diff --git a/backport-0004-doc-add-configuration-samples.patch b/backport-0004-doc-add-configuration-samples.patch deleted file mode 100644 index 0cea0374abd672a2b1c5cd7e60287bcfc59ddc36..0000000000000000000000000000000000000000 --- a/backport-0004-doc-add-configuration-samples.patch +++ /dev/null @@ -1,341 +0,0 @@ -From d7faeb88f684c8b2ae193b2c5b5b358ac757fcfa Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Fri, 4 Apr 2014 11:39:09 +0200 -Subject: [PATCH 04/27] doc: add configuration samples - ---- - sample/auth-down | 17 ++++++ - sample/auth-up | 17 ++++++ - sample/ip-down | 22 ++++++++ - sample/ip-up | 23 ++++++++ - sample/options | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++ - sample/options.ttyXX | 14 +++++ - sample/pap-secrets | 28 ++++++++++ - 7 files changed, 274 insertions(+) - create mode 100644 sample/auth-down - create mode 100644 sample/auth-up - create mode 100644 sample/ip-down - create mode 100644 sample/ip-up - create mode 100644 sample/options - create mode 100644 sample/options.ttyXX - create mode 100644 sample/pap-secrets - -diff --git a/sample/auth-down b/sample/auth-down -new file mode 100644 -index 0000000..edde65d ---- /dev/null -+++ b/sample/auth-down -@@ -0,0 +1,17 @@ -+#!/bin/sh -+# -+# A program or script which is executed after the remote system -+# successfully authenticates itself. It is executed with the parameters -+# -+# -+ -+# -+# The environment is cleared before executing this script -+# so the path must be reset -+# -+PATH=/usr/sbin:/sbin:/usr/bin:/bin -+export PATH -+ -+echo auth-down `date +'%y/%m/%d %T'` $* >> /var/log/pppstats -+ -+# last line -diff --git a/sample/auth-up b/sample/auth-up -new file mode 100644 -index 0000000..54722a3 ---- /dev/null -+++ b/sample/auth-up -@@ -0,0 +1,17 @@ -+#!/bin/sh -+# -+# A program or script which is executed after the remote system -+# successfully authenticates itself. It is executed with the parameters -+# -+# -+ -+# -+# The environment is cleared before executing this script -+# so the path must be reset -+# -+PATH=/usr/sbin:/sbin:/usr/bin:/bin -+export PATH -+ -+echo auth-up `date +'%y/%m/%d %T'` $* >> /var/log/pppstats -+ -+# last line -diff --git a/sample/ip-down b/sample/ip-down -new file mode 100644 -index 0000000..b771fb6 ---- /dev/null -+++ b/sample/ip-down -@@ -0,0 +1,22 @@ -+#!/bin/sh -+# -+# This script is run by the pppd _after_ the link is brought down. -+# It should be used to delete routes, unset IP addresses etc. -+# -+# This script is called with the following arguments: -+# Arg Name Example -+# $1 Interface name ppp0 -+# $2 The tty ttyS1 -+# $3 The link speed 38400 -+# $4 Local IP number 12.34.56.78 -+# $5 Peer IP number 12.34.56.99 -+# -+ -+# -+# The environment is cleared before executing this script -+# so the path must be reset -+# -+PATH=/usr/sbin:/sbin:/usr/bin:/bin -+export PATH -+ -+# last line -diff --git a/sample/ip-up b/sample/ip-up -new file mode 100644 -index 0000000..7ce7c8d ---- /dev/null -+++ b/sample/ip-up -@@ -0,0 +1,23 @@ -+#!/bin/sh -+# -+# This script is run by the pppd after the link is established. -+# It should be used to add routes, set IP address, run the mailq -+# etc. -+# -+# This script is called with the following arguments: -+# Arg Name Example -+# $1 Interface name ppp0 -+# $2 The tty ttyS1 -+# $3 The link speed 38400 -+# $4 Local IP number 12.34.56.78 -+# $5 Peer IP number 12.34.56.99 -+# -+ -+# -+# The environment is cleared before executing this script -+# so the path must be reset -+# -+PATH=/usr/sbin:/sbin:/usr/bin:/bin -+export PATH -+ -+# last