From e8676075aea6d278f435d5ce83d9b6aa216a1ecb Mon Sep 17 00:00:00 2001
From: =?utf8?q?Eivind=20N=C3=A6ss?= <eivnaes@yahoo.com>
Date: Fri, 6 Aug 2021 10:06:17 -0700
Subject: [PATCH] Changing defines for CHAPMS, MSLANMAN, MPPE to prefix with
 PPP_WITH_*
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

To avoid bleeding over to third party projects. They are all
defined and exported by pppdconf.h either way. These projects
will stil have a consistent view of how pppd was compiled.

Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
---
 configure.ac                 | 14 +++++-----
 pppd/Makefile.am             |  4 +--
 pppd/auth.c                  | 10 +++----
 pppd/ccp.c                   | 42 ++++++++++++++---------------
 pppd/chap-new.c              |  4 +--
 pppd/chap_ms.c               | 30 +++++++++------------
 pppd/eap-tls.c               |  4 +--
 pppd/eap-tls.h               |  2 +-
 pppd/eap.c                   | 52 ++++++++++++++++++------------------
 pppd/eap.h                   |  2 +-
 pppd/mppe.h                  |  4 +--
 pppd/plugins/radius/radius.c | 28 +++++++++----------
 pppd/plugins/winbind.c       |  8 +++---
 pppd/pppd.h                  |  2 +-
 pppd/pppdconf.h.in           |  7 +++--
 15 files changed, 105 insertions(+), 108 deletions(-)

diff --git a/configure.ac b/configure.ac
index 85688a8..ac53342 100644
--- a/configure.ac
+++ b/configure.ac
@@ -126,20 +126,20 @@ AS_IF([test "x$enable_maxoctets" != "xno"],
 AC_ARG_ENABLE([microsoft-extensions],
     AS_HELP_STRING([--disable-microsoft-extensions], [Disable Microsoft CHAP / MPPE extensions]))
 
-AM_CONDITIONAL(WITH_CHAPMS, test "x${enable_microsoft_extensions}" != "xno")
-AM_COND_IF([WITH_CHAPMS],
-    AC_DEFINE([CHAPMS], 1, ["Have Microsoft CHAP support"]))
+AM_CONDITIONAL(PPP_WITH_CHAPMS, test "x${enable_microsoft_extensions}" != "xno")
+AM_COND_IF([PPP_WITH_CHAPMS],
+    AC_DEFINE([PPP_WITH_CHAPMS], 1, ["Have Microsoft CHAP support"]))
 
-AM_CONDITIONAL(WITH_MPPE, test "x${enable_microsoft_extensions}" != "xno")
-AM_COND_IF([WITH_MPPE],
-    AC_DEFINE([MPPE], 1, ["Have Microsoft MPPE support"]))
+AM_CONDITIONAL(PPP_WITH_MPPE, test "x${enable_microsoft_extensions}" != "xno")
+AM_COND_IF([PPP_WITH_MPPE],
+    AC_DEFINE([PPP_WITH_MPPE], 1, ["Have Microsoft MPPE support"]))
 
 #
 # Enable Microsoft LAN Manager support, depends on Microsoft Extensions
 AC_ARG_ENABLE([mslanman],
     AS_HELP_STRING([--enable-mslanman], [Enable Microsoft LAN Manager support]))
 AS_IF([test "x${enable_mslanman}" = "xyes" && test "x${enable_microsoft_extensions}" != "xno"],
-    AC_DEFINE([MSLANMAN], 1, ["Have Microsoft LAN Manager support"]))
+    AC_DEFINE([PPP_WITH_MSLANMAN], 1, ["Have Microsoft LAN Manager support"]))
 
 #
 # Disable IPv6 support
diff --git a/pppd/Makefile.am b/pppd/Makefile.am
index bc9a6d9..94197fd 100644
--- a/pppd/Makefile.am
+++ b/pppd/Makefile.am
@@ -83,7 +83,7 @@ pppd_SOURCES += sys-solaris.c
 pppd_LIBS += -lsocket -lnsl
 endif
 
-if WITH_CHAPMS
+if PPP_WITH_CHAPMS
 pppd_SOURCES += chap_ms.c
 pppd_SOURCES += pppcrypt.c
 check_PROGRAMS += utest_chap
@@ -97,7 +97,7 @@ if WITH_CBCP
 pppd_SOURCES += cbcp.c
 endif
 
