SLFO-pool/ppp
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main ppp revision c3ca3621dfac361e4bb0f4ebf5d608d5

Browse Source
This commit is contained in:
Adrian Schröter 2024-05-03 19:35:34 +02:00
commit f11ff9b512
29 changed files with 2286 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

18
chap-secrets.template Normal file
View File

@ -0,0 +1,18 @@
# Secrets for authentication using CHAP
# client server secret IP addresses
# OUTBOUND CONNECTIONS
# Here you should add your PPP Login and PPP password to connect to your
# provider via pap. The * means that the entry(login and passoword may be
# used for ANY host you connect to.
# Thus you do not have to worry about the foreign machine name. Just
# replace password with your password.
#hostname * password
# PREDIFINED CONNECTIONS
# These are user and password entries for publically accessible call-by-call
# Internet providers in Germany. If they confict with your config, remove them.
# READ_IN_CALLBYCALL_SECRETS
# INBOUND CONNECTIONS
#client hostname <password> 192.168.1.1

14
filters Normal file
View File

@ -0,0 +1,14 @@
#
# These filter rules should prevent unwanted internet services to
# keep your connections up by ignoring their connection requests
# and your 'go way' responses.
#
# This file should be included by the line 'file /etc/ppp/filters' in
# /etc/ppp/options.
#
# Note: This has nothing to do with firewall rules. It only affects
# the idle time calculation of the kernel/pppd.
#
active-filter 'outbound and not icmp[0] == 3 and not tcp[13] & 4 != 0'

18
modem-peers Normal file
View File

@ -0,0 +1,18 @@
460800
defaultroute
usepeerdns
crtscts
lock
noauth
local
persist
modem
nopcomp
novjccomp
nobsdcomp
nodeflate
noaccomp
ipcp-accept-local
ipcp-accept-remote
noipdefault
connect "/usr/sbin/chat -t10 -f /etc/ppp/chatscripts/modem.chat"

19
modem.chat Normal file
View File

@ -0,0 +1,19 @@
ABORT 'BUSY'
ABORT 'NO CARRIER'
ABORT 'VOICE'
ABORT 'NO DIALTONE'
ABORT 'NO DIAL TONE'
ABORT 'NO ANSWER'
ABORT 'DELAYED'
REPORT CONNECT
TIMEOUT 5
'' 'ATQ0'
'OK-AT-OK' 'ATZ'
TIMEOUT 3
'OK-AT-OK' 'ATI'
'OK' 'ATZ'
'OK' 'ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0'
'OK' 'AT\^SYSCFG=2,2,3fffffff,0,1'
'OK-AT-OK' 'AT+CGDCONT=1,"IP","internet.mts.ru"'
'OK' 'ATDT*99#'
CONNECT

1
modem.rules Normal file
View File

@ -0,0 +1 @@
KERNEL=="ttyACM[0-9]*", TAG+="systemd", ENV{SYSTEMD_WANTS}="modem@%n.service"

12
modem@.service Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description=Modem /dev/ttyACM%i
BindsTo=dev-ttyACM%i.device
After=dev-ttyACM%i.device
Before=network.target
[Service]
Group=dialout
ExecStart=/usr/sbin/pppd call modem /dev/ttyACM%i
[Install]
WantedBy=multi-user.target

198
options Normal file
View File

@ -0,0 +1,198 @@
# /etc/ppp/options
#
# Not every option is listed here, see man pppd for more details. This file
# is read by the pppd, it is an error when it is not present.
#
# Use the following command to see the active options:
# grep -v ^# /etc/ppp/options | grep -v ^$
#
# The name of this server. Often, the FQDN is used here.
#name <host>
# Enforce the use of the hostname as the name of the local system for
# authentication purposes (overrides the name option).
#usehostname
# If no local IP address is given, pppd will use the first IP address
# that belongs to the local hostname. If "noipdefault" is given, this
# is disabled and the peer will have to supply an IP address.
noipdefault
# With this option, pppd will accept the peer's idea of our local IP
# address, even if the local IP address was specified in an option.
#ipcp-accept-local
# With this option, pppd will accept the peer's idea of its (remote) IP
# address, even if the remote IP address was specified in an option.
#ipcp-accept-remote
# Run the executable or shell command specified after pppd has terminated
# the link. This script could, for example, issue commands to the modem
# to cause it to hang up if hardware modem control signals were not
# available.
# If mgetty is running, it will reset the modem anyway. So there is no need
# to do it here.
#disconnect "chat -- \d+++\d\c OK ath0 OK"
# Increase debugging level (same as -d). The debug output is written
# to syslog LOG_LOCAL2.
#debug
# Enable debugging code in the kernel-level PPP driver. The argument n
# is a number which is the sum of the following values: 1 to enable
# general debug messages, 2 to request that the contents of received
# packets be printed, and 4 to request that the contents of transmitted
# packets be printed.
#kdebug n
# noauth means do not require the peer to authenticate itself, this must
# be set if you want to use pppd to connect to the internet. In this case
# *you* must authenicate yourself to the peer(internet provider), so do
# not disable this setting unless you are the dial-in server which where
# the peer has to autenticate to.
noauth
# Use hardware flow control (i.e. RTS/CTS) to control the flow of data
# on the serial port.
crtscts
# Specifies that pppd should use a UUCP-style lock on the serial device
# to ensure exclusive access to the device.
lock
# Use the modem control lines.(is default)
modem
# The opposite: local
#
# Description:
# Don't use the modem control lines. With this option, pppd will ignore the
# state of the CD (Carrier Detect) signal from the modem and will not change
# the state of the DTR (Data Terminal Ready) signal.
#
# You need to disable modem and enable local if you want to connect to anoter
# system without using a modem:
#local
# async character map -- 32-bit hex; each bit is a character
# that needs to be escaped for pppd to receive it. 0x00000001
# represents '\x01', and 0x80000000 represents '\x1f'.
# To allow pppd to work over a rlogin/telnet connection, ou should escape
# XON (^Q), XOFF (^S) and ^]: (The peer should use "escape ff".)
#asyncmap 200a0000
asyncmap 0
# needed for some ISDN Terminaladaters, namely ELSA, those seem to have
# problems with asyncmap negotiation, so you can turn off this procedure
# in case your ISDN box has trouble with it, by enabling this option.
# You have to disable the asyncmap <x> option to be sure to have it
# active. If you use wvdial, set the ISDN parameter in /etc/wvdial.conf
# instead.
#default-asyncmap
# Set the MRU [Maximum Receive Unit] value to <n> for negotiation. pppd
# will ask the peer to send packets of no more than <n> bytes. The
# minimum MRU value is 128. The default MRU value is 1500. A value of
# 296 is recommended for slow links (40 bytes for TCP/IP header + 256
# bytes of data). The value 1492 is for DSL connections (PPP Default -
# PPPoE Header: 1500 - 8 = 1492)
# mru 1492
# Set the MTU [Maximum Transmit Unit] value to <n>. Unless the peer
# requests a smaller value via MRU negotiation, pppd will request that
# the kernel networking code send data packets of no more than n bytes
# through the PPP network interface. The value 1492 is for DSL connections
# (PPP Default - PPPoE Header: 1500 - 8 = 1492)
# mtu 1492
# Set the interface netmask to <n>, a 32 bit netmask in "decimal dot"
# notation (e.g. 255.255.255.0).
#netmask 255.255.255.0
# Don't fork to become a background process (otherwise pppd will do so
# if a serial device is specified).
nodetach
# If this option is given, pppd will send an LCP echo-request frame to
# the peer every n seconds. Normally the peer should respond to the
# echo-request by sending an echo-reply. This option can be used with
# the lcp-echo-failure option to detect that the peer is no longer
# connected.
lcp-echo-interval 30
# If this option is given, pppd will presume the peer to be dead if n
# LCP echo-requests are sent without receiving a valid LCP echo-reply.
# If this happens, pppd will terminate the connection. Use of this
# option requires a non-zero value for the lcp-echo-interval parameter.
# This option can be used to enable pppd to terminate after the physical
# connection has been broken (e.g., the modem has hung up) in
# situations where no hardware modem control lines are available.
lcp-echo-failure 4
# Send up to 60 LCP configure-request during negotiation. With a value
# of 2 for lcp-restart below, this might take up to 2 minutes.
lcp-max-configure 60
# Resend unanswered LCP requests after 2 seconds.
lcp-restart 2
# Specifies that pppd should disconnect if the link is idle for n seconds.
idle 600
# Specifies the maximal number of attempts to connect to the server. This
# is useful for dial on demand. Default value is 10.
#maxfail 3
# Disable the IPXCP and IPX protocols.
noipx
# In the file /etc/ppp/filters are some active-filter rules. See man pppd
# and man tcpdump for more informations.
file /etc/ppp/filters
#-------------------------------------------------------------------------
# The next two options are only interesting for you if you are admin of
# a system with other users that use ppp, and those users are normally
# never allowed to add default route, or you do not want users to
# replace the default route.
#-------------------------------------------------------------------------
# enable this to prevent users from attempting to add a default route.
# Use this option with caution: If the user needs to use a program like
# wvdial, he will not be able to connect because wvdial forces defaulroute
# but this is rejected by this option and the user will not be able to
# connect to the internet.
#nodefaultroute
# enable this to prevent users from replacing an existing default route.
#noreplacedefaultroute
#-------------------------------------------------------------------------
# All options below only make sense if you configure pppd to be a dial-in
# server, so don't touch these if you want dial into your provider with
# PPP!
#-------------------------------------------------------------------------
# Set the assumed name of the remote system for authentication purposes
# to <n>.
#remotename <n>
# Add an entry to this system's ARP [Address Resolution Protocol]
# table with the IP address of the peer and the Ethernet address of this
# system. {proxyarp,noproxyarp}
#proxyarp
# Use the system password database for authenticating the peer using
# PAP. Note: mgetty already provides this option. If this is specified
# then dialin from users using a script under Linux to fire up ppp wont work.
#login
# Specify which DNS Servers the incoming Win95 or WinNT Connection should use
# Two Servers can be remotely configured
#ms-dns 192.168.1.1
#ms-dns 192.168.1.2
# Specify which WINS Servers the incoming connection Win95 or WinNT should use
#ms-wins 192.168.1.50
#ms-wins 192.168.1.51

