rpms
/
ppp
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: rpms:master
Branches Tags
rpms:master
rpms:f38-riscv64
rpms:master-riscv64
rpms:f28
rpms:f27
rpms:f26
rpms:f24
rpms:f25
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f19
rpms:f18
rpms:f16
rpms:f17
rpms:f13
rpms:f15
rpms:f14
rpms:f11
rpms:f9
rpms:f10
rpms:f12
rpms:f7
rpms:f8
rpms:ppp-2_4_5-9_fc12
rpms:ppp-2_4_5-9_fc13
rpms:ppp-2_4_5-10_fc14
rpms:ppp-2_4_5-9_fc14
rpms:ppp-2_4_4-13_fc11
rpms:ppp-2_4_5-8_fc13
rpms:ppp-2_4_5-7_fc13
rpms:ppp-2_4_5-8_fc14
rpms:ppp-2_4_5-8_fc12
rpms:ppp-2_4_5-7_fc12
rpms:ppp-2_4_5-6_fc12
rpms:ppp-2_4_5-6_fc13
rpms:F-13-start
rpms:F-13-split
rpms:ppp-2_4_5-5_fc12
rpms:ppp-2_4_5-5_fc13
rpms:ppp-2_4_5-4_fc13
rpms:ppp-2_4_5-3_fc12
rpms:ppp-2_4_4-12_fc11
rpms:ppp-2_4_5-2_fc12
rpms:ppp-2_4_5-1_fc12
rpms:ppp-2_4_5-2_fc13
rpms:ppp-2_4_5-1_fc13
rpms:ppp-2_4_4-14_fc13
rpms:ppp-2_4_4-13_fc12
rpms:F-12-start
rpms:F-12-split
rpms:ppp-2_4_4-12_fc12
rpms:ppp-2_4_4-11_fc11
rpms:F-11-start
rpms:F-11-split
rpms:ppp-2_4_4-10_fc11
rpms:ppp-2_4_4-9_fc11
rpms:ppp-2_4_4-8_fc10
rpms:F-10-start
rpms:F-10-split
rpms:ppp-2_4_4-7_fc9
rpms:ppp-2_4_4-7_fc10
rpms:ppp-2_4_4-6_fc9
rpms:F-9-start
rpms:F-9-split
rpms:ppp-2_4_4-5_fc9
rpms:ppp-2_4_4-4_fc9
rpms:ppp-2_4_4-3
rpms:F-8-start
rpms:F-8-split
rpms:ppp-2_4_4-2
rpms:F-7-start
rpms:F-7-split
rpms:ppp-2_4_4-1
rpms:FC-6-split
rpms:ppp-2_4_3-6_2_2
rpms:ppp-2_4_3-6_2_1
rpms:FC-5-split
rpms:ppp-2_4_3-6_2
rpms:ppp-2_4_3-6_1
rpms:ppp-2_4_3-6
rpms:ppp-2_4_3-5
rpms:ppp-2_4_3-4
rpms:ppp-2_4_3-3
rpms:ppp-2_4_3-2_1
rpms:ppp-2_4_3-2
rpms:ppp-2_4_3-1
rpms:ppp-2_4_2-7
rpms:FC-4-split
rpms:ppp-2_4_2-6_3
rpms:RHEL-4-split
rpms:FC-3-split
rpms:ppp-2_4_2-6_2
rpms:ppp-2_4_2-6_1
rpms:ppp-2_4_2-6
rpms:ppp-2_4_2-5_1
rpms:ppp-2_4_2-5
rpms:present-on-devel
rpms:ppp-2_4_2-4
rpms:ppp-2_4_2-3_1
rpms:ppp-2_4_2-3
rpms:ppp-2_4_2-2_3
rpms:ppp-2_4_2-2_2
rpms:ppp-2_4_2-2_1
rpms:ppp-2_4_2-2
rpms:scratch-split
rpms:ppp-2_4_1-16
rpms:ppp-2_4_1-15
rpms:FC-2-split
rpms:FC-1-split
rpms:ppp-2_4_1-10
rpms:RHL-9-split
rpms:RHL-8-split
rpms:RHEL-3-split
rpms:ppp-2_4_1-7
rpms:ppp-2_4_1-6
rpms:ppp-2_4_1-3
rpms:RHL-7_3-split
rpms:RHL-7_2-split
rpms:ppp-2_4_1-2
rpms:RHEL-2_1-split
rpms:ppp-2_4_1-1
rpms:ppp-2_4_0-2
rpms:RHL-7_1-split
rpms:ppp-2_3_11-7
rpms:RHL-7_0-split
..
compare: rpms:f16
Branches Tags
rpms:f38-riscv64
rpms:master-riscv64
rpms:f28
rpms:master
rpms:f27
rpms:f26
rpms:f24
rpms:f25
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f19
rpms:f18
rpms:f16
rpms:f17
rpms:f13
rpms:f15
rpms:f14
rpms:f11
rpms:f9
rpms:f10
rpms:f12
rpms:f7
rpms:f8
rpms:ppp-2_4_5-9_fc12
rpms:ppp-2_4_5-9_fc13
rpms:ppp-2_4_5-10_fc14
rpms:ppp-2_4_5-9_fc14
rpms:ppp-2_4_4-13_fc11
rpms:ppp-2_4_5-8_fc13
rpms:ppp-2_4_5-7_fc13
rpms:ppp-2_4_5-8_fc14
rpms:ppp-2_4_5-8_fc12
rpms:ppp-2_4_5-7_fc12
rpms:ppp-2_4_5-6_fc12
rpms:ppp-2_4_5-6_fc13
rpms:F-13-start
rpms:F-13-split
rpms:ppp-2_4_5-5_fc12
rpms:ppp-2_4_5-5_fc13
rpms:ppp-2_4_5-4_fc13
rpms:ppp-2_4_5-3_fc12
rpms:ppp-2_4_4-12_fc11
rpms:ppp-2_4_5-2_fc12
rpms:ppp-2_4_5-1_fc12
rpms:ppp-2_4_5-2_fc13
rpms:ppp-2_4_5-1_fc13
rpms:ppp-2_4_4-14_fc13
rpms:ppp-2_4_4-13_fc12
rpms:F-12-start
rpms:F-12-split
rpms:ppp-2_4_4-12_fc12
rpms:ppp-2_4_4-11_fc11
rpms:F-11-start
rpms:F-11-split
rpms:ppp-2_4_4-10_fc11
rpms:ppp-2_4_4-9_fc11
rpms:ppp-2_4_4-8_fc10
rpms:F-10-start
rpms:F-10-split
rpms:ppp-2_4_4-7_fc9
rpms:ppp-2_4_4-7_fc10
rpms:ppp-2_4_4-6_fc9
rpms:F-9-start
rpms:F-9-split
rpms:ppp-2_4_4-5_fc9
rpms:ppp-2_4_4-4_fc9
rpms:ppp-2_4_4-3
rpms:F-8-start
rpms:F-8-split
rpms:ppp-2_4_4-2
rpms:F-7-start
rpms:F-7-split
rpms:ppp-2_4_4-1
rpms:FC-6-split
rpms:ppp-2_4_3-6_2_2
rpms:ppp-2_4_3-6_2_1
rpms:FC-5-split
rpms:ppp-2_4_3-6_2
rpms:ppp-2_4_3-6_1
rpms:ppp-2_4_3-6
rpms:ppp-2_4_3-5
rpms:ppp-2_4_3-4
rpms:ppp-2_4_3-3
rpms:ppp-2_4_3-2_1
rpms:ppp-2_4_3-2
rpms:ppp-2_4_3-1
rpms:ppp-2_4_2-7
rpms:FC-4-split
rpms:ppp-2_4_2-6_3
rpms:RHEL-4-split
rpms:FC-3-split
rpms:ppp-2_4_2-6_2
rpms:ppp-2_4_2-6_1
rpms:ppp-2_4_2-6
rpms:ppp-2_4_2-5_1
rpms:ppp-2_4_2-5
rpms:present-on-devel
rpms:ppp-2_4_2-4
rpms:ppp-2_4_2-3_1
rpms:ppp-2_4_2-3
rpms:ppp-2_4_2-2_3
rpms:ppp-2_4_2-2_2
rpms:ppp-2_4_2-2_1
rpms:ppp-2_4_2-2
rpms:scratch-split
rpms:ppp-2_4_1-16
rpms:ppp-2_4_1-15
rpms:FC-2-split
rpms:FC-1-split
rpms:ppp-2_4_1-10
rpms:RHL-9-split
rpms:RHL-8-split
rpms:RHEL-3-split
rpms:ppp-2_4_1-7
rpms:ppp-2_4_1-6
rpms:ppp-2_4_1-3
rpms:RHL-7_3-split
rpms:RHL-7_2-split
rpms:ppp-2_4_1-2
rpms:RHEL-2_1-split
rpms:ppp-2_4_1-1
rpms:ppp-2_4_0-2
rpms:RHL-7_1-split
rpms:ppp-2_3_11-7
rpms:RHL-7_0-split

4 Commits
master ... f16

Author SHA1 Message Date
Michal Sekletar abee906a12 Fixed typo in ppp-2.4.5-eaptls-mppe-0.99.patch 2012-05-29 13:53:25 +02:00
Michal Sekletar 4d0eb5ddc0 Fixed ppp-2.4.5-eaptls-mppe-0.99.patch, #817011 
Added definition of global variable, function pointer (eaptls_check_hook)
 2012-05-29 13:53:23 +02:00
Michal Sekletar eb64d99509 Fixed support for multilink channels in pppol2tp 2012-05-29 13:51:55 +02:00
Michal Sekletar 29305e4277 Fixed compilation of pppd without USE_EAPTLS 2012-05-29 13:50:42 +02:00
61 changed files with 1835 additions and 9584 deletions
Show Stats Expand all files Collapse all files

3
.gitignore vendored
View File

@ -1,4 +1 @@
ppp-2.4.5.tar.gz
/ppp-2.4.6.tar.gz
/ppp-watch.tar.xz
/ppp-2.4.7.tar.gz

25
0001-build-sys-use-gcc-as-our-compiler-of-choice.patch
View File

@ -1,25 +0,0 @@
From 486e36d184cbaee7e34bb582ea6fdf3bfa9ca531 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:23:42 +0200
Subject: [PATCH 01/27] build-sys: use gcc as our compiler of choice
---
pppd/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index a74c914..1d9ea78 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -30,7 +30,7 @@ ifeq (.depend,$(wildcard .depend))
include .depend
endif
-# CC = gcc
+CC = gcc
#
COPTS = -O2 -pipe -Wall -g
LIBS =
--
1.8.3.1

25
0002-build-sys-enable-PAM-support.patch
View File

@ -1,25 +0,0 @@
From 0d71a32b73b71c9793d0b304320858062faf00d1 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:25:43 +0200
Subject: [PATCH 02/27] build-sys: enable PAM support
---
pppd/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 1d9ea78..5a44d30 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -61,7 +61,7 @@ HAVE_MULTILINK=y
USE_TDB=y
HAS_SHADOW=y
-#USE_PAM=y
+USE_PAM=y
HAVE_INET6=y
# Enable plugins
--
1.8.3.1

121
0003-build-sys-utilize-compiler-flags-handed-to-us-by-rpm.patch
View File

@ -1,121 +0,0 @@
From d729b06f0ac7a5ebd3648ef60bef0499b59bf82d Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:29:39 +0200
Subject: [PATCH 03/27] build-sys: utilize compiler flags handed to us by
rpmbuild
---
chat/Makefile.linux | 2 +-
pppd/Makefile.linux | 3 +--
pppd/plugins/Makefile.linux | 2 +-
pppd/plugins/pppoatm/Makefile.linux | 2 +-
pppd/plugins/radius/Makefile.linux | 2 +-
pppd/plugins/rp-pppoe/Makefile.linux | 2 +-
pppdump/Makefile.linux | 2 +-
pppstats/Makefile.linux | 2 +-
8 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/chat/Makefile.linux b/chat/Makefile.linux
index 1065ac5..848cd8d 100644
--- a/chat/Makefile.linux
+++ b/chat/Makefile.linux
@@ -10,7 +10,7 @@ CDEF3= -UNO_SLEEP # Use the usleep function
CDEF4= -DFNDELAY=O_NDELAY # Old name value
CDEFS= $(CDEF1) $(CDEF2) $(CDEF3) $(CDEF4)
-COPTS= -O2 -g -pipe
+COPTS= $(RPM_OPT_FLAGS)
CFLAGS= $(COPTS) $(CDEFS)
INSTALL= install
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 5a44d30..63872eb 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -32,8 +32,7 @@ endif
CC = gcc
#
-COPTS = -O2 -pipe -Wall -g
-LIBS =
+COPTS = -Wall $(RPM_OPT_FLAGS)
# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
index 0a7ec7b..e09a369 100644
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
LDFLAGS = -shared
INSTALL = install
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 20f62e6..5a81447 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 24ed3e5..45b3b8d 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -12,7 +12,7 @@ VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
INSTALL = install
PLUGIN=radius.so radattr.so radrealms.so
-CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
+CFLAGS=-I. -I../.. -I../../../include $(RPM_OPT_FLAGS) -DRC_LOG_FACILITY=LOG_DAEMON
# Uncomment the next line to include support for Microsoft's
# MS-CHAP authentication protocol.
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 5d7a271..352991a 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -25,7 +25,7 @@ INSTALL = install
# Version is set ONLY IN THE MAKEFILE! Don't delete this!
RP_VERSION=3.8p
-COPTS=-O2 -g
+COPTS=$(RPM_OPT_FLAGS)
CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
all: rp-pppoe.so pppoe-discovery
diff --git a/pppdump/Makefile.linux b/pppdump/Makefile.linux
index ac028f6..d0a5032 100644
--- a/pppdump/Makefile.linux
+++ b/pppdump/Makefile.linux
@@ -2,7 +2,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-CFLAGS= -O -I../include/net
+CFLAGS= $(RPM_OPT_FLAGS) -I../include/net
OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
INSTALL= install
diff --git a/pppstats/Makefile.linux b/pppstats/Makefile.linux
index cca6f0f..42aba73 100644
--- a/pppstats/Makefile.linux
+++ b/pppstats/Makefile.linux
@@ -10,7 +10,7 @@ PPPSTATSRCS = pppstats.c
PPPSTATOBJS = pppstats.o
#CC = gcc
-COPTS = -O
+COPTS = $(RPM_OPT_FLAGS)
COMPILE_FLAGS = -I../include
LIBS =
--
1.8.3.1

120
0005-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch
View File

@ -1,120 +0,0 @@
From 69711944745af0078da77e108d30f89fd7e06108 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 12:01:33 +0200
Subject: [PATCH 05/27] build-sys: don't hardcode LIBDIR, but set it according
to the target platform
---
pppd/Makefile.linux | 3 ++-
pppd/pathnames.h | 2 +-
pppd/plugins/Makefile.linux | 2 +-
pppd/plugins/pppoatm/Makefile.linux | 2 +-
pppd/plugins/pppol2tp/Makefile.linux | 4 ++--
pppd/plugins/radius/Makefile.linux | 2 +-
pppd/plugins/rp-pppoe/Makefile.linux | 2 +-
7 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 63872eb..8ed56c1 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -8,6 +8,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
INCDIR = $(DESTDIR)/include
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)
TARGETS = pppd
@@ -32,7 +33,7 @@ endif
CC = gcc
#
-COPTS = -Wall $(RPM_OPT_FLAGS)
+COPTS = -Wall $(RPM_OPT_FLAGS) -DLIBDIR=\""$(LIBDIR)"\"
# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index a33f046..a427cb8 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -57,7 +57,7 @@
#ifdef PLUGIN
#ifdef __STDC__
-#define _PATH_PLUGIN DESTDIR "/lib/pppd/" VERSION
+#define _PATH_PLUGIN LIBDIR "/pppd/" VERSION
#else /* __STDC__ */
#define _PATH_PLUGIN "/usr/lib/pppd"
#endif /* __STDC__ */
diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
index e09a369..b474a19 100644
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
@@ -7,7 +7,7 @@ INSTALL = install
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell $(CC) -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
SUBDIRS := rp-pppoe pppoatm pppol2tp
# Uncomment the next line to include the radius authentication plugin
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 5a81447..769794b 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -7,7 +7,7 @@ INSTALL = install
#***********************************************************************
DESTDIR = $(INSTROOT)@DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index ea3538e..4339566 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -6,8 +6,8 @@ INSTALL = install
#***********************************************************************
-DESTDIR = @DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+DESTDIR = $(INSTROOT)@DESTDIR@
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 45b3b8d..179d0b7 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -5,7 +5,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 352991a..1305ed8 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -16,7 +16,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
-LIBDIR = $(DESTDIR)/lib/pppd/$(PPPDVERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
--
1.8.3.1

111
0007-build-sys-don-t-strip-binaries-during-installation.patch
View File

@ -1,111 +0,0 @@
From b9fb631a493c5f1b490c8e9645eb6ebab4b25cc8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:37:00 +0200
Subject: [PATCH 07/27] build-sys: don't strip binaries during installation
We don't want that when building rpms. rpmbuild does final stripping of binaries
for us and generetes debuginfo rpm.
---
chat/Makefile.linux | 2 +-
pppd/Makefile.linux | 4 ++--
pppd/plugins/radius/Makefile.linux | 6 +++---
pppd/plugins/rp-pppoe/Makefile.linux | 4 ++--
pppdump/Makefile.linux | 2 +-
pppstats/Makefile.linux | 2 +-
6 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/chat/Makefile.linux b/chat/Makefile.linux
index 848cd8d..2445637 100644
--- a/chat/Makefile.linux
+++ b/chat/Makefile.linux
@@ -25,7 +25,7 @@ chat.o: chat.c
install: chat
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c chat $(BINDIR)
+ $(INSTALL) -c chat $(BINDIR)
$(INSTALL) -c -m 644 chat.8 $(MANDIR)
clean:
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 8ed56c1..4f27100 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -102,7 +102,7 @@ ifdef USE_SRP
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
TARGETS += srp-entry
-EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
EXTRACLEAN += srp-entry.o
NEEDDES=y
@@ -208,7 +208,7 @@ all: $(TARGETS)
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 179d0b7..707326b 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -36,9 +36,9 @@ all: $(PLUGIN)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radius.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radattr.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radrealms.so $(LIBDIR)
$(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 1305ed8..3cd9101 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -43,9 +43,9 @@ rp-pppoe.so: plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR)
+ $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
$(INSTALL) -d -m 755 $(BINDIR)
- $(INSTALL) -s -c -m 555 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
clean:
rm -f *.o *.so pppoe-discovery
diff --git a/pppdump/Makefile.linux b/pppdump/Makefile.linux
index d0a5032..95c6805 100644
--- a/pppdump/Makefile.linux
+++ b/pppdump/Makefile.linux
@@ -17,5 +17,5 @@ clean:
install:
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c pppdump $(BINDIR)
+ $(INSTALL) -c pppdump $(BINDIR)
$(INSTALL) -c -m 444 pppdump.8 $(MANDIR)
diff --git a/pppstats/Makefile.linux b/pppstats/Makefile.linux
index 42aba73..c5ba3b1 100644
--- a/pppstats/Makefile.linux
+++ b/pppstats/Makefile.linux
@@ -22,7 +22,7 @@ all: pppstats
install: pppstats
-mkdir -p $(MANDIR)
- $(INSTALL) -s -c pppstats $(BINDIR)
+ $(INSTALL) -c pppstats $(BINDIR)
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)
--
1.8.3.1

26
0010-build-sys-enable-CBCP.patch
View File

@ -1,26 +0,0 @@
From 8015a0ef23a874f288d5e77ffafe1d7f4281725d Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:59:24 +0200
Subject: [PATCH 10/27] build-sys: enable CBCP
Resolves: #199278
---
pppd/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 95c2598..65700fa 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -68,7 +68,7 @@ HAVE_INET6=y
PLUGIN=y
# Enable Microsoft proprietary Callback Control Protocol
-#CBCP=y
+CBCP=y
# Enable EAP SRP-SHA1 authentication (requires libsrp)
#USE_SRP=y
--
1.8.3.1

143
0012-pppd-we-don-t-want-to-accidentally-leak-fds.patch
View File

@ -1,143 +0,0 @@
From 82cd789df0f022eb6f3d28646e7a61d1d0715805 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 12:23:36 +0200
Subject: [PATCH 12/27] pppd: we don't want to accidentally leak fds
---
pppd/auth.c | 20 ++++++++++----------
pppd/options.c | 2 +-
pppd/sys-linux.c | 4 ++--
3 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/pppd/auth.c b/pppd/auth.c
index 4271af6..9e957fa 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -428,7 +428,7 @@ setupapfile(argv)
option_error("unable to reset uid before opening %s: %m", fname);
return 0;
}
- ufile = fopen(fname, "r");
+ ufile = fopen(fname, "re");
if (seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
if (ufile == NULL) {
@@ -1413,7 +1413,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg)
filename = _PATH_UPAPFILE;
addrs = opts = NULL;
ret = UPAP_AUTHNAK;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL) {
error("Can't open PAP password file %s: %m", filename);
@@ -1512,7 +1512,7 @@ null_login(unit)
if (ret <= 0) {
filename = _PATH_UPAPFILE;
addrs = NULL;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
check_access(f, filename);
@@ -1559,7 +1559,7 @@ get_pap_passwd(passwd)
}
filename = _PATH_UPAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
check_access(f, filename);
@@ -1597,7 +1597,7 @@ have_pap_secret(lacks_ipp)
}
filename = _PATH_UPAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1642,7 +1642,7 @@ have_chap_secret(client, server, need_ip, lacks_ipp)
}
filename = _PATH_CHAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1684,7 +1684,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp)
struct wordlist *addrs;
filename = _PATH_SRPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1740,7 +1740,7 @@ get_secret(unit, client, server, secret, secret_len, am_server)
addrs = NULL;
secbuf[0] = 0;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL) {
error("Can't open chap secret file %s: %m", filename);
return 0;
@@ -1797,7 +1797,7 @@ get_srp_secret(unit, client, server, secret, am_server)
filename = _PATH_SRPFILE;
addrs = NULL;
- fp = fopen(filename, "r");
+ fp = fopen(filename, "re");
if (fp == NULL) {
error("Can't open srp secret file %s: %m", filename);
return 0;
@@ -2203,7 +2203,7 @@ scan_authfile(f, client, server, secret, addrs, opts, filename, flags)
*/
if (word[0] == '@' && word[1] == '/') {
strlcpy(atfile, word+1, sizeof(atfile));
- if ((sf = fopen(atfile, "r")) == NULL) {
+ if ((sf = fopen(atfile, "re")) == NULL) {
warn("can't open indirect secret file %s", atfile);
continue;
}
diff --git a/pppd/options.c b/pppd/options.c
index 45fa742..1d754ae 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -427,7 +427,7 @@ options_from_file(filename, must_exist, check_prot, priv)
option_error("unable to drop privileges to open %s: %m", filename);
return 0;
}
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
err = errno;
if (check_prot && seteuid(euid) == -1)
fatal("unable to regain privileges");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 72a7727..8a12fa0 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -1412,7 +1412,7 @@ static char *path_to_procfs(const char *tail)
/* Default the mount location of /proc */
strlcpy (proc_path, "/proc", sizeof(proc_path));
proc_path_len = 5;
- fp = fopen(MOUNTED, "r");
+ fp = fopen(MOUNTED, "re");
if (fp != NULL) {
while ((mntent = getmntent(fp)) != NULL) {
if (strcmp(mntent->mnt_type, MNTTYPE_IGNORE) == 0)
@@ -1472,7 +1472,7 @@ static int open_route_table (void)
close_route_table();
path = path_to_procfs("/net/route");
- route_fd = fopen (path, "r");
+ route_fd = fopen (path, "re");
if (route_fd == NULL) {
error("can't open routing table %s: %m", path);
return 0;
--
1.8.3.1

241
0013-everywhere-O_CLOEXEC-harder.patch
View File

@ -1,241 +0,0 @@
From 302c1b736cb656c7885a0cba270fd953a672d8a8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 13:56:34 +0200
Subject: [PATCH 13/27] everywhere: O_CLOEXEC harder
---
pppd/eap.c | 2 +-
pppd/main.c | 4 ++--
pppd/options.c | 4 ++--
pppd/sys-linux.c | 22 +++++++++++-----------
pppd/tdb.c | 4 ++--
pppd/tty.c | 4 ++--
pppd/utils.c | 6 +++---
7 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/pppd/eap.c b/pppd/eap.c
index 6ea6c1f..faced53 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
@@ -1226,7 +1226,7 @@ mode_t modebits;
if ((path = name_of_pn_file()) == NULL)
return (-1);
- fd = open(path, modebits, S_IRUSR | S_IWUSR);
+ fd = open(path, modebits, S_IRUSR | S_IWUSR | O_CLOEXEC);
err = errno;
free(path);
errno = err;
diff --git a/pppd/main.c b/pppd/main.c
index 6d50d1b..4880377 100644
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -420,7 +420,7 @@ main(argc, argv)
die(0);
/* Make sure fds 0, 1, 2 are open to somewhere. */
- fd_devnull = open(_PATH_DEVNULL, O_RDWR);
+ fd_devnull = open(_PATH_DEVNULL, O_RDWR | O_CLOEXEC);
if (fd_devnull < 0)
fatal("Couldn't open %s: %m", _PATH_DEVNULL);
while (fd_devnull <= 2) {
@@ -1679,7 +1679,7 @@ device_script(program, in, out, dont_wait)
if (log_to_fd >= 0)
errfd = log_to_fd;
else
- errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0600);
+ errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC, 0600);
++conn_running;
pid = safe_fork(in, out, errfd);
diff --git a/pppd/options.c b/pppd/options.c
index 1d754ae..8e62635 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -1544,9 +1544,9 @@ setlogfile(argv)
option_error("unable to drop permissions to open %s: %m", *argv);
return 0;
}
- fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644);
+ fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL | O_CLOEXEC, 0644);
if (fd < 0 && errno == EEXIST)
- fd = open(*argv, O_WRONLY | O_APPEND);
+ fd = open(*argv, O_WRONLY | O_APPEND | O_CLOEXEC);
err = errno;
if (!privileged_option && seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 8a12fa0..00a2cf5 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -459,7 +459,7 @@ int generic_establish_ppp (int fd)
goto err;
}
dbglog("using channel %d", chindex);
- fd = open("/dev/ppp", O_RDWR);
+ fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (fd < 0) {
error("Couldn't reopen /dev/ppp: %m");
goto err;
@@ -619,7 +619,7 @@ static int make_ppp_unit()
dbglog("in make_ppp_unit, already had /dev/ppp open?");
close(ppp_dev_fd);
}
- ppp_dev_fd = open("/dev/ppp", O_RDWR);
+ ppp_dev_fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (ppp_dev_fd < 0)
fatal("Couldn't open /dev/ppp: %m");
flags = fcntl(ppp_dev_fd, F_GETFL);
@@ -693,7 +693,7 @@ int bundle_attach(int ifnum)
if (!new_style_driver)
return -1;
- master_fd = open("/dev/ppp", O_RDWR);
+ master_fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (master_fd < 0)
fatal("Couldn't open /dev/ppp: %m");
if (ioctl(master_fd, PPPIOCATTACH, &ifnum) < 0) {
@@ -1715,7 +1715,7 @@ int sifproxyarp (int unit, u_int32_t his_adr)
if (tune_kernel) {
forw_path = path_to_procfs("/sys/net/ipv4/ip_forward");
if (forw_path != 0) {
- int fd = open(forw_path, O_WRONLY);
+ int fd = open(forw_path, O_WRONLY | O_CLOEXEC);
if (fd >= 0) {
if (write(fd, "1", 1) != 1)
error("Couldn't enable IP forwarding: %m");
@@ -2030,7 +2030,7 @@ int ppp_available(void)
sscanf(utsname.release, "%d.%d.%d", &osmaj, &osmin, &ospatch);
kernel_version = KVERSION(osmaj, osmin, ospatch);
- fd = open("/dev/ppp", O_RDWR);
+ fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (fd >= 0) {
new_style_driver = 1;
@@ -2208,7 +2208,7 @@ void logwtmp (const char *line, const char *name, const char *host)
#if __GLIBC__ >= 2
updwtmp(_PATH_WTMP, &ut);
#else
- wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY);
+ wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY|O_CLOEXEC);
if (wtmp >= 0) {
flock(wtmp, LOCK_EX);
@@ -2394,7 +2394,7 @@ int sifaddr (int unit, u_int32_t our_adr, u_int32_t his_adr,
int fd;
path = path_to_procfs("/sys/net/ipv4/ip_dynaddr");
- if (path != 0 && (fd = open(path, O_WRONLY)) >= 0) {
+ if (path != 0 && (fd = open(path, O_WRONLY | O_CLOEXEC)) >= 0) {
if (write(fd, "1", 1) != 1)
error("Couldn't enable dynamic IP addressing: %m");
close(fd);
@@ -2570,7 +2570,7 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
/*
* Try the unix98 way first.
*/
- mfd = open("/dev/ptmx", O_RDWR);
+ mfd = open("/dev/ptmx", O_RDWR | O_CLOEXEC);
if (mfd >= 0) {
int ptn;
if (ioctl(mfd, TIOCGPTN, &ptn) >= 0) {
@@ -2581,7 +2581,7 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
if (ioctl(mfd, TIOCSPTLCK, &ptn) < 0)
warn("Couldn't unlock pty slave %s: %m", pty_name);
#endif
- if ((sfd = open(pty_name, O_RDWR | O_NOCTTY)) < 0)
+ if ((sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC)) < 0)
warn("Couldn't open pty slave %s: %m", pty_name);
}
}
@@ -2592,10 +2592,10 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
for (i = 0; i < 64; ++i) {
slprintf(pty_name, sizeof(pty_name), "/dev/pty%c%x",
'p' + i / 16, i % 16);
- mfd = open(pty_name, O_RDWR, 0);
+ mfd = open(pty_name, O_RDWR | O_CLOEXEC, 0);
if (mfd >= 0) {
pty_name[5] = 't';
- sfd = open(pty_name, O_RDWR | O_NOCTTY, 0);
+ sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC, 0);
if (sfd >= 0) {
fchown(sfd, uid, -1);
fchmod(sfd, S_IRUSR | S_IWUSR);
diff --git a/pppd/tdb.c b/pppd/tdb.c
index bdc5828..c7ab71c 100644
--- a/pppd/tdb.c
+++ b/pppd/tdb.c
@@ -1724,7 +1724,7 @@ TDB_CONTEXT *tdb_open_ex(const char *name, int hash_size, int tdb_flags,
goto internal;
}
- if ((tdb->fd = open(name, open_flags, mode)) == -1) {
+ if ((tdb->fd = open(name, open_flags | O_CLOEXEC, mode)) == -1) {
TDB_LOG((tdb, 5, "tdb_open_ex: could not open file %s: %s\n",
name, strerror(errno)));
goto fail; /* errno set by open(2) */
@@ -1967,7 +1967,7 @@ int tdb_reopen(TDB_CONTEXT *tdb)
}
if (close(tdb->fd) != 0)
TDB_LOG((tdb, 0, "tdb_reopen: WARNING closing tdb->fd failed!\n"));
- tdb->fd = open(tdb->name, tdb->open_flags & ~(O_CREAT|O_TRUNC), 0);
+ tdb->fd = open(tdb->name, (tdb->open_flags & ~(O_CREAT|O_TRUNC)) | O_CLOEXEC, 0);
if (tdb->fd == -1) {
TDB_LOG((tdb, 0, "tdb_reopen: open failed (%s)\n", strerror(errno)));
goto fail;
diff --git a/pppd/tty.c b/pppd/tty.c
index d571b11..bc96695 100644
--- a/pppd/tty.c
+++ b/pppd/tty.c
@@ -569,7 +569,7 @@ int connect_tty()
status = EXIT_OPEN_FAILED;
goto errret;
}
- real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0);
+ real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR | O_CLOEXEC, 0);
err = errno;
if (prio < OPRIO_ROOT && seteuid(0) == -1)
fatal("Unable to regain privileges");
@@ -723,7 +723,7 @@ int connect_tty()
if (connector == NULL && modem && devnam[0] != 0) {
int i;
for (;;) {
- if ((i = open(devnam, O_RDWR)) >= 0)
+ if ((i = open(devnam, O_RDWR | O_CLOEXEC)) >= 0)
break;
if (errno != EINTR) {
error("Failed to reopen %s: %m", devnam);
diff --git a/pppd/utils.c b/pppd/utils.c
index 29bf970..6051b9a 100644
--- a/pppd/utils.c
+++ b/pppd/utils.c
@@ -918,14 +918,14 @@ lock(dev)
slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", LOCK_DIR, dev);
#endif
- while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) {
+ while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR | O_CLOEXEC, 0644)) < 0) {
if (errno != EEXIST) {
error("Can't create lock file %s: %m", lock_file);
break;
}
/* Read the lock file to find out who has the device locked. */
- fd = open(lock_file, O_RDONLY, 0);
+ fd = open(lock_file, O_RDONLY | O_CLOEXEC, 0);
if (fd < 0) {
if (errno == ENOENT) /* This is just a timing problem. */
continue;
@@ -1004,7 +1004,7 @@ relock(pid)
if (lock_file[0] == 0)
return -1;
- fd = open(lock_file, O_WRONLY, 0);
+ fd = open(lock_file, O_WRONLY | O_CLOEXEC, 0);
if (fd < 0) {
error("Couldn't reopen lock file %s: %m", lock_file);
lock_file[0] = 0;
--
1.8.3.1

