--- /dev/null
+## missing variables that should be declared somewhere
+
+LINUX_VERSION := 2.4.20
#
#############################################################
-CHILLISPOT_VERSION:=0.95
+CHILLISPOT_VERSION:=0.96
+CHILLISPOT_RELEASE:=1
+
CHILLISPOT_SOURCE:=chillispot-$(CHILLISPOT_VERSION).tar.gz
CHILLISPOT_SITE:=http://www.chillispot.org/download/
CHILLISPOT_CAT:=zcat
CHILLISPOT_BINARY:=src/chilli
CHILLISPOT_TARGET_BINARY:=usr/sbin/chilli
+CHILLISPOT_BUILD_DIR := $(BUILD_DIR)/chillispot_$(CHILLISPOT_VERSION)-$(CHILLISPOT_RELEASE)
+CHILLISPOT_IPK_DIR := $(OPENWRT_IPK_DIR)/chillispot
+CHILLISPOT_IPK := $(CHILLISPOT_BUILD_DIR)_$(ARCH).ipk
+
+
$(DL_DIR)/$(CHILLISPOT_SOURCE):
$(WGET) -P $(DL_DIR) $(CHILLISPOT_SITE)/$(CHILLISPOT_SOURCE)
chillispot-source: $(DL_DIR)/$(CHILLISPOT_SOURCE)
-$(CHILLISPOT_DIR)/.unpacked: $(DL_DIR)/$(CHILLISPOT_SOURCE)
+$(CHILLISPOT_DIR)/.stamp-unpacked: $(DL_DIR)/$(CHILLISPOT_SOURCE)
$(CHILLISPOT_CAT) $(DL_DIR)/$(CHILLISPOT_SOURCE) | tar -C $(BUILD_DIR) -xvf -
- sed -i -e s:"-ggdb"::g $(CHILLISPOT_DIR)/src/Makefile.in
- touch $(CHILLISPOT_DIR)/.unpacked
-$(CHILLISPOT_DIR)/.configured: $(CHILLISPOT_DIR)/.unpacked
+ touch $(CHILLISPOT_DIR)/.stamp-unpacked
+
+$(CHILLISPOT_DIR)/.stamp-configured: $(CHILLISPOT_DIR)/.stamp-unpacked
(cd $(CHILLISPOT_DIR); rm -rf config.cache; \
$(TARGET_CONFIGURE_OPTS) \
CFLAGS="$(TARGET_CFLAGS)" \
+ ac_cv_func_malloc_0_nonnull=yes \
+ ac_cv_func_memcmp_working=yes \
ac_cv_func_setvbuf_reversed=no \
./configure \
--target=$(GNU_TARGET_NAME) \
$(DISABLE_NLS) \
$(DISABLE_LARGEFILE) \
);
- sed -i -e s:"#define HAVE_MALLOC 0":"#define HAVE_MALLOC 1":g \
- -e s:"#define malloc rpl_malloc"::g \
- $(CHILLISPOT_DIR)/config.h
- touch $(CHILLISPOT_DIR)/.configured
+ touch $(CHILLISPOT_DIR)/.stamp-configured
-$(CHILLISPOT_DIR)/$(CHILLISPOT_BINARY): $(CHILLISPOT_DIR)/.configured
+$(CHILLISPOT_DIR)/.stamp-built: $(CHILLISPOT_DIR)/.stamp-configured
$(MAKE) CC=$(TARGET_CC) $(TARGET_CONFIGURE_OPTS) -C $(CHILLISPOT_DIR)
+ touch $(CHILLISPOT_DIR)/.stamp-built
+
+$(CHILLISPOT_BUILD_DIR)/CONTROL/control: $(CHILLISPOT_DIR)/.stamp-built
+ rm -rf $(CHILLISPOT_BUILD_DIR)
+ mkdir -p $(CHILLISPOT_BUILD_DIR)/usr/sbin
+ cp -a $(CHILLISPOT_DIR)/src/chilli $(CHILLISPOT_BUILD_DIR)/usr/sbin/
+ $(STRIP) $(CHILLISPOT_BUILD_DIR)/usr/sbin/*
+ mkdir -p $(CHILLISPOT_BUILD_DIR)/etc
+ cp -a $(CHILLISPOT_DIR)/doc/chilli.conf $(CHILLISPOT_BUILD_DIR)/etc
+ cp -a $(CHILLISPOT_IPK_DIR)/root/* $(CHILLISPOT_BUILD_DIR)/
+ chmod 0755 $(CHILLISPOT_BUILD_DIR)/etc
+ chmod 0600 $(CHILLISPOT_BUILD_DIR)/etc/chilli.conf
+ chmod 0755 $(CHILLISPOT_BUILD_DIR)/etc/init.d
+ chmod 0755 $(CHILLISPOT_BUILD_DIR)/etc/init.d/*
+ chmod 0755 $(CHILLISPOT_BUILD_DIR)/usr
+ chmod 0755 $(CHILLISPOT_BUILD_DIR)/usr/sbin
+ chmod 0755 $(CHILLISPOT_BUILD_DIR)/usr/sbin/*
+ cp -a $(CHILLISPOT_IPK_DIR)/CONTROL $(CHILLISPOT_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(CHILLISPOT_VERSION)-$(CHILLISPOT_RELEASE)/" $(CHILLISPOT_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(CHILLISPOT_BUILD_DIR)/CONTROL/control
+
+ touch $(CHILLISPOT_BUILD_DIR)/CONTROL/control
+
+
+$(CHILLISPOT_IPK): $(CHILLISPOT_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(CHILLISPOT_BUILD_DIR)
+
-# This stuff is needed to work around GNU make deficiencies
-chillispot-target_binary: $(CHILLISPOT_DIR)/$(CHILLISPOT_BINARY)
- @if [ -L $(TARGET_DIR)/$(CHILLISPOT_TARGET_BINARY) ] ; then \
- rm -f $(TARGET_DIR)/$(CHILLISPOT_TARGET_BINARY); fi;
- @if [ ! -f $(CHILLISPOT_DIR)/$(CHILLISPOT_BINARY) -o $(TARGET_DIR)/$(CHILLISPOT_TARGET_BINARY) \
- -ot $(CHILLISPOT_DIR)/$(CHILLISPOT_BINARY) ] ; then \
- set -x; \
- $(MAKE) DESTDIR=$(TARGET_DIR) CC=$(TARGET_CC) -C $(CHILLISPOT_DIR) install; \
- $(STRIP) $(TARGET_DIR)/$(CHILLISPOT_TARGET_BINARY)
- rm -rf $(TARGET_DIR)/usr/man; fi;
-
-chillispot: $(CHILLISPOT_DIR)/$(CHILLISPOT_BINARY)
- #chillispot-target_binary
- $(MAKE) DESTDIR=$(TARGET_DIR) CC=$(TARGET_CC) -C $(CHILLISPOT_DIR) install
- $(MAKE) DESTDIR=$(TARGET_DIR) CC=$(TARGET_CC) -C $(CHILLISPOT_DIR)/doc install
- $(STRIP) $(TARGET_DIR)/$(CHILLISPOT_TARGET_BINARY)
-
+chillispot-ipk: ipkg-utils $(CHILLISPOT_IPK)
chillispot-clean:
- $(MAKE) DESTDIR=$(TARGET_DIR) CC=$(TARGET_CC) -C $(CHILLISPOT_DIR) uninstall
- -$(MAKE) -C $(CHILLISPOT_DIR) clean
+ $(MAKE) -C $(CHILLISPOT_DIR) clean
chillispot-dirclean:
rm -rf $(CHILLISPOT_DIR)
--- /dev/null
+## dhcp-fwd
+
+DHCP_FWD_VERSION := 0.7
+DHCP_FWD_RELEASE := 1
+
+DHCP_FWD_SOURCE := dhcp-forwarder-$(DHCP_FWD_VERSION).tar.bz2
+DHCP_FWD_SITE := http://www-user.tu-chemnitz.de/~ensc/dhcp-fwd/files/
+DHCP_FWD_DIR := $(BUILD_DIR)/dhcp-forwarder-$(DHCP_FWD_VERSION)
+DHCP_FWD_CAT := bzcat
+
+DHCP_FWD_BUILD_DIR := $(BUILD_DIR)/dhcp-fwd_$(DHCP_FWD_VERSION)-$(DHCP_FWD_RELEASE)
+DHCP_FWD_IPK_DIR := $(OPENWRT_IPK_DIR)/dhcp-fwd
+DHCP_FWD_IPK := $(DHCP_FWD_BUILD_DIR)_$(ARCH).ipk
+
+
+$(DL_DIR)/$(DHCP_FWD_SOURCE):
+ $(WGET) -P $(DL_DIR) $(DHCP_FWD_SITE)/$(DHCP_FWD_SOURCE)
+
+
+$(DHCP_FWD_DIR)/.stamp-unpacked: $(DL_DIR)/$(DHCP_FWD_SOURCE)
+ $(DHCP_FWD_CAT) $(DL_DIR)/$(DHCP_FWD_SOURCE) | tar -C $(BUILD_DIR) -xvf -
+
+ touch $(DHCP_FWD_DIR)/.stamp-unpacked
+
+
+$(DHCP_FWD_DIR)/.stamp-configured: $(DHCP_FWD_DIR)/.stamp-unpacked
+ cd $(DHCP_FWD_DIR) ; \
+ rm -rf config.cache ; \
+ $(TARGET_CONFIGURE_OPTS) \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ ac_cv_func_malloc_0_nonnull="yes" \
+ ./configure \
+ --target=$(GNU_TARGET_NAME) \
+ --host=$(GNU_TARGET_NAME) \
+ --build=$(GNU_HOST_NAME) \
+ --prefix=/usr \
+ --exec-prefix=/usr \
+ --bindir=/usr/bin \
+ --sbindir=/usr/sbin \
+ --libexecdir=/usr/lib \
+ --datadir=/usr/share \
+ --infodir=/usr/share/info \
+ --mandir=/usr/share/man \
+ --localstatedir=/var \
+ --sysconfdir=/etc \
+ $(DISABLE_NLS) \
+
+ touch $(DHCP_FWD_DIR)/.stamp-configured
+
+
+$(DHCP_FWD_DIR)/.stamp-built: $(DHCP_FWD_DIR)/.stamp-configured
+ cd $(DHCP_FWD_DIR) ; \
+ touch config.guess ; \
+ touch config.sub ; \
+ $(MAKE) \
+ CC=$(TARGET_CC) \
+ cfg_filename="/etc/dhcp-fwd.conf" \
+ all \
+
+ touch $(DHCP_FWD_DIR)/.stamp-built
+
+
+$(DHCP_FWD_BUILD_DIR)/CONTROL/control: $(DHCP_FWD_DIR)/.stamp-built
+ rm -rf $(DHCP_FWD_BUILD_DIR)
+ mkdir -p $(DHCP_FWD_BUILD_DIR)/usr/sbin
+ cp -a $(DHCP_FWD_DIR)/dhcp-fwd $(DHCP_FWD_BUILD_DIR)/usr/sbin/
+ $(STRIP) $(DHCP_FWD_BUILD_DIR)/usr/sbin/*
+ cp -a $(DHCP_FWD_IPK_DIR)/root/* $(DHCP_FWD_BUILD_DIR)/
+ chmod 0755 $(DHCP_FWD_BUILD_DIR)/etc
+ chmod 0755 $(DHCP_FWD_BUILD_DIR)/etc/init.d
+ chmod 0755 $(DHCP_FWD_BUILD_DIR)/etc/init.d/*
+ chmod 0644 $(DHCP_FWD_BUILD_DIR)/etc/dhcp-fwd.conf
+ chmod 0755 $(DHCP_FWD_BUILD_DIR)/usr
+ chmod 0755 $(DHCP_FWD_BUILD_DIR)/usr/sbin
+ chmod 0755 $(DHCP_FWD_BUILD_DIR)/usr/sbin/*
+ cp -a $(DHCP_FWD_IPK_DIR)/CONTROL $(DHCP_FWD_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(DHCP_FWD_VERSION)-$(DHCP_FWD_RELEASE)/" $(DHCP_FWD_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(DHCP_FWD_BUILD_DIR)/CONTROL/control
+
+ touch $(DHCP_FWD_BUILD_DIR)/CONTROL/control
+
+
+$(DHCP_FWD_IPK): $(DHCP_FWD_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(DHCP_FWD_BUILD_DIR)
+
+
+dhcp-fwd-ipk: ipkg-utils $(DHCP_FWD_IPK)
+
+dhcp-fwd-clean:
+ rm -rf $(DHCP_FWD_IPK)
+ rm -rf $(DHCP_FWD_BUILD_DIR)
+ rm -rf $(DHCP_FWD_DIR)
IPKG_UTILS_DIR:=$(TOOL_BUILD_DIR)/ipkg-utils-$(IPKG_UTILS_VERSION)
IPKG_UTILS_PATCHES += ipkg-utils-1.7-ipkg_buildpackage.patch
+IPKG_UTILS_PATCHES += ipkg-utils-1.7-ipkg_build_clean.patch
$(DL_DIR)/$(IPKG_UTILS_SOURCE):
$(WGET) -P $(DL_DIR) $(IPKG_UTILS_SITE)/$(IPKG_UTILS_SOURCE)
ipkg-utils: $(STAGING_DIR)/bin/ipkg-build
ipkg-utils-clean:
- rm -f $(STAGING_DIR)/bin/ipkg-build*
+ rm -f $(STAGING_DIR)/bin/ipkg*
ipkg-utils-dirclean:
rm -rf $(IPKG_UTILS_DIR)
IPROUTE2_SOURCE_URL=http://ftp.debian.org/debian/pool/main/i/iproute/
IPROUTE2_SOURCE=iproute_20010824.orig.tar.gz
IPROUTE2_PATCH:=iproute_20010824-8.diff.gz
-IPROUTE2_PATCH_2:=iproute2-cross-ar-20010824.patch
+IPROUTE2_PATCH_2:=iproute2-*.patch
IPROUTE2_IPKTARGET=iproute.ipk
IPROUTE2_IPKSRC:=iproute-pkg.tgz
rm -rf $(IPROUTE2_DIR).orig $(IPROUTE2_DIR)
zcat $(DL_DIR)/$(IPROUTE2_SOURCE) | tar -C $(BUILD_DIR) -xvf -
#zcat $(DL_DIR)/$(IPROUTE2_PATCH) | patch -p1 -d $(IPROUTE2_DIR)
- cat $(SOURCE_DIR)/$(IPROUTE2_PATCH_2) | patch -p1 -d $(IPROUTE2_DIR)
+ $(SOURCE_DIR)/patch-kernel.sh $(IPROUTE2_DIR) $(SOURCE_DIR) $(IPROUTE2_PATCH_2)
# fun sed hacks.
$(SED) "s:-O2:${TARGET_CFLAGS}:g" $(IPROUTE2_DIR)/Makefile
ifeq ($(ARCH),i386)
IPTABLES_SOURCE_URL=http://www.netfilter.org/files
IPTABLES_SOURCE=iptables-1.2.9.tar.bz2
IPTABLES_BUILD_DIR=$(BUILD_DIR)/iptables-1.2.9
+IP6TABLES_IPK=$(BUILD_DIR)/ip6tables_1.2.9-1_mipsel.ipk
+IP6TABLES_IPK_DIR:=$(BUILD_DIR)/ip6tables-1.2.9-ipk
$(DL_DIR)/$(IPTABLES_SOURCE):
$(WGET) -P $(DL_DIR) $(IPTABLES_SOURCE_URL)/$(IPTABLES_SOURCE)
CC=$(TARGET_CC) COPT_FLAGS="$(TARGET_CFLAGS)" \
DESTDIR=$(TARGET_DIR) install
$(STRIP) $(TARGET_DIR)/usr/sbin/iptables*
+ $(STRIP) $(TARGET_DIR)/usr/sbin/ip6tables*
$(STRIP) $(TARGET_DIR)/usr/lib/iptables/*.so
rm -rf $(TARGET_DIR)/usr/man
iptables: $(TARGET_DIR)/sbin/iptables
+$(IP6TABLES_IPK):
+ mkdir -p $(IP6TABLES_IPK_DIR)/CONTROL
+ mkdir -p $(IP6TABLES_IPK_DIR)/usr/lib/iptables
+ mkdir -p $(IP6TABLES_IPK_DIR)/usr/sbin
+ install -m 644 $(OPENWRT_IPK_DIR)/ip6tables/ip6tables.control $(IP6TABLES_IPK_DIR)/CONTROL/control
+ install -m 755 $(IPTABLES_BUILD_DIR)/ip6tables $(IP6TABLES_IPK_DIR)/usr/sbin
+ install -m 755 $(IPTABLES_BUILD_DIR)/extensions/libip6t_*.so $(IP6TABLES_IPK_DIR)/usr/lib/iptables/
+ $(STRIP) $(IP6TABLES_IPK_DIR)/usr/sbin/ip6tables*
+ $(STRIP) $(IP6TABLES_IPK_DIR)/usr/lib/iptables/*.so
+ cd $(BUILD_DIR); $(STAGING_DIR)/bin/ipkg-build -c -o root -g root $(IP6TABLES_IPK_DIR)
+
+ip6tables-ipk: iptables $(IP6TABLES_IPK)
+
iptables-source: $(DL_DIR)/$(IPTABLES_SOURCE)
iptables-clean:
--- /dev/null
+KMOD-IPT6:=kmod-ipt6
+KMOD-IPT6_IPK:=$(KMOD-IPT6)_2.4.20-1_mipsel.ipk
+KMOD-IPT6_IPK_DIR:=$(BUILD_DIR)/$(KMOD-IPT6)-2.4.20-ipk
+
+$(BUILD_DIR)/$(KMOD-IPT6_IPK):
+ mkdir -p $(KMOD-IPT6_IPK_DIR)/CONTROL
+ mkdir -p $(KMOD-IPT6_IPK_DIR)/lib/modules/2.4.20/kernel/net/ipv6/netfilter
+ install -m 644 $(OPENWRT_IPK_DIR)/$(KMOD-IPT6)/$(KMOD-IPT6).control $(KMOD-IPT6_IPK_DIR)/CONTROL/control
+ install -m 644 $(BUILD_DIR)/linux/modules/lib/modules/2.4.20/kernel/net/ipv6/netfilter/* $(KMOD-IPT6_IPK_DIR)/lib/modules/2.4.20/kernel/net/ipv6/netfilter/
+ cd $(BUILD_DIR); $(STAGING_DIR)/bin/ipkg-build -c -o root -g root $(KMOD-IPT6_IPK_DIR)
+
+kmod-ipt6-ipk: $(BUILD_DIR)/$(KMOD-IPT6_IPK)
+
+kmod-ipt6-distclean:
+ rm -rf $(KMOD-IPT6_IPK_DIR)
--- /dev/null
+KMOD-IPV6:=kmod-ipv6
+KMOD-IPV6_IPK:=$(KMOD-IPV6)_2.4.20-1_mipsel.ipk
+KMOD-IPV6_IPK_DIR:=$(BUILD_DIR)/$(KMOD-IPV6)-2.4.20-ipk
+
+$(BUILD_DIR)/$(KMOD-IPV6_IPK):
+ mkdir -p $(KMOD-IPV6_IPK_DIR)/CONTROL
+ mkdir -p $(KMOD-IPV6_IPK_DIR)/lib/modules/2.4.20/kernel/net/ipv6
+ install -m 644 $(OPENWRT_IPK_DIR)/$(KMOD-IPV6)/$(KMOD-IPV6).control $(KMOD-IPV6_IPK_DIR)/CONTROL/control
+ install -m 644 $(BUILD_DIR)/linux/modules/lib/modules/2.4.20/kernel/net/ipv6/ipv6.o $(KMOD-IPV6_IPK_DIR)/lib/modules/2.4.20/kernel/net/ipv6
+ cd $(BUILD_DIR); $(STAGING_DIR)/bin/ipkg-build -c -o root -g root $(KMOD-IPV6_IPK_DIR)
+
+kmod-ipv6-ipk: $(BUILD_DIR)/$(KMOD-IPV6_IPK)
+
+kmod-ipv6-distclean:
+ rm -rf $(KMOD-IPV6_IPK_DIR)
--- /dev/null
+## nfs-modules
+
+NFS_MODULES_VERSION := $(SNAPSHOT)
+NFS_MODULES_RELEASE := 1
+
+NFS_MODULES_BUILD_DIR := $(BUILD_DIR)/nfs-modules_$(NFS_MODULES_VERSION)-$(NFS_MODULES_RELEASE)
+NFS_MODULES_IPK_DIR := $(OPENWRT_IPK_DIR)/nfs-modules
+NFS_MODULES_IPK := $(NFS_MODULES_BUILD_DIR)_$(ARCH).ipk
+
+
+$(NFS_MODULES_BUILD_DIR)/CONTROL/control: $(BASE_DIR)/openwrt-kmodules.tar.bz2
+ rm -rf $(NFS_MODULES_BUILD_DIR)
+ mkdir -p $(NFS_MODULES_BUILD_DIR)/lib/
+ bzcat $(BASE_DIR)/openwrt-kmodules.tar.bz2 | tar -C $(NFS_MODULES_BUILD_DIR)/lib/ -xvf - \
+ modules/$(LINUX_VERSION)/kernel/fs/lockd/lockd.o \
+ modules/$(LINUX_VERSION)/kernel/fs/nfs/nfs.o \
+ modules/$(LINUX_VERSION)/kernel/net/sunrpc/sunrpc.o
+ mv -f \
+ $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel/fs/lockd/*.o \
+ $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/
+ mv -f \
+ $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel/fs/nfs/*.o \
+ $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/
+ mv -f \
+ $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel/net/sunrpc/*.o \
+ $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/
+ rm -rf \
+ $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel
+ chmod 0755 $(NFS_MODULES_BUILD_DIR)/lib
+ chmod 0755 $(NFS_MODULES_BUILD_DIR)/lib/modules
+ chmod 0755 $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)
+ chmod 0755 $(NFS_MODULES_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/*
+ cp -a $(NFS_MODULES_IPK_DIR)/CONTROL $(NFS_MODULES_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(NFS_MODULES_VERSION)-$(NFS_MODULES_RELEASE)/" $(NFS_MODULES_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(NFS_MODULES_BUILD_DIR)/CONTROL/control
+
+ touch $(NFS_MODULES_BUILD_DIR)/CONTROL/control
+
+
+$(NFS_MODULES_IPK): $(NFS_MODULES_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(NFS_MODULES_BUILD_DIR)
+
+
+nfs-modules-ipk: ipkg-utils $(NFS_MODULES_IPK)
+
+nfs-modules-clean:
+ rm -rf $(NFS_MODULES_IPK)
+ rm -rf $(NFS_MODULES_BUILD_DIR)
+
rm -f $(TARGET_DIR)/usr/sbin/iptables-save
rm -f $(TARGET_DIR)/usr/sbin/iptables-restore
rm -f $(TARGET_DIR)/usr/sbin/ip6tables
+ rm -f $(TARGET_DIR)/usr/lib/iptables/libip6*
-@find $(TARGET_DIR) -type f -perm +111 | xargs $(STAGING_DIR)/bin/sstrip 2>/dev/null || true;
######################################################################
$(STAGING_DIR)/bin/sstrip:
- $(CC) -o $(STAGING_DIR)/bin/sstrip -I$(STAGING_DIR)/mipsel-linux-uclibc/include $(SOURCE_DIR)/openwrt/tools/sstrip.c
+ $(CC) -o $(STAGING_DIR)/bin/sstrip $(SOURCE_DIR)/openwrt/tools/sstrip.c
wrt-tools:
$(CC) -o $(WRT54G_DIR)/release/tools/trx $(SOURCE_DIR)/openwrt/tools/trx.c
--- /dev/null
+## ppp-async-module
+
+PPP_ASYNC_MODULE_VERSION := $(SNAPSHOT)
+PPP_ASYNC_MODULE_RELEASE := 1
+
+PPP_ASYNC_MODULE_BUILD_DIR := $(BUILD_DIR)/ppp-async-module_$(PPP_ASYNC_MODULE_VERSION)-$(PPP_ASYNC_MODULE_RELEASE)
+PPP_ASYNC_MODULE_IPK_DIR := $(OPENWRT_IPK_DIR)/ppp-async-module
+PPP_ASYNC_MODULE_IPK := $(PPP_ASYNC_MODULE_BUILD_DIR)_$(ARCH).ipk
+
+
+$(PPP_ASYNC_MODULE_BUILD_DIR)/CONTROL/control: $(BASE_DIR)/openwrt-kmodules.tar.bz2
+ rm -rf $(PPP_ASYNC_MODULE_BUILD_DIR)
+ mkdir -p $(PPP_ASYNC_MODULE_BUILD_DIR)/lib/
+ bzcat $(BASE_DIR)/openwrt-kmodules.tar.bz2 | tar -C $(PPP_ASYNC_MODULE_BUILD_DIR)/lib/ -xvf - \
+ modules/$(LINUX_VERSION)/kernel/drivers/net/ppp_async.o
+ mv -f \
+ $(PPP_ASYNC_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel/drivers/net/ppp_async.o \
+ $(PPP_ASYNC_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/
+ rm -rf \
+ $(PPP_ASYNC_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel
+ chmod 0755 $(PPP_ASYNC_MODULE_BUILD_DIR)/lib
+ chmod 0755 $(PPP_ASYNC_MODULE_BUILD_DIR)/lib/modules
+ chmod 0755 $(PPP_ASYNC_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)
+ chmod 0755 $(PPP_ASYNC_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/*
+ cp -a $(PPP_ASYNC_MODULE_IPK_DIR)/CONTROL $(PPP_ASYNC_MODULE_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(PPP_ASYNC_MODULE_VERSION)-$(PPP_ASYNC_MODULE_RELEASE)/" $(PPP_ASYNC_MODULE_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(PPP_ASYNC_MODULE_BUILD_DIR)/CONTROL/control
+
+ touch $(PPP_ASYNC_MODULE_BUILD_DIR)/CONTROL/control
+
+
+$(PPP_ASYNC_MODULE_IPK): $(PPP_ASYNC_MODULE_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(PPP_ASYNC_MODULE_BUILD_DIR)
+
+
+ppp-async-module-ipk: ipkg-utils $(PPP_ASYNC_MODULE_IPK)
+
+ppp-async-module-clean:
+ rm -rf $(PPP_ASYNC_MODULE_IPK)
+ rm -rf $(PPP_ASYNC_MODULE_BUILD_DIR)
+
--- /dev/null
+## ppp-mppe-module
+
+PPP_MPPE_MODULE_VERSION := $(SNAPSHOT)
+PPP_MPPE_MODULE_RELEASE := 1
+
+PPP_MPPE_MODULE_BUILD_DIR := $(BUILD_DIR)/ppp-mppe-module_$(PPP_MPPE_MODULE_VERSION)-$(PPP_MPPE_MODULE_RELEASE)
+PPP_MPPE_MODULE_IPK_DIR := $(OPENWRT_IPK_DIR)/ppp-mppe-module
+PPP_MPPE_MODULE_IPK := $(PPP_MPPE_MODULE_BUILD_DIR)_$(ARCH).ipk
+
+
+$(PPP_MPPE_MODULE_BUILD_DIR)/CONTROL/control: $(BASE_DIR)/openwrt-kmodules.tar.bz2
+ rm -rf $(PPP_MPPE_MODULE_BUILD_DIR)
+ mkdir -p $(PPP_MPPE_MODULE_BUILD_DIR)/lib/
+ bzcat $(BASE_DIR)/openwrt-kmodules.tar.bz2 | tar -C $(PPP_MPPE_MODULE_BUILD_DIR)/lib/ -xvf - \
+ modules/$(LINUX_VERSION)/kernel/drivers/net/ppp_mppe_mppc.o
+ mv -f \
+ $(PPP_MPPE_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel/drivers/net/ppp_mppe_mppc.o \
+ $(PPP_MPPE_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/
+ rm -rf \
+ $(PPP_MPPE_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel
+ chmod 0755 $(PPP_MPPE_MODULE_BUILD_DIR)/lib
+ chmod 0755 $(PPP_MPPE_MODULE_BUILD_DIR)/lib/modules
+ chmod 0755 $(PPP_MPPE_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)
+ chmod 0755 $(PPP_MPPE_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/*
+ cp -a $(PPP_MPPE_MODULE_IPK_DIR)/CONTROL $(PPP_MPPE_MODULE_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(PPP_MPPE_MODULE_VERSION)-$(PPP_MPPE_MODULE_RELEASE)/" $(PPP_MPPE_MODULE_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(PPP_MPPE_MODULE_BUILD_DIR)/CONTROL/control
+
+ touch $(PPP_MPPE_MODULE_BUILD_DIR)/CONTROL/control
+
+
+$(PPP_MPPE_MODULE_IPK): $(PPP_MPPE_MODULE_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(PPP_MPPE_MODULE_BUILD_DIR)
+
+
+ppp-mppe-module-ipk: ipkg-utils $(PPP_MPPE_MODULE_IPK)
+
+ppp-mppe-module-clean:
+ rm -rf $(PPP_MPPE_MODULE_IPK)
+ rm -rf $(PPP_MPPE_MODULE_BUILD_DIR)
+
--- /dev/null
+## ppp & ppp-radius-plugin
+
+PPP_VERSION := 2.4.2
+PPP_RELEASE := 1
+
+PPP_SOURCE:=ppp-$(PPP_VERSION).tar.gz
+PPP_SITE:=ftp://ftp.samba.org/pub/ppp
+PPP_DIR:=$(BUILD_DIR)/ppp-$(PPP_VERSION)
+PPP_CAT:=zcat
+
+PPP_PATCH_DIR := $(SOURCE_DIR)/openwrt/patches/ppp
+
+PPP_BUILD_DIR := $(BUILD_DIR)/ppp_$(PPP_VERSION)-$(PPP_RELEASE)
+PPP_IPK_DIR := $(OPENWRT_IPK_DIR)/ppp
+PPP_IPK := $(PPP_BUILD_DIR)_$(ARCH).ipk
+
+PPP_RADIUS_PLUGIN_BUILD_DIR := $(BUILD_DIR)/ppp-radius-plugin_$(PPP_VERSION)-$(PPP_RELEASE)
+PPP_RADIUS_PLUGIN_IPK_DIR := $(OPENWRT_IPK_DIR)/ppp-radius-plugin
+PPP_RADIUS_PLUGIN_IPK := $(PPP_RADIUS_PLUGIN_BUILD_DIR)_$(ARCH).ipk
+
+
+$(DL_DIR)/$(PPP_SOURCE):
+ $(WGET) -P $(DL_DIR) $(PPP_SITE)/$(PPP_SOURCE)
+
+
+$(PPP_DIR)/.stamp-unpacked: $(DL_DIR)/$(PPP_SOURCE)
+ $(PPP_CAT) $(DL_DIR)/$(PPP_SOURCE) | tar -C $(BUILD_DIR) -xvf -
+
+ touch $(PPP_DIR)/.stamp-unpacked
+
+
+$(PPP_DIR)/.stamp-patched: $(PPP_DIR)/.stamp-unpacked
+ $(SOURCE_DIR)/patch-kernel.sh $(PPP_DIR) $(PPP_PATCH_DIR)
+
+ touch $(PPP_DIR)/.stamp-patched
+
+
+$(PPP_DIR)/.stamp-configured: $(PPP_DIR)/.stamp-patched
+ cd $(PPP_DIR)/pppd/plugins/radius/radiusclient ; \
+ rm -rf config.cache ; \
+ $(TARGET_CONFIGURE_OPTS) \
+ ac_cv_func_setvbuf_reversed=no \
+ ac_cv_func_uname=no \
+ ./configure \
+ --target=$(GNU_TARGET_NAME) \
+ --host=$(GNU_TARGET_NAME) \
+ --build=$(GNU_HOST_NAME) \
+ --prefix=/usr \
+ --exec-prefix=/usr \
+ --bindir=/usr/bin \
+ --sbindir=/usr/sbin \
+ --libexecdir=/usr/lib \
+ --sysconfdir=/etc \
+ --datadir=/usr/share \
+ --localstatedir=/var \
+ --mandir=/usr/share/man \
+ --infodir=/usr/share/info \
+ $(DISABLE_NLS) \
+ --disable-shared \
+ --enable-static \
+
+ cd $(PPP_DIR) ; \
+ rm -rf config.cache ; \
+ $(TARGET_CONFIGURE_OPTS) \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ ./configure \
+ --target=$(GNU_TARGET_NAME) \
+ --host=$(GNU_TARGET_NAME) \
+ --build=$(GNU_HOST_NAME) \
+ --prefix=/usr \
+ --exec-prefix=/usr \
+ --bindir=/usr/bin \
+ --sbindir=/usr/sbin \
+ --libexecdir=/usr/lib \
+ --datadir=/usr/share \
+ --localstatedir=/var \
+ --mandir=/usr/share/man \
+ --infodir=/usr/share/info \
+ --sysconfdir=/etc \
+ $(DISABLE_NLS) \
+
+ touch $(PPP_DIR)/.stamp-configured
+
+
+$(PPP_DIR)/.stamp-built: $(PPP_DIR)/.stamp-configured
+ cd $(PPP_DIR) ; \
+ $(MAKE) \
+ CC=$(TARGET_CC) \
+ COPTS="$(TARGET_CFLAGS)" \
+ all
+
+ touch $(PPP_DIR)/.stamp-built
+
+
+$(PPP_BUILD_DIR)/CONTROL/control: $(PPP_DIR)/.stamp-built
+ rm -rf $(PPP_BUILD_DIR)
+ mkdir -p $(PPP_BUILD_DIR)/usr/sbin
+ cp -a $(PPP_DIR)/pppd/pppd $(PPP_BUILD_DIR)/usr/sbin/
+ $(STRIP) $(PPP_BUILD_DIR)/usr/sbin/*
+ cp -a $(PPP_IPK_DIR)/root/* $(PPP_BUILD_DIR)/
+ chmod 0755 $(PPP_BUILD_DIR)/etc
+ chmod 0755 $(PPP_BUILD_DIR)/etc/ppp
+ chmod 0600 $(PPP_BUILD_DIR)/etc/ppp/chap-secrets
+ chmod 0644 $(PPP_BUILD_DIR)/etc/ppp/options
+ chmod 0755 $(PPP_BUILD_DIR)/etc/ppp/peers
+ chmod 0755 $(PPP_BUILD_DIR)/usr
+ chmod 0755 $(PPP_BUILD_DIR)/usr/sbin
+ chmod 0755 $(PPP_BUILD_DIR)/usr/sbin/*
+ cp -a $(PPP_IPK_DIR)/CONTROL $(PPP_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(PPP_VERSION)-$(PPP_RELEASE)/" $(PPP_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(PPP_BUILD_DIR)/CONTROL/control
+
+ touch $(PPP_BUILD_DIR)/CONTROL/control
+
+
+$(PPP_IPK): $(PPP_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(PPP_BUILD_DIR)
+
+
+$(PPP_RADIUS_PLUGIN_BUILD_DIR)/CONTROL/control: $(PPP_DIR)/.stamp-built
+ rm -rf $(PPP_RADIUS_PLUGIN_BUILD_DIR)
+ mkdir -p $(PPP_RADIUS_PLUGIN_BUILD_DIR)/usr/lib/pppd/$(PPP_VERSION)
+ cp -a $(PPP_DIR)/pppd/plugins/radius/radius.so $(PPP_RADIUS_PLUGIN_BUILD_DIR)/usr/lib/pppd/$(PPP_VERSION)/
+ $(STRIP) $(PPP_RADIUS_PLUGIN_BUILD_DIR)/usr/lib/pppd/$(PPP_VERSION)/*
+ cp -a $(PPP_RADIUS_PLUGIN_IPK_DIR)/root/* $(PPP_RADIUS_PLUGIN_BUILD_DIR)/
+ chmod 0755 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/etc
+ chmod 0755 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/etc/ppp
+ chmod 0644 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/etc/ppp/radius.conf
+ chmod 0755 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/etc/ppp/radius
+ chmod 0644 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/etc/ppp/radius/dict*
+ chmod 0600 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/etc/ppp/radius/servers
+ chmod 0755 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/usr
+ chmod 0755 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/usr/lib
+ chmod 0755 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/usr/lib/pppd
+ chmod 0755 $(PPP_RADIUS_PLUGIN_BUILD_DIR)/usr/lib/pppd/$(PPP_VERSION)
+ cp -a $(PPP_RADIUS_PLUGIN_IPK_DIR)/CONTROL $(PPP_RADIUS_PLUGIN_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(PPP_VERSION)-$(PPP_RELEASE)/" $(PPP_RADIUS_PLUGIN_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(PPP_RADIUS_PLUGIN_BUILD_DIR)/CONTROL/control
+
+ touch $(PPP_RADIUS_PLUGIN_BUILD_DIR)/CONTROL/control
+
+
+$(PPP_RADIUS_PLUGIN_IPK): $(PPP_RADIUS_PLUGIN_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(PPP_RADIUS_PLUGIN_BUILD_DIR)
+
+
+ppp-ipk: ipkg-utils $(PPP_IPK) $(PPP_RADIUS_PLUGIN_IPK)
+
+ppp-ipk-clean:
+ rm -rf $(PPP_IPK) $(PPP_RADIUS_PLUGIN_IPK)
+ rm -rf $(PPP_BUILD_DIR) $(PPP_RADIUS_PLUGIN_BUILD_DIR)
+
+ppp-clean:
+ cd $(PPP_DIR) ; \
+ $(MAKE) clean
+
+ppp-dirclean:
+ rm -rf $(PPP_DIR)
+
+
--- /dev/null
+## pptp-server
+
+PPTPD_VERSION := 1.1.3
+PPTPD_RELEASE := 1
+
+PPTPD_SOURCE := pptpd-1.1.3-20030409.tar.gz
+PPTPD_SITE := http://unc.dl.sourceforge.net/sourceforge/poptop/
+PPTPD_DIR := $(BUILD_DIR)/poptop
+PPTPD_CAT := zcat
+
+PPTPD_PATCH_DIR := $(SOURCE_DIR)/openwrt/patches/pptp-server
+
+PPTPD_BUILD_DIR := $(BUILD_DIR)/pptp-server_$(PPTPD_VERSION)-$(PPTPD_RELEASE)
+PPTPD_IPK_DIR := $(OPENWRT_IPK_DIR)/pptp-server
+PPTPD_IPK := $(PPTPD_BUILD_DIR)_$(ARCH).ipk
+
+
+$(DL_DIR)/$(PPTPD_SOURCE):
+ $(WGET) -P $(DL_DIR) $(PPTPD_SITE)/$(PPTPD_SOURCE)
+
+
+$(PPTPD_DIR)/.stamp-unpacked: $(DL_DIR)/$(PPTPD_SOURCE)
+ $(PPTPD_CAT) $(DL_DIR)/$(PPTPD_SOURCE) | tar -C $(BUILD_DIR) -xvf -
+
+ touch $(PPTPD_DIR)/.stamp-unpacked
+
+
+$(PPTPD_DIR)/.stamp-patched: $(PPTPD_DIR)/.stamp-unpacked
+ $(SOURCE_DIR)/patch-kernel.sh $(PPTPD_DIR) $(PPTPD_PATCH_DIR)
+
+ touch $(PPTPD_DIR)/.stamp-patched
+
+
+$(PPTPD_DIR)/.stamp-configured: $(PPTPD_DIR)/.stamp-patched
+ cd $(PPTPD_DIR) ; \
+ rm -rf config.cache ; \
+ aclocal ; \
+ autoconf ; \
+ $(TARGET_CONFIGURE_OPTS) \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ ./configure \
+ --target=$(GNU_TARGET_NAME) \
+ --host=$(GNU_TARGET_NAME) \
+ --build=$(GNU_HOST_NAME) \
+ --prefix=/usr \
+ --exec-prefix=/usr \
+ --bindir=/usr/bin \
+ --sbindir=/usr/sbin \
+ --libexecdir=/usr/lib \
+ --datadir=/usr/share \
+ --infodir=/usr/share/info \
+ --mandir=/usr/share/man \
+ --localstatedir=/var \
+ --sysconfdir=/etc \
+ $(DISABLE_NLS) \
+ --with-pppd-ip-alloc \
+
+ touch $(PPTPD_DIR)/.stamp-configured
+
+
+$(PPTPD_DIR)/.stamp-built: $(PPTPD_DIR)/.stamp-configured
+ cd $(PPTPD_DIR) ; \
+ touch config.guess ; \
+ touch config.sub ; \
+ $(MAKE) \
+ CC=$(TARGET_CC) \
+ COPTS="$(TARGET_CFLAGS)" \
+ all
+
+ touch $(PPTPD_DIR)/.stamp-built
+
+
+$(PPTPD_BUILD_DIR)/CONTROL/control: $(PPTPD_DIR)/.stamp-built
+ rm -rf $(PPTPD_BUILD_DIR)
+ mkdir -p $(PPTPD_BUILD_DIR)/usr/sbin
+ cp -a $(PPTPD_DIR)/pptpctrl $(PPTPD_BUILD_DIR)/usr/sbin/
+ cp -a $(PPTPD_DIR)/pptpd $(PPTPD_BUILD_DIR)/usr/sbin/
+ $(STRIP) $(PPTPD_BUILD_DIR)/usr/sbin/*
+ cp -a $(PPTPD_IPK_DIR)/root/* $(PPTPD_BUILD_DIR)/
+ chmod 0755 $(PPTPD_BUILD_DIR)/etc
+ chmod 0755 $(PPTPD_BUILD_DIR)/etc/init.d
+ chmod 0755 $(PPTPD_BUILD_DIR)/etc/init.d/*
+ chmod 0755 $(PPTPD_BUILD_DIR)/etc/ppp
+ chmod 0644 $(PPTPD_BUILD_DIR)/etc/ppp/pptp-server-options
+ chmod 0644 $(PPTPD_BUILD_DIR)/etc/pptpd.conf
+ chmod 0755 $(PPTPD_BUILD_DIR)/usr
+ chmod 0755 $(PPTPD_BUILD_DIR)/usr/sbin
+ chmod 0755 $(PPTPD_BUILD_DIR)/usr/sbin/*
+ cp -a $(PPTPD_IPK_DIR)/CONTROL $(PPTPD_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(PPTPD_VERSION)-$(PPTPD_RELEASE)/" $(PPTPD_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(PPTPD_BUILD_DIR)/CONTROL/control
+
+ touch $(PPTPD_BUILD_DIR)/CONTROL/control
+
+
+$(PPTPD_IPK): $(PPTPD_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(PPTPD_BUILD_DIR)
+
+
+pptp-server-ipk: ipkg-utils $(PPTPD_IPK)
+
+pptp-server-clean:
+ rm -rf $(PPTPD_IPK)
+ rm -rf $(PPTPD_BUILD_DIR)
+ rm -rf $(PPTPD_DIR)
--- /dev/null
+## tun-module
+
+TUN_MODULE_VERSION := $(SNAPSHOT)
+TUN_MODULE_RELEASE := 1
+
+TUN_MODULE_BUILD_DIR := $(BUILD_DIR)/tun-module_$(TUN_MODULE_VERSION)-$(TUN_MODULE_RELEASE)
+TUN_MODULE_IPK_DIR := $(OPENWRT_IPK_DIR)/tun-module
+TUN_MODULE_IPK := $(TUN_MODULE_BUILD_DIR)_$(ARCH).ipk
+
+
+$(TUN_MODULE_BUILD_DIR)/CONTROL/control: $(BASE_DIR)/openwrt-kmodules.tar.bz2
+ rm -rf $(TUN_MODULE_BUILD_DIR)
+ mkdir -p $(TUN_MODULE_BUILD_DIR)/lib/
+ bzcat $(BASE_DIR)/openwrt-kmodules.tar.bz2 | tar -C $(TUN_MODULE_BUILD_DIR)/lib/ -xvf - \
+ modules/$(LINUX_VERSION)/kernel/drivers/net/tun.o
+ mv -f \
+ $(TUN_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel/drivers/net/tun.o \
+ $(TUN_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/
+ rm -rf \
+ $(TUN_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/kernel
+ chmod 0755 $(TUN_MODULE_BUILD_DIR)/lib
+ chmod 0755 $(TUN_MODULE_BUILD_DIR)/lib/modules
+ chmod 0755 $(TUN_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)
+ chmod 0755 $(TUN_MODULE_BUILD_DIR)/lib/modules/$(LINUX_VERSION)/*
+ cp -a $(TUN_MODULE_IPK_DIR)/CONTROL $(TUN_MODULE_BUILD_DIR)/
+ perl -pi -e "s/^Vers.*:.*$$/Version: $(TUN_MODULE_VERSION)-$(TUN_MODULE_RELEASE)/" $(TUN_MODULE_BUILD_DIR)/CONTROL/control
+ perl -pi -e "s/^Arch.*:.*$$/Architecture: $(ARCH)/" $(TUN_MODULE_BUILD_DIR)/CONTROL/control
+
+ touch $(TUN_MODULE_BUILD_DIR)/CONTROL/control
+
+
+$(TUN_MODULE_IPK): $(TUN_MODULE_BUILD_DIR)/CONTROL/control
+ cd $(BUILD_DIR); $(IPKG_BUILD) $(TUN_MODULE_BUILD_DIR)
+
+
+tun-module-ipk: ipkg-utils $(TUN_MODULE_IPK)
+
+tun-module-clean:
+ rm -rf $(TUN_MODULE_IPK)
+ rm -rf $(TUN_MODULE_BUILD_DIR)
+
--- /dev/null
+diff -ruN ipkg-utils-1.7-old/ipkg-build ipkg-utils-1.7-new/ipkg-build
+--- ipkg-utils-1.7-old/ipkg-build 2004-08-24 04:56:12.000000000 +0200
++++ ipkg-utils-1.7-new/ipkg-build 2004-08-24 04:55:49.000000000 +0200
+@@ -47,6 +47,19 @@
+
+ PKG_ERROR=0
+
++ cvs_dirs=`find . -name 'CVS'`
++ if [ -n "$cvs_dirs" ]; then
++ if [ "$noclean" = "1" ]; then
++ echo "*** Warning: The following CVS directories where found.
