Bug 31607

Summary: /etc/ppp/pap-secrets needs IP field, which is not listed as mandatory
Product: Documentation Reporter: Alex Popa <razor>
Component: Books & ArticlesAssignee: freebsd-doc (Nobody) <doc>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Alex Popa 2001-10-29 21:50:01 UTC 
	The pppd(8) man page states (around line 818 on a cons25 terminal)
	that "Thus each line in a secrets file has at least 3 fields:
	the name of  the  client,  the name  of  the server, and the
	secret.  These fields may be followed by a list of the IP
	addresses that the specified client may use when connecting to
	the specified server." (note: AUTHENTICATION section of the
	manpage)

	Not having the fourth field, the IP address, in the file will
	cause all PAP authentication attempts to fail.  Having the
	fourth field causes PAP auth to work as expected.

Fix: 

Mention the fourth (IP) field is mandatory, in the manpage;
	alternatively, have pppd accept auth even if the 4th field is
	not present.
Comment 1 dd freebsd_committer freebsd_triage 2001-11-04 22:34:02 UTC 
Responsible Changed
From-To: freebsd-doc->brian

Over to PPP maintainer.
Comment 2 Brian Somers freebsd_committer freebsd_triage 2001-11-05 11:02:29 UTC 
Responsible Changed
From-To: brian->freebsd-doc

I don't do pppd(8) I'm afraid
Comment 3 hiten pandya 2001-12-13 22:37:22 UTC 
The last field (the fourth field) is not must, but it is only
used in special cases when the user has been given an ip
address my their ISP.  As most ISPs do not allow the user to
assign IP addresses;  the IP addresses are picked out from an
IP Pool at the ISPs end.

The following is a typical format of the ppp-secrets file:

# Secrets for authentication using PAP
# client     server     secret     acceptable_local_IP_addresses

Summary: The use of the fourth field is to _force_ the ppp server
to assign the ip address provided in field.  It is very
unlikely (security matters), that ppp servers would allow a
remote client to set the IP number they are to be given.

Note: This PR can now be succefully closed after clarifying the
issue regarding the fourth field of the /etc/pap-secrets file.

If any one who is reading this followup-trail would like to
clarify this with external sources, i would suggest you start out
with http://www.linuxdoc.org/HOWTO/PPP-HOWTO/, which is a good
source on PPP related information.

Thanks,
=Hiten
=<hiten@uk.FreeBSD.org>
Comment 4 Hiten Pandya 2001-12-18 06:33:15 UTC 
This PR can now be closed, as discussion about this topic has already
been carried out on the -doc mailing list, as it has also been clarified
with the Linux PPP-HowTO about how to resolve the issue.

No Patches are needed.

=Hiten
=<hiten@uk.FreeBSD.org>
Comment 5 ru freebsd_committer freebsd_triage 2001-12-18 08:39:30 UTC 
State Changed
From-To: open->closed

Asked and answered.