a buffer overflow, but might negatively impact those hosts who have
enough aliases to fill MAXHOSTNAMELEN * 2 characters in them.
Good candidate for merging back into -stable. Lightly tested by me, but
it came from OpenBSD a while ago.
Obtained from: OpenBSD
use strncat correctly
check buffer size in graph_name
Change paths from /tmp to /var/run for server sockets
This has been building in my tree for ages, but has remained lightly
tested.
Reviewed by: jkh ages ago
*after* shuffling fragments from the IP queue into the
individual link queues.
This fixes a latency problem pointed out by: Bruce Evans <bde@zeta.org.au>
to be created if it's missing, otherwise completely ignore it's modes and
owners. Primary intended targets: /usr/src and /usr/obj.
Adjust the 'not created: File exists' message to mention that it's a
directory that's the problem, otherwise it doesn't make sense.
I had created chown-style -L and -P flag to control logical/physical mode
(ie: whether symlinks were followed), but the nochange flag is enough to
get the blasted thing out of my hair so I took them back out.
-current branch. I mistakenly checked out the 2.2.x rpc.ypxfrd into my
-current working directory. No harm done, but I got really confused
when I went to check out rpc.ypxfrd again and found the changes I
wanted to make were already there. (I'm going to fix the other 2.2.x
versions of the other programs in a minute.)
Anyway: protect errno in the signal handler, in the -current version
of rpc.ypxfrd this time.
that we're now closing, manually HUP that session leader
so that the tty is fully released.
o Always restart our carrier detect timer in the receiving
process if it was running in the sending process (as we
now *always* pass the descriptor).
o Tweak argv when we go into pause() mode to keep our session
so that ps can see what's going on (without checking for a
`pause' state in `ps -l').
in `set mode', `allow modes', on the command line and when
outputting mode names. The strings are matched so that only
enough characters to uniquely identify the string are required,
so you can now
ppp -a mylabel (for auto mode)
ppp -b mylabel (for background mode)
ppp -dd mylabel (for direct dial mode)
etc.
o Make -ddial dial when specified on the command line (oops).
Pointed out by: Alex <garbanzo@hooked.net>
of supporting architectures with different device names.
o Close /dev/tunX when destroying the bundle.
o Don't forget to close the parent end of the pipe in the child
process when exec'ing a program from a chat script.
o If we close our controlling terminal, ditch the current session
with it, allowing getty(8) (or whatever) to regain control.
o After transferring our controlling terminal descriptor to another
ppp instance, we now fork a new ppp to continue where we left off,
transferring ownership of all uucp locks and the /var/run/tunX.pid
file. Meanwhile the parent closes all file descriptors, defaults
all signals and does a pause() to wait for a HUP after the
transferred descriptor is finally closed.
We don't run /bin/cat any more (again!).
Suggested by: bde
TODO: It seems clocal devices need their pause()d session leader
to be given a manual HUP, as closing the last open descriptor
doesn't do the job.
generate the data to transfer.
o Transfer uucp lock ownership for the transferred device.
o Don't assume we know the correct values of dev_is_modem and
mbits after the transfer.
This is obviously not a terribly used function as it's apparently been
broken forever.
It IS possible that this fix is wrong and that the KERNEL is wrong
(in which case you should fix if_ethersubr.c) either way it certainly has more hope of
working now than before. I'd take it to 2.2 except that obviously no-one cares :-)
Move a.out libraries to /usr/lib/aout to make space for ELF libs.
Make rtld usr /usr/lib/aout as default library path.
Make ldconfig reject /usr/lib as an a.out library path.
Fix various Makefiles for LIBDIR!=/usr/lib breakage.
This will after a make world & reboot give a system that no
longer uses /usr/lib/*, infact one could remove all the old
libraries there, they are not used anymore.
