update ppp version from 2.4.9 to 2.5.0

2023-07-24 10:14:39 +08:00 · 2023-07-24 10:14:39 +08:00 · 5c3cfd462f
commit 5c3cfd462f
parent aff479b12f
24 changed files with 99 additions and 972 deletions
--- a/add-fclose-operation-to-fix-file-pointer-not-closed.patch
+++ b/add-fclose-operation-to-fix-file-pointer-not-closed.patch
@ -1,77 +0,0 @@
 From 894fd6a7ba225936f7711ef9a9413bba65f83b92 Mon Sep 17 00:00:00 2001
 From: Wei Xing <skyxwwalker@gmail.com>
 Date: Thu, 2 Mar 2023 21:07:10 +0800
 Subject: [PATCH] Add fclose operation to fix file pointer not closed after use
 Signed-off-by: Wei Xing <skyxwwalker@gmail.com>
 ---
 pppd/plugins/radius/clientid.c | 2 ++
 pppd/plugins/radius/config.c   | 6 ++++++
 2 files changed, 8 insertions(+)
 diff --git a/pppd/plugins/radius/clientid.c b/pppd/plugins/radius/clientid.c
 index b1bbc47..eea5165 100644
 --- a/pppd/plugins/radius/clientid.c
 +++ b/pppd/plugins/radius/clientid.c
@@ -68,6 +68,7 @@ int rc_read_mapfile(char *filename)
 			if ((p = (struct map2id_s *)malloc(sizeof(*p))) == NULL) {
 				novm("rc_read_mapfile");
 +				fclose(mapfd);
 				return (-1);
 			}
@@ -79,6 +80,7 @@ int rc_read_mapfile(char *filename)
 		} else {
 			error("rc_read_mapfile: malformed line in %s, line %d", filename, lnr);
 +			fclose(mapfd);
 			return (-1);
 		}
 diff --git a/pppd/plugins/radius/config.c b/pppd/plugins/radius/config.c
 index 47c172c..39744fc 100644
 --- a/pppd/plugins/radius/config.c
 +++ b/pppd/plugins/radius/config.c
@@ -212,6 +212,7 @@ int rc_read_config(char *filename)
 		if ((pos = strcspn(p, "\t ")) == 0) {
 			error("%s: line %d: bogus format: %s", filename, line, p);
 +			fclose(configfd);
 			return (-1);
 		}
@@ -224,6 +225,7 @@ int rc_read_config(char *filename)
 		if (option->status != ST_UNDEF) {
 			error("%s: line %d: duplicate option line: %s", filename, line, p);
 +			fclose(configfd);
 			return (-1);
 		}
@@ -234,18 +236,22 @@ int rc_read_config(char *filename)
 		switch (option->type) {
 			case OT_STR:
 				 if (set_option_str(filename, line, option, p) < 0)
 +					fclose(configfd);
 					return (-1);
 				break;
 			case OT_INT:
 				 if (set_option_int(filename, line, option, p) < 0)
 +					fclose(configfd);
 					return (-1);
 				break;
 			case OT_SRV:
 				 if (set_option_srv(filename, line, option, p) < 0)
 +					fclose(configfd);
 					return (-1);
 				break;
 			case OT_AUO:
 				 if (set_option_auo(filename, line, option, p) < 0)
 +					fclose(configfd);
 					return (-1);
 				break;
 			default:
 -- 
 2.33.0
--- a/backport-0006-scritps-use-change_resolv_conf-function.patch
+++ b/backport-0006-scritps-use-change_resolv_conf-function.patch
@ -1,85 +0,0 @@
 From 01419dfb684d501b57f1c24dcfdbcf9da93ccca2 Mon Sep 17 00:00:00 2001
 From: Michal Sekletar <msekleta@redhat.com>
 Date: Fri, 4 Apr 2014 18:12:47 +0200
 Subject: [PATCH 06/27] scritps: use change_resolv_conf function
 Don't handle /etc/resolv.conf manually, but use a helper function from
 initscripts. Also change path where we save DNS servers supplied by peer while
 we are at it.
 Resolves: #132482
 ---
 pppd/pppd.8               |  2 +-
 scripts/ip-down.local.add |  9 +++++----
 scripts/ip-up.local.add   | 17 ++++++++++-------
 3 files changed, 16 insertions(+), 12 deletions(-)
 diff --git a/pppd/pppd.8 b/pppd/pppd.8
 index e2768b1..2dd6e1a 100644
 --- a/pppd/pppd.8
 +++ b/pppd/pppd.8
@@ -1099,7 +1099,7 @@ Ask the peer for up to 2 DNS server addresses.  The addresses supplied
 by the peer (if any) are passed to the /etc/ppp/ip\-up script in the
 environment variables DNS1 and DNS2, and the environment variable
 USEPEERDNS will be set to 1.  In addition, pppd will create an
 -/etc/ppp/resolv.conf file containing one or two nameserver lines with
 +/var/run/ppp/resolv.conf file containing one or two nameserver lines with
 the address(es) supplied by the peer.
 .TP
 .B user \fIname
 diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add
 index b93590e..163f71e 100644
 --- a/scripts/ip-down.local.add
 +++ b/scripts/ip-down.local.add
@@ -9,12 +9,13 @@
 #
 # Nick Walker (nickwalker@email.com)
 #
 +. /etc/sysconfig/network-scripts/network-functions
 -if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
 -	if [ -f /etc/ppp/resolv.prev ]; then
 -		cp -f /etc/ppp/resolv.prev /etc/resolv.conf
 +if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
 +	if [ -f /var/run/ppp/resolv.prev ]; then
 +		change_resolv_conf /var/run/ppp/resolv.prev
 	else
 -		rm -f /etc/resolv.conf
 +		change_resolv_conf
 	fi
 fi
 diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
 index 8017209..26cf5f8 100644
 --- a/scripts/ip-up.local.add
 +++ b/scripts/ip-up.local.add
@@ -9,16 +9,19 @@
 #
 # Nick Walker (nickwalker@email.com)
 #
 +. /etc/sysconfig/network-scripts/network-functions
 -if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
 -	rm -f /etc/ppp/resolv.prev
 +if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
 +	rm -f /var/run/ppp/resolv.prev
 	if [ -f /etc/resolv.conf ]; then
 -		cp /etc/resolv.conf /etc/ppp/resolv.prev
 -		grep domain /etc/ppp/resolv.prev > /etc/resolv.conf
 -		grep search /etc/ppp/resolv.prev >> /etc/resolv.conf
 -		cat /etc/ppp/resolv.conf >> /etc/resolv.conf
 +		cp /etc/resolv.conf /var/run/ppp/resolv.prev
 +		rscf=/var/run/ppp/resolv.new
 +		grep domain /var/run/ppp/resolv.prev > $rscf
 +		grep search /var/run/ppp/resolv.prev >> $rscf
 +		change_resolv_conf $rscf
 +		rm -f $rscf
 	else
 -		cp /etc/ppp/resolv.conf /etc
 +		change_resolv_conf /var/run/ppp/resolv.conf
 	fi
 fi
 -- 
 1.8.3.1
--- a/backport-0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch
+++ b/backport-0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch
@ -1,77 +0,0 @@
 From b4ef433be936c90e356da7a590b032cdee219a3f Mon Sep 17 00:00:00 2001
 From: Michal Sekletar <msekleta@redhat.com>
 Date: Fri, 4 Apr 2014 19:06:05 +0200
 Subject: [PATCH 11/27] build-sys: don't put connect-errors log to /etc/ppp/
 Resolves: #118837
 ---
 chat/chat.8        | 2 +-
 linux/Makefile.top | 8 +++++++-
 pppd/pathnames.h   | 4 ++--
 3 files changed, 10 insertions(+), 4 deletions(-)
 diff --git a/chat/chat.8 b/chat/chat.8
 index 6d10836..78d6939 100644
 --- a/chat/chat.8
 +++ b/chat/chat.8
@@ -200,7 +200,7 @@ The \fBSAY\fR directive allows the script to send strings to the user
 at the terminal via standard error.  If \fBchat\fR is being run by
 pppd, and pppd is running as a daemon (detached from its controlling
 terminal), standard error will normally be redirected to the file
 -/etc/ppp/connect\-errors.
