Age | Commit message (Collapse) | Author |
|
|
|
Objected to by: Andre Oppermann <oppermann@pipeline.ch>
After Andre's objection, I've re-examined rfc 2759 and noted that it
says that the domain name shouldn't be used when generating the
NT-Response field. So it looks like the bug is in freeradius rather
than in ppp.
|
|
it off before passing it on to the RADIUS server for authentication.
|
|
|
|
Instead, use the correct values based on the number of bits actually
negotiated.
|
|
|
|
|
|
|
|
keys.
|
|
|
|
|
|
Submitted by: Federico G. Schwindt <fgsch@olimpo.com.br>
|
|
path... after we've talked to any RADIUS servers involved, so that we
haven't touched the data before it gets to the server.
|
|
|
|
|
|
MS-MPPE-Recv-Key and MS-MPPE-Send-Key RADIUS attributes, making
MPPE work properly with RADIUS & MSCHAPv2.
Do something with the Filter-Id RADIUS attribute.
Handle MS-CHAP-Error and MS-CHAP2-Success correctly rather than
bogusly including the Ident field in the text passed back to the
client.
Bump the max FSM option length to 52 (was 20)
Add some missing includes.
|
|
|
|
sufficient.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
configured).
This doesn't yet work with MPPE. More to follow.
|
|
o Tidy up includes
o Fix macros in auth.h
o Insist on context for ``set mru'' in MP mode
o Usage -> usage
o Don't intialise after processing config requests
o Show FSM values for ConfigAcks
o Make ident output prettier
o Fix some Id keywords
o Handle RADIUS pool address 255.255.255.254
o Support RADIUS Session-Timeout attributes
o Support RADIUS Reply-Message attributes
o Support RADIUS CHAP-Error attributes
o Store RADIUS Filter-Id attributes
o Provide a NAS-Port-Type attribute to RADIUS servers
o Provide a better NAS-Port attribute to RADIUS servers
o Support MS-CHAP with RADIUS
o Improve FSM decode functions
o Support an OCTETSIN variable
o Support an OCTETSOUT variable
o Support an PACKETSIN variable
o Support an PACKETSOUT variable
o Support an IPOCTETSIN variable
o Support an IPOCTETSOUT variable
o Support an IPPACKETSIN variable
o Support an IPPACKETSOUT variable
o Support an IPV6OCTETSIN variable
o Support an IPV6OCTETSOUT variable
o Support an IPV6PACKETSIN variable
o Support an IPV6PACKETSOUT variable
o Support a SOCKNAME variable
|
|
inbound queue; Amit K. Rao <arao@niksun.com>
|
|
just send PROTO_IP packets when we've got only one link up in multi-link
mode.
|
|
Use them in DPADD throughout the tree.
Fix a few mispells (LIBMATH -> LIBM...)
Wipe obsolete lib (LIBRESOLV)
Sort added missing libraries, move obsolete stuff apart.
Synch documentation in bsd.README
ok deraadt@
|
|
Notice if the IP header length changes when doing transparent proxying; FreeBSD
Handle domain\\user entries in ppp.secret
Add some mp_Down() calls to ensure that our multi-link NCP goes away properly
Miscellaneous #ifdef'd out FreeBSD changes (mostly netgraph stuff).
|
|
|
|
the display string in MPPEDispOpts.
|
|
|
|
|
|
login phase. Just initialise the correct parts
|
|
|
|
Alas many of these were introduced by yours truly as necessary
just doesn't look right to me for some reason ;-)
|
|
getpeername() and don't set PASSIVE mode if it's is.
|
|
address family.
|
|
|
|
|
|
that the ncpaddr code doesn't create default routes with non-zero
masks, everything works as it should.
|
|
up in the same way that we expect them to be when we read them.
This is a no-op on i386 and probably on alphas, as we currently
only support AF_INET and AF_INET6.
|
|
of 0.0.0.0.
The OpenBSD PF_ROUTE/NET_RT_DUMP sysctl is sending back routes with
RTAX_NETMASK set, but the corresponding sockaddr being 4 zero bytes
(with an address family of zero). ppp was getting confused by this
and ending up interpreting it as a 0.0.0.0/32 routing table
destination and subsequently failing to do anything with the route.
Specifically, after this fix, ppp under OpenBSD can successfully
change and delete the default route again !
|
|
|
|
ncprange structure.
Don't write() the netmask for IPv6 sockaddrs to the routing socket if
the prefixlen is 128.
It seems that messages written to the routing socket with the scopeid
set for link local addresses are not understood. Instead, we have to
put the scopeid in the 5th and 6th bytes of the address (see
adjust_linklocal() in ncpaddr.c). I think this may be a bug in the
KAME implementation - it should really understand both forms.
|
|
Add the UPTIME variable
CCP protocol ``0xffffffff'' -> ``none''
Don't leak memory when expanding command arguments and not exec()ing
Make some functions static
Add the ``log'' command for manual logging
Fix some log text bogons
|
|
too big).
|
|
|
|
|