++You probably want to remove them: " >&2
++ ls -ld $cvs_dirs
++ echo >&2
++ else
++ echo "*** Removing the following files: $cvs_dirs"
++ rm -rf "$cvs_dirs"
++ fi
++ fi
++
+ tilde_files=`find . -name '*~'`
+ if [ -n "$tilde_files" ]; then
+ if [ "$noclean" = "1" ]; then
+@@ -134,8 +147,12 @@
+
+ for script in $CONTROL/preinst $CONTROL/postinst $CONTROL/prerm $CONTROL/postrm; do
+ if [ -f $script -a ! -x $script ]; then
++ if [ "$noclean" = "1" ]; then
+ echo "*** Error: package script $script is not executable" >&2
+ PKG_ERROR=1
++ else
++ chmod a+x $script
++ fi
+ fi
+ done
+
--- /dev/null
+--- iproute2/tc/q_htb.c Sun Oct 21 22:07:29 2001
++++ iproute2new/tc/q_htb.c Sun May 12 22:18:27 2002
+@@ -0,0 +1,306 @@
++/*
++ * q_htb.c HTB.
++ *
++ * This program is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU General Public License
++ * as published by the Free Software Foundation; either version
++ * 2 of the License, or (at your option) any later version.
++ *
++ * Authors: Martin Devera, devik@cdi.cz
++ *
++ */
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <unistd.h>
++#include <syslog.h>
++#include <fcntl.h>
++#include <sys/socket.h>
++#include <netinet/in.h>
++#include <arpa/inet.h>
++#include <string.h>
++
++#include "utils.h"
++#include "tc_util.h"
++
++#define HTB_TC_VER 0x30003
++#if HTB_TC_VER >> 16 != TC_HTB_PROTOVER
++#error "Different kernel and TC HTB versions"
++#endif
++
++static void explain(void)
++{
++ fprintf(stderr, "Usage: ... qdisc add ... htb [default N] [r2q N]\n"
++ " default minor id of class to which unclassified packets are sent {0}\n"
++ " r2q DRR quantums are computed as rate in Bps/r2q {10}\n"
++ " debug string of 16 numbers each 0-3 {0}\n\n"
++ "... class add ... htb rate R1 burst B1 [prio P] [slot S] [pslot PS]\n"
++ " [ceil R2] [cburst B2] [mtu MTU] [quantum Q]\n"
++ " rate rate allocated to this class (class can still borrow)\n"
++ " burst max bytes burst which can be accumulated during idle period {computed}\n"
++ " ceil definite upper class rate (no borrows) {rate}\n"
++ " cburst burst but for ceil {computed}\n"
++ " mtu max packet size we create rate map for {1600}\n"
++ " prio priority of leaf; lower are served first {0}\n"
++ " quantum how much bytes to serve from leaf at once {use r2q}\n"
++ "\nTC HTB version %d.%d\n",HTB_TC_VER>>16,HTB_TC_VER&0xffff
++ );
++}
++
++static void explain1(char *arg)
++{
++ fprintf(stderr, "Illegal \"%s\"\n", arg);
++ explain();
++}
++
++
++#define usage() return(-1)
++
++static int htb_parse_opt(struct qdisc_util *qu, int argc, char **argv, struct nlmsghdr *n)
++{
++ struct tc_htb_glob opt;
++ struct rtattr *tail;
++ unsigned i; char *p;
++ memset(&opt,0,sizeof(opt));
++ opt.rate2quantum = 10;
++ opt.version = 3;
++
++ while (argc > 0) {
++ if (matches(*argv, "r2q") == 0) {
++ NEXT_ARG();
++ if (get_u32(&opt.rate2quantum, *argv, 10)) {
++ explain1("r2q"); return -1;
++ }
++ } else if (matches(*argv, "default") == 0) {
++ NEXT_ARG();
++ if (get_u32(&opt.defcls, *argv, 16)) {
++ explain1("default"); return -1;
++ }
++ } else if (matches(*argv, "debug") == 0) {
++ NEXT_ARG(); p = *argv;
++ for (i=0; i<16; i++,p++) {
++ if (*p<'0' || *p>'3') break;
++ opt.debug |= (*p-'0')<<(2*i);
++ }
++ } else {
++ fprintf(stderr, "What is \"%s\"?\n", *argv);
++ explain();
++ return -1;
++ }
++ argc--; argv++;
++ }
++ tail = (struct rtattr*)(((void*)n)+NLMSG_ALIGN(n->nlmsg_len));
++ addattr_l(n, 1024, TCA_OPTIONS, NULL, 0);
++ addattr_l(n, 2024, TCA_HTB_INIT, &opt, NLMSG_ALIGN(sizeof(opt)));
++ tail->rta_len = (((void*)n)+NLMSG_ALIGN(n->nlmsg_len)) - (void*)tail;
++ return 0;
++}
++
++static int htb_parse_class_opt(struct qdisc_util *qu, int argc, char **argv, struct nlmsghdr *n)
++{
++ int ok=0;
++ struct tc_htb_opt opt;
++ __u32 rtab[256],ctab[256];
++ unsigned buffer=0,cbuffer=0;
++ int cell_log=-1,ccell_log = -1,mtu;
++ struct rtattr *tail;
++
++ memset(&opt, 0, sizeof(opt)); mtu = 1600; /* eth packet len */
++
++ while (argc > 0) {
++ if (matches(*argv, "prio") == 0) {
++ NEXT_ARG();
++ if (get_u32(&opt.prio, *argv, 10)) {
++ explain1("prio"); return -1;
++ }
++ ok++;
++ } else if (matches(*argv, "mtu") == 0) {
++ NEXT_ARG();
++ if (get_u32(&mtu, *argv, 10)) {
++ explain1("mtu"); return -1;
++ }
++ } else if (matches(*argv, "quantum") == 0) {
++ NEXT_ARG();
++ if (get_u32(&opt.quantum, *argv, 10)) {
++ explain1("quantum"); return -1;
++ }
++ } else if (matches(*argv, "burst") == 0 ||
++ strcmp(*argv, "buffer") == 0 ||
++ strcmp(*argv, "maxburst") == 0) {
++ NEXT_ARG();
++ if (get_size_and_cell(&buffer, &cell_log, *argv) < 0) {
++ explain1("buffer");
++ return -1;
++ }
++ ok++;
++ } else if (matches(*argv, "cburst") == 0 ||
++ strcmp(*argv, "cbuffer") == 0 ||
++ strcmp(*argv, "cmaxburst") == 0) {
++ NEXT_ARG();
++ if (get_size_and_cell(&cbuffer, &ccell_log, *argv) < 0) {
++ explain1("cbuffer");
++ return -1;
++ }
++ ok++;
++ } else if (strcmp(*argv, "ceil") == 0) {
++ NEXT_ARG();
++ if (opt.ceil.rate) {
++ fprintf(stderr, "Double \"ceil\" spec\n");
++ return -1;
++ }
++ if (get_rate(&opt.ceil.rate, *argv)) {
++ explain1("ceil");
++ return -1;
++ }
++ ok++;
++ } else if (strcmp(*argv, "rate") == 0) {
++ NEXT_ARG();
++ if (opt.rate.rate) {
++ fprintf(stderr, "Double \"rate\" spec\n");
++ return -1;
++ }
++ if (get_rate(&opt.rate.rate, *argv)) {
++ explain1("rate");
++ return -1;
++ }
++ ok++;
++ } else if (strcmp(*argv, "help") == 0) {
++ explain();
++ return -1;
++ } else {
++ fprintf(stderr, "What is \"%s\"?\n", *argv);
++ explain();
++ return -1;
++ }
++ argc--; argv++;
++ }
++
++/* if (!ok)
++ return 0;*/
++
++ if (opt.rate.rate == 0) {
++ fprintf(stderr, "\"rate\" is required.\n");
++ return -1;
++ }
++ /* if ceil params are missing, use the same as rate */
++ if (!opt.ceil.rate) opt.ceil = opt.rate;
++
++ /* compute minimal allowed burst from rate; mtu is added here to make
++ sute that buffer is larger than mtu and to have some safeguard space */
++ if (!buffer) buffer = opt.rate.rate / HZ + mtu;
++ if (!cbuffer) cbuffer = opt.ceil.rate / HZ + mtu;
++
++ if ((cell_log = tc_calc_rtable(opt.rate.rate, rtab, cell_log, mtu, 0)) < 0) {
++ fprintf(stderr, "htb: failed to calculate rate table.\n");
++ return -1;
++ }
++ opt.buffer = tc_calc_xmittime(opt.rate.rate, buffer);
++ opt.rate.cell_log = cell_log;
++
++ if ((ccell_log = tc_calc_rtable(opt.ceil.rate, ctab, cell_log, mtu, 0)) < 0) {
++ fprintf(stderr, "htb: failed to calculate ceil rate table.\n");
++ return -1;
++ }
++ opt.cbuffer = tc_calc_xmittime(opt.ceil.rate, cbuffer);
++ opt.ceil.cell_log = ccell_log;
++
++ tail = (struct rtattr*)(((void*)n)+NLMSG_ALIGN(n->nlmsg_len));
++ addattr_l(n, 1024, TCA_OPTIONS, NULL, 0);
++ addattr_l(n, 2024, TCA_HTB_PARMS, &opt, sizeof(opt));
++ addattr_l(n, 3024, TCA_HTB_RTAB, rtab, 1024);
++ addattr_l(n, 4024, TCA_HTB_CTAB, ctab, 1024);
++ tail->rta_len = (((void*)n)+NLMSG_ALIGN(n->nlmsg_len)) - (void*)tail;
++ return 0;
++}
++
++static int htb_print_opt(struct qdisc_util *qu, FILE *f, struct rtattr *opt)
++{
++ struct rtattr *tb[TCA_HTB_RTAB+1];
++ struct tc_htb_opt *hopt;
++ struct tc_htb_glob *gopt;
++ double buffer,cbuffer;
++ SPRINT_BUF(b1);
++ SPRINT_BUF(b2);
++
++ if (opt == NULL)
++ return 0;
++
++ memset(tb, 0, sizeof(tb));
++ parse_rtattr(tb, TCA_HTB_RTAB, RTA_DATA(opt), RTA_PAYLOAD(opt));
++
++ if (tb[TCA_HTB_PARMS]) {
++
++ hopt = RTA_DATA(tb[TCA_HTB_PARMS]);
++ if (RTA_PAYLOAD(tb[TCA_HTB_PARMS]) < sizeof(*hopt)) return -1;
++
++ if (!hopt->level) {
++ fprintf(f, "prio %d ", (int)hopt->prio);
++ if (show_details)
++ fprintf(f, "quantum %d ", (int)hopt->quantum);
++ }
++ fprintf(f, "rate %s ", sprint_rate(hopt->rate.rate, b1));
++ buffer = ((double)hopt->rate.rate*tc_core_tick2usec(hopt->buffer))/1000000;
++ fprintf(f, "ceil %s ", sprint_rate(hopt->ceil.rate, b1));
++ cbuffer = ((double)hopt->ceil.rate*tc_core_tick2usec(hopt->cbuffer))/1000000;
++ if (show_details) {
++ fprintf(f, "burst %s/%u mpu %s ", sprint_size(buffer, b1),
++ 1<<hopt->rate.cell_log, sprint_size(hopt->rate.mpu, b2));
++ fprintf(f, "cburst %s/%u mpu %s ", sprint_size(cbuffer, b1),
++ 1<<hopt->ceil.cell_log, sprint_size(hopt->ceil.mpu, b2));
++ fprintf(f, "level %d ", (int)hopt->level);
++ } else {
++ fprintf(f, "burst %s ", sprint_size(buffer, b1));
++ fprintf(f, "cburst %s ", sprint_size(cbuffer, b1));
++ }
++ if (show_raw)
++ fprintf(f, "buffer [%08x] cbuffer [%08x] ",
++ hopt->buffer,hopt->cbuffer);
++ }
++ if (tb[TCA_HTB_INIT]) {
++ gopt = RTA_DATA(tb[TCA_HTB_INIT]);
++ if (RTA_PAYLOAD(tb[TCA_HTB_INIT]) < sizeof(*gopt)) return -1;
++
++ fprintf(f, "r2q %d default %x direct_packets_stat %u",
++ gopt->rate2quantum,gopt->defcls,gopt->direct_pkts);
++ if (show_details)
++ fprintf(f," ver %d.%d",gopt->version >> 16,gopt->version & 0xffff);
++ }
++ return 0;
++}
++
++static int htb_print_xstats(struct qdisc_util *qu, FILE *f, struct rtattr *xstats)
++{
++ struct tc_htb_xstats *st;
++ if (xstats == NULL)
++ return 0;
++
++ if (RTA_PAYLOAD(xstats) < sizeof(*st))
++ return -1;
++
++ st = RTA_DATA(xstats);
++ fprintf(f, " lended: %u borrowed: %u giants: %u\n",
++ st->lends,st->borrows,st->giants);
++ fprintf(f, " tokens: %d ctokens: %d\n", st->tokens,st->ctokens);
++ return 0;
++}
++
++struct qdisc_util htb_util = {
++ NULL,
++ "htb",
++ htb_parse_opt,
++ htb_print_opt,
++ htb_print_xstats,
++ htb_parse_class_opt,
++ htb_print_opt,
++};
++
++/* for testing of old one */
++struct qdisc_util htb2_util = {
++ NULL,
++ "htb2",
++ htb_parse_opt,
++ htb_print_opt,
++ htb_print_xstats,
++ htb_parse_class_opt,
++ htb_print_opt,
++};
+--- iproute2/tc/Makefile Tue Jul 6 18:13:07 1999
++++ iproute2new/tc/Makefile Thu May 9 12:34:19 2002
+@@ -21,6 +21,7 @@ ifeq ($(TC_CONFIG_DIFFSERV),y)
+ endif
+
+ #TCMODULES += q_csz.o
++TCMODULES += q_htb.o
+ #TCMODULES += q_hpfq.o
+ #TCMODULES += q_hfsc.o
+
+#PF_EXT_SLIB:=ah connlimit connmark conntrack dscp ecn esp helper icmp iprange length limit mac mark multiport owner physdev pkttype realm rpc standard state tcp tcpmss tos ttl udp unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NOTRACK REDIRECT REJECT SAME SNAT TARPIT TCPMSS TOS TRACE TTL ULOG
+PF_EXT_SLIB:=icmp iprange mark multiport standard state tcp udp DNAT LOG MARK MASQUERADE REDIRECT REJECT SNAT TCPMSS
+#PF6_EXT_SLIB:=eui64 hl icmpv6 length limit mac mark multiport owner standard tcp udp HL LOG MARK TRACE
-+#PF6_EXT_SLIB:=eui64 icmpv6 mark standard tcp udp LOG
++PF6_EXT_SLIB:=eui64 icmpv6 mark standard tcp udp LOG
# Optionals
-PF_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T)))
--- /dev/null
+/etc/chilli.conf
--- /dev/null
+Package: chillispot
+Priority: optional
+Section: net
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico <nthill@free.fr>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: a wireless access point controller
+Depends: tun-module
--- /dev/null
+#!/bin/sh
+
+case $1 in
+ start)
+ insmod tun >/dev/null 2>&1
+ [ -d /var/run ] || mkdir -p /var/run
+ /usr/sbin/chilli
+ ;;
+ stop)
+ [ -f /var/run/chilli.pid ] && kill $(cat /var/run/chilli.pid) >/dev/null 2>&1
+ ;;
+ *)
+ echo "usage: $0 (start|stop)"
+ exit 1
+esac
+
+exit $?
--- /dev/null
+/etc/dhcp-fwd.conf
--- /dev/null
+Package: dhcp-fwd
+Priority: optional
+Section: net
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico <nthill@free.fr>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: a DHCP relay agent
--- /dev/null
+## $Id$
+
+## This file contains a sample configuration for the network shown
+## below:
+##
+## -------------- ---------- -------------
+## | DHCP Server | | | | |
+## | 192.168.8.66 |------<eth1>| dhcp-fwd |<eth2>------| Clients |
+## | | | | | |
+## -------------- ---------- -------------
+##
+## By default, the dhcp-fwd agent looks at /etc/dhcp-fwd.conf
+## for this file. By using the '-c' option when calling dhcp-fwd, this
+## path can be changed.
+
+
+######### ENVIRONMENT SETTINGS #########
+####
+###
+## The server will drop its privileges and goes into a chroot-jail
+## after doing its initialization. The following parameters are
+## defining the needed parameters:
+
+## User and group names/ids. It can be a numeric id or a resolvable
+## alphanumeric-name.
+##
+## WARNING: when compiled with dietlibc the user-/group-names must be
+## resolvable by files-NSS. LDAP or NIS NSS will not work so
+## the numeric ids must be used
+user daemon
+group daemon
+
+## chroot() path
+chroot /var/run/dhcp-fwd
+
+## Logfile and loglevel. The logfile-location is relatively to the
+## directory where dhcp-fwd was started and not to the chroot-directory.
+##
+## The loglevel option is not supported yet.
+logfile /var/log/dhcp-fwd.log
+loglevel 1
+
+## SysV pidfile; contains the PID of the daemon-process and will be
+## written with root-privileges
+pidfile /var/run/dhcp-fwd.pid
+
+
+## Set limit for resources. When using much interfaces or servers
+## below you will need to increase some values. Same holds when not
+## using dietlibc. Use '-1' as the value to disable the upper limit
+## for the given resource.
+##
+## Look into /proc/<pid>/status to find out the real usage of the
+## resources.
+ulimit core 0
+ulimit stack 64K
+ulimit data 32K
+ulimit rss 200K
+ulimit nproc 0
+ulimit nofile 0
+ulimit as 0
+
+
+######### INTERFACE SETTINGS #########
+####
+###
+## The interface where the forwarder listens for messages. There must
+## be specified BOTH the server-side and client-side interfaces!
+##
+## Each interface will be identified by its system-wide name
+## (e.g. eth0). After this it must be told whether there are
+## clients and servers, and if it is allowed to send broadcast
+## messages to clients. The bcast flags will be IGNORED when
+## forwarding messages to servers.
+
+# IFNAME clients servers bcast
+if eth2 true false true
+if eth1 false true true
+
+
+## Each interface can be given an RFC 3046 agent ID. The 'name' config
+## option sets this value; if an interface is not specified here, the
+## IFNAME will be assumed.
+
+# IFNAME agent-id
+name eth2 ws-c
+
+
+## Each interface can be given an specific IP to be filled into the
+## 'giaddr' field.
+##
+## BEWARE: because the outgoing DHCP message will contain the "normal" IP
+## address of the outgoing-interface in its IP-header, some additional
+## work in the system must be done. You can e.g. add an iptables rule to
+## the 'nat' table similarly to this:
+##
+## | Chain POSTROUTING (policy ACCEPT)
+## | target prot opt source destination
+## | SNAT udp -- 192.168.0.6 192.168.8.66 udp spt:68 dpt:67 to:192.168.2.255
+
+# ip eth0 192.168.2.255
+
+
+######### SERVER SETTINGS #########
+####
+###
+## Definitions of the servers. There must be told the type ('ip' or
+## 'bcast') and the address. When using 'ip', the address is a non-bcast
+## IPv4 address (dotted, DNS-names are NOT supported); and when using
+## 'bcast' servers, the address is an IFNAME.
+
+# TYPE address
+server ip 192.168.8.66
+#server bcast eth1
--- /dev/null
+#!/bin/sh
+
+case $1 in
+ start)
+ [ -d /var/log ] || mkdir -p /var/log
+ [ -d /var/run/dhcp-wfd ] || mkdir -p /var/run/dhcp-fwd
+ dhcp-fwd
+ ;;
+ stop)
+ [ -f /var/run/dhcpd-fwd.pid ] && kill $(cat /var/run/dhcpd-fwd.pid) 2>/dev/null
+ ;;
+ *)
+ echo "usage: $0 (start|stop)"
+ exit 1
+esac
+
+exit $?
--- /dev/null
+Package: ip6tables
+Architecture: mipsel
+Version: 1.2.9-1
+Section: net
+Priority: optional
+Maintainer: Sebastien NOEL <me@twolife.org>
+Source: Embedded in the main OpenWrt buildroot
+Depends: kmod-ipv6, kmod-ipt6
+Description: Linux kernel 2.4+ IPv6 packet filter administration tools
--- /dev/null
+Package: kmod-ipt6
+Architecture: mipsel
+Version: 2.4.20-1
+Section: kernel
+Priority: optional
+Maintainer: Sebastien NOEL <me@twolife.org>
+Source: Embedded in the main OpenWrt buildroot
+Depends: kmod-ipv6, ip6tables
+Description: ip6tables kernel modules
--- /dev/null
+Package: kmod-ipv6
+Architecture: mipsel
+Version: 2.4.20-1
+Section: kernel
+Priority: optional
+Maintainer: Sebastien NOEL <me@twolife.org>
+Source: Embedded in the main OpenWrt buildroot
+Depends:
+Description: Kernel modules for the IPv6 protocol
--- /dev/null
+Package: nfs-modules
+Priority: optional
+Section: kernel
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico <nthill@free.fr>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: the NFS kernel modules
--- /dev/null
+Package: ppp-async-module
+Priority: optional
+Section: net
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico <nthill@free.fr>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: a PPP async serial channel driver kernel module
--- /dev/null
+Package: ppp-mppe-module
+Priority: optional
+Section: net
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico <nthill@free.fr>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: a Microsoft PPP compression/encryption (MPPC/MPPE) kernel module
--- /dev/null
+/etc/ppp/radius.conf
+/etc/ppp/radius/servers
--- /dev/null
+Package: ppp-radius-plugin
+Priority: optional
+Section: net
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: a RADIUS plugin for the PPP daemon
+Depends: ppp
--- /dev/null
+plugin radius.so
+radius-config-file /etc/ppp/radius.conf
--- /dev/null
+authserver localhost:1812
+acctserver localhost:1813
+dictionary /etc/ppp/radius/dictionary
+servers /etc/ppp/radius/servers
+seqfile /var/tmp/radius.seq
+radius_timeout 10
+radius_retries 3
+mapfile /dev/null
\ No newline at end of file
--- /dev/null
+#
+# Updated 97/06/13 to livingston-radius-2.01 miquels@cistron.nl
+#
+# This file contains dictionary translations for parsing
+# requests and generating responses. All transactions are
+# composed of Attribute/Value Pairs. The value of each attribute
+# is specified as one of 4 data types. Valid data types are:
+#
+# string - 0-253 octets
+# ipaddr - 4 octets in network byte order
+# integer - 32 bit value in big endian order (high byte first)
+# date - 32 bit value in big endian order - seconds since
+# 00:00:00 GMT, Jan. 1, 1970
+#
+# Enumerated values are stored in the user file with dictionary
+# VALUE translations for easy administration.
+#
+# Example:
+#
+# ATTRIBUTE VALUE
+# --------------- -----
+# Framed-Protocol = PPP
+# 7 = 1 (integer encoding)
+#
+
+# The dictionary format now supports vendor-specific attributes.
+# Vendors are introduced like this:
+#
+# VENDOR vendor_name vendor_number
+#
+# For example:
+#
+# VENDOR RoaringPenguin 10055
+#
+# Vendor-specific attributes have a fifth field with the name of the
+# vendor. For example:
+#
+# ATTRIBUTE RP-Upstream-Speed-Limit 1 integer RoaringPenguin
+#
+# introduces a Roaring Penguin vendor-specific attribbute with name
+# RP-Upstream-Speed-Limit, number 1, type integer and vendor RoaringPenguin.
+
+#
+# Following are the proper new names. Use these.
+#
+ATTRIBUTE User-Name 1 string
+ATTRIBUTE Password 2 string
+ATTRIBUTE CHAP-Password 3 string
+ATTRIBUTE NAS-IP-Address 4 ipaddr
+ATTRIBUTE NAS-Port-Id 5 integer
+ATTRIBUTE Service-Type 6 integer
+ATTRIBUTE Framed-Protocol 7 integer
+ATTRIBUTE Framed-IP-Address 8 ipaddr
+ATTRIBUTE Framed-IP-Netmask 9 ipaddr
+ATTRIBUTE Framed-Routing 10 integer
+ATTRIBUTE Filter-Id 11 string
+ATTRIBUTE Framed-MTU 12 integer
+ATTRIBUTE Framed-Compression 13 integer
+ATTRIBUTE Login-IP-Host 14 ipaddr
+ATTRIBUTE Login-Service 15 integer
+ATTRIBUTE Login-TCP-Port 16 integer
+ATTRIBUTE Reply-Message 18 string
+ATTRIBUTE Callback-Number 19 string
+ATTRIBUTE Callback-Id 20 string
+ATTRIBUTE Framed-Route 22 string
+ATTRIBUTE Framed-IPX-Network 23 ipaddr
+ATTRIBUTE State 24 string
+ATTRIBUTE Class 25 string
+ATTRIBUTE Session-Timeout 27 integer
+ATTRIBUTE Idle-Timeout 28 integer
+ATTRIBUTE Termination-Action 29 integer
+ATTRIBUTE Called-Station-Id 30 string
+ATTRIBUTE Calling-Station-Id 31 string
+ATTRIBUTE NAS-Identifier 32 string
+ATTRIBUTE Acct-Status-Type 40 integer
+ATTRIBUTE Acct-Delay-Time 41 integer
+ATTRIBUTE Acct-Input-Octets 42 integer
+ATTRIBUTE Acct-Output-Octets 43 integer
+ATTRIBUTE Acct-Session-Id 44 string
+ATTRIBUTE Acct-Authentic 45 integer
+ATTRIBUTE Acct-Session-Time 46 integer
+ATTRIBUTE Acct-Input-Packets 47 integer
+ATTRIBUTE Acct-Output-Packets 48 integer
+ATTRIBUTE Acct-Terminate-Cause 49 integer
+ATTRIBUTE Chap-Challenge 60 string
+ATTRIBUTE NAS-Port-Type 61 integer
+ATTRIBUTE Port-Limit 62 integer
+ATTRIBUTE Connect-Info 77 string
+
+# RFC 2869
+ATTRIBUTE Acct-Interim-Interval 85 integer
+
+#
+# Experimental Non Protocol Attributes used by Cistron-Radiusd
+#
+ATTRIBUTE Huntgroup-Name 221 string
+ATTRIBUTE User-Category 1029 string
+ATTRIBUTE Group-Name 1030 string
+ATTRIBUTE Simultaneous-Use 1034 integer
+ATTRIBUTE Strip-User-Name 1035 integer
+ATTRIBUTE Fall-Through 1036 integer
+ATTRIBUTE Add-Port-To-IP-Address 1037 integer
+ATTRIBUTE Exec-Program 1038 string
+ATTRIBUTE Exec-Program-Wait 1039 string
+ATTRIBUTE Hint 1040 string
+
+#
+# Non-Protocol Attributes
+# These attributes are used internally by the server
+#
+ATTRIBUTE Expiration 21 date
+ATTRIBUTE Auth-Type 1000 integer
+ATTRIBUTE Menu 1001 string
+ATTRIBUTE Termination-Menu 1002 string
+ATTRIBUTE Prefix 1003 string
+ATTRIBUTE Suffix 1004 string
+ATTRIBUTE Group 1005 string
+ATTRIBUTE Crypt-Password 1006 string
+ATTRIBUTE Connect-Rate 1007 integer
+
+#
+# Experimental, implementation specific attributes
+#
+# Limit session traffic
+ATTRIBUTE Session-Octets-Limit 227 integer
+# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
+ATTRIBUTE Octets-Direction 228 integer
+
+#
+# Integer Translations
+#
+
+# User Types
+
+VALUE Service-Type Login-User 1
+VALUE Service-Type Framed-User 2
+VALUE Service-Type Callback-Login-User 3
+VALUE Service-Type Callback-Framed-User 4
+VALUE Service-Type Outbound-User 5
+VALUE Service-Type Administrative-User 6
+VALUE Service-Type NAS-Prompt-User 7
+
+# Framed Protocols
+
+VALUE Framed-Protocol PPP 1
+VALUE Framed-Protocol SLIP 2
+
+# Framed Routing Values
+
+VALUE Framed-Routing None 0
+VALUE Framed-Routing Broadcast 1
+VALUE Framed-Routing Listen 2
+VALUE Framed-Routing Broadcast-Listen 3
+
+# Framed Compression Types
+
+VALUE Framed-Compression None 0
+VALUE Framed-Compression Van-Jacobson-TCP-IP 1
+
+# Login Services
+
+VALUE Login-Service Telnet 0
+VALUE Login-Service Rlogin 1
+VALUE Login-Service TCP-Clear 2
+VALUE Login-Service PortMaster 3
+
+# Status Types
+
+VALUE Acct-Status-Type Start 1
+VALUE Acct-Status-Type Stop 2
+VALUE Acct-Status-Type Accounting-On 7
+VALUE Acct-Status-Type Accounting-Off 8
+
+# Authentication Types
+
+VALUE Acct-Authentic RADIUS 1
+VALUE Acct-Authentic Local 2
+VALUE Acct-Authentic PowerLink128 100
+
+# Termination Options
+
+VALUE Termination-Action Default 0
+VALUE Termination-Action RADIUS-Request 1
+
+# NAS Port Types, available in 3.3.1 and later
+
+VALUE NAS-Port-Type Async 0
+VALUE NAS-Port-Type Sync 1
+VALUE NAS-Port-Type ISDN 2
+VALUE NAS-Port-Type ISDN-V120 3
+VALUE NAS-Port-Type ISDN-V110 4
+
+# Acct Terminate Causes, available in 3.3.2 and later
+
+VALUE Acct-Terminate-Cause User-Request 1
+VALUE Acct-Terminate-Cause Lost-Carrier 2
+VALUE Acct-Terminate-Cause Lost-Service 3
+VALUE Acct-Terminate-Cause Idle-Timeout 4
+VALUE Acct-Terminate-Cause Session-Timeout 5
+VALUE Acct-Terminate-Cause Admin-Reset 6
+VALUE Acct-Terminate-Cause Admin-Reboot 7
+VALUE Acct-Terminate-Cause Port-Error 8
+VALUE Acct-Terminate-Cause NAS-Error 9
+VALUE Acct-Terminate-Cause NAS-Request 10
+VALUE Acct-Terminate-Cause NAS-Reboot 11
+VALUE Acct-Terminate-Cause Port-Unneeded 12
+VALUE Acct-Terminate-Cause Port-Preempted 13
+VALUE Acct-Terminate-Cause Port-Suspended 14
+VALUE Acct-Terminate-Cause Service-Unavailable 15
+VALUE Acct-Terminate-Cause Callback 16
+VALUE Acct-Terminate-Cause User-Error 17
+VALUE Acct-Terminate-Cause Host-Request 18
+
+#
+# Non-Protocol Integer Translations
+#
+
+VALUE Auth-Type Local 0
+VALUE Auth-Type System 1
+VALUE Auth-Type SecurID 2
+VALUE Auth-Type Crypt-Local 3
+VALUE Auth-Type Reject 4
+
+#
+# Cistron extensions
+#
+VALUE Auth-Type Pam 253
+VALUE Auth-Type None 254
+
+#
+# Experimental Non-Protocol Integer Translations for Cistron-Radiusd
+#
+VALUE Fall-Through No 0
+VALUE Fall-Through Yes 1
+VALUE Add-Port-To-IP-Address No 0
+VALUE Add-Port-To-IP-Address Yes 1
+
+#
+# Configuration Values
+# uncomment these two lines to turn account expiration on
+#
+
+#VALUE Server-Config Password-Expiration 30
+#VALUE Server-Config Password-Warning 5
+
+# Octets-Direction
+VALUE Octets-Direction Sum 0
+VALUE Octets-Direction Input 1
+VALUE Octets-Direction Output 2
+VALUE Octets-Direction MaxOveral 3
+VALUE Octets-Direction MaxSession 4
+
+INCLUDE /etc/ppp/radius/dictionary.microsoft
--- /dev/null
+#
+# Microsoft's VSA's, from RFC 2548
+#
+# $Id$
+#
+
+VENDOR Microsoft 311 Microsoft
+
+ATTRIBUTE MS-CHAP-Response 1 string Microsoft
+ATTRIBUTE MS-CHAP-Error 2 string Microsoft
+ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft
+ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft
+ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft
+ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft
+ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft
+# This is referred to as both singular and plural in the RFC.
+# Plural seems to make more sense.
+ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft
+ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft
+ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft
+ATTRIBUTE MS-CHAP-Domain 10 string Microsoft
+ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft
+ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft
+ATTRIBUTE MS-BAP-Usage 13 integer Microsoft
+ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft
+ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft
+ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft
+ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft
+ATTRIBUTE MS-RAS-Version 18 string Microsoft
+ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft
+ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft
+ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft
+
+ATTRIBUTE MS-Filter 22 string Microsoft
+ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft
+ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft
+
+ATTRIBUTE MS-CHAP2-Response 25 string Microsoft
+ATTRIBUTE MS-CHAP2-Success 26 string Microsoft
+ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft
+
+ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft
+ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft
+ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft
+ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft
+
+#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft
+
+
+#
+# Integer Translations
+#
+
+# MS-BAP-Usage Values
+
+VALUE MS-BAP-Usage Not-Allowed 0
+VALUE MS-BAP-Usage Allowed 1
+VALUE MS-BAP-Usage Required 2
+
+# MS-ARAP-Password-Change-Reason Values
+
+VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1
+VALUE MS-ARAP-PW-Change-Reason Expired-Password 2
+VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3
+VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4
+
+# MS-Acct-Auth-Type Values
+
+VALUE MS-Acct-Auth-Type PAP 1
+VALUE MS-Acct-Auth-Type CHAP 2
+VALUE MS-Acct-Auth-Type MS-CHAP-1 3
+VALUE MS-Acct-Auth-Type MS-CHAP-2 4
+VALUE MS-Acct-Auth-Type EAP 5
+
+# MS-Acct-EAP-Type Values
+
+VALUE MS-Acct-EAP-Type MD5 4
+VALUE MS-Acct-EAP-Type OTP 5
+VALUE MS-Acct-EAP-Type Generic-Token-Card 6
+VALUE MS-Acct-EAP-Type TLS 13
+
--- /dev/null
+localhost secret
--- /dev/null
+/etc/ppp/chap-secrets
+/etc/ppp/options
--- /dev/null
+Package: ppp
+Priority: optional
+Section: net
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico <nthill@free.fr>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: a Point-to-Point Protocol (PPP) daemon
--- /dev/null
+nico pptp-server secret 172.16.1.101
\ No newline at end of file
--- /dev/null
+/etc/ppp/pptp-server-options
+/etc/pptpd.conf
--- /dev/null
+Package: pptp-server
+Priority: optional
+Section: net
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico <nthill@free.fr>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: a Point-to-Point Tunneling Protocol (PPTP) server
+Depends: ppp
--- /dev/null
+#!/bin/sh
+
+case $1 in
+ start)
+ insmod ppp_async >/dev/null 2>&1
+ insmod ppp_mppe_mppc >/dev/null 2>&1
+ [ -d /var/run ] || mkdir -p /var/run
+ /usr/sbin/pptpd
+ ;;
+ stop)
+ [ -f /var/run/pptpd.pid ] && kill $(cat /var/run/pptpd.pid) >/dev/null 2>&1
+ ;;
+ *)
+ echo "usage: $0 (start|stop)"
+ exit 1
+esac
+
+exit $?
--- /dev/null
+#debug
+#logfile /tmp/pptp-server.log
+172.16.1.1:
+auth
+name "pptp-server"
+lcp-echo-failure 3
+lcp-echo-interval 60
+default-asyncmap
+mtu 1482
+mru 1482
+nobsdcomp
+nodeflate
+#noproxyarp
+#nomppc
+nomppe-40
+nomppe-56
+nomppe-stateful
+require-mppe
+require-mppe-128
+require-mschap-v2
+refuse-chap
+refuse-mschap
+refuse-eap
+refuse-pap
+#ms-dns 172.16.1.1
+#plugin radius.so
+#radius-config-file /etc/radius.conf
--- /dev/null
+#debug
+option /etc/ppp/pptp-server-options
+speed 115200
+stimeout 10
+#localip & remoteip are not needed, ip management is done by pppd
--- /dev/null
+Package: tun-module
+Priority: optional
+Section: kernel
+Version: TBDL
+Architecture: TBDL
+Maintainer: Nico <nthill@free.fr>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/
+Description: the Universal TUN/TAP device driver
--- /dev/null
+diff -Nur linux/net/ipv6/netfilter/ip6_tables.c linux.fixed/net/ipv6/netfilter/ip6_tables.c
+--- linux/net/ipv6/netfilter/ip6_tables.c Sat Aug 3 02:39:46 2002
++++ linux.fixed/net/ipv6/netfilter/ip6_tables.c Thu Sep 26 17:12:07 2002
+@@ -98,10 +98,8 @@
+ unsigned int hook_entry[NF_IP6_NUMHOOKS];
+ unsigned int underflow[NF_IP6_NUMHOOKS];
+
+- char padding[SMP_ALIGN((NF_IP6_NUMHOOKS*2+2)*sizeof(unsigned int))];
+-
+ /* ip6t_entry tables: one per CPU */
+- char entries[0];
++ char entries[0] ____cacheline_aligned;
+ };
+
+ static LIST_HEAD(ip6t_target);
+@@ -1425,7 +1423,7 @@
+ int ret;
+ struct ip6t_table_info *newinfo;
+ static struct ip6t_table_info bootstrap
+- = { 0, 0, 0, { 0 }, { 0 }, { }, { } };
++ = { 0, 0, 0, { 0 }, { 0 }, { } };
+
+ MOD_INC_USE_COUNT;
+ newinfo = vmalloc(sizeof(struct ip6t_table_info)
--- /dev/null
+diff -ruN ppp-2.4.2/TODO ppp-cvs-20040427/TODO
+--- ppp-2.4.2/TODO 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/TODO 1999-03-22 07:38:09.000000000 +0100
+@@ -0,0 +1,16 @@
++* Things to do *
++
++- How should we handle the case where MTU > MRU?
++ Should we reduce the IP MTU to the link MRU (so TCP MSS is correct)?
++
++- Provide ways to:
++ + set the IP address, possibly based on the peer's identity
++ + have external checking of PAP user/password, CHAP response
++ + supply the PAP user/password, CHAP secret
++ + decide which tty to use (locking, DTR issues)
++
++- Integrate callback stuff?
++
++- Implement link quality monitoring
++
++- Implement other network control protocols
+diff -ruN ppp-2.4.2/chat/chat.c ppp-cvs-20040427/chat/chat.c
+--- ppp-2.4.2/chat/chat.c 2003-03-30 10:23:48.000000000 +0200
++++ ppp-cvs-20040427/chat/chat.c 2004-01-17 06:50:11.000000000 +0100
+@@ -87,7 +87,7 @@
+ #endif
+
+ #ifndef lint
+-static const char rcsid[] = "$Id: chat.c,v 1.29 2003/03/04 06:17:21 fcusack Exp $";
++static const char rcsid[] = "$Id: chat.c,v 1.30 2004/01/17 05:47:55 carlsonj Exp $";
+ #endif
+
+ #include <stdio.h>
+@@ -213,7 +213,7 @@
+ void *copy_of __P((char *s));
+ char *grow __P((char *s, char **p, size_t len));
+ void usage __P((void));
+-void logf __P((const char *fmt, ...));
++void msgf __P((const char *fmt, ...));
+ void fatal __P((int code, const char *fmt, ...));
+ SIGTYPE sigalrm __P((int signo));
+ SIGTYPE sigint __P((int signo));
+@@ -495,7 +495,7 @@
+ /*
+ * Send a message to syslog and/or stderr.
+ */
+-void logf __V((const char *fmt, ...))
++void msgf __V((const char *fmt, ...))
+ {
+ va_list args;
+
+@@ -558,7 +558,7 @@
+ fatal(2, "Can't set file mode flags on stdin: %m");
+
+ if (verbose)
+- logf("alarm");
++ msgf("alarm");
+ }
+
+ void unalarm()
+@@ -1001,9 +1001,9 @@
+ * The expectation did not occur. This is terminal.
