| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Fixes for #411 and #413
|
| |
| |
| |
| |
| |
| | |
Fixes issue #411.
Signed-off-by: Eivind Naess <eivnaes@yahoo.com>
|
|/
|
|
| |
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
|
|
|
|
|
| |
Allow distributions to specify a default CA path. Fix for github issue #405.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2.5.0 (#379)
This commit does several things, being a squash-and-merge of a series
of changes; squashed in order not to break bisection.
* Clean up pppd.h, moving declarations that should only be accessed by
pppd code (not by users of pppd) to a new pppd-private.h. Also,
other parts of pppd.h were moved to multilink.h, chap.h, eap.h,
eui64.h, and a new options.h.
* Provide an API for access to data that is needed by plugins (in no
particular order):
- ifname
- ifunit
- remote_name
- remote_number
- peer_authname
- status (now called "code" internally)
- phase
- doing_multilink
- multilink_master
- idle_time_limit
- link_connect_time
- max_connect_time
- link_stats
- ipparam
- hostname
- got_sigterm
- got_sigusr2
- got_sighup
- session_number
- maxoctets
- maxoctets_dir
- debug
- persist
- devnam
- modem
- peer_authname
- sync_serial
* Update the version number to 2.5.0.
* Detect availability of stddef.h and stdarg.h.
* Rename some headers:
- pppcrypt.c/h to crypto_ms.c/h
- ppp-crypto.c/h to crypto.c/h
- ppp-crypto-priv.h to crypto-priv.h
- chap-new.c/h to chap.c/h
* Remove chap-md5.h, crypto-priv.h, eap-tls.h, etc. from the list of
header files to be installed.
* Provide typedefs for the hook functions.
* Provide a typedef for the "phase" variable.
* Provide a typedef for the link statistics array.
* Remove the option_t typedef.
* Rename the following functions by adding a "ppp_" prefix (with the
intention that these are a "public" API for use by plugins):
- option_error
- add_options
- int_option,
- options_from_file
- script_setenv
- bad_ip_adrs,
- netif_get/set_mtu (renamed to ppp_get/set_mtu)
- get_time
- timeout
- untimeout
- safe_fork
- sys_close
- set_session_number
- update_link_stats (renamed to ppp_get_link_stats)
- add_notifier (renamed to ppp_add_notify)
- remove_notifier (renamed to ppp_del_notify)
- generic_[dis]establish_ppp (to ppp_generic_[dis]establish)
* Rename ppp_devnam to ppp_devname.
* Rename ppp_available() to ppp_check_kernel_support().
* Use unsigned char instead of u_char, unsigned short instead of
u_short, uint32_t instead of u_int32_t.
* Add const to some declarations
* Update comments
* Change the interface for notifiers to use an enum to identify which
notifier is to be modified.
* Provide an API for getting the path to a file, with an enum to
identify different types of file.
* Link plugins with the -DPLUGIN flag
[paulus@ozlabs.org - wrote commit message]
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Use uppercase for `prefix` parameter
`SYSTEMD_CFLAGS` is used elsewhere so `prefix` cannot be lowercase.
https://autotools.info/pkgconfig/pkg_check_modules.html
2. The module name should be `libsystemd`
Previously it will result in the following compile error when building pppd/auth.c:
> /usr/bin/ld: pppd-auth.o: undefined reference to symbol 'sd_notify@@LIBSYSTEMD_209'
> /usr/bin/ld: /usr/lib/libsystemd.so.0: error adding symbols: DSO missing from command line
This is due to missing `-lsystemd-daemon` flag which is provided by `libsystemd-daemon-devel`
package on Debian or `systemd-libs` on ArchLinux. And the proper .pc file in the package is
`libsystemd` not `systemd`.
https://stackoverflow.com/a/38303241
Signed-off-by: Chocobo1 <Chocobo1@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
| |
This re-introduces the missing DES encryption functions copied from Openssl 3.0 project. Incorporates a new API for performing MD4/MD5/SHA and encryption using DES-ECB mode.
Unit tests are included for respective digest/encryption functions using this new API. With this change, you can pass configure --without-openssl to use the internally provided functions. If you do have openssl, then it will default to use these functions. This also provides a framework to allow other vendors to provide crypto.
This closes #333, partially addresses #242 (except the pkcs11 engine support). Word has it that openssl is working on support for this, and the libp11 / opensc project are inclined not to support this.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was previously done by specifying an overriding value for _ROOT_PATH. With this change, this variable is now gone.
Instead, pathnames.h will use the SYSCONFDIR and LOCALSTATEDIR to resolve these paths. These directories is already controlled by
configure.
Package maintainers should be aware though that this may change their current configuration. The convential ./configure way is to
specify:
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/run --with-plugin-dir=/usr/lib/pppd/2.4.10
If one omit the --sysconfdir option, then the default location is by ${prefix}/etc which may not be what you want.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
| |
it can be controlled via config options. It does nothing by default
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change does a few different things.
* Projects that needs #include "config.h" should use a config.h.in for the project generated by configure in the project's local directory.
* All projects will use #include <pppd/pppd.h>, and Makefile will add -I${top_srcdir} to the appropriate *_CPPFLAGS variable.
