rpms/ppp
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:imports/c10s/ppp-2.5.0-13.el10
Branches Tags
rpms:c8
rpms:c10s
rpms:c8s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c9s
rpms:imports/c10s/ppp-2.5.0-13.el10
rpms:imports/c10s/ppp-2.5.0-12.el10
rpms:imports/c9/ppp-2.4.9-5.el9
rpms:imports/c9-beta/ppp-2.4.9-5.el9
rpms:imports/c8-beta/ppp-2.4.7-26.el8
rpms:imports/c8-beta/ppp-2.4.7-25.el8
rpms:imports/c8s/ppp-2.4.7-26.el8
rpms:imports/c8/ppp-2.4.7-26.el8_1
rpms:imports/c8/ppp-2.4.7-26.el8
rpms:imports/c8/ppp-2.4.7-25.el8
...
compare: rpms:c8
Branches Tags
rpms:c10s
rpms:c8s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c8
rpms:c9s
rpms:imports/c10s/ppp-2.5.0-13.el10
rpms:imports/c10s/ppp-2.5.0-12.el10
rpms:imports/c9/ppp-2.4.9-5.el9
rpms:imports/c9-beta/ppp-2.4.9-5.el9
rpms:imports/c8-beta/ppp-2.4.7-26.el8
rpms:imports/c8-beta/ppp-2.4.7-25.el8
rpms:imports/c8s/ppp-2.4.7-26.el8
rpms:imports/c8/ppp-2.4.7-26.el8_1
rpms:imports/c8/ppp-2.4.7-26.el8
rpms:imports/c8/ppp-2.4.7-25.el8

No commits in common. "imports/c10s/ppp-2.5.0-13.el10" and "c8" have entirely different histories.
imports/c1 ... c8

54 changed files with 6700 additions and 396 deletions
Show Stats Expand all files Collapse all files

1
.fmf/version
View File

@ -1 +0,0 @@
1

4
.gitignore vendored
View File

@ -1,2 +1,2 @@
/ppp-*.tar.gz
/ppp-watch.tar.xz
SOURCES/ppp-2.4.7.tar.gz
SOURCES/ppp-watch.tar.xz

2
.ppp.metadata Normal file
View File

@ -0,0 +1,2 @@
808b023172ea7189bc0d49935bf37a5382a1fe13 SOURCES/ppp-2.4.7.tar.gz
74b6db205dc46fc179a2a3bc3d726ddfeb03c801 SOURCES/ppp-watch.tar.xz

25
SOURCES/0001-build-sys-use-gcc-as-our-compiler-of-choice.patch Normal file
View File

@ -0,0 +1,25 @@
From 486e36d184cbaee7e34bb582ea6fdf3bfa9ca531 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:23:42 +0200
Subject: [PATCH 01/27] build-sys: use gcc as our compiler of choice
---
pppd/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index a74c914..1d9ea78 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -30,7 +30,7 @@ ifeq (.depend,$(wildcard .depend))
include .depend
endif
-# CC = gcc
+CC = gcc
#
COPTS = -O2 -pipe -Wall -g
LIBS =
--
1.8.3.1

25
SOURCES/0002-build-sys-enable-PAM-support.patch Normal file
View File

@ -0,0 +1,25 @@
From 0d71a32b73b71c9793d0b304320858062faf00d1 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:25:43 +0200
Subject: [PATCH 02/27] build-sys: enable PAM support
---
pppd/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 1d9ea78..5a44d30 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -61,7 +61,7 @@ HAVE_MULTILINK=y
USE_TDB=y
HAS_SHADOW=y
-#USE_PAM=y
+USE_PAM=y
HAVE_INET6=y
# Enable plugins
--
1.8.3.1

121
SOURCES/0003-build-sys-utilize-compiler-flags-handed-to-us-by-rpm.patch Normal file
View File

@ -0,0 +1,121 @@
From d729b06f0ac7a5ebd3648ef60bef0499b59bf82d Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:29:39 +0200
Subject: [PATCH 03/27] build-sys: utilize compiler flags handed to us by
rpmbuild
---
chat/Makefile.linux | 2 +-
pppd/Makefile.linux | 3 +--
pppd/plugins/Makefile.linux | 2 +-
pppd/plugins/pppoatm/Makefile.linux | 2 +-
pppd/plugins/radius/Makefile.linux | 2 +-
pppd/plugins/rp-pppoe/Makefile.linux | 2 +-
pppdump/Makefile.linux | 2 +-
pppstats/Makefile.linux | 2 +-
8 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/chat/Makefile.linux b/chat/Makefile.linux
index 1065ac5..848cd8d 100644
--- a/chat/Makefile.linux
+++ b/chat/Makefile.linux
@@ -10,7 +10,7 @@ CDEF3= -UNO_SLEEP # Use the usleep function
CDEF4= -DFNDELAY=O_NDELAY # Old name value
CDEFS= $(CDEF1) $(CDEF2) $(CDEF3) $(CDEF4)
-COPTS= -O2 -g -pipe
+COPTS= $(RPM_OPT_FLAGS)
CFLAGS= $(COPTS) $(CDEFS)
INSTALL= install
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 5a44d30..63872eb 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -32,8 +32,7 @@ endif
CC = gcc
#
-COPTS = -O2 -pipe -Wall -g
-LIBS =
+COPTS = -Wall $(RPM_OPT_FLAGS)
# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
index 0a7ec7b..e09a369 100644
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
LDFLAGS = -shared
INSTALL = install
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 20f62e6..5a81447 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 24ed3e5..45b3b8d 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -12,7 +12,7 @@ VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
INSTALL = install
PLUGIN=radius.so radattr.so radrealms.so
-CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
+CFLAGS=-I. -I../.. -I../../../include $(RPM_OPT_FLAGS) -DRC_LOG_FACILITY=LOG_DAEMON
# Uncomment the next line to include support for Microsoft's
# MS-CHAP authentication protocol.
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 5d7a271..352991a 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -25,7 +25,7 @@ INSTALL = install
# Version is set ONLY IN THE MAKEFILE! Don't delete this!
RP_VERSION=3.8p
-COPTS=-O2 -g
+COPTS=$(RPM_OPT_FLAGS)
CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
all: rp-pppoe.so pppoe-discovery
diff --git a/pppdump/Makefile.linux b/pppdump/Makefile.linux
index ac028f6..d0a5032 100644
--- a/pppdump/Makefile.linux
+++ b/pppdump/Makefile.linux
@@ -2,7 +2,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-CFLAGS= -O -I../include/net
+CFLAGS= $(RPM_OPT_FLAGS) -I../include/net
OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
INSTALL= install
diff --git a/pppstats/Makefile.linux b/pppstats/Makefile.linux
index cca6f0f..42aba73 100644
--- a/pppstats/Makefile.linux
+++ b/pppstats/Makefile.linux
@@ -10,7 +10,7 @@ PPPSTATSRCS = pppstats.c
PPPSTATOBJS = pppstats.o
#CC = gcc
-COPTS = -O
+COPTS = $(RPM_OPT_FLAGS)
COMPILE_FLAGS = -I../include
LIBS =
--
1.8.3.1

341
SOURCES/0004-doc-add-configuration-samples.patch Normal file
View File

@ -0,0 +1,341 @@
From d7faeb88f684c8b2ae193b2c5b5b358ac757fcfa Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 11:39:09 +0200
Subject: [PATCH 04/27] doc: add configuration samples
---
sample/auth-down | 17 ++++++
sample/auth-up | 17 ++++++
sample/ip-down | 22 ++++++++
sample/ip-up | 23 ++++++++
sample/options | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++
sample/options.ttyXX | 14 +++++
sample/pap-secrets | 28 ++++++++++
7 files changed, 274 insertions(+)
create mode 100644 sample/auth-down
create mode 100644 sample/auth-up
create mode 100644 sample/ip-down
create mode 100644 sample/ip-up
create mode 100644 sample/options
create mode 100644 sample/options.ttyXX
create mode 100644 sample/pap-secrets
diff --git a/sample/auth-down b/sample/auth-down
new file mode 100644
index 0000000..edde65d
--- /dev/null
+++ b/sample/auth-down
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# A program or script which is executed after the remote system
+# successfully authenticates itself. It is executed with the parameters
+# <interface-name> <peer-name> <user-name> <tty-device> <speed>
+#
+
+#
+# The environment is cleared before executing this script
+# so the path must be reset
+#
+PATH=/usr/sbin:/sbin:/usr/bin:/bin
+export PATH
+
+echo auth-down `date +'%y/%m/%d %T'` $* >> /var/log/pppstats
+
+# last line
diff --git a/sample/auth-up b/sample/auth-up
new file mode 100644
index 0000000..54722a3
--- /dev/null
+++ b/sample/auth-up
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# A program or script which is executed after the remote system
+# successfully authenticates itself. It is executed with the parameters
+# <interface-name> <peer-name> <user-name> <tty-device> <speed>
+#
+
+#
+# The environment is cleared before executing this script
+# so the path must be reset
+#
+PATH=/usr/sbin:/sbin:/usr/bin:/bin
+export PATH
+
+echo auth-up `date +'%y/%m/%d %T'` $* >> /var/log/pppstats
+
+# last line
diff --git a/sample/ip-down b/sample/ip-down
new file mode 100644
index 0000000..b771fb6
--- /dev/null
+++ b/sample/ip-down
@@ -0,0 +1,22 @@
+#!/bin/sh
+#
+# This script is run by the pppd _after_ the link is brought down.
+# It should be used to delete routes, unset IP addresses etc.
+#
+# This script is called with the following arguments:
+# Arg Name Example
+# $1 Interface name ppp0
+# $2 The tty ttyS1
+# $3 The link speed 38400
+# $4 Local IP number 12.34.56.78
+# $5 Peer IP number 12.34.56.99
+#
+
+#
+# The environment is cleared before executing this script
+# so the path must be reset
+#
+PATH=/usr/sbin:/sbin:/usr/bin:/bin
+export PATH
+
+# last line
diff --git a/sample/ip-up b/sample/ip-up
new file mode 100644
index 0000000..7ce7c8d
--- /dev/null
+++ b/sample/ip-up
@@ -0,0 +1,23 @@
+#!/bin/sh
+#
+# This script is run by the pppd after the link is established.
+# It should be used to add routes, set IP address, run the mailq
+# etc.
+#
+# This script is called with the following arguments:
+# Arg Name Example
+# $1 Interface name ppp0
+# $2 The tty ttyS1
+# $3 The link speed 38400
+# $4 Local IP number 12.34.56.78
+# $5 Peer IP number 12.34.56.99
+#
+
+#
+# The environment is cleared before executing this script
+# so the path must be reset
+#
+PATH=/usr/sbin:/sbin:/usr/bin:/bin
+export PATH
+
+# last line
diff --git a/sample/options b/sample/options
new file mode 100644
index 0000000..8d0a3f9
--- /dev/null
+++ b/sample/options
@@ -0,0 +1,153 @@
+# /etc/ppp/options
+
+# The name of this server. Often, the FQDN is used here.
+#name <host>
+
+# Enforce the use of the hostname as the name of the local system for
+# authentication purposes (overrides the name option).
+usehostname
+
+# If no local IP address is given, pppd will use the first IP address
+# that belongs to the local hostname. If "noipdefault" is given, this
+# is disabled and the peer will have to supply an IP address.
+noipdefault
+
+# With this option, pppd will accept the peer's idea of our local IP
+# address, even if the local IP address was specified in an option.
+#ipcp-accept-local
+
+# With this option, pppd will accept the peer's idea of its (remote) IP
+# address, even if the remote IP address was specified in an option.
+#ipcp-accept-remote
+
+# Specify which DNS Servers the incoming Win95 or WinNT Connection should use
+# Two Servers can be remotely configured
+#ms-dns 192.168.1.1
+#ms-dns 192.168.1.2
+
+# Specify which WINS Servers the incoming connection Win95 or WinNT should use
+#wins-addr 192.168.1.50
+#wins-addr 192.168.1.51
+
+# enable this on a server that already has a permanent default route
+#nodefaultroute
+
+# Run the executable or shell command specified after pppd has terminated
+# the link. This script could, for example, issue commands to the modem
+# to cause it to hang up if hardware modem control signals were not
+# available.
+# If mgetty is running, it will reset the modem anyway. So there is no need
+# to do it here.
+#disconnect "chat -- \d+++\d\c OK ath0 OK"
+
+# Increase debugging level (same as -d). The debug output is written
+# to syslog LOG_LOCAL2.
+debug
+
+# Enable debugging code in the kernel-level PPP driver. The argument n
+# is a number which is the sum of the following values: 1 to enable
+# general debug messages, 2 to request that the contents of received
+# packets be printed, and 4 to request that the contents of transmitted
+# packets be printed.
+#kdebug n
+
+# Require the peer to authenticate itself before allowing network
+# packets to be sent or received.
+# Please do not disable this setting. It is expected to be standard in
+# future releases of pppd. Use the call option (see manpage) to disable
+# authentication for specific peers.
+#auth
+
+# authentication can either be pap or chap. As most people only want to
+# use pap, you can also disable chap:
+#require-pap
+#refuse-chap
+
+# Use hardware flow control (i.e. RTS/CTS) to control the flow of data
+# on the serial port.
+crtscts
+
+# Specifies that pppd should use a UUCP-style lock on the serial device
+# to ensure exclusive access to the device.
+lock
+
+# Use the modem control lines.
+modem
+
+# async character map -- 32-bit hex; each bit is a character
+# that needs to be escaped for pppd to receive it. 0x00000001
+# represents '\x01', and 0x80000000 represents '\x1f'.
+# To allow pppd to work over a rlogin/telnet connection, ou should escape
+# XON (^Q), XOFF (^S) and ^]: (The peer should use "escape ff".)
+#asyncmap 200a0000
+asyncmap 0
+
+# Specifies that certain characters should be escaped on transmission
+# (regardless of whether the peer requests them to be escaped with its
+# async control character map). The characters to be escaped are
+# specified as a list of hex numbers separated by commas. Note that
+# almost any character can be specified for the escape option, unlike
+# the asyncmap option which only allows control characters to be
+# specified. The characters which may not be escaped are those with hex
+# values 0x20 - 0x3f or 0x5e.
+#escape 11,13,ff
+
+# Set the MRU [Maximum Receive Unit] value to <n> for negotiation. pppd
+# will ask the peer to send packets of no more than <n> bytes. The
+# minimum MRU value is 128. The default MRU value is 1500. A value of
+# 296 is recommended for slow links (40 bytes for TCP/IP header + 256
+# bytes of data).
+#mru 542
+
+# Set the MTU [Maximum Transmit Unit] value to <n>. Unless the peer
+# requests a smaller value via MRU negotiation, pppd will request that
+# the kernel networking code send data packets of no more than n bytes
+# through the PPP network interface.
+#mtu <n>
+
+# Set the interface netmask to <n>, a 32 bit netmask in "decimal dot"
+# notation (e.g. 255.255.255.0).
+#netmask 255.255.255.0
+
+# Don't fork to become a background process (otherwise pppd will do so
+# if a serial device is specified).
+nodetach
+
+# Set the assumed name of the remote system for authentication purposes
+# to <n>.
+#remotename <n>
+
+# Add an entry to this system's ARP [Address Resolution Protocol]
+# table with the IP address of the peer and the Ethernet address of this
+# system. {proxyarp,noproxyarp}
+proxyarp
+
+# Use the system password database for authenticating the peer using
+# PAP. Note: mgetty already provides this option. If this is specified
+# then dialin from users using a script under Linux to fire up ppp wont work.
+#login
+
+# If this option is given, pppd will send an LCP echo-request frame to
+# the peer every n seconds. Under Linux, the echo-request is sent when
+# no packets have been received from the peer for n seconds. Normally
+# the peer should respond to the echo-request by sending an echo-reply.
+# This option can be used with the lcp-echo-failure option to detect
+# that the peer is no longer connected.
+lcp-echo-interval 30
+
+# If this option is given, pppd will presume the peer to be dead if n
+# LCP echo-requests are sent without receiving a valid LCP echo-reply.
+# If this happens, pppd will terminate the connection. Use of this
+# option requires a non-zero value for the lcp-echo-interval parameter.
+# This option can be used to enable pppd to terminate after the physical
+# connection has been broken (e.g., the modem has hung up) in
+# situations where no hardware modem control lines are available.
+lcp-echo-failure 4
+
+# Specifies that pppd should disconnect if the link is idle for n seconds.
+idle 600
+
+# Disable the IPXCP and IPX protocols.
+noipx
+
+# ---<End of File>---
diff --git a/sample/options.ttyXX b/sample/options.ttyXX
new file mode 100644
index 0000000..d4202f5
--- /dev/null
+++ b/sample/options.ttyXX
@@ -0,0 +1,14 @@
+# If you need to set up multiple serial lines then copy this file to
+# options.<ttyname> for each tty with a modem on it.
+#
+# The options.tty file will assign an IP address to each PPP connection
+# as it comes up. They must all be distinct!
+#
+# Example:
+# options.ttyS1 for com2 under DOS.
+#
+# Edit the following line so that the first IP address
+# mentioned is the ip address of the serial port while the second
+# is the IP address of your host
+#
+hostname-s1:hostname
diff --git a/sample/pap-secrets b/sample/pap-secrets
new file mode 100644
index 0000000..098971b
--- /dev/null
+++ b/sample/pap-secrets
@@ -0,0 +1,28 @@
+# Secrets for authentication using PAP
+# client server secret IP addresses
+
+# OUTBOUND CONNECTIONS
+# Here you should add your userid password to connect to your providers via
+# pap. The * means that the password is to be used for ANY host you connect
+# to. Thus you do not have to worry about the foreign machine name. Just
+# replace password with your password.
+# If you have different providers with different passwords then you better
+# remove the following line.
+#hostname * password
+
+# INBOUND CONNECTIONS
+#client hostname <password> 192.168.1.1
+
+# If you add "auth login -chap +pap" to /etc/mgetty+sendfax/login.config,
+# all users in /etc/passwd can use their password for pap-authentication.
+#
+# Every regular user can use PPP and has to use passwords from /etc/passwd
+#* hostname ""
+# UserIDs that cannot use PPP at all. Check your /etc/passwd and add any
+# other accounts that should not be able to use pppd! Replace hostname
+# with your local hostname.
+#guest hostname "*" -
+#master hostname "*" -
+#root hostname "*" -
+#support hostname "*" -
+#stats hostname "*" -
--
1.8.3.1

