[arch-commits] Commit in ppp/repos (14 files)
Felix Yan
felixonmars at archlinux.org
Mon Jan 25 21:45:15 UTC 2021
Date: Monday, January 25, 2021 @ 21:45:14
Author: felixonmars
Revision: 406748
archrelease: copy trunk to testing-x86_64
(from rev 406747, ppp/trunk/CVE-2020-8597.patch)
(from rev 406747, ppp/trunk/LICENSE)
(from rev 406747, ppp/trunk/PKGBUILD)
(from rev 406747, ppp/trunk/ip-down)
(from rev 406747, ppp/trunk/ip-down.d.dns.sh)
(from rev 406747, ppp/trunk/ip-up)
(from rev 406747, ppp/trunk/ip-up.d.dns.sh)
(from rev 406747, ppp/trunk/ipv6-down)
(from rev 406747, ppp/trunk/ipv6-up)
(from rev 406747, ppp/trunk/ipv6-up.d.iface-config.sh)
(from rev 406747, ppp/trunk/options)
(from rev 406747, ppp/trunk/ppp-2.4.6-makefiles.patch)
(from rev 406747, ppp/trunk/ppp.systemd)
CVE-2020-8597.patch | 37 ++++
PKGBUILD | 94 +++++++++++
ip-down | 12 +
ip-down.d.dns.sh | 7
ip-up | 12 +
ip-up.d.dns.sh | 11 +
ipv6-down | 12 +
ipv6-up | 12 +
ipv6-up.d.iface-config.sh | 4
options | 352 ++++++++++++++++++++++++++++++++++++++++++++
ppp-2.4.6-makefiles.patch | 200 +++++++++++++++++++++++++
ppp.systemd | 9 +
13 files changed, 769 insertions(+)
Copied: ppp/repos/testing-x86_64/CVE-2020-8597.patch (from rev 406747, ppp/trunk/CVE-2020-8597.patch)
--- testing-x86_64/CVE-2020-8597.patch (rev 0)
+++ testing-x86_64/CVE-2020-8597.patch 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,37 @@
+From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus at ozlabs.org>
+Date: Mon, 3 Feb 2020 15:53:28 +1100
+Subject: [PATCH] pppd: Fix bounds check in EAP code
+Given that we have just checked vallen < len, it can never be the case
+that vallen >= len + sizeof(rhostname). This fixes the check so we
+actually avoid overflowing the rhostname array.
+Reported-by: Ilja Van Sprundel <ivansprundel at ioactive.com>
+Signed-off-by: Paul Mackerras <paulus at ozlabs.org>
+ pppd/eap.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/pppd/eap.c b/pppd/eap.c
+index 94407f56..1b93db01 100644
+--- a/pppd/eap.c
++++ b/pppd/eap.c
+@@ -1420,7 +1420,7 @@ int len;
+ }
+ /* Not so likely to happen. */
+- if (vallen >= len + sizeof (rhostname)) {
++ if (len - vallen >= sizeof (rhostname)) {
+ dbglog("EAP: trimming really long peer name down");
+ BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
+ rhostname[sizeof (rhostname) - 1] = '\0';
+@@ -1846,7 +1846,7 @@ int len;
+ }
+ /* Not so likely to happen. */
+- if (vallen >= len + sizeof (rhostname)) {
++ if (len - vallen >= sizeof (rhostname)) {
+ dbglog("EAP: trimming really long peer name down");
+ BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
+ rhostname[sizeof (rhostname) - 1] = '\0';
Copied: ppp/repos/testing-x86_64/LICENSE (from rev 406747, ppp/trunk/LICENSE)
--- testing-x86_64/LICENSE (rev 0)
+++ testing-x86_64/LICENSE 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,7 @@
+All of the code can be freely used and redistributed. The individual
+source files each have their own copyright and permission notice.
+Pppd, pppstats and pppdump are under BSD-style notices. Some of the
+pppd plugins are GPL'd. Chat is public domain.
