Djam/ppp
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/ppp.git synced 2025-02-23 06:03:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

2.4.9

Browse source
This commit is contained in:
Alexander Stefanov 2021-01-07 20:05:20 +00:00
parent 222f9b110b
commit 1b883672f9
45 changed files with 1247 additions and 4187 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.abf.yml
View file

@ -1,5 +1,3 @@
sources:
ppp-2.4.1-mppe-crypto.tar.bz2: 9652e5a21131239f6e8499d4dbc448a9eeee132f
ppp-2.4.7.tar.gz: 808b023172ea7189bc0d49935bf37a5382a1fe13
ppp-dhcpc.tar.bz2: 8b49c9b8ccde83f69c4b0c9cae6454cdba0845ca
2.4.9.tar.gz: 4241f65a5f8e1efb3874b9c7887d38ae4d05d112
ppp-watch.tar.xz: 74b6db205dc46fc179a2a3bc3d726ddfeb03c801

74
ppp-2.3.6-sample.patch → 0004-doc-add-configuration-samples.patch
View file

@ -1,5 +1,30 @@
--- ppp-2.3.3/sample/auth-down.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/auth-down Tue Jan 6 17:53:27 1998
From d7faeb88f684c8b2ae193b2c5b5b358ac757fcfa Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:39:09 +0200
Subject: [PATCH 04/27] doc: add configuration samples
---
sample/auth-down | 17 ++++++
sample/auth-up | 17 ++++++
sample/ip-down | 22 ++++++++
sample/ip-up | 23 ++++++++
sample/options | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++
sample/options.ttyXX | 14 +++++
sample/pap-secrets | 28 ++++++++++
7 files changed, 274 insertions(+)
create mode 100644 sample/auth-down
create mode 100644 sample/auth-up
create mode 100644 sample/ip-down
create mode 100644 sample/ip-up
create mode 100644 sample/options
create mode 100644 sample/options.ttyXX
create mode 100644 sample/pap-secrets
diff --git a/sample/auth-down b/sample/auth-down
new file mode 100644
index 0000000..edde65d
--- /dev/null
+++ b/sample/auth-down
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
@ -18,8 +43,11 @@
+echo auth-down `date +'%y/%m/%d %T'` $* >> /var/log/pppstats
+
+# last line
--- ppp-2.3.3/sample/auth-up.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/auth-up Tue Jan 6 17:53:27 1998
diff --git a/sample/auth-up b/sample/auth-up
new file mode 100644
index 0000000..54722a3
--- /dev/null
+++ b/sample/auth-up
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
@ -38,8 +66,11 @@
+echo auth-up `date +'%y/%m/%d %T'` $* >> /var/log/pppstats
+
+# last line
--- ppp-2.3.3/sample/ip-down.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/ip-down Tue Jan 6 17:53:27 1998
diff --git a/sample/ip-down b/sample/ip-down
new file mode 100644
index 0000000..b771fb6
--- /dev/null
+++ b/sample/ip-down
@@ -0,0 +1,22 @@
+#!/bin/sh
+#
@ -63,8 +94,11 @@
+export PATH
+
+# last line
--- ppp-2.3.3/sample/ip-up.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/ip-up Tue Jan 6 17:53:27 1998
diff --git a/sample/ip-up b/sample/ip-up
new file mode 100644
index 0000000..7ce7c8d
--- /dev/null
+++ b/sample/ip-up
@@ -0,0 +1,23 @@
+#!/bin/sh
+#
@ -89,8 +123,11 @@
+export PATH
+
+# last line
--- ppp-2.3.3/sample/options.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/options Tue Jan 6 17:53:27 1998
diff --git a/sample/options b/sample/options
new file mode 100644
index 0000000..8d0a3f9
--- /dev/null
+++ b/sample/options
@@ -0,0 +1,153 @@
+# /etc/ppp/options
+
@ -245,8 +282,11 @@
+noipx
+
+# ---<End of File>---
--- ppp-2.3.3/sample/options.ttyXX.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/options.ttyXX Tue Jan 6 17:53:27 1998
diff --git a/sample/options.ttyXX b/sample/options.ttyXX
new file mode 100644
index 0000000..d4202f5
--- /dev/null
+++ b/sample/options.ttyXX
@@ -0,0 +1,14 @@
+# If you need to set up multiple serial lines then copy this file to
+# options.<ttyname> for each tty with a modem on it.
@ -262,8 +302,11 @@
+# is the IP address of your host
+#
+hostname-s1:hostname
--- ppp-2.3.3/sample/pap-secrets.sample Tue Jan 6 17:53:27 1998
+++ ppp-2.3.3/sample/pap-secrets Tue Jan 6 17:53:27 1998
diff --git a/sample/pap-secrets b/sample/pap-secrets
new file mode 100644
index 0000000..098971b
--- /dev/null
+++ b/sample/pap-secrets
@@ -0,0 +1,28 @@
+# Secrets for authentication using PAP
+# client server secret IP addresses
@ -293,3 +336,6 @@
+#root hostname "*" -
+#support hostname "*" -
+#stats hostname "*" -
--
1.8.3.1

85
0006-scritps-use-change_resolv_conf-function.patch Normal file
View file

@ -0,0 +1,85 @@
From 01419dfb684d501b57f1c24dcfdbcf9da93ccca2 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:12:47 +0200
Subject: [PATCH 06/27] scritps: use change_resolv_conf function
Don't handle /etc/resolv.conf manually, but use a helper function from
initscripts. Also change path where we save DNS servers supplied by peer while
we are at it.
Resolves: #132482
---
pppd/pppd.8 | 2 +-
scripts/ip-down.local.add | 9 +++++----
scripts/ip-up.local.add | 17 ++++++++++-------
3 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/pppd/pppd.8 b/pppd/pppd.8
index e2768b1..2dd6e1a 100644
--- a/pppd/pppd.8
+++ b/pppd/pppd.8
@@ -1099,7 +1099,7 @@ Ask the peer for up to 2 DNS server addresses. The addresses supplied
by the peer (if any) are passed to the /etc/ppp/ip\-up script in the
environment variables DNS1 and DNS2, and the environment variable
USEPEERDNS will be set to 1. In addition, pppd will create an
-/etc/ppp/resolv.conf file containing one or two nameserver lines with
+/var/run/ppp/resolv.conf file containing one or two nameserver lines with
the address(es) supplied by the peer.
.TP
.B user \fIname
diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add
index b93590e..163f71e 100644
--- a/scripts/ip-down.local.add
+++ b/scripts/ip-down.local.add
@@ -9,12 +9,13 @@
#
# Nick Walker (nickwalker@email.com)
#
+. /etc/sysconfig/network-scripts/network-functions
-if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
- if [ -f /etc/ppp/resolv.prev ]; then
- cp -f /etc/ppp/resolv.prev /etc/resolv.conf
+if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
+ if [ -f /var/run/ppp/resolv.prev ]; then
+ change_resolv_conf /var/run/ppp/resolv.prev
else
- rm -f /etc/resolv.conf
+ change_resolv_conf
fi
fi
diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
index 8017209..26cf5f8 100644
--- a/scripts/ip-up.local.add
+++ b/scripts/ip-up.local.add
@@ -9,16 +9,19 @@
#
# Nick Walker (nickwalker@email.com)
#
+. /etc/sysconfig/network-scripts/network-functions
-if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
- rm -f /etc/ppp/resolv.prev
+if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
+ rm -f /var/run/ppp/resolv.prev
if [ -f /etc/resolv.conf ]; then
- cp /etc/resolv.conf /etc/ppp/resolv.prev
- grep domain /etc/ppp/resolv.prev > /etc/resolv.conf
- grep search /etc/ppp/resolv.prev >> /etc/resolv.conf
- cat /etc/ppp/resolv.conf >> /etc/resolv.conf
+ cp /etc/resolv.conf /var/run/ppp/resolv.prev
+ rscf=/var/run/ppp/resolv.new
+ grep domain /var/run/ppp/resolv.prev > $rscf
+ grep search /var/run/ppp/resolv.prev >> $rscf
+ change_resolv_conf $rscf
+ rm -f $rscf
else
- cp /etc/ppp/resolv.conf /etc
+ change_resolv_conf /var/run/ppp/resolv.conf
fi
fi
--
1.8.3.1

45
ppp-2.4.4-dontwriteetc.patch → 0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch
View file

@ -1,6 +1,20 @@
--- ppp-2.4.4/chat/chat.8.dontwriteetc 2004-11-13 07:22:49.000000000 -0500
+++ ppp-2.4.4/chat/chat.8 2006-11-17 12:09:28.000000000 -0500
@@ -200,7 +200,7 @@
From b4ef433be936c90e356da7a590b032cdee219a3f Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 19:06:05 +0200
Subject: [PATCH 11/27] build-sys: don't put connect-errors log to /etc/ppp/
Resolves: #118837
---
chat/chat.8 | 2 +-
linux/Makefile.top | 8 +++++++-
pppd/pathnames.h | 4 ++--
3 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/chat/chat.8 b/chat/chat.8
index 6d10836..78d6939 100644
--- a/chat/chat.8
+++ b/chat/chat.8
@@ -200,7 +200,7 @@ The \fBSAY\fR directive allows the script to send strings to the user
at the terminal via standard error. If \fBchat\fR is being run by
pppd, and pppd is running as a daemon (detached from its controlling
terminal), standard error will normally be redirected to the file
@ -9,18 +23,20 @@
.LP
\fBSAY\fR strings must be enclosed in single or double quotes. If
carriage return and line feed are needed in the string to be output,
--- ppp-2.4.4/linux/Makefile.top.dontwriteetc 2006-06-04 01:04:14.000000000 -0400
+++ ppp-2.4.4/linux/Makefile.top 2006-11-17 12:10:06.000000000 -0500
@@ -5,6 +5,8 @@
diff --git a/linux/Makefile.top b/linux/Makefile.top
index f63d45e..f42efd5 100644
--- a/linux/Makefile.top
+++ b/linux/Makefile.top
@@ -5,6 +5,8 @@ BINDIR = $(DESTDIR)/sbin
INCDIR = $(DESTDIR)/include
MANDIR = $(DESTDIR)/share/man
ETCDIR = $(INSTROOT)@SYSCONF@/ppp
+RUNDIR = $(INSTROOT)/var/run/ppp
+LOGDIR = $(INSTROOT)/var/log/ppp
+RUNDIR = $(DESTDIR)/var/run/ppp
+LOGDIR = $(DESTDIR)/var/log/ppp
# uid 0 = root
INSTALL= install
@@ -16,7 +18,7 @@
@@ -16,7 +18,7 @@ all:
cd pppstats; $(MAKE) $(MFLAGS) all
cd pppdump; $(MAKE) $(MFLAGS) all
@ -29,7 +45,7 @@
install-progs:
cd chat; $(MAKE) $(MFLAGS) install
@@ -44,6 +46,10 @@
@@ -44,6 +46,10 @@ $(MANDIR)/man8:
$(INSTALL) -d -m 755 $@
$(ETCDIR):
$(INSTALL) -d -m 755 $@
@ -40,8 +56,10 @@
clean:
rm -f `find . -name '*.[oas]' -print`
--- ppp-2.4.4/pppd/pathnames.h.dontwriteetc 2005-08-25 19:59:34.000000000 -0400
+++ ppp-2.4.4/pppd/pathnames.h 2006-11-17 11:42:16.000000000 -0500
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index a427cb8..bef3160 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -28,9 +28,9 @@
#define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up"
#define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down"
@ -54,3 +72,6 @@
#define _PATH_USEROPT ".ppprc"
#define _PATH_PSEUDONYM ".ppp_pseudonym"
--
1.8.3.1

149
0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch Normal file
View file