-if WITH_MPPE
+if PPP_WITH_MPPE
 pppd_SOURCES += mppe.c
 endif
 
diff --git a/pppd/auth.c b/pppd/auth.c
index fa32fea..f8c8a06 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -244,7 +244,7 @@ bool cryptpap = 0;		/* Passwords in pap-secrets are encrypted */
 bool refuse_pap = 0;		/* Don't wanna auth. ourselves with PAP */
 bool refuse_chap = 0;		/* Don't wanna auth. ourselves with CHAP */
 bool refuse_eap = 0;		/* Don't wanna auth. ourselves with EAP */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 bool refuse_mschap = 0;		/* Don't wanna auth. ourselves with MS-CHAP */
 bool refuse_mschap_v2 = 0;	/* Don't wanna auth. ourselves with MS-CHAPv2 */
 #else
@@ -345,7 +345,7 @@ option_t auth_options[] = {
       "Require CHAP authentication from peer",
       OPT_ALIAS | OPT_PRIOSUB | OPT_A2OR | MDTYPE_MD5,
       &lcp_wantoptions[0].chap_mdtype },
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
     { "require-mschap", o_bool, &auth_required,
       "Require MS-CHAP authentication from peer",
       OPT_PRIOSUB | OPT_A2OR | MDTYPE_MICROSOFT,
@@ -376,7 +376,7 @@ option_t auth_options[] = {
       "Don't allow CHAP authentication with peer",
       OPT_ALIAS | OPT_A2CLRB | MDTYPE_MD5,
       &lcp_allowoptions[0].chap_mdtype },
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
     { "refuse-mschap", o_bool, &refuse_mschap,
       "Don't agree to auth to peer with MS-CHAP",
       OPT_A2CLRB | MDTYPE_MICROSOFT,
@@ -1019,7 +1019,7 @@ auth_peer_success(int unit, int protocol, int prot_flavor,
 	case CHAP_MD5:
 	    bit |= CHAP_MD5_PEER;
 	    break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	case CHAP_MICROSOFT:
 	    bit |= CHAP_MS_PEER;
 	    break;
@@ -1095,7 +1095,7 @@ auth_withpeer_success(int unit, int protocol, int prot_flavor)
 	case CHAP_MD5:
 	    bit |= CHAP_MD5_WITHPEER;
 	    break;
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	case CHAP_MICROSOFT:
 	    bit |= CHAP_MS_WITHPEER;
 	    break;
diff --git a/pppd/ccp.c b/pppd/ccp.c
index 644a9d1..36ee549 100644
--- a/pppd/ccp.c
+++ b/pppd/ccp.c
@@ -67,7 +67,7 @@ static char deflate_value[8];
 /*
  * Option variables.
  */
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 bool refuse_mppe_stateful = 1;		/* Allow stateful mode? */
 #endif
 
@@ -110,7 +110,7 @@ static option_t ccp_option_list[] = {
       "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
       &ccp_allowoptions[0].predictor_1 },
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     /* MPPE options are symmetrical ... we only set wantoptions here */
     { "require-mppe", o_bool, &ccp_wantoptions[0].mppe,
       "require MPPE encryption",
@@ -445,7 +445,7 @@ ccp_input(int unit, u_char *p, int len)
     fsm_input(f, p, len);
     if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) {
 	notice("Compression disabled by peer.");
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 	if (ccp_gotoptions[unit].mppe) {
 	    error("MPPE disabled, closing LCP");
 	    lcp_close(unit, "MPPE disabled by peer");
@@ -500,7 +500,7 @@ ccp_protrej(int unit)
     ccp_flags_set(unit, 0, 0);
     fsm_lowerdown(&ccp_fsm[unit]);
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (ccp_gotoptions[unit].mppe) {
 	error("MPPE required but peer negotiation failed");
 	lcp_close(unit, "MPPE required but peer negotiation failed");
@@ -521,7 +521,7 @@ ccp_resetci(fsm *f)
     *go = ccp_wantoptions[f->unit];
     all_rejected[f->unit] = 0;
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (go->mppe) {
 	ccp_options *ao = &ccp_allowoptions[f->unit];
 	int auth_mschap_bits = auth_done[f->unit];
@@ -610,13 +610,11 @@ ccp_resetci(fsm *f)
 	ao->predictor_2  = go->predictor_2  = 0;
 	ao->deflate      = go->deflate      = 0;
     }
-#endif /* MPPE */
 
