aboutsummaryrefslogtreecommitdiffstats
path: root/package
diff options
context:
space:
mode:
Diffstat (limited to 'package')
-rw-r--r--package/network/services/ppp/Makefile10
-rwxr-xr-xpackage/network/services/ppp/files/ppp.sh4
-rw-r--r--package/network/services/ppp/patches/010-use_target_for_configure.patch22
-rw-r--r--package/network/services/ppp/patches/100-debian_ip-ip_option.patch96
-rw-r--r--package/network/services/ppp/patches/101-debian_close_dev_ppp.patch28
-rw-r--r--package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch23
-rw-r--r--package/network/services/ppp/patches/105-debian_demand.patch30
-rw-r--r--package/network/services/ppp/patches/106-debian_stripMSdomain.patch47
-rw-r--r--package/network/services/ppp/patches/107-debian_pppoatm_wildcard.patch25
-rw-r--r--package/network/services/ppp/patches/110-debian_defaultroute.patch314
-rw-r--r--package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch18
-rw-r--r--package/network/services/ppp/patches/140-pppoe_compile_fix.patch36
-rw-r--r--package/network/services/ppp/patches/200-makefile.patch23
-rw-r--r--package/network/services/ppp/patches/201-mppe_mppc_1.1.patch133
-rw-r--r--package/network/services/ppp/patches/202-no_strip.patch88
-rw-r--r--package/network/services/ppp/patches/203-opt_flags.patch36
-rw-r--r--package/network/services/ppp/patches/205-no_exponential_timeout.patch4
-rw-r--r--package/network/services/ppp/patches/207-lcp_mtu_max.patch2
-rw-r--r--package/network/services/ppp/patches/208-fix_status_code.patch2
-rw-r--r--package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch6
-rw-r--r--package/network/services/ppp/patches/310-precompile_filter.patch30
-rw-r--r--package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch33
-rw-r--r--package/network/services/ppp/patches/330-retain_foreign_default_routes.patch2
-rw-r--r--package/network/services/ppp/patches/340-populate_default_gateway.patch6
-rw-r--r--package/network/services/ppp/patches/400-simplify_kernel_checks.patch32
-rw-r--r--package/network/services/ppp/patches/401-no_record_file.patch6
-rw-r--r--package/network/services/ppp/patches/403-no_wtmp.patch4
-rw-r--r--package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch16
-rw-r--r--package/network/services/ppp/patches/405-no_multilink_option.patch2
-rw-r--r--package/network/services/ppp/patches/500-add-pptp-plugin.patch14
-rw-r--r--package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch25
31 files changed, 226 insertions, 891 deletions
diff --git a/package/network/services/ppp/Makefile b/package/network/services/ppp/Makefile
index 48d7120a72..10e9bdfdfe 100644
--- a/package/network/services/ppp/Makefile
+++ b/package/network/services/ppp/Makefile
@@ -13,14 +13,14 @@ PKG_RELEASE:=3
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/paulusmack/ppp
-PKG_SOURCE_DATE:=2020-10-03
-PKG_SOURCE_VERSION:=ad3937a0a38a696eb1a37dbf8f92e8e6072cdccb
-PKG_MIRROR_HASH:=c5b39615eb62728431b19f3ae5428eb1e2fc705b4b7b960228fe5b5d7b5a4bca
+PKG_SOURCE_DATE:=2021-01-04
+PKG_SOURCE_VERSION:=4fb319056f168bb8379865b91b4fd3e1ada73f1e
+PKG_MIRROR_HASH:=429cb5fcff36e1d8698766130711d4764347f08b83233dfb4831bea21616efef
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-4-Clause
PKG_CPE_ID:=cpe:/a:samba:ppp
-PKG_RELEASE_VERSION:=2.4.8
+PKG_RELEASE_VERSION:=2.4.9
PKG_VERSION:=$(PKG_RELEASE_VERSION).git-$(PKG_SOURCE_DATE)
PKG_BUILD_DEPENDS:=libpcap
@@ -242,7 +242,7 @@ endef
define Package/ppp-mod-pppoe/install
$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/rp-pppoe.so \
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/pppoe.so \
$(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/
endef
diff --git a/package/network/services/ppp/files/ppp.sh b/package/network/services/ppp/files/ppp.sh
index b553effd88..7bbc497c43 100755
--- a/package/network/services/ppp/files/ppp.sh
+++ b/package/network/services/ppp/files/ppp.sh
@@ -234,7 +234,7 @@ proto_pppoe_setup() {
json_get_var padi_timeout padi_timeout
ppp_generic_setup "$config" \
- plugin rp-pppoe.so \
+ plugin pppoe.so \
${ac:+rp_pppoe_ac "$ac"} \
${service:+rp_pppoe_service "$service"} \
${host_uniq:+host-uniq "$host_uniq"} \
@@ -331,7 +331,7 @@ proto_pptp_teardown() {
[ -n "$INCLUDE_ONLY" ] || {
add_protocol ppp
- [ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe
+ [ -f /usr/lib/pppd/*/pppoe.so ] && add_protocol pppoe
[ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa
[ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp
}
diff --git a/package/network/services/ppp/patches/010-use_target_for_configure.patch b/package/network/services/ppp/patches/010-use_target_for_configure.patch
index 7deac0e446..9e8618f83c 100644
--- a/package/network/services/ppp/patches/010-use_target_for_configure.patch
+++ b/package/network/services/ppp/patches/010-use_target_for_configure.patch
@@ -9,16 +9,16 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/configure
+++ b/configure
-@@ -8,9 +8,9 @@ SYSCONF=/etc
- # if [ -d /NextApps ]; then
- # system="NeXTStep"
- # else
-- system=`uname -s`
-- release=`uname -r`
-- arch=`uname -m`
-+ system=${UNAME_S:-`uname -s`}
-+ release=${UNAME_R:-`uname -r`}
-+ arch=${UNAME_M:-`uname -m`}
- # fi
+@@ -10,9 +10,9 @@ CROSS_COMPILE=
+ CC=cc
+ CFLAGS=
+
+-system=`uname -s`
+-release=`uname -r`
+-arch=`uname -m`
++system=${UNAME_S:-`uname -s`}
++release=${UNAME_R:-`uname -r`}
++arch=${UNAME_M:-`uname -m`}
state="unknown"
+ case $system in
diff --git a/package/network/services/ppp/patches/100-debian_ip-ip_option.patch b/package/network/services/ppp/patches/100-debian_ip-ip_option.patch
deleted file mode 100644
index a996622922..0000000000
--- a/package/network/services/ppp/patches/100-debian_ip-ip_option.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-pppd: Allow specifying ip-up and ip-down scripts
-
-This patch implements the "ip-up-script" and "ip-down-script" options which
-allow to specify the path of the ip-up and ip-down scripts to call.
-
-These options default to _PATH_IPUP and _PATH_IPDOWN to retain the
-existing behaviour.
-
-The patch originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
---- a/pppd/ipcp.c
-+++ b/pppd/ipcp.c
-@@ -1957,7 +1957,7 @@ ipcp_up(f)
- */
- if (ipcp_script_state == s_down && ipcp_script_pid == 0) {
- ipcp_script_state = s_up;
-- ipcp_script(_PATH_IPUP, 0);
-+ ipcp_script(path_ipup, 0);
- }
- }
-
-@@ -2007,7 +2007,7 @@ ipcp_down(f)
- /* Execute the ip-down script */
- if (ipcp_script_state == s_up && ipcp_script_pid == 0) {
- ipcp_script_state = s_down;
-- ipcp_script(_PATH_IPDOWN, 0);
-+ ipcp_script(path_ipdown, 0);
- }
- }
-
-@@ -2061,13 +2061,13 @@ ipcp_script_done(arg)
- case s_up:
- if (ipcp_fsm[0].state != OPENED) {
- ipcp_script_state = s_down;
-- ipcp_script(_PATH_IPDOWN, 0);
-+ ipcp_script(path_ipdown, 0);
- }
- break;
- case s_down:
- if (ipcp_fsm[0].state == OPENED) {
- ipcp_script_state = s_up;
-- ipcp_script(_PATH_IPUP, 0);
-+ ipcp_script(path_ipup, 0);
- }
- break;
- }
---- a/pppd/main.c
-+++ b/pppd/main.c
-@@ -306,6 +306,9 @@ main(argc, argv)
- struct protent *protp;
- char numbuf[16];
-
-+ strlcpy(path_ipup, _PATH_IPUP, sizeof(path_ipup));
-+ strlcpy(path_ipdown, _PATH_IPDOWN, sizeof(path_ipdown));
-+
- link_stats_valid = 0;
- new_phase(PHASE_INITIALIZE);
-
---- a/pppd/options.c
-+++ b/pppd/options.c
-@@ -117,6 +117,8 @@ bool tune_kernel; /* may alter kernel s
- int connect_delay = 1000; /* wait this many ms after connect script */
- int req_unit = -1; /* requested interface unit */
- char req_ifname[MAXIFNAMELEN]; /* requested interface name */
-+char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
-+char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */
- bool multilink = 0; /* Enable multilink operation */
- char *bundle_name = NULL; /* bundle name for multilink */
- bool dump_options; /* print out option values */
-@@ -316,6 +318,13 @@ option_t general_options[] = {
- "Metric to use for the default route (Linux only; -1 for default behavior)",
- OPT_PRIV|OPT_LLIMIT|OPT_INITONLY, NULL, 0, -1 },
-
-+ { "ip-up-script", o_string, path_ipup,
-+ "Set pathname of ip-up script",
-+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
-+ { "ip-down-script", o_string, path_ipdown,
-+ "Set pathname of ip-down script",
-+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
-+
- #ifdef HAVE_MULTILINK
- { "multilink", o_bool, &multilink,
- "Enable multilink operation", OPT_PRIO | 1 },
---- a/pppd/pppd.h
-+++ b/pppd/pppd.h
-@@ -335,6 +335,8 @@ extern int connect_delay; /* Time to del
- extern int max_data_rate; /* max bytes/sec through charshunt */
- extern int req_unit; /* interface unit number to use */
- extern char req_ifname[MAXIFNAMELEN]; /* interface name to use */
-+extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
-+extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
- extern bool multilink; /* enable multilink operation */
- extern bool noendpoint; /* don't send or accept endpt. discrim. */
- extern char *bundle_name; /* bundle name for multilink */
diff --git a/package/network/services/ppp/patches/101-debian_close_dev_ppp.patch b/package/network/services/ppp/patches/101-debian_close_dev_ppp.patch
deleted file mode 100644
index 62830179b6..0000000000
--- a/package/network/services/ppp/patches/101-debian_close_dev_ppp.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-pppd: Close already open ppp descriptors
-
-When using the kernel PPPoE driver in conjunction with the "persist" option,
-the already open descriptor to /dev/ppp is not closed when the link is
-reestablished. This eventually leads to high CPU load because the stray
-descriptors are always reported as ready by select().
