being the same as the previous (still supported) ``host:port''
syntax for tcp socket devices.
A udp device uses synchronous ppp rather than async, and avoids
the double-retransmit overhead that comes with ppp over tcp (it's
usually a bad idea to transport IP over a reliable transport that
itself is using an unreliable transport). PPP over UDP provides
througput of ** 1.5Mb per second ** with all compression disabled,
maxing out a PPro/200 when running ppp twice, back-to-back.
This proves that PPPoE is plausable in userland....
This change adds a few more handler functions to struct device and
allows derivations of struct device (which may contain their own
data etc) to pass themselves through the unix domain socket for MP.
** At last **, struct physical has lost all the tty crud !
iov2physical() is now smart enough to restore the correct stack of
layers so that MP servers will work again.
The version number has bumped as our MP link transfer contents have
changed (they now may contain a `struct device').
Don't extract the protocol twice in MP mode (resulting in protocol
rejects for every MP packet). This was broken with my original
layering changes.
Add ``Physical'' and ``Sync'' log levels for logging the relevent
raw packets and add protocol-tracking LogDEBUG stuff in various
LayerPush & LayerPull functions.
Assign our physical device name for incoming tcp connections by
calling getpeername().
Assign our physical device name for incoming udp connections from
the address retrieved by the first recvfrom().
the layering.
We now ``stack'' layers as soon as we open the device (when we figure
out what we're dealing with). A static set of `dispatch' routines are
also declared for dealing with incoming packets after they've been
`pulled' up through the stacked layers.
Physical devices are now assigned handlers based on the device type
when they're opened. For the moment there are three device types;
ttys, execs and tcps.
o Increment version number to 2.2
o Make an entry in [uw]tmp for non-tty -direct invocations (after
pap/chap authentication).
o Make throughput counters quad_t's
o Account for the absolute number of mbuf malloc()s and free()s in
``show mem''.
o ``show modem'' becomes ``show physical''.
that are made in each of the FSMs (LCP, CCP & IPCP) and the
number of REQs/Challenges for PAP/CHAP by accepting more arguments
in the ``set {c,ip,l}cpretry'' and ``set {ch,p}apretry'' commands.
Change the non-convergence thresholds to 3 times the number of configured
REQ tries (rather than the previous fixed ``10''). We now notice
repeated NAKs and REJs rather than just REQs.
Don't suggest that CHAP 0x05 isn't supported when it's not configured.
Fix some bugs that expose themselves with smaller numbers of retries:
o Handle instantaneous disconnects (set device /dev/null) correctly
by stopping all fsm timers in fsm2initial.
o Don't forget to uu_unlock() devices that are files but are not
ttys (set device /dev/zero).
Fix a *HORRENDOUS* bug in RFC1661 (already fixed for an Open event in state
``Closed''):
According to the state transition table, a RCR+ or RCR- received in
the ``Stopped'' state are supposed to InitRestartCounter, SendConfigReq
and SendConfig{Ack,Nak}. However, in ``Stopped'', we haven't yet
done a TLS (or the last thing we did is a TLF). We must therefore
do the TLS at this point !
This was never noticed before because LCP and CCP used not use
LayerStart() for anything interesting, and IPCP tends to go into
Stopped then get a Down because of an LCP RTR rather than getting a
RCR again.
correctly by invoking the timer to get the value before
displaying the message.
Don't assume that a value of 0 is ``random'' in
``show datalink''.
Make the random value between 1 and DIAL_TIMEOUT rather
than between 0 and DIAL_TIMEOUT-1
each time rather than making up a new one.
Increase the authname/authkey max sizes to 100 characters.
Allow ``authkey'' specifications beginning with ``!''.
When a challenge is received, the text following the
``!'' is executed as a program (expanding stuff in the same
way that ``sh'' and ``!bg'' do). The program is passed the
peer name, peer challenge and local ``authname'' on standard
input and is expected to output the name/key combination that
should be used to build the CHAP response.
This provides support for Secure ID cards (guess what I was
given at work recently!) using CHAP.
Examples will follow.
input routines and take advantage of the new init/continue
interface in libradius. This allows a timely response on
other links in an MP setup while RADIUS requests are in
progress as well as the ability to handle other data from
the peer in parallel. It should also make the future addition
of PAM support trivial.
While I'm in there, validate pap & chap header IDs if
``idcheck'' is enabled (the default) for other FSM packet
types.
NOTE: This involved integrating the generation of chap
challenges and the validation of chap responses
(and commenting what's going on in those routines).
