Add NAS-Identifier "npppd" for RADIUS requests. Also send Accouting-On
when RADIUS accounting is configured.

spellings
suggested by jsg

remove unused includes

OK yasuoka@

add a new option to set limits on user-max-sessions each AUTHENTICATION.

It can set limits on different user-max-sessions if there're using several
protocols such as PPPoE and L2TP/IPsec.

ok yasuoka@

Delete lines which are misleading and unneeded.
spotted patrick

Fix: "authconf.users_file_path" is a char[] but is checked as a char*.

Diff from Mathieu Papineau (via Claer)

strings.h -> string.h to prevent an implicit declaration. Also remove a
bunch of NULL-checks before free().

move to <limits.h> universe
ok yasuoka

remove an uneeded test
ok yasuoka@

Use calloc instead of malloc and memset.

from Benjamin Baier

Fixed a bug in npppd_auth_get_user() which caused segmentation faults after
a user authentication is succeeded in case the authentication config option
has `username-suffix' and 'strip-atmark-realm' is yes. Delete
`username-prefix' from authentication setting. This config option was
mis-leading and useless.

port numbers for radius servers were not configured correctly.

pointed out by mxb and Robert Blacquiere

gcc2 doesn't like unnamed fields. make this compile on vax again.
"looks right" deraadt@

New configuration syntax for npppd(8). `npppd.conf' will be based on
parse.y and `npppd-users' will be based on getcap(3). Add man pages.

feedback from giovanni

don't use `reigai' that means `exception' in Japanese as labels.
no binary change.

from Michael W. Bombardieri

Fix comments and styles. Delete unused variables and labels.
No binary changes.

ok mcbride henning

Add RADIUS accounting support and some authentication related changes:

- Add functions to radius+.c that are required to implement RADIUS
accounting.
- Send RADIUS Account-Start and Account-Stop messages with attributes that
are defined by RFC 2866, 2868, 2869.
- If any authentication realm is deleted from the configuration, npppd may
exit by segmentation fault.
- Delete radius_common.c, radius_common.h and eap.c because they are not
used.
- Retransmission and failover are reimplemented.
- Cleanup

add $OpenBSD$ and remove trailing space. no functional change.

Translate Japanese comments or labels into English. Translation was
done by IIJ people (MATSUI Yoshihiro, SAITOH Masanobu, Tomoyuki Sahara),
yuo@ and myself.

This diff also includes
- delete part of useless comments, correct spelling.
- add man page of npppdctl.

There is no functional change.

privilege separation of npppd.

- Drop privilege after daemon initializing.
- Some system calls that requires root privileges were replaced to
wrapper functions that communicate with a separated privileged
process via IPC. And the privileged process checks whether the
operations are acceptable.

fix to compile with gcc4. (from jsg@)

cleanup npppd code. delete IIJ local ifdef switches and fix warnings.
ok @dlg

Initial import npppd(8). npppd is a new PPP daemon that handles many
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.

ok mcbride@ dlg@ deraadt@ reyk@.

spellings
suggested by jsg

remove unused includes

OK yasuoka@

add a new option to set limits on user-max-sessions each AUTHENTICATION.

It can set limits on different user-max-sessions if there're using several
protocols such as PPPoE and L2TP/IPsec.

ok yasuoka@

Delete lines which are misleading and unneeded.
spotted patrick

Fix: "authconf.users_file_path" is a char[] but is checked as a char*.

