Paul Mackerras [Tue, 13 Jan 2004 03:55:52 +0000 (03:55 +0000)]
Change references to cuaN in examples and documentation to ttySN.
Yes, rather linux-centric, I know. Patch from Marco d'Itri
(Debian ppp package maintainer).
James Carlson [Mon, 28 Jul 2003 12:25:41 +0000 (12:25 +0000)]
Fixed the old chap.c so that it works with the new auth.c, since
existing makefiles still refer to chap.c for all but Linux.
Fixed unsolicited Configure-Nak handling in *_nakci -- usenet report
that 'while' loop terminates too early if there's a boolean.
Fixed tiny typo in chap-new.c comment.
Paul Mackerras [Wed, 11 Jun 2003 23:56:26 +0000 (23:56 +0000)]
New CHAP implementation, rewritten from scratch to avoid the code
copyrighted by the uncontactable Gregory Christy. The new code is
much cleaner and splits out all the digest-specific code to separate
files. Thus the CHAP-MD5 stuff is now in chap-md5.c and all the
CHAP-MS and CHAP-MSv2 stuff has moved into chap_ms.c, instead of
having half of it in chap.c.
There are a few minor differences in this implementation; we don't
retransmit responses, but instead just wait for a new challenge.
The success/failure messages are more boring as well. In fact the
digest code now sets the success/failure message.
CHAP_DIGEST_MD5 has been renamed to CHAP_MD5 for consistency.
There is a new function random_bytes() in magic.c, which generates
a string of random bytes.
Frank Cusack [Tue, 13 May 2003 01:25:36 +0000 (01:25 +0000)]
modify ppp_generic patch to avoid an if() test and extra additions on
every pass through ppp_send_frame(); make a 2.4.19+ version of it;
improve mppeinstall.sh.
Frank Cusack [Mon, 12 May 2003 07:31:36 +0000 (07:31 +0000)]
When not in demand mode, defer create_linkpidfile() until we successfully
get a ppp interface. This fixes a bug reported by belle_eden@caramail.com
where pppd might wipe out a still-running previous pppd's pid file.
Frank Cusack [Fri, 25 Apr 2003 08:10:46 +0000 (08:10 +0000)]
rc_get_seqnbr(): Avoid "fscanf failure" errors if the sequence file was
empty. This avoids a spurious error at startup if the sequence file is
kept in /var/run, which is cleared on reboot.
Paul Mackerras [Mon, 7 Apr 2003 00:01:46 +0000 (00:01 +0000)]
Revert the previous change that required channel send_config and
recv_config routines to return a status code. Instead we consider
that an error has occurred if the channel routine calls error()
or bumps error_count explicitly.
James Carlson [Mon, 31 Mar 2003 12:07:28 +0000 (12:07 +0000)]
Made path to 'ld' explicit when building kernel modules. This avoids
trouble with systems that have GNU ld installed and on the path before
the normal /usr/ccs/bin/ld that comes with the system.
Frank Cusack [Wed, 5 Mar 2003 23:01:28 +0000 (23:01 +0000)]
If the peer offers mppe stateful mode (H bit clear), accept it if
mppe-stateful was an option.
This bug wasn't discovered earlier because I haven't seen a system
that offers stateful mode "only". A bug report from Dmitry Glushenok
shows that Windows RRAS refuses stateless mode for dialup connections.
For dialup, it almost makes sense that one could use stateful mode safely,
but if you accept that argument (difficult to attack a dialup connection)
then it also follows that mppe as a whole is not useful over dialup.
Paul Mackerras [Mon, 3 Mar 2003 05:11:46 +0000 (05:11 +0000)]
A bunch of fixes mostly aimed at fixing the problems we have been
having with leaking fds and with fatal errors occurring when the link
goes down.
Updated patchlevel.h to 2.4.2b2.
Moved open of /dev/ppp to generic_establish_ppp; we now close the
ppp_dev_fd in generic_disestablish_ppp rather than trying to use
PPPIOCDETACH.
*_send_config and *_recv_config now return 0 for success or -1 for
error, rather than calling fatal() when an error occurs.
Added a notifier for when we fork so plugins can close their fds in
the child.
Added a safe_fork() which does a fork and then closes stuff in the
child; the parent waits until the child has done that.
On detach, the parent rewrites the pid files rather than the child,
and the child waits for the parent to die.
Fixed some potential FILE * leaks.
Also moved auth_number() check into auth_check_options.
Frank Cusack [Mon, 24 Feb 2003 12:46:37 +0000 (12:46 +0000)]
device_script(): fix our close() action for the case where in or out <= 2;
also don't leak [the original fd of] a dup()'d log_to_fd, when log_to_fd
is > 2.
Frank Cusack [Tue, 24 Dec 2002 00:34:13 +0000 (00:34 +0000)]
Improve MPPE rejection logic.
When doing MPPE, if the peer doesn't agree to it, we need to terminate
LCP. Older win* clients request Stac/LZS along with MPPE (because
MPPE overloads MPPC ... sigh). So if sending CONFREJ, we would keep
LCP up if we saw a CI_MPPE *at all*, because the CONFREJ may may have
been due to the Stac/LZS option. Now, we only keep LCP up if the MPPE
offer is acceptable.
Thanks to James Cameron for showing this problem in action.
Paul Mackerras [Fri, 6 Dec 2002 12:06:45 +0000 (12:06 +0000)]
Make sure we don't do FD_SET(fd, set) with fd >= FD_SETSIZE since
that could corrupt memory, and maybe could form the basis of an
attack on pppd. The problem was pointed out by Jun-ichiro itojun
Hagino.
Paul Mackerras [Fri, 6 Dec 2002 12:03:44 +0000 (12:03 +0000)]
More copyright updates. The new CMU copyright notice is from CMU and
now explicitly allows modifications. I have an acknowledgement from
ANU that the work I have done on pppd belongs to me and not to ANU,
so I have changed the ANU copyright notices to reflect this.
Paul Mackerras [Fri, 6 Dec 2002 09:49:16 +0000 (09:49 +0000)]
More copyright updates. The new CMU copyright notice is from CMU and
now explicitly allows modifications. I have an acknowledgement from
ANU that the work I have done on pppd belongs to me and not to ANU,
so I have changed the ANU copyright notices to reflect this.
Paul Mackerras [Wed, 4 Dec 2002 23:03:33 +0000 (23:03 +0000)]
Update copyrights. The new CMU copyright notice is from CMU and now
explicitly allows modifications. I have an acknowledgement from ANU
that the work I have done on pppd belongs to me and not to ANU, so I
have changed the ANU copyright notices to reflect this. I have emails
from Pedro Roque Marques, Tommi Komulainen and Eric Rosenquist giving
me permission to change their copyright notices to be similar to the
CMU notice.
Frank Cusack [Wed, 13 Nov 2002 18:19:26 +0000 (18:19 +0000)]
add rc_avpair_copy() and use it when sending user-specified av's. This
fixes a bug with a dangling pointer. Thanks to Peter Kjellerstedt for
the report and suggested fix.
James Carlson [Sat, 2 Nov 2002 19:48:13 +0000 (19:48 +0000)]
Added EAP support with MD5-Challenge and SRP-SHA1 methods. Tested
on Linux (with both methods) and on Solaris (just MD5-Challenge).
Fixed several Makefiles that were missing references to required
modules such as tty.o.