| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Allow distributions to specify a default CA path. Fix for github issue #405.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2.5.0 (#379)
This commit does several things, being a squash-and-merge of a series
of changes; squashed in order not to break bisection.
* Clean up pppd.h, moving declarations that should only be accessed by
pppd code (not by users of pppd) to a new pppd-private.h. Also,
other parts of pppd.h were moved to multilink.h, chap.h, eap.h,
eui64.h, and a new options.h.
* Provide an API for access to data that is needed by plugins (in no
particular order):
- ifname
- ifunit
- remote_name
- remote_number
- peer_authname
- status (now called "code" internally)
- phase
- doing_multilink
- multilink_master
- idle_time_limit
- link_connect_time
- max_connect_time
- link_stats
- ipparam
- hostname
- got_sigterm
- got_sigusr2
- got_sighup
- session_number
- maxoctets
- maxoctets_dir
- debug
- persist
- devnam
- modem
- peer_authname
- sync_serial
* Update the version number to 2.5.0.
* Detect availability of stddef.h and stdarg.h.
* Rename some headers:
- pppcrypt.c/h to crypto_ms.c/h
- ppp-crypto.c/h to crypto.c/h
- ppp-crypto-priv.h to crypto-priv.h
- chap-new.c/h to chap.c/h
* Remove chap-md5.h, crypto-priv.h, eap-tls.h, etc. from the list of
header files to be installed.
* Provide typedefs for the hook functions.
* Provide a typedef for the "phase" variable.
* Provide a typedef for the link statistics array.
* Remove the option_t typedef.
* Rename the following functions by adding a "ppp_" prefix (with the
intention that these are a "public" API for use by plugins):
- option_error
- add_options
- int_option,
- options_from_file
- script_setenv
- bad_ip_adrs,
- netif_get/set_mtu (renamed to ppp_get/set_mtu)
- get_time
- timeout
- untimeout
- safe_fork
- sys_close
- set_session_number
- update_link_stats (renamed to ppp_get_link_stats)
- add_notifier (renamed to ppp_add_notify)
- remove_notifier (renamed to ppp_del_notify)
- generic_[dis]establish_ppp (to ppp_generic_[dis]establish)
* Rename ppp_devnam to ppp_devname.
* Rename ppp_available() to ppp_check_kernel_support().
* Use unsigned char instead of u_char, unsigned short instead of
u_short, uint32_t instead of u_int32_t.
* Add const to some declarations
* Update comments
* Change the interface for notifiers to use an enum to identify which
notifier is to be modified.
* Provide an API for getting the path to a file, with an enum to
identify different types of file.
* Link plugins with the -DPLUGIN flag
[paulus@ozlabs.org - wrote commit message]
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
|
|
|
|
|
|
| |
incarnation DES w.r.t. RFC2759
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
| |
This re-introduces the missing DES encryption functions copied from Openssl 3.0 project. Incorporates a new API for performing MD4/MD5/SHA and encryption using DES-ECB mode.
Unit tests are included for respective digest/encryption functions using this new API. With this change, you can pass configure --without-openssl to use the internally provided functions. If you do have openssl, then it will default to use these functions. This also provides a framework to allow other vendors to provide crypto.
This closes #333, partially addresses #242 (except the pkcs11 engine support). Word has it that openssl is working on support for this, and the libp11 / opensc project are inclined not to support this.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was previously done by specifying an overriding value for _ROOT_PATH. With this change, this variable is now gone.
Instead, pathnames.h will use the SYSCONFDIR and LOCALSTATEDIR to resolve these paths. These directories is already controlled by
configure.
Package maintainers should be aware though that this may change their current configuration. The convential ./configure way is to
specify:
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/run --with-plugin-dir=/usr/lib/pppd/2.4.10
If one omit the --sysconfdir option, then the default location is by ${prefix}/etc which may not be what you want.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is to ensure compatibility with the OS you are compiling against and that
headers are maintained in upstream projects.
- Moved PPP_EAP and PPP_ECP into respective header files in lieu of not currently
existing in the linux/ppp_defs.h
- Unchained the top-level ${topsrc_dir}/include, this folder is included for
prosterity and may continue to exist on github, but in the future eliminated from
distribution
- Bogus upstream file in glibc for <net/if_ppp.h>, its content should be replaced
with a simple include to <linux/ppp-ioctl.h>. The lack of an appropriate ifreq
structure with ppp_stats or ppp_comp_stats, implementet that inline (and tested).
- Updated instances where PPP_FCS() macro would expand the fcstab, while PPP_GOODFCS
and PPP_INITFCS is provided in <linux/ppp_defs.h>, the latter is tied to a lookup
table. It's used in two places, so add the PPP_FCS macro where applicable.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The significance of this headerfile has now been reduced as pppd now provides
pppd.pc (pkgconfig) and autotools to configure the project. Other projects can
now also configure the correct path variable:
e.g. /usr/lib/x86_64-linux-gnu/pppd/2.4.10/...
To both consider the architecture and version via pkg-tool. The only consideration
would be the missing DATE directive. But I am less worried about that as the entire
release process has now been changed with the introduction of autotools.