We are getting close to an ELF make world, but I'll let this
all settle for a week or two...
transferring session rights with them. Instead, create two
`/bin/cat' processes. A new child is spawned and disassociated from
the terminal and the parent, which continues with the rest of the ppp
process. Meanwhile, the parent spawns another child, and both the
parent and child exec the `/bin/cat' commands with the appropriate
descriptors. This way, the session is owned by the parent, and the
tty is held open.
o Close LCPs that have done a TLF and are now in ST_STOPPED before
calling Down. This prevents them from trying to come back up again
after the peer has shut them down (it seems a bit strange that the
rfc says that a Down in ST_STOPPED will cause a TLS etc).
o Don't try to set the physical link name pointer when we're receiving
and renaming a datalink. The physical hasn't been created yet, and as
it happens, the garbage physical pointer happens to be the value of another
physical - so we're pointing that other physical name at ourselves.
yeuck.
o Re-arrange the order of things in main (DoLoop()). We now handle
signals only after the select and not before the UpdateSet. It's
possible that either a signal (FSM timeout) or a descriptor_Read()
brings a link down, after which we'd better tidy up any dead direct
and 1off descriptors before calling UpdateSet() again.
o Mention when we detect a PPP packet when we see one before the link
is up (then start LCP as before).
It's now dealt with by the `server' object. This simplifies
things as we only have one list of prompt descriptors and
the log_ routines check prompt::logactive to determine
whether it should be used for output.
o Include the MP socket UpdateSet() result in bundle::UpdateSet().
o Don't select on the tun device unless we're in NETWORK
phase or AUTO mode.
o Stop the idle timer when we go to DEAD phase. We may
have transferred a link and not had a chance to kill
it.
o Don't fail when trying to unlink our transferred datalink
from our descriptor lists just before the transfer.
o Add our link descriptor to the write set if we got a short
write the last time (physical::out is set).
o Log the connection source address when a connection is closed.
o Remove descriptor::next field. Descriptor lists are not required
any more.
incoming fragments when a link goes down.
o Don't use the minimum sequence numbers of links that aren't open.
o Understand sequence number wrapping when determining the minimum
sequence number.
o Add & adjust a few comments.
thresholds (in terms of queued packets for a period of time)
where -auto links will be brought up and down. By default,
all auto links come up when we reach NETWORK phase and never
go down.
o Display current autoload state in `show bundle'.
o Disable the idle timer as soon as it's called.
o Disable the idle and autoload timers when exiting (in case
we're abending).
This change is likely to introduce a few linebreaks in the boot
messages, but that is not easy to solve without breaking syslogd
semantics. Maybe the right fix is to return an integral number
of lines from the kernel driver.
Noticed by: dg
is not possible to switch to or from dedicated or direct mode,
but all other combinations are ok (eg. -auto -> -ddial).
o Cope with the fact that commands with optional context may not
be able to obtain a link with command_ChooseLink() (if all links
have been deleted for example).
o Allow `clone'ing in non-multilink mode. We may for example want
to configure two links in unilink mode and dial them both, using
the one that comes up first. It's also possible to rename
``deflink'' by cloning it, deleting the original, then setting
the mode of the new link.
the bundle has the opportunity to go PHASE_DEAD and cleanup
the interface (if it's the last link).
o Regnerate our phys_type value when we transfer the link.
o Always clean up the interface when destroying our bundle in case
we're abending.
o Always clean up our interface when the last link is gone rather than
delaying things 'till exit time in the -direct case (the interface
is useless anyway). Do this *after* slamming down our NCPs (if
they're still around).
o Our MP server descriptor now clears the relevent device descriptor
from our descriptor [fd]sets when a datalink is on death-row (to
be transferred to another running ppp), thus avoiding the possibility
of passing a bum descriptor to select() and having ppp abend.
o Handle the MP socket descriptor functions from within the bundle
descriptor functions. Now we ensure that the MP socket descriptor
functions see the descriptor sets *after* they've been seen by our
datalinks.
