src - OpenBSD base system

diff options


context:
space:
mode:

author	brian <brian@cvs.openbsd.org>	2001-06-04 16:09:30 +0000
committer	brian <brian@cvs.openbsd.org>	2001-06-04 16:09:30 +0000
commit	8a9e0d0a9b16d94ed894bae8e7c965d16b630a7d (patch)
tree	d3a6b3e6bb9044b867e06cf150b85c7cec1baf95 /usr.sbin
parent	f539dadeb58f6d32322d27401d06fff0975a510a (diff)

Show the correct dial timeout when a random pause is configured

Understand ipencap traffic properly Optimise out SIOCIFADDR ioctls that aren't necessary Handle peers that don't send an initial IFADDR option during IPCP negotiations Fix markup for the /etc/ttys example Always use 4 arguments in examples of ``set ifaddr''

Diffstat (limited to 'usr.sbin')

-rw-r--r--

usr.sbin/ppp/ppp/datalink.c

-rw-r--r--

usr.sbin/ppp/ppp/ether.c

-rw-r--r--

usr.sbin/ppp/ppp/filter.c

-rw-r--r--

usr.sbin/ppp/ppp/filter.h

-rw-r--r--

usr.sbin/ppp/ppp/iface.c

-rw-r--r--

usr.sbin/ppp/ppp/ip.c

-rw-r--r--

usr.sbin/ppp/ppp/ipcp.c

151

-rw-r--r--

usr.sbin/ppp/ppp/ppp.8

8 files changed, 166 insertions, 94 deletions

diff --git a/usr.sbin/ppp/ppp/datalink.c b/usr.sbin/ppp/ppp/datalink.c
index 74e41e3aa22..fcc8a07e081 100644
--- a/usr.sbin/ppp/ppp/datalink.c
+++ b/usr.sbin/ppp/ppp/datalink.c

@@ -23,7 +23,7 @@

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

- * $OpenBSD: datalink.c,v 1.34 2001/02/04 01:14:24 brian Exp $

+ * $OpenBSD: datalink.c,v 1.35 2001/06/04 16:09:28 brian Exp $

#include <sys/param.h>

@@ -93,19 +93,16 @@ datalink_StartDialTimer(struct datalink *dl, int Timeout)

timer_Stop(&dl->dial.timer);

if (Timeout) {

- if (Timeout > 0)

- dl->dial.timer.load = Timeout * SECTICKS;

- else {

+ if (Timeout < 0)

result = (random() % DIAL_TIMEOUT) + 1;

- dl->dial.timer.load = result * SECTICKS;

- }

+ dl->dial.timer.load = result * SECTICKS;

dl->dial.timer.func = datalink_OpenTimeout;

dl->dial.timer.name = "dial";

dl->dial.timer.arg = dl;

timer_Start(&dl->dial.timer);

if (dl->state == DATALINK_OPENING)

log_Printf(LogPHASE, "%s: Enter pause (%d) for redialing.\n",

- dl->name, Timeout);

+ dl->name, result);

}

return result;

}

diff --git a/usr.sbin/ppp/ppp/ether.c b/usr.sbin/ppp/ppp/ether.c
index 0de2b7afe18..79896af287e 100644
--- a/usr.sbin/ppp/ppp/ether.c
+++ b/usr.sbin/ppp/ppp/ether.c

@@ -23,7 +23,7 @@

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

- * $OpenBSD: ether.c,v 1.9 2001/03/28 09:52:54 brian Exp $

+ * $OpenBSD: ether.c,v 1.10 2001/06/04 16:09:28 brian Exp $

#include <sys/param.h>

@@ -423,8 +423,8 @@ ether_Create(struct physical *p)

p->fd--; /* We own the device - change fd */

#if defined(__FreeBSD__) && !defined(NOKLDLOAD)

- if (modfind("netgraph") == -1) {

- log_Printf(LogWARN, "Netgraph is not built into the kernel\n");

+ if (modfind("netgraph") == -1 && ID0kldload("netgraph") == -1) {

+ log_Printf(LogWARN, "kldload: netgraph: %s\n", strerror(errno));

return NULL;

}

@@ -435,6 +435,11 @@ ether_Create(struct physical *p)

log_Printf(LogWARN, "kldload: ng_ether: %s\n", strerror(errno));

+ if (modfind("ng_pppoe") == -1 && ID0kldload("ng_pppoe") == -1) {

+ log_Printf(LogWARN, "kldload: ng_pppoe: %s\n", strerror(errno));