-
-This patch closes the descriptor if it is already open when establishing a
-new connection. It originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
---- a/pppd/sys-linux.c
-+++ b/pppd/sys-linux.c
-@@ -467,6 +467,13 @@ int generic_establish_ppp (int fd)
- if (new_style_driver) {
- int flags;
-
-+ /* if a ppp_fd is already open, close it first */
-+ if(ppp_fd > 0) {
-+ close(ppp_fd);
-+ remove_fd(ppp_fd);
-+ ppp_fd = -1;
-+ }
-+
- /* Open an instance of /dev/ppp and connect the channel to it */
- if (ioctl(fd, PPPIOCGCHAN, &chindex) == -1) {
- error("Couldn't get channel number: %m");
diff --git a/package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch b/package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch
deleted file mode 100644
index 5a764ab9b2..0000000000
--- a/package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-pppd: Fix creation of linkpidfile
-
-When pppd is run without "nodetach" or with "updetach", the linkpidfile is
-never created. The call to create_linkpidfile() is protected by a check for
-linkpidfile[0] but this is only filled in when create_linkpidfile() is called.
-
-This patch changes to code to allways uncondiationally call
-create_linkpidfile(), it originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
---- a/pppd/main.c
-+++ b/pppd/main.c
-@@ -780,8 +780,7 @@ detach()
- /* update pid files if they have been written already */
- if (pidfilename[0])
- create_pidfile(pid);
-- if (linkpidfile[0])
-- create_linkpidfile(pid);
-+ create_linkpidfile(pid);
- exit(0); /* parent dies */
- }
- setsid();
diff --git a/package/network/services/ppp/patches/105-debian_demand.patch b/package/network/services/ppp/patches/105-debian_demand.patch
index c442f4c8af..ff66aa8ea5 100644
--- a/package/network/services/ppp/patches/105-debian_demand.patch
+++ b/package/network/services/ppp/patches/105-debian_demand.patch
@@ -18,7 +18,7 @@
#ifdef PPP_FILTER
#include <pcap-bpf.h>
#endif
-@@ -220,6 +224,14 @@ loop_chars(p, n)
+@@ -218,6 +222,14 @@ loop_chars(unsigned char *p, int n)
int c, rv;
rv = 0;
@@ -33,14 +33,12 @@
for (; n > 0; --n) {
c = *p++;
if (c == PPP_FLAG) {
-@@ -298,17 +310,102 @@ loop_frame(frame, len)
+@@ -294,16 +306,100 @@ loop_frame(unsigned char *frame, int len
* loopback, now that the real serial link is up.
*/
void
--demand_rexmit(proto)
-+demand_rexmit(proto, newip)
- int proto;
-+ u_int32_t newip;
+-demand_rexmit(int proto)
++demand_rexmit(int proto, u_int32_t newip)
{
struct packet *pkt, *prev, *nextpkt;
+ unsigned short checksum;
@@ -139,7 +137,7 @@
} else {
--- a/pppd/ipcp.c
+++ b/pppd/ipcp.c
-@@ -1882,7 +1882,7 @@ ipcp_up(f)
+@@ -1850,7 +1850,7 @@ ipcp_up(fsm *f)
proxy_arp_set[f->unit] = 1;
}
@@ -150,7 +148,7 @@
} else {
--- a/pppd/ipv6cp.c
+++ b/pppd/ipv6cp.c
-@@ -1258,7 +1258,7 @@ ipv6cp_up(f)
+@@ -1253,7 +1253,7 @@ ipv6cp_up(fsm *f)
if (sif6defaultroute(f->unit, go->ourid, ho->hisid))
default_route_set[f->unit] = 1;
}
@@ -161,12 +159,12 @@
} else {
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
-@@ -602,7 +602,7 @@ void demand_conf __P((void)); /* config
- void demand_block __P((void)); /* set all NPs to queue up packets */
- void demand_unblock __P((void)); /* set all NPs to pass packets */
- void demand_discard __P((void)); /* set all NPs to discard packets */
--void demand_rexmit __P((int)); /* retransmit saved frames for an NP */
-+void demand_rexmit __P((int, u_int32_t)); /* retransmit saved frames for an NP*/
- int loop_chars __P((unsigned char *, int)); /* process chars from loopback */
- int loop_frame __P((unsigned char *, int)); /* should we bring link up? */
+@@ -598,7 +598,7 @@ void demand_conf(void); /* config interf
+ void demand_block(void); /* set all NPs to queue up packets */
+ void demand_unblock(void); /* set all NPs to pass packets */
+ void demand_discard(void); /* set all NPs to discard packets */
+-void demand_rexmit(int); /* retransmit saved frames for an NP */
++void demand_rexmit(int, u_int32_t); /* retransmit saved frames for an NP*/
+ int loop_chars(unsigned char *, int); /* process chars from loopback */
+ int loop_frame(unsigned char *, int); /* should we bring link up? */
diff --git a/package/network/services/ppp/patches/106-debian_stripMSdomain.patch b/package/network/services/ppp/patches/106-debian_stripMSdomain.patch
deleted file mode 100644
index 376de64c43..0000000000
--- a/package/network/services/ppp/patches/106-debian_stripMSdomain.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-pppd: Implement option to strip domain part from MS CHAP response
-
-This patch implements a new boolean option "chapms-strip-domain" which
-strips the leading domain part of the username in a received MS Chap
-response.
-
-When the option is set, all leading chars up to and including the last
-backslash in the username are stripped. The option defaults to false.
-
-The patch originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
---- a/pppd/chap-new.c
-+++ b/pppd/chap-new.c
-@@ -58,6 +58,7 @@ int (*chap_verify_hook)(char *name, char
- int chap_timeout_time = 3;
- int chap_max_transmits = 10;
- int chap_rechallenge_time = 0;
-+int chapms_strip_domain = 0;
-
- /*
- * Command-line options.
-@@ -69,6 +70,8 @@ static option_t chap_option_list[] = {
- "Set max #xmits for challenge", OPT_PRIO },
- { "chap-interval", o_int, &chap_rechallenge_time,
- "Set interval for rechallenge", OPT_PRIO },
-+ { "chapms-strip-domain", o_bool, &chapms_strip_domain,
-+ "Strip the domain prefix before the Username", 1 },
- { NULL }
- };
-
-@@ -336,6 +339,14 @@ chap_handle_response(struct chap_server_
- /* Null terminate and clean remote name. */
- slprintf(rname, sizeof(rname), "%.*v", len, name);
- name = rname;
-+
-+ /* strip the MS domain name */
-+ if (chapms_strip_domain && strrchr(rname, '\\')) {
-+ char tmp[MAXNAMELEN+1];
-+
-+ strcpy(tmp, strrchr(rname, '\\') + 1);
-+ strcpy(rname, tmp);
-+ }
- }
-
- if (chap_verify_hook)
diff --git a/package/network/services/ppp/patches/107-debian_pppoatm_wildcard.patch b/package/network/services/ppp/patches/107-debian_pppoatm_wildcard.patch
deleted file mode 100644
index 6f559a1231..0000000000
--- a/package/network/services/ppp/patches/107-debian_pppoatm_wildcard.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-pppoatm: Allow wildcard ATM devices
-
-When operating pppd's pppoatm plugin with an USB ADSL modem, e.g. an
-Alcatel Speedtouch, the ATM device number might change when the modem is
-reconnected to the USB port or when the host controller resets the USB
-device.
-
-This patch allows to specify the ATM device as wildcard which gives
-enough flexibility to cope with changing device names.
-
-The patch originated from the Debain project.
-
-Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
---- a/pppd/plugins/pppoatm/pppoatm.c
-+++ b/pppd/plugins/pppoatm/pppoatm.c
-@@ -75,7 +75,7 @@ static int setdevname_pppoatm(const char
- //info("PPPoATM setdevname_pppoatm: '%s'", cp);
- memset(&addr, 0, sizeof addr);
- if (text2atm(cp, (struct sockaddr *) &addr, sizeof(addr),
-- T2A_PVC | T2A_NAME) < 0) {
-+ T2A_PVC | T2A_NAME | T2A_WILDCARD) < 0) {
- if(doit)
- info("atm does not recognize: %s", cp);
- return 0;
diff --git a/package/network/services/ppp/patches/110-debian_defaultroute.patch b/package/network/services/ppp/patches/110-debian_defaultroute.patch
deleted file mode 100644
index 21b329e5d5..0000000000
--- a/package/network/services/ppp/patches/110-debian_defaultroute.patch
+++ /dev/null
@@ -1,314 +0,0 @@
-pppd: Add "replacedefaultroute" and "noreplacedefaultroute" options
-
-This patch implements two new options, "replacedefaultroute" to replace any
-existing system default route when specified and "noreplacedefaultroute" to
-disable the "replacedefaultroute" option, which is useful in multi user
-environments where the administrator wants to allow users to dial pppd
-connections but not allow them to change the system default route.
-
-The patch originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
---- a/pppd/ipcp.c
-+++ b/pppd/ipcp.c
-@@ -197,6 +197,14 @@ static option_t ipcp_option_list[] = {
- "disable defaultroute option", OPT_ALIAS | OPT_A2CLR,
- &ipcp_wantoptions[0].default_route },
-
-+ { "replacedefaultroute", o_bool,
-+ &ipcp_wantoptions[0].replace_default_route,
-+ "Replace default route", 1
-+ },
-+ { "noreplacedefaultroute", o_bool,
-+ &ipcp_allowoptions[0].replace_default_route,
-+ "Never replace default route", OPT_A2COPY,
-+ &ipcp_wantoptions[0].replace_default_route },
- { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
- "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
- { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
-@@ -270,7 +278,7 @@ struct protent ipcp_protent = {
- ip_active_pkt
- };
-
--static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t));
-+static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool));
- static void ipcp_script __P((char *, int)); /* Run an up/down script */
- static void ipcp_script_done __P((void *));
-
-@@ -1760,7 +1768,8 @@ ip_demand_conf(u)
- if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE))
- return 0;
- if (wo->default_route)
-- if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr))
-+ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr,
-+ wo->replace_default_route))
- default_route_set[u] = 1;
- if (wo->proxy_arp)
- if (sifproxyarp(u, wo->hisaddr))
-@@ -1848,7 +1857,8 @@ ipcp_up(f)
- */
- if (demand) {
- if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) {
-- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr);
-+ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr,
-+ wo->replace_default_route);
- if (go->ouraddr != wo->ouraddr) {
- warn("Local IP address changed to %I", go->ouraddr);
- script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0);
-@@ -1873,7 +1883,8 @@ ipcp_up(f)
-
- /* assign a default route through the interface if required */
- if (ipcp_wantoptions[f->unit].default_route)
-- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
-+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
-+ wo->replace_default_route))
- default_route_set[f->unit] = 1;
-
- /* Make a proxy ARP entry if requested. */
-@@ -1923,7 +1934,8 @@ ipcp_up(f)
-
- /* assign a default route through the interface if required */
- if (ipcp_wantoptions[f->unit].default_route)
-- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
-+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
-+ wo->replace_default_route))
- default_route_set[f->unit] = 1;
-
- /* Make a proxy ARP entry if requested. */
-@@ -2001,7 +2013,7 @@ ipcp_down(f)
- sifnpmode(f->unit, PPP_IP, NPMODE_DROP);
- sifdown(f->unit);
- ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr,
-- ipcp_hisoptions[f->unit].hisaddr);
-+ ipcp_hisoptions[f->unit].hisaddr, 0);
- }
-
- /* Execute the ip-down script */
-@@ -2017,16 +2029,25 @@ ipcp_down(f)
- * proxy arp entries, etc.
