diff options
| author | mbm <mbm@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2004-08-24 23:50:14 +0000 |
|---|---|---|
| committer | mbm <mbm@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2004-08-24 23:50:14 +0000 |
| commit | 097635b79bc6ddd6066a8369db6e298a25daa96e (patch) | |
| tree | db8218863c9124ae287832ccd846ad4d96c2e05e /obsolete-buildroot/sources/openwrt | |
| parent | 54da0f9e4ba892d2613d4f0d0c4bf4eecdcfd0a4 (diff) | |
massive changes
- sstrip cleanup from mjn3
- various patches from nico and others: http://openwrt.org/forum/viewtopic.php?t=368
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@145 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'obsolete-buildroot/sources/openwrt')
51 files changed, 7383 insertions, 260 deletions
diff --git a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/conffiles new file mode 100644 index 000000000..08485167d --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/conffiles @@ -0,0 +1 @@ +/etc/chilli.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/control new file mode 100644 index 000000000..645ddbf51 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/control @@ -0,0 +1,9 @@ +Package: chillispot +Priority: optional +Section: net +Version: TBDL +Architecture: TBDL +Maintainer: Nico <nthill@free.fr> +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: a wireless access point controller +Depends: tun-module diff --git a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/root/etc/init.d/chilli b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/root/etc/init.d/chilli new file mode 100644 index 000000000..785784cb1 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/root/etc/init.d/chilli @@ -0,0 +1,17 @@ +#!/bin/sh + +case $1 in + start) + insmod tun >/dev/null 2>&1 + [ -d /var/run ] || mkdir -p /var/run + /usr/sbin/chilli + ;; + stop) + [ -f /var/run/chilli.pid ] && kill $(cat /var/run/chilli.pid) >/dev/null 2>&1 + ;; + *) + echo "usage: $0 (start|stop)" + exit 1 +esac + +exit $? diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/conffiles new file mode 100644 index 000000000..70be85a8a --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/conffiles @@ -0,0 +1 @@ +/etc/dhcp-fwd.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/control new file mode 100644 index 000000000..0de535306 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/control @@ -0,0 +1,8 @@ +Package: dhcp-fwd +Priority: optional +Section: net +Version: TBDL +Architecture: TBDL +Maintainer: Nico <nthill@free.fr> +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: a DHCP relay agent diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/dhcp-fwd.conf b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/dhcp-fwd.conf new file mode 100644 index 000000000..15514e388 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/dhcp-fwd.conf @@ -0,0 +1,114 @@ +## $Id$ + +## This file contains a sample configuration for the network shown +## below: +## +## -------------- ---------- ------------- +## | DHCP Server | | | | | +## | 192.168.8.66 |------<eth1>| dhcp-fwd |<eth2>------| Clients | +## | | | | | | +## -------------- ---------- ------------- +## +## By default, the dhcp-fwd agent looks at /etc/dhcp-fwd.conf +## for this file. By using the '-c' option when calling dhcp-fwd, this +## path can be changed. + + +######### ENVIRONMENT SETTINGS ######### +#### +### +## The server will drop its privileges and goes into a chroot-jail +## after doing its initialization. The following parameters are +## defining the needed parameters: + +## User and group names/ids. It can be a numeric id or a resolvable +## alphanumeric-name. +## +## WARNING: when compiled with dietlibc the user-/group-names must be +## resolvable by files-NSS. LDAP or NIS NSS will not work so +## the numeric ids must be used +user daemon +group daemon + +## chroot() path +chroot /var/run/dhcp-fwd + +## Logfile and loglevel. The logfile-location is relatively to the +## directory where dhcp-fwd was started and not to the chroot-directory. +## +## The loglevel option is not supported yet. +logfile /var/log/dhcp-fwd.log +loglevel 1 + +## SysV pidfile; contains the PID of the daemon-process and will be +## written with root-privileges +pidfile /var/run/dhcp-fwd.pid + + +## Set limit for resources. When using much interfaces or servers +## below you will need to increase some values. Same holds when not +## using dietlibc. Use '-1' as the value to disable the upper limit +## for the given resource. +## +## Look into /proc/<pid>/status to find out the real usage of the +## resources. +ulimit core 0 +ulimit stack 64K +ulimit data 32K +ulimit rss 200K +ulimit nproc 0 +ulimit nofile 0 +ulimit as 0 + + +######### INTERFACE SETTINGS ######### +#### +### +## The interface where the forwarder listens for messages. There must +## be specified BOTH the server-side and client-side interfaces! +## +## Each interface will be identified by its system-wide name +## (e.g. eth0). After this it must be told whether there are +## clients and servers, and if it is allowed to send broadcast +## messages to clients. The bcast flags will be IGNORED when +## forwarding messages to servers. + +# IFNAME clients servers bcast +if eth2 true false true +if eth1 false true true + + +## Each interface can be given an RFC 3046 agent ID. The 'name' config +## option sets this value; if an interface is not specified here, the +## IFNAME will be assumed. + +# IFNAME agent-id +name eth2 ws-c + + +## Each interface can be given an specific IP to be filled into the +## 'giaddr' field. +## +## BEWARE: because the outgoing DHCP message will contain the "normal" IP +## address of the outgoing-interface in its IP-header, some additional +## work in the system must be done. You can e.g. add an iptables rule to +## the 'nat' table similarly to this: +## +## | Chain POSTROUTING (policy ACCEPT) +## | target prot opt source destination +## | SNAT udp -- 192.168.0.6 192.168.8.66 udp spt:68 dpt:67 to:192.168.2.255 + +# ip eth0 192.168.2.255 + + +######### SERVER SETTINGS ######### +#### +### +## Definitions of the servers. There must be told the type ('ip' or +## 'bcast') and the address. When using 'ip', the address is a non-bcast +## IPv4 address (dotted, DNS-names are NOT supported); and when using +## 'bcast' servers, the address is an IFNAME. + +# TYPE address +server ip 192.168.8.66 +#server bcast eth1 diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/init.d/dhcp-fwd b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/init.d/dhcp-fwd new file mode 100644 index 000000000..597e1fc78 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/init.d/dhcp-fwd @@ -0,0 +1,17 @@ +#!/bin/sh + +case $1 in + start) + [ -d /var/log ] || mkdir -p /var/log + [ -d /var/run/dhcp-wfd ] || mkdir -p /var/run/dhcp-fwd + dhcp-fwd + ;; + stop) + [ -f /var/run/dhcpd-fwd.pid ] && kill $(cat /var/run/dhcpd-fwd.pid) 2>/dev/null + ;; + *) + echo "usage: $0 (start|stop)" + exit 1 +esac + +exit $? diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ip6tables/ip6tables.control b/obsolete-buildroot/sources/openwrt/ipkg/ip6tables/ip6tables.control new file mode 100644 index 000000000..c4c13f7f4 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ip6tables/ip6tables.control @@ -0,0 +1,9 @@ +Package: ip6tables +Architecture: mipsel +Version: 1.2.9-1 +Section: net +Priority: optional +Maintainer: Sebastien NOEL <me@twolife.org> +Source: Embedded in the main OpenWrt buildroot +Depends: kmod-ipv6, kmod-ipt6 +Description: Linux kernel 2.4+ IPv6 packet filter administration tools diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/kmod-ipt6.control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/kmod-ipt6.control new file mode 100644 index 000000000..957732b16 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/kmod-ipt6.control @@ -0,0 +1,9 @@ +Package: kmod-ipt6 +Architecture: mipsel +Version: 2.4.20-1 +Section: kernel +Priority: optional +Maintainer: Sebastien NOEL <me@twolife.org> +Source: Embedded in the main OpenWrt buildroot +Depends: kmod-ipv6, ip6tables +Description: ip6tables kernel modules diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/kmod-ipv6.control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/kmod-ipv6.control new file mode 100644 index 000000000..fdeb1c70e --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/kmod-ipv6.control @@ -0,0 +1,9 @@ +Package: kmod-ipv6 +Architecture: mipsel +Version: 2.4.20-1 +Section: kernel +Priority: optional +Maintainer: Sebastien NOEL <me@twolife.org> +Source: Embedded in the main OpenWrt buildroot +Depends: +Description: Kernel modules for the IPv6 protocol diff --git a/obsolete-buildroot/sources/openwrt/ipkg/nfs-modules/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/nfs-modules/CONTROL/control new file mode 100644 index 000000000..906b5ffc0 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/nfs-modules/CONTROL/control @@ -0,0 +1,8 @@ +Package: nfs-modules +Priority: optional +Section: kernel +Version: TBDL +Architecture: TBDL +Maintainer: Nico <nthill@free.fr> +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: the NFS kernel modules diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-async-module/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/ppp-async-module/CONTROL/control new file mode 100644 index 000000000..bb38c2a86 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-async-module/CONTROL/control @@ -0,0 +1,8 @@ +Package: ppp-async-module +Priority: optional +Section: net +Version: TBDL +Architecture: TBDL +Maintainer: Nico <nthill@free.fr> +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: a PPP async serial channel driver kernel module diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-mppe-module/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/ppp-mppe-module/CONTROL/control new file mode 100644 index 000000000..418058bd7 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-mppe-module/CONTROL/control @@ -0,0 +1,8 @@ +Package: ppp-mppe-module +Priority: optional +Section: net +Version: TBDL +Architecture: TBDL +Maintainer: Nico <nthill@free.fr> +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: a Microsoft PPP compression/encryption (MPPC/MPPE) kernel module diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/conffiles new file mode 100644 index 000000000..70fe146d2 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/conffiles @@ -0,0 +1,2 @@ +/etc/ppp/radius.conf +/etc/ppp/radius/servers diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/control new file mode 100644 index 000000000..e9411b3b7 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/control @@ -0,0 +1,9 @@ +Package: ppp-radius-plugin +Priority: optional +Section: net +Version: TBDL +Architecture: TBDL +Maintainer: Nico +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: a RADIUS plugin for the PPP daemon +Depends: ppp diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius-options b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius-options new file mode 100644 index 000000000..1cb186759 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius-options @@ -0,0 +1,2 @@ +plugin radius.so +radius-config-file /etc/ppp/radius.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius.conf b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius.conf new file mode 100644 index 000000000..bf630fee7 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius.conf @@ -0,0 +1,8 @@ +authserver localhost:1812 +acctserver localhost:1813 +dictionary /etc/ppp/radius/dictionary +servers /etc/ppp/radius/servers +seqfile /var/tmp/radius.seq +radius_timeout 10 +radius_retries 3 +mapfile /dev/null
\ No newline at end of file diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary new file mode 100644 index 000000000..706d1ce99 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary @@ -0,0 +1,253 @@ +# +# Updated 97/06/13 to livingston-radius-2.01 miquels@cistron.nl +# +# This file contains dictionary translations for parsing +# requests and generating responses. All transactions are +# composed of Attribute/Value Pairs. The value of each attribute +# is specified as one of 4 data types. Valid data types are: +# +# string - 0-253 octets +# ipaddr - 4 octets in network byte order +# integer - 32 bit value in big endian order (high byte first) +# date - 32 bit value in big endian order - seconds since +# 00:00:00 GMT, Jan. 1, 1970 +# +# Enumerated values are stored in the user file with dictionary +# VALUE translations for easy administration. +# +# Example: +# +# ATTRIBUTE VALUE +# --------------- ----- +# Framed-Protocol = PPP +# 7 = 1 (integer encoding) +# + +# The dictionary format now supports vendor-specific attributes. +# Vendors are introduced like this: +# +# VENDOR vendor_name vendor_number +# +# For example: +# +# VENDOR RoaringPenguin 10055 +# +# Vendor-specific attributes have a fifth field with the name of the +# vendor. For example: +# +# ATTRIBUTE RP-Upstream-Speed-Limit 1 integer RoaringPenguin +# +# introduces a Roaring Penguin vendor-specific attribbute with name +# RP-Upstream-Speed-Limit, number 1, type integer and vendor RoaringPenguin. + +# +# Following are the proper new names. Use these. +# +ATTRIBUTE User-Name 1 string +ATTRIBUTE Password 2 string +ATTRIBUTE CHAP-Password 3 string +ATTRIBUTE NAS-IP-Address 4 ipaddr +ATTRIBUTE NAS-Port-Id 5 integer +ATTRIBUTE Service-Type 6 integer +ATTRIBUTE Framed-Protocol 7 integer +ATTRIBUTE Framed-IP-Address 8 ipaddr +ATTRIBUTE Framed-IP-Netmask 9 ipaddr +ATTRIBUTE Framed-Routing 10 integer +ATTRIBUTE Filter-Id 11 string +ATTRIBUTE Framed-MTU 12 integer +ATTRIBUTE Framed-Compression 13 integer +ATTRIBUTE Login-IP-Host 14 ipaddr +ATTRIBUTE Login-Service 15 integer +ATTRIBUTE Login-TCP-Port 16 integer +ATTRIBUTE Reply-Message 18 string +ATTRIBUTE Callback-Number 19 string +ATTRIBUTE Callback-Id 20 string +ATTRIBUTE Framed-Route 22 string +ATTRIBUTE Framed-IPX-Network 23 ipaddr +ATTRIBUTE State 24 string +ATTRIBUTE Class 25 string +ATTRIBUTE Session-Timeout 27 integer +ATTRIBUTE Idle-Timeout 28 integer +ATTRIBUTE Termination-Action 29 integer +ATTRIBUTE Called-Station-Id 30 string +ATTRIBUTE Calling-Station-Id 31 string +ATTRIBUTE NAS-Identifier 32 string +ATTRIBUTE Acct-Status-Type 40 integer +ATTRIBUTE Acct-Delay-Time 41 integer +ATTRIBUTE Acct-Input-Octets 42 integer +ATTRIBUTE Acct-Output-Octets 43 integer +ATTRIBUTE Acct-Session-Id 44 string +ATTRIBUTE Acct-Authentic 45 integer +ATTRIBUTE Acct-Session-Time 46 integer +ATTRIBUTE Acct-Input-Packets 47 integer +ATTRIBUTE Acct-Output-Packets 48 integer +ATTRIBUTE Acct-Terminate-Cause 49 integer +ATTRIBUTE Chap-Challenge 60 string +ATTRIBUTE NAS-Port-Type 61 integer +ATTRIBUTE Port-Limit 62 integer +ATTRIBUTE Connect-Info 77 string + +# RFC 2869 +ATTRIBUTE Acct-Interim-Interval 85 integer + +# +# Experimental Non Protocol Attributes used by Cistron-Radiusd +# +ATTRIBUTE Huntgroup-Name 221 string +ATTRIBUTE User-Category 1029 string +ATTRIBUTE Group-Name 1030 string +ATTRIBUTE Simultaneous-Use 1034 integer +ATTRIBUTE Strip-User-Name 1035 integer +ATTRIBUTE Fall-Through 1036 integer +ATTRIBUTE Add-Port-To-IP-Address 1037 integer +ATTRIBUTE Exec-Program 1038 string +ATTRIBUTE Exec-Program-Wait 1039 string +ATTRIBUTE Hint 1040 string + +# +# Non-Protocol Attributes +# These attributes are used internally by the server +# +ATTRIBUTE Expiration 21 date +ATTRIBUTE Auth-Type 1000 integer +ATTRIBUTE Menu 1001 string +ATTRIBUTE Termination-Menu 1002 string +ATTRIBUTE Prefix 1003 string +ATTRIBUTE Suffix 1004 string +ATTRIBUTE Group 1005 string +ATTRIBUTE Crypt-Password 1006 string +ATTRIBUTE Connect-Rate 1007 integer + +# +# Experimental, implementation specific attributes +# +# Limit session traffic +ATTRIBUTE Session-Octets-Limit 227 integer +# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out) +ATTRIBUTE Octets-Direction 228 integer + +# +# Integer Translations +# + +# User Types + +VALUE Service-Type Login-User 1 +VALUE Service-Type Framed-User 2 +VALUE Service-Type Callback-Login-User 3 +VALUE Service-Type Callback-Framed-User 4 +VALUE Service-Type Outbound-User 5 +VALUE Service-Type Administrative-User 6 +VALUE Service-Type NAS-Prompt-User 7 + +# Framed Protocols + +VALUE Framed-Protocol PPP 1 +VALUE Framed-Protocol SLIP 2 + +# Framed Routing Values + +VALUE Framed-Routing None 0 +VALUE Framed-Routing Broadcast 1 +VALUE Framed-Routing Listen 2 +VALUE Framed-Routing Broadcast-Listen 3 + +# Framed Compression Types + +VALUE Framed-Compression None 0 +VALUE Framed-Compression Van-Jacobson-TCP-IP 1 + +# Login Services + +VALUE Login-Service Telnet 0 +VALUE Login-Service Rlogin 1 +VALUE Login-Service TCP-Clear 2 +VALUE Login-Service PortMaster 3 + +# Status Types + +VALUE Acct-Status-Type Start 1 +VALUE Acct-Status-Type Stop 2 +VALUE Acct-Status-Type Accounting-On 7 +VALUE Acct-Status-Type Accounting-Off 8 + +# Authentication Types + +VALUE Acct-Authentic RADIUS 1 +VALUE Acct-Authentic Local 2 +VALUE Acct-Authentic PowerLink128 100 + +# Termination Options + +VALUE Termination-Action Default 0 +VALUE Termination-Action RADIUS-Request 1 + +# NAS Port Types, available in 3.3.1 and later + +VALUE NAS-Port-Type Async 0 +VALUE NAS-Port-Type Sync 1 +VALUE NAS-Port-Type ISDN 2 +VALUE NAS-Port-Type ISDN-V120 3 +VALUE NAS-Port-Type ISDN-V110 4 + +# Acct Terminate Causes, available in 3.3.2 and later + +VALUE Acct-Terminate-Cause User-Request 1 +VALUE Acct-Terminate-Cause Lost-Carrier 2 +VALUE Acct-Terminate-Cause Lost-Service 3 +VALUE Acct-Terminate-Cause Idle-Timeout 4 +VALUE Acct-Terminate-Cause Session-Timeout 5 +VALUE Acct-Terminate-Cause Admin-Reset 6 +VALUE Acct-Terminate-Cause Admin-Reboot 7 +VALUE Acct-Terminate-Cause Port-Error 8 +VALUE Acct-Terminate-Cause NAS-Error 9 +VALUE Acct-Terminate-Cause NAS-Request 10 +VALUE Acct-Terminate-Cause NAS-Reboot 11 +VALUE Acct-Terminate-Cause Port-Unneeded 12 +VALUE Acct-Terminate-Cause Port-Preempted 13 +VALUE Acct-Terminate-Cause Port-Suspended 14 +VALUE Acct-Terminate-Cause Service-Unavailable 15 +VALUE Acct-Terminate-Cause Callback 16 +VALUE Acct-Terminate-Cause User-Error 17 +VALUE Acct-Terminate-Cause Host-Request 18 + +# +# Non-Protocol Integer Translations +# + +VALUE Auth-Type Local 0 +VALUE Auth-Type System 1 +VALUE Auth-Type SecurID 2 +VALUE Auth-Type Crypt-Local 3 +VALUE Auth-Type Reject 4 + +# +# Cistron extensions +# +VALUE Auth-Type Pam 253 +VALUE Auth-Type None 254 + +# +# Experimental Non-Protocol Integer Translations for Cistron-Radiusd +# +VALUE Fall-Through No 0 +VALUE Fall-Through Yes 1 +VALUE Add-Port-To-IP-Address No 0 +VALUE Add-Port-To-IP-Address Yes 1 + +# +# Configuration Values +# uncomment these two lines to turn account expiration on +# + +#VALUE Server-Config Password-Expiration 30 +#VALUE Server-Config Password-Warning 5 + +# Octets-Direction +VALUE Octets-Direction Sum 0 +VALUE Octets-Direction Input 1 +VALUE Octets-Direction Output 2 +VALUE Octets-Direction MaxOveral 3 +VALUE Octets-Direction MaxSession 4 + +INCLUDE /etc/ppp/radius/dictionary.microsoft diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary.microsoft b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary.microsoft new file mode 100644 index 000000000..09fdbba63 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary.microsoft @@ -0,0 +1,81 @@ +# +# Microsoft's VSA's, from RFC 2548 +# +# $Id$ +# + +VENDOR Microsoft 311 Microsoft + +ATTRIBUTE MS-CHAP-Response 1 string Microsoft +ATTRIBUTE MS-CHAP-Error 2 string Microsoft +ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft +ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft +ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft +ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft +# This is referred to as both singular and plural in the RFC. +# Plural seems to make more sense. +ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft +ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft +ATTRIBUTE MS-CHAP-Domain 10 string Microsoft +ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft +ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft +ATTRIBUTE MS-BAP-Usage 13 integer Microsoft +ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft +ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft +ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft +ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft +ATTRIBUTE MS-RAS-Version 18 string Microsoft +ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft +ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft +ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft + +ATTRIBUTE MS-Filter 22 string Microsoft +ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft +ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft + +ATTRIBUTE MS-CHAP2-Response 25 string Microsoft +ATTRIBUTE MS-CHAP2-Success 26 string Microsoft +ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft + +ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft +ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft +ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft +ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft + +#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft + + +# +# Integer Translations +# + +# MS-BAP-Usage Values + +VALUE MS-BAP-Usage Not-Allowed 0 +VALUE MS-BAP-Usage Allowed 1 +VALUE MS-BAP-Usage Required 2 + +# MS-ARAP-Password-Change-Reason Values + +VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 +VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 +VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 +VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 + +# MS-Acct-Auth-Type Values + +VALUE MS-Acct-Auth-Type PAP 1 +VALUE MS-Acct-Auth-Type CHAP 2 +VALUE MS-Acct-Auth-Type MS-CHAP-1 3 +VALUE MS-Acct-Auth-Type MS-CHAP-2 4 +VALUE MS-Acct-Auth-Type EAP 5 + +# MS-Acct-EAP-Type Values + +VALUE MS-Acct-EAP-Type MD5 4 +VALUE MS-Acct-EAP-Type OTP 5 +VALUE MS-Acct-EAP-Type Generic-Token-Card 6 +VALUE MS-Acct-EAP-Type TLS 13 + diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/servers b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/servers new file mode 100644 index 000000000..0c5b3b9ad --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/servers @@ -0,0 +1 @@ +localhost secret diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/conffiles new file mode 100644 index 000000000..8ad17eb43 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/conffiles @@ -0,0 +1,2 @@ +/etc/ppp/chap-secrets +/etc/ppp/options diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/control new file mode 100644 index 000000000..b4e071e36 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/control @@ -0,0 +1,8 @@ +Package: ppp +Priority: optional +Section: net +Version: TBDL +Architecture: TBDL +Maintainer: Nico <nthill@free.fr> +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: a Point-to-Point Protocol (PPP) daemon diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/chap-secrets b/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/chap-secrets new file mode 100644 index 000000000..f31e37612 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/chap-secrets @@ -0,0 +1 @@ +nico pptp-server secret 172.16.1.101
\ No newline at end of file diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/options b/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/options new file mode 100644 index 000000000..77170e960 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/options @@ -0,0 +1 @@ +#debug diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/conffiles new file mode 100644 index 000000000..34a387ba4 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/conffiles @@ -0,0 +1,2 @@ +/etc/ppp/pptp-server-options +/etc/pptpd.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/control new file mode 100644 index 000000000..8cb012e14 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/control @@ -0,0 +1,9 @@ +Package: pptp-server +Priority: optional +Section: net +Version: TBDL +Architecture: TBDL +Maintainer: Nico <nthill@free.fr> +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: a Point-to-Point Tunneling Protocol (PPTP) server +Depends: ppp diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/init.d/pptp-server b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/init.d/pptp-server new file mode 100644 index 000000000..3015c66ae --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/init.d/pptp-server @@ -0,0 +1,18 @@ +#!/bin/sh + +case $1 in + start) + insmod ppp_async >/dev/null 2>&1 + insmod ppp_mppe_mppc >/dev/null 2>&1 + [ -d /var/run ] || mkdir -p /var/run + /usr/sbin/pptpd + ;; + stop) + [ -f /var/run/pptpd.pid ] && kill $(cat /var/run/pptpd.pid) >/dev/null 2>&1 + ;; + *) + echo "usage: $0 (start|stop)" + exit 1 +esac + +exit $? diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/ppp/pptp-server-options b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/ppp/pptp-server-options new file mode 100644 index 000000000..cca8027db --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/ppp/pptp-server-options @@ -0,0 +1,27 @@ +#debug +#logfile /tmp/pptp-server.log +172.16.1.1: +auth +name "pptp-server" +lcp-echo-failure 3 +lcp-echo-interval 60 +default-asyncmap +mtu 1482 +mru 1482 +nobsdcomp +nodeflate +#noproxyarp +#nomppc +nomppe-40 +nomppe-56 +nomppe-stateful +require-mppe +require-mppe-128 +require-mschap-v2 +refuse-chap +refuse-mschap +refuse-eap +refuse-pap +#ms-dns 172.16.1.1 +#plugin radius.so +#radius-config-file /etc/radius.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/pptpd.conf b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/pptpd.conf new file mode 100644 index 000000000..e9ac115c7 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/pptpd.conf @@ -0,0 +1,5 @@ +#debug +option /etc/ppp/pptp-server-options +speed 115200 +stimeout 10 +#localip & remoteip are not needed, ip management is done by pppd diff --git a/obsolete-buildroot/sources/openwrt/ipkg/tun-module/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/tun-module/CONTROL/control new file mode 100644 index 000000000..39762a309 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/ipkg/tun-module/CONTROL/control @@ -0,0 +1,8 @@ +Package: tun-module +Priority: optional +Section: kernel +Version: TBDL +Architecture: TBDL +Maintainer: Nico <nthill@free.fr> +Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ +Description: the Universal TUN/TAP device driver diff --git a/obsolete-buildroot/sources/openwrt/kernel/patches/170-ip6tables-alignment.patch b/obsolete-buildroot/sources/openwrt/kernel/patches/170-ip6tables-alignment.patch new file mode 100644 index 000000000..d544f19f0 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/kernel/patches/170-ip6tables-alignment.patch @@ -0,0 +1,24 @@ +diff -Nur linux/net/ipv6/netfilter/ip6_tables.c linux.fixed/net/ipv6/netfilter/ip6_tables.c +--- linux/net/ipv6/netfilter/ip6_tables.c Sat Aug 3 02:39:46 2002 ++++ linux.fixed/net/ipv6/netfilter/ip6_tables.c Thu Sep 26 17:12:07 2002 +@@ -98,10 +98,8 @@ + unsigned int hook_entry[NF_IP6_NUMHOOKS]; + unsigned int underflow[NF_IP6_NUMHOOKS]; + +- char padding[SMP_ALIGN((NF_IP6_NUMHOOKS*2+2)*sizeof(unsigned int))]; +- + /* ip6t_entry tables: one per CPU */ +- char entries[0]; ++ char entries[0] ____cacheline_aligned; + }; + + static LIST_HEAD(ip6t_target); +@@ -1425,7 +1423,7 @@ + int ret; + struct ip6t_table_info *newinfo; + static struct ip6t_table_info bootstrap +- = { 0, 0, 0, { 0 }, { 0 }, { }, { } }; ++ = { 0, 0, 0, { 0 }, { 0 }, { } }; + + MOD_INC_USE_COUNT; + newinfo = vmalloc(sizeof(struct ip6t_table_info) diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/000_ppp-2.4.2-cvs-20040427.patch b/obsolete-buildroot/sources/openwrt/patches/ppp/000_ppp-2.4.2-cvs-20040427.patch new file mode 100644 index 000000000..7ccc1b448 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/000_ppp-2.4.2-cvs-20040427.patch @@ -0,0 +1,3429 @@ +diff -ruN ppp-2.4.2/TODO ppp-cvs-20040427/TODO +--- ppp-2.4.2/TODO 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/TODO 1999-03-22 07:38:09.000000000 +0100 +@@ -0,0 +1,16 @@ ++* Things to do * ++ ++- How should we handle the case where MTU > MRU? ++ Should we reduce the IP MTU to the link MRU (so TCP MSS is correct)? ++ ++- Provide ways to: ++ + set the IP address, possibly based on the peer's identity ++ + have external checking of PAP user/password, CHAP response ++ + supply the PAP user/password, CHAP secret ++ + decide which tty to use (locking, DTR issues) ++ ++- Integrate callback stuff? ++ ++- Implement link quality monitoring ++ ++- Implement other network control protocols +diff -ruN ppp-2.4.2/chat/chat.c ppp-cvs-20040427/chat/chat.c +--- ppp-2.4.2/chat/chat.c 2003-03-30 10:23:48.000000000 +0200 ++++ ppp-cvs-20040427/chat/chat.c 2004-01-17 06:50:11.000000000 +0100 +@@ -87,7 +87,7 @@ + #endif + + #ifndef lint +-static const char rcsid[] = "$Id: chat.c,v 1.29 2003/03/04 06:17:21 fcusack Exp $"; ++static const char rcsid[] = "$Id: chat.c,v 1.30 2004/01/17 05:47:55 carlsonj Exp $"; + #endif + + #include <stdio.h> +@@ -213,7 +213,7 @@ + void *copy_of __P((char *s)); + char *grow __P((char *s, char **p, size_t len)); + void usage __P((void)); +-void logf __P((const char *fmt, ...)); ++void msgf __P((const char *fmt, ...)); + void fatal __P((int code, const char *fmt, ...)); + SIGTYPE sigalrm __P((int signo)); + SIGTYPE sigint __P((int signo)); +@@ -495,7 +495,7 @@ + /* + * Send a message to syslog and/or stderr. + */ +-void logf __V((const char *fmt, ...)) ++void msgf __V((const char *fmt, ...)) + { + va_list args; + +@@ -558,7 +558,7 @@ + fatal(2, "Can't set file mode flags on stdin: %m"); + + if (verbose) +- logf("alarm"); ++ msgf("alarm"); + } + + void unalarm() +@@ -1001,9 +1001,9 @@ + * The expectation did not occur. This is terminal. + */ + if (fail_reason) +- logf("Failed (%s)", fail_reason); ++ msgf("Failed (%s)", fail_reason); + else +- logf("Failed"); ++ msgf("Failed"); + terminate(exit_code); + } + +@@ -1079,7 +1079,7 @@ + abort_string[n_aborts++] = s1; + + if (verbose) +- logf("abort on (%v)", s); ++ msgf("abort on (%v)", s); + return; + } + +@@ -1105,7 +1105,7 @@ + pack++; + n_aborts--; + if (verbose) +- logf("clear abort on (%v)", s); ++ msgf("clear abort on (%v)", s); + } + } + free(s1); +@@ -1129,7 +1129,7 @@ + report_string[n_reports++] = s1; + + if (verbose) +- logf("report (%v)", s); ++ msgf("report (%v)", s); + return; + } + +@@ -1155,7 +1155,7 @@ + pack++; + n_reports--; + if (verbose) +- logf("clear report (%v)", s); ++ msgf("clear report (%v)", s); + } + } + free(s1); +@@ -1173,7 +1173,7 @@ + timeout = DEFAULT_CHAT_TIMEOUT; + + if (verbose) +- logf("timeout set to %d seconds", timeout); ++ msgf("timeout set to %d seconds", timeout); + + return; + } +@@ -1236,7 +1236,7 @@ + return ((int)c & 0x7F); + + default: +- logf("warning: read() on stdin returned %d", status); ++ msgf("warning: read() on stdin returned %d", status); + + case -1: + if ((status = fcntl(0, F_GETFL, 0)) == -1) +@@ -1264,7 +1264,7 @@ + return (0); + + default: +- logf("warning: write() on stdout returned %d", status); ++ msgf("warning: write() on stdout returned %d", status); + + case -1: + if ((status = fcntl(0, F_GETFL, 0)) == -1) +@@ -1286,9 +1286,9 @@ + + if (verbose) { + if (errno == EINTR || errno == EWOULDBLOCK) +- logf(" -- write timed out"); ++ msgf(" -- write timed out"); + else +- logf(" -- write failed: %m"); ++ msgf(" -- write failed: %m"); + } + return (0); + } +@@ -1303,9 +1303,9 @@ + + if (verbose) { + if (quiet) +- logf("send (??????)"); ++ msgf("send (??????)"); + else +- logf("send (%v)", s); ++ msgf("send (%v)", s); + } + + alarm(timeout); alarmed = 0; +@@ -1392,17 +1392,17 @@ + minlen = (len > sizeof(fail_buffer)? len: sizeof(fail_buffer)) - 1; + + if (verbose) +- logf("expect (%v)", string); ++ msgf("expect (%v)", string); + + if (len > STR_LEN) { +- logf("expect string is too long"); ++ msgf("expect string is too long"); + exit_code = 1; + return 0; + } + + if (len == 0) { + if (verbose) +- logf("got it"); ++ msgf("got it"); + return (1); + } + +@@ -1416,16 +1416,16 @@ + echo_stderr(c); + if (verbose && c == '\n') { + if (s == logged) +- logf(""); /* blank line */ ++ msgf(""); /* blank line */ + else +- logf("%0.