Commit Graph

1392 Commits

Author SHA1 Message Date
brian
635801f2ed If the peer REJects our MRU REQ, stop REQing it -- *EVEN* if we're
doing PPPoE and the default MRU is therefore too big.

When negotiating with win2k, we ask for MRU 1492 and the win2k box
NAKs us saying ``MRU 1492''.  This doesn't make sense to me.  When
we continue to request MRU 1492, the win2k box eventually REJs our
MRU.  This fix allows negotiations to continue at that point,
bringing the link up and potentially allowing the win2k box to send
us frames that are too large.  AFAICT this is better than failing
to bring the link up.... probably !

I have no idea how to do the equivalent of ``route get'' or
``ifconfig -a'' under win2k, so I can't tell what MTU it actually
ends up using.

I believe the bug is in win2k (it's certainly mis-negotiating).
I'll MFC given the release engineers permission as code freeze
begins on August 1.

PR:		29277
MFC after:	3 days
2001-07-30 17:04:39 +00:00
brian
8ab0acdbe9 Change permissions back to 4554/554
Suggested by:	kris
2001-07-28 11:58:41 +00:00
brian
933d065af2 If the peer sends a REQ without the IPADDR option, only reject it
once.  If they repeat the request (again without the IPADDR option)
ACK it.

I've had reports that some ppp implementations will not assign
themselves an IP number.  This should negotiate with such things.

MFC after:	3 days
2001-07-28 11:32:08 +00:00
brian
f19a3f3d63 Handle peer REQ/NAKs of >1500 byte MRUs when we have no preference.
MFC after: 3 days
2001-07-26 11:33:53 +00:00
brian
47bc6ecf64 Change permissions from [4]554 to [4]551
MFC after: 3 days
2001-07-25 11:44:04 +00:00
obrien
9c97c8f02d Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.
2001-07-20 06:20:32 +00:00
obrien
be022bb715 Remove GCC'isms in CFLAGS. 2001-07-20 04:23:13 +00:00
brian
0906f6dada Bring the PPPoE Ethernet interface up *BEFORE* we send the node a
CONNECT message.

MFC after: 1 week
2001-07-18 09:33:45 +00:00
brian
adc22e971c Ignore (with a warning message) mtu/mru configurations that are greater
than the maximum physical values.

MFC after: 1 week
2001-07-17 01:06:13 +00:00
brian
27ff1556c8 TCPMSS adjusts all TCP SYN packets, not just outgoing ones.
Pointed out by: ru
2001-07-16 17:02:10 +00:00
dd
911ca14c87 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
brian
c29f79581e Perform MSS fixups on incoming packets as well as outgoing.
MFC after: 1 week
2001-07-13 02:04:19 +00:00
dd
eaa6ee03b8 mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
brian
ef44874abb Fix the type of the last arg to execl()
Obtained from: OpenBSD
2001-07-09 08:17:47 +00:00
brian
e5e53f5188 Staticise the OpenBSD SHA1_End() function 2001-07-09 00:45:57 +00:00
brian
e3b3f682a9 Stay (backwards-)compatible with OpenBSD's groff 2001-07-09 00:13:49 +00:00
brian
a3c5f8aba8 Add a ``nat proto'' command -- similar to natd(8)'s -redirect_proto switch.
MFC after: 3 weeks
2001-07-09 00:07:56 +00:00
brian
c11e4967f8 Don't try to dereference the -1th ccp algorithm array entry when we
open CCP with no algorithm.
2001-07-07 13:12:07 +00:00
brian
b93f87d791 When we miss one or more packets in stateful mode *and* need to
perform a key change, *and* our sequence numbers have wrapped,
ensure that the number of key changes is calculated correctly.

The previous code counted down from a negative number to zero,
re-encrypting the current key on each iteration - this took some
time and strangely enough got the answer wrong !!!

Fix a(nother) spelling mistake while I'm there.
2001-07-07 03:06:20 +00:00
brian
92b94fe6a1 Spell stateful properly
Inconsistently done by:	brian
Spotted by:		ru
2001-07-06 23:45:32 +00:00
ru
e1827422c1 mdoc(7) police: removed hard sentence breaks, sorted xrefs. 2001-07-05 11:01:12 +00:00
brian
b44d6474df Make the last fix work properly on descriptors 1 and 2 (not just 0) 2001-07-04 09:32:34 +00:00
brian
746c94eef4 Handle any of descriptors 0, 1 or 2 being closed when we're
envoked -- don't use them (as return values from open()), then
(say) close(STDIN_FILENO) when daemonising.

This is done by grabbing 3 descriptors to /dev/null at startup and
releasing them after we've daemonised.

MFC after: 1 week
2001-07-04 03:34:20 +00:00
brian
0deba2c342 Reduce the interface MTU by 2 when MPPE has been successfully negotiated.
This is necessary because MPPE will combine the protocol id with the
payload received on the tun interface, encrypt it, then prepend its
own protocol id, effectively increasing the payload by two bytes.
2001-07-03 22:20:19 +00:00
brian
c6b698395d Don't accept chap80lm by default - it doesn't work.
MFC after: 1 week
2001-07-03 22:20:11 +00:00
brian
da14c6a0f2 Silence some gcc warnings 2001-07-03 22:20:06 +00:00
brian
9251775bc4 Do away with the ``err'' variable.
Inspired by: kris
2001-07-03 01:02:26 +00:00
kris
be14d2652a Silence some of the -Wnon-const-format warnings and add __printflike()
to a function prototype which needs it.

Approved by:	brian
MFC After:	2 weeks
2001-07-02 12:27:49 +00:00
brian
96c4f4c55f Avoid using too many args for ``set m[tr]u''
This needs to work with OpenBSD's groff too :(
2001-06-20 19:55:58 +00:00
brian
12a7d2d747 Call va_start/va_end for each call to vfprintf
Obtained from: OpenBSD
2001-06-18 23:24:26 +00:00
brian
e0acd9811e Add support for stateful MPPE (microsoft encryption) providing
encryption compatibility with Windows 2000.  Stateful encryption
uses less CPU but is bad on lossy transports.

The ``set mppe'' command has been expanded.  If it's used with any
arguments, ppp will insist on encryption, closing LCP if the other
end refuses.

Unfortunately, Microsoft have abused the CCP reset request so that
receiving a reset request does not result in a reset ack when using
MPPE...

Sponsored by:	Monzoon Networks AG and FreeBSD Services Limited
2001-06-18 15:00:22 +00:00
brian
14263ff751 Handle hardware-imposed MTU/MRU limitations. PPPoE will no longer
allow MRU/MTU negotiations to exceed 1492.

Add an optional ``max'' specifier to ``set m[rt]u'', ie.

	set mtu max 1480

Bump the ppp version number.

Sponsored by:	Monzoon Networks AG and FreeBSD Services Limited
2001-06-18 14:59:36 +00:00
brian
0ec923a7cf Correct the arg count after parsing a line with an unescaped # that isn't
preceeded with whitespace.

MFC after: 3 weeks
2001-06-15 13:58:06 +00:00
brian
52cb477a72 Convert IIJ copyrights to BSD copyrights.
Approved by: Toshiharu OHNO <tohno@sirius.ocn.ne.jp>
2001-06-13 21:52:19 +00:00
sobomax
0c29f662fa Correct cross-references:
ng_bpf.8    --> ng_bpf.4
  ng_ether.8  --> ng_ether.4
  ng_iface.8  --> ng_iface.4
  ng_pppoe.8  --> ng_pppoe.4
  ng_socket.8 --> ng_socket.4
  ng_tty.8    --> ng_tty.4
  ng_{type}.4 --> /dev/null

MFC after:	1 week
2001-06-05 12:40:03 +00:00
brian
425630304c Renamed to README.nat 2001-06-04 14:40:06 +00:00
brian
0afc2da42b Add BSD style copyrights (with permission from Charles Mott where appropriate)
Deprecate -alias further (after a repo-copy)
2001-06-04 14:38:29 +00:00
brian
39c721b4d0 Fix an alignment error
PR:		27766
Submitted by:	Sudish Joseph <sudish@mindspring.com>
MFC after:	2 weeks
2001-05-30 15:52:24 +00:00
brian
bd7ad7312a Don't say ``Enter pause (-1) for redialing when we're using a random interval.
Show the calculated random value instead.

Suggested by: Bill Richter <richterb@binkley.foothill.net>
2001-05-22 19:42:14 +00:00
brian
39c66e3d7a If we don't receive a TY_IPADDR option as part of a configure request, NAK
as if we received one with 0.0.0.0 as the argument.
2001-05-22 09:03:30 +00:00
brian
bba3cec519 Bring the interface IFF_UP from ipcp_InterfaceUp() (called from IPCP's
TLU event handler).

This used to be done as a side effect of SIOCAIFADDR'ing the interface,
but now that duplicate SIOCAIFADDRs are optimised out, we can't depend
on that behaviour.
2001-05-11 23:42:03 +00:00
brian
58f11f683b Handle situations where we've already got a P2P interface address
of a/x -> b and then negotiate a/x -> c by simply expecting SIOCAIFADDR
to do the change.

