shithub: riscv

Download patch

ref: 16656468211681edad2c8489b7d5fc9a8e219545
parent: cbe4b116989c0bfec49b9ae7a1d9a85ead6648ae
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sun May 14 17:24:47 EDT 2023

ip/ppp: ipv6 support, cleanup routes, remove source filter, and more

establish ipv6 link-local addresses if supported.
to get a full prefix, one would need to do dhcpv6
or using slaac configuration. this will come later.

remove ipv4 default route on exit.

maintain the entries in /net/ndb on ip change and
also remove them on exit.

dont filter source address, this should be done
differently.

fix various bugs in the option iteration loops.

honour primary flag (it used to just ignore that
and set it unasked in the code... what the hell...)

--- a/sys/man/8/ppp
+++ b/sys/man/8/ppp
@@ -104,8 +104,7 @@
 can run either as a client or, with the
 .I \-S
 option, as a server.  The only differences between a client and a server is
-that the server will not believe any local address the client tries to
-supply it and that the server always initiates the authentication of the
+that the server always initiates the authentication of the
 client.
 .PP
 With no option,
--- a/sys/src/cmd/ip/ppp/ppp.c
+++ b/sys/src/cmd/ip/ppp/ppp.c
@@ -18,7 +18,6 @@
 static	int	noipcompress;
 static	int	server;
 static	int noauth;
-static	int	nip;		/* number of ip interfaces */
 static	int	dying;		/* flag to signal to all threads its time to go */
 static	int	primary;	/* this is the primary IP interface */
 static	char	*chatfile;
@@ -27,11 +26,6 @@
 char*	LOG = "ppp";
 char*	keyspec = "";
 
-enum
-{
-	Rmagic=	0x12345
-};
-
 /*
  * Calculate FCS - rfc 1331
  */
@@ -84,6 +78,7 @@
 static	void		authtimer(PPP*);
 static	void		chapinit(PPP*);
 static	void		config(PPP*, Pstate*, int);
+static	int		euitov6(Ipaddr, uchar*, int);
 static	uchar*		escapeuchar(PPP*, ulong, uchar*, ushort*);
 static	void		getchap(PPP*, Block*);
 static	Block*		getframe(PPP*, int*);
@@ -96,7 +91,6 @@
 static	char*		ipopen(PPP*);
 static	void		mediainproc(PPP*);
 static	void		newstate(PPP*, Pstate*, int);
-static	int		nipifcs(char*);
 static	void		papinit(PPP*);
 static	void		pinit(PPP*, Pstate*);
 static	void		ppptimer(PPP*);
@@ -104,7 +98,8 @@
 static	void		ptimer(PPP*, Pstate*);
 static	int		putframe(PPP*, int, Block*);
 static	void		putlqm(PPP*);
-static	void		putndb(PPP*, char*);
+static	void		putndb(PPP*);
+static	void		refresh(char*);
 static	void		putpaprequest(PPP*);
 static	void		rcv(PPP*, Pstate*, Block*);
 static	void		rejopts(PPP*, Pstate*, Block*, int);
@@ -111,8 +106,9 @@
 static	void		sendechoreq(PPP*, Pstate*);
 static	void		sendtermreq(PPP*, Pstate*);
 static	void		setphase(PPP*, int);
-static	void		terminate(PPP*, char *);
+static	void		terminate(PPP*, char*, int);
 static	int		validv4(Ipaddr);
+static	int		validv6(Ipaddr);
 static  void		dmppkt(char *s, uchar *a, int na);
 
 void
@@ -131,15 +127,26 @@
 	invalidate(ppp->wins[0]);
 	invalidate(ppp->wins[1]);
 
+	invalidate(ppp->local6);
+	invalidate(ppp->remote6);
+	invalidate(ppp->curremote6);
+	invalidate(ppp->curlocal6);
+
 	ppp->mediain = mediain;
 	ppp->mediaout = mediaout;
 	if(validv4(remip)){
 		ipmove(ppp->remote, remip);
 		ppp->remotefrozen = 1;
+	} else if(validv6(remip)){
+		ipmove(ppp->remote6, remip);
+		ppp->remote6frozen = 1;
 	}
 	if(validv4(ipaddr)){
 		ipmove(ppp->local, ipaddr);
 		ppp->localfrozen = 1;
+	} else if(validv6(ipaddr)){
+		ipmove(ppp->local6, ipaddr);
+		ppp->local6frozen = 1;
 	}
 	ppp->mtu = Defmtu;
 	ppp->mru = mtu;
@@ -149,10 +156,10 @@
 	init(ppp);
 	switch(rfork(RFPROC|RFMEM|RFNOWAIT)){
 	case -1:
-		sysfatal("forking mediainproc");
+		terminate(ppp, "forking mediainproc", 1);
 	case 0:
 		mediainproc(ppp);
-		terminate(ppp, "mediainproc");
+		terminate(ppp, "mediainproc", 0);
 		exits(nil);
 	}
 }
@@ -187,6 +194,12 @@
 		ppp->ipcp->proto = Pipcp;
 		ppp->ipcp->state = Sclosed;
 
