mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2025-03-26 20:37:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

EAP support is now optional

Browse Source
This commit is contained in:
Sylvain Rochet 2012-05-21 01:18:36 +02:00
parent 7d43f4a1f4
commit 795d5807b5
8 changed files with 185 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
src/netif/ppp/auth.c
View File

@ -109,7 +109,9 @@
#include "ipcp.h"
#include "upap.h"
#include "chap-new.h"
#if EAP_SUPPORT
#include "eap.h"
#endif /* EAP_SUPPORT */
#include "pathnames.h"
#include "session.h"
@ -329,7 +331,7 @@ option_t auth_options[] = {
&lcp_allowoptions[0].chap_mdtype },
#endif
#endif
#if EAP_SUPPORT
{ "require-eap", o_bool, &lcp_wantoptions[0].neg_eap,
"Require EAP authentication from peer", OPT_PRIOSUB | 1,
&auth_required },
@ -337,6 +339,7 @@ option_t auth_options[] = {
{ "refuse-eap", o_bool, &refuse_eap,
"Don't agree to authenticate to peer with EAP", 1 },
#endif
#endif /* EAP_SUPPORT */
{ "name", o_string, our_name,
"Set local name for authentication",
OPT_PRIO | OPT_PRIV | OPT_STATIC, NULL, MAXNAMELEN },
@ -732,7 +735,11 @@ link_established(unit)
if (!auth_required && noauth_addrs != NULL)
set_allowed_addrs(unit, NULL, NULL);
if (auth_required && !(go->neg_upap || go->neg_chap || go->neg_eap)) {
if (auth_required && !(go->neg_upap || go->neg_chap
#if EAP_SUPPORT
|| go->neg_eap
#endif /* EAP_SUPPORT */
)) {
/*
* We wanted the peer to authenticate itself, and it refused:
* if we have some address(es) it can use without auth, fine,
@ -752,20 +759,26 @@ link_established(unit)
new_phase(PHASE_AUTHENTICATE);
auth = 0;
#if EAP_SUPPORT
if (go->neg_eap) {
eap_authpeer(unit, our_name);
auth |= EAP_PEER;
} else if (go->neg_chap) {
} else
#endif /* EAP_SUPPORT */
if (go->neg_chap) {
chap_auth_peer(unit, our_name, CHAP_DIGEST(go->chap_mdtype));
auth |= CHAP_PEER;
} else if (go->neg_upap) {
upap_authpeer(unit);
auth |= PAP_PEER;
}
#if EAP_SUPPORT
if (ho->neg_eap) {
eap_authwithpeer(unit, ppp_settings.user);
auth |= EAP_WITHPEER;
} else if (ho->neg_chap) {
} else
#endif /* EAP_SUPPORT */
if (ho->neg_chap) {
chap_auth_with_peer(unit, ppp_settings.user, CHAP_DIGEST(ho->chap_mdtype));
auth |= CHAP_WITHPEER;
} else if (ho->neg_upap) {
@ -795,7 +808,11 @@ network_phase(unit)
/*
* If the peer had to authenticate, run the auth-up script now.
*/
if (go->neg_chap || go->neg_upap || go->neg_eap) {
if (go->neg_chap || go->neg_upap
#if EAP_SUPPORT
|| go->neg_eap
#endif /* EAP_SUPPORT */
) {
notify(auth_up_notifier, 0);
}
@ -1179,17 +1196,25 @@ auth_check_options()
/* If authentication is required, ask peer for CHAP, PAP, or EAP. */
if (auth_required) {
allow_any_ip = 0;
if (!wo->neg_chap && !wo->neg_upap && !wo->neg_eap) {
if (!wo->neg_chap && !wo->neg_upap
#if EAP_SUPPORT
&& !wo->neg_eap
#endif /* EAP_SUPPORT */
) {
wo->neg_chap = chap_mdtype_all != MDTYPE_NONE;
wo->chap_mdtype = chap_mdtype_all;
wo->neg_upap = 1;
#if EAP_SUPPORT
wo->neg_eap = 1;
#endif /* EAP_SUPPORT */
}
} else {
wo->neg_chap = 0;
wo->chap_mdtype = MDTYPE_NONE;
wo->neg_upap = 0;
#if EAP_SUPPORT
wo->neg_eap = 0;
#endif /* EAP_SUPPORT */
}
/*
@ -1199,11 +1224,19 @@ auth_check_options()
*/
lacks_ip = 0;
can_auth = wo->neg_upap && (uselogin || have_pap_secret(&lacks_ip));
if (!can_auth && (wo->neg_chap || wo->neg_eap)) {
if (!can_auth && (wo->neg_chap
#if EAP_SUPPORT
|| wo->neg_eap
#endif /* EAP_SUPPORT */
)) {
can_auth = have_chap_secret((explicit_remote? remote_name: NULL),
our_name, 1, &lacks_ip);
}
if (!can_auth && wo->neg_eap) {
if (!can_auth
#if EAP_SUPPORT
&& wo->neg_eap
#endif /* EAP_SUPPORT */
) {
can_auth = have_srp_secret((explicit_remote? remote_name: NULL),
our_name, 1, &lacks_ip);
}
@ -1255,7 +1288,9 @@ auth_reset(unit)
ao->neg_upap = !ppp_settings.refuse_pap;
#if EAP_SUPPORT
ao->neg_eap = !ppp_settings.refuse_eap;
#endif /* EAP_SUPPORT */
if(!ppp_settings.refuse_chap) {
ao->chap_mdtype = MDTYPE_MD5;
@ -1265,7 +1300,9 @@ auth_reset(unit)
} else {
ao->neg_upap = 0;
ao->neg_chap = 0;
#if EAP_SUPPORT
ao->neg_eap = 0;
#endif /* EAP_SUPPORT */
ao->chap_mdtype = MDTYPE_NONE;
}
@ -1274,7 +1311,9 @@ auth_reset(unit)
printf("neg_chap_md5: %d\n", !!(ao->chap_mdtype&MDTYPE_MD5) );
printf("neg_chap_ms: %d\n", !!(ao->chap_mdtype&MDTYPE_MICROSOFT) );
printf("neg_chap_ms2: %d\n", !!(ao->chap_mdtype&MDTYPE_MICROSOFT_V2) );
#if EAP_SUPPORT
printf("neg_eap: %d\n", ao->neg_eap);
#endif /* EAP_SUPPORT */
//ao->neg_upap = !ppp_settings.refuse_pap && (ppp_settings.passwd[0] != 0 || get_pap_passwd(NULL));
@ -1292,10 +1331,12 @@ auth_reset(unit)
go->neg_upap = 0;
go->neg_chap = 0;
#if EAP_SUPPORT
go->neg_eap = 0;
#endif /* EAP_SUPPORT */
go->chap_mdtype = MDTYPE_NONE;
return;
#if 0
/* FIXME: find what the below stuff do */
int hadchap;
hadchap = -1;
@ -1317,6 +1358,7 @@ auth_reset(unit)
!have_srp_secret((explicit_remote? remote_name: NULL), our_name, 1,
NULL))
go->neg_eap = 0;
#endif
}
/*