174
0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch
View File

@ -1,174 +0,0 @@
From 2a97ab28ee00586e5f06b3ef3a0e43ea0c7c6499 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 14:21:41 +0200
Subject: [PATCH 14/27] everywhere: use SOCK_CLOEXEC when creating socket
---
pppd/plugins/pppoatm/pppoatm.c | 2 +-
pppd/plugins/pppol2tp/openl2tp.c | 2 +-
pppd/plugins/pppol2tp/pppol2tp.c | 2 +-
pppd/plugins/rp-pppoe/if.c | 2 +-
pppd/plugins/rp-pppoe/plugin.c | 6 +++---
pppd/plugins/rp-pppoe/pppoe-discovery.c | 2 +-
pppd/sys-linux.c | 10 +++++-----
pppd/tty.c | 2 +-
8 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/pppd/plugins/pppoatm/pppoatm.c b/pppd/plugins/pppoatm/pppoatm.c
index d693350..c31bb34 100644
--- a/pppd/plugins/pppoatm/pppoatm.c
+++ b/pppd/plugins/pppoatm/pppoatm.c
@@ -135,7 +135,7 @@ static int connect_pppoatm(void)
if (!device_got_set)
no_device_given_pppoatm();
- fd = socket(AF_ATMPVC, SOCK_DGRAM, 0);
+ fd = socket(AF_ATMPVC, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (fd < 0)
fatal("failed to create socket: %m");
memset(&qos, 0, sizeof qos);
diff --git a/pppd/plugins/pppol2tp/openl2tp.c b/pppd/plugins/pppol2tp/openl2tp.c
index 9643b96..1099575 100644
--- a/pppd/plugins/pppol2tp/openl2tp.c
+++ b/pppd/plugins/pppol2tp/openl2tp.c
@@ -83,7 +83,7 @@ static int openl2tp_client_create(void)
int result;
if (openl2tp_fd < 0) {
- openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM, 0);
+ openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (openl2tp_fd < 0) {
error("openl2tp connection create: %m");
return -ENOTCONN;
diff --git a/pppd/plugins/pppol2tp/pppol2tp.c b/pppd/plugins/pppol2tp/pppol2tp.c
index a7e3400..e64a778 100644
--- a/pppd/plugins/pppol2tp/pppol2tp.c
+++ b/pppd/plugins/pppol2tp/pppol2tp.c
@@ -208,7 +208,7 @@ static void send_config_pppol2tp(int mtu,
struct ifreq ifr;
int fd;
- fd = socket(AF_INET, SOCK_DGRAM, 0);
+ fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (fd >= 0) {
memset (&ifr, '\0', sizeof (ifr));
strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
diff --git a/pppd/plugins/rp-pppoe/if.c b/pppd/plugins/rp-pppoe/if.c
index 91e9a57..72aba41 100644
--- a/pppd/plugins/rp-pppoe/if.c
+++ b/pppd/plugins/rp-pppoe/if.c
@@ -116,7 +116,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
stype = SOCK_PACKET;
#endif
- if ((fd = socket(domain, stype, htons(type))) < 0) {
+ if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) {
/* Give a more helpful message for the common error case */
if (errno == EPERM) {
fatal("Cannot create raw socket -- pppoe must be run as root.");
diff --git a/pppd/plugins/rp-pppoe/plugin.c b/pppd/plugins/rp-pppoe/plugin.c
index a8c2bb4..24bdf8f 100644
--- a/pppd/plugins/rp-pppoe/plugin.c
+++ b/pppd/plugins/rp-pppoe/plugin.c
@@ -137,7 +137,7 @@ PPPOEConnectDevice(void)
/* server equipment). */
/* Opening this socket just before waitForPADS in the discovery() */
/* function would be more appropriate, but it would mess-up the code */
- conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM, PX_PROTO_OE);
+ conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM | SOCK_CLOEXEC, PX_PROTO_OE);
if (conn->sessionSocket < 0) {
error("Failed to create PPPoE socket: %m");
return -1;
@@ -148,7 +148,7 @@ PPPOEConnectDevice(void)
lcp_wantoptions[0].mru = conn->mru;
/* Update maximum MRU */
- s = socket(AF_INET, SOCK_DGRAM, 0);
+ s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (s < 0) {
error("Can't get MTU for %s: %m", conn->ifName);
goto errout;
@@ -320,7 +320,7 @@ PPPoEDevnameHook(char *cmd, char **argv, int doit)
}
/* Open a socket */
- if ((fd = socket(PF_PACKET, SOCK_RAW, 0)) < 0) {
+ if ((fd = socket(PF_PACKET, SOCK_RAW | SOCK_CLOEXEC, 0)) < 0) {
r = 0;
}
diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c
index 3d3bf4e..c0d927d 100644
--- a/pppd/plugins/rp-pppoe/pppoe-discovery.c
+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c
@@ -121,7 +121,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
stype = SOCK_PACKET;
#endif
- if ((fd = socket(domain, stype, htons(type))) < 0) {
+ if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) {
/* Give a more helpful message for the common error case */
if (errno == EPERM) {
rp_fatal("Cannot create raw socket -- pppoe must be run as root.");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 00a2cf5..0690019 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -308,12 +308,12 @@ static int modify_flags(int fd, int clear_bits, int set_bits)
void sys_init(void)
{
/* Get an internet socket for doing socket ioctls. */
- sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+ sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock_fd < 0)
fatal("Couldn't create IP socket: %m(%d)", errno);
#ifdef INET6
- sock6_fd = socket(AF_INET6, SOCK_DGRAM, 0);
+ sock6_fd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock6_fd < 0)
sock6_fd = -errno; /* save errno for later */
#endif
@@ -1857,7 +1857,7 @@ get_if_hwaddr(u_char *addr, char *name)
struct ifreq ifreq;
int ret, sock_fd;
- sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+ sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock_fd < 0)
return 0;
memset(&ifreq.ifr_hwaddr, 0, sizeof(struct sockaddr));
@@ -2067,7 +2067,7 @@ int ppp_available(void)
/*
* Open a socket for doing the ioctl operations.
*/
- s = socket(AF_INET, SOCK_DGRAM, 0);
+ s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (s < 0)
return 0;
@@ -2860,7 +2860,7 @@ ether_to_eui64(eui64_t *p_eui64)
int skfd;
const unsigned char *ptr;
- skfd = socket(PF_INET6, SOCK_DGRAM, 0);
+ skfd = socket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if(skfd == -1)
{
warn("could not open IPv6 socket");
diff --git a/pppd/tty.c b/pppd/tty.c
index bc96695..8e76a5d 100644
--- a/pppd/tty.c
+++ b/pppd/tty.c
@@ -896,7 +896,7 @@ open_socket(dest)
*sep = ':';
/* get a socket and connect it to the other end */
- sock = socket(PF_INET, SOCK_STREAM, 0);
+ sock = socket(PF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (sock < 0) {
error("Can't create socket: %m");
return -1;
--
1.8.3.1

27
0018-scritps-fix-ip-up.local-sample.patch
View File

@ -1,27 +0,0 @@
From 40960f91cdd06da387616ec838ae2599e7f01cee Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@fedoraproject.org>
Date: Mon, 7 Apr 2014 15:24:01 +0200
Subject: [PATCH 18/27] scritps: fix ip-up.local sample
Resolves: #613717
---
scripts/ip-up.local.add | 3 +++
1 file changed, 3 insertions(+)
diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
index 26cf5f8..282337c 100644
--- a/scripts/ip-up.local.add
+++ b/scripts/ip-up.local.add
@@ -18,6 +18,9 @@ if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
rscf=/var/run/ppp/resolv.new
grep domain /var/run/ppp/resolv.prev > $rscf
grep search /var/run/ppp/resolv.prev >> $rscf
+ if [ -f /var/run/ppp/resolv.conf ]; then
+ cat /var/run/ppp/resolv.conf >> $rscf
+ fi
change_resolv_conf $rscf
rm -f $rscf
else
--
1.8.3.1

383
0019-sys-linux-rework-get_first_ethernet.patch
View File

@ -1,383 +0,0 @@
From 6edc865bd02ab591b9121d4a5f6dc3cdbe5af809 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 9 Apr 2014 09:18:24 +0200
Subject: [PATCH 19/27] sys-linux: rework get_first_ethernet()
We can't assume that host has ethernet NIC named "eth0". Rather than guessing we
better ask udev. We iterate over symlinks symlinks in /sys/class/net and
for each device we determine if it is ethernet device and additionally we query
udev database for sub-type of the device. If we find PCI or USB device which has
ethernet datalink type and appropriate sub-type we return its name. If we don't
succeed in determining more information about device we will return "good
enough" device which in turn is first device with ethernet datalink type.
Note that we now have two copies of get_first_ethernet() in the source code. This
is bad and should be fixed in the future.
This commit replaces ppp-2.4.5-eth.patch.
Resolves: #682381
---
pppd/Makefile.linux | 3 +
pppd/multilink.c | 4 +-
pppd/plugins/rp-pppoe/Makefile.linux | 4 +-
pppd/plugins/rp-pppoe/pppoe-discovery.c | 117 +++++++++++++++++++++++++++++++-
pppd/pppd.h | 2 +-
pppd/sys-linux.c | 115 +++++++++++++++++++++++++++++--
6 files changed, 232 insertions(+), 13 deletions(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 53df4d2..0e8107f 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -32,6 +32,9 @@ include .depend
endif
CC = gcc
+
+LIBS = -ludev
+
#
COPTS = -Wall $(RPM_OPT_FLAGS) -DLIBDIR=\""$(LIBDIR)"\"
diff --git a/pppd/multilink.c b/pppd/multilink.c
index 135cab0..2f0ed50 100644
--- a/pppd/multilink.c
+++ b/pppd/multilink.c
@@ -436,12 +436,12 @@ static int
get_default_epdisc(ep)
struct epdisc *ep;
{
- char *p;
+ char *p = NULL;
struct hostent *hp;
u_int32_t addr;
/* First try for an ethernet MAC address */
- p = get_first_ethernet();
+ get_first_ethernet(&p);
if (p != 0 && get_if_hwaddr(ep->value, p) >= 0) {
ep->class = EPD_MAC;
ep->length = 6;
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 9918091..b949716 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -30,8 +30,8 @@ COPTS=$(RPM_OPT_FLAGS)
CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
all: rp-pppoe.so pppoe-discovery
-pppoe-discovery: pppoe-discovery.o debug.o
- $(CC) -o pppoe-discovery pppoe-discovery.o debug.o
+pppoe-discovery: pppoe-discovery.o debug.o common.o
+ $(CC) -o pppoe-discovery pppoe-discovery.o debug.o -ludev
pppoe-discovery.o: pppoe-discovery.c
$(CC) $(CFLAGS) -c -o pppoe-discovery.o pppoe-discovery.c
diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c
index c0d927d..2bd910f 100644
--- a/pppd/plugins/rp-pppoe/pppoe-discovery.c
+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c
@@ -47,8 +47,13 @@
#include <net/if_arp.h>
#endif
+#include <dirent.h>
+#include <sys/types.h>
+#include <libudev.h>
+
char *xstrdup(const char *s);
void usage(void);
+int get_first_ethernet(char **_r);
void die(int status)
{
@@ -681,8 +686,15 @@ int main(int argc, char *argv[])
}
/* default interface name */
- if (!conn->ifName)
- conn->ifName = strdup("eth0");
+ if (!conn->ifName) {
+ char *eth_dev;
+ if (get_first_ethernet(&eth_dev) < 0) {
+ fprintf(stderr, "No ethernet device on the host.\n");
+ exit(1);
+ }
+ conn->ifName = eth_dev;
+ }
+
conn->discoverySocket = -1;
conn->sessionSocket = -1;
@@ -722,3 +734,104 @@ void usage(void)
fprintf(stderr, "Usage: pppoe-discovery [options]\n");
fprintf(stderr, "\nVersion " RP_VERSION "\n");
}
+
+/*
+ * get_first_ethernet - return the name of the first ethernet-style
+ * interface on this system.
+ */
+int
+get_first_ethernet(char **_r)
+{
+ int r = 0;
+ DIR *d = NULL;
+ struct dirent *entry = NULL;
+ struct udev *udev = NULL;
+ struct udev_device *dev = NULL;
+ char *eth_dev = NULL;
+
+ d = opendir("/sys/class/net");
+ if (!d) {
+ fprintf(stderr, "Failed to open dir /sys/class/net : %m\n");
+ r = -errno;
+ goto fail;
+ }
+
+ udev = udev_new();
+ if (!udev) {
+ fprintf(stderr, "Failed to talk to systemd-udevd\n");
+ r = -EIO;
+ goto fail;
+ }
+
+ while ((entry = readdir(d)) != NULL) {
+ char syspath[PATH_MAX] = {};
+ const char *type = NULL;
+
+ if ((strcmp(entry->d_name, ".") == 0) || (strcmp(entry->d_name, "..") == 0))
+ continue;
+
+ sprintf(syspath, "/sys/class/net/%s", entry->d_name);
+
+ dev = udev_device_new_from_syspath(udev, syspath);
+ if (!dev)
+ continue;
+
+ type = udev_device_get_sysattr_value(dev, "type");
+ if (strcmp(type, "1") == 0) {
+ const char *pci_dev_subclass = NULL, *usb_dev_subclass = NULL;
+
+ pci_dev_subclass = udev_device_get_property_value(dev,
+ "ID_PCI_SUBCLASS_FROM_DATABASE");
+ usb_dev_subclass = udev_device_get_property_value(dev,
+ "ID_USB_SUBCLASS_FROM_DATABASE");
+
+ if ((pci_dev_subclass && strcmp(pci_dev_subclass, "Ethernet controller") == 0) ||
+ (usb_dev_subclass && (strcmp(usb_dev_subclass, "Ethernet Networking") == 0 ||
+ strcmp(usb_dev_subclass, "Ethernet Emulation") == 0))) {
+ char *d = NULL;
+
+ d = strdup(entry->d_name);
+ if (!d) {
+ r = -ENOMEM;
+ goto fail;
+ }
+
+ free(eth_dev);
+ eth_dev = d;
+ break;
+ } else if (!eth_dev) {
+ eth_dev = strdup(entry->d_name);
+ if (!eth_dev) {
+ r = -ENOMEM;
+ goto fail;
+ }
+ }
+ }
+
+ udev_device_unref(dev);
+ dev = NULL;
+ }
+
+ if (dev)
+ udev_device_unref(dev);
+ udev_unref(udev);
+ closedir(d);
+
+ *_r = eth_dev;
+
+ return 0;
+
+fail:
+ if (dev)
+ udev_device_unref(dev);
+
+ if (udev)
+ udev_unref(udev);
+
+ if (d)
+ closedir(d);
+
+ free(eth_dev);
+
+ return r;
+}
diff --git a/pppd/pppd.h b/pppd/pppd.h
index de271c1..aaddba1 100644
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -691,7 +691,7 @@ int sipxfaddr __P((int, unsigned long, unsigned char *));
int cipxfaddr __P((int));
#endif
int get_if_hwaddr __P((u_char *addr, char *name));
-char *get_first_ethernet __P((void));
+int get_first_ethernet __P((char **_r));
/* Procedures exported from options.c */
int setipaddr __P((char *, char **, int)); /* Set local/remote ip addresses */
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 0690019..ec09c50 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -92,6 +92,9 @@
#include <ctype.h>
#include <termios.h>
#include <unistd.h>
+#include <dirent.h>
+
+#include <libudev.h>
/* This is in netdevice.h. However, this compile will fail miserably if
you attempt to include netdevice.h because it has so many references
@@ -1873,10 +1876,101 @@ get_if_hwaddr(u_char *addr, char *name)
* get_first_ethernet - return the name of the first ethernet-style
* interface on this system.
*/
-char *
-get_first_ethernet()
-{
- return "eth0";
+int
+get_first_ethernet(char **_r)
+{
+ int r = 0;
+ DIR *d = NULL;
+ struct dirent *entry = NULL;
+ struct udev *udev = NULL;
+ struct udev_device *dev = NULL;
+ char *eth_dev = NULL;
+
+ d = opendir("/sys/class/net");
+ if (!d) {
+ fprintf(stderr, "Failed to open dir /sys/class/net : %m\n");
+ r = -errno;
+ goto fail;
+ }
+
+ udev = udev_new();
+ if (!udev) {
+ fprintf(stderr, "Failed to talk to systemd-udevd\n");
+ r = -EIO;
+ goto fail;
+ }
+
+ while ((entry = readdir(d)) != NULL) {
+ char syspath[PATH_MAX] = {};
+ const char *type = NULL;
+
+ if ((strcmp(entry->d_name, ".") == 0) || (strcmp(entry->d_name, "..") == 0))
+ continue;
+
+ sprintf(syspath, "/sys/class/net/%s", entry->d_name);
+
+ dev = udev_device_new_from_syspath(udev, syspath);
+ if (!dev)
+ continue;
+
+ type = udev_device_get_sysattr_value(dev, "type");
+ if (strcmp(type, "1") == 0) {
+ const char *pci_dev_subclass = NULL, *usb_dev_subclass = NULL;
+
+ pci_dev_subclass = udev_device_get_property_value(dev,
+ "ID_PCI_SUBCLASS_FROM_DATABASE");
+ usb_dev_subclass = udev_device_get_property_value(dev,
+ "ID_USB_SUBCLASS_FROM_DATABASE");
+
+ if ((pci_dev_subclass && strcmp(pci_dev_subclass, "Ethernet controller") == 0) ||
+ (usb_dev_subclass && (strcmp(usb_dev_subclass, "Ethernet Networking") == 0 ||
+ strcmp(usb_dev_subclass, "Ethernet Emulation") == 0))) {
+ char *d = NULL;
+
+ d = strdup(entry->d_name);
+ if (!d) {
+ r = -ENOMEM;
+ goto fail;
+ }
+
+ free(eth_dev);
+ eth_dev = d;
+ break;
+ } else if (!eth_dev) {
+ eth_dev = strdup(entry->d_name);
+ if (!eth_dev) {
+ r = -ENOMEM;
+ goto fail;
+ }
+ }
+ }
+
+ udev_device_unref(dev);
+ dev = NULL;
+ }
+
+ if (dev)
+ udev_device_unref(dev);
+ udev_unref(udev);
+ closedir(d);
+
+ *_r = eth_dev;
+
+ return 0;
+
+fail:
+ if (dev)
+ udev_device_unref(dev);
+
+ if (udev)
+ udev_unref(udev);
+
+ if (d)
+ closedir(d);
+
+ free(eth_dev);
+
+ return r;
}
/********************************************************************
@@ -2859,6 +2953,7 @@ ether_to_eui64(eui64_t *p_eui64)
struct ifreq ifr;
int skfd;
const unsigned char *ptr;
+ char *eth_dev = NULL;
skfd = socket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if(skfd == -1)
@@ -2867,11 +2962,19 @@ ether_to_eui64(eui64_t *p_eui64)
return 0;
}
- strcpy(ifr.ifr_name, "eth0");
+ if (get_first_ethernet(&eth_dev) < 0)
+ {
+ warn("no ethernet device present on the host");
+ return 0;
+ }
+
+ strcpy(ifr.ifr_name, eth_dev);
+ free(eth_dev);
+
if(ioctl(skfd, SIOCGIFHWADDR, &ifr) < 0)
{
close(skfd);
- warn("could not obtain hardware address for eth0");
+ warn("could not obtain hardware address for %s", ifr.ifr_name);
return 0;
}
close(skfd);
--
1.8.3.1

26
0020-pppd-put-lock-files-in-var-lock-ppp.patch
View File

@ -1,26 +0,0 @@
From c5a5f795b1defcb6d168e79c4d1fc371dfc556ca Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@redhat.com>
Date: Wed, 9 Apr 2014 09:29:50 +0200
Subject: [PATCH 20/27] pppd: put lock files in /var/lock/ppp
Resolves: #708260
---
pppd/utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/utils.c b/pppd/utils.c
index 6051b9a..8407492 100644
--- a/pppd/utils.c
+++ b/pppd/utils.c
@@ -846,7 +846,7 @@ complete_read(int fd, void *buf, size_t count)
/* Procedures for locking the serial device using a lock file. */
#ifndef LOCK_DIR
#ifdef __linux__
-#define LOCK_DIR "/var/lock"
+#define LOCK_DIR "/var/lock/ppp"
#else
#ifdef SVR4
#define LOCK_DIR "/var/spool/locks"
--
1.8.3.1

23
0021-build-sys-compile-pppol2tp-plugin-with-RPM_OPT_FLAGS.patch
View File

@ -1,23 +0,0 @@
From d69eb9a8aa284014dd7dd282813989eda9d84d74 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 9 Apr 2014 09:56:09 +0200
Subject: [PATCH 21/27] build-sys: compile pppol2tp plugin with RPM_OPT_FLAGS
---
pppd/plugins/pppol2tp/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index 4339566..9a635b8 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install
--
1.8.3.1

24
0022-build-sys-compile-pppol2tp-with-multilink-support.patch
View File

@ -1,24 +0,0 @@
From a0060c5d48ef742bff4fe9ba9c276a5c21795ce8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 9 Apr 2014 09:58:38 +0200
Subject: [PATCH 22/27] build-sys: compile pppol2tp with multilink support
Resolves: #817013
---
pppd/plugins/pppol2tp/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index 9a635b8..9cb316d 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = $(RPM_OPT_FLAGS)
+COPTS = $(RPM_OPT_FLAGS) -DHAVE_MULTILINK
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install
--
1.8.3.1

32
0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch
View File

@ -1,32 +0,0 @@
From 769521a3798fd554ddc7333cb1255cd1b40790e8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 10 Apr 2014 10:00:55 +0200
Subject: [PATCH 23/27] build-sys: install rp-pppoe plugin files with standard
perms
This is needed to properly generate debuginfo package.
---
pppd/plugins/rp-pppoe/Makefile.linux | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index b949716..fa49efb 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -44,10 +44,10 @@ rp-pppoe.so: plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
+ $(INSTALL) -c -m 755 rp-pppoe.so $(LIBDIR)
$(INSTALL) -d -m 755 $(BINDIR)
- $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
- $(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR)
+ $(INSTALL) -c -m 755 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 644 pppoe-discovery.8 $(MANDIR)
clean:
rm -f *.o *.so pppoe-discovery
--
1.8.3.1

26
0024-build-sys-install-pppoatm-plugin-files-with-standard.patch
View File

@ -1,26 +0,0 @@
From 0fdb22ef3d3cc3b297372451d60bd6c61d047d27 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 10 Apr 2014 10:08:41 +0200
Subject: [PATCH 24/27] build-sys: install pppoatm plugin files with standard
perms
---
pppd/plugins/pppoatm/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 769794b..4c5826f 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -37,7 +37,7 @@ $(PLUGIN): $(PLUGIN_OBJS)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -c -m 4550 $(PLUGIN) $(LIBDIR)
+ $(INSTALL) -c -m 755 $(PLUGIN) $(LIBDIR)
clean:
rm -f *.o *.so
--
1.8.3.1

29
0025-pppd-install-pppd-binary-using-standard-perms-755.patch
View File

@ -1,29 +0,0 @@
From ab8b06cdc1075abc67f77e7c3bb684e20071d614 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 10 Apr 2014 10:09:41 +0200
Subject: [PATCH 25/27] pppd: install pppd binary using standard perms (755)
---
pppd/Makefile.linux | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 0e8107f..534ccc2 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -223,10 +223,10 @@ all: $(TARGETS)
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 755 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
- $(INSTALL) -c -m 444 pppd.8 $(MANDIR)
+ $(INSTALL) -c -m 644 pppd.8 $(MANDIR)
pppd: $(PPPDOBJS)
$(CC) $(CFLAGS) $(LDFLAGS) -o pppd $(PPPDOBJS) $(LIBS)
--
1.8.3.1

