diff options
22 files changed, 1255 insertions, 0 deletions
diff --git a/net-dialup/openl2tp/Manifest b/net-dialup/openl2tp/Manifest new file mode 100644 index 000000000000..028a7dc26b0c --- /dev/null +++ b/net-dialup/openl2tp/Manifest @@ -0,0 +1 @@ +DIST openl2tp-1.8.tar.gz 491160 BLAKE2B 70c78cd4d7daba600f9a9115025acb38b82adc0a04bbf6e9d46daebf2c7c37cc8fe9df6fa7157a05525e998063f5200a85893bb5b33dbe3e66ca7b6a4d2c7972 SHA512 360f9032b2bb104cfaa41a18fc37005510ab604b31a34a3412563e0de3e8dad946ca61840cd41a19f0202d92d758d812f45479659c9fa4d4e9e13dd226f03fda diff --git a/net-dialup/openl2tp/files/examples/client.openl2tpd.conf b/net-dialup/openl2tp/files/examples/client.openl2tpd.conf new file mode 100644 index 000000000000..6ead75a6296b --- /dev/null +++ b/net-dialup/openl2tp/files/examples/client.openl2tpd.conf @@ -0,0 +1,30 @@ +system modify \ + deny_remote_tunnel_creates=yes \ + tunnel_establish_timeout=60 \ + session_establish_timeout=0 \ + tunnel_persist_pend_timeout=60 \ + session_persist_pend_timeout=60 + +ppp profile modify \ + profile_name=default \ + mtu=1460 \ + mru=1460 \ + auth_peer=no \ + auth_pap=no \ + auth_eap=no \ + auth_mschapv1=no \ + lcp_echo_interval=10 \ + lcp_echo_failure_count=3 \ + default_route=yes + +tunnel create \ + tunnel_name=campus \ + dest_ipaddr=my.l2tp.provider \ + use_udp_checksums=off \ + persist=yes + +session create \ + tunnel_name=campus \ + session_name=campus \ + use_sequence_numbers=no \ + user_name=my_user_name diff --git a/net-dialup/openl2tp/files/examples/server-radius.openl2tpd.conf b/net-dialup/openl2tp/files/examples/server-radius.openl2tpd.conf new file mode 100644 index 000000000000..e666fdec6106 --- /dev/null +++ b/net-dialup/openl2tp/files/examples/server-radius.openl2tpd.conf @@ -0,0 +1,28 @@ +ppp profile modify \ + profile_name=default \ + local_ipaddr=10.7.2.16 \ + auth_eap=no \ + auth_mschapv1=yes \ + auth_mschapv2=yes \ + use_radius=yes \ + ipcp_retransmit_interval=1 \ + lcp_retransmit_interval=1 \ + lcp_echo_interval=5 \ + chap_max_challenge=3 \ + chap_restart=1 \ + idle_timeout=0 \ + max_connect_time=0 \ + mtu=1460 \ + mru=1460 \ + radius_hint=/etc/radiusclient/radiusclient.conf + +tunnel profile modify \ + profile_name=default \ + src_ipaddr=10.50.0.16 \ + retry_timeout=1 \ + use_udp_checksums=no \ + our_udp_port=1701 + +session profile modify \ + profile_name=default \ + use_sequence_numbers=no diff --git a/net-dialup/openl2tp/files/examples/server.openl2tpd.conf b/net-dialup/openl2tp/files/examples/server.openl2tpd.conf new file mode 100644 index 000000000000..e960e14e1a33 --- /dev/null +++ b/net-dialup/openl2tp/files/examples/server.openl2tpd.conf @@ -0,0 +1,36 @@ +system modify \
+ deny_remote_tunnel_creates=no \
+ tunnel_establish_timeout=60 \
+ session_establish_timeout=0 \
+ tunnel_persist_pend_timeout=60 \
+ session_persist_pend_timeout=60
+
+ppp profile modify profile_name=default \
+ optionsfile=/etc/ppp/options.openl2tpd \
+ local_ipaddr=172.16.17.1 \
+ lcp_echo_interval=10 \
+ lcp_echo_failure_count=3 \
+ auth_eap=no \
+ auth_pap=no \
+ auth_none=no \
+ auth_chap=yes \
+ auth_mschapv1=no \
+ auth_mschapv2=yes
+
+session profile create profile_name=peer1 \
+ ppp_profile_name=peer1
+
+ppp profile create profile_name=peer1 \
+ optionsfile=/etc/ppp/options.openl2tpd \
+ auth_none=no \
+ auth_pap=no \
+ auth_chap=yes \
+ auth_mschapv1=no \
+ auth_mschapv2=yes \
+ auth_peer=no \
+ dns_ipaddr_pri=172.16.17.1 \
+ local_ipaddr=172.16.17.1 \
+ remote_ipaddr=172.16.17.6 # ipaddr of peer1
+
+tunnel profile modify profile_name=default \
+ our_udp_port=1701
diff --git a/net-dialup/openl2tp/files/examples/server.options.openl2tpd b/net-dialup/openl2tp/files/examples/server.options.openl2tpd new file mode 100644 index 000000000000..411956fab1ac --- /dev/null +++ b/net-dialup/openl2tp/files/examples/server.options.openl2tpd @@ -0,0 +1,23 @@ +# usually placed at /etc/ppp/options.openl2tpd
+name host
+auth
+plugin pppol2tp.so
+refuse-mschap
+require-mschap-v2
+hide-password
+ipcp-accept-local
+ipcp-accept-remote
+lcp-echo-interval 15
+lcp-echo-failure 4
+ms-dns 172.16.17.1
+netmask 255.255.255.0
+nodefaultroute
+proxyarp
+crtscts
+noccp
+nobsdcomp
+nodeflate
+noaccomp
+nopcomp
+novj
+lock
diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-cflags.patch b/net-dialup/openl2tp/files/openl2tp-1.8-cflags.patch new file mode 100644 index 000000000000..fe8825766ea9 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-cflags.patch @@ -0,0 +1,34 @@ +diff -Naurd openl2tp-1.8.orig/Makefile openl2tp-1.8/Makefile +--- openl2tp-1.8.orig/Makefile 2018-07-03 04:59:51.000000000 +0900 ++++ openl2tp-1.8/Makefile 2018-07-03 05:00:44.133460163 +0900 +@@ -155,24 +155,23 @@ + endif + + CPPFLAGS= $(CPPFLAGS.l2tptest) $(CPPFLAGS-y) +-CFLAGS= -I. -Iusl -Icli -isystem include \ ++CFLAGS+= -I. -Iusl -Icli -isystem include \ + -MMD -Wall -Wno-strict-aliasing \ + $(CPPFLAGS) $(CPPFLAGS.dmalloc) \ + -DSYS_LIBDIR=$(SYS_LIBDIR) + LDFLAGS.l2tpd= -Wl,-E -L. -Lusl -lusl -ldl $(LIBS.dmalloc) -lc + LDFLAGS.l2tpconfig= -Lcli -lcli -lreadline $(LIBS.dmalloc) $(READLINE_LDFLAGS) -lc + +-OPT_CFLAGS?