ppp: Update to version 2.4.9

Upstream integrated multiple patches from Distributions and did other
changes:
* rp-pppoe.so was renamed to pppoe.so
* Converted to ANSI C

The following patches were applied upstream:
* 100-debian_ip-ip_option.patch
* 101-debian_close_dev_ppp.patch
* 103-debian_fix_link_pidfile.patch
* 106-debian_stripMSdomain.patch
* 107-debian_pppoatm_wildcard.patch
* 110-debian_defaultroute.patch
* 202-no_strip.patch

Compilation with musl libc was fixed upstream so
140-pppoe_compile_fix.patch is not needed any more

Parts of the 203-opt_flags.patch patch were applied in a different way
upstream.

Signed-off-by: Hauke Mehrtens <[email protected]>

package/network/services/ppp/Makefile

@@ -13,14 +13,14 @@ PKG_RELEASE:=3
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/paulusmack/ppp
-PKG_SOURCE_DATE:=2020-10-03
-PKG_SOURCE_VERSION:=ad3937a0a38a696eb1a37dbf8f92e8e6072cdccb
-PKG_MIRROR_HASH:=c5b39615eb62728431b19f3ae5428eb1e2fc705b4b7b960228fe5b5d7b5a4bca
+PKG_SOURCE_DATE:=2021-01-04
+PKG_SOURCE_VERSION:=4fb319056f168bb8379865b91b4fd3e1ada73f1e
+PKG_MIRROR_HASH:=429cb5fcff36e1d8698766130711d4764347f08b83233dfb4831bea21616efef
 PKG_MAINTAINER:=Felix Fietkau <[email protected]>
 PKG_LICENSE:=BSD-4-Clause
 PKG_CPE_ID:=cpe:/a:samba:ppp
 
-PKG_RELEASE_VERSION:=2.4.8
+PKG_RELEASE_VERSION:=2.4.9
 PKG_VERSION:=$(PKG_RELEASE_VERSION).git-$(PKG_SOURCE_DATE)
 
 PKG_BUILD_DEPENDS:=libpcap
@@ -242,7 +242,7 @@ endef
 
 define Package/ppp-mod-pppoe/install
 	$(INSTALL_DIR) $(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/rp-pppoe.so \
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/lib/pppd/$(PKG_RELEASE_VERSION)/pppoe.so \
 		$(1)/usr/lib/pppd/$(PKG_RELEASE_VERSION)/
 endef
 

package/network/services/ppp/files/ppp.sh

@@ -234,7 +234,7 @@ proto_pppoe_setup() {
 	json_get_var padi_timeout padi_timeout
 
 	ppp_generic_setup "$config" \
-		plugin rp-pppoe.so \
+		plugin pppoe.so \
 		${ac:+rp_pppoe_ac "$ac"} \
 		${service:+rp_pppoe_service "$service"} \
 		${host_uniq:+host-uniq "$host_uniq"} \
@@ -331,7 +331,7 @@ proto_pptp_teardown() {
 
 [ -n "$INCLUDE_ONLY" ] || {
 	add_protocol ppp
-	[ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe
+	[ -f /usr/lib/pppd/*/pppoe.so ] && add_protocol pppoe
 	[ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa
 	[ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp
 }

package/network/services/ppp/patches/010-use_target_for_configure.patch

@@ -9,16 +9,16 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/configure
 +++ b/configure
-@@ -8,9 +8,9 @@ SYSCONF=/etc
- #  if [ -d /NextApps ]; then
- #    system="NeXTStep"
- #  else
--  system=`uname -s`
--  release=`uname -r`
--  arch=`uname -m`
-+  system=${UNAME_S:-`uname -s`}
-+  release=${UNAME_R:-`uname -r`}
-+  arch=${UNAME_M:-`uname -m`}
- #  fi
+@@ -10,9 +10,9 @@ CROSS_COMPILE=
+ CC=cc
+ CFLAGS=
+ 
+-system=`uname -s`
+-release=`uname -r`
+-arch=`uname -m`
++system=${UNAME_S:-`uname -s`}
++release=${UNAME_R:-`uname -r`}
++arch=${UNAME_M:-`uname -m`}
  state="unknown"
  
+ case $system in

package/network/services/ppp/patches/100-debian_ip-ip_option.patch

@@ -1,96 +0,0 @@
-pppd: Allow specifying ip-up and ip-down scripts
-
-This patch implements the "ip-up-script" and "ip-down-script" options which
-allow to specify the path of the ip-up and ip-down scripts to call.
-
-These options default to _PATH_IPUP and _PATH_IPDOWN to retain the 
-existing behaviour.
-
-The patch originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <[email protected]>
-
---- a/pppd/ipcp.c
-+++ b/pppd/ipcp.c
-@@ -1957,7 +1957,7 @@ ipcp_up(f)
-      */
-     if (ipcp_script_state == s_down && ipcp_script_pid == 0) {
- 	ipcp_script_state = s_up;
--	ipcp_script(_PATH_IPUP, 0);
-+	ipcp_script(path_ipup, 0);
-     }
- }
- 
-@@ -2007,7 +2007,7 @@ ipcp_down(f)
-     /* Execute the ip-down script */
-     if (ipcp_script_state == s_up && ipcp_script_pid == 0) {
- 	ipcp_script_state = s_down;
--	ipcp_script(_PATH_IPDOWN, 0);
-+	ipcp_script(path_ipdown, 0);
-     }
- }
- 
-@@ -2061,13 +2061,13 @@ ipcp_script_done(arg)
-     case s_up:
- 	if (ipcp_fsm[0].state != OPENED) {
- 	    ipcp_script_state = s_down;
--	    ipcp_script(_PATH_IPDOWN, 0);
-+	    ipcp_script(path_ipdown, 0);
- 	}
- 	break;
-     case s_down:
- 	if (ipcp_fsm[0].state == OPENED) {
- 	    ipcp_script_state = s_up;
--	    ipcp_script(_PATH_IPUP, 0);
-+	    ipcp_script(path_ipup, 0);
- 	}
- 	break;
-     }
---- a/pppd/main.c
-+++ b/pppd/main.c
-@@ -306,6 +306,9 @@ main(argc, argv)
-     struct protent *protp;
-     char numbuf[16];
- 
-+    strlcpy(path_ipup, _PATH_IPUP, sizeof(path_ipup));
-+    strlcpy(path_ipdown, _PATH_IPDOWN, sizeof(path_ipdown));
-+
-     link_stats_valid = 0;
-     new_phase(PHASE_INITIALIZE);
- 
---- a/pppd/options.c
-+++ b/pppd/options.c
-@@ -117,6 +117,8 @@ bool	tune_kernel;		/* may alter kernel s
- int	connect_delay = 1000;	/* wait this many ms after connect script */
- int	req_unit = -1;		/* requested interface unit */
- char	req_ifname[MAXIFNAMELEN];	/* requested interface name */
-+char	path_ipup[MAXPATHLEN];	/* pathname of ip-up script */
-+char	path_ipdown[MAXPATHLEN];/* pathname of ip-down script */
- bool	multilink = 0;		/* Enable multilink operation */
- char	*bundle_name = NULL;	/* bundle name for multilink */
- bool	dump_options;		/* print out option values */
-@@ -316,6 +318,13 @@ option_t general_options[] = {
-       "Metric to use for the default route (Linux only; -1 for default behavior)",
-       OPT_PRIV|OPT_LLIMIT|OPT_INITONLY, NULL, 0, -1 },
- 
-+    { "ip-up-script", o_string, path_ipup,
-+      "Set pathname of ip-up script",
-+      OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
-+    { "ip-down-script", o_string, path_ipdown,
-+      "Set pathname of ip-down script",
-+      OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
-+
- #ifdef HAVE_MULTILINK
-     { "multilink", o_bool, &multilink,
-       "Enable multilink operation", OPT_PRIO | 1 },
---- a/pppd/pppd.h
-+++ b/pppd/pppd.h
-@@ -335,6 +335,8 @@ extern int	connect_delay;	/* Time to del
- extern int	max_data_rate;	/* max bytes/sec through charshunt */
- extern int	req_unit;	/* interface unit number to use */
- extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */
-+extern char	path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
-+extern char	path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
- extern bool	multilink;	/* enable multilink operation */
- extern bool	noendpoint;	/* don't send or accept endpt. discrim. */
- extern char	*bundle_name;	/* bundle name for multilink */

