diff --git a/dist/pppd/pppd/auth.c b/dist/pppd/pppd/auth.c index 38d5786e323f..70cdf789341a 100644 --- a/dist/pppd/pppd/auth.c +++ b/dist/pppd/pppd/auth.c @@ -1,4 +1,4 @@ -/* $NetBSD: auth.c,v 1.2 2005/02/20 10:47:16 cube Exp $ */ +/* $NetBSD: auth.c,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * auth.c - PPP authentication and phase control. @@ -75,7 +75,7 @@ #if 0 #define RCSID "Id: auth.c,v 1.101 2004/11/12 10:30:51 paulus Exp" #else -__RCSID("$NetBSD: auth.c,v 1.2 2005/02/20 10:47:16 cube Exp $"); +__RCSID("$NetBSD: auth.c,v 1.3 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -543,15 +543,25 @@ set_permitted_number(argv) /* * An Open on LCP has requested a change from Dead to Establish phase. - * Do what's necessary to bring the physical layer up. */ void link_required(unit) int unit; { +} + +/* + * Bring the link up to the point of being able to do ppp. + */ +void start_link(unit) + int unit; +{ + char *msg; + new_phase(PHASE_SERIALCONN); devfd = the_channel->connect(); + msg = "Connect script failed"; if (devfd < 0) goto fail; @@ -564,6 +574,7 @@ link_required(unit) * gives us. Thus we don't need the tdb_writelock/tdb_writeunlock. */ fd_ppp = the_channel->establish_ppp(devfd); + msg = "ppp establishment failed"; if (fd_ppp < 0) { status = EXIT_FATAL_ERROR; goto disconnect; @@ -597,7 +608,6 @@ link_required(unit) new_phase(PHASE_DEAD); if (the_channel->cleanup) (*the_channel->cleanup)(); - } /* @@ -659,6 +669,8 @@ link_terminated(unit) the_channel->disconnect(); devfd = -1; } + if (the_channel->cleanup) + (*the_channel->cleanup)(); if (doing_multilink && multilink_master) { if (!bundle_terminating) @@ -1002,10 +1014,12 @@ auth_withpeer_success(unit, protocol, prot_flavor) int unit, protocol, prot_flavor; { int bit; + const char *prot = ""; switch (protocol) { case PPP_CHAP: bit = CHAP_WITHPEER; + prot = "CHAP"; switch (prot_flavor) { case CHAP_MD5: bit |= CHAP_MD5_WITHPEER; @@ -1024,15 +1038,19 @@ auth_withpeer_success(unit, protocol, prot_flavor) if (passwd_from_file) BZERO(passwd, MAXSECRETLEN); bit = PAP_WITHPEER; + prot = "PAP"; break; case PPP_EAP: bit = EAP_WITHPEER; + prot = "EAP"; break; default: warn("auth_withpeer_success: unknown protocol %x", protocol); bit = 0; } + notice("%s authentication succeeded", prot); + /* Save the authentication method for later. */ auth_done[unit] |= bit; @@ -2566,5 +2584,5 @@ auth_script(script) argv[5] = strspeed; argv[6] = NULL; - auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL); + auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL, 0); } diff --git a/dist/pppd/pppd/ccp.c b/dist/pppd/pppd/ccp.c index fc4dd05fe046..ccd383706dba 100644 --- a/dist/pppd/pppd/ccp.c +++ b/dist/pppd/pppd/ccp.c @@ -1,4 +1,4 @@ -/* $NetBSD: ccp.c,v 1.1.1.1 2005/02/20 10:28:37 cube Exp $ */ +/* $NetBSD: ccp.c,v 1.2 2005/12/31 08:58:50 christos Exp $ */ /* * ccp.c - PPP Compression Control Protocol. @@ -35,7 +35,7 @@ #if 0 #define RCSID "Id: ccp.c,v 1.48 2004/11/13 02:28:15 paulus Exp" #else -__RCSID("$NetBSD: ccp.c,v 1.1.1.1 2005/02/20 10:28:37 cube Exp $"); +__RCSID("$NetBSD: ccp.c,v 1.2 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -1169,8 +1169,11 @@ ccp_reqci(f, p, lenp, dont_nak) } } else { /* Neither are set. */ - newret = CONFREJ; - break; + /* We cannot accept this. */ + newret = CONFNAK; + /* Give the peer our idea of what can be used, + so it can choose and confirm */ + ho->mppe = ao->mppe; } /* rebuild the opts */ diff --git a/dist/pppd/pppd/chap-new.c b/dist/pppd/pppd/chap-new.c index ab2e9a94c684..9b62e7e2a7d6 100644 --- a/dist/pppd/pppd/chap-new.c +++ b/dist/pppd/pppd/chap-new.c @@ -1,4 +1,4 @@ -/* $NetBSD: chap-new.c,v 1.1.1.1 2005/02/20 10:28:41 cube Exp $ */ +/* $NetBSD: chap-new.c,v 1.2 2005/12/31 08:58:50 christos Exp $ */ /* * chap-new.c - New CHAP implementation. @@ -35,7 +35,7 @@ #if 0 #define RCSID "Id: chap-new.c,v 1.6 2004/11/04 10:02:26 paulus Exp" #else -__RCSID("$NetBSD: chap-new.c,v 1.1.1.1 2005/02/20 10:28:41 cube Exp $"); +__RCSID("$NetBSD: chap-new.c,v 1.2 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -105,6 +105,7 @@ static struct chap_server_state { int challenge_xmits; int challenge_pktlen; unsigned char challenge[CHAL_MAX_PKTLEN]; + char message[256]; } server; /* Values for flags in chap_client_state and chap_server_state */ @@ -319,15 +320,12 @@ chap_handle_response(struct chap_server_state *ss, int id, int (*verifier)(char *, char *, int, struct chap_digest_type *, unsigned char *, unsigned char *, char *, int); char rname[MAXNAMELEN+1]; - char message[256]; if ((ss->flags & LOWERUP) == 0) return; if (id != ss->challenge[PPP_HDRLEN+1] || len < 2) return; - if ((ss->flags & AUTH_DONE) == 0) { - if ((ss->flags & CHALLENGE_VALID) == 0) - return; + if (ss->flags & CHALLENGE_VALID) { response = pkt; GETCHAR(response_len, pkt); len -= response_len + 1; /* length of name */ @@ -335,7 +333,6 @@ chap_handle_response(struct chap_server_state *ss, int id, if (len < 0) return; - ss->flags &= ~CHALLENGE_VALID; if (ss->flags & TIMEOUT_PENDING) { ss->flags &= ~TIMEOUT_PENDING; UNTIMEOUT(chap_timeout, ss); @@ -355,39 +352,43 @@ chap_handle_response(struct chap_server_state *ss, int id, verifier = chap_verify_response; ok = (*verifier)(name, ss->name, id, ss->digest, ss->challenge + PPP_HDRLEN + CHAP_HDRLEN, - response, message, sizeof(message)); + response, ss->message, sizeof(ss->message)); if (!ok || !auth_number()) { ss->flags |= AUTH_FAILED; warn("Peer %q failed CHAP authentication", name); } - } + } else if ((ss->flags & AUTH_DONE) == 0) + return; /* send the response */ p = outpacket_buf; MAKEHEADER(p, PPP_CHAP); - mlen = strlen(message); + mlen = strlen(ss->message); len = CHAP_HDRLEN + mlen; p[0] = (ss->flags & AUTH_FAILED)? CHAP_FAILURE: CHAP_SUCCESS; p[1] = id; p[2] = len >> 8; p[3] = len; if (mlen > 0) - memcpy(p + CHAP_HDRLEN, message, mlen); + memcpy(p + CHAP_HDRLEN, ss->message, mlen); output(0, outpacket_buf, PPP_HDRLEN + len); - if ((ss->flags & AUTH_DONE) == 0) { - ss->flags |= AUTH_DONE; + if (ss->flags & CHALLENGE_VALID) { + ss->flags &= ~CHALLENGE_VALID; if (ss->flags & AUTH_FAILED) { auth_peer_fail(0, PPP_CHAP); } else { - auth_peer_success(0, PPP_CHAP, ss->digest->code, - name, strlen(name)); + if ((ss->flags & AUTH_DONE) == 0) + auth_peer_success(0, PPP_CHAP, + ss->digest->code, + name, strlen(name)); if (chap_rechallenge_time) { ss->flags |= TIMEOUT_PENDING; TIMEOUT(chap_timeout, ss, chap_rechallenge_time); } } + ss->flags |= AUTH_DONE; } } @@ -509,6 +510,7 @@ chap_handle_status(struct chap_client_state *cs, int code, int id, auth_withpeer_success(0, PPP_CHAP, cs->digest->code); else { cs->flags |= AUTH_FAILED; + error("CHAP authentication failed"); auth_withpeer_fail(0, PPP_CHAP); } } @@ -560,6 +562,7 @@ chap_protrej(int unit) } if ((cs->flags & (AUTH_STARTED|AUTH_DONE)) == AUTH_STARTED) { cs->flags &= ~AUTH_STARTED; + error("CHAP authentication failed due to protocol-reject"); auth_withpeer_fail(0, PPP_CHAP); } } diff --git a/dist/pppd/pppd/chap_ms.c b/dist/pppd/pppd/chap_ms.c index bf582bc551da..cd7b0531a253 100644 --- a/dist/pppd/pppd/chap_ms.c +++ b/dist/pppd/pppd/chap_ms.c @@ -1,4 +1,4 @@ -/* $NetBSD: chap_ms.c,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: chap_ms.c,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * chap_ms.c - Microsoft MS-CHAP compatible implementation. @@ -81,7 +81,7 @@ #if 0 #define RCSID "Id: chap_ms.c,v 1.33 2004/11/12 09:57:43 paulus Exp" #else -__RCSID("$NetBSD: chap_ms.c,v 1.2 2005/02/20 10:47:17 cube Exp $"); +__RCSID("$NetBSD: chap_ms.c,v 1.3 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -97,7 +97,7 @@ __RCSID("$NetBSD: chap_ms.c,v 1.2 2005/02/20 10:47:17 cube Exp $"); #include #include -#define SHA1_SIGNATURE_SIZE 20 +#define SHA1_SIGNATURE_SIZE SHA1_DIGEST_LENGTH #include "pppd.h" #include "chap-new.h" @@ -114,13 +114,13 @@ static void ascii2unicode __P((char[], int, u_char[])); static void NTPasswordHash __P((char *, int, u_char[MD4_SIGNATURE_SIZE])); static void ChallengeResponse __P((u_char *, u_char *, u_char[24])); static void ChapMS_NT __P((u_char *, char *, int, u_char[24])); -static void ChapMS2_NT __P((char *, u_char[16], char *, char *, int, +static void ChapMS2_NT __P((u_char *, u_char[16], char *, char *, int, u_char[24])); static void GenerateAuthenticatorResponsePlain __P((char*, int, u_char[24], u_char[16], u_char *, char *, u_char[41])); #ifdef MSLANMAN -static void ChapMS_LANMan __P((u_char *, char *, int, MS_ChapResponse *)); +static void ChapMS_LANMan __P((u_char *, char *, int, u_char *)); #endif #ifdef MPPE @@ -204,8 +204,7 @@ chapms_verify_response(int id, char *name, unsigned char *challenge, unsigned char *response, char *message, int message_space) { - MS_ChapResponse *rmd; - MS_ChapResponse md; + unsigned char md[MS_CHAP_RESPONSE_LEN]; int diff; int challenge_len, response_len; @@ -214,10 +213,8 @@ chapms_verify_response(int id, char *name, if (response_len != MS_CHAP_RESPONSE_LEN) goto bad; - rmd = (MS_ChapResponse *) response; - #ifndef MSLANMAN - if (!rmd->UseNT[0]) { + if (!response[MS_CHAP_USENT]) { /* Should really propagate this into the error packet. */ notice("Peer request for LANMAN auth not supported"); goto bad; @@ -225,16 +222,17 @@ chapms_verify_response(int id, char *name, #endif /* Generate the expected response. */ - ChapMS(challenge, (char *)secret, secret_len, &md); + ChapMS(challenge, (char *)secret, secret_len, md); #ifdef MSLANMAN /* Determine which part of response to verify against */ - if (!rmd->UseNT[0]) - diff = memcmp(&rmd->LANManResp, &md.LANManResp, - sizeof(md.LANManResp)); + if (!response[MS_CHAP_USENT]) + diff = memcmp(&response[MS_CHAP_LANMANRESP], + &md[MS_CHAP_LANMANRESP], MS_CHAP_LANMANRESP_LEN); else #endif - diff = memcmp(&rmd->NTResp, &md.NTResp, sizeof(md.NTResp)); + diff = memcmp(&response[MS_CHAP_NTRESP], &md[MS_CHAP_NTRESP], + MS_CHAP_NTRESP_LEN); if (diff == 0) { slprintf(message, message_space, "Access granted"); @@ -254,8 +252,7 @@ chapms2_verify_response(int id, char *name, unsigned char *challenge, unsigned char *response, char *message, int message_space) { - MS_Chap2Response *rmd; - MS_Chap2Response md; + unsigned char md[MS_CHAP2_RESPONSE_LEN]; char saresponse[MS_AUTH_RESPONSE_LENGTH+1]; int challenge_len, response_len; @@ -264,11 +261,9 @@ chapms2_verify_response(int id, char *name, if (response_len != MS_CHAP2_RESPONSE_LEN) goto bad; /* not even the right length */ - rmd = (MS_Chap2Response *) response; - /* Generate the expected response and our mutual auth. */ - ChapMS2(challenge, rmd->PeerChallenge, name, - (char *)secret, secret_len, &md, + ChapMS2(challenge, &response[MS_CHAP2_PEER_CHALLENGE], name, + (char *)secret, secret_len, md, (unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR); /* compare MDs and send the appropriate status */ @@ -291,8 +286,9 @@ chapms2_verify_response(int id, char *name, * Special thanks to Alex Swiridov for * help debugging this. */ - if (memcmp(md.NTResp, rmd->NTResp, sizeof(md.NTResp)) == 0) { - if (rmd->Flags[0]) + if (memcmp(&md[MS_CHAP2_NTRESP], &response[MS_CHAP2_NTRESP], + MS_CHAP2_NTRESP_LEN) == 0) { + if (response[MS_CHAP2_FLAGS]) slprintf(message, message_space, "S=%s", saresponse); else slprintf(message, message_space, "S=%s