From 46c9581a5fb41716e0ba4dccccd924f6095921b9 Mon Sep 17 00:00:00 2001 From: CN_SZTL <22235437+1715173329@users.noreply.github.com> Date: Sun, 8 Mar 2020 11:55:50 +0800 Subject: [PATCH] ppp: bump to 2.4.8 (#3644) - openwrt/openwrt@983605e pppd: update to 2.4.8 - openwrt/openwrt@3589051 ppp: backport security fixes - openwrt/openwrt@2c3c83e ppp: activate PIE ASLR by default Signed-off-by: CN_SZTL --- package/network/services/ppp/Makefile | 54 ++-- package/network/services/ppp/files/ppp.sh | 13 +- .../ppp/patches/001-honor-ldflags.patch | 39 --- .../ppp/patches/100-debian_ip-ip_option.patch | 22 +- .../patches/101-debian_close_dev_ppp.patch | 2 +- .../patches/103-debian_fix_link_pidfile.patch | 2 +- .../ppp/patches/105-debian_demand.patch | 14 +- .../ppp/patches/110-debian_defaultroute.patch | 65 ++--- .../120-debian_ipv6_updown_option.patch | 18 +- .../121-debian_adaptive_lcp_echo.patch | 8 +- .../services/ppp/patches/130-no_cdefs_h.patch | 11 - .../patches/131-missing_prototype_macro.patch | 23 -- .../ppp/patches/132-fix_linux_includes.patch | 40 --- .../ppp/patches/133-fix_sha1_include.patch | 4 +- .../ppp/patches/140-pppoe_compile_fix.patch | 53 +--- .../services/ppp/patches/200-makefile.patch | 12 +- .../ppp/patches/201-mppe_mppc_1.1.patch | 26 +- .../services/ppp/patches/202-no_strip.patch | 4 +- .../services/ppp/patches/203-opt_flags.patch | 23 +- .../ppp/patches/204-radius_config.patch | 2 +- .../patches/205-no_exponential_timeout.patch | 4 +- .../patches/206-compensate_time_change.patch | 12 +- .../ppp/patches/207-lcp_mtu_max.patch | 2 +- .../ppp/patches/208-fix_status_code.patch | 2 +- .../300-filter-pcap-includes-lib.patch | 2 +- .../ppp/patches/310-precompile_filter.patch | 8 +- .../ppp/patches/320-custom_iface_names.patch | 135 --------- ...multilink_support_custom_iface_names.patch | 22 +- .../330-retain_foreign_default_routes.patch | 2 +- .../340-populate_default_gateway.patch | 6 +- .../patches/400-simplify_kernel_checks.patch | 20 +- .../ppp/patches/401-no_record_file.patch | 6 +- .../services/ppp/patches/403-no_wtmp.patch | 4 +- .../404-remove_obsolete_protocol_names.patch | 16 +- .../ppp/patches/405-no_multilink_option.patch | 2 +- .../services/ppp/patches/511-syncppp.patch | 59 ++-- .../services/ppp/patches/520-uniq.patch | 269 ------------------ .../ppp/patches/530-pppoe_send_padt.patch | 11 - .../531-pppoe_no_disconnect_warning.patch | 14 - .../patches/540-save-pppol2tp_fd_str.patch | 6 +- .../ppp/patches/550-fix-printer-args.patch | 11 - ...openssl-for-the-DES-instead-of-the-l.patch | 94 ++++++ ...-Prevent-buffer-overflow-in-rc_mksid.patch | 30 ++ ...01-pppd-Fix-bounds-check-in-EAP-code.patch | 37 +++ ...ived-EAP-messages-when-not-doing-EAP.patch | 61 ++++ 45 files changed, 461 insertions(+), 809 deletions(-) delete mode 100644 package/network/services/ppp/patches/001-honor-ldflags.patch delete mode 100644 package/network/services/ppp/patches/130-no_cdefs_h.patch delete mode 100644 package/network/services/ppp/patches/131-missing_prototype_macro.patch delete mode 100644 package/network/services/ppp/patches/132-fix_linux_includes.patch delete mode 100644 package/network/services/ppp/patches/320-custom_iface_names.patch delete mode 100644 package/network/services/ppp/patches/520-uniq.patch delete mode 100644 package/network/services/ppp/patches/530-pppoe_send_padt.patch delete mode 100644 package/network/services/ppp/patches/531-pppoe_no_disconnect_warning.patch delete mode 100644 package/network/services/ppp/patches/550-fix-printer-args.patch create mode 100644 package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch create mode 100644 package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch create mode 100644 package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch create mode 100644 package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch diff --git a/package/network/services/ppp/Makefile b/package/network/services/ppp/Makefile index 0a4551c76..421ca1021 100644 --- a/package/network/services/ppp/Makefile +++ b/package/network/services/ppp/Makefile @@ -9,20 +9,22 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=ppp -PKG_VERSION:=2.4.7 -PKG_RELEASE:=15 +PKG_RELEASE:=3 -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://download.samba.org/pub/ppp/ -PKG_HASH:=02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30 +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/paulusmack/ppp +PKG_SOURCE_VERSION:=78cd384ce0f48bb5edb84e4fe9a574eab4a4ad14 +PKG_MIRROR_HASH:=cf284c312b0c90974d11f8aeece173bcac8475f5b810911f4feb2c5a4db263fe PKG_MAINTAINER:=Felix Fietkau PKG_LICENSE:=BSD-4-Clause PKG_CPE_ID:=cpe:/a:samba:ppp -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) +PKG_RELEASE_VERSION:=2.4.8 +PKG_VERSION:=$(PKG_RELEASE_VERSION) PKG_BUILD_DEPENDS:=libpcap +PKG_ASLR_PIE_REGULAR:=1 PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 @@ -36,7 +38,7 @@ endef define Package/ppp $(call Package/ppp/Default) - DEPENDS:=+kmod-ppp +kmod-mppe +libpthread +shellsync + DEPENDS:=+kmod-ppp +libpthread +shellsync TITLE:=PPP daemon VARIANT:=default endef @@ -215,7 +217,7 @@ define Package/ppp/script_install endef define Package/ppp/install - $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_VERSION) + $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION) $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/pppd $(1)/usr/sbin/ $(INSTALL_DIR) $(1)/etc/ppp @@ -232,21 +234,21 @@ endef Package/ppp-multilink/install=$(Package/ppp/install) define Package/ppp-mod-pppoa/install - $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_VERSION) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_VERSION)/pppoatm.so \ - $(1)/usr/lib/pppd/$(PKG_VERSION)/ + $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION) + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/pppoatm.so \ + $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/ endef define Package/ppp-mod-pppoe/install - $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_VERSION) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_VERSION)/rp-pppoe.so \ - $(1)/usr/lib/pppd/$(PKG_VERSION)/ + $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION) + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/rp-pppoe.so \ + $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/ endef define Package/ppp-mod-radius/install - $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_VERSION) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_VERSION)/radius.so \ - $(1)/usr/lib/pppd/$(PKG_VERSION)/ + $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION) + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/radius.so \ + $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/ $(INSTALL_DIR) $(1)/etc/ppp $(INSTALL_DATA) ./files/etc/ppp/radius.conf $(1)/etc/ppp/ $(INSTALL_DIR) $(1)/etc/ppp/radius @@ -257,23 +259,23 @@ define Package/ppp-mod-radius/install endef define Package/ppp-mod-pppol2tp/install - $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_VERSION) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_VERSION)/pppol2tp.so \ - $(1)/usr/lib/pppd/$(PKG_VERSION)/ + $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION) + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/pppol2tp.so \ + $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/ endef define Package/ppp-mod-pptp/install - $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_VERSION) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_VERSION)/pptp.so \ - $(1)/usr/lib/pppd/$(PKG_VERSION)/ + $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION) + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/pptp.so \ + $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/ $(INSTALL_DIR) $(1)/etc/ppp $(INSTALL_DATA) ./files/etc/ppp/options.pptp $(1)/etc/ppp/ endef define Package/ppp-mod-passwordfd/install - $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_VERSION) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_VERSION)/passwordfd.so \ - $(1)/usr/lib/pppd/$(PKG_VERSION)/ + $(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION) + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/passwordfd.so \ + $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/ endef define Package/chat/install diff --git a/package/network/services/ppp/files/ppp.sh b/package/network/services/ppp/files/ppp.sh index b56b83c72..0fe29993e 100755 --- a/package/network/services/ppp/files/ppp.sh +++ b/package/network/services/ppp/files/ppp.sh @@ -89,6 +89,7 @@ ppp_generic_setup() { local localip json_get_vars ipv6 ip6table demand keepalive keepalive_adaptive username password pppd_options pppname unnumbered persist maxfail holdoff peerdns + if [ "$ipv6" = 0 ]; then ipv6="" elif [ -z "$ipv6" -o "$ipv6" = auto ]; then @@ -207,6 +208,9 @@ proto_pppoe_init_config() { proto_config_add_string "ac" proto_config_add_string "service" proto_config_add_string "host_uniq" + proto_config_add_int "padi_attempts" + proto_config_add_int "padi_timeout" + lasterror=1 } @@ -224,20 +228,25 @@ proto_pppoe_setup() { json_get_var ac ac json_get_var service service json_get_var host_uniq host_uniq + json_get_var padi_attempts padi_attempts + json_get_var padi_timeout padi_timeout -#By 蝈蝈:并发拨号同步的前期准备 +#By 铦堣潏锛氬苟鍙戞嫧鍙峰悓姝ョ殑鍓嶆湡鍑嗗 syncppp_option="" [ "$(uci get syncdial.config.enabled)" == "1" ] && { ppp_if_cnt=$(cat /etc/config/network | grep -c "proto 'pppoe'") syncppp_option="syncppp $ppp_if_cnt" shellsync $ppp_if_cnt 10 } - ppp_generic_setup "$config" \ + + ppp_generic_setup "$config" \ $syncppp_option \ plugin rp-pppoe.so \ ${ac:+rp_pppoe_ac "$ac"} \ ${service:+rp_pppoe_service "$service"} \ ${host_uniq:+host-uniq "$host_uniq"} \ + ${padi_attempts:+pppoe-padi-attempts $padi_attempts} \ + ${padi_timeout:+pppoe-padi-timeout $padi_timeout} \ "nic-$iface" } diff --git a/package/network/services/ppp/patches/001-honor-ldflags.patch b/package/network/services/ppp/patches/001-honor-ldflags.patch deleted file mode 100644 index fae66a5ec..000000000 --- a/package/network/services/ppp/patches/001-honor-ldflags.patch +++ /dev/null @@ -1,39 +0,0 @@ ---- a/pppd/plugins/radius/Makefile.linux -+++ b/pppd/plugins/radius/Makefile.linux -@@ -43,13 +43,13 @@ install: all - $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR) - - radius.so: radius.o libradiusclient.a -- $(CC) -o radius.so -shared radius.o libradiusclient.a -+ $(CC) $(CFLAGS) -o radius.so -shared radius.o libradiusclient.a - - radattr.so: radattr.o -- $(CC) -o radattr.so -shared radattr.o -+ $(CC) $(CFLAGS) -o radattr.so -shared radattr.o - - radrealms.so: radrealms.o -- $(CC) -o radrealms.so -shared radrealms.o -+ $(CC) $(CFLAGS) -o radrealms.so -shared radrealms.o - - CLIENTOBJS = avpair.o buildreq.o config.o dict.o ip_util.o \ - clientid.o sendserver.o lock.o util.o md5.o ---- a/pppd/plugins/rp-pppoe/Makefile.linux -+++ b/pppd/plugins/rp-pppoe/Makefile.linux -@@ -30,7 +30,7 @@ CFLAGS=$(COPTS) -I../../../include '-DRP - all: rp-pppoe.so pppoe-discovery - - pppoe-discovery: pppoe-discovery.o debug.o -- $(CC) -o pppoe-discovery pppoe-discovery.o debug.o -+ $(CC) $(CFLAGS) -o pppoe-discovery pppoe-discovery.o debug.o - - pppoe-discovery.o: pppoe-discovery.c - $(CC) $(CFLAGS) -c -o pppoe-discovery.o pppoe-discovery.c -@@ -39,7 +39,7 @@ debug.o: debug.c - $(CC) $(CFLAGS) -c -o debug.o debug.c - - rp-pppoe.so: plugin.o discovery.o if.o common.o -- $(CC) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o -+ $(CC) $(CFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o - - install: all - $(INSTALL) -d -m 755 $(LIBDIR) diff --git a/package/network/services/ppp/patches/100-debian_ip-ip_option.patch b/package/network/services/ppp/patches/100-debian_ip-ip_option.patch index 703311fb4..335ce72b0 100644 --- a/package/network/services/ppp/patches/100-debian_ip-ip_option.patch +++ b/package/network/services/ppp/patches/100-debian_ip-ip_option.patch @@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/ipcp.c +++ b/pppd/ipcp.c -@@ -1958,7 +1958,7 @@ ipcp_up(f) +@@ -1957,7 +1957,7 @@ ipcp_up(f) */ if (ipcp_script_state == s_down && ipcp_script_pid == 0) { ipcp_script_state = s_up; @@ -21,7 +21,7 @@ Signed-off-by: Jo-Philipp Wich } } -@@ -2008,7 +2008,7 @@ ipcp_down(f) +@@ -2007,7 +2007,7 @@ ipcp_down(f) /* Execute the ip-down script */ if (ipcp_script_state == s_up && ipcp_script_pid == 0) { ipcp_script_state = s_down; @@ -30,7 +30,7 @@ Signed-off-by: Jo-Philipp Wich } } -@@ -2062,13 +2062,13 @@ ipcp_script_done(arg) +@@ -2061,13 +2061,13 @@ ipcp_script_done(arg) case s_up: if (ipcp_fsm[0].state != OPENED) { ipcp_script_state = s_down; @@ -48,7 +48,7 @@ Signed-off-by: Jo-Philipp Wich } --- a/pppd/main.c +++ b/pppd/main.c -@@ -316,6 +316,9 @@ main(argc, argv) +@@ -306,6 +306,9 @@ main(argc, argv) struct protent *protp; char numbuf[16]; @@ -60,18 +60,18 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/options.c +++ b/pppd/options.c -@@ -114,6 +114,8 @@ char linkname[MAXPATHLEN]; /* logical na - bool tune_kernel; /* may alter kernel settings */ +@@ -117,6 +117,8 @@ bool tune_kernel; /* may alter kernel s int connect_delay = 1000; /* wait this many ms after connect script */ int req_unit = -1; /* requested interface unit */ + char req_ifname[MAXIFNAMELEN]; /* requested interface name */ +char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */ +char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */ bool multilink = 0; /* Enable multilink operation */ char *bundle_name = NULL; /* bundle name for multilink */ bool dump_options; /* print out option values */ -@@ -299,6 +301,13 @@ option_t general_options[] = { - "Unset user environment variable", - OPT_A2PRINTER | OPT_NOPRINT, (void *)user_unsetprint }, +@@ -316,6 +318,13 @@ option_t general_options[] = { + "Metric to use for the default route (Linux only; -1 for default behavior)", + OPT_PRIV|OPT_LLIMIT|OPT_INITONLY, NULL, 0, -1 }, + { "ip-up-script", o_string, path_ipup, + "Set pathname of ip-up script", @@ -85,10 +85,10 @@ Signed-off-by: Jo-Philipp Wich "Enable multilink operation", OPT_PRIO | 1 }, --- a/pppd/pppd.h +++ b/pppd/pppd.h -@@ -318,6 +318,8 @@ extern bool tune_kernel; /* May alter ke - extern int connect_delay; /* Time to delay after connect script */ +@@ -334,6 +334,8 @@ extern int connect_delay; /* Time to del extern int max_data_rate; /* max bytes/sec through charshunt */ extern int req_unit; /* interface unit number to use */ + extern char req_ifname[MAXIFNAMELEN]; /* interface name to use */ +extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */ +extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */ extern bool multilink; /* enable multilink operation */ diff --git a/package/network/services/ppp/patches/101-debian_close_dev_ppp.patch b/package/network/services/ppp/patches/101-debian_close_dev_ppp.patch index 629c23254..62830179b 100644 --- a/package/network/services/ppp/patches/101-debian_close_dev_ppp.patch +++ b/package/network/services/ppp/patches/101-debian_close_dev_ppp.patch @@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/sys-linux.c +++ b/pppd/sys-linux.c -@@ -458,6 +458,13 @@ int generic_establish_ppp (int fd) +@@ -467,6 +467,13 @@ int generic_establish_ppp (int fd) if (new_style_driver) { int flags; diff --git a/package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch b/package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch index d5d5851d4..5a764ab9b 100644 --- a/package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch +++ b/package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch @@ -11,7 +11,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/main.c +++ b/pppd/main.c -@@ -773,8 +773,7 @@ detach() +@@ -780,8 +780,7 @@ detach() /* update pid files if they have been written already */ if (pidfilename[0]) create_pidfile(pid); diff --git a/package/network/services/ppp/patches/105-debian_demand.patch b/package/network/services/ppp/patches/105-debian_demand.patch index 2502d4968..c68bafa8d 100644 --- a/package/network/services/ppp/patches/105-debian_demand.patch +++ b/package/network/services/ppp/patches/105-debian_demand.patch @@ -18,7 +18,7 @@ #ifdef PPP_FILTER #include #endif -@@ -221,6 +225,14 @@ loop_chars(p, n) +@@ -220,6 +224,14 @@ loop_chars(p, n) int c, rv; rv = 0; @@ -33,7 +33,7 @@ for (; n > 0; --n) { c = *p++; if (c == PPP_FLAG) { -@@ -299,17 +311,102 @@ loop_frame(frame, len) +@@ -298,17 +310,102 @@ loop_frame(frame, len) * loopback, now that the real serial link is up. */ void @@ -139,7 +139,7 @@ } else { --- a/pppd/ipcp.c +++ b/pppd/ipcp.c -@@ -1883,7 +1883,7 @@ ipcp_up(f) +@@ -1882,7 +1882,7 @@ ipcp_up(f) proxy_arp_set[f->unit] = 1; } @@ -150,9 +150,9 @@ } else { --- a/pppd/ipv6cp.c +++ b/pppd/ipv6cp.c -@@ -1232,7 +1232,7 @@ ipv6cp_up(f) - } - +@@ -1252,7 +1252,7 @@ ipv6cp_up(f) + if (sif6defaultroute(f->unit, go->ourid, ho->hisid)) + default_route_set[f->unit] = 1; } - demand_rexmit(PPP_IPV6); + demand_rexmit(PPP_IPV6,0); @@ -161,7 +161,7 @@ } else { --- a/pppd/pppd.h +++ b/pppd/pppd.h -@@ -585,7 +585,7 @@ void demand_conf __P((void)); /* config +@@ -601,7 +601,7 @@ void demand_conf __P((void)); /* config void demand_block __P((void)); /* set all NPs to queue up packets */ void demand_unblock __P((void)); /* set all NPs to pass packets */ void demand_discard __P((void)); /* set all NPs to discard packets */ diff --git a/package/network/services/ppp/patches/110-debian_defaultroute.patch b/package/network/services/ppp/patches/110-debian_defaultroute.patch index 1005c59ab..38739a524 100644 --- a/package/network/services/ppp/patches/110-debian_defaultroute.patch +++ b/package/network/services/ppp/patches/110-debian_defaultroute.patch @@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/ipcp.c +++ b/pppd/ipcp.c -@@ -198,6 +198,14 @@ static option_t ipcp_option_list[] = { +@@ -197,6 +197,14 @@ static option_t ipcp_option_list[] = { "disable defaultroute option", OPT_ALIAS | OPT_A2CLR, &ipcp_wantoptions[0].default_route }, @@ -27,7 +27,7 @@ Signed-off-by: Jo-Philipp Wich { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, -@@ -271,7 +279,7 @@ struct protent ipcp_protent = { +@@ -270,7 +278,7 @@ struct protent ipcp_protent = { ip_active_pkt }; @@ -36,7 +36,7 @@ Signed-off-by: Jo-Philipp Wich static void ipcp_script __P((char *, int)); /* Run an up/down script */ static void ipcp_script_done __P((void *)); -@@ -1761,7 +1769,8 @@ ip_demand_conf(u) +@@ -1760,7 +1768,8 @@ ip_demand_conf(u) if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) return 0; if (wo->default_route) @@ -46,7 +46,7 @@ Signed-off-by: Jo-Philipp Wich default_route_set[u] = 1; if (wo->proxy_arp) if (sifproxyarp(u, wo->hisaddr)) -@@ -1849,7 +1858,8 @@ ipcp_up(f) +@@ -1848,7 +1857,8 @@ ipcp_up(f) */ if (demand) { if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { @@ -56,7 +56,7 @@ Signed-off-by: Jo-Philipp Wich if (go->ouraddr != wo->ouraddr) { warn("Local IP address changed to %I", go->ouraddr); script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); -@@ -1874,7 +1884,8 @@ ipcp_up(f) +@@ -1873,7 +1883,8 @@ ipcp_up(f) /* assign a default route through the interface if required */ if (ipcp_wantoptions[f->unit].default_route) @@ -66,7 +66,7 @@ Signed-off-by: Jo-Philipp Wich default_route_set[f->unit] = 1; /* Make a proxy ARP entry if requested. */ -@@ -1924,7 +1935,8 @@ ipcp_up(f) +@@ -1923,7 +1934,8 @@ ipcp_up(f) /* assign a default route through the interface if required */ if (ipcp_wantoptions[f->unit].default_route) @@ -76,7 +76,7 @@ Signed-off-by: Jo-Philipp Wich default_route_set[f->unit] = 1; /* Make a proxy ARP entry if requested. */ -@@ -2002,7 +2014,7 @@ ipcp_down(f) +@@ -2001,7 +2013,7 @@ ipcp_down(f) sifnpmode(f->unit, PPP_IP, NPMODE_DROP); sifdown(f->unit); ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, @@ -85,7 +85,7 @@ Signed-off-by: Jo-Philipp Wich } /* Execute the ip-down script */ -@@ -2018,16 +2030,25 @@ ipcp_down(f) +@@ -2017,16 +2029,25 @@ ipcp_down(f) * proxy arp entries, etc. */ static void @@ -125,9 +125,9 @@ Signed-off-by: Jo-Philipp Wich bool old_vj; /* use old (short) form of VJ option? */ --- a/pppd/pppd.8 +++ b/pppd/pppd.8 -@@ -121,6 +121,11 @@ the gateway, when IPCP negotiation is su +@@ -133,6 +133,11 @@ the gateway, when IPv6CP negotiation is This entry is removed when the PPP connection is broken. This option - is privileged if the \fInodefaultroute\fR option has been specified. + is privileged if the \fInodefaultroute6\fR option has been specified. .TP +.B replacedefaultroute +This option is a flag to the defaultroute option. If defaultroute is @@ -137,7 +137,7 @@ Signed-off-by: Jo-Philipp Wich .B disconnect \fIscript Execute the command specified by \fIscript\fR, by passing it to a shell, after -@@ -734,7 +739,12 @@ disable both forms of hardware flow cont +@@ -746,7 +751,12 @@ disable both forms of hardware flow cont .TP .B nodefaultroute Disable the \fIdefaultroute\fR option. The system administrator who @@ -150,10 +150,10 @@ Signed-off-by: Jo-Philipp Wich +wishes to prevent users from replacing a default route with pppd can do so by placing this option in the /etc/ppp/options file. .TP - .B nodeflate + .B nodefaultroute6 --- a/pppd/pppd.h +++ b/pppd/pppd.h -@@ -667,7 +667,7 @@ int sif6addr __P((int, eui64_t, eui64_t +@@ -683,7 +683,7 @@ int sif6addr __P((int, eui64_t, eui64_t int cif6addr __P((int, eui64_t, eui64_t)); /* Remove an IPv6 address from i/f */ #endif @@ -164,16 +164,16 @@ Signed-off-by: Jo-Philipp Wich /* Delete default route through i/f */ --- a/pppd/sys-linux.c +++ b/pppd/sys-linux.c -@@ -207,6 +207,8 @@ static unsigned char inbuf[512]; /* buff - static int if_is_up; /* Interface has been marked up */ +@@ -209,6 +209,8 @@ static int if_is_up; /* Interface has be static int if6_is_up; /* Interface has been marked up for IPv6, to help differentiate */ static int have_default_route; /* Gateway for default route added */ + static int have_default_route6; /* Gateway for default IPv6 route added */ +static struct rtentry old_def_rt; /* Old default route */ +static int default_rt_repl_rest; /* replace and restore old default rt */ static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ static char proxy_arp_dev[16]; /* Device for proxy arp entry */ static u_int32_t our_old_addr; /* for detecting address changes */ -@@ -1552,6 +1554,9 @@ static int read_route_table(struct rtent +@@ -1577,6 +1579,9 @@ static int read_route_table(struct rtent p = NULL; } @@ -183,7 +183,7 @@ Signed-off-by: Jo-Philipp Wich SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); -@@ -1621,20 +1626,51 @@ int have_route_to(u_int32_t addr) +@@ -1649,20 +1654,52 @@ int have_route_to(u_int32_t addr) /******************************************************************** * * sifdefaultroute - assign a default route through the address given. @@ -193,10 +193,10 @@ Signed-off-by: Jo-Philipp Wich -{ - struct rtentry rt; - -- if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) { +- if (defaultroute_exists(&rt, dfl_route_metric) && strcmp(rt.rt_dev, ifname) != 0) { - if (rt.rt_flags & RTF_GATEWAY) -- error("not replacing existing default route via %I", -- SIN_ADDR(rt.rt_gateway)); +- error("not