Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.

Additional commits post-branch will follow.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Fix build of ppp when WITHOUT_PAM is set

PR: 210658
Reported by: madpilot
Tested by: madpilot
Approved by: re@ (kib)

Revert r301137 and r301163, and implement a correct fix
for the CONFS issue with dma.conf and ppp.conf.

Thank you very much to Bryan Drewery for looking into the
problem and providing this fix.

Pointyhat: gjb
Sponsored by: The FreeBSD Foundation

Revert r289096:

Files listed in 'CONFS' are not properly included in new
installations (missing from base.txz), for reasons I still
do not fully understand.

This reverts the change excluding /etc/ppp/ppp.conf from
a new installation. /etc/dma/dma.conf is also affected,
but requires a different solution, still being investigated.

Reported by: Ben Woods
Sponsored by: The FreeBSD Foundation

Use existing CONFDIR instead of adding a new CONFIGDIR

Reported by: jbeich

Install bsd.confs.mk
Rename ETCDIR into CONFIGDIR to avoid conflicts with the ports tree

Move ppp.conf into the ppp sources

Conditionalize building radius support into libpam, ppp, etc via
MK_RADIUS_SUPPORT

MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division

Convert usr.sbin to LIBADD
Reduce overlinking

Change file permissions for some setuid executables so they are "o+r".
The executable itself doesn't contain any privileged information.

An example of where this is useful is when makefs(8) is creating an image
that includes /sbin/shutdown. This can now be done without root privileges.

Reviewed by: delphij
Discussed with: delphij, des
CR: https://reviews.freebsd.org/D662

When building picobsd, define WITHOUT_OPENSSL and WITHOUT_KERBEROS and
remove the now-redundant checks for RELEASE_CRUNCH. This originally
was defined for building smaller sysinstall images, but was later also
used by picobsd builds for a similar purpose. Now that we've moved
away from sysinstall, picobsd is the only remaining consumer of this
interface. Adding these two options reduces the RELEASE_CRUNCH
special cases in the tree by half.

Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.

Move ppp.8.m4 back to ppp.8 and de-ifdef it.

Requested by: joel

MFC after: 1 week

Unbreak world WITHOUT_NETGRAPH.

PR: 137487
Submitted by: bf (previous version)
No objections: net@
MFC after: 2 weeks

Remove ISDN4BSD (I4B) from HEAD as it is not MPSAFE and
parts relied on the now removed NET_NEEDS_GIANT.
Most of I4B has been disconnected from the build
since July 2007 in HEAD/RELENG_7.

This is what was removed:
- configuration in /etc/isdn
- examples
- man pages
- kernel configuration
- sys/i4b (drivers, layers, include files)
- user space tools
- i4b support from ppp
- further documentation

Discussed with: rwatson, re

Reimplementation of world/kernel build options. For details, see:

http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)

NOPAM -> NO_PAM

Overhaul ppp(8) build options so they are safe to use in
/etc/make.conf:

NOALIAS -> retired (support provided by PPP_NO_NAT)
NOATM -> PPP_NO_ATM (also subject to NO_ATM global)
NODES -> PPP_NO_DES (support was broken, now recovered)
NOI4B -> PPP_NO_I4B (also subject to NO_I4B global)
NOKLDLOAD -> PPP_NO_KLDLOAD
NONAT -> PPP_NO_NAT
NONETGRAPH -> PPP_NO_NETGRAPH
NOPAM -> PPP_NO_PAM (will be subject to NO_PAM global)
NORADIUS -> PPP_NO_RADIUS
NOSUID -> retired (support provided by PPP_NO_SUID)
PPP_NOSUID -> PPP_NO_SUID

NOINET6 -> NO_INET6

NOCRYPT -> NO_CRYPT

NOATM -> NO_ATM

For variables that are only checked with defined(), don't provide
any fake value.