120
SOURCES/0005-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch Normal file
View File

@ -0,0 +1,120 @@
From 69711944745af0078da77e108d30f89fd7e06108 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 12:01:33 +0200
Subject: [PATCH 05/27] build-sys: don't hardcode LIBDIR, but set it according
to the target platform
---
pppd/Makefile.linux | 3 ++-
pppd/pathnames.h | 2 +-
pppd/plugins/Makefile.linux | 2 +-
pppd/plugins/pppoatm/Makefile.linux | 2 +-
pppd/plugins/pppol2tp/Makefile.linux | 4 ++--
pppd/plugins/radius/Makefile.linux | 2 +-
pppd/plugins/rp-pppoe/Makefile.linux | 2 +-
7 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 63872eb..8ed56c1 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -8,6 +8,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
INCDIR = $(DESTDIR)/include
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)
TARGETS = pppd
@@ -32,7 +33,7 @@ endif
CC = gcc
#
-COPTS = -Wall $(RPM_OPT_FLAGS)
+COPTS = -Wall $(RPM_OPT_FLAGS) -DLIBDIR=\""$(LIBDIR)"\"
# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index a33f046..a427cb8 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -57,7 +57,7 @@
#ifdef PLUGIN
#ifdef __STDC__
-#define _PATH_PLUGIN DESTDIR "/lib/pppd/" VERSION
+#define _PATH_PLUGIN LIBDIR "/pppd/" VERSION
#else /* __STDC__ */
#define _PATH_PLUGIN "/usr/lib/pppd"
#endif /* __STDC__ */
diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
index e09a369..b474a19 100644
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
@@ -7,7 +7,7 @@ INSTALL = install
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell $(CC) -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
SUBDIRS := rp-pppoe pppoatm pppol2tp
# Uncomment the next line to include the radius authentication plugin
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 5a81447..769794b 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -7,7 +7,7 @@ INSTALL = install
#***********************************************************************
DESTDIR = $(INSTROOT)@DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index ea3538e..4339566 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -6,8 +6,8 @@ INSTALL = install
#***********************************************************************
-DESTDIR = @DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+DESTDIR = $(INSTROOT)@DESTDIR@
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 45b3b8d..179d0b7 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -5,7 +5,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 352991a..1305ed8 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -16,7 +16,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
-LIBDIR = $(DESTDIR)/lib/pppd/$(PPPDVERSION)
+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
--
1.8.3.1

85
SOURCES/0006-scritps-use-change_resolv_conf-function.patch Normal file
View File

@ -0,0 +1,85 @@
From 01419dfb684d501b57f1c24dcfdbcf9da93ccca2 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:12:47 +0200
Subject: [PATCH 06/27] scritps: use change_resolv_conf function
Don't handle /etc/resolv.conf manually, but use a helper function from
initscripts. Also change path where we save DNS servers supplied by peer while
we are at it.
Resolves: #132482
---
pppd/pppd.8 | 2 +-
scripts/ip-down.local.add | 9 +++++----
scripts/ip-up.local.add | 17 ++++++++++-------
3 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/pppd/pppd.8 b/pppd/pppd.8
index e2768b1..2dd6e1a 100644
--- a/pppd/pppd.8
+++ b/pppd/pppd.8
@@ -1099,7 +1099,7 @@ Ask the peer for up to 2 DNS server addresses. The addresses supplied
by the peer (if any) are passed to the /etc/ppp/ip\-up script in the
environment variables DNS1 and DNS2, and the environment variable
USEPEERDNS will be set to 1. In addition, pppd will create an
-/etc/ppp/resolv.conf file containing one or two nameserver lines with
+/var/run/ppp/resolv.conf file containing one or two nameserver lines with
the address(es) supplied by the peer.
.TP
.B user \fIname
diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add
index b93590e..163f71e 100644
--- a/scripts/ip-down.local.add
+++ b/scripts/ip-down.local.add
@@ -9,12 +9,13 @@
#
# Nick Walker (nickwalker@email.com)
#
+. /etc/sysconfig/network-scripts/network-functions
-if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
- if [ -f /etc/ppp/resolv.prev ]; then
- cp -f /etc/ppp/resolv.prev /etc/resolv.conf
+if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
+ if [ -f /var/run/ppp/resolv.prev ]; then
+ change_resolv_conf /var/run/ppp/resolv.prev
else
- rm -f /etc/resolv.conf
+ change_resolv_conf
fi
fi
diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
index 8017209..26cf5f8 100644
--- a/scripts/ip-up.local.add
+++ b/scripts/ip-up.local.add
@@ -9,16 +9,19 @@
#
# Nick Walker (nickwalker@email.com)
#
+. /etc/sysconfig/network-scripts/network-functions
-if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
- rm -f /etc/ppp/resolv.prev
+if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
+ rm -f /var/run/ppp/resolv.prev
if [ -f /etc/resolv.conf ]; then
- cp /etc/resolv.conf /etc/ppp/resolv.prev
- grep domain /etc/ppp/resolv.prev > /etc/resolv.conf
- grep search /etc/ppp/resolv.prev >> /etc/resolv.conf
- cat /etc/ppp/resolv.conf >> /etc/resolv.conf
+ cp /etc/resolv.conf /var/run/ppp/resolv.prev
+ rscf=/var/run/ppp/resolv.new
+ grep domain /var/run/ppp/resolv.prev > $rscf
+ grep search /var/run/ppp/resolv.prev >> $rscf
+ change_resolv_conf $rscf
+ rm -f $rscf
else
- cp /etc/ppp/resolv.conf /etc
+ change_resolv_conf /var/run/ppp/resolv.conf
fi
fi
--
1.8.3.1

111
SOURCES/0007-build-sys-don-t-strip-binaries-during-installation.patch Normal file
View File

@ -0,0 +1,111 @@
From b9fb631a493c5f1b490c8e9645eb6ebab4b25cc8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:37:00 +0200
Subject: [PATCH 07/27] build-sys: don't strip binaries during installation
We don't want that when building rpms. rpmbuild does final stripping of binaries
for us and generetes debuginfo rpm.
---
chat/Makefile.linux | 2 +-
pppd/Makefile.linux | 4 ++--
pppd/plugins/radius/Makefile.linux | 6 +++---
pppd/plugins/rp-pppoe/Makefile.linux | 4 ++--
pppdump/Makefile.linux | 2 +-
pppstats/Makefile.linux | 2 +-
6 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/chat/Makefile.linux b/chat/Makefile.linux
index 848cd8d..2445637 100644
--- a/chat/Makefile.linux
+++ b/chat/Makefile.linux
@@ -25,7 +25,7 @@ chat.o: chat.c
install: chat
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c chat $(BINDIR)
+ $(INSTALL) -c chat $(BINDIR)
$(INSTALL) -c -m 644 chat.8 $(MANDIR)
clean:
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 8ed56c1..4f27100 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -102,7 +102,7 @@ ifdef USE_SRP
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
TARGETS += srp-entry
-EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
EXTRACLEAN += srp-entry.o
NEEDDES=y
@@ -208,7 +208,7 @@ all: $(TARGETS)
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 179d0b7..707326b 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -36,9 +36,9 @@ all: $(PLUGIN)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radius.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radattr.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radrealms.so $(LIBDIR)
$(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 1305ed8..3cd9101 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -43,9 +43,9 @@ rp-pppoe.so: plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR)
+ $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
$(INSTALL) -d -m 755 $(BINDIR)
- $(INSTALL) -s -c -m 555 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
clean:
rm -f *.o *.so pppoe-discovery
diff --git a/pppdump/Makefile.linux b/pppdump/Makefile.linux
index d0a5032..95c6805 100644
--- a/pppdump/Makefile.linux
+++ b/pppdump/Makefile.linux
@@ -17,5 +17,5 @@ clean:
install:
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c pppdump $(BINDIR)
+ $(INSTALL) -c pppdump $(BINDIR)
$(INSTALL) -c -m 444 pppdump.8 $(MANDIR)
diff --git a/pppstats/Makefile.linux b/pppstats/Makefile.linux
index 42aba73..c5ba3b1 100644
--- a/pppstats/Makefile.linux
+++ b/pppstats/Makefile.linux
@@ -22,7 +22,7 @@ all: pppstats
install: pppstats
-mkdir -p $(MANDIR)
- $(INSTALL) -s -c pppstats $(BINDIR)
+ $(INSTALL) -c pppstats $(BINDIR)
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)
--
1.8.3.1

89
SOURCES/0008-build-sys-use-prefix-usr-instead-of-usr-local.patch Normal file
View File

@ -0,0 +1,89 @@
From 343728d5de6e44bd67923503e62eefaad50760a4 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:47:01 +0200
Subject: [PATCH 08/27] build-sys: use prefix /usr instead of /usr/local
---
configure | 2 +-
pppd/Makefile.linux | 4 ++--
scripts/ppp-on-rsh | 2 +-
scripts/ppp-on-ssh | 4 ++--
scripts/secure-card | 2 +-
5 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/configure b/configure
index 6a55e0f..db54d77 100755
--- a/configure
+++ b/configure
@@ -2,7 +2,7 @@
# $Id: configure,v 1.38 2008/06/15 07:08:49 paulus Exp $
# Where to install stuff by default
-DESTDIR=/usr/local
+DESTDIR=/usr
SYSCONF=/etc
# if [ -d /NextApps ]; then
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 4f27100..95c2598 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -99,8 +99,8 @@ endif
# EAP SRP-SHA1
ifdef USE_SRP
-CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
-LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
+CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/include/openssl
+LIBS += -lsrp -L/usr/lib -lcrypto
TARGETS += srp-entry
EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
diff --git a/scripts/ppp-on-rsh b/scripts/ppp-on-rsh
index 30a50db..a80616a 100755
--- a/scripts/ppp-on-rsh
+++ b/scripts/ppp-on-rsh
@@ -26,7 +26,7 @@ PPPD_RHOST=myremotehost
# For this example, we assume that pppd on both local and remote
# machines reside in the same place, /usr/local/bin/pppd
#
-PPPD_LOC=/usr/local/bin/pppd
+PPPD_LOC=/usr/sbin/pppd
#
# The location of local options file (where rsh client is running).
diff --git a/scripts/ppp-on-ssh b/scripts/ppp-on-ssh
index 0e41aca..c27e80a 100755
--- a/scripts/ppp-on-ssh
+++ b/scripts/ppp-on-ssh
@@ -26,7 +26,7 @@ PPPD_RHOST=myremotehost
# For this example, we assume that pppd on both local and remote
# machines reside in the same place, /usr/local/bin/pppd
#
-PPPD_LOC=/usr/local/bin/pppd
+PPPD_LOC=/usr/sbin/pppd
#
# The location of local options file (where ssh client is running).
@@ -52,7 +52,7 @@ PPPD_REM_OPT=/etc/ppp/options-ssh-rem
#
# The location of ssh client on the local machine
#
-SSH_LOC=/usr/local/bin/ssh
+SSH_LOC=/usr/bin/ssh
export PPPD_LOC PPPD_LOC_OPT PPPD_REM_OPT PPPD_RHOST SSH_LOC
diff --git a/scripts/secure-card b/scripts/secure-card
index 0002365..ae3ae50 100755
--- a/scripts/secure-card
+++ b/scripts/secure-card
@@ -1,4 +1,4 @@
-#!/usr/local/bin/expect -f
+#!/usr/bin/expect -f
#
# This script was written by Jim Isaacson <jcisaac@crl.com>. It is
# designed to work as a script to use the SecureCARD(tm) device. This
--
1.8.3.1

57
SOURCES/0009-pppd-introduce-ipv6-accept-remote.patch Normal file
View File

@ -0,0 +1,57 @@
From abef895f9d144f05a83045136b77277352dc450f Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2@fedoraproject.org>
Date: Fri, 4 Apr 2014 18:53:33 +0200
Subject: [PATCH 09/27] pppd: introduce ipv6-accept-remote
---
pppd/ipv6cp.c | 5 ++++-
pppd/ipv6cp.h | 3 ++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/pppd/ipv6cp.c b/pppd/ipv6cp.c
index caa2b26..5a56c95 100644
--- a/pppd/ipv6cp.c
+++ b/pppd/ipv6cp.c
@@ -245,6 +245,8 @@ static option_t ipv6cp_option_list[] = {
{ "ipv6cp-accept-local", o_bool, &ipv6cp_allowoptions[0].accept_local,
"Accept peer's interface identifier for us", 1 },
+ { "ipv6cp-accept-remote", o_bool, &ipv6cp_allowoptions[0].accept_remote,
+ "Accept peer's interface identifier for itself", 1 },
{ "ipv6cp-use-ipaddr", o_bool, &ipv6cp_allowoptions[0].use_ip,
"Use (default) IPv4 address as interface identifier", 1 },
@@ -437,6 +439,7 @@ ipv6cp_init(unit)
memset(ao, 0, sizeof(*ao));
wo->accept_local = 1;
+ wo->accept_remote = 1;
wo->neg_ifaceid = 1;
ao->neg_ifaceid = 1;
@@ -962,7 +965,7 @@ ipv6cp_reqci(f, inp, len, reject_if_disagree)
orc = CONFREJ; /* Reject CI */
break;
}
- if (!eui64_iszero(wo->hisid) &&
+ if (!eui64_iszero(wo->hisid) && !wo->accept_remote &&
!eui64_equals(ifaceid, wo->hisid) &&
eui64_iszero(go->hisid)) {
diff --git a/pppd/ipv6cp.h b/pppd/ipv6cp.h
index cc4568d..8c7552e 100644
--- a/pppd/ipv6cp.h
+++ b/pppd/ipv6cp.h
@@ -150,7 +150,8 @@
typedef struct ipv6cp_options {
int neg_ifaceid; /* Negotiate interface identifier? */
int req_ifaceid; /* Ask peer to send interface identifier? */
- int accept_local; /* accept peer's value for iface id? */
+ int accept_local; /* accept peer's value for our iface id? */
+ int accept_remote; /* accept peer's value for his iface id? */
int opt_local; /* ourtoken set by option */
int opt_remote; /* histoken set by option */
int use_ip; /* use IP as interface identifier */
--
1.8.3.1

26
SOURCES/0010-build-sys-enable-CBCP.patch Normal file
View File

@ -0,0 +1,26 @@
From 8015a0ef23a874f288d5e77ffafe1d7f4281725d Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 18:59:24 +0200
Subject: [PATCH 10/27] build-sys: enable CBCP
Resolves: #199278
---
pppd/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 95c2598..65700fa 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -68,7 +68,7 @@ HAVE_INET6=y
PLUGIN=y
# Enable Microsoft proprietary Callback Control Protocol
-#CBCP=y
+CBCP=y
# Enable EAP SRP-SHA1 authentication (requires libsrp)
#USE_SRP=y
--
1.8.3.1

