openl2tp (1.6-1) unstable; urgency=low

  * Import a patch from Ben McKeegan which ensures that subprocesses
    don't inherit opened file descriptors from openl2tpd. In some
    circumstances, sockets would remain open until all spawned
    processes exited, which lead to some unusual
    effects. Specifically, for any given tunnel, so long as any of the
    pppd processes that were forked while that tunnel was up
    (including those on different tunnels) are still running or any
    daemons started from their init scripts are running, the UDP
    socket is never closed, even when openl2tp itself has long since
    closed the socket and forgotten about it. This also fixes Bug
    #2056243 reported by Ulrich Holeschak.

  * Deprecate the l2tpconfig help command. The help command caused
    l2tpconfig to hang but since it doesn't add any value over the man
    page, let's deprecate it. This was first reported in Bug #1792299.

  * Fix compiler warnings in the pppd plugins.

  * Avoid linking openl2tpd/l2tpconfig against unnecessary libs
    (libnsl, libncurses, librt).

  * Split the RPC and header files out to a separate devel package;
    these files only need to be installed by developers implementing
    OpenL2TP plugins or applications that use the OpenL2TP APIs.

  * Fix a bug that was introduced in v1.5 which broke the
    inhibit_default_plugin flag. This flag is used by some test
    plugins to inhibit the use of ppp_unix.so for testing.

 -- James Chapman <jchapman@katalix.com>  Wed, 24 Sep 2008 21:53:23 +0000

openl2tp (1.5-1) unstable; urgency=low

  * Fix ppp profile ppp authentication options which seem to have been
    broken since 0.17. The auth_pap, auth_chap etc options should
    translate into refuse-xxx options to pppd, but these pppd
    arguments were not generated properly.

  * While testing an install for an ISP, it was found that pppd would
    always offer EAP authentication when negotiating with its peer,
    despite auth_eap=off being set in the ppp profile. It turns out
    that some ppp peers (including Cisco!) drop the connection unless
    the peer asks for the exactly the same authentication
    method. Specifically, in a Cisco, if CHAP is configured, it will
    drop the connection if the peer suggests that it can do EAP. To
    configure pppd to force a specific authentication method, one of
    pppd's require-xxx options must be used. Until now, OpenL2TP has
    no interface to control pppd's require-xxx auth options. With this
    release, if all but one of the ppp profile's auth_xxx options is
    disabled, OpenL2TP will now automatically add the require-xxx pppd
    auth option for the one auth option that is enabled. For example,
    to configure CHAP only, set auth_chap=yes auth_pap=no
    auth_mschapv1=no auth_mschapv2=no auth_eap=no in the ppp
    profile. This will yield the following pppd arguments: refuse-pap
    refuse-mschap refuse-mschap-v2 refuse-eap require-chap.

  * Fixed a bug in the per-tunnel session limit handling. If
    configured with a session limit (non-zero max_sessions value), the
    tunnel's session count would be decremented twice if a session was
    cleaned up as a result of reaching the session limit. As a result,
    the next session would be successfully created, resulting in more
    sessions on the tunnel than the user requested.

  * Improve session event generation such that session_down events are
    generated only if the session_up event was previously generated
    and session_deleted events are generated only if the
    session_created event was previously generated. Previously, if a
    session never came up successfully, a session_down and a
    session_deleted event was generated. Anyone using custom openl2tp
    plugins which use the session_down and session_deleted hooks
    should test their plugins after taking this release.

  * Add a new event_sock plugin which exports a named pipe
    /tmp/openl2tpd.evt for use by other processes. A process may
    listen on the named pipe for event messages from openl2tpd which
    tell of session up/down/created/deleted events. See
    doc/README.event_sock for details.

  * Change the loading of plugins to be done after the core
    application init has completed. In previous versions, plugins were
    loaded during command line argument parsing. This change allows
    plugins to use openl2tpd internal APIs that would otherwise be
    uninintalialised when the plugin is loaded. The new event_sock
    plugin makes use of this to register its file descriptor(s) with
    the application main loop.