     /*
      * Check whether the kernel knows about the various
      * compression methods we might request.
      */
-#ifdef MPPE
     if (go->mppe) {
 	opt_buf[0] = CI_MPPE;
 	opt_buf[1] = CILEN_MPPE;
@@ -627,7 +625,7 @@ ccp_resetci(fsm *f)
 	    lcp_close(f->unit, "MPPE required but not available");
 	}
     }
-#endif
+#endif /* PPP_WITH_MPPE */
     if (go->bsd_compress) {
 	opt_buf[0] = CI_BSD_COMPRESS;
 	opt_buf[1] = CILEN_BSD_COMPRESS;
@@ -700,7 +698,7 @@ static void
      * preference order.  Get the kernel to allocate the first one
      * in case it gets Acked.
      */
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (go->mppe) {
 	u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
 
@@ -810,7 +808,7 @@ static int
     ccp_options *go = &ccp_gotoptions[f->unit];
     u_char *p0 = p;
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (go->mppe) {
 	u_char opt_buf[CILEN_MPPE];
 
@@ -900,7 +898,7 @@ static int
     memset(&no, 0, sizeof(no));
     try = *go;
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (go->mppe && len >= CILEN_MPPE
 	&& p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
 	no.mppe = 1;
@@ -922,7 +920,7 @@ static int
 	    lcp_close(f->unit, "MPPE required but peer negotiation failed");
 	}
     }
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
     if (go->deflate && len >= CILEN_DEFLATE
 	&& p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
 	&& p[1] == CILEN_DEFLATE) {
@@ -991,7 +989,7 @@ ccp_rejci(fsm *f, u_char *p, int len)
     if (len == 0 && all_rejected[f->unit])
 	return -1;
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (go->mppe && len >= CILEN_MPPE
 	&& p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
 	error("MPPE required but peer refused");
@@ -1063,7 +1061,7 @@ ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak)
     int len, clen, type, nb;
     ccp_options *ho = &ccp_hisoptions[f->unit];
     ccp_options *ao = &ccp_allowoptions[f->unit];
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     bool rej_for_ci_mppe = 1;	/* Are we rejecting based on a bad/missing */
 				/* CI_MPPE, or due to other options?       */
 #endif
@@ -1087,7 +1085,7 @@ ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak)
 	    clen = p[1];
 
 	    switch (type) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 	    case CI_MPPE:
 		if (!ao->mppe || clen != CILEN_MPPE) {
 		    newret = CONFREJ;
@@ -1187,7 +1185,7 @@ ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak)
 		 */
 		rej_for_ci_mppe = 0;
 		break;
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
 	    case CI_DEFLATE:
 	    case CI_DEFLATE_DRAFT:
 		if (!ao->deflate || clen != CILEN_DEFLATE
@@ -1329,7 +1327,7 @@ ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak)
 	else
 	    *lenp = retp - p0;
     }
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) {
 	error("MPPE required but peer negotiation failed");
 	lcp_close(f->unit, "MPPE required but peer negotiation failed");
@@ -1349,7 +1347,7 @@ method_name(ccp_options *opt, ccp_options *opt2)
     if (!ANY_COMPRESS(*opt))
 	return "(none)";
     switch (opt->method) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     case CI_MPPE:
     {
 	char *p = result;
@@ -1426,7 +1424,7 @@ ccp_up(fsm *f)
 	    notice("%s receive compression enabled", method_name(go, NULL));
     } else if (ANY_COMPRESS(*ho))
 	notice("%s transmit compression enabled", method_name(ho, NULL));
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (go->mppe) {
 	mppe_clear_keys();
 	continue_networks(f->unit);		/* Bring up IP et al */
@@ -1444,7 +1442,7 @@ ccp_down(fsm *f)
 	UNTIMEOUT(ccp_rack_timeout, f);
     ccp_localstate[f->unit] = 0;
     ccp_flags_set(f->unit, 1, 0);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     if (ccp_gotoptions[f->unit].mppe) {
 	ccp_gotoptions[f->unit].mppe = 0;
 	if (lcp_fsm[f->unit].state == OPENED) {
@@ -1507,7 +1505,7 @@ ccp_printpkt(u_char *p, int plen,
 	    len -= optlen;
 	    optend = p + optlen;
 	    switch (code) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 	    case CI_MPPE:
 		if (optlen >= CILEN_MPPE) {
 		    u_char mppe_opts;
@@ -1609,7 +1607,7 @@ ccp_datainput(int unit, u_char *pkt, int len)
 	     */
 	    error("Lost compression sync: disabling compression");
 	    ccp_close(unit, "Lost compression sync");
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 	    /*
 	     * If we were doing MPPE, we must also take the link down.
 	     */
diff --git a/pppd/chap-new.c b/pppd/chap-new.c
index ab4302b..565713f 100644
--- a/pppd/chap-new.c
+++ b/pppd/chap-new.c
@@ -41,7 +41,7 @@
 #include "chap-new.h"
 #include "chap-md5.h"
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 #include "chap_ms.h"
 #define MDTYPE_ALL (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT | MDTYPE_MD5)
 #else
@@ -155,7 +155,7 @@ chap_init(int unit)
 	memset(&server, 0, sizeof(server));
 