10
src/netif/ppp/eap.c
View File

@ -44,12 +44,7 @@
*/
#include "lwip/opt.h"
#define RCSID "$Id: eap.c,v 1.4 2004/11/09 22:39:25 paulus Exp $"
/*
* TODO:
*/
#if PPP_SUPPORT && EAP_SUPPORT /* don't build if not configured for use in lwipopts.h */
#include "pppd.h"
#include "pathnames.h"
@ -67,8 +62,6 @@
#define SHA_DIGESTSIZE 20
#endif
static const char rcsid[] = RCSID;
eap_state eap_states[NUM_PPP]; /* EAP state; one for each unit */
#ifdef USE_SRP
static char *pn_secret = NULL; /* Pseudonym generating secret */
@ -2419,3 +2412,4 @@ void *arg;
return (inp - pstart);
}
#endif /* PPP_SUPPORT && EAP_SUPPORT */

4
src/netif/ppp/eap.h
View File

@ -20,6 +20,9 @@
* $Id: eap.h,v 1.2 2003/06/11 23:56:26 paulus Exp $
*/
#include "lwip/opt.h"
#if PPP_SUPPORT && EAP_SUPPORT /* don't build if not configured for use in lwipopts.h */
#ifndef PPP_EAP_H
#define PPP_EAP_H
@ -156,3 +159,4 @@ extern struct protent eap_protent;
#endif /* PPP_EAP_H */
#endif /* PPP_SUPPORT && EAP_SUPPORT */

