domenico/openwrt-19.07
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
domenico
2025-06-24 16:03:39 +02:00
commit f3256cdaf2
6949 changed files with 1441681 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

312
package/network/services/ppp/Makefile Normal file
View File

@@ -0,0 +1,312 @@
#
# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=ppp
PKG_RELEASE:=3
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/paulusmack/ppp
PKG_SOURCE_DATE:=2019-05-25
PKG_SOURCE_VERSION:=8e77984ac5d7acbe68b2b2f590abd17564c9730d
PKG_MIRROR_HASH:=7e7e74f0261db2c45770d79c6114e768382e85bfeb3f5a83179f270d6c15006d
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-4-Clause
PKG_CPE_ID:=cpe:/a:samba:ppp
PKG_RELEASE_VERSION:=2.4.7
PKG_VERSION:=$(PKG_RELEASE_VERSION).git-$(PKG_SOURCE_DATE)
PKG_BUILD_DEPENDS:=libpcap
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/ppp/Default
SECTION:=net
CATEGORY:=Network
URL:=https://ppp.samba.org/
endef
define Package/ppp
$(call Package/ppp/Default)
DEPENDS:=+kmod-ppp
TITLE:=PPP daemon
VARIANT:=default
endef
define Package/ppp-multilink
$(call Package/ppp/Default)
DEPENDS:=+kmod-ppp
TITLE:=PPP daemon (with multilink support)
VARIANT:=multilink
endef
define Package/ppp/description
This package contains the PPP (Point-to-Point Protocol) daemon.
endef
define Package/ppp/conffiles
/etc/ppp/chap-secrets
/etc/ppp/filter
/etc/ppp/ip-down
/etc/ppp/ip-up
/etc/ppp/ipv6-down
/etc/ppp/ipv6-up
/etc/ppp/options
endef
define Package/ppp-mod-pppoa
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink) +linux-atm +kmod-pppoa
TITLE:=PPPoA plugin
endef
define Package/ppp-mod-pppoa/description
This package contains a PPPoA (PPP over ATM) plugin for ppp.
endef
define Package/ppp-mod-pppoe
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink) +kmod-pppoe
TITLE:=PPPoE plugin
endef
define Package/ppp-mod-pppoe/description
This package contains a PPPoE (PPP over Ethernet) plugin for ppp.
endef
define Package/ppp-mod-radius
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink)
TITLE:=RADIUS plugin
endef
define Package/ppp-mod-radius/description
This package contains a RADIUS (Remote Authentication Dial-In User Service)
plugin for ppp.
endef
define Package/ppp-mod-radius/conffiles
/etc/ppp/radius.conf
/etc/ppp/radius/
endef
define Package/ppp-mod-pppol2tp
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink) +kmod-pppol2tp
TITLE:=PPPoL2TP plugin
endef
define Package/ppp-mod-pppol2tp/description
This package contains a PPPoL2TP (PPP over L2TP) plugin for ppp.
endef
define Package/ppp-mod-pptp
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink) +kmod-pptp +kmod-mppe +resolveip
TITLE:=PPtP plugin
endef
define Package/ppp-mod-pptp/description
This package contains a PPtP plugin for ppp.
endef
define Package/ppp-mod-passwordfd
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink)
TITLE:=pap/chap secret from filedescriptor
endef
define Package/ppp-mod-passwordfd/description
This package allows to pass the PAP/CHAP secret from a filedescriptor.
Eliminates the need for a secrets file.
endef
define Package/chat
$(call Package/ppp/Default)
TITLE:=Establish conversation with a modem
endef
define Package/chat/description
This package contains an utility to establish conversation with other PPP servers
(via a modem).
endef
define Package/pppdump
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink)
TITLE:=Read PPP record file
endef
define Package/pppdump/description
This package contains an utility to read PPP record file.
endef
define Package/pppstats
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink)
TITLE:=Report PPP statistics
endef
define Package/pppstats/description
This package contains an utility to report PPP statistics.
endef
define Package/pppoe-discovery
$(call Package/ppp/Default)
DEPENDS:=@(PACKAGE_ppp||PACKAGE_ppp-multilink) +ppp-mod-pppoe
TITLE:=Perform a PPPoE-discovery process
endef
define Package/pppoe-discovery/description
This tool performs the same discovery process as pppoe, but does
not initiate a session. Can be useful to debug pppoe.
endef
define Build/Configure
$(call Build/Configure/Default,, \
UNAME_S="Linux" \
UNAME_R="$(LINUX_VERSION)" \
UNAME_M="$(ARCH)" \
)
mkdir -p $(PKG_BUILD_DIR)/pppd/plugins/pppoatm/linux
$(CP) \
$(LINUX_DIR)/include/linux/compiler.h \
$(LINUX_DIR)/include/$(LINUX_UAPI_DIR)linux/atm*.h \
$(PKG_BUILD_DIR)/pppd/plugins/pppoatm/linux/
# Kernel 4.14.9+ only, ignore the exit status of cp in case the file
# doesn't exits
-$(CP) $(LINUX_DIR)/include/linux/compiler_types.h \
$(PKG_BUILD_DIR)/pppd/plugins/pppoatm/linux/
endef
TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto
TARGET_LDFLAGS += -Wl,--gc-sections -flto -fuse-linker-plugin
MAKE_FLAGS += COPTS="$(TARGET_CFLAGS)" \
PRECOMPILED_FILTER=1 \
STAGING_DIR="$(STAGING_DIR)"
ifeq ($(BUILD_VARIANT),multilink)
MAKE_FLAGS += HAVE_MULTILINK=y
else
MAKE_FLAGS += HAVE_MULTILINK=
endif
ifdef CONFIG_USE_MUSL
MAKE_FLAGS += USE_LIBUTIL=
endif
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/include/pppd $(1)/usr/include/
endef
define Package/ppp/script_install
endef
define Package/ppp/install
$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/pppd $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/ppp
$(INSTALL_CONF) ./files/etc/ppp/chap-secrets $(1)/etc/ppp/
$(INSTALL_DATA) ./files/etc/ppp/filter $(1)/etc/ppp/
$(INSTALL_DATA) ./files/etc/ppp/options $(1)/etc/ppp/
$(LN) /tmp/resolv.conf.ppp $(1)/etc/ppp/resolv.conf
$(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/ppp.sh $(1)/lib/netifd/proto/
$(INSTALL_BIN) ./files/lib/netifd/ppp-up $(1)/lib/netifd/
$(INSTALL_BIN) ./files/lib/netifd/ppp6-up $(1)/lib/netifd/
$(INSTALL_BIN) ./files/lib/netifd/ppp-down $(1)/lib/netifd/
endef
Package/ppp-multilink/install=$(Package/ppp/install)
define Package/ppp-mod-pppoa/install
$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/pppoatm.so \
$(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/
endef
define Package/ppp-mod-pppoe/install
$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/rp-pppoe.so \
$(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/
endef
define Package/ppp-mod-radius/install
$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/radius.so \
$(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/
$(INSTALL_DIR) $(1)/etc/ppp
$(INSTALL_DATA) ./files/etc/ppp/radius.conf $(1)/etc/ppp/
$(INSTALL_DIR) $(1)/etc/ppp/radius
$(INSTALL_DATA) ./files/etc/ppp/radius/dictionary* \
$(1)/etc/ppp/radius/
$(INSTALL_CONF) ./files/etc/ppp/radius/servers \
$(1)/etc/ppp/radius/
endef
define Package/ppp-mod-pppol2tp/install
$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/pppol2tp.so \
$(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/
endef
define Package/ppp-mod-pptp/install
$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/pptp.so \
$(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/
$(INSTALL_DIR) $(1)/etc/ppp
$(INSTALL_DATA) ./files/etc/ppp/options.pptp $(1)/etc/ppp/
endef
define Package/ppp-mod-passwordfd/install
$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/passwordfd.so \
$(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/
endef
define Package/chat/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/chat $(1)/usr/sbin/
endef
define Package/pppdump/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/pppdump $(1)/usr/sbin/
endef
define Package/pppstats/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/pppstats $(1)/usr/sbin/
endef
define Package/pppoe-discovery/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/pppoe-discovery $(1)/usr/sbin/
endef
$(eval $(call BuildPackage,ppp))
$(eval $(call BuildPackage,ppp-multilink))
$(eval $(call BuildPackage,ppp-mod-pppoa))
$(eval $(call BuildPackage,ppp-mod-pppoe))
$(eval $(call BuildPackage,ppp-mod-radius))
$(eval $(call BuildPackage,ppp-mod-pppol2tp))
$(eval $(call BuildPackage,ppp-mod-pptp))
$(eval $(call BuildPackage,ppp-mod-passwordfd))
$(eval $(call BuildPackage,chat))
$(eval $(call BuildPackage,pppdump))
$(eval $(call BuildPackage,pppstats))
$(eval $(call BuildPackage,pppoe-discovery))

1
package/network/services/ppp/files/etc/ppp/chap-secrets Normal file
View File

@@ -0,0 +1 @@
#USERNAME PROVIDER PASSWORD IPADDRESS

23
package/network/services/ppp/files/etc/ppp/filter Normal file
View File

@@ -0,0 +1,23 @@
#
# Expression: outbound and not icmp[0] != 8 and not tcp[13] & 4 != 0
#
19
48 0 0 0
21 0 16 1
40 0 0 2
21 0 13 33
48 0 0 13
21 0 5 1
40 0 0 10
69 9 0 8191
177 0 0 4
80 0 0 4
21 6 7 8
21 0 5 6
40 0 0 10
69 3 0 8191
177 0 0 4
80 0 0 17
69 1 0 4
6 0 0 4
6 0 0 0

8
package/network/services/ppp/files/etc/ppp/options Normal file
View File

@@ -0,0 +1,8 @@
#debug
logfile /dev/null
noipdefault
noaccomp
nopcomp
nocrtscts
lock
maxfail 0

7
package/network/services/ppp/files/etc/ppp/options.pptp Normal file
View File

@@ -0,0 +1,7 @@
noipdefault
noauth
nobsdcomp
nodeflate
idle 0
mppe required,no40,no56,stateless
maxfail 0

8
package/network/services/ppp/files/etc/ppp/radius.conf Normal file
View File

@@ -0,0 +1,8 @@
authserver localhost:1812
acctserver localhost:1813
dictionary /etc/ppp/radius/dictionary
servers /etc/ppp/radius/servers
mapfile /dev/null
seqfile /tmp/radius.seq
radius_timeout 5
radius_retries 3

253
package/network/services/ppp/files/etc/ppp/radius/dictionary Normal file
View File

@@ -0,0 +1,253 @@
#
# Updated 97/06/13 to livingston-radius-2.01 miquels@cistron.nl
#
# This file contains dictionary translations for parsing
# requests and generating responses. All transactions are
# composed of Attribute/Value Pairs. The value of each attribute
# is specified as one of 4 data types. Valid data types are:
#
# string - 0-253 octets
# ipaddr - 4 octets in network byte order
# integer - 32 bit value in big endian order (high byte first)
# date - 32 bit value in big endian order - seconds since
# 00:00:00 GMT, Jan. 1, 1970
#
# Enumerated values are stored in the user file with dictionary
# VALUE translations for easy administration.
#
# Example:
#
# ATTRIBUTE VALUE
# --------------- -----
# Framed-Protocol = PPP
# 7 = 1 (integer encoding)
#
# The dictionary format now supports vendor-specific attributes.
# Vendors are introduced like this:
#
# VENDOR vendor_name vendor_number
#
# For example:
#
# VENDOR RoaringPenguin 10055
#
# Vendor-specific attributes have a fifth field with the name of the
# vendor. For example:
#
# ATTRIBUTE RP-Upstream-Speed-Limit 1 integer RoaringPenguin
#
# introduces a Roaring Penguin vendor-specific attribbute with name
# RP-Upstream-Speed-Limit, number 1, type integer and vendor RoaringPenguin.
#
# Following are the proper new names. Use these.
#
ATTRIBUTE User-Name 1 string
ATTRIBUTE Password 2 string
ATTRIBUTE CHAP-Password 3 string
ATTRIBUTE NAS-IP-Address 4 ipaddr
ATTRIBUTE NAS-Port-Id 5 integer
ATTRIBUTE Service-Type 6 integer
ATTRIBUTE Framed-Protocol 7 integer
ATTRIBUTE Framed-IP-Address 8 ipaddr
ATTRIBUTE Framed-IP-Netmask 9 ipaddr
ATTRIBUTE Framed-Routing 10 integer
ATTRIBUTE Filter-Id 11 string
ATTRIBUTE Framed-MTU 12 integer
ATTRIBUTE Framed-Compression 13 integer
ATTRIBUTE Login-IP-Host 14 ipaddr
ATTRIBUTE Login-Service 15 integer
ATTRIBUTE Login-TCP-Port 16 integer
ATTRIBUTE Reply-Message 18 string
ATTRIBUTE Callback-Number 19 string
ATTRIBUTE Callback-Id 20 string
ATTRIBUTE Framed-Route 22 string
ATTRIBUTE Framed-IPX-Network 23 ipaddr
ATTRIBUTE State 24 string
ATTRIBUTE Class 25 string
ATTRIBUTE Session-Timeout 27 integer
ATTRIBUTE Idle-Timeout 28 integer
ATTRIBUTE Termination-Action 29 integer
ATTRIBUTE Called-Station-Id 30 string
ATTRIBUTE Calling-Station-Id 31 string
ATTRIBUTE NAS-Identifier 32 string
ATTRIBUTE Acct-Status-Type 40 integer
ATTRIBUTE Acct-Delay-Time 41 integer
ATTRIBUTE Acct-Input-Octets 42 integer
ATTRIBUTE Acct-Output-Octets 43 integer
ATTRIBUTE Acct-Session-Id 44 string
ATTRIBUTE Acct-Authentic 45 integer
ATTRIBUTE Acct-Session-Time 46 integer
ATTRIBUTE Acct-Input-Packets 47 integer
ATTRIBUTE Acct-Output-Packets 48 integer
ATTRIBUTE Acct-Terminate-Cause 49 integer
ATTRIBUTE Chap-Challenge 60 string
ATTRIBUTE NAS-Port-Type 61 integer
ATTRIBUTE Port-Limit 62 integer
ATTRIBUTE Connect-Info 77 string
# RFC 2869
ATTRIBUTE Acct-Interim-Interval 85 integer
#
# Experimental Non Protocol Attributes used by Cistron-Radiusd
#
ATTRIBUTE Huntgroup-Name 221 string
ATTRIBUTE User-Category 1029 string
ATTRIBUTE Group-Name 1030 string
ATTRIBUTE Simultaneous-Use 1034 integer
ATTRIBUTE Strip-User-Name 1035 integer
ATTRIBUTE Fall-Through 1036 integer
ATTRIBUTE Add-Port-To-IP-Address 1037 integer
ATTRIBUTE Exec-Program 1038 string
ATTRIBUTE Exec-Program-Wait 1039 string
ATTRIBUTE Hint 1040 string
#
# Non-Protocol Attributes
# These attributes are used internally by the server
#
ATTRIBUTE Expiration 21 date
ATTRIBUTE Auth-Type 1000 integer
ATTRIBUTE Menu 1001 string
ATTRIBUTE Termination-Menu 1002 string
ATTRIBUTE Prefix 1003 string
ATTRIBUTE Suffix 1004 string
ATTRIBUTE Group 1005 string
ATTRIBUTE Crypt-Password 1006 string
ATTRIBUTE Connect-Rate 1007 integer
#
# Experimental, implementation specific attributes
#
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
#
# Integer Translations
#
# User Types
VALUE Service-Type Login-User 1
VALUE Service-Type Framed-User 2
VALUE Service-Type Callback-Login-User 3
VALUE Service-Type Callback-Framed-User 4
VALUE Service-Type Outbound-User 5
VALUE Service-Type Administrative-User 6
VALUE Service-Type NAS-Prompt-User 7
# Framed Protocols
VALUE Framed-Protocol PPP 1
VALUE Framed-Protocol SLIP 2
# Framed Routing Values
VALUE Framed-Routing None 0
VALUE Framed-Routing Broadcast 1
VALUE Framed-Routing Listen 2
VALUE Framed-Routing Broadcast-Listen 3
# Framed Compression Types
VALUE Framed-Compression None 0
VALUE Framed-Compression Van-Jacobson-TCP-IP 1
# Login Services
VALUE Login-Service Telnet 0
VALUE Login-Service Rlogin 1
VALUE Login-Service TCP-Clear 2
VALUE Login-Service PortMaster 3
# Status Types
VALUE Acct-Status-Type Start 1
VALUE Acct-Status-Type Stop 2
VALUE Acct-Status-Type Accounting-On 7
VALUE Acct-Status-Type Accounting-Off 8
# Authentication Types
VALUE Acct-Authentic RADIUS 1
VALUE Acct-Authentic Local 2
VALUE Acct-Authentic PowerLink128 100
# Termination Options
VALUE Termination-Action Default 0
VALUE Termination-Action RADIUS-Request 1
# NAS Port Types, available in 3.3.1 and later
VALUE NAS-Port-Type Async 0
VALUE NAS-Port-Type Sync 1
VALUE NAS-Port-Type ISDN 2
VALUE NAS-Port-Type ISDN-V120 3
VALUE NAS-Port-Type ISDN-V110 4
# Acct Terminate Causes, available in 3.3.2 and later
VALUE Acct-Terminate-Cause User-Request 1
VALUE Acct-Terminate-Cause Lost-Carrier 2
VALUE Acct-Terminate-Cause Lost-Service 3
VALUE Acct-Terminate-Cause Idle-Timeout 4
VALUE Acct-Terminate-Cause Session-Timeout 5
VALUE Acct-Terminate-Cause Admin-Reset 6
VALUE Acct-Terminate-Cause Admin-Reboot 7
VALUE Acct-Terminate-Cause Port-Error 8
VALUE Acct-Terminate-Cause NAS-Error 9
VALUE Acct-Terminate-Cause NAS-Request 10
VALUE Acct-Terminate-Cause NAS-Reboot 11
VALUE Acct-Terminate-Cause Port-Unneeded 12
VALUE Acct-Terminate-Cause Port-Preempted 13
VALUE Acct-Terminate-Cause Port-Suspended 14
VALUE Acct-Terminate-Cause Service-Unavailable 15
VALUE Acct-Terminate-Cause Callback 16
VALUE Acct-Terminate-Cause User-Error 17
VALUE Acct-Terminate-Cause Host-Request 18
#
# Non-Protocol Integer Translations
#
VALUE Auth-Type Local 0
VALUE Auth-Type System 1
VALUE Auth-Type SecurID 2
VALUE Auth-Type Crypt-Local 3
VALUE Auth-Type Reject 4
#
# Cistron extensions
#
VALUE Auth-Type Pam 253
VALUE Auth-Type None 254
#
# Experimental Non-Protocol Integer Translations for Cistron-Radiusd
#
VALUE Fall-Through No 0
VALUE Fall-Through Yes 1
VALUE Add-Port-To-IP-Address No 0
VALUE Add-Port-To-IP-Address Yes 1
#
# Configuration Values
# uncomment these two lines to turn account expiration on
#
#VALUE Server-Config Password-Expiration 30
#VALUE Server-Config Password-Warning 5
# Octets-Direction
VALUE Octets-Direction Sum 0
VALUE Octets-Direction Input 1
VALUE Octets-Direction Output 2
VALUE Octets-Direction MaxOveral 3
VALUE Octets-Direction MaxSession 4
INCLUDE /etc/ppp/radius/dictionary.microsoft