Copied: ppp/repos/testing-x86_64/PKGBUILD (from rev 406747, ppp/trunk/PKGBUILD)
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,94 @@
+# Maintainer: Felix Yan <felixonmars at archlinux.org>
+# Contributor: Thomas Baechler <thomas at archlinux.org>
+pkgdesc="A daemon which implements the Point-to-Point Protocol for dial-up networking"
+license=('GPL' 'BSD')
+depends=('glibc' 'libpcap' 'libxcrypt' 'openssl')
+ ppp-2.4.6-makefiles.patch
+ options
+ ip-up
+ ip-down
+ ip-up.d.dns.sh
+ ip-down.d.dns.sh
+ ipv6-up
+ ipv6-down
+ ipv6-up.d.iface-config.sh
+ ppp.systemd
+ CVE-2020-8597.patch
+ 'SKIP'
+ 'e319ae8842cf24bdaf3f9ffd9ffe792c18d6b115590174ea930b9a3518834d7f952e2dc4f6061406957d49d9c740f91bb3becfeb6f9c8feb77c2c66eb1e9c58e'
+ '86b13a9f02cc44c5ba16d404fdb54459fcda22fb5f4c4e12b2101e47e2650b62576d6315cd41f30f103ea61fb6f86b7aa2e7d40336f849f45061f7ad9c5119fe'
+ 'bdaaac792dd448ff31da6da2749d8c2f9c4e0311b1d4639de7c68038fcaa333cc28e25f5a6308de0ecb24b60b2e7284a811482df990da5f54d5581a746964f3c'
+ '92f3a5e383f2c888938e891ba831042e7f8c026b0ddf5ce8c3523d06ac32fa81742e638a4c665975cbc79868b98806d92574ee2ee8e034e33b065a90ee3ab28b'
+ '1636b2f8e3e0b0561aae9716e62c58cc7bee06aea0cdc163e64aba17da427810b7a12e4cea3d51b7a0b212fc2f4b7890f08d35d25165cd340b93241c9fe8842c'
+ '7ab85cd977333e89c1d184619a52fa46492db04760c86a44843607c68efc577a1715d0d1f827d6855184af0d87b4b4b02cf7e7102c798516238a45a3c8aa26ad'
+ '256941b220ad54119daf1c76237fecd0b2e9ede1d74b0950c45e373252ce20c1d4cd35a26b4d35f94ad2b7f49569fc9050c44731d672317994b562c750020326'
+ '1b8dc6300f746607c0cce835e69ed444f24ba81874ba061b2b0377f0b9c1cb41a383d6845b364dfabb249a461422972ba5010bacf55c5f85f5eb0d3c0f4c71cd'
+ '5b92a05bcf3ad4b7a88434546884e088069ce7c16a10c472589ca5ecc648f86ca02c2f608fb856ac6cb6ef14b508c2e0dec146c953128693bfb6c988f1963de8'
+ 'b9978c4038fb764a1bbe9dea92850673e14978450c0dcd7a1b0b24c4ebd515fcc4c5cc82cd4b97d826d483261e96945208b9fe97d6fea09a7a5c7910541db24c'
+ '242915cfdeefd629287890876e233b83582b3e6094f0ad58c96027b4dc8275fa18809d68b4ff63e77ca444767ed2b4f376f5501ed4a9247a6bbb50970e9b342a'
+ 'ab3acd0387a7966ac3d220f2b0b6880302f827125d978991f83dd3f1a30340c2a98ca5aedf0b81ec6a9e5eb49b0b0a0a5356419f3b8415c892c2df8b52d3994a')
+validpgpkeys=('631E179E370CD727A7F2A33A9E4295D605F66CE9' # Paul Mackerras (Signing key) <paulus at samba.org>
+ 'DE8E01561D8276A4DBFAEFCC040F1D49EC9DBB8C') # Paul Mackerras <paulus at ozlabs.org>
+prepare() {
+ cd $pkgname-$pkgver
+ patch -p1 -i "$srcdir"/ppp-2.4.6-makefiles.patch
+ patch -p1 -i "$srcdir"/CVE-2020-8597.patch
+ # enable active filter
+ sed -i "s:^#FILTER=y:FILTER=y:" pppd/Makefile.linux
+ # enable ipv6 support
+ sed -i "s:^#HAVE_INET6=y:HAVE_INET6=y:" pppd/Makefile.linux
+ # Enable Microsoft proprietary Callback Control Protocol
+ sed -i "s:^#CBCP=y:CBCP=y:" pppd/Makefile.linux
+build() {
+ cd $pkgname-$pkgver
+ # -D_GNU_SOURCE is needed for IPv6 to work apparently
+ make
+package() {
+ cd $pkgname-$pkgver
+ make INSTROOT="$pkgdir" install
+ install -D -m644 ../options "$pkgdir"/etc/ppp/options
+ install -D -m755 ../ip-up "$pkgdir"/etc/ppp/ip-up
+ install -D -m755 ../ip-down "$pkgdir"/etc/ppp/ip-down
+ install -d -m755 "$pkgdir"/etc/ppp/ip-up.d
+ install -d -m755 "$pkgdir"/etc/ppp/ip-down.d