77
SOURCES/0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch Normal file
View File

@ -0,0 +1,77 @@
From b4ef433be936c90e356da7a590b032cdee219a3f Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 4 Apr 2014 19:06:05 +0200
Subject: [PATCH 11/27] build-sys: don't put connect-errors log to /etc/ppp/
Resolves: #118837
---
chat/chat.8 | 2 +-
linux/Makefile.top | 8 +++++++-
pppd/pathnames.h | 4 ++--
3 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/chat/chat.8 b/chat/chat.8
index 6d10836..78d6939 100644
--- a/chat/chat.8
+++ b/chat/chat.8
@@ -200,7 +200,7 @@ The \fBSAY\fR directive allows the script to send strings to the user
at the terminal via standard error. If \fBchat\fR is being run by
pppd, and pppd is running as a daemon (detached from its controlling
terminal), standard error will normally be redirected to the file
-/etc/ppp/connect\-errors.
+/var/log/ppp/connect\-errors.
.LP
\fBSAY\fR strings must be enclosed in single or double quotes. If
carriage return and line feed are needed in the string to be output,
diff --git a/linux/Makefile.top b/linux/Makefile.top
index f63d45e..f42efd5 100644
--- a/linux/Makefile.top
+++ b/linux/Makefile.top
@@ -5,6 +5,8 @@ BINDIR = $(DESTDIR)/sbin
INCDIR = $(DESTDIR)/include
MANDIR = $(DESTDIR)/share/man
ETCDIR = $(INSTROOT)@SYSCONF@/ppp
+RUNDIR = $(DESTDIR)/var/run/ppp
+LOGDIR = $(DESTDIR)/var/log/ppp
# uid 0 = root
INSTALL= install
@@ -16,7 +18,7 @@ all:
cd pppstats; $(MAKE) $(MFLAGS) all
cd pppdump; $(MAKE) $(MFLAGS) all
-install: $(BINDIR) $(MANDIR)/man8 install-progs install-devel
+install: $(BINDIR) $(RUNDIR) $(LOGDIR) $(MANDIR)/man8 install-progs install-devel
install-progs:
cd chat; $(MAKE) $(MFLAGS) install
@@ -44,6 +46,10 @@ $(MANDIR)/man8:
$(INSTALL) -d -m 755 $@
$(ETCDIR):
$(INSTALL) -d -m 755 $@
+$(RUNDIR):
+ $(INSTALL) -d -m 755 $@
+$(LOGDIR):
+ $(INSTALL) -d -m 755 $@
clean:
rm -f `find . -name '*.[oas]' -print`
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index a427cb8..bef3160 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -28,9 +28,9 @@
#define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up"
#define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down"
#define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options."
-#define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors"
+#define _PATH_CONNERRS _ROOT_PATH "/var/log/ppp/connect-errors"
#define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/"
-#define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf"
+#define _PATH_RESOLV _ROOT_PATH "/var/run/ppp/resolv.conf"
#define _PATH_USEROPT ".ppprc"
#define _PATH_PSEUDONYM ".ppp_pseudonym"
--
1.8.3.1

143
SOURCES/0012-pppd-we-don-t-want-to-accidentally-leak-fds.patch Normal file
View File

@ -0,0 +1,143 @@
From 82cd789df0f022eb6f3d28646e7a61d1d0715805 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 12:23:36 +0200
Subject: [PATCH 12/27] pppd: we don't want to accidentally leak fds
---
pppd/auth.c | 20 ++++++++++----------
pppd/options.c | 2 +-
pppd/sys-linux.c | 4 ++--
3 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/pppd/auth.c b/pppd/auth.c
index 4271af6..9e957fa 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -428,7 +428,7 @@ setupapfile(argv)
option_error("unable to reset uid before opening %s: %m", fname);
return 0;
}
- ufile = fopen(fname, "r");
+ ufile = fopen(fname, "re");
if (seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
if (ufile == NULL) {
@@ -1413,7 +1413,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg)
filename = _PATH_UPAPFILE;
addrs = opts = NULL;
ret = UPAP_AUTHNAK;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL) {
error("Can't open PAP password file %s: %m", filename);
@@ -1512,7 +1512,7 @@ null_login(unit)
if (ret <= 0) {
filename = _PATH_UPAPFILE;
addrs = NULL;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
check_access(f, filename);
@@ -1559,7 +1559,7 @@ get_pap_passwd(passwd)
}
filename = _PATH_UPAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
check_access(f, filename);
@@ -1597,7 +1597,7 @@ have_pap_secret(lacks_ipp)
}
filename = _PATH_UPAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1642,7 +1642,7 @@ have_chap_secret(client, server, need_ip, lacks_ipp)
}
filename = _PATH_CHAPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1684,7 +1684,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp)
struct wordlist *addrs;
filename = _PATH_SRPFILE;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL)
return 0;
@@ -1740,7 +1740,7 @@ get_secret(unit, client, server, secret, secret_len, am_server)
addrs = NULL;
secbuf[0] = 0;
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
if (f == NULL) {
error("Can't open chap secret file %s: %m", filename);
return 0;
@@ -1797,7 +1797,7 @@ get_srp_secret(unit, client, server, secret, am_server)
filename = _PATH_SRPFILE;
addrs = NULL;
- fp = fopen(filename, "r");
+ fp = fopen(filename, "re");
if (fp == NULL) {
error("Can't open srp secret file %s: %m", filename);
return 0;
@@ -2203,7 +2203,7 @@ scan_authfile(f, client, server, secret, addrs, opts, filename, flags)
*/
if (word[0] == '@' && word[1] == '/') {
strlcpy(atfile, word+1, sizeof(atfile));
- if ((sf = fopen(atfile, "r")) == NULL) {
+ if ((sf = fopen(atfile, "re")) == NULL) {
warn("can't open indirect secret file %s", atfile);
continue;
}
diff --git a/pppd/options.c b/pppd/options.c
index 45fa742..1d754ae 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -427,7 +427,7 @@ options_from_file(filename, must_exist, check_prot, priv)
option_error("unable to drop privileges to open %s: %m", filename);
return 0;
}
- f = fopen(filename, "r");
+ f = fopen(filename, "re");
err = errno;
if (check_prot && seteuid(euid) == -1)
fatal("unable to regain privileges");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 72a7727..8a12fa0 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -1412,7 +1412,7 @@ static char *path_to_procfs(const char *tail)
/* Default the mount location of /proc */
strlcpy (proc_path, "/proc", sizeof(proc_path));
proc_path_len = 5;
- fp = fopen(MOUNTED, "r");
+ fp = fopen(MOUNTED, "re");
if (fp != NULL) {
while ((mntent = getmntent(fp)) != NULL) {
if (strcmp(mntent->mnt_type, MNTTYPE_IGNORE) == 0)
@@ -1472,7 +1472,7 @@ static int open_route_table (void)
close_route_table();
path = path_to_procfs("/net/route");
- route_fd = fopen (path, "r");
+ route_fd = fopen (path, "re");
if (route_fd == NULL) {
error("can't open routing table %s: %m", path);
return 0;
--
1.8.3.1

241
SOURCES/0013-everywhere-O_CLOEXEC-harder.patch Normal file
View File

@ -0,0 +1,241 @@
From 302c1b736cb656c7885a0cba270fd953a672d8a8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 13:56:34 +0200
Subject: [PATCH 13/27] everywhere: O_CLOEXEC harder
---
pppd/eap.c | 2 +-
pppd/main.c | 4 ++--
pppd/options.c | 4 ++--
pppd/sys-linux.c | 22 +++++++++++-----------
pppd/tdb.c | 4 ++--
pppd/tty.c | 4 ++--
pppd/utils.c | 6 +++---
7 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/pppd/eap.c b/pppd/eap.c
index 6ea6c1f..faced53 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
@@ -1226,7 +1226,7 @@ mode_t modebits;
if ((path = name_of_pn_file()) == NULL)
return (-1);
- fd = open(path, modebits, S_IRUSR | S_IWUSR);
+ fd = open(path, modebits, S_IRUSR | S_IWUSR | O_CLOEXEC);
err = errno;
free(path);
errno = err;
diff --git a/pppd/main.c b/pppd/main.c
index 6d50d1b..4880377 100644
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -420,7 +420,7 @@ main(argc, argv)
die(0);
/* Make sure fds 0, 1, 2 are open to somewhere. */
- fd_devnull = open(_PATH_DEVNULL, O_RDWR);
+ fd_devnull = open(_PATH_DEVNULL, O_RDWR | O_CLOEXEC);
if (fd_devnull < 0)
fatal("Couldn't open %s: %m", _PATH_DEVNULL);
while (fd_devnull <= 2) {
@@ -1679,7 +1679,7 @@ device_script(program, in, out, dont_wait)
if (log_to_fd >= 0)
errfd = log_to_fd;
else
- errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0600);
+ errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC, 0600);
++conn_running;
pid = safe_fork(in, out, errfd);
diff --git a/pppd/options.c b/pppd/options.c
index 1d754ae..8e62635 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -1544,9 +1544,9 @@ setlogfile(argv)
option_error("unable to drop permissions to open %s: %m", *argv);
return 0;
}
- fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644);
+ fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL | O_CLOEXEC, 0644);
if (fd < 0 && errno == EEXIST)
- fd = open(*argv, O_WRONLY | O_APPEND);
+ fd = open(*argv, O_WRONLY | O_APPEND | O_CLOEXEC);
err = errno;
if (!privileged_option && seteuid(euid) == -1)
fatal("unable to regain privileges: %m");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 8a12fa0..00a2cf5 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -459,7 +459,7 @@ int generic_establish_ppp (int fd)
goto err;
}
dbglog("using channel %d", chindex);
- fd = open("/dev/ppp", O_RDWR);
+ fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (fd < 0) {
error("Couldn't reopen /dev/ppp: %m");
goto err;
@@ -619,7 +619,7 @@ static int make_ppp_unit()
dbglog("in make_ppp_unit, already had /dev/ppp open?");
close(ppp_dev_fd);
}
- ppp_dev_fd = open("/dev/ppp", O_RDWR);
+ ppp_dev_fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (ppp_dev_fd < 0)
fatal("Couldn't open /dev/ppp: %m");
flags = fcntl(ppp_dev_fd, F_GETFL);
@@ -693,7 +693,7 @@ int bundle_attach(int ifnum)
if (!new_style_driver)
return -1;
- master_fd = open("/dev/ppp", O_RDWR);
+ master_fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (master_fd < 0)
fatal("Couldn't open /dev/ppp: %m");
if (ioctl(master_fd, PPPIOCATTACH, &ifnum) < 0) {
@@ -1715,7 +1715,7 @@ int sifproxyarp (int unit, u_int32_t his_adr)
if (tune_kernel) {
forw_path = path_to_procfs("/sys/net/ipv4/ip_forward");
if (forw_path != 0) {
- int fd = open(forw_path, O_WRONLY);
+ int fd = open(forw_path, O_WRONLY | O_CLOEXEC);
if (fd >= 0) {
if (write(fd, "1", 1) != 1)
error("Couldn't enable IP forwarding: %m");
@@ -2030,7 +2030,7 @@ int ppp_available(void)
sscanf(utsname.release, "%d.%d.%d", &osmaj, &osmin, &ospatch);
kernel_version = KVERSION(osmaj, osmin, ospatch);
- fd = open("/dev/ppp", O_RDWR);
+ fd = open("/dev/ppp", O_RDWR | O_CLOEXEC);
if (fd >= 0) {
new_style_driver = 1;
@@ -2208,7 +2208,7 @@ void logwtmp (const char *line, const char *name, const char *host)
#if __GLIBC__ >= 2
updwtmp(_PATH_WTMP, &ut);
#else
- wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY);
+ wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY|O_CLOEXEC);
if (wtmp >= 0) {
flock(wtmp, LOCK_EX);
@@ -2394,7 +2394,7 @@ int sifaddr (int unit, u_int32_t our_adr, u_int32_t his_adr,
int fd;
path = path_to_procfs("/sys/net/ipv4/ip_dynaddr");
- if (path != 0 && (fd = open(path, O_WRONLY)) >= 0) {
+ if (path != 0 && (fd = open(path, O_WRONLY | O_CLOEXEC)) >= 0) {
if (write(fd, "1", 1) != 1)
error("Couldn't enable dynamic IP addressing: %m");
close(fd);
@@ -2570,7 +2570,7 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
/*
* Try the unix98 way first.
*/
- mfd = open("/dev/ptmx", O_RDWR);
+ mfd = open("/dev/ptmx", O_RDWR | O_CLOEXEC);
if (mfd >= 0) {
int ptn;
if (ioctl(mfd, TIOCGPTN, &ptn) >= 0) {
@@ -2581,7 +2581,7 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
if (ioctl(mfd, TIOCSPTLCK, &ptn) < 0)
warn("Couldn't unlock pty slave %s: %m", pty_name);
#endif
- if ((sfd = open(pty_name, O_RDWR | O_NOCTTY)) < 0)
+ if ((sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC)) < 0)
warn("Couldn't open pty slave %s: %m", pty_name);
}
}
@@ -2592,10 +2592,10 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
for (i = 0; i < 64; ++i) {
slprintf(pty_name, sizeof(pty_name), "/dev/pty%c%x",
'p' + i / 16, i % 16);
- mfd = open(pty_name, O_RDWR, 0);
+ mfd = open(pty_name, O_RDWR | O_CLOEXEC, 0);
if (mfd >= 0) {
pty_name[5] = 't';
- sfd = open(pty_name, O_RDWR | O_NOCTTY, 0);
+ sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC, 0);
if (sfd >= 0) {
fchown(sfd, uid, -1);
fchmod(sfd, S_IRUSR | S_IWUSR);
diff --git a/pppd/tdb.c b/pppd/tdb.c
index bdc5828..c7ab71c 100644
--- a/pppd/tdb.c
+++ b/pppd/tdb.c
@@ -1724,7 +1724,7 @@ TDB_CONTEXT *tdb_open_ex(const char *name, int hash_size, int tdb_flags,
goto internal;
}
- if ((tdb->fd = open(name, open_flags, mode)) == -1) {
+ if ((tdb->fd = open(name, open_flags | O_CLOEXEC, mode)) == -1) {
TDB_LOG((tdb, 5, "tdb_open_ex: could not open file %s: %s\n",
name, strerror(errno)));
goto fail; /* errno set by open(2) */
@@ -1967,7 +1967,7 @@ int tdb_reopen(TDB_CONTEXT *tdb)
}
if (close(tdb->fd) != 0)
TDB_LOG((tdb, 0, "tdb_reopen: WARNING closing tdb->fd failed!\n"));
- tdb->fd = open(tdb->name, tdb->open_flags & ~(O_CREAT|O_TRUNC), 0);
+ tdb->fd = open(tdb->name, (tdb->open_flags & ~(O_CREAT|O_TRUNC)) | O_CLOEXEC, 0);
if (tdb->fd == -1) {
TDB_LOG((tdb, 0, "tdb_reopen: open failed (%s)\n", strerror(errno)));
goto fail;
diff --git a/pppd/tty.c b/pppd/tty.c
index d571b11..bc96695 100644
--- a/pppd/tty.c
+++ b/pppd/tty.c
@@ -569,7 +569,7 @@ int connect_tty()
status = EXIT_OPEN_FAILED;
goto errret;
}
- real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0);
+ real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR | O_CLOEXEC, 0);
err = errno;
if (prio < OPRIO_ROOT && seteuid(0) == -1)
fatal("Unable to regain privileges");
@@ -723,7 +723,7 @@ int connect_tty()
if (connector == NULL && modem && devnam[0] != 0) {
int i;
for (;;) {
- if ((i = open(devnam, O_RDWR)) >= 0)
+ if ((i = open(devnam, O_RDWR | O_CLOEXEC)) >= 0)
break;
if (errno != EINTR) {
error("Failed to reopen %s: %m", devnam);
diff --git a/pppd/utils.c b/pppd/utils.c
index 29bf970..6051b9a 100644
--- a/pppd/utils.c
+++ b/pppd/utils.c
@@ -918,14 +918,14 @@ lock(dev)
slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", LOCK_DIR, dev);
#endif
- while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) {
+ while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR | O_CLOEXEC, 0644)) < 0) {
if (errno != EEXIST) {
error("Can't create lock file %s: %m", lock_file);
break;
}
/* Read the lock file to find out who has the device locked. */
- fd = open(lock_file, O_RDONLY, 0);
+ fd = open(lock_file, O_RDONLY | O_CLOEXEC, 0);
if (fd < 0) {
if (errno == ENOENT) /* This is just a timing problem. */
continue;
@@ -1004,7 +1004,7 @@ relock(pid)
if (lock_file[0] == 0)
return -1;
- fd = open(lock_file, O_WRONLY, 0);
+ fd = open(lock_file, O_WRONLY | O_CLOEXEC, 0);
if (fd < 0) {
error("Couldn't reopen lock file %s: %m", lock_file);
lock_file[0] = 0;
--
1.8.3.1