- */
- static void
--ipcp_clear_addrs(unit, ouraddr, hisaddr)
-+ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute)
- int unit;
- u_int32_t ouraddr; /* local address */
- u_int32_t hisaddr; /* remote address */
-+ bool replacedefaultroute;
- {
- if (proxy_arp_set[unit]) {
- cifproxyarp(unit, hisaddr);
- proxy_arp_set[unit] = 0;
- }
-- if (default_route_set[unit]) {
-+ /* If replacedefaultroute, sifdefaultroute will be called soon
-+ * with replacedefaultroute set and that will overwrite the current
-+ * default route. This is the case only when doing demand, otherwise
-+ * during demand, this cifdefaultroute would restore the old default
-+ * route which is not what we want in this case. In the non-demand
-+ * case, we'll delete the default route and restore the old if there
-+ * is one saved by an sifdefaultroute with replacedefaultroute.
-+ */
-+ if (!replacedefaultroute && default_route_set[unit]) {
- cifdefaultroute(unit, ouraddr, hisaddr);
- default_route_set[unit] = 0;
- }
---- a/pppd/ipcp.h
-+++ b/pppd/ipcp.h
-@@ -70,6 +70,7 @@ typedef struct ipcp_options {
- bool old_addrs; /* Use old (IP-Addresses) option? */
- bool req_addr; /* Ask peer to send IP address? */
- bool default_route; /* Assign default route through interface? */
-+ bool replace_default_route; /* Replace default route through interface? */
- bool proxy_arp; /* Make proxy ARP entry for peer? */
- bool neg_vj; /* Van Jacobson Compression? */
- bool old_vj; /* use old (short) form of VJ option? */
---- a/pppd/pppd.8
-+++ b/pppd/pppd.8
-@@ -133,6 +133,11 @@ the gateway, when IPv6CP negotiation is
- This entry is removed when the PPP connection is broken. This option
- is privileged if the \fInodefaultroute6\fR option has been specified.
- .TP
-+.B replacedefaultroute
-+This option is a flag to the defaultroute option. If defaultroute is
-+set and this flag is also set, pppd replaces an existing default route
-+with the new default route.
-+.TP
- .B disconnect \fIscript
- Execute the command specified by \fIscript\fR, by passing it to a
- shell, after
-@@ -756,7 +761,12 @@ disable both forms of hardware flow cont
- .TP
- .B nodefaultroute
- Disable the \fIdefaultroute\fR option. The system administrator who
--wishes to prevent users from creating default routes with pppd
-+wishes to prevent users from adding a default route with pppd
-+can do so by placing this option in the /etc/ppp/options file.
-+.TP
-+.B noreplacedefaultroute
-+Disable the \fIreplacedefaultroute\fR option. The system administrator who
-+wishes to prevent users from replacing a default route with pppd
- can do so by placing this option in the /etc/ppp/options file.
- .TP
- .B nodefaultroute6
---- a/pppd/pppd.h
-+++ b/pppd/pppd.h
-@@ -684,7 +684,7 @@ int sif6addr __P((int, eui64_t, eui64_t
- int cif6addr __P((int, eui64_t, eui64_t));
- /* Remove an IPv6 address from i/f */
- #endif
--int sifdefaultroute __P((int, u_int32_t, u_int32_t));
-+int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt));
- /* Create default route through i/f */
- int cifdefaultroute __P((int, u_int32_t, u_int32_t));
- /* Delete default route through i/f */
---- a/pppd/sys-linux.c
-+++ b/pppd/sys-linux.c
-@@ -209,6 +209,8 @@ static int if_is_up; /* Interface has be
- static int if6_is_up; /* Interface has been marked up for IPv6, to help differentiate */
- static int have_default_route; /* Gateway for default route added */
- static int have_default_route6; /* Gateway for default IPv6 route added */
-+static struct rtentry old_def_rt; /* Old default route */
-+static int default_rt_repl_rest; /* replace and restore old default rt */
- static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */
- static char proxy_arp_dev[16]; /* Device for proxy arp entry */
- static u_int32_t our_old_addr; /* for detecting address changes */
-@@ -1577,6 +1579,9 @@ static int read_route_table(struct rtent
- p = NULL;
- }
-
-+ SET_SA_FAMILY (rt->rt_dst, AF_INET);
-+ SET_SA_FAMILY (rt->rt_gateway, AF_INET);
-+
- SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16);
- SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16);
- SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16);
-@@ -1649,20 +1654,52 @@ int have_route_to(u_int32_t addr)
- /********************************************************************
- *
- * sifdefaultroute - assign a default route through the address given.
-- */
--
--int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway)
--{
-- struct rtentry rt;
--
-- if (defaultroute_exists(&rt, dfl_route_metric) && strcmp(rt.rt_dev, ifname) != 0) {
-- if (rt.rt_flags & RTF_GATEWAY)
-- error("not replacing existing default route via %I with metric %d",
-- SIN_ADDR(rt.rt_gateway), dfl_route_metric);
-- else
-+ *
-+ * If the global default_rt_repl_rest flag is set, then this function
-+ * already replaced the original system defaultroute with some other
-+ * route and it should just replace the current defaultroute with
-+ * another one, without saving the current route. Use: demand mode,
-+ * when pppd sets first a defaultroute it it's temporary ppp0 addresses
-+ * and then changes the temporary addresses to the addresses for the real
-+ * ppp connection when it has come up.
-+ */
-+
-+int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace)
-+{
-+ struct rtentry rt, tmp_rt;
-+ struct rtentry *del_rt = NULL;
-+
-+ if (default_rt_repl_rest) {
-+ /* We have already reclaced the original defaultroute, if we
-+ are called again, we will delete the current default route
-+ and set the new default route in this function.
-+ - this is normally only the case the doing demand: */
-+ if (defaultroute_exists(&tmp_rt, dfl_route_metric))
-+ del_rt = &tmp_rt;
-+ } else if (defaultroute_exists(&old_def_rt, dfl_route_metric) &&
-+ strcmp(old_def_rt.rt_dev, ifname) != 0) {
-+ /* We did not yet replace an existing default route, let's
-+ check if we should save and replace a default route: */
-+ if (old_def_rt.rt_flags & RTF_GATEWAY) {
-+ if (!replace) {
-+ error("not replacing existing default route via %I with metric %d",
-+ SIN_ADDR(old_def_rt.rt_gateway), dfl_route_metric);
-+ return 0;
-+ } else {
-+ /* we need to copy rt_dev because we need it permanent too: */
-+ char *tmp_dev = malloc(strlen(old_def_rt.rt_dev) + 1);
-+ strcpy(tmp_dev, old_def_rt.rt_dev);
-+ old_def_rt.rt_dev = tmp_dev;
-+
-+ notice("replacing old default route to %s [%I] with metric %d",
-+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway),
-+ dfl_route_metric);
-+ default_rt_repl_rest = 1;
-+ del_rt = &old_def_rt;
-+ }
-+ } else
- error("not replacing existing default route through %s with metric %d",
-- rt.rt_dev, dfl_route_metric);
-- return 0;
-+ old_def_rt.rt_dev, dfl_route_metric);
- }
-
- memset (&rt, 0, sizeof (rt));
-@@ -1678,10 +1715,16 @@ int sifdefaultroute (int unit, u_int32_t
-
- rt.rt_flags = RTF_UP;
- if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) {
-- if ( ! ok_error ( errno ))
-+ if (!ok_error(errno))
- error("default route ioctl(SIOCADDRT): %m");
- return 0;
- }
-+ if (default_rt_repl_rest && del_rt)
-+ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) {
-+ if (!ok_error(errno))
-+ error("del old default route ioctl(SIOCDELRT): %m");
-+ return 0;
-+ }
-
- have_default_route = 1;
- return 1;
-@@ -1715,11 +1758,21 @@ int cifdefaultroute (int unit, u_int32_t
- rt.rt_flags = RTF_UP;
- if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) {
- if (still_ppp()) {
-- if ( ! ok_error ( errno ))
-+ if (!ok_error(errno))
- error("default route ioctl(SIOCDELRT): %m");
- return 0;
- }
- }
-+ if (default_rt_repl_rest) {
-+ notice("restoring old default route to %s [%I]",
-+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway));
-+ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) {
-+ if (!ok_error(errno))
-+ error("restore default route ioctl(SIOCADDRT): %m");
-+ return 0;
-+ }
-+ default_rt_repl_rest = 0;
-+ }
-
- return 1;
- }
---- a/pppd/sys-solaris.c
-+++ b/pppd/sys-solaris.c
-@@ -2120,12 +2120,18 @@ cifaddr(u, o, h)
- * sifdefaultroute - assign a default route through the address given.
