| Age | Commit message (Collapse) | Author |
|---|
|
pointed out by mxb and Robert Blacquiere
|
|
passing wrong inteface name to ioctl().
pointed out by csszep at gmail.com
|
|
ok dlg@
|
|
ok yasuoka@ millert@
|
|
be set in _this->keylenbits. Found by scanning the tree using coccinelle.
ok yasuoka
|
|
ok guenther millert kettenis
|
|
Delete Makefile.inc and define BINDIR at npppd/Makefile directly.
|
|
in accept() case.
"go for it" deraadt
|
|
#include "recvfromto.h" to l2tp_ctrl.c. no binary changes.
|
|
pointed out by Andrew Ngo.
|
|
"looks right" deraadt@
|
|
|
|
|
|
|
|
install sample configs to /etc/.
ok claudio deraadt henning mcbride
|
|
- new sentence, new line
- on npppd.8 BUGS section, clarified that what is dropped is L2TP/IPsec
packets
these must be included the previous commit.
|
|
- add missing copyright
- delete comment lines from the template
- new sentence, new line
- on npppd.8 BUGS section, clarified that what is dropped is L2TP/IPsec
packets
|
|
no functional changes.
|
|
|
|
|
|
parse.y and `npppd-users' will be based on getcap(3). Add man pages.
feedback from giovanni
|
|
from umezawa at iij
|
|
L2TP packets.
ok markus henning
|
|
can use this to select the IPsec tunnel for sending L2TP packets.
this fixes Windows (always binding to 1701) and Android clients
(negotiating wildcard flows); feedback mpf@ and yasuoka@;
ok henning@ and yasuoka@; ok jmc@ for the manpage
|
|
case was missing.
ok claudio henning
|
|
ok yasuoka@
|
|
no binary change.
from Michael W. Bombardieri
|
|
This was forgotten on the prior commit.
|
|
seems ok henning, ok mcbride
|
|
seems ok henning, ok mcbride
|
|
requested.
ok mcbride henning
|
|
(found by yus at iij)
ok mcbride henning
|
|
the option in proxied LCP.
ok mcbride henning
|
|
- fix styles, compile errors in some ifdef condition and compiler warnings.
- delete rtev* that was to work around routing socket overflows.
- delete is_ctrl argument from l2tp_ctrl_send_packet(). It's not used.
- tweak returning the exit status.
- use IPV6_IPSEC_POLICY for IPv6 socket.
(though npppd cannot set up a ipsec policy to the socket yet.)
ok mcbride henning
|
|
No binary changes.
ok mcbride henning
|
|
from Tobias Ulmer (tobiasu at tmux.org); ok jmc@, krw@
|
|
Reported and tested by sebastia@
ok sthen sebastia giovanni
|
|
by default. After this change we need to add
ppp.ingress_filter: true
to npppd.conf if it is needed.
ok sthen
|
|
|
|
scratch, it uses parser.c derived from ikectl(8) to have OpenBSD's
fashion. This includes related changes listed below:
- changed npppd control IPC heavyly.
- support IPv6 as tunnel source address.
- deleted support changing the configuration of npppd_ctl on running.
Because it is not so needed but it requires privilege operations.
- refactors.
man page helps from jmc. tested by sebastia.
ok deraadt sebastia sthen
|
|
ok sebastia sthen
|
|
OK yasuoka@
|
|
|
|
ok deraadt@ henning@
|
|
reorder packets to pass to the upper layer without reorder. It
will improve performance (throughput or loss rate) for PPTP or
L2TP(/IPesc) on networks that latency is unstable such as mobile
network.
As our test environment (bandwidth: 6Mbps, latency: 50ms for 97% of
traffic and 52ms for rest of traffic), throughput has changed from
0.76MB to 2.17MB on file upload by PPTP connected Windows Vista
ftp.exe.
Developed by UMEZAWA Takeshi at IIJ.
ok jmatthew@
tested jmatthew@ and myself.
|
|
`net.pipex.enable' to enable PIPEX. By default, pipex is disabled
and it will not process packets from wire. Update man pages and
update HOWTO_PIPEX_NPPPD.txt for testers.
discussed with dlg@, ok deraadt@ mcbride@ claudio@
|
|
- Changed finalizing way to the privileged process. In old way, the
privileged process could not aware abnormal exit of the process in
jail. Then the processes in jail remained as zombies. Created a
pipe to monitor the privileged process, the privileged process can
exit in peace by using the pipe.
- npppd will exit abnormally when the privileged process exits
abnormally.
- PF_KEY socket requires privileges.
- Return correct "errno" to the jail in priv_open().
- Cleanup.
ok hsuenaga@
|
|
|
|
- Add functions to radius+.c that are required to implement RADIUS
accounting.
- Send RADIUS Account-Start and Account-Stop messages with attributes that
are defined by RFC 2866, 2868, 2869.
- If any authentication realm is deleted from the configuration, npppd may
exit by segmentation fault.
- Delete radius_common.c, radius_common.h and eap.c because they are not
used.
- Retransmission and failover are reimplemented.
- Cleanup
|
|
failures. 'errno' returned by the privileged process was not initialized.
'tolen' in priv_sendto() was garbage.
ok hsuenaga@
|