135
src/netif/ppp/lcp.c
View File

@ -371,7 +371,9 @@ lcp_init(unit)
ao->neg_chap = 1;
ao->chap_mdtype = chap_mdtype_all;
ao->neg_upap = 1;
#if EAP_SUPPORT
ao->neg_eap = 1;
#endif /* EAP_SUPPORT */
ao->neg_magicnumber = 1;
ao->neg_pcompression = 1;
ao->neg_accompression = 1;
@ -696,9 +698,19 @@ lcp_cilen(f)
*/
return (LENCISHORT(go->neg_mru && go->mru != DEFMRU) +
LENCILONG(go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF) +
#if EAP_SUPPORT
LENCISHORT(go->neg_eap) +
LENCICHAP(!go->neg_eap && go->neg_chap) +
LENCISHORT(!go->neg_eap && !go->neg_chap && go->neg_upap) +
#endif /* EAP_SUPPORT */
LENCICHAP(
#if EAP_SUPPORT
!go->neg_eap &&
#endif /* EAP_SUPPORT */
go->neg_chap) +
LENCISHORT(
#if EAP_SUPPORT
!go->neg_eap &&
#endif /* EAP_SUPPORT */
!go->neg_chap && go->neg_upap) +
LENCILQR(go->neg_lqr) +
LENCICBCP(go->neg_cbcp) +
LENCILONG(go->neg_magicnumber) +
@ -772,10 +784,19 @@ lcp_addci(f, ucp, lenp)
ADDCISHORT(CI_MRU, go->neg_mru && go->mru != DEFMRU, go->mru);
ADDCILONG(CI_ASYNCMAP, go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF,
go->asyncmap);
#if EAP_SUPPORT
ADDCISHORT(CI_AUTHTYPE, go->neg_eap, PPP_EAP);
ADDCICHAP(CI_AUTHTYPE, !go->neg_eap && go->neg_chap, go->chap_mdtype);
ADDCISHORT(CI_AUTHTYPE, !go->neg_eap && !go->neg_chap && go->neg_upap,
PPP_PAP);
#endif /* EAP_SUPPORT */
ADDCICHAP(CI_AUTHTYPE,
#if EAP_SUPPORT
!go->neg_eap &&
#endif /* EAP_SUPPORT */
go->neg_chap, go->chap_mdtype);
ADDCISHORT(CI_AUTHTYPE,
#if EAP_SUPPORT
!go->neg_eap &&
#endif /* EAP_SUPPORT */
!go->neg_chap && go->neg_upap, PPP_PAP);
ADDCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period);
ADDCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT);
ADDCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber);
@ -921,10 +942,19 @@ lcp_ackci(f, p, len)
ACKCISHORT(CI_MRU, go->neg_mru && go->mru != DEFMRU, go->mru);
ACKCILONG(CI_ASYNCMAP, go->neg_asyncmap && go->asyncmap != 0xFFFFFFFF,
go->asyncmap);
#if EAP_SUPPORT
ACKCISHORT(CI_AUTHTYPE, go->neg_eap, PPP_EAP);
ACKCICHAP(CI_AUTHTYPE, !go->neg_eap && go->neg_chap, go->chap_mdtype);
ACKCISHORT(CI_AUTHTYPE, !go->neg_eap && !go->neg_chap && go->neg_upap,
PPP_PAP);
#endif /* EAP_SUPPORT */
ACKCICHAP(CI_AUTHTYPE,
#if EAP_SUPPORT
!go->neg_eap &&
#endif /* EAP_SUPPORT */
go->neg_chap, go->chap_mdtype);
ACKCISHORT(CI_AUTHTYPE,
#if EAP_SUPPORT
!go->neg_eap &&
#endif /* EAP_SUPPORT */
!go->neg_chap && go->neg_upap, PPP_PAP);
ACKCILQR(CI_QUALITY, go->neg_lqr, go->lqr_period);
ACKCICHAR(CI_CALLBACK, go->neg_cbcp, CBCP_OPT);
ACKCILONG(CI_MAGICNUMBER, go->neg_magicnumber, go->magicnumber);
@ -1092,23 +1122,32 @@ lcp_nakci(f, p, len, treat_as_reject)
* they are proposing a different protocol, or a different
* hash algorithm for CHAP.
*/
if ((go->neg_chap || go->neg_upap || go->neg_eap)
if ((go->neg_chap || go->neg_upap
#if EAP_SUPPORT
|| go->neg_eap
#endif /* EAP_SUPPORT */
)
&& len >= CILEN_SHORT
&& p[0] == CI_AUTHTYPE && p[1] >= CILEN_SHORT && p[1] <= len) {
cilen = p[1];
len -= cilen;