- */
- int
--sifdefaultroute(u, l, g)
-+sifdefaultroute(u, l, g, replace)
- int u;
- u_int32_t l, g;
-+ bool replace;
- {
- struct rtentry rt;
-
-+ if (replace) {
-+ error("replacedefaultroute not supported on this platform");
-+ return 0;
-+ }
-+
- #if defined(__USLC__)
- g = l; /* use the local address as gateway */
- #endif
diff --git a/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch b/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch
index a1110caecb..11e8d81f43 100644
--- a/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch
+++ b/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch
@@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/main.c
+++ b/pppd/main.c
-@@ -308,6 +308,8 @@ main(argc, argv)
+@@ -295,6 +295,8 @@ main(int argc, char *argv[])
strlcpy(path_ipup, _PATH_IPUP, sizeof(path_ipup));
strlcpy(path_ipdown, _PATH_IPDOWN, sizeof(path_ipdown));
@@ -23,16 +23,16 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
new_phase(PHASE_INITIALIZE);
--- a/pppd/options.c
+++ b/pppd/options.c
-@@ -119,6 +119,8 @@ int req_unit = -1; /* requested interfa
- char req_ifname[MAXIFNAMELEN]; /* requested interface name */
+@@ -118,6 +118,8 @@ int req_unit = -1; /* requested interfa
char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */
+ char req_ifname[MAXIFNAMELEN]; /* requested interface name */
+char path_ipv6up[MAXPATHLEN]; /* pathname of ipv6-up script */
+char path_ipv6down[MAXPATHLEN];/* pathname of ipv6-down script */
bool multilink = 0; /* Enable multilink operation */
char *bundle_name = NULL; /* bundle name for multilink */
bool dump_options; /* print out option values */
-@@ -325,6 +327,13 @@ option_t general_options[] = {
+@@ -324,6 +326,13 @@ option_t general_options[] = {
"Set pathname of ip-down script",
OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
@@ -48,7 +48,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
"Enable multilink operation", OPT_PRIO | 1 },
--- a/pppd/ipv6cp.c
+++ b/pppd/ipv6cp.c
-@@ -1300,7 +1300,7 @@ ipv6cp_up(f)
+@@ -1295,7 +1295,7 @@ ipv6cp_up(fsm *f)
*/
if (ipv6cp_script_state == s_down && ipv6cp_script_pid == 0) {
ipv6cp_script_state = s_up;
@@ -57,7 +57,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
}
-@@ -1352,7 +1352,7 @@ ipv6cp_down(f)
+@@ -1346,7 +1346,7 @@ ipv6cp_down(fsm *f)
/* Execute the ipv6-down script */
if (ipv6cp_script_state == s_up && ipv6cp_script_pid == 0) {
ipv6cp_script_state = s_down;
@@ -66,7 +66,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
}
-@@ -1395,13 +1395,13 @@ ipv6cp_script_done(arg)
+@@ -1384,13 +1384,13 @@ ipv6cp_script_done(void *arg)
case s_up:
if (ipv6cp_fsm[0].state != OPENED) {
ipv6cp_script_state = s_down;
@@ -84,10 +84,10 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
-@@ -337,6 +337,8 @@ extern int req_unit; /* interface unit n
- extern char req_ifname[MAXIFNAMELEN]; /* interface name to use */
+@@ -328,6 +328,8 @@ extern int req_unit; /* interface unit n
extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
+ extern char req_ifname[MAXIFNAMELEN]; /* interface name to use */
+extern char path_ipv6up[MAXPATHLEN]; /* pathname of ipv6-up script */
+extern char path_ipv6down[MAXPATHLEN]; /* pathname of ipv6-down script */
extern bool multilink; /* enable multilink operation */
diff --git a/package/network/services/ppp/patches/140-pppoe_compile_fix.patch b/package/network/services/ppp/patches/140-pppoe_compile_fix.patch
deleted file mode 100644
index 2253d4f3c1..0000000000
--- a/package/network/services/ppp/patches/140-pppoe_compile_fix.patch
+++ /dev/null
@@ -1,36 +0,0 @@
---- a/pppd/plugins/rp-pppoe/pppoe.h
-+++ b/pppd/plugins/rp-pppoe/pppoe.h
-@@ -48,11 +48,7 @@
- #include <netinet/in.h>
-
- /* Ugly header files on some Linux boxes... */
--#if defined(HAVE_LINUX_IF_H)
--#include <linux/if.h>
--#elif defined(HAVE_NET_IF_H)
- #include <net/if.h>
--#endif
-
- #ifdef HAVE_NET_IF_TYPES_H
- #include <net/if_types.h>
-@@ -80,20 +76,7 @@ typedef unsigned long UINT32_t;
- #error Could not find a 32-bit integer type
- #endif
-
--#ifdef HAVE_LINUX_IF_ETHER_H
--#include <linux/if_ether.h>
--#endif
--
--#ifdef HAVE_NETINET_IF_ETHER_H
--#include <sys/types.h>
--
--#ifdef HAVE_SYS_SOCKET_H
--#include <sys/socket.h>
--#endif
--#ifndef HAVE_SYS_DLPI_H
--#include <netinet/if_ether.h>
--#endif
--#endif
-+#include <net/ethernet.h>
-
-
- /* Ethernet frame types according to RFC 2516 */
diff --git a/package/network/services/ppp/patches/200-makefile.patch b/package/network/services/ppp/patches/200-makefile.patch
index 42351392dc..d0b9a9a99b 100644
--- a/package/network/services/ppp/patches/200-makefile.patch
+++ b/package/network/services/ppp/patches/200-makefile.patch
@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
-@@ -48,7 +48,7 @@ MPPE=y
+@@ -49,7 +49,7 @@ MPPE=y
# Uncomment the next line to include support for PPP packet filtering.
# This requires that the libpcap library and headers be installed
# and that the kernel driver support PPP packet filtering.
@@ -16,7 +16,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
# Uncomment the next line to enable multilink PPP (enabled by default)
# Linux distributions: Please leave multilink ENABLED in your builds
-@@ -58,7 +58,7 @@ HAVE_MULTILINK=y
+@@ -59,7 +59,7 @@ HAVE_MULTILINK=y
# Uncomment the next line to enable the TDB database (enabled by default.)
# If you enable multilink, then TDB is automatically enabled also.
# Linux distributions: Please leave TDB ENABLED in your builds.
@@ -25,21 +25,28 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
# Uncomment the next line to enable Type=notify services in systemd
# If enabled, and the user sets the up_sdnotify option, then
-@@ -85,7 +85,7 @@ MAXOCTETS=y
+@@ -85,13 +85,13 @@ USE_LIBUTIL=y
+ endif
+
+ # Enable EAP-TLS authentication (requires MPPE support, libssl and libcrypto)
+-USE_EAPTLS=y
++#USE_EAPTLS=y
+
+ MAXOCTETS=y
INCLUDE_DIRS= -I../include
--COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP
-+COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP
+-COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe
++COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP -pipe
CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
-@@ -126,10 +126,10 @@ CFLAGS += -DHAS_SHADOW
+@@ -143,10 +143,10 @@ CFLAGS += -DHAS_SHADOW
#LIBS += -lshadow $(LIBS)
endif
--ifneq ($(wildcard $(shell $(CC) --print-sysroot)/usr/include/crypt.h),)
-+#ifneq ($(wildcard $(shell $(CC) --print-sysroot)/usr/include/crypt.h),)
+-ifeq ($(shell echo '\#include <crypt.h>' | $(CC) -E - >/dev/null 2>&1 && echo yes),yes)
++#ifeq ($(shell echo '\#include <crypt.h>' | $(CC) -E - >/dev/null 2>&1 && echo yes),yes)
CFLAGS += -DHAVE_CRYPT_H=1
LIBS += -lcrypt
-endif
diff --git a/package/network/services/ppp/patches/201-mppe_mppc_1.1.patch b/package/network/services/ppp/patches/201-mppe_mppc_1.1.patch
index 9345c10400..3c30517e42 100644
--- a/package/network/services/ppp/patches/201-mppe_mppc_1.1.patch
+++ b/package/network/services/ppp/patches/201-mppe_mppc_1.1.patch
@@ -88,7 +88,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
*/
--- a/pppd/ccp.c
+++ b/pppd/ccp.c
-@@ -61,12 +61,10 @@ static int setdeflate __P((char **));
+@@ -61,12 +61,10 @@ static int setdeflate (char **);
static char bsd_value[8];
static char deflate_value[8];
@@ -197,7 +197,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
/*
* Local state (mainly for handling reset-reqs and reset-acks).
-@@ -343,6 +323,100 @@ setdeflate(argv)
+@@ -341,6 +321,100 @@ setdeflate(char **argv)
return 1;
}
@@ -298,7 +298,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
/*
* ccp_init - initialize CCP.
*/
-@@ -377,6 +451,30 @@ ccp_init(unit)
+@@ -374,6 +448,30 @@ ccp_init(int unit)
ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS;
ccp_allowoptions[0].predictor_1 = 1;
@@ -329,7 +329,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
/*
-@@ -454,11 +552,11 @@ ccp_input(unit, p, len)
+@@ -443,11 +541,11 @@ ccp_input(int unit, u_char *p, int len)
if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) {
notice("Compression disabled by peer.");
#ifdef MPPE
@@ -343,7 +343,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
/*
-@@ -486,6 +584,15 @@ ccp_extcode(f, code, id, p, len)
+@@ -471,6 +569,15 @@ ccp_extcode(fsm *f, int code, int id, u_
break;
/* send a reset-ack, which the transmitter will see and
reset its compression state. */
@@ -359,7 +359,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
fsm_sdata(f, CCP_RESETACK, id, NULL, 0);
break;
-@@ -514,12 +621,11 @@ ccp_protrej(unit)
+@@ -498,12 +605,11 @@ ccp_protrej(int unit)
fsm_lowerdown(&ccp_fsm[unit]);
#ifdef MPPE
@@ -374,7 +374,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
/*
-@@ -536,7 +642,7 @@ ccp_resetci(f)
+@@ -519,7 +625,7 @@ ccp_resetci(fsm *f)
all_rejected[f->unit] = 0;
#ifdef MPPE
@@ -382,11 +382,27 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+ if (go->mppe || go->mppc) {
ccp_options *ao = &ccp_allowoptions[f->unit];
int auth_mschap_bits = auth_done[f->unit];
- int numbits;
-@@ -550,80 +656,109 @@ ccp_resetci(f)
+ #ifdef USE_EAPTLS
+@@ -536,95 +642,124 @@ ccp_resetci(fsm *f)
* NB: If MPPE is required, all other compression opts are invalid.
* So, we return right away if we can't do it.
*/
+-
+- /* Leave only the mschap auth bits set */
+- auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER |
+- CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
+- /* Count the mschap auths */
+- auth_mschap_bits >>= CHAP_MS_SHIFT;
+- numbits = 0;
+- do {
+- numbits += auth_mschap_bits & 1;
+- auth_mschap_bits >>= 1;
+- } while (auth_mschap_bits);
+- if (numbits > 1) {
+- error("MPPE required, but auth done in both directions.");
+- lcp_close(f->unit, "MPPE required but not available");
+- return;
+- }
+ if (ccp_wantoptions[f->unit].mppe) {
+ /* Leave only the mschap auth bits set */
+ auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER |
@@ -403,33 +419,42 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+ lcp_close(f->unit, "MPPE required but not available");
+ return;
+ }
-+ if (!numbits) {
-+ error("MPPE required, but MS-CHAP[v2] auth not performed.");
-+ lcp_close(f->unit, "MPPE required but not available");
-+ return;
-+ }
-- /* Leave only the mschap auth bits set */
-- auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER |
-- CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
-- /* Count the mschap auths */
-- auth_mschap_bits >>= CHAP_MS_SHIFT;
-- numbits = 0;
-- do {
-- numbits += auth_mschap_bits & 1;
-- auth_mschap_bits >>= 1;
-- } while (auth_mschap_bits);
-- if (numbits > 1) {
-- error("MPPE required, but auth done in both directions.");
-- lcp_close(f->unit, "MPPE required but not available");
-- return;
-- }
+ #ifdef USE_EAPTLS
+- /*
+- * MPPE is also possible in combination with EAP-TLS.