3
package/network/services/ppp/files/etc/ppp/radius/dictionary.asnet Normal file
View File

@@ -0,0 +1,3 @@
VENDOR ASNET 50000
ATTRIBUTE Speed-Down 1 string ASNET
ATTRIBUTE Speed-Up 2 string ASNET

80
package/network/services/ppp/files/etc/ppp/radius/dictionary.microsoft Normal file
View File

@@ -0,0 +1,80 @@
#
# Microsoft's VSA's, from RFC 2548
#
#
VENDOR Microsoft 311 Microsoft
ATTRIBUTE MS-CHAP-Response 1 string Microsoft
ATTRIBUTE MS-CHAP-Error 2 string Microsoft
ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft
ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft
ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft
ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft
ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft
# This is referred to as both singular and plural in the RFC.
# Plural seems to make more sense.
ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft
ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft
ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft
ATTRIBUTE MS-CHAP-Domain 10 string Microsoft
ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft
ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft
ATTRIBUTE MS-BAP-Usage 13 integer Microsoft
ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft
ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft
ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft
ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft
ATTRIBUTE MS-RAS-Version 18 string Microsoft
ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft
ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft
ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft
ATTRIBUTE MS-Filter 22 string Microsoft
ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft
ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft
ATTRIBUTE MS-CHAP2-Response 25 string Microsoft
ATTRIBUTE MS-CHAP2-Success 26 string Microsoft
ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft
ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft
ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft
ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft
ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft
#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft
#
# Integer Translations
#
# MS-BAP-Usage Values
VALUE MS-BAP-Usage Not-Allowed 0
VALUE MS-BAP-Usage Allowed 1
VALUE MS-BAP-Usage Required 2
# MS-ARAP-Password-Change-Reason Values
VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1
VALUE MS-ARAP-PW-Change-Reason Expired-Password 2
VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3
VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4
# MS-Acct-Auth-Type Values
VALUE MS-Acct-Auth-Type PAP 1
VALUE MS-Acct-Auth-Type CHAP 2
VALUE MS-Acct-Auth-Type MS-CHAP-1 3
VALUE MS-Acct-Auth-Type MS-CHAP-2 4
VALUE MS-Acct-Auth-Type EAP 5
# MS-Acct-EAP-Type Values
VALUE MS-Acct-EAP-Type MD5 4
VALUE MS-Acct-EAP-Type OTP 5
VALUE MS-Acct-EAP-Type Generic-Token-Card 6
VALUE MS-Acct-EAP-Type TLS 13

2
package/network/services/ppp/files/etc/ppp/radius/servers Normal file
View File

@@ -0,0 +1,2 @@
# SERVER SECRET
localhost secret

13
package/network/services/ppp/files/lib/netifd/ppp-down Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/sh
PPP_IPPARAM="$6"
. /lib/netifd/netifd-proto.sh
proto_init_update "$IFNAME" 0
proto_send_update "$PPP_IPPARAM"
[ -d /etc/ppp/ip-down.d ] && {
for SCRIPT in /etc/ppp/ip-down.d/*
do
[ -x "$SCRIPT" ] && "$SCRIPT" "$@"
done
}

20
package/network/services/ppp/files/lib/netifd/ppp-up Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
PPP_IPPARAM="$6"
. /lib/netifd/netifd-proto.sh
proto_init_update "$IFNAME" 1 1
proto_set_keep 1
[ -n "$PPP_IPPARAM" ] && {
[ -n "$IPLOCAL" ] && proto_add_ipv4_address "$IPLOCAL" 32 "" "${IPREMOTE:-2.2.2.2}"
[ -n "$IPREMOTE" ] && proto_add_ipv4_route 0.0.0.0 0 "$IPREMOTE"
[ -n "$DNS1" ] && proto_add_dns_server "$DNS1"
[ -n "$DNS2" -a "$DNS1" != "$DNS2" ] && proto_add_dns_server "$DNS2"
}
proto_send_update "$PPP_IPPARAM"
[ -d /etc/ppp/ip-up.d ] && {
for SCRIPT in /etc/ppp/ip-up.d/*
do
[ -x "$SCRIPT" ] && "$SCRIPT" "$@"
done
}

32
package/network/services/ppp/files/lib/netifd/ppp6-up Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/sh
PPP_IPPARAM="$6"
. /lib/netifd/netifd-proto.sh
proto_init_update "$IFNAME" 1 1
proto_set_keep 1
[ -n "$PPP_IPPARAM" ] && {
[ -n "$LLLOCAL" ] && proto_add_ipv6_address "$LLLOCAL" 128
}
proto_send_update "$PPP_IPPARAM"
[ -d /etc/ppp/ip-up.d ] && {
for SCRIPT in /etc/ppp/ip-up.d/*
do
[ -x "$SCRIPT" ] && "$SCRIPT" "$@"
done
}
if [ -n "$AUTOIPV6" ]; then
ZONE=$(fw3 -q network $PPP_IPPARAM 2>/dev/null)
json_init
json_add_string name "${PPP_IPPARAM}_6"
json_add_string ifname "@$PPP_IPPARAM"
json_add_string proto "dhcpv6"
[ -n "$ZONE" ] && json_add_string zone "$ZONE"
[ -n "$EXTENDPREFIX" ] && json_add_string extendprefix 1
[ -n "$IP6TABLE" ] && json_add_string ip6table $IP6TABLE
[ -n "$PEERDNS" ] && json_add_boolean peerdns $PEERDNS
json_close_object
ubus call network add_dynamic "$(json_dump)"
fi

338
package/network/services/ppp/files/ppp.sh Executable file
View File

@@ -0,0 +1,338 @@
#!/bin/sh
[ -x /usr/sbin/pppd ] || exit 0
[ -n "$INCLUDE_ONLY" ] || {
. /lib/functions.sh
. /lib/functions/network.sh
. ../netifd-proto.sh
init_proto "$@"
}
ppp_select_ipaddr()
{
local subnets=$1
local res
local res_mask
for subnet in $subnets; do
local addr="${subnet%%/*}"
local mask="${subnet#*/}"
if [ -n "$res_mask" -a "$mask" != 32 ]; then
[ "$mask" -gt "$res_mask" ] || [ "$res_mask" = 32 ] && {
res="$addr"
res_mask="$mask"
}
elif [ -z "$res_mask" ]; then
res="$addr"
res_mask="$mask"
fi
done
echo "$res"
}
ppp_exitcode_tostring()
{
local errorcode=$1
[ -n "$errorcode" ] || errorcode=5
case "$errorcode" in
0) echo "OK" ;;
1) echo "FATAL_ERROR" ;;
2) echo "OPTION_ERROR" ;;
3) echo "NOT_ROOT" ;;
4) echo "NO_KERNEL_SUPPORT" ;;
5) echo "USER_REQUEST" ;;
6) echo "LOCK_FAILED" ;;
7) echo "OPEN_FAILED" ;;
8) echo "CONNECT_FAILED" ;;
9) echo "PTYCMD_FAILED" ;;
10) echo "NEGOTIATION_FAILED" ;;
11) echo "PEER_AUTH_FAILED" ;;
12) echo "IDLE_TIMEOUT" ;;
13) echo "CONNECT_TIME" ;;
14) echo "CALLBACK" ;;
15) echo "PEER_DEAD" ;;
16) echo "HANGUP" ;;
17) echo "LOOPBACK" ;;
18) echo "INIT_FAILED" ;;
19) echo "AUTH_TOPEER_FAILED" ;;
20) echo "TRAFFIC_LIMIT" ;;
21) echo "CNID_AUTH_FAILED";;
*) echo "UNKNOWN_ERROR" ;;
esac
}
ppp_generic_init_config() {
proto_config_add_string username
proto_config_add_string password
proto_config_add_string keepalive
proto_config_add_boolean keepalive_adaptive
proto_config_add_int demand
proto_config_add_string pppd_options
proto_config_add_string 'connect:file'
proto_config_add_string 'disconnect:file'
[ -e /proc/sys/net/ipv6 ] && proto_config_add_string ipv6
proto_config_add_boolean authfail
proto_config_add_int mtu
proto_config_add_string pppname
proto_config_add_string unnumbered
proto_config_add_boolean persist
proto_config_add_int maxfail
proto_config_add_int holdoff
}
ppp_generic_setup() {
local config="$1"; shift
local localip
json_get_vars ip6table demand keepalive keepalive_adaptive username password pppd_options pppname unnumbered persist maxfail holdoff peerdns
[ ! -e /proc/sys/net/ipv6 ] && ipv6=0 || json_get_var ipv6 ipv6
if [ "$ipv6" = 0 ]; then
ipv6=""
elif [ -z "$ipv6" -o "$ipv6" = auto ]; then
ipv6=1
autoipv6=1
fi
if [ "${demand:-0}" -gt 0 ]; then
demand="precompiled-active-filter /etc/ppp/filter demand idle $demand"
else
demand=""
fi
if [ -n "$persist" ]; then
[ "${persist}" -lt 1 ] && persist="nopersist" || persist="persist"
fi
if [ -z "$maxfail" ]; then
[ "$persist" = "persist" ] && maxfail=0 || maxfail=1
fi
[ -n "$mtu" ] || json_get_var mtu mtu
[ -n "$pppname" ] || pppname="${proto:-ppp}-$config"
[ -n "$unnumbered" ] && {
local subnets
( proto_add_host_dependency "$config" "" "$unnumbered" )
network_get_subnets subnets "$unnumbered"
localip=$(ppp_select_ipaddr "$subnets")
[ -n "$localip" ] || {
proto_block_restart "$config"
return
}
}
[ -n "$keepalive" ] || keepalive="5 1"
local lcp_failure="${keepalive%%[, ]*}"
local lcp_interval="${keepalive##*[, ]}"
local lcp_adaptive="lcp-echo-adaptive"
[ "${lcp_failure:-0}" -lt 1 ] && lcp_failure=""
[ "$lcp_interval" != "$keepalive" ] || lcp_interval=5
[ "${keepalive_adaptive:-1}" -lt 1 ] && lcp_adaptive=""
[ -n "$connect" ] || json_get_var connect connect
[ -n "$disconnect" ] || json_get_var disconnect disconnect
proto_run_command "$config" /usr/sbin/pppd \
nodetach ipparam "$config" \
ifname "$pppname" \
${localip:+$localip:} \
${lcp_failure:+lcp-echo-interval $lcp_interval lcp-echo-failure $lcp_failure $lcp_adaptive} \
${ipv6:++ipv6} \
${autoipv6:+set AUTOIPV6=1} \
${ip6table:+set IP6TABLE=$ip6table} \
${peerdns:+set PEERDNS=$peerdns} \
nodefaultroute \
usepeerdns \
$demand $persist maxfail $maxfail \
${holdoff:+holdoff "$holdoff"} \
${username:+user "$username" password "$password"} \
${connect:+connect "$connect"} \
${disconnect:+disconnect "$disconnect"} \
ip-up-script /lib/netifd/ppp-up \
${ipv6:+ipv6-up-script /lib/netifd/ppp6-up} \
ip-down-script /lib/netifd/ppp-down \
${ipv6:+ipv6-down-script /lib/netifd/ppp-down} \
${mtu:+mtu $mtu mru $mtu} \
"$@" $pppd_options
}
ppp_generic_teardown() {
local interface="$1"
local errorstring=$(ppp_exitcode_tostring $ERROR)
case "$ERROR" in
0)
;;
2)
proto_notify_error "$interface" "$errorstring"
proto_block_restart "$interface"
;;
11|19)
json_get_var authfail authfail
proto_notify_error "$interface" "$errorstring"
if [ "${authfail:-0}" -gt 0 ]; then
proto_block_restart "$interface"
fi
;;
*)
proto_notify_error "$interface" "$errorstring"
;;
esac
proto_kill_command "$interface"
}
# PPP on serial device
proto_ppp_init_config() {
proto_config_add_string "device"
ppp_generic_init_config
no_device=1
available=1
lasterror=1
}
proto_ppp_setup() {
local config="$1"
json_get_var device device
ppp_generic_setup "$config" "$device"
}
proto_ppp_teardown() {
ppp_generic_teardown "$@"
}
proto_pppoe_init_config() {
ppp_generic_init_config
proto_config_add_string "ac"
proto_config_add_string "service"
proto_config_add_string "host_uniq"
proto_config_add_int "padi_attempts"
proto_config_add_int "padi_timeout"
lasterror=1
}
proto_pppoe_setup() {
local config="$1"
local iface="$2"
for module in slhc ppp_generic pppox pppoe; do
/sbin/insmod $module 2>&- >&-
done
json_get_var mtu mtu
mtu="${mtu:-1492}"
json_get_var ac ac
json_get_var service service
json_get_var host_uniq host_uniq
json_get_var padi_attempts padi_attempts
json_get_var padi_timeout padi_timeout
ppp_generic_setup "$config" \
plugin rp-pppoe.so \
${ac:+rp_pppoe_ac "$ac"} \
${service:+rp_pppoe_service "$service"} \
${host_uniq:+host-uniq "$host_uniq"} \
${padi_attempts:+pppoe-padi-attempts $padi_attempts} \
${padi_timeout:+pppoe-padi-timeout $padi_timeout} \
"nic-$iface"
}
proto_pppoe_teardown() {
ppp_generic_teardown "$@"
}
proto_pppoa_init_config() {
ppp_generic_init_config
proto_config_add_int "atmdev"
proto_config_add_int "vci"
proto_config_add_int "vpi"
proto_config_add_string "encaps"
no_device=1
available=1
lasterror=1
}
proto_pppoa_setup() {
local config="$1"
local iface="$2"
for module in slhc ppp_generic pppox pppoatm; do
/sbin/insmod $module 2>&- >&-
done
json_get_vars atmdev vci vpi encaps
case "$encaps" in
1|vc) encaps="vc-encaps" ;;
*) encaps="llc-encaps" ;;
esac
ppp_generic_setup "$config" \
plugin pppoatm.so \
${atmdev:+$atmdev.}${vpi:-8}.${vci:-35} \
${encaps}
}
proto_pppoa_teardown() {
ppp_generic_teardown "$@"
}
proto_pptp_init_config() {
ppp_generic_init_config
proto_config_add_string "server"
proto_config_add_string "interface"
available=1
no_device=1
lasterror=1
}
proto_pptp_setup() {
local config="$1"
local iface="$2"
local ip serv_addr server interface
json_get_vars interface server
[ -n "$server" ] && {
for ip in $(resolveip -t 5 "$server"); do
( proto_add_host_dependency "$config" "$ip" $interface )
serv_addr=1
done
}
[ -n "$serv_addr" ] || {
echo "Could not resolve server address"
sleep 5
proto_setup_failed "$config"
exit 1
}
local load
for module in slhc ppp_generic ppp_async ppp_mppe ip_gre gre pptp; do
grep -q "^$module " /proc/modules && continue
/sbin/insmod $module 2>&- >&-
load=1
done
[ "$load" = "1" ] && sleep 1
ppp_generic_setup "$config" \
plugin pptp.so \
pptp_server $server \
file /etc/ppp/options.pptp
}
proto_pptp_teardown() {
ppp_generic_teardown "$@"
}
[ -n "$INCLUDE_ONLY" ] || {
add_protocol ppp
[ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe
[ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa
[ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp
}