@ -0,0 +1,149 @@
diff --git a/pppd/plugins/pppoatm/pppoatm.c b/pppd/plugins/pppoatm/pppoatm.c
index d693350..c31bb34 100644
--- a/pppd/plugins/pppoatm/pppoatm.c
+++ b/pppd/plugins/pppoatm/pppoatm.c
@@ -135,7 +135,7 @@ static int connect_pppoatm(void)
if (!device_got_set)
no_device_given_pppoatm();
- fd = socket(AF_ATMPVC, SOCK_DGRAM, 0);
+ fd = socket(AF_ATMPVC, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (fd < 0)
fatal("failed to create socket: %m");
memset(&qos, 0, sizeof qos);
diff --git a/pppd/plugins/pppol2tp/openl2tp.c b/pppd/plugins/pppol2tp/openl2tp.c
index 9643b96..1099575 100644
--- a/pppd/plugins/pppol2tp/openl2tp.c
+++ b/pppd/plugins/pppol2tp/openl2tp.c
@@ -83,7 +83,7 @@ static int openl2tp_client_create(void)
int result;
if (openl2tp_fd < 0) {
- openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM, 0);
+ openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (openl2tp_fd < 0) {
error("openl2tp connection create: %m");
return -ENOTCONN;
diff --git a/pppd/plugins/pppol2tp/pppol2tp.c b/pppd/plugins/pppol2tp/pppol2tp.c
index a7e3400..e64a778 100644
--- a/pppd/plugins/pppol2tp/pppol2tp.c
+++ b/pppd/plugins/pppol2tp/pppol2tp.c
@@ -208,7 +208,7 @@ static void send_config_pppol2tp(int mtu,
struct ifreq ifr;
int fd;
- fd = socket(AF_INET, SOCK_DGRAM, 0);
+ fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (fd >= 0) {
memset (&ifr, '\0', sizeof (ifr));
strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
diff --git a/pppd/plugins/pppoe/if.c b/pppd/plugins/pppoe/if.c
index 91e9a57..72aba41 100644
--- a/pppd/plugins/pppoe/if.c
+++ b/pppd/plugins/pppoe/if.c
@@ -116,7 +116,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
stype = SOCK_PACKET;
#endif
- if ((fd = socket(domain, stype, htons(type))) < 0) {
+ if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) {
/* Give a more helpful message for the common error case */
if (errno == EPERM) {
fatal("Cannot create raw socket -- pppoe must be run as root.");
diff --git a/pppd/plugins/pppoe/plugin.c b/pppd/plugins/pppoe/plugin.c
index a8c2bb4..24bdf8f 100644
--- a/pppd/plugins/pppoe/plugin.c
+++ b/pppd/plugins/pppoe/plugin.c
@@ -137,7 +137,7 @@ PPPOEConnectDevice(void)
/* server equipment). */
/* Opening this socket just before waitForPADS in the discovery() */
/* function would be more appropriate, but it would mess-up the code */
- conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM, PX_PROTO_OE);
+ conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM | SOCK_CLOEXEC, PX_PROTO_OE);
if (conn->sessionSocket < 0) {
error("Failed to create PPPoE socket: %m");
return -1;
@@ -148,7 +148,7 @@ PPPOEConnectDevice(void)
lcp_wantoptions[0].mru = conn->mru;
/* Update maximum MRU */
- s = socket(AF_INET, SOCK_DGRAM, 0);
+ s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (s < 0) {
error("Can't get MTU for %s: %m", conn->ifName);
goto errout;
@@ -320,7 +320,7 @@ PPPoEDevnameHook(char *cmd, char **argv, int doit)
}
/* Open a socket */
- if ((fd = socket(PF_PACKET, SOCK_RAW, 0)) < 0) {
+ if ((fd = socket(PF_PACKET, SOCK_RAW | SOCK_CLOEXEC, 0)) < 0) {
r = 0;
}
diff --git a/pppd/plugins/pppoe/pppoe-discovery.c b/pppd/plugins/pppoe/pppoe-discovery.c
index 3d3bf4e..c0d927d 100644
--- a/pppd/plugins/pppoe/pppoe-discovery.c
+++ b/pppd/plugins/pppoe/pppoe-discovery.c
@@ -121,7 +121,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
stype = SOCK_PACKET;
#endif
- if ((fd = socket(domain, stype, htons(type))) < 0) {
+ if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) {
/* Give a more helpful message for the common error case */
if (errno == EPERM) {
fatal("Cannot create raw socket -- pppoe must be run as root.");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 00a2cf5..0690019 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -308,12 +308,12 @@ static int modify_flags(int fd, int clear_bits, int set_bits)
void sys_init(void)
{
/* Get an internet socket for doing socket ioctls. */
- sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+ sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock_fd < 0)
fatal("Couldn't create IP socket: %m(%d)", errno);
#ifdef INET6
- sock6_fd = socket(AF_INET6, SOCK_DGRAM, 0);
+ sock6_fd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock6_fd < 0)
sock6_fd = -errno; /* save errno for later */
#endif
@@ -1857,7 +1857,7 @@ get_if_hwaddr(u_char *addr, char *name)
struct ifreq ifreq;
int ret, sock_fd;
- sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+ sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock_fd < 0)
return -1;
memset(&ifreq.ifr_hwaddr, 0, sizeof(struct sockaddr));
@@ -2067,7 +2067,7 @@ int ppp_available(void)
/*
* Open a socket for doing the ioctl operations.
*/
- s = socket(AF_INET, SOCK_DGRAM, 0);
+ s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (s < 0)
return 0;
diff --git a/pppd/tty.c b/pppd/tty.c
index bc96695..8e76a5d 100644
--- a/pppd/tty.c
+++ b/pppd/tty.c
@@ -896,7 +896,7 @@ open_socket(dest)
*sep = ':';
/* get a socket and connect it to the other end */
- sock = socket(PF_INET, SOCK_STREAM, 0);
+ sock = socket(PF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (sock < 0) {
error("Can't create socket: %m");
return -1;
--
1.8.3.1

44
0015-pppd-move-pppd-database-to-var-run-ppp.patch Normal file
View file

@ -0,0 +1,44 @@
From f2c855462ff56be4121409c7e048cd2503fe0ccf Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@fedoraproject.org>
Date: Mon, 7 Apr 2014 14:26:20 +0200
Subject: [PATCH 15/27] pppd: move pppd database to /var/run/ppp
Resolves: #560014
---
pppd/pathnames.h | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index bef3160..24e010c 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -6,8 +6,9 @@
#ifdef HAVE_PATHS_H
#include <paths.h>
-
+#define _PPP_SUBDIR "ppp/"
#else /* HAVE_PATHS_H */
+#define _PPP_SUBDIR
#ifndef _PATH_VARRUN
#define _PATH_VARRUN "/etc/ppp/"
#endif
@@ -46,13 +47,9 @@
#endif /* IPX_CHANGE */
#ifdef __STDC__
-#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN "pppd2.tdb"
+#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb"
#else /* __STDC__ */
-#ifdef HAVE_PATHS_H
-#define _PATH_PPPDB "/var/run/pppd2.tdb"
-#else
-#define _PATH_PPPDB "/etc/ppp/pppd2.tdb"
-#endif
+#define _PATH_PPPDB _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb"
#endif /* __STDC__ */
#ifdef PLUGIN
--
1.8.3.1

115
0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch Normal file
View file

@ -0,0 +1,115 @@
diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux
index 3cd9101..9918091 100644
--- a/pppd/plugins/pppoe/Makefile.linux
+++ b/pppd/plugins/pppoe/Makefile.linux
@@ -16,6 +16,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
+MANDIR = $(DESTDIR)/share/man/man8
LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
@@ -46,6 +47,7 @@ install: all
$(LN_S) pppoe.so $(LIBDIR)/rp-pppoe.so
$(INSTALL) -d -m 755 $(BINDIR)
$(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR)
clean:
rm -f *.o *.so pppoe-discovery
diff --git a/pppd/plugins/pppoe/pppoe-discovery.8 b/pppd/plugins/pppoe/pppoe-discovery.8
new file mode 100644
index 0000000..d0a93db
--- /dev/null
+++ b/pppd/plugins/pppoe/pppoe-discovery.8
@@ -0,0 +1,86 @@
+.\" pppoe-discovery.8 written by
+.\" Ben Hutchings <ben@decadentplace.org.uk>, based on pppoe.8.
+.\" Licenced under the GPL version 2 or later.
+.TH PPPOE-DISCOVERY 8
+.SH NAME
+pppoe\-discovery \- perform PPPoE discovery
+.SH SYNOPSIS
+.B pppoe\-discovery
+[
+.I options
+]
+.br
+.BR pppoe\-discovery " { " \-V " | " \-h " }"
+.SH DESCRIPTION
+.LP
+\fBpppoe\-discovery\fR performs the same discovery process as
+\fBpppoe\fR, but does not initiate a session.
+It sends a PADI packet and then prints the names of access
+concentrators in each PADO packet it receives.
+.SH OPTIONS
+.TP
+.BI \-I " interface"
+.RS
+The \fB\-I\fR option specifies the Ethernet interface to use.
+Under Linux, it is typically eth0 or eth1.
+The interface should be \(lqup\(rq before you start
+\fBpppoe\-discovery\fR, but should \fInot\fR be configured to have an
+IP address.
+The default interface is eth0.
+.RE
+.TP
+.BI \-D " file_name"
+.RS
+The \fB\-D\fR option causes every packet to be dumped to the specified
+\fIfile_name\fR.
+This is intended for debugging only.
+.RE
+.TP
+.B \-U
+.RS
+Causes \fBpppoe\-discovery\fR to use the Host-Uniq tag in its discovery
+packets.
+This lets you run multiple instances of \fBpppoe\-discovery\fR and/or
+\fBpppoe\fR without having their discovery packets interfere with one
+another.
+You must supply this option to \fIall\fR instances that you intend to
+run simultaneously.
+.RE
+.TP
+.BI \-S " service_name"
+.RS
+Specifies the desired service name.
+\fBpppoe\-discovery\fR will only accept access concentrators which can
+provide the specified service.
+In most cases, you should \fInot\fR specify this option.
+Use it only if you know that there are multiple access concentrators
+or know that you need a specific service name.
+.RE
+.TP
+.BI \-C " ac_name"
+.RS
+Specifies the desired access concentrator name.
+\fBpppoe\-discovery\fR will only accept the specified access
+concentrator.
+In most cases, you should \fInot\fR specify this option.
+Use it only if you know that there are multiple access concentrators.
+If both the \fB\-S\fR and \fB\-C\fR options are specified, they must
+\fIboth\fR match.
+.RE
+.TP
+.B \-A
+.RS
+This option is accepted for compatibility with \fBpppoe\fR, but has no
+effect.
+.RE
+.TP
+.BR \-V " | " \-h
+.RS
+Either of these options causes \fBpppoe\-discovery\fR to print its
+version number and usage information, then exit.
+.RE
+.SH AUTHORS
+\fBpppoe\-discovery\fR was written by Marco d'Itri <md@linux.it>,
+based on \fBpppoe\fR by David F. Skoll <dfs@roaringpenguin.com>.
+.SH SEE ALSO
+pppoe(8), pppoe-sniff(8)
--
1.8.3.1

27
0018-scritps-fix-ip-up.local-sample.patch Normal file
View file

@ -0,0 +1,27 @@
From 40960f91cdd06da387616ec838ae2599e7f01cee Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@fedoraproject.org>
Date: Mon, 7 Apr 2014 15:24:01 +0200
Subject: [PATCH 18/27] scritps: fix ip-up.local sample
Resolves: #613717
---
scripts/ip-up.local.add | 3 +++
1 file changed, 3 insertions(+)
diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
index 26cf5f8..282337c 100644
--- a/scripts/ip-up.local.add
+++ b/scripts/ip-up.local.add
@@ -18,6 +18,9 @@ if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
rscf=/var/run/ppp/resolv.new
grep domain /var/run/ppp/resolv.prev > $rscf
grep search /var/run/ppp/resolv.prev >> $rscf
+ if [ -f /var/run/ppp/resolv.conf ]; then
+ cat /var/run/ppp/resolv.conf >> $rscf
+ fi
change_resolv_conf $rscf
rm -f $rscf
else
--
1.8.3.1