package/network/services/ppp/patches/101-debian_close_dev_ppp.patch

@@ -1,28 +0,0 @@
-pppd: Close already open ppp descriptors
-
-When using the kernel PPPoE driver in conjunction with the "persist" option,
-the already open descriptor to /dev/ppp is not closed when the link is
-reestablished. This eventually leads to high CPU load because the stray 
-descriptors are always reported as ready by select().
-
-This patch closes the descriptor if it is already open when establishing a
-new connection. It originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <[email protected]>
-
---- a/pppd/sys-linux.c
-+++ b/pppd/sys-linux.c
-@@ -467,6 +467,13 @@ int generic_establish_ppp (int fd)
-     if (new_style_driver) {
- 	int flags;
- 
-+        /* if a ppp_fd is already open, close it first */
-+        if(ppp_fd > 0) {
-+          close(ppp_fd);
-+          remove_fd(ppp_fd);
-+          ppp_fd = -1;
-+        }
-+
- 	/* Open an instance of /dev/ppp and connect the channel to it */
- 	if (ioctl(fd, PPPIOCGCHAN, &chindex) == -1) {
- 	    error("Couldn't get channel number: %m");

package/network/services/ppp/patches/103-debian_fix_link_pidfile.patch

@@ -1,23 +0,0 @@
-pppd: Fix creation of linkpidfile
-
-When pppd is run without "nodetach" or with "updetach", the linkpidfile is
-never created. The call to create_linkpidfile() is protected by a check for
-linkpidfile[0] but this is only filled in when create_linkpidfile() is called.
-
-This patch changes to code to allways uncondiationally call
-create_linkpidfile(), it originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <[email protected]>
-
---- a/pppd/main.c
-+++ b/pppd/main.c
-@@ -780,8 +780,7 @@ detach()
- 	/* update pid files if they have been written already */
- 	if (pidfilename[0])
- 	    create_pidfile(pid);
--	if (linkpidfile[0])
--	    create_linkpidfile(pid);
-+	create_linkpidfile(pid);
- 	exit(0);		/* parent dies */
-     }
-     setsid();

package/network/services/ppp/patches/105-debian_demand.patch

@@ -18,7 +18,7 @@
  #ifdef PPP_FILTER
  #include <pcap-bpf.h>
  #endif
-@@ -220,6 +224,14 @@ loop_chars(p, n)
+@@ -218,6 +222,14 @@ loop_chars(unsigned char *p, int n)
      int c, rv;
  
      rv = 0;
@@ -33,14 +33,12 @@
      for (; n > 0; --n) {
  	c = *p++;
  	if (c == PPP_FLAG) {
-@@ -298,17 +310,102 @@ loop_frame(frame, len)
+@@ -294,16 +306,100 @@ loop_frame(unsigned char *frame, int len
   * loopback, now that the real serial link is up.
   */
  void
--demand_rexmit(proto)
-+demand_rexmit(proto, newip)
-     int proto;
-+    u_int32_t newip;
+-demand_rexmit(int proto)
++demand_rexmit(int proto, u_int32_t newip)
  {
      struct packet *pkt, *prev, *nextpkt;
 +    unsigned short checksum;
@@ -139,7 +137,7 @@
  	} else {
 --- a/pppd/ipcp.c
 +++ b/pppd/ipcp.c
-@@ -1882,7 +1882,7 @@ ipcp_up(f)
+@@ -1850,7 +1850,7 @@ ipcp_up(fsm *f)
  		    proxy_arp_set[f->unit] = 1;
  
  	}
@@ -150,7 +148,7 @@
      } else {
 --- a/pppd/ipv6cp.c
 +++ b/pppd/ipv6cp.c
-@@ -1258,7 +1258,7 @@ ipv6cp_up(f)
+@@ -1253,7 +1253,7 @@ ipv6cp_up(fsm *f)
  		if (sif6defaultroute(f->unit, go->ourid, ho->hisid))
  		    default_route_set[f->unit] = 1;
  	}
@@ -161,12 +159,12 @@
      } else {
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -602,7 +602,7 @@ void demand_conf __P((void));	/* config
- void demand_block __P((void));	/* set all NPs to queue up packets */
- void demand_unblock __P((void)); /* set all NPs to pass packets */
- void demand_discard __P((void)); /* set all NPs to discard packets */
--void demand_rexmit __P((int));	/* retransmit saved frames for an NP */
-+void demand_rexmit __P((int, u_int32_t)); /* retransmit saved frames for an NP*/
- int  loop_chars __P((unsigned char *, int)); /* process chars from loopback */
- int  loop_frame __P((unsigned char *, int)); /* should we bring link up? */
+@@ -598,7 +598,7 @@ void demand_conf(void);	/* config interf
+ void demand_block(void);	/* set all NPs to queue up packets */
+ void demand_unblock(void); /* set all NPs to pass packets */
+ void demand_discard(void); /* set all NPs to discard packets */
+-void demand_rexmit(int);	/* retransmit saved frames for an NP */
++void demand_rexmit(int, u_int32_t); /* retransmit saved frames for an NP*/
+ int  loop_chars(unsigned char *, int); /* process chars from loopback */
+ int  loop_frame(unsigned char *, int); /* should we bring link up? */
  

