Copy stable/11@r303970 to releng/11.0 as part of the 11.0-RELEASE
cycle.

Prune svn:mergeinfo from the new branch, and rename it to RC1.

Update __FreeBSD_version.

Use the quarterly branch for the default FreeBSD.conf pkg(8) repo and
the dvd1.iso packages population.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.

Additional commits post-branch will follow.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Handle NULL return from crypt(3). Mostly from DragonFly

Revert previous commit and fix OpenPAM issue properly.

Fix/workaround build breakage caused by PAM import

struct pam_conv takes a void * for the appdata_ptr but is being passed
a const char * - explicitly cast away the const

Fix the build on 64-bit platforms.

Make ppp WARNS=5 clean

Basic PAM authentication support.

o Clean up some #includes
o Bump version number to 3.0.4
o When talking to a RADIUS server, provide a NAS-Port-Type.

When the NAS-Port-Type is Ethernet, provide a NAS-Port value equal
to the SESSIONID from the environment in direct mode or the
NGM_PPPOE_SESSIONID message in other modes. If no SESSIONID is found,
default to the interface index in client mode or zero in server mode.

When the NAS-Port-Type is ISDN, set the NAS-Port to the minor number
of the physical device (ie, the N in /dev/i4brbchN).

This makes it easier for the RADIUS server to identify the client
WRT accounting data etc.

Prompted by: lsz8425 <lsz8425@mail.cd.hn.cn>

Get tun P2P address from the local pool if RADIUS server returned
255.255.255.254 as client ipaddr.

Reviewed-By: freebsd-net mailing list

When authenticating a name containing a ``\'', attempt to autenticate
using the part after the ``\'' if the original name is not found.

This allows M$ clients to use domain\user as their authname.

Reviewed by: Ian West <ian@niw.com.au>

o Add ipv6 support, abstracting most NCP addresses into opaque
structures (well, they're treated as opaque).

It's now possible to manage IPv6 interface addresses and routing
table entries and to filter IPV6 traffic whether encapsulated or
not.

IPV6CP support is crude for now, and hasn't been tested against
any other implementations.

RADIUS and IPv6 are independent of eachother for now.

ppp.linkup/ppp.linkdown aren't currently used by IPV6CP

o Understand all protocols(5) in filter rules rather than only a select
few.

o Allow a mask specification for the ``delete'' command. It's now
possible to specifically delete one of two conflicting routes.

o When creating and deleting proxy arp entries, do it for all IPv4
interface addresses rather than doing it just for the ``current''
peer address.

o When iface-alias isn't in effect, don't blow away manually (via ``iface
add'') added interface addresses.

o When listening on a tcp server (diagnostic) socket, bind so that a
tcp46 socket is created -- allowing both IPv4 and IPv6 connections.

o When displaying ICMP traffic, don't display the icmp type twice.
When display traffic, display at least some information about unrecognised
traffic.

o Bump version

Inspired after filtering work by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org>

Convert IIJ copyrights to BSD copyrights.

Approved by: Toshiharu OHNO <tohno@sirius.ocn.ne.jp>

Don't allowt '#' as a comment when it's embedded in quotes:

set something "xxx yyy # zzz" aaa

shouldn't be interpreted as

set something "xxx yyy" aaa

Don't munge ``set dial|login|logout|hangup'' arguments before
ExpandString() has a chance to do its own substitutions.

Notice and warn about unterminated quoted strings in commands.
The entire command is ignored if the syntax is invalid...

Cosmetic: Make struct mbuf more like kernel mbufs.

$Id$ -> $FreeBSD$

Don't drop the last character from lines in ppp.secret unless it's '\n'.

o Redesign the layering mechanism and make the aliasing code part of
the layering.

We now ``stack'' layers as soon as we open the device (when we figure
out what we're dealing with). A static set of `dispatch' routines are
also declared for dealing with incoming packets after they've been
`pulled' up through the stacked layers.

Physical devices are now assigned handlers based on the device type
when they're opened. For the moment there are three device types;
ttys, execs and tcps.

o Increment version number to 2.2
o Make an entry in [uw]tmp for non-tty -direct invocations (after
pap/chap authentication).
o Make throughput counters quad_t's
o Account for the absolute number of mbuf malloc()s and free()s in
``show mem''.
o ``show modem'' becomes ``show physical''.

