When resending chap challenges, resend the same challenge
each time rather than making up a new one.

Increase the authname/authkey max sizes to 100 characters.

Allow ``authkey'' specifications begi

When resending chap challenges, resend the same challenge
each time rather than making up a new one.

Increase the authname/authkey max sizes to 100 characters.

Allow ``authkey'' specifications beginning with ``!''.
When a challenge is received, the text following the
``!'' is executed as a program (expanding stuff in the same
way that ``sh'' and ``!bg'' do). The program is passed the
peer name, peer challenge and local ``authname'' on standard
input and is expected to output the name/key combination that
should be used to build the CHAP response.

This provides support for Secure ID cards (guess what I was
given at work recently!) using CHAP.

Examples will follow.

show more ...

Decouple pap & chap output routines from the corresponding
input routines and take advantage of the new init/continue
interface in libradius. This allows a timely response on
other links in an MP se

Decouple pap & chap output routines from the corresponding
input routines and take advantage of the new init/continue
interface in libradius. This allows a timely response on
other links in an MP setup while RADIUS requests are in
progress as well as the ability to handle other data from
the peer in parallel. It should also make the future addition
of PAM support trivial.

While I'm in there, validate pap & chap header IDs if
``idcheck'' is enabled (the default) for other FSM packet
types.

NOTE: This involved integrating the generation of chap
challenges and the validation of chap responses
(and commenting what's going on in those routines).
I currently have no way of testing ppps ability
to respond to M$Chap CHALLENGEs correctly, so if
someone could do the honours, it'd be much
appreciated (it *looks* ok!).

Sponsored by: Internet Business Solutions Ltd., Switzerland

show more ...

Reimplement the previous fix (no response to PAP requests)
at the authentication layer rather than at the PAP layer
so that it also applies to CHAP (no response to CHAP
challenges).

If we receive no answer from the server when sending PAP
requests, give up (don't sit there indefinitely).

Initial RADIUS support (using libradius). See the man page for
details. Compiling with -DNORADIUS (the default for `release')
removes support.

TODO: The functionality in libradius::rad_send_reques

Initial RADIUS support (using libradius). See the man page for
details. Compiling with -DNORADIUS (the default for `release')
removes support.

TODO: The functionality in libradius::rad_send_request() needs
to be supplied as a set of routines so that ppp doesn't
have to wait indefinitely for the radius server(s). Instead,
we need to get a descriptor back, select() on the descriptor,
and ask libradius to service it when necessary.
For now, ppp blocks SIGALRM while in rad_send_request(), so
it misses PAP/CHAP retries & timeouts if they occur.

Only PAP is functional. When CHAP is attempted, libradius
complains that no User-Password has been specified... rfc2138
says that it *mustn't* be used for CHAP :-(

Sponsored by: Internet Business Solutions Ltd., Switzerland

show more ...

Recurse when we've switched state via LoginDone(). If we've
got an open link, we want it to be select()d on - otherwise
we get a freeze when ``openmode'' is passive.

If we've configured CBCP *and* another not-so-important
CALLBACK protocol and end up agreeing CBCP, DTRT and go
into CBCP phase rather than mistakenly terminating as
if CBCP wasn't agreed.
Problem re

If we've configured CBCP *and* another not-so-important
CALLBACK protocol and end up agreeing CBCP, DTRT and go
into CBCP phase rather than mistakenly terminating as
if CBCP wasn't agreed.
Problem reported by: Alexander Dubinin <alex@nstl.nnov.ru>

show more ...

Don't use the next phone number after the ``|'' if the
dial & login are successful.
Submitted by: Toshiomi Moriki <Toshiomi.Moriki@ma1.seikyou.ne.jp>
PR: 9382

Fix a rather bad latency problem (uncovered by the recent timer commit).
Problem reported by: Christopher Hall <hsw@acm.org>

Boy, this was tricky to find:
Remove any dial timer that might be hanging around at
datalink_Destroy() time. This timer may be left running
after the link is closed (making sure it's not autom

Boy, this was tricky to find:
Remove any dial timer that might be hanging around at
datalink_Destroy() time. This timer may be left running
after the link is closed (making sure it's not automatically
opened again too soon).

show more ...

Explain what the ``*'' means for a CBCP phone number
in ``show link''.

Destroy any existing chat timeouts in datalink_ComeDown()
If we're told to close/down while in DIAL or LOGIN state,
we don't want to keep our timeout running :-/

When entering ``term'' mode, don't output any messages until
the device is successfully opened. If we fail to open it,
mention the fact.
Also go back into command mode as soon as the device is close

When entering ``term'' mode, don't output any messages until
the device is successfully opened. If we fail to open it,
mention the fact.
Also go back into command mode as soon as the device is closed
rather than waiting for the user to type something before noticing.

show more ...

o Support callback types NONE, E.164, AUTH and CBCP.
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set l

o Support callback types NONE, E.164, AUTH and CBCP.
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set login'' or
``set hangup''.
o Allow ``*'' and blanks as placeholders in ppp.secret and
allow a fifth field for specifying auth/cbcp dialback
parameters.
o Remove a few extraneous #includes
o Define the default number of REQs (restart counter) in defs.h
rather than hardcoding ``5'' all over the place.
o Fix a few man page inconsistencies.

show more ...