24
package/network/services/ppp/patches/010-use_target_for_configure.patch Normal file
View File

@@ -0,0 +1,24 @@
configure: Allow overriding uname results
In a cross compile setting it makes no sense to rely on the "uname" values
reported by the build host system. This patch allows overriding the
"uname -r", "uname -s" and "uname -m" results with the "UNAME_R", "UNAME_S"
and "UNAME_M" environment variables.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/configure
+++ b/configure
@@ -8,9 +8,9 @@ SYSCONF=/etc
# if [ -d /NextApps ]; then
# system="NeXTStep"
# else
- system=`uname -s`
- release=`uname -r`
- arch=`uname -m`
+ system=${UNAME_S:-`uname -s`}
+ release=${UNAME_R:-`uname -r`}
+ arch=${UNAME_M:-`uname -m`}
# fi
state="unknown"

96
package/network/services/ppp/patches/100-debian_ip-ip_option.patch Normal file
View File

@@ -0,0 +1,96 @@
pppd: Allow specifying ip-up and ip-down scripts
This patch implements the "ip-up-script" and "ip-down-script" options which
allow to specify the path of the ip-up and ip-down scripts to call.
These options default to _PATH_IPUP and _PATH_IPDOWN to retain the
existing behaviour.
The patch originated from the Debian project.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/ipcp.c
+++ b/pppd/ipcp.c
@@ -1958,7 +1958,7 @@ ipcp_up(f)
*/
if (ipcp_script_state == s_down && ipcp_script_pid == 0) {
ipcp_script_state = s_up;
- ipcp_script(_PATH_IPUP, 0);
+ ipcp_script(path_ipup, 0);
}
}
@@ -2008,7 +2008,7 @@ ipcp_down(f)
/* Execute the ip-down script */
if (ipcp_script_state == s_up && ipcp_script_pid == 0) {
ipcp_script_state = s_down;
- ipcp_script(_PATH_IPDOWN, 0);
+ ipcp_script(path_ipdown, 0);
}
}
@@ -2062,13 +2062,13 @@ ipcp_script_done(arg)
case s_up:
if (ipcp_fsm[0].state != OPENED) {
ipcp_script_state = s_down;
- ipcp_script(_PATH_IPDOWN, 0);
+ ipcp_script(path_ipdown, 0);
}
break;
case s_down:
if (ipcp_fsm[0].state == OPENED) {
ipcp_script_state = s_up;
- ipcp_script(_PATH_IPUP, 0);
+ ipcp_script(path_ipup, 0);
}
break;
}
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -308,6 +308,9 @@ main(argc, argv)
struct protent *protp;
char numbuf[16];
+ strlcpy(path_ipup, _PATH_IPUP, sizeof(path_ipup));
+ strlcpy(path_ipdown, _PATH_IPDOWN, sizeof(path_ipdown));
+
link_stats_valid = 0;
new_phase(PHASE_INITIALIZE);
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -118,6 +118,8 @@ bool tune_kernel; /* may alter kernel s
int connect_delay = 1000; /* wait this many ms after connect script */
int req_unit = -1; /* requested interface unit */
char req_ifname[MAXIFNAMELEN]; /* requested interface name */
+char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
+char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */
bool multilink = 0; /* Enable multilink operation */
char *bundle_name = NULL; /* bundle name for multilink */
bool dump_options; /* print out option values */
@@ -317,6 +319,13 @@ option_t general_options[] = {
"Metric to use for the default route (Linux only; -1 for default behavior)",
OPT_PRIV|OPT_LLIMIT|OPT_INITONLY, NULL, 0, -1 },
+ { "ip-up-script", o_string, path_ipup,
+ "Set pathname of ip-up script",
+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+ { "ip-down-script", o_string, path_ipdown,
+ "Set pathname of ip-down script",
+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+
#ifdef HAVE_MULTILINK
{ "multilink", o_bool, &multilink,
"Enable multilink operation", OPT_PRIO | 1 },
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -332,6 +332,8 @@ extern int connect_delay; /* Time to del
extern int max_data_rate; /* max bytes/sec through charshunt */
extern int req_unit; /* interface unit number to use */
extern char req_ifname[MAXIFNAMELEN]; /* interface name to use */
+extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
+extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
extern bool multilink; /* enable multilink operation */
extern bool noendpoint; /* don't send or accept endpt. discrim. */
extern char *bundle_name; /* bundle name for multilink */

28
package/network/services/ppp/patches/101-debian_close_dev_ppp.patch Normal file
View File

@@ -0,0 +1,28 @@
pppd: Close already open ppp descriptors
When using the kernel PPPoE driver in conjunction with the "persist" option,
the already open descriptor to /dev/ppp is not closed when the link is
reestablished. This eventually leads to high CPU load because the stray
descriptors are always reported as ready by select().
This patch closes the descriptor if it is already open when establishing a
new connection. It originated from the Debian project.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -460,6 +460,13 @@ int generic_establish_ppp (int fd)
if (new_style_driver) {
int flags;
+ /* if a ppp_fd is already open, close it first */
+ if(ppp_fd > 0) {
+ close(ppp_fd);
+ remove_fd(ppp_fd);
+ ppp_fd = -1;
+ }
+
/* Open an instance of /dev/ppp and connect the channel to it */
if (ioctl(fd, PPPIOCGCHAN, &chindex) == -1) {
error("Couldn't get channel number: %m");

23
package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch Normal file
View File

@@ -0,0 +1,23 @@
pppd: Fix creation of linkpidfile
When pppd is run without "nodetach" or with "updetach", the linkpidfile is
never created. The call to create_linkpidfile() is protected by a check for
linkpidfile[0] but this is only filled in when create_linkpidfile() is called.
This patch changes to code to allways uncondiationally call
create_linkpidfile(), it originated from the Debian project.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -768,8 +768,7 @@ detach()
/* update pid files if they have been written already */
if (pidfilename[0])
create_pidfile(pid);
- if (linkpidfile[0])
- create_linkpidfile(pid);
+ create_linkpidfile(pid);
exit(0); /* parent dies */
}
setsid();

172
package/network/services/ppp/patches/105-debian_demand.patch Normal file
View File

@@ -0,0 +1,172 @@
--- a/pppd/demand.c
+++ b/pppd/demand.c
@@ -36,6 +36,8 @@
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
+#include <unistd.h>
+#include <syslog.h>
#include <sys/param.h>
#include <sys/types.h>
#include <sys/wait.h>
@@ -43,6 +45,8 @@
#include <sys/resource.h>
#include <sys/stat.h>
#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
#ifdef PPP_FILTER
#include <pcap-bpf.h>
#endif
@@ -221,6 +225,14 @@ loop_chars(p, n)
int c, rv;
rv = 0;
+
+/* check for synchronous connection... */
+
+ if ( (p[0] == 0xFF) && (p[1] == 0x03) ) {
+ rv = loop_frame(p,n);
+ return rv;
+ }
+
for (; n > 0; --n) {
c = *p++;
if (c == PPP_FLAG) {
@@ -299,17 +311,102 @@ loop_frame(frame, len)
* loopback, now that the real serial link is up.
*/
void
-demand_rexmit(proto)
+demand_rexmit(proto, newip)
int proto;
+ u_int32_t newip;
{
struct packet *pkt, *prev, *nextpkt;
+ unsigned short checksum;
+ unsigned short pkt_checksum = 0;
+ unsigned iphdr;
+ struct timeval tv;
+ char cv = 0;
+ char ipstr[16];
prev = NULL;
pkt = pend_q;
pend_q = NULL;
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ select(0,NULL,NULL,NULL,&tv); /* Sleep for 1 Seconds */
for (; pkt != NULL; pkt = nextpkt) {
nextpkt = pkt->next;
if (PPP_PROTOCOL(pkt->data) == proto) {
+ if ( (proto == PPP_IP) && newip ) {
+ /* Get old checksum */
+
+ iphdr = (pkt->data[4] & 15) << 2;
+ checksum = *((unsigned short *) (pkt->data+14));
+ if (checksum == 0xFFFF) {
+ checksum = 0;
+ }
+
+
+ if (pkt->data[13] == 17) {
+ pkt_checksum = *((unsigned short *) (pkt->data+10+iphdr));
+ if (pkt_checksum) {
+ cv = 1;
+ if (pkt_checksum == 0xFFFF) {
+ pkt_checksum = 0;
+ }
+ }
+ else {
+ cv = 0;
+ }
+ }
+
+ if (pkt->data[13] == 6) {
+ pkt_checksum = *((unsigned short *) (pkt->data+20+iphdr));
+ cv = 1;
+ if (pkt_checksum == 0xFFFF) {
+ pkt_checksum = 0;
+ }
+ }
+
+ /* Delete old Source-IP-Address */
+ checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
+ checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
+
+ pkt_checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
+ pkt_checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
+
+ /* Change Source-IP-Address */
+ * ((u_int32_t *) (pkt->data + 16)) = newip;
+
+ /* Add new Source-IP-Address */
+ checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
+ checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
+
+ pkt_checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
+ pkt_checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
+
+ /* Write new checksum */
+ if (!checksum) {
+ checksum = 0xFFFF;
+ }
+ *((unsigned short *) (pkt->data+14)) = checksum;
+ if (pkt->data[13] == 6) {
+ *((unsigned short *) (pkt->data+20+iphdr)) = pkt_checksum;
+ }
+ if (cv && (pkt->data[13] == 17) ) {
+ *((unsigned short *) (pkt->data+10+iphdr)) = pkt_checksum;
+ }
+
+ /* Log Packet */
+ strcpy(ipstr,inet_ntoa(*( (struct in_addr *) (pkt->data+16))));
+ if (pkt->data[13] == 1) {
+ syslog(LOG_INFO,"Open ICMP %s -> %s\n",
+ ipstr,
+ inet_ntoa(*( (struct in_addr *) (pkt->data+20))));
+ } else {
+ syslog(LOG_INFO,"Open %s %s:%d -> %s:%d\n",
+ pkt->data[13] == 6 ? "TCP" : "UDP",
+ ipstr,
+ ntohs(*( (short *) (pkt->data+iphdr+4))),
+ inet_ntoa(*( (struct in_addr *) (pkt->data+20))),
+ ntohs(*( (short *) (pkt->data+iphdr+6))));
+ }
+ }
output(0, pkt->data, pkt->length);
free(pkt);
} else {
--- a/pppd/ipcp.c
+++ b/pppd/ipcp.c
@@ -1883,7 +1883,7 @@ ipcp_up(f)
proxy_arp_set[f->unit] = 1;
}
- demand_rexmit(PPP_IP);
+ demand_rexmit(PPP_IP,go->ouraddr);
sifnpmode(f->unit, PPP_IP, NPMODE_PASS);
} else {
--- a/pppd/ipv6cp.c
+++ b/pppd/ipv6cp.c
@@ -1232,7 +1232,7 @@ ipv6cp_up(f)
}
}
- demand_rexmit(PPP_IPV6);
+ demand_rexmit(PPP_IPV6,0);
sifnpmode(f->unit, PPP_IPV6, NPMODE_PASS);
} else {
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -599,7 +599,7 @@ void demand_conf __P((void)); /* config
void demand_block __P((void)); /* set all NPs to queue up packets */
void demand_unblock __P((void)); /* set all NPs to pass packets */
void demand_discard __P((void)); /* set all NPs to discard packets */
-void demand_rexmit __P((int)); /* retransmit saved frames for an NP */
+void demand_rexmit __P((int, u_int32_t)); /* retransmit saved frames for an NP*/
int loop_chars __P((unsigned char *, int)); /* process chars from loopback */
int loop_frame __P((unsigned char *, int)); /* should we bring link up? */

47
package/network/services/ppp/patches/106-debian_stripMSdomain.patch Normal file
View File

