forked from xelerance/xl2tpd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGES
311 lines (271 loc) · 12.4 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
v1.3.6 (Jan 15, 2014)
* I keep screwing up the version number. Changes to CHANGES and l2tp.h
* Fix the size of the lenght param for AVP headers. This should fix Android
support no matter how the compiler optimizes.
v1.3.5 (Jan 15, 2014)
* Re-define the add_header() function as the compiler was screwing up the lenght|MBIT logic.
THIS RE-ENABLES ANDROID SUPPORT which had been broken since 1.2.7
v1.3.4 (Jan 13, 2014)
* Revert "Patches from Fedora to use Openssl MD5 instead of our own"
This patch forced us to ask for a license exception, which we cannot do.
* Revert "Add a license exception to link xl2tpd with OpenSSL"
Without the OpenSSL MD5 requirement, we no longer need to ask for a license exception.
v1.3.3 (Jan 3, 2014)
* License exception for linking with OpenSSL
(this is because we do not use our MD5 anymore)
* Check write return code on control socket (fixes FTBFS with -Wall) [Simon Deziel]
v1.3.2 (Nov 15, 2013)
* Remove unused variables reported by gcc -Wunused [Paul Wouters]
* Retain password when redial is enabled [Ted Phelps]
* Respect LDFLAGS, original author unknown [Jeremy Olexa]
* Turn off UDP checksums [mcr]
* Respect CFLAGS for xl2tpd-control [Mike Gilbert]
* Patches from Fedora to use Openssl MD5 instead of our own [Patrick Naubert]
* Cosmetic fix log warning about IPsec SAref kernel mod support [Pavel Kopchyk]
* Upgrade options (in global contex) according to their keyword words in 'file.c' [Pavel Kopchyk]
* Actually force userspace when using SAref [Sergey Fionov]
* Enable kernel-mode by default [Sergey Fionov]
* Fix kernel support for 2.6.23+ [Sergey Fionov]
* Remove if_pppol2tp.h header [Sergey Fionov]
* Tell pppd to set LNS mode flag on kernel pppol2tp session socket. [Sergey Fionov]
* Wrap connect_pppol2tp() with ifdef [Sergey Fionov]
* Check for existence of SO_NO_CHECK before using it [Stuart Henderson]
* Check that argv[1] isn't null before strncmp() [Stuart Henderson]
* Set a valid msg_controllen, OpenBSD needs it [Stuart Henderson]
* Avoid type punning: it makes gcc grumpy. [Ted Phelps]
* Cope with comment lines that extend beyond 120 characters. BZ#806963. [Ted Phelps]
* Document the default duration of the redial timeout option. [Ted Phelps]
* Don't call grantpt(). [Ted Phelps]
* Fix an uninitialize memory access. [Ted Phelps]
* Fix udp_xmit to work on Linux *and* OpenBSD [Ted Phelps]
* Increase the size of the buffer used to read config file lines. [Ted Phelps]
* Make it possible to prevent xl2tpd from overwriting ppp's ipparam [Ted Phelps]
* Quash more valgrind warnings. [Ted Phelps]
* Set msgh.msg_controllen before calling CMSG_FIRSTHDR [Ted Phelps]
* + use address from the last received UDP packet in UDP messages response [Tomas Chmelar]
* Clean up samples [Tuomo]
* Don't mark some AVPs as mandatory [wangxiaoguang]
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680146
* Remove a 'sleep' in control_finish [wangxiaoguang]
v1.3.1 (Oct 6, 2011)
* Suse updated to spec and init files [Shinichi Furuso]
* SAREF: Changed IP_IPSEC_REFINFO to global option "saref refinfo" [Paul]
* Updated configuration examples with SAref [Paul]
* samples: cleaned up samples and removed broken ones [Tuomo]
v1.3.0 (July 23, 2011)
* Added xl2tpd-control [Alexander Dorokhov]
* Added 'a' (add) and 'd' (delete) control options [Alexander Dorokhov]
* Refresh debian/ from Debian. [Roberto C. Snchez]
* Buffer overrun in reading >16 char l2tp-secrets [Matt Domsch]
(https://bugzilla.redhat.com/show_bug.cgi?id=689178)
* xl2tpd may leaks file descriptors [Steve Barth]
* xl2tpd: field o_pad in "struct payload_hdr" unnecessary. RFC 2661 [Ilya]
* Fix logging in write_packet() [Ilya]
* Bug tracker bugs fixed:
#1119 Segfault upon config error [Andrey Cherny]
#1223 Gentoo QA warning: dereferencing pointer [Andrey Cherny]
#1236 xl2tpd hungs and wont redial after communication fail [Andrey Cherny]
#1237 delayed null pointer check [Andrey Cherny]
v1.2.8