line -diff --git a/sample/options b/sample/options -new file mode 100644 -index 0000000..8d0a3f9 ---- /dev/null -+++ b/sample/options -@@ -0,0 +1,153 @@ -+# /etc/ppp/options -+ -+# The name of this server. Often, the FQDN is used here. -+#name -+ -+# Enforce the use of the hostname as the name of the local system for -+# authentication purposes (overrides the name option). -+usehostname -+ -+# If no local IP address is given, pppd will use the first IP address -+# that belongs to the local hostname. If "noipdefault" is given, this -+# is disabled and the peer will have to supply an IP address. -+noipdefault -+ -+# With this option, pppd will accept the peer's idea of our local IP -+# address, even if the local IP address was specified in an option. -+#ipcp-accept-local -+ -+# With this option, pppd will accept the peer's idea of its (remote) IP -+# address, even if the remote IP address was specified in an option. -+#ipcp-accept-remote -+ -+# Specify which DNS Servers the incoming Win95 or WinNT Connection should use -+# Two Servers can be remotely configured -+#ms-dns 192.168.1.1 -+#ms-dns 192.168.1.2 -+ -+# Specify which WINS Servers the incoming connection Win95 or WinNT should use -+#wins-addr 192.168.1.50 -+#wins-addr 192.168.1.51 -+ -+# enable this on a server that already has a permanent default route -+#nodefaultroute -+ -+# Run the executable or shell command specified after pppd has terminated -+# the link. This script could, for example, issue commands to the modem -+# to cause it to hang up if hardware modem control signals were not -+# available. -+# If mgetty is running, it will reset the modem anyway. So there is no need -+# to do it here. -+#disconnect "chat -- \d+++\d\c OK ath0 OK" -+ -+# Increase debugging level (same as -d). The debug output is written -+# to syslog LOG_LOCAL2. -+debug -+ -+# Enable debugging code in the kernel-level PPP driver. The argument n -+# is a number which is the sum of the following values: 1 to enable -+# general debug messages, 2 to request that the contents of received -+# packets be printed, and 4 to request that the contents of transmitted -+# packets be printed. -+#kdebug n -+ -+# Require the peer to authenticate itself before allowing network -+# packets to be sent or received. -+# Please do not disable this setting. It is expected to be standard in -+# future releases of pppd. Use the call option (see manpage) to disable -+# authentication for specific peers. -+#auth -+ -+# authentication can either be pap or chap. As most people only want to -+# use pap, you can also disable chap: -+#require-pap -+#refuse-chap -+ -+# Use hardware flow control (i.e. RTS/CTS) to control the flow of data -+# on the serial port. -+crtscts -+ -+# Specifies that pppd should use a UUCP-style lock on the serial device -+# to ensure exclusive access to the device. -+lock -+ -+# Use the modem control lines. -+modem -+ -+# async character map -- 32-bit hex; each bit is a character -+# that needs to be escaped for pppd to receive it. 0x00000001 -+# represents '\x01', and 0x80000000 represents '\x1f'. -+# To allow pppd to work over a rlogin/telnet connection, ou should escape -+# XON (^Q), XOFF (^S) and ^]: (The peer should use "escape ff".) -+#asyncmap 200a0000 -+asyncmap 0 -+ -+# Specifies that certain characters should be escaped on transmission -+# (regardless of whether the peer requests them to be escaped with its -+# async control character map). The characters to be escaped are -+# specified as a list of hex numbers separated by commas. Note that -+# almost any