Paul Mackerras [Thu, 4 Nov 2004 10:07:37 +0000 (10:07 +0000)]
Fix an fd leak on the discovery socket.
Remove some unused code.
Paul Mackerras [Thu, 4 Nov 2004 10:05:23 +0000 (10:05 +0000)]
Take out some ancient debugging code.
Paul Mackerras [Thu, 4 Nov 2004 10:02:26 +0000 (10:02 +0000)]
Remove the requirement that redistributions in binary form reproduce
the copyright conditions in documentation from my copyright notice.
It still remains in CMU's and others' copyright notices.
Paul Mackerras [Thu, 4 Nov 2004 09:59:12 +0000 (09:59 +0000)]
Fix the error message when a device name and the socket option
are both specified. Make it clearer how ttyfd gets set.
Paul Mackerras [Thu, 4 Nov 2004 09:57:42 +0000 (09:57 +0000)]
document the child-timeout option
Paul Mackerras [Thu, 4 Nov 2004 09:56:26 +0000 (09:56 +0000)]
Don't log messages in signal handlers; defer it to mainline
Logging in signal handlers can cause deadlocks.
Paul Mackerras [Thu, 4 Nov 2004 09:46:50 +0000 (09:46 +0000)]
Add a timeout when waiting for child processes to exit before pppd
exits. Send a SIGTERM to the child processes if the timeout expires
or if pppd gets a SIGTERM or SIGINT itself.
Paul Mackerras [Wed, 3 Nov 2004 11:51:47 +0000 (11:51 +0000)]
remove duplicate $(CDEFS)
Paul Mackerras [Mon, 1 Nov 2004 09:31:07 +0000 (09:31 +0000)]
Use Makedefs.com rather than solaris/Makedefs, since Makedefs.com
has @DESTDIR@ etc. substituted.
Move installation of kernel modules to a install-modules target
so that it can be compiled and installed in an alternate directory
as non-root for the build farm.
Paul Mackerras [Mon, 1 Nov 2004 03:54:47 +0000 (03:54 +0000)]
Fix construction of $ksrc/Makefile for Solaris
Paul Mackerras [Mon, 1 Nov 2004 03:49:20 +0000 (03:49 +0000)]
Only compile in filtering if /usr/include/pcap-bpf.h exists.
Paul Mackerras [Sun, 31 Oct 2004 22:26:25 +0000 (22:26 +0000)]
Add installcheck targets to keep the autobuilder happy
(see http://build.samba.org/)
Paul Mackerras [Sun, 31 Oct 2004 22:23:18 +0000 (22:23 +0000)]
Remove dependencies on CHAPMS definition in header files.
Fix bug in filling in mdtype field when we NAK and suggest CHAP.
Ask for/suggest MD5 before MSCHAP{v2,} digest.
Paul Mackerras [Sun, 31 Oct 2004 22:09:03 +0000 (22:09 +0000)]
Take out the -o root argument to install. It is the default anyway
when installing as root, and it causes errors in the build farm testing.
Paul Mackerras [Sun, 31 Oct 2004 21:31:01 +0000 (21:31 +0000)]
Cope better when prototype Makefiles don't exist.
Restore $archvariant stuff for solaris.
Paul Mackerras [Sun, 31 Oct 2004 21:27:24 +0000 (21:27 +0000)]
Put man pages in /usr/share/man under Linux.
Paul Mackerras [Sun, 31 Oct 2004 00:06:18 +0000 (00:06 +0000)]
Support --prefix and --sysconfdir on Solaris too
Paul Mackerras [Fri, 29 Oct 2004 00:12:27 +0000 (00:12 +0000)]
Add --prefix and --sysconfdir options to configure, and put
@DESTDIR@ and @SYSCONF@ tags in various Makefile.linux files.
These tags get expanded by configure.
Paul Mackerras [Thu, 28 Oct 2004 00:33:47 +0000 (00:33 +0000)]
Patch from Robert Vogelgesang:
This patch enables plugins called via hooks/notifiers triggered
by this call to lcp_close() to see status set here.