@@ -0,0 +1,47 @@
pppd: Implement option to strip domain part from MS CHAP response
This patch implements a new boolean option "chapms-strip-domain" which
strips the leading domain part of the username in a received MS Chap
response.
When the option is set, all leading chars up to and including the last
backslash in the username are stripped. The option defaults to false.
The patch originated from the Debian project.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/chap-new.c
+++ b/pppd/chap-new.c
@@ -58,6 +58,7 @@ int (*chap_verify_hook)(char *name, char
int chap_timeout_time = 3;
int chap_max_transmits = 10;
int chap_rechallenge_time = 0;
+int chapms_strip_domain = 0;
/*
* Command-line options.
@@ -69,6 +70,8 @@ static option_t chap_option_list[] = {
"Set max #xmits for challenge", OPT_PRIO },
{ "chap-interval", o_int, &chap_rechallenge_time,
"Set interval for rechallenge", OPT_PRIO },
+ { "chapms-strip-domain", o_bool, &chapms_strip_domain,
+ "Strip the domain prefix before the Username", 1 },
{ NULL }
};
@@ -336,6 +339,14 @@ chap_handle_response(struct chap_server_
/* Null terminate and clean remote name. */
slprintf(rname, sizeof(rname), "%.*v", len, name);
name = rname;
+
+ /* strip the MS domain name */
+ if (chapms_strip_domain && strrchr(rname, '\\')) {
+ char tmp[MAXNAMELEN+1];
+
+ strcpy(tmp, strrchr(rname, '\\') + 1);
+ strcpy(rname, tmp);
+ }
}
if (chap_verify_hook)

25
package/network/services/ppp/patches/107-debian_pppoatm_wildcard.patch Normal file
View File

@@ -0,0 +1,25 @@
pppoatm: Allow wildcard ATM devices
When operating pppd's pppoatm plugin with an USB ADSL modem, e.g. an
Alcatel Speedtouch, the ATM device number might change when the modem is
reconnected to the USB port or when the host controller resets the USB
device.
This patch allows to specify the ATM device as wildcard which gives
enough flexibility to cope with changing device names.
The patch originated from the Debain project.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/plugins/pppoatm/pppoatm.c
+++ b/pppd/plugins/pppoatm/pppoatm.c
@@ -75,7 +75,7 @@ static int setdevname_pppoatm(const char
//info("PPPoATM setdevname_pppoatm: '%s'", cp);
memset(&addr, 0, sizeof addr);
if (text2atm(cp, (struct sockaddr *) &addr, sizeof(addr),
- T2A_PVC | T2A_NAME) < 0) {
+ T2A_PVC | T2A_NAME | T2A_WILDCARD) < 0) {
if(doit)
info("atm does not recognize: %s", cp);
return 0;

314
package/network/services/ppp/patches/110-debian_defaultroute.patch Normal file
View File

@@ -0,0 +1,314 @@
pppd: Add "replacedefaultroute" and "noreplacedefaultroute" options
This patch implements two new options, "replacedefaultroute" to replace any
existing system default route when specified and "noreplacedefaultroute" to
disable the "replacedefaultroute" option, which is useful in multi user
environments where the administrator wants to allow users to dial pppd
connections but not allow them to change the system default route.
The patch originated from the Debian project.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/ipcp.c
+++ b/pppd/ipcp.c
@@ -198,6 +198,14 @@ static option_t ipcp_option_list[] = {
"disable defaultroute option", OPT_ALIAS | OPT_A2CLR,
&ipcp_wantoptions[0].default_route },
+ { "replacedefaultroute", o_bool,
+ &ipcp_wantoptions[0].replace_default_route,
+ "Replace default route", 1
+ },
+ { "noreplacedefaultroute", o_bool,
+ &ipcp_allowoptions[0].replace_default_route,
+ "Never replace default route", OPT_A2COPY,
+ &ipcp_wantoptions[0].replace_default_route },
{ "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
"Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
{ "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
@@ -271,7 +279,7 @@ struct protent ipcp_protent = {
ip_active_pkt
};
-static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t));
+static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool));
static void ipcp_script __P((char *, int)); /* Run an up/down script */
static void ipcp_script_done __P((void *));
@@ -1761,7 +1769,8 @@ ip_demand_conf(u)
if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE))
return 0;
if (wo->default_route)
- if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr))
+ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr,
+ wo->replace_default_route))
default_route_set[u] = 1;
if (wo->proxy_arp)
if (sifproxyarp(u, wo->hisaddr))
@@ -1849,7 +1858,8 @@ ipcp_up(f)
*/
if (demand) {
if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) {
- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr);
+ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr,
+ wo->replace_default_route);
if (go->ouraddr != wo->ouraddr) {
warn("Local IP address changed to %I", go->ouraddr);
script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0);
@@ -1874,7 +1884,8 @@ ipcp_up(f)
/* assign a default route through the interface if required */
if (ipcp_wantoptions[f->unit].default_route)
- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
+ wo->replace_default_route))
default_route_set[f->unit] = 1;
/* Make a proxy ARP entry if requested. */
@@ -1924,7 +1935,8 @@ ipcp_up(f)
/* assign a default route through the interface if required */
if (ipcp_wantoptions[f->unit].default_route)
- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
+ wo->replace_default_route))
default_route_set[f->unit] = 1;
/* Make a proxy ARP entry if requested. */
@@ -2002,7 +2014,7 @@ ipcp_down(f)
sifnpmode(f->unit, PPP_IP, NPMODE_DROP);
sifdown(f->unit);
ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr,
- ipcp_hisoptions[f->unit].hisaddr);
+ ipcp_hisoptions[f->unit].hisaddr, 0);
}
/* Execute the ip-down script */
@@ -2018,16 +2030,25 @@ ipcp_down(f)
* proxy arp entries, etc.
*/
static void
-ipcp_clear_addrs(unit, ouraddr, hisaddr)
+ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute)
int unit;
u_int32_t ouraddr; /* local address */
u_int32_t hisaddr; /* remote address */
+ bool replacedefaultroute;
{
if (proxy_arp_set[unit]) {
cifproxyarp(unit, hisaddr);
proxy_arp_set[unit] = 0;
}
- if (default_route_set[unit]) {
+ /* If replacedefaultroute, sifdefaultroute will be called soon
+ * with replacedefaultroute set and that will overwrite the current
+ * default route. This is the case only when doing demand, otherwise
+ * during demand, this cifdefaultroute would restore the old default
+ * route which is not what we want in this case. In the non-demand
+ * case, we'll delete the default route and restore the old if there
+ * is one saved by an sifdefaultroute with replacedefaultroute.
+ */
+ if (!replacedefaultroute && default_route_set[unit]) {
cifdefaultroute(unit, ouraddr, hisaddr);
default_route_set[unit] = 0;
}
--- a/pppd/ipcp.h
+++ b/pppd/ipcp.h
@@ -70,6 +70,7 @@ typedef struct ipcp_options {
bool old_addrs; /* Use old (IP-Addresses) option? */
bool req_addr; /* Ask peer to send IP address? */
bool default_route; /* Assign default route through interface? */
+ bool replace_default_route; /* Replace default route through interface? */
bool proxy_arp; /* Make proxy ARP entry for peer? */
bool neg_vj; /* Van Jacobson Compression? */
bool old_vj; /* use old (short) form of VJ option? */
--- a/pppd/pppd.8
+++ b/pppd/pppd.8
@@ -127,6 +127,11 @@ is no other default route with the same
value of -1, the route is only added if there is no default route at
all.
.TP
+.B replacedefaultroute
+This option is a flag to the defaultroute option. If defaultroute is
+set and this flag is also set, pppd replaces an existing default route
+with the new default route.
+.TP
.B disconnect \fIscript
Execute the command specified by \fIscript\fR, by passing it to a
shell, after
@@ -740,7 +745,12 @@ disable both forms of hardware flow cont
.TP
.B nodefaultroute
Disable the \fIdefaultroute\fR option. The system administrator who
-wishes to prevent users from creating default routes with pppd
+wishes to prevent users from adding a default route with pppd
+can do so by placing this option in the /etc/ppp/options file.
+.TP
+.B noreplacedefaultroute
+Disable the \fIreplacedefaultroute\fR option. The system administrator who
+wishes to prevent users from replacing a default route with pppd
can do so by placing this option in the /etc/ppp/options file.
.TP
.B nodeflate
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -681,7 +681,7 @@ int sif6addr __P((int, eui64_t, eui64_t
int cif6addr __P((int, eui64_t, eui64_t));
/* Remove an IPv6 address from i/f */
#endif
-int sifdefaultroute __P((int, u_int32_t, u_int32_t));
+int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt));
/* Create default route through i/f */
int cifdefaultroute __P((int, u_int32_t, u_int32_t));
/* Delete default route through i/f */
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -207,6 +207,8 @@ static unsigned char inbuf[512]; /* buff
static int if_is_up; /* Interface has been marked up */
static int if6_is_up; /* Interface has been marked up for IPv6, to help differentiate */
static int have_default_route; /* Gateway for default route added */
+static struct rtentry old_def_rt; /* Old default route */
+static int default_rt_repl_rest; /* replace and restore old default rt */
static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */
static char proxy_arp_dev[16]; /* Device for proxy arp entry */
static u_int32_t our_old_addr; /* for detecting address changes */
@@ -1570,6 +1572,9 @@ static int read_route_table(struct rtent
p = NULL;
}
+ SET_SA_FAMILY (rt->rt_dst, AF_INET);
+ SET_SA_FAMILY (rt->rt_gateway, AF_INET);
+
SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16);
SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16);
SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16);
@@ -1642,20 +1647,52 @@ int have_route_to(u_int32_t addr)
/********************************************************************
*
* sifdefaultroute - assign a default route through the address given.
- */
-
-int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway)
-{
- struct rtentry rt;
-
- if (defaultroute_exists(&rt, dfl_route_metric) && strcmp(rt.rt_dev, ifname) != 0) {
- if (rt.rt_flags & RTF_GATEWAY)
- error("not replacing existing default route via %I with metric %d",
- SIN_ADDR(rt.rt_gateway), dfl_route_metric);
- else
+ *
+ * If the global default_rt_repl_rest flag is set, then this function
+ * already replaced the original system defaultroute with some other
+ * route and it should just replace the current defaultroute with
+ * another one, without saving the current route. Use: demand mode,
+ * when pppd sets first a defaultroute it it's temporary ppp0 addresses
+ * and then changes the temporary addresses to the addresses for the real
+ * ppp connection when it has come up.
+ */
+
+int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace)
+{
+ struct rtentry rt, tmp_rt;
+ struct rtentry *del_rt = NULL;
+
+ if (default_rt_repl_rest) {
+ /* We have already reclaced the original defaultroute, if we
+ are called again, we will delete the current default route
+ and set the new default route in this function.
+ - this is normally only the case the doing demand: */
+ if (defaultroute_exists(&tmp_rt, dfl_route_metric))
+ del_rt = &tmp_rt;
+ } else if (defaultroute_exists(&old_def_rt, dfl_route_metric) &&
+ strcmp(old_def_rt.rt_dev, ifname) != 0) {
+ /* We did not yet replace an existing default route, let's
+ check if we should save and replace a default route: */
+ if (old_def_rt.rt_flags & RTF_GATEWAY) {
+ if (!replace) {
+ error("not replacing existing default route via %I with metric %d",
+ SIN_ADDR(old_def_rt.rt_gateway), dfl_route_metric);
+ return 0;
+ } else {
+ /* we need to copy rt_dev because we need it permanent too: */
+ char *tmp_dev = malloc(strlen(old_def_rt.rt_dev) + 1);
+ strcpy(tmp_dev, old_def_rt.rt_dev);
+ old_def_rt.rt_dev = tmp_dev;
+
+ notice("replacing old default route to %s [%I] with metric %d",
+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway),
+ dfl_route_metric);
+ default_rt_repl_rest = 1;
+ del_rt = &old_def_rt;
+ }
+ } else
error("not replacing existing default route through %s with metric %d",
- rt.rt_dev, dfl_route_metric);
- return 0;
+ old_def_rt.rt_dev, dfl_route_metric);
}
memset (&rt, 0, sizeof (rt));
@@ -1671,10 +1708,16 @@ int sifdefaultroute (int unit, u_int32_t
rt.rt_flags = RTF_UP;
if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) {
- if ( ! ok_error ( errno ))
+ if (!ok_error(errno))
error("default route ioctl(SIOCADDRT): %m");
return 0;
}
+ if (default_rt_repl_rest && del_rt)
+ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) {
+ if (!ok_error(errno))
+ error("del old default route ioctl(SIOCDELRT): %m");
+ return 0;
+ }
have_default_route = 1;
return 1;
@@ -1708,11 +1751,21 @@ int cifdefaultroute (int unit, u_int32_t
rt.rt_flags = RTF_UP;
if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) {
if (still_ppp()) {
- if ( ! ok_error ( errno ))
+ if (!ok_error(errno))
error("default route ioctl(SIOCDELRT): %m");
return 0;
}
}
+ if (default_rt_repl_rest) {
+ notice("restoring old default route to %s [%I]",
+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway));
+ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) {
+ if (!ok_error(errno))
+ error("restore default route ioctl(SIOCADDRT): %m");
+ return 0;
+ }
+ default_rt_repl_rest = 0;
+ }
return 1;
}
--- a/pppd/sys-solaris.c
+++ b/pppd/sys-solaris.c
@@ -2039,12 +2039,18 @@ cifaddr(u, o, h)
* sifdefaultroute - assign a default route through the address given.
*/
int
-sifdefaultroute(u, l, g)
+sifdefaultroute(u, l, g, replace)
int u;
u_int32_t l, g;
+ bool replace;
{
struct rtentry rt;
+ if (replace) {
+ error("replacedefaultroute not supported on this platform");
+ return 0;
+ }
+
#if defined(__USLC__)
g = l; /* use the local address as gateway */
#endif

95
package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch Normal file
View File