+ install -m755 ../ip-up.d.dns.sh "$pkgdir"/etc/ppp/ip-up.d/00-dns.sh
+ install -m755 ../ip-down.d.dns.sh "$pkgdir"/etc/ppp/ip-down.d/00-dns.sh
+ install -D -m755 ../ipv6-up "$pkgdir"/etc/ppp/ipv6-up
+ install -D -m755 ../ipv6-down "$pkgdir"/etc/ppp/ipv6-down
+ install -d -m755 "$pkgdir"/etc/ppp/ipv6-up.d
+ install -d -m755 "$pkgdir"/etc/ppp/ipv6-down.d
+ install -m755 ../ipv6-up.d.iface-config.sh "$pkgdir"/etc/ppp/ipv6-up.d/00-iface-config.sh
+ install -D -m755 scripts/pon "$pkgdir"/usr/bin/pon
+ install -D -m755 scripts/poff "$pkgdir"/usr/bin/poff
+ install -D -m755 scripts/plog "$pkgdir"/usr/bin/plog
+ install -D -m644 scripts/pon.1 "$pkgdir"/usr/share/man/man1/pon.1
+ install -D -m600 etc.ppp/pap-secrets "$pkgdir"/etc/ppp/pap-secrets
+ install -D -m600 etc.ppp/chap-secrets "$pkgdir"/etc/ppp/chap-secrets
+ install -d -m755 "$pkgdir"/etc/ppp/peers
+ chmod 0755 "$pkgdir"/usr/lib/pppd/$pkgver/*.so
+ install -D -m644 "$srcdir"/ppp.systemd "$pkgdir"/usr/lib/systemd/system/ppp at .service
+ install -Dm644 "$srcdir"/LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE
Copied: ppp/repos/testing-x86_64/ip-down (from rev 406747, ppp/trunk/ip-down)
--- testing-x86_64/ip-down (rev 0)
+++ testing-x86_64/ip-down 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,12 @@
+# This script is run by pppd after the connection has ended.
+# Execute all scripts in /etc/ppp/ip-down.d/
+for ipdown in /etc/ppp/ip-down.d/*.sh; do
+ if [ -x $ipdown ]; then
+ # Parameters: interface-name tty-device speed local-IP-address remote-IP-address ipparam
+ $ipdown "$@"
+ fi
Copied: ppp/repos/testing-x86_64/ip-down.d.dns.sh (from rev 406747, ppp/trunk/ip-down.d.dns.sh)
--- testing-x86_64/ip-down.d.dns.sh (rev 0)
+++ testing-x86_64/ip-down.d.dns.sh 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,7 @@
+if [ -x /usr/bin/resolvconf ]; then
+ /usr/bin/resolvconf -fd ${IFNAME}
+ [ -e /etc/resolv.conf.backup.${IFNAME} ] && mv /etc/resolv.conf.backup.${IFNAME} /etc/resolv.conf
Copied: ppp/repos/testing-x86_64/ip-up (from rev 406747, ppp/trunk/ip-up)
--- testing-x86_64/ip-up (rev 0)
+++ testing-x86_64/ip-up 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,12 @@
+# This script is run by pppd when there's a successful ppp connection.
+# Execute all scripts in /etc/ppp/ip-up.d/
+for ipup in /etc/ppp/ip-up.d/*.sh; do
+ if [ -x $ipup ]; then
+ # Parameters: interface-name tty-device speed local-IP-address remote-IP-address ipparam
+ $ipup "$@"
+ fi
Copied: ppp/repos/testing-x86_64/ip-up.d.dns.sh (from rev 406747, ppp/trunk/ip-up.d.dns.sh)
--- testing-x86_64/ip-up.d.dns.sh (rev 0)
+++ testing-x86_64/ip-up.d.dns.sh 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,11 @@
+if [ "$USEPEERDNS" = "1" -a -f /etc/ppp/resolv.conf ]; then
+ if [ -x /usr/bin/resolvconf ]; then
+ /usr/bin/resolvconf -a ${IFNAME} </etc/ppp/resolv.conf
+ else
+ [ -e /etc/resolv.conf ] && mv /etc/resolv.conf /etc/resolv.conf.backup.${IFNAME}
+ mv /etc/ppp/resolv.conf /etc/resolv.conf
+ chmod 644 /etc/resolv.conf
+ fi
Copied: ppp/repos/testing-x86_64/ipv6-down (from rev 406747, ppp/trunk/ipv6-down)
--- testing-x86_64/ipv6-down (rev 0)
+++ testing-x86_64/ipv6-down 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,12 @@
+# This script is run by pppd after the connection has ended.