package/network/services/ppp/patches/106-debian_stripMSdomain.patch

@@ -1,47 +0,0 @@
-pppd: Implement option to strip domain part from MS CHAP response
-
-This patch implements a new boolean option "chapms-strip-domain" which
-strips the leading domain part of the username in a received MS Chap
-response.
-
-When the option is set, all leading chars up to and including the last
-backslash in the username are stripped. The option defaults to false.
-
-The patch originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <[email protected]>
-
---- a/pppd/chap-new.c
-+++ b/pppd/chap-new.c
-@@ -58,6 +58,7 @@ int (*chap_verify_hook)(char *name, char
- int chap_timeout_time = 3;
- int chap_max_transmits = 10;
- int chap_rechallenge_time = 0;
-+int chapms_strip_domain = 0;
- 
- /*
-  * Command-line options.
-@@ -69,6 +70,8 @@ static option_t chap_option_list[] = {
- 	  "Set max #xmits for challenge", OPT_PRIO },
- 	{ "chap-interval", o_int, &chap_rechallenge_time,
- 	  "Set interval for rechallenge", OPT_PRIO },
-+	{ "chapms-strip-domain", o_bool, &chapms_strip_domain,
-+	  "Strip the domain prefix before the Username", 1 },
- 	{ NULL }
- };
- 
-@@ -336,6 +339,14 @@ chap_handle_response(struct chap_server_
- 			/* Null terminate and clean remote name. */
- 			slprintf(rname, sizeof(rname), "%.*v", len, name);
- 			name = rname;
-+
-+			/* strip the MS domain name */
-+			if (chapms_strip_domain && strrchr(rname, '\\')) {
-+				char tmp[MAXNAMELEN+1];
-+
-+				strcpy(tmp, strrchr(rname, '\\') + 1);
-+				strcpy(rname, tmp);
-+			}
- 		}
- 
- 		if (chap_verify_hook)

package/network/services/ppp/patches/107-debian_pppoatm_wildcard.patch

@@ -1,25 +0,0 @@
-pppoatm: Allow wildcard ATM devices
-
-When operating pppd's pppoatm plugin with an USB ADSL modem, e.g. an
-Alcatel Speedtouch, the ATM device number might change when the modem is
-reconnected to the USB port or when the host controller resets the USB
-device.
-
-This patch allows to specify the ATM device as wildcard which gives
-enough flexibility to cope with changing device names.
-
-The patch originated from the Debain project.
-
-Signed-off-by: Jo-Philipp Wich <[email protected]>
-
---- a/pppd/plugins/pppoatm/pppoatm.c
-+++ b/pppd/plugins/pppoatm/pppoatm.c
-@@ -75,7 +75,7 @@ static int setdevname_pppoatm(const char
- 	//info("PPPoATM setdevname_pppoatm: '%s'", cp);
- 	memset(&addr, 0, sizeof addr);
- 	if (text2atm(cp, (struct sockaddr *) &addr, sizeof(addr),
--	    T2A_PVC | T2A_NAME) < 0) {
-+	    T2A_PVC | T2A_NAME | T2A_WILDCARD) < 0) {
-                if(doit)
-                    info("atm does not recognize: %s", cp);
- 		return 0;