+ return NULL;

+ }

if (modfind("ng_socket") == -1 && ID0kldload("ng_socket") == -1) {

log_Printf(LogWARN, "kldload: ng_socket: %s\n", strerror(errno));

return NULL;

diff --git a/usr.sbin/ppp/ppp/filter.c b/usr.sbin/ppp/ppp/filter.c
index dbb4d0b0f84..3a76bd00ce2 100644
--- a/usr.sbin/ppp/ppp/filter.c
+++ b/usr.sbin/ppp/ppp/filter.c

@@ -17,7 +17,7 @@

* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

- * $OpenBSD: filter.c,v 1.17 2000/11/02 00:54:33 brian Exp $

+ * $OpenBSD: filter.c,v 1.18 2001/06/04 16:09:28 brian Exp $

* TODO: Should send ICMP error message when we discard packets.

@@ -153,6 +153,9 @@ ParsePort(const char *service, int proto)

int port;

switch (proto) {

+ case P_IPIP:

+ protocol_name = "ipip";

+ break;

case P_UDP:

protocol_name = "udp";

break;

@@ -483,6 +486,9 @@ Parse(struct ipcp *ipcp, int argc, char const *const *argv,

case P_UDP:

val = ParseUdpOrTcp(argc, argv, P_UDP, &filterdata);

break;

+ case P_IPIP:

+ val = ParseUdpOrTcp(argc, argv, P_IPIP, &filterdata);

+ break;

case P_ICMP:

val = ParseIcmp(argc, argv, &filterdata);

break;

@@ -641,7 +647,7 @@ filter_Show(struct cmdargs const *arg)

}

static const char * const protoname[] = {

- "none", "tcp", "udp", "icmp", "ospf", "igmp", "gre"

+ "none", "tcp", "udp", "icmp", "ospf", "igmp", "gre", "ipip"

};

const char *

diff --git a/usr.sbin/ppp/ppp/filter.h b/usr.sbin/ppp/ppp/filter.h
index 6eba1c52b35..0f00c9a07cb 100644
--- a/usr.sbin/ppp/ppp/filter.h
+++ b/usr.sbin/ppp/ppp/filter.h

@@ -15,7 +15,7 @@

* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

- * $OpenBSD: filter.h,v 1.12 2000/09/14 18:04:13 brian Exp $

+ * $OpenBSD: filter.h,v 1.13 2001/06/04 16:09:28 brian Exp $

* TODO:

@@ -30,10 +30,11 @@

#endif

#define P_IGMP 5

#ifdef IPPROTO_GRE

-#define P_GRE 6

+#define P_GRE 6

#endif

-#define P_ESP 7

-#define P_AH 8

+#define P_ESP 7

+#define P_AH 8

+#define P_IPIP 9

/* Operations - f_srcop, f_dstop */

#define OP_NONE 0

diff --git a/usr.sbin/ppp/ppp/iface.c b/usr.sbin/ppp/ppp/iface.c
index e7801e90840..a27f7ee4666 100644
--- a/usr.sbin/ppp/ppp/iface.c
+++ b/usr.sbin/ppp/ppp/iface.c

@@ -23,7 +23,7 @@

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

- * $OpenBSD: iface.c,v 1.15 2001/04/03 08:23:27 brian Exp $

+ * $OpenBSD: iface.c,v 1.16 2001/06/04 16:09:28 brian Exp $

#include <sys/param.h>

@@ -303,7 +303,12 @@ iface_inAdd(struct iface *iface, struct in_addr ifa, struct in_addr mask,

* the IP number as a destination.

if (chg == slot && iface->in_addr[chg].mask.s_addr == mask.s_addr) {

- nochange = 1;

+ if (brd.s_addr == iface->in_addr[slot].brd.s_addr)

+ nochange = 1;

+ /*

+ * If only the destination address has changed, the SIOCAIFADDR

+ * we do after the current loop will change it.

