Re: npppd(8): remove "pipex" option

Wed, 01 Feb 2023 10:33:05 -0800 

On Wed, Feb 01, 2023 at 09:00:13PM +0900, YASUOKA Masahiko wrote:
> Hi
> 
> ...
> 
> But I think we should keep the part since it is needed when adding a
> tunneling protocol which is not supported by pipex, or running npppd
> on another OS.
> 
> >> If having "pipex yes/no" configuration is misleading, we can improve
> >> the man page or the configuration itself.
> > 
> >      pipex yes | no
> >              Specify whether npppd(8) uses pipex(4).  The default is
> >              “yes”. The sysctl(8) variable net.pipex.enable should
> >              also be enabled to use pipex(4).
> > 
> > There is no misleading. But with "pipex no" npppd(8) is usable with
> > pppac(4), but with pppx(4) it is not. Also, I don't like that it
> > successfully creates connection. Guess, it better to deny "pipex no"
> > for pppx(4).
> 
> I agree both.
>

So, deny "pipex no" for pppx(4) interfaces.

Index: usr.sbin/npppd/npppd/npppd.conf.5
===================================================================
RCS file: /cvs/src/usr.sbin/npppd/npppd/npppd.conf.5,v
retrieving revision 1.30
diff -u -p -r1.30 npppd.conf.5
--- usr.sbin/npppd/npppd/npppd.conf.5   31 Mar 2022 17:27:30 -0000      1.30
+++ usr.sbin/npppd/npppd/npppd.conf.5   1 Feb 2023 18:28:29 -0000
@@ -362,6 +362,11 @@ variable
 .Va net.pipex.enable
 should also be enabled to use
 .Xr pipex 4 .
+This value must be
+.Dq yes
+for
+.Xr pppx 4
+interfaces.
 .It Ic debug-dump-pktin Ar protocol ...
 If this option is specified,
 .Xr npppd 8
Index: usr.sbin/npppd/npppd/parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/npppd/npppd/parse.y,v
retrieving revision 1.25
diff -u -p -r1.25 parse.y
--- usr.sbin/npppd/npppd/parse.y        15 Oct 2021 15:01:28 -0000      1.25
+++ usr.sbin/npppd/npppd/parse.y        1 Feb 2023 18:28:29 -0000
@@ -924,6 +924,14 @@ bind               : BIND TUNNEL FROM STRING AUTHENTI
                                free($9);
                                YYERROR;
                        }
+                       if (tunn->pipex == 0 && iface->is_pppx) {
+                               yyerror("pipex should be enabled for"
+                                   " interface %s", $9);
+                               free($4);
+                               free($7);
+                               free($9);
+                               YYERROR;
+                       }
                        if ((n = malloc(sizeof(struct confbind))) == NULL) {
                                yyerror("out of memory");
                                free($4);

Reply via email to