o Add/fix a few more comments.
into the ST_STOPPED state.
o Allow an optional ccp|lcp argument to `down'. The default is
still lcp (as before). You can now call down with no context
in multilink mode, in which case it'll down the multilink ccp
or the entire bundle (*very* rude).
o Allow an optional `!' after `close ccp' (close ccp!) to tell
ccp to stay in the CLOSED state after the terminate ACK. The
default is now to re-enter STOPPED so that the peer can bring
the layer back up if desired.
o Always handle proto-compressed packets, even if we've agreed
(in LCP) that the peer will not send us 1 byte protocols.
If the peer violates the LCP agreement, log it to the HDLC
log.
o Fix some comments.
to attempt to unblock SIGCHLD, but we actually want to unignore SIGPIPE.
Obtained from: OpenBSD
Finished conversion from sigvec to sigaction (don't assume that sa_mask
is a scalar...). Didn't convert from sigblock to sigprocmask. Didn't
fix missing error checking for sigaction...
apparently, unlike the IDE or SCSI CDROM drivers, this is magically
special-cased for audio CDs. This also might explain what happened
with scd (Sony) CDs also since I made the same change there. A follow-up
commit will fix that. Thanks, Dave!
PR: 6576
Submitted by: Dave Marquardt <marquard@zilker.net>
o Log FD_SET()s in LogTIMER.
o Identify the descriptor that causes an EBADF from select()
if LogTIMER is enabled (then exit).
o Call the MP server UpdateSet() function after calling
the UpdateSet() for all links - the link may enter
PHASE_TERMINATE and bring down the MP server - breaking
the imminent select().
PR: docs/6385
2) -n (noaction) does not imply -r (run as non-root), since as of
Rev. 1.12 (ache), -r changes actual behaviour.
3) missing \n from if(noaction) messages.
the first ``%d'' in the unix-domain socket name with the
current interface unit number. In the case of tcp ports, allow
a ``+'' prefix to add the unit number to the specified port
number.
o Remove all mention of SIGUSR1 (was already #ifdef'd out). We
can't create diagnostic sockets on-the-fly with a signal any
more because there's no way of specifying the password without
confusing matters with the previous ppp.secret scenario.
LQM and HDLC timer diagnostics come out with the correct name.
o Don't send an LQR immediately upon reviving a datalink. Leave
it 'till the next timeout.
o Add the link name to some more LQR diagnostics.
o Break out of the main loop when a descriptor exception is seen
in select().
o Remove the evil nointr_[u]sleep() functions. Timers should be
(and are) used instead.
o Treat a read() of 0 bytes as an error that's fatal to the link
on which the read() is done. We should never read() 0 after
select() says there's something there - not unless the link
has been closed by the other side.
o Write the data seen before a HDLC header to the terminal in
`term' mode, *not* back to the modem :-/
o Initialise our transmitted file descriptor before starting any
timers.
o Only send data links that have *no* pending output data. This
means that our final ACK will be written rather than being
nuked with the datalink transmission.
forks. Furthermore, invalid input for tcpmux does not lead to
an exiting inetd.
This patch is recommended for people running tcpmux (which is NOT
enabled by default)
for the last NCP TLF.
o Move tun reading from the main loop into the bundle descriptor
handling routines.
o Cosmetic: Add a few `const's and make some diagnostics clearer.
libraries, so that `ld -f' in can create correct dependencies for
yet-to-be-built libraries.
Use `DIR!= cd ...libbind; make -V .OBJDIR' to find libbind's object dir
if it doesn't seem to be in its usual place relative to ${.OBJDIR}.
This fixes `cd /usr/src/usr.sbin/nslookup; mkdir obj; make'.
Any `add' or `delete' command that uses MYADDR or HISADDR
will be added to the sticky route list (show ipcp). When
MYADDR or HISADDR change due to IPCP negotiations, and if
`sroutes' is enabled (the default), all sticky route
entries are updated in the routing table.
