src - OpenBSD base system

Age	Commit message (Collapse)	Author
2024-09-20	remove unneeded semicolons; checked by millert@	Jonathan Gray

2024-08-22	Mechanically change inet_aton to inet_pton.	Florian Obser
	npppd does not document that it would accept truncated or otherwise not fully spelled out IPv4 addresses. ok yasuoka
2024-08-02	Backout previous. It was incompleted and too early.	YASUOKA Masahiko

2024-08-01	Change the routing entry of the pool addresses from blackhole to	YASUOKA Masahiko
	reject. This is better because the routing cache can be purged by the reject.
2024-07-17	Fix indent	YASUOKA Masahiko

2024-07-14	Make the lines of md5chap understandable.	YASUOKA Masahiko

2024-07-12	Fix Disconnect-Ack not to have an Error-Cause attribute. Tweak	YASUOKA Masahiko
	some log messages.
2024-07-11	Add Dynamic Authorization Extensions (DAE) for RADIUS server feature	YASUOKA Masahiko
	to npppd. It can be configured now so that it accepts disconnect requests and this works together with radiusd_ipcp(8) module. Also "nas-id" becomes configurable.
2024-07-01	tidy up the text in previous; ok yasuoka	Jason McIntyre

2024-07-01	Modify IPCP to use {D,NB}NS servers from RADIUS. Also move the	YASUOKA Masahiko
	radius related functions from ppp.c to npppd_radius.c.
2024-02-26	Add NAS-Identifier "npppd" for RADIUS requests. Also send Accouting-On	YASUOKA Masahiko
	when RADIUS accounting is configured.
2024-02-26	Put the RADIUS message authenticator in the Access-Request and check	YASUOKA Masahiko
	the message authenticators of any received messages from servers only if they include a message authenticator.
2024-02-26	Use unsigned integers for bit fields. Also fix white spaces.	YASUOKA Masahiko

2024-02-26	Convert K&R style function declarations to ANSI.	YASUOKA Masahiko

2024-01-18	Convert privsep imsg code to use imsg_get_fd().	Claudio Jeker
	ok yasuoka
2023-09-11	Check if the avp->length is not broken. Also make sure that	YASUOKA Masahiko
	avp_enum() checks if avp->length is valid. ok mvp
2023-04-19	remove duplicate includes	Jonathan Gray

2023-04-19	remove duplicate includes	Jonathan Gray

2023-03-08	Delete obsolete /* ARGSUSED */ lint comments.	Philip Guenther
	ok miod@ millert@
2023-03-02	improve the Nd lines such that the format is consistent for the	Jason McIntyre
	various d, conf, *ctl files (where relevant) and simple; also makes "man -k routing" more useful; help from claudio and florian ok claudio florian millert
2023-02-02	Deny "pipex no" tunnel setting for pppx(4) interfaces. They are useless	Vitaliy Makkoveev
	with disabled pipex(4), because in such case npppd(8) successfully establishes connection, but doesn't create corresponding interface, so the traffic doesn't flow. This is not applicable for pppac(4) interfaces, they work with disabled pipex(4). ok yasuoka@
2022-12-28	spelling fixes; from paul tagliamonte	Jason McIntyre
	any parts of his diff not taken are noted on tech
2022-08-29	static inline, not inline static	Jonathan Gray
	c99 6.11.5: "The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature." ok guenther@
2022-07-01	Remove PIPEXCSESSION ioctl(2) call only from npppd(8).	Vitaliy Makkoveev
	Long time ago pipex(4) sessions can't be deleted until pipex(4) queues become empty. Such dead sessions stay linked to the stack and the session `ip_forward' flag was used to prevent packets processing. But now pipex(4) session could be closed just after close request. This logic became unnecessary. PIPEXCSESSION ioctl(2) will be removed from kernel with upcoming diff. ok yasuoka@
2022-03-31	man pages: add missing commas between subordinate and main clauses	Christian Weisgerber
	jmc@ dislikes a comma before "then" in a conditional, so leave those untouched. ok jmc@
2022-03-10	authentcation -> authentication	Jonathan Gray