no.neg_chap = go->neg_chap;
no.neg_upap = go->neg_upap;
#if EAP_SUPPORT
no.neg_eap = go->neg_eap;
#endif /* EAP_SUPPORT */
INCPTR(2, p);
GETSHORT(cishort, p);
if (cishort == PPP_PAP && cilen == CILEN_SHORT) {
#if EAP_SUPPORT
/* If we were asking for EAP, then we need to stop that. */
if (go->neg_eap)
try.neg_eap = 0;
else
#endif /* EAP_SUPPORT */
/* If we were asking for CHAP, then we need to stop that. */
else if (go->neg_chap)
if (go->neg_chap)
try.neg_chap = 0;
/*
* If we weren't asking for CHAP or EAP, then we were asking for
@ -1119,13 +1158,16 @@ lcp_nakci(f, p, len, treat_as_reject)
} else if (cishort == PPP_CHAP && cilen == CILEN_CHAP) {
GETCHAR(cichar, p);
#if EAP_SUPPORT
/* Stop asking for EAP, if we were. */
if (go->neg_eap) {
try.neg_eap = 0;
/* Try to set up to use their suggestion, if possible */
if (CHAP_CANDIGEST(go->chap_mdtype, cichar))
try.chap_mdtype = CHAP_MDTYPE_D(cichar);
} else if (go->neg_chap) {
} else
#endif /* EAP_SUPPORT */
if (go->neg_chap) {
/*
* We were asking for our preferred algorithm, they must
* want something different.
@ -1156,6 +1198,7 @@ lcp_nakci(f, p, len, treat_as_reject)
} else {
#if EAP_SUPPORT
/*
* If we were asking for EAP, and they're Conf-Naking EAP,
* well, that's just strange. Nobody should do that.
@ -1169,7 +1212,9 @@ lcp_nakci(f, p, len, treat_as_reject)
*/
if (go->neg_eap)
try.neg_eap = 0;
else if (go->neg_chap)
else
#endif /* EAP_SUPPORT */
if (go->neg_chap)
try.neg_chap = 0;
else
try.neg_upap = 0;
@ -1277,8 +1322,11 @@ lcp_nakci(f, p, len, treat_as_reject)
goto bad;
break;
case CI_AUTHTYPE:
if (go->neg_chap || no.neg_chap || go->neg_upap || no.neg_upap ||
go->neg_eap || no.neg_eap)
if (go->neg_chap || no.neg_chap || go->neg_upap || no.neg_upap
#if EAP_SUPPORT
|| go->neg_eap || no.neg_eap
#endif /* EAP_SUPPORT */
)
goto bad;
break;
case CI_MAGICNUMBER:
@ -1391,6 +1439,7 @@ lcp_rejci(f, p, len)
goto bad; \
try.neg = 0; \
}
#if EAP_SUPPORT
#define REJCICHAP(opt, neg, val) \
if (go->neg && \
len >= CILEN_CHAP && \
@ -1406,6 +1455,24 @@ lcp_rejci(f, p, len)
try.neg = 0; \
try.neg_eap = try.neg_upap = 0; \
}
#endif /* EAP_SUPPORT */
#if !EAP_SUPPORT
#define REJCICHAP(opt, neg, val) \
if (go->neg && \
len >= CILEN_CHAP && \
p[1] == CILEN_CHAP && \
p[0] == opt) { \
len -= CILEN_CHAP; \
INCPTR(2, p); \
GETSHORT(cishort, p); \
GETCHAR(cichar, p); \
/* Check rejected value. */ \
if ((cishort != PPP_CHAP) || (cichar != (CHAP_DIGEST(val)))) \
goto bad; \
try.neg = 0; \
try.neg_upap = 0; \
}
#endif /* !EAP_SUPPORT */
#define REJCILONG(opt, neg, val) \
if (go->neg && \
len >= CILEN_LONG && \
@ -1467,13 +1534,17 @@ lcp_rejci(f, p, len)
REJCISHORT(CI_MRU, neg_mru, go->mru);
REJCILONG(CI_ASYNCMAP, neg_asyncmap, go->asyncmap);
#if EAP_SUPPORT
REJCISHORT(CI_AUTHTYPE, neg_eap, PPP_EAP);
if (!go->neg_eap) {
#endif /* EAP_SUPPORT */
REJCICHAP(CI_AUTHTYPE, neg_chap, go->chap_mdtype);
if (!go->neg_chap) {
REJCISHORT(CI_AUTHTYPE, neg_upap, PPP_PAP);
}
#if EAP_SUPPORT
}