Avoid a few warnings on the alpha

Allow control over the number of ConfigREQ & TermREQ attempts
that are made in each of the FSMs (LCP, CCP & IPCP) and the
number of REQs/Challenges for PAP/CHAP by accepting more arguments
in the ``set {c,ip,l}cpretry'' and ``set {ch,p}apretry'' commands.

Change the non-convergence thresholds to 3 times the number of configured
REQ tries (rather than the previous fixed ``10''). We now notice
repeated NAKs and REJs rather than just REQs.

Don't suggest that CHAP 0x05 isn't supported when it's not configured.

Fix some bugs that expose themselves with smaller numbers of retries:
o Handle instantaneous disconnects (set device /dev/null) correctly
by stopping all fsm timers in fsm2initial.
o Don't forget to uu_unlock() devices that are files but are not
ttys (set device /dev/zero).

Fix a *HORRENDOUS* bug in RFC1661 (already fixed for an Open event in state
``Closed''):
According to the state transition table, a RCR+ or RCR- received in
the ``Stopped'' state are supposed to InitRestartCounter, SendConfigReq
and SendConfig{Ack,Nak}. However, in ``Stopped'', we haven't yet
done a TLS (or the last thing we did is a TLF). We must therefore
do the TLS at this point !

This was never noticed before because LCP and CCP used not use
LayerStart() for anything interesting, and IPCP tends to go into
Stopped then get a Down because of an LCP RTR rather than getting a
RCR again.

Handle empty PAP & CHAP packets (containing only an FSM header).
Some CHAP implementations send no welcome message with their
SUCCESS/FAILURE packets. This was being mis-identified as
a truncated packet by the new authentication code :-(

Be a little more verbose about dodgy looking authentication
packets before dropping them in the bit-bucket.

Fully support both NT and LANMan CHAP type 0x80 as both
authenticator and authenticatee.

Decouple pap & chap output routines from the corresponding
input routines and take advantage of the new init/continue
interface in libradius. This allows a timely response on
other links in an MP setup while RADIUS requests are in
progress as well as the ability to handle other data from
the peer in parallel. It should also make the future addition
of PAM support trivial.

While I'm in there, validate pap & chap header IDs if
``idcheck'' is enabled (the default) for other FSM packet
types.

NOTE: This involved integrating the generation of chap
challenges and the validation of chap responses
(and commenting what's going on in those routines).
I currently have no way of testing ppps ability
to respond to M$Chap CHALLENGEs correctly, so if
someone could do the honours, it'd be much
appreciated (it *looks* ok!).

Sponsored by: Internet Business Solutions Ltd., Switzerland

Reimplement the previous fix (no response to PAP requests)
at the authentication layer rather than at the PAP layer
so that it also applies to CHAP (no response to CHAP
challenges).

If we receive no answer from the server when sending PAP
requests, give up (don't sit there indefinitely).

Initial RADIUS support (using libradius). See the man page for
details. Compiling with -DNORADIUS (the default for `release')
removes support.

TODO: The functionality in libradius::rad_send_request() needs
to be supplied as a set of routines so that ppp doesn't
have to wait indefinitely for the radius server(s). Instead,
we need to get a descriptor back, select() on the descriptor,
and ask libradius to service it when necessary.
For now, ppp blocks SIGALRM while in rad_send_request(), so
it misses PAP/CHAP retries & timeouts if they occur.

Only PAP is functional. When CHAP is attempted, libradius
complains that no User-Password has been specified... rfc2138
says that it *mustn't* be used for CHAP :-(

Sponsored by: Internet Business Solutions Ltd., Switzerland

Don't return stack-based data. This may have caused
server-side CHAP authentication problems in the past :-/

Put the IP buffer queues into struct ipcp.
Forgotten by: me

o Support callback types NONE, E.164, AUTH and CBCP.
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set login'' or
``set hangup''.
o Allow ``*'' and blanks as placeholders in ppp.secret and
allow a fifth field for specifying auth/cbcp dialback
parameters.
o Remove a few extraneous #includes
o Define the default number of REQs (restart counter) in defs.h
rather than hardcoding ``5'' all over the place.
o Fix a few man page inconsistencies.

Add missing braces - without them, the IP & label were mis-selected
from ppp.secret.
Problem reported by: Dom Mitchell <dom@phmit.demon.co.uk>

o De-staticise things that don't need to be static.
o Bring the static ``ttystate'' into struct prompt so that
the tilde context is per prompt and not global.
o Comment the remaining static variables so that it's
clear why they're static.
o Add some XXX comments suggesting that our interface list
and our hostname should be re-generated after a signal
(say SIGUSR1) so that a machine with PCCARDs has a chance.