 +/var/log/ppp/connect\-errors.
 .LP
 \fBSAY\fR strings must be enclosed in single or double quotes. If
 carriage return and line feed are needed in the string to be output,
 diff --git a/linux/Makefile.top b/linux/Makefile.top
 index f63d45e..f42efd5 100644
 --- a/linux/Makefile.top
 +++ b/linux/Makefile.top
@@ -5,6 +5,8 @@ BINDIR = $(DESTDIR)/sbin
 INCDIR = $(DESTDIR)/include
 MANDIR = $(DESTDIR)/share/man
 ETCDIR = $(INSTROOT)@SYSCONF@/ppp
 +RUNDIR = $(DESTDIR)/var/run/ppp
 +LOGDIR = $(DESTDIR)/var/log/ppp
 # uid 0 = root
 INSTALL= install
@@ -16,7 +18,7 @@ all:
 	cd pppstats; $(MAKE) $(MFLAGS) all
 	cd pppdump; $(MAKE) $(MFLAGS) all
 -install: $(BINDIR) $(MANDIR)/man8 install-progs install-devel
 +install: $(BINDIR) $(RUNDIR) $(LOGDIR) $(MANDIR)/man8 install-progs install-devel
 install-progs:
 	cd chat; $(MAKE) $(MFLAGS) install
@@ -44,6 +46,10 @@ $(MANDIR)/man8:
 	$(INSTALL) -d -m 755 $@
 $(ETCDIR):
 	$(INSTALL) -d -m 755 $@
 +$(RUNDIR):
 +	$(INSTALL) -d -m 755 $@
 +$(LOGDIR):
 +	$(INSTALL) -d -m 755 $@
 clean:
 	rm -f `find . -name '*.[oas]' -print`
 diff --git a/pppd/pathnames.h b/pppd/pathnames.h
 index a427cb8..bef3160 100644
 --- a/pppd/pathnames.h
 +++ b/pppd/pathnames.h
@@ -28,9 +28,9 @@
 #define _PATH_AUTHUP	 _ROOT_PATH "/etc/ppp/auth-up"
 #define _PATH_AUTHDOWN	 _ROOT_PATH "/etc/ppp/auth-down"
 #define _PATH_TTYOPT	 _ROOT_PATH "/etc/ppp/options."
 -#define _PATH_CONNERRS	 _ROOT_PATH "/etc/ppp/connect-errors"
 +#define _PATH_CONNERRS	 _ROOT_PATH "/var/log/ppp/connect-errors"
 #define _PATH_PEERFILES	 _ROOT_PATH "/etc/ppp/peers/"
 -#define _PATH_RESOLV	 _ROOT_PATH "/etc/ppp/resolv.conf"
 +#define _PATH_RESOLV	 _ROOT_PATH "/var/run/ppp/resolv.conf"
 #define _PATH_USEROPT	 ".ppprc"
 #define	_PATH_PSEUDONYM	 ".ppp_pseudonym"
 -- 
 1.8.3.1
--- a/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch
+++ b/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch
@ -36,20 +36,7 @@ index a7e3400..e64a778 100644
 +		fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
 		if (fd >= 0) {
 			memset (&ifr, '\0', sizeof (ifr));
- 			strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+ 			ppp_get_ifname(ifr.ifr_name, sizeof(ifr.ifr_name));
 diff --git a/pppd/plugins/pppoe/if.c b/pppd/plugins/pppoe/if.c
 index 91e9a57..72aba41 100644
 --- a/pppd/plugins/pppoe/if.c
 +++ b/pppd/plugins/pppoe/if.c
@@ -116,7 +116,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
     stype = SOCK_PACKET;
 #endif
 -    if ((fd = socket(domain, stype, htons(type))) < 0) {
 +    if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) {
 	/* Give a more helpful message for the common error case */
 	if (errno == EPERM) {
 	    fatal("Cannot create raw socket -- pppoe must be run as root.");
 diff --git a/pppd/plugins/pppoe/plugin.c b/pppd/plugins/pppoe/plugin.c
 index a8c2bb4..24bdf8f 100644
 --- a/pppd/plugins/pppoe/plugin.c
@ -64,7 +51,7 @@ index a8c2bb4..24bdf8f 100644
 	error("Failed to create PPPoE socket: %m");
 	return -1;
@@ -148,7 +148,7 @@ PPPOEConnectDevice(void)
-     lcp_wantoptions[0].mru = conn->mru;
+     lcp_wantoptions[0].mru = conn->mru = conn->storedmru;
     /* Update maximum MRU */
 -    s = socket(AF_INET, SOCK_DGRAM, 0);
@ -83,8 +70,8 @@ index a8c2bb4..24bdf8f 100644
 diff --git a/pppd/plugins/pppoe/pppoe-discovery.c b/pppd/plugins/pppoe/pppoe-discovery.c
 index 3d3bf4e..c0d927d 100644
--- a/pppd/plugins/pppoe/pppoe-discovery.c
+--- a/pppd/plugins/pppoe/if.c
-+++ b/pppd/plugins/pppoe/pppoe-discovery.c
+++ b/pppd/plugins/pppoe/if.c
@@ -121,7 +121,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr)
     stype = SOCK_PACKET;
 #endif
@ -107,7 +94,7 @@ index 00a2cf5..0690019 100644
     if (sock_fd < 0)
 	fatal("Couldn't create IP socket: %m(%d)", errno);
- #ifdef INET6
+ #ifdef PPP_WITH_IPV6CP
 -    sock6_fd = socket(AF_INET6, SOCK_DGRAM, 0);
 +    sock6_fd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
     if (sock6_fd < 0)
@ -146,4 +133,3 @@ index bc96695..8e76a5d 100644
 	return -1;
 -- 
 1.8.3.1
--- a/backport-0015-pppd-move-pppd-database-to-var-run-ppp.patch
+++ b/backport-0015-pppd-move-pppd-database-to-var-run-ppp.patch
@ -1,44 +0,0 @@
 From f2c855462ff56be4121409c7e048cd2503fe0ccf Mon Sep 17 00:00:00 2001
 From: Jiri Skala <jskala@fedoraproject.org>
 Date: Mon, 7 Apr 2014 14:26:20 +0200
 Subject: [PATCH 15/27] pppd: move pppd database to /var/run/ppp
 Resolves: #560014
 ---
 pppd/pathnames.h | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)