26
0020-pppd-put-lock-files-in-var-lock-ppp.patch Normal file
View file

@ -0,0 +1,26 @@
From c5a5f795b1defcb6d168e79c4d1fc371dfc556ca Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@redhat.com>
Date: Wed, 9 Apr 2014 09:29:50 +0200
Subject: [PATCH 20/27] pppd: put lock files in /var/lock/ppp
Resolves: #708260
---
pppd/utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/utils.c b/pppd/utils.c
index 6051b9a..8407492 100644
--- a/pppd/utils.c
+++ b/pppd/utils.c
@@ -846,7 +846,7 @@ complete_read(int fd, void *buf, size_t count)
/* Procedures for locking the serial device using a lock file. */
#ifndef LOCK_DIR
#ifdef __linux__
-#define LOCK_DIR "/var/lock"
+#define LOCK_DIR "/var/lock/ppp"
#else
#ifdef SVR4
#define LOCK_DIR "/var/spool/locks"
--
1.8.3.1

20
0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch Normal file
View file

@ -0,0 +1,20 @@
diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux
index 2df887b..6cb8397 100644
--- a/pppd/plugins/pppoe/Makefile.linux
+++ b/pppd/plugins/pppoe/Makefile.linux
@@ -43,12 +43,12 @@ pppoe.so: plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -c -m 4550 pppoe.so $(LIBDIR)
+ $(INSTALL) -c -m 755 pppoe.so $(LIBDIR)
# Symlink for backward compatibility
$(LN_S) pppoe.so $(LIBDIR)/rp-pppoe.so
$(INSTALL) -d -m 755 $(BINDIR)
- $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
- $(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR)
+ $(INSTALL) -c -m 755 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 644 pppoe-discovery.8 $(MANDIR)
clean:
rm -f *.o *.so pppoe-discovery

26
0024-build-sys-install-pppoatm-plugin-files-with-standard.patch Normal file
View file

@ -0,0 +1,26 @@
From 0fdb22ef3d3cc3b297372451d60bd6c61d047d27 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 10 Apr 2014 10:08:41 +0200
Subject: [PATCH 24/27] build-sys: install pppoatm plugin files with standard
perms
---
pppd/plugins/pppoatm/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 769794b..4c5826f 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -37,7 +37,7 @@ $(PLUGIN): $(PLUGIN_OBJS)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -c -m 4550 $(PLUGIN) $(LIBDIR)
+ $(INSTALL) -c -m 755 $(PLUGIN) $(LIBDIR)
clean:
rm -f *.o *.so
--
1.8.3.1

37
8d7970b8f3db727fe798b65f3377fe6787575426.patch
View file

@ -1,37 +0,0 @@
From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001
From: Paul Mackerras <paulus@ozlabs.org>
Date: Mon, 3 Feb 2020 15:53:28 +1100
Subject: [PATCH] pppd: Fix bounds check in EAP code
Given that we have just checked vallen < len, it can never be the case
that vallen >= len + sizeof(rhostname). This fixes the check so we
actually avoid overflowing the rhostname array.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
---
pppd/eap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/eap.c b/pppd/eap.c
index 94407f56..1b93db01 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
@@ -1420,7 +1420,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';
@@ -1846,7 +1846,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';

107
FEDORA-glibc-2.28.patch
View file

@ -1,107 +0,0 @@
From 3c7b86229f7bd2600d74db14b1fe5b3896be3875 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= <jskarvad@redhat.com>
Date: Fri, 6 Apr 2018 14:27:18 +0200
Subject: [PATCH] pppd: Use openssl for the DES instead of the libcrypt / glibc
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[https://github.com/paulusmack/ppp/commit/3c7b86229f7bd2600d74db14b1fe5b3896be3875]
It seems the latest glibc (in Fedora glibc-2.27.9000-12.fc29) dropped
libcrypt. The libxcrypt standalone package can be used instead, but
it dropped the old setkey/encrypt API which ppp uses for DES. There
is support for using openssl in pppcrypt.c, but it contains typos
preventing it from compiling and seems to be written for an ancient
openssl version.
This updates the code to use current openssl.
[paulus@ozlabs.org - wrote the commit description, fixed comment in
Makefile.linux.]
Signed-off-by: Jaroslav Škarvada <jskarvad@redhat.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
---
pppd/Makefile.linux | 7 ++++---
pppd/pppcrypt.c | 18 +++++++++---------
2 files changed, 13 insertions(+), 12 deletions(-)
--- ppp-2.4.7.orig/pppd/Makefile.linux
+++ ppp-2.4.7/pppd/Makefile.linux
@@ -35,10 +35,10 @@ endif
COPTS = -O2 -pipe -Wall -g
LIBS = -lcrypto
-# Uncomment the next 2 lines to include support for Microsoft's
+# Uncomment the next line to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
CHAPMS=y
-USE_CRYPT=y
+#USE_CRYPT=y
# Don't use MSLANMAN unless you really know what you're doing.
#MSLANMAN=y
# Uncomment the next line to include support for MPPE. CHAPMS (above) must
@@ -142,7 +142,8 @@ endif
ifdef NEEDDES
ifndef USE_CRYPT
-LIBS += -ldes $(LIBS)
+CFLAGS += -I/usr/include/openssl
+LIBS += -lcrypto
else
CFLAGS += -DUSE_CRYPT=1
endif
--- ppp-2.4.7.orig/pppd/pppcrypt.c
+++ ppp-2.4.7/pppd/pppcrypt.c
@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key w
des_key[7] = Get7Bits(key, 49);
#ifndef USE_CRYPT
- des_set_odd_parity((des_cblock *)des_key);
+ DES_set_odd_parity((DES_cblock *)des_key);
#endif
}
@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */
}
#else /* USE_CRYPT */
-static des_key_schedule key_schedule;
+static DES_key_schedule key_schedule;
bool
DesSetkey(key)
u_char *key;
{
- des_cblock des_key;
+ DES_cblock des_key;
MakeKey(key, des_key);
- des_set_key(&des_key, key_schedule);
+ DES_set_key(&des_key, &key_schedule);
return (1);
}
bool
-DesEncrypt(clear, key, cipher)
+DesEncrypt(clear, cipher)
u_char *clear; /* IN 8 octets */
u_char *cipher; /* OUT 8 octets */
{
- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,
- key_schedule, 1);
+ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
+ &key_schedule, 1);
return (1);
}
@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
u_char *cipher; /* IN 8 octets */
u_char *clear; /* OUT 8 octets */
{
- des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear,
- key_schedule, 0);
+ DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
+ &key_schedule, 0);
return (1);
}

5
README.pppoatm
View file

@ -1,5 +0,0 @@
Example of pppd use
./pppd plugin plugins/pppoatm.so 0.80 192.0.2.1:192.0.2.2
http://www.sfgoth.com/~mitch/linux/atm/pppoatm/

0
ifdown-ppp Executable file → Normal file
View file

18
ifup-ppp Executable file → Normal file
View file

@ -42,10 +42,10 @@ if [ "${2}" = "boot" -a "${ONBOOT}" = "no" ]; then
fi
[ -x /usr/sbin/pppd ] || {
gprintf "pppd does not exist or is not executable\n"
gprintf "ifup-ppp for %s exiting\n" ${DEVICE}
echo $"pppd does not exist or is not executable"
echo $"ifup-ppp for ${DEVICE} exiting"
/usr/bin/logger -p daemon.info -t ifup-ppp \
"pppd does not exist or is not executable for %s" ${DEVICE}
$"pppd does not exist or is not executable for ${DEVICE}"
exit 1
}
@ -56,7 +56,7 @@ if [ "$TYPE" = "xDSL" ] ; then
exit $?
else
/usr/bin/logger -p daemon.info -t ifup-ppp \
"adsl-start does not exist or is not executable for %s" ${DEVICE}
$"adsl-start does not exist or is not executable for ${DEVICE}"
exit 1
fi
fi
@ -71,15 +71,15 @@ if [ ! -f ${PEERCONF} ]; then
if [ -z "${WVDIALSECT}" ] ; then
CHATSCRIPT=/etc/sysconfig/network-scripts/chat-${DEVNAME}
[ -f ${CHATSCRIPT} ] || {
gprintf "/etc/sysconfig/network-scripts/chat-%s does not exist\n" ${DEVNAME}
gprintf "ifup-ppp for %s exiting\n" ${DEVNAME}
echo $"/etc/sysconfig/network-scripts/chat-${DEVNAME} does not exist"
echo $"ifup-ppp for ${DEVNAME} exiting"
/usr/bin/logger -p daemon.info -t ifup-ppp \
"/etc/sysconfig/network-scripts/chat-%s does not exist for %s" ${DEVNAME} ${DEVICE}
$"/etc/sysconfig/network-scripts/chat-${DEVNAME} does not exist for ${DEVICE}"
exit 1
}
fi
/usr/bin/logger -s -p daemon.notice -t ifup-ppp \
"Setting up a new %s config file" ${PEERCONF}
$"Setting up a new ${PEERCONF} config file"
if [ -f /etc/ppp/peers/${DEVICE} ]; then
cp -f /etc/ppp/peers/${DEVICE} ${PEERCONF}
else
@ -139,7 +139,7 @@ else
fi
/usr/bin/logger -p daemon.info -t ifup-ppp \
"pppd started for %s on %s at %s" ${DEVNAME} ${MODEMPORT} ${LINESPEED}
$"pppd started for ${DEVNAME} on ${MODEMPORT} at ${LINESPEED}"
$exec pppd $opts ${MODEMPORT} ${LINESPEED} \
ipparam ${DEVNAME} linkname ${DEVNAME} call ${DEVNAME}\

20
ip-down
View file

@ -8,30 +8,10 @@ export PATH
LOGDEVICE=$6
REALDEVICE=$1
export PATH=/sbin:/usr/sbin:/bin:/usr/bin
cp -f /etc/resolv.conf /etc/resolv.conf.tmp
fgrep -v "# ppp temp entry" /etc/resolv.conf.tmp > /etc/resolv.conf
chmod 0644 /etc/resolv.conf
rm -f /etc/resolv.conf.tmp
/etc/ppp/ip-down.ipv6to4 ${LOGDEVICE}
[ -x /etc/ppp/ip-down.local ] && /etc/ppp/ip-down.local "$@"
# These variables are for the use of the scripts run by run-parts
PPP_IFACE="$1"
PPP_TTY="$2"
PPP_SPEED="$3"
PPP_LOCAL="$4"
PPP_REMOTE="$5"
PPP_IPPARAM="$6"
export PPP_IFACE PPP_TTY PPP_SPEED PPP_LOCAL PPP_REMOTE PPP_IPPARAM
if [ -d /etc/ppp/ip-down.d/ -a -x /usr/bin/run-parts ]; then
/usr/bin/run-parts /etc/ppp/ip-down.d/
fi
/etc/sysconfig/network-scripts/ifdown-post --realdevice ${REALDEVICE} \
ifcfg-${LOGDEVICE}

26
ip-up
View file

@ -1,6 +1,6 @@
#!/bin/bash
# This file should not be modified -- make local changes to
# /etc/ppp/ip-up.local or put scripts in /etc/ppp/ip-up.d instead
# /etc/ppp/ip-up.local instead
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
@ -8,32 +8,10 @@ export PATH
LOGDEVICE=$6
REALDEVICE=$1
if [ -f /etc/sysconfig/network-scripts/ifcfg-${LOGDEVICE} ]; then
/etc/sysconfig/network-scripts/ifup-post --realdevice ${REALDEVICE} ifcfg-${LOGDEVICE}
else
[ -n "$DNS1" ] && echo "nameserver $DNS1 # ppp temp entry" >> /etc/resolv.conf
[ -n "$DNS2" ] && echo "nameserver $DNS2 # ppp temp entry" >> /etc/resolv.conf
fi
[ -f /etc/sysconfig/network-scripts/ifcfg-${LOGDEVICE} ] && /etc/sysconfig/network-scripts/ifup-post --realdevice ${REALDEVICE} ifcfg-${LOGDEVICE}
/etc/ppp/ip-up.ipv6to4 ${LOGDEVICE}
[ -x /etc/ppp/ip-up.local ] && /etc/ppp/ip-up.local "$@"
# These variables are for the use of the scripts run by run-parts
PPP_IFACE="$1"
PPP_TTY="$2"
PPP_SPEED="$3"
PPP_LOCAL="$4"
PPP_REMOTE="$5"
PPP_IPPARAM="$6"
export PPP_IFACE PPP_TTY PPP_SPEED PPP_LOCAL PPP_REMOTE PPP_IPPARAM
if [ -d /etc/ppp/ip-up.d/ -a -x /usr/bin/run-parts ]; then
/usr/bin/run-parts /etc/ppp/ip-up.d/
fi
if [ -x /usr/sbin/sendmail ];then
/usr/sbin/sendmail -q 2>/dev/null >/dev/null &
fi
exit 0