This was broken by the last commit that optimised out the deletion and
re-addition of the same a/x -> b combination, and forgot to compare
the old/new destination addresses.

Conveniently enough, this problem didn't effect setups where the
default route goes via the ppp link, and most other setups don't
care what the the destination address is actually set to.  It broke
test environments where ppp connects to the local machine rather
badly though....
2001-05-02 16:35:24 +00:00
brian
aece142b9a Fix some quotes and mention that it's usually necessary to train
your modem to the correct speed when setting up an incoming getty.
2001-04-26 13:10:59 +00:00
brian
d487445d05 Handle IP over IP (IPPROTO_IPV4) properly.
We now unwrap IP/IP and apply filter rules to both the outer
  layer (with ``set filter blah x.x.x.x y.y.y.y ipip'') and to
  the payload (reinterpreted by the filter rules).

  ``set log tcp/ip'' will now show both the outer wrapper and
  the (reinterpreted) payload contents.
2001-04-24 02:13:34 +00:00
brian
0e306cda1d kldload ng_pppoe as necessary 2001-04-10 08:31:13 +00:00
brian
658db5529c It's possible to kldload netgraph (as well as the other ng_* bits),
so do it if required.
2001-04-05 22:53:35 +00:00
brian
6359851d32 When we change the interface MTU, run through the routing table and tweak
all route MTUs too.
2001-04-05 02:23:48 +00:00
brian
626603131b Be a bit more persistent when the NET_RT_IFLIST sysctl returns ENOMEM
rather than dropping out immediately.
2001-04-03 08:21:28 +00:00
brian
281e45eb31 Don't say ``PPP enabled'' if we're given the -quiet switch 2001-04-03 08:20:20 +00:00
brian
9e1dc5332d Don't assume challenges and responses don't contain embedded '\0's.
Mschapv2 response generation may produce embedded NULs... causing
us to send a bogus response to the radius server and end up
failing the client's valid response.

Problem pointed out by: Eugene Vigovskiy <vigov@com2com.ru>
2001-04-01 22:39:17 +00:00
ru
543e2b2cbe -DRELEASE_CRUNCH moved into crunchgen(1) config files for
release building.  Remove a hack that is no longer needed.
2001-03-31 17:07:55 +00:00
brian
6cb53fb287 Bring the PPPoE interface UP if required
Suggested by: archie
2001-03-28 09:45:27 +00:00
brian
5371255c58 Add some comments to two examples and extend a ``set ifaddr''. 2001-03-28 00:23:30 +00:00
ru
afd506414e - Backout botched attempt to introduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:42:20 +00:00
brian
e0c89bb234 If we're adding an interface address that is already one of the interface's
aliases with the same netmask and destination, don't remove it and then
re-add exactly the same thing.

This means that static (non-sticky) routes that use the interface address
(or destination address) as a destination will not suddenly evaporate when
IPCP comes up (not unless the negotiated IPs have changed anyway).
2001-03-25 01:34:27 +00:00
brian
d78fa50ae3 Quote PPP_CONFDIR in CFLAGS 2001-03-23 13:28:28 +00:00
brian
13caec0c3d Change _PATH_PPP to PPP_CONFDIR and allow it to be overridden at compile time 2001-03-23 11:43:22 +00:00
ru
f10dc9aca1 Set the default manual section for usr.sbin/ to 8. 2001-03-20 18:17:26 +00:00
roger
a093aec887 Allow LQR periods of 1 second and FSM retry periods of 1 second. This allows us
to run PPP over Radiocontact T-Link Radio Modems which run best when something
is transmitted at least every 1.5 seconds.

Tested by:	Jennifer Clark <jen@telepresence.strath.ac.uk>
Approved by:	Brian
2001-03-19 19:47:54 +00:00
brian
24ef2a2adf Deal with ENOENT properly on non-devfs machines
Broken in revision 1.109
2001-03-12 12:53:53 +00:00
brian
c46089815b MAXHOSTNAME includes space for a NUL 2001-03-09 20:31:02 +00:00
brian
5c7f60e195 Talk a little more about the differences between PPPoE on FreeBSD & OpenBSD. 2001-03-09 00:12:09 +00:00
brian
298eccdc14 MAXPATHLEN -> PATH_MAX
Don't assume MAXHOSTNAMELEN includes the NUL
Correct a diagnostic
Use "localhost" in our prompt instead of ""
2001-03-08 23:51:50 +00:00
brian
de377725be TUNSIFINFO now requires uid 0 to change the interface MTU.
Reviewed by:	Mark Knight <markk@knigma.org>
2001-03-08 10:33:30 +00:00
ru
f4325cbb8b Eliminate mdocNG warnings caused by misplaced or extraneous macro calls. 2001-02-28 17:38:53 +00:00
brian
56b9125875 Don't even look at af_family if accept() returns sa->sa_len == 0 2001-02-13 12:33:34 +00:00
brian
078570308c A better fix for the PacketAliasProxyRule() call.
Submitted by: Ian Dowse <iedowse@maths.tcd.ie>
2001-02-10 17:26:14 +00:00
ru
0794a5344d mdoc(7) police: replace two -unfilled displays with -tag lists.
This works only because of bugs in current implementation: the
first .It after ``.Bd -unfilled'' re-enables filling mode and
does not restore (disable) it back afterwards.
2001-02-07 16:02:21 +00:00
brian
a59964d665 Add a ``Usable'' function to the ccp switch. The function
is called prior to sending a CCP configure request for a
given protocol.  The default is to send the request, but
this is overridden for MPPE which checks to see if the lcp
negotiations agreed CHAP81, and if not fails.

Use the same function to decide if we should reject peer
requests for MPPE.

This should get rid of those boring messages about not being
able to initialise MPPE when we don't negotiate CHAP81.
2001-02-04 22:53:11 +00:00
brian
62f9307582 MPPE_MasterKeyValid is only there if HAVE_DES is defined. 2001-02-04 01:20:33 +00:00
brian
f808a69a42 Don't send an authentication failure response if we fail sending
a radius accounting packet.
2001-02-04 01:08:26 +00:00
brian
9c08680315 Make the MPPE MasterKey Invalid messages a bit clearer (it now
complains that you can't do MPPE without CHAP81).

Reset MasterKeyValid to zero when we hit phase DEAD.
2001-02-04 01:08:24 +00:00
brian
75b98b19e6 Untangle some cunfusion between the CLOSE_STAYDOWN, CLOSE_LCP and
CLOSE_NORMAL meanings.  CLOSE_NORMAL doesn't change the currently
required state, the others do.  This should stop ppp from entering
DATALINK_READY when LCP shutdown doesn't end up happening cleanly.

Bump our version number to reflect this change.
2001-02-04 01:08:22 +00:00
brian
c8af44b03b Try to kldload if_tun if we get ENOENT from opening /dev/tunN -
not just if we get ENXIO.

This makes ppp work with DEVFS when if_tun isn't built into
the kernel (without needing to manually kldload it).
2001-02-02 01:41:26 +00:00
ru
66cd8f698e mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:44:04 +00:00
brian
85d4c1854a Fix some log_Printf() casting
Obtained from: NetBSD (pkgsrc)
2001-01-29 08:46:58 +00:00
brian
a814a5c653 Only remove socket files with ``set server open''.
Only show the mask in ``show bundle'' when it's been specified.
Complain about unexpected arguments after ``set server {none,open,closed}''
Log re-open failures as warnings rather than phase messages.
Fix some markup for the ``set server'' man page description.
2001-01-29 01:35:06 +00:00
brian
43228ef6de Don't pass PacketAliasProxyRule() a buffer with leading whitespace as it
can't handle it.
2001-01-28 21:56:27 +00:00
brian
bf5cc85e8b Fix arg count 2001-01-26 01:48:16 +00:00
brian
2d3be64975 If executing the stuff from ppp.linkdown results in a state change,
don't continue adjusting the ipcp state machine.

This allows ``down'' to work in ppp.linkdown - useful for a tunnel
setup.
2001-01-26 01:43:38 +00:00
brian
63b65f9457 Allow ``set server closed'' to close the diagnostic socket.
Allow ``set server open'' to re-open the diagnostic socket.
Handle SIGUSR1 by re-opening the diagnostic socket
When receiving SIGUSR2 (and in ``set server none''), don't forget the
socket details so that ``set server open'' and SIGUSR1 open it again.

