#
b3e76948 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: two-line .h pattern Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
|
#
4d846d26 |
|
10-May-2023 |
Warner Losh <imp@FreeBSD.org> |
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch up to that fact and revert to their recommended match of BSD-2-Clause. Discussed with: pfg MFC After: 3 days Sponsored by: Netflix
|
#
1de7b4b8 |
|
27-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
various: general adoption of SPDX licensing ID tags. Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. No functional change intended.
|
#
c4ecf85b |
|
15-Oct-2013 |
Kevin Lo <kevlo@FreeBSD.org> |
Fix logic error. MPPE only accepts protocol numbers 0x21 through 0xFA. PR: bin/175974
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
eae11b7e |
|
07-Sep-2004 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Mark bundle as unused in case we're compiled with NORADIUS.
|
#
48f98fe4 |
|
04-Sep-2004 |
Brian Somers <brian@FreeBSD.org> |
Fix a warning Submitted by: Stefan Farfeleder <stefanf at FreeBSD dot org>
|
#
057f1760 |
|
04-Sep-2004 |
Brian Somers <brian@FreeBSD.org> |
Make ppp WARNS=5 clean
|
#
3285bb3c |
|
01-Jul-2002 |
Brian Somers <brian@FreeBSD.org> |
Don't trust the MPPE key lengths passed back from the RADIUS server. Instead, use the correct values based on the number of bits actually negotiated. Spotted by: Sergey Korolew <ds@rt.balakovo.ru>
|
#
2f11f09f |
|
28-Jun-2002 |
Brian Somers <brian@FreeBSD.org> |
When a RADIUS server is being used, don't use MPPE unless the RADIUS server says it's ok.
|
#
8fb5ef5a |
|
11-Jun-2002 |
Brian Somers <brian@FreeBSD.org> |
Understand the following Microsoft Vendor Specific RADIUS attributes: RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES RAD_MICROSOFT_MS_MPPE_RECV_KEY RAD_MICROSOFT_MS_MPPE_SEND_KEY These attributes may be supplied by a RADIUS server when MSCHAPv2 is used to authenticate. It *should* now be possible to build ppp with -DNODES and still support CHAP/MSCHAP/MSCHAPv2/MPPE via a RADIUS server, but the code isn't yet smart enough to do that (building with -DNODES just looses these facilities). Sponsored by: Monzoon
|
#
5bc74cd6 |
|
16-May-2002 |
Brian Somers <brian@FreeBSD.org> |
Put back <string.h>
|
#
de59e178 |
|
13-May-2002 |
Brian Somers <brian@FreeBSD.org> |
o Clean up some #includes o Bump version number to 3.0.4 o When talking to a RADIUS server, provide a NAS-Port-Type. When the NAS-Port-Type is Ethernet, provide a NAS-Port value equal to the SESSIONID from the environment in direct mode or the NGM_PPPOE_SESSIONID message in other modes. If no SESSIONID is found, default to the interface index in client mode or zero in server mode. When the NAS-Port-Type is ISDN, set the NAS-Port to the minor number of the physical device (ie, the N in /dev/i4brbchN). This makes it easier for the RADIUS server to identify the client WRT accounting data etc. Prompted by: lsz8425 <lsz8425@mail.cd.hn.cn>
|
#
e0ae8e19 |
|
13-May-2002 |
Brian Somers <brian@FreeBSD.org> |
Fix a syntax error
|
#
41320562 |
|
11-May-2002 |
Brian Somers <brian@FreeBSD.org> |
We don't need to include arpa/inet.h here. In fact, only FreeBSD needs netinet/in.h.
|
#
b50574e8 |
|
11-May-2002 |
Brian Somers <brian@FreeBSD.org> |
#include netinet/in.h when !__FreeBSD__ to silence some warnings from the inclusion of arpa/inet.h
|
#
ff360cc9 |
|
16-Apr-2002 |
Brian Somers <brian@FreeBSD.org> |
Make the way FSM options are processed easier to read by using structures instead of u_char *. The changes are cosmetic except: RecvConfigAck() now displays the options that are being ACK'd Huge (bogus) options sent from the peer won't cause an infinite loop SendIdent and ReceiveIdent are displayed consistenlty with other FSM data LCP AUTHPROTO options that aren't understood are NAK'd, not REJ'd
|
#
25f2690c |
|
30-Mar-2002 |
Brian Somers <brian@FreeBSD.org> |
Include arpa/inet.h
|
#
fb11a9c2 |
|
29-Mar-2002 |
Brian Somers <brian@FreeBSD.org> |
Merge the NETGRAPH branch into HEAD. tty devices now use netgraph's line discipline to do the async escaping, but no other benefits are available yet. Change ``ifdef HAVE_DES'' to ``ifndef NODES'' for consistency. Make the Makefile a little more sane WRT RELEASE_CRUNCH.