The end result is that `add default hisaddr' will ``stick'',
as will ``add myaddr 255.255.255.255 127.0.0.1'' and
``add 1.2.3.4 255.255.255.0 hisaddr''.
according to SHORTSEQ negotiation.
o Don't forget to attach incoming fragments with a
number greater than everything else in the queue
(rather than leaking memory).
o Output the link name with the ``other'' hdlc
diagnostic message.
o Correct a VJ diagnostic (`COMPPROTO', not `proto').
throughput measurement is enabled).
o Load balance the links based on weight *and* on a round-robin
basis. This makes things fairly even on an output basis. We
don't try to allow for the peer sending all his data down one
link (and try to send ours back up the other).
o Show the number of pending input buffers that can't be processed
in ``show mp''.
o Fix a typo in the man page.
default, at least in BSD. This used to be automatic, because chown(2)
didn't follow symlinks. When chown(2) was changed to follow symlinks
in BSD4.4, chown(8) was changed to not follow symlinks by default.
The previous commit broke this. The first victim was bsd.prog.mk,
which uses a plain chown in an attempt to change the ownership of the
symlinks to `dm' in /usr/games. This fails when it is done before
dm is installed, or messes up the ownership of dm if dm is installed.
Unfixed problems:
1. When lchown(2) was implemented, chown(8) wasn't changed to implement
the historical behaviour of changing ownership of symlinks. I'm not
sure if it should have been. The -HLP options give more complete
control, but they unfortunately don't apply unless the -R option is
specified (a problem shared with other commands, e.g., cp; I guess
we're supposed to use -R even for non-recursive traversals).
2. If we implement the historical behaviour, then -h would become a no-op
and should be left undocumented.
3. The man page suggests that without option -h, all symlinks (to files
specified in the command line?) are followed. It's not clear what
"the file" is. These bugs were introduced when -h was documented.
4. The correct interaction of -h with the other flags is not clear.
using the scatter/gather array to transfer the link
information. The whole link is now passed in one message.
This is far better than the two `/bin/cat' processes per additional
link :-) I remember years ago thinking that file descriptor
transferral would be a really amazing facility !
Suggested by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
and: Eivind Eklund <eivind@yes.no>
exec()ing. Tidy up file dups in general prior to exec().
This prevents our tun device (fd 3) from staying open (and
configured) despite handing off all it's links and exiting
(because ``cat'' holds it open).
o Don't bother SIG_DFL'ing signals before exec() as they're
already trapped with specific handlers and will be handled
correctly by the exec.
o Use values from paths.h for "/dev/" and "/dev/tty".
o Don't assert() in physical.c.
already-running ppp.
Suggested by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
o Use _PATH_DEVNULL rather than "/dev/null"
o Be more paranoid about nuking running timers when
transferring links.
log debug'' without filling our filesystem/screen with
junk that we don't really want to see.
o change PHYS_STDIN to PHYS_DIRECT - we can handle incoming
connections that aren't on STDIN_FILENO now.
o Allow return values from our FSM LayerUp functions. If
LayerUp() fails, the FSM does an immediate FsmDown() without
calling the fsm_parent's Layer{Up,Down} functions.
o Clear the close-on-exec flag of file descriptor 3 when executing
chat programs so that our documented ability to communicate with
/dev/tty via that descriptor works. Also document it as
descriptor 3, not 4 :-O
o Allow a ``rm'' command as an alias for ``remove''.
o Fix the bind()/connect()/accept() calls made by the MP server.
o Create bundle_SendDatalink() and bundle_ReceiveDatalink().
This allows `struct datalink's to flatten themselves, pass
through a pipe (read: the eye of a needle !) and come alive
at the other end. The donator then fork()s & exec()s pppmpipe,
``passing'' the connection to another ppp instance.