174
SOURCES/0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch Normal file
View File

@ -0,0 +1,174 @@
From 2a97ab28ee00586e5f06b3ef3a0e43ea0c7c6499 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 14:21:41 +0200
Subject: [PATCH 14/27] everywhere: use SOCK_CLOEXEC when creating socket
---
pppd/plugins/pppoatm/pppoatm.c | 2 +-
pppd/plugins/pppol2tp/openl2tp.c | 2 +-
pppd/plugins/pppol2tp/pppol2tp.c | 2 +-
pppd/plugins/rp-pppoe/if.c | 2 +-
pppd/plugins/rp-pppoe/plugin.c | 6 +++---
pppd/plugins/rp-pppoe/pppoe-discovery.c | 2 +-
pppd/sys-linux.c | 10 +++++-----
pppd/tty.c | 2 +-
8 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/pppd/plugins/pppoatm/pppoatm.c b/pppd/plugins/pppoatm/pppoatm.c
index d693350..c31bb34 100644
--- a/pppd/plugins/pppoatm/pppoatm.c
+++ b/pppd/plugins/pppoatm/pppoatm.c
@@ -135,7 +135,7 @@ static int connect_pppoatm(void)
if (!device_got_set)
no_device_given_pppoatm();
- fd = socket(AF_ATMPVC, SOCK_DGRAM, 0);
+ fd = socket(AF_ATMPVC, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (fd < 0)
fatal("failed to create socket: %m");
memset(&qos, 0, sizeof qos);
diff --git a/pppd/plugins/pppol2tp/openl2tp.c b/pppd/plugins/pppol2tp/openl2tp.c
index 9643b96..1099575 100644
--- a/pppd/plugins/pppol2tp/openl2tp.c
+++ b/pppd/plugins/pppol2tp/openl2tp.c
@@ -83,7 +83,7 @@ static int openl2tp_client_create(void)
int result;
if (openl2tp_fd < 0) {
- openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM, 0);
+ openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (openl2tp_fd < 0) {
error("openl2tp connection create: %m");
return -ENOTCONN;
diff --git a/pppd/plugins/pppol2tp/pppol2tp.c b/pppd/plugins/pppol2tp/pppol2tp.c
index a7e3400..e64a778 100644
--- a/pppd/plugins/pppol2tp/pppol2tp.c
+++ b/pppd/plugins/pppol2tp/pppol2tp.c
@@ -208,7 +208,7 @@ static void send_config_pppol2tp(int mtu,
struct ifreq ifr;
int fd;
- fd = socket(AF_INET, SOCK_DGRAM, 0);
+ fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (fd >= 0) {
memset (&ifr, '\0', sizeof (ifr));
strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
diff --git a/pppd/plugins/rp-pppoe/if.c b/pppd/plugins/rp-pppoe/if.c
index 91e9a57..72aba41 100644
--- a/pppd/plugins/rp-pppoe/if.c
+++ b/pppd/plugins/rp-pppoe/if.c
@@ -116,7 +116,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
stype = SOCK_PACKET;
#endif
- if ((fd = socket(domain, stype, htons(type))) < 0) {
+ if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) {
/* Give a more helpful message for the common error case */
if (errno == EPERM) {
fatal("Cannot create raw socket -- pppoe must be run as root.");
diff --git a/pppd/plugins/rp-pppoe/plugin.c b/pppd/plugins/rp-pppoe/plugin.c
index a8c2bb4..24bdf8f 100644
--- a/pppd/plugins/rp-pppoe/plugin.c
+++ b/pppd/plugins/rp-pppoe/plugin.c
@@ -137,7 +137,7 @@ PPPOEConnectDevice(void)
/* server equipment). */
/* Opening this socket just before waitForPADS in the discovery() */
/* function would be more appropriate, but it would mess-up the code */
- conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM, PX_PROTO_OE);
+ conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM | SOCK_CLOEXEC, PX_PROTO_OE);
if (conn->sessionSocket < 0) {
error("Failed to create PPPoE socket: %m");
return -1;
@@ -148,7 +148,7 @@ PPPOEConnectDevice(void)
lcp_wantoptions[0].mru = conn->mru;
/* Update maximum MRU */
- s = socket(AF_INET, SOCK_DGRAM, 0);
+ s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (s < 0) {
error("Can't get MTU for %s: %m", conn->ifName);
goto errout;
@@ -320,7 +320,7 @@ PPPoEDevnameHook(char *cmd, char **argv, int doit)
}
/* Open a socket */
- if ((fd = socket(PF_PACKET, SOCK_RAW, 0)) < 0) {
+ if ((fd = socket(PF_PACKET, SOCK_RAW | SOCK_CLOEXEC, 0)) < 0) {
r = 0;
}
diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c
index 3d3bf4e..c0d927d 100644
--- a/pppd/plugins/rp-pppoe/pppoe-discovery.c
+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c
@@ -121,7 +121,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
stype = SOCK_PACKET;
#endif
- if ((fd = socket(domain, stype, htons(type))) < 0) {
+ if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) {
/* Give a more helpful message for the common error case */
if (errno == EPERM) {
rp_fatal("Cannot create raw socket -- pppoe must be run as root.");
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 00a2cf5..0690019 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -308,12 +308,12 @@ static int modify_flags(int fd, int clear_bits, int set_bits)
void sys_init(void)
{
/* Get an internet socket for doing socket ioctls. */
- sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+ sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock_fd < 0)
fatal("Couldn't create IP socket: %m(%d)", errno);
#ifdef INET6
- sock6_fd = socket(AF_INET6, SOCK_DGRAM, 0);
+ sock6_fd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock6_fd < 0)
sock6_fd = -errno; /* save errno for later */
#endif
@@ -1857,7 +1857,7 @@ get_if_hwaddr(u_char *addr, char *name)
struct ifreq ifreq;
int ret, sock_fd;
- sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+ sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sock_fd < 0)
return 0;
memset(&ifreq.ifr_hwaddr, 0, sizeof(struct sockaddr));
@@ -2067,7 +2067,7 @@ int ppp_available(void)
/*
* Open a socket for doing the ioctl operations.
*/
- s = socket(AF_INET, SOCK_DGRAM, 0);
+ s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (s < 0)
return 0;
@@ -2860,7 +2860,7 @@ ether_to_eui64(eui64_t *p_eui64)
int skfd;
const unsigned char *ptr;
- skfd = socket(PF_INET6, SOCK_DGRAM, 0);
+ skfd = socket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if(skfd == -1)
{
warn("could not open IPv6 socket");
diff --git a/pppd/tty.c b/pppd/tty.c
index bc96695..8e76a5d 100644
--- a/pppd/tty.c
+++ b/pppd/tty.c
@@ -896,7 +896,7 @@ open_socket(dest)
*sep = ':';
/* get a socket and connect it to the other end */
- sock = socket(PF_INET, SOCK_STREAM, 0);
+ sock = socket(PF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (sock < 0) {
error("Can't create socket: %m");
return -1;
--
1.8.3.1

44
SOURCES/0015-pppd-move-pppd-database-to-var-run-ppp.patch Normal file
View File

@ -0,0 +1,44 @@
From f2c855462ff56be4121409c7e048cd2503fe0ccf Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@fedoraproject.org>
Date: Mon, 7 Apr 2014 14:26:20 +0200
Subject: [PATCH 15/27] pppd: move pppd database to /var/run/ppp
Resolves: #560014
---
pppd/pathnames.h | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/pppd/pathnames.h b/pppd/pathnames.h
index bef3160..24e010c 100644
--- a/pppd/pathnames.h
+++ b/pppd/pathnames.h
@@ -6,8 +6,9 @@
#ifdef HAVE_PATHS_H
#include <paths.h>
-
+#define _PPP_SUBDIR "ppp/"
#else /* HAVE_PATHS_H */
+#define _PPP_SUBDIR
#ifndef _PATH_VARRUN
#define _PATH_VARRUN "/etc/ppp/"
#endif
@@ -46,13 +47,9 @@
#endif /* IPX_CHANGE */
#ifdef __STDC__
-#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN "pppd2.tdb"
+#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb"
#else /* __STDC__ */
-#ifdef HAVE_PATHS_H
-#define _PATH_PPPDB "/var/run/pppd2.tdb"
-#else
-#define _PATH_PPPDB "/etc/ppp/pppd2.tdb"
-#endif
+#define _PATH_PPPDB _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb"
#endif /* __STDC__ */
#ifdef PLUGIN
--
1.8.3.1

126
SOURCES/0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch Normal file
View File

@ -0,0 +1,126 @@
From a30efa2cc99a5b6ab220de04cbcc7db38888a17a Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 7 Apr 2014 14:29:45 +0200
Subject: [PATCH 16/27] rp-pppoe: add manpage for pppoe-discovery
---
pppd/plugins/rp-pppoe/Makefile.linux | 2 +
pppd/plugins/rp-pppoe/pppoe-discovery.8 | 86 +++++++++++++++++++++++++++++++++
2 files changed, 88 insertions(+)
create mode 100644 pppd/plugins/rp-pppoe/pppoe-discovery.8
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 3cd9101..9918091 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -16,6 +16,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
+MANDIR = $(DESTDIR)/share/man/man8
LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
@@ -46,6 +47,7 @@ install: all
$(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
$(INSTALL) -d -m 755 $(BINDIR)
$(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR)
clean:
rm -f *.o *.so pppoe-discovery
diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.8 b/pppd/plugins/rp-pppoe/pppoe-discovery.8
new file mode 100644
index 0000000..d0a93db
--- /dev/null
+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.8
@@ -0,0 +1,86 @@
+.\" pppoe-discovery.8 written by
+.\" Ben Hutchings <ben@decadentplace.org.uk>, based on pppoe.8.
+.\" Licenced under the GPL version 2 or later.
+.TH PPPOE-DISCOVERY 8
+.SH NAME
+pppoe\-discovery \- perform PPPoE discovery
+.SH SYNOPSIS
+.B pppoe\-discovery
+[
+.I options
+]
+.br
+.BR pppoe\-discovery " { " \-V " | " \-h " }"
+.SH DESCRIPTION
+.LP
+\fBpppoe\-discovery\fR performs the same discovery process as
+\fBpppoe\fR, but does not initiate a session.
+It sends a PADI packet and then prints the names of access
+concentrators in each PADO packet it receives.
+.SH OPTIONS
+.TP
+.BI \-I " interface"
+.RS
+The \fB\-I\fR option specifies the Ethernet interface to use.
+Under Linux, it is typically eth0 or eth1.
+The interface should be \(lqup\(rq before you start
+\fBpppoe\-discovery\fR, but should \fInot\fR be configured to have an
+IP address.
+The default interface is eth0.
+.RE
+.TP
+.BI \-D " file_name"
+.RS
+The \fB\-D\fR option causes every packet to be dumped to the specified
+\fIfile_name\fR.
+This is intended for debugging only.
+.RE
+.TP
+.B \-U
+.RS
+Causes \fBpppoe\-discovery\fR to use the Host-Uniq tag in its discovery
+packets.
+This lets you run multiple instances of \fBpppoe\-discovery\fR and/or
+\fBpppoe\fR without having their discovery packets interfere with one
+another.
+You must supply this option to \fIall\fR instances that you intend to
+run simultaneously.
+.RE
+.TP
+.BI \-S " service_name"
+.RS
+Specifies the desired service name.
+\fBpppoe\-discovery\fR will only accept access concentrators which can
+provide the specified service.
+In most cases, you should \fInot\fR specify this option.
+Use it only if you know that there are multiple access concentrators
+or know that you need a specific service name.
+.RE
+.TP
+.BI \-C " ac_name"
+.RS
+Specifies the desired access concentrator name.
+\fBpppoe\-discovery\fR will only accept the specified access
+concentrator.
+In most cases, you should \fInot\fR specify this option.
+Use it only if you know that there are multiple access concentrators.
+If both the \fB\-S\fR and \fB\-C\fR options are specified, they must
+\fIboth\fR match.
+.RE
+.TP
+.B \-A
+.RS
+This option is accepted for compatibility with \fBpppoe\fR, but has no
+effect.
+.RE
+.TP
+.BR \-V " | " \-h
+.RS
+Either of these options causes \fBpppoe\-discovery\fR to print its
+version number and usage information, then exit.
+.RE
+.SH AUTHORS
+\fBpppoe\-discovery\fR was written by Marco d'Itri <md@linux.it>,
+based on \fBpppoe\fR by David F. Skoll <dfs@roaringpenguin.com>.
+.SH SEE ALSO
+pppoe(8), pppoe-sniff(8)
--
1.8.3.1

27
SOURCES/0018-scritps-fix-ip-up.local-sample.patch Normal file
View File

@ -0,0 +1,27 @@
From 40960f91cdd06da387616ec838ae2599e7f01cee Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@fedoraproject.org>
Date: Mon, 7 Apr 2014 15:24:01 +0200
Subject: [PATCH 18/27] scritps: fix ip-up.local sample
Resolves: #613717
---
scripts/ip-up.local.add | 3 +++
1 file changed, 3 insertions(+)
diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
index 26cf5f8..282337c 100644
--- a/scripts/ip-up.local.add
+++ b/scripts/ip-up.local.add
@@ -18,6 +18,9 @@ if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
rscf=/var/run/ppp/resolv.new
grep domain /var/run/ppp/resolv.prev > $rscf
grep search /var/run/ppp/resolv.prev >> $rscf
+ if [ -f /var/run/ppp/resolv.conf ]; then
+ cat /var/run/ppp/resolv.conf >> $rscf
+ fi
change_resolv_conf $rscf
rm -f $rscf
else
--
1.8.3.1