+ */

continue;

}

if (s == -1 && (s = ID0socket(AF_INET, SOCK_DGRAM, 0)) == -1) {

diff --git a/usr.sbin/ppp/ppp/ip.c b/usr.sbin/ppp/ppp/ip.c
index 12d8417ea9d..323a4a3f0de 100644
--- a/usr.sbin/ppp/ppp/ip.c
+++ b/usr.sbin/ppp/ppp/ip.c

@@ -17,7 +17,7 @@

* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

- * $OpenBSD: ip.c,v 1.29 2001/03/24 01:06:00 brian Exp $

+ * $OpenBSD: ip.c,v 1.30 2001/06/04 16:09:28 brian Exp $

* TODO:

* o Return ICMP message for filterd packet

@@ -279,11 +279,16 @@ FilterCheck(const struct ip *pip, const struct filter *filter, unsigned *psecs)

estab = syn = finrst = -1;

sport = ntohs(0);

break;

- case IPPROTO_UDP:

case IPPROTO_IPIP:

+ cproto = P_IPIP;

+ sport = dport = 0;

+ estab = syn = finrst = -1;

+ break;

+ case IPPROTO_UDP:

cproto = P_UDP;

if (datalen < 8) { /* UDP header is 8 octets */

- log_Printf(LogFILTER, " error: UDP must be at least 8 octets\n");

+ log_Printf(LogFILTER, " error: UDP/IPIP"

+ " must be at least 8 octets\n");

return 1;

}

@@ -635,14 +640,20 @@ PacketCheck(struct bundle *bundle, unsigned char *cp, int nb,

case IPPROTO_IPIP:

if (logit && loglen < sizeof logbuf) {

- uh = (struct udphdr *) ptop;

snprintf(logbuf + loglen, sizeof logbuf - loglen,

- "IPIP: %s:%d ---> ", inet_ntoa(pip->ip_src),

- ntohs(uh->uh_sport));

+ "IPIP: %s ---> ", inet_ntoa(pip->ip_src));

loglen += strlen(logbuf + loglen);

snprintf(logbuf + loglen, sizeof logbuf - loglen,

- "%s:%d", inet_ntoa(pip->ip_dst), ntohs(uh->uh_dport));

+ "%s", inet_ntoa(pip->ip_dst));

loglen += strlen(logbuf + loglen);

+ if (((struct ip *)ptop)->ip_v == 4) {

+ snprintf(logbuf + loglen, sizeof logbuf - loglen, " contains ");

+ result = PacketCheck(bundle, ptop, nb - (ptop - cp), filter,

+ logbuf, psecs);

+ if (result != -2)

+ return result;

+ }

}

break;

diff --git a/usr.sbin/ppp/ppp/ipcp.c b/usr.sbin/ppp/ppp/ipcp.c
index d6dc49044f9..6e62d6e6147 100644
--- a/usr.sbin/ppp/ppp/ipcp.c
+++ b/usr.sbin/ppp/ppp/ipcp.c

@@ -17,7 +17,7 @@

* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

- * $OpenBSD: ipcp.c,v 1.29 2001/04/05 02:24:05 brian Exp $

+ * $OpenBSD: ipcp.c,v 1.30 2001/06/04 16:09:29 brian Exp $

* TODO:

* o Support IPADDRS properly

@@ -29,6 +29,7 @@

#include <netinet/ip.h>

#include <arpa/inet.h>

#include <sys/socket.h>

+#include <net/if.h>

#include <net/route.h>

#include <netdb.h>

#include <sys/un.h>

@@ -992,6 +993,12 @@ ipcp_InterfaceUp(struct ipcp *ipcp)

return 0;

}

+ if (!iface_SetFlags(ipcp->fsm.bundle->iface->name, IFF_UP)) {

+ log_Printf(LogERROR, "ipcp_InterfaceUp: Can't set the IFF_UP flag on %s\n",

+ ipcp->fsm.bundle->iface->name);

+ return 0;

+ }

#ifndef NONAT

if (ipcp->fsm.bundle->NatEnabled)

PacketAliasSetAddress(ipcp->my_ip);

@@ -1051,19 +1058,90 @@ AcceptableAddr(const struct in_range *prange, struct in_addr ipaddr)

}

static void

+ipcp_ValidateReq(struct ipcp *ipcp, struct in_addr ip, struct fsm_decode *dec)

+ struct bundle *bundle = ipcp->fsm.bundle;

+ struct iface *iface = bundle->iface;

+ int n;

+ if (iplist_isvalid(&ipcp->cfg.peer_list)) {

+ if (ip.s_addr == INADDR_ANY ||

+ iplist_ip2pos(&ipcp->cfg.peer_list, ip) < 0 ||

+ ipcp_SetIPaddress(bundle, ipcp->cfg.my_range.ipaddr, ip, 1)) {

+ log_Printf(LogIPCP, "%s: Address invalid or already in use\n",

+ inet_ntoa(ip));

+ /*

+ * If we've already had a valid address configured for the peer,

+ * try NAKing with that so that we don't have to upset things

+ * too much.