character can be specified for the escape option, unlike -+# the asyncmap option which only allows control characters to be -+# specified. The characters which may not be escaped are those with hex -+# values 0x20 - 0x3f or 0x5e. -+#escape 11,13,ff -+ -+# Set the MRU [Maximum Receive Unit] value to for negotiation. pppd -+# will ask the peer to send packets of no more than bytes. The -+# minimum MRU value is 128. The default MRU value is 1500. A value of -+# 296 is recommended for slow links (40 bytes for TCP/IP header + 256 -+# bytes of data). -+#mru 542 -+ -+# Set the MTU [Maximum Transmit Unit] value to . Unless the peer -+# requests a smaller value via MRU negotiation, pppd will request that -+# the kernel networking code send data packets of no more than n bytes -+# through the PPP network interface. -+#mtu -+ -+# Set the interface netmask to , a 32 bit netmask in "decimal dot" -+# notation (e.g. 255.255.255.0). -+#netmask 255.255.255.0 -+ -+# Don't fork to become a background process (otherwise pppd will do so -+# if a serial device is specified). -+nodetach -+ -+# Set the assumed name of the remote system for authentication purposes -+# to . -+#remotename -+ -+# Add an entry to this system's ARP [Address Resolution Protocol] -+# table with the IP address of the peer and the Ethernet address of this -+# system. {proxyarp,noproxyarp} -+proxyarp -+ -+# Use the system password database for authenticating the peer using -+# PAP. Note: mgetty already provides this option. If this is specified -+# then dialin from users using a script under Linux to fire up ppp wont work. -+#login -+ -+# If this option is given, pppd will send an LCP echo-request frame to -+# the peer every n seconds. Under Linux, the echo-request is sent when -+# no packets have been received from the peer for n seconds. Normally -+# the peer should respond to the echo-request by sending an echo-reply. -+# This option can be used with the lcp-echo-failure option to detect -+# that the peer is no longer connected. -+lcp-echo-interval 30 -+ -+# If this option is given, pppd will presume the peer to be dead if n -+# LCP echo-requests are sent without receiving a valid LCP echo-reply. -+# If this happens, pppd will terminate the connection. Use of this -+# option requires a non-zero value for the lcp-echo-interval parameter. -+# This option can be used to enable pppd to terminate after the physical -+# connection has been broken (e.g., the modem has hung up) in -+# situations where no hardware modem control lines are available. -+lcp-echo-failure 4 -+ -+# Specifies that pppd should disconnect if the link is idle for n seconds. -+idle 600 -+ -+# Disable the IPXCP and IPX protocols. -+noipx -+ -+# ------ -diff --git a/sample/options.ttyXX b/sample/options.ttyXX -new file mode 100644 -index 0000000..d4202f5 ---- /dev/null -+++ b/sample/options.ttyXX -@@ -0,0 +1,14 @@ -+# If you need to set up multiple serial lines then copy this file to -+# options. for each tty with a modem on it. -+# -+# The options.tty file will assign an IP address to each PPP connection -+# as it comes up. They must all be distinct! -+# -+# Example: -+# options.ttyS1 for com2 under DOS. -+# -+# Edit the following line so that the first IP address -+# mentioned is the ip address of the serial port while the second -+# is the IP address of your host -+# -+hostname-s1:hostname -diff --git a/sample/pap-secrets b/sample/pap-secrets -new file mode 100644 -index 0000000..098971b ---- /dev/null -+++ b/sample/pap-secrets -@@ -0,0 +1,28 @@ -+# Secrets for authentication using