Remove some unprotected prototype variable names

MAXPATHLEN -> PATH_MAX
Handle ENOENT from opening /dev/tun* properly
Rename _PATH_PPP -> PPP_CONFDIR and allow it to be redefined at compile time
Reduce MIN_LQRPERIOD and MIN_FSMRETRY to 1 second
Be smarter about identifying sockets on stdin
Allow primary DNS IP negotiation when the secondary IP has been rejected
Fix the call to PacketAliasProxyRule() properly.
Add/fix some comments
Fix man page markups; ru@FreeBSD.org
Use localhost when no hostname is configured

17 files changed, 240 insertions, 203 deletions

diff --git a/usr.sbin/ppp/ppp/alias.h b/usr.sbin/ppp/ppp/alias.h
index 86760b3ad59..34622346f78 100644
--- a/usr.sbin/ppp/ppp/alias.h
+++ b/usr.sbin/ppp/ppp/alias.h
@@ -7,7 +7,7 @@
     This software is placed into the public domain with no restrictions
     on its distribution.
 
-    $OpenBSD: alias.h,v 1.7 2000/08/13 22:05:47 brian Exp $
+    $OpenBSD: alias.h,v 1.8 2001/03/24 01:05:56 brian Exp $
 */
 
 
@@ -39,13 +39,13 @@ struct alias_link;
 
 /* Packet Handling */
     extern int
-    PacketAliasIn(char *, int maxpacketsize);
+    PacketAliasIn(char *, int);
 
     extern int
-    PacketAliasOut(char *, int maxpacketsize);
+    PacketAliasOut(char *, int);
 
     extern int
-    PacketUnaliasOut(char *, int maxpacketsize);
+    PacketUnaliasOut(char *, int);
 
 /* Port and Address Redirection */
     extern struct alias_link *
@@ -55,9 +55,7 @@ struct alias_link;
                             u_char);
 
     extern int
-    PacketAliasAddServer(struct alias_link *link,
-                         struct in_addr addr,
-                         u_short port);
+    PacketAliasAddServer(struct alias_link *, struct in_addr, u_short);
 
     extern struct alias_link *
     PacketAliasRedirectProto(struct in_addr,
@@ -84,7 +82,7 @@ struct alias_link;
 
 /* Miscellaneous Functions */
     extern void
-    PacketAliasSetTarget(struct in_addr addr);
+    PacketAliasSetTarget(struct in_addr);
 
     extern int
     PacketAliasCheckNewLink(void);
diff --git a/usr.sbin/ppp/ppp/bundle.c b/usr.sbin/ppp/ppp/bundle.c
index 0c4d9d56648..c00c8fc3498 100644
--- a/usr.sbin/ppp/ppp/bundle.c
+++ b/usr.sbin/ppp/ppp/bundle.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$OpenBSD: bundle.c,v 1.53 2001/02/04 01:19:53 brian Exp $
+ *	$OpenBSD: bundle.c,v 1.54 2001/03/24 01:05:58 brian Exp $
  */
 
 #include <sys/param.h>
@@ -645,7 +645,7 @@ void
 bundle_LockTun(struct bundle *bundle)
 {
   FILE *lockfile;
-  char pidfile[MAXPATHLEN];
+  char pidfile[PATH_MAX];
 
   snprintf(pidfile, sizeof pidfile, "%stun%d.pid", _PATH_VARRUN, bundle->unit);
   lockfile = ID0fopen(pidfile, "w");
@@ -663,7 +663,7 @@ bundle_LockTun(struct bundle *bundle)
 static void
 bundle_UnlockTun(struct bundle *bundle)
 {
-  char pidfile[MAXPATHLEN];
+  char pidfile[PATH_MAX];
 
   snprintf(pidfile, sizeof pidfile, "%stun%d.pid", _PATH_VARRUN, bundle->unit);
   ID0unlink(pidfile);
@@ -705,7 +705,7 @@ bundle_Create(const char *prefix, int type, int unit)
     bundle.dev.fd = ID0open(bundle.dev.Name, O_RDWR);
     if (bundle.dev.fd >= 0)
       break;
-    else if (errno == ENXIO) {
+    else if (errno == ENXIO || errno == ENOENT) {
 #if defined(__FreeBSD__) && !defined(NOKLDLOAD)
       if (bundle.unit == minunit && !kldtried++) {
         /*
@@ -721,11 +721,10 @@ bundle_Create(const char *prefix, int type, int unit)
         }
       }
 #endif
-      err = errno;
-      break;
-    } else if (errno == ENOENT) {
-      if (++enoentcount > 2)
+      if (errno != ENOENT || ++enoentcount > 2) {
+        err = errno;
 	break;
+      }
     } else
       err = errno;
   }
diff --git a/usr.sbin/ppp/ppp/defs.h b/usr.sbin/ppp/ppp/defs.h
index 39bf72c24bc..829ae6bd451 100644
--- a/usr.sbin/ppp/ppp/defs.h
+++ b/usr.sbin/ppp/ppp/defs.h
@@ -15,7 +15,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $OpenBSD: defs.h,v 1.19 2000/11/02 00:54:33 brian Exp $
+ * $OpenBSD: defs.h,v 1.20 2001/03/24 01:05:59 brian Exp $
  *
  *	TODO:
  */
@@ -32,7 +32,9 @@
 #endif
 #define NMODEMS		2
 
-#define _PATH_PPP	"/etc/ppp"
+#ifndef PPP_CONFDIR
+#define PPP_CONFDIR	"/etc/ppp"
+#endif
 
 #define TUN_NAME	"tun"
 #define TUN_PREFIX	(_PATH_DEV TUN_NAME)	/* /dev/tun */
@@ -54,9 +56,9 @@
 #define NCP_IDLE_TIMEOUT 180	/* Drop all links */
 #define CHOKED_TIMEOUT 120	/* Delete queued packets w/ blocked tun */
 