Reduce WARNS level to 3. Casting causes alignment warnings on platforms
with strong alignment (All 64-bit platforms, except amd64).

Make ppp WARNS=5 clean

Join the 21st century: Cryptography is no longer an optional component
of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.

Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004

Basic PAM authentication support.

Hide more crypto from being crunched at release time.

Don't check for the existance of src/crypto/ for building items that
may contain crypto. The days of ITAR paranoia are over, and the simple
macro tests that remain are sufficient.

Remove world read bit from the ppp binary; we don't do world-execute,
so it was inconsistent (although probably not harmful) to have
world-read.

Submitted by: Socketd <db@traceroute.dk>

Previous revision broke release building, unbreak it.

Prodded by: scottl

Retire the useless NOSECURE knob.

Approved by: re (scottl)

Fix CLEANFILES.

Merge the NETGRAPH branch into HEAD. tty devices now use netgraph's line
discipline to do the async escaping, but no other benefits are available yet.

Change ``ifdef HAVE_DES'' to ``ifndef NODES'' for consistency.

Make the Makefile a little more sane WRT RELEASE_CRUNCH.

ia64 support. Due to the bogus placement of some i4b includes, it is
i386-only, even though it would work on all the isa-capable platforms.
Change the NOI4B so that instead of excluding alpha, it only includes i386.

o Add ipv6 support, abstracting most NCP addresses into opaque
structures (well, they're treated as opaque).

It's now possible to manage IPv6 interface addresses and routing
table entries and to filter IPV6 traffic whether encapsulated or
not.

IPV6CP support is crude for now, and hasn't been tested against
any other implementations.

RADIUS and IPv6 are independent of eachother for now.

ppp.linkup/ppp.linkdown aren't currently used by IPV6CP

o Understand all protocols(5) in filter rules rather than only a select
few.

o Allow a mask specification for the ``delete'' command. It's now
possible to specifically delete one of two conflicting routes.

o When creating and deleting proxy arp entries, do it for all IPv4
interface addresses rather than doing it just for the ``current''
peer address.

o When iface-alias isn't in effect, don't blow away manually (via ``iface
add'') added interface addresses.

o When listening on a tcp server (diagnostic) socket, bind so that a
tcp46 socket is created -- allowing both IPv4 and IPv6 connections.

o When displaying ICMP traffic, don't display the icmp type twice.
When display traffic, display at least some information about unrecognised
traffic.

o Bump version

Inspired after filtering work by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org>

Preprocess ppp.8.m4 into ppp.8, taking into account any compile time
options used to build ppp.

Currently, this is a no-op and only handles LOCALNAT and LOCALRAD cases.

This will be used for the upcoming ipv6 changes, and allows a shared
man page between OpenBSD and FreeBSD.

Change permissions back to 4554/554

Suggested by: kris

Change permissions from [4]554 to [4]551

MFC after: 3 days

Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.

Remove GCC'isms in CFLAGS.

-DRELEASE_CRUNCH moved into crunchgen(1) config files for
release building. Remove a hack that is no longer needed.

- Backout botched attempt to introduce MANSECT feature.
- MAN[1-9] -> MAN.

Quote PPP_CONFDIR in CFLAGS

Change _PATH_PPP to PPP_CONFDIR and allow it to be overridden at compile time

Set the default manual section for usr.sbin/ to 8.

Add ``enable/disable tcpmssfixup'', defaulting to enabled.

Suggested by: julian
Hijacked from: ru (ports/net/tcpmssd)

Forgotten RELEASE_CRUNCH hack for mppe.c.
This fix is for "make release" and "make boot.flp".

Add MPPE and MSChap v2 support (denied and disabled by default)

Submitted by: Ustimenko Semen <semen@iclub.nsu.ru>

Don't define NOATM now that /usr/include/netnatm/ is created properly.

