diff --git a/add-fclose-operation-to-fix-file-pointer-not-closed.patch b/add-fclose-operation-to-fix-file-pointer-not-closed.patch deleted file mode 100644 index ecf814b..0000000 --- a/add-fclose-operation-to-fix-file-pointer-not-closed.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 894fd6a7ba225936f7711ef9a9413bba65f83b92 Mon Sep 17 00:00:00 2001 -From: Wei Xing -Date: Thu, 2 Mar 2023 21:07:10 +0800 -Subject: [PATCH] Add fclose operation to fix file pointer not closed after use - Signed-off-by: Wei Xing - ---- - pppd/plugins/radius/clientid.c | 2 ++ - pppd/plugins/radius/config.c | 6 ++++++ - 2 files changed, 8 insertions(+) - -diff --git a/pppd/plugins/radius/clientid.c b/pppd/plugins/radius/clientid.c -index b1bbc47..eea5165 100644 ---- a/pppd/plugins/radius/clientid.c -+++ b/pppd/plugins/radius/clientid.c -@@ -68,6 +68,7 @@ int rc_read_mapfile(char *filename) - - if ((p = (struct map2id_s *)malloc(sizeof(*p))) == NULL) { - novm("rc_read_mapfile"); -+ fclose(mapfd); - return (-1); - } - -@@ -79,6 +80,7 @@ int rc_read_mapfile(char *filename) - } else { - - error("rc_read_mapfile: malformed line in %s, line %d", filename, lnr); -+ fclose(mapfd); - return (-1); - - } -diff --git a/pppd/plugins/radius/config.c b/pppd/plugins/radius/config.c -index 47c172c..39744fc 100644 ---- a/pppd/plugins/radius/config.c -+++ b/pppd/plugins/radius/config.c -@@ -212,6 +212,7 @@ int rc_read_config(char *filename) - - if ((pos = strcspn(p, "\t ")) == 0) { - error("%s: line %d: bogus format: %s", filename, line, p); -+ fclose(configfd); - return (-1); - } - -@@ -224,6 +225,7 @@ int rc_read_config(char *filename) - - if (option->status != ST_UNDEF) { - error("%s: line %d: duplicate option line: %s", filename, line, p); -+ fclose(configfd); - return (-1); - } - -@@ -234,18 +236,22 @@ int rc_read_config(char *filename) - switch (option->type) { - case OT_STR: - if (set_option_str(filename, line, option, p) < 0) -+ fclose(configfd); - return (-1); - break; - case OT_INT: - if (set_option_int(filename, line, option, p) < 0) -+ fclose(configfd); - return (-1); - break; - case OT_SRV: - if (set_option_srv(filename, line, option, p) < 0) -+ fclose(configfd); - return (-1); - break; - case OT_AUO: - if (set_option_auo(filename, line, option, p) < 0) -+ fclose(configfd); - return (-1); - break; - default: --- -2.33.0 - diff --git a/backport-0006-scritps-use-change_resolv_conf-function.patch b/backport-0006-scritps-use-change_resolv_conf-function.patch deleted file mode 100644 index cbf8713..0000000 --- a/backport-0006-scritps-use-change_resolv_conf-function.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 01419dfb684d501b57f1c24dcfdbcf9da93ccca2 Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Fri, 4 Apr 2014 18:12:47 +0200 -Subject: [PATCH 06/27] scritps: use change_resolv_conf function - -Don't handle /etc/resolv.conf manually, but use a helper function from -initscripts. Also change path where we save DNS servers supplied by peer while -we are at it. - -Resolves: #132482 ---- - pppd/pppd.8 | 2 +- - scripts/ip-down.local.add | 9 +++++---- - scripts/ip-up.local.add | 17 ++++++++++------- - 3 files changed, 16 insertions(+), 12 deletions(-) - -diff --git a/pppd/pppd.8 b/pppd/pppd.8 -index e2768b1..2dd6e1a 100644 ---- a/pppd/pppd.8 -+++ b/pppd/pppd.8 -@@ -1099,7 +1099,7 @@ Ask the peer for up to 2 DNS server addresses. The addresses supplied - by the peer (if any) are passed to the /etc/ppp/ip\-up script in the - environment variables DNS1 and DNS2, and the environment variable - USEPEERDNS will be set to 1. In addition, pppd will create an --/etc/ppp/resolv.conf file containing one or two nameserver lines with -+/var/run/ppp/resolv.conf file containing one or two nameserver lines with - the address(es) supplied by the peer. - .TP - .B user \fIname -diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add -index b93590e..163f71e 100644 ---- a/scripts/ip-down.local.add -+++ b/scripts/ip-down.local.add -@@ -9,12 +9,13 @@ - # - # Nick Walker (nickwalker@email.com) - # -+. /etc/sysconfig/network-scripts/network-functions - --if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then -- if [ -f /etc/ppp/resolv.prev ]; then -- cp -f /etc/ppp/resolv.prev /etc/resolv.conf -+if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then -+ if [ -f /var/run/ppp/resolv.prev ]; then -+ change_resolv_conf /var/run/ppp/resolv.prev - else -- rm -f /etc/resolv.conf -+ change_resolv_conf - fi - fi - -diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add -index 8017209..26cf5f8 100644 ---- a/scripts/ip-up.local.add -+++ b/scripts/ip-up.local.add -@@ -9,16 +9,19 @@ - # - # Nick Walker (nickwalker@email.com) - # -+. /etc/sysconfig/network-scripts/network-functions - --if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then -- rm -f /etc/ppp/resolv.prev -+if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then -+ rm -f /var/run/ppp/resolv.prev - if [ -f /etc/resolv.conf ]; then -- cp /etc/resolv.conf /etc/ppp/resolv.prev -- grep domain /etc/ppp/resolv.prev > /etc/resolv.conf -- grep search /etc/ppp/resolv.prev >> /etc/resolv.conf -- cat /etc/ppp/resolv.conf >> /etc/resolv.conf -+ cp /etc/resolv.conf /var/run/ppp/resolv.prev -+ rscf=/var/run/ppp/resolv.new -+ grep domain /var/run/ppp/resolv.prev > $rscf -+ grep search /var/run/ppp/resolv.prev >> $rscf -+ change_resolv_conf $rscf -+ rm -f $rscf - else -- cp /etc/ppp/resolv.conf /etc -+ change_resolv_conf /var/run/ppp/resolv.conf - fi - fi - --- -1.8.3.1 - diff --git a/backport-0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch b/backport-0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch deleted file mode 100644 index 56ac388..0000000 --- a/backport-0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch +++ /dev/null @@ -1,77 +0,0 @@ -From b4ef433be936c90e356da7a590b032cdee219a3f Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Fri, 4 Apr 2014 19:06:05 +0200 -Subject: [PATCH 11/27] build-sys: don't put connect-errors log to /etc/ppp/ - -Resolves: #118837 ---- - chat/chat.8 | 2 +- - linux/Makefile.top | 8 +++++++- - pppd/pathnames.h | 4 ++-- - 3 files changed, 10 insertions(+), 4 deletions(-) - -diff --git a/chat/chat.8 b/chat/chat.8 -index 6d10836..78d6939 100644 ---- a/chat/chat.8 -+++ b/chat/chat.8 -@@ -200,7 +200,7 @@ The \fBSAY\fR directive allows the script to send strings to the user - at the terminal via standard error. If \fBchat\fR is being run by - pppd, and pppd is running as a daemon (detached from its controlling - terminal), standard error will normally be redirected to the file --/etc/ppp/connect\-errors. -+/var/log/ppp/connect\-errors. - .LP - \fBSAY\fR strings must be enclosed in single or double quotes. If - carriage return and line feed are needed in the string to be output, -diff --git a/linux/Makefile.top b/linux/Makefile.top -index f63d45e..f42efd5 100644 ---- a/linux/Makefile.top -+++ b/linux/Makefile.top -@@ -5,6 +5,8 @@ BINDIR = $(DESTDIR)/sbin - INCDIR = $(DESTDIR)/include - MANDIR = $(DESTDIR)/share/man - ETCDIR = $(INSTROOT)@SYSCONF@/ppp -+RUNDIR = $(DESTDIR)/var/run/ppp -+LOGDIR = $(DESTDIR)/var/log/ppp - - # uid 0 = root - INSTALL= install -@@ -16,7 +18,7 @@ all: - cd pppstats; $(MAKE) $(MFLAGS) all - cd pppdump; $(MAKE) $(MFLAGS) all - --install: $(BINDIR) $(MANDIR)/man8 install-progs install-devel -+install: $(BINDIR) $(RUNDIR) $(LOGDIR) $(MANDIR)/man8 install-progs install-devel - - install-progs: - cd chat; $(MAKE) $(MFLAGS) install -@@ -44,6 +46,10 @@ $(MANDIR)/man8: - $(INSTALL) -d -m 755 $@ - $(ETCDIR): - $(INSTALL) -d -m 755 $@ -+$(RUNDIR): -+ $(INSTALL) -d -m 755 $@ -+$(LOGDIR): -+ $(INSTALL) -d -m 755 $@ - - clean: - rm -f `find . -name '*.[oas]' -print` -diff --git a/pppd/pathnames.h b/pppd/pathnames.h -index a427cb8..bef3160 100644 ---- a/pppd/pathnames.h -+++ b/pppd/pathnames.h -@@ -28,9 +28,9 @@ - #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up" - #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down" - #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." --#define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors" -+#define _PATH_CONNERRS _ROOT_PATH "/var/log/ppp/connect-errors" - #define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/" --#define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf" -+#define _PATH_RESOLV _ROOT_PATH "/var/run/ppp/resolv.conf" - - #define _PATH_USEROPT ".ppprc" - #define _PATH_PSEUDONYM ".ppp_pseudonym" --- -1.8.3.1 - diff --git a/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch b/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch index 1352370..f8813fb 100644 --- a/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch +++ b/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch @@ -36,20 +36,7 @@ index a7e3400..e64a778 100644 + fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (fd >= 0) { memset (&ifr, '\0', sizeof (ifr)); - strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); -diff --git a/pppd/plugins/pppoe/if.c b/pppd/plugins/pppoe/if.c -index 91e9a57..72aba41 100644 ---- a/pppd/plugins/pppoe/if.c -+++ b/pppd/plugins/pppoe/if.c -@@ -116,7 +116,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr) - stype = SOCK_PACKET; - #endif - -- if ((fd = socket(domain, stype, htons(type))) < 0) { -+ if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) { - /* Give a more helpful message for the common error case */ - if (errno == EPERM) { - fatal("Cannot create raw socket -- pppoe must be run as root."); + ppp_get_ifname(ifr.ifr_name, sizeof(ifr.ifr_name)); diff --git a/pppd/plugins/pppoe/plugin.c b/pppd/plugins/pppoe/plugin.c index a8c2bb4..24bdf8f 100644 --- a/pppd/plugins/pppoe/plugin.c @@ -64,7 +51,7 @@ index a8c2bb4..24bdf8f 100644 error("Failed to create PPPoE socket: %m"); return -1; @@ -148,7 +148,7 @@ PPPOEConnectDevice(void) - lcp_wantoptions[0].mru = conn->mru; + lcp_wantoptions[0].mru = conn->mru = conn->storedmru; /* Update maximum MRU */ - s = socket(AF_INET, SOCK_DGRAM, 0); @@ -83,8 +70,8 @@ index a8c2bb4..24bdf8f 100644 diff --git a/pppd/plugins/pppoe/pppoe-discovery.c b/pppd/plugins/pppoe/pppoe-discovery.c index 3d3bf4e..c0d927d 100644 ---- a/pppd/plugins/pppoe/pppoe-discovery.c -+++ b/pppd/plugins/pppoe/pppoe-discovery.c +--- a/pppd/plugins/pppoe/if.c ++++ b/pppd/plugins/pppoe/if.c @@ -121,7 +121,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr) stype = SOCK_PACKET; #endif @@ -107,7 +94,7 @@ index 00a2cf5..0690019 100644 if (sock_fd < 0) fatal("Couldn't create IP socket: %m(%d)", errno); - #ifdef INET6 + #ifdef PPP_WITH_IPV6CP - sock6_fd = socket(AF_INET6, SOCK_DGRAM, 0); + sock6_fd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (sock6_fd < 0) @@ -145,5 +132,4 @@ index bc96695..8e76a5d 100644 error("Can't create socket: %m"); return -1; -- -1.8.3.1 - +1.8.3.1 \ No newline at end of file diff --git a/backport-0015-pppd-move-pppd-database-to-var-run-ppp.patch b/backport-0015-pppd-move-pppd-database-to-var-run-ppp.patch deleted file mode 100644 index 88b84d5..0000000 --- a/backport-0015-pppd-move-pppd-database-to-var-run-ppp.patch +++ /dev/null @@ -1,44 +0,0 @@ -From f2c855462ff56be4121409c7e048cd2503fe0ccf Mon Sep 17 00:00:00 2001 -From: Jiri Skala -Date: Mon, 7 Apr 2014 14:26:20 +0200 -Subject: [PATCH 15/27] pppd: move pppd database to /var/run/ppp - -Resolves: #560014 ---- - pppd/pathnames.h | 11 ++++------- - 1 file changed, 4 insertions(+), 7 deletions(-) - -diff --git a/pppd/pathnames.h b/pppd/pathnames.h -index bef3160..24e010c 100644 ---- a/pppd/pathnames.h -+++ b/pppd/pathnames.h -@@ -6,8 +6,9 @@ - - #ifdef HAVE_PATHS_H - #include -- -+#define _PPP_SUBDIR "ppp/" - #else /* HAVE_PATHS_H */ -+#define _PPP_SUBDIR - #ifndef _PATH_VARRUN - #define _PATH_VARRUN "/etc/ppp/" - #endif -@@ -46,13 +47,9 @@ - #endif /* IPX_CHANGE */ - - #ifdef __STDC__ --#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN "pppd2.tdb" -+#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb" - #else /* __STDC__ */ --#ifdef HAVE_PATHS_H --#define _PATH_PPPDB "/var/run/pppd2.tdb" --#else --#define _PATH_PPPDB "/etc/ppp/pppd2.tdb" --#endif -+#define _PATH_PPPDB _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb" - #endif /* __STDC__ */ - - #ifdef PLUGIN --- -1.8.3.1 - diff --git a/backport-0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch b/backport-0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch deleted file mode 100644 index b7f7c91..0000000 --- a/backport-0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch +++ /dev/null @@ -1,115 +0,0 @@ -diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux -index 3cd9101..9918091 100644 ---- a/pppd/plugins/pppoe/Makefile.linux -+++ b/pppd/plugins/pppoe/Makefile.linux -@@ -16,6 +16,7 @@ - - DESTDIR = $(INSTROOT)@DESTDIR@ - BINDIR = $(DESTDIR)/sbin -+MANDIR = $(DESTDIR)/share/man/man8 - LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION) - - PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) -@@ -46,6 +47,7 @@ install: all - $(LN_S) pppoe.so $(LIBDIR)/rp-pppoe.so - $(INSTALL) -d -m 755 $(BINDIR) - $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR) -+ $(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR) - - clean: - rm -f *.o *.so pppoe-discovery -diff --git a/pppd/plugins/pppoe/pppoe-discovery.8 b/pppd/plugins/pppoe/pppoe-discovery.8 -new file mode 100644 -index 0000000..d0a93db ---- /dev/null -+++ b/pppd/plugins/pppoe/pppoe-discovery.8 -@@ -0,0 +1,86 @@ -+.\" pppoe-discovery.8 written by -+.\" Ben Hutchings , based on pppoe.8. -+.\" Licenced under the GPL version 2 or later. -+.TH PPPOE-DISCOVERY 8 -+.SH NAME -+pppoe\-discovery \- perform PPPoE discovery -+.SH SYNOPSIS -+.B pppoe\-discovery -+[ -+.I options -+] -+.br -+.BR pppoe\-discovery " { " \-V " | " \-h " }" -+.SH DESCRIPTION -+.LP -+\fBpppoe\-discovery\fR performs the same discovery process as -+\fBpppoe\fR, but does not initiate a session. -+It sends a PADI packet and then prints the names of access -+concentrators in each PADO packet it receives. -+.SH OPTIONS -+.TP -+.BI \-I " interface" -+.RS -+The \fB\-I\fR option specifies the Ethernet interface to use. -+Under Linux, it is typically eth0 or eth1. -+The interface should be \(lqup\(rq before you start -+\fBpppoe\-discovery\fR, but should \fInot\fR be configured to have an -+IP address. -+The default interface is eth0. -+.RE -+.TP -+.BI \-D " file_name" -+.RS -+The \fB\-D\fR option causes every packet to be dumped to the specified -+\fIfile_name\fR. -+This is intended for debugging only. -+.RE -+.TP -+.B \-U -+.RS -+Causes \fBpppoe\-discovery\fR to use the Host-Uniq tag in its discovery -+packets. -+This lets you run multiple instances of \fBpppoe\-discovery\fR and/or -+\fBpppoe\fR without having their discovery packets interfere with one -+another. -+You must supply this option to \fIall\fR instances that you intend to -+run simultaneously. -+.RE -+.TP -+.BI \-S " service_name" -+.RS -+Specifies the desired service name. -+\fBpppoe\-discovery\fR will only accept access concentrators which can -+provide the specified service. -+In most cases, you should \fInot\fR specify this option. -+Use it only if you know that there are multiple access concentrators -+or know that you need a specific service name. -+.RE -+.TP -+.BI \-C " ac_name" -+.RS -+Specifies the desired access concentrator name. -+\fBpppoe\-discovery\fR will only accept the specified access -+concentrator. -+In most cases, you should \fInot\fR specify this option. -+Use it only if you know that there are multiple access concentrators. -+If both the \fB\-S\fR and \fB\-C\fR options are specified, they must -+\fIboth\fR match. -+.RE -+.TP -+.B \-A -+.RS -+This option is accepted for compatibility with \fBpppoe\fR, but has no -+effect. -+.RE -+.TP -+.BR \-V " | " \-h -+.RS -+Either of these options causes \fBpppoe\-discovery\fR to print its -+version number and usage information, then exit. -+.RE -+.SH AUTHORS -+\fBpppoe\-discovery\fR was written by Marco d'Itri , -+based on \fBpppoe\fR by David F. Skoll . -+.SH SEE ALSO -+pppoe(8), pppoe-sniff(8) --- -1.8.3.1 - diff --git a/backport-0018-scritps-fix-ip-up.local-sample.patch b/backport-0018-scritps-fix-ip-up.local-sample.patch deleted file mode 100644 index c36e0b8..0000000 --- a/backport-0018-scritps-fix-ip-up.local-sample.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 40960f91cdd06da387616ec838ae2599e7f01cee Mon Sep 17 00:00:00 2001 -From: Jiri Skala -Date: Mon, 7 Apr 2014 15:24:01 +0200 -Subject: [PATCH 18/27] scritps: fix ip-up.local sample - -Resolves: #613717 ---- - scripts/ip-up.local.add | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add -index 26cf5f8..282337c 100644 ---- a/scripts/ip-up.local.add -+++ b/scripts/ip-up.local.add -@@ -18,6 +18,9 @@ if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then - rscf=/var/run/ppp/resolv.new - grep domain /var/run/ppp/resolv.prev > $rscf - grep search /var/run/ppp/resolv.prev >> $rscf -+ if [ -f /var/run/ppp/resolv.conf ]; then -+ cat /var/run/ppp/resolv.conf >> $rscf -+ fi - change_resolv_conf $rscf - rm -f $rscf - else --- -1.8.3.1 - diff --git a/backport-0020-pppd-put-lock-files-in-var-lock-ppp.patch b/backport-0020-pppd-put-lock-files-in-var-lock-ppp.patch deleted file mode 100644 index 93d26c5..0000000 --- a/backport-0020-pppd-put-lock-files-in-var-lock-ppp.patch +++ /dev/null @@ -1,26 +0,0 @@ -From c5a5f795b1defcb6d168e79c4d1fc371dfc556ca Mon Sep 17 00:00:00 2001 -From: Jiri Skala -Date: Wed, 9 Apr 2014 09:29:50 +0200 -Subject: [PATCH 20/27] pppd: put lock files in /var/lock/ppp - -Resolves: #708260 ---- - pppd/utils.