Eivind Næss [Thu, 24 Jun 2021 23:07:26 +0000 (16:07 -0700)]
Use autoconf/automake to configure and make ppp
This change brings in autoconf/automake scripts to configure the ppp project. Current change doesn't eliminate the previous build system, but the new script autogen.sh will overwrite configure, and generate the basic Makefile.in and Makefile files.
Features can now be enabled by command line:
* Microsoft Extensions,
- MSCHAP
- MPPE
- MS LAN Manager support
* IPXCP protocol
* CBCP protocol
* PAM support
* EAP-TLS support
* EAP-SRP support
* Max session lifetime by byte count
* Plugins
* Packet activity filter support
* Multilink
* IPv6 support
Control linkage with
* OpenSSL (-lssl -lcrypto)
* systemd (-lsystemd)
* libatm (-latm)
* libsrp (-lsrp)
* pam (-lpam)
Also, the configure script is made sensitive to features of OpenSSL. Like the presence or absence of DES, SHA, MD4 and MD5 crypto support. In the cases where either of these are missing, the support will be directly compiled into pppd and plugins.
In addition, package maintainers can now control the installation paths with standard --prefix=, or --localstatedir=, or --sysconfdir= to configure. On top of that, they can now control the following directories:
* runtime directory w/--with-runtime-dir
* logfile directory w/--with-logfile-dir
* plugin directory w/--with-plugin-dir
In the case where automake isn't the right solution, namely: SunOS kernel module build, the original Makefile infrastructure is preserved and reused.
Care was taken to only cosmetically touchup the source files in this change. This means:
* Insert HAVE_CONFIG_H and include config.h in all .c files.
* Change HAS_SHADOW to HAVE_SHADOW_H
* Change HAVE_LOGWTMP to HAVE_UTMP_H
* Introduce HAVE_CRYPT_H into the source code where appropriate
* Added ifdef MPPE where appropriate
* USE_SRP required a few changes as it didn't compile
* Touchup some compile warning in pppstats directory on SunOS
Introduced a new pppdconf.h file that exports the appropriate defines to a module that wants to provide a module that pppd can dynamically load. This will define/undef features like MPPE, CHAPMS such that the project doesn't have to guess what features pppd is compiled with.
Paul Mackerras [Mon, 19 Jul 2021 07:41:09 +0000 (17:41 +1000)]
chat: Clean up usage of clean() function
In a couple of places, we were calling clean(), which does environment
variable substitution among other things, but then using the original
string not the "cleaned" string when logging a message about what
we're doing.
Also, this removes a couple of checks that the "cleaned" string is not
longer than the original string, which date back to the first version
of the code checked into CVS. Those checks were appropriate before
environment variable substitution was added in commit eaca954c2d4a
("add -E option to use environment variables, from Andreas Arens") and
dynamic reallocation of the result buffer was added in commit 86dd2eec100d ("clean(): Fix buffer overflow.") but are no longer
necessary.
These changes were prompted by github issue #294 and redhat bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1650539
Adrian [Fri, 16 Jul 2021 09:24:13 +0000 (12:24 +0300)]
plugins/radius: Add RFC8044 dictionary compatibility for IPv4 address (#291)
This patch adds ipv4addr RADIUS data type compatible with RFC8044.
New dictionaries from RADIUS is using ipv4addr instead of old
ipaddr data type. This patch is avoiding modification of RADIUS
dictionaries to be compatible with PPP.
Paul Mackerras [Sat, 10 Jul 2021 00:29:55 +0000 (10:29 +1000)]
plugins/radius: Use snprintf in rc_mksid
Commit 858976b1fc31 ("radius: Prevent buffer overflow in rc_mksid()")
changed sprintf to slprintf to avoid a possible buffer overflow.
However, this introduced a bug because slprintf does not currently
handle the %lX and %hX formats. Use snprintf instead, which does, as
we are not using any of the custom formats that slprintf handles in
this instance.
