Commit Graph

1200 Commits

Author SHA1 Message Date
brian
ffae273af1 Remove a bogus log_Id() decl 2001-11-23 11:15:35 +00:00
brian
c382139ffc Fix usage for the log command 2001-11-23 11:07:43 +00:00
brian
798ae959dd Whitespace tweak 2001-11-23 10:46:28 +00:00
brian
3d0a99567d Expand the first argument of the ``log'' command if it's a variable. 2001-11-22 04:23:49 +00:00
brian
b75f43a062 Document that an UPTIME variable is now available 2001-11-22 01:44:23 +00:00
brian
8b244d6bae Remove unused variables 2001-11-04 16:19:05 +00:00
brian
6a1de171ac Add a ``log'' command for logging specific information.
Add an ``UPTIME'' variable to indicate the bundle uptime.

It's now possible to put something like this in ppp.linkdown
for a server setup:

  MYADDR:
    log Session closing: User USER, address HISADDR, up UPTIME

Fixed some memory leakage with commands that expand words.
Made some functions static.
Fixed a diagnostic bug (iface add .... SIOCDIFADDR)
2001-11-03 21:45:32 +00:00
brian
0c094f30d4 Call CCP protocol -1 ``none'' 2001-11-03 19:29:30 +00:00
brian
c6127e6abf cmott@scientech.com -> cm@linktel.net
Requested by: Charless Mott <cmott@scientech.com>
2001-11-03 11:36:17 +00:00
brian
5106c4a534 Don't avoid setting a 0 second timer in datalink_StartDialTimer() by
not setting any timer.  Instead, set a 1 millisecond timer.

This ensures that ppp will come out of it's select() call after
losing carrier in -ddial mode with a reconnect period of 0 and
going to ST_OPENING, rather than waiting indefinitely for some
other event to wake ppp up.

Bump the ppp version number to indicate the event.

MFC after: 3 days
2001-10-23 13:52:19 +00:00
peter
2e67ce5d64 ia64 support. Due to the bogus placement of some i4b includes, it is
i386-only, even though it would work on all the isa-capable platforms.
Change the NOI4B so that instead of excluding alpha, it only includes i386.
2001-10-23 10:20:24 +00:00
brian
4a51aeed51 Include the right i4b files for NetBSD 2001-10-19 15:56:56 +00:00
brian
381bbd2320 Fix AUTH callback negotiations.
MFC after: 1 week
2001-10-18 08:48:04 +00:00
brian
f9a9a183bf When the peer fails to specify an MRU and a 1500 byte MRU is not
allowed either because of the transport or configuration, send a
MRU NAK only once, then allow the negotiations to proceed.

rfc1661 says that 1500 should always be allowed and rfc2516 says
that 1492 is the maximum for PPPoE.  This changes ppp so that it
only weakly suggests 1492, then goes with the default (leaving
the problem in the hands of the peer WRT how they set their MTU).

MFC after: 1 week
2001-10-18 08:47:56 +00:00
dwmalone
86cf053ae0 Hopefully improve control message passing over Unix domain sockets.
1) Allow the sending of more than one control message at a time
over a unix domain socket. This should cover the PR 29499.

2) This requires that unp_{ex,in}ternalize and unp_scan understand
mbufs with more than one control message at a time.

3) Internalize and externalize used to work on the mbuf in-place.
This made life quite complicated and the code for sizeof(int) <
sizeof(file *) could end up doing the wrong thing. The patch always
create a new mbuf/cluster now. This resulted in the change of the
prototype for the domain externalise function.

4) You can now send SCM_TIMESTAMP messages.

5) Always use CMSG_DATA(cm) to determine the start where the data
in unp_{ex,in}ternalize. It was using ((struct cmsghdr *)cm + 1)
in some places, which gives the wrong alignment on the alpha.
(NetBSD made this fix some time ago).