33
pap-secrets.template Normal file
View File

@ -0,0 +1,33 @@
# Secrets for authentication using PAP
# client server secret IP addresses
# OUTBOUND CONNECTIONS
# Here you should add your PPP Login and PPP password to connect to your
# provider via pap. The * means that the entry(login and passoword may be
# used for ANY host you connect to.
# Thus you do not have to worry about the foreign machine name. Just
# replace password with your password.
#hostname * password
# PREDIFINED CONNECTIONS
# These are user and password entries for publically accessible call-by-call
# Internet providers in Germany. If they confict with your config, remove them.
# READ_IN_CALLBYCALL_SECRETS
# INBOUND CONNECTIONS
#client hostname <password> 192.168.1.1
# If you add "auth login -chap +pap" to /etc/mgetty+sendfax/login.config,
# all users in /etc/passwd can use their password for pap-authentication.
#
# Every regular user can use PPP and has to use passwords from /etc/passwd
#* hostname ""
# UserIDs that cannot use PPP at all. Check your /etc/passwd and add any
# other accounts that should not be able to use pppd! Replace hostname
# with your local hostname.
#guest hostname "*" -
#master hostname "*" -
#root hostname "*" -
#support hostname "*" -
#stats hostname "*" -

BIN
ppp-2.4.9.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

11
ppp-2.4.9.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEv0VLfXa2m9eKuaRpnZrqdyxjcZ8FAl/zpLgACgkQnZrqdyxj
cZ8ImAgAzRJAmRuS4BB87OkE5LQMO68CVji/jHVyTgt3/hTMhJ6HYlX2iLzjmkM9
tXX3vZ+qP0WfcSm65QDIIBd9ICy1VNjjuwb9QH1qBSQJIlE9ZDSbECKtqxtHI//H
gSXe8w4L7xGTl7ODYB3m3JnR13qnfTjf15kDIJ+RKPXmZjYo5cIBb3zATurJBWqC
H8N00XL4d3RPD+hLQtxDDZE8hIIYxVrtmsV6e4MB90/2BBAhEKuW3YgXTDekD6dr
Q3BXdsFcQnUssEIfWFvxt0b08/y92HhtyVaIqVEPxyfGEv/KfugIwzP6E6h7XtX9
uU4Lrqr0652/9UJQT3FS5ou7aaW/PQ==
=x0Lf
-----END PGP SIGNATURE-----

54
ppp-compiling-with-clang-encounters-an-error-in-eap-tls..patch Normal file
View File

@ -0,0 +1,54 @@
diff --git a/pppd/eap-tls.c b/pppd/eap-tls.c
index 5740f30..46a4d5b 100644
--- a/pppd/eap-tls.c
+++ b/pppd/eap-tls.c
@@ -280,6 +280,23 @@ ENGINE *eaptls_ssl_load_engine( char *engine_name )
+#ifndef OPENSSL_NO_ENGINE
+static int eaptls_UI_writer(UI *ui, UI_STRING *uis)
+{
+ PW_CB_DATA* cb_data = (PW_CB_DATA*)UI_get0_user_data(ui);
+ UI_set_result(ui, uis, cb_data->password);
+ return 1;
+}
+
+static int eaptls_UI_stub(UI* ui) {
+ return 1;
+}
+
+static int eaptls_UI_reader(UI *ui, UI_STRING *uis) {
+ return 1;
+}
+#endif
+
/*
* Initialize the SSL stacks and tests if certificates, key and crl
* for client or server use can be loaded.
@@ -516,20 +533,11 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
{
UI_METHOD* transfer_pin = UI_create_method("transfer_pin");
- int writer (UI *ui, UI_STRING *uis)
- {
- PW_CB_DATA* cb_data = (PW_CB_DATA*)UI_get0_user_data(ui);
- UI_set_result(ui, uis, cb_data->password);
- return 1;
- };
- int stub (UI* ui) {return 1;};
- int stub_reader (UI *ui, UI_STRING *uis) {return 1;};
-
- UI_method_set_writer(transfer_pin, writer);
- UI_method_set_opener(transfer_pin, stub);
- UI_method_set_closer(transfer_pin, stub);
- UI_method_set_flusher(transfer_pin, stub);
- UI_method_set_reader(transfer_pin, stub_reader);
+ UI_method_set_writer(transfer_pin, eaptls_UI_writer);
+ UI_method_set_opener(transfer_pin, eaptls_UI_stub);
+ UI_method_set_closer(transfer_pin, eaptls_UI_stub);
+ UI_method_set_flusher(transfer_pin, eaptls_UI_stub);
+ UI_method_set_reader(transfer_pin, eaptls_UI_reader);
dbglog( "Using our private key '%s' in engine", pkey_identifier );
pkey = ENGINE_load_private_key(pkey_engine, pkey_identifier, transfer_pin, &cb_data);

30
ppp-fix-bashisms.patch Normal file
View File

@ -0,0 +1,30 @@
diff -Ndur ppp-2.4.7/scripts/redialer ppp-2.4.7-fix-bashisms/scripts/redialer
--- ppp-2.4.7/scripts/redialer 2014-08-09 15:31:39.000000000 +0300
+++ ppp-2.4.7-fix-bashisms/scripts/redialer 2014-11-19 05:09:46.168864978 +0200
@@ -31,7 +31,7 @@
# Function to initialize the modem and ensure that it is in command
# state. This may not be needed, but it doesn't hurt.
#
-function initialize
+initialize()
{
chat -v TIMEOUT 3 '' AT 'OK-+++\c-OK'
return
@@ -41,7 +41,7 @@
#
# Script to dial a telephone
#
-function callnumber
+callnumber()
{
chat -v \
ABORT '\nBUSY\r' \
@@ -66,7 +66,7 @@
#
# Script to dial any telephone number
#
-function callall
+callall()
{
# echo "dialing attempt number: $1" >/dev/console
callnumber $PHONE1

