timer with a <0.05 second delta next to it.
This is done by avoiding the possibility of updating the first residual
time delta in the timer list to zero.
PR: 102747
Submitted by: Sergey Zaharchenko - doublef-ctm at yandex dot ru
MFC after: 3 weeks
o Bump version number to 3.0.4
o When talking to a RADIUS server, provide a NAS-Port-Type.
When the NAS-Port-Type is Ethernet, provide a NAS-Port value equal
to the SESSIONID from the environment in direct mode or the
NGM_PPPOE_SESSIONID message in other modes. If no SESSIONID is found,
default to the interface index in client mode or zero in server mode.
When the NAS-Port-Type is ISDN, set the NAS-Port to the minor number
of the physical device (ie, the N in /dev/i4brbchN).
This makes it easier for the RADIUS server to identify the client
WRT accounting data etc.
Prompted by: lsz8425 <lsz8425@mail.cd.hn.cn>
value.
This has minimal impact here, but if ppp ever needs to frequently
remove timers before they've timed out, it can badly skew the next
item in the timer list without this change.
The correct fix would be to store usecs in `rest' rather than
TICKUNITs, but the math is easier if we just round...
that we adjust that timers `rest' value (with the current getitimer()
values) before using that to adjust the next items `rest' value.
After adjusting that value, restart the timer service so that we've
now got the correct setitimer() values.
inserting a new item. Without this, it's possible to
mis-insert quite badly... but only by as much as the load of
the first item, which is almost always 1 second.
Initialise the timerservice with `restart' set if we're inserting
at the start of the list.
that the first timer ends up doing a timer_Stop() on the second.
When this happens, remove the timer from the pending list so that
we still call any subsequent timers.
This bug has been here for several years, but has only been tickled
recently with my device layering changes.
With enormous thanks for the perseverance of: Ruslan Ermilov <ru@ucb.crimea.ua>
header in fsm_Input() we often end up with a NULL mbuf.
Deal with a possible NULL mbuf being passed into
mbuf_Prepend().
Adjust some spacing to make things more consistent.
to see if there's anything to do, schedule the next alarm
based on the next required timeout.
This decreases the load when there are lots of relatively
idle ppp processes.
While I'm in there, handle the possibility that a timeout
makes the timer element go out of scope by grabbing the
enext pointer before executing the timer function.
o Bring the static ``ttystate'' into struct prompt so that
the tilde context is per prompt and not global.
o Comment the remaining static variables so that it's
clear why they're static.
o Add some XXX comments suggesting that our interface list
and our hostname should be re-generated after a signal
(say SIGUSR1) so that a machine with PCCARDs has a chance.
LQM and HDLC timer diagnostics come out with the correct name.
o Don't send an LQR immediately upon reviving a datalink. Leave
it 'till the next timeout.
o Add the link name to some more LQR diagnostics.
o Break out of the main loop when a descriptor exception is seen
in select().
o Remove the evil nointr_[u]sleep() functions. Timers should be
(and are) used instead.
o Treat a read() of 0 bytes as an error that's fatal to the link
on which the read() is done. We should never read() 0 after
select() says there's something there - not unless the link
has been closed by the other side.
o Write the data seen before a HDLC header to the terminal in
`term' mode, *not* back to the modem :-/
o Initialise our transmitted file descriptor before starting any
timers.
o Only send data links that have *no* pending output data. This
means that our final ACK will be written rather than being
nuked with the datalink transmission.
log debug'' without filling our filesystem/screen with
junk that we don't really want to see.
o change PHYS_STDIN to PHYS_DIRECT - we can handle incoming
connections that aren't on STDIN_FILENO now.
o Allow return values from our FSM LayerUp functions. If
LayerUp() fails, the FSM does an immediate FsmDown() without
calling the fsm_parent's Layer{Up,Down} functions.
o Clear the close-on-exec flag of file descriptor 3 when executing
chat programs so that our documented ability to communicate with
/dev/tty via that descriptor works. Also document it as
descriptor 3, not 4 :-O
o Allow a ``rm'' command as an alias for ``remove''.
o Fix the bind()/connect()/accept() calls made by the MP server.
o Create bundle_SendDatalink() and bundle_ReceiveDatalink().
