each time rather than making up a new one.
Increase the authname/authkey max sizes to 100 characters.
Allow ``authkey'' specifications beginning with ``!''.
When a challenge is received, the text following the
``!'' is executed as a program (expanding stuff in the same
way that ``sh'' and ``!bg'' do). The program is passed the
peer name, peer challenge and local ``authname'' on standard
input and is expected to output the name/key combination that
should be used to build the CHAP response.
This provides support for Secure ID cards (guess what I was
given at work recently!) using CHAP.
Examples will follow.
input routines and take advantage of the new init/continue
interface in libradius. This allows a timely response on
other links in an MP setup while RADIUS requests are in
progress as well as the ability to handle other data from
the peer in parallel. It should also make the future addition
of PAM support trivial.
While I'm in there, validate pap & chap header IDs if
``idcheck'' is enabled (the default) for other FSM packet
types.
NOTE: This involved integrating the generation of chap
challenges and the validation of chap responses
(and commenting what's going on in those routines).
I currently have no way of testing ppps ability
to respond to M$Chap CHALLENGEs correctly, so if
someone could do the honours, it'd be much
appreciated (it *looks* ok!).
Sponsored by: Internet Business Solutions Ltd., Switzerland
end up writing zero bytes, sleep for 1/10 of a second so that
we don't end up using up too much cpu.
This should only ever happen on systems that wrongly report a
descriptor as writable despite the tty buffer being full.
Discussed with: Jeff Evarts
o Do an initial run-time check to see if select() alters the passed
timeval. This knowledge isn't yet used, but will be soon.
It's now dealt with by the `server' object. This simplifies
things as we only have one list of prompt descriptors and
the log_ routines check prompt::logactive to determine
whether it should be used for output.
o Include the MP socket UpdateSet() result in bundle::UpdateSet().
o Don't select on the tun device unless we're in NETWORK
phase or AUTO mode.
o Stop the idle timer when we go to DEAD phase. We may
have transferred a link and not had a chance to kill
it.
o Don't fail when trying to unlink our transferred datalink
from our descriptor lists just before the transfer.
o Add our link descriptor to the write set if we got a short
write the last time (physical::out is set).
o Log the connection source address when a connection is closed.
o Remove descriptor::next field. Descriptor lists are not required
any more.