Support PPPoATM, disabled for now as /usr/include/netnatm doesn't exist

Submitted by: Jakob Stoklund Olesen <stoklund@taxidriver.dk>

Make -DNOSUID (or -DPPP_NOSUID) possible to build ppp without SUID
capabilities.

Understand -DNOINET6

Remove the last vestiges of libRSAglue now that it's an empty stub.
This should fix the buildworld problems some people were seeing.

Approved by: jkh

Buildworld fixes for NO_OPENSSH and NO_OPENSSL

Approved by: jkh

Update DISTRIBUTION for new crypto world order

Use libcrypto instead of libdes.

Remove MAINTAINER=

I don't claim to own the code and certainly don't want to discourage
people from fixing or updating it.

[I know it's the 29th, but the FREEZE hasn't yet been posted to committers]

Don't compile NETGRAPH out of ppp for the release crunch

Oops, netgraph.o -> ether.o for the RELEASE build.

Add an empty netgraph.o when building a release to keep the
crunch stuff happy.

Breakage spotted by: phk

Support PPPoE

Help (lots) from: julian, archie
Facilities from: ahebert@pubnix.net

Allow ``make -DNOKLDLOAD''

Cosmetic:
alias_cmd -> nat_cmd after a repo-copy

$Id$ -> $FreeBSD$

I misunderstood the failure mode - revert BINMODE to 4554. I'm still
going to remove ppp from the installation options in 5 days if ppp is
still broken, however, as it hasn't worked at installation time
for several weeks now and it's only causing people to fill my mailbox
with questions.

I don't know who decided that an install mode of 4544 was correct, but
for a binary it's far from it. This is why sysinstall is unable to run
ppp at startup time and causing weirdies in -current.

Cosmetic: bring closer to RELENG_3

NOALIAS -> NONAT
Reminded by: jkh

Don't includei 4b support on the alpha

Add ISDN support via isdnd & i4b. This requires version
0.81.1 of the i4b code - namely support of the I4B_VR_REQ
ioctl via the i4brbchX device.

Ppp controls the phone number, but idle timers and
SYNC/RAW decisions are still made by isdnd (in isdnd.rc).

This involves a new datalink state machine phase. The
``wait for carrier'' phase happens after dialing but
before logging in. The whole dial state should really
be abstracted so that each device type can deal with it
in its own way (thinking about PPPoE) - but that'll have
to wait.

The ``set cd'' symantics remain the same for tty devices,
but we now delay until we either get CD or timeout waiting
(at which time we drop the link if we require CD).

For i4b devices we always insist on carrier.

Thanks to hm@ for his help, and especially for pointing out
that I *don't* need to re-implement isdnd (that was a huge
waste of time !) :-]

Be more non-crypto friendly at make release time.

Allow ``host:port/udp'' devices and support ``host:port/tcp'' as
being the same as the previous (still supported) ``host:port''
syntax for tcp socket devices.

A udp device uses synchronous ppp rather than async, and avoids
the double-retransmit overhead that comes with ppp over tcp (it's
usually a bad idea to transport IP over a reliable transport that
itself is using an unreliable transport). PPP over UDP provides
througput of ** 1.5Mb per second ** with all compression disabled,
maxing out a PPro/200 when running ppp twice, back-to-back.

This proves that PPPoE is plausable in userland....

This change adds a few more handler functions to struct device and
allows derivations of struct device (which may contain their own
data etc) to pass themselves through the unix domain socket for MP.
** At last **, struct physical has lost all the tty crud !

iov2physical() is now smart enough to restore the correct stack of
layers so that MP servers will work again.

The version number has bumped as our MP link transfer contents have
changed (they now may contain a `struct device').

Don't extract the protocol twice in MP mode (resulting in protocol
rejects for every MP packet). This was broken with my original
layering changes.

Add ``Physical'' and ``Sync'' log levels for logging the relevent
raw packets and add protocol-tracking LogDEBUG stuff in various
LayerPush & LayerPull functions.

Assign our physical device name for incoming tcp connections by
calling getpeername().