* Makefile: fix compilation with --as-needed linker flag [Vladimir V. Kamarzin]
* Workaround for apple clients missing htons() [Brian Mastenbrook]
* Log destination ip and port in case of send failure [Mika Ilmaranta]
* Added Default-Stop: to fedora initscript [Paul]
* Bug tracker bugs fixed:
#1078 xl2tpd doesn't pass 'ipparam' to pppd and pppd won't get
client ip (Xiaoguang WANG)
v1.2.7
* Reduce time in signal handlers where we cannot log [Shinichi Furuso]
* Add rx/tx bps speed setting options [Tony Hoyle]
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578070)
* Rename FFLAGS to IPFLAGS to avoid clashing on debian [Paul]
* spelling fix (dont -> don't) [Paul]
v1.2.6
* Partial fix for compiling on OpenBSD [synapse]
* add missing setting of logopen=1 in init_log() [Shingo Yamawaki]
* xltpd could deadlock on syslog() call in signal handler [Bart Trojanowski]
* fix fedora/centos spec file [Paul]
v1.2.5
* Fix initscript for https://bugzilla.redhat.com/show_bug.cgi?id=247100
* Fix for two Windows machines behind the same NAT with the samed
number of l2tp connection attempts since boot [Shinichi Furuso]
v1.2.4
* Fixes to Suse spec file [Shingo Yamawaki]
* unclutter logs for 'select timeout' [Shingo Yamawaki]
* Make sure child_handler and destroy_call won't conflict when pppd is killed
[Mika Ilmaranta/ Tuomo]
* Workaround for broken kernels that send duplicate pids to waitpid()
See: https://bugzilla.redhat.com/show_bug.cgi?id=486945 [Mika / Tuomo]
* Fix pppd option from legacy -detach to nodetach [Tuomo]
v1.2.3
* Fixes for prefix/destdir and spec files [paul/tuomo]
* Use pcap not pcap-devel on suse, rhel and centos [paul/tuomo/shingo]
* Added pfc to contrib. pfc is a tool to compile active-filters
for pppd, which can be used for dial-on-demand filters [paul/roberto]
* Bug tracker bugs fixed
# 998: xl2tpd-1.2.2 Makefile sets wrong path for mandir
v1.2.2
* PPP CHAP authentication using plugin passwordfd.so failed [[email protected]]
* Use SIGALRM only in select(). This prevents a problem where a pppd child
(eg ntpd via ppp-up.d/ script) is using signaling too. [Shingo Yamawaki]
* A file descriptor is left opened when exec'ing pppd. [Shingo Yamawaki]
* When select() is interrupted, readfds should not be used. [Shingo Yamawaki]
* Modifications to Makefile to support DESTDIR [paul]
* Modifications to compile on OpenBSD [Stephen Ayotte]
* Bug tracker bugs fixed
#955: refuse authentication is backward for LAC sections [Dean Scarff]
v1.2.1
* Fixes to Suse init file and spec file [paul]
* Changed some build defaults in Makefile [paul]
v1.2.0
* Synchronised IP_IPSEC_REFINFO define with KLIPSNG patch [paul]
* Fixed versioning and bumped to 1.2.0 [paul]
v1.1.12
* Fix for dropped packets and wrong disconnects. [Ray Overland / Tuomo]
* Included debian directory from Roberto C. Sanchez <[email protected]>
v1.1.11
* Support for passwordfd when using xl2tpd as client.
Patch by David MacKinnon <[email protected]>
* Add DEBUG_AUTH comments to the Makefile [paul]
* Workaround for Cisco routers that do not send transmit speed or framing
type [paul]
* Fix two old l2tpd references to xl2tpd (syslog used wrong name) [paul]
v1.1.10
* add pid to pppd logging [tuomo]
* don't specify compiler flags (overrides packaging flags in rpm) [tuomo]
* minor documentation fixes [tuomo/paul]
v1.1.09
* Forgot to bump version number, so to avoid confusing, I bumped everything
to 1.1.09
v1.1.08
* Confirmed pppd bug of not always terminating on SIGTERM. The new define
TRUST_PPPD_TO_DIE determins whether we send SIGTERM or SIGKILL, with
SIGKILL being the (new) default. (ppp-2.4.2-6.4.RHEL4 is known to be
broken)
v1.1.07
* Fix for unaligned header field accesses crashes on RISC by Dave S. Miller
(# 735)
* Added and enabled pppd debugging code to assist locating a serious
xl2tpd infinite loop when pppd does not die after a SIGTERM.
* Complete support for pppol2tp's kernel mode L2TP. Patch by Cedric
* Make spec file Fedora Extras compliant
* Added pppol2tp-linux-2.4.27.patch to contrib/
* Pidfile fixes (by Tuomo)
* Fix creation of pid file if /var/run/xl2tpd does not exist.
