From 473419fb537b5b2d5b3f1f6dc39a692b6e9547ecd03f7e6f92d8ae6d0f1ce709 Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Wed, 19 Feb 2025 13:38:28 +0000 Subject: [PATCH] - Update to version 2.5.2: * Some old and probably unused code has been removed, notably the pppgetpass program and the passprompt plugin, and some of the files in the sample and scripts directories. * If a remote number has been set, it is available to scripts in the REMOTENUMBER environment variable. * Various other bug fixes and minor enhancements. - Obsoleted patches: * ppp-fix-bashisms.patch - Update to version 2.5.1: * Pppd can now measure and log the round-trip time (RTT) of LCP echo-requests and record them in a binary file structured as a circular buffer. Other programs or scripts can examine the file and provide real-time statistics on link latency. This is enabled by a new "lcp-rtt-file" option. * New scripts net-init, net-pre-up and net-down are executed in the process of bringing the network interface up and down. They provide additional, more deterministic ways for pppd to interact with the rest of the networking configuration. * New options have been added to allow the system administrator to set the location of various scripts and secrets files. * A new "noresolvconf" option tells pppd not to write the /etc/ppp/resolv.conf file; DNS server addresses, if obtained from the peer, are still passed to scripts in the environment. * Pppd will now create the directory for the TDB connection database if it doesn't already exist. - Obsoleted patches: * ppp-mkdir-run.patch * ppp-pidfiles.patch OBS-URL: https://build.opensuse.org/package/show/network/ppp?expand=0&rev=86 --- .gitattributes | 23 + .gitignore | 1 + chap-secrets.template | 18 + filters | 14 + modem-peers | 18 + modem.chat | 19 + modem.rules | 1 + modem@.service | 12 + options | 198 ++++++ pap-secrets.template | 33 + ppp-2.5.0.tar.gz | 3 + ppp-2.5.0.tar.gz.asc | 11 + ppp-2.5.2.tar.gz | 3 + ppp-2.5.2.tar.gz.asc | 11 + ppp-fix-bashisms.patch | 29 + ppp-fork-fix.patch | 91 +++ ppp-misc.patch | 45 ++ ppp-mkdir-run.patch | 453 +++++++++++++ ppp-peers | 9 + ppp-pidfiles.patch | 34 + ppp-smpppd.patch | 13 + ppp-var_run_resolv_conf.patch | 74 +++ ppp.changes | 1132 +++++++++++++++++++++++++++++++++ ppp.keyring | 157 +++++ ppp.pamd | 7 + ppp.spec | 200 ++++++ pppoatm-peers | 11 + pppoe-peers | 19 + pppoe-rp-peers | 17 + pptp-peers | 15 + 30 files changed, 2671 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 chap-secrets.template create mode 100644 filters create mode 100644 modem-peers create mode 100644 modem.chat create mode 100644 modem.rules create mode 100644 modem@.service create mode 100644 options create mode 100644 pap-secrets.template create mode 100644 ppp-2.5.0.tar.gz create mode 100644 ppp-2.5.0.tar.gz.asc create mode 100644 ppp-2.5.2.tar.gz create mode 100644 ppp-2.5.2.tar.gz.asc create mode 100644 ppp-fix-bashisms.patch create mode 100644 ppp-fork-fix.patch create mode 100644 ppp-misc.patch create mode 100644 ppp-mkdir-run.patch create mode 100644 ppp-peers create mode 100644 ppp-pidfiles.patch create mode 100644 ppp-smpppd.patch create mode 100644 ppp-var_run_resolv_conf.patch create mode 100644 ppp.changes create mode 100644 ppp.keyring create mode 100644 ppp.pamd create mode 100644 ppp.spec create mode 100644 pppoatm-peers create mode 100644 pppoe-peers create mode 100644 pppoe-rp-peers create mode 100644 pptp-peers diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/chap-secrets.template b/chap-secrets.template new file mode 100644 index 0000000..fa4eafa --- /dev/null +++ b/chap-secrets.template @@ -0,0 +1,18 @@ +# Secrets for authentication using CHAP +# client server secret IP addresses + +# OUTBOUND CONNECTIONS +# Here you should add your PPP Login and PPP password to connect to your +# provider via pap. The * means that the entry(login and passoword may be +# used for ANY host you connect to. +# Thus you do not have to worry about the foreign machine name. Just +# replace password with your password. +#hostname * password + +# PREDIFINED CONNECTIONS +# These are user and password entries for publically accessible call-by-call +# Internet providers in Germany. If they confict with your config, remove them. +# READ_IN_CALLBYCALL_SECRETS + +# INBOUND CONNECTIONS +#client hostname 192.168.1.1 diff --git a/filters b/filters new file mode 100644 index 0000000..bce56a0 --- /dev/null +++ b/filters @@ -0,0 +1,14 @@ +# +# These filter rules should prevent unwanted internet services to +# keep your connections up by ignoring their connection requests +# and your 'go way' responses. +# +# This file should be included by the line 'file /etc/ppp/filters' in +# /etc/ppp/options. +# +# Note: This has nothing to do with firewall rules. It only affects +# the idle time calculation of the kernel/pppd. +# + +active-filter 'outbound and not icmp[0] == 3 and not tcp[13] & 4 != 0' + diff --git a/modem-peers b/modem-peers new file mode 100644 index 0000000..9233655 --- /dev/null +++ b/modem-peers @@ -0,0 +1,18 @@ +460800 +defaultroute +usepeerdns +crtscts +lock +noauth +local +persist +modem +nopcomp +novjccomp +nobsdcomp +nodeflate +noaccomp +ipcp-accept-local +ipcp-accept-remote +noipdefault +connect "/usr/sbin/chat -t10 -f /etc/ppp/chatscripts/modem.chat" diff --git a/modem.chat b/modem.chat new file mode 100644 index 0000000..a71e22f --- /dev/null +++ b/modem.chat @@ -0,0 +1,19 @@ +ABORT 'BUSY' +ABORT 'NO CARRIER' +ABORT 'VOICE' +ABORT 'NO DIALTONE' +ABORT 'NO DIAL TONE' +ABORT 'NO ANSWER' +ABORT 'DELAYED' +REPORT CONNECT +TIMEOUT 5 +'' 'ATQ0' +'OK-AT-OK' 'ATZ' +TIMEOUT 3 +'OK-AT-OK' 'ATI' +'OK' 'ATZ' +'OK' 'ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0' +'OK' 'AT\^SYSCFG=2,2,3fffffff,0,1' +'OK-AT-OK' 'AT+CGDCONT=1,"IP","internet.mts.ru"' +'OK' 'ATDT*99#' +CONNECT diff --git a/modem.rules b/modem.rules new file mode 100644 index 0000000..dcf1a90 --- /dev/null +++ b/modem.rules @@ -0,0 +1 @@ +KERNEL=="ttyACM[0-9]*", TAG+="systemd", ENV{SYSTEMD_WANTS}="modem@%n.service" diff --git a/modem@.service b/modem@.service new file mode 100644 index 0000000..5da53ab --- /dev/null +++ b/modem@.service @@ -0,0 +1,12 @@ +[Unit] +Description=Modem /dev/ttyACM%i +BindsTo=dev-ttyACM%i.device +After=dev-ttyACM%i.device +Before=network.target + +[Service] +Group=dialout +ExecStart=/usr/sbin/pppd call modem /dev/ttyACM%i + +[Install] +WantedBy=multi-user.target diff --git a/options b/options new file mode 100644 index 0000000..0e175c8 --- /dev/null +++ b/options @@ -0,0 +1,198 @@ +# /etc/ppp/options +# +# Not every option is listed here, see man pppd for more details. This file +# is read by the pppd, it is an error when it is not present. +# +# Use the following command to see the active options: +# grep -v ^# /etc/ppp/options | grep -v ^$ +# + +# The name of this server. Often, the FQDN is used here. +#name + +# Enforce the use of the hostname as the name of the local system for +# authentication purposes (overrides the name option). +#usehostname + +# If no local IP address is given, pppd will use the first IP address +# that belongs to the local hostname. If "noipdefault" is given, this +# is disabled and the peer will have to supply an IP address. +noipdefault + +# With this option, pppd will accept the peer's idea of our local IP +# address, even if the local IP address was specified in an option. +#ipcp-accept-local + +# With this option, pppd will accept the peer's idea of its (remote) IP +# address, even if the remote IP address was specified in an option. +#ipcp-accept-remote + +# Run the executable or shell command specified after pppd has terminated +# the link. This script could, for example, issue commands to the modem +# to cause it to hang up if hardware modem control signals were not +# available. +# If mgetty is running, it will reset the modem anyway. So there is no need +# to do it here. +#disconnect "chat -- \d+++\d\c OK ath0 OK" + +# Increase debugging level (same as -d). The debug output is written +# to syslog LOG_LOCAL2. +#debug + +# Enable debugging code in the kernel-level PPP driver. The argument n +# is a number which is the sum of the following values: 1 to enable +# general debug messages, 2 to request that the contents of received +# packets be printed, and 4 to request that the contents of transmitted +# packets be printed. +#kdebug n + +# noauth means do not require the peer to authenticate itself, this must +# be set if you want to use pppd to connect to the internet. In this case +# *you* must authenicate yourself to the peer(internet provider), so do +# not disable this setting unless you are the dial-in server which where +# the peer has to autenticate to. +noauth + +# Use hardware flow control (i.e. RTS/CTS) to control the flow of data +# on the serial port. +crtscts + +# Specifies that pppd should use a UUCP-style lock on the serial device +# to ensure exclusive access to the device. +lock + +# Use the modem control lines.(is default) +modem +# The opposite: local +# +# Description: +# Don't use the modem control lines. With this option, pppd will ignore the +# state of the CD (Carrier Detect) signal from the modem and will not change +# the state of the DTR (Data Terminal Ready) signal. +# +# You need to disable modem and enable local if you want to connect to anoter +# system without using a modem: +#local + +# async character map -- 32-bit hex; each bit is a character +# that needs to be escaped for pppd to receive it. 0x00000001 +# represents '\x01', and 0x80000000 represents '\x1f'. +# To allow pppd to work over a rlogin/telnet connection, ou should escape +# XON (^Q), XOFF (^S) and ^]: (The peer should use "escape ff".) +#asyncmap 200a0000 +asyncmap 0 + +# needed for some ISDN Terminaladaters, namely ELSA, those seem to have +# problems with asyncmap negotiation, so you can turn off this procedure +# in case your ISDN box has trouble with it, by enabling this option. +# You have to disable the asyncmap option to be sure to have it +# active. If you use wvdial, set the ISDN parameter in /etc/wvdial.conf +# instead. +#default-asyncmap + +# Set the MRU [Maximum Receive Unit] value to for negotiation. pppd +# will ask the peer to send packets of no more than bytes. The +# minimum MRU value is 128. The default MRU value is 1500. A value of +# 296 is recommended for slow links (40 bytes for TCP/IP header + 256 +# bytes of data). The value 1492 is for DSL connections (PPP Default - +# PPPoE Header: 1500 - 8 = 1492) +# mru 1492 + +# Set the MTU [Maximum Transmit Unit] value to . Unless the peer +# requests a smaller value via MRU negotiation, pppd will request that +# the kernel networking code send data packets of no more than n bytes +# through the PPP network interface. The value 1492 is for DSL connections +# (PPP Default - PPPoE Header: 1500 - 8 = 1492) +# mtu 1492 + +# Set the interface netmask to , a 32 bit netmask in "decimal dot" +# notation (e.g. 255.255.255.0). +#netmask 255.255.255.0 + +# Don't fork to become a background process (otherwise pppd will do so +# if a serial device is specified). +nodetach + +# If this option is given, pppd will send an LCP echo-request frame to +# the peer every n seconds. Normally the peer should respond to the +# echo-request by sending an echo-reply. This option can be used with +# the lcp-echo-failure option to detect that the peer is no longer +# connected. +lcp-echo-interval 30 + +# If this option is given, pppd will presume the peer to be dead if n +# LCP echo-requests are sent without receiving a valid LCP echo-reply. +# If this happens, pppd will terminate the connection. Use of this +# option requires a non-zero value for the lcp-echo-interval parameter. +# This option can be used to enable pppd to terminate after the physical +# connection has been broken (e.g., the modem has hung up) in +# situations where no hardware modem control lines are available. +lcp-echo-failure 4 + +# Send up to 60 LCP configure-request during negotiation. With a value +# of 2 for lcp-restart below, this might take up to 2 minutes. +lcp-max-configure 60 + +# Resend unanswered LCP requests after 2 seconds. +lcp-restart 2 + +# Specifies that pppd should disconnect if the link is idle for n seconds. +idle 600 + +# Specifies the maximal number of attempts to connect to the server. This +# is useful for dial on demand. Default value is 10. +#maxfail 3 + +# Disable the IPXCP and IPX protocols. +noipx + +# In the file /etc/ppp/filters are some active-filter rules. See man pppd +# and man tcpdump for more informations. +file /etc/ppp/filters + +#------------------------------------------------------------------------- +# The next two options are only interesting for you if you are admin of +# a system with other users that use ppp, and those users are normally +# never allowed to add default route, or you do not want users to +# replace