+		ppp->ipv6cp = mallocz(sizeof(*ppp->ipv6cp), 1);
+		if(ppp->ipv6cp == nil)
+			abort();
+		ppp->ipv6cp->proto = Pipv6cp;
+		ppp->ipv6cp->state = Sclosed;
+
 		ppp->chap = mallocz(sizeof(*ppp->chap), 1);
 		if(ppp->chap == nil)
 			abort();
@@ -197,7 +210,7 @@
 
 		switch(rfork(RFPROC|RFMEM|RFNOWAIT)){
 		case -1:
-			sysfatal("forking ppptimer");
+			terminate(ppp, "forking ppptimer", 1);
 		case 0:
 			ppptimer(ppp);
 			exits(nil);
@@ -219,9 +232,9 @@
 	ppp->phase = phase;
 	switch(phase){
 	default:
-		sysfatal("ppp: unknown phase %d", phase);
+		terminate(ppp, "phase error", 1);
 	case Pdead:
-		terminate(ppp, "protocol");
+		terminate(ppp, "protocol", 0);
 		break;
 	case Plink:
 		/* link down */
@@ -237,6 +250,7 @@
 			ppp->chap->state = Cunauth;
 			newstate(ppp, ppp->ccp, Sclosed);
 			newstate(ppp, ppp->ipcp, Sclosed);
+			newstate(ppp, ppp->ipv6cp, Sclosed);
 		}
 		break;
 	case Pauth:
@@ -260,6 +274,7 @@
 	case Pnet:
 		pinit(ppp, ppp->ccp);
 		pinit(ppp, ppp->ipcp);
+		pinit(ppp, ppp->ipv6cp);
 		break;
 	}
 }
@@ -288,6 +303,8 @@
 			p->optmask &= ~Fpc;
 			ppp->ipcp->optmask &= ~Fipcompress;
 		}
+		ppp->ipv6cp->state = Sclosed;
+		ppp->ipv6cp->optmask = 0xffffffff;
 		p->echoack = 0;
 		p->echotimeout = 0;
 
@@ -320,6 +337,9 @@
 		p->optmask = 0xffffffff;
 		ppp->ctcp = compress_init(ppp->ctcp);
 		break;
+	case Pipv6cp:
+		p->optmask = 0xffffffff;
+		break;
 	}
 	p->confid = p->rcvdconfid = -1;
 	config(ppp, p, 1);
@@ -367,13 +387,13 @@
 		}
 	}
 
-	if(p->proto == Pipcp && state == Sopened) {
+	if((p->proto == Pipcp || p->proto == Pipv6cp) && state == Sopened) {
 		if(server && !noauth && ppp->chap->state != Cauthok)
 			abort();
 
 		err = ipopen(ppp);
 		if(err != nil)
-			sysfatal("%s", err);
+			terminate(ppp, err, 1);
 	}
 
 	p->state = state;
@@ -653,6 +673,15 @@
 	*b->wptr++ = 2;
 }
 
+static void
+putoeui64(Block *b, int type, uchar data[8])
+{
+	*b->wptr++ = type;
+	*b->wptr++ = 8+2;
+	memmove(b->wptr, data, 8);
+	b->wptr += 8;
+}
+
 /*
  *  send configuration request
  */
@@ -706,17 +735,16 @@
 		break;
 	case Pipcp:
 		if(p->optmask & Fipaddr){
-			syslog(0, LOG, "requesting %I", ppp->local);
+			syslog(0, LOG, "requesting IPv4 %I", ppp->local);
 			putv4o(b, Oipaddr, ppp->local);
 		}
-		primary = 1;
-		if(primary && (p->optmask & Fipdns))
+		if(p->optmask & Fipdns)
 			putv4o(b, Oipdns, ppp->dns[0]);
-		if(primary && (p->optmask & Fipdns2))
+		if(p->optmask & Fipdns2)
 			putv4o(b, Oipdns2, ppp->dns[1]);
-		if(primary && (p->optmask & Fipwins))
+		if(p->optmask & Fipwins)
 			putv4o(b, Oipwins, ppp->wins[0]);
-		if(primary && (p->optmask & Fipwins2))
+		if(p->optmask & Fipwins2)
 			putv4o(b, Oipwins2, ppp->wins[1]);
 		/*
 		 * don't ask for header compression while data compression is still pending.
@@ -731,6 +759,12 @@
 			*b->wptr++ = 1;
 		}
 		break;
+	case Pipv6cp:
+		if(p->optmask & Fipv6eui){
+			syslog(0, LOG, "requesting IPv6 %I", ppp->local6);
+			putoeui64(b, Oipv6eui, &ppp->local6[8]);
+		}
+		break;
 	}
 	hnputs(m->len, BLEN(b));
 	printopts(p, b, 1);
@@ -785,7 +819,7 @@
 	ulong x;
 	Block *repb;
 	Comptype *ctype;
-	Ipaddr ipaddr;
+	Ipaddr ipaddr, ipaddr6;
 
 	rejecting = 0;
 	nacking = 0;
@@ -793,6 +827,7 @@
 
 	/* defaults */
 	invalidate(ipaddr);
+	invalidate(ipaddr6);
 	mtu = ppp->mtu;
 	ctlmap = 0xffffffff;
 	period = 0;
@@ -809,7 +844,7 @@
 	/* look for options we don't recognize or like */
 	for(cp = m->data; cp < b->wptr; cp += o->len){
 		o = (Lcpopt*)cp;
-		if(cp + o->len > b->wptr || o->len==0){
+		if(cp + o->len > b->wptr || o->len < 2){
 			freeb(repb);
 			netlog("ppp: bad option length %ux\n", o->type);
 			return -1;
@@ -965,6 +1000,24 @@
 				continue;
 			}
 			break;
+		case Pipv6cp:
+			switch(o->type){
+			case Oipv6eui:	
+				euitov6(ipaddr6, o->data, o->len-2);
+				if(!validv6(ppp->remote6))
+					continue;
+				if(!validv6(ipaddr6) && !rejecting){
+					/* other side requesting an address */
+					if(!nacking){
+						nacking = 1;
+						repb->wptr = repm->data;
+						repm->code = Lconfnak;
+					}
+					putoeui64(repb, Oipv6eui, &ppp->remote6[8]);
+				}
+				continue;
+			}
+			break;
 		}
 