 diff --git a/pppd/pathnames.h b/pppd/pathnames.h
 index bef3160..24e010c 100644
 --- a/pppd/pathnames.h
 +++ b/pppd/pathnames.h
@@ -6,8 +6,9 @@
 #ifdef HAVE_PATHS_H
 #include <paths.h>
 -
 +#define _PPP_SUBDIR	"ppp/"
 #else /* HAVE_PATHS_H */
 +#define _PPP_SUBDIR
 #ifndef _PATH_VARRUN
 #define _PATH_VARRUN 	"/etc/ppp/"
 #endif
@@ -46,13 +47,9 @@
 #endif /* IPX_CHANGE */
 #ifdef __STDC__
 -#define _PATH_PPPDB	_ROOT_PATH _PATH_VARRUN "pppd2.tdb"
 +#define _PATH_PPPDB	_ROOT_PATH _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb"
 #else /* __STDC__ */
 -#ifdef HAVE_PATHS_H
 -#define _PATH_PPPDB	"/var/run/pppd2.tdb"
 -#else
 -#define _PATH_PPPDB	"/etc/ppp/pppd2.tdb"
 -#endif
 +#define _PATH_PPPDB	_PATH_VARRUN _PPP_SUBDIR "pppd2.tdb"
 #endif /* __STDC__ */
 #ifdef PLUGIN
 -- 
 1.8.3.1
--- a/backport-0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch
+++ b/backport-0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch
@ -1,115 +0,0 @@
 diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux
 index 3cd9101..9918091 100644
 --- a/pppd/plugins/pppoe/Makefile.linux
 +++ b/pppd/plugins/pppoe/Makefile.linux
@@ -16,6 +16,7 @@
 DESTDIR = $(INSTROOT)@DESTDIR@
 BINDIR = $(DESTDIR)/sbin
 +MANDIR = $(DESTDIR)/share/man/man8
 LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
 PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
@@ -46,6 +47,7 @@ install: all
 	$(LN_S) pppoe.so $(LIBDIR)/rp-pppoe.so
 	$(INSTALL) -d -m 755 $(BINDIR)
 	$(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
 +	$(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR)
 clean:
 	rm -f *.o *.so pppoe-discovery
 diff --git a/pppd/plugins/pppoe/pppoe-discovery.8 b/pppd/plugins/pppoe/pppoe-discovery.8
 new file mode 100644
 index 0000000..d0a93db
 --- /dev/null
 +++ b/pppd/plugins/pppoe/pppoe-discovery.8
@@ -0,0 +1,86 @@
 +.\" pppoe-discovery.8 written by
 +.\" Ben Hutchings <ben@decadentplace.org.uk>, based on pppoe.8.
 +.\" Licenced under the GPL version 2 or later.
 +.TH PPPOE-DISCOVERY 8
 +.SH NAME
 +pppoe\-discovery \- perform PPPoE discovery
 +.SH SYNOPSIS
 +.B pppoe\-discovery
 +[
 +.I options
 +]
 +.br
 +.BR pppoe\-discovery " { " \-V " | " \-h " }"
 +.SH DESCRIPTION
 +.LP
 +\fBpppoe\-discovery\fR performs the same discovery process as
 +\fBpppoe\fR, but does not initiate a session.
 +It sends a PADI packet and then prints the names of access
 +concentrators in each PADO packet it receives.
 +.SH OPTIONS
 +.TP
 +.BI \-I " interface"
 +.RS
 +The \fB\-I\fR option specifies the Ethernet interface to use.
 +Under Linux, it is typically eth0 or eth1.
 +The interface should be \(lqup\(rq before you start
 +\fBpppoe\-discovery\fR, but should \fInot\fR be configured to have an
 +IP address.
 +The default interface is eth0.
 +.RE
 +.TP
 +.BI \-D " file_name"
 +.RS
 +The \fB\-D\fR option causes every packet to be dumped to the specified
 +\fIfile_name\fR.
 +This is intended for debugging only.
 +.RE
 +.TP
 +.B \-U
 +.RS
 +Causes \fBpppoe\-discovery\fR to use the Host-Uniq tag in its discovery
 +packets.
 +This lets you run multiple instances of \fBpppoe\-discovery\fR and/or
 +\fBpppoe\fR without having their discovery packets interfere with one
 +another.
 +You must supply this option to \fIall\fR instances that you intend to
 +run simultaneously.
 +.RE
 +.TP
 +.BI \-S " service_name"
 +.RS
 +Specifies the desired service name.
 +\fBpppoe\-discovery\fR will only accept access concentrators which can
 +provide the specified service.
 +In most cases, you should \fInot\fR specify this option.
 +Use it only if you know that there are multiple access concentrators
 +or know that you need a specific service name.
 +.RE
 +.TP
 +.BI \-C " ac_name"
 +.RS
 +Specifies the desired access concentrator name.
 +\fBpppoe\-discovery\fR will only accept the specified access
 +concentrator.
 +In most cases, you should \fInot\fR specify this option.
 +Use it only if you know that there are multiple access concentrators.
 +If both the \fB\-S\fR and \fB\-C\fR options are specified, they must
 +\fIboth\fR match.
 +.RE
 +.TP
 +.B \-A
 +.RS
 +This option is accepted for compatibility with \fBpppoe\fR, but has no
 +effect.
 +.RE
 +.TP
 +.BR \-V " | " \-h
 +.RS
 +Either of these options causes \fBpppoe\-discovery\fR to print its
 +version number and usage information, then exit.
 +.RE
 +.SH AUTHORS
 +\fBpppoe\-discovery\fR was written by Marco d'Itri <md@linux.it>,
 +based on \fBpppoe\fR by David F. Skoll <dfs@roaringpenguin.com>.