the default route. +#------------------------------------------------------------------------- + +# enable this to prevent users from attempting to add a default route. +# Use this option with caution: If the user needs to use a program like +# wvdial, he will not be able to connect because wvdial forces defaulroute +# but this is rejected by this option and the user will not be able to +# connect to the internet. +#nodefaultroute + +# enable this to prevent users from replacing an existing default route. +#noreplacedefaultroute + +#------------------------------------------------------------------------- +# All options below only make sense if you configure pppd to be a dial-in +# server, so don't touch these if you want dial into your provider with +# PPP! +#------------------------------------------------------------------------- + +# Set the assumed name of the remote system for authentication purposes +# to . +#remotename + +# Add an entry to this system's ARP [Address Resolution Protocol] +# table with the IP address of the peer and the Ethernet address of this +# system. {proxyarp,noproxyarp} +#proxyarp + +# Use the system password database for authenticating the peer using +# PAP. Note: mgetty already provides this option. If this is specified +# then dialin from users using a script under Linux to fire up ppp wont work. +#login + +# Specify which DNS Servers the incoming Win95 or WinNT Connection should use +# Two Servers can be remotely configured +#ms-dns 192.168.1.1 +#ms-dns 192.168.1.2 + +# Specify which WINS Servers the incoming connection Win95 or WinNT should use +#ms-wins 192.168.1.50 +#ms-wins 192.168.1.51 + diff --git a/pap-secrets.template b/pap-secrets.template new file mode 100644 index 0000000..764ff58 --- /dev/null +++ b/pap-secrets.template @@ -0,0 +1,33 @@ +# Secrets for authentication using PAP +# client server secret IP addresses + +# OUTBOUND CONNECTIONS +# Here you should add your PPP Login and PPP password to connect to your +# provider via pap. The * means that the entry(login and passoword may be +# used for ANY host you connect to. +# Thus you do not have to worry about the foreign machine name. Just +# replace password with your password. +#hostname * password + +# PREDIFINED CONNECTIONS +# These are user and password entries for publically accessible call-by-call +# Internet providers in Germany. If they confict with your config, remove them. +# READ_IN_CALLBYCALL_SECRETS + +# INBOUND CONNECTIONS +#client hostname 192.168.1.1 + +# If you add "auth login -chap +pap" to /etc/mgetty+sendfax/login.config, +# all users in /etc/passwd can use their password for pap-authentication. +# +# Every regular user can use PPP and has to use passwords from /etc/passwd +#* hostname "" +# UserIDs that cannot use PPP at all. Check your /etc/passwd and add any +# other accounts that should not be able to use pppd! Replace hostname +# with your local hostname. +#guest hostname "*" - +#master hostname "*" - +#root hostname "*" - +#support hostname "*" - +#stats hostname "*" - + diff --git a/ppp-2.5.0.tar.gz b/ppp-2.5.0.tar.gz new file mode 100644 index 0000000..1e20095 --- /dev/null +++ b/ppp-2.5.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5cae0e8075f8a1755f16ca290eb44e6b3545d3f292af4da65ecffe897de636ff +size 1170057 diff --git a/ppp-2.5.0.tar.gz.asc b/ppp-2.5.0.tar.gz.asc new file mode 100644 index 0000000..8062444 --- /dev/null +++ b/ppp-2.5.0.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQFGBAABCAAwFiEEv0VLfXa2m9eKuaRpnZrqdyxjcZ8FAmQrvoQSHHBhdWx1c0Bv +emxhYnMub3JnAAoJEJ2a6ncsY3Gfx+YH/3DJdp8pCZDaONwBADpWc9ttGAusH3k6 +fsOntaWKumy5HyJIF7h/ArDvYiAUeO3rgSckZS9o94u3OfkDxP4uf9AnGWBPzCir +CAwUes6JIP23IHAI5uLnSqo72lGtsRNbh95H8PALobKGN/Im+CTi2j6FIx+Nnf2f +6GRSJuw+OSRDzp+rJb1osAoUyuMnRpogXuQAAAeKJAHFDC+98vInQhDmwcu7wNWP +rhR1PrviW8nIsikwRQQptCQNC35DVI3IYUg3L1o8Y2LU1ofF3gYtX7lDF7IthqLM +pUPy+ddE8AsOiHOnKKIxzH9YFy9/xABQmtFLRJDAT24BHe1BCTyqniI= +=4tVk +-----END PGP SIGNATURE----- diff --git a/ppp-2.5.2.tar.gz b/ppp-2.5.2.tar.gz new file mode 100644 index 0000000..f88335b --- /dev/null +++ b/ppp-2.5.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:47da358de54a10cb10bf6ff2cf9b1c03c0d3555518f6182e8f701b8e55733cb2 +size 973132 diff --git a/ppp-2.5.2.tar.gz.asc b/ppp-2.5.2.tar.gz.asc new file mode 100644 index 0000000..b1f6d75 --- /dev/null +++ b/ppp-2.5.2.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCAAdFiEEv0VLfXa2m9eKuaRpnZrqdyxjcZ8FAmdze4gACgkQnZrqdyxj +cZ+crgf+IA+VDraa4/0+cnlvI/meqgia/K9nQG9JXt7cLouqNqwJyNV4j5RO8WxO +x/iI2l7UMTMxYs3iRgm7GJwUTlt5m7jtV3pR9h1Vpu1Zco4POmCsL5dB8GLA4F2l +AYvSTiK68rVCFsBurlqvL1ZTvXVHScKKFSbn8YjFHMJ5i3UHyCElaK2H2Bhpzqtx +8+t4yaI0+N+M7xwiT+CZym+xWi02uhZS+dSUmHpMrEL7zQKEQE83aVY9sazo9Q4Y +gKJ/TwTDnZQ/QqXraY7LlOSKxrzRQ3KyW6bJJlCE2sM3vW7TXXlYsy7OyLZmYAm5 +oJoo4hC03pxz6ycIqSPMax/A0BUfTA== +=5RCg +-----END PGP SIGNATURE----- diff --git a/ppp-fix-bashisms.patch b/ppp-fix-bashisms.patch new file mode 100644 index 0000000..1d2a2c1 --- /dev/null +++ b/ppp-fix-bashisms.patch @@ -0,0 +1,29 @@ +--- scripts/redialer.orig ++++ scripts/redialer +@@ -31,7 +31,7 @@ PASSWORD=my_password + # Function to initialize the modem and ensure that it is in command + # state. This may not be needed, but it doesn't hurt. + # +-function initialize ++initialize() + { + chat -v TIMEOUT 3 '' AT 'OK-+++\c-OK' + return +@@ -41,7 +41,7 @@ function initialize + # + # Script to dial a telephone + # +-function callnumber ++callnumber() + { + chat -v \ + ABORT '\nBUSY\r' \ +@@ -66,7 +66,7 @@ chat -v \ + # + # Script to dial any telephone number + # +-function callall ++callall() + { + # echo "dialing attempt number: $1" >/dev/console + callnumber $PHONE1 diff --git a/ppp-fork-fix.patch b/ppp-fork-fix.patch new file mode 100644 index 0000000..911c54a --- /dev/null +++ b/ppp-fork-fix.patch @@ -0,0 +1,91 @@ +--- pppd/main.c.orig ++++ pppd/main.c +@@ -1632,14 +1632,6 @@ ppp_safe_fork(int infd, int outfd, int e + int fd, pipefd[2]; + char buf[1]; + +- /* make sure fds 0, 1, 2 are occupied (probably not necessary) */ +- while ((fd = dup(fd_devnull)) >= 0) { +- if (fd > 2) { +- close(fd); +- break; +- } +- } +- + if (pipe(pipefd) == -1) + pipefd[0] = pipefd[1] = -1; + pid = fork(); +@@ -1663,25 +1655,31 @@ ppp_safe_fork(int infd, int outfd, int e + tdb_close(pppdb); + #endif + +- /* make sure infd, outfd and errfd won't get tromped on below */ +- if (infd == 1 || infd == 2) +- infd = dup(infd); +- if (outfd == 0 || outfd == 2) +- outfd = dup(outfd); +- if (errfd == 0 || errfd == 1) +- errfd = dup(errfd); +- ++ /* make sure fds 0, 1, 2 are occupied, so the duplicated fds always > 2 */ ++ while ((fd = dup(fd_devnull)) >= 0) { ++ if (fd > 2) { ++ close(fd); ++ break; ++ } ++ } ++ ++ /* always copy fd's to avoid to use a already closed fd later */ ++ { ++ int fdi = infd, fdo = outfd; ++ ++ infd = dup(infd); ++ outfd = dup(outfd); ++ if (errfd >= 0) { ++ fd = errfd; ++ errfd = dup(errfd); ++ close(fd); ++ } ++ close(fdi); ++ close(fdo); ++ } + closelog(); + +- /* dup the in, out, err fds to 0, 1, 2 */ +- if (infd != 0) +- dup2(infd, 0); +- if (outfd != 1) +- dup2(outfd, 1); +- if (errfd != 2) +- dup2(errfd, 2); +- +- if (log_to_fd > 2) ++ if (log_to_fd > 0) + close(log_to_fd); + if (the_channel->close) + (*the_channel->close)(); +@@ -1689,12 +1687,18 @@ ppp_safe_fork(int infd, int outfd, int e + close(devfd); /* some plugins don't have a close function */ + close(fd_ppp); + close(fd_devnull); +- if (infd != 0) +- close(infd); +- if (outfd != 1) +- close(outfd); +- if (errfd != 2) +- close(errfd); ++ ++ close(0); ++ dup2(infd, 0); ++ close(infd); ++ close(1); ++ dup2(outfd, 1); ++ close(outfd); ++ if (errfd >= 0) { ++ close(2); ++ dup2(errfd, 2); ++ close(errfd); ++ } + + notify(fork_notifier, 0); + close(pipefd[0]); diff --git a/ppp-misc.patch b/ppp-misc.patch new file mode 100644 index 0000000..b15d8b0 --- /dev/null +++ b/ppp-misc.patch @@ -0,0 +1,45 @@ +--- pppd/auth.c.orig ++++ pppd/auth.c +@@ -2202,9 +2202,10 @@ check_access(FILE *f, char *filename) + + if (fstat(fileno(f), &sbuf) < 0) { + warn("cannot stat secret file %s: %m", filename); +- } else if ((sbuf.st_mode & (S_IRWXG | S_IRWXO)) != 0) { +- warn("Warning - secret file %s has world and/or group access", +- filename); ++ } else if ((sbuf.st_mode & S_IRWXO) != 0) { ++ warn("Warning - secret file %s has world access", filename); ++ } else if ((sbuf.st_mode & S_IRWXG) != 0 && sbuf.st_gid != 15) { ++ warn("Warning - secret file %s has group access", filename); + } + } + +--- pppd/lcp.c.orig ++++ pppd/lcp.c +@@ -2330,7 +2330,7 @@ lcp_received_echo_reply (fsm *f, int id, + if (lcp_gotoptions[f->unit].neg_magicnumber + && magic == lcp_gotoptions[f->unit].magicnumber) { + warn("appear to have received our own echo-reply!"); +- return; ++ /* M$-Software did get this wrong so we also accept those packets. */ + } + + if (lcp_rtt_file_fd && len >= 16) { +--- pppd/pppd-private.h.orig ++++ pppd/pppd-private.h +@@ -552,15 +552,7 @@ int parse_dotted_ip(char *, u_int32_t *) + #define DEBUGCHAP 1 + #endif + +-#ifndef LOG_PPP /* we use LOG_LOCAL2 for syslog by default */ +-#if defined(DEBUGMAIN) || defined(DEBUGFSM) || defined(DEBUGSYS) \ +- || defined(DEBUGLCP) || defined(DEBUGIPCP) || defined(DEBUGUPAP) \ +- || defined(DEBUGCHAP) || defined(DEBUG) || defined(DEBUGIPV6CP) + #define LOG_PPP LOG_LOCAL2 +-#else +-#define LOG_PPP LOG_DAEMON +-#endif +-#endif /* LOG_PPP */ + + #ifdef DEBUGMAIN + #define MAINDEBUG(x) if (debug) dbglog x diff --git a/ppp-mkdir-run.patch b/ppp-mkdir-run.patch new file mode 100644 index 0000000..078c872 --- /dev/null +++ b/ppp-mkdir-run.patch @@ -0,0 +1,453 @@ +From b0e7307b3569a5dad0f2606d2736cc8317851598 Mon Sep 17 00:00:00 2001 +From: Dominique Martinet +Date: Wed, 30 Aug 2023 11:46:01 +0900 +Subject: [PATCH 1/2] utils: add mkdir_recursive + +This will be used in the next commit. + +A test file for utils has also been added to check mkdir works as +intended. + +Signed-off-by: Dominique Martinet +--- + pppd/Makefile.am | 6 ++ + pppd/pppd-private.h | 1 + + pppd/utils.c | 82 ++++++++++++++++++++++++++ + pppd/utils_utest.c | 139 ++++++++++++++++++++++++++++++++++++++++++++ + 4 files changed, 228 insertions(+) + create mode 100644 pppd/utils_utest.c + +--- pppd/Makefile.am.orig ++++ pppd/Makefile.am +@@ -20,6 +20,12 @@ utest_pppcrypt_LDFLAGS = + + check_PROGRAMS += utest_crypto + ++utest_utils_SOURCES = utils.c utils_utest.c ++utest_utils_CPPFLAGS = -DUNIT_TEST ++utest_utils_LDFLAGS = ++ ++check_PROGRAMS += utest_utils ++ + if WITH_SRP + sbin_PROGRAMS += srp-entry + dist_man8_MANS += srp-entry.8 +--- pppd/pppd-private.h.orig ++++ pppd/pppd-private.h +@@ -437,6 +437,7 @@ int sifproxyarp(int, u_int32_t); + int cifproxyarp(int, u_int32_t); + /* Delete proxy ARP entry for peer */ + u_int32_t GetMask(u_int32_t); /* Get appropriate netmask for address */ ++int mkdir_recursive(const char *); /* Recursively create directory */ + int lock(char *); /* Create lock file for device */ + int relock(int); /* Rewrite lock file with new pid */ + void unlock(void); /* Delete previously-created lock file */ +--- pppd/utils.c.orig ++++ pppd/utils.c +@@ -781,6 +781,88 @@ complete_read(int fd, void *buf, size_t + } + #endif + ++/* ++ * mkdir_check - helper for mkdir_recursive, creates a directory ++ * but do not error on EEXIST if and only if entry is a directory ++ * The caller must check for errno == ENOENT if appropriate. ++ */ ++static int ++mkdir_check(const char *path) ++{ ++ struct stat statbuf; ++ ++ if (mkdir(path, 0755) >= 0) ++ return 0; ++ ++ if (errno == EEXIST) { ++ if (stat(path, &statbuf) < 0) ++ /* got raced? */ ++ return -1; ++ ++ if ((statbuf.st_mode & S_IFMT) == S_IFDIR) ++ return 0; ++ ++ /* already exists but not a dir, treat as failure */ ++ errno = EEXIST; ++ return -1; ++ } ++ ++ return -1; ++} ++ ++/* ++ * mkdir_parent - helper for mkdir_recursive, modifies the string in place ++ * Assumes mkdir(path) already failed, so it first creates the parent then ++ * full path again. ++ */ ++static int ++mkdir_parent(char *path) ++{ ++ char *slash; ++ int rc; ++ ++ slash = strrchr(path, '/'); ++ if (!slash) ++ return -1; ++ ++ *slash = 0; ++ if (mkdir_check(path) < 0) { ++ if (errno != ENOENT) { ++ *slash = '/'; ++ return -1; ++ } ++ if (mkdir_parent(path) < 0) { ++ *slash = '/'; ++ return -1; ++ } ++ } ++ *slash = '/'; ++ ++ return mkdir_check(path); ++} ++ ++/* ++ * mkdir_recursive - recursively create directory if it didn't exist ++ */ ++int ++mkdir_recursive(const char *path) ++{ ++ char *copy; ++ int rc; ++ ++ // optimistically try on full path first to avoid allocation ++ if (mkdir_check(path) == 0) ++ return 0; ++ ++ copy = strdup(path); ++ if (!copy) ++ return -1; ++ ++ rc = mkdir_parent(copy); ++ free(copy); ++ return rc; ++} ++ + /* Procedures for locking the serial device using a lock file. */ + static char lock_file[MAXPATHLEN]; + +--- /dev/null ++++ pppd/utils_utest.c +@@ -0,0 +1,139 @@ ++#include ++#include ++#include ++#include ++ ++#include "pppd-private.h" ++ ++/* globals used in test.c... */ ++int debug = 1; ++int error_count; ++int unsuccess; ++ ++/* check if path exists and returns its type */ ++static int ++file_type(char *path) ++{ ++ struct stat statbuf; ++ ++ if (stat(path, &statbuf) < 0) ++ return -1; ++ ++ return statbuf.st_mode & S_IFMT; ++} ++ ++int ++test_simple() { ++ if (mkdir_recursive("dir")) ++ return -1; ++ ++ if (file_type("dir") != S_IFDIR) ++ return -1; ++ ++ rmdir("dir"); ++ return 0; ++} ++ ++int ++test_recurse() { ++ if (mkdir_recursive("dir/subdir/subsubdir")) ++ return -1; ++ ++ if (file_type("dir/subdir/subsubdir") != S_IFDIR) ++ return -1; ++ ++ rmdir("dir/subdir/subsubdir"); ++ ++ /* try again with partial existence */ ++ if (mkdir_recursive("dir/subdir/subsubdir")) ++ return -1; ++ ++ if (file_type("dir/subdir/subsubdir") != S_IFDIR) ++ return -1; ++ ++ rmdir("dir/subdir/subsubdir"); ++ rmdir("dir/subdir"); ++ rmdir("dir"); ++ return 0; ++} ++ ++int ++test_recurse_multislash() { ++ if (mkdir_recursive("dir/subdir///subsubdir")) ++ return -1; ++ ++ if (file_type("dir/subdir/subsubdir") != S_IFDIR) ++ return -1; ++ ++ rmdir("dir/subdir/subsubdir"); ++ rmdir("dir/subdir"); ++ ++ /* try again with partial existence */ ++ if (mkdir_recursive("dir/subdir/subsubdir///")) ++ return -1; ++ ++ if (file_type("dir/subdir/subsubdir") != S_IFDIR) ++ return -1; ++ ++ rmdir("dir/subdir/subsubdir"); ++ rmdir("dir/subdir"); ++ rmdir("dir"); ++ return 0; ++} ++ ++int ++test_parent_notdir() { ++ int fd = open("file", O_CREAT, 0600); ++ if (fd < 0) ++ return -1; ++ close(fd); ++ ++ if (mkdir_recursive("file") == 0) ++ return -1; ++ if (mkdir_recursive("file/dir") == 0) ++ return -1; ++ ++ unlink("file"); ++ return 0; ++} ++ ++int ++main() ++{ ++ char *base_dir = strdup("/tmp/ppp_utils_utest.XXXXXX"); ++ int failure = 0; ++ ++ if (mkdtemp(base_dir) == NULL) { ++ printf("Could not create test directory, aborting\n"); ++ return 1; ++ } ++ ++ if (chdir(base_dir) < 0) { ++ printf("Could not enter newly created test dir, aborting\n"); ++ return 1; ++ } ++ ++ if (test_simple()) { ++ printf("Could not create simple directory\n"); ++ failure++; ++ } ++ ++ if (test_recurse()) { ++ printf("Could not create recursive directory\n"); ++ failure++; ++ } ++ ++ if (test_recurse_multislash()) { ++ printf("Could not create recursive directory with multiple slashes\n"); ++ failure++; ++ } ++ ++ if (test_parent_notdir()) { ++ printf("Creating over a file appeared to work?\n"); ++ failure++; ++ } ++ ++ rmdir(base_dir); ++ free(base_dir); ++ return failure; ++} +--- pppd/tdb.c.orig ++++ pppd/tdb.c +@@ -60,8 +60,11 @@ + #include + #include + #include ++ ++#include "pppd-private.h" + #include "tdb.h" + #include "spinlock.h" ++#include "pathnames.h" + + #define TDB_MAGIC_FOOD "TDB file\n" + #define TDB_VERSION (0x26011967 + 6) +@@ -1728,7 +1731,12 @@ TDB_CONTEXT *tdb_open_ex(const char *nam + goto internal; + } + ++again: + if ((tdb->fd = open(name, open_flags, mode)) == -1) { ++ if ((open_flags & O_CREAT) && errno == ENOENT && ++ mkdir_recursive(PPP_PATH_VARRUN) == 0) ++ goto again; ++ + TDB_LOG((tdb, 5, "tdb_open_ex: could not open file %s: %s\n", + name, strerror(errno))); + goto fail; /* errno set by open(2) */ +--- pppd/Makefile.in.orig ++++ pppd/Makefile.in +@@ -92,8 +92,8 @@ POST_UNINSTALL = : + build_triplet = @build@ + host_triplet = @host@ + sbin_PROGRAMS = pppd$(EXEEXT) $(am__EXEEXT_4) +-check_PROGRAMS = utest_crypto$(EXEEXT) $(am__EXEEXT_1) $(am__EXEEXT_2) \ +- $(am__EXEEXT_3) ++check_PROGRAMS = utest_crypto$(EXEEXT) utest_utils$(EXEEXT) \ ++ $(am__EXEEXT_1) $(am__EXEEXT_2) $(am__EXEEXT_3) + @WITH_SRP_TRUE@am__append_1 = srp-entry + @WITH_SRP_TRUE@am__append_2 = srp-entry.8 + @PPP_WITH_SYSTEM_CA_PATH_TRUE@am__append_3 = -DSYSTEM_CA_PATH='"@SYSTEM_CA_PATH@"' +@@ -258,6 +258,13 @@ utest_pppcrypt_LINK = $(LIBTOOL) $(AM_V_ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(utest_pppcrypt_LDFLAGS) $(LDFLAGS) -o \ + $@ ++am_utest_utils_OBJECTS = utest_utils-utils.$(OBJEXT) \ ++ utest_utils-utils_utest.$(OBJEXT) ++utest_utils_OBJECTS = $(am_utest_utils_OBJECTS) ++utest_utils_LDADD = $(LDADD) ++utest_utils_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ ++ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ ++ $(utest_utils_LDFLAGS) $(LDFLAGS) -o $@ + AM_V_P = $(am__v_P_@AM_V@) + am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) + am__v_P_0 = false +@@ -300,7 +307,9 @@ am__depfiles_remade = ./$(DEPDIR)/libppp + ./$(DEPDIR)/utest_crypto-crypto.Po \ + ./$(DEPDIR)/utest_peap-mppe.Po ./$(DEPDIR)/utest_peap-peap.Po \ + ./$(DEPDIR)/utest_peap-utils.Po \ +- ./$(DEPDIR)/utest_pppcrypt-crypto_ms.Po ++ ./$(DEPDIR)/utest_pppcrypt-crypto_ms.Po \ ++ ./$(DEPDIR)/utest_utils-utils.Po \ ++ ./$(DEPDIR)/utest_utils-utils_utest.Po + am__mv = mv -f + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +@@ -323,11 +332,11 @@ am__v_CCLD_1 = + SOURCES = $(libppp_crypto_la_SOURCES) $(pppd_SOURCES) \ + $(srp_entry_SOURCES) $(utest_chap_SOURCES) \ + $(utest_crypto_SOURCES) $(utest_peap_SOURCES) \ +- $(utest_pppcrypt_SOURCES) ++ $(utest_pppcrypt_SOURCES) $(utest_utils_SOURCES) + DIST_SOURCES = $(libppp_crypto_la_SOURCES) $(am__pppd_SOURCES_DIST) \ + $(am__srp_entry_SOURCES_DIST) $(utest_chap_SOURCES) \ + $(utest_crypto_SOURCES) $(utest_peap_SOURCES) \ +- $(utest_pppcrypt_SOURCES) ++ $(utest_pppcrypt_SOURCES) $(utest_utils_SOURCES) + am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ +@@ -733,6 +742,9 @@ utest_crypto_LDFLAGS = + utest_pppcrypt_SOURCES = crypto_ms.c + utest_pppcrypt_CPPFLAGS = -DUNIT_TEST_MSCRYPTO + utest_pppcrypt_LDFLAGS = ++utest_utils_SOURCES = utils.c utils_utest.c ++utest_utils_CPPFLAGS = -DUNIT_TEST ++utest_utils_LDFLAGS = + pkgconfigdir = $(libdir)/pkgconfig + pkgconfig_DATA = pppd.pc + pppd_includedir = $(includedir)/pppd +@@ -955,6 +967,10 @@ utest_pppcrypt$(EXEEXT): $(utest_pppcryp + @rm -f utest_pppcrypt$(EXEEXT) + $(AM_V_CCLD)$(utest_pppcrypt_LINK) $(utest_pppcrypt_OBJECTS) $(utest_pppcrypt_LDADD) $(LIBS) + ++utest_utils$(EXEEXT): $(utest_utils_OBJECTS) $(utest_utils_DEPENDENCIES) $(EXTRA_utest_utils_DEPENDENCIES) ++ @rm -f utest_utils$(EXEEXT) ++ $(AM_V_CCLD)$(utest_utils_LINK) $(utest_utils_OBJECTS) $(utest_utils_LDADD) $(LIBS) ++ + mostlyclean-compile: + -rm -f *.$(OBJEXT) + +@@ -1006,6 +1022,8 @@ distclean-compile: + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utest_peap-peap.Po@am__quote@ # am--include-marker + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utest_peap-utils.Po@am__quote@ # am--include-marker + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utest_pppcrypt-crypto_ms.Po@am__quote@ # am--include-marker ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utest_utils-utils.Po@am__quote@ # am--include-marker ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utest_utils-utils_utest.Po@am__quote@ # am--include-marker + + $(am__depfiles_remade): + @$(MKDIR_P) $(@D) +@@ -1629,6 +1647,34 @@ utest_pppcrypt-crypto_ms.obj: crypto_ms. + @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ + @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_pppcrypt_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o utest_pppcrypt-crypto_ms.obj `if test -f 'crypto_ms.c'; then $(CYGPATH_W) 'crypto_ms.c'; else $(CYGPATH_W) '$(srcdir)/crypto_ms.c'; fi` + ++utest_utils-utils.o: utils.c ++@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_utils_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT utest_utils-utils.o -MD -MP -MF $(DEPDIR)/utest_utils-utils.Tpo -c -o utest_utils-utils.o `test -f 'utils.c' || echo '$(srcdir)/'`utils.c ++@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/utest_utils-utils.Tpo $(DEPDIR)/utest_utils-utils.Po ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils.c' object='utest_utils-utils.o' libtool=no @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_utils_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o utest_utils-utils.o `test -f 'utils.c' || echo '$(srcdir)/'`utils.c ++ ++utest_utils-utils.obj: utils.c ++@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_utils_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT utest_utils-utils.obj -MD -MP -MF $(DEPDIR)/utest_utils-utils.Tpo -c -o utest_utils-utils.obj `if test -f 'utils.c'; then $(CYGPATH_W) 'utils.c'; else $(CYGPATH_W) '$(srcdir)/utils.c'; fi` ++@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/utest_utils-utils.Tpo $(DEPDIR)/utest_utils-utils.Po ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils.c' object='utest_utils-utils.obj' libtool=no @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_utils_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o utest_utils-utils.obj `if test -f 'utils.c'; then $(CYGPATH_W) 'utils.c'; else $(CYGPATH_W) '$(srcdir)/utils.c'; fi` ++ ++utest_utils-utils_utest.o: utils_utest.c ++@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_utils_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT utest_utils-utils_utest.o -MD -MP -MF $(DEPDIR)/utest_utils-utils_utest.Tpo -c -o utest_utils-utils_utest.o `test -f 'utils_utest.c' || echo '$(srcdir)/'`utils_utest.c ++@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/utest_utils-utils_utest.Tpo $(DEPDIR)/utest_utils-utils_utest.Po ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils_utest.c' object='utest_utils-utils_utest.o' libtool=no @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_utils_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o utest_utils-utils_utest.o `test -f 'utils_utest.c' || echo '$(srcdir)/'`utils_utest.c ++ ++utest_utils-utils_utest.obj: utils_utest.c ++@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_utils_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT utest_utils-utils_utest.obj -MD -MP -MF $(DEPDIR)/utest_utils-utils_utest.Tpo -c -o utest_utils-utils_utest.obj `if test -f 'utils_utest.c'; then $(CYGPATH_W) 'utils_utest.c'; else $(CYGPATH_W) '$(srcdir)/utils_utest.c'; fi` ++@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/utest_utils-utils_utest.Tpo $(DEPDIR)/utest_utils-utils_utest.Po ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils_utest.c' object='utest_utils-utils_utest.obj' libtool=no @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(utest_utils_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o utest_utils-utils_utest.obj `if test -f 'utils_utest.c'; then $(CYGPATH_W) 'utils_utest.c'; else $(CYGPATH_W) '$(srcdir)/utils_utest.c'; fi` ++ + mostlyclean-libtool: + -rm -f *.lo + +@@ -1918,6 +1964,13 @@ utest_crypto.log: utest_crypto$(EXEEXT) + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) ++utest_utils.log: utest_utils$(EXEEXT) ++ @p='utest_utils$(EXEEXT)'; \ ++ b='utest_utils'; \ ++ $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ ++ --log-file $$b.log --trs-file $$b.trs \ ++ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ ++ "$$tst" $(AM_TESTS_FD_REDIRECT) + utest_chap.log: utest_chap$(EXEEXT) + @p='utest_chap$(EXEEXT)'; \ + b='utest_chap'; \ +@@ -2080,6 +2133,8 @@ distclean: distclean-am + -rm -f ./$(DEPDIR)/utest_peap-peap.Po + -rm -f ./$(DEPDIR)/utest_peap-utils.Po + -rm -f ./$(DEPDIR)/utest_pppcrypt-crypto_ms.Po ++ -rm -f ./$(DEPDIR)/utest_utils-utils.Po ++ -rm -f ./$(DEPDIR)/utest_utils-utils_utest.Po + -rm -f Makefile + distclean-am: clean-am distclean-compile distclean-generic \ + distclean-hdr distclean-tags +@@ -2171,6 +2226,8 @@ maintainer-clean: maintainer-clean-am + -rm -f ./$(DEPDIR)/utest_peap-peap.Po + -rm -f ./$(DEPDIR)/utest_peap-utils.Po + -rm -f ./$(DEPDIR)/utest_pppcrypt-crypto_ms.Po ++ -rm -f ./$(DEPDIR)/utest_utils-utils.Po ++ -rm -f ./$(DEPDIR)/utest_utils-utils_utest.Po + -rm -f Makefile + maintainer-clean-am: distclean-am maintainer-clean-generic + diff --git a/ppp-peers b/ppp-peers new file mode 100644 index 0000000..e0f165e --- /dev/null +++ b/ppp-peers @@ -0,0 +1,9 @@ +# +# PPP (plain old modem) options +# +# Plugin passwordfd enables us to pipe the password to pppd, thus we +# don't have to put it into pap-secrets and chap-secrets. +# +plugin passwordfd.so +# +noauth diff --git a/ppp-pidfiles.patch b/ppp-pidfiles.patch new file mode 100644 index 0000000..3218468 --- /dev/null +++ b/ppp-pidfiles.patch @@ -0,0 +1,34 @@ +From 091e69b4e612427eeb95410dbc73eff10ea5dadb Mon Sep 17 00:00:00 2001 +From: Mike Gilbert +Date: Mon, 26 Jun 2023 01:17:16 -0400 +Subject: [PATCH] Ensure there is a '/' between PPP_PATH_VARRUN and the PID + filename (#427) + +Bug: https://bugs.gentoo.org/907311 + +Fixes: 66a8c74c3f73 ("Let ./configure control the paths for pppd", 2022-07-30) +Signed-off-by: Mike Gilbert +--- + pppd/main.