-#define MIN_LQRPERIOD 2		/* Minimum LQR frequency */
+#define MIN_LQRPERIOD 1		/* Minimum LQR frequency */
 #define DEF_LQRPERIOD 30	/* Default LQR frequency */
-#define MIN_FSMRETRY 3		/* Minimum FSM retry frequency */
+#define MIN_FSMRETRY 1		/* Minimum FSM retry frequency */
 #define DEF_FSMRETRY 3		/* FSM retry frequency */
 #define DEF_FSMTRIES 5		/* Default max retries */
 #define DEF_FSMAUTHTRIES 3	/* Default max auth retries */
diff --git a/usr.sbin/ppp/ppp/ether.c b/usr.sbin/ppp/ppp/ether.c
index 154ae7b55cf..34f832c3f38 100644
--- a/usr.sbin/ppp/ppp/ether.c
+++ b/usr.sbin/ppp/ppp/ether.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$OpenBSD: ether.c,v 1.7 2000/11/22 02:13:08 brian Exp $
+ *	$OpenBSD: ether.c,v 1.8 2001/03/24 01:05:59 brian Exp $
  */
 
 #include <sys/param.h>
@@ -51,6 +51,7 @@
 #include <sys/linker.h>
 #include <sys/module.h>
 #endif
+#include <sys/stat.h>
 #include <sys/uio.h>
 #include <termios.h>
 #include <sys/time.h>
@@ -623,29 +624,40 @@ ether_Create(struct physical *p)
 
   } else {
     /* See if we're a netgraph socket */
-    struct sockaddr_ng ngsock;
-    struct sockaddr *sock = (struct sockaddr *)&ngsock;
-    int sz;
-
-    sz = sizeof ngsock;
-    if (getsockname(p->fd, sock, &sz) != -1 && sock->sa_family == AF_NETGRAPH) {
-      /*
-       * It's a netgraph node... We can't determine hook names etc, so we
-       * stay pretty impartial....
-       */
-      log_Printf(LogPHASE, "%s: Link is a netgraph node\n", p->link.name);
-
-      if ((dev = malloc(sizeof *dev)) == NULL) {
-        log_Printf(LogWARN, "%s: Cannot allocate an ether device: %s\n",
-                   p->link.name, strerror(errno));
+    struct stat st;
+
+    if (fstat(p->fd, &st) != -1 && (st.st_mode & S_IFSOCK)) {
+      struct sockaddr_storage ssock;
+      struct sockaddr *sock = (struct sockaddr *)&ssock;
+      int sz;
+
+      sz = sizeof ssock;
+      if (getsockname(p->fd, sock, &sz) == -1) {
+        log_Printf(LogPHASE, "%s: Link is a closed socket !\n", p->link.name);
+        close(p->fd);
+        p->fd = -1;
         return NULL;
       }
 
-      memcpy(&dev->dev, &baseetherdevice, sizeof dev->dev);
-      dev->cs = -1;
-      dev->timeout = 0;
-      dev->connected = CARRIER_OK;
-      *dev->hook = '\0';
+      if (sock->sa_family == AF_NETGRAPH) {
+        /*
+         * It's a netgraph node... We can't determine hook names etc, so we
+         * stay pretty impartial....
+         */
+        log_Printf(LogPHASE, "%s: Link is a netgraph node\n", p->link.name);
+
+        if ((dev = malloc(sizeof *dev)) == NULL) {
+          log_Printf(LogWARN, "%s: Cannot allocate an ether device: %s\n",
+                     p->link.name, strerror(errno));
+          return NULL;
+        }
+
+        memcpy(&dev->dev, &baseetherdevice, sizeof dev->dev);
+        dev->cs = -1;
+        dev->timeout = 0;
+        dev->connected = CARRIER_OK;
+        *dev->hook = '\0';
+      }
     }
   }
 
diff --git a/usr.sbin/ppp/ppp/ip.c b/usr.sbin/ppp/ppp/ip.c
index c650bc547be..12d8417ea9d 100644
--- a/usr.sbin/ppp/ppp/ip.c
+++ b/usr.sbin/ppp/ppp/ip.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $OpenBSD: ip.c,v 1.28 2001/01/29 08:47:43 brian Exp $
+ * $OpenBSD: ip.c,v 1.29 2001/03/24 01:06:00 brian Exp $
  *
  *	TODO:
  *		o Return ICMP message for filterd packet
@@ -465,19 +465,19 @@ ip_LogDNS(const struct udphdr *uh, const char *direction)
 
   if (header.opcode == OPCODE_QUERY && header.qr == 0) {
     /* rfc1035 */
-    char name[MAXHOSTNAMELEN + 1], *n;
+    char namewithdot[MAXHOSTNAMELEN + 1], *n;
     const char *qtype, *qclass;
     const u_char *end;
 
-    n = name;
+    n = namewithdot;
     end = ptr + len - 4;
-    if (end - ptr > MAXHOSTNAMELEN)
-      end = ptr + MAXHOSTNAMELEN;
+    if (end - ptr >= sizeof namewithdot)
+      end = ptr + sizeof namewithdot - 1;
     while (ptr < end) {
       len = *ptr++;
       if (len > end - ptr)
         len = end - ptr;
-      if (n != name)
+      if (n != namewithdot)
         *n++ = '.';
       memcpy(n, ptr, len);
       ptr += len;
@@ -488,7 +488,7 @@ ip_LogDNS(const struct udphdr *uh, const char *direction)
     qclass = dns_Qclass2Txt(ntohs(*(const u_short *)(end + 2)));
 
     log_Printf(LogDNS, "%sbound query %s %s %s\n",
-               direction, qclass, qtype, name);
+               direction, qclass, qtype, namewithdot);
   }
 }
 
diff --git a/usr.sbin/ppp/ppp/ipcp.c b/usr.sbin/ppp/ppp/ipcp.c
index a230d4cab87..97811122d63 100644
--- a/usr.sbin/ppp/ppp/ipcp.c
+++ b/usr.sbin/ppp/ppp/ipcp.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $OpenBSD: ipcp.c,v 1.27 2000/09/02 22:12:41 brian Exp $
+ * $OpenBSD: ipcp.c,v 1.28 2001/03/24 01:06:00 brian Exp $
  *
  *	TODO:
  *		o Support IPADDRS properly
@@ -871,10 +871,13 @@ IpcpSendConfigReq(struct fsm *fp)
   }
 