#endif /* EAP_SUPPORT */
REJCILQR(CI_QUALITY, neg_lqr, go->lqr_period);
REJCICBCP(CI_CALLBACK, neg_cbcp, CBCP_OPT);
REJCILONG(CI_MAGICNUMBER, neg_magicnumber, go->magicnumber);
@ -1609,7 +1680,11 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
case CI_AUTHTYPE:
if (cilen < CILEN_SHORT ||
!(ao->neg_upap || ao->neg_chap || ao->neg_eap)) {
!(ao->neg_upap || ao->neg_chap
#if EAP_SUPPORT
|| ao->neg_eap
#endif /* EAP_SUPPORT */
)) {
/*
* Reject the option if we're not willing to authenticate.
*/
@ -1632,8 +1707,11 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
if (cishort == PPP_PAP) {
/* we've already accepted CHAP or EAP */
if (ho->neg_chap || ho->neg_eap ||
cilen != CILEN_SHORT) {
if (ho->neg_chap
#if EAP_SUPPORT
|| ho->neg_eap
#endif /* EAP_SUPPORT */
|| cilen != CILEN_SHORT) {
LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE PAP, rejecting..."));
orc = CONFREJ;
break;
@ -1641,14 +1719,18 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
if (!ao->neg_upap) { /* we don't want to do PAP */
orc = CONFNAK; /* NAK it and suggest CHAP or EAP */
PUTCHAR(CI_AUTHTYPE, nakp);
#if EAP_SUPPORT
if (ao->neg_eap) {
PUTCHAR(CILEN_SHORT, nakp);
PUTSHORT(PPP_EAP, nakp);
} else {
#endif /* EAP_SUPPORT */
PUTCHAR(CILEN_CHAP, nakp);
PUTSHORT(PPP_CHAP, nakp);
PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);
#if EAP_SUPPORT
}
#endif /* EAP_SUPPORT */
break;
}
ho->neg_upap = 1;
@ -1656,8 +1738,11 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
}
if (cishort == PPP_CHAP) {
/* we've already accepted PAP or EAP */
if (ho->neg_upap || ho->neg_eap ||
cilen != CILEN_CHAP) {
if (ho->neg_upap
#if EAP_SUPPORT
|| ho->neg_eap
#endif /* EAP_SUPPORT */
|| cilen != CILEN_CHAP) {
LCPDEBUG(("lcp_reqci: rcvd AUTHTYPE CHAP, rejecting..."));
orc = CONFREJ;
break;
@ -1666,11 +1751,15 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
orc = CONFNAK; /* NAK it and suggest EAP or PAP */
PUTCHAR(CI_AUTHTYPE, nakp);
PUTCHAR(CILEN_SHORT, nakp);
#if EAP_SUPPORT
if (ao->neg_eap) {
PUTSHORT(PPP_EAP, nakp);
} else {
#endif /* EAP_SUPPORT */
PUTSHORT(PPP_PAP, nakp);
#if EAP_SUPPORT
}
#endif /* EAP_SUPPORT */
break;
}
GETCHAR(cichar, p); /* get digest type */
@ -1690,6 +1779,7 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
ho->neg_chap = 1;
break;
}
#if EAP_SUPPORT
if (cishort == PPP_EAP) {
/* we've already accepted CHAP or PAP */
if (ho->neg_chap || ho->neg_upap || cilen != CILEN_SHORT) {
@ -1713,6 +1803,7 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
ho->neg_eap = 1;
break;
}
#endif /* EAP_SUPPORT */
/*
* We don't recognize the protocol they're asking for.
@ -1722,10 +1813,14 @@ lcp_reqci(f, inp, lenp, reject_if_disagree)
*/
orc = CONFNAK;
PUTCHAR(CI_AUTHTYPE, nakp);
#if EAP_SUPPORT
if (ao->neg_eap) {
PUTCHAR(CILEN_SHORT, nakp);
PUTSHORT(PPP_EAP, nakp);
} else if (ao->neg_chap) {
} else
#endif /* EAP_SUPPORT */
if (ao->neg_chap) {
PUTCHAR(CILEN_CHAP, nakp);
PUTSHORT(PPP_CHAP, nakp);
PUTCHAR(CHAP_DIGEST(ao->chap_mdtype), nakp);

