ppp: add shellsync support

2025-04-15 18:03:30 +00:00 · 2020-07-08 14:45:43 +08:00 · 2020-07-08 14:45:43 +08:00 · 37c63e9b3d
commit 37c63e9b3d
parent 170042c687
23 changed files with 668 additions and 37 deletions
--- a/feeds.conf.default
+++ b/feeds.conf.default
@ -1,4 +1,4 @@
-src-git packages https://git.openwrt.org/feed/packages.git
+src-git packages https://github.com/coolsnowwolf/packages
 src-git luci https://github.com/coolsnowwolf/luci
 src-git routing https://git.openwrt.org/feed/routing.git
 src-git telephony https://git.openwrt.org/feed/telephony.git
--- a/package/network/services/ppp/Makefile
+++ b/package/network/services/ppp/Makefile
@ -9,19 +9,18 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 PKG_NAME:=ppp
-PKG_RELEASE:=2
+PKG_RELEASE:=5
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/paulusmack/ppp
-PKG_SOURCE_DATE:=2020-05-25
+PKG_SOURCE_VERSION:=78cd384ce0f48bb5edb84e4fe9a574eab4a4ad14
-PKG_SOURCE_VERSION:=ddd57c279f467e18c4fb3a661f21a069a5a37a1f
+PKG_MIRROR_HASH:=cf284c312b0c90974d11f8aeece173bcac8475f5b810911f4feb2c5a4db263fe
 PKG_MIRROR_HASH:=aac65e65dd25eaf8978a7a0b3258c863d90e29e247dd33d95276c0c189bcd424
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_LICENSE:=BSD-4-Clause
 PKG_CPE_ID:=cpe:/a:samba:ppp
 PKG_RELEASE_VERSION:=2.4.8
-PKG_VERSION:=$(PKG_RELEASE_VERSION).git-$(PKG_SOURCE_DATE)
+PKG_VERSION:=$(PKG_RELEASE_VERSION)
 PKG_BUILD_DEPENDS:=libpcap
@ -39,7 +38,7 @@ endef
 define Package/ppp
 $(call Package/ppp/Default)
-  DEPENDS:=+kmod-ppp
+  DEPENDS:=+kmod-ppp +libpthread +shellsync +kmod-mppe
  TITLE:=PPP daemon
  VARIANT:=default
 endef
--- a/package/network/services/ppp/files/ppp.sh
+++ b/package/network/services/ppp/files/ppp.sh
@ -74,7 +74,7 @@ ppp_generic_init_config() {
 	proto_config_add_string pppd_options
 	proto_config_add_string 'connect:file'
 	proto_config_add_string 'disconnect:file'
-	[ -e /proc/sys/net/ipv6 ] && proto_config_add_string ipv6
+	proto_config_add_string ipv6
 	proto_config_add_boolean authfail
 	proto_config_add_int mtu
 	proto_config_add_string pppname
@ -88,9 +88,7 @@ ppp_generic_setup() {
 	local config="$1"; shift
 	local localip
-	json_get_vars ip6table demand keepalive keepalive_adaptive username password pppd_options pppname unnumbered persist maxfail holdoff peerdns
+	json_get_vars ipv6 ip6table demand keepalive keepalive_adaptive username password pppd_options pppname unnumbered persist maxfail holdoff peerdns
 	[ ! -e /proc/sys/net/ipv6 ] && ipv6=0 || json_get_var ipv6 ipv6
 	if [ "$ipv6" = 0 ]; then
 		ipv6=""
@ -151,9 +149,9 @@ ppp_generic_setup() {
 		${connect:+connect "$connect"} \
 		${disconnect:+disconnect "$disconnect"} \
 		ip-up-script /lib/netifd/ppp-up \
-		${ipv6:+ipv6-up-script /lib/netifd/ppp6-up} \
+		ipv6-up-script /lib/netifd/ppp6-up \
 		ip-down-script /lib/netifd/ppp-down \
-		${ipv6:+ipv6-down-script /lib/netifd/ppp-down} \
+		ipv6-down-script /lib/netifd/ppp-down \
 		${mtu:+mtu $mtu mru $mtu} \
 		"$@" $pppd_options
 }
@ -233,7 +231,16 @@ proto_pppoe_setup() {
 	json_get_var padi_attempts padi_attempts
 	json_get_var padi_timeout padi_timeout
 #By 蝈蝈：并发拨号同步的前期准备
 	syncppp_option=""
 	[ "$(uci get syncdial.config.enabled)" -eq "1" ] && {
 		ppp_if_cnt=$(uci show network | grep -c "\.proto=\'pppoe\'$")
 		syncppp_option="syncppp $ppp_if_cnt"
 		shellsync $ppp_if_cnt 10
 	}
 	ppp_generic_setup "$config" \
 		$syncppp_option \
 		plugin rp-pppoe.so \
 		${ac:+rp_pppoe_ac "$ac"} \
 		${service:+rp_pppoe_service "$service"} \
--- a/package/network/services/ppp/patches/100-debian_ip-ip_option.patch
+++ b/package/network/services/ppp/patches/100-debian_ip-ip_option.patch
@ -85,7 +85,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
       "Enable multilink operation", OPT_PRIO | 1 },
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -335,6 +335,8 @@ extern int	connect_delay;	/* Time to del
+@@ -334,6 +334,8 @@ extern int	connect_delay;	/* Time to del
 extern int	max_data_rate;	/* max bytes/sec through charshunt */