   if (IsEnabled(ipcp->cfg.ns.dns_neg) &&
-      !REJECTED(ipcp, TY_PRIMARY_DNS - TY_ADJUST_NS) &&
-      !REJECTED(ipcp, TY_SECONDARY_DNS - TY_ADJUST_NS)) {
+      !REJECTED(ipcp, TY_PRIMARY_DNS - TY_ADJUST_NS)) {
     memcpy(o->data, &ipcp->dns[0].s_addr, 4);
     INC_LCP_OPT(TY_PRIMARY_DNS, 6, o);
+  }
+
+  if (IsEnabled(ipcp->cfg.ns.dns_neg) &&
+      !REJECTED(ipcp, TY_SECONDARY_DNS - TY_ADJUST_NS)) {
     memcpy(o->data, &ipcp->dns[1].s_addr, 4);
     INC_LCP_OPT(TY_SECONDARY_DNS, 6, o);
   }
diff --git a/usr.sbin/ppp/ppp/main.c b/usr.sbin/ppp/ppp/main.c
index 433c6bdbe71..dc84865023f 100644
--- a/usr.sbin/ppp/ppp/main.c
+++ b/usr.sbin/ppp/ppp/main.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $OpenBSD: main.c,v 1.24 2001/01/26 01:41:04 brian Exp $
+ * $OpenBSD: main.c,v 1.25 2001/03/24 01:06:02 brian Exp $
  *
  *	TODO:
  */
@@ -327,7 +327,7 @@ main(int argc, char **argv)
   if (ID0realuid() != 0) {
     char conf[200], *ptr;
 
-    snprintf(conf, sizeof conf, "%s/%s", _PATH_PPP, CONFFILE);
+    snprintf(conf, sizeof conf, "%s/%s", PPP_CONFDIR, CONFFILE);
     do {
       struct stat sb;
 
diff --git a/usr.sbin/ppp/ppp/nat_cmd.c b/usr.sbin/ppp/ppp/nat_cmd.c
index b1e071eab79..6cebcb7a453 100644
--- a/usr.sbin/ppp/ppp/nat_cmd.c
+++ b/usr.sbin/ppp/ppp/nat_cmd.c
@@ -2,7 +2,7 @@
  * The code in this file was written by Eivind Eklund <perhaps@yes.no>,
  * who places it in the public domain without restriction.
  *
- *	$OpenBSD: nat_cmd.c,v 1.16 2001/01/28 21:56:35 brian Exp $
+ *	$OpenBSD: nat_cmd.c,v 1.17 2001/03/24 01:06:02 brian Exp $
  */
 
 #include <sys/param.h>
@@ -304,15 +304,15 @@ nat_ProxyRule(struct cmdargs const *arg)
 
   for (f = arg->argn, pos = 0; f < arg->argc; f++) {
     len = strlen(arg->argv[f]);
-    if (sizeof cmd - pos < len + (f ? 1 : 0))
+    if (sizeof cmd - pos < len + (len ? 1 : 0))
       break;
-    if (f)
+    if (len)
       cmd[pos++] = ' ';
     strcpy(cmd + pos, arg->argv[f]);
     pos += len;
   }
 
-  return PacketAliasProxyRule(cmd + strspn(cmd, " \t"));
+  return PacketAliasProxyRule(cmd);
 }
 
 int
diff --git a/usr.sbin/ppp/ppp/physical.c b/usr.sbin/ppp/ppp/physical.c
index 5517115da0c..89332e6421d 100644
--- a/usr.sbin/ppp/ppp/physical.c
+++ b/usr.sbin/ppp/ppp/physical.c
@@ -16,7 +16,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- *  $OpenBSD: physical.c,v 1.28 2000/11/28 22:59:53 brian Exp $
+ *  $OpenBSD: physical.c,v 1.29 2001/03/24 01:06:03 brian Exp $
  *
  */
 
@@ -119,15 +119,22 @@ struct {
   int (*DeviceSize)(void);
 } devices[] = {
 #ifndef NOI4B
+  /*
+   * This must come before ``tty'' so that the probe routine is
+   * able to identify it as a more specific type of terminal device.
+   */
   { i4b_Create, i4b_iov2device, i4b_DeviceSize },
 #endif
   { tty_Create, tty_iov2device, tty_DeviceSize },
 #ifndef NONETGRAPH
-  /* This must come before ``udp'' & ``tcp'' */
+  /*
+   * This must come before ``udp'' so that the probe routine is
+   * able to identify it as a more specific type of SOCK_DGRAM.
+   */
   { ether_Create, ether_iov2device, ether_DeviceSize },
 #endif
 #ifndef NOATM
-  /* and so must this */
+  /* Ditto for ATM devices */
   { atm_Create, atm_iov2device, atm_DeviceSize },
 #endif
   { tcp_Create, tcp_iov2device, tcp_DeviceSize },
@@ -314,17 +321,17 @@ physical_Lock(struct physical *p)
 static void
 physical_Unlock(struct physical *p)
 {
-  char fn[MAXPATHLEN];
   if (*p->name.full == '/' && p->type != PHYS_DIRECT &&
       ID0uu_unlock(p->name.base) == -1)
-    log_Printf(LogALERT, "%s: Can't uu_unlock %s\n", p->link.name, fn);
+    log_Printf(LogALERT, "%s: Can't uu_unlock %s\n", p->link.name,
+               p->name.base);
 }
 
 void
 physical_Close(struct physical *p)
 {
   int newsid;
-  char fn[MAXPATHLEN];
+  char fn[PATH_MAX];
 
   if (p->fd < 0)
     return;
@@ -950,7 +957,7 @@ static void
 physical_Found(struct physical *p)
 {
   FILE *lockfile;
-  char fn[MAXPATHLEN];
+  char fn[PATH_MAX];
 