package/network/services/ppp/patches/110-debian_defaultroute.patch

@@ -1,314 +0,0 @@
-pppd: Add "replacedefaultroute" and "noreplacedefaultroute" options
-
-This patch implements two new options, "replacedefaultroute" to replace any
-existing system default route when specified and "noreplacedefaultroute" to
-disable the "replacedefaultroute" option, which is useful in multi user
-environments where the administrator wants to allow users to dial pppd
-connections but not allow them to change the system default route.
-
-The patch originated from the Debian project.
-
-Signed-off-by: Jo-Philipp Wich <[email protected]>
-
---- a/pppd/ipcp.c
-+++ b/pppd/ipcp.c
-@@ -197,6 +197,14 @@ static option_t ipcp_option_list[] = {
-       "disable defaultroute option", OPT_ALIAS | OPT_A2CLR,
-       &ipcp_wantoptions[0].default_route },
- 
-+    { "replacedefaultroute", o_bool,
-+				&ipcp_wantoptions[0].replace_default_route,
-+      "Replace default route", 1
-+    },
-+    { "noreplacedefaultroute", o_bool,
-+				&ipcp_allowoptions[0].replace_default_route,
-+      "Never replace default route", OPT_A2COPY,
-+				&ipcp_wantoptions[0].replace_default_route },
-     { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp,
-       "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp },
-     { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp,
-@@ -270,7 +278,7 @@ struct protent ipcp_protent = {
-     ip_active_pkt
- };
- 
--static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t));
-+static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool));
- static void ipcp_script __P((char *, int));	/* Run an up/down script */
- static void ipcp_script_done __P((void *));
- 
-@@ -1760,7 +1768,8 @@ ip_demand_conf(u)
-     if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE))
- 	return 0;
-     if (wo->default_route)
--	if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr))
-+	if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr,
-+		wo->replace_default_route))
- 	    default_route_set[u] = 1;
-     if (wo->proxy_arp)
- 	if (sifproxyarp(u, wo->hisaddr))
-@@ -1848,7 +1857,8 @@ ipcp_up(f)
-      */
-     if (demand) {
- 	if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) {
--	    ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr);
-+	    ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr,
-+				      wo->replace_default_route);
- 	    if (go->ouraddr != wo->ouraddr) {
- 		warn("Local IP address changed to %I", go->ouraddr);
- 		script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0);
-@@ -1873,7 +1883,8 @@ ipcp_up(f)
- 
- 	    /* assign a default route through the interface if required */
- 	    if (ipcp_wantoptions[f->unit].default_route) 
--		if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
-+		if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
-+			wo->replace_default_route))
- 		    default_route_set[f->unit] = 1;
- 
- 	    /* Make a proxy ARP entry if requested. */
-@@ -1923,7 +1934,8 @@ ipcp_up(f)
- 
- 	/* assign a default route through the interface if required */
- 	if (ipcp_wantoptions[f->unit].default_route) 
--	    if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr))
-+	    if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr,
-+		    wo->replace_default_route))
- 		default_route_set[f->unit] = 1;
- 
- 	/* Make a proxy ARP entry if requested. */
-@@ -2001,7 +2013,7 @@ ipcp_down(f)
- 	sifnpmode(f->unit, PPP_IP, NPMODE_DROP);
- 	sifdown(f->unit);
- 	ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr,
--			 ipcp_hisoptions[f->unit].hisaddr);
-+			 ipcp_hisoptions[f->unit].hisaddr, 0);
-     }
- 
-     /* Execute the ip-down script */
-@@ -2017,16 +2029,25 @@ ipcp_down(f)
-  * proxy arp entries, etc.
-  */
- static void
--ipcp_clear_addrs(unit, ouraddr, hisaddr)
-+ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute)
-     int unit;
-     u_int32_t ouraddr;  /* local address */
-     u_int32_t hisaddr;  /* remote address */
-+    bool replacedefaultroute;
- {
-     if (proxy_arp_set[unit]) {
- 	cifproxyarp(unit, hisaddr);
- 	proxy_arp_set[unit] = 0;
-     }
--    if (default_route_set[unit]) {
-+    /* If replacedefaultroute, sifdefaultroute will be called soon
-+     * with replacedefaultroute set and that will overwrite the current
-+     * default route. This is the case only when doing demand, otherwise
-+     * during demand, this cifdefaultroute would restore the old default
-+     * route which is not what we want in this case. In the non-demand
-+     * case, we'll delete the default route and restore the old if there
-+     * is one saved by an sifdefaultroute with replacedefaultroute.
-+     */
-+    if (!replacedefaultroute && default_route_set[unit]) {
- 	cifdefaultroute(unit, ouraddr, hisaddr);
- 	default_route_set[unit] = 0;
-     }
---- a/pppd/ipcp.h
-+++ b/pppd/ipcp.h
-@@ -70,6 +70,7 @@ typedef struct ipcp_options {
-     bool old_addrs;		/* Use old (IP-Addresses) option? */
-     bool req_addr;		/* Ask peer to send IP address? */
-     bool default_route;		/* Assign default route through interface? */
-+    bool replace_default_route;	/* Replace default route through interface? */
-     bool proxy_arp;		/* Make proxy ARP entry for peer? */
-     bool neg_vj;		/* Van Jacobson Compression? */
-     bool old_vj;		/* use old (short) form of VJ option? */
---- a/pppd/pppd.8
-+++ b/pppd/pppd.8
-@@ -133,6 +133,11 @@ the gateway, when IPv6CP negotiation is
- This entry is removed when the PPP connection is broken.  This option
- is privileged if the \fInodefaultroute6\fR option has been specified.
- .TP
-+.B replacedefaultroute
-+This option is a flag to the defaultroute option. If defaultroute is
-+set and this flag is also set, pppd replaces an existing default route
-+with the new default route.
-+.TP
- .B disconnect \fIscript
- Execute the command specified by \fIscript\fR, by passing it to a
- shell, after
-@@ -756,7 +761,12 @@ disable both forms of hardware flow cont
- .TP
- .B nodefaultroute
- Disable the \fIdefaultroute\fR option.  The system administrator who
--wishes to prevent users from creating default routes with pppd
-+wishes to prevent users from adding a default route with pppd
-+can do so by placing this option in the /etc/ppp/options file.
-+.TP
-+.B noreplacedefaultroute
-+Disable the \fIreplacedefaultroute\fR option. The system administrator who
-+wishes to prevent users from replacing a default route with pppd
- can do so by placing this option in the /etc/ppp/options file.
- .TP
- .B nodefaultroute6
---- a/pppd/pppd.h
-+++ b/pppd/pppd.h
-@@ -684,7 +684,7 @@ int  sif6addr __P((int, eui64_t, eui64_t
- int  cif6addr __P((int, eui64_t, eui64_t));
- 				/* Remove an IPv6 address from i/f */
- #endif
--int  sifdefaultroute __P((int, u_int32_t, u_int32_t));
-+int  sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt));
- 				/* Create default route through i/f */
- int  cifdefaultroute __P((int, u_int32_t, u_int32_t));
- 				/* Delete default route through i/f */
---- a/pppd/sys-linux.c
-+++ b/pppd/sys-linux.c
-@@ -209,6 +209,8 @@ static int	if_is_up;	/* Interface has be
- static int	if6_is_up;	/* Interface has been marked up for IPv6, to help differentiate */
- static int	have_default_route;	/* Gateway for default route added */
- static int	have_default_route6;	/* Gateway for default IPv6 route added */
-+static struct	rtentry old_def_rt;	/* Old default route */
-+static int	default_rt_repl_rest;	/* replace and restore old default rt */
- static u_int32_t proxy_arp_addr;	/* Addr for proxy arp entry added */
- static char proxy_arp_dev[16];		/* Device for proxy arp entry */
- static u_int32_t our_old_addr;		/* for detecting address changes */
-@@ -1577,6 +1579,9 @@ static int read_route_table(struct rtent
- 	p = NULL;
-     }
- 
-+    SET_SA_FAMILY (rt->rt_dst,     AF_INET);
-+    SET_SA_FAMILY (rt->rt_gateway, AF_INET);
-+
-     SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16);
-     SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16);
-     SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16);
-@@ -1649,20 +1654,52 @@ int have_route_to(u_int32_t addr)
- /********************************************************************
-  *
-  * sifdefaultroute - assign a default route through the address given.
-- */
--
--int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway)
--{
--    struct rtentry rt;
--
--    if (defaultroute_exists(&rt, dfl_route_metric) && strcmp(rt.rt_dev, ifname) != 0) {
--	if (rt.rt_flags & RTF_GATEWAY)
--	    error("not replacing existing default route via %I with metric %d",
--		  SIN_ADDR(rt.rt_gateway), dfl_route_metric);
--	else
-+ *
-+ * If the global default_rt_repl_rest flag is set, then this function
-+ * already replaced the original system defaultroute with some other
-+ * route and it should just replace the current defaultroute with
-+ * another one, without saving the current route. Use: demand mode,
-+ * when pppd sets first a defaultroute it it's temporary ppp0 addresses
-+ * and then changes the temporary addresses to the addresses for the real
-+ * ppp connection when it has come up.
-+ */
-+
-+int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace)
-+{
-+    struct rtentry rt, tmp_rt;
-+    struct rtentry *del_rt = NULL;
-+
-+    if (default_rt_repl_rest) {
-+	/* We have already reclaced the original defaultroute, if we
-+	   are called again, we will delete the current default route
-+	   and set the new default route in this function.
-+	   - this is normally only the case the doing demand: */
-+	if (defaultroute_exists(&tmp_rt, dfl_route_metric))
-+	    del_rt = &tmp_rt;
-+    } else if (defaultroute_exists(&old_def_rt, dfl_route_metric) &&
-+	       strcmp(old_def_rt.rt_dev, ifname) != 0) {
-+	/* We did not yet replace an existing default route, let's
-+	   check if we should save and replace a default route: */
-+	if (old_def_rt.rt_flags & RTF_GATEWAY) {
-+	    if (!replace) {
-+		error("not replacing existing default route via %I with metric %d",
-+		      SIN_ADDR(old_def_rt.rt_gateway), dfl_route_metric);
-+		return 0;
-+	    } else {
-+		/* we need to copy rt_dev because we need it permanent too: */
-+		char *tmp_dev = malloc(strlen(old_def_rt.rt_dev) + 1);
-+		strcpy(tmp_dev, old_def_rt.rt_dev);
-+		old_def_rt.rt_dev = tmp_dev;
-+
-+		notice("replacing old default route to %s [%I] with metric %d",
-+			old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway),
-+		        dfl_route_metric);
-+		default_rt_repl_rest = 1;
-+		del_rt = &old_def_rt;
-+	    }
-+	} else
- 	    error("not replacing existing default route through %s with metric %d",
--		  rt.rt_dev, dfl_route_metric);
--	return 0;
-+		  old_def_rt.rt_dev, dfl_route_metric);
-     }
- 
-     memset (&rt, 0, sizeof (rt));
-@@ -1678,10 +1715,16 @@ int sifdefaultroute (int unit, u_int32_t
- 
-     rt.rt_flags = RTF_UP;
-     if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) {
--	if ( ! ok_error ( errno ))
-+	if (!ok_error(errno))
- 	    error("default route ioctl(SIOCADDRT): %m");
- 	return 0;
-     }
-+    if (default_rt_repl_rest && del_rt)
-+        if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) {
-+	    if (!ok_error(errno))
-+	        error("del old default route ioctl(SIOCDELRT): %m");
-+	    return 0;
-+        }
- 
-     have_default_route = 1;
-     return 1;
-@@ -1715,11 +1758,21 @@ int cifdefaultroute (int unit, u_int32_t
-     rt.rt_flags = RTF_UP;
-     if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) {
- 	if (still_ppp()) {
--	    if ( ! ok_error ( errno ))
-+	    if (!ok_error(errno))
- 		error("default route ioctl(SIOCDELRT): %m");
- 	    return 0;
- 	}
-     }
-+    if (default_rt_repl_rest) {
-+	notice("restoring old default route to %s [%I]",
-+		old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway));
-+        if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) {
-+	    if (!ok_error(errno))
-+	        error("restore default route ioctl(SIOCADDRT): %m");
-+	    return 0;
-+        }
-+        default_rt_repl_rest = 0;
-+    }
- 
-     return 1;
- }
---- a/pppd/sys-solaris.c
-+++ b/pppd/sys-solaris.c
-@@ -2120,12 +2120,18 @@ cifaddr(u, o, h)
-  * sifdefaultroute - assign a default route through the address given.
-  */
- int
--sifdefaultroute(u, l, g)
-+sifdefaultroute(u, l, g, replace)
-     int u;
-     u_int32_t l, g;
-+    bool replace;
- {
-     struct rtentry rt;
- 
-+    if (replace) {
-+	error("replacedefaultroute not supported on this platform");
-+	return 0;
-+    }
-+
- #if defined(__USLC__)
-     g = l;			/* use the local address as gateway */
- #endif