 extern int	req_unit;	/* interface unit number to use */
 extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */
--- a/package/network/services/ppp/patches/105-debian_demand.patch
+++ b/package/network/services/ppp/patches/105-debian_demand.patch
@ -161,7 +161,7 @@
     } else {
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -602,7 +602,7 @@ void demand_conf __P((void));	/* config
+@@ -601,7 +601,7 @@ void demand_conf __P((void));	/* config
 void demand_block __P((void));	/* set all NPs to queue up packets */
 void demand_unblock __P((void)); /* set all NPs to pass packets */
 void demand_discard __P((void)); /* set all NPs to discard packets */
--- a/package/network/services/ppp/patches/110-debian_defaultroute.patch
+++ b/package/network/services/ppp/patches/110-debian_defaultroute.patch
@ -137,7 +137,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 .B disconnect \fIscript
 Execute the command specified by \fIscript\fR, by passing it to a
 shell, after
-@@ -751,7 +756,12 @@ disable both forms of hardware flow cont
+@@ -746,7 +751,12 @@ disable both forms of hardware flow cont
 .TP
 .B nodefaultroute
 Disable the \fIdefaultroute\fR option.  The system administrator who
@ -153,7 +153,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 .B nodefaultroute6
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -684,7 +684,7 @@ int  sif6addr __P((int, eui64_t, eui64_t
+@@ -683,7 +683,7 @@ int  sif6addr __P((int, eui64_t, eui64_t
 int  cif6addr __P((int, eui64_t, eui64_t));
 				/* Remove an IPv6 address from i/f */
 #endif
@ -292,7 +292,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 }
 --- a/pppd/sys-solaris.c
 +++ b/pppd/sys-solaris.c
-@@ -2120,12 +2120,18 @@ cifaddr(u, o, h)
+@@ -2119,12 +2119,18 @@ cifaddr(u, o, h)
  * sifdefaultroute - assign a default route through the address given.
  */
 int
--- a/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch
+++ b/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch
@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     }
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -337,6 +337,8 @@ extern int	req_unit;	/* interface unit n
+@@ -336,6 +336,8 @@ extern int	req_unit;	/* interface unit n
 extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */
 extern char	path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
 extern char	path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
--- a/package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch
+++ b/package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch
@ -0,0 +1,56 @@
 --- a/pppd/lcp.c
 +++ b/pppd/lcp.c
@@ -72,6 +72,7 @@ static void lcp_delayed_up __P((void *))
  */
 int	lcp_echo_interval = 0; 	/* Interval between LCP echo-requests */
 int	lcp_echo_fails = 0;	/* Tolerance to unanswered echo-requests */
 +bool	lcp_echo_adaptive = 0;	/* request echo only if the link was idle */
 bool	lax_recv = 0;		/* accept control chars in asyncmap */
 bool	noendpoint = 0;		/* don't send/accept endpoint discriminator */
@@ -150,6 +151,8 @@ static option_t lcp_option_list[] = {
       OPT_PRIO },
     { "lcp-echo-interval", o_int, &lcp_echo_interval,
       "Set time in seconds between LCP echo requests", OPT_PRIO },
 +    { "lcp-echo-adaptive", o_bool, &lcp_echo_adaptive,
 +      "Suppress LCP echo requests if traffic was received", 1 },
     { "lcp-restart", o_int, &lcp_fsm[0].timeouttime,
       "Set time in seconds between LCP retransmissions", OPT_PRIO },
     { "lcp-max-terminate", o_int, &lcp_fsm[0].maxtermtransmits,
@@ -2330,6 +2333,22 @@ LcpSendEchoRequest (f)
 	}
     }
 +    /*
 +     * If adaptive echos have been enabled, only send the echo request if
 +     * no traffic was received since the last one.
 +     */
 +    if (lcp_echo_adaptive) {
 +	static unsigned int last_pkts_in = 0;
 +
 +	update_link_stats(f->unit);
 +	link_stats_valid = 0;
 +
 +	if (link_stats.pkts_in != last_pkts_in) {
 +	    last_pkts_in = link_stats.pkts_in;
 +	    return;
 +	}
 +    }
 +
     /*
      * Make and send the echo request frame.