@@ -0,0 +1,95 @@
pppd: Allow specifying ipv6-up and ipv6-down scripts
This patch implements the "ipv6-up-script" and "ipv6-down-script" options
which allow to specify the path of the ipv6-up and ipv6-down scripts to call.
These options default to _PATH_IPV6UP and _PATH_IPV6DOWN to retain the
existing behaviour.
The patch originated from the Debian project.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -310,6 +310,8 @@ main(argc, argv)
strlcpy(path_ipup, _PATH_IPUP, sizeof(path_ipup));
strlcpy(path_ipdown, _PATH_IPDOWN, sizeof(path_ipdown));
+ strlcpy(path_ipv6up, _PATH_IPV6UP, sizeof(path_ipv6up));
+ strlcpy(path_ipv6down, _PATH_IPV6DOWN, sizeof(path_ipv6down));
link_stats_valid = 0;
new_phase(PHASE_INITIALIZE);
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -120,6 +120,8 @@ int req_unit = -1; /* requested interfa
char req_ifname[MAXIFNAMELEN]; /* requested interface name */
char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */
+char path_ipv6up[MAXPATHLEN]; /* pathname of ipv6-up script */
+char path_ipv6down[MAXPATHLEN];/* pathname of ipv6-down script */
bool multilink = 0; /* Enable multilink operation */
char *bundle_name = NULL; /* bundle name for multilink */
bool dump_options; /* print out option values */
@@ -326,6 +328,13 @@ option_t general_options[] = {
"Set pathname of ip-down script",
OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+ { "ipv6-up-script", o_string, path_ipv6up,
+ "Set pathname of ipv6-up script",
+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+ { "ipv6-down-script", o_string, path_ipv6down,
+ "Set pathname of ipv6-down script",
+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+
#ifdef HAVE_MULTILINK
{ "multilink", o_bool, &multilink,
"Enable multilink operation", OPT_PRIO | 1 },
--- a/pppd/ipv6cp.c
+++ b/pppd/ipv6cp.c
@@ -1269,7 +1269,7 @@ ipv6cp_up(f)
*/
if (ipv6cp_script_state == s_down && ipv6cp_script_pid == 0) {
ipv6cp_script_state = s_up;
- ipv6cp_script(_PATH_IPV6UP);
+ ipv6cp_script(path_ipv6up);
}
}
@@ -1321,7 +1321,7 @@ ipv6cp_down(f)
/* Execute the ipv6-down script */
if (ipv6cp_script_state == s_up && ipv6cp_script_pid == 0) {
ipv6cp_script_state = s_down;
- ipv6cp_script(_PATH_IPV6DOWN);
+ ipv6cp_script(path_ipv6down);
}
}
@@ -1364,13 +1364,13 @@ ipv6cp_script_done(arg)
case s_up:
if (ipv6cp_fsm[0].state != OPENED) {
ipv6cp_script_state = s_down;
- ipv6cp_script(_PATH_IPV6DOWN);
+ ipv6cp_script(path_ipv6down);
}
break;
case s_down:
if (ipv6cp_fsm[0].state == OPENED) {
ipv6cp_script_state = s_up;
- ipv6cp_script(_PATH_IPV6UP);
+ ipv6cp_script(path_ipv6up);
}
break;
}
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -334,6 +334,8 @@ extern int req_unit; /* interface unit n
extern char req_ifname[MAXIFNAMELEN]; /* interface name to use */
extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
+extern char path_ipv6up[MAXPATHLEN]; /* pathname of ipv6-up script */
+extern char path_ipv6down[MAXPATHLEN]; /* pathname of ipv6-down script */
extern bool multilink; /* enable multilink operation */
extern bool noendpoint; /* don't send or accept endpt. discrim. */
extern char *bundle_name; /* bundle name for multilink */

56
package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch Normal file
View File

@@ -0,0 +1,56 @@
--- a/pppd/lcp.c
+++ b/pppd/lcp.c
@@ -73,6 +73,7 @@ static void lcp_delayed_up __P((void *))
*/
int lcp_echo_interval = 0; /* Interval between LCP echo-requests */
int lcp_echo_fails = 0; /* Tolerance to unanswered echo-requests */
+bool lcp_echo_adaptive = 0; /* request echo only if the link was idle */
bool lax_recv = 0; /* accept control chars in asyncmap */
bool noendpoint = 0; /* don't send/accept endpoint discriminator */
@@ -151,6 +152,8 @@ static option_t lcp_option_list[] = {
OPT_PRIO },
{ "lcp-echo-interval", o_int, &lcp_echo_interval,
"Set time in seconds between LCP echo requests", OPT_PRIO },
+ { "lcp-echo-adaptive", o_bool, &lcp_echo_adaptive,
+ "Suppress LCP echo requests if traffic was received", 1 },
{ "lcp-restart", o_int, &lcp_fsm[0].timeouttime,
"Set time in seconds between LCP retransmissions", OPT_PRIO },
{ "lcp-max-terminate", o_int, &lcp_fsm[0].maxtermtransmits,
@@ -2331,6 +2334,22 @@ LcpSendEchoRequest (f)
}
}
+ /*
+ * If adaptive echos have been enabled, only send the echo request if
+ * no traffic was received since the last one.
+ */
+ if (lcp_echo_adaptive) {
+ static unsigned int last_pkts_in = 0;
+
+ update_link_stats(f->unit);
+ link_stats_valid = 0;
+
+ if (link_stats.pkts_in != last_pkts_in) {
+ last_pkts_in = link_stats.pkts_in;
+ return;
+ }
+ }
+
/*
* Make and send the echo request frame.
*/
--- a/pppd/pppd.8
+++ b/pppd/pppd.8
@@ -569,6 +569,11 @@ to 1) if the \fIproxyarp\fR option is us
dynamic IP address option (i.e. set /proc/sys/net/ipv4/ip_dynaddr to
1) in demand mode if the local address changes.
.TP
+.B lcp\-echo\-adaptive
+If this option is used with the \fIlcp\-echo\-failure\fR option then
+pppd will send LCP echo\-request frames only if no traffic was received
+from the peer since the last echo\-request was sent.
+.TP
.B lcp\-echo\-failure \fIn
If this option is given, pppd will presume the peer to be dead
if \fIn\fR LCP echo\-requests are sent without receiving a valid LCP

11
package/network/services/ppp/patches/130-no_cdefs_h.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/pppd/plugins/rp-pppoe/config.h
+++ b/pppd/plugins/rp-pppoe/config.h
@@ -102,7 +102,7 @@
#define HAVE_NETPACKET_PACKET_H 1
/* Define if you have the <sys/cdefs.h> header file. */
-#define HAVE_SYS_CDEFS_H 1
+/* #undef HAVE_SYS_CDEFS_H */
/* Define if you have the <sys/dlpi.h> header file. */
/* #undef HAVE_SYS_DLPI_H */

23
package/network/services/ppp/patches/131-missing_prototype_macro.patch Normal file
View File

@@ -0,0 +1,23 @@
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -67,6 +67,9 @@
#define volatile
#endif
+#undef __P
+#define __P(args) args
+
#ifdef INET6
#include "eui64.h"
#endif
--- a/pppd/magic.h
+++ b/pppd/magic.h
@@ -42,6 +42,8 @@
* $Id: magic.h,v 1.5 2003/06/11 23:56:26 paulus Exp $
*/
+#include "pppd.h"
+
void magic_init __P((void)); /* Initialize the magic number generator */
u_int32_t magic __P((void)); /* Returns the next magic number */

26
package/network/services/ppp/patches/132-fix_linux_includes.patch Normal file
View File

@@ -0,0 +1,26 @@
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -102,22 +102,15 @@
#define MAX_ADDR_LEN 7
#endif
-#if __GLIBC__ >= 2
#include <asm/types.h> /* glibc 2 conflicts with linux/types.h */
#include <net/if.h>
#include <net/if_arp.h>
#include <net/route.h>
#include <netinet/if_ether.h>
-#else
-#include <linux/types.h>
-#include <linux/if.h>
-#include <linux/if_arp.h>
-#include <linux/route.h>
-#include <linux/if_ether.h>
-#endif
#include <netinet/in.h>
#include <arpa/inet.h>
+#include <linux/sockios.h>
#include <linux/ppp_defs.h>
#include <linux/if_ppp.h>

11
package/network/services/ppp/patches/133-fix_sha1_include.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/pppd/sha1.c
+++ b/pppd/sha1.c
@@ -18,7 +18,7 @@
#include <string.h>
#include <netinet/in.h> /* htonl() */
-#include <net/ppp_defs.h>
+#include "pppd.h"
#include "sha1.h"
static void

36
package/network/services/ppp/patches/140-pppoe_compile_fix.patch Normal file
View File

@@ -0,0 +1,36 @@
--- a/pppd/plugins/rp-pppoe/pppoe.h
+++ b/pppd/plugins/rp-pppoe/pppoe.h
@@ -52,11 +52,7 @@
#include <netinet/in.h>
/* Ugly header files on some Linux boxes... */
-#if defined(HAVE_LINUX_IF_H)
-#include <linux/if.h>
-#elif defined(HAVE_NET_IF_H)
#include <net/if.h>
-#endif
#ifdef HAVE_NET_IF_TYPES_H
#include <net/if_types.h>
@@ -84,20 +80,7 @@ typedef unsigned long UINT32_t;
#error Could not find a 32-bit integer type
#endif
-#ifdef HAVE_LINUX_IF_ETHER_H
-#include <linux/if_ether.h>
-#endif
-
-#ifdef HAVE_NETINET_IF_ETHER_H
-#include <sys/types.h>
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifndef HAVE_SYS_DLPI_H
-#include <netinet/if_ether.h>
-#endif
-#endif
+#include <net/ethernet.h>
/* Ethernet frame types according to RFC 2516 */

49
package/network/services/ppp/patches/200-makefile.patch Normal file
View File

@@ -0,0 +1,49 @@
pppd: tune Linux config defaults for OpenWrt
This patch adjusts a number defaults to properly match the OpenWrt environment.
It is not intended for upstream.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -48,7 +48,7 @@ MPPE=y
# Uncomment the next line to include support for PPP packet filtering.
# This requires that the libpcap library and headers be installed
# and that the kernel driver support PPP packet filtering.
-FILTER=y
+#FILTER=y
# Uncomment the next line to enable multilink PPP (enabled by default)
# Linux distributions: Please leave multilink ENABLED in your builds
@@ -58,7 +58,7 @@ HAVE_MULTILINK=y
# Uncomment the next line to enable the TDB database (enabled by default.)
# If you enable multilink, then TDB is automatically enabled also.
# Linux distributions: Please leave TDB ENABLED in your builds.
-USE_TDB=y
+#USE_TDB=y
# Uncomment the next line to enable Type=notify services in systemd
# If enabled, and the user sets the up_sdnotify option, then
@@ -85,7 +85,7 @@ MAXOCTETS=y
INCLUDE_DIRS= -I../include
-COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP
+COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP
CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
@@ -125,10 +125,10 @@ CFLAGS += -DHAS_SHADOW
#LIBS += -lshadow $(LIBS)
endif
-ifneq ($(wildcard /usr/include/crypt.h),)
+#ifneq ($(wildcard /usr/include/crypt.h),)
CFLAGS += -DHAVE_CRYPT_H=1
LIBS += -lcrypt
-endif
+#endif
ifdef USE_LIBUTIL
CFLAGS += -DHAVE_LOGWTMP=1

1495
package/network/services/ppp/patches/201-mppe_mppc_1.1.patch Normal file
View File

File diff suppressed because it is too large Load Diff

88
package/network/services/ppp/patches/202-no_strip.patch Normal file
View File

@@ -0,0 +1,88 @@
build: Do not strip binaries on install
Strippign executables should be handled by the distro packaging, not by ppp
itself. This patch removes the "-s" (strip) switch from all "install" commands
in order to install unstripped binaries into the destination prefix.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/chat/Makefile.linux
+++ b/chat/Makefile.linux
@@ -25,7 +25,7 @@ chat.o: chat.c
install: chat
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c chat $(BINDIR)
+ $(INSTALL) -c chat $(BINDIR)
$(INSTALL) -c -m 644 chat.8 $(MANDIR)
clean:
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -107,7 +107,7 @@ ifdef USE_SRP
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto
TARGETS += srp-entry
-EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
MANPAGES += srp-entry.8
EXTRACLEAN += srp-entry.o
NEEDDES=y
@@ -219,7 +219,7 @@ all: $(TARGETS)
install: pppd
mkdir -p $(BINDIR) $(MANDIR)
$(EXTRAINSTALL)
- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
chmod o-rx,u+s $(BINDIR)/pppd; fi
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -36,9 +36,9 @@ all: $(PLUGIN)
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radius.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radattr.so $(LIBDIR)
+ $(INSTALL) -c -m 755 radrealms.so $(LIBDIR)
$(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -43,9 +43,9 @@ rp-pppoe.so: plugin.o discovery.o if.o c
install: all
$(INSTALL) -d -m 755 $(LIBDIR)
- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR)
+ $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
$(INSTALL) -d -m 755 $(BINDIR)
- $(INSTALL) -s -c -m 555 pppoe-discovery $(BINDIR)
+ $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
clean:
rm -f *.o *.so pppoe-discovery
--- a/pppdump/Makefile.linux
+++ b/pppdump/Makefile.linux
@@ -17,5 +17,5 @@ clean:
install:
mkdir -p $(BINDIR) $(MANDIR)
- $(INSTALL) -s -c pppdump $(BINDIR)
+ $(INSTALL) -c pppdump $(BINDIR)
$(INSTALL) -c -m 444 pppdump.8 $(MANDIR)
--- a/pppstats/Makefile.linux
+++ b/pppstats/Makefile.linux
@@ -22,7 +22,7 @@ all: pppstats
install: pppstats
-mkdir -p $(MANDIR)
- $(INSTALL) -s -c pppstats $(BINDIR)
+ $(INSTALL) -c pppstats $(BINDIR)
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)

60
package/network/services/ppp/patches/203-opt_flags.patch Normal file
View File

@@ -0,0 +1,60 @@
build: Move optimization flags into a separate variable
Isolate optimization related compiler flags from CFLAGS and move them into a
separate COPTS variable so that it is easier to override optimizations from
the environment.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/plugins/radius/Makefile.linux
+++ b/pppd/plugins/radius/Makefile.linux
@@ -12,7 +12,8 @@ VERSION = $(shell awk -F '"' '/VERSION/
INSTALL = install
PLUGIN=radius.so radattr.so radrealms.so
-CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
+COPTS = -O2
+CFLAGS=-I. -I../.. -I../../../include $(COPTS) -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
# Uncomment the next line to include support for Microsoft's
# MS-CHAP authentication protocol.
@@ -43,13 +44,13 @@ install: all
$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
radius.so: radius.o libradiusclient.a
- $(CC) $(LDFLAGS) -o radius.so -shared radius.o libradiusclient.a
+ $(CC) $(LDFLAGS) -fPIC -o radius.so -shared radius.o libradiusclient.a
radattr.so: radattr.o
- $(CC) $(LDFLAGS) -o radattr.so -shared radattr.o
+ $(CC) $(LDFLAGS) -fPIC -o radattr.so -shared radattr.o
radrealms.so: radrealms.o
- $(CC) $(LDFLAGS) -o radrealms.so -shared radrealms.o
+ $(CC) $(LDFLAGS) -fPIC -o radrealms.so -shared radrealms.o
CLIENTOBJS = avpair.o buildreq.o config.o dict.o ip_util.o \
clientid.o sendserver.o lock.o util.o md5.o
--- a/pppdump/Makefile.linux
+++ b/pppdump/Makefile.linux
@@ -2,7 +2,8 @@ DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-CFLAGS= -O -I../include/net
+COPTS = -O
+CFLAGS= $(COPTS) -I../include/net
OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
INSTALL= install
--- a/pppd/plugins/rp-pppoe/Makefile.linux
+++ b/pppd/plugins/rp-pppoe/Makefile.linux
@@ -39,7 +39,7 @@ debug.o: debug.c
$(CC) $(CFLAGS) -I../../.. -c -o debug.o debug.c
rp-pppoe.so: plugin.o discovery.o if.o common.o
- $(CC) $(LDFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
+ $(CC) $(LDFLAGS) -fPIC -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)

72
package/network/services/ppp/patches/204-radius_config.patch Normal file
View File