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- pppd/main.c.orig ++++ pppd/main.c +@@ -888,7 +888,7 @@ create_pidfile(int pid) + { + FILE *pidfile; + +- slprintf(pidfilename, sizeof(pidfilename), "%s%s.pid", ++ slprintf(pidfilename, sizeof(pidfilename), "%s/%s.pid", + PPP_PATH_VARRUN, ifname); + if ((pidfile = fopen(pidfilename, "w")) != NULL) { + fprintf(pidfile, "%d\n", pid); +@@ -907,7 +907,7 @@ create_linkpidfile(int pid) + if (linkname[0] == 0) + return; + ppp_script_setenv("LINKNAME", linkname, 1); +- slprintf(linkpidfile, sizeof(linkpidfile), "%sppp-%s.pid", ++ slprintf(linkpidfile, sizeof(linkpidfile), "%s/ppp-%s.pid", + PPP_PATH_VARRUN, linkname); + if ((pidfile = fopen(linkpidfile, "w")) != NULL) { + fprintf(pidfile, "%d\n", pid); diff --git a/ppp-smpppd.patch b/ppp-smpppd.patch new file mode 100644 index 0000000..7b16ab3 --- /dev/null +++ b/ppp-smpppd.patch @@ -0,0 +1,13 @@ +--- pppd/main.c.orig ++++ pppd/main.c +@@ -1995,8 +1995,8 @@ forget_child(int pid, int status) + if (WIFSIGNALED(status)) { + warn("Child process %s (pid %d) terminated with signal %d", + (chp? chp->prog: "??"), pid, WTERMSIG(status)); +- } else if (debug) +- dbglog("Script %s finished (pid %d), status = 0x%x", ++ } else ++ info("Script %s finished (pid %d), status = 0x%x", + (chp? chp->prog: "??"), pid, + WIFEXITED(status) ? WEXITSTATUS(status) : status); + if (chp && chp->done) diff --git a/ppp-var_run_resolv_conf.patch b/ppp-var_run_resolv_conf.patch new file mode 100644 index 0000000..48037b6 --- /dev/null +++ b/ppp-var_run_resolv_conf.patch @@ -0,0 +1,74 @@ +Tue Jul 22 14:16:29 CEST 2008 - hvogel@suse.de + +Move the resolv.conf written by pppd to /var/run [bnc#401648] + + +--- Changes-2.3.orig ++++ Changes-2.3 +@@ -262,10 +262,10 @@ What was new in ppp-2.3.6. + + * Added new option `usepeerdns', thanks to Nick Walker + . If the peer supplies DNS addresses, these +- will be written to /etc/ppp/resolv.conf. The ip-up script can then +- be used to add these addresses to /etc/resolv.conf if desired (see +- the ip-up.local.add and ip-down.local.add files in the scripts +- directory). ++ will be written to /run/ppp_resolv.conf.$INTERFACE_NAME. ++ The ip-up script can then be used to add these addresses to ++ /etc/resolv.conf if desired (see the ip-up.local.add and ++ ip-down.local.add files in the scripts directory). + + * The Solaris ppp driver should now work correctly on SMP systems. + +--- pppd/ipcp.c.orig ++++ pppd/ipcp.c +@@ -2155,13 +2155,16 @@ static void + create_resolv(u_int32_t peerdns1, u_int32_t peerdns2) + { + FILE *f; ++ char rcfilename[PATH_MAX]; + + if (noresolvconf) + return; + +- f = fopen(PPP_PATH_RESOLV, "w"); ++ slprintf(rcfilename, sizeof(rcfilename), "%s.%s", PPP_PATH_RESOLV, ifname); ++ ++ f = fopen(rcfilename, "w"); + if (f == NULL) { +- error("Failed to create %s: %m", PPP_PATH_RESOLV); ++ error("Failed to create %s: %m", rcfilename); + return; + } + +@@ -2172,7 +2175,7 @@ create_resolv(u_int32_t peerdns1, u_int3 + fprintf(f, "nameserver %s\n", ip_ntoa(peerdns2)); + + if (ferror(f)) +- error("Write failed to %s: %m", PPP_PATH_RESOLV); ++ error("Write failed to %s: %m", rcfilename); + + fclose(f); + } +--- pppd/pathnames.h.orig ++++ pppd/pathnames.h +@@ -105,7 +105,7 @@ + #define PPP_PATH_AUTHDOWN PPP_PATH_CONFDIR "/auth-down" + #define PPP_PATH_TTYOPT PPP_PATH_CONFDIR "/options." + #define PPP_PATH_PEERFILES PPP_PATH_CONFDIR "/peers/" +-#define PPP_PATH_RESOLV PPP_PATH_CONFDIR "/resolv.conf" ++#define PPP_PATH_RESOLV PPP_PATH_VARRUN "/ppp/resolv.conf" + + #define PPP_PATH_NET_INIT PPP_PATH_CONFDIR "/net-init" + #define PPP_PATH_NET_PREUP PPP_PATH_CONFDIR "/net-pre-up" +--- pppd/pppd.8.orig ++++ pppd/pppd.8 +@@ -1199,7 +1199,7 @@ Ask the peer for up to 2 DNS server addr + by the peer (if any) are passed to the /etc/ppp/ip\-up script in the + environment variables DNS1 and DNS2, and the environment variable + USEPEERDNS will be set to 1. In addition, pppd will create an +-/etc/ppp/resolv.conf file containing one or two nameserver lines with ++/run/ppp/resolv.conf.$INTERFACE file containing one or two nameserver lines with + the address(es) supplied by the peer (unless the \fInoresolvconf\fR + option is given). + .TP diff --git a/ppp.changes b/ppp.changes new file mode 100644 index 0000000..632b6d6 --- /dev/null +++ b/ppp.changes @@ -0,0 +1,1132 @@ +------------------------------------------------------------------- +Wed Feb 19 13:29:35 UTC 2025 - Reinhard Max + +- Update to version 2.5.2: + * Some old and probably unused code has been removed, notably + the pppgetpass program and the passprompt plugin, and some of + the files in the sample and scripts directories. + * If a remote number has been set, it is available to scripts in + the REMOTENUMBER environment variable. + * Various other bug fixes and minor enhancements. +- Obsoleted patches: + * ppp-fix-bashisms.patch + +------------------------------------------------------------------- +Thu Oct 17 11:29:31 UTC 2024 - Reinhard Max + +- Update to version 2.5.1: + * Pppd can now measure and log the round-trip time (RTT) of LCP + echo-requests and record them in a binary file structured as a + circular buffer. Other programs or scripts can examine the + file and provide real-time statistics on link latency. + This is enabled by a new "lcp-rtt-file" option. + * New scripts net-init, net-pre-up and net-down are executed in + the process of bringing the network interface up and down. + They provide additional, more deterministic ways for pppd to + interact with the rest of the networking configuration. + * New options have been added to allow the system administrator + to set the location of various scripts and secrets files. + * A new "noresolvconf" option tells pppd not to write the + /etc/ppp/resolv.conf file; DNS server addresses, if obtained + from the peer, are still passed to scripts in the environment. + * Pppd will now create the directory for the TDB connection + database if it doesn't already exist. +- Obsoleted patches: + * ppp-mkdir-run.patch + * ppp-pidfiles.patch +- Drop the ppp_ prefix from /run/ppp_resolv.conf* and put it under + /run/ppp like the other generated files. + +------------------------------------------------------------------- +Wed Jun 19 10:10:49 UTC 2024 - Jiri Bohac + +- drop support for PPPoATM and the dependency on linux-atm-devel + +------------------------------------------------------------------- +Thu Feb 29 14:39:13 UTC 2024 - Dominique Leuenberger + +- Use %autosetup macro. Allows to eliminate the usage of deprecated + %patchN. + +------------------------------------------------------------------- +Thu Jan 11 13:22:52 UTC 2024 - Reinhard Max + +- Backport ppp-pidfiles.patch and ppp-mkdir-run.patch from the + upcoming 2.5.1 release and make sure that pppd's pid, resolv + and database files are created under /run/ppp (bsc#1218370). + +------------------------------------------------------------------- +Thu Dec 28 10:38:28 UTC 2023 - Reinhard Max + +- Reflect the rp-pppoe -> pppoe name change also in pppoe-peers. + +------------------------------------------------------------------- +Fri Apr 21 11:52:53 UTC 2023 - Reinhard Max + +- Update to version 2.5.0. This release is a major release of pppd + which contains breaking changes for third-party plugins, a + complete revamp of the build-system and that allows for + flexibility of configuring features as needed. + * CVE-2022-4603, bsc#1218251: improper validation of array index + of the component pppdump + * Support for PEAP authentication + * Support for loading PKCS12 certificate envelopes + * Adoption of GNU Autoconf / Automake build environment + * Support for pkgconfig + * Bunch of fixes and cleanup to PPPoE and IPv6 support + * Major revision to PPPD's Plugin API + * Lots of internal fixes and cleanups for Radius and PPPoE + * Dropped IPX support, as Linux has dropped it in version 5.15 + * Pppd is no longer installed setuid-root + * New pppd options: + - ipv6cp-noremote, ipv6cp-nosend, ipv6cp-use-remotenumber, + ipv6-up-script, ipv6-down-script + - -v, show-options + - usepeerwins, ipcp-no-address, ipcp-no-addresses, nosendip + * On Linux, any baud rate can be set on a serial port provided + the kernel serial driver supports that. +- Obsoleted patches: + * ppp-lib64.patch + * ppp-compiling-with-clang-encounters-an-error-in-eap-tls..patch + * ppp-pie.patch +- Source file pppoe-discovery.8.gz is now part of the tarball. +- Enable support for systemd notification. + +------------------------------------------------------------------- +Wed Dec 28 14:32:02 UTC 2022 - Stefan Schubert + +- Migration of PAM settings to /usr/lib/pam.d. + +------------------------------------------------------------------- +Thu May 26 18:43:35 UTC 2022 - Martin Liška + +- Add ppp-compiling-with-clang-encounters-an-error-in-eap-tls..patch + that fixed the following rpmlint error: + executable-stack (Badness: 10000) /usr/sbin/pppd + +------------------------------------------------------------------- +Mon May 23 14:07:58 UTC 2022 - Ferdinand Thiessen + +- Update to version 2.4.9 + * Support for new EAP (Extensible Authentication Protocol) methods + * Support for EAP-TLS + * Support for EAP-MSCHAPv2 + * New pppd options: + * chap-timeout + * chapms-strip-domain + * replacedefaultroute + * noreplacedefaultroute + * ipv6cp-accept-remote + * lcp-echo-adaptive + * ip-up-script + * ip-down-script + * ca + * capath + * cert + * key + * crl-dir + * crl + * max-tls-version + * need-peer-eap + * Fixes for CVE-2020-8597 and CVE-2015-3310. + * The rp-pppoe plugin has been renamed to pppoe, to distinguish it + from the upstream rp-pppoe code. Its options have changed names, + but the old names are kept as aliases. + * Many bug fixes and cleanups. +- Drop upstream fixed patches + * ppp-2.4.3-winbind-setuidfix.patch + * fix-header-conflict.patch + * ppp-CVE-2015-3310.patch + * ppp-CVE-2020-8597.patch + * ppp-cifdefroute.patch + * ppp-higher-speeds.patch + * ppp-2.4.3-strip.diff + * ppp-filter.patch + * ppp-__P.patch +- Drop upstream resolved ppp-make.patch use `--cflags` configure + switch instead + +------------------------------------------------------------------- +Thu Mar 10 13:59:07 UTC 2022 - Илья Индиго + +- Removed Wants=network.target from modem@.service (bsc#1196359). + +------------------------------------------------------------------- +Mon Nov 9 07:21:55 UTC 2020 - Илья Индиго + +- Refresh spec-file via spec-cleaner and manual optimizations. + * Removed obsolete constructs (creating dialout group via shadow). + +------------------------------------------------------------------- +Fri Oct 9 11:15:53 UTC 2020 - Dominique Leuenberger + +- Fix build with RPM 4.16: error: bare words are no longer + supported, please use "...": lib64 == lib64. + +------------------------------------------------------------------- +Mon Aug 3 14:52:55 UTC 2020 - Reinhard Max + +- New version 2.4.8. + * New pppd options have been added: + * ifname, to set the name for the PPP interface device + * defaultroute-metric, to set the metric for the default route + * defaultroute6, to add an IPv6 default route (with + nodefaultroute6 to prevent adding an IPv6 default route). + * up_sdnotify, to have pppd notify systemd when the link is up. + + * The rp-pppoe plugin has new options: + * host-uniq, to set the Host-Uniq value to send + * pppoe-padi-timeout, to set the timeout for discovery packets + * pppoe-padi-attempts, to set the number of discovery attempts. + + * Added the CLASS attribute in radius packets. + + * Fixed warnings and issues found by static analysis. + +- Obsoleted patches: + * ppp-2.4.3-pppoatm.diff + * ppp-2.4.4-strncatfix.patch + * ppp-2.4.6-ifname.diff + * ppp-2.4.7-DES-openssl.patch + * ppp-2.4.7.tar.gz.asc + * ppp-send-padt.patch + +- Patches that got renamed, because they needed rediffing: + * ppp-2.4.1-higher-speeds.diff -> ppp-higher-speeds.patch + * ppp-2.4.1-higher-speeds.diff -> ppp-higher-speeds.patch + * ppp-2.4.2-__P.diff -> ppp-__P.patch + * ppp-2.4.2-cifdefroute.diff -> ppp-cifdefroute.patch + * ppp-2.4.2-pie.patch -> ppp-pie.patch + * ppp-2.4.2-smpppd.diff -> ppp-smpppd.patch + * ppp-2.4.3-filter.diff -> ppp-filter.patch + * ppp-2.4.3-fork-fix.diff -> ppp-fork-fix.patch + * ppp-2.4.4-var_run_resolv_conf.patch -> ppp-var_run_resolv_conf.patch + * ppp-2.4.6-lib64.patch -> ppp-lib64.patch + * ppp-2.4.6-make.diff -> ppp-make.patch + * ppp-2.4.6-misc.diff -> ppp-misc.patch + * ppp-2.4.7-fix-bashisms.patch -> ppp-fix-bashisms.patch + +- bsc#1172916: Fix an outdated comment for lcp-echo-interval. + +------------------------------------------------------------------- +Tue May 19 15:40:26 UTC 2020 - Dominique Leuenberger + +- Fixup previous fix: use the defined macro %_unitdir for the + systemd unit. + +------------------------------------------------------------------- +Thu May 7 07:42:50 UTC 2020 - pgajdos@suse.com + +- /usr/lib/systemd instead %{_libexecdir}/systemd + +------------------------------------------------------------------- +Sun Apr 26 21:10:15 UTC 2020 - Andreas Stieger + +- add upstream