replacing existing default route via %I with metric %d", +- SIN_ADDR(rt.rt_gateway), dfl_route_metric); - else + * + * If the global default_rt_repl_rest flag is set, then this function @@ -218,16 +218,16 @@ Signed-off-by: Jo-Philipp Wich + are called again, we will delete the current default route + and set the new default route in this function. + - this is normally only the case the doing demand: */ -+ if (defaultroute_exists(&tmp_rt)) ++ if (defaultroute_exists(&tmp_rt, dfl_route_metric)) + del_rt = &tmp_rt; -+ } else if (defaultroute_exists(&old_def_rt) && ++ } else if (defaultroute_exists(&old_def_rt, dfl_route_metric) && + strcmp(old_def_rt.rt_dev, ifname) != 0) { + /* We did not yet replace an existing default route, let's + check if we should save and replace a default route: */ + if (old_def_rt.rt_flags & RTF_GATEWAY) { + if (!replace) { -+ error("not replacing existing default route via %I", -+ SIN_ADDR(old_def_rt.rt_gateway)); ++ error("not replacing existing default route via %I with metric %d", ++ SIN_ADDR(old_def_rt.rt_gateway), dfl_route_metric); + return 0; + } else { + /* we need to copy rt_dev because we need it permanent too: */ @@ -235,20 +235,21 @@ Signed-off-by: Jo-Philipp Wich + strcpy(tmp_dev, old_def_rt.rt_dev); + old_def_rt.rt_dev = tmp_dev; + -+ notice("replacing old default route to %s [%I]", -+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); ++ notice("replacing old default route to %s [%I] with metric %d", ++ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway), ++ dfl_route_metric); + default_rt_repl_rest = 1; + del_rt = &old_def_rt; + } + } else - error("not replacing existing default route through %s", -- rt.rt_dev); + error("not replacing existing default route through %s with metric %d", +- rt.rt_dev, dfl_route_metric); - return 0; -+ old_def_rt.rt_dev); ++ old_def_rt.rt_dev, dfl_route_metric); } memset (&rt, 0, sizeof (rt)); -@@ -1649,10 +1685,16 @@ int sifdefaultroute (int unit, u_int32_t +@@ -1678,10 +1715,16 @@ int sifdefaultroute (int unit, u_int32_t rt.rt_flags = RTF_UP; if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) { @@ -266,7 +267,7 @@ Signed-off-by: Jo-Philipp Wich have_default_route = 1; return 1; -@@ -1683,11 +1725,21 @@ int cifdefaultroute (int unit, u_int32_t +@@ -1715,11 +1758,21 @@ int cifdefaultroute (int unit, u_int32_t rt.rt_flags = RTF_UP; if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) { if (still_ppp()) { @@ -291,7 +292,7 @@ Signed-off-by: Jo-Philipp Wich } --- a/pppd/sys-solaris.c +++ b/pppd/sys-solaris.c -@@ -2039,12 +2039,18 @@ cifaddr(u, o, h) +@@ -2119,12 +2119,18 @@ cifaddr(u, o, h) * sifdefaultroute - assign a default route through the address given. */ int diff --git a/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch b/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch index a575df5f5..4a9ca7d5e 100644 --- a/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch +++ b/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch @@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/main.c +++ b/pppd/main.c -@@ -318,6 +318,8 @@ main(argc, argv) +@@ -308,6 +308,8 @@ main(argc, argv) strlcpy(path_ipup, _PATH_IPUP, sizeof(path_ipup)); strlcpy(path_ipdown, _PATH_IPDOWN, sizeof(path_ipdown)); @@ -23,8 +23,8 @@ Signed-off-by: Jo-Philipp Wich new_phase(PHASE_INITIALIZE); --- a/pppd/options.c +++ b/pppd/options.c -@@ -116,6 +116,8 @@ int connect_delay = 1000; /* wait this m - int req_unit = -1; /* requested interface unit */ +@@ -119,6 +119,8 @@ int req_unit = -1; /* requested interfa + char req_ifname[MAXIFNAMELEN]; /* requested interface name */ char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */ char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */ +char path_ipv6up[MAXPATHLEN]; /* pathname of ipv6-up script */ @@ -32,7 +32,7 @@ Signed-off-by: Jo-Philipp Wich bool multilink = 0; /* Enable multilink operation */ char *bundle_name = NULL; /* bundle name for multilink */ bool dump_options; /* print out option values */ -@@ -308,6 +310,13 @@ option_t general_options[] = { +@@ -325,6 +327,13 @@ option_t general_options[] = { "Set pathname of ip-down script", OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN }, @@ -48,7 +48,7 @@ Signed-off-by: Jo-Philipp Wich "Enable multilink operation", OPT_PRIO | 1 }, --- a/pppd/ipv6cp.c +++ b/pppd/ipv6cp.c -@@ -1269,7 +1269,7 @@ ipv6cp_up(f) +@@ -1294,7 +1294,7 @@ ipv6cp_up(f) */ if (ipv6cp_script_state == s_down && ipv6cp_script_pid == 0) { ipv6cp_script_state = s_up; @@ -57,7 +57,7 @@ Signed-off-by: Jo-Philipp Wich } } -@@ -1321,7 +1321,7 @@ ipv6cp_down(f) +@@ -1346,7 +1346,7 @@ ipv6cp_down(f) /* Execute the ipv6-down script */ if (ipv6cp_script_state == s_up && ipv6cp_script_pid == 0) { ipv6cp_script_state = s_down; @@ -66,7 +66,7 @@ Signed-off-by: Jo-Philipp Wich } } -@@ -1364,13 +1364,13 @@ ipv6cp_script_done(arg) +@@ -1389,13 +1389,13 @@ ipv6cp_script_done(arg) case s_up: if (ipv6cp_fsm[0].state != OPENED) { ipv6cp_script_state = s_down; @@ -84,8 +84,8 @@ Signed-off-by: Jo-Philipp Wich } --- a/pppd/pppd.h +++ b/pppd/pppd.h -@@ -320,6 +320,8 @@ extern int max_data_rate; /* max bytes/s - extern int req_unit; /* interface unit number to use */ +@@ -336,6 +336,8 @@ extern int req_unit; /* interface unit n + extern char req_ifname[MAXIFNAMELEN]; /* interface name to use */ extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */ extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */ +extern char path_ipv6up[MAXPATHLEN]; /* pathname of ipv6-up script */ diff --git a/package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch b/package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch index b7a62406d..510c96ba9 100644 --- a/package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch +++ b/package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch @@ -1,6 +1,6 @@ --- a/pppd/lcp.c +++ b/pppd/lcp.c -@@ -73,6 +73,7 @@ static void lcp_delayed_up __P((void *)) +@@ -72,6 +72,7 @@ static void lcp_delayed_up __P((void *)) */ int lcp_echo_interval = 0; /* Interval between LCP echo-requests */ int lcp_echo_fails = 0; /* Tolerance to unanswered echo-requests */ @@ -8,7 +8,7 @@ bool lax_recv = 0; /* accept control chars in asyncmap */ bool noendpoint = 0; /* don't send/accept endpoint discriminator */ -@@ -151,6 +152,8 @@ static option_t lcp_option_list[] = { +@@ -150,6 +151,8 @@ static option_t lcp_option_list[] = { OPT_PRIO }, { "lcp-echo-interval", o_int, &lcp_echo_interval, "Set time in seconds between LCP echo requests", OPT_PRIO }, @@ -17,7 +17,7 @@ { "lcp-restart", o_int, &lcp_fsm[0].timeouttime, "Set time in seconds between LCP retransmissions", OPT_PRIO }, { "lcp-max-terminate", o_int, &lcp_fsm[0].maxtermtransmits, -@@ -2331,6 +2334,22 @@ LcpSendEchoRequest (f) +@@ -2330,6 +2333,22 @@ LcpSendEchoRequest (f) } } @@ -42,7 +42,7 @@ */ --- a/pppd/pppd.8 +++ b/pppd/pppd.8 -@@ -563,6 +563,11 @@ to 1) if the \fIproxyarp\fR option is us +@@ -575,6 +575,11 @@ to 1) if the \fIproxyarp\fR option is us dynamic IP address option (i.e. set /proc/sys/net/ipv4/ip_dynaddr to 1) in demand mode if the local address changes. .TP diff --git a/package/network/services/ppp/patches/130-no_cdefs_h.patch b/package/network/services/ppp/patches/130-no_cdefs_h.patch deleted file mode 100644 index caa892ec6..000000000 --- a/package/network/services/ppp/patches/130-no_cdefs_h.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/pppd/plugins/rp-pppoe/config.h -+++ b/pppd/plugins/rp-pppoe/config.h -@@ -102,7 +102,7 @@ - #define HAVE_NETPACKET_PACKET_H 1 - - /* Define if you have the header file. */ --#define HAVE_SYS_CDEFS_H 1 -+/* #undef HAVE_SYS_CDEFS_H */ - - /* Define if you have the header file. */ - /* #undef HAVE_SYS_DLPI_H */ diff --git a/package/network/services/ppp/patches/131-missing_prototype_macro.patch b/package/network/services/ppp/patches/131-missing_prototype_macro.patch deleted file mode 100644 index 868a08b60..000000000 --- a/package/network/services/ppp/patches/131-missing_prototype_macro.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- a/pppd/pppd.h -+++ b/pppd/pppd.h -@@ -67,6 +67,9 @@ - #define volatile - #endif - -+#undef __P -+#define __P(args) args -+ - #ifdef INET6 - #include "eui64.h" - #endif ---- a/pppd/magic.h -+++ b/pppd/magic.h -@@ -42,6 +42,8 @@ - * $Id: magic.h,v 1.5 2003/06/11 23:56:26 paulus Exp $ - */ - -+#include "pppd.h" -+ - void magic_init __P((void)); /* Initialize the magic number generator */ - u_int32_t magic __P((void)); /* Returns the next magic number */ - diff --git a/package/network/services/ppp/patches/132-fix_linux_includes.patch b/package/network/services/ppp/patches/132-fix_linux_includes.patch deleted file mode 100644 index 696dad119..000000000 --- a/package/network/services/ppp/patches/132-fix_linux_includes.patch +++ /dev/null @@ -1,40 +0,0 @@ ---- a/pppd/sys-linux.c -+++ b/pppd/sys-linux.c -@@ -73,12 +73,12 @@ - #include - #include - #include --#include - #include - #include - #include - #include - -+#include - #include - #include - #include -@@ -102,22 +102,15 @@ - #define MAX_ADDR_LEN 7 - #endif - --#if __GLIBC__ >= 2 - #include /* glibc 2 conflicts with linux/types.h */ - #include - #include - #include - #include --#else --#include --#include --#include --#include --#include --#endif - #include - #include - -+#include - #include - #include - diff --git a/package/network/services/ppp/patches/133-fix_sha1_include.patch b/package/network/services/ppp/patches/133-fix_sha1_include.patch index b5ccd0852..357d95144 100644 --- a/package/network/services/ppp/patches/133-fix_sha1_include.patch +++ b/package/network/services/ppp/patches/133-fix_sha1_include.patch @@ -1,8 +1,8 @@ --- a/pppd/sha1.c +++ b/pppd/sha1.c -@@ -18,7 +18,7 @@ - +@@ -19,7 +19,7 @@ #include + #include #include /* htonl() */ -#include +#include "pppd.h" diff --git a/package/network/services/ppp/patches/140-pppoe_compile_fix.patch b/package/network/services/ppp/patches/140-pppoe_compile_fix.patch index d9c9b83a3..2253d4f3c 100644 --- a/package/network/services/ppp/patches/140-pppoe_compile_fix.patch +++ b/package/network/services/ppp/patches/140-pppoe_compile_fix.patch @@ -1,7 +1,7 @@ --- a/pppd/plugins/rp-pppoe/pppoe.h +++ b/pppd/plugins/rp-pppoe/pppoe.h @@ -48,11 +48,7 @@ - #endif + #include /* Ugly header files on some Linux boxes... */ -#if defined(HAVE_LINUX_IF_H) @@ -12,15 +12,13 @@ #ifdef HAVE_NET_IF_TYPES_H #include -@@ -80,22 +76,8 @@ typedef unsigned long UINT32_t; +@@ -80,20 +76,7 @@ typedef unsigned long UINT32_t; #error Could not find a 32-bit integer type #endif -#ifdef HAVE_LINUX_IF_ETHER_H -#include -#endif -- - #include - -#ifdef HAVE_NETINET_IF_ETHER_H -#include @@ -35,49 +33,4 @@ +#include - ---- a/pppd/plugins/rp-pppoe/pppoe-discovery.c -+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c -@@ -16,6 +16,7 @@ - #include - - #include "pppoe.h" -+#include "pppd/pppd.h" - - #ifdef HAVE_UNISTD_H - #include -@@ -717,6 +718,23 @@ char *xstrdup(const char *s) - return ret; - } - -+void -+error(char *fmt, ...) -+{ -+ va_list pvar; -+ -+#if defined(__STDC__) -+ va_start(pvar, fmt); -+#else -+ char *fmt; -+ va_start(pvar); -+ fmt = va_arg(pvar, char *); -+#endif -+ -+ fprintf(stderr, fmt, pvar); -+ va_end(pvar); -+} -+ - void usage(void) - { - fprintf(stderr, "Usage: pppoe-discovery [options]\n"); ---- a/pppd/plugins/rp-pppoe/Makefile.linux -+++ b/pppd/plugins/rp-pppoe/Makefile.linux -@@ -33,7 +33,7 @@ pppoe-discovery: pppoe-discovery.o debug - $(CC) $(CFLAGS) -o pppoe-discovery pppoe-discovery.o debug.o - - pppoe-discovery.o: pppoe-discovery.c -- $(CC) $(CFLAGS) -c -o pppoe-discovery.o pppoe-discovery.c -+ $(CC) $(CFLAGS) -I../../.. -c -o pppoe-discovery.o pppoe-discovery.c - - debug.o: debug.c - $(CC) $(CFLAGS) -c -o debug.o debug.c + /* Ethernet frame types according to RFC 2516 */ diff --git a/package/network/services/ppp/patches/200-makefile.patch b/package/network/services/ppp/patches/200-makefile.patch index 143023246..82b1cc67b 100644 --- a/package/network/services/ppp/patches/200-makefile.patch +++ b/package/network/services/ppp/patches/200-makefile.patch @@ -23,9 +23,9 @@ Signed-off-by: Jo-Philipp Wich -USE_TDB=y +#USE_TDB=y - HAS_SHADOW=y - #USE_PAM=y -@@ -80,7 +80,7 @@ MAXOCTETS=y + # Uncomment the next line to enable Type=notify services in systemd + # If enabled, and the user sets the up_sdnotify option, then +@@ -85,7 +85,7 @@ MAXOCTETS=y INCLUDE_DIRS= -I../include @@ -34,12 +34,12 @@ Signed-off-by: Jo-Philipp Wich CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"' -@@ -120,10 +120,10 @@ CFLAGS += -DHAS_SHADOW +@@ -125,10 +125,10 @@ CFLAGS += -DHAS_SHADOW #LIBS += -lshadow $(LIBS) endif --ifneq ($(wildcard /usr/include/crypt.h),) -+#ifneq ($(wildcard /usr/include/crypt.h),) +-ifneq ($(wildcard $(shell $(CC) --print-sysroot)/usr/include/crypt.h),) ++#ifneq ($(wildcard $(shell $(CC) --print-sysroot)/usr/include/crypt.h),) CFLAGS += -DHAVE_CRYPT_H=1 LIBS += -lcrypt -endif diff --git a/package/network/services/ppp/patches/201-mppe_mppc_1.1.patch b/package/network/services/ppp/patches/201-mppe_mppc_1.1.patch index 3fc30bb43..bc1b69ebf 100644 --- a/package/network/services/ppp/patches/201-mppe_mppc_1.1.patch +++ b/package/network/services/ppp/patches/201-mppe_mppc_1.1.patch @@ -88,7 +88,7 @@ Signed-off-by: Jo-Philipp Wich */ --- a/pppd/ccp.c +++ b/pppd/ccp.c -@@ -62,12 +62,10 @@ static int setdeflate __P((char **)); +@@ -61,12 +61,10 @@ static int setdeflate __P((char **)); static char bsd_value[8]; static char deflate_value[8]; @@ -104,7 +104,7 @@ Signed-off-by: Jo-Philipp Wich static option_t ccp_option_list[] = { { "noccp", o_bool, &ccp_protent.enabled_flag, -@@ -108,54 +106,36 @@ static option_t ccp_option_list[] = { +@@ -107,54 +105,36 @@ static option_t ccp_option_list[] = { "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, &ccp_allowoptions[0].predictor_1 }, @@ -188,7 +188,7 @@ Signed-off-by: Jo-Philipp Wich #endif /* MPPE */ { NULL } -@@ -241,7 +221,7 @@ static fsm_callbacks ccp_callbacks = { +@@ -240,7 +220,7 @@ static fsm_callbacks ccp_callbacks = { */ #define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \ || (opt).predictor_1 || (opt).predictor_2 \ @@ -197,7 +197,7 @@ Signed-off-by: Jo-Philipp Wich /* * Local state (mainly for handling reset-reqs and reset-acks). -@@ -344,6 +324,100 @@ setdeflate(argv) +@@ -343,6 +323,100 @@ setdeflate(argv) return 1; } @@ -298,7 +298,7 @@ Signed-off-by: Jo-Philipp Wich /* * ccp_init - initialize CCP. */ -@@ -378,6 +452,30 @@ ccp_init(unit) +@@ -377,6 +451,30 @@ ccp_init(unit) ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS; ccp_allowoptions[0].predictor_1 = 1; @@ -329,7 +329,7 @@ Signed-off-by: Jo-Philipp Wich } /* -@@ -455,11 +553,11 @@ ccp_input(unit, p, len) +@@ -454,11 +552,11 @@ ccp_input(unit, p, len) if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) { notice("Compression disabled by peer."); #ifdef MPPE @@ -343,7 +343,7 @@ Signed-off-by: Jo-Philipp Wich } /* -@@ -487,6 +585,15 @@ ccp_extcode(f, code, id, p, len) +@@ -486,6 +584,15 @@ ccp_extcode(f, code, id, p, len) break; /* send a reset-ack, which the transmitter will see and reset its compression state. */ @@ -359,7 +359,7 @@ Signed-off-by: Jo-Philipp Wich fsm_sdata(f, CCP_RESETACK, id, NULL, 0); break; -@@ -515,12 +622,11 @@ ccp_protrej(unit) +@@ -514,12 +621,11 @@ ccp_protrej(unit) fsm_lowerdown(&ccp_fsm[unit]); #ifdef MPPE @@ -374,7 +374,7 @@ Signed-off-by: Jo-Philipp Wich } /* -@@ -537,7 +643,7 @@ ccp_resetci(f) +@@ -536,7 +642,7 @@ ccp_resetci(f) all_rejected[f->unit] = 0; #ifdef MPPE @@ -383,7 +383,7 @@ Signed-off-by: Jo-Philipp Wich ccp_options *ao = &ccp_allowoptions[f->unit]; int auth_mschap_bits = auth_done[f->unit]; int numbits; -@@ -551,80 +657,109 @@ ccp_resetci(f) +@@ -550,80 +656,109 @@ ccp_resetci(f) * NB: If MPPE is required, all other compression opts are invalid. * So, we return right away if we can't do it. */ @@ -560,7 +560,7 @@ Signed-off-by: Jo-Philipp Wich opt_buf[0] = CI_BSD_COMPRESS; opt_buf[1] = CILEN_BSD_COMPRESS; @@ -679,7 +814,8 @@ ccp_cilen(f) - + (go->deflate? CILEN_DEFLATE: 0) + + (go->deflate && go->deflate_draft? CILEN_DEFLATE: 0) + (go->predictor_1? CILEN_PREDICTOR_1: 0) + (go->predictor_2? CILEN_PREDICTOR_2: 0) - + (go->mppe? CILEN_MPPE: 0); @@ -1459,7 +1459,7 @@ Signed-off-by: Jo-Philipp Wich bool deflate_draft; /* use draft RFC code for deflate? */ + bool lzs; /* do Stac LZS? */ + bool mppc; /* do MPPC? */ - bool mppe; /* do MPPE? */ + u_char mppe; /* MPPE bitfield */ + bool mppe_40; /* allow 40 bit encryption? */ + bool mppe_56; /* allow 56 bit encryption? */ + bool mppe_128; /* allow 128 bit encryption? */ @@ -1473,7 +1473,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/chap_ms.c +++ b/pppd/chap_ms.c -@@ -963,13 +963,17 @@ set_mppe_enc_types(int policy, int types +@@ -962,13 +962,17 @@ set_mppe_enc_types(int policy, int types /* * Disable undesirable encryption types. Note that we don't ENABLE * any encryption types, to avoid overriding manual configuration. diff --git a/package/network/services/ppp/patches/202-no_strip.patch b/package/network/services/ppp/patches/202-no_strip.patch index 29d8f746b..436085f3b 100644 --- a/package/network/services/ppp/patches/202-no_strip.patch +++ b/package/network/services/ppp/patches/202-no_strip.patch @@ -19,7 +19,7 @@ Signed-off-by: Jo-Philipp Wich clean: --- a/pppd/Makefile.linux +++ b/pppd/Makefile.linux -@@ -102,7 +102,7 @@ ifdef USE_SRP +@@ -107,7 +107,7 @@ ifdef USE_SRP CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto TARGETS += srp-entry @@ -28,7 +28,7 @@ Signed-off-by: Jo-Philipp Wich MANPAGES += srp-entry.8 EXTRACLEAN += srp-entry.o NEEDDES=y -@@ -208,7 +208,7 @@ all: $(TARGETS) +@@ -219,7 +219,7 @@ all: $(TARGETS) install: pppd mkdir -p $(BINDIR) $(MANDIR) $(EXTRAINSTALL) diff --git a/package/network/services/ppp/patches/203-opt_flags.patch b/package/network/services/ppp/patches/203-opt_flags.patch index 069b8585f..8dfacf383 100644 --- a/package/network/services/ppp/patches/203-opt_flags.patch +++ b/package/network/services/ppp/patches/203-opt_flags.patch @@ -18,6 +18,23 @@ Signed-off-by: Jo-Philipp Wich # Uncomment the next line to include support for Microsoft's # MS-CHAP authentication protocol. +@@ -43,13 +44,13 @@ install: all + $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR) + + radius.so: radius.o libradiusclient.a +- $(CC) $(LDFLAGS) -o radius.so -shared radius.o libradiusclient.a ++ $(CC) $(LDFLAGS) -fPIC -o radius.so -shared radius.o libradiusclient.a + + radattr.so: radattr.o +- $(CC) $(LDFLAGS) -o radattr.so -shared radattr.o ++ $(CC) $(LDFLAGS) -fPIC -o radattr.so -shared radattr.o + + radrealms.so: radrealms.o +- $(CC) $(LDFLAGS) -o radrealms.so -shared radrealms.o ++ $(CC) $(LDFLAGS) -fPIC -o radrealms.so -shared radrealms.o + + CLIENTOBJS = avpair.o buildreq.o config.o dict.o ip_util.o \ + clientid.o sendserver.o lock.o util.o md5.o --- a/pppdump/Makefile.linux +++ b/pppdump/Makefile.linux @@ -2,7 +2,8 @@ DESTDIR = $(INSTROOT)@DESTDIR@ @@ -33,11 +50,11 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/plugins/rp-pppoe/Makefile.linux +++ b/pppd/plugins/rp-pppoe/Makefile.linux @@ -39,7 +39,7 @@ debug.o: debug.c - $(CC) $(CFLAGS) -c -o debug.o debug.c + $(CC) $(CFLAGS) -I../../.. -c -o debug.o debug.c rp-pppoe.so: plugin.o discovery.o if.o common.o -- $(CC) $(CFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o -+ $(CC) $(CFLAGS) -fPIC -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o +- $(CC) $(LDFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o ++ $(CC) $(LDFLAGS) -fPIC -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o install: all $(INSTALL) -d -m 755 $(LIBDIR) diff --git a/package/network/services/ppp/patches/204-radius_config.patch b/package/network/services/ppp/patches/204-radius_config.patch index c97a53507..2f30b9d3d 100644 --- a/package/network/services/ppp/patches/204-radius_config.patch +++ b/package/network/services/ppp/patches/204-radius_config.patch @@ -1,6 +1,6 @@ --- a/pppd/plugins/radius/config.c +++ b/pppd/plugins/radius/config.c -@@ -369,31 +369,37 @@ static int test_config(char *filename) +@@ -371,31 +371,37 @@ static int test_config(char *filename) } #endif diff --git a/package/network/services/ppp/patches/205-no_exponential_timeout.patch b/package/network/services/ppp/patches/205-no_exponential_timeout.patch index 1395ca517..7f752e313 100644 --- a/package/network/services/ppp/patches/205-no_exponential_timeout.patch +++ b/package/network/services/ppp/patches/205-no_exponential_timeout.patch @@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/plugins/rp-pppoe/discovery.c +++ b/pppd/plugins/rp-pppoe/discovery.c -@@ -644,7 +644,9 @@ discovery(PPPoEConnection *conn) +@@ -632,7 +632,9 @@ discovery(PPPoEConnection *conn) conn->discoveryState = STATE_SENT_PADI; waitForPADO(conn, timeout); @@ -17,7 +17,7 @@ Signed-off-by: Jo-Philipp Wich } while (conn->discoveryState == STATE_SENT_PADI); timeout = conn->discoveryTimeout; -@@ -659,7 +661,9 @@ discovery(PPPoEConnection *conn) +@@ -647,7 +649,9 @@ discovery(PPPoEConnection *conn) sendPADR(conn); conn->discoveryState = STATE_SENT_PADR; waitForPADS(conn, timeout); diff --git a/package/network/services/ppp/patches/206-compensate_time_change.patch b/package/network/services/ppp/patches/206-compensate_time_change.patch index 31a582a20..a1eb6a716 100644 --- a/package/network/services/ppp/patches/206-compensate_time_change.patch +++ b/package/network/services/ppp/patches/206-compensate_time_change.patch @@ -13,7 +13,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/main.c +++ b/pppd/main.c -@@ -90,6 +90,7 @@ +@@ -89,6 +89,7 @@ #include #include #include @@ -21,7 +21,7 @@ Signed-off-by: Jo-Philipp Wich #include "pppd.h" #include "magic.h" -@@ -228,6 +229,7 @@ static struct subprocess *children; +@@ -226,6 +227,7 @@ static struct subprocess *children; /* Prototypes for procedures local to this file. */ @@ -29,7 +29,7 @@ Signed-off-by: Jo-Philipp Wich static void setup_signals __P((void)); static void create_pidfile __P((int pid)); static void create_linkpidfile __P((int pid)); -@@ -535,6 +537,7 @@ main(argc, argv) +@@ -525,6 +527,7 @@ main(argc, argv) info("Starting link"); } @@ -37,7 +37,7 @@ Signed-off-by: Jo-Philipp Wich gettimeofday(&start_time, NULL); script_unsetenv("CONNECT_TIME"); script_unsetenv("BYTES_SENT"); -@@ -1267,6 +1270,36 @@ struct callout { +@@ -1274,6 +1277,36 @@ struct callout { static struct callout *callout = NULL; /* Callout list */ static struct timeval timenow; /* Current time */ @@ -74,7 +74,7 @@ Signed-off-by: Jo-Philipp Wich /* * timeout - Schedule a timeout. -@@ -1337,6 +1370,8 @@ calltimeout() +@@ -1344,6 +1377,8 @@ calltimeout() { struct callout *p; @@ -83,7 +83,7 @@ Signed-off-by: Jo-Philipp Wich while (callout != NULL) { p = callout; -@@ -1364,6 +1399,8 @@ timeleft(tvp) +@@ -1371,6 +1406,8 @@ timeleft(tvp) { if (callout == NULL) return NULL; diff --git a/package/network/services/ppp/patches/207-lcp_mtu_max.patch b/package/network/services/ppp/patches/207-lcp_mtu_max.patch index f406f685e..7aa8d4e12 100644 --- a/package/network/services/ppp/patches/207-lcp_mtu_max.patch +++ b/package/network/services/ppp/patches/207-lcp_mtu_max.patch @@ -8,7 +8,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/lcp.c +++ b/pppd/lcp.c -@@ -1917,12 +1917,12 @@ lcp_up(f) +@@ -1916,12 +1916,12 @@ lcp_up(f) * the interface MTU is set to the lowest of that, the * MTU we want to use, and our link MRU. */ diff --git a/package/network/services/ppp/patches/208-fix_status_code.patch b/package/network/services/ppp/patches/208-fix_status_code.patch index eb24b0a05..31460148a 100644 --- a/package/network/services/ppp/patches/208-fix_status_code.patch +++ b/package/network/services/ppp/patches/208-fix_status_code.patch @@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/main.c +++ b/pppd/main.c -@@ -1048,7 +1048,8 @@ get_input() +@@ -1055,7 +1055,8 @@ get_input() } notice("Modem hangup"); hungup = 1; diff --git a/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch b/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch index 68a56aa6e..00fb83502 100644 --- a/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch +++ b/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch @@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/Makefile.linux +++ b/pppd/Makefile.linux -@@ -178,8 +178,8 @@ endif +@@ -189,8 +189,8 @@ endif ifdef FILTER ifneq ($(wildcard /usr/include/pcap-bpf.h),) diff --git a/package/network/services/ppp/patches/310-precompile_filter.patch b/package/network/services/ppp/patches/310-precompile_filter.patch index 701e49d32..a65c19cf1 100644 --- a/package/network/services/ppp/patches/310-precompile_filter.patch +++ b/package/network/services/ppp/patches/310-precompile_filter.patch @@ -23,7 +23,7 @@ Signed-off-by: Jo-Philipp Wich # Uncomment the next line to enable multilink PPP (enabled by default) # Linux distributions: Please leave multilink ENABLED in your builds # of pppd! -@@ -183,6 +186,14 @@ CFLAGS += -DPPP_FILTER -I$(STAGING_DIR) +@@ -194,6 +197,14 @@ CFLAGS += -DPPP_FILTER -I$(STAGING_DIR) endif endif @@ -48,7 +48,7 @@ Signed-off-by: Jo-Philipp Wich /* * There have been 3 or 4 different names for this in libpcap CVS, but * this seems to be what they have settled on... -@@ -165,6 +166,13 @@ static int setlogfile __P((char **)); +@@ -169,6 +170,13 @@ static int setlogfile __P((char **)); static int loadplugin __P((char **)); #endif @@ -62,7 +62,7 @@ Signed-off-by: Jo-Philipp Wich #ifdef PPP_FILTER static int setpassfilter __P((char **)); static int setactivefilter __P((char **)); -@@ -344,6 +352,14 @@ option_t general_options[] = { +@@ -361,6 +369,14 @@ option_t general_options[] = { "set filter for active pkts", OPT_PRIO }, #endif @@ -77,7 +77,7 @@ Signed-off-by: Jo-Philipp Wich #ifdef MAXOCTETS { "maxoctets", o_int, &maxoctets, "Set connection traffic limit", -@@ -1493,6 +1509,29 @@ callfile(argv) +@@ -1511,6 +1527,29 @@ callfile(argv) return ok; } diff --git a/package/network/services/ppp/patches/320-custom_iface_names.patch b/package/network/services/ppp/patches/320-custom_iface_names.patch deleted file mode 100644 index 441f9eec6..000000000 --- a/package/network/services/ppp/patches/320-custom_iface_names.patch +++ /dev/null @@ -1,135 +0,0 @@ -pppd: Support arbitrary interface names - -This patch implements a new string option "ifname" which allows to specify -fully custom PPP interface names on Linux. It does so by renaming the -allocated pppX device immediately after it has been created to the requested -interface name. - -Signed-off-by: Jo-Philipp Wich - ---- a/pppd/main.c -+++ b/pppd/main.c -@@ -745,8 +745,11 @@ void - set_ifunit(iskey) - int iskey; - { -- info("Using interface %s%d", PPP_DRV_NAME, ifunit); -- slprintf(ifname, sizeof(ifname), "%s%d", PPP_DRV_NAME, ifunit); -+ if (use_ifname[0] == 0) -+ slprintf(ifname, sizeof(ifname), "%s%d", PPP_DRV_NAME, ifunit); -+ else -+ slprintf(ifname, sizeof(ifname), "%s", use_ifname); -+ info("Using interface %s", ifname); - script_setenv("IFNAME", ifname, iskey); - if (iskey) { - create_pidfile(getpid()); /* write pid to file */ ---- a/pppd/options.c -+++ b/pppd/options.c -@@ -112,6 +112,7 @@ int log_to_fd = 1; /* send log messages - bool log_default = 1; /* log_to_fd is default (stdout) */ - int maxfail = 10; /* max # of unsuccessful connection attempts */ - char linkname[MAXPATHLEN]; /* logical name for link */ -+char use_ifname[IFNAMSIZ]; /* physical name for PPP link */ - bool tune_kernel; /* may alter kernel settings */ - int connect_delay = 1000; /* wait this many ms after connect script */ - int req_unit = -1; /* requested interface unit */ -@@ -277,6 +278,9 @@ option_t general_options[] = { - { "linkname", o_string, linkname, - "Set logical name for link", - OPT_PRIO | OPT_PRIV | OPT_STATIC, NULL, MAXPATHLEN }, -+ { "ifname", o_string, use_ifname, -+ "Set physical name for PPP interface", -+ OPT_PRIO | OPT_PRIV | OPT_STATIC, NULL, IFNAMSIZ }, - - { "maxfail", o_int, &maxfail, - "Maximum number of unsuccessful connection attempts to allow", ---- a/pppd/pppd.h -+++ b/pppd/pppd.h -@@ -74,6 +74,10 @@ - #include "eui64.h" - #endif - -+#ifndef IFNAMSIZ -+#define IFNAMSIZ 16 -+#endif -+ - /* - * Limits. - */ -@@ -317,6 +321,7 @@ extern char *record_file; /* File to rec - extern bool sync_serial; /* Device is synchronous serial device */ - extern int maxfail; /* Max # of unsuccessful connection attempts */ - extern char linkname[MAXPATHLEN]; /* logical name for link */ -+extern char use_ifname[IFNAMSIZ]; /* physical name for PPP interface */ - extern bool tune_kernel; /* May alter kernel settings as necessary */ - extern int connect_delay; /* Time to delay after connect script */ - extern int max_data_rate; /* max bytes/sec through charshunt */ ---- a/pppd/sys-linux.c -+++ b/pppd/sys-linux.c -@@ -161,6 +161,10 @@ struct in6_ifreq { - /* We can get an EIO error on an ioctl if the modem has hung up */ - #define ok_error(num) ((num)==EIO) - -+#if !defined(PPP_DRV_NAME) -+#define PPP_DRV_NAME "ppp" -+#endif /* !defined(PPP_DRV_NAME) */ -+ - static int tty_disc = N_TTY; /* The TTY discipline */ - static int ppp_disc = N_PPP; /* The PPP discpline */ - static int initfdflags = -1; /* Initial file descriptor flags for fd */ -@@ -620,7 +624,8 @@ void generic_disestablish_ppp(int dev_fd - */ - static int make_ppp_unit() - { -- int x, flags; -+ struct ifreq ifr; -+ int x, flags, s; - - if (ppp_dev_fd >= 0) { - dbglog("in make_ppp_unit, already had /dev/ppp open?"); -@@ -643,6 +648,30 @@ static int make_ppp_unit() - } - if (x < 0) - error("Couldn't create new ppp unit: %m"); -+ -+ if (use_ifname[0] != 0) { -+ s = socket(PF_INET, SOCK_DGRAM, 0); -+ if (s < 0) -+ s = socket(PF_PACKET, SOCK_DGRAM, 0); -+ if (s < 0) -+ s = socket(PF_INET6, SOCK_DGRAM, 0); -+ if (s < 0) -+ s = socket(PF_UNIX, SOCK_DGRAM, 0); -+ if (s >= 0) { -+ slprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s%d", PPP_DRV_NAME, ifunit); -+ slprintf(ifr.ifr_newname, sizeof(ifr.ifr_newname), "%s", use_ifname); -+ x = ioctl(s, SIOCSIFNAME, &ifr); -+ close(s); -+ } else { -+ x = s; -+ } -+ if (x < 0) { -+ error("Couldn't rename %s to %s", ifr.ifr_name, ifr.ifr_newname); -+ close(ppp_dev_fd); -+ ppp_dev_fd = -1; -+ } -+ } -+ - return x; - } - ---- a/pppstats/pppstats.c -+++ b/pppstats/pppstats.c -@@ -506,10 +506,12 @@ main(argc, argv) - if (argc > 0) - interface = argv[0]; - -+#if 0 - if (sscanf(interface, PPP_DRV_NAME "%d", &unit) != 1) { - fprintf(stderr, "%s: invalid interface '%s' specified\n", - progname, interface); - } -+#endif - - #ifndef STREAMS - { diff --git a/package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch b/package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch index bba5884fa..75c803650 100644 --- a/package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch +++ b/package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch @@ -8,7 +8,15 @@ Signed-off-by: George Kashperko 2 files changed, 53 insertions(+), 14 deletions(-) --- a/pppd/multilink.c +++ b/pppd/multilink.c -@@ -56,7 +56,8 @@ static void iterate_bundle_links __P((vo +@@ -35,6 +35,7 @@ + #include + #include + #include ++#include + + #include "pppd.h" + #include "fsm.h" +@@ -56,7 +57,8 @@ static void iterate_bundle_links __P((vo static int get_default_epdisc __P((struct epdisc *)); static int parse_num __P((char *str, const char *key, int *valp)); @@ -18,7 +26,7 @@ Signed-off-by: George Kashperko #define set_ip_epdisc(ep, addr) do { \ ep->length = 4; \ -@@ -197,35 +198,38 @@ mp_join_bundle() +@@ -197,35 +199,38 @@ mp_join_bundle() key.dptr = bundle_id; key.dsize = p - bundle_id; pid = tdb_fetch(pppdb, key); @@ -33,7 +41,7 @@ Signed-off-by: George Kashperko /* make sure the string is null-terminated */ rec.dptr[rec.dsize-1] = 0; - /* parse the interface number */ -- parse_num(rec.dptr, "IFNAME=ppp", &unit); +- parse_num(rec.dptr, "UNIT=", &unit); + /* check the pid value */ if (!parse_num(rec.dptr, "PPPD_PID=", &pppd_pid) @@ -65,7 +73,7 @@ Signed-off-by: George Kashperko } /* we have to make a new bundle */ -@@ -408,22 +412,45 @@ parse_num(str, key, valp) +@@ -408,22 +413,45 @@ parse_num(str, key, valp) return 0; } @@ -106,7 +114,7 @@ Signed-off-by: George Kashperko TDB_DATA kd, vd; int ret = 0; -- slprintf(ifkey, sizeof(ifkey), "IFNAME=ppp%d", unit); +- slprintf(ifkey, sizeof(ifkey), "UNIT=%d", unit); + slprintf(ifkey, sizeof(ifkey), "IFNAME=%s", ifname); + kd.dptr = ifkey; @@ -118,7 +126,7 @@ Signed-off-by: George Kashperko && memcmp(vd.dptr, key.dptr, vd.dsize) == 0; --- a/pppd/sys-linux.c +++ b/pppd/sys-linux.c -@@ -698,6 +698,16 @@ void cfg_bundle(int mrru, int mtru, int +@@ -700,6 +700,16 @@ void cfg_bundle(int mrru, int mtru, int add_fd(ppp_dev_fd); } @@ -135,7 +143,7 @@ Signed-off-by: George Kashperko /* * make_new_bundle - create a new PPP unit (i.e. a bundle) * and connect our channel to it. This should only get called -@@ -716,6 +726,8 @@ void make_new_bundle(int mrru, int mtru, +@@ -718,6 +728,8 @@ void make_new_bundle(int mrru, int mtru, /* set the mrru and flags */ cfg_bundle(mrru, mtru, rssn, tssn); diff --git a/package/network/services/ppp/patches/330-retain_foreign_default_routes.patch b/package/network/services/ppp/patches/330-retain_foreign_default_routes.patch index 45fc4b944..6c0849cc6 100644 --- a/package/network/services/ppp/patches/330-retain_foreign_default_routes.patch +++ b/package/network/services/ppp/patches/330-retain_foreign_default_routes.patch @@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/sys-linux.c +++ b/pppd/sys-linux.c -@@ -1756,6 +1756,7 @@ int cifdefaultroute (int unit, u_int32_t +@@ -1767,6 +1767,7 @@ int cifdefaultroute (int unit, u_int32_t SIN_ADDR(rt.rt_genmask) = 0L; } diff --git a/package/network/services/ppp/patches/340-populate_default_gateway.patch b/package/network/services/ppp/patches/340-populate_default_gateway.patch index 5a694476d..ae385dfc9 100644 --- a/package/network/services/ppp/patches/340-populate_default_gateway.patch +++ b/package/network/services/ppp/patches/340-populate_default_gateway.patch @@ -13,7 +13,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/sys-linux.c +++ b/pppd/sys-linux.c -@@ -1710,6 +1710,9 @@ int sifdefaultroute (int unit, u_int32_t +@@ -1717,6 +1717,9 @@ int sifdefaultroute (int unit, u_int32_t memset (&rt, 0, sizeof (rt)); SET_SA_FAMILY (rt.rt_dst, AF_INET); @@ -21,9 +21,9 @@ Signed-off-by: Jo-Philipp Wich + SIN_ADDR(rt.rt_gateway) = gateway; + rt.rt_dev = ifname; + rt.rt_metric = dfl_route_metric + 1; /* +1 for binary compatibility */ - if (kernel_version > KVERSION(2,1,0)) { -@@ -1717,7 +1720,7 @@ int