package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch

@@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -308,6 +308,8 @@ main(argc, argv)
+@@ -295,6 +295,8 @@ main(int argc, char *argv[])
  
      strlcpy(path_ipup, _PATH_IPUP, sizeof(path_ipup));
      strlcpy(path_ipdown, _PATH_IPDOWN, sizeof(path_ipdown));
@@ -23,16 +23,16 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      new_phase(PHASE_INITIALIZE);
 --- a/pppd/options.c
 +++ b/pppd/options.c
-@@ -119,6 +119,8 @@ int	req_unit = -1;		/* requested interfa
- char	req_ifname[MAXIFNAMELEN];	/* requested interface name */
+@@ -118,6 +118,8 @@ int	req_unit = -1;		/* requested interfa
  char	path_ipup[MAXPATHLEN];	/* pathname of ip-up script */
  char	path_ipdown[MAXPATHLEN];/* pathname of ip-down script */
+ char	req_ifname[MAXIFNAMELEN];	/* requested interface name */
 +char	path_ipv6up[MAXPATHLEN];	/* pathname of ipv6-up script */
 +char	path_ipv6down[MAXPATHLEN];/* pathname of ipv6-down script */
  bool	multilink = 0;		/* Enable multilink operation */
  char	*bundle_name = NULL;	/* bundle name for multilink */
  bool	dump_options;		/* print out option values */
-@@ -325,6 +327,13 @@ option_t general_options[] = {
+@@ -324,6 +326,13 @@ option_t general_options[] = {
        "Set pathname of ip-down script",
        OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
  
@@ -48,7 +48,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
        "Enable multilink operation", OPT_PRIO | 1 },
 --- a/pppd/ipv6cp.c
 +++ b/pppd/ipv6cp.c
-@@ -1300,7 +1300,7 @@ ipv6cp_up(f)
+@@ -1295,7 +1295,7 @@ ipv6cp_up(fsm *f)
       */
      if (ipv6cp_script_state == s_down && ipv6cp_script_pid == 0) {
  	ipv6cp_script_state = s_up;
@@ -57,7 +57,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      }
  }
  
-@@ -1352,7 +1352,7 @@ ipv6cp_down(f)
+@@ -1346,7 +1346,7 @@ ipv6cp_down(fsm *f)
      /* Execute the ipv6-down script */
      if (ipv6cp_script_state == s_up && ipv6cp_script_pid == 0) {
  	ipv6cp_script_state = s_down;
@@ -66,7 +66,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      }
  }
  