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/pppd/utils.c b/pppd/utils.c -index 6051b9a..8407492 100644 ---- a/pppd/utils.c -+++ b/pppd/utils.c -@@ -846,7 +846,7 @@ complete_read(int fd, void *buf, size_t count) - /* Procedures for locking the serial device using a lock file. */ - #ifndef LOCK_DIR - #ifdef __linux__ --#define LOCK_DIR "/var/lock" -+#define LOCK_DIR "/var/lock/ppp" - #else - #ifdef SVR4 - #define LOCK_DIR "/var/spool/locks" --- -1.8.3.1 - diff --git a/backport-0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch b/backport-0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch deleted file mode 100644 index 23b1f93..0000000 --- a/backport-0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux -index 2df887b..6cb8397 100644 ---- a/pppd/plugins/pppoe/Makefile.linux -+++ b/pppd/plugins/pppoe/Makefile.linux -@@ -43,12 +43,12 @@ pppoe.so: plugin.o discovery.o if.o common.o - - install: all - $(INSTALL) -d -m 755 $(LIBDIR) -- $(INSTALL) -c -m 4550 pppoe.so $(LIBDIR) -+ $(INSTALL) -c -m 755 pppoe.so $(LIBDIR) - # Symlink for backward compatibility - $(LN_S) pppoe.so $(LIBDIR)/rp-pppoe.so - $(INSTALL) -d -m 755 $(BINDIR) -- $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR) -- $(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR) -+ $(INSTALL) -c -m 755 pppoe-discovery $(BINDIR) -+ $(INSTALL) -c -m 644 pppoe-discovery.8 $(MANDIR) - - clean: - rm -f *.o *.so pppoe-discovery diff --git a/backport-0024-build-sys-install-pppoatm-plugin-files-with-standard.patch b/backport-0024-build-sys-install-pppoatm-plugin-files-with-standard.patch deleted file mode 100644 index 9982d92..0000000 --- a/backport-0024-build-sys-install-pppoatm-plugin-files-with-standard.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 0fdb22ef3d3cc3b297372451d60bd6c61d047d27 Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Thu, 10 Apr 2014 10:08:41 +0200 -Subject: [PATCH 24/27] build-sys: install pppoatm plugin files with standard - perms - ---- - pppd/plugins/pppoatm/Makefile.linux | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux -index 769794b..4c5826f 100644 ---- a/pppd/plugins/pppoatm/Makefile.linux -+++ b/pppd/plugins/pppoatm/Makefile.linux -@@ -37,7 +37,7 @@ $(PLUGIN): $(PLUGIN_OBJS) - - install: all - $(INSTALL) -d -m 755 $(LIBDIR) -- $(INSTALL) -c -m 4550 $(PLUGIN) $(LIBDIR) -+ $(INSTALL) -c -m 755 $(PLUGIN) $(LIBDIR) - - clean: - rm -f *.o *.so --- -1.8.3.1 - diff --git a/backport-0027-Set-LIBDIR-for-RISCV.patch b/backport-0027-Set-LIBDIR-for-RISCV.patch deleted file mode 100644 index 8691335..0000000 --- a/backport-0027-Set-LIBDIR-for-RISCV.patch +++ /dev/null @@ -1,110 +0,0 @@ -From 05cf58cd46b3c92e868d856931b0ee5d2bfc7d72 Mon Sep 17 00:00:00 2001 -From: whoisxxx -Date: Tue, 10 Nov 2020 02:47:11 +0000 -Subject: [PATCH] Set LIBDIR for riscv - -The LIBDIR is given by "$(CC) -print-os-multi-directory", which -result in "../lib64" on X86/aarch64 host, and "./" on an openEuler -RISC-V host. Here is a temproray apporach by hardcore it for -an RISC-V host. - -Signed-off-by: whoisxxx ---- -rebased-by: laokz - -diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux -index 07df6a7..7dd3a1b 100644 ---- a/pppd/Makefile.linux -+++ b/pppd/Makefile.linux -@@ -12,7 +12,11 @@ DESTDIR = $(INSTROOT)@DESTDIR@ - BINDIR = $(DESTDIR)/sbin - MANDIR = $(DESTDIR)/share/man/man8 - INCDIR = $(DESTDIR)/include -+ifeq ($(filter riscv64%,$(MAKE_HOST)),) - LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null) -+else -+LIBDIR = $(DESTDIR)/lib64 -+endif - - TARGETS = pppd - -diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux -index f42d18c..958923f 100644 ---- a/pppd/plugins/Makefile.linux -+++ b/pppd/plugins/Makefile.linux -@@ -5,7 +5,11 @@ COPTS=@CFLAGS@ - DESTDIR = $(INSTROOT)@DESTDIR@ - BINDIR = $(DESTDIR)/sbin - MANDIR = $(DESTDIR)/share/man/man8 -+ifeq ($(filter riscv64%,$(MAKE_HOST)),) - LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION) -+else -+LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION) -+endif - - CFLAGS = $(COPTS) -I.. -I../../include -fPIC - LDFLAGS_SHARED = -shared -diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux -index 6387970..daaaa4e 100644 ---- a/pppd/plugins/pppoatm/Makefile.linux -+++ b/pppd/plugins/pppoatm/Makefile.linux -@@ -4,7 +4,11 @@ CC=$(CROSS_COMPILE)@CC@ - COPTS=@CFLAGS@ - - DESTDIR = $(INSTROOT)@DESTDIR@ -+ifeq ($(filter riscv64%,$(MAKE_HOST)),) - LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION) -+else -+LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION) -+endif - - VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) - -diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux -index 6cb8397..af5f9fb 100644 ---- a/pppd/plugins/pppoe/Makefile.linux -+++ b/pppd/plugins/pppoe/Makefile.linux -@@ -19,7 +19,11 @@ COPTS=@CFLAGS@ - DESTDIR = $(INSTROOT)@DESTDIR@ - BINDIR = $(DESTDIR)/sbin - MANDIR = $(DESTDIR)/share/man/man8 -+ifeq ($(filter riscv64%,$(MAKE_HOST)),) - LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION) -+else -+LIBDIR = $(DESTDIR)/lib64/pppd/$(PPPDVERSION) -+endif - - PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) - -diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux -index e4442f9..d9ae2ca 100644 ---- a/pppd/plugins/pppol2tp/Makefile.linux -+++ b/pppd/plugins/pppol2tp/Makefile.linux -@@ -4,7 +4,11 @@ CC=$(CROSS_COMPILE)@CC@ - COPTS=@CFLAGS@ - - DESTDIR = $(INSTROOT)/@DESTDIR@ -+ifeq ($(filter riscv64%,$(MAKE_HOST)),) - LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION) -+else -+LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION) -+endif - - VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) - -diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux -index d2ef044..1ccc171 100644 ---- a/pppd/plugins/radius/Makefile.linux -+++ b/pppd/plugins/radius/Makefile.linux -@@ -9,7 +9,11 @@ COPTS=@CFLAGS@ - - DESTDIR = $(INSTROOT)@DESTDIR@ - MANDIR = $(DESTDIR)/share/man/man8 -+ifeq ($(filter riscv64%,$(MAKE_HOST)),) - LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION) -+else -+LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION) -+endif - - VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) - diff --git a/backport-CVE-2022-4603.patch b/backport-CVE-2022-4603.patch deleted file mode 100644 index 4d077bc..0000000 --- a/backport-CVE-2022-4603.patch +++ /dev/null @@ -1,45 +0,0 @@ -From a75fb7b198eed50d769c80c36629f38346882cbf Mon Sep 17 00:00:00 2001 -From: Paul Mackerras -Date: Thu, 4 Aug 2022 12:23:08 +1000 -Subject: [PATCH] pppdump: Avoid out-of-range access to packet buffer - -This fixes a potential vulnerability where data is written to spkt.buf -and rpkt.buf without a check on the array index. To fix this, we -check the array index (pkt->cnt) before storing the byte or -incrementing the count. This also means we no longer have a potential -signed integer overflow on the increment of pkt->cnt. - -Fortunately, pppdump is not used in the normal process of setting up a -PPP connection, is not installed setuid-root, and is not invoked -automatically in any scenario that I am aware of. - -Signed-off-by: Paul Mackerras ---- - pppdump/pppdump.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/pppdump/pppdump.c b/pppdump/pppdump.c -index 2b815fc9..b85a8627 100644 ---- a/pppdump/pppdump.c -+++ b/pppdump/pppdump.c -@@ -297,6 +297,10 @@ dumpppp(f) - printf("%s aborted packet:\n ", dir); - q = " "; - } -+ if (pkt->cnt >= sizeof(pkt->buf)) { -+ printf("%s over-long packet truncated:\n ", dir); -+ q = " "; -+ } - nb = pkt->cnt; - p = pkt->buf; - pkt->cnt = 0; -@@ -400,7 +404,8 @@ dumpppp(f) - c ^= 0x20; - pkt->esc = 0; - } -- pkt->buf[pkt->cnt++] = c; -+ if (pkt->cnt < sizeof(pkt->buf)) -+ pkt->buf[pkt->cnt++] = c; - break; - } - } diff --git a/backport-ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch b/backport-ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch deleted file mode 100644 index bedb902..0000000 --- a/backport-ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch +++ /dev/null @@ -1,29 +0,0 @@ -From ab8b06cdc1075abc67f77e7c3bb684e20071d614 Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Thu, 10 Apr 2014 10:09:41 +0200 -Subject: [PATCH 25/27] pppd: install pppd binary using standard perms (755) - ---- - pppd/Makefile.linux | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux -index 0e8107f..534ccc2 100644 ---- a/pppd/Makefile.linux -+++ b/pppd/Makefile.linux -@@ -223,10 +223,10 @@ all: $(TARGETS) - install: pppd - mkdir -p $(BINDIR) $(MANDIR) - $(EXTRAINSTALL) -- $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd -+ $(INSTALL) -c -m 755 pppd $(BINDIR)/pppd - if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \ - chmod o-rx,u+s $(BINDIR)/pppd; fi -- $(INSTALL) -c -m 444 pppd.8 $(MANDIR) -+ $(INSTALL) -c -m 644 pppd.8 $(MANDIR) - - pppd: $(PPPDOBJS) - $(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_PLUGIN) -o pppd $(PPPDOBJS) $(LIBS) --- -1.8.3.1 - diff --git a/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch b/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch index 1b4a9cd..19ee5c3 100644 --- a/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch +++ b/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch @@ -23,7 +23,7 @@ index 4271af6..9e957fa 100644 fatal("unable to regain privileges: %m"); if (ufile == NULL) { @@ -1413,7 +1413,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg) - filename = _PATH_UPAPFILE; + filename = PPP_PATH_UPAPFILE; addrs = opts = NULL; ret = UPAP_AUTHNAK; - f = fopen(filename, "r"); @@ -33,7 +33,7 @@ index 4271af6..9e957fa 100644 @@ -1512,7 +1512,7 @@ null_login(unit) if (ret <= 0) { - filename = _PATH_UPAPFILE; + filename = PPP_PATH_UPAPFILE; addrs = NULL; - f = fopen(filename, "r"); + f = fopen(filename, "re"); @@ -43,7 +43,7 @@ index 4271af6..9e957fa 100644 @@ -1559,7 +1559,7 @@ get_pap_passwd(passwd) } - filename = _PATH_UPAPFILE; + filename = PPP_PATH_UPAPFILE; - f = fopen(filename, "r"); + f = fopen(filename, "re"); if (f == NULL) @@ -52,7 +52,7 @@ index 4271af6..9e957fa 100644 @@ -1597,7 +1597,7 @@ have_pap_secret(lacks_ipp) } - filename = _PATH_UPAPFILE; + filename = PPP_PATH_UPAPFILE; - f = fopen(filename, "r"); + f = fopen(filename, "re"); if (f == NULL) @@ -61,7 +61,7 @@ index 4271af6..9e957fa 100644 @@ -1642,7 +1642,7 @@ have_chap_secret(client, server, need_ip, lacks_ipp) } - filename = _PATH_CHAPFILE; + filename = PPP_PATH_CHAPFILE; - f = fopen(filename, "r"); + f = fopen(filename, "re"); if (f == NULL) @@ -70,7 +70,7 @@ index 4271af6..9e957fa 100644 @@ -1684,7 +1684,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp) struct wordlist *addrs; - filename = _PATH_SRPFILE; + filename = PPP_PATH_SRPFILE; - f = fopen(filename, "r"); + f = fopen(filename, "re"); if (f == NULL) @@ -86,7 +86,7 @@ index 4271af6..9e957fa 100644 error("Can't open chap secret file %s: %m", filename); return 0; @@ -1797,7 +1797,7 @@ get_srp_secret(unit, client, server, secret, am_server) - filename = _PATH_SRPFILE; + filename = PPP_PATH_SRPFILE; addrs = NULL; - fp = fopen(filename, "r"); @@ -108,7 +108,7 @@ index 45fa742..1d754ae 100644 --- a/pppd/options.c +++ b/pppd/options.c @@ -427,7 +427,7 @@ options_from_file(filename, must_exist, check_prot, priv) - option_error("unable to drop privileges to open %s: %m", filename); + ppp_option_error("unable to drop privileges to open %s: %m", filename); return 0; } - f = fopen(filename, "r"); @@ -139,5 +139,4 @@ index 72a7727..8a12fa0 100644 error("can't open routing table %s: %m", path); return 0; -- -1.8.3.1 - +1.8.3.1 \ No newline at end of file diff --git a/backport-ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch b/backport-ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch deleted file mode 100644 index c2c8cce..0000000 --- a/backport-ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch +++ /dev/null @@ -1,99 +0,0 @@ -diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux -index 6a4b897..8f29c1f 100644 ---- a/pppd/Makefile.linux -+++ b/pppd/Makefile.linux -@@ -12,6 +12,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@ - BINDIR = $(DESTDIR)/sbin - MANDIR = $(DESTDIR)/share/man/man8 - INCDIR = $(DESTDIR)/include -+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null) - - TARGETS = pppd - -@@ -93,7 +94,7 @@ INCLUDE_DIRS= -I../include - - COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe - --CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"' -+CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"' -DLIBDIR=\""$(LIBDIR)"\" - - ifdef CHAPMS - CFLAGS += -DCHAPMS=1 -diff --git a/pppd/pathnames.h b/pppd/pathnames.h -index 524d608..c7eadbb 100644 ---- a/pppd/pathnames.h -+++ b/pppd/pathnames.h -@@ -62,7 +62,7 @@ - - #ifdef PLUGIN - #ifdef __STDC__ --#define _PATH_PLUGIN DESTDIR "/lib/pppd/" VERSION -+#define _PATH_PLUGIN LIBDIR "/pppd/" VERSION - #else /* __STDC__ */ - #define _PATH_PLUGIN "/usr/lib/pppd" - #endif /* __STDC__ */ -diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux -index 6403e3d..f42d18c 100644 ---- a/pppd/plugins/Makefile.linux -+++ b/pppd/plugins/Makefile.linux -@@ -5,7 +5,7 @@ COPTS=@CFLAGS@ - DESTDIR = $(INSTROOT)@DESTDIR@ - BINDIR = $(DESTDIR)/sbin - MANDIR = $(DESTDIR)/share/man/man8 --LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION) -+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION) - - CFLAGS = $(COPTS) -I.. -I../../include -fPIC - LDFLAGS_SHARED = -shared -diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux -index d3a8086..c2aff0c 100644 ---- a/pppd/plugins/pppoatm/Makefile.linux -+++ b/pppd/plugins/pppoatm/Makefile.linux -@@ -4,7 +4,7 @@ CC=$(CROSS_COMPILE)@CC@ - COPTS=@CFLAGS@ - - DESTDIR = $(INSTROOT)@DESTDIR@ --LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION) -+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION) - - VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) - -diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux -index c415ce3..d3b7392 100644 ---- a/pppd/plugins/pppoe/Makefile.linux -+++ b/pppd/plugins/pppoe/Makefile.linux -@@ -18,7 +18,7 @@ COPTS=@CFLAGS@ - - DESTDIR = $(INSTROOT)@DESTDIR@ - BINDIR = $(DESTDIR)/sbin --LIBDIR = $(DESTDIR)/lib/pppd/$(PPPDVERSION) -+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION) - - PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) - -diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux -index 1aa1c0b..e4442f9 100644 ---- a/pppd/plugins/pppol2tp/Makefile.linux -+++ b/pppd/plugins/pppol2tp/Makefile.linux -@@ -4,7 +4,7 @@ CC=$(CROSS_COMPILE)@CC@ - COPTS=@CFLAGS@ - - DESTDIR = $(INSTROOT)/@DESTDIR@ --LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION) -+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION) - - VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) - -diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux -index 489aef2..d2ef044 100644 ---- a/pppd/plugins/radius/Makefile.linux -+++ b/pppd/plugins/radius/Makefile.linux -@@ -9,7 +9,7 @@ COPTS=@CFLAGS@ - - DESTDIR = $(INSTROOT)@DESTDIR@ - MANDIR = $(DESTDIR)/share/man/man8 --LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION) -+LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION) - - VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) - diff --git a/backport-ppp-2.4.9-config.patch b/backport-ppp-2.4.9-config.patch deleted file mode 100644 index fc7c781..0000000 --- a/backport-ppp-2.4.9-config.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux -index e77373e..07df6a7 100644 ---- a/pppd/Makefile.linux -+++ b/pppd/Makefile.linux -@@ -68,14 +68,14 @@ USE_TDB=y - #SYSTEMD=y - - HAS_SHADOW=y --#USE_PAM=y -+USE_PAM=y - HAVE_INET6=y - - # Enable plugins - PLUGIN=y - - # Enable Microsoft proprietary Callback Control Protocol --#CBCP=y -+CBCP=y - - # Enable EAP SRP-SHA1 authentication (requires libsrp) - #USE_SRP=y diff --git a/backport-ppp-2.4.9-configure-cflags-allow-commas.patch b/backport-ppp-2.4.9-configure-cflags-allow-commas.patch deleted file mode 100644 index 5a4ef98..0000000 --- a/backport-ppp-2.4.9-configure-cflags-allow-commas.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff --git a/configure b/configure -index f977663..c7031c2 100755 ---- a/configure -+++ b/configure -@@ -121,9 +121,9 @@ mkmkf() { - rm -f $2 - if [ -f $1 ]; then - echo " $2 <= $1" -- sed -e "s,@DESTDIR@,$DESTDIR,g" -e "s,@SYSCONF@,$SYSCONF,g" \ -- -e "s,@CROSS_COMPILE@,$CROSS_COMPILE,g" -e "s,@CC@,$CC,g" \ -- -e "s,@CFLAGS@,$CFLAGS,g" $1 >$2 -+ sed -e "s|@DESTDIR@|$DESTDIR|g" -e "s|@SYSCONF@|$SYSCONF|g" \ -+ -e "s|@CROSS_COMPILE@|$CROSS_COMPILE|g" -e "s|@CC@|$CC|g" \ -+ -e "s|@CFLAGS@|$CFLAGS|g" $1 >$2 - fi - } - diff --git a/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch b/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch index 84a3bdb..3ce25d2 100644 --- a/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch +++ b/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch @@ -34,26 +34,26 @@ index 6d50d1b..4880377 100644 die(0); /* Make sure fds 0, 1, 2 are open to somewhere. */ -- fd_devnull = open(_PATH_DEVNULL, O_RDWR); -+ fd_devnull = open(_PATH_DEVNULL, O_RDWR | O_CLOEXEC); +- fd_devnull = open(PPP_DEVNULL, O_RDWR); ++ fd_devnull = open(PPP_DEVNULL, O_RDWR | O_CLOEXEC); if (fd_devnull < 0) - fatal("Couldn't open %s: %m", _PATH_DEVNULL); + fatal("Couldn't open %s: %m", PPP_DEVNULL); while (fd_devnull <= 2) { @@ -1679,7 +1679,7 @@ device_script(program, in, out, dont_wait) if (log_to_fd >= 0) errfd = log_to_fd; else -- errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0644); -+ errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC, 0644); +- errfd = open(PPP_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0644); ++ errfd = open(PPP_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC, 0644); ++conn_running; - pid = safe_fork(in, out, errfd); + pid = ppp_safe_fork(in, out, errfd); diff --git a/pppd/options.c b/pppd/options.c index 1d754ae..8e62635 100644 --- a/pppd/options.c +++ b/pppd/options.c @@ -1544,9 +1544,9 @@ setlogfile(argv) - option_error("unable to drop permissions to open %s: %m", *argv); + ppp_option_error("unable to drop permissions to open %s: %m", *argv); return 0; } - fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644); @@ -160,8 +160,8 @@ index 8a12fa0..00a2cf5 100644 - sfd = open(pty_name, O_RDWR | O_NOCTTY, 0); + sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC, 0); if (sfd >= 0) { - fchown(sfd, uid, -1); - fchmod(sfd, S_IRUSR | S_IWUSR); + ret = fchown(sfd, uid, -1); + if (ret != 0) { diff --git a/pppd/tdb.c b/pppd/tdb.c index bdc5828..c7ab71c 100644 --- a/pppd/tdb.c @@ -189,7 +189,7 @@ index d571b11..bc96695 100644 --- a/pppd/tty.c +++ b/pppd/tty.c @@ -569,7 +569,7 @@ int connect_tty() - status = EXIT_OPEN_FAILED; + ppp_set_status(EXIT_OPEN_FAILED); goto errret; } - real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0); @@ -211,7 +211,7 @@ index 29bf970..6051b9a 100644 --- a/pppd/utils.c +++ b/pppd/utils.c @@ -918,14 +918,14 @@ lock(dev) - slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", LOCK_DIR, dev); + slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", PPP_PATH_LOCKDIR, dev); #endif - while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) { @@ -237,5 +237,4 @@ index 29bf970..6051b9a 100644 error("Couldn't reopen lock file %s: %m", lock_file); lock_file[0] = 0; -- -1.8.3.1 - +1.8.3.1 \ No newline at end of file diff --git a/backport-ppp-2.5.0-use-change-resolv-function.patch b/backport-ppp-2.5.0-use-change-resolv-function.patch new file mode 100644 index 0000000..30a07fe --- /dev/null +++ b/backport-ppp-2.5.0-use-change-resolv-function.patch @@ -0,0 +1,51 @@ +diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add +index b93590e..8889cb6 100644 +--- a/scripts/ip-down.local.add ++++ b/scripts/ip-down.local.add +@@ -9,12 +9,13 @@ + # + # Nick Walker (nickwalker@email.com) + # ++. /etc/sysconfig/network-scripts/network-functions + + if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then + if [ -f /etc/ppp/resolv.prev ]; then +- cp -f /etc/ppp/resolv.prev /etc/resolv.conf ++ change_resolv_conf /etc/ppp/resolv.prev + else +- rm -f /etc/resolv.conf ++ change_resolv_conf + fi + fi + +diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add +index 8017209..5ced496 100644 +--- a/scripts/ip-up.local.add ++++ b/scripts/ip-up.local.add +@@ -9,16 +9,22 @@ + # + # Nick Walker (nickwalker@email.com) + # ++. /etc/sysconfig/network-scripts/network-functions + + if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then + rm -f /etc/ppp/resolv.prev + if [ -f /etc/resolv.conf ]; then + cp /etc/resolv.conf /etc/ppp/resolv.prev +- grep domain /etc/ppp/resolv.prev > /etc/resolv.conf +- grep search /etc/ppp/resolv.prev >> /etc/resolv.conf +- cat /etc/ppp/resolv.conf >> /etc/resolv.conf ++ rscf=/etc/ppp/resolv.new ++ grep domain /etc/ppp/resolv.prev > $rscf ++ grep search /etc/ppp/resolv.prev >> $rscf ++ if [ -f /etc/ppp/resolv.conf ]; then ++ cat /etc/ppp/resolv.conf >> $rscf ++ fi ++ change_resolv_conf $rscf ++ rm -f $rscf + else +- cp /etc/ppp/resolv.conf /etc ++ change_resolv_conf /etc/ppp/resolv.conf + fi + fi + diff --git a/backport-pppd-Negotiate-IP-address-when-only-peer-addresses-are-provided.patch b/backport-pppd-Negotiate-IP-address-when-only-peer-addresses-are-provided.patch deleted file mode 100644 index adc1ca3..0000000 --- a/backport-pppd-Negotiate-IP-address-when-only-peer-addresses-are-provided.patch +++ /dev/null @@ -1,86 +0,0 @@ -From a2094eba2406392a7bb69b436155e2d08ea555e8 Mon Sep 17 00:00:00 2001 -From: pali <7141871+pali@users.noreply.github.com> -Date: Tue, 26 Jan 2021 03:55:25 +0100 -Subject: [PATCH] pppd: Negotiate IP address when only peer addresses are - provided (#236) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This fixes special case when both ppp ends are configured to send only IP -address of other side and do not send its own IP address. Such setup is -correct because both ends can exchange its IP addresses and therefore they -have full information, they known both local and remote address. - -This issue can be triggered by calling pppd with arguments: - - ./pppd debug local noauth nolock nodetach asyncmap 0 default-asyncmap novj noaccomp nopcomp nodeflate nobsdcomp nomagic noipv6 noipdefault nosendip :10.0.0.1 pty "./pppd debug local noauth nolock nodetach asyncmap 0 default-asyncmap novj noaccomp nopcomp nodeflate nobsdcomp nomagic noipv6 nosendip nodefaultroute :10.0.0.2 notty" - -Without this patch IP addresses are not exchanges at all and pppd fails: - - rcvd [LCP ConfReq id=0x1] - sent [LCP ConfReq id=0x1] - sent [LCP ConfAck id=0x1] - rcvd [LCP ConfAck id=0x1] - sent [LCP EchoReq id=0x0 magic=0x0] - sent [IPCP ConfReq id=0x1] - rcvd [LCP EchoReq id=0x0 magic=0x0] - sent [LCP EchoRep id=0x0 magic=0x0] - rcvd [IPCP ConfReq id=0x1] - sent [IPCP ConfAck id=0x1] - rcvd [LCP EchoRep id=0x0 magic=0x0] - rcvd [IPCP ConfAck id=0x1] - Could not determine local IP address - -After applying this patch exchanging of IP addresses is working fine: - - rcvd [LCP ConfReq id=0x1] - sent [LCP ConfReq id=0x1] - sent [LCP ConfAck id=0x1] - rcvd [LCP ConfAck id=0x1] - sent [LCP EchoReq id=0x0 magic=0x0] - sent [IPCP ConfReq id=0x1] - rcvd [LCP EchoReq id=0x0 magic=0x0] - sent [LCP EchoRep id=0x0 magic=0x0] - rcvd [IPCP ConfReq id=0x1] - sent [IPCP ConfNak id=0x1 ] - rcvd [LCP EchoRep id=0x0 magic=0x0] - rcvd [IPCP ConfNak id=0x1 ] - sent [IPCP ConfReq id=0x2 ] - rcvd [IPCP ConfReq id=0x2 ] - sent [IPCP ConfAck id=0x2 ] - rcvd [IPCP ConfAck id=0x2 ] - local IP address 10.0.0.2 - remote IP address 10.0.0.1 - -Signed-off-by: Pali Rohár ---- - pppd/ipcp.