Assign our physical device name for incoming udp connections from
the address retrieved by the first recvfrom().

o Redesign the layering mechanism and make the aliasing code part of
the layering.

We now ``stack'' layers as soon as we open the device (when we figure
out what we're dealing with). A static set of `dispatch' routines are
also declared for dealing with incoming packets after they've been
`pulled' up through the stacked layers.

Physical devices are now assigned handlers based on the device type
when they're opened. For the moment there are three device types;
ttys, execs and tcps.

o Increment version number to 2.2
o Make an entry in [uw]tmp for non-tty -direct invocations (after
pap/chap authentication).
o Make throughput counters quad_t's
o Account for the absolute number of mbuf malloc()s and free()s in
``show mem''.
o ``show modem'' becomes ``show physical''.

MAINTAINER=brian@FreeBSD.org

Initial RADIUS support (using libradius). See the man page for
details. Compiling with -DNORADIUS (the default for `release')
removes support.

TODO: The functionality in libradius::rad_send_request() needs
to be supplied as a set of routines so that ppp doesn't
have to wait indefinitely for the radius server(s). Instead,
we need to get a descriptor back, select() on the descriptor,
and ask libradius to service it when necessary.
For now, ppp blocks SIGALRM while in rad_send_request(), so
it misses PAP/CHAP retries & timeouts if they occur.

Only PAP is functional. When CHAP is attempted, libradius
complains that no User-Password has been specified... rfc2138
says that it *mustn't* be used for CHAP :-(

Sponsored by: Internet Business Solutions Ltd., Switzerland

Solve the ``first connection'' problem that occurs on
demand-dial links with dynamic IP numbers where the program
that causes the dial bind()s to an interface address that is
subsequently changed after ppp negotiation.

The problem is defeated by adding negotiated addresses to the
tun interface as additional alias addresses and providing a set
of ``iface'' commands for managing the interface. Libalias is
also required (and what a name clash!) - it happily IP-aliases
the address so that the source is that of the primary (negotiated)
interface and un-IP-aliases it on the way back.

An ``enable iface-alias'' is done implicitly by the -alias command
line switch. If -alias isn't given, iface-aliasing is disabled by
default and can't be enabled 'till an ``alias enable yes'' is done.
``alias enable no'' silently disables iface-alias.

So, for dynamic-IP-type-connections, running ``ppp -alias -auto blah''
will work for the first connection, although existing bindings will
not survive a disconnect/connect as the TCP peer will be trying to
send to the old IP address - the packets won't route.

It's now a lot easier to add IPXCP to ppp with minor updates to
the new iface.[ch] (if anyone ever gets 'round to it).

It's also now possible to manually add interface aliases with
something like ``iface add 1.2.3.4/24 5.6.7.8''. This allows
multi-homed ppp links :-)

Specify BINOWN explicitly - we don't want to depend on bsd.own.mk
setting it to ``root''.

Remove useless `BINOWN=root' now that it is the default.

Remove OpenBSD build support - let the Makefile vary per
OS rather than making it a mess and potentially screwing
up cross builds.
Suggested by: bde

Add OpenBSD build support

o Support callback types NONE, E.164, AUTH and CBCP.
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set login'' or
``set hangup''.
o Allow ``*'' and blanks as placeholders in ppp.secret and
allow a fifth field for specifying auth/cbcp dialback
parameters.
o Remove a few extraneous #includes
o Define the default number of REQs (restart counter) in defs.h
rather than hardcoding ``5'' all over the place.
o Fix a few man page inconsistencies.

Don't dlopen()/dlsym() libalias, use it in the same way
as the rest of the world uses libraries.

DISTRIBUTION=des

o If we come out of select() with only write descriptors that
end up writing zero bytes, sleep for 1/10 of a second so that
we don't end up using up too much cpu.
This should only ever happen on systems that wrongly report a
descriptor as writable despite the tty buffer being full.
Discussed with: Jeff Evarts

o Do an initial run-time check to see if select() alters the passed
timeval. This knowledge isn't yet used, but will be soon.

