spellings
suggested by jsg

The result of getifaddrs() not used in pppoed_reload(). Remove it.
ok mvs@ kn@

getifaddrs() can return entries where ifa_addr is NULL. Check for this
before accessing anything in ifa_addr.
ok claudio@

errror -> error in log messages; from alessandro gallo

Switch base tools from /dev/bpf0 to /dev/bpf. Now that /dev/bpf has been
around for two releases, it should be safe to do so.

ok bluhm deraadt sthen tb yasuoka

Replace the /dev/bpf* open loop with a plain open("/dev/bpf0", ...).
ok deraadt jca

Replace 'arc4random() % (2^k - 1)' by 'arc4random() & (2^k - 1)' to
avoid modulo bias. Part of a diff by Matthew Martin, reviewed by
deraadt@ and me.

ok deraadt@

Simplify and lock down priv_open():
* kill the 'mode' argument
* fail if passed any flags other than O_ACCMODE OR O_NONBLOCK
* paranoia: mask O_CREAT when calling open() with only two arguments
* instead of using ioctl(FIONBIO) after the fact, pass O_NONBLOCK to
priv_open()

"good start" deraadt@
ok yasuoka@

move to <limits.h> universe
ok yasuoka

Fix typos in comments.

ok jmc, yasuoka

Switch from <sys/endian.h> or <machine/endian.h> to the new,
being-standardized <endian.h>

ok deraadt@ millert@ beck@

Stop output "Stopped" log message of the tunnel protocols.

Don't use random() because it's not safe. Use arc4random() instead of
it. Suggested by deraadt.

pppoed didn't work since it has been broken after the last
configuration parser change.

pointed out by todd.

New configuration syntax for npppd(8). `npppd.conf' will be based on
parse.y and `npppd-users' will be based on getcap(3). Add man pages.

feedback from giovanni

Trivial changes from the upstream(IIJ).
- fix styles, compile errors in some ifdef condition and compiler warnings.
- delete rtev* that was to work around routing socket overflows.
- delete is_ctrl argument from l2tp_ctrl_send_packet(). It's not used.
- tweak returning the exit status.
- use IPV6_IPSEC_POLICY for IPv6 socket.
(though npppd cannot set up a ipsec policy to the socket yet.)

ok mcbride henning

Fix comments and styles. Delete unused variables and labels.
No binary changes.

ok mcbride henning

Fix compiler warnings and some styles.

ok sebastia sthen

fix a buffer overflow in the pppoe receive packet handling.

diff from yasuoka@
ok deraadt@

add $OpenBSD$ and remove trailing space. no functional change.

Translate Japanese comments or labels into English. Translation was
done by IIJ people (MATSUI Yoshihiro, SAITOH Masanobu, Tomoyuki Sahara),
yuo@ and myself.

This diff also includes
- delete part of useless comments, correct spelling.
- add man page of npppdctl.

There is no functional change.

privilege separation of npppd.

- Drop privilege after daemon initializing.
- Some system calls that requires root privileges were replaced to
wrapper functions that communicate with a separated privileged
process via IPC. And the privileged process checks whether the
operations are acceptable.

Fixed 2 off-by-one problems.
(found by parfait, reported by jsg@)

cleanup npppd code. delete IIJ local ifdef switches and fix warnings.
ok @dlg

Initial import npppd(8). npppd is a new PPP daemon that handles many
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.

ok mcbride@ dlg@ deraadt@ reyk@.

The result of getifaddrs() not used in pppoed_reload(). Remove it.
ok mvs@ kn@

getifaddrs() can return entries where ifa_addr is NULL. Check for this
before accessing anything in ifa_addr.
ok claudio@

errror -> error in log messages; from alessandro gallo

Switch base tools from /dev/bpf0 to /dev/bpf. Now that /dev/bpf has been
around for two releases, it should be safe to do so.

ok bluhm deraadt sthen tb yasuoka

Replace the /dev/bpf* open loop with a plain open("/dev/bpf0", ...).
ok deraadt jca

Replace 'arc4random() % (2^k - 1)' by 'arc4random() & (2^k - 1)' to
avoid modulo bias. Part of a diff by Matthew Martin, reviewed by
deraadt@ and me.

ok deraadt@

Simplify and lock down priv_open():
* kill the 'mode' argument
* fail if passed any flags other than O_ACCMODE OR O_NONBLOCK
* paranoia: mask O_CREAT when calling open() with only two arguments
* instead of using ioctl(FIONBIO) after the fact, pass O_NONBLOCK to
priv_open()

"good start" deraadt@
ok yasuoka@

move to <limits.h> universe
ok yasuoka

Fix typos in comments.

ok jmc, yasuoka

Switch from <sys/endian.h> or <machine/endian.h> to the new,
being-standardized <endian.h>

ok deraadt@ millert@ beck@

Stop output "Stopped" log message of the tunnel protocols.