Reported-by: Adrian Ban <devel@easynet.dev> Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
pali [Sat, 19 Jun 2021 01:03:14 +0000 (03:03 +0200)]
ipv6cp: Fix enforcing local and peer non-random IPv6 interface identifiers (#283)
In some cases peer may reject our local IPv6 identifier or may send to us
IPV6CP request without any IPv6 identifier or send empty IPv6 identifier
(asking as to generate some identifier for him).
In these special cases pppd always generated some new random IPv6
identifier and completely ignored the fact that user may already specified
IPv6 link local address (used for IPv6 identifier) either at command line
or in config file.
So properly check pppd options and generate new random IPv6 identifier only
in case user did not supply any IPv6 link local address.
If pppd was configured to not allow random identifiers and peer rejected
our enforced identifiers then pppd connection should be terminated.
pali [Sat, 19 Jun 2021 01:02:37 +0000 (03:02 +0200)]
ipv6cp: Fix ipv6cp-accept-local and ipv6cp-accept-remote options (#282)
These options are completely broken and ignored because pppd reflects these
options in the incorrect struct ipv6cp_allowoptions. Instead pppd expects
that these options are reflected in struct ipv6cp_wantoptions. Same applies
also for IPv4 code where these options are reflected in struct wantoptions.
This issue can be tested and verified by following command:
First pppd prefer to use IPv6 addresses ::2 and ::1 but accept also any
address suggested by second pppd. Second pppd allows usage only of IPv6
addresses ::1:1 and ::1:2 and does not accept any suggestion by first pppd.
Enforcing peer IPv6 interface identifier is broken in the same way as it
was broken for peer IPv4 address prior commit 9fe8923419a9 ("pppd: Fix
enforcing peer IP address").
Eivind Næss [Sat, 19 Jun 2021 01:01:34 +0000 (18:01 -0700)]
pppd: Allow users to use Engine and ID strings unmodified to the OpenSSL engine (#280)
This change allows users to specify "cert" and "key" arguments where the prefix
leading up to the ':' indicates the engine e.g. pkcs11, the entire string is
passed down to the engine library which does the parsing. In the case of
pkcs11.so (OpenSC project's libp11) engine for OpenSSL, it will now correctly
parse the PKCS11 URI string (See RFC7512).
pali [Mon, 7 Jun 2021 11:11:43 +0000 (13:11 +0200)]
pppd: Set restore_term at correct place (#284)
After successful call to tcsetattr/TCSAFLUSH it is needed to restore
terminal at the end. So set restore_term variable at correct place. Fixes
issue that fatal() call after tcsetattr/TCSAFLUSH does not restore terminal
settings.
pali [Sat, 5 Jun 2021 01:43:24 +0000 (03:43 +0200)]
pppd: Add support for arbitrary baud rates via BOTHER on Linux (#278)
Most Linux architectures and drivers support arbitrary baud rate BOTHER
values via TCGETS2 and TCSETS2 ioctls in struct termios2.
This patch implements support for BOTHER and struct termios2 which allows
pppd to use any baud rate on Linux systems where architecture and drivers
have support for it.
By default standard values are used.
Support for BOTHER is enabled during compilation when header files have
appropriate definitions of TCGETS2 and TCSETS2 ioctls.
Because there is no glibc support for BOTHER and struct termios2 yet, pppd
defines own BOTHER macro and struct termios2.
pppd: Expose the MPPE keys generated through an API (#267)
The lengthy part of this fix is to refactor the handling of MPPE keys
by moving it into mppe.c and thus reducing the clutter in chap_ms.c.
It does so by renaming the mppe_set_keys/2 to the corresponding
mppe_set_chapv1/mppe_set_chapv2 versions and updates callers of these
functions.
Having done so, it conveniently allows the name "mppe_set_keys" to be
re-used for this new purpose which will copy the key material up to
its size and then clear the input parameters (avoids leaving the MPPE
keys on the stack).