 		/* come here if option is not recognized */
@@ -1006,6 +1059,10 @@
 			if(validv4(ipaddr) && ppp->remotefrozen == 0)
  				ipmove(ppp->remote, ipaddr);
 			break;
+		case Pipv6cp:
+			if(validv6(ipaddr6) && ppp->remote6frozen == 0)
+ 				ipmove(ppp->remote6, ipaddr6);
+			break;
 		}
 		p->flags = flags;
 	}
@@ -1034,28 +1091,36 @@
 static void
 dropoption(Pstate *p, Lcpopt *o)
 {
-	unsigned n = o->type;
-
-	switch(n){
-	case Oipaddr:
+	switch(p->proto){
+	case Pipcp:
+		switch(o->type){
+		case Oipaddr:
+			/* never drop it */
+			return;
+		case Oipdns:
+			p->optmask &= ~Fipdns;
+			return;
+		case Oipwins:
+			p->optmask &= ~Fipwins;
+			return;
+		case Oipdns2:
+			p->optmask &= ~Fipdns2;
+			return;
+		case Oipwins2:
+			p->optmask &= ~Fipwins2;
+			return;
+		}
 		break;
-	case Oipdns:
-		p->optmask &= ~Fipdns;
+	case Pipv6cp:
+		switch(o->type){
+		case Oipv6eui:
+			/* never drop it */
+			return;
+		}
 		break;
-	case Oipwins:
-		p->optmask &= ~Fipwins;
-		break;
-	case Oipdns2:
-		p->optmask &= ~Fipdns2;
-		break;
-	case Oipwins2:
-		p->optmask &= ~Fipwins2;
-		break;
-	default:
-		if(o->type < 8*sizeof(p->optmask))
-			p->optmask &= ~(1<<o->type);
-		break;
 	}
+	if(o->type < 8*sizeof(p->optmask))
+		p->optmask &= ~(1<<o->type);
 }
 
 /*
@@ -1067,13 +1132,13 @@
 {
 	Lcpmsg *m;
 	Lcpopt *o;
-	uchar newip[IPaddrlen];
+	Ipaddr newip;
 
 	/* just give up trying what the other side doesn't like */
 	m = (Lcpmsg*)b->rptr;
 	for(b->rptr = m->data; b->rptr < b->wptr; b->rptr += o->len){
 		o = (Lcpopt*)b->rptr;
-		if(b->rptr + o->len > b->wptr){
+		if(b->rptr + o->len > b->wptr || o->len < 2){
 			netlog("ppp: bad roption length %ux\n", o->type);
 			return;
 		}
@@ -1094,12 +1159,10 @@
 			case Oauth:
 				/* don't allow client to request no auth */
 				/* could try different auth protocol here */
-				fprint(2, "ppp: can not reject CHAP\n");
-				exits("ppp: CHAP");
-				break;
+				terminate(ppp, "chap rejected", 0);
+				return;
 			default:
-				if(o->type < 8*sizeof(p->optmask))
-					p->optmask &= ~(1<<o->type);
+				dropoption(p, o);
 				break;
 			};
 			break;
@@ -1113,7 +1176,8 @@
 		case Pipcp:
 			switch(o->type){
 			case Oipaddr:
-				syslog(0, LOG, "rejected addr %I with %V", ppp->local, o->data);
+				v4tov6(newip, o->data);
+				syslog(0, LOG, "rejected IPv4 addr %I with %I", ppp->local, newip);
 				/* if we're a server, don't let other end change our addr */
 				if(ppp->localfrozen){
 					dropoption(p, o);
@@ -1122,13 +1186,12 @@
 
 				/* accept whatever server tells us */
 				if(!validv4(ppp->local)){
-					v4tov6(ppp->local, o->data);
+					ipmove(ppp->local, newip);
 					dropoption(p, o);
 					break;
 				}
 
 				/* if he didn't like our addr, ask for a generic one */
-				v4tov6(newip, o->data);
 				if(!validv4(newip)){
 					invalidate(ppp->local);
 					break;
@@ -1135,7 +1198,7 @@
 				}
 
 				/* if he gives us something different, use it anyways */
-				v4tov6(ppp->local, o->data);
+				ipmove(ppp->local, newip);
 				dropoption(p, o);
 				break;
 			case Oipdns:
@@ -1199,6 +1262,36 @@
 				break;
 			}
 			break;
+		case Pipv6cp:
+			switch(o->type){
+			case Oipv6eui:
+				euitov6(newip, o->data, o->len-2);
+				syslog(0, LOG, "rejected IPv6 addr %I with %I", ppp->local6, newip);
+
+				/* if we're a server, don't let other end change our addr */
+				if(ppp->local6frozen){
+					dropoption(p, o);
+					break;
+				}
+				/* accept whatever server tells us */
+				if(!validv6(ppp->local6)){
+					ipmove(ppp->local6, newip);
+					dropoption(p, o);
+					break;
+				}
+				/* if he didn't like our addr, ask for a generic one */
+				if(!validv6(newip)){
+					invalidate(ppp->local6);
+					break;
+				}
+				/* if he gives us something different, use it anyways */
+				ipmove(ppp->local6, newip);
+				dropoption(p, o);
+				break;
+			default:
+				dropoption(p, o);
+				break;
+			}
 		}
 	}
 }
@@ -1316,6 +1409,8 @@
 		case Sacksent:
 			printopts(p, b, 0);
 			rejopts(ppp, p, b, m->code);
+			if(dying)
+				break;
 			config(ppp, p, 1);
 			break;
 		}
@@ -1453,7 +1548,7 @@
 		putpaprequest(ppp);
 	else {
 		netlog("ppp: pap timed out--not authorized\n");
-		terminate(ppp, "pap timeout");
+		terminate(ppp, "pap timeout", 0);
 	}
 }
 
