73 Commits

Author SHA1 Message Date
jlemon
88dd97daaf Update the hash table when sppp mucks directly with the interface address. 2001-10-01 18:14:49 +00:00
ume
ac97fb621f If LCP proto-rej is received, drop the protocol mentioned by the message.
This is to be friendly with non-IPv6 peer (If the peer complains due to
lack of IPv6CP, drop IPv6CP).  This basically implements "RXJ+" state
transition in the RFC.

Obtained from:	NetBSD
2001-07-31 07:27:01 +00:00
peter
31a6b6a02b Fix warning: 848: warning: label `nosupport' defined but not used 2001-06-15 07:33:09 +00:00
ume
d8e4d500e0 Make compilable. addlog(...) was replaced with log(-1, ...)
Reported by:	peter
2001-06-13 17:30:55 +00:00
ume
b44fc46ed5 Restore the code wrongly nuked by previous commit.
Following changed was made by previous commit:

  - IPV6CP supporting in kernel level ppp from NetBSD.

Submitted by:	y.shirasaki@ntt.com
2001-06-12 08:52:54 +00:00
ume
832f8d2249 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00
joerg
2dea5ee664 Move the decision whether we want to request authentication from our
peer out from sppp_lcp_open() to sppp_lcp_up().  For one, this makes
things look more symmetrical to sppp_lcp_close(), and somehow it also
just occurred to me that an Up event following the open caused the
value of the authentication option to be clobbered.
2001-04-08 20:29:09 +00:00
joerg
28ec9af948 This is another MFC candidate.
Fix a serious bug in sppp where anyone could obtain a successful PAP
authentication by supplying a null password.  I've only stumpled across
the PR while browsing for all sppp-related PRs.

Should we also file a security advisory for this?

PR:		21592
Submitted by:	<dli@3bc.de> Dirk Liebke
2001-03-25 09:53:07 +00:00
joerg
f0a19e894b (MFC candidate, see below).
When we get an Open event in stopped state, experience shows that this
is usually means we've somehow missed a previous Down event.  This has
occasionally bitten people for the IPCP layer with ISDN, apparently a
previously aborted IPCP negotiation must have caused this.  As a
bandaid, we quickly pretent a Down event by advancing to starting
state; this effectively implements the `restart' option mentioned in
RFC 1663.

While i'm not yet fully convinced this is the best thing to do (and is
fully compliant with RFC 1661), i've seen a number of reports here on
the German mailing lists where people have been bitten by the previous
behaviour which usually causes quickly looping ISDN reconnects (thus
loss of money...), and where just this patch fixes the problem.

For this, i'd even like to see it MFC'd if possible.

Submitted by:	Helmut Kreft <kreft@zeus.ai-lab.fh-furtwangen.de>
2001-03-23 19:51:12 +00:00
phk
2ef21ddcb9 Use <sys/queue.h> macro api rather than fondle its implementation detals.
Created with:	/usr/bin/sed
Reviewed by:	/sbin/md5
2001-02-03 11:46:35 +00:00
jhay
d4b2a2fc17 Various fixes to make leased line operation more robust. On lcp_up, start
to negotiate from scratch. Make leased lines survive being put into
loopback mode. Bits and pieces and ideas taken from PRs 11238 and 21771.
Make it a module so that it can be kldloaded. Whitespace cleanup. (Can be
ignored with "cvs diff -b".)

PR:		11238 and 21771 (bits and pieces)
2000-12-19 19:08:11 +00:00
phk
7c4763bbdd Make log(-1, ...) do what addlog(...) did.
Replace all uses of addlog(...) with log(-1, ...)

Remove bogus "register" keywords in subr_prf.c

Make log() return void.
2000-11-26 19:34:06 +00:00
jlemon
954e1d2ccd Lock down the network interface queues. The queue mutex must be obtained
before adding/removing packets from the queue.  Also, the if_obytes and
if_omcasts fields should only be manipulated under protection of the mutex.

