Commit Graph

48 Commits

Author SHA1 Message Date
Brian Somers
057f1760a8 Make ppp WARNS=5 clean 2004-09-05 01:46:52 +00:00
Brian Somers
8fb5ef5ae2 Understand the following Microsoft Vendor Specific RADIUS attributes:
RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY
  RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES
  RAD_MICROSOFT_MS_MPPE_RECV_KEY
  RAD_MICROSOFT_MS_MPPE_SEND_KEY

These attributes may be supplied by a RADIUS server when MSCHAPv2 is
used to authenticate.

It *should* now be possible to build ppp with -DNODES and still support
CHAP/MSCHAP/MSCHAPv2/MPPE via a RADIUS server, but the code isn't yet
smart enough to do that (building with -DNODES just looses these
facilities).

Sponsored by: Monzoon
2002-06-12 00:33:17 +00:00
Brian Somers
ff360cc91b Make the way FSM options are processed easier to read by using structures
instead of u_char *.

The changes are cosmetic except:

  RecvConfigAck() now displays the options that are being ACK'd
  Huge (bogus) options sent from the peer won't cause an infinite loop
  SendIdent and ReceiveIdent are displayed consistenlty with other FSM data
  LCP AUTHPROTO options that aren't understood are NAK'd, not REJ'd
2002-04-16 23:57:09 +00:00
Brian Somers
6301d506fb Reduce the interface MTU by 2 when MPPE has been successfully negotiated.
This is necessary because MPPE will combine the protocol id with the
payload received on the tun interface, encrypt it, then prepend its
own protocol id, effectively increasing the payload by two bytes.
2001-07-03 22:20:19 +00:00
Brian Somers
6cf6ee7625 Add support for stateful MPPE (microsoft encryption) providing
encryption compatibility with Windows 2000.  Stateful encryption
uses less CPU but is bad on lossy transports.

The ``set mppe'' command has been expanded.  If it's used with any
arguments, ppp will insist on encryption, closing LCP if the other
end refuses.

Unfortunately, Microsoft have abused the CCP reset request so that
receiving a reset request does not result in a reset ack when using
MPPE...

Sponsored by:	Monzoon Networks AG and FreeBSD Services Limited
2001-06-18 15:00:22 +00:00
Brian Somers
7f89db65f5 Add a ``Usable'' function to the ccp switch. The function
is called prior to sending a CCP configure request for a
given protocol.  The default is to send the request, but
this is overridden for MPPE which checks to see if the lcp
negotiations agreed CHAP81, and if not fails.

Use the same function to decide if we should reject peer
requests for MPPE.

This should get rid of those boring messages about not being
able to initialise MPPE when we don't negotiate CHAP81.
2001-02-04 22:53:11 +00:00
Brian Somers
26af0ae966 Cosmetic: Make struct mbuf more like kernel mbufs. 1999-12-20 20:29:47 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
Brian Somers
411675bae3 o Alter the mbuf type as it's processed by different layers.
o Show more information about missing MP fragments in ``show mp''.
o Do away with mbuf_Log().  It was showing mbuf stats twice on
  receipt of LCP/CCP/IPCP packets.... ???!!?
o Pre-allocate a bit extra when creating LQR packets to avoid having
  to allocate another mbuf in mbuf_Prepend().
1999-06-02 15:59:09 +00:00
Brian Somers
3377c28cd9 Deal with the fact that as we now mbuf_Read the fsm
header in fsm_Input() we often end up with a NULL mbuf.

Deal with a possible NULL mbuf being passed into
mbuf_Prepend().

Adjust some spacing to make things more consistent.
1999-05-09 20:02:29 +00:00
Brian Somers
5d9e610366 o Redesign the layering mechanism and make the aliasing code part of
the layering.

  We now ``stack'' layers as soon as we open the device (when we figure
  out what we're dealing with).  A static set of `dispatch' routines are
  also declared for dealing with incoming packets after they've been
  `pulled' up through the stacked layers.

  Physical devices are now assigned handlers based on the device type
  when they're opened.  For the moment there are three device types;
  ttys, execs and tcps.

o Increment version number to 2.2
o Make an entry in [uw]tmp for non-tty -direct invocations (after
  pap/chap authentication).
o Make throughput counters quad_t's
o Account for the absolute number of mbuf malloc()s and free()s in
  ``show mem''.
o ``show modem'' becomes ``show physical''.
1999-05-08 11:07:56 +00:00
Brian Somers
615beb1f86 Detect pred1 packets where the length != the packet length
Use a maximum of MAX_MRU + 2 bytes for incoming packets, not
MAX_MTU + 2.
Tidy up some diagnostics.
1999-03-16 01:24:23 +00:00
Brian Somers
a36ca3cc08 Tone down the log levels (Log{ERROR,WARN} -> LogCCP)
when we've simply missed a packet.