 +.SH SEE ALSO
 +pppoe(8), pppoe-sniff(8)
 -- 
 1.8.3.1
--- a/backport-0018-scritps-fix-ip-up.local-sample.patch
+++ b/backport-0018-scritps-fix-ip-up.local-sample.patch
@ -1,27 +0,0 @@
 From 40960f91cdd06da387616ec838ae2599e7f01cee Mon Sep 17 00:00:00 2001
 From: Jiri Skala <jskala@fedoraproject.org>
 Date: Mon, 7 Apr 2014 15:24:01 +0200
 Subject: [PATCH 18/27] scritps: fix ip-up.local sample
 Resolves: #613717
 ---
 scripts/ip-up.local.add | 3 +++
 1 file changed, 3 insertions(+)
 diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
 index 26cf5f8..282337c 100644
 --- a/scripts/ip-up.local.add
 +++ b/scripts/ip-up.local.add
@@ -18,6 +18,9 @@ if [ -n "$USEPEERDNS" -a -f /var/run/ppp/resolv.conf ]; then
 		rscf=/var/run/ppp/resolv.new
 		grep domain /var/run/ppp/resolv.prev > $rscf
 		grep search /var/run/ppp/resolv.prev >> $rscf
 +		if [ -f /var/run/ppp/resolv.conf ]; then
 +			cat /var/run/ppp/resolv.conf >> $rscf
 +		fi
 		change_resolv_conf $rscf
 		rm -f $rscf
 	else
 -- 
 1.8.3.1
--- a/backport-0020-pppd-put-lock-files-in-var-lock-ppp.patch
+++ b/backport-0020-pppd-put-lock-files-in-var-lock-ppp.patch
@ -1,26 +0,0 @@
 From c5a5f795b1defcb6d168e79c4d1fc371dfc556ca Mon Sep 17 00:00:00 2001
 From: Jiri Skala <jskala@redhat.com>
 Date: Wed, 9 Apr 2014 09:29:50 +0200
 Subject: [PATCH 20/27] pppd: put lock files in /var/lock/ppp
 Resolves: #708260
 ---
 pppd/utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/pppd/utils.c b/pppd/utils.c
 index 6051b9a..8407492 100644
 --- a/pppd/utils.c
 +++ b/pppd/utils.c
@@ -846,7 +846,7 @@ complete_read(int fd, void *buf, size_t count)
 /* Procedures for locking the serial device using a lock file. */
 #ifndef LOCK_DIR
 #ifdef __linux__
 -#define LOCK_DIR	"/var/lock"
 +#define LOCK_DIR	"/var/lock/ppp"
 #else
 #ifdef SVR4
 #define LOCK_DIR	"/var/spool/locks"
 -- 
 1.8.3.1
--- a/backport-0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch
+++ b/backport-0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch
@ -1,20 +0,0 @@
 diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux
 index 2df887b..6cb8397 100644
 --- a/pppd/plugins/pppoe/Makefile.linux
 +++ b/pppd/plugins/pppoe/Makefile.linux
@@ -43,12 +43,12 @@ pppoe.so: plugin.o discovery.o if.o common.o
 install: all
 	$(INSTALL) -d -m 755 $(LIBDIR)
 -	$(INSTALL) -c -m 4550 pppoe.so $(LIBDIR)
 +	$(INSTALL) -c -m 755 pppoe.so $(LIBDIR)
 	# Symlink for backward compatibility
 	$(LN_S) pppoe.so $(LIBDIR)/rp-pppoe.so
 	$(INSTALL) -d -m 755 $(BINDIR)
 -	$(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
 -	$(INSTALL) -c -m 444 pppoe-discovery.8 $(MANDIR)
 +	$(INSTALL) -c -m 755 pppoe-discovery $(BINDIR)
 +	$(INSTALL) -c -m 644 pppoe-discovery.8 $(MANDIR)
 clean:
 	rm -f *.o *.so pppoe-discovery
--- a/backport-0024-build-sys-install-pppoatm-plugin-files-with-standard.patch
+++ b/backport-0024-build-sys-install-pppoatm-plugin-files-with-standard.patch
@ -1,26 +0,0 @@
 From 0fdb22ef3d3cc3b297372451d60bd6c61d047d27 Mon Sep 17 00:00:00 2001
 From: Michal Sekletar <msekleta@redhat.com>
 Date: Thu, 10 Apr 2014 10:08:41 +0200
 Subject: [PATCH 24/27] build-sys: install pppoatm plugin files with standard
 perms
 ---
 pppd/plugins/pppoatm/Makefile.linux | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
 index 769794b..4c5826f 100644
 --- a/pppd/plugins/pppoatm/Makefile.linux
 +++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -37,7 +37,7 @@ $(PLUGIN): $(PLUGIN_OBJS)
 install: all
 	$(INSTALL) -d -m 755 $(LIBDIR)
 -	$(INSTALL) -c -m 4550 $(PLUGIN) $(LIBDIR)
 +	$(INSTALL) -c -m 755 $(PLUGIN) $(LIBDIR)
 clean:
 	rm -f *.o *.so
 -- 
 1.8.3.1
--- a/backport-0027-Set-LIBDIR-for-RISCV.patch
+++ b/backport-0027-Set-LIBDIR-for-RISCV.patch
@ -1,110 +0,0 @@
 From 05cf58cd46b3c92e868d856931b0ee5d2bfc7d72 Mon Sep 17 00:00:00 2001
 From: whoisxxx <zhangxuzhou4@huawei.com>
 Date: Tue, 10 Nov 2020 02:47:11 +0000
 Subject: [PATCH] Set LIBDIR for riscv
 The LIBDIR is given by "$(CC) -print-os-multi-directory", which
 result in "../lib64" on X86/aarch64 host, and "./" on an openEuler
 RISC-V host. Here is a temproray apporach by hardcore it for
 an RISC-V host.
 Signed-off-by: whoisxxx <zhangxuzhou4@huawei.com>
 ---
 rebased-by: laokz <zhangkai@iscas.ac.cn>
 diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
 index 07df6a7..7dd3a1b 100644
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
@@ -12,7 +12,11 @@ DESTDIR = $(INSTROOT)@DESTDIR@
 BINDIR = $(DESTDIR)/sbin
 MANDIR = $(DESTDIR)/share/man/man8
 INCDIR = $(DESTDIR)/include
 +ifeq ($(filter riscv64%,$(MAKE_HOST)),)
 LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)
 +else
 +LIBDIR = $(DESTDIR)/lib64
 +endif
 TARGETS = pppd
 diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
 index f42d18c..958923f 100644
 --- a/pppd/plugins/Makefile.linux
 +++ b/pppd/plugins/Makefile.linux
@@ -5,7 +5,11 @@ COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)@DESTDIR@
 BINDIR = $(DESTDIR)/sbin
 MANDIR = $(DESTDIR)/share/man/man8
 +ifeq ($(filter riscv64%,$(MAKE_HOST)),)
 LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
 +else
 +LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION)
 +endif
 CFLAGS	= $(COPTS) -I.. -I../../include -fPIC
 LDFLAGS_SHARED	= -shared
 diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
 index 6387970..daaaa4e 100644
 --- a/pppd/plugins/pppoatm/Makefile.linux
 +++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -4,7 +4,11 @@ CC=$(CROSS_COMPILE)@CC@
 COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)@DESTDIR@
 +ifeq ($(filter riscv64%,$(MAKE_HOST)),)
 LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
 +else
 +LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION)
 +endif
 VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
 diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux
 index 6cb8397..af5f9fb 100644
 --- a/pppd/plugins/pppoe/Makefile.linux
 +++ b/pppd/plugins/pppoe/Makefile.linux
@@ -19,7 +19,11 @@ COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)@DESTDIR@
 BINDIR = $(DESTDIR)/sbin
 MANDIR = $(DESTDIR)/share/man/man8
 +ifeq ($(filter riscv64%,$(MAKE_HOST)),)
 LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
 +else
 +LIBDIR = $(DESTDIR)/lib64/pppd/$(PPPDVERSION)
 +endif
 PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
 diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
 index e4442f9..d9ae2ca 100644
 --- a/pppd/plugins/pppol2tp/Makefile.linux
 +++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -4,7 +4,11 @@ CC=$(CROSS_COMPILE)@CC@
 COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)/@DESTDIR@
 +ifeq ($(filter riscv64%,$(MAKE_HOST)),)
 LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
 +else
 +LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION)
 +endif
 VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
 diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
 index d2ef044..1ccc171 100644
 --- a/pppd/plugins/radius/Makefile.linux
 +++ b/pppd/plugins/radius/Makefile.linux
@@ -9,7 +9,11 @@ COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)@DESTDIR@
 MANDIR = $(DESTDIR)/share/man/man8
 +ifeq ($(filter riscv64%,$(MAKE_HOST)),)
 LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
 +else
 +LIBDIR = $(DESTDIR)/lib64/pppd/$(VERSION)
 +endif
 VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
--- a/backport-CVE-2022-4603.patch
+++ b/backport-CVE-2022-4603.patch
@ -1,45 +0,0 @@
 From a75fb7b198eed50d769c80c36629f38346882cbf Mon Sep 17 00:00:00 2001
 From: Paul Mackerras <paulus@ozlabs.org>
 Date: Thu, 4 Aug 2022 12:23:08 +1000
 Subject: [PATCH] pppdump: Avoid out-of-range access to packet buffer
 This fixes a potential vulnerability where data is written to spkt.buf
 and rpkt.buf without a check on the array index.  To fix this, we
 check the array index (pkt->cnt) before storing the byte or
 incrementing the count.  This also means we no longer have a potential
 signed integer overflow on the increment of pkt->cnt.