+- * It is not possible to detect if we're doing EAP or EAP-TLS
+- * at this stage, hence we accept all forms of EAP. If TLS is
+- * not used then the MPPE keys will not be derived anyway.
+- */
+- /* Leave only the eap auth bits set */
+- auth_eap_bits &= (EAP_WITHPEER | EAP_PEER );
++ /*
++ * MPPE is also possible in combination with EAP-TLS.
++ * It is not possible to detect if we're doing EAP or EAP-TLS
++ * at this stage, hence we accept all forms of EAP. If TLS is
++ * not used then the MPPE keys will not be derived anyway.
++ */
++ /* Leave only the eap auth bits set */
++ auth_eap_bits &= (EAP_WITHPEER | EAP_PEER );
+
+- if ((numbits == 0) && (auth_eap_bits == 0)) {
+- error("MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.");
++ if ((numbits == 0) && (auth_eap_bits == 0)) {
++ error("MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.");
+ #else
- if (!numbits) {
- error("MPPE required, but MS-CHAP[v2] auth not performed.");
++ if (!numbits) {
++ error("MPPE required, but MS-CHAP[v2] auth not performed.");
+ #endif
- lcp_close(f->unit, "MPPE required but not available");
- return;
- }
--
++ lcp_close(f->unit, "MPPE required but not available");
++ return;
++ }
+
- /* A plugin (eg radius) may not have obtained key material. */
- if (!mppe_keys_set) {
- error("MPPE required, but keys are not available. "
@@ -559,7 +584,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
if (go->bsd_compress) {
opt_buf[0] = CI_BSD_COMPRESS;
opt_buf[1] = CILEN_BSD_COMPRESS;
-@@ -679,7 +814,8 @@ ccp_cilen(f)
+@@ -679,7 +814,8 @@ static int
+ (go->deflate && go->deflate_draft? CILEN_DEFLATE: 0)
+ (go->predictor_1? CILEN_PREDICTOR_1: 0)
+ (go->predictor_2? CILEN_PREDICTOR_2: 0)
@@ -569,7 +594,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
/*
-@@ -693,6 +829,8 @@ ccp_addci(f, p, lenp)
+@@ -690,6 +826,8 @@ static void
{
int res;
ccp_options *go = &ccp_gotoptions[f->unit];
@@ -578,7 +603,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
u_char *p0 = p;
/*
-@@ -701,22 +839,43 @@ ccp_addci(f, p, lenp)
+@@ -698,22 +836,43 @@ static void
* in case it gets Acked.
*/
#ifdef MPPE
@@ -631,7 +656,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
if (go->deflate) {
p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT;
p[1] = CILEN_DEFLATE;
-@@ -802,7 +961,7 @@ ccp_addci(f, p, lenp)
+@@ -799,30 +958,50 @@ static void
/*
* ccp_ackci - process a received configure-ack, and return
@@ -639,9 +664,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+ * 1 if the packet was OK.
*/
static int
- ccp_ackci(f, p, len)
-@@ -811,24 +970,44 @@ ccp_ackci(f, p, len)
- int len;
+ ccp_ackci(fsm *f, u_char *p, int len)
{
ccp_options *go = &ccp_gotoptions[f->unit];
+ ccp_options *ao = &ccp_allowoptions[f->unit];
@@ -694,8 +717,8 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
if (go->deflate) {
if (len < CILEN_DEFLATE
|| p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
-@@ -901,6 +1080,8 @@ ccp_nakci(f, p, len, treat_as_reject)
- int treat_as_reject;
+@@ -891,6 +1070,8 @@ static int
+ ccp_nakci(fsm *f, u_char *p, int len, int treat_as_reject)
{
ccp_options *go = &ccp_gotoptions[f->unit];
+ ccp_options *ao = &ccp_allowoptions[f->unit];
@@ -703,7 +726,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
ccp_options no; /* options we've seen already */
ccp_options try; /* options to ask for next time */
-@@ -908,28 +1089,100 @@ ccp_nakci(f, p, len, treat_as_reject)
+@@ -898,28 +1079,100 @@ static int
try = *go;
#ifdef MPPE
@@ -822,7 +845,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
if (go->deflate && len >= CILEN_DEFLATE
&& p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
&& p[1] == CILEN_DEFLATE) {
-@@ -1002,14 +1255,50 @@ ccp_rejci(f, p, len)
+@@ -989,14 +1242,50 @@ ccp_rejci(fsm *f, u_char *p, int len)
return -1;
#ifdef MPPE
@@ -877,8 +900,8 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
if (go->deflate_correct && len >= CILEN_DEFLATE
&& p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) {
if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
-@@ -1073,14 +1362,15 @@ ccp_reqci(f, p, lenp, dont_nak)
- int dont_nak;
+@@ -1056,14 +1345,15 @@ static int
+ ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak)
{
int ret, newret, res;
- u_char *p0, *retp;
@@ -897,7 +920,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
ret = CONFACK;
retp = p0 = p;
-@@ -1103,106 +1393,302 @@ ccp_reqci(f, p, lenp, dont_nak)
+@@ -1086,106 +1376,302 @@ ccp_reqci(fsm *f, u_char *p, int *lenp,
switch (type) {
#ifdef MPPE
case CI_MPPE:
@@ -910,10 +933,6 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
- /* Nak if anything unsupported or unknown are set. */
- if (ho->mppe & MPPE_OPT_UNSUPPORTED) {
-- newret = CONFNAK;
-- ho->mppe &= ~MPPE_OPT_UNSUPPORTED;
-- }
-- if (ho->mppe & MPPE_OPT_UNKNOWN) {
+ p2 = p[2];
+ p5 = p[5];
+ /* not sure what they want, tell 'em what we got */
@@ -922,6 +941,10 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+ MPPE_MPPC)) != 0 || p[5] == 0) ||
+ (p[2] == 0 && p[3] == 0 && p[4] == 0 && p[5] == 0)) {
newret = CONFNAK;
+- ho->mppe &= ~MPPE_OPT_UNSUPPORTED;
+- }
+- if (ho->mppe & MPPE_OPT_UNKNOWN) {
+- newret = CONFNAK;
- ho->mppe &= ~MPPE_OPT_UNKNOWN;
- }
-
@@ -1293,7 +1316,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
case CI_DEFLATE:
case CI_DEFLATE_DRAFT:
if (!ao->deflate || clen != CILEN_DEFLATE
-@@ -1344,12 +1830,6 @@ ccp_reqci(f, p, lenp, dont_nak)
+@@ -1327,12 +1813,6 @@ ccp_reqci(fsm *f, u_char *p, int *lenp,
else
*lenp = retp - p0;
}
@@ -1306,7 +1329,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
return ret;
}
-@@ -1371,24 +1851,35 @@ method_name(opt, opt2)
+@@ -1353,24 +1833,35 @@ method_name(ccp_options *opt, ccp_option
char *p = result;
char *q = result + sizeof(result); /* 1 past result */
@@ -1358,7 +1381,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
case CI_DEFLATE:
case CI_DEFLATE_DRAFT:
if (opt2 != NULL && opt2->deflate_size != opt->deflate_size)
-@@ -1444,12 +1935,12 @@ ccp_up(f)
+@@ -1425,12 +1916,12 @@ ccp_up(fsm *f)
} else if (ANY_COMPRESS(*ho))
notice("%s transmit compression enabled", method_name(ho, NULL));
#ifdef MPPE
@@ -1373,7 +1396,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
/*
-@@ -1472,7 +1963,7 @@ ccp_down(f)
+@@ -1452,7 +1943,7 @@ ccp_down(fsm *f)
lcp_close(f->unit, "MPPE disabled");
}
}
@@ -1382,7 +1405,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
}
/*
-@@ -1532,24 +2023,28 @@ ccp_printpkt(p, plen, printer, arg)
+@@ -1509,24 +2000,28 @@ ccp_printpkt(u_char *p, int plen,
#ifdef MPPE
case CI_MPPE:
if (optlen >= CILEN_MPPE) {
@@ -1423,7 +1446,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
case CI_DEFLATE:
case CI_DEFLATE_DRAFT:
if (optlen >= CILEN_DEFLATE) {
-@@ -1635,6 +2130,7 @@ ccp_datainput(unit, pkt, len)
+@@ -1609,6 +2104,7 @@ ccp_datainput(int unit, u_char *pkt, int
error("Lost compression sync: disabling compression");
ccp_close(unit, "Lost compression sync");
#ifdef MPPE
@@ -1431,7 +1454,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
/*
* If we were doing MPPE, we must also take the link down.
*/
-@@ -1642,9 +2138,18 @@ ccp_datainput(unit, pkt, len)
+@@ -1616,9 +2112,18 @@ ccp_datainput(int unit, u_char *pkt, int
error("Too many MPPE errors, closing LCP");
lcp_close(unit, "Too many MPPE errors");
}
diff --git a/package/network/services/ppp/patches/202-no_strip.patch b/package/network/services/ppp/patches/202-no_strip.patch
deleted file mode 100644
index 0af7b2b2ab..0000000000
--- a/package/network/services/ppp/patches/202-no_strip.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-build: Do not strip binaries on install
-
-Strippign executables should be handled by the distro packaging, not by ppp
-itself. This patch removes the "-s" (strip) switch from all "install" commands
-in order to install unstripped binaries into the destination prefix.
