2c605ba1f1
This fixes: CVE-2014-3158 and some other bugs. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 42525
97 lines
3.2 KiB
Diff
97 lines
3.2 KiB
Diff
pppd: Allow specifying ip-up and ip-down scripts
|
|
|
|
This patch implements the "ip-up-script" and "ip-down-script" options which
|
|
allow to specify the path of the ip-up and ip-down scripts to call.
|
|
|
|
These options default to _PATH_IPUP and _PATH_IPDOWN to retain the
|
|
existing behaviour.
|
|
|
|
The patch originated from the Debian project.
|
|
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
|
|
--- a/pppd/ipcp.c
|
|
+++ b/pppd/ipcp.c
|
|
@@ -1958,7 +1958,7 @@ ipcp_up(f)
|
|
*/
|
|
if (ipcp_script_state == s_down && ipcp_script_pid == 0) {
|
|
ipcp_script_state = s_up;
|
|
- ipcp_script(_PATH_IPUP, 0);
|
|
+ ipcp_script(path_ipup, 0);
|
|
}
|
|
}
|
|
|
|
@@ -2008,7 +2008,7 @@ ipcp_down(f)
|
|
/* Execute the ip-down script */
|
|
if (ipcp_script_state == s_up && ipcp_script_pid == 0) {
|
|
ipcp_script_state = s_down;
|
|
- ipcp_script(_PATH_IPDOWN, 0);
|
|
+ ipcp_script(path_ipdown, 0);
|
|
}
|
|
}
|
|
|
|
@@ -2062,13 +2062,13 @@ ipcp_script_done(arg)
|
|
case s_up:
|
|
if (ipcp_fsm[0].state != OPENED) {
|
|
ipcp_script_state = s_down;
|
|
- ipcp_script(_PATH_IPDOWN, 0);
|
|
+ ipcp_script(path_ipdown, 0);
|
|
}
|
|
break;
|
|
case s_down:
|
|
if (ipcp_fsm[0].state == OPENED) {
|
|
ipcp_script_state = s_up;
|
|
- ipcp_script(_PATH_IPUP, 0);
|
|
+ ipcp_script(path_ipup, 0);
|
|
}
|
|
break;
|
|
}
|
|
--- a/pppd/main.c
|
|
+++ b/pppd/main.c
|
|
@@ -316,6 +316,9 @@ main(argc, argv)
|
|
struct protent *protp;
|
|
char numbuf[16];
|
|
|
|
+ strlcpy(path_ipup, _PATH_IPUP, sizeof(path_ipup));
|
|
+ strlcpy(path_ipdown, _PATH_IPDOWN, sizeof(path_ipdown));
|
|
+
|
|
link_stats_valid = 0;
|
|
new_phase(PHASE_INITIALIZE);
|
|
|
|
--- a/pppd/options.c
|
|
+++ b/pppd/options.c
|
|
@@ -114,6 +114,8 @@ char linkname[MAXPATHLEN]; /* logical na
|
|
bool tune_kernel; /* may alter kernel settings */
|
|
int connect_delay = 1000; /* wait this many ms after connect script */
|
|
int req_unit = -1; /* requested interface unit */
|
|
+char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
|
|
+char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */
|
|
bool multilink = 0; /* Enable multilink operation */
|
|
char *bundle_name = NULL; /* bundle name for multilink */
|
|
bool dump_options; /* print out option values */
|
|
@@ -299,6 +301,13 @@ option_t general_options[] = {
|
|
"Unset user environment variable",
|
|
OPT_A2PRINTER | OPT_NOPRINT, (void *)user_unsetprint },
|
|
|
|
+ { "ip-up-script", o_string, path_ipup,
|
|
+ "Set pathname of ip-up script",
|
|
+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
|
|
+ { "ip-down-script", o_string, path_ipdown,
|
|
+ "Set pathname of ip-down script",
|
|
+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
|
|
+
|
|
#ifdef HAVE_MULTILINK
|
|
{ "multilink", o_bool, &multilink,
|
|
"Enable multilink operation", OPT_PRIO | 1 },
|
|
--- a/pppd/pppd.h
|
|
+++ b/pppd/pppd.h
|
|
@@ -318,6 +318,8 @@ extern bool tune_kernel; /* May alter ke
|
|
extern int connect_delay; /* Time to delay after connect script */
|
|
extern int max_data_rate; /* max bytes/sec through charshunt */
|
|
extern int req_unit; /* interface unit number to use */
|
|
+extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
|
|
+extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
|
|
extern bool multilink; /* enable multilink operation */
|
|
extern bool noendpoint; /* don't send or accept endpt. discrim. */
|
|
extern char *bundle_name; /* bundle name for multilink */
|