Additional functiions added to the MPPE code allow plugins et al. to
access the MPPE keys, clear the keys, and check if they are set. All
plugin and CCP code has been updated to use this API.
This adds pppd.pc into $(INSTROOT)/$(LIBDIR)/pkgconfig. On some distributions
this would be /lib/pkgconfig, or /usr/lib/pkgconfig, but other distributions
may consider specifying --libdir=/usr/lib/x86_x64-linux-gnu/ and the pkgconfig
directory would be under that. Allowing --libdir to be specified at configure
time fixes #223, providing pkgconfig support fixes #19 and allows third party
packages pickup the plugin directory.
Manually cherry picking parts of two commits by @lkundrak from:
https://github.com/NetworkManager/ppp/tree/lr/pkgconfig
Mainly, the difference between the original commit is not to replace DESTDIR
with "prefix". Leave DESTDIR alone, and add needed pkgconfig (pppd.pc.in)
as a part of the linux distribution (previously in pppd/plugin directory).
Eivind Næss [Sun, 14 Mar 2021 23:20:29 +0000 (16:20 -0700)]
pppd: Fix logical error in comparing valid encryption policies (#262)
RFC2548 describes the proper values of the MS-MPPE-Encryption-Policy attribute.
and it can only hold 2 values: 1 (encryption allowed) and 2 (encryption required).
See
https://tools.ietf.org/html/rfc2548, section 2.4.4
The correct comparison should be made with an && and not a ||.
Eivind Næss [Sun, 14 Mar 2021 23:17:41 +0000 (16:17 -0700)]
pppd: EAP-TLS: Verify Subject or CommonName by suffix (#261)
This feature matches closely what OpenVPN and the network-manager-openvpn plugin do for
certificate verification. It allows the end user to configure the certificate to be matched by
its common name (entire string), its subject name, or the suffix of a subject name.
The latter is especially useful if you are trying to match against a random server in a RADIUS
pool. Lastly, it also allows you to turn off the certificate matching altogether.
tls-verify-method can have the following parameter values:
- none
- subject - The entire subject, e.g. /CN=some.server.org
- name - The entire common name, e.g. some.server.org
- suffix - The latter part of a name, e.g. servers.org
Secondly, it also introduces a new parameter 'tls-verify-key-usage' which permits checking
of the 'server' or 'client' side attributes of nsCertType and X509 extended key attributes.
For example, in client mode, it will verify that received certificate has the 'server' side
attributes enabled.
10ne1 [Sun, 14 Mar 2021 23:11:35 +0000 (01:11 +0200)]
pppd: Fix cross-compilation using Clang (#253)
Clang does not have the --print-sysroot option so the shell
snippet silently fails leading to "-I/usr/include/openssl".
Thankfully systems like Gentoo/portage or Yocto/bitbake enable
sysroot poisoning precisely to catch these kinds of bugs.
There is only one user of this non-standard CFLAG include in
pppcrypt.h, so make it consistent with the rest of the sources
(eg. see eap-tls.[h|c] openssl/* includes) and drop the fragile
sysroot hackery.
Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
pali [Fri, 26 Feb 2021 04:44:19 +0000 (05:44 +0100)]
pppd: defaultroute6 is not frequent option and should not be used (#257)
In pppd.8 manpage, move defaultroute6 option from FREQUENTLY USED OPTIONS
into OPTIONS, and add a warning that this option should not be needed or
used on IPv6 networks. Option defaultroute6 is needed only for broken IPv6
networks. Also add nodefaultroute6 into sample options file.
Pali Rohár [Sat, 16 Jan 2021 21:50:27 +0000 (22:50 +0100)]
pppd: Define request and response rtnetlink IPv6 structures
This simplify understanding of rtnetlink IPv6 API. Also it simplify
code for filling rtnetlink IPv6 address request message and reading
rtnetlink response message as it avoids usage of pointer arithmetic.