Otherwise (i. e. without this patch) the RADIUS plugin has
no chance to set the attribute PW_ACCT_TERMINATE_CAUSE to the
value PW_ACCT_SESSION_TIMEOUT.
Paul Mackerras [Thu, 28 Oct 2004 00:32:32 +0000 (00:32 +0000)]
Patch from Robert Vogelgesang:
This patch fixes the link statistics for connections that
go through multiple IPCP up-down cycles. Such connections
happen typically in a setup where pppd is used as a back-end
by a L2TP daemon, in case the PPP session at the other side
of the L2TP tunnel reconnects, but the L2TP daemon at that
side just reuses the old L2TP tunnel instead of creating a
new one.
The patch is most important when RADIUS accounting is in use:
Each IPCP-down initiates a RADIUS-Accounting-Stop packet, which
indicates the end of a session. Without this patch, the
accounting information in each subsequent RADIUS-Accounting-Stop
packet of the very same connection would contain cumulative
data since the connection start, but not the data of the last
"sub-session"; in other words, the accounting data sent to
the RADIUS server would indicate that the client had used much
more session time and transfered much more data.
NOTE: The problem fixed by this patch exists even when the
radius plugin is not in use; when extracting accounting data
from the syslog, you can work around the bug, because you
can see there that the same instance of pppd had multiple
sessions; you cannot see this in the RADIUS accounting data.
Furthermore, this patch suppresses duplicate printing/syslogging
of identical data.
Paul Mackerras [Thu, 28 Oct 2004 00:24:40 +0000 (00:24 +0000)]
Patch from Robert Vogelgesang:
This patch does two things:
o It adds some debugging messages.
o "cleanup()" will no longer be added to the link_down_notifier
chain.
The debugging messages are obvious.
The problem with cleanup() in the link_down_notifier chain is only
half-way that there could be cases where the link would go up again
and without a further authentication -- I just don't know if this
can happen. But this part of the patch is a work-around for a
_real_ problem/bug in the radius plugin (not the radattr plugin):
The radius plugin calls functions registered via the
radius_attributes_hook after each PAP authentication (which is
correct), but only after the _first_ successful CHAP authentication
during a session. Subsequent CHAP authentications are performed,
but the radius_attributes_hook will not be processed again.
This can happen in a setup where pppd is used as a back-end
by a L2TP daemon, in case the PPP session at the other side
of the L2TP tunnel reconnects, but the L2TP daemon at that
side just reuses the old L2TP tunnel instead of creating a
new one. In such situations, an incomming follow-up session
via an existing T2TP tunnel would re-use the same instance of
pppd; the incomming CHAP authentication would first tear down
the old session, which in turn would call the link_down_notifier.
When the _subsequent_ CHAP authentication succeeds, there is
currently no call to the function assigned to
radius_attributes_hook (here: print_attributes(); THIS BUG
REMAINS AND NEEDS TO BE FIXED).
To summarize: The radius plugin calls the function registered
via the radius_attributes_hook after _each_ successful PAP
authentication, but only after the _first_ successful CHAP
authentication; radius_attributes_hook _should_ be processed
after _each_ successful CHAP authentication.
I have currently no patch for this bug; furthermore, I should
first contact the author of the radius plugin and ask him,
_why_ he has programmed a special handling of subsequent
CHAP authentications.
With the following patch, the follow-up session can re-use the
radattr-file left over from the previous session, which is OK
in our application, but may cause problems in others.
Note: This is only a problem when CHAP is used; subsequent
sessions authenticated with PAP are OK, with and without this
patch.
Paul Mackerras [Thu, 28 Oct 2004 00:22:54 +0000 (00:22 +0000)]
Remove compile warning resulting from chap_verify_hook prototype change.
Paul Mackerras [Thu, 28 Oct 2004 00:21:48 +0000 (00:21 +0000)]
Patch from Robert Vogelgesang:
This patch avoids duplicate session IDs in RADIUS accounting,
when the same pppd instance has multiple sessions during
the same second. This can happen when you have a really
fast RADIUS server and fast clients, e. g. when using pppd
as a back-end for PPPoE (either directly or via L2TP).
