X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=README;h=588b7b87639ef47fdca6d724376c1175b1e4af12;hb=c975187f8ca49a2d2d02fbea0dc7dd7115cba052;hp=321eb2eb56d565a7a4db94c27f41db4a4cc2176a;hpb=7ec1f3dd14f3bd5f11c5a11ce358a14f2678d80e;p=ppp.git diff --git a/README b/README index 321eb2e..588b7b8 100644 --- a/README +++ b/README @@ -1,6 +1,7 @@ -This is the README file for ppp-2.4, a package which implements the +This is the README file for ppp-2.5, a package which implements the Point-to-Point Protocol (PPP) to provide Internet connections over -serial lines. +serial lines and other types of links which can be considered to be +point-to-point links. Introduction. @@ -9,7 +10,7 @@ Introduction. The Point-to-Point Protocol (PPP) provides a standard way to establish a network connection over a serial link. At present, this package supports IP and IPV6 and the protocols layered above them, such as TCP -and UDP. The Linux port of this package also has support for IPX. +and UDP. This PPP implementation consists of two parts: @@ -61,8 +62,28 @@ use any IP address. (This only applies where the peer is authenticating itself to you, of course.) -What's new in ppp-2.5.0. -************************ +What's new in ppp-2.5.1 +*********************** + +* Pppd can now measure and log the round-trip time (RTT) of LCP + echo-requests and record them in a binary file structured as a + circular buffer. Other programs or scripts can examine the file and + provide real-time statistics on link latency. This is enabled by a + new "lcp-rtt-file" option. + +* New scripts net-init, net-pre-up and net-down are executed in the + process of bringing the network interface up and down. They provide + additional, more deterministic ways for pppd to interact with the + rest of the networking configuration. + +* Pppd will now create the directory for the TDB connection database + if it doesn't already exist. + +* Various other bug fixes and minor enhancements. + + +What was new in ppp-2.5.0. +************************** The 2.5.0 release is a major release of pppd which contains breaking changes for third-party plugins, a complete revamp of the build-system @@ -77,296 +98,34 @@ In Summary: * Bunch of fixes and cleanup to PPPoE and IPv6 support by Pali Rohár. * Major revision to PPPD's Plugin API by Eivind Næss. - Defines in which describes what features was included in pppd - - Function now prefixed with explicit ppp_* to indicate it's a + - Functions now prefixed with explicit ppp_* to indicate that pppd functions being called. - - Header files was renamed to better align with their features - and use of proper include guards - - A pppdconf.h files is supplied to allow third-party use the same - feature defines pppd was compiled with. + - Header files were renamed to better align with their features, + and now use proper include guards + - A pppdconf.h file is supplied to allow third-party modules to use + the same feature defines pppd was compiled with. - No extern declarations of internal variable names of pppd, continued use of these extern variables are considered unstable. * Lots of internal fixes and cleanups for Radius and PPPoE by Jaco Kroon -* Dropped IPX support, as Linux 5.15 already have dropped support +* Dropped IPX support, as Linux has dropped support in version 5.15 for this protocol. * Many more fixes and cleanups. - - -What's new in ppp-2.4.9. -************************ - -* Support for new EAP (Extensible Authentication Protocol) methods: - - Support for EAP-TLS, from Jan Just Keijser and others - - Support for EAP-MSCHAPv2, from Eivind Næss, Thomas Omerzu, Tijs - Van Buggenhout and others - +* Pppd is no longer installed setuid-root. * New pppd options: - - chap-timeout - - chapms-strip-domain - - replacedefaultroute - - noreplacedefaultroute - - ipv6cp-accept-remote - - lcp-echo-adaptive - - ip-up-script - - ip-down-script - - ca - - capath - - cert - - key - - crl-dir - - crl - - max-tls-version - - need-peer-eap - -* Fixes for CVE-2020-8597 and CVE-2015-3310. - -* libpcap is now required when compiling on Linux (previously, if - libpcap was not present, pppd would be compiled without packet - filtering support). - -* The rp-pppoe plugin has been renamed to pppoe, to distinguish it - from the upstream rp-pppoe code. Its options have changed names, - but the old names are kept as aliases. - -* The configure script now supports cross-compilation. - -* Many bug fixes and cleanups. - - -What was new in ppp-2.4.8. -************************** - -* New pppd options have been added: - - ifname, to set the name for the PPP interface device - - defaultroute-metric, to set the metric for the default route - - defaultroute6, to add an IPv6 default route (with nodefaultroute6 - to prevent adding an IPv6 default route) - - up_sdnotify, to have pppd notify systemd when the link is up. - -* The rp-pppoe plugin has new options: - - host-uniq, to set the Host-Uniq value to send - - pppoe-padi-timeout, to set the timeout for discovery