= -O +- + ifeq ($(L2TP_DEBUG),y) +-CFLAGS.optimize= -g +-CFLAGS.optimize+= -DDEBUG ++CFLAGS.opt= -g ++CFLAGS.opt+= -DDEBUG + else +-CFLAGS.optimize= $(OPT_CFLAGS) ++CFLAGS.opt= $(OPT_CFLAGS) + endif ++CFLAGS.optimize= $(CFLAGS) $(CFLAGS.opt) + export CFLAGS.optimize + +-CFLAGS+= $(CFLAGS.optimize) ++CFLAGS+= $(CFLAGS.opt) + + ifeq ($(L2TP_USE_ASYNC_RPC),y) + CPPFLAGS+= -DL2TP_ASYNC_RPC diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-clientip_as_ipparam.patch b/net-dialup/openl2tp/files/openl2tp-1.8-clientip_as_ipparam.patch new file mode 100644 index 000000000000..fcea3d110f59 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-clientip_as_ipparam.patch @@ -0,0 +1,217 @@ +diff -brau openl2tp-1.8.o/doc/openl2tp_rpc.4 openl2tp-1.8/doc/openl2tp_rpc.4 +--- openl2tp-1.8.o/doc/openl2tp_rpc.4 2011-06-04 10:02:34.000000000 +0200 ++++ openl2tp-1.8/doc/openl2tp_rpc.4 2011-06-04 21:17:22.000000000 +0200 +@@ -719,6 +719,10 @@ + .B chap_restart + Retransmission timeout for CHAP challenges. Default=3. + .TP ++.B clientip_as_ipparam ++Whether or not to pass the remote client ip (connecting IP) as ipparam to pppd ++(similar to to pptpd). ++.TP + .B pap_max_auth_reqs + Maximum number of PAP authenticate-request transmissions. Default=10. + .TP +diff -brau openl2tp-1.8.o/l2tp_common.c openl2tp-1.8/l2tp_common.c +--- openl2tp-1.8.o/l2tp_common.c 2011-06-04 21:00:45.000000000 +0200 ++++ openl2tp-1.8/l2tp_common.c 2011-06-04 21:19:46.000000000 +0200 +@@ -931,6 +931,7 @@ + if (OPTSTRING_PTR(pp->remote_name) != NULL) { + len += fprintf(file, " remote name for authentication: %s\n", OPTSTRING(pp->remote_name)); + } ++ len += fprintf(file, " clientip as ipparam: %s\n", pp->clientip_as_ipparam ? "YES" : "NO"); + len += fprintf(file, " max connect time: %d, max failure count: %d, idle timeout: %d\n", + pp->max_connect_time, pp->max_failure_count, pp->idle_timeout); + if (pp->asyncmap != 0) { +diff -brau openl2tp-1.8.o/l2tp_config.c openl2tp-1.8/l2tp_config.c +--- openl2tp-1.8.o/l2tp_config.c 2011-06-04 11:43:03.000000000 +0200 ++++ openl2tp-1.8/l2tp_config.c 2011-06-04 21:30:48.000000000 +0200 +@@ -3124,6 +3124,7 @@ + L2TP_PPP_ARGID_REMOTE_NAME, + L2TP_PPP_ARGID_PROXY_ARP, + L2TP_PPP_ARGID_OPTIONSFILE, ++ L2TP_PPP_ARGID_CLIENTIP_AS_IPPARAM, + } l2tp_ppp_arg_ids_t; + + #undef ARG +@@ -3189,7 +3190,8 @@ + ARG(USE_AS_DEFAULT_ROUTE, "default_route", 0, bool, "Use link as default route"), \ + ARG(MULTILINK, "multilink", 0, bool, "Enable PPP multilink connections."), \ + ARG(PROXY_ARP, "proxy_arp", 0, bool, "Use proxy arp."), \ +- ARG(OPTIONSFILE, "optionsfile", 0, string, "ppp options file to use") ++ ARG(OPTIONSFILE, "optionsfile", 0, string, "ppp options file to use"), \ ++ ARG(CLIENTIP_AS_IPPARAM, "clientip_as_ipparam", 0, bool, "Pass the connecting client's IP as ipparam to pppd.") + + + static struct cli_arg_entry l2tp_args_ppp_profile_create[] = { +@@ -3270,6 +3272,7 @@ + FLG(MULTILINK, "multilink", "Enable PPP multilink connections."), \ + FLG(PROXY_ARP, "proxy_arp", "Use proxy arp."), + FLG(OPTIONSFILE, "optionsfile", "ppp options file to use"), ++ FLG(CLIENTIP_AS_IPPARAM, "clientip_as_ipparam", "Pass the connecting client's IP as ipparam to pppd."), + { NULL, }, + }; + +@@ -3500,6 +3503,9 @@ + msg->optionsfile.valid = 1; + msg->flags2 |= L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE; + break; ++ case L2TP_PPP_ARGID_CLIENTIP_AS_IPPARAM: ++ L2TP_ACT_PARSE_ARG(arg, arg_value, msg->clientip_as_ipparam, msg->flags2, L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM); ++ break; + } + + result = 0; +@@ -3871,6 +3877,9 @@ + case L2TP_PPP_ARGID_OPTIONSFILE: + msg.flags2 |= L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE; + break; ++ case L2TP_PPP_ARGID_CLIENTIP_AS_IPPARAM: ++ msg.flags2 |= L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM; ++ break; + } + } L2TP_ACT_END(); + +@@ -4883,6 +4892,7 @@ + L2TP_API_PPP_PROFILE_FLAG_REMOTE_NAME | + L2TP_API_PPP_PROFILE_FLAG_PROXY_ARP | + L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE | ++ L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM | + L2TP_API_PPP_PROFILE_FLAG_AUTH_NONE | + L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_EAP | + L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_MSCHAPV2 | +@@ -5047,6 +5057,9 @@ + if ((cfg->flags2 & L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE) && (OPTSTRING_PTR(cfg->optionsfile) != NULL)) { + fprintf(file, "\toptionsfile=%s \\\n", OPTSTRING_PTR(cfg->optionsfile)); + } ++ if (cfg->flags2 & L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM) { ++ fprintf(file, "\tclientip_as_ipparam=%s \\\n", Y_OR_N(cfg->clientip_as_ipparam)); ++ } + fprintf(file, "\n"); + } + } +diff -brau openl2tp-1.8.o/l2tp_config_parse.y openl2tp-1.8/l2tp_config_parse.y +--- openl2tp-1.8.o/l2tp_config_parse.y 2011-06-04 11:11:42.000000000 +0200 ++++ openl2tp-1.8/l2tp_config_parse.y 2011-06-04 21:34:04.000000000 +0200 +@@ -155,6 +155,7 @@ + %token BOOL + %token IPADDRESS + %token OPTIONSFILE ++%token CLIENTIP_AS_IPPARAM + + %token INITIAL_RCVD_LCP_CONFREQ + %token CALLING_NUMBER +@@ -1180,6 +1181,11 @@ + OPTSTRING(ppp_profile.optionsfile) = $3.buf; + ppp_profile.optionsfile.valid = 1; + } ++ | CLIENTIP_AS_IPPARAM EQUALS BOOL ++ { ++ ppp_profile.flags2 |= L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM; ++ ppp_profile.clientip_as_ipparam = $3; ++ } + ; + + tunnel_command +diff -brau openl2tp-1.8.o/l2tp_config_token.l openl2tp-1.8/l2tp_config_token.l +--- openl2tp-1.8.o/l2tp_config_token.l 2011-06-04 11:08:31.000000000 +0200 ++++ openl2tp-1.8/l2tp_config_token.l 2011-06-04 21:34:50.000000000 +0200 +@@ -192,6 +192,7 @@ + auth_none { return(AUTH_NOAUTH); } + auth_peer { return(AUTH_PEER); } + optionsfile { return(OPTIONSFILE); } ++clientip_as_ipparam { return(CLIENTIP_AS_IPPARAM); } + + {ws} { } + {linecont} { lineno++; } +diff -brau openl2tp-1.8.o/l2tp_ppp.c openl2tp-1.8/l2tp_ppp.c +--- openl2tp-1.8.o/l2tp_ppp.c 2011-06-04 16:08:25.000000000 +0200 ++++ openl2tp-1.8/l2tp_ppp.c 2011-06-04 21:42:37.000000000 +0200 +@@ -71,6 +71,7 @@ + int auth_refuse_mschapv2:1; + int auth_refuse_eap:1; + char *optionsfile; ++ int clientip_as_ipparam; + }; + + static struct l2tp_ppp_profile *l2tp_ppp_defaults; +@@ -245,6 +246,9 @@ + if (msg->flags2 & L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE) { + L2TP_SET_OPTSTRING_VAR(profile, optionsfile); + } ++ if (msg->flags2 & L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM) { ++ profile->clientip_as_ipparam = msg->clientip_as_ipparam; ++ } + + out: + return result; +@@ -294,6 +298,7 @@ + profile->chap_interval = l2tp_ppp_defaults->chap_interval; + profile->chap_max_challenge = l2tp_ppp_defaults->chap_max_challenge; + profile->chap_restart = l2tp_ppp_defaults->chap_restart; ++ profile->clientip_as_ipparam = l2tp_ppp_defaults->clientip_as_ipparam; + profile->pap_max_auth_requests = l2tp_ppp_defaults->pap_max_auth_requests; + profile->pap_restart_interval = l2tp_ppp_defaults->pap_restart_interval; + profile->pap_timeout = l2tp_ppp_defaults->pap_timeout; +@@ -553,6 +558,7 @@ + result->chap_interval = profile->chap_interval; + result->chap_max_challenge = profile->chap_max_challenge; + result->chap_restart = profile->chap_restart; ++ result->clientip_as_ipparam = profile->clientip_as_ipparam; + result->pap_max_auth_requests = profile->pap_max_auth_requests; + result->pap_restart_interval = profile->pap_restart_interval; + result->pap_timeout = profile->pap_timeout; +@@ -893,6 +899,9 @@ + } + profile->optionsfile = NULL; + } ++ if (msg.flags2 & L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM) { ++ profile->use_radius = L2TP_API_PPP_PROFILE_DEFAULT_CLIENTIP_AS_IPPARAM; ++ } + + /* Clear all requested flags */ + profile->flags &= ~(msg.flags); +diff -brau openl2tp-1.8.o/l2tp_rpc.x openl2tp-1.8/l2tp_rpc.x +--- openl2tp-1.8.o/l2tp_rpc.x 2011-06-04 11:06:08.000000000 +0200 ++++ openl2tp-1.8/l2tp_rpc.x 2011-06-04 21:45:00.000000000 +0200 +@@ -947,6 +947,7 @@ + const L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_PAP = 131072; + const L2TP_API_PPP_PROFILE_FLAG_AUTH_PEER = 262144; + const L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE = 524288; ++const L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM = 1048576; + + /* Default values for PPP profile attributes. + * These are used if an explicit value is not provided by the user. +@@ -995,6 +996,7 @@ + const L2TP_API_PPP_PROFILE_DEFAULT_MULTILINK = 0; + const L2TP_API_PPP_PROFILE_DEFAULT_PROXY_ARP = 0; + const L2TP_API_PPP_PROFILE_DEFAULT_OPTIONSFILE = ""; ++const L2TP_API_PPP_PROFILE_DEFAULT_CLIENTIP_AS_IPPARAM = 0; + + enum l2tp_api_ppp_sync_mode { + L2TP_API_PPP_SYNCMODE_SYNC_ASYNC, +@@ -1054,6 +1056,7 @@ + optstring remote_name; + bool proxy_arp; + optstring optionsfile; ++ bool clientip_as_ipparam; + }; + + struct l2tp_api_ppp_profile_list_entry { +diff -brau openl2tp-1.8.o/plugins/ppp_unix.c openl2tp-1.8/plugins/ppp_unix.c +--- openl2tp-1.8.o/plugins/ppp_unix.c 2011-06-04 14:41:43.000000000 +0200 ++++ openl2tp-1.8/plugins/ppp_unix.c 2011-06-04 22:11:54.000000000 +0200 +@@ -295,6 +295,13 @@ + argv[arg++] = "sync"; + } + ++ /* Check if we should pass ipparam */ ++ if (params->flags2 & L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM) { ++ argv[arg++] = "ipparam"; ++ ip.s_addr = l2tp_tunnel_get_peer_addr(ppp->tunnel)->sin_addr.s_addr; ++ argv[arg++] = strdup(inet_ntoa(ip)); ++ } ++ + /* ppp auth options */ + if ((params->flags2 & L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_EAP) && + params->auth_refuse_eap) { diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-configure-Makefile.patch b/net-dialup/openl2tp/files/openl2tp-1.8-configure-Makefile.patch new file mode 100644 index 000000000000..f840b2bea841 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-configure-Makefile.patch @@ -0,0 +1,58 @@ +--- openl2tp-1.8/Makefile.orig 2018-03-17 14:24:57.000000000 +0300 ++++ openl2tp-1.8/Makefile 2018-03-17 14:46:34.769800757 +0300 +@@ -1,26 +1,26 @@ + # BEGIN CONFIGURABLE SETTINGS + + # Compile-time features +-L2TP_FEATURE_LAC_SUPPORT= y +-L2TP_FEATURE_LNS_SUPPORT= y +-L2TP_FEATURE_RPC_MANAGEMENT= y +-L2TP_FEATURE_LAIC_SUPPORT= y +-L2TP_FEATURE_LAOC_SUPPORT= y +-L2TP_FEATURE_LNIC_SUPPORT= y +-L2TP_FEATURE_LNOC_SUPPORT= y ++L2TP_FEATURE_LAC_SUPPORT ?= y ++L2TP_FEATURE_LNS_SUPPORT ?= y ++L2TP_FEATURE_RPC_MANAGEMENT ?= y ++L2TP_FEATURE_LAIC_SUPPORT ?= y ++L2TP_FEATURE_LAOC_SUPPORT ?= y ++L2TP_FEATURE_LNIC_SUPPORT ?= y ++L2TP_FEATURE_LNOC_SUPPORT ?= y + L2TP_FEATURE_LOCAL_CONF_FILE= y +-#L2TP_FEATURE_LOCAL_STAT_FILE= y ++L2TP_FEATURE_LOCAL_STAT_FILE ?= n + + # Define USE_DMALLOC to enable dmalloc memory debugging +-# USE_DMALLOC= y ++USE_DMALLOC ?= n + + # Define to include test code. This must be defined to run the + # regression tests +-# L2TP_TEST= y ++L2TP_TEST ?= n + + # Define to compile in debug code. Also makes default trace flags + # enable all messages +-# L2TP_DEBUG= y ++L2TP_DEBUG ?= n + + # Use asynchronous RPC requests where appropriate + # Affects only L2TP-PPP-IPPOOL interfaces, not management interfaces. +@@ -99,12 +99,14 @@ + + # Build pppd dir only if ppp version is earlier than 2.4.5 since the + # openl2tp plugins were integrated in ppp-2.4.5. +-PPPD_SUBDIR=pppd +-ifeq ($(PPPD_VERSION),2.4.5) + PPPD_SUBDIR= ++ ++TEST= ++ifeq ($(L2TP_TEST),y) ++TEST=test + endif + +-SUBDIRS= usl cli plugins $(PPPD_SUBDIR) test doc ++SUBDIRS= usl cli plugins $(PPPD_SUBDIR) $(TEST) doc + + .PHONY: $(SUBDIRS:%=subdir-%) + diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-l2tpconfig.patch b/net-dialup/openl2tp/files/openl2tp-1.8-l2tpconfig.patch new file mode 100644 index 000000000000..bf1644c9a144 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-l2tpconfig.patch @@ -0,0 +1,15 @@ +diff -Naur openl2tp-1.7.man//Makefile openl2tp-1.7/Makefile +--- openl2tp-1.7.man//Makefile 2010-09-05 11:02:18.000000000 +0400 ++++ openl2tp-1.7/Makefile 2010-09-05 12:25:51.694863508 +0400 +@@ -314,9 +314,9 @@ + $(INSTALL) openl2tpd $(DESTDIR)/usr/sbin + + install-app: +- $(INSTALL) -d $(DESTDIR)/usr/bin ++ $(INSTALL) -d $(DESTDIR)/usr/sbin + ifeq ($(L2TP_FEATURE_RPC_MANAGEMENT),y) +- $(INSTALL) l2tpconfig $(DESTDIR)/usr/bin ++ $(INSTALL) -m 0500 l2tpconfig $(DESTDIR)/usr/sbin + endif + $(INSTALL) -d $(DESTDIR)$(SYS_LIBDIR)/openl2tp + $(INSTALL) -m 0644 l2tp_rpc.x $(DESTDIR)$(SYS_LIBDIR)/openl2tp/l2tp_rpc.x diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-ldflags.patch b/net-dialup/openl2tp/files/openl2tp-1.8-ldflags.patch new file mode 100644 index 000000000000..7d1efffae922 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-ldflags.patch @@ -0,0 +1,73 @@ +diff -Naur