6
ipv6-up
View file

@ -1,4 +1,4 @@
#!/bin/sh
#!/bin/bash
#
# ipv6-up
#
@ -50,8 +50,8 @@ CONFIG=$LOGDEVICE
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
# Test whether IPv6 configuration is enabled for this interface, else stop
[ "$IPV6INIT" = "yes" ] || exit 0
# Test whether IPv6 configuration is disabled for this interface
[[ "$IPV6INIT" = [nN0]* ]] && exit 0
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6

36
ppp-2.4.2-pie.patch
View file

@ -1,36 +0,0 @@
diff -Naurp ppp-2.4.4/chat/Makefile.linux ppp-2.4.4.oden/chat/Makefile.linux
--- ppp-2.4.4/chat/Makefile.linux 2008-12-17 18:26:54.000000000 +0100
+++ ppp-2.4.4.oden/chat/Makefile.linux 2008-12-17 18:27:10.000000000 +0100
@@ -18,10 +18,10 @@ INSTALL= install
all: chat
chat: chat.o
- $(CC) -o chat chat.o
+ $(CC) -pie -o chat chat.o
chat.o: chat.c
- $(CC) -c $(CFLAGS) -o chat.o chat.c
+ $(CC) -c $(CFLAGS) -fPIC -o chat.o chat.c
install: chat
mkdir -p $(BINDIR) $(MANDIR)
diff -Naurp ppp-2.4.4/pppd/Makefile.linux ppp-2.4.4.oden/pppd/Makefile.linux
--- ppp-2.4.4/pppd/Makefile.linux 2008-12-17 18:26:54.000000000 +0100
+++ ppp-2.4.4.oden/pppd/Makefile.linux 2008-12-17 18:27:10.000000000 +0100
@@ -212,7 +212,7 @@ install: pppd
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
pppd: $(PPPDOBJS)
- $(CC) $(CFLAGS) $(LDFLAGS) -o pppd $(PPPDOBJS) $(LIBS)
+ $(CC) $(CFLAGS) -pie $(LDFLAGS) -o pppd $(PPPDOBJS) $(LIBS)
srp-entry: srp-entry.c
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ srp-entry.c $(LIBS)
@@ -226,3 +226,6 @@ clean:
depend:
$(CPP) -M $(CFLAGS) $(PPPDSRCS) >.depend
+
+%.o: %.c
+ $(CC) -c $(CFLAGS) -fPIC -o $@ $<
\ No newline at end of file

12
ppp-2.4.3-etcppp.patch
View file

@ -1,12 +0,0 @@
diff -Naurp ppp-2.4.4/linux/Makefile.top ppp-2.4.4.oden/linux/Makefile.top
--- ppp-2.4.4/linux/Makefile.top 2008-12-17 18:28:06.000000000 +0100
+++ ppp-2.4.4.oden/linux/Makefile.top 2008-12-17 18:28:20.000000000 +0100
@@ -18,7 +18,7 @@ all:
cd pppstats; $(MAKE) $(MFLAGS) all
cd pppdump; $(MAKE) $(MFLAGS) all
-install: $(BINDIR) $(RUNDIR) $(LOGDIR) $(MANDIR)/man8 install-progs install-devel
+install: $(BINDIR) $(RUNDIR) $(LOGDIR) $(MANDIR)/man8 install-progs install-devel install-etcppp
install-progs:
cd chat; $(MAKE) $(MFLAGS) install

11
ppp-2.4.3-libatm.patch
View file

@ -1,11 +0,0 @@
--- ppp-2.4.3/pppd/plugins/pppoatm/Makefile.linux.libatm 2005-04-22 17:38:12.966429706 +0200
+++ ppp-2.4.3/pppd/plugins/pppoatm/Makefile.linux 2005-04-22 17:38:14.484456865 +0200
@@ -19,7 +19,7 @@
# or leave it unset to build the few routines we actually _use_ into
# the plugin directly.
#
-#HAVE_LIBATM=yes
+HAVE_LIBATM=yes
ifdef HAVE_LIBATM
LIBS := -latm

5
ppp-2.4.3-pam.conf
View file

@ -1,5 +0,0 @@
#%PAM-1.0
auth required pam_nologin.so
auth include system-auth
account include system-auth
session include system-auth

37
ppp-2.4.3-pic.patch
View file

@ -1,37 +0,0 @@
--- ppp-2.4.3/pppd/plugins/dhcp/Makefile.linux.pic 2002-09-30 12:21:58.000000000 +0200
+++ ppp-2.4.3/pppd/plugins/dhcp/Makefile.linux 2005-04-22 18:16:36.631205640 +0200
@@ -2,20 +2,30 @@
PLUGIN=dhcpc.so
CFLAGS=-I../.. -I../../../include -O2
+SRCS = dhcpc.c clientpacket.c packet.c socket.c options.c
+OBJS = $(SRCS:%.c=%.lo)
+LIBS = -shared -Wl,-soname,dhcpc.so
+LTLIB = libdhcpc.la
+
all: $(PLUGIN)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
$(INSTALL) -s -c -m 755 dhcpc.so $(LIBDIR)
-dhcpc.so: dhcpc.o clientpacket.o packet.o socket.o options.o
- gcc -o dhcpc.so -shared dhcpc.o clientpacket.o packet.o socket.o options.o
+$(PLUGIN): $(LTLIB)
+ gcc -o $@ $(OBJS:%.lo=.libs/%.o) $(LIBS)
+
+$(LTLIB): $(OBJS)
+ libtool --mode=link gcc $(CFLAGS) -o $@ $(OBJS) $(LIBS)
+%.lo: %.c
+ libtool --mode=compile gcc $(CFLAGS) -c $<
clean:
- rm -f *.o *.so
+ rm -f *.o *.lo *.so
distclean:
- rm -f *.o *.so
+ rm -f *.o *.lo *.so
dist-clean: distclean

8
ppp-2.4.3-pppdump-Makefile.patch
View file

@ -1,8 +0,0 @@
--- ppp-2.4.3/pppdump/Makefile.linux.pppdump-Makefile 2005-04-22 17:16:57.197750609 +0200
+++ ppp-2.4.3/pppdump/Makefile.linux 2005-04-22 17:18:46.636667134 +0200
@@ -18,4 +18,4 @@
install:
mkdir -p $(BINDIR) $(MANDIR)
$(INSTALL) -s -c pppdump $(BINDIR)
- $(INSTALL) -c -m 444 pppdump.8 $(MANDIR)
+ $(INSTALL) -c pppdump.8 $(MANDIR)

51
ppp-2.4.4-multipledefrt.patch
View file

@ -1,51 +0,0 @@
diff -p -up ppp-2.4.4/pppd/ipcp.c.multipledefrt ppp-2.4.4/pppd/ipcp.c
--- ppp-2.4.4/pppd/ipcp.c.multipledefrt 2005-08-26 01:59:34.000000000 +0200
+++ ppp-2.4.4/pppd/ipcp.c 2008-06-03 10:39:15.000000000 +0200
@@ -196,6 +196,8 @@ static option_t ipcp_option_list[] = {
{ "-defaultroute", o_bool, &ipcp_allowoptions[0].default_route,
"disable defaultroute option", OPT_ALIAS | OPT_A2CLR,
&ipcp_wantoptions[0].default_route },
+ { "multipledefaultroutes", o_bool, &ipcp_wantoptions[0].multiple_def_routes,
+ "Add default route even if one already exists", 1 },
{ "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
"Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
diff -p -up ppp-2.4.4/pppd/ipcp.h.multipledefrt ppp-2.4.4/pppd/ipcp.h
--- ppp-2.4.4/pppd/ipcp.h.multipledefrt 2002-12-05 00:03:32.000000000 +0100
+++ ppp-2.4.4/pppd/ipcp.h 2008-06-03 10:41:46.000000000 +0200
@@ -70,6 +70,7 @@ typedef struct ipcp_options {
bool old_addrs; /* Use old (IP-Addresses) option? */
bool req_addr; /* Ask peer to send IP address? */
bool default_route; /* Assign default route through interface? */
+ bool multiple_def_routes; /* Allow multiple default routes? */
bool proxy_arp; /* Make proxy ARP entry for peer? */
bool neg_vj; /* Van Jacobson Compression? */
bool old_vj; /* use old (short) form of VJ option? */
diff -p -up ppp-2.4.4/pppd/pppd.8.multipledefrt ppp-2.4.4/pppd/pppd.8
--- ppp-2.4.4/pppd/pppd.8.multipledefrt 2008-06-03 10:35:47.000000000 +0200
+++ ppp-2.4.4/pppd/pppd.8 2008-06-03 10:39:59.000000000 +0200
@@ -120,6 +120,12 @@ Add a default route to the system routin
the gateway, when IPCP negotiation is successfully completed.
This entry is removed when the PPP connection is broken. This option
is privileged if the \fInodefaultroute\fR option has been specified.
+.B multipledefaultroutes
+This option is a flag to the defaultroute option. If defaultroute is
+set and this flag is also set, pppd will add the new default route
+even if there is already a default route, allowing multiple default
+routes.
+.TP
.TP
.B disconnect \fIscript
Execute the command specified by \fIscript\fR, by passing it to a
diff -p -up ppp-2.4.4/pppd/sys-linux.c.multipledefrt ppp-2.4.4/pppd/sys-linux.c
--- ppp-2.4.4/pppd/sys-linux.c.multipledefrt 2008-06-03 10:35:47.000000000 +0200
+++ ppp-2.4.4/pppd/sys-linux.c 2008-06-03 10:40:14.000000000 +0200
@@ -1588,7 +1588,7 @@ int sifdefaultroute (int unit, u_int32_t
{
struct rtentry rt;
- if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) {
+ if (!ipcp_wantoptions[0].multiple_def_routes && defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) {
if (rt.rt_flags & RTF_GATEWAY)
error("not replacing existing default route via %I",
SIN_ADDR(rt.rt_gateway));

10
ppp-2.4.5-includes-sha1.patch
View file

@ -1,10 +0,0 @@
--- ppp-2.4.5.tpg/pppd/sha1.c 2009-11-16 22:26:07.000000000 +0000
+++ ppp-2.4.5.tpg/pppd/sha1.c.tpg 2009-12-31 20:15:51.000000000 +0000
@@ -18,6 +18,7 @@
#include <string.h>
#include <netinet/in.h> /* htonl() */
+#include <sys/types.h> /* u_int32_t */
#include <net/ppp_defs.h>
#include "sha1.h"

15
ppp-2.4.5-libtool-tag.patch
View file

@ -1,15 +0,0 @@
--- ppp-2.4.5/pppd/plugins/dhcp/Makefile.linux~ 2013-02-19 13:15:32.000000000 +0100
+++ ppp-2.4.5/pppd/plugins/dhcp/Makefile.linux 2013-02-19 13:15:52.645439658 +0100
@@ -17,10 +17,10 @@ $(PLUGIN): $(LTLIB)
gcc -o $@ $(OBJS:%.lo=.libs/%.o) $(LIBS)
$(LTLIB): $(OBJS)
- libtool --mode=link gcc $(CFLAGS) -o $@ $(OBJS) $(LIBS)
+ libtool --tag=CC --mode=link gcc $(CFLAGS) -o $@ $(OBJS) $(LIBS)
%.lo: %.c
- libtool --mode=compile gcc $(CFLAGS) -c $<
+ libtool --tag=CC --mode=compile gcc $(CFLAGS) -c $<
clean:
rm -f *.o *.lo *.so