packets - - pppoe-padi-attempts, to set the number of discovery attempts. - -* Added the CLASS attribute in radius packets. - -* Sundry bug fixes. - -* Fixed warnings and issues found by static analysis. - -* Added Submitting-patches.md. - - -What was new in ppp-2.4.7. -************************** - -* Fixed a potential security issue in parsing option files (CVE-2014-3158). - -* There is a new "stop-bits" option, which takes an argument of 1 or 2, - indicating the number of stop bits to use for async serial ports. - -* Various bug fixes. - - -What was new in ppp-2.4.6. -************************** - -* Man page updates. - -* Several bug fixes. - -* Options files can now set and unset environment variables for - scripts. - -* The timeout for chat scripts can now be taken from an environment - variable. - -* There is a new option, master_detach, which allows pppd to detach - from the controlling terminal when it is the multilink bundle master - but its own link has terminated, even if the nodetach option has - been given. - - -What was new in ppp-2.4.5. -************************** - -* Under Linux, pppd can now operate in a mode where it doesn't request - the peer's IP address, as some peers refuse to supply an IP address. - Since Linux supports device routes as well as gateway routes, it's - possible to have no remote IP address assigned to the ppp interface - and still route traffic over it. - -* Pppd now works better with 3G modems that do strange things such as - sending IPCP Configure-Naks with the same values over and over again. - -* The PPP over L2TP plugin is included, which works with the pppol2tp - PPP channel code in the Linux kernel. This allows pppd to be used - to set up tunnels using the Layer 2 Tunneling Protocol. - -* A new 'enable-session' option has been added, which enables session - accounting via PAM or wtwp/wtmpx, as appropriate. See the pppd man - page for details. - -* Several bugs have been fixed. - - -What was new in ppp-2.4.4. -************************** - -* Pppd will now run /etc/ppp/ip-pre-up, if it exists, after creating - the ppp interface and configuring its IP addresses but before - bringing it up. This can be used, for example, for adding firewall - rules for the interface. - -* Lots of bugs fixed, particularly in the area of demand-dialled and - persistent connections. - -* The rp-pppoe plugin now accepts any interface name (that isn't an - existing pppd option name) without putting "nic-" on the front of - it, not just eth*, nas*, tap* and br*. - - -What was new in ppp-2.4.3. -************************** - -* The configure script now accepts --prefix and --sysconfdir options. - These default to /usr/local and /etc. If you want pppd put in - /usr/sbin as before, use ./configure --prefix=/usr. - -* Doing `make install' no longer puts example configuration files in - /etc/ppp. Use `make install-etcppp' if you want that. - -* The code has been updated to work with version 0.8.3 of libpcap. - Unfortunately the libpcap maintainers removed support for the - "inbound" and "outbound" keywords on PPP links, meaning that if you - link pppd with libpcap-0.8.3, you can't use those keywords in the - active-filter and pass-filter expressions. The support has been - reinstated in the CVS version and should be in future libpcap - releases. If you need the in/outbound keywords, use a later release - than 0.8.3, or get the CVS version from http://www.tcpdump.org. - -* There is a new option, child-timeout, which sets the length of time - that pppd will wait for child processes (such as the command - specified with the pty option) to exit before exiting itself. It - defaults to 5 seconds. After the timeout, pppd will send a SIGTERM - to any remaining child processes and exit. A value of 0 means no - timeout. - -* Various bugs have been fixed, including some CBCP packet parsing - bugs that could lead to the peer being able to crash pppd if CBCP - support is enabled. - -* Various fixes and enhancements to the radius and rp-pppoe plugins - have been added. - -* There is a new winbind plugin, from Andrew Bartlet of the Samba - team, which provides the ability to authenticate the peer against an - NT domain controller using MS-CHAP or MS-CHAPV2. - -* There is a new pppoatm plugin, by various authors, sent in by David - Woodhouse. - -* The multilink code has been substantially reworked. The first pppd - for a bundle still controls the ppp interface, but it doesn't exit - until all the links in the bundle have terminated. If the first - pppd is signalled to exit, it signals all the other pppds - controlling links in the bundle. - -* The TDB code has been updated to the latest version. This should - eliminate the problem that some people have seen where the database - file (/var/run/pppd.tdb) keeps on growing. Unfortunately, however, - the new code uses an incompatible database format. For this reason, - pppd now uses /var/run/pppd2.tdb as the database filename. - - -What was new in