      */
 --- a/pppd/pppd.8
 +++ b/pppd/pppd.8
@@ -575,6 +575,11 @@ to 1) if the \fIproxyarp\fR option is us
 dynamic IP address option (i.e. set /proc/sys/net/ipv4/ip_dynaddr to
 1) in demand mode if the local address changes.
 .TP
 +.B lcp\-echo\-adaptive
 +If this option is used with the \fIlcp\-echo\-failure\fR option then
 +pppd will send LCP echo\-request frames only if no traffic was received
 +from the peer since the last echo\-request was sent.
 +.TP
 .B lcp\-echo\-failure \fIn
 If this option is given, pppd will presume the peer to be dead
 if \fIn\fR LCP echo\-requests are sent without receiving a valid LCP
--- a/package/network/services/ppp/patches/200-makefile.patch
+++ b/package/network/services/ppp/patches/200-makefile.patch
@ -34,7 +34,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
-@@ -126,10 +126,10 @@ CFLAGS   += -DHAS_SHADOW
+@@ -125,10 +125,10 @@ CFLAGS   += -DHAS_SHADOW
 #LIBS     += -lshadow $(LIBS)
 endif
--- a/package/network/services/ppp/patches/202-no_strip.patch
+++ b/package/network/services/ppp/patches/202-no_strip.patch
@ -19,7 +19,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 clean:
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -108,7 +108,7 @@ ifdef USE_SRP
+@@ -107,7 +107,7 @@ ifdef USE_SRP
 CFLAGS	+= -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
 LIBS	+= -lsrp -L/usr/local/ssl/lib -lcrypto
 TARGETS	+= srp-entry
@ -28,7 +28,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 MANPAGES += srp-entry.8
 EXTRACLEAN += srp-entry.o
 NEEDDES=y
-@@ -220,7 +220,7 @@ all: $(TARGETS)
+@@ -219,7 +219,7 @@ all: $(TARGETS)
 install: pppd
 	mkdir -p $(BINDIR) $(MANDIR)
 	$(EXTRAINSTALL)
--- a/package/network/services/ppp/patches/206-compensate_time_change.patch
+++ b/package/network/services/ppp/patches/206-compensate_time_change.patch
@ -0,0 +1,94 @@
 pppd: Watch out for time warps
 On many embedded systems there is no battery backed RTC and a proper system
 time only becomes available through NTP after establishing a connection.
 When the clock suddenly jumps forward, the internal accounting (connect time)
 is confused resulting in unreliable data.
 This patch implements periodic clock checking to look for time warps, if one
 is detected, the internal counters are adjusted accordingly.
 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 --- a/pppd/main.c
 +++ b/pppd/main.c
@@ -89,6 +89,7 @@
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 +#include <sys/sysinfo.h>
 #include "pppd.h"
 #include "magic.h"
@@ -226,6 +227,7 @@ static struct subprocess *children;
 /* Prototypes for procedures local to this file. */
 +static void check_time(void);
 static void setup_signals __P((void));
 static void create_pidfile __P((int pid));
 static void create_linkpidfile __P((int pid));
@@ -525,6 +527,7 @@ main(argc, argv)
 	    info("Starting link");
 	}
 +	check_time();
 	gettimeofday(&start_time, NULL);
 	script_unsetenv("CONNECT_TIME");
 	script_unsetenv("BYTES_SENT");
@@ -1274,6 +1277,36 @@ struct	callout {
 static struct callout *callout = NULL;	/* Callout list */
 static struct timeval timenow;		/* Current time */
 +static long uptime_diff = 0;
 +static int uptime_diff_set = 0;
 +
 +static void check_time(void)
 +{
 +	long new_diff;
 +	struct timeval t;
 +	struct sysinfo i;
 +    struct callout *p;
 +	
 +	gettimeofday(&t, NULL);
 +	sysinfo(&i);
 +	new_diff = t.tv_sec - i.uptime;
 +	
 +	if (!uptime_diff_set) {
 +		uptime_diff = new_diff;
 +		uptime_diff_set = 1;
 +		return;
 +	}
 +
 +	if ((new_diff - 5 > uptime_diff) || (new_diff + 5 < uptime_diff)) {
 +		/* system time has changed, update counters and timeouts */
 +		info("System time change detected.");
 +		start_time.tv_sec += new_diff - uptime_diff;
 +		
 +    	for (p = callout; p != NULL; p = p->c_next)
 +			p->c_time.tv_sec += new_diff - uptime_diff;
 +	}
 +	uptime_diff = new_diff;
 +}
 /*
  * timeout - Schedule a timeout.