This results in an ABI change for discriptor passing and creds
passing on the alpha. (Probably on the IA64 and Spare ports too).

6) Fix userland programs to use CMSG_* macros too.

7) Be more careful about freeing mbufs containing (file *)s.
This is made possible by the prototype change of externalise.

PR:		29499
MFC after:	6 weeks
2001-10-04 13:11:48 +00:00
ru
1020d31fd1 Keep up with sys/net/rtsock.c,v 1.58.
Prodded by:	brian
2001-09-21 16:14:53 +00:00
brian
5903e1d51b sigpause() -> sigsuspend()
sigblock() -> sigprocmask()
2001-09-13 10:03:30 +00:00
brian
a03bd6b238 Correct alignment issues
Obtained from: OpenBSD
2001-09-13 10:03:20 +00:00
brian
2887552f52 Spell syslog.conf correctly
Submitted by:	Tony Finch <dot@dotat.at>
PR:		30545
2001-09-13 09:06:51 +00:00
brian
d99614d082 Fix a diagnostic 2001-09-04 22:07:56 +00:00
brian
5151b2478a Some cosmetic changes to sync with OpenBSD 2001-08-27 19:08:43 +00:00
brian
350c4e6271 Send a reset request for every packet received when our encryption
dictionaries are out of sync.

This avoids the complications that happen when our original reset
request gets lost in transit (quite likely in hind sight, given a
lossy link) when we end up ignoring the peer for the next (up to)
256 packets.

Submitted by:	Nick Sayer <nsayer@quack.kfu.com>
2001-08-27 10:42:21 +00:00
brian
5053d4fa27 Handle return values of 0 from NgRecvMsg() properly. 2001-08-24 14:53:41 +00:00
brian
2286423a99 o Enable IFF_MULTICAST when first opening the tun device (and keep the flag
when we ioctl(TUNSIFINFO) under OpenBSD)
o Don't bring the interface up immediately
o Don't complain about unrecognised interface flags in ``show iface''.
2001-08-21 11:07:58 +00:00
brian
9e766e7f13 Handle snprintf() returning < 0 (not just -1)
MFC after:	2 weeks
2001-08-20 15:09:34 +00:00
brian
7ac94dd0fb Properly change old interface addresses so that their destination is
255.255.255.255 if our new destination address conflicts.
2001-08-20 11:06:21 +00:00
brian
c400ea8f0c Add some comments to explain what's going on here 2001-08-20 10:25:23 +00:00
brian
0630cc6224 When attempting to change the default route, don't write the gateway
and mask to the routing socket, otherwise the update fails.

Warning provided by: markm

The code here was broken for FreeBSD when IPv6 support was added, but
was fixed for OpenBSD.  OpenBSD expects the gateway and mask to be
supplied and fails the update otherwise.
2001-08-20 00:46:33 +00:00
brian
b379a150f1 Add some casts.
Not spotted by: FreeBSD's gcc version 2.95.3 20010315 (release)
Spotted by: OpenBSD's gcc version 2.95.3 20010125 (prerelease)
2001-08-19 22:23:28 +00:00
brian
5d20b14f87 Add a missing % in a format string.
Not spotted by: FreeBSD's gcc version 2.95.3 20010315 (release)
Spotted by: OpenBSD's gcc version 2.95.3 20010125 (prerelease)
2001-08-19 22:23:23 +00:00
brian
317909c436 Avoid a compiler warning
Not spotted by: FreeBSD's gcc version 2.95.3 20010315 (release)
Spotted by: OpenBSD's gcc version 2.95.3 20010125 (prerelease)
2001-08-19 22:23:22 +00:00
brian
d100840eb7 Better handling for the return of snprintf(). 2001-08-18 22:43:11 +00:00
brian
1f224ee69c If AF_INET6 isn't available in the kernel, revert to creating AF_INET
listening sockets in ``set server''.
2001-08-18 19:16:56 +00:00
brian
bf052a7555 Back out the previous fix to deal with kernels that don't support IPv6,
and implement a far more subtle and correct fix.