@@ -0,0 +1,72 @@
--- a/pppd/plugins/radius/config.c
+++ b/pppd/plugins/radius/config.c
@@ -371,31 +371,37 @@ static int test_config(char *filename)
}
#endif
+#if 0
if (rc_conf_int("login_tries") <= 0)
{
error("%s: login_tries <= 0 is illegal", filename);
return (-1);
}
+#endif
if (rc_conf_str("seqfile") == NULL)
{
error("%s: seqfile not specified", filename);
return (-1);
}
+#if 0
if (rc_conf_int("login_timeout") <= 0)
{
error("%s: login_timeout <= 0 is illegal", filename);
return (-1);
}
+#endif
if (rc_conf_str("mapfile") == NULL)
{
error("%s: mapfile not specified", filename);
return (-1);
}
+#if 0
if (rc_conf_str("nologin") == NULL)
{
error("%s: nologin not specified", filename);
return (-1);
}
+#endif
return 0;
}
--- a/pppd/plugins/radius/options.h
+++ b/pppd/plugins/radius/options.h
@@ -31,24 +31,21 @@ typedef struct _option {
static SERVER acctserver = {0};
static SERVER authserver = {0};
-int default_tries = 4;
-int default_timeout = 60;
-
static OPTION config_options[] = {
/* internally used options */
{"config_file", OT_STR, ST_UNDEF, NULL},
/* General options */
{"auth_order", OT_AUO, ST_UNDEF, NULL},
-{"login_tries", OT_INT, ST_UNDEF, &default_tries},
-{"login_timeout", OT_INT, ST_UNDEF, &default_timeout},
-{"nologin", OT_STR, ST_UNDEF, "/etc/nologin"},
-{"issue", OT_STR, ST_UNDEF, "/etc/radiusclient/issue"},
+{"login_tries", OT_INT, ST_UNDEF, NULL},
+{"login_timeout", OT_INT, ST_UNDEF, NULL},
+{"nologin", OT_STR, ST_UNDEF, NULL},
+{"issue", OT_STR, ST_UNDEF, NULL},
/* RADIUS specific options */
{"authserver", OT_SRV, ST_UNDEF, &authserver},
{"acctserver", OT_SRV, ST_UNDEF, &acctserver},
{"servers", OT_STR, ST_UNDEF, NULL},
{"dictionary", OT_STR, ST_UNDEF, NULL},
-{"login_radius", OT_STR, ST_UNDEF, "/usr/sbin/login.radius"},
+{"login_radius", OT_STR, ST_UNDEF, NULL},
{"seqfile", OT_STR, ST_UNDEF, NULL},
{"mapfile", OT_STR, ST_UNDEF, NULL},
{"default_realm", OT_STR, ST_UNDEF, NULL},

29
package/network/services/ppp/patches/205-no_exponential_timeout.patch Normal file
View File

@@ -0,0 +1,29 @@
pppd: Don't use exponential timeout in discovery phase
This patch removes the exponential timeout increase between PADO or PADS
discovery attempts.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/plugins/rp-pppoe/discovery.c
+++ b/pppd/plugins/rp-pppoe/discovery.c
@@ -632,7 +632,9 @@ discovery(PPPoEConnection *conn)
conn->discoveryState = STATE_SENT_PADI;
waitForPADO(conn, timeout);
+#if 0
timeout *= 2;
+#endif
} while (conn->discoveryState == STATE_SENT_PADI);
timeout = conn->discoveryTimeout;
@@ -647,7 +649,9 @@ discovery(PPPoEConnection *conn)
sendPADR(conn);
conn->discoveryState = STATE_SENT_PADR;
waitForPADS(conn, timeout);
+#if 0
timeout *= 2;
+#endif
} while (conn->discoveryState == STATE_SENT_PADR);
if (!conn->seenMaxPayload) {

94
package/network/services/ppp/patches/206-compensate_time_change.patch Normal file
View File

@@ -0,0 +1,94 @@
pppd: Watch out for time warps
On many embedded systems there is no battery backed RTC and a proper system
time only becomes available through NTP after establishing a connection.
When the clock suddenly jumps forward, the internal accounting (connect time)
is confused resulting in unreliable data.
This patch implements periodic clock checking to look for time warps, if one
is detected, the internal counters are adjusted accordingly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -90,6 +90,7 @@
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#include <sys/sysinfo.h>
#include "pppd.h"
#include "magic.h"
@@ -228,6 +229,7 @@ static struct subprocess *children;
/* Prototypes for procedures local to this file. */
+static void check_time(void);
static void setup_signals __P((void));
static void create_pidfile __P((int pid));
static void create_linkpidfile __P((int pid));
@@ -527,6 +529,7 @@ main(argc, argv)
info("Starting link");
}
+ check_time();
gettimeofday(&start_time, NULL);
script_unsetenv("CONNECT_TIME");
script_unsetenv("BYTES_SENT");
@@ -1262,6 +1265,36 @@ struct callout {
static struct callout *callout = NULL; /* Callout list */
static struct timeval timenow; /* Current time */
+static long uptime_diff = 0;
+static int uptime_diff_set = 0;
+
+static void check_time(void)
+{
+ long new_diff;
+ struct timeval t;
+ struct sysinfo i;
+ struct callout *p;
+
+ gettimeofday(&t, NULL);
+ sysinfo(&i);
+ new_diff = t.tv_sec - i.uptime;
+
+ if (!uptime_diff_set) {
+ uptime_diff = new_diff;
+ uptime_diff_set = 1;
+ return;
+ }
+
+ if ((new_diff - 5 > uptime_diff) || (new_diff + 5 < uptime_diff)) {
+ /* system time has changed, update counters and timeouts */
+ info("System time change detected.");
+ start_time.tv_sec += new_diff - uptime_diff;
+
+ for (p = callout; p != NULL; p = p->c_next)
+ p->c_time.tv_sec += new_diff - uptime_diff;
+ }
+ uptime_diff = new_diff;
+}
/*
* timeout - Schedule a timeout.
@@ -1332,6 +1365,8 @@ calltimeout()
{
struct callout *p;
+ check_time();
+
while (callout != NULL) {
p = callout;
@@ -1359,6 +1394,8 @@ timeleft(tvp)
{
if (callout == NULL)
return NULL;
+
+ check_time();
gettimeofday(&timenow, NULL);
tvp->tv_sec = callout->c_time.tv_sec - timenow.tv_sec;

25
package/network/services/ppp/patches/207-lcp_mtu_max.patch Normal file
View File

@@ -0,0 +1,25 @@
pppd: Cap MTU to the user configured value
This patchs caps the calculated MTU value in lcp.c to the user specified "mru"
option value. Without this patch pppd would advertise a different MTU value
compared to what is set on the local interface in some cases.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/lcp.c
+++ b/pppd/lcp.c
@@ -1917,12 +1917,12 @@ lcp_up(f)
* the interface MTU is set to the lowest of that, the
* MTU we want to use, and our link MRU.
*/
- mtu = ho->neg_mru? ho->mru: PPP_MRU;
+ mtu = MIN(ho->neg_mru? ho->mru: PPP_MRU, ao->mru);
mru = go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU;
#ifdef HAVE_MULTILINK
if (!(multilink && go->neg_mrru && ho->neg_mrru))
#endif /* HAVE_MULTILINK */
- netif_set_mtu(f->unit, MIN(MIN(mtu, mru), ao->mru));
+ netif_set_mtu(f->unit, MIN(mtu, mru));
ppp_send_config(f->unit, mtu,
(ho->neg_asyncmap? ho->asyncmap: 0xffffffff),
ho->neg_pcompression, ho->neg_accompression);

24
package/network/services/ppp/patches/208-fix_status_code.patch Normal file
View File

@@ -0,0 +1,24 @@
pppd: Do not clobber exit codes on hangup
When a modem hangup occurs, pppd unconditionally sets the exit status code
to EXIT_HANGUP. This patch only sets EXIT_HANGUP if the exit status code is
not already set to an error value.
The motiviation of this patch is to allow applications which remote control
pppd to react properly on errors, e.g. only redial (relaunch pppd) if there
was a hangup, but not if the CHAP authentication failed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -1043,7 +1043,8 @@ get_input()
}
notice("Modem hangup");
hungup = 1;
- status = EXIT_HANGUP;
+ if (status == EXIT_OK)
+ status = EXIT_HANGUP;
lcp_lowerdown(0); /* serial link is no longer available */
link_terminated(0);
return;

20
package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch Normal file
View File

@@ -0,0 +1,20 @@
build: Add required CFLAGS for libpcap
This patch adds some flags to required to properly link libpcap within the
OpenWrt environment.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -189,8 +189,8 @@ endif
ifdef FILTER
ifneq ($(wildcard /usr/include/pcap-bpf.h),)
-LIBS += -lpcap
-CFLAGS += -DPPP_FILTER
+LIBS += -lpcap -L$(STAGING_DIR)/usr/lib
+CFLAGS += -DPPP_FILTER -I$(STAGING_DIR)/usr/include
endif
endif

196
package/network/services/ppp/patches/310-precompile_filter.patch Normal file
View File

@@ -0,0 +1,196 @@
pppd: Implement support for precompiled pcap filters
This patch implements support for precompiled pcap filters which is useful to
support dial-on-demand on memory constrained embedded devices without having
to link the full libpcap into pppd to generate the filters during runtime.
Two new options are introduced; "precompiled-pass-filter" specifies a pre-
compiled filter file containing rules to match packets which should be passed,
"precompiled-active-filter" specifies a filter file containing rules to match
packets which are treated as active.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -50,6 +50,9 @@ MPPE=y
# and that the kernel driver support PPP packet filtering.
#FILTER=y
+# Support for precompiled filters
+PRECOMPILED_FILTER=y
+
# Uncomment the next line to enable multilink PPP (enabled by default)
# Linux distributions: Please leave multilink ENABLED in your builds
# of pppd!
@@ -194,6 +197,14 @@ CFLAGS += -DPPP_FILTER -I$(STAGING_DIR)
endif
endif
+ifdef PRECOMPILED_FILTER
+PPPDSRCS += pcap_pcc.c
+HEADERS += pcap_pcc.h
+PPPDOBJS += pcap_pcc.o
+LIBS += $(STAGING_DIR)/usr/lib/libpcap.a
+CFLAGS += -DPPP_FILTER -DPPP_PRECOMPILED_FILTER -I$(STAGING_DIR)/usr/include
+endif
+
ifdef HAVE_INET6
PPPDSRCS += ipv6cp.c eui64.c
HEADERS += ipv6cp.h eui64.h
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -57,6 +57,7 @@
#ifdef PPP_FILTER
#include <pcap.h>
+#include <pcap-bpf.h>
/*
* There have been 3 or 4 different names for this in libpcap CVS, but
* this seems to be what they have settled on...
@@ -170,6 +171,13 @@ static int setlogfile __P((char **));
static int loadplugin __P((char **));
#endif
+#ifdef PPP_PRECOMPILED_FILTER
+#include "pcap_pcc.h"
+static int setprecompiledpassfilter __P((char **));
+static int setprecompiledactivefilter __P((char **));
+#undef PPP_FILTER
+#endif
+
#ifdef PPP_FILTER
static int setpassfilter __P((char **));
static int setactivefilter __P((char **));
@@ -362,6 +370,14 @@ option_t general_options[] = {
"set filter for active pkts", OPT_PRIO },
#endif
+#ifdef PPP_PRECOMPILED_FILTER
+ { "precompiled-pass-filter", 1, setprecompiledpassfilter,
+ "set precompiled filter for packets to pass", OPT_PRIO },
+
+ { "precompiled-active-filter", 1, setprecompiledactivefilter,
+ "set precompiled filter for active pkts", OPT_PRIO },
+#endif
+
#ifdef MAXOCTETS
{ "maxoctets", o_int, &maxoctets,
"Set connection traffic limit",
@@ -1511,6 +1527,29 @@ callfile(argv)
return ok;
}
+#ifdef PPP_PRECOMPILED_FILTER
+/*
+ * setprecompiledpassfilter - Set the pass filter for packets using a
+ * precompiled expression
+ */
+static int
+setprecompiledpassfilter(argv)
+ char **argv;
+{
+ return pcap_pre_compiled (*argv, &pass_filter);
+}
+
+/*
+ * setactivefilter - Set the active filter for packets
+ */
+static int
+setprecompiledactivefilter(argv)
+ char **argv;
+{
+ return pcap_pre_compiled (*argv, &active_filter);
+}
+#endif
+
#ifdef PPP_FILTER
/*
* setpassfilter - Set the pass filter for packets
--- /dev/null
+++ b/pppd/pcap_pcc.c
@@ -0,0 +1,74 @@
+#include <pcap.h>
+#include <pcap-bpf.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "pppd.h"
+
+int pcap_pre_compiled (char * fname, struct bpf_program *p)
+{
+ char buf[128];
+ int line = 0, size = 0, index=0, ret=1;
+ FILE *f = fopen (fname, "r");
+ if (!f)
+ {
+ option_error("error opening precompiled active-filter '%s': %s",
+ fname, strerror (errno));
+ return 0;
+ }
+ while (fgets (buf, 127, f))
+ {
+ line++;
+ if (*buf == '#')
+ continue;
+ if (size)
+ {
+ /*
+ struct bpf_insn {
+ u_short code;
+ u_char jt;
+ u_char jf;
+ bpf_int32 k;
+ }
+ */
+ struct bpf_insn * insn = & p->bf_insns[index];
+ unsigned code, jt, jf, k;
+ if (sscanf (buf, "%u %u %u %u", &code, &jt, &jf, &k) != 4)
+ {
+ goto err;
+ }
+ insn->code = code;
+ insn->jt = jt;
+ insn->jf = jf;
+ insn->k = k;
+ index++;
+ }
+ else
+ {
+ if (sscanf (buf, "%u", &size) != 1)
+ {
+ goto err;
+ }
+ p->bf_len = size;
+ p->bf_insns = (struct bpf_insn *)
+ malloc (size * sizeof (struct bpf_insn));
+ }
+ }
+ if (size != index)
+ {
+ option_error("error in precompiled active-filter,"
+ " expected %d expressions, got %dn",
+ size, index);
+ ret = 0;
+ }
+ fclose(f);
+ return ret;
+
+err:
+ option_error("error in precompiled active-filter"
+ " expression line %s:%d (wrong size)\n",
+ fname, line);
+ fclose (f);
+ return 0;
+}
--- /dev/null
+++ b/pppd/pcap_pcc.h
@@ -0,0 +1,7 @@
+#ifndef PCAP_PCC_H
+#define PCAP_PCC_H
+
+#include <pcap.h>
+
+int pcap_pre_compiled (char * fname, struct bpf_program *p);
+#endif /* PCAP_PCC_H */

154
package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch Normal file
View File

