mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-10 11:05:54 +02:00
0cd9215b56
This is the first ppp release for years, and the project appears to have a different maintainer (team?) by now. As a result, some of our patches are no longer necessary as they made it into upstream, while others need to be adjusted slightly. In addition, their configure script does not handle commas in CFLAGS properly, which is why the delimiter for the 'sed' call in it has to be changed to something neither appearing in a path nor in our CLFAGS set. The full changelog of this release can be retrieved from https://ppp.samba.org/README.html and says: * Support for new EAP (Extensible Authentication Protocol) methods: - Support for EAP-TLS, from Jan Just Keijser and others - Support for EAP-MSCHAPv2, from Eivind Næss, Thomas Omerzu, Tijs Van Buggenhout and others * New pppd options: - chap-timeout - chapms-strip-domain - replacedefaultroute - noreplacedefaultroute - ipv6cp-accept-remote - lcp-echo-adaptive - ip-up-script - ip-down-script - ca - capath - cert - key - crl-dir - crl - max-tls-version - need-peer-eap * Fixes for CVE-2020-8597 and CVE-2015-3310. * libpcap is now required when compiling on Linux (previously, if libpcap was not present, pppd would be compiled without packet filtering support). * The rp-pppoe plugin has been renamed to pppoe, to distinguish it from the upstream rp-pppoe code. Its options have changed names, but the old names are kept as aliases. * The configure script now supports cross-compilation. * Many bug fixes and cleanups. Thanks to Michael for his hint on the ./configure CFLAGS issue. The second version of this patch correctly updates the src/patches/ppp/0013-everywhere-O_CLOEXEC-harder.patch patch for the second hunk in pppd/main.c, where socket permissions have been changed meanwhile. Further, it has been successfully tested against a VDSL 100 line in Germany, using PAP to Easybell via 1&1 L2 BSA. No connectivity issues or other anomalies have been observed so far. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
99 lines
4.3 KiB
Plaintext
99 lines
4.3 KiB
Plaintext
###############################################################################
|
|
# #
|
|
# IPFire.org - A linux based firewall #
|
|
# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
|
|
# #
|
|
# This program is free software: you can redistribute it and/or modify #
|
|
# it under the terms of the GNU General Public License as published by #
|
|
# the Free Software Foundation, either version 3 of the License, or #
|
|
# (at your option) any later version. #
|
|
# #
|
|
# This program is distributed in the hope that it will be useful, #
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
|
|
# GNU General Public License for more details. #
|
|
# #
|
|
# You should have received a copy of the GNU General Public License #
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
|
|
# #
|
|
###############################################################################
|
|
|
|
###############################################################################
|
|
# Definitions
|
|
###############################################################################
|
|
|
|
include Config
|
|
|
|
VER = 2.4.9
|
|
|
|
THISAPP = ppp-$(VER)
|
|
DL_FILE = $(THISAPP).tar.gz
|
|
DL_FROM = $(URL_IPFIRE)
|
|
DIR_APP = $(DIR_SRC)/$(THISAPP)
|
|
TARGET = $(DIR_INFO)/$(THISAPP)
|
|
|
|
CFLAGS += -fno-strict-aliasing
|
|
|
|
###############################################################################
|
|
# Top-level Rules
|
|
###############################################################################
|
|
|
|
objects = $(DL_FILE)
|
|
|
|
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
|
|
|
|
$(DL_FILE)_MD5 = f605d021b586fc26e35c6a54fd84b65f
|
|
|
|
install : $(TARGET)
|
|
|
|
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
|
|
|
|
download :$(patsubst %,$(DIR_DL)/%,$(objects))
|
|
|
|
md5 : $(subst %,%_MD5,$(objects))
|
|
|
|
###############################################################################
|
|
# Downloading, checking, md5sum
|
|
###############################################################################
|
|
|
|
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
|
|
@$(CHECK)
|
|
|
|
$(patsubst %,$(DIR_DL)/%,$(objects)) :
|
|
@$(LOAD)
|
|
|
|
$(subst %,%_MD5,$(objects)) :
|
|
@$(MD5)
|
|
|
|
###############################################################################
|
|
# Installation Details
|
|
###############################################################################
|
|
|
|
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
|
|
@$(PREBUILD)
|
|
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
|
|
cd $(DIR_APP) && rm -f include/pcap-int.h include/linux/if_pppol2tp.h
|
|
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ppp/0012-pppd-we-don-t-want-to-accidentally-leak-fds.patch
|
|
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ppp/0013-everywhere-O_CLOEXEC-harder.patch
|
|
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ppp/0014-everywhere-use-SOCK_CLOEXEC-when-creating-socket.patch
|
|
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ppp/ppp-2.4.6-increase-max-padi-attempts.patch
|
|
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ppp/ppp-2.4.7-headers_4.9.patch
|
|
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ppp/ppp-2.4.9-patch-configure-to-handle-cflags-properly.patch
|
|
cd $(DIR_APP) && sed -i -e "s+/etc/ppp/connect-errors+/var/log/connect-errors+" pppd/pathnames.h
|
|
cd $(DIR_APP) && ./configure --prefix=/usr --cc="gcc" --cflags="$(CFLAGS)" --disable-nls
|
|
cd $(DIR_APP) && make $(MAKETUNING)
|
|
cd $(DIR_APP) && make install
|
|
cd $(DIR_APP) && make install-etcppp
|
|
touch /var/log/connect-errors
|
|
-mkdir -p /etc/ppp
|
|
for i in $(DIR_SRC)/src/ppp/* ; do \
|
|
if [ -f $$i ]; then \
|
|
sed 's%CONFIG_ROOT%$(CONFIG_ROOT)%g' $$i > /etc/ppp/`basename $$i`; \
|
|
fi; \
|
|
done
|
|
chmod 755 /etc/ppp/{dialer,ip-up,ip-down}
|
|
ln -sf $(CONFIG_ROOT)/ppp/secrets /etc/ppp/pap-secrets
|
|
ln -sf $(CONFIG_ROOT)/ppp/secrets /etc/ppp/chap-secrets
|
|
@rm -rf $(DIR_APP)
|
|
@$(POSTBUILD)
|