IF_ENQUEUE, IF_PREPEND, and IF_DEQUEUE perform all necessary locking on
the queue.  An IF_LOCK macro is provided, as well as the old (mutex-less)
versions of the macros in the form _IF_ENQUEUE, _IF_QFULL, for code which
needs them, but their use is discouraged.

Two new macros are introduced: IF_DRAIN() to drain a queue, and IF_HANDOFF,
which takes care of locking/enqueue, and also statistics updating/start
if necessary.
2000-11-25 07:35:38 +00:00
obrien
a8c8e00c91 * Use sys/sys/random.h rather than a i386 specific one.
* There was nothing that should be machine dependant about
  i386/isa/random_machdep.c, so it is now sys/kern/kern_random.c.
2000-04-24 17:30:08 +00:00
peter
a5441090de Clean up some loose ends in the network code, including the X.25 and ISO
#ifdefs.  Clean out unused netisr's and leftover netisr linker set gunk.
Tested on x86 and alpha, including world.

Approved by:	jkh
2000-02-13 03:32:07 +00:00
shin
70f0bdf681 udp IPv6 support, IPv6/IPv4 tunneling support in kernel,
packet divert at kernel for IPv6/IPv4 translater daemon

This includes queue related patch submitted by jburkhol@home.com.

Submitted by: queue related patch from jburkhol@home.com
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-12-07 17:39:16 +00:00
joerg
2997de7f2f When getting a RCN event in state ACK_RCVD, RFC 1661 demands that we
go to REQ_SENT (and we probably should also log this since it should
only happen in a cross-linked connection).

Submitted by:	Mark Tinguely <tinguely@plains.NoDak.edu>
1999-10-29 17:57:42 +00:00
peter
3b842d34e8 $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
phk
c5a96ac8db rganize the various modes (CISCO/AUTO/DEMAND/LEASED) a little bit better,
centralize the code.

Remember to call TLF/TLS on the hardware in CISCO mode.
1999-03-30 13:28:26 +00:00
phk
86fc22785e Misplaces brace puts important code into debug section.
Reviewed by:	phk
Submitted by:	Stefan Bethke <stefan.bethke@hanse.de>
1999-02-23 15:08:44 +00:00
phk
34a83c5869 Remove all the #ifdef notyet stuff, it is probably never going to happen
in the first place.

Use 3sec timeout as recommended.

Reorder some debug messages.

Label som of the 0x%x in debug messages

Make sppp_print_bytes() use %*D and handle zero length.

If we don't have MAGIC numbers, don't yell loopback if 0 == 0
1999-02-19 13:45:09 +00:00
phk
d47a7a8e1a Update sppp support to i4b level. This includes the new spppcontrol
program to set PPP options like authentication with.
1998-12-27 21:30:44 +00:00
phk
824f31bd96 More isdn4bsd convergence: cleanup log messages. 1998-12-26 13:14:45 +00:00
phk
7b748a7ecc Converge further on the isdn4bsd version of this file. 1998-12-26 12:43:26 +00:00
phk
f6d05aad4c clean up more timeout/untimeout portability stuff.
make sure flags and stuff are set sensibly.
1998-12-26 12:14:31 +00:00
phk
4674dad527 Straigthen out the use of the tls and tlf callbacks.
Not tested on the if_sr, if_cx and if_ar drivers, but
expected to work just the same as it used to.

Any users of these drivers (or even better: donors
of hardware for them) please contact phk@freebsd.org
so we can test the next batch of changes to if_sppp.
1998-12-16 18:42:38 +00:00
phk
990b5dccf9 *** empty log message *** 1998-12-11 21:40:13 +00:00
archie
982e80577d Examine all occurrences of sprintf(), strcat(), and str[n]cpy()
for possible buffer overflow problems. Replaced most sprintf()'s
with snprintf(); for others cases, added terminating NUL bytes where
appropriate, replaced constants like "16" with sizeof(), etc.