Don't use random() because it's not safe. Use arc4random() instead of
it. Suggested by deraadt.

pppoed didn't work since it has been broken after the last
configuration parser change.

pointed out by todd.

New configuration syntax for npppd(8). `npppd.conf' will be based on
parse.y and `npppd-users' will be based on getcap(3). Add man pages.

feedback from giovanni

Trivial changes from the upstream(IIJ).
- fix styles, compile errors in some ifdef condition and compiler warnings.
- delete rtev* that was to work around routing socket overflows.
- delete is_ctrl argument from l2tp_ctrl_send_packet(). It's not used.
- tweak returning the exit status.
- use IPV6_IPSEC_POLICY for IPv6 socket.
(though npppd cannot set up a ipsec policy to the socket yet.)

ok mcbride henning

Fix comments and styles. Delete unused variables and labels.
No binary changes.

ok mcbride henning

Fix compiler warnings and some styles.

ok sebastia sthen

fix a buffer overflow in the pppoe receive packet handling.

diff from yasuoka@
ok deraadt@

add $OpenBSD$ and remove trailing space. no functional change.

Translate Japanese comments or labels into English. Translation was
done by IIJ people (MATSUI Yoshihiro, SAITOH Masanobu, Tomoyuki Sahara),
yuo@ and myself.

This diff also includes
- delete part of useless comments, correct spelling.
- add man page of npppdctl.

There is no functional change.

privilege separation of npppd.

- Drop privilege after daemon initializing.
- Some system calls that requires root privileges were replaced to
wrapper functions that communicate with a separated privileged
process via IPC. And the privileged process checks whether the
operations are acceptable.

Fixed 2 off-by-one problems.
(found by parfait, reported by jsg@)

cleanup npppd code. delete IIJ local ifdef switches and fix warnings.
ok @dlg

Initial import npppd(8). npppd is a new PPP daemon that handles many
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.

ok mcbride@ dlg@ deraadt@ reyk@.

errror -> error in log messages; from alessandro gallo

Switch base tools from /dev/bpf0 to /dev/bpf. Now that /dev/bpf has been
around for two releases, it should be safe to do so.

ok bluhm deraadt sthen tb yasuoka

Replace the /dev/bpf* open loop with a plain open("/dev/bpf0", ...).
ok deraadt jca

Replace 'arc4random() % (2^k - 1)' by 'arc4random() & (2^k - 1)' to
avoid modulo bias. Part of a diff by Matthew Martin, reviewed by
deraadt@ and me.

ok deraadt@

Simplify and lock down priv_open():
* kill the 'mode' argument
* fail if passed any flags other than O_ACCMODE OR O_NONBLOCK
* paranoia: mask O_CREAT when calling open() with only two arguments
* instead of using ioctl(FIONBIO) after the fact, pass O_NONBLOCK to
priv_open()

"good start" deraadt@
ok yasuoka@

move to <limits.h> universe
ok yasuoka

Fix typos in comments.

ok jmc, yasuoka

Switch from <sys/endian.h> or <machine/endian.h> to the new,
being-standardized <endian.h>

ok deraadt@ millert@ beck@

Stop output "Stopped" log message of the tunnel protocols.

Don't use random() because it's not safe. Use arc4random() instead of
it. Suggested by deraadt.

pppoed didn't work since it has been broken after the last
configuration parser change.

pointed out by todd.

New configuration syntax for npppd(8). `npppd.conf' will be based on
parse.y and `npppd-users' will be based on getcap(3). Add man pages.

feedback from giovanni

Trivial changes from the upstream(IIJ).
- fix styles, compile errors in some ifdef condition and compiler warnings.
- delete rtev* that was to work around routing socket overflows.
- delete is_ctrl argument from l2tp_ctrl_send_packet(). It's not used.
- tweak returning the exit status.
- use IPV6_IPSEC_POLICY for IPv6 socket.
(though npppd cannot set up a ipsec policy to the socket yet.)

ok mcbride henning

Fix comments and styles. Delete unused variables and labels.
No binary changes.

ok mcbride henning

Fix compiler warnings and some styles.

ok sebastia sthen

fix a buffer overflow in the pppoe receive packet handling.

diff from yasuoka@
ok deraadt@

add $OpenBSD$ and remove trailing space. no functional change.