10
ppp-2.4.5-makeopt2.patch
View file

@ -1,10 +0,0 @@
--- ppp-2.4.5/pppd/plugins/dhcp/Makefile.linux 2009-12-31 19:46:24.000000000 +0000
+++ ppp-2.4.5/pppd/plugins/dhcp/Makefile.linux.tpg 2009-12-31 19:55:34.000000000 +0000
@@ -1,6 +1,6 @@
PLUGIN=dhcpc.so
-CFLAGS=-I../.. -I../../../include -O2
+CFLAGS=-I../.. -I../../../include -Wall $(RPM_OPT_FLAGS)
SRCS = dhcpc.c clientpacket.c packet.c socket.c options.c
OBJS = $(SRCS:%.c=%.lo)

3231
ppp-2.4.7-eaptls-mppe-1.101_CVE-2018-11574.patch
View file

File diff suppressed because it is too large Load diff

35
ppp-2.4.7-linux48.patch
View file

@ -1,35 +0,0 @@
From 33797aa193a2751da26f9af120e39c110defe4d1 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Sat, 10 Dec 2016 19:53:56 +0100
Subject: [PATCH] pppoe: include netinet/in.h before linux/in.h
To fix build breakage.
---
pppd/plugins/rp-pppoe/pppoe.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h
index 9ab2eee..f77f5b7 100644
--- a/pppd/plugins/rp-pppoe/pppoe.h
+++ b/pppd/plugins/rp-pppoe/pppoe.h
@@ -15,6 +15,8 @@
#include "config.h"
+#include <netinet/in.h>
+
#if defined(HAVE_NETPACKET_PACKET_H) || defined(HAVE_LINUX_IF_PACKET_H)
#define _POSIX_SOURCE 1 /* For sigaction defines */
#endif
@@ -84,8 +86,6 @@ typedef unsigned long UINT32_t;
#include <linux/if_ether.h>
#endif
-#include <netinet/in.h>
-
#ifdef HAVE_NETINET_IF_ETHER_H
#include <sys/types.h>
--
2.9.3

116
ppp-2.4.7-make.patch
View file

@ -1,116 +0,0 @@
diff -urN ppp-2.4.7/chat/Makefile.linux ppp-2.4.7-patched/chat/Makefile.linux
--- ppp-2.4.7/chat/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/chat/Makefile.linux 2014-08-11 16:19:06.400359190 +1100
@@ -10,7 +10,7 @@
CDEF4= -DFNDELAY=O_NDELAY # Old name value
CDEFS= $(CDEF1) $(CDEF2) $(CDEF3) $(CDEF4)
-COPTS= -O2 -g -pipe
+COPTS= $(RPM_OPT_FLAGS)
CFLAGS= $(COPTS) $(CDEFS)
INSTALL= install
diff -urN ppp-2.4.7/pppd/Makefile.linux ppp-2.4.7-patched/pppd/Makefile.linux
--- ppp-2.4.7/pppd/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/Makefile.linux 2014-08-11 16:19:35.206814899 +1100
@@ -30,10 +30,10 @@
include .depend
endif
-# CC = gcc
+CC = gcc
#
-COPTS = -O2 -pipe -Wall -g
-LIBS =
+COPTS = -Wall $(RPM_OPT_FLAGS)
+LIBS = -lutil
# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
@@ -61,7 +61,7 @@
USE_TDB=y
HAS_SHADOW=y
-#USE_PAM=y
+USE_PAM=y
HAVE_INET6=y
# Enable plugins
diff -urN ppp-2.4.7/pppd/plugins/Makefile.linux ppp-2.4.7-patched/pppd/plugins/Makefile.linux
--- ppp-2.4.7/pppd/plugins/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/plugins/Makefile.linux 2014-08-11 16:19:06.400359190 +1100
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
LDFLAGS = -shared
INSTALL = install
diff -urN ppp-2.4.7/pppd/plugins/pppoatm/Makefile.linux ppp-2.4.7-patched/pppd/plugins/pppoatm/Makefile.linux
--- ppp-2.4.7/pppd/plugins/pppoatm/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/plugins/pppoatm/Makefile.linux 2014-08-11 16:19:06.400359190 +1100
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install
diff -urN ppp-2.4.7/pppd/plugins/pppol2tp/Makefile.linux ppp-2.4.7-patched/pppd/plugins/pppol2tp/Makefile.linux
--- ppp-2.4.7/pppd/plugins/pppol2tp/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/plugins/pppol2tp/Makefile.linux 2014-08-11 16:19:06.401359205 +1100
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install
diff -urN ppp-2.4.7/pppd/plugins/radius/Makefile.linux ppp-2.4.7-patched/pppd/plugins/radius/Makefile.linux
--- ppp-2.4.7/pppd/plugins/radius/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/plugins/radius/Makefile.linux 2014-08-11 16:19:06.401359205 +1100
@@ -12,7 +12,7 @@
INSTALL = install
PLUGIN=radius.so radattr.so radrealms.so
-CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
+CFLAGS=-I. -I../.. -I../../../include $(RPM_OPT_FLAGS) -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
# Uncomment the next line to include support for Microsoft's
# MS-CHAP authentication protocol.
diff -urN ppp-2.4.7/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.7-patched/pppd/plugins/rp-pppoe/Makefile.linux
--- ppp-2.4.7/pppd/plugins/rp-pppoe/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/plugins/rp-pppoe/Makefile.linux 2014-08-11 16:19:06.401359205 +1100
@@ -25,7 +25,7 @@
# Version is set ONLY IN THE MAKEFILE! Don't delete this!
RP_VERSION=3.8p
-COPTS=-O2 -g
+COPTS=$(RPM_OPT_FLAGS)
CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
all: rp-pppoe.so pppoe-discovery
diff -urN ppp-2.4.7/pppdump/Makefile.linux ppp-2.4.7-patched/pppdump/Makefile.linux
--- ppp-2.4.7/pppdump/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppdump/Makefile.linux 2014-08-11 16:19:06.401359205 +1100
@@ -2,7 +2,7 @@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-CFLAGS= -O -I../include/net
+CFLAGS= $(RPM_OPT_FLAGS) -I../include/net
OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
INSTALL= install
diff -urN ppp-2.4.7/pppstats/Makefile.linux ppp-2.4.7-patched/pppstats/Makefile.linux
--- ppp-2.4.7/pppstats/Makefile.linux 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppstats/Makefile.linux 2014-08-11 16:19:06.401359205 +1100
@@ -10,7 +10,7 @@
PPPSTATOBJS = pppstats.o
#CC = gcc
-COPTS = -O
+COPTS = $(RPM_OPT_FLAGS)
COMPILE_FLAGS = -I../include
LIBS =

101
ppp-2.4.7-noexttraffic.patch
View file

@ -1,101 +0,0 @@
diff -urN ppp-2.4.7/pppd/auth.c ppp-2.4.7-patched/pppd/auth.c
--- ppp-2.4.7/pppd/auth.c 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/auth.c 2014-08-11 16:25:36.701647610 +1100
@@ -243,6 +243,11 @@
extern char *crypt __P((const char *, const char *));
+#ifdef NOEXT_TRAFFIC
+/* Boolean to care for external traffic or not. Defined in options.c */
+extern int noexttraffic;
+#endif
+
/* Prototypes for procedures local to this file. */
static void network_phase __P((int));
@@ -1189,6 +1194,14 @@
tlim = idle_time_hook(&idle);
} else {
itime = MIN(idle.xmit_idle, idle.recv_idle);
+#ifdef NOEXT_TRAFFIC /* modified version, additional commandline-switch noext-traffic */
+ if (!noexttraffic)
+ itime = MIN(idle.xmit_idle, idle.recv_idle);
+ else
+ itime = idle.xmit_idle;
+#else /* standard version */
+ itime = MIN(idle.xmit_idle, idle.recv_idle);
+#endif
tlim = idle_time_limit - itime;
}
if (tlim <= 0) {
diff -urN ppp-2.4.7/pppd/Makefile.linux ppp-2.4.7-patched/pppd/Makefile.linux
--- ppp-2.4.7/pppd/Makefile.linux 2014-08-11 16:25:19.064360401 +1100
+++ ppp-2.4.7-patched/pppd/Makefile.linux 2014-08-11 16:25:36.702647626 +1100
@@ -60,6 +60,8 @@
# Linux distributions: Please leave TDB ENABLED in your builds.
USE_TDB=y
+NOEXT_TRAFFIC=y
+
HAS_SHADOW=y
USE_PAM=y
HAVE_INET6=y
@@ -97,6 +99,10 @@
endif
endif
+ifdef NOEXT_TRAFFIC
+CFLAGS += -DNOEXT_TRAFFIC
+endif
+
# EAP SRP-SHA1
ifdef USE_SRP
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
diff -urN ppp-2.4.7/pppd/options.c ppp-2.4.7-patched/pppd/options.c
--- ppp-2.4.7/pppd/options.c 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/options.c 2014-08-11 16:25:36.702647626 +1100
@@ -129,6 +129,10 @@
#endif
+#ifdef NOEXT_TRAFFIC
+int noexttraffic = 0; /* decide whether or not we want to care for traffic from extern */
+#endif
+
extern option_t auth_options[];
extern struct stat devstat;
@@ -325,6 +329,9 @@
{ "active-filter", o_special, setactivefilter,
"set filter for active pkts", OPT_PRIO },
#endif
+#ifdef NOEXT_TRAFFIC
+ { "noext-traffic", o_bool, (void *)&noexttraffic, "ignore external pkts for timeout", 1 },
+#endif
#ifdef MAXOCTETS
{ "maxoctets", o_int, &maxoctets,
diff -urN ppp-2.4.7/pppd/pppd.8 ppp-2.4.7-patched/pppd/pppd.8
--- ppp-2.4.7/pppd/pppd.8 2014-08-09 23:31:39.000000000 +1100
+++ ppp-2.4.7-patched/pppd/pppd.8 2014-08-11 16:25:36.703647643 +1100
@@ -295,6 +295,20 @@
\fIdebug\fR. This information can be directed to a file by setting up
/etc/syslog.conf appropriately (see syslog.conf(5)).
.TP
+.B noext-traffic
+Do not count incoming traffic against the idle time set with the idle
+option. The default idle option behavior is to count both outgoing
+and incoming traffic. This can be very helpful when remote hosts
+keeping sending unwanted traffic, thereby keeping the connection up.
+
+Note that this \fIcannot\fR prevent programs from responding to incoming
+requests and in doing so defeat the idle option. The route program
+\fIreject\fR parameter might help in that case when enough is known about
+IP address space of the site generating the unwanted requests. If you
+initiated contact with the site generating the requests, say with a
+web browser, then denying ingress with the "reject" parameter probably
+won't be a viable option.
+.
.B default\-asyncmap
Disable asyncmap negotiation, forcing all control characters to be
escaped for both the transmit and the receive direction.

