summaryrefslogtreecommitdiff
path: root/usr.sbin
AgeCommit message (Collapse)Author
1999-02-25mib for pf_key is PF_KEY not PF_KEY_V2Theo de Raadt
1999-02-25Parse IP addresses more securely - specifically, don't allowbrian
a bum name to return as 0.0.0.0... we don't want ``delete xxx'' to delete the default route when xxx doesn't resolve. Support IP number specifications as the host when specifying a tcp-style device (rather than *just* hostnames).
1999-02-25When our dial timeout is ``random'', display its valuebrian
correctly by invoking the timer to get the value before displaying the message. Don't assume that a value of 0 is ``random'' in ``show datalink''. Make the random value between 1 and DIAL_TIMEOUT rather than between 0 and DIAL_TIMEOUT-1
1999-02-25Don't immediately bring auto links back up in multilinkbrian
mode (when there is more than one auto link) if there is no data queued to go out. Reviewed by: Tom Torrance <tom@tomqnx.com>
1999-02-25Document name change for sysctl encdebug.Angelos D. Keromytis
1999-02-24New position for the encdebug variable.Angelos D. Keromytis
1999-02-24We are OpenBSDArtur Grabowski
1999-02-24man page fix; markus.friedl@informatik.uni-erlangen.deMarco S Hyman
1999-02-24fix -R option; hughTheo de Raadt
1999-02-24keep example on one line; ross@netbsdTheo de Raadt
1999-02-23add machdep.apmwarn to docMarco S Hyman
1999-02-23document power status messages supressed until theMarco S Hyman
battery life falls below machdep.apmwarn
1999-02-21List the source files, not the object filesThorsten Lockert
1999-02-20Handle empty PAP & CHAP packets (containing only an FSM header).brian
Some CHAP implementations send no welcome message with their SUCCESS/FAILURE packets. This was being mis-identified as a truncated packet by the new authentication code :-(
1999-02-19Be a little more verbose about dodgy looking authenticationbrian
packets before dropping them in the bit-bucket.
1999-02-18Build correctly when -DNOCRYPT is used.brian
1999-02-18Don't expect a chap response if we haven't negotiatedbrian
chap 0x80.
1999-02-18Fully support both NT and LANMan CHAP type 0x80 as bothbrian
authenticator and authenticatee.
1999-02-17Nuke any remaining auth timers when datalinks come back downbrian
to DATALINK_LCP.
1999-02-17re-enable the bind() for non-superusers so normal users cannot set the ↵Todd C. Miller
source address to be a non-local address
1999-02-16handle sa_len being 0 in SIOCGIFCONFTheo de Raadt
1999-02-16indentTheo de Raadt
1999-02-16Wait by default for one second after the login scriptbrian
is complete before checking carrier. If it's there, the device supports carrier. If it's not it doesn't. Add the ``set cd'' command for deciding how soon to check for carrier, and for deciding if carrier is REQUIRED. The default has changed: Pre 2.0 versions of ppp waited for 1 second. Version 2 didn't wait, but this causes problems with some (few?) modems that don't assert carrier immediately on reporting CONNECT. The one second delay is back now and can be removed with ``set cd 0''. Bump the ppp version number in case this needs to be changed again....
1999-02-15fix building without make dependArtur Grabowski
1999-02-14Describe manual dialing in greater detail.brian
Mention more rfc numbers. Don't ``.Nm Ppp'' (just use ``.Nm'').
1999-02-12do not go past end of packet; abs@netbsdTheo de Raadt
1999-02-12When executing a command as part of a dial/login/hangupbrian
script, expand words in the same way as !bg does.
1999-02-11ship lease time in network order; cas@trans-nt.comTheo de Raadt
1999-02-11tweakTheo de Raadt
1999-02-11print ppp; from isdn4bsd package by Hellmuth Michaellis <mh@hcs.de>Michael Shalayeff
1999-02-11When resending chap challenges, resend the same challengebrian
each time rather than making up a new one. Increase the authname/authkey max sizes to 100 characters. Allow ``authkey'' specifications beginning with ``!''. When a challenge is received, the text following the ``!'' is executed as a program (expanding stuff in the same way that ``sh'' and ``!bg'' do). The program is passed the peer name, peer challenge and local ``authname'' on standard input and is expected to output the name/key combination that should be used to build the CHAP response. This provides support for Secure ID cards (guess what I was given at work recently!) using CHAP. Examples will follow.
1999-02-10Xr repairsTheo de Raadt
1999-02-07Correct server-side chap authentication comparisonbrian
(broken with last commit).
1999-02-07Remove forgotten diagnosticsbrian
1999-02-06Support RADIUSbrian
While I'm in there, validate pap & chap header IDs if ``idcheck'' is enabled (the default) for other FSM packet types. NOTE: This involved integrating the generation of chap challenges and the validation of chap responses (and commenting what's going on in those routines). I currently have no way of testing ppps ability to respond to M$Chap CHALLENGEs correctly, so if someone could do the honours, it'd be much appreciated (it *looks* ok!). Sponsored by: Internet Business Solutions Ltd., Switzerland
1999-02-05sendmail 8.9.3Todd C. Miller
1999-02-05ipf 3.2.10; work by kjellTheo de Raadt
1999-02-04allow higher uids.Niels Provos
1999-02-04Change the timer routines so that they interrupt when the nextbrian
item is scheduled rather than interrupting 10 times per second and finding that there's nothing to do most of the time. This change reduces interrupt overheads but will expose any (previously small) latency problems. Be more careful about building VJ compression requests - we can't htonl/ntohl the entire four bytes ! Also, when we get a NAK, try to get as close as possible to what the peer NAKs with when sending our next REQ. Similarily when we send a NAK, pick values as close as possible to what the peer REQd. Fix a couple of man page typos (compliments of billf@FreeBSD.org)
1999-02-04Use ether_ntoa() instead of doing the equivalent by handTodd C. Miller
1999-02-03Add more debugging info via -d; m4@umn.eduTodd C. Miller
1999-02-03The necessary defs are in paths.h now.Angelos D. Keromytis
1999-02-02Don't allow root to specify non-existent labels onbrian
the command line. Revise the error diagnostics so that invalid labels are reported immediately.
1999-02-02Reimplement the previous fix (no response to PAP requests)brian
at the authentication layer rather than at the PAP layer so that it also applies to CHAP (no response to CHAP challenges).
1999-02-01Hmmm... why not fixed before?Per Fogelstrom
1999-02-01If we receive no answer from the server when sending PAPbrian
requests, give up (don't sit there indefinitely).
1999-01-31Mention the error when we fail to connect().brian
1999-01-25Don't SEGV when ``set proctitle'' is used in the defaultbrian
section. Submitted by: Dan Lukes <dan@obluda.cz>
1999-01-24-q was not in usage()Bruno Rohee
1999-01-21official fix for sendmail header length DoSTodd C. Miller