 Fortunately, pppdump is not used in the normal process of setting up a
 PPP connection, is not installed setuid-root, and is not invoked
 automatically in any scenario that I am aware of.
 Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
 ---
 pppdump/pppdump.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
 diff --git a/pppdump/pppdump.c b/pppdump/pppdump.c
 index 2b815fc9..b85a8627 100644
 --- a/pppdump/pppdump.c
 +++ b/pppdump/pppdump.c
@@ -297,6 +297,10 @@ dumpppp(f)
 			    printf("%s aborted packet:\n     ", dir);
 			    q = "    ";
 			}
 +			if (pkt->cnt >= sizeof(pkt->buf)) {
 +			    printf("%s over-long packet truncated:\n     ", dir);
 +			    q = "    ";
 +			}
 			nb = pkt->cnt;
 			p = pkt->buf;
 			pkt->cnt = 0;
@@ -400,7 +404,8 @@ dumpppp(f)
 			c ^= 0x20;
 			pkt->esc = 0;
 		    }
 -		    pkt->buf[pkt->cnt++] = c;
 +		    if (pkt->cnt < sizeof(pkt->buf))
 +			pkt->buf[pkt->cnt++] = c;
 		    break;
 		}
 	    }
--- a/backport-ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch
+++ b/backport-ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch
@ -1,29 +0,0 @@
 From ab8b06cdc1075abc67f77e7c3bb684e20071d614 Mon Sep 17 00:00:00 2001
 From: Michal Sekletar <msekleta@redhat.com>
 Date: Thu, 10 Apr 2014 10:09:41 +0200
 Subject: [PATCH 25/27] pppd: install pppd binary using standard perms (755)
 ---
 pppd/Makefile.linux | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
 index 0e8107f..534ccc2 100644
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
@@ -223,10 +223,10 @@ all: $(TARGETS)
 install: pppd
 	mkdir -p $(BINDIR) $(MANDIR)
 	$(EXTRAINSTALL)
 -	$(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
 +	$(INSTALL) -c -m 755 pppd $(BINDIR)/pppd
 	if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
 	  chmod o-rx,u+s $(BINDIR)/pppd; fi
 -	$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
 +	$(INSTALL) -c -m 644 pppd.8 $(MANDIR)
 pppd: $(PPPDOBJS)
 	$(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_PLUGIN) -o pppd $(PPPDOBJS) $(LIBS)
 -- 
 1.8.3.1
--- a/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch
+++ b/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch
@ -23,7 +23,7 @@ index 4271af6..9e957fa 100644
 	fatal("unable to regain privileges: %m");
     if (ufile == NULL) {
@@ -1413,7 +1413,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg)
-     filename = _PATH_UPAPFILE;
+     filename = PPP_PATH_UPAPFILE;
     addrs = opts = NULL;
     ret = UPAP_AUTHNAK;
 -    f = fopen(filename, "r");
@ -33,7 +33,7 @@ index 4271af6..9e957fa 100644
@@ -1512,7 +1512,7 @@ null_login(unit)
     if (ret <= 0) {
- 	filename = _PATH_UPAPFILE;
+ 	filename = PPP_PATH_UPAPFILE;
 	addrs = NULL;
 -	f = fopen(filename, "r");
 +	f = fopen(filename, "re");
@ -43,7 +43,7 @@ index 4271af6..9e957fa 100644
@@ -1559,7 +1559,7 @@ get_pap_passwd(passwd)
     }
-     filename = _PATH_UPAPFILE;
+     filename = PPP_PATH_UPAPFILE;
 -    f = fopen(filename, "r");
 +    f = fopen(filename, "re");
     if (f == NULL)
@ -52,7 +52,7 @@ index 4271af6..9e957fa 100644
@@ -1597,7 +1597,7 @@ have_pap_secret(lacks_ipp)
     }
-     filename = _PATH_UPAPFILE;
+     filename = PPP_PATH_UPAPFILE;
 -    f = fopen(filename, "r");
 +    f = fopen(filename, "re");
     if (f == NULL)
@ -61,7 +61,7 @@ index 4271af6..9e957fa 100644
@@ -1642,7 +1642,7 @@ have_chap_secret(client, server, need_ip, lacks_ipp)
     }
-     filename = _PATH_CHAPFILE;
+     filename = PPP_PATH_CHAPFILE;
 -    f = fopen(filename, "r");
 +    f = fopen(filename, "re");
     if (f == NULL)
@ -70,7 +70,7 @@ index 4271af6..9e957fa 100644
@@ -1684,7 +1684,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp)
     struct wordlist *addrs;
-     filename = _PATH_SRPFILE;
+     filename = PPP_PATH_SRPFILE;
 -    f = fopen(filename, "r");
 +    f = fopen(filename, "re");
     if (f == NULL)
@ -86,7 +86,7 @@ index 4271af6..9e957fa 100644
 	    error("Can't open chap secret file %s: %m", filename);
 	    return 0;
@@ -1797,7 +1797,7 @@ get_srp_secret(unit, client, server, secret, am_server)
- 	filename = _PATH_SRPFILE;
+ 	filename = PPP_PATH_SRPFILE;
 	addrs = NULL;
 -	fp = fopen(filename, "r");
@ -108,7 +108,7 @@ index 45fa742..1d754ae 100644
 --- a/pppd/options.c
 +++ b/pppd/options.c
@@ -427,7 +427,7 @@ options_from_file(filename, must_exist, check_prot, priv)
- 	option_error("unable to drop privileges to open %s: %m", filename);
+ 	ppp_option_error("unable to drop privileges to open %s: %m", filename);
 	return 0;
     }
 -    f = fopen(filename, "r");
@ -140,4 +140,3 @@ index 72a7727..8a12fa0 100644
 	return 0;
 -- 
 1.8.3.1
--- a/backport-ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch
+++ b/backport-ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch
@ -1,99 +0,0 @@
 diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
 index 6a4b897..8f29c1f 100644
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
@@ -12,6 +12,7 @@ DESTDIR = $(INSTROOT)@DESTDIR@
 BINDIR = $(DESTDIR)/sbin
 MANDIR = $(DESTDIR)/share/man/man8
 INCDIR = $(DESTDIR)/include
 +LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)
 TARGETS = pppd
@@ -93,7 +94,7 @@ INCLUDE_DIRS= -I../include
 COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe
 -CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
 +CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"' -DLIBDIR=\""$(LIBDIR)"\"
 ifdef CHAPMS
 CFLAGS   += -DCHAPMS=1
 diff --git a/pppd/pathnames.h b/pppd/pathnames.h
 index 524d608..c7eadbb 100644
 --- a/pppd/pathnames.h
 +++ b/pppd/pathnames.h
@@ -62,7 +62,7 @@
 #ifdef PLUGIN
 #ifdef __STDC__
 -#define _PATH_PLUGIN	DESTDIR "/lib/pppd/" VERSION