+# Execute all scripts in /etc/ppp/ipv6-down.d/
+for ipdown in /etc/ppp/ipv6-down.d/*.sh; do
+ if [ -x $ipdown ]; then
+ # Parameters: interface-name tty-device speed local-link-local-address remote-link-local-address ipparam
+ $ipdown "$@"
+ fi
Copied: ppp/repos/testing-x86_64/ipv6-up (from rev 406747, ppp/trunk/ipv6-up)
--- testing-x86_64/ipv6-up (rev 0)
+++ testing-x86_64/ipv6-up 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,12 @@
+# This script is run by pppd when there's a successful ppp connection.
+# Execute all scripts in /etc/ppp/ipv6-up.d/
+for ipup in /etc/ppp/ipv6-up.d/*.sh; do
+ if [ -x $ipup ]; then
+ # Parameters: interface-name tty-device speed local-link-local-address remote-link-local-address ipparam
+ $ipup "$@"
+ fi
Copied: ppp/repos/testing-x86_64/ipv6-up.d.iface-config.sh (from rev 406747, ppp/trunk/ipv6-up.d.iface-config.sh)
--- testing-x86_64/ipv6-up.d.iface-config.sh (rev 0)
+++ testing-x86_64/ipv6-up.d.iface-config.sh 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,4 @@
+echo 0 > /proc/sys/net/ipv6/conf/$1/use_tempaddr
+echo 2 > /proc/sys/net/ipv6/conf/$1/accept_ra
Copied: ppp/repos/testing-x86_64/options (from rev 406747, ppp/trunk/options)
--- testing-x86_64/options (rev 0)
+++ testing-x86_64/options 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,352 @@
+# /etc/ppp/options
+# Originally created by Jim Knoble <jmknoble at mercury.interpath.net>
+# Modified for Debian by alvar Bray <alvar at meiko.co.uk>
+# Modified for PPP Server setup by Christoph Lameter <clameter at debian.org>
+# Modified for ArchLinux by Manolis Tzanidakis <manolis at archlinux.org>
+# To quickly see what options are active in this file, use this command:
+# egrep -v '#|^ *$' /etc/ppp/options
+# Specify which DNS Servers the incoming Win95 or WinNT Connection should use
+# Two Servers can be remotely configured
+# ms-dns
+# ms-dns
+# Specify which WINS Servers the incoming connection Win95 or WinNT should use
+# ms-wins
+# ms-wins
+# Run the executable or shell command specified after pppd has
+# terminated the link. This script could, for example, issue commands
+# to the modem to cause it to hang up if hardware modem control signals
+# were not available.
+#disconnect "chat -- \d+++\d\c OK ath0 OK"
+# async character map -- 32-bit hex; each bit is a character
+# that needs to be escaped for pppd to receive it. 0x00000001
+# represents '\x01', and 0x80000000 represents '\x1f'.
+asyncmap 0
+# Require the peer to authenticate itself before allowing network
+# packets to be sent or received.
+# Please do not disable this setting. It is expected to be standard in
+# future releases of pppd. Use the call option (see manpage) to disable
+# authentication for specific peers.
+# Use hardware flow control (i.e. RTS/CTS) to control the flow of data
+# on the serial port.
+# Use software flow control (i.e. XON/XOFF) to control the flow of data
+# on the serial port.
+# Specifies that certain characters should be escaped on transmission
+# (regardless of whether the peer requests them to be escaped with its
+# async control character map). The characters to be escaped are
+# specified as a list of hex numbers separated by commas. Note that
+# almost any character can be specified for the escape option, unlike
+# the asyncmap option which only allows control characters to be
+# specified. The characters which may not be escaped are those with hex
+# values 0x20 - 0x3f or 0x5e.
+#escape 11,13,ff
+# Don't use the modem control lines.
+# Specifies that pppd should use a UUCP-style lock on the serial device
+# to ensure exclusive access to the device.
+# Don't show the passwords when logging the contents of PAP packets.
+# This is the default.
+# When logging the contents of PAP packets, this option causes pppd to
+# show the password string in the log message.
+# Use the modem control lines. On Ultrix, this option implies hardware
+# flow control, as for the crtscts option. (This option is not fully
+# implemented.)