-@@ -1395,13 +1395,13 @@ ipv6cp_script_done(arg)
+@@ -1384,13 +1384,13 @@ ipv6cp_script_done(void *arg)
      case s_up:
  	if (ipv6cp_fsm[0].state != OPENED) {
  	    ipv6cp_script_state = s_down;
@@ -84,10 +84,10 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      }
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -337,6 +337,8 @@ extern int	req_unit;	/* interface unit n
- extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */
+@@ -328,6 +328,8 @@ extern int	req_unit;	/* interface unit n
  extern char	path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
  extern char	path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
+ extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */
 +extern char	path_ipv6up[MAXPATHLEN]; /* pathname of ipv6-up script */
 +extern char	path_ipv6down[MAXPATHLEN]; /* pathname of ipv6-down script */
  extern bool	multilink;	/* enable multilink operation */

package/network/services/ppp/patches/140-pppoe_compile_fix.patch

@@ -1,36 +0,0 @@
---- a/pppd/plugins/rp-pppoe/pppoe.h
-+++ b/pppd/plugins/rp-pppoe/pppoe.h
-@@ -48,11 +48,7 @@
- #include <netinet/in.h>
- 
- /* Ugly header files on some Linux boxes... */
--#if defined(HAVE_LINUX_IF_H)
--#include <linux/if.h>
--#elif defined(HAVE_NET_IF_H)
- #include <net/if.h>
--#endif
- 
- #ifdef HAVE_NET_IF_TYPES_H
- #include <net/if_types.h>
-@@ -80,20 +76,7 @@ typedef unsigned long UINT32_t;
- #error Could not find a 32-bit integer type
- #endif
- 
--#ifdef HAVE_LINUX_IF_ETHER_H
--#include <linux/if_ether.h>
--#endif
--
--#ifdef HAVE_NETINET_IF_ETHER_H
--#include <sys/types.h>
--
--#ifdef HAVE_SYS_SOCKET_H
--#include <sys/socket.h>
--#endif
--#ifndef HAVE_SYS_DLPI_H
--#include <netinet/if_ether.h>
--#endif
--#endif
-+#include <net/ethernet.h>
- 
- 
- /* Ethernet frame types according to RFC 2516 */

package/network/services/ppp/patches/200-makefile.patch

@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -48,7 +48,7 @@ MPPE=y
+@@ -49,7 +49,7 @@ MPPE=y
  # Uncomment the next line to include support for PPP packet filtering.
  # This requires that the libpcap library and headers be installed
  # and that the kernel driver support PPP packet filtering.
@@ -16,7 +16,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
  # Uncomment the next line to enable multilink PPP (enabled by default)
  # Linux distributions: Please leave multilink ENABLED in your builds
-@@ -58,7 +58,7 @@ HAVE_MULTILINK=y
+@@ -59,7 +59,7 @@ HAVE_MULTILINK=y
  # Uncomment the next line to enable the TDB database (enabled by default.)
  # If you enable multilink, then TDB is automatically enabled also.
  # Linux distributions: Please leave TDB ENABLED in your builds.
@@ -25,21 +25,28 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
  # Uncomment the next line to enable Type=notify services in systemd
  # If enabled, and the user sets the up_sdnotify option, then
-@@ -85,7 +85,7 @@ MAXOCTETS=y
+@@ -85,13 +85,13 @@ USE_LIBUTIL=y
+ endif
+ 
+ # Enable EAP-TLS authentication (requires MPPE support, libssl and libcrypto)
+-USE_EAPTLS=y
++#USE_EAPTLS=y
+ 
+ MAXOCTETS=y
  
  INCLUDE_DIRS= -I../include
  
--COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP
-+COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP
+-COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe
++COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP -pipe
  
  CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
  
-@@ -126,10 +126,10 @@ CFLAGS   += -DHAS_SHADOW
+@@ -143,10 +143,10 @@ CFLAGS   += -DHAS_SHADOW
  #LIBS     += -lshadow $(LIBS)
  endif
  
--ifneq ($(wildcard $(shell $(CC) --print-sysroot)/usr/include/crypt.h),)
-+#ifneq ($(wildcard $(shell $(CC) --print-sysroot)/usr/include/crypt.h),)
+-ifeq ($(shell echo '\#include <crypt.h>' | $(CC) -E - >/dev/null 2>&1 && echo yes),yes)
++#ifeq ($(shell echo '\#include <crypt.h>' | $(CC) -E - >/dev/null 2>&1 && echo yes),yes)
  CFLAGS  += -DHAVE_CRYPT_H=1
  LIBS	+= -lcrypt
 -endif

package/network/services/ppp/patches/201-mppe_mppc_1.1.patch

@@ -88,7 +88,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
   */
 --- a/pppd/ccp.c
 +++ b/pppd/ccp.c
-@@ -61,12 +61,10 @@ static int setdeflate __P((char **));
+@@ -61,12 +61,10 @@ static int setdeflate (char **);
  static char bsd_value[8];
  static char deflate_value[8];
  
@@ -197,7 +197,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
  /*
   * Local state (mainly for handling reset-reqs and reset-acks).
-@@ -343,6 +323,100 @@ setdeflate(argv)
+@@ -341,6 +321,100 @@ setdeflate(char **argv)
      return 1;
  }
  
@@ -298,7 +298,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  /*
   * ccp_init - initialize CCP.
   */
-@@ -377,6 +451,30 @@ ccp_init(unit)
+@@ -374,6 +448,30 @@ ccp_init(int unit)
      ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS;
  
      ccp_allowoptions[0].predictor_1 = 1;
@@ -329,7 +329,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  }
  
  /*
-@@ -454,11 +552,11 @@ ccp_input(unit, p, len)
+@@ -443,11 +541,11 @@ ccp_input(int unit, u_char *p, int len)
      if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) {
  	notice("Compression disabled by peer.");
  #ifdef MPPE
@@ -343,7 +343,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      }
  
      /*
-@@ -486,6 +584,15 @@ ccp_extcode(f, code, id, p, len)
+@@ -471,6 +569,15 @@ ccp_extcode(fsm *f, int code, int id, u_
  	    break;
  	/* send a reset-ack, which the transmitter will see and
  	   reset its compression state. */
@@ -359,7 +359,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  	fsm_sdata(f, CCP_RESETACK, id, NULL, 0);
  	break;
  
-@@ -514,12 +621,11 @@ ccp_protrej(unit)
+@@ -498,12 +605,11 @@ ccp_protrej(int unit)
      fsm_lowerdown(&ccp_fsm[unit]);
  
  #ifdef MPPE
@@ -374,7 +374,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  }
  
  /*
-@@ -536,7 +642,7 @@ ccp_resetci(f)
+@@ -519,7 +625,7 @@ ccp_resetci(fsm *f)
      all_rejected[f->unit] = 0;
  