This allows `struct datalink's to flatten themselves, pass
through a pipe (read: the eye of a needle !) and come alive
at the other end. The donator then fork()s & exec()s pppmpipe,
``passing'' the connection to another ppp instance.
*** PPP NOW TALKS MULTILINK :-))) ***
Our link utilization is hideous, and lots of code needs
tidying still. It's also probably riddled with bugs !
It's been tested against itself only, and has hung once,
so confidence isn't high....
o Make sure our ipcp throughput timer is stopped before being nuked
with a memset.
o Don't initialise struct async & struct hdlc twice in modem_Create().
o Clarify some comments.
call datalink_Down() where appropriate rather than
modem_Hangup().
o Now, when something horrible happens (failed read/write, loss
of carrier etc), we go offline and run any hangup scripts etc
in a controlled manner - exactly the same as if someone says
``down'' at the prompt or sends us a HUP.
o -dedicated links that fail to make the modem raw close it,
suffer the redial timeout then try to open it again.
o Add a ``carrier lost'' warning diagnostic.
o Move Var*Version into command.c
o Remove struct pppVars (and there was much rejoicing) !
o Forward-decl some structs in .h files to avoid include
ordering requirements and remove a few more redundant
#includes.
o Our diagnostic socket has its password set in the `set socket'
line only (not in ppp.secret).
o Passwords are per server socket (*VarAuthKey are gone)
o Authority is per prompt (VarLocalAuth is gone).
o Local logging is per prompt.
o Add a `show who' command to see who's connected. No identd
routine - just a `where the connection came from' display.
o SIGUSR1 is disabled for now - we have no way of choosing a
password for the socket created :-(
Prompts are attached as a list of `struct descriptor's in
struct bundle, and serviced under the bundles descriptor
service routines. Ultimately, everything should be done
like this.
Cosmetic:
o alphabeticalise SRCS in Makefile.
o Add a few comments in command.h
TODO: Start checking that we don't overflow the descriptor sets
in select() now that we can have any number of descriptors.
o Remove bundle2lcp(), bundle2ccp() and bundle2link().
They're too resource-hungry and we have `owner pointers'
to do their job.
o Make our FSM understand LCPs that are always ST_OPENED
(with a minimum code that != 1).
o Send FSM code rejects for invalid codes.
o Make our bundle fsm_parent deal with multiple links.
o Make timer diagnostics pretty and allow access via ~t
in `term' mode (not just when logging debug) and
`show timers'. Only show timers every second in debug
mode, otherwise we get too many diagnostics to be useful
(we probably still do). Also, don't restrict ~m in term
mode to depend on debug logging.
o Rationalise our bundles' phases.
o Create struct mp (multilink protocol). This is both an
NCP and a type of struct link. It feeds off other NCPs
for output, passing fragmented packets into the queues
of available datalinks. It also gets PROTO_MP input,
reassembles the fragments into ppp frames, and passes
them back to the HDLC layer that the fragments were passed
from.
** It's not yet possible to enter multilink mode :-( **
o Add `set weight' (requires context) for deciding on a links
weighting in multilink mode. Weighting is simplistic (and
probably badly implemented) for now.
o Remove the function pointers in struct link. They ended up
only applying to physical links.
o Configure our tun device with an MTU equal to the MRU from
struct mp's LCP and a speed equal to the sum of our link
speeds.
o `show {lcp,ccp,proto}' and `set deflate' now have optional
context and use ChooseLink() to decide on which `struct link'
to use. This allows behaviour as before when in non-multilink
mode, and allows access to the MP logical link in multilink
mode.
o Ignore reconnect and redial values when in -direct mode and
when cleaning up. Always redial when in -ddial or -dedicated
mode (unless cleaning up).
o Tell our links to `staydown' when we close them due to a signal.
o Remove remaining `#ifdef SIGALRM's (ppp doesn't function without
alarms).
o Don't bother strdup()ing our physical link name.
o Various other cosmetic changes.
interrupted with a SIGALRM. In fact, select() sets the
passed time to zero, making the previous implementation
terminate always after 1/10th of a second !