+# Set the MRU [Maximum Receive Unit] value to <n> for negotiation. pppd
+# will ask the peer to send packets of no more than <n> bytes. The
+# minimum MRU value is 128. The default MRU value is 1500. A value of
+# 296 is recommended for slow links (40 bytes for TCP/IP header + 256
+# bytes of data).
+#mru 542
+# Set the interface netmask to <n>, a 32 bit netmask in "decimal dot"
+# notation (e.g.
+# Disables the default behaviour when no local IP address is specified,
+# which is to determine (if possible) the local IP address from the
+# hostname. With this option, the peer will have to supply the local IP
+# address during IPCP negotiation (unless it specified explicitly on the
+# command line or in an options file).
+# Enables the "passive" option in the LCP. With this option, pppd will
+# attempt to initiate a connection; if no reply is received from the
+# peer, pppd will then just wait passively for a valid LCP packet from
+# the peer (instead of exiting, as it does without this option).
+# With this option, pppd will not transmit LCP packets to initiate a
+# connection until a valid LCP packet is received from the peer (as for
+# the "passive" option with old versions of pppd).
+# Don't request or allow negotiation of any options for LCP and IPCP
+# (use default values).
+# Disable Address/Control compression negotiation (use default, i.e.
+# address/control field disabled).
+# Disable asyncmap negotiation (use the default asyncmap, i.e. escape
+# all control characters).
+# Don't fork to become a background process (otherwise pppd will do so
+# if a serial device is specified).
+# Disable IP address negotiation (with this option, the remote IP
+# address must be specified with an option on the command line or in
+# an options file).
+# Disable IPCP negotiation and IP communication. This option should
+# only be required if the peer is buggy and gets confused by requests
+# from pppd for IPCP negotiation.
+# Disable magic number negotiation. With this option, pppd cannot
+# detect a looped-back line.
+# Disable MRU [Maximum Receive Unit] negotiation (use default, i.e.
+# 1500).
+# Disable protocol field compression negotiation (use default, i.e.
+# protocol field compression disabled).
+# Require the peer to authenticate itself using PAP.
+# Don't agree to authenticate using PAP.
+# Require the peer to authenticate itself using CHAP [Cryptographic
+# Handshake Authentication Protocol] authentication.
+# Don't agree to authenticate using CHAP.
+# Disable negotiation of Van Jacobson style IP header compression (use
+# default, i.e. no compression).
+# Increase debugging level (same as -d). If this option is given, pppd
+# will log the contents of all control packets sent or received in a
+# readable form. The packets are logged through syslog with facility
+# daemon and level debug. This information can be directed to a file by
+# setting up /etc/syslog.conf appropriately (see syslog.conf(5)). (If
+# pppd is compiled with extra debugging enabled, it will log messages
+# using facility local2 instead of daemon).
+# Append the domain name <d> to the local host name for authentication
+# purposes. For example, if gethostname() returns the name porsche,
+# but the fully qualified domain name is porsche.Quotron.COM, you would
+# use the domain option to set the domain name to Quotron.COM.
+#domain <d>
+# Enable debugging code in the kernel-level PPP driver. The argument n
+# is a number which is the sum of the following values: 1 to enable
+# general debug messages, 2 to request that the contents of received
+# packets be printed, and 4 to request that the contents of transmitted
+# packets be printed.
+#kdebug n
+# Set the MTU [Maximum Transmit Unit] value to <n>. Unless the peer
+# requests a smaller value via MRU negotiation, pppd will request that
+# the kernel networking code send data packets of no more than n bytes
+# through the PPP network interface.
+#mtu <n>
+# Set the name of the local system for authentication purposes to <n>.
+# This is a privileged option. With this option, pppd will use lines in the
+# secrets files which have <n> as the second field when looking for a
+# secret to use in authenticating the peer. In addition, unless overridden
+# with the user option, <n> will be used as the name to send to the peer
+# when authenticating the local system to the peer. (Note that pppd does
+# not append the domain name to <n>.)
+#name <n>
+# Enforce the use of the hostname as the name of the local system for
+# authentication purposes (overrides the name option).
+# Set the assumed name of the remote system for authentication purposes
+# to <n>.
+#remotename <n>
+# Add an entry to this system's ARP [Address Resolution Protocol]
+# table with the IP address of the peer and the Ethernet address of this
+# system.
+# Use the system password database for authenticating the peer using
+# PAP. Note: mgetty already provides this option. If this is specified
+# then dialin from users using a script under Linux to fire up ppp wont work.
+# login
+# If this option is given, pppd will send an LCP echo-request frame to the
+# peer every n seconds. Normally the peer should respond to the echo-request
+# by sending an echo-reply. This option can be used with the
+# lcp-echo-failure option to detect that the peer is no longer connected.
