
+ syslog (LOG_NOTICE, "uid %d is not authenticated by PolicyKit (" POLKIT_PRIV_CONNECT ")\n", cred.uid);
+ write(status, err, sizeof(err));
+ close(status);
+ return;
+ }
+ }
+#endif
+
+ Frontend* tmp = new Frontend (status, clientname, uid2name (cred.uid));
+ tmp->have_default_route = frontends.check_default_route();
+ frontends.push_back (tmp);
+
+ tmp->authenticated = true;
+ tmp->write_line ("SuSE Meta pppd (smpppd), Version " VERSION);
+}
+
+void
+handle_remote_frontent_connection()
+{
+ struct sockaddr_in clientname;
+ socklen_t size = sizeof (sockaddr_in);
+ int status = accept (sockfd2, (struct sockaddr*) &clientname, &size);
+ if (status < 0) {
+ perror ("accept"); // FIXME
+ exit (EXIT_FAILURE);
+ }
+
+ fcntl (status, F_SETFD, fcntl (status, F_GETFD) | FD_CLOEXEC);
+
+ if (!allowed_host (&clientname))
+ {
+ close (status);
+
+ syslog (LOG_INFO, "refused connection from host %s",
+ inet_ntoa (clientname.sin_addr));
+
+ dprintf ("refused connection from host %s\n",
+ inet_ntoa (clientname.sin_addr));
+ }
+ else
+ {
+ syslog (LOG_INFO, "connected from host %s",
+ inet_ntoa (clientname.sin_addr));
+
+ dprintf ("connected from host %s\n",
+ inet_ntoa (clientname.sin_addr));
+
+ Frontend* tmp = new Frontend (status, clientname, "");
+ tmp->have_default_route = frontends.check_default_route();
+ frontends.push_back (tmp);
+
+ if (myconfig.password.empty ()) {
+ tmp->authenticated = true;
+ tmp->write_line ("SuSE Meta pppd (smpppd), Version " VERSION);
+ } else {
+ tmp->auth.make_challenge ();
+ tmp->authenticated = false;
+ tmp->write_line ("challenge = %s",
+ tmp->auth.get_challenge ().c_str ());
+ }
+ }
+}
+
+void
loop ()
{
overview ();
@@ -566,7 +716,7 @@
}
if (ret == 0) {
- dprintf ("timeout\n");
+ if (debug_level > 2) dprintf ("timeout\n");
timeout.tv_sec = 1;
timeout.tv_usec = 0;
overview ();
@@ -591,112 +741,18 @@
if (fdset.is_read (tmp1->sockfd))
{
- struct sockaddr_in clientname;
- socklen_t size = sizeof (sockaddr_in);
- int status = accept (tmp1->sockfd, (struct sockaddr*) &clientname,
- &size);
- if (status < 0) {
- perror ("accept"); // FIXME
- exit (EXIT_FAILURE);
- }
-
- fcntl (status, F_SETFD, fcntl (status, F_GETFD) | FD_CLOEXEC);
-
- struct ucred cred;
- socklen_t len = sizeof (cred);
- if (getsockopt (status, SOL_SOCKET, SO_PEERCRED, &cred, &len) != 0)
- cred.uid = (uid_t)(-1);
-
- if (myconfig.debug)
- syslog (LOG_INFO, "connected on local backend socket %s "
- "from uid %d", tmp1->ifcfg.c_str (), cred.uid);
-
- dprintf ("connected on local backend socket %s from uid %d\n",
- tmp1->ifcfg.c_str (), cred.uid);
-
- if (tmp1->backend) // should not happen
- delete tmp1->backend;
-
- tmp1->backend = new Backend (status);
+ handle_backend_connection(tmp1);
}
}
if (fdset.is_read (sockfd1))
{
- struct sockaddr_in clientname;
- socklen_t size = sizeof (sockaddr_in);
- int status = accept (sockfd1, (struct sockaddr*) &clientname, &size);
- if (status < 0) {
- perror ("accept"); // FIXME
- exit (EXIT_FAILURE);
- }
-
- fcntl (status, F_SETFD, fcntl (status, F_GETFD) | FD_CLOEXEC);
-
- struct ucred cred;
- socklen_t len = sizeof (cred);
- if (getsockopt (status, SOL_SOCKET, SO_PEERCRED, &cred, &len) != 0)
- cred.uid = (uid_t)(-1);
-
- if (myconfig.debug)