The reason behind the infinite loop was that ppp was trying to make up
initial IPv6 numbers and wasn't giving up when it failed unexpectedly to
assign the addresses it just fabricated to it's interface (thinking that
the reason was because another interface was using the same address).
It now attempts this up to 100 times before just failing and trying to
muddle along (in reality, this should never happen more than a couple
of times unless our random number generator doesn't work).

Also, when IPv6 is not available, don't even try to assign the IPv6
interface address in the first place...
2001-08-18 19:07:13 +00:00
brian
cfa5d0ff52 Run correctly on a machine built without AF_INET6 support 2001-08-18 13:04:52 +00:00
brian
fb43a54a68 Build properly with -DNOINET6 2001-08-18 12:31:54 +00:00
brian
7fdf4b8b81 Build properly with -DNOIPV6 2001-08-18 12:30:41 +00:00
brian
e029be4212 Add two missing includes 2001-08-16 16:58:12 +00:00
brian
b12d9337ec Remove an unused variable 2001-08-16 16:58:02 +00:00
ru
e009d64b80 mdoc(7) police: markup nit, removed whitespace at EOL. 2001-08-16 08:26:04 +00:00
brian
9311b9a0c6 Specify the gateway address when updating the MTU and send/recv pipe
sizes on a route.

IMHO this shouldn't be necessary (the destination & mask/prefixlen
should be enough), but without it, the default route update under
OpenBSD will fail.

Thanks to: Russell T Hunt <alaric@MIT.EDU>
2001-08-16 02:01:05 +00:00
brian
435f044654 Fix a couple of forgotten comments 2001-08-16 02:00:55 +00:00
brian
1b1f9ae878 Probe for the availability of AF_INET6 at startup. If it's not
available, default ipv6cp to disabled and refuse to let the user
enable it.
2001-08-15 13:53:38 +00:00
brian
bbebfb9f8c Don't show a prefixlen when a destination address is present
in ``show iface''.
2001-08-15 13:05:39 +00:00
brian
db01b7581a Add a missing newline 2001-08-15 12:48:09 +00:00
brian
c0bbf51bca Don't forget to attache the sticky route change to the ncp structure.
PR:	29726
2001-08-15 12:47:51 +00:00
brian
7ff7ff405e Avoid calling bits2mask4() when bits is -1. 2001-08-15 12:07:39 +00:00
brian
de3feff3f8 o Add ipv6 support, abstracting most NCP addresses into opaque
structures (well, they're treated as opaque).

  It's now possible to manage IPv6 interface addresses and routing
  table entries and to filter IPV6 traffic whether encapsulated or
  not.

  IPV6CP support is crude for now, and hasn't been tested against
  any other implementations.

  RADIUS and IPv6 are independent of eachother for now.

  ppp.linkup/ppp.linkdown aren't currently used by IPV6CP

o Understand all protocols(5) in filter rules rather than only a select
  few.

o Allow a mask specification for the ``delete'' command.  It's now
  possible to specifically delete one of two conflicting routes.

o When creating and deleting proxy arp entries, do it for all IPv4
  interface addresses rather than doing it just for the ``current''
  peer address.

o When iface-alias isn't in effect, don't blow away manually (via ``iface
  add'') added interface addresses.

o When listening on a tcp server (diagnostic) socket, bind so that a
  tcp46 socket is created -- allowing both IPv4 and IPv6 connections.

o When displaying ICMP traffic, don't display the icmp type twice.
  When display traffic, display at least some information about unrecognised
  traffic.

o Bump version

Inspired after filtering work by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org>
2001-08-14 16:05:52 +00:00
ru
4e5771e1b8 mdoc(7) police: s/OpenBSD/.Ox/ where appropriate. 2001-08-13 16:43:02 +00:00
brian
5317e49dea Preprocess ppp.8.m4 into ppp.8, taking into account any compile time
options used to build ppp.