3046
0026-Revert-pppd-rebase-EAP-TLS-patch-v0.994.patch
View File

File diff suppressed because it is too large Load Diff

3205
0027-pppd-EAP-TLS-patch-v0.999.patch
View File

File diff suppressed because it is too large Load Diff

35
0028-pppoe-include-netinet-in.h-before-linux-in.h.patch
View File

@ -1,35 +0,0 @@
From 33797aa193a2751da26f9af120e39c110defe4d1 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Sat, 10 Dec 2016 19:53:56 +0100
Subject: [PATCH] pppoe: include netinet/in.h before linux/in.h
To fix build breakage.
---
pppd/plugins/rp-pppoe/pppoe.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h
index 9ab2eee..f77f5b7 100644
--- a/pppd/plugins/rp-pppoe/pppoe.h
+++ b/pppd/plugins/rp-pppoe/pppoe.h
@@ -15,6 +15,8 @@
#include "config.h"
+#include <netinet/in.h>
+
#if defined(HAVE_NETPACKET_PACKET_H) || defined(HAVE_LINUX_IF_PACKET_H)
#define _POSIX_SOURCE 1 /* For sigaction defines */
#endif
@@ -84,8 +86,6 @@ typedef unsigned long UINT32_t;
#include <linux/if_ether.h>
#endif
-#include <netinet/in.h>
-
#ifdef HAVE_NETINET_IF_ETHER_H
#include <sys/types.h>
--
2.9.3

51
ifdown-ppp
View File

@ -1,51 +0,0 @@
#! /bin/bash
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
source_config
if [ "$TYPE" = "xDSL" ] && [ -x /usr/sbin/adsl-stop ] ; then
adsl-stop /etc/sysconfig/network-scripts/$CONFIG
exit $?
fi
CONFIG=${CONFIG##ifcfg-}
if [ "${DEMAND}" = "yes" ] && [ -f /var/run/ppp-${CONFIG}.pid ] ; then
PID=$(head -1 /var/run/ppp-${CONFIG}.pid)
kill -TERM ${PID}
sleep 2
[ ! -d /proc/${PID} ] && exit 0
sleep 5
[ ! -d /proc/${PID} ] && exit 0
kill -TERM ${PID}
[ ! -d /proc/${PID} ] && exit 0
exit 1
fi
file=/var/run/pppwatch-${DEVICE}.pid
if [ ! -f $file ]; then
# ppp isn't running, or we didn't start it
exit 0
fi
PID=$(cat $file)
[ -n "${PID}" ] || exit 1
kill -TERM ${PID} > /dev/null 2>&1
[ ! -d /proc/${PID} ] && exit 0
sleep 2
[ ! -d /proc/${PID} ] && exit 0
sleep 5
[ ! -d /proc/${PID} ] && exit 0
sleep 10
[ ! -d /proc/${PID} ] && exit 0
# killing ppp-watch twice in a row causes it to send a SIGKILL to pppd pgrp
kill -TERM ${PID} > /dev/null 2>&1
[ ! -d /proc/${PID} ] && exit 0
exit 1

157
ifup-ppp
View File

@ -1,157 +0,0 @@
#! /bin/bash
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
# ifup-post for PPP is handled through /etc/ppp/ip-up
if [ "${1}" = daemon ] ; then
# we've been called from ppp-watch, so don't invoke it for persistence
shift
else
# just in case a full path to the configuration file is passed in
CONFIG=${1##*/} # CONFIG=$(basename $1)
[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1}
source_config
# don't start ppp-watch by xDSL
if [ "${DEMAND}" != yes -a "$TYPE" != "xDSL" ] ; then
# let ppp-watch do the right thing
exec /sbin/ppp-watch "${CONFIG##ifcfg-}" "$2"
fi
fi
CONFIG=$1
[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1}
source_config
if [ -z "${DISCONNECTTIMEOUT}" ]; then
DISCONNECTTIMEOUT=2
fi
if [ -z "${RETRYTIMEOUT}" ]; then
RETRYTIMEOUT=30
fi
if [ -z "${IDLETIMEOUT}" ]; then
IDLETIMEOUT=600
fi
if [ "${2}" = "boot" -a "${ONBOOT}" = "no" ]; then
exit
fi
[ -x /usr/sbin/pppd ] || {
echo $"pppd does not exist or is not executable"
echo $"ifup-ppp for ${DEVICE} exiting"
/usr/bin/logger -p daemon.info -t ifup-ppp \
$"pppd does not exist or is not executable for ${DEVICE}"
exit 1
}
# check that xDSL connection
if [ "$TYPE" = "xDSL" ] ; then
if [ -x /usr/sbin/adsl-start ] ; then
adsl-start /etc/sysconfig/network-scripts/$CONFIG
exit $?
else
/usr/bin/logger -p daemon.info -t ifup-ppp \
$"adsl-start does not exist or is not executable for ${DEVICE}"
exit 1
fi
fi
PEERCONF=/etc/ppp/peers/${DEVNAME}
if [ "${DEBUG}" = "yes" ]; then
CHATDBG="-v"
fi
if [ ! -f ${PEERCONF} ]; then
if [ -z "${WVDIALSECT}" ] ; then
CHATSCRIPT=/etc/sysconfig/network-scripts/chat-${DEVNAME}
[ -f ${CHATSCRIPT} ] || {
echo $"/etc/sysconfig/network-scripts/chat-${DEVNAME} does not exist"
echo $"ifup-ppp for ${DEVNAME} exiting"
/usr/bin/logger -p daemon.info -t ifup-ppp \
$"/etc/sysconfig/network-scripts/chat-${DEVNAME} does not exist for ${DEVICE}"
exit 1
}
fi
/usr/bin/logger -s -p daemon.notice -t ifup-ppp \
$"Setting up a new ${PEERCONF} config file"
if [ -f /etc/ppp/peers/${DEVICE} ]; then
cp -f /etc/ppp/peers/${DEVICE} ${PEERCONF}
else
touch ${PEERCONF}
fi
if [ "${WVDIALSECT}" ]; then
echo "connect \"/usr/bin/wvdial --remotename ${DEVNAME} --chat '${WVDIALSECT}'\"" >> ${PEERCONF}
else
echo "connect \"/usr/sbin/chat ${CHATDBG} -f ${CHATSCRIPT}\"" >> ${PEERCONF}
fi
fi
opts="lock"
if [ "${HARDFLOWCTL}" != no ] ; then
opts="$opts modem crtscts"
fi
if [ "${ESCAPECHARS}" != yes ] ; then
opts="$opts asyncmap 00000000"
fi
if [ "${DEFROUTE}" != no ] ; then
# pppd will no longer delete an existing default route
# so we have to help it out a little here.
DEFRT=$(ip route list match 0.0.0.0/0)
[ -n "${DEFRT}" ] && echo "$DEFRT" > /etc/default-routes
echo "$DEFRT" | while read spec; do
ip route del $spec;
done
opts="$opts defaultroute"
fi
if [ "${PEERDNS}" != no ] ; then
cp -f /etc/resolv.conf /etc/resolv.conf.save
opts="$opts usepeerdns"
fi
if [ -n "${MRU}" ] ; then
opts="$opts mru ${MRU}"
fi
if [ -n "${MTU}" ] ; then
opts="$opts mtu ${MTU}"
fi
if [ -n "${IPADDR}${REMIP}" ] ; then
# if either IP address is set, the following will work.
opts="$opts ${IPADDR}:${REMIP}"
fi
if [ -n "${PAPNAME}" ] ; then
opts="$opts user ${PAPNAME} remotename ${DEVNAME}"
fi
if [ "${DEBUG}" = yes ] ; then
opts="$opts debug"
fi
if [ ${DEMAND} = yes ] ; then
opts="$opts demand ktune idle ${IDLETIMEOUT} holdoff ${RETRYTIMEOUT}"
exec=
else
opts="$opts nodetach"
exec=exec
fi
/usr/bin/logger -p daemon.info -t ifup-ppp \
$"pppd started for ${DEVNAME} on ${MODEMPORT} at ${LINESPEED}"
$exec pppd $opts ${MODEMPORT} ${LINESPEED} \
ipparam ${DEVNAME} linkname ${DEVNAME} call ${DEVNAME}\
noauth \
${PPPOPTIONS} || exit
if [ "${DEMAND}" = "yes" ] ; then
# pppd is a tad slow to write the pid-file.
sleep 2
if [ -f /var/run/ppp-${DEVNAME}.pid ] ; then
REALDEVICE=$(tail -1 /var/run/ppp-${DEVNAME}.pid)
/etc/sysconfig/network-scripts/ifup-routes ${REALDEVICE} ${DEVNAME}
fi
fi

18
ip-down
View File

@ -1,18 +0,0 @@
#!/bin/bash
# This file should not be modified -- make local changes to
# /etc/ppp/ip-down.local instead
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
LOGDEVICE=$6
REALDEVICE=$1
/etc/ppp/ip-down.ipv6to4 ${LOGDEVICE}
[ -x /etc/ppp/ip-down.local ] && /etc/ppp/ip-down.local "$@"
/etc/sysconfig/network-scripts/ifdown-post --realdevice ${REALDEVICE} \
ifcfg-${LOGDEVICE}
exit 0

114
ip-down.ipv6to4
View File

@ -1,114 +0,0 @@
#!/bin/sh
#
# ip-down.ipv6to4
#
#
# Taken from:
# (P) & (C) 2000-2005 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# Version 2005-09-22
#
# Calling parameters:
# $1: interface name
#
# Called (mostly) by /etc/ppp/ip-down.local
# like: /etc/ppp/ip-down.ipv6to4 $1 >>/var/log/ppp-ipv6to4.log 2>&1
#
# Note: this script will *check* whether the existing 6to4 tunnel
# was set before by using "ip-up.ipv6to4" comparing IPv4 address
# of device with the generated 6to4 prefix
#
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
# IPV6TO4INIT=yes|no: controls configuration
# IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ...": information to setup additional interfaces
#
# IPV6_CONTROL_RADVD=yes|no: controls radvd triggering
# IPV6_RADVD_PIDFILE=<file>: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid"
# IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd (optional, default is SIGHUP)
#
if [ -z "$1" ]; then
echo $"Argument 1 is empty but should contain interface name - skip IPv6to4 initialization"
exit 1
fi
# Get global network configuration
. /etc/sysconfig/network
# Source IPv4 helper functions
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
# IPv6 don't need aliases anymore, config is skipped
REALDEVICE=${DEVICE%%:*}
[ "$DEVICE" != "$REALDEVICE" ] && exit 0
if [ ! -f /etc/sysconfig/network-scripts/network-functions-ipv6 ]; then
exit 1
fi
. /etc/sysconfig/network-scripts/network-functions-ipv6
# Run basic IPv6 test, if not ok, skip IPv6 initialization
ipv6_test testonly || exit 0
# Test status of ppp device
ipv6_test_device_status $DEVICE
if [ $? != 0 -a $? != 11 ]; then
# device doesn't exist or other problem occurs
exit 1
fi
# Test status of tun6to4 device
ipv6_test_device_status tun6to4
if [ $? = 0 -o $? = 11 ]; then
# Device exists
valid6to4config="yes"
# Get IPv4 address from interface
ipv4addr="$(ipv6_get_ipv4addr_of_device $DEVICE)"
if [ -z "$ipv4addr" ]; then
# Has no IPv4 address
valid6to4config="no"
fi
# Get local IPv4 address of dedicated tunnel
ipv4addr6to4local="$(ipv6_get_ipv4addr_of_tunnel tun6to4 local)"
# IPv6to4 not enabled on this interface?
if [ $IPV6TO4INIT != "yes" ]; then
# Check against configured 6to4 tunnel to see if this interface was regardless used before
if [ "$ipv4addr" != "$ipv4addr6to4local" ]; then
# IPv4 address of interface does't match local tunnel address, interface was not used for current 6to4 setup
valid6to4config="no"
fi
fi
fi
if [ "$valid6to4config" = "yes" ]; then
if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then
# Control running radvd
ipv6_trigger_radvd down "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi
if [ -n "$IPV6TO4_ROUTING" ]; then
# Delete routes to local networks
for devsuf in $IPV6TO4_ROUTING; do
dev="${devsuf%%-*}"
ipv6_cleanup_6to4_device $dev
done
fi
# Delete all configured 6to4 address
ipv6_cleanup_6to4_tunnels tun6to4
fi

17
ip-up
View File

@ -1,17 +0,0 @@
#!/bin/bash
# This file should not be modified -- make local changes to
# /etc/ppp/ip-up.local instead
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
LOGDEVICE=$6
REALDEVICE=$1
[ -f /etc/sysconfig/network-scripts/ifcfg-${LOGDEVICE} ] && /etc/sysconfig/network-scripts/ifup-post --realdevice ${REALDEVICE} ifcfg-${LOGDEVICE}
/etc/ppp/ip-up.ipv6to4 ${LOGDEVICE}
[ -x /etc/ppp/ip-up.local ] && /etc/ppp/ip-up.local "$@"
exit 0

193
ip-up.ipv6to4
View File

@ -1,193 +0,0 @@
#!/bin/sh
#
# ip-up.ipv6to4
#
#
# Taken from:
# (P) & (C) 2000-2005 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# Version: 2005-09-22
#
# Calling parameters:
# $1: interface name
#
# Called (mostly) by /etc/ppp/ip-up.local
# like: /etc/ppp/ip-up.ipv6to4 $1 >>/var/log/ppp-ipv6to4.log 2>&1
#
# Note: this script will *kill* older still existing 6to4 tunnels regardless
# whether they were set before by another device
#
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
# IPV6TO4INIT=yes|no: controls configuration
# IPV6TO4_IPV4ADDR=<IPv4 address>: special local address for 6to4 tunneling (only needed behind a NAT gateway)
# IPV6TO4_RELAY=<IPv4 address>: remote 6to4 relay router address (default: 192.88.99.1)
# IPV6TO4_MTU=<MTU for IPv6>: controls IPv6 MTU for the 6to4 link (optional, default is MTU of interface - 20)
# IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ...": information to setup additional interfaces
# Example: IPV6TO4_ROUTING="eth0-:f101::1/64 eth1-:f102::1/64"
#
# IPV6_CONTROL_RADVD=yes|no: controls radvd triggering
# IPV6_RADVD_PIDFILE=<file>: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid"
# IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd (optional, default is SIGHUP)
#
# Requirements
# radvd-0.6.2p3 or newer supporting option "Base6to4Interface"
#
if [ -z "$1" ]; then
echo $"Argument 1 is empty but should contain interface name - skip IPv6to4 initialization"
exit 1
fi
# Get global network configuration
. /etc/sysconfig/network
# Source IPv4 helper functions
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
# IPv6 don't need aliases anymore, config is skipped
REALDEVICE=${DEVICE%%:*}
[ "$DEVICE" != "$REALDEVICE" ] && exit 0
if [ ! -f /etc/sysconfig/network-scripts/network-functions-ipv6 ]; then
exit 1
fi
. /etc/sysconfig/network-scripts/network-functions-ipv6
# Run basic IPv6 test (and make sure the ipv6 module will be loaded), if not ok, skip IPv6 initialization
ipv6_test || exit 1
# Setup of 6to4, if configured
valid6to4config="yes"
if [ "$IPV6TO4INIT" = "yes" ]; then
if [ -n "$IPV6TO4_IPV4ADDR" ]; then
# Take 6to4-dedicated configured IPv4 address from config file (precedence 1)
ipv4addr="$IPV6TO4_IPV4ADDR"
else
# Get IPv4 address from interface (precedence 2)
ipv4addr="$(ipv6_get_ipv4addr_of_device $DEVICE)"
if [ -z "$ipv4addr" ]; then
# Take configured IPv4 address of interface from config file (precedence 3)
ipv4addr="$IPADDR"
fi
fi
if [ -n "$ipv4addr" ]; then
# Test for non-global IPv4 address
if ! ipv6_test_ipv4_addr_global_usable $ipv4addr; then
net_log $"Given IPv4 address '$ipv4addr' is not globally usable" info
valid6to4config="no"
fi
else
net_log $"IPv6to4 configuration needs an IPv4 address on related interface or otherwise specified" info
valid6to4config="no"
fi
if [ -z "$IPV6TO4_RELAY" ]; then
IPV6TO4_RELAY="192.88.99.1"
fi
# Check/generate relay address
ipv6to4_relay="$(ipv6_create_6to4_relay_address $IPV6TO4_RELAY)"
if [ $? -ne 0 ]; then
valid6to4config="no"
fi
if [ "$valid6to4config" = "yes" ]; then
# Delete routes to local networks
for devsuf in $IPV6TO4_ROUTING; do
dev="${devsuf%%-*}"
ipv6_cleanup_6to4_device $dev
done
# Cleanup all old data (needed, if "ip-down.ipv6to4" wasn't executed), delete all configured 6to4 address
ipv6_cleanup_6to4_tunnels tun6to4
# Get MTU of master device
ipv4mtu="$(/sbin/ip link show dev $DEVICE | awk '/\<mtu\>/ { print $5 }')"
if [ -n "$ipv4mtu" ]; then
# IPv6 tunnel MTU is IPv4 MTU minus 20 for IPv4 header
tunnelmtu=$[ $ipv4mtu - 20 ]
fi
if [ -n "$IPV6TO4_MTU" ]; then
if [ $IPV6TO4_MTU -gt $tunnelmtu ]; then
net_log $"Warning: configured MTU '$IPV6TO4_MTU' for 6to4 exceeds maximum limit of '$tunnelmtu', ignored" warning
else
tunnelmtu=$IPV6TO4_MTU
fi
fi
# Setup new data
ipv6_add_6to4_tunnel tun6to4 $ipv4addr "" $tunnelmtu || exit 1
# Add route to for compatible addresses (removed later again)
ipv6_add_route "::/96" "::" tun6to4
# Add default route, if device matches
if [ "$IPV6_DEFAULTDEV" = "tun6to4" ]; then
if [ -n "$IPV6_DEFAULTGW" ]; then
net_log $"Warning: interface 'tun6to4' does not support 'IPV6_DEFAULTGW', ignored" warning
fi
ipv6_set_default_route $ipv6to4_relay tun6to4
fi
# Add static routes
if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
LC_ALL=C grep -w "^tun6to4" /etc/sysconfig/static-routes-ipv6 | while read device network gateway; do
if [ -z "$network" ]; then
continue
fi
if [ -z "$gateway" ]; then
gateway="$ipv6to4_relay"
fi
ipv6_add_route $network $gateway tun6to4
done
fi
# Setup additional static IPv6 routes (newer config style)
if [ -f "/etc/sysconfig/network-scripts/route6-tun6to4" ]; then
sed -ne 's/#.*//' -e '/[^[:space:]]/p' /etc/sysconfig/network-scripts/route6-tun6to4 | while read line; do
if echo "$line" | grep -vq 'via'; then
# Add gateway if missing
line="$line via $ipv6to4_relay"
fi
/sbin/ip -6 route add $line
done
fi
# Cleanup autmatically generated autotunnel (not needed for 6to4)
/sbin/ip -6 route del ::/96 dev tun6to4
/sbin/ip -6 addr del tun6to4 "::$ipv4addr/128" dev tun6to4
if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then
# Control running radvd
ipv6_trigger_radvd up "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
if [ -n "$IPV6TO4_ROUTING" ]; then
# Generate 6to4 address
ipv6to4prefix="$(ipv6_create_6to4_prefix $ipv4addr)"
if [ -n "$ipv6to4prefix" ]; then
# Add IPv6 address to interface (required interface route will be set automatically)
for devsuf in $IPV6TO4_ROUTING; do
dev="${devsuf%%-*}"
suf="$(echo $devsuf | awk -F- '{ print $2 }')"
ipv6_add_addr_on_device ${dev} ${ipv6to4prefix}${suf}
done
else
net_log $"Error occurred while calculating the IPv6to4 prefix"
fi
else
net_log $"radvd control enabled, but config is not complete"
fi
fi
fi
fi

70
ipv6-down
View File

@ -1,70 +0,0 @@
#!/bin/sh
#
# ipv6-down
#
# Called by pppd after IPV6CP/down was finished
#
# This file should not be modified -- make local changes to
# /etc/ppp/ipv6-down.local instead
#
#
# Taken from:
# (P) & (C) 2001-2006 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
# Calling parameters:
# $1: interface name
# $6: logical interface name (set by pppd option ipparam)
#
# Version 2006-08-02
#
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
#
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
LOGDEVICE=$6
REALDEVICE=$1
[ -f /etc/sysconfig/network ] || exit 0
. /etc/sysconfig/network
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$LOGDEVICE
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6
[ -x /etc/ppp/ipv6-down.local ] && /etc/ppp/ipv6-down.local "$@"
if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then
# Control running radvd
ipv6_trigger_radvd down "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi
# IPv6 test, no module loaded, exit if system is not IPv6-ready
ipv6_test testonly || exit 0
# Test device status
ipv6_test_device_status $REALDEVICE
if [ $? != 0 -a $? != 11 ]; then
# device doesn't exist or other problem occurs
exit 1
fi
# Delete all current configured IPv6 addresses on this interface
ipv6_cleanup_device $REALDEVICE
exit 0

112
ipv6-up
View File

@ -1,112 +0,0 @@
#!/bin/bash
#
# ipv6-up
#
# Called by pppd after IPV6CP/up was finished
#
# This file should not be modified -- make local changes to
# /etc/ppp/ipv6-up.local instead
#
# Taken from:
# (P) & (C) 2001-2006 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
# Calling parameters:
# $1: interface name
# $6: logical interface name (set by pppd option ipparam)
#
#
# Version: 2006-08-02
#
# Uses following information from "/etc/sysconfig/network":
# IPV6_DEFAULTDEV=<device>: controls default route (optional)
#
# Uses following information from "/etc/sysconfig/network-scripts/ifcfg-$1":
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
# IPV6ADDR=<IPv6 address>[/<prefix length>]: specify primary static IPv6 address
# IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
# IPV6_MTU=<MTU for IPv6>: controls IPv6 MTU for this link (optional)
#
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
LOGDEVICE=$6
REALDEVICE=$1
[ -f /etc/sysconfig/network ] || exit 0
. /etc/sysconfig/network
cd /etc/sysconfig/network-scripts
. ./network-functions
. ./network-functions-ipv6
CONFIG=$LOGDEVICE
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
# Test whether IPv6 configuration is disabled for this interface
[[ "$IPV6INIT" = [nN0]* ]] && exit 0
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6
# IPv6 test, module loaded, exit if system is not IPv6-ready
ipv6_test || exit 1
# Test device status
ipv6_test_device_status $REALDEVICE
if [ $? != 0 -a $? != 11 ]; then
# device doesn't exist or other problem occurs
exit 1
fi
# Setup IPv6 address on specified interface
if [ -n "$IPV6ADDR" ]; then
ipv6_add_addr_on_device $REALDEVICE $IPV6ADDR || exit 1
fi
# Set IPv6 MTU, if given
if [ -n "$IPV6_MTU" ]; then
ipv6_set_mtu $REALDEVICE $IPV6_MTU
fi
# Setup additional IPv6 addresses from list, if given
if [ -n "$IPV6ADDR_SECONDARIES" ]; then
for ipv6addr in $IPV6ADDR_SECONDARIES; do
ipv6_add_addr_on_device $REALDEVICE $ipv6addr
done
fi
# Setup default IPv6 route through device
if [ "$IPV6_DEFAULTDEV" = "$LOGDEVICE" ]; then
ipv6_set_default_route "" "$REALDEVICE" "$REALDEVICE"
fi
# Setup additional static IPv6 routes on specified interface, if given
if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
LC_ALL=C grep -w "^$LOGDEVICE" /etc/sysconfig/static-routes-ipv6 | while read device args; do
ipv6_add_route $args $REALDEVICE
done
fi
# Setup additional static IPv6 routes (newer config style)
if [ -f "/etc/sysconfig/network-scripts/route6-$DEVICE" ]; then
sed -ne 's/#.*//' -e '/[^[:space:]]/p' "/etc/sysconfig/network-scripts/route6-$DEVICE" | while read line; do
/sbin/ip -6 route add $line
done
fi
if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then
# Control running radvd
ipv6_trigger_radvd up "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi
[ -x /etc/ppp/ipv6-up.local ] && /etc/ppp/ipv6-up.local "$@"
exit 0

0
ppp-pam.conf → ppp-2.3.5-pamd.conf
View File

76
0004-doc-add-configuration-samples.patch → ppp-2.3.6-sample.patch
View File

@ -1,30 +1,5 @@
From d7faeb88f684c8b2ae193b2c5b5b358ac757fcfa Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:39:09 +0200
Subject: [PATCH 04/27] doc: add configuration samples
---
sample/auth-down | 17 ++++++
sample/auth-up | 17 ++++++
sample/ip-down | 22 ++++++++
sample/ip-up | 23 ++++++++
sample/options | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++
sample/options.ttyXX | 14 +++++
sample/pap-secrets | 28 ++++++++++
7 files changed, 274 insertions(+)
create mode 100644 sample/auth-down
create mode 100644 sample/auth-up
create mode 100644 sample/ip-down
create mode 100644 sample/ip-up
create mode 100644 sample/options
create mode 100644 sample/options.ttyXX
create mode 100644 sample/pap-secrets
diff --git a/sample/auth-down b/sample/auth-down
new file mode 100644
index 0000000..edde65d
--- /dev/null
+++ b/sample/auth-down
--- ppp-2.3.3/sample/auth-down.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/auth-down Tue Jan 6 17:53:27 1998
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
@ -43,11 +18,8 @@ index 0000000..edde65d
+echo auth-down `date +'%y/%m/%d %T'` $* >> /var/log/pppstats
+
+# last line
diff --git a/sample/auth-up b/sample/auth-up
new file mode 100644
index 0000000..54722a3
--- /dev/null
+++ b/sample/auth-up
--- ppp-2.3.3/sample/auth-up.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/auth-up Tue Jan 6 17:53:27 1998
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
@ -66,11 +38,8 @@ index 0000000..54722a3
+echo auth-up `date +'%y/%m/%d %T'` $* >> /var/log/pppstats
+
+# last line
diff --git a/sample/ip-down b/sample/ip-down
new file mode 100644
index 0000000..b771fb6
--- /dev/null
+++ b/sample/ip-down
--- ppp-2.3.3/sample/ip-down.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/ip-down Tue Jan 6 17:53:27 1998
@@ -0,0 +1,22 @@
+#!/bin/sh
+#
@ -94,16 +63,13 @@ index 0000000..b771fb6
+export PATH
+
+# last line
diff --git a/sample/ip-up b/sample/ip-up
new file mode 100644
index 0000000..7ce7c8d
--- /dev/null
+++ b/sample/ip-up
--- ppp-2.3.3/sample/ip-up.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/ip-up Tue Jan 6 17:53:27 1998
@@ -0,0 +1,23 @@
+#!/bin/sh
+#
+# This script is run by the pppd after the link is established.
+# It should be used to add routes, set IP address, run the mailq
+# It should be used to add routes, set IP address, run the mailq
+# etc.
+#
+# This script is called with the following arguments:
@ -123,11 +89,8 @@ index 0000000..7ce7c8d
+export PATH
+
+# last line
diff --git a/sample/options b/sample/options
new file mode 100644
index 0000000..8d0a3f9
--- /dev/null
+++ b/sample/options
--- ppp-2.3.3/sample/options.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/options Tue Jan 6 17:53:27 1998
@@ -0,0 +1,153 @@
+# /etc/ppp/options
+
@ -282,11 +245,8 @@ index 0000000..8d0a3f9
+noipx
+
+# ---<End of File>---
diff --git a/sample/options.ttyXX b/sample/options.ttyXX
new file mode 100644
index 0000000..d4202f5
--- /dev/null
+++ b/sample/options.ttyXX
--- ppp-2.3.3/sample/options.ttyXX.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/options.ttyXX Tue Jan 6 17:53:27 1998
@@ -0,0 +1,14 @@
+# If you need to set up multiple serial lines then copy this file to
+# options.<ttyname> for each tty with a modem on it.
@ -302,11 +262,8 @@ index 0000000..d4202f5
+# is the IP address of your host
+#
+hostname-s1:hostname
diff --git a/sample/pap-secrets b/sample/pap-secrets
new file mode 100644
index 0000000..098971b
--- /dev/null
+++ b/sample/pap-secrets
--- ppp-2.3.3/sample/pap-secrets.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/pap-secrets Tue Jan 6 17:53:27 1998
@@ -0,0 +1,28 @@
+# Secrets for authentication using PAP
+# client server secret IP addresses
@ -336,6 +293,3 @@ index 0000000..098971b
+#root hostname "*" -
+#support hostname "*" -
+#stats hostname "*" -
--
1.8.3.1