Pali Rohár [Sun, 10 Jan 2021 18:46:07 +0000 (19:46 +0100)]
pppd: Set local and remote IPv6 addresses by one call
Currently local IPv6 address is set by SIOCSIFADDR ioctl and remote peer
address is appended by rtnetlink RTM_NEWADDR/NLM_F_REPLACE call. For
RTM_NEWADDR/NLM_F_REPLACE call it is needed to specify both local + remote
addresses as local address is used for matching to which address needs to
be remote peer address appended. When issuing this call kernel first
removes currently configured local address and then inserts a new pair of
local + remote addresses.
Simplify whole setup by just one rtnetlink RTM_NEWADDR/NLM_F_CREATE call by
inserting pair of local + remote addresses atomically. Therefore calling
SIOCSIFADDR ioctl for local IPv6 address is not used or needed anymore.
Pali Rohár [Sun, 10 Jan 2021 18:09:25 +0000 (19:09 +0100)]
pppd: Disable Duplicate Address Detection for IPv6 peer address
IPv6 link-local addresses are negotiated via IPV6CP and therefore are
unique and not duplicate. Doing additional Duplicate Address Detection
is redundant and not needed, so disable it.
pali [Mon, 15 Feb 2021 06:54:01 +0000 (07:54 +0100)]
pppd: Fix compilation with older glibc or kernel headers (#248)
glibc versions prior to 2.24 do not define SOL_NETLINK and linux kernel
versions prior to 4.3 do not define NETLINK_CAP_ACK. So add fallback
definitions for these macros into pppd/sys-linux.c file.
Also extend description why we call SOL_NETLINK/NETLINK_CAP_ACK option.
pali [Tue, 26 Jan 2021 02:58:45 +0000 (03:58 +0100)]
ipv6cp: Fix ipv6cp-use-persistent option when remote address is specified (#246)
Option ipv6cp-use-persistent affects only local interface identifier (local
link-local address). It does not affects remote peer interface identifier
(and remote link-local address) therefore ipv6cp-use-persistent option
should not depend on remote address.
pali [Tue, 26 Jan 2021 02:55:25 +0000 (03:55 +0100)]
pppd: Negotiate IP address when only peer addresses are provided (#236)
This fixes special case when both ppp ends are configured to send only IP
address of other side and do not send its own IP address. Such setup is
correct because both ends can exchange its IP addresses and therefore they
have full information, they known both local and remote address.
This issue can be triggered by calling pppd with arguments:
pali [Tue, 26 Jan 2021 02:53:59 +0000 (03:53 +0100)]
pppd: Fix enforcing peer IP address (#235)
If peer address is specified and ipcp-accept-remote is not set then peer
address is enforced.
But there is bug in pppd which allows peer to not use supplied address when
it reply with empty IPCP ConfReq. In this case pppd thinks that peer
accepted its idea of remote/peer address even it is not truth.
This issue can be reproduced by running pppd with arguments:
Which means that first pppd force usage of address 10.1.0.1 for peer and
second pppd (peer) wants to use only address 10.0.0.1 for itself.
First pppd see this communication
rcvd [IPCP ConfReq id=0x64 <addr 10.0.0.1>]
sent [IPCP ConfNak id=0x64 <addr 10.1.0.1>]
rcvd [IPCP ConfReq id=0x65]
sent [IPCP ConfAck id=0x65]
local IP address 10.0.0.2
remote IP address 10.1.0.1
and thinks that peer (second pppd) accepted its idea of remote/peer
address.
After applying this patch first pppd correctly detects that peer refused
its proposed peer address and therefore close connection.
rcvd [IPCP ConfReq id=0x64 <addr 10.0.0.1>]
sent [IPCP ConfNak id=0x64 <addr 10.1.0.1>]
rcvd [IPCP ConfReq id=0x65]
sent [IPCP ConfAck id=0x65]
Peer refused to agree to his IP address
Connect time 0.0 minutes.
