Enable MS-CHAP support.
release/Makefile:
Build a separate NOCRYPT version of pppd, to keep This Great
Nation's top-secret cryptographic tools out of the filthy hands
of those evil furriners.
MD4Update(), but our version in libmd expects a byte count.
This code is not currently compiled or linked into pppd, so I'm
reasonably sure I didn't break anything. :-) I added the necessary
statements to the Makefile, but left them commented out because we
are in feature freeze. When the code is enabled, we must be careful
to build it only if the DES library is available.
24 (which is magnalink!) rather than the correct (according to the rfc) 26.
Initial attempt at a compatability kludge that will negotiate for either
but will prefer to use the correct deflate compression type.
don't claim that _any_ serial speed is settable, mention that it has to
be supported by the device driver. Some have very flexible baud rate
selection (ie: based on divisors etc, such as the com ports), while others
have explicit baud rate choices.
- (see auth.c rev 1.13) allow the pap/chap secrets file to specify an
override for the otherwise hard coded IP addresses. This allows specific
users to dial in on a rotary which would otherwise get a dynamic address
forced to authenticate and get their own fixed addresses.
- (see options.c rev 1.9) recognize the old dns1 and dns2 options. This
is a hack (TM). :-)
dial-on-demand, packet filtering, idle timeouts, etc). The IPX support
is pretty much there but more work needs to be done in sys-bsd.c for
the interface ioctls (Linux has a very different way of configuring IPX
interfaces).
Along the way some things have temporarily been lost due to very messy
conflicts. I will recover them shortly when I can think clearer.
The main one is the local:remote address override in pap-secrets and
chap-secrets. Some other home-grown features (dns1,dns2) have been
implemented differently. Microsoft's chap client auth hacks have been
implemented. There are bound to be more rough edges... The changes for
connect-max-retries doesn't fit well with the dial-on-demand code.
mixed up versions. Also, these were imported onto the 1.1.2 branch
(since the last one was imported there, sigh) and that causes cvsup in
checkout mode some problems (there isn't any 1.1.1 branch at all!!).
pppd now creates /var/run/ttyXn.if file containing the interface name;
check that a 'login' user is not listed in /etc/ppp/ppp.disabled;
check that a 'login' user's shell is listed in /etc/ppp/ppp.shells;
make sure that passwordless 'login' logins are recorded in wtmp and
utmp.
and chap-secrets files. This allows specific users
to have pre-allocated IP numbers while others get
assigned dynamically.
Submitted by: David Nugent <davidn@unique.usn.blaze.net.au>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
bomb out. Unfortunately, FreeBSD's sio driver and certain internal
modems don't get along very well, which can cause the serial port to
wedge until it is closed and reopened.
Add new variable, connect-max-attempts, default = 1 (to mimic previous
behavior). If > 1, will try up to "n" times to dial remote site before
aborting.