 	chap_md5_init();
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	chapms_init();
 #endif
 }
diff --git a/pppd/chap_ms.c b/pppd/chap_ms.c
index c6e4b34..e7e8cba 100644
--- a/pppd/chap_ms.c
+++ b/pppd/chap_ms.c
@@ -80,8 +80,6 @@
 #include "config.h"
 #endif
 
-#ifdef CHAPMS
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -100,7 +98,7 @@
 #include "mppe.h"
 
 #ifdef UNIT_TEST
-#undef MPPE
+#undef PPP_WITH_MPPE
 #endif
 
 static void	ascii2unicode (char[], int, u_char[]);
@@ -112,16 +110,16 @@ static void	ChapMS2_NT (u_char *, u_char[16], char *, char *, int,
 static void	GenerateAuthenticatorResponsePlain
 			(char*, int, u_char[24], u_char[16], u_char *,
 			 char *, u_char[41]);
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
 static void	ChapMS_LANMan (u_char *, char *, int, u_char *);
 #endif
 
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
 bool	ms_lanman = 0;    	/* Use LanMan password instead of NT */
 			  	/* Has meaning only with MS-CHAP challenges */
 #endif
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 #ifdef DEBUGMPPEKEY
 /* For MPPE debug */
 /* Use "[]|}{?/><,`!2&&(" (sans quotes) for RFC 3079 MS-CHAPv2 test value */
@@ -139,7 +137,7 @@ static char *mschap2_peer_challenge = NULL;
  * Command-line options.
  */
 static option_t chapms_option_list[] = {
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
 	{ "ms-lanman", o_bool, &ms_lanman,
 	  "Use LanMan passwd when using MS-CHAP", 1 },
 #endif
@@ -197,7 +195,7 @@ chapms_verify_response(int id, char *name,
 	if (response_len != MS_CHAP_RESPONSE_LEN)
 		goto bad;
 
-#ifndef MSLANMAN
+#ifndef PPP_WITH_MSLANMAN
 	if (!response[MS_CHAP_USENT]) {
 		/* Should really propagate this into the error packet. */
 		notice("Peer request for LANMAN auth not supported");
@@ -208,7 +206,7 @@ chapms_verify_response(int id, char *name,
 	/* Generate the expected response. */
 	ChapMS(challenge, (char *)secret, secret_len, md);
 
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
 	/* Determine which part of response to verify against */
 	if (!response[MS_CHAP_USENT])
 		diff = memcmp(&response[MS_CHAP_LANMANRESP],
@@ -626,7 +624,7 @@ ChapMS2_NT(u_char *rchallenge, u_char PeerChallenge[16], char *username,
     ChallengeResponse(Challenge, PasswordHash, NTResponse);
 }
 
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
 static u_char *StdText = (u_char *)"KGS!@#$%"; /* key from rasapi32.dll */
 
 static void
@@ -718,7 +716,7 @@ GenerateAuthenticatorResponsePlain
 }
 
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 
 /*
  * Set mppe_xxxx_key from MS-CHAP credentials. (see RFC 3079)
@@ -754,7 +752,7 @@ SetMasterKeys(char *secret, int secret_len, u_char NTResponse[24], int IsServer)
     mppe_set_chapv2(PasswordHashHash, NTResponse, IsServer);
 }
 
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
 
 
 void
@@ -765,7 +763,7 @@ ChapMS(u_char *rchallenge, char *secret, int secret_len,
 