Sent 1024 bytes, received 1018 bytes.
sent [IPCP TermReq id=0x3 "Refused his IP address"]
pali [Tue, 26 Jan 2021 02:52:22 +0000 (03:52 +0100)]
pppd: Fix demand mode with noremoteip option (#232)
When noremoteip is set then initial hisaddr (peer address) is zero. So to
handle setting correct peer address after establishing connection it is
needed to change logic around 'wo->hisaddr != 0' condition. wo->hisaddr
needs to be updated from initial zero address to correct peer address.
Without this patch first pppd receives 10.0.0.1 address from second pppd
even second pppd is configured to not send its IP address.
rcvd [LCP ConfReq id=0x1 <magic 0x7cf29fab>]
sent [LCP ConfReq id=0x1 <magic 0x4550b00c>]
sent [LCP ConfAck id=0x1 <magic 0x7cf29fab>]
rcvd [LCP ConfAck id=0x1 <magic 0x4550b00c>]
sent [LCP EchoReq id=0x0 magic=0x4550b00c]
sent [IPCP ConfReq id=0x1 <addr 0.0.0.0>]
rcvd [LCP EchoReq id=0x0 magic=0x7cf29fab]
sent [LCP EchoRep id=0x0 magic=0x4550b00c]
rcvd [IPCP ConfReq id=0x1]
sent [IPCP ConfNak id=0x1 <addr 0.0.0.0>]
rcvd [LCP EchoRep id=0x0 magic=0x7cf29fab]
rcvd [IPCP ConfNak id=0x1 <addr 10.0.0.2>]
sent [IPCP ConfReq id=0x2 <addr 10.0.0.2>]
rcvd [IPCP ConfReq id=0x2 <addr 10.0.0.1>]
sent [IPCP ConfAck id=0x2 <addr 10.0.0.1>]
rcvd [IPCP ConfAck id=0x2 <addr 10.0.0.2>]
local IP address 10.0.0.2
remote IP address 10.0.0.1
After applying this patch first pppd does not receive remote 10.0.0.1
address anymore which can be seen by the fact that first pppd cannot
determinate remote IP address and defaulting to 10.64.64.64.
rcvd [LCP ConfReq id=0x1 <magic 0x1da305a6>]
sent [LCP ConfReq id=0x1 <magic 0x2d76359>]
sent [LCP ConfAck id=0x1 <magic 0x1da305a6>]
rcvd [LCP ConfAck id=0x1 <magic 0x2d76359>]
sent [LCP EchoReq id=0x0 magic=0x2d76359]
sent [IPCP ConfReq id=0x1 <addr 0.0.0.0>]
rcvd [LCP EchoReq id=0x0 magic=0x1da305a6]
sent [LCP EchoRep id=0x0 magic=0x2d76359]
rcvd [IPCP ConfReq id=0x1]
sent [IPCP ConfNak id=0x1 <addr 0.0.0.0>]
rcvd [LCP EchoRep id=0x0 magic=0x1da305a6]
rcvd [IPCP ConfNak id=0x1 <addr 10.0.0.2>]
sent [IPCP ConfReq id=0x2 <addr 10.0.0.2>]
rcvd [IPCP ConfReq id=0x2]
sent [IPCP ConfAck id=0x2]
rcvd [IPCP ConfAck id=0x2 <addr 10.0.0.2>]
Could not determine remote IP address: defaulting to 10.64.64.64
local IP address 10.0.0.2
remote IP address 10.64.64.64
Pali Rohár [Sat, 9 Jan 2021 13:37:00 +0000 (14:37 +0100)]
ipv6cp: Allow to use demand mode without specifying IPv6 address/identifier
Support is similar as in IPv4, pppd generates random temporary identifier
for LL address and after connection is established then LL address is
changed to the real one.
Richard Purdie [Fri, 8 Jan 2021 01:41:42 +0000 (01:41 +0000)]
pppd/Makefile.linux: Fix reproducibility issue with differing make versions (#234)
We were seeing reproducibility issues where one host would use the internal
logwtmp wrapper, another would use the one in libutil. The issue was that in
some cases the "\#include" was making it to CC, in others, "#include". The
issue seems to be related to shell escaping.
pppd: Refactor eap MSCHAPv2 using chap_find_digest
Remove code duplication from eap.c related to eap MSCHAPv2 (server)
implementation.
