Commit 7df5496e7b revealed a regression introduced in commit 5a71509353
which broke IPCP reset state.
ask_for_local was set to 0 if ouraddr initial value is 0, if
ask_for_local was false go->ouraddr was cleared in reset callback,
commit 5a71509353 breaks it by removing this clearing. This regression
was silent because the whole ppp pcb runtime data was cleared before
reconnecting until commit 7df5496e7b which removed this giant clearing.
Fix it by reintroducing ask_for_local boolean value, with proper initial
value following what unused function ip_check_options do.
Fixes: 7df5496e7b ("PPP, rework initial/reconnect cleanup")
Fixes: 5a71509353 ("PPP, CORE, IPCP: removed useless ask_for_local boolean")
Let lwip use functions/macros prefixed by lwip_ internally to avoid naming clashes with external #includes.
Remove over-complicated #define handling in def.h
Make functions easier to override in cc.h. The following is sufficient now (no more LWIP_PLATFORM_BYTESWAP):
#define lwip_htons(x) <your_htons>
#define lwip_htonl(x) <your_htonl>
The check for link up was missing, meaning valid LCP echo request/reply
packets are filtered whatever the PPP state is, despite what the comment
says.
Fix it by checking the PPP state as we would like to have done when it
was written.
Master state is almost exactly the same thing as dead state, move it
next to dead state. Holdoff state is actually the state just before
initialize, move it before initialize.
The goal is to be able to use > running or => terminate condition to
check a currently running disconnection phase, which is not possible
today without excluding master and holdoff states.
Van Jacobson TCP header compression only apply if TCP is enabled,
therefore we need to disable VJ compression if TCP is disabled.
We already have conditions to enforce VJ disabling if IPv4 is disabled
or if PPPoS is disabled, add TCP to those conditions and remove
unecessary VJ_SUPPORT && LWIP_TCP conditions.
This function only set PPP to initialize phase, and it is only called at
the very beginning of functions where it is called. It means we could
as well set the initialize phase before calling those functions in the
PPP core.
This reverts commit d43c092f171e683028e184af56333dab9ce79fcb.
We don't actually need it, init.c is including ppp_opts.h and is doing
the following:
#if !LWIP_ETHERNET && (LWIP_ARP || PPPOE_SUPPORT)
#error "LWIP_ETHERNET needs to be turned on for LWIP_ARP or PPPOE_SUPPORT"
#endif
so the LWIP_ETHERNET fixup is not necessary per se, compatibility with
previously used lwipopts.h files is broken but at least user is warned.
Ethernet support is required for PPPoE but Ethernet support is only set
by default in opt.h if ARP is enabled, which is wrong because the right
condition is ARP and/or PPPoE, unfortunately PPPOE_SUPPORT can't be used
in opt.h because it is not defined if ppp_opts.h is not included before
opt.h in user code.
Fixup the LWIP_ETHERNET configuration value in ppp_opts.h in order to
force Ethernet support if PPPoE is enabled.
Fixes: 3ad2ad2329 ("Remove reference to PPPOE_SUPPORT in opt.h - leads
to compile errors because it has no default definition (only in
ppp_opts.h)"
There is two passive modes for PPPoS, passive more, for which we will
try to connect and then listen silently, and silent mode, for which we
will listen silently from the beginning.
Introduce ppp_set_passive and ppp_set_silent so the mode can be chosen
before connecting/listening.
All modules using PolarSSL embedded library are now using pppcrypt.h.
This header use to be only necessary for MSCHAP and was not built if
MSCHAP wasn't enabled, we unfortunately left the build condition.
Introduced by 3417a02b25: PPP: add a function map for hashes and ciphers
to prepare for mbed TLS support.
Setting PPP authentication most only be done when the PPP PCB is in the
dead phase (i.e. disconnected). This is safe to access the PPP PCB
members while the session is down, therefore providing a thread-safe
function of it is meaningless and it might even be misleading.