     ChapMS_NT(rchallenge, secret, secret_len, &response[MS_CHAP_NTRESP]);
 
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
     ChapMS_LANMan(rchallenge, secret, secret_len,
 		  &response[MS_CHAP_LANMANRESP]);
 
@@ -775,7 +773,7 @@ ChapMS(u_char *rchallenge, char *secret, int secret_len,
     response[MS_CHAP_USENT] = 1;
 #endif
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     Set_Start_Key(rchallenge, secret, secret_len);
 #endif
 }
@@ -820,7 +818,7 @@ ChapMS2(u_char *rchallenge, u_char *PeerChallenge,
 				       &response[MS_CHAP2_PEER_CHALLENGE],
 				       rchallenge, user, authResponse);
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     SetMasterKeys(secret, secret_len,
 		  &response[MS_CHAP2_NTRESP], authenticator);
 #endif
@@ -944,5 +942,3 @@ int main(int argc, char *argv[]) {
 
 #endif  /* UNIT_TEST */
 
-
-#endif /* CHAPMS */
diff --git a/pppd/eap-tls.c b/pppd/eap-tls.c
index 40796d5..69e34a1 100644
--- a/pppd/eap-tls.c
+++ b/pppd/eap-tls.c
@@ -85,7 +85,7 @@ void ssl_msg_callback(int write_p, int version, int ct, const void *buf,
               size_t len, SSL * ssl, void *arg);
 int ssl_new_session_cb(SSL *s, SSL_SESSION *sess);
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 #define EAPTLS_MPPE_KEY_LEN     32
 
 /*
@@ -137,7 +137,7 @@ void eaptls_gen_mppe_keys(struct eaptls_session *ets, int client)
     }
 }
 
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
 
 int password_callback (char *buf, int size, int rwflag, void *u)
 {
diff --git a/pppd/eap-tls.h b/pppd/eap-tls.h
index 9c56687..befd203 100644
--- a/pppd/eap-tls.h
+++ b/pppd/eap-tls.h
@@ -88,7 +88,7 @@ int get_eaptls_secret(int unit, char *client, char *server,
               char *clicertfile, char *servcertfile, char *cacertfile,
               char *capath, char *pkfile, char *pkcs12, int am_server);
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 void eaptls_gen_mppe_keys(struct eaptls_session *ets, int client);
 #endif
 
diff --git a/pppd/eap.c b/pppd/eap.c
index 6cb595f..0944d7a 100644
--- a/pppd/eap.c
+++ b/pppd/eap.c
@@ -89,12 +89,12 @@
 #include "eap-tls.h"
 #endif /* USE_EAPTLS */
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 #include "chap_ms.h"
 #include "chap-new.h"
 
 extern int chapms_strip_domain;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 eap_state eap_states[NUM_PPP];		/* EAP state; one for each unit */
 #ifdef USE_SRP
@@ -230,7 +230,7 @@ eap_init(int unit)
 #ifdef USE_EAPTLS
 	esp->es_client.ea_using_eaptls = 0;
 #endif /* USE_EAPTLS */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	esp->es_client.digest = chap_find_digest(CHAP_MICROSOFT_V2);
 	esp->es_server.digest = chap_find_digest(CHAP_MICROSOFT_V2);
 #endif
@@ -704,7 +704,7 @@ eap_figure_next_state(eap_state *esp, int status)
 		}
 		break;
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	case eapMSCHAPv2Chall:
 #endif
 	case eapMD5Chall:
@@ -727,7 +727,7 @@ eap_figure_next_state(eap_state *esp, int status)
 #endif /* USE_EAPTLS */
 }
 
-#if CHAPMS
+#if PPP_WITH_CHAPMS
 /*
  * eap_chap_verify_response - check whether the peer's response matches
  * what we think it should be.  Returns 1 if it does (authentication
@@ -795,7 +795,7 @@ eap_chapms2_send_request(eap_state *esp, u_char id,
 		auth_peer_fail(esp->es_unit, PPP_EAP);
 	}
 }
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 /*
  * Format an EAP Request message and send it to the peer.  Message
@@ -882,7 +882,7 @@ eap_send_request(eap_state *esp)
 		INCPTR(esp->es_server.ea_namelen, outp);
 		break;
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	case eapMSCHAPv2Chall:
 		esp->es_server.digest->generate_challenge(esp->es_challenge);
 		challen = esp->es_challenge[0];
@@ -903,7 +903,7 @@ eap_send_request(eap_state *esp)
 				esp->es_server.ea_namelen);
 		INCPTR(esp->es_server.ea_namelen, outp);
 		break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 #ifdef USE_EAPTLS
 	case eapTlsStart:
@@ -1598,7 +1598,7 @@ write_pseudonym(eap_state *esp, u_char *inp, int len, int id)
 }
 #endif /* USE_SRP */
 