@@ -1464,7 +1559,7 @@
 		ppp->lcp->echotimeout = (3*4*1000+Period-1)/Period;
 	else if(--(ppp->lcp->echotimeout) <= 0){
 		netlog("ppp: echo request timeout\n");
-		terminate(ppp, "echo timeout");
+		terminate(ppp, "echo timeout", 0);
 		return;
 	}
 	ppp->lcp->echoack = 0;
@@ -1489,6 +1584,7 @@
 			case Pnet:
 				ptimer(ppp, ppp->ccp);
 				ptimer(ppp, ppp->ipcp);
+				ptimer(ppp, ppp->ipv6cp);
 
 				pingtimer(ppp);
 				break;
@@ -1511,20 +1607,52 @@
 static void
 defroute(char *net, char *verb, Ipaddr gate, Ipaddr local)
 {
-	int fd;
 	char path[128];
+	int fd;
 
 	snprint(path, sizeof path, "%s/iproute", net);
 	fd = open(path, ORDWR);
 	if(fd < 0)
 		return;
-	fprint(fd, "tag ppp");
-	if(primary)
-		fprint(fd, "%s 0.0.0.0 0.0.0.0 %I", verb, gate);
-	fprint(fd, "%s 0.0.0.0 0.0.0.0 %I %I 255.255.255.255", verb, gate, local);
+	fprint(fd, "tag ppp\n");
+	fprint(fd, "%s 0.0.0.0 0.0.0.0 %I %I 255.255.255.255\n", verb, gate, local);
 	close(fd);
 }
 
+static int
+addip(int cfd, char *net, Ipaddr local, Ipaddr remote, int mtu)
+{
+	if(validv4(local) && validv4(remote)){
+		netlog("ppp: setting up IPv4 interface local %I remote %I\n", local, remote);
+
+		if(fprint(cfd, "add %I 255.255.255.255 %I %d proxy", local, remote, mtu-10) < 0)
+			return -1;
+
+		defroute(net, "add", remote, local);
+	} else if(validv6(local) && validv6(remote)){
+		netlog("ppp: setting up IPv6 interface local %I remote %I\n", local, remote);
+
+		if(fprint(cfd, "add %I /64 %I %d", local, remote, mtu-10) < 0)
+			return -1;
+	}
+	return 0;
+}
+
+static int
+removeip(int cfd, char *net, Ipaddr local, Ipaddr remote)
+{
+	if(validv4(local) && validv4(remote)){
+		defroute(net, "remove", remote, local);
+
+		if(fprint(cfd, "remove %I 255.255.255.255 %I", local, remote) < 0)
+			return -1;
+	} else if(validv6(local) && validv6(remote)){
+		if(fprint(cfd, "remove %I /64 %I", local, remote) < 0)
+			return -1;
+	}
+	return 0;
+}
+
 static char*
 ipopen(PPP *ppp)
 {
@@ -1545,12 +1673,6 @@
 			return "can't open ip interface";
 		}
 		buf[n] = 0;
-
-		netlog("ppp: setting up IP interface local %I remote %I (valid %d)\n",
-			ppp->local, ppp->remote, validv4(ppp->remote));
-		if(!validv4(ppp->remote))
-			ipmove(ppp->remote, ppp->local);
-
 		snprint(path, sizeof path, "%s/ipifc/%s/data", ppp->net, buf);
 		fd = open(path, ORDWR);
 		if(fd < 0){
@@ -1557,51 +1679,71 @@
 			close(cfd);
 			return "can't open ip interface";
 		}
-
-		if(fprint(cfd, "bind pkt") < 0)
-			return "binding pkt to ip interface";
-		if(fprint(cfd, "add %I 255.255.255.255 %I %lud proxy", ppp->local,
-			ppp->remote, ppp->mtu-10) < 0){
+		if(fprint(cfd, "bind pkt") < 0){
+			close(fd);
 			close(cfd);
-			return "can't set addresses";
+			return "binding pkt to ip interface";
 		}
+		if(validv4(ppp->local)){
+			if(!validv4(ppp->remote))
+				ipmove(ppp->remote, ppp->local);
+			if(addip(cfd, ppp->net, ppp->local, ppp->remote, ppp->mtu) < 0){
+				close(fd);
+				close(cfd);
+				return "can't set addresses";
+			}
+			syslog(0, LOG, "%I/%I", ppp->local, ppp->remote);
+		}
+		if(validv6(ppp->local6) && validv6(ppp->remote6)){
+			if(addip(cfd, ppp->net, ppp->local6, ppp->remote6, ppp->mtu) < 0){
+				close(fd);
+				close(cfd);
+				return "can't set addresses";
+			}
+			syslog(0, LOG, "%I/%I", ppp->local6, ppp->remote6);
+		}
 		if(baud)
 			fprint(cfd, "speed %d", baud);
-		defroute(ppp->net, "add", ppp->remote, ppp->local);
 		ppp->ipfd = fd;
 		ppp->ipcfd = cfd;
+		putndb(ppp);
+		refresh(ppp->net);
 
 		/* signal main() that ip is configured */
-		rendezvous((void*)Rmagic, 0);
+		rendezvous(ppp, 0);
 