Don't create the diagnostic socket as uid 0 !  It's far to dangerous.
2001-01-26 01:41:34 +00:00
brian
89713f84c0 Fix for NetBSD where
.Oc Oc
  .Xc

doesn't seem to work....
2001-01-22 11:35:00 +00:00
brian
0b427e62c3 Handle SECDNS being rejected when PRIDNS is not
Submitted by:	OGAWA Takaya <t-ogawa@triaez.kaisei.org>
PR:		24518
2001-01-22 01:43:46 +00:00
brian
187b13bfd2 Use fstat to check if descriptor 0 is a socket.
Suggested by: julian
2001-01-14 00:54:48 +00:00
brian
5a8c7294c8 Log the ``MPPE: MasterKey is invalid...'' message as a CCP
diagnostic rather than a warning.
2000-12-29 22:25:56 +00:00
ru
4bb5f49662 Prepare for mdoc(7)NG. 2000-12-27 15:30:30 +00:00
ru
5f616cd0ae Add a missing dot. 2000-12-15 07:34:01 +00:00
brian
5fd9455c07 Correct the documented default behaviour of mschap, mschap81 and MPPE.
Pointed out by: Mark Knight <markk@knigma.org>
2000-12-15 01:09:38 +00:00
ru
12c490a119 mdoc(7) police: use canonical form of .Dd macro. 2000-12-11 15:57:16 +00:00
brian
03d643bc43 Mention the MTU in ``show iface''. 2000-12-01 03:22:18 +00:00
brian
86225cdcaf Call MSCHAP CHAP80 in ``show lcp'' so that it's consistent with CHAP81. 2000-11-29 15:47:35 +00:00
brian
d36784b716 Use only the bit after the ``\'' when hashing the challenge in
MSChapv2

Submitted by: Ustimenko Semen <semen@iclub.nsu.ru>
2000-11-28 22:50:40 +00:00
brian
36c3bc9fdd Add ``enable/disable tcpmssfixup'', defaulting to enabled.
Suggested by:	julian
Hijacked from:	ru (ports/net/tcpmssd)
2000-11-28 13:18:35 +00:00
ben
288e8299bb various typo and minor punctuation changes.
PR:		23111
Submitted by:	Jimmy Olgeni <olgeni@uli.it>
2000-11-28 11:35:14 +00:00
ru
71e2293ad4 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00
brian
62b4102957 Some gratuitous whitespace changes. 2000-11-19 16:58:59 +00:00
brian
98b7a7276f Describe how to tunnel properly.
Requested by: Greg Quinlan <greg@macquarrie.com.au>
2000-11-19 16:54:57 +00:00
brian
34eecfebb0 Accept MSCHAPv2 by default.
Enable and accept MPPE by default.
2000-11-19 16:53:50 +00:00
brian
2607c6601d Go back to populating data_len in struct ngpppoe_init_data. 2000-11-16 23:15:42 +00:00
brian
732fe3d144 Be a bit more precise about what ``nat deny_incoming yes'' does. 2000-11-16 21:50:50 +00:00
brian
9b74369754 Increase M_MAXBUF so that it's greater than HDLCSIZE 2000-11-11 01:31:32 +00:00
ru
a6f5d950d8 Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
brian
34d0ad4986 Introduce another global (MPPE_IsServer) so that we initiate the
MPPE session keys correctly.

I'm a bit dubious about this code.  It seems that the session keys
are initialised differently based on whether you're the client or
the server.  One side is the server if it issues the first challenge,
but of course you can issue a challenge from both sides.... at the
same time.  Sounds like another wonderful M$ assumption...

Ppp can now talk to itself correctly using encryption.

Problem solved by:	Ustimenko Semen <semen@iclub.nsu.ru>
Hair torn out by:	me
2000-11-07 23:19:11 +00:00
brian
b978119caa Handle being given a connect()ed udp descriptor as stdin rather
than assuming it's unconnected.
2000-11-07 04:29:46 +00:00
brian
a38b1bf086 Pass the correct output options to the ccp output initialisation
routine rather than passing it the first requested output option.

Ensure that options are freed correctly even if we don't reach
TLU.
2000-11-07 04:29:33 +00:00
brian
229a59bc61 Merge some OpenBSD/NetBSD fixes to the recent MPPE/CHAP0x81 update. 2000-11-05 03:25:09 +00:00
brian
6883207ac0 Don't ignore the return from tcsetattr() - moan about it instead.
Suggested by: Andre Albsmeier <andre@akademie3000.de>
2000-10-31 23:27:35 +00:00
hosokawa
11f32dfee0 Forgotten RELEASE_CRUNCH hack for mppe.c.
This fix is for "make release" and "make boot.flp".
2000-10-31 05:00:25 +00:00
brian
7ad8d82169 Use the new-style ngpppoe_init_data structure.
Approved by: archie
2000-10-31 02:46:12 +00:00
brian
8e712f5e48 Mention that ``nat deny_incoming'' drops unrecognised IP packets.
Requested by: kris
2000-10-31 02:25:54 +00:00
brian
77cc3172cc Drop PKT_ALIAS_IGNORED packets if ``nat deny_incoming yes'' is in effect.
Approved by: rwatson, ru
2000-10-30 18:02:01 +00:00
brian
9814de693a Add ``all'' logging.
Submitted by: eivind
2000-10-30 00:15:35 +00:00
brian
3d1630ef60 Bump our version to reflect the recent MPPE additions (and ccp struct
size change).
2000-10-30 00:15:34 +00:00
brian
aed543648b Move the MPPE keysize display in ``show ccp''. 2000-10-30 00:15:33 +00:00
brian
6d9a542bce Various whitespace changes.
Make some functions static.
2000-10-30 00:15:29 +00:00
brian
09731f0efc staticise mbuftype() 2000-10-30 00:15:27 +00:00
brian
06792c58d5 Add MPPE and MSChap v2 support (denied and disabled by default)
Submitted by: Ustimenko Semen <semen@iclub.nsu.ru>
2000-10-30 00:15:04 +00:00
brian
a03de14c0e Ignore ``#'' properly when told to 2000-10-28 23:56:03 +00:00
brian
e0b21f67bf Report the type of mbuf that couldn't be allocated before
aborting ppp.
2000-10-27 05:34:40 +00:00
brian
5ac0f571f0 Use rad_acct_open() instead of rad_auth_open().
Suggested by: Victor Ivanov <v0rbiz@icon.bg>
2000-10-15 01:05:57 +00:00
brian
1d71e8b7ce Don't define NOATM now that /usr/include/netnatm/ is created properly. 2000-10-15 00:46:58 +00:00
brian
4d8e577298 If write() gives -1/ENOBUFS, keep the packet and sleep for 1/10th
of a second before attempting to write it again (unless there's
something else to do instead).
2000-10-09 22:49:44 +00:00
brian
38c4d01137 Create fd_sets big enough to handle getdtablesize() descriptors. 2000-10-09 21:18:23 +00:00
brian
b48cc31f09 Fix some style nits 2000-09-14 22:03:13 +00:00
brian
54bef4135c Support PPPoATM, disabled for now as /usr/include/netnatm doesn't exist
Submitted by: Jakob Stoklund Olesen <stoklund@taxidriver.dk>
2000-09-14 22:02:54 +00:00
brian
3ca5232d93 Understand IPPROTO_ESP and IPPROTO_AH packets
Submitted by: Angelos D. Keromytis <angelos@dsl.cis.upenn.edu>
2000-09-14 18:01:54 +00:00
brian
1c08fd2080 Spelling police
Submitted by:	des
2000-09-06 21:02:06 +00:00
brian
e9aa407589 libutil.h is no longer required for setproctitle() 2000-09-02 02:16:51 +00:00
rse
f1908a0e71 Fix resolv.conf line hint: "name-server" -> "nameserver" 2000-08-31 11:13:20 +00:00
brian
ed0f07d9dd Use arc4random() instead of random() 2000-08-31 00:45:24 +00:00
brian
543225026f Don't treat two or more whitespace followed by a comment as
an empty argument

PR:	20937 (maybe)
PR:	20938
2000-08-30 20:51:13 +00:00
brian
50a3c4fd88 Complain about invalid arguments passed to ``set ifaddr'' 2000-08-30 20:49:50 +00:00
brian
a0d9c873d0 Correct LogMAX
Broken by:	me
Submitted by:	Mark Hannon <markhannon@one.net.au>
2000-08-29 17:00:52 +00:00
brian
ff7c637251 Use srandom() under OpenBSD
Submitted by:	Matt Behrens <matt@megaweapon.zigg.com>
2000-08-29 16:47:45 +00:00
brian
f1f515c997 Add LogFILTER logging to log packets allowed by the dial filter and
dropped by any filter.

Submitted by: Mark Hannon <markhannon@one.net.au>

with some small tweaks by me.
2000-08-28 23:24:52 +00:00
brian
cb1cdc90fa Support radius accounting, and add a packet count to throughput
statistics as a side effect.

Submitted by: Marcin Cieslak <saper@system.pl>

with some tweaks to RAD_ACCT_SESSION_ID and
RAD_ACCT_MULTI_SESSION_ID generation by me.
2000-08-28 22:44:54 +00:00
brian
bac59a32d0 Make -DNOSUID (or -DPPP_NOSUID) possible to build ppp without SUID
capabilities.
2000-08-18 00:01:44 +00:00
brian
c0049c3df2 Warn that the ``alias'' command is depricated.
We still process it for now though.
2000-08-18 00:01:30 +00:00
brian
c2fd0b7000 If we're in MP mode with a single open link, MP link level compression
isn't open and the links MRU >= our MRRU, send outbound traffic as
PROTO_IP rather than PROTO_MP.  This shaves some bytes off the front
of each packet 'till the second link is brought up.

