Commit Graph

1477 Commits

Author SHA1 Message Date
Peter Wemm
7dd6838582 Add a pretty cheesy hack to avoid a gcc-3.2.2 ICE (internal compiler
error) on amd64 when doing pointer subtraction.  This bug is already
fixed in gcc-3.3 (waiting for after the branch), and the hack will be
backed out at the first opportunity.  This is in the ipv6 code path.

Approved by:  re (scottl)
2003-05-25 07:39:06 +00:00
Ruslan Ermilov
db1e3a4f98 Erase whitespace at EOL.
Approved by:	re (blanket)
2003-05-22 11:56:41 +00:00
Ruslan Ermilov
f490cb986f Previous revision broke release building, unbreak it.
Prodded by:	scottl
2003-05-20 07:07:48 +00:00
Dag-Erling Smørgrav
7691f66abf Retire the useless NOSECURE knob.
Approved by:	re (scottl)
2003-05-19 15:52:01 +00:00
Hajimu UMEMOTO
b706c03da0 When session is over, IPv6 default route to tun should be
removed, too.

MFC after:	1 week
2003-04-05 10:10:33 +00:00
Hajimu UMEMOTO
977e6c08fe Set link-local address of tun interface with prefixlen = 64
instead of 128.  It makes RA happy.

Reported by:	rafa@dif.um.es,
		SHIRASAKI Yasuhiro <yasuhiro@nttv6.jp>
Reviewed by:	SHIRASAKI Yasuhiro <yasuhiro@nttv6.jp>
MFC after:	1 week
2003-04-04 11:09:08 +00:00
Hajimu UMEMOTO
bbdd270714 If IPCP is disabled, susccess of IPV6CP negotiation is sufficient
to communicate by IPv6.  So, the prompt should be `PPP' rather
than `PPp'.
2003-03-28 18:23:43 +00:00
Hajimu UMEMOTO
34894c56bc Don't install wrong IPv6 route by add command. 2003-03-26 06:30:11 +00:00
Brian Somers
92941b9076 Passing a u_char to ntohs() is guaranteed to give the wrong answer !
Submitted by:	Francis Dupont <Francis.Dupont@enst-bretagne.fr>
2003-03-26 02:27:32 +00:00
Brian Somers
9603d5b40d Add a ``force-scripts'' option for using chat scripts with -direct and
-dedicated links.

Submitted by:	Maksim Yevmenkin <myevmenk@exodus.net>
2003-03-26 02:03:08 +00:00
Hajimu UMEMOTO
3efad8b488 Once ppp session is over, the route to ff02::tun0/32 was
deleted, and never came back.  Now, the route to
ff02::tun0/32 is installed at the end of IPV6CP negitiaton.
2003-03-25 17:01:39 +00:00
Hajimu UMEMOTO
93193fc76c We need filling scopeid to install routes for link-local
scope addresses.
2003-03-25 16:49:08 +00:00
Hajimu UMEMOTO
11f9e243a2 Since ppp.link{up,down} is invoked at the end of IPCP negotiation, if
we need ppp.link{up,down}, we couldn't disable IPCP.  Now, if IPCP is
disabled, ppp.link{up,down} is invoked at the end of IPV6CP
negotiation.
2003-03-25 15:59:27 +00:00
Jens Schweikhardt
9d5abbddbf Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
Peter Wemm
6ceeb6902a utmp.ut_time and lastlog.ll_time are explicitly int32_t rather than
time_t.  Deal with the possibility that time_t != int32_t.  This boils
down to this sort of thing:
 -   time(&ut.ut_time);
 +   ut.ut_time = time(NULL);
and similar for ctime(3) etc.  I've kept it minimal for the stuff
that may need to be portable (or 3rd party code), but used Matt's time32
stuff for cases where that isn't as much of a concern.

Approved by: re (jhb)
2002-11-15 22:42:00 +00:00
Brian Somers
3c34956a21 If the peer gives us 0.0.0.0 as his IP number, NAK it rather than accepting
it as being in range.

  set ifaddr 1.2.3.4/0 5.6.7.8/0

no longer allows 0.0.0.0 as a valid IP.