 		switch(ipinprocpid = rfork(RFPROC|RFMEM|RFNOWAIT)){
 		case -1:
-			sysfatal("forking ipinproc");
+			terminate(ppp, "forking ipinproc", 1);
 		case 0:
 			ipinproc(ppp);
-			terminate(ppp, "ipinproc");
+			terminate(ppp, "ipinproc", 0);
 			exits(nil);
 		}
 	} else {
 		/* we may have changed addresses */
-		if(ipcmp(ppp->local, ppp->curlocal) != 0 ||
-		   ipcmp(ppp->remote, ppp->curremote) != 0){
-			defroute(ppp->net, "remove", ppp->curremote, ppp->curlocal);
-			snprint(buf, sizeof buf, "remove %I 255.255.255.255 %I",
-			    ppp->curlocal, ppp->curremote);
-			if(fprint(ppp->ipcfd, "%s", buf) < 0)
-				syslog(0, LOG, "can't %s: %r", buf);
-			snprint(buf, sizeof buf, "add %I 255.255.255.255 %I %lud proxy",
-			    ppp->local, ppp->remote, ppp->mtu-10);
-			if(fprint(ppp->ipcfd, "%s", buf) < 0)
-				syslog(0, LOG, "can't %s: %r", buf);
-			defroute(ppp->net, "add", ppp->remote, ppp->local);
+		if(ipcmp(ppp->local, ppp->curlocal) != 0 || ipcmp(ppp->remote, ppp->curremote) != 0){
+			removeip(ppp->ipcfd, ppp->net, ppp->curlocal, ppp->curremote);
+			addip(ppp->ipcfd, ppp->net, ppp->local, ppp->remote, ppp->mtu);
+
+			syslog(0, LOG, "%I/%I -> %I/%I", ppp->curlocal, ppp->curremote,
+				ppp->local, ppp->remote);
 		}
-		syslog(0, LOG, "%I/%I -> %I/%I", ppp->curlocal, ppp->curremote,
-		   ppp->local, ppp->remote);
+		if(ipcmp(ppp->local6, ppp->curlocal6) != 0 || ipcmp(ppp->remote6, ppp->curremote6) != 0){
+			removeip(ppp->ipcfd, ppp->net, ppp->curlocal6, ppp->curremote6);
+			addip(ppp->ipcfd, ppp->net, ppp->local6, ppp->remote6, ppp->mtu);
+
+			syslog(0, LOG, "%I/%I -> %I/%I", ppp->curlocal6, ppp->curremote6,
+				ppp->local6, ppp->remote6);
+		}
+		putndb(ppp);
+		refresh(ppp->net);
 	}
+
 	ipmove(ppp->curlocal, ppp->local);
 	ipmove(ppp->curremote, ppp->remote);
+	ipmove(ppp->curlocal6, ppp->local6);
+	ipmove(ppp->curremote6, ppp->remote6);
 
 	return nil;
 }
@@ -1630,11 +1772,20 @@
 		case Pipcp:
 			rcv(ppp, ppp->ipcp, b);
 			break;
+		case Pipv6cp:
+			rcv(ppp, ppp->ipv6cp, b);
+			break;
 		case Pip:
 			if(ppp->ipcp->state == Sopened)
 				return b;
+			freeb(b);
 			netlog("ppp: IP recved: link not up\n");
+			break;
+		case Pipv6:
+			if(ppp->ipv6cp->state == Sopened)
+				return b;
 			freeb(b);
+			netlog("ppp: IPv6 recved: link not up\n");
 			break;
 		case Plqm:
 			getlqm(ppp, b);
@@ -1703,38 +1854,75 @@
 	return nil;
 }
 
+typedef struct Iphdr Iphdr;
+struct Iphdr
+{
+	uchar	vihl;		/* Version and header length */
+	uchar	tos;		/* Type of service */
+	uchar	length[2];	/* packet length */
+	uchar	id[2];		/* Identification */
+	uchar	frag[2];	/* Fragment information */
+	uchar	ttl;		/* Time to live */
+	uchar	proto;		/* Protocol */
+	uchar	cksum[2];	/* Header checksum */
+	uchar	src[4];		/* Ip source (uchar ordering unimportant) */
+	uchar	dst[4];		/* Ip destination (uchar ordering unimportant) */
+};
+
 /* transmit an IP packet */
 int
 pppwrite(PPP *ppp, Block *b)
 {
 	int proto;
-	int len;
+	int len, tot;
+	Iphdr *ip;
+	Ip6hdr *ip6;
 
-	qlock(ppp);
-	/* can't send ip packets till we're established */
-	if(ppp->ipcp->state != Sopened) {
-		qunlock(ppp);
-		syslog(0, LOG, "IP write: link not up");
-		len = blen(b);
+	len = blen(b);
+	ip = (Iphdr*)b->rptr;
+	switch(ip->vihl & 0xF0){
+	default:
+	Badhdr:
 		freeb(b);
 		return len;
-	}
+	case IP_VER4:
+		if(len < IPV4HDR_LEN || (tot = nhgets(ip->length)) < IPV4HDR_LEN)
+			goto Badhdr;
+		b = btrim(b, 0, tot);
+		if(b == nil)
+			return len;
 
-	proto = Pip;
-	ppp->stat.ipsend++;
-
-	if(ppp->ipcp->flags & Fipcompress){
-		b = compress(ppp->ctcp, b, &proto);
-		if(b == nil){
-			qunlock(ppp);
-			return 0;
+		qlock(ppp);
+		if(ppp->ipcp->state != Sopened)
+			goto Drop;
+		proto = Pip;
+		if(ppp->ipcp->flags & Fipcompress){
+			b = compress(ppp->ctcp, b, &proto);
+			if(b == nil){
+				qunlock(ppp);
+				return len;
+			}
+			if(proto != Pip)
+				ppp->stat.vjout++;
 		}
-		if(proto != Pip)
-			ppp->stat.vjout++;
+		break;
+	case IP_VER6:
+		if(len < IPV6HDR_LEN)
+			goto Badhdr;
+		ip6 = (Ip6hdr*)ip;
+		b = btrim(b, 0, IPV6HDR_LEN + nhgets(ip6->ploadlen));
+		if(b == nil)
+			return len;
+
+		qlock(ppp);
+		if(ppp->ipv6cp->state != Sopened)
+			goto Drop;
+		proto = Pipv6;
+		break;
 	}
+	ppp->stat.ipsend++;
 
 	if(ppp->ctype != nil) {
-		len = blen(b);
 		b = (*ppp->ctype->compress)(ppp, proto, b, &proto);
 		if(proto == Pcdata) {
 			ppp->stat.comp++;
@@ -1748,15 +1936,14 @@
 		freeb(b);
 		return -1;
 	}
+Drop:
 	qunlock(ppp);
-
-	len = blen(b);
 	freeb(b);
 	return len;
 }
 
 static void
-terminate(PPP *ppp, char *why)
+terminate(PPP *ppp, char *why, int fatal)
 {
 	if(dying++)
 		return;
@@ -1763,8 +1950,12 @@
 
 	syslog(0, LOG, "ppp: terminated: %s", why);
 