sifdefaultroute (int unit, u_int32_t +@@ -1725,7 +1728,7 @@ int sifdefaultroute (int unit, u_int32_t SIN_ADDR(rt.rt_genmask) = 0L; } diff --git a/package/network/services/ppp/patches/400-simplify_kernel_checks.patch b/package/network/services/ppp/patches/400-simplify_kernel_checks.patch index cea9e16c2..0754f8f4d 100644 --- a/package/network/services/ppp/patches/400-simplify_kernel_checks.patch +++ b/package/network/services/ppp/patches/400-simplify_kernel_checks.patch @@ -10,7 +10,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/sys-linux.c +++ b/pppd/sys-linux.c -@@ -196,7 +196,7 @@ static int driver_is_old = 0; +@@ -200,7 +200,7 @@ static int driver_is_old = 0; static int restore_term = 0; /* 1 => we've munged the terminal */ static struct termios inittermios; /* Initial TTY termios */ @@ -19,7 +19,7 @@ Signed-off-by: Jo-Philipp Wich static char loop_name[20]; static unsigned char inbuf[512]; /* buffer for chars read from loopback */ -@@ -214,8 +214,8 @@ static int looped; /* 1 if using loop +@@ -219,8 +219,8 @@ static int looped; /* 1 if using loop static int link_mtu; /* mtu for the link (not bundle) */ static struct utsname utsname; /* for the kernel version */ @@ -29,7 +29,7 @@ Signed-off-by: Jo-Philipp Wich #define MAX_IFS 100 -@@ -1451,11 +1451,12 @@ int ccp_fatal_error (int unit) +@@ -1453,11 +1453,12 @@ int ccp_fatal_error (int unit) * * path_to_procfs - find the path to the proc file system mount point */ @@ -44,7 +44,7 @@ Signed-off-by: Jo-Philipp Wich struct mntent *mntent; FILE *fp; -@@ -1477,6 +1478,7 @@ static char *path_to_procfs(const char * +@@ -1479,6 +1480,7 @@ static char *path_to_procfs(const char * fclose (fp); } } @@ -52,7 +52,7 @@ Signed-off-by: Jo-Philipp Wich strlcpy(proc_path + proc_path_len, tail, sizeof(proc_path) - proc_path_len); -@@ -2129,15 +2131,19 @@ int ppp_available(void) +@@ -2332,15 +2334,19 @@ int ppp_available(void) int my_version, my_modification, my_patch; int osmaj, osmin, ospatch; @@ -72,7 +72,7 @@ Signed-off-by: Jo-Philipp Wich /* XXX should get from driver */ driver_version = 2; -@@ -2197,6 +2203,7 @@ int ppp_available(void) +@@ -2400,6 +2406,7 @@ int ppp_available(void) if (ok && ((ifr.ifr_hwaddr.sa_family & ~0xFF) != ARPHRD_PPP)) ok = 0; @@ -80,7 +80,7 @@ Signed-off-by: Jo-Philipp Wich /* * This is the PPP device. Validate the version of the driver at this -@@ -2730,6 +2737,7 @@ get_pty(master_fdp, slave_fdp, slave_nam +@@ -2936,6 +2943,7 @@ get_pty(master_fdp, slave_fdp, slave_nam } #endif /* TIOCGPTN */ @@ -88,7 +88,7 @@ Signed-off-by: Jo-Philipp Wich if (sfd < 0) { /* the old way - scan through the pty name space */ for (i = 0; i < 64; ++i) { -@@ -2748,6 +2756,7 @@ get_pty(master_fdp, slave_fdp, slave_nam +@@ -2954,6 +2962,7 @@ get_pty(master_fdp, slave_fdp, slave_nam } } } @@ -125,7 +125,7 @@ Signed-off-by: Jo-Philipp Wich char *pppd_pppoe_service = NULL; static char *acName = NULL; static char *existingSession = NULL; -@@ -371,10 +368,6 @@ PPPoEDevnameHook(char *cmd, char **argv, +@@ -394,10 +391,6 @@ PPPoEDevnameHook(char *cmd, char **argv, void plugin_init(void) { @@ -138,7 +138,7 @@ Signed-off-by: Jo-Philipp Wich info("RP-PPPoE plugin version %s compiled against pppd %s", --- a/pppd/plugins/pppol2tp/pppol2tp.c +++ b/pppd/plugins/pppol2tp/pppol2tp.c -@@ -486,12 +486,7 @@ static void pppol2tp_cleanup(void) +@@ -490,12 +490,7 @@ static void pppol2tp_cleanup(void) void plugin_init(void) { diff --git a/package/network/services/ppp/patches/401-no_record_file.patch b/package/network/services/ppp/patches/401-no_record_file.patch index f5079fac4..56a9f02eb 100644 --- a/package/network/services/ppp/patches/401-no_record_file.patch +++ b/package/network/services/ppp/patches/401-no_record_file.patch @@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/pppd.h +++ b/pppd/pppd.h -@@ -317,7 +317,6 @@ extern int holdoff; /* Dead time before +@@ -325,7 +325,6 @@ extern int holdoff; /* Dead time before extern bool holdoff_specified; /* true if user gave a holdoff value */ extern bool notty; /* Stdin/out is not a tty */ extern char *pty_socket; /* Socket to connect to pty */ @@ -17,7 +17,7 @@ Signed-off-by: Jo-Philipp Wich extern char linkname[MAXPATHLEN]; /* logical name for link */ --- a/pppd/tty.c +++ b/pppd/tty.c -@@ -146,7 +146,7 @@ char *disconnect_script = NULL; /* Scrip +@@ -145,7 +145,7 @@ char *disconnect_script = NULL; /* Scrip char *welcomer = NULL; /* Script to run after phys link estab. */ char *ptycommand = NULL; /* Command to run on other side of pty */ bool notty = 0; /* Stdin/out is not a tty */ @@ -26,7 +26,7 @@ Signed-off-by: Jo-Philipp Wich int max_data_rate; /* max bytes/sec through charshunt */ bool sync_serial = 0; /* Device is synchronous serial device */ char *pty_socket = NULL; /* Socket to connect to pty */ -@@ -202,8 +202,10 @@ option_t tty_options[] = { +@@ -201,8 +201,10 @@ option_t tty_options[] = { "Send and receive over socket, arg is host:port", OPT_PRIO | OPT_DEVNAM }, diff --git a/package/network/services/ppp/patches/403-no_wtmp.patch b/package/network/services/ppp/patches/403-no_wtmp.patch index 98d6133c4..537a1b0c7 100644 --- a/package/network/services/ppp/patches/403-no_wtmp.patch +++ b/package/network/services/ppp/patches/403-no_wtmp.patch @@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/sys-linux.c +++ b/pppd/sys-linux.c -@@ -2267,6 +2267,7 @@ int ppp_available(void) +@@ -2470,6 +2470,7 @@ int ppp_available(void) void logwtmp (const char *line, const char *name, const char *host) { @@ -15,7 +15,7 @@ Signed-off-by: Jo-Philipp Wich struct utmp ut, *utp; pid_t mypid = getpid(); #if __GLIBC__ < 2 -@@ -2332,6 +2333,7 @@ void logwtmp (const char *line, const ch +@@ -2535,6 +2536,7 @@ void logwtmp (const char *line, const ch close (wtmp); } #endif diff --git a/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch b/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch index 3b35fe003..1d94873f3 100644 --- a/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch +++ b/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch @@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/main.c +++ b/pppd/main.c -@@ -882,14 +882,17 @@ struct protocol_list { +@@ -886,14 +886,17 @@ struct protocol_list { const char *name; } protocol_list[] = { { 0x21, "IP" }, @@ -25,7 +25,7 @@ Signed-off-by: Jo-Philipp Wich { 0x33, "Stream Protocol ST-II" }, { 0x35, "Banyan Vines" }, { 0x39, "AppleTalk EDDP" }, -@@ -903,8 +906,11 @@ struct protocol_list { +@@ -907,8 +910,11 @@ struct protocol_list { { 0x49, "Serial Data Transport Protocol (PPP-SDTP)" }, { 0x4b, "SNA over 802.2" }, { 0x4d, "SNA" }, @@ -37,7 +37,7 @@ Signed-off-by: Jo-Philipp Wich { 0x53, "Encryption" }, { 0x55, "Individual Link Encryption" }, { 0x57, "IPv6" }, -@@ -915,12 +921,15 @@ struct protocol_list { +@@ -919,12 +925,15 @@ struct protocol_list { { 0x65, "RTP IPHC Compressed non-TCP" }, { 0x67, "RTP IPHC Compressed UDP 8" }, { 0x69, "RTP IPHC Compressed RTP 8" }, @@ -53,7 +53,7 @@ Signed-off-by: Jo-Philipp Wich { 0x0203, "IBM Source Routing BPDU" }, { 0x0205, "DEC LANBridge100 Spanning Tree" }, { 0x0207, "Cisco Discovery Protocol" }, -@@ -932,15 +941,19 @@ struct protocol_list { +@@ -936,15 +945,19 @@ struct protocol_list { { 0x0231, "Luxcom" }, { 0x0233, "Sigma Network Systems" }, { 0x0235, "Apple Client Server Protocol" }, @@ -73,7 +73,7 @@ Signed-off-by: Jo-Philipp Wich { 0x4001, "Cray Communications Control Protocol" }, { 0x4003, "CDPD Mobile Network Registration Protocol" }, { 0x4005, "Expand accelerator protocol" }, -@@ -951,8 +964,10 @@ struct protocol_list { +@@ -955,8 +968,10 @@ struct protocol_list { { 0x4023, "RefTek Protocol" }, { 0x4025, "Fibre Channel" }, { 0x4027, "EMIT Protocols" }, @@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich { 0x8023, "OSI Network Layer Control Protocol" }, { 0x8025, "Xerox NS IDP Control Protocol" }, { 0x8027, "DECnet Phase IV Control Protocol" }, -@@ -961,7 +976,9 @@ struct protocol_list { +@@ -965,7 +980,9 @@ struct protocol_list { { 0x8031, "Bridging NCP" }, { 0x8033, "Stream Protocol Control Protocol" }, { 0x8035, "Banyan Vines Control Protocol" }, @@ -94,7 +94,7 @@ Signed-off-by: Jo-Philipp Wich { 0x803f, "NETBIOS Framing Control Protocol" }, { 0x8041, "Cisco Systems Control Protocol" }, { 0x8043, "Ascom Timeplex" }, -@@ -970,18 +987,24 @@ struct protocol_list { +@@ -974,18 +991,24 @@ struct protocol_list { { 0x8049, "Serial Data Control Protocol (PPP-SDCP)" }, { 0x804b, "SNA over 802.2 Control Protocol" }, { 0x804d, "SNA Control Protocol" }, @@ -119,7 +119,7 @@ Signed-off-by: Jo-Philipp Wich { 0x8207, "Cisco Discovery Protocol Control" }, { 0x8209, "Netcs Twin Routing" }, { 0x820b, "STP - Control Protocol" }, -@@ -990,24 +1013,29 @@ struct protocol_list { +@@ -994,24 +1017,29 @@ struct protocol_list { { 0x8281, "MPLSCP" }, { 0x8285, "IEEE p1284.4 standard - Protocol Control" }, { 0x8287, "ETSI TETRA TNP1 Control Protocol" }, diff --git a/package/network/services/ppp/patches/405-no_multilink_option.patch b/package/network/services/ppp/patches/405-no_multilink_option.patch index b17747a5e..ce87d039a 100644 --- a/package/network/services/ppp/patches/405-no_multilink_option.patch +++ b/package/network/services/ppp/patches/405-no_multilink_option.patch @@ -9,7 +9,7 @@ Signed-off-by: Jo-Philipp Wich --- a/pppd/options.c +++ b/pppd/options.c -@@ -336,13 +336,14 @@ option_t general_options[] = { +@@ -349,13 +349,14 @@ option_t general_options[] = { "Enable multilink operation", OPT_PRIOSUB | OPT_ALIAS | 1 }, { "nomultilink", o_bool, &multilink, "Disable multilink operation", OPT_PRIOSUB | 0 }, diff --git a/package/network/services/ppp/patches/511-syncppp.patch b/package/network/services/ppp/patches/511-syncppp.patch index fe58b8cc8..8b8b6cce6 100644 --- a/package/network/services/ppp/patches/511-syncppp.patch +++ b/package/network/services/ppp/patches/511-syncppp.patch @@ -1,6 +1,5 @@ -diff -Naur ppp-2.4.5.0/pppd/chap-new.c ppp-2.4.5/pppd/chap-new.c ---- ppp-2.4.5.0/pppd/chap-new.c 2012-04-18 15:44:46.000000000 +0800 -+++ ppp-2.4.5/pppd/chap-new.c 2012-04-19 20:24:28.000000000 +0800 +--- a/pppd/chap-new.c ++++ b/pppd/chap-new.c @@ -37,6 +37,8 @@ #include "chap-new.h" #include "chap-md5.h" @@ -10,7 +9,7 @@ diff -Naur ppp-2.4.5.0/pppd/chap-new.c ppp-2.4.5/pppd/chap-new.c #ifdef CHAPMS #include "chap_ms.h" #define MDTYPE_ALL (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT | MDTYPE_MD5) -@@ -481,6 +483,19 @@ +@@ -492,6 +494,19 @@ chap_respond(struct chap_client_state *c p[2] = len >> 8; p[3] = len; @@ -30,10 +29,9 @@ diff -Naur ppp-2.4.5.0/pppd/chap-new.c ppp-2.4.5/pppd/chap-new.c output(0, response, PPP_HDRLEN + len); } -diff -Naur ppp-2.4.5.0/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux ---- ppp-2.4.5.0/pppd/Makefile.linux 2012-04-18 15:44:46.000000000 +0800 -+++ ppp-2.4.5/pppd/Makefile.linux 2012-04-19 20:01:05.000000000 +0800 -@@ -13,16 +13,16 @@ +--- a/pppd/Makefile.linux ++++ b/pppd/Makefile.linux +@@ -13,16 +13,16 @@ TARGETS = pppd PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap-new.c md5.c ccp.c \ ecp.c ipxcp.c auth.c options.c sys-linux.c md4.c chap_ms.c \ @@ -53,27 +51,26 @@ diff -Naur ppp-2.4.5.0/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux # # include dependencies if present -@@ -33,7 +33,7 @@ +@@ -33,7 +33,7 @@ endif # CC = gcc # COPTS = -O2 -pipe -Wall -g -LIBS = +LIBS = -lpthread - # Uncomment the next 2 lines to include support for Microsoft's + # Uncomment the next line to include support for Microsoft's # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux. -diff -Naur ppp-2.4.5.0/pppd/options.c ppp-2.4.5/pppd/options.c ---- ppp-2.4.5.0/pppd/options.c 2012-04-18 15:44:46.000000000 +0800 -+++ ppp-2.4.5/pppd/options.c 2012-04-19 20:24:49.000000000 +0800 -@@ -126,6 +126,7 @@ +--- a/pppd/options.c ++++ b/pppd/options.c +@@ -128,6 +128,7 @@ bool dump_options; /* print out option bool dryrun; /* print out option values and exit */ char *domain; /* domain name set by domain option */ int child_wait = 5; /* # seconds to wait for children at exit */ +int npppd = 0; /* synchronize between multiple pppd */ struct userenv *userenv_list; /* user environment variables */ + int dfl_route_metric = -1; /* metric of the default route to set over the PPP link */ - #ifdef MAXOCTETS -@@ -311,6 +312,10 @@ +@@ -342,6 +343,10 @@ option_t general_options[] = { "Set pathname of ipv6-down script", OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN }, @@ -84,10 +81,9 @@ diff -Naur ppp-2.4.5.0/pppd/options.c ppp-2.4.5/pppd/options.c #ifdef HAVE_MULTILINK { "multilink", o_bool, &multilink, "Enable multilink operation", OPT_PRIO | 1 }, -diff -Naur ppp-2.4.5.0/pppd/pppd.h ppp-2.4.5/pppd/pppd.h ---- ppp-2.4.5.0/pppd/pppd.h 2012-04-18 15:44:46.000000000 +0800 -+++ ppp-2.4.5/pppd/pppd.h 2012-04-19 20:25:02.000000000 +0800 -@@ -327,6 +327,7 @@ +--- a/pppd/pppd.h ++++ b/pppd/pppd.h +@@ -343,6 +343,7 @@ extern char *bundle_name; /* bundle name extern bool dump_options; /* print out option values */ extern bool dryrun; /* check everything, print options, exit */ extern int child_wait; /* # seconds to wait for children at end */ @@ -95,9 +91,8 @@ diff -Naur ppp-2.4.5.0/pppd/pppd.h ppp-2.4.5/pppd/pppd.h #ifdef MAXOCTETS extern unsigned int maxoctets; /* Maximum octetes per session (in bytes) */ -diff -Naur ppp-2.4.5.0/pppd/syncppp.c ppp-2.4.5/pppd/syncppp.c ---- ppp-2.4.5.0/pppd/syncppp.c 1970-01-01 08:00:00.000000000 +0800 -+++ ppp-2.4.5/pppd/syncppp.c 2012-04-18 15:46:59.000000000 +0800 +--- /dev/null ++++ b/pppd/syncppp.c @@ -0,0 +1,75 @@ +#include +#include @@ -174,26 +169,23 @@ diff -Naur ppp-2.4.5.0/pppd/syncppp.c ppp-2.4.5/pppd/syncppp.c + return 0; +} + -diff -Naur ppp-2.4.5.0/pppd/syncppp.h ppp-2.4.5/pppd/syncppp.h ---- ppp-2.4.5.0/pppd/syncppp.h 1970-01-01 08:00:00.000000000 +0800 -+++ ppp-2.4.5/pppd/syncppp.h 2012-04-18 15:46:59.000000000 +0800 +--- /dev/null ++++ b/pppd/syncppp.h @@ -0,0 +1,3 @@ +#define SEM_BLOCK_NAME "block" +#define SEM_COUNT_NAME "count" +#define SYNCPPP_TIMEOUT 5 -diff -Naur ppp-2.4.5.0/pppd/upap.c ppp-2.4.5/pppd/upap.c ---- ppp-2.4.5.0/pppd/upap.c 2012-04-18 15:44:46.000000000 +0800 -+++ ppp-2.4.5/pppd/upap.c 2012-04-19 20:26:22.000000000 +0800 -@@ -52,6 +52,8 @@ +--- a/pppd/upap.c ++++ b/pppd/upap.c +@@ -52,6 +52,7 @@ #include "pppd.h" #include "upap.h" +#include "syncppp.h" -+ - static const char rcsid[] = RCSID; static bool hide_password = 1; -@@ -568,6 +570,18 @@ + +@@ -567,6 +568,18 @@ upap_sauthreq(u) PUTCHAR(u->us_passwdlen, outp); BCOPY(u->us_passwd, outp, u->us_passwdlen); @@ -212,3 +204,4 @@ diff -Naur ppp-2.4.5.0/pppd/upap.c ppp-2.4.5/pppd/upap.c output(u->us_unit, outpacket_buf, outlen + PPP_HDRLEN); TIMEOUT(upap_timeout, u, u->us_timeouttime); + diff --git a/package/network/services/ppp/patches/520-uniq.patch b/package/network/services/ppp/patches/520-uniq.patch deleted file mode 100644 index 65d0e96bc..000000000 --- a/package/network/services/ppp/patches/520-uniq.patch +++ /dev/null @@ -1,269 +0,0 @@ ---- a/pppd/plugins/rp-pppoe/common.c -+++ b/pppd/plugins/rp-pppoe/common.c -@@ -119,15 +119,11 @@ sendPADT(PPPoEConnection *conn, char con - conn->session = 0; - - /* If we're using Host-Uniq, copy it over */ -- if (conn->useHostUniq) { -- PPPoETag hostUniq; -- pid_t pid = getpid(); -- hostUniq.type = htons(TAG_HOST_UNIQ); -- hostUniq.length = htons(sizeof(pid)); -- memcpy(hostUniq.payload, &pid, sizeof(pid)); -- memcpy(cursor, &hostUniq, sizeof(pid) + TAG_HDR_SIZE); -- cursor += sizeof(pid) + TAG_HDR_SIZE; -- plen += sizeof(pid) + TAG_HDR_SIZE; -+ if (conn->hostUniq.length) { -+ int len = ntohs(conn->hostUniq.length); -+ memcpy(cursor, &conn->hostUniq, len + TAG_HDR_SIZE); -+ cursor += len + TAG_HDR_SIZE; -+ plen += len + TAG_HDR_SIZE; - } - - /* Copy error message */ ---- a/pppd/plugins/rp-pppoe/discovery.c -+++ b/pppd/plugins/rp-pppoe/discovery.c -@@ -80,13 +80,10 @@ static void - parseForHostUniq(UINT16_t type, UINT16_t len, unsigned char *data, - void *extra) - { -- int *val = (int *) extra; -- if (type == TAG_HOST_UNIQ && len == sizeof(pid_t)) { -- pid_t tmp; -- memcpy(&tmp, data, len); -- if (tmp == getpid()) { -- *val = 1; -- } -+ PPPoETag *tag = extra; -+ -+ if (type == TAG_HOST_UNIQ && len == ntohs(tag->length)) { -+ tag->length = memcmp(data, tag->payload, len); - } - } - -@@ -104,16 +101,16 @@ parseForHostUniq(UINT16_t type, UINT16_t - static int - packetIsForMe(PPPoEConnection *conn, PPPoEPacket *packet) - { -- int forMe = 0; -+ PPPoETag hostUniq = conn->hostUniq; - - /* If packet is not directed to our MAC address, forget it */ - if (memcmp(packet->ethHdr.h_dest, conn->myEth, ETH_ALEN)) return 0; - - /* If we're not using the Host-Unique tag, then accept the packet */ -- if (!conn->useHostUniq) return 1; -+ if (!conn->hostUniq.length) return 1; - -- parsePacket(packet, parseForHostUniq, &forMe); -- return forMe; -+ parsePacket(packet, parseForHostUniq, &hostUniq); -+ return (hostUniq.length == 0); - } - - /********************************************************************** -@@ -301,16 +298,12 @@ sendPADI(PPPoEConnection *conn) - } - - /* If we're using Host-Uniq, copy it over */ -- if (conn->useHostUniq) { -- PPPoETag hostUniq; -- pid_t pid = getpid(); -- hostUniq.type = htons(TAG_HOST_UNIQ); -- hostUniq.length = htons(sizeof(pid)); -- memcpy(hostUniq.payload, &pid, sizeof(pid)); -- CHECK_ROOM(cursor, packet.payload, sizeof(pid) + TAG_HDR_SIZE); -- memcpy(cursor, &hostUniq, sizeof(pid) + TAG_HDR_SIZE); -- cursor += sizeof(pid) + TAG_HDR_SIZE; -- plen += sizeof(pid) + TAG_HDR_SIZE; -+ if (conn->hostUniq.length) { -+ int len = ntohs(conn->hostUniq.length); -+ CHECK_ROOM(cursor, packet.payload, len + TAG_HDR_SIZE); -+ memcpy(cursor, &conn->hostUniq, len + TAG_HDR_SIZE); -+ cursor += len + TAG_HDR_SIZE; -+ plen += len + TAG_HDR_SIZE; - } - - /* Add our maximum MTU/MRU */ -@@ -478,16 +471,12 @@ sendPADR(PPPoEConnection *conn) - cursor += namelen + TAG_HDR_SIZE; - - /* If we're using Host-Uniq, copy it over */ -- if (conn->useHostUniq) { -- PPPoETag hostUniq; -- pid_t pid = getpid(); -- hostUniq.type = htons(TAG_HOST_UNIQ); -- hostUniq.length = htons(sizeof(pid)); -- memcpy(hostUniq.payload, &pid, sizeof(pid)); -- CHECK_ROOM(cursor, packet.payload, sizeof(pid)+TAG_HDR_SIZE); -- memcpy(cursor, &hostUniq, sizeof(pid) + TAG_HDR_SIZE); -- cursor += sizeof(pid) + TAG_HDR_SIZE; -- plen += sizeof(pid) + TAG_HDR_SIZE; -+ if (conn->hostUniq.length) { -+ int len = ntohs(conn->hostUniq.length); -+ CHECK_ROOM(cursor, packet.payload, len+TAG_HDR_SIZE); -+ memcpy(cursor, &conn->hostUniq, len + TAG_HDR_SIZE); -+ cursor += len + TAG_HDR_SIZE; -+ plen += len + TAG_HDR_SIZE; - } - - /* Add our maximum MTU/MRU */ ---- a/pppd/plugins/rp-pppoe/plugin.c -+++ b/pppd/plugins/rp-pppoe/plugin.c -@@ -65,6 +65,7 @@ static char *existingSession = NULL; - static int printACNames = 0; - static char *pppoe_reqd_mac = NULL; - unsigned char pppoe_reqd_mac_addr[6]; -+static char *host_uniq = NULL; - - static int PPPoEDevnameHook(char *cmd, char **argv, int doit); - static option_t Options[] = { -@@ -82,6 +83,8 @@ static option_t Options[] = { - "Be verbose about discovered access concentrators"}, - { "pppoe-mac", o_string, &pppoe_reqd_mac, - "Only connect to specified MAC address" }, -+ { "host-uniq", o_string, &host_uniq, -+ "Specify custom Host-Uniq" }, - { NULL } - }; - int (*OldDevnameHook)(char *cmd, char **argv, int doit) = NULL; -@@ -107,7 +110,6 @@ PPPOEInitDevice(void) - conn->ifName = devnam; - conn->discoverySocket = -1; - conn->sessionSocket = -1; -- conn->useHostUniq = 1; - conn->printACNames = printACNames; - conn->discoveryTimeout = PADI_TIMEOUT; - return 1; -@@ -163,6 +165,9 @@ PPPOEConnectDevice(void) - if (lcp_wantoptions[0].mru > ifr.ifr_mtu - TOTAL_OVERHEAD) - lcp_wantoptions[0].mru = ifr.ifr_mtu - TOTAL_OVERHEAD; - -+ if (host_uniq && !parseHostUniq(host_uniq, &conn->hostUniq)) -+ fatal("Illegal value for host-uniq option"); -+ - conn->acName = acName; - conn->serviceName = pppd_pppoe_service; - strlcpy(ppp_devnam, devnam, sizeof(ppp_devnam)); ---- a/pppd/plugins/rp-pppoe/pppoe-discovery.c -+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c -@@ -348,7 +348,7 @@ packetIsForMe(PPPoEConnection *conn, PPP - if (memcmp(packet->ethHdr.h_dest, conn->myEth, ETH_ALEN)) return 0; - - /* If we're not using the Host-Unique tag, then accept the packet */ -- if (!conn->useHostUniq) return 1; -+ if (!conn->hostUniq.length) return 1; - - parsePacket(packet, parseForHostUniq, &forMe); - return forMe; -@@ -474,16 +474,12 @@ sendPADI(PPPoEConnection *conn) - cursor += namelen + TAG_HDR_SIZE; - - /* If we're using Host-Uniq, copy it over */ -- if (conn->useHostUniq) { -- PPPoETag hostUniq; -- pid_t pid = getpid(); -- hostUniq.type = htons(TAG_HOST_UNIQ); -- hostUniq.length = htons(sizeof(pid)); -- memcpy(hostUniq.payload, &pid, sizeof(pid)); -- CHECK_ROOM(cursor, packet.payload, sizeof(pid) + TAG_HDR_SIZE); -- memcpy(cursor, &hostUniq, sizeof(pid) + TAG_HDR_SIZE); -- cursor += sizeof(pid) + TAG_HDR_SIZE; -- plen += sizeof(pid) + TAG_HDR_SIZE; -+ if (conn->hostUniq.length) { -+ int len = ntohs(conn->hostUniq.length); -+ CHECK_ROOM(cursor, packet.payload, len + TAG_HDR_SIZE); -+ memcpy(cursor, &conn->hostUniq, len + TAG_HDR_SIZE); -+ cursor += len + TAG_HDR_SIZE; -+ plen += len + TAG_HDR_SIZE; - } - - packet.length = htons(plen); -@@ -645,7 +641,7 @@ int main(int argc, char *argv[]) - - memset(conn, 0, sizeof(PPPoEConnection)); - -- while ((opt = getopt(argc, argv, "I:D:VUAS:C:h")) > 0) { -+ while ((opt = getopt(argc, argv, "I:D:VUW:AS:C:h")) > 0) { - switch(opt) { - case 'S': - conn->serviceName = xstrdup(optarg); -@@ -654,7 +650,23 @@ int main(int argc, char *argv[]) - conn->acName = xstrdup(optarg); - break; - case 'U': -- conn->useHostUniq = 1; -+ if(conn->hostUniq.length) { -+ fprintf(stderr, "-U and -W are mutually exclusive\n"); -+ exit(EXIT_FAILURE); -+ } -+ char pidbuf[5]; -+ snprintf(pidbuf, sizeof(pidbuf), "%04x", getpid()); -+ parseHostUniq(pidbuf, &conn->hostUniq); -+ break; -+ case 'W': -+ if(conn->hostUniq.length) { -+ fprintf(stderr, "-U and -W are mutually exclusive\n"); -+ exit(EXIT_FAILURE); -+ } -+ if (!parseHostUniq(optarg, &conn->hostUniq)) { -+ fprintf(stderr, "Invalid host-uniq argument: %s\n", optarg); -+ exit(EXIT_FAILURE); -+ } - break; - case 'D': - conn->debugFile = fopen(optarg, "w"); ---- a/pppd/plugins/rp-pppoe/pppoe.h -+++ b/pppd/plugins/rp-pppoe/pppoe.h -@@ -21,6 +21,8 @@ - - #include /* For FILE */ - #include /* For pid_t */ -+#include -+#include - - /* How do we access raw Ethernet devices? */ - #undef USE_LINUX_PACKET -@@ -217,7 +219,7 @@ typedef struct PPPoEConnectionStruct { - char *serviceName; /* Desired service name, if any */ - char *acName; /* Desired AC name, if any */ - int synchronous; /* Use synchronous PPP */ -- int useHostUniq; /* Use Host-Uniq tag */ -+ PPPoETag hostUniq; /* Use Host-Uniq tag */ - int printACNames; /* Just print AC names */ - FILE *debugFile; /* Debug file for dumping packets */ - int numPADOs; /* Number of PADO packets received */ -@@ -273,6 +275,33 @@ void pppoe_printpkt(PPPoEPacket *packet, - void (*printer)(void *, char *, ...), void *arg); - void pppoe_log_packet(const char *prefix, PPPoEPacket *packet); - -+static inline int parseHostUniq(const char *uniq, PPPoETag *tag) -+{ -+ int i, len = strlen(uniq); -+ -+#define hex(x) \ -+ (((x) <= '9') ? ((x) - '0') : \ -+ (((x) <= 'F') ? ((x) - 'A' + 10) : \ -+ ((x) - 'a' + 10))) -+ -+ if (len % 2) -+ return 0; -+ -+ for (i = 0; i < len; i += 2) -+ { -+ if (!isxdigit(uniq[i]) || !isxdigit(uniq[i+1])) -+ return 0; -+ -+ tag->payload[i / 2] = (char)(16 * hex(uniq[i]) + hex(uniq[i+1])); -+ } -+ -+#undef hex -+ -+ tag->type = htons(TAG_HOST_UNIQ); -+ tag->length = htons(len / 2); -+ return 1; -+} -+ - #define SET_STRING(var, val) do { if (var) free(var); var = strDup(val); } while(0); - - #define CHECK_ROOM(cursor, start, len) \ diff --git a/package/network/services/ppp/patches/530-pppoe_send_padt.patch b/package/network/services/ppp/patches/530-pppoe_send_padt.patch deleted file mode 100644 index 40fa42021..000000000 --- a/package/network/services/ppp/patches/530-pppoe_send_padt.