Idea obtained from: Cisco
2000-08-17 14:14:54 +00:00
brian
65f020c63b ISDN B channels have a bandwidth of 64000, not 65536
Pointed out by: Christian Weisgerber <naddy@mips.inka.de>
2000-08-16 13:54:04 +00:00
brian
a7aa2e6cdb setproctitle() doesn't need to be called with root privs, so move
it from id.c into defs.c
2000-08-16 09:07:23 +00:00
brian
724f61b07d Default the bandwidth of an ISDN B channel to 65536bps 2000-08-16 09:06:59 +00:00
brian
2e8f0fe474 Maintain input and output throughput averages and choose the highest
of the two when calculating the MP throughput average for the ``set
autoload'' implementation.

This makes more sense as all links I know of are full-duplex.  This
also means that people may need to adjust their autoload settings
as 100% bandwidth is now the theoretical maximum rather than 200%
(but of course, halfing the current settings is probably not the
correct answer either!).

This involves a ppp version bump as we need to pass an extra
throughput array through the MP local domain socket.
2000-08-15 10:25:42 +00:00
brian
99a91bd0c2 Calculate the average link throughput using a counter based on the
cumulative total of all active links rather than basing it on the
total of PROTO_MP traffic.

This fixes a problem whereby Cisco routers send PROTO_IP packets only
when there's only one link (hmm, what a good idea!).
2000-08-15 00:59:21 +00:00
brian
b6a0e38086 Don't delete sticky routes when unconfiguring the interface.
Deleting all routes that match the interface is sufficient.
2000-08-14 08:43:40 +00:00
brian
f0e7cc686d Index: ppp.8
===================================================================
RCS file: /home/ncvs/src/usr.sbin/ppp/ppp.8,v
retrieving revision 1.233
diff -u -r1.233 ppp.8
--- ppp.8	2000/08/10 13:26:01	1.233
+++ ppp.8	2000/08/12 19:50:41
@@ -1,8 +1,8 @@
 .\" $FreeBSD: src/usr.sbin/ppp/ppp.8,v 1.233 2000/08/10 13:26:01 brian Exp $
 .Dd 20 September 1995
 .nr XX \w'\fC00'
-.Os FreeBSD
 .Dt PPP 8
+.Os
 .Sh NAME
 .Nm ppp
 .Nd Point to Point Protocol (a.k.a. user-ppp)
2000-08-13 22:03:42 +00:00
brian
b45901a5b4 Mention that pppoe requires netgraph(4) and without it, an external
pppoe program must be used (such as pppoe(8) on OpenBSD).
2000-08-10 13:26:01 +00:00
brian
f56c93c8c2 Allow leading ``!'' characters in authkeys and chat scripts to
be doubled up to mean a single literaly ``!''.
2000-08-09 19:29:50 +00:00
brian
f77ad6d1af If the first character of the `set title'' argument is -',
put it into the format string, supporting ps's tweak to
setproctitle().
2000-08-09 10:22:48 +00:00
brian
9466668148 Don't mis-interpret sockaddr_in6 structures as sockaddr_in structures
when purging routes.
2000-07-20 10:38:12 +00:00
brian
500d4d6905 Describe the new VERSION and COMPILATIONDATE macros and mention that the
``ident'' command will expand macros.
2000-07-19 10:14:00 +00:00
brian
9a38ef3d03 Support link identification from rfc1570
Two new commands are available; ``ident'' and ``sendident''.
2000-07-19 02:10:35 +00:00
brian
bf36609078 Permit multiple ``allow user'' lines in any given section
This avoids line length limits when large numbers of users are allowed
access to ppp.
2000-07-12 23:13:52 +00:00
brian
8f207589cd Correct ``set filter'' usage
Spotted by:	sheldonh
2000-07-12 16:31:47 +00:00
brian
e19f8cf941 Fix a rather nasty latency problem that occurs with single tcp sessions
thorough an MP setup with only a single link.
2000-07-12 15:08:03 +00:00
brian
7bc7c104ee Allow a ``timeout secs'' filter option to let specific packet types
effect the idle timer in different ways.

Submitted by: Stefan Esser <se@freebsd.org>

With adjustments by me to document the option in the man page and to
give the same semantics for outgoing traffic as incoming.

I made the style more consistent in ip.c - this should really have
been done as a separate commit.
2000-07-11 22:11:36 +00:00
brian
c1aed73081 Fix -auto breakage introduced with the last commit. 2000-07-11 09:26:02 +00:00
brian
9f59f2175a o Log the (payload/size) of all packet types, not just TCP packets
o  If the new ``filter-decapsulation'' is enabled, delve into UDP packets
   that contain 0xff 0x03 as the first two bytes, and if we recognise it
   as PROTO_IP, decapsulate it for the purpose of filter checking.

   If we recognise it as PROTO_<anything else> mention this for logging
   purposes only.

This change is aimed at people running PPPoUDP where the UDP traffic is
being sent over another PPP link.  It's desireable to have the top level
link connected all the time, but to have the bottom level link capable
of decapsulating the traffic and comparing the payload against the filters,
thus allowing ``set filter dial ...'' to work in tunnelled environments.

The caveat here is that the top ppp cannot employ any compression layers
without making the data unreadable for the bottom ppp.  ``disable deflate
pred1 vj'' and ``deny deflate pred1 vj'' is suggested.
2000-07-07 14:22:08 +00:00
brian
15dc9f70e6 kldload ng_ether if we need to. 2000-06-28 09:30:30 +00:00
brian
e37cd78ecc Don't assign an MTU based on the peers first-link MRU in MP mode.
Use the peers MRRU as we're supposed to.
2000-06-24 23:37:14 +00:00
brian
8996addced Fix a printf-style arg cast (again) 2000-06-23 09:48:26 +00:00
brian
446b9bad35 e.g. -> e.g.,
Obtained from: OpenBSD
2000-06-23 09:48:02 +00:00
brian
5008f3663f Correct PPPoE in multi-link mode
Submitted by: jason@OpenBSD.org
2000-06-22 20:51:03 +00:00
brian
c14925aabb Remove ``nat pptp'' as this is now done transparently by libalias. 2000-06-20 12:18:40 +00:00
brian
be62e8bf23 Allow padding in LQR ECHO requests
Problem found by: Tomaz Borstnar <tomaz.borstnar@over.net>
2000-06-20 09:13:25 +00:00
brian
d765e4453f Don't mis-match interface names in iface_Create()
Submitted by: Adrian Penisoara <ady@freebsd.ady.ro>
2000-06-19 21:43:48 +00:00
brian
d043bb7c6c Fix a printf-style format error 2000-06-18 10:07:53 +00:00
brian
37f3007f82 A few more hard-sentence breaks. 2000-06-13 10:03:28 +00:00
brian
f916881111 Hard sentence breaks and trailing space tidy-ups
Obtained from: OpenBSD
2000-06-11 14:58:32 +00:00
brian
e88906a1c1 Don't oan about padding characters 2000-06-11 12:22:06 +00:00
brian
41ff0cf693 Add ``set ifqueue'' to control the size of the outgoing packet
queue.  Doing ``set ifqueue 0'' and ``set urgent none'' will allow
full use of luigi's WF2Q code.

Requested by: luigi
2000-06-11 02:30:51 +00:00
brian
a1cdd9887d Allow ``set urgent none'' to disable all urgent ports and IPTOS_LOWDELAY
prioritisation.

Requested by: luigi
2000-06-08 20:07:48 +00:00
brian
af615e019d Use mp_CheckAutoloadTimer() rather than mp_StopAutoloadTimer()
when opening or closing an auto link due to the autoload
setting.

Spotted by: David Hedley <david@inty.co.uk>
2000-05-31 15:35:29 +00:00
brian
27d9c9b35a Don't use the umask to chmod local domain server sockets, use
the mask
2000-05-31 09:06:52 +00:00
brian
8c66999e1d If the fsm header reports a length greater than the packet size,
drop the packet rather than just whinging about it in the log.
If the fsm header has a smaller length, continue to whinge.
2000-05-26 21:11:55 +00:00
brian
61fc03a88c Remove an unused variable 2000-05-26 08:29:11 +00:00
brian
c756c66b29 When we do a `dial'' or `open'' from DATALINK_READY, go to
DATALINK_CARRIER and turn off scripting.

This should fix instances where ``term'' is used followed by ~.
and then ``dial''/``open'' (it currently just sits there looking
at you).