openl2tp-1.8.werror/Makefile openl2tp-1.8/Makefile +--- openl2tp-1.8.werror/Makefile 2010-11-28 17:18:02.000000000 +0300 ++++ openl2tp-1.8/Makefile 2010-11-28 17:22:27.950475976 +0300 +@@ -266,10 +266,10 @@ + etags $(wildcard *.c) $(wildcard *.h) + + openl2tpd: $(L2TPD_SRCS.o) +- $(CC) -o $@ $^ $(LDFLAGS.l2tpd) ++ $(CC) $(LDFLAGS) -o $@ $^ $(LDFLAGS.l2tpd) + + l2tpconfig: $(L2TPCONFIG_SRCS.o) +- $(CC) -o $@ $^ $(LDFLAGS.l2tpconfig) ++ $(CC) $(LDFLAGS) -o $@ $^ $(LDFLAGS.l2tpconfig) + + %.o: %.c + $(CC) -c $(CFLAGS) $< -o $@ +diff -Naur openl2tp-1.8.werror/cli/Makefile openl2tp-1.8/cli/Makefile +--- openl2tp-1.8.werror/cli/Makefile 2010-11-28 17:18:27.000000000 +0300 ++++ openl2tp-1.8/cli/Makefile 2010-11-28 17:22:27.950475976 +0300 +@@ -19,7 +19,7 @@ + $(AR) rus $@ $^ + + cli_test: $(CLI_SRCS_TEST.o) libcli.a +- $(CC) -o $@ $(CLI_SRCS_TEST.o) $(LDFLAGS.cli_test) ++ $(CC) $(LDFLAGS) -o $@ $(CLI_SRCS_TEST.o) $(LDFLAGS.cli_test) + + clean: + $(RM) $(CLI_SRCS.o) $(CLI_SRCS_TEST.o) libcli.a cli_test $(wildcard *.d) +diff -Naur openl2tp-1.8.werror/plugins/Makefile openl2tp-1.8/plugins/Makefile +--- openl2tp-1.8.werror/plugins/Makefile 2010-11-22 17:05:29.000000000 +0300 ++++ openl2tp-1.8/plugins/Makefile 2010-11-28 17:22:27.950475976 +0300 +@@ -1,7 +1,7 @@ + CFLAGS := $(CFLAGS.optimize) -MMD -Wall \ + -isystem ../include \ + -I. -I.. -I../usl -fPIC $(EXTRA_CFLAGS) +-LDFLAGS := -shared ++LDFLAGS.plugins := -shared + + PLUGINS.c:= ppp_unix.c ppp_null.c ipsec.c event_sock.c + +@@ -21,7 +21,7 @@ + $(RM) $(PLUGINS.so) $(wildcard *.o) $(wildcard *.d) $(SRC.generated) + + %.so: %.c +- $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $< ++ $(CC) $(LDFLAGS) -o $@ $(LDFLAGS.plugins) $(CFLAGS) $< + + install: all + $(INSTALL) -d $(DESTDIR)$(SYS_LIBDIR)/openl2tp +diff -Naur openl2tp-1.8.werror/test/Makefile openl2tp-1.8/test/Makefile +--- openl2tp-1.8.werror/test/Makefile 2007-05-28 18:28:53.000000000 +0400 ++++ openl2tp-1.8/test/Makefile 2010-11-28 17:25:52.871882050 +0300 +@@ -3,7 +3,7 @@ + all: pppd_dummy + + pppd_dummy: pppd_dummy.c +- $(CC) -o $@ $< ++ $(CC) $(LDFLAGS) -o $@ $< + + clean: + -$(RM) pppd_dummy +diff -Naur openl2tp-1.8.werror/usl/Makefile openl2tp-1.8/usl/Makefile +--- openl2tp-1.8.werror/usl/Makefile 2010-11-28 17:18:15.000000000 +0300 ++++ openl2tp-1.8/usl/Makefile 2010-11-28 17:22:27.950475976 +0300 +@@ -26,7 +26,7 @@ + $(AR) rus $@ $^ + + usl_test: $(USL_SRCS_TEST.o) libusl.a +- $(CC) -o $@ $(USL_SRCS_TEST.o) $(LDFLAGS.usl_test) ++ $(CC) $(LDFLAGS) -o $@ $(USL_SRCS_TEST.o) $(LDFLAGS.usl_test) + + clean: + -$(RM) $(USL_SRCS.o) $(USL_SRCS_TEST.o) libusl.a usl_test $(wildcard *.d) diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-man.patch b/net-dialup/openl2tp/files/openl2tp-1.8-man.patch new file mode 100644 index 000000000000..5375e1695851 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-man.patch @@ -0,0 +1,40 @@ +diff -Naur openl2tp-1.7.pppd/doc/Makefile openl2tp-1.7/doc/Makefile +--- openl2tp-1.7.pppd/doc/Makefile 2007-05-28 19:53:38.000000000 +0400 ++++ openl2tp-1.7/doc/Makefile 2010-07-31 18:21:56.163449838 +0400 +@@ -11,29 +11,24 @@ + MANSRC+= $(MANSRC.5) + endif + +-all: $(MANSRC:%=%.gz) +- +-%.gz: % +- gzip --best -c $< > $@ ++all: $(MANSRC) + + clean: +- -$(RM) $(MANSRC:%=%.gz) ++ -$(RM) $(MANSRC) + + install: all + $(INSTALL) -d $(DESTDIR)/usr/share/man/man1 +-ifeq ($(L2TP_FEATURE_RPC_MANAGEMENT),y) +- $(INSTALL) $(MANSRC.1:%=%.gz) $(DESTDIR)/usr/share/man/man1 ++ $(INSTALL) $(MANSRC.1) $(DESTDIR)/usr/share/man/man1 +-endif + $(INSTALL) -d $(DESTDIR)/usr/share/man/man4 +- $(INSTALL) $(MANSRC.4:%=%.gz) $(DESTDIR)/usr/share/man/man4 ++ $(INSTALL) $(MANSRC.4) $(DESTDIR)/usr/share/man/man4 + ifeq ($(L2TP_FEATURE_LOCAL_CONF_FILE),y) + $(INSTALL) -d $(DESTDIR)/usr/share/man/man5 +- $(INSTALL) $(MANSRC.5:%=%.gz) $(DESTDIR)/usr/share/man/man5 ++ $(INSTALL) $(MANSRC.5) $(DESTDIR)/usr/share/man/man5 + endif + $(INSTALL) -d $(DESTDIR)/usr/share/man/man7 +- $(INSTALL) $(MANSRC.7:%=%.gz) $(DESTDIR)/usr/share/man/man7 ++ $(INSTALL) $(MANSRC.7) $(DESTDIR)/usr/share/man/man7 + $(INSTALL) -d $(DESTDIR)/usr/share/man/man8 +- $(INSTALL) $(MANSRC.8:%=%.gz) $(DESTDIR)/usr/share/man/man8 ++ $(INSTALL) $(MANSRC.8) $(DESTDIR)/usr/share/man/man8 + + TAGS: + diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-optionsfile.patch b/net-dialup/openl2tp/files/openl2tp-1.8-optionsfile.patch new file mode 100644 index 000000000000..45c209fc7750 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-optionsfile.patch @@ -0,0 +1,306 @@ +diff -brau openl2tp-1.8.o/doc/openl2tp_rpc.4 openl2tp-1.8/doc/openl2tp_rpc.4 +--- openl2tp-1.8.o/doc/openl2tp_rpc.4 2010-11-09 16:50:58.000000000 +0200 ++++ openl2tp-1.8/doc/openl2tp_rpc.4 2011-06-04 10:02:34.000000000 +0200 +@@ -774,6 +774,10 @@ + .B local_ip_addr + The IP address to assign to the local end of the PPP link. + .TP ++.B optionsfile ++Passes a file parameter to the pppd daemon, allowing for loading a custom ++options file. See pppd(8) for more details. ++.TP + .B peer_ip_addr + The IP address to assign to the remote (peer) end of the PPP link. + .TP +diff -brau openl2tp-1.8.o/l2tp_common.c openl2tp-1.8/l2tp_common.c +--- openl2tp-1.8.o/l2tp_common.c 2008-01-08 19:23:51.000000000 +0200 ++++ openl2tp-1.8/l2tp_common.c 2011-06-04 21:00:45.000000000 +0200 +@@ -938,6 +938,10 @@ + } + len += fprintf(file, " multilink: %s, proxy arp: %s\n", + pp->multilink ? "YES" : "NO", pp->proxy_arp ? "YES" : "NO"); ++ if (OPTSTRING_PTR(pp->optionsfile) != NULL) { ++ len += fprintf(file, " optionsfile: %s\n", OPTSTRING(pp->optionsfile)); ++ } ++ + len += fprintf(file, " IP parameters:-\n"); + ip_to_string(&local_ip[0], pp->local_ip_addr.s_addr); + ip_to_string(&peer_ip[0], pp->peer_ip_addr.s_addr); +diff -brau openl2tp-1.8.o/l2tp_config.c openl2tp-1.8/l2tp_config.c +--- openl2tp-1.8.o/l2tp_config.c 2010-01-18 12:35:14.000000000 +0200 ++++ openl2tp-1.8/l2tp_config.c 2011-06-04 