@@ -1344,6 +1377,8 @@ calltimeout()
 {
     struct callout *p;
 +	check_time();
 +	
     while (callout != NULL) {
 	p = callout;
@@ -1371,6 +1406,8 @@ timeleft(tvp)
 {
     if (callout == NULL)
 	return NULL;
 +	
 +	check_time();
     gettimeofday(&timenow, NULL);
     tvp->tv_sec = callout->c_time.tv_sec - timenow.tv_sec;
--- a/package/network/services/ppp/patches/208-fix_status_code.patch
+++ b/package/network/services/ppp/patches/208-fix_status_code.patch
@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -1052,7 +1052,8 @@ get_input()
+@@ -1055,7 +1055,8 @@ get_input()
 	}
 	notice("Modem hangup");
 	hungup = 1;
--- a/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch
+++ b/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch
@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -190,8 +190,8 @@ endif
+@@ -189,8 +189,8 @@ endif
 ifdef FILTER
 ifneq ($(wildcard /usr/include/pcap-bpf.h),)
--- a/package/network/services/ppp/patches/310-precompile_filter.patch
+++ b/package/network/services/ppp/patches/310-precompile_filter.patch
@ -23,7 +23,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 # Uncomment the next line to enable multilink PPP (enabled by default)
 # Linux distributions: Please leave multilink ENABLED in your builds
 # of pppd!
-@@ -195,6 +198,14 @@ CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)
+@@ -194,6 +197,14 @@ CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)
 endif
 endif
@ -77,7 +77,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 #ifdef MAXOCTETS
     { "maxoctets", o_int, &maxoctets,
       "Set connection traffic limit",
-@@ -1516,6 +1532,29 @@ callfile(argv)
+@@ -1511,6 +1527,29 @@ callfile(argv)
     return ok;
 }
--- a/package/network/services/ppp/patches/401-no_record_file.patch
+++ b/package/network/services/ppp/patches/401-no_record_file.patch
@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -326,7 +326,6 @@ extern int	holdoff;	/* Dead time before
+@@ -325,7 +325,6 @@ extern int	holdoff;	/* Dead time before
 extern bool	holdoff_specified; /* true if user gave a holdoff value */
 extern bool	notty;		/* Stdin/out is not a tty */
 extern char	*pty_socket;	/* Socket to connect to pty */
--- a/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch
+++ b/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch
@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -883,14 +883,17 @@ struct protocol_list {
+@@ -886,14 +886,17 @@ struct protocol_list {
     const char	*name;
 } protocol_list[] = {
     { 0x21,	"IP" },
@ -25,7 +25,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x33,	"Stream Protocol ST-II" },
     { 0x35,	"Banyan Vines" },
     { 0x39,	"AppleTalk EDDP" },
-@@ -904,8 +907,11 @@ struct protocol_list {
+@@ -907,8 +910,11 @@ struct protocol_list {
     { 0x49,	"Serial Data Transport Protocol (PPP-SDTP)" },
     { 0x4b,	"SNA over 802.2" },
     { 0x4d,	"SNA" },
@ -37,7 +37,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x53,	"Encryption" },
     { 0x55,	"Individual Link Encryption" },
     { 0x57,	"IPv6" },
-@@ -916,12 +922,15 @@ struct protocol_list {
+@@ -919,12 +925,15 @@ struct protocol_list {
     { 0x65,	"RTP IPHC Compressed non-TCP" },
     { 0x67,	"RTP IPHC Compressed UDP 8" },
     { 0x69,	"RTP IPHC Compressed RTP 8" },
@ -53,7 +53,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x0203,	"IBM Source Routing BPDU" },
     { 0x0205,	"DEC LANBridge100 Spanning Tree" },
     { 0x0207,	"Cisco Discovery Protocol" },
-@@ -933,15 +942,19 @@ struct protocol_list {
+@@ -936,15 +945,19 @@ struct protocol_list {
     { 0x0231,	"Luxcom" },
     { 0x0233,	"Sigma Network Systems" },
     { 0x0235,	"Apple Client Server Protocol" },
@ -73,7 +73,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x4001,	"Cray Communications Control Protocol" },
     { 0x4003,	"CDPD Mobile Network Registration Protocol" },
     { 0x4005,	"Expand accelerator protocol" },
-@@ -952,8 +965,10 @@ struct protocol_list {
+@@ -955,8 +968,10 @@ struct protocol_list {
     { 0x4023,	"RefTek Protocol" },
     { 0x4025,	"Fibre Channel" },
     { 0x4027,	"EMIT Protocols" },
@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x8023,	"OSI Network Layer Control Protocol" },
     { 0x8025,	"Xerox NS IDP Control Protocol" },
     { 0x8027,	"DECnet Phase IV Control Protocol" },
-@@ -962,7 +977,9 @@ struct protocol_list {
+@@ -965,7 +980,9 @@ struct protocol_list {
     { 0x8031,	"Bridging NCP" },
     { 0x8033,	"Stream Protocol Control Protocol" },
     { 0x8035,	"Banyan Vines Control Protocol" },
@ -94,7 +94,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x803f,	"NETBIOS Framing Control Protocol" },
     { 0x8041,	"Cisco Systems Control Protocol" },
     { 0x8043,	"Ascom Timeplex" },
-@@ -971,18 +988,24 @@ struct protocol_list {
+@@ -974,18 +991,24 @@ struct protocol_list {
     { 0x8049,	"Serial Data Control Protocol (PPP-SDCP)" },
     { 0x804b,	"SNA over 802.2 Control Protocol" },
     { 0x804d,	"SNA Control Protocol" },
@ -119,7 +119,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x8207,	"Cisco Discovery Protocol Control" },
     { 0x8209,	"Netcs Twin Routing" },
     { 0x820b,	"STP - Control Protocol" },
-@@ -991,24 +1014,29 @@ struct protocol_list {
+@@ -994,24 +1017,29 @@ struct protocol_list {
     { 0x8281,	"MPLSCP" },
     { 0x8285,	"IEEE p1284.4 standard - Protocol Control" },
     { 0x8287,	"ETSI TETRA TNP1 Control Protocol" },
--- a/package/network/services/ppp/patches/511-syncppp.patch
+++ b/package/network/services/ppp/patches/511-syncppp.patch
@ -0,0 +1,207 @@
 --- a/pppd/chap-new.c
 +++ b/pppd/chap-new.c
@@ -37,6 +37,8 @@
 #include "chap-new.h"
 #include "chap-md5.h"
 +#include "syncppp.h"
 +
 #ifdef CHAPMS
 #include "chap_ms.h"
 #define MDTYPE_ALL (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT | MDTYPE_MD5)
@@ -492,6 +494,19 @@ chap_respond(struct chap_client_state *c
 	p[2] = len >> 8;
 	p[3] = len;
 +    if (npppd > 1) {
 +        if (syncppp(npppd) < 0) {
 +            error("syncppp sync fail");
 +            sem_unlink(SEM_COUNT_NAME);
 +            sem_unlink(SEM_BLOCK_NAME);
 +        } else {
 +            info("syncppp sync succeeded");
 +        }   
 +    } else {
 +        info("syncppp not active");
 +    }
 +
 +
 	output(0, response, PPP_HDRLEN + len);
