diff options
Diffstat (limited to 'meta/recipes-connectivity/ppp')
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch | 124 | ||||
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch | 75 | ||||
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch | 43 | ||||
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp/0001-pppd-Fix-bounds-check-in-EAP-code.patch | 47 | ||||
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp/cifdefroute.patch | 292 | ||||
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch | 1 | ||||
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch | 31 | ||||
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp/makefile.patch | 72 | ||||
-rw-r--r-- | meta/recipes-connectivity/ppp/ppp_2.4.8.bb (renamed from meta/recipes-connectivity/ppp/ppp_2.4.7.bb) | 24 |
9 files changed, 290 insertions, 419 deletions
diff --git a/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch b/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch new file mode 100644 index 0000000000..65291368bd --- /dev/null +++ b/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch @@ -0,0 +1,124 @@ +From e50cdaed07e51f2508f94eb1f34fe43776e4ca78 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 29 May 2015 14:57:05 -0700 +Subject: [PATCH] Fix build with musl + +There are several assumption about glibc + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Upstream-Status: Pending +--- + include/net/ppp_defs.h | 2 ++ + pppd/Makefile.linux | 2 +- + pppd/plugins/rp-pppoe/config.h | 3 ++- + pppd/plugins/rp-pppoe/plugin.c | 1 - + pppd/plugins/rp-pppoe/pppoe-discovery.c | 8 ++++---- + pppd/plugins/rp-pppoe/pppoe.h | 2 +- + pppd/sys-linux.c | 3 ++- + 7 files changed, 12 insertions(+), 9 deletions(-) + +diff --git a/include/net/ppp_defs.h b/include/net/ppp_defs.h +index b06eda5..dafa36c 100644 +--- a/include/net/ppp_defs.h ++++ b/include/net/ppp_defs.h +@@ -38,6 +38,8 @@ + #ifndef _PPP_DEFS_H_ + #define _PPP_DEFS_H_ + ++#include <sys/time.h> ++ + /* + * The basic PPP frame. + */ +diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux +index 4e485a1..76411bc 100644 +--- a/pppd/Makefile.linux ++++ b/pppd/Makefile.linux +@@ -131,7 +131,7 @@ LIBS += -lcrypt + endif + + ifdef USE_LIBUTIL +-CFLAGS += -DHAVE_LOGWTMP=1 ++#CFLAGS += -DHAVE_LOGWTMP=1 + LIBS += -lutil + endif + +diff --git a/pppd/plugins/rp-pppoe/config.h b/pppd/plugins/rp-pppoe/config.h +index a708859..4a16a88 100644 +--- a/pppd/plugins/rp-pppoe/config.h ++++ b/pppd/plugins/rp-pppoe/config.h +@@ -78,8 +78,9 @@ + #define HAVE_NET_IF_ARP_H 1 + + /* Define if you have the <net/ethernet.h> header file. */ ++#ifdef __GLIBC__ + #define HAVE_NET_ETHERNET_H 1 +- ++#endif + /* Define if you have the <net/if.h> header file. */ + #define HAVE_NET_IF_H 1 + +diff --git a/pppd/plugins/rp-pppoe/plugin.c b/pppd/plugins/rp-pppoe/plugin.c +index 44e0c31..93c0906 100644 +--- a/pppd/plugins/rp-pppoe/plugin.c ++++ b/pppd/plugins/rp-pppoe/plugin.c +@@ -46,7 +46,6 @@ static char const RCSID[] = + #include <unistd.h> + #include <fcntl.h> + #include <signal.h> +-#include <net/ethernet.h> + #include <net/if_arp.h> + #include <linux/ppp_defs.h> + #include <linux/if_pppox.h> +diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c +index f19c6d8..f45df2c 100644 +--- a/pppd/plugins/rp-pppoe/pppoe-discovery.c ++++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c +@@ -29,10 +29,6 @@ + #include <linux/if_packet.h> + #endif + +-#ifdef HAVE_NET_ETHERNET_H +-#include <net/ethernet.h> +-#endif +- + #ifdef HAVE_ASM_TYPES_H + #include <asm/types.h> + #endif +diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h +index a4e7d5c..de191c8 100644 +--- a/pppd/plugins/rp-pppoe/pppoe.h ++++ b/pppd/plugins/rp-pppoe/pppoe.h +@@ -90,7 +90,7 @@ typedef unsigned long UINT32_t; + #ifdef HAVE_SYS_SOCKET_H + #include <sys/socket.h> + #endif +-#ifndef HAVE_SYS_DLPI_H ++#if !defined HAVE_SYS_DLPI_H && defined HAVE_NET_ETHERNET_H + #include <netinet/if_ether.h> + #endif + #endif +diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c +index a0531e9..84ee394 100644 +--- a/pppd/sys-linux.c ++++ b/pppd/sys-linux.c +@@ -112,7 +112,7 @@ + #include <linux/types.h> + #include <linux/if.h> + #include <linux/if_arp.h> +-#include <linux/route.h> ++/* #include <linux/route.h> */ + #include <linux/if_ether.h> + #endif + #include <netinet/in.h> +@@ -145,6 +145,7 @@ + #endif + + #ifdef INET6 ++#include <net/route.h> + #ifndef _LINUX_IN6_H + /* + * This is in linux/include/net/ipv6.h. +-- +2.17.1 + diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch deleted file mode 100644 index 8aa2d2e678..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch +++ /dev/null @@ -1,75 +0,0 @@ -From ba0f6058d1f25b2b60fc31ab2656bf12a71ffdab Mon Sep 17 00:00:00 2001 -From: Lu Chong <Chong.Lu@windriver.com> -Date: Tue, 5 Nov 2013 17:32:56 +0800 -Subject: [PATCH] ppp: Fix compilation errors in Makefile - -This patch fixes below issues: - -1. Make can't exit while compilation error occurs in subdir for plugins building. - -2. If build ppp with newer kernel (3.10.10), it will pick 'if_pppox.h' from sysroot-dir and - 'if_pppol2tp.h' from its own source dir, this cause below build errors: - - bitbake_build/tmp/sysroots/intel-x86-64/usr/include/linux/if_pppox.h:84:26: - error: field 'pppol2tp' has incomplete type - struct pppol2tpin6_addr pppol2tp; - ^ - bitbake_build/tmp/sysroots/intel-x86-64/usr/include/linux/if_pppox.h:99:28: - error: field 'pppol2tp' has incomplete type - struct pppol2tpv3in6_addr pppol2tp; - ^ - -The 'sysroot-dir/if_pppox.h' enabled ipv6 support but the 'source-dir/if_pppol2tp.h' lost -related structure definitions, we should use both header files from sysroots to fix this -build failure. - -Upstream-Status: Pending - -Signed-off-by: Lu Chong <Chong.Lu@windriver.com> ---- - pppd/plugins/Makefile.linux | 2 +- - pppd/plugins/pppol2tp/Makefile.linux | 2 +- - pppd/plugins/rp-pppoe/Makefile.linux | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux -index 0a7ec7b..2a2c15a 100644 ---- a/pppd/plugins/Makefile.linux -+++ b/pppd/plugins/Makefile.linux -@@ -20,7 +20,7 @@ include .depend - endif - - all: $(PLUGINS) -- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all; done -+ for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all || exit 1; done - - %.so: %.c - $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^ -diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux -index 19eff67..feb2f52 100644 ---- a/pppd/plugins/pppol2tp/Makefile.linux -+++ b/pppd/plugins/pppol2tp/Makefile.linux -@@ -1,6 +1,6 @@ - #CC = gcc - COPTS = -O2 -g --CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC -+CFLAGS = $(COPTS) -I. -I../.. -fPIC - LDFLAGS = -shared - INSTALL = install - -diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux -index f078991..15b9118 100644 ---- a/pppd/plugins/rp-pppoe/Makefile.linux -+++ b/pppd/plugins/rp-pppoe/Makefile.linux -@@ -26,7 +26,7 @@ INSTALL = install - RP_VERSION=3.8p - - COPTS=-O2 -g --CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"' -+CFLAGS=$(COPTS) '-DRP_VERSION="$(RP_VERSION)"' - all: rp-pppoe.so pppoe-discovery - - pppoe-discovery: pppoe-discovery.o debug.o --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch new file mode 100644 index 0000000000..a32f89fbc8 --- /dev/null +++ b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch @@ -0,0 +1,43 @@ +commit cd90fd147844a0cfec101f1e2db7a3c59d236621 +Author: Jussi Kukkonen <jussi.kukkonen@intel.com> +Date: Wed Dec 28 14:11:22 2016 +0200 + +pppol2tp plugin: Remove unneeded include + +The include is not required and will break compile on musl libc with + +| In file included from pppol2tp.c:34:0: +| /usr/include/linux/if.h:97:2: error: expected identifier before numeric constant +| IFF_LOWER_UP = 1<<16, /* __volatile__ */ + +Patch originally from Khem Raj. + +Upstream-Status: Pending [https://github.com/paulusmack/ppp/issues/73] +Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> + +diff --git a/pppd/plugins/pppol2tp/openl2tp.c b/pppd/plugins/pppol2tp/openl2tp.c +index 9643b96..458316b 100644 +--- a/pppd/plugins/pppol2tp/openl2tp.c ++++ b/pppd/plugins/pppol2tp/openl2tp.c +@@ -47,7 +47,6 @@ + #include <linux/if_ether.h> + #include <linux/ppp_defs.h> + #include <linux/if_ppp.h> +-#include <linux/if_pppox.h> + #include <linux/if_pppol2tp.h> + + #include "l2tp_event.h" +diff --git a/pppd/plugins/pppol2tp/pppol2tp.c b/pppd/plugins/pppol2tp/pppol2tp.c +index 0e28606..4f6d98c 100644 +--- a/pppd/plugins/pppol2tp/pppol2tp.c ++++ b/pppd/plugins/pppol2tp/pppol2tp.c +@@ -46,7 +46,6 @@ + #include <linux/if_ether.h> + #include <linux/ppp_defs.h> + #include <linux/if_ppp.h> +-#include <linux/if_pppox.h> + #include <linux/if_pppol2tp.h> + + /* should be added to system's socket.h... */ +--- + diff --git a/meta/recipes-connectivity/ppp/ppp/0001-pppd-Fix-bounds-check-in-EAP-code.patch b/meta/recipes-connectivity/ppp/ppp/0001-pppd-Fix-bounds-check-in-EAP-code.patch new file mode 100644 index 0000000000..b7ba7ba643 --- /dev/null +++ b/meta/recipes-connectivity/ppp/ppp/0001-pppd-Fix-bounds-check-in-EAP-code.patch @@ -0,0 +1,47 @@ +From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001 +From: Paul Mackerras <paulus@ozlabs.org> +Date: Mon, 3 Feb 2020 15:53:28 +1100 +Subject: [PATCH] pppd: Fix bounds check in EAP code + +Given that we have just checked vallen < len, it can never be the case +that vallen >= len + sizeof(rhostname). This fixes the check so we +actually avoid overflowing the rhostname array. + +Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> +Signed-off-by: Paul Mackerras <paulus@ozlabs.org> + +Upstream-Status: Backport +[https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426] + +CVE: CVE-2020-8597 + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + pppd/eap.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/pppd/eap.c b/pppd/eap.c +index 94407f5..1b93db0 100644 +--- a/pppd/eap.c ++++ b/pppd/eap.c +@@ -1420,7 +1420,7 @@ int len; + } + + /* Not so likely to happen. */ +- if (vallen >= len + sizeof (rhostname)) { ++ if (len - vallen >= sizeof (rhostname)) { + dbglog("EAP: trimming really long peer name down"); + BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); + rhostname[sizeof (rhostname) - 1] = '\0'; +@@ -1846,7 +1846,7 @@ int len; + } + + /* Not so likely to happen. */ +- if (vallen >= len + sizeof (rhostname)) { ++ if (len - vallen >= sizeof (rhostname)) { + dbglog("EAP: trimming really long peer name down"); + BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1); + rhostname[sizeof (rhostname) - 1] = '\0'; +-- +2.17.1 + diff --git a/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch b/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch deleted file mode 100644 index db4dbc27a9..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch +++ /dev/null @@ -1,292 +0,0 @@ -This patch comes from OpenEmbedded. -The original patch is from Debian / SuSE to implement replacedefaultroute -Rebased it to fit ppp-2.4.5. Dongxiao Xu <dongxiao.xu@intel.com> - -Upstream-Status: Inappropriate [debian/suse patches] - -diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c ---- ppp-2.4.5-orig/pppd/ipcp.c 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/pppd/ipcp.c 2010-06-30 16:40:00.478716855 +0800 -@@ -198,6 +198,16 @@ - "disable defaultroute option", OPT_ALIAS | OPT_A2CLR, - &ipcp_wantoptions[0].default_route }, - -+#ifdef __linux__ -+ { "replacedefaultroute", o_bool, -+ &ipcp_wantoptions[0].replace_default_route, -+ "Replace default route", 1 -+ }, -+ { "noreplacedefaultroute", o_bool, -+ &ipcp_allowoptions[0].replace_default_route, -+ "Never replace default route", OPT_A2COPY, -+ &ipcp_wantoptions[0].replace_default_route }, -+#endif - { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, - "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, - { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, -@@ -271,7 +281,7 @@ - ip_active_pkt - }; - --static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t)); -+static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool)); - static void ipcp_script __P((char *, int)); /* Run an up/down script */ - static void ipcp_script_done __P((void *)); - -@@ -1742,7 +1752,12 @@ - if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) - return 0; - if (wo->default_route) -+#ifndef __linux__ - if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr)) -+#else -+ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[u] = 1; - if (wo->proxy_arp) - if (sifproxyarp(u, wo->hisaddr)) -@@ -1830,7 +1845,8 @@ - */ - if (demand) { - if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { -- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr); -+ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr, -+ wo->replace_default_route); - if (go->ouraddr != wo->ouraddr) { - warn("Local IP address changed to %I", go->ouraddr); - script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); -@@ -1855,7 +1871,12 @@ - - /* assign a default route through the interface if required */ - if (ipcp_wantoptions[f->unit].default_route) -+#ifndef __linux__ - if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) -+#else -+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[f->unit] = 1; - - /* Make a proxy ARP entry if requested. */ -@@ -1905,7 +1926,12 @@ - - /* assign a default route through the interface if required */ - if (ipcp_wantoptions[f->unit].default_route) -+#ifndef __linux__ - if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) -+#else -+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[f->unit] = 1; - - /* Make a proxy ARP entry if requested. */ -@@ -1983,7 +2009,7 @@ - sifnpmode(f->unit, PPP_IP, NPMODE_DROP); - sifdown(f->unit); - ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, -- ipcp_hisoptions[f->unit].hisaddr); -+ ipcp_hisoptions[f->unit].hisaddr, 0); - } - - /* Execute the ip-down script */ -@@ -1999,12 +2025,21 @@ - * proxy arp entries, etc. - */ - static void --ipcp_clear_addrs(unit, ouraddr, hisaddr) -+ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute) - int unit; - u_int32_t ouraddr; /* local address */ - u_int32_t hisaddr; /* remote address */ -+ bool replacedefaultroute; - { -- if (proxy_arp_set[unit]) { -+ /* If replacedefaultroute, sifdefaultroute will be called soon -+ * with replacedefaultroute set and that will overwrite the current -+ * default route. This is the case only when doing demand, otherwise -+ * during demand, this cifdefaultroute would restore the old default -+ * route which is not what we want in this case. In the non-demand -+ * case, we'll delete the default route and restore the old if there -+ * is one saved by an sifdefaultroute with replacedefaultroute. -+ */ -+ if (!replacedefaultroute && default_route_set[unit]) { - cifproxyarp(unit, hisaddr); - proxy_arp_set[unit] = 0; - } -diff -urN ppp-2.4.5-orig/pppd/ipcp.h ppp-2.4.5/pppd/ipcp.h ---- ppp-2.4.5-orig/pppd/ipcp.h 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/ipcp.h 2010-06-30 16:40:49.586203129 +0800 -@@ -70,6 +70,7 @@ - bool old_addrs; /* Use old (IP-Addresses) option? */ - bool req_addr; /* Ask peer to send IP address? */ - bool default_route; /* Assign default route through interface? */ -+ bool replace_default_route; /* Replace default route through interface? */ - bool proxy_arp; /* Make proxy ARP entry for peer? */ - bool neg_vj; /* Van Jacobson Compression? */ - bool old_vj; /* use old (short) form of VJ option? */ -diff -urN ppp-2.4.5-orig/pppd/pppd.8 ppp-2.4.5/pppd/pppd.8 ---- ppp-2.4.5-orig/pppd/pppd.8 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/pppd.8 2010-06-30 16:42:47.102413859 +0800 -@@ -121,6 +121,13 @@ - This entry is removed when the PPP connection is broken. This option - is privileged if the \fInodefaultroute\fR option has been specified. - .TP -+.B replacedefaultroute -+This option is a flag to the defaultroute option. If defaultroute is -+set and this flag is also set, pppd replaces an existing default route -+with the new default route. -+ -+ -+.TP - .B disconnect \fIscript - Execute the command specified by \fIscript\fR, by passing it to a - shell, after -@@ -717,7 +724,12 @@ - .TP - .B nodefaultroute - Disable the \fIdefaultroute\fR option. The system administrator who --wishes to prevent users from creating default routes with pppd -+wishes to prevent users from adding a default route with pppd -+can do so by placing this option in the /etc/ppp/options file. -+.TP -+.B noreplacedefaultroute -+Disable the \fIreplacedefaultroute\fR option. The system administrator who -+wishes to prevent users from replacing a default route with pppd - can do so by placing this option in the /etc/ppp/options file. - .TP - .B nodeflate -diff -urN ppp-2.4.5-orig/pppd/pppd.h ppp-2.4.5/pppd/pppd.h ---- ppp-2.4.5-orig/pppd/pppd.h 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/pppd/pppd.h 2010-06-30 16:43:36.514148327 +0800 -@@ -643,7 +643,11 @@ - int cif6addr __P((int, eui64_t, eui64_t)); - /* Remove an IPv6 address from i/f */ - #endif -+#ifndef __linux__ - int sifdefaultroute __P((int, u_int32_t, u_int32_t)); -+#else -+int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt)); -+#endif - /* Create default route through i/f */ - int cifdefaultroute __P((int, u_int32_t, u_int32_t)); - /* Delete default route through i/f */ -diff -urN ppp-2.4.5-orig/pppd/sys-linux.c ppp-2.4.5/pppd/sys-linux.c ---- ppp-2.4.5-orig/pppd/sys-linux.c 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/pppd/sys-linux.c 2010-06-30 16:54:00.362716231 +0800 -@@ -206,6 +206,8 @@ - - static int if_is_up; /* Interface has been marked up */ - static int have_default_route; /* Gateway for default route added */ -+static struct rtentry old_def_rt; /* Old default route */ -+static int default_rt_repl_rest; /* replace and restore old default rt */ - static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ - static char proxy_arp_dev[16]; /* Device for proxy arp entry */ - static u_int32_t our_old_addr; /* for detecting address changes */ -@@ -1537,6 +1539,9 @@ - p = NULL; - } - -+ SET_SA_FAMILY (rt->rt_dst, AF_INET); -+ SET_SA_FAMILY (rt->rt_gateway, AF_INET); -+ - SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); - SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); - SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); -@@ -1606,20 +1611,51 @@ - /******************************************************************** - * - * sifdefaultroute - assign a default route through the address given. -- */ -- --int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway) --{ -- struct rtentry rt; -- -- if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) { -- if (rt.rt_flags & RTF_GATEWAY) -- error("not replacing existing default route via %I", -- SIN_ADDR(rt.rt_gateway)); -- else -- error("not replacing existing default route through %s", -- rt.rt_dev); -- return 0; -+ * -+ * If the global default_rt_repl_rest flag is set, then this function -+ * already replaced the original system defaultroute with some other -+ * route and it should just replace the current defaultroute with -+ * another one, without saving the current route. Use: demand mode, -+ * when pppd sets first a defaultroute it it's temporary ppp0 addresses -+ * and then changes the temporary addresses to the addresses for the real -+ * ppp connection when it has come up. -+ */ -+ -+int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace) -+{ -+ struct rtentry rt, tmp_rt; -+ struct rtentry *del_rt = NULL; -+ -+ if (default_rt_repl_rest) { -+ /* We have already reclaced the original defaultroute, if we -+ * are called again, we will delete the current default route -+ * and set the new default route in this function. -+ * - this is normally only the case the doing demand: */ -+ if (defaultroute_exists( &tmp_rt )) -+ del_rt = &tmp_rt; -+ } else if ( defaultroute_exists( &old_def_rt ) && -+ strcmp( old_def_rt.rt_dev, ifname ) != 0) { -+ /* We did not yet replace an existing default route, let's -+ * check if we should save and replace a default route: -+ */ -+ u_int32_t old_gateway = SIN_ADDR(old_def_rt.rt_gateway); -+ if (old_gateway != gateway) { -+ if (!replace) { -+ error("not replacing default route to %s [%I]", -+ old_def_rt.rt_dev, old_gateway); -+ return 0; -+ } else { -+ // we need to copy rt_dev because we need it permanent too: -+ char * tmp_dev = malloc(strlen(old_def_rt.rt_dev)+1); -+ strcpy(tmp_dev, old_def_rt.rt_dev); -+ old_def_rt.rt_dev = tmp_dev; -+ -+ notice("replacing old default route to %s [%I]", -+ old_def_rt.rt_dev, old_gateway); -+ default_rt_repl_rest = 1; -+ del_rt = &old_def_rt; -+ } -+ } - } - - memset (&rt, 0, sizeof (rt)); -@@ -1638,6 +1674,12 @@ - error("default route ioctl(SIOCADDRT): %m"); - return 0; - } -+ if (default_rt_repl_rest && del_rt) -+ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) { -+ if ( ! ok_error ( errno )) -+ error("del old default route ioctl(SIOCDELRT): %m(%d)", errno); -+ return 0; -+ } - - have_default_route = 1; - return 1; -@@ -1673,6 +1715,16 @@ - return 0; - } - } -+ if (default_rt_repl_rest) { -+ notice("restoring old default route to %s [%I]", -+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); -+ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) { -+ if ( ! ok_error ( errno )) -+ error("restore default route ioctl(SIOCADDRT): %m(%d)", errno); -+ return 0; -+ } -+ default_rt_repl_rest = 0; -+ } - - return 1; - } diff --git a/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch b/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch index c9edb30597..c5a0be86f5 100644 --- a/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch +++ b/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch @@ -3,6 +3,7 @@ ppp: Buffer overflow in radius plugin From: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;bug=782450 Upstream-Status: Backport +CVE: CVE-2015-3310 On systems with more than 65535 processes running, pppd aborts when sending a "start" accounting message to the RADIUS server because of a diff --git a/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch b/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch index d59717ebd3..614a474c37 100644 --- a/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch +++ b/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch @@ -1,3 +1,8 @@ +From 505705d0e1b55ce3fdc10d0e5eab5488f869adb6 Mon Sep 17 00:00:00 2001 +From: Andreas Oberritter <obi@opendreambox.org> +Date: Thu, 1 Jul 2010 14:34:12 +0800 +Subject: [PATCH] ppp: Upgraded to version 2.4.5 + The patch comes from OpenEmbedded. Rebased for ppp-2.4.5. Dongxiao Xu <dongxiao.xu@intel.com> @@ -6,23 +11,15 @@ Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Upstream-Status: Inappropriate [configuration] -diff -urN ppp-2.4.5-orig/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux ---- ppp-2.4.5-orig/pppd/Makefile.linux 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/Makefile.linux 2010-06-30 17:08:21.806363042 +0800 -@@ -117,10 +117,10 @@ - #LIBS += -lshadow $(LIBS) - endif - --ifneq ($(wildcard /usr/include/crypt.h),) -+#ifneq ($(wildcard /usr/include/crypt.h),) - CFLAGS += -DHAVE_CRYPT_H=1 - LIBS += -lcrypt --endif -+#endif - - ifdef NEEDDES - ifndef USE_CRYPT -@@ -169,10 +169,10 @@ +--- + pppd/Makefile.linux | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux +index 4e485a1..44c4193 100644 +--- a/pppd/Makefile.linux ++++ b/pppd/Makefile.linux +@@ -188,10 +188,10 @@ LIBS += -ldl endif ifdef FILTER diff --git a/meta/recipes-connectivity/ppp/ppp/makefile.patch b/meta/recipes-connectivity/ppp/ppp/makefile.patch index 2d09baf5d0..25b8ded441 100644 --- a/meta/recipes-connectivity/ppp/ppp/makefile.patch +++ b/meta/recipes-connectivity/ppp/ppp/makefile.patch @@ -1,12 +1,27 @@ +From