-#if CHAPMS
+#if PPP_WITH_CHAPMS
 /*
  * Format and send an CHAPV2-Challenge EAP Response message.
  */
@@ -1859,7 +1859,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len)
 
 			/* Check if TLS handshake is finished */
 			if(eaptls_is_init_finished(ets)) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 				eaptls_gen_mppe_keys(ets, 1);
 #endif
 				eaptls_free_session(ets);
@@ -2113,7 +2113,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len)
 		break;
 #endif /* USE_SRP */
     
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
         case EAPT_MSCHAPV2:
 	    if (len < 4) {
 		error("EAP: received invalid MSCHAPv2 packet, too short");
@@ -2219,7 +2219,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len)
 	    }
 
 	    break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 #ifdef USE_PEAP
 	case EAPT_PEAP:
 
@@ -2241,7 +2241,7 @@ eap_request(eap_state *esp, u_char *inp, int id, int len)
 		}
 
 		break;
-#endif /* USE_PEAP */
+#endif // USE_PEAP
 
 	default:
 		info("EAP: unknown authentication type %d; Naking", typenum);
@@ -2292,12 +2292,12 @@ eap_response(eap_state *esp, u_char *inp, int id, int len)
 	struct eaptls_session *ets;
 	u_char flags;
 #endif /* USE_EAPTLS */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	u_char opcode;
 	int (*chap_verifier)(char *, char *, int, struct chap_digest_type *,
 		unsigned char *, unsigned char *, char *, int);
 	char response_message[256];
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 	/*
 	 * Ignore responses if we're not open
@@ -2374,7 +2374,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len)
 				GETCHAR(flags, inp);
 
 				if(len == 1 && !flags) {	/* Ack = ok */
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 					eaptls_gen_mppe_keys( esp->es_server.ea_session, 0 );
 #endif
 					eap_send_success(esp);
@@ -2440,7 +2440,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len)
 			break;
 #endif /* USE_EAPTLS */
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 		case EAPT_MSCHAPV2:
 			info("EAP: peer proposes MSCHAPv2");
 			/* If MSCHAPv2 digest was not found, NAK the packet */
@@ -2451,7 +2451,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len)
 			}
 			esp->es_server.ea_state = eapMSCHAPv2Chall;
 			break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 		default:
 			dbglog("EAP: peer requesting unknown Type %d", vallen);
@@ -2534,7 +2534,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len)
 			TIMEOUT(eap_rechallenge, esp, esp->es_rechallenge);
 		break;
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	case EAPT_MSCHAPV2:
 		if (len < 1) {
 			error("EAP: received MSCHAPv2 with no data");
@@ -2637,7 +2637,7 @@ eap_response(eap_state *esp, u_char *inp, int id, int len)
 		}
 
 		break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 #ifdef USE_SRP
 	case EAPT_SRP:
@@ -2921,9 +2921,9 @@ eap_printpkt(u_char *inp, int inlen,
 #ifdef USE_EAPTLS
 	u_char flags;
 #endif /* USE_EAPTLS */
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	u_char opcode;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 	if (inlen < EAP_HEADERLEN)
 		return (0);
@@ -2988,7 +2988,7 @@ eap_printpkt(u_char *inp, int inlen,
 			}
 			break;
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 		case EAPT_MSCHAPV2:
 			if (len <= 0)
 				break;
@@ -3041,7 +3041,7 @@ eap_printpkt(u_char *inp, int inlen,
 				break;
 			}
 			break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 #ifdef USE_EAPTLS
 		case EAPT_TLS:
@@ -3230,7 +3230,7 @@ eap_printpkt(u_char *inp, int inlen,
 			}
 			break;
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 		case EAPT_MSCHAPV2:
 			if (len <= 0)
 				break;
@@ -3273,7 +3273,7 @@ eap_printpkt(u_char *inp, int inlen,
 				break;
 			}
 			break;
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 
 #ifdef USE_SRP
 		case EAPT_SRP:
diff --git a/pppd/eap.h b/pppd/eap.h
index 5d582bc..5dba3b9 100644
--- a/pppd/eap.h
+++ b/pppd/eap.h
@@ -149,7 +149,7 @@ struct eap_auth {
 #ifdef USE_EAPTLS
 	enum eap_state_code ea_prev_state;
 #endif
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
         struct chap_digest_type *digest;
 #endif
 	u_char ea_id;		/* Current id */
diff --git a/pppd/mppe.h b/pppd/mppe.h
index 2684a7f..bf86e19 100644
--- a/pppd/mppe.h
+++ b/pppd/mppe.h
@@ -126,7 +126,7 @@
     } while (/* CONSTCOND */ 0)
 