Currently, this is a no-op and only handles LOCALNAT and LOCALRAD cases.

This will be used for the upcoming ipv6 changes, and allows a shared
man page between OpenBSD and FreeBSD.
2001-08-11 18:27:14 +00:00
brian
72b206d9b8 Change copyright to BSD-style copyright.
Ok'd by:	Gabor Kincses <gabor@acm.org>
2001-08-10 17:42:58 +00:00
ru
4345758876 mdoc(7) police:
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
2001-08-07 15:48:51 +00:00
brian
238b01d898 Warn when a CHAP81 SUCCESS packet is invalid due to an incorrect S= value. 2001-08-03 09:28:21 +00:00
brian
967f33f3bc The wrong-last-byte bug on win98 chap responses is also in winME 2001-08-02 20:12:48 +00:00
brian
c98910abd5 Add a ``nat punch_fw'' command for punching FTP and IRC DCC holes through
the firewall.
2001-08-02 10:16:32 +00:00
brian
704f051282 Don't include a NUL at the end of our CHAP SUCCESS packet.
When encryption (MPPE) is enabled, WindowsME and Windows98 both
fail because of the extra byte, suggesting that they autheticated
successfully in their log and then dropping the connection, telling
the user that the peer doesn't support compatible encryption
options.

MFC after: 1 week
2001-07-31 21:36:00 +00:00
brian
160b405b91 Remove an irritating diagnostic emitted to LogPHASE when a
static proxy arp entry is deleted.

Rename a function (for consistency) and remove some whitespace
(for readability).

MFC after:	1 week
2001-07-31 15:19:07 +00:00
brian
8466587a00 When we receive a CHAP81 challenge response, we always expect the last
byte of the packet to contain '\0'.

Windows 98 gets this wrong, dropping garbage into the last byte and
failing authentication.

Now, we notice this and whinge to our log file that we're compensating
for the corrupt data.
2001-07-31 08:21:39 +00:00
brian
635801f2ed If the peer REJects our MRU REQ, stop REQing it -- *EVEN* if we're
doing PPPoE and the default MRU is therefore too big.

When negotiating with win2k, we ask for MRU 1492 and the win2k box
NAKs us saying ``MRU 1492''.  This doesn't make sense to me.  When
we continue to request MRU 1492, the win2k box eventually REJs our
MRU.  This fix allows negotiations to continue at that point,
bringing the link up and potentially allowing the win2k box to send
us frames that are too large.  AFAICT this is better than failing
to bring the link up.... probably !

I have no idea how to do the equivalent of ``route get'' or
``ifconfig -a'' under win2k, so I can't tell what MTU it actually
ends up using.

I believe the bug is in win2k (it's certainly mis-negotiating).
I'll MFC given the release engineers permission as code freeze
begins on August 1.

PR:		29277
MFC after:	3 days
2001-07-30 17:04:39 +00:00
brian
8ab0acdbe9 Change permissions back to 4554/554
Suggested by:	kris
2001-07-28 11:58:41 +00:00
brian
933d065af2 If the peer sends a REQ without the IPADDR option, only reject it
once.  If they repeat the request (again without the IPADDR option)
ACK it.

I've had reports that some ppp implementations will not assign
themselves an IP number.  This should negotiate with such things.

MFC after:	3 days
2001-07-28 11:32:08 +00:00
brian
f19a3f3d63 Handle peer REQ/NAKs of >1500 byte MRUs when we have no preference.
MFC after: 3 days
2001-07-26 11:33:53 +00:00
brian
47bc6ecf64 Change permissions from [4]554 to [4]551
MFC after: 3 days
2001-07-25 11:44:04 +00:00
obrien
9c97c8f02d Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.
2001-07-20 06:20:32 +00:00
obrien
be022bb715 Remove GCC'isms in CFLAGS. 2001-07-20 04:23:13 +00:00
brian
0906f6dada Bring the PPPoE Ethernet interface up *BEFORE* we send the node a
CONNECT message.

