Commit Graph

94 Commits

Author SHA1 Message Date
Brian Somers
9c97abd8c3 o Allow the use of HISADDR as the first arg to "add".
o Allow a forth argument in ppp.secret, specifying a new
  label.  This gives control over which section of
  ppp.link{up,down} is used based on the authenticated user.
o Support random address ranges in ppp.secret (not just in ppp.conf).
o Add a AUTHENTICATING INCOMING CONNECTIONS section to the man page.
o Add a bit more about DEFLATE in the man page.
o Fix the incorrect "you must specify a password in interactive
  mode" bit of the manual.
o Space things in the man page consistently.
o Be more precice about where you can use MYADDR, HISADDR and INTERFACE
  in the "add" command documentation.
1998-01-05 01:35:20 +00:00
Brian Somers
e1375e2807 Make it clear that using "add ...." in ppp.conf when
not in -auto mode isn't a good idea, and that the
add should be done in ppp.linkup instead.

Change "add 0 0 HISADDR" to "add default HISADDR".  It's
more intuitive.
1998-01-04 21:28:49 +00:00
Brian Somers
65eea2e0fa Allow "add! dst mask gw" (note the ``!'') to do an
RTM_CHANGE if the RTM_ADD fails with an EEXIST.
Allow "delete! dst" (note the ``!'') to silently
fail if the RTM_DELETE fails with an ESRCH.
Also, make the ESRCH and EEXIST error conditions
more understandable to the casual observer.
1997-12-30 02:45:48 +00:00
Brian Somers
313572f3e3 Allow (and document) execution of commands from within
our chat script.
You can now even run chat(8) - see ppp.conf.sample.
1997-12-27 07:22:12 +00:00
Brian Somers
8fe71e0656 Allow multiple (comma seperated) devices on the "set device" line.
Submitted by: Derek Inksetter <derek@saidev.com>
1997-12-21 03:16:19 +00:00
Brian Somers
857a4bf337 Mention that leading whitespace is ignored when identifying comments. 1997-12-21 02:34:27 +00:00
Brian Somers
0ecc184e10 Cosmetic: Remove blank lines, add .Pp where necessary.
Submitted by:	Theo de Raadt <deraadt@cvs.openbsd.org>
1997-12-21 01:07:13 +00:00
Brian Somers
a09d09cbe7 Don't log the actual password when command-logging
"passwd xxxx".
1997-12-18 00:28:36 +00:00
Brian Somers
72ca96bfa5 o Log ******** instead of the actual password for "set authkey"
when command logging is switched on.
o Display ******** for the authkey for "show auth"
o Document how \P should be used, and document the other chat escapes
  while I'm there.
o Make sure the full command is displayed when a compound command
  fails - ie, "set novar rubbish" should say "set novar: Invalid command"
  rather than "novar: Invalid command"

Problem pointed out by: Theo de Raadt <deraadt@cvs.openbsd.org> (among others)
1997-12-17 21:21:42 +00:00
Brian Somers
b399b74b2d Wrap long lines
Submitted by:	Greg Lehey <grog@lemis.com>
1997-12-16 00:32:35 +00:00
Brian Somers
bcc332bdb0 Allow random IP number allocation to peer.
Validate the peers suggested IP by attempting to make a routing table
entry.
Give up IPCP negotiation if the peer NAKs us with an unusable IP.
Always SIOCDIFADDR then SIOCAIFADDR when configuring the tun device.
Using SIOCSIFDSTADDR allows duplicate dst addresses (which we don't
want)!!!
Allow up to 200 interface names (was 50) (now that ppp can play server
properly).
Up the version number (1.5 -> 1.6).

Cosmetic:
  Log unexpected CCP packets in the CCP log rather than the ERROR log.
  Log unexpected Config Reqs in the appropriate LCP/IPCP/CCP log rather
  than the ERROR log.
  Log failed route additions and deletions with WARN, not TCPIP.
  Log the option id and length for unrecognised IPCP options.
  Change some .Sq to .Ar in the man page.
1997-12-13 02:37:33 +00:00
Brian Somers
f01e577b07 Only allow one arg to `delete' - the mask & gateway aren't necessary.
Delete AF_LINK routes as well as AF_INET.
Allow the word `default' as the arg to `delete' or in place of the
first two args (dest & netmask) to `add'.
Accept INTERFACE as the third arg to `add'.