91
ppp-fork-fix.patch Normal file
View File

@ -0,0 +1,91 @@
--- pppd/main.c.orig
+++ pppd/main.c
@@ -1551,14 +1551,6 @@ safe_fork(int infd, int outfd, int errfd
int fd, pipefd[2];
char buf[1];
- /* make sure fds 0, 1, 2 are occupied (probably not necessary) */
- while ((fd = dup(fd_devnull)) >= 0) {
- if (fd > 2) {
- close(fd);
- break;
- }
- }
-
if (pipe(pipefd) == -1)
pipefd[0] = pipefd[1] = -1;
pid = fork();
@@ -1582,25 +1574,31 @@ safe_fork(int infd, int outfd, int errfd
tdb_close(pppdb);
#endif
- /* make sure infd, outfd and errfd won't get tromped on below */
- if (infd == 1 || infd == 2)
- infd = dup(infd);
- if (outfd == 0 || outfd == 2)
- outfd = dup(outfd);
- if (errfd == 0 || errfd == 1)
- errfd = dup(errfd);
-
+ /* make sure fds 0, 1, 2 are occupied, so the duplicated fds always > 2 */
+ while ((fd = dup(fd_devnull)) >= 0) {
+ if (fd > 2) {
+ close(fd);
+ break;
+ }
+ }
+
+ /* always copy fd's to avoid to use a already closed fd later */
+ {
+ int fdi = infd, fdo = outfd;
+
+ infd = dup(infd);
+ outfd = dup(outfd);
+ if (errfd >= 0) {
+ fd = errfd;
+ errfd = dup(errfd);
+ close(fd);
+ }
+ close(fdi);
+ close(fdo);
+ }
closelog();
- /* dup the in, out, err fds to 0, 1, 2 */
- if (infd != 0)
- dup2(infd, 0);
- if (outfd != 1)
- dup2(outfd, 1);
- if (errfd != 2)
- dup2(errfd, 2);
-
- if (log_to_fd > 2)
+ if (log_to_fd > 0)
close(log_to_fd);
if (the_channel->close)
(*the_channel->close)();
@@ -1608,12 +1606,18 @@ safe_fork(int infd, int outfd, int errfd
close(devfd); /* some plugins don't have a close function */
close(fd_ppp);
close(fd_devnull);
- if (infd != 0)
- close(infd);
- if (outfd != 1)
- close(outfd);
- if (errfd != 2)
- close(errfd);
+
+ close(0);
+ dup2(infd, 0);
+ close(infd);
+ close(1);
+ dup2(outfd, 1);
+ close(outfd);
+ if (errfd >= 0) {
+ close(2);
+ dup2(errfd, 2);
+ close(errfd);
+ }
notify(fork_notifier, 0);
close(pipefd[0]);

99
ppp-lib64.patch Normal file
View File

@ -0,0 +1,99 @@
diff -Nur ppp-2.4.9/pppd/Makefile.linux new/pppd/Makefile.linux
--- ppp-2.4.9/pppd/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/Makefile.linux 2022-05-23 17:42:04.835599374 +0200
@@ -112,7 +112,7 @@
# EAP SRP-SHA1
ifdef USE_SRP
CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
-LIBS += -lsrp -L/usr/local/ssl/lib
+LIBS += -lsrp -L/usr/local/ssl/lib6464
NEEDCRYPTOLIB = y
TARGETS += srp-entry
EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
diff -Nur ppp-2.4.9/pppd/pathnames.h new/pppd/pathnames.h
--- ppp-2.4.9/pppd/pathnames.h 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/pathnames.h 2022-05-23 17:42:04.835599374 +0200
@@ -62,9 +62,9 @@
#ifdef PLUGIN
#ifdef __STDC__
-#define _PATH_PLUGIN DESTDIR "/lib/pppd/" VERSION
+#define _PATH_PLUGIN DESTDIR "/lib64/pppd/" VERSION
#else /* __STDC__ */
-#define _PATH_PLUGIN "/usr/lib/pppd"
+#define _PATH_PLUGIN "/usr/lib64/pppd"
#endif /* __STDC__ */
#endif /* PLUGIN */
diff -Nur ppp-2.4.9/pppd/plugins/Makefile.linux new/pppd/plugins/Makefile.linux
--- ppp-2.4.9/pppd/plugins/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/plugins/Makefile.linux 2022-05-23 17:42:04.835599374 +0200
@@ -5,7 +5,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION)
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
LDFLAGS_SHARED = -shared
diff -Nur ppp-2.4.9/pppd/plugins/pppoatm/Makefile.linux new/pppd/plugins/pppoatm/Makefile.linux
--- ppp-2.4.9/pppd/plugins/pppoatm/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/plugins/pppoatm/Makefile.linux 2022-05-23 17:42:04.835599374 +0200
@@ -4,7 +4,7 @@
COPTS=@CFLAGS@
DESTDIR = $(INSTROOT)@DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff -Nur ppp-2.4.9/pppd/plugins/pppoe/Makefile.linux new/pppd/plugins/pppoe/Makefile.linux
--- ppp-2.4.9/pppd/plugins/pppoe/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/plugins/pppoe/Makefile.linux 2022-05-23 17:42:04.835599374 +0200
@@ -18,7 +18,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
-LIBDIR = $(DESTDIR)/lib/pppd/$(PPPDVERSION)
+LIBDIR = $(DESTDIR)/lib64/pppd/$(PPPDVERSION)
PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff -Nur ppp-2.4.9/pppd/plugins/pppol2tp/Makefile.linux new/pppd/plugins/pppol2tp/Makefile.linux
--- ppp-2.4.9/pppd/plugins/pppol2tp/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/plugins/pppol2tp/Makefile.linux 2022-05-23 17:42:04.835599374 +0200
@@ -4,7 +4,7 @@
COPTS=@CFLAGS@
DESTDIR = $(INSTROOT)/@DESTDIR@
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff -Nur ppp-2.4.9/pppd/plugins/radius/Makefile.linux new/pppd/plugins/radius/Makefile.linux
--- ppp-2.4.9/pppd/plugins/radius/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/plugins/radius/Makefile.linux 2022-05-23 17:42:04.835599374 +0200
@@ -9,7 +9,7 @@
DESTDIR = $(INSTROOT)@DESTDIR@
MANDIR = $(DESTDIR)/share/man/man8
-LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
diff -Nur ppp-2.4.9/pppd/pppd.8 new/pppd/pppd.8
--- ppp-2.4.9/pppd/pppd.8 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/pppd.8 2022-05-23 17:42:04.835599374 +0200
@@ -995,7 +995,7 @@
.B plugin \fIfilename
Load the shared library object file \fIfilename\fR as a plugin. This
is a privileged option. If \fIfilename\fR does not contain a slash
-(/), pppd will look in the \fB/usr/lib/pppd/\fIversion\fR directory
+(/), pppd will look in the \fB/usr/lib64/pppd/\fIversion\fR directory
for the plugin, where
\fIversion\fR is the version number of pppd (for example, 2.4.2).
.TP

45
ppp-misc.patch Normal file
View File

@ -0,0 +1,45 @@
--- pppd/auth.c.orig
+++ pppd/auth.c
@@ -2105,9 +2105,10 @@ check_access(f, filename)
if (fstat(fileno(f), &sbuf) < 0) {
warn("cannot stat secret file %s: %m", filename);
- } else if ((sbuf.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
- warn("Warning - secret file %s has world and/or group access",
- filename);
+ } else if ((sbuf.st_mode & S_IRWXO) != 0) {
+ warn("Warning - secret file %s has world access", filename);
+ } else if ((sbuf.st_mode & S_IRWXG) != 0 && sbuf.st_gid != 15) {
+ warn("Warning - secret file %s has group access", filename);
}
}
--- pppd/lcp.c.orig
+++ pppd/lcp.c
@@ -2302,7 +2302,7 @@ lcp_received_echo_reply (f, id, inp, len
if (lcp_gotoptions[f->unit].neg_magicnumber
&& magic == lcp_gotoptions[f->unit].magicnumber) {
warn("appear to have received our own echo-reply!");
- return;
+ /* M$-Software did get this wrong so we also accept those packets. */
}
/* Reset the number of outstanding echo frames */
--- pppd/pppd.h.orig
+++ pppd/pppd.h
@@ -873,15 +873,7 @@ extern void (*snoop_send_hook) __P((unsi
#define DEBUGCHAP 1
#endif
-#ifndef LOG_PPP /* we use LOG_LOCAL2 for syslog by default */
-#if defined(DEBUGMAIN) || defined(DEBUGFSM) || defined(DEBUGSYS) \
- || defined(DEBUGLCP) || defined(DEBUGIPCP) || defined(DEBUGUPAP) \
- || defined(DEBUGCHAP) || defined(DEBUG) || defined(DEBUGIPV6CP)
#define LOG_PPP LOG_LOCAL2
-#else
-#define LOG_PPP LOG_DAEMON
-#endif
-#endif /* LOG_PPP */
#ifdef DEBUGMAIN
#define MAINDEBUG(x) if (debug) dbglog x

9
ppp-peers Normal file
View File

@ -0,0 +1,9 @@
#
# PPP (plain old modem) options
#
# Plugin passwordfd enables us to pipe the password to pppd, thus we
# don't have to put it into pap-secrets and chap-secrets.
#
plugin passwordfd.so
#
noauth