+ */

+ for (n = 0; n < iface->in_addrs; n++)

+ if (iplist_ip2pos(&ipcp->cfg.peer_list, iface->in_addr[n].brd) >= 0) {

+ ipcp->peer_ip = iface->in_addr[n].brd;

+ break;

+ }

+ if (n == iface->in_addrs)

+ /* Just pick an IP number from our list */

+ ipcp->peer_ip = ChooseHisAddr(bundle, ipcp->cfg.my_range.ipaddr);

+ if (ipcp->peer_ip.s_addr == INADDR_ANY) {

+ *dec->rejend++ = TY_IPADDR;

+ *dec->rejend++ = 6;

+ memcpy(dec->rejend, &ip.s_addr, 4);

+ dec->rejend += 4;

+ } else {

+ *dec->nakend++ = TY_IPADDR;

+ *dec->nakend++ = 6;

+ memcpy(dec->nakend, &ipcp->peer_ip.s_addr, 4);

+ dec->nakend += 4;

+ }

+ return;

+ }

+ } else if (!AcceptableAddr(&ipcp->cfg.peer_range, ip)) {

+ /*

+ * If the destination address is not acceptable, NAK with what we

+ * want to use.

+ */

+ *dec->nakend++ = TY_IPADDR;

+ *dec->nakend++ = 6;

+ for (n = 0; n < iface->in_addrs; n++)

+ if ((iface->in_addr[n].brd.s_addr & ipcp->cfg.peer_range.mask.s_addr)

+ == (ipcp->cfg.peer_range.ipaddr.s_addr &

+ ipcp->cfg.peer_range.mask.s_addr)) {

+ /* We prefer the already-configured address */

+ memcpy(dec->nakend, &iface->in_addr[n].brd.s_addr, 4);

+ break;

+ }

+ if (n == iface->in_addrs)

+ memcpy(dec->nakend, &ipcp->peer_ip.s_addr, 4);

+ dec->nakend += 4;

+ return;

+ }

+ ipcp->peer_ip = ip;

+ *dec->ackend++ = TY_IPADDR;

+ *dec->ackend++ = 6;

+ memcpy(dec->ackend, &ip.s_addr, 4);

+ dec->ackend += 4;

+static void

IpcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

struct fsm_decode *dec)

{

/* Deal with incoming PROTO_IPCP */

- struct iface *iface = fp->bundle->iface;

struct ipcp *ipcp = fsm2ipcp(fp);

- int type, length, gotdnsnak, n;

+ int type, length, gotdnsnak, ipaddr_req;

u_int32_t compproto;

struct compreq *pcomp;

struct in_addr ipaddr, dstipaddr, have_ip;

char tbuff[100], tbuff2[100];

gotdnsnak = 0;

+ ipaddr_req = 0;

while (plen >= sizeof(struct fsmconfig)) {

type = *cp;

@@ -1083,66 +1161,8 @@ IpcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

switch (mode_type) {

case MODE_REQ:

- if (iplist_isvalid(&ipcp->cfg.peer_list)) {

- if (ipaddr.s_addr == INADDR_ANY ||

- iplist_ip2pos(&ipcp->cfg.peer_list, ipaddr) < 0 ||

- ipcp_SetIPaddress(fp->bundle, ipcp->cfg.my_range.ipaddr,

- ipaddr, 1)) {

- log_Printf(LogIPCP, "%s: Address invalid or already in use\n",

- inet_ntoa(ipaddr));

- /*

- * If we've already had a valid address configured for the peer,

- * try NAKing with that so that we don't have to upset things

- * too much.

- */

- for (n = 0; n < iface->in_addrs; n++)

- if (iplist_ip2pos(&ipcp->cfg.peer_list, iface->in_addr[n].brd)

- >=0) {

- ipcp->peer_ip = iface->in_addr[n].brd;

- break;

- }

- if (n == iface->in_addrs)

- /* Just pick an IP number from our list */

- ipcp->peer_ip = ChooseHisAddr

- (fp->bundle, ipcp->cfg.my_range.ipaddr);

- if (ipcp->peer_ip.s_addr == INADDR_ANY) {

- memcpy(dec->rejend, cp, length);

- dec->rejend += length;

- } else {

- memcpy(dec->nakend, cp, 2);

- memcpy(dec->nakend + 2, &ipcp->peer_ip.s_addr, length - 2);

- dec->nakend += length;

- }

- break;

- }

- } else if (!AcceptableAddr(&ipcp->cfg.peer_range, ipaddr)) {

- /*

- * If destination address is not acceptable, NAK with what we

- * want to use.

