aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/ppp
Commit message (Collapse)AuthorAgeFilesLines
* ppp: activate PIE ASLR by defaultPetr Štetiar2020-03-011-0/+1
| | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. Size increase on imx6: 112681 ppp_2.4.8-2_arm_cortex-a9_neon.ipk 121879 ppp_2.4.8-2_arm_cortex-a9_neon.ipk = 9198 diff Acked-by: Alexander Couzens <lynxis@fe80.eu> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ppp: backport security fixesPetr Štetiar2020-02-264-1/+129
| | | | | | | | | | 8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP 8d7970b8f3db pppd: Fix bounds check in EAP code 858976b1fc31 radius: Prevent buffer overflow in rc_mksid() Signed-off-by: Petr Štetiar <ynezz@true.cz> Fixes: CVE-2020-8597 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* Revert "ppp: backport security fixes"Jo-Philipp Wich2020-02-264-129/+1
| | | | | | | | This reverts commit 215598fd03899c19a9cd26266221269dd5ec8cee since it didn't contain a reference to the CVE it addresses. The next commit will re-add the commit including a CVE reference in its commit message. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ppp: backport security fixesPetr Štetiar2020-02-204-1/+129
| | | | | | | | 8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP 8d7970b8f3db pppd: Fix bounds check in EAP code 858976b1fc31 radius: Prevent buffer overflow in rc_mksid() Signed-off-by: Petr Štetiar <ynezz@true.cz>
* pppd: update to 2.4.8DENG Qingfang2020-01-0521-68/+67
| | | | | | | | | | | | | | | | | | | | 78cd384 Update README and patchlevel.h for 2.4.8 release 5d03403 pppd: Avoid use of strnlen (and strlen) in vslprintf a1e950a pppd: Fix IPv6 default route code for Solaris ca5e61b plugins/rp-pppoe: Make tag parsing loop condition more accurate c10c3c7 pppd: Make sure word read from options file is null-terminated b311e98 pppd: Limit memory accessed by string formats with max length specified 3ea9de9 pppd: Eliminate some more compiler warnings 57edb1a pppd: Include time.h header before using time_t 09f695f pppd: Don't free static string 03104ba pppd.h: Add missing headers 388597e pppd: Add defaultroute6 and related options 66ce4ba pppd: Avoid declarations within statements in main.c 5637180 pppd: Fix `ifname` option in case of multilink (#105) d00f8a0 pppd: Fix variable reference syntax in Makefile.linux b6b4d28 pppd: Check tdb pointer before closing Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* ppp: update to version 2.4.7.git-2019-10-04Hans Dedecker2019-10-1026-164/+104
| | | | | | | | | | | | | | | | | | | | 0d004db Revert "pppd: Include time.h before using time_t" e400854 pppdump: Eliminate printf format warning by using %zd 7f2f0de pppd: Refactor setjmp/longjmp with pipe pair in event wait loop 4e71317 make: Avoid using host include for cross-compiling 3202f89 pppoe: Remove the use of cdefs d8e8d7a pppd: Remove unused rcsid variables 486f854 pppd: Fix GLIBC version test for non-glibc toolchains b6cd558 pppd: Include time.h before using time_t ef8ec11 radius: Fix compiler warning f6330ec magic: Remove K&R style of arguments 347904e Add Submitting-patches.md Remove patches 130-no_cdefs_h.patch, 131-missing_prototype_macro.patch, 132-fix_linux_includes.patch as fixed upstream Refresh patches Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* build: include BUILD_VARIANT in PKG_BUILD_DIRJeffery To2019-08-051-2/+0
| | | | | | | | | | | This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into account (if set), so that packages do not need to manually override PKG_BUILD_DIR just to handle variants. This also updates most base packages with variants to use the updated default PKG_BUILD_DIR. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* ppp: add config options to tune discovery timeout and attemptsHans Dedecker2019-05-312-1/+8
| | | | | | | | | | | Upstream PPP project has added in commit 8e77984 options to tune discovery timeout and attempts in the rp-pppoe plugin. Expose these options in the uci datamodel for pppoe: padi_attempts: Number of discovery attempts padi_timeout: Initial timeout for discovery packets in seconds Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ppp: update to version 2.4.7.git-2019-05-25Hans Dedecker2019-05-311-3/+3
| | | | | | 8e77984 rp-pppoe plugin: Add options to tune discovery timeout and number of attempts Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ppp: update to version 2.4.7.git-2019-05-18Hans Dedecker2019-05-186-287/+7
| | | | | | | | | | | c9d9dbf pppoe: Custom host-uniq tag 44012ae plugins/rp-pppoe: Fix compile errors Refresh patches Drop 520-uniq patch as upstream accepted Drop 150-debug_compile_fix patch as fixed upstream Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ppp: update to version 2.4.7.git-2019-05-06Hans Dedecker2019-05-138-32/+32
| | | | | | | fcb076c Various fixes for errors found by coverity static analysis (#109) d98ab38 Merge branch 'pppd_print_changes' of https://github.com/nlhintz/ppp into nlhintz-pppd_print_changes Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ppp: update to version 2.4.7.git-2018-06-23Martin Schiller2019-01-2533-406/+270
