Package: ppp Version: 2.4.4rel-10 Severity: normal There's a bug in pppd that appears, if the options "-chap", "name" and "remotename" are set and there are credentials for name and remotename in the chap-secrets file.
In that case, if the peers' ConfReq contains <auth chap FOO>, pppd correctly decides to NAK that option. But, when deciding on which value to offer for the auth-option instead, it will forget about "-chap" and, because it finds matching credentials in chap-secrets, it will offer "<auth chap BAR>" again. This is wrong. If deciding for a new value for the auth option in the NAK message, pppd should only take mechanisms into account, that are not forbidden in the pppd config. An example debug log: Connect: ppp0 <--> /dev/ttyUSB0 sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbe4399d8> <pcomp> <accomp>] rcvd [LCP ConfReq id=0x0 <asyncmap 0x0> <auth chap MD5> <magic 0xeb0ad3> <pcomp> <accomp>] sent [LCP ConfNak id=0x0 <auth chap MS-v2>] rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xbe4399d8> <pcomp> <accomp>] rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0xeb0ad3> <pcomp> <accomp>] sent [LCP ConfNak id=0x1 <auth chap MS-v2>] rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <auth chap MD5> <magic 0xeb0ad3> <pcomp> <accomp>] sent [LCP ConfNak id=0x2 <auth chap MS-v2>] rcvd [LCP ConfReq id=0x3 <asyncmap 0x0> <auth chap MD5> <magic 0xeb0ad3> <pcomp> <accomp>] sent [LCP ConfNak id=0x3 <auth chap MS-v2>] rcvd [LCP ConfReq id=0x4 <asyncmap 0x0> <auth chap MD5> <magic 0xeb0ad3> <pcomp> <accomp>] sent [LCP ConfNak id=0x4 <auth chap MS-v2>] rcvd [LCP ConfReq id=0x5 <asyncmap 0x0> <auth chap MD5> <magic 0xeb0ad3> <pcomp> <accomp>] sent [LCP ConfRej id=0x5 <auth chap MD5>] -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686-latitude (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages ppp depends on: ii libc6 2.7-10 GNU C Library: Shared libraries ii libpam-modules 0.99.7.1-6 Pluggable Authentication Modules f ii libpam-runtime 0.99.7.1-6 Runtime support for the PAM librar ii libpam0g 0.99.7.1-6 Pluggable Authentication Modules l ii libpcap0.8 0.9.8-3 system interface for user-level pa ii netbase 4.32 Basic TCP/IP networking system ii procps 1:3.2.7-8 /proc file system utilities ppp recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