MFMP: Make ppp multilink capable.
See the file README.changes, and re-read the man page.

Add extraneous braces to stiffle warnings from gcc-2.8

Remove unused #includes.
Make various bits static.
Remove unused variables.
Submitted by: eivind

o Allow the use of HISADDR as the first arg to "add".
o Allow a forth argument in ppp.secret, specifying a new
label. This gives control over which section of
ppp.link{up,down} is used based on the authenticated user.
o Support random address ranges in ppp.secret (not just in ppp.conf).
o Add a AUTHENTICATING INCOMING CONNECTIONS section to the man page.
o Add a bit more about DEFLATE in the man page.
o Fix the incorrect "you must specify a password in interactive
mode" bit of the manual.
o Space things in the man page consistently.
o Be more precice about where you can use MYADDR, HISADDR and INTERFACE
in the "add" command documentation.

Cosmetic (style):
sizeof(var) -> sizeof var
sizeof type -> sizeof(type)

Suggested by: J Wunsch <j@uriah.heep.sax.de>

Fix prototypes.
Remove extraneous decls.
Add ``const'' to several places.
Allow ``make NOALIAS=1'' to remove IP aliasing.
Merge with OpenBSD - only the Makefiles vary.

We can now survive a compile with
-Wall -Wbad-function-cast -Wcast-align -Wcast-qual
-Winline -Wmissing-declarations -Wmissing-prototypes
-Wnested-externs -Wpointer-arith -Wredundant-decls
-Wshadow -Wstrict-prototypes -Wwrite-strings -Wchar-subscripts
(although the Makefile just contains -Wall).

Add id strings to tun.[ch].
Don't try to open ppp.secret if we're never going to use it.

Finish the security improvements:
o Add "allow" command:
"allow users a b c" gives access to users a, b and c.
"allow modes auto" gives those users access to auto mode only.
"allow users *" and "allow modes *" are accepted.
No users and all modes are allowed by default.
UID 0 can do anything.
o Set the current label with the "load" and "dial" commands
so that the call to ppp.linkdown makes sense.
o Up the verison number.
o Don't OR MODE_AUTO for -background and -ddial.
o Don't OR MODE_INTER when we get a diagnostic connection.
o Allow up to 40 args per line (was 20).
o "set ifaddr" only changes the interface in AUTO mode (with other
modes, it happens after IPCP negotiation).
o Sort command descriptions in the man page.
o Support -dedicated mode where we just talk ppp forever (no login etc).

Don't create a diagnostic socket by default.
Allow a password spec on the "set server" command line.
Use SIGUSR2 to close the diagnostic socket.
Some man page corrections.

Don't ask for a password if it's specified as empty.

Increase chat script sizes to 512
Requested by: Michael Reifenberger <root@totum.plaut.de>

Cosmetic (no functional changes):
o Add missing $Id$s
o Move extern decls from .c -> .h files
o Staticize
o Remove #includes from .h files
o style(9)ify includes
o bcopy -> memcpy
bzero -> memset
bcmp -> memcmp
index -> strchr
rindex -> strrchr
o Move timeout.h -> timer.h (making it consistent w/ timer.c)
o Add -Wmissing-prototypes

Correct ppp authentication defaults in interactive
mode. We don't want to be forced to type a password
here :-(
Pointed out by: mouth@ibm.net (John Kelly)

While I'm there, don't allow a "set server" in
interactive mode.

Install as group ``network''
Insist that uid == 0 for client ppp
Disallow client sockets if no password is specified
Don't exit on failure to open client socket for listening
Allow specification of null local password
Use reasonable size (smaller) ``vector''s in auth.c
Fix "passwd ..." usage message
Insist on "all" as arg to "quit" (if any)
Drop client socket connection before Cleanup() when "quit all"

Make the code format more in line with style(9).
Update loadalias to use the new libalias api.
Update to version 1.1.