-
-Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
---- a/chat/Makefile.linux
-+++ b/chat/Makefile.linux
-@@ -25,7 +25,7 @@ chat.o: chat.c
-
- install: chat
- mkdir -p $(BINDIR) $(MANDIR)
-- $(INSTALL) -s -c chat $(BINDIR)
-+ $(INSTALL) -c chat $(BINDIR)
- $(INSTALL) -c -m 644 chat.8 $(MANDIR)
-
- clean:
---- a/pppd/Makefile.linux
-+++ b/pppd/Makefile.linux
-@@ -108,7 +108,7 @@ ifdef USE_SRP
- CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
- LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
- TARGETS += srp-entry
--EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
-+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
- MANPAGES += srp-entry.8
- EXTRACLEAN += srp-entry.o
- NEEDDES=y
-@@ -220,7 +220,7 @@ all: $(TARGETS)
- install: pppd
- mkdir -p $(BINDIR) $(MANDIR)
- $(EXTRAINSTALL)
-- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
-+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
- if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
- chmod o-rx,u+s $(BINDIR)/pppd; fi
- $(INSTALL) -c -m 444 pppd.8 $(MANDIR)
---- a/pppd/plugins/radius/Makefile.linux
-+++ b/pppd/plugins/radius/Makefile.linux
-@@ -36,9 +36,9 @@ all: $(PLUGIN)
-
- install: all
- $(INSTALL) -d -m 755 $(LIBDIR)
-- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
-- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
-- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
-+ $(INSTALL) -c -m 755 radius.so $(LIBDIR)
-+ $(INSTALL) -c -m 755 radattr.so $(LIBDIR)
-+ $(INSTALL) -c -m 755 radrealms.so $(LIBDIR)
- $(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)
- $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
-
---- a/pppd/plugins/rp-pppoe/Makefile.linux
-+++ b/pppd/plugins/rp-pppoe/Makefile.linux
-@@ -43,9 +43,9 @@ rp-pppoe.so: plugin.o discovery.o if.o c
-
- install: all
- $(INSTALL) -d -m 755 $(LIBDIR)
-- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR)
-+ $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
- $(INSTALL) -d -m 755 $(BINDIR)
-- $(INSTALL) -s -c -m 555 pppoe-discovery $(BINDIR)
-+ $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
-
- clean:
- rm -f *.o *.so pppoe-discovery
---- a/pppdump/Makefile.linux
-+++ b/pppdump/Makefile.linux
-@@ -17,5 +17,5 @@ clean:
-
- install:
- mkdir -p $(BINDIR) $(MANDIR)
-- $(INSTALL) -s -c pppdump $(BINDIR)
-+ $(INSTALL) -c pppdump $(BINDIR)
- $(INSTALL) -c -m 444 pppdump.8 $(MANDIR)
---- a/pppstats/Makefile.linux
-+++ b/pppstats/Makefile.linux
-@@ -22,7 +22,7 @@ all: pppstats
-
- install: pppstats
- -mkdir -p $(MANDIR)
-- $(INSTALL) -s -c pppstats $(BINDIR)
-+ $(INSTALL) -c pppstats $(BINDIR)
- $(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
-
- pppstats: $(PPPSTATSRCS)
diff --git a/package/network/services/ppp/patches/203-opt_flags.patch b/package/network/services/ppp/patches/203-opt_flags.patch
index 8dfacf3834..705959e7ba 100644
--- a/package/network/services/ppp/patches/203-opt_flags.patch
+++ b/package/network/services/ppp/patches/203-opt_flags.patch
@@ -8,17 +8,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
-@@ -12,7 +12,8 @@ VERSION = $(shell awk -F '"' '/VERSION/
- INSTALL = install
-
- PLUGIN=radius.so radattr.so radrealms.so
--CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
-+COPTS = -O2
-+CFLAGS=-I. -I../.. -I../../../include $(COPTS) -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
-
- # Uncomment the next line to include support for Microsoft's
- # MS-CHAP authentication protocol.
-@@ -43,13 +44,13 @@ install: all
+@@ -47,13 +47,13 @@ install: all
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
radius.so: radius.o libradiusclient.a
@@ -35,26 +25,14 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
CLIENTOBJS = avpair.o buildreq.o config.o dict.o ip_util.o \
clientid.o sendserver.o lock.o util.o md5.o
---- a/pppdump/Makefile.linux
-+++ b/pppdump/Makefile.linux
-@@ -2,7 +2,8 @@ DESTDIR = $(INSTROOT)@DESTDIR@
- BINDIR = $(DESTDIR)/sbin
- MANDIR = $(DESTDIR)/share/man/man8
-
--CFLAGS= -O -I../include/net
-+COPTS = -O
-+CFLAGS= $(COPTS) -I../include/net
- OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
-
- INSTALL= install
---- a/pppd/plugins/rp-pppoe/Makefile.linux
-+++ b/pppd/plugins/rp-pppoe/Makefile.linux
-@@ -39,7 +39,7 @@ debug.o: debug.c
+--- a/pppd/plugins/pppoe/Makefile.linux
++++ b/pppd/plugins/pppoe/Makefile.linux
+@@ -38,7 +38,7 @@ debug.o: debug.c
$(CC) $(CFLAGS) -I../../.. -c -o debug.o debug.c
- rp-pppoe.so: plugin.o discovery.o if.o common.o
-- $(CC) $(LDFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
-+ $(CC) $(LDFLAGS) -fPIC -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
+ pppoe.so: plugin.o discovery.o if.o common.o
+- $(CC) $(LDFLAGS) -o pppoe.so -shared plugin.o discovery.o if.o common.o
++ $(CC) $(LDFLAGS) -fPIC -o pppoe.so -shared plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
diff --git a/package/network/services/ppp/patches/205-no_exponential_timeout.patch b/package/network/services/ppp/patches/205-no_exponential_timeout.patch
index 7f752e3137..b08c2eff89 100644
--- a/package/network/services/ppp/patches/205-no_exponential_timeout.patch
+++ b/package/network/services/ppp/patches/205-no_exponential_timeout.patch
@@ -5,8 +5,8 @@ discovery attempts.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---- a/pppd/plugins/rp-pppoe/discovery.c
-+++ b/pppd/plugins/rp-pppoe/discovery.c
+--- a/pppd/plugins/pppoe/discovery.c
++++ b/pppd/plugins/pppoe/discovery.c
@@ -632,7 +632,9 @@ discovery(PPPoEConnection *conn)
conn->discoveryState = STATE_SENT_PADI;
waitForPADO(conn, timeout);
diff --git a/package/network/services/ppp/patches/207-lcp_mtu_max.patch b/package/network/services/ppp/patches/207-lcp_mtu_max.patch
index 7aa8d4e129..522576c627 100644
--- a/package/network/services/ppp/patches/207-lcp_mtu_max.patch
+++ b/package/network/services/ppp/patches/207-lcp_mtu_max.patch
@@ -8,7 +8,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/lcp.c
+++ b/pppd/lcp.c
-@@ -1916,12 +1916,12 @@ lcp_up(f)
+@@ -1862,12 +1862,12 @@ lcp_up(fsm *f)
* the interface MTU is set to the lowest of that, the
* MTU we want to use, and our link MRU.
*/
diff --git a/package/network/services/ppp/patches/208-fix_status_code.patch b/package/network/services/ppp/patches/208-fix_status_code.patch
index f1a12006a5..54e6c45e14 100644
--- a/package/network/services/ppp/patches/208-fix_status_code.patch
+++ b/package/network/services/ppp/patches/208-fix_status_code.patch
@@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/main.c
+++ b/pppd/main.c
-@@ -1052,7 +1052,8 @@ get_input()
+@@ -1034,7 +1034,8 @@ get_input(void)
}
notice("Modem hangup");
hungup = 1;
diff --git a/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch b/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch
index 40866132e8..87e340b3f1 100644
--- a/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch
+++ b/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch
@@ -7,14 +7,14 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
-@@ -190,8 +190,8 @@ endif
+@@ -210,8 +210,8 @@ LIBS += -ldl
+ endif
ifdef FILTER
- ifneq ($(wildcard /usr/include/pcap-bpf.h),)
-LIBS += -lpcap
-CFLAGS += -DPPP_FILTER
+LIBS += -lpcap -L$(STAGING_DIR)/usr/lib
+CFLAGS += -DPPP_FILTER -I$(STAGING_DIR)/usr/include
endif
- endif
+ ifdef HAVE_INET6
diff --git a/package/network/services/ppp/patches/310-precompile_filter.patch b/package/network/services/ppp/patches/310-precompile_filter.patch
index ec61104423..ca91d153e9 100644
--- a/package/network/services/ppp/patches/310-precompile_filter.patch
+++ b/package/network/services/ppp/patches/310-precompile_filter.patch
@@ -13,7 +13,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
-@@ -50,6 +50,9 @@ MPPE=y
+@@ -51,6 +51,9 @@ MPPE=y
# and that the kernel driver support PPP packet filtering.
#FILTER=y
@@ -23,8 +23,8 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
# Uncomment the next line to enable multilink PPP (enabled by default)
# Linux distributions: Please leave multilink ENABLED in your builds
# of pppd!
-@@ -195,6 +198,14 @@ CFLAGS += -DPPP_FILTER -I$(STAGING_DIR)
- endif
+@@ -214,6 +217,14 @@ LIBS += -lpcap -L$(STAGING_DIR)/usr/l
+ CFLAGS += -DPPP_FILTER -I$(STAGING_DIR)/usr/include
endif
+ifdef PRECOMPILED_FILTER
@@ -40,7 +40,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
HEADERS += ipv6cp.h eui64.h
--- a/pppd/options.c
+++ b/pppd/options.c
-@@ -57,6 +57,7 @@
+@@ -56,6 +56,7 @@
#ifdef PPP_FILTER
#include <pcap.h>
@@ -48,21 +48,21 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
/*
* There have been 3 or 4 different names for this in libpcap CVS, but
* this seems to be what they have settled on...
-@@ -169,6 +170,13 @@ static int setlogfile __P((char **));
- static int loadplugin __P((char **));
+@@ -168,6 +169,13 @@ static int setlogfile(char **);
+ static int loadplugin(char **);
#endif
+#ifdef PPP_PRECOMPILED_FILTER
+#include "pcap_pcc.h"
-+static int setprecompiledpassfilter __P((char **));
-+static int setprecompiledactivefilter __P((char **));
++static int setprecompiledpassfilter(char **);
++static int setprecompiledactivefilter(char **);
+#undef PPP_FILTER
+#endif
+
#ifdef PPP_FILTER
- static int setpassfilter __P((char **));
- static int setactivefilter __P((char **));
-@@ -361,6 +369,14 @@ option_t general_options[] = {
+ static int setpassfilter(char **);
+ static int setactivefilter(char **);
+@@ -360,6 +368,14 @@ option_t general_options[] = {
"set filter for active pkts", OPT_PRIO },
#endif
@@ -77,7 +77,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
#ifdef MAXOCTETS
{ "maxoctets", o_int, &maxoctets,
"Set connection traffic limit",
-@@ -1516,6 +1532,29 @@ callfile(argv)
+@@ -1468,6 +1484,27 @@ callfile(char **argv)
return ok;
}
@@ -87,8 +87,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+ * precompiled expression
+ */
+static int
-+setprecompiledpassfilter(argv)
-+ char **argv;
++setprecompiledpassfilter(char **argv)
+{
+ return pcap_pre_compiled (*argv, &pass_filter);
+}
@@ -97,8 +96,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+ * setactivefilter - Set the active filter for packets
+ */
+static int
-+setprecompiledactivefilter(argv)
-+ char **argv;
++setprecompiledactivefilter(char **argv)
+{
+ return pcap_pre_compiled (*argv, &active_filter);
+}
diff --git a/package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch b/package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch
index 75c803650f..0c4d7ea9d6 100644
--- a/package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch
+++ b/package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch
@@ -16,17 +16,17 @@ Signed-off-by: George Kashperko <george@znau.edu.ua>
#include "pppd.h"
#include "fsm.h"
-@@ -56,7 +57,8 @@ static void iterate_bundle_links __P((vo
+@@ -56,7 +57,8 @@ static void iterate_bundle_links(void (*
- static int get_default_epdisc __P((struct epdisc *));
- static int parse_num __P((char *str, const char *key, int *valp));
--static int owns_unit __P((TDB_DATA pid, int unit));
-+static int parse_str __P((char *str, const char *key, char *buf, int buflen));
-+static int owns_link __P((TDB_DATA pid, char *ifname));
+ static int get_default_epdisc(struct epdisc *);
+ static int parse_num(char *str, const char *key, int *valp);
+-static int owns_unit(TDB_DATA pid, int unit);
++static int parse_str(char *str, const char *key, char *buf, int buflen);
++static int owns_link(TDB_DATA pid, char *ifname);
#define set_ip_epdisc(ep, addr) do { \
ep->length = 4; \
-@@ -197,35 +199,38 @@ mp_join_bundle()
+@@ -197,35 +199,38 @@ mp_join_bundle(void)
key.dptr = bundle_id;
key.dsize = p - bundle_id;
pid = tdb_fetch(pppdb, key);
@@ -73,16 +73,12 @@ Signed-off-by: George Kashperko <george@znau.edu.ua>
}
/* we have to make a new bundle */
-@@ -408,22 +413,45 @@ parse_num(str, key, valp)
+@@ -405,20 +410,39 @@ parse_num(char *str, const char *key, in
return 0;
}
+static int
-+parse_str(str, key, buf, buflen)
-+ char *str;
-+ const char *key;
-+ char *buf;
-+ int buflen;
++parse_str(char *str, const char *key, char *buf, int buflen)
+{
+ char *p, *endp;
+ int i;
@@ -103,11 +99,8 @@ Signed-off-by: George Kashperko <george@znau.edu.ua>
+ * Check whether the pppd identified by `key' still owns ppp link `ifname'.
