These are needed by pppd, but were not previously shipped as such.
Instead, since their parent directory at /usr/lib/pppd/${version}/ was
not commented out, we implicitly shipped the entire directory.
This patch does not change our behaviour in the end, but makes things
more transparent to developers.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is the first ppp release for years, and the project appears to have
a different maintainer (team?) by now. As a result, some of our patches
are no longer necessary as they made it into upstream, while others need
to be adjusted slightly.
In addition, their configure script does not handle commas in CFLAGS
properly, which is why the delimiter for the 'sed' call in it has to be
changed to something neither appearing in a path nor in our CLFAGS set.
The full changelog of this release can be retrieved from
https://ppp.samba.org/README.html and says:
* Support for new EAP (Extensible Authentication Protocol) methods:
- Support for EAP-TLS, from Jan Just Keijser and others
- Support for EAP-MSCHAPv2, from Eivind Næss, Thomas Omerzu, Tijs
Van Buggenhout and others
* New pppd options:
- chap-timeout
- chapms-strip-domain
- replacedefaultroute
- noreplacedefaultroute
- ipv6cp-accept-remote
- lcp-echo-adaptive
- ip-up-script
- ip-down-script
- ca
- capath
- cert
- key
- crl-dir
- crl
- max-tls-version
- need-peer-eap
* Fixes for CVE-2020-8597 and CVE-2015-3310.
* libpcap is now required when compiling on Linux (previously, if
libpcap was not present, pppd would be compiled without packet
filtering support).
* The rp-pppoe plugin has been renamed to pppoe, to distinguish it
from the upstream rp-pppoe code. Its options have changed names,
but the old names are kept as aliases.
* The configure script now supports cross-compilation.
* Many bug fixes and cleanups.
Thanks to Michael for his hint on the ./configure CFLAGS issue.
The second version of this patch correctly updates the
src/patches/ppp/0013-everywhere-O_CLOEXEC-harder.patch patch for the
second hunk in pppd/main.c, where socket permissions have been changed
meanwhile.
Further, it has been successfully tested against a VDSL 100 line in
Germany, using PAP to Easybell via 1&1 L2 BSA. No connectivity issues or
other anomalies have been observed so far.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