Overhaul ppp:
o Use syslog
o Remove references to stdout/stderr (incl perror())
o Introduce VarTerm - the interactive terminal or zero
o Allow "set timeout" to affect current session
o Change "set debug" to "set log"
o Allow "set log [+|-]flag"
o Make MSEXT and PASSWDAUTH stuff the default
o Move all #ifdef DEBUG stuff into the code - this
shouldn't be too much overhead. It's now controlled
with "set log +debug"
o Add "set log command, debug, tun, warn, error, alert"
o Remove cdefs.h, and assume an ansi compiler.
o Improve all diagnostic output
o Don't trap SIGSEGV
o SIGHUP now terminates again (log files are controlled
by syslog)
o Call CloseModem() when changing devices
o Fix parsing of third arg of "delete"

I think this fixes the "magic is same" problems that some
people have been experiencing.
The man page is being rewritten. It'll follow soon.

De-couple ppp from libalias. If libalias isn't there, the
alias commands simply won't work. Only root may specify the
location of the alias lib (otherwise, it's hard-coded).

Make logprintf silently fail if LogOpen hasn't been called.

Suggested by: eivind

Tidy up the code - bounds checking, return
value checking etc.

Submitted by: eivind

Allow up to 40 args in the chat script (was 20).
Ignore subsequent args rather than scribbling.

PR: 1952
Submitted by: Mikael Hybsch <micke@free.dynas.se>

Revert $FreeBSD$ to $Id$

Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.

Fix many buffer overruns in the code. Specifically, disallow ExpandString
to be used to expand things beyond the size of the buffer passed in. Also
do a general cleanup of sprintf -> snprintf as well as strcpy and strncat
safety. Also expand some buffers to allow for the largest possible data
that might be used.

This is a 2.2 candidate. However, it needs to be vetted on -current
since little testing has been done on this due to my lack of PPP on
this machine.

Reviewed by: Jordan Hubbard, Peter Wemm, Guido van Rooij

Here is a diff of /usr/src/usr.sbin/ppp against current. The diffs
add some logging functionality which I find very useful.
'set debug link' will record just link up/down and address assignments.
'set debug connect' will record the entire chat dialog
'set debug carrier' will record just chat lines including 'CARRIER'
(so that I can be sure I'm getting a 28.8 line).

There was a global change required to permit LogPrintf to take a bit
mask instead of a bit position value (to permit logging some events
on either of two flags, so that no change in 'set debug lcp' would
result from the code supporting 'link'. Thus the diffs are rather
long for such a small change. The man page is also touched.

Oh, and there was a slight syntax problem in route.c

Reviewed by: phk
Submitted by: Tony Kimball <alk@Think.COM>

Final cleanup for now. -Wall is now silent. A couple of bogons found.

1. Do not log the password itself to ppp.log ( Mr. Rich Murphey )
2. Add ability to execute shell commands and suspend back into
invoking shell (Mr. J Wunsch)

Reviewed by: amurai@spec.co.jp
Submitted by: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
Rich Murphey <rich@lamprey.utmb.edu>

Remove trailing whitespace.

Fixing minor bug and allow help(Not for all command) and quit
but not close line connection by "quit all" command if not
authorized.

Reviewed by: amurai@spec.co.jp
Submitted by: tony-o@iij.ad.jp amurai@spec.co.jp

New user Process PPP based on iij-ppp0.94beta2.

o Supporting SYNC SIO device (But need a device driver)
- add "set speed sync"
o Fixing bug for Predictor-1 function.
o Add new parameter that re-sent interval for set timeout commands.
o Improving RTT (Round Trip Time) and reducing processor time.
- Previous Timer service was using polling, and now using
SIGALRM ;-)
- A 0.94beta2 will not work correctly....

-- Follows are additinal feature not including 0.94beta2
o Support Proxy ARP
- add "enable/disable proxy" commands
o Marging common routine in CHAP/PAP.
o Enhancing LCP/IPCP log information.
o Support local Authfication connection on port 300x and tty.
- You can set up pair of your "hostname -s" and
password in ppp.secret. if either ppp.secret file nor
your hostname line don't exist, It will notify a message
and working as same as previous version.(Backword compatibility)
- If you did set up them, It's allow connection but nothing to do
except help and passwd command.
- add "passwd yourpasswd" commands
o Support afilter - keep Alive filter that a packet can send/receiving
according to ifilter/ofilter but doesn't count it as preventing idle
timer expires.
- Same syntax of other filters.
o Fixing bugs reported by current user for previous one. Thanks !!

Reviewed by: Atsushi Murai (amurai@spec.co.jp)

This commit was generated by cvs2svn to compensate for changes in r6059,
which included commits to RCS files with non-trunk default branches.