+lcp-echo-interval 30
+# If this option is given, pppd will presume the peer to be dead if n
+# LCP echo-requests are sent without receiving a valid LCP echo-reply.
+# If this happens, pppd will terminate the connection. Use of this
+# option requires a non-zero value for the lcp-echo-interval parameter.
+# This option can be used to enable pppd to terminate after the physical
+# connection has been broken (e.g., the modem has hung up) in
+# situations where no hardware modem control lines are available.
+lcp-echo-failure 4
+# Set the LCP restart interval (retransmission timeout) to <n> seconds
+# (default 3).
+#lcp-restart <n>
+# Set the maximum number of LCP terminate-request transmissions to <n>
+# (default 3).
+#lcp-max-terminate <n>
+# Set the maximum number of LCP configure-request transmissions to <n>
+# (default 10).
+#lcp-max-configure <n>
+# Set the maximum number of LCP configure-NAKs returned before starting
+# to send configure-Rejects instead to <n> (default 10).
+#lcp-max-failure <n>
+# Set the IPCP restart interval (retransmission timeout) to <n>
+# seconds (default 3).
+#ipcp-restart <n>
+# Set the maximum number of IPCP terminate-request transmissions to <n>
+# (default 3).
+#ipcp-max-terminate <n>
+# Set the maximum number of IPCP configure-request transmissions to <n>
+# (default 10).
+#ipcp-max-configure <n>
+# Set the maximum number of IPCP configure-NAKs returned before starting
+# to send configure-Rejects instead to <n> (default 10).
+#ipcp-max-failure <n>
+# Set the PAP restart interval (retransmission timeout) to <n> seconds
+# (default 3).
+#pap-restart <n>
+# Set the maximum number of PAP authenticate-request transmissions to
+# <n> (default 10).
+#pap-max-authreq <n>
+# Set the maximum time that pppd will wait for the peer to authenticate
+# itself with PAP to <n> seconds (0 means no limit).
+#pap-timeout <n>
+# Set the CHAP restart interval (retransmission timeout for
+# challenges) to <n> seconds (default 3).
+#chap-restart <n>
+# Set the maximum number of CHAP challenge transmissions to <n>
+# (default 10).
+# If this option is given, pppd will rechallenge the peer every <n>
+# seconds.
+#chap-interval <n>
+# With this option, pppd will accept the peer's idea of our local IP
+# address, even if the local IP address was specified in an option.
+# With this option, pppd will accept the peer's idea of its (remote) IP
+# address, even if the remote IP address was specified in an option.
+# Disable the IPXCP and IPX protocols.
+# To let pppd pass IPX packets comment this out --- you'll probably also
+# want to install ipxripd, and have the Internal IPX Network option enabled
+# in your kernel. /usr/doc/HOWTO/IPX-HOWTO.gz contains more info.
+# Exit once a connection has been made and terminated. This is the default,
+# unless the `persist' or `demand' option has been specified.
+# Do not exit after a connection is terminated; instead try to reopen
+# the connection.
+# Terminate after n consecutive failed connection attempts.
+# A value of 0 means no limit. The default value is 10.
+#maxfail <n>
+# Initiate the link only on demand, i.e. when data traffic is present.
+# With this option, the remote IP address must be specified by the user on
+# the command line or in an options file. Pppd will initially configure
+# the interface and enable it for IP traffic without connecting to the peer.
+# When traffic is available, pppd will connect to the peer and perform
+# negotiation, authentication, etc. When this is completed, pppd will
+# commence passing data packets (i.e., IP packets) across the link.
+# Specifies that pppd should disconnect if the link is idle for <n> seconds.
+# The link is idle when no data packets (i.e. IP packets) are being sent or
+# received. Note: it is not advisable to use this option with the persist
+# option without the demand option. If the active-filter option is given,
+# data packets which are rejected by the specified activity filter also
+# count as the link being idle.
+#idle <n>
+# Specifies how many seconds to wait before re-initiating the link after
+# it terminates. This option only has any effect if the persist or demand
+# option is used. The holdoff period is not applied if the link was
+# terminated because it was idle.
+#holdoff <n>
+# Wait for up n milliseconds after the connect script finishes for a valid
+# PPP packet from the peer. At the end of this time, or when a valid PPP
+# packet is received from the peer, pppd will commence negotiation by
+# sending its first LCP packet. The default value is 1000 (1 second).
+# This wait period only applies if the connect or pty option is used.