   if (*p->name.full == '/') {
     snprintf(fn, sizeof fn, "%s%s.if", _PATH_VARRUN, p->name.base);
diff --git a/usr.sbin/ppp/ppp/ppp.8 b/usr.sbin/ppp/ppp/ppp.8
index 34ea56f4604..9662d1e98a4 100644
--- a/usr.sbin/ppp/ppp/ppp.8
+++ b/usr.sbin/ppp/ppp/ppp.8
@@ -1,5 +1,5 @@
-.\" $OpenBSD: ppp.8,v 1.108 2001/03/09 00:15:15 brian Exp $
-.Dd 20 September 1995
+.\" $OpenBSD: ppp.8,v 1.109 2001/03/24 01:06:04 brian Exp $
+.Dd September 20, 1995
 .Dt PPP 8
 .Os
 .Sh NAME
@@ -11,8 +11,7 @@
 .Op Fl nat
 .Op Fl quiet
 .Op Fl unit Ns Ar N
-.Op Ar system Ns
-.No ...
+.Op Ar system ...
 .Sh DESCRIPTION
 This is a user process
 .Em PPP
@@ -242,7 +241,7 @@ In direct mode,
 acts as server which accepts incoming
 .Em PPP
 connections on stdin/stdout.
-.It Supports PAP and CHAP (rfc 1994, 2433 and 2759) authentication.
+.It "Supports PAP and CHAP (rfc 1994, 2433 and 2759) authentication.
 With PAP or CHAP, it is possible to skip the Unix style
 .Xr login 1
 procedure, and use the
@@ -974,7 +973,7 @@ command:
 .No set redial Ar secs Ns Xo
 .Oo + Ns Ar inc Ns
 .Op - Ns Ar max Ns
-.Oc Op . Ns Ar next
+.Oc Ns Op . Ns Ar next
 .Op Ar attempts
 .Xc
 .Pp
@@ -1615,19 +1614,18 @@ set filter
 .Ar name
 .Ar rule-no
 .Ar action
-.Op \&!
+.Op !\&
 .Oo
 .Op host
 .Ar src_addr Ns Op / Ns Ar width
 .Op Ar dst_addr Ns Op / Ns Ar width
 .Oc
-.Oo Ar proto Op src Ar cmp port
+.Ar [ proto Op src Ar cmp port
 .Op dst Ar cmp port
 .Op estab
 .Op syn
 .Op finrst
-.Op timeout Ar secs
-.Oc
+.Op timeout Ar secs ]
 .Bl -enum
 .It
 .Ar Name
@@ -1669,7 +1667,7 @@ the new rule number (rather than the next rule number).
 The
 .Ar action
 may optionally be followed with an exclamation mark
-.Pq Dq ! ,
+.Pq Dq !\& ,
 telling
 .Nm
 to reverse the sense of the following match.
@@ -1855,7 +1853,7 @@ is established.
 To control this IPCP behaviour, this implementation has the
 .Dq set ifaddr
 command for defining the local and remote IP address:
-.Bd -literal -offset indent
+.Bd -ragged -offset indent
 .No set ifaddr Oo Ar src_addr Ns
 .Op / Ns Ar \&nn
 .Oo Ar dst_addr Ns Op / Ns Ar \&nn
@@ -1963,7 +1961,7 @@ dialing and redialing separated by either a pipe
 .Pq Dq \&|
 or a colon
 .Pq Dq \&: :
-.Bd -literal -offset indent
+.Bd -ragged -offset indent
 .No set phone Ar telno Ns Xo
 .Oo \&| Ns Ar backupnumber
 .Oc Ns ... Ns Oo : Ns Ar nextnumber
@@ -2090,7 +2088,7 @@ When
 or
 .Ar chat
 logging is enabled, the actual password is not logged;
-.Sq ******** Ns
+.Sq ********
 is logged instead.
 .Pp
 Login scripts vary greatly between ISPs.
@@ -2648,7 +2646,7 @@ Type
 is actually specified as
 .Dq PPP Magna-link Variable Resource Compression
 in
-.Pa rfc1975 Ns No !
+.Pa rfc1975 Ns !
 .Nm
 is capable of negotiating with
 .Nm pppd ,
@@ -2765,7 +2763,7 @@ except that it issues challenges of a fixed 16 bytes in length and uses a
 combination of MD4, SHA-1 and DES to encrypt the challenge rather than using the
 standard MD5 mechanism.
 .It MSChap|chap80nt
-Default: Disabled and Accepted
+Default: Disabled and Accepted.
 The use of this authentication protocol
 is discouraged as it partially violates the authentication protocol by
 implementing two different mechanisms (LANMan & NT) under the guise of
@@ -3083,7 +3081,7 @@ will also disable
 .El
 .Pp
 .It add Ns Xo
-.Op \&!
+.Op !\&
 .Ar dest Ns Op / Ns Ar nn
 .Op Ar mask
 .Op Ar gateway
@@ -3124,9 +3122,9 @@ is replaced with the interface address and
 is replaced with the interface destination (peer) address.
 .Pp
 If the
-.Ar add!
+.Ar add!\&
 command is used
-.Pq note the trailing Dq \&! ,
+.Pq note the trailing Dq !\& ,
 then if the route already exists, it will be updated as with the
 .Sq route change
 command (see
@@ -3368,7 +3366,7 @@ These commands are also discussed in the file
 .Pa README.alias
 which comes with the source distribution.
 .Pp
-.It Op \&! Ns Xo
+.It Op !\& Ns Xo
 .No bg Ar command
 .Xc
 The given
@@ -3386,7 +3384,7 @@ command below.
 This is replaced with the date on which
 .Nm
 was compiled.
-.It Li DNS0 No " & " Li DNS1
+.It Li DNS0 & DNS1
 These are replaced with the primary and secondary nameserver IP numbers.
 If nameservers are negotiated by IPCP, the values of these macros will change.
 .It Li ENDDISC
@@ -3463,7 +3461,7 @@ command below.
 .Pp
 The default link name is
 .Dq deflink .
-.It close Op lcp|ccp Ns Op \&!
+.It close Op lcp|ccp Ns Op !\&
 If no arguments are given, the relevant protocol layers will be brought
 down and the link will be closed.
 If
@@ -3481,7 +3479,7 @@ If
 .Dq ccp
 is specified, only the relevant compression layer is closed.
 If the
-.Dq \&!
+.Dq !\&