Reported/tested by:	Bohdan Horst <nexus@hoth.amu.edu.pl>
MFC after:		3 days
2002-09-23 22:40:43 +00:00
Brian Somers
31c759c0ef Unbreak -DNOINET6
Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
MFC after:	1 day
2002-09-02 13:34:27 +00:00
Maxim Sobolev
88202a1f33 Correctly handle ifr.ifr_flags/ifr.ifr_flagshigh like ifconfig(8) does.
MFC after:	1 day
2002-08-29 12:52:28 +00:00
Brian Somers
a3c48b40e9 - made ppp compliant to RFC 2472 (based on a patch from another
contributor)
- support ipv6cpretry and ipv6cpretries, which are IPv6 versions
  of ipcpretry and ipcpretries.
- improve handling of IPv6 link-local addresses

Submitted by: JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp>
2002-08-29 02:44:58 +00:00
Brian Somers
6eafd35305 Include the correct file (stdarg.h) and use va_list rather than _BSD_VA_LIST_
Suggested by: mike
2002-08-27 20:11:58 +00:00
Brian Somers
90f28f9c3b Use _BSD_VA_LIST_ rather than __va_list if it's defined 2002-08-27 04:37:04 +00:00
Brian Somers
abc1373d37 Correct the FAQ url
Submitted by: Olivier Tharan <olive@oban.frmug.org>
2002-08-26 20:48:07 +00:00
Philippe Charnier
f0067240a1 Replace various spelling with FALLTHROUGH which is lint()able 2002-08-25 13:30:43 +00:00
Mike Barcroft
abbd890233 o Merge <machine/ansi.h> and <machine/types.h> into a new header
called <machine/_types.h>.
o <machine/ansi.h> will continue to live so it can define MD clock
  macros, which are only MD because of gratuitous differences between
  architectures.
o Change all headers to make use of this.  This mainly involves
  changing:
    #ifdef _BSD_FOO_T_
    typedef	_BSD_FOO_T_	foo_t;
    #undef _BSD_FOO_T_
    #endif
  to:
    #ifndef _FOO_T_DECLARED
    typedef	__foo_t	foo_t;
    #define	_FOO_T_DECLARED
    #endif

Concept by:	bde
Reviewed by:	jake, obrien
2002-08-21 16:20:02 +00:00
Ruslan Ermilov
a654c53e16 mdoc(7) police: Removed redundant .Ns calls. 2002-08-13 16:07:28 +00:00
Marc Fonvieille
9a091256a9 Correct URL to the FAQ
MFC after:	1 week
2002-07-31 10:05:00 +00:00
Marc Fonvieille
1061be04b3 Correct links to Handbook's pages, old URLs does not work anymore.
MFC after:	1 week
2002-07-30 21:04:26 +00:00
Brian Somers
541e4966fc Do a case insensitive comparison when comparing the ms-chap response
string.
2002-07-30 08:09:26 +00:00
Brian Somers
f4359ccbbc Remove unused calls to inet_addr() 2002-07-18 18:50:05 +00:00
Brian Somers
4dc4e1ee89 Back out the previous revision
Objected to by: Andre Oppermann <oppermann@pipeline.ch>

After Andre's objection, I've re-examined rfc 2759 and noted that it
says that the domain name shouldn't be used when generating the
NT-Response field.  So it looks like the bug is in freeradius rather
than in ppp.
2002-07-04 23:33:35 +00:00
Brian Somers
27dc75f10c If we've given a domain name prefix as the authentication name, strip
it off before passing it on to the RADIUS server for authentication.
2002-07-03 20:51:13 +00:00
Brian Somers
3285bb3c97 Don't trust the MPPE key lengths passed back from the RADIUS server.
Instead, use the correct values based on the number of bits actually
negotiated.

Spotted by: Sergey Korolew <ds@rt.balakovo.ru>
2002-07-02 00:47:24 +00:00
Brian Somers
e0efa79664 Remove some misleading/wrong diagnostics 2002-07-02 00:12:24 +00:00
Brian Somers
dfc1b4ac01 Show the port number (tty slot, pppoe session id etc) under
``show physical''.
2002-06-30 01:46:22 +00:00
Brian Somers
6ca7707b44 When a netgraph message is read, look for another before returning.
This removes a bad latency problem during initial setup where we
end up waiting for too long before reading the connected message
and time the connection out.