I currently have no way of testing ppps ability
to respond to M$Chap CHALLENGEs correctly, so if
someone could do the honours, it'd be much
appreciated (it *looks* ok!).
Sponsored by: Internet Business Solutions Ltd., Switzerland
details. Compiling with -DNORADIUS (the default for `release')
removes support.
TODO: The functionality in libradius::rad_send_request() needs
to be supplied as a set of routines so that ppp doesn't
have to wait indefinitely for the radius server(s). Instead,
we need to get a descriptor back, select() on the descriptor,
and ask libradius to service it when necessary.
For now, ppp blocks SIGALRM while in rad_send_request(), so
it misses PAP/CHAP retries & timeouts if they occur.
Only PAP is functional. When CHAP is attempted, libradius
complains that no User-Password has been specified... rfc2138
says that it *mustn't* be used for CHAP :-(
Sponsored by: Internet Business Solutions Ltd., Switzerland
CALLBACK protocol and end up agreeing CBCP, DTRT and go
into CBCP phase rather than mistakenly terminating as
if CBCP wasn't agreed.
Problem reported by: Alexander Dubinin <alex@nstl.nnov.ru>
Remove any dial timer that might be hanging around at
datalink_Destroy() time. This timer may be left running
after the link is closed (making sure it's not automatically
opened again too soon).
the device is successfully opened. If we fail to open it,
mention the fact.
Also go back into command mode as soon as the device is closed
rather than waiting for the user to type something before noticing.
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set login'' or
``set hangup''.
o Allow ``*'' and blanks as placeholders in ppp.secret and
allow a fifth field for specifying auth/cbcp dialback
parameters.
o Remove a few extraneous #includes
o Define the default number of REQs (restart counter) in defs.h
rather than hardcoding ``5'' all over the place.
o Fix a few man page inconsistencies.
exceeds DATALINK_READY. When we go back to READY or less
(eg. ``close lcp''), switch the carrier-checking-timer off again.
This fixes the callback example in ppp.conf.sample.
Noted as broken by: Damian Kuczynski <damian@best.pw.edu.pl>
o If we've denied and disabled all compression protocols, stay
in ST_INITIAL and do an LCP protocol reject if we receive any
CCP packets.
o If we've disabled all compression protocols, go to ST_STOPPED
and wait for the other side to ask for something.
o If we've got anything enabled, start REQing as soon as the auth
layer is up.
o If we're in multilink mode, than the link level CCP goes
straight to ST_STOPPED irrespective of what's configured so that
we never try to compress compressed stuff by default.
open capable of re-negotiatiating the various layers.
It is now possible to change various link options and then
re-open the relevant layer, making the changes effective -
for example, switching off VJ compression or starting ECHO
LQRs on-the-fly.
end up writing zero bytes, sleep for 1/10 of a second so that
we don't end up using up too much cpu.
This should only ever happen on systems that wrongly report a
descriptor as writable despite the tty buffer being full.
Discussed with: Jeff Evarts
o Do an initial run-time check to see if select() alters the passed
timeval. This knowledge isn't yet used, but will be soon.
for all datalinks in a bundle. Ppp now deals correctly
with link types that are changed while open
o When changing the type of the last AUTO link, only clear
the interface if we're not in PHASE_NETWORK. This allows
us to switch to -ddial mode while we have a connection
without suddenly unexpectedly throttling ourselves by
clearing the interface configuration.
Problem area noted by: Aaron Jeremias Luz <aaron@csh.rit.edu>
in `set mode', `allow modes', on the command line and when
outputting mode names. The strings are matched so that only
enough characters to uniquely identify the string are required,
so you can now
ppp -a mylabel (for auto mode)
ppp -b mylabel (for background mode)
ppp -dd mylabel (for direct dial mode)
etc.
o Make -ddial dial when specified on the command line (oops).
Pointed out by: Alex <garbanzo@hooked.net>
generate the data to transfer.
o Transfer uucp lock ownership for the transferred device.
o Don't assume we know the correct values of dev_is_modem and
mbits after the transfer.
transferring session rights with them. Instead, create two
`/bin/cat' processes. A new child is spawned and disassociated from
the terminal and the parent, which continues with the rest of the ppp
process. Meanwhile, the parent spawns another child, and both the
parent and child exec the `/bin/cat' commands with the appropriate
descriptors. This way, the session is owned by the parent, and the
tty is held open.
o Close LCPs that have done a TLF and are now in ST_STOPPED before
calling Down. This prevents them from trying to come back up again
after the peer has shut them down (it seems a bit strange that the
rfc says that a Down in ST_STOPPED will cause a TLS etc).
o Don't try to set the physical link name pointer when we're receiving
and renaming a datalink. The physical hasn't been created yet, and as
it happens, the garbage physical pointer happens to be the value of another
physical - so we're pointing that other physical name at ourselves.
yeuck.
o Re-arrange the order of things in main (DoLoop()). We now handle
signals only after the select and not before the UpdateSet. It's
possible that either a signal (FSM timeout) or a descriptor_Read()
brings a link down, after which we'd better tidy up any dead direct
and 1off descriptors before calling UpdateSet() again.
o Mention when we detect a PPP packet when we see one before the link
is up (then start LCP as before).
