due to linux omiting the final Z(4) in the NTLMv2 reply, and
the need for the windom for LMv2 authentication, here is a new
AuthNTLM ticket request now with length and dom fields.
in ntlmv2, the client will retry the challenge response trying a bunch
of different domain names assuming the same server challenge. so we have
to make retries work with factotum and the auth server.
also, windows 7 with compatlevel=4 sends all zeros LM response.
we now update /net/ndb with the following information gathered
from router advertisements (rfc6106 and plan9 specific options):
- recursive dns servers (option 25, ndb: dns=)
- dns search list (option 31, ndb: dnsdomain=)
- plan9 fileserver (option 250, ndb: fs=)
- plan9 authserver (option 251, ndb: auth=)
note the plan9 specific options can be disabled with the -G flag.
for ndbconfig (-N flag), we now collect all ip addresses in ndb
belonging to the devices mac address and configue them all. v6
addresses are getting added when a link local address exists
or the -6 flag has been specified to automatically configure one.
move the dhcp code in its own dhcp.c file and make symbols static
that are not used across modules.
the ::/0 route has the bad side effect of breaking v4 connections
when theres no default route due to v6 mapped v4 addresses. this
might be temporary measure.
instead of hardcoding the tunnel interface MTU to 1280,
we calculate the tunnel MTU from the outside MTU, which
can now be specified with the -m mtu option. The deault
outside MTU is 1500 - 8 (PPPoE).
instead of always just requesting the missing range
of the current piece, remember the workpiece offset
and request sequential chunks from the workpiece.
this avoids double requests of the same ranges when
the peer does not respond with the data immidiately.
when we get eof, stop the loop immidiately and do not
rely on the read to eventually return an error.
when convM2S() fails to decode the message, error out
and stop the loop. there is no point in continuing.
it is now possible to configure additional interfaces (like wifi)
and store the network information while preserving old entries
in /net/ndb. this allows to easily switch from ethernet to wifi
and have dhcp configure dns without having to clear /net/ndb.
(ppp->secret comes from factotum and it can have any size)
This patch also sets the correct state after success and
failure cases in chap negotiation (without them the code was
working because it expected the other point to pass to net
phase or due to the timer).