PAP -+# client server secret IP addresses -+ -+# OUTBOUND CONNECTIONS -+# Here you should add your userid password to connect to your providers via -+# pap. The * means that the password is to be used for ANY host you connect -+# to. Thus you do not have to worry about the foreign machine name. Just -+# replace password with your password. -+# If you have different providers with different passwords then you better -+# remove the following line. -+#hostname * password -+ -+# INBOUND CONNECTIONS -+#client hostname 192.168.1.1 -+ -+# If you add "auth login -chap +pap" to /etc/mgetty+sendfax/login.config, -+# all users in /etc/passwd can use their password for pap-authentication. -+# -+# Every regular user can use PPP and has to use passwords from /etc/passwd -+#* hostname "" -+# UserIDs that cannot use PPP at all. Check your /etc/passwd and add any -+# other accounts that should not be able to use pppd! Replace hostname -+# with your local hostname. -+#guest hostname "*" - -+#master hostname "*" - -+#root hostname "*" - -+#support hostname "*" - -+#stats hostname "*" - --- -1.8.3.1 - diff --git a/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch b/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch index f8813fbf8e76b2fc6f027e6a6f8aed7884d34601..cd37ebdffad0ac1353860e397d9702200670022d 100644 --- a/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch +++ b/backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch @@ -73,8 +73,8 @@ index 3d3bf4e..c0d927d 100644 --- a/pppd/plugins/pppoe/if.c +++ b/pppd/plugins/pppoe/if.c @@ -121,7 +121,7 @@ openInterface(char const *ifname, UINT16_t type, unsigned char *hwaddr) - stype = SOCK_PACKET; - #endif + return -1; + } - if ((fd = socket(domain, stype, htons(type))) < 0) { + if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) { @@ -132,4 +132,4 @@ index bc96695..8e76a5d 100644 error("Can't create socket: %m"); return -1; -- -1.8.3.1 \ No newline at end of file +1.8.3.1 diff --git a/backport-Add-configure-check-to-see-if-we-have-struct-sockaddr_ll.patch b/backport-Add-configure-check-to-see-if-we-have-struct-sockaddr_ll.patch deleted file mode 100644 index a7823d424917289103f1d5f448f1a5168e2cb6f8..0000000000000000000000000000000000000000 --- a/backport-Add-configure-check-to-see-if-we-have-struct-sockaddr_ll.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 9d6d326b2530cffb1414e4c401675117c42d43ce Mon Sep 17 00:00:00 2001 -From: Eivind Naess -Date: Sun, 23 Apr 2023 11:30:43 -0700 -Subject: [PATCH] Add configure check to see if we have struct sockaddr_ll - -Fixes issue #411. - -Signed-off-by: Eivind Naess ---- - configure.ac | 3 ++- - pppd/plugins/pppoe/config.h.in | 2 ++ - 2 files changed, 4 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 1180f64ec..38b24af92 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -75,7 +75,8 @@ AM_COND_IF([LINUX], [ - linux/if_ether.h \ - linux/if_packet.h \ - netinet/if_ether.h \ -- netpacket/packet.h])]) -+ netpacket/packet.h]) -+ AC_CHECK_TYPES([struct sockaddr_ll], [], [], [#include ])]) - - AC_CHECK_SIZEOF(unsigned int) - AC_CHECK_SIZEOF(unsigned long) -diff --git a/pppd/plugins/pppoe/config.h.in b/pppd/plugins/pppoe/config.h.in -index d447f5e89..d7d61c01c 100644 ---- a/pppd/plugins/pppoe/config.h.in -+++ b/pppd/plugins/pppoe/config.h.in -@@ -69,3 +69,5 @@ - /* The size of `unsigned short', as computed by sizeof. */ - #undef SIZEOF_UNSIGNED_SHORT - -+/* Define to 1 if the system has the type `struct sockaddr_ll'. */ -+#undef HAVE_STRUCT_SOCKADDR_LL diff --git a/backport-Fixing-up-parsing-in-radiusclient.conf.patch b/backport-Fixing-up-parsing-in-radiusclient.conf.patch deleted file mode 100644 index a898e258e98c3a06b4dd83c6fe0892d52cfa891e..0000000000000000000000000000000000000000 --- a/backport-Fixing-up-parsing-in-radiusclient.conf.