  #ifdef MPPE
@@ -382,11 +382,27 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 +    if (go->mppe || go->mppc) {
  	ccp_options *ao = &ccp_allowoptions[f->unit];
  	int auth_mschap_bits = auth_done[f->unit];
- 	int numbits;
-@@ -550,80 +656,109 @@ ccp_resetci(f)
+ #ifdef USE_EAPTLS
+@@ -536,95 +642,124 @@ ccp_resetci(fsm *f)
  	 * NB: If MPPE is required, all other compression opts are invalid.
  	 *     So, we return right away if we can't do it.
  	 */
+-
+-	/* Leave only the mschap auth bits set */
+-	auth_mschap_bits &= (CHAP_MS_WITHPEER  | CHAP_MS_PEER |
+-			     CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
+-	/* Count the mschap auths */
+-	auth_mschap_bits >>= CHAP_MS_SHIFT;
+-	numbits = 0;
+-	do {
+-	    numbits += auth_mschap_bits & 1;
+-	    auth_mschap_bits >>= 1;
+-	} while (auth_mschap_bits);
+-	if (numbits > 1) {
+-	    error("MPPE required, but auth done in both directions.");
+-	    lcp_close(f->unit, "MPPE required but not available");
+-	    return;
+-	}
 +	if (ccp_wantoptions[f->unit].mppe) {
 +	    /* Leave only the mschap auth bits set */
 +	    auth_mschap_bits &= (CHAP_MS_WITHPEER  | CHAP_MS_PEER |
@@ -403,33 +419,42 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 +		lcp_close(f->unit, "MPPE required but not available");
 +		return;
 +	    }
-+	    if (!numbits) {
-+		error("MPPE required, but MS-CHAP[v2] auth not performed.");
-+		lcp_close(f->unit, "MPPE required but not available");
-+		return;
-+	    }
  
--	/* Leave only the mschap auth bits set */
--	auth_mschap_bits &= (CHAP_MS_WITHPEER  | CHAP_MS_PEER |
--			     CHAP_MS2_WITHPEER | CHAP_MS2_PEER);
--	/* Count the mschap auths */
--	auth_mschap_bits >>= CHAP_MS_SHIFT;
--	numbits = 0;
--	do {
--	    numbits += auth_mschap_bits & 1;
--	    auth_mschap_bits >>= 1;
--	} while (auth_mschap_bits);
--	if (numbits > 1) {
--	    error("MPPE required, but auth done in both directions.");
--	    lcp_close(f->unit, "MPPE required but not available");
--	    return;
--	}
+ #ifdef USE_EAPTLS
+-    /*
+-     * MPPE is also possible in combination with EAP-TLS.
+-     * It is not possible to detect if we're doing EAP or EAP-TLS
+-     * at this stage, hence we accept all forms of EAP. If TLS is
+-     * not used then the MPPE keys will not be derived anyway.
+-     */
+-	/* Leave only the eap auth bits set */
+-	auth_eap_bits &= (EAP_WITHPEER | EAP_PEER );
++	    /*
++	     * MPPE is also possible in combination with EAP-TLS.
++	     * It is not possible to detect if we're doing EAP or EAP-TLS
++	     * at this stage, hence we accept all forms of EAP. If TLS is
++	     * not used then the MPPE keys will not be derived anyway.
++	     */
++		/* Leave only the eap auth bits set */
++		auth_eap_bits &= (EAP_WITHPEER | EAP_PEER );
+ 
+-	if ((numbits == 0) && (auth_eap_bits == 0)) {
+-	    error("MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.");
++		if ((numbits == 0) && (auth_eap_bits == 0)) {
++		    error("MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.");
+ #else
 -	if (!numbits) {
 -	    error("MPPE required, but MS-CHAP[v2] auth not performed.");
++	    if (!numbits) {
++		error("MPPE required, but MS-CHAP[v2] auth not performed.");
+ #endif
 -	    lcp_close(f->unit, "MPPE required but not available");
 -	    return;
 -	}
--
++		lcp_close(f->unit, "MPPE required but not available");
++		return;
++	    }
+ 
 -	/* A plugin (eg radius) may not have obtained key material. */
 -	if (!mppe_keys_set) {
 -	    error("MPPE required, but keys are not available.  "
@@ -559,7 +584,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      if (go->bsd_compress) {
  	opt_buf[0] = CI_BSD_COMPRESS;
  	opt_buf[1] = CILEN_BSD_COMPRESS;
-@@ -679,7 +814,8 @@ ccp_cilen(f)
+@@ -679,7 +814,8 @@ static int
  	+ (go->deflate && go->deflate_draft? CILEN_DEFLATE: 0)
  	+ (go->predictor_1? CILEN_PREDICTOR_1: 0)
  	+ (go->predictor_2? CILEN_PREDICTOR_2: 0)
@@ -569,7 +594,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  }
  
  /*
-@@ -693,6 +829,8 @@ ccp_addci(f, p, lenp)
+@@ -690,6 +826,8 @@ static void
  {
      int res;
      ccp_options *go = &ccp_gotoptions[f->unit];
@@ -578,7 +603,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      u_char *p0 = p;
  
      /*
-@@ -701,22 +839,43 @@ ccp_addci(f, p, lenp)
+@@ -698,22 +836,43 @@ static void
       * in case it gets Acked.
       */
  #ifdef MPPE
@@ -631,7 +656,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      if (go->deflate) {
  	p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT;
  	p[1] = CILEN_DEFLATE;
-@@ -802,7 +961,7 @@ ccp_addci(f, p, lenp)
+@@ -799,30 +958,50 @@ static void
  
  /*
   * ccp_ackci - process a received configure-ack, and return
@@ -639,9 +664,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 + * 1 if the packet was OK.
   */
  static int
- ccp_ackci(f, p, len)
-@@ -811,24 +970,44 @@ ccp_ackci(f, p, len)
-     int len;
+   ccp_ackci(fsm *f, u_char *p, int len)
  {
      ccp_options *go = &ccp_gotoptions[f->unit];
 +    ccp_options *ao = &ccp_allowoptions[f->unit];
@@ -694,8 +717,8 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      if (go->deflate) {
  	if (len < CILEN_DEFLATE
  	    || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
-@@ -901,6 +1080,8 @@ ccp_nakci(f, p, len, treat_as_reject)
-     int treat_as_reject;
+@@ -891,6 +1070,8 @@ static int
+   ccp_nakci(fsm *f, u_char *p, int len, int treat_as_reject)
  {
      ccp_options *go = &ccp_gotoptions[f->unit];
 +    ccp_options *ao = &ccp_allowoptions[f->unit];
@@ -703,7 +726,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      ccp_options no;		/* options we've seen already */
      ccp_options try;		/* options to ask for next time */
  
-@@ -908,28 +1089,100 @@ ccp_nakci(f, p, len, treat_as_reject)
+@@ -898,28 +1079,100 @@ static int
      try = *go;
  
  #ifdef MPPE
@@ -822,7 +845,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      if (go->deflate && len >= CILEN_DEFLATE
  	&& p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT)
  	&& p[1] == CILEN_DEFLATE) {
-@@ -1002,14 +1255,50 @@ ccp_rejci(f, p, len)
+@@ -989,14 +1242,50 @@ ccp_rejci(fsm *f, u_char *p, int len)
  	return -1;
  