*v", s - logged, logged); ++ msgf("%0.*v", s - logged, logged); + logged = s + 1; + } + + *s++ = c; + + if (verbose && s >= logged + 80) { +- logf("%0.*v", s - logged, logged); ++ msgf("%0.*v", s - logged, logged); + logged = s; + } + +@@ -1470,8 +1470,8 @@ + strncmp(s - len, string, len) == 0) { + if (verbose) { + if (s > logged) +- logf("%0.*v", s - logged, logged); +- logf(" -- got it\n"); ++ msgf("%0.*v", s - logged, logged); ++ msgf(" -- got it\n"); + } + + alarm(0); +@@ -1484,8 +1484,8 @@ + strncmp(s - abort_len, abort_string[n], abort_len) == 0) { + if (verbose) { + if (s > logged) +- logf("%0.*v", s - logged, logged); +- logf(" -- failed"); ++ msgf("%0.*v", s - logged, logged); ++ msgf(" -- failed"); + } + + alarm(0); +@@ -1499,7 +1499,7 @@ + if (s >= end) { + if (logged < s - minlen) { + if (verbose) +- logf("%0.*v", s - logged, logged); ++ msgf("%0.*v", s - logged, logged); + logged = s; + } + s -= minlen; +@@ -1509,16 +1509,16 @@ + } + + if (alarmed && verbose) +- logf("warning: alarm synchronization problem"); ++ msgf("warning: alarm synchronization problem"); + } + + alarm(0); + + if (verbose && printed) { + if (alarmed) +- logf(" -- read timed out"); ++ msgf(" -- read timed out"); + else +- logf(" -- read failed: %m"); ++ msgf(" -- read failed: %m"); + } + + exit_code = 3; +diff -ruN ppp-2.4.2/configure ppp-cvs-20040427/configure +--- ppp-2.4.2/configure 2002-11-09 12:24:41.000000000 +0100 ++++ ppp-cvs-20040427/configure 2004-01-17 06:50:11.000000000 +0100 +@@ -1,5 +1,5 @@ + #!/bin/sh +-# $Id: configure,v 1.30 2002/11/02 19:48:12 carlsonj Exp $ ++# $Id: configure,v 1.31 2004/01/17 05:47:55 carlsonj Exp $ + + # if [ -d /NextApps ]; then + # system="NeXTStep" +@@ -27,7 +27,7 @@ + esac;; + 5.[1-6]*) state="known"; ksrc="solaris"; makext="sol2";; + esac +- if [ -x /opt/SUNWspro/bin/cc ] && ++ if [ -x /opt/SUNWspro/bin/cc -a "$1" != "gcc" ] && + /opt/SUNWspro/bin/cc -flags >/dev/null 2>&1; then + : # use Sun WorkShop compiler + elif gcc --version >/dev/null 2>&1; then +diff -ruN ppp-2.4.2/contrib/pppgetpass/Makefile.linux ppp-cvs-20040427/contrib/pppgetpass/Makefile.linux +--- ppp-2.4.2/contrib/pppgetpass/Makefile.linux 1999-11-15 05:08:24.000000000 +0100 ++++ ppp-cvs-20040427/contrib/pppgetpass/Makefile.linux 1970-01-01 01:00:00.000000000 +0100 +@@ -1,16 +0,0 @@ +-all: pppgetpass.vt pppgetpass.gtk +- +-pppgetpass.vt: pppgetpass.vt.o +- +-pppgetpass.gtk: pppgetpass.gtk.o +- $(CC) $(LDFLAGS) pppgetpass.gtk.o `gtk-config --libs` -o pppgetpass.gtk +-pppgetpass.gtk.o: pppgetpass.gtk.c +- $(CC) $(CFLAGS) -c pppgetpass.gtk.c `gtk-config --cflags` +- +-install: all +- install -m 755 pppgetpass.sh /usr/bin/pppgetpass +- install -m 4755 -o root -g root pppgetpass.vt /usr/bin/ +- install -m 755 -o root -g root pppgetpass.gtk /usr/X11/bin/ +- +-clean: +- rm -f *.o pppgetpass.gtk pppgetpass.vt core +diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.8 ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.8 +--- ppp-2.4.2/contrib/pppgetpass/pppgetpass.8 1999-11-15 05:08:24.000000000 +0100 ++++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.8 1970-01-01 01:00:00.000000000 +0100 +@@ -1,18 +0,0 @@ +-.TH PPPGETPASS 8 "26 Sep 1999" +-.SH NAME +-pppgetpass \- prompt for PAP password +-.SH SYNOPSIS +-.B pppgetpass +-.I client server fd +-.SH DESCRIPTION +-.B pppgetpass +-the outer half of a plugin for PAP password prompting in pppd. +-If the peer requires PAP, and the +-.B passprompt.so +-plugin is loaded into pppd, it will run +-.B /usr/sbin/pppgetpass +-(or another program specified by the +-.B promptprog +-option) to prompt the user for the password. +-.SH SEE ALSO +-pppd(8) +diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.gtk.c ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.gtk.c +--- ppp-2.4.2/contrib/pppgetpass/pppgetpass.gtk.c 1999-11-15 05:08:24.000000000 +0100 ++++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.gtk.c 1970-01-01 01:00:00.000000000 +0100 +@@ -1,92 +0,0 @@ +-#include <glib.h> +-#include <gdk/gdk.h> +-#include <gtk/gtkwindow.h> +-#include <gtk/gtkmain.h> +-#include <gtk/gtkbutton.h> +-#include <gtk/gtkvbox.h> +-#include <gtk/gtklabel.h> +-#include <gtk/gtkentry.h> +-#include <gtk/gtksignal.h> +- +-#include <stdio.h> +-#include <string.h> +-#include <stdlib.h> +-#include <unistd.h> +-#include <syslog.h> +- +-int outfd; +-int err; +- +-static void okpressed(void *widget, void *clientdata) +-{ +- GtkWidget *answer=clientdata; +- gchar *pass; +- int passlen; +- ssize_t wrote; +- (void)widget; +- +- pass=gtk_entry_get_text(GTK_ENTRY(answer)); +- +- passlen=strlen(pass); +- if(!passlen) +- return; +- +- if((wrote=write(outfd, pass, passlen))!=passlen) { +- if(wrote<0) +- syslog(LOG_ERR, "write error on outpipe: %m"); +- else +- syslog(LOG_ERR, "short write on outpipe"); +- err=1; +- } +- gtk_main_quit(); +-} +- +-int main(int argc, char **argv) +-{ +- GtkWidget *mainwindow, *vbox, *question, *answer, *ok; +- char buf[1024]; +- gtk_init(&argc, &argv); +- +- openlog(argv[0], LOG_PID, LOG_DAEMON); +- if(argc!=4) { +- syslog(LOG_WARNING, "Usage error"); +- return 1; +- } +- outfd=atoi(argv[3]); +- mainwindow=gtk_window_new(GTK_WINDOW_TOPLEVEL); +- gtk_window_set_title(GTK_WINDOW(mainwindow), "pppgetpass"); +- gtk_signal_connect(GTK_OBJECT(mainwindow), "destroy", +- GTK_SIGNAL_FUNC(gtk_main_quit), 0); +- +- vbox=gtk_vbox_new(FALSE, 5); +- gtk_container_add(GTK_CONTAINER(mainwindow), vbox); +- gtk_widget_show(vbox); +- +- if(argv[1][0] && argv[2][0]) +- snprintf(buf, sizeof buf, "Password for PPP client %s on server %s: ", argv[1], argv[2]); +- else if(argv[1][0] && !argv[2][0]) +- snprintf(buf, sizeof buf, "Password for PPP client %s: ", argv[1]); +- else if(!argv[1][0] && argv[2][0]) +- snprintf(buf, sizeof buf, "Password for PPP on server %s: ", argv[2]); +- else +- snprintf(buf, sizeof buf, "Enter PPP password: "); +- question=gtk_label_new(buf); +- gtk_box_pack_start(GTK_BOX(vbox), question, FALSE, TRUE, 0); +- gtk_widget_show(question); +- +- answer=gtk_entry_new(); +- gtk_entry_set_visibility(GTK_ENTRY(answer), 0); +- gtk_box_pack_start(GTK_BOX(vbox), answer, FALSE, TRUE, 0); +- gtk_widget_show(answer); +- +- ok=gtk_button_new_with_label("OK"); +- gtk_box_pack_start(GTK_BOX(vbox), ok, FALSE, TRUE, 0); +- gtk_signal_connect(GTK_OBJECT(ok), "clicked", +- GTK_SIGNAL_FUNC(okpressed), answer); +- gtk_widget_show(ok); +- +- gtk_widget_show(mainwindow); +- gtk_main(); +- +- return err; +-} +diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.sh ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.sh +--- ppp-2.4.2/contrib/pppgetpass/pppgetpass.sh 1999-11-15 05:08:24.000000000 +0100 ++++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.sh 1970-01-01 01:00:00.000000000 +0100 +@@ -1,7 +0,0 @@ +-#!/bin/sh +- +-if [ -z "$DISPLAY" ]; then +- exec pppgetpass.vt "$@" +-else +- exec pppgetpass.gtk "$@" +-fi +diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.vt.c ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.vt.c +--- ppp-2.4.2/contrib/pppgetpass/pppgetpass.vt.c 1999-11-15 05:08:24.000000000 +0100 ++++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.vt.c 1970-01-01 01:00:00.000000000 +0100 +@@ -1,218 +0,0 @@ +-#include <stdio.h> +-#include <string.h> +-#include <stdlib.h> +-#include <errno.h> +-#include <unistd.h> +-#include <fcntl.h> +-#include <sys/stat.h> +-#include <sys/ioctl.h> +-#include <syslog.h> +-#include <termios.h> +-#include <sys/vt.h> +- +-static int console_owner(uid_t, int); +- +-int main(int argc, char **argv) +-{ +- int console; +- uid_t uid; +- struct vt_stat origstate; +- int openvtnum; +- char openvtname[256]; +- int openvt; +- gid_t gid; +- int chowned; +- FILE *fp; +- struct termios t; +- char pass[256], *nl; +- int outfd, passlen; +- ssize_t wrote; +- console=open("/dev/console", O_RDWR); +- +- uid=getuid(); +- gid=getgid(); +- seteuid(uid); +- +- openlog(argv[0], LOG_PID, LOG_DAEMON); +- +- if(argc!=4) { +- syslog(LOG_WARNING, "Usage error"); +- return 1; +- } +- +- if(console<0) { +- syslog(LOG_ERR, "open(/dev/console): %m"); +- return 1; +- } +- +- if(ioctl(console, VT_GETSTATE, &origstate)<0) { +- syslog(LOG_ERR, "VT_GETSTATE: %m"); +- return 1; +- } +- +- if(uid) { +- if(!console_owner(uid, origstate.v_active)) { +- int i; +- for(i=0;i<64;++i) { +- if(i!=origstate.v_active && console_owner(uid, i)) +- break; +- } +- if(i==64) { +- syslog(LOG_WARNING, "run by uid %lu not at console", (unsigned long)uid); +- return 1; +- } +- } +- } +- +- if(ioctl(console, VT_OPENQRY, &openvtnum)<0) { +- syslog(LOG_ERR, "VT_OPENQRY: %m"); +- return 1; +- } +- if(openvtnum==-1) { +- syslog(LOG_ERR, "No free VTs"); +- return 1; +- } +- +- snprintf(openvtname, sizeof openvtname, "/dev/tty%d", openvtnum); +- seteuid(0); +- openvt=open(openvtname, O_RDWR); +- if(openvt<0) { +- seteuid(uid); +- syslog(LOG_ERR, "open(%s): %m", openvtname); +- return 1; +- } +- +- chowned=fchown(openvt, uid, gid); +- if(chowned<0) { +- seteuid(uid); +- syslog(LOG_ERR, "fchown(%s): %m", openvtname); +- return 1; +- } +- +- close(console); +- +- if(ioctl(openvt, VT_ACTIVATE, openvtnum)<0) { +- seteuid(uid); +- syslog(LOG_ERR, "VT_ACTIVATE(%d): %m", openvtnum); +- return 1; +- } +- +- while(ioctl(openvt, VT_WAITACTIVE, openvtnum)<0) { +- if(errno!=EINTR) { +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- syslog(LOG_ERR, "VT_WAITACTIVE(%d): %m", openvtnum); +- return 1; +- } +- } +- +- seteuid(uid); +- fp=fdopen(openvt, "r+"); +- if(!fp) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- syslog(LOG_ERR, "fdopen(%s): %m", openvtname); +- return 1; +- } +- +- if(tcgetattr(openvt, &t)<0) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- syslog(LOG_ERR, "tcgetattr(%s): %m", openvtname); +- return 1; +- } +- t.c_lflag &= ~ECHO; +- if(tcsetattr(openvt, TCSANOW, &t)<0) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- syslog(LOG_ERR, "tcsetattr(%s): %m", openvtname); +- return 1; +- } +- +- if(fprintf(fp, "\033[2J\033[H")<0) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- syslog(LOG_ERR, "write error on %s: %m", openvtname); +- return 1; +- } +- if(argv[1][0] && argv[2][0]) { +- if(fprintf(fp, "Password for PPP client %s on server %s: ", argv[1], argv[2])<0) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- syslog(LOG_ERR, "write error on %s: %m", openvtname); +- return 1; +- } +- } else if(argv[1][0] && !argv[2][0]) { +- if(fprintf(fp, "Password for PPP client %s: ", argv[1])<0) { +- syslog(LOG_ERR, "write error on %s: %m", openvtname); +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- return 1; +- } +- } else if(!argv[1][0] && argv[2][0]) { +- if(fprintf(fp, "Password for PPP on server %s: ", argv[2])<0) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- syslog(LOG_ERR, "write error on %s: %m", openvtname); +- return 1; +- } +- } else { +- if(fprintf(fp, "Enter PPP password: ")<0) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- syslog(LOG_ERR, "write error on %s: %m", openvtname); +- return 1; +- } +- } +- +- if(!fgets(pass, sizeof pass, fp)) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- if(ferror(fp)) { +- syslog(LOG_ERR, "read error on %s: %m", openvtname); +- } +- return 1; +- } +- if((nl=strchr(pass, '\n'))) +- *nl=0; +- passlen=strlen(pass); +- +- outfd=atoi(argv[3]); +- if((wrote=write(outfd, pass, passlen))!=passlen) { +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- if(wrote<0) +- syslog(LOG_ERR, "write error on outpipe: %m"); +- else +- syslog(LOG_ERR, "short write on outpipe"); +- return 1; +- } +- +- seteuid(0); +- ioctl(openvt, VT_ACTIVATE, origstate.v_active); +- seteuid(uid); +- return 0; +-} +- +-static int console_owner(uid_t uid, int cons) +-{ +- char name[256]; +- struct stat st; +- snprintf(name, sizeof name, "/dev/tty%d", cons); +- if(stat(name, &st)<0) { +- if(errno!=ENOENT) +- syslog(LOG_ERR, "stat(%s): %m", name); +- return 0; +- } +- return uid==st.st_uid; +-} +diff -ruN ppp-2.4.2/include/linux/if_ether.h ppp-cvs-20040427/include/linux/if_ether.h +--- ppp-2.4.2/include/linux/if_ether.h 2001-05-21 05:31:50.000000000 +0200 ++++ ppp-cvs-20040427/include/linux/if_ether.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,99 +0,0 @@ +-/* +- * INET An implementation of the TCP/IP protocol suite for the LINUX +- * operating system. INET is implemented using the BSD Socket +- * interface as the means of communication with the user level. +- * +- * Global definitions for the Ethernet IEEE 802.3 interface. +- * +- * Version: @(#)if_ether.h 1.0.1a 02/08/94 +- * +- * Author: Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> +- * Donald Becker, <becker@super.org> +- * Alan Cox, <alan@redhat.com> +- * Steve Whitehouse, <gw7rrm@eeshack3.swan.ac.uk> +- * +- * This program is free software; you can redistribute it and/or +- * modify it under the terms of the GNU General Public License +- * as published by the Free Software Foundation; either version +- * 2 of the License, or (at your option) any later version. +- */ +- +-#ifndef _LINUX_IF_ETHER_H +-#define _LINUX_IF_ETHER_H +- +-/* +- * IEEE 802.3 Ethernet magic constants. The frame sizes omit the preamble +- * and FCS/CRC (frame check sequence). +- */ +- +-#define ETH_ALEN 6 /* Octets in one ethernet addr */ +-#define ETH_HLEN 14 /* Total octets in header. */ +-#define ETH_ZLEN 60 /* Min. octets in frame sans FCS */ +-#define ETH_DATA_LEN 1500 /* Max. octets in payload */ +-#define ETH_FRAME_LEN 1514 /* Max. octets in frame sans FCS */ +- +-/* +- * These are the defined Ethernet Protocol ID's. +- */ +- +-#define ETH_P_LOOP 0x0060 /* Ethernet Loopback packet */ +-#define ETH_P_PUP 0x0200 /* Xerox PUP packet */ +-#define ETH_P_PUPAT 0x0201 /* Xerox PUP Addr Trans packet */ +-#define ETH_P_IP 0x0800 /* Internet Protocol packet */ +-#define ETH_P_X25 0x0805 /* CCITT X.25 */ +-#define ETH_P_ARP 0x0806 /* Address Resolution packet */ +-#define ETH_P_BPQ 0x08FF /* G8BPQ AX.25 Ethernet Packet [ NOT AN OFFICIALLY REGISTERED ID ] */ +-#define ETH_P_IEEEPUP 0x0a00 /* Xerox IEEE802.3 PUP packet */ +-#define ETH_P_IEEEPUPAT 0x0a01 /* Xerox IEEE802.3 PUP Addr Trans packet */ +-#define ETH_P_DEC 0x6000 /* DEC Assigned proto */ +-#define ETH_P_DNA_DL 0x6001 /* DEC DNA Dump/Load */ +-#define ETH_P_DNA_RC 0x6002 /* DEC DNA Remote Console */ +-#define ETH_P_DNA_RT 0x6003 /* DEC DNA Routing */ +-#define ETH_P_LAT 0x6004 /* DEC LAT */ +-#define ETH_P_DIAG 0x6005 /* DEC Diagnostics */ +-#define ETH_P_CUST 0x6006 /* DEC Customer use */ +-#define ETH_P_SCA 0x6007 /* DEC Systems Comms Arch */ +-#define ETH_P_RARP 0x8035 /* Reverse Addr Res packet */ +-#define ETH_P_ATALK 0x809B /* Appletalk DDP */ +-#define ETH_P_AARP 0x80F3 /* Appletalk AARP */ +-#define ETH_P_IPX 0x8137 /* IPX over DIX */ +-#define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */ +-#define ETH_P_PPP_DISC 0x8863 /* PPPoE discovery messages */ +-#define ETH_P_PPP_SES 0x8864 /* PPPoE session messages */ +-#define ETH_P_ATMMPOA 0x884c /* MultiProtocol Over ATM */ +-#define ETH_P_ATMFATE 0x8884 /* Frame-based ATM Transport +- * over Ethernet +- */ +- +-/* +- * Non DIX types. Won't clash for 1500 types. +- */ +- +-#define ETH_P_802_3 0x0001 /* Dummy type for 802.3 frames */ +-#define ETH_P_AX25 0x0002 /* Dummy protocol id for AX.25 */ +-#define ETH_P_ALL 0x0003 /* Every packet (be careful!!!) */ +-#define ETH_P_802_2 0x0004 /* 802.2 frames */ +-#define ETH_P_SNAP 0x0005 /* Internal only */ +-#define ETH_P_DDCMP 0x0006 /* DEC DDCMP: Internal only */ +-#define ETH_P_WAN_PPP 0x0007 /* Dummy type for WAN PPP frames*/ +-#define ETH_P_PPP_MP 0x0008 /* Dummy type for PPP MP frames */ +-#define ETH_P_LOCALTALK 0x0009 /* Localtalk pseudo type */ +-#define ETH_P_PPPTALK 0x0010 /* Dummy type for Atalk over PPP*/ +-#define ETH_P_TR_802_2 0x0011 /* 802.2 frames */ +-#define ETH_P_MOBITEX 0x0015 /* Mobitex (kaz@cafe.net) */ +-#define ETH_P_CONTROL 0x0016 /* Card specific control frames */ +-#define ETH_P_IRDA 0x0017 /* Linux-IrDA */ +-#define ETH_P_ECONET 0x0018 /* Acorn Econet */ +- +-/* +- * This is an Ethernet frame header. +- */ +- +-struct ethhdr +-{ +- unsigned char h_dest[ETH_ALEN]; /* destination eth addr */ +- unsigned char h_source[ETH_ALEN]; /* source ether addr */ +- unsigned short h_proto; /* packet type ID field */ +-}; +- +-#endif /* _LINUX_IF_ETHER_H */ +diff -ruN ppp-2.4.2/include/pcap-int.h ppp-cvs-20040427/include/pcap-int.h +--- ppp-2.4.2/include/pcap-int.h 2000-08-01 03:37:24.000000000 +0200 ++++ ppp-cvs-20040427/include/pcap-int.h 2000-08-01 03:37:24.000000000 +0200 +@@ -30,7 +30,7 @@ + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * +- * @(#) $Header: /data/cvs/ppp/include/pcap-int.h,v 1.1 2000/08/01 01:37:24 paulus Exp $ (LBL) ++ * @(#) $Header: /cvsroot/ppp/include/pcap-int.h,v 1.1 2000/08/01 01:37:24 paulus Exp $ (LBL) + */ + + #ifndef pcap_int_h +diff -ruN ppp-2.4.2/modules/bsd-comp.c ppp-cvs-20040427/modules/bsd-comp.c +--- ppp-2.4.2/modules/bsd-comp.c 1998-03-19 06:59:01.000000000 +0100 ++++ ppp-cvs-20040427/modules/bsd-comp.c 2004-01-17 06:50:11.000000000 +0100 +@@ -41,7 +41,7 @@ + * This version is for use with STREAMS under SunOS 4.x, + * Digital UNIX, AIX 4.x, and SVR4 systems including Solaris 2. + * +- * $Id: bsd-comp.c,v 1.20 1996/08/28 06:31:57 paulus Exp $ ++ * $Id: bsd-comp.c,v 1.21 2004/01/17 05:47:55 carlsonj Exp $ + */ + + #ifdef AIX4 +@@ -66,6 +66,10 @@ + #define BSD_LITTLE_ENDIAN + #endif + ++#ifdef SOL2 ++#include <sys/sunddi.h> ++#endif ++ + #define PACKETPTR mblk_t * + #include <net/ppp-comp.h> + +diff -ruN ppp-2.4.2/modules/deflate.c ppp-cvs-20040427/modules/deflate.c +--- ppp-2.4.2/modules/deflate.c 2002-12-06 10:49:15.000000000 +0100 ++++ ppp-cvs-20040427/modules/deflate.c 2004-01-17 06:50:11.000000000 +0100 +@@ -35,7 +35,7 @@ + * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * +- * $Id: deflate.c,v 1.11 2002/12/06 09:49:15 paulus Exp $ ++ * $Id: deflate.c,v 1.12 2004/01/17 05:47:55 carlsonj Exp $ + */ + + #ifdef AIX4 +@@ -56,6 +56,10 @@ + #include "../common/zlib.h" + #endif + ++#ifdef SOL2 ++#include <sys/sunddi.h> ++#endif ++ + #if DO_DEFLATE + + #define DEFLATE_DEBUG 1 +diff -ruN ppp-2.4.2/modules/vjcompress.c ppp-cvs-20040427/modules/vjcompress.c +--- ppp-2.4.2/modules/vjcompress.c 1999-09-17 04:03:56.000000000 +0200 ++++ ppp-cvs-20040427/modules/vjcompress.c 2004-01-17 06:50:11.000000000 +0100 +@@ -29,7 +29,7 @@ + * This version is used under SunOS 4.x, Digital UNIX, AIX 4.x, + * and SVR4 systems including Solaris 2. + * +- * $Id: vjcompress.c,v 1.10 1999/09/15 23:49:06 masputra Exp $ ++ * $Id: vjcompress.c,v 1.11 2004/01/17 05:47:55 carlsonj Exp $ + */ + + #include <sys/types.h> +@@ -56,6 +56,10 @@ + #include <netinet/in_systm.h> + #endif + ++#ifdef SOL2 ++#include <sys/sunddi.h> ++#endif ++ + #include <netinet/ip.h> + #include <netinet/tcp.h> + +diff -ruN ppp-2.4.2/ppp.texi ppp-cvs-20040427/ppp.texi +--- ppp-2.4.2/ppp.texi 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/ppp.texi 1996-08-28 08:30:33.000000000 +0200 +@@ -0,0 +1,561 @@ ++\input texinfo @c -*-texinfo-*- ++@setfilename ppp.info ++@settitle PPP ++ ++@iftex ++@finalout ++@end iftex ++ ++@ifinfo ++@format ++START-INFO-DIR-ENTRY ++* PPP: (ppp). Point-to-Point Protocol. ++END-INFO-DIR-ENTRY ++@end format ++ ++@titlepage ++@title PPP-2.x Users' Guide ++@author by Paul Mackerras ++@end titlepage ++ ++@node Top, Introduction, (dir), (dir) ++ ++@ifinfo ++This file documents how to use the ppp-2.x package to set up network ++links over serial lines with the Point-to-Point Protocol. ++ ++@end ifinfo ++ ++@menu ++* Introduction:: Basic concepts of the Point-to-Point ++ Protocol and the ppp-2.x package. ++* Installation:: How to compile and install the software. ++* Configuration:: How to set up your system for ++ establishing a link to another system. ++* Security:: Avoid creating security holes. ++* Compression:: Using compression of various kinds ++ to improve throughput. ++@end menu ++ ++@node Introduction, Installation, Top, Top ++@chapter Introduction ++ ++The Point-to-Point Protocol (PPP) is the protocol of choice for ++establishing network links over serial lines. This package (ppp-2.x) ++provides an implementation of PPP which supports the Internet Protocols ++(TCP/IP, UDP/IP, etc.) and which runs on a range of Unix workstations. ++ ++A typical use of PPP is to provide a network connection, via a modem, ++between a workstation and an Internet Service Provider (ISP). When this ++connection is established, the workstation is connected to the internet, ++and applications running on the workstation can then make connections to ++other hosts anywhere on the internet. This package can be used at ++either or both ends of such a link. ++ ++Features of PPP include: ++@itemize @bullet ++@item ++Multi-protocol support. The PPP packet encapsulation includes a ++protocol field, allowing packets from many different protocols to be ++multiplexed across a single link. ++@item ++Negotiation of link characteristics. During link establishment, the two ++systems negotiate about the link configuration parameters, such as the ++IP addresses of each end of the link. ++@item ++Authentication. Optionally, each system can be configured to require the ++other system to authenticate itself. In this way, access can be ++restricted to authorized systems. ++@item ++Transparency. On asynchronous serial lines, PPP can be configured to ++transmit certain characters as a two-character escape sequence. ++@item ++Compression. PPP includes support for various kinds of compression to ++be applied to the packets before they are transmitted. ++@end itemize ++ ++The ppp-2.x software consists of two parts: ++ ++@itemize @bullet ++ ++@item ++Kernel code, which establishes a network interface and passes packets ++between the serial port, the kernel networking code and the PPP daemon ++(@file{pppd}). This code is implemented using STREAMS modules on ++Solaris 2, SunOS 4.x, AIX 4.1 and OSF/1, and as a tty line discipline ++under Ultrix, NextStep, NetBSD, FreeBSD, and Linux. ++ ++@item ++The PPP daemon (@file{pppd}), which negotiates with the peer to ++establish the link and sets up the ppp network interface. Pppd includes ++support for authentication. It can authenticate itself to the other ++system and/or require the other system to authenticate itself, so that ++you can control which other systems may make a PPP connection and what ++IP addresses they may use. ++@end itemize ++ ++@menu ++* PPP Concepts:: Basic concepts and terms used with PPP. ++* PPP packet format:: How data is packaged up for transmission. ++* LCP negotiation:: The parameters which are negotiated ++ using the Link Control Protocol. ++* IPCP negotiation:: The parameters which are negotiated ++ using the IP Control Protocol. ++@end menu ++ ++@node PPP Concepts, PPP packet format, Introduction, Introduction ++@section PPP Concepts ++ ++To use PPP to provide a network connection between two machines, there ++must be some way that a stream of bytes, or characters, can be passed ++from one to the other, in both directions independently. We refer to ++this as the ``serial link''. Very often the serial link involves ++asynchronous communications ports and modems, but other kinds of serial ++link are possible. ++ ++The serial link must transmit (at least) 8 bits per character; PPP ++cannot work over a serial link which transmits only 7 bits per ++character. However, it need not transmit all byte values transparently. ++PPP has a mechanism to avoid sending certain characters if it is known ++that the some element of the serial link interprets them specially. For ++example, the DC1 and DC3 ASCII characters (control-Q and control-S) may ++be trapped by a modem if it is set for ``software'' flow control. PPP ++can send these characters as a two-character ``escape'' sequence. The ++set of characters which are to be transmitted as an escape sequence is ++represented in an ``async control character map'' (ACCM). The ``async'' ++part refers to the fact that this facility is used for asynchronous ++serial links. For synchronous serial connections, the HDLC bit-stuffing ++procedure is used instead. ++ ++The two systems connected by the serial link are called ``peers''. When ++we are talking from the point of view of one of the systems, the other ++is often referred to as ``the peer''. Sometimes we may refer to one ++system as a ``client'' and the other as a ``server''. This distinction ++refers mainly to the way the serial link is set up; usually the client ++is the peer that initiates the connection, for example by dialling the ++server with its modem. ++ ++During the lifetime of a PPP connection, it proceeds through several ++phases: ++ ++@enumerate ++@item ++Serial link establishment. In this phase, the serial link is set up and ++PPP protocol software is attached to each end of the serial link. The ++precise steps involved in doing this vary greatly, depending on the ++nature of the serial link. For the common case of modems connected ++through the telephone network, this involves first sending commands to ++the modem to cause it to dial the remote system. When the remote system ++answers, the local system usually has to supply a username and password, ++and then issue a command to invoke PPP software on the remote system. ++The ``chat'' program supplied with ppp-2.x provides a way to automate a ++dialog with the modem and the remote system. This phase is not ++standardized; it is outside the scope of the PPP protocol ++specifications. ++ ++@item ++Link Control Protocol (LCP) negotiation. In this phase, the peers send ++LCP packets to each other to negotiate various parameters of the ++connection, such as the ACCM to be used in each direction, whether ++authentication is required, and whether or not to use various forms of ++compression. When the peers reach agreement on these parameters, LCP is ++said to be ``up''. ++ ++@item ++Authentication. If one (or both) of the peers requires the other ++peer to authenticate itself, that occurs next. If one of the peers ++cannot successfully authenticate itself, the other peer terminates the ++link. ++ ++@item ++Network Control Protocol (NCP) negotiation. PPP can potentially support ++several different network protocols, although IP is the only network ++protocol (NP) supported by the ppp-2.x package. Each NP has an ++associated NCP defined for it, which is used to negotiate the specific ++parameters which affect that NP. For example, the IP Control Protocol ++(IPCP) is used to negotiate the IP addresses for each end of the link, ++and whether the TCP header compression method described by Van Jacobsen ++in RFC 1144 (``VJ compression'') is to be used. ++ ++@item ++Network communication. When each NCP has successfully negotiated the ++parameters for its NP, that NCP is said to be ``up''. At that point, ++the PPP link is made available for data traffic from that NP. For ++example, when IPCP comes up, the PPP link is then available for carrying ++IP packets (which of course includes packets from those protocols which ++are layered above IP, such as TCP, UDP, etc.) ++ ++@item ++Termination. When the link is no longer required, it is terminated. ++Usually this involves an exchange of LCP packets so that one peer can ++notify the other that it is shutting down the link, enabling both peers ++to shut down in an orderly manner. But of course there are occasions ++when the link terminates because the serial link is interrupted, for ++example, when a modem loses carrier and hangs up. ++ ++@end enumerate ++ ++The protocols in the PPP family are produced by the Point-to-Point ++Working Group of the Internet Engineering Task Force, and are specified ++in RFC (Request for Comments) documents, available by anonymous FTP from ++several sites. ++ ++PPP is defined in several RFCs, in ++particular RFCs 1661, 1662, and 1334. IPCP is defined in RFC 1332. ++Other RFCs describe the control protocols for other network protocols ++(e.g., DECnet, OSI, Appletalk). RFCs are available by anonymous FTP ++from several sites including nic.ddn.mil, nnsc.nsf.net, nic.nordu.net, ++ftp.nisc.sri.com, and munnari.oz.au. ++ ++@node PPP packet format, LCP negotiation, PPP Concepts, Introduction ++@section PPP packet format ++ ++PPP transmits packets over the serial link using a simple encapsulation ++scheme. First, a two-byte PPP Protocol field is inserted before the ++data to be sent. The value in this field identifies ++which higher-level protocol (either a network protocol such as IP or a ++PPP control protocol such as LCP) should receive the data in the packet. ++By default, a one-byte Address field with the value 0xFF, and a one-byte ++Control field with the value 0x03, are inserted before the PPP Protocol ++field (apparently this is supposed to provide compatibility with HDLC, ++in case there is a synchronous to asynchronous converter in the serial ++link). ++ ++On slow serial links, these fields can be compressed down to one byte in ++most cases. The PPP Address and Control fields are compressed by simply ++omitting them (``address/control compression''). The PPP Protocol field ++values are chosen so that bit 0 (the least-significant bit) of the first ++(most significant) byte is always 0, and bit 0 of the second byte is ++always 1. The PPP Protocol field can be compressed by omitting the ++first byte, provided that it is 0 (``protocol compression''). The ++values for this field are assigned so that the first byte is zero for ++all of the commonly-used network protocols. For example, the PPP ++Protocol field value for IP is 0x21. ++ ++For asynchronous serial links, which do not provide any packet framing ++or transparency, a further encapsulation is used as follows. First a ++16-bit Frame Check Sequence (FCS) is computed over the packet to be ++sent, and appended as two bytes to the end of the packet. ++ ++Then each byte of the packet is examined, and if it contains one of the ++characters which are to be escaped, it is replaced by a two byte ++sequence: the 0x7d character '}', followed by the character with bit 5 ++inverted. For example, the control-C character (0x03) could be replaced ++by the two-byte sequence 0x7d, 0x23 ('}#'). The 0x7d and 0x7e ('~') ++characters are always escaped, and the 0x5e ('^') character may not be ++escaped. ++ ++Finally, a ``flag'' character (0x7e, '~') is inserted at the beginning ++and end of the packet to mark the packet boundaries. The initial flag ++may be omitted if this packet immediately follows another packet, as the ++ending flag for the previous packet can serve as the beginning flag of ++this packet. ++ ++@node LCP negotiation, IPCP negotiation, PPP packet format, Introduction ++@section LCP negotiation ++ ++The LCP negotiation process actually involves two sets of negotiations, ++one for each direction of the PPP connection. Thus A will send B ++packets (``Configure-Requests'') describing what characteristics A would ++like to have apply to the B -> A direction of the link, that is, to the ++packets that A will receive. Similarly B will send A packets describing ++the characteristics it would like to have apply to the packets it will ++be receiving. These characteristics need not necessarily be the same in ++both directions. ++ ++The parameters which are negotiated for each direction of the connection ++using LCP are: ++ ++@itemize @bullet ++@item ++Maximum Receive Unit (MRU): indicates the maximum packet size which we ++are prepared to receive (specifically the maximum size of the ++data portion of the packet). The default value is 1500, but on ++slow serial links, smaller values give better response. The choice of ++MRU is discussed below (see xxx). ++ ++@item ++Async Control Character Map (ACCM): indicates the set of control ++characters (characters with ASCII values in the range 0 - 31) which we ++wish to receive in escaped form. The default is that the sender should ++escape all characters in the range 0 - 31. ++ ++@item ++Authentication Protocol: indicates which protocol we would like the peer ++to use to authenticate itself. Common choices are the Password ++Authentication Protocol (PAP) and the Cryptographic Handshake ++Authentication Protocol (CHAP). ++ ++@item ++Quality Protocol: indicates which protocol which we would like the peer ++to use to send us link quality reports. The ppp-2.x package does not ++currently support link quality reports. ++ ++@item ++Magic Number: a randomly-chosen number, different from the peer's magic ++number. If we persistently receive our own magic number in the peer's ++configure-request packets, then we can conclude that the serial link is ++looped back. ++ ++@item ++Protocol Field Compression: indicates that we wish the peer to compress ++the PPP Protocol field to one byte, where possible, in the packets it ++sends. ++ ++@item ++Address/Control Field Compression: indicates that we wish the peer to ++compress the PPP Address/Control fields (by simply omitting them) in the ++packets it sends. ++@end itemize ++ ++@node IPCP negotiation, , LCP negotiation, Introduction ++@section IPCP negotiation ++ ++The IPCP negotiation process is very similar to the LCP negotiation ++process, except that of course different parameters are negotiated. ++The parameters which are negotiated using IPCP are: ++ ++@itemize @bullet ++@item ++IP Address: the IP address (32-bit host IP number) which we plan to use ++as the local address for our end of the link. ++ ++@item ++TCP header compression: indicates (a) that we wish the peer to compress ++the TCP/IP headers of TCP/IP packets that it sends, using the Van ++Jacobson algorithm as described in RFC1144; (b) the maximum slot ID that ++we wish the peer to use, and (c) whether we are prepared to accept ++packets with the slot ID field compressed (omitted). ++ ++With Van Jacobson (VJ) compression, the receiver and transmitter (for ++one direction of the connection) both keep a table, with a certain ++number of ``slots'', where each slot holds the TCP/IP header of the most ++recently transmitted packet for one TCP connection. If a packet is to ++be transmitted for a TCP connection which does not have a slot currently ++allocated, the VJ scheme will allocate one of the slots and send the ++entire TCP/IP header, together with the slot number. For many packets, ++there will be a slot already allocated for the TCP connection, and the ++VJ scheme will then often be able to replace the entire TCP/IP header ++with a much smaller compressed header (typically only 3 - 7 bytes) ++describing which fields of the TCP/IP header have changed, and by how ++much. If there are many more active connections than slots, the ++efficiency of the VJ scheme will drop, because it will not be able to ++send compressed headers as often. ++ ++Usually the compressed header includes a one-byte slot index, indicating ++which TCP connection the packet is for. It is possible to reduce the ++header size by omitting the slot index when the packet has the same slot ++index as the previous packet. However, this introduces a danger if the ++lower levels of the PPP software can sometimes drop damaged packets ++without informing the VJ decompressor, as it may then assume the wrong ++slot index for packets which have the slot index field omitted. With ++the ppp-2.x software, however, the probability of this happening is ++generally very small (see xxx). ++ ++@end itemize ++ ++@node Installation, Configuration, Introduction, Top ++@chapter Installation ++ ++Because ppp-2.x includes code which must be incorporated into the ++kernel, its installation process is necessarily quite heavily ++system-dependent. In addition, you will require super-user privileges ++(root access) to install the code. ++ ++Some systems provide a ``modload'' facility, which allows you to load ++new code into a running kernel without relinking the kernel or ++rebooting. Under Solaris 2, SunOS 4.x, Linux, OSF/1 and NextStep, this ++is the recommended (or only) way to install the kernel portion of the ++ppp-2.x package. ++ ++Under the remaining supported operating systems (NetBSD, FreeBSD, ++Ultrix), it is necessary to go through the process of creating a new ++kernel image and reboot. (Note that NetBSD and FreeBSD have a modload ++facility, but ppp-2.x is currently not configured to take advantage of ++it.) ++ ++Detailed installation instructions for each operating system are ++contained in the README files in the ppp-2.x distribution. In general, ++the process involves executing the commands @samp{./configure}, ++@samp{make} and (as root) @samp{make install} in the ppp-2.x ++distribution directory. (The Linux port requires the installation of ++some header files before compiling; see README.linux for details.) ++ ++@node Configuration, Security, Installation, Top ++@chapter Configuration ++ ++Once the ppp-2.x software is installed, you need to configure your ++system for the particular PPP connections you wish to allow. Typically, ++the elements you need to configure are: ++ ++@itemize @bullet ++@item ++How the serial link is established and how pppd gets invoked. ++@item ++Setting up syslog to log messages from pppd to the console and/or ++system log files. ++@item ++Pppd options to be used. ++@item ++Authentication secrets to use in authenticating us to the peer ++and/or the peer to us. ++@item ++The IP addresses for each end of the link. ++@end itemize ++ ++In most cases, the system you are configuring will either be a ++@dfn{client} system, actively initiating a PPP connection on user ++request, or it will be a @dfn{server} system, passively waiting for ++connections from client systems. Other arrangements are possible, but ++the instructions in this system assume that you are configuring either a ++client or a server. ++ ++These instructions also assume that the serial link involves a serial ++communications port (that is, a tty device), since pppd requires a ++serial port. ++ ++@menu ++* Client machines:: ++* Server machines:: ++* Setting up syslog:: ++* Pppd options:: ++* Authentication secrets files:: ++* IP Addresses:: ++@end menu ++ ++@node Client machines, Server machines, Configuration, Configuration ++@section Client machines ++ ++On a client machine, the way that the user requests that a connection be ++established is by running pppd, either directly or through a shell ++script. Pppd should be given the name of the serial port to use as an ++option. In this mode, pppd will fork and detach itself from its ++controlling terminal, so that the shell will return to its prompt. (If ++this behaviour is not desired, use the -detach option.) ++ ++Usually, the connect option should also be used. The connect option ++takes an argument which is a command to run to establish the serial link ++and invoke PPP software on the remote machine. This command is run with ++its standard input and standard output connected to the serial port. ++Giving the connect option to pppd also has the side-effect of causing ++pppd to open the serial port without waiting for the modem carrier ++detect signal. ++ ++The process of establishing the serial link often involves a dialog. If ++the serial port is connected to a modem, we first need to send some ++commands to the modem to configure it and dial the remote system. Often ++there is then a dialog with the remote system to supply a username and ++password. The @file{chat} program supplied with the ppp-2.x package is ++useful for automating such dialogs. Chat uses a @dfn{script} consisting ++of alternately strings to expect to receive on the serial port, and ++strings to send on the serial port. The script can also specify strings ++which indicate an error and abort the dialog. ++ ++@node Server machines, , Client machines, Configuration ++@section Server machines ++ ++There are generally three ways in which a server machine can be set up ++to allow client machines to establish a PPP link: ++ ++@enumerate ++@item ++Client machines log in as regular users (often via a serial port ++connected to a modem, but possibly through a telnet or rlogin session) ++and then run pppd as a shell command. ++@item ++Client machines log in using a username whose login shell is pppd ++or a script which runs pppd. ++@item ++Client machines connect to a serial port which has a pppd running ++permanently on it (instead of a "getty" or other program providing a ++login service). ++@end enumerate ++ ++Method 1 is very simple to set up, and is useful where existing users of ++a system have remote machines (for example at home) from which they want ++to establish a PPP connection from time to time. Methods 2 and 3 ++possibly have a security advantage in that they do not allow PPP client ++systems access to a shell. Method 2 allows regular logins and PPP ++connections on the same port, while with method 3, would-be crackers may ++well be frustrated (unless they speak fluent PPP). ++ ++With any of these methods, I strongly recommend that you configure PPP ++to require authentication from the client, by including the `auth' ++option in the /etc/ppp/options file. ++ ++@node Setting up syslog, , Server machines, Configuration ++@section Setting up syslog ++ ++Pppd uses the @file{syslog} facility to report information about the ++state of the connection, as does @file{chat}. It is useful to set up ++syslog to print some of these messages on the console, and to record ++most of them to a file. The messages from pppd are logged with facility ++@samp{daemon} and one of three levels: ++@itemize @bullet ++@item ++@samp{notice} for messages about important events such as the ++connection becoming available for IP traffic and the local and remote IP ++addresses in use. ++@item ++@samp{info} for messages about less important events, such as ++detecting a modem hangup. ++@item ++@samp{debug} for messages which are of use in working out why the ++connection is not working properly. ++@end itemize ++ ++The messages from chat are logged with facility @samp{local2} and level ++@samp{debug}. ++ ++Syslog is controlled by the syslog configuration file ++@file{/etc/syslog.conf}. Generally the standard configuration will log ++facility @samp{daemon} messages with level @samp{notice} and above to a ++system log file such as @file{/var/log/syslog} (the name may vary on ++different systems). I find it useful to have the notice level messages ++from pppd displayed on the console, and all messages from pppd and chat ++logged to a file such as @file{/etc/ppp/log}. To achieve this, ++find the line in /etc/syslog.conf which has /dev/console ++on the right-hand side, and add `daemon.notice' on the left. This ++line should end up something like this: ++ ++@example ++*.err;kern.debug;auth.notice;mail.crit;daemon.notice /dev/console ++@end example ++ ++And add a line like this: ++ ++@example ++daemon,local2.debug /etc/ppp/log ++@end example ++ ++The space between the left and right hand sides is one or more tabs, not ++spaces, and there are no tabs or spaces at the beginning of the line. ++ ++You will need to create an empty @file{/etc/ppp/log} file; syslogd will ++not create it. Once you have modified @file{/etc/syslog.conf}, you need ++to either reboot or notify syslogd to re-read the file. On most ++systems, you notify syslogd by sending it a SIGHUP signal. Syslogd's ++process ID is usually stored in a file such as @file{/etc/syslogd.pid} ++or @file{/var/run/syslog.pid}. Thus you can notify syslogd to re-read ++the file by executing a command such as: ++ ++@example ++kill -HUP `cat /etc/syslogd.pid` ++@end example ++ ++@node Pppd options, , Setting up syslog, Configuration ++@section Pppd options ++ ++@node Authentication secrets files, , Pppd options, Configuration ++@section Authentication secrets files ++ ++@node IP Addresses, , Authentication secrets files, Configuration ++@section IP Addresses ++ ++@node Security, Compression, Configuration, Top ++@chapter Security ++ ++@node Compression, , Security, Top ++@chapter Compression ++ ++@bye +diff -ruN ppp-2.4.2/pppd/Makefile.sol2 ppp-cvs-20040427/pppd/Makefile.sol2 +--- ppp-2.4.2/pppd/Makefile.sol2 2003-11-27 22:25:25.000000000 +0100 ++++ ppp-cvs-20040427/pppd/Makefile.sol2 2002-11-02 20:50:09.000000000 +0100 +@@ -1,6 +1,6 @@ + # + # Makefile for pppd under Solaris 2. +-# $Id: Makefile.sol2,v 1.24 2003/11/27 21:25:25 paulus Exp $ ++# $Id: Makefile.sol2,v 1.23 2002/11/02 19:48:12 carlsonj Exp $ + # + + include ../Makedefs.com +@@ -8,8 +8,8 @@ + CFLAGS = -I../include -DSVR4 -DSOL2 $(COPTS) + LIBS = -lsocket -lnsl + +-OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o eap.o md5.o \ +- tty.o ccp.o ecp.o auth.o options.o demand.o utils.o sys-solaris.o ++OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o eap.o md5.o tty.o \ ++ ccp.o ecp.o auth.o options.o demand.o utils.o sys-solaris.o + + # + # uncomment the following to enable plugins +diff -ruN ppp-2.4.2/pppd/Makefile.sunos4 ppp-cvs-20040427/pppd/Makefile.sunos4 +--- ppp-2.4.2/pppd/Makefile.sunos4 2003-11-27 22:25:25.000000000 +0100 ++++ ppp-cvs-20040427/pppd/Makefile.sunos4 2002-11-02 20:50:09.000000000 +0100 +@@ -1,6 +1,6 @@ + # + # Makefile for pppd under SunOS 4. +-# $Id: Makefile.sunos4,v 1.14 2003/11/27 21:25:25 paulus Exp $ ++# $Id: Makefile.sunos4,v 1.13 2002/11/02 19:48:12 carlsonj Exp $ + # + + include ../sunos4/Makedefs +@@ -12,7 +12,7 @@ + + all: pppd + +-OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o md5.o ccp.o ecp.o \ ++OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o ccp.o ecp.o \ + auth.o options.o demand.o utils.o sys-sunos4.o tty.o eap.o + + pppd: $(OBJS) +diff -ruN ppp-2.4.2/pppd/chap-new.c ppp-cvs-20040427/pppd/chap-new.c +--- ppp-2.4.2/pppd/chap-new.c 2003-11-27 23:22:36.000000000 +0100 ++++ ppp-cvs-20040427/pppd/chap-new.c 2004-01-17 06:50:11.000000000 +0100 +@@ -33,7 +33,7 @@ + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +-#define RCSID "$Id: chap-new.c,v 1.3 2003/11/27 22:22:36 paulus Exp $" ++#define RCSID "$Id: chap-new.c,v 1.4 2004/01/17 05:47:55 carlsonj Exp $" + + #include <stdlib.h> + #include <string.h> +@@ -49,7 +49,7 @@ + int (*chap_verify_hook)(char *name, char *ourname, int id, + struct chap_digest_type *digest, + unsigned char *challenge, unsigned char *response, +- unsigned char *message, int message_space) = NULL; ++ char *message, int message_space) = NULL; + + /* + * Option variables. +@@ -119,7 +119,7 @@ + static int chap_verify_response(char *name, char *ourname, int id, + struct chap_digest_type *digest, + unsigned char *challenge, unsigned char *response, +- unsigned char *message, int message_space); ++ char *message, int message_space); + static void chap_respond(struct chap_client_state *cs, int id, + unsigned char *pkt, int len); + static void chap_handle_status(struct chap_client_state *cs, int code, int id, +@@ -306,11 +306,11 @@ + { + int response_len, ok, mlen; + unsigned char *response, *p; +- unsigned char *name = NULL; /* initialized to shut gcc up */ ++ char *name = NULL; /* initialized to shut gcc up */ + int (*verifier)(char *, char *, int, struct chap_digest_type *, +- unsigned char *, unsigned char *, unsigned char *, int); ++ unsigned char *, unsigned char *, char *, int); + char rname[MAXNAMELEN+1]; +- unsigned char message[256]; ++ char message[256]; + + if ((ss->flags & LOWERUP) == 0) + return; +@@ -322,7 +322,7 @@ + response = pkt; + GETCHAR(response_len, pkt); + len -= response_len + 1; /* length of name */ +- name = pkt + response_len; ++ name = (char *)pkt + response_len; + if (len < 0) + return; + +@@ -391,14 +391,14 @@ + chap_verify_response(char *name, char *ourname, int id, + struct chap_digest_type *digest, + unsigned char *challenge, unsigned char *response, +- unsigned char *message, int message_space) ++ char *message, int message_space) + { + int ok; +- char secret[MAXSECRETLEN]; ++ unsigned char secret[MAXSECRETLEN]; + int secret_len; + + /* Get the secret that the peer is supposed to know */ +- if (!get_secret(0, name, ourname, secret, &secret_len, 1)) { ++ if (!get_secret(0, name, ourname, (char *)secret, &secret_len, 1)) { + error("No CHAP secret found for authenticating %q", name); + return 0; + } +diff -ruN ppp-2.4.2/pppd/chap-new.h ppp-cvs-20040427/pppd/chap-new.h +--- ppp-2.4.2/pppd/chap-new.h 2003-06-11 14:47:31.000000000 +0200 ++++ ppp-cvs-20040427/pppd/chap-new.h 2004-01-17 06:50:12.000000000 +0100 +@@ -123,7 +123,7 @@ + extern int (*chap_verify_hook)(char *name, char *ourname, int id, + struct chap_digest_type *digest, + unsigned char *challenge, unsigned char *response, +- unsigned char *message, int message_space); ++ char *message, int message_space); + + /* Called by digest code to register a digest type */ + extern void chap_register_digest(struct chap_digest_type *); +diff -ruN ppp-2.4.2/pppd/chap_ms.c ppp-cvs-20040427/pppd/chap_ms.c +--- ppp-2.4.2/pppd/chap_ms.c 2003-11-18 11:42:56.000000000 +0100 ++++ ppp-cvs-20040427/pppd/chap_ms.c 2004-04-14 04:40:21.000000000 +0200 +@@ -74,7 +74,7 @@ + * + */ + +-#define RCSID "$Id: chap_ms.c,v 1.30 2003/07/10 17:59:33 fcusack Exp $" ++#define RCSID "$Id: chap_ms.c,v 1.31 2004/04/14 02:39:39 carlsonj Exp $" + + #ifdef CHAPMS + +@@ -164,9 +164,11 @@ + chapms_generate_challenge(unsigned char *challenge) + { + *challenge++ = 8; ++#ifdef DEBUGMPPEKEY + if (mschap_challenge && strlen(mschap_challenge) == 8) + memcpy(challenge, mschap_challenge, 8); + else ++#endif + random_bytes(challenge, 8); + } + +@@ -174,9 +176,11 @@ + chapms2_generate_challenge(unsigned char *challenge) + { + *challenge++ = 16; ++#ifdef DEBUGMPPEKEY + if (mschap_challenge && strlen(mschap_challenge) == 16) + memcpy(challenge, mschap_challenge, 16); + else ++#endif + random_bytes(challenge, 16); + } + +@@ -207,7 +211,7 @@ + #endif + + /* Generate the expected response. */ +- ChapMS(challenge, secret, secret_len, &md); ++ ChapMS(challenge, (char *)secret, secret_len, &md); + + #ifdef MSLANMAN + /* Determine which part of response to verify against */ +@@ -250,8 +254,8 @@ + + /* Generate the expected response and our mutual auth. */ + ChapMS2(challenge, rmd->PeerChallenge, name, +- secret, secret_len, &md, +- saresponse, MS_CHAP2_AUTHENTICATOR); ++ (char *)secret, secret_len, &md, ++ (unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR); + + /* compare MDs and send the appropriate status */ + /* +@@ -326,8 +330,13 @@ + { + challenge++; /* skip length, should be 16 */ + *response++ = MS_CHAP2_RESPONSE_LEN; +- ChapMS2(challenge, mschap2_peer_challenge, our_name, +- secret, secret_len, ++ ChapMS2(challenge, ++#ifdef DEBUGMPPEKEY ++ mschap2_peer_challenge, ++#else ++ NULL, ++#endif ++ our_name, secret, secret_len, + (MS_Chap2Response *) response, private, + MS_CHAP2_AUTHENTICATEE); + } +@@ -335,7 +344,8 @@ + static int + chapms2_check_success(unsigned char *msg, int len, unsigned char *private) + { +- if ((len < MS_AUTH_RESPONSE_LENGTH + 2) || strncmp(msg, "S=", 2)) { ++ if ((len < MS_AUTH_RESPONSE_LENGTH + 2) || ++ strncmp((char *)msg, "S=", 2) != 0) { + /* Packet does not start with "S=" */ + error("MS-CHAPv2 Success packet is badly formed."); + return 0; +@@ -351,7 +361,7 @@ + /* Authenticator Response matches. */ + msg += MS_AUTH_RESPONSE_LENGTH; /* Eat it */ + len -= MS_AUTH_RESPONSE_LENGTH; +- if ((len >= 3) && !strncmp(msg, " M=", 3)) { ++ if ((len >= 3) && !strncmp((char *)msg, " M=", 3)) { + msg += 3; /* Eat the delimiter */ + } else if (len) { + /* Packet has extra text which does not begin " M=" */ +@@ -477,7 +487,7 @@ + SHA1_Init(&sha1Context); + SHA1_Update(&sha1Context, PeerChallenge, 16); + SHA1_Update(&sha1Context, rchallenge, 16); +- SHA1_Update(&sha1Context, user, strlen(user)); ++ SHA1_Update(&sha1Context, (unsigned char *)user, strlen(user)); + SHA1_Final(sha1Hash, &sha1Context); + + BCOPY(sha1Hash, Challenge, 8); +@@ -512,7 +522,7 @@ + MD4_CTX md4Context; + + MD4Init(&md4Context); +- MD4Update(&md4Context, secret, mdlen); ++ MD4Update(&md4Context, (unsigned char *)secret, mdlen); + MD4Final(hash, &md4Context); + + } +@@ -526,7 +536,7 @@ + + /* Hash the Unicode version of the secret (== password). */ + ascii2unicode(secret, secret_len, unicodePassword); +- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); ++ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); + + ChallengeResponse(rchallenge, PasswordHash, NTResponse); + } +@@ -539,11 +549,12 @@ + u_char PasswordHash[MD4_SIGNATURE_SIZE]; + u_char Challenge[8]; + +- ChallengeHash(PeerChallenge, rchallenge, username, Challenge); ++ ChallengeHash(PeerChallenge, (unsigned char *)rchallenge, username, ++ Challenge); + + /* Hash the Unicode version of the secret (== password). */ + ascii2unicode(secret, secret_len, unicodePassword); +- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); ++ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); + + ChallengeResponse(Challenge, PasswordHash, NTResponse); + } +@@ -603,8 +614,9 @@ + + /* Hash (x2) the Unicode version of the secret (== password). */ + ascii2unicode(secret, secret_len, unicodePassword); +- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); +- NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash); ++ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); ++ NTPasswordHash((char *)PasswordHash, sizeof(PasswordHash), ++ PasswordHashHash); + + SHA1_Init(&sha1Context); + SHA1_Update(&sha1Context, PasswordHashHash, sizeof(PasswordHashHash)); +@@ -622,7 +634,7 @@ + + /* Convert to ASCII hex string. */ + for (i = 0; i < MAX((MS_AUTH_RESPONSE_LENGTH / 2), sizeof(Digest)); i++) +- sprintf(&authResponse[i * 2], "%02X", Digest[i]); ++ sprintf((char *)&authResponse[i * 2], "%02X", Digest[i]); + } + + +@@ -825,7 +837,7 @@ + sizeof(response->PeerChallenge)); + + /* Generate the NT-Response */ +- ChapMS2_NT(rchallenge, response->PeerChallenge, user, ++ ChapMS2_NT((char *)rchallenge, response->PeerChallenge, user, + secret, secret_len, response->NTResp); + + /* Generate the Authenticator Response. */ +diff -ruN ppp-2.4.2/pppd/fsm.c ppp-cvs-20040427/pppd/fsm.c +--- ppp-2.4.2/pppd/fsm.c 2003-06-29 12:06:14.000000000 +0200 ++++ ppp-cvs-20040427/pppd/fsm.c 2004-02-02 05:00:11.000000000 +0100 +@@ -40,7 +40,7 @@ + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +-#define RCSID "$Id: fsm.c,v 1.20 2003/06/29 10:06:14 paulus Exp $" ++#define RCSID "$Id: fsm.c,v 1.22 2004/02/02 03:57:19 carlsonj Exp $" + + /* + * TODO: +@@ -201,6 +201,44 @@ + } + } + ++/* ++ * terminate_layer - Start process of shutting down the FSM ++ * ++ * Cancel any timeout running, notify upper layers we're done, and ++ * send a terminate-request message as configured. ++ */ ++static void ++terminate_layer(f, nextstate) ++ fsm *f; ++ int nextstate; ++{ ++ if( f->state != OPENED ) ++ UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */ ++ else if( f->callbacks->down ) ++ (*f->callbacks->down)(f); /* Inform upper layers we're down */ ++ ++ /* Init restart counter and send Terminate-Request */ ++ f->retransmits = f->maxtermtransmits; ++ fsm_sdata(f, TERMREQ, f->reqid = ++f->id, ++ (u_char *) f->term_reason, f->term_reason_len); ++ ++ if (f->retransmits == 0) { ++ /* ++ * User asked for no terminate requests at all; just close it. ++ * We've already fired off one Terminate-Request just to be nice ++ * to the peer, but we're not going to wait for a reply. ++ */ ++ f->state = nextstate == CLOSING ? CLOSED : STOPPED; ++ if( f->callbacks->finished ) ++ (*f->callbacks->finished)(f); ++ return; ++ } ++ ++ TIMEOUT(fsm_timeout, f, f->timeouttime); ++ --f->retransmits; ++ ++ f->state = nextstate; ++} + + /* + * fsm_close - Start closing connection. +@@ -230,19 +268,7 @@ + case ACKRCVD: + case ACKSENT: + case OPENED: +- if( f->state != OPENED ) +- UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */ +- else if( f->callbacks->down ) +- (*f->callbacks->down)(f); /* Inform upper layers we're down */ +- +- /* Init restart counter, send Terminate-Request */ +- f->retransmits = f->maxtermtransmits; +- fsm_sdata(f, TERMREQ, f->reqid = ++f->id, +- (u_char *) f->term_reason, f->term_reason_len); +- TIMEOUT(fsm_timeout, f, f->timeouttime); +- --f->retransmits; +- +- f->state = CLOSING; ++ terminate_layer(f, CLOSING); + break; + } + } +@@ -689,17 +715,7 @@ + break; + + case OPENED: +- if( f->callbacks->down ) +- (*f->callbacks->down)(f); +- +- /* Init restart counter, send Terminate-Request */ +- f->retransmits = f->maxtermtransmits; +- fsm_sdata(f, TERMREQ, f->reqid = ++f->id, +- (u_char *) f->term_reason, f->term_reason_len); +- TIMEOUT(fsm_timeout, f, f->timeouttime); +- --f->retransmits; +- +- f->state = STOPPING; ++ terminate_layer(f, STOPPING); + break; + + default: +diff -ruN ppp-2.4.2/pppd/main.c ppp-cvs-20040427/pppd/main.c +--- ppp-2.4.2/pppd/main.c 2004-01-13 05:00:34.000000000 +0100 ++++ ppp-cvs-20040427/pppd/main.c 2004-04-12 13:25:19.000000000 +0200 +@@ -40,7 +40,7 @@ + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +-#define RCSID "$Id: main.c,v 1.131 2004/01/13 04:00:34 paulus Exp $" ++#define RCSID "$Id: main.c,v 1.136 2004/04/12 11:20:19 paulus Exp $" + + #include <stdio.h> + #include <ctype.h> +@@ -150,6 +150,7 @@ + int got_sigterm; + int got_sighup; + ++static sigset_t signals_handled; + static int waiting; + static sigjmp_buf sigjmp; + +@@ -648,16 +649,15 @@ + handle_events() + { + struct timeval timo; +- sigset_t mask; + + kill_link = open_ccp_flag = 0; + if (sigsetjmp(sigjmp, 1) == 0) { +- sigprocmask(SIG_BLOCK, &mask, NULL); ++ sigprocmask(SIG_BLOCK, &signals_handled, NULL); + if (got_sighup || got_sigterm || got_sigusr2 || got_sigchld) { +- sigprocmask(SIG_UNBLOCK, &mask, NULL); ++ sigprocmask(SIG_UNBLOCK, &signals_handled, NULL); + } else { + waiting = 1; +- sigprocmask(SIG_UNBLOCK, &mask, NULL); ++ sigprocmask(SIG_UNBLOCK, &signals_handled, NULL); + wait_input(timeleft(&timo)); + } + } +@@ -692,19 +692,18 @@ + setup_signals() + { + struct sigaction sa; +- sigset_t mask; + + /* + * Compute mask of all interesting signals and install signal handlers + * for each. Only one signal handler may be active at a time. Therefore, + * all other signals should be masked when any handler is executing. + */ +- sigemptyset(&mask); +- sigaddset(&mask, SIGHUP); +- sigaddset(&mask, SIGINT); +- sigaddset(&mask, SIGTERM); +- sigaddset(&mask, SIGCHLD); +- sigaddset(&mask, SIGUSR2); ++ sigemptyset(&signals_handled); ++ sigaddset(&signals_handled, SIGHUP); ++ sigaddset(&signals_handled, SIGINT); ++ sigaddset(&signals_handled, SIGTERM); ++ sigaddset(&signals_handled, SIGCHLD); ++ sigaddset(&signals_handled, SIGUSR2); + + #define SIGNAL(s, handler) do { \ + sa.sa_handler = handler; \ +@@ -712,7 +711,7 @@ + fatal("Couldn't establish signal handler (%d): %m", s); \ + } while (0) + +- sa.sa_mask = mask; ++ sa.sa_mask = signals_handled; + sa.sa_flags = 0; + SIGNAL(SIGHUP, hup); /* Hangup */ + SIGNAL(SIGINT, term); /* Interrupt */ +@@ -1173,6 +1172,7 @@ + info("Connect time %d.%d minutes.", t/10, t%10); + info("Sent %u bytes, received %u bytes.", + link_stats.bytes_out, link_stats.bytes_in); ++ link_stats_valid = 0; + } + } + +@@ -1329,6 +1329,7 @@ + + /* + * kill_my_pg - send a signal to our process group, and ignore it ourselves. ++ * We assume that sig is currently blocked. + */ + static void + kill_my_pg(sig) +@@ -1336,10 +1337,22 @@ + { + struct sigaction act, oldact; + ++ sigemptyset(&act.sa_mask); /* unnecessary in fact */ + act.sa_handler = SIG_IGN; + act.sa_flags = 0; +- sigaction(sig, &act, &oldact); + kill(0, sig); ++ /* ++ * The kill() above made the signal pending for us, as well as ++ * the rest of our process group, but we don't want it delivered ++ * to us. It is blocked at the moment. Setting it to be ignored ++ * will cause the pending signal to be discarded. If we did the ++ * kill() after setting the signal to be ignored, it is unspecified ++ * (by POSIX) whether the signal is immediately discarded or left ++ * pending, and in fact Linux would leave it pending, and so it ++ * would be delivered after the current signal handler exits, ++ * leading to an infinite loop. ++ */ ++ sigaction(sig, &act, &oldact); + sigaction(sig, &oldact, NULL); + } + +diff -ruN ppp-2.4.2/pppd/plugins/Makefile ppp-cvs-20040427/pppd/plugins/Makefile +--- ppp-2.4.2/pppd/plugins/Makefile 2004-01-13 04:56:24.000000000 +0100 ++++ ppp-cvs-20040427/pppd/plugins/Makefile 1970-01-01 01:00:00.000000000 +0100 +@@ -1,38 +0,0 @@ +-CC = gcc +-COPTS = -O2 -g +-CFLAGS = $(COPTS) -I.. -I../../include -fPIC +-LDFLAGS = -shared +-INSTALL = install -o root +- +-SUBDIRS := rp-pppoe +-# Uncomment the next line to include the radius authentication plugin +-# SUBDIRS += radius +-PLUGINS := minconn.so passprompt.so passwordfd.so +- +-# include dependencies if present +-ifeq (.depend,$(wildcard .depend)) +-include .depend +-endif +- +-all: $(PLUGINS) +- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all; done +- +-%.so: %.c +- $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^ +- +-VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../patchlevel.h) +-LIBDIR = $(DESTDIR)/usr/lib/pppd/$(VERSION) +- +-install: $(PLUGINS) +- $(INSTALL) -d $(LIBDIR) +- $(INSTALL) $? $(LIBDIR) +- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d INSTALL=$(INSTALL) \ +- LIBDIR=$(LIBDIR) install; done +- +-clean: +- rm -f *.o *.so *.a +- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d clean; done +- +-depend: +- $(CPP) -M $(CFLAGS) *.c >.depend +- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d depend; done +diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/CVS/Entries 2002-12-04 22:49:09.000000000 +0100 ++++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,7 +0,0 @@ +-/pppd-radattr.8/1.1/Tue Jan 22 16:03:00 2002// +-/pppd-radius.8/1.4/Tue Apr 2 13:55:00 2002// +-/radattr.c/1.1/Tue Jan 22 16:03:00 2002// +-D/radiusclient//// +-/Makefile.linux/1.5/Sat Nov 9 11:24:42 2002// +-/radrealms.c/1.1/Sat Oct 5 04:35:24 2002// +-/radius.c/1.18/Wed Dec 4 21:49:09 2002// +diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/CVS/Repository 2002-09-07 12:37:51.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius +diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/CVS/Root 2002-09-07 12:37:51.