Translate Japanese comments or labels into English. Translation was
done by IIJ people (MATSUI Yoshihiro, SAITOH Masanobu, Tomoyuki Sahara),
yuo@ and myself.

This diff also includes
- delete part of useless comments, correct spelling.
- add man page of npppdctl.

There is no functional change.

privilege separation of npppd.

- Drop privilege after daemon initializing.
- Some system calls that requires root privileges were replaced to
wrapper functions that communicate with a separated privileged
process via IPC. And the privileged process checks whether the
operations are acceptable.

Fixed 2 off-by-one problems.
(found by parfait, reported by jsg@)

cleanup npppd code. delete IIJ local ifdef switches and fix warnings.
ok @dlg

Initial import npppd(8). npppd is a new PPP daemon that handles many
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.

ok mcbride@ dlg@ deraadt@ reyk@.

Switch base tools from /dev/bpf0 to /dev/bpf. Now that /dev/bpf has been
around for two releases, it should be safe to do so.

ok bluhm deraadt sthen tb yasuoka

Replace the /dev/bpf* open loop with a plain open("/dev/bpf0", ...).
ok deraadt jca

Replace 'arc4random() % (2^k - 1)' by 'arc4random() & (2^k - 1)' to
avoid modulo bias. Part of a diff by Matthew Martin, reviewed by
deraadt@ and me.

ok deraadt@

Simplify and lock down priv_open():
* kill the 'mode' argument
* fail if passed any flags other than O_ACCMODE OR O_NONBLOCK
* paranoia: mask O_CREAT when calling open() with only two arguments
* instead of using ioctl(FIONBIO) after the fact, pass O_NONBLOCK to
priv_open()

"good start" deraadt@
ok yasuoka@

move to <limits.h> universe
ok yasuoka

Fix typos in comments.

ok jmc, yasuoka

Switch from <sys/endian.h> or <machine/endian.h> to the new,
being-standardized <endian.h>

ok deraadt@ millert@ beck@

Stop output "Stopped" log message of the tunnel protocols.

Don't use random() because it's not safe. Use arc4random() instead of
it. Suggested by deraadt.

pppoed didn't work since it has been broken after the last
configuration parser change.

pointed out by todd.

New configuration syntax for npppd(8). `npppd.conf' will be based on
parse.y and `npppd-users' will be based on getcap(3). Add man pages.

feedback from giovanni

Trivial changes from the upstream(IIJ).
- fix styles, compile errors in some ifdef condition and compiler warnings.
- delete rtev* that was to work around routing socket overflows.
- delete is_ctrl argument from l2tp_ctrl_send_packet(). It's not used.
- tweak returning the exit status.
- use IPV6_IPSEC_POLICY for IPv6 socket.
(though npppd cannot set up a ipsec policy to the socket yet.)

ok mcbride henning

Fix comments and styles. Delete unused variables and labels.
No binary changes.

ok mcbride henning

Fix compiler warnings and some styles.

ok sebastia sthen

fix a buffer overflow in the pppoe receive packet handling.

diff from yasuoka@
ok deraadt@

add $OpenBSD$ and remove trailing space. no functional change.

Translate Japanese comments or labels into English. Translation was
done by IIJ people (MATSUI Yoshihiro, SAITOH Masanobu, Tomoyuki Sahara),
yuo@ and myself.

This diff also includes
- delete part of useless comments, correct spelling.
- add man page of npppdctl.

There is no functional change.

privilege separation of npppd.

- Drop privilege after daemon initializing.
- Some system calls that requires root privileges were replaced to
wrapper functions that communicate with a separated privileged
process via IPC. And the privileged process checks whether the
operations are acceptable.

Fixed 2 off-by-one problems.
(found by parfait, reported by jsg@)

cleanup npppd code. delete IIJ local ifdef switches and fix warnings.
ok @dlg

Initial import npppd(8). npppd is a new PPP daemon that handles many
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.

ok mcbride@ dlg@ deraadt@ reyk@.