M=%s", @@ -334,7 +330,7 @@ chapms_make_response(unsigned char *response, int id, char *our_name, { challenge++; /* skip length, should be 8 */ *response++ = MS_CHAP_RESPONSE_LEN; - ChapMS(challenge, secret, secret_len, (MS_ChapResponse *) response); + ChapMS(challenge, secret, secret_len, response); } static void @@ -350,8 +346,7 @@ chapms2_make_response(unsigned char *response, int id, char *our_name, #else NULL, #endif - our_name, secret, secret_len, - (MS_Chap2Response *) response, private, + our_name, secret, secret_len, response, private, MS_CHAP2_AUTHENTICATEE); } @@ -556,15 +551,14 @@ ChapMS_NT(u_char *rchallenge, char *secret, int secret_len, } static void -ChapMS2_NT(char *rchallenge, u_char PeerChallenge[16], char *username, +ChapMS2_NT(u_char *rchallenge, u_char PeerChallenge[16], char *username, char *secret, int secret_len, u_char NTResponse[24]) { u_char unicodePassword[MAX_NT_PASSWORD * 2]; u_char PasswordHash[MD4_SIGNATURE_SIZE]; u_char Challenge[8]; - ChallengeHash(PeerChallenge, (unsigned char *)rchallenge, username, - Challenge); + ChallengeHash(PeerChallenge, rchallenge, username, Challenge); /* Hash the Unicode version of the secret (== password). */ ascii2unicode(secret, secret_len, unicodePassword); @@ -578,7 +572,7 @@ static u_char *StdText = (u_char *)"KGS!@#$%"; /* key from rasapi32.dll */ static void ChapMS_LANMan(u_char *rchallenge, char *secret, int secret_len, - MS_ChapResponse *response) + unsigned char *response) { int i; u_char UcasePassword[MAX_NT_PASSWORD]; /* max is actually 14 */ @@ -592,7 +586,7 @@ ChapMS_LANMan(u_char *rchallenge, char *secret, int secret_len, DesEncrypt( StdText, PasswordHash + 0 ); (void) DesSetkey(UcasePassword + 7); DesEncrypt( StdText, PasswordHash + 8 ); - ChallengeResponse(rchallenge, PasswordHash, response->LANManResp); + ChallengeResponse(rchallenge, PasswordHash, &response[MS_CHAP_LANMANRESP]); } #endif @@ -825,19 +819,19 @@ SetMasterKeys(char *secret, int secret_len, u_char NTResponse[24], int IsServer) void ChapMS(u_char *rchallenge, char *secret, int secret_len, - MS_ChapResponse *response) + unsigned char *response) { - BZERO(response, sizeof(*response)); + BZERO(response, MS_CHAP_RESPONSE_LEN); - ChapMS_NT(rchallenge, secret, secret_len, response->NTResp); + ChapMS_NT(rchallenge, secret, secret_len, &response[MS_CHAP_NTRESP]); #ifdef MSLANMAN ChapMS_LANMan(rchallenge, secret, secret_len, response); /* preferred method is set by option */ - response->UseNT[0] = !ms_lanman; + response[MS_CHAP_USENT] = !ms_lanman; #else - response->UseNT[0] = 1; + response[MS_CHAP_USENT] = 1; #endif #ifdef MPPE @@ -847,45 +841,47 @@ ChapMS(u_char *rchallenge, char *secret, int secret_len, /* - * If PeerChallenge is NULL, one is generated and response->PeerChallenge - * is filled in. Call this way when generating a response. - * If PeerChallenge is supplied, it is copied into response->PeerChallenge. + * If PeerChallenge is NULL, one is generated and the PeerChallenge + * field of response is filled in. Call this way when generating a response. + * If PeerChallenge is supplied, it is copied into the PeerChallenge field. * Call this way when verifying a response (or debugging). - * Do not call with PeerChallenge = response->PeerChallenge. + * Do not call with PeerChallenge = response. * - * response->PeerChallenge is then used for calculation of the + * The PeerChallenge field of response is then used for calculation of the * Authenticator Response. */ void ChapMS2(u_char *rchallenge, u_char *PeerChallenge, - char *user, char *secret, int secret_len, MS_Chap2Response *response, + char *user, char *secret, int secret_len, unsigned char *response, u_char authResponse[], int authenticator) { /* ARGSUSED */ - u_char *p = response->PeerChallenge; + u_char *p = &response[MS_CHAP2_PEER_CHALLENGE]; int i; BZERO(response, sizeof(*response)); /* Generate the Peer-Challenge if requested, or copy it if supplied. */ if (!PeerChallenge) - for (i = 0; i < sizeof(response->PeerChallenge); i++) + for (i = 0; i < MS_CHAP2_PEER_CHAL_LEN; i++) *p++ = (u_char) (drand48() * 0xff); else - BCOPY(PeerChallenge, response->PeerChallenge, - sizeof(response->PeerChallenge)); + BCOPY(PeerChallenge, &response[MS_CHAP2_PEER_CHALLENGE], + MS_CHAP2_PEER_CHAL_LEN); /* Generate the NT-Response */ - ChapMS2_NT((char *)rchallenge, response->PeerChallenge, user, - secret, secret_len, response->NTResp); + ChapMS2_NT(rchallenge, &response[MS_CHAP2_PEER_CHALLENGE], user, + secret, secret_len, &response[MS_CHAP2_NTRESP]); /* Generate the Authenticator Response. */ - GenerateAuthenticatorResponsePlain(secret, secret_len, response->NTResp, - response->PeerChallenge, rchallenge, - user, authResponse); + GenerateAuthenticatorResponsePlain(secret, secret_len, + &response[MS_CHAP2_NTRESP], + &response[MS_CHAP2_PEER_CHALLENGE], + rchallenge, user, authResponse); #ifdef MPPE - SetMasterKeys(secret, secret_len, response->NTResp, authenticator); + SetMasterKeys(secret, secret_len, + &response[MS_CHAP2_NTRESP], authenticator); #endif } diff --git a/dist/pppd/pppd/chap_ms.h b/dist/pppd/pppd/chap_ms.h index 500c6927e2ad..73e20b1c0f32 100644 --- a/dist/pppd/pppd/chap_ms.h +++ b/dist/pppd/pppd/chap_ms.h @@ -1,4 +1,4 @@ -/* $NetBSD: chap_ms.h,v 1.1.1.1 2005/02/20 10:28:42 cube Exp $ */ +/* $NetBSD: chap_ms.h,v 1.2 2005/12/31 08:58:50 christos Exp $ */ /* * chap_ms.h - Challenge Handshake Authentication Protocol definitions. @@ -51,36 +51,23 @@ #define MS_CHAP_ERROR_CHANGING_PASSWORD 709 /* - * Apparently gcc on ARM gives all structures 4-byte alignment - * by default. This tells gcc that these structures