X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/5d174e0df91991ba4f537951ea5c424244ba5ff7..02fdf677415da6f1f3dd2fc7cb1fcd02f8d9ee08:/Changes diff --git a/Changes b/Changes index 1432656..0b2f15f 100644 --- a/Changes +++ b/Changes @@ -1,11 +1,13 @@ -* Thu Jan 13 2005 Brendan O'Dea 2.1.0 -- Add IPv6 support from Jonathan McDowell (work in progress). -- Add CHAP support from Jordan Hrycaj (work in progress). +* Mon May 16 2005 Brendan O'Dea 2.1.0 +- Add IPv6 support from Jonathan McDowell. +- Add CHAP support from Jordan Hrycaj. +- Add interim accounting support from Vladislav Bjelic. +- Negotiate MRU, default 1458 to avoid fragmentation. - Sanity check that cluster_send_session is not called from a child process. - Throttle outgoing LASTSEEN packets to at most one per second for a given seq#. -- More DoS prevention: add packet_limit option to apply a hard limit +- More DoS prevention: add packet_limit option to apply a hard limit to downstream packets per session. - Use bounds-checking lookup functions for string constants. - Add enum for RADIUS codes. @@ -15,6 +17,52 @@ - Log "Accepted connection to CLI" at 4 when connection is from localhost to reduce noise in logs. - Show time since last counter reset in "show counters". +- Remove "save_state" option. Not maintained anymore; use clustering + to retain state across restarts. +- Ensure that sessionkill is not called on an unopened session (borks + the freelist). +- Bump MAXSESSION to 60K. +- Fix off-by-one errors in session/tunnel initialisation and + sessiont <-> sessionidt functions. +- Use session[s].opened consistently when checking for in-use sessions + (rather than session[s].tunnel). +- Use <= cluster_highest_sessionid rather than < MAXSESSION in a + couple of loops. +- Don't kill a whole tunnel if we're out of sessions. +- Change session[s].ip to 0 if set from RADIUS to 255.255.255.254; + avoids the possibility that it will be interpreted as a valid IP + address. +- Avoid a possible buffer overflow in processpap. +- Kill session if authentication was rejected. +- Simplify AVP unhiding code. +- Add optional "username" parameter to ungarden control, allowing the + username to be reset before going online. +- Add result/error codes and message to StopCCN when shutting down tunnels. +- Add result/error codes to CDN when shutting down sessions. Sends 2/7 + (general error, try another LNS) when out of IP addresses, and 3 + (adminstrative) for everything else (suggestion from Chris Gates). +- Only send RADIUS stop record in sessionshutdown when there's an ip address. +- Reset .die on master takeover (so that dying sessions don't have to + hang around until the new master has the same uptime as the old one). +- Update .last_packet in cluster_handle_bytes only when there have + been bytes received from the modem (dead sessions were having the + idle timeout reset by stray packets). +- Use cli_error() for error messages and help. +- Add a Cisco-Avpair with intercept details to RADIUS Start/Stop + records. +- Don't use LOG() macro in initdata() until the config struct has been + allocated (uses config->debug). +- Initialise log_stream to stderr to catch errors before the config file + is read. +- Fix leak in session freelist when initial RADIUS session allocation + fails. +- Don't process C_LASTSEEN unless we're a master (otherwise a crashed + master kills all slaves once restarted). +- Make "show running-config" a privileged command (contains clear text + shared secrets). +- Add sessionctl plugin to provide drop/kill via nsctl. +- Add handling of "throttle=N" RADIUS attributes. +- Fix RADIUS indexing (should have 16K entries with 64 sockets). * Fri Dec 17 2004 Brendan O'Dea 2.0.13 - Better cluster master collision resolution: keep a counter of state