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/Makefile ppp-cvs-20040427/pppd/plugins/radius/Makefile +--- ppp-2.4.2/pppd/plugins/radius/Makefile 2002-11-09 12:24:42.000000000 +0100 ++++ ppp-cvs-20040427/pppd/plugins/radius/Makefile 1970-01-01 01:00:00.000000000 +0100 +@@ -1,74 +0,0 @@ +-# Makefile for RADIUS plugin +-# +-# Copyright 2002 Roaring Penguin Software Inc. +-# +- +-MANDIR=/usr/man +-PLUGIN=radius.so radattr.so radrealms.so +-CFLAGS=-I../.. -I../../../include -Iradiusclient/include -O2 +- +-# Uncomment the next line to include support for Microsoft's +-# MS-CHAP authentication protocol. +-CHAPMS=y +-# Uncomment the next line to include support for MPPE. +-MPPE=y +-# Uncomment the next lint to include support for traffic limiting +-MAXOCTETS=y +- +-ifdef CHAPMS +-CFLAGS += -DCHAPMS=1 +-ifdef MPPE +-CFLAGS += -DMPPE=1 +-endif +-endif +-ifdef MAXOCTETS +-CFLAGS += -DMAXOCTETS=1 +-endif +- +-all: $(PLUGIN) +- +-install: all +- $(MAKE) $(MFLAGS) -C radiusclient install +- $(INSTALL) -d -m 755 $(LIBDIR) +- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR) +- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR) +- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR) +- $(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)/man8 +- $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)/man8 +- +-radius.so: radiusclient/lib/.libs/libradiusclient.a radius.o +- gcc -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a +- +-radattr.so: radattr.o +- gcc -o radattr.so -shared radattr.o +- +-radrealms.so: radrealms.o +- gcc -o radrealms.so -shared radrealms.o +- +-radius.o: radius.c +- gcc $(CFLAGS) -c -o radius.o -fPIC radius.c +- +-radattr.o: radattr.c +- gcc $(CFLAGS) -c -o radattr.o -fPIC radattr.c +- +-radrealms.o: radrealms.c +- gcc $(CFLAGS) -c -o radrealms.o -fPIC radrealms.c +- +-radiusclient/lib/.libs/libradiusclient.a: +- test -r radiusclient/Makefile || \ +- (cd radiusclient; \ +- ./configure --prefix=/usr \ +- --sysconfdir=/etc \ +- --enable-shared \ +- --enable-static) +- $(MAKE) -C radiusclient +- +-clean: +- $(MAKE) $(MFLAGS) -C radiusclient clean +- rm -f *.o *.so +- +-distclean: +- rm -f *.o *.so +- $(MAKE) $(MFLAGS) -C radiusclient distclean +- +-dist-clean: distclean +diff -ruN ppp-2.4.2/pppd/plugins/radius/pppd-radius.8 ppp-cvs-20040427/pppd/plugins/radius/pppd-radius.8 +--- ppp-2.4.2/pppd/plugins/radius/pppd-radius.8 2002-04-02 15:55:00.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/pppd-radius.8 2004-03-26 14:30:16.000000000 +0100 +@@ -1,5 +1,5 @@ + .\" manual page [] for RADIUS plugin for pppd 2.4 +-.\" $Id: pppd-radius.8,v 1.4 2002/04/02 13:55:00 dfs Exp $ ++.\" $Id: pppd-radius.8,v 1.5 2004/03/26 13:27:17 kad Exp $ + .\" SH section heading + .\" SS subsection heading + .\" LP paragraph +@@ -40,6 +40,15 @@ + used, then the plugin uses + .I /etc/radiusclient/radiusclient.conf + as the configuration file. ++.TP ++.BI "avpair " attribute=value ++Adds an Attribute-Value pair to be passed on to the RADIUS server on each request. ++.TP ++.BI map-to-ifname ++Sets Radius NAS-Port attribute to number equal to interface name (Default) ++.TP ++.BI map-to-ttyname ++Sets Radius NAS-Port attribute value via libradiusclient library + + .SH USAGE + To use the plugin, simply supply the +diff -ruN ppp-2.4.2/pppd/plugins/radius/radius.c ppp-cvs-20040427/pppd/plugins/radius/radius.c +--- ppp-2.4.2/pppd/plugins/radius/radius.c 2004-01-13 03:26:11.000000000 +0100 ++++ ppp-cvs-20040427/pppd/plugins/radius/radius.c 2004-04-12 07:20:16.000000000 +0200 +@@ -24,7 +24,7 @@ + * + ***********************************************************************/ + static char const RCSID[] = +-"$Id: radius.c,v 1.22 2004/01/11 08:01:30 paulus Exp $"; ++"$Id: radius.c,v 1.25 2004/04/12 05:16:37 kad Exp $"; + + #include "pppd.h" + #include "chap-new.h" +@@ -52,10 +52,15 @@ + char *vpstr; + struct avpopt *next; + } *avpopt = NULL; ++static bool portnummap = 0; + + static option_t Options[] = { + { "radius-config-file", o_string, &config_file }, + { "avpair", o_special, add_avp }, ++ { "map-to-ttyname", o_bool, &portnummap, ++ "Set Radius NAS-Port attribute value via libradiusclient library", OPT_PRIO | 1 }, ++ { "map-to-ifname", o_bool, &portnummap, ++ "Set Radius NAS-Port attribute to number as in interface name (Default)", OPT_PRIOSUB | 0 }, + { NULL } + }; + +@@ -264,7 +269,7 @@ + + /* Hack... the "port" is the ppp interface number. Should really be + the tty */ +- rstate.client_port = get_client_port(ifname); ++ rstate.client_port = get_client_port(portnummap ? devnam : ifname); + + av_type = PW_FRAMED; + rc_avpair_add(&send, PW_SERVICE_TYPE, &av_type, 0, VENDOR_NONE); +@@ -363,7 +368,7 @@ + /* Put user with potentially realm added in rstate.user */ + if (!rstate.done_chap_once) { + make_username_realm(user); +- rstate.client_port = get_client_port (ifname); ++ rstate.client_port = get_client_port (portnummap ? devnam : ifname); + if (radius_pre_auth_hook) { + radius_pre_auth_hook(rstate.user, + &rstate.authserver, +@@ -881,7 +886,7 @@ + rc_avpair_add(&send, PW_ACCT_AUTHENTIC, &av_type, 0, VENDOR_NONE); + + +- av_type = PW_ASYNC; ++ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); + rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); + + hisaddr = ho->hisaddr; +@@ -981,9 +986,56 @@ + remote_number, 0, VENDOR_NONE); + } + +- av_type = PW_ASYNC; ++ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); + rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); + ++ av_type = PW_NAS_ERROR; ++ switch( status ) { ++ case EXIT_OK: ++ case EXIT_USER_REQUEST: ++ av_type = PW_USER_REQUEST; ++ break; ++ ++ case EXIT_HANGUP: ++ case EXIT_PEER_DEAD: ++ case EXIT_CONNECT_FAILED: ++ av_type = PW_LOST_CARRIER; ++ break; ++ ++ case EXIT_INIT_FAILED: ++ case EXIT_OPEN_FAILED: ++ case EXIT_LOCK_FAILED: ++ case EXIT_PTYCMD_FAILED: ++ av_type = PW_PORT_ERROR; ++ break; ++ ++ case EXIT_PEER_AUTH_FAILED: ++ case EXIT_AUTH_TOPEER_FAILED: ++ case EXIT_NEGOTIATION_FAILED: ++ case EXIT_CNID_AUTH_FAILED: ++ av_type = PW_SERVICE_UNAVAILABLE; ++ break; ++ ++ case EXIT_IDLE_TIMEOUT: ++ av_type = PW_ACCT_IDLE_TIMEOUT; ++ break; ++ ++ case EXIT_CONNECT_TIME: ++ av_type = PW_ACCT_SESSION_TIMEOUT; ++ break; ++ ++#ifdef MAXOCTETS ++ case EXIT_TRAFFIC_LIMIT: ++ av_type = PW_NAS_REQUEST; ++ break; ++#endif ++ ++ default: ++ av_type = PW_NAS_ERROR; ++ break; ++ } ++ rc_avpair_add(&send, PW_ACCT_TERMINATE_CAUSE, &av_type, 0, VENDOR_NONE); ++ + hisaddr = ho->hisaddr; + av_type = htonl(hisaddr); + rc_avpair_add(&send, PW_FRAMED_IP_ADDRESS , &av_type , 0, VENDOR_NONE); +@@ -1077,7 +1129,7 @@ + remote_number, 0, VENDOR_NONE); + } + +- av_type = PW_ASYNC; ++ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); + rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); + + hisaddr = ho->hisaddr; +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Entries 2002-09-07 12:37:54.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,28 +0,0 @@ +-/BUGS/1.1/Tue Jan 22 16:03:00 2002// +-/CHANGES/1.1/Tue Jan 22 16:03:00 2002// +-/COPYRIGHT/1.1/Tue Jan 22 16:03:00 2002// +-/Makefile.am/1.1/Tue Jan 22 16:03:00 2002// +-/Makefile.in/1.1/Tue Jan 22 16:03:00 2002// +-/README/1.1/Tue Jan 22 16:03:00 2002// +-/README.radexample/1.1/Tue Jan 22 16:03:00 2002// +-/acconfig.h/1.1/Tue Jan 22 16:03:00 2002// +-/aclocal.m4/1.2/Mon Jun 24 12:57:15 2002// +-/config.guess/1.1/Tue Jan 22 16:03:00 2002// +-/config.h.in/1.3/Thu Jul 25 16:29:16 2002// +-/config.sub/1.1/Tue Jan 22 16:03:00 2002// +-/configure/1.1/Tue Jan 22 16:03:00 2002// +-/configure.in/1.1/Tue Jan 22 16:03:00 2002// +-/install-sh/1.1/Tue Jan 22 16:03:00 2002// +-/ltconfig/1.1/Tue Jan 22 16:03:00 2002// +-/ltmain.sh/1.1/Tue Jan 22 16:03:00 2002// +-/missing/1.1/Tue Jan 22 16:03:00 2002// +-/mkinstalldirs/1.1/Tue Jan 22 16:03:00 2002// +-/stamp-h.in/1.1/Tue Jan 22 16:03:00 2002// +-D/doc//// +-D/etc//// +-D/include//// +-D/lib//// +-D/login.radius//// +-D/man//// +-D/patches//// +-D/src//// +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Repository 2002-09-07 12:37:51.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Root 2002-09-07 12:37:51.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Entries 2002-09-07 12:37:52.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,4 +0,0 @@ +-/Makefile.am/1.1/Tue Jan 22 16:03:01 2002// +-/Makefile.in/1.1/Tue Jan 22 16:03:01 2002// +-/instop.html/1.1/Tue Jan 22 16:03:01 2002// +-D +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Repository 2002-09-07 12:37:52.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/doc +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Root 2002-09-07 12:37:52.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Entries 2002-11-09 12:24:42.000000000 +0100 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,13 +0,0 @@ +-/dictionary.ascend/1.1/Tue Jan 22 16:03:01 2002// +-/dictionary.compat/1.1/Tue Jan 22 16:03:01 2002// +-/dictionary.merit/1.1/Tue Jan 22 16:03:01 2002// +-/dictionary.microsoft/1.1/Wed Mar 6 13:23:09 2002// +-/issue/1.1/Tue Jan 22 16:03:01 2002// +-/port-id-map/1.1/Tue Jan 22 16:03:01 2002// +-/servers/1.1/Tue Jan 22 16:03:01 2002// +-/Makefile.am/1.4/Sat Nov 9 11:24:42 2002// +-/Makefile.in/1.5/Sat Nov 9 11:24:42 2002// +-/dictionary/1.9/Sat Nov 9 11:24:42 2002// +-/radiusclient.conf.in/1.2/Sat Nov 9 11:24:42 2002// +-/realms/1.1/Sat Oct 5 04:35:24 2002// +-D +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Repository 2002-09-07 12:37:52.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/etc +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Root 2002-09-07 12:37:52.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Entries 2002-12-04 22:49:09.000000000 +0100 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,7 +0,0 @@ +-/Makefile.am/1.1/Tue Jan 22 16:03:01 2002// +-/Makefile.in/1.1/Tue Jan 22 16:03:01 2002// +-/includes.h/1.2/Wed Feb 27 15:51:19 2002// +-/messages.h/1.2/Wed Feb 27 15:51:19 2002// +-/pathnames.h/1.2/Wed Feb 27 15:51:19 2002// +-/radiusclient.h/1.9/Wed Dec 4 21:49:09 2002// +-D +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Repository 2002-09-07 12:37:52.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/include +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Root 2002-09-07 12:37:52.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Entries 2002-12-04 22:49:09.000000000 +0100 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,20 +0,0 @@ +-/Makefile.am/1.1/Tue Jan 22 16:03:02 2002// +-/Makefile.in/1.2/Wed Feb 20 02:22:35 2002// +-/clientid.c/1.2/Wed Feb 27 15:51:20 2002// +-/dict.c/1.2/Tue Mar 5 15:14:06 2002// +-/env.c/1.2/Wed Feb 27 15:51:20 2002// +-/ip_util.c/1.2/Wed Feb 27 15:51:20 2002// +-/lock.c/1.2/Wed Feb 27 15:51:20 2002// +-/log.c/1.2/Wed Feb 27 15:51:20 2002// +-/md5.c/1.2/Wed Feb 27 15:51:20 2002// +-/memcmp.c/1.2/Wed Feb 27 15:51:20 2002// +-/sendserver.c/1.4/Tue Apr 2 14:09:35 2002// +-/strcasecmp.c/1.2/Wed Feb 27 15:51:20 2002// +-/strdup.c/1.2/Wed Feb 27 15:51:20 2002// +-/strerror.c/1.2/Wed Feb 27 15:51:20 2002// +-/util.c/1.2/Wed Feb 27 15:51:20 2002// +-/buildreq.c/1.4/Sat Nov 9 11:24:43 2002// +-/config.c/1.3/Sat Nov 9 11:24:43 2002// +-/options.h/1.2/Sat Nov 9 11:24:43 2002// +-/avpair.c/1.3/Wed Dec 4 21:49:09 2002// +-D +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/lib +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Root 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries 2002-09-07 12:37:54.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,5 +0,0 @@ +-/Makefile.am/1.1/Tue Jan 22 16:03:02 2002// +-/Makefile.in/1.1/Tue Jan 22 16:03:02 2002// +-/README/1.1/Tue Jan 22 16:03:02 2002// +-/login.radius/1.1/Tue Jan 22 16:03:02 2002// +-D/migs//// +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/login.radius +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Root 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,7 +0,0 @@ +-/Makefile.am/1.1/Tue Jan 22 16:03:02 2002// +-/Makefile.in/1.1/Tue Jan 22 16:03:02 2002// +-/README/1.1/Tue Jan 22 16:03:02 2002// +-/ip-down/1.1/Tue Jan 22 16:03:02 2002// +-/ip-up/1.1/Tue Jan 22 16:03:02 2002// +-/login.radius/1.1/Tue Jan 22 16:03:02 2002// +-D +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/login.radius/migs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Entries 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,3 +0,0 @@ +-/Makefile.am/1.1/Tue Jan 22 16:03:02 2002// +-/Makefile.in/1.1/Tue Jan 22 16:03:02 2002// +-D +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/man +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Root 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Entries 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,7 +0,0 @@ +-/Makefile.am/1.1/Tue Jan 22 16:03:03 2002// +-/Makefile.in/1.1/Tue Jan 22 16:03:03 2002// +-/README/1.1/Tue Jan 22 16:03:03 2002// +-/merit-2.4.21-CHAP.diff/1.1/Tue Jan 22 16:03:04 2002// +-/radiusd-1.16.accounting.diff/1.1/Tue Jan 22 16:03:04 2002// +-/radiusd-1.16.shadow.diff/1.1/Tue Jan 22 16:03:04 2002// +-D +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/patches +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Root 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Entries +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Entries 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,11 +0,0 @@ +-/Makefile.am/1.1/Tue Jan 22 16:03:04 2002// +-/Makefile.in/1.1/Tue Jan 22 16:03:04 2002// +-/local.c/1.1/Tue Jan 22 16:03:04 2002// +-/radacct.c/1.1/Tue Jan 22 16:03:04 2002// +-/radexample-debug/1.1/Tue Jan 22 16:03:04 2002// +-/radexample.c/1.2/Tue Apr 2 14:09:35 2002// +-/radius.c/1.2/Tue Apr 2 14:09:35 2002// +-/radlogin.c/1.1/Tue Jan 22 16:03:04 2002// +-/radlogin.h/1.1/Tue Jan 22 16:03:05 2002// +-/radstatus.c/1.1/Tue Jan 22 16:03:05 2002// +-D +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Repository +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/radius/radiusclient/src +diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Root +--- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Root 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Entries ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Entries +--- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Entries 2002-09-07 12:37:54.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 +@@ -1,9 +0,0 @@ +-/Makefile.linux/1.1/Fri Dec 14 02:55:20 2001// +-/common.c/1.1/Fri Dec 14 02:55:20 2001// +-/config.h/1.1/Fri Dec 14 02:55:20 2001// +-/debug.c/1.1/Fri Dec 14 02:55:20 2001// +-/discovery.c/1.1/Fri Dec 14 02:55:20 2001// +-/if.c/1.1/Fri Dec 14 02:55:20 2001// +-/plugin.c/1.7/Tue Apr 2 13:11:00 2002// +-/pppoe.h/1.1/Fri Dec 14 02:55:20 2001// +-D +diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Repository ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Repository +--- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-ppp/pppd/plugins/rp-pppoe +diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Root ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Root +--- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Root 2002-09-07 12:37:53.000000000 +0200 ++++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Root 1970-01-01 01:00:00.000000000 +0100 +@@ -1 +0,0 @@ +-samba.org:/data/cvs +diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/Makefile ppp-cvs-20040427/pppd/plugins/rp-pppoe/Makefile +--- ppp-2.4.2/pppd/plugins/rp-pppoe/Makefile 2004-01-13 04:57:55.000000000 +0100 ++++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/Makefile 1970-01-01 01:00:00.000000000 +0100 +@@ -1,50 +0,0 @@ +-# Generated automatically from Makefile.in by configure. +-#*********************************************************************** +-# +-# Makefile +-# +-# Makefile for Roaring Penguin's Linux PPPoE plugin. +-# +-# Copyright (C) 2001 Roaring Penguin Software Inc. +-# +-# This program may be distributed according to the terms of the GNU +-# General Public License, version 2 or (at your option) any later version. +-# +-# $Id: Makefile.linux,v 1.2 2004/01/13 03:57:55 paulus Exp $ +-#*********************************************************************** +- +-# Version is set ONLY IN THE MAKEFILE! Don't delete this! +-VERSION=3.3 +- +-COPTS=-O2 -g +-CFLAGS=$(COPTS) -I../../../include/linux +-all: rp-pppoe.so +- +-rp-pppoe.so: libplugin.a plugin.o +- gcc -o rp-pppoe.so -shared plugin.o libplugin.a +- +-install: all +- $(INSTALL) -d -m 755 $(LIBDIR) +- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR) +- +-clean: +- rm -f *.o *.so +- +-plugin.o: plugin.c +- gcc '-DRP_VERSION="$(VERSION)"' $(CFLAGS) -I../../.. -c -o plugin.o -fPIC plugin.c +- +-libplugin.a: discovery.o if.o common.o debug.o +- ar -rc $@ $^ +- +-discovery.o: discovery.c +- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o discovery.o -fPIC discovery.c +- +-if.o: if.c +- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o if.o -fPIC if.c +- +-debug.o: debug.c +- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o debug.o -fPIC debug.c +- +-common.o: common.c +- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o common.o -fPIC common.c +- +diff -ruN ppp-2.4.2/pppd/pppd.8 ppp-cvs-20040427/pppd/pppd.8 +--- ppp-2.4.2/pppd/pppd.8 2004-01-15 06:09:00.000000000 +0100 ++++ ppp-cvs-20040427/pppd/pppd.8 2004-04-27 20:25:12.000000000 +0200 +@@ -1,5 +1,5 @@ + .\" manual page [] for pppd 2.4 +-.\" $Id: pppd.8,v 1.76 2004/01/15 05:09:00 paulus Exp $ ++.\" $Id: pppd.8,v 1.77 2004/04/27 18:22:58 fcusack Exp $ + .\" SH section heading + .\" SS subsection heading + .\" LP paragraph +@@ -955,11 +955,11 @@ + Require the use of MPPE, with 128\-bit encryption. + .TP + .B require-mschap +-Require the peer to authenticate itself using MS-CHAP [Microsft Challenge ++Require the peer to authenticate itself using MS-CHAP [Microsoft Challenge + Handshake Authentication Protocol] authentication. + .TP + .B require-mschap-v2 +-Require the peer to authenticate itself using MS-CHAPv2 [Microsft Challenge ++Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge + Handshake Authentication Protocol, Version 2] authentication. + .TP + .B require-eap +diff -ruN ppp-2.4.2/pppd/tty.c ppp-cvs-20040427/pppd/tty.c +--- ppp-2.4.2/pppd/tty.c 2004-01-13 05:17:59.000000000 +0100 ++++ ppp-cvs-20040427/pppd/tty.c 2004-01-17 06:50:12.000000000 +0100 +@@ -73,7 +73,7 @@ + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +-#define RCSID "$Id: tty.c,v 1.13 2004/01/13 04:17:59 paulus Exp $" ++#define RCSID "$Id: tty.c,v 1.14 2004/01/17 05:47:55 carlsonj Exp $" + + #include <stdio.h> + #include <ctype.h> +@@ -512,7 +512,9 @@ + { + char *connector; + int fdflags; ++#ifndef __linux__ + struct stat statbuf; ++#endif + char numbuf[16]; + + /* +diff -ruN ppp-2.4.2/pppdump/bsd-comp.c ppp-cvs-20040427/pppdump/bsd-comp.c +--- ppp-2.4.2/pppdump/bsd-comp.c 1999-04-16 13:34:42.000000000 +0200 ++++ ppp-cvs-20040427/pppdump/bsd-comp.c 2004-01-17 06:50:12.000000000 +0100 +@@ -38,12 +38,14 @@ + */ + + /* +- * $Id: bsd-comp.c,v 1.3 1999/04/16 11:35:59 paulus Exp $ ++ * $Id: bsd-comp.c,v 1.4 2004/01/17 05:47:55 carlsonj Exp $ + */ + + #include <sys/types.h> ++#include <stdio.h> + #include <stddef.h> + #include <stdlib.h> ++#include <string.h> + #include "ppp_defs.h" + #include "ppp-comp.h" + +diff -ruN ppp-2.4.2/pppdump/deflate.c ppp-cvs-20040427/pppdump/deflate.c +--- ppp-2.4.2/pppdump/deflate.c 2002-12-06 10:49:16.000000000 +0100 ++++ ppp-cvs-20040427/pppdump/deflate.c 2004-01-17 06:50:12.000000000 +0100 +@@ -33,12 +33,14 @@ + * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * +- * $Id: deflate.c,v 1.4 2002/12/06 09:49:16 paulus Exp $ ++ * $Id: deflate.c,v 1.5 2004/01/17 05:47:55 carlsonj Exp $ + */ + + #include <sys/types.h> ++#include <stdio.h> + #include <stddef.h> + #include <stdlib.h> ++#include <string.h> + #include "ppp_defs.h" + #include "ppp-comp.h" + #include "zlib.h" +diff -ruN ppp-2.4.2/pppdump/pppdump.c ppp-cvs-20040427/pppdump/pppdump.c +--- ppp-2.4.2/pppdump/pppdump.c 2002-12-06 10:17:02.000000000 +0100 ++++ ppp-cvs-20040427/pppdump/pppdump.c 2004-01-17 06:50:12.000000000 +0100 +@@ -35,6 +35,7 @@ + */ + #include <stdio.h> + #include <unistd.h> ++#include <stdlib.h> + #include <time.h> + #include <sys/types.h> + #include "ppp_defs.h" +@@ -53,6 +54,12 @@ + extern int optind; + extern char *optarg; + ++void dumplog(); ++void dumpppp(); ++void show_time(); ++void handle_ccp(); ++ ++int + main(ac, av) + int ac; + char **av; +@@ -105,6 +112,7 @@ + exit(0); + } + ++void + dumplog(f) + FILE *f; + { +@@ -244,6 +252,7 @@ + + unsigned char dbuf[8192]; + ++void + dumpppp(f) + FILE *f; + { +@@ -429,6 +438,7 @@ + NULL + }; + ++void + handle_ccp(cp, dp, len) + struct pkt *cp; + u_char *dp; +@@ -485,6 +495,7 @@ + } + } + ++void + show_time(f, c) + FILE *f; + int c; +diff -ruN ppp-2.4.2/scripts/callback ppp-cvs-20040427/scripts/callback +--- ppp-2.4.2/scripts/callback 1995-08-09 04:49:51.000000000 +0200 ++++ ppp-cvs-20040427/scripts/callback 2004-04-12 07:30:11.000000000 +0200 +@@ -33,7 +33,7 @@ + ABORT '\nNO ANSWER\r' \ + ABORT '\nRINGING\r\n\r\nRINGING\r' \ + '' AT \ +- 'OK-+++\c-OK' 'AT&C0&D2S0=0H0 \ ++ 'OK-+++\c-OK' 'AT&C0&D2S0=0H0' \ + TIMEOUT 30 \ + OK ATDT$TELEPHONE \ + CONNECT '' \ +diff -ruN ppp-2.4.2/scripts/ipv6-down.sample ppp-cvs-20040427/scripts/ipv6-down.sample +--- ppp-2.4.2/scripts/ipv6-down.sample 1999-08-23 08:07:07.000000000 +0200 ++++ ppp-cvs-20040427/scripts/ipv6-down.sample 2004-04-12 07:45:18.000000000 +0200 +@@ -8,24 +8,24 @@ + # Kill the router advertisement daemon on this interface. + # The killing procedure is copied from RedHat 6.0 initscripts. + +-DEVICE=$1 ++DEVICE="$1" + +-PIDFILE=/var/run/radvd-$DEVICE.pid ++PIDFILE="/var/run/radvd-$DEVICE.pid" + +-[ -f $PIDFILE ] || exit 0 ++[ -f "$PIDFILE" ] || exit 0 + +-PID=`cat $PIDFILE` ++PID="$(cat "$PIDFILE")" + if [ "$PID" != "" ]; then +- if ps h $PID >/dev/null 2>&1; then +- kill -TERM $PID ++ if ps h "$PID" >/dev/null 2>&1; then ++ kill -TERM "$PID" + usleep 10000 +- if ps h $PID >/dev/null 2>&1; then ++ if ps h "$PID" >/dev/null 2>&1; then + sleep 1 +- if ps h $PID >/dev/null 2>&1; then +- kill -KILL $PID ++ if ps h "$PID" >/dev/null 2>&1; then ++ kill -KILL "$PID" + fi + fi + fi + fi + +-rm -f $PIDFILE ++rm -f "$PIDFILE" +diff -ruN ppp-2.4.2/scripts/ipv6-up.sample ppp-cvs-20040427/scripts/ipv6-up.sample +--- ppp-2.4.2/scripts/ipv6-up.sample 1999-08-23 08:07:07.000000000 +0200 ++++ ppp-cvs-20040427/scripts/ipv6-up.sample 2004-04-12 07:45:18.000000000 +0200 +@@ -8,26 +8,27 @@ + # Start router advertisements on this link. + # Based on radvd 0.5.0 behaviour + +-DEVICE=$1 ++DEVICE="$1" + +-CFGFILE=/usr/inet6/etc/radvd.conf-$DEVICE +-PIDFILE=/var/run/radvd-$DEVICE.pid ++CFGFILE="/etc/radvd.conf-$DEVICE" ++PIDFILE="/var/run/radvd-$DEVICE.pid" ++EXEFILE="/usr/sbin/radvd" + +-if [ -x /usr/inet6/sbin/radvd && -f $CFGFILE ]; then +- touch $PIDFILE +- if [ ! -f $PIDFILE ]; then ++if [ -x "$EXEFILE" -a -f "$CFGFILE" ]; then ++ touch "$PIDFILE" ++ if [ ! -f "$PIDFILE" ]; then + echo "error: $PIDFILE is not a regular file. Aborting" + exit 0 + fi + +- PID=`cat $PIDFILE` +- if [ "$PID" != "" ]; then +- ps h $PID >/dev/null 2>&1 && exit 0 ++ PID="$(cat "$PIDFILE")" ++ if [ -n "$PID" ]; then ++ ps h "$PID" >/dev/null 2>&1 && exit 0 + fi + + # radvd 0.5.0 doesn't write a pid-file so we do it here + # enabling debugging keeps radvd in foreground, putting it + # on background gives us the PID. +- /usr/inet6/sbin/radvd -d 1 -C $CFGFILE & +- echo $! >$PIDFILE ++ "$EXEFILE" -d 1 -C "$CFGFILE" & ++ echo $! >"$PIDFILE" + fi +diff -ruN ppp-2.4.2/scripts/pon ppp-cvs-20040427/scripts/pon +--- ppp-2.4.2/scripts/pon 2002-11-25 00:30:44.000000000 +0100 ++++ ppp-cvs-20040427/scripts/pon 2004-04-12 07:45:18.000000000 +0200 +@@ -1,10 +1,12 @@ + #!/bin/sh + ++PPP_ON_BOOT=/etc/ppp/ppp_on_boot ++ + case "$1" in + -*) echo " + Usage: pon [provider] [arguments] + +-If pon is invoked without arguments, /etc/ppp/ppp_on_boot file will be ++If pon is invoked without arguments, $PPP_ON_BOOT file will be + run, presuming it exists and is executable. Otherwise, a PPP connection + will be started using settings from /etc/ppp/peers/provider. + If you specify one argument, a PPP connection will be started using +@@ -16,8 +18,8 @@ + ;; + esac + +-if [ -z "$1" -a -x /etc/ppp/ppp_on_boot ]; then +- exec /etc/ppp/ppp_on_boot ++if [ -z "$1" -a -x "$PPP_ON_BOOT" ]; then ++ exec "$PPP_ON_BOOT" + fi + + if [ -z "$1" -a ! -f /etc/ppp/peers/provider ]; then +diff -ruN ppp-2.4.2/svr4/Makedefs ppp-cvs-20040427/svr4/Makedefs +--- ppp-2.4.2/svr4/Makedefs 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/Makedefs 2000-06-09 03:36:34.000000000 +0200 +@@ -0,0 +1,16 @@ ++# ++# defines common to several Makefiles ++# ++ ++INSTALL= /usr/sbin/install ++ ++BINDIR = /usr/local/bin ++MANDIR = /usr/local/man ++ETCDIR = /etc/ppp ++ ++COPTS = -O -Xa ++ ++# For compiling with gcc, comment out the COPTS definition above and ++# uncomment the next 2 definitions. ++#CC = gcc ++#COPTS = -O2 +diff -ruN ppp-2.4.2/svr4/Makedefs.sol2 ppp-cvs-20040427/svr4/Makedefs.sol2 +--- ppp-2.4.2/svr4/Makedefs.sol2 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/Makedefs.sol2 1999-09-21 22:50:31.000000000 +0200 +@@ -0,0 +1,59 @@ ++# ++# Generic make definitions for Solaris 2 ++# ++# $Id: Makedefs.sol2,v 1.3 1999/09/21 20:37:20 masputra Exp $ ++# ++ ++include ../svr4/Makedefs ++ ++CPPFLAGS = -D_KERNEL -DSVR4 -DSOL2 -DPRIOQ -DDEBUG -I../include ++CFLAGS = $(CPPFLAGS) $(COPTS) ++ ++# lint-specific variables ++LINT = lint ++LINT_OPT_32 = ++LINT_OPT_64 = -Xarch=v9 -errchk=longptr64 ++ ++LINT_32 = ++LINT_32 += -erroff=E_BAD_PTR_CAST_ALIGN ++LINT_32 += -erroff=E_SUPPRESSION_DIRECTIVE_UNUSED ++LINT_32 += -erroff=E_SUSPICIOUS_COMPARISON ++LINT_32 += -erroff=E_CAST_UINT_TO_SIGNED_INT ++LINT_32 += -erroff=E_PASS_UINT_TO_SIGNED_INT ++LINT_32 += -erroff=E_INVALID_ANNOTATION_NAME ++LINT_32 += -erroff=E_FUNC_ARG_UNUSED ++# This might be needed, but zlib.c and vjcompress.c will squawk ++# when not ignored ++LINT_32 += -erroff=E_CASE_FALLTHRU ++LINT_32 += -erroff=E_RET_INT_IMPLICITLY ++LINT_32 += -erroff=E_FUNC_NO_RET_VAL ++# Some STREAMS macros will be noisy too when this isn't ignored ++LINT_32 += -erroff=E_CONSTANT_CONDITION ++LINT_32 += -erroff=E_CONST_EXPR ++ ++# Extra noise suppressant for 64-bit ++EXTRA_OFF = ++EXTRA_OFF += -erroff=E_CAST_INT_TO_SMALL_INT ++EXTRA_OFF += -erroff=E_CAST_INT_CONST_TO_SMALL_INT ++EXTRA_OFF += -erroff=E_CAST_TO_PTR_FROM_INT ++EXTRA_OFF += -erroff=E_ASSIGN_INT_TO_SMALL_INT ++EXTRA_OFF += -erroff=E_ASSIGN_INT_FROM_BIG_CONST ++EXTRA_OFF += -erroff=E_CONST_PROMOTED_UNSIGNED_LL ++EXTRA_OFF += -erroff=E_CONST_PROMOTED_LONG_LONG ++EXTRA_OFF += -erroff=E_CONST_TRUNCATED_BY_ASSIGN ++EXTRA_OFF += -erroff=E_PASS_INT_FROM_BIG_CONST ++EXTRA_OFF += -erroff=E_COMP_INT_WITH_LARGE_INT ++EXTRA_OFF += -erroff=E_ASSIGN_UINT_TO_SIGNED_INT ++EXTRA_OFF += -erroff=E_ASSIGN_NARROW_CONV ++EXTRA_OFF += -erroff=E_PASS_INT_TO_SMALL_INT ++EXTRA_OFF += -erroff=E_PTR_CONV_LOSES_BITS ++ ++LINT_64 = $(LINT_32) ++LINT_64 += $(EXTRA_OFF) ++ ++LINTFLAGS64 = -Xa -nsxmuF -errtags=yes $(LINT_OPT_64) $(LINT_64) ++LINT64 = $(LINT) -c $(LINTFLAGS64) $(CPPFLAGS) ++ ++LINTFLAGS32 = -Xa -nsxmuF -errtags=yes $(LINT_OPT_32) $(LINT_32) ++LINT32 = $(LINT) -c $(LINTFLAGS32) $(CPPFLAGS) ++ +diff -ruN ppp-2.4.2/svr4/Makefile.sol2 ppp-cvs-20040427/svr4/Makefile.sol2 +--- ppp-2.4.2/svr4/Makefile.sol2 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/Makefile.sol2 1999-09-21 22:50:32.000000000 +0200 +@@ -0,0 +1,66 @@ ++# ++# Makefile for STREAMS modules for Solaris 2. ++# ++# $Id: Makefile.sol2,v 1.18 1999/09/21 20:37:20 masputra Exp $ ++# ++ ++include Makedefs.sol2 ++ ++COPTS += -xO2 -xspace -W0,-Lt ++ ++COMP_OBJS = ppp_comp.o bsd-comp.o deflate.o zlib.o vjcompress.o \ ++ ppp_comp_mod.o ++ ++all: ppp ppp_ahdl ppp_comp ++ ++ppp: ppp.o ppp_mod.o ++ ld -r -o $@ ppp.o ppp_mod.o ++ chmod +x $@ ++ ++ppp_ahdl: ppp_ahdlc.o ppp_ahdlc_mod.o ++ ld -r -o $@ ppp_ahdlc.o ppp_ahdlc_mod.o ++ chmod +x $@ ++ ++ppp_comp: $(COMP_OBJS) ++ ld -r -o $@ $(COMP_OBJS) ++ chmod +x $@ ++ ++bsd-comp.o: ../modules/bsd-comp.c ++ $(CC) $(CFLAGS) -c $? ++deflate.o: ../modules/deflate.c ++ $(CC) $(CFLAGS) -c $? ++ppp.o: ../modules/ppp.c ++ $(CC) $(CFLAGS) -c $? ++ppp_mod.o: ppp_mod.c ++ $(CC) $(CFLAGS) -c $? ++ppp_ahdlc_mod.o: ppp_ahdlc_mod.c ++ $(CC) $(CFLAGS) -c $? ++ppp_ahdlc.o: ../modules/ppp_ahdlc.c ++ $(CC) $(CFLAGS) -c $? ++ppp_comp.o: ../modules/ppp_comp.c ++ $(CC) $(CFLAGS) -c $? ++ppp_comp_mod.o: ppp_comp_mod.c ++ $(CC) $(CFLAGS) -c $? ++vjcompress.o: ../modules/vjcompress.c ++ $(CC) $(CFLAGS) -c $? ++zlib.o: ../common/zlib.c ++ $(CC) $(CFLAGS) -c $? ++ ++install: ++ cp ppp ppp.conf /kernel/drv ++ cp ppp_comp ppp_ahdl /kernel/strmod ++ if grep clone:ppp /etc/minor_perm; then :; else \ ++ echo clone:ppp 0644 root sys >>/etc/minor_perm; fi ++ /usr/sbin/rem_drv ppp 2>/dev/null || true ++ /usr/sbin/add_drv ppp ++ ++SRCS = ../modules/ppp.c ppp_mod.c ../modules/ppp_ahdlc.c ppp_ahdlc_mod.c \ ++ ../modules/ppp_comp.c ../modules/bsd-comp.c ../modules/deflate.c \ ++ ../common/zlib.c ../modules/vjcompress.c ppp_comp_mod.c ++ ++lint: ++ $(LINT32) $(SRCS) ++ ++clean: ++ rm -f ppp ppp_comp ppp_ahdl *.o *~ core ++ rm -f *.ln +diff -ruN ppp-2.4.2/svr4/Makefile.sol2-64 ppp-cvs-20040427/svr4/Makefile.sol2-64 +--- ppp-2.4.2/svr4/Makefile.sol2-64 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/Makefile.sol2-64 1999-09-21 22:50:33.000000000 +0200 +@@ -0,0 +1,85 @@ ++# ++# Makefile for 64-bit STREAMS modules for Solaris 2. ++# ++# $Id: Makefile.sol2-64,v 1.3 1999/09/21 20:37:20 masputra Exp $ ++# ++ ++include Makedefs.sol2 ++ ++# Sun's cc flag for LP64 compilation / linkage ++COPTS += -xchip=ultra -xarch=v9 -Wc,-xcode=abs32 -Wc,-Qiselect-regsym=0 -xO3 -xspace -W0,-Lt ++ ++# subdirectory where 64-bit objects / binaries will be placed ++LP64DIR = sparcv9 ++ ++# Name of legacy Makefile (for 32-bit binaries) ++STD_MAKE = Makefile.sol2 ++ ++COMP_OBJS = $(LP64DIR)/ppp_comp.o $(LP64DIR)/bsd-comp.o \ ++ $(LP64DIR)/deflate.o $(LP64DIR)/zlib.o $(LP64DIR)/vjcompress.o \ ++ $(LP64DIR)/ppp_comp_mod.o ++ ++all: std_objs $(LP64DIR) ppp ppp_ahdl ppp_comp ++ ++std_objs: ++ $(MAKE) -f $(STD_MAKE) all ++ ++ppp: $(LP64DIR)/ppp.o $(LP64DIR)/ppp_mod.o ++ ld -r -o $(LP64DIR)/$@ $(LP64DIR)/ppp.o $(LP64DIR)/ppp_mod.o ++ chmod +x $(LP64DIR)/$@ ++ ++ppp_ahdl: $(LP64DIR)/ppp_ahdlc.o $(LP64DIR)/ppp_ahdlc_mod.o ++ ld -r -o $(LP64DIR)/$@ $(LP64DIR)/ppp_ahdlc.o $(LP64DIR)/ppp_ahdlc_mod.o ++ chmod +x $(LP64DIR)/$@ ++ ++ppp_comp: $(COMP_OBJS) ++ ld -r -o $(LP64DIR)/$@ $(COMP_OBJS) ++ chmod +x $(LP64DIR)/$@ ++ ++$(LP64DIR)/bsd-comp.o: ../modules/bsd-comp.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/deflate.o: ../modules/deflate.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/ppp.o: ../modules/ppp.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/ppp_mod.o: ppp_mod.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/ppp_ahdlc_mod.o: ppp_ahdlc_mod.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/ppp_ahdlc.o: ../modules/ppp_ahdlc.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/ppp_comp.o: ../modules/ppp_comp.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/ppp_comp_mod.o: ppp_comp_mod.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/vjcompress.o: ../modules/vjcompress.