$@ is deprecated, use longer forms of single char macros

Fix previous commit. bit 1 is the execute bit, not the read bit *blush*
ie, BINMODE=4551 -> BINMODE=4554
Pointed out by: Bruce Evans <bde@zeta.org.au>

Make ppp world-readable so that root can get at it over
NFS when nobody isn't in group network :-)

Pointed out by: Bruce Evans <bde@zeta.org.au>

Remove -Wpointer-arith

MFMP: Make ppp multilink capable.
See the file README.changes, and re-read the man page.

Don't moan about not creating tunX.pid and ttyX.if if RELEASE_CRUNCH
is defined.

Remove the necessity of -ldes and -lalias etc from release/Makefile.
When building a release, RELEASE_CRUNCH is defined for a `make' of
the objects required by the crunch of each program. The object list
is still obtained in the same way, so you must make sure that all
objects are built (empty if necessary) by this make. ppp/Makefile
provides an example.

Reviewed by: jkh

Allow random IP number allocation to peer.
Validate the peers suggested IP by attempting to make a routing table
entry.
Give up IPCP negotiation if the peer NAKs us with an unusable IP.
Always SIOCDIFADDR then SIOCAIFADDR when configuring the tun device.
Using SIOCSIFDSTADDR allows duplicate dst addresses (which we don't
want)!!!
Allow up to 200 interface names (was 50) (now that ppp can play server
properly).
Up the version number (1.5 -> 1.6).

Cosmetic:
Log unexpected CCP packets in the CCP log rather than the ERROR log.
Log unexpected Config Reqs in the appropriate LCP/IPCP/CCP log rather
than the ERROR log.
Log failed route additions and deletions with WARN, not TCPIP.
Log the option id and length for unrecognised IPCP options.
Change some .Sq to .Ar in the man page.

Abstract the CCP layer a level.
Add DEFLATE support.

Fix prototypes.
Remove extraneous decls.
Add ``const'' to several places.
Allow ``make NOALIAS=1'' to remove IP aliasing.
Merge with OpenBSD - only the Makefiles vary.

We can now survive a compile with
-Wall -Wbad-function-cast -Wcast-align -Wcast-qual
-Winline -Wmissing-declarations -Wmissing-prototypes
-Wnested-externs -Wpointer-arith -Wredundant-decls
-Wshadow -Wstrict-prototypes -Wwrite-strings -Wchar-subscripts
(although the Makefile just contains -Wall).

Add throughput logging (disabled by default).
Use "enable throughput" to see modem & IPCP throughput.
Removed an extraneous prompt()

Abstract data read from and written to the tun device,
allowing for a possible header on the front of all packets.
In OpenBSD, there's a structure containing the address
family here.
If we're building under OpenBSD, set up the ``flags'' part
of struct tuninfo (not there under FreeBSD) so that we config
the interface as POINTOPOINT.
Prefix prototypes with ``extern'' in os.c for consistency.

These changes are cosmetic under FreeBSD, but allow ppp to
build & work under OpenBSD (bar the srandomdev() stuff,
the inclusing of <net/if_var.h> and some Makefile symantecs).

Introduce ID0 logging.
Stay as the invoking uid as much as possible.
Execution as a normal user is still forbidden for now,
so these changes are pretty ineffective.
The next commit will implement the modifications suggested
on -hackers a number of days ago.