36
ppp-pie.patch Normal file
View File

@ -0,0 +1,36 @@
diff -Nur ppp-2.4.9/chat/Makefile.linux new/chat/Makefile.linux
--- ppp-2.4.9/chat/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/chat/Makefile.linux 2022-05-23 17:29:53.108022140 +0200
@@ -19,7 +19,7 @@
all: chat
chat: chat.o
- $(CC) $(LDFLAGS) -o chat chat.o
+ $(CC) -pie $(LDFLAGS) -o chat chat.o
chat.o: chat.c
$(CC) -c $(CFLAGS) -o chat.o chat.c
diff -Nur ppp-2.4.9/pppd/Makefile.linux new/pppd/Makefile.linux
--- ppp-2.4.9/pppd/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/Makefile.linux 2022-05-23 17:29:53.108022140 +0200
@@ -245,7 +245,7 @@
$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
pppd: $(PPPDOBJS)
- $(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_PLUGIN) -o pppd $(PPPDOBJS) $(LIBS)
+ $(CC) $(CFLAGS) -pie -fPIC $(LDFLAGS) $(LDFLAGS_PLUGIN) -o pppd $(PPPDOBJS) $(LIBS)
srp-entry: srp-entry.c
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ srp-entry.c $(LIBS)
diff -Nur ppp-2.4.9/pppstats/Makefile.linux new/pppstats/Makefile.linux
--- ppp-2.4.9/pppstats/Makefile.linux 2021-01-05 00:06:37.000000000 +0100
+++ new/pppstats/Makefile.linux 2022-05-23 17:29:53.108022140 +0200
@@ -27,7 +27,7 @@
$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
pppstats: $(PPPSTATSRCS)
- $(CC) $(CFLAGS) $(LDFLAGS) -o pppstats pppstats.c $(LIBS)
+ $(CC) $(CFLAGS) -pie -fPIE $(LDFLAGS) -o pppstats pppstats.c $(LIBS)
clean:
rm -f pppstats *~ #* core

13
ppp-smpppd.patch Normal file
View File

@ -0,0 +1,13 @@
--- pppd/main.c.orig
+++ pppd/main.c
@@ -1920,8 +1920,8 @@ forget_child(pid, status)
if (WIFSIGNALED(status)) {
warn("Child process %s (pid %d) terminated with signal %d",
(chp? chp->prog: "??"), pid, WTERMSIG(status));
- } else if (debug)
- dbglog("Script %s finished (pid %d), status = 0x%x",
+ } else
+ info("Script %s finished (pid %d), status = 0x%x",
(chp? chp->prog: "??"), pid,
WIFEXITED(status) ? WEXITSTATUS(status) : status);
if (chp && chp->done)

77
ppp-var_run_resolv_conf.patch Normal file
View File

@ -0,0 +1,77 @@
Tue Jul 22 14:16:29 CEST 2008 - hvogel@suse.de
Move the resolv.conf written by pppd to /var/run [bnc#401648]
diff -Nur ppp-2.4.9/Changes-2.3 new/Changes-2.3
--- ppp-2.4.9/Changes-2.3 2021-01-05 00:06:37.000000000 +0100
+++ new/Changes-2.3 2022-05-23 18:30:08.827773633 +0200
@@ -262,10 +262,10 @@
* Added new option `usepeerdns', thanks to Nick Walker
<nickwalker@email.com>. If the peer supplies DNS addresses, these
- will be written to /etc/ppp/resolv.conf. The ip-up script can then
- be used to add these addresses to /etc/resolv.conf if desired (see
- the ip-up.local.add and ip-down.local.add files in the scripts
- directory).
+ will be written to /var/run/ppp_resolv.conf.$INTERFACE_NAME.
+ The ip-up script can then be used to add these addresses to
+ /etc/resolv.conf if desired (see the ip-up.local.add and
+ ip-down.local.add files in the scripts directory).
* The Solaris ppp driver should now work correctly on SMP systems.
diff -Nur ppp-2.4.9/pppd/ipcp.c new/pppd/ipcp.c
--- ppp-2.4.9/pppd/ipcp.c 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/ipcp.c 2022-05-23 18:30:08.827773633 +0200
@@ -2090,10 +2090,13 @@
create_resolv(u_int32_t peerdns1, u_int32_t peerdns2)
{
FILE *f;
+ char rcfilename[MAXIFNAMELEN];
- f = fopen(_PATH_RESOLV, "w");
+ slprintf(rcfilename, sizeof(rcfilename), "%s.%s",
+ _PATH_RESOLV, ifname);
+ f = fopen(rcfilename, "w");
if (f == NULL) {
- error("Failed to create %s: %m", _PATH_RESOLV);
+ error("Failed to create %s: %m", rcfilename);
return;
}
@@ -2104,7 +2107,7 @@
fprintf(f, "nameserver %s\n", ip_ntoa(peerdns2));
if (ferror(f))
- error("Write failed to %s: %m", _PATH_RESOLV);
+ error("Write failed to %s: %m", rcfilename);
fclose(f);
}
diff -Nur ppp-2.4.9/pppd/pathnames.h new/pppd/pathnames.h
--- ppp-2.4.9/pppd/pathnames.h 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/pathnames.h 2022-05-23 18:30:08.827773633 +0200
@@ -35,7 +35,7 @@
#define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options."
#define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors"
#define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/"
-#define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf"
+#define _PATH_RESOLV _ROOT_PATH "/var/run/ppp_resolv.conf"
#define _PATH_USEROPT ".ppprc"
#define _PATH_PSEUDONYM ".ppp_pseudonym"
diff -Nur ppp-2.4.9/pppd/pppd.8 new/pppd/pppd.8
--- ppp-2.4.9/pppd/pppd.8 2021-01-05 00:06:37.000000000 +0100
+++ new/pppd/pppd.8 2022-05-23 18:30:08.827773633 +0200
@@ -1196,8 +1196,8 @@
by the peer (if any) are passed to the /etc/ppp/ip\-up script in the
environment variables DNS1 and DNS2, and the environment variable
USEPEERDNS will be set to 1. In addition, pppd will create an
-/etc/ppp/resolv.conf file containing one or two nameserver lines with
-the address(es) supplied by the peer.
+/var/run/ppp_resolv.conf.$INTERFACE file containing one or two nameserver
+lines with the address(es) supplied by the peer.
.TP
.B user \fIname
Sets the name used for authenticating the local system to the peer to