-	if(ppp->net != nil && validv4(ppp->curremote) && validv4(ppp->curlocal))
+	if(validv4(ppp->curremote) && validv4(ppp->curlocal)){
 		defroute(ppp->net, "remove", ppp->curremote, ppp->curlocal);
+		invalidate(ppp->remote);
+		invalidate(ppp->local);
+		putndb(ppp);
+	}
 
 	close(ppp->ipfd);
 	ppp->ipfd = -1;
@@ -1775,44 +1966,28 @@
 	ppp->mediain = -1;
 	ppp->mediaout = -1;
 	postnote(PNGROUP, getpid(), "die");
-}
 
-typedef struct Iphdr Iphdr;
-struct Iphdr
-{
-	uchar	vihl;		/* Version and header length */
-	uchar	tos;		/* Type of service */
-	uchar	length[2];	/* packet length */
-	uchar	id[2];		/* Identification */
-	uchar	frag[2];	/* Fragment information */
-	uchar	ttl;		/* Time to live */
-	uchar	proto;		/* Protocol */
-	uchar	cksum[2];	/* Header checksum */
-	uchar	src[4];		/* Ip source (uchar ordering unimportant) */
-	uchar	dst[4];		/* Ip destination (uchar ordering unimportant) */
-};
+	/* interface gone, notify cs */
+	refresh(ppp->net);
 
+	if(fatal)
+		sysfatal("%s", why);
+}
+
 static void
 ipinproc(PPP *ppp)
 {
 	Block *b;
-	int m, n;
-	Iphdr *ip;
+	int n;
 
 	while(!dying){
-
 		b = allocb(Buflen);
 		n = read(ppp->ipfd, b->wptr, b->lim-b->wptr);
-		if(n < 0)
+		if(n < 1){
+			freeb(b);
 			break;
-
-		/* trim packet if there's padding (e.g. from ether) */
-		ip = (Iphdr*)b->rptr;
-		m = nhgets(ip->length);
-		if(m < n && m > 0)
-			n = m;
+		}
 		b->wptr += n;
-
 		if(pppwrite(ppp, b) < 0)
 			break;
 	}
@@ -1855,7 +2030,6 @@
 mediainproc(PPP *ppp)
 {
 	Block *b;
-	Ipaddr remote;
 
 	notify(catchdie);
 	while(!dying){
@@ -1865,20 +2039,6 @@
 			break;
 		}
 		ppp->stat.iprecv++;
-		if(ppp->ipcp->state != Sopened) {
-			ppp->stat.iprecvnotup++;
-			freeb(b);
-			continue;
-		}
-
-		if(server) {
-			v4tov6(remote, b->rptr+12);
-			if(ipcmp(remote, ppp->remote) != 0) {
-				ppp->stat.iprecvbadsrc++;
-				freeb(b);
-				continue;
-			}
-		}
 		if(debug > 1){
 			netlog("ip write pkt %p %d\n", b->rptr, blen(b));
 			hexdump(b->rptr, blen(b));
@@ -1888,12 +2048,11 @@
 			freeb(b);
 			break;
 		}
-
 		freeb(b);
 	}
 
-	netlog(": remote=%I: ppp shutting down\n", ppp->remote);
-	syslog(0, LOG, ": remote=%I: ppp shutting down", ppp->remote);
+	netlog(": remote=%I/%I: ppp shutting down\n", ppp->remote, ppp->remote6);
+	syslog(0, LOG, ": remote=%I/%I: ppp shutting down", ppp->remote, ppp->remote6);
 	syslog(0, LOG, "\t\tppp send = %lud/%lud recv= %lud/%lud",
 		ppp->out.packets, ppp->out.uchars,
 		ppp->in.packets, ppp->in.uchars);
@@ -2003,8 +2162,11 @@
 		auth_freeAI(c->ai);
 		c->ai = nil;
 	}
-	if((c->cs = auth_challenge("proto=%q role=server", getaproto(c->proto))) == nil)
-		sysfatal("auth_challenge: %r");
+	if((c->cs = auth_challenge("proto=%q role=server", getaproto(c->proto))) == nil){
+		char err[ERRMAX];
+		snprint(err, sizeof(err), "auth_challenge: %r");
+		terminate(ppp, err, 1);
+	}
 	syslog(0, LOG, ": remote=%I: sending %d byte challenge", ppp->remote, c->cs->nchal);
 	len = 4 + 1 + c->cs->nchal + strlen(ppp->chapname);
 	b = alloclcp(Cchallenge, c->id, len, &m);
@@ -2032,13 +2194,13 @@
 	switch(c->proto){
 	case APmschap:
 		if(c->ai == nil || c->ai->nsecret != 16)
-			sysfatal("could not get the encryption key");
+			terminate(ppp, "could not get the encryption key", 1);
 		memmove(ppp->sendkey, c->ai->secret, 16);
 		memmove(ppp->recvkey, c->ai->secret, 16);
 		break;
 	case APmschapv2:
 		if(c->ai == nil || c->ai->nsecret != 16+20)
-			sysfatal("could not get the encryption key + authenticator");
+			terminate(ppp, "could not get the encryption key + authenticator", 1);
 		getasymkey(ppp->sendkey, c->ai->secret, 1, isserver);
 		getasymkey(ppp->recvkey, c->ai->secret, 0, isserver);
 		break;
@@ -2078,9 +2240,13 @@
 			ppp->chapname, sizeof(ppp->chapname), 
 			resp, sizeof(resp), &c->ai,
 			auth_getkey,
-			"proto=%s role=client service=ppp %s", getaproto(c->proto), keyspec);
-		if(nresp < 0)
-			sysfatal("auth_respond: %r");
+			"proto=%s role=client service=ppp %s",
+			getaproto(c->proto), keyspec);
+		if(nresp < 0){
+			char err[ERRMAX];
+			snprint(err, sizeof(err), "auth_respond: %r");
+			terminate(ppp, err, 1);
+		}
 		if(c->proto == APmschap || c->proto == APmschapv2)
 			while(nresp < 49) resp[nresp++] = 0;
 		freeb(b);
@@ -2102,6 +2268,7 @@
 		}
 		switch(c->proto) {
 		default:
+			terminate(ppp, "unknown chap protocol", 0);
 			sysfatal("unknown chap protocol: %d", c->proto);
 		case APmd5:
 			if(vlen > len - 5 || vlen != 16) {
@@ -2189,7 +2356,7 @@
 			n = snprint((char*)resp, sizeof(resp), "S=%.20H", c->ai->secret+16);
 			if(len - 4 < n || tsmemcmp(m->data, resp, n) != 0){
 				netlog("ppp: chap: bad authenticator\n");
-				terminate(ppp, "chap: bad authenticator");
+				terminate(ppp, "chap: bad authenticator", 0);
 				break;
 			}
 		}
@@ -2199,7 +2366,7 @@
 		break;
 	case Cfailure:
 		netlog("ppp: chap failed\n");
-		terminate(ppp, "chap failed");
+		terminate(ppp, "chap failed", 0);
 		break;
 	default:
 		syslog(0, LOG, "chap code %d?", m->code);
@@ -2219,9 +2386,11 @@
 	int len, nlen, slen;
 