Cosmetic (no functional changes):
o Add missing $Id$s
o Move extern decls from .c -> .h files
o Staticize
o Remove #includes from .h files
o style(9)ify includes
o bcopy -> memcpy
bzero -> memset
bcmp -> memcmp
index -> strchr
rindex -> strrchr
o Move timeout.h -> timer.h (making it consistent w/ timer.c)
o Add -Wmissing-prototypes

Test for the existence of ../../secure rather
than /usr/include/des.h before building with MSChap.
support. Also allow -DNOCRYPT (as well as -DNOSECURE)
as an override
sbin/init example pointed out by: bde

Don't login twice when using passwdauth
Suggested by: Peter Childs <pjchilds@imforei.apana.org.au>
Merge the whole module into a few lines in pap.c

Allow Microsoft CHAP authentication.
This is a combination of MD4 & DES.
Submitted by: Gabor Kincses <gabor@acm.org>

Install as group ``network''
Insist that uid == 0 for client ppp
Disallow client sockets if no password is specified
Don't exit on failure to open client socket for listening
Allow specification of null local password
Use reasonable size (smaller) ``vector''s in auth.c
Fix "passwd ..." usage message
Insist on "all" as arg to "quit" (if any)
Drop client socket connection before Cleanup() when "quit all"

Make ppp owner root.ppp, mode 4550
Suggested by: guido
Condoned by: eivind

Add "set server" to control the server socket.
Catch SIGUSR1 to re-init listening socket.
Document signal behaviour.

Add missing '\n's to LogPrintf(LogWARN,...)
Main() returns int not void.

AF_LOCAL ideal suggested a long time ago by: joerg

Overhaul ppp:
o Use syslog
o Remove references to stdout/stderr (incl perror())
o Introduce VarTerm - the interactive terminal or zero
o Allow "set timeout" to affect current session
o Change "set debug" to "set log"
o Allow "set log [+|-]flag"
o Make MSEXT and PASSWDAUTH stuff the default
o Move all #ifdef DEBUG stuff into the code - this
shouldn't be too much overhead. It's now controlled
with "set log +debug"
o Add "set log command, debug, tun, warn, error, alert"
o Remove cdefs.h, and assume an ansi compiler.
o Improve all diagnostic output
o Don't trap SIGSEGV
o SIGHUP now terminates again (log files are controlled
by syslog)
o Call CloseModem() when changing devices
o Fix parsing of third arg of "delete"

I think this fixes the "magic is same" problems that some
people have been experiencing.
The man page is being rewritten. It'll follow soon.

De-couple ppp from libalias. If libalias isn't there, the
alias commands simply won't work. Only root may specify the
location of the alias lib (otherwise, it's hard-coded).

Make logprintf silently fail if LogOpen hasn't been called.

Suggested by: eivind

Use the latest alias engine - now in libalias.

Submitted by: Charles Mott <cmott@srv.net>

Remove the syslog stuff, and allow various return values
in uu_lock(). Add uu_lockerr() for turning the results of
uu_lock into something printable. Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly where it should.

Suggested by: ache@freebsd.org

Move uucplock into libutil and create a manual page.

Reviewed by: ache@freebsd.org
These changes should fix the signal "problems" in ppp.
The signal changes should really be put into 2.2 too !
The following patches should do it. There were some other
changes made by Andrey recently that havn't been brought
into 2.2, it may be worth doing them now.

I remove pending signals completely, they are not useless, they are
dangerous! Signal handlers themself must be fixed to not call malloc,
but no pended handlers, it will be correct fix. In finite case each signal
handler can set some variable which will be analized later, but calling
handler functions manually is too dangerous (f.e. signals not blocked while
the handler or handlers switch executed in this case). Of course this
code can be fixed instead of removing, but it not worth fixing in any case.

Should go into 2.2

In addition sig.c code shows following dangerous fragments (there can be more,
but I stop after two):

This fragment

if (fn == SIG_DFL || fn == SIG_IGN) {
handler[sig-1] = (sig_type)0;
<------------- here
signal(sig,fn);
} else {

cause NULL pointer reference when signal comes
"here", but more worse fragment is below:

void handle_signals() {
int sig;

if (caused)
for (sig=0; sig<__MAXSIG; sig++, caused>>=1)
if (caused&1)
(*handler[sig])(sig+1);
}

caused is bitmask which set corresponding bit on each signal coming.
And now imagine, what happens when some signal comes (bit sets) while loop
is executed (see caused>>=1 !!!)