 is used, the compression layer will remain in the closed state, otherwise
 it will re-enter the STOPPED state, waiting for the peer to initiate
 further CCP negotiation.
@@ -3493,7 +3491,7 @@ See the
 .Dq quit
 command below.
 .It delete Ns Xo
-.Op \&!
+.Op !\&
 .Ar dest
 .Xc
 This command deletes the route with the given
@@ -3514,9 +3512,9 @@ is specified as
 the default route is deleted.
 .Pp
 If the
-.Ar delete!
+.Ar delete!\&
 command is used
-.Pq note the trailing Dq \&! ,
+.Pq note the trailing Dq !\& ,
 .Nm
 will not complain if the route does not already exist.
 .It dial|call Op Ar label Ns Xo
@@ -3570,12 +3568,12 @@ This command is used to control the interface used by
 may be one of the following:
 .Bl -tag -width 2n
 .It iface add Ns Xo
-.Op \&!
+.Op !\&
 .Ar addr Ns Op / Ns Ar bits
 .Op Ar peer
 .Xc
 .It iface add Ns Xo
-.Op \&!
+.Op !\&
 .Ar addr
 .Ar mask
 .Ar peer
@@ -3589,7 +3587,7 @@ Instead of specifying
 can be used
 .Pq with no space between \&it and Ar addr .
 If the given address already exists, the command fails unless the
-.Dq \&!
+.Dq !\&
 is used - in which case the previous interface address entry is overwritten
 with the new one, allowing a change of netmask or peer address.
 .Pp
@@ -3620,15 +3618,15 @@ is not in the OPENED state and is not in
 mode, all interface addresses are deleted.
 .Pp
 .It iface delete Ns Xo
-.Op \&! Ns
-.No |rm Ns Op \&!
+.Op !\& Ns
+.No |rm Ns Op !\&
 .Ar addr
 .Xc
 This command deletes the given
 .Ar addr
 from the interface.
 If the
-.Dq \&!
+.Dq !\&
 is used, no error is given if the address isn't currently assigned to
 the interface (and no deletion takes place).
 .It iface show
@@ -3876,7 +3874,7 @@ Received identification packets are logged to the LCP log (see
 .Ic set log
 for details) and are never responded to.
 .It set Ns Xo
-.No Op up
+.Op up
 .Ar var value
 .Xc
 This option allows the setting of any of the following variables:
@@ -3897,7 +3895,7 @@ This sets the authentication key (or password) used in client mode
 PAP or CHAP negotiation to the given value.
 It also specifies the
 password to be used in the dial or login scripts in place of the
-.Sq \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\P
+.Sq \eP
 sequence, preventing the actual password from being logged.
 If
 .Ar command
@@ -3912,7 +3910,7 @@ for security reasons.
 If the first character of
 .Ar value
 is an exclamation mark
-.Pq Dq \&! ,
+.Pq Dq !\& ,
 .Nm
 treats the remainder of the string as a program that must be executed
 to determine the
@@ -3922,13 +3920,13 @@ and
 values.
 .Pp
 If the
-.Dq \&!
+.Dq !\&
 is doubled up
-.Pq to Dq \&!! ,
+.Pq to Dq !! ,
 it is treated as a single literal
-.Dq \&! ,
+.Dq !\& ,
 otherwise, ignoring the
-.Dq \&! ,
+.Dq !\& ,
 .Ar value
 is parsed as a program to execute in the same was as the
 .Dq !bg
@@ -4039,7 +4037,7 @@ until no options remain at which point
 will terminate negotiations (unless
 .Dq none
 is one of the specified
-.Ar option Ns No ).
+.Ar option ) .
 In server mode,
 .Nm
 will accept any of the given protocols - but the client
@@ -4108,15 +4106,11 @@ This is required (in addition to one or more other callback
 options) if you wish callback to be optional.
 .El
 .Pp
-.It set cbcp Oo Xo
-.No *| Ns Ar number Ns No
-.Oo
-.No , Ns Ar number Ns
-.Oc
-.No ...
+.It set cbcp Oo
+.No *| Ns Ar number Ns Oo
+.No , Ns Ar number Ns ...\& Oc
 .Op Ar delay Op Ar retry
 .Oc
-.Xc
 If no arguments are given, CBCP (Microsoft's CallBack Control Protocol)
 is disabled - ie, configuring CBCP in the
 .Dq set callback
@@ -4144,7 +4138,7 @@ is specified,
 .Nm
 will expect the peer to specify the number.
 .It set cd Oo
-.No off| Ns Ar seconds Ns Op \&!
+.No off| Ns Ar seconds Ns Op !\&
 .Oc
 Normally,
 .Nm
@@ -4217,7 +4211,7 @@ values.
 If
 .Ar seconds
 is followed immediately by an exclamation mark
-.Pq Dq \&! ,
+.Pq Dq !\& ,
 .Nm
 will
 .Em require
@@ -4307,7 +4301,7 @@ If
 does not begin with
 .Pa /dev/ ,
 it must either begin with an exclamation mark
-.Pq Dq \&! ,
+.Pq Dq !\& ,
 be of the format
 .No PPPoE: Ns Ar iface Ns Xo
 .Op \&: Ns Ar provider Ns
@@ -4315,9 +4309,9 @@ be of the format
 (on
 .Xr netgraph 4
 enabled systems), or be of the format
-.Ar host Ns No : Ns Ar port Ns Oo
-.No /tcp|udp
-.Oc .
+.Sm off
+.Ar host : port Op /tcp|udp .
+.Sm on
 .Pp
 If it begins with an exclamation mark, the rest of the device name is
 treated as a program name, and that program is executed when the device
@@ -4397,41 +4391,41 @@ format.
 It is possible to specify some special
 .Sq values
 in your chat script as follows:
-.Bd -unfilled -offset indent
-.It Li \\\\\\\\\\\\\\\\c