Reported by: Tim Vanderhoek <vanderh@ecf.utoronto.ca>
2000-05-26 08:26:56 +00:00
brian
e959f1027d Fix a topy (if (expr); command;)
Submitted by:	Renaud Waldura <renaud@guppy.evolunet.com>
2000-05-25 16:12:55 +00:00
brian
600aec722a The name /var/log/alias.log is *not* likely to change in the near
future...
2000-05-24 20:56:30 +00:00
brian
8fb3702804 Mention what ``enable proxy'' actually does 2000-05-24 13:49:39 +00:00
brian
54ab76295f Honour `set speed sync'' and `set device !program'' when
used together by creating a SOCK_DGRAM socketpair() between
the processes.

Be polite when closing !program links and send a HUP to the
process.  This makes ssh tunnels over unreliable media (such
as via httptunnel) reconnect properly.
2000-05-24 09:05:58 +00:00
brian
300b5cdddb Mention it in the log file when we HUP a process that
controls a link.
2000-05-24 09:05:45 +00:00
brian
defab84a46 Don't attempt to fputs(NULL, fp) when ``enable dns'' is given and
there's no resolv.conf.
Use a umask of 022 when creating resolv.conf, not 0644 !
2000-05-24 01:00:24 +00:00
brian
9316f17a65 Always pass packets through libalias when NAT is enabled.
Submitted by: luoqi
Forgotten by: me
2000-05-23 14:55:08 +00:00
brian
7bd588a76b Return -2 when tcp_OpenConnection() fails so that ppp doesn't
report that the device name is of an invalid format.
2000-05-22 08:23:35 +00:00
brian
4e4578620b Be more verbose when a second link doesn't match the first because the
peer enddisc/authname is different.
2000-05-22 08:23:13 +00:00
brian
4d248969a4 Fix a typo 2000-05-11 07:59:21 +00:00
brian
ba5219342d Mention that the default is to let external traffic route to
the internal network when NAT is enabled.

Allow ``set target MYADDR'' to stop packets at the gateway.
2000-05-11 07:55:44 +00:00
brian
8bec1e1f9d Correct a bad bug in m_prepend()
Submitted by: luoqi
2000-05-07 10:08:24 +00:00
brian
c4b2f80d92 Remove a rogue space 2000-04-13 00:00:46 +00:00
brian
eb7aa2809f Add a missing ``break'' 2000-04-09 18:27:08 +00:00
brian
825b93bffd When running ppp -background, show comfort messages showing
when we're redialing/reconnecting.

While we're here, log redial, reconnect and phone number
announcements to LogCHAT, and reduce some other logging to
LogDEBUG.
2000-04-07 23:46:14 +00:00
brian
9b2d3e1632 I didn't get this right the last time....
When an NCP reaches TLF, *ONLY* datalink_Close() links that are
in DATALINK_OPEN.

When the last link reaches TLD, DOWN all NCPs (as we used to in the
links TLF (which was the wrong place anyway)), as the NCPs aren't
now going to datalink_Close() us unexpectedly, we get to continue
doing what we were told to do in the first place.

The result:  When we lose a link, the IPCP layer goes down and
we actually call the stuff in ppp.linkdown !
2000-04-06 10:03:48 +00:00
gj
8efc52e239 Pass me the pointy hat.
It was not a good idea to remove csu_header from struct cspace, it had
ramifications which I didn't notice.

Restore src/usr.sbin/ppp/slcompress.h to the way it was, since MAX_HDR
was already defined as 128 there and it's a user program anyway.

In sys/net/slcompress.h make MAX_HDR 128 intead of MLEN to avoid
bloat.

My apologies for any inconvenience.
2000-04-04 09:20:53 +00:00
brian
56ae0558f5 Plug two file descriptor leaks 2000-04-03 19:56:49 +00:00
gj
08bbcfe72f Nuke csu_hdr from struct cspace. csu_hdr is not used anywhere in the
tree. This considerably reduces unnecessary bloat in struct slcompress.

I'm running with this change right now and have seen no negative
side-effects.

On my sytem this reduced kernel BSS by about 25KB.

Submitted by:	bde
Approved by:	brian for user-ppp
2000-04-03 19:54:33 +00:00
brian
2b63c0a8d4 Allow authname to be changed at any phase, just emit a warning
if it's not DEAD or ESTABLISH
2000-03-31 21:08:43 +00:00
brian
c4adf04181 Use INADDR_NONE with PacketAliasSetTarget() if no args are given to
``nat target'', and suggest the use of ``nat target default'' as an
interesting possibility.
2000-03-31 20:42:24 +00:00
brian
408c8069a6 Undo the damage done to this file in my last commit 2000-03-31 14:31:36 +00:00
brian
542750c808 Add the ``nat target'' command. 2000-03-31 14:26:23 +00:00
brian
96a4cabd64 Correct address parsing
Pointed out by: Maxim Sobolev <sobomax@altavista.net>
2000-03-30 10:46:20 +00:00
brian
a12619f868 Log information about packets being dropped (probably due to
``nat deny_incoming yes'') by libalias.
2000-03-29 09:31:52 +00:00
brian
657714f28b Allow the use of hostnames instead of (and as well as) IP
numbers in all commands.
If people use hostnames and have dodgy resolvers or try to resolve
the hostname before the link is up, they get what they deserve....

Requested by: ru
2000-03-29 09:31:27 +00:00
brian
a252b602e2 Mention the value of the unexpected return code in nat_LayerPull() 2000-03-29 00:14:24 +00:00
brian
2442f64e8a don't treat # specially if PARSE_NOHASH is passed 2000-03-28 15:14:15 +00:00
brian
7d12e18643 Don't treat # specially here 2000-03-28 15:11:38 +00:00
brian
b192194923 Correct the parent notification diagnostic emitted from the child
process in -background mode (it should report failure if appropriate).
2000-03-22 03:02:01 +00:00
brian
76f86d4850 If a links LCP FSM has reached TLF and it's the last link,
don't bother to re-initialise the NCPs.  Instead wait for
bundle_LinkClosed() to be called - IFF it actually is called.

By initialising the NCPs at this point, ppp was recursing
back into the fsm_Down() routing for the link, and losing
track of the reason that the link was being brought down.
The end result was that ``set reconnect'' would never do
anything.

Patiently pointed out by: ru
2000-03-22 03:02:00 +00:00
brian
1ae09dfce5 Don't bother setting the dial timer if we've closed a
background/foreground/direct and zero'd the redial/reconnect
counts.
2000-03-22 03:01:56 +00:00
brian
5bda7f13ae Do some vfork() trickery so that the parent can determine
if the childs exec() has succeeded or failed by taking advantage
of the fact that both processes share the same memory.

FWIW:
  I tried to implement this by doing a pipe(), setting the
  write desciptors close-on-exec flag in the child and writing
  errno to the descriptor if the exec() fails.  The parent can
  then ``if (read()) got errno else exec worked''.

  This didn't work though - the child could write() to fd[1] on
  exec failure, but the parent got 0 trying to read() from fd[0] !
  Is this a bug in execve() ?
2000-03-22 03:01:53 +00:00
brian
b47896e800 Call bundle_CleanDatalinks() after UpdateSet() in case we're
dropping out of background/foreground/direct mode.

This avoids either having to wait for the redial timer before
exiting or jaming up in select() waiting for something that'll
never happen.
2000-03-22 03:01:48 +00:00
brian
e183eff0c8 Add some diagnostics to prove that incoming IP fragments are
being dealt with correctly.
2000-03-19 12:37:27 +00:00
brian
a93a4c8c88 Move a comment to make things a bit more readable.
Suggested by: sheldonh
Forgotten by: me
2000-03-16 16:28:27 +00:00
brian
e7643a6c06 Increase bit fields to allow for new values 2000-03-14 20:11:45 +00:00
brian
5f910a271b ppps -> ppp's; suggested by sheldonh
.Nm ppp -> .Nm; overlooked by me
Microsofts -> Microsoft's; OpenBSD
2000-03-14 20:04:32 +00:00
brian
a6c570880d Understand -DNOINET6 2000-03-14 19:33:13 +00:00
brian
583da493d5 Understand environment variables in commands
Submitted by: Mark Knight <markk@knigma.org>
2000-03-14 01:47:31 +00:00
brian
1bc8ab9f4f Add the ``resolv'' command for telling ppp how to deal with resolv.conf.
You can now ``resolv restore'' in ppp.linkdown !
Add DNS0 and DNS1 macros.
2000-03-14 01:47:27 +00:00
brian
041ec329dc Refresh the NAT IP pointer after a potential mbuf reallocation. This
caused frequent lock-ups for individual sessions over a NAT'd ppp link
when MTU sizes ended up more or less exactly wrong.
2000-03-14 01:47:21 +00:00
brian
19ff2ab337 Fix some printf-style argument bugs 2000-03-14 01:47:19 +00:00
brian
84a11d130e Fix some typos
Obtained from: OpenBSD
2000-03-14 01:47:13 +00:00
brian
621cd25162 Adjust whitespace 2000-03-14 01:47:11 +00:00
brian
e9ef0032ae Don't include netinet6/in6.h directly. 2000-03-14 01:47:09 +00:00
brian
11898ff77c Correct some typos introduced in the descriptor -> fdescriptor change. 2000-03-14 01:47:07 +00:00
brian
be63b17232 Introduce LOCALNAT and LOCALRAD defines so that the sources can stay
exactly the same in FreeBSD & OpenBSD despite libalias and libradius
being local to the ppp sources under OpenBSD.
2000-03-14 01:47:02 +00:00
brian
948b95cdbb Correct UN_SIZE definition
Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-03-14 01:46:58 +00:00
brian
1afd290619 Don't ``break'' when we come accross a non-RTM_IFINFO type
entry in the block returned by the NET_RT_IFLIST mib,
``continue''