may be - * unaligned and may not have extra padding inside them. + * Offsets within the response field for MS-CHAP */ -#ifdef __GNUC__ -#define PACKED __attribute__((__packed__)) -#else -#define PACKED -#endif +#define MS_CHAP_LANMANRESP 0 +#define MS_CHAP_LANMANRESP_LEN 24 +#define MS_CHAP_NTRESP 24 +#define MS_CHAP_NTRESP_LEN 24 +#define MS_CHAP_USENT 48 /* - * Use MS_CHAP_RESPONSE_LEN, rather than sizeof(MS_ChapResponse), - * in case this struct gets padded. + * Offsets within the response field for MS-CHAP2 */ -typedef struct { - u_char LANManResp[24]; - u_char NTResp[24]; - u_char UseNT[1]; /* If 1, ignore the LANMan response field */ -} MS_ChapResponse PACKED; - -/* - * Use MS_CHAP2_RESPONSE_LEN, rather than sizeof(MS_Chap2Response), - * in case this struct gets padded. - */ -typedef struct { - u_char PeerChallenge[16]; - u_char Reserved[8]; /* Must be zero */ - u_char NTResp[24]; - u_char Flags[1]; /* Must be zero */ -} MS_Chap2Response PACKED; +#define MS_CHAP2_PEER_CHALLENGE 0 +#define MS_CHAP2_PEER_CHAL_LEN 16 +#define MS_CHAP2_RESERVED_LEN 8 +#define MS_CHAP2_NTRESP 24 +#define MS_CHAP2_NTRESP_LEN 24 +#define MS_CHAP2_FLAGS 48 #ifdef MPPE #include /* MPPE_MAX_KEY_LEN */ @@ -102,9 +89,9 @@ extern void set_mppe_enc_types(int, int); #define MS_CHAP2_AUTHENTICATEE 0 #define MS_CHAP2_AUTHENTICATOR 1 -void ChapMS __P((u_char *, char *, int, MS_ChapResponse *)); +void ChapMS __P((u_char *, char *, int, u_char *)); void ChapMS2 __P((u_char *, u_char *, char *, char *, int, - MS_Chap2Response *, u_char[MS_AUTH_RESPONSE_LENGTH+1], int)); + u_char *, u_char[MS_AUTH_RESPONSE_LENGTH+1], int)); #ifdef MPPE void mppe_set_keys __P((u_char *, u_char[MD4_SIGNATURE_SIZE])); void mppe_set_keys2(u_char PasswordHashHash[MD4_SIGNATURE_SIZE], diff --git a/dist/pppd/pppd/ipcp.c b/dist/pppd/pppd/ipcp.c index 1b57709a1986..d3e2ae2f1ac4 100644 --- a/dist/pppd/pppd/ipcp.c +++ b/dist/pppd/pppd/ipcp.c @@ -1,4 +1,4 @@ -/* $NetBSD: ipcp.c,v 1.1.1.1 2005/02/20 10:28:45 cube Exp $ */ +/* $NetBSD: ipcp.c,v 1.2 2005/12/31 08:58:50 christos Exp $ */ /* * ipcp.c - PPP IP Control Protocol. @@ -47,7 +47,7 @@ #if 0 #define RCSID "Id: ipcp.c,v 1.69 2004/11/13 12:03:26 paulus Exp" #else -__RCSID("$NetBSD: ipcp.c,v 1.1.1.1 2005/02/20 10:28:45 cube Exp $"); +__RCSID("$NetBSD: ipcp.c,v 1.2 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -275,7 +275,7 @@ struct protent ipcp_protent = { }; static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t)); -static void ipcp_script __P((char *)); /* Run an up/down script */ +static void ipcp_script __P((char *, int)); /* Run an up/down script */ static void ipcp_script_done __P((void *)); /* @@ -1665,6 +1665,7 @@ ip_demand_conf(u) } if (!sifaddr(u, wo->ouraddr, wo->hisaddr, GetMask(wo->ouraddr))) return 0; + ipcp_script(_PATH_IPPREUP, 1); if (!sifup(u)) return 0; if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) @@ -1804,6 +1805,9 @@ ipcp_up(f) } #endif + /* run the pre-up script, if any, and wait for it to finish */ + ipcp_script(_PATH_IPPREUP, 1); + /* bring the interface up for IP */ if (!sifup(f->unit)) { if (debug) @@ -1857,7 +1861,7 @@ ipcp_up(f) */ if (ipcp_script_state == s_down && ipcp_script_pid == 0) { ipcp_script_state = s_up; - ipcp_script(_PATH_IPUP); + ipcp_script(_PATH_IPUP, 0); } } @@ -1907,7 +1911,7 @@ ipcp_down(f) /* Execute the ip-down script */ if (ipcp_script_state == s_up && ipcp_script_pid == 0) { ipcp_script_state = s_down; - ipcp_script(_PATH_IPDOWN); + ipcp_script(_PATH_IPDOWN, 0); } } @@ -1961,13 +1965,13 @@ ipcp_script_done(arg) case s_up: if (ipcp_fsm[0].state != OPENED) { ipcp_script_state = s_down; - ipcp_script(_PATH_IPDOWN); + ipcp_script(_PATH_IPDOWN, 0); } break; case s_down: if (ipcp_fsm[0].state == OPENED) { ipcp_script_state = s_up; - ipcp_script(_PATH_IPUP); + ipcp_script(_PATH_IPUP, 0); } break; } @@ -1979,8 +1983,9 @@ ipcp_script_done(arg) * interface-name tty-name speed local-IP remote-IP. */ static void -ipcp_script(script) +ipcp_script(script, wait) char *script; + int wait; { char strspeed[32], strlocal[32], strremote[32]; char *argv[8]; @@ -1997,7 +2002,11 @@ ipcp_script(script) argv[5] = strremote; argv[6] = ipparam; argv[7] = NULL; - ipcp_script_pid = run_program(script, argv, 0, ipcp_script_done, NULL); + if (wait) + run_program(script, argv, 0, NULL, NULL, 1); + else + ipcp_script_pid = run_program(script, argv, 0, ipcp_script_done, + NULL, 0); } /* diff --git a/dist/pppd/pppd/ipv6cp.c b/dist/pppd/pppd/ipv6cp.c index 53c39c2fec1f..45af92905b12 100644 --- a/dist/pppd/pppd/ipv6cp.c +++ b/dist/pppd/pppd/ipv6cp.c @@ -1,4 +1,4 @@ -/* $NetBSD: ipv6cp.c,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: ipv6cp.c,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * ipv6cp.c - PPP IPV6 Control Protocol. @@ -145,7 +145,7 @@ #if 0 #define RCSID "Id: ipv6cp.c,v 1.20 2004/11/13 02:28:15 paulus Exp" #else -__RCSID("$NetBSD: ipv6cp.c,v 1.2 2005/02/20 10:47:17 cube Exp $"); +__RCSID("$NetBSD: ipv6cp.c,v 1.3 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -1432,7 +1432,8 @@ ipv6cp_script(script) argv[6] = ipparam; argv[7] = NULL; - ipv6cp_script_pid = run_program(script, argv, 0, ipv6cp_script_done, NULL); + ipv6cp_script_pid = run_program(script, argv, 0, ipv6cp_script_done, + NULL, 0); } /* diff --git a/dist/pppd/pppd/ipxcp.c b/dist/pppd/pppd/ipxcp.c index 878bdd994970..f4ff4a097de1 100644 --- a/dist/pppd/pppd/ipxcp.c +++ b/dist/pppd/pppd/ipxcp.c @@ -1,4 +1,4 @@ -/* $NetBSD: ipxcp.c,v 1.1.1.1 2005/02/20 10:28:47 cube Exp $ */ +/* $NetBSD: ipxcp.c,v 1.2 2005/12/31 08:58:50 christos Exp $ */ /* * ipxcp.c - PPP IPX Control Protocol. @@ -49,7 +49,7 @@ #if 0 #define RCSID "Id: ipxcp.c,v 1.23 2004/11/13 02:28:15 paulus Exp" #else -__RCSID("$NetBSD: ipxcp.c,v 1.1.1.1 2005/02/20 10:28:47 cube Exp $"); +__RCSID("$NetBSD: ipxcp.c,v 1.2 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -1469,7 +1469,7 @@ ipxcp_script(f, script) argv[11] = ipparam; argv[12] = strpid; argv[13] = NULL; - run_program(script, argv, 0, NULL, NULL); + run_program(script, argv, 0, NULL, NULL, 0); } /* diff --git a/dist/pppd/pppd/lcp.c b/dist/pppd/pppd/lcp.c index d63a47d29d79..a78e9aea3b14 100644 --- a/dist/pppd/pppd/lcp.c +++ b/dist/pppd/pppd/lcp.c @@ -1,4 +1,4 @@ -/* $NetBSD: lcp.c,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: lcp.c,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * lcp.c - PPP Link Control Protocol. @@ -47,7 +47,7 @@ #if 0 #define RCSID "Id: lcp.c,v 1.74 2004/11/13 02:28:15 paulus Exp" #else -__RCSID("$NetBSD: lcp.c,v 1.2 2005/02/20 10:47:17 cube Exp $"); +__RCSID("$NetBSD: lcp.c,v 1.3 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -548,6 +548,8 @@ lcp_extcode(f, code, id, inp, len) break; case DISCREQ: + case IDENTIF: + case TIMEREM: break; default: @@ -571,6 +573,7 @@ lcp_rprotrej(f, inp, len) int i; struct protent *protp; u_short prot; + const char *pname; if (len < 2) { LCPDEBUG(("lcp_rprotrej: Rcvd short Protocol-Reject packet!")); @@ -588,16 +591,27 @@ lcp_rprotrej(f, inp, len) return; } + pname = protocol_name(prot); + /* * Upcall the proper Protocol-Reject routine. */ for (i = 0; (protp = protocols[i]) != NULL; ++i) if (protp->protocol == prot && protp->enabled_flag) { + if (pname == NULL) + dbglog("Protocol-Reject for 0x%x received", prot); + else + dbglog("Protocol-Reject for '%s' (0x%x) received", pname, + prot); (*protp->protrej)(f->unit); return; } - warn("Protocol-Reject for unsupported protocol 0x%x", prot); + if (pname == NULL) + warn("Protocol-Reject for unsupported protocol 0x%x", prot); + else + warn("Protocol-Reject for unsupported protocol '%s' (0x%x)", pname, + prot); } @@ -1991,7 +2005,8 @@ lcp_finished(f) static char *lcp_codenames[] = { "ConfReq", "ConfAck", "ConfNak", "ConfRej", "TermReq", "TermAck", "CodeRej", "ProtRej", - "EchoReq", "EchoRep", "DiscReq" + "EchoReq", "EchoRep", "DiscReq", "Ident", + "TimeRem" }; static int @@ -2195,10 +2210,31 @@ lcp_printpkt(p, plen, printer, arg) if (len >= 4) { GETLONG(cilong, p); printer(arg, " magic=0x%x", cilong); - p += 4; len -= 4; } break; + + case IDENTIF: + case TIMEREM: + if (len >= 4) { + GETLONG(cilong, p); + printer(arg, " magic=0x%x", cilong); + len -= 4; + } + if (code == TIMEREM) { + if (len < 4) + break; + GETLONG(cilong, p); + printer(arg, " seconds=%u", cilong); + len -= 4; + } + if (len > 0) { + printer(arg, " "); + print_string((char *)p, len, printer, arg); + p += len; + len = 0; + } + break; } /* print the rest of the bytes in the packet */ @@ -2307,9 +2343,6 @@ LcpSendEchoRequest (f) u_int32_t lcp_magic; u_char pkt[4], *pktp; - if (f->state != OPENED) - return; - /* * Detect the failure of the peer at this point. */ @@ -2323,12 +2356,14 @@ LcpSendEchoRequest (f) /* * Make and send the echo request frame. */ - if (lcp_echo_hook) (*lcp_echo_hook)(lcp_echos_pending); - lcp_magic = lcp_gotoptions[f->unit].magicnumber; - pktp = pkt; - PUTLONG(lcp_magic, pktp); - fsm_sdata(f, ECHOREQ, lcp_echo_number++ & 0xFF, pkt, pktp - pkt); - ++lcp_echos_pending; + if (f->state == OPENED) { + if (lcp_echo_hook) (*lcp_echo_hook)(lcp_echos_pending); + lcp_magic = lcp_gotoptions[f->unit].magicnumber; + pktp = pkt; + PUTLONG(lcp_magic, pktp); + fsm_sdata(f, ECHOREQ, lcp_echo_number++ & 0xFF, pkt, pktp - pkt); + ++lcp_echos_pending; + } } /* diff --git a/dist/pppd/pppd/lcp.h b/dist/pppd/pppd/lcp.h index 233f0e0a4950..b88929cb6e70 100644 --- a/dist/pppd/pppd/lcp.h +++ b/dist/pppd/pppd/lcp.h @@ -1,4 +1,4 @@ -/* $NetBSD: lcp.h,v 1.1.1.1 2005/02/20 10:28:49 cube Exp $ */ +/* $NetBSD: lcp.h,v 1.2 2005/12/31 08:58:50 christos Exp $ */ /* * lcp.h - Link Control Protocol definitions. @@ -47,6 +47,7 @@ /* * Options. */ +#define CI_VENDOR 0 /* Vendor Specific */ #define CI_MRU 1 /* Maximum Receive Unit */ #define CI_ASYNCMAP 2 /* Async Control Character Map */ #define CI_AUTHTYPE 3 /* Authentication Type */ @@ -54,18 +55,33 @@ #define CI_MAGICNUMBER 5 /* Magic Number */ #define CI_PCOMPRESSION 7 /* Protocol Field Compression */ #define CI_ACCOMPRESSION 8 /* Address/Control Field Compression */ +#define CI_FCSALTERN 9 /* FCS-Alternatives */ +#define CI_SDP 10 /* Self-Describing-Pad */ +#define CI_NUMBERED 11 /* Numbered-Mode */ #define CI_CALLBACK 13 /* callback */ #define CI_MRRU 17 /* max reconstructed receive unit; multilink */ #define CI_SSNHF 18 /* short sequence numbers for multilink */ #define CI_EPDISC 19 /* endpoint discriminator */ +#define CI_MPPLUS 22 /* Multi-Link-Plus-Procedure */ +#define CI_LDISC 23 /* Link-Discriminator */ +#define CI_LCPAUTH 24 /* LCP Authentication */ +#define CI_COBS 25 /* Consistent Overhead Byte Stuffing */ +#define CI_PREFELIS 26 /* Prefix Elision */ +#define CI_MPHDRFMT 27 /* MP Header Format */ +#define CI_I18N 28 /* Internationalization */ +#define CI_SDL 29 /* Simple Data Link */ /* - * LCP-specific packet types. + * LCP-specific packet types (code numbers). */ #define PROTREJ 8 /* Protocol Reject */ #define ECHOREQ 9 /* Echo Request */ #define ECHOREP 10 /* Echo Reply */ #define DISCREQ 11 /* Discard Request */ +#define IDENTIF 12 /* Identification */ +#define TIMEREM 13 /* Time Remaining */ + +/* Value used as data for CI_CALLBACK option */ #define CBCP_OPT 6 /* Use callback control protocol */ /* diff --git a/dist/pppd/pppd/main.c