 }
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
@@ -13,16 +13,16 @@ TARGETS = pppd
 PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap-new.c md5.c ccp.c \
 	   ecp.c ipxcp.c auth.c options.c sys-linux.c md4.c chap_ms.c \
 -	   demand.c utils.c tty.c eap.c chap-md5.c session.c
 +	   demand.c utils.c tty.c eap.c chap-md5.c session.c syncppp.c
 HEADERS = ccp.h session.h chap-new.h ecp.h fsm.h ipcp.h \
 	ipxcp.h lcp.h magic.h md5.h patchlevel.h pathnames.h pppd.h \
 -	upap.h eap.h
 +	upap.h eap.h syncppp.h
 MANPAGES = pppd.8
 PPPDOBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o md5.o ccp.o \
 	   ecp.o auth.o options.o demand.o utils.o sys-linux.o ipxcp.o tty.o \
 -	   eap.o chap-md5.o session.o
 +	   eap.o chap-md5.o session.o syncppp.o
 #
 # include dependencies if present
@@ -33,7 +33,7 @@ endif
 # CC = gcc
 #
 COPTS = -O2 -pipe -Wall -g
 -LIBS =
 +LIBS = -lpthread
 # Uncomment the next line to include support for Microsoft's
 # MS-CHAP authentication protocol.  Also, edit plugins/radius/Makefile.linux.
 --- a/pppd/options.c
 +++ b/pppd/options.c
@@ -128,6 +128,7 @@ bool	dump_options;		/* print out option
 bool	dryrun;			/* print out option values and exit */
 char	*domain;		/* domain name set by domain option */
 int	child_wait = 5;		/* # seconds to wait for children at exit */
 +int	npppd = 0;      /* synchronize between multiple pppd */
 struct userenv *userenv_list;	/* user environment variables */
 int	dfl_route_metric = -1;	/* metric of the default route to set over the PPP link */
@@ -342,6 +343,10 @@ option_t general_options[] = {
       "Set pathname of ipv6-down script",
       OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
 +    { "syncppp", o_int, &npppd,
 +      "sync among multiple pppd when sending chap/pap respond", OPT_PRIO },
 +
 +
 #ifdef HAVE_MULTILINK
     { "multilink", o_bool, &multilink,
       "Enable multilink operation", OPT_PRIO | 1 },
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
@@ -343,6 +343,7 @@ extern char	*bundle_name;	/* bundle name
 extern bool	dump_options;	/* print out option values */
 extern bool	dryrun;		/* check everything, print options, exit */
 extern int	child_wait;	/* # seconds to wait for children at end */
 +extern int npppd;  /* synchronize between multiple pppd */
 #ifdef MAXOCTETS
 extern unsigned int maxoctets;	     /* Maximum octetes per session (in bytes) */
 --- /dev/null
 +++ b/pppd/syncppp.c
@@ -0,0 +1,75 @@
 +#include<stdio.h>
 +#include<semaphore.h>
 +#include<fcntl.h>
 +#include<stdlib.h>
 +#include<time.h>
 +#include<errno.h>
 +#include "pppd.h"
 +#include "syncppp.h"
 +
 +int syncppp(int nproc)
 +{
 +    int flags;
 +    int value;
 +    sem_t *block; 
 +    sem_t *count;
 +    struct timespec ts;
 +
 +    if (nproc <= 1) {
 +        error("syncppp: number of pppd should be larger than 1");
 +        return -1;
 +    }
 +
 +    if (clock_gettime(CLOCK_REALTIME, &ts) == -1) {
 +        error("clock_gettime error");
 +        return -1;
 +    }
 +    ts.tv_sec += SYNCPPP_TIMEOUT;
 +
 +
 +    flags = O_RDWR | O_CREAT;
 +    block = sem_open(SEM_BLOCK_NAME, flags, 0644, 0);
 +    count = sem_open(SEM_COUNT_NAME, flags, 0644, 0);