Paul Mackerras [Thu, 28 Oct 2004 00:16:37 +0000 (00:16 +0000)]
Get rid of an unnecessary chmod (it wasn't being used on Linux anyway).
Paul Mackerras [Thu, 28 Oct 2004 00:15:36 +0000 (00:15 +0000)]
Fix some places where we weren't checking the received
packets carefully enough.
Paul Mackerras [Thu, 28 Oct 2004 00:15:08 +0000 (00:15 +0000)]
Make the filtering stuff work with recent versions of libpcap.
Paul Mackerras [Sun, 24 Oct 2004 23:53:05 +0000 (23:53 +0000)]
Don't prepend /dev/ to a possible device name if it already begins
with '/' (i.e. just check for / instead of /dev/ as before).
This allows /udev/blah to be used as a tty device name.
Requested by Pawel Sakowski.
Paul Mackerras [Sun, 24 Oct 2004 23:31:20 +0000 (23:31 +0000)]
Don't use unsigned long in the SHA1 code; we want 32-bit variables
and unsigned long is 64 bits on 64-bit platforms. Use unsigned int
or u_int32_t instead. Pointed out by Oleg Makarenko.
Paul Mackerras [Sun, 24 Oct 2004 23:26:19 +0000 (23:26 +0000)]
Fix use-after-free bug where we were freeing the per-user options
set in the secrets file before they were used. Patch from
Michael Tokarev.
Paul Mackerras [Sun, 24 Oct 2004 23:18:50 +0000 (23:18 +0000)]
Tolerate EINTR on tcsetattr in set_up_tty - just retry.
Paul Mackerras [Sun, 24 Oct 2004 23:13:16 +0000 (23:13 +0000)]
Close the device fd in device_script() if the channel plugin doesn't
have a close function. Change suggested by Alan Hourihane.
Paul Mackerras [Sun, 24 Oct 2004 23:06:31 +0000 (23:06 +0000)]
Allow pppoe to be used on bridging interfaces (br*).
Get rid of OldDevnameHook, which was never used.
Frank Cusack [Tue, 4 May 2004 12:30:18 +0000 (12:30 +0000)]
Handle PFC on rx side, efficiently, thanks to Jan Dubiec.
Frank Cusack [Tue, 27 Apr 2004 18:22:58 +0000 (18:22 +0000)]
fix typos noticed by James Cameron.
James Carlson [Wed, 14 Apr 2004 02:39:39 +0000 (02:39 +0000)]
Tested with MS-CHAP and CBCP options on Solaris and added options
to makefile.
Repaired support for use of gcc on Solaris x86 -- 32 bit modules also
need -fno-builtin.
MPPE changes broke plain MS-CHAP; repaired errors and cleaned up
compilation warnings due to char/unsigned char differences with non-gcc
compilers.
Paul Mackerras [Mon, 12 Apr 2004 11:20:19 +0000 (11:20 +0000)]
Set up the mask of signals we handle in one place not too
Remove unnecessary sigaddset in kill_my_pg
Alexandr D. Kanevskiy [Mon, 12 Apr 2004 05:41:01 +0000 (05:41 +0000)]
tidy up shell scripting, common radvd path in examples
Alexandr D. Kanevskiy [Mon, 12 Apr 2004 05:25:06 +0000 (05:25 +0000)]
example fix
Alexandr D. Kanevskiy [Mon, 12 Apr 2004 05:16:37 +0000 (05:16 +0000)]
add support of Port-Type=Sync
Alexandr D. Kanevskiy [Mon, 12 Apr 2004 05:14:53 +0000 (05:14 +0000)]
add support of Port-Type=Sync
Alexandr D. Kanevskiy [Mon, 12 Apr 2004 05:02:00 +0000 (05:02 +0000)]
fix random signals blocking in handle_events()
Alexandr D. Kanevskiy [Mon, 12 Apr 2004 04:53:00 +0000 (04:53 +0000)]
fix random signals blocking in kill_my_pg()
Alexandr D. Kanevskiy [Fri, 26 Mar 2004 13:27:17 +0000 (13:27 +0000)]
Describe avpair in pppd-radius.8
Add support for:
NAS-Port-Type (Async/Virtual)
Acct-Terminate-Cause
Selectable NAS-Port-Id equal to interface number or try map via libradiusclient
Frank Cusack [Tue, 23 Mar 2004 23:31:45 +0000 (23:31 +0000)]
MPPE for 2.6.