b/dist/pppd/pppd/main.c index d6bea654f19c..56a8a3495830 100644 --- a/dist/pppd/pppd/main.c +++ b/dist/pppd/pppd/main.c @@ -1,4 +1,4 @@ -/* $NetBSD: main.c,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: main.c,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * main.c - Point-to-Point Protocol main module @@ -73,7 +73,7 @@ #if 0 #define RCSID "Id: main.c,v 1.148 2004/11/13 12:05:48 paulus Exp" #else -__RCSID("$NetBSD: main.c,v 1.2 2005/02/20 10:47:17 cube Exp $"); +__RCSID("$NetBSD: main.c,v 1.3 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -242,7 +242,6 @@ static void create_pidfile __P((int pid)); static void create_linkpidfile __P((int pid)); static void cleanup __P((void)); static void get_input __P((void)); -static const char *protocol_name __P((int)); static void calltimeout __P((void)); static struct timeval *timeleft __P((struct timeval *)); static void kill_my_pg __P((int)); @@ -493,14 +492,8 @@ main(argc, argv) /* * Open the loopback channel and set it up to be the ppp interface. */ -#ifdef USE_TDB - tdb_writelock(pppdb); -#endif fd_loop = open_ppp_loopback(); set_ifunit(1); -#ifdef USE_TDB - tdb_writeunlock(pppdb); -#endif /* * Configure the interface and mark it up, etc. */ @@ -551,6 +544,7 @@ main(argc, argv) script_unsetenv("BYTES_RCVD"); lcp_open(0); /* Start protocol */ + start_link(0); while (phase != PHASE_DEAD) { handle_events(); get_input(); @@ -568,6 +562,8 @@ main(argc, argv) } } } + /* restore FSMs to original state */ + lcp_close(0, ""); if (!persist || asked_to_quit || (maxfail > 0 && unsuccess >= maxfail)) break; @@ -906,14 +902,54 @@ struct protocol_list { { 0x4b, "SNA over 802.2" }, { 0x4d, "SNA" }, { 0x4f, "IP6 Header Compression" }, + { 0x51, "KNX Bridging Data" }, + { 0x53, "Encryption" }, + { 0x55, "Individual Link Encryption" }, + { 0x57, "IPv6" }, + { 0x59, "PPP Muxing" }, + { 0x5b, "Vendor-Specific Network Protocol" }, + { 0x61, "RTP IPHC Full Header" }, + { 0x63, "RTP IPHC Compressed TCP" }, + { 0x65, "RTP IPHC Compressed non-TCP" }, + { 0x67, "RTP IPHC Compressed UDP 8" }, + { 0x69, "RTP IPHC Compressed RTP 8" }, { 0x6f, "Stampede Bridging" }, + { 0x73, "MP+" }, + { 0xc1, "NTCITS IPI" }, { 0xfb, "single-link compression" }, - { 0xfd, "1st choice compression" }, + { 0xfd, "Compressed Datagram" }, { 0x0201, "802.1d Hello Packets" }, { 0x0203, "IBM Source Routing BPDU" }, { 0x0205, "DEC LANBridge100 Spanning Tree" }, + { 0x0207, "Cisco Discovery Protocol" }, + { 0x0209, "Netcs Twin Routing" }, + { 0x020b, "STP - Scheduled Transfer Protocol" }, + { 0x020d, "EDP - Extreme Discovery Protocol" }, + { 0x0211, "Optical Supervisory Channel Protocol" }, + { 0x0213, "Optical Supervisory Channel Protocol" }, { 0x0231, "Luxcom" }, { 0x0233, "Sigma Network Systems" }, + { 0x0235, "Apple Client Server Protocol" }, + { 0x0281, "MPLS Unicast" }, + { 0x0283, "MPLS Multicast" }, + { 0x0285, "IEEE p1284.4 standard - data packets" }, + { 0x0287, "ETSI TETRA Network Protocol Type 1" }, + { 0x0289, "Multichannel Flow Treatment Protocol" }, + { 0x2063, "RTP IPHC Compressed TCP No Delta" }, + { 0x2065, "RTP IPHC Context State" }, + { 0x2067, "RTP IPHC Compressed UDP 16" }, + { 0x2069, "RTP IPHC Compressed RTP 16" }, + { 0x4001, "Cray Communications Control Protocol" }, + { 0x4003, "CDPD Mobile Network Registration Protocol" }, + { 0x4005, "Expand accelerator protocol" }, + { 0x4007, "ODSICP NCP" }, + { 0x4009, "DOCSIS DLL" }, + { 0x400B, "Cetacean Network Detection Protocol" }, + { 0x4021, "Stacker LZS" }, + { 0x4023, "RefTek Protocol" }, + { 0x4025, "Fibre Channel" }, + { 0x4027, "EMIT Protocols" }, + { 0x405b, "Vendor-Specific Protocol (VSP)" }, { 0x8021, "Internet Protocol Control Protocol" }, { 0x8023, "OSI Network Layer Control Protocol" }, { 0x8025, "Xerox NS IDP Control Protocol" }, @@ -933,24 +969,50 @@ struct protocol_list { { 0x804b, "SNA over 802.2 Control Protocol" }, { 0x804d, "SNA Control Protocol" }, { 0x804f, "IP6 Header Compression Control Protocol" }, - { 0x006f, "Stampede Bridging Control Protocol" }, + { 0x8051, "KNX Bridging Control Protocol" }, + { 0x8053, "Encryption Control Protocol" }, + { 0x8055, "Individual Link Encryption Control Protocol" }, + { 0x8057, "IPv6 Control Protovol" }, + { 0x8059, "PPP Muxing Control Protocol" }, + { 0x805b, "Vendor-Specific Network Control Protocol (VSNCP)" }, + { 0x806f, "Stampede Bridging Control Protocol" }, + { 0x8073, "MP+ Control Protocol" }, + { 0x80c1, "NTCITS IPI Control Protocol" }, { 0x80fb, "Single Link Compression Control Protocol" }, { 0x80fd, "Compression Control Protocol" }, + { 0x8207, "Cisco Discovery Protocol Control" }, + { 0x8209, "Netcs Twin Routing" }, + { 0x820b, "STP - Control Protocol" }, + { 0x820d, "EDPCP - Extreme Discovery Protocol Ctrl Prtcl" }, + { 0x8235, "Apple Client Server Protocol Control" }, + { 0x8281, "MPLSCP" }, + { 0x8285, "IEEE p1284.4 standard - Protocol Control" }, + { 0x8287, "ETSI TETRA TNP1 Control Protocol" }, + { 0x8289, "Multichannel Flow Treatment Protocol" }, { 0xc021, "Link Control Protocol" }, { 0xc023, "Password Authentication Protocol" }, { 0xc025, "Link Quality Report" }, { 0xc027, "Shiva Password Authentication Protocol" }, { 0xc029, "CallBack Control Protocol (CBCP)" }, + { 0xc02b, "BACP Bandwidth Allocation Control Protocol" }, + { 0xc02d, "BAP" }, + { 0xc05b, "Vendor-Specific Authentication Protocol (VSAP)" }, { 0xc081, "Container Control Protocol" }, { 0xc223, "Challenge Handshake Authentication Protocol" }, + { 0xc225, "RSA Authentication Protocol" }, + { 0xc227, "Extensible Authentication Protocol" }, + { 0xc229, "Mitsubishi Security Info Exch Ptcl (SIEP)" }, + { 