1038
ppp.changes Normal file
View File

File diff suppressed because it is too large Load Diff

157
ppp.keyring Normal file
View File

@ -0,0 +1,157 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.6
Comment: Hostname: sks.pod02.fleetstreetops.com
mQINBE6U9CMBEADlOHAMjZEsRW0/0kNcckRWRbW5J29rhPM7N0cgSC2NcJEcPYDT/yoNsv8g
bzhGCACSvYDMscTdifon7o9JZyOxoUcn+AaFMyNCuZRcvmZNsHcKfB82dkmSniM+nCwC6Oqv
4av5XyeRz9k5o06Gno6k8nio0zX5ZIdHjtHTxB8mvur7tNkkUiDvl++VXk8txsJNKLNti3Eq
RTaHHG9Uu+bx4j1HuDyqh5+RAWoVClAc9OaiaPxQw44p1meWPLcR/E4ClEUvzN/L03AKFj2K
d85HuYc5zoqP4GsfnDwvqMKZZvNP7Ohq9hw3rtweoFrU476umQ+XYyBhEtY7ktP6jVbipZpS
4UoF49/ZZHx/pA+8VzMUWf5OwgGUxHYHWdeR7ffgsWKBM2+EZlfmAEzLWMC5FEvpvQkdAgy+
QsZWE+Hvom4IueBxEiimcL2DjIfIx0HcVsMObM82/w35p3ymYHM+WuKuqq8eXNgx6uAMnGYP
vVXrp/1DxCMog+aaZslPhgKelF31Oh4S7IIeG/YRRsQaxiFl2M01+uhpNOGoLhW08H6Y3irw
Jz5x8WACDaA9adZN6qJB1LI1QnxUxan4ZUqPoCuUuwn8uqBet7OU8Z8u3VEMs9EMW477wjkR
qZedIopUJRgQnnlUYTPPY235gn/UNSy6X27o33vWngt3A5JLLQARAQABtCFQYXVsIE1hY2tl
cnJhcyA8cGF1bHVzQHNhbWJhLm9yZz6JARwEEAECAAYFAlJnvJYACgkQeb4+QwBBGIYwYQf/
S57+Z6KAE05MEstwQbRx7GsoJpGYj3I8vOiU7NmUgbU/CEi3Tmu/N4AJ+5r+cmeebFgFoL2Y
3AFCtrDVOn9+DqHM0PzdpFU4H/c+3+LJF5MafmdV0hXCOU15dJvTOvPcs7dy2wQNc3oV6TMs
F6LkBbr2e0UMRNSTpfQ/ypG5eoc4WjWO+syAaHWceKvHSaLv/bRbdFxoj7Ctwb5ImntTo/tA
GGbcbICVA1qAfliq8YqflByARdV9vHhLODlCHTLa5NVZMvldkjyxdYYrvS0cfe620vtBzegs
0BbLj6nUG6I9tN/tfOvog3cjfLKBdhAyNk3q+eF5TDOm1fj4P7touokCHAQQAQIABgUCUmkn
xQAKCRCevxLzctn7jN40D/9WMKOUAZlTd6leCjOYc17uRvyqf0BmF3I3vLfHy1FLqec1y5pf
NB/qjzKiSNwricvHtq1W+6lNP00Q3zDLPRA8XdEoEEKU7nnHqXN72Nu4fUM8jH48Zzk5aWU8
dLuOQmiT8HglaPSCqziU3wkWz5Wvn77OOccw3v3iHgMgJE7k6YQ74JQURSWX7qJOlJ23vxay
H7rh9Yj71CShZaW6WYm/+H8RqDdCpB8NU7W9zSdxE14+BpTrpu7iubN9Ouh0EYutqRom4DcO
PzwNPEGqkIIDY7aXMdkVeXHHt7bt9hTMwd2+45bNLC0TpyIwenF16cEU/NleFeqBRe4IbAod
/tVFWYRdG0h4MvZWLj503vV7QG0O/+LTJbXNk+y7JHDez9xLKUUUydLx5cIeKnVFQHwyH15y
DpXhysi3xx4AbL4m+72zoCoKbDD9fw5wNTGwbvTIZrFPKtIffY2BMjc/kLv+8P6aLaS0BUad
0nb9p6Na+3Ui4zJHiPIhAu0k/7nd6GRyR0wyv0FF0L8Em8cYRLu29u/oBv8hkEOUOPmRX8dJ
+IAFIpVQvT/8OCWQe2TzQlWPpd6yNsGGVoARQq9g5koAg9zjKegXYXB5bZ30N+aE78vPVOp5
NbH2/ZYNfOywzToVbUW47UC9Qw1Vt10a56nvFsVBdOUKMTpc5DYE3tuT/YkCIAQQAQIACgUC
TpT0tgMFAXgACgkQnkKV1gX2bOkn1A/8Cr6FdKkwBhQLI2TeNlU78uV3pChLBu9id8bCAIZX
mlrXjYPwY+qOva1CEAQ7+2pbnLqVoFvnjzqh9kwh5hloF+Y9OyZg6cPRbES6DIvKdb04K+Zy
FHAUlwgxWH1UKNugi9Ts6RWYxBKkhD1as30RqsGw87ChA8l5gVd4JkO9yyRn9QujzpUhniAU
TvocYKQgBHXba/aBVppDo7XcEnQwtrpSI9+QwIyiwKsiE4zt4wdyE82g1cX3Jgtfvg8e8mij
KNoDMCXzsFutd7rcON42+2IjeA6RnqRlbkP1Trnf5UGuncVL06XTADiArxkeP7jvwi+x9fX1
8slRlZGHs8rEx6GCgy8MGYPAj+iljGNKI7ncjcyUjXVy7J9g4SDlHb4dUvihreWo96N7aKcu
RxdoXei15xHdI8XWOfLrD87ZkirNzSWjNkZJBStncDf5N3v05glaEF1iGtBuL8dmOSZZAXA7
frsARfBdiUnjsCK+hhCx5kVp1MZOxAyJ7OdspE4bnpGFBXBKD4NJBUXnzzCKQPQdIXHPpZhM
mXTcxCqu88YYnQcsOj8cLNtd1NsBocE2ldtZCmJFUoKRkLXOWGDQAN2AsOmbB71h0IMgG6IZ
zuy8ac+cZnXB1uHzclJS53p+C7v9Ndqayhjh8C2twCOeLYe53+0g/f2ImB+QfSfMeC2JAiAE
EwEIAAoFAk/armUDBQE8AAoJEFrSQhHAYNHId/oP/jhCwPWzOlrIx2hHkHbqg1gOFnuIF+pE
zIPUvwKKk0yRJqU5dKGj+KZQMsnsfvEbltdcdqhLXIXXYkyWneHEm1kqdkB3/rifTIopZo1z
eQa4VHHCc2TzO9chAcyMAHlSXf/1nWgHgiP3RuvqdIb4tfdeS0niyVyc1kOhiNCRsKEGsKOG
PnTTzDxnDRYkgQgTXPjbggD/ymHs2rfVF8xjCgLMNlVTrurLSBr7SpwOGJx8xfnnoRH+8mpA
2MrZNdJboSz/kF1GpQXc7sXz/4kjyFFR7c8ckQnneWKoVpRo/Cbs12li1ZSfZbyZr8RVNtPb
k7atyiQExl5nqRjmz+RvA8/zL7LwlL5YPlRRPbU2KGdYzFiZzG+BG+2FPLso1Ohob+ONwLHk
tRmnv72Hj3yUK70VJKLVUckeYIwd7Il7ua1cgr21RkyFKJxWuiGxpKtusuJAkPFaj4ByLnGC
94t3yGx9s43wbUv3FxXU45sqC1MgQLzOaKlEFWQW2ZPneca7W4dmqGQR/ejmiGcBSh8YJKxK
TJ3X9xHQrgo71XBU57C0kk+Yutv+3QDHOiOZl45CJgaPiTvTYatHk8TQy3KVgMn5xmPK+2+O
/+Cfc81hBvQnBNRyzsSRNCb04CDDS8e/hNehGz3zEHPwp8NxHWKHQjy4WulNprNXsdr6ckCa
oMpBiQI4BBMBAgAiAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWgKLYgAKCRAEDx1J
7J27jATxD/93PpJ7yDVxpBYH+zTnU4ffFdDPSZLNJY4JaoFaz2tBiKvp548Qf3tZHd9v39x+