 -- James Chapman <jchapman@katalix.com>  Sun, 17 Aug 2008 10:22:41 +0000

openl2tp (1.4-1) unstable; urgency=low

  * Fix a bug in the parsing of some parameters of config
    files. Previous versions limited the characters that could be used
    in string values such that parameters that were filenames
    containing the / character lead to parse errors. The parser is now
    more flexible about the characters that it allows in string
    values.

  * Revert a change made in 1.0 to do with L2TP Hello message
    generation. Prior to 1.0, we only sent Hello packets if no L2TP
    control _or_ data packets passed over the tunnel during the Hello
    timeout period, but this was changed to unconditionally send
    Hellos. It turns out that the L2TPv3 spec (Openl2tp is currently
    L2TPv2) specifies the behaviour that we had prior to 1.0. The new
    spec says that the L2TPv2 spec was misinterpreted by several
    vendors and explicitely calls out that all L2TP implementations
    should check for both control and data activity before sending a
    Hello. This avoids possible Hello timeouts when under extreme load
    conditions, where Hello messages might be swamped by data traffic.

  * Don't create the tunnel PPPoX socket until the tunnel is
    up. (Session PPPoX sockets are unchanged.) We previously created
    the tunnel socket when the tunnel instance was created, before the
    peer tunnel id was known. This change means that the actual peer
    tunnel id so can be passed down to the kernel when the connect()
    call is made.

  * Update the ipsec plugin to use absolute paths to the ipsec
    utilities. This avoids problems when the server runs somewhere
    other than / (typically when run in the foreground for debugging).
	
  * Change GNU-specific __FUNCTION__ strings in the source code to
    __func__ since the former is now deprecated. This change does not
    alter the generated code.

  * Change the structure of a struct l2tp_packet to store a struct
    iovec in the structure rather than using our own struct
    l2tp_packet_buffer. This avoids allocating a struct iovec when
    building the struct msghdr for sendmsg() calls. It also avoids
    converting from one struct format to another and is therefore more
    efficient. There are no externally visible differences as a result
    of this change.

  * Fix the no_ppp=yes parameter of session and session profiles. A
    change in version 1.2 broke this feature such that sessions failed
    whenever this parameter was set.

 -- James Chapman <jchapman@katalix.com>  Thu, 08 May 2008 19:24:45 +0000

openl2tp (1.3-1) unstable; urgency=low

  * Fix a bug in the handling of the host_name AVP which would cause
    junk characters on the end of the name, depending on the order of
    the AVPs in the message. If this AVP is followed by an AVP with
    its Mandatory bit set, the host_name string isn't null-terminated,
    so OpenL2TP includes extra characters in the string. Since the
    host_name AVP can be used by OpenL2TP to find a matching peer
    profile or to do simple tunnel authentication, this was causing
    tunnel setup problems with some vendor equipment (Huawei). This
    problem was reported by Keith Tin.

  * Remove the validation checks on the M-bit of AVPs. The L2TP spec
    specifies whether the M-bit should be set or clear for each AVP,
    so OpenL2TP used to validate that and reject messages from peers
    that did not conform to the spec. It has recently been found that
    Huawei L2TP implementations set the M-bit incorrectly in some AVPs
    which caused tunnel setup problems. But further research into
    L2TPv3 (which is not yet supported by OpenL2TP) found that L2TPv3
    _requires_ that L2TPv2 implementations do not validate AVP M-bit
    values against the L2TPv2 spec. So for L2TPv3 interopability, this
    check has been removed.