These changes include several bug fixes, but most changes are for
maintainability's sake. Any instance where it wasn't "immediately
obvious" that a buffer overflow could not occur was made safer.

Reviewed by:	Bruce Evans <bde@zeta.org.au>
Reviewed by:	Matthew Dillon <dillon@apollo.backplane.com>
Reviewed by:	Mike Spengler <mks@networkcs.com>
1998-12-04 22:54:57 +00:00
joerg
5ac8fdd716 Minor cleanup: kill a couple of unused variables, and a couple of
uninitialized variables.

Obtained from:	The isdn4bsd project (partially)
1998-10-06 21:12:45 +00:00
joerg
cc7de0de26 In an attempt to reduce the huge number of differences between the
FreeBSD repository version of this file and the isdn4bsd version,
adopt those changes from the i4b version that make this file
BSD-version independent.  I attempted to avoid uglifying this file too
much, thus deviated a little from the i4b version (and hope they will
adopt the changes, too).

The diffs mostly concentrate on:

. #include differences between the systems
. different callout handling between FreeBSD vs. Net/OpenBSD
. interface naming (Net/OpenBSD store the ASCII name including the
  unit # in struct ifnet, FreeBSD only the name)
. use of random() in FreeBSD vs. time-based pseudo-randomization in
  Net/OpenBSD (for loopback detection ad CHAP challenges -- i
  assume at least OpenBSD could also benefit from random(), but that's
  the way i've got this file)
. interface address list elements are named a little differently
  between FreeBSD and Net/OpenBSD

I attempted to segregate those compat fixes from other code fixes and
enhancements.

Obtained from:	The isdn4bsd project
1998-10-06 20:47:53 +00:00
joerg
0b79056d01 Fix a =/== confusion that caused the CHAP type renegotiation to
completely fail.

Obtained from:	The isdn4bsd project (original author unknown right now)
1998-10-05 21:02:30 +00:00
bde
e36ab6ee5e Fixed printf format errors. sppp_dotted_quad() was yet another private,
broken, version of inet_ntoa().  It should go away.
1998-08-17 00:29:34 +00:00
bde
ddbe8db9de Fixed yet more ioctl breakage due to the type of the `cmd' arg changing
from int to u_long but not changing here.
1998-08-15 21:58:09 +00:00
bde
403bdcb97b Removed unused includes. 1998-06-21 14:53:44 +00:00
phk
86337bf437 s/nanoruntime/nanouptime/g
s/microruntime/microuptime/g

Reviewed by:	bde
1998-05-17 11:53:46 +00:00
phk
1e2405b5f1 Use random() for seq numbers and read_random for CHAP challenge. 1998-04-06 11:40:17 +00:00
phk
ab5541db4c Make read_random() take a (void *) argument instead of (char *) 1998-04-06 09:30:42 +00:00
phk
5e9a131f20 Time changes mark 2:
* Figure out UTC relative to boottime.  Four new functions provide
      time relative to boottime.

    * move "runtime" into struct proc.  This helps fix the calcru()
      problem in SMP.

    * kill mono_time.

    * add timespec{add|sub|cmp} macros to time.h.  (XXX: These may change!)

    * nanosleep, select & poll takes long sleeps one day at a time

Reviewed by:    bde
Tested by:      ache and others
1998-04-04 13:26:20 +00:00
phk
9b703b1455 Eradicate the variable "time" from the kernel, using various measures.
"time" wasn't a atomic variable, so splfoo() protection were needed
around any access to it, unless you just wanted the seconds part.

Most uses of time.tv_sec now uses the new variable time_second instead.

gettime() changed to getmicrotime(0.

Remove a couple of unneeded splfoo() protections, the new getmicrotime()
is atomic, (until Bruce sets a breakpoint in it).