 +#define _PATH_PLUGIN	LIBDIR "/pppd/" VERSION
 #else /* __STDC__ */
 #define _PATH_PLUGIN	"/usr/lib/pppd"
 #endif /* __STDC__ */
 diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux
 index 6403e3d..f42d18c 100644
 --- a/pppd/plugins/Makefile.linux
 +++ b/pppd/plugins/Makefile.linux
@@ -5,7 +5,7 @@ COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)@DESTDIR@
 BINDIR = $(DESTDIR)/sbin
 MANDIR = $(DESTDIR)/share/man/man8
 -LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
 +LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
 CFLAGS	= $(COPTS) -I.. -I../../include -fPIC
 LDFLAGS_SHARED	= -shared
 diff --git a/pppd/plugins/pppoatm/Makefile.linux b/pppd/plugins/pppoatm/Makefile.linux
 index d3a8086..c2aff0c 100644
 --- a/pppd/plugins/pppoatm/Makefile.linux
 +++ b/pppd/plugins/pppoatm/Makefile.linux
@@ -4,7 +4,7 @@ CC=$(CROSS_COMPILE)@CC@
 COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)@DESTDIR@
 -LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
 +LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
 VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
 diff --git a/pppd/plugins/pppoe/Makefile.linux b/pppd/plugins/pppoe/Makefile.linux
 index c415ce3..d3b7392 100644
 --- a/pppd/plugins/pppoe/Makefile.linux
 +++ b/pppd/plugins/pppoe/Makefile.linux
@@ -18,7 +18,7 @@ COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)@DESTDIR@
 BINDIR = $(DESTDIR)/sbin
 -LIBDIR = $(DESTDIR)/lib/pppd/$(PPPDVERSION)
 +LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(PPPDVERSION)
 PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
 diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux
 index 1aa1c0b..e4442f9 100644
 --- a/pppd/plugins/pppol2tp/Makefile.linux
 +++ b/pppd/plugins/pppol2tp/Makefile.linux
@@ -4,7 +4,7 @@ CC=$(CROSS_COMPILE)@CC@
 COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)/@DESTDIR@
 -LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
 +LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
 VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
 diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux
 index 489aef2..d2ef044 100644
 --- a/pppd/plugins/radius/Makefile.linux
 +++ b/pppd/plugins/radius/Makefile.linux
@@ -9,7 +9,7 @@ COPTS=@CFLAGS@
 DESTDIR = $(INSTROOT)@DESTDIR@
 MANDIR = $(DESTDIR)/share/man/man8
 -LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
 +LIBDIR = $(DESTDIR)/lib/$(shell gcc -print-multi-os-directory 2> /dev/null)/pppd/$(VERSION)
 VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
--- a/backport-ppp-2.4.9-config.patch
+++ b/backport-ppp-2.4.9-config.patch
@ -1,21 +0,0 @@
 diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
 index e77373e..07df6a7 100644
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
@@ -68,14 +68,14 @@ USE_TDB=y
 #SYSTEMD=y
 HAS_SHADOW=y
 -#USE_PAM=y
 +USE_PAM=y
 HAVE_INET6=y
 # Enable plugins
 PLUGIN=y
 # Enable Microsoft proprietary Callback Control Protocol
 -#CBCP=y
 +CBCP=y
 # Enable EAP SRP-SHA1 authentication (requires libsrp)
 #USE_SRP=y
--- a/backport-ppp-2.4.9-configure-cflags-allow-commas.patch
+++ b/backport-ppp-2.4.9-configure-cflags-allow-commas.patch
@ -1,17 +0,0 @@
 diff --git a/configure b/configure
 index f977663..c7031c2 100755
 --- a/configure
 +++ b/configure
@@ -121,9 +121,9 @@ mkmkf() {
     rm -f $2
     if [ -f $1 ]; then
 	echo "  $2 <= $1"
 -	sed -e "s,@DESTDIR@,$DESTDIR,g" -e "s,@SYSCONF@,$SYSCONF,g" \
 -	    -e "s,@CROSS_COMPILE@,$CROSS_COMPILE,g" -e "s,@CC@,$CC,g" \
 -	    -e "s,@CFLAGS@,$CFLAGS,g" $1 >$2
 +	sed -e "s|@DESTDIR@|$DESTDIR|g" -e "s|@SYSCONF@|$SYSCONF|g" \
 +	    -e "s|@CROSS_COMPILE@|$CROSS_COMPILE|g" -e "s|@CC@|$CC|g" \
 +	    -e "s|@CFLAGS@|$CFLAGS|g" $1 >$2
     fi
 }
--- a/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch
+++ b/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch
@ -34,26 +34,26 @@ index 6d50d1b..4880377 100644
 	die(0);
     /* Make sure fds 0, 1, 2 are open to somewhere. */
-    fd_devnull = open(_PATH_DEVNULL, O_RDWR);
+-    fd_devnull = open(PPP_DEVNULL, O_RDWR);
-+    fd_devnull = open(_PATH_DEVNULL, O_RDWR | O_CLOEXEC);
+    fd_devnull = open(PPP_DEVNULL, O_RDWR | O_CLOEXEC);
     if (fd_devnull < 0)
- 	fatal("Couldn't open %s: %m", _PATH_DEVNULL);
+ 	fatal("Couldn't open %s: %m", PPP_DEVNULL);
     while (fd_devnull <= 2) {
@@ -1679,7 +1679,7 @@ device_script(program, in, out, dont_wait)
     if (log_to_fd >= 0)
 	errfd = log_to_fd;
     else
-	errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0644);
+-	errfd = open(PPP_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0644);
-+	errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC, 0644);
+	errfd = open(PPP_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC, 0644);
     ++conn_running;
-     pid = safe_fork(in, out, errfd);
+     pid = ppp_safe_fork(in, out, errfd);
 diff --git a/pppd/options.c b/pppd/options.c
 index 1d754ae..8e62635 100644
 --- a/pppd/options.c
 +++ b/pppd/options.c
@@ -1544,9 +1544,9 @@ setlogfile(argv)
- 	option_error("unable to drop permissions to open %s: %m", *argv);
+ 	ppp_option_error("unable to drop permissions to open %s: %m", *argv);
 	return 0;
     }
 -    fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644);
@ -160,8 +160,8 @@ index 8a12fa0..00a2cf5 100644
 -		sfd = open(pty_name, O_RDWR | O_NOCTTY, 0);
 +		sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC, 0);
 		if (sfd >= 0) {
- 		    fchown(sfd, uid, -1);
+ 		    ret = fchown(sfd, uid, -1);
- 		    fchmod(sfd, S_IRUSR | S_IWUSR);
+ 		    if (ret != 0) {
 diff --git a/pppd/tdb.c b/pppd/tdb.c
 index bdc5828..c7ab71c 100644