2022-01-07	npppd: convert to EVP_MD_CTX on heap	Theo Buehler
	In the upcoming libcrypto bump, EVP_MD_CTX will become opaque, so all EVP_MD_CTX variables will need to be moved from the stack to the heap. This is a mechanical conversion which also switches from EVP_Digest{Init,Final}() to their _ex() versions as suggested by millert. We cannot do error checking since this code is structured in several layers of void functions. This will have to be fixed by someone else. ok millert
2021-11-15	No need to declare optind, optarg or opterr; unistd.h does this for us.	Todd C. Miller
	From Jan Stary. OK deraadt@
2021-10-15	Don't declare variables as "unsigned char *" that are passed to	Christian Weisgerber
	functions that take "char *" arguments. Where such chars are assigned to int or passed to ctype functions, explicitly cast them to unsigned char. For OpenBSD's clang, -Wpointer-sign has been disabled by default, but when the parse.y code was built elsewhere, the compiler would complain. With help from millert@ ok benno@ deraadt@
2021-05-22	Remove ipsec_utils.c, its headers, and the code block which use it	YASUOKA Masahiko
	from npppd(8). They had been disabled for long time.
2021-03-29	spellings	YASUOKA Masahiko
	suggested by jsg
2021-03-10	Expand the maximum length for CHAP challenge to 96 octets. npppd	YASUOKA Masahiko
	couldn't handle ICCN message which has a ProxyAuthenChallenge AVP longer than 24 octets. Juniper actually send such challenges. Reported and tested by Ryan Freeman.
2021-03-10	Fix "phone number" spelling.	Patrick Wildt
	ok yasuoka@
2021-03-05	Fix some heap over-read in logging in PPTP protocol handler.	YASUOKA Masahiko

2021-02-01	Remove dummy TUNSIFMODE ioctl(2) call from pppac(4) and npppd(8). Since	mvs
	OpenBSD 6.7 npppd(8) can't work over tun(4). ok yasuoka@
2021-01-02	Remove PIPEX{S,G}MODE ioctl(2) commands. This time they are pretty dummy	mvs
	and were kept only for backward compatibility reasons. ok mpi@ yasuoka@
2020-12-30	The result of getifaddrs() not used in pppoed_reload(). Remove it.	Sebastian Benoit
	ok mvs@ kn@
2020-12-30	getifaddrs() can return entries where ifa_addr is NULL. Check for this	Sebastian Benoit
	before accessing anything in ifa_addr. ok claudio@
2020-08-09	Some times ago we disabled in-kernel timeout for pppx(4) related	mvs
	pipex(4) sessions. We did this for prevent use after free issue caused by pipex_timer(). By default "idle-timeout" is not set in npppd.conf(5) and I guess this is reason for we forgot to describe this exception in npppd.conf(5). Since it's pppx(4) related bug description was added to BUGS section of pppx(4) man page. npppd.conf(5) has this exception described in "idle-timeout" section. ok jmc@ yasuoka@
2020-06-22	Install npppd.conf(5) with mode 0600 instead of 0640. npppd.conf(5) can	mvs
	store radius passwords and nothing requires it to be group readable. ok yasuoka@
2020-06-13	remove the reference to tun(4), as suggested by kaya saman,	Jason McIntyre
	and advised by dlg;
2020-06-09	Prepare buffer for both receive and transmit side so that a client can	YASUOKA Masahiko
	use them separately. Actually a version of CISCO does and expects the peer does the same. Also fix some typos.
2020-04-23	replace examples of "Ic arg Ic arg" with "Ic arg arg" and stop the spread;	Jason McIntyre

2020-04-01	Put the interface down if the kernel fails to enable pipex.	Martin Pieuchot
	This is necessary to not silently continue if pppx_ioctl() returns an error. Found out by and diff from Vitaliy Makkoveev. ok yasuoka@
2020-01-23	do not Xr both pppx and pppac in SEE ALSO, since they are the same page;	Jason McIntyre

2020-01-23	use pppac(4) instead of tun(4)	David Gwynne

2020-01-23	allow npppd to use pppac(4) (once i wire it up)	David Gwynne

2019-09-02	More correction of section 3 layout. directory->opendir, fts->fts_open,	Theo de Raadt
	getcap->cgetent. pwcache->user_from_uid. And then repair references. ok jmc
2019-05-10	Delete superfluous #includes of <ifaddrs.h>, <net/if_dl.h>, and <net/if_enc.h>	Philip Guenther
	ok krw@, jsg@
2019-04-08	macro fix;	Jason McIntyre