*** PPP NOW TALKS MULTILINK :-))) ***
Our link utilization is hideous, and lots of code needs
tidying still. It's also probably riddled with bugs !
It's been tested against itself only, and has hung once,
so confidence isn't high....
used. ${LIBFL} is set to a weird value in an attempt to inhibit
its use, but only breaks properly in some contexts.
Fixed the usual style bugs for DPADD and LDADD (disorder, and += for the
initial assignment).
o Create struct mpserver as part of struct mp.
mpserver creates a unix-domain socket based on the
peers auth name and endpoint discriminator. If it
already exists, ppp will ``pass the link'' over to
the owner of the socket, joining it into the bundle
of another ppp invocation, otherwise ppp waits for
other invocations to pass it links through this
socket.
The final piece of code will be the code that flattens
our datalink info and passes it down this channel
(not yet implemented).
we've determined if we're going to join another ppp invocation.
o Make ``show link'' show all link details, and ``show links''
just give a list of links and their current status.
o Show our current label in ``show bundle''.
o Allow link cloning and removal as soon as our MRRU is set.
o Make ``show lcp'' require context as nothing will ever change
in our MP LCP (it's auto-configured as per rfc1990).
o Initialise our LQM owner in hdlc_Init().
o Store our endpoint discriminator and authentication name at both
the datalink and multilink level and compare them when we've
finished AUTHENTICATE phase and before entering NETWORK phase.
If they don't match, close the link again.
Display the information in the appropriate ``show'' command.
o Initialise datalink::phone and datalink::fsmp.object properly
when we're cloning the link.
o Show which link we're passing LQRs on in our diagnostics.
o Reject endpoint discriminator REQs at the logical multilink
level.
o Remove the rest of our CARRIER and LINK logging setup.
o change the default link name to ``deflink'' rather
than ``default''.
o Prepend the link name to CCP and LCP FSM diagnostics.
o Protect against 0 length options in CCP and IPCP REQ
interpreters (already done for LCP).
o Allow optional context for the `show' command.
o Use MPs link when interpreting commands if the multilink
mrru is configured rather than when multilink is active.
This means that once we've ``set mrru xxx'', we then need
to ``link deflink show ccp'' etc if we want to do link-level
stuff (based on the command requiring optional or manditory
context).
o Use the ifconfig'd interface address in `set enddisc {ip,mac}'
if it's there, otherwise the configuration file value.
It is important that we keep the ability to send packets to a remote
server and that the packets come from our well-known port, also in
that case.
Reviewed by: peter, rgrimes.
first link in mp_Up().
o Bring MP and its CCP down when we enter phase TERMINATE,
and ditch everything in the incoming packet queue.
o Enable MRRU negotiation. Now, we can multilink
mode, but only with one physical link.
o Close the link if the peer PROTO REJs PROTO_MP.
o Prepend our protocol before passing a packet to
struct mp for fragmentation.
o Log info messages to DEBUG, not ERROR (oops).
o Align `show mp' output (again).
call it after link authentication.
o Pretty print our bundle MTU.
o Correct MP header encoding and decoding (should be network byte order).
o Add some debug diagnostics so that we can see MP fragment sending and
re-assembly.
o Don't go multilink if the peer hasn't agreed
o When negotiating multilink, don't try to push the peers
MRU up according to our `set mtu' setting. Instead, accept
whatever MRU they want and push their MRRU up instead.
o When *not* negotiating multilink, REJ short sequence number
REQs.
multilink ('cos I've seen my ISP REQ it without multilink).
Setting MRRU is ifdef'd out until it's debugged and we can
merge -direct links with other running programs.
Fix MTU setting.
o Make sure our ipcp throughput timer is stopped before being nuked
with a memset.
o Don't initialise struct async & struct hdlc twice in modem_Create().
o Clarify some comments.
change it w/out informing the program. Instead, use the (now available)
previous state returned by the kernel to make intelligent card
removal/insertion decisions.