When our Predictor1 CRC is wrong (implying we've dropped
a packet), don't send a ResetReq().  Instead, send another
CCP ConfigReq().  *shrug*  My tests show this as being far
worse than the ResetReq as we may have further Nak/Rejs etc
and we're basically resetting both our incoming and outgoing
compression dictionaries, but rfc1978 says the ConfigReq is
correct, so we'd better go along...
1999-03-11 01:49:15 +00:00
Brian Somers
92b0955883 o Support callback types NONE, E.164, AUTH and CBCP.
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set login'' or
  ``set hangup''.
o Allow ``*'' and blanks as placeholders in ppp.secret and
  allow a fifth field for specifying auth/cbcp dialback
  parameters.
o Remove a few extraneous #includes
o Define the default number of REQs (restart counter) in defs.h
  rather than hardcoding ``5'' all over the place.
o Fix a few man page inconsistencies.
1998-08-07 18:42:51 +00:00
Brian Somers
d91d286164 MFMP: Make ppp multilink capable.
See the file README.changes, and re-read the man page.
1998-05-21 21:49:08 +00:00
Brian Somers
dd7e261079 Cosmetic: Make our external function names consistent. 1998-05-01 19:26:12 +00:00
Brian Somers
50abd4c820 Make ``show ipcp'' prettier and remove a few redundant includes. 1998-04-25 00:09:14 +00:00
Brian Somers
ed32233ca5 Output the correct protocol id from the physical link-level CCP
layer when we're in multilink mode.
1998-04-24 19:15:26 +00:00
Brian Somers
1342caed9c o Move the accept/deny/disable/enable globals either to the
bundle (non-negotiated vars) or to their respective IPCP,
  LCP or CCP.
o Enable rolling throughput statistics by default.
o Remove the `display' command.  These values now appear in
  `show bundle', `show ipcp', `show ccp' and `show lcp'.
o Initialise auth name & key at bundle create time (oops).
o Rename pppd-deflate (the id-24 hack) to deflate24.
o Don't send both a REJ and a NAK to an IPCP or LCP REQ.
  Favour the REJ (already done at the CCP level).
o Recurse in datalink_UpdateSet() when we change state, otherwise
  we end up setting no descriptors and getting jammed in the
  imminent select() instead of doing the dial/login/hangup.
o Display our CHAP encryption method despite being built with DES.
o Display VJ as not negotiated in ``show ipcp'' when necessary.
1998-04-16 00:26:21 +00:00
Brian Somers
2764b86afd o Move alias function pointers into loadalias.c
o Move Var*Version into command.c
o Remove struct pppVars (and there was much rejoicing) !
o Forward-decl some structs in .h files to avoid include
  ordering requirements and remove a few more redundant
  #includes.
1998-04-07 00:54:26 +00:00
Brian Somers
d24f017be8 Remove unused includes. 1998-04-06 09:12:38 +00:00
Brian Somers
03036ec70d Make all CCP negotiation data dynamic and add a
``set deflate'' command to configure the DEFLATE
default window size.
1998-03-17 22:29:12 +00:00
Brian Somers
879ed6fa82 De-staticise LQR information
Increment OutPackets for any packet - not just LQRs

MFC:
  o Fix a few comment typos.
  o Fix ``set timeout'' usage message and documentation.
  o Change ifOutPackets, ifOutOctets and ifOutLQRs to `u_int32_t's
    so that they wrap correctly.
  o Put the LQR in network byte order using the correct struct size
    (sizeof u_int32_t, not sizeof u_long).
  o Wrap LQR ECHO counters correctly.
  o Don't increment OutLQR count if the last LQR hasn't been replied
    to.
  o Initialise last received LQR in StartLqm.
  o Don't start the LQR timer if we're `disabled' and `accepted'.
  o Generate LQR responses when both sides are using a timer and
    we're not going to send our next LQR before the peers max timeout.
1998-03-13 00:44:26 +00:00
Brian Somers
f4768038f0 o Remove the global CcpInfo. It's now part of the datalink.
Struct bundle will have its own struct ccp in the future
  too.
o The ``set stopped'' command now requires context and doesn't
  work on the IPCP FSM.
o Check if it's time to break out of our top level loop before
  doing a select - otherwise, we'll select forever :-(
o Remove `struct link'::ccp (a temporary hack).  It turns out
  that IpStartOutput() calls link_Output() and link_Output()
  incorrectly calls StartOutput() (really modem_StartOutput)
  requiring the ccp knowledge so that it can call
  IpStartOutput()...  The end result is that the whole IP
  output queue gets dumped into the modem output queue
  and a pile of physical writes are done prematurely.  This
  makes the (original) code in main() actually work in that
  it would not bother selecting() on the tun descriptor when
  our modem queue length was 20 or greater.  Instead, we now
  make that decision based on the overall queue length.