 	up = auth_getuserpasswd(auth_getkey, "proto=pass service=ppp %s", keyspec);
-	if(up == nil)
-		sysfatal("auth_getuserpasswd: %r");
-
+	if(up == nil){
+		char err[ERRMAX];
+		snprint(err, sizeof(err), "auth_getuserpasswd: %r");
+		terminate(ppp, err, 1);
+	}
 	c = ppp->chap;
 	c->id++;
 	netlog("ppp: pap: send authreq %d %s %s\n", c->id, up->user, "****");
@@ -2239,9 +2408,13 @@
 	b->wptr += slen;
 	hnputs(m->len, len);
 
+	memset(up->user, 0, nlen);	/* no leaks */
+	memset(up->passwd, 0, slen);	/* no leaks */
 	free(up);
 
 	putframe(ppp, Ppasswd, b);
+
+	memset(b->rptr, 0, BLEN(b));	/* no leaks */
 	freeb(b);
 }
 
@@ -2287,7 +2460,7 @@
 		&& m->id <= ppp-> chap->id){
 			netlog("ppp: pap failed (%d:%.*s)\n",
 				m->data[0], utfnlen((char*)m->data+1, m->data[0]), (char*)m->data+1);
-			terminate(ppp, "pap failed");
+			terminate(ppp, "pap failed", 0);
 		}
 		break;
 	default:
@@ -2324,7 +2497,7 @@
 
 	for(cp = m->data; cp < b->wptr; cp += o->len){
 		o = (Lcpopt*)cp;
-		if(cp + o->len > b->wptr){
+		if(cp + o->len > b->wptr || o->len < 2){
 			netlog("\tbad option length %ux\n", o->type);
 			return;
 		}
@@ -2439,6 +2612,16 @@
 				break;
 			}
 			break;
+		case Pipv6cp:
+			switch(o->type){
+			default:
+				netlog("\tunknown %d len=%d\n", o->type, o->len);
+				break;
+			case Oipv6eui:	
+				netlog("\tipv6eui %.*H\n", o->len, o->data);
+				break;
+			}
+			break;
 		}
 	}
 }
@@ -2757,10 +2940,6 @@
 		usage();
 	}
 
-	nip = nipifcs(net);
-	if(nip == 0 && !server)
-		primary = 1;
-
 	if(dev != nil){
 		mediain = open(dev, ORDWR);
 		if(mediain < 0){
@@ -2814,12 +2993,8 @@
 	pppopen(ppp, mediain, mediaout, net, ipaddr, remip, mtu, framing);
 
 	/* wait until ip is configured */
-	rendezvous((void*)Rmagic, 0);
+	rendezvous(ppp, 0);
 
-	/* create a /net/ndb entry */
-	if(primary)
-		putndb(ppp, net);
-
 	exits(nil);
 }
 
@@ -2860,52 +3035,75 @@
 	ipmove(addr, IPnoaddr);
 }
 
+static uchar v6llprefix[16] = {
+	0xfe, 0x80, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00,
+};
+
+enum {
+	v6llprefixlen = 8,
+};
+
 /*
- *  return number of networks
+ *  return non-zero when addr is a valid link-local ipv6 address
  */
 static int
-nipifcs(char *net)
+validv6(Ipaddr addr)
 {
-	static Ipifc *ifc;
-	Ipifc *nifc;
-	Iplifc *lifc;
-	int n;
+	return memcmp(addr, v6llprefix, v6llprefixlen) == 0 && memcmp(addr, v6llprefix, IPaddrlen) != 0;
+}
 
-	n = 0;
-	ifc = readipifc(net, ifc, -1);
-	for(nifc = ifc; nifc != nil; nifc = nifc->next)
-		for(lifc = ifc->lifc; lifc != nil; lifc = lifc->next)
-			n++;
-	return n;
+/*
+ *  convert EUI-64 or EUI-48 to link-local ipv6 address,
+ *  return non-zero when successfull or zero on failure.
+ */
+static int
+euitov6(Ipaddr addr, uchar *data, int len)
+{
+	if(len < 1 || len > IPaddrlen-v6llprefixlen){
+		invalidate(addr);
+		return 0;
+	}
+	ipmove(addr, v6llprefix);
+	memmove(&addr[IPaddrlen-len], data, len);
+	return memcmp(addr, v6llprefix, IPaddrlen) != 0;
 }
 
 /*
- *   make an ndb entry and put it into /net/ndb for the servers to see
+ *  make an ndb entry and put it into /net/ndb for the servers to see
  */
 static void
-putndb(PPP *ppp, char *net)
+putndb(PPP *ppp)
 {
 	static char buf[16*1024];
-	char file[64], *p, *e;
+	char file[128], *p, *e;
 	Ndbtuple *t, *nt;
 	Ndb *db;
 	int fd;
 
