Commit Graph

8318 Commits

Author SHA1 Message Date
Brian Somers
250be50b72 Compensate for dodgy Win98/WinME MSCHAPv2 responses later in the code
path... after we've talked to any RADIUS servers involved, so that we
haven't touched the data before it gets to the server.

Make it clearer in the code that this compensation is done by setting
a flag to a value of zero, a flag which rfc2759 says *MUST* be zero.

While we're here, don't bother passing the peer challenge into
radius_Authenticate().  It's already part of the key we're passing in
(this becomes obvious now that I've structured that data...).

This ``fix'' doesn't help to authenticate Win98/WinME users in my test
environment as ports/net/freeradius seems to ignore the flag
completely anyway, but it may help with other RADIUS servers.
2002-06-17 01:12:38 +00:00
Garance A Drosehn
c9cb13a07b Just rename two generic-queue init routines from 'init_*' to '*_gi'
("gi" short for 'generic init'...).

MFC after:	10 days
2002-06-16 01:51:37 +00:00
Garance A Drosehn
5b1c34fbb7 Add a nearly complete rewrite of the lpc command 'down'. The only user-
visible change should be that more than one queue can now be specified,
if one uses the '-msg' parameter to separate the list of queues from the
status message to set.

The previous implementation of 'down' remains available as the command
'xdown', available for instant fallback if there seems to be anything
wrong with the new one.  If no one reports a problem after a few weeks,
then a later update will remove 'xdown'.

Reviewed by:	freebsd-print@bostonradio.org
MFC after:	10 days
2002-06-16 01:43:29 +00:00
Garance A Drosehn
e2e0461977 Make the description of the 'down' command a little more readable.
MFC after:	10 days
2002-06-15 23:47:40 +00:00
Garance A Drosehn
e7f478b2f6 Reorganize the way that arguments are processed in lpc's generic-queue
commands, to make things a little cleaner (mainly for a later update).

Reviewed by:	freebsd-print@bostonradio.org
MFC after:	10 days
2002-06-15 23:31:27 +00:00
Garance A Drosehn
54032d1198 Add a new command to 'lpc' called 'setstatus', which would be used to
change the status message of a print queue.  This includes some minor
changes to the upstat() routine, so that error messages are not printed
while seteuid(priv-user).

Reviewed by:	freebsd-audit and freebsd-print@bostonradio.org
MFC after:	10 days
2002-06-15 22:51:58 +00:00
Hajimu UMEMOTO
c4a0032fe3 Do not issue deprecated ioctl.
Obtained from:	KAME
MFC after:	2 weeks
2002-06-15 18:56:32 +00:00
Hajimu UMEMOTO
3b46313d9a Don't install obsolete gifconfig(8). Please use ifconfig(8) instead. 2002-06-15 18:04:51 +00:00
Hajimu UMEMOTO
23d84069ed Don't install obsolete prefix(8). We now have `ifconfig eui64'. 2002-06-15 15:41:44 +00:00
Brian Somers
3627fe880c A better prinflike fix... 2002-06-15 08:03:59 +00:00
Brian Somers
10be78d3ae Remove whitespace at the end of lines. 2002-06-15 08:03:30 +00:00
Brian Somers
3db951841c Fix a printflike format error 2002-06-15 01:36:36 +00:00
Brian Somers
61fe3f63bc Remove a forgotten diagnostic 2002-06-15 01:35:03 +00:00
Hajimu UMEMOTO
0a5f3ef410 Changed the behavior when an interface-direct prefix being advertised
was removed from the kernel;
Advertise the prefix with zero lifetimes rather than to remove the prefix
from the prefix list to be advertised.
This will help renumber a receiving host by deprecating the address
derived from the old prefix.

Obtained from:	KAME
MFC after:	2 weeks
2002-06-13 16:59:31 +00:00
Garance A Drosehn
5e55dc17fb Bah humbug. Fix another typo on the same comment line. It also had
an option-space instead of a space...

MFC after:	10 days
2002-06-13 02:37:50 +00:00
Garance A Drosehn
a32355e418 Fix a typo in a comment from the previous commit. I had a bullet-character
instead of an asterisk.

Noticed by:	keramida
MFC after:	10 days
2002-06-13 02:32:42 +00:00
Garance A Drosehn
e8e715fa62 Almost complete rewrite of the lpc commands 'abort', 'enable', 'disable',
'restart', 'start', 'stop' and 'up'.  These are commands which mainly
just alter the access bits on the lock-file of a queue, and they all
now use a central routine to do that.  This reduces the amount of code
that is run as the priv userid, and eliminates a number of cases where
error messages were written while that priv uid was in effect.