0xc26f, "Stampede Bridging Authorization Protocol" }, { 0xc281, "Proprietary Authentication Protocol" }, + { 0xc283, "Proprietary Authentication Protocol" }, + { 0xc481, "Proprietary Node ID Authentication Protocol" }, { 0, NULL }, }; /* * protocol_name - find a name for a PPP protocol. */ -static const char * +const char * protocol_name(proto) int proto; { @@ -1610,7 +1672,7 @@ device_script(program, in, out, dont_wait) /* * run-program - execute a program with given arguments, - * but don't wait for it. + * but don't wait for it unless wait is non-zero. * If the program can't be executed, logs an error unless * must_exist is 0 and the program file doesn't exist. * Returns -1 if it couldn't fork, 0 if the file doesn't exist @@ -1619,14 +1681,15 @@ device_script(program, in, out, dont_wait) * reap_kids) iff the return value is > 0. */ pid_t -run_program(prog, args, must_exist, done, arg) +run_program(prog, args, must_exist, done, arg, wait) char *prog; char **args; int must_exist; void (*done) __P((void *)); void *arg; + int wait; { - int pid; + int pid, status; struct stat sbuf; /* @@ -1652,6 +1715,14 @@ run_program(prog, args, must_exist, done, arg) if (debug) dbglog("Script %s started (pid %d)", prog, pid); record_child(pid, prog, done, arg); + if (wait) { + while (waitpid(pid, &status, 0) < 0) { + if (errno == EINTR) + continue; + fatal("error waiting for script %s: %m", prog); + } + reap_kids(); + } return pid; } @@ -1677,7 +1748,7 @@ run_program(prog, args, must_exist, done, arg) syslog(LOG_ERR, "Can't execute %s: %m", prog); closelog(); } - _exit(1); + _exit(-1); } @@ -1937,6 +2008,49 @@ script_unsetenv(var) #endif } +/* + * Any arbitrary string used as a key for locking the database. + * It doesn't matter what it is as long as all pppds use the same string. + */ +#define PPPD_LOCK_KEY "pppd lock" + +/* + * lock_db - get an exclusive lock on the TDB database. + * Used to ensure atomicity of various lookup/modify operations. + */ +void lock_db() +{ +#ifdef USE_TDB +#ifdef notyet + TDB_DATA key; + + key.dptr = PPPD_LOCK_KEY; + key.dsize = strlen(key.dptr); + tdb_chainlock(pppdb, key); +#else + tdb_writelock(pppdb); +#endif +#endif +} + +/* + * unlock_db - remove the exclusive lock obtained by lock_db. + */ +void unlock_db() +{ +#ifdef USE_TDB +#ifdef notyet + TDB_DATA key; + + key.dptr = PPPD_LOCK_KEY; + key.dsize = strlen(key.dptr); + tdb_chainunlock(pppdb, key); +#else + tdb_writeunlock(pppdb); +#endif +#endif +} + #ifdef USE_TDB /* * update_db_entry - update our entry in the database. diff --git a/dist/pppd/pppd/multilink.c b/dist/pppd/pppd/multilink.c index 06fd6cc1d2df..ecf35f9702ce 100644 --- a/dist/pppd/pppd/multilink.c +++ b/dist/pppd/pppd/multilink.c @@ -1,4 +1,4 @@ -/* $NetBSD: multilink.c,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: multilink.c,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * multilink.c - support routines for multilink. @@ -195,7 +195,7 @@ mp_join_bundle() * Check if the bundle ID is already in the database. */ unit = -1; - tdb_writelock(pppdb); + lock_db(); key.dptr = bundle_id; key.dsize = p - bundle_id; pid = tdb_fetch(pppdb, key); @@ -223,7 +223,7 @@ mp_join_bundle() set_ifunit(0); script_setenv("BUNDLE", bundle_id + 7, 0); make_bundle_links(1); - tdb_writeunlock(pppdb); + unlock_db(); info("Link attached to %s", ifname); return 1; } @@ -236,7 +236,7 @@ mp_join_bundle() netif_set_mtu(0, mtu); script_setenv("BUNDLE", bundle_id + 7, 1); make_bundle_links(0); - tdb_writeunlock(pppdb); + unlock_db(); info("New bundle %s created", ifname); multilink_master = 1; return 0; @@ -244,9 +244,9 @@ mp_join_bundle() void mp_exit_bundle() { - tdb_writelock(pppdb); + lock_db(); remove_bundle_link(); - tdb_writeunlock(pppdb); + unlock_db(); } static void sendhup(char *str) @@ -273,13 +273,13 @@ void mp_bundle_terminated() script_unsetenv("IFNAME"); } - tdb_writelock(pppdb); + lock_db(); destroy_bundle(); iterate_bundle_links(sendhup); key.dptr = blinks_id; key.dsize = strlen(blinks_id); tdb_delete(pppdb, key); - tdb_writeunlock(pppdb); + unlock_db(); new_phase(PHASE_DEAD); } diff --git a/dist/pppd/pppd/options.c b/dist/pppd/pppd/options.c index 446c58309d89..5f66f391a5c2 100644 --- a/dist/pppd/pppd/options.c +++ b/dist/pppd/pppd/options.c @@ -1,4 +1,4 @@ -/* $NetBSD: options.c,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: options.c,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * options.c - handles option processing for PPP. @@ -47,7 +47,7 @@ #if 0 #define RCSID "Id: options.c,v 1.95 2004/11/09 22:33:35 paulus Exp" #else -__RCSID("$NetBSD: options.c,v 1.2 2005/02/20 10:47:17 cube Exp $"); +__RCSID("$NetBSD: options.c,v 1.3 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -67,14 +67,19 @@ __RCSID("$NetBSD: options.c,v 1.2 2005/02/20 10:47:17 cube Exp $"); #ifdef PPP_FILTER #include /* - * DLT_PPP_WITH_DIRECTION is in current libpcap cvs, and should be in - * libpcap-0.8.4. Until that is released, use DLT_PPP - but that means + * There have been 3 or 4 different names for this in libpcap CVS, but + * this seems to be what they have settled on... + * For older versions of libpcap, use DLT_PPP - but that means * we lose the inbound and outbound qualifiers. */ -#ifndef DLT_PPP_WITH_DIRECTION -#define DLT_PPP_WITH_DIRECTION DLT_PPP +#ifndef DLT_PPP_PPPD +#ifdef DLT_PPP_WITHDIRECTION +#define DLT_PPP_PPPD DLT_PPP_WITHDIRECTION +#else +#define DLT_PPP_PPPD DLT_PPP #endif #endif +#endif /* PPP_FILTER */ #include "pppd.h" #include "pathnames.h" @@ -1477,7 +1482,7 @@ setpassfilter_in(argv) pcap_t *pc; int ret = 0; - pc = pcap_open_dead(DLT_PPP_WITH_DIRECTION, 