Contributed by Thomas Sjolshagen <thomas.sjolshagen@hp.com> and
James Cameron <james.cameron@hp.com>
James Carlson [Mon, 2 Feb 2004 03:57:19 +0000 (03:57 +0000)]
Fixed bad next-state in previous delta; need to go to Stopping state
when Protocol-Reject is seen in Opened state.
Paul Mackerras [Mon, 2 Feb 2004 03:40:12 +0000 (03:40 +0000)]
Fix kill_my_pg, and add a big fat comment explaining why
the previous "fix" was wrong.
James Carlson [Mon, 2 Feb 2004 02:52:51 +0000 (02:52 +0000)]
Allow *-max-terminate to be set to zero -- meaning that one Terminate-
Request will be sent, but no waiting will be done. Fixed termination
code so that link statistics are printed only once.
James Carlson [Sat, 17 Jan 2004 05:47:55 +0000 (05:47 +0000)]
Fixed compilation failure on Solaris due to new CHAP (missing chap-md5.o
in makefile).
Updated ppp_mod so that it will work with Solaris 10 and beyond
(identify entry point is now obsolete).
Fixed warnings in chat, bsd-comp, deflate, vjcompress, chap-new,
sys-solaris, tty, pppdump, ppp_comp.
Paul Mackerras [Thu, 15 Jan 2004 05:09:00 +0000 (05:09 +0000)]
Describe DNS1 and DNS2 environment variables.
Paul Mackerras [Tue, 13 Jan 2004 04:46:52 +0000 (04:46 +0000)]
Update
Paul Mackerras [Tue, 13 Jan 2004 04:17:59 +0000 (04:17 +0000)]
Don't change serial port permissions under Linux, since the
kernel driver blocks normal writes anyway.
Paul Mackerras [Tue, 13 Jan 2004 04:13:08 +0000 (04:13 +0000)]
Remove the code that handles the %r format, since it isn't used
and breaks on S/390.
Paul Mackerras [Tue, 13 Jan 2004 04:12:31 +0000 (04:12 +0000)]
Check for EAGAIN as well as EWOULDBLOCK, since they are
different under Linux on parisc.
Paul Mackerras [Tue, 13 Jan 2004 04:04:52 +0000 (04:04 +0000)]
Note that the inbound and outbound qualifiers can be used with
active-filter. Patch sent in by Marco d'Itri.
Paul Mackerras [Tue, 13 Jan 2004 04:03:58 +0000 (04:03 +0000)]
PPPoE updates: don't exit if discovery fails, cope with both
protocol field compression and no compression, recognize
nasXXX and tapXXX as devices over which we can do PPPoE.
Patches sent by Marco d'Itri.
Paul Mackerras [Tue, 13 Jan 2004 04:02:07 +0000 (04:02 +0000)]
Invoke options.ttyxx even if the dev directory isn't at the root
(e.g. if the tty device is /ram1/dev/ttyS0). Patch sent in by
Marco d'Itri.
Paul Mackerras [Tue, 13 Jan 2004 04:00:34 +0000 (04:00 +0000)]
Don't fall over if the channel doesn't have a disconnect method.
Paul Mackerras [Tue, 13 Jan 2004 03:59:37 +0000 (03:59 +0000)]
Fix a compile warning (IPPROTO_TCP redefined).
Paul Mackerras [Tue, 13 Jan 2004 03:59:06 +0000 (03:59 +0000)]
Always set the DNS1 and DNS2 environment variables from scripts,
even if we didn't explicitly ask the peer to send them. Patch from
Marco d'Itri.