+ */
+ if (fail_reason)
+- logf("Failed (%s)", fail_reason);
++ msgf("Failed (%s)", fail_reason);
+ else
+- logf("Failed");
++ msgf("Failed");
+ terminate(exit_code);
+ }
+
+@@ -1079,7 +1079,7 @@
+ abort_string[n_aborts++] = s1;
+
+ if (verbose)
+- logf("abort on (%v)", s);
++ msgf("abort on (%v)", s);
+ return;
+ }
+
+@@ -1105,7 +1105,7 @@
+ pack++;
+ n_aborts--;
+ if (verbose)
+- logf("clear abort on (%v)", s);
++ msgf("clear abort on (%v)", s);
+ }
+ }
+ free(s1);
+@@ -1129,7 +1129,7 @@
+ report_string[n_reports++] = s1;
+
+ if (verbose)
+- logf("report (%v)", s);
++ msgf("report (%v)", s);
+ return;
+ }
+
+@@ -1155,7 +1155,7 @@
+ pack++;
+ n_reports--;
+ if (verbose)
+- logf("clear report (%v)", s);
++ msgf("clear report (%v)", s);
+ }
+ }
+ free(s1);
+@@ -1173,7 +1173,7 @@
+ timeout = DEFAULT_CHAT_TIMEOUT;
+
+ if (verbose)
+- logf("timeout set to %d seconds", timeout);
++ msgf("timeout set to %d seconds", timeout);
+
+ return;
+ }
+@@ -1236,7 +1236,7 @@
+ return ((int)c & 0x7F);
+
+ default:
+- logf("warning: read() on stdin returned %d", status);
++ msgf("warning: read() on stdin returned %d", status);
+
+ case -1:
+ if ((status = fcntl(0, F_GETFL, 0)) == -1)
+@@ -1264,7 +1264,7 @@
+ return (0);
+
+ default:
+- logf("warning: write() on stdout returned %d", status);
++ msgf("warning: write() on stdout returned %d", status);
+
+ case -1:
+ if ((status = fcntl(0, F_GETFL, 0)) == -1)
+@@ -1286,9 +1286,9 @@
+
+ if (verbose) {
+ if (errno == EINTR || errno == EWOULDBLOCK)
+- logf(" -- write timed out");
++ msgf(" -- write timed out");
+ else
+- logf(" -- write failed: %m");
++ msgf(" -- write failed: %m");
+ }
+ return (0);
+ }
+@@ -1303,9 +1303,9 @@
+
+ if (verbose) {
+ if (quiet)
+- logf("send (??????)");
++ msgf("send (??????)");
+ else
+- logf("send (%v)", s);
++ msgf("send (%v)", s);
+ }
+
+ alarm(timeout); alarmed = 0;
+@@ -1392,17 +1392,17 @@
+ minlen = (len > sizeof(fail_buffer)? len: sizeof(fail_buffer)) - 1;
+
+ if (verbose)
+- logf("expect (%v)", string);
++ msgf("expect (%v)", string);
+
+ if (len > STR_LEN) {
+- logf("expect string is too long");
++ msgf("expect string is too long");
+ exit_code = 1;
+ return 0;
+ }
+
+ if (len == 0) {
+ if (verbose)
+- logf("got it");
++ msgf("got it");
+ return (1);
+ }
+
+@@ -1416,16 +1416,16 @@
+ echo_stderr(c);
+ if (verbose && c == '\n') {
+ if (s == logged)
+- logf(""); /* blank line */
++ msgf(""); /* blank line */
+ else
+- logf("%0.*v", s - logged, logged);
++ msgf("%0.*v", s - logged, logged);
+ logged = s + 1;
+ }
+
+ *s++ = c;
+
+ if (verbose && s >= logged + 80) {
+- logf("%0.*v", s - logged, logged);
++ msgf("%0.*v", s - logged, logged);
+ logged = s;
+ }
+
+@@ -1470,8 +1470,8 @@
+ strncmp(s - len, string, len) == 0) {
+ if (verbose) {
+ if (s > logged)
+- logf("%0.*v", s - logged, logged);
+- logf(" -- got it\n");
++ msgf("%0.*v", s - logged, logged);
++ msgf(" -- got it\n");
+ }
+
+ alarm(0);
+@@ -1484,8 +1484,8 @@
+ strncmp(s - abort_len, abort_string[n], abort_len) == 0) {
+ if (verbose) {
+ if (s > logged)
+- logf("%0.*v", s - logged, logged);
+- logf(" -- failed");
++ msgf("%0.*v", s - logged, logged);
++ msgf(" -- failed");
+ }
+
+ alarm(0);
+@@ -1499,7 +1499,7 @@
+ if (s >= end) {
+ if (logged < s - minlen) {
+ if (verbose)
+- logf("%0.*v", s - logged, logged);
++ msgf("%0.*v", s - logged, logged);
+ logged = s;
+ }
+ s -= minlen;
+@@ -1509,16 +1509,16 @@
+ }
+
+ if (alarmed && verbose)
+- logf("warning: alarm synchronization problem");
++ msgf("warning: alarm synchronization problem");
+ }
+
+ alarm(0);
+
+ if (verbose && printed) {
+ if (alarmed)
+- logf(" -- read timed out");
++ msgf(" -- read timed out");
+ else
+- logf(" -- read failed: %m");
++ msgf(" -- read failed: %m");
+ }
+
+ exit_code = 3;
+diff -ruN ppp-2.4.2/configure ppp-cvs-20040427/configure
+--- ppp-2.4.2/configure 2002-11-09 12:24:41.000000000 +0100
++++ ppp-cvs-20040427/configure 2004-01-17 06:50:11.000000000 +0100
+@@ -1,5 +1,5 @@
+ #!/bin/sh
+-# $Id: configure,v 1.30 2002/11/02 19:48:12 carlsonj Exp $
++# $Id: configure,v 1.31 2004/01/17 05:47:55 carlsonj Exp $
+
+ # if [ -d /NextApps ]; then
+ # system="NeXTStep"
+@@ -27,7 +27,7 @@
+ esac;;
+ 5.[1-6]*) state="known"; ksrc="solaris"; makext="sol2";;
+ esac
+- if [ -x /opt/SUNWspro/bin/cc ] &&
++ if [ -x /opt/SUNWspro/bin/cc -a "$1" != "gcc" ] &&
+ /opt/SUNWspro/bin/cc -flags >/dev/null 2>&1; then
+ : # use Sun WorkShop compiler
+ elif gcc --version >/dev/null 2>&1; then
+diff -ruN ppp-2.4.2/contrib/pppgetpass/Makefile.linux ppp-cvs-20040427/contrib/pppgetpass/Makefile.linux
+--- ppp-2.4.2/contrib/pppgetpass/Makefile.linux 1999-11-15 05:08:24.000000000 +0100
++++ ppp-cvs-20040427/contrib/pppgetpass/Makefile.linux 1970-01-01 01:00:00.000000000 +0100
+@@ -1,16 +0,0 @@
+-all: pppgetpass.vt pppgetpass.gtk
+-
+-pppgetpass.vt: pppgetpass.vt.o
+-
+-pppgetpass.gtk: pppgetpass.gtk.o
+- $(CC) $(LDFLAGS) pppgetpass.gtk.o `gtk-config --libs` -o pppgetpass.gtk
+-pppgetpass.gtk.o: pppgetpass.gtk.c
+- $(CC) $(CFLAGS) -c pppgetpass.gtk.c `gtk-config --cflags`
+-
+-install: all
+- install -m 755 pppgetpass.sh /usr/bin/pppgetpass
+- install -m 4755 -o root -g root pppgetpass.vt /usr/bin/
+- install -m 755 -o root -g root pppgetpass.gtk /usr/X11/bin/
+-
+-clean:
+- rm -f *.o pppgetpass.gtk pppgetpass.vt core
+diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.8 ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.8
+--- ppp-2.4.2/contrib/pppgetpass/pppgetpass.8 1999-11-15 05:08:24.000000000 +0100
++++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.8 1970-01-01 01:00:00.000000000 +0100
+@@ -1,18 +0,0 @@
+-.TH PPPGETPASS 8 "26 Sep 1999"
+-.SH NAME
+-pppgetpass \- prompt for PAP password
+-.SH SYNOPSIS
+-.B pppgetpass
+-.I client server fd
+-.SH DESCRIPTION
+-.B pppgetpass
+-the outer half of a plugin for PAP password prompting in pppd.
+-If the peer requires PAP, and the
+-.B passprompt.so
+-plugin is loaded into pppd, it will run
+-.B /usr/sbin/pppgetpass
+-(or another program specified by the
+-.B promptprog
+-option) to prompt the user for the password.
+-.SH SEE ALSO
+-pppd(8)
+diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.gtk.c ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.gtk.c
+--- ppp-2.4.2/contrib/pppgetpass/pppgetpass.gtk.c 1999-11-15 05:08:24.000000000 +0100
++++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.gtk.c 1970-01-01 01:00:00.000000000 +0100
+@@ -1,92 +0,0 @@
+-#include <glib.h>
+-#include <gdk/gdk.h>
+-#include <gtk/gtkwindow.h>
+-#include <gtk/gtkmain.h>
+-#include <gtk/gtkbutton.h>
+-#include <gtk/gtkvbox.h>
+-#include <gtk/gtklabel.h>
+-#include <gtk/gtkentry.h>
+-#include <gtk/gtksignal.h>
+-
+-#include <stdio.h>
+-#include <string.h>
+-#include <stdlib.h>
+-#include <unistd.h>
+-#include <syslog.h>
+-
+-int outfd;
+-int err;
+-
+-static void okpressed(void *widget, void *clientdata)
+-{
+- GtkWidget *answer=clientdata;
+- gchar *pass;
+- int passlen;
+- ssize_t wrote;
+- (void)widget;
+-
+- pass=gtk_entry_get_text(GTK_ENTRY(answer));
+-
+- passlen=strlen(pass);
+- if(!passlen)
+- return;
+-
+- if((wrote=write(outfd, pass, passlen))!=passlen) {
+- if(wrote<0)
+- syslog(LOG_ERR, "write error on outpipe: %m");
+- else
+- syslog(LOG_ERR, "short write on outpipe");
+- err=1;
+- }
+- gtk_main_quit();
+-}
+-
+-int main(int argc, char **argv)
+-{
+- GtkWidget *mainwindow, *vbox, *question, *answer, *ok;
+- char buf[1024];
+- gtk_init(&argc, &argv);
+-
+- openlog(argv[0], LOG_PID, LOG_DAEMON);
+- if(argc!=4) {
+- syslog(LOG_WARNING, "Usage error");
+- return 1;
+- }
+- outfd=atoi(argv[3]);
+- mainwindow=gtk_window_new(GTK_WINDOW_TOPLEVEL);
+- gtk_window_set_title(GTK_WINDOW(mainwindow), "pppgetpass");
+- gtk_signal_connect(GTK_OBJECT(mainwindow), "destroy",
+- GTK_SIGNAL_FUNC(gtk_main_quit), 0);
+-
+- vbox=gtk_vbox_new(FALSE, 5);
+- gtk_container_add(GTK_CONTAINER(mainwindow), vbox);
+- gtk_widget_show(vbox);
+-
+- if(argv[1][0] && argv[2][0])
+- snprintf(buf, sizeof buf, "Password for PPP client %s on server %s: ", argv[1], argv[2]);
+- else if(argv[1][0] && !argv[2][0])
+- snprintf(buf, sizeof buf, "Password for PPP client %s: ", argv[1]);
+- else if(!argv[1][0] && argv[2][0])
+- snprintf(buf, sizeof buf, "Password for PPP on server %s: ", argv[2]);
+- else
+- snprintf(buf, sizeof buf, "Enter PPP password: ");
+- question=gtk_label_new(buf);
+- gtk_box_pack_start(GTK_BOX(vbox), question, FALSE, TRUE, 0);
+- gtk_widget_show(question);
+-
+- answer=gtk_entry_new();
+- gtk_entry_set_visibility(GTK_ENTRY(answer), 0);
+- gtk_box_pack_start(GTK_BOX(vbox), answer, FALSE, TRUE, 0);
+- gtk_widget_show(answer);
+-
+- ok=gtk_button_new_with_label("OK");
+- gtk_box_pack_start(GTK_BOX(vbox), ok, FALSE, TRUE, 0);
+- gtk_signal_connect(GTK_OBJECT(ok), "clicked",
+- GTK_SIGNAL_FUNC(okpressed), answer);
+- gtk_widget_show(ok);
+-
+- gtk_widget_show(mainwindow);
+- gtk_main();
+-
+- return err;
+-}
+diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.sh ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.sh
+--- ppp-2.4.2/contrib/pppgetpass/pppgetpass.sh 1999-11-15 05:08:24.000000000 +0100
++++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.sh 1970-01-01 01:00:00.000000000 +0100
+@@ -1,7 +0,0 @@
+-#!/bin/sh
+-
+-if [ -z "$DISPLAY" ]; then
+- exec pppgetpass.vt "$@"
+-else
+- exec pppgetpass.gtk "$@"
+-fi
+diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.vt.c ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.vt.c
+--- ppp-2.4.2/contrib/pppgetpass/pppgetpass.vt.c 1999-11-15 05:08:24.000000000 +0100
++++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.vt.c 1970-01-01 01:00:00.000000000 +0100
+@@ -1,218 +0,0 @@
+-#include <stdio.h>
+-#include <string.h>
+-#include <stdlib.h>
+-#include <errno.h>
+-#include <unistd.h>
+-#include <fcntl.h>
+-#include <sys/stat.h>
+-#include <sys/ioctl.h>
+-#include <syslog.h>
+-#include <termios.h>
+-#include <sys/vt.h>
+-
+-static int console_owner(uid_t, int);
+-
+-int main(int argc, char **argv)
+-{
+- int console;
+- uid_t uid;
+- struct vt_stat origstate;
+- int openvtnum;
+- char openvtname[256];
+- int openvt;
+- gid_t gid;
+- int chowned;
+- FILE *fp;
+- struct termios t;
+- char pass[256], *nl;
+- int outfd, passlen;
+- ssize_t wrote;
+- console=open("/dev/console", O_RDWR);
+-
+- uid=getuid();
+- gid=getgid();
+- seteuid(uid);
+-
+- openlog(argv[0], LOG_PID, LOG_DAEMON);
+-
+- if(argc!=4) {
+- syslog(LOG_WARNING, "Usage error");
+- return 1;
+- }
+-
+- if(console<0) {
+- syslog(LOG_ERR, "open(/dev/console): %m");
+- return 1;
+- }
+-
+- if(ioctl(console, VT_GETSTATE, &origstate)<0) {
+- syslog(LOG_ERR, "VT_GETSTATE: %m");
+- return 1;
+- }
+-
+- if(uid) {
+- if(!console_owner(uid, origstate.v_active)) {
+- int i;
+- for(i=0;i<64;++i) {
+- if(i!=origstate.v_active && console_owner(uid, i))
+- break;
+- }
+- if(i==64) {
+- syslog(LOG_WARNING, "run by uid %lu not at console", (unsigned long)uid);
+- return 1;
+- }
+- }
+- }
+-
+- if(ioctl(console, VT_OPENQRY, &openvtnum)<0) {
+- syslog(LOG_ERR, "VT_OPENQRY: %m");
+- return 1;
+- }
+- if(openvtnum==-1) {
+- syslog(LOG_ERR, "No free VTs");
+- return 1;
+- }
+-
+- snprintf(openvtname, sizeof openvtname, "/dev/tty%d", openvtnum);
+- seteuid(0);
+- openvt=open(openvtname, O_RDWR);
+- if(openvt<0) {
+- seteuid(uid);
+- syslog(LOG_ERR, "open(%s): %m", openvtname);
+- return 1;
+- }
+-
+- chowned=fchown(openvt, uid, gid);
+- if(chowned<0) {
+- seteuid(uid);
+- syslog(LOG_ERR, "fchown(%s): %m", openvtname);
+- return 1;
+- }
+-
+- close(console);
+-
+- if(ioctl(openvt, VT_ACTIVATE, openvtnum)<0) {
+- seteuid(uid);
+- syslog(LOG_ERR, "VT_ACTIVATE(%d): %m", openvtnum);
+- return 1;
+- }
+-
+- while(ioctl(openvt, VT_WAITACTIVE, openvtnum)<0) {
+- if(errno!=EINTR) {
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- syslog(LOG_ERR, "VT_WAITACTIVE(%d): %m", openvtnum);
+- return 1;
+- }
+- }
+-
+- seteuid(uid);
+- fp=fdopen(openvt, "r+");
+- if(!fp) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- syslog(LOG_ERR, "fdopen(%s): %m", openvtname);
+- return 1;
+- }
+-
+- if(tcgetattr(openvt, &t)<0) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- syslog(LOG_ERR, "tcgetattr(%s): %m", openvtname);
+- return 1;
+- }
+- t.c_lflag &= ~ECHO;
+- if(tcsetattr(openvt, TCSANOW, &t)<0) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- syslog(LOG_ERR, "tcsetattr(%s): %m", openvtname);
+- return 1;
+- }
+-
+- if(fprintf(fp, "\033[2J\033[H")<0) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- syslog(LOG_ERR, "write error on %s: %m", openvtname);
+- return 1;
+- }
+- if(argv[1][0] && argv[2][0]) {
+- if(fprintf(fp, "Password for PPP client %s on server %s: ", argv[1], argv[2])<0) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- syslog(LOG_ERR, "write error on %s: %m", openvtname);
+- return 1;
+- }
+- } else if(argv[1][0] && !argv[2][0]) {
+- if(fprintf(fp, "Password for PPP client %s: ", argv[1])<0) {
+- syslog(LOG_ERR, "write error on %s: %m", openvtname);
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- return 1;
+- }
+- } else if(!argv[1][0] && argv[2][0]) {
+- if(fprintf(fp, "Password for PPP on server %s: ", argv[2])<0) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- syslog(LOG_ERR, "write error on %s: %m", openvtname);
+- return 1;
+- }
+- } else {
+- if(fprintf(fp, "Enter PPP password: ")<0) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- syslog(LOG_ERR, "write error on %s: %m", openvtname);
+- return 1;
+- }
+- }
+-
+- if(!fgets(pass, sizeof pass, fp)) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- if(ferror(fp)) {
+- syslog(LOG_ERR, "read error on %s: %m", openvtname);
+- }
+- return 1;
+- }
+- if((nl=strchr(pass, '\n')))
+- *nl=0;
+- passlen=strlen(pass);
+-
+- outfd=atoi(argv[3]);
+- if((wrote=write(outfd, pass, passlen))!=passlen) {
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- if(wrote<0)
+- syslog(LOG_ERR, "write error on outpipe: %m");
+- else
+- syslog(LOG_ERR, "short write on outpipe");
+- return 1;
+- }
+-
+- seteuid(0);
+- ioctl(openvt, VT_ACTIVATE, origstate.v_active);
+- seteuid(uid);
+- return 0;
+-}
+-
+-static int console_owner(uid_t uid, int cons)
+-{
+- char name[256];
+- struct stat st;
+- snprintf(name, sizeof name, "/dev/tty%d", cons);
+- if(stat(name, &st)<0) {
+- if(errno!=ENOENT)
+- syslog(LOG_ERR, "stat(%s): %m", name);
+- return 0;
+- }
+- return uid==st.st_uid;
+-}
+diff -ruN ppp-2.4.2/include/linux/if_ether.h ppp-cvs-20040427/include/linux/if_ether.h
+--- ppp-2.4.2/include/linux/if_ether.h 2001-05-21 05:31:50.000000000 +0200
++++ ppp-cvs-20040427/include/linux/if_ether.h 1970-01-01 01:00:00.000000000 +0100
+@@ -1,99 +0,0 @@
+-/*
+- * INET An implementation of the TCP/IP protocol suite for the LINUX
+- * operating system. INET is implemented using the BSD Socket
+- * interface as the means of communication with the user level.
+- *
+- * Global definitions for the Ethernet IEEE 802.3 interface.
+- *
+- * Version: @(#)if_ether.h 1.0.1a 02/08/94
+- *
+- * Author: Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
+- * Donald Becker, <becker@super.org>
+- * Alan Cox, <alan@redhat.com>
+- * Steve Whitehouse, <gw7rrm@eeshack3.swan.ac.uk>
+- *
+- * This program is free software; you can redistribute it and/or
+- * modify it under the terms of the GNU General Public License
+- * as published by the Free Software Foundation; either version
+- * 2 of the License, or (at your option) any later version.
+- */
+-
+-#ifndef _LINUX_IF_ETHER_H
+-#define _LINUX_IF_ETHER_H
+-
+-/*
+- * IEEE 802.3 Ethernet magic constants. The frame sizes omit the preamble
+- * and FCS/CRC (frame check sequence).
+- */
+-
+-#define ETH_ALEN 6 /* Octets in one ethernet addr */
+-#define ETH_HLEN 14 /* Total octets in header. */
+-#define ETH_ZLEN 60 /* Min. octets in frame sans FCS */
+-#define ETH_DATA_LEN 1500 /* Max. octets in payload */
+-#define ETH_FRAME_LEN 1514 /* Max. octets in frame sans FCS */
+-
+-/*
+- * These are the defined Ethernet Protocol ID's.
+- */
+-
+-#define ETH_P_LOOP 0x0060 /* Ethernet Loopback packet */
+-#define ETH_P_PUP 0x0200 /* Xerox PUP packet */
+-#define ETH_P_PUPAT 0x0201 /* Xerox PUP Addr Trans packet */
+-#define ETH_P_IP 0x0800 /* Internet Protocol packet */
+-#define ETH_P_X25 0x0805 /* CCITT X.25 */
+-#define ETH_P_ARP 0x0806 /* Address Resolution packet */
+-#define ETH_P_BPQ 0x08FF /* G8BPQ AX.25 Ethernet Packet [ NOT AN OFFICIALLY REGISTERED ID ] */
+-#define ETH_P_IEEEPUP 0x0a00 /* Xerox IEEE802.3 PUP packet */
+-#define ETH_P_IEEEPUPAT 0x0a01 /* Xerox IEEE802.3 PUP Addr Trans packet */
+-#define ETH_P_DEC 0x6000 /* DEC Assigned proto */
+-#define ETH_P_DNA_DL 0x6001 /* DEC DNA Dump/Load */
+-#define ETH_P_DNA_RC 0x6002 /* DEC DNA Remote Console */
+-#define ETH_P_DNA_RT 0x6003 /* DEC DNA Routing */
+-#define ETH_P_LAT 0x6004 /* DEC LAT */
+-#define ETH_P_DIAG 0x6005 /* DEC Diagnostics */
+-#define ETH_P_CUST 0x6006 /* DEC Customer use */
+-#define ETH_P_SCA 0x6007 /* DEC Systems Comms Arch */
+-#define ETH_P_RARP 0x8035 /* Reverse Addr Res packet */
+-#define ETH_P_ATALK 0x809B /* Appletalk DDP */
+-#define ETH_P_AARP 0x80F3 /* Appletalk AARP */
+-#define ETH_P_IPX 0x8137 /* IPX over DIX */
+-#define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */
+-#define ETH_P_PPP_DISC 0x8863 /* PPPoE discovery messages */
+-#define ETH_P_PPP_SES 0x8864 /* PPPoE session messages */
+-#define ETH_P_ATMMPOA 0x884c /* MultiProtocol Over ATM */
+-#define ETH_P_ATMFATE 0x8884 /* Frame-based ATM Transport
+- * over Ethernet
+- */
+-
+-/*
+- * Non DIX types. Won't clash for 1500 types.
+- */
+-
+-#define ETH_P_802_3 0x0001 /* Dummy type for 802.3 frames */
+-#define ETH_P_AX25 0x0002 /* Dummy protocol id for AX.25 */
+-#define ETH_P_ALL 0x0003 /* Every packet (be careful!!!) */
+-#define ETH_P_802_2 0x0004 /* 802.2 frames */
+-#define ETH_P_SNAP 0x0005 /* Internal only */
+-#define ETH_P_DDCMP 0x0006 /* DEC DDCMP: Internal only */
+-#define ETH_P_WAN_PPP 0x0007 /* Dummy type for WAN PPP frames*/
+-#define ETH_P_PPP_MP 0x0008 /* Dummy type for PPP MP frames */
+-#define ETH_P_LOCALTALK 0x0009 /* Localtalk pseudo type */
+-#define ETH_P_PPPTALK 0x0010 /* Dummy type for Atalk over PPP*/
+-#define ETH_P_TR_802_2 0x0011 /* 802.2 frames */
+-#define ETH_P_MOBITEX 0x0015 /* Mobitex (kaz@cafe.net) */
+-#define ETH_P_CONTROL 0x0016 /* Card specific control frames */
+-#define ETH_P_IRDA 0x0017 /* Linux-IrDA */
+-#define ETH_P_ECONET 0x0018 /* Acorn Econet */
+-
+-/*
+- * This is an Ethernet frame header.
+- */
+-
+-struct ethhdr
+-{
+- unsigned char h_dest[ETH_ALEN]; /* destination eth addr */
+- unsigned char h_source[ETH_ALEN]; /* source ether addr */
+- unsigned short h_proto; /* packet type ID field */
+-};
+-
+-#endif /* _LINUX_IF_ETHER_H */
+diff -ruN ppp-2.4.2/include/pcap-int.h ppp-cvs-20040427/include/pcap-int.h
+--- ppp-2.4.2/include/pcap-int.h 2000-08-01 03:37:24.000000000 +0200
++++ ppp-cvs-20040427/include/pcap-int.h 2000-08-01 03:37:24.000000000 +0200
+@@ -30,7 +30,7 @@
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+- * @(#) $Header: /data/cvs/ppp/include/pcap-int.h,v 1.1 2000/08/01 01:37:24 paulus Exp $ (LBL)
++ * @(#) $Header: /cvsroot/ppp/include/pcap-int.h,v 1.1 2000/08/01 01:37:24 paulus Exp $ (LBL)
+ */
+
+ #ifndef pcap_int_h
+diff -ruN ppp-2.4.2/modules/bsd-comp.c ppp-cvs-20040427/modules/bsd-comp.c
+--- ppp-2.4.2/modules/bsd-comp.c 1998-03-19 06:59:01.000000000 +0100
++++ ppp-cvs-20040427/modules/bsd-comp.c 2004-01-17 06:50:11.000000000 +0100
+@@ -41,7 +41,7 @@
+ * This version is for use with STREAMS under SunOS 4.x,
+ * Digital UNIX, AIX 4.x, and SVR4 systems including Solaris 2.
+ *
+- * $Id: bsd-comp.c,v 1.20 1996/08/28 06:31:57 paulus Exp $
++ * $Id: bsd-comp.c,v 1.21 2004/01/17 05:47:55 carlsonj Exp $
+ */
+
+ #ifdef AIX4
+@@ -66,6 +66,10 @@
+ #define BSD_LITTLE_ENDIAN
+ #endif
+
++#ifdef SOL2
++#include <sys/sunddi.h>
++#endif
++
+ #define PACKETPTR mblk_t *
+ #include <net/ppp-comp.h>
+
+diff -ruN ppp-2.4.2/modules/deflate.c ppp-cvs-20040427/modules/deflate.c
+--- ppp-2.4.2/modules/deflate.c 2002-12-06 10:49:15.000000000 +0100
++++ ppp-cvs-20040427/modules/deflate.c 2004-01-17 06:50:11.000000000 +0100
+@@ -35,7 +35,7 @@
+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+- * $Id: deflate.c,v 1.11 2002/12/06 09:49:15 paulus Exp $
++ * $Id: deflate.c,v 1.12 2004/01/17 05:47:55 carlsonj Exp $
+ */
+
+ #ifdef AIX4
+@@ -56,6 +56,10 @@
+ #include "../common/zlib.h"
+ #endif
+
++#ifdef SOL2
++#include <sys/sunddi.h>
++#endif
++
+ #if DO_DEFLATE
+
+ #define DEFLATE_DEBUG 1
+diff -ruN ppp-2.4.2/modules/vjcompress.c ppp-cvs-20040427/modules/vjcompress.c
+--- ppp-2.4.2/modules/vjcompress.c 1999-09-17 04:03:56.000000000 +0200
++++ ppp-cvs-20040427/modules/vjcompress.c 2004-01-17 06:50:11.000000000 +0100
+@@ -29,7 +29,7 @@
+ * This version is used under SunOS 4.x, Digital UNIX, AIX 4.x,
+ * and SVR4 systems including Solaris 2.
+ *
+- * $Id: vjcompress.c,v 1.10 1999/09/15 23:49:06 masputra Exp $
++ * $Id: vjcompress.c,v 1.11 2004/01/17 05:47:55 carlsonj Exp $
+ */
+
+ #include <sys/types.h>
+@@ -56,6 +56,10 @@
+ #include <netinet/in_systm.h>
+ #endif
+
++#ifdef SOL2
++#include <sys/sunddi.h>
++#endif
++
+ #include <netinet/ip.h>
+ #include <netinet/tcp.h>
+
+diff -ruN ppp-2.4.2/ppp.texi ppp-cvs-20040427/ppp.texi
+--- ppp-2.4.2/ppp.texi 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/ppp.texi 1996-08-28 08:30:33.000000000 +0200
+@@ -0,0 +1,561 @@
++\input texinfo @c -*-texinfo-*-
++@setfilename ppp.info
++@settitle PPP
++
++@iftex
++@finalout
++@end iftex
++
++@ifinfo
++@format
++START-INFO-DIR-ENTRY
++* PPP: (ppp). Point-to-Point Protocol.
++END-INFO-DIR-ENTRY
++@end format
++
++@titlepage
++@title PPP-2.x Users' Guide
++@author by Paul Mackerras
++@end titlepage
++
++@node Top, Introduction, (dir), (dir)
++
++@ifinfo
++This file documents how to use the ppp-2.x package to set up network
++links over serial lines with the Point-to-Point Protocol.
++
++@end ifinfo
++
++@menu
++* Introduction:: Basic concepts of the Point-to-Point
++ Protocol and the ppp-2.x package.
++* Installation:: How to compile and install the software.
++* Configuration:: How to set up your system for
++ establishing a link to another system.
++* Security:: Avoid creating security holes.
++* Compression:: Using compression of various kinds
++ to improve throughput.
++@end menu
++
++@node Introduction, Installation, Top, Top
++@chapter Introduction
++
++The Point-to-Point Protocol (PPP) is the protocol of choice for
++establishing network links over serial lines. This package (ppp-2.x)
++provides an implementation of PPP which supports the Internet Protocols
++(TCP/IP, UDP/IP, etc.) and which runs on a range of Unix workstations.
++
++A typical use of PPP is to provide a network connection, via a modem,
++between a workstation and an Internet Service Provider (ISP). When this
++connection is established, the workstation is connected to the internet,
++and applications running on the workstation can then make connections to
++other hosts anywhere on the internet. This package can be used at
++either or both ends of such a link.
++
++Features of PPP include:
++@itemize @bullet
++@item
++Multi-protocol support. The PPP packet encapsulation includes a
++protocol field, allowing packets from many different protocols to be
++multiplexed across a single link.
++@item
++Negotiation of link characteristics. During link establishment, the two
++systems negotiate about the link configuration parameters, such as the
++IP addresses of each end of the link.
++@item
++Authentication. Optionally, each system can be configured to require the
++other system to authenticate itself. In this way, access can be
++restricted to authorized systems.
++@item
++Transparency. On asynchronous serial lines, PPP can be configured to
++transmit certain characters as a two-character escape sequence.
++@item
++Compression. PPP includes support for various kinds of compression to
++be applied to the packets before they are transmitted.
++@end itemize
++
++The ppp-2.x software consists of two parts:
++
++@itemize @bullet
++
++@item
++Kernel code, which establishes a network interface and passes packets
++between the serial port, the kernel networking code and the PPP daemon
++(@file{pppd}). This code is implemented using STREAMS modules on
++Solaris 2, SunOS 4.x, AIX 4.1 and OSF/1, and as a tty line discipline
++under Ultrix, NextStep, NetBSD, FreeBSD, and Linux.
++
++@item
++The PPP daemon (@file{pppd}), which negotiates with the peer to
++establish the link and sets up the ppp network interface. Pppd includes
++support for authentication. It can authenticate itself to the other
++system and/or require the other system to authenticate itself, so that
++you can control which other systems may make a PPP connection and what
++IP addresses they may use.
++@end itemize
++
++@menu
++* PPP Concepts:: Basic concepts and terms used with PPP.
++* PPP packet format:: How data is packaged up for transmission.
++* LCP negotiation:: The parameters which are negotiated
++ using the Link Control Protocol.
++* IPCP negotiation:: The parameters which are negotiated
++ using the IP Control Protocol.
++@end menu
++
++@node PPP Concepts, PPP packet format, Introduction, Introduction
++@section PPP Concepts
++
++To use PPP to provide a network connection between two machines, there
++must be some way that a stream of bytes, or characters, can be passed
++from one to the other, in both directions independently. We refer to
++this as the ``serial link''. Very often the serial link involves
++asynchronous communications ports and modems, but other kinds of serial
++link are possible.
++
++The serial link must transmit (at least) 8 bits per character; PPP
++cannot work over a serial link which transmits only 7 bits per
++character. However, it need not transmit all byte values transparently.
++PPP has a mechanism to avoid sending certain characters if it is known
++that the some element of the serial link interprets them specially. For
++example, the DC1 and DC3 ASCII characters (control-Q and control-S) may
++be trapped by a modem if it is set for ``software'' flow control. PPP
++can send these characters as a two-character ``escape'' sequence. The
++set of characters which are to be transmitted as an escape sequence is
++represented in an ``async control character map'' (ACCM). The ``async''
++part refers to the fact that this facility is used for asynchronous
++serial links. For synchronous serial connections, the HDLC bit-stuffing
++procedure is used instead.
++
++The two systems connected by the serial link are called ``peers''. When
++we are talking from the point of view of one of the systems, the other
++is often referred to as ``the peer''. Sometimes we may refer to one
++system as a ``client'' and the other as a ``server''. This distinction
++refers mainly to the way the serial link is set up; usually the client
++is the peer that initiates the connection, for example by dialling the
++server with its modem.
++
++During the lifetime of a PPP connection, it proceeds through several
++phases:
++
++@enumerate
++@item
++Serial link establishment. In this phase, the serial link is set up and
++PPP protocol software is attached to each end of the serial link. The
++precise steps involved in doing this vary greatly, depending on the
++nature of the serial link. For the common case of modems connected
++through the telephone network, this involves first sending commands to
++the modem to cause it to dial the remote system. When the remote system
++answers, the local system usually has to supply a username and password,
++and then issue a command to invoke PPP software on the remote system.
++The ``chat'' program supplied with ppp-2.x provides a way to automate a
++dialog with the modem and the remote system. This phase is not
++standardized; it is outside the scope of the PPP protocol
++specifications.
++
++@item
++Link Control Protocol (LCP) negotiation. In this phase, the peers send
++LCP packets to each other to negotiate various parameters of the
++connection, such as the ACCM to be used in each direction, whether
++authentication is required, and whether or not to use various forms of
++compression. When the peers reach agreement on these parameters, LCP is
++said to be ``up''.
++
++@item
++Authentication. If one (or both) of the peers requires the other
++peer to authenticate itself, that occurs next. If one of the peers
++cannot successfully authenticate itself, the other peer terminates the
++link.
++
++@item
++Network Control Protocol (NCP) negotiation. PPP can potentially support
++several different network protocols, although IP is the only network
++protocol (NP) supported by the ppp-2.x package. Each NP has an
++associated NCP defined for it, which is used to negotiate the specific
++parameters which affect that NP. For example, the IP Control Protocol
++(IPCP) is used to negotiate the IP addresses for each end of the link,
++and whether the TCP header compression method described by Van Jacobsen
++in RFC 1144 (``VJ compression'') is to be used.
++
++@item
++Network communication. When each NCP has successfully negotiated the
++parameters for its NP, that NCP is said to be ``up''. At that point,
++the PPP link is made available for data traffic from that NP. For
++example, when IPCP comes up, the PPP link is then available for carrying
++IP packets (which of course includes packets from those protocols which
++are layered above IP, such as TCP, UDP, etc.)
++
++@item
++Termination. When the link is no longer required, it is terminated.
++Usually this involves an exchange of LCP packets so that one peer can
++notify the other that it is shutting down the link, enabling both peers
++to shut down in an orderly manner. But of course there are occasions
++when the link terminates because the serial link is interrupted, for
++example, when a modem loses carrier and hangs up.
++
++@end enumerate
++
++The protocols in the PPP family are produced by the Point-to-Point
++Working Group of the Internet Engineering Task Force, and are specified
++in RFC (Request for Comments) documents, available by anonymous FTP from
++several sites.
++
++PPP is defined in several RFCs, in
++particular RFCs 1661, 1662, and 1334. IPCP is defined in RFC 1332.
++Other RFCs describe the control protocols for other network protocols
++(e.g., DECnet, OSI, Appletalk). RFCs are available by anonymous FTP
++from several sites including nic.ddn.mil, nnsc.nsf.net, nic.nordu.net,
++ftp.nisc.sri.com, and munnari.oz.au.
++
++@node PPP packet format, LCP negotiation, PPP Concepts, Introduction
++@section PPP packet format
++
++PPP transmits packets over the serial link using a simple encapsulation
++scheme. First, a two-byte PPP Protocol field is inserted before the
++data to be sent. The value in this field identifies
++which higher-level protocol (either a network protocol such as IP or a
++PPP control protocol such as LCP) should receive the data in the packet.
++By default, a one-byte Address field with the value 0xFF, and a one-byte
++Control field with the value 0x03, are inserted before the PPP Protocol
++field (apparently this is supposed to provide compatibility with HDLC,
++in case there is a synchronous to asynchronous converter in the serial
++link).
++
++On slow serial links, these fields can be compressed down to one byte in
++most cases. The PPP Address and Control fields are compressed by simply
++omitting them (``address/control compression''). The PPP Protocol field
++values are chosen so that bit 0 (the least-significant bit) of the first
++(most significant) byte is always 0, and bit 0 of the second byte is
++always 1. The PPP Protocol field can be compressed by omitting the
++first byte, provided that it is 0 (``protocol compression''). The
++values for this field are assigned so that the first byte is zero for
++all of the commonly-used network protocols. For example, the PPP
++Protocol field value for IP is 0x21.
++
++For asynchronous serial links, which do not provide any packet framing
++or transparency, a further encapsulation is used as follows. First a
++16-bit Frame Check Sequence (FCS) is computed over the packet to be
++sent, and appended as two bytes to the end of the packet.
++
++Then each byte of the packet is examined, and if it contains one of the
++characters which are to be escaped, it is replaced by a two byte
++sequence: the 0x7d character '}', followed by the character with bit 5
++inverted. For example, the control-C character (0x03) could be replaced
++by the two-byte sequence 0x7d, 0x23 ('}#'). The 0x7d and 0x7e ('~')
++characters are always escaped, and the 0x5e ('^') character may not be
++escaped.
++
++Finally, a ``flag'' character (0x7e, '~') is inserted at the beginning
++and end of the packet to mark the packet boundaries. The initial flag
++may be omitted if this packet immediately follows another packet, as the
++ending flag for the previous packet can serve as the beginning flag of
++this packet.
++
++@node LCP negotiation, IPCP negotiation, PPP packet format, Introduction
++@section LCP negotiation
++
++The LCP negotiation process actually involves two sets of negotiations,
++one for each direction of the PPP connection. Thus A will send B
++packets (``Configure-Requests'') describing what characteristics A would
++like to have apply to the B -> A direction of the link, that is, to the
++packets that A will receive. Similarly B will send A packets describing
++the characteristics it would like to have apply to the packets it will
++be receiving. These characteristics need not necessarily be the same in
++both directions.
++
++The parameters which are negotiated for each direction of the connection
++using LCP are:
++
++@itemize @bullet
++@item
++Maximum Receive Unit (MRU): indicates the maximum packet size which we
++are prepared to receive (specifically the maximum size of the
++data portion of the packet). The default value is 1500, but on
++slow serial links, smaller values give better response. The choice of
++MRU is discussed below (see xxx).
++
++@item
++Async Control Character Map (ACCM): indicates the set of control
++characters (characters with ASCII values in the range 0 - 31) which we
++wish to receive in escaped form. The default is that the sender should
++escape all characters in the range 0 - 31.
++
++@item
++Authentication Protocol: indicates which protocol we would like the peer
++to use to authenticate itself. Common choices are the Password
++Authentication Protocol (PAP) and the Cryptographic Handshake
++Authentication Protocol (CHAP).
++
++@item
++Quality Protocol: indicates which protocol which we would like the peer
++to use to send us link quality reports. The ppp-2.x package does not
++currently support link quality reports.
++
++@item
++Magic Number: a randomly-chosen number, different from the peer's magic
++number. If we persistently receive our own magic number in the peer's
++configure-request packets, then we can conclude that the serial link is
++looped back.
++
++@item
++Protocol Field Compression: indicates that we wish the peer to compress
++the PPP Protocol field to one byte, where possible, in the packets it
++sends.
++
++@item
++Address/Control Field Compression: indicates that we wish the peer to
++compress the PPP Address/Control fields (by simply omitting them) in the
++packets it sends.
++@end itemize
++
++@node IPCP negotiation, , LCP negotiation, Introduction
++@section IPCP negotiation
++
++The IPCP negotiation process is very similar to the LCP negotiation
++process, except that of course different parameters are negotiated.
++The parameters which are negotiated using IPCP are:
++
++@itemize @bullet
++@item
++IP Address: the IP address (32-bit host IP number) which we plan to use
++as the local address for our end of the link.
++
++@item
++TCP header compression: indicates (a) that we wish the peer to compress
++the TCP/IP headers of TCP/IP packets that it sends, using the Van
++Jacobson algorithm as described in RFC1144; (b) the maximum slot ID that
++we wish the peer to use, and (c) whether we are prepared to accept
++packets with the slot ID field compressed (omitted).
++
++With Van Jacobson (VJ) compression, the receiver and transmitter (for
++one direction of the connection) both keep a table, with a certain
++number of ``slots'', where each slot holds the TCP/IP header of the most
++recently transmitted packet for one TCP connection. If a packet is to
++be transmitted for a TCP connection which does not have a slot currently
++allocated, the VJ scheme will allocate one of the slots and send the
++entire TCP/IP header, together with the slot number. For many packets,
++there will be a slot already allocated for the TCP connection, and the
++VJ scheme will then often be able to replace the entire TCP/IP header
++with a much smaller compressed header (typically only 3 - 7 bytes)
++describing which fields of the TCP/IP header have changed, and by how
++much. If there are many more active connections than slots, the
++efficiency of the VJ scheme will drop, because it will not be able to
++send compressed headers as often.
++
++Usually the compressed header includes a one-byte slot index, indicating
++which TCP connection the packet is for. It is possible to reduce the
++header size by omitting the slot index when the packet has the same slot
++index as the previous packet. However, this introduces a danger if the
++lower levels of the PPP software can sometimes drop damaged packets
++without informing the VJ decompressor, as it may then assume the wrong
++slot index for packets which have the slot index field omitted. With
++the ppp-2.x software, however, the probability of this happening is
++generally very small (see xxx).
++
++@end itemize
++
++@node Installation, Configuration, Introduction, Top
++@chapter Installation
++
++Because ppp-2.x includes code which must be incorporated into the
++kernel, its installation process is necessarily quite heavily
++system-dependent. In addition, you will require super-user privileges
++(root access) to install the code.
++
++Some systems provide a ``modload'' facility, which allows you to load
++new code into a running kernel without relinking the kernel or
++rebooting. Under Solaris 2, SunOS 4.x, Linux, OSF/1 and NextStep, this
++is the recommended (or only) way to install the kernel portion of the
++ppp-2.x package.
++
++Under the remaining supported operating systems (NetBSD, FreeBSD,
++Ultrix), it is necessary to go through the process of creating a new
++kernel image and reboot. (Note that NetBSD and FreeBSD have a modload
++facility, but ppp-2.x is currently not configured to take advantage of
++it.)
++
++Detailed installation instructions for each operating system are
++contained in the README files in the ppp-2.x distribution. In general,
++the process involves executing the commands @samp{./configure},
++@samp{make} and (as root) @samp{make install} in the ppp-2.x
++distribution directory. (The Linux port requires the installation of
++some header files before compiling; see README.linux for details.)
++
++@node Configuration, Security, Installation, Top
++@chapter Configuration
++
++Once the ppp-2.x software is installed, you need to configure your
++system for the particular PPP connections you wish to allow. Typically,
++the elements you need to configure are:
++
++@itemize @bullet
++@item
++How the serial link is established and how pppd gets invoked.
++@item
++Setting up syslog to log messages from pppd to the console and/or
++system log files.
++@item
++Pppd options to be used.
++@item
++Authentication secrets to use in authenticating us to the peer
++and/or the peer to us.
++@item
++The IP addresses for each end of the link.
++@end itemize
++
++In most cases, the system you are configuring will either be a
++@dfn{client} system, actively initiating a PPP connection on user
++request, or it will be a @dfn{server} system, passively waiting for
++connections from client systems. Other arrangements are possible, but
++the instructions in this system assume that you are configuring either a
++client or a server.
++
++These instructions also assume that the serial link involves a serial
++communications port (that is, a tty device), since pppd requires a
++serial port.
++
++@menu
++* Client machines::
++* Server machines::
++* Setting up syslog::
++* Pppd options::
++* Authentication secrets files::
++* IP Addresses::
++@end menu
++
++@node Client machines, Server machines, Configuration, Configuration
++@section Client machines
++
++On a client machine, the way that the user requests that a connection be
++established is by running pppd, either directly or through a shell
++script. Pppd should be given the name of the serial port to use as an
++option. In this mode, pppd will fork and detach itself from its
++controlling terminal, so that the shell will return to its prompt. (If
++this behaviour is not desired, use the -detach option.)
++
++Usually, the connect option should also be used. The connect option
++takes an argument which is a command to run to establish the serial link
++and invoke PPP software on the remote machine. This command is run with
++its standard input and standard output connected to the serial port.
++Giving the connect option to pppd also has the side-effect of causing
++pppd to open the serial port without waiting for the modem carrier
++detect signal.
++
++The process of establishing the serial link often involves a dialog. If
++the serial port is connected to a modem, we first need to send some
++commands to the modem to configure it and dial the remote system. Often
++there is then a dialog with the remote system to supply a username and
++password. The @file{chat} program supplied with the ppp-2.x package is
++useful for automating such dialogs. Chat uses a @dfn{script} consisting
++of alternately strings to expect to receive on the serial port, and
++strings to send on the serial port. The script can also specify strings
++which indicate an error and abort the dialog.
++
++@node Server machines, , Client machines, Configuration
++@section Server machines
++
++There are generally three ways in which a server machine can be set up
++to allow client machines to establish a PPP link:
++
++@enumerate
++@item
++Client machines log in as regular users (often via a serial port
++connected to a modem, but possibly through a telnet or rlogin session)
++and then run pppd as a shell command.
++@item
++Client machines log in using a username whose login shell is pppd
++or a script which runs pppd.
++@item
++Client machines connect to a serial port which has a pppd running
++permanently on it (instead of a "getty" or other program providing a
++login service).
++@end enumerate
++
++Method 1 is very simple to set up, and is useful where existing users of
++a system have remote machines (for example at home) from which they want
++to establish a PPP connection from time to time. Methods 2 and 3
++possibly have a security advantage in that they do not allow PPP client
++systems access to a shell. Method 2 allows regular logins and PPP
++connections on the same port, while with method 3, would-be crackers may
++well be frustrated (unless they speak fluent PPP).
++
++With any of these methods, I strongly recommend that you configure PPP
++to require authentication from the client, by including the `auth'
++option in the /etc/ppp/options file.
++
++@node Setting up syslog, , Server machines, Configuration
++@section Setting up syslog
++
++Pppd uses the @file{syslog} facility to report information about the
++state of the connection, as does @file{chat}. It is useful to set up
++syslog to print some of these messages on the console, and to record
++most of them to a file. The messages from pppd are logged with facility
++@samp{daemon} and one of three levels:
++@itemize @bullet
++@item
++@samp{notice} for messages about important events such as the
++connection becoming available for IP traffic and the local and remote IP
++addresses in use.