It's now dealt with by the `server' object. This simplifies
things as we only have one list of prompt descriptors and
the log_ routines check prompt::logactive to determine
whether it should be used for output.
o Include the MP socket UpdateSet() result in bundle::UpdateSet().
o Don't select on the tun device unless we're in NETWORK
phase or AUTO mode.
o Stop the idle timer when we go to DEAD phase. We may
have transferred a link and not had a chance to kill
it.
o Don't fail when trying to unlink our transferred datalink
from our descriptor lists just before the transfer.
o Add our link descriptor to the write set if we got a short
write the last time (physical::out is set).
o Log the connection source address when a connection is closed.
o Remove descriptor::next field. Descriptor lists are not required
any more.
is not possible to switch to or from dedicated or direct mode,
but all other combinations are ok (eg. -auto -> -ddial).
o Cope with the fact that commands with optional context may not
be able to obtain a link with command_ChooseLink() (if all links
have been deleted for example).
o Allow `clone'ing in non-multilink mode. We may for example want
to configure two links in unilink mode and dial them both, using
the one that comes up first. It's also possible to rename
``deflink'' by cloning it, deleting the original, then setting
the mode of the new link.
the bundle has the opportunity to go PHASE_DEAD and cleanup
the interface (if it's the last link).
o Regnerate our phys_type value when we transfer the link.
o Always clean up the interface when destroying our bundle in case
we're abending.
o Always clean up our interface when the last link is gone rather than
delaying things 'till exit time in the -direct case (the interface
is useless anyway). Do this *after* slamming down our NCPs (if
they're still around).
o Our MP server descriptor now clears the relevent device descriptor
from our descriptor [fd]sets when a datalink is on death-row (to
be transferred to another running ppp), thus avoiding the possibility
of passing a bum descriptor to select() and having ppp abend.
o Handle the MP socket descriptor functions from within the bundle
descriptor functions. Now we ensure that the MP socket descriptor
functions see the descriptor sets *after* they've been seen by our
datalinks.
o Add/fix a few more comments.
into the ST_STOPPED state.
o Allow an optional ccp|lcp argument to `down'. The default is
still lcp (as before). You can now call down with no context
in multilink mode, in which case it'll down the multilink ccp
or the entire bundle (*very* rude).
o Allow an optional `!' after `close ccp' (close ccp!) to tell
ccp to stay in the CLOSED state after the terminate ACK. The
default is now to re-enter STOPPED so that the peer can bring
the layer back up if desired.
o Always handle proto-compressed packets, even if we've agreed
(in LCP) that the peer will not send us 1 byte protocols.
If the peer violates the LCP agreement, log it to the HDLC
log.
o Fix some comments.
LQM and HDLC timer diagnostics come out with the correct name.
o Don't send an LQR immediately upon reviving a datalink. Leave
it 'till the next timeout.
o Add the link name to some more LQR diagnostics.
o Break out of the main loop when a descriptor exception is seen
in select().
o Remove the evil nointr_[u]sleep() functions. Timers should be
(and are) used instead.
o Treat a read() of 0 bytes as an error that's fatal to the link
on which the read() is done. We should never read() 0 after
select() says there's something there - not unless the link
has been closed by the other side.
o Write the data seen before a HDLC header to the terminal in
`term' mode, *not* back to the modem :-/
o Initialise our transmitted file descriptor before starting any
timers.
o Only send data links that have *no* pending output data. This
means that our final ACK will be written rather than being
nuked with the datalink transmission.
for the last NCP TLF.
o Move tun reading from the main loop into the bundle descriptor
handling routines.
o Cosmetic: Add a few `const's and make some diagnostics clearer.
using the scatter/gather array to transfer the link
information. The whole link is now passed in one message.
This is far better than the two `/bin/cat' processes per additional
link :-) I remember years ago thinking that file descriptor
transferral would be a really amazing facility !
Suggested by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
and: Eivind Eklund <eivind@yes.no>