  This will need improvement later.
1998-02-23 00:38:44 +00:00
Brian Somers
7308ec6890 Move the global FSMs into their relevent structures.
IPCP, CCP and LCP are now just derived FSMs.
Comment each of the FSM implementations so that we can
tell what's going on.
Revise the state transitions so that CCP and IPCP actually
send terminate REQs when appropriate.

The OS & IPCP layers are still like spagetti (next job).
1998-01-31 02:48:30 +00:00
Brian Somers
8c07a7b2e0 Create `struct link' - the logical link from which
`struct physical' (and the future `struct logical')
are derived.
1998-01-30 19:46:07 +00:00
Brian Somers
63b7346316 Create a new MP branch for `multilink protocol'.
Do lots of initial shuffling and grouping.
Submitted by: Eivind Eklund <perhaps@yes.no>
1998-01-29 00:49:32 +00:00
cvs2svn
1ae349f52c This commit was manufactured by cvs2svn to create branch 'MP'. 1998-01-29 00:44:16 +00:00
Brian Somers
257b72c4fd Free our input mbuf when the FCS is good (oops, memory leak). 1998-01-14 01:47:50 +00:00
Brian Somers
c39934ea32 Add (BSD) copyright headers. 1997-12-21 12:11:13 +00:00
Brian Somers
0053cc58a9 Abstract the CCP layer a level.
Add DEFLATE support.
1997-12-03 10:23:54 +00:00
Brian Somers
b6e82f33ef Fix prototypes.
Remove extraneous decls.
Add ``const'' to several places.
Allow ``make NOALIAS=1'' to remove IP aliasing.
Merge with OpenBSD - only the Makefiles vary.

We can now survive a compile with
  -Wall -Wbad-function-cast -Wcast-align -Wcast-qual
  -Winline -Wmissing-declarations -Wmissing-prototypes
  -Wnested-externs -Wpointer-arith -Wredundant-decls
  -Wshadow -Wstrict-prototypes -Wwrite-strings -Wchar-subscripts
(although the Makefile just contains -Wall).
1997-11-22 03:37:54 +00:00
Brian Somers
5106c67149 Introduce ID0 logging.
Stay as the invoking uid as much as possible.
Execution as a normal user is still forbidden for now,
so these changes are pretty ineffective.
The next commit will implement the modifications suggested
on -hackers a number of days ago.
1997-11-09 06:22:49 +00:00
Brian Somers
75240ed178 Cosmetic (no functional changes):
o   Add missing $Id$s
o   Move extern decls from .c -> .h files
o   Staticize
o   Remove #includes from .h files
o   style(9)ify includes
o   bcopy -> memcpy
    bzero -> memset
    bcmp -> memcmp
    index -> strchr
    rindex -> strrchr
o   Move timeout.h -> timer.h (making it consistent w/ timer.c)
o   Add -Wmissing-prototypes
1997-10-26 01:04:02 +00:00
Brian Somers
944f709824 Make the code format more in line with style(9).
Update loadalias to use the new libalias api.
Update to version 1.1.
1997-08-25 00:29:32 +00:00
Brian Somers
e979ce388b Make the man page a little more detailed.
Update the version number to 1.00.
Increase the predictor-1 buffer by 2 bytes.
1997-06-09 23:38:38 +00:00
Brian Somers
927145be97 Overhaul ppp:
o Use syslog
  o Remove references to stdout/stderr (incl perror())
  o Introduce VarTerm - the interactive terminal or zero
  o Allow "set timeout" to affect current session
  o Change "set debug" to "set log"
  o Allow "set log [+|-]flag"
  o Make MSEXT and PASSWDAUTH stuff the default
  o Move all #ifdef DEBUG stuff into the code - this
    shouldn't be too much overhead.  It's now controlled
    with "set log +debug"
  o Add "set log command, debug, tun, warn, error, alert"
  o Remove cdefs.h, and assume an ansi compiler.
  o Improve all diagnostic output
  o Don't trap SIGSEGV
  o SIGHUP now terminates again (log files are controlled
    by syslog)
  o Call CloseModem() when changing devices
  o Fix parsing of third arg of "delete"

I think this fixes the "magic is same" problems that some
people have been experiencing.
The man page is being rewritten.  It'll follow soon.
1997-06-09 03:27:43 +00:00
Brian Somers
0d8fb00071 Reduce MAX_M[RT]U back to 2048. Even on a null-modem
ppp link, we gain nothing with a larger mtu.

