aboutsummaryrefslogtreecommitdiffstats
path: root/sbin/spppcontrol
diff options
context:
space:
mode:
authorJoerg Wunsch <joerg@FreeBSD.org>1997-10-11 11:30:30 +0000
committerJoerg Wunsch <joerg@FreeBSD.org>1997-10-11 11:30:30 +0000
commitbb37355e3c1529a1966230c75bc0eddab840bb45 (patch)
tree670a74d7882ba27dcdce51539fbac02c2bbcc7be /sbin/spppcontrol
parent1cec8ce72a0fc2864fa478b4b96e3542ee2df51b (diff)
downloadsrc-bb37355e3c1529a1966230c75bc0eddab840bb45.tar.gz
src-bb37355e3c1529a1966230c75bc0eddab840bb45.zip
The spppcontrol(8) utility that is required to set or display things
like PAP and CHAP secrets with sppp(4). This is the first utility using the new SIOC[SG]IFGENERIC ioctls (and the reason for inventing them in the first place).
Notes
Notes: svn path=/cvs2svn/branches/JOERG/; revision=30302
Diffstat (limited to 'sbin/spppcontrol')
-rw-r--r--sbin/spppcontrol/Makefile3
-rw-r--r--sbin/spppcontrol/spppcontrol.1227
-rw-r--r--sbin/spppcontrol/spppcontrol.8227
-rw-r--r--sbin/spppcontrol/spppcontrol.c241
4 files changed, 698 insertions, 0 deletions
diff --git a/sbin/spppcontrol/Makefile b/sbin/spppcontrol/Makefile
new file mode 100644
index 000000000000..3909d3d58f1d
--- /dev/null
+++ b/sbin/spppcontrol/Makefile
@@ -0,0 +1,3 @@
+PROG= spppcontrol
+
+.include <bsd.prog.mk>
diff --git a/sbin/spppcontrol/spppcontrol.1 b/sbin/spppcontrol/spppcontrol.1
new file mode 100644
index 000000000000..24b2122f25c4
--- /dev/null
+++ b/sbin/spppcontrol/spppcontrol.1
@@ -0,0 +1,227 @@
+.\" Copyright (C) 1997 by Joerg Wunsch, Dresden
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS
+.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT,
+.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.Dd October 11, 1997
+.Os
+.Dt SPPPCONTROL 8
+.Sh NAME
+.Nm spppcontrol
+.Nd display or set parameters for an sppp interface
+.Sh SYNOPSIS
+.Nm
+.Op Fl v
+.Ar ifname
+.Op Ar parameter Ns Op \&= Ns Ar value
+.Op Ar ...
+.Sh DESCRIPTION
+The
+.Xr sppp 4
+driver might require a number of additional arguments or optional
+parameters besides the settings that can be adjusted with
+.Xr ifconfig 8 .
+These are things like authentication protocol parameters, but also
+other tunable configuration variables. The
+.Nm
+utility can be used to display the current settings, or adjust these
+parameters as required.
+.Pp
+For whatever intent
+.Nm
+is being called, at least the parameter
+.Ar ifname
+needs to be specified, naming the interface for which the settings
+are to be performed or displayed. Use
+.Xr ifconfig 8 ,
+or
+.Xr netstat 1
+to see which interfaces are available.
+.Pp
+If no other parameter is given,
+.Nm
+will just list the current settings for
+.Ar ifname
+and exit. The reported settings include the current PPP phase the
+interface is in, which can be one of the names
+.Em dead ,
+.Em establish ,
+.Em authenticate ,
+.Em network ,
+or
+.Em terminate .
+If an authentication protocol is configured for the interface, the
+name of the protocol to be used, as well as the system name to be used
+or expected will be displayed, plus any possible options to the
+authentication protocol if applicable. Note that the authentication
+secrets (sometimes also called
+.Em keys )
+are not being returned by the underlying system call, and are thus not
+displayed.