In this light carrier drop situation was (as gdb shows)
1. SIGSEGV in handle_signals because some junk called as *handler reference.
2. Since SIGSEGV was pended too (== never happens),
it can cause various range of disasters.

Revert $FreeBSD$ to $Id$

Tidy up signal handling.
All signal() calls have been changed to pending_signal() calls.
pending_signal() is defined in the new sig.c file. It remembers
the handler and traps the signal with a function that will remember
the signal.

main.c now calls handle_signals() to actually call the required
handlers (if the above handler was called).

If this doesn't close PR2662 (was PR2347), I'll cry.

Joerg, I think this should go into 2.2, but I havn't done anything
about it because I'm bound to botch it with the new sig.[ch] files.

I've just "cvs add"'d sig.[ch] so far.... can you update to 2.2 and
tell me what you did ? Thanks.

Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.

Updated DPADD to match LDADD.

The infamous IP aliasing code for ppp, modified to work as a runtime option
(otherwise ppp's behavior remains unchanged) and documented by myself,
Steve Sims, Nate Williams, Martin Renters and god-only-knows who else. :-)
Submitted by: nate
Obtained from: Charles Mott <cmott@srv.net>

Make changes suggested in PR#1825, closing it. Removes default local
hack behavior better than previous commit.
Submitted-By: Peter Childs <pjchilds@imforei.apana.org.au>

Turn LOCALHACK off by default (whoops!)
Noticed-By: Atsushi Murai <amurai@spec.co.jp>

Add support for the Evil Microsoft ppp extentions. Yes, they did it
on their own without even attempting to get concensus in the IETF, but
there are also lots of Win95/NT boxes out there.

CLoses PR#1494
Submitted-By: Peter Childs <pjchilds@imforei.apana.org.au>

Eliminate multiply uucplock.c

Use libmd's MD5.
inline hdlc checksum calculation.
make big tables const.

Final cleanup for now. -Wall is now silent. A couple of bogons found.

1. Do not log the password itself to ppp.log ( Mr. Rich Murphey )
2. Add ability to execute shell commands and suspend back into
invoking shell (Mr. J Wunsch)

Reviewed by: amurai@spec.co.jp
Submitted by: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
Rich Murphey <rich@lamprey.utmb.edu>

New user Process PPP based on iij-ppp0.94beta2.

o Supporting SYNC SIO device (But need a device driver)
- add "set speed sync"
o Fixing bug for Predictor-1 function.
o Add new parameter that re-sent interval for set timeout commands.
o Improving RTT (Round Trip Time) and reducing processor time.
- Previous Timer service was using polling, and now using
SIGALRM ;-)
- A 0.94beta2 will not work correctly....

-- Follows are additinal feature not including 0.94beta2
o Support Proxy ARP
- add "enable/disable proxy" commands
o Marging common routine in CHAP/PAP.
o Enhancing LCP/IPCP log information.
o Support local Authfication connection on port 300x and tty.
- You can set up pair of your "hostname -s" and
password in ppp.secret. if either ppp.secret file nor
your hostname line don't exist, It will notify a message
and working as same as previous version.(Backword compatibility)
- If you did set up them, It's allow connection but nothing to do
except help and passwd command.
- add "passwd yourpasswd" commands
o Support afilter - keep Alive filter that a packet can send/receiving
according to ifilter/ofilter but doesn't count it as preventing idle
timer expires.
- Same syntax of other filters.
o Fixing bugs reported by current user for previous one. Thanks !!

Reviewed by: Atsushi Murai (amurai@spec.co.jp)

This commit was generated by cvs2svn to compensate for changes in r6059,
which included commits to RCS files with non-trunk default branches.