++@item
++@samp{info} for messages about less important events, such as
++detecting a modem hangup.
++@item
++@samp{debug} for messages which are of use in working out why the
++connection is not working properly.
++@end itemize
++
++The messages from chat are logged with facility @samp{local2} and level
++@samp{debug}.
++
++Syslog is controlled by the syslog configuration file
++@file{/etc/syslog.conf}. Generally the standard configuration will log
++facility @samp{daemon} messages with level @samp{notice} and above to a
++system log file such as @file{/var/log/syslog} (the name may vary on
++different systems). I find it useful to have the notice level messages
++from pppd displayed on the console, and all messages from pppd and chat
++logged to a file such as @file{/etc/ppp/log}. To achieve this,
++find the line in /etc/syslog.conf which has /dev/console
++on the right-hand side, and add `daemon.notice' on the left. This
++line should end up something like this:
++
++@example
++*.err;kern.debug;auth.notice;mail.crit;daemon.notice /dev/console
++@end example
++
++And add a line like this:
++
++@example
++daemon,local2.debug /etc/ppp/log
++@end example
++
++The space between the left and right hand sides is one or more tabs, not
++spaces, and there are no tabs or spaces at the beginning of the line.
++
++You will need to create an empty @file{/etc/ppp/log} file; syslogd will
++not create it. Once you have modified @file{/etc/syslog.conf}, you need
++to either reboot or notify syslogd to re-read the file. On most
++systems, you notify syslogd by sending it a SIGHUP signal. Syslogd's
++process ID is usually stored in a file such as @file{/etc/syslogd.pid}
++or @file{/var/run/syslog.pid}. Thus you can notify syslogd to re-read
++the file by executing a command such as:
++
++@example
++kill -HUP `cat /etc/syslogd.pid`
++@end example
++
++@node Pppd options, , Setting up syslog, Configuration
++@section Pppd options
++
++@node Authentication secrets files, , Pppd options, Configuration
++@section Authentication secrets files
++
++@node IP Addresses, , Authentication secrets files, Configuration
++@section IP Addresses
++
++@node Security, Compression, Configuration, Top
++@chapter Security
++
++@node Compression, , Security, Top
++@chapter Compression
++
++@bye
+diff -ruN ppp-2.4.2/pppd/Makefile.sol2 ppp-cvs-20040427/pppd/Makefile.sol2
+--- ppp-2.4.2/pppd/Makefile.sol2 2003-11-27 22:25:25.000000000 +0100
++++ ppp-cvs-20040427/pppd/Makefile.sol2 2002-11-02 20:50:09.000000000 +0100
+@@ -1,6 +1,6 @@
+ #
+ # Makefile for pppd under Solaris 2.
+-# $Id: Makefile.sol2,v 1.24 2003/11/27 21:25:25 paulus Exp $
++# $Id: Makefile.sol2,v 1.23 2002/11/02 19:48:12 carlsonj Exp $
+ #
+
+ include ../Makedefs.com
+@@ -8,8 +8,8 @@
+ CFLAGS = -I../include -DSVR4 -DSOL2 $(COPTS)
+ LIBS = -lsocket -lnsl
+
+-OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o eap.o md5.o \
+- tty.o ccp.o ecp.o auth.o options.o demand.o utils.o sys-solaris.o
++OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o eap.o md5.o tty.o \
++ ccp.o ecp.o auth.o options.o demand.o utils.o sys-solaris.o
+
+ #
+ # uncomment the following to enable plugins
+diff -ruN ppp-2.4.2/pppd/Makefile.sunos4 ppp-cvs-20040427/pppd/Makefile.sunos4
+--- ppp-2.4.2/pppd/Makefile.sunos4 2003-11-27 22:25:25.000000000 +0100
++++ ppp-cvs-20040427/pppd/Makefile.sunos4 2002-11-02 20:50:09.000000000 +0100
+@@ -1,6 +1,6 @@
+ #
+ # Makefile for pppd under SunOS 4.
+-# $Id: Makefile.sunos4,v 1.14 2003/11/27 21:25:25 paulus Exp $
++# $Id: Makefile.sunos4,v 1.13 2002/11/02 19:48:12 carlsonj Exp $
+ #
+
+ include ../sunos4/Makedefs
+@@ -12,7 +12,7 @@
+
+ all: pppd
+
+-OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o md5.o ccp.o ecp.o \
++OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o ccp.o ecp.o \
+ auth.o options.o demand.o utils.o sys-sunos4.o tty.o eap.o
+
+ pppd: $(OBJS)
+diff -ruN ppp-2.4.2/pppd/chap-new.c ppp-cvs-20040427/pppd/chap-new.c
+--- ppp-2.4.2/pppd/chap-new.c 2003-11-27 23:22:36.000000000 +0100
++++ ppp-cvs-20040427/pppd/chap-new.c 2004-01-17 06:50:11.000000000 +0100
+@@ -33,7 +33,7 @@
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+-#define RCSID "$Id: chap-new.c,v 1.3 2003/11/27 22:22:36 paulus Exp $"
++#define RCSID "$Id: chap-new.c,v 1.4 2004/01/17 05:47:55 carlsonj Exp $"
+
+ #include <stdlib.h>
+ #include <string.h>
+@@ -49,7 +49,7 @@
+ int (*chap_verify_hook)(char *name, char *ourname, int id,
+ struct chap_digest_type *digest,
+ unsigned char *challenge, unsigned char *response,
+- unsigned char *message, int message_space) = NULL;
++ char *message, int message_space) = NULL;
+
+ /*
+ * Option variables.
+@@ -119,7 +119,7 @@
+ static int chap_verify_response(char *name, char *ourname, int id,
+ struct chap_digest_type *digest,
+ unsigned char *challenge, unsigned char *response,
+- unsigned char *message, int message_space);
++ char *message, int message_space);
+ static void chap_respond(struct chap_client_state *cs, int id,
+ unsigned char *pkt, int len);
+ static void chap_handle_status(struct chap_client_state *cs, int code, int id,
+@@ -306,11 +306,11 @@
+ {
+ int response_len, ok, mlen;
+ unsigned char *response, *p;
+- unsigned char *name = NULL; /* initialized to shut gcc up */
++ char *name = NULL; /* initialized to shut gcc up */
+ int (*verifier)(char *, char *, int, struct chap_digest_type *,
+- unsigned char *, unsigned char *, unsigned char *, int);
++ unsigned char *, unsigned char *, char *, int);
+ char rname[MAXNAMELEN+1];
+- unsigned char message[256];
++ char message[256];
+
+ if ((ss->flags & LOWERUP) == 0)
+ return;
+@@ -322,7 +322,7 @@
+ response = pkt;
+ GETCHAR(response_len, pkt);
+ len -= response_len + 1; /* length of name */
+- name = pkt + response_len;
++ name = (char *)pkt + response_len;
+ if (len < 0)
+ return;
+
+@@ -391,14 +391,14 @@
+ chap_verify_response(char *name, char *ourname, int id,
+ struct chap_digest_type *digest,
+ unsigned char *challenge, unsigned char *response,
+- unsigned char *message, int message_space)
++ char *message, int message_space)
+ {
+ int ok;
+- char secret[MAXSECRETLEN];
++ unsigned char secret[MAXSECRETLEN];
+ int secret_len;
+
+ /* Get the secret that the peer is supposed to know */
+- if (!get_secret(0, name, ourname, secret, &secret_len, 1)) {
++ if (!get_secret(0, name, ourname, (char *)secret, &secret_len, 1)) {
+ error("No CHAP secret found for authenticating %q", name);
+ return 0;
+ }
+diff -ruN ppp-2.4.2/pppd/chap-new.h ppp-cvs-20040427/pppd/chap-new.h
+--- ppp-2.4.2/pppd/chap-new.h 2003-06-11 14:47:31.000000000 +0200
++++ ppp-cvs-20040427/pppd/chap-new.h 2004-01-17 06:50:12.000000000 +0100
+@@ -123,7 +123,7 @@
+ extern int (*chap_verify_hook)(char *name, char *ourname, int id,
+ struct chap_digest_type *digest,
+ unsigned char *challenge, unsigned char *response,
+- unsigned char *message, int message_space);
++ char *message, int message_space);
+
+ /* Called by digest code to register a digest type */
+ extern void chap_register_digest(struct chap_digest_type *);
+diff -ruN ppp-2.4.2/pppd/chap_ms.c ppp-cvs-20040427/pppd/chap_ms.c
+--- ppp-2.4.2/pppd/chap_ms.c 2003-11-18 11:42:56.000000000 +0100
++++ ppp-cvs-20040427/pppd/chap_ms.c 2004-04-14 04:40:21.000000000 +0200
+@@ -74,7 +74,7 @@
+ *
+ */
+
+-#define RCSID "$Id: chap_ms.c,v 1.30 2003/07/10 17:59:33 fcusack Exp $"
++#define RCSID "$Id: chap_ms.c,v 1.31 2004/04/14 02:39:39 carlsonj Exp $"
+
+ #ifdef CHAPMS
+
+@@ -164,9 +164,11 @@
+ chapms_generate_challenge(unsigned char *challenge)
+ {
+ *challenge++ = 8;
++#ifdef DEBUGMPPEKEY
+ if (mschap_challenge && strlen(mschap_challenge) == 8)
+ memcpy(challenge, mschap_challenge, 8);
+ else
++#endif
+ random_bytes(challenge, 8);
+ }
+
+@@ -174,9 +176,11 @@
+ chapms2_generate_challenge(unsigned char *challenge)
+ {
+ *challenge++ = 16;
++#ifdef DEBUGMPPEKEY
+ if (mschap_challenge && strlen(mschap_challenge) == 16)
+ memcpy(challenge, mschap_challenge, 16);
+ else
++#endif
+ random_bytes(challenge, 16);
+ }
+
+@@ -207,7 +211,7 @@
+ #endif
+
+ /* Generate the expected response. */
+- ChapMS(challenge, secret, secret_len, &md);
++ ChapMS(challenge, (char *)secret, secret_len, &md);
+
+ #ifdef MSLANMAN
+ /* Determine which part of response to verify against */
+@@ -250,8 +254,8 @@
+
+ /* Generate the expected response and our mutual auth. */
+ ChapMS2(challenge, rmd->PeerChallenge, name,
+- secret, secret_len, &md,
+- saresponse, MS_CHAP2_AUTHENTICATOR);
++ (char *)secret, secret_len, &md,
++ (unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR);
+
+ /* compare MDs and send the appropriate status */
+ /*
+@@ -326,8 +330,13 @@
+ {
+ challenge++; /* skip length, should be 16 */
+ *response++ = MS_CHAP2_RESPONSE_LEN;
+- ChapMS2(challenge, mschap2_peer_challenge, our_name,
+- secret, secret_len,
++ ChapMS2(challenge,
++#ifdef DEBUGMPPEKEY
++ mschap2_peer_challenge,
++#else
++ NULL,
++#endif
++ our_name, secret, secret_len,
+ (MS_Chap2Response *) response, private,
+ MS_CHAP2_AUTHENTICATEE);
+ }
+@@ -335,7 +344,8 @@
+ static int
+ chapms2_check_success(unsigned char *msg, int len, unsigned char *private)
+ {
+- if ((len < MS_AUTH_RESPONSE_LENGTH + 2) || strncmp(msg, "S=", 2)) {
++ if ((len < MS_AUTH_RESPONSE_LENGTH + 2) ||
++ strncmp((char *)msg, "S=", 2) != 0) {
+ /* Packet does not start with "S=" */
+ error("MS-CHAPv2 Success packet is badly formed.");
+ return 0;
+@@ -351,7 +361,7 @@
+ /* Authenticator Response matches. */
+ msg += MS_AUTH_RESPONSE_LENGTH; /* Eat it */
+ len -= MS_AUTH_RESPONSE_LENGTH;
+- if ((len >= 3) && !strncmp(msg, " M=", 3)) {
++ if ((len >= 3) && !strncmp((char *)msg, " M=", 3)) {
+ msg += 3; /* Eat the delimiter */
+ } else if (len) {
+ /* Packet has extra text which does not begin " M=" */
+@@ -477,7 +487,7 @@
+ SHA1_Init(&sha1Context);
+ SHA1_Update(&sha1Context, PeerChallenge, 16);
+ SHA1_Update(&sha1Context, rchallenge, 16);
+- SHA1_Update(&sha1Context, user, strlen(user));
++ SHA1_Update(&sha1Context, (unsigned char *)user, strlen(user));
+ SHA1_Final(sha1Hash, &sha1Context);
+
+ BCOPY(sha1Hash, Challenge, 8);
+@@ -512,7 +522,7 @@
+ MD4_CTX md4Context;
+
+ MD4Init(&md4Context);
+- MD4Update(&md4Context, secret, mdlen);
++ MD4Update(&md4Context, (unsigned char *)secret, mdlen);
+ MD4Final(hash, &md4Context);
+
+ }
+@@ -526,7 +536,7 @@
+
+ /* Hash the Unicode version of the secret (== password). */
+ ascii2unicode(secret, secret_len, unicodePassword);
+- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
++ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
+
+ ChallengeResponse(rchallenge, PasswordHash, NTResponse);
+ }
+@@ -539,11 +549,12 @@
+ u_char PasswordHash[MD4_SIGNATURE_SIZE];
+ u_char Challenge[8];
+
+- ChallengeHash(PeerChallenge, rchallenge, username, Challenge);
++ ChallengeHash(PeerChallenge, (unsigned char *)rchallenge, username,
++ Challenge);
+
+ /* Hash the Unicode version of the secret (== password). */
+ ascii2unicode(secret, secret_len, unicodePassword);
+- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
++ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
+
+ ChallengeResponse(Challenge, PasswordHash, NTResponse);
+ }
+@@ -603,8 +614,9 @@
+
+ /* Hash (x2) the Unicode version of the secret (== password). */
+ ascii2unicode(secret, secret_len, unicodePassword);
+- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash);
+- NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash);
++ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash);
++ NTPasswordHash((char *)PasswordHash, sizeof(PasswordHash),
++ PasswordHashHash);
+
+ SHA1_Init(&sha1Context);
+ SHA1_Update(&sha1Context, PasswordHashHash, sizeof(PasswordHashHash));
+@@ -622,7 +634,7 @@
+
+ /* Convert to ASCII hex string. */
+ for (i = 0; i < MAX((MS_AUTH_RESPONSE_LENGTH / 2), sizeof(Digest)); i++)
+- sprintf(&authResponse[i * 2], "%02X", Digest[i]);
++ sprintf((char *)&authResponse[i * 2], "%02X", Digest[i]);
+ }
+
+
+@@ -825,7 +837,7 @@
+ sizeof(response->PeerChallenge));
+
+ /* Generate the NT-Response */
+- ChapMS2_NT(rchallenge, response->PeerChallenge, user,
++ ChapMS2_NT((char *)rchallenge, response->PeerChallenge, user,
+ secret, secret_len, response->NTResp);
+
+ /* Generate the Authenticator Response. */
+diff -ruN ppp-2.4.2/pppd/fsm.c ppp-cvs-20040427/pppd/fsm.c
+--- ppp-2.4.2/pppd/fsm.c 2003-06-29 12:06:14.000000000 +0200
++++ ppp-cvs-20040427/pppd/fsm.c 2004-02-02 05:00:11.000000000 +0100
+@@ -40,7 +40,7 @@
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+-#define RCSID "$Id: fsm.c,v 1.20 2003/06/29 10:06:14 paulus Exp $"
++#define RCSID "$Id: fsm.c,v 1.22 2004/02/02 03:57:19 carlsonj Exp $"
+
+ /*
+ * TODO:
+@@ -201,6 +201,44 @@
+ }
+ }
+
++/*
++ * terminate_layer - Start process of shutting down the FSM
++ *
++ * Cancel any timeout running, notify upper layers we're done, and
++ * send a terminate-request message as configured.
++ */
++static void
++terminate_layer(f, nextstate)
++ fsm *f;
++ int nextstate;
++{
++ if( f->state != OPENED )
++ UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */
++ else if( f->callbacks->down )
++ (*f->callbacks->down)(f); /* Inform upper layers we're down */
++
++ /* Init restart counter and send Terminate-Request */
++ f->retransmits = f->maxtermtransmits;
++ fsm_sdata(f, TERMREQ, f->reqid = ++f->id,
++ (u_char *) f->term_reason, f->term_reason_len);
++
++ if (f->retransmits == 0) {
++ /*
++ * User asked for no terminate requests at all; just close it.
++ * We've already fired off one Terminate-Request just to be nice
++ * to the peer, but we're not going to wait for a reply.
++ */
++ f->state = nextstate == CLOSING ? CLOSED : STOPPED;
++ if( f->callbacks->finished )
++ (*f->callbacks->finished)(f);
++ return;
++ }
++
++ TIMEOUT(fsm_timeout, f, f->timeouttime);
++ --f->retransmits;
++
++ f->state = nextstate;
++}
+
+ /*
+ * fsm_close - Start closing connection.
+@@ -230,19 +268,7 @@
+ case ACKRCVD:
+ case ACKSENT:
+ case OPENED:
+- if( f->state != OPENED )
+- UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */
+- else if( f->callbacks->down )
+- (*f->callbacks->down)(f); /* Inform upper layers we're down */
+-
+- /* Init restart counter, send Terminate-Request */
+- f->retransmits = f->maxtermtransmits;
+- fsm_sdata(f, TERMREQ, f->reqid = ++f->id,
+- (u_char *) f->term_reason, f->term_reason_len);
+- TIMEOUT(fsm_timeout, f, f->timeouttime);
+- --f->retransmits;
+-
+- f->state = CLOSING;
++ terminate_layer(f, CLOSING);
+ break;
+ }
+ }
+@@ -689,17 +715,7 @@
+ break;
+
+ case OPENED:
+- if( f->callbacks->down )
+- (*f->callbacks->down)(f);
+-
+- /* Init restart counter, send Terminate-Request */
+- f->retransmits = f->maxtermtransmits;
+- fsm_sdata(f, TERMREQ, f->reqid = ++f->id,
+- (u_char *) f->term_reason, f->term_reason_len);
+- TIMEOUT(fsm_timeout, f, f->timeouttime);
+- --f->retransmits;
+-
+- f->state = STOPPING;
++ terminate_layer(f, STOPPING);
+ break;
+
+ default:
+diff -ruN ppp-2.4.2/pppd/main.c ppp-cvs-20040427/pppd/main.c
+--- ppp-2.4.2/pppd/main.c 2004-01-13 05:00:34.000000000 +0100
++++ ppp-cvs-20040427/pppd/main.c 2004-04-12 13:25:19.000000000 +0200
+@@ -40,7 +40,7 @@
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+-#define RCSID "$Id: main.c,v 1.131 2004/01/13 04:00:34 paulus Exp $"
++#define RCSID "$Id: main.c,v 1.136 2004/04/12 11:20:19 paulus Exp $"
+
+ #include <stdio.h>
+ #include <ctype.h>
+@@ -150,6 +150,7 @@
+ int got_sigterm;
+ int got_sighup;
+
++static sigset_t signals_handled;
+ static int waiting;
+ static sigjmp_buf sigjmp;
+
+@@ -648,16 +649,15 @@
+ handle_events()
+ {
+ struct timeval timo;
+- sigset_t mask;
+
+ kill_link = open_ccp_flag = 0;
+ if (sigsetjmp(sigjmp, 1) == 0) {
+- sigprocmask(SIG_BLOCK, &mask, NULL);
++ sigprocmask(SIG_BLOCK, &signals_handled, NULL);
+ if (got_sighup || got_sigterm || got_sigusr2 || got_sigchld) {
+- sigprocmask(SIG_UNBLOCK, &mask, NULL);
++ sigprocmask(SIG_UNBLOCK, &signals_handled, NULL);
+ } else {
+ waiting = 1;
+- sigprocmask(SIG_UNBLOCK, &mask, NULL);
++ sigprocmask(SIG_UNBLOCK, &signals_handled, NULL);
+ wait_input(timeleft(&timo));
+ }
+ }
+@@ -692,19 +692,18 @@
+ setup_signals()
+ {
+ struct sigaction sa;
+- sigset_t mask;
+
+ /*
+ * Compute mask of all interesting signals and install signal handlers
+ * for each. Only one signal handler may be active at a time. Therefore,
+ * all other signals should be masked when any handler is executing.
+ */
+- sigemptyset(&mask);
+- sigaddset(&mask, SIGHUP);
+- sigaddset(&mask, SIGINT);
+- sigaddset(&mask, SIGTERM);
+- sigaddset(&mask, SIGCHLD);
+- sigaddset(&mask, SIGUSR2);
++ sigemptyset(&signals_handled);
++ sigaddset(&signals_handled, SIGHUP);
++ sigaddset(&signals_handled, SIGINT);
++ sigaddset(&signals_handled, SIGTERM);
++ sigaddset(&signals_handled, SIGCHLD);
++ sigaddset(&signals_handled, SIGUSR2);
+
+ #define SIGNAL(s, handler) do { \
+ sa.sa_handler = handler; \
+@@ -712,7 +711,7 @@
+ fatal("Couldn't establish signal handler (%d): %m", s); \
+ } while (0)
+
+- sa.sa_mask = mask;
++ sa.sa_mask = signals_handled;
+ sa.sa_flags = 0;
+ SIGNAL(SIGHUP, hup); /* Hangup */
+ SIGNAL(SIGINT, term); /* Interrupt */
+@@ -1173,6 +1172,7 @@
+ info("Connect time %d.%d minutes.", t/10, t%10);
+ info("Sent %u bytes, received %u bytes.",
+ link_stats.bytes_out, link_stats.bytes_in);
++ link_stats_valid = 0;
+ }
+ }
+
+@@ -1329,6 +1329,7 @@
+
+ /*
+ * kill_my_pg - send a signal to our process group, and ignore it ourselves.
++ * We assume that sig is currently blocked.
+ */
+ static void
+ kill_my_pg(sig)
+@@ -1336,10 +1337,22 @@
+ {
+ struct sigaction act, oldact;
+
++ sigemptyset(&act.sa_mask); /* unnecessary in fact */
+ act.sa_handler = SIG_IGN;
+ act.sa_flags = 0;
+- sigaction(sig, &act, &oldact);
+ kill(0, sig);
++ /*
++ * The kill() above made the signal pending for us, as well as
++ * the rest of our process group, but we don't want it delivered
++ * to us. It is blocked at the moment. Setting it to be ignored
++ * will cause the pending signal to be discarded. If we did the
++ * kill() after setting the signal to be ignored, it is unspecified
++ * (by POSIX) whether the signal is immediately discarded or left
++ * pending, and in fact Linux would leave it pending, and so it
++ * would be delivered after the current signal handler exits,
++ * leading to an infinite loop.
++ */
++ sigaction(sig, &act, &oldact);
+ sigaction(sig, &oldact, NULL);
+ }
+
+diff -ruN ppp-2.4.2/pppd/plugins/Makefile ppp-cvs-20040427/pppd/plugins/Makefile
+--- ppp-2.4.2/pppd/plugins/Makefile 2004-01-13 04:56:24.000000000 +0100
++++ ppp-cvs-20040427/pppd/plugins/Makefile 1970-01-01 01:00:00.000000000 +0100
+@@ -1,38 +0,0 @@
+-CC = gcc
+-COPTS = -O2 -g
+-CFLAGS = $(COPTS) -I.. -I../../include -fPIC
+-LDFLAGS = -shared
+-INSTALL = install -o root
+-
+-SUBDIRS := rp-pppoe
+-# Uncomment the next line to include the radius authentication plugin
+-# SUBDIRS += radius
+-PLUGINS := minconn.so passprompt.so passwordfd.so
+-
+-# include dependencies if present
+-ifeq (.depend,$(wildcard .depend))
+-include .depend
+-endif
+-
+-all: $(PLUGINS)
+- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all; done
+-
+-%.so: %.c
+- $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^
+-
+-VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../patchlevel.h)
+-LIBDIR = $(DESTDIR)/usr/lib/pppd/$(VERSION)
+-
+-install: $(PLUGINS)
+- $(INSTALL) -d $(LIBDIR)
+- $(INSTALL) $? $(LIBDIR)
+- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d INSTALL=$(INSTALL) \
+- LIBDIR=$(LIBDIR) install; done
+-
+-clean:
+- rm -f *.o *.so *.a
+- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d clean; done
+-
+-depend:
+- $(CPP) -M $(CFLAGS) *.c >.depend
+- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d depend; done
+diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/CVS/Entries 2002-12-04 22:49:09.000000000 +0100
++++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,7 +0,0 @@
+-/pppd-radattr.8/1.1/Tue Jan 22 16:03:00 2002//
+-/pppd-radius.8/1.4/Tue Apr 2 13:55:00 2002//
+-/radattr.c/1.1/Tue Jan 22 16:03:00 2002//
+-D/radiusclient////
+-/Makefile.linux/1.5/Sat Nov 9 11:24:42 2002//
+-/radrealms.c/1.1/Sat Oct 5 04:35:24 2002//
+-/radius.c/1.18/Wed Dec 4 21:49:09 2002//
+diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/CVS/Repository 2002-09-07 12:37:51.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius
+diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/CVS/Root 2002-09-07 12:37:51.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/Makefile ppp-cvs-20040427/pppd/plugins/radius/Makefile
+--- ppp-2.4.2/pppd/plugins/radius/Makefile 2002-11-09 12:24:42.000000000 +0100
++++ ppp-cvs-20040427/pppd/plugins/radius/Makefile 1970-01-01 01:00:00.000000000 +0100
+@@ -1,74 +0,0 @@
+-# Makefile for RADIUS plugin
+-#
+-# Copyright 2002 Roaring Penguin Software Inc.
+-#
+-
+-MANDIR=/usr/man
+-PLUGIN=radius.so radattr.so radrealms.so
+-CFLAGS=-I../.. -I../../../include -Iradiusclient/include -O2
+-
+-# Uncomment the next line to include support for Microsoft's
+-# MS-CHAP authentication protocol.
+-CHAPMS=y
+-# Uncomment the next line to include support for MPPE.
+-MPPE=y
+-# Uncomment the next lint to include support for traffic limiting
+-MAXOCTETS=y
+-
+-ifdef CHAPMS
+-CFLAGS += -DCHAPMS=1
+-ifdef MPPE
+-CFLAGS += -DMPPE=1
+-endif
+-endif
+-ifdef MAXOCTETS
+-CFLAGS += -DMAXOCTETS=1
+-endif
+-
+-all: $(PLUGIN)
+-
+-install: all
+- $(MAKE) $(MFLAGS) -C radiusclient install
+- $(INSTALL) -d -m 755 $(LIBDIR)
+- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
+- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
+- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
+- $(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)/man8
+- $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)/man8
+-
+-radius.so: radiusclient/lib/.libs/libradiusclient.a radius.o
+- gcc -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a
+-
+-radattr.so: radattr.o
+- gcc -o radattr.so -shared radattr.o
+-
+-radrealms.so: radrealms.o
+- gcc -o radrealms.so -shared radrealms.o
+-
+-radius.o: radius.c
+- gcc $(CFLAGS) -c -o radius.o -fPIC radius.c
+-
+-radattr.o: radattr.c
+- gcc $(CFLAGS) -c -o radattr.o -fPIC radattr.c
+-
+-radrealms.o: radrealms.c
+- gcc $(CFLAGS) -c -o radrealms.o -fPIC radrealms.c
+-
+-radiusclient/lib/.libs/libradiusclient.a:
+- test -r radiusclient/Makefile || \
+- (cd radiusclient; \
+- ./configure --prefix=/usr \
+- --sysconfdir=/etc \
+- --enable-shared \
+- --enable-static)
+- $(MAKE) -C radiusclient
+-
+-clean:
+- $(MAKE) $(MFLAGS) -C radiusclient clean
+- rm -f *.o *.so
+-
+-distclean:
+- rm -f *.o *.so
+- $(MAKE) $(MFLAGS) -C radiusclient distclean
+-
+-dist-clean: distclean
+diff -ruN ppp-2.4.2/pppd/plugins/radius/pppd-radius.8 ppp-cvs-20040427/pppd/plugins/radius/pppd-radius.8
+--- ppp-2.4.2/pppd/plugins/radius/pppd-radius.8 2002-04-02 15:55:00.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/pppd-radius.8 2004-03-26 14:30:16.000000000 +0100
+@@ -1,5 +1,5 @@
+ .\" manual page [] for RADIUS plugin for pppd 2.4
+-.\" $Id: pppd-radius.8,v 1.4 2002/04/02 13:55:00 dfs Exp $
++.\" $Id: pppd-radius.8,v 1.5 2004/03/26 13:27:17 kad Exp $
+ .\" SH section heading
+ .\" SS subsection heading
+ .\" LP paragraph
+@@ -40,6 +40,15 @@
+ used, then the plugin uses
+ .I /etc/radiusclient/radiusclient.conf
+ as the configuration file.
++.TP
++.BI "avpair " attribute=value
++Adds an Attribute-Value pair to be passed on to the RADIUS server on each request.
++.TP
++.BI map-to-ifname
++Sets Radius NAS-Port attribute to number equal to interface name (Default)
++.TP
++.BI map-to-ttyname
++Sets Radius NAS-Port attribute value via libradiusclient library
+
+ .SH USAGE
+ To use the plugin, simply supply the
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radius.c ppp-cvs-20040427/pppd/plugins/radius/radius.c
+--- ppp-2.4.2/pppd/plugins/radius/radius.c 2004-01-13 03:26:11.000000000 +0100
++++ ppp-cvs-20040427/pppd/plugins/radius/radius.c 2004-04-12 07:20:16.000000000 +0200
+@@ -24,7 +24,7 @@
+ *
+ ***********************************************************************/
+ static char const RCSID[] =
+-"$Id: radius.c,v 1.22 2004/01/11 08:01:30 paulus Exp $";
++"$Id: radius.c,v 1.25 2004/04/12 05:16:37 kad Exp $";
+
+ #include "pppd.h"
+ #include "chap-new.h"
+@@ -52,10 +52,15 @@
+ char *vpstr;
+ struct avpopt *next;
+ } *avpopt = NULL;
++static bool portnummap = 0;
+
+ static option_t Options[] = {
+ { "radius-config-file", o_string, &config_file },
+ { "avpair", o_special, add_avp },
++ { "map-to-ttyname", o_bool, &portnummap,
++ "Set Radius NAS-Port attribute value via libradiusclient library", OPT_PRIO | 1 },
++ { "map-to-ifname", o_bool, &portnummap,
++ "Set Radius NAS-Port attribute to number as in interface name (Default)", OPT_PRIOSUB | 0 },
+ { NULL }
+ };
+
+@@ -264,7 +269,7 @@
+
+ /* Hack... the "port" is the ppp interface number. Should really be
+ the tty */
+- rstate.client_port = get_client_port(ifname);
++ rstate.client_port = get_client_port(portnummap ? devnam : ifname);
+
+ av_type = PW_FRAMED;
+ rc_avpair_add(&send, PW_SERVICE_TYPE, &av_type, 0, VENDOR_NONE);
+@@ -363,7 +368,7 @@
+ /* Put user with potentially realm added in rstate.user */
+ if (!rstate.done_chap_once) {
+ make_username_realm(user);
+- rstate.client_port = get_client_port (ifname);
++ rstate.client_port = get_client_port (portnummap ? devnam : ifname);
+ if (radius_pre_auth_hook) {
+ radius_pre_auth_hook(rstate.user,
+ &rstate.authserver,
+@@ -881,7 +886,7 @@
+ rc_avpair_add(&send, PW_ACCT_AUTHENTIC, &av_type, 0, VENDOR_NONE);
+
+
+- av_type = PW_ASYNC;
++ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) );
+ rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE);
+
+ hisaddr = ho->hisaddr;
+@@ -981,9 +986,56 @@
+ remote_number, 0, VENDOR_NONE);
+ }
+
+- av_type = PW_ASYNC;
++ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) );
+ rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE);
+
++ av_type = PW_NAS_ERROR;
++ switch( status ) {
++ case EXIT_OK:
++ case EXIT_USER_REQUEST:
++ av_type = PW_USER_REQUEST;
++ break;
++
++ case EXIT_HANGUP:
++ case EXIT_PEER_DEAD:
++ case EXIT_CONNECT_FAILED:
++ av_type = PW_LOST_CARRIER;
++ break;
++
++ case EXIT_INIT_FAILED:
++ case EXIT_OPEN_FAILED:
++ case EXIT_LOCK_FAILED:
++ case EXIT_PTYCMD_FAILED:
++ av_type = PW_PORT_ERROR;
++ break;
++
++ case EXIT_PEER_AUTH_FAILED:
++ case EXIT_AUTH_TOPEER_FAILED:
++ case EXIT_NEGOTIATION_FAILED:
++ case EXIT_CNID_AUTH_FAILED:
++ av_type = PW_SERVICE_UNAVAILABLE;
++ break;
++
++ case EXIT_IDLE_TIMEOUT:
++ av_type = PW_ACCT_IDLE_TIMEOUT;
++ break;
++
++ case EXIT_CONNECT_TIME:
++ av_type = PW_ACCT_SESSION_TIMEOUT;
++ break;
++
++#ifdef MAXOCTETS
++ case EXIT_TRAFFIC_LIMIT:
++ av_type = PW_NAS_REQUEST;
++ break;
++#endif
++
++ default:
++ av_type = PW_NAS_ERROR;
++ break;
++ }
++ rc_avpair_add(&send, PW_ACCT_TERMINATE_CAUSE, &av_type, 0, VENDOR_NONE);
++
+ hisaddr = ho->hisaddr;
+ av_type = htonl(hisaddr);
+ rc_avpair_add(&send, PW_FRAMED_IP_ADDRESS , &av_type , 0, VENDOR_NONE);
+@@ -1077,7 +1129,7 @@
+ remote_number, 0, VENDOR_NONE);
+ }
+
+- av_type = PW_ASYNC;
++ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) );
+ rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE);
+
+ hisaddr = ho->hisaddr;
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Entries 2002-09-07 12:37:54.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,28 +0,0 @@
+-/BUGS/1.1/Tue Jan 22 16:03:00 2002//
+-/CHANGES/1.1/Tue Jan 22 16:03:00 2002//
+-/COPYRIGHT/1.1/Tue Jan 22 16:03:00 2002//
+-/Makefile.am/1.1/Tue Jan 22 16:03:00 2002//
+-/Makefile.in/1.1/Tue Jan 22 16:03:00 2002//
+-/README/1.1/Tue Jan 22 16:03:00 2002//
+-/README.radexample/1.1/Tue Jan 22 16:03:00 2002//
+-/acconfig.h/1.1/Tue Jan 22 16:03:00 2002//
+-/aclocal.m4/1.2/Mon Jun 24 12:57:15 2002//
+-/config.guess/1.1/Tue Jan 22 16:03:00 2002//
+-/config.h.in/1.3/Thu Jul 25 16:29:16 2002//
+-/config.sub/1.1/Tue Jan 22 16:03:00 2002//
+-/configure/1.1/Tue Jan 22 16:03:00 2002//
+-/configure.in/1.1/Tue Jan 22 16:03:00 2002//
+-/install-sh/1.1/Tue Jan 22 16:03:00 2002//
+-/ltconfig/1.1/Tue Jan 22 16:03:00 2002//
+-/ltmain.sh/1.1/Tue Jan 22 16:03:00 2002//
+-/missing/1.1/Tue Jan 22 16:03:00 2002//
+-/mkinstalldirs/1.1/Tue Jan 22 16:03:00 2002//
+-/stamp-h.in/1.1/Tue Jan 22 16:03:00 2002//
+-D/doc////
+-D/etc////
+-D/include////
+-D/lib////
+-D/login.radius////
+-D/man////
+-D/patches////
+-D/src////
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Repository 2002-09-07 12:37:51.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Root 2002-09-07 12:37:51.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Entries 2002-09-07 12:37:52.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,4 +0,0 @@
+-/Makefile.am/1.1/Tue Jan 22 16:03:01 2002//
+-/Makefile.in/1.1/Tue Jan 22 16:03:01 2002//
+-/instop.html/1.1/Tue Jan 22 16:03:01 2002//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Repository 2002-09-07 12:37:52.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/doc
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Root 2002-09-07 12:37:52.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Entries 2002-11-09 12:24:42.000000000 +0100
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,13 +0,0 @@
+-/dictionary.ascend/1.1/Tue Jan 22 16:03:01 2002//
+-/dictionary.compat/1.1/Tue Jan 22 16:03:01 2002//
+-/dictionary.merit/1.1/Tue Jan 22 16:03:01 2002//
+-/dictionary.microsoft/1.1/Wed Mar 6 13:23:09 2002//
+-/issue/1.1/Tue Jan 22 16:03:01 2002//
+-/port-id-map/1.1/Tue Jan 22 16:03:01 2002//
+-/servers/1.1/Tue Jan 22 16:03:01 2002//
+-/Makefile.am/1.4/Sat Nov 9 11:24:42 2002//
+-/Makefile.in/1.5/Sat Nov 9 11:24:42 2002//
+-/dictionary/1.9/Sat Nov 9 11:24:42 2002//
+-/radiusclient.conf.in/1.2/Sat Nov 9 11:24:42 2002//
+-/realms/1.1/Sat Oct 5 04:35:24 2002//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Repository 2002-09-07 12:37:52.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/etc
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Root 2002-09-07 12:37:52.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Entries 2002-12-04 22:49:09.000000000 +0100
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,7 +0,0 @@
+-/Makefile.am/1.1/Tue Jan 22 16:03:01 2002//
+-/Makefile.in/1.1/Tue Jan 22 16:03:01 2002//
+-/includes.h/1.2/Wed Feb 27 15:51:19 2002//
+-/messages.h/1.2/Wed Feb 27 15:51:19 2002//
+-/pathnames.h/1.2/Wed Feb 27 15:51:19 2002//
+-/radiusclient.h/1.9/Wed Dec 4 21:49:09 2002//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Repository 2002-09-07 12:37:52.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/include
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Root 2002-09-07 12:37:52.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Entries 2002-12-04 22:49:09.000000000 +0100
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,20 +0,0 @@
+-/Makefile.am/1.1/Tue Jan 22 16:03:02 2002//
+-/Makefile.in/1.2/Wed Feb 20 02:22:35 2002//
+-/clientid.c/1.2/Wed Feb 27 15:51:20 2002//
+-/dict.c/1.2/Tue Mar 5 15:14:06 2002//
+-/env.c/1.2/Wed Feb 27 15:51:20 2002//
+-/ip_util.c/1.2/Wed Feb 27 15:51:20 2002//
+-/lock.c/1.2/Wed Feb 27 15:51:20 2002//
+-/log.c/1.2/Wed Feb 27 15:51:20 2002//
+-/md5.c/1.2/Wed Feb 27 15:51:20 2002//
+-/memcmp.c/1.2/Wed Feb 27 15:51:20 2002//
+-/sendserver.c/1.4/Tue Apr 2 14:09:35 2002//
+-/strcasecmp.c/1.2/Wed Feb 27 15:51:20 2002//
+-/strdup.c/1.2/Wed Feb 27 15:51:20 2002//
+-/strerror.c/1.2/Wed Feb 27 15:51:20 2002//
+-/util.c/1.2/Wed Feb 27 15:51:20 2002//
+-/buildreq.c/1.4/Sat Nov 9 11:24:43 2002//
+-/config.c/1.3/Sat Nov 9 11:24:43 2002//
+-/options.h/1.2/Sat Nov 9 11:24:43 2002//
+-/avpair.c/1.3/Wed Dec 4 21:49:09 2002//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Repository 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/lib
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Root 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries 2002-09-07 12:37:54.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,5 +0,0 @@
+-/Makefile.am/1.1/Tue Jan 22 16:03:02 2002//
+-/Makefile.in/1.1/Tue Jan 22 16:03:02 2002//
+-/README/1.1/Tue Jan 22 16:03:02 2002//
+-/login.radius/1.1/Tue Jan 22 16:03:02 2002//
+-D/migs////
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/login.radius
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Root 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,7 +0,0 @@
+-/Makefile.am/1.1/Tue Jan 22 16:03:02 2002//
+-/Makefile.in/1.1/Tue Jan 22 16:03:02 2002//
+-/README/1.1/Tue Jan 22 16:03:02 2002//
+-/ip-down/1.1/Tue Jan 22 16:03:02 2002//
+-/ip-up/1.1/Tue Jan 22 16:03:02 2002//
+-/login.radius/1.1/Tue Jan 22 16:03:02 2002//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/login.radius/migs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Entries 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,3 +0,0 @@
+-/Makefile.am/1.1/Tue Jan 22 16:03:02 2002//
+-/Makefile.in/1.1/Tue Jan 22 16:03:02 2002//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Repository 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/man
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Root 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Entries 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,7 +0,0 @@
+-/Makefile.am/1.1/Tue Jan 22 16:03:03 2002//
+-/Makefile.in/1.1/Tue Jan 22 16:03:03 2002//
+-/README/1.1/Tue Jan 22 16:03:03 2002//
+-/merit-2.4.21-CHAP.diff/1.1/Tue Jan 22 16:03:04 2002//
+-/radiusd-1.16.accounting.diff/1.1/Tue Jan 22 16:03:04 2002//
+-/radiusd-1.16.shadow.diff/1.1/Tue Jan 22 16:03:04 2002//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Repository 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/patches
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Root 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Entries 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,11 +0,0 @@
+-/Makefile.am/1.1/Tue Jan 22 16:03:04 2002//
+-/Makefile.in/1.1/Tue Jan 22 16:03:04 2002//
+-/local.c/1.1/Tue Jan 22 16:03:04 2002//
+-/radacct.c/1.1/Tue Jan 22 16:03:04 2002//
+-/radexample-debug/1.1/Tue Jan 22 16:03:04 2002//
+-/radexample.c/1.2/Tue Apr 2 14:09:35 2002//
+-/radius.c/1.2/Tue Apr 2 14:09:35 2002//
+-/radlogin.c/1.1/Tue Jan 22 16:03:04 2002//
+-/radlogin.h/1.1/Tue Jan 22 16:03:05 2002//
+-/radstatus.c/1.1/Tue Jan 22 16:03:05 2002//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Repository 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/radius/radiusclient/src
+diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Root
+--- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Root 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Entries ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Entries
+--- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Entries 2002-09-07 12:37:54.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Entries 1970-01-01 01:00:00.000000000 +0100
+@@ -1,9 +0,0 @@
+-/Makefile.linux/1.1/Fri Dec 14 02:55:20 2001//
+-/common.c/1.1/Fri Dec 14 02:55:20 2001//
+-/config.h/1.1/Fri Dec 14 02:55:20 2001//
+-/debug.c/1.1/Fri Dec 14 02:55:20 2001//
+-/discovery.c/1.1/Fri Dec 14 02:55:20 2001//
+-/if.c/1.1/Fri Dec 14 02:55:20 2001//
+-/plugin.c/1.7/Tue Apr 2 13:11:00 2002//
+-/pppoe.h/1.1/Fri Dec 14 02:55:20 2001//
+-D
+diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Repository ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Repository
+--- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Repository 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Repository 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-ppp/pppd/plugins/rp-pppoe
+diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Root ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Root
+--- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Root 2002-09-07 12:37:53.000000000 +0200
++++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Root 1970-01-01 01:00:00.000000000 +0100
+@@ -1 +0,0 @@
+-samba.org:/data/cvs
+diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/Makefile ppp-cvs-20040427/pppd/plugins/rp-pppoe/Makefile
+--- ppp-2.4.2/pppd/plugins/rp-pppoe/Makefile 2004-01-13 04:57:55.000000000 +0100
++++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/Makefile 1970-01-01 01:00:00.000000000 +0100
+@@ -1,50 +0,0 @@
+-# Generated automatically from Makefile.in by configure.
+-#***********************************************************************
+-#
+-# Makefile
+-#
+-# Makefile for Roaring Penguin's Linux PPPoE plugin.
+-#
+-# Copyright (C) 2001 Roaring Penguin Software Inc.
+-#
+-# This program may be distributed according to the terms of the GNU
+-# General Public License, version 2 or (at your option) any later version.
+-#
+-# $Id: Makefile.linux,v 1.2 2004/01/13 03:57:55 paulus Exp $
+-#***********************************************************************
+-
+-# Version is set ONLY IN THE MAKEFILE! Don't delete this!
