diff --git a/ppp-2.4.5-eaptls-mppe-0.98.patch b/ppp-2.4.5-eaptls-mppe-0.99.patch similarity index 94% rename from ppp-2.4.5-eaptls-mppe-0.98.patch rename to ppp-2.4.5-eaptls-mppe-0.99.patch index ad5c49a..16d7c2b 100644 --- a/ppp-2.4.5-eaptls-mppe-0.98.patch +++ b/ppp-2.4.5-eaptls-mppe-0.99.patch @@ -1,6 +1,6 @@ -diff -Naur ppp-2.4.5/README.eap-tls ppp-2.4.5-eaptls-mppe-0.98/README.eap-tls +diff -Naur ppp-2.4.5/README.eap-tls ppp-2.4.5-eaptls-mppe-0.99/README.eap-tls --- ppp-2.4.5/README.eap-tls 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/README.eap-tls 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/README.eap-tls 2010-10-01 15:17:54.205272328 +0200 @@ -0,0 +1,169 @@ +EAP-TLS authentication support for PPP +====================================== @@ -171,9 +171,9 @@ diff -Naur ppp-2.4.5/README.eap-tls ppp-2.4.5-eaptls-mppe-0.98/README.eap-tls + This is experimental code. + Send suggestions and comments to Jan Just Keijser + -diff -Naur ppp-2.4.5/etc.ppp/eaptls-client ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/eaptls-client +diff -Naur ppp-2.4.5/etc.ppp/eaptls-client ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-client --- ppp-2.4.5/etc.ppp/eaptls-client 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/eaptls-client 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-client 2010-10-01 15:17:54.205272328 +0200 @@ -0,0 +1,10 @@ +# Parameters for authentication using EAP-TLS (client) + @@ -185,9 +185,9 @@ diff -Naur ppp-2.4.5/etc.ppp/eaptls-client ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/ea +# client private key file (required) + +#client server /root/cert/client.crt - /root/cert/ca.crt /root/cert/client.key -diff -Naur ppp-2.4.5/etc.ppp/eaptls-server ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/eaptls-server +diff -Naur ppp-2.4.5/etc.ppp/eaptls-server ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-server --- ppp-2.4.5/etc.ppp/eaptls-server 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/eaptls-server 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-server 2010-10-01 15:17:54.205272328 +0200 @@ -0,0 +1,11 @@ +# Parameters for authentication using EAP-TLS (server) + @@ -200,9 +200,9 @@ diff -Naur ppp-2.4.5/etc.ppp/eaptls-server ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/ea +# allowed addresses (required, can be *) + +#client server - /root/cert/server.crt /root/cert/ca.crt /root/cert/server.key 192.168.1.0/24 -diff -Naur ppp-2.4.5/etc.ppp/openssl.cnf ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/openssl.cnf +diff -Naur ppp-2.4.5/etc.ppp/openssl.cnf ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/openssl.cnf --- ppp-2.4.5/etc.ppp/openssl.cnf 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/openssl.cnf 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/openssl.cnf 2010-10-01 15:17:54.206272162 +0200 @@ -0,0 +1,14 @@ +openssl_conf = openssl_def + @@ -218,9 +218,9 @@ diff -Naur ppp-2.4.5/etc.ppp/openssl.cnf ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/open +MODULE_PATH = /usr/lib64/libeTPkcs11.so +init = 0 + -diff -Naur ppp-2.4.5/linux/Makefile.top ppp-2.4.5-eaptls-mppe-0.98/linux/Makefile.top +diff -Naur ppp-2.4.5/linux/Makefile.top ppp-2.4.5-eaptls-mppe-0.99/linux/Makefile.top --- ppp-2.4.5/linux/Makefile.top 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/linux/Makefile.top 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/linux/Makefile.top 2010-10-01 15:17:54.206272162 +0200 @@ -26,7 +26,7 @@ cd pppdump; $(MAKE) $(MFLAGS) install @@ -241,27 +241,18 @@ diff -Naur ppp-2.4.5/linux/Makefile.top ppp-2.4.5-eaptls-mppe-0.98/linux/Makefil $(BINDIR): $(INSTALL) -d -m 755 $@ -diff -Naur ppp-2.4.5/openssl.cnf ppp-2.4.5-eaptls-mppe-0.98/openssl.cnf ---- ppp-2.4.5/openssl.cnf 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/openssl.cnf 2010-02-09 10:58:38.000000000 +0100 -@@ -0,0 +1,14 @@ -+openssl_conf = openssl_def -+ -+[ openssl_def ] -+engines = engine_section -+ -+[ engine_section ] -+pkcs11 = pkcs11_section -+ -+[ pkcs11_section ] -+engine_id = pkcs11 -+dynamic_path = /usr/lib64/openssl/engines/engine_pkcs11.so -+MODULE_PATH = /usr/lib64/libeTPkcs11.so -+init = 0 -+ -diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd/Makefile.linux +diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.99/pppd/Makefile.linux --- ppp-2.4.5/pppd/Makefile.linux 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/Makefile.linux 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/Makefile.linux 2010-10-01 15:17:54.207272272 +0200 +@@ -33,7 +33,7 @@ + # CC = gcc + # + COPTS = -O2 -pipe -Wall -g +-LIBS = ++LIBS = + + # Uncomment the next 2 lines to include support for Microsoft's + # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux. @@ -73,6 +73,9 @@ # Enable EAP SRP-SHA1 authentication (requires libsrp) #USE_SRP=y @@ -278,8 +269,8 @@ diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd/Makefil +# EAP-TLS +ifdef USE_EAPTLS -+CFLAGS += -DUSE_EAPTLS=1 -+LIBS += -lssl -lcrypto ++CFLAGS += -DUSE_EAPTLS=1 -I/usr/kerberos/include ++LIBS += -lssl +PPPDSRC += eap-tls.c +HEADERS += eap-tls.h +PPPDOBJS += eap-tls.o @@ -288,9 +279,9 @@ diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd/Makefil ifdef HAS_SHADOW CFLAGS += -DHAS_SHADOW #LIBS += -lshadow $(LIBS) -diff -Naur ppp-2.4.5/pppd/auth.c ppp-2.4.5-eaptls-mppe-0.98/pppd/auth.c +diff -Naur ppp-2.4.5/pppd/auth.c ppp-2.4.5-eaptls-mppe-0.99/pppd/auth.c --- ppp-2.4.5/pppd/auth.c 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/auth.c 2010-02-09 10:58:55.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/auth.c 2010-10-01 15:17:54.210272021 +0200 @@ -109,6 +109,9 @@ #include "upap.h" #include "chap-new.h" @@ -784,9 +775,9 @@ diff -Naur ppp-2.4.5/pppd/auth.c ppp-2.4.5-eaptls-mppe-0.98/pppd/auth.c +} +#endif + -diff -Naur ppp-2.4.5/pppd/ccp.c ppp-2.4.5-eaptls-mppe-0.98/pppd/ccp.c +diff -Naur ppp-2.4.5/pppd/ccp.c ppp-2.4.5-eaptls-mppe-0.99/pppd/ccp.c --- ppp-2.4.5/pppd/ccp.c 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/ccp.c 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/ccp.c 2010-10-01 15:17:54.211272258 +0200 @@ -540,6 +540,9 @@ if (go->mppe) { ccp_options *ao = &ccp_allowoptions[f->unit]; @@ -822,9 +813,9 @@ diff -Naur ppp-2.4.5/pppd/ccp.c ppp-2.4.5-eaptls-mppe-0.98/pppd/ccp.c lcp_close(f->unit, "MPPE required but not available"); return; } -diff -Naur ppp-2.4.5/pppd/chap-md5.c ppp-2.4.5-eaptls-mppe-0.98/pppd/chap-md5.c +diff -Naur ppp-2.4.5/pppd/chap-md5.c ppp-2.4.5-eaptls-mppe-0.99/pppd/chap-md5.c --- ppp-2.4.5/pppd/chap-md5.c 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/chap-md5.c 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/chap-md5.c 2010-10-01 15:17:54.212272142 +0200 @@ -36,7 +36,11 @@ #include "chap-new.h" #include "chap-md5.h" @@ -837,10 +828,10 @@ diff -Naur ppp-2.4.5/pppd/chap-md5.c ppp-2.4.5-eaptls-mppe-0.98/pppd/chap-md5.c #define MD5_HASH_SIZE 16 #define MD5_MIN_CHALLENGE 16 -diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c +diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.c --- ppp-2.4.5/pppd/eap-tls.c 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c 2010-02-09 10:58:38.000000000 +0100 -@@ -0,0 +1,1146 @@ ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.c 2010-10-05 15:12:45.881615580 +0200 +@@ -0,0 +1,1174 @@ +/* + * eap-tls.c - EAP-TLS implementation for PPP + * @@ -887,6 +878,8 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c +#include "pppd.h" +#include "eap.h" +#include "eap-tls.h" ++#include "fsm.h" ++#include "lcp.h" +#include "pathnames.h" + +/* The openssl configuration file and engines can be loaded only once */ @@ -1388,6 +1381,28 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c +} + +/* ++ * Determine the maximum packet size by looking at the LCP handshake ++ */ ++ ++int eaptls_get_mtu(int unit) ++{ ++ int mtu, mru; ++ ++ lcp_options *wo = &lcp_wantoptions[unit]; ++ lcp_options *go = &lcp_gotoptions[unit]; ++ lcp_options *ho = &lcp_hisoptions[unit]; ++ lcp_options *ao = &lcp_allowoptions[unit]; ++ ++ mtu = ho->neg_mru? ho->mru: PPP_MRU; ++ mru = go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU; ++ mtu = MIN(MIN(mtu, mru), ao->mru)- PPP_HDRLEN - 10; ++ ++ dbglog("MTU = %d", mtu); ++ return mtu; ++} ++ ++ ++/* + * Init the ssl handshake (server mode) + */ +int eaptls_init_ssl_server(eap_state * esp) @@ -1416,11 +1431,12 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c + if (!get_eaptls_secret(esp->es_unit, esp->es_server.ea_peer, + esp->es_server.ea_name, clicertfile, + servcertfile, cacertfile, pkfile, 1)) { -+ error( "EAP-TLS: Cannot get secret/password" ); ++ error( "EAP-TLS: Cannot get secret/password for client \"%s\", server \"%s\"", ++ esp->es_server.ea_peer, esp->es_server.ea_name ); + return 0; + } + -+ ets->mtu = netif_get_mtu(esp->es_unit) - PPP_HDRLEN - 10; ++ ets->mtu = eaptls_get_mtu(esp->es_unit); + + ets->ctx = eaptls_init_ssl(1, cacertfile, servcertfile, clicertfile, pkfile); + if (!ets->ctx) @@ -1500,14 +1516,15 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c + strncpy(ets->peer, esp->es_client.ea_peer, MAXWORDLEN); + else + ets->peer[0] = 0; -+ -+ ets->mtu = netif_get_mtu(esp->es_unit) - PPP_HDRLEN - 10; ++ ++ ets->mtu = eaptls_get_mtu(esp->es_unit); + + dbglog( "calling get_eaptls_secret" ); + if (!get_eaptls_secret(esp->es_unit, esp->es_client.ea_name, + esp->es_client.ea_peer, clicertfile, + servcertfile, cacertfile, pkfile, 0)) { -+ error( "EAP-TLS: Cannot get secret/password" ); ++ error( "EAP-TLS: Cannot get secret/password for client \"%s\", server \"%s\"", ++ esp->es_client.ea_name, esp->es_client.ea_peer ); + return 0; + } + @@ -1524,6 +1541,7 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c + /* + * Initialize the BIOs we use to read/write to ssl engine + */ ++ dbglog( "Initializing SSL BIOs" ); + ets->into_ssl = BIO_new(BIO_s_mem()); + ets->from_ssl = BIO_new(BIO_s_mem()); + SSL_set_bio(ets->ssl, ets->into_ssl, ets->from_ssl); @@ -1557,6 +1575,7 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c + return 1; + +fail: ++ dbglog( "eaptls_init_ssl_client: fail" ); + SSL_CTX_free(ets->ctx); + return 0; + @@ -1709,7 +1728,7 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c + } + + size = ets->datalen - ets->offset; -+ ++ + if (size > ets->mtu) { + size = ets->mtu; + ets->frag = 1; @@ -1987,9 +2006,9 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c + dbglog("%s", string); +} + -diff -Naur ppp-2.4.5/pppd/eap-tls.h ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.h +diff -Naur ppp-2.4.5/pppd/eap-tls.h ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.h --- ppp-2.4.5/pppd/eap-tls.h 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.h 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.h 2010-10-01 15:17:54.213271816 +0200 @@ -0,0 +1,107 @@ +/* + * eap-tls.h @@ -2098,9 +2117,9 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.h ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.h +#endif + +#endif -diff -Naur ppp-2.4.5/pppd/eap.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.c +diff -Naur ppp-2.4.5/pppd/eap.c ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.c --- ppp-2.4.5/pppd/eap.c 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.c 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.c 2010-01-29 16:31:29.000000000 +0100 @@ -43,6 +43,11 @@ * Based on draft-ietf-pppext-eap-srp-03.txt. */ @@ -2692,9 +2711,9 @@ diff -Naur ppp-2.4.5/pppd/eap.