383
SOURCES/0019-sys-linux-rework-get_first_ethernet.patch Normal file
View File

@ -0,0 +1,383 @@
From 6edc865bd02ab591b9121d4a5f6dc3cdbe5af809 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 9 Apr 2014 09:18:24 +0200
Subject: [PATCH 19/27] sys-linux: rework get_first_ethernet()
We can't assume that host has ethernet NIC named "eth0". Rather than guessing we
better ask udev. We iterate over symlinks symlinks in /sys/class/net and
for each device we determine if it is ethernet device and additionally we query
udev database for sub-type of the device. If we find PCI or USB device which has
ethernet datalink type and appropriate sub-type we return its name. If we don't
succeed in determining more information about device we will return "good
enough" device which in turn is first device with ethernet datalink type.
Note that we now have two copies of get_first_ethernet() in the source code. This
is bad and should be fixed in the future.
This commit replaces ppp-2.4.5-eth.patch.
Resolves: #682381
---
pppd/Makefile.linux | 3 +
pppd/multilink.c | 4 +-
pppd/plugins/rp-pppoe/Makefile.linux | 4 +-
pppd/plugins/rp-pppoe/pppoe-discovery.c | 117 +++++++++++++++++++++++++++++++-
pppd/pppd.h | 2 +-
pppd/sys-linux.c | 115 +++++++++++++++++++++++++++++--
6 files changed, 232 insertions(+), 13 deletions(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 53df4d2..0e8107f 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -32,6 +32,9 @@ include .depend
endif
CC = gcc
+
+LIBS = -ludev
+
#
COPTS = -Wall $(RPM_OPT_FLAGS) -DLIBDIR=\""$(LIBDIR)"\"
diff --git a/pppd/multilink.c b/pppd/multilink.c
index 135cab0..2f0ed50 100644
--- a/pppd/multilink.c
+++ b/pppd/multilink.c
@@ -436,12 +436,12 @@ static int
get_default_epdisc(ep)
struct epdisc *ep;
{
- char *p;
+ char *p = NULL;
struct hostent *hp;
u_int32_t addr;
/* First try for an ethernet MAC address */
- p = get_first_ethernet();
+ get_first_ethernet(&p);
if (p != 0 && get_if_hwaddr(ep->value, p) >= 0) {
ep->class = EPD_MAC;
ep->length = 6;
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 9918091..b949716 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -30,8 +30,8 @@ COPTS=$(RPM_OPT_FLAGS)
CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
all: rp-pppoe.so pppoe-discovery
-pppoe-discovery: pppoe-discovery.o debug.o
- $(CC) -o pppoe-discovery pppoe-discovery.o debug.o
+pppoe-discovery: pppoe-discovery.o debug.o common.o
+ $(CC) -o pppoe-discovery pppoe-discovery.o debug.o -ludev
pppoe-discovery.o: pppoe-discovery.c
$(CC) $(CFLAGS) -c -o pppoe-discovery.o pppoe-discovery.c
diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c
index c0d927d..2bd910f 100644
--- a/pppd/plugins/rp-pppoe/pppoe-discovery.c
+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c
@@ -47,8 +47,13 @@
#include <net/if_arp.h>
#endif
+#include <dirent.h>
+#include <sys/types.h>
+#include <libudev.h>
+
char *xstrdup(const char *s);
void usage(void);
+int get_first_ethernet(char **_r);
void die(int status)
{
@@ -681,8 +686,15 @@ int main(int argc, char *argv[])
}
/* default interface name */
- if (!conn->ifName)
- conn->ifName = strdup("eth0");
+ if (!conn->ifName) {
+ char *eth_dev;
+ if (get_first_ethernet(&eth_dev) < 0) {
+ fprintf(stderr, "No ethernet device on the host.\n");
+ exit(1);
+ }
+ conn->ifName = eth_dev;
+ }
+
conn->discoverySocket = -1;
conn->sessionSocket = -1;
@@ -722,3 +734,104 @@ void usage(void)
fprintf(stderr, "Usage: pppoe-discovery [options]\n");
fprintf(stderr, "\nVersion " RP_VERSION "\n");
}
+
+/*
+ * get_first_ethernet - return the name of the first ethernet-style
+ * interface on this system.
+ */
+int
+get_first_ethernet(char **_r)
+{
+ int r = 0;
+ DIR *d = NULL;
+ struct dirent *entry = NULL;
+ struct udev *udev = NULL;
+ struct udev_device *dev = NULL;
+ char *eth_dev = NULL;
+
+ d = opendir("/sys/class/net");
+ if (!d) {
+ fprintf(stderr, "Failed to open dir /sys/class/net : %m\n");
+ r = -errno;
+ goto fail;
+ }
+
+ udev = udev_new();
+ if (!udev) {
+ fprintf(stderr, "Failed to talk to systemd-udevd\n");
+ r = -EIO;
+ goto fail;
+ }
+
+ while ((entry = readdir(d)) != NULL) {
+ char syspath[PATH_MAX] = {};
+ const char *type = NULL;
+
+ if ((strcmp(entry->d_name, ".") == 0) || (strcmp(entry->d_name, "..") == 0))
+ continue;
+
+ sprintf(syspath, "/sys/class/net/%s", entry->d_name);
+
+ dev = udev_device_new_from_syspath(udev, syspath);
+ if (!dev)
+ continue;
+
+ type = udev_device_get_sysattr_value(dev, "type");
+ if (strcmp(type, "1") == 0) {
+ const char *pci_dev_subclass = NULL, *usb_dev_subclass = NULL;
+
+ pci_dev_subclass = udev_device_get_property_value(dev,
+ "ID_PCI_SUBCLASS_FROM_DATABASE");
+ usb_dev_subclass = udev_device_get_property_value(dev,
+ "ID_USB_SUBCLASS_FROM_DATABASE");
+
+ if ((pci_dev_subclass && strcmp(pci_dev_subclass, "Ethernet controller") == 0) ||
+ (usb_dev_subclass && (strcmp(usb_dev_subclass, "Ethernet Networking") == 0 ||
+ strcmp(usb_dev_subclass, "Ethernet Emulation") == 0))) {
+ char *d = NULL;
+
+ d = strdup(entry->d_name);
+ if (!d) {
+ r = -ENOMEM;
+ goto fail;
+ }
+
+ free(eth_dev);
+ eth_dev = d;
+ break;
+ } else if (!eth_dev) {
+ eth_dev = strdup(entry->d_name);
+ if (!eth_dev) {
+ r = -ENOMEM;
+ goto fail;
+ }
+ }
+ }
+
+ udev_device_unref(dev);
+ dev = NULL;
+ }
+
+ if (dev)
+ udev_device_unref(dev);
+ udev_unref(udev);
+ closedir(d);
+
+ *_r = eth_dev;
+
+ return 0;
+
+fail:
+ if (dev)
+ udev_device_unref(dev);
+
+ if (udev)
+ udev_unref(udev);
+
+ if (d)
+ closedir(d);
+
+ free(eth_dev);
+
+ return r;
+}
diff --git a/pppd/pppd.h b/pppd/pppd.h
index de271c1..aaddba1 100644
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -691,7 +691,7 @@ int sipxfaddr __P((int, unsigned long, unsigned char *));
int cipxfaddr __P((int));
#endif
int get_if_hwaddr __P((u_char *addr, char *name));
-char *get_first_ethernet __P((void));
+int get_first_ethernet __P((char **_r));
/* Procedures exported from options.c */
int setipaddr __P((char *, char **, int)); /* Set local/remote ip addresses */
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 0690019..ec09c50 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -92,6 +92,9 @@
#include <ctype.h>
#include <termios.h>
#include <unistd.h>
+#include <dirent.h>
+
+#include <libudev.h>
/* This is in netdevice.h. However, this compile will fail miserably if
you attempt to include netdevice.h because it has so many references
@@ -1873,10 +1876,101 @@ get_if_hwaddr(u_char *addr, char *name)
* get_first_ethernet - return the name of the first ethernet-style
* interface on this system.
*/
-char *
-get_first_ethernet()
-{
- return "eth0";
+int
+get_first_ethernet(char **_r)
+{
+ int r = 0;
+ DIR *d = NULL;
+ struct dirent *entry = NULL;
+ struct udev *udev = NULL;
+ struct udev_device *dev = NULL;
+ char *eth_dev = NULL;
+
+ d = opendir("/sys/class/net");
+ if (!d) {
+ fprintf(stderr, "Failed to open dir /sys/class/net : %m\n");
+ r = -errno;
+ goto fail;
+ }
+
+ udev = udev_new();
+ if (!udev) {
+ fprintf(stderr, "Failed to talk to systemd-udevd\n");
+ r = -EIO;
+ goto fail;
+ }
+
+ while ((entry = readdir(d)) != NULL) {
+ char syspath[PATH_MAX] = {};
+ const char *type = NULL;
+
+ if ((strcmp(entry->d_name, ".") == 0) || (strcmp(entry->d_name, "..") == 0))
+ continue;
+
+ sprintf(syspath, "/sys/class/net/%s", entry->d_name);
+
+ dev = udev_device_new_from_syspath(udev, syspath);
+ if (!dev)
+ continue;
+
+ type = udev_device_get_sysattr_value(dev, "type");
+ if (strcmp(type, "1") == 0) {
+ const char *pci_dev_subclass = NULL, *usb_dev_subclass = NULL;
+
+ pci_dev_subclass = udev_device_get_property_value(dev,
+ "ID_PCI_SUBCLASS_FROM_DATABASE");
+ usb_dev_subclass = udev_device_get_property_value(dev,
+ "ID_USB_SUBCLASS_FROM_DATABASE");
+
+ if ((pci_dev_subclass && strcmp(pci_dev_subclass, "Ethernet controller") == 0) ||
+ (usb_dev_subclass && (strcmp(usb_dev_subclass, "Ethernet Networking") == 0 ||
+ strcmp(usb_dev_subclass, "Ethernet Emulation") == 0))) {
+ char *d = NULL;
+
+ d = strdup(entry->d_name);
+ if (!d) {
+ r = -ENOMEM;
+ goto fail;
+ }
+
+ free(eth_dev);
+ eth_dev = d;
+ break;
+ } else if (!eth_dev) {
+ eth_dev = strdup(entry->d_name);
+ if (!eth_dev) {
+ r = -ENOMEM;
+ goto fail;
+ }
+ }
+ }
+
+ udev_device_unref(dev);
+ dev = NULL;
+ }
+
+ if (dev)
+ udev_device_unref(dev);
+ udev_unref(udev);
+ closedir(d);
+
+ *_r = eth_dev;
+
+ return 0;
+
+fail:
+ if (dev)
+ udev_device_unref(dev);
+
+ if (udev)
+ udev_unref(udev);
+
+ if (d)
+ closedir(d);
+
+ free(eth_dev);
+
+ return r;
}
/********************************************************************
@@ -2859,6 +2953,7 @@ ether_to_eui64(eui64_t *p_eui64)
struct ifreq ifr;
int skfd;
const unsigned char *ptr;
+ char *eth_dev = NULL;
skfd = socket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if(skfd == -1)
@@ -2867,11 +2962,19 @@ ether_to_eui64(eui64_t *p_eui64)
return 0;
}
- strcpy(ifr.ifr_name, "eth0");
+ if (get_first_ethernet(&eth_dev) < 0)
+ {
+ warn("no ethernet device present on the host");
+ return 0;
+ }
+
+ strcpy(ifr.ifr_name, eth_dev);
+ free(eth_dev);
+
if(ioctl(skfd, SIOCGIFHWADDR, &ifr) < 0)
{
close(skfd);
- warn("could not obtain hardware address for eth0");
+ warn("could not obtain hardware address for %s", ifr.ifr_name);
return 0;
}
close(skfd);
--
1.8.3.1

26
SOURCES/0020-pppd-put-lock-files-in-var-lock-ppp.patch Normal file
View File

@ -0,0 +1,26 @@
From c5a5f795b1defcb6d168e79c4d1fc371dfc556ca Mon Sep 17 00:00:00 2001
From: Jiri Skala <jskala@redhat.com>
Date: Wed, 9 Apr 2014 09:29:50 +0200
Subject: [PATCH 20/27] pppd: put lock files in /var/lock/ppp
Resolves: #708260
---
pppd/utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/utils.c b/pppd/utils.c
index 6051b9a..8407492 100644
--- a/pppd/utils.c
+++ b/pppd/utils.c
@@ -846,7 +846,7 @@ complete_read(int fd, void *buf, size_t count)
/* Procedures for locking the serial device using a lock file. */
#ifndef LOCK_DIR
#ifdef __linux__
-#define LOCK_DIR "/var/lock"
+#define LOCK_DIR "/var/lock/ppp"
#else
#ifdef SVR4
#define LOCK_DIR "/var/spool/locks"
--
1.8.3.1

23
SOURCES/0021-build-sys-compile-pppol2tp-plugin-with-RPM_OPT_FLAGS.patch Normal file
View File

@ -0,0 +1,23 @@
From d69eb9a8aa284014dd7dd282813989eda9d84d74 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 9 Apr 2014 09:56:09 +0200
Subject: [PATCH 21/27] build-sys: compile pppol2tp plugin with RPM_OPT_FLAGS
---
pppd/plugins/pppol2tp/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index 4339566..9a635b8 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = -O2 -g
+COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install
--
1.8.3.1

24
SOURCES/0022-build-sys-compile-pppol2tp-with-multilink-support.patch Normal file
View File

@ -0,0 +1,24 @@
From a0060c5d48ef742bff4fe9ba9c276a5c21795ce8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 9 Apr 2014 09:58:38 +0200
Subject: [PATCH 22/27] build-sys: compile pppol2tp with multilink support
Resolves: #817013
---
pppd/plugins/pppol2tp/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index 9a635b8..9cb316d 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -1,5 +1,5 @@
#CC = gcc
-COPTS = $(RPM_OPT_FLAGS)
+COPTS = $(RPM_OPT_FLAGS) -DHAVE_MULTILINK
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
LDFLAGS = -shared
INSTALL = install
--
1.8.3.1

32
SOURCES/0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch Normal file
View File

@ -0,0 +1,32 @@
From 769521a3798fd554ddc7333cb1255cd1b40790e8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 10 Apr 2014 10:00:55 +0200
Subject: [PATCH 23/27] build-sys: install rp-pppoe plugin files with standard
perms
This is needed to properly generate debuginfo package.
---
pppd/plugins/rp-pppoe/Makefile.linux | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index b949716..fa49efb 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -44,10 +44,10 @@ rp-pppoe.so: plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
+ $(INSTALL) -c -m 755 rp-pppoe.so $(LIBDIR)
$(INSTALL) -d -m 755 $(BINDIR)
- $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
- $(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR)
+ $(INSTALL) -c -m 755 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 644 pppoe-discovery.8 $(MANDIR)
clean:
rm -f *.o *.so pppoe-discovery
--
1.8.3.1

26
SOURCES/0024-build-sys-install-pppoatm-plugin-files-with-standard.patch Normal file
View File

@ -0,0 +1,26 @@
From 0fdb22ef3d3cc3b297372451d60bd6c61d047d27 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 10 Apr 2014 10:08:41 +0200
Subject: [PATCH 24/27] build-sys: install pppoatm plugin files with standard
perms
---
pppd/plugins/pppoatm/Makefile.linux | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 769794b..4c5826f 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -37,7 +37,7 @@ $(PLUGIN): $(PLUGIN_OBJS)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -c -m 4550 $(PLUGIN) $(LIBDIR)
+ $(INSTALL) -c -m 755 $(PLUGIN) $(LIBDIR)
clean:
rm -f *.o *.so
--
1.8.3.1

29
SOURCES/0025-pppd-install-pppd-binary-using-standard-perms-755.patch Normal file
View File

@ -0,0 +1,29 @@
From ab8b06cdc1075abc67f77e7c3bb684e20071d614 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 10 Apr 2014 10:09:41 +0200
Subject: [PATCH 25/27] pppd: install pppd binary using standard perms (755)
---
pppd/Makefile.linux | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 0e8107f..534ccc2 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -223,10 +223,10 @@ all: $(TARGETS)
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 755 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
- $(INSTALL) -c -m 444 pppd.8 $(MANDIR)
+ $(INSTALL) -c -m 644 pppd.8 $(MANDIR)
pppd: $(PPPDOBJS)
$(CC) $(CFLAGS) $(LDFLAGS) -o pppd $(PPPDOBJS) $(LIBS)
--
1.8.3.1

35
SOURCES/0028-pppoe-include-netinet-in.h-before-linux-in.h.patch Normal file
View File

@ -0,0 +1,35 @@
From 33797aa193a2751da26f9af120e39c110defe4d1 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Sat, 10 Dec 2016 19:53:56 +0100
Subject: [PATCH] pppoe: include netinet/in.h before linux/in.h
To fix build breakage.
---
pppd/plugins/rp-pppoe/pppoe.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h
index 9ab2eee..f77f5b7 100644
--- a/pppd/plugins/rp-pppoe/pppoe.h
+++ b/pppd/plugins/rp-pppoe/pppoe.h
@@ -15,6 +15,8 @@
#include "config.h"
+#include <netinet/in.h>
+
#if defined(HAVE_NETPACKET_PACKET_H) || defined(HAVE_LINUX_IF_PACKET_H)
#define _POSIX_SOURCE 1 /* For sigaction defines */
#endif
@@ -84,8 +86,6 @@ typedef unsigned long UINT32_t;
#include <linux/if_ether.h>
#endif
-#include <netinet/in.h>
-
#ifdef HAVE_NETINET_IF_ETHER_H
#include <sys/types.h>
--
2.9.3

51
SOURCES/ifdown-ppp Executable file
View File

@ -0,0 +1,51 @@
#! /bin/bash
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
source_config
if [ "$TYPE" = "xDSL" ] && [ -x /usr/sbin/adsl-stop ] ; then
adsl-stop /etc/sysconfig/network-scripts/$CONFIG
exit $?
fi
CONFIG=${CONFIG##ifcfg-}
if [ "${DEMAND}" = "yes" ] && [ -f /var/run/ppp-${CONFIG}.pid ] ; then
PID=$(head -1 /var/run/ppp-${CONFIG}.pid)
kill -TERM ${PID}
sleep 2
[ ! -d /proc/${PID} ] && exit 0
sleep 5
[ ! -d /proc/${PID} ] && exit 0
kill -TERM ${PID}
[ ! -d /proc/${PID} ] && exit 0
exit 1
fi
file=/var/run/pppwatch-${DEVICE}.pid
if [ ! -f $file ]; then
# ppp isn't running, or we didn't start it
exit 0
fi
PID=$(cat $file)
[ -n "${PID}" ] || exit 1
kill -TERM ${PID} > /dev/null 2>&1
[ ! -d /proc/${PID} ] && exit 0
sleep 2
[ ! -d /proc/${PID} ] && exit 0
sleep 5
[ ! -d /proc/${PID} ] && exit 0
sleep 10
[ ! -d /proc/${PID} ] && exit 0
# killing ppp-watch twice in a row causes it to send a SIGKILL to pppd pgrp
kill -TERM ${PID} > /dev/null 2>&1
[ ! -d /proc/${PID} ] && exit 0
exit 1

157
SOURCES/ifup-ppp Executable file
View File

@ -0,0 +1,157 @@
#! /bin/bash
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
# ifup-post for PPP is handled through /etc/ppp/ip-up
if [ "${1}" = daemon ] ; then
# we've been called from ppp-watch, so don't invoke it for persistence
shift
else
# just in case a full path to the configuration file is passed in
CONFIG=${1##*/} # CONFIG=$(basename $1)
[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1}
source_config
# don't start ppp-watch by xDSL
if [ "${DEMAND}" != yes -a "$TYPE" != "xDSL" ] ; then
# let ppp-watch do the right thing
exec /sbin/ppp-watch "${CONFIG##ifcfg-}" "$2"
fi
fi
CONFIG=$1
[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1}
source_config
if [ -z "${DISCONNECTTIMEOUT}" ]; then
DISCONNECTTIMEOUT=2
fi
if [ -z "${RETRYTIMEOUT}" ]; then
RETRYTIMEOUT=30
fi
if [ -z "${IDLETIMEOUT}" ]; then
IDLETIMEOUT=600
fi
if [ "${2}" = "boot" -a "${ONBOOT}" = "no" ]; then
exit
fi
[ -x /usr/sbin/pppd ] || {
echo $"pppd does not exist or is not executable"
echo $"ifup-ppp for ${DEVICE} exiting"
/usr/bin/logger -p daemon.info -t ifup-ppp \
$"pppd does not exist or is not executable for ${DEVICE}"
exit 1
}
# check that xDSL connection
if [ "$TYPE" = "xDSL" ] ; then
if [ -x /usr/sbin/adsl-start ] ; then
adsl-start /etc/sysconfig/network-scripts/$CONFIG
exit $?
else
/usr/bin/logger -p daemon.info -t ifup-ppp \
$"adsl-start does not exist or is not executable for ${DEVICE}"
exit 1
fi
fi
PEERCONF=/etc/ppp/peers/${DEVNAME}
if [ "${DEBUG}" = "yes" ]; then
CHATDBG="-v"
fi
if [ ! -f ${PEERCONF} ]; then
if [ -z "${WVDIALSECT}" ] ; then
CHATSCRIPT=/etc/sysconfig/network-scripts/chat-${DEVNAME}
[ -f ${CHATSCRIPT} ] || {
echo $"/etc/sysconfig/network-scripts/chat-${DEVNAME} does not exist"
echo $"ifup-ppp for ${DEVNAME} exiting"
/usr/bin/logger -p daemon.info -t ifup-ppp \
$"/etc/sysconfig/network-scripts/chat-${DEVNAME} does not exist for ${DEVICE}"
exit 1
}
fi
/usr/bin/logger -s -p daemon.notice -t ifup-ppp \
$"Setting up a new ${PEERCONF} config file"
if [ -f /etc/ppp/peers/${DEVICE} ]; then
cp -f /etc/ppp/peers/${DEVICE} ${PEERCONF}
else
touch ${PEERCONF}
fi
if [ "${WVDIALSECT}" ]; then
echo "connect \"/usr/bin/wvdial --remotename ${DEVNAME} --chat '${WVDIALSECT}'\"" >> ${PEERCONF}
else
echo "connect \"/usr/sbin/chat ${CHATDBG} -f ${CHATSCRIPT}\"" >> ${PEERCONF}
fi
fi
opts="lock"
if [ "${HARDFLOWCTL}" != no ] ; then
opts="$opts modem crtscts"
fi
if [ "${ESCAPECHARS}" != yes ] ; then
opts="$opts asyncmap 00000000"
fi
if [ "${DEFROUTE}" != no ] ; then
# pppd will no longer delete an existing default route
# so we have to help it out a little here.
DEFRT=$(ip route list match 0.0.0.0/0)
[ -n "${DEFRT}" ] && echo "$DEFRT" > /etc/default-routes
echo "$DEFRT" | while read spec; do
ip route del $spec;
done
opts="$opts defaultroute"
fi
if [ "${PEERDNS}" != no ] ; then
cp -f /etc/resolv.conf /etc/resolv.conf.save
opts="$opts usepeerdns"
fi
if [ -n "${MRU}" ] ; then
opts="$opts mru ${MRU}"
fi
if [ -n "${MTU}" ] ; then
opts="$opts mtu ${MTU}"
fi
if [ -n "${IPADDR}${REMIP}" ] ; then
# if either IP address is set, the following will work.
opts="$opts ${IPADDR}:${REMIP}"
fi
if [ -n "${PAPNAME}" ] ; then
opts="$opts user ${PAPNAME} remotename ${DEVNAME}"
fi
if [ "${DEBUG}" = yes ] ; then
opts="$opts debug"
fi
if [ ${DEMAND} = yes ] ; then
opts="$opts demand ktune idle ${IDLETIMEOUT} holdoff ${RETRYTIMEOUT}"
exec=
else
opts="$opts nodetach"
exec=exec
fi
/usr/bin/logger -p daemon.info -t ifup-ppp \
$"pppd started for ${DEVNAME} on ${MODEMPORT} at ${LINESPEED}"
$exec pppd $opts ${MODEMPORT} ${LINESPEED} \
ipparam ${DEVNAME} linkname ${DEVNAME} call ${DEVNAME}\
noauth \
${PPPOPTIONS} || exit
if [ "${DEMAND}" = "yes" ] ; then
# pppd is a tad slow to write the pid-file.
sleep 2
if [ -f /var/run/ppp-${DEVNAME}.pid ] ; then
REALDEVICE=$(tail -1 /var/run/ppp-${DEVNAME}.pid)
/etc/sysconfig/network-scripts/ifup-routes ${REALDEVICE} ${DEVNAME}
fi
fi