+.Pp
+If any additional parameter is supplied, superuser privileges are
+required, and the command works in
+.Ql set
+mode. This is normally done quietly, unless the option
+.Fl v
+is also enabled, which will cause a final printout of the settings as
+described above once all other actions have been taken. Use of this
+mode will be rejected if the interface is currently in any other phase
+than
+.Em dead .
+Note that you can force an interface into
+.Em dead
+phase by calling
+.Xr ifconfig 8
+with the parameter
+.Ql down .
+.Pp
+The currently supported parameters include:
+.Bl -tag -offset indent -width indent
+.It Ar authproto Ns \&= Ns Em protoname
+Set both, his and my authentication protocol to
+.Em protoname .
+The protocol name can be one of
+.Ql chap ,
+.Ql pap ,
+or
+.Ql none .
+In the latter case, the use of an authentication protocol will be
+turned off for the named interface. This has the side-effect of
+clearing the other authentication-related parameters for this
+interface as well (i. e., system name and authentication secret will
+be forgotten).
+.It Ar myauthproto Ns \&= Ns Em protoname
+Same as above, but only for my end of the link. I. e., this is the
+protocol when remote is authenticator, and I am the peer required to
+authenticate.
+.It Ar hisauthproto Ns \&= Ns Em protoname
+Same as above, but only for his end of the link.
+.It Ar myauthname Ns \&= Ns Em name
+Set my system name for the authentication protocol.
+.It Ar hisauthname Ns \&= Ns Em name
+Set his system name for the authentication protocol. For CHAP, this
+will only be used as a hint, causing a warning message if remote did
+supply a different name. For PAP, it's the name remote must use to
+authenticate himself (in connection with his secret).
+.It Ar myauthsecret Ns \&= Ns Em secret
+Set my secret (key, password) for use in the authentication phase.
+For CHAP, this will be used to compute the response hash value, based
+on remote's challenge. For PAP, it will be transmitted as plaintext
+together with the system name. Don't forget to quote the secrets from
+the shell if they contain shell metacharacters (or white space).
+.It Ar myauthkey Ns \&= Ns Em secret
+Same as above.
+.It Ar hisauthsecret Ns \&= Ns Em secret
+Same as above, to be used if we are authenticator and the remote peer
+needs to authenticate.
+.It Ar hisauthkey Ns \&= Ns Em secret
+Same as above.
+.It Ar callin
+Require remote to authenticate himself only when he's calling in, but
+not when we are caller. This is required for some peers that do not
+implement the authentication protocols symmetrically (like Ascend
+routers, for example).
+.It Ar always
+The opposite of
+.Ar callin .
+Require remote to always authenticate, regardless of which side is
+placing the call. This is the default, and will not be explicitly
+displayed in
+.Ql list
+mode.
+.It Ar norechallenge
+Only meaningful with CHAP. Do not re-challenge peer once the initial
+CHAP handshake was successful. Used to work around broken peer
+implementations that can't grok being re-challenged once the
+connection is up.
+.It Ar rechallenge
+With CHAP, send re-challenges at random intervals while the connection
+is in network phase. (The intervals are currently in the range of 300
+through approximately 800 seconds.) This is the default, and will not
+be explicitly displayed in
+.Ql list
+mode.
+.El
+.Sh EXAMPLES
+.Bd -literal
+# spppcontrol bppp0
+bppp0: phase=dead
+ myauthproto=chap myauthname="uriah"
+ hisauthproto=chap hisauthname="ifb-gw" norechallenge
+.Ed
+.Pp
+Display the settings for bppp0. The interface is currently in
+.Em dead
+phase, i. e. the LCP layer is down, and no traffic is possible. Both
+ends of the connection use the CHAP protocol, my end tells remote the
+system name
+.Ql uriah ,
+and remote is expected to authenticate by the name
+.Ql ifb-gw .
+Once the initial CHAP handshake was successful, no further CHAP
+challenges will be transmitted. There are supposedly some known CHAP
+secrets for both ends of the link which are not being shown.
+.Pp
+.Bd -literal
+# spppcontrol bppp0 \e
+ authproto=chap \e
+ myauthname=uriah myauthsecret='some secret' \e
+ hisauthname=ifb-gw hisauthsecret='another' \e
+ norechallenge
+.Ed
+.Pp
+A possible call to
+.Nm
+that could have been used to bring the interface into the state shown
+by the previous example.