* The inclusion of <pppd/pppdconf.h> will set the presidence for all features enabled/disabled in pppd
* Plugins will now need to use PPPD_VERSION as it conflicts with VERSION from config.h generated by autotools for third party packages
Currently, only pppoe require the use of config.h to correctly set the defines for which header files and so on was detected by configure
Other projects only needed to include <pppd/pppd.h> (and maybe a few other header files), a future change will fixup <pppd/pppd.h> to include features as needed such that it's the only needed include for a plugin. This will avoid littering the code with #ifdef/#endif constructs.
BREAKING CHANGE!
pppd/pppd.h no longer provide VERSION, third party packages are required to switch to use PPPD_VERSION. This is to avoid conflict with a source package's own VERSION as set by autotools / config.h. Also, the use of PPP_VERSION conflicts with public header files from Glibc/Linux kernel.
Example:
char pppd_version[] = PPPD_VERSION;
pppd will load plugins, and also look for the symbol "pppd_version" to validate that the plugin was built for the current version of pppd.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
|
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
|
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
|
|
|
|
|
| |
May as well do it the same way throughout.
Signed-off-by: Sam James <sam@gentoo.org>
|
|
|
|
|
|
| |
The resulting pppd/config.h will now display a unquoted comment before the define which is consistent with other defines created by autotools.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
| |
Though, this could be renamed to PPP_WITH_SESSION_LIMITS; I don't know
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
| |
To be consistent with other options / defines.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
| |
To avoid bleeding over to third party projects. They are all
defined and exported by pppdconf.h either way. These projects
will stil have a consistent view of how pppd was compiled.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Based on feedback on PR #296, the option ipv6-support seems inconsistent
with the existing ipxcp option. Futhermore, the #define has been renamed
to avoid bleeding into third party projects.
pppdconf.h is already distributed and will define or undefine the
PPP_WITH_IPV6CP define.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
| |
The 5.15 Linux kernel has removed ipx support, along with the userspace
visible header. This support wasn't very well maintained in the kernel
for several years so drop the support from ppp as well since this won't
be usable in future.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These changes adds to his contribution by
* Adding options to perform CA/CRL checking and certificate validation
consistent with what is already been done for EAP-TLS
* Certificate validation is now in line with what is already been done
for EAP-TLS. Users can now set "remotename" and "tls-verify-method" to
control these.
* Validation of certificate purpose and extended key usage is controlled
by the option "tls-verify-key-usage".
* Fixing up MPPE key generation to use the new API for handling MPPE keys
* Man page is updated where appropriate for the new options.
* Added unit-tests for the PEAP code in case of crypto or parameters would
change in the future.
* Added the peap feature to configure scripts. Users can now control the
feature by specifying --enable-peap/--disable-peap.
To acheive feature parity with the EAP-TLS change, the EAP-TLS common code was
refactored into tls.c/.h such that it could be re-used in both instances.
Using PEAP/MSCHAPv2 is now supported in PPPD with this change.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
| |
Options that specify --with-logfile-dir, or --with-plugin-dir, or --with-runtime-dir needs to be specified using AC_ARG_WITH, not AC_ARG_ENABLE.
If you try to specify --without-openssl, then the conditions should be tested against = "xyes". There is a case where the option is either blank or is set to "xno" and the former case wasn't properly handled.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
| |
Re-introducing the Automake WITH_FILTER to separate the detection
of libpcap. SunOS has a viable libpcap, but does not support the
filter feature.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
This change brings in autoconf/automake scripts to configure the ppp project. Current change doesn't eliminate the previous build system, but the new script autogen.sh will overwrite configure, and generate the basic Makefile.in and Makefile files.
Features can now be enabled by command line:
* Microsoft Extensions,
- MSCHAP
- MPPE
- MS LAN Manager support
* IPXCP protocol
* CBCP protocol
* PAM support
* EAP-TLS support
* EAP-SRP support
* Max session lifetime by byte count
* Plugins
* Packet activity filter support
* Multilink
* IPv6 support
Control linkage with
* OpenSSL (-lssl -lcrypto)
* systemd (-lsystemd)
* libatm (-latm)
* libsrp (-lsrp)
* pam (-lpam)
Also, the configure script is made sensitive to features of OpenSSL. Like the presence or absence of DES, SHA, MD4 and MD5 crypto support. In the cases where either of these are missing, the support will be directly compiled into pppd and plugins.
In addition, package maintainers can now control the installation paths with standard --prefix=, or --localstatedir=, or --sysconfdir= to configure. On top of that, they can now control the following directories:
* runtime directory w/--with-runtime-dir
* logfile directory w/--with-logfile-dir
* plugin directory w/--with-plugin-dir
In the case where automake isn't the right solution, namely: SunOS kernel module build, the original Makefile infrastructure is preserved and reused.
Care was taken to only cosmetically touchup the source files in this change. This means:
* Insert HAVE_CONFIG_H and include config.h in all .c files.
* Change HAS_SHADOW to HAVE_SHADOW_H
* Change HAVE_LOGWTMP to HAVE_UTMP_H
* Introduce HAVE_CRYPT_H into the source code where appropriate
* Added ifdef MPPE where appropriate
* USE_SRP required a few changes as it didn't compile
* Touchup some compile warning in pppstats directory on SunOS
Introduced a new pppdconf.h file that exports the appropriate defines to a module that wants to provide a module that pppd can dynamically load. This will define/undef features like MPPE, CHAPMS such that the project doesn't have to guess what features pppd is compiled with.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|