The chap_find_digest function - introduced in [1] - exposes the
registered CHAP digests type definitions, providing functions to
generate a challenge and verify a response, among others.
Eivind Næss [Mon, 4 Jan 2021 01:34:34 +0000 (17:34 -0800)]
pppd: Add support for EAP-MSCHAPv2 (client side) (#211)
* Adding EAP-MSCHAPv2 support #175
Implementation based on the RFC: draft-kamath-pppext-eap-mschapv2-02.
Adding support for MSCHAPv2 inside extensible authentication protocol (EAP).
Signed-off-by: Thomas Omerzu <thomas@omerzu.de>
* Removing empty "TODO" in comment section
Signed-off-by: Eivind Naess <eivnaes@yahoo.com>
* Add support for EAP-MSCHAPv2 #138
Rewrote the original patch to use the chap-new.c API for caching request/responses. Also incorporate feedback from @paulusmack for input validation and function signatures.
pali [Sun, 3 Jan 2021 23:01:44 +0000 (00:01 +0100)]
pppd: Fix setting IPv6 peer address (#212)
On Linux IPv6 peer address cannot be set via SIOCSIFDSTADDR ioctl like it
is for IPv4 peer address. Linux kernel does not support SIOCSIFDSTADDR for
AF_INET6 PPP interfaces.
The only way how to set IPv6 peer address on Linux is via kernel netlink
interface which is just a little bit complicated compared to one ioctl
call.
Linux kernel for a long time automatically adds IPv6 peer address from
interface into route table so it is not needed to explicitly set routing
for remote peer address. pppd already does not do it for kernel versions
newer than 2.1.16. So the same check is used also for IPv6 peer route
address.
Prior this patch ppp interface was configured as:
$ ip -6 address show dev ppp0
2: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 state UNKNOWN qlen 3
inet6 fe80::2/128 scope link
valid_lft forever preferred_lft forever
$ ip -6 route show dev ppp0
fe80::1 metric 1 pref medium
fe80::2 proto kernel metric 256 pref medium
And after applying this patch as:
$ ip -6 address show dev ppp0
2: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 state UNKNOWN qlen 3
inet6 fe80::2 peer fe80::1/128 scope link
valid_lft forever preferred_lft forever
$ ip -6 route show dev ppp0
fe80::1 proto kernel metric 256 pref medium
fe80::2 proto kernel metric 256 pref medium
As can be seen IPv6 peer address is now correctly set on the interface and
also kernel correctly fill route table for IPv6 peer address.
Please note that old ifconfig utility cannot show nor change IPv6 peer
address. Peer address is supported only for IPv4 addresses as opposite of
the local addresses where both IPv4 and IPv6 are supported. It is because
old ifconfig utility is also using ioctl interface which cannot handle it.
Therefore for any testing it is really required ip utility or other utility
with netlink interface (and not ioctl interface).
Samuel Thibault [Sat, 2 Jan 2021 03:25:48 +0000 (04:25 +0100)]
pppd: Add replacedefaultroute option (#200)
Adds an option to pppd to control whether to replace existing default routes
when using the 'defaultroute' option.
If defaultroute and replacedefaultroute are both set, pppd replaces an existing
default route with the new default route. The old default route is restored when
the connection is taken down.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Co-authored-by: Chris Boot <bootc@debian.org>
pali [Fri, 1 Jan 2021 08:58:02 +0000 (09:58 +0100)]
pppd: Fix ether_to_eui64() to prefer devnam ether interface (#206)
In case of PPPoE connection, devnam is ethernet interface. So in this case
calculate EUI-64 IPV6CP identifier from the PPPoE ethernet interface
instead from the first ethernet interface in the system.
This would ensure that each PPPoE connection would have unique IPv6 link
local address calculated from the interface MAC address on which is PPPoE
going to be established.