 +    if (block == SEM_FAILED || count == SEM_FAILED) {
 +        error("syncppp: sem_open failed");
 +        return -1;
 +    }
 +
 +    if (sem_post(count) < 0) {
 +        error("syncppp: sem_post failed");
 +        return -1;
 +    }
 +    if (sem_getvalue(count, &value) < 0) {
 +        error("syncppp: sem_getvalue failed");
 +        return -1;
 +    }
 +    info("%d pppd have arrived, waiting for the left %d", value, nproc-value);
 +    if (value >= nproc) {
 +        while (nproc-1 > 0) {
 +            if (sem_post(block) < 0) {
 +                error("syncppp: sem_post failed");
 +                return -1;
 +            }
 +            nproc--;
 +        }
 +    } else {
 +        if (sem_timedwait(block, &ts) < 0) {
 +            if (errno == ETIMEDOUT) {
 +                error("syncppp: sem_timewait time out");
 +            } else {
 +                error("syncppp: sem_timewait error");
 +            }
 +            return -1;
 +        }
 +
 +    }
 +
 +    sem_close(count);
 +    sem_close(block);
 +
 +    sem_unlink(SEM_COUNT_NAME);
 +    sem_unlink(SEM_BLOCK_NAME);
 +
 +    return 0;
 +}
 +
 --- /dev/null
 +++ b/pppd/syncppp.h
@@ -0,0 +1,3 @@
 +#define SEM_BLOCK_NAME  "block"
 +#define SEM_COUNT_NAME  "count"
 +#define SYNCPPP_TIMEOUT 5
 --- a/pppd/upap.c
 +++ b/pppd/upap.c
@@ -52,6 +52,7 @@
 #include "pppd.h"
 #include "upap.h"
 +#include "syncppp.h"
 static bool hide_password = 1;
@@ -567,6 +568,18 @@ upap_sauthreq(u)
     PUTCHAR(u->us_passwdlen, outp);
     BCOPY(u->us_passwd, outp, u->us_passwdlen);
 +    if (npppd > 1) {
 +        if (syncppp(npppd) < 0) {
 +            error("syncppp sync fail");
 +            sem_unlink(SEM_COUNT_NAME);
 +            sem_unlink(SEM_BLOCK_NAME);
 +        } else {
 +            info("syncppp sync succeeded");
 +        }
 +    } else {
 +        info("syncppp not active");
 +    }   
 +
     output(u->us_unit, outpacket_buf, outlen + PPP_HDRLEN);
     TIMEOUT(upap_timeout, u, u->us_timeouttime);
--- a/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch
+++ b/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch
@ -17,7 +17,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
 +++ b/pppd/Makefile.linux
@@ -35,10 +35,10 @@ endif
 COPTS = -O2 -pipe -Wall -g
- LIBS = -lrt
+ LIBS =
 -# Uncomment the next line to include support for Microsoft's
 +# Uncomment the next 2 lines to include support for Microsoft's
@ -28,7 +28,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
 # Don't use MSLANMAN unless you really know what you're doing.
 #MSLANMAN=y
 # Uncomment the next line to include support for MPPE.  CHAPMS (above) must
-@@ -141,8 +141,7 @@ endif
+@@ -140,8 +140,7 @@ endif
 ifdef NEEDDES
 ifndef USE_CRYPT
--- a/package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch
+++ b/package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch
@ -0,0 +1,30 @@
 From 858976b1fc3107f1261aae337831959b511b83c2 Mon Sep 17 00:00:00 2001
 From: Paul Mackerras <paulus@ozlabs.org>
 Date: Sat, 4 Jan 2020 12:01:32 +1100
 Subject: [PATCH] radius: Prevent buffer overflow in rc_mksid()
 On some systems getpid() can return a value greater than 65535.