- */

- memcpy(dec->nakend, cp, 2);

- for (n = 0; n < iface->in_addrs; n++)

- if ((iface->in_addr[n].brd.s_addr &

- ipcp->cfg.peer_range.mask.s_addr)

- == (ipcp->cfg.peer_range.ipaddr.s_addr &

- ipcp->cfg.peer_range.mask.s_addr)) {

- /* We prefer the already-configured address */

- memcpy(dec->nakend + 2, &iface->in_addr[n].brd.s_addr,

- length - 2);

- break;

- }

- if (n == iface->in_addrs)

- memcpy(dec->nakend + 2, &ipcp->peer_ip.s_addr, length - 2);

- dec->nakend += length;

- break;

- }

- ipcp->peer_ip = ipaddr;

- memcpy(dec->ackend, cp, length);

- dec->ackend += length;

+ ipaddr_req = 1;

+ ipcp_ValidateReq(ipcp, ipaddr, dec);

break;

case MODE_NAK:

@@ -1389,6 +1409,11 @@ IpcpDecodeConfig(struct fsm *fp, u_char *cp, int plen, int mode_type,

}

if (mode_type != MODE_NOP) {

+ if (mode_type == MODE_REQ && !ipaddr_req) {

+ /* We *REQUIRE* that the peer requests an IP address */

+ ipaddr.s_addr = INADDR_ANY;

+ ipcp_ValidateReq(ipcp, ipaddr, dec);

+ }

if (dec->rejend != dec->rej) {

/* rejects are preferred */

dec->ackend = dec->ack;

diff --git a/usr.sbin/ppp/ppp/ppp.8 b/usr.sbin/ppp/ppp/ppp.8
index 9662d1e98a4..df41c799c0a 100644
--- a/usr.sbin/ppp/ppp/ppp.8
+++ b/usr.sbin/ppp/ppp/ppp.8

@@ -1,4 +1,4 @@

-.\" $OpenBSD: ppp.8,v 1.109 2001/03/24 01:06:04 brian Exp $

+.\" $OpenBSD: ppp.8,v 1.110 2001/06/04 16:09:29 brian Exp $

.Dd September 20, 1995

.Dt PPP 8

.Os

@@ -1154,7 +1154,7 @@ to enable a

on the port where the modem is attached.

For example:

.Pp

-.Dl ttyd1 "/usr/libexec/getty std.38400" dialup on secure

+.Dl ttyd1 Qo /usr/libexec/getty std.38400 Qc dialup on secure

.Pp

Don't forget to send a

.Dv HUP

@@ -1164,6 +1164,27 @@ process to start the

.Xr getty 8 :

.Pp

.Dl # kill -HUP 1

+.Pp

+It is usually also necessary to train your modem to the same DTR speed

+as the getty:

+.Bd -literal -offset indent

+# ppp

+ppp ON awfulhak> set device /dev/cua01

+ppp ON awfulhak> set speed 38400

+ppp ON awfulhak> term

+deflink: Entering terminal mode on /dev/cua01

+Type `~?' for help

+at

+OK

+at

+OK

+atz

+OK

+at

+OK

+~.

+ppp ON awfulhak> quit

+.Ed

.It

Create a

.Pa /usr/local/bin/ppplogin

@@ -1702,6 +1723,7 @@ command below.

must be one of

.Sq icmp ,

.Sq igmp ,

+.Sq ipip ,

.Sq ospf ,

.Sq udp

@@ -2467,13 +2489,13 @@ mp:

set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \\"\\" ATZ \e

OK-AT-OK \\\\dATDT\\\\T TIMEOUT 45 CONNECT"

set login

- set ifaddr 10.0.0.1/0 10.0.0.2/0

+ set ifaddr 10.0.0.1/0 10.0.0.2/0 0.0.0.0 0.0.0.0

set authname ppp

set authkey ppppassword

set mrru 1500

- clone 1,2,3

- link deflink remove

+ clone 1,2,3 # Create 3 new links - duplicates of the default

+ link deflink remove # Delete the default link (called ``deflink'')

.Ed

.Pp

Note how all cloning is done at the end of the configuration.

@@ -4587,7 +4609,7 @@ as they travel across the link.

.Oo Op host

.Ar src_addr Ns Op / Ns Ar width

.Op Ar dst_addr Ns Op / Ns Ar width

.Op dst lt|eq|gt Ar port

.Op estab

.Op syn