  You can now say `add default interface' to create a default route
  through the tun interface.  It's reported that subsequent bind()s
  will bind to a broadcast address and not to the address currently
  assigned to the tun device - this is the first step towards
  supporting that first connection that was around from before the
  dynamic IP negotiation....
1997-12-07 04:09:15 +00:00
Brian Somers
4bc84b8c11 Fix the CCP Type field value for DEFLATE.
(I *really* meant to do this  *before* committing the
deflate changes in the first place - oops).

Pppd is horribly broken in this respect - refer to the
ppp man page for details.  Ppp *WON'T* negotiate deflate
with pppd by default - you must ``enable'' and ``accept''
``pppd-deflate'' in your config.

While I'm in there, update the cftypes in ccp.c so that
we recognise some more protocols (we don't actually do
anything with them - just send a REJ).
1997-12-03 23:28:02 +00:00
Brian Somers
0053cc58a9 Abstract the CCP layer a level.
Add DEFLATE support.
1997-12-03 10:23:54 +00:00
Brian Somers
9a0b991f97 Add throughput logging (disabled by default).
Use "enable throughput" to see modem & IPCP throughput.
Removed an extraneous prompt()
1997-11-18 14:52:08 +00:00
Brian Somers
b351d6b7c3 uucplock is in section 3 not section 8 ! 1997-11-14 20:07:39 +00:00
Brian Somers
12ef29a81a Finish the security improvements:
o Add "allow" command:
      "allow users a b c" gives access to users a, b and c.
      "allow modes auto"  gives those users access to auto mode only.
      "allow users *" and  "allow modes *" are accepted.
      No users and all modes are allowed by default.
    UID 0 can do anything.
  o Set the current label with the "load" and "dial" commands
    so that the call to ppp.linkdown makes sense.
  o Up the verison number.
  o Don't OR MODE_AUTO for -background and -ddial.
  o Don't OR MODE_INTER when we get a diagnostic connection.
  o Allow up to 40 args per line (was 20).
  o "set ifaddr" only changes the interface in AUTO mode (with other
    modes, it happens after IPCP negotiation).
  o Sort command descriptions in the man page.
  o Support -dedicated mode where we just talk ppp forever (no login etc).
1997-11-11 22:58:14 +00:00
Brian Somers
8ea8442c9a Don't create a diagnostic socket by default.
Allow a password spec on the "set server" command line.
Use SIGUSR2 to close the diagnostic socket.
Some man page corrections.
1997-11-09 22:07:29 +00:00
Brian Somers
da2a8b4d42 Add the "!include" syntax.
Return 0 from "show" commands.
1997-11-09 17:51:27 +00:00
Brian Somers
50454ee744 Remove the use of $HOME/.ppp.* 1997-11-09 13:18:51 +00:00
Brian Somers
5106c67149 Introduce ID0 logging.
Stay as the invoking uid as much as possible.
Execution as a normal user is still forbidden for now,
so these changes are pretty ineffective.
The next commit will implement the modifications suggested
on -hackers a number of days ago.
1997-11-09 06:22:49 +00:00
Brian Somers
87786af251 Typo police. 1997-11-08 12:37:33 +00:00
Brian Somers
9633be85d7 o Spelling police.
o  Emphasize ``PPP''
o  x-ref other programs
o  Some minor clarifications
1997-11-06 00:25:33 +00:00
Brian Somers
a1e8f9372a Introduce [local] to "set log [local] ...". This spits
logging out to the screen in terminal mode - should be
good for installation problem diagnosis.
1997-11-04 01:17:05 +00:00
Brian Somers
d37641d82c Refer a bit to pppctl.
Suggested (far to subtly for his own good) by:	joerg
1997-10-05 14:27:08 +00:00
Brian Somers
6c9e376dfe Cosmetic: Be specific about using TABs in syslog.conf. 1997-10-05 10:29:32 +00:00
Brian Somers
7351f9d8e8 Allow Microsoft CHAP authentication.
This is a combination of MD4 & DES.
Submitted by:	Gabor Kincses <gabor@acm.org>
1997-09-25 00:52:37 +00:00
Brian Somers
301127fb0a Don't allow accept/deny when it's not appropriate.
Log PAP/CHAP users in utmp & wtmp, allowing it to
be avoided with "disable utmp"
1997-09-22 23:59:16 +00:00
Brian Somers
599864f851 Add a pppctl(8) xref.
Suggested by:	joerg
1997-09-21 13:06:43 +00:00
Brian Somers
f919b46768 Support CHAP using MD4
Suggested by: jordan
1997-09-17 23:17:57 +00:00
Brian Somers
10a91a42fc Cosmetic: Remove unused variables and build on OpenBSD. 1997-09-10 02:20:35 +00:00
Brian Somers
506474c87a Document the use of PAP/CHAP properly. 1997-09-09 21:01:53 +00:00
Brian Somers
881a8bbf54 Disable LQR by default. It causes too many problems
with too many ISPs to be a good default.  LQR is still
accepted by default.
1997-09-07 01:00:06 +00:00
Brian Somers
683cef3c33 Install as group ``network''
Insist that uid == 0 for client ppp
Disallow client sockets if no password is specified
Don't exit on failure to open client socket for listening
Allow specification of null local password
Use reasonable size (smaller) ``vector''s in auth.c
Fix "passwd ..." usage message
Insist on "all" as arg to "quit" (if any)
Drop client socket connection before Cleanup() when "quit all"
1997-09-04 00:38:22 +00:00
Brian Somers
709db7fbee Remove use of login_progok()
Suggested by: guido
1997-08-31 20:07:03 +00:00
Brian Somers
ce28475da5 Use login_progok(). 1997-08-27 20:11:16 +00:00
Brian Somers
4e752f44f0 Check the "prog.deny" login.conf capability and
refuse to run if "ppp" is in the list.
Suggested by:	"Daniel O'Callaghan" <danny@panda.hilink.com.au>
1997-08-26 23:20:16 +00:00
Brian Somers
81816fc583 Phone the number after the ``|'' whether the dial
OR login script fails.