+.Sh SEE ALSO
+.Xr netstat 1 ,
+.Xr sppp 4 ,
+.Xr ifconfig 8
+.Rs
+.%A B. Lloyd, W. Simpson
+.%T "PPP Authentication Protocols"
+.%O RFC 1334
+.Re
+.Rs
+.%A W. Simpson, Editor
+.%T "The Point-to-Point Protocol (PPP)"
+.%O RFC 1661
+.Re
+.Rs
+.%A W. Simpson
+.%T "PPP Challenge Handshake Authentication Protocol (CHAP)"
+.%O RFC 1994
+.Re
+.Sh HISTORY
+The
+.Nm
+utility appeared in
+.Fx 3.0 .
+.Sh AUTHOR
+The program was written by
+.ie t J\(:org Wunsch,
+.el Joerg Wunsch,
+Dresden.
diff --git a/sbin/spppcontrol/spppcontrol.8 b/sbin/spppcontrol/spppcontrol.8
new file mode 100644
index 000000000000..24b2122f25c4
--- /dev/null
+++ b/sbin/spppcontrol/spppcontrol.8
@@ -0,0 +1,227 @@
+.\" Copyright (C) 1997 by Joerg Wunsch, Dresden
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS
+.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT,
+.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.Dd October 11, 1997
+.Os
+.Dt SPPPCONTROL 8
+.Sh NAME
+.Nm spppcontrol
+.Nd display or set parameters for an sppp interface
+.Sh SYNOPSIS
+.Nm
+.Op Fl v
+.Ar ifname
+.Op Ar parameter Ns Op \&= Ns Ar value
+.Op Ar ...
+.Sh DESCRIPTION
+The
+.Xr sppp 4
+driver might require a number of additional arguments or optional
+parameters besides the settings that can be adjusted with
+.Xr ifconfig 8 .
+These are things like authentication protocol parameters, but also
+other tunable configuration variables. The
+.Nm
+utility can be used to display the current settings, or adjust these
+parameters as required.
+.Pp
+For whatever intent
+.Nm
+is being called, at least the parameter
+.Ar ifname
+needs to be specified, naming the interface for which the settings
+are to be performed or displayed. Use
+.Xr ifconfig 8 ,
+or
+.Xr netstat 1
+to see which interfaces are available.
+.Pp
+If no other parameter is given,
+.Nm
+will just list the current settings for
+.Ar ifname
+and exit. The reported settings include the current PPP phase the
+interface is in, which can be one of the names
+.Em dead ,
+.Em establish ,
+.Em authenticate ,
+.Em network ,
+or
+.Em terminate .
+If an authentication protocol is configured for the interface, the
+name of the protocol to be used, as well as the system name to be used
+or expected will be displayed, plus any possible options to the
+authentication protocol if applicable. Note that the authentication
+secrets (sometimes also called
+.Em keys )
+are not being returned by the underlying system call, and are thus not
+displayed.
+.Pp
+If any additional parameter is supplied, superuser privileges are
+required, and the command works in
+.Ql set
+mode. This is normally done quietly, unless the option
+.Fl v
+is also enabled, which will cause a final printout of the settings as
+described above once all other actions have been taken. Use of this
+mode will be rejected if the interface is currently in any other phase
+than
+.Em dead .
+Note that you can force an interface into
+.Em dead
+phase by calling
+.Xr ifconfig 8
+with the parameter
+.Ql down .
+.Pp
+The currently supported parameters include:
+.Bl -tag -offset indent -width indent
+.It Ar authproto Ns \&= Ns Em protoname
+Set both, his and my authentication protocol to
+.Em protoname .
+The protocol name can be one of
+.Ql chap ,
+.Ql pap ,
+or
+.Ql none .
+In the latter case, the use of an authentication protocol will be
+turned off for the named interface. This has the side-effect of
+clearing the other authentication-related parameters for this
+interface as well (i. e., system name and authentication secret will
+be forgotten).