12
ppp-2.4.1-varargs.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up ppp-2.4.4/pppd/utils.c.varargs ppp-2.4.4/pppd/utils.c
--- ppp-2.4.4/pppd/utils.c.varargs 2004-11-04 05:02:26.000000000 -0500
+++ ppp-2.4.4/pppd/utils.c 2008-08-28 17:34:29.000000000 -0400
@@ -290,7 +290,7 @@ vslprintf(buf, buflen, fmt, args)
#if 0 /* not used, and breaks on S/390, apparently */
case 'r':
f = va_arg(args, char *);
-#ifndef __powerpc__
+#if !defined (__powerpc__) && !defined(__s390__) && !defined(__s390x__) && !defined(__x86_64__)
n = vslprintf(buf, buflen + 1, f, va_arg(args, va_list));
#else
/* On the powerpc, a va_list is an array of 1 structure */

40
0006-scritps-use-change_resolv_conf-function.patch → ppp-2.4.2-change_resolv_conf.patch
View File

@ -1,24 +1,7 @@
From 01419dfb684d501b57f1c24dcfdbcf9da93ccca2 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:12:47 +0200
Subject: [PATCH 06/27] scritps: use change_resolv_conf function
Don't handle /etc/resolv.conf manually, but use a helper function from
initscripts. Also change path where we save DNS servers supplied by peer while
we are at it.
Resolves: #132482
---
pppd/pppd.8 | 2 +-
scripts/ip-down.local.add | 9 +++++----
scripts/ip-up.local.add | 17 ++++++++++-------
3 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/pppd/pppd.8 b/pppd/pppd.8
index e2768b1..2dd6e1a 100644
--- a/pppd/pppd.8
+++ b/pppd/pppd.8
@@ -1099,7 +1099,7 @@ Ask the peer for up to 2 DNS server addresses. The addresses supplied
diff -urNp --exclude-from=/mdomsch2/excludes --minimal ppp-2.4.3.orig/pppd/pppd.8 ppp-2.4.3/pppd/pppd.8
--- ppp-2.4.3.orig/pppd/pppd.8 2004-11-13 06:22:49.000000000 -0600
+++ ppp-2.4.3/pppd/pppd.8 2005-08-03 22:10:34.000000000 -0500
@@ -1035,7 +1035,7 @@ Ask the peer for up to 2 DNS server addr
by the peer (if any) are passed to the /etc/ppp/ip\-up script in the
environment variables DNS1 and DNS2, and the environment variable
USEPEERDNS will be set to 1. In addition, pppd will create an
@ -27,10 +10,8 @@ index e2768b1..2dd6e1a 100644
the address(es) supplied by the peer.
.TP
.B user \fIname
diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add
index b93590e..163f71e 100644
--- a/scripts/ip-down.local.add
+++ b/scripts/ip-down.local.add
--- ppp-2.4.2/scripts/ip-down.local.add.change_resolv_conf 1999-02-27 05:32:42.000000000 +0100
+++ ppp-2.4.2/scripts/ip-down.local.add 2004-09-14 14:36:20.058008752 +0200
@@ -9,12 +9,13 @@
#
# Nick Walker (nickwalker@email.com)
@ -49,10 +30,8 @@ index b93590e..163f71e 100644
fi
fi
diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
index 8017209..26cf5f8 100644
--- a/scripts/ip-up.local.add
+++ b/scripts/ip-up.local.add
--- ppp-2.4.2/scripts/ip-up.local.add.change_resolv_conf 1999-11-15 04:28:10.000000000 +0100
+++ ppp-2.4.2/scripts/ip-up.local.add 2004-09-14 14:37:39.129061828 +0200
@@ -9,16 +9,19 @@
#
# Nick Walker (nickwalker@email.com)
@ -80,6 +59,3 @@ index 8017209..26cf5f8 100644
fi
fi
--
1.8.3.1

62
0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch → ppp-2.4.2-dontwriteetc.patch
View File

@ -1,20 +1,7 @@
From b4ef433be936c90e356da7a590b032cdee219a3f Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 19:06:05 +0200
Subject: [PATCH 11/27] build-sys: don't put connect-errors log to /etc/ppp/
Resolves: #118837
---
chat/chat.8 | 2 +-
linux/Makefile.top | 8 +++++++-
pppd/pathnames.h | 4 ++--
3 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/chat/chat.8 b/chat/chat.8
index 6d10836..78d6939 100644
--- a/chat/chat.8
+++ b/chat/chat.8
@@ -200,7 +200,7 @@ The \fBSAY\fR directive allows the script to send strings to the user
diff -up ppp-2.4.4/chat/chat.8.dontwriteetc ppp-2.4.4/chat/chat.8
--- ppp-2.4.4/chat/chat.8.dontwriteetc 2004-11-13 13:22:49.000000000 +0100
+++ ppp-2.4.4/chat/chat.8 2008-03-03 15:37:55.000000000 +0100
@@ -200,7 +200,7 @@ The \fBSAY\fR directive allows the scrip
at the terminal via standard error. If \fBchat\fR is being run by
pppd, and pppd is running as a daemon (detached from its controlling
terminal), standard error will normally be redirected to the file
@ -23,10 +10,24 @@ index 6d10836..78d6939 100644
.LP
\fBSAY\fR strings must be enclosed in single or double quotes. If
carriage return and line feed are needed in the string to be output,
diff --git a/linux/Makefile.top b/linux/Makefile.top
index f63d45e..f42efd5 100644
--- a/linux/Makefile.top
+++ b/linux/Makefile.top
diff -up ppp-2.4.4/pppd/pathnames.h.dontwriteetc ppp-2.4.4/pppd/pathnames.h
--- ppp-2.4.4/pppd/pathnames.h.dontwriteetc 2008-03-03 15:26:51.000000000 +0100
+++ ppp-2.4.4/pppd/pathnames.h 2008-03-03 15:26:51.000000000 +0100
@@ -28,9 +28,9 @@
#define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up"
#define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down"
#define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options."
-#define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors"
+#define _PATH_CONNERRS _ROOT_PATH "/var/log/ppp/connect-errors"
#define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/"
-#define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf"
+#define _PATH_RESOLV _ROOT_PATH "/var/run/ppp/resolv.conf"
#define _PATH_USEROPT ".ppprc"
#define _PATH_PSEUDONYM ".ppp_pseudonym"
diff -up ppp-2.4.4/linux/Makefile.top.dontwriteetc ppp-2.4.4/linux/Makefile.top
--- ppp-2.4.4/linux/Makefile.top.dontwriteetc 2006-06-04 07:04:14.000000000 +0200
+++ ppp-2.4.4/linux/Makefile.top 2008-03-03 15:42:10.000000000 +0100
@@ -5,6 +5,8 @@ BINDIR = $(DESTDIR)/sbin
INCDIR = $(DESTDIR)/include
MANDIR = $(DESTDIR)/share/man
@ -56,22 +57,3 @@ index f63d45e..f42efd5 100644
clean:
rm -f `find . -name '*.[oas]' -print`
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index a427cb8..bef3160 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -28,9 +28,9 @@
#define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up"
#define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down"
#define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options."
-#define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors"
+#define _PATH_CONNERRS _ROOT_PATH "/var/log/ppp/connect-errors"
#define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/"
-#define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf"
+#define _PATH_RESOLV _ROOT_PATH "/var/run/ppp/resolv.conf"
#define _PATH_USEROPT ".ppprc"
#define _PATH_PSEUDONYM ".ppp_pseudonym"
--
1.8.3.1

86
ppp-2.4.2-libutil.patch Normal file
View File

@ -0,0 +1,86 @@
glibc provides logwtmp in libutil, so we'll use that instead.
--- ppp-2.4.2/pppd/sys-linux.c 2004-03-10 18:26:53.000000000 -0500
+++ ppp-2.4.2/pppd/sys-linux.c 2004-03-10 18:26:40.000000000 -0500
@@ -2151,81 +2151,6 @@
/********************************************************************
*
- * Update the wtmp file with the appropriate user name and tty device.
- */
-
-void logwtmp (const char *line, const char *name, const char *host)
-{
- struct utmp ut, *utp;
- pid_t mypid = getpid();
-#if __GLIBC__ < 2
- int wtmp;
-#endif
-
-/*
- * Update the signon database for users.
- * Christoph Lameter: Copied from poeigl-1.36 Jan 3, 1996
- */
- utmpname(_PATH_UTMP);
- setutent();
- while ((utp = getutent()) && (utp->ut_pid != mypid))
- /* nothing */;
-
- if (utp)
- memcpy(&ut, utp, sizeof(ut));
- else
- /* some gettys/telnetds don't initialize utmp... */
- memset(&ut, 0, sizeof(ut));
-
- if (ut.ut_id[0] == 0)
- strncpy(ut.ut_id, line + 3, sizeof(ut.ut_id));
-
- strncpy(ut.ut_user, name, sizeof(ut.ut_user));
- strncpy(ut.ut_line, line, sizeof(ut.ut_line));
-
- time(&ut.ut_time);
-
- ut.ut_type = USER_PROCESS;
- ut.ut_pid = mypid;
-
- /* Insert the host name if one is supplied */
- if (*host)
- strncpy (ut.ut_host, host, sizeof(ut.ut_host));
-
- /* Insert the IP address of the remote system if IP is enabled */
- if (ipcp_protent.enabled_flag && ipcp_hisoptions[0].neg_addr)
- memcpy(&ut.ut_addr, (char *) &ipcp_hisoptions[0].hisaddr,
- sizeof(ut.ut_addr));
-
- /* CL: Makes sure that the logout works */
- if (*host == 0 && *name==0)
- ut.ut_host[0]=0;
-
- pututline(&ut);
- endutent();
-/*
- * Update the wtmp file.
- */
-#if __GLIBC__ >= 2
- updwtmp(_PATH_WTMP, &ut);
-#else
- wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY);
- if (wtmp >= 0) {
- flock(wtmp, LOCK_EX);
-
- if (write (wtmp, (char *)&ut, sizeof(ut)) != sizeof(ut))
- warn("error writing %s: %m", _PATH_WTMP);
-
- flock(wtmp, LOCK_UN);
-
- close (wtmp);
- }
-#endif
-}
-
-
-/********************************************************************
- *
* sifvjcomp - config tcp header compression
*/

24
ppp-2.4.2-pie.patch Normal file
View File

@ -0,0 +1,24 @@
diff -up ppp-2.4.4/chat/Makefile.linux.pie ppp-2.4.4/chat/Makefile.linux
--- ppp-2.4.4/chat/Makefile.linux.pie 2008-08-28 17:34:49.000000000 -0400
+++ ppp-2.4.4/chat/Makefile.linux 2008-08-28 17:34:49.000000000 -0400
@@ -18,7 +18,7 @@ INSTALL= install
all: chat
chat: chat.o
- $(CC) -o chat chat.o
+ $(CC) -pie -o chat chat.o
chat.o: chat.c
$(CC) -c $(CFLAGS) -o chat.o chat.c
diff -up ppp-2.4.4/pppd/Makefile.linux.pie ppp-2.4.4/pppd/Makefile.linux
--- ppp-2.4.4/pppd/Makefile.linux.pie 2008-08-28 17:34:49.000000000 -0400
+++ ppp-2.4.4/pppd/Makefile.linux 2008-08-28 17:35:38.000000000 -0400
@@ -207,7 +207,7 @@ install: pppd
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
pppd: $(PPPDOBJS)
- $(CC) $(CFLAGS) $(LDFLAGS) -o pppd $(PPPDOBJS) $(LIBS)
+ $(CC) $(CFLAGS) -pie $(LDFLAGS) -o pppd $(PPPDOBJS) $(LIBS)
srp-entry: srp-entry.c
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ srp-entry.c $(LIBS)

10
ppp-2.4.2-pppoatm-make.patch Normal file
View File

@ -0,0 +1,10 @@
diff -up ppp-2.4.4/pppd/plugins/pppoatm/Makefile.linux.atm-make ppp-2.4.4/pppd/plugins/pppoatm/Makefile.linux
--- ppp-2.4.4/pppd/plugins/pppoatm/Makefile.linux.atm-make 2008-08-28 17:36:10.000000000 -0400
+++ ppp-2.4.4/pppd/plugins/pppoatm/Makefile.linux 2008-08-28 17:36:56.000000000 -0400
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install

115
ppp-2.4.3-fix.patch Normal file
View File

@ -0,0 +1,115 @@
--- ppp-2.4.3/pppd/plugins/rp-pppoe/discovery.c.fix 2004-11-04 11:07:37.000000000 +0100
+++ ppp-2.4.3/pppd/plugins/rp-pppoe/discovery.c 2004-11-22 16:00:24.522462124 +0100
@@ -13,6 +13,8 @@
#include "pppoe.h"
#include "pppd/pppd.h"
+void warn __P((char *, ...)); /* log a warning message */
+
#include <string.h>
#include <stdlib.h>
#include <errno.h>
--- ppp-2.4.3/pppd/ipv6cp.c.fix 2004-11-13 03:28:15.000000000 +0100
+++ ppp-2.4.3/pppd/ipv6cp.c 2004-11-22 16:00:27.049114044 +0100
@@ -151,6 +151,7 @@
*/
#include <stdio.h>
+#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <netdb.h>
@@ -1064,7 +1065,9 @@
return (rc); /* Return final code */
}
-
+#if defined(SOL2) || defined(__linux__)
+int ether_to_eui64(eui64_t *p_eui64);
+#endif
/*
* ipv6_check_options - check that any IP-related options are OK,
* and assign appropriate defaults.
--- ppp-2.4.3/pppdump/deflate.c.fix 2004-02-02 04:36:46.000000000 +0100
+++ ppp-2.4.3/pppdump/deflate.c 2004-11-22 16:02:18.071820020 +0100
@@ -39,6 +39,7 @@
#include <sys/types.h>
#include <stdio.h>
#include <stddef.h>
+#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "ppp_defs.h"
@@ -237,8 +238,8 @@
{
struct deflate_state *state = (struct deflate_state *) arg;
u_char *rptr, *wptr;
- int rlen, olen, ospace;
- int seq, i, flush, r, decode_proto;
+ int rlen, olen;
+ int seq, r;
rptr = mi;
if (*rptr == 0)
--- ppp-2.4.3/pppdump/bsd-comp.c.fix 2004-02-02 04:36:46.000000000 +0100
+++ ppp-2.4.3/pppdump/bsd-comp.c 2004-11-22 16:00:27.052113631 +0100
@@ -383,7 +383,7 @@
|| options[0] != CI_BSD_COMPRESS || options[1] != CILEN_BSD_COMPRESS
|| BSD_VERSION(options[2]) != BSD_CURRENT_VERSION
|| BSD_NBITS(options[2]) != db->maxbits
- || decomp && db->lens == NULL)
+ || (decomp && db->lens == NULL))
return 0;
if (decomp) {
@@ -556,11 +556,11 @@
u_int n_bits = db->n_bits;
u_int tgtbitno = 32-n_bits; /* bitno when we have a code */
struct bsd_dict *dictp;
- int explen, i, seq, len;
+ int explen, seq, len;
u_int incode, oldcode, finchar;
u_char *p, *rptr, *wptr;
int ilen;
- int dlen, space, codelen, extra;
+ int dlen=0, codelen, extra;
rptr = cmsg;
if (*rptr == 0)
@@ -616,7 +616,7 @@
}
if (incode > max_ent + 2 || incode > db->maxmaxcode
- || incode > max_ent && oldcode == CLEAR) {
+ || (incode > max_ent && oldcode == CLEAR)) {
if (db->debug) {
printf("bsd_decomp%d: bad code 0x%x oldcode=0x%x ",
db->unit, incode, oldcode);
--- ppp-2.4.3/pppdump/pppdump.c.fix 2004-02-02 04:36:46.000000000 +0100
+++ ppp-2.4.3/pppdump/pppdump.c 2004-11-22 16:00:27.054113356 +0100
@@ -34,6 +34,7 @@
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stdio.h>
+#include <stdlib.h>
#include <unistd.h>
#include <stdlib.h>
#include <time.h>
@@ -191,7 +192,7 @@
show_time(f, c);
break;
default:
- printf("?%.2x\n");
+ printf("?%.2x\n", c);
}
}
}
@@ -421,7 +422,7 @@
show_time(f, c);
break;
default:
- printf("?%.2x\n");
+ printf("?%.2x\n", c);
}
}
}

10
ppp-2.4.3-fix64.patch Normal file
View File

@ -0,0 +1,10 @@
--- ppp-2.4.3/pppd/sha1.c.fix64 2004-10-25 01:28:02.000000000 +0200
+++ ppp-2.4.3/pppd/sha1.c 2004-11-22 16:44:16.850768926 +0100
@@ -18,6 +18,7 @@
#include <string.h>
#include <netinet/in.h> /* htonl() */
+#include <sys/types.h> /* u_int32_t */
#include <net/ppp_defs.h>
#include "sha1.h"

31
0009-pppd-introduce-ipv6-accept-remote.patch → ppp-2.4.3-ipv6-accept-remote.patch
View File

@ -1,18 +1,6 @@
From abef895f9d144f05a83045136b77277352dc450f Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2@fedoraproject.org>
Date: Fri, 4 Apr 2014 18:53:33 +0200
Subject: [PATCH 09/27] pppd: introduce ipv6-accept-remote
---
pppd/ipv6cp.c | 5 ++++-
pppd/ipv6cp.h | 3 ++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/pppd/ipv6cp.c b/pppd/ipv6cp.c
index caa2b26..5a56c95 100644
--- a/pppd/ipv6cp.c
+++ b/pppd/ipv6cp.c
@@ -245,6 +245,8 @@ static option_t ipv6cp_option_list[] = {
--- ppp-2.4.3/pppd/ipv6cp.c~ 2005-11-04 09:40:10.000000000 +0000
+++ ppp-2.4.3/pppd/ipv6cp.c 2005-11-04 10:20:14.000000000 +0000
@@ -235,6 +235,8 @@ static option_t ipv6cp_option_list[] = {
{ "ipv6cp-accept-local", o_bool, &ipv6cp_allowoptions[0].accept_local,
"Accept peer's interface identifier for us", 1 },
@ -21,7 +9,7 @@ index caa2b26..5a56c95 100644
{ "ipv6cp-use-ipaddr", o_bool, &ipv6cp_allowoptions[0].use_ip,
"Use (default) IPv4 address as interface identifier", 1 },
@@ -437,6 +439,7 @@ ipv6cp_init(unit)
@@ -427,6 +429,7 @@ ipv6cp_init(unit)
memset(ao, 0, sizeof(*ao));
wo->accept_local = 1;
@ -29,7 +17,7 @@ index caa2b26..5a56c95 100644
wo->neg_ifaceid = 1;
ao->neg_ifaceid = 1;
@@ -962,7 +965,7 @@ ipv6cp_reqci(f, inp, len, reject_if_disagree)
@@ -952,7 +955,7 @@ ipv6cp_reqci(f, inp, len, reject_if_disa
orc = CONFREJ; /* Reject CI */
break;
}
@ -38,10 +26,8 @@ index caa2b26..5a56c95 100644
!eui64_equals(ifaceid, wo->hisid) &&
eui64_iszero(go->hisid)) {
diff --git a/pppd/ipv6cp.h b/pppd/ipv6cp.h
index cc4568d..8c7552e 100644
--- a/pppd/ipv6cp.h
+++ b/pppd/ipv6cp.h
--- ppp-2.4.3/pppd/ipv6cp.h~ 2002-12-04 23:03:32.000000000 +0000
+++ ppp-2.4.3/pppd/ipv6cp.h 2005-11-04 10:20:55.000000000 +0000
@@ -150,7 +150,8 @@
typedef struct ipv6cp_options {
int neg_ifaceid; /* Negotiate interface identifier? */
@ -52,6 +38,3 @@ index cc4568d..8c7552e 100644
int opt_local; /* ourtoken set by option */
int opt_remote; /* histoken set by option */
int use_ip; /* use IP as interface identifier */
--
1.8.3.1

53
0008-build-sys-use-prefix-usr-instead-of-usr-local.patch → ppp-2.4.3-local.patch
View File

@ -1,20 +1,6 @@
From 343728d5de6e44bd67923503e62eefaad50760a4 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:47:01 +0200
Subject: [PATCH 08/27] build-sys: use prefix /usr instead of /usr/local
---
configure | 2 +-
pppd/Makefile.linux | 4 ++--
scripts/ppp-on-rsh | 2 +-
scripts/ppp-on-ssh | 4 ++--
scripts/secure-card | 2 +-
5 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/configure b/configure
index 6a55e0f..db54d77 100755
--- a/configure
+++ b/configure
diff -up ppp-2.4.4/configure.local ppp-2.4.4/configure
--- ppp-2.4.4/configure.local 2005-07-08 20:23:05.000000000 -0400
+++ ppp-2.4.4/configure 2008-08-28 17:38:04.000000000 -0400
@@ -2,7 +2,7 @@
# $Id: configure,v 1.38 2008/06/15 07:08:49 paulus Exp $
@ -24,11 +10,10 @@ index 6a55e0f..db54d77 100755
SYSCONF=/etc
# if [ -d /NextApps ]; then
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 4f27100..95c2598 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -99,8 +99,8 @@ endif
diff -up ppp-2.4.4/pppd/Makefile.linux.local ppp-2.4.4/pppd/Makefile.linux
--- ppp-2.4.4/pppd/Makefile.linux.local 2008-08-28 17:37:33.000000000 -0400
+++ ppp-2.4.4/pppd/Makefile.linux 2008-08-28 17:37:33.000000000 -0400
@@ -97,8 +97,8 @@ endif
# EAP SRP-SHA1
ifdef USE_SRP
@ -39,10 +24,9 @@ index 4f27100..95c2598 100644
TARGETS += srp-entry
EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
diff --git a/scripts/ppp-on-rsh b/scripts/ppp-on-rsh
index 30a50db..a80616a 100755
--- a/scripts/ppp-on-rsh
+++ b/scripts/ppp-on-rsh
diff -up ppp-2.4.4/scripts/ppp-on-rsh.local ppp-2.4.4/scripts/ppp-on-rsh
--- ppp-2.4.4/scripts/ppp-on-rsh.local 2000-04-15 05:49:28.000000000 -0400
+++ ppp-2.4.4/scripts/ppp-on-rsh 2008-08-28 17:37:33.000000000 -0400
@@ -26,7 +26,7 @@ PPPD_RHOST=myremotehost
# For this example, we assume that pppd on both local and remote
# machines reside in the same place, /usr/local/bin/pppd
@ -52,10 +36,9 @@ index 30a50db..a80616a 100755
#
# The location of local options file (where rsh client is running).
diff --git a/scripts/ppp-on-ssh b/scripts/ppp-on-ssh
index 0e41aca..c27e80a 100755
--- a/scripts/ppp-on-ssh
+++ b/scripts/ppp-on-ssh
diff -up ppp-2.4.4/scripts/ppp-on-ssh.local ppp-2.4.4/scripts/ppp-on-ssh
--- ppp-2.4.4/scripts/ppp-on-ssh.local 2000-04-15 05:49:42.000000000 -0400
+++ ppp-2.4.4/scripts/ppp-on-ssh 2008-08-28 17:37:33.000000000 -0400
@@ -26,7 +26,7 @@ PPPD_RHOST=myremotehost
# For this example, we assume that pppd on both local and remote
# machines reside in the same place, /usr/local/bin/pppd
@ -74,16 +57,12 @@ index 0e41aca..c27e80a 100755
export PPPD_LOC PPPD_LOC_OPT PPPD_REM_OPT PPPD_RHOST SSH_LOC
diff --git a/scripts/secure-card b/scripts/secure-card
index 0002365..ae3ae50 100755
--- a/scripts/secure-card
+++ b/scripts/secure-card
diff -up ppp-2.4.4/scripts/secure-card.local ppp-2.4.4/scripts/secure-card
--- ppp-2.4.4/scripts/secure-card.local 2004-02-01 22:36:46.000000000 -0500
+++ ppp-2.4.4/scripts/secure-card 2008-08-28 17:37:33.000000000 -0400
@@ -1,4 +1,4 @@
-#!/usr/local/bin/expect -f
+#!/usr/bin/expect -f
#
# This script was written by Jim Isaacson <jcisaac@crl.com>. It is
# designed to work as a script to use the SecureCARD(tm) device. This
--
1.8.3.1

91
ppp-2.4.3-make.patch Normal file
View File

@ -0,0 +1,91 @@
--- ppp-2.4.3/pppd/Makefile.linux.make 2004-11-13 13:02:22.000000000 +0100
+++ ppp-2.4.3/pppd/Makefile.linux 2004-11-22 15:46:49.871309478 +0100
@@ -30,10 +30,10 @@
include .depend
endif
-# CC = gcc
+CC = gcc
#
-COPTS = -O2 -pipe -Wall -g
-LIBS =
+COPTS = -Wall $(RPM_OPT_FLAGS)
+LIBS = -lutil
# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
@@ -61,8 +61,8 @@
USE_TDB=y
HAS_SHADOW=y
-#USE_PAM=y
-#HAVE_INET6=y
+USE_PAM=y
+HAVE_INET6=y
# Enable plugins
PLUGIN=y
--- ppp-2.4.3/pppd/plugins/Makefile.linux.make 2004-11-14 08:57:35.000000000 +0100
+++ ppp-2.4.3/pppd/plugins/Makefile.linux 2004-11-22 15:46:49.873309203 +0100
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
LDFLAGS = -shared
INSTALL = install
--- ppp-2.4.3/pppd/plugins/radius/Makefile.linux.make 2004-11-14 08:02:31.000000000 +0100
+++ ppp-2.4.3/pppd/plugins/radius/Makefile.linux 2004-11-22 15:49:08.858233692 +0100
@@ -12,7 +12,7 @@
INSTALL = install
PLUGIN=radius.so radattr.so radrealms.so
-CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
+CFLAGS=-I. -I../.. -I../../../include $(RPM_OPT_FLAGS) -DRC_LOG_FACILITY=LOG_DAEMON
# Uncomment the next line to include support for Microsoft's
# MS-CHAP authentication protocol.
--- ppp-2.4.3/pppd/plugins/rp-pppoe/Makefile.linux.make 2004-11-14 08:58:37.000000000 +0100
+++ ppp-2.4.3/pppd/plugins/rp-pppoe/Makefile.linux 2004-11-22 15:46:49.875308929 +0100
@@ -25,7 +25,7 @@
# Version is set ONLY IN THE MAKEFILE! Don't delete this!
RP_VERSION=3.8p
-COPTS=-O2 -g
+COPTS=$(RPM_OPT_FLAGS)
CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
all: rp-pppoe.so pppoe-discovery
--- ppp-2.4.3/pppdump/Makefile.linux.make 2004-10-31 02:36:52.000000000 +0200
+++ ppp-2.4.3/pppdump/Makefile.linux 2004-11-22 15:48:16.795379237 +0100
@@ -2,7 +2,7 @@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-CFLAGS= -O -I../include/net
+CFLAGS= $(RPM_OPT_FLAGS) -I../include/net
OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
INSTALL= install
--- ppp-2.4.3/pppstats/Makefile.linux.make 2004-10-31 23:09:03.000000000 +0100
+++ ppp-2.4.3/pppstats/Makefile.linux 2004-11-22 15:46:49.872309341 +0100
@@ -10,7 +10,7 @@
PPPSTATOBJS = pppstats.o
#CC = gcc
-COPTS = -O
+COPTS = $(RPM_OPT_FLAGS)
COMPILE_FLAGS = -I../include
LIBS =
--- ppp-2.4.3/chat/Makefile.linux.make 2004-11-03 12:51:47.000000000 +0100
+++ ppp-2.4.3/chat/Makefile.linux 2004-11-22 15:47:59.445760450 +0100
@@ -10,7 +10,7 @@
CDEF4= -DFNDELAY=O_NDELAY # Old name value
CDEFS= $(CDEF1) $(CDEF2) $(CDEF3) $(CDEF4)
-COPTS= -O2 -g -pipe
+COPTS= $(RPM_OPT_FLAGS)
CFLAGS= $(COPTS) $(CDEFS)
INSTALL= install

11
ppp-2.4.4-cbcp.patch Normal file
View File

@ -0,0 +1,11 @@
--- ppp-2.4.4/pppd/Makefile.linux.cbcp 2006-07-19 16:11:41.000000000 +0200
+++ ppp-2.4.4/pppd/Makefile.linux 2006-07-19 16:11:42.000000000 +0200
@@ -69,7 +69,7 @@
PLUGIN=y
# Enable Microsoft proprietary Callback Control Protocol
-#CBCP=y
+CBCP=y
# Enable EAP SRP-SHA1 authentication (requires libsrp)
#USE_SRP=y