11:43:03.000000000 +0200 +@@ -3123,6 +3123,7 @@ + L2TP_PPP_ARGID_LOCAL_NAME, + L2TP_PPP_ARGID_REMOTE_NAME, + L2TP_PPP_ARGID_PROXY_ARP, ++ L2TP_PPP_ARGID_OPTIONSFILE, + } l2tp_ppp_arg_ids_t; + + #undef ARG +@@ -3187,7 +3188,8 @@ + ARG(REMOTE_NAME, "remote_name", 0, string, "Name to assume for the remote peer for authentication purposes"), \ + ARG(USE_AS_DEFAULT_ROUTE, "default_route", 0, bool, "Use link as default route"), \ + ARG(MULTILINK, "multilink", 0, bool, "Enable PPP multilink connections."), \ +- ARG(PROXY_ARP, "proxy_arp", 0, bool, "Use proxy arp.") ++ ARG(PROXY_ARP, "proxy_arp", 0, bool, "Use proxy arp."), \ ++ ARG(OPTIONSFILE, "optionsfile", 0, string, "ppp options file to use") + + + static struct cli_arg_entry l2tp_args_ppp_profile_create[] = { +@@ -3267,6 +3269,7 @@ + FLG(USE_AS_DEFAULT_ROUTE, "default_route", "Use link as default route"), \ + FLG(MULTILINK, "multilink", "Enable PPP multilink connections."), \ + FLG(PROXY_ARP, "proxy_arp", "Use proxy arp."), ++ FLG(OPTIONSFILE, "optionsfile", "ppp options file to use"), + { NULL, }, + }; + +@@ -3488,6 +3491,15 @@ + msg->remote_name.valid = 1; + msg->flags2 |= L2TP_API_PPP_PROFILE_FLAG_REMOTE_NAME; + break; ++ case L2TP_PPP_ARGID_OPTIONSFILE: ++ OPTSTRING(msg->optionsfile) = strdup(arg_value); ++ if (OPTSTRING(msg->optionsfile) == NULL) { ++ result = -ENOMEM; ++ goto out; ++ } ++ msg->optionsfile.valid = 1; ++ msg->flags2 |= L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE; ++ break; + } + + result = 0; +@@ -3856,6 +3868,9 @@ + case L2TP_PPP_ARGID_REMOTE_NAME: + msg.flags2 |= L2TP_API_PPP_PROFILE_FLAG_REMOTE_NAME; + break; ++ case L2TP_PPP_ARGID_OPTIONSFILE: ++ msg.flags2 |= L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE; ++ break; + } + } L2TP_ACT_END(); + +@@ -4867,6 +4882,7 @@ + L2TP_API_PPP_PROFILE_FLAG_LOCAL_NAME | + L2TP_API_PPP_PROFILE_FLAG_REMOTE_NAME | + L2TP_API_PPP_PROFILE_FLAG_PROXY_ARP | ++ L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE | + L2TP_API_PPP_PROFILE_FLAG_AUTH_NONE | + L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_EAP | + L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_MSCHAPV2 | +@@ -5028,6 +5044,9 @@ + if (cfg->flags2 & L2TP_API_PPP_PROFILE_FLAG_PROXY_ARP) { + fprintf(file, "\tproxy_arp=%s \\\n", Y_OR_N(cfg->proxy_arp)); + } ++ if ((cfg->flags2 & L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE) && (OPTSTRING_PTR(cfg->optionsfile) != NULL)) { ++ fprintf(file, "\toptionsfile=%s \\\n", OPTSTRING_PTR(cfg->optionsfile)); ++ } + fprintf(file, "\n"); + } + } +diff -brau openl2tp-1.8.o/l2tp_config_parse.y openl2tp-1.8/l2tp_config_parse.y +--- openl2tp-1.8.o/l2tp_config_parse.y 2010-11-09 16:50:58.000000000 +0200 ++++ openl2tp-1.8/l2tp_config_parse.y 2011-06-04 11:11:42.000000000 +0200 +@@ -154,6 +154,7 @@ + %token QUOTEDSTRING + %token BOOL + %token IPADDRESS ++%token OPTIONSFILE + + %token INITIAL_RCVD_LCP_CONFREQ + %token CALLING_NUMBER +@@ -1167,6 +1168,18 @@ + OPTSTRING(ppp_profile.remote_name) = $3.buf; + ppp_profile.remote_name.valid = 1; + } ++ | OPTIONSFILE EQUALS STRING ++ { ++ ppp_profile.flags2 |= L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE; ++ OPTSTRING(ppp_profile.optionsfile) = $3.buf; ++ ppp_profile.optionsfile.valid = 1; ++ } ++ | OPTIONSFILE EQUALS QUOTEDSTRING ++ { ++ ppp_profile.flags2 |= L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE; ++ OPTSTRING(ppp_profile.optionsfile) = $3.buf; ++ ppp_profile.optionsfile.valid = 1; ++ } + ; + + tunnel_command +diff -brau openl2tp-1.8.o/l2tp_config_token.l openl2tp-1.8/l2tp_config_token.l +--- openl2tp-1.8.o/l2tp_config_token.l 2010-11-12 14:31:21.000000000 +0200 ++++ openl2tp-1.8/l2tp_config_token.l 2011-06-04 11:08:31.000000000 +0200 +@@ -191,6 +191,7 @@ + auth_eap { return(AUTH_EAP); } + auth_none { return(AUTH_NOAUTH); } + auth_peer { return(AUTH_PEER); } ++optionsfile { return(OPTIONSFILE); } + + {ws} { } + {linecont} { lineno++; } +diff -brau openl2tp-1.8.o/l2tp_ppp.c openl2tp-1.8/l2tp_ppp.c +--- openl2tp-1.8.o/l2tp_ppp.c 2008-05-07 22:44:20.000000000 +0200 ++++ openl2tp-1.8/l2tp_ppp.c 2011-06-04 16:08:25.000000000 +0200 +@@ -70,6 +70,7 @@ + int auth_refuse_mschap:1; + int auth_refuse_mschapv2:1; + int auth_refuse_eap:1; ++ char *optionsfile; + }; + + static struct l2tp_ppp_profile *l2tp_ppp_defaults; +@@ -241,6 +242,9 @@ + if (msg->flags2 & L2TP_API_PPP_PROFILE_FLAG_REMOTE_NAME) { + L2TP_SET_OPTSTRING_VAR(profile, remote_name); + } ++ if (msg->flags2 & L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE) { ++ L2TP_SET_OPTSTRING_VAR(profile, optionsfile); ++ } + + out: + return result; +@@ -346,6 +350,14 @@ + } + } + ++ if (l2tp_ppp_defaults->optionsfile != NULL) { ++ profile->optionsfile = strdup(l2tp_ppp_defaults->optionsfile); ++ if (profile->optionsfile == NULL) { ++ *result = -ENOMEM; ++ goto err; ++ } ++ } ++ + /* Override defaults by user-supplied params */ + *result = l2tp_ppp_profile_modify(&msg, profile); + +@@ -379,6 +391,24 @@ + *result = -ENOMEM; + goto out; + err: ++ if (profile->radius_hint != NULL) { ++ free(profile->radius_hint); ++ } ++ if (profile->ip_pool_name != NULL) { ++ free(profile->ip_pool_name); ++ } ++ if (profile->profile_name != NULL) { ++ free(profile->profile_name); ++ } ++ if (profile->local_name != NULL) { ++ free(profile->local_name); ++ } ++ if (profile->remote_name != NULL) { ++ free(profile->remote_name); ++ } ++ if (profile->optionsfile != NULL) { ++ free(profile->optionsfile); ++ } + free(profile); + goto out; + } +@@ -430,6 +460,9 @@ + if (profile->remote_name != NULL) { + free(profile->remote_name); + } ++ if (profile->optionsfile != NULL) { ++ free(profile->optionsfile); ++ } + USL_POISON_MEMORY(profile, 0xe5, sizeof(*profile)); + free(profile); + *result = 0; +@@ -578,6 +611,14 @@ + } + result->remote_name.valid = 1; + } ++ if (profile->optionsfile != NULL) { ++ OPTSTRING(result->optionsfile) = strdup(profile->optionsfile); ++ if (OPTSTRING(result->optionsfile) == NULL) { ++ result->result_code = -ENOMEM; ++ goto out; ++ } ++ result->optionsfile.valid = 1; ++ } + + out: + L2TP_DEBUG(L2TP_API, "%s: flags=%x/%x result=%d", __func__, result->flags, result->flags2, result->result_code); +@@ -598,6 +639,9 @@ + if (OPTSTRING_PTR(msg->remote_name) != NULL) { + free(OPTSTRING(msg->remote_name)); + } ++ if (OPTSTRING_PTR(msg->optionsfile) != NULL) { ++ free(OPTSTRING(msg->optionsfile)); ++ } + if (msg->profile_name != NULL) { + free(msg->profile_name); + } +@@ -843,6 +887,12 @@ + } + profile->remote_name = NULL; + } ++ if (msg.flags2 & L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE) { ++ if (profile->optionsfile != NULL) { ++ free(profile->optionsfile); ++ } ++ profile->optionsfile = NULL; ++ } + + /* Clear all requested flags */ + profile->flags &= ~(msg.flags); +@@ -937,6 +987,12 @@ + } + l2tp_ppp_defaults->local_name = NULL; + l2tp_ppp_defaults->remote_name = NULL; ++ if (strlen(L2TP_API_PPP_PROFILE_DEFAULT_OPTIONSFILE) > 0) { ++ l2tp_ppp_defaults->optionsfile = strdup(L2TP_API_PPP_PROFILE_DEFAULT_OPTIONSFILE); ++ if (l2tp_ppp_defaults->optionsfile == NULL) { ++ goto nomem; ++ } ++ } + + USL_LIST_HEAD_INIT(&l2tp_ppp_defaults->list); + usl_list_add(&l2tp_ppp_defaults->list, &l2tp_ppp_profile_list); +diff -brau openl2tp-1.8.o/l2tp_rpc.x openl2tp-1.8/l2tp_rpc.x +--- openl2tp-1.8.o/l2tp_rpc.x 2010-11-04 18:30:36.000000000 +0200 ++++ openl2tp-1.8/l2tp_rpc.x 2011-06-04 11:06:08.000000000 +0200 +@@ -946,6 +946,7 @@ + const L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_CHAP = 65536; + const L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_PAP = 131072; + const L2TP_API_PPP_PROFILE_FLAG_AUTH_PEER = 262144; ++const L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE = 524288; + + /* Default values for PPP profile attributes. + * These are used if an explicit value is not provided by the user. +@@ -993,6 +994,7 @@ + const L2TP_API_PPP_PROFILE_DEFAULT_USE_AS_DEFAULT_ROUTE = 0; + const L2TP_API_PPP_PROFILE_DEFAULT_MULTILINK = 0; + const L2TP_API_PPP_PROFILE_DEFAULT_PROXY_ARP = 0; ++const L2TP_API_PPP_PROFILE_DEFAULT_OPTIONSFILE = ""; + + enum l2tp_api_ppp_sync_mode { + L2TP_API_PPP_SYNCMODE_SYNC_ASYNC, +@@ -1051,6 +1053,7 @@ + optstring local_name; + optstring remote_name; + bool proxy_arp; ++ optstring optionsfile; + }; + + struct l2tp_api_ppp_profile_list_entry { +diff -brau openl2tp-1.8.o/plugins/ppp_unix.c openl2tp-1.8/plugins/ppp_unix.c +--- openl2tp-1.8.o/plugins/ppp_unix.c 2010-11-22 16:03:48.000000000 +0200 ++++ openl2tp-1.8/plugins/ppp_unix.c 2011-06-04 14:41:43.000000000 +0200 +@@ -282,6 +282,11 @@ + } + } + ++ if ((params->flags2 & L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE) && (OPTSTRING_PTR(params->optionsfile) != NULL)) { ++ argv[arg++] = "file"; ++ argv[arg++] = strdup(OPTSTRING(params->optionsfile)); ++ } ++ + /* By default, use sync mode */ + if (!((params->flags & L2TP_API_PPP_PROFILE_FLAG_SYNC_MODE) && + (params->sync_mode == L2TP_API_PPP_SYNCMODE_ASYNC))) { diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-parallelbuild.patch b/net-dialup/openl2tp/files/openl2tp-1.8-parallelbuild.patch new file mode 100644 index 000000000000..fb6b9f96b354 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-parallelbuild.patch @@ -0,0 +1,30 @@ +diff -rau openl2tp-1.8.o/Makefile openl2tp-1.8/Makefile +--- openl2tp-1.8.o/Makefile 2011-06-03 18:21:09.000000000 +0200 ++++ openl2tp-1.8/Makefile 2011-06-03 18:54:43.000000000 +0200 +@@ -197,7 +197,7 @@ + + .PHONY: $(SUBDIRS:%=subdir-%) + +-$(SUBDIRS:%=subdir-%): FORCE ++$(SUBDIRS:%=subdir-%): FORCE generated-files + $(MAKE) -C $(@:subdir-%=%) $(MFLAGS) EXTRA_CFLAGS="$(CPPFLAGS)" + + ifeq ($(L2TP_FEATURE_LOCAL_CONF_FILE),y) +@@ -211,7 +211,7 @@ + %.h %.c: %.y + $(YACC) -d -o l2tp_config_parse.c $< + +-l2tp_config_token.o: l2tp_config_token.c ++l2tp_config_token.o: l2tp_config_token.c l2tp_config_parse.h + $(CC) -I. -MMD -w $(CFLAGS.optimize) -c -DYY_NO_UNPUT $< + + l2tp_config_parse.o: l2tp_config_parse.c l2tp_config_parse.h +@@ -271,7 +271,7 @@ + l2tpconfig: $(L2TPCONFIG_SRCS.o) + $(CC) $(LDFLAGS) -o $@ $^ $(LDFLAGS.l2tpconfig) + +-%.o: %.c ++%.o: %.c generated-files + $(CC) -c $(CFLAGS) $< -o $@ + + l2tp_options.h: FORCE diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-pppd-2.patch b/net-dialup/openl2tp/files/openl2tp-1.8-pppd-2.patch new file mode 100644 index 000000000000..5d326562c414 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-pppd-2.patch @@ -0,0 +1,12 @@ +diff -Nrau openl2tp-1.8.o/Makefile openl2tp-1.8/Makefile +--- openl2tp-1.8.o/Makefile 2011-06-03 17:45:24.000000000 +0200 ++++ openl2tp-1.8/Makefile 2011-06-03 17:52:22.000000000 +0200 +@@ -55,7 +55,7 @@ + # in the pppd subdirectory of the compiler's default search path + # (e.g. /usr/include/pppd). but can be pointed to another directory if + # desired. +-PPPD_VERSION= 2.4.5 ++#PPPD_VERSION= 2.4.5 + # PPPD_INCDIR= /usr/include/pppd + # PPPD_LIBDIR= $(SYS_LIBDIR)/pppd/$(PPPD_VERSION) + diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-setkey.patch b/net-dialup/openl2tp/files/openl2tp-1.8-setkey.patch new file mode 100644 index 000000000000..d7b9e0681828 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-setkey.patch @@ -0,0 +1,12 @@ +diff -brau openl2tp-1.8.o/plugins/ipsec.c openl2tp-1.8/plugins/ipsec.c +--- openl2tp-1.8.o/plugins/ipsec.c 2010-01-18 11:00:08.000000000 +0200 ++++ openl2tp-1.8/plugins/ipsec.c 2011-06-05 11:00:28.000000000 +0200 +@@ -31,7 +31,7 @@ + #include "usl.h" + #include "l2tp_private.h" + +-#define IPSEC_SETKEY_CMD "/sbin/setkey" ++#define IPSEC_SETKEY_CMD "/usr/sbin/setkey" + #define IPSEC_SETKEY_FILE "/tmp/openl2tpd-tmp" + #define IPSEC_SETKEY_ACTION IPSEC_SETKEY_CMD " -f " IPSEC_SETKEY_FILE + diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-tirpc.patch b/net-dialup/openl2tp/files/openl2tp-1.8-tirpc.patch new file mode 100644 index 000000000000..038d53c30d52 