0
ip-down → SOURCES/ip-down
View File

0
ip-down.ipv6to4 → SOURCES/ip-down.ipv6to4
View File

0
ip-up → SOURCES/ip-up
View File

0
ip-up.ipv6to4 → SOURCES/ip-up.ipv6to4
View File

14
ipv6-down.initscripts → SOURCES/ipv6-down
View File

@ -1,5 +1,12 @@
#!/bin/sh
#
# ipv6-down
#
# Called by pppd after IPV6CP/down was finished
#
# This file should not be modified -- make local changes to
# /etc/ppp/ipv6-down.local instead
#
#
# Taken from:
# (P) & (C) 2001-2006 by Peter Bieringer <pb@bieringer.de>
@ -18,6 +25,8 @@
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
#
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
@ -37,6 +46,9 @@ source_config
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6
[ -x /etc/ppp/ipv6-down.local ] && /etc/ppp/ipv6-down.local "$@"
if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then
# Control running radvd
ipv6_trigger_radvd down "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
@ -54,3 +66,5 @@ fi
# Delete all current configured IPv6 addresses on this interface
ipv6_cleanup_device $REALDEVICE
exit 0

15
ipv6-up.initscripts → SOURCES/ipv6-up
View File

@ -1,4 +1,12 @@
#!/bin/sh
#!/bin/bash
#
# ipv6-up
#
# Called by pppd after IPV6CP/up was finished
#
# This file should not be modified -- make local changes to
# /etc/ppp/ipv6-up.local instead
#
# Taken from:
# (P) & (C) 2001-2006 by Peter Bieringer <pb@bieringer.de>
#
@ -24,6 +32,7 @@
# IPV6_MTU=<MTU for IPv6>: controls IPv6 MTU for this link (optional)
#
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
@ -97,3 +106,7 @@ if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then
# Control running radvd
ipv6_trigger_radvd up "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi
[ -x /etc/ppp/ipv6-up.local ] && /etc/ppp/ipv6-up.local "$@"
exit 0

37
SOURCES/ppp-2.4.7-CVE-2020-8597.patch Normal file
View File

@ -0,0 +1,37 @@
From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001
From: Paul Mackerras <paulus@ozlabs.org>
Date: Mon, 3 Feb 2020 15:53:28 +1100
Subject: [PATCH] pppd: Fix bounds check in EAP code
Given that we have just checked vallen < len, it can never be the case
that vallen >= len + sizeof(rhostname). This fixes the check so we
actually avoid overflowing the rhostname array.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
---
pppd/eap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/eap.c b/pppd/eap.c
index 94407f56..1b93db01 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
@@ -1420,7 +1420,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';
@@ -1846,7 +1846,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';

79
SOURCES/ppp-2.4.7-DES-openssl.patch Normal file
View File

@ -0,0 +1,79 @@
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 534ccc2..cf11b74 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -41,7 +41,7 @@ COPTS = -Wall $(RPM_OPT_FLAGS) -DLIBDIR=\""$(LIBDIR)"\"
# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
CHAPMS=y
-USE_CRYPT=y
+#USE_CRYPT=y
# Don't use MSLANMAN unless you really know what you're doing.
#MSLANMAN=y
# Uncomment the next line to include support for MPPE. CHAPMS (above) must
@@ -147,7 +147,8 @@ endif
ifdef NEEDDES
ifndef USE_CRYPT
-LIBS += -ldes $(LIBS)
+CFLAGS += -I/usr/include/openssl
+LIBS += -lcrypto
else
CFLAGS += -DUSE_CRYPT=1
endif
diff --git a/pppd/pppcrypt.c b/pppd/pppcrypt.c
index 8b85b13..6b35375 100644
--- a/pppd/pppcrypt.c
+++ b/pppd/pppcrypt.c
@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key with parity bits added */
des_key[7] = Get7Bits(key, 49);
#ifndef USE_CRYPT
- des_set_odd_parity((des_cblock *)des_key);
+ DES_set_odd_parity((DES_cblock *)des_key);
#endif
}
@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */
}
#else /* USE_CRYPT */
-static des_key_schedule key_schedule;
+static DES_key_schedule key_schedule;
bool
DesSetkey(key)
u_char *key;
{
- des_cblock des_key;
+ DES_cblock des_key;
MakeKey(key, des_key);
- des_set_key(&des_key, key_schedule);
+ DES_set_key(&des_key, &key_schedule);
return (1);
}
bool
-DesEncrypt(clear, key, cipher)
+DesEncrypt(clear, cipher)
u_char *clear; /* IN 8 octets */
u_char *cipher; /* OUT 8 octets */
{
- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,
- key_schedule, 1);
+ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
+ &key_schedule, 1);
return (1);
}
@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
u_char *cipher; /* IN 8 octets */
u_char *clear; /* OUT 8 octets */
{
- des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear,
- key_schedule, 0);
+ DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
+ &key_schedule, 0);
return (1);
}

453
SOURCES/ppp-2.4.7-coverity-scan-fixes.patch Normal file
View File

@ -0,0 +1,453 @@
diff --git a/chat/chat.c b/chat/chat.c
index 710dba9..bf10733 100644
--- a/chat/chat.c
+++ b/chat/chat.c
@@ -512,6 +512,7 @@ void msgf __V((const char *fmt, ...))
syslog(LOG_INFO, "%s", line);
if (to_stderr)
fprintf(stderr, "%s\n", line);
+ va_end(args);
}
/*
@@ -537,6 +538,7 @@ void fatal __V((int code, const char *fmt, ...))
syslog(LOG_ERR, "%s", line);
if (to_stderr)
fprintf(stderr, "%s\n", line);
+ va_end(args);
terminate(code);
}
diff --git a/pppd/auth.c b/pppd/auth.c
index 656ffe9..9a7e32d 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -464,6 +464,7 @@ setupapfile(argv)
euid = geteuid();
if (seteuid(getuid()) == -1) {
option_error("unable to reset uid before opening %s: %m", fname);
+ free(fname);
return 0;
}
ufile = fopen(fname, "re");
@@ -471,6 +472,7 @@ setupapfile(argv)
fatal("unable to regain privileges: %m");
if (ufile == NULL) {
option_error("unable to open user login data file %s", fname);
+ free(fname);
return 0;
}
check_access(ufile, fname);
@@ -481,6 +483,7 @@ setupapfile(argv)
|| fgets(p, MAXSECRETLEN - 1, ufile) == NULL) {
fclose(ufile);
option_error("unable to read user login data file %s", fname);
+ free(fname);
return 0;
}
fclose(ufile);
@@ -502,6 +505,7 @@ setupapfile(argv)
explicit_passwd = 1;
}
+ free(fname);
return (1);
}
diff --git a/pppd/eap-tls.c b/pppd/eap-tls.c
index 1b79abf..f7f42fd 100644
--- a/pppd/eap-tls.c
+++ b/pppd/eap-tls.c
@@ -693,6 +693,7 @@ int eaptls_init_ssl_server(eap_state * esp)
}
strncpy(ets->peer, esp->es_server.ea_peer, MAXWORDLEN);
+ ets->peer[MAXWORDLEN - 1] = 0;
dbglog( "getting eaptls secret" );
if (!get_eaptls_secret(esp->es_unit, esp->es_server.ea_peer,
@@ -780,7 +781,10 @@ int eaptls_init_ssl_client(eap_state * esp)
* verify
*/
if (esp->es_client.ea_peer)
+ {
strncpy(ets->peer, esp->es_client.ea_peer, MAXWORDLEN);
+ ets->peer[MAXWORDLEN - 1] = 0;
+ }
else
ets->peer[0] = 0;
@@ -835,7 +839,10 @@ int eaptls_init_ssl_client(eap_state * esp)
* ssl_verify_callback()
*/
if (servcertfile[0])
+ {
strncpy(ets->peercertfile, servcertfile, MAXWORDLEN);
+ ets->peercertfile[MAXWORDLEN - 1] = 0;
+ }
else
ets->peercertfile[0] = 0;
diff --git a/pppd/multilink.c b/pppd/multilink.c
index 2f0ed50..67200ba 100644
--- a/pppd/multilink.c
+++ b/pppd/multilink.c
@@ -445,9 +445,13 @@ get_default_epdisc(ep)
if (p != 0 && get_if_hwaddr(ep->value, p) >= 0) {
ep->class = EPD_MAC;
ep->length = 6;
+ free(p);
return 1;
}
+ if (p)
+ free(p);
+
/* see if our hostname corresponds to a reasonable IP address */
hp = gethostbyname(hostname);
if (hp != NULL) {
diff --git a/pppd/options.c b/pppd/options.c
index 1cef314..bc264d6 100644
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -1735,7 +1735,7 @@ user_unsetenv(argv)
option_error("unexpected = in name: %s", arg);
return 0;
}
- if (arg == '\0') {
+ if (*arg == '\0') {
option_error("missing variable name for unset");
return 0;
}
diff --git a/pppd/plugins/pppol2tp/openl2tp.c b/pppd/plugins/pppol2tp/openl2tp.c
index 1099575..7c4fe8b 100644
--- a/pppd/plugins/pppol2tp/openl2tp.c
+++ b/pppd/plugins/pppol2tp/openl2tp.c
@@ -246,6 +246,9 @@ out:
(*old_pppol2tp_ip_updown_hook)(tunnel_id, session_id, up);
}
+ if (user_name != NULL)
+ free(user_name);
+
return;
}
diff --git a/pppd/plugins/radius/avpair.c b/pppd/plugins/radius/avpair.c
index 716d23f..ec48eb8 100644
--- a/pppd/plugins/radius/avpair.c
+++ b/pppd/plugins/radius/avpair.c
@@ -121,7 +121,8 @@ VALUE_PAIR *rc_avpair_new (int attrid, void *pval, int len, int vendorcode)
if ((vp = (VALUE_PAIR *) malloc (sizeof (VALUE_PAIR)))
!= (VALUE_PAIR *) NULL)
{
- strncpy (vp->name, pda->name, sizeof (vp->name));
+ strncpy (vp->name, pda->name, NAME_LENGTH);
+ vp->name[NAME_LENGTH] = 0;
vp->attribute = attrid;
vp->vendorcode = vendorcode;
vp->next = (VALUE_PAIR *) NULL;
diff --git a/pppd/plugins/radius/config.c b/pppd/plugins/radius/config.c
index a29e5e8..6e36d89 100644
--- a/pppd/plugins/radius/config.c
+++ b/pppd/plugins/radius/config.c
@@ -153,6 +153,7 @@ static int set_option_auo(char *filename, int line, OPTION *option, char *p)
*iptr = AUTH_RADIUS_FST;
else {
error("%s: auth_order: unknown keyword: %s", filename, p);
+ free(iptr);
return (-1);
}
@@ -165,6 +166,7 @@ static int set_option_auo(char *filename, int line, OPTION *option, char *p)
*iptr = (*iptr) | AUTH_RADIUS_SND;
else {
error("%s: auth_order: unknown or unexpected keyword: %s", filename, p);
+ free(iptr);
return (-1);
}
}
@@ -272,7 +274,7 @@ char *rc_conf_str(char *optname)
if (option == NULL)
fatal("rc_conf_str: unkown config option requested: %s", optname);
- return (char *)option->val;
+ return (char *)option->val;
}
int rc_conf_int(char *optname)
diff --git a/pppd/plugins/radius/radius.c b/pppd/plugins/radius/radius.c
index 4ba5f52..6f2a0bd 100644
--- a/pppd/plugins/radius/radius.c
+++ b/pppd/plugins/radius/radius.c
@@ -898,7 +898,8 @@ radius_acct_start(void)
rstate.start_time = time(NULL);
- strncpy(rstate.session_id, rc_mksid(), sizeof(rstate.session_id));
+ strncpy(rstate.session_id, rc_mksid(), MAXSESSIONID);
+ rstate.session_id[MAXSESSIONID] = 0;
rc_avpair_add(&send, PW_ACCT_SESSION_ID,
rstate.session_id, 0, VENDOR_NONE);
diff --git a/pppd/plugins/radius/radiusclient.h b/pppd/plugins/radius/radiusclient.h
index 51b959a..cff0c26 100644
--- a/pppd/plugins/radius/radiusclient.h
+++ b/pppd/plugins/radius/radiusclient.h
@@ -440,6 +440,7 @@ UINT4 rc_get_ipaddr __P((char *));
int rc_good_ipaddr __P((char *));
const char *rc_ip_hostname __P((UINT4));
UINT4 rc_own_ipaddress __P((void));
+UINT4 rc_own_bind_ipaddress __P((void));
/* sendserver.c */
diff --git a/pppd/plugins/radius/radrealms.c b/pppd/plugins/radius/radrealms.c
index 7a30370..cd006fd 100644
--- a/pppd/plugins/radius/radrealms.c
+++ b/pppd/plugins/radius/radrealms.c
@@ -68,10 +68,12 @@ lookup_realm(char const *user,
if ((fd = fopen(radrealms_config, "r")) == NULL) {
option_error("cannot open %s", radrealms_config);
+ free(auths);
+ free(accts);
return;
- }
+ }
info("Reading %s", radrealms_config);
-
+
while ((fgets(buffer, sizeof(buffer), fd) != NULL)) {
line++;
@@ -87,6 +89,8 @@ lookup_realm(char const *user,
fclose(fd);
option_error("%s: invalid line %d: %s", radrealms_config,
line, buffer);
+ free(auths);
+ free(accts);
return;
}
info("Parsing '%s' entry:", p);
@@ -101,6 +105,8 @@ lookup_realm(char const *user,
fclose(fd);
option_error("%s: realm name missing on line %d: %s",
radrealms_config, line, buffer);
+ free(auths);
+ free(accts);
return;
}
@@ -111,6 +117,8 @@ lookup_realm(char const *user,
fclose(fd);
option_error("%s: server address missing on line %d: %s",
radrealms_config, line, buffer);
+ free(auths);
+ free(accts);
return;
}
s->name[s->max] = strdup(p);
@@ -119,6 +127,8 @@ lookup_realm(char const *user,
fclose(fd);
option_error("%s: server port missing on line %d: %s",
radrealms_config, line, buffer);
+ free(auths);
+ free(accts);
return;
}
s->port[s->max] = atoi(p);
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index 5e06b52..5f79284 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -34,10 +34,10 @@ pppoe-discovery: pppoe-discovery.o debug.o common.o
$(CC) $(LDFLAGS) -o pppoe-discovery pppoe-discovery.o debug.o -ludev
pppoe-discovery.o: pppoe-discovery.c
- $(CC) $(CFLAGS) -c -o pppoe-discovery.o pppoe-discovery.c
+ $(CC) $(CFLAGS) -I../../.. -c -o pppoe-discovery.o pppoe-discovery.c
debug.o: debug.c
- $(CC) $(CFLAGS) -c -o debug.o debug.c
+ $(CC) $(CFLAGS) -I../../.. -c -o debug.o debug.c
rp-pppoe.so: plugin.o discovery.o if.o common.o
$(CC) $(LDFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
diff --git a/pppd/plugins/rp-pppoe/if.c b/pppd/plugins/rp-pppoe/if.c
index 72aba41..50d5693 100644
--- a/pppd/plugins/rp-pppoe/if.c
+++ b/pppd/plugins/rp-pppoe/if.c
@@ -133,7 +133,8 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
/* Fill in hardware address */
if (hwaddr) {
- strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+ ifr.ifr_name[IFNAMSIZ - 1] = 0;
if (ioctl(fd, SIOCGIFHWADDR, &ifr) < 0) {
error("Can't get hardware address for %s: %m", ifname);
close(fd);
@@ -152,7 +153,8 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
}
/* Sanity check on MTU */
- strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+ ifr.ifr_name[IFNAMSIZ - 1] = 0;
if (ioctl(fd, SIOCGIFMTU, &ifr) < 0) {
error("Can't get MTU for %s: %m", ifname);
} else if (ifr.ifr_mtu < ETH_DATA_LEN) {
@@ -166,7 +168,8 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
sa.sll_family = AF_PACKET;
sa.sll_protocol = htons(type);
- strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+ ifr.ifr_name[IFNAMSIZ - 1] = 0;
if (ioctl(fd, SIOCGIFINDEX, &ifr) < 0) {
error("Could not get interface index for %s: %m", ifname);
close(fd);
diff --git a/pppd/plugins/rp-pppoe/plugin.c b/pppd/plugins/rp-pppoe/plugin.c
index 24bdf8f..1856c6b 100644
--- a/pppd/plugins/rp-pppoe/plugin.c
+++ b/pppd/plugins/rp-pppoe/plugin.c
@@ -153,7 +153,7 @@ PPPOEConnectDevice(void)
error("Can't get MTU for %s: %m", conn->ifName);
goto errout;
}
- strncpy(ifr.ifr_name, conn->ifName, sizeof(ifr.ifr_name));
+ strlcpy(ifr.ifr_name, conn->ifName, sizeof(ifr.ifr_name));
if (ioctl(s, SIOCGIFMTU, &ifr) < 0) {
error("Can't get MTU for %s: %m", conn->ifName);
close(s);
@@ -326,7 +326,7 @@ PPPoEDevnameHook(char *cmd, char **argv, int doit)
/* Try getting interface index */
if (r) {
- strncpy(ifr.ifr_name, cmd, sizeof(ifr.ifr_name));
+ strlcpy(ifr.ifr_name, cmd, sizeof(ifr.ifr_name));
if (ioctl(fd, SIOCGIFINDEX, &ifr) < 0) {
r = 0;
} else {
@@ -345,7 +345,7 @@ PPPoEDevnameHook(char *cmd, char **argv, int doit)
/* Close socket */
close(fd);
if (r && doit) {
- strncpy(devnam, cmd, sizeof(devnam));
+ strlcpy(devnam, cmd, sizeof(devnam));
if (the_channel != &pppoe_channel) {
the_channel = &pppoe_channel;
diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c
index 2bd910f..502e17f 100644
--- a/pppd/plugins/rp-pppoe/pppoe-discovery.c
+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c
@@ -177,7 +177,8 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
sa.sll_family = AF_PACKET;
sa.sll_protocol = htons(type);
- strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+ ifr.ifr_name[IFNAMSIZ - 1] = 0;
if (ioctl(fd, SIOCGIFINDEX, &ifr) < 0) {
fatalSys("ioctl(SIOCFIGINDEX): Could not get interface index");
}
diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h
index f77f5b7..6118e27 100644
--- a/pppd/plugins/rp-pppoe/pppoe.h
+++ b/pppd/plugins/rp-pppoe/pppoe.h
@@ -24,6 +24,8 @@
#include <stdio.h> /* For FILE */
#include <sys/types.h> /* For pid_t */
+#include "pppd/pppd.h" /* For error */
+
/* How do we access raw Ethernet devices? */
#undef USE_LINUX_PACKET
#undef USE_BPF
diff --git a/pppd/plugins/winbind.c b/pppd/plugins/winbind.c
index bb05acd..4638f46 100644
--- a/pppd/plugins/winbind.c
+++ b/pppd/plugins/winbind.c
@@ -432,6 +432,7 @@ unsigned int run_ntlm_auth(const char *username,
/* parent */
if (close(child_out[0]) == -1) {
+ close(child_in[1]);
notice("error closing pipe?!? for child OUT[0]");
return NOT_AUTHENTICATED;
}
diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
index 9a1d8a6..ef92486 100644
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -2236,7 +2236,6 @@ int ppp_available(void)
}
}
- close (s);
if (!ok) {
slprintf(route_buffer, sizeof(route_buffer),
"Sorry - PPP driver version %d.%d.%d is out of date\n",
@@ -2246,6 +2245,7 @@ int ppp_available(void)
}
}
}
+ close(s);
return ok;
}
@@ -2722,7 +2722,10 @@ get_pty(master_fdp, slave_fdp, slave_name, uid)
warn("Couldn't unlock pty slave %s: %m", pty_name);
#endif
if ((sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC)) < 0)
+ {
warn("Couldn't open pty slave %s: %m", pty_name);
+ close(mfd);
+ }
}
}
#endif /* TIOCGPTN */
@@ -3011,6 +3014,7 @@ ether_to_eui64(eui64_t *p_eui64)
if (get_first_ethernet(&eth_dev) < 0)
{
warn("no ethernet device present on the host");
+ close(skfd);
return 0;
}
diff --git a/pppstats/pppstats.c b/pppstats/pppstats.c
index 6367988..4aaa319 100644
--- a/pppstats/pppstats.c
+++ b/pppstats/pppstats.c
@@ -150,7 +150,8 @@ get_ppp_stats(curp)
#define ifr_name ifr__name
#endif
- strncpy(req.ifr_name, interface, sizeof(req.ifr_name));
+ strncpy(req.ifr_name, interface, IFNAMSIZ);
+ req.ifr_name[IFNAMSIZ - 1] = 0;
if (ioctl(s, SIOCGPPPSTATS, &req) < 0) {
fprintf(stderr, "%s: ", progname);
if (errno == ENOTTY)
@@ -176,7 +177,8 @@ get_ppp_cstats(csp)
#define ifr_name ifr__name
#endif
- strncpy(creq.ifr_name, interface, sizeof(creq.ifr_name));
+ strncpy(creq.ifr_name, interface, IFNAMSIZ);
+ creq.ifr_name[IFNAMSIZ - 1] = 0;
if (ioctl(s, SIOCGPPPCSTATS, &creq) < 0) {
fprintf(stderr, "%s: ", progname);
if (errno == ENOTTY) {
@@ -526,7 +528,8 @@ main(argc, argv)
#undef ifr_name
#define ifr_name ifr_ifrn.ifrn_name
#endif
- strncpy(ifr.ifr_name, interface, sizeof(ifr.ifr_name));
+ strncpy(ifr.ifr_name, interface, IFNAMSIZ);
+ ifr.ifr_name[IFNAMSIZ - 1] = 0;
if (ioctl(s, SIOCGIFFLAGS, (caddr_t)&ifr) < 0) {
fprintf(stderr, "%s: nonexistent interface '%s' specified\n",
progname, interface);