2
src/netif/ppp/lcp.h
View File

@ -93,7 +93,9 @@ typedef struct lcp_options {
bool neg_asyncmap; /* Negotiate the async map? */
bool neg_upap; /* Ask for UPAP authentication? */
bool neg_chap; /* Ask for CHAP authentication? */
#if EAP_SUPPORT
bool neg_eap; /* Ask for EAP authentication? */
#endif /* EAP_SUPPORT */
bool neg_magicnumber; /* Ask for magic number? */
bool neg_pcompression; /* HDLC Protocol Field Compression? */
bool neg_accompression; /* HDLC Address/Control Field Compression? */

4
src/netif/ppp/ppp.c
View File

@ -104,7 +104,9 @@
#endif
#include "upap.h"
#include "chap-new.h"
#if EAP_SUPPORT
#include "eap.h"
#endif /* EAP_SUPPORT */
#include "pathnames.h"
#ifdef AT_CHANGE
@ -266,7 +268,9 @@ struct protent *protocols[] = {
#ifdef AT_CHANGE
&atcp_protent,
#endif
#if EAP_SUPPORT
&eap_protent,
#endif /* EAP_SUPPORT */
NULL
};

6
src/netif/ppp/pppmy.c
View File

@ -437,7 +437,11 @@ pppSetAuth(enum pppAuthType authType, const char *user, const char *passwd)
{
ppp_settings.refuse_pap = 1;
ppp_settings.refuse_chap = 0;
ppp_settings.refuse_eap = 1;
#if EAP_SUPPORT
ppp_settings.refuse_pap = 1;
ppp_settings.refuse_chap = 1;
ppp_settings.refuse_eap = 0;
#endif /* EAP_SUPPORT */
/* FIXME: re-enable that */
#if 0

2
src/netif/ppp/pppmy.h
View File

@ -46,7 +46,9 @@ struct ppp_settings {
u_int explicit_remote : 1; /* remote_name specified with remotename opt */
u_int refuse_pap : 1; /* Don't wanna auth. ourselves with PAP */
u_int refuse_chap : 1; /* Don't wanna auth. ourselves with CHAP */
#if EAP_SUPPORT
u_int refuse_eap : 1; /* Don't wanna auth. ourselves with EAP */
#endif /* EAP_SUPPORT */
u_int usehostname : 1; /* Use hostname for our_name */
u_int usepeerdns : 1; /* Ask peer for DNS adds */