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.c return (inp - pstart); } + -diff -Naur ppp-2.4.5/pppd/eap.h ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.h +diff -Naur ppp-2.4.5/pppd/eap.h ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.h --- ppp-2.4.5/pppd/eap.h 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.h 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.h 2010-10-01 15:17:54.214270927 +0200 @@ -84,6 +84,16 @@ eapClosed, /* Authentication not in use */ eapListen, /* Client ready (and timer running) */ @@ -2763,9 +2782,9 @@ diff -Naur ppp-2.4.5/pppd/eap.h ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.h #define EAP_DEFREQTIME 20 /* Time to wait for peer request */ #define EAP_DEFALLOWREQ 20 /* max # times to accept requests */ -diff -Naur ppp-2.4.5/pppd/md5.c ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.c +diff -Naur ppp-2.4.5/pppd/md5.c ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.c --- ppp-2.4.5/pppd/md5.c 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.c 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.c 2010-10-01 15:17:54.214270927 +0200 @@ -33,6 +33,8 @@ *********************************************************************** */ @@ -2781,9 +2800,9 @@ diff -Naur ppp-2.4.5/pppd/md5.c ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.c */ +#endif /* USE_EAPTLS */ + -diff -Naur ppp-2.4.5/pppd/md5.h ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.h +diff -Naur ppp-2.4.5/pppd/md5.h ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.h --- ppp-2.4.5/pppd/md5.h 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.h 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.h 2010-10-01 15:17:54.215271014 +0200 @@ -36,6 +36,7 @@ ** documentation and/or software. ** *********************************************************************** @@ -2798,9 +2817,9 @@ diff -Naur ppp-2.4.5/pppd/md5.h ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.h #endif /* __MD5_INCLUDE__ */ + +#endif /* USE_EAPTLS */ -diff -Naur ppp-2.4.5/pppd/options.c ppp-2.4.5-eaptls-mppe-0.98/pppd/options.c +diff -Naur ppp-2.4.5/pppd/options.c ppp-2.4.5-eaptls-mppe-0.99/pppd/options.c --- ppp-2.4.5/pppd/options.c 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/options.c 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/options.c 2010-10-01 15:17:54.215271014 +0200 @@ -119,6 +119,10 @@ bool dryrun; /* print out option values and exit */ char *domain; /* domain name set by domain option */ @@ -2825,9 +2844,9 @@ diff -Naur ppp-2.4.5/pppd/options.c ppp-2.4.5-eaptls-mppe-0.98/pppd/options.c { NULL } }; -diff -Naur ppp-2.4.5/pppd/pathnames.h ppp-2.4.5-eaptls-mppe-0.98/pppd/pathnames.h +diff -Naur ppp-2.4.5/pppd/pathnames.h ppp-2.4.5-eaptls-mppe-0.99/pppd/pathnames.h --- ppp-2.4.5/pppd/pathnames.h 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/pathnames.h 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/pathnames.h 2010-10-01 15:17:54.215271014 +0200 @@ -21,6 +21,13 @@ #define _PATH_UPAPFILE _ROOT_PATH "/etc/ppp/pap-secrets" #define _PATH_CHAPFILE _ROOT_PATH "/etc/ppp/chap-secrets" @@ -2842,9 +2861,9 @@ diff -Naur ppp-2.4.5/pppd/pathnames.h ppp-2.4.5-eaptls-mppe-0.98/pppd/pathnames. #define _PATH_SYSOPTIONS _ROOT_PATH "/etc/ppp/options" #define _PATH_IPUP _ROOT_PATH "/etc/ppp/ip-up" #define _PATH_IPDOWN _ROOT_PATH "/etc/ppp/ip-down" -diff -Naur ppp-2.4.5/pppd/plugins/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/Makefile.linux +diff -Naur ppp-2.4.5/pppd/plugins/Makefile.linux ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/Makefile.linux --- ppp-2.4.5/pppd/plugins/Makefile.linux 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/Makefile.linux 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/Makefile.linux 2010-10-01 15:17:54.215271014 +0200 @@ -4,6 +4,9 @@ LDFLAGS = -shared INSTALL = install @@ -2855,9 +2874,9 @@ diff -Naur ppp-2.4.5/pppd/plugins/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd DESTDIR = $(INSTROOT)@DESTDIR@ BINDIR = $(DESTDIR)/sbin MANDIR = $(DESTDIR)/share/man/man8 -diff -Naur ppp-2.4.5/pppd/plugins/passprompt.c ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/passprompt.c +diff -Naur ppp-2.4.5/pppd/plugins/passprompt.c ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passprompt.c --- ppp-2.4.5/pppd/plugins/passprompt.c 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/passprompt.c 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passprompt.c 2010-10-01 15:17:54.215271014 +0200 @@ -107,4 +107,7 @@ { add_options(options); @@ -2866,9 +2885,9 @@ diff -Naur ppp-2.4.5/pppd/plugins/passprompt.c ppp-2.4.5-eaptls-mppe-0.98/pppd/p + eaptls_passwd_hook = promptpass; +#endif } -diff -Naur ppp-2.4.5/pppd/plugins/passwordfd.c ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/passwordfd.c +diff -Naur ppp-2.4.5/pppd/plugins/passwordfd.c ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passwordfd.c --- ppp-2.4.5/pppd/plugins/passwordfd.c 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/passwordfd.c 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passwordfd.c 2010-10-01 15:17:54.216270820 +0200 @@ -79,4 +79,9 @@ chap_check_hook = pwfd_check; @@ -2879,9 +2898,9 @@ diff -Naur ppp-2.4.5/pppd/plugins/passwordfd.c ppp-2.4.5-eaptls-mppe-0.98/pppd/p + eaptls_passwd_hook = pwfd_passwd; +#endif } -diff -Naur ppp-2.4.5/pppd/pppd.h ppp-2.4.5-eaptls-mppe-0.98/pppd/pppd.h +diff -Naur ppp-2.4.5/pppd/pppd.h ppp-2.4.5-eaptls-mppe-0.99/pppd/pppd.h --- ppp-2.4.5/pppd/pppd.h 2009-11-16 23:26:07.000000000 +0100 -+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/pppd.h 2010-02-09 10:58:38.000000000 +0100 ++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/pppd.h 2010-10-01 15:17:54.216270820 +0200 @@ -320,6 +320,10 @@ extern bool dryrun; /* check everything, print options, exit */ extern int child_wait; /* # seconds to wait for children at end */ diff --git a/ppp.spec b/ppp.spec index bc135c7..a53a1ee 100644 --- a/ppp.spec +++ b/ppp.spec @@ -1,7 +1,7 @@ Summary: The Point-to-Point Protocol daemon Name: ppp Version: 2.4.5 -Release: 11%{?dist} +Release: 12%{?dist} License: BSD and LGPLv2+ and GPLv2+ and Public Domain Group: System Environment/Daemons URL: http://www.samba.org/ppp @@ -26,7 +26,7 @@ Patch23: ppp-2.4.2-dontwriteetc.patch Patch24: ppp-2.4.4-fd_leak.patch Patch25: ppp-2.4.5-var_run_ppp.patch Patch26: ppp-2.4.5-manpg.patch -Patch27: ppp-2.4.5-eaptls-mppe-0.98.patch +Patch27: ppp-2.4.5-eaptls-mppe-0.99.patch Patch28: ppp-2.4.5-ppp_resolv.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -133,7 +133,7 @@ rm -rf $RPM_BUILD_ROOT %config(noreplace) /etc/ppp/pap-secrets %config(noreplace) /etc/pam.d/ppp %config(noreplace) /etc/logrotate.d/ppp -%doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample +%doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample README.eap-tls %files devel %defattr(-,root,root) @@ -141,6 +141,11 @@ rm -rf $RPM_BUILD_ROOT %doc PLUGINS %changelog +* Wed Sep 29 2010 Jiri Skala - 2.4.5-12 +- fixes #637513 - Missing: README.eap-tls +- updated to latest eaptls upstream +- fixes #637886 - EAP-TLS not working with enabled PPP Multilink Framing option + * Thu Aug 05 2010 Jiri Skala - 2.4.5-11 - fixes #617625 - FTBFS in ppp due to change in kernel-headers - fixes pppol2tp Makefile