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/pppd/ipcp.c b/pppd/ipcp.c -index fcf17b1e..d17dbd28 100644 ---- a/pppd/ipcp.c -+++ b/pppd/ipcp.c -@@ -678,8 +678,9 @@ ipcp_resetci(fsm *f) - ipcp_options *go = &ipcp_gotoptions[f->unit]; - ipcp_options *ao = &ipcp_allowoptions[f->unit]; - -- wo->req_addr = (wo->neg_addr || wo->old_addrs) && -- (ao->neg_addr || ao->old_addrs); -+ wo->req_addr = ((wo->neg_addr || wo->old_addrs) && -+ (ao->neg_addr || ao->old_addrs)) || -+ (wo->hisaddr && !wo->accept_remote); - if (wo->ouraddr == 0) - wo->accept_local = 1; - if (wo->hisaddr == 0) -@@ -1648,7 +1649,8 @@ ipcp_reqci(fsm *f, u_char *inp, int *len, int reject_if_disagree) - * option safely. - */ - if (rc != CONFREJ && !ho->neg_addr && !ho->old_addrs && -- wo->req_addr && !reject_if_disagree && !noremoteip) { -+ wo->req_addr && !reject_if_disagree && -+ ((wo->hisaddr && !wo->accept_remote) || !noremoteip)) { - if (rc == CONFACK) { - rc = CONFNAK; - ucp = inp; /* reset pointer */ diff --git a/ppp-2.4.9.tar.gz b/ppp-2.4.9.tar.gz deleted file mode 100644 index 70d0ab3..0000000 Binary files a/ppp-2.4.9.tar.gz and /dev/null differ diff --git a/ppp-2.5.0.tar.gz b/ppp-2.5.0.tar.gz new file mode 100644 index 0000000..4fceb7a Binary files /dev/null and b/ppp-2.5.0.tar.gz differ diff --git a/ppp-tmpfiles.conf b/ppp-tmpfiles.conf index a07719c..1097cbe 100644 --- a/ppp-tmpfiles.conf +++ b/ppp-tmpfiles.conf @@ -1,2 +1 @@ d /run/ppp 0755 root root -d /run/lock/ppp 0755 root root diff --git a/ppp.spec b/ppp.spec index c4f6602..bb8172c 100644 --- a/ppp.spec +++ b/ppp.spec @@ -1,6 +1,6 @@ Name: ppp -Version: 2.4.9 -Release: 5 +Version: 2.5.0 +Release: 1 Summary: The Point-to-Point Protocol License: BSD and LGPLv2+ and GPLv2+ and Public Domain @@ -20,6 +20,7 @@ Source11: ppp-logrotate.conf Source12: ppp-tmpfiles.conf BuildRequires: gcc glib2-devel libpcap-devel openssl-devel pam-devel systemd systemd-devel +BuildRequires: autoconf automake libtool make Requires: libpcap >= 14:0.8.3-6 glibc >= 2.0.6 systemd /etc/pam.d/system-auth network-scripts Supplements: (network-scripts) Requires(pre): /usr/bin/getent @@ -27,26 +28,11 @@ Requires(pre): /usr/sbin/groupadd Provides: network-scripts-ppp Obsoletes: network-scripts-ppp -Patch0001: backport-ppp-2.4.9-config.patch Patch0002: backport-0004-doc-add-configuration-samples.patch -Patch0003: backport-ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch -Patch0004: backport-0006-scritps-use-change_resolv_conf-function.patch -Patch0005: backport-0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch +Patch0004: backport-ppp-2.5.0-use-change-resolv-function.patch Patch0006: backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch Patch0007: backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch Patch0008: backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch -Patch0009: backport-0015-pppd-move-pppd-database-to-var-run-ppp.patch -Patch0010: backport-0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch -Patch0011: backport-0018-scritps-fix-ip-up.local-sample.patch -Patch0012: backport-0020-pppd-put-lock-files-in-var-lock-ppp.patch -Patch0013: backport-0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch -Patch0014: backport-0024-build-sys-install-pppoatm-plugin-files-with-standard.patch -Patch0015: backport-ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch -Patch0016: backport-ppp-2.4.9-configure-cflags-allow-commas.patch -Patch0017: backport-0027-Set-LIBDIR-for-RISCV.patch -Patch0018: backport-pppd-Negotiate-IP-address-when-only-peer-addresses-are-provided.patch -Patch0019: backport-CVE-2022-4603.patch -Patch0020: add-fclose-operation-to-fix-file-pointer-not-closed.patch %description The Point-to-Point Protocol (PPP) provides a standard way to establish @@ -57,6 +43,7 @@ and UDP. The Linux port of this package also has support for IPX. %package devel Summary: Development environment for %{name} Requires: %{name} = %{version}-%{release} +Requires: pkgconf-pkg-config %description devel The %{name}-devel package contains libraries and header files for @@ -80,12 +67,14 @@ cp %{SOURCE8} network-scripts cp %{SOURCE9} network-scripts %build -%configure --cflags="$RPM_OPT_FLAGS -fPIC -Wall -fno-strict-aliasing" -%{make_build} LDFLAGS="%{?build_ldflags} -pie" -%{make_build} -C ppp-watch LDFLAGS="%{?build_ldflags} -pie" +autoreconf -fi +export CFLAGS="%{build_cflags} -fno-strict-aliasing" +%configure --enable-systemd --enable-cbcp --with-pam +%make_build +%make_build -C ppp-watch LDFLAGS="%{?build_ldflags} -pie" %install -make install INSTROOT=$RPM_BUILD_ROOT install-etcppp +%make_install find scripts -type f | xargs chmod a-x make install ROOT=$RPM_BUILD_ROOT -C ppp-watch mkdir -p %{buildroot}%{_sysconfdir}/ppp @@ -105,9 +94,10 @@ install -m 644 %{SOURCE10} %{buildroot}%{_sysconfdir}/pam.d/ppp install -m 644 -p %{SOURCE11} %{buildroot}%{_sysconfdir}/logrotate.d/ppp install -m 644 -p %{SOURCE12} %{buildroot}%{_prefix}/lib/tmpfiles.d/ppp.conf +%delete_la + #ghosts mkdir -p %{buildroot}%{_rundir}/ppp -mkdir -p %{buildroot}%{_rundir}/lock/ppp %pre /usr/bin/getent group dip >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 40 dip >/dev/null 2>&1 || : @@ -118,6 +108,7 @@ mkdir -p %{buildroot}%{_rundir}/lock/ppp %doc README scripts sample %{_sysconfdir}/ppp/ip* %{_sysconfdir}/sysconfig/network-scripts/if*-ppp +%{_sysconfdir}/ppp/openssl.cnf %config(noreplace) %{_sysconfdir}/%{name}/chap-secrets %config(noreplace) %{_sysconfdir}/%{name}/eaptls-client %config(noreplace) %{_sysconfdir}/%{name}/eaptls-server @@ -130,11 +121,11 @@ mkdir -p %{buildroot}%{_rundir}/lock/ppp %{_sbindir}/chat %{_sbindir}/ppp* %ghost %dir %{_rundir}/ppp -%ghost %dir %{_rundir}/lock/ppp %attr(700, root, root) %dir %{_localstatedir}/log/ppp %files devel %{_includedir}/pppd/*.h +%{_libdir}/pkgconfig/pppd.pc %files help %doc FAQ README.cbcp README.eap-tls README.linux README.MPPE @@ -142,6 +133,12 @@ mkdir -p %{buildroot}%{_rundir}/lock/ppp %{_mandir}/man8/*.8.gz %changelog +* Mon Jul 24 2023 gaihuiying - 2.5.0-1 +- Type:requirement +- ID:NA +- SUG:NA +- DESC:update ppp version from 2.4.9 to 2.5.0 + * Fri Mar 10 2023 xingwei - 2.4.9-5 - Type:bufix - ID:NA