+-VERSION=3.3
+-
+-COPTS=-O2 -g
+-CFLAGS=$(COPTS) -I../../../include/linux
+-all: rp-pppoe.so
+-
+-rp-pppoe.so: libplugin.a plugin.o
+- gcc -o rp-pppoe.so -shared plugin.o libplugin.a
+-
+-install: all
+- $(INSTALL) -d -m 755 $(LIBDIR)
+- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR)
+-
+-clean:
+- rm -f *.o *.so
+-
+-plugin.o: plugin.c
+- gcc '-DRP_VERSION="$(VERSION)"' $(CFLAGS) -I../../.. -c -o plugin.o -fPIC plugin.c
+-
+-libplugin.a: discovery.o if.o common.o debug.o
+- ar -rc $@ $^
+-
+-discovery.o: discovery.c
+- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o discovery.o -fPIC discovery.c
+-
+-if.o: if.c
+- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o if.o -fPIC if.c
+-
+-debug.o: debug.c
+- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o debug.o -fPIC debug.c
+-
+-common.o: common.c
+- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o common.o -fPIC common.c
+-
+diff -ruN ppp-2.4.2/pppd/pppd.8 ppp-cvs-20040427/pppd/pppd.8
+--- ppp-2.4.2/pppd/pppd.8 2004-01-15 06:09:00.000000000 +0100
++++ ppp-cvs-20040427/pppd/pppd.8 2004-04-27 20:25:12.000000000 +0200
+@@ -1,5 +1,5 @@
+ .\" manual page [] for pppd 2.4
+-.\" $Id: pppd.8,v 1.76 2004/01/15 05:09:00 paulus Exp $
++.\" $Id: pppd.8,v 1.77 2004/04/27 18:22:58 fcusack Exp $
+ .\" SH section heading
+ .\" SS subsection heading
+ .\" LP paragraph
+@@ -955,11 +955,11 @@
+ Require the use of MPPE, with 128\-bit encryption.
+ .TP
+ .B require-mschap
+-Require the peer to authenticate itself using MS-CHAP [Microsft Challenge
++Require the peer to authenticate itself using MS-CHAP [Microsoft Challenge
+ Handshake Authentication Protocol] authentication.
+ .TP
+ .B require-mschap-v2
+-Require the peer to authenticate itself using MS-CHAPv2 [Microsft Challenge
++Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge
+ Handshake Authentication Protocol, Version 2] authentication.
+ .TP
+ .B require-eap
+diff -ruN ppp-2.4.2/pppd/tty.c ppp-cvs-20040427/pppd/tty.c
+--- ppp-2.4.2/pppd/tty.c 2004-01-13 05:17:59.000000000 +0100
++++ ppp-cvs-20040427/pppd/tty.c 2004-01-17 06:50:12.000000000 +0100
+@@ -73,7 +73,7 @@
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+-#define RCSID "$Id: tty.c,v 1.13 2004/01/13 04:17:59 paulus Exp $"
++#define RCSID "$Id: tty.c,v 1.14 2004/01/17 05:47:55 carlsonj Exp $"
+
+ #include <stdio.h>
+ #include <ctype.h>
+@@ -512,7 +512,9 @@
+ {
+ char *connector;
+ int fdflags;
++#ifndef __linux__
+ struct stat statbuf;
++#endif
+ char numbuf[16];
+
+ /*
+diff -ruN ppp-2.4.2/pppdump/bsd-comp.c ppp-cvs-20040427/pppdump/bsd-comp.c
+--- ppp-2.4.2/pppdump/bsd-comp.c 1999-04-16 13:34:42.000000000 +0200
++++ ppp-cvs-20040427/pppdump/bsd-comp.c 2004-01-17 06:50:12.000000000 +0100
+@@ -38,12 +38,14 @@
+ */
+
+ /*
+- * $Id: bsd-comp.c,v 1.3 1999/04/16 11:35:59 paulus Exp $
++ * $Id: bsd-comp.c,v 1.4 2004/01/17 05:47:55 carlsonj Exp $
+ */
+
+ #include <sys/types.h>
++#include <stdio.h>
+ #include <stddef.h>
+ #include <stdlib.h>
++#include <string.h>
+ #include "ppp_defs.h"
+ #include "ppp-comp.h"
+
+diff -ruN ppp-2.4.2/pppdump/deflate.c ppp-cvs-20040427/pppdump/deflate.c
+--- ppp-2.4.2/pppdump/deflate.c 2002-12-06 10:49:16.000000000 +0100
++++ ppp-cvs-20040427/pppdump/deflate.c 2004-01-17 06:50:12.000000000 +0100
+@@ -33,12 +33,14 @@
+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+- * $Id: deflate.c,v 1.4 2002/12/06 09:49:16 paulus Exp $
++ * $Id: deflate.c,v 1.5 2004/01/17 05:47:55 carlsonj Exp $
+ */
+
+ #include <sys/types.h>
++#include <stdio.h>
+ #include <stddef.h>
+ #include <stdlib.h>
++#include <string.h>
+ #include "ppp_defs.h"
+ #include "ppp-comp.h"
+ #include "zlib.h"
+diff -ruN ppp-2.4.2/pppdump/pppdump.c ppp-cvs-20040427/pppdump/pppdump.c
+--- ppp-2.4.2/pppdump/pppdump.c 2002-12-06 10:17:02.000000000 +0100
++++ ppp-cvs-20040427/pppdump/pppdump.c 2004-01-17 06:50:12.000000000 +0100
+@@ -35,6 +35,7 @@
+ */
+ #include <stdio.h>
+ #include <unistd.h>
++#include <stdlib.h>
+ #include <time.h>
+ #include <sys/types.h>
+ #include "ppp_defs.h"
+@@ -53,6 +54,12 @@
+ extern int optind;
+ extern char *optarg;
+
++void dumplog();
++void dumpppp();
++void show_time();
++void handle_ccp();
++
++int
+ main(ac, av)
+ int ac;
+ char **av;
+@@ -105,6 +112,7 @@
+ exit(0);
+ }
+
++void
+ dumplog(f)
+ FILE *f;
+ {
+@@ -244,6 +252,7 @@
+
+ unsigned char dbuf[8192];
+
++void
+ dumpppp(f)
+ FILE *f;
+ {
+@@ -429,6 +438,7 @@
+ NULL
+ };
+
++void
+ handle_ccp(cp, dp, len)
+ struct pkt *cp;
+ u_char *dp;
+@@ -485,6 +495,7 @@
+ }
+ }
+
++void
+ show_time(f, c)
+ FILE *f;
+ int c;
+diff -ruN ppp-2.4.2/scripts/callback ppp-cvs-20040427/scripts/callback
+--- ppp-2.4.2/scripts/callback 1995-08-09 04:49:51.000000000 +0200
++++ ppp-cvs-20040427/scripts/callback 2004-04-12 07:30:11.000000000 +0200
+@@ -33,7 +33,7 @@
+ ABORT '\nNO ANSWER\r' \
+ ABORT '\nRINGING\r\n\r\nRINGING\r' \
+ '' AT \
+- 'OK-+++\c-OK' 'AT&C0&D2S0=0H0 \
++ 'OK-+++\c-OK' 'AT&C0&D2S0=0H0' \
+ TIMEOUT 30 \
+ OK ATDT$TELEPHONE \
+ CONNECT '' \
+diff -ruN ppp-2.4.2/scripts/ipv6-down.sample ppp-cvs-20040427/scripts/ipv6-down.sample
+--- ppp-2.4.2/scripts/ipv6-down.sample 1999-08-23 08:07:07.000000000 +0200
++++ ppp-cvs-20040427/scripts/ipv6-down.sample 2004-04-12 07:45:18.000000000 +0200
+@@ -8,24 +8,24 @@
+ # Kill the router advertisement daemon on this interface.
+ # The killing procedure is copied from RedHat 6.0 initscripts.
+
+-DEVICE=$1
++DEVICE="$1"
+
+-PIDFILE=/var/run/radvd-$DEVICE.pid
++PIDFILE="/var/run/radvd-$DEVICE.pid"
+
+-[ -f $PIDFILE ] || exit 0
++[ -f "$PIDFILE" ] || exit 0
+
+-PID=`cat $PIDFILE`
++PID="$(cat "$PIDFILE")"
+ if [ "$PID" != "" ]; then
+- if ps h $PID >/dev/null 2>&1; then
+- kill -TERM $PID
++ if ps h "$PID" >/dev/null 2>&1; then
++ kill -TERM "$PID"
+ usleep 10000
+- if ps h $PID >/dev/null 2>&1; then
++ if ps h "$PID" >/dev/null 2>&1; then
+ sleep 1
+- if ps h $PID >/dev/null 2>&1; then
+- kill -KILL $PID
++ if ps h "$PID" >/dev/null 2>&1; then
++ kill -KILL "$PID"
+ fi
+ fi
+ fi
+ fi
+
+-rm -f $PIDFILE
++rm -f "$PIDFILE"
+diff -ruN ppp-2.4.2/scripts/ipv6-up.sample ppp-cvs-20040427/scripts/ipv6-up.sample
+--- ppp-2.4.2/scripts/ipv6-up.sample 1999-08-23 08:07:07.000000000 +0200
++++ ppp-cvs-20040427/scripts/ipv6-up.sample 2004-04-12 07:45:18.000000000 +0200
+@@ -8,26 +8,27 @@
+ # Start router advertisements on this link.
+ # Based on radvd 0.5.0 behaviour
+
+-DEVICE=$1
++DEVICE="$1"
+
+-CFGFILE=/usr/inet6/etc/radvd.conf-$DEVICE
+-PIDFILE=/var/run/radvd-$DEVICE.pid
++CFGFILE="/etc/radvd.conf-$DEVICE"
++PIDFILE="/var/run/radvd-$DEVICE.pid"
++EXEFILE="/usr/sbin/radvd"
+
+-if [ -x /usr/inet6/sbin/radvd && -f $CFGFILE ]; then
+- touch $PIDFILE
+- if [ ! -f $PIDFILE ]; then
++if [ -x "$EXEFILE" -a -f "$CFGFILE" ]; then
++ touch "$PIDFILE"
++ if [ ! -f "$PIDFILE" ]; then
+ echo "error: $PIDFILE is not a regular file. Aborting"
+ exit 0
+ fi
+
+- PID=`cat $PIDFILE`
+- if [ "$PID" != "" ]; then
+- ps h $PID >/dev/null 2>&1 && exit 0
++ PID="$(cat "$PIDFILE")"
++ if [ -n "$PID" ]; then
++ ps h "$PID" >/dev/null 2>&1 && exit 0
+ fi
+
+ # radvd 0.5.0 doesn't write a pid-file so we do it here
+ # enabling debugging keeps radvd in foreground, putting it
+ # on background gives us the PID.
+- /usr/inet6/sbin/radvd -d 1 -C $CFGFILE &
+- echo $! >$PIDFILE
++ "$EXEFILE" -d 1 -C "$CFGFILE" &
++ echo $! >"$PIDFILE"
+ fi
+diff -ruN ppp-2.4.2/scripts/pon ppp-cvs-20040427/scripts/pon
+--- ppp-2.4.2/scripts/pon 2002-11-25 00:30:44.000000000 +0100
++++ ppp-cvs-20040427/scripts/pon 2004-04-12 07:45:18.000000000 +0200
+@@ -1,10 +1,12 @@
+ #!/bin/sh
+
++PPP_ON_BOOT=/etc/ppp/ppp_on_boot
++
+ case "$1" in
+ -*) echo "
+ Usage: pon [provider] [arguments]
+
+-If pon is invoked without arguments, /etc/ppp/ppp_on_boot file will be
++If pon is invoked without arguments, $PPP_ON_BOOT file will be
+ run, presuming it exists and is executable. Otherwise, a PPP connection
+ will be started using settings from /etc/ppp/peers/provider.
+ If you specify one argument, a PPP connection will be started using
+@@ -16,8 +18,8 @@
+ ;;
+ esac
+
+-if [ -z "$1" -a -x /etc/ppp/ppp_on_boot ]; then
+- exec /etc/ppp/ppp_on_boot
++if [ -z "$1" -a -x "$PPP_ON_BOOT" ]; then
++ exec "$PPP_ON_BOOT"
+ fi
+
+ if [ -z "$1" -a ! -f /etc/ppp/peers/provider ]; then
+diff -ruN ppp-2.4.2/svr4/Makedefs ppp-cvs-20040427/svr4/Makedefs
+--- ppp-2.4.2/svr4/Makedefs 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/Makedefs 2000-06-09 03:36:34.000000000 +0200
+@@ -0,0 +1,16 @@
++#
++# defines common to several Makefiles
++#
++
++INSTALL= /usr/sbin/install
++
++BINDIR = /usr/local/bin
++MANDIR = /usr/local/man
++ETCDIR = /etc/ppp
++
++COPTS = -O -Xa
++
++# For compiling with gcc, comment out the COPTS definition above and
++# uncomment the next 2 definitions.
++#CC = gcc
++#COPTS = -O2
+diff -ruN ppp-2.4.2/svr4/Makedefs.sol2 ppp-cvs-20040427/svr4/Makedefs.sol2
+--- ppp-2.4.2/svr4/Makedefs.sol2 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/Makedefs.sol2 1999-09-21 22:50:31.000000000 +0200
+@@ -0,0 +1,59 @@
++#
++# Generic make definitions for Solaris 2
++#
++# $Id: Makedefs.sol2,v 1.3 1999/09/21 20:37:20 masputra Exp $
++#
++
++include ../svr4/Makedefs
++
++CPPFLAGS = -D_KERNEL -DSVR4 -DSOL2 -DPRIOQ -DDEBUG -I../include
++CFLAGS = $(CPPFLAGS) $(COPTS)
++
++# lint-specific variables
++LINT = lint
++LINT_OPT_32 =
++LINT_OPT_64 = -Xarch=v9 -errchk=longptr64
++
++LINT_32 =
++LINT_32 += -erroff=E_BAD_PTR_CAST_ALIGN
++LINT_32 += -erroff=E_SUPPRESSION_DIRECTIVE_UNUSED
++LINT_32 += -erroff=E_SUSPICIOUS_COMPARISON
++LINT_32 += -erroff=E_CAST_UINT_TO_SIGNED_INT
++LINT_32 += -erroff=E_PASS_UINT_TO_SIGNED_INT
++LINT_32 += -erroff=E_INVALID_ANNOTATION_NAME
++LINT_32 += -erroff=E_FUNC_ARG_UNUSED
++# This might be needed, but zlib.c and vjcompress.c will squawk
++# when not ignored
++LINT_32 += -erroff=E_CASE_FALLTHRU
++LINT_32 += -erroff=E_RET_INT_IMPLICITLY
++LINT_32 += -erroff=E_FUNC_NO_RET_VAL
++# Some STREAMS macros will be noisy too when this isn't ignored
++LINT_32 += -erroff=E_CONSTANT_CONDITION
++LINT_32 += -erroff=E_CONST_EXPR
++
++# Extra noise suppressant for 64-bit
++EXTRA_OFF =
++EXTRA_OFF += -erroff=E_CAST_INT_TO_SMALL_INT
++EXTRA_OFF += -erroff=E_CAST_INT_CONST_TO_SMALL_INT
++EXTRA_OFF += -erroff=E_CAST_TO_PTR_FROM_INT
++EXTRA_OFF += -erroff=E_ASSIGN_INT_TO_SMALL_INT
++EXTRA_OFF += -erroff=E_ASSIGN_INT_FROM_BIG_CONST
++EXTRA_OFF += -erroff=E_CONST_PROMOTED_UNSIGNED_LL
++EXTRA_OFF += -erroff=E_CONST_PROMOTED_LONG_LONG
++EXTRA_OFF += -erroff=E_CONST_TRUNCATED_BY_ASSIGN
++EXTRA_OFF += -erroff=E_PASS_INT_FROM_BIG_CONST
++EXTRA_OFF += -erroff=E_COMP_INT_WITH_LARGE_INT
++EXTRA_OFF += -erroff=E_ASSIGN_UINT_TO_SIGNED_INT
++EXTRA_OFF += -erroff=E_ASSIGN_NARROW_CONV
++EXTRA_OFF += -erroff=E_PASS_INT_TO_SMALL_INT
++EXTRA_OFF += -erroff=E_PTR_CONV_LOSES_BITS
++
++LINT_64 = $(LINT_32)
++LINT_64 += $(EXTRA_OFF)
++
++LINTFLAGS64 = -Xa -nsxmuF -errtags=yes $(LINT_OPT_64) $(LINT_64)
++LINT64 = $(LINT) -c $(LINTFLAGS64) $(CPPFLAGS)
++
++LINTFLAGS32 = -Xa -nsxmuF -errtags=yes $(LINT_OPT_32) $(LINT_32)
++LINT32 = $(LINT) -c $(LINTFLAGS32) $(CPPFLAGS)
++
+diff -ruN ppp-2.4.2/svr4/Makefile.sol2 ppp-cvs-20040427/svr4/Makefile.sol2
+--- ppp-2.4.2/svr4/Makefile.sol2 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/Makefile.sol2 1999-09-21 22:50:32.000000000 +0200
+@@ -0,0 +1,66 @@
++#
++# Makefile for STREAMS modules for Solaris 2.
++#
++# $Id: Makefile.sol2,v 1.18 1999/09/21 20:37:20 masputra Exp $
++#
++
++include Makedefs.sol2
++
++COPTS += -xO2 -xspace -W0,-Lt
++
++COMP_OBJS = ppp_comp.o bsd-comp.o deflate.o zlib.o vjcompress.o \
++ ppp_comp_mod.o
++
++all: ppp ppp_ahdl ppp_comp
++
++ppp: ppp.o ppp_mod.o
++ ld -r -o $@ ppp.o ppp_mod.o
++ chmod +x $@
++
++ppp_ahdl: ppp_ahdlc.o ppp_ahdlc_mod.o
++ ld -r -o $@ ppp_ahdlc.o ppp_ahdlc_mod.o
++ chmod +x $@
++
++ppp_comp: $(COMP_OBJS)
++ ld -r -o $@ $(COMP_OBJS)
++ chmod +x $@
++
++bsd-comp.o: ../modules/bsd-comp.c
++ $(CC) $(CFLAGS) -c $?
++deflate.o: ../modules/deflate.c
++ $(CC) $(CFLAGS) -c $?
++ppp.o: ../modules/ppp.c
++ $(CC) $(CFLAGS) -c $?
++ppp_mod.o: ppp_mod.c
++ $(CC) $(CFLAGS) -c $?
++ppp_ahdlc_mod.o: ppp_ahdlc_mod.c
++ $(CC) $(CFLAGS) -c $?
++ppp_ahdlc.o: ../modules/ppp_ahdlc.c
++ $(CC) $(CFLAGS) -c $?
++ppp_comp.o: ../modules/ppp_comp.c
++ $(CC) $(CFLAGS) -c $?
++ppp_comp_mod.o: ppp_comp_mod.c
++ $(CC) $(CFLAGS) -c $?
++vjcompress.o: ../modules/vjcompress.c
++ $(CC) $(CFLAGS) -c $?
++zlib.o: ../common/zlib.c
++ $(CC) $(CFLAGS) -c $?
++
++install:
++ cp ppp ppp.conf /kernel/drv
++ cp ppp_comp ppp_ahdl /kernel/strmod
++ if grep clone:ppp /etc/minor_perm; then :; else \
++ echo clone:ppp 0644 root sys >>/etc/minor_perm; fi
++ /usr/sbin/rem_drv ppp 2>/dev/null || true
++ /usr/sbin/add_drv ppp
++
++SRCS = ../modules/ppp.c ppp_mod.c ../modules/ppp_ahdlc.c ppp_ahdlc_mod.c \
++ ../modules/ppp_comp.c ../modules/bsd-comp.c ../modules/deflate.c \
++ ../common/zlib.c ../modules/vjcompress.c ppp_comp_mod.c
++
++lint:
++ $(LINT32) $(SRCS)
++
++clean:
++ rm -f ppp ppp_comp ppp_ahdl *.o *~ core
++ rm -f *.ln
+diff -ruN ppp-2.4.2/svr4/Makefile.sol2-64 ppp-cvs-20040427/svr4/Makefile.sol2-64
+--- ppp-2.4.2/svr4/Makefile.sol2-64 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/Makefile.sol2-64 1999-09-21 22:50:33.000000000 +0200
+@@ -0,0 +1,85 @@
++#
++# Makefile for 64-bit STREAMS modules for Solaris 2.
++#
++# $Id: Makefile.sol2-64,v 1.3 1999/09/21 20:37:20 masputra Exp $
++#
++
++include Makedefs.sol2
++
++# Sun's cc flag for LP64 compilation / linkage
++COPTS += -xchip=ultra -xarch=v9 -Wc,-xcode=abs32 -Wc,-Qiselect-regsym=0 -xO3 -xspace -W0,-Lt
++
++# subdirectory where 64-bit objects / binaries will be placed
++LP64DIR = sparcv9
++
++# Name of legacy Makefile (for 32-bit binaries)
++STD_MAKE = Makefile.sol2
++
++COMP_OBJS = $(LP64DIR)/ppp_comp.o $(LP64DIR)/bsd-comp.o \
++ $(LP64DIR)/deflate.o $(LP64DIR)/zlib.o $(LP64DIR)/vjcompress.o \
++ $(LP64DIR)/ppp_comp_mod.o
++
++all: std_objs $(LP64DIR) ppp ppp_ahdl ppp_comp
++
++std_objs:
++ $(MAKE) -f $(STD_MAKE) all
++
++ppp: $(LP64DIR)/ppp.o $(LP64DIR)/ppp_mod.o
++ ld -r -o $(LP64DIR)/$@ $(LP64DIR)/ppp.o $(LP64DIR)/ppp_mod.o
++ chmod +x $(LP64DIR)/$@
++
++ppp_ahdl: $(LP64DIR)/ppp_ahdlc.o $(LP64DIR)/ppp_ahdlc_mod.o
++ ld -r -o $(LP64DIR)/$@ $(LP64DIR)/ppp_ahdlc.o $(LP64DIR)/ppp_ahdlc_mod.o
++ chmod +x $(LP64DIR)/$@
++
++ppp_comp: $(COMP_OBJS)
++ ld -r -o $(LP64DIR)/$@ $(COMP_OBJS)
++ chmod +x $(LP64DIR)/$@
++
++$(LP64DIR)/bsd-comp.o: ../modules/bsd-comp.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/deflate.o: ../modules/deflate.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/ppp.o: ../modules/ppp.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/ppp_mod.o: ppp_mod.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/ppp_ahdlc_mod.o: ppp_ahdlc_mod.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/ppp_ahdlc.o: ../modules/ppp_ahdlc.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/ppp_comp.o: ../modules/ppp_comp.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/ppp_comp_mod.o: ppp_comp_mod.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/vjcompress.o: ../modules/vjcompress.c
++ $(CC) $(CFLAGS) -c $? -o $@
++$(LP64DIR)/zlib.o: ../common/zlib.c
++ $(CC) $(CFLAGS) -c $? -o $@
++
++$(LP64DIR):
++ mkdir -m 755 -p $@
++
++install:
++ cp ppp ppp.conf /kernel/drv
++ cp ppp_comp ppp_ahdl /kernel/strmod
++ cp $(LP64DIR)/ppp /kernel/drv/$(LP64DIR)
++ cp $(LP64DIR)/ppp_comp $(LP64DIR)/ppp_ahdl /kernel/strmod/$(LP64DIR)
++ if grep clone:ppp /etc/minor_perm; then :; else \
++ echo clone:ppp 0644 root sys >>/etc/minor_perm; fi
++ /usr/sbin/rem_drv ppp 2>/dev/null || true
++ /usr/sbin/add_drv ppp
++
++SRCS = ../modules/ppp.c ppp_mod.c ../modules/ppp_ahdlc.c ppp_ahdlc_mod.c \
++ ../modules/ppp_comp.c ../modules/bsd-comp.c ../modules/deflate.c \
++ ../common/zlib.c ../modules/vjcompress.c ppp_comp_mod.c
++
++lint:
++ $(LINT64) $(SRCS)
++
++lint-32:
++ $(LINT32) $(SRCS)
++
++clean:
++ $(MAKE) -f $(STD_MAKE) clean
++ rm -f $(LP64DIR)/ppp $(LP64DIR)/ppp_comp $(LP64DIR)/ppp_ahdl $(LP64DIR)/*.o $(LP64DIR)/*~ $(LP64DIR)/core
+diff -ruN ppp-2.4.2/svr4/Makefile.top ppp-cvs-20040427/svr4/Makefile.top
+--- ppp-2.4.2/svr4/Makefile.top 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/Makefile.top 1999-04-01 14:37:44.000000000 +0200
+@@ -0,0 +1,50 @@
++#
++# ppp top level makefile for SVR4 and Solaris 2
++#
++# $Id: Makefile.top,v 1.8 1999/04/01 11:44:55 paulus Exp $
++#
++
++include svr4/Makedefs
++
++all:
++ cd chat; $(MAKE) all
++ cd pppd; $(MAKE) all
++ cd pppstats; $(MAKE) all
++ cd pppdump; $(MAKE) all
++ cd svr4; $(MAKE) all
++
++install: $(BINDIR) $(MANDIR)/man8 install-progs install-etcppp
++
++install-progs:
++ cd chat; $(MAKE) install
++ cd pppd; $(MAKE) install
++ cd pppstats; $(MAKE) install
++ cd pppdump; $(MAKE) install
++ cd svr4; $(MAKE) install
++
++install-etcppp: $(ETCDIR) $(ETCDIR)/options $(ETCDIR)/pap-secrets \
++ $(ETCDIR)/chap-secrets
++
++$(ETCDIR)/options:
++ cp etc.ppp/options $@
++ chmod go-w $@
++$(ETCDIR)/pap-secrets:
++ $(INSTALL) -f $(ETCDIR) -m 600 etc.ppp/pap-secrets
++$(ETCDIR)/chap-secrets:
++ $(INSTALL) -f $(ETCDIR) -m 600 etc.ppp/chap-secrets
++
++$(BINDIR):
++ mkdir -m 755 -p $@
++$(MANDIR)/man8:
++ mkdir -m 755 -p $@
++$(ETCDIR):
++ mkdir -m 755 -p $@
++
++clean:
++ rm -f *~
++ cd chat; $(MAKE) clean
++ cd pppd; $(MAKE) clean
++ cd pppstats; $(MAKE) clean
++ cd pppdump; $(MAKE) clean
++ cd svr4; $(MAKE) clean
++
+diff -ruN ppp-2.4.2/svr4/ppp.Master ppp-cvs-20040427/svr4/ppp.Master
+--- ppp-2.4.2/svr4/ppp.Master 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp.Master 1995-10-27 04:58:28.000000000 +0100
+@@ -0,0 +1 @@
++ppp - Sciof ppp 0 0 1 128 -1
+diff -ruN ppp-2.4.2/svr4/ppp.Node ppp-cvs-20040427/svr4/ppp.Node
+--- ppp-2.4.2/svr4/ppp.Node 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp.Node 1995-10-27 04:58:36.000000000 +0100
+@@ -0,0 +1 @@
++clone ppp c ppp
+diff -ruN ppp-2.4.2/svr4/ppp.System ppp-cvs-20040427/svr4/ppp.System
+--- ppp-2.4.2/svr4/ppp.System 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp.System 1995-10-27 04:58:37.000000000 +0100
+@@ -0,0 +1 @@
++ppp Y 1 0 0 0 0 0 0 0
+diff -ruN ppp-2.4.2/svr4/ppp.conf ppp-cvs-20040427/svr4/ppp.conf
+--- ppp-2.4.2/svr4/ppp.conf 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp.conf 1995-06-01 06:39:00.000000000 +0200
+@@ -0,0 +1 @@
++name="ppp" parent="pseudo" instance=0;
+diff -ruN ppp-2.4.2/svr4/ppp_ahdl.Master ppp-cvs-20040427/svr4/ppp_ahdl.Master
+--- ppp-2.4.2/svr4/ppp_ahdl.Master 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp_ahdl.Master 1995-10-27 04:58:32.000000000 +0100
+@@ -0,0 +1 @@
++ppp_ahdl - iSf phdl 0 0 1 1 -1
+diff -ruN ppp-2.4.2/svr4/ppp_ahdl.System ppp-cvs-20040427/svr4/ppp_ahdl.System
+--- ppp-2.4.2/svr4/ppp_ahdl.System 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp_ahdl.System 1995-10-27 04:58:38.000000000 +0100
+@@ -0,0 +1 @@
++ppp_ahdl Y 1 0 0 0 0 0 0 0
+diff -ruN ppp-2.4.2/svr4/ppp_ahdlc_mod.c ppp-cvs-20040427/svr4/ppp_ahdlc_mod.c
+--- ppp-2.4.2/svr4/ppp_ahdlc_mod.c 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp_ahdlc_mod.c 1995-12-11 06:21:02.000000000 +0100
+@@ -0,0 +1,49 @@
++#include <sys/types.h>
++#include <sys/param.h>
++#include <sys/conf.h>
++#include <sys/modctl.h>
++#include <sys/sunddi.h>
++
++extern struct streamtab ppp_ahdlcinfo;
++
++static struct fmodsw fsw = {
++ "ppp_ahdl",
++ &ppp_ahdlcinfo,
++ D_NEW | D_MP | D_MTQPAIR
++};
++
++extern struct mod_ops mod_strmodops;
++
++static struct modlstrmod modlstrmod = {
++ &mod_strmodops,
++ "PPP async HDLC module",
++ &fsw
++};
++
++static struct modlinkage modlinkage = {
++ MODREV_1,
++ (void *) &modlstrmod,
++ NULL
++};
++
++/*
++ * Entry points for modloading.
++ */
++int
++_init(void)
++{
++ return mod_install(&modlinkage);
++}
++
++int
++_fini(void)
++{
++ return mod_remove(&modlinkage);
++}
++
++int
++_info(mip)
++ struct modinfo *mip;
++{
++ return mod_info(&modlinkage, mip);
++}
+diff -ruN ppp-2.4.2/svr4/ppp_comp.Master ppp-cvs-20040427/svr4/ppp_comp.Master
+--- ppp-2.4.2/svr4/ppp_comp.Master 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp_comp.Master 1995-10-27 04:58:34.000000000 +0100
+@@ -0,0 +1 @@
++ppp_comp - iSf pcmp 0 0 1 1 -1
+diff -ruN ppp-2.4.2/svr4/ppp_comp.System ppp-cvs-20040427/svr4/ppp_comp.System
+--- ppp-2.4.2/svr4/ppp_comp.System 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp_comp.System 1995-10-27 04:58:40.000000000 +0100
+@@ -0,0 +1 @@
++ppp_comp Y 1 0 0 0 0 0 0 0
+diff -ruN ppp-2.4.2/svr4/ppp_comp_mod.c ppp-cvs-20040427/svr4/ppp_comp_mod.c
+--- ppp-2.4.2/svr4/ppp_comp_mod.c 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp_comp_mod.c 2002-12-06 10:50:10.000000000 +0100
+@@ -0,0 +1,89 @@
++/*
++ * ppp_comp_mod.c - modload support for PPP compression STREAMS module.
++ *
++ * Copyright (c) 1994 Paul Mackerras. All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ *
++ * 3. The name(s) of the authors of this software must not be used to
++ * endorse or promote products derived from this software without
++ * prior written permission.
++ *
++ * 4. Redistributions of any form whatsoever must retain the following
++ * acknowledgment:
++ * "This product includes software developed by Paul Mackerras
++ * <paulus@samba.org>".
++ *
++ * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
++ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
++ * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
++ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
++ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ *
++ * $Id: ppp_comp_mod.c,v 1.3 2002/12/06 09:49:16 paulus Exp $
++ */
++
++/*
++ * This file is used under Solaris 2.
++ */
++#include <sys/types.h>
++#include <sys/param.h>
++#include <sys/conf.h>
++#include <sys/modctl.h>
++#include <sys/sunddi.h>
++
++extern struct streamtab ppp_compinfo;
++
++static struct fmodsw fsw = {
++ "ppp_comp",
++ &ppp_compinfo,
++ D_NEW | D_MP | D_MTQPAIR
++};
++
++extern struct mod_ops mod_strmodops;
++
++static struct modlstrmod modlstrmod = {
++ &mod_strmodops,
++ "PPP compression module",
++ &fsw
++};
++
++static struct modlinkage modlinkage = {
++ MODREV_1,
++ (void *) &modlstrmod,
++ NULL
++};
++
++/*
++ * Entry points for modloading.
++ */
++int
++_init(void)
++{
++ return mod_install(&modlinkage);
++}
++
++int
++_fini(void)
++{
++ return mod_remove(&modlinkage);
++}
++
++int
++_info(mip)
++ struct modinfo *mip;
++{
++ return mod_info(&modlinkage, mip);
++}
+diff -ruN ppp-2.4.2/svr4/ppp_mod.c ppp-cvs-20040427/svr4/ppp_mod.c
+--- ppp-2.4.2/svr4/ppp_mod.c 1970-01-01 01:00:00.000000000 +0100
++++ ppp-cvs-20040427/svr4/ppp_mod.c 2002-12-06 10:50:10.000000000 +0100
+@@ -0,0 +1,182 @@
++/*
++ * ppp_mod.c - modload support for PPP pseudo-device driver.
++ *
++ * Copyright (c) 1994 Paul Mackerras. All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ *
++ * 3. The name(s) of the authors of this software must not be used to
++ * endorse or promote products derived from this software without
++ * prior written permission.
++ *
++ * 4. Redistributions of any form whatsoever must retain the following
++ * acknowledgment:
++ * "This product includes software developed by Paul Mackerras
++ * <paulus@samba.org>".
++ *
++ * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
++ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
++ * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
++ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
++ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++ *
++ * $Id: ppp_mod.c,v 1.4 2002/12/06 09:49:16 paulus Exp $
++ */
++
++/*
++ * This file is used under Solaris 2.
++ */
++
++#include <sys/types.h>
++#include <sys/param.h>
++#include <sys/stat.h>
++#include <sys/conf.h>
++#include <sys/modctl.h>
++#include <sys/sunddi.h>
++#include <sys/ksynch.h>
++
++#ifdef __STDC__
++#define __P(x) x
++#else
++#define __P(x) ()
++#endif
++
++static int ppp_identify __P((dev_info_t *));
++static int ppp_attach __P((dev_info_t *, ddi_attach_cmd_t));
++static int ppp_detach __P((dev_info_t *, ddi_detach_cmd_t));
++static int ppp_devinfo __P((dev_info_t *, ddi_info_cmd_t, void *, void **));
++
++extern struct streamtab pppinfo;
++extern krwlock_t ppp_lower_lock;
++
++static dev_info_t *ppp_dip;
++
++static struct cb_ops cb_ppp_ops = {
++ nulldev, nulldev, nodev, nodev, /* cb_open, ... */
++ nodev, nodev, nodev, nodev, /* cb_dump, ... */
++ nodev, nodev, nodev, nochpoll, /* cb_devmap, ... */
++ ddi_prop_op, /* cb_prop_op */
++ &pppinfo, /* cb_stream */
++ D_NEW|D_MP|D_MTQPAIR|D_MTOUTPERIM|D_MTOCEXCL /* cb_flag */
++};
++
++static struct dev_ops ppp_ops = {
++ DEVO_REV, /* devo_rev */
++ 0, /* devo_refcnt */
++ ppp_devinfo, /* devo_getinfo */
++ ppp_identify, /* devo_identify */
++ nulldev, /* devo_probe */
++ ppp_attach, /* devo_attach */
++ ppp_detach, /* devo_detach */
++ nodev, /* devo_reset */
++ &cb_ppp_ops, /* devo_cb_ops */
++ NULL /* devo_bus_ops */
++};
++
++/*
++ * Module linkage information
++ */
++
++static struct modldrv modldrv = {
++ &mod_driverops, /* says this is a pseudo driver */
++ "PPP-2.3 multiplexing driver",
++ &ppp_ops /* driver ops */
++};
++
++static struct modlinkage modlinkage = {
++ MODREV_1,
++ (void *) &modldrv,
++ NULL
++};
++
++int
++_init(void)
++{
++ return mod_install(&modlinkage);
++}
++
++int
++_fini(void)
++{
++ return mod_remove(&modlinkage);
++}
++
++int
++_info(mip)
++ struct modinfo *mip;
++{
++ return mod_info(&modlinkage, mip);
++}
++
++static int
++ppp_identify(dip)
++ dev_info_t *dip;
++{
++ return strcmp(ddi_get_name(dip), "ppp") == 0? DDI_IDENTIFIED:
++ DDI_NOT_IDENTIFIED;
++}
++
++static int
++ppp_attach(dip, cmd)
++ dev_info_t *dip;
++ ddi_attach_cmd_t cmd;
++{
++
++ if (cmd != DDI_ATTACH)
++ return DDI_FAILURE;
++ if (ddi_create_minor_node(dip, "ppp", S_IFCHR, 0, DDI_PSEUDO, CLONE_DEV)
++ == DDI_FAILURE) {
++ ddi_remove_minor_node(dip, NULL);
++ return DDI_FAILURE;
++ }
++ rw_init(&ppp_lower_lock, NULL, RW_DRIVER, NULL);
++ return DDI_SUCCESS;
++}
++
++static int
++ppp_detach(dip, cmd)
++ dev_info_t *dip;
++ ddi_detach_cmd_t cmd;
++{
++ rw_destroy(&ppp_lower_lock);
++ ddi_remove_minor_node(dip, NULL);
++ return DDI_SUCCESS;
++}
++
++static int
++ppp_devinfo(dip, cmd, arg, result)
++ dev_info_t *dip;
++ ddi_info_cmd_t cmd;
++ void *arg;
++ void **result;
++{
++ int error;
++
++ error = DDI_SUCCESS;
++ switch (cmd) {
++ case DDI_INFO_DEVT2DEVINFO:
++ if (ppp_dip == NULL)
++ error = DDI_FAILURE;
++ else
++ *result = (void *) ppp_dip;
++ break;
++ case DDI_INFO_DEVT2INSTANCE:
++ *result = NULL;
++ break;
++ default:
++ error = DDI_FAILURE;
++ }
++ return error;
++}
--- /dev/null
+--- ppp-2.4.0b4.orig/pppd/pathnames.h
++++ ppp-2.4.0b4/pppd/pathnames.h
+@@ -26,7 +26,7 @@
+ #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up"
+ #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down"
+ #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options."
+-#define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors"
++#define _PATH_CONNERRS _ROOT_PATH "/var/log/ppp-connect-errors"
+ #define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/"
+ #define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf"
+
--- /dev/null
+--- ppp-2.4.0b4.orig/scripts/README
++++ ppp-2.4.0b4/scripts/README
+@@ -141,3 +141,17 @@
+ are escaped. This may need to be modified depending on the ssh (or
+ pseudo-tty) implementation which may differ across platforms, for further
+ optimizations.
++
++------------------------------------------------------------------------
++
++12. pon, poff and ip-up
++
++These are modified version of the pon/poff/ip-up scripts contributed by Yann
++Dirson <dirson@debian.org>. They allow you to call "pon quick" respectively
++"pon quick my-isp" to just call the provider for running you ip-up scripts in
++/etc/ppp/ip-up.d. This can be useful to check for incoming/flush outgoing
++mail, without the necessary delay before hangup introduced by diald or such.
++
++These scripts break the possibility to connect to multiple ISPs at once, so
++they are included only here.
++
--- /dev/null
+--- ppp-2.4.0b4.orig/scripts/redialer
++++ ppp-2.4.0b4/scripts/redialer
+@@ -1,96 +1,69 @@
+ #!/bin/sh
+-###################################################################
+ #
+-# These parameters control the attack dialing sequence.
++# A chatscript that will attempt to dial multiple numbers in sequence, until
++# you get connected.
+ #
+-# Maximum number of attempts to reach the telephone number(s)
+-MAX_ATTEMPTS=10
+-
+-# Delay between each of the attempts. This is a parameter to sleep
+-# so use "15s" for 15 seconds, "1m" for 1 minute, etc.
+-SLEEP_DELAY=15s
+-
+-###################################################################
++# To use: edit /etc/peers/provider, and change the connect line to read:
++# connect "/usr/local/bin/redialer"
+ #
+-# This is a list of telephone numbers. Add new numbers if you wish
+-# and see the function 'callall' below for the dial process.
+-PHONE1=555-1212
+-PHONE2=411
++# See below for configuration.
+
+-###################################################################
++# This is a list of chatscripts to use to get connected, and (optional)
++# telephone numbers to call for each of those chatscripts.
+ #
+-# If you use the ppp-on script, then these are passed to this routine
+-# automatically. There is no need to define them here. If not, then
+-# you will need to set the values.
+-#
+-ACCOUNT=my_account_name
+-PASSWORD=my_password
++# Note that in the chatscripts, you may use #NUMBER#, this will be replaced
++# with the number it is calling. You might want to use this to only have one
++# chatscript that is used for all numbers, or you might need multiple
++# chatscripts.
+
+-###################################################################
+-#
+-# Function to initialize the modem and ensure that it is in command
+-# state. This may not be needed, but it doesn't hurt.
+-#
+-function initialize
+-{
+- chat -v TIMEOUT 3 '' AT 'OK-+++\c-OK'
+- return
+-}
++PHONE1=123456789
++CHAT1=/etc/chatscripts/provider
+
+-###################################################################
+-#
+-# Script to dial a telephone
+-#
+-function callnumber
+-{
+-chat -v \
+- ABORT '\nBUSY\r' \
+- ABORT '\nNO ANSWER\r' \
+- ABORT '\nRINGING\r\n\r\nRINGING\r' \
+- '' ATDT$1 \
+- CONNECT '' \
+- ogin:--ogin: $ACCOUNT \
+- assword: $PASSWORD
+-#
+-# If the connection was successful then end the whole script with a
+-# success.
+-#
+- if [ "$?" = "0" ]; then
+- exit 0
+- fi
++PHONE2=912345678
++CHAT2=/etc/chatscripts/provider
+
+- return
+-}
++PHONE3=891234567
++CHAT3=/etc/chatscripts/provider
+
+-###################################################################
+-#
+-# Script to dial any telephone number
+-#
+-function callall
+-{
+-# echo "dialing attempt number: $1" >/dev/console
+- callnumber $PHONE1
+-# callnumber $PHONE2
+-}
++PHONE4=789123456
++CHAT4=/etc/chatscripts/provider
+
+-###################################################################
+-#
+-# Initialize the modem to ensure that it is in the command state
+-#
+-initialize
+-if [ ! "$?" = "0" ]; then
+- exit 1
+-fi
++PHONE5=001234567
++CHAT5=/etc/chatscripts/provider
+
++# How long to sleep between retries:
+ #
+-# Dial telephone numbers until one answers
+-#
++# Note that this is a parameter to sleep so use "15s" for 15 seconds,
++# "1m" for 1 minute, etc
++SLEEP_DELAY=1s
++
++# The code below does the dialing.
++
+ attempt=0
+ while : ; do
+- attempt=`expr $attempt + 1`
+- callall $attempt
+- if [ "$attempt" = "$MAX_ATTEMPTS" ]; then
+- exit 1
+- fi
+- sleep "$SLEEP_DELAY"
++ attempt=`expr $attempt + 1`
++ NUMBER=`eval echo '$PHONE'$attempt`
++ CHAT=`eval echo '$CHAT'$attempt`
++ if [ ! "$CHAT" ]; then
++ attempt=0
++ else
++ logger "Dialing attempt number: $attempt"
++ sed s/#NUMBER#/$NUMBER/ $CHAT >/etc/chatscripts/tmpchat
++ /usr/sbin/chat -v -f /etc/chatscripts/tmpchat
++ rm -f /etc/chatscripts/tmpchat
++ case $? in
++ 0) logger Connection established ; exit 0;;
++ 1) logger chat: exit 1, see manpage for details. ; exit 1;;
++ 2) logger chat: exit 2, see manpage for details. ; exit 2;;
++ 3) logger chat: exit 3, see manpage for details. ;;
++ 4) logger Line busy. ;;
++ 5) logger No Carrier. ;;
++ 6) logger A call is coming. Exiting! ; exit 1;;
++ 7) logger No dialtone. ;;
++ 8) logger An error occured. Exiting! ; exit 1;;
++ *) logger chat: exit $?, see manpage for details. ;;
++ esac
++ logger "Waiting $SLEEP_DELAY seconds before next try."