+.It Ar myauthproto Ns \&= Ns Em protoname
+Same as above, but only for my end of the link. I. e., this is the
+protocol when remote is authenticator, and I am the peer required to
+authenticate.
+.It Ar hisauthproto Ns \&= Ns Em protoname
+Same as above, but only for his end of the link.
+.It Ar myauthname Ns \&= Ns Em name
+Set my system name for the authentication protocol.
+.It Ar hisauthname Ns \&= Ns Em name
+Set his system name for the authentication protocol. For CHAP, this
+will only be used as a hint, causing a warning message if remote did
+supply a different name. For PAP, it's the name remote must use to
+authenticate himself (in connection with his secret).
+.It Ar myauthsecret Ns \&= Ns Em secret
+Set my secret (key, password) for use in the authentication phase.
+For CHAP, this will be used to compute the response hash value, based
+on remote's challenge. For PAP, it will be transmitted as plaintext
+together with the system name. Don't forget to quote the secrets from
+the shell if they contain shell metacharacters (or white space).
+.It Ar myauthkey Ns \&= Ns Em secret
+Same as above.
+.It Ar hisauthsecret Ns \&= Ns Em secret
+Same as above, to be used if we are authenticator and the remote peer
+needs to authenticate.
+.It Ar hisauthkey Ns \&= Ns Em secret
+Same as above.
+.It Ar callin
+Require remote to authenticate himself only when he's calling in, but
+not when we are caller. This is required for some peers that do not
+implement the authentication protocols symmetrically (like Ascend
+routers, for example).
+.It Ar always
+The opposite of
+.Ar callin .
+Require remote to always authenticate, regardless of which side is
+placing the call. This is the default, and will not be explicitly
+displayed in
+.Ql list
+mode.
+.It Ar norechallenge
+Only meaningful with CHAP. Do not re-challenge peer once the initial
+CHAP handshake was successful. Used to work around broken peer
+implementations that can't grok being re-challenged once the
+connection is up.
+.It Ar rechallenge
+With CHAP, send re-challenges at random intervals while the connection
+is in network phase. (The intervals are currently in the range of 300
+through approximately 800 seconds.) This is the default, and will not
+be explicitly displayed in
+.Ql list
+mode.
+.El
+.Sh EXAMPLES
+.Bd -literal
+# spppcontrol bppp0
+bppp0: phase=dead
+ myauthproto=chap myauthname="uriah"
+ hisauthproto=chap hisauthname="ifb-gw" norechallenge
+.Ed
+.Pp
+Display the settings for bppp0. The interface is currently in
+.Em dead
+phase, i. e. the LCP layer is down, and no traffic is possible. Both
+ends of the connection use the CHAP protocol, my end tells remote the
+system name
+.Ql uriah ,
+and remote is expected to authenticate by the name
+.Ql ifb-gw .
+Once the initial CHAP handshake was successful, no further CHAP
+challenges will be transmitted. There are supposedly some known CHAP
+secrets for both ends of the link which are not being shown.
+.Pp
+.Bd -literal
+# spppcontrol bppp0 \e
+ authproto=chap \e
+ myauthname=uriah myauthsecret='some secret' \e
+ hisauthname=ifb-gw hisauthsecret='another' \e
+ norechallenge
+.Ed
+.Pp
+A possible call to
+.Nm
+that could have been used to bring the interface into the state shown
+by the previous example.
+.Sh SEE ALSO
+.Xr netstat 1 ,
+.Xr sppp 4 ,
+.Xr ifconfig 8
+.Rs
+.%A B. Lloyd, W. Simpson
+.%T "PPP Authentication Protocols"
+.%O RFC 1334
+.Re
+.Rs
+.%A W. Simpson, Editor
+.%T "The Point-to-Point Protocol (PPP)"
+.%O RFC 1661
+.Re
+.Rs
+.%A W. Simpson
+.%T "PPP Challenge Handshake Authentication Protocol (CHAP)"
+.%O RFC 1994
+.Re
+.Sh HISTORY
+The
+.Nm
+utility appeared in
+.Fx 3.0 .
