X-Git-Url: http://git.ozlabs.org/?a=blobdiff_plain;f=README;h=89e89b546f841943f5172e777243f056df953d59;hb=c268205e1c861b8898c722a499fa4befac490dc4;hp=a21d9f1dac7bfa143a5fcd334d324edbd76b3864;hpb=6e8eaa7a78b31cdab2edf140a9c8afdb02ffaca5;p=ppp.git diff --git a/README b/README index a21d9f1..89e89b5 100644 --- a/README +++ b/README @@ -1,6 +1,7 @@ -This is the README file for ppp-2.4, a package which implements the +This is the README file for ppp-2.5, a package which implements the Point-to-Point Protocol (PPP) to provide Internet connections over -serial lines. +serial lines and other types of links which can be considered to be +point-to-point links. Introduction. @@ -9,7 +10,7 @@ Introduction. The Point-to-Point Protocol (PPP) provides a standard way to establish a network connection over a serial link. At present, this package supports IP and IPV6 and the protocols layered above them, such as TCP -and UDP. The Linux port of this package also has support for IPX. +and UDP. This PPP implementation consists of two parts: @@ -61,216 +62,50 @@ use any IP address. (This only applies where the peer is authenticating itself to you, of course.) -What's new in ppp-2.4.7. +What's new in ppp-2.5.0. ************************ -* Fixed a potential security issue in parsing option files (CVE-2014-3158). - -* There is a new "stop-bits" option, which takes an argument of 1 or 2, - indicating the number of stop bits to use for async serial ports. - -* Various bug fixes. - - -What was new in ppp-2.4.6. -************************** - -* Man page updates. - -* Several bug fixes. - -* Options files can now set and unset environment variables for - scripts. - -* The timeout for chat scripts can now be taken from an environment - variable. - -* There is a new option, master_detach, which allows pppd to detach - from the controlling terminal when it is the multilink bundle master - but its own link has terminated, even if the nodetach option has - been given. - - -What was new in ppp-2.4.5. -************************** - -* Under Linux, pppd can now operate in a mode where it doesn't request - the peer's IP address, as some peers refuse to supply an IP address. - Since Linux supports device routes as well as gateway routes, it's - possible to have no remote IP address assigned to the ppp interface - and still route traffic over it. - -* Pppd now works better with 3G modems that do strange things such as - sending IPCP Configure-Naks with the same values over and over again. - -* The PPP over L2TP plugin is included, which works with the pppol2tp - PPP channel code in the Linux kernel. This allows pppd to be used - to set up tunnels using the Layer 2 Tunneling Protocol. - -* A new 'enable-session' option has been added, which enables session - accounting via PAM or wtwp/wtmpx, as appropriate. See the pppd man - page for details. - -* Several bugs have been fixed. - - -What was new in ppp-2.4.4. -************************** - -* Pppd will now run /etc/ppp/ip-pre-up, if it exists, after creating - the ppp interface and configuring its IP addresses but before - bringing it up. This can be used, for example, for adding firewall - rules for the interface. - -* Lots of bugs fixed, particularly in the area of demand-dialled and - persistent connections. - -* The rp-pppoe plugin now accepts any interface name (that isn't an - existing pppd option name) without putting "nic-" on the front of - it, not just eth*, nas*, tap* and br*. - - -What was new in ppp-2.4.3. -************************** - -* The configure script now accepts --prefix and --sysconfdir options. - These default to /usr/local and /etc. If you want pppd put in - /usr/sbin as before, use ./configure --prefix=/usr. - -* Doing `make install' no longer puts example configuration files in - /etc/ppp. Use `make install-etcppp' if you want that. - -* The code has been updated to work with version 0.8.3 of libpcap. - Unfortunately the libpcap maintainers removed support for the - "inbound" and "outbound" keywords on PPP links, meaning that if you - link pppd with libpcap-0.8.3, you can't use those keywords in the - active-filter and pass-filter expressions. The support has been - reinstated in the CVS version and should be in future libpcap - releases. If you need the in/outbound keywords, use a later release - than 0.8.3, or get the CVS version from http://www.tcpdump.org. - -* There is a new option, child-timeout, which sets the length of time - that pppd will wait for child processes (such as the command - specified with the pty option) to exit before exiting itself. It - defaults to 5 seconds. After the timeout, pppd will send a SIGTERM - to any remaining child processes and exit. A value of 0 means no - timeout. - -* Various bugs have been fixed, including some CBCP packet parsing - bugs that could lead to the peer being able to crash pppd if CBCP - support is enabled. - -* Various fixes and enhancements to the radius and rp-pppoe plugins - have been added. - -* There is a new winbind plugin, from Andrew Bartlet of the Samba - team, which provides the ability to authenticate the peer against an - NT domain controller using MS-CHAP or MS-CHAPV2. - -* There is a new pppoatm plugin, by various authors, sent in by David - Woodhouse. - -* The multilink code has been substantially reworked. The first pppd - for a bundle still controls the ppp interface, but it doesn't exit - until all the links in the bundle have terminated. If the first - pppd is signalled to exit, it signals all the other pppds - controlling links in the bundle. - -* The TDB code has been updated to the latest version. This should - eliminate the problem that some people have seen where the database - file (/var/run/pppd.tdb) keeps on growing. Unfortunately, however, - the new code uses an incompatible database format. For this reason, - pppd now uses /var/run/pppd2.tdb as the database filename. - - -What was new in ppp-2.4.2. -************************** - -* The CHAP code has been rewritten. Pppd now has support for MS-CHAP - V1 and V2 authentication, both as server and client. The new CHAP - code is cleaner than the old code and avoids some copyright problems - that existed in the old code. - -* MPPE (Microsoft Point-to-Point Encryption) support has been added, - although the current implementation shouldn't be considered - completely secure. (There is no assurance that the current code - won't ever transmit an unencrypted packet.) - -* James Carlson's implementation of the Extensible Authentication - Protocol (EAP) has been added. - -* Support for the Encryption Control Protocol (ECP) has been added. - -* Some new plug-ins have been included: - - A plug-in for kernel-mode PPPoE (PPP over Ethernet) - - A plug-in for supplying the PAP password over a pipe from another - process - - A plug-in for authenticating using a Radius server. - -* Updates and bug-fixes for the Solaris port. - -* The CBCP (Call Back Control Protocol) code has been updated. There - are new options `remotenumber' and `allow-number'. - -* Extra hooks for plugins to use have been added. - -* There is now a `maxoctets' option, which causes pppd to terminate - the link once the number of bytes passed on the link exceeds a given - value. - -* There are now options to control whether pppd can use the IPCP - IP-Address and IP-Addresses options: `ipcp-no-address' and - `ipcp-no-addresses'. - -* Fixed several bugs, including potential buffer overflows in chat. - - -What was new in ppp-2.4.1. -************************** - -* Pppd can now print out the set of options that are in effect. The - new `dump' option causes pppd to print out the option values after - option parsing is complete. The `dryrun' option causes pppd to - print the options and then exit. - -* The option parsing code has been fixed so that options in the - per-tty options file are parsed correctly, and don't override values - from the command line in most cases. - -* The plugin option now looks in /usr/lib/pppd/ (for - example, /usr/lib/pppd/2.4.1b1) for shared objects for plugins if - there is no slash in the plugin name. - -* When loading a plugin, pppd will now check the version of pppd for - which the plugin was compiled, and refuse to load it if it is - different to pppd's version string. To enable this, the plugin - source needs to #include "pppd.h" and have a line saying: - char pppd_version[] = VERSION; - -* There is a bug in zlib, discovered by James Carlson, which can cause - kernel memory corruption if Deflate is used with the lowest setting, - 8. As a workaround pppd will now insist on using at least 9. - -* Pppd should compile on Solaris and SunOS again. - -* Pppd should now set the MTU correctly on demand-dialled interfaces. - - -What was new in ppp-2.4.0. -************************** - -* Multilink: this package now allows you to combine multiple serial - links into one logical link or `bundle', for increased bandwidth and - reduced latency. This is currently only supported under the - 2.4.x and later Linux kernels. - -* All the pppd processes running on a system now write information - into a common database. I used the `tdb' code from samba for this. - -* New hooks have been added. - -For a list of the changes made during the 2.3 series releases of this -package, see the Changes-2.3 file. +The 2.5.0 release is a major release of pppd which contains breaking +changes for third-party plugins, a complete revamp of the build-system +and that allows for flexibility of configuring features as needed. + +In Summary: +* Support for PEAP authentication by Eivind Næss and Rustam Kovhaev +* Support for loading PKCS12 certificate envelopes +* Adoption of GNU Autoconf / Automake build environment, by Eivind Næss + and others. +* Support for pkgconfig tool has been added by Eivind Næss. +* Bunch of fixes and cleanup to PPPoE and IPv6 support by Pali Rohár. +* Major revision to PPPD's Plugin API by Eivind Næss. + - Defines in which describes what features was included in pppd + - Functions now prefixed with explicit ppp_* to indicate that + pppd functions being called. + - Header files were renamed to better align with their features, + and now use proper include guards + - A pppdconf.h file is supplied to allow third-party modules to use + the same feature defines pppd was compiled with. + - No extern declarations of internal variable names of pppd, + continued use of these extern variables are considered + unstable. +* Lots of internal fixes and cleanups for Radius and PPPoE by Jaco Kroon +* Dropped IPX support, as Linux has dropped support in version 5.15 + for this protocol. +* Many more fixes and cleanups. +* Pppd is no longer installed setuid-root. +* New pppd options: + - ipv6cp-noremote, ipv6cp-nosend, ipv6cp-use-remotenumber, + ipv6-up-script, ipv6-down-script + - -v, show-options + - usepeerwins, ipcp-no-address, ipcp-no-addresses, nosendip +* On Linux, any baud rate can be set on a serial port provided the + kernel serial driver supports that. + +Note that if you have built and installed previous versions of this +package and you want to continue having configuration and TDB files in +/etc/ppp, you will need to use the --sysconfdir option to ./configure. + +For a list of the changes made during the 2.4 series releases of this +package, see the Changes-2.4 file. Compression methods. @@ -288,16 +123,16 @@ ever expand packets. Contacts. ********* -The comp.protocols.ppp newsgroup is a useful place to get help if you -have trouble getting your ppp connections to work. Please do not send -me questions of the form "please help me get connected to my ISP" - -I'm sorry, but I simply do not have the time to answer all the -questions like this that I get. +Most communication relating to this package happens on github at +https://github.com/ppp-project/ppp/. The linux-ppp@vger.kernel.org +mailing list also exists and can be used. -If you find bugs in this package, please report them to the maintainer -for the port for the operating system you are using: +If you find bugs in this package, the best thing to do is to create an +issue on github. If you can't or don't want to do that, you can post +to linux-ppp@vger.kernel.org, or report them to the maintainer for the +port for the operating system you are using: -Linux Paul Mackerras +Linux Paul Mackerras Solaris James Carlson