signing keyring and verify source signature + +------------------------------------------------------------------- +Tue Mar 3 14:44:11 UTC 2020 - Reinhard Max + +- Add pam_keyinit to /etc/pam.d/ppp (bsc#1144055). + +------------------------------------------------------------------- +Fri Feb 7 14:30:35 UTC 2020 - Reinhard Max + +- CVE-2020-8597, bsc#1162610, ppp-CVE-2020-8597.patch: rhostname + buffer overflow in the eap_request and eap_response functions. + +------------------------------------------------------------------- +Thu Oct 4 15:18:10 UTC 2018 - schwab@suse.de + +- ppp-2.4.7-DES-openssl.patch: Use openssl instead of libcrypt for DES + +------------------------------------------------------------------- +Fri Nov 24 19:18:37 UTC 2017 - ilya@ilya.cf + +- Refresh spec-file via spec-cleaner. +- Add ppp-modem package for automatic redial to mobile provider. + +------------------------------------------------------------------- +Thu Nov 23 14:47:28 UTC 2017 - ilya@ilya.cf + +- Add Requires group(dialout) (boo#1067511). + +------------------------------------------------------------------- +Tue Jun 13 13:43:05 UTC 2017 - kukuk@suse.com + +- Add /etc/ppp, this directory is no longer part of filesystem. + Most likely requiring sysconfig would be necessary. + +------------------------------------------------------------------- +Sat Jun 10 15:20:12 UTC 2017 - meissner@suse.com + +- ppp-2.4.2-pie.patch: also enable PIE for /usr/sbin/pppstats + +------------------------------------------------------------------- +Fri Dec 9 15:11:25 UTC 2016 - max@suse.com + +- Use system-wide libatm instead of local copy (boo#1013567). + +------------------------------------------------------------------- +Mon Oct 17 10:26:16 UTC 2016 - schwab@suse.de + +- fix-header-conflict.patch: avoid conflict with kernel headers + +------------------------------------------------------------------- +Fri Nov 13 15:26:03 UTC 2015 - max@suse.com + +- Added ppp-CVE-2015-3310.patch: + Fix for bnc#927841, CVE-2015-3310: Fix buffer overflow in radius + plug-in's rc_mksid(). + +------------------------------------------------------------------- +Wed Nov 19 03:11:00 UTC 2014 - Led + +- fix bashisms in redialer script +- add patches: + * ppp-2.4.7-fix-bashisms.patch + +------------------------------------------------------------------- +Thu Aug 21 12:15:41 UTC 2014 - max@suse.com + +- Update to 2.4.7: + * Fixed a potential security issue in parsing option files + (CVE-2014-3158, bnc#891489). + * There is a new "stop-bits" option, which takes an argument of + 1 or 2, indicating the number of stop bits to use for async serial + ports. + * Various bug fixes. + +------------------------------------------------------------------- +Thu Mar 20 15:07:22 UTC 2014 - aj@ajaissle.de + +- Update to 2.4.6 + + Man page updates. + + Several bug fixes. + + Options files can now set and unset environment variables for + scripts. + + The timeout for chat scripts can now be taken from an environment + variable. + + There is a new option, master_detach, which allows pppd to detach + from the controlling terminal when it is the multilink bundle master + but its own link has terminated, even if the nodetach option has + been given. + +- Removed the following patches; + - ppp-2.4.2-logwtmp.diff -- now checks for HAVE_LOGWTMP + - ppp-2.4.3-demand-fix.diff -- using 'status' + - ppp-terminate-correct.patch -- upstream inclusion + +- Rebased the following patches: + * ppp-2.4.3-make.diff as ppp-2.4.6-make.diff + * ppp-2.4.2-misc.diff as ppp-2.4.6-misc.diff + * ppp-2.4.2-ifname.diff as ppp-2.4.6-ifname.diff + * ppp-2.4.4-lib64.patch as ppp-2.4.6-lib64.patch + +- Url changed to ppp.samba.org +- Use macros in spec file +- We dont need to cleanup the buildroot + +------------------------------------------------------------------- +Mon Sep 2 14:41:21 UTC 2013 - max@suse.com + +- Add ppp-terminate-correct.patch, fix the pppd's hang after exit + (bnc#693469). + +------------------------------------------------------------------- +Wed Jul 24 12:54:01 UTC 2013 - max@suse.com + +- ppp-send-padt.patch: Send PADT at the end of a PPPoE session. + +------------------------------------------------------------------- +Fri Mar 1 14:59:29 UTC 2013 - cfarrell@suse.com + +- license update: BSD-3-Clause and LGPL-2.1+ and GPL-2.0+ + GPL-2.0 matches found in ppp-2.4.5/include/linux/if_pppol2tp.h + +------------------------------------------------------------------- +Wed Feb 27 06:18:39 UTC 2013 - coolo@suse.com + +- update license to new format + +------------------------------------------------------------------- +Fri Aug 12 15:40:58 UTC 2011 - coolo@novell.com + +- remove extra dependencies from doc files + +------------------------------------------------------------------- +Wed Jan 5 10:17:28 UTC 2011 - coolo@novell.com + +- refresh patch + +------------------------------------------------------------------- +Wed Jan 5 09:17:19 UTC 2011 - aj@suse.de + +- Fix build of pppol2tp - remove local copy of if_pppol2tp.h + that is out of sync with kernel definition. +- Remove ppp-makedevice.patch, it is obsolete. + +------------------------------------------------------------------- +Wed Jan 5 09:03:05 UTC 2011 - aj@suse.de + +- Update to final 2.4.5 version with these changes: + * Pppd now works better with 3G modems that do strange things such as + sending IPCP Configure-Naks with the same values over and over again. + * Bugfixes + +------------------------------------------------------------------- +Tue Apr 6 05:40:20 UTC 2010 - coolo@novell.com + +- replace %PACKAGE_VERSION with %version to fix build + +------------------------------------------------------------------- +Tue Jan 5 17:21:23 CET 2010 - jengelh@medozas.de + +- enable parallel building + +------------------------------------------------------------------- +Tue Nov 3 19:09:38 UTC 2009 - coolo@novell.com + +- updated patches to apply with fuzz=0 + +------------------------------------------------------------------- +Wed Oct 14 12:38:07 UTC 2009 - crrodriguez@opensuse.org + +- build with -fno-strict-aliasing, dereferencing pointer 'svc' + does break strict-aliasing rules. +- give the package a more meaningful version number + +------------------------------------------------------------------- +Thu Oct 23 09:32:31 CEST 2008 - lnussel@suse.de + +- fix wrong permissions of pppol2tp.so +- fix invalid interpreter in secure-card script + +------------------------------------------------------------------- +Fri Sep 12 13:29:59 CEST 2008 - hvogel@suse.de + +- update to 2.4.5 (git:07bcc935f7a10bc5d78325fc53a6ac9bdf2aad6a) + * pppd can now operate in a mode where it doesn't request + the peer's IP address, as some peers refuse to supply an IP + address. + * included PPP over L2TP plugin + * Add L2TP support + * Various bug fixes + +------------------------------------------------------------------- +Tue Jul 22 14:16:29 CEST 2008 - hvogel@suse.de + +- move the resolv.conf written by pppd to /var/run [bnc#401648] + +------------------------------------------------------------------- +Wed May 21 11:48:17 CEST 2008 - hvogel@suse.de + +- add man page of pppoe-discovery [bnc#392784] + +------------------------------------------------------------------- +Thu Apr 3 11:57:11 CEST 2008 - hvogel@suse.de + +- move plugin directory to %_libdir [bnc#358927] + +------------------------------------------------------------------- +Thu Aug 23 16:21:21 CEST 2007 - hvogel@suse.de + +- Work around pppoatm MTU problems. [#301678] + +------------------------------------------------------------------- +Thu Jul 26 16:56:40 CEST 2007 - prusnak@suse.cz + +- changed libpcap to libpcap-devel in BuildRequires + +------------------------------------------------------------------- +Tue Dec 19 10:37:21 CET 2006 - meissner@suse.de + +- fixed strncat usage in radius plugin. + +------------------------------------------------------------------- +Wed Sep 13 13:12:17 CEST 2006 - hvogel@suse.de + +- Argh, really re-enable the patch. + +------------------------------------------------------------------- +Thu Sep 7 16:48:47 CEST 2006 - hvogel@suse.de + +- fix and reenable "replace default route" patch + +------------------------------------------------------------------- +Mon Aug 21 21:30:35 CEST 2006 - kukuk@suse.de + +- Use include statements in PAM config file + +------------------------------------------------------------------- +Mon Aug 7 15:45:21 CEST 2006 - mskibbe@suse.de + +- update to version 2.4.4 which + o fix some bugs + o fix bug #179560 (MTU overwritten by pppoe plugin) + +------------------------------------------------------------------- +Tue May 30 18:50:47 CEST 2006 - meissner@suse.de + +- check return code of setuid in winbind plugin. #179660 + +------------------------------------------------------------------- +Fri Jan 27 02:20:20 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Tue Jan 24 18:01:20 CET 2006 - max@suse.de + +- Enabled IPv6 support (#145246). + +------------------------------------------------------------------- +Sat Jan 14 02:22:44 CET 2006 - schwab@suse.de + +- Don't strip binaries. + +------------------------------------------------------------------- +Fri Jan 13 15:04:51 CET 2006 - hvogel@suse.de + +- Make use of Stack Protector + +------------------------------------------------------------------- +Wed Nov 2 16:45:03 CET 2005 - hvogel@suse.de + +- expand strict-aliasing patch to the radius plugin + +------------------------------------------------------------------- +Mon Oct 17 15:36:06 CEST 2005 - arvin@suse.de + +- fixed pptp peers file + +------------------------------------------------------------------- +Wed Oct 12 12:47:38 CEST 2005 - hvogel@suse.de + +- Add -fno-strict-aliasing to pppd cflags. Added + * ppp-2.4.3-no-strict-aliasing.patch + +------------------------------------------------------------------- +Wed Oct 5 16:51:37 CEST 2005 - hvogel@suse.de + +- fix too few arguments to a *printf function. modified + * ppp-2.4.2-misc.diff +- make use of optflags everywhere. modified + * ppp-2.4.3-optflags.patch + +------------------------------------------------------------------- +Sun Aug 7 11:11:48 CEST 2005 - kkeil@suse.de + +- fix filter stuff for libpcap version 0.9.3 (see #102460) + +------------------------------------------------------------------- +Sat Jul 2 14:47:59 CEST 2005 - hvogel@suse.de + +- use optflags also for pppoatm plugin + +------------------------------------------------------------------- +Tue Jun 28 12:03:37 CEST 2005 - kkeil@suse.de + +- fix some problems with 2.4.3 (#80468) + * solve not working dial on demand after a connection was shut + down first time + * fix safe_fork to not close needed file descriptors + +------------------------------------------------------------------- +Thu Jun 23 02:10:05 CEST 2005 - ro@suse.de + +- build with -fPIC/-pie + +------------------------------------------------------------------- +Thu Apr 21 15:03:09 CEST 2005 - arvin@suse.de + +- fixed compilation of pppoatm plugin (bug #79295) + +------------------------------------------------------------------- +Fri Mar 18 01:05:44 CET 2005 - kkeil@suse.de + +- fix filter stuff and DOD (#73663) + +------------------------------------------------------------------- +Mon Feb 28 21:08:50 CET 2005 - kkeil@suse.de + +- undefined fd is a bad idea, incremental fix for #66786 + +------------------------------------------------------------------- +Mon Feb 28 17:46:21 CET 2005 - hvogel@suse.de + +- enable device creating if it does not exist (Bug #66786) + +------------------------------------------------------------------- +Mon Dec 13 15:24:55 CET 2004 - hvogel@suse.de + +- get rid of the pppoam patch + +------------------------------------------------------------------- +Fri Dec 10 12:31:54 CET 2004 - hvogel@suse.de + +- update to version 2.4.3 which includes: + o Various fixes and enhancements to the radius and rp-pppoe + plugins have been added. + o There is a new option, child-timeout, which sets the length + of time that pppd will wait for child processes + o There is a new winbind plugin, from Andrew Bartlet of the Samba + team, which provides the ability to authenticate the peer + against an NT domain controller using MS-CHAP or MS-CHAPV2. + o There is a new pppoatm plugin + +------------------------------------------------------------------- +Tue Sep 21 15:16:12 CEST 2004 - kkeil@suse.de + +- fix dial on demand; outbound must flagged with 1 not 0xff (#45694) + +------------------------------------------------------------------- +Sun Sep 12 09:35:04 CEST 2004 - kukuk@suse.de + +- Don't use __P from glibc + +------------------------------------------------------------------- +Wed Aug 25 01:28:13 CEST 2004 - kkeil@suse.de + +- use DLT_PPP_WITHDIRECTION for the filters to be compatible with + kernel 2.6.8 + +------------------------------------------------------------------- +Tue