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/pppd/plugins/rp-pppoe/plugin.c -+++ b/pppd/plugins/rp-pppoe/plugin.c -@@ -275,7 +275,7 @@ PPPOEDisconnectDevice(void) - sizeof(struct sockaddr_pppox)) < 0) - error("Failed to disconnect PPPoE socket: %d %m", errno); - close(conn->sessionSocket); -- /* don't send PADT?? */ -+ sendPADT(conn, NULL); - if (conn->discoverySocket >= 0) - close(conn->discoverySocket); - } diff --git a/package/network/services/ppp/patches/531-pppoe_no_disconnect_warning.patch b/package/network/services/ppp/patches/531-pppoe_no_disconnect_warning.patch deleted file mode 100644 index 799e961cd..000000000 --- a/package/network/services/ppp/patches/531-pppoe_no_disconnect_warning.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- a/pppd/plugins/rp-pppoe/plugin.c -+++ b/pppd/plugins/rp-pppoe/plugin.c -@@ -271,9 +271,8 @@ PPPOEDisconnectDevice(void) - sp.sa_addr.pppoe.sid = 0; - memcpy(sp.sa_addr.pppoe.dev, conn->ifName, IFNAMSIZ); - memcpy(sp.sa_addr.pppoe.remote, conn->peerEth, ETH_ALEN); -- if (connect(conn->sessionSocket, (struct sockaddr *) &sp, -- sizeof(struct sockaddr_pppox)) < 0) -- error("Failed to disconnect PPPoE socket: %d %m", errno); -+ connect(conn->sessionSocket, (struct sockaddr *) &sp, -+ sizeof(struct sockaddr_pppox)); - close(conn->sessionSocket); - sendPADT(conn, NULL); - if (conn->discoverySocket >= 0) diff --git a/package/network/services/ppp/patches/540-save-pppol2tp_fd_str.patch b/package/network/services/ppp/patches/540-save-pppol2tp_fd_str.patch index 7dd2ad844..d6d44afbd 100644 --- a/package/network/services/ppp/patches/540-save-pppol2tp_fd_str.patch +++ b/package/network/services/ppp/patches/540-save-pppol2tp_fd_str.patch @@ -1,8 +1,8 @@ --- a/pppd/plugins/pppol2tp/pppol2tp.c +++ b/pppd/plugins/pppol2tp/pppol2tp.c -@@ -148,6 +148,10 @@ static int setdevname_pppol2tp(char **ar - fatal("PPPoL2TP kernel driver not installed"); - } +@@ -152,6 +152,10 @@ static int setdevname_pppol2tp(char **ar + if (pppol2tp_fd_str == NULL) + novm("PPPoL2TP FD"); + pppol2tp_fd_str = strdup(*argv); + if (pppol2tp_fd_str == NULL) diff --git a/package/network/services/ppp/patches/550-fix-printer-args.patch b/package/network/services/ppp/patches/550-fix-printer-args.patch deleted file mode 100644 index 0eed9428a..000000000 --- a/package/network/services/ppp/patches/550-fix-printer-args.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/pppd/options.c -+++ b/pppd/options.c -@@ -1013,7 +1013,7 @@ print_option(opt, mainopt, printer, arg) - p = (char *) opt->addr2; - if ((opt->flags & OPT_STATIC) == 0) - p = *(char **)p; -- printer("%q", p); -+ printer(arg, "%q", p); - } else if (opt->flags & OPT_A2LIST) { - struct option_value *ovp; - diff --git a/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch b/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch new file mode 100644 index 000000000..9676824f5 --- /dev/null +++ b/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch @@ -0,0 +1,94 @@ +From 831dca008699d485f2c8e91749657ef2d0b06166 Mon Sep 17 00:00:00 2001 +From: Martin Schiller +Date: Thu, 6 Dec 2018 08:43:17 +0100 +Subject: [PATCH] Revert "pppd: Use openssl for the DES instead of the libcrypt + / glibc" + +For musl and glibc2.27 we can keep linking to crypt; however if we +switch to glibc 2.28 we will have to link to one of the SSL libraries. + +This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875. +--- + pppd/Makefile.linux | 7 +++---- + pppd/pppcrypt.c | 18 +++++++++--------- + 2 files changed, 12 insertions(+), 13 deletions(-) + +--- a/pppd/Makefile.linux ++++ b/pppd/Makefile.linux +@@ -35,10 +35,10 @@ endif + COPTS = -O2 -pipe -Wall -g + LIBS = + +-# Uncomment the next line to include support for Microsoft's ++# Uncomment the next 2 lines to include support for Microsoft's + # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux. + CHAPMS=y +-#USE_CRYPT=y ++USE_CRYPT=y + # Don't use MSLANMAN unless you really know what you're doing. + #MSLANMAN=y + # Uncomment the next line to include support for MPPE. CHAPMS (above) must +@@ -140,8 +140,7 @@ endif + + ifdef NEEDDES + ifndef USE_CRYPT +-CFLAGS += -I$(shell $(CC) --print-sysroot)/usr/include/openssl +-LIBS += -lcrypto ++LIBS += -ldes $(LIBS) + else + CFLAGS += -DUSE_CRYPT=1 + endif +--- a/pppd/pppcrypt.c ++++ b/pppd/pppcrypt.c +@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key w + des_key[7] = Get7Bits(key, 49); + + #ifndef USE_CRYPT +- DES_set_odd_parity((DES_cblock *)des_key); ++ des_set_odd_parity((des_cblock *)des_key); + #endif + } + +@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */ + } + + #else /* USE_CRYPT */ +-static DES_key_schedule key_schedule; ++static des_key_schedule key_schedule; + + bool + DesSetkey(key) + u_char *key; + { +- DES_cblock des_key; ++ des_cblock des_key; + MakeKey(key, des_key); +- DES_set_key(&des_key, &key_schedule); ++ des_set_key(&des_key, key_schedule); + return (1); + } + + bool +-DesEncrypt(clear, cipher) ++DesEncrypt(clear, key, cipher) + u_char *clear; /* IN 8 octets */ + u_char *cipher; /* OUT 8 octets */ + { +- DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher, +- &key_schedule, 1); ++ des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, ++ key_schedule, 1); + return (1); + } + +@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear) + u_char *cipher; /* IN 8 octets */ + u_char *clear; /* OUT 8 octets */ + { +- DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear, +- &key_schedule, 0); ++ des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear, ++ key_schedule, 0); + return (1); + } + diff --git a/package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch b/package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch new file mode 100644 index 000000000..1c5722e6d --- /dev/null +++ b/package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch @@ -0,0 +1,30 @@ +From 858976b1fc3107f1261aae337831959b511b83c2 Mon Sep 17 00:00:00 2001 +From: Paul Mackerras +Date: Sat, 4 Jan 2020 12:01:32 +1100 +Subject: [PATCH] radius: Prevent buffer overflow in rc_mksid() + +On some systems getpid() can return a value greater than 65535. +Increase the size of buf[] to allow for this, and use slprintf() +to make sure we never overflow it. + +Signed-off-by: Paul Mackerras +--- + pppd/plugins/radius/util.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/pppd/plugins/radius/util.c b/pppd/plugins/radius/util.c +index 6f976a712951..740131e8377c 100644 +--- a/pppd/plugins/radius/util.c ++++ b/pppd/plugins/radius/util.c +@@ -73,9 +73,9 @@ void rc_mdelay(int msecs) + char * + rc_mksid (void) + { +- static char buf[15]; ++ static char buf[32]; + static unsigned short int cnt = 0; +- sprintf (buf, "%08lX%04X%02hX", ++ slprintf(buf, sizeof(buf), "%08lX%04X%02hX", + (unsigned long int) time (NULL), + (unsigned int) getpid (), + cnt & 0xFF); diff --git a/package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch b/package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch new file mode 100644 index 000000000..c2ca9729e --- /dev/null +++ b/package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch @@ -0,0 +1,37 @@ +From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001 +From: Paul Mackerras +Date: Mon, 3 Feb 2020 15:53:28 +1100 +Subject: [PATCH] pppd: Fix bounds check in EAP code + +Given that we have just checked vallen < len, it can never be the case +that vallen >= len + sizeof(rhostname). This fixes the check so we +actually avoid overflowing the rhostname array. + +Reported-by: Ilja Van Sprundel +Signed-off-by: Paul Mackerras +--- + pppd/eap.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/pppd/eap.c b/pppd/eap.c +index 94407f56a336..1b93db01aebd 100644 +--- a/pppd/eap.c ++++ b/pppd/eap.c +@@ -1420,7 +1420,7 @@ int len; + } + + /* Not so likely to happen. */ +- if (vallen >= len + sizeof (rhostname)) { ++ if (len - vallen >= sizeof (rhostname)) { + dbglog("EAP: trimming really long peer name down"); + BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); + rhostname[sizeof (rhostname) - 1] = '\0'; +@@ -1846,7 +1846,7 @@ int len; + } + + /* Not so likely to happen. */ +- if (vallen >= len + sizeof (rhostname)) { ++ if (len - vallen >= sizeof (rhostname)) { + dbglog("EAP: trimming really long peer name down"); + BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); + rhostname[sizeof (rhostname) - 1] = '\0'; diff --git a/package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch b/package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch new file mode 100644 index 000000000..7286d81a5 --- /dev/null +++ b/package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch @@ -0,0 +1,61 @@ +From 8d45443bb5c9372b4c6a362ba2f443d41c5636af Mon Sep 17 00:00:00 2001 +From: Paul Mackerras +Date: Mon, 3 Feb 2020 16:31:42 +1100 +Subject: [PATCH] pppd: Ignore received EAP messages when not doing EAP + +This adds some basic checks to the subroutines of eap_input to check +that we have requested or agreed to doing EAP authentication before +doing any processing on the received packet. The motivation is to +make it harder for a malicious peer to disrupt the operation of pppd +by sending unsolicited EAP packets. Note that eap_success() already +has a check that the EAP client state is reasonable, and does nothing +(apart from possibly printing a debug message) if not. + +Signed-off-by: Paul Mackerras +--- + pppd/eap.c | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/pppd/eap.c b/pppd/eap.c +index 1b93db01aebd..082e95343120 100644 +--- a/pppd/eap.c ++++ b/pppd/eap.c +@@ -1328,6 +1328,12 @@ int len; + int fd; + #endif /* USE_SRP */ + ++ /* ++ * Ignore requests if we're not open ++ */ ++ if (esp->es_client.ea_state <= eapClosed) ++ return; ++ + /* + * Note: we update es_client.ea_id *only if* a Response + * message is being generated. Otherwise, we leave it the +@@ -1736,6 +1742,12 @@ int len; + u_char dig[SHA_DIGESTSIZE]; + #endif /* USE_SRP */ + ++ /* ++ * Ignore responses if we're not open ++ */ ++ if (esp->es_server.ea_state <= eapClosed) ++ return; ++ + if (esp->es_server.ea_id != id) { + dbglog("EAP: discarding Response %d; expected ID %d", id, + esp->es_server.ea_id); +@@ -2047,6 +2059,12 @@ u_char *inp; + int id; + int len; + { ++ /* ++ * Ignore failure messages if we're not open ++ */ ++ if (esp->es_client.ea_state <= eapClosed) ++ return; ++ + if (!eap_client_active(esp)) { + dbglog("EAP unexpected failure message in state %s (%d)", + eap_state_name(esp->es_client.ea_state),