Change my paulus@samba.org email address to paulus@ozlabs.org Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Header file reorganization and cleaning up the public API for pppd version 2.5.0 (#379) This commit does several things, being a squash-and-merge of a series of changes; squashed in order not to break bisection. * Clean up pppd.h, moving declarations that should only be accessed by pppd code (not by users of pppd) to a new pppd-private.h. Also, other parts of pppd.h were moved to multilink.h, chap.h, eap.h, eui64.h, and a new options.h. * Provide an API for access to data that is needed by plugins (in no particular order): - ifname - ifunit - remote_name - remote_number - peer_authname - status (now called "code" internally) - phase - doing_multilink - multilink_master - idle_time_limit - link_connect_time - max_connect_time - link_stats - ipparam - hostname - got_sigterm - got_sigusr2 - got_sighup - session_number - maxoctets - maxoctets_dir - debug - persist - devnam - modem - peer_authname - sync_serial * Update the version number to 2.5.0. * Detect availability of stddef.h and stdarg.h. * Rename some headers: - pppcrypt.c/h to crypto_ms.c/h - ppp-crypto.c/h to crypto.c/h - ppp-crypto-priv.h to crypto-priv.h - chap-new.c/h to chap.c/h * Remove chap-md5.h, crypto-priv.h, eap-tls.h, etc. from the list of header files to be installed. * Provide typedefs for the hook functions. * Provide a typedef for the "phase" variable. * Provide a typedef for the link statistics array. * Remove the option_t typedef. * Rename the following functions by adding a "ppp_" prefix (with the intention that these are a "public" API for use by plugins): - option_error - add_options - int_option, - options_from_file - script_setenv - bad_ip_adrs, - netif_get/set_mtu (renamed to ppp_get/set_mtu) - get_time - timeout - untimeout - safe_fork - sys_close - set_session_number - update_link_stats (renamed to ppp_get_link_stats) - add_notifier (renamed to ppp_add_notify) - remove_notifier (renamed to ppp_del_notify) - generic_[dis]establish_ppp (to ppp_generic_[dis]establish) * Rename ppp_devnam to ppp_devname. * Rename ppp_available() to ppp_check_kernel_support(). * Use unsigned char instead of u_char, unsigned short instead of u_short, uint32_t instead of u_int32_t. * Add const to some declarations * Update comments * Change the interface for notifiers to use an enum to identify which notifier is to be modified. * Provide an API for getting the path to a file, with an enum to identify different types of file. * Link plugins with the -DPLUGIN flag [paulus@ozlabs.org - wrote commit message] Signed-off-by: Eivind Næss <eivnaes@yahoo.com> Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Remove old CHAP implementation
Fixed the old chap.c so that it works with the new auth.c, since existing makefiles still refer to chap.c for all but Linux. Fixed unsolicited Configure-Nak handling in *_nakci -- usenet report that 'while' loop terminates too early if there's a boolean. Fixed tiny typo in chap-new.c comment.
quiet the compiler, at the expense of #ifdef madness
make it compile correctly if CHAPMS is not enabled
Update copyrights. The new CMU copyright notice is from CMU and now explicitly allows modifications. I have an acknowledgement from ANU that the work I have done on pppd belongs to me and not to ANU, so I have changed the ANU copyright notices to reflect this. I have emails from Pedro Roque Marques, Tommi Komulainen and Eric Rosenquist giving me permission to change their copyright notices to be similar to the CMU notice.
ChapReceiveResponse(): "clean" remote name.
Log calling number failed authorization at warn instead of error, to be consistent with chap/pap failed authentication log level. (And it doesn't merit "error".)
- more authentication logging uniformity . remove duplicate logging from auth.c, now in upap.c . auth success logs at info, auth fail at warn, auth with_peer fail at error - add remote number checks after authentication in case a plugin modifies authorization info - log remote number on successful/no auth - streamline null termination of remote name for logging
Make authentication success/failure messages uniform.
Patches from Frank Cusack.
ECP patches from Frank Cusack: - If encryption is required, don't bring up IP/IPv6/IPX until the encryption negotiation has completed. - Shut down LCP if the peer sends an LCP ConfRej instead of CCP ConfRej to our MPPE offer. This fixes a bug where the server could not enforce use of encryption in some cases. - Don't send the M=<message> part of an MS-CHAPv2 success packet to peers that don't know how to deal with it. This allows pre-win2k systems to authenticate. - Don't shut down lcp if MPPE was present in peer's CCP offer along with other options. This allows pre-win2k systems to do MPPE (they offer Stac LZS with MPPE). - Add the beginnings of ecp.c. - Other minor changes.
Corrected Linux MPPE kernel modules (Frank Cusack) Corrected minor bug in chap.c (Frank Cusack) Allow domain\user in MSCHAPv2 (Frank Cusack)
First large MPPE patch from Frank Cusack.
Patch from Frank Cusack to add support for MSCHAPv2. Enhanced radiusclient to support INCLUDE lines in dictionary.
Patch from Frank Cusack to make RADIUS plugin support MS-CHAP authentication.
Large patch from Frank Cusack <fcusack@fcusack.com> to add proper support for MS-CHAP (client and server are now supported.) Allow another plugin to select a different RADIUS server. Modified radiusclient library to include two new APIs: rc_acct_using_server and rc_auth_using_server in which caller specifies which RADIUS servers to use, instead of using the default ones in the config file. The /etc/radiusclient/servers file must still contain secrets for those servers.
Added RADIUS suppport.
New options system with priorities for option values, with options grouped into groups where necessary, so the command line overrides the per-tty options file, plus the ability to print out the set of options currently in effect. Some options moved from lcp.c to tty.c.