615
ppp-2.4.4-fd_leak.patch Normal file
View File

@ -0,0 +1,615 @@
diff -up ppp-2.4.4/pppd/auth.c.fd_leak ppp-2.4.4/pppd/auth.c
--- ppp-2.4.4/pppd/auth.c.fd_leak 2006-06-18 13:26:00.000000000 +0200
+++ ppp-2.4.4/pppd/auth.c 2009-10-08 21:22:59.789547513 +0200
@@ -428,7 +428,7 @@ setupapfile(argv)
option_error("unable to reset uid before opening %s: %m", fname);
return 0;
}
- ufile = fopen(fname, "r");
+ ufile = fopen_r(fname);
if (seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
if (ufile == NULL) {
@@ -1414,7 +1414,7 @@ check_passwd(unit, auser, userlen, apass
filename = _PATH_UPAPFILE;
addrs = opts = NULL;
ret = UPAP_AUTHNAK;
- f = fopen(filename, "r");
+ f = fopen_r(filename);
if (f == NULL) {
error("Can't open PAP password file %s: %m", filename);
@@ -1511,7 +1511,7 @@ null_login(unit)
if (ret <= 0) {
filename = _PATH_UPAPFILE;
addrs = NULL;
- f = fopen(filename, "r");
+ f = fopen_r(filename);
if (f == NULL)
return 0;
check_access(f, filename);
@@ -1558,7 +1558,7 @@ get_pap_passwd(passwd)
}
filename = _PATH_UPAPFILE;
- f = fopen(filename, "r");
+ f = fopen_r(filename);
if (f == NULL)
return 0;
check_access(f, filename);
@@ -1596,7 +1596,7 @@ have_pap_secret(lacks_ipp)
}
filename = _PATH_UPAPFILE;
- f = fopen(filename, "r");
+ f = fopen_r(filename);
if (f == NULL)
return 0;
@@ -1641,7 +1641,7 @@ have_chap_secret(client, server, need_ip
}
filename = _PATH_CHAPFILE;
- f = fopen(filename, "r");
+ f = fopen_r(filename);
if (f == NULL)
return 0;
@@ -1683,7 +1683,7 @@ have_srp_secret(client, server, need_ip,
struct wordlist *addrs;
filename = _PATH_SRPFILE;
- f = fopen(filename, "r");
+ f = fopen_r(filename);
if (f == NULL)
return 0;
@@ -1739,7 +1739,7 @@ get_secret(unit, client, server, secret,
addrs = NULL;
secbuf[0] = 0;
- f = fopen(filename, "r");
+ f = fopen_r(filename);
if (f == NULL) {
error("Can't open chap secret file %s: %m", filename);
return 0;
@@ -1796,7 +1796,7 @@ get_srp_secret(unit, client, server, sec
filename = _PATH_SRPFILE;
addrs = NULL;
- fp = fopen(filename, "r");
+ fp = fopen_r(filename);
if (fp == NULL) {
error("Can't open srp secret file %s: %m", filename);
return 0;
@@ -2202,7 +2202,7 @@ scan_authfile(f, client, server, secret,
*/
if (word[0] == '@' && word[1] == '/') {
strlcpy(atfile, word+1, sizeof(atfile));
- if ((sf = fopen(atfile, "r")) == NULL) {
+ if ((sf = fopen_r(atfile)) == NULL) {
warn("can't open indirect secret file %s", atfile);
continue;
}
diff -up ppp-2.4.4/pppd/eap.c.fd_leak ppp-2.4.4/pppd/eap.c
--- ppp-2.4.4/pppd/eap.c.fd_leak 2004-11-09 23:39:25.000000000 +0100
+++ ppp-2.4.4/pppd/eap.c 2009-10-08 21:22:59.791544181 +0200
@@ -1226,7 +1226,7 @@ mode_t modebits;
if ((path = name_of_pn_file()) == NULL)
return (-1);
- fd = open(path, modebits, S_IRUSR | S_IWUSR);
+ fd = open_fd(path, modebits, S_IRUSR | S_IWUSR);
err = errno;
free(path);
errno = err;
diff -up ppp-2.4.4/pppd/main.c.fd_leak ppp-2.4.4/pppd/main.c
--- ppp-2.4.4/pppd/main.c.fd_leak 2009-10-08 21:22:59.769544859 +0200
+++ ppp-2.4.4/pppd/main.c 2009-10-08 21:30:32.356546561 +0200
@@ -201,6 +201,8 @@ int ngroups; /* How many groups valid
static struct timeval start_time; /* Time when link was started. */
+static int cloexec_works; /* controlls setting FD_CLOEXEC flag up */
+
static struct pppd_stats old_link_stats;
struct pppd_stats link_stats;
unsigned link_connect_time;
@@ -245,6 +247,7 @@ static void holdoff_end __P((void *));
static void forget_child __P((int pid, int status));
static int reap_kids __P((void));
static void childwait_end __P((void *));
+static void check_cloexec __P((int));
#ifdef USE_TDB
static void update_db_entry __P((void));
@@ -419,7 +422,7 @@ main(argc, argv)
die(0);
/* Make sure fds 0, 1, 2 are open to somewhere. */
- fd_devnull = open(_PATH_DEVNULL, O_RDWR);
+ fd_devnull = open_fd(_PATH_DEVNULL, O_RDWR);
if (fd_devnull < 0)
fatal("Couldn't open %s: %m", _PATH_DEVNULL);
while (fd_devnull <= 2) {
@@ -865,6 +866,104 @@ holdoff_end(arg)
new_phase(PHASE_DORMANT);
}
+
+/*
+ * check_cloexec - checks for FD_CLOEXEC flag and adds it if necessary
+ */
+static void
+check_cloexec(int fd)
+{
+ if (cloexec_works == 0) {
+ int fl = fcntl(fd, F_GETFD);
+ cloexec_works = (fl & FD_CLOEXEC) ? 1 : -1;
+ }
+ if (cloexec_works > 0)
+ return;
+ fcntl(fd, F_SETFD, FD_CLOEXEC);
+ return;
+}
+
+/*
+ * socket_fd - create an endpoint for communication. uses FD_CLOEXEC if supported
+ */
+int
+socket_fd(int domain, int type, int protocol)
+{
+ int fd;
+
+#ifdef SOCK_CLOEXEC
+ if (cloexec_works != -1)
+ type |= SOCK_CLOEXEC;
+#endif
+ fd = socket(domain, type, protocol);
+ if (fd == -1)
+ return -1;
+ check_cloexec(fd);
+ return fd;
+}
+
+/*
+ * open_fd - open file with FD_CLOEXEC flag
+ */
+int
+open_fd(const char *path, int flags)
+{
+ int fd;
+
+#if defined(O_CLOEXEC) && defined(SOCK_CLOEXEC)
+ if (cloexec_works != -1)
+ flags |= O_CLOEXEC;
+#endif
+ fd = open(path, flags);
+ if (fd == -1)
+ return -1;
+ check_cloexec(fd);
+ return fd;
+}
+
+/*
+ * open_fd_mmode - open file with FD_CLOEXEC flag
+ */
+int
+open_fd_mode(const char *path, int flags, int mode)
+{
+ int fd;
+
+#if defined(O_CLOEXEC) && defined(SOCK_CLOEXEC)
+ if (cloexec_works != -1)
+ flags |= O_CLOEXEC;
+#endif
+ fd = open(path, flags, mode);
+ if (fd == -1)
+ return -1;
+ check_cloexec(fd);
+ return fd;
+}
+
+/*
+ * fopen_r - open file with FD_CLOEXEC flag
+ */
+FILE *
+fopen_r(const char *path)
+{
+ FILE *f;
+
+#if defined(O_CLOEXEC) && defined(SOCK_CLOEXEC)
+ if (cloexec_works != -1) {
+ f = fopen(path, "re");
+ if (f != NULL) {
+ check_cloexec(fileno(f));
+ return f;
+ }
+ }
+#endif
+ f = fopen(path, "r");
+ if (f == NULL)
+ return NULL;
+ check_cloexec(fileno(f));
+ return f;
+}
+
/* List of protocol names, to make our messages a little more informative. */
struct protocol_list {
u_short proto;
@@ -1618,7 +1717,7 @@ device_script(program, in, out, dont_wai
if (log_to_fd >= 0)
errfd = log_to_fd;
else
- errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0600);
+ errfd = open_fd_mode(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0600);
++conn_running;
pid = safe_fork(in, out, errfd);
diff -up ppp-2.4.4/pppd/options.c.fd_leak ppp-2.4.4/pppd/options.c
--- ppp-2.4.4/pppd/options.c.fd_leak 2006-06-18 13:26:00.000000000 +0200
+++ ppp-2.4.4/pppd/options.c 2009-10-08 21:22:59.797544174 +0200
@@ -409,7 +409,7 @@ options_from_file(filename, must_exist,
option_error("unable to drop privileges to open %s: %m", filename);
return 0;
}
- f = fopen(filename, "r");
+ f = fopen_r(filename);
err = errno;
if (check_prot && seteuid(euid) == -1)
fatal("unable to regain privileges");
@@ -1528,9 +1528,9 @@ setlogfile(argv)
option_error("unable to drop permissions to open %s: %m", *argv);
return 0;
}
- fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644);
+ fd = open_fd_mode(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644);
if (fd < 0 && errno == EEXIST)
- fd = open(*argv, O_WRONLY | O_APPEND);
+ fd = open_fd(*argv, O_WRONLY | O_APPEND);
err = errno;
if (!privileged_option && seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
diff -up ppp-2.4.4/pppd/pppd.h.fd_leak ppp-2.4.4/pppd/pppd.h
--- ppp-2.4.4/pppd/pppd.h.fd_leak 2005-08-26 01:59:34.000000000 +0200
+++ ppp-2.4.4/pppd/pppd.h 2009-10-08 21:22:59.800544904 +0200
@@ -494,6 +494,10 @@ int ppp_send_config __P((int, int, u_in
int ppp_recv_config __P((int, int, u_int32_t, int, int));
const char *protocol_name __P((int));
void remove_pidfiles __P((void));
+int socket_fd __P((int, int, int));
+int open_fd __P((const char *, int));
+int open_fd_mode __P((const char *, int, int));
+FILE *fopen_r __P((const char *));
void lock_db __P((void));
void unlock_db __P((void));
diff -up ppp-2.4.4/pppd/sys-linux.c.fd_leak ppp-2.4.4/pppd/sys-linux.c
--- ppp-2.4.4/pppd/sys-linux.c.fd_leak 2009-10-08 21:22:59.778544744 +0200
+++ ppp-2.4.4/pppd/sys-linux.c 2009-10-08 21:22:59.803544377 +0200
@@ -308,12 +308,12 @@ static int modify_flags(int fd, int clea
void sys_init(void)
{
/* Get an internet socket for doing socket ioctls. */
- sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+ sock_fd = socket_fd(AF_INET, SOCK_DGRAM, 0);
if (sock_fd < 0)
fatal("Couldn't create IP socket: %m(%d)", errno);
#ifdef INET6
- sock6_fd = socket(AF_INET6, SOCK_DGRAM, 0);
+ sock6_fd = socket_fd(AF_INET6, SOCK_DGRAM, 0);
if (sock6_fd < 0)
sock6_fd = -errno; /* save errno for later */
#endif
@@ -459,7 +459,7 @@ int generic_establish_ppp (int fd)
goto err;
}
dbglog("using channel %d", chindex);
- fd = open("/dev/ppp", O_RDWR);
+ fd = open_fd("/dev/ppp", O_RDWR);
if (fd < 0) {
error("Couldn't reopen /dev/ppp: %m");
goto err;
@@ -619,7 +619,7 @@ static int make_ppp_unit()
dbglog("in make_ppp_unit, already had /dev/ppp open?");
close(ppp_dev_fd);
}
- ppp_dev_fd = open("/dev/ppp", O_RDWR);
+ ppp_dev_fd = open_fd("/dev/ppp", O_RDWR);
if (ppp_dev_fd < 0)
fatal("Couldn't open /dev/ppp: %m");
flags = fcntl(ppp_dev_fd, F_GETFL);
@@ -693,7 +693,7 @@ int bundle_attach(int ifnum)
if (!new_style_driver)
return -1;
- master_fd = open("/dev/ppp", O_RDWR);
+ master_fd = open_fd("/dev/ppp", O_RDWR);
if (master_fd < 0)
fatal("Couldn't open /dev/ppp: %m");
if (ioctl(master_fd, PPPIOCATTACH, &ifnum) < 0) {
@@ -1412,7 +1412,7 @@ static char *path_to_procfs(const char *
/* Default the mount location of /proc */
strlcpy (proc_path, "/proc", sizeof(proc_path));
proc_path_len = 5;
- fp = fopen(MOUNTED, "r");
+ fp = fopen_r(MOUNTED);
if (fp != NULL) {
while ((mntent = getmntent(fp)) != NULL) {
if (strcmp(mntent->mnt_type, MNTTYPE_IGNORE) == 0)
@@ -1472,7 +1472,7 @@ static int open_route_table (void)
close_route_table();
path = path_to_procfs("/net/route");
- route_fd = fopen (path, "r");
+ route_fd = fopen_r(path);
if (route_fd == NULL) {
error("can't open routing table %s: %m", path);
return 0;
@@ -1713,7 +1713,7 @@ int sifproxyarp (int unit, u_int32_t his
if (tune_kernel) {
forw_path = path_to_procfs("/sys/net/ipv4/ip_forward");
if (forw_path != 0) {
- int fd = open(forw_path, O_WRONLY);
+ int fd = open_fd(forw_path, O_WRONLY);
if (fd >= 0) {
if (write(fd, "1", 1) != 1)
error("Couldn't enable IP forwarding: %m");
@@ -1857,7 +1857,7 @@ get_if_hwaddr(u_char *addr, char *name)
struct ifreq ifreq;
int ret, sock_fd;
- sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+ sock_fd = socket_fd(AF_INET, SOCK_DGRAM, 0);
if (sock_fd < 0)
return 0;
memset(&ifreq.ifr_hwaddr, 0, sizeof(struct sockaddr));
@@ -2030,7 +2030,7 @@ int ppp_available(void)
sscanf(utsname.release, "%d.%d.%d", &osmaj, &osmin, &ospatch);
kernel_version = KVERSION(osmaj, osmin, ospatch);
- fd = open("/dev/ppp", O_RDWR);
+ fd = open_fd("/dev/ppp", O_RDWR);
if (fd >= 0) {
new_style_driver = 1;
@@ -2068,7 +2068,7 @@ int ppp_available(void)
/*
* Open a socket for doing the ioctl operations.
*/
- s = socket(AF_INET, SOCK_DGRAM, 0);
+ s = socket_fd(AF_INET, SOCK_DGRAM, 0);
if (s < 0)
return 0;
@@ -2318,7 +2318,7 @@ int sifaddr (int unit, u_int32_t our_adr
int fd;
path = path_to_procfs("/sys/net/ipv4/ip_dynaddr");
- if (path != 0 && (fd = open(path, O_WRONLY)) >= 0) {
+ if (path != 0 && (fd = open_fd(path, O_WRONLY)) >= 0) {
if (write(fd, "1", 1) != 1)
error("Couldn't enable dynamic IP addressing: %m");
close(fd);
@@ -2494,7 +2494,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
/*
* Try the unix98 way first.
*/
- mfd = open("/dev/ptmx", O_RDWR);
+ mfd = open_fd("/dev/ptmx", O_RDWR);
if (mfd >= 0) {
int ptn;
if (ioctl(mfd, TIOCGPTN, &ptn) >= 0) {
@@ -2505,7 +2505,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
if (ioctl(mfd, TIOCSPTLCK, &ptn) < 0)
warn("Couldn't unlock pty slave %s: %m", pty_name);
#endif
- if ((sfd = open(pty_name, O_RDWR | O_NOCTTY)) < 0)
+ if ((sfd = open_fd(pty_name, O_RDWR | O_NOCTTY)) < 0)
warn("Couldn't open pty slave %s: %m", pty_name);
}
}
@@ -2516,10 +2516,10 @@ get_pty(master_fdp, slave_fdp, slave_nam
for (i = 0; i < 64; ++i) {
slprintf(pty_name, sizeof(pty_name), "/dev/pty%c%x",
'p' + i / 16, i % 16);
- mfd = open(pty_name, O_RDWR, 0);
+ mfd = open_fd_mode(pty_name, O_RDWR, 0);
if (mfd >= 0) {
pty_name[5] = 't';
- sfd = open(pty_name, O_RDWR | O_NOCTTY, 0);
+ sfd = open_fd_mode(pty_name, O_RDWR | O_NOCTTY, 0);
if (sfd >= 0) {
fchown(sfd, uid, -1);
fchmod(sfd, S_IRUSR | S_IWUSR);
@@ -2784,7 +2784,7 @@ ether_to_eui64(eui64_t *p_eui64)
int skfd;
const unsigned char *ptr;
- skfd = socket(PF_INET6, SOCK_DGRAM, 0);
+ skfd = socket_fd(PF_INET6, SOCK_DGRAM, 0);
if(skfd == -1)
{
warn("could not open IPv6 socket");
diff -up ppp-2.4.4/pppd/tdb.c.fd_leak ppp-2.4.4/pppd/tdb.c
--- ppp-2.4.4/pppd/tdb.c.fd_leak 2004-11-13 08:13:07.000000000 +0100
+++ ppp-2.4.4/pppd/tdb.c 2009-10-08 21:22:59.806583590 +0200
@@ -1724,7 +1724,7 @@ TDB_CONTEXT *tdb_open_ex(const char *nam
goto internal;
}
- if ((tdb->fd = open(name, open_flags, mode)) == -1) {
+ if ((tdb->fd = open_fd_mode(name, open_flags, mode)) == -1) {
TDB_LOG((tdb, 5, "tdb_open_ex: could not open file %s: %s\n",
name, strerror(errno)));
goto fail; /* errno set by open(2) */
@@ -1967,7 +1967,7 @@ int tdb_reopen(TDB_CONTEXT *tdb)
}
if (close(tdb->fd) != 0)
TDB_LOG((tdb, 0, "tdb_reopen: WARNING closing tdb->fd failed!\n"));
- tdb->fd = open(tdb->name, tdb->open_flags & ~(O_CREAT|O_TRUNC), 0);
+ tdb->fd = open_fd_mode(tdb->name, tdb->open_flags & ~(O_CREAT|O_TRUNC), 0);
if (tdb->fd == -1) {
TDB_LOG((tdb, 0, "tdb_reopen: open failed (%s)\n", strerror(errno)));
goto fail;
diff -up ppp-2.4.4/pppd/tty.c.fd_leak ppp-2.4.4/pppd/tty.c
--- ppp-2.4.4/pppd/tty.c.fd_leak 2006-06-04 09:04:57.000000000 +0200
+++ ppp-2.4.4/pppd/tty.c 2009-10-08 21:22:59.809544300 +0200
@@ -569,7 +569,7 @@ int connect_tty()
status = EXIT_OPEN_FAILED;
goto errret;
}
- real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0);
+ real_ttyfd = open_fd_mode(devnam, O_NONBLOCK | O_RDWR, 0);
err = errno;
if (prio < OPRIO_ROOT && seteuid(0) == -1)
fatal("Unable to regain privileges");
@@ -723,7 +723,7 @@ int connect_tty()
if (connector == NULL && modem && devnam[0] != 0) {
int i;
for (;;) {
- if ((i = open(devnam, O_RDWR)) >= 0)
+ if ((i = open_fd(devnam, O_RDWR)) >= 0)
break;
if (errno != EINTR) {
error("Failed to reopen %s: %m", devnam);
@@ -896,7 +896,8 @@ open_socket(dest)
*sep = ':';
/* get a socket and connect it to the other end */
- sock = socket(PF_INET, SOCK_STREAM, 0);
+ //sock = socket(PF_INET, SOCK_STREAM, 0);
+ sock = socket_fd(PF_INET, SOCK_STREAM, 0);
if (sock < 0) {
error("Can't create socket: %m");
return -1;
diff -up ppp-2.4.4/pppd/utils.c.fd_leak ppp-2.4.4/pppd/utils.c
--- ppp-2.4.4/pppd/utils.c.fd_leak 2009-10-08 21:22:59.620325739 +0200
+++ ppp-2.4.4/pppd/utils.c 2009-10-08 21:22:59.811573725 +0200
@@ -931,14 +931,14 @@ lock(dev)
slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", LOCK_DIR, dev);
#endif
- while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) {
+ while ((fd = open_fd_mode(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) {
if (errno != EEXIST) {
error("Can't create lock file %s: %m", lock_file);
break;
}
/* Read the lock file to find out who has the device locked. */
- fd = open(lock_file, O_RDONLY, 0);
+ fd = open_fd_mode(lock_file, O_RDONLY, 0);
if (fd < 0) {
if (errno == ENOENT) /* This is just a timing problem. */
continue;
@@ -1017,7 +1017,7 @@ relock(pid)
if (lock_file[0] == 0)
return -1;
- fd = open(lock_file, O_WRONLY, 0);
+ fd = open_fd_mode(lock_file, O_WRONLY, 0);
if (fd < 0) {
error("Couldn't reopen lock file %s: %m", lock_file);
lock_file[0] = 0;
diff -up ppp-2.4.5/pppd/plugins/pppoatm/pppoatm.c.test ppp-2.4.5/pppd/plugins/pppoatm/pppoatm.c
--- ppp-2.4.5/pppd/plugins/pppoatm/pppoatm.c.test 2010-11-16 09:56:56.083707000 +0100
+++ ppp-2.4.5/pppd/plugins/pppoatm/pppoatm.c 2010-11-16 09:56:59.382707272 +0100
@@ -137,7 +137,11 @@ static int connect_pppoatm(void)
if (!device_got_set)
no_device_given_pppoatm();
+#ifdef SOCK_CLOEXEC
+ fd = socket(AF_ATMPVC, SOCK_DGRAM | SOCK_CLOEXEC, 0);
+#else
fd = socket(AF_ATMPVC, SOCK_DGRAM, 0);
+#endif
if (fd < 0)
fatal("failed to create socket: %m");
memset(&qos, 0, sizeof qos);
diff -up ppp-2.4.5/pppd/plugins/pppol2tp/openl2tp.c.test ppp-2.4.5/pppd/plugins/pppol2tp/openl2tp.c
--- ppp-2.4.5/pppd/plugins/pppol2tp/openl2tp.c.test 2010-11-16 09:58:17.499711288 +0100
+++ ppp-2.4.5/pppd/plugins/pppol2tp/openl2tp.c 2010-11-16 10:00:15.791706960 +0100
@@ -83,7 +83,11 @@ static int openl2tp_client_create(void)
int result;
if (openl2tp_fd < 0) {
+#ifdef SOCK_CLOEXEC
+ openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC, 0);
+#else
openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM, 0);
+#endif
if (openl2tp_fd < 0) {
error("openl2tp connection create: %m");
return -ENOTCONN;
diff -up ppp-2.4.5/pppd/plugins/pppol2tp/pppol2tp.c.test ppp-2.4.5/pppd/plugins/pppol2tp/pppol2tp.c
--- ppp-2.4.5/pppd/plugins/pppol2tp/pppol2tp.c.test 2010-11-16 09:57:44.448709467 +0100
+++ ppp-2.4.5/pppd/plugins/pppol2tp/pppol2tp.c 2010-11-16 09:59:32.877707001 +0100
@@ -208,7 +208,11 @@ static void send_config_pppol2tp(int mtu
struct ifreq ifr;
int fd;
+#ifdef SOCK_CLOEXEC
+ fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
+#else
fd = socket(AF_INET, SOCK_DGRAM, 0);
+#endif
if (fd >= 0) {
memset (&ifr, '\0', sizeof (ifr));
strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
diff -up ppp-2.4.5/pppd/plugins/rp-pppoe/if.c.test ppp-2.4.5/pppd/plugins/rp-pppoe/if.c
--- ppp-2.4.5/pppd/plugins/rp-pppoe/if.c.test 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5/pppd/plugins/rp-pppoe/if.c 2010-11-16 09:54:03.973706239 +0100
@@ -116,6 +116,10 @@ openInterface(char const *ifname, UINT16
stype = SOCK_PACKET;
#endif
+#ifdef SOCK_CLOEXEC
+ stype |= SOCK_CLOEXEC;
+#endif
+
if ((fd = socket(domain, stype, htons(type))) < 0) {
/* Give a more helpful message for the common error case */
if (errno == EPERM) {
diff -up ppp-2.4.5/pppd/plugins/rp-pppoe/plugin.c.test ppp-2.4.5/pppd/plugins/rp-pppoe/plugin.c
--- ppp-2.4.5/pppd/plugins/rp-pppoe/plugin.c.test 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5/pppd/plugins/rp-pppoe/plugin.c 2010-11-16 09:40:23.355707001 +0100
@@ -158,7 +158,11 @@ PPPOEConnectDevice(void)
ppp_session_number = ntohs(conn->session);
/* Make the session socket */
+#ifdef SOCK_CLOEXEC
+ conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM | SOCK_CLOEXEC, PX_PROTO_OE);
+#else
conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM, PX_PROTO_OE);
+#endif
if (conn->sessionSocket < 0) {
error("Failed to create PPPoE socket: %m");
goto errout;
@@ -289,7 +293,11 @@ PPPoEDevnameHook(char *cmd, char **argv,
}
/* Open a socket */
+#ifdef SOCK_CLOEXEC
+ if ((fd = socket(PF_PACKET, SOCK_RAW | SOCK_CLOEXEC, 0)) < 0) {
+#else
if ((fd = socket(PF_PACKET, SOCK_RAW, 0)) < 0) {
+#endif
r = 0;
}
diff -up ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.c.test ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.c
--- ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.c.test 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.c 2010-11-16 09:55:08.726707003 +0100
@@ -121,6 +121,10 @@ openInterface(char const *ifname, UINT16
stype = SOCK_PACKET;
#endif
+#ifdef SOCK_CLOEXEC
+ stype |= SOCK_CLOEXEC;
+#endif
+
if ((fd = socket(domain, stype, htons(type))) < 0) {
/* Give a more helpful message for the common error case */
if (errno == EPERM) {

89
ppp-2.4.4-lib64.patch Normal file
View File

@ -0,0 +1,89 @@
--- ppp-2.4.4/pppd/plugins/rp-pppoe/Makefile.linux.lib64 2006-07-24 20:43:40.000000000 +0200
+++ ppp-2.4.4/pppd/plugins/rp-pppoe/Makefile.linux 2006-07-24 20:44:56.000000000 +0200
@@ -15,7 +15,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
-LIBDIR = $(DESTDIR)/lib/pppd/$(PPPDVERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
--- ppp-2.4.4/pppd/plugins/radius/Makefile.linux.lib64 2006-07-24 20:43:40.000000000 +0200
+++ ppp-2.4.4/pppd/plugins/radius/Makefile.linux 2006-07-24 20:44:45.000000000 +0200
@@ -5,7 +5,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
--- ppp-2.4.4/pppd/plugins/pppoatm/Makefile.linux.lib64 2004-11-14 02:12:10.000000000 +0100
+++ ppp-2.4.4/pppd/plugins/pppoatm/Makefile.linux 2006-07-24 20:44:29.000000000 +0200
@@ -6,8 +6,8 @@
#***********************************************************************
-DESTDIR = $(INSTROOT)@DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+DESTDIR = $(INSTROOT)@DESTDIR@
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
--- ppp-2.4.4/pppd/plugins/Makefile.linux.lib64 2006-07-24 20:43:40.000000000 +0200
+++ ppp-2.4.4/pppd/plugins/Makefile.linux 2006-07-24 20:43:40.000000000 +0200
@@ -7,7 +7,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell $(CC) -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
SUBDIRS := rp-pppoe pppoatm pppol2tp
# Uncomment the next line to include the radius authentication plugin
--- ppp-2.4.4/pppd/Makefile.linux.lib64 2006-07-24 20:43:40.000000000 +0200
+++ ppp-2.4.4/pppd/Makefile.linux 2006-07-24 20:43:40.000000000 +0200
@@ -8,6 +8,7 @@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
INCDIR = $(DESTDIR)/include
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)
TARGETS = pppd
@@ -32,7 +33,7 @@
CC = gcc
#
-COPTS = -Wall $(RPM_OPT_FLAGS)
+COPTS = -Wall $(RPM_OPT_FLAGS) -DLIBDIR=\""$(LIBDIR)"\"
LIBS = -lutil
# Uncomment the next 2 lines to include support for Microsoft's
--- ppp-2.4.4/pppd/pathnames.h.lib64 2005-08-26 01:59:34.000000000 +0200
+++ ppp-2.4.4/pppd/pathnames.h 2006-07-24 20:43:40.000000000 +0200
@@ -57,7 +57,7 @@
#ifdef PLUGIN
#ifdef __STDC__
-#define _PATH_PLUGIN DESTDIR "/lib/pppd/" VERSION
+#define _PATH_PLUGIN LIBDIR "/pppd/" VERSION
#else /* __STDC__ */
#define _PATH_PLUGIN "/usr/lib/pppd"
#endif /* __STDC__ */
--- ppp-2.4.5/pppd/plugins/pppol2tp/Makefile.linux.lib64 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5/pppd/plugins/pppol2tp/Makefile.linux 2010-08-05 16:33:53.964898629 +0200
@@ -6,8 +6,8 @@
#***********************************************************************
-DESTDIR = @DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+DESTDIR = $(INSTROOT)@DESTDIR@
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)