 --- a/pppd/tdb.c
@ -189,7 +189,7 @@ index d571b11..bc96695 100644
 --- a/pppd/tty.c
 +++ b/pppd/tty.c
@@ -569,7 +569,7 @@ int connect_tty()
- 				status = EXIT_OPEN_FAILED;
+ 				ppp_set_status(EXIT_OPEN_FAILED);
 				goto errret;
 			}
 -			real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0);
@ -211,7 +211,7 @@ index 29bf970..6051b9a 100644
 --- a/pppd/utils.c
 +++ b/pppd/utils.c
@@ -918,14 +918,14 @@ lock(dev)
-     slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", LOCK_DIR, dev);
+     slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", PPP_PATH_LOCKDIR, dev);
 #endif
 -    while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) {
@ -238,4 +238,3 @@ index 29bf970..6051b9a 100644
 	lock_file[0] = 0;
 -- 
 1.8.3.1
--- a/backport-ppp-2.5.0-use-change-resolv-function.patch
+++ b/backport-ppp-2.5.0-use-change-resolv-function.patch
@ -0,0 +1,51 @@
 diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add
 index b93590e..8889cb6 100644
 --- a/scripts/ip-down.local.add
 +++ b/scripts/ip-down.local.add
@@ -9,12 +9,13 @@
 #
 # Nick Walker (nickwalker@email.com)
 #
 +. /etc/sysconfig/network-scripts/network-functions
 if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
 	if [ -f /etc/ppp/resolv.prev ]; then
 -		cp -f /etc/ppp/resolv.prev /etc/resolv.conf
 +		change_resolv_conf /etc/ppp/resolv.prev
 	else
 -		rm -f /etc/resolv.conf
 +		change_resolv_conf
 	fi
 fi
 diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add
 index 8017209..5ced496 100644
 --- a/scripts/ip-up.local.add
 +++ b/scripts/ip-up.local.add
@@ -9,16 +9,22 @@
 #
 # Nick Walker (nickwalker@email.com)
 #
 +. /etc/sysconfig/network-scripts/network-functions
 if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then
 	rm -f /etc/ppp/resolv.prev
 	if [ -f /etc/resolv.conf ]; then
 		cp /etc/resolv.conf /etc/ppp/resolv.prev
 -		grep domain /etc/ppp/resolv.prev > /etc/resolv.conf
 -		grep search /etc/ppp/resolv.prev >> /etc/resolv.conf
 -		cat /etc/ppp/resolv.conf >> /etc/resolv.conf
 +		rscf=/etc/ppp/resolv.new
 +		grep domain /etc/ppp/resolv.prev > $rscf
 +		grep search /etc/ppp/resolv.prev >> $rscf
 +		if [ -f /etc/ppp/resolv.conf ]; then
 +			cat /etc/ppp/resolv.conf >> $rscf
 +		fi
 +		change_resolv_conf $rscf
 +		rm -f $rscf
 	else
 -		cp /etc/ppp/resolv.conf /etc
 +		change_resolv_conf /etc/ppp/resolv.conf
 	fi
 fi
--- a/backport-pppd-Negotiate-IP-address-when-only-peer-addresses-are-provided.patch
+++ b/backport-pppd-Negotiate-IP-address-when-only-peer-addresses-are-provided.patch
@ -1,86 +0,0 @@
 From a2094eba2406392a7bb69b436155e2d08ea555e8 Mon Sep 17 00:00:00 2001
 From: pali <7141871+pali@users.noreply.github.com>
 Date: Tue, 26 Jan 2021 03:55:25 +0100
 Subject: [PATCH] pppd: Negotiate IP address when only peer addresses are
 provided (#236)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 This fixes special case when both ppp ends are configured to send only IP
 address of other side and do not send its own IP address. Such setup is
 correct because both ends can exchange its IP addresses and therefore they
 have full information, they known both local and remote address.
 This issue can be triggered by calling pppd with arguments:
    ./pppd debug local noauth nolock nodetach asyncmap 0 default-asyncmap novj noaccomp nopcomp nodeflate nobsdcomp nomagic noipv6 noipdefault nosendip :10.0.0.1 pty "./pppd debug local noauth nolock nodetach asyncmap 0 default-asyncmap novj noaccomp nopcomp nodeflate nobsdcomp nomagic noipv6 nosendip nodefaultroute :10.0.0.2 notty"
 Without this patch IP addresses are not exchanges at all and pppd fails:
    rcvd [LCP ConfReq id=0x1]
    sent [LCP ConfReq id=0x1]
    sent [LCP ConfAck id=0x1]
    rcvd [LCP ConfAck id=0x1]
    sent [LCP EchoReq id=0x0 magic=0x0]
    sent [IPCP ConfReq id=0x1]
    rcvd [LCP EchoReq id=0x0 magic=0x0]
    sent [LCP EchoRep id=0x0 magic=0x0]
    rcvd [IPCP ConfReq id=0x1]
    sent [IPCP ConfAck id=0x1]
    rcvd [LCP EchoRep id=0x0 magic=0x0]
    rcvd [IPCP ConfAck id=0x1]
    Could not determine local IP address
 After applying this patch exchanging of IP addresses is working fine:
    rcvd [LCP ConfReq id=0x1]
    sent [LCP ConfReq id=0x1]
    sent [LCP ConfAck id=0x1]
    rcvd [LCP ConfAck id=0x1]
    sent [LCP EchoReq id=0x0 magic=0x0]
    sent [IPCP ConfReq id=0x1]
    rcvd [LCP EchoReq id=0x0 magic=0x0]
    sent [LCP EchoRep id=0x0 magic=0x0]
    rcvd [IPCP ConfReq id=0x1]
    sent [IPCP ConfNak id=0x1 <addr 10.0.0.1>]
    rcvd [LCP EchoRep id=0x0 magic=0x0]
    rcvd [IPCP ConfNak id=0x1 <addr 10.0.0.2>]
    sent [IPCP ConfReq id=0x2 <addr 10.0.0.2>]
    rcvd [IPCP ConfReq id=0x2 <addr 10.0.0.1>]
    sent [IPCP ConfAck id=0x2 <addr 10.0.0.1>]
    rcvd [IPCP ConfAck id=0x2 <addr 10.0.0.2>]
    local  IP address 10.0.0.2
    remote IP address 10.0.0.1
 Signed-off-by: Pali Rohár <pali@kernel.org>
 ---
 pppd/ipcp.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)
 diff --git a/pppd/ipcp.c b/pppd/ipcp.c
 index fcf17b1e..d17dbd28 100644
 --- a/pppd/ipcp.c
 +++ b/pppd/ipcp.c
@@ -678,8 +678,9 @@ ipcp_resetci(fsm *f)
     ipcp_options *go = &ipcp_gotoptions[f->unit];
     ipcp_options *ao = &ipcp_allowoptions[f->unit];
 -    wo->req_addr = (wo->neg_addr || wo->old_addrs) &&
 -	(ao->neg_addr || ao->old_addrs);
 +    wo->req_addr = ((wo->neg_addr || wo->old_addrs) &&
 +	(ao->neg_addr || ao->old_addrs)) ||
 +	(wo->hisaddr && !wo->accept_remote);
     if (wo->ouraddr == 0)
 	wo->accept_local = 1;
     if (wo->hisaddr == 0)
@@ -1648,7 +1649,8 @@ ipcp_reqci(fsm *f, u_char *inp,	int *len, int reject_if_disagree)
      * option safely.