86
ppp-2.4.7-nostrip.patch
View file

@ -1,86 +0,0 @@
diff -urN ppp-2.4.7/chat/Makefile.linux ppp-2.4.7-patched/chat/Makefile.linux
--- ppp-2.4.7/chat/Makefile.linux 2014-08-11 16:36:30.888408015 +1100
+++ ppp-2.4.7-patched/chat/Makefile.linux 2014-08-11 16:36:51.996758000 +1100
@@ -25,7 +25,7 @@
install: chat
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c chat $(BINDIR)
+ $(INSTALL) -c chat $(BINDIR)
$(INSTALL) -c -m 644 chat.8 $(MANDIR)
clean:
diff -urN ppp-2.4.7/pppd/Makefile.linux ppp-2.4.7-patched/pppd/Makefile.linux
--- ppp-2.4.7/pppd/Makefile.linux 2014-08-11 16:36:30.888408015 +1100
+++ ppp-2.4.7-patched/pppd/Makefile.linux 2014-08-11 16:36:51.997758017 +1100
@@ -108,7 +108,7 @@
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
TARGETS += srp-entry
-EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
EXTRACLEAN += srp-entry.o
NEEDDES=y
@@ -214,7 +214,7 @@
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
diff -urN ppp-2.4.7/pppd/plugins/radius/Makefile.linux ppp-2.4.7-patched/pppd/plugins/radius/Makefile.linux
--- ppp-2.4.7/pppd/plugins/radius/Makefile.linux 2014-08-11 16:36:30.877407833 +1100
+++ ppp-2.4.7-patched/pppd/plugins/radius/Makefile.linux 2014-08-11 16:36:51.997758017 +1100
@@ -36,9 +36,9 @@
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radius.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radattr.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radrealms.so $(LIBDIR)
$(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
diff -urN ppp-2.4.7/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.7-patched/pppd/plugins/rp-pppoe/Makefile.linux
--- ppp-2.4.7/pppd/plugins/rp-pppoe/Makefile.linux 2014-08-11 16:36:30.877407833 +1100
+++ ppp-2.4.7-patched/pppd/plugins/rp-pppoe/Makefile.linux 2014-08-11 16:36:51.997758017 +1100
@@ -43,9 +43,9 @@
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR)
+ $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
$(INSTALL) -d -m 755 $(BINDIR)
- $(INSTALL) -s -c -m 555 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
clean:
rm -f *.o *.so pppoe-discovery
diff -urN ppp-2.4.7/pppdump/Makefile.linux ppp-2.4.7-patched/pppdump/Makefile.linux
--- ppp-2.4.7/pppdump/Makefile.linux 2014-08-11 16:36:30.882407916 +1100
+++ ppp-2.4.7-patched/pppdump/Makefile.linux 2014-08-11 16:37:15.211143063 +1100
@@ -17,5 +17,5 @@
install:
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c pppdump $(BINDIR)
+ $(INSTALL) -c pppdump $(BINDIR)
$(INSTALL) -c pppdump.8 $(MANDIR)
diff -urN ppp-2.4.7/pppstats/Makefile.linux ppp-2.4.7-patched/pppstats/Makefile.linux
--- ppp-2.4.7/pppstats/Makefile.linux 2014-08-11 16:36:30.877407833 +1100
+++ ppp-2.4.7-patched/pppstats/Makefile.linux 2014-08-11 16:36:51.998758034 +1100
@@ -22,7 +22,7 @@
install: pppstats
-mkdir -p $(MANDIR)
- $(INSTALL) -s -c pppstats $(BINDIR)
+ $(INSTALL) -c pppstats $(BINDIR)
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)

29
ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch Normal file
View file

@ -0,0 +1,29 @@
From ab8b06cdc1075abc67f77e7c3bb684e20071d614 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 10 Apr 2014 10:09:41 +0200
Subject: [PATCH 25/27] pppd: install pppd binary using standard perms (755)
---
pppd/Makefile.linux | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 0e8107f..534ccc2 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -223,10 +223,10 @@ all: $(TARGETS)
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 755 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
- $(INSTALL) -c -m 444 pppd.8 $(MANDIR)
+ $(INSTALL) -c -m 644 pppd.8 $(MANDIR)
pppd: $(PPPDOBJS)
$(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_PLUGIN) -o pppd $(PPPDOBJS) $(LIBS)
--
1.8.3.1

143
ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch Normal file
View file

@ -0,0 +1,143 @@
From 82cd789df0f022eb6f3d28646e7a61d1d0715805 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 12:23:36 +0200
Subject: [PATCH 12/27] pppd: we don't want to accidentally leak fds
---
pppd/auth.c | 20 ++++++++++----------
pppd/options.c | 2 +-
pppd/sys-linux.c | 4 ++--
3 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/pppd/auth.c b/pppd/auth.c
index 4271af6..9e957fa 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -428,7 +428,7 @@ setupapfile(argv)
free(fname);
return 0;
}
- ufile = fopen(fname, "r");
+ ufile = fopen(fname, "re");
if (seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
if (ufile == NULL) {
@@ -1413,7 +1413,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg)
filename = _PATH_UPAPFILE;
addrs = opts = NULL;
ret = UPAP_AUTHNAK;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL) {
error("Can't open PAP password file %s: %m", filename);
@@ -1512,7 +1512,7 @@ null_login(unit)
if (ret <= 0) {
filename = _PATH_UPAPFILE;
addrs = NULL;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
check_access(f, filename);
@@ -1559,7 +1559,7 @@ get_pap_passwd(passwd)
}
filename = _PATH_UPAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
check_access(f, filename);
@@ -1597,7 +1597,7 @@ have_pap_secret(lacks_ipp)
}
filename = _PATH_UPAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1642,7 +1642,7 @@ have_chap_secret(client, server, need_ip, lacks_ipp)
}
filename = _PATH_CHAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1684,7 +1684,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp)
struct wordlist *addrs;
filename = _PATH_SRPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1740,7 +1740,7 @@ get_secret(unit, client, server, secret, secret_len, am_server)
addrs = NULL;
secbuf[0] = 0;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL) {
error("Can't open chap secret file %s: %m", filename);
return 0;
@@ -1797,7 +1797,7 @@ get_srp_secret(unit, client, server, secret, am_server)
filename = _PATH_SRPFILE;
addrs = NULL;
- fp = fopen(filename, "r");
+ fp = fopen(filename, "re");
if (fp == NULL) {
error("Can't open srp secret file %s: %m", filename);
return 0;
@@ -2203,7 +2203,7 @@ scan_authfile(f, client, server, secret, addrs, opts, filename, flags)
*/
if (word[0] == '@' && word[1] == '/') {
strlcpy(atfile, word+1, sizeof(atfile));
- if ((sf = fopen(atfile, "r")) == NULL) {
+ if ((sf = fopen(atfile, "re")) == NULL) {
warn("can't open indirect secret file %s", atfile);
continue;
}
diff --git a/pppd/options.c b/pppd/options.c
index 45fa742..1d754ae 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -427,7 +427,7 @@ options_from_file(filename, must_exist, check_prot, priv)
option_error("unable to drop privileges to open %s: %m", filename);
return 0;
}
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
err = errno;
if (check_prot && seteuid(euid) == -1)
fatal("unable to regain privileges");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 72a7727..8a12fa0 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -1412,7 +1412,7 @@ static char *path_to_procfs(const char *tail)
/* Default the mount location of /proc */
strlcpy (proc_path, "/proc", sizeof(proc_path));
proc_path_len = 5;
- fp = fopen(MOUNTED, "r");
+ fp = fopen(MOUNTED, "re");
if (fp != NULL) {
while ((mntent = getmntent(fp)) != NULL) {
if (strcmp(mntent->mnt_type, MNTTYPE_IGNORE) == 0)
@@ -1472,7 +1472,7 @@ static int open_route_table (void)
close_route_table();
path = path_to_procfs("/net/route");
- route_fd = fopen (path, "r");
+ route_fd = fopen (path, "re");
if (route_fd == NULL) {
error("can't open routing table %s: %m", path);
return 0;
--
1.8.3.1

99
ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch Normal file
View file

@ -0,0 +1,99 @@
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 6a4b897..8f29c1f 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -12,6 +12,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
INCDIR = $(DESTDIR)/include
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)
TARGETS = pppd
@@ -93,7 +94,7 @@ INCLUDE_DIRS= -I../include
COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe
-CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
+CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"' -DLIBDIR=\""$(LIBDIR)"\"
ifdef CHAPMS
CFLAGS += -DCHAPMS=1
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index 524d608..c7eadbb 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -62,7 +62,7 @@
#ifdef PLUGIN
#ifdef __STDC__
-#define _PATH_PLUGIN DESTDIR "/lib/pppd/" VERSION
+#define _PATH_PLUGIN LIBDIR "/pppd/" VERSION
#else /* __STDC__ */
#define _PATH_PLUGIN "/usr/lib/pppd"
#endif /* __STDC__ */
diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
index 6403e3d..f42d18c 100644
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
@@ -5,7 +5,7 @@ COPTS=@CFLAGS@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
LDFLAGS_SHARED = -shared
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index d3a8086..c2aff0c 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -4,7 +4,7 @@ CC=$(CROSS_COMPILE)@CC@
COPTS=@CFLAGS@
DESTDIR = $(INSTROOT)@DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux
index c415ce3..d3b7392 100644
--- a/pppd/plugins/pppoe/Makefile.linux
+++ b/pppd/plugins/pppoe/Makefile.linux
@@ -18,7 +18,7 @@ COPTS=@CFLAGS@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
-LIBDIR = $(DESTDIR)/lib/pppd/$(PPPDVERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index 1aa1c0b..e4442f9 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -4,7 +4,7 @@ CC=$(CROSS_COMPILE)@CC@
COPTS=@CFLAGS@
DESTDIR = $(INSTROOT)/@DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 489aef2..d2ef044 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -9,7 +9,7 @@ COPTS=@CFLAGS@
DESTDIR = $(INSTROOT)@DESTDIR@
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)

21
ppp-2.4.9-config.patch Normal file
View file

@ -0,0 +1,21 @@
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index e77373e..07df6a7 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -68,14 +68,14 @@ USE_TDB=y
#SYSTEMD=y
HAS_SHADOW=y
-#USE_PAM=y
+USE_PAM=y
HAVE_INET6=y
# Enable plugins
PLUGIN=y
# Enable Microsoft proprietary Callback Control Protocol
-#CBCP=y
+CBCP=y
# Enable EAP SRP-SHA1 authentication (requires libsrp)
#USE_SRP=y

17
ppp-2.4.9-configure-cflags-allow-commas.patch Normal file
View file

@ -0,0 +1,17 @@
diff --git a/configure b/configure
index f977663..c7031c2 100755
--- a/configure
+++ b/configure
@@ -121,9 +121,9 @@ mkmkf() {
rm -f $2
if [ -f $1 ]; then
echo " $2 <= $1"
- sed -e "s,@DESTDIR@,$DESTDIR,g" -e "s,@SYSCONF@,$SYSCONF,g" \
- -e "s,@CROSS_COMPILE@,$CROSS_COMPILE,g" -e "s,@CC@,$CC,g" \
- -e "s,@CFLAGS@,$CFLAGS,g" $1 >$2
+ sed -e "s|@DESTDIR@|$DESTDIR|g" -e "s|@SYSCONF@|$SYSCONF|g" \
+ -e "s|@CROSS_COMPILE@|$CROSS_COMPILE|g" -e "s|@CC@|$CC|g" \
+ -e "s|@CFLAGS@|$CFLAGS|g" $1 >$2
fi
}

241
ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch Normal file
View file