Jul 20 10:44:09 CEST 2004 - arvin@suse.de + +- added option to rename ppp interface (experimental) + +------------------------------------------------------------------- +Mon Jul 19 11:51:49 CEST 2004 - arvin@suse.de + +- allow all names as Ethernet interfaces (bug #43048) + +------------------------------------------------------------------- +Tue Jul 13 11:02:54 CEST 2004 - arvin@suse.de + +- removed non-ascii character from option file + +------------------------------------------------------------------- +Fri May 28 13:03:05 CEST 2004 - kkeil@suse.de + +- correct fix for the DOD filter rule paket header (see bug #34724) + +------------------------------------------------------------------- +Fri Apr 16 13:21:07 CEST 2004 - mmj@suse.de + +- Void functions should be declared as such + +------------------------------------------------------------------- +Wed Mar 31 11:14:24 CEST 2004 - arvin@suse.de + +- fixed filter rules for dial on demand (see bug #34724) + +------------------------------------------------------------------- +Wed Feb 18 16:08:16 CET 2004 - arvin@suse.de + +- fixed setting of filter rules (bug #34569) + +------------------------------------------------------------------- +Fri Feb 13 16:58:03 CET 2004 - arvin@suse.de + +- updated pppoatm plugin (bug #34543) +- fixed ctl-c bug + +------------------------------------------------------------------- +Fri Feb 13 15:22:11 CET 2004 - arvin@suse.de + +- updated to version 2.4.2, main features: + - new upstream PPPoE plugin implementation + - new upstream MPPE implementation + - many protocols (CHAP, CBCP, EAP, ECP) added or updated +- build package as non-root user +- build sub-package ppp-devel with header files required for + extra plugins + +------------------------------------------------------------------- +Thu Feb 12 17:34:57 CET 2004 - arvin@suse.de + +- removed outdated samples +- some cleanup + +------------------------------------------------------------------- +Thu Feb 12 01:16:20 CET 2004 - ro@suse.de + +- adapt to change in libpcap: include moved to pcap_bpf.h + +------------------------------------------------------------------- +Mon Jan 26 14:45:02 CET 2004 - arvin@suse.de + +- allow higher serial speeds (see bug #34053) + +------------------------------------------------------------------- +Fri Jan 16 12:17:50 CET 2004 - kukuk@suse.de + +- Add pam-devel to neededforbuild + +------------------------------------------------------------------- +Fri Jan 9 11:56:34 CET 2004 - kukuk@suse.de + +- Fix compiler warnings + +------------------------------------------------------------------- +Wed Aug 13 09:16:26 CEST 2003 - arvin@suse.de + +- allow vlan devices for pppoe (bug #28645) + +------------------------------------------------------------------- +Mon Jun 30 10:45:19 CEST 2003 - arvin@suse.de + +- fixed closing of pppoatm (bug #27315) +- fixed pppoe on ppc (bug #27575) + +------------------------------------------------------------------- +Thu Jun 05 12:49:28 CEST 2003 - arvin@suse.de + +- converted MSCHAPv2-fix patch to unix format as new patch + doesn't like dos anymore + +------------------------------------------------------------------- +Tue Jun 03 11:03:31 CEST 2003 - arvin@suse.de + +- added peers file for pptp + +------------------------------------------------------------------- +Mon May 26 23:06:12 CEST 2003 - arvin@suse.de + +- adapted neededforbuild to linux-atm changes + +------------------------------------------------------------------- +Thu May 22 15:52:07 CEST 2003 - okir@suse.de + +- prevent buffer overflow in MPPE (#27062) + +------------------------------------------------------------------- +Wed Mar 12 10:58:35 CET 2003 - arvin@suse.de + +- activate filter rules per default (bug #25134) + +------------------------------------------------------------------- +Sat Jan 18 20:00:24 CET 2003 - arvin@suse.de + +- added config file with some filter rules + +------------------------------------------------------------------- +Fri Jan 10 15:49:26 CET 2003 - arvin@suse.de + +- Reactivated option noipdefault in default options file since + some providers can't handle a suggested local ip address. Can't + reproduce the wrong behaviour of the pppd mentioned in bug #1751 + so the change is ok. + +------------------------------------------------------------------- +Thu Dec 12 14:52:44 CET 2002 - arvin@suse.de + +- removed absolute paths from pam configuration file + +------------------------------------------------------------------- +Wed Nov 13 12:30:03 CET 2002 - arvin@suse.de + +- fixed multi-line string literals + +------------------------------------------------------------------- +Thu Oct 24 13:12:06 CEST 2002 - arvin@suse.de + +- fixed callback phone number handling (bug #9659 and #18408) +- activated patches added on Aug. 1st + +------------------------------------------------------------------- +Fri Aug 23 16:38:40 CEST 2002 - arvin@suse.de + +- remove a warning message in the log (bug #18254) +- removed obsolete peers file demand + +------------------------------------------------------------------- +Tue Aug 06 16:42:51 CEST 2002 - arvin@suse.de + +- added "plain old modem" peers file (related to bug #17341) + +------------------------------------------------------------------- +Thu Aug 1 18:16:48 CEST 2002 - bk@suse.de + +- add patches recommeded for pptp which also fix bug 17097 + +------------------------------------------------------------------- +Thu Jul 25 13:48:16 CEST 2002 - arvin@suse.de + +- disable pppoatm plugin on s390 and s390x + +------------------------------------------------------------------- +Mon Jul 08 12:34:45 CEST 2002 - arvin@suse.de + +- removed setuid bits from pppd (bug #16860) + +------------------------------------------------------------------- +Thu May 16 16:31:03 CEST 2002 - arvin@suse.de + +- compile with packet filter support + +------------------------------------------------------------------- +Wed May 15 16:34:13 CEST 2002 - arvin@suse.de + +- enable more debugging for pppoe if the pppd gets the debug + option + +------------------------------------------------------------------- +Mon May 13 09:33:34 CEST 2002 - ro@suse.de + +- fix build on x86_64 + +------------------------------------------------------------------- +Fri Apr 19 17:20:59 CEST 2002 - arvin@suse.de + +- disable pppoatm plugin on mips (since linux-atm does not build) + +------------------------------------------------------------------- +Tue Apr 16 22:20:56 CEST 2002 - arvin@suse.de + +- turn off debugging by default + +------------------------------------------------------------------- +Wed Mar 13 17:42:47 CET 2002 - arvin@suse.de + +- better mtu handling as workaround for broken dsl providers + +------------------------------------------------------------------- +Fri Feb 08 13:09:49 CET 2002 - arvin@suse.de + +- fixed error handling in passwordfd plugin + +------------------------------------------------------------------- +Fri Feb 8 10:36:35 CET 2002 - okir@suse.de + +- applied security fix to zlib + +------------------------------------------------------------------- +Tue Feb 05 16:06:22 CET 2002 - arvin@suse.de + +- more log output without debug option so that the smpppd does + not require the debug option +- removed debug option from peers files +- use %{_mandir} + +------------------------------------------------------------------- +Wed Jan 30 13:38:31 CET 2002 - arvin@suse.de + +- use buildroot +- compile pppoatm plugin on all archs again + +------------------------------------------------------------------- +Fri Jan 11 13:18:35 CET 2002 - arvin@suse.de + +- added terminating NULL in options list of passwordfd plugin + +------------------------------------------------------------------- +Fri Jan 11 11:30:26 CET 2002 - arvin@suse.de + +- don't compile pppoatm plugin on axp and s390 + +------------------------------------------------------------------- +Wed Jan 09 15:41:03 CET 2002 - arvin@suse.de + +- added "modprobe pppoatm" in pppoatm plugin + +------------------------------------------------------------------- +Tue Jan 08 18:04:20 CET 2002 - arvin@suse.de + +- fixed compiling on ia64 + +------------------------------------------------------------------- +Mon Jan 07 13:35:22 CET 2002 - arvin@suse.de + +- added atm support +- modified peers files for new network configuration + +------------------------------------------------------------------- +Mon Nov 05 14:28:15 CET 2001 - arvin@suse.de + +- set MTU and MRU to 1492 (to prevent problems for DSL) + +------------------------------------------------------------------- +Thu Sep 27 12:28:16 CEST 2001 - arvin@suse.de + +- added rc-pppoe peers file + +------------------------------------------------------------------- +Wed Sep 19 14:40:29 CEST 2001 - arvin@suse.de + +- added patch only-eth.dif: makes pppoe plugin only accect eth* + as device and thus prevents kernel from trying to load dozens + of modules (bug #10845) + +------------------------------------------------------------------- +Tue Aug 28 18:40:33 CEST 2001 - arvin@suse.de + +- strip plugins + +------------------------------------------------------------------- +Mon Aug 13 16:54:58 CEST 2001 - arvin@suse.de + +- updated pppoe patch to ppp-2.4.1-pppoe.patch4 + +------------------------------------------------------------------- +Thu Aug 09 17:37:16 CEST 2001 - arvin@suse.de + +- added Obsoletes ppp-soho +- added peers file pppoe + +------------------------------------------------------------------- +Tue Jul 17 11:08:03 CEST 2001 - arvin@suse.de + +- added directories to file list + +------------------------------------------------------------------- +Wed Jul 11 12:56:35 CEST 2001 - arvin@suse.de + +- removed obsolete generation of pap and chap secrets form + wvdial provider list + +------------------------------------------------------------------- +Sun Jun 24 18:23:01 CEST 2001 - arvin@suse.de + +- updated to version 2.4.1 +- added peers file "demand" (from package pppoed) + +------------------------------------------------------------------- +Thu May 10 01:19:25 CEST 2001 - mfabian@suse.de + +- bzip2 sources + +------------------------------------------------------------------- +Fri Apr 20 12:06:04 CEST 2001 - arvin@suse.de + +- added options lcp-max-configure 60 and lcp-restart 2 + +------------------------------------------------------------------- +Fri Mar 30 18:07:15 CEST 2001 - arvin@suse.de + +- added mppe patch +- search for plugins in /usr/lib/pppd/ (backport from + pppd 2.4.1) +- moved all plugins to /usr/lib/pppd/ + +------------------------------------------------------------------- +Wed Feb 28 12:24:57 CET 2001 - arvin@suse.de + +- moved all plugins to /usr/lib/pppd/plugins + +------------------------------------------------------------------- +Thu Feb 15 13:16:41 CET 2001 - arvin@suse.de + +- included pppoe patch from Michal Ostrowski + +------------------------------------------------------------------- +Thu Nov 9 12:32:57 CET 2000 - arvin@suse.de + +- updated to version 2.4.0 + +------------------------------------------------------------------- +Mon Sep 11 18:14:48 CEST 2000 - arvin@suse.de + +- Fixed plugin passwordfd for chap. + +------------------------------------------------------------------- +Mon Jul 31 19:15:58 CEST 2000 - arvin@suse.de + +- Added (commented) option "maxfail 3" to options. Partly fix + for bug #3637. + +------------------------------------------------------------------- +Thu Jul 13 15:45:31 CEST 2000 - arvin@suse.de + +- removed directory /var/state/pppd from spec file. It is not + needed and only got there by accident. + +------------------------------------------------------------------- +Mon Jul 10 23:03:41 CEST 2000 - bk@suse.de + +- fixed bug with replacedefaultroute and dial on demand(route was lost) +- fixed Open message of demand patch for ICMP(was displayed as UDP) + +------------------------------------------------------------------- +Tue Jul 4 21:52:37 CEST 2000 - arvin@suse.de + +- Support for dial on demand with sync ppp. +- On dial on demand log witch packed caused the connect. Example: + Open UDP 212.185.229.193:2048 -> 216.32.74.51:22926 +- Fixed plugin passwordfd for dial on demand. + +------------------------------------------------------------------- +Mon Jun 5 16:52:23 CEST 2000 - arvin@suse.de + +- fixed bug in plugin passwordfd + +------------------------------------------------------------------- +Fri Jun 2 17:41:25 CEST 2000 - arvin@suse.de + +- added plugin passwordfd to read password via a pipe +- replacedefaultroute option fixed for pppd demand + +------------------------------------------------------------------- +Fri Mar 3 00:52:11 CET 2000 - ro@suse.de + +- manpages .. + +------------------------------------------------------------------- +Thu Mar 2 17:37:38 CET 2000 - bk@suse.de + +- fixed patch path strip count for ppp-2.3.11.dif +- added comment about modem and local options to /etc/ppp/options + +------------------------------------------------------------------- +Wed Mar 1 17:45:35 CET 2000 - bk@suse.de + +- copied ppp-2.3.11.dif from ppp_ssl(fixes MANPATH) and filelist fixed. + +------------------------------------------------------------------- +Sat Feb 26 00:41:02 CET 2000 - bk@suse.de + +- removed priviledged property from (no)replacedefaultroute, this + way wvdial can set it in /etc/ppp/peers/wvdial with call wvdial. + +------------------------------------------------------------------- +Fri Feb 25 19:06:41 CET 2000 - bk@suse.de + +- disabled new replacedefaultroute option per default, can be controlled + thru the replacedefaultroute and noreplacedefaultroute options. + +------------------------------------------------------------------- +Fri Feb 25 00:28:01 CET 2000 - bk@suse.de + +- wrote patch which replaces the old defaut route on successfully + completed IPCP negotiation unless the included noreplacedefaultroute + option is given. Documented in the man page and /etc/ppp/options. + On connection shutdown, the old default route is restored automatically. + Nice feature for many people with laptops which have a default + route set trough their ethernet and want go online with their + modem if not connected to the ethernet. Should reduce support + load in this area dramatically. + +------------------------------------------------------------------- +Sun Feb 20 06:59:25 CET 2000 - bk@suse.de + +- only change tty perms really needed, will avoid the loosing tty + perms bug (bug #1831 and 1361) +- disabled noipdefault in the default options file for static IP addresses + and dial-in. wvdial still passes it to pppd if Force Address is not + set in wvdial.conf, so no problem. (Fix for bug #1751) + +------------------------------------------------------------------- +Fri Feb 11 17:40:52 CET 2000 - bk@suse.de + +- generate pap and chap secrets with callbycall.secrets +- Makefile.Linux merged into the spec file and dropped from diff + +------------------------------------------------------------------- +Sun Jan 16 23:27:12 CET 2000 - bk@suse.de + +- update to ppp-2.3.11 + +------------------------------------------------------------------- +Fri Oct 29 15:32:13 CEST 1999 - bk@suse.de + +- added logins for german call-by-call providers to the secrets +- removed suse dialin scripts + +------------------------------------------------------------------- +Mon Oct 25 01:38:11 CEST 1999 - olh@suse.de + +- add some sample scripts, minor sample changes + +------------------------------------------------------------------- +Sun Oct 24 22:21:07 CEST 1999 - bk@suse.de + +- fix for empty files in /usr/doc/packages/ppp (olh: thanks for the report!!) + +------------------------------------------------------------------- +Sun Oct 10 23:21:44 CEST 1999 - bk@suse.de + +- update to ppp-2.3.10 +- split up diff +- removed not installed ppplogin which also didn't appear in the + file list lately +- removed proxyarp from the default options file +- force pppd use the glibc's logwtmp instead of implementing its own + (patch for ppp-2.3.9, but is preferred for 2.3.10 also) +- added the samples to /usr/doc/packages/ppp + +------------------------------------------------------------------- +Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de + +- ran old prepare_spec on spec file to switch to new prepare_spec. + +------------------------------------------------------------------- +Mon Aug 30 12:51:21 MEST 1999 - kukuk@suse.de + +- add pppdump.8 + +------------------------------------------------------------------- +Thu Aug 19 05:16:46 CEST 1999 - bk@suse.de + +- added documentation + +------------------------------------------------------------------- +Thu Jul 29 15:15:40 MEST 1999 - bs@suse.de + +- set /etc/ppp to 750, root.dialout +- use noauth in /etc/ppp/options + +------------------------------------------------------------------- +Sat Jul 17 06:39:04 MEST 1999 - bk@suse.de + +- /etc/ppp/option fixed wins-addr, corrected to ms-wins + +------------------------------------------------------------------- +Mon Jun 14 18:27:26 MEST 1999 - kukuk@suse.de + +- Enable PAM support, add ppp.pamd + +------------------------------------------------------------------- +Sat May 22 09:35:33 MEST 1999 - bk@suse.de + +- update to ppp-2.3.8 using diff from jurix +- added ppp-2.3.8-patch1 +- marked /etc/ppp/options as noreplace + +------------------------------------------------------------------- +Mon Dec 14 15:53:13 MET 1998 - tmg@suse.de + +- changed default config + +------------------------------------------------------------------- +Wed Dec 9 23:32:12 MET 1998 - bs@suse.de + +- marked config files as noreplace + +------------------------------------------------------------------- +Tue Nov 24 15:14:04 MET 1998 - ro@suse.de + +- don't pack if_ppp.h (delivered by glibc) + +------------------------------------------------------------------- +Tue Oct 6 17:06:21 MEST 1998 - ro@suse.de + +- update to ppp-2.3.5 using diff from jurix +- re-activate ppp_available in sys-linux.c + +------------------------------------------------------------------- +Mon Nov 3 17:57:14 MET 1997 - ro@suse.de + +- install include files in usr/include/net before compilation + +---------------------------------------------------------------------------- +Wed Apr 30 15:57:14 CEST 1997 - florian@suse.de + +- create eror output file with perm 0600 +- pppd is only executable for group "dialout" + +---------------------------------------------------------------------------- +Sat Nov 2 17:35:11 CET 1996 - florian@suse.de + +- add bug-fix +- add ipx support diff --git a/ppp.keyring b/ppp.keyring new file mode 100644 index 0000000..c8ca1e9 --- /dev/null +++ b/ppp.keyring @@ -0,0 +1,157 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: SKS 1.1.6 +Comment: Hostname: sks.pod02.fleetstreetops.com + +mQINBE6U9CMBEADlOHAMjZEsRW0/0kNcckRWRbW5J29rhPM7N0cgSC2NcJEcPYDT/yoNsv8g +bzhGCACSvYDMscTdifon7o9JZyOxoUcn+AaFMyNCuZRcvmZNsHcKfB82dkmSniM+nCwC6Oqv +4av5XyeRz9k5o06Gno6k8nio0zX5ZIdHjtHTxB8mvur7tNkkUiDvl++VXk8txsJNKLNti3Eq +RTaHHG9Uu+bx4j1HuDyqh5+RAWoVClAc9OaiaPxQw44p1meWPLcR/E4ClEUvzN/L03AKFj2K +d85HuYc5zoqP4GsfnDwvqMKZZvNP7Ohq9hw3rtweoFrU476umQ+XYyBhEtY7ktP6jVbipZpS +4UoF49/ZZHx/pA+8VzMUWf5OwgGUxHYHWdeR7ffgsWKBM2+EZlfmAEzLWMC5FEvpvQkdAgy+ +QsZWE+Hvom4IueBxEiimcL2DjIfIx0HcVsMObM82/w35p3ymYHM+WuKuqq8eXNgx6uAMnGYP +vVXrp/1DxCMog+aaZslPhgKelF31Oh4S7IIeG/YRRsQaxiFl2M01+uhpNOGoLhW08H6Y3irw +Jz5x8WACDaA9adZN6qJB1LI1QnxUxan4ZUqPoCuUuwn8uqBet7OU8Z8u3VEMs9EMW477wjkR +qZedIopUJRgQnnlUYTPPY235gn/UNSy6X27o33vWngt3A5JLLQARAQABtCFQYXVsIE1hY2tl +cnJhcyA8cGF1bHVzQHNhbWJhLm9yZz6JARwEEAECAAYFAlJnvJYACgkQeb4+QwBBGIYwYQf/ +S57+Z6KAE05MEstwQbRx7GsoJpGYj3I8vOiU7NmUgbU/CEi3Tmu/N4AJ+5r+cmeebFgFoL2Y +3AFCtrDVOn9+DqHM0PzdpFU4H/c+3+LJF5MafmdV0hXCOU15dJvTOvPcs7dy2wQNc3oV6TMs +F6LkBbr2e0UMRNSTpfQ/ypG5eoc4WjWO+syAaHWceKvHSaLv/bRbdFxoj7Ctwb5ImntTo/tA +GGbcbICVA1qAfliq8YqflByARdV9vHhLODlCHTLa5NVZMvldkjyxdYYrvS0cfe620vtBzegs +0BbLj6nUG6I9tN/tfOvog3cjfLKBdhAyNk3q+eF5TDOm1fj4P7touokCHAQQAQIABgUCUmkn +xQAKCRCevxLzctn7jN40D/9WMKOUAZlTd6leCjOYc17uRvyqf0BmF3I3vLfHy1FLqec1y5pf +NB/qjzKiSNwricvHtq1W+6lNP00Q3zDLPRA8XdEoEEKU7nnHqXN72Nu4fUM8jH48Zzk5aWU8 +dLuOQmiT8HglaPSCqziU3wkWz5Wvn77OOccw3v3iHgMgJE7k6YQ74JQURSWX7qJOlJ23vxay +H7rh9Yj71CShZaW6WYm/+H8RqDdCpB8NU7W9zSdxE14+BpTrpu7iubN9Ouh0EYutqRom4DcO +PzwNPEGqkIIDY7aXMdkVeXHHt7bt9hTMwd2+45bNLC0TpyIwenF16cEU/NleFeqBRe4IbAod +/tVFWYRdG0h4MvZWLj503vV7QG0O/+LTJbXNk+y7JHDez9xLKUUUydLx5cIeKnVFQHwyH15y +DpXhysi3xx4AbL4m+72zoCoKbDD9fw5wNTGwbvTIZrFPKtIffY2BMjc/kLv+8P6aLaS0BUad +0nb9p6Na+3Ui4zJHiPIhAu0k/7nd6GRyR0wyv0FF0L8Em8cYRLu29u/oBv8hkEOUOPmRX8dJ ++IAFIpVQvT/8OCWQe2TzQlWPpd6yNsGGVoARQq9g5koAg9zjKegXYXB5bZ30N+aE78vPVOp5 +NbH2/ZYNfOywzToVbUW47UC9Qw1Vt10a56nvFsVBdOUKMTpc5DYE3tuT/YkCIAQQAQIACgUC +TpT0tgMFAXgACgkQnkKV1gX2bOkn1A/8Cr6FdKkwBhQLI2TeNlU78uV3pChLBu9id8bCAIZX +mlrXjYPwY+qOva1CEAQ7+2pbnLqVoFvnjzqh9kwh5hloF+Y9OyZg6cPRbES6DIvKdb04K+Zy +FHAUlwgxWH1UKNugi9Ts6RWYxBKkhD1as30RqsGw87ChA8l5gVd4JkO9yyRn9QujzpUhniAU +TvocYKQgBHXba/aBVppDo7XcEnQwtrpSI9+QwIyiwKsiE4zt4wdyE82g1cX3Jgtfvg8e8mij +KNoDMCXzsFutd7rcON42+2IjeA6RnqRlbkP1Trnf5UGuncVL06XTADiArxkeP7jvwi+x9fX1 +8slRlZGHs8rEx6GCgy8MGYPAj+iljGNKI7ncjcyUjXVy7J9g4SDlHb4dUvihreWo96N7aKcu +RxdoXei15xHdI8XWOfLrD87ZkirNzSWjNkZJBStncDf5N3v05glaEF1iGtBuL8dmOSZZAXA7 +frsARfBdiUnjsCK+hhCx5kVp1MZOxAyJ7OdspE4bnpGFBXBKD4NJBUXnzzCKQPQdIXHPpZhM +mXTcxCqu88YYnQcsOj8cLNtd1NsBocE2ldtZCmJFUoKRkLXOWGDQAN2AsOmbB71h0IMgG6IZ +zuy8ac+cZnXB1uHzclJS53p+C7v9Ndqayhjh8C2twCOeLYe53+0g/f2ImB+QfSfMeC2JAiAE +EwEIAAoFAk/armUDBQE8AAoJEFrSQhHAYNHId/oP/jhCwPWzOlrIx2hHkHbqg1gOFnuIF+pE +zIPUvwKKk0yRJqU5dKGj+KZQMsnsfvEbltdcdqhLXIXXYkyWneHEm1kqdkB3/rifTIopZo1z +eQa4VHHCc2TzO9chAcyMAHlSXf/1nWgHgiP3RuvqdIb4tfdeS0niyVyc1kOhiNCRsKEGsKOG +PnTTzDxnDRYkgQgTXPjbggD/ymHs2rfVF8xjCgLMNlVTrurLSBr7SpwOGJx8xfnnoRH+8mpA +2MrZNdJboSz/kF1GpQXc7sXz/4kjyFFR7c8ckQnneWKoVpRo/Cbs12li1ZSfZbyZr8RVNtPb +k7atyiQExl5nqRjmz+RvA8/zL7LwlL5YPlRRPbU2KGdYzFiZzG+BG+2FPLso1Ohob+ONwLHk +tRmnv72Hj3yUK70VJKLVUckeYIwd7Il7ua1cgr21RkyFKJxWuiGxpKtusuJAkPFaj4ByLnGC +94t3yGx9s43wbUv3FxXU45sqC1MgQLzOaKlEFWQW2ZPneca7W4dmqGQR/ejmiGcBSh8YJKxK +TJ3X9xHQrgo71XBU57C0kk+Yutv+3QDHOiOZl45CJgaPiTvTYatHk8TQy3KVgMn5xmPK+2+O +/+Cfc81hBvQnBNRyzsSRNCb04CDDS8e/hNehGz3zEHPwp8NxHWKHQjy4WulNprNXsdr6ckCa +oMpBiQI4BBMBAgAiAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWgKLYgAKCRAEDx1J +7J27jATxD/93PpJ7yDVxpBYH+zTnU4ffFdDPSZLNJY4JaoFaz2tBiKvp548Qf3tZHd9v39x+ +gY15iRph7+2P5sx5w+ov4akztkD209adkzcmlv9fRPjOcJfwRX8JLF7vGrIiWxqvfd7C7N0g +vGPizpb9o2LoF5L4g2XEJWXDw9/t1w/o0IfCXIuqg4eHJMC/dZKh37LpVpa70TqmeB6uSeG3 +pHJ3tNVo+/pn/ZfqBUaL2cvhf0hfWM+1SXLmkXaF15TESLc+HD0/KGvaohcldY3zz6/wKPsF +z2lj6fQ72i5vh3u+YP6Lm50u3W4MpfyNOhwI5TUQM96MWUSLhOW5PUhEBC3wcXpa6ZhzX42+ +IVRbouPy9ZLbmKirQoqjgQ+Ax7YmajAzNA+O1wRNPN89vyrRU/dLs11eekc/C6ipMMvpOWFA +/V4FDSnKA9Z6QImkeWCRSw5jQjZDoKonTEV4E0acya7PSrE+opz+vqOwAJAnrpZfdRf1mOoh +5QBphNqDBGujxtXswGfy9F9EfSRcaHBw80qpP6lEMOF0HtgI9i0OE6uoYtdCRPLkhq6lJDaO +L8dhOEevsr8sRzH79T5A0fNbfm8p7TEzR++azPgalqeLnD+ttk3gD5Xzxvfkqzw14+90zbPK +kKYEoiUvGNrXIp439jkQ66OxrWeoVIqGjVS93LE7XzmiTYkCPgQTAQIAKAUCTpT0IwIbAwUJ +BaOagAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQBA8dSeydu4yFOhAAkP7PBxDyF+27 +FDR933leTtMF9cYwBstr+bgcGJxG3qBRjxBeqts76ibxBQoRYlVR4rdBG0L93ELZSOGyvDHF +7UM01K5dbp4wZpOKg4CALiUiv3SZVwCGfX65lSesKgtuREBj5FyhyAdcSdqDp0hh8hplU/OK +txetExmrWSdkBIZ2y/grpgEYBEoKw1RZEuksTolRXiHuQxzpO+JZp/+wU+qF11hYJ+P+fBS/ +KYXPGQKaXPXuwimZJAaeh6vifWVfRG4QGE2W/UZipnWaWXOvIkNcT70+hbB6K8VG/mUCZXNx +Ir+2/qamrpSrt1zPNQzlMCPMlarVjgzPsw0McZXShis+SBGi/SyqDaYatimntJKyi7MRoySy +nvYW7DC0MjwlM/3Sn9IETWaYPLdUqTjgz6QvD+pSnYi8U3XXbjqKuDwQAutVBQHfZZf48e4T +BtetWDkqBjjKP/9Ul3q07jY/ApsPEH6AM/w6iayQYA/UIdJISEwIUtFysiBY4tghZePGZkJ+ +WqEwMlt6X95Trc70DaSxWQ2Kq/AyWyJalvqY/SdjDGRZgotjNhFxOA1TC4kh7YAQXY/nPI69 +wqvVMorWw9dZ3snoqj9QRJTXKWoXVIdp3ZX2Jmo1SfZK1FUOreO1Q0YYIFp5Z7g18zo8iRuo +++95jcfWn0vwKWtX9n/LsZu0IlBhdWwgTWFja2VycmFzIDxwYXVsdXNAb3psYWJzLm9yZz6J +AiAEEAECAAoFAloCjeoDBQJ4AAoJEJ5CldYF9mzp2AEP/RCyin/5ku57CgScj6hOGiwITPQa +vyESGBQojk+BtbgLe3COMM9H2lX4qiAzV5o7QiQX6t1IM8WaiErUV7gLB5bbmQUPswac71wM +v0t2VsMCzLTxvS24/LTv3eAcIFOmjgvcYnRiZG4+0L3bxikFxpY+rL6/sDxSuR97jI6uOkii +Ydpql0ZvF2fZ3Y8B+6HtVmdmihXtgKHDQetbE/G0RDYfS98kDj+un2vWUmvrsM4JlNnV94CJ +LeXEmUTRiTaLMR0AsBDsdZWI0KCBVgaAxdZWtScTrmfe6sSFDZDhhaVVBA3foCaI/WTmAJFP +4Ez3aavQ6gZZUg1Q1KtxJFPU/jNNo+94LFEIiYyUG445Q/Ym2JI3OLn3OIjCDYt/rEIZnfaW +2S0Oj6DxkHlPRAfvakq/90nGpHm19GXq2jl7ZXILk+IgsS/E0M/BO4BkTG7l8Fe3R0R7g2Nn +ksTYRNmbm0DJuKDEjmvMLnTaVI+FoHWHFM7h+XQct/UjYuQQRS55tqk1ykuoeEfSUnBsoZg+ +txJk9KU694gq6ij/qhDWySrLn6TcgM58iK7/bGjrNOYnR5dMT57nCvk1AA+RmQtAILPEB6s8 +ma0Jjdn5B+Qzkl9lSsJxIRSF0B0vi6ZMP4rP2LNz3jvo71bYj1+fD4+tjmUk0AbgogFGDLvo +xed2WLbZiQIzBBMBCAAdFiEE1Byj7VswJ1z1oBsFWtJCEcBg0cgFAlq7FWcACgkQWtJCEcBg +0chISA/9HX9kkW3VXZbGBT4KSYojbFOBN7JiAyd9ENCVd7346cOxBuxe0bvQkaYFdJ9++koi +YaeNwxSdgUQoZCLX1V69FbEfIxUyyRkIufVkyPI0CFknIs7K4t5IMEpQ3+y88VymNYqAYUM8 +sa3KKx1MAhK6TVWMOiJa7ePVU4y5CByAnyswqvAxjYd22Dlq8tYU2a01lvRFrGTa8w2IDVVj +y5thBrQfQV39UQLNcJ1NDHeX9CovK55Uj6Pq0E71eK03zqxxHsKOFV+bXlBwT/l5SB6WXW46 +n33SpZLvFyIfXJgesNpDRSdJ9gnwq5F+dttX97cJNjqMSiKvbDQc8/HPaENddsg8IDAXfv3P +/iIc146NKZ4M3E1LcFjN8lmL2YT2O65SYaTJcZ3YnAHZ4RVOoUCgnhZlv0w25ovWWOsvxOO9 +aBmdjGf/AToh6pC7NSp2Z9Ko1b0Tmkc7qhDz8hiXBZmtu72bME4jbHgSpMGAJr+lAPTA/slu +j/K1mAXqvQ5a536e1lYS/PF4ZvVoNLc+1z6woKaYa6lr0ahSsF9vK0Z6bZ7G/0kLyiOfO+nS +hvnpTjqORNT7INHfkxNQcpFzr2A/fFrnQB0ZP4dY27N7r//SRe6+tJwdUZL98MEAg01TPgzs +eAM/mIygFifS64F/nGy7vk7s+7Tm0ECaoRSYjiM25N+JAjgEEwECACIFAloCjcgCGwMGCwkI +BwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEAQPHUnsnbuMR94P/iYl4dB63Rlqv9dxUpEyTQ8e +P2J+crYTrYjS2WhPIkUW5R5Ua4CUiUYqUAf5M30hsvuV6/BoHxATQttzFtxm7QfWxijwJ84V +SpINvmtOLmgSYj77Ab+tJHXQTLoh7235Se8sZg357oCTCz/tQPVp2jIGS1OTD1antY3/PhAY +nHvGK5cV0R8Tj1FyGeHavX3Z7AclmffCSf5Grni/6YMJA6+keGApZSSQriJtpeUtVkgYuFoT +bHkwIPZSGv88jrfPYzVTqrYtmXAWVCFSq8guSt3x+aE9NOf9u8c+PB6S5MstpTJsJlCa7x+y +UCFcZ4pJekphCxf7JYwsVtAbqjkPKVVfvLWNwsBRSc5uP/z84ux4iC44VMEowrZSybbyOKWp +xc3ofCfTc8nnEC67yfZCFCNvTuJCIaXa4L7+MvkCZ1WwoARePgQprtvk3cK4kcMQpXrRQW03 ++F1TkgSa4tJ/hn+st46aUGAoWUGFPcES71ISAy2Thcx5UcZkem47OAAE+BVVcpiljZH+0dnt +geCHn9FBI17rUE2yg6dmCyJ5AEQ7RaCeLmdBu+XTFLFx7a+RYm3B77uAU2N8AeGT0Y/NUlzC +Bfxy+bUb/I6LdkrXK2H5CD/mevY+tPagXkYedyjhM2VFpef0/QZjkTWTLwVaz/u385HQ8Kg8 +evUNGnCZlfFXuQENBFoCjTMBCADooRUk5FTc5nL7Kc4g+qzJTlkogU7Mg74xk/vwAkPhjOHu +LNAUrcTwNPTwLND9nzfmWWctI+9deYbdue/16HjMN4+81DwfyObBJxrFzTfEpRvA0QmF2Sp/ +m8LCmf+lIrAn8p8abAe9g6gPP3TzL8Ic6kEzr+R0aWUaTyIJcaNoARjdaXTCPswDH/dJump6 +6xDT9EQD4n0aygZmHjnqIbbazpILLDWPEYY1wh4wmwpOCfG4cAY5F6ZeM4yMDzuuw+iSBDXG +ATSbE+apdP1B4TcUTilNSzIN/xJzfc0hdbsxPkdaearDbZHs9bJIy2qYgsjEJkARcoguTUu2 +w1BCzXp7ABEBAAGJAz4EGAECAAkFAloCjTMCGwIBKQkQBA8dSeydu4zAXSAEGQECAAYFAloC +jTMACgkQnZrqdyxjcZ93IQf/cIGz0nxb7KwlEmRbFkURxfZk8wlAIWFC2l9aSd2f7kkAkKQx +tqjbwGVlOMAJCH1JTK+DMrVXxvlybpZ+DqwcNucSg9Dpbva/5Mp/6APfeh8+cV3iCi//GmvV +saYkBiQ7nFN94bXFlsB2x/l21MzSwgz6g+evmfnV/62oz0eH+MqLslZflszN+GNnUvNTWykJ +a4SqLMlD3+evEvo0OlTgHBneV7tVoNRLCVOl447kV7vZaEO3ac/WNkMSB6ATYo7ncLgQjlPt +Uxobm22OArEugeZcF6PD+VpMjmeicOsdWYDRGYdTMK5bMvlBSIyLYQnhSWLMxdiL/EnL8zhF +JjRB6zr9D/92agQjOOI299UP8TYyOwVumBJWTS+21vLGCIsBzoWl0+F6aIxJkFKdsErh1uxh +w1c/+6rpiFekQQw/H9sq2Y791Vou0l9IrWjGg9B84vqcvRvf7H+dYIZZ0MNHv3exfY9B2WNS +atmXAYE6Nmzl2d1wTURLm0zaBZwrB0M0V2zAIRG5VX4KikKJDyUxhlvxyuct6b4uKE8LK5MM +Q7qQFmaIOntOId3wK3rUBfvtuX5k758XrXT9tU/kim7bO6EJ7213xbBnxouEzMBsJMcxYnyD +wKNcEX6e//1e6eriB2/q/7V8Yk5x8f1I4kqNDFj7e7snBpfD+rjJGYTWXpfl+sEojepNPseA +Usg26lK1qI345/mNR+mDjE01YWIGfk996C1c2jMdwTjkQLxUMpdt8z6iYNX6uG/PLOSSAiKO +uX2t92VBOpWWfb15mJvv4s5tE7d32ApsE0kYv2cPWp1P3ud4myRfL7ILRVK2geBM53uJuD8K +S18vkmCh5KKInE5cex+azOEv5z+s6mskG3X/72LqMq1e9Z9p9I2szaP+sposYZOyhZbww2IT +1C2N/XqW4fFlqysMY3LhU8IKugk98cwvpkDd+JAXR7CnXANsbvU48yT6ulqCb5MvSnB6C+KF +k4nia8GhRgZk4hSdA0weG83A8lNUl18N8rB8bFNKxYOwl7kCDQROlPQjARAA1TGT4F0VqvmU +7tKxxhSmaIQPhr8dF/SmM36duFUUHFispChuujLVb/JcCDvnuLPi/vDcH9S1oZ6ZNs5pWP6a +ATJlyQv1LuNlzw7RDn4krWCruC9lf3rUZfSHmI98mnwKz2lU4HuVqh4cacq+Dl2bTbHOvbyE +rzkdISPsWhXZcHzrHxOafkaiJhAMh+3RnFi5pzKq7YP6SXud4z+iF98pAGc7fbpyMpM0U0q2 +Js5BugYfo2BaXo5x3EOld3fgNkZfxxSQ+qr6USRr0X2MerI+TT+QbbmYEqI9fY9xx5ofAM4P +vIKxhIUNgEFDXL3y1KFw9IaX2FiDMfyjYf7JN6bxtTYeALK1wGirCgEl2Vslx/8EBEs5ZvWm +szg3+/SrE076Pj/kGHza/NTy25/zrkC4izqr+k/ieL/23mj/zf2nusk/cDBvRxmjteon+IDZ +RNT/7ZDdUI/JEx8vfSOPrVxlQGi+hGVMJcAyDMMOle7BZHjDkooZ0uZi88X0Bhr0fOXhhLCM +p/I2e5FV5eEWebO4Oyrom2OxPTdm+ZKz2iWdtZqM8XtVAz/bizuMdPnAGjEK8k5XkbXgJ6n3 +K7vg7MuTN5bMy8cq1boRZ29/v8jv1LdoMkeIrOrBx7aGTOaWq31dmMguGV+Nn0pQ86UZxJgE +cpt4Z8ucJ1yIU1tbfK7u280AEQEAAYkCHwQYAQIACQIbDAUCWgKLqQAKCRAEDx1J7J27jCN+ +EACO1ypZQ+JIajDyXAKAQ4aawJNV50ywJGSrNa6CdP8iDnA4LhUGEdg8QLBdhu5XaB//hLtz +AVarEbtiSGHflUu352kANtUjj39AWK2088K6gRmwRpn3lABD6oBrx09jRZ/jG+KqswRWOjht +m2O+dIzBW2ihDBajvHIXL1Nv7qGw5dlg9vP+l95PE7cYZUP8c50cnLZY2Y31nOkModj/diWK +lMc1pge93TJEsSsfNctngqQP1L9IM1slqBzZZgtRSFaXkRU45lBPzEE9AN8St2PV1Dp7a7Zv +VXu7JgCbSKvV3j2Gf7xLSj5m+spCG3B2glrybRIHP97psMMzHS4QmblLynNa0Hszx8eTStDP +Jd6IhSGvFebwWHCHF3jj/nCXj2ePqcAMPJexz321+H/h0fKSJGdpa1bURIR+wkvjDllW7ehD +xndxj7MuyDAbwSdb4bxqZw2hu/V6HxhBeIUGKz4LvrNyCSpdn2qF2i4pYRJuBCWfa3EMLhmz +xsvwP4blstQjbJMFqRqZIoww3zYxbbIlT5VqNuwyRKlucsdzYDoi+i6+1Uooh6cp1D68Ogyu +9dZ2hcb+mLUlcbLuWB8rtZRsYcB0fAzya90l/FPSaErv0qsnQedyTRwT63n2DjPJvCER/BYc +2a6VdgvUNvL3/OFOw1hrBtnF4yca7Z1x64+qV4kCJQQYAQIADwUCTpT0IwIbDAUJBaOagAAK +CRAEDx1J7J27jHMvD/9lR0h+Y6D5IyjVczbVqZP01nUekJ3Ii3UckW4Y/QalQLtv8q903dYb +HAKey3nzLQF1h2KfeGKoSOQeDzxbUDxxQPcB6y2AYpgy3rHQ+19CBzgsvlyWcuDhVuT3/olk +zm5/5w6lFShhU68s6tlMUxfP8bYYqGmyRBrDS5Jg44otOH7gisqbhAb5bpb48loaKwOYVAvw +l2VdcG3+JK/k8JBKStESB0njIyrW1qxJdftNdHS2Ts5aoSBa+ZOPiyIqAa4VW6uJ9xOSFGdW +B4rnGfB7h/VlsKvsLPtQy7D8lajN07RDYTel6vWK31/4ub/BUKjRdbfLaSi1FFBjo5DGWJoo +ZQDUARaxDGQixCcNuIYoF4Xu+8ZNbzRo7wBgmQTWeFxKPJYnmIL/ECgvvZNuDhMQq41nlE42 +FjAY6h7OYIKOEB6xyaTXdNMxR0Nnr/ce6l83OyGJDpujFJAJB+nAgd0pv+RrHqzbdlhq57y2 +mtD+451i1EhsrN8RXwmB7gdrJelEc65b87BL2idoqtLDGNX4lipps5saiJK954FdGzr+5BRd +ihsTKNHc074oaGFgYe/puE/nbQ31JKN8Pzo97fVYc2nYKnWUMCEYp4YgspwZd9Jm3a1Aw1WK +NkSoM6+BtqWOLSp7mBCCGGsV0OwXfdqlBGcv2KVfvNLcg18mY4sniQ== +=lvBd +-----END PGP PUBLIC KEY BLOCK----- + diff --git a/ppp.pamd b/ppp.pamd new file mode 100644 index 0000000..3613714 --- /dev/null +++ b/ppp.pamd @@ -0,0 +1,7 @@ +#%PAM-1.0 +auth required pam_nologin.so +auth include common-auth +account include common-account +password include common-password +session optional pam_keyinit.so revoke +session include common-session diff --git a/ppp.spec b/ppp.spec new file mode 100644 index 0000000..248b20e --- /dev/null +++ b/ppp.spec @@ -0,0 +1,200 @@ +# +# spec file for package ppp +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define _group dialout +Name: ppp +Version: 2.5.2 +Release: 0 +Summary: The Point to Point Protocol for Linux +License: BSD-3-Clause AND LGPL-2.1-or-later AND GPL-2.0-or-later +Group: Productivity/Networking/PPP +URL: https://ppp.samba.org +Source0: https://download.samba.org/pub/ppp/ppp-%{version}.tar.gz +Source1: https://download.samba.org/pub/ppp/ppp-%{version}.tar.gz.asc +# templates for secrets +Source2: pap-secrets.template +Source3: chap-secrets.template +# config for pam +Source4: ppp.pamd +# options and filters files +Source5: options +Source6: filters +# several peers file +Source7: modem-peers +Source8: pppoe-peers +Source9: pppoe-rp-peers +Source11: ppp-peers +Source12: pptp-peers +# modem files +Source14: modem.chat +Source15: modem@.service +Source16: modem.rules +# https://www.kernel.org/doc/wot/paulus.html +Source17: %{name}.keyring +# PATCH-FEATURE-OPENSUSE ppp-smpppd.patch -- Add more log output for smpppd (move from debug to info log) +Patch0: ppp-smpppd.patch +# PATCH-FIX-UPSTREAM ppp-var_run_resolv_conf.patch -- Move resolv.conf to /var/run +Patch3: ppp-var_run_resolv_conf.patch +# PATCH-FIX-UPSTREAM ppp-fork-fix.patch -- fix safe_fork to not close needed file descriptors +Patch5: ppp-fork-fix.patch +# misc tiny stuff +Patch6: ppp-misc.patch + +# Of cause any other compatible libc would work, like musl, but 2.24 required for SOL_NETLINK +BuildRequires: glibc-devel >= 2.24 +BuildRequires: libpcap-devel +BuildRequires: openssl-devel +BuildRequires: pam-devel +BuildRequires: pkgconfig(libsystemd) +Requires: group(%{_group}) +Requires(pre): group(%{_group}) + +%description +The ppp package contains the PPP (Point-to-Point Protocol) daemon, +pppd, additional PPP utilities, documentation, and sample files. PPP +provides a method for transmitting IP and IPX datagrams over serial +point-to-point links, for example over a modem. The PPP daemon handles +the details of setting up a PPP link including configuring the network +interface and performing the PPP negotiations. + +%package devel +Summary: Header Files Required for Developing Plugins for pppd +Group: Development/Libraries/C and C++ +Requires: ppp = %{version} + +%description devel +The package ppp-devel contains C header files required for developing +plugins for the pppd. + +%package modem +Summary: Automatic redial for any USB modem supported by the kernel +Group: System/Kernel +Requires: ppp +Requires: udev +Requires: group(dialout) +BuildArch: noarch + +%description modem +This package contains peer, chat script, systemd unit and udev rule for +automatic redial when connecting any USB modem supported by the kernel. +For disable automatic redial (by default enabled for all), run +sudo systemctl mask modem@0.service +For enable again automatic redial, run +sudo systemctl unmask modem@0.service +"0" after "@" is the serial number of the modem, if you have more than one, +you can disable unnecessary or disable everything. + +%prep +%autosetup -p0 + +find scripts -type f | xargs chmod a-x +find -type f -name '*.orig' | xargs rm -f + +%build +%configure \ + --with-runtime-dir=%_rundir/ppp/ \ + --enable-cbcp \ + --with-pam \ + --enable-multilink \ + --enable-systemd +%make_build + +#CHAPMS=y CBCP=y HAS_SHADOW=y USE_PAM=y FILTER=y HAVE_INET6=y HAVE_LOGWTMP=y + +%install +make install DESTDIR=%{buildroot} +for f in %{buildroot}%{_sysconfdir}/ppp/*.example; do + mv $f ${f%.example} +done +install -dm 750 %{buildroot}%{_sysconfdir}/ppp +install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/ppp/options +install -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/ppp/filters +install -m 600 %{SOURCE2} %{buildroot}%{_sysconfdir}/ppp/pap-secrets +install -m 600 %{SOURCE3} %{buildroot}%{_sysconfdir}/ppp/chap-secrets +install -d 755 %{buildroot}%{_sysconfdir}/ppp/peers +install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/ppp/peers/modem +install -m 644 %{SOURCE8} %{buildroot}%{_sysconfdir}/ppp/peers/pppoe +install -m 644 %{SOURCE9} %{buildroot}%{_sysconfdir}/ppp/peers/pppoe-rp +install -m 644 %{SOURCE11} %{buildroot}%{_sysconfdir}/ppp/peers/ppp +install -m 644 %{SOURCE12} %{buildroot}%{_sysconfdir}/ppp/peers/pptp +%if 0%{?suse_version} > 1500 +install -d 755 %{buildroot}%{_pam_vendordir} +install -m 644 %{SOURCE4} %{buildroot}%{_pam_vendordir}/ppp +%else +install -d 755 %{buildroot}%{_sysconfdir}/pam.d +install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/ppp +%endif +install -Dm 644 %{SOURCE14} %{buildroot}%{_sysconfdir}/ppp/chatscripts/modem.chat +install -Dm 644 %{SOURCE15} %{buildroot}%{_unitdir}/modem@.service +install -Dm 644 %{SOURCE16} %{buildroot}%{_udevrulesdir}/90-modem.rules + +%if 0%{?suse_version} > 1500 +%pre +# Prepare for migration to /usr/etc; save any old .rpmsave +for i in pam.d/ppp ; do + test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i}.rpmsave.old ||: +done + +%posttrans +# Migration to /usr/etc, restore just created .rpmsave +for i in pam.d/ppp ; do + test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i} ||: +done +%endif + +%files +%attr(0750,root,root) %dir %{_sysconfdir}/ppp +%dir %{_sysconfdir}/ppp/peers +%config(noreplace) %{_sysconfdir}/ppp/options +%config(noreplace) %{_sysconfdir}/ppp/filters +%config(noreplace) %{_sysconfdir}/ppp/pap-secrets +%config(noreplace) %{_sysconfdir}/ppp/chap-secrets +%config(noreplace) %{_sysconfdir}/ppp/eaptls-* +%config(noreplace) %{_sysconfdir}/ppp/openssl.cnf +%config(noreplace) %{_sysconfdir}/ppp/peers/p* +%if 0%{?suse_version} > 1500 +%{_pam_vendordir}/ppp +%else +%config(noreplace) %{_sysconfdir}/pam.d/ppp +%endif +%doc FAQ README* SETUP scripts PLUGINS +%{_mandir}/man?/*.?%{ext_man} +%attr(-,root,%{_group}) %{_sbindir}/pppd +%{_sbindir}/chat +%{_sbindir}/pppdump +%{_sbindir}/pppstats +%{_sbindir}/pppoe-discovery +%dir %{_libdir}/pppd +%dir %{_libdir}/pppd/%{version} +%attr(0755,root,root) %{_libdir}/pppd/%{version}/*.so + +%files devel +%{_includedir}/pppd +%_libdir/pkgconfig/* +%{_libdir}/pppd/%{version}/*.la + +%files modem +%dir %{_sysconfdir}/ppp/peers +%config(noreplace) %{_sysconfdir}/ppp/peers/modem +%dir %{_sysconfdir}/ppp/chatscripts +%config(noreplace) %{_sysconfdir}/ppp/chatscripts/modem.chat +%{_unitdir}/modem@.service +%dir %{_udevrulesdir} +%{_udevrulesdir}/90-modem.rules + +%changelog diff --git a/pppoatm-peers b/pppoatm-peers new file mode 100644 index 0000000..e3e72ff --- /dev/null +++ b/pppoatm-peers @@ -0,0 +1,11 @@ +# +# PPP over ATM options +# +plugin pppoatm.so +# +# Plugin passwordfd enables us to pipe the password to pppd, thus we +# don't have to put it into pap-secrets and chap-secrets. +# +plugin passwordfd.so +# +noauth diff --git a/pppoe-peers b/pppoe-peers new file mode 100644 index 0000000..ed7d822 --- /dev/null +++ b/pppoe-peers @@ -0,0 +1,19 @@ +# +# PPP over Ethernet options (using pppoe plugin) +# +plugin pppoe.so +# +# Plugin passwordfd enables us to pipe the password to pppd, thus we +# don't have to put it into pap-secrets and chap-secrets. +# +plugin passwordfd.so +# +noauth +# pppoe has a lower mtu/mru +mtu 1492 +mru 1492 +# switch off all compressions (this is a must) +nopcomp +# this is recommended +novjccomp +noccp diff --git a/pppoe-rp-peers b/pppoe-rp-peers new file mode 100644 index 0000000..743763d --- /dev/null +++ b/pppoe-rp-peers @@ -0,0 +1,17 @@ +# +# PPP over Ethernet options (using roaring pinguin external program) +# +# Plugin passwordfd enables us to pipe the password to pppd, thus we +# don't have to put it into pap-secrets and chap-secrets. +# +plugin passwordfd.so +# +noauth +# pppoe has a lower mtu/mru +mtu 1492 +mru 1492 +# switch off all compressions (this is a must) +nopcomp +# this is recommended +novjccomp +noccp diff --git a/pptp-peers b/pptp-peers new file mode 100644 index 0000000..e3181f8 --- /dev/null +++ b/pptp-peers @@ -0,0 +1,15 @@ +# +# PPTP options +# +# Plugin passwordfd enables us to pipe the password to pppd, thus we +# don't have to put it into pap-secrets and chap-secrets. +# +plugin passwordfd.so +# +noauth +linkname adsl +nocrtscts +local +# switch off all compressions (this is a must) +noaccomp +nopcomp