ALT Linux Bugzilla
– Attachment 2467 Details for
Bug 14649
ppptp & pppoe with equals logins
New bug
|
Search
|
[?]
|
Help
Register
|
Log In
[x]
|
Forgot Password
Login:
[x]
|
EN
|
RU
[patch]
alterator-ppp: don't use global chap-secrets
alterator-local_pw.patch (text/plain), 4.04 KB, created by
Konstantin Uvarin (lodin)
on 2008-03-02 21:20:56 MSK
(
hide
)
Description:
alterator-ppp: don't use global chap-secrets
Filename:
MIME Type:
Creator:
Konstantin Uvarin (lodin)
Created:
2008-03-02 21:20:56 MSK
Size:
4.04 KB
patch
obsolete
>diff -ur backend3.orig/net-pppoe backend3/net-pppoe >--- backend3.orig/net-pppoe 2008-03-02 21:04:00 +0300 >+++ backend3/net-pppoe 2008-03-02 21:04:00 +0300 >@@ -1,7 +1,7 @@ > #!/bin/sh -ef > > PATH=/usr/lib/alterator-net-common:$PATH >-chapfile=/etc/ppp/chap-secrets >+# chapfile=/etc/ppp/chap-secrets > > ################### shell file helpers > >@@ -79,12 +79,15 @@ > > if [ -n "$in_login" ] ;then > sed -r "s,^user[[:space:]].*,user $in_login," -i "$name/pppoptions" >- sed -r "s,^$prev_login[[:space:]]*,$in_login ," -i "$chapfile" >+ # sed -r "s,^$prev_login[[:space:]]*,$in_login ," -i "$chapfile" > prev_login="$in_login" > fi > if [ -n "$in_password" ]; then > in_password=$(echo "$in_password"|sed -e 's/["]/\\\\&/g') >- sed -r "s,^$prev_login[[:space:]].*,$prev_login * \"$in_password\" *," -i "$chapfile" >+ sed -r "s,^password[[:space:]].*,password $in_password," -i "$name/pppoptions" >+ ### WARNING deny users from reading the password >+ chmod o-rw "$name/pppoptions" >+ # sed -r "s,^$prev_login[[:space:]].*,$prev_login * \"$in_password\" *," -i "$chapfile" > fi > > ifdown "$1" && ifup "$1" >@@ -92,7 +95,7 @@ > > new_iface() > { >- grep -qs "^$in_login[[:space:]]" "$chapfile" && return 1 >+ # grep -qs "^$in_login[[:space:]]" "$chapfile" && return 1 > > local name="/etc/net/ifaces/$1" > in_password=$(echo "$in_password"|sed -e 's/["]/\\\\&/g') >@@ -105,8 +108,12 @@ > shell_add_or_subst "PPPMAXFAIL=" "0" "$name/options" > > shell_add_or_subst "user " "$in_login" "$name/pppoptions" >+ shell_add_or_subst "password " "$in_password" "$name/pppoptions" >+ ### WARNING deny users from reading the password >+ chmod o-rw "$name/pppoptions" >+ > >- echo "$in_login * \"$in_password\" *" >>"$chapfile" >+ # echo "$in_login * \"$in_password\" *" >>"$chapfile" > > ifup "$1" > return 0 >@@ -119,7 +126,7 @@ > local name="/etc/net/ifaces/$1" > local prev_login="$(grep '^user' "$name/pppoptions"|sed -r 's,user[[:space:]]*,,')" > >- sed -r "/^$prev_login[[:space:]]/ d" -i "$chapfile" >+ # sed -r "/^$prev_login[[:space:]]/ d" -i "$chapfile" > rm -rf "$name" > > ifdown "$1" >diff -ur backend3.orig/net-pptp backend3/net-pptp >--- backend3.orig/net-pptp 2008-03-02 21:04:00 +0300 >+++ backend3/net-pptp 2008-03-02 21:04:00 +0300 >@@ -1,7 +1,7 @@ > #!/bin/sh -ef > > PATH=/usr/lib/alterator-net-common:$PATH >-chapfile=/etc/ppp/chap-secrets >+# chapfile=/etc/ppp/chap-secrets > > ################### shell file helpers > >@@ -86,12 +86,15 @@ > > if [ -n "$in_login" ] ;then > sed -r "s,^user[[:space:]].*,user $in_login," -i "$name/pppoptions" >- sed -r "s,^$prev_login[[:space:]]*,$in_login ," -i "$chapfile" >+ # sed -r "s,^$prev_login[[:space:]]*,$in_login ," -i "$chapfile" > prev_login="$in_login" > fi > if [ -n "$in_password" ]; then > in_password=$(echo "$in_password"|sed -e 's/["]/\\\\&/g') >- sed -r "s,^$prev_login[[:space:]].*,$prev_login * \"$in_password\" *," -i "$chapfile" >+ sed -r "s,^password[[:space:]].*,password $in_password," -i "$name/pppoptions" >+ ### WARNING deny users from reading the password >+ chmod o-rw "$name/pppoptions" >+ # sed -r "s,^$prev_login[[:space:]].*,$prev_login * \"$in_password\" *," -i "$chapfile" > fi > > ifdown "$1" && ifup "$1" >@@ -99,7 +102,7 @@ > > new_iface() > { >- grep -qs "^$in_login[[:space:]]" "$chapfile" && return 1 >+ # grep -qs "^$in_login[[:space:]]" "$chapfile" && return 1 > > local name="/etc/net/ifaces/$1" > in_password=$(echo "$in_password"|sed -e 's/["]/\\\\&/g') >@@ -111,8 +114,12 @@ > shell_add_or_subst "REQUIRES=" "$in_iface" "$name/options" > > shell_add_or_subst "user " "$in_login" "$name/pppoptions" >+ shell_add_or_subst "password " "$in_password" "$name/pppoptions" >+ ### WARNING deny users from reading the password >+ chmod o-rw "$name/pppoptions" >+ > >- echo "$in_login * \"$in_password\" *" >>"$chapfile" >+ # echo "$in_login * \"$in_password\" *" >>"$chapfile" > > ifup "$1" > return 0 >@@ -125,7 +132,7 @@ > local name="/etc/net/ifaces/$1" > local prev_login="$(grep '^user' "$name/pppoptions"|sed -r 's,user[[:space:]]*,,')" > >- sed -r "/^$prev_login[[:space:]]/ d" -i "$chapfile" >+ # sed -r "/^$prev_login[[:space:]]/ d" -i "$chapfile" > rm -rf "$name" > > ifdown "$1"
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2467">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 14649
:
2462
|
2467
|
2468
|
2469