+.Bl -tag -width 2n
+.It Li \ec
 When used as the last character in a
 .Sq send
 string, this indicates that a newline should not be appended.
-.It Li \\\\\\\\\\\\\\\\d
+.It Li \ed
 When the chat script encounters this sequence, it delays two seconds.
-.It Li \\\\\\\\\\\\\\\\p
+.It Li \ep
 When the chat script encounters this sequence, it delays for one quarter of
 a second.
-.It Li \\\\\\\\\\\\\\\\n
+.It Li \en
 This is replaced with a newline character.
-.It Li \\\\\\\\\\\\\\\\r
+.It Li \er
 This is replaced with a carriage return character.
-.It Li \\\\\\\\\\\\\\\\s
+.It Li \es
 This is replaced with a space character.
-.It Li \\\\\\\\\\\\\\\\t
+.It Li \et
 This is replaced with a tab character.
-.It Li \\\\\\\\\\\\\\\\T
+.It Li \eT
 This is replaced by the current phone number (see
 .Dq set phone
 below).
-.It Li \\\\\\\\\\\\\\\\P
+.It Li \eP
 This is replaced by the current
 .Ar authkey
 value (see
 .Dq set authkey
 above).
-.It Li \\\\\\\\\\\\\\\\U
+.It Li \eU
 This is replaced by the current
 .Ar authname
 value (see
 .Dq set authname
 above).
-.Ed
+.El
 .Pp
 Note that two parsers will examine these escape sequences, so in order to
 have the
@@ -4446,11 +4440,11 @@ set dial "... ATDT\\\\T CONNECT"
 It is also possible to execute external commands from the chat script.
 To do this, the first character of the expect or send string is an
 exclamation mark
-.Pq Dq \&! .
+.Pq Dq !\& .
 If a literal exclamation mark is required, double it up to
-.Dq \&!!
+.Dq !!\&
 and it will be treated as a single literal
-.Dq \&! .
+.Dq !\& .
 When the command is executed, standard input and standard output are
 directed to the open device (see the
 .Dq set device
@@ -4504,7 +4498,7 @@ important that the
 signs are escaped, otherwise this parser will see them as constituting
 an expect-send-expect sequence.
 When the
-.Dq \&!
+.Dq !\&
 character is seen, the execution parser reads the first command as three
 arguments, and then
 .Xr sh 1
@@ -4536,7 +4530,7 @@ command has been used,
 will send the information to the peer using the LCP endpoint discriminator
 option.
 The following discriminators may be set:
-.Bd -unfilled -offset indent
+.Bl -tag -width indent
 .It Li label
 The current label is used.
 .It Li IP
@@ -4577,7 +4571,7 @@ is used.
 .Ar Value
 should be set to an absolute public switched network number with the
 country code first.
-.Ed
+.El
 .Pp
 If no arguments are given, the endpoint discriminator is reset.
 .It set escape Ar value...
@@ -4589,17 +4583,16 @@ It allows the user to specify a set of characters that will be
 as they travel across the link.
 .It set filter dial|alive|in|out Ar rule-no Xo
 .No permit|deny|clear| Ns Ar rule-no
-.Op \&!
+.Op !\&
 .Oo Op host
 .Ar src_addr Ns Op / Ns Ar width
 .Op Ar dst_addr Ns Op / Ns Ar width
-.Oc Oo tcp|udp|ospf|igmp|icmp Op src lt|eq|gt Ar port
+.Oc [ tcp|udp|ospf|igmp|icmp Op src lt|eq|gt Ar port
 .Op dst lt|eq|gt Ar port
 .Op estab
 .Op syn
 .Op finrst
-.Op timeout Ar secs
-.Oc
+.Op timeout Ar secs ]
 .Xc
 .Nm
 supports four filter sets.
@@ -4689,11 +4682,11 @@ unless the IP address is 0.0.0.0 in which case it defaults to
 If you wish to assign a dynamic IP number to the peer,
 .Ar hisaddr
 may also be specified as a range of IP numbers in the format
-.Bd -literal -offset indent
+.Bd -ragged -offset indent
 .Ar \&IP Ns Oo \&- Ns Ar \&IP Ns Xo
-.Oc Oo , Ns Ar \&IP Ns
+.Oc Ns Oo , Ns Ar \&IP Ns
 .Op \&- Ns Ar \&IP Ns
-.Oc No ...
+.Oc Ns ...
 .Xc
 .Ed
 .Pp
@@ -5099,7 +5092,7 @@ is unspecified or zero, the default kernel controlled value is used.
 .It set redial Ar secs Ns Xo
 .Oo + Ns Ar inc Ns
 .Op - Ns Ar max Ns
-.Oc Op . Ns Ar next
+.Oc Ns Op . Ns Ar next
 .Op Ar attempts
 .Xc
 .Nm
@@ -5143,7 +5136,7 @@ delay will be effective, even after
 has been exceeded, so an immediate manual dial may appear to have
 done nothing.
 If an immediate dial is required, a
-.Dq \&!
+.Dq !\&
 should immediately follow the
 .Dq open
 keyword.
@@ -5444,11 +5437,11 @@ They are a good source of information.
 .It
 Use
 .Dq help ,
-.Dq nat ? ,
-.Dq enable ? ,
-.Dq set ?
+.Dq nat \&? ,
+.Dq enable \&? ,
+.Dq set ?\&
 and
-.Dq show ?
+.Dq show ?\&
 to get online information about what's available.
 .It
 The following URLs contain useful information:
diff --git a/usr.sbin/ppp/ppp/prompt.c b/usr.sbin/ppp/ppp/prompt.c
index 85b1d277159..20ce7c951d8 100644
--- a/usr.sbin/ppp/ppp/prompt.c
+++ b/usr.sbin/ppp/ppp/prompt.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$OpenBSD: prompt.c,v 1.9 2001/01/26 01:41:04 brian Exp $
+ *	$OpenBSD: prompt.c,v 1.10 2001/03/24 01:06:05 brian Exp $
  */
 