      */
     if (rc != CONFREJ && !ho->neg_addr && !ho->old_addrs &&
 -	wo->req_addr && !reject_if_disagree && !noremoteip) {
 +	wo->req_addr && !reject_if_disagree &&
 +	((wo->hisaddr && !wo->accept_remote) || !noremoteip)) {
 	if (rc == CONFACK) {
 	    rc = CONFNAK;
 	    ucp = inp;			/* reset pointer */
--- a/ppp-2.4.9.tar.gz
+++ b/ppp-2.4.9.tar.gz
--- a/ppp-2.5.0.tar.gz
+++ b/ppp-2.5.0.tar.gz
--- a/ppp-tmpfiles.conf
+++ b/ppp-tmpfiles.conf
@ -1,2 +1 @@
 d	/run/ppp	0755 root root
 d	/run/lock/ppp	0755 root root
--- a/ppp.spec
+++ b/ppp.spec
@ -1,6 +1,6 @@
 Name:           ppp
-Version:        2.4.9
+Version:        2.5.0
-Release:        5
+Release:        1
 Summary:        The Point-to-Point Protocol
 License:        BSD and LGPLv2+ and GPLv2+ and Public Domain
@ -20,6 +20,7 @@ Source11:       ppp-logrotate.conf
 Source12:       ppp-tmpfiles.conf
 BuildRequires:  gcc glib2-devel libpcap-devel openssl-devel pam-devel systemd systemd-devel
 BuildRequires:  autoconf automake libtool make
 Requires:       libpcap >= 14:0.8.3-6 glibc >= 2.0.6 systemd /etc/pam.d/system-auth network-scripts
 Supplements:    (network-scripts)
 Requires(pre):  /usr/bin/getent
@ -27,26 +28,11 @@ Requires(pre):  /usr/sbin/groupadd
 Provides:       network-scripts-ppp
 Obsoletes:      network-scripts-ppp
 Patch0001:      backport-ppp-2.4.9-config.patch
 Patch0002:      backport-0004-doc-add-configuration-samples.patch
-Patch0003:      backport-ppp-2.4.9-build-sys-don-t-hardcode-LIBDIR-but-set-it-according.patch
+Patch0004:      backport-ppp-2.5.0-use-change-resolv-function.patch
 Patch0004:      backport-0006-scritps-use-change_resolv_conf-function.patch
 Patch0005:      backport-0011-build-sys-don-t-put-connect-errors-log-to-etc-ppp.patch
 Patch0006:      backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch
 Patch0007:      backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch
 Patch0008:      backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch
 Patch0009:      backport-0015-pppd-move-pppd-database-to-var-run-ppp.patch
 Patch0010:      backport-0016-rp-pppoe-add-manpage-for-pppoe-discovery.patch
 Patch0011:      backport-0018-scritps-fix-ip-up.local-sample.patch
 Patch0012:      backport-0020-pppd-put-lock-files-in-var-lock-ppp.patch
 Patch0013:      backport-0023-build-sys-install-rp-pppoe-plugin-files-with-standar.patch
 Patch0014:      backport-0024-build-sys-install-pppoatm-plugin-files-with-standard.patch
 Patch0015:      backport-ppp-2.4.8-pppd-install-pppd-binary-using-standard-perms-755.patch
 Patch0016:      backport-ppp-2.4.9-configure-cflags-allow-commas.patch
 Patch0017:      backport-0027-Set-LIBDIR-for-RISCV.patch
 Patch0018:      backport-pppd-Negotiate-IP-address-when-only-peer-addresses-are-provided.patch
 Patch0019:      backport-CVE-2022-4603.patch
 Patch0020:      add-fclose-operation-to-fix-file-pointer-not-closed.patch
 %description
 The Point-to-Point Protocol (PPP) provides a standard way to establish
@ -57,6 +43,7 @@ and UDP.  The Linux port of this package also has support for IPX.
 %package        devel
 Summary:        Development environment for %{name}
 Requires:       %{name} = %{version}-%{release}
 Requires:       pkgconf-pkg-config
 %description    devel
 The %{name}-devel package contains libraries and header files for
@ -80,12 +67,14 @@ cp %{SOURCE8} network-scripts
 cp %{SOURCE9} network-scripts
 %build
-%configure --cflags="$RPM_OPT_FLAGS -fPIC -Wall -fno-strict-aliasing"
+autoreconf -fi
-%{make_build} LDFLAGS="%{?build_ldflags} -pie"
+export CFLAGS="%{build_cflags} -fno-strict-aliasing"
-%{make_build} -C ppp-watch LDFLAGS="%{?build_ldflags} -pie"
+%configure --enable-systemd --enable-cbcp --with-pam
 %make_build
 %make_build -C ppp-watch LDFLAGS="%{?build_ldflags} -pie"
 %install
-make install INSTROOT=$RPM_BUILD_ROOT install-etcppp 
+%make_install
 find scripts -type f | xargs chmod a-x
 make install ROOT=$RPM_BUILD_ROOT -C ppp-watch
 mkdir -p %{buildroot}%{_sysconfdir}/ppp
@ -105,9 +94,10 @@ install -m 644 %{SOURCE10} %{buildroot}%{_sysconfdir}/pam.d/ppp
 install -m 644 -p %{SOURCE11} %{buildroot}%{_sysconfdir}/logrotate.d/ppp
 install -m 644 -p %{SOURCE12} %{buildroot}%{_prefix}/lib/tmpfiles.d/ppp.conf
 %delete_la
 #ghosts
 mkdir -p %{buildroot}%{_rundir}/ppp
 mkdir -p %{buildroot}%{_rundir}/lock/ppp
 %pre
 /usr/bin/getent group dip >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 40 dip >/dev/null 2>&1 || :
@ -118,6 +108,7 @@ mkdir -p %{buildroot}%{_rundir}/lock/ppp
 %doc README scripts sample
 %{_sysconfdir}/ppp/ip*
 %{_sysconfdir}/sysconfig/network-scripts/if*-ppp
 %{_sysconfdir}/ppp/openssl.cnf
 %config(noreplace) %{_sysconfdir}/%{name}/chap-secrets
 %config(noreplace) %{_sysconfdir}/%{name}/eaptls-client
 %config(noreplace) %{_sysconfdir}/%{name}/eaptls-server
@ -130,11 +121,11 @@ mkdir -p %{buildroot}%{_rundir}/lock/ppp
 %{_sbindir}/chat
 %{_sbindir}/ppp*
 %ghost %dir %{_rundir}/ppp
 %ghost %dir %{_rundir}/lock/ppp
 %attr(700, root, root) %dir %{_localstatedir}/log/ppp
 %files devel
 %{_includedir}/pppd/*.h
 %{_libdir}/pkgconfig/pppd.pc
 %files help
 %doc FAQ README.cbcp README.eap-tls README.linux README.MPPE
@ -142,6 +133,12 @@ mkdir -p %{buildroot}%{_rundir}/lock/ppp
 %{_mandir}/man8/*.8.gz
 %changelog
 * Mon Jul 24 2023 gaihuiying <eaglegai@163.com> - 2.5.0-1
 - Type:requirement
 - ID:NA
 - SUG:NA
 - DESC:update ppp version from 2.4.9 to 2.5.0
 * Fri Mar 10 2023 xingwei <xingwei14@h-partners.com> - 2.4.9-5
 - Type:bufix
 - ID:NA
`@ -1,2 +1 @@`
	`d /run/ppp 0755 root root`	`d /run/ppp 0755 root root`
	`d /run/lock/ppp 0755 root root`