 Increase the size of buf[] to allow for this, and use slprintf()
 to make sure we never overflow it.
 Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
 ---
 pppd/plugins/radius/util.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/pppd/plugins/radius/util.c b/pppd/plugins/radius/util.c
 index 6f976a712951..740131e8377c 100644
 --- a/pppd/plugins/radius/util.c
 +++ b/pppd/plugins/radius/util.c
@@ -73,9 +73,9 @@ void rc_mdelay(int msecs)
 char *
 rc_mksid (void)
 {
 -  static char buf[15];
 +  static char buf[32];
   static unsigned short int cnt = 0;
 -  sprintf (buf, "%08lX%04X%02hX",
 +  slprintf(buf, sizeof(buf), "%08lX%04X%02hX",
 	   (unsigned long int) time (NULL),
 	   (unsigned int) getpid (),
 	   cnt & 0xFF);
--- a/package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch
+++ b/package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch
@ -0,0 +1,37 @@
 From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001
 From: Paul Mackerras <paulus@ozlabs.org>
 Date: Mon, 3 Feb 2020 15:53:28 +1100
 Subject: [PATCH] pppd: Fix bounds check in EAP code
 Given that we have just checked vallen < len, it can never be the case
 that vallen >= len + sizeof(rhostname).  This fixes the check so we
 actually avoid overflowing the rhostname array.
 Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
 Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
 ---
 pppd/eap.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/pppd/eap.c b/pppd/eap.c
 index 94407f56a336..1b93db01aebd 100644
 --- a/pppd/eap.c
 +++ b/pppd/eap.c
@@ -1420,7 +1420,7 @@ int len;
 		}
 		/* Not so likely to happen. */
 -		if (vallen >= len + sizeof (rhostname)) {
 +		if (len - vallen >= sizeof (rhostname)) {
 			dbglog("EAP: trimming really long peer name down");
 			BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
 			rhostname[sizeof (rhostname) - 1] = '\0';
@@ -1846,7 +1846,7 @@ int len;
 		}
 		/* Not so likely to happen. */
 -		if (vallen >= len + sizeof (rhostname)) {
 +		if (len - vallen >= sizeof (rhostname)) {
 			dbglog("EAP: trimming really long peer name down");
 			BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
 			rhostname[sizeof (rhostname) - 1] = '\0';
--- a/package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch
+++ b/package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch
@ -0,0 +1,61 @@
 From 8d45443bb5c9372b4c6a362ba2f443d41c5636af Mon Sep 17 00:00:00 2001
 From: Paul Mackerras <paulus@ozlabs.org>
 Date: Mon, 3 Feb 2020 16:31:42 +1100
 Subject: [PATCH] pppd: Ignore received EAP messages when not doing EAP
 This adds some basic checks to the subroutines of eap_input to check
 that we have requested or agreed to doing EAP authentication before
 doing any processing on the received packet.  The motivation is to
 make it harder for a malicious peer to disrupt the operation of pppd
 by sending unsolicited EAP packets.  Note that eap_success() already
 has a check that the EAP client state is reasonable, and does nothing
 (apart from possibly printing a debug message) if not.
 Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
 ---
 pppd/eap.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 diff --git a/pppd/eap.c b/pppd/eap.c
 index 1b93db01aebd..082e95343120 100644
 --- a/pppd/eap.c
 +++ b/pppd/eap.c
@@ -1328,6 +1328,12 @@ int len;
 	int fd;
 #endif /* USE_SRP */
 +	/*
 +	 * Ignore requests if we're not open
 +	 */
 +	if (esp->es_client.ea_state <= eapClosed)
 +		return;
 +
 	/*
 	 * Note: we update es_client.ea_id *only if* a Response
 	 * message is being generated.  Otherwise, we leave it the
@@ -1736,6 +1742,12 @@ int len;
 	u_char dig[SHA_DIGESTSIZE];
 #endif /* USE_SRP */
 +	/*
 +	 * Ignore responses if we're not open
 +	 */
 +	if (esp->es_server.ea_state <= eapClosed)
 +		return;
 +
 	if (esp->es_server.ea_id != id) {
 		dbglog("EAP: discarding Response %d; expected ID %d", id,
 		    esp->es_server.ea_id);
@@ -2047,6 +2059,12 @@ u_char *inp;
 int id;
 int len;
 {
 +	/*
 +	 * Ignore failure messages if we're not open
 +	 */
 +	if (esp->es_client.ea_state <= eapClosed)
 +		return;
 +
 	if (!eap_client_active(esp)) {
 		dbglog("EAP unexpected failure message in state %s (%d)",
 		    eap_state_name(esp->es_client.ea_state),
--- a/package/network/services/shellsync/Makefile
+++ b/package/network/services/shellsync/Makefile
@ -0,0 +1,34 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=shellsync
 PKG_VERSION:=0.2
 PKG_RELEASE:=2
 include $(INCLUDE_DIR)/package.mk
 define Package/shellsync
  CATEGORY:=Utilities
  TITLE:=shellsync
  DEPENDS:=+libpthread +kmod-macvlan
 endef
 define Build/Prepare
 	mkdir -p $(PKG_BUILD_DIR)
 	$(CP) ./src/* $(PKG_BUILD_DIR)/
 endef
 define Package/shellsync/description
 A tool to sync different shell scripts.Based on syncppp patch by morfast.
 endef
 define Build/Compile
 	$(TARGET_CROSS)gcc -pthread -o $(PKG_BUILD_DIR)/shellsync $(PKG_BUILD_DIR)/shellsync.c
 endef
 define Package/shellsync/install
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/shellsync $(1)/usr/bin
 endef
 $(eval $(call BuildPackage,shellsync))
--- a/package/network/services/shellsync/src/shellsync.c
+++ b/package/network/services/shellsync/src/shellsync.c
@ -0,0 +1,106 @@
 /*************************************************************************
 	> File Name: shellsync.c
 	> Author: GuoGuo
 	> Mail: gch981213@gmail.com
 	> Created Time: 2014年11月06日 星期四 19时15分30秒
 ************************************************************************/
 #include<stdio.h>
 #include<semaphore.h>
 #include<fcntl.h>
 #include<stdlib.h>
 #include<time.h>
 #include<errno.h>
 #define SEM_BLOCK_NAME  "SYNCSHELL_block"
 #define SEM_COUNT_NAME  "SYNCSHELL_count"
 int wait_timeout;
 int sync_wait(int nproc)
 {
    int flags;
    int value;
    sem_t *block; 
    sem_t *count;
    struct timespec ts;
    if (nproc <= 1) {
        printf("sync_wait: number of processes should be larger than 1\n");
        return -1;
    }
    if (clock_gettime(CLOCK_REALTIME, &ts) == -1) {
        printf("clock_gettime error\n");
        return -1;
    }
    ts.tv_sec += wait_timeout;
    flags = O_RDWR | O_CREAT;
    block = sem_open(SEM_BLOCK_NAME, flags, 0644, 0);
    count = sem_open(SEM_COUNT_NAME, flags, 0644, 0);
    if (block == SEM_FAILED || count == SEM_FAILED) {
        printf("sync_wait: sem_open failed\n");
        return -1;
    }
    if (sem_post(count) < 0) {
        printf("sync_wait: sem_post failed\n");
        return -1;
    }
    if (sem_getvalue(count, &value) < 0) {
        printf("sync_wait: sem_getvalue failed\n");
        return -1;
    }
    printf("%d processes have arrived, waiting for the left %d\n", value, nproc-value);
    if (value >= nproc) {
        while (nproc-1 > 0) {
            if (sem_post(block) < 0) {
                printf("sync_wait: sem_post failed\n");
                return -1;
            }
            nproc--;
        }
    } else {
        if (sem_timedwait(block, &ts) < 0) {
            if (errno == ETIMEDOUT) {
                printf("sync_wait: sem_timewait time out\n");
            } else {
                printf("sync_wait: sem_timewait error\n");
            }
            return -1;
        }
    }
    sem_close(count);
    sem_close(block);
    sem_unlink(SEM_COUNT_NAME);
    sem_unlink(SEM_BLOCK_NAME);
    return 0;
 }
 int main(int argc,char *argv[])
 {
    if(argc!=3)
    {
        printf("Usage: shellsync <process num> <wait_timeout>\n");
    }
    else
    {
        int proc_num;
        sscanf(argv[1],"%d",&proc_num);
        sscanf(argv[2],"%d",&wait_timeout);
        if(sync_wait(proc_num)<0)
        {
            printf("Processes sync failed.\n");
            sem_unlink(SEM_COUNT_NAME);
            sem_unlink(SEM_BLOCK_NAME);
            return 1;
        }
        else
        {
            printf("Processes sync succeed.\n");
            return 0;
        }
    }
 }