Age | Commit message (Collapse) | Author |
|
than the maximum physical values.
|
|
|
|
|
|
|
|
|
|
|
|
open CCP with no algorithm.
|
|
perform a key change, *and* our sequence numbers have wrapped,
ensure that the number of key changes is calculated correctly.
The previous code counted down from a negative number to zero,
re-encrypting the current key on each iteration - this took some
time and strangely enough got the answer wrong !!!
Spell stateful correctly while I'm here.
|
|
|
|
envoked -- don't use them (as return values from open()), then
(say) close(STDIN_FILENO) when daemonising.
This is done by grabbing 3 descriptors to /dev/null at startup and
releasing them after we've daemonised.
|
|
This is necessary because MPPE will combine the protocol id with the
payload received on the tun interface, encrypt it, then prepend its
own protocol id, effectively increasing the payload by two bytes.
|
|
|
|
|
|
|
|
|
|
Add an optional ``max'' specifier to ``set m[rt]u'', ie.
``set mtu max 1492'' for PPPoE.
Bump the ppp version number.
Add support for stateful MPPE (microsoft encryption) providing
encryption compatibility with Windows 2000. Stateful encryption
uses less CPU but is bad on lossy transports.
The ``set mppe'' command has been expanded. If it's used with any
arguments, ppp will insist on encryption, closing LCP if the other
end refuses.
Sponsored by: Monzoon Networks AG and FreeBSD Services Limited
|
|
preceeded with whitespace.
|
|
|
|
|
|
Handle carriage-return/line-feed stuff for ftp natting more generically
Fix an alignment bug when logging DNS traffic
Fix/add some copyrights
|
|
Understand ipencap traffic properly
Optimise out SIOCIFADDR ioctls that aren't necessary
Handle peers that don't send an initial IFADDR option during IPCP negotiations
Fix markup for the /etc/ttys example
Always use 4 arguments in examples of ``set ifaddr''
|
|
all route MTUs too.
|
|
rather than dropping out immediately.
|
|
|
|
Mschapv2 response generation may produce embedded NULs... causing
us to send a bogus response to the radius server and end up
failing the client's valid response.
Problem pointed out by: Eugene Vigovskiy <vigov@com2com.ru>
|
|
|
|
|
|
|
|
aliases with the same netmask and destination, don't remove it and then
re-add exactly the same thing.
|
|
MAXPATHLEN -> PATH_MAX
Handle ENOENT from opening /dev/tun* properly
Rename _PATH_PPP -> PPP_CONFDIR and allow it to be redefined at compile time
Reduce MIN_LQRPERIOD and MIN_FSMRETRY to 1 second
Be smarter about identifying sockets on stdin
Allow primary DNS IP negotiation when the secondary IP has been rejected
Fix the call to PacketAliasProxyRule() properly.
Add/fix some comments
Fix man page markups; ru@FreeBSD.org
Use localhost when no hostname is configured
|
|
Submitted by: martin.hopkins@insignia.com
|
|
|
|
|
|
|
|
is called prior to sending a CCP configure request for a
given protocol. The default is to send the request, but
this is overridden for MPPE which checks to see if the lcp
negotiations agreed CHAP81, and if not fails.
Use the same function to decide if we should reject peer
requests for MPPE.
This should get rid of those boring messages about not being
able to initialise MPPE when we don't negotiate CHAP81.
|
|
|
|
a radius accounting packet.
|
|
complains that you can't do MPPE without CHAP81).
Reset MasterKeyValid to zero when we hit phase DEAD.
|
|
CLOSE_NORMAL meanings. CLOSE_NORMAL doesn't change the currently
required state, the others do. This should stop ppp from entering
DATALINK_READY when LCP shutdown doesn't end up happening cleanly.
Bump our version number to reflect this change.
|
|
|
|
|
|
Only show the mask in ``show bundle'' when it's been specified.
Complain about unexpected arguments after ``set server {none,open,closed}''
Log re-open failures as warnings rather than phase messages.
Fix some markup for the ``set server'' man page description.
|
|
|
|
|
|
|
|
Allow ``set server open'' to re-open the diagnostic socket.
Handle SIGUSR1 by re-opening the diagnostic socket
When receiving SIGUSR2 (and in ``set server none''), don't forget the
socket details so that ``set server open'' and SIGUSR1 open it again.
Don't create the diagnostic socket as uid 0 ! It's far to dangerous.
|
|
don't continue adjusting the ipcp state machine.
This allows ``down'' to work in ppp.linkdown - useful for a tunnel
setup.
|
|
|
|
diagnostic rather than a warning.
|
|
|