As far as users are concerned, there should be no noticable difference
in the new versions.  In case there *is*, the previous implementations
are still there as 'xabort', 'xenable', etc, so they are available for
instant fallback.  If no one reports a problem after a few weeks, then
a later update will remove those x-commands.

Reviewed by:	freebsd-audit and freebsd-print@bostonradio.org
MFC after:	10 days
2002-06-13 01:55:48 +00:00
Brian Somers
635ad5f021 If a RAD_FILTER_ID is supplied by the RADIUS server, treat it as an
additional label from ppp.linkup & ppp.linkdown to load.

Suggested and mostly submitted by: andrew pavlov <and@kremenchug.net>
2002-06-12 23:45:15 +00:00
Brian Somers
aea6acb6da Bump the version number to reflect the recent RADIUS commits 2002-06-12 23:00:12 +00:00
Brian Somers
a95b23a6b2 Don't forget to process the Ident field on the front of
RAD_MICROSOFT_MS_CHAP_ERROR and RAD_MICROSOFT_MS_CHAP2_SUCCESS
messages, and remove the hack in chap.c to ignore that ident field
on the client side.

This anomoly was hacked around during development, and I forgot to
go back and fix it properly.

Spotted by: Sergey Korolew <ds@rt.balakovo.ru>
2002-06-12 21:36:07 +00:00
Dag-Erling Smørgrav
937ce6a950 Reorder libraries to fix static linking (libssl depends on libcrypto, so
it must come before libcrypto in LDADD)

Reviewed by:	bde
2002-06-12 12:45:24 +00:00
Warner Losh
48462fb1b7 de __P
ANSI functions
minor knf
2002-06-12 04:28:15 +00:00
Warner Losh
30322d95ac KNF.
Use ANSI functions rather than old K&R style.
2002-06-12 04:18:35 +00:00
Warner Losh
1eb93d35cb Kill __P. 2002-06-12 04:13:09 +00:00
Brian Somers
8fb5ef5ae2 Understand the following Microsoft Vendor Specific RADIUS attributes:
RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY
  RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES
  RAD_MICROSOFT_MS_MPPE_RECV_KEY
  RAD_MICROSOFT_MS_MPPE_SEND_KEY

These attributes may be supplied by a RADIUS server when MSCHAPv2 is
used to authenticate.

It *should* now be possible to build ppp with -DNODES and still support
CHAP/MSCHAP/MSCHAPv2/MPPE via a RADIUS server, but the code isn't yet
smart enough to do that (building with -DNODES just looses these
facilities).

Sponsored by: Monzoon
2002-06-12 00:33:17 +00:00
Doug Barton
30d6b8e113 Go back to taking the user's umask into account. Thanks to Alfred for
hatching the idea of using dc, and Giorgos (keramida) for incubating it.

This also reverses most of the previous commit which took out or
modified the text about umask stuff.
2002-06-10 07:16:42 +00:00
David E. O'Brien
8777223029 Change our default XF86Config location from /etc/ to /etc/X11/,
following the lead of The XFree86 Project's default.

Approved by:	Murray
2002-06-10 04:47:26 +00:00
Mike Barcroft
6a85a2d149 Don't depend on <pwd.h> to bogusly include <sys/types.h>. 2002-06-09 19:29:55 +00:00
John Baldwin
2a0eb0b58c Fix a bug where request_part_size() was hard-coded to check the rootSize
variable rather than the one passed in as the first argument.

Sponsored by:	The Weather Channel
2002-06-07 15:32:05 +00:00
Doug Barton
d50489bc95 * Use the new stat(1) to get mode information from the files we
are installing.
* Since this means that for now we can't accomodate non-standard
umask's, warn the user accordingly.
* Convert the "press enter to continue" prompt into a function.
2002-06-06 20:38:22 +00:00
Ruslan Ermilov
4093807dd9 libfetch now depends on libcrypto and libssl. 2002-06-06 13:45:46 +00:00
Ruslan Ermilov
860a2bf505 Added missing DPADD detected by ``make checkdpadd''. 2002-06-06 11:30:57 +00:00
Brian Somers
12b5aaba39 Cast pid_t to long for printf()ing
Obtained from:	OpenBSD
2002-06-06 01:39:46 +00:00
Gordon Tetlow
3600cbb7c4 Fix spelling nit in error message. 2002-06-05 01:06:33 +00:00
Chris D. Faulhaber
90bd45f1c5 o Remove ftp.freebsd.org from the USA servers and add to the
Denmark servers.
o Add snapshots.jp.FreeBSD.org.