Also fixing up pppd/pppdconf.h.in to remove quotes around the defines
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
| |
To be consistent with other options / defines.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
| |
To avoid bleeding over to third party projects. They are all
defined and exported by pppdconf.h either way. These projects
will stil have a consistent view of how pppd was compiled.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Based on feedback on PR #296, the option ipv6-support seems inconsistent
with the existing ipxcp option. Futhermore, the #define has been renamed
to avoid bleeding into third party projects.
pppdconf.h is already distributed and will define or undefine the
PPP_WITH_IPV6CP define.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
| |
The 5.15 Linux kernel has removed ipx support, along with the userspace
visible header. This support wasn't very well maintained in the kernel
for several years so drop the support from ppp as well since this won't
be usable in future.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|\
| |
| | |
pppd: Add PEAP/MSCHAPv2 support
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These changes adds to his contribution by
* Adding options to perform CA/CRL checking and certificate validation
consistent with what is already been done for EAP-TLS
* Certificate validation is now in line with what is already been done
for EAP-TLS. Users can now set "remotename" and "tls-verify-method" to
control these.
* Validation of certificate purpose and extended key usage is controlled
by the option "tls-verify-key-usage".
* Fixing up MPPE key generation to use the new API for handling MPPE keys
* Man page is updated where appropriate for the new options.
* Added unit-tests for the PEAP code in case of crypto or parameters would
change in the future.
* Added the peap feature to configure scripts. Users can now control the
feature by specifying --enable-peap/--disable-peap.
To acheive feature parity with the EAP-TLS change, the EAP-TLS common code was
refactored into tls.c/.h such that it could be re-used in both instances.
Using PEAP/MSCHAPv2 is now supported in PPPD with this change.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux architectures have different content of struct termios2 and also
different value of BOTHER macro. So do not declare any struct termios2 nor
BOTHER macro. Current definitions in ppp were applicable only for x86.
Correct definitions for current architecture are only in <asm/termbits.h>
and <asm/ioctls.h> header files. But Linux header file <asm/termbits.h> is
in conflict with glibc header file <termios.h> and only one can be included
in one source unit. Moreover both header files contains struct termios but
with different content. So it is not possible to use glibc tc* functions
with <asm/termbits.h> definitions.
For this reason provide a new include header file "termios_linux.h" which
provides custom implementation of all glibc's termios.h functions via Linux
ioctl() interface with definitions from Linux <asm/termbits.h> header file.
Thus this "termios_linux.h" is replacement for <termios.h> with additional
support for BOTHER Linux termios API.
Same "termios_linux.h" is going to be used by U-Boot's kwboot utility for
the same reason to use arbitrary baudrate value via BOTHER ioctl API.
Hopefully one day glibc will provide some API functions for functionality
provided currently by BOTHER Linux API.
Signed-off-by: Pali Rohár <pali@kernel.org>
|
|
|
|
|
|
| |
This would have uncovered the change that broke MD4
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
|
|
|
|
| |
Re-introducing the Automake WITH_FILTER to separate the detection
of libpcap. SunOS has a viable libpcap, but does not support the
filter feature.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
|
|
| |
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|
|
This change brings in autoconf/automake scripts to configure the ppp project. Current change doesn't eliminate the previous build system, but the new script autogen.sh will overwrite configure, and generate the basic Makefile.in and Makefile files.
Features can now be enabled by command line:
* Microsoft Extensions,
- MSCHAP
- MPPE
- MS LAN Manager support
* IPXCP protocol
* CBCP protocol
* PAM support
* EAP-TLS support
* EAP-SRP support
* Max session lifetime by byte count
* Plugins
* Packet activity filter support
* Multilink
* IPv6 support
Control linkage with
* OpenSSL (-lssl -lcrypto)
* systemd (-lsystemd)
* libatm (-latm)
* libsrp (-lsrp)
* pam (-lpam)
Also, the configure script is made sensitive to features of OpenSSL. Like the presence or absence of DES, SHA, MD4 and MD5 crypto support. In the cases where either of these are missing, the support will be directly compiled into pppd and plugins.
In addition, package maintainers can now control the installation paths with standard --prefix=, or --localstatedir=, or --sysconfdir= to configure. On top of that, they can now control the following directories:
* runtime directory w/--with-runtime-dir
* logfile directory w/--with-logfile-dir
* plugin directory w/--with-plugin-dir
In the case where automake isn't the right solution, namely: SunOS kernel module build, the original Makefile infrastructure is preserved and reused.
Care was taken to only cosmetically touchup the source files in this change. This means:
* Insert HAVE_CONFIG_H and include config.h in all .c files.
* Change HAS_SHADOW to HAVE_SHADOW_H
* Change HAVE_LOGWTMP to HAVE_UTMP_H
* Introduce HAVE_CRYPT_H into the source code where appropriate
* Added ifdef MPPE where appropriate
* USE_SRP required a few changes as it didn't compile
* Touchup some compile warning in pppstats directory on SunOS
Introduced a new pppdconf.h file that exports the appropriate defines to a module that wants to provide a module that pppd can dynamically load. This will define/undef features like MPPE, CHAPMS such that the project doesn't have to guess what features pppd is compiled with.
Signed-off-by: Eivind Næss <eivnaes@yahoo.com>
|