search

whyzdev / ppp-pam

Automatically exported from code.google.com/p/ppp-pam
BSD 3-Clause "New" or "Revised" License
0 stars 0 forks source link

Add fail-safe support for PPP "Version 2" #6

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
pppauth and pam_ppp.so should detect that the user's key is the old version
1 format and continue to work, but also advise the user to generate a new
version 2 key and print new passcards.

See url below for an explanation of version 2:
http://12078.net/grcnews/article.php?id=4743&group=grc.thinktank#4743

Original issue reported on code.google.com by tomf...@gmail.com on 30 Oct 2007 at 6:14

GoogleCodeExporter commented 9 years ago 
Committed -r36: 

Implemented a new versioned key file format that is backwards compatible with 
the
existing format.

Also implemented what I believe will be PPP version 2.  It's switched off at the
moment (_ppp_ver = 1).  Once GRC updates the PPP documentation, it can be 
verified
and new test vectors created.

TODO:
 * Detect old version keyfiles in pam_ppp.so.  Continue to authenticate against ver
1, but advise the user to generate a new key and print new passcards.
 * When running pppauth to print passcards from key file, advise user to generate a
new key and print new passcards.
 * Add a --ver switch to pppauth when working from passphrase in order to test
against old testvectors.

 *

Original comment by tomf...@gmail.com on 31 Oct 2007 at 2:20

GoogleCodeExporter commented 9 years ago 
PPP v2 support has been added in -r53, but it's switched off until it's tested.

Remaining TODO:
 * Advise user to update to V2 key.
 * Add test vectors once V2 is posted on GRC.com

Original comment by tomf...@gmail.com on 2 Nov 2007 at 4:51

GoogleCodeExporter commented 9 years ago 
Test vectors have been added and are passing.  Just have to add the warning 
advising
the user to generate a new V2 key and then V2 support will be switched on.  I 
think
I'll do another release at that point (Version 0.3).

Original comment by tomf...@gmail.com on 4 Nov 2007 at 5:48

GoogleCodeExporter commented 9 years ago 
I've switched on PPP version 2 support in -r66.  I'll hold off on labeling it 
ver 0.3
until I get feedback from some beta testers.

Read more here:
http://groups.google.com/group/ppp-pam/browse_thread/thread/2b59a735c1324992

Original comment by tomf...@gmail.com on 4 Nov 2007 at 6:05