Suggested by:	joerg

Fix pred1 buffer size (must be == MAX_MTU)
1997-06-01 11:35:04 +00:00
Brian Somers
274e766c99 Tidy up the code - bounds checking, return
value checking etc.

Submitted by:	eivind
1997-05-10 01:22:19 +00:00
Peter Wemm
476602a9d0 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Poul-Henning Kamp
5a92765501 Reset Pred1 protocol on FCS errors. 1996-07-21 13:01:27 +00:00
Poul-Henning Kamp
9c749ffb8b Here is a diff of /usr/src/usr.sbin/ppp against current. The diffs
add some logging functionality which I find very useful.
'set debug link' will record just link up/down and address assignments.
'set debug connect' will record the entire chat dialog
'set debug carrier' will record just chat lines including 'CARRIER'
(so that I can be sure I'm getting a 28.8 line).

There was a global change required to permit LogPrintf to take a bit
mask instead of a bit position value (to permit logging some events
on either of two flags, so that no change in 'set debug lcp' would
result from the code supporting 'link'.  Thus the diffs are rather
long for such a small change.  The man page is also touched.

Oh, and there was a slight syntax problem in route.c

Reviewed by:	phk
Submitted by:	Tony Kimball <alk@Think.COM>
1996-05-11 20:48:42 +00:00
Doug Rabson
76bd0c0a9d Some patches to ppp which improve stability. I have been running a
ppp based on these patches for about 3 weeks with no downtime.

The original submitters comments:

Two features iijppp has over kernel ppp that I like are predictor1
compression and demand dialing.  Here are a few bug fixes.

I expanded the priority queueing scheme and discovered it was broken
due to the assignment at ip.c line 300.  All packets were being
queued at the same priority.

Fixing priority queueing broke predictor1 compression.  Packets
were compressed before being queued and predictor1 worked as long
as the packets were popped off the queue in the same order they
were pushed onto the queue.

There were a few byte order problems in IP header tests also.

There is a recursion problem in SendLqrReport().  LcpClose() is
called when "Too many echo packets are lost" which winds up in
SendLqrReport() again.  I believe the original intention was to
just stop the LQR timer with the call to StopLqr() but the side
effects hurt.

Submitted by:	John Capo <jc@irbs.com>
1996-01-30 11:08:50 +00:00
Poul-Henning Kamp
7b64106a9e A random bunch of cleanup changes. 1996-01-10 21:28:04 +00:00
Rodney W. Grimes
709e8f9ae1 Remove trailing whitespace. 1995-05-30 03:57:47 +00:00
Atsushi Murai
53c9f6c0c4 New user Process PPP based on iij-ppp0.94beta2.
o Supporting SYNC SIO device (But need a device driver)
     - add "set speed sync"
   o Fixing bug for Predictor-1 function.
   o Add new parameter that re-sent interval for set timeout commands.
   o Improving RTT (Round Trip Time) and reducing processor time.
     - Previous Timer service was using polling, and now using
       SIGALRM ;-)
     - A 0.94beta2 will not work correctly....

   -- Follows are additinal feature not including 0.94beta2
   o Support Proxy ARP
     - add "enable/disable proxy" commands
   o Marging common routine in CHAP/PAP.
   o Enhancing LCP/IPCP log information.
   o Support local Authfication connection on port 300x and tty.
     - You can set up pair of your "hostname -s" and
       password in ppp.secret. if either ppp.secret file nor
       your hostname line don't exist, It will notify a message
       and working as same as previous version.(Backword compatibility)
     - If you did set up them, It's allow connection but nothing to do
       except help and passwd command.
     - add "passwd yourpasswd" commands
   o Support afilter - keep Alive filter that a packet can send/receiving
     according to ifilter/ofilter but doesn't count it as preventing idle
     timer expires.
     - Same syntax of other filters.
   o Fixing bugs reported by current user for previous one. Thanks !!

Reviewed by: Atsushi Murai (amurai@spec.co.jp)
1995-02-26 12:18:08 +00:00
Atsushi Murai
af57ed9fdc 1995-01-31 06:29:58 +00:00