X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/53f1a814a14f348ecf1405d406303e1125205504..2c6957f223400fb892349fac5d521b89d12610df:/Changes diff --git a/Changes b/Changes index 8144831..aad8483 100644 --- a/Changes +++ b/Changes @@ -1,7 +1,123 @@ +* Thu Jan 20 2011 Brendan O'Dea 2.2.x +- Apply MLPPP patch from Muhammad Tayseer Alquoatli. +- Apply patch from Michael O to avoid sending multiple CDNs. +- Apply patch from Cyril Elkaim to fix an issue with MacOS. +- Apply patch from Geoffrey D. Bennett to fix retry of control packets. + +* Mon Dec 18 2006 Brendan O'Dea 2.2.0 +- Only poll clifd if successfully bound. +- Add "Practical VPNs" document from Liran Tal as Docs/vpn . +- Add Multilink support from Khaled Al Hamwi. +- Remove non-working setuid option. +- Convert manual.html to Docbook. +- Kludge around problem with Netgear DM602 authentication. +- Add session/idle timeouts (Graham Maltby). +- Use result code AVP to set Acct-Terminate-Cause is disconnect cause + AVP is not present. +- Add radius_bind_{min,max} to simplify firewalling of RADIUS ports. +- Fix sign problem with reporting of unknown RADIUS VSAs. +- Allow DNS servers to be specified either using the old or new + vendor-specific Ascend formats. +- Security [CVE-2006-5873]: Rhys Kidd identified a vulnerability in the + handling of heartbeat packets. Drop oversize heartbeat packets. +- Don't send interim records before session start (Daryl Tester). +- Add "shutdown" and "reload" CLI commands (Daryl Tester). + +* Tue Apr 18 2006 Brendan O'Dea 2.1.18 +- Don't shutdown on TerminateReq, wait for CDN. +- Interpret "local" direction correctly (as LAC) in disconnect AVPs. + +* Thu Apr 13 2006 Brendan O'Dea 2.1.17 +- Fix IPCP length test to allow Terminate-Request (4 bytes). +- Send nsctl responses back using the correct source address (thanks ltd). +- Similarly set the source for DAE responses; use bind_address when + handling forwarded packets on the master. +- Add Acct-Terminate-Cause to RADIUS stop records. + +* Thu Feb 23 2006 Brendan O'Dea 2.1.16 +- Send configured magic-no in LCP EchoReq when LCP is opened. +- Correct addition of single IP to pool (Jonathan Yarden). +- Ensure session changes from LCP ConfigReq/ConfigNak are sent to cluster. +- Verify that RADIUS packets come from a configured server (Jonathan Yarden). +- Avoid endless loop in processipcp, processipv6cp. +- Additional length checks in processlcp. +- Allow peer to request a new magic-number, or to disable magic-numbers. +- Decrease ip_conntrack_tcp_timeout_established to 5hrs (table filling). + +* Mon Dec 19 2005 Brendan O'Dea 2.1.15 +- Drop backtrace. +- Reduce logging of LCP EchoReply packets. +- Break LCP configure loop with shutdown. +- Limit value of MRU of 1492 (rfc2516). +- Tun MTU should be MRU (not MRU+4). +- Add Service-Type/Framed-Protocol to RADIUS records (Paul Martin). + +* Fri Dec 9 2005 Brendan O'Dea 2.1.14 +- Run PLUGIN_RADIUS_ACCOUNT for Start records. + +* Wed Dec 7 2005 Brendan O'Dea 2.1.13 +- Add test/ping-sweep. +- Apply spec changes from Charlie Brady: use License header, change + BuildRoot to include username. +- Fix IPCP negotiation of secondary DNS server, reported by Jon Morby. +- Clean up sessiont, removing some unused fields. +- Remove unused "MAC" config type. +- Reject unknown/unconfigured protocols on the master. +- Sanity check MRU before using in ppp_code_rej, protoreject. + +* Thu Nov 17 2005 Brendan O'Dea 2.1.12 +- Set MTU on tunnel interface so the kernel will re-fragment large + packets to within MRU. +- Fix TCP checksum recalc. +- NAK silly MRU values from peer. + +* Mon Nov 14 2005 Brendan O'Dea 2.1.11 +- Fix fragment handling in ip_filter. +- Exclude counter when comparing filter rules. + +* Sat Nov 5 2005 Brendan O'Dea 2.1.10 +- Add scripts/l2tpns-capture. +- Fix LCP Echo frequency. +- Add Framed-Route entries to RADIUS records. +- Reset restart counters correctly. +- Reset timers on sending ConfigReq. +- Only send one RADIUS Start record, even if IPCP is restarted. + +* Tue Oct 11 2005 Brendan O'Dea 2.1.9 +- Fix Calling-Station-Id in RADIUS accounting records (Slobodan Tomic). +- Fix RADIUS authentication on DAE responses. +- Don't send tunnel HELLO when there are pending control messages. +- Move plugin_radius_reset from *ctl to auto* plugins. +- Add Cisco-AVPairs to RADIUS accounting records via plugin_radius_account. + +* Mon Sep 19 2005 Brendan O'Dea 2.1.8 +- Move code from signal handlers into mainloop, avoiding a race + condition when forking CLI. + +* Fri Sep 16 2005 Brendan O'Dea 2.1.7 +- This time, for sure: really fix Protocol-Reject. + +* Fri Sep 16 2005 Brendan O'Dea 2.1.6 +- Any traffic on a tunnel resets lastrec, not just control messages. +- Use a unique identifier for LCP. +- Fix Code-Reject/Protocol-Reject. +- Add l2tp_mtu configuration option, used to define MRU, MSS. +- Adjust TCP MSS options in SYN and SYN,ACK packets to avoid + fragmentation of tcp packets. + +* Sat Sep 3 2005 Brendan O'Dea 2.1.5 +- Avoid Code-Reject loop. +- Increase size of PPP buffers to MAXETHER. +- Bug fixes for CLI ringbuffer and tunnel HELLO from Yuri. +- Restart rather than halt BGP on receipt of CEASE (Dominique Rousseau). +- Add cluster_mcast_ttl option to allow a cluster to span multiple + subnets (suggested by Tim Devries). + * Mon Aug 29 2005 Brendan O'Dea 2.1.4 - Drop level of "Unexpected CHAP message" log. - Fix parsing of ProtocolRej (allow 1 or two byte protocols). - Handle rejection of MRU negotiation by peer. +- Use local hostname for tunnel in SCCRP (Alex Kiernan). * Wed Aug 17 2005 Brendan O'Dea 2.1.3 - Fail IPCP negotiation only on ConfigRej of IP-Address.