f7fb1d1abfa6d208fb40fca1602e0c488108f1b5 Mon Sep 17 00:00:00 2001 +From: Richard Purdie <richard@openedhand.com> +Date: Wed, 31 Aug 2005 10:45:47 +0000 +Subject: [PATCH] Initial population + The patch comes from OpenEmbedded Rebased for ppp-2.4.5. Dongxiao Xu <dongxiao.xu@intel.com> Upstream-Status: Inappropriate [configuration] -diff -ruN ppp-2.4.5-orig/chat/Makefile.linux ppp-2.4.5/chat/Makefile.linux ---- ppp-2.4.5-orig/chat/Makefile.linux 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/chat/Makefile.linux 2010-06-30 15:51:30.450118446 +0800 -@@ -25,7 +25,7 @@ +--- + chat/Makefile.linux | 2 +- + pppd/Makefile.linux | 4 ++-- + pppd/plugins/radius/Makefile.linux | 10 +++++----- + pppd/plugins/rp-pppoe/Makefile.linux | 4 ++-- + pppdump/Makefile.linux | 2 +- + pppstats/Makefile.linux | 2 +- + 6 files changed, 12 insertions(+), 12 deletions(-) + +diff --git a/chat/Makefile.linux b/chat/Makefile.linux +index 0732ec8..f082dab 100644 +--- a/chat/Makefile.linux ++++ b/chat/Makefile.linux +@@ -25,7 +25,7 @@ chat.o: chat.c install: chat mkdir -p $(BINDIR) $(MANDIR) @@ -15,10 +30,11 @@ diff -ruN ppp-2.4.5-orig/chat/Makefile.linux ppp-2.4.5/chat/Makefile.linux $(INSTALL) -c -m 644 chat.8 $(MANDIR) clean: -diff -ruN ppp-2.4.5-orig/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux ---- ppp-2.4.5-orig/pppd/Makefile.linux 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/Makefile.linux 2010-06-30 15:52:11.214170607 +0800 -@@ -99,7 +99,7 @@ +diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux +index 9664f70..4e485a1 100644 +--- a/pppd/Makefile.linux ++++ b/pppd/Makefile.linux +@@ -107,7 +107,7 @@ ifdef USE_SRP CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto TARGETS += srp-entry @@ -27,7 +43,7 @@ diff -ruN ppp-2.4.5-orig/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux MANPAGES += srp-entry.8 EXTRACLEAN += srp-entry.o NEEDDES=y -@@ -200,7 +200,7 @@ +@@ -219,7 +219,7 @@ all: $(TARGETS) install: pppd mkdir -p $(BINDIR) $(MANDIR) $(EXTRAINSTALL) @@ -36,10 +52,11 @@ diff -ruN ppp-2.4.5-orig/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \ chmod o-rx,u+s $(BINDIR)/pppd; fi $(INSTALL) -c -m 444 pppd.8 $(MANDIR) -diff -ruN ppp-2.4.5-orig/pppd/plugins/radius/Makefile.linux ppp-2.4.5/pppd/plugins/radius/Makefile.linux ---- ppp-2.4.5-orig/pppd/plugins/radius/Makefile.linux 2010-06-30 15:51:12.047676187 +0800 -+++ ppp-2.4.5/pppd/plugins/radius/Makefile.linux 2010-06-30 15:53:47.750182267 +0800 -@@ -36,11 +36,11 @@ +diff --git a/pppd/plugins/radius/Makefile.linux b/pppd/plugins/radius/Makefile.linux +index e702263..af57ae3 100644 +--- a/pppd/plugins/radius/Makefile.linux ++++ b/pppd/plugins/radius/Makefile.linux +@@ -36,11 +36,11 @@ all: $(PLUGIN) install: all $(INSTALL) -d -m 755 $(LIBDIR) @@ -55,11 +72,12 @@ diff -ruN ppp-2.4.5-orig/pppd/plugins/radius/Makefile.linux ppp-2.4.5/pppd/plugi + $(INSTALL) -m 444 pppd-radattr.8 $(MANDIR) radius.so: radius.o libradiusclient.a - $(CC) -o radius.so -shared radius.o libradiusclient.a -diff -ruN ppp-2.4.5-orig/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.5/pppd/plugins/rp-pppoe/Makefile.linux ---- ppp-2.4.5-orig/pppd/plugins/rp-pppoe/Makefile.linux 2010-06-30 15:51:12.047676187 +0800 -+++ ppp-2.4.5/pppd/plugins/rp-pppoe/Makefile.linux 2010-06-30 15:53:15.454486877 +0800 -@@ -43,9 +43,9 @@ + $(CC) $(LDFLAGS) -o radius.so -shared radius.o libradiusclient.a +diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux +index 749ccc2..2c93f4a 100644 +--- a/pppd/plugins/rp-pppoe/Makefile.linux ++++ b/pppd/plugins/rp-pppoe/Makefile.linux +@@ -43,9 +43,9 @@ rp-pppoe.so: plugin.o discovery.o if.o common.o install: all $(INSTALL) -d -m 755 $(LIBDIR) @@ -71,20 +89,22 @@ diff -ruN ppp-2.4.5-orig/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.5/pppd/plu clean: rm -f *.o *.so pppoe-discovery -diff -ruN ppp-2.4.5-orig/pppdump/Makefile.linux ppp-2.4.5/pppdump/Makefile.linux ---- ppp-2.4.5-orig/pppdump/Makefile.linux 