3230
SOURCES/ppp-2.4.7-eaptls-mppe-1.101.patch Normal file
View File

File diff suppressed because it is too large Load Diff

170
SOURCES/ppp-2.4.7-honor-ldflags.patch Normal file
View File

@ -0,0 +1,170 @@
diff --git a/chat/Makefile.linux b/chat/Makefile.linux
index 2445637..83114f1 100644
--- a/chat/Makefile.linux
+++ b/chat/Makefile.linux
@@ -18,7 +18,7 @@ INSTALL= install
all: chat
chat: chat.o
- $(CC) -o chat chat.o
+ $(CC) $(LDFLAGS) -o chat chat.o
chat.o: chat.c
$(CC) -c $(CFLAGS) -o chat.o chat.c
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index cf11b74..089f164 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -188,7 +188,7 @@ endif
ifdef PLUGIN
CFLAGS += -DPLUGIN
-LDFLAGS += -Wl,-E
+LDFLAGS_PLUGIN += -Wl,-E
LIBS += -ldl
endif
@@ -230,7 +230,7 @@ install: pppd
$(INSTALL) -c -m 644 pppd.8 $(MANDIR)
pppd: $(PPPDOBJS)
- $(CC) $(CFLAGS) $(LDFLAGS) -o pppd $(PPPDOBJS) $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_PLUGIN) -o pppd $(PPPDOBJS) $(LIBS)
srp-entry: srp-entry.c
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ srp-entry.c $(LIBS)
diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
index 303833a..04fe876 100644
--- a/pppd/plugins/Makefile.linux
+++ b/pppd/plugins/Makefile.linux
@@ -1,7 +1,7 @@
#CC = gcc
COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
-LDFLAGS = -shared
+LDFLAGS_SHARED = -shared
INSTALL = install
# EAP-TLS
@@ -33,7 +33,7 @@ all: $(PLUGINS)
for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all; done
%.so: %.c
- $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^
+ $(CC) -o $@ $(LDFLAGS) $(LDFLAGS_SHARED) $(CFLAGS) $^
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../patchlevel.h)
diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
index 4c5826f..1961e0e 100644
--- a/pppd/plugins/pppoatm/Makefile.linux
+++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -1,7 +1,7 @@
#CC = gcc
COPTS = $(RPM_OPT_FLAGS)
CFLAGS = $(COPTS) -I../.. -I../../../include -fPIC
-LDFLAGS = -shared
+LDFLAGS_SHARED = -shared
INSTALL = install
#***********************************************************************
@@ -33,7 +33,7 @@ endif
all: $(PLUGIN)
$(PLUGIN): $(PLUGIN_OBJS)
- $(CC) $(CFLAGS) -o $@ -shared $^ $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LDFLAGS_SHARED) $^ $(LIBS)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
index 9cb316d..7b23b25 100644
--- a/pppd/plugins/pppol2tp/Makefile.linux
+++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -1,7 +1,7 @@
#CC = gcc
COPTS = $(RPM_OPT_FLAGS) -DHAVE_MULTILINK
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
-LDFLAGS = -shared
+LDFLAGS_SHARED = -shared
INSTALL = install
#***********************************************************************
@@ -16,7 +16,7 @@ PLUGINS := pppol2tp.so openl2tp.so
all: $(PLUGINS)
%.so: %.o
- $(CC) $(CFLAGS) -o $@ -shared $^ $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LDFLAGS_SHARED) $^ $(LIBS)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
index 707326b..2150332 100644
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -43,13 +43,13 @@ install: all
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
radius.so: radius.o libradiusclient.a
- $(CC) -o radius.so -shared radius.o libradiusclient.a
+ $(CC) $(LDFLAGS) -o radius.so -shared radius.o libradiusclient.a
radattr.so: radattr.o
- $(CC) -o radattr.so -shared radattr.o
+ $(CC) $(LDFLAGS) -o radattr.so -shared radattr.o
radrealms.so: radrealms.o
- $(CC) -o radrealms.so -shared radrealms.o
+ $(CC) $(LDFLAGS) -o radrealms.so -shared radrealms.o
CLIENTOBJS = avpair.o buildreq.o config.o dict.o ip_util.o \
clientid.o sendserver.o lock.o util.o md5.o
diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux
index fa49efb..5e06b52 100644
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -31,7 +31,7 @@ CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
all: rp-pppoe.so pppoe-discovery
pppoe-discovery: pppoe-discovery.o debug.o common.o
- $(CC) -o pppoe-discovery pppoe-discovery.o debug.o -ludev
+ $(CC) $(LDFLAGS) -o pppoe-discovery pppoe-discovery.o debug.o -ludev
pppoe-discovery.o: pppoe-discovery.c
$(CC) $(CFLAGS) -c -o pppoe-discovery.o pppoe-discovery.c
@@ -40,7 +40,7 @@ debug.o: debug.c
$(CC) $(CFLAGS) -c -o debug.o debug.c
rp-pppoe.so: plugin.o discovery.o if.o common.o
- $(CC) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
+ $(CC) $(LDFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
diff --git a/pppdump/Makefile.linux b/pppdump/Makefile.linux
index 95c6805..33e5107 100644
--- a/pppdump/Makefile.linux
+++ b/pppdump/Makefile.linux
@@ -10,7 +10,7 @@ INSTALL= install
all: pppdump
pppdump: $(OBJS)
- $(CC) -o pppdump $(OBJS)
+ $(CC) $(LDFLAGS) -o pppdump $(OBJS)
clean:
rm -f pppdump $(OBJS) *~
diff --git a/pppstats/Makefile.linux b/pppstats/Makefile.linux
index c5ba3b1..eeccf83 100644
--- a/pppstats/Makefile.linux
+++ b/pppstats/Makefile.linux
@@ -26,7 +26,7 @@ install: pppstats
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)
- $(CC) $(CFLAGS) -o pppstats pppstats.c $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o pppstats pppstats.c $(LIBS)
clean:
rm -f pppstats *~ #* core

