1128344 – pppd won't log successful peer CHAP authentication

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1128344 - pppd won't log successful peer CHAP authentication

Summary: pppd won't log successful peer CHAP authentication

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ppp
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	low
Target Milestone:	rc
Target Release:	---
Assignee:	Jaroslav Škarvada
QA Contact:	qe-baseos-daemons
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-08-09 10:04 UTC by giulioo
Modified:	2019-12-06 16:09 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-12-06 16:09:29 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Restore log of successful logins (365 bytes, patch) 2014-08-09 10:04 UTC, giulioo	no flags	Details \| Diff
View All

Description giulioo 2014-08-09 10:04:30 UTC

Created attachment 925364 [details]
Restore log of successful logins

Description of problem:
 
For a long time pppd has stopped logging successful chap logins from a 'peer'
to pppd itself (ie: pppd used by pptpd as VPN server), while it keeps on
logging failed attempts. I think this is a bug, because at one time (ie RHEL3 or something like that) it did log successful logins and it's useful to look
at the logs and see the usernames of people who accessed the system.
 
Version-Release number of selected component (if applicable):
ppp-2.4.5-33.el7.x86_64
 
How reproducible:
 
Install PPTPD and:
 
- login with wrong password:   username gets logged
Aug  9 10:43:07 linux6 pppd[8392]: Using interface ppp0
Aug  9 10:43:07 linux6 pppd[8392]: Connect: ppp0 <--> /dev/pts/2
Aug  9 10:43:10 linux6 pppd[8392]: Peer abcd failed CHAP authentication  <<===

- login with correct password: no username is logged
Aug  9 10:43:21 linux6 pppd[8403]: Using interface ppp0
Aug  9 10:43:21 linux6 pppd[8403]: Connect: ppp0 <--> /dev/pts/2
Aug  9 10:43:24 linux6 pppd[8403]: MPPE 128-bit stateless compression enabled
Aug  9 10:43:26 linux6 pppd[8403]: local  IP address 10.0.0.1
Aug  9 10:43:26 linux6 pppd[8403]: remote IP address 10.0.0.2
 
Additional info:
I'm attaching a patch which restores the log, I got the patch from here
http://osdir.com/ml/network.poptop/2004-10/msg00085.html
 
Successful login with the patch:
Aug  9 10:58:24 linux6 pppd[8852]: Using interface ppp0
Aug  9 10:58:24 linux6 pppd[8852]: Connect: ppp0 <--> /dev/pts/2
Aug  9 10:58:27 linux6 pppd[8852]: Peer abcd CHAP authentication succeeded  <<==
Aug  9 10:58:27 linux6 pppd[8852]: MPPE 128-bit stateless compression enabled
Aug  9 10:58:28 linux6 pppd[8852]: local  IP address 10.0.0.1
Aug  9 10:58:28 linux6 pppd[8852]: remote IP address 10.0.0.2

Comment 5 Tomáš Hozza 2019-12-06 16:09:23 UTC

Red Hat Enterprise Linux version 7 entered the Maintenance Support 1 Phase in August 2019. In this phase only qualified Critical and Important Security errata advisories (RHSAs) and Urgent Priority Bug Fix errata advisories (RHBAs) may be released as they become available. Other errata advisories may be delivered as appropriate.

This bug has been reviewed by Support and Engineering representative and does not meet the inclusion criteria for Maintenance Support 1 Phase. If this issue still exists in newer major version of Red Hat Enterprise Linux, it has been cloned there and work will continue in the cloned bug.

For more information about Red Hat Enterprise Linux Lifecycle, please see https://access.redhat.com/support/policy/updates/errata/

Comment 6 RHEL Program Management 2019-12-06 16:09:29 UTC

Development Management has reviewed and declined this request. You may appeal this decision by using your Red Hat support channels, who will make certain  the issue receives the proper prioritization with product and development management.

https://www.redhat.com/support/process/production/#howto

Note You need to log in before you can comment on or make changes to this bug.