MFC after: 1 week
2001-07-18 09:33:45 +00:00
brian
adc22e971c Ignore (with a warning message) mtu/mru configurations that are greater
than the maximum physical values.

MFC after: 1 week
2001-07-17 01:06:13 +00:00
brian
27ff1556c8 TCPMSS adjusts all TCP SYN packets, not just outgoing ones.
Pointed out by: ru
2001-07-16 17:02:10 +00:00
dd
911ca14c87 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
brian
c29f79581e Perform MSS fixups on incoming packets as well as outgoing.
MFC after: 1 week
2001-07-13 02:04:19 +00:00
dd
eaa6ee03b8 mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
brian
ef44874abb Fix the type of the last arg to execl()
Obtained from: OpenBSD
2001-07-09 08:17:47 +00:00
brian
e5e53f5188 Staticise the OpenBSD SHA1_End() function 2001-07-09 00:45:57 +00:00
brian
e3b3f682a9 Stay (backwards-)compatible with OpenBSD's groff 2001-07-09 00:13:49 +00:00
brian
a3c5f8aba8 Add a ``nat proto'' command -- similar to natd(8)'s -redirect_proto switch.
MFC after: 3 weeks
2001-07-09 00:07:56 +00:00
brian
c11e4967f8 Don't try to dereference the -1th ccp algorithm array entry when we
open CCP with no algorithm.
2001-07-07 13:12:07 +00:00
brian
b93f87d791 When we miss one or more packets in stateful mode *and* need to
perform a key change, *and* our sequence numbers have wrapped,
ensure that the number of key changes is calculated correctly.

The previous code counted down from a negative number to zero,
re-encrypting the current key on each iteration - this took some
time and strangely enough got the answer wrong !!!

Fix a(nother) spelling mistake while I'm there.
2001-07-07 03:06:20 +00:00
brian
92b94fe6a1 Spell stateful properly
Inconsistently done by:	brian
Spotted by:		ru
2001-07-06 23:45:32 +00:00
ru
e1827422c1 mdoc(7) police: removed hard sentence breaks, sorted xrefs. 2001-07-05 11:01:12 +00:00
brian
b44d6474df Make the last fix work properly on descriptors 1 and 2 (not just 0) 2001-07-04 09:32:34 +00:00
brian
746c94eef4 Handle any of descriptors 0, 1 or 2 being closed when we're
envoked -- don't use them (as return values from open()), then
(say) close(STDIN_FILENO) when daemonising.

This is done by grabbing 3 descriptors to /dev/null at startup and
releasing them after we've daemonised.

MFC after: 1 week
2001-07-04 03:34:20 +00:00
brian
0deba2c342 Reduce the interface MTU by 2 when MPPE has been successfully negotiated.
This is necessary because MPPE will combine the protocol id with the
payload received on the tun interface, encrypt it, then prepend its
own protocol id, effectively increasing the payload by two bytes.
2001-07-03 22:20:19 +00:00
brian
c6b698395d Don't accept chap80lm by default - it doesn't work.
MFC after: 1 week
2001-07-03 22:20:11 +00:00
brian
da14c6a0f2 Silence some gcc warnings 2001-07-03 22:20:06 +00:00
brian
9251775bc4 Do away with the ``err'' variable.
Inspired by: kris
2001-07-03 01:02:26 +00:00
kris
be14d2652a Silence some of the -Wnon-const-format warnings and add __printflike()
to a function prototype which needs it.