+#connect-delay <n>
+# Packet filtering: for more information, see pppd(8)
+# Any packets matching the filter expression will be interpreted as link
+# activity, and will cause a "demand" connection to be activated, and reset
+# the idle connection timer. (idle option)
+# The filter expression is akin to that of tcpdump(1)
+#active-filter <filter-expression>
+# uncomment the line below this if you use PPPoE
+#plugin /usr/lib/pppd/plugins/pppoe.so
+# ---<End of File>---
Copied: ppp/repos/testing-x86_64/ppp-2.4.6-makefiles.patch (from rev 406747, ppp/trunk/ppp-2.4.6-makefiles.patch)
--- testing-x86_64/ppp-2.4.6-makefiles.patch (rev 0)
+++ testing-x86_64/ppp-2.4.6-makefiles.patch 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,200 @@
+diff -Nur ppp-2.4.6.orig/chat/Makefile.linux ppp-2.4.6/chat/Makefile.linux
+--- ppp-2.4.6.orig/chat/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/chat/Makefile.linux 2014-02-24 09:00:16.666577906 +0100
+@@ -1,7 +1,7 @@
+ # $Id: Makefile.linux,v 1.15 2006/06/04 05:07:46 paulus Exp $
+-BINDIR = $(DESTDIR)/sbin
+ MANDIR = $(DESTDIR)/share/man/man8
+ CDEF1= -DTERMIOS # Use the termios structure
+@@ -10,7 +10,8 @@
+ CDEF4= -DFNDELAY=O_NDELAY # Old name value
+ CDEFS= $(CDEF1) $(CDEF2) $(CDEF3) $(CDEF4)
+-COPTS= -O2 -g -pipe
+ INSTALL= install
+@@ -21,7 +22,7 @@
+ $(CC) -o chat chat.o
+ chat.o: chat.c
+- $(CC) -c $(CFLAGS) -o chat.o chat.c
++ $(CC) -c $(CFLAGS) $(LDFLAGS) -o chat.o chat.c
+ install: chat
+ mkdir -p $(BINDIR) $(MANDIR)
+diff -Nur ppp-2.4.6.orig/configure ppp-2.4.6/configure
+--- ppp-2.4.6.orig/configure 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/configure 2014-02-24 09:00:16.743242620 +0100
+@@ -185,7 +185,10 @@
+ rm -f $2
+ if [ -f $1 ]; then
+ echo " $2 <= $1"
+- sed -e "s, at DESTDIR@,$DESTDIR,g" -e "s, at SYSCONF@,$SYSCONF,g" $1 >$2
++ sed -e "s|@DESTDIR@|$DESTDIR|g" \
++ -e "s|@SYSCONF@|$SYSCONF|g" \
++ -e "s|@CFLAGS@|$CFLAGS|g" \
++ -e "s|@LDFLAGS@|$LDFLAGS|g" $1 >$2
+ fi
+ }
+diff -Nur ppp-2.4.6.orig/linux/Makefile.top ppp-2.4.6/linux/Makefile.top
+--- ppp-2.4.6.orig/linux/Makefile.top 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/linux/Makefile.top 2014-02-24 09:00:16.743242620 +0100
+@@ -1,7 +1,7 @@
+ # PPP top-level Makefile for Linux.