A couple of places needed random data, so use read_random() instead
of mucking about with time which isn't random.

Add a new nfs_curusec() function.

Mark a couple of bogosities involving the now disappeard time variable.

Update ffs_update() to avoid the weird "== &time" checks, by fixing the
one remaining call that passwd &time as args.

Change profiling in ncr.c to use ticks instead of time.  Resolution is
the same.

Add new function "tvtohz()" to avoid the bogus "splfoo(), add time, call
hzto() which subtracts time" sequences.

Reviewed by:	bde
1998-03-30 09:56:58 +00:00
bde
b39d5dada4 Fixed syntax error in previous commit. 1998-03-01 06:01:33 +00:00
phk
c5228af8cf Make it possible to indicate that we don't care about the remote
sides IP address, as long as it isn't 0.0.0.0
1998-02-28 21:01:09 +00:00
eivind
d7a6ab2803 Staticize. 1998-02-09 06:11:36 +00:00
eivind
bcae2312af Make INET a proper option.
This will not make any of object files that LINT create change; there
might be differences with INET disabled, but hardly anything compiled
before without INET anyway.  Now the 'obvious' things will give a
proper error if compiled without inet - ipx_ip, ipfw, tcp_debug.  The
only thing that _should_ work (but can't be made to compile reasonably
easily) is sppp :-(

This commit move struct arpcom from <netinet/if_ether.h> to
<net/if_arp.h>.
1998-01-08 23:42:31 +00:00
gj
f1d1f72983 Reviewed by: Joerg Wunsch
In sppp_chap_input:
1) in the CHAP_CHALLENGE case don't output the peer's name if it is not
what we expected (DEBUG) since it will be printed out in the course
of events anyway.
2) in the CHAP_SUCCESS case test whether the peer is required to
authenticate himself [(sp->lcp.opts & (1 << LCP_OPT_AUTH_PROTO))],
otherwise the state machine may never switch into the network state.
I saw this case against 2 different ISPs; they never bothered to
authenticate themselves to me.

In sppp_pap_input:
in the PAP_ACK case do the same as in 2) above for the same reason.
1998-01-01 21:27:18 +00:00
eivind
3452c23db8 Throw options IPX, IPXIP and IPTUNNEL into opt_ipx.h.
The #ifdef IPXIP in netipx/ipx_if.h is OK (used from ipx_usrreq.c and
ifconfig.c only).

I also fixed a typo IPXTUNNEL -> IPTUNNEL (and #ifdef'ed out the code
inside, as it never could have compiled - doh.)
1997-12-15 20:31:25 +00:00
joerg
dd1b2fd214 Jumbo patch to implement PAP and CHAP for sppp(4). Partially based on
Serge's (Cronyx's) code in the vendor branch.  (FR support not yet
merged.)
1997-10-11 11:25:28 +00:00
gibbs
a415512fd4 Update for new callout interface. 1997-09-21 22:02:25 +00:00
bde
a6e315b69d Added used #include - don't depend on <sys/mbuf.h> including
<sys/malloc.h> (unless we only use the bogusly shared M*WAIT flags).
1997-09-02 01:19:47 +00:00
kjc
a2d21c0047 Fix a traceroute problem in the CISCO HDLC mode. (cisco routers not
returning ICMP_TIMXCEED)

use CISCO_UNICAST instead of CISCO_MULTICAST to send normal packets.
this is needed for packets to get processed by a cisco router,
but doesn't matter if a packet is just forwarded.

Reviewed by:itojun@itojun.org
1997-08-12 05:22:54 +00:00
joerg
7c374e293d Implement the LCP fail_counter: if an option has been NAK'ed for more
than max_failures attempts, we are going to REJ it, to prevent endless
NAK loops.

(This is actually part of a larger local set of modifications i'm
running with, but the remainder (PAP & CHAP) ain't ready for prime-
time yet.)
1997-08-10 14:28:16 +00:00