65535); + pc = pcap_open_dead(DLT_PPP_PPPD, 65535); if (pcap_compile(pc, &pass_filter_in, *argv, 1, netmask) == -1) { option_error("error in pass-filter-in expression: %s\n", pcap_geterr(pc)); @@ -1498,7 +1503,7 @@ setpassfilter_out(argv) pcap_t *pc; int ret = 0; - pc = pcap_open_dead(DLT_PPP_WITH_DIRECTION, 65535); + pc = pcap_open_dead(DLT_PPP_PPPD, 65535); if (pcap_compile(pc, &pass_filter_out, *argv, 1, netmask) == -1) { option_error("error in pass-filter-out expression: %s\n", pcap_geterr(pc)); @@ -1519,7 +1524,7 @@ setactivefilter_in(argv) pcap_t *pc; int ret = 0; - pc = pcap_open_dead(DLT_PPP_WITH_DIRECTION, 65535); + pc = pcap_open_dead(DLT_PPP_PPPD, 65535); if (pcap_compile(pc, &active_filter_in, *argv, 1, netmask) == -1) { option_error("error in active-filter-in expression: %s\n", pcap_geterr(pc)); @@ -1540,7 +1545,7 @@ setactivefilter_out(argv) pcap_t *pc; int ret = 0; - pc = pcap_open_dead(DLT_PPP_WITH_DIRECTION, 65535); + pc = pcap_open_dead(DLT_PPP_PPPD, 65535); if (pcap_compile(pc, &active_filter_out, *argv, 1, netmask) == -1) { option_error("error in active-filter-out expression: %s\n", pcap_geterr(pc)); diff --git a/dist/pppd/pppd/pathnames.h b/dist/pppd/pppd/pathnames.h index f19476aa644b..48fa6e6ee574 100644 --- a/dist/pppd/pppd/pathnames.h +++ b/dist/pppd/pppd/pathnames.h @@ -1,4 +1,4 @@ -/* $NetBSD: pathnames.h,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: pathnames.h,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * define path names @@ -26,6 +26,7 @@ #define _PATH_SYSOPTIONS _ROOT_PATH "/etc/ppp/options" #define _PATH_IPUP _ROOT_PATH "/etc/ppp/ip-up" #define _PATH_IPDOWN _ROOT_PATH "/etc/ppp/ip-down" +#define _PATH_IPPREUP _ROOT_PATH "/etc/ppp/ip-pre-up" #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up" #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down" #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." diff --git a/dist/pppd/pppd/pppd.h b/dist/pppd/pppd/pppd.h index 74ef0d53c225..71b85087daba 100644 --- a/dist/pppd/pppd/pppd.h +++ b/dist/pppd/pppd/pppd.h @@ -1,4 +1,4 @@ -/* $NetBSD: pppd.h,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: pppd.h,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * pppd.h - PPP daemon global declarations. @@ -485,7 +485,7 @@ pid_t safe_fork __P((int, int, int)); /* Fork & close stuff in child */ int device_script __P((char *cmd, int in, int out, int dont_wait)); /* Run `cmd' with given stdin and stdout */ pid_t run_program __P((char *prog, char **args, int must_exist, - void (*done)(void *), void *arg)); + void (*done)(void *), void *arg, int wait)); /* Run program prog with args in child */ void reopen_log __P((void)); /* (re)open the connection to syslog */ void print_link_stats __P((void)); /* Print stats, if available */ @@ -499,7 +499,10 @@ void remove_notifier __P((struct notifier **, notify_func, void *)); void notify __P((struct notifier *, int)); int ppp_send_config __P((int, int, u_int32_t, int, int)); int ppp_recv_config __P((int, int, u_int32_t, int, int)); +const char *protocol_name __P((int)); void remove_pidfiles __P((void)); +void lock_db __P((void)); +void unlock_db __P((void)); /* Procedures exported from tty.c. */ void tty_init __P((void)); @@ -527,6 +530,7 @@ ssize_t complete_read __P((int, void *, size_t)); /* Procedures exported from auth.c */ void link_required __P((int)); /* we are starting to use the link */ +void start_link __P((int)); /* bring the link up now */ void link_terminated __P((int)); /* we are finished with the link */ void link_down __P((int)); /* the LCP layer has left the Opened state */ void upper_layers_down __P((int));/* take all NCPs down */ diff --git a/dist/pppd/pppd/tty.c b/dist/pppd/pppd/tty.c index 210a3457d74e..3e45dc5f0eaf 100644 --- a/dist/pppd/pppd/tty.c +++ b/dist/pppd/pppd/tty.c @@ -1,4 +1,4 @@ -/* $NetBSD: tty.c,v 1.2 2005/02/20 10:47:17 cube Exp $ */ +/* $NetBSD: tty.c,v 1.3 2005/12/31 08:58:50 christos Exp $ */ /* * tty.c - code for handling serial ports in pppd. @@ -75,7 +75,7 @@ #if 0 #define RCSID "Id: tty.c,v 1.22 2004/11/13 12:07:29 paulus Exp" #else -__RCSID("$NetBSD: tty.c,v 1.2 2005/02/20 10:47:17 cube Exp $"); +__RCSID("$NetBSD: tty.c,v 1.3 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -763,14 +763,6 @@ int connect_tty() close(pty_master); pty_master = -1; } - if (pty_slave >= 0) { - close(pty_slave); - pty_slave = -1; - } - if (real_ttyfd >= 0) { - close(real_ttyfd); - real_ttyfd = -1; - } ttyfd = -1; if (got_sigterm) asked_to_quit = 1; @@ -789,6 +781,7 @@ void disconnect_tty() } else { info("Serial link disconnected."); } + stop_charshunt(NULL, 0); } void tty_close_fds() @@ -952,7 +945,6 @@ start_charshunt(ifd, ofd) exit(0); } charshunt_pid = cpid; - add_notifier(&sigreceived, stop_charshunt, 0); record_child(cpid, "pppd (charshunt)", charshunt_done, NULL); return 1; } diff --git a/dist/pppd/pppd/upap.c b/dist/pppd/pppd/upap.c index 667ce514ce2a..78d43a080321 100644 --- a/dist/pppd/pppd/upap.c +++ b/dist/pppd/pppd/upap.c @@ -1,4 +1,4 @@ -/* $NetBSD: upap.c,v 1.1.1.1 2005/02/20 10:28:53 cube Exp $ */ +/* $NetBSD: upap.c,v 1.2 2005/12/31 08:58:50 christos Exp $ */ /* * upap.c - User/Password Authentication Protocol. @@ -47,7 +47,7 @@ #if 0 #define RCSID "Id: upap.c,v 1.29 2002/12/04 23:03:33 paulus Exp" #else -__RCSID("$NetBSD: upap.c,v 1.1.1.1 2005/02/20 10:28:53 cube Exp $"); +__RCSID("$NetBSD: upap.c,v 1.2 2005/12/31 08:58:50 christos Exp $"); #endif #endif @@ -509,7 +509,6 @@ upap_rauthack(u, inp, id, len) u->us_clientstate = UPAPCS_OPEN; - notice("PAP authentication succeeded"); auth_withpeer_success(u->us_unit, PPP_PAP, 0); }