0
ppp-logrotate.conf → SOURCES/ppp-logrotate.conf
View File

0
ppp-pam.conf → SOURCES/ppp-pam.conf
View File

2
SOURCES/ppp-tmpfiles.conf Normal file
View File

@ -0,0 +1,2 @@
d /run/ppp 0755 root root
d /run/lock/ppp 0755 root root

277
ppp.spec → SPECS/ppp.spec
View File

@ -1,29 +1,13 @@
%global _hardened_build 1
Name: ppp
# Please be careful when bumping the ppp version. Several packages
# have version-tied dependencies on it, including NetworkManager-ppp
# (from NetworkManager) and NetworkManager-pptp , which are core
# packages. They may need code changes to build against new ppp
# versions. Please only bump ppp on a side tag and ensure it also
# contains rebuilds of at least those two packages before merging.
# Several other less important packages are also tied to the ppp
# version, as of 2023-04-19 the list is:
# NetworkManager-fortisslvpn
# NetworkManager-l2tp
# NetworkManager-ppp
# NetworkManager-pptp
# NetworkManager-sstp
# sstp-client
# These all need to be patched (if necessary) and rebuilt for new
# versions of ppp.
Version: 2.5.0
Release: 13%{?dist}
Summary: The Point-to-Point Protocol daemon
License: bsd-3-clause AND zlib AND licenseref-fedora-public-domain AND bsd-attribution-hpnd-disclaimer AND bsd-4.3tahoe AND bsd-4-clause-uc AND apache-2.0 AND lgpl-2.0-or-later AND (gpl-2.0-or-later OR bsd-2-clause OR bsd-3-clause OR bsd-4-clause) AND gpl-2.0-or-later AND xlock AND gpl-1.0-or-later AND mackerras-3-clause-acknowledgment AND mackerras-3-clause AND hpnd-fenneberg-Livingston AND sun-ppp AND hpnd-inria-imag AND sun-ppp-2000
URL: http://www.samba.org/ppp
Source0: https://github.com/paulusmack/ppp/archive/ppp-%{version}.tar.gz
Name: ppp
Version: 2.4.7
Release: 26%{?dist}
License: BSD and LGPLv2+ and GPLv2+ and Public Domain
Group: System Environment/Daemons
URL: http://www.samba.org/ppp
Source0: ftp://ftp.samba.org/pub/ppp/ppp-%{version}.tar.gz
Source1: ppp-pam.conf
Source2: ppp-logrotate.conf
Source3: ppp-tmpfiles.conf
@ -33,43 +17,51 @@ Source6: ip-up
Source7: ip-up.ipv6to4
Source8: ipv6-down
Source9: ipv6-up
Source10: ifup-ppp
Source11: ifdown-ppp
Source12: ppp-watch.tar.xz
Source13: ipv6-up.initscripts
Source14: ipv6-down.initscripts
# Fedora-specific
Patch0: ppp-2.5.0-use-change-resolv-function.patch
Patch0001: 0001-build-sys-use-gcc-as-our-compiler-of-choice.patch
Patch0002: 0002-build-sys-enable-PAM-support.patch
Patch0003: 0003-build-sys-utilize-compiler-flags-handed-to-us-by-rpm.patch
Patch0004: 0004-doc-add-configuration-samples.patch
Patch0005: 0005-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch
Patch0006: 0006-scritps-use-change_resolv_conf-function.patch
Patch0007: 0007-build-sys-don-t-strip-binaries-during-installation.patch
Patch0008: 0008-build-sys-use-prefix-usr-instead-of-usr-local.patch
Patch0009: 0009-pppd-introduce-ipv6-accept-remote.patch
Patch0010: 0010-build-sys-enable-CBCP.patch
Patch0011: 0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch
Patch0012: 0012-pppd-we-don-t-want-to-accidentally-leak-fds.patch
Patch0013: 0013-everywhere-O_CLOEXEC-harder.patch
Patch0014: 0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch
Patch0015: 0015-pppd-move-pppd-database-to-var-run-ppp.patch
Patch0016: 0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch
Patch0018: 0018-scritps-fix-ip-up.local-sample.patch
Patch0019: 0019-sys-linux-rework-get_first_ethernet.patch
Patch0020: 0020-pppd-put-lock-files-in-var-lock-ppp.patch
Patch0021: 0021-build-sys-compile-pppol2tp-plugin-with-RPM_OPT_FLAGS.patch
Patch0022: 0022-build-sys-compile-pppol2tp-with-multilink-support.patch
Patch0023: 0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch
Patch0024: 0024-build-sys-install-pppoatm-plugin-files-with-standard.patch
Patch0025: 0025-pppd-install-pppd-binary-using-standard-perms-755.patch
Patch0026: ppp-2.4.7-eaptls-mppe-1.101.patch
Patch0028: 0028-pppoe-include-netinet-in.h-before-linux-in.h.patch
# https://github.com/ppp-project/ppp/commit/7f89208b860ea0c41636410bfdb6a609b2772f47
Patch1: ppp-2.5.0-radiusclient-parser-fix.patch
# rhbz#1556132
Patch0029: ppp-2.4.7-DES-openssl.patch
# https://github.com/paulusmack/ppp/pull/95
Patch0030: ppp-2.4.7-honor-ldflags.patch
Patch0031: ppp-2.4.7-coverity-scan-fixes.patch
Patch0032: ppp-2.4.7-CVE-2020-8597.patch
BuildRequires: libtool
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: make
BuildRequires: gcc
BuildRequires: pam-devel
BuildRequires: libpcap-devel
BuildRequires: systemd
BuildRequires: systemd-devel
BuildRequires: glib2-devel
BuildRequires: pam-devel, libpcap-devel, systemd, systemd-devel, glib2-devel
BuildRequires: openssl-devel
%if %{defined rhel}
Provides: bundled(linux-atm) = 2.4.1
%else
BuildRequires: linux-atm-libs-devel
%endif
Requires: glibc >= 2.0.6
Requires: /etc/pam.d/system-auth
Requires: libpcap >= 14:0.8.3-6
Requires: systemd
Requires: glibc >= 2.0.6, /etc/pam.d/system-auth, libpcap >= 14:0.8.3-6, systemd
Requires(pre): /usr/bin/getent
Requires(pre): /usr/sbin/groupadd
# Subpackage removed and obsoleted in F40
Obsoletes: network-scripts-ppp < %{version}-%{release}
%description
The ppp package contains the PPP (Point-to-Point Protocol) daemon and
documentation for PPP support. The PPP protocol provides a method for
@ -77,28 +69,38 @@ transmitting datagrams over serial point-to-point links. PPP is
usually used to dial in to an ISP (Internet Service Provider) or other
organization over a modem and phone line.
%package -n network-scripts-%{name}
Summary: PPP legacy network service support
Requires: network-scripts
Supplements: (%{name} and network-scripts)
%description -n network-scripts-%{name}
This provides the ifup and ifdown scripts for use with the legacy network
service.
%package devel
Summary: Headers for ppp plugin development
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: pkgconf-pkg-config
%description devel
This package contains the header files for building plugins for ppp.
%prep
%autosetup -p1 -n %{name}-%{name}-%{version}
%setup -q
%autopatch -p1
tar -xJf %{SOURCE12}
%build
autoreconf -fi
export CFLAGS="%{build_cflags} -fno-strict-aliasing"
%configure --enable-systemd --enable-cbcp --with-pam --disable-openssl-engine
%make_build
%make_build -C ppp-watch LDFLAGS="%{?build_ldflags} -pie"
export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -Wall -fno-strict-aliasing"
export RPM_LD_FLAGS="$LDFLAGS"
%configure
make %{?_smp_mflags} LDFLAGS="%{?build_ldflags}"
make -C ppp-watch %{?_smp_mflags} LDFLAGS="%{?build_ldflags}"
%install
%make_install
make INSTROOT=%{buildroot} install install-etcppp
find scripts -type f | xargs chmod a-x
make ROOT=%{buildroot} -C ppp-watch install
@ -125,11 +127,10 @@ install -p %{SOURCE6} %{buildroot}%{_sysconfdir}/ppp/ip-up
install -p %{SOURCE7} %{buildroot}%{_sysconfdir}/ppp/ip-up.ipv6to4
install -p %{SOURCE8} %{buildroot}%{_sysconfdir}/ppp/ipv6-down
install -p %{SOURCE9} %{buildroot}%{_sysconfdir}/ppp/ipv6-up
install -p %{SOURCE13} %{buildroot}%{_sysconfdir}/ppp/ipv6-down.initscripts
install -p %{SOURCE14} %{buildroot}%{_sysconfdir}/ppp/ipv6-up.initscripts
# ghosts
mkdir -p %{buildroot}%{_rundir}/pppd/lock
install -d %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/
install -p %{SOURCE10} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifup-ppp
install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdown-ppp
%pre
/usr/bin/getent group dip >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 40 dip >/dev/null 2>&1 || :
@ -138,7 +139,7 @@ mkdir -p %{buildroot}%{_rundir}/pppd/lock
%tmpfiles_create ppp.conf
%files
%doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample README.eap-tls
%defattr(-,root,root)
%{_sbindir}/chat
%{_sbindir}/pppd
%{_sbindir}/pppdump
@ -151,10 +152,7 @@ mkdir -p %{buildroot}%{_rundir}/pppd/lock
%{_sysconfdir}/ppp/ip-up.ipv6to4
%{_sysconfdir}/ppp/ip-down.ipv6to4
%{_sysconfdir}/ppp/ipv6-up
%{_sysconfdir}/ppp/ipv6-up.initscripts
%{_sysconfdir}/ppp/ipv6-down
%{_sysconfdir}/ppp/ipv6-down.initscripts
%{_sysconfdir}/ppp/openssl.cnf
%{_mandir}/man8/chat.8*
%{_mandir}/man8/pppd.8*
%{_mandir}/man8/pppdump.8*
@ -164,8 +162,8 @@ mkdir -p %{buildroot}%{_rundir}/pppd/lock
%{_mandir}/man8/pppoe-discovery.8*
%{_mandir}/man8/ppp-watch.8*
%{_libdir}/pppd
%ghost %dir %{_rundir}/pppd
%ghost %dir %{_rundir}/pppd/lock
%ghost %dir /run/ppp
%ghost %dir /run/lock/ppp
%dir %{_sysconfdir}/logrotate.d
%attr(700, root, root) %dir %{_localstatedir}/log/ppp
%config(noreplace) %{_sysconfdir}/ppp/eaptls-client
@ -176,150 +174,33 @@ mkdir -p %{buildroot}%{_rundir}/pppd/lock
%config(noreplace) %{_sysconfdir}/pam.d/ppp
%config(noreplace) %{_sysconfdir}/logrotate.d/ppp
%{_tmpfilesdir}/ppp.conf
%doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample README.eap-tls
%files -n network-scripts-%{name}
%{_sysconfdir}/sysconfig/network-scripts/ifdown-ppp
%{_sysconfdir}/sysconfig/network-scripts/ifup-ppp
%files devel
%defattr(-,root,root)
%{_includedir}/pppd
%doc PLUGINS
%{_libdir}/pkgconfig/pppd.pc
%changelog
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.5.0-13
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Thu Jun 27 2024 Jaroslav Škarvada <jskarvad@redhat.com> - 2.5.0-12
- Fixed radiusclient parser
Resolves: RHEL-44665
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.5.0-11
- Bump release for June 2024 mass rebuild
* Wed Jun 12 2024 Jaroslav Škarvada <jskarvad@redhat.com> - 2.5.0-10
- Openssl engine API is deprecated for a while thus disable it
Resolves: RHEL-33746
* Thu May 9 2024 Jaroslav Škarvada <jskarvad@redhat.com> - 2.5.0-9
- Pre-created upstream default lock dir
Resolves: RHEL-35977
* Sun Apr 14 2024 Jaroslav Škarvada <jskarvad@redhat.com> - 2.5.0-8
- Added missing and recently approved SPDX licenses
* Wed Feb 21 2024 Kalev Lember <klember@redhat.com> - 2.5.0-7
- Obsolete dropped network-scripts-ppp subpackage
* Tue Feb 13 2024 Jaroslav Škarvada <jskarvad@redhat.com> - 2.5.0-6
- Dropped network scripts
* Wed Jan 24 2024 Jaroslav Škarvada <jskarvad@redhat.com> - 2.5.0-5
- Converted license to SPDX
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.5.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Jul 25 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 2.5.0-3
- Use bundled ATM in RHEL builds
* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Apr 13 2023 Jaroslav Škarvada <jskarvad@redhat.com> - 2.5.0-1
- New version
Resolves: rhbz#2184291
* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.9-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.9-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Apr 05 2022 Marcin Zajaczkowski <mszpak ATT wp DOTT pl> - 2.4.9-7
- Backport patches from master for SSTP to connect using EAP-TLS to Azure VnetGWay and Windows RAS server
* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.9-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 2.4.9-5
- Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.9-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Mar 8 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.9-3
- Keep lock files in /var/lock (https://github.com/ppp-project/ppp/pull/227)
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jan 5 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.9-1
- New version
Resolves: rhbz#1912617
* Mon Aug 10 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.8-8
- Added workaround for Windows Server 2019
Resolves: rhbz#1867047
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.8-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu May 21 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.8-6
- Added missing options to man pages
* Tue Apr 7 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.8-5
- Updated EAP-TLS patch to v1.300
* Mon Apr 6 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.8-4
- Updated EAP-TLS patch to v1.201
* Fri Feb 28 2020 Tom Stellard <tstellar@redhat.com> - 2.4.8-3
- Use make_build macro
- https://docs.fedoraproject.org/en-US/packaging-guidelines/#_parallel_make
* Wed Feb 26 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.8-2
- Fixed ghost directories verification
* Fri Feb 21 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.8-1
- New version
- Changed sources to github
- Dropped 0028-pppoe-include-netinet-in.h-before-linux-in.h,
ppp-2.4.7-DES-openssl, ppp-2.4.7-honor-ldflags,
ppp-2.4.7-coverity-scan-fixes patches (all upstreamed)
* Tue Feb 25 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-26
- Fixed buffer overflow in the eap_request and eap_response functions
Resolves: CVE-2020-8597
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-33
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-31
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 2.4.7-30
- Rebuilt for libcrypt.so.2 (#1666033)
* Mon Dec 3 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-29
* Tue Dec 4 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-25
- Fixed some issues found by coverity scan
Resolves: rhbz#1602665
* Tue Nov 20 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-28
- Fixed network scripts related regression caused by release 26
* Mon Nov 5 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-27
- Updated EAP-TLS patch to v1.102
* Tue Jul 24 2018 Lubomir Rintel <lkundrak@v3.sk> - 2.4.7-26
* Tue Nov 20 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-24
- Split out the network-scripts
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.7-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Sat Jun 30 2018 Peter Robinson <pbrobinson@fedoraproject.org> 2.4.7-24
- Remove group/defattr, minor spec cleanups
Resolves: rhbz#1608377
* Wed Jun 20 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-23
- Replaced initscripts requirement by the network-scripts
Resolves: rhbz#1592384
Resolves: rhbz#1610285
* Tue Jun 5 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2.4.7-22
- Updated EAP-TLS patch to v1.101

1
ci.fmf
View File

@ -1 +0,0 @@
resultsdb-testcase: separate

25
gating.yaml
View File

@ -1,25 +0,0 @@
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_testing
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
#Rawhide
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_stable
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
#gating rhel
--- !Policy
product_versions:
- rhel-*
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional}
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}

14
ipv6-down
View File

@ -1,14 +0,0 @@
#!/bin/sh
#
# ipv6-down
#
# Called by pppd after IPV6CP/down was finished
#
# This file should not be modified -- make local changes to
# /etc/ppp/ipv6-down.local instead
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] && /etc/ppp/ipv6-down.initscripts "$@"
[ -x /etc/ppp/ipv6-down.local ] && /etc/ppp/ipv6-down.local "$@"
exit 0

15
ipv6-up
View File

@ -1,15 +0,0 @@
#!/bin/bash
#
# ipv6-up
#
# Called by pppd after IPV6CP/up was finished
#
# This file should not be modified -- make local changes to
# /etc/ppp/ipv6-up.local instead
#
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] && /etc/ppp/ipv6-up.initscripts "$@"
[ -x /etc/ppp/ipv6-up.local ] && /etc/ppp/ipv6-up.local "$@"
exit 0

36
plans.fmf
View File

@ -1,36 +0,0 @@
/tier1-internal:
plan:
import:
url: https://src.fedoraproject.org/tests/ppp.git
name: /plans/tier1/internal
/tier1-public:
plan:
import:
url: https://src.fedoraproject.org/tests/ppp.git
name: /plans/tier1/public
/tier2-tier3-internal:
plan:
import:
url: https://src.fedoraproject.org/tests/ppp.git
name: /plans/tier2-tier3/internal
/tier2-tier3-public:
plan:
import:
url: https://src.fedoraproject.org/tests/ppp.git
name: /plans/tier2-tier3/public
/others-internal:
plan:
import:
url: https://src.fedoraproject.org/tests/ppp.git
name: /plans/others/internal
/others-public:
plan:
import:
url: https://src.fedoraproject.org/tests/ppp.git
name: /plans/others/public

49
ppp-2.5.0-radiusclient-parser-fix.patch
View File

@ -1,49 +0,0 @@
From 7f89208b860ea0c41636410bfdb6a609b2772f47 Mon Sep 17 00:00:00 2001
From: Eivind Naess <eivnaes@yahoo.com>
Date: Sun, 23 Apr 2023 11:37:01 -0700
Subject: [PATCH] Closes #411, Fixing up parsing in radiusclient.conf
Adding curly braces to fix the code.
Signed-off-by: Eivind Naess <eivnaes@yahoo.com>
---
pppd/plugins/radius/config.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/pppd/plugins/radius/config.c b/pppd/plugins/radius/config.c
index 39744fca1..e1a481487 100644
--- a/pppd/plugins/radius/config.c
+++ b/pppd/plugins/radius/config.c
@@ -235,24 +235,28 @@ int rc_read_config(char *filename)
switch (option->type) {
case OT_STR:
- if (set_option_str(filename, line, option, p) < 0)
+ if (set_option_str(filename, line, option, p) < 0) {
fclose(configfd);
return (-1);
+ }
break;
case OT_INT:
- if (set_option_int(filename, line, option, p) < 0)
+ if (set_option_int(filename, line, option, p) < 0) {
fclose(configfd);
return (-1);
+ }
break;
case OT_SRV:
- if (set_option_srv(filename, line, option, p) < 0)
+ if (set_option_srv(filename, line, option, p) < 0) {
fclose(configfd);
return (-1);
+ }
break;
case OT_AUO:
- if (set_option_auo(filename, line, option, p) < 0)
+ if (set_option_auo(filename, line, option, p) < 0) {
fclose(configfd);
return (-1);
+ }
break;
default:
fatal("rc_read_config: impossible case branch!");

51
ppp-2.5.0-use-change-resolv-function.patch
View File

@ -1,51 +0,0 @@
diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add
index b93590e..8889cb6 100644
--- a/scripts/ip-down.local.add
+++ b/scripts/ip-down.local.add
@@ -9,12 +9,13 @@
#
# Nick Walker (nickwalker@email.com)
#
+. /etc/sysconfig/network-scripts/network-functions
if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
if [ -f /etc/ppp/resolv.prev ]; then
- cp -f /etc/ppp/resolv.prev /etc/resolv.conf
+ change_resolv_conf /etc/ppp/resolv.prev
else
- rm -f /etc/resolv.conf
+ change_resolv_conf
fi
fi
diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
index 8017209..5ced496 100644
--- a/scripts/ip-up.local.add
+++ b/scripts/ip-up.local.add
@@ -9,16 +9,22 @@
#
# Nick Walker (nickwalker@email.com)
#
+. /etc/sysconfig/network-scripts/network-functions
if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
rm -f /etc/ppp/resolv.prev
if [ -f /etc/resolv.conf ]; then
cp /etc/resolv.conf /etc/ppp/resolv.prev
- grep domain /etc/ppp/resolv.prev > /etc/resolv.conf
- grep search /etc/ppp/resolv.prev >> /etc/resolv.conf
- cat /etc/ppp/resolv.conf >> /etc/resolv.conf
+ rscf=/etc/ppp/resolv.new
+ grep domain /etc/ppp/resolv.prev > $rscf
+ grep search /etc/ppp/resolv.prev >> $rscf
+ if [ -f /etc/ppp/resolv.conf ]; then
+ cat /etc/ppp/resolv.conf >> $rscf
+ fi
+ change_resolv_conf $rscf
+ rm -f $rscf
else
- cp /etc/ppp/resolv.conf /etc
+ change_resolv_conf /etc/ppp/resolv.conf
fi
fi

1
ppp-tmpfiles.conf
View File

@ -1 +0,0 @@
d /run/pppd/lock 0755 root root

2
sources
View File

@ -1,2 +0,0 @@
SHA512 (ppp-2.5.0.tar.gz) = cf62410a952053f9aa71c5179453831152e958fcad9e77df2ddac864e39aa71af0b746e54b91e8fa3ad6295d6d2b1bb736e36dc05521b495f573468679133324
SHA512 (ppp-watch.tar.xz) = aee10735facf918b9a1e33408c9f19d8240c2cd265837da87ac9f58e097eece6bbe1abcaf426e2f10369d1368f6e9e68d2e07d005a19857f17d6318708ec438a