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++$(LP64DIR)/zlib.o: ../common/zlib.c ++ $(CC) $(CFLAGS) -c $? -o $@ ++ ++$(LP64DIR): ++ mkdir -m 755 -p $@ ++ ++install: ++ cp ppp ppp.conf /kernel/drv ++ cp ppp_comp ppp_ahdl /kernel/strmod ++ cp $(LP64DIR)/ppp /kernel/drv/$(LP64DIR) ++ cp $(LP64DIR)/ppp_comp $(LP64DIR)/ppp_ahdl /kernel/strmod/$(LP64DIR) ++ if grep clone:ppp /etc/minor_perm; then :; else \ ++ echo clone:ppp 0644 root sys >>/etc/minor_perm; fi ++ /usr/sbin/rem_drv ppp 2>/dev/null || true ++ /usr/sbin/add_drv ppp ++ ++SRCS = ../modules/ppp.c ppp_mod.c ../modules/ppp_ahdlc.c ppp_ahdlc_mod.c \ ++ ../modules/ppp_comp.c ../modules/bsd-comp.c ../modules/deflate.c \ ++ ../common/zlib.c ../modules/vjcompress.c ppp_comp_mod.c ++ ++lint: ++ $(LINT64) $(SRCS) ++ ++lint-32: ++ $(LINT32) $(SRCS) ++ ++clean: ++ $(MAKE) -f $(STD_MAKE) clean ++ rm -f $(LP64DIR)/ppp $(LP64DIR)/ppp_comp $(LP64DIR)/ppp_ahdl $(LP64DIR)/*.o $(LP64DIR)/*~ $(LP64DIR)/core +diff -ruN ppp-2.4.2/svr4/Makefile.top ppp-cvs-20040427/svr4/Makefile.top +--- ppp-2.4.2/svr4/Makefile.top 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/Makefile.top 1999-04-01 14:37:44.000000000 +0200 +@@ -0,0 +1,50 @@ ++# ++# ppp top level makefile for SVR4 and Solaris 2 ++# ++# $Id: Makefile.top,v 1.8 1999/04/01 11:44:55 paulus Exp $ ++# ++ ++include svr4/Makedefs ++ ++all: ++ cd chat; $(MAKE) all ++ cd pppd; $(MAKE) all ++ cd pppstats; $(MAKE) all ++ cd pppdump; $(MAKE) all ++ cd svr4; $(MAKE) all ++ ++install: $(BINDIR) $(MANDIR)/man8 install-progs install-etcppp ++ ++install-progs: ++ cd chat; $(MAKE) install ++ cd pppd; $(MAKE) install ++ cd pppstats; $(MAKE) install ++ cd pppdump; $(MAKE) install ++ cd svr4; $(MAKE) install ++ ++install-etcppp: $(ETCDIR) $(ETCDIR)/options $(ETCDIR)/pap-secrets \ ++ $(ETCDIR)/chap-secrets ++ ++$(ETCDIR)/options: ++ cp etc.ppp/options $@ ++ chmod go-w $@ ++$(ETCDIR)/pap-secrets: ++ $(INSTALL) -f $(ETCDIR) -m 600 etc.ppp/pap-secrets ++$(ETCDIR)/chap-secrets: ++ $(INSTALL) -f $(ETCDIR) -m 600 etc.ppp/chap-secrets ++ ++$(BINDIR): ++ mkdir -m 755 -p $@ ++$(MANDIR)/man8: ++ mkdir -m 755 -p $@ ++$(ETCDIR): ++ mkdir -m 755 -p $@ ++ ++clean: ++ rm -f *~ ++ cd chat; $(MAKE) clean ++ cd pppd; $(MAKE) clean ++ cd pppstats; $(MAKE) clean ++ cd pppdump; $(MAKE) clean ++ cd svr4; $(MAKE) clean ++ +diff -ruN ppp-2.4.2/svr4/ppp.Master ppp-cvs-20040427/svr4/ppp.Master +--- ppp-2.4.2/svr4/ppp.Master 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp.Master 1995-10-27 04:58:28.000000000 +0100 +@@ -0,0 +1 @@ ++ppp - Sciof ppp 0 0 1 128 -1 +diff -ruN ppp-2.4.2/svr4/ppp.Node ppp-cvs-20040427/svr4/ppp.Node +--- ppp-2.4.2/svr4/ppp.Node 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp.Node 1995-10-27 04:58:36.000000000 +0100 +@@ -0,0 +1 @@ ++clone ppp c ppp +diff -ruN ppp-2.4.2/svr4/ppp.System ppp-cvs-20040427/svr4/ppp.System +--- ppp-2.4.2/svr4/ppp.System 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp.System 1995-10-27 04:58:37.000000000 +0100 +@@ -0,0 +1 @@ ++ppp Y 1 0 0 0 0 0 0 0 +diff -ruN ppp-2.4.2/svr4/ppp.conf ppp-cvs-20040427/svr4/ppp.conf +--- ppp-2.4.2/svr4/ppp.conf 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp.conf 1995-06-01 06:39:00.000000000 +0200 +@@ -0,0 +1 @@ ++name="ppp" parent="pseudo" instance=0; +diff -ruN ppp-2.4.2/svr4/ppp_ahdl.Master ppp-cvs-20040427/svr4/ppp_ahdl.Master +--- ppp-2.4.2/svr4/ppp_ahdl.Master 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp_ahdl.Master 1995-10-27 04:58:32.000000000 +0100 +@@ -0,0 +1 @@ ++ppp_ahdl - iSf phdl 0 0 1 1 -1 +diff -ruN ppp-2.4.2/svr4/ppp_ahdl.System ppp-cvs-20040427/svr4/ppp_ahdl.System +--- ppp-2.4.2/svr4/ppp_ahdl.System 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp_ahdl.System 1995-10-27 04:58:38.000000000 +0100 +@@ -0,0 +1 @@ ++ppp_ahdl Y 1 0 0 0 0 0 0 0 +diff -ruN ppp-2.4.2/svr4/ppp_ahdlc_mod.c ppp-cvs-20040427/svr4/ppp_ahdlc_mod.c +--- ppp-2.4.2/svr4/ppp_ahdlc_mod.c 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp_ahdlc_mod.c 1995-12-11 06:21:02.000000000 +0100 +@@ -0,0 +1,49 @@ ++#include <sys/types.h> ++#include <sys/param.h> ++#include <sys/conf.h> ++#include <sys/modctl.h> ++#include <sys/sunddi.h> ++ ++extern struct streamtab ppp_ahdlcinfo; ++ ++static struct fmodsw fsw = { ++ "ppp_ahdl", ++ &ppp_ahdlcinfo, ++ D_NEW | D_MP | D_MTQPAIR ++}; ++ ++extern struct mod_ops mod_strmodops; ++ ++static struct modlstrmod modlstrmod = { ++ &mod_strmodops, ++ "PPP async HDLC module", ++ &fsw ++}; ++ ++static struct modlinkage modlinkage = { ++ MODREV_1, ++ (void *) &modlstrmod, ++ NULL ++}; ++ ++/* ++ * Entry points for modloading. ++ */ ++int ++_init(void) ++{ ++ return mod_install(&modlinkage); ++} ++ ++int ++_fini(void) ++{ ++ return mod_remove(&modlinkage); ++} ++ ++int ++_info(mip) ++ struct modinfo *mip; ++{ ++ return mod_info(&modlinkage, mip); ++} +diff -ruN ppp-2.4.2/svr4/ppp_comp.Master ppp-cvs-20040427/svr4/ppp_comp.Master +--- ppp-2.4.2/svr4/ppp_comp.Master 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp_comp.Master 1995-10-27 04:58:34.000000000 +0100 +@@ -0,0 +1 @@ ++ppp_comp - iSf pcmp 0 0 1 1 -1 +diff -ruN ppp-2.4.2/svr4/ppp_comp.System ppp-cvs-20040427/svr4/ppp_comp.System +--- ppp-2.4.2/svr4/ppp_comp.System 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp_comp.System 1995-10-27 04:58:40.000000000 +0100 +@@ -0,0 +1 @@ ++ppp_comp Y 1 0 0 0 0 0 0 0 +diff -ruN ppp-2.4.2/svr4/ppp_comp_mod.c ppp-cvs-20040427/svr4/ppp_comp_mod.c +--- ppp-2.4.2/svr4/ppp_comp_mod.c 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp_comp_mod.c 2002-12-06 10:50:10.000000000 +0100 +@@ -0,0 +1,89 @@ ++/* ++ * ppp_comp_mod.c - modload support for PPP compression STREAMS module. ++ * ++ * Copyright (c) 1994 Paul Mackerras. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. The name(s) of the authors of this software must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. ++ * ++ * 4. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by Paul Mackerras ++ * <paulus@samba.org>". ++ * ++ * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO ++ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY ++ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN ++ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING ++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ * ++ * $Id: ppp_comp_mod.c,v 1.3 2002/12/06 09:49:16 paulus Exp $ ++ */ ++ ++/* ++ * This file is used under Solaris 2. ++ */ ++#include <sys/types.h> ++#include <sys/param.h> ++#include <sys/conf.h> ++#include <sys/modctl.h> ++#include <sys/sunddi.h> ++ ++extern struct streamtab ppp_compinfo; ++ ++static struct fmodsw fsw = { ++ "ppp_comp", ++ &ppp_compinfo, ++ D_NEW | D_MP | D_MTQPAIR ++}; ++ ++extern struct mod_ops mod_strmodops; ++ ++static struct modlstrmod modlstrmod = { ++ &mod_strmodops, ++ "PPP compression module", ++ &fsw ++}; ++ ++static struct modlinkage modlinkage = { ++ MODREV_1, ++ (void *) &modlstrmod, ++ NULL ++}; ++ ++/* ++ * Entry points for modloading. ++ */ ++int ++_init(void) ++{ ++ return mod_install(&modlinkage); ++} ++ ++int ++_fini(void) ++{ ++ return mod_remove(&modlinkage); ++} ++ ++int ++_info(mip) ++ struct modinfo *mip; ++{ ++ return mod_info(&modlinkage, mip); ++} +diff -ruN ppp-2.4.2/svr4/ppp_mod.c ppp-cvs-20040427/svr4/ppp_mod.c +--- ppp-2.4.2/svr4/ppp_mod.c 1970-01-01 01:00:00.000000000 +0100 ++++ ppp-cvs-20040427/svr4/ppp_mod.c 2002-12-06 10:50:10.000000000 +0100 +@@ -0,0 +1,182 @@ ++/* ++ * ppp_mod.c - modload support for PPP pseudo-device driver. ++ * ++ * Copyright (c) 1994 Paul Mackerras. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. The name(s) of the authors of this software must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. ++ * ++ * 4. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by Paul Mackerras ++ * <paulus@samba.org>". ++ * ++ * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO ++ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY ++ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN ++ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING ++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ * ++ * $Id: ppp_mod.c,v 1.4 2002/12/06 09:49:16 paulus Exp $ ++ */ ++ ++/* ++ * This file is used under Solaris 2. ++ */ ++ ++#include <sys/types.h> ++#include <sys/param.h> ++#include <sys/stat.h> ++#include <sys/conf.h> ++#include <sys/modctl.h> ++#include <sys/sunddi.h> ++#include <sys/ksynch.h> ++ ++#ifdef __STDC__ ++#define __P(x) x ++#else ++#define __P(x) () ++#endif ++ ++static int ppp_identify __P((dev_info_t *)); ++static int ppp_attach __P((dev_info_t *, ddi_attach_cmd_t)); ++static int ppp_detach __P((dev_info_t *, ddi_detach_cmd_t)); ++static int ppp_devinfo __P((dev_info_t *, ddi_info_cmd_t, void *, void **)); ++ ++extern struct streamtab pppinfo; ++extern krwlock_t ppp_lower_lock; ++ ++static dev_info_t *ppp_dip; ++ ++static struct cb_ops cb_ppp_ops = { ++ nulldev, nulldev, nodev, nodev, /* cb_open, ... */ ++ nodev, nodev, nodev, nodev, /* cb_dump, ... */ ++ nodev, nodev, nodev, nochpoll, /* cb_devmap, ... */ ++ ddi_prop_op, /* cb_prop_op */ ++ &pppinfo, /* cb_stream */ ++ D_NEW|D_MP|D_MTQPAIR|D_MTOUTPERIM|D_MTOCEXCL /* cb_flag */ ++}; ++ ++static struct dev_ops ppp_ops = { ++ DEVO_REV, /* devo_rev */ ++ 0, /* devo_refcnt */ ++ ppp_devinfo, /* devo_getinfo */ ++ ppp_identify, /* devo_identify */ ++ nulldev, /* devo_probe */ ++ ppp_attach, /* devo_attach */ ++ ppp_detach, /* devo_detach */ ++ nodev, /* devo_reset */ ++ &cb_ppp_ops, /* devo_cb_ops */ ++ NULL /* devo_bus_ops */ ++}; ++ ++/* ++ * Module linkage information ++ */ ++ ++static struct modldrv modldrv = { ++ &mod_driverops, /* says this is a pseudo driver */ ++ "PPP-2.3 multiplexing driver", ++ &ppp_ops /* driver ops */ ++}; ++ ++static struct modlinkage modlinkage = { ++ MODREV_1, ++ (void *) &modldrv, ++ NULL ++}; ++ ++int ++_init(void) ++{ ++ return mod_install(&modlinkage); ++} ++ ++int ++_fini(void) ++{ ++ return mod_remove(&modlinkage); ++} ++ ++int ++_info(mip) ++ struct modinfo *mip; ++{ ++ return mod_info(&modlinkage, mip); ++} ++ ++static int ++ppp_identify(dip) ++ dev_info_t *dip; ++{ ++ return strcmp(ddi_get_name(dip), "ppp") == 0? DDI_IDENTIFIED: ++ DDI_NOT_IDENTIFIED; ++} ++ ++static int ++ppp_attach(dip, cmd) ++ dev_info_t *dip; ++ ddi_attach_cmd_t cmd; ++{ ++ ++ if (cmd != DDI_ATTACH) ++ return DDI_FAILURE; ++ if (ddi_create_minor_node(dip, "ppp", S_IFCHR, 0, DDI_PSEUDO, CLONE_DEV) ++ == DDI_FAILURE) { ++ ddi_remove_minor_node(dip, NULL); ++ return DDI_FAILURE; ++ } ++ rw_init(&ppp_lower_lock, NULL, RW_DRIVER, NULL); ++ return DDI_SUCCESS; ++} ++ ++static int ++ppp_detach(dip, cmd) ++ dev_info_t *dip; ++ ddi_detach_cmd_t cmd; ++{ ++ rw_destroy(&ppp_lower_lock); ++ ddi_remove_minor_node(dip, NULL); ++ return DDI_SUCCESS; ++} ++ ++static int ++ppp_devinfo(dip, cmd, arg, result) ++ dev_info_t *dip; ++ ddi_info_cmd_t cmd; ++ void *arg; ++ void **result; ++{ ++ int error; ++ ++ error = DDI_SUCCESS; ++ switch (cmd) { ++ case DDI_INFO_DEVT2DEVINFO: ++ if (ppp_dip == NULL) ++ error = DDI_FAILURE; ++ else ++ *result = (void *) ppp_dip; ++ break; ++ case DDI_INFO_DEVT2INSTANCE: ++ *result = NULL; ++ break; ++ default: ++ error = DDI_FAILURE; ++ } ++ return error; ++} diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/008_pathnames.h.diff b/obsolete-buildroot/sources/openwrt/patches/ppp/008_pathnames.h.diff new file mode 100644 index 000000000..dee0a8db2 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/008_pathnames.h.diff @@ -0,0 +1,11 @@ +--- ppp-2.4.0b4.orig/pppd/pathnames.h ++++ ppp-2.4.0b4/pppd/pathnames.h +@@ -26,7 +26,7 @@ + #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up" + #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down" + #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." +-#define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors" ++#define _PATH_CONNERRS _ROOT_PATH "/var/log/ppp-connect-errors" + #define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/" + #define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf" + diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/010_scripts_README.diff b/obsolete-buildroot/sources/openwrt/patches/ppp/010_scripts_README.diff new file mode 100644 index 000000000..0ff29484b --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/010_scripts_README.diff @@ -0,0 +1,20 @@ +--- ppp-2.4.0b4.orig/scripts/README ++++ ppp-2.4.0b4/scripts/README +@@ -141,3 +141,17 @@ + are escaped. This may need to be modified depending on the ssh (or + pseudo-tty) implementation which may differ across platforms, for further + optimizations. ++ ++------------------------------------------------------------------------ ++ ++12. pon, poff and ip-up ++ ++These are modified version of the pon/poff/ip-up scripts contributed by Yann ++Dirson <dirson@debian.org>. They allow you to call "pon quick" respectively ++"pon quick my-isp" to just call the provider for running you ip-up scripts in ++/etc/ppp/ip-up.d. This can be useful to check for incoming/flush outgoing ++mail, without the necessary delay before hangup introduced by diald or such. ++ ++These scripts break the possibility to connect to multiple ISPs at once, so ++they are included only here. ++ diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/011_scripts_redialer.diff b/obsolete-buildroot/sources/openwrt/patches/ppp/011_scripts_redialer.diff new file mode 100644 index 000000000..657f566c9 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/011_scripts_redialer.diff @@ -0,0 +1,152 @@ +--- ppp-2.4.0b4.orig/scripts/redialer ++++ ppp-2.4.0b4/scripts/redialer +@@ -1,96 +1,69 @@ + #!/bin/sh +-################################################################### + # +-# These parameters control the attack dialing sequence. ++# A chatscript that will attempt to dial multiple numbers in sequence, until ++# you get connected. + # +-# Maximum number of attempts to reach the telephone number(s) +-MAX_ATTEMPTS=10 +- +-# Delay between each of the attempts. This is a parameter to sleep +-# so use "15s" for 15 seconds, "1m" for 1 minute, etc. +-SLEEP_DELAY=15s +- +-################################################################### ++# To use: edit /etc/peers/provider, and change the connect line to read: ++# connect "/usr/local/bin/redialer" + # +-# This is a list of telephone numbers. Add new numbers if you wish +-# and see the function 'callall' below for the dial process. +-PHONE1=555-1212 +-PHONE2=411 ++# See below for configuration. + +-################################################################### ++# This is a list of chatscripts to use to get connected, and (optional) ++# telephone numbers to call for each of those chatscripts. + # +-# If you use the ppp-on script, then these are passed to this routine +-# automatically. There is no need to define them here. If not, then +-# you will need to set the values. +-# +-ACCOUNT=my_account_name +-PASSWORD=my_password ++# Note that in the chatscripts, you may use #NUMBER#, this will be replaced ++# with the number it is calling. You might want to use this to only have one ++# chatscript that is used for all numbers, or you might need multiple ++# chatscripts. + +-################################################################### +-# +-# Function to initialize the modem and ensure that it is in command +-# state. This may not be needed, but it doesn't hurt. +-# +-function initialize +-{ +- chat -v TIMEOUT 3 '' AT 'OK-+++\c-OK' +- return +-} ++PHONE1=123456789 ++CHAT1=/etc/chatscripts/provider + +-################################################################### +-# +-# Script to dial a telephone +-# +-function callnumber +-{ +-chat -v \ +- ABORT '\nBUSY\r' \ +- ABORT '\nNO ANSWER\r' \ +- ABORT '\nRINGING\r\n\r\nRINGING\r' \ +- '' ATDT$1 \ +- CONNECT '' \ +- ogin:--ogin: $ACCOUNT \ +- assword: $PASSWORD +-# +-# If the connection was successful then end the whole script with a +-# success. +-# +- if [ "$?" = "0" ]; then +- exit 0 +- fi ++PHONE2=912345678 ++CHAT2=/etc/chatscripts/provider + +- return +-} ++PHONE3=891234567 ++CHAT3=/etc/chatscripts/provider + +-################################################################### +-# +-# Script to dial any telephone number +-# +-function callall +-{ +-# echo "dialing attempt number: $1" >/dev/console +- callnumber $PHONE1 +-# callnumber $PHONE2 +-} ++PHONE4=789123456 ++CHAT4=/etc/chatscripts/provider + +-################################################################### +-# +-# Initialize the modem to ensure that it is in the command state +-# +-initialize +-if [ ! "$?" = "0" ]; then +- exit 1 +-fi ++PHONE5=001234567 ++CHAT5=/etc/chatscripts/provider + ++# How long to sleep between retries: + # +-# Dial telephone numbers until one answers +-# ++# Note that this is a parameter to sleep so use "15s" for 15 seconds, ++# "1m" for 1 minute, etc ++SLEEP_DELAY=1s ++ ++# The code below does the dialing. ++ + attempt=0 + while : ; do +- attempt=`expr $attempt + 1` +- callall $attempt +- if [ "$attempt" = "$MAX_ATTEMPTS" ]; then +- exit 1 +- fi +- sleep "$SLEEP_DELAY" ++ attempt=`expr $attempt + 1` ++ NUMBER=`eval echo '$PHONE'$attempt` ++ CHAT=`eval echo '$CHAT'$attempt` ++ if [ ! "$CHAT" ]; then ++ attempt=0 ++ else ++ logger "Dialing attempt number: $attempt" ++ sed s/#NUMBER#/$NUMBER/ $CHAT >/etc/chatscripts/tmpchat ++ /usr/sbin/chat -v -f /etc/chatscripts/tmpchat ++ rm -f /etc/chatscripts/tmpchat ++ case $? in ++ 0) logger Connection established ; exit 0;; ++ 1) logger chat: exit 1, see manpage for details. ; exit 1;; ++ 2) logger chat: exit 2, see manpage for details. ; exit 2;; ++ 3) logger chat: exit 3, see manpage for details. ;; ++ 4) logger Line busy. ;; ++ 5) logger No Carrier. ;; ++ 6) logger A call is coming. Exiting! ; exit 1;; ++ 7) logger No dialtone. ;; ++ 8) logger An error occured. Exiting! ; exit 1;; ++ *) logger chat: exit $?, see manpage for details. ;; ++ esac ++ logger "Waiting $SLEEP_DELAY seconds before next try." ++ sleep $SLEEP_DELAY ++ fi + done diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/018_ip-up_option.diff b/obsolete-buildroot/sources/openwrt/patches/ppp/018_ip-up_option.diff new file mode 100644 index 000000000..0dee9248e --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/018_ip-up_option.diff @@ -0,0 +1,98 @@ +--- ppp-2.4.1/pppd/ipcp.c Thu Mar 8 06:11:12 2001 ++++ ppp-2.4.1-new/pppd/ipcp.c Tue Jun 19 15:35:36 2001 +@@ -1734,7 +1734,7 @@ + */ + if (ipcp_script_state == s_down && ipcp_script_pid == 0) { + ipcp_script_state = s_up; +- ipcp_script(_PATH_IPUP); ++ ipcp_script(path_ipup); + } + } + +@@ -1777,7 +1777,7 @@ + /* Execute the ip-down script */ + if (ipcp_script_state == s_up && ipcp_script_pid == 0) { + ipcp_script_state = s_down; +- ipcp_script(_PATH_IPDOWN); ++ ipcp_script(path_ipdown); + } + } + +@@ -1828,13 +1828,13 @@ + case s_up: + if (ipcp_fsm[0].state != OPENED) { + ipcp_script_state = s_down; +- ipcp_script(_PATH_IPDOWN); ++ ipcp_script(path_ipdown); + } + break; + case s_down: + if (ipcp_fsm[0].state == OPENED) { + ipcp_script_state = s_up; +- ipcp_script(_PATH_IPUP); ++ ipcp_script(path_ipup); + } + break; + } + +--- ppp-2.4.1/pppd/main.c Tue Mar 13 06:56:19 2001 ++++ ppp-2.4.1-new/pppd/main.c Tue Jun 19 15:35:36 2001 +@@ -233,6 +233,9 @@ + struct protent *protp; + char numbuf[16]; + ++ strlcpy(path_ipup, "/etc/ppp/ip-up", sizeof(path_ipup)); ++ strlcpy(path_ipdown, "/etc/ppp/ip-down", sizeof(path_ipdown)); ++ + link_stats_valid = 0; + new_phase(PHASE_INITIALIZE); + + +--- ppp-2.4.1/pppd/options.c Tue Mar 13 06:56:19 2001 ++++ ppp-2.4.1-new/pppd/options.c Tue Jun 19 15:38:32 2001 +@@ -85,6 +85,8 @@ + bool dump_options; /* print out option values */ + bool dryrun; /* print out option values and exit */ + char *domain; /* domain name set by domain option */ ++char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */ ++char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */ + + extern option_t auth_options[]; + extern struct stat devstat; +@@ -231,6 +233,12 @@ + "Print out option values after parsing all options", 1 }, + { "dryrun", o_bool, &dryrun, + "Stop after parsing, printing, and checking options", 1 }, ++ { "ip-up-script", o_string, path_ipup, ++ "Set pathname of ip-up script", ++ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN }, ++ { "ip-down-script", o_string, path_ipdown, ++ "Set pathname of ip-down script", ++ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN }, + + #ifdef HAVE_MULTILINK + { "multilink", o_bool, &multilink, + +--- ppp-2.4.1/pppd/pathnames.h Thu Mar 8 06:15:37 2001 ++++ ppp-2.4.1-new/pppd/pathnames.h Tue Jun 19 15:35:36 2001 +@@ -21,8 +21,6 @@ + #define _PATH_UPAPFILE _ROOT_PATH "/etc/ppp/pap-secrets" + #define _PATH_CHAPFILE _ROOT_PATH "/etc/ppp/chap-secrets" + #define _PATH_SYSOPTIONS _ROOT_PATH "/etc/ppp/options" +-#define _PATH_IPUP _ROOT_PATH "/etc/ppp/ip-up" +-#define _PATH_IPDOWN _ROOT_PATH "/etc/ppp/ip-down" + #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up" + #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down" + #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." + +--- ppp-2.4.1/pppd/pppd.h Tue Mar 13 06:54:37 2001 ++++ ppp-2.4.1-new/pppd/pppd.h Tue Jun 19 15:39:39 2001 +@@ -272,6 +272,8 @@ + extern char *bundle_name; /* bundle name for multilink */ + extern bool dump_options; /* print out option values */ + extern bool dryrun; /* check everything, print options, exit */ ++extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */ ++extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */ + + #ifdef PPP_FILTER + extern struct bpf_program pass_filter; /* Filter for pkts to pass */ diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/057_pppoe-interface-change b/obsolete-buildroot/sources/openwrt/patches/ppp/057_pppoe-interface-change new file mode 100644 index 000000000..cca5a0e67 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/057_pppoe-interface-change @@ -0,0 +1,78 @@ +--- ppp/pppd/plugins/rp-pppoe/plugin.c.orig 2003-04-07 02:09:05.000000000 +0200 ++++ ppp/pppd/plugins/rp-pppoe/plugin.c 2003-12-03 22:15:07.000000000 +0100 +@@ -114,6 +114,57 @@ + return 1; + } + ++/* from <linux/if.h> */ ++#define IFF_UP 0x1 ++#define IFF_RUNNING 0x40 ++ ++static short ifrflags_old; ++ ++static int interface_change(const char* ifname, int up) ++{ ++ int fd; ++ struct ifreq ifr; ++ ++ if (!up && ifrflags_old != 0) { ++ return 0; ++ } ++ ++ fd = socket(AF_INET, SOCK_DGRAM, 0); ++ if (fd < 0) { ++ warn("socket(AF_INET, SOCK_DGRAM, 0): %s", strerror(errno)); ++ return -1; ++ } ++ ++ strncpy(ifr.ifr_name, ifname, IFNAMSIZ); ++ if (ioctl(fd, SIOCGIFFLAGS, &ifr) < 0) { ++ warn("%s: unknown interface: %s", ifname, strerror(errno)); ++ return -1; ++ } ++ strncpy(ifr.ifr_name, ifname, IFNAMSIZ); ++ if (up) { ++ ifrflags_old = ifr.ifr_flags & (IFF_UP | IFF_RUNNING); ++ ifr.ifr_flags |= (IFF_UP | IFF_RUNNING); ++ } else { ++ ifr.ifr_flags &= ~(IFF_UP | IFF_RUNNING); ++ } ++ if (ioctl(fd, SIOCSIFFLAGS, &ifr) < 0) { ++ warn("SIOCSIFFLAGS: %s", strerror(errno)); ++ return -1; ++ } ++ close(fd); ++ return 0; ++} ++ ++static int interface_up (const char *ifname) ++{ ++ return interface_change(ifname,1); ++} ++ ++static int interface_down (const char* ifname) ++{ ++ return interface_change(ifname,0); ++} ++ + /********************************************************************** + * %FUNCTION: PPPOEConnectDevice + * %ARGUMENTS: +@@ -142,6 +193,8 @@ + conn->peerEth[i] = (unsigned char) mac[i]; + } + } else { ++ if (interface_up(conn->ifName) < 0) ++ return -1; + discovery(conn); + if (conn->discoveryState != STATE_SESSION) { + fatal("Unable to complete PPPoE Discovery"); +@@ -243,6 +296,8 @@ + return; + } + close(conn->sessionSocket); ++ if (interface_down(conn->ifName) < 0) ++ warn("We brought %s up but failed to take it down",conn->ifName); + } + + static void diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault b/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault new file mode 100644 index 000000000..59007efaf --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault @@ -0,0 +1,33 @@ +To: md@linux.it, mjt@corpit.ru +Subject: pppd-auth-hook.patch +Message-Id: <20040604231517.3E9AD11DC4@paltus.tls.msk.ru> +Date: Sat, 5 Jun 2004 03:15:17 +0400 (MSD) +From: mjt@corpit.ru (Michael Tokarev) + +The patch below fixes pppd segfault when using auth_hook that sets +options for the user (use-after-free problem). + +/mjt + +--- ppp/pppd/auth.c.orig Mon Jun 23 18:12:04 2003 ++++ ppp/pppd/auth.c Sat Jun 5 03:11:36 2004 +@@ -1251,14 +1251,14 @@ + if (pap_auth_hook) { + ret = (*pap_auth_hook)(user, passwd, msg, &addrs, &opts); + if (ret >= 0) { ++ /* note: set_allowed_addrs() saves opts (but not addrs): don't free it! */ + if (ret) + set_allowed_addrs(unit, addrs, opts); +- BZERO(passwd, sizeof(passwd)); ++ else if (opts != 0) ++ free_wordlist(opts); + if (addrs != 0) + free_wordlist(addrs); +- if (opts != 0) { +- free_wordlist(opts); +- } ++ BZERO(passwd, sizeof(passwd)); + return ret? UPAP_AUTHACK: UPAP_AUTHNAK; + } + } + diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/cifdefroute.dif b/obsolete-buildroot/sources/openwrt/patches/ppp/cifdefroute.dif new file mode 100644 index 000000000..263b674f9 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/cifdefroute.dif @@ -0,0 +1,283 @@ +--- ppp/pppd/ipcp.c Wed May 31 17:20:41 2000 ++++ ppp/pppd/ipcp.c Wed May 31 17:27:19 2000 +@@ -145,7 +145,17 @@ + { "-defaultroute", o_bool, &ipcp_allowoptions[0].default_route, + "disable defaultroute option", OPT_A2COPY, + &ipcp_wantoptions[0].default_route }, + ++#ifdef __linux__ ++ { "replacedefaultroute", o_bool, ++ &ipcp_wantoptions[0].replace_default_route, ++ "Replace default route", 1 ++ }, ++ { "noreplacedefaultroute", o_bool, ++ &ipcp_allowoptions[0].replace_default_route, ++ "Never replace default route", OPT_A2COPY, ++ &ipcp_wantoptions[0].replace_default_route }, ++#endif + { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, + "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, + { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, +@@ -195,7 +205,7 @@ + ip_active_pkt + }; + +-static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t)); ++static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool)); + static void ipcp_script __P((char *)); /* Run an up/down script */ + static void ipcp_script_done __P((void *)); + +@@ -1344,7 +1354,12 @@ + if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) + return 0; + if (wo->default_route) ++#ifndef __linux__ + if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr)) ++#else ++ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr, ++ wo->replace_default_route)) ++#endif + default_route_set[u] = 1; + if (wo->proxy_arp) + if (sifproxyarp(u, wo->hisaddr)) +@@ -1420,7 +1435,8 @@ + */ + if (demand) { + if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { +- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr); ++ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr, ++ wo->replace_default_route); + if (go->ouraddr != wo->ouraddr) { + warn("Local IP address changed to %I", go->ouraddr); + script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr)); +@@ -1445,7 +1461,12 @@ + + /* assign a default route through the interface if required */ + if (ipcp_wantoptions[f->unit].default_route) ++#ifndef __linux__ + if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) ++#else ++ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, ++ wo->replace_default_route)) ++#endif + default_route_set[f->unit] = 1; + + /* Make a proxy ARP entry if requested. */ +@@ -1492,7 +1513,12 @@ + + /* assign a default route through the interface if required */ + if (ipcp_wantoptions[f->unit].default_route) ++#ifndef __linux__ + if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) ++#else ++ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, ++ wo->replace_default_route)) ++#endif + default_route_set[f->unit] = 1; + + /* Make a proxy ARP entry if requested. */ +@@ -1559,7 +1585,7 @@ + sifnpmode(f->unit, PPP_IP, NPMODE_DROP); + sifdown(f->unit); + ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, +- ipcp_hisoptions[f->unit].hisaddr); ++ ipcp_hisoptions[f->unit].hisaddr, 0); + } + + /* Execute the ip-down script */ +@@ -1575,16 +1601,25 @@ + * proxy arp entries, etc. + */ + static void +-ipcp_clear_addrs(unit, ouraddr, hisaddr) ++ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute) + int unit; + u_int32_t ouraddr; /* local address */ + u_int32_t hisaddr; /* remote address */ ++ bool replacedefaultroute; + { + if (proxy_arp_set[unit]) { + cifproxyarp(unit, hisaddr); + proxy_arp_set[unit] = 0; + } +- if (default_route_set[unit]) { ++ /* If replacedefaultroute, sifdefaultroute will be called soon ++ * with replacedefaultroute set and that will overwrite the current ++ * default route. This is the case only when doing demand, otherwise ++ * during demand, this cifdefaultroute would restore the old default ++ * route which is not what we want in this case. In the non-demand ++ * case, we'll delete the default route and restore the old if there ++ * is one saved by an sifdefaultroute with replacedefaultroute. ++ */ ++ if (!replacedefaultroute && default_route_set[unit]) { + cifdefaultroute(unit, ouraddr, hisaddr); + default_route_set[unit] = 0; + } +--- ppp/pppd/ipcp.h Wed May 31 17:20:41 2000 ++++ ppp/pppd/ipcp.h Wed May 31 15:56:17 2000 +@@ -47,6 +47,7 @@ + bool old_addrs; /* Use old (IP-Addresses) option? */ + bool req_addr; /* Ask peer to send IP address? */ + bool default_route; /* Assign default route through interface? */ ++ bool replace_default_route; /* Replace default route through interface? */ + bool proxy_arp; /* Make proxy ARP entry for peer? */ + bool neg_vj; /* Van Jacobson Compression? */ + bool old_vj; /* use old (short) form of VJ option? */ +--- ppp/pppd/pppd.8 Wed May 31 17:20:41 2000 ++++ ppp/pppd/pppd.8 Wed May 31 15:56:17 2000 +@@ -99,6 +99,13 @@ + This entry is removed when the PPP connection is broken. This option + is privileged if the \fInodefaultroute\fR option has been specified. + .TP ++.B replacedefaultroute ++This option is a flag to the defaultroute option. If defaultroute is ++set and this flag is also set, pppd replaces an existing default route ++with the new default route. ++ ++ ++.TP + .B disconnect \fIscript + Run the executable or shell command specified by \fIscript\fR after + pppd has terminated the link. This script could, for example, issue +@@ -589,7 +596,12 @@ + .TP + .B nodefaultroute + Disable the \fIdefaultroute\fR option. The system administrator who +-wishes to prevent users from creating default routes with pppd ++wishes to prevent users from adding a default route with pppd ++can do so by placing this option in the /etc/ppp/options file. ++.TP ++.B noreplacedefaultroute ++Disable the \fIreplacedefaultroute\fR option. The system administrator who ++wishes to prevent users from replacing a default route with pppd + can do so by placing this option in the /etc/ppp/options file. + .TP + .B nodeflate +--- ppp/pppd/pppd.h Wed May 31 17:20:41 2000 ++++ ppp/pppd/pppd.h Wed May 31 15:56:17 2000 +@@ -416,7 +416,11 @@ + int cif6addr __P((int, eui64_t, eui64_t)); + /* Remove an IPv6 address from i/f */ + #endif ++#ifndef __linux__ + int sifdefaultroute __P((int, u_int32_t, u_int32_t)); ++#else ++int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt)); ++#endif + /* Create default route through i/f */ + int cifdefaultroute __P((int, u_int32_t, u_int32_t)); + /* Delete default route through i/f */ +--- ppp/pppd/sys-linux.c Wed May 31 17:20:41 2000 ++++ ppp/pppd/sys-linux.c Wed May 31 17:37:23 2000 +@@ -143,6 +143,8 @@ + + static int if_is_up; /* Interface has been marked up */ + static u_int32_t default_route_gateway; /* Gateway for default route added */ ++static struct rtentry old_def_rt; /* Old default route */ ++static int default_rt_repl_rest; /* replace and restore old default rt */ + static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ + static char proxy_arp_dev[16]; /* Device for proxy arp entry */ + static u_int32_t our_old_addr; /* for detecting address changes */ +@@ -1209,6 +1211,9 @@ + p = NULL; + } + ++ SET_SA_FAMILY (rt->rt_dst, AF_INET); ++ SET_SA_FAMILY (rt->rt_gateway, AF_INET); ++ + SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); + SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); + SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); +@@ -1278,19 +1283,53 @@ + /******************************************************************** + * + * sifdefaultroute - assign a default route through the address given. ++ * ++ * If the global default_rt_repl_rest flag is set, then this function ++ * already replaced the original system defaultroute with some other ++ * route and it should just replace the current defaultroute with ++ * another one, without saving the current route. Use: demand mode, ++ * when pppd sets first a defaultroute it it's temporary ppp0 addresses ++ * and then changes the temporary addresses to the addresses for the real ++ * ppp connection when it has come up. + */ + +-int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway) ++int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace) + { +- struct rtentry rt; +- +- if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) { +- u_int32_t old_gateway = SIN_ADDR(rt.rt_gateway); ++ struct rtentry rt, tmp_rt; ++ struct rtentry *del_rt = NULL; + +- if (old_gateway != gateway) +- error("not replacing existing default route to %s [%I]", +- rt.rt_dev, old_gateway); +- return 0; ++ ++ if (default_rt_repl_rest) { ++ /* We have already reclaced the original defaultroute, if we ++ * are called again, we will delete the current default route ++ * and set the new default route in this function. ++ * - this is normally only the case the doing demand: */ ++ if (defaultroute_exists( &tmp_rt )) ++ del_rt = &tmp_rt; ++ } else if ( defaultroute_exists( &old_def_rt ) && ++ strcmp( old_def_rt.rt_dev, ifname ) != 0) { ++ /* We did not yet replace an existing default route, let's ++ * check if we should save and replace a default route: ++ */ ++ u_int32_t old_gateway = SIN_ADDR(old_def_rt.rt_gateway); ++ ++ if (old_gateway != gateway) { ++ if (!replace) { ++ error("not replacing default route to %s [%I]", ++ old_def_rt.rt_dev, old_gateway); ++ return 0; ++ } else { ++ // we need to copy rt_dev because we need it permanent too: ++ char * tmp_dev = malloc(strlen(old_def_rt.rt_dev)+1); ++ strcpy(tmp_dev, old_def_rt.rt_dev); ++ old_def_rt.rt_dev = tmp_dev; ++ ++ notice("replacing old default route to %s [%I]", ++ old_def_rt.rt_dev, old_gateway); ++ default_rt_repl_rest = 1; ++ del_rt = &old_def_rt; ++ } ++ } + } + + memset (&rt, '\0', sizeof (rt)); +@@ -1310,6 +1349,12 @@ + error("default route ioctl(SIOCADDRT): %m(%d)", errno); + return 0; + } ++ if (default_rt_repl_rest && del_rt) ++ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) { ++ if ( ! ok_error ( errno )) ++ error("del old default route ioctl(SIOCDELRT): %m(%d)", errno); ++ return 0; ++ } + + default_route_gateway = gateway; + return 1; +@@ -1344,6 +1389,16 @@ + error("default route ioctl(SIOCDELRT): %m (%d)", errno); + return 0; + } ++ } ++ if (default_rt_repl_rest) { ++ notice("restoring old default route to %s [%I]", ++ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); ++ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) { ++ if ( ! ok_error ( errno )) ++ error("restore default route ioctl(SIOCADDRT): %m(%d)", errno); ++ return 0; ++ } ++ default_rt_repl_rest = 0; + } + + return 1; diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/close_devfd b/obsolete-buildroot/sources/openwrt/patches/ppp/close_devfd new file mode 100644 index 000000000..987d964aa --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/close_devfd @@ -0,0 +1,17 @@ +Ensure that the fd returned by the connect method is closed before +running external programs. + +http://article.gmane.org/gmane.linux.ppp/1371 + +diff -ruNp ppp.orig/pppd/main.c ppp/pppd/main.c +--- ppp.orig/pppd/main.c 2004-07-12 12:55:30.000000000 +0200 ++++ ppp/pppd/main.c 2004-07-12 12:55:25.000000000 +0200 +@@ -1662,6 +1662,8 @@ run_program(prog, args, must_exist, done + closelog(); + if (the_channel->close) + (*the_channel->close)(); ++ else ++ close(devfd); + + /* Don't pass handles to the PPP device, even by accident. */ + dup2(fd_devnull, 0); diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/fix_closed_fds b/obsolete-buildroot/sources/openwrt/patches/ppp/fix_closed_fds new file mode 100644 index 000000000..39208ab4d --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/fix_closed_fds @@ -0,0 +1,34 @@ +sys_init() will open a socket and keep it open for the whole like of the +process. If pppd is started without all standard fds open then the socket +will get one of their numbers, which will be clobbered later by the +/dev/null fd duplicated by main(). + +See Debian bug #235192. + +diff -ruN ppp.orig/pppd/main.c ppp/pppd/main.c +--- ppp.orig/pppd/main.c 2004-02-29 18:50:12.000000000 +0100 ++++ ppp/pppd/main.c 2004-02-29 18:48:56.000000000 +0100 +@@ -385,11 +385,6 @@ + if (dryrun) + die(0); + +- /* +- * Initialize system-dependent stuff. +- */ +- sys_init(); +- + /* Make sure fds 0, 1, 2 are open to somewhere. */ + fd_devnull = open(_PATH_DEVNULL, O_RDWR); + if (fd_devnull < 0) +@@ -401,6 +396,11 @@ + fd_devnull = i; + } + ++ /* ++ * Initialize system-dependent stuff. ++ */ ++ sys_init(); ++ + #ifdef USE_TDB + pppdb = tdb_open(_PATH_PPPDB, 0, 0, O_RDWR|O_CREAT, 0644); + if (pppdb != NULL) { diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/no_crypt_hack b/obsolete-buildroot/sources/openwrt/patches/ppp/no_crypt_hack new file mode 100644 index 000000000..501409ea9 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/no_crypt_hack @@ -0,0 +1,45 @@ +diff -ruN ppp.orig/pppd/auth.c ppp/pppd/auth.c +--- ppp.orig/pppd/auth.c 2003-06-12 02:01:21.000000000 +0200 ++++ ppp/pppd/auth.c 2003-12-02 14:48:40.000000000 +0100 +@@ -1292,8 +1292,10 @@ + } + if (secret[0] != 0 && !login_secret) { + /* password given in pap-secrets - must match */ ++#ifndef NO_CRYPT_HACK + if ((cryptpap || strcmp(passwd, secret) != 0) + && strcmp(crypt(passwd, secret), secret) != 0) ++#endif + ret = UPAP_AUTHNAK; + } + } +@@ -1495,8 +1497,10 @@ + /* + * If no passwd, don't let them login. + */ ++#ifndef NO_CRYPT_HACK + if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2 + || strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0) ++#endif + return (UPAP_AUTHNAK); + + #endif /* #ifdef USE_PAM */ +diff -ruN ppp.orig/pppd/Makefile.linux ppp/pppd/Makefile.linux +--- ppp.orig/pppd/Makefile.linux 2003-11-27 23:00:22.000000000 +0100 ++++ ppp/pppd/Makefile.linux 2003-12-02 14:47:53.000000000 +0100 +@@ -116,12 +116,16 @@ + #LIBS += -lshadow $(LIBS) + endif + ++ifdef NO_CRYPT_HACK ++CFLAGS += -DNO_CRYPT_HACK ++else + ifneq ($(wildcard /usr/include/crypt.h),) + CFLAGS += -DHAVE_CRYPT_H=1 + endif + ifneq ($(wildcard /usr/lib/libcrypt.*),) + LIBS += -lcrypt + endif ++endif + + ifdef NEEDDES + ifndef USE_CRYPT diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.3.11-oedod.dif b/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.3.11-oedod.dif new file mode 100644 index 000000000..e02469669 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.3.11-oedod.dif @@ -0,0 +1,172 @@ +--- ppp/pppd/demand.c ++++ ppp/pppd/demand.c 2000/06/28 14:54:04 +@@ -25,6 +25,8 @@ + #include <errno.h> + #include <fcntl.h> + #include <netdb.h> ++#include <unistd.h> ++#include <syslog.h> + #include <sys/param.h> + #include <sys/types.h> + #include <sys/wait.h> +@@ -32,6 +34,8 @@ + #include <sys/resource.h> + #include <sys/stat.h> + #include <sys/socket.h> ++#include <netinet/in.h> ++#include <arpa/inet.h> + #ifdef PPP_FILTER + #include <net/if.h> + #include <net/bpf.h> +@@ -210,6 +214,14 @@ + int c, rv; + + rv = 0; ++ ++/* check for synchronous connection... */ ++ ++ if ( (p[0] == 0xFF) && (p[1] == 0x03) ) { ++ rv = loop_frame(p,n); ++ return rv; ++ } ++ + for (; n > 0; --n) { + c = *p++; + if (c == PPP_FLAG) { +@@ -288,17 +300,102 @@ + * loopback, now that the real serial link is up. + */ + void +-demand_rexmit(proto) ++demand_rexmit(proto, newip) + int proto; ++ u_int32_t newip; + { + struct packet *pkt, *prev, *nextpkt; ++ unsigned short checksum; ++ unsigned short pkt_checksum = 0; ++ unsigned iphdr; ++ struct timeval tv; ++ char cv = 0; ++ char ipstr[16]; + + prev = NULL; + pkt = pend_q; + pend_q = NULL; ++ tv.tv_sec = 1; ++ tv.tv_usec = 0; ++ select(0,NULL,NULL,NULL,&tv); /* Sleep for 1 Seconds */ + for (; pkt != NULL; pkt = nextpkt) { + nextpkt = pkt->next; + if (PPP_PROTOCOL(pkt->data) == proto) { ++ if ( (proto == PPP_IP) && newip ) { ++ /* Get old checksum */ ++ ++ iphdr = (pkt->data[4] & 15) << 2; ++ checksum = *((unsigned short *) (pkt->data+14)); ++ if (checksum == 0xFFFF) { ++ checksum = 0; ++ } ++ ++ ++ if (pkt->data[13] == 17) { ++ pkt_checksum = *((unsigned short *) (pkt->data+10+iphdr)); ++ if (pkt_checksum) { ++ cv = 1; ++ if (pkt_checksum == 0xFFFF) { ++ pkt_checksum = 0; ++ } ++ } ++ else { ++ cv = 0; ++ } ++ } ++ ++ if (pkt->data[13] == 6) { ++ pkt_checksum = *((unsigned short *) (pkt->data+20+iphdr)); ++ cv = 1; ++ if (pkt_checksum == 0xFFFF) { ++ pkt_checksum = 0; ++ } ++ } ++ ++ /* Delete old Source-IP-Address */ ++ checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF; ++ checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF; ++ ++ pkt_checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF; ++ pkt_checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF; ++ ++ /* Change Source-IP-Address */ ++ * ((u_int32_t *) (pkt->data + 16)) = newip; ++ ++ /* Add new Source-IP-Address */ ++ checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF; ++ checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF; ++ ++ pkt_checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF; ++ pkt_checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF; ++ ++ /* Write new checksum */ ++ if (!checksum) { ++ checksum = 0xFFFF; ++ } ++ *((unsigned short *) (pkt->data+14)) = checksum; ++ if (pkt->data[13] == 6) { ++ *((unsigned short *) (pkt->data+20+iphdr)) = pkt_checksum; ++ } ++ if (cv && (pkt->data[13] == 17) ) { ++ *((unsigned short *) (pkt->data+10+iphdr)) = pkt_checksum; ++ } ++ ++ /* Log Packet */ ++ strcpy(ipstr,inet_ntoa(*( (struct in_addr *) (pkt->data+16)))); ++ if (pkt->data[13] == 1) { ++ syslog(LOG_INFO,"Open ICMP %s -> %s\n", ++ ipstr, ++ inet_ntoa(*( (struct in_addr *) (pkt->data+20)))); ++ } else { ++ syslog(LOG_INFO,"Open %s %s:%d -> %s:%d\n", ++ pkt->data[13] == 6 ? "TCP" : "UDP", ++ ipstr, ++ ntohs(*( (short *) (pkt->data+iphdr+4))), ++ inet_ntoa(*( (struct in_addr *) (pkt->data+20))), ++ ntohs(*( (short *) (pkt->data+iphdr+6)))); ++ } ++ } + output(0, pkt->data, pkt->length); + free(pkt); + } else { +--- ppp/pppd/ipcp.c ++++ ppp/pppd/ipcp.c 2000/06/28 12:32:05 +@@ -1454,7 +1454,7 @@ + proxy_arp_set[f->unit] = 1; + + } +- demand_rexmit(PPP_IP); ++ demand_rexmit(PPP_IP,go->ouraddr); + sifnpmode(f->unit, PPP_IP, NPMODE_PASS); + + } else { +--- ppp/pppd/ipv6cp.c ++++ ppp/pppd/ipv6cp.c 2000/06/28 12:32:06 +@@ -1153,7 +1153,7 @@ + } + + } +- demand_rexmit(PPP_IPV6); ++ demand_rexmit(PPP_IPV6,0); + sifnpmode(f->unit, PPP_IPV6, NPMODE_PASS); + + } else { +--- ppp/pppd/pppd.h ++++ ppp/pppd/pppd.h 2000/06/28 12:32:06 +@@ -359,7 +359,7 @@ + void demand_block __P((void)); /* set all NPs to queue up packets */ + void demand_unblock __P((void)); /* set all NPs to pass packets */ + void demand_discard __P((void)); /* set all NPs to discard packets */ +-void demand_rexmit __P((int)); /* retransmit saved frames for an NP */ ++void demand_rexmit __P((int, u_int32_t)); /* retransmit saved frames for an NP*/ + int loop_chars __P((unsigned char *, int)); /* process chars from loopback */ + int loop_frame __P((unsigned char *, int)); /* should we bring link up? */ + diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.4.2-stripMSdomain b/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.4.2-stripMSdomain new file mode 100644 index 000000000..d52e38645 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.4.2-stripMSdomain @@ -0,0 +1,35 @@ +diff -ruN ppp.orig/pppd/chap-new.c ppp/pppd/chap-new.c +--- ppp.orig/pppd/chap-new.c 2003-11-27 23:25:17.000000000 +0100 ++++ ppp/pppd/chap-new.c 2003-12-02 12:26:21.000000000 +0100 +@@ -57,6 +57,7 @@ + int chap_timeout_time = 3; + int chap_max_transmits = 10; + int chap_rechallenge_time = 0; ++int chapms_strip_domain = 0; + + /* + * Command-line options. +@@ -68,6 +69,8 @@ + "Set max #xmits for challenge", OPT_PRIO }, + { "chap-interval", o_int, &chap_rechallenge_time, + "Set interval for rechallenge", OPT_PRIO }, ++ { "chapms-strip-domain", o_bool, &chapms_strip_domain, ++ "Strip the domain prefix before the Username", 1 }, + { NULL } + }; + +@@ -338,6 +341,14 @@ + /* Null terminate and clean remote name. */ + slprintf(rname, sizeof(rname), "%.*v", len, name); + name = rname; ++ ++ /* strip the MS domain name */ ++ if (chapms_strip_domain && strrchr(rname, '\\')) { ++ char tmp[MAXNAMELEN+1]; ++ ++ strcpy(tmp, strrchr(rname, '\\') + 1); ++ strcpy(rname, tmp); ++ } + } + + if (chap_verify_hook) diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/pppdump-no-deflate b/obsolete-buildroot/sources/openwrt/patches/ppp/pppdump-no-deflate new file mode 100644 index 000000000..b76b84911 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/pppdump-no-deflate @@ -0,0 +1,12 @@ +diff -ruN ppp-2.4.1.uus.orig/pppdump/ppp-comp.h ppp-2.4.1.uus/pppdump/ppp-comp.h +--- ppp-2.4.1.uus.orig/pppdump/ppp-comp.h 1999-03-23 04:21:01.000000000 +0100 ++++ ppp-2.4.1.uus/pppdump/ppp-comp.h 2003-08-09 23:54:49.000000000 +0200 +@@ -37,6 +37,8 @@ + #ifndef DO_BSD_COMPRESS + #define DO_BSD_COMPRESS 1 /* by default, include BSD-Compress */ + #endif ++#undef DO_DEFLATE ++#define DO_DEFLATE 0 + #ifndef DO_DEFLATE + #define DO_DEFLATE 1 /* by default, include Deflate */ + #endif diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/setevn_call_file b/obsolete-buildroot/sources/openwrt/patches/ppp/setevn_call_file new file mode 100644 index 000000000..256b703f7 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/setevn_call_file @@ -0,0 +1,24 @@ +diff -ruN ppp.orig/pppd/options.c ppp/pppd/options.c +--- ppp.orig/pppd/options.c 2004-02-27 19:45:18.000000000 +0100 ++++ ppp/pppd/options.c 2004-02-27 19:44:48.000000000 +0100 +@@ -1448,6 +1448,7 @@ + if ((fname = (char *) malloc(l)) == NULL) + novm("call file name"); + slprintf(fname, l, "%s%s", _PATH_PEERFILES, arg); ++ script_setenv("CALL_FILE", arg, 0); + + ok = options_from_file(fname, 1, 1, 1); + +diff -ruN ppp.orig/pppd/pppd.8 ppp/pppd/pppd.8 +--- ppp.orig/pppd/pppd.8 2004-02-27 19:45:18.000000000 +0100 ++++ ppp/pppd/pppd.8 2004-02-27 19:45:13.000000000 +0100 +@@ -1569,6 +1569,9 @@ + .B LINKNAME + The logical name of the link, set with the \fIlinkname\fR option. + .TP ++.B CALL_FILE ++The value of the \fIcall\fR option. ++.TP + .B DNS1 + If the peer supplies DNS server addresses, this variable is set to the + first DNS server address supplied. diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/syslog_local2 b/obsolete-buildroot/sources/openwrt/patches/ppp/syslog_local2 new file mode 100644 index 000000000..32a8cead9 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/syslog_local2 @@ -0,0 +1,12 @@ +diff -ruN ppp.orig/pppd/pppd.h ppp/pppd/pppd.h +--- ppp.orig/pppd/pppd.h 2003-11-28 00:30:27.000000000 +0100 ++++ ppp/pppd/pppd.h 2003-11-28 00:30:20.000000000 +0100 +@@ -812,7 +812,7 @@ + || defined(DEBUGCHAP) || defined(DEBUG) || defined(DEBUGIPV6CP) + #define LOG_PPP LOG_LOCAL2 + #else +-#define LOG_PPP LOG_DAEMON ++#define LOG_PPP LOG_LOCAL2 + #endif + #endif /* LOG_PPP */ + diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/z01_ppp-2.4.2-openwrt.patch b/obsolete-buildroot/sources/openwrt/patches/ppp/z01_ppp-2.4.2-openwrt.patch new file mode 100644 index 000000000..e77b00441 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/z01_ppp-2.4.2-openwrt.patch @@ -0,0 +1,225 @@ +diff -ruN ppp-2.4.2-old/chat/Makefile.linux ppp-2.4.2-new/chat/Makefile.linux +--- ppp-2.4.2-old/chat/Makefile.linux 2004-01-13 04:57:55.000000000 +0100 ++++ ppp-2.4.2-new/chat/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 +@@ -6,8 +6,9 @@ + CDEF4= -DFNDELAY=O_NDELAY # Old name value + CDEFS= $(CDEF1) $(CDEF2) $(CDEF3) $(CDEF4) + +-COPTS= -O2 -g -pipe $(CDEFS) +-CFLAGS= $(COPTS) $(CDEFS) ++COPTS = -O2 ++COMPILE_FLAGS = $(CDEFS) ++CFLAGS = $(COPTS) $(COMPILE_FLAGS) + + INSTALL= install + +diff -ruN ppp-2.4.2-old/pppd/Makefile.linux ppp-2.4.2-new/pppd/Makefile.linux +--- ppp-2.4.2-old/pppd/Makefile.linux 2003-11-27 22:55:19.000000000 +0100 ++++ ppp-2.4.2-new/pppd/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 +@@ -47,19 +47,19 @@ + # Uncomment the next line to include support for PPP packet filtering. + # This requires that the libpcap library and headers be installed + # and that the kernel driver support PPP packet filtering. +-FILTER=y ++#FILTER=y + + # Uncomment the next line to enable multilink PPP (enabled by default) + # Linux distributions: Please leave multilink ENABLED in your builds + # of pppd! +-HAVE_MULTILINK=y ++#HAVE_MULTILINK=y + + # Uncomment the next line to enable the TDB database (enabled by default.) + # If you enable multilink, then TDB is automatically enabled also. + # Linux distributions: Please leave TDB ENABLED in your builds. +-USE_TDB=y ++#USE_TDB=y + +-HAS_SHADOW=y ++#HAS_SHADOW=y + #USE_PAM=y + #HAVE_INET6=y + +@@ -76,7 +76,7 @@ + + INCLUDE_DIRS= -I../include + +-COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP ++COMPILE_FLAGS= -DHAVE_PATHS_H + + CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) + +@@ -192,7 +192,7 @@ + CFLAGS += -DMAXOCTETS + endif + +-INSTALL= install -o root ++INSTALL= install + + all: $(TARGETS) + +diff -ruN ppp-2.4.2-old/pppd/plugins/Makefile.linux ppp-2.4.2-new/pppd/plugins/Makefile.linux +--- ppp-2.4.2-old/pppd/plugins/Makefile.linux 2004-01-13 04:56:24.000000000 +0100 ++++ ppp-2.4.2-new/pppd/plugins/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 +@@ -1,12 +1,16 @@ +-CC = gcc +-COPTS = -O2 -g +-CFLAGS = $(COPTS) -I.. -I../../include -fPIC +-LDFLAGS = -shared +-INSTALL = install -o root ++#CC = gcc ++COPTS = -O2 ++COMPILE_FLAGS = -I.. -I../../include -fPIC ++LIBS = ++ ++INSTALL = install ++ ++CFLAGS = $(COPTS) $(COMPILE_FLAGS) ++LDFLAGS = -shared + + SUBDIRS := rp-pppoe + # Uncomment the next line to include the radius authentication plugin +-# SUBDIRS += radius ++SUBDIRS += radius + PLUGINS := minconn.so passprompt.so passwordfd.so + + # include dependencies if present +diff -ruN ppp-2.4.2-old/pppd/plugins/radius/Makefile.linux ppp-2.4.2-new/pppd/plugins/radius/Makefile.linux +--- ppp-2.4.2-old/pppd/plugins/radius/Makefile.linux 2002-11-09 12:24:42.000000000 +0100 ++++ ppp-2.4.2-new/pppd/plugins/radius/Makefile.linux 2004-08-23 12:57:38.000000000 +0200 +@@ -5,7 +5,12 @@ + + MANDIR=/usr/man + PLUGIN=radius.so radattr.so radrealms.so +-CFLAGS=-I../.. -I../../../include -Iradiusclient/include -O2 ++COPTS = -O2 ++COMPILE_FLAGS = -I../.. -I../../../include -Iradiusclient/include -fPIC ++LIBS= ++ ++CFLAGS=$(COPTS) $(COMPILE_FLAGS) ++LDFLAGS=-lradiusclient + + # Uncomment the next line to include support for Microsoft's + # MS-CHAP authentication protocol. +@@ -37,29 +42,34 @@ + $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)/man8 + + radius.so: radiusclient/lib/.libs/libradiusclient.a radius.o +- gcc -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a ++ $(CC) -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a + + radattr.so: radattr.o +- gcc -o radattr.so -shared radattr.o ++ $(CC) -o radattr.so -shared radattr.o + + radrealms.so: radrealms.o +- gcc -o radrealms.so -shared radrealms.o ++ $(CC) -o radrealms.so -shared radrealms.o + + radius.o: radius.c +- gcc $(CFLAGS) -c -o radius.o -fPIC radius.c ++ $(CC) -c $(CFLAGS) radius.c -o radius.o + + radattr.o: radattr.c +- gcc $(CFLAGS) -c -o radattr.o -fPIC radattr.c ++ $(CC) -c $(CFLAGS) radattr.c -o radattr.o + + radrealms.o: radrealms.c +- gcc $(CFLAGS) -c -o radrealms.o -fPIC radrealms.c ++ $(CC) -c $(CFLAGS) radrealms.c -o radrealms.o + + radiusclient/lib/.libs/libradiusclient.a: + test -r radiusclient/Makefile || \ + (cd radiusclient; \ ++ rm -f config.cache ; \ ++ aclocal ; \ ++ autoconf ; \ ++ ac_cv_func_setvbuf_reversed=no \ ++ ac_cv_func_uname=no \ + ./configure --prefix=/usr \ + --sysconfdir=/etc \ +- --enable-shared \ ++ --disable-shared \ + --enable-static) + $(MAKE) -C radiusclient + +diff -ruN ppp-2.4.2-old/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.2-new/pppd/plugins/rp-pppoe/Makefile.linux +--- ppp-2.4.2-old/pppd/plugins/rp-pppoe/Makefile.linux 2004-01-13 04:57:55.000000000 +0100 ++++ ppp-2.4.2-new/pppd/plugins/rp-pppoe/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 +@@ -16,12 +16,16 @@ + # Version is set ONLY IN THE MAKEFILE! Don't delete this! + VERSION=3.3 + +-COPTS=-O2 -g +-CFLAGS=$(COPTS) -I../../../include/linux ++#CC = gcc ++COPTS = -O2 ++COMPILE_FLAGS = -I../../../include/linux -fPIC ++ ++CFLAGS = $(COPTS) $(COMPILE_FLAGS) ++ + all: rp-pppoe.so + + rp-pppoe.so: libplugin.a plugin.o +- gcc -o rp-pppoe.so -shared plugin.o libplugin.a ++ $(CC) -o rp-pppoe.so -shared plugin.o libplugin.a + + install: all + $(INSTALL) -d -m 755 $(LIBDIR) +@@ -31,20 +35,20 @@ + rm -f *.o *.so + + plugin.o: plugin.c +- gcc '-DRP_VERSION="$(VERSION)"' $(CFLAGS) -I../../.. -c -o plugin.o -fPIC plugin.c ++ $(CC) -c $(CFLAGS) plugin.c '-DRP_VERSION="$(VERSION)"' -I../../.. -o plugin.o + + libplugin.a: discovery.o if.o common.o debug.o +- ar -rc $@ $^ ++ $(AR) -rc $@ $^ + + discovery.o: discovery.c +- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o discovery.o -fPIC discovery.c ++ $(CC) -c $(CFLAGS) discovery.c '-DVERSION="$(VERSION)"' -o discovery.o + + if.o: if.c +- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o if.o -fPIC if.c ++ $(CC) -c $(CFLAGS) if.c '-DVERSION="$(VERSION)"' -o if.o + + debug.o: debug.c +- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o debug.o -fPIC debug.c ++ $(CC) -c $(CFLAGS) debug.c '-DVERSION="$(VERSION)"' -o debug.o + + common.o: common.c +- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o common.o -fPIC common.c ++ $(CC) -c $(CFLAGS) common.c '-DVERSION="$(VERSION)"' -o common.o + +diff -ruN ppp-2.4.2-old/pppdump/Makefile.linux ppp-2.4.2-new/pppdump/Makefile.linux +--- ppp-2.4.2-old/pppdump/Makefile.linux 1999-07-26 13:09:29.000000000 +0200 ++++ ppp-2.4.2-new/pppdump/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 +@@ -1,4 +1,8 @@ +-CFLAGS= -O -I../include/net ++#CC = gcc ++COPTS = -O ++COMPILE_FLAGS = -I../include/net ++CFLAGS= $(COPTS) $(COMPILE_FLAGS) ++ + OBJS = pppdump.o bsd-comp.o deflate.o zlib.o + + INSTALL= install +diff -ruN ppp-2.4.2-old/pppstats/Makefile.linux ppp-2.4.2-new/pppstats/Makefile.linux +--- ppp-2.4.2-old/pppstats/Makefile.linux 2002-11-09 12:24:43.000000000 +0100 ++++ ppp-2.4.2-new/pppstats/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 +@@ -7,11 +7,11 @@ + PPPSTATOBJS = pppstats.o + + #CC = gcc +-COPTS = -O ++COPTS = -O2 + COMPILE_FLAGS = -I../include + LIBS = + +-INSTALL= install -o root -g daemon ++INSTALL= install + + CFLAGS = $(COPTS) $(COMPILE_FLAGS) + diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/z02_ppp-2.4.2-stdopt-mppe-mppc-1.1.patch b/obsolete-buildroot/sources/openwrt/patches/ppp/z02_ppp-2.4.2-stdopt-mppe-mppc-1.1.patch new file mode 100644 index 000000000..d23053463 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/ppp/z02_ppp-2.4.2-stdopt-mppe-mppc-1.1.patch @@ -0,0 +1,1608 @@ +diff -ruN ppp-2.4.2.orig/include/linux/ppp-comp.h ppp-2.4.2-stdopt/include/linux/ppp-comp.h +--- ppp-2.4.2.orig/include/linux/ppp-comp.h 2002-12-06 10:49:15.000000000 +0100 ++++ ppp-2.4.2-stdopt/include/linux/ppp-comp.h 2004-01-21 06:51:09.000000000 +0100 +@@ -36,7 +36,7 @@ + */ + + /* +- * ==FILEVERSION 20020319== ++ * ==FILEVERSION 20020715== + * + * NOTE TO MAINTAINERS: + * If you modify this file at all, please set the above date. +@@ -86,7 +86,7 @@ + + /* Compress a packet */ + int (*compress) (void *state, unsigned char *rptr, +- unsigned char *obuf, int isize, int osize); ++ unsigned char *obuf, int isize, int osize); + + /* Return compression statistics */ + void (*comp_stat) (void *state, struct compstat *stats); +@@ -107,7 +107,7 @@ + + /* Decompress a packet. */ + int (*decompress) (void *state, unsigned char *ibuf, int isize, +- unsigned char *obuf, int osize); ++ unsigned char *obuf, int osize); + + /* Update state for an incompressible packet received */ + void (*incomp) (void *state, unsigned char *ibuf, int icnt); +@@ -288,6 +288,33 @@ + opts |= MPPE_OPT_UNKNOWN; \ + } while (/* CONSTCOND */ 0) + ++/* MPPE/MPPC definitions by J.D.*/ ++#define MPPE_STATELESS MPPE_H_BIT /* configuration bit H */ ++#define MPPE_40BIT MPPE_L_BIT /* configuration bit L */ ++#define MPPE_56BIT MPPE_M_BIT /* configuration bit M */ ++#define MPPE_128BIT MPPE_S_BIT /* configuration bit S */ ++#define MPPE_MPPC MPPE_C_BIT /* configuration bit C */ ++ ++/* ++ * Definitions for Stac LZS. ++ */ ++ ++#define CI_LZS 17 /* config option for Stac LZS */ ++#define CILEN_LZS 5 /* length of config option */ ++ ++#define LZS_OVHD 4 /* max. LZS overhead */ ++#define LZS_HIST_LEN 2048 /* LZS history size */ ++#define LZS_MAX_CCOUNT 0x0FFF /* max. coherency counter value */ ++ ++#define LZS_MODE_NONE 0 ++#define LZS_MODE_LCB 1 ++#define LZS_MODE_CRC 2 ++#define LZS_MODE_SEQ 3 ++#define LZS_MODE_EXT 4 ++ ++#define LZS_EXT_BIT_FLUSHED 0x80 /* bit A */ ++#define LZS_EXT_BIT_COMP 0x20 /* bit C */ ++ + /* + * Definitions for other, as yet unsupported, compression methods. + */ +diff -ruN ppp-2.4.2.orig/include/net/ppp-comp.h ppp-2.4.2-stdopt/include/net/ppp-comp.h +--- ppp-2.4.2.orig/include/net/ppp-comp.h 2002-12-06 10:49:15.000000000 +0100 ++++ ppp-2.4.2-stdopt/include/net/ppp-comp.h 2004-01-21 06:51:09.000000000 +0100 +@@ -255,6 +255,33 @@ + opts |= MPPE_OPT_UNKNOWN; \ + } while (/* CONSTCOND */ 0) + ++/* MPPE/MPPC definitions by J.D.*/ ++#define MPPE_STATELESS MPPE_H_BIT /* configuration bit H */ ++#define MPPE_40BIT MPPE_L_BIT /* configuration bit L */ ++#define MPPE_56BIT MPPE_M_BIT /* configuration bit M */ ++#define MPPE_128BIT MPPE_S_BIT /* configuration bit S */ ++#define MPPE_MPPC MPPE_C_BIT /* configuration bit C */ ++ ++/* ++ * Definitions for Stac LZS. ++ */ ++ ++#define CI_LZS 17 /* config option for Stac LZS */ ++#define CILEN_LZS 5 /* length of config option */ ++ ++#define LZS_OVHD 4 /* max. LZS overhead */ ++#define LZS_HIST_LEN 2048 /* LZS history size */ ++#define LZS_MAX_CCOUNT 0x0FFF /* max. coherency counter value */ ++ ++#define LZS_MODE_NONE 0 ++#define LZS_MODE_LCB 1 ++#define LZS_MODE_CRC 2 ++#define LZS_MODE_SEQ 3 ++#define LZS_MODE_EXT 4 ++ ++#define LZS_EXT_BIT_FLUSHED 0x80 /* bit A */ ++#define LZS_EXT_BIT_COMP 0x20 /* bit C */ ++ + /* + * Definitions for other, as yet unsupported, compression methods. + */ +diff -ruN ppp-2.4.2.orig/pppd/ccp.c ppp-2.4.2-stdopt/pppd/ccp.c +--- ppp-2.4.2.orig/pppd/ccp.c 2003-05-01 14:30:28.000000000 +0200 ++++ ppp-2.4.2-stdopt/pppd/ccp.c 2004-05-02 14:10:04.000000000 +0200 +@@ -67,13 +67,6 @@ + static char bsd_value[8]; + static char deflate_value[8]; + +-/* +- * Option variables. +- */ +-#ifdef MPPE +-bool refuse_mppe_stateful = 1; /* Allow stateful mode? */ +-#endif +- + static option_t ccp_option_list[] = { + { "noccp", o_bool, &ccp_protent.enabled_flag, + "Disable CCP negotiation" }, +@@ -113,54 +106,87 @@ + "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, + &ccp_allowoptions[0].predictor_1 }, + ++ { "lzs", o_bool, &ccp_wantoptions[0].lzs, ++ "request Stac LZS", 1, &ccp_allowoptions[0].lzs, OPT_PRIO }, ++ { "+lzs", o_bool, &ccp_wantoptions[0].lzs, ++ "request Stac LZS", 1, &ccp_allowoptions[0].lzs, OPT_ALIAS | OPT_PRIO }, ++ { "nolzs", o_bool, &ccp_wantoptions[0].lzs, ++ "don't allow Stac LZS", OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].lzs }, ++ { "-lzs", o_bool, &ccp_wantoptions[0].lzs, ++ "don't allow Stac LZS", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].lzs }, ++ + #ifdef MPPE +- /* MPPE options are symmetrical ... we only set wantoptions here */ ++ { "mppc", o_bool, &ccp_wantoptions[0].mppc, ++ "request MPPC compression", 1, &ccp_allowoptions[0].mppc, OPT_PRIO }, ++ { "+mppc", o_bool, &ccp_wantoptions[0].mppc, ++ "request MPPC compression", 1, &ccp_allowoptions[0].mppc, ++ OPT_ALIAS | OPT_PRIO }, ++ { "nomppc", o_bool, &ccp_wantoptions[0].mppc, ++ "don't allow MPPC compression", OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppc }, ++ { "-mppc", o_bool, &ccp_wantoptions[0].mppc, ++ "don't allow MPPC compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppc }, ++ + { "require-mppe", o_bool, &ccp_wantoptions[0].mppe, +- "require MPPE encryption", +- OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 }, ++ "require MPPE encryption", 1, &ccp_allowoptions[0].mppe, OPT_PRIO }, + { "+mppe", o_bool, &ccp_wantoptions[0].mppe, +- "require MPPE encryption", +- OPT_ALIAS | OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 }, ++ "require MPPE encryption", 1, &ccp_allowoptions[0].mppe, ++ OPT_ALIAS | OPT_PRIO }, + { "nomppe", o_bool, &ccp_wantoptions[0].mppe, +- "don't allow MPPE encryption", OPT_PRIO }, ++ "don't allow MPPE encryption", OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe }, + { "-mppe", o_bool, &ccp_wantoptions[0].mppe, +- "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIO }, ++ "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe }, + +- /* We use ccp_allowoptions[0].mppe as a junk var ... it is reset later */ +- { "require-mppe-40", o_bool, &ccp_allowoptions[0].mppe, +- "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, +- &ccp_wantoptions[0].mppe }, +- { "+mppe-40", o_bool, &ccp_allowoptions[0].mppe, +- "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, +- &ccp_wantoptions[0].mppe }, +- { "nomppe-40", o_bool, &ccp_allowoptions[0].mppe, +- "don't allow MPPE 40-bit encryption", +- OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, &ccp_wantoptions[0].mppe }, +- { "-mppe-40", o_bool, &ccp_allowoptions[0].mppe, +- "don't allow MPPE 40-bit encryption", +- OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, +- &ccp_wantoptions[0].mppe }, +- +- { "require-mppe-128", o_bool, &ccp_allowoptions[0].mppe, +- "require MPPE 128-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_128, +- &ccp_wantoptions[0].mppe }, +- { "+mppe-128", o_bool, &ccp_allowoptions[0].mppe, +- "require MPPE 128-bit encryption", +- OPT_ALIAS | OPT_PRIO | OPT_A2OR | MPPE_OPT_128, +- &ccp_wantoptions[0].mppe }, +- { "nomppe-128", o_bool, &ccp_allowoptions[0].mppe, +- "don't allow MPPE 128-bit encryption", +- OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, &ccp_wantoptions[0].mppe }, +- { "-mppe-128", o_bool, &ccp_allowoptions[0].mppe, +- "don't allow MPPE 128-bit encryption", +- OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, +- &ccp_wantoptions[0].mppe }, +- +- /* strange one; we always request stateless, but will we allow stateful? */ +- { "mppe-stateful", o_bool, &refuse_mppe_stateful, +- "allow MPPE stateful mode", OPT_PRIO }, +- { "nomppe-stateful", o_bool, &refuse_mppe_stateful, +- "disallow MPPE stateful mode", OPT_PRIO | 1 }, ++ { "require-mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, ++ "require MPPE 40-bit encryption", 1, &ccp_allowoptions[0].mppe_40, ++ OPT_PRIO }, ++ { "+mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, ++ "require MPPE 40-bit encryption", 1, &ccp_allowoptions[0].mppe_40, ++ OPT_ALIAS | OPT_PRIO }, ++ { "nomppe-40", o_bool, &ccp_wantoptions[0].mppe_40, ++ "don't allow MPPE 40-bit encryption", OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe_40 }, ++ { "-mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, ++ "don't allow MPPE 40-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe_40 }, ++ ++ { "require-mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, ++ "require MPPE 56-bit encryption", 1, &ccp_allowoptions[0].mppe_56, ++ OPT_PRIO }, ++ { "+mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, ++ "require MPPE 56-bit encryption", 1, &ccp_allowoptions[0].mppe_56, ++ OPT_ALIAS | OPT_PRIO }, ++ { "nomppe-56", o_bool, &ccp_wantoptions[0].mppe_56, ++ "don't allow MPPE 56-bit encryption", OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe_56 }, ++ { "-mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, ++ "don't allow MPPE 56-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe_56 }, ++ ++ { "require-mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, ++ "require MPPE 128-bit encryption", 1, &ccp_allowoptions[0].mppe_128, ++ OPT_PRIO }, ++ { "+mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, ++ "require MPPE 128-bit encryption", 1, &ccp_allowoptions[0].mppe_128, ++ OPT_ALIAS | OPT_PRIO }, ++ { "nomppe-128", o_bool, &ccp_wantoptions[0].mppe_40, ++ "don't allow MPPE 128-bit encryption", OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe_128 }, ++ { "-mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, ++ "don't allow MPPE 128-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe_128 }, ++ ++ { "nomppe-stateful", o_bool, &ccp_wantoptions[0].mppe_stateless, ++ "disallow MPPE stateful mode", 1, &ccp_allowoptions[0].mppe_stateless, ++ OPT_PRIO }, ++ { "mppe-stateful", o_bool, &ccp_wantoptions[0].mppe_stateless, ++ "allow MPPE stateful mode", OPT_PRIOSUB | OPT_A2CLR, ++ &ccp_allowoptions[0].mppe_stateless }, + #endif /* MPPE */ + + { NULL } +@@ -246,7 +272,7 @@ + */ + #define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \ + || (opt).predictor_1 || (opt).predictor_2 \ +- || (opt).mppe) ++ || (opt).lzs || (opt).mppc || (opt).mppe) + + /* + * Local state (mainly for handling reset-reqs and reset-acks). +@@ -383,6 +409,30 @@ + ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS; + + ccp_allowoptions[0].predictor_1 = 1; ++ ++ ccp_wantoptions[0].lzs = 0; /* Stac LZS - will be enabled in the future */ ++ ccp_wantoptions[0].lzs_mode = LZS_MODE_SEQ; ++ ccp_wantoptions[0].lzs_hists = 1; ++ ccp_allowoptions[0].lzs = 0; /* Stac LZS - will be enabled in the future */ ++ ccp_allowoptions[0].lzs_mode = LZS_MODE_SEQ; ++ ccp_allowoptions[0].lzs_hists = 1; ++ ++#ifdef MPPE ++ /* by default allow and request MPPC... */ ++ ccp_wantoptions[0].mppc = ccp_allowoptions[0].mppc = 1; ++ ++ /* ... and allow but don't request MPPE */ ++ ccp_allowoptions[0].mppe = 1; ++ ccp_allowoptions[0].mppe_40 = 1; ++ ccp_allowoptions[0].mppe_56 = 1; ++ ccp_allowoptions[0].mppe_128 = 1; ++ ccp_allowoptions[0].mppe_stateless = 1; ++ ccp_wantoptions[0].mppe = 0; ++ ccp_wantoptions[0].mppe_40 = 0; ++ ccp_wantoptions[0].mppe_56 = 0; ++ ccp_wantoptions[0].mppe_128 = 0; ++ ccp_wantoptions[0].mppe_stateless = 0; ++#endif /* MPPE */ + } + + /* +@@ -460,11 +510,11 @@ + if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) { + notice("Compression disabled by peer."); + #ifdef MPPE +- if (ccp_gotoptions[unit].mppe) { ++ if (ccp_wantoptions[unit].mppe) { + error("MPPE disabled, closing LCP"); + lcp_close(unit, "MPPE disabled by peer"); + } +-#endif ++#endif /* MPPE */ + } + + /* +@@ -492,6 +542,15 @@ + break; + /* send a reset-ack, which the transmitter will see and + reset its compression state. */ ++ ++ /* In case of MPPE/MPPC or LZS we shouldn't send CCP_RESETACK, ++ but we do it in order to reset compressor; CCP_RESETACK is ++ then silently discarded. See functions ppp_send_frame and ++ ppp_ccp_peek in ppp_generic.c (Linux only !!!). All the ++ confusion is caused by the fact that CCP code is splited ++ into two parts - one part is handled by pppd, the other one ++ is handled by kernel. */ ++ + fsm_sdata(f, CCP_RESETACK, id, NULL, 0); + break; + +@@ -520,12 +579,11 @@ + fsm_lowerdown(&ccp_fsm[unit]); + + #ifdef MPPE +- if (ccp_gotoptions[unit].mppe) { ++ if (ccp_wantoptions[unit].mppe) { + error("MPPE required but peer negotiation failed"); + lcp_close(unit, "MPPE required but peer negotiation failed"); + } +-#endif +- ++#endif /* MPPE */ + } + + /* +@@ -542,7 +600,7 @@ + all_rejected[f->unit] = 0; + + #ifdef MPPE +- if (go->mppe) { ++ if (go->mppe || go->mppc) { + ccp_options *ao = &ccp_allowoptions[f->unit]; + int auth_mschap_bits = auth_done[f->unit]; + int numbits; +@@ -556,80 +614,109 @@ + * NB: If MPPE is required, all other compression opts are invalid. + * So, we return right away if we can't do it. + */ ++ if (ccp_wantoptions[f->unit].mppe) { ++ /* Leave only the mschap auth bits set */ ++ auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER | ++ CHAP_MS2_WITHPEER | CHAP_MS2_PEER); ++ /* Count the mschap auths */ ++ auth_mschap_bits >>= CHAP_MS_SHIFT; ++ numbits = 0; ++ do { ++ numbits += auth_mschap_bits & 1; ++ auth_mschap_bits >>= 1; ++ } while (auth_mschap_bits); ++ if (numbits > 1) { ++ error("MPPE required, but auth done in both directions."); ++ lcp_close(f->unit, "MPPE required but not available"); ++ return; ++ } ++ if (!numbits) { ++ error("MPPE required, but MS-CHAP[v2] auth not performed."); ++ lcp_close(f->unit, "MPPE required but not available"); ++ return; ++ } + +- /* Leave only the mschap auth bits set */ +- auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER | +- CHAP_MS2_WITHPEER | CHAP_MS2_PEER); +- /* Count the mschap auths */ +- auth_mschap_bits >>= CHAP_MS_SHIFT; +- numbits = 0; +- do { +- numbits += auth_mschap_bits & 1; +- auth_mschap_bits >>= 1; +- } while (auth_mschap_bits); +- if (numbits > 1) { +- error("MPPE required, but auth done in both directions."); +- lcp_close(f->unit, "MPPE required but not available"); +- return; +- } +- if (!numbits) { +- error("MPPE required, but MS-CHAP[v2] auth not performed."); +- lcp_close(f->unit, "MPPE required but not available"); +- return; +- } +- +- /* A plugin (eg radius) may not have obtained key material. */ +- if (!mppe_keys_set) { +- error("MPPE required, but keys are not available. " +- "Possible plugin problem?"); +- lcp_close(f->unit, "MPPE required but not available"); +- return; +- } +- +- /* LM auth not supported for MPPE */ +- if (auth_done[f->unit] & (CHAP_MS_WITHPEER | CHAP_MS_PEER)) { +- /* This might be noise */ +- if (go->mppe & MPPE_OPT_40) { +- notice("Disabling 40-bit MPPE; MS-CHAP LM not supported"); +- go->mppe &= ~MPPE_OPT_40; +- ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40; ++ /* A plugin (eg radius) may not have obtained key material. */ ++ if (!mppe_keys_set) { ++ error("MPPE required, but keys are not available. " ++ "Possible plugin problem?"); ++ lcp_close(f->unit, "MPPE required but not available"); ++ return; + } + } + +- /* Last check: can we actually negotiate something? */ +- if (!(go->mppe & (MPPE_OPT_40 | MPPE_OPT_128))) { +- /* Could be misconfig, could be 40-bit disabled above. */ +- error("MPPE required, but both 40-bit and 128-bit disabled."); +- lcp_close(f->unit, "MPPE required but not available"); +- return; ++ /* ++ * Check whether the kernel knows about the various ++ * compression methods we might request. Key material ++ * unimportant here. ++ */ ++ if (go->mppc) { ++ opt_buf[0] = CI_MPPE; ++ opt_buf[1] = CILEN_MPPE; ++ opt_buf[2] = 0; ++ opt_buf[3] = 0; ++ opt_buf[4] = 0; ++ opt_buf[5] = MPPE_MPPC; ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE, 0) <= 0) ++ go->mppc = 0; ++ } ++ if (go->mppe_40) { ++ opt_buf[0] = CI_MPPE; ++ opt_buf[1] = CILEN_MPPE; ++ opt_buf[2] = MPPE_STATELESS; ++ opt_buf[3] = 0; ++ opt_buf[4] = 0; ++ opt_buf[5] = MPPE_40BIT; ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) ++ go->mppe_40 = 0; ++ } ++ if (go->mppe_56) { ++ opt_buf[0] = CI_MPPE; ++ opt_buf[1] = CILEN_MPPE; ++ opt_buf[2] = MPPE_STATELESS; ++ opt_buf[3] = 0; ++ opt_buf[4] = 0; ++ opt_buf[5] = MPPE_56BIT; ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) ++ go->mppe_56 = 0; ++ } ++ if (go->mppe_128) { ++ opt_buf[0] = CI_MPPE; ++ opt_buf[1] = CILEN_MPPE; ++ opt_buf[2] = MPPE_STATELESS; ++ opt_buf[3] = 0; ++ opt_buf[4] = 0; ++ opt_buf[5] = MPPE_128BIT; ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) ++ go->mppe_128 = 0; ++ } ++ if (!go->mppe_40 && !go->mppe_56 && !go->mppe_128) { ++ if (ccp_wantoptions[f->unit].mppe) { ++ error("MPPE required, but kernel has no support."); ++ lcp_close(f->unit, "MPPE required but not available"); ++ } ++ go->mppe = go->mppe_stateless = 0; ++ } else { ++ /* MPPE is not compatible with other compression types */ ++ if (ccp_wantoptions[f->unit].mppe) { ++ ao->bsd_compress = go->bsd_compress = 0; ++ ao->predictor_1 = go->predictor_1 = 0; ++ ao->predictor_2 = go->predictor_2 = 0; ++ ao->deflate = go->deflate = 0; ++ ao->lzs = go->lzs = 0; ++ } + } +- +- /* sync options */ +- ao->mppe = go->mppe; +- /* MPPE is not compatible with other compression types */ +- ao->bsd_compress = go->bsd_compress = 0; +- ao->predictor_1 = go->predictor_1 = 0; +- ao->predictor_2 = go->predictor_2 = 0; +- ao->deflate = go->deflate = 0; + } + #endif /* MPPE */ +- +- /* +- * Check whether the kernel knows about the various +- * compression methods we might request. +- */ +-#ifdef MPPE +- if (go->mppe) { +- opt_buf[0] = CI_MPPE; +- opt_buf[1] = CILEN_MPPE; +- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); +- /* Key material unimportant here. */ +- if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) { +- error("MPPE required, but kernel has no support."); +- lcp_close(f->unit, "MPPE required but not available"); +- } ++ if (go->lzs) { ++ opt_buf[0] = CI_LZS; ++ opt_buf[1] = CILEN_LZS; ++ opt_buf[2] = go->lzs_hists >> 8; ++ opt_buf[3] = go->lzs_hists & 0xff; ++ opt_buf[4] = LZS_MODE_SEQ; ++ if (ccp_test(f->unit, opt_buf, CILEN_LZS, 0) <= 0) ++ go->lzs = 0; + } +-#endif + if (go->bsd_compress) { + opt_buf[0] = CI_BSD_COMPRESS; + opt_buf[1] = CILEN_BSD_COMPRESS; +@@ -684,7 +771,8 @@ + + (go->deflate? CILEN_DEFLATE: 0) + + (go->predictor_1? CILEN_PREDICTOR_1: 0) + + (go->predictor_2? CILEN_PREDICTOR_2: 0) +- + (go->mppe? CILEN_MPPE: 0); ++ + (go->lzs? CILEN_LZS: 0) ++ + ((go->mppe || go->mppc)? CILEN_MPPE: 0); + } + + /* +@@ -698,6 +786,8 @@ + { + int res; + ccp_options *go = &ccp_gotoptions[f->unit]; ++ ccp_options *ao = &ccp_allowoptions[f->unit]; ++ ccp_options *wo = &ccp_wantoptions[f->unit]; + u_char *p0 = p; + + /* +@@ -706,22 +796,43 @@ + * in case it gets Acked. + */ + #ifdef MPPE +- if (go->mppe) { ++ if (go->mppe || go->mppc || (!wo->mppe && ao->mppe)) { + u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; + +- p[0] = opt_buf[0] = CI_MPPE; +- p[1] = opt_buf[1] = CILEN_MPPE; +- MPPE_OPTS_TO_CI(go->mppe, &p[2]); +- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); ++ p[0] = CI_MPPE; ++ p[1] = CILEN_MPPE; ++ p[2] = (go->mppe_stateless ? MPPE_STATELESS : 0); ++ p[3] = 0; ++ p[4] = 0; ++ p[5] = (go->mppe_40 ? MPPE_40BIT : 0) | (go->mppe_56 ? MPPE_56BIT : 0) | ++ (go->mppe_128 ? MPPE_128BIT : 0) | (go->mppc ? MPPE_MPPC : 0); ++ ++ BCOPY(p, opt_buf, CILEN_MPPE); + BCOPY(mppe_recv_key, &opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN); + res = ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0); +- if (res > 0) ++ if (res > 0) { + p += CILEN_MPPE; +- else ++ } else { + /* This shouldn't happen, we've already tested it! */ +- lcp_close(f->unit, "MPPE required but not available in kernel"); ++ go->mppe = go->mppe_40 = go->mppe_56 = go->mppe_128 = ++ go->mppe_stateless = go->mppc = 0; ++ if (ccp_wantoptions[f->unit].mppe) ++ lcp_close(f->unit, "MPPE required but not available in kernel"); ++ } ++ } ++#endif /* MPPE */ ++ if (go->lzs) { ++ p[0] = CI_LZS; ++ p[1] = CILEN_LZS; ++ p[2] = go->lzs_hists >> 8; ++ p[3] = go->lzs_hists & 0xff; ++ p[4] = LZS_MODE_SEQ; ++ res = ccp_test(f->unit, p, CILEN_LZS, 0); ++ if (res > 0) { ++ p += CILEN_LZS; ++ } else ++ go->lzs = 0; + } +-#endif + if (go->deflate) { + p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT; + p[1] = CILEN_DEFLATE; +@@ -807,7 +918,7 @@ + + /* + * ccp_ackci - process a received configure-ack, and return +- * 1 iff the packet was OK. ++ * 1 if the packet was OK. + */ + static int + ccp_ackci(f, p, len) +@@ -816,24 +927,44 @@ + int len; + { + ccp_options *go = &ccp_gotoptions[f->unit]; ++ ccp_options *ao = &ccp_allowoptions[f->unit]; ++ ccp_options *wo = &ccp_wantoptions[f->unit]; + u_char *p0 = p; + + #ifdef MPPE +- if (go->mppe) { +- u_char opt_buf[CILEN_MPPE]; +- +- opt_buf[0] = CI_MPPE; +- opt_buf[1] = CILEN_MPPE; +- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); +- if (len < CILEN_MPPE || memcmp(opt_buf, p, CILEN_MPPE)) ++ if (go->mppe || go->mppc || (!wo->mppe && ao->mppe)) { ++ if (len < CILEN_MPPE ++ || p[1] != CILEN_MPPE || p[0] != CI_MPPE ++ || p[2] != (go->mppe_stateless ? MPPE_STATELESS : 0) ++ || p[3] != 0 ++ || p[4] != 0 ++ || (p[5] != ((go->mppe_40 ? MPPE_40BIT : 0) | ++ (go->mppc ? MPPE_MPPC : 0)) ++ && p[5] != ((go->mppe_56 ? MPPE_56BIT : 0) | ++ (go->mppc ? MPPE_MPPC : 0)) ++ && p[5] != ((go->mppe_128 ? MPPE_128BIT : 0) | ++ (go->mppc ? MPPE_MPPC : 0)))) + return 0; ++ if (go->mppe_40 || go->mppe_56 || go->mppe_128) ++ go->mppe = 1; + p += CILEN_MPPE; + len -= CILEN_MPPE; ++ /* Cope with first/fast ack */ ++ if (p == p0 && len == 0) ++ return 1; ++ } ++#endif /* MPPE */ ++ if (go->lzs) { ++ if (len < CILEN_LZS || p[0] != CI_LZS || p[1] != CILEN_LZS ++ || p[2] != go->lzs_hists>>8 || p[3] != (go->lzs_hists&0xff) ++ || p[4] != LZS_MODE_SEQ) ++ return 0; ++ p += CILEN_LZS; ++ len -= CILEN_LZS; + /* XXX Cope with first/fast ack */ +- if (len == 0) ++ if (p == p0 && len == 0) + return 1; + } +-#endif + if (go->deflate) { + if (len < CILEN_DEFLATE + || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) +@@ -896,7 +1027,7 @@ + + /* + * ccp_nakci - process received configure-nak. +- * Returns 1 iff the nak was OK. ++ * Returns 1 if the nak was OK. + */ + static int + ccp_nakci(f, p, len) +@@ -905,6 +1036,8 @@ + int len; + { + ccp_options *go = &ccp_gotoptions[f->unit]; ++ ccp_options *ao = &ccp_allowoptions[f->unit]; ++ ccp_options *wo = &ccp_wantoptions[f->unit]; + ccp_options no; /* options we've seen already */ + ccp_options try; /* options to ask for next time */ + +@@ -912,28 +1045,100 @@ + try = *go; + + #ifdef MPPE +- if (go->mppe && len >= CILEN_MPPE +- && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { +- no.mppe = 1; +- /* +- * Peer wants us to use a different strength or other setting. +- * Fail if we aren't willing to use his suggestion. +- */ +- MPPE_CI_TO_OPTS(&p[2], try.mppe); +- if ((try.mppe & MPPE_OPT_STATEFUL) && refuse_mppe_stateful) { +- error("Refusing MPPE stateful mode offered by peer"); +- try.mppe = 0; +- } else if (((go->mppe | MPPE_OPT_STATEFUL) & try.mppe) != try.mppe) { +- /* Peer must have set options we didn't request (suggest) */ +- try.mppe = 0; +- } ++ if ((go->mppe || go->mppc || (!wo->mppe && ao->mppe)) && ++ len >= CILEN_MPPE && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { + +- if (!try.mppe) { +- error("MPPE required but peer negotiation failed"); +- lcp_close(f->unit, "MPPE required but peer negotiation failed"); ++ if (go->mppc) { ++ no.mppc = 1; ++ if (!(p[5] & MPPE_MPPC)) ++ try.mppc = 0; ++ } ++ ++ if (go->mppe) ++ no.mppe = 1; ++ if (go->mppe_40) ++ no.mppe_40 = 1; ++ if (go->mppe_56) ++ no.mppe_56 = 1; ++ if (go->mppe_128) ++ no.mppe_128 = 1; ++ if (go->mppe_stateless) ++ no.mppe_stateless = 1; ++ ++ if (ao->mppe_40) { ++ if ((p[5] & MPPE_40BIT)) ++ try.mppe_40 = 1; ++ else ++ try.mppe_40 = (p[5] == 0) ? 1 : 0; ++ } ++ if (ao->mppe_56) { ++ if ((p[5] & MPPE_56BIT)) ++ try.mppe_56 = 1; ++ else ++ try.mppe_56 = (p[5] == 0) ? 1 : 0; ++ } ++ if (ao->mppe_128) { ++ if ((p[5] & MPPE_128BIT)) ++ try.mppe_128 = 1; ++ else ++ try.mppe_128 = (p[5] == 0) ? 1 : 0; ++ } ++ ++ if (ao->mppe_stateless) { ++ if ((p[2] & MPPE_STATELESS) || wo->mppe_stateless) ++ try.mppe_stateless = 1; ++ else ++ try.mppe_stateless = 0; ++ } ++ ++ if (!try.mppe_56 && !try.mppe_40 && !try.mppe_128) { ++ try.mppe = try.mppe_stateless = 0; ++ if (wo->mppe) { ++ /* we require encryption, but peer doesn't support it ++ so we close connection */ ++ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = ++ wo->mppe_56 = wo->mppe_128 = 0; ++ lcp_close(f->unit, "MPPE required but cannot negotiate MPPE " ++ "key length"); ++ } ++ } ++ if (wo->mppe && (wo->mppe_40 != try.mppe_40) && ++ (wo->mppe_56 != try.mppe_56) && (wo->mppe_128 != try.mppe_128)) { ++ /* cannot negotiate key length */ ++ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = ++ wo->mppe_56 = wo->mppe_128 = 0; ++ lcp_close(f->unit, "Cannot negotiate MPPE key length"); + } ++ if (try.mppe_40 && try.mppe_56 && try.mppe_128) ++ try.mppe_40 = try.mppe_56 = 0; ++ else ++ if (try.mppe_56 && try.mppe_128) ++ try.mppe_56 = 0; ++ else ++ if (try.mppe_40 && try.mppe_128) ++ try.mppe_40 = 0; ++ else ++ if (try.mppe_40 && try.mppe_56) ++ try.mppe_40 = 0; ++ ++ p += CILEN_MPPE; ++ len -= CILEN_MPPE; + } + #endif /* MPPE */ ++ ++ if (go->lzs && len >= CILEN_LZS && p[0] == CI_LZS && p[1] == CILEN_LZS) { ++ no.lzs = 1; ++ if (((p[2]<<8)|p[3]) > 1 || (p[4] != LZS_MODE_SEQ && ++ p[4] != LZS_MODE_EXT)) ++ try.lzs = 0; ++ else { ++ try.lzs_mode = p[4]; ++ try.lzs_hists = (p[2] << 8) | p[3]; ++ } ++ p += CILEN_LZS; ++ len -= CILEN_LZS; ++ } ++ + if (go->deflate && len >= CILEN_DEFLATE + && p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) + && p[1] == CILEN_DEFLATE) { +@@ -1006,14 +1211,50 @@ + return -1; + + #ifdef MPPE +- if (go->mppe && len >= CILEN_MPPE ++ if ((go->mppe || go->mppc) && len >= CILEN_MPPE + && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { +- error("MPPE required but peer refused"); +- lcp_close(f->unit, "MPPE required but peer refused"); ++ ccp_options *wo = &ccp_wantoptions[f->unit]; ++ if (p[2] != (go->mppe_stateless ? MPPE_STATELESS : 0) || ++ p[3] != 0 || ++ p[4] != 0 || ++ p[5] != ((go->mppe_40 ? MPPE_40BIT : 0) | ++ (go->mppe_56 ? MPPE_56BIT : 0) | ++ (go->mppe_128 ? MPPE_128BIT : 0) | ++ (go->mppc ? MPPE_MPPC : 0))) ++ return 0; ++ if (go->mppc) ++ try.mppc = 0; ++ if (go->mppe) { ++ try.mppe = 0; ++ if (go->mppe_40) ++ try.mppe_40 = 0; ++ if (go->mppe_56) ++ try.mppe_56 = 0; ++ if (go->mppe_128) ++ try.mppe_128 = 0; ++ if (go->mppe_stateless) ++ try.mppe_stateless = 0; ++ if (!try.mppe_56 && !try.mppe_40 && !try.mppe_128) ++ try.mppe = try.mppe_stateless = 0; ++ if (wo->mppe) { /* we want MPPE but cannot negotiate key length */ ++ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = ++ wo->mppe_56 = wo->mppe_128 = 0; ++ lcp_close(f->unit, "MPPE required but cannot negotiate MPPE " ++ "key length"); ++ } ++ } + p += CILEN_MPPE; + len -= CILEN_MPPE; + } +-#endif ++#endif /* MPPE */ ++ if (go->lzs && len >= CILEN_LZS && p[0] == CI_LZS && p[1] == CILEN_LZS) { ++ if (p[2] != go->lzs_hists>>8 || p[3] != (go->lzs_hists&0xff) ++ || p[4] != go->lzs_mode) ++ return 0; ++ try.lzs = 0; ++ p += CILEN_LZS; ++ len -= CILEN_LZS; ++ } + if (go->deflate_correct && len >= CILEN_DEFLATE + && p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) { + if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size) +@@ -1077,14 +1318,15 @@ + int dont_nak; + { + int ret, newret, res; +- u_char *p0, *retp; ++ u_char *p0, *retp, p2, p5; + int len, clen, type, nb; + ccp_options *ho = &ccp_hisoptions[f->unit]; + ccp_options *ao = &ccp_allowoptions[f->unit]; ++ ccp_options *wo = &ccp_wantoptions[f->unit]; + #ifdef MPPE +- bool rej_for_ci_mppe = 1; /* Are we rejecting based on a bad/missing */ +- /* CI_MPPE, or due to other options? */ +-#endif ++ u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; ++/* int mtu; */ ++#endif /* MPPE */ + + ret = CONFACK; + retp = p0 = p; +@@ -1107,103 +1349,305 @@ + switch (type) { + #ifdef MPPE + case CI_MPPE: +- if (!ao->mppe || clen != CILEN_MPPE) { ++ if ((!ao->mppc && !ao->mppe) || clen != CILEN_MPPE) { + newret = CONFREJ; + break; + } +- MPPE_CI_TO_OPTS(&p[2], ho->mppe); + +- /* Nak if anything unsupported or unknown are set. */ +- if (ho->mppe & MPPE_OPT_UNSUPPORTED) { +- newret = CONFNAK; +- ho->mppe &= ~MPPE_OPT_UNSUPPORTED; +- } +- if (ho->mppe & MPPE_OPT_UNKNOWN) { ++ p2 = p[2]; ++ p5 = p[5]; ++ /* not sure what they want, tell 'em what we got */ ++ if (((p[2] & ~MPPE_STATELESS) != 0 || p[3] != 0 || p[4] != 0 || ++ (p[5] & ~(MPPE_40BIT | MPPE_56BIT | MPPE_128BIT | ++ MPPE_MPPC)) != 0 || p[5] == 0) || ++ (p[2] == 0 && p[3] == 0 && p[4] == 0 && p[5] == 0)) { + newret = CONFNAK; +- ho->mppe &= ~MPPE_OPT_UNKNOWN; ++ p[2] = (wo->mppe_stateless ? MPPE_STATELESS : 0); ++ p[3] = 0; ++ p[4] = 0; ++ p[5] = (wo->mppe_40 ? MPPE_40BIT : 0) | ++ (wo->mppe_56 ? MPPE_56BIT : 0) | ++ (wo->mppe_128 ? MPPE_128BIT : 0) | ++ (wo->mppc ? MPPE_MPPC : 0); ++ break; + } + +- /* Check state opt */ +- if (ho->mppe & MPPE_OPT_STATEFUL) { +- /* +- * We can Nak and request stateless, but it's a +- * lot easier to just assume the peer will request +- * it if he can do it; stateful mode is bad over +- * the Internet -- which is where we expect MPPE. +- */ +- if (refuse_mppe_stateful) { +- error("Refusing MPPE stateful mode offered by peer"); ++ if ((p[5] & MPPE_MPPC)) { ++ if (ao->mppc) { ++ ho->mppc = 1; ++ BCOPY(p, opt_buf, CILEN_MPPE); ++ opt_buf[2] = opt_buf[3] = opt_buf[4] = 0; ++ opt_buf[5] = MPPE_MPPC; ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE, 1) <= 0) { ++ ho->mppc = 0; ++ p[5] &= ~MPPE_MPPC; ++ newret = CONFNAK; ++ } ++ } else { + newret = CONFREJ; +- break; ++ if (wo->mppe || ao->mppe) { ++ p[5] &= ~MPPE_MPPC; ++ newret = CONFNAK; ++ } ++ } ++ } ++ ++ if (ao->mppe) ++ ho->mppe = 1; ++ ++ if ((p[2] & MPPE_STATELESS)) { ++ if (ao->mppe_stateless) { ++ if (wo->mppe_stateless) ++ ho->mppe_stateless = 1; ++ else { ++ newret = CONFNAK; ++ if (!dont_nak) ++ p[2] &= ~MPPE_STATELESS; ++ } ++ } else { ++ newret = CONFNAK; ++ if (!dont_nak) ++ p[2] &= ~MPPE_STATELESS; ++ } ++ } else { ++ if (wo->mppe_stateless && !dont_nak) { ++ wo->mppe_stateless = 0; ++ newret = CONFNAK; ++ p[2] |= MPPE_STATELESS; + } + } + +- /* Find out which of {S,L} are set. */ +- if ((ho->mppe & MPPE_OPT_128) +- && (ho->mppe & MPPE_OPT_40)) { +- /* Both are set, negotiate the strongest. */ ++ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_56BIT|MPPE_128BIT)) { + newret = CONFNAK; +- if (ao->mppe & MPPE_OPT_128) +- ho->mppe &= ~MPPE_OPT_40; +- else if (ao->mppe & MPPE_OPT_40) +- ho->mppe &= ~MPPE_OPT_128; +- else { +- newret = CONFREJ; +- break; ++ if (ao->mppe_128) { ++ ho->mppe_128 = 1; ++ p[5] &= ~(MPPE_40BIT|MPPE_56BIT); ++ BCOPY(p, opt_buf, CILEN_MPPE); ++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], ++ MPPE_MAX_KEY_LEN); ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + ++ MPPE_MAX_KEY_LEN, 1) <= 0) { ++ ho->mppe_128 = 0; ++ p[5] |= (MPPE_40BIT|MPPE_56BIT); ++ p[5] &= ~MPPE_128BIT; ++ goto check_mppe_56_40; ++ } ++ goto check_mppe; + } +- } else if (ho->mppe & MPPE_OPT_128) { +- if (!(ao->mppe & MPPE_OPT_128)) { +- newret = CONFREJ; +- break; ++ p[5] &= ~MPPE_128BIT; ++ goto check_mppe_56_40; ++ } ++ if ((p[5] & ~MPPE_MPPC) == (MPPE_56BIT|MPPE_128BIT)) { ++ newret = CONFNAK; ++ if (ao->mppe_128) { ++ ho->mppe_128 = 1; ++ p[5] &= ~MPPE_56BIT; ++ BCOPY(p, opt_buf, CILEN_MPPE); ++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], ++ MPPE_MAX_KEY_LEN); ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + ++ MPPE_MAX_KEY_LEN, 1) <= 0) { ++ ho->mppe_128 = 0; ++ p[5] |= MPPE_56BIT; ++ p[5] &= ~MPPE_128BIT; ++ goto check_mppe_56; ++ } ++ goto check_mppe; + } +- } else if (ho->mppe & MPPE_OPT_40) { +- if (!(ao->mppe & MPPE_OPT_40)) { +- newret = CONFREJ; +- break; ++ p[5] &= ~MPPE_128BIT; ++ goto check_mppe_56; ++ } ++ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_128BIT)) { ++ newret = CONFNAK; ++ if (ao->mppe_128) { ++ ho->mppe_128 = 1; ++ p[5] &= ~MPPE_40BIT; ++ BCOPY(p, opt_buf, CILEN_MPPE); ++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], ++ MPPE_MAX_KEY_LEN); ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + ++ MPPE_MAX_KEY_LEN, 1) <= 0) { ++ ho->mppe_128 = 0; ++ p[5] |= MPPE_40BIT; ++ p[5] &= ~MPPE_128BIT; ++ goto check_mppe_40; ++ } ++ goto check_mppe; ++ } ++ p[5] &= ~MPPE_128BIT; ++ goto check_mppe_40; ++ } ++ if ((p[5] & ~MPPE_MPPC) == MPPE_128BIT) { ++ if (ao->mppe_128) { ++ ho->mppe_128 = 1; ++ BCOPY(p, opt_buf, CILEN_MPPE); ++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], ++ MPPE_MAX_KEY_LEN); ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + ++ MPPE_MAX_KEY_LEN, 1) <= 0) { ++ ho->mppe_128 = 0; ++ p[5] &= ~MPPE_128BIT; ++ newret = CONFNAK; ++ } ++ goto check_mppe; ++ } ++ p[5] &= ~MPPE_128BIT; ++ newret = CONFNAK; ++ goto check_mppe; ++ } ++ check_mppe_56_40: ++ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_56BIT)) { ++ newret = CONFNAK; ++ if (ao->mppe_56) { ++ ho->mppe_56 = 1; ++ p[5] &= ~MPPE_40BIT; ++ BCOPY(p, opt_buf, CILEN_MPPE); ++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], ++ MPPE_MAX_KEY_LEN); ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + ++ MPPE_MAX_KEY_LEN, 1) <= 0) { ++ ho->mppe_56 = 0; ++ p[5] |= MPPE_40BIT; ++ p[5] &= ~MPPE_56BIT; ++ newret = CONFNAK; ++ goto check_mppe_40; ++ } ++ goto check_mppe; ++ } ++ p[5] &= ~MPPE_56BIT; ++ goto check_mppe_40; ++ } ++ check_mppe_56: ++ if ((p[5] & ~MPPE_MPPC) == MPPE_56BIT) { ++ if (ao->mppe_56) { ++ ho->mppe_56 = 1; ++ BCOPY(p, opt_buf, CILEN_MPPE); ++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], ++ MPPE_MAX_KEY_LEN); ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + ++ MPPE_MAX_KEY_LEN, 1) <= 0) { ++ ho->mppe_56 = 0; ++ p[5] &= ~MPPE_56BIT; ++ newret = CONFNAK; ++ } ++ goto check_mppe; ++ } ++ p[5] &= ~MPPE_56BIT; ++ newret = CONFNAK; ++ goto check_mppe; ++ } ++ check_mppe_40: ++ if ((p[5] & ~MPPE_MPPC) == MPPE_40BIT) { ++ if (ao->mppe_40) { ++ ho->mppe_40 = 1; ++ BCOPY(p, opt_buf, CILEN_MPPE); ++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], ++ MPPE_MAX_KEY_LEN); ++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + ++ MPPE_MAX_KEY_LEN, 1) <= 0) { ++ ho->mppe_40 = 0; ++ p[5] &= ~MPPE_40BIT; ++ newret = CONFNAK; ++ } ++ goto check_mppe; ++ } ++ p[5] &= ~MPPE_40BIT; ++ } ++ ++ check_mppe: ++ if (!ho->mppe_40 && !ho->mppe_56 && !ho->mppe_128) { ++ if (wo->mppe_40 || wo->mppe_56 || wo->mppe_128) { ++ newret = CONFNAK; ++ p[2] |= (wo->mppe_stateless ? MPPE_STATELESS : 0); ++ p[5] |= (wo->mppe_40 ? MPPE_40BIT : 0) | ++ (wo->mppe_56 ? MPPE_56BIT : 0) | ++ (wo->mppe_128 ? MPPE_128BIT : 0) | ++ (wo->mppc ? MPPE_MPPC : 0); ++ } else { ++ ho->mppe = ho->mppe_stateless = 0; + } + } else { +- /* Neither are set. */ ++ /* MPPE is not compatible with other compression types */ ++ if (wo->mppe) { ++ ao->bsd_compress = 0; ++ ao->predictor_1 = 0; ++ ao->predictor_2 = 0; ++ ao->deflate = 0; ++ ao->lzs = 0; ++ } ++ } ++ if ((!ho->mppc || !ao->mppc) && !ho->mppe) { ++ p[2] = p2; ++ p[5] = p5; + newret = CONFREJ; + break; + } + +- /* rebuild the opts */ +- MPPE_OPTS_TO_CI(ho->mppe, &p[2]); +- if (newret == CONFACK) { +- u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; +- int mtu; +- +- BCOPY(p, opt_buf, CILEN_MPPE); +- BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], +- MPPE_MAX_KEY_LEN); +- if (ccp_test(f->unit, opt_buf, +- CILEN_MPPE + MPPE_MAX_KEY_LEN, 1) <= 0) { +- /* This shouldn't happen, we've already tested it! */ +- error("MPPE required, but kernel has no support."); +- lcp_close(f->unit, "MPPE required but not available"); +- newret = CONFREJ; +- break; +- } +- /* +- * We need to decrease the interface MTU by MPPE_PAD +- * because MPPE frames **grow**. The kernel [must] +- * allocate MPPE_PAD extra bytes in xmit buffers. +- */ +- mtu = netif_get_mtu(f->unit); +- if (mtu) +- netif_set_mtu(f->unit, mtu - MPPE_PAD); +- else +- newret = CONFREJ; +- } ++ /* ++ * I have commented the code below because according to RFC1547 ++ * MTU is only information for higher level protocols about ++ * "the maximum allowable length for a packet (q.v.) transmitted ++ * over a point-to-point link without incurring network layer ++ * fragmentation." Of course a PPP implementation should be able ++ * to handle overhead added by MPPE - in our case apropriate code ++ * is located in drivers/net/ppp_generic.c in the kernel sources. ++ * ++ * According to RFC1661: ++ * - when negotiated MRU is less than 1500 octets, a PPP ++ * implementation must still be able to receive at least 1500 ++ * octets, ++ * - when PFC is negotiated, a PPP implementation is still ++ * required to receive frames with uncompressed protocol field. ++ * ++ * So why not to handle MPPE overhead without changing MTU value? ++ * I am sure that RFC3078, unfortunately silently, assumes that. ++ */ + + /* +- * We have accepted MPPE or are willing to negotiate +- * MPPE parameters. A CONFREJ is due to subsequent +- * (non-MPPE) processing. ++ * We need to decrease the interface MTU by MPPE_PAD ++ * because MPPE frames **grow**. The kernel [must] ++ * allocate MPPE_PAD extra bytes in xmit buffers. + */ +- rej_for_ci_mppe = 0; ++/* ++ mtu = netif_get_mtu(f->unit); ++ if (mtu) { ++ netif_set_mtu(f->unit, mtu - MPPE_PAD); ++ } else { ++ newret = CONFREJ; ++ if (ccp_wantoptions[f->unit].mppe) { ++ error("Cannot adjust MTU needed by MPPE."); ++ lcp_close(f->unit, "Cannot adjust MTU needed by MPPE."); ++ } ++ } ++*/ + break; + #endif /* MPPE */ ++ ++ case CI_LZS: ++ if (!ao->lzs || clen != CILEN_LZS) { ++ newret = CONFREJ; ++ break; ++ } ++ ++ ho->lzs = 1; ++ ho->lzs_hists = (p[2] << 8) | p[3]; ++ ho->lzs_mode = p[4]; ++ if ((ho->lzs_hists != ao->lzs_hists) || ++ (ho->lzs_mode != ao->lzs_mode)) { ++ newret = CONFNAK; ++ if (!dont_nak) { ++ p[2] = ao->lzs_hists >> 8; ++ p[3] = ao->lzs_hists & 0xff; ++ p[4] = ao->lzs_mode; ++ } else ++ break; ++ } ++ ++ if (p == p0 && ccp_test(f->unit, p, CILEN_LZS, 1) <= 0) { ++ newret = CONFREJ; ++ } ++ break; ++ + case CI_DEFLATE: + case CI_DEFLATE_DRAFT: + if (!ao->deflate || clen != CILEN_DEFLATE +@@ -1345,12 +1789,6 @@ + else + *lenp = retp - p0; + } +-#ifdef MPPE +- if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) { +- error("MPPE required but peer negotiation failed"); +- lcp_close(f->unit, "MPPE required but peer negotiation failed"); +- } +-#endif + return ret; + } + +@@ -1372,24 +1810,35 @@ + char *p = result; + char *q = result + sizeof(result); /* 1 past result */ + +- slprintf(p, q - p, "MPPE "); +- p += 5; +- if (opt->mppe & MPPE_OPT_128) { +- slprintf(p, q - p, "128-bit "); +- p += 8; +- } +- if (opt->mppe & MPPE_OPT_40) { +- slprintf(p, q - p, "40-bit "); +- p += 7; +- } +- if (opt->mppe & MPPE_OPT_STATEFUL) +- slprintf(p, q - p, "stateful"); +- else +- slprintf(p, q - p, "stateless"); +- ++ if (opt->mppe) { ++ if (opt->mppc) { ++ slprintf(p, q - p, "MPPC/MPPE "); ++ p += 10; ++ } else { ++ slprintf(p, q - p, "MPPE "); ++ p += 5; ++ } ++ if (opt->mppe_128) { ++ slprintf(p, q - p, "128-bit "); ++ p += 8; ++ } else if (opt->mppe_56) { ++ slprintf(p, q - p, "56-bit "); ++ p += 7; ++ } else if (opt->mppe_40) { ++ slprintf(p, q - p, "40-bit "); ++ p += 7; ++ } ++ if (opt->mppe_stateless) ++ slprintf(p, q - p, "stateless"); ++ else ++ slprintf(p, q - p, "stateful"); ++ } else if (opt->mppc) ++ slprintf(p, q - p, "MPPC"); + break; + } +-#endif ++#endif /* MPPE */ ++ case CI_LZS: ++ return "Stac LZS"; + case CI_DEFLATE: + case CI_DEFLATE_DRAFT: + if (opt2 != NULL && opt2->deflate_size != opt->deflate_size) +@@ -1445,12 +1894,12 @@ + } else if (ANY_COMPRESS(*ho)) + notice("%s transmit compression enabled", method_name(ho, NULL)); + #ifdef MPPE +- if (go->mppe) { ++ if (go->mppe || go->mppc) { + BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN); + BZERO(mppe_send_key, MPPE_MAX_KEY_LEN); + continue_networks(f->unit); /* Bring up IP et al */ + } +-#endif ++#endif /* MPPE */ + } + + /* +@@ -1473,7 +1922,7 @@ + lcp_close(f->unit, "MPPE disabled"); + } + } +-#endif ++#endif /* MPPE */ + } + + /* +@@ -1533,24 +1982,28 @@ + #ifdef MPPE + case CI_MPPE: + if (optlen >= CILEN_MPPE) { +- u_char mppe_opts; +- +- MPPE_CI_TO_OPTS(&p[2], mppe_opts); +- printer(arg, "mppe %s %s %s %s %s %s%s", +- (p[2] & MPPE_H_BIT)? "+H": "-H", +- (p[5] & MPPE_M_BIT)? "+M": "-M", +- (p[5] & MPPE_S_BIT)? "+S": "-S", +- (p[5] & MPPE_L_BIT)? "+L": "-L", ++ printer(arg, "mppe %s %s %s %s %s %s", ++ (p[2] & MPPE_STATELESS)? "+H": "-H", ++ (p[5] & MPPE_56BIT)? "+M": "-M", ++ (p[5] & MPPE_128BIT)? "+S": "-S", ++ (p[5] & MPPE_40BIT)? "+L": "-L", + (p[5] & MPPE_D_BIT)? "+D": "-D", +- (p[5] & MPPE_C_BIT)? "+C": "-C", +- (mppe_opts & MPPE_OPT_UNKNOWN)? " +U": ""); +- if (mppe_opts & MPPE_OPT_UNKNOWN) ++ (p[5] & MPPE_MPPC)? "+C": "-C"); ++ if ((p[5] & ~(MPPE_56BIT | MPPE_128BIT | MPPE_40BIT | ++ MPPE_D_BIT | MPPE_MPPC)) || ++ (p[2] & ~MPPE_STATELESS)) + printer(arg, " (%.2x %.2x %.2x %.2x)", + p[2], p[3], p[4], p[5]); + p += CILEN_MPPE; + } + break; +-#endif ++#endif /* MPPE */ ++ case CI_LZS: ++ if (optlen >= CILEN_LZS) { ++ printer(arg, "lzs %.2x %.2x %.2x", p[2], p[3], p[4]); ++ p += CILEN_LZS; ++ } ++ break; + case CI_DEFLATE: + case CI_DEFLATE_DRAFT: + if (optlen >= CILEN_DEFLATE) { +@@ -1636,6 +2089,7 @@ + error("Lost compression sync: disabling compression"); + ccp_close(unit, "Lost compression sync"); + #ifdef MPPE ++ /* My module dosn't need this. J.D., 2003-07-06 */ + /* + * If we were doing MPPE, we must also take the link down. + */ +@@ -1643,9 +2097,18 @@ + error("Too many MPPE errors, closing LCP"); + lcp_close(unit, "Too many MPPE errors"); + } +-#endif ++#endif /* MPPE */ + } else { + /* ++ * When LZS or MPPE/MPPC is negotiated we just send CCP_RESETREQ ++ * and don't wait for CCP_RESETACK ++ */ ++ if ((ccp_gotoptions[f->unit].method == CI_LZS) || ++ (ccp_gotoptions[f->unit].method == CI_MPPE)) { ++ fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0); ++ return; ++ } ++ /* + * Send a reset-request to reset the peer's compressor. + * We don't do that if we are still waiting for an + * acknowledgement to a previous reset-request. +@@ -1676,4 +2139,3 @@ + } else + ccp_localstate[f->unit] &= ~RACK_PENDING; + } +- +diff -ruN ppp-2.4.2.orig/pppd/ccp.h ppp-2.4.2-stdopt/pppd/ccp.h +--- ppp-2.4.2.orig/pppd/ccp.h 2002-12-05 00:03:32.000000000 +0100 ++++ ppp-2.4.2-stdopt/pppd/ccp.h 2004-01-21 06:51:09.000000000 +0100 +@@ -42,9 +42,17 @@ + bool predictor_2; /* do Predictor-2? */ + bool deflate_correct; /* use correct code for deflate? */ + bool deflate_draft; /* use draft RFC code for deflate? */ ++ bool lzs; /* do Stac LZS? */ ++ bool mppc; /* do MPPC? */ + bool mppe; /* do MPPE? */ ++ bool mppe_40; /* allow 40 bit encryption? */ ++ bool mppe_56; /* allow 56 bit encryption? */ ++ bool mppe_128; /* allow 128 bit encryption? */ ++ bool mppe_stateless; /* allow stateless encryption */ + u_short bsd_bits; /* # bits/code for BSD Compress */ + u_short deflate_size; /* lg(window size) for Deflate */ ++ u_short lzs_mode; /* LZS check mode */ ++ u_short lzs_hists; /* number of LZS histories */ + short method; /* code for chosen compression method */ + } ccp_options; + +diff -ruN ppp-2.4.2.orig/pppd/chap_ms.c ppp-2.4.2-stdopt/pppd/chap_ms.c +--- ppp-2.4.2.orig/pppd/chap_ms.c 2003-11-18 11:42:56.000000000 +0100 ++++ ppp-2.4.2-stdopt/pppd/chap_ms.c 2004-01-21 06:51:09.000000000 +0100 +@@ -858,13 +858,17 @@ + /* + * Disable undesirable encryption types. Note that we don't ENABLE + * any encryption types, to avoid overriding manual configuration. ++ * ++ * It seems that 56 bit keys are unsupported in MS-RADIUS (see RFC 2548) + */ + switch(types) { + case MPPE_ENC_TYPES_RC4_40: +- ccp_wantoptions[0].mppe &= ~MPPE_OPT_128; /* disable 128-bit */ ++ ccp_wantoptions[0].mppe_128 = 0; /* disable 128-bit */ ++ ccp_wantoptions[0].mppe_56 = 0; /* disable 56-bit */ + break; + case MPPE_ENC_TYPES_RC4_128: +- ccp_wantoptions[0].mppe &= ~MPPE_OPT_40; /* disable 40-bit */ ++ ccp_wantoptions[0].mppe_56 = 0; /* disable 56-bit */ ++ ccp_wantoptions[0].mppe_40 = 0; /* disable 40-bit */ + break; + default: + break; +diff -ruN ppp-2.4.2.orig/pppd/pppd.8 ppp-2.4.2-stdopt/pppd/pppd.8 +--- ppp-2.4.2.orig/pppd/pppd.8 2004-01-15 06:09:00.000000000 +0100 ++++ ppp-2.4.2-stdopt/pppd/pppd.8 2004-01-21 06:51:09.000000000 +0100 +@@ -614,6 +614,9 @@ + Enables the use of PPP multilink; this is an alias for the `multilink' + option. This option is currently only available under Linux. + .TP ++.B mppc ++Enables MPPC (Microsoft Point to Point Compression). This is the default. ++.TP + .B mppe-stateful + Allow MPPE to use stateful mode. Stateless mode is still attempted first. + The default is to disallow stateful mode. +@@ -749,12 +752,18 @@ + Disables the use of PPP multilink. This option is currently only + available under Linux. + .TP ++.B nomppc ++Diasables MPPC (Microsoft Point to Point Compression). ++.TP + .B nomppe + Disables MPPE (Microsoft Point to Point Encryption). This is the default. + .TP + .B nomppe-40 + Disable 40\-bit encryption with MPPE. + .TP ++.B nomppe-56 ++Disable 56\-bit encryption with MPPE. ++.TP + .B nomppe-128 + Disable 128\-bit encryption with MPPE. + .TP +@@ -951,6 +960,9 @@ + .B require-mppe-40 + Require the use of MPPE, with 40\-bit encryption. + .TP ++.B require-mppe-56 ++Require the use of MPPE, with 56\-bit encryption. ++.TP + .B require-mppe-128 + Require the use of MPPE, with 128\-bit encryption. + .TP +diff -ruN ppp-2.4.2.orig/pppd/sha1.c ppp-2.4.2-stdopt/pppd/sha1.c +--- ppp-2.4.2.orig/pppd/sha1.c 2002-04-02 15:54:59.000000000 +0200 ++++ ppp-2.4.2-stdopt/pppd/sha1.c 2004-08-15 15:00:55.000000000 +0200 +@@ -21,7 +21,7 @@ + #include "sha1.h" + + static void +-SHA1_Transform(unsigned long[5], const unsigned char[64]); ++SHA1_Transform(u_int32_t state[5], const u_int8_t buffer[64]); + + #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) + +@@ -42,17 +42,17 @@ + /* Hash a single 512-bit block. This is the core of the algorithm. */ + + static void +-SHA1_Transform(unsigned long state[5], const unsigned char buffer[64]) ++SHA1_Transform(u_int32_t state[5], const u_int8_t buffer[64]) + { +- unsigned long a, b, c, d, e; ++ u_int32_t a, b, c, d, e; + typedef union { +- unsigned char c[64]; +- unsigned long l[16]; ++ u_int8_t c[64]; ++ u_int32_t l[16]; + } CHAR64LONG16; + CHAR64LONG16 *block; + + #ifdef SHA1HANDSOFF +- static unsigned char workspace[64]; ++ static u_int8_t workspace[64]; + block = (CHAR64LONG16 *) workspace; + memcpy(block, buffer, 64); + #else +@@ -114,9 +114,9 @@ + /* Run your data through this. */ + + void +-SHA1_Update(SHA1_CTX *context, const unsigned char *data, unsigned int len) ++SHA1_Update(SHA1_CTX *context, const u_int8_t *data, u_int32_t len) + { +- unsigned int i, j; ++ u_int32_t i, j; + + j = (context->count[0] >> 3) & 63; + if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++; +@@ -139,22 +139,24 @@ + /* Add padding and return the message digest. */ + + void +-SHA1_Final(unsigned char digest[20], SHA1_CTX *context) ++SHA1_Final(u_int8_t digest[SHA1_SIGNATURE_SIZE], SHA1_CTX *context) + { +- unsigned long i, j; +- unsigned char finalcount[8]; ++ u_int32_t i, j; ++ u_int8_t finalcount[8]; + + for (i = 0; i < 8; i++) { +- finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] ++ finalcount[i] = (u_int8_t) ((context->count[(i >= 4 ? 0 : 1)] + >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ + } +- SHA1_Update(context, (unsigned char *) "\200", 1); ++ SHA1_Update(context, (u_int8_t *) "\200", 1); + while ((context->count[0] & 504) != 448) { +- SHA1_Update(context, (unsigned char *) "\0", 1); ++ SHA1_Update(context, (u_int8_t *) "\0", 1); + } ++ + SHA1_Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ ++ + for (i = 0; i < 20; i++) { +- digest[i] = (unsigned char) ++ digest[i] = (u_int8_t) + ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); + } + /* Wipe variables */ +@@ -167,4 +169,3 @@ + SHA1Transform(context->state, context->buffer); + #endif + } +- +diff -ruN ppp-2.4.2.orig/pppd/sha1.h ppp-2.4.2-stdopt/pppd/sha1.h +--- ppp-2.4.2.orig/pppd/sha1.h 2002-11-09 12:24:42.000000000 +0100 ++++ ppp-2.4.2-stdopt/pppd/sha1.h 2004-08-15 15:00:55.000000000 +0200 +@@ -8,6 +8,8 @@ + + #ifndef __SHA1_INCLUDE_ + ++#include <sys/types.h> ++ + #ifndef SHA1_SIGNATURE_SIZE + #ifdef SHA_DIGESTSIZE + #define SHA1_SIGNATURE_SIZE SHA_DIGESTSIZE +@@ -17,14 +19,14 @@ + #endif + + typedef struct { +- unsigned long state[5]; +- unsigned long count[2]; +- unsigned char buffer[64]; ++ u_int32_t state[5]; ++ u_int32_t count[2]; ++ u_int8_t buffer[64]; + } SHA1_CTX; + + extern void SHA1_Init(SHA1_CTX *); +-extern void SHA1_Update(SHA1_CTX *, const unsigned char *, unsigned int); +-extern void SHA1_Final(unsigned char[SHA1_SIGNATURE_SIZE], SHA1_CTX *); ++extern void SHA1_Update(SHA1_CTX *, const u_int8_t *, u_int32_t); ++extern void SHA1_Final(u_int8_t[SHA1_SIGNATURE_SIZE], SHA1_CTX *); + + #define __SHA1_INCLUDE_ + #endif /* __SHA1_INCLUDE_ */ diff --git a/obsolete-buildroot/sources/openwrt/patches/pptp-server/poptop-1.1.3-20030409-CCOPTS.patch b/obsolete-buildroot/sources/openwrt/patches/pptp-server/poptop-1.1.3-20030409-CCOPTS.patch new file mode 100644 index 000000000..017d15690 --- /dev/null +++ b/obsolete-buildroot/sources/openwrt/patches/pptp-server/poptop-1.1.3-20030409-CCOPTS.patch @@ -0,0 +1,15 @@ +diff -ruN poptop-old/Makefile.in poptop-new/Makefile.in +--- poptop-old/Makefile.in 2003-02-06 17:39:45.000000000 +0100 ++++ poptop-new/Makefile.in 2004-04-04 15:50:17.000000000 +0200 +@@ -74,8 +74,9 @@ + AUTOMAKE_OPTIONS = no-dependencies foreign + + INCLUDES = -I. +-CFLAGS = -O2 -fno-builtin -Wall -ansi -DSBINDIR='"$(sbindir)"' +-#CFLAGS = -O2 -fno-builtin -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"' ++CCOPTS = -O2 -fno-builtin ++CFLAGS = $(CCOPTS) -Wall -ansi -DSBINDIR='"$(sbindir)"' ++#CFLAGS = $(CCOPTS) -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"' + + man_MANS = pptpctrl.8 pptpd.8 pptpd.conf.5 + diff --git a/obsolete-buildroot/sources/openwrt/tools/sstrip.c b/obsolete-buildroot/sources/openwrt/tools/sstrip.c index 32769fff6..1842f053c 100644 --- a/obsolete-buildroot/sources/openwrt/tools/sstrip.c +++ b/obsolete-buildroot/sources/openwrt/tools/sstrip.c @@ -2,10 +2,55 @@ /* sstrip: Copyright (C) 1999-2001 by Brian Raiter, under the GNU * General Public License. No warranty. See COPYING for details. + * + * Aug 23, 2004 Hacked by Manuel Novoa III <mjn3@codepoet.org> to + * handle targets of different endianness and/or elf class, making + * it more useful in a cross-devel environment. */ -#define __MIPSEL__ 1 -#define _MIPS_SZLONG 32 +/* ============== original README =================== + * + * sstrip is a small utility that removes the contents at the end of an + * ELF file that are not part of the program's memory image. + * + * Most ELF executables are built with both a program header table and a + * section header table. However, only the former is required in order + * for the OS to load, link and execute a program. sstrip attempts to + * extract the ELF header, the program header table, and its contents, + * leaving everything else in the bit bucket. It can only remove parts of + * the file that occur at the end, after the parts to be saved. However, + * this almost always includes the section header table, and occasionally + * a few random sections that are not used when running a program. + * + * It should be noted that the GNU bfd library is (understandably) + * dependent on the section header table as an index to the file's + * contents. Thus, an executable file that has no section header table + * cannot be used with gdb, objdump, or any other program based upon the + * bfd library, at all. In fact, the program will not even recognize the + * file as a valid executable. (This limitation is noted in the source + * code comments for bfd, and is marked "FIXME", so this may change at + * some future date. However, I would imagine that it is a pretty + * low-priority item, as executables without a section header table are + * rare in the extreme.) This probably also explains why strip doesn't + * offer the option to do this. + * + * Shared library files may also have their section header table removed. + * Such a library will still function; however, it will no longer be + * possible for a compiler to link a new program against it. + * + * As an added bonus, sstrip also tries to removes trailing zero bytes + * from the end of the file. (This normally cannot be done with an + * executable that has a section header table.) + * + * sstrip is a very simplistic program. It depends upon the common + * practice of putting the parts of the file that contribute to the + * memory image at the front, and the remaining material at the end. This + * permits it to discard the latter material without affecting file + * offsets and memory addresses in what remains. Of course, the ELF + * standard permits files to be organized in almost any order, so if a + * pathological linker decided to put its section headers at the top, + * sstrip would be useless on such executables. + */ #include <stdio.h> #include <stdlib.h> @@ -14,42 +59,21 @@ #include <unistd.h> #include <fcntl.h> #include <elf.h> -#include <linux/bitops.h> - -typedef signed char s8; -typedef unsigned char u8; - -typedef signed short s16; -typedef unsigned short u16; - -typedef signed int s32; -typedef unsigned int u32; - -typedef signed long long s64; -typedef unsigned long long u64; - -#include <asm/elf.h> +#include <endian.h> +#include <byteswap.h> #ifndef TRUE #define TRUE 1 #define FALSE 0 #endif -#if ELF_CLASS == ELFCLASS32 -#define Elf_Ehdr Elf32_Ehdr -#define Elf_Phdr Elf32_Phdr -#else -#define Elf_Ehdr Elf64_Ehdr -#define Elf_Phdr Elf64_Phdr -#endif - /* The name of the program. */ -static char const *progname; +static char const *progname; /* The name of the current file. */ -static char const *filename; +static char const *filename; /* A simple error-handling function. FALSE is always returned for the @@ -57,226 +81,321 @@ static char const *filename; */ static int err(char const *errmsg) { - fprintf(stderr, "%s: %s: %s\n", progname, filename, errmsg); - return FALSE; + fprintf(stderr, "%s: %s: %s\n", progname, filename, errmsg); + return FALSE; } -/* A macro for I/O errors: The given error message is used only when - * errno is not set. +/* A flag to signal the need for endian reversal. */ -#define ferr(msg) (err(errno ? strerror(errno) : (msg))) +static int do_reverse_endian; -/* readelfheader() reads the ELF header into our global variable, and - * checks to make sure that this is in fact a file that we should be - * munging. +/* Get a value from the elf header, compensating for endianness. */ -static int readelfheader(int fd, Elf_Ehdr *ehdr) -{ - errno = 0; - if (read(fd, ehdr, sizeof *ehdr) != sizeof *ehdr) - return ferr("missing or incomplete ELF header."); - - /* Check the ELF signature. - */ - if (!(ehdr->e_ident[EI_MAG0] == ELFMAG0 && - ehdr->e_ident[EI_MAG1] == ELFMAG1 && - ehdr->e_ident[EI_MAG2] == ELFMAG2 && - ehdr->e_ident[EI_MAG3] == ELFMAG3)) - return err("missing ELF signature."); - - /* Compare the file's class and endianness with the program's. - */ - if (ehdr->e_ident[EI_DATA] != ELF_DATA) - return err("ELF file has different endianness."); - if (ehdr->e_ident[EI_CLASS] != ELF_CLASS) - return err("ELF file has different word size."); - - /* Check the target architecture. - */ - if (ehdr->e_machine != ELF_ARCH) - return err("ELF file created for different architecture."); - /* Verify the sizes of the ELF header and the program segment - * header table entries. - */ - if (ehdr->e_ehsize != sizeof(Elf_Ehdr)) - return err("unrecognized ELF header size."); - if (ehdr->e_phentsize != sizeof(Elf_Phdr)) - return err("unrecognized program segment header size."); - - /* Finally, check the file type. - */ - if (ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN) - return err("not an executable or shared-object library."); - - return TRUE; -} - -/* readphdrtable() loads the program segment header table into memory. +#define EGET(X) \ + (__extension__ ({ \ + uint64_t __res; \ + if (!do_reverse_endian) { \ + __res = (X); \ + } else if (sizeof(X) == 1) { \ + __res = (X); \ + } else if (sizeof(X) == 2) { \ + __res = bswap_16((X)); \ + } else if (sizeof(X) == 4) { \ + __res = bswap_32((X)); \ + } else if (sizeof(X) == 8) { \ + __res = bswap_64((X)); \ + } else { \ + fprintf(stderr, "%s: %s: EGET failed for size %d\n", \ + progname, filename, sizeof(X)); \ + exit(EXIT_FAILURE); \ + } \ + __res; \ + })) + +/* Set a value 'Y' in the elf header to 'X', compensating for endianness. */ -static int readphdrtable(int fd, Elf_Ehdr const *ehdr, Elf_Phdr **phdrs) -{ - size_t size; +#define ESET(Y,X) \ + do if (!do_reverse_endian) { \ + Y = (X); \ + } else if (sizeof(Y) == 1) { \ + Y = (X); \ + } else if (sizeof(Y) == 2) { \ + Y = bswap_16((uint16_t)(X)); \ + } else if (sizeof(Y) == 4) { \ + Y = bswap_32((uint32_t)(X)); \ + } else if (sizeof(Y) == 8) { \ + Y = bswap_64((uint64_t)(X)); \ + } else { \ + fprintf(stderr, "%s: %s: ESET failed for size %d\n", \ + progname, filename, sizeof(Y)); \ + exit(EXIT_FAILURE); \ + } while (0) - if (!ehdr->e_phoff || !ehdr->e_phnum) - return err("ELF file has no program header table."); - size = ehdr->e_phnum * sizeof **phdrs; - if (!(*phdrs = malloc(size))) - return err("Out of memory!"); +/* A macro for I/O errors: The given error message is used only when + * errno is not set. + */ +#define ferr(msg) (err(errno ? strerror(errno) : (msg))) - errno = 0; - if (read(fd, *phdrs, size) != (ssize_t)size) - return ferr("missing or incomplete program segment header table."); - return TRUE; + +#define HEADER_FUNCTIONS(CLASS) \ + \ +/* readelfheader() reads the ELF header into our global variable, and \ + * checks to make sure that this is in fact a file that we should be \ + * munging. \ + */ \ +static int readelfheader ## CLASS (int fd, Elf ## CLASS ## _Ehdr *ehdr) \ +{ \ + if (read(fd, ((char *)ehdr)+EI_NIDENT, sizeof(*ehdr) - EI_NIDENT) \ + != sizeof(*ehdr) - EI_NIDENT) \ + return ferr("missing or incomplete ELF header."); \ + \ + /* Verify the sizes of the ELF header and the program segment \ + * header table entries. \ + */ \ + if (EGET(ehdr->e_ehsize) != sizeof(Elf ## CLASS ## _Ehdr)) \ + return err("unrecognized ELF header size."); \ + if (EGET(ehdr->e_phentsize) != sizeof(Elf ## CLASS ## _Phdr)) \ + return err("unrecognized program segment header size."); \ + \ + /* Finally, check the file type. \ + */ \ + if (EGET(ehdr->e_type) != ET_EXEC && EGET(ehdr->e_type) != ET_DYN) \ + return err("not an executable or shared-object library."); \ + \ + return TRUE; \ +} \ + \ +/* readphdrtable() loads the program segment header table into memory. \ + */ \ +static int readphdrtable ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \ + Elf ## CLASS ## _Phdr **phdrs) \ +{ \ + size_t size; \ + \ + if (!EGET(ehdr->e_phoff) || !EGET(ehdr->e_phnum) \ +) return err("ELF file has no program header table."); \ + \ + size = EGET(ehdr->e_phnum) * sizeof **phdrs; \ + if (!(*phdrs = malloc(size))) \ + return err("Out of memory!"); \ + \ + errno = 0; \ + if (read(fd, *phdrs, size) != (ssize_t)size) \ + return ferr("missing or incomplete program segment header table."); \ + \ + return TRUE; \ +} \ + \ +/* getmemorysize() determines the offset of the last byte of the file \ + * that is referenced by an entry in the program segment header table. \ + * (Anything in the file after that point is not used when the program \ + * is executing, and thus can be safely discarded.) \ + */ \ +static int getmemorysize ## CLASS (Elf ## CLASS ## _Ehdr const *ehdr, \ + Elf ## CLASS ## _Phdr const *phdrs, \ + unsigned long *newsize) \ +{ \ + Elf ## CLASS ## _Phdr const *phdr; \ + unsigned long size, n; \ + int i; \ + \ + /* Start by setting the size to include the ELF header and the \ + * complete program segment header table. \ + */ \ + size = EGET(ehdr->e_phoff) + EGET(ehdr->e_phnum) * sizeof *phdrs; \ + if (size < sizeof *ehdr) \ + size = sizeof *ehdr; \ + \ + /* Then keep extending the size to include whatever data the \ + * program segment header table references. \ + */ \ + for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \ + if (EGET(phdr->p_type) != PT_NULL) { \ + n = EGET(phdr->p_offset) + EGET(phdr->p_filesz); \ + if (n > size) \ + size = n; \ + } \ + } \ + \ + *newsize = size; \ + return TRUE; \ +} \ + \ +/* modifyheaders() removes references to the section header table if \ + * it was stripped, and reduces program header table entries that \ + * included truncated bytes at the end of the file. \ + */ \ +static int modifyheaders ## CLASS (Elf ## CLASS ## _Ehdr *ehdr, \ + Elf ## CLASS ## _Phdr *phdrs, \ + unsigned long newsize) \ +{ \ + Elf ## CLASS ## _Phdr *phdr; \ + int i; \ + \ + /* If the section header table is gone, then remove all references \ + * to it in the ELF header. \ + */ \ + if (EGET(ehdr->e_shoff) >= newsize) { \ + ESET(ehdr->e_shoff,0); \ + ESET(ehdr->e_shnum,0); \ + ESET(ehdr->e_shentsize,0); \ + ESET(ehdr->e_shstrndx,0); \ + } \ + \ + /* The program adjusts the file size of any segment that was \ + * truncated. The case of a segment being completely stripped out \ + * is handled separately. \ + */ \ + for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \ + if (EGET(phdr->p_offset) >= newsize) { \ + ESET(phdr->p_offset,newsize); \ + ESET(phdr->p_filesz,0); \ + } else if (EGET(phdr->p_offset) + EGET(phdr->p_filesz) > newsize) { \ + newsize -= EGET(phdr->p_offset); \ + ESET(phdr->p_filesz, newsize); \ + } \ + } \ + \ + return TRUE; \ +} \ + \ +/* commitchanges() writes the new headers back to the original file \ + * and sets the file to its new size. \ + */ \ +static int commitchanges ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \ + Elf ## CLASS ## _Phdr *phdrs, \ + unsigned long newsize) \ +{ \ + size_t n; \ + \ + /* Save the changes to the ELF header, if any. \ + */ \ + if (lseek(fd, 0, SEEK_SET)) \ + return ferr("could not rewind file"); \ + errno = 0; \ + if (write(fd, ehdr, sizeof *ehdr) != sizeof *ehdr) \ + return err("could not modify file"); \ + \ + /* Save the changes to the program segment header table, if any. \ + */ \ + if (lseek(fd, EGET(ehdr->e_phoff), SEEK_SET) == (off_t)-1) { \ + err("could not seek in file."); \ + goto warning; \ + } \ + n = EGET(ehdr->e_phnum) * sizeof *phdrs; \ + if (write(fd, phdrs, n) != (ssize_t)n) { \ + err("could not write to file"); \ + goto warning; \ + } \ + \ + /* Eleventh-hour sanity check: don't truncate before the end of \ + * the program segment header table. \ + */ \ + if (newsize < EGET(ehdr->e_phoff) + n) \ + newsize = EGET(ehdr->e_phoff) + n; \ + \ + /* Chop off the end of the file. \ + */ \ + if (ftruncate(fd, newsize)) { \ + err("could not resize file"); \ + goto warning; \ + } \ + \ + return TRUE; \ + \ + warning: \ + return err("ELF file may have been corrupted!"); \ } -/* getmemorysize() determines the offset of the last byte of the file - * that is referenced by an entry in the program segment header table. - * (Anything in the file after that point is not used when the program - * is executing, and thus can be safely discarded.) + +/* First elements of Elf32_Ehdr and Elf64_Ehdr are common. */ -static int getmemorysize(Elf_Ehdr const *ehdr, Elf_Phdr const *phdrs, - unsigned long *newsize) +static int readelfheaderident(int fd, Elf32_Ehdr *ehdr) { - Elf32_Phdr const *phdr; - unsigned long size, n; - int i; - - /* Start by setting the size to include the ELF header and the - * complete program segment header table. - */ - size = ehdr->e_phoff + ehdr->e_phnum * sizeof *phdrs; - if (size < sizeof *ehdr) - size = sizeof *ehdr; - - /* Then keep extending the size to include whatever data the - * program segment header table references. - */ - for (i = 0, phdr = phdrs ; i < ehdr->e_phnum ; ++i, ++phdr) { - if (phdr->p_type != PT_NULL) { - n = phdr->p_offset + phdr->p_filesz; - if (n > size) - size = n; + errno = 0; + if (read(fd, ehdr, EI_NIDENT) != EI_NIDENT) + return ferr("missing or incomplete ELF header."); + + /* Check the ELF signature. + */ + if (!(ehdr->e_ident[EI_MAG0] == ELFMAG0 && + ehdr->e_ident[EI_MAG1] == ELFMAG1 && + ehdr->e_ident[EI_MAG2] == ELFMAG2 && + ehdr->e_ident[EI_MAG3] == ELFMAG3)) + { + err("missing ELF signature."); + return -1; } - } - *newsize = size; - return TRUE; + /* Compare the file's class and endianness with the program's. + */ +#if __BYTE_ORDER == __LITTLE_ENDIAN + if (ehdr->e_ident[EI_DATA] == ELFDATA2LSB) { + do_reverse_endian = 0; + } else if (ehdr->e_ident[EI_DATA] == ELFDATA2MSB) { +/* fprintf(stderr, "ELF file has different endianness.\n"); */ + do_reverse_endian = 1; + } +#elif __BYTE_ORDER == __BIG_ENDIAN + if (ehdr->e_ident[EI_DATA] == ELFDATA2LSB) { +/* fprintf(stderr, "ELF file has different endianness.\n"); */ + do_reverse_endian = 1; + } else if (ehdr->e_ident[EI_DATA] == ELFDATA2MSB) { + do_reverse_endian = 0; + } +#else +#error unkown endianness +#endif + else { + err("Unsupported endianness"); + return -1; + } + + /* Check the target architecture. + */ +/* if (EGET(ehdr->e_machine) != ELF_ARCH) { */ +/* /\* return err("ELF file created for different architecture."); *\/ */ +/* fprintf(stderr, "ELF file created for different architecture.\n"); */ +/* } */ + return ehdr->e_ident[EI_CLASS]; } + +HEADER_FUNCTIONS(32) + +HEADER_FUNCTIONS(64) + /* truncatezeros() examines the bytes at the end of the file's * size-to-be, and reduces the size to exclude any trailing zero * bytes. */ static int truncatezeros(int fd, unsigned long *newsize) { - unsigned char contents[1024]; - unsigned long size, n; - - size = *newsize; - do { - n = sizeof contents; - if (n > size) - n = size; - if (lseek(fd, size - n, SEEK_SET) == (off_t)-1) - return ferr("cannot seek in file."); - if (read(fd, contents, n) != (ssize_t)n) - return ferr("cannot read file contents"); - while (n && !contents[--n]) - --size; - } while (size && !n); - - /* Sanity check. - */ - if (!size) - return err("ELF file is completely blank!"); - - *newsize = size; - return TRUE; -} - -/* modifyheaders() removes references to the section header table if - * it was stripped, and reduces program header table entries that - * included truncated bytes at the end of the file. - */ -static int modifyheaders(Elf_Ehdr *ehdr, Elf_Phdr *phdrs, - unsigned long newsize) -{ - Elf32_Phdr *phdr; - int i; - - /* If the section header table is gone, then remove all references - * to it in the ELF header. - */ - if (ehdr->e_shoff >= newsize) { - ehdr->e_shoff = 0; - ehdr->e_shnum = 0; - ehdr->e_shentsize = 0; - ehdr->e_shstrndx = 0; - } - - /* The program adjusts the file size of any segment that was - * truncated. The case of a segment being completely stripped out - * is handled separately. - */ - for (i = 0, phdr = phdrs ; i < ehdr->e_phnum ; ++i, ++phdr) { - if (phdr->p_offset >= newsize) { - phdr->p_offset = newsize; - phdr->p_filesz = 0; - } else if (phdr->p_offset + phdr->p_filesz > newsize) { - phdr->p_filesz = newsize - phdr->p_offset; - } - } - - return TRUE; -} - -/* commitchanges() writes the new headers back to the original file - * and sets the file to its new size. - */ -static int commitchanges(int fd, Elf_Ehdr const *ehdr, Elf_Phdr *phdrs, - unsigned long newsize) -{ - size_t n; - - /* Save the changes to the ELF header, if any. - */ - if (lseek(fd, 0, SEEK_SET)) - return ferr("could not rewind file"); - errno = 0; - if (write(fd, ehdr, sizeof *ehdr) != sizeof *ehdr) - return err("could not modify file"); - - /* Save the changes to the program segment header table, if any. - */ - if (lseek(fd, ehdr->e_phoff, SEEK_SET) == (off_t)-1) { - err("could not seek in file."); - goto warning; - } - n = ehdr->e_phnum * sizeof *phdrs; - if (write(fd, phdrs, n) != (ssize_t)n) { - err("could not write to file"); - goto warning; - } - - /* Eleventh-hour sanity check: don't truncate before the end of - * the program segment header table. - */ - if (newsize < ehdr->e_phoff + n) - newsize = ehdr->e_phoff + n; - - /* Chop off the end of the file. - */ - if (ftruncate(fd, newsize)) { - err("could not resize file"); - goto warning; - } - - return TRUE; - - warning: - return err("ELF file may have been corrupted!"); + unsigned char contents[1024]; + unsigned long size, n; + + size = *newsize; + do { + n = sizeof contents; + if (n > size) + n = size; + if (lseek(fd, size - n, SEEK_SET) == (off_t)-1) + return ferr("cannot seek in file."); + if (read(fd, contents, n) != (ssize_t)n) + return ferr("cannot read file contents"); + while (n && !contents[--n]) + --size; + } while (size && !n); + + /* Sanity check. + */ + if (!size) + return err("ELF file is completely blank!"); + + *newsize = size; + return TRUE; } /* main() loops over the cmdline arguments, leaving all the real work @@ -284,44 +403,66 @@ static int commitchanges(int fd, Elf_Ehdr const *ehdr, Elf_Phdr *phdrs, */ int main(int argc, char *argv[]) { - int fd; - Elf_Ehdr ehdr; - Elf_Phdr *phdrs; - unsigned long newsize; - char **arg; - int failures = 0; - - if (argc < 2 || argv[1][0] == '-') { - printf("Usage: sstrip FILE...\n" - "sstrip discards all nonessential bytes from an executable.\n\n" - "Version 2.0 Copyright (C) 2000,2001 Brian Raiter.\n" - "This program is free software, licensed under the GNU\n" - "General Public License. There is absolutely no warranty.\n"); - return EXIT_SUCCESS; - } - - progname = argv[0]; - - for (arg = argv + 1 ; *arg != NULL ; ++arg) { - filename = *arg; - - fd = open(*arg, O_RDWR); - if (fd < 0) { - ferr("can't open"); - ++failures; - continue; + int fd; + union { + Elf32_Ehdr ehdr32; + Elf64_Ehdr ehdr64; + } e; + union { + Elf32_Phdr *phdrs32; + Elf64_Phdr *phdrs64; + } p; + unsigned long newsize; + char **arg; + int failures = 0; + + if (argc < 2 || argv[1][0] == '-') { + printf("Usage: sstrip FILE...\n" + "sstrip discards all nonessential bytes from an executable.\n\n" + "Version 2.0-X Copyright (C) 2000,2001 Brian Raiter.\n" + "Cross-devel hacks Copyright (C) 2004 Manuel Novoa III.\n" + "This program is free software, licensed under the GNU\n" + "General Public License. There is absolutely no warranty.\n"); + return EXIT_SUCCESS; } - if (!(readelfheader(fd, &ehdr) && - readphdrtable(fd, &ehdr, &phdrs) && - getmemorysize(&ehdr, phdrs, &newsize) && - truncatezeros(fd, &newsize) && - modifyheaders(&ehdr, phdrs, newsize) && - commitchanges(fd, &ehdr, phdrs, newsize))) - ++failures; - - close(fd); - } + progname = argv[0]; + + for (arg = argv + 1 ; *arg != NULL ; ++arg) { + filename = *arg; + + fd = open(*arg, O_RDWR); + if (fd < 0) { + ferr("can't open"); + ++failures; + continue; + } + + switch (readelfheaderident(fd, &e.ehdr32)) { + case ELFCLASS32: + if (!(readelfheader32(fd, &e.ehdr32) && + readphdrtable32(fd, &e.ehdr32, &p.phdrs32) && + getmemorysize32(&e.ehdr32, p.phdrs32, &newsize) && + truncatezeros(fd, &newsize) && + modifyheaders32(&e.ehdr32, p.phdrs32, newsize) && + commitchanges32(fd, &e.ehdr32, p.phdrs32, newsize))) + ++failures; + break; + case ELFCLASS64: + if (!(readelfheader64(fd, &e.ehdr64) && + readphdrtable64(fd, &e.ehdr64, &p.phdrs64) && + getmemorysize64(&e.ehdr64, p.phdrs64, &newsize) && + truncatezeros(fd, &newsize) && + modifyheaders64(&e.ehdr64, p.phdrs64, newsize) && + commitchanges64(fd, &e.ehdr64, p.phdrs64, newsize))) + ++failures; + break; + default: + ++failures; + break; + } + close(fd); + } - return failures ? EXIT_FAILURE : EXIT_SUCCESS; + return failures ? EXIT_FAILURE : EXIT_SUCCESS; } |