| | | | | | | | | | | This bumps ppp to latest git version. There is one upstream commit, which changes DES encryption calls from libcrypt / glibc to openssl. As long as we don't use glibc-2.28, revert this commit. Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* ppp: don't start ppp with IPv6 support if ipv6 is not supportedRosy Song2018-10-162-5/+8
| | | | | Signed-off-by: Rosy Song <rosysong@rosinson.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ppp: remove hardcoded lcp-echo-failure, lcp-echo-interval valuesJo-Philipp Wich2018-08-302-2/+2
| | | | | | | | | | | | | | | | | | | | | | OpenWrt used to ship hardcoded defaults for lcp-echo-failure and lcp-echo-interval in the non-uci /etc/ppp/options file. These values break uci support for *disabling* LCP echos through the use of "option keepalive 0" as either omitting the keepalive option or setting it to 0 will result in no lcp-echo-* flags getting passed to the pppd cmdline, causing the pppd process to revert to the defaults in /etc/ppp/options. Address this issue by letting the uci "keepalive" option default to the former hardcoded values "5, 1" and by removing the fixed lcp-echo-failure and lcp-echo-interval settings from the /etc/ppp/options files. Ref: https://github.com/openwrt/luci/issues/2112 Ref: https://dev.archive.openwrt.org/ticket/2373.html Ref: https://bugs.openwrt.org/index.php?do=details&task_id=854 Ref: https://bugs.openwrt.org/index.php?do=details&task_id=1259 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ppp: fix building pptp pluginJo-Philipp Wich2018-07-172-1/+12
| | | | | | | | | The pptp.so plugin needs to be built with -fPIC as well in order to be linkable again. Fixes 888a15ff83 ("ppp: add missing -fPIC to rp-pppoe.so CFLAGS") Fixes e7397eef69 ("ppp: compile with LTO enabled") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ppp: add missing -fPIC to rp-pppoe.so CFLAGSFelix Fietkau2018-07-141-0/+11
| | | | | | Fixes build error with LTO Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: compile with LTO enabledFelix Fietkau2018-07-131-2/+2
| | | | | | Reduces .ipk size on MIPS from 98.5k to 98k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: fix linker flags for the radius pluginFelix Fietkau2018-07-131-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* Revert "ppp: make ppp-multilink provide ppp"Felix Fietkau2018-03-291-10/+9
| | | | | | | | | | opkg currently has some issues with Provides and this change makes the image builder fail because of that. Revert the change for now until opkg is fixed This reverts commit 092d75aa3e86db8331fffdbd0a99987df9dc438b. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: make ppp-multilink provide pppFelix Fietkau2018-03-121-9/+10
| | | | | | Fixes dependencies on ppp from other packages Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: fix build with kernel 4.14.9+Mathias Kresin2018-02-201-1/+6
| | | | | | | | With a9772285a724 ("linux/compiler.h: Split into compiler.h and compiler_types.h") compiler.h was refactored and most its content was moved to compiler_types.h. Both files are required to build ppp-mod-pppoa. Signed-off-by: Mathias Kresin <dev@kresin.me>
* add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-171-0/+1
| | | | | | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Thanks to swalker for CPE to package mapping and keep tracking CVEs. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* ppp: make the patches apply correctly againHauke Mehrtens2017-10-161-1/+1
| | | | | | | This fixes a compile problem recently introduced by me. Fixes: f40fd43ab2f ("ppp: fix compile warning") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ppp: fix compile warningHauke Mehrtens2017-10-151-0/+1
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ppp: propagate master firewall zone to dynamic slave interfaceHans Dedecker2017-05-312-1/+4
| | | | | | | | | | Assign the virtual DHCPv6 interface the firewall zone of the parent interface so fw3 knows the zone to which the virtual DHCPv6 interface belongs. This guarantees the firewall settings are applied correctly for the virtual DHCPv6 interface and allows to query the zone to which the virtual DHCPv6 interface belongs via the fw3 network option. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ppp: propagate master peerdns setting to dynamic slave interfaceJo-Philipp Wich2017-03-073-2/+4
| | | | | | | | | | Honour the parent interfaces peerdns option when spawning a virtual DHCPv6 interface in order to avoid pulling in IPv6 DNS servers when the user opted to inhibit peer DNS servers in the configuration. Fixes #597. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ppp: ppp6-up: add executable permission bitYousong Zhou2017-02-241-0/+0
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* ppp: honor ip6table for IPv6 PPP interfacesUlrich Weber2017-02-132-1/+3
| | | | | | | | as we do for IPv4 PPP interfaces. When we create the dynamic IPv6 interface we should inherit ip6table from main interface. Signed-off-by: Ulrich Weber <ulrich.weber@riverbed.com>
* ppp: add pppoe-discovery to an independent packageFlorian Eckert2017-02-131-0/+17
| | | | | | | | pppoe-discovery performs the same discovery process as pppoe, but does not initiate a session Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* pppd: fix compile issues with glibc 2.25Felix Fietkau2017-02-112-46/+28
