#43 L2TP Tunnel Switching Enhancements - Proxy authentication

[Anonymous]

This patch contains 2 enhancements to support operation of mpd 5.5 as an L2TP Tunnel Switch (LTS).

Primarily, it adds proxy CHAP authentication. If an incoming L2TP session provides proxy authentication attributes (and you have specified "set l2tp enable proxychap"), then MPD will use these to perform authentication before LCP is started. If the authentication method (e.g. RADIUS server) returns a repeater action then the session will be forwarded immediately without MPD needing to perform any LCP negotiation. If the authentication fails or does not yield a 'forward' or 'drop' action then local LCP negotiation and authentication will occur.

Secondly, this patch ensures that the RX and TX connect speed information provided by the LAC for an incoming L2TP sessions is forwarded on when MPD repeats this session to another L2TP session.

[Anonymous]

Add L2TP Proxy CHAP authentication and connection speed reporting

[Alexander Motin]

It would be very like to have L2TP auth proxy in mpd, but I don't like this specific implementation. Calling auth from the physical layer is IMHO not good. Specific tuning only for CHAP is also not good. Perfect solution I would suppose in passing (make it accessible in some form) auth information up to the LCP layer to make it handled in regular way.