@ -0,0 +1,241 @@
From 302c1b736cb656c7885a0cba270fd953a672d8a8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 13:56:34 +0200
Subject: [PATCH 13/27] everywhere: O_CLOEXEC harder
---
pppd/eap.c | 2 +-
pppd/main.c | 4 ++--
pppd/options.c | 4 ++--
pppd/sys-linux.c | 22 +++++++++++-----------
pppd/tdb.c | 4 ++--
pppd/tty.c | 4 ++--
pppd/utils.c | 6 +++---
7 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/pppd/eap.c b/pppd/eap.c
index 6ea6c1f..faced53 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
@@ -1226,7 +1226,7 @@ mode_t modebits;
if ((path = name_of_pn_file()) == NULL)
return (-1);
- fd = open(path, modebits, S_IRUSR | S_IWUSR);
+ fd = open(path, modebits, S_IRUSR | S_IWUSR | O_CLOEXEC);
err = errno;
free(path);
errno = err;
diff --git a/pppd/main.c b/pppd/main.c
index 6d50d1b..4880377 100644
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -420,7 +420,7 @@ main(argc, argv)
die(0);
/* Make sure fds 0, 1, 2 are open to somewhere. */
- fd_devnull = open(_PATH_DEVNULL, O_RDWR);
+ fd_devnull = open(_PATH_DEVNULL, O_RDWR | O_CLOEXEC);
if (fd_devnull < 0)
fatal("Couldn't open %s: %m", _PATH_DEVNULL);
while (fd_devnull <= 2) {
@@ -1679,7 +1679,7 @@ device_script(program, in, out, dont_wait)
if (log_to_fd >= 0)
errfd = log_to_fd;
else
- errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0644);
+ errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC, 0644);
++conn_running;
pid = safe_fork(in, out, errfd);
diff --git a/pppd/options.c b/pppd/options.c
index 1d754ae..8e62635 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -1544,9 +1544,9 @@ setlogfile(argv)
option_error("unable to drop permissions to open %s: %m", *argv);
return 0;
}
- fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644);
+ fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL | O_CLOEXEC, 0644);
if (fd < 0 && errno == EEXIST)
- fd = open(*argv, O_WRONLY | O_APPEND);
+ fd = open(*argv, O_WRONLY | O_APPEND | O_CLOEXEC);
err = errno;
if (!privileged_option && seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 8a12fa0..00a2cf5 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -459,7 +459,7 @@ int generic_establish_ppp (int fd)
goto err;
}
dbglog("using channel %d", chindex);
- fd = open("/dev/ppp", O_RDWR);
+ fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (fd < 0) {
error("Couldn't reopen /dev/ppp: %m");
goto err;
@@ -619,7 +619,7 @@ static int make_ppp_unit()
dbglog("in make_ppp_unit, already had /dev/ppp open?");
close(ppp_dev_fd);
}
- ppp_dev_fd = open("/dev/ppp", O_RDWR);
+ ppp_dev_fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (ppp_dev_fd < 0)
fatal("Couldn't open /dev/ppp: %m");
flags = fcntl(ppp_dev_fd, F_GETFL);
@@ -693,7 +693,7 @@ int bundle_attach(int ifnum)
if (!new_style_driver)
return -1;
- master_fd = open("/dev/ppp", O_RDWR);
+ master_fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (master_fd < 0)
fatal("Couldn't open /dev/ppp: %m");
if (ioctl(master_fd, PPPIOCATTACH, &ifnum) < 0) {
@@ -1715,7 +1715,7 @@ int sifproxyarp (int unit, u_int32_t his_adr)
if (tune_kernel) {
forw_path = path_to_procfs("/sys/net/ipv4/ip_forward");
if (forw_path != 0) {
- int fd = open(forw_path, O_WRONLY);
+ int fd = open(forw_path, O_WRONLY | O_CLOEXEC);
if (fd >= 0) {
if (write(fd, "1", 1) != 1)
error("Couldn't enable IP forwarding: %m");
@@ -2030,7 +2030,7 @@ int ppp_available(void)
sscanf(utsname.release, "%d.%d.%d", &osmaj, &osmin, &ospatch);
kernel_version = KVERSION(osmaj, osmin, ospatch);
- fd = open("/dev/ppp", O_RDWR);
+ fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (fd >= 0) {
new_style_driver = 1;
@@ -2208,7 +2208,7 @@ void logwtmp (const char *line, const char *name, const char *host)
#if __GLIBC__ >= 2
updwtmp(_PATH_WTMP, &ut);
#else
- wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY);
+ wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY|O_CLOEXEC);
if (wtmp >= 0) {
flock(wtmp, LOCK_EX);
@@ -2394,7 +2394,7 @@ int sifaddr (int unit, u_int32_t our_adr, u_int32_t his_adr,
int fd;
path = path_to_procfs("/sys/net/ipv4/ip_dynaddr");
- if (path != 0 && (fd = open(path, O_WRONLY)) >= 0) {
+ if (path != 0 && (fd = open(path, O_WRONLY | O_CLOEXEC)) >= 0) {
if (write(fd, "1", 1) != 1)
error("Couldn't enable dynamic IP addressing: %m");
close(fd);
@@ -2570,7 +2570,7 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
/*
* Try the unix98 way first.
*/
- mfd = open("/dev/ptmx", O_RDWR);
+ mfd = open("/dev/ptmx", O_RDWR | O_CLOEXEC);
if (mfd >= 0) {
int ptn;
if (ioctl(mfd, TIOCGPTN, &ptn) >= 0) {
@@ -2581,7 +2581,7 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
if (ioctl(mfd, TIOCSPTLCK, &ptn) < 0)
warn("Couldn't unlock pty slave %s: %m", pty_name);
#endif
- if ((sfd = open(pty_name, O_RDWR | O_NOCTTY)) < 0)
+ if ((sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC)) < 0)
{
warn("Couldn't open pty slave %s: %m", pty_name);
close(mfd);
@@ -2592,10 +2592,10 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
for (i = 0; i < 64; ++i) {
slprintf(pty_name, sizeof(pty_name), "/dev/pty%c%x",
'p' + i / 16, i % 16);
- mfd = open(pty_name, O_RDWR, 0);
+ mfd = open(pty_name, O_RDWR | O_CLOEXEC, 0);
if (mfd >= 0) {
pty_name[5] = 't';
- sfd = open(pty_name, O_RDWR | O_NOCTTY, 0);
+ sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC, 0);
if (sfd >= 0) {
fchown(sfd, uid, -1);
fchmod(sfd, S_IRUSR | S_IWUSR);
diff --git a/pppd/tdb.c b/pppd/tdb.c
index bdc5828..c7ab71c 100644
--- a/pppd/tdb.c
+++ b/pppd/tdb.c
@@ -1724,7 +1724,7 @@ TDB_CONTEXT *tdb_open_ex(const char *name, int hash_size, int tdb_flags,
goto internal;
}
- if ((tdb->fd = open(name, open_flags, mode)) == -1) {
+ if ((tdb->fd = open(name, open_flags | O_CLOEXEC, mode)) == -1) {
TDB_LOG((tdb, 5, "tdb_open_ex: could not open file %s: %s\n",
name, strerror(errno)));
goto fail; /* errno set by open(2) */
@@ -1967,7 +1967,7 @@ int tdb_reopen(TDB_CONTEXT *tdb)
}
if (close(tdb->fd) != 0)
TDB_LOG((tdb, 0, "tdb_reopen: WARNING closing tdb->fd failed!\n"));
- tdb->fd = open(tdb->name, tdb->open_flags & ~(O_CREAT|O_TRUNC), 0);
+ tdb->fd = open(tdb->name, (tdb->open_flags & ~(O_CREAT|O_TRUNC)) | O_CLOEXEC, 0);
if (tdb->fd == -1) {
TDB_LOG((tdb, 0, "tdb_reopen: open failed (%s)\n", strerror(errno)));
goto fail;
diff --git a/pppd/tty.c b/pppd/tty.c
index d571b11..bc96695 100644
--- a/pppd/tty.c
+++ b/pppd/tty.c
@@ -569,7 +569,7 @@ int connect_tty()
status = EXIT_OPEN_FAILED;
goto errret;
}
- real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0);
+ real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR | O_CLOEXEC, 0);
err = errno;
if (prio < OPRIO_ROOT && seteuid(0) == -1)
fatal("Unable to regain privileges");
@@ -723,7 +723,7 @@ int connect_tty()
if (connector == NULL && modem && devnam[0] != 0) {
int i;
for (;;) {
- if ((i = open(devnam, O_RDWR)) >= 0)
+ if ((i = open(devnam, O_RDWR | O_CLOEXEC)) >= 0)
break;
if (errno != EINTR) {
error("Failed to reopen %s: %m", devnam);
diff --git a/pppd/utils.c b/pppd/utils.c
index 29bf970..6051b9a 100644
--- a/pppd/utils.c
+++ b/pppd/utils.c
@@ -918,14 +918,14 @@ lock(dev)
slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", LOCK_DIR, dev);
#endif
- while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) {
+ while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR | O_CLOEXEC, 0644)) < 0) {
if (errno != EEXIST) {
error("Can't create lock file %s: %m", lock_file);
break;
}
/* Read the lock file to find out who has the device locked. */
- fd = open(lock_file, O_RDONLY, 0);
+ fd = open(lock_file, O_RDONLY | O_CLOEXEC, 0);
if (fd < 0) {
if (errno == ENOENT) /* This is just a timing problem. */
continue;
@@ -1004,7 +1004,7 @@ relock(pid)
if (lock_file[0] == 0)
return -1;
- fd = open(lock_file, O_WRONLY, 0);
+ fd = open(lock_file, O_WRONLY | O_CLOEXEC, 0);
if (fd < 0) {
error("Couldn't reopen lock file %s: %m", lock_file);
lock_file[0] = 0;
--
1.8.3.1

0
ppp.logrotate → ppp-logrotate.conf
View file

8
ppp-options.patch
View file

@ -1,8 +0,0 @@
--- ppp-2.4.0/etc.ppp/options Sat Feb 27 04:09:52 1999
+++ ppp-2.4.0/etc.ppp/options.geoff Thu Aug 31 09:20:12 2000
@@ -1 +1,5 @@
lock
+noauth
+noipdefault
+usepeerdns
+

5
ppp-pam.conf Normal file
View file

@ -0,0 +1,5 @@
#%PAM-1.0
auth include password-auth
account required pam_nologin.so
account include password-auth
session include password-auth

4
ppp-tmpfiles.conf
View file

@ -1,2 +1,2 @@
d /var/run/ppp 0755 root root -
f /var/run/ppp/resolv.conf 0644 root root -
d /run/ppp 0755 root root
d /run/lock/ppp 0755 root root