Broken a few minutes ago by: me
2000-03-14 01:46:56 +00:00
brian
c905df5091 When ppp can't identify the relevant name, don't use "???", use
<nnn> or <0xxxx> instead.
2000-03-14 01:46:54 +00:00
brian
3b65c00f32 Add ``set log dns'' to log DNS QUERY packets.
This is invaluable for dial-on-demand connections...
In ppp.linkup:

  set log -dns -tcp/ip

and in ppp.linkdown

  set log +dns +tcp/ip

giving a much better account of why the link came up.
2000-03-14 01:46:49 +00:00
brian
a69e155f87 The interface list that comes back from the PF_ROUTE/NET_RT_IFLIST mib
is aligned.  Teach this to ``show route''.

Clean up some of the sockaddr parsing routines.
2000-03-14 01:46:44 +00:00
brian
ca63a8dc14 Support IP6 addresses in ``show route''
Also, don't try to output routing entries if either the
RTA_DST or RTA_GATEWAY sockaddrs aren't present.
2000-03-14 01:46:38 +00:00
brian
56e902f033 When adjusting timer::rest, round to the closest TICKUNIT usecs
value.

This has minimal impact here, but if ppp ever needs to frequently
remove timers before they've timed out, it can badly skew the next
item in the timer list without this change.

The correct fix would be to store usecs in `rest' rather than
TICKUNITs, but the math is easier if we just round...
2000-03-14 01:46:34 +00:00
brian
1fa2af66ed When we stop a timer that's the first in the timer list, ensure
that we adjust that timers `rest' value (with the current getitimer()
values) before using that to adjust the next items `rest' value.
After adjusting that value, restart the timer service so that we've
now got the correct setitimer() values.
2000-03-14 01:46:31 +00:00
brian
9c5b52bb1f To avoid namespace polution in NetBSD:
``struct descriptor'' -> ``struct fdescriptor''
2000-03-14 01:46:09 +00:00
kris
3a01b4185c Remove the last vestiges of libRSAglue now that it's an empty stub.
This should fix the buildworld problems some people were seeing.

Approved by:	jkh
2000-03-11 22:34:10 +00:00
kris
0d1f47825b Buildworld fixes for NO_OPENSSH and NO_OPENSSL
Approved by:	jkh
2000-03-09 06:29:05 +00:00
sheldonh
244b8ead7d Remove more single-space hard sentence breaks. 2000-03-02 14:54:02 +00:00
markm
7b8bbfd16b Update DISTRIBUTION for new crypto world order 2000-02-29 11:44:18 +00:00
markm
4dfdc66cab Use libcrypto instead of libdes. 2000-02-24 21:10:28 +00:00
ru
3f518216d3 Unbroke the reference to libalias(3). 2000-02-05 15:25:15 +00:00
brian
a904c172cd Remove MAINTAINER=
I don't claim to own the code and certainly don't want to discourage
people from fixing or updating it.

[I know it's the 29th, but the FREEZE hasn't yet been posted to committers]
2000-01-29 11:08:00 +00:00
brian
4d672453af If we're in callback mode, don't forget this fact when we
get into datalink_Down().

Submitted by: David Hedley <david@inty.co.uk>
2000-01-27 00:40:25 +00:00
brian
299a0de13e Actually ignore comments at the end of lines - broken with the commit
that made ppp *not* treat #s in quoted arguments as comments.
2000-01-27 00:40:10 +00:00
brian
c14760c27b Handle the availability of TUNSIFHEAD. If it's there, use it.
For the moment this is just overhead, but it'll be used for INET6
support later.
2000-01-23 01:48:19 +00:00
brian
a29610fe9a Use TUNSIFPID when we change our PID (if it exists). 2000-01-21 00:33:27 +00:00
brian
0b5a924d7b Use AUTHLEN for the length of authname 2000-01-17 12:27:29 +00:00
brian
43392f74a4 Don't set ifaddr::in_addrs to 1 after an ``iface clear'' on an interface
with no addresses.
2000-01-07 03:47:12 +00:00
brian
cca6aa2264 include stdlib.h (setproctitle() is prototyped there in OpenBSD) 2000-01-07 03:23:38 +00:00
brian
604f6ce5b9 Call serial devices `cuaXX'' instead of `cuaaX'' (in line
with OpenBSD conventions).
2000-01-07 03:11:56 +00:00
brian
b0f0fe699d .Bl -tag requires -width too
Obtained from: OpenBSD
2000-01-07 03:11:42 +00:00
brian
a1f298998e Remove an unused #define 2000-01-07 03:11:31 +00:00
brian
928cb58803 Ensure that there's a bit of extra space in our buffer when it's
passed to libalias.  If there's not enough space, things like ftp
PORT commands start failing....

Reported by: Gianmarco Giovannelli <gmarco@giovannelli.it>
2000-01-03 20:09:23 +00:00
brian
d229c8a13c Increase M_MAXLEN from 2048 - sizeof struct mbuf to
4096 - sizeof struct mbuf, and set MAX_MRU and MAX_MTU
back to 2048.

2048 is big enough as an MTU/MRU, but we need to be able
to allocate larger mbufs after reassembling IP fragments.
1999-12-30 13:27:15 +00:00
brian
65f9d00aad Add a few missing #includes 1999-12-30 03:40:29 +00:00
brian
7a49c5353e Correct usages of getuid() and geteuid()
Pointed out by: billf
1999-12-30 03:36:11 +00:00
brian
00a339312b Mention that it's only necessary to escape the '-' in chat scripts
twice (once for the arg parsing and once to make it a normal character).
Make the man page example consistent.

Reminded by: Bryan Liesner <bleez@netaxs.com>
1999-12-29 22:31:10 +00:00
brian
5269dd341c Add a bunch of `const's and fix a typo.
Submitted by: Rich Neswold <rneswold@MCS.Net>
1999-12-27 11:54:57 +00:00
brian
8d3683f53b Don't allowt '#' as a comment when it's embedded in quotes:
set something "xxx yyy # zzz" aaa

shouldn't be interpreted as

  set something "xxx yyy" aaa
1999-12-27 11:43:31 +00:00
brian
0c62acb307 Don't bother fork()ing after closing a ctty if ppp is about to
terminate anyway.
1999-12-23 21:43:25 +00:00
brian
da8bf273f7 Understand double-quotes anywhere on a command line in the same
way that a shell does.  The previous way ppp did it just didn't
make any sense.
1999-12-23 21:43:12 +00:00
brian
d191496da2 Correct warning about unindented commands when the unindented command
is actually a new label with a comment at the end of the line.
1999-12-23 21:43:00 +00:00
brian
baf28880b3 Don't munge ``set dial|login|logout|hangup'' arguments before
ExpandString() has a chance to do its own substitutions.
1999-12-22 21:48:12 +00:00
brian
20cf74c9c7 Fix my '#'-at-end-of-lines change, spammed by a subsequent commit. 1999-12-20 20:47:58 +00:00
brian
89c7950e1a Use getpwuid()->pw_dir instead of $HOME when expanding ``~''. 1999-12-20 20:30:47 +00:00
brian
540cfa0f95 Use getpwuid() instead of getlogin() in ``allow users''. 1999-12-20 20:30:40 +00:00
brian
b6574956b6 Add missing linefeed. 1999-12-20 20:30:35 +00:00
brian
32de026316 Cosmetic: clean up some parenthesis confusion 1999-12-20 20:30:30 +00:00
brian
0a37c5b3ad Handle comments at the end of lines. 1999-12-20 20:30:25 +00:00
brian
4145fb0c1b Notice and warn about unterminated quoted strings in commands.
The entire command is ignored if the syntax is invalid...
1999-12-20 20:30:02 +00:00
brian
ff8174b1b3 Implement mbuf allocation internally by maintaining 8 buckets of
different sized mbufs, and mallocing them in chunks of 20 mbufs
at a time.