* Fix compile without SANITY defined (Charlie Brady <[email protected]>)
* Fix configuration filename for the ppp options file (#725 by Tuomo)
* Fixes to compile with all DEBUG_* statements enabled
* Documented all DEBUG_* statements in Makefile
v1.1.06
* Build xl2tpd and use /etc/xl2tpd/xl2tpd.* configuration files with fallback
to /etc/l2tpd/l2tpd.* configuration files.
* Support for pppol2tp's kernel mode L2TP.
Patch by Cedric Schieli <[email protected]>
* Documented IPsec SA reference tracking for use with Openswan
* Added patents documentation.
* Migration support on xl2tpd.spec for l2tpd -> xl2tpd
v1.1.05
* Changed versioning scheme to match Xelerance standards
* IPsec SA reference tracking added (used with Openswan's IPsec transport mode)
This adds support for multiple clients behind the same NAT router, and
multiple clients on the same internal IP behind different NAT routers.
* Fix for Windows clients that send the wrong tunnel ID for closing tunnels
v1.04
* actually, 1.03 tag in GIT was in the wrong place. This is the right release.
v1.03
* fixes for gcc 4.xx compilation
v1.02
* udpated CHNANGELOG
v1.01
* various debugging added, but debugging should not be on by default
* async/sync conversion routines must be ready for possibility that the read
will block due to routing loops
* refactored control socket handling.
* use man page in doc/
* move all logic about pty usage to pty.c try ptmx first. if it fails try
legacy ptys
* rename log() to l2tp_log(), as "log" is a math function.
v1.00
* First version managed by Xelerance, called xl2tpd.
* If we aren't deamonized, then log to stderr.
* added install: and DESTDIR support
0.70
--
Change path for config files from /etc/l2tp to /etc/l2tpd ([email protected])
Turn of echo no ptys to pppd (Damien de Soto)
Add pty name to command line passed to pppd (Chris Wilson)
Added listen-addr parameter to l2tpd.conf ([email protected])
Close stdin when in daemon mode ([email protected])
Improve interoperability with MSL2TP ([email protected])
Eliminate some warnings ([email protected])
0.69
--
Edited l2tpd.conf.5 man page to correct some information
Added l2tpd.8 and l2tp-secrets.5 man pages
Zero'ed out memory malloced to hold challenge, otherwise we may pass
wrong challenge to md5 code
0.68
--
Updated copyright notice on all relevent files
Changed vendor name as it appears in AVP's
Add new sources of randomness, reading /dev/urandom
Seed rand() with time()
Stubs available for egd randomness source, not implemented yet though
Don't close fd 0 as workaround for signal problems in daemon mode
Fix some off by 6 errors in avp handling
0.67
--
close pty connecting to pppd in child_handler()
Add code to daemonize correctly
Add command line options
-D to not daemonize
-p to specify a pidfile
-c to specify a config file
-s to specify a secrets file
Catch a SIGHUP that's coming from who-knows-where and do nothing
0.66
--
Fixed tunnel authentication mechanism so that it works!
Fixed several segfaults...some in debugging code
0.65.1
--
Reformatted all .c and .h files using GNU indent
0.65
--
Fix to handling SLI packets
reformatted some code in a few small places
Added valid, new (since L2TP draft days) result codes
autodialed calls switched to be "Incoming calls" rather than "Outgoing"
Re-arranged some header declarations
Remote systems may use the same Tunnel ID...this is OK
Look for l2tpd.conf in /etc/l2tp and in /etc/l2tpd...look for
l2tp-secrets int he same directory
Portability enhancement (act.sa_restorer only used on i386?)
(Jean-Francois Dive)
0.64
--
Too many that I lost track...
Scaleability improvements from Huiban Yoann at Siemens
Rudimentary Outgoing Call Request system
As in CREDITS, "an uncountable amount of little bug fixes"
0.63
--
Syslog support added!!!
Improved data sequencing & flow control serial number checking
Removed call flow/session control serial number checking in ICRQ
-- Did we do this already and we're going mindless? :D
Removed checking of now-defunct R bit
Changed PPP framing to always sync
Various and asundry other fixes
NOW OPERABLE WITH CISCO IOS 12.1
Continued interoperability improvements with Windows 2000 clients
0.62
--
Removed call flow/session control (inapplicable as of RFC spec draft 13)
Corrected invalid Receive Window Size AVP in ICCN
Corrected Bearer Capabilities non-requirement in SCCRQ & SCCRP
Verified operability with Cisco 3000 series
0.61
--
Fixed shutdown of PPPd from SIGKILL to SIGTERM
Beginning code cleanup and interoperability testing