++ sleep $SLEEP_DELAY
++ fi
+ done
--- /dev/null
+--- ppp-2.4.1/pppd/ipcp.c Thu Mar 8 06:11:12 2001
++++ ppp-2.4.1-new/pppd/ipcp.c Tue Jun 19 15:35:36 2001
+@@ -1734,7 +1734,7 @@
+ */
+ if (ipcp_script_state == s_down && ipcp_script_pid == 0) {
+ ipcp_script_state = s_up;
+- ipcp_script(_PATH_IPUP);
++ ipcp_script(path_ipup);
+ }
+ }
+
+@@ -1777,7 +1777,7 @@
+ /* Execute the ip-down script */
+ if (ipcp_script_state == s_up && ipcp_script_pid == 0) {
+ ipcp_script_state = s_down;
+- ipcp_script(_PATH_IPDOWN);
++ ipcp_script(path_ipdown);
+ }
+ }
+
+@@ -1828,13 +1828,13 @@
+ case s_up:
+ if (ipcp_fsm[0].state != OPENED) {
+ ipcp_script_state = s_down;
+- ipcp_script(_PATH_IPDOWN);
++ ipcp_script(path_ipdown);
+ }
+ break;
+ case s_down:
+ if (ipcp_fsm[0].state == OPENED) {
+ ipcp_script_state = s_up;
+- ipcp_script(_PATH_IPUP);
++ ipcp_script(path_ipup);
+ }
+ break;
+ }
+
+--- ppp-2.4.1/pppd/main.c Tue Mar 13 06:56:19 2001
++++ ppp-2.4.1-new/pppd/main.c Tue Jun 19 15:35:36 2001
+@@ -233,6 +233,9 @@
+ struct protent *protp;
+ char numbuf[16];
+
++ strlcpy(path_ipup, "/etc/ppp/ip-up", sizeof(path_ipup));
++ strlcpy(path_ipdown, "/etc/ppp/ip-down", sizeof(path_ipdown));
++
+ link_stats_valid = 0;
+ new_phase(PHASE_INITIALIZE);
+
+
+--- ppp-2.4.1/pppd/options.c Tue Mar 13 06:56:19 2001
++++ ppp-2.4.1-new/pppd/options.c Tue Jun 19 15:38:32 2001
+@@ -85,6 +85,8 @@
+ bool dump_options; /* print out option values */
+ bool dryrun; /* print out option values and exit */
+ char *domain; /* domain name set by domain option */
++char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
++char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */
+
+ extern option_t auth_options[];
+ extern struct stat devstat;
+@@ -231,6 +233,12 @@
+ "Print out option values after parsing all options", 1 },
+ { "dryrun", o_bool, &dryrun,
+ "Stop after parsing, printing, and checking options", 1 },
++ { "ip-up-script", o_string, path_ipup,
++ "Set pathname of ip-up script",
++ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
++ { "ip-down-script", o_string, path_ipdown,
++ "Set pathname of ip-down script",
++ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+
+ #ifdef HAVE_MULTILINK
+ { "multilink", o_bool, &multilink,
+
+--- ppp-2.4.1/pppd/pathnames.h Thu Mar 8 06:15:37 2001
++++ ppp-2.4.1-new/pppd/pathnames.h Tue Jun 19 15:35:36 2001
+@@ -21,8 +21,6 @@
+ #define _PATH_UPAPFILE _ROOT_PATH "/etc/ppp/pap-secrets"
+ #define _PATH_CHAPFILE _ROOT_PATH "/etc/ppp/chap-secrets"
+ #define _PATH_SYSOPTIONS _ROOT_PATH "/etc/ppp/options"
+-#define _PATH_IPUP _ROOT_PATH "/etc/ppp/ip-up"
+-#define _PATH_IPDOWN _ROOT_PATH "/etc/ppp/ip-down"
+ #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up"
+ #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down"
+ #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options."
+
+--- ppp-2.4.1/pppd/pppd.h Tue Mar 13 06:54:37 2001
++++ ppp-2.4.1-new/pppd/pppd.h Tue Jun 19 15:39:39 2001
+@@ -272,6 +272,8 @@
+ extern char *bundle_name; /* bundle name for multilink */
+ extern bool dump_options; /* print out option values */
+ extern bool dryrun; /* check everything, print options, exit */
++extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
++extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
+
+ #ifdef PPP_FILTER
+ extern struct bpf_program pass_filter; /* Filter for pkts to pass */
--- /dev/null
+--- ppp/pppd/plugins/rp-pppoe/plugin.c.orig 2003-04-07 02:09:05.000000000 +0200
++++ ppp/pppd/plugins/rp-pppoe/plugin.c 2003-12-03 22:15:07.000000000 +0100
+@@ -114,6 +114,57 @@
+ return 1;
+ }
+
++/* from <linux/if.h> */
++#define IFF_UP 0x1
++#define IFF_RUNNING 0x40
++
++static short ifrflags_old;
++
++static int interface_change(const char* ifname, int up)
++{
++ int fd;
++ struct ifreq ifr;
++
++ if (!up && ifrflags_old != 0) {
++ return 0;
++ }
++
++ fd = socket(AF_INET, SOCK_DGRAM, 0);
++ if (fd < 0) {
++ warn("socket(AF_INET, SOCK_DGRAM, 0): %s", strerror(errno));
++ return -1;
++ }
++
++ strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
++ if (ioctl(fd, SIOCGIFFLAGS, &ifr) < 0) {
++ warn("%s: unknown interface: %s", ifname, strerror(errno));
++ return -1;
++ }
++ strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
++ if (up) {
++ ifrflags_old = ifr.ifr_flags & (IFF_UP | IFF_RUNNING);
++ ifr.ifr_flags |= (IFF_UP | IFF_RUNNING);
++ } else {
++ ifr.ifr_flags &= ~(IFF_UP | IFF_RUNNING);
++ }
++ if (ioctl(fd, SIOCSIFFLAGS, &ifr) < 0) {
++ warn("SIOCSIFFLAGS: %s", strerror(errno));
++ return -1;
++ }
++ close(fd);
++ return 0;
++}
++
++static int interface_up (const char *ifname)
++{
++ return interface_change(ifname,1);
++}
++
++static int interface_down (const char* ifname)
++{
++ return interface_change(ifname,0);
++}
++
+ /**********************************************************************
+ * %FUNCTION: PPPOEConnectDevice
+ * %ARGUMENTS:
+@@ -142,6 +193,8 @@
+ conn->peerEth[i] = (unsigned char) mac[i];
+ }
+ } else {
++ if (interface_up(conn->ifName) < 0)
++ return -1;
+ discovery(conn);
+ if (conn->discoveryState != STATE_SESSION) {
+ fatal("Unable to complete PPPoE Discovery");
+@@ -243,6 +296,8 @@
+ return;
+ }
+ close(conn->sessionSocket);
++ if (interface_down(conn->ifName) < 0)
++ warn("We brought %s up but failed to take it down",conn->ifName);
+ }
+
+ static void
--- /dev/null
+To: md@linux.it, mjt@corpit.ru
+Subject: pppd-auth-hook.patch
+Message-Id: <20040604231517.3E9AD11DC4@paltus.tls.msk.ru>
+Date: Sat, 5 Jun 2004 03:15:17 +0400 (MSD)
+From: mjt@corpit.ru (Michael Tokarev)
+
+The patch below fixes pppd segfault when using auth_hook that sets
+options for the user (use-after-free problem).
+
+/mjt
+
+--- ppp/pppd/auth.c.orig Mon Jun 23 18:12:04 2003
++++ ppp/pppd/auth.c Sat Jun 5 03:11:36 2004
+@@ -1251,14 +1251,14 @@
+ if (pap_auth_hook) {
+ ret = (*pap_auth_hook)(user, passwd, msg, &addrs, &opts);
+ if (ret >= 0) {
++ /* note: set_allowed_addrs() saves opts (but not addrs): don't free it! */
+ if (ret)
+ set_allowed_addrs(unit, addrs, opts);
+- BZERO(passwd, sizeof(passwd));
++ else if (opts != 0)
++ free_wordlist(opts);
+ if (addrs != 0)
+ free_wordlist(addrs);
+- if (opts != 0) {
+- free_wordlist(opts);
+- }
++ BZERO(passwd, sizeof(passwd));
+ return ret? UPAP_AUTHACK: UPAP_AUTHNAK;
+ }
+ }
+
--- /dev/null
+--- ppp/pppd/ipcp.c Wed May 31 17:20:41 2000
++++ ppp/pppd/ipcp.c Wed May 31 17:27:19 2000
+@@ -145,7 +145,17 @@
+ { "-defaultroute", o_bool, &ipcp_allowoptions[0].default_route,
+ "disable defaultroute option", OPT_A2COPY,
+ &ipcp_wantoptions[0].default_route },
+
++#ifdef __linux__
++ { "replacedefaultroute", o_bool,
++ &ipcp_wantoptions[0].replace_default_route,
++ "Replace default route", 1
++ },
++ { "noreplacedefaultroute", o_bool,
++ &ipcp_allowoptions[0].replace_default_route,
++ "Never replace default route", OPT_A2COPY,
++ &ipcp_wantoptions[0].replace_default_route },
++#endif
+ { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
+ "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
+ { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
+@@ -195,7 +205,7 @@
+ ip_active_pkt
+ };
+
+-static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t));
++static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool));
+ static void ipcp_script __P((char *)); /* Run an up/down script */
+ static void ipcp_script_done __P((void *));
+
+@@ -1344,7 +1354,12 @@
+ if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE))
+ return 0;
+ if (wo->default_route)
++#ifndef __linux__
+ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr))
++#else
++ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr,
++ wo->replace_default_route))
++#endif
+ default_route_set[u] = 1;
+ if (wo->proxy_arp)
+ if (sifproxyarp(u, wo->hisaddr))
+@@ -1420,7 +1435,8 @@
+ */
+ if (demand) {
+ if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) {
+- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr);
++ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr,
++ wo->replace_default_route);
+ if (go->ouraddr != wo->ouraddr) {
+ warn("Local IP address changed to %I", go->ouraddr);
+ script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr));
+@@ -1445,7 +1461,12 @@
+
+ /* assign a default route through the interface if required */
+ if (ipcp_wantoptions[f->unit].default_route)
++#ifndef __linux__
+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
++#else
++ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
++ wo->replace_default_route))
++#endif
+ default_route_set[f->unit] = 1;
+
+ /* Make a proxy ARP entry if requested. */
+@@ -1492,7 +1513,12 @@
+
+ /* assign a default route through the interface if required */
+ if (ipcp_wantoptions[f->unit].default_route)
++#ifndef __linux__
+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
++#else
++ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
++ wo->replace_default_route))
++#endif
+ default_route_set[f->unit] = 1;
+
+ /* Make a proxy ARP entry if requested. */
+@@ -1559,7 +1585,7 @@
+ sifnpmode(f->unit, PPP_IP, NPMODE_DROP);
+ sifdown(f->unit);
+ ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr,
+- ipcp_hisoptions[f->unit].hisaddr);
++ ipcp_hisoptions[f->unit].hisaddr, 0);
+ }
+
+ /* Execute the ip-down script */
+@@ -1575,16 +1601,25 @@
+ * proxy arp entries, etc.
+ */
+ static void
+-ipcp_clear_addrs(unit, ouraddr, hisaddr)
++ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute)
+ int unit;
+ u_int32_t ouraddr; /* local address */
+ u_int32_t hisaddr; /* remote address */
++ bool replacedefaultroute;
+ {
+ if (proxy_arp_set[unit]) {
+ cifproxyarp(unit, hisaddr);
+ proxy_arp_set[unit] = 0;
+ }
+- if (default_route_set[unit]) {
++ /* If replacedefaultroute, sifdefaultroute will be called soon
++ * with replacedefaultroute set and that will overwrite the current
++ * default route. This is the case only when doing demand, otherwise
++ * during demand, this cifdefaultroute would restore the old default
++ * route which is not what we want in this case. In the non-demand
++ * case, we'll delete the default route and restore the old if there
++ * is one saved by an sifdefaultroute with replacedefaultroute.
++ */
++ if (!replacedefaultroute && default_route_set[unit]) {
+ cifdefaultroute(unit, ouraddr, hisaddr);
+ default_route_set[unit] = 0;
+ }
+--- ppp/pppd/ipcp.h Wed May 31 17:20:41 2000
++++ ppp/pppd/ipcp.h Wed May 31 15:56:17 2000
+@@ -47,6 +47,7 @@
+ bool old_addrs; /* Use old (IP-Addresses) option? */
+ bool req_addr; /* Ask peer to send IP address? */
+ bool default_route; /* Assign default route through interface? */
++ bool replace_default_route; /* Replace default route through interface? */
+ bool proxy_arp; /* Make proxy ARP entry for peer? */
+ bool neg_vj; /* Van Jacobson Compression? */
+ bool old_vj; /* use old (short) form of VJ option? */
+--- ppp/pppd/pppd.8 Wed May 31 17:20:41 2000
++++ ppp/pppd/pppd.8 Wed May 31 15:56:17 2000
+@@ -99,6 +99,13 @@
+ This entry is removed when the PPP connection is broken. This option
+ is privileged if the \fInodefaultroute\fR option has been specified.
+ .TP
++.B replacedefaultroute
++This option is a flag to the defaultroute option. If defaultroute is
++set and this flag is also set, pppd replaces an existing default route
++with the new default route.
++
++
++.TP
+ .B disconnect \fIscript
+ Run the executable or shell command specified by \fIscript\fR after
+ pppd has terminated the link. This script could, for example, issue
+@@ -589,7 +596,12 @@
+ .TP
+ .B nodefaultroute
+ Disable the \fIdefaultroute\fR option. The system administrator who
+-wishes to prevent users from creating default routes with pppd
++wishes to prevent users from adding a default route with pppd
++can do so by placing this option in the /etc/ppp/options file.
++.TP
++.B noreplacedefaultroute
++Disable the \fIreplacedefaultroute\fR option. The system administrator who
++wishes to prevent users from replacing a default route with pppd
+ can do so by placing this option in the /etc/ppp/options file.
+ .TP
+ .B nodeflate
+--- ppp/pppd/pppd.h Wed May 31 17:20:41 2000
++++ ppp/pppd/pppd.h Wed May 31 15:56:17 2000
+@@ -416,7 +416,11 @@
+ int cif6addr __P((int, eui64_t, eui64_t));
+ /* Remove an IPv6 address from i/f */
+ #endif
++#ifndef __linux__
+ int sifdefaultroute __P((int, u_int32_t, u_int32_t));
++#else
++int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt));
++#endif
+ /* Create default route through i/f */
+ int cifdefaultroute __P((int, u_int32_t, u_int32_t));
+ /* Delete default route through i/f */
+--- ppp/pppd/sys-linux.c Wed May 31 17:20:41 2000
++++ ppp/pppd/sys-linux.c Wed May 31 17:37:23 2000
+@@ -143,6 +143,8 @@
+
+ static int if_is_up; /* Interface has been marked up */
+ static u_int32_t default_route_gateway; /* Gateway for default route added */
++static struct rtentry old_def_rt; /* Old default route */
++static int default_rt_repl_rest; /* replace and restore old default rt */
+ static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */
+ static char proxy_arp_dev[16]; /* Device for proxy arp entry */
+ static u_int32_t our_old_addr; /* for detecting address changes */
+@@ -1209,6 +1211,9 @@
+ p = NULL;
+ }
+
++ SET_SA_FAMILY (rt->rt_dst, AF_INET);
++ SET_SA_FAMILY (rt->rt_gateway, AF_INET);
++
+ SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16);
+ SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16);
+ SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16);
+@@ -1278,19 +1283,53 @@
+ /********************************************************************
+ *
+ * sifdefaultroute - assign a default route through the address given.
++ *
++ * If the global default_rt_repl_rest flag is set, then this function
++ * already replaced the original system defaultroute with some other
++ * route and it should just replace the current defaultroute with
++ * another one, without saving the current route. Use: demand mode,
++ * when pppd sets first a defaultroute it it's temporary ppp0 addresses
++ * and then changes the temporary addresses to the addresses for the real
++ * ppp connection when it has come up.
+ */
+
+-int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway)
++int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace)
+ {
+- struct rtentry rt;
+-
+- if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) {
+- u_int32_t old_gateway = SIN_ADDR(rt.rt_gateway);
++ struct rtentry rt, tmp_rt;
++ struct rtentry *del_rt = NULL;
+
+- if (old_gateway != gateway)
+- error("not replacing existing default route to %s [%I]",
+- rt.rt_dev, old_gateway);
+- return 0;
++
++ if (default_rt_repl_rest) {
++ /* We have already reclaced the original defaultroute, if we
++ * are called again, we will delete the current default route
++ * and set the new default route in this function.
++ * - this is normally only the case the doing demand: */
++ if (defaultroute_exists( &tmp_rt ))
++ del_rt = &tmp_rt;
++ } else if ( defaultroute_exists( &old_def_rt ) &&
++ strcmp( old_def_rt.rt_dev, ifname ) != 0) {
++ /* We did not yet replace an existing default route, let's
++ * check if we should save and replace a default route:
++ */
++ u_int32_t old_gateway = SIN_ADDR(old_def_rt.rt_gateway);
++
++ if (old_gateway != gateway) {
++ if (!replace) {
++ error("not replacing default route to %s [%I]",
++ old_def_rt.rt_dev, old_gateway);
++ return 0;
++ } else {
++ // we need to copy rt_dev because we need it permanent too:
++ char * tmp_dev = malloc(strlen(old_def_rt.rt_dev)+1);
++ strcpy(tmp_dev, old_def_rt.rt_dev);
++ old_def_rt.rt_dev = tmp_dev;
++
++ notice("replacing old default route to %s [%I]",
++ old_def_rt.rt_dev, old_gateway);
++ default_rt_repl_rest = 1;
++ del_rt = &old_def_rt;
++ }
++ }
+ }
+
+ memset (&rt, '\0', sizeof (rt));
+@@ -1310,6 +1349,12 @@
+ error("default route ioctl(SIOCADDRT): %m(%d)", errno);
+ return 0;
+ }
++ if (default_rt_repl_rest && del_rt)
++ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) {
++ if ( ! ok_error ( errno ))
++ error("del old default route ioctl(SIOCDELRT): %m(%d)", errno);
++ return 0;
++ }
+
+ default_route_gateway = gateway;
+ return 1;
+@@ -1344,6 +1389,16 @@
+ error("default route ioctl(SIOCDELRT): %m (%d)", errno);
+ return 0;
+ }
++ }
++ if (default_rt_repl_rest) {
++ notice("restoring old default route to %s [%I]",
++ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway));
++ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) {
++ if ( ! ok_error ( errno ))
++ error("restore default route ioctl(SIOCADDRT): %m(%d)", errno);
++ return 0;
++ }
++ default_rt_repl_rest = 0;
+ }
+
+ return 1;
--- /dev/null
+Ensure that the fd returned by the connect method is closed before
+running external programs.
+
+http://article.gmane.org/gmane.linux.ppp/1371
+
+diff -ruNp ppp.orig/pppd/main.c ppp/pppd/main.c
+--- ppp.orig/pppd/main.c 2004-07-12 12:55:30.000000000 +0200
++++ ppp/pppd/main.c 2004-07-12 12:55:25.000000000 +0200
+@@ -1662,6 +1662,8 @@ run_program(prog, args, must_exist, done
+ closelog();
+ if (the_channel->close)
+ (*the_channel->close)();
++ else
++ close(devfd);
+
+ /* Don't pass handles to the PPP device, even by accident. */
+ dup2(fd_devnull, 0);
--- /dev/null
+sys_init() will open a socket and keep it open for the whole like of the
+process. If pppd is started without all standard fds open then the socket
+will get one of their numbers, which will be clobbered later by the
+/dev/null fd duplicated by main().
+
+See Debian bug #235192.
+
+diff -ruN ppp.orig/pppd/main.c ppp/pppd/main.c
+--- ppp.orig/pppd/main.c 2004-02-29 18:50:12.000000000 +0100
++++ ppp/pppd/main.c 2004-02-29 18:48:56.000000000 +0100
+@@ -385,11 +385,6 @@
+ if (dryrun)
+ die(0);
+
+- /*
+- * Initialize system-dependent stuff.
+- */
+- sys_init();
+-
+ /* Make sure fds 0, 1, 2 are open to somewhere. */
+ fd_devnull = open(_PATH_DEVNULL, O_RDWR);
+ if (fd_devnull < 0)
+@@ -401,6 +396,11 @@
+ fd_devnull = i;
+ }
+
++ /*
++ * Initialize system-dependent stuff.
++ */
++ sys_init();
++
+ #ifdef USE_TDB
+ pppdb = tdb_open(_PATH_PPPDB, 0, 0, O_RDWR|O_CREAT, 0644);
+ if (pppdb != NULL) {
--- /dev/null
+diff -ruN ppp.orig/pppd/auth.c ppp/pppd/auth.c
+--- ppp.orig/pppd/auth.c 2003-06-12 02:01:21.000000000 +0200
++++ ppp/pppd/auth.c 2003-12-02 14:48:40.000000000 +0100
+@@ -1292,8 +1292,10 @@
+ }
+ if (secret[0] != 0 && !login_secret) {
+ /* password given in pap-secrets - must match */
++#ifndef NO_CRYPT_HACK
+ if ((cryptpap || strcmp(passwd, secret) != 0)
+ && strcmp(crypt(passwd, secret), secret) != 0)
++#endif
+ ret = UPAP_AUTHNAK;
+ }
+ }
+@@ -1495,8 +1497,10 @@
+ /*
+ * If no passwd, don't let them login.
+ */
++#ifndef NO_CRYPT_HACK
+ if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2
+ || strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0)
++#endif
+ return (UPAP_AUTHNAK);
+
+ #endif /* #ifdef USE_PAM */
+diff -ruN ppp.orig/pppd/Makefile.linux ppp/pppd/Makefile.linux
+--- ppp.orig/pppd/Makefile.linux 2003-11-27 23:00:22.000000000 +0100
++++ ppp/pppd/Makefile.linux 2003-12-02 14:47:53.000000000 +0100
+@@ -116,12 +116,16 @@
+ #LIBS += -lshadow $(LIBS)
+ endif
+
++ifdef NO_CRYPT_HACK
++CFLAGS += -DNO_CRYPT_HACK
++else
+ ifneq ($(wildcard /usr/include/crypt.h),)
+ CFLAGS += -DHAVE_CRYPT_H=1
+ endif
+ ifneq ($(wildcard /usr/lib/libcrypt.*),)
+ LIBS += -lcrypt
+ endif
++endif
+
+ ifdef NEEDDES
+ ifndef USE_CRYPT
--- /dev/null
+--- ppp/pppd/demand.c
++++ ppp/pppd/demand.c 2000/06/28 14:54:04
+@@ -25,6 +25,8 @@
+ #include <errno.h>
+ #include <fcntl.h>
+ #include <netdb.h>
++#include <unistd.h>
++#include <syslog.h>
+ #include <sys/param.h>
+ #include <sys/types.h>
+ #include <sys/wait.h>
+@@ -32,6 +34,8 @@
+ #include <sys/resource.h>
+ #include <sys/stat.h>
+ #include <sys/socket.h>
++#include <netinet/in.h>
++#include <arpa/inet.h>
+ #ifdef PPP_FILTER
+ #include <net/if.h>
+ #include <net/bpf.h>
+@@ -210,6 +214,14 @@
+ int c, rv;
+
+ rv = 0;
++
++/* check for synchronous connection... */
++
++ if ( (p[0] == 0xFF) && (p[1] == 0x03) ) {
++ rv = loop_frame(p,n);
++ return rv;
++ }
++
+ for (; n > 0; --n) {
+ c = *p++;
+ if (c == PPP_FLAG) {
+@@ -288,17 +300,102 @@
+ * loopback, now that the real serial link is up.
+ */
+ void
+-demand_rexmit(proto)
++demand_rexmit(proto, newip)
+ int proto;
++ u_int32_t newip;
+ {
+ struct packet *pkt, *prev, *nextpkt;
++ unsigned short checksum;
++ unsigned short pkt_checksum = 0;
++ unsigned iphdr;
++ struct timeval tv;
++ char cv = 0;
++ char ipstr[16];
+
+ prev = NULL;
+ pkt = pend_q;
+ pend_q = NULL;
++ tv.tv_sec = 1;
++ tv.tv_usec = 0;
++ select(0,NULL,NULL,NULL,&tv); /* Sleep for 1 Seconds */
+ for (; pkt != NULL; pkt = nextpkt) {
+ nextpkt = pkt->next;
+ if (PPP_PROTOCOL(pkt->data) == proto) {
++ if ( (proto == PPP_IP) && newip ) {
++ /* Get old checksum */
++
++ iphdr = (pkt->data[4] & 15) << 2;
++ checksum = *((unsigned short *) (pkt->data+14));
++ if (checksum == 0xFFFF) {
++ checksum = 0;
++ }
++
++
++ if (pkt->data[13] == 17) {
++ pkt_checksum = *((unsigned short *) (pkt->data+10+iphdr));
++ if (pkt_checksum) {
++ cv = 1;
++ if (pkt_checksum == 0xFFFF) {
++ pkt_checksum = 0;
++ }
++ }
++ else {
++ cv = 0;
++ }
++ }
++
++ if (pkt->data[13] == 6) {
++ pkt_checksum = *((unsigned short *) (pkt->data+20+iphdr));
++ cv = 1;
++ if (pkt_checksum == 0xFFFF) {
++ pkt_checksum = 0;
++ }
++ }
++
++ /* Delete old Source-IP-Address */
++ checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
++ checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
++
++ pkt_checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
++ pkt_checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
++
++ /* Change Source-IP-Address */
++ * ((u_int32_t *) (pkt->data + 16)) = newip;
++
++ /* Add new Source-IP-Address */
++ checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
++ checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
++
++ pkt_checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
++ pkt_checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
++
++ /* Write new checksum */
++ if (!checksum) {
++ checksum = 0xFFFF;
++ }
++ *((unsigned short *) (pkt->data+14)) = checksum;
++ if (pkt->data[13] == 6) {
++ *((unsigned short *) (pkt->data+20+iphdr)) = pkt_checksum;
++ }
++ if (cv && (pkt->data[13] == 17) ) {
++ *((unsigned short *) (pkt->data+10+iphdr)) = pkt_checksum;
++ }
++
++ /* Log Packet */
++ strcpy(ipstr,inet_ntoa(*( (struct in_addr *) (pkt->data+16))));
++ if (pkt->data[13] == 1) {
++ syslog(LOG_INFO,"Open ICMP %s -> %s\n",
++ ipstr,
++ inet_ntoa(*( (struct in_addr *) (pkt->data+20))));
++ } else {
++ syslog(LOG_INFO,"Open %s %s:%d -> %s:%d\n",
++ pkt->data[13] == 6 ? "TCP" : "UDP",
++ ipstr,
++ ntohs(*( (short *) (pkt->data+iphdr+4))),
++ inet_ntoa(*( (struct in_addr *) (pkt->data+20))),
++ ntohs(*( (short *) (pkt->data+iphdr+6))));
++ }
++ }
+ output(0, pkt->data, pkt->length);
+ free(pkt);
+ } else {
+--- ppp/pppd/ipcp.c
++++ ppp/pppd/ipcp.c 2000/06/28 12:32:05
+@@ -1454,7 +1454,7 @@
+ proxy_arp_set[f->unit] = 1;
+
+ }
+- demand_rexmit(PPP_IP);
++ demand_rexmit(PPP_IP,go->ouraddr);
+ sifnpmode(f->unit, PPP_IP, NPMODE_PASS);
+
+ } else {
+--- ppp/pppd/ipv6cp.c
++++ ppp/pppd/ipv6cp.c 2000/06/28 12:32:06
+@@ -1153,7 +1153,7 @@
+ }
+
+ }
+- demand_rexmit(PPP_IPV6);
++ demand_rexmit(PPP_IPV6,0);
+ sifnpmode(f->unit, PPP_IPV6, NPMODE_PASS);
+
+ } else {
+--- ppp/pppd/pppd.h
++++ ppp/pppd/pppd.h 2000/06/28 12:32:06
+@@ -359,7 +359,7 @@
+ void demand_block __P((void)); /* set all NPs to queue up packets */
+ void demand_unblock __P((void)); /* set all NPs to pass packets */
+ void demand_discard __P((void)); /* set all NPs to discard packets */
+-void demand_rexmit __P((int)); /* retransmit saved frames for an NP */
++void demand_rexmit __P((int, u_int32_t)); /* retransmit saved frames for an NP*/
+ int loop_chars __P((unsigned char *, int)); /* process chars from loopback */
+ int loop_frame __P((unsigned char *, int)); /* should we bring link up? */
+
--- /dev/null
+diff -ruN ppp.orig/pppd/chap-new.c ppp/pppd/chap-new.c
+--- ppp.orig/pppd/chap-new.c 2003-11-27 23:25:17.000000000 +0100
++++ ppp/pppd/chap-new.c 2003-12-02 12:26:21.000000000 +0100
+@@ -57,6 +57,7 @@
+ int chap_timeout_time = 3;
+ int chap_max_transmits = 10;
+ int chap_rechallenge_time = 0;
++int chapms_strip_domain = 0;
+
+ /*
+ * Command-line options.
+@@ -68,6 +69,8 @@
+ "Set max #xmits for challenge", OPT_PRIO },
+ { "chap-interval", o_int, &chap_rechallenge_time,
+ "Set interval for rechallenge", OPT_PRIO },
++ { "chapms-strip-domain", o_bool, &chapms_strip_domain,
++ "Strip the domain prefix before the Username", 1 },
+ { NULL }
+ };
+
+@@ -338,6 +341,14 @@
+ /* Null terminate and clean remote name. */
+ slprintf(rname, sizeof(rname), "%.*v", len, name);
+ name = rname;
++
++ /* strip the MS domain name */
++ if (chapms_strip_domain && strrchr(rname, '\\')) {
++ char tmp[MAXNAMELEN+1];
++
++ strcpy(tmp, strrchr(rname, '\\') + 1);
++ strcpy(rname, tmp);
++ }
+ }
+
+ if (chap_verify_hook)
--- /dev/null
+diff -ruN ppp-2.4.1.uus.orig/pppdump/ppp-comp.h ppp-2.4.1.uus/pppdump/ppp-comp.h
+--- ppp-2.4.1.uus.orig/pppdump/ppp-comp.h 1999-03-23 04:21:01.000000000 +0100
++++ ppp-2.4.1.uus/pppdump/ppp-comp.h 2003-08-09 23:54:49.000000000 +0200
+@@ -37,6 +37,8 @@
+ #ifndef DO_BSD_COMPRESS
+ #define DO_BSD_COMPRESS 1 /* by default, include BSD-Compress */
+ #endif
++#undef DO_DEFLATE
++#define DO_DEFLATE 0
+ #ifndef DO_DEFLATE
+ #define DO_DEFLATE 1 /* by default, include Deflate */
+ #endif
--- /dev/null
+diff -ruN ppp.orig/pppd/options.c ppp/pppd/options.c
+--- ppp.orig/pppd/options.c 2004-02-27 19:45:18.000000000 +0100
++++ ppp/pppd/options.c 2004-02-27 19:44:48.000000000 +0100
+@@ -1448,6 +1448,7 @@
+ if ((fname = (char *) malloc(l)) == NULL)
+ novm("call file name");
+ slprintf(fname, l, "%s%s", _PATH_PEERFILES, arg);
++ script_setenv("CALL_FILE", arg, 0);
+
+ ok = options_from_file(fname, 1, 1, 1);
+
+diff -ruN ppp.orig/pppd/pppd.8 ppp/pppd/pppd.8
+--- ppp.orig/pppd/pppd.8 2004-02-27 19:45:18.000000000 +0100
++++ ppp/pppd/pppd.8 2004-02-27 19:45:13.000000000 +0100
+@@ -1569,6 +1569,9 @@
+ .B LINKNAME
+ The logical name of the link, set with the \fIlinkname\fR option.
+ .TP
++.B CALL_FILE
++The value of the \fIcall\fR option.
++.TP
+ .B DNS1
+ If the peer supplies DNS server addresses, this variable is set to the
+ first DNS server address supplied.
--- /dev/null
+diff -ruN ppp.orig/pppd/pppd.h ppp/pppd/pppd.h
+--- ppp.orig/pppd/pppd.h 2003-11-28 00:30:27.000000000 +0100
++++ ppp/pppd/pppd.h 2003-11-28 00:30:20.000000000 +0100
+@@ -812,7 +812,7 @@
+ || defined(DEBUGCHAP) || defined(DEBUG) || defined(DEBUGIPV6CP)
+ #define LOG_PPP LOG_LOCAL2
+ #else
+-#define LOG_PPP LOG_DAEMON
++#define LOG_PPP LOG_LOCAL2
+ #endif
+ #endif /* LOG_PPP */
+
--- /dev/null
+diff -ruN ppp-2.4.2-old/chat/Makefile.linux ppp-2.4.2-new/chat/Makefile.linux
+--- ppp-2.4.2-old/chat/Makefile.linux 2004-01-13 04:57:55.000000000 +0100
++++ ppp-2.4.2-new/chat/Makefile.linux 2004-08-23 12:48:50.000000000 +0200
+@@ -6,8 +6,9 @@
+ CDEF4= -DFNDELAY=O_NDELAY # Old name value
+ CDEFS= $(CDEF1) $(CDEF2) $(CDEF3) $(CDEF4)
+
+-COPTS= -O2 -g -pipe $(CDEFS)
+-CFLAGS= $(COPTS) $(CDEFS)
++COPTS = -O2
++COMPILE_FLAGS = $(CDEFS)
++CFLAGS = $(COPTS) $(COMPILE_FLAGS)
+
+ INSTALL= install
+
+diff -ruN ppp-2.4.2-old/pppd/Makefile.linux ppp-2.4.2-new/pppd/Makefile.linux
+--- ppp-2.4.2-old/pppd/Makefile.linux 2003-11-27 22:55:19.000000000 +0100
++++ ppp-2.4.2-new/pppd/Makefile.linux 2004-08-23 12:48:50.000000000 +0200
+@@ -47,19 +47,19 @@
+ # Uncomment the next line to include support for PPP packet filtering.
+ # This requires that the libpcap library and headers be installed
+ # and that the kernel driver support PPP packet filtering.
+-FILTER=y
++#FILTER=y
+
+ # Uncomment the next line to enable multilink PPP (enabled by default)
+ # Linux distributions: Please leave multilink ENABLED in your builds
+ # of pppd!
+-HAVE_MULTILINK=y
++#HAVE_MULTILINK=y
+
+ # Uncomment the next line to enable the TDB database (enabled by default.)
+ # If you enable multilink, then TDB is automatically enabled also.
+ # Linux distributions: Please leave TDB ENABLED in your builds.
+-USE_TDB=y
++#USE_TDB=y
+
+-HAS_SHADOW=y
++#HAS_SHADOW=y
+ #USE_PAM=y
+ #HAVE_INET6=y
+
+@@ -76,7 +76,7 @@
+
+ INCLUDE_DIRS= -I../include
+
+-COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP
++COMPILE_FLAGS= -DHAVE_PATHS_H
+
+ CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS)
+
+@@ -192,7 +192,7 @@
+ CFLAGS += -DMAXOCTETS
+ endif
+
+-INSTALL= install -o root
++INSTALL= install
+
+ all: $(TARGETS)
+
+diff -ruN ppp-2.4.2-old/pppd/plugins/Makefile.linux ppp-2.4.2-new/pppd/plugins/Makefile.linux
+--- ppp-2.4.2-old/pppd/plugins/Makefile.linux 2004-01-13 04:56:24.000000000 +0100
++++ ppp-2.4.2-new/pppd/plugins/Makefile.linux 2004-08-23 12:48:50.000000000 +0200
+@@ -1,12 +1,16 @@
+-CC = gcc
+-COPTS = -O2 -g
+-CFLAGS = $(COPTS) -I.. -I../../include -fPIC
+-LDFLAGS = -shared
+-INSTALL = install -o root
++#CC = gcc
++COPTS = -O2
++COMPILE_FLAGS = -I.. -I../../include -fPIC
++LIBS =
++
++INSTALL = install
++
++CFLAGS = $(COPTS) $(COMPILE_FLAGS)
++LDFLAGS = -shared
+
+ SUBDIRS := rp-pppoe
+ # Uncomment the next line to include the radius authentication plugin
+-# SUBDIRS += radius
++SUBDIRS += radius
+ PLUGINS := minconn.so passprompt.so passwordfd.so
+
+ # include dependencies if present
+diff -ruN ppp-2.4.2-old/pppd/plugins/radius/Makefile.linux ppp-2.4.2-new/pppd/plugins/radius/Makefile.linux
+--- ppp-2.4.2-old/pppd/plugins/radius/Makefile.linux 2002-11-09 12:24:42.000000000 +0100
++++ ppp-2.4.2-new/pppd/plugins/radius/Makefile.linux 2004-08-23 12:57:38.000000000 +0200
+@@ -5,7 +5,12 @@
+
+ MANDIR=/usr/man
+ PLUGIN=radius.so radattr.so radrealms.so
+-CFLAGS=-I../.. -I../../../include -Iradiusclient/include -O2
++COPTS = -O2
++COMPILE_FLAGS = -I../.. -I../../../include -Iradiusclient/include -fPIC
++LIBS=
++
++CFLAGS=$(COPTS) $(COMPILE_FLAGS)
++LDFLAGS=-lradiusclient
+
+ # Uncomment the next line to include support for Microsoft's
+ # MS-CHAP authentication protocol.
+@@ -37,29 +42,34 @@
+ $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)/man8
+
+ radius.so: radiusclient/lib/.libs/libradiusclient.a radius.o
+- gcc -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a
++ $(CC) -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a
+
+ radattr.so: radattr.o
+- gcc -o radattr.so -shared radattr.o
++ $(CC) -o radattr.so -shared radattr.o
+
+ radrealms.so: radrealms.o
+- gcc -o radrealms.so -shared radrealms.o
++ $(CC) -o radrealms.so -shared radrealms.o
+
+ radius.o: radius.c
+- gcc $(CFLAGS) -c -o radius.o -fPIC radius.c
++ $(CC) -c $(CFLAGS) radius.c -o radius.o
+
+ radattr.o: radattr.c
+- gcc $(CFLAGS) -c -o radattr.o -fPIC radattr.c
++ $(CC) -c $(CFLAGS) radattr.c -o radattr.o
+
+ radrealms.o: radrealms.c
+- gcc $(CFLAGS) -c -o radrealms.o -fPIC radrealms.c
++ $(CC) -c $(CFLAGS) radrealms.c -o radrealms.o
+
+ radiusclient/lib/.libs/libradiusclient.a:
+ test -r radiusclient/Makefile || \
+ (cd radiusclient; \
++ rm -f config.cache ; \
++ aclocal ; \
++ autoconf ; \
++ ac_cv_func_setvbuf_reversed=no \
++ ac_cv_func_uname=no \
+ ./configure --prefix=/usr \
+ --sysconfdir=/etc \
+- --enable-shared \
++ --disable-shared \
+ --enable-static)
+ $(MAKE) -C radiusclient
+
+diff -ruN ppp-2.4.2-old/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.2-new/pppd/plugins/rp-pppoe/Makefile.linux
+--- ppp-2.4.2-old/pppd/plugins/rp-pppoe/Makefile.linux 2004-01-13 04:57:55.000000000 +0100
++++ ppp-2.4.2-new/pppd/plugins/rp-pppoe/Makefile.linux 2004-08-23 12:48:50.000000000 +0200
+@@ -16,12 +16,16 @@
+ # Version is set ONLY IN THE MAKEFILE! Don't delete this!
+ VERSION=3.3
+
+-COPTS=-O2 -g
+-CFLAGS=$(COPTS) -I../../../include/linux
++#CC = gcc
++COPTS = -O2
++COMPILE_FLAGS = -I../../../include/linux -fPIC
++
++CFLAGS = $(COPTS) $(COMPILE_FLAGS)
++
+ all: rp-pppoe.so
+
+ rp-pppoe.so: libplugin.a plugin.o
+- gcc -o rp-pppoe.so -shared plugin.o libplugin.a
++ $(CC) -o rp-pppoe.so -shared plugin.o libplugin.a
+
+ install: all
+ $(INSTALL) -d -m 755 $(LIBDIR)
+@@ -31,20 +35,20 @@
+ rm -f *.o *.so
+
+ plugin.o: plugin.c
+- gcc '-DRP_VERSION="$(VERSION)"' $(CFLAGS) -I../../.. -c -o plugin.o -fPIC plugin.c
++ $(CC) -c $(CFLAGS) plugin.c '-DRP_VERSION="$(VERSION)"' -I../../.. -o plugin.o
+
+ libplugin.a: discovery.o if.o common.o debug.o
+- ar -rc $@ $^
++ $(AR) -rc $@ $^
+
+ discovery.o: discovery.c
+- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o discovery.o -fPIC discovery.c
++ $(CC) -c $(CFLAGS) discovery.c '-DVERSION="$(VERSION)"' -o discovery.o
+
+ if.o: if.c
+- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o if.o -fPIC if.c
++ $(CC) -c $(CFLAGS) if.c '-DVERSION="$(VERSION)"' -o if.o
+
+ debug.o: debug.c
+- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o debug.o -fPIC debug.c
++ $(CC) -c $(CFLAGS) debug.c '-DVERSION="$(VERSION)"' -o debug.o
+
+ common.o: common.c
+- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o common.o -fPIC common.c
++ $(CC) -c $(CFLAGS) common.c '-DVERSION="$(VERSION)"' -o common.o
+
+diff -ruN ppp-2.4.2-old/pppdump/Makefile.linux ppp-2.4.2-new/pppdump/Makefile.linux
+--- ppp-2.4.2-old/pppdump/Makefile.linux 1999-07-26 13:09:29.000000000 +0200
++++ ppp-2.4.2-new/pppdump/Makefile.linux 2004-08-23 12:48:50.000000000 +0200
+@@ -1,4 +1,8 @@
+-CFLAGS= -O -I../include/net
++#CC = gcc
++COPTS = -O
++COMPILE_FLAGS = -I../include/net
++CFLAGS= $(COPTS) $(COMPILE_FLAGS)
++
+ OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
+
+ INSTALL= install
+diff -ruN ppp-2.4.2-old/pppstats/Makefile.linux ppp-2.4.2-new/pppstats/Makefile.linux
+--- ppp-2.4.2-old/pppstats/Makefile.linux 2002-11-09 12:24:43.000000000 +0100
++++ ppp-2.4.2-new/pppstats/Makefile.linux 2004-08-23 12:48:50.000000000 +0200
+@@ -7,11 +7,11 @@
+ PPPSTATOBJS = pppstats.o
+
+ #CC = gcc
+-COPTS = -O
++COPTS = -O2
+ COMPILE_FLAGS = -I../include
+ LIBS =
+
+-INSTALL= install -o root -g daemon
++INSTALL= install
+
+ CFLAGS = $(COPTS) $(COMPILE_FLAGS)
+
--- /dev/null
+diff -ruN ppp-2.4.2.orig/include/linux/ppp-comp.h ppp-2.4.2-stdopt/include/linux/ppp-comp.h
+--- ppp-2.4.2.orig/include/linux/ppp-comp.h 2002-12-06 10:49:15.000000000 +0100
++++ ppp-2.4.2-stdopt/include/linux/ppp-comp.h 2004-01-21 06:51:09.000000000 +0100
+@@ -36,7 +36,7 @@
+ */
+
+ /*
+- * ==FILEVERSION 20020319==
++ * ==FILEVERSION 20020715==
+ *
+ * NOTE TO MAINTAINERS:
+ * If you modify this file at all, please set the above date.
+@@ -86,7 +86,7 @@
+
+ /* Compress a packet */
+ int (*compress) (void *state, unsigned char *rptr,
+- unsigned char *obuf, int isize, int osize);
++ unsigned char *obuf, int isize, int osize);
+
+ /* Return compression statistics */
+ void (*comp_stat) (void *state, struct compstat *stats);
+@@ -107,7 +107,7 @@
+
+ /* Decompress a packet. */
+ int (*decompress) (void *state, unsigned char *ibuf, int isize,
+- unsigned char *obuf, int osize);
++ unsigned char *obuf, int osize);
+
+ /* Update state for an incompressible packet received */
+ void (*incomp) (void *state, unsigned char *ibuf, int icnt);
+@@ -288,6 +288,33 @@
+ opts |= MPPE_OPT_UNKNOWN; \
+ } while (/* CONSTCOND */ 0)
+
++/* MPPE/MPPC definitions by J.D.*/
++#define MPPE_STATELESS MPPE_H_BIT /* configuration bit H */
++#define MPPE_40BIT MPPE_L_BIT /* configuration bit L */
++#define MPPE_56BIT MPPE_M_BIT /* configuration bit M */
++#define MPPE_128BIT MPPE_S_BIT /* configuration bit S */
++#define MPPE_MPPC MPPE_C_BIT /* configuration bit C */
++
++/*
++ * Definitions for Stac LZS.
++ */
++
++#define CI_LZS 17 /* config option for Stac LZS */
++#define CILEN_LZS 5 /* length of config option */
++
++#define LZS_OVHD 4 /* max. LZS overhead */
++#define LZS_HIST_LEN 2048 /* LZS history size */
++#define LZS_MAX_CCOUNT 0x0FFF /* max. coherency counter value */
++
++#define LZS_MODE_NONE 0
++#define LZS_MODE_LCB 1
++#define LZS_MODE_CRC 2
++#define LZS_MODE_SEQ 3
++#define LZS_MODE_EXT 4
++
++#define LZS_EXT_BIT_FLUSHED 0x80 /* bit A */
++#define LZS_EXT_BIT_COMP 0x20 /* bit C */
++
+ /*
+ * Definitions for other, as yet unsupported, compression methods.