Paul Mackerras [Tue, 13 Jan 2004 03:57:55 +0000 (03:57 +0000)]
Change some Makefile.linux files to use COPTS and CFLAGS the same way
that pppd/Makefile.linux does.
Paul Mackerras [Tue, 13 Jan 2004 03:55:52 +0000 (03:55 +0000)]
Change references to cuaN in examples and documentation to ttySN.
Yes, rather linux-centric, I know. Patch from Marco d'Itri
(Debian ppp package maintainer).
Paul Mackerras [Sun, 11 Jan 2004 08:01:30 +0000 (08:01 +0000)]
Fix off-by-one error in radius MS-CHAPv2 verification.
Patch from Anton Golubev.
Alexandr D. Kanevskiy [Wed, 17 Dec 2003 08:56:05 +0000 (08:56 +0000)]
bugfix from Erich Schubert (erich at debian.org)
Paul Mackerras [Thu, 27 Nov 2003 22:22:36 +0000 (22:22 +0000)]
Fix the ID string
Paul Mackerras [Thu, 27 Nov 2003 22:16:24 +0000 (22:16 +0000)]
Remove old CHAP implementation
Paul Mackerras [Thu, 27 Nov 2003 21:55:19 +0000 (21:55 +0000)]
Enable PPP filtering by default on Linux.
Paul Mackerras [Thu, 27 Nov 2003 21:32:03 +0000 (21:32 +0000)]
Update my email address.
Paul Mackerras [Thu, 27 Nov 2003 21:25:25 +0000 (21:25 +0000)]
Remove references to the old CHAP code.
Paul Mackerras [Tue, 25 Nov 2003 11:50:10 +0000 (11:50 +0000)]
Update this for the new CHAP code. Untested.
Paul Mackerras [Tue, 25 Nov 2003 11:49:36 +0000 (11:49 +0000)]
Update to 2.4.2
Alexandr D. Kanevskiy [Tue, 23 Sep 2003 15:11:58 +0000 (15:11 +0000)]
fix a bug reported by Morgan Nelson.
Confirmed on RedHat/ASPLinux 9
James Carlson [Mon, 28 Jul 2003 12:25:41 +0000 (12:25 +0000)]
Fixed the old chap.c so that it works with the new auth.c, since
existing makefiles still refer to chap.c for all but Linux.
Fixed unsolicited Configure-Nak handling in *_nakci -- usenet report
that 'while' loop terminates too early if there's a boolean.
Fixed tiny typo in chap-new.c comment.
Frank Cusack [Thu, 10 Jul 2003 17:59:33 +0000 (17:59 +0000)]
skip response length byte before handling the response itself,
thx to Paul Flinders
Frank Cusack [Mon, 7 Jul 2003 08:23:43 +0000 (08:23 +0000)]
#include <linux/string.h> for mem*()
Frank Cusack [Mon, 7 Jul 2003 08:21:36 +0000 (08:21 +0000)]
#elif, not #else if
Frank Cusack [Mon, 7 Jul 2003 08:21:20 +0000 (08:21 +0000)]
don't barf on RH directory suffixes (-release)
Paul Mackerras [Sun, 29 Jun 2003 10:06:14 +0000 (10:06 +0000)]
Fix a couple of state transitions
Make sure we only call np_finished once
Paul Mackerras [Sun, 29 Jun 2003 10:04:50 +0000 (10:04 +0000)]
Fix a couple of errors pointed out by Andrew Benham <adsb@adsb.co.uk>.
Paul Mackerras [Sun, 29 Jun 2003 10:04:10 +0000 (10:04 +0000)]
Update the what's new list
Paul Mackerras [Wed, 11 Jun 2003 23:56:26 +0000 (23:56 +0000)]
New CHAP implementation, rewritten from scratch to avoid the code
copyrighted by the uncontactable Gregory Christy. The new code is
much cleaner and splits out all the digest-specific code to separate
files. Thus the CHAP-MD5 stuff is now in chap-md5.c and all the
CHAP-MS and CHAP-MSv2 stuff has moved into chap_ms.c, instead of
having half of it in chap.c.