gY15iRph7+2P5sx5w+ov4akztkD209adkzcmlv9fRPjOcJfwRX8JLF7vGrIiWxqvfd7C7N0g
vGPizpb9o2LoF5L4g2XEJWXDw9/t1w/o0IfCXIuqg4eHJMC/dZKh37LpVpa70TqmeB6uSeG3
pHJ3tNVo+/pn/ZfqBUaL2cvhf0hfWM+1SXLmkXaF15TESLc+HD0/KGvaohcldY3zz6/wKPsF
z2lj6fQ72i5vh3u+YP6Lm50u3W4MpfyNOhwI5TUQM96MWUSLhOW5PUhEBC3wcXpa6ZhzX42+
IVRbouPy9ZLbmKirQoqjgQ+Ax7YmajAzNA+O1wRNPN89vyrRU/dLs11eekc/C6ipMMvpOWFA
/V4FDSnKA9Z6QImkeWCRSw5jQjZDoKonTEV4E0acya7PSrE+opz+vqOwAJAnrpZfdRf1mOoh
5QBphNqDBGujxtXswGfy9F9EfSRcaHBw80qpP6lEMOF0HtgI9i0OE6uoYtdCRPLkhq6lJDaO
L8dhOEevsr8sRzH79T5A0fNbfm8p7TEzR++azPgalqeLnD+ttk3gD5Xzxvfkqzw14+90zbPK
kKYEoiUvGNrXIp439jkQ66OxrWeoVIqGjVS93LE7XzmiTYkCPgQTAQIAKAUCTpT0IwIbAwUJ
BaOagAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQBA8dSeydu4yFOhAAkP7PBxDyF+27
FDR933leTtMF9cYwBstr+bgcGJxG3qBRjxBeqts76ibxBQoRYlVR4rdBG0L93ELZSOGyvDHF
7UM01K5dbp4wZpOKg4CALiUiv3SZVwCGfX65lSesKgtuREBj5FyhyAdcSdqDp0hh8hplU/OK
txetExmrWSdkBIZ2y/grpgEYBEoKw1RZEuksTolRXiHuQxzpO+JZp/+wU+qF11hYJ+P+fBS/
KYXPGQKaXPXuwimZJAaeh6vifWVfRG4QGE2W/UZipnWaWXOvIkNcT70+hbB6K8VG/mUCZXNx
Ir+2/qamrpSrt1zPNQzlMCPMlarVjgzPsw0McZXShis+SBGi/SyqDaYatimntJKyi7MRoySy
nvYW7DC0MjwlM/3Sn9IETWaYPLdUqTjgz6QvD+pSnYi8U3XXbjqKuDwQAutVBQHfZZf48e4T
BtetWDkqBjjKP/9Ul3q07jY/ApsPEH6AM/w6iayQYA/UIdJISEwIUtFysiBY4tghZePGZkJ+
WqEwMlt6X95Trc70DaSxWQ2Kq/AyWyJalvqY/SdjDGRZgotjNhFxOA1TC4kh7YAQXY/nPI69
wqvVMorWw9dZ3snoqj9QRJTXKWoXVIdp3ZX2Jmo1SfZK1FUOreO1Q0YYIFp5Z7g18zo8iRuo
++95jcfWn0vwKWtX9n/LsZu0IlBhdWwgTWFja2VycmFzIDxwYXVsdXNAb3psYWJzLm9yZz6J
AiAEEAECAAoFAloCjeoDBQJ4AAoJEJ5CldYF9mzp2AEP/RCyin/5ku57CgScj6hOGiwITPQa
vyESGBQojk+BtbgLe3COMM9H2lX4qiAzV5o7QiQX6t1IM8WaiErUV7gLB5bbmQUPswac71wM
v0t2VsMCzLTxvS24/LTv3eAcIFOmjgvcYnRiZG4+0L3bxikFxpY+rL6/sDxSuR97jI6uOkii
Ydpql0ZvF2fZ3Y8B+6HtVmdmihXtgKHDQetbE/G0RDYfS98kDj+un2vWUmvrsM4JlNnV94CJ
LeXEmUTRiTaLMR0AsBDsdZWI0KCBVgaAxdZWtScTrmfe6sSFDZDhhaVVBA3foCaI/WTmAJFP
4Ez3aavQ6gZZUg1Q1KtxJFPU/jNNo+94LFEIiYyUG445Q/Ym2JI3OLn3OIjCDYt/rEIZnfaW
2S0Oj6DxkHlPRAfvakq/90nGpHm19GXq2jl7ZXILk+IgsS/E0M/BO4BkTG7l8Fe3R0R7g2Nn
ksTYRNmbm0DJuKDEjmvMLnTaVI+FoHWHFM7h+XQct/UjYuQQRS55tqk1ykuoeEfSUnBsoZg+
txJk9KU694gq6ij/qhDWySrLn6TcgM58iK7/bGjrNOYnR5dMT57nCvk1AA+RmQtAILPEB6s8
ma0Jjdn5B+Qzkl9lSsJxIRSF0B0vi6ZMP4rP2LNz3jvo71bYj1+fD4+tjmUk0AbgogFGDLvo
xed2WLbZiQIzBBMBCAAdFiEE1Byj7VswJ1z1oBsFWtJCEcBg0cgFAlq7FWcACgkQWtJCEcBg
0chISA/9HX9kkW3VXZbGBT4KSYojbFOBN7JiAyd9ENCVd7346cOxBuxe0bvQkaYFdJ9++koi
YaeNwxSdgUQoZCLX1V69FbEfIxUyyRkIufVkyPI0CFknIs7K4t5IMEpQ3+y88VymNYqAYUM8
sa3KKx1MAhK6TVWMOiJa7ePVU4y5CByAnyswqvAxjYd22Dlq8tYU2a01lvRFrGTa8w2IDVVj
y5thBrQfQV39UQLNcJ1NDHeX9CovK55Uj6Pq0E71eK03zqxxHsKOFV+bXlBwT/l5SB6WXW46
n33SpZLvFyIfXJgesNpDRSdJ9gnwq5F+dttX97cJNjqMSiKvbDQc8/HPaENddsg8IDAXfv3P
/iIc146NKZ4M3E1LcFjN8lmL2YT2O65SYaTJcZ3YnAHZ4RVOoUCgnhZlv0w25ovWWOsvxOO9
aBmdjGf/AToh6pC7NSp2Z9Ko1b0Tmkc7qhDz8hiXBZmtu72bME4jbHgSpMGAJr+lAPTA/slu
j/K1mAXqvQ5a536e1lYS/PF4ZvVoNLc+1z6woKaYa6lr0ahSsF9vK0Z6bZ7G/0kLyiOfO+nS
hvnpTjqORNT7INHfkxNQcpFzr2A/fFrnQB0ZP4dY27N7r//SRe6+tJwdUZL98MEAg01TPgzs
eAM/mIygFifS64F/nGy7vk7s+7Tm0ECaoRSYjiM25N+JAjgEEwECACIFAloCjcgCGwMGCwkI
BwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEAQPHUnsnbuMR94P/iYl4dB63Rlqv9dxUpEyTQ8e
P2J+crYTrYjS2WhPIkUW5R5Ua4CUiUYqUAf5M30hsvuV6/BoHxATQttzFtxm7QfWxijwJ84V
SpINvmtOLmgSYj77Ab+tJHXQTLoh7235Se8sZg357oCTCz/tQPVp2jIGS1OTD1antY3/PhAY
nHvGK5cV0R8Tj1FyGeHavX3Z7AclmffCSf5Grni/6YMJA6+keGApZSSQriJtpeUtVkgYuFoT
bHkwIPZSGv88jrfPYzVTqrYtmXAWVCFSq8guSt3x+aE9NOf9u8c+PB6S5MstpTJsJlCa7x+y
UCFcZ4pJekphCxf7JYwsVtAbqjkPKVVfvLWNwsBRSc5uP/z84ux4iC44VMEowrZSybbyOKWp
xc3ofCfTc8nnEC67yfZCFCNvTuJCIaXa4L7+MvkCZ1WwoARePgQprtvk3cK4kcMQpXrRQW03
+F1TkgSa4tJ/hn+st46aUGAoWUGFPcES71ISAy2Thcx5UcZkem47OAAE+BVVcpiljZH+0dnt
geCHn9FBI17rUE2yg6dmCyJ5AEQ7RaCeLmdBu+XTFLFx7a+RYm3B77uAU2N8AeGT0Y/NUlzC
Bfxy+bUb/I6LdkrXK2H5CD/mevY+tPagXkYedyjhM2VFpef0/QZjkTWTLwVaz/u385HQ8Kg8