This improves back-to-back throughput by between 7 and 8%
1999-12-20 20:29:51 +00:00
brian
86f30d4f38 Cosmetic: Make struct mbuf more like kernel mbufs. 1999-12-20 20:29:47 +00:00
brian
e320900d11 Learn to do pointer arithmatic (doh!) 1999-12-18 02:31:36 +00:00
brian
0a9c037304 Handle PPPoPTY correctly. 1999-12-13 18:45:21 +00:00
brian
0646335b2f Be careful not to re-initialise `struct stat' while it still has
a running timer.  This fixes a problem where a dial is manually
aborted, the hangup script kicks in and the chat timer ends up
on the timer queue twice (tick tick tick tick *boom*)
1999-12-03 06:33:10 +00:00
brian
e483373e23 Change the way we transfer links (again). The previous
method avoided all race conditions, but suffered from
sometimes running out of buffer space if enough clients
were piled up at the same time.

Now, the client pushes the link descriptor, one end of a
socketpair() and the ppp version via sendmsg() at the
server.  The server replies with a pid.  The client then
transfers any link lock with uu_lock_txfr() and writev()s
the actual link contents.  The socketpair is now the only
place we need to have large socket buffers and the bind()ed
socket can keep the default 4k buffer while still handling
around 90 racing clients.
1999-11-30 23:52:37 +00:00
brian
80af32c97b depricated -> deprecated + mention the -alias flag status in README.changes 1999-11-29 18:53:43 +00:00
brian
8181bafa69 Don't try to do a DIALOUT in -direct mode or if there's no phone
numbers set.
1999-11-28 15:50:23 +00:00
brian
08e4eaabf2 Make -foreground a proper option (allowing ``allow mode foreground'',
``set mode foreground'' etc.
1999-11-28 15:50:08 +00:00
brian
ae1dbed1c2 Allow extended pap success messages by believing in the PAP headers
length field rather than the one byte message length field embedded
in the packet.  This steps slightly outside of the protocol boundaries,
but should not cause any problems.

Limitation noted by: Simon Winwood <simon@winwood.org>
1999-11-26 22:44:45 +00:00
brian
f0003f3456 Change ``set cd'' so that its default value is device specific. The
default is still 1 second for ttys, but is now 6 seconds for i4b (ISDN)
devices and 5 seconds for ethernet (PPPoE) devices.
1999-11-26 22:44:33 +00:00
brian
659744dd68 Rewrite the link descriptor transfer code in MP mode.
Previously, ppp attempted to bind() to a local domain tcp socket
based on the peer authname & enddisc.  If it succeeded, it listen()ed
and became MP server.  If it failed, it connect()ed and became MP
client.  The server then select()ed on the descriptor, accept()ed
it and wrote its pid to it then read the link data & link file descriptor,
and finally sent an ack (``!'').  The client would read() the server
pid, transfer the link lock to that pid, send the link data & descriptor
and read the ack.  It would then close the descriptor and clean up.

There was a race between the bind() and listen() where someone could
attempt to connect() and fail.

This change removes the race.  Now ppp makes the RCVBUF big enough on a
socket descriptor and attempts to bind() to a local domain *udp* socket
(same name as before).  If it succeeds, it becomes MP server.  If it
fails, it sets the SNDBUF and connect()s, becoming MP client.  The server
select()s on the descriptor and recvmsg()s the message, insisting on at
least two descriptors (plus the link data).  It uses the second descriptor
to write() its pid then read()s an ack (``!'').  The client creates a
socketpair() and sendmsg()s the link data, link descriptor and one of
the socketpair descriptors.  It then read()s the server pid from the
other socketpair descriptor, transfers any locks and write()s an ack.

Now, there can be no race, and a connect() failure indicates a stale
socket file.

This also fixes MP ppp over ethernet, where the struct msghdr was being
misconstructed when transferring the control socket descriptor.

Also, if we fail to send the link, don't hang around in a ``session
owner'' state, just do the setsid() and fork() if it's required to
disown a tty.

UDP idea suggested by: Chris Bennet from Mindspring at FreeBSDCon
1999-11-25 02:47:04 +00:00
brian
0490237359 Don't setuid() 'till we've called ID0setproctitle() 1999-11-23 00:14:50 +00:00
brian
257703c14f Call MkSockNode() as uid 0
Forgotten by: julian
1999-11-21 23:27:23 +00:00
brian
1249128f88 Don't compile NETGRAPH out of ppp for the release crunch 1999-11-20 10:55:27 +00:00
brian
e68cdbf656 Update the time delta of the first item in TimerList before
inserting a new item.  Without this, it's possible to
mis-insert quite badly... but only by as much as the load of
the first item, which is almost always 1 second.

Initialise the timerservice with `restart' set if we're inserting
at the start of the list.
1999-11-19 23:21:13 +00:00
brian
23eed7f710 Fix ``set proctitle'' by using setproctitle(). 1999-11-17 21:12:35 +00:00
brian
1274c8c833 Remove some extraneous ifdefs, and don't try to put the socket in
O_NONBLOCK.  The select() is the best best as I don't want to muck
about with the send/receive thresholds.
1999-11-16 21:57:48 +00:00
brian
e6e4bcef43 Use modfind() to check if a kld is already loaded.
Submitted mostly by: green
1999-11-16 21:57:34 +00:00
brian
aa69617b79 Don't insist on 4 digit umasks in ``set server''.
Pointed out by: joerg
1999-11-13 16:18:40 +00:00
brian
8e0e122248 Make the meaning of the provider part of the PPPoE device spec clearer. 1999-11-13 16:18:27 +00:00
brian
86a6663de4 Oops, netgraph.o -> ether.o for the RELEASE build. 1999-11-11 02:25:17 +00:00
brian
d8b9f4c9fa If dev->connected is already set to CARRIER_OK in ether_AwaitCarrier,
don't go and set it to CARRIER_LOST !
1999-11-09 23:30:59 +00:00
brian
f87b3817a2 Don't recurse into datalink_UpdateSet() after
doing a HangupDone().  The HangupDone() may fuel
bundle_CleanDatalinks(), and if so, the bogus
UpdateSet() ends up select()ing on a closed
descriptor.....

Change the main `do/while' loop to a `for' loop so
that any `continue's do the bundle_CleanDatalinks()
& bundle_IsDead() bit.
1999-11-09 23:21:47 +00:00
brian
2a704f6cf5 Correct the ``-unix X'' parsing (last time I only corrected
``-unitX''.

Pointed out twice by: Gert-Jan Vons <gert-jan@bigfoot.com>
1999-11-09 21:59:09 +00:00
brian
18dee1f739 Be a bit smarter when identifying a netgraph node
(don't dereference NULL).
1999-11-09 19:05:48 +00:00
brian
21f1d38d7d Don't treat -unit as a mode flag when counting mode flags.
Submitted by: Gert-Jan Vons <gert-jan@bigfoot.com>
1999-11-09 00:32:21 +00:00
brian
63fbdd3588 Add an empty netgraph.o when building a release to keep the
crunch stuff happy.

Breakage spotted by: phk
1999-11-09 00:16:30 +00:00
brian
c32eabeda6 Don't zero-pad netgraph node ids
Recommended by: julian
1999-11-07 09:03:45 +00:00
brian
cac81ba45e Support PPPoE
Help (lots) from: julian, archie
Facilities from: ahebert@pubnix.net
1999-11-06 22:50:59 +00:00
brian
faf44b90cf Introduce ``set logout''; another chat script. This is in preparation
for the abstraction of ``set dial'' and ``set hangup''.
1999-10-25 13:49:44 +00:00
brian
6d6b73fcc1 Don't (unnecessarily) parse wtmp, force ID0logout() to DTRT instead. 1999-10-25 13:31:42 +00:00
brian
eefb16d7c8 Manually create a correct(*) entry in wtmp when logging out a PPPoTCP or
PPPoUDP connection.

(*) This is as correct as ftp and uucp wtmp entries are - that is,
multiple concurrent connections will not record enough information
in wtmp to tell last(1) who was logged in for how long.
1999-10-21 21:55:22 +00:00
brian
e9a7ac15d7 If we're running ppp -direct over a tcp or udp connection,
record the IP number in the `from' slot and not the tty slot.
We put ``ppp'' in the tty slot - in line with what ftp (and
probably others) does.
1999-10-21 01:19:23 +00:00
brian
113b2d5788 Don't go from PHASE_NETWORK to PHASE_ESTABLISH when we want to
re-open a device.  The fact that we're in NETWORK phase indicates
that there are other links in DATALINK_OPEN and that we don't want
to stop using them.
1999-10-21 00:19:33 +00:00
brian
39e862702c Add the -unit command line switch for specifying the tun device.
Warn about -alias being depricated (but still allow it).
Don't moan twice about failing to open any tun device.
Fix a diagnostic and add the -quiet switch to the usage message.
1999-10-19 15:21:09 +00:00
brian
8b3338a1eb Correct a few diagnostics 1999-10-16 13:28:04 +00:00
brian
16dcdca31e Don't ntohl() the signature before printing it... it's already
been done.

Spotted by: Gert-Jan Vons <gert-jan@bigfoot.com>
1999-10-16 09:18:15 +00:00
brian
179e3b22a2 When more than one timer is expired at once, allow for the possibility
that the first timer ends up doing a timer_Stop() on the second.

When this happens, remove the timer from the pending list so that
we still call any subsequent timers.