 
-#if MPPE
+#if PPP_WITH_MPPE
 
 /*
  * NOTE:
@@ -187,5 +187,5 @@ void mppe_set_chapv1(u_char *rchallenge, u_char PasswordHashHash[MD4_SIGNATURE_S
 void mppe_set_chapv2(u_char PasswordHashHash[MD4_SIGNATURE_SIZE],
 		    u_char NTResponse[MS_AUTH_NTRESP_LEN], int IsServer);
 
-#endif  // #ifdef MPPE
+#endif  // #ifdef PPP_WITH_MPPE
 #endif  // #ifdef __MPPE_H__
diff --git a/pppd/plugins/radius/radius.c b/pppd/plugins/radius/radius.c
index 6a5b1b8..01ea312 100644
--- a/pppd/plugins/radius/radius.c
+++ b/pppd/plugins/radius/radius.c
@@ -32,9 +32,9 @@ static char const RCSID[] =
 
 #include "pppd.h"
 #include "chap-new.h"
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 #include "chap_ms.h"
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 #include "mppe.h"
 #include "md5.h"
 #endif
@@ -97,7 +97,7 @@ static int radius_init(char *msg);
 static int get_client_port(char *ifname);
 static int radius_allowed_address(u_int32_t addr);
 static void radius_acct_interim(void *);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 static int radius_setmppekeys(VALUE_PAIR *vp, REQUEST_INFO *req_info,
 			      unsigned char *);
 static int radius_setmppekeys2(VALUE_PAIR *vp, REQUEST_INFO *req_info);
@@ -346,7 +346,7 @@ radius_chap_verify(char *user, char *ourname, int id,
     int result;
     int challenge_len, response_len;
     u_char cpassword[MAX_RESPONSE_LEN + 1];
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     /* Need the RADIUS secret and Request Authenticator to decode MPPE */
     REQUEST_INFO request_info, *req_info = &request_info;
 #else
@@ -365,7 +365,7 @@ radius_chap_verify(char *user, char *ourname, int id,
 
     /* return error for types we can't handle */
     if ((digest->code != CHAP_MD5)
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	&& (digest->code != CHAP_MICROSOFT)
 	&& (digest->code != CHAP_MICROSOFT_V2)
 #endif
@@ -412,7 +412,7 @@ radius_chap_verify(char *user, char *ourname, int id,
 		      cpassword, MD5_HASH_SIZE + 1, VENDOR_NONE);
 	break;
 
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
     case CHAP_MICROSOFT:
     {
 	/* MS-CHAP-Challenge and MS-CHAP-Response */
@@ -544,7 +544,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info,
 {
     u_int32_t remote;
     int ms_chap2_success = 0;
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     int mppe_enc_keys = 0;	/* whether or not these were received */
     int mppe_enc_policy = 0;
     int mppe_enc_types = 0;
@@ -662,7 +662,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info,
 
 
 	} else if (vp->vendorcode == VENDOR_MICROSOFT) {
-#ifdef CHAPMS
+#ifdef PPP_WITH_CHAPMS
 	    switch (vp->attribute) {
 	    case PW_MS_CHAP2_SUCCESS:
 		if ((vp->lvalue != 43) || strncmp((char*) vp->strvalue + 1, "S=", 2)) {
@@ -674,7 +674,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info,
 		ms_chap2_success = 1;
 		break;
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 	    case PW_MS_CHAP_MPPE_KEYS:
 		if (radius_setmppekeys(vp, req_info, challenge) < 0) {
 		    slprintf(msg, BUF_LEN,
@@ -704,7 +704,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info,
 		mppe_enc_types = vp->lvalue;	/* save for later */
 		break;
 
