From cf3de06a3346854d770ba147f081e3b22e93c1bc Mon Sep 17 00:00:00 2001
From: Kozlov Dmitry <xeb@mail.ru>
Date: Thu, 24 Jan 2013 23:58:56 +0400
Subject: backport 1.7 * l2tp: Fix allocation checking when adding octets AVP *
 cli, tcp: Fix non-NULL terminated string reception * Fix va_end() missing
 calls * chap-secrets: implemented encryption * auth_pap: make messages like
 other auth modules * cli: check xmit_buf is not null at enter to write
 function * pppoe: implemented regular expression support * chap-secrets:
 implemented encryption * ippool: fixed initialization order * optional shaper
 compiling * ppp: dns/wins code cleanup

---
 README | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'README')

diff --git a/README b/README
index fe2f5f73..450ba857 100644
--- a/README
+++ b/README
@@ -153,6 +153,15 @@ snmpset -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::termByUsername
 snmpset -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::cli.0 = "shaper change all 1024 temp"
 
 
+chap-secrets encryption
+-----------------------
+To enable chap-secrets encryption ablity accel-ppp must be compiled with -DCRYPTO=OPENSSL (which is default).
+Username field may be kept as cleartext or hashed through some hash chain. To specify hash chain use username-hash option.
+For example, username-hash=md5,sha1 means hash username through md5 and then binary result hash through sha1.
+Username have to be specified as hexadecimal dump of digest result.
+Password field have to be encrypted using smbencrypt (NT Hash part).
+Encryption is incompatible with auth_chap_md5 module.
+
 
 Warning !!!
 -----------
-- 
cgit v1.2.3