+ */
+diff -ruN ppp-2.4.2.orig/include/net/ppp-comp.h ppp-2.4.2-stdopt/include/net/ppp-comp.h
+--- ppp-2.4.2.orig/include/net/ppp-comp.h 2002-12-06 10:49:15.000000000 +0100
++++ ppp-2.4.2-stdopt/include/net/ppp-comp.h 2004-01-21 06:51:09.000000000 +0100
+@@ -255,6 +255,33 @@
+ opts |= MPPE_OPT_UNKNOWN; \
+ } while (/* CONSTCOND */ 0)
+
++/* MPPE/MPPC definitions by J.D.*/
++#define MPPE_STATELESS MPPE_H_BIT /* configuration bit H */
++#define MPPE_40BIT MPPE_L_BIT /* configuration bit L */
++#define MPPE_56BIT MPPE_M_BIT /* configuration bit M */
++#define MPPE_128BIT MPPE_S_BIT /* configuration bit S */
++#define MPPE_MPPC MPPE_C_BIT /* configuration bit C */
++
++/*
++ * Definitions for Stac LZS.
++ */
++
++#define CI_LZS 17 /* config option for Stac LZS */
++#define CILEN_LZS 5 /* length of config option */
++
++#define LZS_OVHD 4 /* max. LZS overhead */
++#define LZS_HIST_LEN 2048 /* LZS history size */
++#define LZS_MAX_CCOUNT 0x0FFF /* max. coherency counter value */
++
++#define LZS_MODE_NONE 0
++#define LZS_MODE_LCB 1
++#define LZS_MODE_CRC 2
++#define LZS_MODE_SEQ 3
++#define LZS_MODE_EXT 4
++
++#define LZS_EXT_BIT_FLUSHED 0x80 /* bit A */
++#define LZS_EXT_BIT_COMP 0x20 /* bit C */
++
+ /*
+ * Definitions for other, as yet unsupported, compression methods.
+ */
+diff -ruN ppp-2.4.2.orig/pppd/ccp.c ppp-2.4.2-stdopt/pppd/ccp.c
+--- ppp-2.4.2.orig/pppd/ccp.c 2003-05-01 14:30:28.000000000 +0200
++++ ppp-2.4.2-stdopt/pppd/ccp.c 2004-05-02 14:10:04.000000000 +0200
+@@ -67,13 +67,6 @@
+ static char bsd_value[8];
+ static char deflate_value[8];
+
+-/*
+- * Option variables.
+- */
+-#ifdef MPPE
+-bool refuse_mppe_stateful = 1; /* Allow stateful mode? */
+-#endif
+-
+ static option_t ccp_option_list[] = {
+ { "noccp", o_bool, &ccp_protent.enabled_flag,
+ "Disable CCP negotiation" },
+@@ -113,54 +106,87 @@
+ "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
+ &ccp_allowoptions[0].predictor_1 },
+
++ { "lzs", o_bool, &ccp_wantoptions[0].lzs,
++ "request Stac LZS", 1, &ccp_allowoptions[0].lzs, OPT_PRIO },
++ { "+lzs", o_bool, &ccp_wantoptions[0].lzs,
++ "request Stac LZS", 1, &ccp_allowoptions[0].lzs, OPT_ALIAS | OPT_PRIO },
++ { "nolzs", o_bool, &ccp_wantoptions[0].lzs,
++ "don't allow Stac LZS", OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].lzs },
++ { "-lzs", o_bool, &ccp_wantoptions[0].lzs,
++ "don't allow Stac LZS", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].lzs },
++
+ #ifdef MPPE
+- /* MPPE options are symmetrical ... we only set wantoptions here */
++ { "mppc", o_bool, &ccp_wantoptions[0].mppc,
++ "request MPPC compression", 1, &ccp_allowoptions[0].mppc, OPT_PRIO },
++ { "+mppc", o_bool, &ccp_wantoptions[0].mppc,
++ "request MPPC compression", 1, &ccp_allowoptions[0].mppc,
++ OPT_ALIAS | OPT_PRIO },
++ { "nomppc", o_bool, &ccp_wantoptions[0].mppc,
++ "don't allow MPPC compression", OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppc },
++ { "-mppc", o_bool, &ccp_wantoptions[0].mppc,
++ "don't allow MPPC compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppc },
++
+ { "require-mppe", o_bool, &ccp_wantoptions[0].mppe,
+- "require MPPE encryption",
+- OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 },
++ "require MPPE encryption", 1, &ccp_allowoptions[0].mppe, OPT_PRIO },
+ { "+mppe", o_bool, &ccp_wantoptions[0].mppe,
+- "require MPPE encryption",
+- OPT_ALIAS | OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 },
++ "require MPPE encryption", 1, &ccp_allowoptions[0].mppe,
++ OPT_ALIAS | OPT_PRIO },
+ { "nomppe", o_bool, &ccp_wantoptions[0].mppe,
+- "don't allow MPPE encryption", OPT_PRIO },
++ "don't allow MPPE encryption", OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe },
+ { "-mppe", o_bool, &ccp_wantoptions[0].mppe,
+- "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIO },
++ "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe },
+
+- /* We use ccp_allowoptions[0].mppe as a junk var ... it is reset later */
+- { "require-mppe-40", o_bool, &ccp_allowoptions[0].mppe,
+- "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40,
+- &ccp_wantoptions[0].mppe },
+- { "+mppe-40", o_bool, &ccp_allowoptions[0].mppe,
+- "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40,
+- &ccp_wantoptions[0].mppe },
+- { "nomppe-40", o_bool, &ccp_allowoptions[0].mppe,
+- "don't allow MPPE 40-bit encryption",
+- OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, &ccp_wantoptions[0].mppe },
+- { "-mppe-40", o_bool, &ccp_allowoptions[0].mppe,
+- "don't allow MPPE 40-bit encryption",
+- OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40,
+- &ccp_wantoptions[0].mppe },
+-
+- { "require-mppe-128", o_bool, &ccp_allowoptions[0].mppe,
+- "require MPPE 128-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_128,
+- &ccp_wantoptions[0].mppe },
+- { "+mppe-128", o_bool, &ccp_allowoptions[0].mppe,
+- "require MPPE 128-bit encryption",
+- OPT_ALIAS | OPT_PRIO | OPT_A2OR | MPPE_OPT_128,
+- &ccp_wantoptions[0].mppe },
+- { "nomppe-128", o_bool, &ccp_allowoptions[0].mppe,
+- "don't allow MPPE 128-bit encryption",
+- OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, &ccp_wantoptions[0].mppe },
+- { "-mppe-128", o_bool, &ccp_allowoptions[0].mppe,
+- "don't allow MPPE 128-bit encryption",
+- OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128,
+- &ccp_wantoptions[0].mppe },
+-
+- /* strange one; we always request stateless, but will we allow stateful? */
+- { "mppe-stateful", o_bool, &refuse_mppe_stateful,
+- "allow MPPE stateful mode", OPT_PRIO },
+- { "nomppe-stateful", o_bool, &refuse_mppe_stateful,
+- "disallow MPPE stateful mode", OPT_PRIO | 1 },
++ { "require-mppe-40", o_bool, &ccp_wantoptions[0].mppe_40,
++ "require MPPE 40-bit encryption", 1, &ccp_allowoptions[0].mppe_40,
++ OPT_PRIO },
++ { "+mppe-40", o_bool, &ccp_wantoptions[0].mppe_40,
++ "require MPPE 40-bit encryption", 1, &ccp_allowoptions[0].mppe_40,
++ OPT_ALIAS | OPT_PRIO },
++ { "nomppe-40", o_bool, &ccp_wantoptions[0].mppe_40,
++ "don't allow MPPE 40-bit encryption", OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe_40 },
++ { "-mppe-40", o_bool, &ccp_wantoptions[0].mppe_40,
++ "don't allow MPPE 40-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe_40 },
++
++ { "require-mppe-56", o_bool, &ccp_wantoptions[0].mppe_56,
++ "require MPPE 56-bit encryption", 1, &ccp_allowoptions[0].mppe_56,
++ OPT_PRIO },
++ { "+mppe-56", o_bool, &ccp_wantoptions[0].mppe_56,
++ "require MPPE 56-bit encryption", 1, &ccp_allowoptions[0].mppe_56,
++ OPT_ALIAS | OPT_PRIO },
++ { "nomppe-56", o_bool, &ccp_wantoptions[0].mppe_56,
++ "don't allow MPPE 56-bit encryption", OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe_56 },
++ { "-mppe-56", o_bool, &ccp_wantoptions[0].mppe_56,
++ "don't allow MPPE 56-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe_56 },
++
++ { "require-mppe-128", o_bool, &ccp_wantoptions[0].mppe_128,
++ "require MPPE 128-bit encryption", 1, &ccp_allowoptions[0].mppe_128,
++ OPT_PRIO },
++ { "+mppe-128", o_bool, &ccp_wantoptions[0].mppe_128,
++ "require MPPE 128-bit encryption", 1, &ccp_allowoptions[0].mppe_128,
++ OPT_ALIAS | OPT_PRIO },
++ { "nomppe-128", o_bool, &ccp_wantoptions[0].mppe_40,
++ "don't allow MPPE 128-bit encryption", OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe_128 },
++ { "-mppe-128", o_bool, &ccp_wantoptions[0].mppe_128,
++ "don't allow MPPE 128-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe_128 },
++
++ { "nomppe-stateful", o_bool, &ccp_wantoptions[0].mppe_stateless,
++ "disallow MPPE stateful mode", 1, &ccp_allowoptions[0].mppe_stateless,
++ OPT_PRIO },
++ { "mppe-stateful", o_bool, &ccp_wantoptions[0].mppe_stateless,
++ "allow MPPE stateful mode", OPT_PRIOSUB | OPT_A2CLR,
++ &ccp_allowoptions[0].mppe_stateless },
+ #endif /* MPPE */
+
+ { NULL }
+@@ -246,7 +272,7 @@
+ */
+ #define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \
+ || (opt).predictor_1 || (opt).predictor_2 \
+- || (opt).mppe)
++ || (opt).lzs || (opt).mppc || (opt).mppe)
+
+ /*
+ * Local state (mainly for handling reset-reqs and reset-acks).
+@@ -383,6 +409,30 @@
+ ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS;
+
+ ccp_allowoptions[0].predictor_1 = 1;
++
++ ccp_wantoptions[0].lzs = 0; /* Stac LZS - will be enabled in the future */
++ ccp_wantoptions[0].lzs_mode = LZS_MODE_SEQ;
++ ccp_wantoptions[0].lzs_hists = 1;
++ ccp_allowoptions[0].lzs = 0; /* Stac LZS - will be enabled in the future */
++ ccp_allowoptions[0].lzs_mode = LZS_MODE_SEQ;
++ ccp_allowoptions[0].lzs_hists = 1;
++
++#ifdef MPPE
++ /* by default allow and request MPPC... */
++ ccp_wantoptions[0].mppc = ccp_allowoptions[0].mppc = 1;
++
++ /* ... and allow but don't request MPPE */
++ ccp_allowoptions[0].mppe = 1;
++ ccp_allowoptions[0].mppe_40 = 1;
++ ccp_allowoptions[0].mppe_56 = 1;
++ ccp_allowoptions[0].mppe_128 = 1;
++ ccp_allowoptions[0].mppe_stateless = 1;
++ ccp_wantoptions[0].mppe = 0;
++ ccp_wantoptions[0].mppe_40 = 0;
++ ccp_wantoptions[0].mppe_56 = 0;
++ ccp_wantoptions[0].mppe_128 = 0;
++ ccp_wantoptions[0].mppe_stateless = 0;
++#endif /* MPPE */
+ }
+
+ /*
+@@ -460,11 +510,11 @@
+ if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) {
+ notice("Compression disabled by peer.");
+ #ifdef MPPE
+- if (ccp_gotoptions[unit].mppe) {
++ if (ccp_wantoptions[unit].mppe) {
+ error("MPPE disabled, closing LCP");
+ lcp_close(unit, "MPPE disabled by peer");
+ }
+-#endif
++#endif /* MPPE */
+ }
+
+ /*
+@@ -492,6 +542,15 @@
+ break;
+ /* send a reset-ack, which the transmitter will see and
+ reset its compression state. */
++
++ /* In case of MPPE/MPPC or LZS we shouldn't send CCP_RESETACK,
++ but we do it in order to reset compressor; CCP_RESETACK is
++ then silently discarded. See functions ppp_send_frame and
++ ppp_ccp_peek in ppp_generic.c (Linux only !!!). All the
++ confusion is caused by the fact that CCP code is splited
++ into two parts - one part is handled by pppd, the other one
++ is handled by kernel. */
++
+ fsm_sdata(f, CCP_RESETACK, id, NULL, 0);
+ break;
+
+@@ -520,12 +579,11 @@
+ fsm_lowerdown(&ccp_fsm[unit]);
+
+ #ifdef MPPE
+- if (ccp_gotoptions[unit].mppe) {
++ if (ccp_wantoptions[unit].mppe) {
+ error("MPPE required but peer negotiation failed");
+ lcp_close(unit, "MPPE required but peer negotiation failed");
+ }
+-#endif
+-
++#endif /* MPPE */
+ }
+
+ /*
+@@ -542,7 +600,7 @@
+ all_rejected[f->unit] = 0;
+
+ #ifdef MPPE
+- if (go->mppe) {
++ if (go->mppe || go->mppc) {
+ ccp_options *ao = &ccp_allowoptions[f->unit];
+ int auth_mschap_bits = auth_done[f->unit];
+ int numbits;
+@@ -556,80 +614,109 @@
+ * NB: If MPPE is required, all other compression opts are invalid.
+ * So, we return right away if we can't do it.
+ */
++ if (ccp_wantoptions[f->unit].mppe) {
++ /* Leave only the mschap auth bits set */
++ auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER |
++ CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
++ /* Count the mschap auths */
++ auth_mschap_bits >>= CHAP_MS_SHIFT;
++ numbits = 0;
++ do {
++ numbits += auth_mschap_bits & 1;
++ auth_mschap_bits >>= 1;
++ } while (auth_mschap_bits);
++ if (numbits > 1) {
++ error("MPPE required, but auth done in both directions.");
++ lcp_close(f->unit, "MPPE required but not available");
++ return;
++ }
++ if (!numbits) {
++ error("MPPE required, but MS-CHAP[v2] auth not performed.");
++ lcp_close(f->unit, "MPPE required but not available");
++ return;
++ }
+
+- /* Leave only the mschap auth bits set */
+- auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER |
+- CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
+- /* Count the mschap auths */
+- auth_mschap_bits >>= CHAP_MS_SHIFT;
+- numbits = 0;
+- do {
+- numbits += auth_mschap_bits & 1;
+- auth_mschap_bits >>= 1;
+- } while (auth_mschap_bits);
+- if (numbits > 1) {
+- error("MPPE required, but auth done in both directions.");
+- lcp_close(f->unit, "MPPE required but not available");
+- return;
+- }
+- if (!numbits) {
+- error("MPPE required, but MS-CHAP[v2] auth not performed.");
+- lcp_close(f->unit, "MPPE required but not available");
+- return;
+- }
+-
+- /* A plugin (eg radius) may not have obtained key material. */
+- if (!mppe_keys_set) {
+- error("MPPE required, but keys are not available. "
+- "Possible plugin problem?");
+- lcp_close(f->unit, "MPPE required but not available");
+- return;
+- }
+-
+- /* LM auth not supported for MPPE */
+- if (auth_done[f->unit] & (CHAP_MS_WITHPEER | CHAP_MS_PEER)) {
+- /* This might be noise */
+- if (go->mppe & MPPE_OPT_40) {
+- notice("Disabling 40-bit MPPE; MS-CHAP LM not supported");
+- go->mppe &= ~MPPE_OPT_40;
+- ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40;
++ /* A plugin (eg radius) may not have obtained key material. */
++ if (!mppe_keys_set) {
++ error("MPPE required, but keys are not available. "
++ "Possible plugin problem?");
++ lcp_close(f->unit, "MPPE required but not available");
++ return;
+ }
+ }
+
+- /* Last check: can we actually negotiate something? */
+- if (!(go->mppe & (MPPE_OPT_40 | MPPE_OPT_128))) {
+- /* Could be misconfig, could be 40-bit disabled above. */
+- error("MPPE required, but both 40-bit and 128-bit disabled.");
+- lcp_close(f->unit, "MPPE required but not available");
+- return;
++ /*
++ * Check whether the kernel knows about the various
++ * compression methods we might request. Key material
++ * unimportant here.
++ */
++ if (go->mppc) {
++ opt_buf[0] = CI_MPPE;
++ opt_buf[1] = CILEN_MPPE;
++ opt_buf[2] = 0;
++ opt_buf[3] = 0;
++ opt_buf[4] = 0;
++ opt_buf[5] = MPPE_MPPC;
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE, 0) <= 0)
++ go->mppc = 0;
++ }
++ if (go->mppe_40) {
++ opt_buf[0] = CI_MPPE;
++ opt_buf[1] = CILEN_MPPE;
++ opt_buf[2] = MPPE_STATELESS;
++ opt_buf[3] = 0;
++ opt_buf[4] = 0;
++ opt_buf[5] = MPPE_40BIT;
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0)
++ go->mppe_40 = 0;
++ }
++ if (go->mppe_56) {
++ opt_buf[0] = CI_MPPE;
++ opt_buf[1] = CILEN_MPPE;
++ opt_buf[2] = MPPE_STATELESS;
++ opt_buf[3] = 0;
++ opt_buf[4] = 0;
++ opt_buf[5] = MPPE_56BIT;
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0)
++ go->mppe_56 = 0;
++ }
++ if (go->mppe_128) {
++ opt_buf[0] = CI_MPPE;
++ opt_buf[1] = CILEN_MPPE;
++ opt_buf[2] = MPPE_STATELESS;
++ opt_buf[3] = 0;
++ opt_buf[4] = 0;
++ opt_buf[5] = MPPE_128BIT;
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0)
++ go->mppe_128 = 0;
++ }
++ if (!go->mppe_40 && !go->mppe_56 && !go->mppe_128) {
++ if (ccp_wantoptions[f->unit].mppe) {
++ error("MPPE required, but kernel has no support.");
++ lcp_close(f->unit, "MPPE required but not available");
++ }
++ go->mppe = go->mppe_stateless = 0;
++ } else {
++ /* MPPE is not compatible with other compression types */
++ if (ccp_wantoptions[f->unit].mppe) {
++ ao->bsd_compress = go->bsd_compress = 0;
++ ao->predictor_1 = go->predictor_1 = 0;
++ ao->predictor_2 = go->predictor_2 = 0;
++ ao->deflate = go->deflate = 0;
++ ao->lzs = go->lzs = 0;
++ }
+ }
+-
+- /* sync options */
+- ao->mppe = go->mppe;
+- /* MPPE is not compatible with other compression types */
+- ao->bsd_compress = go->bsd_compress = 0;
+- ao->predictor_1 = go->predictor_1 = 0;
+- ao->predictor_2 = go->predictor_2 = 0;
+- ao->deflate = go->deflate = 0;
+ }
+ #endif /* MPPE */
+-
+- /*
+- * Check whether the kernel knows about the various
+- * compression methods we might request.
+- */
+-#ifdef MPPE
+- if (go->mppe) {
+- opt_buf[0] = CI_MPPE;
+- opt_buf[1] = CILEN_MPPE;
+- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
+- /* Key material unimportant here. */
+- if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) {
+- error("MPPE required, but kernel has no support.");
+- lcp_close(f->unit, "MPPE required but not available");
+- }
++ if (go->lzs) {
++ opt_buf[0] = CI_LZS;
++ opt_buf[1] = CILEN_LZS;
++ opt_buf[2] = go->lzs_hists >> 8;
++ opt_buf[3] = go->lzs_hists & 0xff;
++ opt_buf[4] = LZS_MODE_SEQ;
++ if (ccp_test(f->unit, opt_buf, CILEN_LZS, 0) <= 0)
++ go->lzs = 0;
+ }
+-#endif
+ if (go->bsd_compress) {
+ opt_buf[0] = CI_BSD_COMPRESS;
+ opt_buf[1] = CILEN_BSD_COMPRESS;
+@@ -684,7 +771,8 @@
+ + (go->deflate? CILEN_DEFLATE: 0)
+ + (go->predictor_1? CILEN_PREDICTOR_1: 0)
+ + (go->predictor_2? CILEN_PREDICTOR_2: 0)
+- + (go->mppe? CILEN_MPPE: 0);
++ + (go->lzs? CILEN_LZS: 0)
++ + ((go->mppe || go->mppc)? CILEN_MPPE: 0);
+ }
+
+ /*
+@@ -698,6 +786,8 @@
+ {
+ int res;
+ ccp_options *go = &ccp_gotoptions[f->unit];
++ ccp_options *ao = &ccp_allowoptions[f->unit];
++ ccp_options *wo = &ccp_wantoptions[f->unit];
+ u_char *p0 = p;
+
+ /*
+@@ -706,22 +796,43 @@
+ * in case it gets Acked.
+ */
+ #ifdef MPPE
+- if (go->mppe) {
++ if (go->mppe || go->mppc || (!wo->mppe && ao->mppe)) {
+ u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
+
+- p[0] = opt_buf[0] = CI_MPPE;
+- p[1] = opt_buf[1] = CILEN_MPPE;
+- MPPE_OPTS_TO_CI(go->mppe, &p[2]);
+- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
++ p[0] = CI_MPPE;
++ p[1] = CILEN_MPPE;
++ p[2] = (go->mppe_stateless ? MPPE_STATELESS : 0);
++ p[3] = 0;
++ p[4] = 0;
++ p[5] = (go->mppe_40 ? MPPE_40BIT : 0) | (go->mppe_56 ? MPPE_56BIT : 0) |
++ (go->mppe_128 ? MPPE_128BIT : 0) | (go->mppc ? MPPE_MPPC : 0);
++
++ BCOPY(p, opt_buf, CILEN_MPPE);
+ BCOPY(mppe_recv_key, &opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN);
+ res = ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0);
+- if (res > 0)
++ if (res > 0) {
+ p += CILEN_MPPE;
+- else
++ } else {
+ /* This shouldn't happen, we've already tested it! */
+- lcp_close(f->unit, "MPPE required but not available in kernel");
++ go->mppe = go->mppe_40 = go->mppe_56 = go->mppe_128 =
++ go->mppe_stateless = go->mppc = 0;
++ if (ccp_wantoptions[f->unit].mppe)
++ lcp_close(f->unit, "MPPE required but not available in kernel");
++ }
++ }
++#endif /* MPPE */
++ if (go->lzs) {
++ p[0] = CI_LZS;
++ p[1] = CILEN_LZS;
++ p[2] = go->lzs_hists >> 8;
++ p[3] = go->lzs_hists & 0xff;
++ p[4] = LZS_MODE_SEQ;
++ res = ccp_test(f->unit, p, CILEN_LZS, 0);
++ if (res > 0) {
++ p += CILEN_LZS;
++ } else
++ go->lzs = 0;
+ }
+-#endif
+ if (go->deflate) {
+ p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT;
+ p[1] = CILEN_DEFLATE;
+@@ -807,7 +918,7 @@
+
+ /*
+ * ccp_ackci - process a received configure-ack, and return
+- * 1 iff the packet was OK.
++ * 1 if the packet was OK.
+ */
+ static int
+ ccp_ackci(f, p, len)
+@@ -816,24 +927,44 @@
+ int len;
+ {
+ ccp_options *go = &ccp_gotoptions[f->unit];
++ ccp_options *ao = &ccp_allowoptions[f->unit];
++ ccp_options *wo = &ccp_wantoptions[f->unit];
+ u_char *p0 = p;
+
+ #ifdef MPPE
+- if (go->mppe) {
+- u_char opt_buf[CILEN_MPPE];
+-
+- opt_buf[0] = CI_MPPE;
+- opt_buf[1] = CILEN_MPPE;
+- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]);
+- if (len < CILEN_MPPE || memcmp(opt_buf, p, CILEN_MPPE))
++ if (go->mppe || go->mppc || (!wo->mppe && ao->mppe)) {
++ if (len < CILEN_MPPE
++ || p[1] != CILEN_MPPE || p[0] != CI_MPPE
++ || p[2] != (go->mppe_stateless ? MPPE_STATELESS : 0)
++ || p[3] != 0
++ || p[4] != 0
++ || (p[5] != ((go->mppe_40 ? MPPE_40BIT : 0) |
++ (go->mppc ? MPPE_MPPC : 0))
++ && p[5] != ((go->mppe_56 ? MPPE_56BIT : 0) |
++ (go->mppc ? MPPE_MPPC : 0))
++ && p[5] != ((go->mppe_128 ? MPPE_128BIT : 0) |
++ (go->mppc ? MPPE_MPPC : 0))))
+ return 0;
++ if (go->mppe_40 || go->mppe_56 || go->mppe_128)
++ go->mppe = 1;
+ p += CILEN_MPPE;
+ len -= CILEN_MPPE;
++ /* Cope with first/fast ack */
++ if (p == p0 && len == 0)
++ return 1;
++ }
++#endif /* MPPE */
++ if (go->lzs) {
++ if (len < CILEN_LZS || p[0] != CI_LZS || p[1] != CILEN_LZS
++ || p[2] != go->lzs_hists>>8 || p[3] != (go->lzs_hists&0xff)
++ || p[4] != LZS_MODE_SEQ)
++ return 0;
++ p += CILEN_LZS;
++ len -= CILEN_LZS;
+ /* XXX Cope with first/fast ack */
+- if (len == 0)
++ if (p == p0 && len == 0)
+ return 1;
+ }
+-#endif
+ if (go->deflate) {
+ if (len < CILEN_DEFLATE
+ || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
+@@ -896,7 +1027,7 @@
+
+ /*
+ * ccp_nakci - process received configure-nak.
+- * Returns 1 iff the nak was OK.
++ * Returns 1 if the nak was OK.
+ */
+ static int
+ ccp_nakci(f, p, len)
+@@ -905,6 +1036,8 @@
+ int len;
+ {
+ ccp_options *go = &ccp_gotoptions[f->unit];
++ ccp_options *ao = &ccp_allowoptions[f->unit];
++ ccp_options *wo = &ccp_wantoptions[f->unit];
+ ccp_options no; /* options we've seen already */
+ ccp_options try; /* options to ask for next time */
+
+@@ -912,28 +1045,100 @@
+ try = *go;
+
+ #ifdef MPPE
+- if (go->mppe && len >= CILEN_MPPE
+- && p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
+- no.mppe = 1;
+- /*
+- * Peer wants us to use a different strength or other setting.
+- * Fail if we aren't willing to use his suggestion.
+- */
+- MPPE_CI_TO_OPTS(&p[2], try.mppe);
+- if ((try.mppe & MPPE_OPT_STATEFUL) && refuse_mppe_stateful) {
+- error("Refusing MPPE stateful mode offered by peer");
+- try.mppe = 0;
+- } else if (((go->mppe | MPPE_OPT_STATEFUL) & try.mppe) != try.mppe) {
+- /* Peer must have set options we didn't request (suggest) */
+- try.mppe = 0;
+- }
++ if ((go->mppe || go->mppc || (!wo->mppe && ao->mppe)) &&
++ len >= CILEN_MPPE && p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
+
+- if (!try.mppe) {
+- error("MPPE required but peer negotiation failed");
+- lcp_close(f->unit, "MPPE required but peer negotiation failed");
++ if (go->mppc) {
++ no.mppc = 1;
++ if (!(p[5] & MPPE_MPPC))
++ try.mppc = 0;
++ }
++
++ if (go->mppe)
++ no.mppe = 1;
++ if (go->mppe_40)
++ no.mppe_40 = 1;
++ if (go->mppe_56)
++ no.mppe_56 = 1;
++ if (go->mppe_128)
++ no.mppe_128 = 1;
++ if (go->mppe_stateless)
++ no.mppe_stateless = 1;
++
++ if (ao->mppe_40) {
++ if ((p[5] & MPPE_40BIT))
++ try.mppe_40 = 1;
++ else
++ try.mppe_40 = (p[5] == 0) ? 1 : 0;
++ }
++ if (ao->mppe_56) {
++ if ((p[5] & MPPE_56BIT))
++ try.mppe_56 = 1;
++ else
++ try.mppe_56 = (p[5] == 0) ? 1 : 0;
++ }
++ if (ao->mppe_128) {
++ if ((p[5] & MPPE_128BIT))
++ try.mppe_128 = 1;
++ else
++ try.mppe_128 = (p[5] == 0) ? 1 : 0;
++ }
++
++ if (ao->mppe_stateless) {
++ if ((p[2] & MPPE_STATELESS) || wo->mppe_stateless)
++ try.mppe_stateless = 1;
++ else
++ try.mppe_stateless = 0;
++ }
++
++ if (!try.mppe_56 && !try.mppe_40 && !try.mppe_128) {
++ try.mppe = try.mppe_stateless = 0;
++ if (wo->mppe) {
++ /* we require encryption, but peer doesn't support it
++ so we close connection */
++ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 =
++ wo->mppe_56 = wo->mppe_128 = 0;
++ lcp_close(f->unit, "MPPE required but cannot negotiate MPPE "
++ "key length");
++ }
++ }
++ if (wo->mppe && (wo->mppe_40 != try.mppe_40) &&
++ (wo->mppe_56 != try.mppe_56) && (wo->mppe_128 != try.mppe_128)) {
++ /* cannot negotiate key length */
++ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 =
++ wo->mppe_56 = wo->mppe_128 = 0;
++ lcp_close(f->unit, "Cannot negotiate MPPE key length");
+ }
++ if (try.mppe_40 && try.mppe_56 && try.mppe_128)
++ try.mppe_40 = try.mppe_56 = 0;
++ else
++ if (try.mppe_56 && try.mppe_128)
++ try.mppe_56 = 0;
++ else
++ if (try.mppe_40 && try.mppe_128)
++ try.mppe_40 = 0;
++ else
++ if (try.mppe_40 && try.mppe_56)
++ try.mppe_40 = 0;
++
++ p += CILEN_MPPE;
++ len -= CILEN_MPPE;
+ }
+ #endif /* MPPE */
++
++ if (go->lzs && len >= CILEN_LZS && p[0] == CI_LZS && p[1] == CILEN_LZS) {
++ no.lzs = 1;
++ if (((p[2]<<8)|p[3]) > 1 || (p[4] != LZS_MODE_SEQ &&
++ p[4] != LZS_MODE_EXT))
++ try.lzs = 0;
++ else {
++ try.lzs_mode = p[4];
++ try.lzs_hists = (p[2] << 8) | p[3];
++ }
++ p += CILEN_LZS;
++ len -= CILEN_LZS;
++ }
++
+ if (go->deflate && len >= CILEN_DEFLATE
+ && p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
+ && p[1] == CILEN_DEFLATE) {
+@@ -1006,14 +1211,50 @@
+ return -1;
+
+ #ifdef MPPE
+- if (go->mppe && len >= CILEN_MPPE
++ if ((go->mppe || go->mppc) && len >= CILEN_MPPE
+ && p[0] == CI_MPPE && p[1] == CILEN_MPPE) {
+- error("MPPE required but peer refused");
+- lcp_close(f->unit, "MPPE required but peer refused");
++ ccp_options *wo = &ccp_wantoptions[f->unit];
++ if (p[2] != (go->mppe_stateless ? MPPE_STATELESS : 0) ||
++ p[3] != 0 ||
++ p[4] != 0 ||
++ p[5] != ((go->mppe_40 ? MPPE_40BIT : 0) |
++ (go->mppe_56 ? MPPE_56BIT : 0) |
++ (go->mppe_128 ? MPPE_128BIT : 0) |
++ (go->mppc ? MPPE_MPPC : 0)))
++ return 0;
++ if (go->mppc)
++ try.mppc = 0;
++ if (go->mppe) {
++ try.mppe = 0;
++ if (go->mppe_40)
++ try.mppe_40 = 0;
++ if (go->mppe_56)
++ try.mppe_56 = 0;
++ if (go->mppe_128)
++ try.mppe_128 = 0;
++ if (go->mppe_stateless)
++ try.mppe_stateless = 0;
++ if (!try.mppe_56 && !try.mppe_40 && !try.mppe_128)
++ try.mppe = try.mppe_stateless = 0;
++ if (wo->mppe) { /* we want MPPE but cannot negotiate key length */
++ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 =
++ wo->mppe_56 = wo->mppe_128 = 0;
++ lcp_close(f->unit, "MPPE required but cannot negotiate MPPE "
++ "key length");
++ }
++ }
+ p += CILEN_MPPE;
+ len -= CILEN_MPPE;
+ }
+-#endif
++#endif /* MPPE */
++ if (go->lzs && len >= CILEN_LZS && p[0] == CI_LZS && p[1] == CILEN_LZS) {
++ if (p[2] != go->lzs_hists>>8 || p[3] != (go->lzs_hists&0xff)
++ || p[4] != go->lzs_mode)
++ return 0;
++ try.lzs = 0;
++ p += CILEN_LZS;
++ len -= CILEN_LZS;
++ }
+ if (go->deflate_correct && len >= CILEN_DEFLATE
+ && p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) {
+ if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
+@@ -1077,14 +1318,15 @@
+ int dont_nak;
+ {
+ int ret, newret, res;
+- u_char *p0, *retp;
++ u_char *p0, *retp, p2, p5;
+ int len, clen, type, nb;
+ ccp_options *ho = &ccp_hisoptions[f->unit];
+ ccp_options *ao = &ccp_allowoptions[f->unit];
++ ccp_options *wo = &ccp_wantoptions[f->unit];
+ #ifdef MPPE
+- bool rej_for_ci_mppe = 1; /* Are we rejecting based on a bad/missing */
+- /* CI_MPPE, or due to other options? */
+-#endif
++ u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
++/* int mtu; */
++#endif /* MPPE */
+
+ ret = CONFACK;
+ retp = p0 = p;
+@@ -1107,103 +1349,305 @@
+ switch (type) {
+ #ifdef MPPE
+ case CI_MPPE:
+- if (!ao->mppe || clen != CILEN_MPPE) {
++ if ((!ao->mppc && !ao->mppe) || clen != CILEN_MPPE) {
+ newret = CONFREJ;
+ break;
+ }
+- MPPE_CI_TO_OPTS(&p[2], ho->mppe);
+
+- /* Nak if anything unsupported or unknown are set. */
+- if (ho->mppe & MPPE_OPT_UNSUPPORTED) {
+- newret = CONFNAK;
+- ho->mppe &= ~MPPE_OPT_UNSUPPORTED;
+- }
+- if (ho->mppe & MPPE_OPT_UNKNOWN) {
++ p2 = p[2];
++ p5 = p[5];
++ /* not sure what they want, tell 'em what we got */
++ if (((p[2] & ~MPPE_STATELESS) != 0 || p[3] != 0 || p[4] != 0 ||
++ (p[5] & ~(MPPE_40BIT | MPPE_56BIT | MPPE_128BIT |
++ MPPE_MPPC)) != 0 || p[5] == 0) ||
++ (p[2] == 0 && p[3] == 0 && p[4] == 0 && p[5] == 0)) {
+ newret = CONFNAK;
+- ho->mppe &= ~MPPE_OPT_UNKNOWN;
++ p[2] = (wo->mppe_stateless ? MPPE_STATELESS : 0);
++ p[3] = 0;
++ p[4] = 0;
++ p[5] = (wo->mppe_40 ? MPPE_40BIT : 0) |
++ (wo->mppe_56 ? MPPE_56BIT : 0) |
++ (wo->mppe_128 ? MPPE_128BIT : 0) |
++ (wo->mppc ? MPPE_MPPC : 0);
++ break;
+ }
+
+- /* Check state opt */
+- if (ho->mppe & MPPE_OPT_STATEFUL) {
+- /*
+- * We can Nak and request stateless, but it's a
+- * lot easier to just assume the peer will request
+- * it if he can do it; stateful mode is bad over
+- * the Internet -- which is where we expect MPPE.
+- */
+- if (refuse_mppe_stateful) {
+- error("Refusing MPPE stateful mode offered by peer");
++ if ((p[5] & MPPE_MPPC)) {
++ if (ao->mppc) {
++ ho->mppc = 1;
++ BCOPY(p, opt_buf, CILEN_MPPE);
++ opt_buf[2] = opt_buf[3] = opt_buf[4] = 0;
++ opt_buf[5] = MPPE_MPPC;
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE, 1) <= 0) {
++ ho->mppc = 0;
++ p[5] &= ~MPPE_MPPC;
++ newret = CONFNAK;
++ }
++ } else {
+ newret = CONFREJ;
+- break;
++ if (wo->mppe || ao->mppe) {
++ p[5] &= ~MPPE_MPPC;
++ newret = CONFNAK;
++ }
++ }
++ }
++
++ if (ao->mppe)
++ ho->mppe = 1;
++
++ if ((p[2] & MPPE_STATELESS)) {
++ if (ao->mppe_stateless) {
++ if (wo->mppe_stateless)
++ ho->mppe_stateless = 1;
++ else {
++ newret = CONFNAK;
++ if (!dont_nak)
++ p[2] &= ~MPPE_STATELESS;
++ }
++ } else {
++ newret = CONFNAK;
++ if (!dont_nak)
++ p[2] &= ~MPPE_STATELESS;
++ }
++ } else {
++ if (wo->mppe_stateless && !dont_nak) {
++ wo->mppe_stateless = 0;
++ newret = CONFNAK;
++ p[2] |= MPPE_STATELESS;
+ }
+ }
+
+- /* Find out which of {S,L} are set. */
+- if ((ho->mppe & MPPE_OPT_128)
+- && (ho->mppe & MPPE_OPT_40)) {
+- /* Both are set, negotiate the strongest. */
++ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_56BIT|MPPE_128BIT)) {
+ newret = CONFNAK;
+- if (ao->mppe & MPPE_OPT_128)
+- ho->mppe &= ~MPPE_OPT_40;
+- else if (ao->mppe & MPPE_OPT_40)
+- ho->mppe &= ~MPPE_OPT_128;
+- else {
+- newret = CONFREJ;
+- break;
++ if (ao->mppe_128) {
++ ho->mppe_128 = 1;
++ p[5] &= ~(MPPE_40BIT|MPPE_56BIT);
++ BCOPY(p, opt_buf, CILEN_MPPE);
++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
++ MPPE_MAX_KEY_LEN);
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE +
++ MPPE_MAX_KEY_LEN, 1) <= 0) {
++ ho->mppe_128 = 0;
++ p[5] |= (MPPE_40BIT|MPPE_56BIT);
++ p[5] &= ~MPPE_128BIT;
++ goto check_mppe_56_40;
++ }
++ goto check_mppe;
+ }
+- } else if (ho->mppe & MPPE_OPT_128) {
+- if (!(ao->mppe & MPPE_OPT_128)) {
+- newret = CONFREJ;
+- break;
++ p[5] &= ~MPPE_128BIT;
++ goto check_mppe_56_40;
++ }
++ if ((p[5] & ~MPPE_MPPC) == (MPPE_56BIT|MPPE_128BIT)) {
++ newret = CONFNAK;
++ if (ao->mppe_128) {
++ ho->mppe_128 = 1;
++ p[5] &= ~MPPE_56BIT;
++ BCOPY(p, opt_buf, CILEN_MPPE);
++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
++ MPPE_MAX_KEY_LEN);
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE +
++ MPPE_MAX_KEY_LEN, 1) <= 0) {
++ ho->mppe_128 = 0;
++ p[5] |= MPPE_56BIT;
++ p[5] &= ~MPPE_128BIT;
++ goto check_mppe_56;
++ }
++ goto check_mppe;
+ }
+- } else if (ho->mppe & MPPE_OPT_40) {
+- if (!(ao->mppe & MPPE_OPT_40)) {
+- newret = CONFREJ;
+- break;
++ p[5] &= ~MPPE_128BIT;
++ goto check_mppe_56;
++ }
++ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_128BIT)) {
++ newret = CONFNAK;
++ if (ao->mppe_128) {
++ ho->mppe_128 = 1;
++ p[5] &= ~MPPE_40BIT;
++ BCOPY(p, opt_buf, CILEN_MPPE);
++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
++ MPPE_MAX_KEY_LEN);
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE +
++ MPPE_MAX_KEY_LEN, 1) <= 0) {
++ ho->mppe_128 = 0;
++ p[5] |= MPPE_40BIT;
++ p[5] &= ~MPPE_128BIT;
++ goto check_mppe_40;
++ }
++ goto check_mppe;
++ }
++ p[5] &= ~MPPE_128BIT;
++ goto check_mppe_40;
++ }
++ if ((p[5] & ~MPPE_MPPC) == MPPE_128BIT) {
++ if (ao->mppe_128) {
++ ho->mppe_128 = 1;
++ BCOPY(p, opt_buf, CILEN_MPPE);
++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
++ MPPE_MAX_KEY_LEN);
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE +
++ MPPE_MAX_KEY_LEN, 1) <= 0) {
++ ho->mppe_128 = 0;
++ p[5] &= ~MPPE_128BIT;
++ newret = CONFNAK;
++ }
++ goto check_mppe;
++ }
++ p[5] &= ~MPPE_128BIT;
++ newret = CONFNAK;
++ goto check_mppe;
++ }
++ check_mppe_56_40:
++ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_56BIT)) {
++ newret = CONFNAK;
++ if (ao->mppe_56) {
++ ho->mppe_56 = 1;
++ p[5] &= ~MPPE_40BIT;
++ BCOPY(p, opt_buf, CILEN_MPPE);
++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
++ MPPE_MAX_KEY_LEN);
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE +
++ MPPE_MAX_KEY_LEN, 1) <= 0) {
++ ho->mppe_56 = 0;
++ p[5] |= MPPE_40BIT;
++ p[5] &= ~MPPE_56BIT;
++ newret = CONFNAK;
++ goto check_mppe_40;
++ }
++ goto check_mppe;
++ }
++ p[5] &= ~MPPE_56BIT;
++ goto check_mppe_40;
++ }
++ check_mppe_56:
++ if ((p[5] & ~MPPE_MPPC) == MPPE_56BIT) {
++ if (ao->mppe_56) {
++ ho->mppe_56 = 1;
++ BCOPY(p, opt_buf, CILEN_MPPE);
++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
++ MPPE_MAX_KEY_LEN);
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE +
++ MPPE_MAX_KEY_LEN, 1) <= 0) {
++ ho->mppe_56 = 0;
++ p[5] &= ~MPPE_56BIT;
++ newret = CONFNAK;
++ }
++ goto check_mppe;
++ }
++ p[5] &= ~MPPE_56BIT;
++ newret = CONFNAK;
++ goto check_mppe;
++ }
++ check_mppe_40:
++ if ((p[5] & ~MPPE_MPPC) == MPPE_40BIT) {
++ if (ao->mppe_40) {
++ ho->mppe_40 = 1;
++ BCOPY(p, opt_buf, CILEN_MPPE);
++ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
++ MPPE_MAX_KEY_LEN);
++ if (ccp_test(f->unit, opt_buf, CILEN_MPPE +
++ MPPE_MAX_KEY_LEN, 1) <= 0) {
++ ho->mppe_40 = 0;
++ p[5] &= ~MPPE_40BIT;
++ newret = CONFNAK;
++ }
++ goto check_mppe;
++ }
++ p[5] &= ~MPPE_40BIT;
++ }
++
++ check_mppe:
++ if (!ho->mppe_40 && !ho->mppe_56 && !ho->mppe_128) {
++ if (wo->mppe_40 || wo->mppe_56 || wo->mppe_128) {
++ newret = CONFNAK;
++ p[2] |= (wo->mppe_stateless ? MPPE_STATELESS : 0);
++ p[5] |= (wo->mppe_40 ? MPPE_40BIT : 0) |
++ (wo->mppe_56 ? MPPE_56BIT : 0) |
++ (wo->mppe_128 ? MPPE_128BIT : 0) |
++ (wo->mppc ? MPPE_MPPC : 0);
++ } else {
++ ho->mppe = ho->mppe_stateless = 0;
+ }
+ } else {
+- /* Neither are set. */
++ /* MPPE is not compatible with other compression types */
++ if (wo->mppe) {
++ ao->bsd_compress = 0;
++ ao->predictor_1 = 0;
++ ao->predictor_2 = 0;
++ ao->deflate = 0;
++ ao->lzs = 0;
++ }
++ }
++ if ((!ho->mppc || !ao->mppc) && !ho->mppe) {
++ p[2] = p2;
++ p[5] = p5;
+ newret = CONFREJ;
+ break;
+ }
+
+- /* rebuild the opts */
+- MPPE_OPTS_TO_CI(ho->mppe, &p[2]);
+- if (newret == CONFACK) {
+- u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN];
+- int mtu;
+-
+- BCOPY(p, opt_buf, CILEN_MPPE);
+- BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE],
+- MPPE_MAX_KEY_LEN);
+- if (ccp_test(f->unit, opt_buf,
+- CILEN_MPPE + MPPE_MAX_KEY_LEN, 1) <= 0) {
+- /* This shouldn't happen, we've already tested it! */
+- error("MPPE required, but kernel has no support.");
+- lcp_close(f->unit, "MPPE required but not available");
+- newret = CONFREJ;
+- break;
+- }
+- /*
+- * We need to decrease the interface MTU by MPPE_PAD
+- * because MPPE frames **grow**. The kernel [must]
+- * allocate MPPE_PAD extra bytes in xmit buffers.