186
ppp-2.4.4-no_strip.patch Normal file
View File

@ -0,0 +1,186 @@
--- ppp-2.4.4/pppd/Makefile.linux.make.no_strip 2006-06-04 07:07:46.000000000 +0200
+++ ppp-2.4.4/pppd/Makefile.linux.make 2006-07-19 14:29:41.000000000 +0200
@@ -99,7 +99,7 @@
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
TARGETS += srp-entry
-EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
EXTRACLEAN += srp-entry.o
NEEDDES=y
@@ -200,7 +200,7 @@
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
--- ppp-2.4.4/pppd/Makefile.linux.no_strip 2006-07-19 14:29:41.000000000 +0200
+++ ppp-2.4.4/pppd/Makefile.linux 2006-07-19 14:29:41.000000000 +0200
@@ -100,7 +100,7 @@
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
TARGETS += srp-entry
-EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
EXTRACLEAN += srp-entry.o
NEEDDES=y
@@ -201,7 +201,7 @@
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
--- ppp-2.4.4/pppd/plugins/radius/Makefile.linux.make.no_strip 2006-06-04 07:04:14.000000000 +0200
+++ ppp-2.4.4/pppd/plugins/radius/Makefile.linux.make 2006-07-19 14:29:41.000000000 +0200
@@ -36,9 +36,9 @@
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radius.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radattr.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radrealms.so $(LIBDIR)
$(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
--- ppp-2.4.4/pppd/plugins/radius/Makefile.linux.no_strip 2006-07-19 14:29:41.000000000 +0200
+++ ppp-2.4.4/pppd/plugins/radius/Makefile.linux 2006-07-19 14:29:41.000000000 +0200
@@ -36,9 +36,9 @@
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radius.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radattr.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radrealms.so $(LIBDIR)
$(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
--- ppp-2.4.4/pppd/plugins/rp-pppoe/Makefile.linux.no_strip 2006-07-19 14:29:41.000000000 +0200
+++ ppp-2.4.4/pppd/plugins/rp-pppoe/Makefile.linux 2006-07-19 14:29:41.000000000 +0200
@@ -43,9 +43,9 @@
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR)
+ $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
$(INSTALL) -d -m 755 $(BINDIR)
- $(INSTALL) -s -c -m 555 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
clean:
rm -f *.o *.so pppoe-discovery
--- ppp-2.4.4/pppd/Makefile.linux.lib64.no_strip 2006-07-19 14:29:41.000000000 +0200
+++ ppp-2.4.4/pppd/Makefile.linux.lib64 2006-07-19 14:29:41.000000000 +0200
@@ -99,7 +99,7 @@
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
TARGETS += srp-entry
-EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
EXTRACLEAN += srp-entry.o
NEEDDES=y
@@ -200,7 +200,7 @@
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
--- ppp-2.4.4/pppd/Makefile.linux.pie.no_strip 2006-07-19 14:29:41.000000000 +0200
+++ ppp-2.4.4/pppd/Makefile.linux.pie 2006-07-19 14:29:41.000000000 +0200
@@ -100,7 +100,7 @@
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
TARGETS += srp-entry
-EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
EXTRACLEAN += srp-entry.o
NEEDDES=y
@@ -201,7 +201,7 @@
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
--- ppp-2.4.4/pppdump/Makefile.linux.make.no_strip 2006-06-04 07:04:14.000000000 +0200
+++ ppp-2.4.4/pppdump/Makefile.linux.make 2006-07-19 14:29:41.000000000 +0200
@@ -17,5 +17,5 @@
install:
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c pppdump $(BINDIR)
+ $(INSTALL) -c pppdump $(BINDIR)
$(INSTALL) -c -m 444 pppdump.8 $(MANDIR)
--- ppp-2.4.4/pppdump/Makefile.linux.no_strip 2006-07-19 14:29:41.000000000 +0200
+++ ppp-2.4.4/pppdump/Makefile.linux 2006-07-19 14:29:41.000000000 +0200
@@ -17,5 +17,5 @@
install:
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c pppdump $(BINDIR)
+ $(INSTALL) -c pppdump $(BINDIR)
$(INSTALL) -c -m 444 pppdump.8 $(MANDIR)
--- ppp-2.4.4/pppstats/Makefile.linux.make.no_strip 2006-06-04 07:07:46.000000000 +0200
+++ ppp-2.4.4/pppstats/Makefile.linux.make 2006-07-19 14:29:41.000000000 +0200
@@ -22,7 +22,7 @@
install: pppstats
-mkdir -p $(MANDIR)
- $(INSTALL) -s -c pppstats $(BINDIR)
+ $(INSTALL) -c pppstats $(BINDIR)
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)
--- ppp-2.4.4/pppstats/Makefile.linux.no_strip 2006-07-19 14:29:41.000000000 +0200
+++ ppp-2.4.4/pppstats/Makefile.linux 2006-07-19 14:29:41.000000000 +0200
@@ -22,7 +22,7 @@
install: pppstats
-mkdir -p $(MANDIR)
- $(INSTALL) -s -c pppstats $(BINDIR)
+ $(INSTALL) -c pppstats $(BINDIR)
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)
--- ppp-2.4.4/chat/Makefile.linux.make.no_strip 2006-06-04 07:07:46.000000000 +0200
+++ ppp-2.4.4/chat/Makefile.linux.make 2006-07-19 14:30:26.000000000 +0200
@@ -25,7 +25,7 @@
install: chat
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c chat $(BINDIR)
+ $(INSTALL) -c chat $(BINDIR)
$(INSTALL) -c -m 644 chat.8 $(MANDIR)
clean:
--- ppp-2.4.4/chat/Makefile.linux.no_strip 2006-07-19 14:29:41.000000000 +0200
+++ ppp-2.4.4/chat/Makefile.linux 2006-07-19 14:31:11.000000000 +0200
@@ -25,7 +25,7 @@
install: chat
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c chat $(BINDIR)
+ $(INSTALL) -c chat $(BINDIR)
$(INSTALL) -c -m 644 chat.8 $(MANDIR)
clean:

429
0017-pppd-rebase-EAP-TLS-patch-v0.994.patch → ppp-2.4.5-eaptls-mppe-0.99.patch
View File

@ -1,43 +1,6 @@
From 044a5b1e5d878c519143b71a44b3d5b0ca91de3b Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 14:56:56 +0200
Subject: [PATCH 17/27] pppd: rebase EAP-TLS patch v0.994
---
README.eap-tls | 169 +++++++
etc.ppp/eaptls-client | 10 +
etc.ppp/eaptls-server | 11 +
etc.ppp/openssl.cnf | 14 +
linux/Makefile.top | 6 +-
pppd/Makefile.linux | 12 +
pppd/auth.c | 414 ++++++++++++++-
pppd/ccp.c | 20 +-
pppd/chap-md5.c | 4 +
pppd/eap-tls.c | 1174 +++++++++++++++++++++++++++++++++++++++++++
pppd/eap-tls.h | 107 ++++
pppd/eap.c | 462 ++++++++++++++++-
pppd/eap.h | 32 +-
pppd/md5.c | 3 +
pppd/md5.h | 3 +
pppd/options.c | 10 +
pppd/pathnames.h | 7 +
pppd/plugins/Makefile.linux | 3 +
pppd/plugins/passprompt.c | 3 +
pppd/plugins/passwordfd.c | 4 +
pppd/pppd.h | 8 +
21 files changed, 2461 insertions(+), 15 deletions(-)
create mode 100644 README.eap-tls
create mode 100644 etc.ppp/eaptls-client
create mode 100644 etc.ppp/eaptls-server
create mode 100644 etc.ppp/openssl.cnf
create mode 100644 pppd/eap-tls.c
create mode 100644 pppd/eap-tls.h
diff --git a/README.eap-tls b/README.eap-tls
new file mode 100644
index 0000000..0a4fee9
--- /dev/null
+++ b/README.eap-tls
diff -Naur ppp-2.4.5/README.eap-tls ppp-2.4.5-eaptls-mppe-0.99/README.eap-tls
--- ppp-2.4.5/README.eap-tls 1970-01-01 01:00:00.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/README.eap-tls 2010-10-01 15:17:54.205272328 +0200
@@ -0,0 +1,169 @@
+EAP-TLS authentication support for PPP
+======================================
@ -208,11 +171,9 @@ index 0000000..0a4fee9
+ This is experimental code.
+ Send suggestions and comments to Jan Just Keijser <janjust@nikhef.nl>
+
diff --git a/etc.ppp/eaptls-client b/etc.ppp/eaptls-client
new file mode 100644
index 0000000..7782f0e
--- /dev/null
+++ b/etc.ppp/eaptls-client
diff -Naur ppp-2.4.5/etc.ppp/eaptls-client ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-client
--- ppp-2.4.5/etc.ppp/eaptls-client 1970-01-01 01:00:00.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-client 2010-10-01 15:17:54.205272328 +0200
@@ -0,0 +1,10 @@
+# Parameters for authentication using EAP-TLS (client)
+
@ -224,11 +185,9 @@ index 0000000..7782f0e
+# client private key file (required)
+
+#client server /root/cert/client.crt - /root/cert/ca.crt /root/cert/client.key
diff --git a/etc.ppp/eaptls-server b/etc.ppp/eaptls-server
new file mode 100644
index 0000000..fa53cbd
--- /dev/null
+++ b/etc.ppp/eaptls-server
diff -Naur ppp-2.4.5/etc.ppp/eaptls-server ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-server
--- ppp-2.4.5/etc.ppp/eaptls-server 1970-01-01 01:00:00.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-server 2010-10-01 15:17:54.205272328 +0200
@@ -0,0 +1,11 @@
+# Parameters for authentication using EAP-TLS (server)
+
@ -241,11 +200,9 @@ index 0000000..fa53cbd
+# allowed addresses (required, can be *)
+
+#client server - /root/cert/server.crt /root/cert/ca.crt /root/cert/server.key 192.168.1.0/24
diff --git a/etc.ppp/openssl.cnf b/etc.ppp/openssl.cnf
new file mode 100644
index 0000000..dd32f30
--- /dev/null
+++ b/etc.ppp/openssl.cnf
diff -Naur ppp-2.4.5/etc.ppp/openssl.cnf ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/openssl.cnf
--- ppp-2.4.5/etc.ppp/openssl.cnf 1970-01-01 01:00:00.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/openssl.cnf 2010-10-01 15:17:54.206272162 +0200
@@ -0,0 +1,14 @@
+openssl_conf = openssl_def
+
@ -261,11 +218,10 @@ index 0000000..dd32f30
+MODULE_PATH = /usr/lib64/libeTPkcs11.so
+init = 0
+
diff --git a/linux/Makefile.top b/linux/Makefile.top
index f42efd5..9a8945a 100644
--- a/linux/Makefile.top
+++ b/linux/Makefile.top
@@ -28,7 +28,7 @@ install-progs:
diff -Naur ppp-2.4.5/linux/Makefile.top ppp-2.4.5-eaptls-mppe-0.99/linux/Makefile.top
--- ppp-2.4.5/linux/Makefile.top 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/linux/Makefile.top 2010-10-01 15:17:54.206272162 +0200
@@ -26,7 +26,7 @@
cd pppdump; $(MAKE) $(MFLAGS) install
install-etcppp: $(ETCDIR) $(ETCDIR)/options $(ETCDIR)/pap-secrets \
@ -274,7 +230,7 @@ index f42efd5..9a8945a 100644
install-devel:
cd pppd; $(MAKE) $(MFLAGS) install-devel
@@ -39,6 +39,10 @@ $(ETCDIR)/pap-secrets:
@@ -37,6 +37,10 @@
$(INSTALL) -c -m 600 etc.ppp/pap-secrets $@
$(ETCDIR)/chap-secrets:
$(INSTALL) -c -m 600 etc.ppp/chap-secrets $@
@ -285,21 +241,20 @@ index f42efd5..9a8945a 100644
$(BINDIR):
$(INSTALL) -d -m 755 $@
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 65700fa..53df4d2 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -76,6 +76,9 @@ CBCP=y
# Use libutil
USE_LIBUTIL=y
diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.99/pppd/Makefile.linux
--- ppp-2.4.5/pppd/Makefile.linux 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/Makefile.linux 2010-10-01 15:17:54.207272272 +0200
@@ -73,6 +73,9 @@
# Enable EAP SRP-SHA1 authentication (requires libsrp)
#USE_SRP=y
+# Enable EAP-TLS authentication (requires libssl and libcrypto)
+# Enable EAP-TLS authentication (requires libssl and libcurl)
+USE_EAPTLS=y
+
MAXOCTETS=y
INCLUDE_DIRS= -I../include
@@ -115,6 +118,15 @@ HEADERS += sha1.h
@@ -112,6 +115,15 @@
PPPDOBJS += sha1.o
endif
@ -315,10 +270,9 @@ index 65700fa..53df4d2 100644
ifdef HAS_SHADOW
CFLAGS += -DHAS_SHADOW
#LIBS += -lshadow $(LIBS)
diff --git a/pppd/auth.c b/pppd/auth.c
index 9e957fa..88cbdb6 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
diff -Naur ppp-2.4.5/pppd/auth.c ppp-2.4.5-eaptls-mppe-0.99/pppd/auth.c
--- ppp-2.4.5/pppd/auth.c 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/auth.c 2010-10-01 15:17:54.210272021 +0200
@@ -109,6 +109,9 @@
#include "upap.h"
#include "chap-new.h"
@ -329,19 +283,20 @@ index 9e957fa..88cbdb6 100644
#ifdef CBCP_SUPPORT
#include "cbcp.h"
#endif
@@ -183,6 +186,11 @@ int (*chap_check_hook) __P((void)) = NULL;
@@ -183,6 +186,12 @@
/* Hook for a plugin to get the CHAP password for authenticating us */
int (*chap_passwd_hook) __P((char *user, char *passwd)) = NULL;
+#ifdef USE_EAPTLS
+/* Hook for a plugin to get the EAP-TLS password for authenticating us */
+int (*eaptls_passwd_hook) __P((char *user, char *passwd)) = NULL;
+int (*eaptls_check_hook) __P((void)) = NULL;
+#endif
+
/* Hook for a plugin to say whether it is OK if the peer
refuses to authenticate. */
int (*null_auth_hook) __P((struct wordlist **paddrs,
@@ -238,6 +246,13 @@ bool explicit_remote = 0; /* User specified explicit remote name */
@@ -238,6 +246,13 @@
bool explicit_user = 0; /* Set if "user" option supplied */
bool explicit_passwd = 0; /* Set if "password" option supplied */
char remote_name[MAXNAMELEN]; /* Peer's name for authentication */
@ -355,7 +310,7 @@ index 9e957fa..88cbdb6 100644
static char *uafname; /* name of most recent +ua file */
@@ -254,6 +269,19 @@ static int have_pap_secret __P((int *));
@@ -254,6 +269,19 @@
static int have_chap_secret __P((char *, char *, int, int *));
static int have_srp_secret __P((char *client, char *server, int need_ip,
int *lacks_ipp));
@ -375,7 +330,7 @@ index 9e957fa..88cbdb6 100644
static int ip_addr_check __P((u_int32_t, struct permitted_ip *));
static int scan_authfile __P((FILE *, char *, char *, char *,
struct wordlist **, struct wordlist **,
@@ -401,6 +429,14 @@ option_t auth_options[] = {
@@ -401,6 +429,14 @@
"Set telephone number(s) which are allowed to connect",
OPT_PRIV | OPT_A2LIST },
@ -390,7 +345,7 @@ index 9e957fa..88cbdb6 100644
{ NULL }
};
@@ -730,6 +766,9 @@ link_established(unit)
@@ -731,6 +767,9 @@
lcp_options *wo = &lcp_wantoptions[unit];
lcp_options *go = &lcp_gotoptions[unit];
lcp_options *ho = &lcp_hisoptions[unit];
@ -400,7 +355,7 @@ index 9e957fa..88cbdb6 100644
int i;
struct protent *protp;
@@ -764,6 +803,22 @@ link_established(unit)
@@ -765,6 +804,22 @@
}
}
@ -423,25 +378,7 @@ index 9e957fa..88cbdb6 100644
new_phase(PHASE_AUTHENTICATE);
auth = 0;
if (go->neg_eap) {
@@ -1117,7 +1172,7 @@ np_down(unit, proto)
UNTIMEOUT(connect_time_expired, NULL);
#ifdef MAXOCTETS
UNTIMEOUT(check_maxoctets, NULL);
-#endif
+#endif
new_phase(PHASE_NETWORK);
}
}
@@ -1144,7 +1199,7 @@ check_maxoctets(arg)
update_link_stats(ifunit);
link_stats_valid=0;
-
+
switch(maxoctets_dir) {
case PPP_OCTETS_DIRECTION_IN:
used = link_stats.bytes_in;
@@ -1277,6 +1332,15 @@ auth_check_options()
@@ -1278,6 +1333,15 @@
our_name, 1, &lacks_ip);
}
@ -457,7 +394,7 @@ index 9e957fa..88cbdb6 100644
if (auth_required && !can_auth && noauth_addrs == NULL) {
if (default_auth) {
option_error(
@@ -1331,7 +1395,11 @@ auth_reset(unit)
@@ -1332,7 +1396,11 @@
passwd[0] != 0 ||
(hadchap == 1 || (hadchap == -1 && have_chap_secret(user,
(explicit_remote? remote_name: NULL), 0, NULL))) ||
@ -470,7 +407,7 @@ index 9e957fa..88cbdb6 100644
hadchap = -1;
if (go->neg_upap && !uselogin && !have_pap_secret(NULL))
@@ -1346,8 +1414,14 @@ auth_reset(unit)
@@ -1347,8 +1415,14 @@
!have_chap_secret((explicit_remote? remote_name: NULL), our_name,
1, NULL))) &&
!have_srp_secret((explicit_remote? remote_name: NULL), our_name, 1,
@ -486,7 +423,7 @@ index 9e957fa..88cbdb6 100644
}
@@ -1707,6 +1781,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp)
@@ -1706,6 +1780,7 @@
}
@ -494,7 +431,7 @@ index 9e957fa..88cbdb6 100644
/*
* get_secret - open the CHAP secret file and return the secret
* for authenticating the given client on the given server.
@@ -2359,3 +2434,334 @@ auth_script(script)
@@ -2358,3 +2433,335 @@
auth_script_pid = run_program(script, argv, 0, auth_script_done, NULL, 0);
}
@ -797,7 +734,7 @@ index 9e957fa..88cbdb6 100644
+ {
+ error("Can't open eap-tls secret file %s: %m", filename);
+ return 0;
+ }
+ }
+
+ check_access(fp, filename);
+
@ -814,9 +751,9 @@ index 9e957fa..88cbdb6 100644
+ dbglog( "Calling eaptls password hook" );
+ if ( (*eaptls_passwd_hook)(pkfile, passwd) < 0)
+ {
+ error("Unable to obtain EAP-TLS password for %s (%s) from plugin",
+ client, pkfile);
+ return 0;
+ error("Unable to obtain EAP-TLS password for %s (%s) from plugin",
+ client, pkfile);
+ return 0;
+ }
+ }
+ if (am_server)
@ -829,11 +766,11 @@ index 9e957fa..88cbdb6 100644
+ return 1;
+}
+#endif
diff --git a/pppd/ccp.c b/pppd/ccp.c
index 5814f35..7dead23 100644
--- a/pppd/ccp.c
+++ b/pppd/ccp.c
@@ -540,6 +540,9 @@ ccp_resetci(f)
+
diff -Naur ppp-2.4.5/pppd/ccp.c ppp-2.4.5-eaptls-mppe-0.99/pppd/ccp.c
--- ppp-2.4.5/pppd/ccp.c 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/ccp.c 2010-10-01 15:17:54.211272258 +0200
@@ -540,6 +540,9 @@
if (go->mppe) {
ccp_options *ao = &ccp_allowoptions[f->unit];
int auth_mschap_bits = auth_done[f->unit];
@ -843,7 +780,7 @@ index 5814f35..7dead23 100644
int numbits;
/*
@@ -567,8 +570,23 @@ ccp_resetci(f)
@@ -567,8 +570,23 @@
lcp_close(f->unit, "MPPE required but not available");
return;
}
@ -868,10 +805,9 @@ index 5814f35..7dead23 100644
lcp_close(f->unit, "MPPE required but not available");
return;
}
diff --git a/pppd/chap-md5.c b/pppd/chap-md5.c
index 77dd4ec..269b52c 100644
--- a/pppd/chap-md5.c
+++ b/pppd/chap-md5.c
diff -Naur ppp-2.4.5/pppd/chap-md5.c ppp-2.4.5-eaptls-mppe-0.99/pppd/chap-md5.c
--- ppp-2.4.5/pppd/chap-md5.c 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/chap-md5.c 2010-10-01 15:17:54.212272142 +0200
@@ -36,7 +36,11 @@
#include "chap-new.h"
#include "chap-md5.h"
@ -884,11 +820,9 @@ index 77dd4ec..269b52c 100644
#define MD5_HASH_SIZE 16
#define MD5_MIN_CHALLENGE 16
diff --git a/pppd/eap-tls.c b/pppd/eap-tls.c
new file mode 100644
index 0000000..a3aea5a
--- /dev/null
+++ b/pppd/eap-tls.c
diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.c
--- ppp-2.4.5/pppd/eap-tls.c 1970-01-01 01:00:00.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.c 2010-10-05 15:12:45.881615580 +0200
@@ -0,0 +1,1174 @@
+/*
+ * eap-tls.c - EAP-TLS implementation for PPP
@ -2064,11 +1998,9 @@ index 0000000..a3aea5a
+ dbglog("%s", string);
+}
+
diff --git a/pppd/eap-tls.h b/pppd/eap-tls.h
new file mode 100644
index 0000000..2d45a0b
--- /dev/null
+++ b/pppd/eap-tls.h
diff -Naur ppp-2.4.5/pppd/eap-tls.h ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.h
--- ppp-2.4.5/pppd/eap-tls.h 1970-01-01 01:00:00.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.h 2010-10-01 15:17:54.213271816 +0200
@@ -0,0 +1,107 @@
+/*
+ * eap-tls.h
@ -2177,10 +2109,9 @@ index 0000000..2d45a0b
+#endif
+
+#endif
diff --git a/pppd/eap.c b/pppd/eap.c
index faced53..e2270af 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
diff -Naur ppp-2.4.5/pppd/eap.c ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.c
--- ppp-2.4.5/pppd/eap.c 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.c 2010-01-29 16:31:29.000000000 +0100
@@ -43,6 +43,11 @@
* Based on draft-ietf-pppext-eap-srp-03.txt.
*/
@ -2207,7 +2138,7 @@ index faced53..e2270af 100644
#ifdef USE_SRP
#include <t_pwd.h>
@@ -209,6 +218,9 @@ int unit;
@@ -209,6 +218,9 @@
esp->es_server.ea_id = (u_char)(drand48() * 0x100);
esp->es_client.ea_timeout = EAP_DEFREQTIME;
esp->es_client.ea_maxrequests = EAP_DEFALLOWREQ;
@ -2217,25 +2148,7 @@ index faced53..e2270af 100644
}
/*
@@ -268,7 +280,7 @@ eap_state *esp;
u_char *outp;
outp = outpacket_buf;
-
+
MAKEHEADER(outp, PPP_EAP);
PUTCHAR(EAP_FAILURE, outp);
@@ -293,7 +305,7 @@ eap_state *esp;
u_char *outp;
outp = outpacket_buf;
-
+
MAKEHEADER(outp, PPP_EAP);
PUTCHAR(EAP_SUCCESS, outp);
@@ -436,8 +448,16 @@ int status;
@@ -436,8 +448,16 @@
u_char vals[2];
struct b64state bs;
#endif /* USE_SRP */
@ -2252,7 +2165,7 @@ index faced53..e2270af 100644
switch (esp->es_server.ea_state) {
case eapBadAuth:
return;
@@ -562,9 +582,81 @@ int status;
@@ -562,9 +582,81 @@
break;
}
#endif /* USE_SRP */
@ -2281,7 +2194,7 @@ index faced53..e2270af 100644
+
+ case eapTlsRecv:
+ ets = (struct eaptls_session *) esp->es_server.ea_session;
+
+
+ if(ets->alert_sent) {
+ esp->es_server.ea_state = eapTlsSendAlert;
+ break;
@ -2289,7 +2202,7 @@ index faced53..e2270af 100644
+
+ if (status) {
+ esp->es_server.ea_state = eapBadAuth;
+ break;
+ break;
+ }
+ ets = (struct eaptls_session *) esp->es_server.ea_session;
+
@ -2303,14 +2216,14 @@ index faced53..e2270af 100644
+ ets = (struct eaptls_session *) esp->es_server.ea_session;
+
+ if(SSL_is_init_finished(ets->ssl)) {
+ esp->es_server.ea_state = eapTlsRecvClient;
+ esp->es_server.ea_state = eapTlsRecvClient;
+ break;
+ }
+
+ if(ets->frag)
+ esp->es_server.ea_state = eapTlsRecvAck;
+ else
+ esp->es_server.ea_state = eapTlsRecv;
+ esp->es_server.ea_state = eapTlsRecv;
+ break;
+
+ case eapTlsSendAck:
@ -2334,16 +2247,7 @@ index faced53..e2270af 100644
case eapSRP1:
#ifdef USE_SRP
ts = (struct t_server *)esp->es_server.ea_session;
@@ -681,7 +773,7 @@ eap_state *esp;
}
outp = outpacket_buf;
-
+
MAKEHEADER(outp, PPP_EAP);
PUTCHAR(EAP_REQUEST, outp);
@@ -718,6 +810,30 @@ eap_state *esp;
@@ -718,6 +810,30 @@
INCPTR(esp->es_server.ea_namelen, outp);
break;
@ -2374,7 +2278,7 @@ index faced53..e2270af 100644
#ifdef USE_SRP
case eapSRP1:
PUTCHAR(EAPT_SRP, outp);
@@ -904,11 +1020,57 @@ static void
@@ -904,11 +1020,57 @@
eap_server_timeout(arg)
void *arg;
{
@ -2392,10 +2296,10 @@ index faced53..e2270af 100644
+#ifdef USE_EAPTLS
+ switch(esp->es_server.ea_prev_state) {
+
+ /*
+ /*
+ * In eap-tls the state changes after a request, so we return to
+ * previous state ...
+ */
+ */
+ case(eapTlsStart):
+ case(eapTlsSendAck):
+ esp->es_server.ea_state = esp->es_server.ea_prev_state;
@ -2432,34 +2336,7 @@ index faced53..e2270af 100644
/* EAP ID number must not change on timeout. */
eap_send_request(esp);
}
@@ -1081,7 +1243,7 @@ int namelen;
int msglen;
outp = outpacket_buf;
-
+
MAKEHEADER(outp, PPP_EAP);
PUTCHAR(EAP_RESPONSE, outp);
@@ -1117,7 +1279,7 @@ int lenstr;
int msglen;
outp = outpacket_buf;
-
+
MAKEHEADER(outp, PPP_EAP);
PUTCHAR(EAP_RESPONSE, outp);
@@ -1148,7 +1310,7 @@ u_char *str;
int msglen;
outp = outpacket_buf;
-
+
MAKEHEADER(outp, PPP_EAP);
PUTCHAR(EAP_RESPONSE, outp);
@@ -1166,6 +1328,81 @@ u_char *str;
@@ -1166,6 +1328,81 @@
}
#endif /* USE_SRP */
@ -2475,7 +2352,7 @@ index faced53..e2270af 100644
+ u_char *outp;
+ int outlen;
+ u_char *lenloc;
+
+
+ outp = outpacket_buf;
+
+ MAKEHEADER(outp, PPP_EAP);
@ -2484,7 +2361,7 @@ index faced53..e2270af 100644
+ PUTCHAR(id, outp);
+
+ lenloc = outp;
+ INCPTR(2, outp);
+ INCPTR(2, outp);
+
+ /*
+ If the id in the request is unchanged, we must retransmit
@ -2541,7 +2418,7 @@ index faced53..e2270af 100644
static void
eap_send_nak(esp, id, type)
eap_state *esp;
@@ -1320,6 +1557,11 @@ int len;
@@ -1320,6 +1557,11 @@
char rhostname[256];
MD5_CTX mdContext;
u_char hash[MD5_SIGNATURE_SIZE];
@ -2553,7 +2430,7 @@ index faced53..e2270af 100644
#ifdef USE_SRP
struct t_client *tc;
struct t_num sval, gval, Nval, *Ap, Bval;
@@ -1456,6 +1698,90 @@ int len;
@@ -1456,6 +1698,90 @@
esp->es_client.ea_namelen);
break;
@ -2561,20 +2438,20 @@ index faced53..e2270af 100644
+ case EAPT_TLS:
+
+ switch(esp->es_client.ea_state) {
+
+
+ case eapListen:
+
+ GETCHAR(flags, inp);
+ if(flags & EAP_TLS_FLAGS_START){
+
+ esp->es_client.ea_using_eaptls = 1;
+ esp->es_client.ea_using_eaptls = 1;
+
+ if (explicit_remote){
+ esp->es_client.ea_peer = strdup(remote_name);
+ esp->es_client.ea_peerlen = strlen(remote_name);
+ } else
+ esp->es_client.ea_peer = NULL;
+
+
+ /* Init ssl session */
+ if(!eaptls_init_ssl_client(esp)) {
+ dbglog("cannot init ssl");
@ -2596,18 +2473,18 @@ index faced53..e2270af 100644
+
+ case eapTlsRecvAck:
+ eap_tls_response(esp, id);
+ esp->es_client.ea_state = (ets->frag ? eapTlsRecvAck :
+ esp->es_client.ea_state = (ets->frag ? eapTlsRecvAck :
+ eapTlsRecv);
+ break;
+
+ case eapTlsRecv:
+ eaptls_receive(ets, inp, len);
+
+ eaptls_receive(ets, inp, len);
+
+ if(ets->frag) {
+ eap_tls_sendack(esp, id);
+ esp->es_client.ea_state = eapTlsRecv;
+ break;
+ }
+ }
+
+ if(ets->alert_recv) {
+ eap_tls_sendack(esp, id);
@ -2618,7 +2495,7 @@ index faced53..e2270af 100644
+ /* Check if TLS handshake is finished */
+ if(SSL_is_init_finished(ets->ssl)){
+#ifdef MPPE
+ eaptls_gen_mppe_keys( ets, "client EAP encryption", 1 );
+ eaptls_gen_mppe_keys( ets, "client EAP encryption", 1 );
+#endif
+ eaptls_free_session(ets);
+ eap_tls_sendack(esp, id);
@ -2644,7 +2521,7 @@ index faced53..e2270af 100644
#ifdef USE_SRP
case EAPT_SRP:
if (len < 1) {
@@ -1737,6 +2063,11 @@ int len;
@@ -1737,6 +2063,11 @@
u_char dig[SHA_DIGESTSIZE];
#endif /* USE_SRP */
@ -2656,7 +2533,7 @@ index faced53..e2270af 100644
if (esp->es_server.ea_id != id) {
dbglog("EAP: discarding Response %d; expected ID %d", id,
esp->es_server.ea_id);
@@ -1776,6 +2107,60 @@ int len;
@@ -1776,6 +2107,60 @@
eap_figure_next_state(esp, 0);
break;
@ -2666,9 +2543,9 @@ index faced53..e2270af 100644
+
+ case eapTlsRecv:
+ ets = (struct eaptls_session *) esp->es_server.ea_session;
+ eap_figure_next_state(esp,
+ eap_figure_next_state(esp,
+ eaptls_receive(esp->es_server.ea_session, inp, len));
+
+
+ if(ets->alert_recv) {
+ eap_send_failure(esp);
+ break;
@ -2677,14 +2554,14 @@ index faced53..e2270af 100644
+
+ case eapTlsRecvAck:
+ if(len > 1) {
+ dbglog("EAP-TLS ACK with extra data");
+ dbglog("EAP-TLS ACK with extra data");
+ }
+ eap_figure_next_state(esp, 0);
+ break;
+
+ case eapTlsRecvClient:
+ /* Receive authentication response from client */
+
+
+ GETCHAR(flags, inp);
+
+ if(len == 1 && !flags) { /* Ack = ok */
@ -2717,7 +2594,7 @@ index faced53..e2270af 100644
case EAPT_NOTIFICATION:
dbglog("EAP unexpected Notification; response discarded");
break;
@@ -1807,6 +2192,13 @@ int len;
@@ -1807,6 +2192,13 @@
esp->es_server.ea_state = eapMD5Chall;
break;
@ -2727,11 +2604,11 @@ index faced53..e2270af 100644
+ esp->es_server.ea_state = eapTlsStart;
+ break;
+#endif /* USE_EAPTLS */
+
+
default:
dbglog("EAP: peer requesting unknown Type %d", vallen);
switch (esp->es_server.ea_state) {
@@ -2018,13 +2410,27 @@ u_char *inp;
@@ -2018,13 +2410,27 @@
int id;
int len;
{
@ -2748,7 +2625,7 @@ index faced53..e2270af 100644
}
+#ifdef USE_EAPTLS
+ if(esp->es_client.ea_using_eaptls && esp->es_client.ea_state !=
+ if(esp->es_client.ea_using_eaptls && esp->es_client.ea_state !=
+ eapTlsRecvSuccess) {
+ dbglog("EAP-TLS unexpected success message in state %s (%d)",
+ eap_state_name(esp->es_client.ea_state),
@ -2760,7 +2637,7 @@ index faced53..e2270af 100644
if (esp->es_client.ea_timeout > 0) {
UNTIMEOUT(eap_client_timeout, (void *)esp);
}
@@ -2150,6 +2556,9 @@ void *arg;
@@ -2150,6 +2556,9 @@
int code, id, len, rtype, vallen;
u_char *pstart;
u_int32_t uval;
@ -2770,7 +2647,7 @@ index faced53..e2270af 100644
if (inlen < EAP_HEADERLEN)
return (0);
@@ -2214,6 +2623,24 @@ void *arg;
@@ -2214,6 +2623,24 @@
}
break;
@ -2795,7 +2672,7 @@ index faced53..e2270af 100644
case EAPT_SRP:
if (len < 3)
goto truncated;
@@ -2325,6 +2752,25 @@ void *arg;
@@ -2325,6 +2752,25 @@
}
break;
@ -2814,18 +2691,22 @@ index faced53..e2270af 100644
+ printer(arg, flags & EAP_TLS_FLAGS_LI ? " L":" -");
+ printer(arg, flags & EAP_TLS_FLAGS_MF ? "M":"-");
+ printer(arg, flags & EAP_TLS_FLAGS_START ? "S":"- ");
+
+ break;
+
+ break;
+#endif /* USE_EAPTLS */
+
case EAPT_NAK:
if (len <= 0) {
printer(arg, " <missing hint>");
diff --git a/pppd/eap.h b/pppd/eap.h
index 199d184..3fa5391 100644
--- a/pppd/eap.h
+++ b/pppd/eap.h
@@ -84,6 +84,16 @@ enum eap_state_code {
@@ -2426,3 +2872,4 @@
return (inp - pstart);
}
+
diff -Naur ppp-2.4.5/pppd/eap.h ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.h
--- ppp-2.4.5/pppd/eap.h 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.h 2010-10-01 15:17:54.214270927 +0200
@@ -84,6 +84,16 @@
eapClosed, /* Authentication not in use */
eapListen, /* Client ready (and timer running) */
eapIdentify, /* EAP Identify sent */
@ -2842,7 +2723,7 @@ index 199d184..3fa5391 100644
eapSRP1, /* Sent EAP SRP-SHA1 Subtype 1 */
eapSRP2, /* Sent EAP SRP-SHA1 Subtype 2 */
eapSRP3, /* Sent EAP SRP-SHA1 Subtype 3 */
@@ -95,9 +105,18 @@ enum eap_state_code {
@@ -95,9 +105,18 @@
#define EAP_STATES \
"Initial", "Pending", "Closed", "Listen", "Identify", \
@ -2862,7 +2743,7 @@ index 199d184..3fa5391 100644
#define eap_server_active(esp) \
((esp)->es_server.ea_state >= eapIdentify && \
(esp)->es_server.ea_state <= eapMD5Chall)
@@ -112,11 +131,17 @@ struct eap_auth {
@@ -112,11 +131,17 @@
u_short ea_namelen; /* Length of our name */
u_short ea_peerlen; /* Length of peer's name */
enum eap_state_code ea_state;
@ -2880,7 +2761,7 @@ index 199d184..3fa5391 100644
};
/*
@@ -139,7 +164,12 @@ typedef struct eap_state {
@@ -139,7 +164,12 @@
* Timeouts.
*/
#define EAP_DEFTIMEOUT 3 /* Timeout (seconds) for rexmit */
@ -2893,10 +2774,9 @@ index 199d184..3fa5391 100644
#define EAP_DEFREQTIME 20 /* Time to wait for peer request */
#define EAP_DEFALLOWREQ 20 /* max # times to accept requests */
diff --git a/pppd/md5.c b/pppd/md5.c
index f1291ce..2ee0c80 100644
--- a/pppd/md5.c
+++ b/pppd/md5.c
diff -Naur ppp-2.4.5/pppd/md5.c ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.c
--- ppp-2.4.5/pppd/md5.c 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.c 2010-10-01 15:17:54.214270927 +0200
@@ -33,6 +33,8 @@
***********************************************************************
*/
@ -2906,15 +2786,15 @@ index f1291ce..2ee0c80 100644
#include <string.h>
#include "md5.h"
@@ -305,3 +307,4 @@ UINT4 *in;
@@ -305,3 +307,5 @@
** End of md5.c **
******************************** (cut) ********************************
*/
+#endif /* USE_EAPTLS */
diff --git a/pppd/md5.h b/pppd/md5.h
index 71e8b00..14d7121 100644
--- a/pppd/md5.h
+++ b/pppd/md5.h
+
diff -Naur ppp-2.4.5/pppd/md5.h ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.h
--- ppp-2.4.5/pppd/md5.h 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.h 2010-10-01 15:17:54.215271014 +0200
@@ -36,6 +36,7 @@
** documentation and/or software. **
***********************************************************************
@ -2923,17 +2803,16 @@ index 71e8b00..14d7121 100644
#ifndef __MD5_INCLUDE__
@@ -63,3 +64,5 @@ void MD5_Final (unsigned char hash[], MD5_CTX *mdContext);
@@ -63,3 +64,5 @@
#define __MD5_INCLUDE__
#endif /* __MD5_INCLUDE__ */
+
+#endif /* USE_EAPTLS */
diff --git a/pppd/options.c b/pppd/options.c
index 8e62635..6915b2d 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -120,6 +120,10 @@ bool dump_options; /* print out option values */
diff -Naur ppp-2.4.5/pppd/options.c ppp-2.4.5-eaptls-mppe-0.99/pppd/options.c
--- ppp-2.4.5/pppd/options.c 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/options.c 2010-10-01 15:17:54.215271014 +0200
@@ -119,6 +119,10 @@
bool dryrun; /* print out option values and exit */
char *domain; /* domain name set by domain option */
int child_wait = 5; /* # seconds to wait for children at exit */
@ -2941,10 +2820,10 @@ index 8e62635..6915b2d 100644
+bool only_update_crl_server = 0; /* update server crl and exit */
+bool only_update_crl_client = 0; /* update client crl and exit */
+#endif /* USE_EAPTLS */
struct userenv *userenv_list; /* user environment variables */
#ifdef MAXOCTETS
@@ -338,6 +342,12 @@ option_t general_options[] = {
unsigned int maxoctets = 0; /* default - no limit */
@@ -320,6 +324,12 @@
{ "mo-timeout", o_int, &maxoctets_timeout,
"Check for traffic limit every N seconds", OPT_PRIO | OPT_LLIMIT | 1 },
#endif
@ -2957,11 +2836,10 @@ index 8e62635..6915b2d 100644
{ NULL }
};
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index 24e010c..6275df6 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -22,6 +22,13 @@
diff -Naur ppp-2.4.5/pppd/pathnames.h ppp-2.4.5-eaptls-mppe-0.99/pppd/pathnames.h
--- ppp-2.4.5/pppd/pathnames.h 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/pathnames.h 2010-10-01 15:17:54.215271014 +0200
@@ -21,6 +21,13 @@
#define _PATH_UPAPFILE _ROOT_PATH "/etc/ppp/pap-secrets"
#define _PATH_CHAPFILE _ROOT_PATH "/etc/ppp/chap-secrets"
#define _PATH_SRPFILE _ROOT_PATH "/etc/ppp/srp-secrets"
@ -2975,11 +2853,10 @@ index 24e010c..6275df6 100644
#define _PATH_SYSOPTIONS _ROOT_PATH "/etc/ppp/options"
#define _PATH_IPUP _ROOT_PATH "/etc/ppp/ip-up"
#define _PATH_IPDOWN _ROOT_PATH "/etc/ppp/ip-down"
diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
index b474a19..760cad4 100644
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
@@ -4,6 +4,9 @@ CFLAGS = $(COPTS) -I.. -I../../include -fPIC
diff -Naur ppp-2.4.5/pppd/plugins/Makefile.linux ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/Makefile.linux
--- ppp-2.4.5/pppd/plugins/Makefile.linux 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/Makefile.linux 2010-10-01 15:17:54.215271014 +0200
@@ -4,6 +4,9 @@
LDFLAGS = -shared
INSTALL = install
@ -2989,11 +2866,10 @@ index b474a19..760cad4 100644
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
diff --git a/pppd/plugins/passprompt.c b/pppd/plugins/passprompt.c
index babb6dc..6ba73ca 100644
--- a/pppd/plugins/passprompt.c
+++ b/pppd/plugins/passprompt.c
@@ -107,4 +107,7 @@ void plugin_init(void)
diff -Naur ppp-2.4.5/pppd/plugins/passprompt.c ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passprompt.c
--- ppp-2.4.5/pppd/plugins/passprompt.c 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passprompt.c 2010-10-01 15:17:54.215271014 +0200
@@ -107,4 +107,7 @@
{
add_options(options);
pap_passwd_hook = promptpass;
@ -3001,24 +2877,23 @@ index babb6dc..6ba73ca 100644
+ eaptls_passwd_hook = promptpass;
+#endif
}
diff --git a/pppd/plugins/passwordfd.c b/pppd/plugins/passwordfd.c
index d718f3b..c3f9793 100644
--- a/pppd/plugins/passwordfd.c
+++ b/pppd/plugins/passwordfd.c
@@ -79,4 +79,8 @@ void plugin_init (void)
diff -Naur ppp-2.4.5/pppd/plugins/passwordfd.c ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passwordfd.c
--- ppp-2.4.5/pppd/plugins/passwordfd.c 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passwordfd.c 2010-10-01 15:17:54.216270820 +0200
@@ -79,4 +79,9 @@
chap_check_hook = pwfd_check;
chap_passwd_hook = pwfd_passwd;
+
+#ifdef USE_EAPTLS
+ eaptls_check_hook = pwfd_check;
+ eaptls_passwd_hook = pwfd_passwd;
+#endif
}
diff --git a/pppd/pppd.h b/pppd/pppd.h
index 47e4d9a..de271c1 100644
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -324,6 +324,10 @@ extern bool dump_options; /* print out option values */
diff -Naur ppp-2.4.5/pppd/pppd.h ppp-2.4.5-eaptls-mppe-0.99/pppd/pppd.h
--- ppp-2.4.5/pppd/pppd.h 2009-11-16 23:26:07.000000000 +0100
+++ ppp-2.4.5-eaptls-mppe-0.99/pppd/pppd.h 2010-10-01 15:17:54.216270820 +0200
@@ -320,6 +320,10 @@
extern bool dryrun; /* check everything, print options, exit */
extern int child_wait; /* # seconds to wait for children at end */
@ -3029,17 +2904,15 @@ index 47e4d9a..de271c1 100644
#ifdef MAXOCTETS
extern unsigned int maxoctets; /* Maximum octetes per session (in bytes) */
extern int maxoctets_dir; /* Direction :
@@ -738,6 +742,10 @@ extern int (*chap_check_hook) __P((void));
@@ -717,6 +721,11 @@
extern int (*chap_passwd_hook) __P((char *user, char *passwd));
extern void (*multilink_join_hook) __P((void));
+#ifdef USE_EAPTLS
+extern int (*eaptls_check_hook) __P((void));
+extern int (*eaptls_passwd_hook) __P((char *user, char *passwd));
+#endif
+
/* Let a plugin snoop sent and received packets. Useful for L2TP */
extern void (*snoop_recv_hook) __P((unsigned char *p, int len));
extern void (*snoop_send_hook) __P((unsigned char *p, int len));
--
1.8.3.1