 #include <sys/param.h>
@@ -109,7 +109,7 @@ prompt_Display(struct prompt *p)
   if (*shostname == '\0') {
     char *dot;
 
-    if (gethostname(shostname, sizeof shostname))
+    if (gethostname(shostname, sizeof shostname) || *shostname == '\0')
       strcpy(shostname, "localhost");
     else if ((dot = strchr(shostname, '.')))
       *dot = '\0';
diff --git a/usr.sbin/ppp/ppp/radius.h b/usr.sbin/ppp/ppp/radius.h
index a497fe50c4e..cfa4297cb3d 100644
--- a/usr.sbin/ppp/ppp/radius.h
+++ b/usr.sbin/ppp/ppp/radius.h
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$OpenBSD: radius.h,v 1.4 2000/08/28 22:44:42 brian Exp $
+ *	$OpenBSD: radius.h,v 1.5 2001/03/24 01:06:05 brian Exp $
  */
 
 struct radius {
@@ -41,7 +41,7 @@ struct radius {
   unsigned long mtu;            /* FRAMED MTU */
   struct sticky_route *routes;  /* FRAMED Routes */
   struct {
-    char file[MAXPATHLEN];	/* Radius config file */
+    char file[PATH_MAX];	/* Radius config file */
   } cfg;
 };
 
diff --git a/usr.sbin/ppp/ppp/server.h b/usr.sbin/ppp/ppp/server.h
index b92a7be0823..5ad7c331193 100644
--- a/usr.sbin/ppp/ppp/server.h
+++ b/usr.sbin/ppp/ppp/server.h
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$OpenBSD: server.h,v 1.5 2001/01/26 01:41:04 brian Exp $
+ *	$OpenBSD: server.h,v 1.6 2001/03/24 01:06:06 brian Exp $
  */
 
 struct bundle;
@@ -35,7 +35,7 @@ struct server {
   struct {
     char passwd[50];
 
-    char sockname[MAXPATHLEN];		/* Points to local socket path */
+    char sockname[PATH_MAX];		/* Points to local socket path */
     mode_t mask;
 
     u_short port;			/* tcp socket */
diff --git a/usr.sbin/ppp/ppp/systems.c b/usr.sbin/ppp/ppp/systems.c
index 5ee7cf118c9..02c33c1702c 100644
--- a/usr.sbin/ppp/ppp/systems.c
+++ b/usr.sbin/ppp/ppp/systems.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $OpenBSD: systems.c,v 1.15 2000/07/12 23:14:32 brian Exp $
+ * $OpenBSD: systems.c,v 1.16 2001/03/24 01:06:06 brian Exp $
  *
  *  TODO:
  */
@@ -45,7 +45,7 @@ OpenSecret(const char *file)
   FILE *fp;
   char line[100];
 
-  snprintf(line, sizeof line, "%s/%s", _PATH_PPP, file);
+  snprintf(line, sizeof line, "%s/%s", PPP_CONFDIR, file);
   fp = ID0fopen(line, "r");
   if (fp == NULL)
     log_Printf(LogWARN, "OpenSecret: Can't open %s.\n", line);
@@ -313,7 +313,7 @@ ReadSystem(struct bundle *bundle, const char *name, const char *file,
   char *cp;
   int n, len;
   char line[LINE_LEN];
-  char filename[MAXPATHLEN];
+  char filename[PATH_MAX];
   int linenum;
   int argc;
   char *argv[MAXARGS];
@@ -325,7 +325,7 @@ ReadSystem(struct bundle *bundle, const char *name, const char *file,
   if (*file == '/')
     snprintf(filename, sizeof filename, "%s", file);
   else
-    snprintf(filename, sizeof filename, "%s/%s", _PATH_PPP, file);
+    snprintf(filename, sizeof filename, "%s/%s", PPP_CONFDIR, file);
   fp = ID0fopen(filename, "r");
   if (fp == NULL) {
     log_Printf(LogDEBUG, "ReadSystem: Can't open %s.\n", filename);
@@ -448,7 +448,7 @@ system_IsValid(const char *name, struct prompt *prompt, int mode)
       return "Configuration label not found";
 
     if (rs == -2)
-      return _PATH_PPP "/" CONFFILE ": File not found";
+      return PPP_CONFDIR "/" CONFFILE " : File not found";
   }
 
   if (userok == -1)
diff --git a/usr.sbin/ppp/ppp/tcp.c b/usr.sbin/ppp/ppp/tcp.c
index 57ac5ea3034..ca231142a66 100644
--- a/usr.sbin/ppp/ppp/tcp.c
+++ b/usr.sbin/ppp/ppp/tcp.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$OpenBSD: tcp.c,v 1.9 2000/06/13 09:57:51 brian Exp $
+ *	$OpenBSD: tcp.c,v 1.10 2001/03/24 01:06:08 brian Exp $
  */
 
 #include <sys/types.h>
@@ -36,6 +36,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <sys/stat.h>
 #include <sys/uio.h>
 #include <termios.h>
 #include <unistd.h>
@@ -164,33 +165,43 @@ tcp_Create(struct physical *p)
 
   if (p->fd >= 0) {
     /* See if we're a tcp socket */
-    int type, sz, err;
-
-    sz = sizeof type;
-    if ((err = getsockopt(p->fd, SOL_SOCKET, SO_TYPE, &type, &sz)) == 0 &&
-        sz == sizeof type && type == SOCK_STREAM) {
-      struct sockaddr_in sock;
-      struct sockaddr *sockp = (struct sockaddr *)&sock;
-
-      if (*p->name.full == '\0') {
-        sz = sizeof sock;
-        if (getpeername(p->fd, sockp, &sz) != 0 ||
-            sz != sizeof(struct sockaddr_in) || sock.sin_family != AF_INET) {
-          log_Printf(LogDEBUG, "%s: Link is SOCK_STREAM, but not inet\n",
-                     p->link.name);
-          return NULL;
-        }
+    struct stat st;
+
+    if (fstat(p->fd, &st) != -1 && (st.st_mode & S_IFSOCK)) {
+      int type, sz;
+
+      sz = sizeof type;
+      if (getsockopt(p->fd, SOL_SOCKET, SO_TYPE, &type, &sz) == -1) {
+        log_Printf(LogPHASE, "%s: Link is a closed socket !\n", p->link.name);
+        close(p->fd);
+        p->fd = -1;
+        return NULL;
+      }
 
-        log_Printf(LogPHASE, "%s: Link is a tcp socket\n", p->link.name);
+      if (sz == sizeof type && type == SOCK_STREAM) {
+        struct sockaddr_in sock;
+        struct sockaddr *sockp = (struct sockaddr *)&sock;
 