Diff from Mathieu Papineau (via Claer)

strings.h -> string.h to prevent an implicit declaration. Also remove a
bunch of NULL-checks before free().

move to <limits.h> universe
ok yasuoka

remove an uneeded test
ok yasuoka@

Use calloc instead of malloc and memset.

from Benjamin Baier

Fixed a bug in npppd_auth_get_user() which caused segmentation faults after
a user authentication is succeeded in case the authentication config option
has `username-suffix' and 'strip-atmark-realm' is yes. Delete
`username-prefix' from authentication setting. This config option was
mis-leading and useless.

port numbers for radius servers were not configured correctly.

pointed out by mxb and Robert Blacquiere

gcc2 doesn't like unnamed fields. make this compile on vax again.
"looks right" deraadt@

New configuration syntax for npppd(8). `npppd.conf' will be based on
parse.y and `npppd-users' will be based on getcap(3). Add man pages.

feedback from giovanni

don't use `reigai' that means `exception' in Japanese as labels.
no binary change.

from Michael W. Bombardieri

Fix comments and styles. Delete unused variables and labels.
No binary changes.

ok mcbride henning

Add RADIUS accounting support and some authentication related changes:

- Add functions to radius+.c that are required to implement RADIUS
accounting.
- Send RADIUS Account-Start and Account-Stop messages with attributes that
are defined by RFC 2866, 2868, 2869.
- If any authentication realm is deleted from the configuration, npppd may
exit by segmentation fault.
- Delete radius_common.c, radius_common.h and eap.c because they are not
used.
- Retransmission and failover are reimplemented.
- Cleanup

add $OpenBSD$ and remove trailing space. no functional change.

Translate Japanese comments or labels into English. Translation was
done by IIJ people (MATSUI Yoshihiro, SAITOH Masanobu, Tomoyuki Sahara),
yuo@ and myself.

This diff also includes
- delete part of useless comments, correct spelling.
- add man page of npppdctl.

There is no functional change.

privilege separation of npppd.

- Drop privilege after daemon initializing.
- Some system calls that requires root privileges were replaced to
wrapper functions that communicate with a separated privileged
process via IPC. And the privileged process checks whether the
operations are acceptable.

fix to compile with gcc4. (from jsg@)

cleanup npppd code. delete IIJ local ifdef switches and fix warnings.
ok @dlg

Initial import npppd(8). npppd is a new PPP daemon that handles many
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.

ok mcbride@ dlg@ deraadt@ reyk@.

remove unused includes

OK yasuoka@

add a new option to set limits on user-max-sessions each AUTHENTICATION.

It can set limits on different user-max-sessions if there're using several
protocols such as PPPoE and L2TP/IPsec.

ok yasuoka@

Delete lines which are misleading and unneeded.
spotted patrick

Fix: "authconf.users_file_path" is a char[] but is checked as a char*.

Diff from Mathieu Papineau (via Claer)

strings.h -> string.h to prevent an implicit declaration. Also remove a
bunch of NULL-checks before free().

move to <limits.h> universe
ok yasuoka

remove an uneeded test
ok yasuoka@

Use calloc instead of malloc and memset.

from Benjamin Baier

Fixed a bug in npppd_auth_get_user() which caused segmentation faults after
a user authentication is succeeded in case the authentication config option
has `username-suffix' and 'strip-atmark-realm' is yes. Delete
`username-prefix' from authentication setting. This config option was
mis-leading and useless.

port numbers for radius servers were not configured correctly.

pointed out by mxb and Robert Blacquiere

gcc2 doesn't like unnamed fields. make this compile on vax again.
"looks right" deraadt@

New configuration syntax for npppd(8). `npppd.conf' will be based on
parse.y and `npppd-users' will be based on getcap(3). Add man pages.

feedback from giovanni

don't use `reigai' that means `exception' in Japanese as labels.
no binary change.

from Michael W. Bombardieri

Fix comments and styles. Delete unused variables and labels.
No binary changes.

ok mcbride henning

Add RADIUS accounting support and some authentication related changes:

- Add functions to radius+.c that are required to implement RADIUS
accounting.
- Send RADIUS Account-Start and Account-Stop messages with attributes that
are defined by RFC 2866, 2868, 2869.
- If any authentication realm is deleted from the configuration, npppd may
exit by segmentation fault.
- Delete radius_common.c, radius_common.h and eap.c because they are not
used.
- Retransmission and failover are reimplemented.
- Cleanup

add $OpenBSD$ and remove trailing space. no functional change.