+.Sh AUTHOR
+The program was written by
+.ie t J\(:org Wunsch,
+.el Joerg Wunsch,
+Dresden.
diff --git a/sbin/spppcontrol/spppcontrol.c b/sbin/spppcontrol/spppcontrol.c
new file mode 100644
index 000000000000..f961ae6674c0
--- /dev/null
+++ b/sbin/spppcontrol/spppcontrol.c
@@ -0,0 +1,241 @@
+/*
+ * Copyright (c) 1997 Joerg Wunsch
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $Id$
+ */
+
+#include <sys/param.h>
+#include <sys/callout.h>
+#include <sys/ioctl.h>
+#include <sys/socket.h>
+#include <sys/time.h>
+
+#include <net/if.h>
+#include <net/if_var.h>
+#include <net/if_sppp.h>
+
+#include <err.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sysexits.h>
+#include <unistd.h>
+
+void usage(void);
+void print_vals(const char *ifname, struct spppreq *sp);
+const char *phase_name(enum ppp_phase phase);
+const char *proto_name(u_short proto);
+const char *authflags(u_short flags);
+
+#define PPP_PAP 0xc023
+#define PPP_CHAP 0xc223
+
+int
+main(int argc, char **argv)
+{
+ int s, c;
+ int errs = 0, verbose = 0;
+ size_t off;
+ const char *ifname, *cp;
+ struct ifreq ifr;
+ struct spppreq spr;
+
+ while ((c = getopt(argc, argv, "v")) != -1)
+ switch (c) {
+ case 'v':
+ verbose++;
+ break;
+
+ default:
+ errs++;
+ break;
+ }
+ argv += optind;
+ argc -= optind;
+
+ if (errs || argc < 1)
+ usage();
+
+ ifname = argv[0];
+ strncpy(ifr.ifr_name, ifname, sizeof ifr.ifr_name);
+
+ /* use a random AF to create the socket */
+ if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
+ err(EX_UNAVAILABLE, "ifconfig: socket");
+
+ argc--;
+ argv++;
+
+ spr.cmd = (int)SPPPIOGDEFS;
+ ifr.ifr_data = (caddr_t)&spr;
+
+ if (ioctl(s, SIOCGIFGENERIC, &ifr) == -1)
+ err(EX_OSERR, "SIOCGIFGENERIC(SPPPIOGDEFS)");
+
+ if (argc == 0) {
+ /* list only mode */
+ print_vals(ifname, &spr);
+ return 0;
+ }
+
+#define startswith(s) strncmp(argv[0], s, (off = strlen(s))) == 0
+
+ while (argc > 0) {
+ if (startswith("authproto=")) {
+ cp = argv[0] + off;
+ if (strcmp(cp, "pap") == 0)
+ spr.defs.myauth.proto =
+ spr.defs.hisauth.proto = PPP_PAP;
+ else if (strcmp(cp, "chap") == 0)
+ spr.defs.myauth.proto =
+ spr.defs.hisauth.proto = PPP_CHAP;
+ else if (strcmp(cp, "none") == 0)
+ spr.defs.myauth.proto =
+ spr.defs.hisauth.proto = 0;
+ else
+ errx(EX_DATAERR, "bad auth proto: %s", cp);
+ } else if (startswith("myauthproto=")) {
+ cp = argv[0] + off;
+ if (strcmp(cp, "pap") == 0)
+ spr.defs.myauth.proto = PPP_PAP;
+ else if (strcmp(cp, "chap") == 0)
+ spr.defs.myauth.proto = PPP_CHAP;
+ else if (strcmp(cp, "none") == 0)
+ spr.defs.myauth.proto = 0;
+ else
+ errx(EX_DATAERR, "bad auth proto: %s", cp);
+ } else if (startswith("myauthname="))
+ strncpy(spr.defs.myauth.name, argv[0] + off,
+ AUTHNAMELEN);