Only start checking carrier when the datalink state machine
exceeds DATALINK_READY. When we go back to READY or less
(eg. ``close lcp''), switch the carrier-checking-timer off again.

This fixes the

Only start checking carrier when the datalink state machine
exceeds DATALINK_READY. When we go back to READY or less
(eg. ``close lcp''), switch the carrier-checking-timer off again.

This fixes the callback example in ppp.conf.sample.
Noted as broken by: Damian Kuczynski <damian@best.pw.edu.pl>

show more ...

The CCP layer now behaves as follows:
o If we've denied and disabled all compression protocols, stay
in ST_INITIAL and do an LCP protocol reject if we receive any
CCP packets.
o If we've disabled

The CCP layer now behaves as follows:
o If we've denied and disabled all compression protocols, stay
in ST_INITIAL and do an LCP protocol reject if we receive any
CCP packets.
o If we've disabled all compression protocols, go to ST_STOPPED
and wait for the other side to ask for something.
o If we've got anything enabled, start REQing as soon as the auth
layer is up.
o If we're in multilink mode, than the link level CCP goes
straight to ST_STOPPED irrespective of what's configured so that
we never try to compress compressed stuff by default.

show more ...

Remove redundant includes

Add ``ipcp'' as an optional argument to ``open'', and make
open capable of re-negotiatiating the various layers.

It is now possible to change various link options and then
re-open the relevant layer

Add ``ipcp'' as an optional argument to ``open'', and make
open capable of re-negotiatiating the various layers.

It is now possible to change various link options and then
re-open the relevant layer, making the changes effective -
for example, switching off VJ compression or starting ECHO
LQRs on-the-fly.

show more ...

o If we come out of select() with only write descriptors that
end up writing zero bytes, sleep for 1/10 of a second so that
we don't end up using up too much cpu.
This should only ever happen o

o If we come out of select() with only write descriptors that
end up writing zero bytes, sleep for 1/10 of a second so that
we don't end up using up too much cpu.
This should only ever happen on systems that wrongly report a
descriptor as writable despite the tty buffer being full.
Discussed with: Jeff Evarts

o Do an initial run-time check to see if select() alters the passed
timeval. This knowledge isn't yet used, but will be soon.

show more ...

Create & use fsm2initial(), a function to bring a
state machine back to ST_INITIAL without going
through any unnecessary TLS/TLF pairs.

Only set the datalink::stayonline flag if we
close/down with CLOSE_LCP when our state is
DATALINK_READY or higher.

Make `close lcp' just close the LCP layer and not hangup. This is
useful for slirp users that wish to get their shell back after the
ppp session. `close' with no args still hangs up as expected.
Re

Make `close lcp' just close the LCP layer and not hangup. This is
useful for slirp users that wish to get their shell back after the
ppp session. `close' with no args still hangs up as expected.
Required by: jmz

show more ...

o Maintain a link-type mask for open datalinks as well as
for all datalinks in a bundle. Ppp now deals correctly
with link types that are changed while open
o When changing the type of the last

o Maintain a link-type mask for open datalinks as well as
for all datalinks in a bundle. Ppp now deals correctly
with link types that are changed while open
o When changing the type of the last AUTO link, only clear
the interface if we're not in PHASE_NETWORK. This allows
us to switch to -ddial mode while we have a connection
without suddenly unexpectedly throttling ourselves by
clearing the interface configuration.
Problem area noted by: Aaron Jeremias Luz <aaron@csh.rit.edu>

show more ...

o Make modes consistent throughout ppp. The same strings are used
in `set mode', `allow modes', on the command line and when
outputting mode names. The strings are matched so that only
enough

o Make modes consistent throughout ppp. The same strings are used
in `set mode', `allow modes', on the command line and when
outputting mode names. The strings are matched so that only
enough characters to uniquely identify the string are required,
so you can now

ppp -a mylabel (for auto mode)
ppp -b mylabel (for background mode)
ppp -dd mylabel (for direct dial mode)

etc.
o Make -ddial dial when specified on the command line (oops).
Pointed out by: Alex <garbanzo@hooked.net>

show more ...

o Don't forget to close our transfer socket if we cannot
generate the data to transfer.
o Transfer uucp lock ownership for the transferred device.
o Don't assume we know the correct values of dev_i

o Don't forget to close our transfer socket if we cannot
generate the data to transfer.
o Transfer uucp lock ownership for the transferred device.
o Don't assume we know the correct values of dev_is_modem and
mbits after the transfer.

show more ...