Approved by:	brian
MFC After:	2 weeks
2001-07-02 12:27:49 +00:00
brian
96c4f4c55f Avoid using too many args for ``set m[tr]u''
This needs to work with OpenBSD's groff too :(
2001-06-20 19:55:58 +00:00
brian
12a7d2d747 Call va_start/va_end for each call to vfprintf
Obtained from: OpenBSD
2001-06-18 23:24:26 +00:00
brian
e0acd9811e Add support for stateful MPPE (microsoft encryption) providing
encryption compatibility with Windows 2000.  Stateful encryption
uses less CPU but is bad on lossy transports.

The ``set mppe'' command has been expanded.  If it's used with any
arguments, ppp will insist on encryption, closing LCP if the other
end refuses.

Unfortunately, Microsoft have abused the CCP reset request so that
receiving a reset request does not result in a reset ack when using
MPPE...

Sponsored by:	Monzoon Networks AG and FreeBSD Services Limited
2001-06-18 15:00:22 +00:00
brian
14263ff751 Handle hardware-imposed MTU/MRU limitations. PPPoE will no longer
allow MRU/MTU negotiations to exceed 1492.

Add an optional ``max'' specifier to ``set m[rt]u'', ie.

	set mtu max 1480

Bump the ppp version number.

Sponsored by:	Monzoon Networks AG and FreeBSD Services Limited
2001-06-18 14:59:36 +00:00
brian
0ec923a7cf Correct the arg count after parsing a line with an unescaped # that isn't
preceeded with whitespace.

MFC after: 3 weeks
2001-06-15 13:58:06 +00:00
brian
52cb477a72 Convert IIJ copyrights to BSD copyrights.
Approved by: Toshiharu OHNO <tohno@sirius.ocn.ne.jp>
2001-06-13 21:52:19 +00:00
sobomax
0c29f662fa Correct cross-references:
ng_bpf.8    --> ng_bpf.4
  ng_ether.8  --> ng_ether.4
  ng_iface.8  --> ng_iface.4
  ng_pppoe.8  --> ng_pppoe.4
  ng_socket.8 --> ng_socket.4
  ng_tty.8    --> ng_tty.4
  ng_{type}.4 --> /dev/null

MFC after:	1 week
2001-06-05 12:40:03 +00:00
brian
425630304c Renamed to README.nat 2001-06-04 14:40:06 +00:00
brian
0afc2da42b Add BSD style copyrights (with permission from Charles Mott where appropriate)
Deprecate -alias further (after a repo-copy)
2001-06-04 14:38:29 +00:00
brian
39c721b4d0 Fix an alignment error
PR:		27766
Submitted by:	Sudish Joseph <sudish@mindspring.com>
MFC after:	2 weeks
2001-05-30 15:52:24 +00:00
brian
bd7ad7312a Don't say ``Enter pause (-1) for redialing when we're using a random interval.
Show the calculated random value instead.

Suggested by: Bill Richter <richterb@binkley.foothill.net>
2001-05-22 19:42:14 +00:00
brian
39c66e3d7a If we don't receive a TY_IPADDR option as part of a configure request, NAK
as if we received one with 0.0.0.0 as the argument.
2001-05-22 09:03:30 +00:00
brian
bba3cec519 Bring the interface IFF_UP from ipcp_InterfaceUp() (called from IPCP's
TLU event handler).

This used to be done as a side effect of SIOCAIFADDR'ing the interface,
but now that duplicate SIOCAIFADDRs are optimised out, we can't depend
on that behaviour.
2001-05-11 23:42:03 +00:00
brian
58f11f683b Handle situations where we've already got a P2P interface address
of a/x -> b and then negotiate a/x -> c by simply expecting SIOCAIFADDR
to do the change.

This was broken by the last commit that optimised out the deletion and
re-addition of the same a/x -> b combination, and forgot to compare
the old/new destination addresses.

Conveniently enough, this problem didn't effect setups where the
default route goes via the ppp link, and most other setups don't
care what the the destination address is actually set to.  It broke
test environments where ppp connects to the local machine rather
badly though....
2001-05-02 16:35:24 +00:00