*/
static int
--owns_unit(key, unit)
-+owns_link(key, ifname)
- TDB_DATA key;
-- int unit;
-+ char *ifname;
+-owns_unit(TDB_DATA key, int unit)
++owns_link(TDB_DATA key, char *ifname)
{
- char ifkey[32];
+ char ifkey[7 + IFNAMSIZ];
@@ -126,7 +119,7 @@ Signed-off-by: George Kashperko <george@znau.edu.ua>
&& memcmp(vd.dptr, key.dptr, vd.dsize) == 0;
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
-@@ -700,6 +700,16 @@ void cfg_bundle(int mrru, int mtru, int
+@@ -706,6 +706,16 @@ void cfg_bundle(int mrru, int mtru, int
add_fd(ppp_dev_fd);
}
@@ -143,7 +136,7 @@ Signed-off-by: George Kashperko <george@znau.edu.ua>
/*
* make_new_bundle - create a new PPP unit (i.e. a bundle)
* and connect our channel to it. This should only get called
-@@ -718,6 +728,8 @@ void make_new_bundle(int mrru, int mtru,
+@@ -724,6 +734,8 @@ void make_new_bundle(int mrru, int mtru,
/* set the mrru and flags */
cfg_bundle(mrru, mtru, rssn, tssn);
diff --git a/package/network/services/ppp/patches/330-retain_foreign_default_routes.patch b/package/network/services/ppp/patches/330-retain_foreign_default_routes.patch
index 6c0849cc6c..6ccc4507b2 100644
--- a/package/network/services/ppp/patches/330-retain_foreign_default_routes.patch
+++ b/package/network/services/ppp/patches/330-retain_foreign_default_routes.patch
@@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
-@@ -1767,6 +1767,7 @@ int cifdefaultroute (int unit, u_int32_t
+@@ -1770,6 +1770,7 @@ int cifdefaultroute (int unit, u_int32_t
SIN_ADDR(rt.rt_genmask) = 0L;
}
diff --git a/package/network/services/ppp/patches/340-populate_default_gateway.patch b/package/network/services/ppp/patches/340-populate_default_gateway.patch
index ae385dfc9b..0f965c705d 100644
--- a/package/network/services/ppp/patches/340-populate_default_gateway.patch
+++ b/package/network/services/ppp/patches/340-populate_default_gateway.patch
@@ -13,7 +13,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
-@@ -1717,6 +1717,9 @@ int sifdefaultroute (int unit, u_int32_t
+@@ -1720,6 +1720,9 @@ int sifdefaultroute (int unit, u_int32_t
memset (&rt, 0, sizeof (rt));
SET_SA_FAMILY (rt.rt_dst, AF_INET);
@@ -23,12 +23,12 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
rt.rt_dev = ifname;
rt.rt_metric = dfl_route_metric + 1; /* +1 for binary compatibility */
-@@ -1725,7 +1728,7 @@ int sifdefaultroute (int unit, u_int32_t
+@@ -1728,7 +1731,7 @@ int sifdefaultroute (int unit, u_int32_t
SIN_ADDR(rt.rt_genmask) = 0L;
}
- rt.rt_flags = RTF_UP;
+ rt.rt_flags = RTF_UP | RTF_GATEWAY;
if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) {
- if (!ok_error(errno))
+ if ( ! ok_error ( errno ))
error("default route ioctl(SIOCADDRT): %m");
diff --git a/package/network/services/ppp/patches/400-simplify_kernel_checks.patch b/package/network/services/ppp/patches/400-simplify_kernel_checks.patch
index 0754f8f4d6..3c72048362 100644
--- a/package/network/services/ppp/patches/400-simplify_kernel_checks.patch
+++ b/package/network/services/ppp/patches/400-simplify_kernel_checks.patch
@@ -10,7 +10,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
-@@ -200,7 +200,7 @@ static int driver_is_old = 0;
+@@ -206,7 +206,7 @@ static int driver_is_old = 0;
static int restore_term = 0; /* 1 => we've munged the terminal */
static struct termios inittermios; /* Initial TTY termios */
@@ -19,7 +19,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
static char loop_name[20];
static unsigned char inbuf[512]; /* buffer for chars read from loopback */
-@@ -219,8 +219,8 @@ static int looped; /* 1 if using loop
+@@ -225,8 +225,8 @@ static int looped; /* 1 if using loop
static int link_mtu; /* mtu for the link (not bundle) */
static struct utsname utsname; /* for the kernel version */
@@ -29,7 +29,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
#define MAX_IFS 100
-@@ -1453,11 +1453,12 @@ int ccp_fatal_error (int unit)
+@@ -1455,11 +1455,12 @@ int ccp_fatal_error (int unit)
*
* path_to_procfs - find the path to the proc file system mount point
*/
@@ -44,7 +44,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
struct mntent *mntent;
FILE *fp;
-@@ -1479,6 +1480,7 @@ static char *path_to_procfs(const char *
+@@ -1481,6 +1482,7 @@ static char *path_to_procfs(const char *
fclose (fp);
}
}
@@ -52,7 +52,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
strlcpy(proc_path + proc_path_len, tail,
sizeof(proc_path) - proc_path_len);
-@@ -2332,15 +2334,19 @@ int ppp_available(void)
+@@ -2365,15 +2367,19 @@ int ppp_available(void)
int my_version, my_modification, my_patch;
int osmaj, osmin, ospatch;
@@ -72,7 +72,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
/* XXX should get from driver */
driver_version = 2;
-@@ -2400,6 +2406,7 @@ int ppp_available(void)
+@@ -2433,6 +2439,7 @@ int ppp_available(void)
if (ok && ((ifr.ifr_hwaddr.sa_family & ~0xFF) != ARPHRD_PPP))
ok = 0;
@@ -80,7 +80,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
/*
* This is the PPP device. Validate the version of the driver at this
-@@ -2936,6 +2943,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
+@@ -3106,6 +3113,7 @@ get_pty(int *master_fdp, int *slave_fdp,
}
#endif /* TIOCGPTN */
@@ -88,7 +88,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
if (sfd < 0) {
/* the old way - scan through the pty name space */
for (i = 0; i < 64; ++i) {
-@@ -2954,6 +2962,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
+@@ -3124,6 +3132,7 @@ get_pty(int *master_fdp, int *slave_fdp,
}
}
}
@@ -98,11 +98,11 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
return 0;
--- a/pppd/plugins/pppoatm/pppoatm.c
+++ b/pppd/plugins/pppoatm/pppoatm.c
-@@ -168,14 +168,6 @@ static void disconnect_pppoatm(void)
+@@ -171,14 +171,6 @@ static void disconnect_pppoatm(void)
void plugin_init(void)
{
--#if defined(__linux__)
+-#ifdef linux
- extern int new_style_driver; /* From sys-linux.c */
- if (!ppp_available() && !new_style_driver)
- fatal("Kernel doesn't support ppp_generic - "
@@ -110,12 +110,12 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-#else
- fatal("No PPPoATM support on this OS");
-#endif
- info("PPPoATM plugin_init");
add_options(pppoa_options);
}
---- a/pppd/plugins/rp-pppoe/plugin.c
-+++ b/pppd/plugins/rp-pppoe/plugin.c
-@@ -59,9 +59,6 @@ static char const RCSID[] =
+
+--- a/pppd/plugins/pppoe/plugin.c
++++ b/pppd/plugins/pppoe/plugin.c
+@@ -58,9 +58,6 @@ static char const RCSID[] =
char pppd_version[] = VERSION;
@@ -125,7 +125,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
char *pppd_pppoe_service = NULL;
static char *acName = NULL;
static char *existingSession = NULL;
-@@ -394,10 +391,6 @@ PPPoEDevnameHook(char *cmd, char **argv,
+@@ -407,10 +404,6 @@ PPPoEDevnameHook(char *cmd, char **argv,
void
plugin_init(void)
{
@@ -135,7 +135,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-
add_options(Options);
- info("RP-PPPoE plugin version %s compiled against pppd %s",
+ info("PPPoE plugin from pppd %s", VERSION);
--- a/pppd/plugins/pppol2tp/pppol2tp.c
+++ b/pppd/plugins/pppol2tp/pppol2tp.c
@@ -490,12 +490,7 @@ static void pppol2tp_cleanup(void)
diff --git a/package/network/services/ppp/patches/401-no_record_file.patch b/package/network/services/ppp/patches/401-no_record_file.patch
index f707fda8ab..7844260685 100644
--- a/package/network/services/ppp/patches/401-no_record_file.patch
+++ b/package/network/services/ppp/patches/401-no_record_file.patch
@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
-@@ -326,7 +326,6 @@ extern int holdoff; /* Dead time before
+@@ -317,7 +317,6 @@ extern int holdoff; /* Dead time before
extern bool holdoff_specified; /* true if user gave a holdoff value */
extern bool notty; /* Stdin/out is not a tty */
extern char *pty_socket; /* Socket to connect to pty */
@@ -17,7 +17,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
extern char linkname[MAXPATHLEN]; /* logical name for link */
--- a/pppd/tty.c
+++ b/pppd/tty.c
-@@ -145,7 +145,7 @@ char *disconnect_script = NULL; /* Scrip
+@@ -143,7 +143,7 @@ char *disconnect_script = NULL; /* Scrip
char *welcomer = NULL; /* Script to run after phys link estab. */
char *ptycommand = NULL; /* Command to run on other side of pty */
bool notty = 0; /* Stdin/out is not a tty */
@@ -26,7 +26,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
int max_data_rate; /* max bytes/sec through charshunt */
bool sync_serial = 0; /* Device is synchronous serial device */
char *pty_socket = NULL; /* Socket to connect to pty */
-@@ -201,8 +201,10 @@ option_t tty_options[] = {
+@@ -199,8 +199,10 @@ option_t tty_options[] = {