2010-06-30 15:51:12.058183383 +0800 -+++ ppp-2.4.5/pppdump/Makefile.linux 2010-06-30 15:52:25.762183537 +0800 -@@ -17,5 +17,5 @@ +diff --git a/pppdump/Makefile.linux b/pppdump/Makefile.linux +index cdf7ac4..0457561 100644 +--- a/pppdump/Makefile.linux ++++ b/pppdump/Makefile.linux +@@ -17,5 +17,5 @@ clean: install: mkdir -p $(BINDIR) $(MANDIR) - $(INSTALL) -s -c pppdump $(BINDIR) + $(INSTALL) -c pppdump $(BINDIR) $(INSTALL) -c -m 444 pppdump.8 $(MANDIR) -diff -ruN ppp-2.4.5-orig/pppstats/Makefile.linux ppp-2.4.5/pppstats/Makefile.linux ---- ppp-2.4.5-orig/pppstats/Makefile.linux 2010-06-30 15:51:12.058183383 +0800 -+++ ppp-2.4.5/pppstats/Makefile.linux 2010-06-30 15:52:42.486341081 +0800 -@@ -22,7 +22,7 @@ +diff --git a/pppstats/Makefile.linux b/pppstats/Makefile.linux +index 71afbe6..1819370 100644 +--- a/pppstats/Makefile.linux ++++ b/pppstats/Makefile.linux +@@ -22,7 +22,7 @@ all: pppstats install: pppstats -mkdir -p $(MANDIR) diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/meta/recipes-connectivity/ppp/ppp_2.4.8.bb index adc38e10b4..f9c60d6bad 100644 --- a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb +++ b/meta/recipes-connectivity/ppp/ppp_2.4.8.bb @@ -4,16 +4,15 @@ the Point-to-Point Protocol (PPP) on Linux and Solaris systems." SECTION = "console/network" HOMEPAGE = "http://samba.org/ppp/" BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs" -DEPENDS = "libpcap" +DEPENDS = "libpcap openssl virtual/crypt" LICENSE = "BSD & GPLv2+ & LGPLv2+ & PD" LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \ file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \ file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 \ file://chat/chat.c;beginline=1;endline=15;md5=0d374b8545ee5c62d7aff1acbd38add2" -SRC_URI = "http://ppp.samba.org/ftp/ppp/ppp-${PV}.tar.gz \ +SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \ file://makefile.patch \ - file://cifdefroute.patch \ file://pppd-resolv-varrun.patch \ file://makefile-remove-hard-usr-reference.patch \ file://pon \ @@ -27,13 +26,17 @@ SRC_URI = "http://ppp.samba.org/ftp/ppp/ppp-${PV}.tar.gz \ file://pap \ file://ppp_on_boot \ file://provider \ - file://0001-ppp-Fix-compilation-errors-in-Makefile.patch \ file://ppp@.service \ file://fix-CVE-2015-3310.patch \ -" + file://0001-ppp-Remove-unneeded-include.patch \ + file://0001-pppd-Fix-bounds-check-in-EAP-code.patch \ + " -SRC_URI[md5sum] = "78818f40e6d33a1d1de68a1551f6595a" -SRC_URI[sha256sum] = "02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30" +SRC_URI_append_libc-musl = "\ + file://0001-Fix-build-with-musl.patch \ +" +SRC_URI[md5sum] = "2ca8342b9804be15103fd3f687af701c" +SRC_URI[sha256sum] = "f6bf89beae26b2943dff8f1003533d6a5a4909a0fa6edfbec44fe039bbe61bc6" inherit autotools-brokensep systemd @@ -44,7 +47,7 @@ EXTRA_OECONF = "--disable-strip" # Package Makefile computes CFLAGS, referencing COPTS. # Typically hard-coded to '-O2 -g' in the Makefile's. # -EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${S}/include"' +EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${STAGING_INCDIR}/openssl -I${S}/include"' do_configure () { oe_runconf @@ -75,10 +78,13 @@ do_install_append () { chmod u+s ${D}${sbindir}/pppd } +do_install_append_libc-musl () { + install -Dm 0644 ${S}/include/net/ppp_defs.h ${D}${includedir}/net/ppp_defs.h +} + CONFFILES_${PN} = "${sysconfdir}/ppp/pap-secrets ${sysconfdir}/ppp/chap-secrets ${sysconfdir}/ppp/options" PACKAGES =+ "${PN}-oa ${PN}-oe ${PN}-radius ${PN}-winbind ${PN}-minconn ${PN}-password ${PN}-l2tp ${PN}-tools" FILES_${PN} = "${sysconfdir} ${bindir} ${sbindir}/chat ${sbindir}/pppd ${systemd_unitdir}/system/ppp@.service" -FILES_${PN}-dbg += "${libdir}/pppd/${PV}/.debug" FILES_${PN}-oa = "${libdir}/pppd/${PV}/pppoatm.so" FILES_${PN}-oe = "${sbindir}/pppoe-discovery ${libdir}/pppd/${PV}/rp-pppoe.so" FILES_${PN}-radius = "${libdir}/pppd/${PV}/radius.so ${libdir}/pppd/${PV}/radattr.so ${libdir}/pppd/${PV}/radrealms.so" |