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 7f89208b860ea0c41636410bfdb6a609b2772f47 Mon Sep 17 00:00:00 2001 -From: Eivind Naess -Date: Sun, 23 Apr 2023 11:37:01 -0700 -Subject: [PATCH] Closes #411, Fixing up parsing in radiusclient.conf - -Adding curly braces to fix the code. - -Signed-off-by: Eivind Naess ---- - pppd/plugins/radius/config.c | 12 ++++++++---- - 1 file changed, 8 insertions(+), 4 deletions(-) - -diff --git a/pppd/plugins/radius/config.c b/pppd/plugins/radius/config.c -index 39744fca1..e1a481487 100644 ---- a/pppd/plugins/radius/config.c -+++ b/pppd/plugins/radius/config.c -@@ -235,24 +235,28 @@ int rc_read_config(char *filename) - - switch (option->type) { - case OT_STR: -- if (set_option_str(filename, line, option, p) < 0) -+ if (set_option_str(filename, line, option, p) < 0) { - fclose(configfd); - return (-1); -+ } - break; - case OT_INT: -- if (set_option_int(filename, line, option, p) < 0) -+ if (set_option_int(filename, line, option, p) < 0) { - fclose(configfd); - return (-1); -+ } - break; - case OT_SRV: -- if (set_option_srv(filename, line, option, p) < 0) -+ if (set_option_srv(filename, line, option, p) < 0) { - fclose(configfd); - return (-1); -+ } - break; - case OT_AUO: -- if (set_option_auo(filename, line, option, p) < 0) -+ if (set_option_auo(filename, line, option, p) < 0) { - fclose(configfd); - return (-1); -+ } - break; - default: - fatal("rc_read_config: impossible case branch!"); diff --git a/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch b/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch index 19ee5c3e8f1b0ad79f0cfb832eeff8eb5c57641d..9e1b9b006c124978f5f434125ae25b4b5ffb7b63 100644 --- a/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch +++ b/backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch @@ -23,7 +23,7 @@ index 4271af6..9e957fa 100644 fatal("unable to regain privileges: %m"); if (ufile == NULL) { @@ -1413,7 +1413,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg) - filename = PPP_PATH_UPAPFILE; + filename = path_upapfile; addrs = opts = NULL; ret = UPAP_AUTHNAK; - f = fopen(filename, "r"); @@ -33,7 +33,7 @@ index 4271af6..9e957fa 100644 @@ -1512,7 +1512,7 @@ null_login(unit) if (ret <= 0) { - filename = PPP_PATH_UPAPFILE; + filename = path_upapfile; addrs = NULL; - f = fopen(filename, "r"); + f = fopen(filename, "re"); @@ -43,7 +43,7 @@ index 4271af6..9e957fa 100644 @@ -1559,7 +1559,7 @@ get_pap_passwd(passwd) } - filename = PPP_PATH_UPAPFILE; + filename = path_upapfile; - f = fopen(filename, "r"); + f = fopen(filename, "re"); if (f == NULL) @@ -52,7 +52,7 @@ index 4271af6..9e957fa 100644 @@ -1597,7 +1597,7 @@ have_pap_secret(lacks_ipp) } - filename = PPP_PATH_UPAPFILE; + filename = path_upapfile; - f = fopen(filename, "r"); + f = fopen(filename, "re"); if (f == NULL) @@ -61,7 +61,7 @@ index 4271af6..9e957fa 100644 @@ -1642,7 +1642,7 @@ have_chap_secret(client, server, need_ip, lacks_ipp) } - filename = PPP_PATH_CHAPFILE; + filename = path_chapfile; - f = fopen(filename, "r"); + f = fopen(filename, "re"); if (f == NULL) @@ -139,4 +139,4 @@ index 72a7727..8a12fa0 100644 error("can't open routing table %s: %m", path); return 0; -- -1.8.3.1 \ No newline at end of file +1.8.3.1 diff --git a/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch b/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch index 3ce25d2a51cb4a1d925b98d7559db51e80fbe02f..1864d173b73fe47cb9bf42eeb833e41c4f60456b 100644 --- a/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch +++ b/backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch @@ -167,23 +167,14 @@ index bdc5828..c7ab71c 100644 --- a/pppd/tdb.c +++ b/pppd/tdb.c @@ -1724,7 +1724,7 @@ TDB_CONTEXT *tdb_open_ex(const char *name, int hash_size, int tdb_flags, - goto internal; } + again: - if ((tdb->fd = open(name, open_flags, mode)) == -1) { + if ((tdb->fd = open(name, open_flags | O_CLOEXEC, mode)) == -1) { - TDB_LOG((tdb, 5, "tdb_open_ex: could not open file %s: %s\n", - name, strerror(errno))); - goto fail; /* errno set by open(2) */ -@@ -1967,7 +1967,7 @@ int tdb_reopen(TDB_CONTEXT *tdb) - } - if (close(tdb->fd) != 0) - TDB_LOG((tdb, 0, "tdb_reopen: WARNING closing tdb->fd failed!\n")); -- tdb->fd = open(tdb->name, tdb->open_flags & ~(O_CREAT|O_TRUNC), 0); -+ tdb->fd = open(tdb->name, (tdb->open_flags & ~(O_CREAT|O_TRUNC)) | O_CLOEXEC, 0); - if (tdb->fd == -1) { - TDB_LOG((tdb, 0, "tdb_reopen: open failed (%s)\n", strerror(errno))); - goto fail; + if ((open_flags & O_CREAT) && errno == ENOENT && + mkdir_recursive(PPP_PATH_VARRUN) == 0) + goto again; diff --git a/pppd/tty.c b/pppd/tty.c index d571b11..bc96695 100644 --- a/pppd/tty.c @@ -237,4 +228,4 @@ index 29bf970..6051b9a 100644 error("Couldn't reopen lock file %s: %m", lock_file); lock_file[0] = 0; -- -1.8.3.1 \ No newline at end of file +1.8.3.1 diff --git a/backport-ppp-2.5.0-use-change-resolv-function.patch b/backport-ppp-2.5.0-use-change-resolv-function.patch deleted file mode 100644 index 30a07fe64f9270dd4148f3e741930c4d75f219e4..0000000000000000000000000000000000000000 --- a/backport-ppp-2.5.0-use-change-resolv-function.patch +++ /dev/null @@ -1,51 +0,0 @@ -diff --git a/scripts/ip-down.local.add b/scripts/ip-down.local.add -index b93590e..8889cb6 100644 ---- a/scripts/ip-down.local.add -+++ b/scripts/ip-down.local.add -@@ -9,12 +9,13 @@ - # - # Nick Walker (nickwalker@email.com) - # -+. /etc/sysconfig/network-scripts/network-functions - - if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then - if [ -f /etc/ppp/resolv.prev ]; then -- cp -f /etc/ppp/resolv.prev /etc/resolv.conf -+ change_resolv_conf /etc/ppp/resolv.prev - else -- rm -f /etc/resolv.conf -+ change_resolv_conf - fi - fi - -diff --git a/scripts/ip-up.local.add b/scripts/ip-up.local.add -index 8017209..5ced496 100644 ---- a/scripts/ip-up.local.add -+++ b/scripts/ip-up.local.add -@@ -9,16 +9,22 @@ - # - # Nick Walker (nickwalker@email.com) - # -+. /etc/sysconfig/network-scripts/network-functions - - if [ -n "$USEPEERDNS" -a -f /etc/ppp/resolv.conf ]; then - rm -f /etc/ppp/resolv.prev - if [ -f /etc/resolv.conf ]; then - cp /etc/resolv.conf /etc/ppp/resolv.prev -- grep domain /etc/ppp/resolv.prev > /etc/resolv.conf -- grep search /etc/ppp/resolv.prev >> /etc/resolv.conf -- cat /etc/ppp/resolv.conf >> /etc/resolv.conf -+ rscf=/etc/ppp/resolv.new -+ grep domain /etc/ppp/resolv.prev > $rscf -+ grep search /etc/ppp/resolv.prev >> $rscf -+ if [ -f /etc/ppp/resolv.conf ]; then -+ cat /etc/ppp/resolv.conf >> $rscf -+ fi -+ change_resolv_conf $rscf -+ rm -f $rscf - else -- cp /etc/ppp/resolv.conf /etc -+ change_resolv_conf /etc/ppp/resolv.conf - fi - fi - diff --git a/ppp-2.5.0.tar.gz b/ppp-2.5.0.tar.gz deleted file mode 100644 index 4fceb7a412c1f4aed488a4f1f6e3c56e3215ecab..0000000000000000000000000000000000000000 Binary files a/ppp-2.5.0.tar.gz and /dev/null differ diff --git a/ppp-2.5.2.tar.gz b/ppp-2.5.2.