This bug has been here for several years, but has only been tickled
recently with my device layering changes.

With enormous thanks for the perseverance of: Ruslan Ermilov <ru@ucb.crimea.ua>
1999-10-15 20:44:34 +00:00
brian
cbc0d92369 When we get the last NCP TLD, close all datalinks with CLOSE_STAYDOWN
rather than CLOSE_NORMAL.
1999-10-15 20:36:04 +00:00
brian
f0dc30299f Redefine CRTS_IFLOW and CCTS_OFLOW on the mac.
Submitted by: Kazuyoshi Kato <kazk@yyy.or.jp>
1999-10-15 20:30:44 +00:00
brian
c1de2e69b9 When uncompressing VJ-compressed frames, fix the ip_sum directly
in struct cstate rather than copying the stored header slot into a
potentially mis-aligned buffer then trying to update the ip_sum
without causing an exception on non-i386 hardware.

I've never been able to reproduce this problem, but it has been
reported by many people... besides, the code is now a bit cleaner.

Testing & patience by: Anthony Solovjoff <asolovjoff@hotmail.com>
1999-10-13 07:49:13 +00:00
brian
b98112df4e Revert the 1.44 -> 1.45 change. It doesn't work as expected. 1999-10-08 16:09:15 +00:00
brian
b78d8db347 Don't go from datalink state opening directly to lcp, go via
carrier instead so that we can set up our carrier detect
timer and eventually notice when we lose carrier.

Honour the script.run value when coming out of carrier state.

PR:	14145
1999-10-07 07:32:12 +00:00
brian
38ec90a9b7 Mention the received/expected magic for dodgy ECHO LQRs. 1999-10-06 23:22:54 +00:00
brian
14fd42d30d Bring links down gently when their throughput isn't enough for
the ``set autoload'' value.  Don't just ``down'' the link.
Don't get stuck in ``ready'' the first time we ``close'' a link.
1999-10-05 05:01:44 +00:00
brian
f3bceef566 Support GRE packets
Submitted by: Harry Starr <starr@gccs.com.au>
1999-09-30 07:23:13 +00:00
brian
814514a640 Support ``set cd off'' to tell ppp not to even look for carrier on the
device.
1999-09-26 23:02:18 +00:00
brian
e86d608444 Typo
Submitted by:	Alex Nash <nash@mcs.net>
1999-09-24 23:57:22 +00:00
brian
672be93090 Allow ``make -DNOKLDLOAD'' 1999-09-22 00:44:45 +00:00
brian
531472ba31 Do a kldload() if we get ENXIO trying to open /dev/tun0
Originally submitted by: green
1999-09-22 00:40:47 +00:00
brian
cdf842b2df Back out the bogus #ifdef __NetBSD__ #include <signal.h> lines.
The original report was due to a mis-installation of the NetBS
header files :-/

Submitted by:	 Kazuyoshi Kato <kazk@yyy.or.jp>
1999-09-21 19:37:00 +00:00
brian
6e5a0a5cc4 Fix the `lt'' comparison in `set filter''
PR:		13819
Submitted by:	Dean M. Phillips <dphill@inav.net>
1999-09-21 01:02:05 +00:00
phantom
353c1a6746 Correct spelling : ascii -> ASCII
PR:		docs/13702
Submitted by:	Stephen J. Roznowski <sjr@home.com>
Reviewed by:	mpp
1999-09-20 09:15:23 +00:00
brian
463e41d5f8 NetBSD has moved ``extern int errno;'' to signal.h :-/
Submitted by:	Kazuyoshi Kato <kazk@yyy.or.jp>
1999-09-20 07:36:46 +00:00
brian
9c54df5d67 NetBSD requires net/if.h for the IFF_* defines (as well as OpenBSD) ! 1999-09-20 07:18:50 +00:00
brian
46ca602b1a Correct the return from FilterCheck for fragments
PR:		13771
Submitted by:	Dean M. Phillips <dphill@inav.net>
1999-09-16 18:47:59 +00:00
brian
7775aefb57 Cosmetic:
alias_cmd -> nat_cmd after a repo-copy
1999-09-08 07:34:52 +00:00
brian
2058967546 We don't need a queue for *CP data - these are IP-only queues. 1999-09-07 14:34:55 +00:00
brian
3157f75de6 Introduce a forth IP packet queue. Urgent packets with
ip_tos == IPTOS_LOWDELAY now get precidence over urgent
packets with ip_tos != IPTOS_LOWDELAY and non-urgent packets
with ip_tos == IPTOS_LOWDELAY.

Enhance the ``set urgent'' syntax to allow for urgent UDP
packets as well as urgent TCP packets.
1999-09-07 07:51:11 +00:00
brian
ea21e67db9 Make the ``Problem with IP header length'' error a bit more verbose 1999-09-06 18:20:26 +00:00
brian
029c9bc2f5 $FreeBSD$ -> __DATE__
This is probably more appropriate that $Date$ anyway
1999-09-06 18:11:50 +00:00
brian
1a77c3372e When logging warning messages, there are now three scenarios:
o If a prompt is executing the command, only display the warning to
  that prompt
o If a prompt is executing a ``load'' command, display the warning
  to all prompts *and* syslog
o Otherwise, display the warning to all prompts *and* syslog.
1999-09-06 08:16:33 +00:00
peter
e8a88abe94 $Date$ -> $FreeBSD$ 1999-09-06 07:36:44 +00:00
brian
dcb79a71e6 o Split the two IPCP queues into three - one for FSM data
(LCP/CCP/IPCP), one for urgent IP traffic and one for
  everything else.
o Add the ``set urgent'' command for adjusting the list of
  urgent port numbers.  The default urgent ports are 21, 22,
  23, 513, 514, 543 and 544 (Ports 80 and 81 have been
  removed from the default priority list).
o Increase the buffered packet threshold from 20 to 30.
o Report the number of packets in the IP output queue and the
  list of urgent ports under ``show ipcp''.
1999-09-04 00:00:21 +00:00
brian
f51d44e622 When sending radius authentication requests:
Supply RAD_NAS_IDENTIFIER if we have a `hostname` and
  RAD_IP_ADDRESS if that hostname resolves.

  Supply RAD_NAS_PORT using the ttyslot() of the tty that
  we're authenticating on if it's a tty device.

Partially submitted by: Andriy I Pilipenko <bamby@marka.net.ua>
PR:			12225
1999-09-03 10:31:34 +00:00
peter
efabb9ccb1 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
jkh
72d5ca324f I misunderstood the failure mode - revert BINMODE to 4554. I'm still
going to remove ppp from the installation options in 5 days if ppp is
still broken, however, as it hasn't worked at installation time
for several weeks now and it's only causing people to fill my mailbox
with questions.
1999-08-27 07:47:17 +00:00
jkh
cb170f6ffd I don't know who decided that an install mode of 4544 was correct, but
for a binary it's far from it.  This is why sysinstall is unable to run
ppp at startup time and causing weirdies in -current.
1999-08-27 06:01:27 +00:00
brian
adcdd2a153 Rebuild the list of interface numbers to names if we're trying
to evaluate an interface number that didn't previously exist.
1999-08-26 20:01:20 +00:00
brian
945ebc8846 Aligh mbufs to sizeof(long), not 4 1999-08-26 06:37:53 +00:00
brian
41c2c2caf9 Fix some mdoc(7) style inconsistences
Submitted by: Alexey M. Zelkin" <phantom@cris.net>
1999-08-25 21:39:40 +00:00
brian
101f128474 Cosmetic: bring closer to RELENG_3 1999-08-23 23:13:59 +00:00
brian
185ca62b17 NOALIAS -> NONAT
Reminded by: jkh
1999-08-22 23:17:57 +00:00
brian
6ed835abf4 Allow authkey to be changed independently of the current phase. 1999-08-22 01:29:53 +00:00
brian
4f537e1f79 o Add the -foreground switch. This switch behaves like -background except
that ppp stays in the foreground.
o Add the -quiet switch to quieten ppps startup
o Add the -nat flag and discourage the use of the -alias flag.  Both do
  the same thing.
o Correct some nat usage strings.
o Change the internal ``alias'' command to ``nat''.
1999-08-19 18:15:52 +00:00
brian
be5c500691 Mention `alias enable no'', not `alias enable off''. 1999-08-18 15:35:54 +00:00
brian
69ab84d0b3 Implement a minimum idle time value as an optional second argument
to ``set timeout''.
This is useful for situations where your minimum call charge is (say)
5 minutes (like mine is)
1999-08-17 17:22:46 +00:00
brian
56bc7b51a6 Set the close-on-exec flag for all unused descriptors when
exec()ing other programs.
1999-08-17 14:59:05 +00:00
brian
8b50508e93 If we receive an IPCP protocol reject, bring it down. 1999-08-10 08:42:20 +00:00
brian
d69ca183f0 Back out the last patch. I'm too tired to apply patches. 1999-08-09 23:49:59 +00:00