  * Rewrite the pppd-to-openl2tpd interface to use regular Unix domain
    sockets rather than RPC. This interface is used by pppd to tell
    openl2tpd when the ppp interface comes up or goes down. While RPC
    is good for the management interface where the command client and
    L2TP server may run on machines with different architectures, the
    pppd processes always run on the same CPU as openl2tpd, so the
    complexity of RPC is overkill. Users won't see any behaviour
    change - things should work exactly as before. Heavy users (ISPs)
    might notice some performance improvement when setting up or
    tearing down thousands of PPP sessions.
	
 -- James Chapman <jchapman@katalix.com>  Wed, 09 Apr 2008 19:26:33 +0000
	
openl2tp (1.2-1) unstable; urgency=low

  * Fix multilink PPP. This has been broken since 1.0, when the PPP
    setup timer was introduced. The fix is to have the openl2tp pppd
    plugin send an event to openl2tpd for every PPP interface in the
    multilink PPP bundle, not just the first.

  * Fix a bug in the config file parser which failed to process the
    default_route argument of ppp profiles. Any config file with this
    option would fail to parse.

  * Fix the ppp dependency rule in the Debian control file to handle
    the fact that Debian/Ubuntu use a suffix name in the ppp package
    version which breaks our =2.4.4 dependency and prevents clean
    package install on some systems. We now use a combined >=2.4.4 and
    <2.4.5 rule instead of =2.4.4.

 -- James Chapman <jchapman@katalix.com>  Mon, 24 Mar 2008 20:43:43 +0000

openl2tp (1.1-1) unstable; urgency=low
 
  * Fix compiler optimisation issues when compiled with recent gcc-4.x
    compilers. Modern gcc can aggressively reorder instructions and
    even functions. In the case of USL list operations, this can cause
    code to be executed the wrong side of list add/remove which
    results in corrupted lists or timing issues. The problem can show
    itself by openl2tpd hanging while walking lists, but other random
    crashes could also occur. The fix is to use memory barriers in the
    low level USL list operations.

  * Initialize the random seed using a value from /dev/urandom at
    startup so that the assigned tunnel_id / session_id values have
    better randomness. (We used to use /dev/urandom directly for all
    random ids rather than libc's random() call but we switched to
    random() when it was found that stress testing could cause reads
    to /dev/urandom to block due to the system's entropy pool being
    exhausted in extreme load conditions.) Using /dev/urandom to init
    the random seed is a good compromise.

  * Fix pppd plugin to always call the ip up/down hooks to send status
    back to openl2tpd, regardless of whether pppol2tp_ifname was
    specified. Previously, the hooks were only needed when the
    interface name wasn't specified because we used the event to
    discover the ppp interface name in openl2tpd. But these hooks are
    now used to stop the session's ppp setup timer so we always need
    them. This bug was introduced in 1.0 and was reported by Iouri
    Kharon.

  * Minor improvements to debian startup script.

  * Apply several fixes from Ben McKeegan:

    - Fix ppp_unix plugin to prevent "active pppd count gone negative"
      error messages. This bug could cause the daemon to segfault when
      lots of PPP sessions were present.

    - Fix a bug in the transmit queue code which could crash the
      daemon if a ZLB ever found its way onto the packet queue.

    - Fix uninitialised variable bug in USL's child pid handling
      code. This could cause an openl2tpd crash on a heavily loaded
      system.

    - Fix a buffer overrun bug in the CLI code if l2tpconfig is
      connected to a remote openl2tpd.

  * Fix errors found with valgrind:

    - Incorrect checks for valid fd before close() calls in several
      places.

    - Possible buffer overrun when storing result_code AVP data from
      peer.

    - Fix uninitialised data errors in struct sockaddr
      structures. While these specific valgrind errors are bogus, it
      is useful to fix the code to get rid of the valgrind complaints.
 
 -- James Chapman <jchapman@katalix.com>  Sun, 24 Feb 2008 14:56:08 +0000

openl2tp (1.0-1) unstable; urgency=low
 
  * Initial release
 
 -- James Chapman <jchapman@katalix.com>  Sun, 11 Feb 2008 11:45:17 +0000