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..63636106936609117800e181fdc1369435c1bbfb Binary files /dev/null and b/ppp-2.5.2.tar.gz differ diff --git a/ppp.spec b/ppp.spec index f62281f17d2e55328c1a29cab95e5684933fdf90..974996d63d8b5734e8abbf4f72bd2bab7f557f00 100644 --- a/ppp.spec +++ b/ppp.spec @@ -1,9 +1,9 @@ Name: ppp -Version: 2.5.0 -Release: 4 +Version: 2.5.2 +Release: 1 Summary: The Point-to-Point Protocol -License: BSD and LGPLv2+ and GPLv2+ and Public Domain +License: BSD-3-Clause and LGPLv2+ and GPLv2+ and Public Domain URL: https://ppp.samba.org/ Source0: https://download.samba.org/pub/ppp/%{name}-%{version}.tar.gz Source1: ppp-watch.tar.xz @@ -28,17 +28,12 @@ Requires(pre): /usr/sbin/groupadd Provides: network-scripts-ppp Obsoletes: network-scripts-ppp -Patch0002: backport-0004-doc-add-configuration-samples.patch -Patch0004: backport-ppp-2.5.0-use-change-resolv-function.patch Patch0006: backport-ppp-2.4.8-pppd-we-don-t-want-to-accidentally-leak-fds.patch Patch0007: backport-ppp-2.4.9-everywhere-O_CLOEXEC-harder.patch Patch0008: backport-0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch Patch0009: refuse-pap-by-default-for-security.patch -Patch0010: backport-Fixing-up-parsing-in-radiusclient.conf.patch -Patch0011: backport-Add-configure-check-to-see-if-we-have-struct-sockaddr_ll.patch - %description The Point-to-Point Protocol (PPP) provides a standard way to establish a network connection over a serial link. At present, this package @@ -48,7 +43,6 @@ and UDP. The Linux port of this package also has support for IPX. %package devel Summary: Development environment for %{name} Requires: %{name} = %{version}-%{release} -Requires: pkgconf-pkg-config %description devel The %{name}-devel package contains libraries and header files for @@ -57,8 +51,7 @@ building plugins for the %{name}. %package_help %prep -%setup -qn %{name}-%{version} -%autopatch -p1 +%autosetup -p1 -n %{name}-%{version} tar -xvJf %{SOURCE1} mkdir ppp mkdir network-scripts @@ -105,6 +98,14 @@ install -m 644 -p %{SOURCE12} %{buildroot}%{_prefix}/lib/tmpfiles.d/ppp.conf mkdir -p %{buildroot}%{_rundir}/ppp mkdir -p %{buildroot}%{_rundir}/pppd/lock +# fix configuration files suffix +pushd %{buildroot}%{_sysconfdir}/ppp +for f in `ls *.example` +do + mv "$f" "${f%%.example}" +done +popd + %pre /usr/bin/getent group dip >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 40 dip >/dev/null 2>&1 || : @@ -141,6 +142,12 @@ mkdir -p %{buildroot}%{_rundir}/pppd/lock %{_mandir}/man8/*.8.gz %changelog +* Mon Feb 17 2025 gaihuiying - 2.5.2-1 +- Type:requirement +- ID:NA +- SUG:NA +- DESC:update ppp version from 2.5.0 to 2.5.2 + * Fri Feb 14 2025 gaihuiying - 2.5.0-4 - Type:bugfix - CVE:NA @@ -230,4 +237,3 @@ mkdir -p %{buildroot}%{_rundir}/pppd/lock * Sun Sep 15 2019 openEuler Buildteam - 2.4.7-27 - Package Init - diff --git a/refuse-pap-by-default-for-security.patch b/refuse-pap-by-default-for-security.patch index 5fa567ea34e5da1fbf5b3bf26fd4bc6a5e221d2f..a3e9c4096313278f98b617631b9fbcf027ad189f 100644 --- a/refuse-pap-by-default-for-security.patch +++ b/refuse-pap-by-default-for-security.patch @@ -7,13 +7,12 @@ Subject: [PATCH] refuse pap by default for security etc.ppp/options | 1 + 1 file changed, 1 insertion(+) -diff --git a/etc.ppp/options b/etc.ppp/options +diff --git a/etc.ppp/options.example b/etc.ppp/options.example index 4b67b6a0d6b6..7112a65bd6b6 100644 ---- a/etc.ppp/options -+++ b/etc.ppp/options +--- a/etc.ppp/options.example ++++ b/etc.ppp/options.example @@ -1 +1,2 @@ lock +refuse-pap -- 2.33.0 -