+	if(!primary)
+		return;
+
 	e = buf + sizeof(buf);
 	p = buf;
-	p = seprint(p, e, "ip=%I ipmask=255.255.255.255 ipgw=%I\n",
-		ppp->local, ppp->remote);
-	if(validv4(ppp->dns[0]))
-		p = seprint(p, e, "\tdns=%I\n", ppp->dns[0]);
-	if(validv4(ppp->dns[1]))
-		p = seprint(p, e, "\tdns=%I\n", ppp->dns[1]);
-	if(validv4(ppp->wins[0]))
-		p = seprint(p, e, "\twins=%I\n", ppp->wins[0]);
-	if(validv4(ppp->wins[1]))
-		p = seprint(p, e, "\twins=%I\n", ppp->wins[1]);
 
-	/* append preexisting entries not matching our ip */
-	snprint(file, sizeof file, "%s/ndb", net);
+	if(validv4(ppp->local) && validv4(ppp->remote)){
+		p = seprint(p, e, "ip=%I ipmask=255.255.255.255 ipgw=%I\n",
+			ppp->local, ppp->remote);
+		if(validv4(ppp->dns[0]))
+			p = seprint(p, e, "\tdns=%I\n", ppp->dns[0]);
+		if(validv4(ppp->dns[1]))
+			p = seprint(p, e, "\tdns=%I\n", ppp->dns[1]);
+		if(validv4(ppp->wins[0]))
+			p = seprint(p, e, "\twins=%I\n", ppp->wins[0]);
+		if(validv4(ppp->wins[1]))
+			p = seprint(p, e, "\twins=%I\n", ppp->wins[1]);
+	}
+
+	/* append preexisting entries not matching our old or new ip */
+	snprint(file, sizeof file, "%s/ndb", ppp->net);
 	db = ndbopen(file);
 	if(db != nil ){
 		while((t = ndbparse(db)) != nil){
@@ -2913,7 +3111,7 @@
 
 			if((nt = ndbfindattr(t, t, "ip")) == nil
 			|| parseip(ip, nt->val) == -1
-			|| ipcmp(ip, ppp->local) != 0){
+			|| (ipcmp(ip, ppp->local) != 0 && ipcmp(ip, ppp->curlocal) != 0)){
 				p = seprint(p, e, "\n");
 				for(nt = t; nt != nil; nt = nt->entry)
 					p = seprint(p, e, "%s=%s%s", nt->attr, nt->val,
@@ -2928,6 +3126,13 @@
 		return;
 	write(fd, buf, p-buf);
 	close(fd);
+}
+
+static void
+refresh(char *net)
+{
+	char file[128];
+	int fd;
 
 	snprint(file, sizeof file, "%s/cs", net);
 	if((fd = open(file, OWRITE)) >= 0){
--- a/sys/src/cmd/ip/ppp/ppp.h
+++ b/sys/src/cmd/ip/ppp/ppp.h
@@ -78,6 +78,7 @@
 	Pvjutcp=	0x2f,		/* uncompressing van jacobson tcp */
 	Pcdata=		0xfd,		/* compressed datagram */
 	Pipcp=		0x8021,		/* ip control */
+	Pipv6cp=	0x8057,		/* ipv6 control */
 	Pecp=		0x8053,		/* encryption control */
 	Pccp=		0x80fd,		/* compressed datagram control */
 	Plcp=		0xc021,		/* link control */
@@ -178,6 +179,9 @@
 	Oipdns2=	131,
 	Oipwins2=	132,
 
+	/* ipv6cp configure options */
+	Oipv6eui=	1,
+
 	/* ipcp flags */
 	Fipaddrs=	1<<Oipaddrs,
 	Fipcompress=	1<<Oipcompress,
@@ -187,6 +191,9 @@
 	Fipdns2=	1<<10,	// Oipdns2,
 	Fipwins2=	1<<11,	// Oipwins2,
 
+	/* ipv6cp flags */
+	Fipv6eui=	1<<Oipv6eui,
+
 	Period=		5*1000,	/* period of retransmit process (in ms) */
 	Timeout=	20,	/* xmit timeout (in Periods) */
 	Buflen=		4096,
@@ -262,11 +269,18 @@
 	int		framing;	/* non-zero to use framing characters */
 	Ipaddr		local;
 	Ipaddr		curlocal;
-	int		localfrozen;
 	Ipaddr		remote;
 	Ipaddr		curremote;
-	int		remotefrozen;
+	Ipaddr		local6;
+	Ipaddr		curlocal6;
+	Ipaddr		remote6;
+	Ipaddr		curremote6;
 
+	char		localfrozen;
+	char		remotefrozen;
+	char		local6frozen;
+	char		remote6frozen;
+
 	Ipaddr		dns[2];		/* dns servers */
 	Ipaddr		wins[2];	/* wins servers */
 
@@ -280,6 +294,7 @@
 	Pstate*		lcp;		/* lcp state */
 	Pstate*		ccp;		/* ccp state */
 	Pstate*		ipcp;		/* ipcp state */
+	Pstate*		ipv6cp;		/* ipv6cp state */
 	Chap*		chap;		/* chap state */
 	Tcpc*		ctcp;		/* tcp compression state */
 	ulong		mtu;		/* maximum xmit size */
--- a/sys/src/cmd/ip/ppp/thw.c
+++ b/sys/src/cmd/ip/ppp/thw.c
@@ -121,8 +121,12 @@
 
 	/* put ack and protocol into b */
 	n = BLEN(b);
-	if(b->rptr - (2+4) < b->base)
-		sysfatal("thwack: not enough header in block");
+	if(b->rptr - (2+4) < b->base){
+		fprint(2, "thwack: not enough header in block\n");
+		freeb(b);
+		return nil;
+	}
+
 	acked = 0;
 	if(ppp->unctype == &uncthwack){
 		uncs = ppp->uncstate;