Also, deal with someone changing the clock while we're
sleeping (and restart the whole sleep).
Dangers pointed out by: Theo de Raadt <deraadt@cvs.openbsd.org>
Remove extraneous decls.
Add ``const'' to several places.
Allow ``make NOALIAS=1'' to remove IP aliasing.
Merge with OpenBSD - only the Makefiles vary.
We can now survive a compile with
-Wall -Wbad-function-cast -Wcast-align -Wcast-qual
-Winline -Wmissing-declarations -Wmissing-prototypes
-Wnested-externs -Wpointer-arith -Wredundant-decls
-Wshadow -Wstrict-prototypes -Wwrite-strings -Wchar-subscripts
(although the Makefile just contains -Wall).
Stay as the invoking uid as much as possible.
Execution as a normal user is still forbidden for now,
so these changes are pretty ineffective.
The next commit will implement the modifications suggested
on -hackers a number of days ago.
o Add missing $Id$s
o Move extern decls from .c -> .h files
o Staticize
o Remove #includes from .h files
o style(9)ify includes
o bcopy -> memcpy
bzero -> memset
bcmp -> memcmp
index -> strchr
rindex -> strrchr
o Move timeout.h -> timer.h (making it consistent w/ timer.c)
o Add -Wmissing-prototypes
o Use syslog
o Remove references to stdout/stderr (incl perror())
o Introduce VarTerm - the interactive terminal or zero
o Allow "set timeout" to affect current session
o Change "set debug" to "set log"
o Allow "set log [+|-]flag"
o Make MSEXT and PASSWDAUTH stuff the default
o Move all #ifdef DEBUG stuff into the code - this
shouldn't be too much overhead. It's now controlled
with "set log +debug"
o Add "set log command, debug, tun, warn, error, alert"
o Remove cdefs.h, and assume an ansi compiler.
o Improve all diagnostic output
o Don't trap SIGSEGV
o SIGHUP now terminates again (log files are controlled
by syslog)
o Call CloseModem() when changing devices
o Fix parsing of third arg of "delete"
I think this fixes the "magic is same" problems that some
people have been experiencing.
The man page is being rewritten. It'll follow soon.
These changes should fix the signal "problems" in ppp.
The signal changes should really be put into 2.2 too !
The following patches should do it. There were some other
changes made by Andrey recently that havn't been brought
into 2.2, it may be worth doing them now.
dangerous! Signal handlers themself must be fixed to not call malloc,
but no pended handlers, it will be correct fix. In finite case each signal
handler can set some variable which will be analized later, but calling
handler functions manually is too dangerous (f.e. signals not blocked while
the handler or handlers switch executed in this case). Of course this
code can be fixed instead of removing, but it not worth fixing in any case.
Should go into 2.2
In addition sig.c code shows following dangerous fragments (there can be more,
but I stop after two):
This fragment
if (fn == SIG_DFL || fn == SIG_IGN) {
handler[sig-1] = (sig_type)0;
<------------- here
signal(sig,fn);
} else {
cause NULL pointer reference when signal comes
"here", but more worse fragment is below:
void handle_signals() {
int sig;
if (caused)
for (sig=0; sig<__MAXSIG; sig++, caused>>=1)
if (caused&1)
(*handler[sig])(sig+1);
}
caused is bitmask which set corresponding bit on each signal coming.
And now imagine, what happens when some signal comes (bit sets) while loop
is executed (see caused>>=1 !!!)
In this light carrier drop situation was (as gdb shows)
1. SIGSEGV in handle_signals because some junk called as *handler reference.
2. Since SIGSEGV was pended too (== never happens),
it can cause various range of disasters.
1) When carrier dropped, old variant often forget to detect it cause
unkillable loop forever (because SIGTERM pended too, but it will be
separate commit)
2) Time intervals accuracy reasons
Should go into 2.2