- syslog (LOG_INFO, "connected on local frontend socket from "
- "uid %d", cred.uid);
-
- dprintf ("connected on local frontend socket from uid %d\n",
- cred.uid);
-
- Frontend* tmp = new Frontend (status, clientname, uid2name (cred.uid));
- tmp->have_default_route = frontends.check_default_route();
- frontends.push_back (tmp);
-
- tmp->authenticated = true;
- tmp->write_line ("SuSE Meta pppd (smpppd), Version " VERSION);
+ handle_local_frontend_connection();
}
if (fdset.is_read (sockfd2))
{
- struct sockaddr_in clientname;
- socklen_t size = sizeof (sockaddr_in);
- int status = accept (sockfd2, (struct sockaddr*) &clientname, &size);
- if (status < 0) {
- perror ("accept"); // FIXME
- exit (EXIT_FAILURE);
- }
-
- fcntl (status, F_SETFD, fcntl (status, F_GETFD) | FD_CLOEXEC);
-
- if (!allowed_host (&clientname))
- {
- close (status);
-
- syslog (LOG_INFO, "refused connection from host %s",
- inet_ntoa (clientname.sin_addr));
-
- dprintf ("refused connection from host %s\n",
- inet_ntoa (clientname.sin_addr));
- }
- else
- {
- syslog (LOG_INFO, "connected from host %s",
- inet_ntoa (clientname.sin_addr));
-
- dprintf ("connected from host %s\n",
- inet_ntoa (clientname.sin_addr));
-
- Frontend* tmp = new Frontend (status, clientname, "");
- tmp->have_default_route = frontends.check_default_route();
- frontends.push_back (tmp);
-
- if (myconfig.password.empty ()) {
- tmp->authenticated = true;
- tmp->write_line ("SuSE Meta pppd (smpppd), Version " VERSION);
- } else {
- tmp->auth.make_challenge ();
- tmp->authenticated = false;
- tmp->write_line ("challenge = %s",
- tmp->auth.get_challenge ().c_str ());
- }
- }
+ handle_remote_frontent_connection();
}
/* Handle select for all backends and frontends. */
@@ -854,6 +910,7 @@
case 'd':
myconfig.debug = true;
+ ++debug_level;
break;
case 220:
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/smpppd-ifcfg.cc new/smpppd-1.59_SVN28/smpppd/smpppd-ifcfg.cc
--- old/smpppd-1.59_SVN16/smpppd/smpppd-ifcfg.cc 2008-01-31 16:33:12.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/smpppd-ifcfg.cc 2008-09-11 17:05:03.000000000 +0200
@@ -537,6 +537,7 @@
case 'd':
myconfig.debug = true;
+ ++debug_level;
break;
case 220:
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/utils.cc new/smpppd-1.59_SVN28/smpppd/utils.cc
--- old/smpppd-1.59_SVN16/smpppd/utils.cc 2008-01-31 16:46:15.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/utils.cc 2008-09-11 17:05:03.000000000 +0200
@@ -30,6 +30,7 @@
#include "utils.h"
#include "parse.h"
+int debug_level;
string
rmspaces (const string& in)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/smpppd-1.59_SVN16/smpppd/utils.h new/smpppd-1.59_SVN28/smpppd/utils.h
--- old/smpppd-1.59_SVN16/smpppd/utils.h 2008-01-31 16:46:15.000000000 +0100
+++ new/smpppd-1.59_SVN28/smpppd/utils.h 2008-09-11 17:05:03.000000000 +0200
@@ -20,8 +20,10 @@
using std::vector;
+extern int debug_level;
+
#ifndef NDEBUG
-# define dprintf(format,args...) do { printf (format, ##args); } while (0)
+# define dprintf(format,args...) do { if(debug_level) printf (format, ##args); } while (0)
#else
# define dprintf(format,args...) do { } while (0)
#endif
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org