apps/netutils/ppp: Make pppd PAP authentication optional. From Brennan Ashton

netutils/pppd/Kconfig

@@ -16,4 +16,11 @@ config NETUTILS_PPPD_STACKSIZE
 	int "PPP daemon stack stack size"
 	default 2048
 
+config NETUTILS_PPPD_PAP
+	bool "PPP PAP Authentication Support"
+	default n
+	---help---
+		Enable PAP Authentication for ppp connection, this requires
+		authentication credentials to be supplied.
+
 endif # NETUTILS_PPPD

netutils/pppd/Makefile

@@ -44,7 +44,10 @@ STACKSIZE = $(CONFIG_NETUTILS_PPPD_STACKSIZE)
 ASRCS =
 CSRCS =
 
-CSRCS += pppd.c chat.c ppp.c ahdlc.c lcp.c pap.c ipcp.c
+CSRCS += pppd.c chat.c ppp.c ahdlc.c lcp.c ipcp.c
+ifeq ($(CONFIG_NETUTILS_PPPD_PAP),y)
+CSRCS += pap.c
+endif
 
 AOBJS = $(ASRCS:.S=$(OBJEXT))
 COBJS = $(CSRCS:.c=$(OBJEXT))

netutils/pppd/lcp.c

@@ -195,6 +195,7 @@ void lcp_rx(struct ppp_context_s *ctx, u8_t *buffer, u16_t count)
                 }
               break;
 
+#ifdef CONFIG_NETUTILS_PPPD_PAP
             case LPC_AUTH:
               bptr++;
               if ((*bptr++ == 0xc0) && (*bptr++ == 0x23))
@@ -234,6 +235,7 @@ void lcp_rx(struct ppp_context_s *ctx, u8_t *buffer, u16_t count)
                   *tptr++ = 0x23;
                 }
               break;
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
 
             case LPC_MAGICNUMBER:
               DEBUG1(("<magic > "));

netutils/pppd/ppp.c

@@ -41,13 +41,18 @@
  * Included Files
  ****************************************************************************/
 
+#include <nuttx/config.h>
+
 #include "ppp_conf.h"
 #include "ppp_arch.h"
 #include "ppp.h"
 #include "ahdlc.h"
 #include "ipcp.h"
 #include "lcp.h"
+
+#ifdef CONFIG_NETUTILS_PPPD_PAP
 #include "pap.h"
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
 
 /****************************************************************************
  * Pre-processor Definitions
@@ -151,7 +156,9 @@ void ppp_init(struct ppp_context_s *ctx)
   ctx->ip_no_data_time = 0;
   ctx->ppp_id = 0;
 
+#ifdef CONFIG_NETUTILS_PPPD_PAP
   pap_init(ctx);
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
   ipcp_init(ctx);
   lcp_init(ctx);
 
@@ -239,7 +246,10 @@ void ppp_connect(struct ppp_context_s *ctx)
   /* Initialize PPP engine */
 
   /* init_ppp(); */
+
+#ifdef CONFIG_NETUTILS_PPPD_PAP
   pap_init(ctx);
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
   ipcp_init(ctx);
   lcp_init(ctx);
 
@@ -306,7 +316,7 @@ void ppp_poll(struct ppp_context_s *ctx)
   if ((ctx->lcp_state & LCP_TX_UP) && (ctx->lcp_state & LCP_RX_UP))
     {
       /* If LCP wants PAP, try to authenticate, else bring up IPCP */
-
+#ifdef CONFIG_NETUTILS_PPPD_PAP
       if ((ctx->lcp_state & LCP_RX_AUTH) && (!(ctx->pap_state & PAP_TX_UP)))
         {
           pap_task(ctx, ctx->ip_buf);
@@ -315,12 +325,32 @@ void ppp_poll(struct ppp_context_s *ctx)
         {
           ipcp_task(ctx, ctx->ip_buf);
         }
+#else
+      if (ctx->lcp_state & LCP_RX_AUTH)
+        {
+          /* lcp is asking for authentication but we do not support this.
+           * This should be communicated upstream but we do not have an
+           * interface for that right now, so just ignore it; nothing can be
+           * done.  This also should not have been hit because upcall does
+           * not know about the pap message type.
+           */
+
+          DEBUG1(("Asking for PAP, but we do not know PAP\n"));
+        }
+      else
+        {
+          ipcp_task(ctx, ctx->ip_buf);
+        }
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
     }
 }
 
 /****************************************************************************
- * ppp_upcall() - this is where valid PPP frames from the ahdlc layer are
- *    sent to be processed and demuxed.
+ * Name: ppp_upcall
+ *
+ * Description:
+ *   This is where valid PPP frames from the ahdlc layer are sent to be
+ *   processed and demuxed.
  *
  ****************************************************************************/
 
@@ -348,11 +378,13 @@ void ppp_upcall(struct ppp_context_s *ctx, u16_t protocol, u8_t *buffer, u16_t l
         DEBUG1(("\n"));
         break;
 
+#ifdef CONFIG_NETUTILS_PPPD_PAP
       case PAP:  /* PAP should be compile in optional */
         DEBUG1(("PAP Packet - "));
         pap_rx(ctx, buffer, len);
         DEBUG1(("\n"));
         break;
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
 
       case IPCP: /* IPCP should be compile in optional. */
         DEBUG1(("IPCP Packet - "));

netutils/pppd/ppp.h

@@ -45,13 +45,18 @@
  * Included Files
  ****************************************************************************/
 
