local ttyname="$2"
local username="$3"
local password="$4"
+ local allowedauth="$5"
+
+ # all auth types are allowed unless a user given list is given
+ local authopts
+ local pap=1
+ local chap=1
+ local mschap=1
+ local mschapv2=1
+ local eap=1
+
+ [ -n "$allowedauth" ] && {
+ pap=0 chap=0 mschap=0 mschapv2=0 eap=0
+ for auth in $allowedauth; do
+ case $auth in
+ "pap") pap=1 ;;
+ "chap") chap=1 ;;
+ "mschap") mschap=1 ;;
+ "mschapv2") mschapv2=1 ;;
+ "eap") eap=1 ;;
+ *) ;;
+ esac
+ done
+ }
+
+ [ $pap -eq 1 ] || append authopts "refuse-pap"
+ [ $chap -eq 1 ] || append authopts "refuse-chap"
+ [ $mschap -eq 1 ] || append authopts "refuse-mschap"
+ [ $mschapv2 -eq 1 ] || append authopts "refuse-mschap-v2"
+ [ $eap -eq 1 ] || append authopts "refuse-eap"
proto_run_command "${interface}" /usr/sbin/pppd \
"${ttyname}" \
nopcomp \
novj \
noauth \
+ $authopts \
${username:+ user $username} \
${password:+ password $password} \
lcp-echo-failure 5 \
no_device=1
proto_config_add_string device
proto_config_add_string apn
+ proto_config_add_string 'allowedauth:list(string)'
proto_config_add_string username
proto_config_add_string password
proto_config_add_string pincode
local interface="$1"
local modempath modemstatus bearercount bearerpath connectargs bearerstatus beareriface
- local bearermethod_ipv4 bearermethod_ipv6
+ local bearermethod_ipv4 bearermethod_ipv6 auth cliauth
local operatorname operatorid registration accesstech signalquality
- local device apn username password pincode iptype metric
+ local device apn allowedauth username password pincode iptype metric
local address prefix gateway mtu dns1 dns2
- json_get_vars device apn username password pincode iptype metric
+ json_get_vars device apn allowedauth username password pincode iptype metric
# validate sysfs path given in config
[ -n "${device}" ] || {
# always cleanup before attempting a new connection, just in case
modemmanager_cleanup_connection "${modemstatus}"
+ # if allowedauth list given, build option string
+ for auth in $allowedauth; do
+ cliauth="${cliauth}${cliauth:+|}$auth"
+ done
+
# setup connect args; APN mandatory (even if it may be empty)
echo "starting connection with apn '${apn}'..."
- connectargs="apn=${apn}${iptype:+,ip-type=${iptype}}${username:+,user=${username}}${password:+,password=${password}}${pincode:+,pin=${pincode}}"
+ connectargs="apn=${apn}${iptype:+,ip-type=${iptype}}${cliauth:+,allowed-auth=${cliauth}}${username:+,user=${username}}${password:+,password=${password}}${pincode:+,pin=${pincode}}"
mmcli --modem="${device}" --timeout 120 --simple-connect="${connectargs}" || {
proto_notify_error "${interface}" CONNECT_FAILED
proto_block_restart "${interface}"
modemmanager_connected_method_static_ipv4 "${interface}" "${beareriface}" "${address}" "${prefix}" "${gateway}" "${mtu}" "${dns1}" "${dns2}" "${metric}"
;;
"ppp")
- modemmanager_connected_method_ppp_ipv4 "${interface}" "${beareriface}" "${username}" "${password}"
+ modemmanager_connected_method_ppp_ipv4 "${interface}" "${beareriface}" "${username}" "${password}" "${allowedauth}"
;;
*)
proto_notify_error "${interface}" UNKNOWN_METHOD
projects / feed / packages.git / commitdiff