124
ppp-2.4.5-eth.patch Normal file
View File

@ -0,0 +1,124 @@
diff -up ppp-2.4.5/pppd/ether.c.inc.eth ppp-2.4.5/pppd/ether.c.inc
--- ppp-2.4.5/pppd/ether.c.inc.eth 2011-06-01 10:28:35.356139063 +0200
+++ ppp-2.4.5/pppd/ether.c.inc 2011-06-01 11:20:37.876897352 +0200
@@ -0,0 +1,46 @@
+#define PREF_ETH "eth"
+#define PREF_EM "em"
+
+static char *dev_file = "/proc/self/net/dev";
+
+/*
+ * get_first_ethernet - return the name of the first ethernet-style
+ * interface on this system.
+ */
+char *
+get_first_ethernet()
+{
+ FILE *f;
+ char buf[255], *dv, *smc;
+ char pci[16];
+
+ memset(pci, 0, sizeof(pci));
+ if ((f = fopen(dev_file, "r")) != NULL)
+ {
+ // go through network dev file
+ while (fgets (buf, sizeof(buf), f) != NULL)
+ {
+ // the line describes interface
+ if ((smc = strchr(buf, ':')) != NULL)
+ {
+ // trim white characters
+ for (dv=buf, *smc=0; *dv <= ' '; dv++) ;
+ // is "eth" (originial ethernet name) or "em" (ethernet on board)
+ if (!strncmp(dv, PREF_ETH, strlen(PREF_ETH)) ||
+ !strncmp(dv, PREF_EM, strlen(PREF_EM)))
+ {
+ return strdup(dv);
+ }
+ // remember the first pci NIC-card
+ if (strlen(pci) == 0 && dv[0] == 'p' && isdigit(dv[1]))
+ {
+ strcpy(pci, dv);
+ }
+ }
+ }
+ fclose(f);
+ }
+ // return pci NIC-card or nil if no if name
+ return strlen(pci) > 0 ? strdup(pci) : 0L;
+}
+
diff -up ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.c.eth ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.c
--- ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.c.eth 2011-06-01 09:39:13.099343548 +0200
+++ ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.c 2011-06-01 11:41:02.188252304 +0200
@@ -47,6 +47,8 @@
#include <net/if_arp.h>
#endif
+#include "../../ether.c.inc"
+
char *xstrdup(const char *s);
void usage(void);
@@ -686,7 +688,7 @@ int main(int argc, char *argv[])
/* default interface name */
if (!conn->ifName)
- conn->ifName = strdup("eth0");
+ conn->ifName = get_first_ethernet();
conn->discoverySocket = -1;
conn->sessionSocket = -1;
diff -up ppp-2.4.5/pppd/sys-linux.c.eth ppp-2.4.5/pppd/sys-linux.c
--- ppp-2.4.5/pppd/sys-linux.c.eth 2011-06-01 09:39:13.074343397 +0200
+++ ppp-2.4.5/pppd/sys-linux.c 2011-06-01 11:50:13.736565685 +0200
@@ -144,6 +144,8 @@
#include <sys/locks.h>
#endif
+#include "ether.c.inc"
+
#ifdef INET6
#ifndef _LINUX_IN6_H
/*
@@ -1869,16 +1871,6 @@ get_if_hwaddr(u_char *addr, char *name)
return ret;
}
-/*
- * get_first_ethernet - return the name of the first ethernet-style
- * interface on this system.
- */
-char *
-get_first_ethernet()
-{
- return "eth0";
-}
-
/********************************************************************
*
* Return user specified netmask, modified by any mask we might determine
@@ -2783,6 +2775,7 @@ ether_to_eui64(eui64_t *p_eui64)
struct ifreq ifr;
int skfd;
const unsigned char *ptr;
+ char warn_msg[80];
skfd = socket_fd(PF_INET6, SOCK_DGRAM, 0);
if(skfd == -1)
@@ -2791,11 +2784,13 @@ ether_to_eui64(eui64_t *p_eui64)
return 0;
}
- strcpy(ifr.ifr_name, "eth0");
+ strcpy(ifr.ifr_name, get_first_ethernet());
if(ioctl(skfd, SIOCGIFHWADDR, &ifr) < 0)
{
close(skfd);
- warn("could not obtain hardware address for eth0");
+ snprintf(warn_msg, sizeof(warn_msg),
+ "could not obtain hardware address for %s", ifr.ifr_name);
+ warn(warn_msg);
return 0;
}
close(skfd);

10
ppp-2.4.5-l2tp-multilink.patch Normal file
View File

@ -0,0 +1,10 @@
diff -up ppp-2.4.5/pppd/plugins/pppol2tp/Makefile.linux.l2tp-multilink ppp-2.4.5/pppd/plugins/pppol2tp/Makefile.linux
--- ppp-2.4.5/pppd/plugins/pppol2tp/Makefile.linux.l2tp-multilink 2012-05-19 22:27:43.554642987 +0200
+++ ppp-2.4.5/pppd/plugins/pppol2tp/Makefile.linux 2012-05-19 22:28:08.807407341 +0200
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = -DHAVE_MULTILINK -O2 -g
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install

12
ppp-2.4.5-lock.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up ppp-2.4.5/pppd/utils.c.lock ppp-2.4.5/pppd/utils.c
--- ppp-2.4.5/pppd/utils.c.lock 2011-05-30 15:30:36.432371849 +0200
+++ ppp-2.4.5/pppd/utils.c 2011-05-30 15:30:48.575495854 +0200
@@ -859,7 +859,7 @@ complete_read(int fd, void *buf, size_t
/* Procedures for locking the serial device using a lock file. */
#ifndef LOCK_DIR
#ifdef __linux__
-#define LOCK_DIR "/var/lock"
+#define LOCK_DIR "/var/lock/ppp"
#else
#ifdef SVR4
#define LOCK_DIR "/var/spool/locks"

94
ppp-2.4.5-man.patch Normal file
View File

@ -0,0 +1,94 @@
--- ppp-2.4.5/chat/chat.8.man 2010-12-16 10:20:08.000000000 +0000
+++ ppp-2.4.5/chat/chat.8 2010-12-19 16:40:31.000000000 +0000
@@ -50,7 +50,7 @@
to \fIstderr\fR.
.TP
.B \-E
-Enables environment variable substituion within chat scripts using the
+Enables environment variable substitution within chat scripts using the
standard \fI$xxx\fR syntax.
.TP
.B \-v
@@ -77,7 +77,7 @@
error messages from being sent to the SYSLOG.
.TP
.B \-T \fI<phone number>
-Pass in an arbitary string, usually a phone number, that will be
+Pass in an arbitrary string, usually a phone number, that will be
substituted for the \\T substitution metacharacter in a send string.
.TP
.B \-U \fI<phone number 2>
@@ -204,7 +204,7 @@
.LP
\fBSAY\fR strings must be enclosed in single or double quotes. If
carriage return and line feed are needed in the string to be output,
-you must explicitely add them to your string.
+you must explicitly add them to your string.
.LP
The SAY strings could be used to give progress messages in sections of
the script where you want to have 'ECHO OFF' but still let the user
@@ -457,7 +457,7 @@
Environment variables are available within chat scripts, if the \fI\-E\fR
option was specified in the command line. The metacharacter \fI$\fR is used
to introduce the name of the environment variable to substitute. If the
-substition fails, because the requested environment variable is not set,
+substitution fails, because the requested environment variable is not set,
\fInothing\fR is replaced for the variable.
.SH TERMINATION CODES
The \fIchat\fR program will terminate with the following completion
--- ppp-2.4.5/pppd/pppd.8.man 2010-12-16 10:20:10.000000000 +0000
+++ ppp-2.4.5/pppd/pppd.8 2010-12-21 23:26:50.000000000 +0000
@@ -195,7 +195,7 @@
.TP
.B ipv6 \fI<local_interface_identifier>\fR,\fI<remote_interface_identifier>
Set the local and/or remote 64-bit interface identifier. Either one may be
-omitted. The identifier must be specified in standard ascii notation of
+omitted. The identifier must be specified in standard ASCII notation of
IPv6 addresses (e.g. ::dead:beef). If the
\fIipv6cp\-use\-ipaddr\fR
option is given, the local identifier is the local IPv4 address (see above).
@@ -328,7 +328,7 @@
The \fIdemand\fR option implies the \fIpersist\fR option. If this
behaviour is not desired, use the \fInopersist\fR option after the
\fIdemand\fR option. The \fIidle\fR and \fIholdoff\fR
-options are also useful in conjuction with the \fIdemand\fR option.
+options are also useful in conjunction with the \fIdemand\fR option.
.TP
.B domain \fId
Append the domain name \fId\fR to the local host name for authentication
@@ -515,7 +515,7 @@
send before it rejects the options. The default value is 3.
.TP
.B ipxcp\-max\-terminate \fIn
-Set the maximum nuber of IPXCP terminate request frames before the
+Set the maximum number of IPXCP terminate request frames before the
local system considers that the peer is not listening to them. The
default value is 3.
.TP
@@ -907,7 +907,7 @@
device. The \fIscript\fR will be run in a child process with the
pseudo-tty master as its standard input and output. An explicit
device name may not be given if this option is used. (Note: if the
-\fIrecord\fR option is used in conjuction with the \fIpty\fR option,
+\fIrecord\fR option is used in conjunction with the \fIpty\fR option,
the child process will have pipes on its standard input and output.)
.TP
.B receive\-all
@@ -1015,7 +1015,7 @@
.TP
.B srp\-use\-pseudonym
When operating as an EAP SRP\-SHA1 client, attempt to use the pseudonym
-stored in ~/.ppp_psuedonym first as the identity, and save in this
+stored in ~/.ppp_pseudonym first as the identity, and save in this
file any pseudonym offered by the peer during authentication.
.TP
.B sync
@@ -1885,7 +1885,7 @@
prior written permission.
.LP
4. Redistributions of any form whatsoever must retain the following
- acknowledgments:
+ acknowledgements:
.br
"This product includes software developed by Computing Services
at Carnegie Mellon University (http://www.cmu.edu/computing/)."