Catch a small typo in the man page.
1997-08-23 23:14:24 +00:00
Brian Somers
c16615aa8b Update doc to use MYADDR in ppp.conf. 1997-08-21 17:16:21 +00:00
Brian Somers
de451c685c Add "set loopback on|off", defaulting to "on".
This tells ppp to loopback packets addressed to
the ppp interface IP coming *from* the tun
device.

This means that you can ping the tun interface IP
from inside :-)
1997-08-21 16:21:39 +00:00
Brian Somers
cb611434af Expand the "set stopped" command so that it can
idependently time out any of the FSMs.

Split LCP logging into LCP, IPCP and CCP logging,
and make room in "struct fsm" for the log level
that the state machine should use.
1997-08-20 23:47:53 +00:00
Daniel O'Callaghan
d053d1b926 Spelling police. 1997-08-19 11:27:00 +00:00
Daniel O'Callaghan
441de788b1 Typo fixes. 1997-08-19 11:18:34 +00:00
Brian Somers
3f6fd9230e Correct the forth arg to "set ifaddr". If specified,
it gives the IP number that should be used for initial
IPCP config requests, irrespective of MYADDR.
1997-08-19 01:10:24 +00:00
Brian Somers
b48dfe09c7 Introduce the "bg" command. It's pretty
much the same as "shell", but it's in the
background.
1997-08-18 20:15:10 +00:00
Brian Somers
0444761561 Typo police 1997-08-17 22:45:25 +00:00
Brian Somers
71144dc552 Allow the use of a "stopped" timeout via the
"set stopped" directive.  If the timeout occurs
it will cause a "Down" event, hanging up the line
if it's still up.  This *isn't* part of the FSM
diagram, but I consider it ok as a "higher level
implementation specific timeout" as specified in
the rfc ;-}

Discussed briefly with:	joerg
1997-08-17 20:45:50 +00:00
Brian Somers
5b9b04192a Allow specification of fallback phone numbers to
be used only if the dial script fails.
PR:		4262
1997-08-17 20:38:45 +00:00
Brian Somers
cad5afb077 Correct default log file name.
PR:		4065
Prompted by:	Steve Price <sprice@hiwaay.net>
Submitted by:	sjr1@flash.net
1997-08-10 22:03:20 +00:00
Brian Somers
c09be724d6 Allow a "hangup" capability.
You can now "ATZ" your modem when it's closed.

Submitted by:	peter@citylink.dinoex.sub.org (Peter Much)
1997-07-14 01:41:35 +00:00