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-tirpc.patch @@ -0,0 +1,53 @@ +diff -Naurd openl2tp-1.8.orig/Makefile openl2tp-1.8/Makefile +--- openl2tp-1.8.orig/Makefile 2018-07-03 05:02:39.734741959 +0900 ++++ openl2tp-1.8/Makefile 2018-07-03 05:01:52.071450387 +0900 +@@ -159,8 +159,8 @@ + -MMD -Wall -Wno-strict-aliasing \ + $(CPPFLAGS) $(CPPFLAGS.dmalloc) \ + -DSYS_LIBDIR=$(SYS_LIBDIR) +-LDFLAGS.l2tpd= -Wl,-E -L. -Lusl -lusl -ldl $(LIBS.dmalloc) -lc ++LDFLAGS.l2tpd= -Wl,-E -L. -Lusl -lusl -ldl -ltirpc $(LIBS.dmalloc) -lc +-LDFLAGS.l2tpconfig= -Lcli -lcli -lreadline $(LIBS.dmalloc) $(READLINE_LDFLAGS) -lc ++LDFLAGS.l2tpconfig= -Lcli -lcli -lreadline -ltirpc $(LIBS.dmalloc) $(READLINE_LDFLAGS) -lc + + ifeq ($(L2TP_DEBUG),y) + CFLAGS.opt= -g +@@ -168,6 +168,7 @@ + else + CFLAGS.opt= $(OPT_CFLAGS) + endif ++CFLAGS.opt+= -isystem /usr/include/tirpc + CFLAGS.optimize= $(CFLAGS) $(CFLAGS.opt) + export CFLAGS.optimize + +diff -Naurd openl2tp-1.8.orig/l2tp_api.c openl2tp-1.8/l2tp_api.c +--- openl2tp-1.8.orig/l2tp_api.c 2018-07-03 04:59:47.000000000 +0900 ++++ openl2tp-1.8/l2tp_api.c 2018-07-03 05:01:52.073450358 +0900 +@@ -25,6 +25,7 @@ + + #include <rpc/pmap_clnt.h> + #include <net/ethernet.h> ++#include <netinet/in.h> + + #include "usl.h" + +@@ -443,14 +443,16 @@ + */ + int l2tp_api_rpc_check_request(SVCXPRT *xprt) + { ++ char straddr[INET6_ADDRSTRLEN]; + /* If remote RPC is not enabled and the request is from a + * non-loopback interface, reject the request. + */ + if ((!l2tp_opt_remote_rpc) && +- ((xprt->xp_raddr.sin_addr.s_addr != htonl(INADDR_LOOPBACK)) && +- (xprt->xp_raddr.sin_addr.s_addr != htonl(INADDR_ANY)))) { ++ memcmp(&xprt->xp_raddr.sin6_addr, &in6addr_loopback, 16) && ++ memcmp(&xprt->xp_raddr.sin6_addr, &in6addr_any, 16)) { + if (l2tp_opt_trace_flags & L2TP_DEBUG_API) { +- l2tp_log(LOG_ERR, "Rejecting RPC request from %s", inet_ntoa(xprt->xp_raddr.sin_addr)); ++ l2tp_log(LOG_ERR, "Rejecting RPC request from %s", ++ inet_ntop(AF_INET6, &xprt->xp_raddr.sin6_addr, straddr, INET6_ADDRSTRLEN)); + } + svcerr_auth(xprt, AUTH_TOOWEAK); + return -EPERM; diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-unused-var.patch b/net-dialup/openl2tp/files/openl2tp-1.8-unused-var.patch new file mode 100644 index 000000000000..2e1f6277cf5f --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-unused-var.patch @@ -0,0 +1,21 @@ +diff -Naurd openl2tp-1.8.orig/pppd/pppol2tp.c openl2tp-1.8/pppd/pppol2tp.c +--- openl2tp-1.8.orig/pppd/pppol2tp.c 2010-11-15 15:12:43.000000000 +0300 ++++ openl2tp-1.8/pppd/pppol2tp.c 2018-03-17 14:11:07.484281421 +0300 +@@ -297,7 +297,7 @@ + static bool got_recv_accm = 0; + static uint32_t recv_accm = 0xffffffff; + static uint32_t send_accm = 0xffffffff; +- static bool snooping = 1; ++ // static bool snooping = 1; + + uint16_t protocol; + uint16_t lcp_pkt_len; +@@ -328,7 +328,7 @@ + "Network protocol %04x found.", + protocol); + } +- snooping = 0; ++ // snooping = 0; + return; + } + diff --git a/net-dialup/openl2tp/files/openl2tp-1.8-werror.patch b/net-dialup/openl2tp/files/openl2tp-1.8-werror.patch new file mode 100644 index 000000000000..d36447dfe966 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tp-1.8-werror.patch @@ -0,0 +1,36 @@ +diff -Naur openl2tp-1.8.orig/Makefile openl2tp-1.8/Makefile +--- openl2tp-1.8.orig/Makefile 2010-11-22 12:47:26.000000000 +0300 ++++ openl2tp-1.8/Makefile 2010-11-28 17:18:02.547651027 +0300 +@@ -154,7 +154,7 @@ + + CPPFLAGS= $(CPPFLAGS.l2tptest) $(CPPFLAGS-y) + CFLAGS= -I. -Iusl -Icli -isystem include \ +- -MMD -Wall -Werror -Wno-strict-aliasing \ ++ -MMD -Wall -Wno-strict-aliasing \ + $(CPPFLAGS) $(CPPFLAGS.dmalloc) \ + -DSYS_LIBDIR=$(SYS_LIBDIR) + LDFLAGS.l2tpd= -Wl,-E -L. -Lusl -lusl -ldl $(LIBS.dmalloc) -lc +diff -Naur openl2tp-1.8.orig/cli/Makefile openl2tp-1.8/cli/Makefile +--- openl2tp-1.8.orig/cli/Makefile 2010-11-12 15:28:47.000000000 +0300 ++++ openl2tp-1.8/cli/Makefile 2010-11-28 17:18:27.707453102 +0300 +@@ -7,7 +7,7 @@ + + LDFLAGS.cli_test= -L.. -L. $(READLINE_LDFLAGS) -lcli -lusl -lreadline -lcurses -lc + +-CFLAGS= $(CFLAGS.optimize) -MMD -Wall -Werror -I.. $(READLINE_CFLAGS) ++CFLAGS= $(CFLAGS.optimize) -MMD -Wall -I.. $(READLINE_CFLAGS) + + .PHONY: all test clean + +diff -Naur openl2tp-1.8.orig/usl/Makefile openl2tp-1.8/usl/Makefile +--- openl2tp-1.8.orig/usl/Makefile 2010-11-04 19:27:08.000000000 +0300 ++++ openl2tp-1.8/usl/Makefile 2010-11-28 17:18:15.615816682 +0300 +@@ -14,7 +14,7 @@ + endif + + CPPFLAGS+= $(CFLAGS.optimize) -g +-CFLAGS= -I. -MMD -Wall -Werror -Wno-strict-aliasing $(CPPFLAGS) $(CPPFLAGS.dmalloc) ++CFLAGS= -I. -MMD -Wall -Wno-strict-aliasing $(CPPFLAGS) $(CPPFLAGS.dmalloc) + + .PHONY: all test clean + diff --git a/net-dialup/openl2tp/files/openl2tpd.confd b/net-dialup/openl2tp/files/openl2tpd.confd new file mode 100644 index 000000000000..c4b7ee5ec392 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tpd.confd @@ -0,0 +1,17 @@ +# Settings for the OpenL2TP daemon. +# OPENL2TPDARGS= : any extra command-line startup arguments for openl2tpd +# -D - enable debug messages from all tunnels and sessions +# -d nnn - set debug trace mask to nnn +# -L log-facility - set syslog facility (default LOG_DAEMON) +# -R - allow remote management using RPC +# +# OPENL2TPD_CONFIG_FILE= : a file containing L2TP config that +# is loaded when openl2tpd starts up. + +# Use ipsec.so plugin for IPSec setups. +#OPENL2TPDARGS="-p ipsec.so" +OPENL2TPDARGS= + +# Config file to load at openl2tpd startup. +# /etc/openl2tpd.conf is used by default if none is provided here +OPENL2TPD_CONFIG_FILE= diff --git a/net-dialup/openl2tp/files/openl2tpd.initd b/net-dialup/openl2tp/files/openl2tpd.initd new file mode 100644 index 000000000000..b1d1511a5642 --- /dev/null +++ b/net-dialup/openl2tp/files/openl2tpd.initd @@ -0,0 +1,69 @@ +#!