29
0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch → ppp-2.4.5-manpg.patch
View File

@ -1,18 +1,6 @@
From a30efa2cc99a5b6ab220de04cbcc7db38888a17a Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 14:29:45 +0200
Subject: [PATCH 16/27] rp-pppoe: add manpage for pppoe-discovery
---
pppd/plugins/rp-pppoe/Makefile.linux | 2 +
pppd/plugins/rp-pppoe/pppoe-discovery.8 | 86 +++++++++++++++++++++++++++++++++
2 files changed, 88 insertions(+)
create mode 100644 pppd/plugins/rp-pppoe/pppoe-discovery.8
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 3cd9101..9918091 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
diff -up ppp-2.4.5/pppd/plugins/rp-pppoe/Makefile.linux.manpg ppp-2.4.5/pppd/plugins/rp-pppoe/Makefile.linux
--- ppp-2.4.5/pppd/plugins/rp-pppoe/Makefile.linux.manpg 2010-04-07 14:47:48.211413928 +0200
+++ ppp-2.4.5/pppd/plugins/rp-pppoe/Makefile.linux 2010-04-07 14:47:48.281414608 +0200
@@ -16,6 +16,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
@ -29,11 +17,9 @@ index 3cd9101..9918091 100644
clean:
rm -f *.o *.so pppoe-discovery
diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.8 b/pppd/plugins/rp-pppoe/pppoe-discovery.8
new file mode 100644
index 0000000..d0a93db
--- /dev/null
+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.8
diff -up ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.8.manpg ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.8
--- ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.8.manpg 2010-04-07 14:49:31.059416743 +0200
+++ ppp-2.4.5/pppd/plugins/rp-pppoe/pppoe-discovery.8 2010-04-07 14:50:11.008416347 +0200
@@ -0,0 +1,86 @@
+.\" pppoe-discovery.8 written by
+.\" Ben Hutchings <ben@decadentplace.org.uk>, based on pppoe.8.
@ -121,6 +107,3 @@ index 0000000..d0a93db
+based on \fBpppoe\fR by David F. Skoll <dfs@roaringpenguin.com>.
+.SH SEE ALSO
+pppoe(8), pppoe-sniff(8)
--
1.8.3.1

13
ppp-2.4.5-ppp_resolv.patch Normal file
View File

@ -0,0 +1,13 @@
diff -up ppp-2.4.5/scripts/ip-up.local.add.ppp_resolv ppp-2.4.5/scripts/ip-up.local.add
--- ppp-2.4.5/scripts/ip-up.local.add.ppp_resolv 2010-07-13 10:29:23.227943994 +0200
+++ ppp-2.4.5/scripts/ip-up.local.add 2010-07-13 10:32:27.729695487 +0200
@@ -18,6 +18,9 @@ if [ -n "$USEPEERDNS" -a -f /var/run/ppp
rscf=/var/run/ppp/resolv.new
grep domain /var/run/ppp/resolv.prev > $rscf
grep search /var/run/ppp/resolv.prev >> $rscf
+ if [ -f /var/run/ppp/resolv.conf ]; then
+ cat /var/run/ppp/resolv.conf >> $rscf
+ fi
change_resolv_conf $rscf
rm -f $rscf
else

22
0015-pppd-move-pppd-database-to-var-run-ppp.patch → ppp-2.4.5-var_run_ppp.patch
View File

@ -1,17 +1,6 @@
From f2c855462ff56be4121409c7e048cd2503fe0ccf Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@fedoraproject.org>
Date: Mon, 7 Apr 2014 14:26:20 +0200
Subject: [PATCH 15/27] pppd: move pppd database to /var/run/ppp
Resolves: #560014
---
pppd/pathnames.h | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index bef3160..24e010c 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
diff -up ppp-2.4.5/pppd/pathnames.h.var_run_ppp ppp-2.4.5/pppd/pathnames.h
--- ppp-2.4.5/pppd/pathnames.h.var_run_ppp 2010-11-23 10:14:24.557427000 +0100
+++ ppp-2.4.5/pppd/pathnames.h 2010-11-23 10:24:07.432426793 +0100
@@ -6,8 +6,9 @@
#ifdef HAVE_PATHS_H
@ -23,7 +12,7 @@ index bef3160..24e010c 100644
#ifndef _PATH_VARRUN
#define _PATH_VARRUN "/etc/ppp/"
#endif
@@ -46,13 +47,9 @@
@@ -46,13 +54,9 @@
#endif /* IPX_CHANGE */
#ifdef __STDC__
@ -39,6 +28,3 @@ index bef3160..24e010c 100644
#endif /* __STDC__ */
#ifdef PLUGIN
--
1.8.3.1

79
ppp-2.4.7-DES-openssl.patch
View File

@ -1,79 +0,0 @@
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 534ccc2..cf11b74 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -41,7 +41,7 @@ COPTS = -Wall $(RPM_OPT_FLAGS) -DLIBDIR=\""$(LIBDIR)"\"
# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
CHAPMS=y
-USE_CRYPT=y
+#USE_CRYPT=y
# Don't use MSLANMAN unless you really know what you're doing.
#MSLANMAN=y
# Uncomment the next line to include support for MPPE. CHAPMS (above) must
@@ -147,7 +147,8 @@ endif
ifdef NEEDDES
ifndef USE_CRYPT
-LIBS += -ldes $(LIBS)
+CFLAGS += -I/usr/include/openssl
+LIBS += -lcrypto
else
CFLAGS += -DUSE_CRYPT=1
endif
diff --git a/pppd/pppcrypt.c b/pppd/pppcrypt.c
index 8b85b13..6b35375 100644
--- a/pppd/pppcrypt.c
+++ b/pppd/pppcrypt.c
@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key with parity bits added */
des_key[7] = Get7Bits(key, 49);
#ifndef USE_CRYPT
- des_set_odd_parity((des_cblock *)des_key);
+ DES_set_odd_parity((DES_cblock *)des_key);
#endif
}
@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */
}
#else /* USE_CRYPT */
-static des_key_schedule key_schedule;
+static DES_key_schedule key_schedule;
bool
DesSetkey(key)
u_char *key;
{
- des_cblock des_key;
+ DES_cblock des_key;
MakeKey(key, des_key);
- des_set_key(&des_key, key_schedule);
+ DES_set_key(&des_key, &key_schedule);
return (1);
}
bool
-DesEncrypt(clear, key, cipher)
+DesEncrypt(clear, cipher)
u_char *clear; /* IN 8 octets */
u_char *cipher; /* OUT 8 octets */
{
- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,
- key_schedule, 1);
+ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
+ &key_schedule, 1);
return (1);
}
@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
u_char *cipher; /* IN 8 octets */
u_char *clear; /* OUT 8 octets */
{
- des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear,
- key_schedule, 0);
+ DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
+ &key_schedule, 0);
return (1);
}

170
ppp-2.4.7-honor-ldflags.patch
View File

@ -1,170 +0,0 @@
diff --git a/chat/Makefile.linux b/chat/Makefile.linux
index 2445637..83114f1 100644
--- a/chat/Makefile.linux
+++ b/chat/Makefile.linux
@@ -18,7 +18,7 @@ INSTALL= install
all: chat
chat: chat.o
- $(CC) -o chat chat.o
+ $(CC) $(LDFLAGS) -o chat chat.o
chat.o: chat.c
$(CC) -c $(CFLAGS) -o chat.o chat.c
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index cf11b74..089f164 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -188,7 +188,7 @@ endif
ifdef PLUGIN
CFLAGS += -DPLUGIN
-LDFLAGS += -Wl,-E
+LDFLAGS_PLUGIN += -Wl,-E
LIBS += -ldl
endif
@@ -230,7 +230,7 @@ install: pppd
$(INSTALL) -c -m 644 pppd.8 $(MANDIR)
pppd: $(PPPDOBJS)
- $(CC) $(CFLAGS) $(LDFLAGS) -o pppd $(PPPDOBJS) $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_PLUGIN) -o pppd $(PPPDOBJS) $(LIBS)
srp-entry: srp-entry.c
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ srp-entry.c $(LIBS)
diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
index 303833a..04fe876 100644
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
@@ -1,7 +1,7 @@
#CC = gcc
COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
-LDFLAGS = -shared
+LDFLAGS_SHARED = -shared
INSTALL = install
# EAP-TLS
@@ -33,7 +33,7 @@ all: $(PLUGINS)
for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all; done
%.so: %.c
- $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^
+ $(CC) -o $@ $(LDFLAGS) $(LDFLAGS_SHARED) $(CFLAGS) $^
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../patchlevel.h)
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 4c5826f..1961e0e 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -1,7 +1,7 @@
#CC = gcc
COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I../.. -I../../../include -fPIC
-LDFLAGS = -shared
+LDFLAGS_SHARED = -shared
INSTALL = install
#***********************************************************************
@@ -33,7 +33,7 @@ endif
all: $(PLUGIN)
$(PLUGIN): $(PLUGIN_OBJS)
- $(CC) $(CFLAGS) -o $@ -shared $^ $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LDFLAGS_SHARED) $^ $(LIBS)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index 9cb316d..7b23b25 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -1,7 +1,7 @@
#CC = gcc
COPTS = $(RPM_OPT_FLAGS) -DHAVE_MULTILINK
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
-LDFLAGS = -shared
+LDFLAGS_SHARED = -shared
INSTALL = install
#***********************************************************************
@@ -16,7 +16,7 @@ PLUGINS := pppol2tp.so openl2tp.so
all: $(PLUGINS)
%.so: %.o
- $(CC) $(CFLAGS) -o $@ -shared $^ $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LDFLAGS_SHARED) $^ $(LIBS)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 707326b..2150332 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -43,13 +43,13 @@ install: all
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
radius.so: radius.o libradiusclient.a
- $(CC) -o radius.so -shared radius.o libradiusclient.a
+ $(CC) $(LDFLAGS) -o radius.so -shared radius.o libradiusclient.a
radattr.so: radattr.o
- $(CC) -o radattr.so -shared radattr.o
+ $(CC) $(LDFLAGS) -o radattr.so -shared radattr.o
radrealms.so: radrealms.o
- $(CC) -o radrealms.so -shared radrealms.o
+ $(CC) $(LDFLAGS) -o radrealms.so -shared radrealms.o
CLIENTOBJS = avpair.o buildreq.o config.o dict.o ip_util.o \
clientid.o sendserver.o lock.o util.o md5.o
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index fa49efb..5e06b52 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -31,7 +31,7 @@ CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
all: rp-pppoe.so pppoe-discovery
pppoe-discovery: pppoe-discovery.o debug.o common.o
- $(CC) -o pppoe-discovery pppoe-discovery.o debug.o -ludev
+ $(CC) $(LDFLAGS) -o pppoe-discovery pppoe-discovery.o debug.o -ludev
pppoe-discovery.o: pppoe-discovery.c
$(CC) $(CFLAGS) -c -o pppoe-discovery.o pppoe-discovery.c
@@ -40,7 +40,7 @@ debug.o: debug.c
$(CC) $(CFLAGS) -c -o debug.o debug.c
rp-pppoe.so: plugin.o discovery.o if.o common.o
- $(CC) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
+ $(CC) $(LDFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
diff --git a/pppdump/Makefile.linux b/pppdump/Makefile.linux
index 95c6805..33e5107 100644
--- a/pppdump/Makefile.linux
+++ b/pppdump/Makefile.linux
@@ -10,7 +10,7 @@ INSTALL= install
all: pppdump
pppdump: $(OBJS)
- $(CC) -o pppdump $(OBJS)
+ $(CC) $(LDFLAGS) -o pppdump $(OBJS)
clean:
rm -f pppdump $(OBJS) *~
diff --git a/pppstats/Makefile.linux b/pppstats/Makefile.linux
index c5ba3b1..eeccf83 100644
--- a/pppstats/Makefile.linux
+++ b/pppstats/Makefile.linux
@@ -26,7 +26,7 @@ install: pppstats
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)
- $(CC) $(CFLAGS) -o pppstats pppstats.c $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o pppstats pppstats.c $(LIBS)
clean:
rm -f pppstats *~ #* core

2
ppp-tmpfiles.conf
View File

@ -1,2 +0,0 @@
d /run/ppp 0755 root root
d /run/lock/ppp 0755 root root

2
ppp-tmpfs.conf Normal file
View File

@ -0,0 +1,2 @@
d /var/run/ppp 0755 root root
d /var/lock/ppp 0755 root root

0
ppp-logrotate.conf → ppp.logrotate
View File

342
ppp.spec
View File

@ -1,66 +1,43 @@
%global _hardened_build 1
Summary: The Point-to-Point Protocol daemon
Name: ppp
Version: 2.4.7
Version: 2.4.5
Release: 21%{?dist}
License: BSD and LGPLv2+ and GPLv2+ and Public Domain
Group: System Environment/Daemons
URL: http://www.samba.org/ppp
Source0: ftp://ftp.samba.org/pub/ppp/ppp-%{version}.tar.gz
Source1: ppp-pam.conf
Source2: ppp-logrotate.conf
Source3: ppp-tmpfiles.conf
Source4: ip-down
Source5: ip-down.ipv6to4
Source6: ip-up
Source7: ip-up.ipv6to4
Source8: ipv6-down
Source9: ipv6-up
Source10: ifup-ppp
Source11: ifdown-ppp
Source12: ppp-watch.tar.xz
Source1: ppp-2.3.5-pamd.conf
Source2: ppp.logrotate
Source3: ppp-tmpfs.conf
Patch0: ppp-2.4.3-make.patch
Patch1: ppp-2.3.6-sample.patch
Patch2: ppp-2.4.2-libutil.patch
Patch3: ppp-2.4.1-varargs.patch
Patch4: ppp-2.4.4-lib64.patch
Patch7: ppp-2.4.2-pie.patch
Patch8: ppp-2.4.3-fix.patch
Patch9: ppp-2.4.3-fix64.patch
Patch11: ppp-2.4.2-change_resolv_conf.patch
Patch13: ppp-2.4.4-no_strip.patch
Patch17: ppp-2.4.2-pppoatm-make.patch
Patch19: ppp-2.4.3-local.patch
Patch20: ppp-2.4.3-ipv6-accept-remote.patch
Patch22: ppp-2.4.4-cbcp.patch
Patch23: ppp-2.4.2-dontwriteetc.patch
Patch24: ppp-2.4.4-fd_leak.patch
Patch25: ppp-2.4.5-var_run_ppp.patch
Patch26: ppp-2.4.5-manpg.patch
Patch27: ppp-2.4.5-eaptls-mppe-0.99.patch
Patch28: ppp-2.4.5-ppp_resolv.patch
Patch29: ppp-2.4.5-man.patch
Patch30: ppp-2.4.5-eth.patch
Patch31: ppp-2.4.5-lock.patch
Patch32: ppp-2.4.5-l2tp-multilink.patch
# Fedora-specific
Patch0001: 0001-build-sys-use-gcc-as-our-compiler-of-choice.patch
Patch0002: 0002-build-sys-enable-PAM-support.patch
Patch0003: 0003-build-sys-utilize-compiler-flags-handed-to-us-by-rpm.patch
Patch0004: 0004-doc-add-configuration-samples.patch
Patch0005: 0005-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch
Patch0006: 0006-scritps-use-change_resolv_conf-function.patch
Patch0007: 0007-build-sys-don-t-strip-binaries-during-installation.patch
Patch0008: 0008-build-sys-use-prefix-usr-instead-of-usr-local.patch
Patch0009: 0009-pppd-introduce-ipv6-accept-remote.patch
Patch0010: 0010-build-sys-enable-CBCP.patch
Patch0011: 0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch
Patch0012: 0012-pppd-we-don-t-want-to-accidentally-leak-fds.patch
Patch0013: 0013-everywhere-O_CLOEXEC-harder.patch
Patch0014: 0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch
Patch0015: 0015-pppd-move-pppd-database-to-var-run-ppp.patch
Patch0016: 0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch
Patch0017: 0017-pppd-rebase-EAP-TLS-patch-v0.994.patch
Patch0018: 0018-scritps-fix-ip-up.local-sample.patch
Patch0019: 0019-sys-linux-rework-get_first_ethernet.patch
Patch0020: 0020-pppd-put-lock-files-in-var-lock-ppp.patch
Patch0021: 0021-build-sys-compile-pppol2tp-plugin-with-RPM_OPT_FLAGS.patch
Patch0022: 0022-build-sys-compile-pppol2tp-with-multilink-support.patch
Patch0023: 0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch
Patch0024: 0024-build-sys-install-pppoatm-plugin-files-with-standard.patch
Patch0025: 0025-pppd-install-pppd-binary-using-standard-perms-755.patch
Patch0026: 0026-Revert-pppd-rebase-EAP-TLS-patch-v0.994.patch
Patch0027: 0027-pppd-EAP-TLS-patch-v0.999.patch
Patch0028: 0028-pppoe-include-netinet-in.h-before-linux-in.h.patch
# rhbz#1556132
Patch0029: ppp-2.4.7-DES-openssl.patch
# https://github.com/paulusmack/ppp/pull/95
Patch0030: ppp-2.4.7-honor-ldflags.patch
BuildRequires: pam-devel, libpcap-devel, systemd, systemd-devel, glib2-devel
BuildRequires: openssl-devel
Requires: glibc >= 2.0.6, /etc/pam.d/system-auth, libpcap >= 14:0.8.3-6, systemd, initscripts >= 9.54
Requires(pre): /usr/bin/getent
Requires(pre): /usr/sbin/groupadd
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: pam-devel, libpcap-devel, openssl-devel
Requires: glibc >= 2.0.6, /etc/pam.d/system-auth, logrotate, libpcap >= 14:0.8.3-6
Requires: systemd-units
%description
The ppp package contains the PPP (Point-to-Point Protocol) daemon and
@ -72,62 +49,79 @@ organization over a modem and phone line.
%package devel
Summary: Headers for ppp plugin development
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}
%description devel
This package contains the header files for building plugins for ppp.
%prep
%setup -q
%autopatch -p1
%setup -q
%patch0 -p1 -b .make
%patch1 -p1 -b .sample
# patch 2 depends on the -lutil in patch 0
%patch3 -p1 -b .varargs
# patch 4 depends on the -lutil in patch 0
%patch4 -p1 -b .lib64
%patch7 -p1 -b .pie
%patch8 -p1 -b .fix
%patch9 -p1 -b .fix64
%patch11 -p1 -b .change_resolv_conf
%patch13 -p1 -b .no_strip
%patch17 -p1 -b .atm-make
%patch19 -p1 -b .local
%patch20 -p1 -b .ipv6cp
%patch22 -p1 -b .cbcp
%patch23 -p1 -b .dontwriteetc
%patch24 -p1 -b .fd_leak
%patch25 -p1 -b .var_run_ppp
%patch26 -p1 -b .manpg
%patch27 -p1 -b .eaptls
%patch28 -p1 -b .ppp_resolv
%patch29 -p1 -b .man
# fixes bz#682381 - hardcodes eth0
%patch30 -p1 -b .eth
# fixes bz#708260 - SELinux is preventing access on the file LCK..ttyUSB3
%patch31 -p1 -b .lock
%patch32 -p1 -b .l2tp-multilink
tar -xJf %{SOURCE12}
rm -f scripts/*.local
rm -f scripts/*.change_resolv_conf
rm -f scripts/*.usepeerdns-var_run_ppp_resolv
rm -f scripts/*.ppp_resolv
find . -type f -name "*.sample" | xargs rm -f
rm -f include/linux/if_pppol2tp.h
%build
export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -Wall -fno-strict-aliasing"
export RPM_LD_FLAGS="$LDFLAGS"
#find . -name 'Makefile*' -print0 | xargs -0 perl -pi.no_strip -e "s: -s : :g"
RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -Wall"
%configure
make %{?_smp_mflags} LDFLAGS="%{?build_ldflags}"
make -C ppp-watch %{?_smp_mflags} LDFLAGS="%{?build_ldflags}"
make
%install
make INSTROOT=%{buildroot} install install-etcppp
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
export INSTROOT=$RPM_BUILD_ROOT
make install install-etcppp
chmod -R a+rX scripts
find scripts -type f | xargs chmod a-x
make ROOT=%{buildroot} -C ppp-watch install
chmod 0755 $RPM_BUILD_ROOT/%{_libdir}/pppd/%{version}/*.so
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
install -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/ppp
# create log files dir
install -d %{buildroot}%{_localstatedir}/log/ppp
# Provide pointers for people who expect stuff in old places
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/ppp
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/ppp
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lock/ppp
# install pam config
install -d %{buildroot}%{_sysconfdir}/pam.d
install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/ppp
install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d
install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d/ppp.conf
# install logrotate script
install -d %{buildroot}%{_sysconfdir}/logrotate.d
install -m 644 -p %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/ppp
# Logrotate script
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/ppp
# install tmpfiles drop-in
install -d %{buildroot}%{_tmpfilesdir}
install -m 644 -p %{SOURCE3} %{buildroot}%{_tmpfilesdir}/ppp.conf
# install scripts (previously owned by initscripts package)
install -d %{buildroot}%{_sysconfdir}/ppp
install -p %{SOURCE4} %{buildroot}%{_sysconfdir}/ppp/ip-down
install -p %{SOURCE5} %{buildroot}%{_sysconfdir}/ppp/ip-down.ipv6to4
install -p %{SOURCE6} %{buildroot}%{_sysconfdir}/ppp/ip-up
install -p %{SOURCE7} %{buildroot}%{_sysconfdir}/ppp/ip-up.ipv6to4
install -p %{SOURCE8} %{buildroot}%{_sysconfdir}/ppp/ipv6-down
install -p %{SOURCE9} %{buildroot}%{_sysconfdir}/ppp/ipv6-up
install -d %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/
install -p %{SOURCE10} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifup-ppp
install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdown-ppp
%pre
/usr/bin/getent group dip >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 40 dip >/dev/null 2>&1 || :
%post
%tmpfiles_create ppp.conf
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
@ -136,16 +130,6 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
%{_sbindir}/pppdump
%{_sbindir}/pppoe-discovery
%{_sbindir}/pppstats
%{_sbindir}/ppp-watch
%dir %{_sysconfdir}/ppp
%{_sysconfdir}/ppp/ip-up
%{_sysconfdir}/ppp/ip-down
%{_sysconfdir}/ppp/ip-up.ipv6to4
%{_sysconfdir}/ppp/ip-down.ipv6to4
%{_sysconfdir}/ppp/ipv6-up
%{_sysconfdir}/ppp/ipv6-down
%{_sysconfdir}/sysconfig/network-scripts/ifdown-ppp
%{_sysconfdir}/sysconfig/network-scripts/ifup-ppp
%{_mandir}/man8/chat.8*
%{_mandir}/man8/pppd.8*
%{_mandir}/man8/pppdump.8*
@ -153,12 +137,12 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
%{_mandir}/man8/pppd-radius.8*
%{_mandir}/man8/pppstats.8*
%{_mandir}/man8/pppoe-discovery.8*
%{_mandir}/man8/ppp-watch.8*
%{_libdir}/pppd
%ghost %dir /run/ppp
%ghost %dir /run/lock/ppp
%dir %{_sysconfdir}/logrotate.d
%dir %{_sysconfdir}/ppp
%dir %{_localstatedir}/run/ppp
%dir %{_localstatedir}/lock/ppp
%attr(700, root, root) %dir %{_localstatedir}/log/ppp
%config %{_sysconfdir}/tmpfiles.d/ppp.conf
%config(noreplace) %{_sysconfdir}/ppp/eaptls-client
%config(noreplace) %{_sysconfdir}/ppp/eaptls-server
%config(noreplace) %{_sysconfdir}/ppp/chap-secrets
@ -166,7 +150,6 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
%config(noreplace) %{_sysconfdir}/ppp/pap-secrets
%config(noreplace) %{_sysconfdir}/pam.d/ppp
%config(noreplace) %{_sysconfdir}/logrotate.d/ppp
%{_tmpfilesdir}/ppp.conf
%doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample README.eap-tls
%files devel
@ -175,127 +158,6 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
%doc PLUGINS
%changelog
* Mon Apr 9 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-21
- Link with -E not to break plugins
Resolves: rhbz#1564459
* Fri Apr 6 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-20
- Also build all DSOs with distro's LDFLAGS
Related: rhbz#1563157
* Wed Apr 4 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-19
- Build with distro's LDFLAGS
Resolves: rhbz#1563157
* Tue Mar 27 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-18
- Used openssl for the DES instead of the libcrypt / glibc
Resolves: rhbz#1556132
* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.4.7-17
- Escape macros in %%changelog
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 2.4.7-15
- Rebuilt for switch to libxcrypt
* Mon Aug 21 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-14
- EAP-TLS patch updated to version 0.999
- Switched to openssl-1.1
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Sat Dec 10 2016 Lubomir Rintel <lkundrak@v3.sk> - 2.4.7-10
- Fix FTBFS
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.7-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Feb 09 2015 Michal Sekletar <msekleta@redhat.com> - 2.4.7-7
- prevent running into issues caused by undefined behavior (pointers of incompatible types aliasing the same object)
* Wed Dec 10 2014 Michal Sekletar <msekleta@redhat.com> - 2.4.7-6
- fix logical expression in eap_client_active macro (#1023620)
* Wed Nov 19 2014 Michal Sekletar <msekleta@redhat.com> - 2.4.7-5
- don't mark logrotate config as executable (#1164435)
* Tue Sep 2 2014 Peter Robinson <pbrobinson@fedoraproject.org> 2.4.7-4
- devel package should depend on base package as per guidelines
* Tue Aug 19 2014 Michal Sekletar <msekleta@redhat.com> - 2.4.7-3
- don't mark tmpfiles dropin as executable (#1131293)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Mon Aug 11 2014 Michal Sekletar <msekleta@redhat.com> - 2.4.7-1
- rebase to 2.4.7. Includes fix for CVE-2014-3158 (#1128716)
* Fri Jun 20 2014 Michal Sekletar <msekleta@redhat.com> - 2.4.6-6
- version 0.997 of EAP-TLS patch
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.6-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed Apr 16 2014 Michal Sekletar <msekleta@redhat.com> - 2.4.6-4
- move ppp initscripts to ppp package (#1088220)
* Mon Apr 14 2014 Michal Sekletar <msekleta@redhat.com> - 2.4.6-3
- don't require perl and expect (#1086846)
* Thu Apr 10 2014 Michal Sekletar <msekleta@redhat.com> - 2.4.6-2
- rebase to 2.4.6
* Thu Aug 01 2013 Michal Sekletar <msekleta@redhat.com> - 2.4.5-33
- fix post installation scriptlet
* Fri Jul 12 2013 Michal Sekletar <msekleta@redhat.com> - 2.4.5-32
- don't ship /var/lock/ppp in rpm payload and create it in %%post instead
- fix installation of tmpfiles.d configuration
- enable hardened build
- fix bogus dates in changelog
- compile all binaries with hardening flags
* Thu Jul 04 2013 Michal Sekletar <msekleta@redhat.com> - 2.4.5-31
- fix possible NULL pointer dereferencing
* Wed May 29 2013 Michal Sekletar <msekleta@redhat.com> - 2.4.5-30
- make radius plugin config parser less strict
- resolves : #906913
* Wed Mar 20 2013 Michal Sekletar <msekleta@redhat.com> - 2.4.5-29
- Add creation of dip system group
* Wed Mar 20 2013 Michal Sekletar <msekleta@redhat.com> - 2.4.5-28
- Add /etc/logrotate.d to files section since we no longer hard depend on logrotate
* Wed Mar 20 2013 Michal Sekletar <msekleta@redhat.com> - 2.4.5-27
- Don't hard depend on logrotate
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.5-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Nov 12 2012 Michal Sekletar <msekleta@redhat.com> - 2.4.5-25
- Resolves: #840190 - install configuration file in /usr/lib/tmpfiles.d
* Tue Sep 11 2012 Michal Sekletar <msekleta@redhat.com> - 2.4.5-24
- Removed unnecessary dependency on systemd-unit
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.5-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue May 29 2012 Michal Sekletar <msekleta@redhat.com>
- Resolves: #817011 - fixed ppp-2.4.5-eaptls-mppe-0.99 patch, added variable definition
@ -305,9 +167,6 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
* Thu May 17 2012 Michal Sekletar <msekleta@redhat.com>
- Resolves: #771340 - fixed compilation of pppd without USE_EAPTLS
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.5-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon May 30 2011 Jiri Skala <jskala@redhat.com> - 2.4.5-18
- fixes #682381 - hardcodes eth0
- fixes #708260 - SELinux is preventing access on the file LCK..ttyUSB3
@ -414,7 +273,7 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
* Wed Jul 19 2006 Thomas Woerner <twoerner@redhat.com> 2.4.4-1
- new version 2.4.4 with lots of fixes
- fixed reesolv.conf docs (#165072)
Thanks to Matt Domsch for the initial patch
Thanks to Matt Domsch for the initial patch
- enabled CBCP (#199278)
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.4.3-6.2.2
@ -479,7 +338,7 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
- require new libpcap library (>= 0.8.3-6) with a fix for inbound/outbound
filter processing
- not using internal libpcap structures anymore, fixes inbound/outbound
filter processing (#128053)
filter processing (#128053)
* Fri Aug 6 2004 Thomas Woerner <twoerner@redhat.com> 2.4.2-4
- fixed signal handling (#29171)
@ -492,7 +351,7 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Mon May 24 2004 David Woodhouse <dwmw2@redhat.com> 2.4.2-2.3
* Wed May 24 2004 David Woodhouse <dwmw2@redhat.com> 2.4.2-2.3
- Enable IPv6 support. Disable PIE to avoid bogus Provides:
* Fri May 14 2004 Thomas Woerner <twoerner@redhat.com> 2.4.2-2.2
@ -571,7 +430,7 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
- automatic rebuild
* Mon Jun 5 2000 Nalin Dahyabhai <nalin@redhat.com>
- move man pages to %%{_mandir}
- move man pages to %{_mandir}
* Thu Jun 1 2000 Nalin Dahyabhai <nalin@redhat.com>
- change perms using defattr
@ -614,7 +473,7 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
* Fri Apr 09 1999 Cristian Gafton <gafton@redhat.com>
- force pppd use the glibc's logwtmp instead of implementing its own
* Thu Apr 01 1999 Preston Brown <pbrown@redhat.com>
* Wed Apr 01 1999 Preston Brown <pbrown@redhat.com>
- version 2.3.7 bugfix release
* Tue Mar 23 1999 Cristian Gafton <gafton@redhat.com>
@ -623,7 +482,7 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
* Mon Mar 22 1999 Michael Johnson <johnsonm@redhat.com>
- auth patch
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
- auto rebuild in the new build environment (release 3)
* Thu Jan 07 1999 Cristian Gafton <gafton@redhat.com>
@ -661,7 +520,7 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
- added a samples patch; updated glibc patch
* Thu Dec 18 1997 Erik Troan <ewt@redhat.com>
- added a patch to use our own route.h, rather then glibc's (which has
- added a patch to use our own route.h, rather then glibc's (which has
alignment problems on Alpha's) -- I only applied this patch on the Alpha,
though it should be safe everywhere
@ -674,3 +533,4 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo
* Tue Mar 25 1997 Erik Troan <ewt@redhat.com>
- Integrated new patch from David Mosberger
- Improved description

3
sources
View File

@ -1,2 +1 @@
78818f40e6d33a1d1de68a1551f6595a ppp-2.4.7.tar.gz
166cdfbce3391746fde60e86752c7bc7 ppp-watch.tar.xz
4621bc56167b6953ec4071043fe0ec57 ppp-2.4.5.tar.gz