All our new ppp_set_* functions do not have their equivalent
pppapi_set_* functions and they are not going to have them. At least
we make ppp_set_auth consistent with all others ppp_set_*, so that it
doesn't look like special.
Helper function to setup MPPE (Microsoft Point to Point Encryption) for
a PPP link. Allows enabling/disabled MPPE itself, enabling/disabling
stateless support, and whether we are willing to negotiate 40-bit
and/or 128-bit encryptions.
Wait for up to the specified milliseconds for a valid PPP packet from
the peer. At the end of this time, or when a valid PPP packet is
received from the peer, we commence negotiation by sending our first
LCP packet.
This is useful because PPP does not deal properly when both peers
are sending the first LCP packet in the exact same time, which causes
delays because they both wait for a reply for their own packet.
PPP auth required flag is currently hardcoded to true if PPP is
acting as a server and set to false if PPP is acting as a client.
This is probably the most wanted behavior, but since we now have the
ability to change that at runtime, allow users to do it.
It means we can now have a server which asks the client to authenticate
or vice versa. This is pretty unusual thought. What we don't support
yet is mutual authentication with a different set of user and password
per direction which is even less usual.
PPP use peer DNS setting is currently hardcoded to true if PPP is
acting as a client and set to false if PPP is actinf as a server.
This is probably the most wanted behavior, but since we now have the
ability to change that at runtime, allow users to do it.
We don't have a way to have a different default configuration if the
PPP PCB is going to be used as a client or as a server, therefore the
default configuration should be fine for both of them. Since enabling
peer DNS by default is dangerous for server mode, the default is now
not to ask for DNS servers and it should now be explicitely enabled
if needed, update the documentation accordingly.
Now that we have helpers to set those members externaly, pppos_listen
struct ppp_addrs* argument does not add any value. In addition it
was not a well chosen design choice because the user needed to keep a
copy of struct ppp_addrs when listening again for a new connection.
Mostly for PPP server support, but not limited too, we need a way to
configure static IPv4 addresses for our side (our), peer side (his),
and two DNS server addresses if peer asks for them.
This function does not clear anything anymore. What it is now is an
optional way to notify PPP that link layer is started, changing the
PPP state from "dead" to "initialize". Rename it accordingly to what
the function really is.
Our previous way of doing it was to clear everything except a small part
of the ppp_pcb structure and then populate the structure with default
values using protocols init functions.
But it means the user is currently not allowed to change the default
configuration except the few flags and values that are currently
available in the ppp_settings structure.
Instead of adding more and more fields to the ppp_settings structure,
actually making them duplicate of already existing structure members
of ppp_pcb, but unfortunately cleaned, we carefully checked that
everything is properly cleaned during protocol lowerdown/close and
replaced our giant memset to selective memset of the few ppp_pcb
members that are not properly cleaned.
PPP users can now choose to use an external mbed TLS copy instead of using
our internal old version (but released under a BSDish license) PolarSSL copy.
In order to welcome mbed TLS, we need to ease the switch to:
- embedded PolarSSL 0.10.1-bsd copy
or - external PolarSSL
or - external mbed TLS
This change cleanup all our previously used LWIP_INCLUDED_POLARSSL_* defines,
which were not really useful after all, making them internal build triggers
only, and this change provides a new unique global flag to use an external
PolarSSL copy.
Unfortunately, all functions were renamed when PolarSSL was renamed to
mbed TLS, breaking the API. In order to continue supporting our embedded
PolarSSL copy while allowing our users to use mbed TLS, we need a function
map to deal with the API break.
This commit add a function map for all hashes and ciphers we are currently
using.
Simon says:
ppp_init() does not seem to be used. The only thing it does is calling
magic_init(), which is not required because it its called again later
from ppp_input().
Also, the time from startup is rather constant, so calling sys_jiffies()
from ppp_init() does not create a random number.