@@ -0,0 +1,154 @@
From: George Kashperko <george@znau.edu.ua>
Make mlppp support more generic interface naming other than pppX
Signed-off-by: George Kashperko <george@znau.edu.ua>
---
pppd/multilink.c | 55 +++++++++++++++++++++++++++++++++------------
pppd/sys-linux.c | 12 +++++++++
2 files changed, 53 insertions(+), 14 deletions(-)
--- a/pppd/multilink.c
+++ b/pppd/multilink.c
@@ -35,6 +35,7 @@
#include <signal.h>
#include <netinet/in.h>
#include <unistd.h>
+#include <net/if.h>
#include "pppd.h"
#include "fsm.h"
@@ -56,7 +57,8 @@ static void iterate_bundle_links __P((vo
static int get_default_epdisc __P((struct epdisc *));
static int parse_num __P((char *str, const char *key, int *valp));
-static int owns_unit __P((TDB_DATA pid, int unit));
+static int parse_str __P((char *str, const char *key, char *buf, int buflen));
+static int owns_link __P((TDB_DATA pid, char *ifname));
#define set_ip_epdisc(ep, addr) do { \
ep->length = 4; \
@@ -197,35 +199,38 @@ mp_join_bundle()
key.dptr = bundle_id;
key.dsize = p - bundle_id;
pid = tdb_fetch(pppdb, key);
+
if (pid.dptr != NULL) {
+ char tmp[IFNAMSIZ];
+
/* bundle ID exists, see if the pppd record exists */
rec = tdb_fetch(pppdb, pid);
+
if (rec.dptr != NULL && rec.dsize > 0) {
/* make sure the string is null-terminated */
rec.dptr[rec.dsize-1] = 0;
- /* parse the interface number */
- parse_num(rec.dptr, "IFNAME=ppp", &unit);
+
/* check the pid value */
if (!parse_num(rec.dptr, "PPPD_PID=", &pppd_pid)
+ || !parse_str(rec.dptr, "IFNAME=", tmp, sizeof(tmp))
+ || !parse_num(rec.dptr, "IFUNIT=", &unit)
|| !process_exists(pppd_pid)
- || !owns_unit(pid, unit))
+ || !owns_link(pid, tmp))
unit = -1;
free(rec.dptr);
}
free(pid.dptr);
- }
- if (unit >= 0) {
/* attach to existing unit */
- if (bundle_attach(unit)) {
+ if (unit >= 0 && bundle_attach(unit)) {
set_ifunit(0);
script_setenv("BUNDLE", bundle_id + 7, 0);
make_bundle_links(1);
unlock_db();
- info("Link attached to %s", ifname);
+ info("Link attached to %s", tmp);
return 1;
+ /* attach failed because bundle doesn't exist */
}
- /* attach failed because bundle doesn't exist */
}
/* we have to make a new bundle */
@@ -408,22 +413,45 @@ parse_num(str, key, valp)
return 0;
}
+static int
+parse_str(str, key, buf, buflen)
+ char *str;
+ const char *key;
+ char *buf;
+ int buflen;
+{
+ char *p, *endp;
+ int i;
+
+ p = strstr(str, key);
+ if (p) {
+ p += strlen(key);
+ while (--buflen && *p != 0 && *p != ';')
+ *(buf++) = *(p++);
+ *buf = 0;
+ return 1;
+ }
+ return 0;
+}
+
/*
- * Check whether the pppd identified by `key' still owns ppp unit `unit'.
+ * Check whether the pppd identified by `key' still owns ppp link `ifname'.
*/
static int
-owns_unit(key, unit)
+owns_link(key, ifname)
TDB_DATA key;
- int unit;
+ char *ifname;
{
- char ifkey[32];
+ char ifkey[7 + IFNAMSIZ];
TDB_DATA kd, vd;
int ret = 0;
- slprintf(ifkey, sizeof(ifkey), "IFNAME=ppp%d", unit);
+ slprintf(ifkey, sizeof(ifkey), "IFNAME=%s", ifname);
+
kd.dptr = ifkey;
kd.dsize = strlen(ifkey);
vd = tdb_fetch(pppdb, kd);
+
if (vd.dptr != NULL) {
ret = vd.dsize == key.dsize
&& memcmp(vd.dptr, key.dptr, vd.dsize) == 0;
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -686,6 +686,16 @@ void cfg_bundle(int mrru, int mtru, int
add_fd(ppp_dev_fd);
}
+static void
+setenv_ifunit(void)
+{
+#ifdef USE_TDB
+ char tmp[11];
+ slprintf(tmp, sizeof(tmp), "%d", ifunit);
+ script_setenv("IFUNIT", tmp, 0);
+#endif
+}
+
/*
* make_new_bundle - create a new PPP unit (i.e. a bundle)
* and connect our channel to it. This should only get called
@@ -704,6 +714,8 @@ void make_new_bundle(int mrru, int mtru,
/* set the mrru and flags */
cfg_bundle(mrru, mtru, rssn, tssn);
+
+ setenv_ifunit();
}
/*

22
package/network/services/ppp/patches/330-retain_foreign_default_routes.patch Normal file
View File

@@ -0,0 +1,22 @@
pppd: Retain foreign default routes on Linux
On Linux, when pppd attempts to delete its default route it does not fill
the rt_dev field of the struct rtentry used to match the system default route.
As a consequence, pppd happily deletes any default route even if it belongs
to another interface.
This patch makes pppd fill out the rt_dev field so that only own default
routes are ever matched.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -1753,6 +1753,7 @@ int cifdefaultroute (int unit, u_int32_t
SIN_ADDR(rt.rt_genmask) = 0L;
}
+ rt.rt_dev = ifname;
rt.rt_flags = RTF_UP;
if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) {
if (still_ppp()) {

34
package/network/services/ppp/patches/340-populate_default_gateway.patch Normal file
View File

@@ -0,0 +1,34 @@
pppd: Fill in default gateway on Linux
On Linux, when pppd creates the default route, it does not set the peer
address as gateway, leading to a default route without gateway address.
This behaviour breaks various downstream programs which attempt to infer
the default gateway IP address from the system default route entry.
This patch addresses the issue by filling in the peer address as gateway
when generating the default route entry.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -1703,6 +1703,9 @@ int sifdefaultroute (int unit, u_int32_t
memset (&rt, 0, sizeof (rt));
SET_SA_FAMILY (rt.rt_dst, AF_INET);
+ SET_SA_FAMILY(rt.rt_gateway, AF_INET);
+ SIN_ADDR(rt.rt_gateway) = gateway;
+
rt.rt_dev = ifname;
rt.rt_metric = dfl_route_metric + 1; /* +1 for binary compatibility */
@@ -1711,7 +1714,7 @@ int sifdefaultroute (int unit, u_int32_t
SIN_ADDR(rt.rt_genmask) = 0L;
}
- rt.rt_flags = RTF_UP;
+ rt.rt_flags = RTF_UP | RTF_GATEWAY;
if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) {
if (!ok_error(errno))
error("default route ioctl(SIOCADDRT): %m");

154
package/network/services/ppp/patches/400-simplify_kernel_checks.patch Normal file
View File

@@ -0,0 +1,154 @@
pppd: Remove runtime kernel checks
On embedded system distributions the required kernel features for pppd are
more or less guaranteed to be present, so there is not much point in
performing runtime checks, it just increases the binary size.
This patch removes the runtime kernel feature checks.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -192,7 +192,7 @@ static int driver_is_old = 0;
static int restore_term = 0; /* 1 => we've munged the terminal */
static struct termios inittermios; /* Initial TTY termios */
-int new_style_driver = 0;
+static const int new_style_driver = 1;
static char loop_name[20];
static unsigned char inbuf[512]; /* buffer for chars read from loopback */
@@ -210,8 +210,8 @@ static int looped; /* 1 if using loop
static int link_mtu; /* mtu for the link (not bundle) */
static struct utsname utsname; /* for the kernel version */
-static int kernel_version;
#define KVERSION(j,n,p) ((j)*1000000 + (n)*1000 + (p))
+static const int kernel_version = KVERSION(2,6,37);
#define MAX_IFS 100
@@ -1439,11 +1439,12 @@ int ccp_fatal_error (int unit)
*
* path_to_procfs - find the path to the proc file system mount point
*/
-static char proc_path[MAXPATHLEN];
-static int proc_path_len;
+static char proc_path[MAXPATHLEN] = "/proc";
+static int proc_path_len = 5;
static char *path_to_procfs(const char *tail)
{
+#if 0
struct mntent *mntent;
FILE *fp;
@@ -1465,6 +1466,7 @@ static char *path_to_procfs(const char *
fclose (fp);
}
}
+#endif
strlcpy(proc_path + proc_path_len, tail,
sizeof(proc_path) - proc_path_len);
@@ -2126,15 +2128,19 @@ int ppp_available(void)
int my_version, my_modification, my_patch;
int osmaj, osmin, ospatch;
+#if 0
/* get the kernel version now, since we are called before sys_init */
uname(&utsname);
osmaj = osmin = ospatch = 0;
sscanf(utsname.release, "%d.%d.%d", &osmaj, &osmin, &ospatch);
kernel_version = KVERSION(osmaj, osmin, ospatch);
+#endif
fd = open("/dev/ppp", O_RDWR);
if (fd >= 0) {
+#if 0
new_style_driver = 1;
+#endif
/* XXX should get from driver */
driver_version = 2;
@@ -2194,6 +2200,7 @@ int ppp_available(void)
if (ok && ((ifr.ifr_hwaddr.sa_family & ~0xFF) != ARPHRD_PPP))
ok = 0;
+ return ok;
/*
* This is the PPP device. Validate the version of the driver at this
@@ -2730,6 +2737,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
}
#endif /* TIOCGPTN */
+#if 0
if (sfd < 0) {
/* the old way - scan through the pty name space */
for (i = 0; i < 64; ++i) {
@@ -2748,6 +2756,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
}
}
}
+#endif
if (sfd < 0)
return 0;
--- a/pppd/plugins/pppoatm/pppoatm.c
+++ b/pppd/plugins/pppoatm/pppoatm.c
@@ -168,14 +168,6 @@ static void disconnect_pppoatm(void)
void plugin_init(void)
{
-#if defined(__linux__)
- extern int new_style_driver; /* From sys-linux.c */
- if (!ppp_available() && !new_style_driver)
- fatal("Kernel doesn't support ppp_generic - "
- "needed for PPPoATM");
-#else
- fatal("No PPPoATM support on this OS");
-#endif
info("PPPoATM plugin_init");
add_options(pppoa_options);
}
--- a/pppd/plugins/rp-pppoe/plugin.c
+++ b/pppd/plugins/rp-pppoe/plugin.c
@@ -59,9 +59,6 @@ static char const RCSID[] =
char pppd_version[] = VERSION;
-/* From sys-linux.c in pppd -- MUST FIX THIS! */
-extern int new_style_driver;
-
char *pppd_pppoe_service = NULL;
static char *acName = NULL;
static char *existingSession = NULL;
@@ -385,10 +382,6 @@ PPPoEDevnameHook(char *cmd, char **argv,
void
plugin_init(void)
{
- if (!ppp_available() && !new_style_driver) {
- fatal("Linux kernel does not support PPPoE -- are you running 2.4.x?");
- }
-
add_options(Options);
info("RP-PPPoE plugin version %s compiled against pppd %s",
--- a/pppd/plugins/pppol2tp/pppol2tp.c
+++ b/pppd/plugins/pppol2tp/pppol2tp.c
@@ -490,12 +490,7 @@ static void pppol2tp_cleanup(void)
void plugin_init(void)
{
-#if defined(__linux__)
- extern int new_style_driver; /* From sys-linux.c */
- if (!ppp_available() && !new_style_driver)
- fatal("Kernel doesn't support ppp_generic - "
- "needed for PPPoL2TP");
-#else
+#if !defined(__linux__)
fatal("No PPPoL2TP support on this OS");
#endif
add_options(pppol2tp_options);

39
package/network/services/ppp/patches/401-no_record_file.patch Normal file
View File

@@ -0,0 +1,39 @@
pppd: Remove the "record" option
On many embedded systems there is not enough space to record PPP session
information to the permanent storage, therfore remove this option.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -326,7 +326,6 @@ extern int holdoff; /* Dead time before
extern bool holdoff_specified; /* true if user gave a holdoff value */
extern bool notty; /* Stdin/out is not a tty */
extern char *pty_socket; /* Socket to connect to pty */
-extern char *record_file; /* File to record chars sent/received */
extern bool sync_serial; /* Device is synchronous serial device */
extern int maxfail; /* Max # of unsuccessful connection attempts */
extern char linkname[MAXPATHLEN]; /* logical name for link */
--- a/pppd/tty.c
+++ b/pppd/tty.c
@@ -146,7 +146,7 @@ char *disconnect_script = NULL; /* Scrip
char *welcomer = NULL; /* Script to run after phys link estab. */
char *ptycommand = NULL; /* Command to run on other side of pty */
bool notty = 0; /* Stdin/out is not a tty */
-char *record_file = NULL; /* File to record chars sent/received */
+static char *const record_file = NULL; /* File to record chars sent/received */
int max_data_rate; /* max bytes/sec through charshunt */
bool sync_serial = 0; /* Device is synchronous serial device */
char *pty_socket = NULL; /* Socket to connect to pty */
@@ -202,8 +202,10 @@ option_t tty_options[] = {
"Send and receive over socket, arg is host:port",
OPT_PRIO | OPT_DEVNAM },
+#if 0
{ "record", o_string, &record_file,
"Record characters sent/received to file", OPT_PRIO },
+#endif
{ "crtscts", o_int, &crtscts,
"Set hardware (RTS/CTS) flow control",

25
package/network/services/ppp/patches/403-no_wtmp.patch Normal file
View File

@@ -0,0 +1,25 @@
pppd: Disable wtmp support
Many uClibc based environments lack wtmp and utmp support, therfore remove
the code updating the wtmp information.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -2264,6 +2264,7 @@ int ppp_available(void)
void logwtmp (const char *line, const char *name, const char *host)
{
+#if 0
struct utmp ut, *utp;
pid_t mypid = getpid();
#if __GLIBC__ < 2
@@ -2329,6 +2330,7 @@ void logwtmp (const char *line, const ch
close (wtmp);
}
#endif
+#endif
}
#endif /* HAVE_LOGWTMP */

151
package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch Normal file
View File

