Frank Cusack [Tue, 24 Sep 2002 11:35:22 +0000 (11:35 +0000)]
Lose the poorly thought out OPT_A3OR option flag. Fix a CHAP negotiation bug
along the way -- if the peer nak'd with an chap digest we didn't support, we
would continue to offer our first choice digest.
Frank Cusack [Thu, 12 Sep 2002 05:41:49 +0000 (05:41 +0000)]
Add support for radius Class attribute. Possibly broken if chap is set to
re-authenticate and the radius server decides to change or add the Class
attribute on a subsequent (non-initial) authentication, but no more broken
than not handling it at all.
James Carlson [Mon, 9 Sep 2002 04:19:57 +0000 (04:19 +0000)]
484: make IPCP put all options in increasing numeric order in all cases.
Also fixed unrelated problem found during testing: the reqci handling
for the deprecated IP-Addresses option was setting go->ouraddr rather
than wo->ouraddr. This caused us to get confused about the meaning of
any subsequent Configure-{Ack,Reject} from the peer, since it made it
look as though the option was illegally modified by the peer.
James Carlson [Sat, 7 Sep 2002 05:15:25 +0000 (05:15 +0000)]
Added ability to detect and use either gcc or Sun WorkShop C compiler
on Solaris. Added support for Solaris 10. Quieted down warning in
ppp_comp.c due to bad preprocessor usage. Quieted WorkShop warnings
in options.c (casting of void * to function) and pppd.h (constant too
large). Tested in 32 and 64 bit modes with gcc and WorkShop.
make Octets-Direction flag accept value=4.
For NAS - it same as Octets-Direction = Maximum (3)
but on radius side maximum can be computed as
maximum in/out overal or per session/day/month/year...
David F. Skoll [Mon, 24 Jun 2002 12:57:15 +0000 (12:57 +0000)]
Patches from Frank Cusack:
- Avoid infinite loop (eventually running out of stack space) when doing
callback into ccp with MPPE enabled, by updating lcp_fsm state *before*
doing callbacks. Problem noted by Rustem Yumaev <rust@vostok-inc.com>.
- Add missing accounting attributes
- Update for newer automake; required to compile on RH 7.3
David F. Skoll [Mon, 10 Jun 2002 13:46:28 +0000 (13:46 +0000)]
Added "install-devel" Makefile target to install pppd headers required to
build pppd plugins. NOTE: Only works on Linux Makefiles; must be added for
other supported OS's.
David F. Skoll [Tue, 21 May 2002 17:26:49 +0000 (17:26 +0000)]
ECP patches from Frank Cusack:
- If encryption is required, don't bring up IP/IPv6/IPX until the
encryption negotiation has completed.
- Shut down LCP if the peer sends an LCP ConfRej instead of CCP ConfRej
to our MPPE offer. This fixes a bug where the server could not enforce
use of encryption in some cases.
- Don't send the M=<message> part of an MS-CHAPv2 success packet to peers
that don't know how to deal with it. This allows pre-win2k systems to
authenticate.
- Don't shut down lcp if MPPE was present in peer's CCP offer along with
other options. This allows pre-win2k systems to do MPPE (they offer
Stac LZS with MPPE).
- Add the beginnings of ecp.c.
- Other minor changes.
David F. Skoll [Fri, 1 Mar 2002 14:39:19 +0000 (14:39 +0000)]
Large patch from Frank Cusack <fcusack@fcusack.com> to add proper
support for MS-CHAP (client and server are now supported.)
Allow another plugin to select a different RADIUS server.
Modified radiusclient library to include two new APIs:
rc_acct_using_server and rc_auth_using_server in which caller specifies
which RADIUS servers to use, instead of using the default ones in the
config file. The /etc/radiusclient/servers file must still contain
secrets for those servers.
David F. Skoll [Tue, 12 Feb 2002 20:07:10 +0000 (20:07 +0000)]
Added new hooks:
snoop_send_hook and snoop_recv_hook allow plugins to watch the flow
of frames (typically we're interested in LCP frames). This is useful for
implementing L2TP, because the L2TP access concentrator would like to collect
some information from LCP and perhaps authentication protocols and forward
the information to the LNS.
Russell Coker [Fri, 11 Jan 2002 18:31:42 +0000 (18:31 +0000)]
Made setipaddr() non-static so it can be called from plugins (particularly
portslave).
Also fix a trivial multiple-definition warning in ppp/pppd/ipcp.c and a
comma-at-end-of-enum warning in ppp/pppd/pppd.h.