|
#
d9195807 |
|
13-Mar-2002 |
Brian Somers <brian@FreeBSD.org> |
Use the return value from snprintf() to keep a track of the length of the display string in MPPEDispOpts. PR: 35836 MFC After: 2 weeks
|
#
fd8e4ebc |
|
18-Feb-2002 |
Mike Barcroft <mike@FreeBSD.org> |
o Move NTOHL() and associated macros into <sys/param.h>. These are deprecated in favor of the POSIX-defined lowercase variants. o Change all occurrences of NTOHL() and associated marcros in the source tree to use the lowercase function variants. o Add missing license bits to sparc64's <machine/endian.h>. Approved by: jake o Clean up <machine/endian.h> files. o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>. o Remove prototypes for non-existent bswapXX() functions. o Include <machine/endian.h> in <arpa/inet.h> to define the POSIX-required ntohl() family of functions. o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>, and <sys/param.h>. o Prepend underscores to the ntohl() family to help deal with complexities associated with having MD (asm and inline) versions, and having to prevent exposure of these functions in other headers that happen to make use of endian-specific defines. o Create weak aliases to the canonical function name to help deal with third-party software forgetting to include an appropriate header. o Remove some now unneeded pollution from <sys/types.h>. o Add missing <arpa/inet.h> includes in userland. Tested on: alpha, i386 Reviewed by: bde, jake, tmm
|
#
d9dc3116 |
|
13-Sep-2001 |
Brian Somers <brian@FreeBSD.org> |
Correct alignment issues Obtained from: OpenBSD
|
#
a7428f18 |
|
27-Aug-2001 |
Brian Somers <brian@FreeBSD.org> |
Send a reset request for every packet received when our encryption dictionaries are out of sync. This avoids the complications that happen when our original reset request gets lost in transit (quite likely in hind sight, given a lossy link) when we end up ignoring the peer for the next (up to) 256 packets. Submitted by: Nick Sayer <nsayer@quack.kfu.com>
|
#
662a42f7 |
|
06-Jul-2001 |
Brian Somers <brian@FreeBSD.org> |
When we miss one or more packets in stateful mode *and* need to perform a key change, *and* our sequence numbers have wrapped, ensure that the number of key changes is calculated correctly. The previous code counted down from a negative number to zero, re-encrypting the current key on each iteration - this took some time and strangely enough got the answer wrong !!! Fix a(nother) spelling mistake while I'm there.
|
#
6301d506 |
|
03-Jul-2001 |
Brian Somers <brian@FreeBSD.org> |
Reduce the interface MTU by 2 when MPPE has been successfully negotiated. This is necessary because MPPE will combine the protocol id with the payload received on the tun interface, encrypt it, then prepend its own protocol id, effectively increasing the payload by two bytes.
|
#
6cf6ee76 |
|
18-Jun-2001 |
Brian Somers <brian@FreeBSD.org> |
Add support for stateful MPPE (microsoft encryption) providing encryption compatibility with Windows 2000. Stateful encryption uses less CPU but is bad on lossy transports. The ``set mppe'' command has been expanded. If it's used with any arguments, ppp will insist on encryption, closing LCP if the other end refuses. Unfortunately, Microsoft have abused the CCP reset request so that receiving a reset request does not result in a reset ack when using MPPE... Sponsored by: Monzoon Networks AG and FreeBSD Services Limited
|
#
7f89db65 |
|
04-Feb-2001 |
Brian Somers <brian@FreeBSD.org> |
Add a ``Usable'' function to the ccp switch. The function is called prior to sending a CCP configure request for a given protocol. The default is to send the request, but this is overridden for MPPE which checks to see if the lcp negotiations agreed CHAP81, and if not fails. Use the same function to decide if we should reject peer requests for MPPE. This should get rid of those boring messages about not being able to initialise MPPE when we don't negotiate CHAP81.
|
#
019d32bf |
|
03-Feb-2001 |
Brian Somers <brian@FreeBSD.org> |
Make the MPPE MasterKey Invalid messages a bit clearer (it now complains that you can't do MPPE without CHAP81). Reset MasterKeyValid to zero when we hit phase DEAD.
|
#
12df0d6c |
|
29-Dec-2000 |
Brian Somers <brian@FreeBSD.org> |
Log the ``MPPE: MasterKey is invalid...'' message as a CCP diagnostic rather than a warning.
|
#
542962dd |
|
07-Nov-2000 |
Brian Somers <brian@FreeBSD.org> |
Introduce another global (MPPE_IsServer) so that we initiate the MPPE session keys correctly. I'm a bit dubious about this code. It seems that the session keys are initialised differently based on whether you're the client or the server. One side is the server if it issues the first challenge, but of course you can issue a challenge from both sides.... at the same time. Sounds like another wonderful M$ assumption... Ppp can now talk to itself correctly using encryption. Problem solved by: Ustimenko Semen <semen@iclub.nsu.ru> Hair torn out by: me
|
#
1c25c5e0 |
|
04-Nov-2000 |
Brian Somers <brian@FreeBSD.org> |
Merge some OpenBSD/NetBSD fixes to the recent MPPE/CHAP0x81 update.
|
#
9b996792 |
|
29-Oct-2000 |
Brian Somers <brian@FreeBSD.org> |
Various whitespace changes. Make some functions static.
|
#
a8d604ab |
|
29-Oct-2000 |
Brian Somers <brian@FreeBSD.org> |
Add MPPE and MSChap v2 support (denied and disabled by default) Submitted by: Ustimenko Semen <semen@iclub.nsu.ru>
|