+-BINDIR = $(DESTDIR)/sbin
+ INCDIR = $(DESTDIR)/include
+ MANDIR = $(DESTDIR)/share/man
+diff -Nur ppp-2.4.6.orig/pppd/Makefile.linux ppp-2.4.6/pppd/Makefile.linux
+--- ppp-2.4.6.orig/pppd/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/pppd/Makefile.linux 2014-02-24 09:00:16.743242620 +0100
+@@ -5,7 +5,7 @@
+ # Default installation locations
+-BINDIR = $(DESTDIR)/sbin
+ MANDIR = $(DESTDIR)/share/man/man8
+ INCDIR = $(DESTDIR)/include
+@@ -32,7 +32,8 @@
+ # CC = gcc
+ #
+-COPTS = -O2 -pipe -Wall -g
+ LIBS =
+ # Uncomment the next 2 lines to include support for Microsoft's
+diff -Nur ppp-2.4.6.orig/pppd/plugins/Makefile.linux ppp-2.4.6/pppd/plugins/Makefile.linux
+--- ppp-2.4.6.orig/pppd/plugins/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/pppd/plugins/Makefile.linux 2014-02-24 09:00:16.779908379 +0100
+@@ -1,11 +1,11 @@
+ #CC = gcc
+-COPTS = -O2 -g
+ CFLAGS = $(COPTS) -I.. -I../../include -fPIC
+ LDFLAGS_SHARED = -shared
+ INSTALL = install
+-BINDIR = $(DESTDIR)/sbin
+ MANDIR = $(DESTDIR)/share/man/man8
+ LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+diff -Nur ppp-2.4.6.orig/pppd/plugins/pppoatm/Makefile.linux ppp-2.4.6/pppd/plugins/pppoatm/Makefile.linux
+--- ppp-2.4.6.orig/pppd/plugins/pppoatm/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/pppd/plugins/pppoatm/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
+@@ -1,7 +1,7 @@
+ #CC = gcc
+-COPTS = -O2 -g
+ CFLAGS = $(COPTS) -I../.. -I../../../include -fPIC
+ LDFLAGS_SHARED = -shared
+ INSTALL = install
+ #***********************************************************************
+diff -Nur ppp-2.4.6.orig/pppd/plugins/pppol2tp/Makefile.linux ppp-2.4.6/pppd/plugins/pppol2tp/Makefile.linux
+--- ppp-2.4.6.orig/pppd/plugins/pppol2tp/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/pppd/plugins/pppol2tp/Makefile.linux 2014-02-24 09:01:06.325349425 +0100
+@@ -1,12 +1,12 @@
+ #CC = gcc
+-COPTS = -O2 -g
+ CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
+ LDFLAGS_SHARED = -shared
+ INSTALL = install
+ #***********************************************************************
+ LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+ VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
+diff -Nur ppp-2.4.6.orig/pppd/plugins/radius/Makefile.linux ppp-2.4.6/pppd/plugins/radius/Makefile.linux
+--- ppp-2.4.6.orig/pppd/plugins/radius/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/pppd/plugins/radius/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
+@@ -12,7 +12,8 @@
+ INSTALL = install
+ PLUGIN=radius.so radattr.so radrealms.so
+-CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
++CFLAGS=@CFLAGS@ -I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
+ # Uncomment the next line to include support for Microsoft's
+ # MS-CHAP authentication protocol.
+diff -Nur ppp-2.4.6.orig/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.6/pppd/plugins/rp-pppoe/Makefile.linux
+--- ppp-2.4.6.orig/pppd/plugins/rp-pppoe/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/pppd/plugins/rp-pppoe/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
+@@ -15,7 +15,7 @@
+ #***********************************************************************
+-BINDIR = $(DESTDIR)/sbin
+ PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
+@@ -25,7 +25,9 @@
+ # Version is set ONLY IN THE MAKEFILE! Don't delete this!
+-COPTS=-O2 -g
+ CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"'
+ all: rp-pppoe.so pppoe-discovery
+ pppoe-discovery: pppoe-discovery.o debug.o
+diff -Nur ppp-2.4.6.orig/pppdump/Makefile.linux ppp-2.4.6/pppdump/Makefile.linux
+--- ppp-2.4.6.orig/pppdump/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/pppdump/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
+@@ -1,8 +1,9 @@
+-BINDIR = $(DESTDIR)/sbin
+ MANDIR = $(DESTDIR)/share/man/man8
+-CFLAGS= -O -I../include/net
++CFLAGS = @CFLAGS@ -I../include/net
+ OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
+ INSTALL= install
+diff -Nur ppp-2.4.6.orig/pppstats/Makefile.linux ppp-2.4.6/pppstats/Makefile.linux
+--- ppp-2.4.6.orig/pppstats/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
++++ ppp-2.4.6/pppstats/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
+@@ -3,14 +3,15 @@
+ # $Id: Makefile.linux,v 1.9 2006/06/04 05:07:46 paulus Exp $
+ #
+-BINDIR = $(DESTDIR)/sbin
+ MANDIR = $(DESTDIR)/share/man/man8
+ PPPSTATSRCS = pppstats.c
+ PPPSTATOBJS = pppstats.o
+ #CC = gcc
+-COPTS = -O
+ COMPILE_FLAGS = -I../include
+ LIBS =
\ No newline at end of file
Copied: ppp/repos/testing-x86_64/ppp.systemd (from rev 406747, ppp/trunk/ppp.systemd)
--- testing-x86_64/ppp.systemd (rev 0)
+++ testing-x86_64/ppp.systemd 2021-01-25 21:45:14 UTC (rev 406748)
@@ -0,0 +1,9 @@
+Description=PPP link to %I
+ExecStart=/usr/sbin/pppd call %I nodetach nolog
More information about the arch-commits
mailing list