+- */
+- mtu = netif_get_mtu(f->unit);
+- if (mtu)
+- netif_set_mtu(f->unit, mtu - MPPE_PAD);
+- else
+- newret = CONFREJ;
+- }
++ /*
++ * I have commented the code below because according to RFC1547
++ * MTU is only information for higher level protocols about
++ * "the maximum allowable length for a packet (q.v.) transmitted
++ * over a point-to-point link without incurring network layer
++ * fragmentation." Of course a PPP implementation should be able
++ * to handle overhead added by MPPE - in our case apropriate code
++ * is located in drivers/net/ppp_generic.c in the kernel sources.
++ *
++ * According to RFC1661:
++ * - when negotiated MRU is less than 1500 octets, a PPP
++ * implementation must still be able to receive at least 1500
++ * octets,
++ * - when PFC is negotiated, a PPP implementation is still
++ * required to receive frames with uncompressed protocol field.
++ *
++ * So why not to handle MPPE overhead without changing MTU value?
++ * I am sure that RFC3078, unfortunately silently, assumes that.
++ */
+
+ /*
+- * We have accepted MPPE or are willing to negotiate
+- * MPPE parameters. A CONFREJ is due to subsequent
+- * (non-MPPE) processing.
++ * We need to decrease the interface MTU by MPPE_PAD
++ * because MPPE frames **grow**. The kernel [must]
++ * allocate MPPE_PAD extra bytes in xmit buffers.
+ */
+- rej_for_ci_mppe = 0;
++/*
++ mtu = netif_get_mtu(f->unit);
++ if (mtu) {
++ netif_set_mtu(f->unit, mtu - MPPE_PAD);
++ } else {
++ newret = CONFREJ;
++ if (ccp_wantoptions[f->unit].mppe) {
++ error("Cannot adjust MTU needed by MPPE.");
++ lcp_close(f->unit, "Cannot adjust MTU needed by MPPE.");
++ }
++ }
++*/
+ break;
+ #endif /* MPPE */
++
++ case CI_LZS:
++ if (!ao->lzs || clen != CILEN_LZS) {
++ newret = CONFREJ;
++ break;
++ }
++
++ ho->lzs = 1;
++ ho->lzs_hists = (p[2] << 8) | p[3];
++ ho->lzs_mode = p[4];
++ if ((ho->lzs_hists != ao->lzs_hists) ||
++ (ho->lzs_mode != ao->lzs_mode)) {
++ newret = CONFNAK;
++ if (!dont_nak) {
++ p[2] = ao->lzs_hists >> 8;
++ p[3] = ao->lzs_hists & 0xff;
++ p[4] = ao->lzs_mode;
++ } else
++ break;
++ }
++
++ if (p == p0 && ccp_test(f->unit, p, CILEN_LZS, 1) <= 0) {
++ newret = CONFREJ;
++ }
++ break;
++
+ case CI_DEFLATE:
+ case CI_DEFLATE_DRAFT:
+ if (!ao->deflate || clen != CILEN_DEFLATE
+@@ -1345,12 +1789,6 @@
+ else
+ *lenp = retp - p0;
+ }
+-#ifdef MPPE
+- if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) {
+- error("MPPE required but peer negotiation failed");
+- lcp_close(f->unit, "MPPE required but peer negotiation failed");
+- }
+-#endif
+ return ret;
+ }
+
+@@ -1372,24 +1810,35 @@
+ char *p = result;
+ char *q = result + sizeof(result); /* 1 past result */
+
+- slprintf(p, q - p, "MPPE ");
+- p += 5;
+- if (opt->mppe & MPPE_OPT_128) {
+- slprintf(p, q - p, "128-bit ");
+- p += 8;
+- }
+- if (opt->mppe & MPPE_OPT_40) {
+- slprintf(p, q - p, "40-bit ");
+- p += 7;
+- }
+- if (opt->mppe & MPPE_OPT_STATEFUL)
+- slprintf(p, q - p, "stateful");
+- else
+- slprintf(p, q - p, "stateless");
+-
++ if (opt->mppe) {
++ if (opt->mppc) {
++ slprintf(p, q - p, "MPPC/MPPE ");
++ p += 10;
++ } else {
++ slprintf(p, q - p, "MPPE ");
++ p += 5;
++ }
++ if (opt->mppe_128) {
++ slprintf(p, q - p, "128-bit ");
++ p += 8;
++ } else if (opt->mppe_56) {
++ slprintf(p, q - p, "56-bit ");
++ p += 7;
++ } else if (opt->mppe_40) {
++ slprintf(p, q - p, "40-bit ");
++ p += 7;
++ }
++ if (opt->mppe_stateless)
++ slprintf(p, q - p, "stateless");
++ else
++ slprintf(p, q - p, "stateful");
++ } else if (opt->mppc)
++ slprintf(p, q - p, "MPPC");
+ break;
+ }
+-#endif
++#endif /* MPPE */
++ case CI_LZS:
++ return "Stac LZS";
+ case CI_DEFLATE:
+ case CI_DEFLATE_DRAFT:
+ if (opt2 != NULL && opt2->deflate_size != opt->deflate_size)
+@@ -1445,12 +1894,12 @@
+ } else if (ANY_COMPRESS(*ho))
+ notice("%s transmit compression enabled", method_name(ho, NULL));
+ #ifdef MPPE
+- if (go->mppe) {
++ if (go->mppe || go->mppc) {
+ BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN);
+ BZERO(mppe_send_key, MPPE_MAX_KEY_LEN);
+ continue_networks(f->unit); /* Bring up IP et al */
+ }
+-#endif
++#endif /* MPPE */
+ }
+
+ /*
+@@ -1473,7 +1922,7 @@
+ lcp_close(f->unit, "MPPE disabled");
+ }
+ }
+-#endif
++#endif /* MPPE */
+ }
+
+ /*
+@@ -1533,24 +1982,28 @@
+ #ifdef MPPE
+ case CI_MPPE:
+ if (optlen >= CILEN_MPPE) {
+- u_char mppe_opts;
+-
+- MPPE_CI_TO_OPTS(&p[2], mppe_opts);
+- printer(arg, "mppe %s %s %s %s %s %s%s",
+- (p[2] & MPPE_H_BIT)? "+H": "-H",
+- (p[5] & MPPE_M_BIT)? "+M": "-M",
+- (p[5] & MPPE_S_BIT)? "+S": "-S",
+- (p[5] & MPPE_L_BIT)? "+L": "-L",
++ printer(arg, "mppe %s %s %s %s %s %s",
++ (p[2] & MPPE_STATELESS)? "+H": "-H",
++ (p[5] & MPPE_56BIT)? "+M": "-M",
++ (p[5] & MPPE_128BIT)? "+S": "-S",
++ (p[5] & MPPE_40BIT)? "+L": "-L",
+ (p[5] & MPPE_D_BIT)? "+D": "-D",
+- (p[5] & MPPE_C_BIT)? "+C": "-C",
+- (mppe_opts & MPPE_OPT_UNKNOWN)? " +U": "");
+- if (mppe_opts & MPPE_OPT_UNKNOWN)
++ (p[5] & MPPE_MPPC)? "+C": "-C");
++ if ((p[5] & ~(MPPE_56BIT | MPPE_128BIT | MPPE_40BIT |
++ MPPE_D_BIT | MPPE_MPPC)) ||
++ (p[2] & ~MPPE_STATELESS))
+ printer(arg, " (%.2x %.2x %.2x %.2x)",
+ p[2], p[3], p[4], p[5]);
+ p += CILEN_MPPE;
+ }
+ break;
+-#endif
++#endif /* MPPE */
++ case CI_LZS:
++ if (optlen >= CILEN_LZS) {
++ printer(arg, "lzs %.2x %.2x %.2x", p[2], p[3], p[4]);
++ p += CILEN_LZS;
++ }
++ break;
+ case CI_DEFLATE:
+ case CI_DEFLATE_DRAFT:
+ if (optlen >= CILEN_DEFLATE) {
+@@ -1636,6 +2089,7 @@
+ error("Lost compression sync: disabling compression");
+ ccp_close(unit, "Lost compression sync");
+ #ifdef MPPE
++ /* My module dosn't need this. J.D., 2003-07-06 */
+ /*
+ * If we were doing MPPE, we must also take the link down.
+ */
+@@ -1643,9 +2097,18 @@
+ error("Too many MPPE errors, closing LCP");
+ lcp_close(unit, "Too many MPPE errors");
+ }
+-#endif
++#endif /* MPPE */
+ } else {
+ /*
++ * When LZS or MPPE/MPPC is negotiated we just send CCP_RESETREQ
++ * and don't wait for CCP_RESETACK
++ */
++ if ((ccp_gotoptions[f->unit].method == CI_LZS) ||
++ (ccp_gotoptions[f->unit].method == CI_MPPE)) {
++ fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0);
++ return;
++ }
++ /*
+ * Send a reset-request to reset the peer's compressor.
+ * We don't do that if we are still waiting for an
+ * acknowledgement to a previous reset-request.
+@@ -1676,4 +2139,3 @@
+ } else
+ ccp_localstate[f->unit] &= ~RACK_PENDING;
+ }
+-
+diff -ruN ppp-2.4.2.orig/pppd/ccp.h ppp-2.4.2-stdopt/pppd/ccp.h
+--- ppp-2.4.2.orig/pppd/ccp.h 2002-12-05 00:03:32.000000000 +0100
++++ ppp-2.4.2-stdopt/pppd/ccp.h 2004-01-21 06:51:09.000000000 +0100
+@@ -42,9 +42,17 @@
+ bool predictor_2; /* do Predictor-2? */
+ bool deflate_correct; /* use correct code for deflate? */
+ bool deflate_draft; /* use draft RFC code for deflate? */
++ bool lzs; /* do Stac LZS? */
++ bool mppc; /* do MPPC? */
+ bool mppe; /* do MPPE? */
++ bool mppe_40; /* allow 40 bit encryption? */
++ bool mppe_56; /* allow 56 bit encryption? */
++ bool mppe_128; /* allow 128 bit encryption? */
++ bool mppe_stateless; /* allow stateless encryption */
+ u_short bsd_bits; /* # bits/code for BSD Compress */
+ u_short deflate_size; /* lg(window size) for Deflate */
++ u_short lzs_mode; /* LZS check mode */
++ u_short lzs_hists; /* number of LZS histories */
+ short method; /* code for chosen compression method */
+ } ccp_options;
+
+diff -ruN ppp-2.4.2.orig/pppd/chap_ms.c ppp-2.4.2-stdopt/pppd/chap_ms.c
+--- ppp-2.4.2.orig/pppd/chap_ms.c 2003-11-18 11:42:56.000000000 +0100
++++ ppp-2.4.2-stdopt/pppd/chap_ms.c 2004-01-21 06:51:09.000000000 +0100
+@@ -858,13 +858,17 @@
+ /*
+ * Disable undesirable encryption types. Note that we don't ENABLE
+ * any encryption types, to avoid overriding manual configuration.
++ *
++ * It seems that 56 bit keys are unsupported in MS-RADIUS (see RFC 2548)
+ */
+ switch(types) {
+ case MPPE_ENC_TYPES_RC4_40:
+- ccp_wantoptions[0].mppe &= ~MPPE_OPT_128; /* disable 128-bit */
++ ccp_wantoptions[0].mppe_128 = 0; /* disable 128-bit */
++ ccp_wantoptions[0].mppe_56 = 0; /* disable 56-bit */
+ break;
+ case MPPE_ENC_TYPES_RC4_128:
+- ccp_wantoptions[0].mppe &= ~MPPE_OPT_40; /* disable 40-bit */
++ ccp_wantoptions[0].mppe_56 = 0; /* disable 56-bit */
++ ccp_wantoptions[0].mppe_40 = 0; /* disable 40-bit */
+ break;
+ default:
+ break;
+diff -ruN ppp-2.4.2.orig/pppd/pppd.8 ppp-2.4.2-stdopt/pppd/pppd.8
+--- ppp-2.4.2.orig/pppd/pppd.8 2004-01-15 06:09:00.000000000 +0100
++++ ppp-2.4.2-stdopt/pppd/pppd.8 2004-01-21 06:51:09.000000000 +0100
+@@ -614,6 +614,9 @@
+ Enables the use of PPP multilink; this is an alias for the `multilink'
+ option. This option is currently only available under Linux.
+ .TP
++.B mppc
++Enables MPPC (Microsoft Point to Point Compression). This is the default.
++.TP
+ .B mppe-stateful
+ Allow MPPE to use stateful mode. Stateless mode is still attempted first.
+ The default is to disallow stateful mode.
+@@ -749,12 +752,18 @@
+ Disables the use of PPP multilink. This option is currently only
+ available under Linux.
+ .TP
++.B nomppc
++Diasables MPPC (Microsoft Point to Point Compression).
++.TP
+ .B nomppe
+ Disables MPPE (Microsoft Point to Point Encryption). This is the default.
+ .TP
+ .B nomppe-40
+ Disable 40\-bit encryption with MPPE.
+ .TP
++.B nomppe-56
++Disable 56\-bit encryption with MPPE.
++.TP
+ .B nomppe-128
+ Disable 128\-bit encryption with MPPE.
+ .TP
+@@ -951,6 +960,9 @@
+ .B require-mppe-40
+ Require the use of MPPE, with 40\-bit encryption.
+ .TP
++.B require-mppe-56
++Require the use of MPPE, with 56\-bit encryption.
++.TP
+ .B require-mppe-128
+ Require the use of MPPE, with 128\-bit encryption.
+ .TP
+diff -ruN ppp-2.4.2.orig/pppd/sha1.c ppp-2.4.2-stdopt/pppd/sha1.c
+--- ppp-2.4.2.orig/pppd/sha1.c 2002-04-02 15:54:59.000000000 +0200
++++ ppp-2.4.2-stdopt/pppd/sha1.c 2004-08-15 15:00:55.000000000 +0200
+@@ -21,7 +21,7 @@
+ #include "sha1.h"
+
+ static void
+-SHA1_Transform(unsigned long[5], const unsigned char[64]);
++SHA1_Transform(u_int32_t state[5], const u_int8_t buffer[64]);
+
+ #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
+
+@@ -42,17 +42,17 @@
+ /* Hash a single 512-bit block. This is the core of the algorithm. */
+
+ static void
+-SHA1_Transform(unsigned long state[5], const unsigned char buffer[64])
++SHA1_Transform(u_int32_t state[5], const u_int8_t buffer[64])
+ {
+- unsigned long a, b, c, d, e;
++ u_int32_t a, b, c, d, e;
+ typedef union {
+- unsigned char c[64];
+- unsigned long l[16];
++ u_int8_t c[64];
++ u_int32_t l[16];
+ } CHAR64LONG16;
+ CHAR64LONG16 *block;
+
+ #ifdef SHA1HANDSOFF
+- static unsigned char workspace[64];
++ static u_int8_t workspace[64];
+ block = (CHAR64LONG16 *) workspace;
+ memcpy(block, buffer, 64);
+ #else
+@@ -114,9 +114,9 @@
+ /* Run your data through this. */
+
+ void
+-SHA1_Update(SHA1_CTX *context, const unsigned char *data, unsigned int len)
++SHA1_Update(SHA1_CTX *context, const u_int8_t *data, u_int32_t len)
+ {
+- unsigned int i, j;
++ u_int32_t i, j;
+
+ j = (context->count[0] >> 3) & 63;
+ if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++;
+@@ -139,22 +139,24 @@
+ /* Add padding and return the message digest. */
+
+ void
+-SHA1_Final(unsigned char digest[20], SHA1_CTX *context)
++SHA1_Final(u_int8_t digest[SHA1_SIGNATURE_SIZE], SHA1_CTX *context)
+ {
+- unsigned long i, j;
+- unsigned char finalcount[8];
++ u_int32_t i, j;
++ u_int8_t finalcount[8];
+
+ for (i = 0; i < 8; i++) {
+- finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
++ finalcount[i] = (u_int8_t) ((context->count[(i >= 4 ? 0 : 1)]
+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
+ }
+- SHA1_Update(context, (unsigned char *) "\200", 1);
++ SHA1_Update(context, (u_int8_t *) "\200", 1);
+ while ((context->count[0] & 504) != 448) {
+- SHA1_Update(context, (unsigned char *) "\0", 1);
++ SHA1_Update(context, (u_int8_t *) "\0", 1);
+ }
++
+ SHA1_Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
++
+ for (i = 0; i < 20; i++) {
+- digest[i] = (unsigned char)
++ digest[i] = (u_int8_t)
+ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
+ }
+ /* Wipe variables */
+@@ -167,4 +169,3 @@
+ SHA1Transform(context->state, context->buffer);
+ #endif
+ }
+-
+diff -ruN ppp-2.4.2.orig/pppd/sha1.h ppp-2.4.2-stdopt/pppd/sha1.h
+--- ppp-2.4.2.orig/pppd/sha1.h 2002-11-09 12:24:42.000000000 +0100
++++ ppp-2.4.2-stdopt/pppd/sha1.h 2004-08-15 15:00:55.000000000 +0200
+@@ -8,6 +8,8 @@
+
+ #ifndef __SHA1_INCLUDE_
+
++#include <sys/types.h>
++
+ #ifndef SHA1_SIGNATURE_SIZE
+ #ifdef SHA_DIGESTSIZE
+ #define SHA1_SIGNATURE_SIZE SHA_DIGESTSIZE
+@@ -17,14 +19,14 @@
+ #endif
+
+ typedef struct {
+- unsigned long state[5];
+- unsigned long count[2];
+- unsigned char buffer[64];
++ u_int32_t state[5];
++ u_int32_t count[2];
++ u_int8_t buffer[64];
+ } SHA1_CTX;
+
+ extern void SHA1_Init(SHA1_CTX *);
+-extern void SHA1_Update(SHA1_CTX *, const unsigned char *, unsigned int);
+-extern void SHA1_Final(unsigned char[SHA1_SIGNATURE_SIZE], SHA1_CTX *);
++extern void SHA1_Update(SHA1_CTX *, const u_int8_t *, u_int32_t);
++extern void SHA1_Final(u_int8_t[SHA1_SIGNATURE_SIZE], SHA1_CTX *);
+
+ #define __SHA1_INCLUDE_
+ #endif /* __SHA1_INCLUDE_ */
--- /dev/null
+diff -ruN poptop-old/Makefile.in poptop-new/Makefile.in
+--- poptop-old/Makefile.in 2003-02-06 17:39:45.000000000 +0100
++++ poptop-new/Makefile.in 2004-04-04 15:50:17.000000000 +0200
+@@ -74,8 +74,9 @@
+ AUTOMAKE_OPTIONS = no-dependencies foreign
+
+ INCLUDES = -I.
+-CFLAGS = -O2 -fno-builtin -Wall -ansi -DSBINDIR='"$(sbindir)"'
+-#CFLAGS = -O2 -fno-builtin -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"'
++CCOPTS = -O2 -fno-builtin
++CFLAGS = $(CCOPTS) -Wall -ansi -DSBINDIR='"$(sbindir)"'
++#CFLAGS = $(CCOPTS) -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"'
+
+ man_MANS = pptpctrl.8 pptpd.8 pptpd.conf.5
+
/* sstrip: Copyright (C) 1999-2001 by Brian Raiter, under the GNU
* General Public License. No warranty. See COPYING for details.
+ *
+ * Aug 23, 2004 Hacked by Manuel Novoa III <mjn3@codepoet.org> to
+ * handle targets of different endianness and/or elf class, making
+ * it more useful in a cross-devel environment.
*/
-#define __MIPSEL__ 1
-#define _MIPS_SZLONG 32
+/* ============== original README ===================
+ *
+ * sstrip is a small utility that removes the contents at the end of an
+ * ELF file that are not part of the program's memory image.
+ *
+ * Most ELF executables are built with both a program header table and a
+ * section header table. However, only the former is required in order
+ * for the OS to load, link and execute a program. sstrip attempts to
+ * extract the ELF header, the program header table, and its contents,
+ * leaving everything else in the bit bucket. It can only remove parts of
+ * the file that occur at the end, after the parts to be saved. However,
+ * this almost always includes the section header table, and occasionally
+ * a few random sections that are not used when running a program.
+ *
+ * It should be noted that the GNU bfd library is (understandably)
+ * dependent on the section header table as an index to the file's
+ * contents. Thus, an executable file that has no section header table
+ * cannot be used with gdb, objdump, or any other program based upon the
+ * bfd library, at all. In fact, the program will not even recognize the
+ * file as a valid executable. (This limitation is noted in the source
+ * code comments for bfd, and is marked "FIXME", so this may change at
+ * some future date. However, I would imagine that it is a pretty
+ * low-priority item, as executables without a section header table are
+ * rare in the extreme.) This probably also explains why strip doesn't
+ * offer the option to do this.
+ *
+ * Shared library files may also have their section header table removed.
+ * Such a library will still function; however, it will no longer be
+ * possible for a compiler to link a new program against it.
+ *
+ * As an added bonus, sstrip also tries to removes trailing zero bytes
+ * from the end of the file. (This normally cannot be done with an
+ * executable that has a section header table.)
+ *
+ * sstrip is a very simplistic program. It depends upon the common
+ * practice of putting the parts of the file that contribute to the
+ * memory image at the front, and the remaining material at the end. This
+ * permits it to discard the latter material without affecting file
+ * offsets and memory addresses in what remains. Of course, the ELF
+ * standard permits files to be organized in almost any order, so if a
+ * pathological linker decided to put its section headers at the top,
+ * sstrip would be useless on such executables.
+ */
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <elf.h>
-#include <linux/bitops.h>
-
-typedef signed char s8;
-typedef unsigned char u8;
-
-typedef signed short s16;
-typedef unsigned short u16;
-
-typedef signed int s32;
-typedef unsigned int u32;
-
-typedef signed long long s64;
-typedef unsigned long long u64;
-
-#include <asm/elf.h>
+#include <endian.h>
+#include <byteswap.h>
#ifndef TRUE
#define TRUE 1
#define FALSE 0
#endif
-#if ELF_CLASS == ELFCLASS32
-#define Elf_Ehdr Elf32_Ehdr
-#define Elf_Phdr Elf32_Phdr
-#else
-#define Elf_Ehdr Elf64_Ehdr
-#define Elf_Phdr Elf64_Phdr
-#endif
-
/* The name of the program.
*/
-static char const *progname;
+static char const *progname;
/* The name of the current file.
*/
-static char const *filename;
+static char const *filename;
/* A simple error-handling function. FALSE is always returned for the
*/
static int err(char const *errmsg)
{
- fprintf(stderr, "%s: %s: %s\n", progname, filename, errmsg);
- return FALSE;
+ fprintf(stderr, "%s: %s: %s\n", progname, filename, errmsg);
+ return FALSE;
}
-/* A macro for I/O errors: The given error message is used only when
- * errno is not set.
+/* A flag to signal the need for endian reversal.
*/
-#define ferr(msg) (err(errno ? strerror(errno) : (msg)))
+static int do_reverse_endian;
-/* readelfheader() reads the ELF header into our global variable, and
- * checks to make sure that this is in fact a file that we should be
- * munging.
+/* Get a value from the elf header, compensating for endianness.
*/
-static int readelfheader(int fd, Elf_Ehdr *ehdr)
-{
- errno = 0;
- if (read(fd, ehdr, sizeof *ehdr) != sizeof *ehdr)
- return ferr("missing or incomplete ELF header.");
-
- /* Check the ELF signature.
- */
- if (!(ehdr->e_ident[EI_MAG0] == ELFMAG0 &&
- ehdr->e_ident[EI_MAG1] == ELFMAG1 &&
- ehdr->e_ident[EI_MAG2] == ELFMAG2 &&
- ehdr->e_ident[EI_MAG3] == ELFMAG3))
- return err("missing ELF signature.");
-
- /* Compare the file's class and endianness with the program's.
- */
- if (ehdr->e_ident[EI_DATA] != ELF_DATA)
- return err("ELF file has different endianness.");
- if (ehdr->e_ident[EI_CLASS] != ELF_CLASS)
- return err("ELF file has different word size.");
-
- /* Check the target architecture.
- */
- if (ehdr->e_machine != ELF_ARCH)
- return err("ELF file created for different architecture.");
- /* Verify the sizes of the ELF header and the program segment
- * header table entries.
- */
- if (ehdr->e_ehsize != sizeof(Elf_Ehdr))
- return err("unrecognized ELF header size.");
- if (ehdr->e_phentsize != sizeof(Elf_Phdr))
- return err("unrecognized program segment header size.");
-
- /* Finally, check the file type.
- */
- if (ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN)
- return err("not an executable or shared-object library.");
-
- return TRUE;
-}
-
-/* readphdrtable() loads the program segment header table into memory.
+#define EGET(X) \
+ (__extension__ ({ \
+ uint64_t __res; \
+ if (!do_reverse_endian) { \
+ __res = (X); \
+ } else if (sizeof(X) == 1) { \
+ __res = (X); \
+ } else if (sizeof(X) == 2) { \
+ __res = bswap_16((X)); \
+ } else if (sizeof(X) == 4) { \
+ __res = bswap_32((X)); \
+ } else if (sizeof(X) == 8) { \
+ __res = bswap_64((X)); \
+ } else { \
+ fprintf(stderr, "%s: %s: EGET failed for size %d\n", \
+ progname, filename, sizeof(X)); \
+ exit(EXIT_FAILURE); \
+ } \
+ __res; \
+ }))
+
+/* Set a value 'Y' in the elf header to 'X', compensating for endianness.
*/
-static int readphdrtable(int fd, Elf_Ehdr const *ehdr, Elf_Phdr **phdrs)
-{
- size_t size;
+#define ESET(Y,X) \
+ do if (!do_reverse_endian) { \
+ Y = (X); \
+ } else if (sizeof(Y) == 1) { \
+ Y = (X); \
+ } else if (sizeof(Y) == 2) { \
+ Y = bswap_16((uint16_t)(X)); \
+ } else if (sizeof(Y) == 4) { \
+ Y = bswap_32((uint32_t)(X)); \
+ } else if (sizeof(Y) == 8) { \
+ Y = bswap_64((uint64_t)(X)); \
+ } else { \
+ fprintf(stderr, "%s: %s: ESET failed for size %d\n", \
+ progname, filename, sizeof(Y)); \
+ exit(EXIT_FAILURE); \
+ } while (0)
- if (!ehdr->e_phoff || !ehdr->e_phnum)
- return err("ELF file has no program header table.");
- size = ehdr->e_phnum * sizeof **phdrs;
- if (!(*phdrs = malloc(size)))
- return err("Out of memory!");
+/* A macro for I/O errors: The given error message is used only when
+ * errno is not set.
+ */
+#define ferr(msg) (err(errno ? strerror(errno) : (msg)))
- errno = 0;
- if (read(fd, *phdrs, size) != (ssize_t)size)
- return ferr("missing or incomplete program segment header table.");
- return TRUE;
+
+#define HEADER_FUNCTIONS(CLASS) \
+ \
+/* readelfheader() reads the ELF header into our global variable, and \
+ * checks to make sure that this is in fact a file that we should be \
+ * munging. \
+ */ \
+static int readelfheader ## CLASS (int fd, Elf ## CLASS ## _Ehdr *ehdr) \
+{ \
+ if (read(fd, ((char *)ehdr)+EI_NIDENT, sizeof(*ehdr) - EI_NIDENT) \
+ != sizeof(*ehdr) - EI_NIDENT) \
+ return ferr("missing or incomplete ELF header."); \
+ \
+ /* Verify the sizes of the ELF header and the program segment \
+ * header table entries. \
+ */ \
+ if (EGET(ehdr->e_ehsize) != sizeof(Elf ## CLASS ## _Ehdr)) \
+ return err("unrecognized ELF header size."); \
+ if (EGET(ehdr->e_phentsize) != sizeof(Elf ## CLASS ## _Phdr)) \
+ return err("unrecognized program segment header size."); \
+ \
+ /* Finally, check the file type. \
+ */ \
+ if (EGET(ehdr->e_type) != ET_EXEC && EGET(ehdr->e_type) != ET_DYN) \
+ return err("not an executable or shared-object library."); \
+ \
+ return TRUE; \
+} \
+ \
+/* readphdrtable() loads the program segment header table into memory. \
+ */ \
+static int readphdrtable ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \
+ Elf ## CLASS ## _Phdr **phdrs) \
+{ \
+ size_t size; \
+ \
+ if (!EGET(ehdr->e_phoff) || !EGET(ehdr->e_phnum) \
+) return err("ELF file has no program header table."); \
+ \
+ size = EGET(ehdr->e_phnum) * sizeof **phdrs; \
+ if (!(*phdrs = malloc(size))) \
+ return err("Out of memory!"); \
+ \
+ errno = 0; \
+ if (read(fd, *phdrs, size) != (ssize_t)size) \
+ return ferr("missing or incomplete program segment header table."); \
+ \
+ return TRUE; \
+} \
+ \
+/* getmemorysize() determines the offset of the last byte of the file \
+ * that is referenced by an entry in the program segment header table. \
+ * (Anything in the file after that point is not used when the program \
+ * is executing, and thus can be safely discarded.) \
+ */ \
+static int getmemorysize ## CLASS (Elf ## CLASS ## _Ehdr const *ehdr, \
+ Elf ## CLASS ## _Phdr const *phdrs, \
+ unsigned long *newsize) \
+{ \
+ Elf ## CLASS ## _Phdr const *phdr; \
+ unsigned long size, n; \
+ int i; \
+ \
+ /* Start by setting the size to include the ELF header and the \
+ * complete program segment header table. \
+ */ \
+ size = EGET(ehdr->e_phoff) + EGET(ehdr->e_phnum) * sizeof *phdrs; \
+ if (size < sizeof *ehdr) \
+ size = sizeof *ehdr; \
+ \
+ /* Then keep extending the size to include whatever data the \
+ * program segment header table references. \
+ */ \
+ for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \
+ if (EGET(phdr->p_type) != PT_NULL) { \
+ n = EGET(phdr->p_offset) + EGET(phdr->p_filesz); \
+ if (n > size) \
+ size = n; \
+ } \
+ } \
+ \
+ *newsize = size; \
+ return TRUE; \
+} \
+ \
+/* modifyheaders() removes references to the section header table if \
+ * it was stripped, and reduces program header table entries that \
+ * included truncated bytes at the end of the file. \
+ */ \
+static int modifyheaders ## CLASS (Elf ## CLASS ## _Ehdr *ehdr, \
+ Elf ## CLASS ## _Phdr *phdrs, \
+ unsigned long newsize) \
+{ \
+ Elf ## CLASS ## _Phdr *phdr; \
+ int i; \
+ \
+ /* If the section header table is gone, then remove all references \
+ * to it in the ELF header. \
+ */ \
+ if (EGET(ehdr->e_shoff) >= newsize) { \
+ ESET(ehdr->e_shoff,0); \
+ ESET(ehdr->e_shnum,0); \
+ ESET(ehdr->e_shentsize,0); \
+ ESET(ehdr->e_shstrndx,0); \
+ } \
+ \
+ /* The program adjusts the file size of any segment that was \
+ * truncated. The case of a segment being completely stripped out \
+ * is handled separately. \
+ */ \
+ for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \
+ if (EGET(phdr->p_offset) >= newsize) { \
+ ESET(phdr->p_offset,newsize); \
+ ESET(phdr->p_filesz,0); \
+ } else if (EGET(phdr->p_offset) + EGET(phdr->p_filesz) > newsize) { \
+ newsize -= EGET(phdr->p_offset); \
+ ESET(phdr->p_filesz, newsize); \
+ } \
+ } \
+ \
+ return TRUE; \
+} \
+ \
+/* commitchanges() writes the new headers back to the original file \
+ * and sets the file to its new size. \
+ */ \
+static int commitchanges ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \
+ Elf ## CLASS ## _Phdr *phdrs, \
+ unsigned long newsize) \
+{ \
+ size_t n; \
+ \
+ /* Save the changes to the ELF header, if any. \
+ */ \
+ if (lseek(fd, 0, SEEK_SET)) \
+ return ferr("could not rewind file"); \
+ errno = 0; \
+ if (write(fd, ehdr, sizeof *ehdr) != sizeof *ehdr) \
+ return err("could not modify file"); \
+ \
+ /* Save the changes to the program segment header table, if any. \
+ */ \
+ if (lseek(fd, EGET(ehdr->e_phoff), SEEK_SET) == (off_t)-1) { \
+ err("could not seek in file."); \
+ goto warning; \
+ } \
+ n = EGET(ehdr->e_phnum) * sizeof *phdrs; \
+ if (write(fd, phdrs, n) != (ssize_t)n) { \
+ err("could not write to file"); \
+ goto warning; \
+ } \
+ \
+ /* Eleventh-hour sanity check: don't truncate before the end of \
+ * the program segment header table. \
+ */ \
+ if (newsize < EGET(ehdr->e_phoff) + n) \
+ newsize = EGET(ehdr->e_phoff) + n; \
+ \
+ /* Chop off the end of the file. \
+ */ \
+ if (ftruncate(fd, newsize)) { \
+ err("could not resize file"); \
+ goto warning; \
+ } \
+ \
+ return TRUE; \
+ \
+ warning: \
+ return err("ELF file may have been corrupted!"); \
}
-/* getmemorysize() determines the offset of the last byte of the file
- * that is referenced by an entry in the program segment header table.
- * (Anything in the file after that point is not used when the program
- * is executing, and thus can be safely discarded.)
+
+/* First elements of Elf32_Ehdr and Elf64_Ehdr are common.
*/
-static int getmemorysize(Elf_Ehdr const *ehdr, Elf_Phdr const *phdrs,
- unsigned long *newsize)
+static int readelfheaderident(int fd, Elf32_Ehdr *ehdr)
{
- Elf32_Phdr const *phdr;
- unsigned long size, n;
- int i;
-
- /* Start by setting the size to include the ELF header and the
- * complete program segment header table.
- */
- size = ehdr->e_phoff + ehdr->e_phnum * sizeof *phdrs;
- if (size < sizeof *ehdr)
- size = sizeof *ehdr;
-
- /* Then keep extending the size to include whatever data the
- * program segment header table references.
- */
- for (i = 0, phdr = phdrs ; i < ehdr->e_phnum ; ++i, ++phdr) {
- if (phdr->p_type != PT_NULL) {
- n = phdr->p_offset + phdr->p_filesz;
- if (n > size)
- size = n;
+ errno = 0;
+ if (read(fd, ehdr, EI_NIDENT) != EI_NIDENT)
+ return ferr("missing or incomplete ELF header.");
+
+ /* Check the ELF signature.
+ */
+ if (!(ehdr->e_ident[EI_MAG0] == ELFMAG0 &&
+ ehdr->e_ident[EI_MAG1] == ELFMAG1 &&
+ ehdr->e_ident[EI_MAG2] == ELFMAG2 &&
+ ehdr->e_ident[EI_MAG3] == ELFMAG3))
+ {
+ err("missing ELF signature.");
+ return -1;
}
- }
- *newsize = size;
- return TRUE;
+ /* Compare the file's class and endianness with the program's.
+ */
+#if __BYTE_ORDER == __LITTLE_ENDIAN
+ if (ehdr->e_ident[EI_DATA] == ELFDATA2LSB) {
+ do_reverse_endian = 0;
+ } else if (ehdr->e_ident[EI_DATA] == ELFDATA2MSB) {
+/* fprintf(stderr, "ELF file has different endianness.\n"); */
+ do_reverse_endian = 1;
+ }
+#elif __BYTE_ORDER == __BIG_ENDIAN
+ if (ehdr->e_ident[EI_DATA] == ELFDATA2LSB) {
+/* fprintf(stderr, "ELF file has different endianness.\n"); */
+ do_reverse_endian = 1;
+ } else if (ehdr->e_ident[EI_DATA] == ELFDATA2MSB) {
+ do_reverse_endian = 0;
+ }
+#else
+#error unkown endianness
+#endif
+ else {
+ err("Unsupported endianness");
+ return -1;
+ }
+
+ /* Check the target architecture.
+ */
+/* if (EGET(ehdr->e_machine) != ELF_ARCH) { */
+/* /\* return err("ELF file created for different architecture."); *\/ */
+/* fprintf(stderr, "ELF file created for different architecture.\n"); */
+/* } */
+ return ehdr->e_ident[EI_CLASS];
}
+
+HEADER_FUNCTIONS(32)
+
+HEADER_FUNCTIONS(64)
+
/* truncatezeros() examines the bytes at the end of the file's
* size-to-be, and reduces the size to exclude any trailing zero
* bytes.
*/
static int truncatezeros(int fd, unsigned long *newsize)
{
- unsigned char contents[1024];
- unsigned long size, n;
-
- size = *newsize;
- do {
- n = sizeof contents;
- if (n > size)
- n = size;
- if (lseek(fd, size - n, SEEK_SET) == (off_t)-1)
- return ferr("cannot seek in file.");
- if (read(fd, contents, n) != (ssize_t)n)
- return ferr("cannot read file contents");
- while (n && !contents[--n])
- --size;
- } while (size && !n);
-
- /* Sanity check.
- */
- if (!size)
- return err("ELF file is completely blank!");
-
- *newsize = size;
- return TRUE;
-}
-
-/* modifyheaders() removes references to the section header table if
- * it was stripped, and reduces program header table entries that
- * included truncated bytes at the end of the file.
- */
-static int modifyheaders(Elf_Ehdr *ehdr, Elf_Phdr *phdrs,
- unsigned long newsize)
-{
- Elf32_Phdr *phdr;
- int i;
-
- /* If the section header table is gone, then remove all references
- * to it in the ELF header.
- */
- if (ehdr->e_shoff >= newsize) {
- ehdr->e_shoff = 0;
- ehdr->e_shnum = 0;
- ehdr->e_shentsize = 0;
- ehdr->e_shstrndx = 0;
- }
-
- /* The program adjusts the file size of any segment that was
- * truncated. The case of a segment being completely stripped out
- * is handled separately.
- */
- for (i = 0, phdr = phdrs ; i < ehdr->e_phnum ; ++i, ++phdr) {
- if (phdr->p_offset >= newsize) {
- phdr->p_offset = newsize;
- phdr->p_filesz = 0;
- } else if (phdr->p_offset + phdr->p_filesz > newsize) {
- phdr->p_filesz = newsize - phdr->p_offset;
- }
- }
-
- return TRUE;
-}
-
-/* commitchanges() writes the new headers back to the original file
- * and sets the file to its new size.
- */
-static int commitchanges(int fd, Elf_Ehdr const *ehdr, Elf_Phdr *phdrs,
- unsigned long newsize)
-{
- size_t n;
-
- /* Save the changes to the ELF header, if any.
- */
- if (lseek(fd, 0, SEEK_SET))
- return ferr("could not rewind file");
- errno = 0;
- if (write(fd, ehdr, sizeof *ehdr) != sizeof *ehdr)
- return err("could not modify file");
-
- /* Save the changes to the program segment header table, if any.
- */
- if (lseek(fd, ehdr->e_phoff, SEEK_SET) == (off_t)-1) {
- err("could not seek in file.");
- goto warning;
- }
- n = ehdr->e_phnum * sizeof *phdrs;
- if (write(fd, phdrs, n) != (ssize_t)n) {
- err("could not write to file");
- goto warning;
- }
-
- /* Eleventh-hour sanity check: don't truncate before the end of
- * the program segment header table.
- */
- if (newsize < ehdr->e_phoff + n)
- newsize = ehdr->e_phoff + n;
-
- /* Chop off the end of the file.
- */
- if (ftruncate(fd, newsize)) {
- err("could not resize file");
- goto warning;
- }
-
- return TRUE;
-
- warning:
- return err("ELF file may have been corrupted!");
+ unsigned char contents[1024];
+ unsigned long size, n;
+
+ size = *newsize;
+ do {
+ n = sizeof contents;
+ if (n > size)
+ n = size;
+ if (lseek(fd, size - n, SEEK_SET) == (off_t)-1)
+ return ferr("cannot seek in file.");
+ if (read(fd, contents, n) != (ssize_t)n)
+ return ferr("cannot read file contents");
+ while (n && !contents[--n])
+ --size;
+ } while (size && !n);
+
+ /* Sanity check.
+ */
+ if (!size)
+ return err("ELF file is completely blank!");
+
+ *newsize = size;
+ return TRUE;
}
/* main() loops over the cmdline arguments, leaving all the real work
*/
int main(int argc, char *argv[])
{
- int fd;
- Elf_Ehdr ehdr;
- Elf_Phdr *phdrs;
- unsigned long newsize;
- char **arg;
- int failures = 0;
-
- if (argc < 2 || argv[1][0] == '-') {
- printf("Usage: sstrip FILE...\n"
- "sstrip discards all nonessential bytes from an executable.\n\n"
- "Version 2.0 Copyright (C) 2000,2001 Brian Raiter.\n"
- "This program is free software, licensed under the GNU\n"
- "General Public License. There is absolutely no warranty.\n");
- return EXIT_SUCCESS;
- }
-
- progname = argv[0];
-
- for (arg = argv + 1 ; *arg != NULL ; ++arg) {
- filename = *arg;
-
- fd = open(*arg, O_RDWR);
- if (fd < 0) {
- ferr("can't open");
- ++failures;
- continue;
+ int fd;
+ union {
+ Elf32_Ehdr ehdr32;
+ Elf64_Ehdr ehdr64;
+ } e;
+ union {
+ Elf32_Phdr *phdrs32;
+ Elf64_Phdr *phdrs64;
+ } p;
+ unsigned long newsize;
+ char **arg;
+ int failures = 0;
+
+ if (argc < 2 || argv[1][0] == '-') {
+ printf("Usage: sstrip FILE...\n"
+ "sstrip discards all nonessential bytes from an executable.\n\n"
+ "Version 2.0-X Copyright (C) 2000,2001 Brian Raiter.\n"
+ "Cross-devel hacks Copyright (C) 2004 Manuel Novoa III.\n"
+ "This program is free software, licensed under the GNU\n"
+ "General Public License. There is absolutely no warranty.\n");
+ return EXIT_SUCCESS;
}
- if (!(readelfheader(fd, &ehdr) &&
- readphdrtable(fd, &ehdr, &phdrs) &&
- getmemorysize(&ehdr, phdrs, &newsize) &&
- truncatezeros(fd, &newsize) &&
- modifyheaders(&ehdr, phdrs, newsize) &&
- commitchanges(fd, &ehdr, phdrs, newsize)))
- ++failures;
-
- close(fd);
- }
+ progname = argv[0];
+
+ for (arg = argv + 1 ; *arg != NULL ; ++arg) {
+ filename = *arg;
+
+ fd = open(*arg, O_RDWR);
+ if (fd < 0) {
+ ferr("can't open");
+ ++failures;
+ continue;
+ }
+
+ switch (readelfheaderident(fd, &e.ehdr32)) {
+ case ELFCLASS32:
+ if (!(readelfheader32(fd, &e.ehdr32) &&
+ readphdrtable32(fd, &e.ehdr32, &p.phdrs32) &&
+ getmemorysize32(&e.ehdr32, p.phdrs32, &newsize) &&
+ truncatezeros(fd, &newsize) &&
+ modifyheaders32(&e.ehdr32, p.phdrs32, newsize) &&
+ commitchanges32(fd, &e.ehdr32, p.phdrs32, newsize)))
+ ++failures;
+ break;
+ case ELFCLASS64:
+ if (!(readelfheader64(fd, &e.ehdr64) &&
+ readphdrtable64(fd, &e.ehdr64, &p.phdrs64) &&
+ getmemorysize64(&e.ehdr64, p.phdrs64, &newsize) &&
+ truncatezeros(fd, &newsize) &&
+ modifyheaders64(&e.ehdr64, p.phdrs64, newsize) &&
+ commitchanges64(fd, &e.ehdr64, p.phdrs64, newsize)))
+ ++failures;
+ break;
+ default:
+ ++failures;
+ break;
+ }
+ close(fd);
+ }
- return failures ? EXIT_FAILURE : EXIT_SUCCESS;
+ return failures ? EXIT_FAILURE : EXIT_SUCCESS;
}
projects / openwrt / svn-archive / archive.git / commitdiff