evUNGnCZlfFXuQENBFoCjTMBCADooRUk5FTc5nL7Kc4g+qzJTlkogU7Mg74xk/vwAkPhjOHu
LNAUrcTwNPTwLND9nzfmWWctI+9deYbdue/16HjMN4+81DwfyObBJxrFzTfEpRvA0QmF2Sp/
m8LCmf+lIrAn8p8abAe9g6gPP3TzL8Ic6kEzr+R0aWUaTyIJcaNoARjdaXTCPswDH/dJump6
6xDT9EQD4n0aygZmHjnqIbbazpILLDWPEYY1wh4wmwpOCfG4cAY5F6ZeM4yMDzuuw+iSBDXG
ATSbE+apdP1B4TcUTilNSzIN/xJzfc0hdbsxPkdaearDbZHs9bJIy2qYgsjEJkARcoguTUu2
w1BCzXp7ABEBAAGJAz4EGAECAAkFAloCjTMCGwIBKQkQBA8dSeydu4zAXSAEGQECAAYFAloC
jTMACgkQnZrqdyxjcZ93IQf/cIGz0nxb7KwlEmRbFkURxfZk8wlAIWFC2l9aSd2f7kkAkKQx
tqjbwGVlOMAJCH1JTK+DMrVXxvlybpZ+DqwcNucSg9Dpbva/5Mp/6APfeh8+cV3iCi//GmvV
saYkBiQ7nFN94bXFlsB2x/l21MzSwgz6g+evmfnV/62oz0eH+MqLslZflszN+GNnUvNTWykJ
a4SqLMlD3+evEvo0OlTgHBneV7tVoNRLCVOl447kV7vZaEO3ac/WNkMSB6ATYo7ncLgQjlPt
Uxobm22OArEugeZcF6PD+VpMjmeicOsdWYDRGYdTMK5bMvlBSIyLYQnhSWLMxdiL/EnL8zhF
JjRB6zr9D/92agQjOOI299UP8TYyOwVumBJWTS+21vLGCIsBzoWl0+F6aIxJkFKdsErh1uxh
w1c/+6rpiFekQQw/H9sq2Y791Vou0l9IrWjGg9B84vqcvRvf7H+dYIZZ0MNHv3exfY9B2WNS
atmXAYE6Nmzl2d1wTURLm0zaBZwrB0M0V2zAIRG5VX4KikKJDyUxhlvxyuct6b4uKE8LK5MM
Q7qQFmaIOntOId3wK3rUBfvtuX5k758XrXT9tU/kim7bO6EJ7213xbBnxouEzMBsJMcxYnyD
wKNcEX6e//1e6eriB2/q/7V8Yk5x8f1I4kqNDFj7e7snBpfD+rjJGYTWXpfl+sEojepNPseA
Usg26lK1qI345/mNR+mDjE01YWIGfk996C1c2jMdwTjkQLxUMpdt8z6iYNX6uG/PLOSSAiKO
uX2t92VBOpWWfb15mJvv4s5tE7d32ApsE0kYv2cPWp1P3ud4myRfL7ILRVK2geBM53uJuD8K
S18vkmCh5KKInE5cex+azOEv5z+s6mskG3X/72LqMq1e9Z9p9I2szaP+sposYZOyhZbww2IT
1C2N/XqW4fFlqysMY3LhU8IKugk98cwvpkDd+JAXR7CnXANsbvU48yT6ulqCb5MvSnB6C+KF
k4nia8GhRgZk4hSdA0weG83A8lNUl18N8rB8bFNKxYOwl7kCDQROlPQjARAA1TGT4F0VqvmU
7tKxxhSmaIQPhr8dF/SmM36duFUUHFispChuujLVb/JcCDvnuLPi/vDcH9S1oZ6ZNs5pWP6a
ATJlyQv1LuNlzw7RDn4krWCruC9lf3rUZfSHmI98mnwKz2lU4HuVqh4cacq+Dl2bTbHOvbyE
rzkdISPsWhXZcHzrHxOafkaiJhAMh+3RnFi5pzKq7YP6SXud4z+iF98pAGc7fbpyMpM0U0q2
Js5BugYfo2BaXo5x3EOld3fgNkZfxxSQ+qr6USRr0X2MerI+TT+QbbmYEqI9fY9xx5ofAM4P
vIKxhIUNgEFDXL3y1KFw9IaX2FiDMfyjYf7JN6bxtTYeALK1wGirCgEl2Vslx/8EBEs5ZvWm
szg3+/SrE076Pj/kGHza/NTy25/zrkC4izqr+k/ieL/23mj/zf2nusk/cDBvRxmjteon+IDZ
RNT/7ZDdUI/JEx8vfSOPrVxlQGi+hGVMJcAyDMMOle7BZHjDkooZ0uZi88X0Bhr0fOXhhLCM
p/I2e5FV5eEWebO4Oyrom2OxPTdm+ZKz2iWdtZqM8XtVAz/bizuMdPnAGjEK8k5XkbXgJ6n3
K7vg7MuTN5bMy8cq1boRZ29/v8jv1LdoMkeIrOrBx7aGTOaWq31dmMguGV+Nn0pQ86UZxJgE
cpt4Z8ucJ1yIU1tbfK7u280AEQEAAYkCHwQYAQIACQIbDAUCWgKLqQAKCRAEDx1J7J27jCN+
EACO1ypZQ+JIajDyXAKAQ4aawJNV50ywJGSrNa6CdP8iDnA4LhUGEdg8QLBdhu5XaB//hLtz
AVarEbtiSGHflUu352kANtUjj39AWK2088K6gRmwRpn3lABD6oBrx09jRZ/jG+KqswRWOjht
m2O+dIzBW2ihDBajvHIXL1Nv7qGw5dlg9vP+l95PE7cYZUP8c50cnLZY2Y31nOkModj/diWK
lMc1pge93TJEsSsfNctngqQP1L9IM1slqBzZZgtRSFaXkRU45lBPzEE9AN8St2PV1Dp7a7Zv
VXu7JgCbSKvV3j2Gf7xLSj5m+spCG3B2glrybRIHP97psMMzHS4QmblLynNa0Hszx8eTStDP
Jd6IhSGvFebwWHCHF3jj/nCXj2ePqcAMPJexz321+H/h0fKSJGdpa1bURIR+wkvjDllW7ehD
xndxj7MuyDAbwSdb4bxqZw2hu/V6HxhBeIUGKz4LvrNyCSpdn2qF2i4pYRJuBCWfa3EMLhmz
xsvwP4blstQjbJMFqRqZIoww3zYxbbIlT5VqNuwyRKlucsdzYDoi+i6+1Uooh6cp1D68Ogyu
9dZ2hcb+mLUlcbLuWB8rtZRsYcB0fAzya90l/FPSaErv0qsnQedyTRwT63n2DjPJvCER/BYc
2a6VdgvUNvL3/OFOw1hrBtnF4yca7Z1x64+qV4kCJQQYAQIADwUCTpT0IwIbDAUJBaOagAAK
CRAEDx1J7J27jHMvD/9lR0h+Y6D5IyjVczbVqZP01nUekJ3Ii3UckW4Y/QalQLtv8q903dYb
HAKey3nzLQF1h2KfeGKoSOQeDzxbUDxxQPcB6y2AYpgy3rHQ+19CBzgsvlyWcuDhVuT3/olk
zm5/5w6lFShhU68s6tlMUxfP8bYYqGmyRBrDS5Jg44otOH7gisqbhAb5bpb48loaKwOYVAvw
l2VdcG3+JK/k8JBKStESB0njIyrW1qxJdftNdHS2Ts5aoSBa+ZOPiyIqAa4VW6uJ9xOSFGdW
B4rnGfB7h/VlsKvsLPtQy7D8lajN07RDYTel6vWK31/4ub/BUKjRdbfLaSi1FFBjo5DGWJoo
ZQDUARaxDGQixCcNuIYoF4Xu+8ZNbzRo7wBgmQTWeFxKPJYnmIL/ECgvvZNuDhMQq41nlE42
FjAY6h7OYIKOEB6xyaTXdNMxR0Nnr/ce6l83OyGJDpujFJAJB+nAgd0pv+RrHqzbdlhq57y2
mtD+451i1EhsrN8RXwmB7gdrJelEc65b87BL2idoqtLDGNX4lipps5saiJK954FdGzr+5BRd
ihsTKNHc074oaGFgYe/puE/nbQ31JKN8Pzo97fVYc2nYKnWUMCEYp4YgspwZd9Jm3a1Aw1WK
NkSoM6+BtqWOLSp7mBCCGGsV0OwXfdqlBGcv2KVfvNLcg18mY4sniQ==
=lvBd
-----END PGP PUBLIC KEY BLOCK-----