ppp-2.4.2. -************************** - -* The CHAP code has been rewritten. Pppd now has support for MS-CHAP - V1 and V2 authentication, both as server and client. The new CHAP - code is cleaner than the old code and avoids some copyright problems - that existed in the old code. - -* MPPE (Microsoft Point-to-Point Encryption) support has been added, - although the current implementation shouldn't be considered - completely secure. (There is no assurance that the current code - won't ever transmit an unencrypted packet.) - -* James Carlson's implementation of the Extensible Authentication - Protocol (EAP) has been added. - -* Support for the Encryption Control Protocol (ECP) has been added. - -* Some new plug-ins have been included: - - A plug-in for kernel-mode PPPoE (PPP over Ethernet) - - A plug-in for supplying the PAP password over a pipe from another - process - - A plug-in for authenticating using a Radius server. - -* Updates and bug-fixes for the Solaris port. - -* The CBCP (Call Back Control Protocol) code has been updated. There - are new options `remotenumber' and `allow-number'. - -* Extra hooks for plugins to use have been added. - -* There is now a `maxoctets' option, which causes pppd to terminate - the link once the number of bytes passed on the link exceeds a given - value. - -* There are now options to control whether pppd can use the IPCP - IP-Address and IP-Addresses options: `ipcp-no-address' and - `ipcp-no-addresses'. - -* Fixed several bugs, including potential buffer overflows in chat. - - -What was new in ppp-2.4.1. -************************** - -* Pppd can now print out the set of options that are in effect. The - new `dump' option causes pppd to print out the option values after - option parsing is complete. The `dryrun' option causes pppd to - print the options and then exit. - -* The option parsing code has been fixed so that options in the - per-tty options file are parsed correctly, and don't override values - from the command line in most cases. - -* The plugin option now looks in /usr/lib/pppd/ (for - example, /usr/lib/pppd/2.4.1b1) for shared objects for plugins if - there is no slash in the plugin name. - -* When loading a plugin, pppd will now check the version of pppd for - which the plugin was compiled, and refuse to load it if it is - different to pppd's version string. To enable this, the plugin - source needs to #include "pppd.h" and have a line saying: - char pppd_version[] = VERSION; - -* There is a bug in zlib, discovered by James Carlson, which can cause - kernel memory corruption if Deflate is used with the lowest setting, - 8. As a workaround pppd will now insist on using at least 9. - -* Pppd should compile on Solaris and SunOS again. - -* Pppd should now set the MTU correctly on demand-dialled interfaces. - - -What was new in ppp-2.4.0. -************************** - -* Multilink: this package now allows you to combine multiple serial - links into one logical link or `bundle', for increased bandwidth and - reduced latency. This is currently only supported under the - 2.4.x and later Linux kernels. - -* All the pppd processes running on a system now write information - into a common database. I used the `tdb' code from samba for this. + - ipv6cp-noremote, ipv6cp-nosend, ipv6cp-use-remotenumber, + ipv6-up-script, ipv6-down-script + - -v, show-options + - usepeerwins, ipcp-no-address, ipcp-no-addresses, nosendip +* On Linux, any baud rate can be set on a serial port provided the + kernel serial driver supports that. -* New hooks have been added. +Note that if you have built and installed previous versions of this +package and you want to continue having configuration and TDB files in +/etc/ppp, you will need to use the --sysconfdir option to ./configure. -For a list of the changes made during the 2.3 series releases of this -package, see the Changes-2.3 file. +For a list of the changes made during the 2.4 series releases of this +package, see the Changes-2.4 file. Compression methods. @@ -384,16 +143,16 @@ ever expand packets. Contacts. ********* -The comp.protocols.ppp newsgroup is a useful place to get help if you -have trouble getting your ppp connections to work. Please do not send -me questions of the form "please help me get connected to my ISP" - -I'm sorry, but I simply do not have the time to answer all the -questions like this that I get. +Most communication relating to this package happens on github at +https://github.com/ppp-project/ppp/. The linux-ppp@vger.kernel.org +mailing list also exists and can be used. -If you find bugs in this package, please report them to the maintainer -for the port for the operating system you are using: +If you find bugs in this package, the best thing to do is to create an +issue on github. If you can't or don't want to do that, you can post +to linux-ppp@vger.kernel.org, or report them to the maintainer for the +port for the operating system you are using: -Linux Paul Mackerras +Linux Paul Mackerras Solaris James Carlson