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ccache, samba36: fix samba.org addresses to use httpsHannu Nyman2017-02-021-1/+1
| | | | | | | | | | | | samba.org has started to enforce https and currently plain http downloads with curl/wget fail, so convert samba.org download links to use https. Modernise links at the same time. Also convert samba.org URL fields to have https. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: use --gc-sections to save a tiny bit of spaceFelix Fietkau2016-12-141-0/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: Split the ppp-up for the IPv6 partPierre Lebleu2016-12-044-12/+29
| | | | Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
* ppp: Extend uci datamodel with persistency sypportHans Dedecker2016-08-182-3/+13
| | | | | | | | | | | | | | | | | | | | PPP daemon can be put into persist mode meaning the daemon will not exit after a connection gets terminated but will instead try to reopen the connection. The re-initiation after the link has been terminated can be controlled via holdoff; this is helpfull in scenarios where a BRAS is in denial of service mode due to link setup requests after a BRAS has gone down Following uci parameters have been added : persist (boolean) : Puts the ppp daemon in persist mode maxfail (integer) : Number of consecutive fail attempts which puts the PPP daemon in exit mode holdoff (interget) : Specifies how many seconds to wait before re-initiating link setup after it has been terminated Signed-off-by: Alin Nastac <alin.nastac@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* treewide: replace jow@openwrt.org with jo@mein.ioJo-Philipp Wich2016-06-0726-26/+26
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: Add ppp-mod-passwordfd subpackage to pppHans Dedecker2016-04-281-1/+19
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ppp: use more reliable way to set script environmentSteven Barth2015-09-152-2/+3
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 46942
* comgt/umbim/uqmi: enable RFC 7278 for 3g/4g by defaultSteven Barth2015-09-031-0/+1
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 46780
* ppp: honor LDFLAGSSteven Barth2015-06-194-3/+42
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 46068
* ppp: bump PKG_RELEASESteven Barth2015-06-121-1/+1
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45949
* ppp : Unnumbered supportSteven Barth2015-06-121-1/+39
| | | | | | | | | | | | | | | | | Adds PPP unnumbered support via the parameter unnumbered which points to a logical OpenWRT interface. The PPP proto shell handler will "borrow" an IP address from the unnumbered interface (if multiple IP addresses are present the longest prefix different from 32 will be "borrowed") for which a host interface dependency will be created. Due to the host interface dependency the PPP unnumbered interface will only "borrow" an IP address from an interface which is up. The borrowed IP address will be shared as local IP address by the PPP daemon and no other local IP will be accepted from the peer in the IPCP negotiation. A typical use case is the usage of a public IP subnet on the Lan interface which will be shared by the PPP interface as local IP address. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 45948
* ppp: fix download URLHauke Mehrtens2015-06-061-1/+1
| | | | | | | | The file is not available at the older path any more. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 45910
* ppp: do not warn if connect() before close() on pppoe terminate fails (fixes ↵Felix Fietkau2015-05-261-0/+14
| | | | | | | | #19651) Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45755
* ppp: remove the persist option, netifd handles reconnectsFelix Fietkau2015-05-091-1/+1
| | | | | | | | Significantly reduces reconnect delay Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45654
* network: also shorten virtual interface names of ppp and 3g/4g connectionsSteven Barth2015-04-171-1/+1
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45479
* ppp: Detailed last error supportJohn Crispin2015-04-091-4/+47
| | | | | | | | | | | | Enables last error support for the PPP protocol handlers. In generic teardown the PPP daemon exit code is translated into a self explaining error string which is set as interface error by proto_notify_error in case of failure. Signed-off-by: Johan Peeters <johan.peeters111@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 45333
* ppp: Fix missing arg argument when using option flag OPT_A2STRVALJohn Crispin2015-04-031-0/+11
| | | | | | | | | The arg argument is missing to the printer call in the print_option utility when the option flag OPT_A2STRVAL is set. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 45264
* ppp: Fix seg fault when using pppol2tpJohn Crispin2015-04-031-0/+13
| | | | | | | | | | | PPPD crashes (SEGV) when the dump or dryrun options are specified and an option is internally defined as "o_special" with an option flag of "OPT_A2STRVAL". As the option value is not saved when the parameter is processed, a reference to the option will result into a crash (e.g. when printing). Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 45263
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 01:07:44 +0000