Translate Japanese comments or labels into English. Translation was
done by IIJ people (MATSUI Yoshihiro, SAITOH Masanobu, Tomoyuki Sahara),
yuo@ and myself.

This diff also includes
- delete part of useless comments, correct spelling.
- add man page of npppdctl.

There is no functional change.

privilege separation of npppd.

- Drop privilege after daemon initializing.
- Some system calls that requires root privileges were replaced to
wrapper functions that communicate with a separated privileged
process via IPC. And the privileged process checks whether the
operations are acceptable.

fix to compile with gcc4. (from jsg@)

cleanup npppd code. delete IIJ local ifdef switches and fix warnings.
ok @dlg

Initial import npppd(8). npppd is a new PPP daemon that handles many
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.

ok mcbride@ dlg@ deraadt@ reyk@.

add a new option to set limits on user-max-sessions each AUTHENTICATION.

It can set limits on different user-max-sessions if there're using several
protocols such as PPPoE and L2TP/IPsec.

ok yasuoka@

Delete lines which are misleading and unneeded.
spotted patrick

Fix: "authconf.users_file_path" is a char[] but is checked as a char*.

Diff from Mathieu Papineau (via Claer)

strings.h -> string.h to prevent an implicit declaration. Also remove a
bunch of NULL-checks before free().

move to <limits.h> universe
ok yasuoka

remove an uneeded test
ok yasuoka@

Use calloc instead of malloc and memset.

from Benjamin Baier

Fixed a bug in npppd_auth_get_user() which caused segmentation faults after
a user authentication is succeeded in case the authentication config option
has `username-suffix' and 'strip-atmark-realm' is yes. Delete
`username-prefix' from authentication setting. This config option was
mis-leading and useless.

port numbers for radius servers were not configured correctly.

pointed out by mxb and Robert Blacquiere

gcc2 doesn't like unnamed fields. make this compile on vax again.
"looks right" deraadt@

New configuration syntax for npppd(8). `npppd.conf' will be based on
parse.y and `npppd-users' will be based on getcap(3). Add man pages.

feedback from giovanni

don't use `reigai' that means `exception' in Japanese as labels.
no binary change.

from Michael W. Bombardieri

Fix comments and styles. Delete unused variables and labels.
No binary changes.

ok mcbride henning

Add RADIUS accounting support and some authentication related changes:

- Add functions to radius+.c that are required to implement RADIUS
accounting.
- Send RADIUS Account-Start and Account-Stop messages with attributes that
are defined by RFC 2866, 2868, 2869.
- If any authentication realm is deleted from the configuration, npppd may
exit by segmentation fault.
- Delete radius_common.c, radius_common.h and eap.c because they are not
used.
- Retransmission and failover are reimplemented.
- Cleanup

add $OpenBSD$ and remove trailing space. no functional change.

Translate Japanese comments or labels into English. Translation was
done by IIJ people (MATSUI Yoshihiro, SAITOH Masanobu, Tomoyuki Sahara),
yuo@ and myself.

This diff also includes
- delete part of useless comments, correct spelling.
- add man page of npppdctl.

There is no functional change.

privilege separation of npppd.

- Drop privilege after daemon initializing.
- Some system calls that requires root privileges were replaced to
wrapper functions that communicate with a separated privileged
process via IPC. And the privileged process checks whether the
operations are acceptable.

fix to compile with gcc4. (from jsg@)

cleanup npppd code. delete IIJ local ifdef switches and fix warnings.
ok @dlg

Initial import npppd(8). npppd is a new PPP daemon that handles many
ppp sessions as a server. It supports L2TP, PPTP and PPPoE as
tunneling.

ok mcbride@ dlg@ deraadt@ reyk@.