Currently IPv6 link local address is always calculated from the MAC address
of the first ethernet interface and therefore all active PPPoE connections
have by default same (non unique) IPv6 link local address.
These get propagated to the Makefiles in the subdirectories. The
cross-compile prefix is prepended to the CC value, so for example
if you do "./configure --cross_compile=powerpc64le-linux-" then
everything gets compiled and linked using powerpc64le-linux-cc.
Paul Mackerras [Fri, 1 Jan 2021 00:26:48 +0000 (11:26 +1100)]
pppd: Use a run-time test to detect libutil availability on Linux
This tests whether logwtmp is declared in <utmp.h>, and if not we
assume we need to include our own logwtmp implementation. We assume
that if logwtmp is provided by the system then we need -lutil to get
it (as is the case for glibc).
This fixes compilation with musl libc and other libcs that don't
provide logwtmp.
Pali Rohár [Thu, 31 Dec 2020 17:49:27 +0000 (18:49 +0100)]
Make a consistency in pppoe options
Remove 'rp_' prefix from all pppoe options and ensure that pppoe options
have 'pppoe-' prefix. Also change underlines to dashes to be consistent
with other pppd options.
To not break a backward compatibility ensure that old option names still
work via (legacy) aliases.
Now when get_first_ethernet() is implemented for both Linux and Solaris,
implementation of ether_to_eui64() function can use this function
get_first_ethernet() and therefore be system independent.
So change implementation of ether_to_eui64() to use get_first_ethernet()
function and move it from Linux and Solaris files to common ipv6cp.c file
where it is used.
Pali Rohár [Thu, 31 Dec 2020 17:46:01 +0000 (18:46 +0100)]
Rename rp-pppoe.so plugin to pppoe.so
Original out-of-tree rp-pppoe plugin for pppd software is still available
at website https://dianne.skoll.ca/projects/rp-pppoe/ and receives new
releases. The last update is from the June 2020.
Currently it is ambiguous if user is using original out-of-tree rp-pppoe
plugin or in-tree pppd's rp-pppoe plugin. These two plugins are different,
come from different sources but share same name.
Some users want to use original rp-pppoe plugin and not pppd's in-tree
rp-pppoe plugin. Also some distribution want to package both plugins,
pppd's in-tree and original rp-pppoe.
So for this reason and also because all other PPP over <something> plugins
have just pppo prefix, rename in-tree rp-pppoe.so plugin to just pppoe.so.
This will allow to distinguish and make it clear what is the original
rp-pppoe plugin and what is pppd's in-tree pppoe plugin.
When installing pppd create a compatibility symlink from pppoe.so to
rp-pppoe.so so nothing would be broken. This compatibility symlink may be
removed by Linux distribution which do not want to have compatibility with
the old name as before and rather use rp-pppoe.so name for original
rp-pppoe software.
Samuel Thibault [Thu, 31 Dec 2020 05:35:24 +0000 (06:35 +0100)]
pppd: Use a compile test to detect crypt.h (#198)
ppp checks header for existence of crypt.h looking it up in /usr/include.
That's incompatible with non-glibcs or a glibc with multiarch headers
(https://bugs.debian.org/798955). This patch replaces the file existence
test with a compile test.
Reviewed-by: Chris Boot <bootc@debian.org> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Co-authored-by: Helmut Grohne <helmut@subdivi.de>
cc -o pppdump pppdump.o deflate.o bsd-comp.o -lz
/usr/bin/ld: deflate.o: in function `z_incomp':
deflate.c:(.text+0x99): undefined reference to `inflateIncomp'
/usr/bin/ld: deflate.o: in function `z_decomp_alloc':
deflate.c:(.text+0x355): undefined reference to `inflateInit2'
collect2: error: ld returned 1 exit status
make[1]: *** [Makefile:38: pppdump] Error 1
The copy of zlib here is not the same as the standard upstream zlib;
this version has some extra functions added.