+ else if (startswith("myauthsecret=") ||
+ startswith("myauthkey="))
+ strncpy(spr.defs.myauth.secret, argv[0] + off,
+ AUTHKEYLEN);
+ else if (startswith("hisauthproto=")) {
+ cp = argv[0] + off;
+ if (strcmp(cp, "pap") == 0)
+ spr.defs.hisauth.proto = PPP_PAP;
+ else if (strcmp(cp, "chap") == 0)
+ spr.defs.hisauth.proto = PPP_CHAP;
+ else if (strcmp(cp, "none") == 0)
+ spr.defs.hisauth.proto = 0;
+ else
+ errx(EX_DATAERR, "bad auth proto: %s", cp);
+ } else if (startswith("hisauthname="))
+ strncpy(spr.defs.hisauth.name, argv[0] + off,
+ AUTHNAMELEN);
+ else if (startswith("hisauthsecret=") ||
+ startswith("hisauthkey="))
+ strncpy(spr.defs.hisauth.secret, argv[0] + off,
+ AUTHKEYLEN);
+ else if (strcmp(argv[0], "callin") == 0)
+ spr.defs.hisauth.flags |= AUTHFLAG_NOCALLOUT;
+ else if (strcmp(argv[0], "always") == 0)
+ spr.defs.hisauth.flags &= ~AUTHFLAG_NOCALLOUT;
+ else if (strcmp(argv[0], "norechallenge") == 0)
+ spr.defs.hisauth.flags |= AUTHFLAG_NORECHALLENGE;
+ else if (strcmp(argv[0], "rechallenge") == 0)
+ spr.defs.hisauth.flags &= ~AUTHFLAG_NORECHALLENGE;
+ else
+ errx(EX_DATAERR, "bad parameter: \"%s\"", argv[0]);
+
+ argv++;
+ argc--;
+ }
+
+ spr.cmd = (int)SPPPIOSDEFS;
+
+ if (ioctl(s, SIOCSIFGENERIC, &ifr) == -1)
+ err(EX_OSERR, "SIOCSIFGENERIC(SPPPIOSDEFS)");
+
+ if (verbose)
+ print_vals(ifname, &spr);
+
+ return 0;
+}
+
+void
+usage(void)
+{
+ errx(EX_USAGE,
+ "usage: [-v] ifname [{my|his}auth{proto|name|secret}=..."
+ "|callin|always]");
+}
+
+void
+print_vals(const char *ifname, struct spppreq *sp)
+{
+ printf("%s:\tphase=%s\n", ifname, phase_name(sp->defs.pp_phase));
+ if (sp->defs.myauth.proto) {
+ printf("\tmyauthproto=%s myauthname=\"%.*s\"\n",
+ proto_name(sp->defs.myauth.proto),
+ AUTHNAMELEN, sp->defs.myauth.name);
+ }
+ if (sp->defs.hisauth.proto) {
+ printf("\thisauthproto=%s hisauthname=\"%.*s\"%s\n",
+ proto_name(sp->defs.hisauth.proto),
+ AUTHNAMELEN, sp->defs.hisauth.name,
+ authflags(sp->defs.hisauth.flags));
+ }
+}
+
+const char *
+phase_name(enum ppp_phase phase)
+{
+ switch (phase) {
+ case PHASE_DEAD: return "dead";
+ case PHASE_ESTABLISH: return "establish";
+ case PHASE_TERMINATE: return "terminate";
+ case PHASE_AUTHENTICATE: return "authenticate";
+ case PHASE_NETWORK: return "network";
+ }
+ return "illegal";
+}
+
+const char *
+proto_name(u_short proto)
+{
+ static char buf[12];
+ switch (proto) {
+ case PPP_PAP: return "pap";
+ case PPP_CHAP: return "chap";
+ }
+ sprintf(buf, "0x%x", (unsigned)proto);
+ return buf;
+}
+
+const char *
+authflags(u_short flags)
+{
+ static char buf[10];
+ buf[0] = '\0';
+ if (flags & AUTHFLAG_NOCALLOUT)
+ strcat(buf, " callin");
+ if (flags & AUTHFLAG_NORECHALLENGE)
+ strcat(buf, " norechallenge");
+ return buf;
+}