@@ -0,0 +1,151 @@
pppd: Remove historical protocol names
Remove a number of historical protocol entries from pppd's builtin list, this
reduced the binary size without loss of features.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/main.c
+++ b/pppd/main.c
@@ -874,14 +874,17 @@ struct protocol_list {
const char *name;
} protocol_list[] = {
{ 0x21, "IP" },
+#if 0
{ 0x23, "OSI Network Layer" },
{ 0x25, "Xerox NS IDP" },
{ 0x27, "DECnet Phase IV" },
{ 0x29, "Appletalk" },
{ 0x2b, "Novell IPX" },
+#endif
{ 0x2d, "VJ compressed TCP/IP" },
{ 0x2f, "VJ uncompressed TCP/IP" },
{ 0x31, "Bridging PDU" },
+#if 0
{ 0x33, "Stream Protocol ST-II" },
{ 0x35, "Banyan Vines" },
{ 0x39, "AppleTalk EDDP" },
@@ -895,8 +898,11 @@ struct protocol_list {
{ 0x49, "Serial Data Transport Protocol (PPP-SDTP)" },
{ 0x4b, "SNA over 802.2" },
{ 0x4d, "SNA" },
+#endif
{ 0x4f, "IP6 Header Compression" },
+#if 0
{ 0x51, "KNX Bridging Data" },
+#endif
{ 0x53, "Encryption" },
{ 0x55, "Individual Link Encryption" },
{ 0x57, "IPv6" },
@@ -907,12 +913,15 @@ struct protocol_list {
{ 0x65, "RTP IPHC Compressed non-TCP" },
{ 0x67, "RTP IPHC Compressed UDP 8" },
{ 0x69, "RTP IPHC Compressed RTP 8" },
+#if 0
{ 0x6f, "Stampede Bridging" },
{ 0x73, "MP+" },
{ 0xc1, "NTCITS IPI" },
+#endif
{ 0xfb, "single-link compression" },
{ 0xfd, "Compressed Datagram" },
{ 0x0201, "802.1d Hello Packets" },
+#if 0
{ 0x0203, "IBM Source Routing BPDU" },
{ 0x0205, "DEC LANBridge100 Spanning Tree" },
{ 0x0207, "Cisco Discovery Protocol" },
@@ -924,15 +933,19 @@ struct protocol_list {
{ 0x0231, "Luxcom" },
{ 0x0233, "Sigma Network Systems" },
{ 0x0235, "Apple Client Server Protocol" },
+#endif
{ 0x0281, "MPLS Unicast" },
{ 0x0283, "MPLS Multicast" },
+#if 0
{ 0x0285, "IEEE p1284.4 standard - data packets" },
{ 0x0287, "ETSI TETRA Network Protocol Type 1" },
+#endif
{ 0x0289, "Multichannel Flow Treatment Protocol" },
{ 0x2063, "RTP IPHC Compressed TCP No Delta" },
{ 0x2065, "RTP IPHC Context State" },
{ 0x2067, "RTP IPHC Compressed UDP 16" },
{ 0x2069, "RTP IPHC Compressed RTP 16" },
+#if 0
{ 0x4001, "Cray Communications Control Protocol" },
{ 0x4003, "CDPD Mobile Network Registration Protocol" },
{ 0x4005, "Expand accelerator protocol" },
@@ -943,8 +956,10 @@ struct protocol_list {
{ 0x4023, "RefTek Protocol" },
{ 0x4025, "Fibre Channel" },
{ 0x4027, "EMIT Protocols" },
+#endif
{ 0x405b, "Vendor-Specific Protocol (VSP)" },
{ 0x8021, "Internet Protocol Control Protocol" },
+#if 0
{ 0x8023, "OSI Network Layer Control Protocol" },
{ 0x8025, "Xerox NS IDP Control Protocol" },
{ 0x8027, "DECnet Phase IV Control Protocol" },
@@ -953,7 +968,9 @@ struct protocol_list {
{ 0x8031, "Bridging NCP" },
{ 0x8033, "Stream Protocol Control Protocol" },
{ 0x8035, "Banyan Vines Control Protocol" },
+#endif
{ 0x803d, "Multi-Link Control Protocol" },
+#if 0
{ 0x803f, "NETBIOS Framing Control Protocol" },
{ 0x8041, "Cisco Systems Control Protocol" },
{ 0x8043, "Ascom Timeplex" },
@@ -962,18 +979,24 @@ struct protocol_list {
{ 0x8049, "Serial Data Control Protocol (PPP-SDCP)" },
{ 0x804b, "SNA over 802.2 Control Protocol" },
{ 0x804d, "SNA Control Protocol" },
+#endif
{ 0x804f, "IP6 Header Compression Control Protocol" },
+#if 0
{ 0x8051, "KNX Bridging Control Protocol" },
+#endif
{ 0x8053, "Encryption Control Protocol" },
{ 0x8055, "Individual Link Encryption Control Protocol" },
{ 0x8057, "IPv6 Control Protocol" },
{ 0x8059, "PPP Muxing Control Protocol" },
{ 0x805b, "Vendor-Specific Network Control Protocol (VSNCP)" },
+#if 0
{ 0x806f, "Stampede Bridging Control Protocol" },
{ 0x8073, "MP+ Control Protocol" },
{ 0x80c1, "NTCITS IPI Control Protocol" },
+#endif
{ 0x80fb, "Single Link Compression Control Protocol" },
{ 0x80fd, "Compression Control Protocol" },
+#if 0
{ 0x8207, "Cisco Discovery Protocol Control" },
{ 0x8209, "Netcs Twin Routing" },
{ 0x820b, "STP - Control Protocol" },
@@ -982,24 +1005,29 @@ struct protocol_list {
{ 0x8281, "MPLSCP" },
{ 0x8285, "IEEE p1284.4 standard - Protocol Control" },
{ 0x8287, "ETSI TETRA TNP1 Control Protocol" },
+#endif
{ 0x8289, "Multichannel Flow Treatment Protocol" },
{ 0xc021, "Link Control Protocol" },
{ 0xc023, "Password Authentication Protocol" },
{ 0xc025, "Link Quality Report" },
+#if 0
{ 0xc027, "Shiva Password Authentication Protocol" },
{ 0xc029, "CallBack Control Protocol (CBCP)" },
{ 0xc02b, "BACP Bandwidth Allocation Control Protocol" },
{ 0xc02d, "BAP" },
+#endif
{ 0xc05b, "Vendor-Specific Authentication Protocol (VSAP)" },
{ 0xc081, "Container Control Protocol" },
{ 0xc223, "Challenge Handshake Authentication Protocol" },
{ 0xc225, "RSA Authentication Protocol" },
{ 0xc227, "Extensible Authentication Protocol" },
+#if 0
{ 0xc229, "Mitsubishi Security Info Exch Ptcl (SIEP)" },
{ 0xc26f, "Stampede Bridging Authorization Protocol" },
{ 0xc281, "Proprietary Authentication Protocol" },
{ 0xc283, "Proprietary Authentication Protocol" },
{ 0xc481, "Proprietary Node ID Authentication Protocol" },
+#endif
{ 0, NULL },
};

28
package/network/services/ppp/patches/405-no_multilink_option.patch Normal file
View File

@@ -0,0 +1,28 @@
pppd: Support "nomp" option even if multilink support is off
This patch moves the "nomp" option entry outside of the defines protecting
the multilink specific code. The motivation is to allow "nomp" even if pppd
does not support multilink, so that controlling programs can unconditionally
pass it to pppd regardless of the compile time features.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
--- a/pppd/options.c
+++ b/pppd/options.c
@@ -350,13 +350,14 @@ option_t general_options[] = {
"Enable multilink operation", OPT_PRIOSUB | OPT_ALIAS | 1 },
{ "nomultilink", o_bool, &multilink,
"Disable multilink operation", OPT_PRIOSUB | 0 },
- { "nomp", o_bool, &multilink,
- "Disable multilink operation", OPT_PRIOSUB | OPT_ALIAS | 0 },
{ "bundle", o_string, &bundle_name,
"Bundle name for multilink", OPT_PRIO },
#endif /* HAVE_MULTILINK */
+ { "nomp", o_bool, &multilink,
+ "Disable multilink operation", OPT_PRIOSUB | OPT_ALIAS | 0 },
+
#ifdef PLUGIN
{ "plugin", o_special, (void *)loadplugin,
"Load a plug-in module into pppd", OPT_PRIV | OPT_A2LIST },

3066
package/network/services/ppp/patches/500-add-pptp-plugin.patch Normal file
View File

File diff suppressed because it is too large Load Diff

11
package/network/services/ppp/patches/510-pptp_compile_fix.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/pppd/plugins/pptp/pptp.c
+++ b/pppd/plugins/pptp/pptp.c
@@ -48,7 +48,7 @@
#include "pptp_callmgr.h"
#include <net/if.h>
-#include <net/ethernet.h>
+#include <linux/if_ether.h>
#include <linux/if_pppox.h>
#include <stdio.h>

11
package/network/services/ppp/patches/511-pptp_cflags.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/pppd/plugins/pptp/Makefile.linux
+++ b/pppd/plugins/pptp/Makefile.linux
@@ -20,7 +20,7 @@ all: pptp.so
$(CC) $(CFLAGS) -c -o $@ $<
pptp.so: dirutil.o orckit_quirks.o pptp.o pptp_callmgr.o pptp_ctrl.o pptp_quirks.o util.o vector.o
- $(CC) -o pptp.so -shared dirutil.o orckit_quirks.o pptp.o pptp_callmgr.o pptp_ctrl.o pptp_quirks.o util.o vector.o
+ $(CC) -fPIC -o pptp.so -shared dirutil.o orckit_quirks.o pptp.o pptp_callmgr.o pptp_ctrl.o pptp_quirks.o util.o vector.o
install: all
$(INSTALL) -d -m 755 $(LIBDIR)

13
package/network/services/ppp/patches/540-save-pppol2tp_fd_str.patch Normal file
View File

@@ -0,0 +1,13 @@
--- a/pppd/plugins/pppol2tp/pppol2tp.c
+++ b/pppd/plugins/pppol2tp/pppol2tp.c
@@ -152,6 +152,10 @@ static int setdevname_pppol2tp(char **ar
if (pppol2tp_fd_str == NULL)
novm("PPPoL2TP FD");
+ pppol2tp_fd_str = strdup(*argv);
+ if (pppol2tp_fd_str == NULL)
+ novm("PPPoL2TP FD");
+
/* Setup option defaults. Compression options are disabled! */
modem = 0;

94
package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch Normal file
View File

@@ -0,0 +1,94 @@
From 831dca008699d485f2c8e91749657ef2d0b06166 Mon Sep 17 00:00:00 2001
From: Martin Schiller <ms@dev.tdt.de>
Date: Thu, 6 Dec 2018 08:43:17 +0100
Subject: [PATCH] Revert "pppd: Use openssl for the DES instead of the libcrypt
/ glibc"
For musl and glibc2.27 we can keep linking to crypt; however if we
switch to glibc 2.28 we will have to link to one of the SSL libraries.
This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
---
pppd/Makefile.linux | 7 +++----
pppd/pppcrypt.c | 18 +++++++++---------
2 files changed, 12 insertions(+), 13 deletions(-)
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -35,10 +35,10 @@ endif
COPTS = -O2 -pipe -Wall -g
LIBS =
-# Uncomment the next line to include support for Microsoft's
+# Uncomment the next 2 lines to include support for Microsoft's
# MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
CHAPMS=y
-#USE_CRYPT=y
+USE_CRYPT=y
# Don't use MSLANMAN unless you really know what you're doing.
#MSLANMAN=y
# Uncomment the next line to include support for MPPE. CHAPMS (above) must
@@ -140,8 +140,7 @@ endif
ifdef NEEDDES
ifndef USE_CRYPT
-CFLAGS += -I/usr/include/openssl
-LIBS += -lcrypto
+LIBS += -ldes $(LIBS)
else
CFLAGS += -DUSE_CRYPT=1
endif
--- a/pppd/pppcrypt.c
+++ b/pppd/pppcrypt.c
@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key w
des_key[7] = Get7Bits(key, 49);
#ifndef USE_CRYPT
- DES_set_odd_parity((DES_cblock *)des_key);
+ des_set_odd_parity((des_cblock *)des_key);
#endif
}
@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */
}
#else /* USE_CRYPT */
-static DES_key_schedule key_schedule;
+static des_key_schedule key_schedule;
bool
DesSetkey(key)
u_char *key;
{
- DES_cblock des_key;
+ des_cblock des_key;
MakeKey(key, des_key);
- DES_set_key(&des_key, &key_schedule);
+ des_set_key(&des_key, key_schedule);
return (1);
}
bool
-DesEncrypt(clear, cipher)
+DesEncrypt(clear, key, cipher)
u_char *clear; /* IN 8 octets */
u_char *cipher; /* OUT 8 octets */
{
- DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
- &key_schedule, 1);
+ des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,
+ key_schedule, 1);
return (1);
}
@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
u_char *cipher; /* IN 8 octets */
u_char *clear; /* OUT 8 octets */
{
- DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
- &key_schedule, 0);
+ des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear,
+ key_schedule, 0);
return (1);
}

30
package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch Normal file
View File

@@ -0,0 +1,30 @@
From 858976b1fc3107f1261aae337831959b511b83c2 Mon Sep 17 00:00:00 2001
From: Paul Mackerras <paulus@ozlabs.org>
Date: Sat, 4 Jan 2020 12:01:32 +1100
Subject: [PATCH] radius: Prevent buffer overflow in rc_mksid()
On some systems getpid() can return a value greater than 65535.
Increase the size of buf[] to allow for this, and use slprintf()
to make sure we never overflow it.
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
---
pppd/plugins/radius/util.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/plugins/radius/util.c b/pppd/plugins/radius/util.c
index 6f976a712951..740131e8377c 100644
--- a/pppd/plugins/radius/util.c
+++ b/pppd/plugins/radius/util.c
@@ -73,9 +73,9 @@ void rc_mdelay(int msecs)
char *
rc_mksid (void)
{
- static char buf[15];
+ static char buf[32];
static unsigned short int cnt = 0;
- sprintf (buf, "%08lX%04X%02hX",
+ slprintf(buf, sizeof(buf), "%08lX%04X%02hX",
(unsigned long int) time (NULL),
(unsigned int) getpid (),
cnt & 0xFF);

37
package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch Normal file
View File

@@ -0,0 +1,37 @@
From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001
From: Paul Mackerras <paulus@ozlabs.org>
Date: Mon, 3 Feb 2020 15:53:28 +1100
Subject: [PATCH] pppd: Fix bounds check in EAP code
Given that we have just checked vallen < len, it can never be the case
that vallen >= len + sizeof(rhostname). This fixes the check so we
actually avoid overflowing the rhostname array.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
---
pppd/eap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pppd/eap.c b/pppd/eap.c
index 94407f56a336..1b93db01aebd 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
@@ -1420,7 +1420,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';
@@ -1846,7 +1846,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';

61
package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch Normal file
View File

@@ -0,0 +1,61 @@
From 8d45443bb5c9372b4c6a362ba2f443d41c5636af Mon Sep 17 00:00:00 2001
From: Paul Mackerras <paulus@ozlabs.org>
Date: Mon, 3 Feb 2020 16:31:42 +1100
Subject: [PATCH] pppd: Ignore received EAP messages when not doing EAP
This adds some basic checks to the subroutines of eap_input to check
that we have requested or agreed to doing EAP authentication before
doing any processing on the received packet. The motivation is to
make it harder for a malicious peer to disrupt the operation of pppd
by sending unsolicited EAP packets. Note that eap_success() already
has a check that the EAP client state is reasonable, and does nothing
(apart from possibly printing a debug message) if not.
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
---
pppd/eap.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/pppd/eap.c b/pppd/eap.c
index 1b93db01aebd..082e95343120 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
@@ -1328,6 +1328,12 @@ int len;
int fd;
#endif /* USE_SRP */
+ /*
+ * Ignore requests if we're not open
+ */
+ if (esp->es_client.ea_state <= eapClosed)
+ return;
+
/*
* Note: we update es_client.ea_id *only if* a Response
* message is being generated. Otherwise, we leave it the
@@ -1736,6 +1742,12 @@ int len;
u_char dig[SHA_DIGESTSIZE];
#endif /* USE_SRP */
+ /*
+ * Ignore responses if we're not open
+ */
+ if (esp->es_server.ea_state <= eapClosed)
+ return;
+
if (esp->es_server.ea_id != id) {
dbglog("EAP: discarding Response %d; expected ID %d", id,
esp->es_server.ea_id);
@@ -2047,6 +2059,12 @@ u_char *inp;
int id;
int len;
{
+ /*
+ * Ignore failure messages if we're not open
+ */
+ if (esp->es_client.ea_state <= eapClosed)
+ return;
+
if (!eap_client_active(esp)) {
dbglog("EAP unexpected failure message in state %s (%d)",
eap_state_name(esp->es_client.ea_state),

51
package/network/services/ppp/utils/pfc.c Normal file
View File

@@ -0,0 +1,51 @@
/*
* Taken from fli4l 3.0
* Make sure you compile it against the same libpcap version used in OpenWrt
*/
#include <stdlib.h>
#include <sys/types.h>
#include <sys/time.h>
#include <string.h>
#include <linux/types.h>
#include <linux/ppp_defs.h>
#include <pcap.h>
#include <pcap-bpf.h>
int main (int argc, char ** argv)
{
pcap_t *pc; /* Fake struct pcap so we can compile expr */
struct bpf_program filter; /* Filter program for link-active pkts */
u_int32_t netmask=0;
int dflag = 3;
if (argc == 4)
{
if (!strcmp (argv[1], "-d"))
{
dflag = atoi (argv[2]);
argv += 2;
argc -=2;
}
}
if (argc != 2)
{
printf ("usage; %s [ -d <debug_level> ] expression\n", argv[0]);
return 1;
}
pc = pcap_open_dead(DLT_PPP_PPPD, PPP_HDRLEN);
if (pcap_compile(pc, &filter, argv[1], 1, netmask) == 0)
{
printf ("#\n# Expression: %s\n#\n", argv[1]);
bpf_dump (&filter, dflag);
return 0;
}
else
{
printf("error in active-filter expression: %s\n", pcap_geterr(pc));
}
return 1;
}