7
ppp.pamd Normal file
View File

@ -0,0 +1,7 @@
#%PAM-1.0
auth required pam_nologin.so
auth include common-auth
account include common-account
password include common-password
session optional pam_keyinit.so revoke
session include common-session

215
ppp.spec Normal file
View File

@ -0,0 +1,215 @@
#
# spec file for package ppp
#
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define _group dialout
Name: ppp
Version: 2.4.9
Release: 0
Summary: The Point to Point Protocol for Linux
License: BSD-3-Clause AND LGPL-2.1-or-later AND GPL-2.0-or-later
Group: Productivity/Networking/PPP
URL: https://ppp.samba.org
Source0: https://download.samba.org/pub/ppp/ppp-%{version}.tar.gz
Source1: https://download.samba.org/pub/ppp/ppp-%{version}.tar.gz.asc
# templates for secrets
Source2: pap-secrets.template
Source3: chap-secrets.template
# config for pam
Source4: ppp.pamd
# options and filters files
Source5: options
Source6: filters
# several peers file
Source7: modem-peers
Source8: pppoe-peers
Source9: pppoe-rp-peers
Source10: pppoatm-peers
Source11: ppp-peers
Source12: pptp-peers
Source13: pppoe-discovery.8.gz
# modem files
Source14: modem.chat
Source15: modem@.service
Source16: modem.rules
# https://www.kernel.org/doc/wot/paulus.html
Source17: %{name}.keyring
# PATCH-FEATURE-OPENSUSE ppp-smpppd.patch -- Add more log output for smpppd (move from debug to info log)
Patch0: ppp-smpppd.patch
# PATCH-FIX-OPENSUSE ppp-pie.patch -- Build position independent code
Patch1: ppp-pie.patch
# PATCH-FIX-OPENSUSE ppp-lib64.patch -- Install into lib64 on 64bit systems
Patch2: ppp-lib64.patch
# PATCH-FIX-UPSTREAM ppp-var_run_resolv_conf.patch -- Move resolv.conf to /var/run
Patch3: ppp-var_run_resolv_conf.patch
# PATCH-FIX-UPSTREAM ppp-fix-bashisms.patch -- Remove bashism from posix shell interpreted script https://github.com/ppp-project/ppp/issues/348
Patch4: ppp-fix-bashisms.patch
# PATCH-FIX-UPSTREAM ppp-fork-fix.patch -- fix safe_fork to not close needed file descriptors
Patch5: ppp-fork-fix.patch
# misc tiny stuff
Patch6: ppp-misc.patch
# PATCH-FIX-UPSTREAM ppp-fork-fix.patch -- fix E: executable-stack (Badness: 10000) /usr/sbin/pppd
Patch7: ppp-compiling-with-clang-encounters-an-error-in-eap-tls..patch
# Of cause any other compatible libc would work, like musl, but 2.24 required for SOL_NETLINK
BuildRequires: glibc-devel >= 2.24
BuildRequires: libpcap-devel
BuildRequires: linux-atm-devel
BuildRequires: openssl-devel
BuildRequires: pam-devel
Requires: group(%{_group})
Requires(pre): group(%{_group})
%description
The ppp package contains the PPP (Point-to-Point Protocol) daemon,
pppd, additional PPP utilities, documentation, and sample files. PPP
provides a method for transmitting IP and IPX datagrams over serial
point-to-point links, for example over a modem. The PPP daemon handles
the details of setting up a PPP link including configuring the network
interface and performing the PPP negotiations.
%package devel
Summary: Header Files Required for Developing Plugins for pppd
Group: Development/Libraries/C and C++
Requires: ppp = %{version}
%description devel
The package ppp-devel contains C header files required for developing
plugins for the pppd.
%package modem
Summary: Automatic redial for any USB modem supported by the kernel
Group: System/Kernel
Requires: ppp
Requires: udev
Requires: group(dialout)
BuildArch: noarch
%description modem
This package contains peer, chat script, systemd unit and udev rule for
automatic redial when connecting any USB modem supported by the kernel.
For disable automatic redial (by default enabled for all), run
sudo systemctl mask modem@0.service
For enable again automatic redial, run
sudo systemctl unmask modem@0.service
"0" after "@" is the serial number of the modem, if you have more than one,
you can disable unnecessary or disable everything.
%prep
%setup -q
%patch0
%patch1 -p1
%patch3 -p1
%patch4 -p1
%patch5
%patch6
%patch7 -p1
%if "%{_lib}" == "lib64"
%patch2 -p1
%endif
sed -i -e '1s/local\///' scripts/secure-card
find scripts -type f | xargs chmod a-x
find -type f -name '*.orig' | xargs rm -f
# Have to patch this in the Makefile, because setting it on the make
# command line only is not enough.
sed -i '/#HAVE_LIBATM/s/#//' pppd/plugins/pppoatm/Makefile.linux
%build
%configure --cflags "%{optflags} -fno-strict-aliasing -fPIC $SP"
%make_build CHAPMS=y CBCP=y HAS_SHADOW=y USE_PAM=y FILTER=y HAVE_INET6=y HAVE_LOGWTMP=y
%install
make install DESTDIR=%{buildroot}%{_prefix}
install -dm 750 %{buildroot}%{_sysconfdir}/ppp
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/ppp/options
install -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/ppp/filters
install -m 600 %{SOURCE2} %{buildroot}%{_sysconfdir}/ppp/pap-secrets
install -m 600 %{SOURCE3} %{buildroot}%{_sysconfdir}/ppp/chap-secrets
install -d 755 %{buildroot}%{_sysconfdir}/ppp/peers
install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/ppp/peers/modem
install -m 644 %{SOURCE8} %{buildroot}%{_sysconfdir}/ppp/peers/pppoe
install -m 644 %{SOURCE9} %{buildroot}%{_sysconfdir}/ppp/peers/pppoe-rp
%ifnarch mips s390 s390x
install -m 644 %{SOURCE10} %{buildroot}%{_sysconfdir}/ppp/peers/pppoatm
%endif
install -m 644 %{SOURCE11} %{buildroot}%{_sysconfdir}/ppp/peers/ppp
install -m 644 %{SOURCE12} %{buildroot}%{_sysconfdir}/ppp/peers/pptp
%if 0%{?suse_version} > 1500
install -d 755 %{buildroot}%{_pam_vendordir}
install -m 644 %{SOURCE4} %{buildroot}%{_pam_vendordir}/ppp
%else
install -d 755 %{buildroot}%{_sysconfdir}/pam.d
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/ppp
%endif
install -m 644 %{SOURCE13} %{buildroot}%{_mandir}/man8/pppoe-discovery.8.gz
install -Dm 644 %{SOURCE14} %{buildroot}%{_sysconfdir}/ppp/chatscripts/modem.chat
install -Dm 644 %{SOURCE15} %{buildroot}%{_unitdir}/modem@.service
install -Dm 644 %{SOURCE16} %{buildroot}%{_udevrulesdir}/90-modem.rules
%if 0%{?suse_version} > 1500
%pre
# Prepare for migration to /usr/etc; save any old .rpmsave
for i in pam.d/ppp ; do
test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i}.rpmsave.old ||:
done
%posttrans
# Migration to /usr/etc, restore just created .rpmsave
for i in pam.d/ppp ; do
test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i} ||:
done
%endif
%files
%attr(0750,root,root) %dir %{_sysconfdir}/ppp
%dir %{_sysconfdir}/ppp/peers
%config(noreplace) %{_sysconfdir}/ppp/options
%config(noreplace) %{_sysconfdir}/ppp/filters
%config(noreplace) %{_sysconfdir}/ppp/pap-secrets
%config(noreplace) %{_sysconfdir}/ppp/chap-secrets
%config(noreplace) %{_sysconfdir}/ppp/peers/p*
%if 0%{?suse_version} > 1500
%{_pam_vendordir}/ppp
%else
%config(noreplace) %{_sysconfdir}/pam.d/ppp
%endif
%doc FAQ README* SETUP scripts PLUGINS
%{_mandir}/man?/*.?%{ext_man}
%attr(-,root,%{_group}) %{_sbindir}/pppd
%{_sbindir}/chat
%{_sbindir}/pppdump
%{_sbindir}/pppstats
%{_sbindir}/pppoe-discovery
%dir %{_libdir}/pppd
%dir %{_libdir}/pppd/%{version}
%attr(0755,root,root) %{_libdir}/pppd/%{version}/*.so
%files devel
%{_includedir}/pppd
%files modem
%dir %{_sysconfdir}/ppp/peers
%config(noreplace) %{_sysconfdir}/ppp/peers/modem
%dir %{_sysconfdir}/ppp/chatscripts
%config(noreplace) %{_sysconfdir}/ppp/chatscripts/modem.chat
%{_unitdir}/modem@.service
%dir %{_udevrulesdir}
%{_udevrulesdir}/90-modem.rules
%changelog

11
pppoatm-peers Normal file
View File

@ -0,0 +1,11 @@
#
# PPP over ATM options
#
plugin pppoatm.so
#
# Plugin passwordfd enables us to pipe the password to pppd, thus we
# don't have to put it into pap-secrets and chap-secrets.
#
plugin passwordfd.so
#
noauth

BIN
pppoe-discovery.8.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

19
pppoe-peers Normal file
View File

@ -0,0 +1,19 @@
#
# PPP over Ethernet options (using roaring pinguin plugin)
#
plugin rp-pppoe.so
#
# Plugin passwordfd enables us to pipe the password to pppd, thus we
# don't have to put it into pap-secrets and chap-secrets.
#
plugin passwordfd.so
#
noauth
# pppoe has a lower mtu/mru
mtu 1492
mru 1492
# switch off all compressions (this is a must)
nopcomp
# this is recommended
novjccomp
noccp

17
pppoe-rp-peers Normal file
View File

@ -0,0 +1,17 @@
#
# PPP over Ethernet options (using roaring pinguin external program)
#
# Plugin passwordfd enables us to pipe the password to pppd, thus we
# don't have to put it into pap-secrets and chap-secrets.
#
plugin passwordfd.so
#
noauth
# pppoe has a lower mtu/mru
mtu 1492
mru 1492
# switch off all compressions (this is a must)
nopcomp
# this is recommended
novjccomp
noccp

15
pptp-peers Normal file
View File

@ -0,0 +1,15 @@
#
# PPTP options
#
# Plugin passwordfd enables us to pipe the password to pppd, thus we
# don't have to put it into pap-secrets and chap-secrets.
#
plugin passwordfd.so
#
noauth
linkname adsl
nocrtscts
local
# switch off all compressions (this is a must)
noaccomp
nopcomp