Approved by:	brian
2002-06-05 00:53:50 +00:00
Murray Stokely
2a295fdf9d Add information about setting up media to use the multi-volume support
in sysinstall.

Reviewed by:	ru
2002-06-05 00:34:58 +00:00
David E. O'Brien
b47f7d2f16 Grammar nit.
Submitted by:	keramida
2002-06-04 20:01:53 +00:00
Garance A Drosehn
5e127035e4 Change some "process id" variables from 'int' to 'pid_t', renaming some
of them to keep better track of which-is-which (multiple variables were
named 'pid').  Moved a global pid-variable into the only routine that
used it.  Net result: fixes two compile-time warnings...

MFC after:	2 weeks
2002-06-04 03:40:24 +00:00
Garance A Drosehn
0dcfaee0af Cosmetic improvements to some of the syslog() calls in here (in some cases
simply getting the indentation right when the statement wraps).

MFC after:	2 weeks
2002-06-04 02:48:12 +00:00
Garance A Drosehn
609614565f Fix all the 'return' statements in here to follow style(9).
MFC after:	2 weeks
2002-06-04 01:28:15 +00:00
Garance A Drosehn
4a13c4d9ee Avoid checking WIFEXITED and WTERMSIG in some error situations where the
value in wstatus is not related to the process that we care about.

MFC after:	2 weeks
2002-06-04 01:16:13 +00:00
John Baldwin
30c00e6c41 Backout revision 1.2 since it didn't work and replace it with a fix that
actually does work.  Ignore errors from kldload(2) if the errno value is
EEXIST.  It would help if this return value were documented in the
kldload(2) manual page.
2002-06-03 22:36:52 +00:00
Brian Somers
7b5e6f62fb Add a missing ``a''. 2002-06-03 21:36:20 +00:00
Garance A Drosehn
0760287064 Stop using the depreciated 'union wait' definitions, moving to a more
standard handling of wait()-related routines.

Submitted by:	mike
MFC after:	2 weeks
2002-06-03 20:47:01 +00:00
John Baldwin
e364f0da42 Fix handling of the 'noError' variable. According to the code comments,
one can set the 'noError' variable to ignore any errors that occur for the
next command.  However, the code was only unsetting 'noError' when an error
actually occurred, so if you set 'noError', the next command completed ok,
and the command after that failed, the second command's failure would be
ignored.  This fixes this by performing the 'noError' check earlier and
then unsetting 'noError' after every command that is run.

Sponsored by:	The Weather Channel
2002-06-03 19:42:49 +00:00
John Baldwin
77218da374 Add a 'mediaClose' script command to close the open media. An example use
would be to unmount the CD you installed from and prompt the user to
eject it before rebooting the machine.

Sponsored by:	The Weather Channel
2002-06-03 19:39:28 +00:00
Jens Schweikhardt
21dc7d4f57 Fix typo in the BSD copyright: s/withough/without/
Spotted and suggested by:	des
MFC after:	3 weeks
2002-06-02 20:05:59 +00:00
Brian Somers
aadbb4eab1 Don't send a RAD_NAS_IP_ADDRESS attribute as RAD_NAS_IDENTIFIER is
sufficient.

In fact, using both breaks the radiator RADIUS daemon when used with
a db as it maps both attributes to the same field value and then
fails the insert.

I decided to remove RAD_NAS_IP_ADDRESS on the basis that rfc2138 says:

      An Access-Request MUST contain a User-Name attribute.  It SHOULD
      contain either a NAS-IP-Address attribute or NAS-Identifier
      attribute (or both, although that is not recommended).  It MUST

despite the fact that this not recommended bit was removed from the
updated rfc.
2002-06-02 14:27:02 +00:00
Jens Schweikhardt
148aadf8bc Fix spelling errors: minumum, overriden, inheritted
MFC after:	3 weeks
2002-06-02 10:41:43 +00:00
Tim J. Robbins
dcafd7c96a Don't exit immediately if an error occurs, continue but exit non-zero. 2002-06-02 09:32:39 +00:00