267
ppp.spec
View file

@ -1,50 +1,43 @@
%bcond_without inet6
%define _disable_ld_no_undefined %nil
Summary: The PPP daemon and documentation
Name: ppp
Version: 2.4.7
Release: 9
Version: 2.4.9
Release: 1
License: BSD-like
Group: System/Servers
Url: http://www.samba.org/ppp/
Source0: ftp://ftp.samba.org/pub/ppp/%{name}-%{version}.tar.gz
Source1: ppp-2.4.3-pam.conf
Source2: ppp-2.4.1-mppe-crypto.tar.bz2
Source3: README.pppoatm
Source4: ppp.logrotate
Source5: ppp-dhcpc.tar.bz2
Source6: ppp-tmpfiles.conf
Source104: ip-down
Source105: ip-down.ipv6to4
Source106: ip-up
Source107: ip-up.ipv6to4
Source108: ipv6-down
Source109: ipv6-up
Source110: ifup-ppp
Source111: ifdown-ppp
Source112: ppp-watch.tar.xz
Patch0: ppp-2.4.7-make.patch
Patch1: ppp-2.3.6-sample.patch
Patch2: ppp-options.patch
Patch3: ppp-2.4.3-pppdump-Makefile.patch
Patch4: ppp-2.4.7-noexttraffic.patch
# (blino) use external libatm for pppoatm plugin
Patch5: ppp-2.4.3-libatm.patch
Patch6: ppp-2.4.2-pie.patch
Patch7: ppp-2.4.4-multipledefrt.patch
Patch8: ppp-2.4.4-dontwriteetc.patch
Patch9: ppp-2.4.3-pic.patch
Patch10: ppp-2.4.3-etcppp.patch
Patch11: ppp-2.4.5-includes-sha1.patch
Patch12: ppp-2.4.5-makeopt2.patch
Patch13: ppp-2.4.7-nostrip.patch
Patch14: ppp-2.4.7-linux48.patch
Patch15: ppp-2.4.7-eaptls-mppe-1.101_CVE-2018-11574.patch
Patch16: FEDORA-glibc-2.28.patch
# CVE-2020-8597
# remote code execution
Patch17: 8d7970b8f3db727fe798b65f3377fe6787575426.patch
Patch18: ppp-2.4.5-libtool-tag.patch
Source0: https://github.com/paulusmack/ppp/archive/%{version}.tar.gz
Source1: ppp-pam.conf
Source2: ppp-logrotate.conf
Source3: ppp-tmpfiles.conf
Source4: ip-down
Source5: ip-down.ipv6to4
Source6: ip-up
Source7: ip-up.ipv6to4
Source8: ipv6-down
Source9: ipv6-up
Source10: ifup-ppp
Source11: ifdown-ppp
Source12: ppp-watch.tar.xz
Patch0002: ppp-2.4.9-config.patch
Patch0004: 0004-doc-add-configuration-samples.patch
Patch0005: ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch
Patch0006: 0006-scritps-use-change_resolv_conf-function.patch
Patch0011: 0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch
Patch0012: ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch
Patch0013: ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch
Patch0014: 0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch
Patch0015: 0015-pppd-move-pppd-database-to-var-run-ppp.patch
Patch0016: 0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch
Patch0018: 0018-scritps-fix-ip-up.local-sample.patch
Patch0020: 0020-pppd-put-lock-files-in-var-lock-ppp.patch
Patch0023: 0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch
Patch0024: 0024-build-sys-install-pppoatm-plugin-files-with-standard.patch
Patch0025: ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch
Patch0026: ppp-2.4.9-configure-cflags-allow-commas.patch
BuildRequires: libtool
BuildRequires: atm-devel
BuildRequires: pcap-devel
@ -67,11 +60,12 @@ The ppp package should be installed if your machine need to support
the PPP protocol.
%files
%doc FAQ PLUGINS README* scripts sample
%doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample README.eap-tls
%{_sbindir}/chat
%{_sbindir}/pppd
%{_sbindir}/pppdump
%attr(5755,root,root) %{_sbindir}/pppd
%attr(0755,root,daemon) %{_sbindir}/pppstats
%{_sbindir}/pppoe-discovery
%{_sbindir}/pppstats
%{_sbindir}/ppp-watch
%dir %{_sysconfdir}/ppp
%{_sysconfdir}/ppp/ip-up
@ -80,31 +74,29 @@ the PPP protocol.
%{_sysconfdir}/ppp/ip-down.ipv6to4
%{_sysconfdir}/ppp/ipv6-up
%{_sysconfdir}/ppp/ipv6-down
%config %{_sysconfdir}/ppp/eaptls-client
%config %{_sysconfdir}/ppp/eaptls-server
%{_sysconfdir}/sysconfig/network-scripts/ifdown-ppp
%{_sysconfdir}/sysconfig/network-scripts/ifup-ppp
%{_mandir}/man*/*
%exclude %{_mandir}/man8/*rad*
%dir %{_libdir}/pppd
%{_libdir}/pppd/%{version}
%exclude %{_libdir}/pppd/%{version}/pppoatm.so
%exclude %{_libdir}/pppd/%{version}/rp-pppoe.so
%exclude %{_libdir}/pppd/%{version}/rad*
%exclude %{_libdir}/pppd/%{version}/dhcpc.so
%{_tmpfilesdir}/%{name}.conf
%ghost %dir %{_var}/run/ppp
%ghost %{_var}/run/ppp/resolv.conf
%attr(700, root, root) %dir %{_var}/log/ppp
%{_var}/log/ppp/*
%attr(0600,root,daemon) %config(noreplace) %{_sysconfdir}/ppp/chap-secrets
%attr(0600,root,daemon) %config(noreplace) %{_sysconfdir}/ppp/options
%attr(0600,root,daemon) %config(noreplace) %{_sysconfdir}/ppp/pap-secrets
%attr(0600,root,daemon) %{_sysconfdir}/ppp/connect-errors
%attr(0600,root,daemon) %{_sysconfdir}/ppp/resolv.conf
%attr(755,root,daemon) %dir %{_sysconfdir}/ppp/peers
%{_mandir}/man8/chat.8*
%{_mandir}/man8/pppd.8*
%{_mandir}/man8/pppdump.8*
%{_mandir}/man8/pppd-radattr.8*
%{_mandir}/man8/pppd-radius.8*
%{_mandir}/man8/pppstats.8*
%{_mandir}/man8/pppoe-discovery.8*
%{_mandir}/man8/ppp-watch.8*
%{_libdir}/pppd
%ghost %dir %{_rundir}/ppp
%ghost %dir %{_rundir}/lock/ppp
%dir %{_sysconfdir}/logrotate.d
%attr(700, root, root) %dir %{_localstatedir}/log/ppp
%config(noreplace) %{_sysconfdir}/ppp/eaptls-client
%config(noreplace) %{_sysconfdir}/ppp/eaptls-server
%config(noreplace) %{_sysconfdir}/ppp/chap-secrets
%config(noreplace) %{_sysconfdir}/ppp/options
%config(noreplace) %{_sysconfdir}/ppp/pap-secrets
%config(noreplace) %{_sysconfdir}/pam.d/ppp
%config(noreplace) %{_sysconfdir}/logrotate.d/ppp
%{_tmpfilesdir}/ppp.conf
%{_sysconfdir}/sysconfig/network-scripts/ifdown-ppp
%{_sysconfdir}/sysconfig/network-scripts/ifup-ppp
%post
%tmpfiles_create %{_tmpfilesdir}/%{name}.conf
@ -170,125 +162,44 @@ Radius plugin for %{name}.
#----------------------------------------------------------------------------
%package dhcp
Summary: DHCP plugin for %{name}
Group: System/Servers
Requires: %{name} = %{EVRD}
%description dhcp
DHCP plugin for %{name}.
%files dhcp
%doc pppd/plugins/dhcp/README
%doc pppd/plugins/dhcp/AUTHORS
%doc pppd/plugins/dhcp/COPYING
%{_libdir}/pppd/%{version}/dhcpc.so
#----------------------------------------------------------------------------
%prep
%setup -q
%patch0 -p1 -b .make
%patch1 -p1 -b .sample
%patch2 -p1 -b .options
%patch3 -p1 -b .pppdump-Makefile
%autopatch -p1
# (gg) add noext-traffic option
%patch4 -p1 -b .noext
%patch5 -p1 -b .libatm
%patch6 -p1 -b .pie
%patch7 -p1 -b .multipledefrt
tar -xjf %{SOURCE2}
pushd pppd/plugins
tar -xjf %{SOURCE5}
popd
%patch8 -p1 -b .dontwriteetc
%patch9 -p1 -b .pic
%patch10 -p1 -b .etcppp
%patch11 -p1 -b .incsha1
%patch12 -p1 -b .dhcp
%patch13 -p1 -b .nostrip
%patch14 -p1 -b .linux48
%patch15 -p1
%patch17 -p1
%patch18 -p1
patch -p1 < %{PATCH16}
tar -xJf %{SOURCE112}
chmod go+r scripts/*
find scripts -type f | xargs chmod a-x
# lib64 fixes
perl -pi -e "s|^(LIBDIR.*)\\\$\(DESTDIR\)/lib|\1\\\$(INSTROOT)%{_libdir}|g" pppd/Makefile.linux pppd/plugins/Makefile.linux pppd/plugins/{pppoatm,radius,rp-pppoe,pppol2tp}/Makefile.linux
perl -pi -e "s|(--prefix=/usr)|\1 --libdir=%{_libdir}|g" pppd/plugins/radius/Makefile.linux
perl -pi -e "/_PATH_PLUGIN/ and s,(?:/usr/lib|DESTDIR (\")/lib),\$1%{_libdir}," pppd/pathnames.h
# enable the dhcp plugin
perl -p -i -e "s|^(PLUGINS :=)|SUBDIRS += dhcp\n\$1|g" pppd/plugins/Makefile.linux
# fix /usr/local in scripts path
perl -pi -e "s|/usr/local/bin/pppd|%{_sbindir}/pppd|g;
s|/usr/local/bin/ssh|%{_bindir}/ssh|g;
s|/usr/local/bin/expect|%{_bindir}/expect|g" \
scripts/ppp-on-rsh \
scripts/ppp-on-ssh \
scripts/secure-card
%if %{with inet6}
perl -pi -e "s/#HAVE_INET6/HAVE_INET6/" pppd/Makefile.linux
%endif
tar -xJf %{SOURCE12}
%build
perl -pi -e "s/openssl/openssl -DOPENSSL_NO_SHA1/;" openssl/crypto/sha/Makefile
%configure
%make RPM_OPT_FLAGS="%{optflags}" LIBDIR=%{_libdir}
%make -C pppd/plugins -f Makefile.linux
%make -C ppp-watch %{?_smp_mflags}
%configure --cflags="$RPM_OPT_FLAGS -fPIC -Wall -fno-strict-aliasing"
%make_build LDFLAGS="%{ldflags} -pie"
%make_build -C ppp-watch LDFLAGS="%{ldflags} -pie"
%install
mkdir -p %{buildroot}{%{_sbindir},%{_bindir},/usr/X11R6/bin/,%{_mandir}/man8,%{_sysconfdir}/{ppp/peers,pam.d}}
%makeinstall LIBDIR=%{buildroot}%{_libdir}/pppd/%{version}/ INSTALL=install -C pppd/plugins/dhcp
%makeinstall INSTROOT=%{buildroot} SUBDIRS="pppoatm rp-pppoe radius pppol2tp"
%makeinstall ROOT=%{buildroot} mandir=/usr/share/man -C ppp-watch install
# (gg) Allow stripping
chmod u+w %{buildroot}%{_sbindir}/*
chmod go+r scripts/*
make INSTROOT=%{buildroot} install install-etcppp
find scripts -type f | xargs chmod a-x
make ROOT=%{buildroot} -C ppp-watch install
# create log files dir
install -d %{buildroot}%{_localstatedir}/log/ppp
# install pam config
install -d %{buildroot}%{_sysconfdir}/pam.d
install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/ppp
install -m 644 %{SOURCE3} %{_builddir}/%{name}-%{version}/
# (stew) fix permissions
chmod 0755 `find %{buildroot} -name "*\.so"`
# Provide pointers for people who expect stuff in old places
touch %{buildroot}%{_var}/log/ppp/connect-errors
touch %{buildroot}%{_var}/run/ppp/resolv.conf
ln -s ../../var/log/ppp/connect-errors %{buildroot}%{_sysconfdir}/ppp/connect-errors
ln -s ../../var/run/ppp/resolv.conf %{buildroot}%{_sysconfdir}/ppp/resolv.conf
# Logrotate script
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/logrotate.d/ppp
# install tmpfiles conf
install -m644 -D %{SOURCE6} %{buildroot}%{_tmpfilesdir}/%{name}.conf
# install logrotate script
install -d %{buildroot}%{_sysconfdir}/logrotate.d
install -m 644 -p %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/ppp
# install tmpfiles drop-in
install -d %{buildroot}%{_tmpfilesdir}
install -m 644 -p %{SOURCE3} %{buildroot}%{_tmpfilesdir}/ppp.conf
# install scripts (previously owned by initscripts package)
install -d %{buildroot}%{_sysconfdir}/ppp
install -p %{SOURCE104} %{buildroot}%{_sysconfdir}/ppp/ip-down
install -p %{SOURCE105} %{buildroot}%{_sysconfdir}/ppp/ip-down.ipv6to4
install -p %{SOURCE106} %{buildroot}%{_sysconfdir}/ppp/ip-up
install -p %{SOURCE107} %{buildroot}%{_sysconfdir}/ppp/ip-up.ipv6to4
install -p %{SOURCE108} %{buildroot}%{_sysconfdir}/ppp/ipv6-down
install -p %{SOURCE109} %{buildroot}%{_sysconfdir}/ppp/ipv6-up
install -p %{SOURCE4} %{buildroot}%{_sysconfdir}/ppp/ip-down
install -p %{SOURCE5} %{buildroot}%{_sysconfdir}/ppp/ip-down.ipv6to4
install -p %{SOURCE6} %{buildroot}%{_sysconfdir}/ppp/ip-up
install -p %{SOURCE7} %{buildroot}%{_sysconfdir}/ppp/ip-up.ipv6to4
install -p %{SOURCE8} %{buildroot}%{_sysconfdir}/ppp/ipv6-down
install -p %{SOURCE9} %{buildroot}%{_sysconfdir}/ppp/ipv6-up
install -d %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/
install -p %{SOURCE110} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifup-ppp
install -p %{SOURCE111} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdown-ppp
install -p %{SOURCE10} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifup-ppp
install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdown-ppp
# ghosts
mkdir -p %{buildroot}%{_rundir}/ppp
mkdir -p %{buildroot}%{_rundir}/lock/ppp