-        snprintf(p->name.full, sizeof p->name.full, "%s:%d/tcp",
-                 inet_ntoa(sock.sin_addr), ntohs(sock.sin_port));
-        p->name.base = p->name.full;
+        if (*p->name.full == '\0') {
+          sz = sizeof sock;
+          if (getpeername(p->fd, sockp, &sz) != 0 ||
+              sz != sizeof(struct sockaddr_in) || sock.sin_family != AF_INET) {
+            log_Printf(LogDEBUG, "%s: Link is SOCK_STREAM, but not inet\n",
+                       p->link.name);
+            return NULL;
+          }
+
+          log_Printf(LogPHASE, "%s: Link is a tcp socket\n", p->link.name);
+
+          snprintf(p->name.full, sizeof p->name.full, "%s:%d/tcp",
+                   inet_ntoa(sock.sin_addr), ntohs(sock.sin_port));
+          p->name.base = p->name.full;
+        }
+        physical_SetupStack(p, tcpdevice.name, PHYSICAL_FORCE_ASYNC);
+        if (p->cfg.cd.necessity != CD_DEFAULT)
+          log_Printf(LogWARN, "Carrier settings ignored\n");
+        return &tcpdevice;
       }
-      physical_SetupStack(p, tcpdevice.name, PHYSICAL_FORCE_ASYNC);
-      if (p->cfg.cd.necessity != CD_DEFAULT)
-        log_Printf(LogWARN, "Carrier settings ignored\n");
-      return &tcpdevice;
     }
   }
 
diff --git a/usr.sbin/ppp/ppp/tun.c b/usr.sbin/ppp/ppp/tun.c
index d07aaf8aee6..896428eaf32 100644
--- a/usr.sbin/ppp/ppp/tun.c
+++ b/usr.sbin/ppp/ppp/tun.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$OpenBSD: tun.c,v 1.10 2000/11/28 22:59:53 brian Exp $
+ *	$OpenBSD: tun.c,v 1.11 2001/03/24 01:06:08 brian Exp $
  */
 
 #include <sys/param.h>
@@ -43,15 +43,16 @@
 #if defined(__OpenBSD__) || defined(__NetBSD__)
 #include <sys/ioctl.h>
 #endif
+#include <stdio.h>
 #include <termios.h>
 #ifdef __NetBSD__
-#include <stdio.h>
 #include <unistd.h>
 #endif
 
 #include "layer.h"
 #include "mbuf.h"
 #include "log.h"
+#include "id.h"
 #include "timer.h"
 #include "lqr.h"
 #include "hdlc.h"
@@ -105,7 +106,7 @@ tun_configure(struct bundle *bundle)
 #ifdef __OpenBSD__
   info.flags = IFF_UP|IFF_POINTOPOINT;                             
 #endif
-  if (ioctl(bundle->dev.fd, TUNSIFINFO, &info) < 0)
+  if (ID0ioctl(bundle->dev.fd, TUNSIFINFO, &info) < 0)
     log_Printf(LogERROR, "tun_configure: ioctl(TUNSIFINFO): %s\n",
 	      strerror(errno));
 #endif
diff --git a/usr.sbin/ppp/ppp/udp.c b/usr.sbin/ppp/ppp/udp.c
index ac6f9f3850e..9d5ce6a5914 100644
--- a/usr.sbin/ppp/ppp/udp.c
+++ b/usr.sbin/ppp/ppp/udp.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$OpenBSD: udp.c,v 1.8 2000/11/07 23:32:18 brian Exp $
+ *	$OpenBSD: udp.c,v 1.9 2001/03/24 01:06:09 brian Exp $
  */
 
 #include <sys/types.h>
@@ -37,6 +37,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <sysexits.h>
+#include <sys/stat.h>
 #include <sys/uio.h>
 #include <termios.h>
 #include <unistd.h>
@@ -277,26 +278,36 @@ udp_Create(struct physical *p)
     }
   } else {
     /* See if we're a connected udp socket */
-    int type, sz, err;
-
-    sz = sizeof type;
-    if ((err = getsockopt(p->fd, SOL_SOCKET, SO_TYPE, &type, &sz)) == 0 &&
-        sz == sizeof type && type == SOCK_DGRAM) {
-      if ((dev = malloc(sizeof *dev)) == NULL) {
-        log_Printf(LogWARN, "%s: Cannot allocate a udp device: %s\n",
-                   p->link.name, strerror(errno));
+    struct stat st;
+
+    if (fstat(p->fd, &st) != -1 && (st.st_mode & S_IFSOCK)) {
+      int type, sz;
+
+      sz = sizeof type;
+      if (getsockopt(p->fd, SOL_SOCKET, SO_TYPE, &type, &sz) == -1) {
+        log_Printf(LogPHASE, "%s: Link is a closed socket !\n", p->link.name);
+        close(p->fd);
+        p->fd = -1;
         return NULL;
       }
 
-      /* We can't getpeername().... */
-      dev->connected = UDP_MAYBEUNCONNECTED;
+      if (sz == sizeof type && type == SOCK_DGRAM) {
+        if ((dev = malloc(sizeof *dev)) == NULL) {
+          log_Printf(LogWARN, "%s: Cannot allocate a udp device: %s\n",
+                     p->link.name, strerror(errno));
+          return NULL;
+        }
+
+        /* We can't getpeername().... */
+        dev->connected = UDP_MAYBEUNCONNECTED;
 
-      log_Printf(LogPHASE, "%s: Link is a udp socket\n", p->link.name);
+        log_Printf(LogPHASE, "%s: Link is a udp socket\n", p->link.name);
 
-      if (p->link.lcp.cfg.openmode != OPEN_PASSIVE) {
-        log_Printf(LogPHASE, "%s:   Changing openmode to PASSIVE\n",
-                   p->link.name);
-        p->link.lcp.cfg.openmode = OPEN_PASSIVE;
+        if (p->link.lcp.cfg.openmode != OPEN_PASSIVE) {
+          log_Printf(LogPHASE, "%s:   Changing openmode to PASSIVE\n",
+                     p->link.name);
+          p->link.lcp.cfg.openmode = OPEN_PASSIVE;
+        }
       }
     }
   }