Problem figured out by:	Andre Albsmeier <andre@albsmeier.net>
2002-06-29 18:49:08 +00:00
Brian Somers
23ddebe20f Don't use SignalBundle if it's not set
Submitted by: Federico G. Schwindt <fgsch@olimpo.com.br>
2002-06-28 09:33:25 +00:00
Brian Somers
579abfd895 Complain about (and fix) misformatted RADIUS attributes rather than silently
fixing them.
2002-06-28 09:18:15 +00:00
Brian Somers
2f11f09fee When a RADIUS server is being used, don't use MPPE unless the RADIUS
server says it's ok.
2002-06-28 08:46:21 +00:00
Brian Somers
99cfc2e2b2 Add a hack to handle RADIUS responses from peers that forget that
there's an ``Ident'' field in the MS-CHAP2-Response and
MS-CHAP-Error attributes.

The RADIATOR server seems to be guilty of this.
2002-06-23 23:38:06 +00:00
Brian Somers
dbc46ca401 Don't expect NUL terminated data in all netgraph messages received.
Only display message hook values we understand.
2002-06-22 21:01:47 +00:00
Brian Somers
250be50b72 Compensate for dodgy Win98/WinME MSCHAPv2 responses later in the code
path... after we've talked to any RADIUS servers involved, so that we
haven't touched the data before it gets to the server.

Make it clearer in the code that this compensation is done by setting
a flag to a value of zero, a flag which rfc2759 says *MUST* be zero.

While we're here, don't bother passing the peer challenge into
radius_Authenticate().  It's already part of the key we're passing in
(this becomes obvious now that I've structured that data...).

This ``fix'' doesn't help to authenticate Win98/WinME users in my test
environment as ports/net/freeradius seems to ignore the flag
completely anyway, but it may help with other RADIUS servers.
2002-06-17 01:12:38 +00:00
Brian Somers
3627fe880c A better prinflike fix... 2002-06-15 08:03:59 +00:00
Brian Somers
10be78d3ae Remove whitespace at the end of lines. 2002-06-15 08:03:30 +00:00
Brian Somers
3db951841c Fix a printflike format error 2002-06-15 01:36:36 +00:00
Brian Somers
61fe3f63bc Remove a forgotten diagnostic 2002-06-15 01:35:03 +00:00
Brian Somers
635ad5f021 If a RAD_FILTER_ID is supplied by the RADIUS server, treat it as an
additional label from ppp.linkup & ppp.linkdown to load.

Suggested and mostly submitted by: andrew pavlov <and@kremenchug.net>
2002-06-12 23:45:15 +00:00
Brian Somers
aea6acb6da Bump the version number to reflect the recent RADIUS commits 2002-06-12 23:00:12 +00:00
Brian Somers
a95b23a6b2 Don't forget to process the Ident field on the front of
RAD_MICROSOFT_MS_CHAP_ERROR and RAD_MICROSOFT_MS_CHAP2_SUCCESS
messages, and remove the hack in chap.c to ignore that ident field
on the client side.

This anomoly was hacked around during development, and I forgot to
go back and fix it properly.

Spotted by: Sergey Korolew <ds@rt.balakovo.ru>
2002-06-12 21:36:07 +00:00
Brian Somers
8fb5ef5ae2 Understand the following Microsoft Vendor Specific RADIUS attributes:
RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY
  RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES
  RAD_MICROSOFT_MS_MPPE_RECV_KEY
  RAD_MICROSOFT_MS_MPPE_SEND_KEY

These attributes may be supplied by a RADIUS server when MSCHAPv2 is
used to authenticate.

It *should* now be possible to build ppp with -DNODES and still support
CHAP/MSCHAP/MSCHAPv2/MPPE via a RADIUS server, but the code isn't yet
smart enough to do that (building with -DNODES just looses these
facilities).

Sponsored by: Monzoon
2002-06-12 00:33:17 +00:00
Brian Somers
12b5aaba39 Cast pid_t to long for printf()ing
Obtained from:	OpenBSD
2002-06-06 01:39:46 +00:00