diff options
Diffstat (limited to 'package/network/services/ppp/patches/110-debian_defaultroute.patch')
| -rw-r--r-- | package/network/services/ppp/patches/110-debian_defaultroute.patch | 313 |
1 files changed, 313 insertions, 0 deletions
diff --git a/package/network/services/ppp/patches/110-debian_defaultroute.patch b/package/network/services/ppp/patches/110-debian_defaultroute.patch new file mode 100644 index 0000000..e8659ea --- /dev/null +++ b/package/network/services/ppp/patches/110-debian_defaultroute.patch @@ -0,0 +1,313 @@ +pppd: Add "replacedefaultroute" and "noreplacedefaultroute" options + +This patch implements two new options, "replacedefaultroute" to replace any +existing system default route when specified and "noreplacedefaultroute" to +disable the "replacedefaultroute" option, which is useful in multi user +environments where the administrator wants to allow users to dial pppd +connections but not allow them to change the system default route. + +The patch originated from the Debian project. + +Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> + +--- a/pppd/ipcp.c ++++ b/pppd/ipcp.c +@@ -198,6 +198,14 @@ static option_t ipcp_option_list[] = { + "disable defaultroute option", OPT_ALIAS | OPT_A2CLR, + &ipcp_wantoptions[0].default_route }, + ++ { "replacedefaultroute", o_bool, ++ &ipcp_wantoptions[0].replace_default_route, ++ "Replace default route", 1 ++ }, ++ { "noreplacedefaultroute", o_bool, ++ &ipcp_allowoptions[0].replace_default_route, ++ "Never replace default route", OPT_A2COPY, ++ &ipcp_wantoptions[0].replace_default_route }, + { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, + "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, + { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, +@@ -271,7 +279,7 @@ struct protent ipcp_protent = { + ip_active_pkt + }; + +-static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t)); ++static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool)); + static void ipcp_script __P((char *, int)); /* Run an up/down script */ + static void ipcp_script_done __P((void *)); + +@@ -1761,7 +1769,8 @@ ip_demand_conf(u) + if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) + return 0; + if (wo->default_route) +- if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr)) ++ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr, ++ wo->replace_default_route)) + default_route_set[u] = 1; + if (wo->proxy_arp) + if (sifproxyarp(u, wo->hisaddr)) +@@ -1849,7 +1858,8 @@ ipcp_up(f) + */ + if (demand) { + if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { +- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr); ++ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr, ++ wo->replace_default_route); + if (go->ouraddr != wo->ouraddr) { + warn("Local IP address changed to %I", go->ouraddr); + script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); +@@ -1874,7 +1884,8 @@ ipcp_up(f) + + /* assign a default route through the interface if required */ + if (ipcp_wantoptions[f->unit].default_route) +- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) ++ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, ++ wo->replace_default_route)) + default_route_set[f->unit] = 1; + + /* Make a proxy ARP entry if requested. */ +@@ -1924,7 +1935,8 @@ ipcp_up(f) + + /* assign a default route through the interface if required */ + if (ipcp_wantoptions[f->unit].default_route) +- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) ++ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, ++ wo->replace_default_route)) + default_route_set[f->unit] = 1; + + /* Make a proxy ARP entry if requested. */ +@@ -2002,7 +2014,7 @@ ipcp_down(f) + sifnpmode(f->unit, PPP_IP, NPMODE_DROP); + sifdown(f->unit); + ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, +- ipcp_hisoptions[f->unit].hisaddr); ++ ipcp_hisoptions[f->unit].hisaddr, 0); + } + + /* Execute the ip-down script */ +@@ -2018,16 +2030,25 @@ ipcp_down(f) + * proxy arp entries, etc. + */ + static void +-ipcp_clear_addrs(unit, ouraddr, hisaddr) ++ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute) + int unit; + u_int32_t ouraddr; /* local address */ + u_int32_t hisaddr; /* remote address */ ++ bool replacedefaultroute; + { + if (proxy_arp_set[unit]) { + cifproxyarp(unit, hisaddr); + proxy_arp_set[unit] = 0; + } +- if (default_route_set[unit]) { ++ /* If replacedefaultroute, sifdefaultroute will be called soon ++ * with replacedefaultroute set and that will overwrite the current ++ * default route. This is the case only when doing demand, otherwise ++ * during demand, this cifdefaultroute would restore the old default ++ * route which is not what we want in this case. In the non-demand ++ * case, we'll delete the default route and restore the old if there ++ * is one saved by an sifdefaultroute with replacedefaultroute. ++ */ ++ if (!replacedefaultroute && default_route_set[unit]) { + cifdefaultroute(unit, ouraddr, hisaddr); + default_route_set[unit] = 0; + } +--- a/pppd/ipcp.h ++++ b/pppd/ipcp.h +@@ -70,6 +70,7 @@ typedef struct ipcp_options { + bool old_addrs; /* Use old (IP-Addresses) option? */ + bool req_addr; /* Ask peer to send IP address? */ + bool default_route; /* Assign default route through interface? */ ++ bool replace_default_route; /* Replace default route through interface? */ + bool proxy_arp; /* Make proxy ARP entry for peer? */ + bool neg_vj; /* Van Jacobson Compression? */ + bool old_vj; /* use old (short) form of VJ option? */ +--- a/pppd/pppd.8 ++++ b/pppd/pppd.8 +@@ -121,6 +121,11 @@ the gateway, when IPCP negotiation is su + This entry is removed when the PPP connection is broken. This option + is privileged if the \fInodefaultroute\fR option has been specified. + .TP ++.B replacedefaultroute ++This option is a flag to the defaultroute option. If defaultroute is ++set and this flag is also set, pppd replaces an existing default route ++with the new default route. ++.TP + .B disconnect \fIscript + Execute the command specified by \fIscript\fR, by passing it to a + shell, after +@@ -734,7 +739,12 @@ disable both forms of hardware flow cont + .TP + .B nodefaultroute + Disable the \fIdefaultroute\fR option. The system administrator who +-wishes to prevent users from creating default routes with pppd ++wishes to prevent users from adding a default route with pppd ++can do so by placing this option in the /etc/ppp/options file. ++.TP ++.B noreplacedefaultroute ++Disable the \fIreplacedefaultroute\fR option. The system administrator who ++wishes to prevent users from replacing a default route with pppd + can do so by placing this option in the /etc/ppp/options file. + .TP + .B nodeflate +--- a/pppd/pppd.h ++++ b/pppd/pppd.h +@@ -667,7 +667,7 @@ int sif6addr __P((int, eui64_t, eui64_t + int cif6addr __P((int, eui64_t, eui64_t)); + /* Remove an IPv6 address from i/f */ + #endif +-int sifdefaultroute __P((int, u_int32_t, u_int32_t)); ++int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt)); + /* Create default route through i/f */ + int cifdefaultroute __P((int, u_int32_t, u_int32_t)); + /* Delete default route through i/f */ +--- a/pppd/sys-linux.c ++++ b/pppd/sys-linux.c +@@ -207,6 +207,8 @@ static unsigned char inbuf[512]; /* buff + static int if_is_up; /* Interface has been marked up */ + static int if6_is_up; /* Interface has been marked up for IPv6, to help differentiate */ + static int have_default_route; /* Gateway for default route added */ ++static struct rtentry old_def_rt; /* Old default route */ ++static int default_rt_repl_rest; /* replace and restore old default rt */ + static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ + static char proxy_arp_dev[16]; /* Device for proxy arp entry */ + static u_int32_t our_old_addr; /* for detecting address changes */ +@@ -1552,6 +1554,9 @@ static int read_route_table(struct rtent + p = NULL; + } + ++ SET_SA_FAMILY (rt->rt_dst, AF_INET); ++ SET_SA_FAMILY (rt->rt_gateway, AF_INET); ++ + SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); + SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); + SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); +@@ -1621,20 +1626,51 @@ int have_route_to(u_int32_t addr) + /******************************************************************** + * + * sifdefaultroute - assign a default route through the address given. +- */ +- +-int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway) +-{ +- struct rtentry rt; +- +- if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) { +- if (rt.rt_flags & RTF_GATEWAY) +- error("not replacing existing default route via %I", +- SIN_ADDR(rt.rt_gateway)); +- else ++ * ++ * If the global default_rt_repl_rest flag is set, then this function ++ * already replaced the original system defaultroute with some other ++ * route and it should just replace the current defaultroute with ++ * another one, without saving the current route. Use: demand mode, ++ * when pppd sets first a defaultroute it it's temporary ppp0 addresses ++ * and then changes the temporary addresses to the addresses for the real ++ * ppp connection when it has come up. ++ */ ++ ++int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace) ++{ ++ struct rtentry rt, tmp_rt; ++ struct rtentry *del_rt = NULL; ++ ++ if (default_rt_repl_rest) { ++ /* We have already reclaced the original defaultroute, if we ++ are called again, we will delete the current default route ++ and set the new default route in this function. ++ - this is normally only the case the doing demand: */ ++ if (defaultroute_exists(&tmp_rt)) ++ del_rt = &tmp_rt; ++ } else if (defaultroute_exists(&old_def_rt) && ++ strcmp(old_def_rt.rt_dev, ifname) != 0) { ++ /* We did not yet replace an existing default route, let's ++ check if we should save and replace a default route: */ ++ if (old_def_rt.rt_flags & RTF_GATEWAY) { ++ if (!replace) { ++ error("not replacing existing default route via %I", ++ SIN_ADDR(old_def_rt.rt_gateway)); ++ return 0; ++ } else { ++ /* we need to copy rt_dev because we need it permanent too: */ ++ char *tmp_dev = malloc(strlen(old_def_rt.rt_dev) + 1); ++ strcpy(tmp_dev, old_def_rt.rt_dev); ++ old_def_rt.rt_dev = tmp_dev; ++ ++ notice("replacing old default route to %s [%I]", ++ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); ++ default_rt_repl_rest = 1; ++ del_rt = &old_def_rt; ++ } ++ } else + error("not replacing existing default route through %s", +- rt.rt_dev); +- return 0; ++ old_def_rt.rt_dev); + } + + memset (&rt, 0, sizeof (rt)); +@@ -1649,10 +1685,16 @@ int sifdefaultroute (int unit, u_int32_t + + rt.rt_flags = RTF_UP; + if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) { +- if ( ! ok_error ( errno )) ++ if (!ok_error(errno)) + error("default route ioctl(SIOCADDRT): %m"); + return 0; + } ++ if (default_rt_repl_rest && del_rt) ++ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) { ++ if (!ok_error(errno)) ++ error("del old default route ioctl(SIOCDELRT): %m"); ++ return 0; ++ } + + have_default_route = 1; + return 1; +@@ -1683,11 +1725,21 @@ int cifdefaultroute (int unit, u_int32_t + rt.rt_flags = RTF_UP; + if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) { + if (still_ppp()) { +- if ( ! ok_error ( errno )) ++ if (!ok_error(errno)) + error("default route ioctl(SIOCDELRT): %m"); + return 0; + } + } ++ if (default_rt_repl_rest) { ++ notice("restoring old default route to %s [%I]", ++ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); ++ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) { ++ if (!ok_error(errno)) ++ error("restore default route ioctl(SIOCADDRT): %m"); ++ return 0; ++ } ++ default_rt_repl_rest = 0; ++ } + + return 1; + } +--- a/pppd/sys-solaris.c ++++ b/pppd/sys-solaris.c +@@ -2039,12 +2039,18 @@ cifaddr(u, o, h) + * sifdefaultroute - assign a default route through the address given. + */ + int +-sifdefaultroute(u, l, g) ++sifdefaultroute(u, l, g, replace) + int u; + u_int32_t l, g; ++ bool replace; + { + struct rtentry rt; + ++ if (replace) { ++ error("replacedefaultroute not supported on this platform"); ++ return 0; ++ } ++ + #if defined(__USLC__) + g = l; /* use the local address as gateway */ + #endif |