/sbin/openrc-run +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +userpc="yes" +retry_count="40" +retry_delay="0.5" + +bin=/usr/sbin/openl2tpd +pid=/var/run/openl2tpd.pid +[ -z "${OPENL2TPD_CONFIG_FILE}" ] && OPENL2TPD_CONFIG_FILE="/etc/openl2tpd.conf" + +depend() { + need net + [ "${userpc}" = "yes" ] && need portmap + use dns ipsec racoon +} + +check_module () { + if ! [ -f /proc/net/pppol2tp ]; then + ebegin "Loading l2tp module" + # try both new and old module names + modprobe l2tp_ppp 2>/dev/null || modprobe pppol2tp 2>/dev/null + eend $? + fi +} + +start() { + check_module + ebegin "Starting openl2tpd" + # if rpc is enabled do not read config file by daemon (has bugs), + # but read by l2tpconfig instead + if [ "${userpc}" = "yes" ]; then + conf="/dev/null" + else + conf="${OPENL2TPD_CONFIG_FILE}" + fi + + start-stop-daemon --start --quiet --exec ${bin} --pidfile ${pid} \ + -- -c "$conf" ${OPENL2TPDARGS} + + # it is possible to not to have config at all + if [ "${userpc}" = "yes" ] && [ -r "${OPENL2TPD_CONFIG_FILE}" ]; then + # on system startup it may take some time to load daemon + local i=0; + while [ $i -lt $retry_count ]; do + l2tpconfig config restore file="${OPENL2TPD_CONFIG_FILE}" >/dev/null 2>&1 + retcode=$? + [ ${retcode} = 0 ] && break + i=$((i+1)) + sleep $retry_delay + done + fi + eend $retcode +} + +stop() { + local rc + ebegin "Stopping openl2tpd" + start-stop-daemon --stop --quiet --exec ${bin} --pidfile ${pid} + rc=$? + + if [ ${RC_CMD} = "restart" ]; then + einfo "sleepinng for server to finilize connections" + sleep 2 + fi + + eend ${rc} +} diff --git a/net-dialup/openl2tp/metadata.xml b/net-dialup/openl2tp/metadata.xml new file mode 100644 index 000000000000..5f1b920a55a8 --- /dev/null +++ b/net-dialup/openl2tp/metadata.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="person"> + <email>bircoph@gentoo.org</email> + <name>Andrew Savchenko</name> +</maintainer> +<use> + <flag name='client'>Enable l2tp client.</flag> + <flag name='dmalloc'>Enable debugging using <pkg>dev-libs/dmalloc</pkg>.</flag> + <flag name='rpc'>Enable RPC control management. This flag is required for + l2tpconfig to be built and used.</flag> + <flag name='server'>Enable l2tp server.</flag> + <flag name='stats'>Enable status files. Note: when they are used, this + hampers performance of the daemon.</flag> +</use> +</pkgmetadata> diff --git a/net-dialup/openl2tp/openl2tp-1.8.ebuild b/net-dialup/openl2tp/openl2tp-1.8.ebuild new file mode 100644 index 000000000000..707cccebd5a7 --- /dev/null +++ b/net-dialup/openl2tp/openl2tp-1.8.ebuild @@ -0,0 +1,127 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit linux-info + +DESCRIPTION="Userspace tools for kernel L2TP implementation" +HOMEPAGE="http://www.openl2tp.org/" +SRC_URI="mirror://sourceforge/openl2tp/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+client debug dmalloc doc +examples rpc server stats" + +REQUIRED_USE="|| ( client server )" + +CDEPEND=" + >=net-dialup/ppp-2.4.5 + >=net-libs/libtirpc-1.0.3 + sys-libs/readline:= + dmalloc? ( dev-libs/dmalloc ) +" +DEPEND="${CDEPEND} + >=net-libs/rpcsvc-proto-1.3.1-r1 + sys-devel/bison + sys-devel/flex +" +RDEPEND="${CDEPEND} + rpc? ( net-nds/rpcbind ) +" + +CONFIG_CHECK="~PPPOL2TP" + +PATCHES=( + "${FILESDIR}/${P}-werror.patch" + "${FILESDIR}/${P}-ldflags.patch" + "${FILESDIR}/${P}-pppd-2.patch" + "${FILESDIR}/${P}-man.patch" + "${FILESDIR}/${P}-l2tpconfig.patch" + "${FILESDIR}/${P}-parallelbuild.patch" + "${FILESDIR}/${P}-optionsfile.patch" + "${FILESDIR}/${P}-clientip_as_ipparam.patch" + "${FILESDIR}/${P}-setkey.patch" + "${FILESDIR}/${P}-unused-var.patch" + "${FILESDIR}/${P}-configure-Makefile.patch" + "${FILESDIR}/${P}-cflags.patch" + "${FILESDIR}/${P}-tirpc.patch" +) + +src_prepare() { + default + sed -i 's/CFLAGS.optimize/CFLAGS_optimize/g' Makefile */Makefile || die "Makefile sed failed" +} + +src_configure() { + declare -a myconf # not local, should be used at src_compile() + + use client || myconf+=( L2TP_FEATURE_LAC_SUPPORT=n + L2TP_FEATURE_LAIC_SUPPORT=n + L2TP_FEATURE_LAOC_SUPPORT=n ) + + use server || myconf+=( L2TP_FEATURE_LNS_SUPPORT=n + L2TP_FEATURE_LNIC_SUPPORT=n + L2TP_FEATURE_LNOC_SUPPORT=n ) + + use rpc || myconf+=( L2TP_FEATURE_RPC_MANAGEMENT=n ) + + use stats && myconf+=( L2TP_FEATURE_LOCAL_STAT_FILE=y ) + use debug && myconf+=( L2TP_DEBUG=y ) + use dmalloc && myconf+=( USE_DMALLOC=y ) + + # pppd plugin is only needed for pppd < 2.4.5 + unset PPPD_SUBDIR +} + +src_compile() { + emake ${myconf[@]} +} + +src_install() { + emake ${myconf[@]} DESTDIR="${D}" install + + if use examples; then + docinto event_socket + dodoc doc/{event_sock_example.c,README.event_sock} + docinto + dodoc -r "${FILESDIR}"/examples + fi + + if use doc; then + dodoc doc/*.txt + newdoc plugins/README README.plugins + dodoc -r ipsec + fi + + newinitd "${FILESDIR}"/openl2tpd.initd openl2tpd + # init.d script is quite different for RPC and non-RPC versions. + use rpc || sed -i s/userpc=\"yes\"/userpc=\"no\"/ "${D}/etc/init.d/openl2tpd" || die "sed failed" + newconfd "${FILESDIR}"/openl2tpd.confd openl2tpd +} + +pkg_postinst() { + if use rpc; then + ewarn + ewarn "RPC control does not provide any auth checks for control connection." + ewarn "Unless you need this you should disable it, for reference:" + ewarn "http://forums.openl2tp.org/viewtopic.php?f=4&t=41" + ewarn + ewarn "Therefore DO NOT USE RPC IN INSECURE ENVIRONMENTS!" + else + ewarn + ewarn "Without RPC support you won't be able to use l2tpconfig." + ewarn "Please read http://forums.openl2tp.org/viewtopic.php?f=4&t=41" + ewarn "for more information about the security risk before enabling." + ewarn + ewarn "If you are using numerical strings (e.g. login name containing only" + ewarn "digits) or special characters in password, please use double quotes" + ewarn "to enclose them." + fi + if use stats; then + ewarn + ewarn "To enable status files openl2tpd must be started with -S option." + ewarn "Upstream warns about runtime overhead with status files enabled." + fi +} |