Re: [OpenWrt-Devel] [PATCH v3] ppp: add new protocol PPPoSSH.

Tue, 06 May 2014 19:26:26 -0700 

Hi,

On 24 April 2014 11:23, Yousong Zhou <yszhou4t...@gmail.com> wrote:
> This patch adds protocol support for PPP over SSH.  The protocol name is
> 'pppossh' with the following options.
>
>  - server, required, SSH server name.
>  - port, SSH server port.
>  - sshuser, required, SSH login username.
>  - identity, client private key file.  Default to ~/.ssh/id_{rsa,dsa}.
>    It must be a valid key file for the public key authentication to
>    proceed.

The other day I tried to read OpenSSH's code and confirmed that this
patch does not fully comply to OpenSSH's strategy for default identity
file selection.  Defaults should only be considered when there is no
user-specified key file.  Also I am about to change the type of
`identity' option to `list' type, making it possible for the user to
specify multiple key files.  I'd like to hear your ideas about this
yet to come change. :)

Regards.

                yousong

>  - ipaddr, local ip address to be assigned.
>  - peeraddr, peer ip address to be assigned.
>  - acceptunknown, accept the connection if the remote host key is
>    unknown.  This option is only avaiable in dropbear client.  OpenSSH
>    client must NOT use it.
>
> Because the protocol script file ppp.sh will be called with $HOME set to
> '/', we need to explicitly set it to the right value so that dropbear
> client can read '~/known_hosts' correctly.
>
> Signed-off-by: Yousong Zhou <yszhou4t...@gmail.com>
> ---
> v1 -> v2
>
>     - Use common option names as suggested by jow and nbd.
>     - Default to using ~/.ssh/id_{rsa,dsa} as the identity file.
>     - Set $HOME to correct value for the current user instead of unset it.
>
> v2 -> v3
>
>     - Change type of acceptunknown to boolean.
>     - Squeeze multiple calls to proto_config_add_string to one.
>
>  package/network/services/ppp/Makefile     |    2 +-
>  package/network/services/ppp/files/ppp.sh |   53 
> +++++++++++++++++++++++++++++
>  2 files changed, 54 insertions(+), 1 deletions(-)
>
> diff --git a/package/network/services/ppp/Makefile 
> b/package/network/services/ppp/Makefile
> index 9bf9616..a707985 100644
> --- a/package/network/services/ppp/Makefile
> +++ b/package/network/services/ppp/Makefile
> @@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk
>
>  PKG_NAME:=ppp
>  PKG_VERSION:=2.4.5
> -PKG_RELEASE:=10
> +PKG_RELEASE:=11
>
>  PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
>  PKG_SOURCE_URL:=ftp://ftp.samba.org/pub/ppp/
> diff --git a/package/network/services/ppp/files/ppp.sh 
> b/package/network/services/ppp/files/ppp.sh
> index 8824409..c93fea0 100755
> --- a/package/network/services/ppp/files/ppp.sh
> +++ b/package/network/services/ppp/files/ppp.sh
> @@ -206,10 +206,63 @@ proto_pptp_teardown() {
>         ppp_generic_teardown "$@"
>  }
>
> +proto_pppossh_init_config() {
> +       ppp_generic_init_config
> +       proto_config_add_string server port sshuser identity ipaddr peeraddr
> +       proto_config_add_boolean acceptunknown
> +       available=1
> +       no_device=1
> +}
> +
> +proto_pppossh_setup() {
> +       local config="$1"
> +       local iface="$2"
> +       local ip serv_addr
> +       local errmsg
> +       local user="$(id -nu)"
> +       local home=$(sh -c "echo ~$user")
> +
> +       json_get_vars port sshuser identity ipaddr peeraddr acceptunknown
> +       json_get_var server server && {
> +               for ip in $(resolveip -t 5 "$server"); do
> +                       ( proto_add_host_dependency "$config" "$ip" )
> +                       serv_addr=1
> +               done
> +       }
> +       [ -n "$serv_addr" ] || errmsg="${errmsg}Could not resolve $server.\n"
> +       [ -n "$sshuser" ] || errmsg="${errmsg}Missing sshuser option.\n"
> +       [ -f "$identity" ] || {
> +               identity="$home/.ssh/id_rsa"
> +               [ -f "$identity" ] || identity="$home/.ssh/id_dsa"
> +               [ -f "$identity" ] || errmsg="${errmsg}Cannot find valid 
> identity file.\n"
> +       }
> +       [ -n "$errmsg" ] && {
> +               echo -ne "$errmsg"
> +               sleep 5
> +               proto_setup_failed "$config"
> +               exit 1
> +       }
> +       port=${port:+-p \"$port\"}
> +       sshhost="$sshuser@$server"
> +       [ "$acceptunknown" = "1" ] || acceptunknown=""
> +       acceptunknown="${acceptunknown:+-y}"
> +       pty="env 'HOME=$home' /usr/bin/ssh "$acceptunknown" -i '$identity' 
> $port '$sshhost'"
> +       pty="$pty pppd nodetach notty noauth"
> +       ippair="$ipaddr:$peeraddr"
> +
> +       ppp_generic_setup "$config" \
> +               noauth pty "$pty" "$ippair"
> +}
> +
> +proto_pppossh_teardown() {
> +       ppp_generic_teardown "$@"
> +}
> +
>  [ -n "$INCLUDE_ONLY" ] || {
>         add_protocol ppp
>         [ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe
>         [ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa
>         [ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp
> +       [ -x /usr/bin/ssh ] && add_protocol pppossh
>  }
>
> --
> 1.7.2.5
>
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

Reply via email to