There are a few minor differences in this implementation; we don't
retransmit responses, but instead just wait for a new challenge.
The success/failure messages are more boring as well. In fact the
digest code now sets the success/failure message.
CHAP_DIGEST_MD5 has been renamed to CHAP_MD5 for consistency.
There is a new function random_bytes() in magic.c, which generates
a string of random bytes.
Paul Mackerras [Wed, 11 Jun 2003 23:50:53 +0000 (23:50 +0000)]
Fix a bug where we would keep asking for MS-CHAP v2 even though
the peer NAK'd with MD5.
Paul Mackerras [Wed, 11 Jun 2003 00:11:11 +0000 (00:11 +0000)]
Add copyright notice and rewrite all sections which are identifiably
from the original pppd.8.
Frank Cusack [Sun, 25 May 2003 01:56:23 +0000 (01:56 +0000)]
s/opad/xpad/ to be consistent with other vars (r=recv,x=xmit)
Frank Cusack [Sun, 25 May 2003 01:50:12 +0000 (01:50 +0000)]
small padding change
Frank Cusack [Sun, 25 May 2003 01:46:25 +0000 (01:46 +0000)]
bail on dirs not of the form linux-x.y.z
Frank Cusack [Tue, 13 May 2003 01:25:36 +0000 (01:25 +0000)]
modify ppp_generic patch to avoid an if() test and extra additions on
every pass through ppp_send_frame(); make a 2.4.19+ version of it;
improve mppeinstall.sh.
Frank Cusack [Mon, 12 May 2003 08:37:21 +0000 (08:37 +0000)]
typo
Frank Cusack [Mon, 12 May 2003 08:18:54 +0000 (08:18 +0000)]
Remove an extraneous HAVE_CRYPT_H definition
Frank Cusack [Mon, 12 May 2003 08:13:24 +0000 (08:13 +0000)]
use librcrypt if available (crypt(3) is apparently in libcrypt on Linux)
Frank Cusack [Mon, 12 May 2003 07:47:06 +0000 (07:47 +0000)]
quiet the compiler, at the expense of #ifdef madness
Frank Cusack [Mon, 12 May 2003 07:31:36 +0000 (07:31 +0000)]
When not in demand mode, defer create_linkpidfile() until we successfully
get a ppp interface. This fixes a bug reported by belle_eden@caramail.com
where pppd might wipe out a still-running previous pppd's pid file.
James Carlson [Fri, 9 May 2003 11:49:46 +0000 (11:49 +0000)]
Repaired bad LCP Configure-Nak generated to request EAP instead of PAP.
Paul Mackerras [Thu, 1 May 2003 12:47:55 +0000 (12:47 +0000)]
Update
Paul Mackerras [Thu, 1 May 2003 12:43:16 +0000 (12:43 +0000)]
Update.
Paul Mackerras [Thu, 1 May 2003 12:42:39 +0000 (12:42 +0000)]
tty_recv_config doesn't return a value any more.
Paul Mackerras [Thu, 1 May 2003 12:30:28 +0000 (12:30 +0000)]
Fix the case where we get a CCP conf-rej for the old deflate option.
Previously we incorrectly thought this was bogus.
Frank Cusack [Wed, 30 Apr 2003 04:55:19 +0000 (04:55 +0000)]
add note about allow-number and remotenumber
Frank Cusack [Fri, 25 Apr 2003 09:41:58 +0000 (09:41 +0000)]
ccp_nakci(), ccp_reqci(): If refusing MPPE stateful mode, log an error
message with a hint.
Frank Cusack [Fri, 25 Apr 2003 08:57:58 +0000 (08:57 +0000)]
Document the 'password' option (with warning).
Frank Cusack [Fri, 25 Apr 2003 08:21:47 +0000 (08:21 +0000)]
promptpass(): handle EINTR (bug report from Damian Gruszka)