pppd-sql
pppd-sql is a plugin for the Point-to-Point server (pppd) on Linux and Solaris that adds an authentication backend using a MySQL or PostgreSQL database for the Challenge Handshake Authentication Protocol (CHAP) and Password Authentication Protocol (PAP). It supports MS-CHAPv1 and MS-CHAPv2 too. The IPCP negotiation after authentication handshake is also supported. pppd-sql supports a flexible configuration scheme, has concurrent connection handling for single users across multiple tunnel servers, and comes with easy and handy documentation.
| Tags | Communications Networking Software Development Libraries |
|---|---|
| Licenses | GPLv2 |
| Operating Systems | POSIX Solaris Linux |
| Implementation | C |
Recent releases
- 08 Jul 2009 06:18
Changes: This version adds support for fetching the server IP address from the database. This will be done with the two new configuration options, "mysql-column-server-ip" and "pgsql-column-server-ip". This version also adds support for evaluating the return value of the IP up and down scripts. This is done with the help of four new configuration options, "mysql-ip-up-fail", "mysql-ip-down-fail", "pgsql-ip-up-fail", and "pgsql-ip-down-fail". Some small documentation bugs were fixed. The annoying issue in which authentication failed if columns are prefixed with the table name was resolved.
- 28 Jan 2009 08:58
Changes: This version adds support for exclusive read and write locking on the selected row. This will improve the concurrent connection handler a lot. Support was added for IP configuration scripts with additional parameters (username, received bytes, transmitted bytes, and link duration). Blocking support was added. Four new configuration options were added: "mysql-ip-up", "mysql-ip-down", "pgsql-ip-up", and "pgsql-ip-down".
- 18 Jan 2009 21:04
Changes: This version includes support for concurrent connection handling of single users across multiple tunnel servers. Six new configuration options were added 'mysql-port', 'mysql-column-update', 'mysql-exclusive', 'pgsql-port', 'pgsql-column-update', and 'pgsql-exclusive'. The built-in failover functionality was removed (it is impossible with the concurrent connection handler, and should be made with separate database utilities).
- 12 Jan 2009 05:51
Changes: This version includes support for authentication fallback against the usual '/etc/ppp/pap-secrets' or '/etc/ppp/chap-secrets' files. Two new configuration options have been added: 'mysql-authoritative' and 'pgsql-authoritative'. SQL scripts with database schemas for import have been added. A bug has been fixed, allowing the plugin to verify CHAP authentication credentials with AES encryption.
- 08 Dec 2008 02:53
Changes: This version adds support for encrypted password storage inside the database. The current supported one-way hashes are MD5 and the UNIX crypt(). The current supported symmetric cipher is AES-128.