"Send and receive over socket, arg is host:port",
OPT_PRIO | OPT_DEVNAM },
diff --git a/package/network/services/ppp/patches/403-no_wtmp.patch b/package/network/services/ppp/patches/403-no_wtmp.patch
index 537a1b0c7f..772620ed72 100644
--- a/package/network/services/ppp/patches/403-no_wtmp.patch
+++ b/package/network/services/ppp/patches/403-no_wtmp.patch
@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
-@@ -2470,6 +2470,7 @@ int ppp_available(void)
+@@ -2503,6 +2503,7 @@ int ppp_available(void)
void logwtmp (const char *line, const char *name, const char *host)
{
@@ -15,7 +15,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
struct utmp ut, *utp;
pid_t mypid = getpid();
#if __GLIBC__ < 2
-@@ -2535,6 +2536,7 @@ void logwtmp (const char *line, const ch
+@@ -2568,6 +2569,7 @@ void logwtmp (const char *line, const ch
close (wtmp);
}
#endif
diff --git a/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch b/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch
index d37fc03539..b9b6f0e593 100644
--- a/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch
+++ b/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch
@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/main.c
+++ b/pppd/main.c
-@@ -883,14 +883,17 @@ struct protocol_list {
+@@ -866,14 +866,17 @@ struct protocol_list {
const char *name;
} protocol_list[] = {
{ 0x21, "IP" },
@@ -25,7 +25,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
{ 0x33, "Stream Protocol ST-II" },
{ 0x35, "Banyan Vines" },
{ 0x39, "AppleTalk EDDP" },
-@@ -904,8 +907,11 @@ struct protocol_list {
+@@ -887,8 +890,11 @@ struct protocol_list {
{ 0x49, "Serial Data Transport Protocol (PPP-SDTP)" },
{ 0x4b, "SNA over 802.2" },
{ 0x4d, "SNA" },
@@ -37,7 +37,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
{ 0x53, "Encryption" },
{ 0x55, "Individual Link Encryption" },
{ 0x57, "IPv6" },
-@@ -916,12 +922,15 @@ struct protocol_list {
+@@ -899,12 +905,15 @@ struct protocol_list {
{ 0x65, "RTP IPHC Compressed non-TCP" },
{ 0x67, "RTP IPHC Compressed UDP 8" },
{ 0x69, "RTP IPHC Compressed RTP 8" },
@@ -53,7 +53,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
{ 0x0203, "IBM Source Routing BPDU" },
{ 0x0205, "DEC LANBridge100 Spanning Tree" },
{ 0x0207, "Cisco Discovery Protocol" },
-@@ -933,15 +942,19 @@ struct protocol_list {
+@@ -916,15 +925,19 @@ struct protocol_list {
{ 0x0231, "Luxcom" },
{ 0x0233, "Sigma Network Systems" },
{ 0x0235, "Apple Client Server Protocol" },
@@ -73,7 +73,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
{ 0x4001, "Cray Communications Control Protocol" },
{ 0x4003, "CDPD Mobile Network Registration Protocol" },
{ 0x4005, "Expand accelerator protocol" },
-@@ -952,8 +965,10 @@ struct protocol_list {
+@@ -935,8 +948,10 @@ struct protocol_list {
{ 0x4023, "RefTek Protocol" },
{ 0x4025, "Fibre Channel" },
{ 0x4027, "EMIT Protocols" },
@@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
{ 0x8023, "OSI Network Layer Control Protocol" },
{ 0x8025, "Xerox NS IDP Control Protocol" },
{ 0x8027, "DECnet Phase IV Control Protocol" },
-@@ -962,7 +977,9 @@ struct protocol_list {
+@@ -945,7 +960,9 @@ struct protocol_list {
{ 0x8031, "Bridging NCP" },
{ 0x8033, "Stream Protocol Control Protocol" },
{ 0x8035, "Banyan Vines Control Protocol" },
@@ -94,7 +94,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
{ 0x803f, "NETBIOS Framing Control Protocol" },
{ 0x8041, "Cisco Systems Control Protocol" },
{ 0x8043, "Ascom Timeplex" },
-@@ -971,18 +988,24 @@ struct protocol_list {
+@@ -954,18 +971,24 @@ struct protocol_list {
{ 0x8049, "Serial Data Control Protocol (PPP-SDCP)" },
{ 0x804b, "SNA over 802.2 Control Protocol" },
{ 0x804d, "SNA Control Protocol" },
@@ -119,7 +119,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
{ 0x8207, "Cisco Discovery Protocol Control" },
{ 0x8209, "Netcs Twin Routing" },
{ 0x820b, "STP - Control Protocol" },
-@@ -991,24 +1014,29 @@ struct protocol_list {
+@@ -974,24 +997,29 @@ struct protocol_list {
{ 0x8281, "MPLSCP" },
{ 0x8285, "IEEE p1284.4 standard - Protocol Control" },
{ 0x8287, "ETSI TETRA TNP1 Control Protocol" },
diff --git a/package/network/services/ppp/patches/405-no_multilink_option.patch b/package/network/services/ppp/patches/405-no_multilink_option.patch
index ce87d039a3..a34ec57b0a 100644
--- a/package/network/services/ppp/patches/405-no_multilink_option.patch
+++ b/package/network/services/ppp/patches/405-no_multilink_option.patch
@@ -9,7 +9,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/options.c
+++ b/pppd/options.c
-@@ -349,13 +349,14 @@ option_t general_options[] = {
+@@ -348,13 +348,14 @@ option_t general_options[] = {
"Enable multilink operation", OPT_PRIOSUB | OPT_ALIAS | 1 },
{ "nomultilink", o_bool, &multilink,
"Disable multilink operation", OPT_PRIOSUB | 0 },
diff --git a/package/network/services/ppp/patches/500-add-pptp-plugin.patch b/package/network/services/ppp/patches/500-add-pptp-plugin.patch
index 5ed861d545..96f4bcaf70 100644
--- a/package/network/services/ppp/patches/500-add-pptp-plugin.patch
+++ b/package/network/services/ppp/patches/500-add-pptp-plugin.patch
@@ -1,8 +1,8 @@
--- a/configure
+++ b/configure
-@@ -195,7 +195,7 @@ if [ -d "$ksrc" ]; then
+@@ -133,7 +133,7 @@ if [ -d "$ksrc" ]; then
mkmkf $ksrc/Makedefs$compiletype Makedefs.com
- for dir in pppd pppstats chat pppdump pppd/plugins pppd/plugins/rp-pppoe \
+ for dir in pppd pppstats chat pppdump pppd/plugins pppd/plugins/pppoe \
pppd/plugins/radius pppd/plugins/pppoatm \
- pppd/plugins/pppol2tp; do
+ pppd/plugins/pppol2tp pppd/plugins/pptp ; do
@@ -11,12 +11,12 @@
if [ -f $ksrc/Makefile.$makext$archvariant ]; then
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
-@@ -9,7 +9,7 @@ BINDIR = $(DESTDIR)/sbin
- MANDIR = $(DESTDIR)/share/man/man8
- LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+@@ -14,7 +14,7 @@ INSTALL = install
+ # EAP-TLS
+ CFLAGS += -DUSE_EAPTLS=1
--SUBDIRS := rp-pppoe pppoatm pppol2tp
-+SUBDIRS := rp-pppoe pppoatm pppol2tp pptp
+-SUBDIRS := pppoe pppoatm pppol2tp
++SUBDIRS := pppoe pppoatm pppol2tp pptp
# Uncomment the next line to include the radius authentication plugin
SUBDIRS += radius
PLUGINS := minconn.so passprompt.so passwordfd.so winbind.so
diff --git a/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch b/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch
index 5802d6158c..dc18156a04 100644
--- a/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch
+++ b/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch
@@ -15,8 +15,8 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
-@@ -35,10 +35,10 @@ endif
- COPTS = -O2 -pipe -Wall -g
+@@ -36,10 +36,10 @@ endif
+
LIBS = -lrt
-# Uncomment the next line to include support for Microsoft's
@@ -28,19 +28,19 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
# Don't use MSLANMAN unless you really know what you're doing.
#MSLANMAN=y
# Uncomment the next line to include support for MPPE. CHAPMS (above) must
-@@ -141,8 +141,7 @@ endif
+@@ -158,8 +158,7 @@ endif
ifdef NEEDDES
ifndef USE_CRYPT
-CFLAGS += -I$(shell $(CC) --print-sysroot)/usr/include/openssl
--LIBS += -lcrypto
+-NEEDCRYPTOLIB = y
+LIBS += -ldes $(LIBS)
else
CFLAGS += -DUSE_CRYPT=1
endif
--- a/pppd/pppcrypt.c
+++ b/pppd/pppcrypt.c
-@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key w
+@@ -62,7 +62,7 @@ MakeKey(u_char *key, u_char *des_key)
des_key[7] = Get7Bits(key, 49);
#ifndef USE_CRYPT
@@ -49,7 +49,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
#endif
}
-@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */
+@@ -147,30 +147,30 @@ DesDecrypt(u_char *cipher, u_char *clear
}
#else /* USE_CRYPT */
@@ -57,8 +57,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
+static des_key_schedule key_schedule;
bool
- DesSetkey(key)
- u_char *key;
+ DesSetkey(u_char *key)
{
- DES_cblock des_key;
+ des_cblock des_key;
@@ -69,10 +68,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
}
bool
--DesEncrypt(clear, cipher)
-+DesEncrypt(clear, key, cipher)
- u_char *clear; /* IN 8 octets */
- u_char *cipher; /* OUT 8 octets */
+ DesEncrypt(u_char *clear, u_char *cipher)
{
- DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
- &key_schedule, 1);
@@ -81,9 +77,8 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
return (1);
}
-@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
- u_char *cipher; /* IN 8 octets */
- u_char *clear; /* OUT 8 octets */
+ bool
+ DesDecrypt(u_char *cipher, u_char *clear)
{
- DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
- &key_schedule, 0);