+#include <nuttx/config.h>
+
 #include "ppp_conf.h"
 #include "ahdlc.h"
 #include "lcp.h"
 #include "ipcp.h"
-#include "pap.h"
 #include "ppp_arch.h"
 
+#ifdef CONFIG_NETUTILS_PPPD_PAP
+#include "pap.h"
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
+
 /****************************************************************************
  * Pre-processor Definitions
  ****************************************************************************/
@@ -97,8 +102,10 @@
 #define USE_NOACCMBUG       0x2
 #define USE_GETDNS          0x4
 
+#ifdef CONFIG_NETUTILS_PPPD_PAP
 #define ppp_setusername(un) strncpy(pap_username, (un), PAP_USERNAME_SIZE)
 #define ppp_setpassword(pw) strncpy(pap_password, (pw), PAP_PASSWORD_SIZE)
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
 
 /****************************************************************************
  * Public Types
@@ -153,6 +160,7 @@ struct ppp_context_s
   u8_t   lcp_retry;
   time_t lcp_prev_seconds;
 
+#ifdef CONFIG_NETUTILS_PPPD_PAP
   /* PAP */
 
   u8_t   pap_username[PAP_USERNAME_SIZE];
@@ -160,6 +168,7 @@ struct ppp_context_s
   u8_t   pap_state;
   u8_t   pap_retry;
   time_t pap_prev_seconds;
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
 
   /* IPCP */
 

netutils/pppd/pppd.c

@@ -110,12 +110,12 @@ static int make_nonblock(int fd)
 {
   int flags;
 
-  if( (flags = fcntl(fd, F_GETFL, 0)) < 0) 
+  if ((flags = fcntl(fd, F_GETFL, 0)) < 0)
     {
       return flags;
     }
 
-  if( (flags = fcntl(fd, F_SETFL, flags | O_NONBLOCK)) < 0 )
+  if ((flags = fcntl(fd, F_SETFL, flags | O_NONBLOCK)) < 0)
     {
       return flags;
     }
@@ -132,7 +132,7 @@ static int tun_alloc(char *dev)
   struct ifreq ifr;
   int fd, err;
 
-  if( (fd = open("/dev/tun", O_RDWR)) < 0 )
+  if ((fd = open("/dev/tun", O_RDWR)) < 0)
       return fd;
 
   printf("tun fd:%i\n", fd);
@@ -145,12 +145,12 @@ static int tun_alloc(char *dev)
 
   memset(&ifr, 0, sizeof(ifr));
   ifr.ifr_flags = IFF_TUN;
-  if( *dev )
+  if (*dev)
     {
       strncpy(ifr.ifr_name, dev, IFNAMSIZ);
     }
 
-  if( (err = ioctl(fd, TUNSETIFF, (unsigned long)&ifr)) < 0 ) 
+  if ((err = ioctl(fd, TUNSETIFF, (unsigned long)&ifr)) < 0)
     {
       close(fd);
       return err;
@@ -170,7 +170,7 @@ static int open_tty(char *dev)
   int fd;
   int err;
 
-  if( (fd = open(dev, O_RDWR)) < 0 )
+  if ((fd = open(dev, O_RDWR)) < 0)
       return fd;
 
   if ((err = make_nonblock(fd)) < 0)
@@ -194,17 +194,20 @@ static u8_t ppp_check_errors(struct ppp_context_s *ctx)
 
   /* Check Errors */
 
-  if(ctx->lcp_state & (LCP_TX_TIMEOUT | LCP_RX_TIMEOUT | LCP_TERM_PEER))
+  if (ctx->lcp_state & (LCP_TX_TIMEOUT | LCP_RX_TIMEOUT | LCP_TERM_PEER))
     {
       ret = 1;
     }
 
-  if(ctx->pap_state & (PAP_TX_AUTH_FAIL | PAP_RX_AUTH_FAIL | PAP_TX_TIMEOUT | PAP_RX_TIMEOUT))
+#ifdef CONFIG_NETUTILS_PPPD_PAP
+  if (ctx->pap_state & (PAP_TX_AUTH_FAIL | PAP_RX_AUTH_FAIL |
+                        PAP_TX_TIMEOUT | PAP_RX_TIMEOUT))
     {
       ret = 2;
     }
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
 
-  if(ctx->ipcp_state & (IPCP_TX_TIMEOUT))
+  if (ctx->ipcp_state & (IPCP_TX_TIMEOUT))
     {
       ret = 3;
     }
@@ -342,8 +345,11 @@ int pppd_main(int argc, char **argv)
   ctx = (struct ppp_context_s*)malloc(sizeof(struct ppp_context_s));
   memset(ctx, 0, sizeof(struct ppp_context_s));
 
+#ifdef CONFIG_NETUTILS_PPPD_PAP
   strcpy((char*)ctx->pap_username, PAP_USERNAME);
   strcpy((char*)ctx->pap_password, PAP_PASSWORD);
+#endif /* CONFIG_NETUTILS_PPPD_PAP */
+
   strcpy((char*)ctx->ifname, "ppp%d");
   strcpy((char*)ctx->ttyname, "/dev/ttyS2");