diff options
author | brian <brian@cvs.openbsd.org> | 1999-02-02 09:50:15 +0000 |
---|---|---|
committer | brian <brian@cvs.openbsd.org> | 1999-02-02 09:50:15 +0000 |
commit | 3dc1e332490e1885d11db015f7590e24d1d13cce (patch) | |
tree | 6b5aff620ef0b8750f2e8ec1b954439ad46dedfe | |
parent | 8f7962e5585d0667e0bc8b393c35dc7a7d887bca (diff) |
Don't allow root to specify non-existent labels on
the command line.
Revise the error diagnostics so that invalid labels
are reported immediately.
-rw-r--r-- | usr.sbin/ppp/ppp/main.c | 9 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/systems.c | 43 |
2 files changed, 29 insertions, 23 deletions
diff --git a/usr.sbin/ppp/ppp/main.c b/usr.sbin/ppp/ppp/main.c index 3f4e0c7f864..33035015734 100644 --- a/usr.sbin/ppp/ppp/main.c +++ b/usr.sbin/ppp/ppp/main.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: main.c,v 1.6 1999/01/25 10:33:32 brian Exp $ + * $Id: main.c,v 1.7 1999/02/02 09:50:14 brian Exp $ * * TODO: */ @@ -236,7 +236,6 @@ CheckLabel(const char *label, struct prompt *prompt, int mode) const char *err; if ((err = system_IsValid(label, prompt, mode)) != NULL) { - fprintf(stderr, "You may not use ppp in this mode with this label\n"); fprintf(stderr, "%s: %s\n", label, err); if (mode == PHYS_DIRECT) log_Printf(LogWARN, "Label %s rejected -direct connection: %s\n", @@ -294,10 +293,8 @@ main(int argc, char **argv) /* Allow output for the moment (except in direct mode) */ if (mode == PHYS_DIRECT) prompt = NULL; - else { + else SignalPrompt = prompt = prompt_Create(NULL, NULL, PROMPT_STD); - prompt_Printf(prompt, "Working in %s mode\n", mode2Nam(mode)); - } ID0init(); if (ID0realuid() != 0) { @@ -322,6 +319,8 @@ main(int argc, char **argv) else CheckLabel("default", prompt, mode); + prompt_Printf(prompt, "Working in %s mode\n", mode2Nam(mode)); + if ((bundle = bundle_Create(TUN_PREFIX, mode, (const char **)argv)) == NULL) { log_Printf(LogWARN, "bundle_Create: %s\n", strerror(errno)); return EX_START; diff --git a/usr.sbin/ppp/ppp/systems.c b/usr.sbin/ppp/ppp/systems.c index f3516b14b6e..f64740e2d64 100644 --- a/usr.sbin/ppp/ppp/systems.c +++ b/usr.sbin/ppp/ppp/systems.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: systems.c,v 1.3 1998/10/31 17:38:51 brian Exp $ + * $Id: systems.c,v 1.4 1999/02/02 09:50:14 brian Exp $ * * TODO: */ @@ -244,9 +244,14 @@ xgets(char *buf, int buflen, FILE *fp) return n; } +/* Values for ``how'' in ReadSystem */ +#define SYSTEM_EXISTS 1 +#define SYSTEM_VALIDATE 2 +#define SYSTEM_EXEC 3 + static int ReadSystem(struct bundle *bundle, const char *name, const char *file, - int doexec, struct prompt *prompt, struct datalink *cx) + struct prompt *prompt, struct datalink *cx, int how) { FILE *fp; char *cp, *wp; @@ -287,7 +292,7 @@ ReadSystem(struct bundle *bundle, const char *name, const char *file, switch (DecodeCtrlCommand(cp+1, arg)) { case CTRL_INCLUDE: log_Printf(LogCOMMAND, "%s: Including \"%s\"\n", filename, arg); - n = ReadSystem(bundle, name, arg, doexec, prompt, cx); + n = ReadSystem(bundle, name, arg, prompt, cx, how); log_Printf(LogCOMMAND, "%s: Done include of \"%s\"\n", filename, arg); if (!n) return 0; /* got it */ @@ -310,6 +315,8 @@ ReadSystem(struct bundle *bundle, const char *name, const char *file, if (strcmp(cp, name) == 0) { /* We're in business */ + if (how == SYSTEM_EXISTS) + return 0; while ((n = xgets(line, sizeof line, fp))) { linenum += n; indent = issep(*line); @@ -320,7 +327,7 @@ ReadSystem(struct bundle *bundle, const char *name, const char *file, if (!indent) { /* start of next section */ wp = strchr(cp, ':'); - if (doexec && (wp == NULL || wp[1] != '\0')) + if ((how == SYSTEM_EXEC) && (wp == NULL || wp[1] != '\0')) log_Printf(LogWARN, "Unindented command (%s line %d) - ignored\n", filename, linenum); break; @@ -329,7 +336,8 @@ ReadSystem(struct bundle *bundle, const char *name, const char *file, len = strlen(cp); argc = command_Interpret(cp, len, argv); allowcmd = argc > 0 && !strcasecmp(argv[0], "allow"); - if ((!doexec && allowcmd) || (doexec && !allowcmd)) + if ((!(how == SYSTEM_EXEC) && allowcmd) || + ((how == SYSTEM_EXEC) && !allowcmd)) command_Run(bundle, argc, (char const *const *)argv, prompt, name, cx); } @@ -351,29 +359,28 @@ system_IsValid(const char *name, struct prompt *prompt, int mode) * Note: The ReadSystem() calls only result in calls to the Allow* * functions. arg->bundle will be set to NULL for these commands ! */ - int def; - - if (ID0realuid() == 0) { - userok = modeok = 1; - return NULL; - } + int def, how; def = !strcmp(name, "default"); + how = ID0realuid() == 0 ? SYSTEM_EXISTS : SYSTEM_VALIDATE; userok = 0; modeok = 1; modereq = mode; - if (ReadSystem(NULL, "default", CONFFILE, 0, prompt, NULL) != 0 && def) - return "System not found"; + if (ReadSystem(NULL, "default", CONFFILE, prompt, NULL, how) != 0 && def) + return "Configuration label not found"; + + if (!def && ReadSystem(NULL, name, CONFFILE, prompt, NULL, how) != 0) + return "Configuration label not found"; - if (!def && ReadSystem(NULL, name, CONFFILE, 0, prompt, NULL) != 0) - return "System not found"; + if (how == SYSTEM_EXISTS) + userok = modeok = 1; if (!userok) - return "Invalid user id"; + return "User access denied"; if (!modeok) - return "Invalid mode"; + return "Mode denied for this label"; return NULL; } @@ -384,5 +391,5 @@ system_Select(struct bundle *bundle, const char *name, const char *file, { userok = modeok = 1; modereq = PHYS_ALL; - return ReadSystem(bundle, name, file, 1, prompt, cx); + return ReadSystem(bundle, name, file, prompt, cx, SYSTEM_EXEC); } |