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
 #ifdef MSDNS
 	    case PW_MS_PRIMARY_DNS_SERVER:
 		ao->dnsaddr[0] = htonl(vp->lvalue);
@@ -732,7 +732,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info,
 		break;
 #endif /* MSDNS */
 	    }
-#endif /* CHAPMS */
+#endif /* PPP_WITH_CHAPMS */
 	}
 	vp = vp->next;
     }
@@ -741,7 +741,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info,
     if (digest && (digest->code == CHAP_MICROSOFT_V2) && !ms_chap2_success)
 	return -1;
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
     /*
      * Require both policy and key attributes to indicate a valid key.
      * Note that if the policy value was '0' we don't set the key!
@@ -758,7 +758,7 @@ radius_setparams(VALUE_PAIR *vp, char *msg, REQUEST_INFO *req_info,
     return 0;
 }
 
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 /**********************************************************************
 * %FUNCTION: radius_setmppekeys
 * %ARGUMENTS:
@@ -880,7 +880,7 @@ radius_setmppekeys2(VALUE_PAIR *vp, REQUEST_INFO *req_info)
 
     return 0;
 }
-#endif /* MPPE */
+#endif /* PPP_WITH_MPPE */
 
 /**********************************************************************
 * %FUNCTION: radius_acct_start
diff --git a/pppd/plugins/winbind.c b/pppd/plugins/winbind.c
index 76db234..59ab9bd 100644
--- a/pppd/plugins/winbind.c
+++ b/pppd/plugins/winbind.c
@@ -569,14 +569,14 @@ winbind_chap_verify(char *user, char *ourname, int id,
 			nt_response = &response[MS_CHAP_NTRESP];
 			nt_response_size = MS_CHAP_NTRESP_LEN;
 		} else {
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
 			lm_response = &response[MS_CHAP_LANMANRESP];
 			lm_response_size = MS_CHAP_LANMANRESP_LEN;
 #else
 			/* Should really propagate this into the error packet. */
 			notice("Peer request for LANMAN auth not supported");
 			return NOT_AUTHENTICATED;
-#endif /* MSLANMAN */
+#endif /* PPP_WITH_MSLANMAN */
 		}
 		
 		/* ship off to winbind, and check */
@@ -590,7 +590,7 @@ winbind_chap_verify(char *user, char *ourname, int id,
 				  nt_response, nt_response_size,
 				  session_key,
 				  &error_string) == AUTHENTICATED) {
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 			mppe_set_chapv1(challenge, session_key);
 #endif
 			slprintf(message, message_space, "Access granted");
@@ -637,7 +637,7 @@ winbind_chap_verify(char *user, char *ourname, int id,
 				&response[MS_CHAP2_NTRESP],
 				&response[MS_CHAP2_PEER_CHALLENGE],
 				challenge, user, saresponse);
-#ifdef MPPE
+#ifdef PPP_WITH_MPPE
 			mppe_set_chapv2(session_key, &response[MS_CHAP2_NTRESP],
 				       MS_CHAP2_AUTHENTICATOR);
 #endif
diff --git a/pppd/pppd.h b/pppd/pppd.h
index 5a6d75d..534272b 100644
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -382,7 +382,7 @@ extern struct	bpf_program pass_filter;   /* Filter for pkts to pass */
 extern struct	bpf_program active_filter; /* Filter for link-active pkts */
 #endif
 
-#ifdef MSLANMAN
+#ifdef PPP_WITH_MSLANMAN
 extern bool	ms_lanman;	/* Use LanMan password instead of NT */
 				/* Has meaning only with MS-CHAP challenges */
 #endif
diff --git a/pppd/pppdconf.h.in b/pppd/pppdconf.h.in
index 63b61ee..ecc399c 100644
--- a/pppd/pppdconf.h.in
+++ b/pppd/pppdconf.h.in
@@ -4,10 +4,13 @@
  */
 
 /* "Have Microsoft CHAP support" */
-#undef CHAPMS
+#undef PPP_WITH_CHAPMS
+
+/* "Have Microsoft LAN Manager support" */
+#undef PPP_WITH_MSLANMAN
 
 /* "Have Microsoft MPPE support" */
-#undef MPPE
+#undef PPP_WITH_MPPE
 
 /* "Have multilink support" */
 #undef HAVE_MULTILINK
-- 
2.39.2