  #ifdef MPPE
@@ -877,8 +900,8 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      if (go->deflate_correct && len >= CILEN_DEFLATE
  	&& p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) {
  	if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size)
-@@ -1073,14 +1362,15 @@ ccp_reqci(f, p, lenp, dont_nak)
-     int dont_nak;
+@@ -1056,14 +1345,15 @@ static int
+ ccp_reqci(fsm *f, u_char *p, int *lenp, int dont_nak)
  {
      int ret, newret, res;
 -    u_char *p0, *retp;
@@ -897,7 +920,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
      ret = CONFACK;
      retp = p0 = p;
-@@ -1103,106 +1393,302 @@ ccp_reqci(f, p, lenp, dont_nak)
+@@ -1086,106 +1376,302 @@ ccp_reqci(fsm *f, u_char *p, int *lenp,
  	    switch (type) {
  #ifdef MPPE
  	    case CI_MPPE:
@@ -910,10 +933,6 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 -
 -		/* Nak if anything unsupported or unknown are set. */
 -		if (ho->mppe & MPPE_OPT_UNSUPPORTED) {
--		    newret = CONFNAK;
--		    ho->mppe &= ~MPPE_OPT_UNSUPPORTED;
--		}
--		if (ho->mppe & MPPE_OPT_UNKNOWN) {
 + 		p2 = p[2];
 + 		p5 = p[5];
 + 		/* not sure what they want, tell 'em what we got */
@@ -922,6 +941,10 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 + 			       MPPE_MPPC)) != 0 || p[5] == 0) ||
 + 		    (p[2] == 0 && p[3] == 0 && p[4] == 0 &&  p[5] == 0)) {
  		    newret = CONFNAK;
+-		    ho->mppe &= ~MPPE_OPT_UNSUPPORTED;
+-		}
+-		if (ho->mppe & MPPE_OPT_UNKNOWN) {
+-		    newret = CONFNAK;
 -		    ho->mppe &= ~MPPE_OPT_UNKNOWN;
 -		}
 -
@@ -1293,7 +1316,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  	    case CI_DEFLATE:
  	    case CI_DEFLATE_DRAFT:
  		if (!ao->deflate || clen != CILEN_DEFLATE
-@@ -1344,12 +1830,6 @@ ccp_reqci(f, p, lenp, dont_nak)
+@@ -1327,12 +1813,6 @@ ccp_reqci(fsm *f, u_char *p, int *lenp,
  	else
  	    *lenp = retp - p0;
      }
@@ -1306,7 +1329,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      return ret;
  }
  
-@@ -1371,24 +1851,35 @@ method_name(opt, opt2)
+@@ -1353,24 +1833,35 @@ method_name(ccp_options *opt, ccp_option
  	char *p = result;
  	char *q = result + sizeof(result); /* 1 past result */
  
@@ -1358,7 +1381,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      case CI_DEFLATE:
      case CI_DEFLATE_DRAFT:
  	if (opt2 != NULL && opt2->deflate_size != opt->deflate_size)
-@@ -1444,12 +1935,12 @@ ccp_up(f)
+@@ -1425,12 +1916,12 @@ ccp_up(fsm *f)
      } else if (ANY_COMPRESS(*ho))
  	notice("%s transmit compression enabled", method_name(ho, NULL));
  #ifdef MPPE
@@ -1373,7 +1396,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  }
  
  /*
-@@ -1472,7 +1963,7 @@ ccp_down(f)
+@@ -1452,7 +1943,7 @@ ccp_down(fsm *f)
  	    lcp_close(f->unit, "MPPE disabled");
  	}
      }
@@ -1382,7 +1405,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  }
  
  /*
-@@ -1532,24 +2023,28 @@ ccp_printpkt(p, plen, printer, arg)
+@@ -1509,24 +2000,28 @@ ccp_printpkt(u_char *p, int plen,
  #ifdef MPPE
  	    case CI_MPPE:
  		if (optlen >= CILEN_MPPE) {
@@ -1423,7 +1446,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  	    case CI_DEFLATE:
  	    case CI_DEFLATE_DRAFT:
  		if (optlen >= CILEN_DEFLATE) {
-@@ -1635,6 +2130,7 @@ ccp_datainput(unit, pkt, len)
+@@ -1609,6 +2104,7 @@ ccp_datainput(int unit, u_char *pkt, int
  	    error("Lost compression sync: disabling compression");
  	    ccp_close(unit, "Lost compression sync");
  #ifdef MPPE
@@ -1431,7 +1454,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  	    /*
  	     * If we were doing MPPE, we must also take the link down.
  	     */
-@@ -1642,9 +2138,18 @@ ccp_datainput(unit, pkt, len)
+@@ -1616,9 +2112,18 @@ ccp_datainput(int unit, u_char *pkt, int
  		error("Too many MPPE errors, closing LCP");
  		lcp_close(unit, "Too many MPPE errors");
  	    }

package/network/services/ppp/patches/202-no_strip.patch

@@ -1,88 +0,0 @@
-build: Do not strip binaries on install
-
-Strippign executables should be handled by the distro packaging, not by ppp
-itself. This patch removes the "-s" (strip) switch from all "install" commands
-in order to install unstripped binaries into the destination prefix.
-
-Signed-off-by: Jo-Philipp Wich <[email protected]>
-
---- a/chat/Makefile.linux
-+++ b/chat/Makefile.linux
-@@ -25,7 +25,7 @@ chat.o:	chat.c
- 
- install: chat
- 	mkdir -p $(BINDIR) $(MANDIR)
--	$(INSTALL) -s -c chat $(BINDIR)
-+	$(INSTALL) -c chat $(BINDIR)
- 	$(INSTALL) -c -m 644 chat.8 $(MANDIR)
- 
- clean:
---- a/pppd/Makefile.linux
-+++ b/pppd/Makefile.linux
-@@ -108,7 +108,7 @@ ifdef USE_SRP
- CFLAGS	+= -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
- LIBS	+= -lsrp -L/usr/local/ssl/lib -lcrypto
- TARGETS	+= srp-entry
--EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry
-+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry
- MANPAGES += srp-entry.8
- EXTRACLEAN += srp-entry.o
- NEEDDES=y
-@@ -220,7 +220,7 @@ all: $(TARGETS)
- install: pppd
- 	mkdir -p $(BINDIR) $(MANDIR)
- 	$(EXTRAINSTALL)
--	$(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd
-+	$(INSTALL) -c -m 555 pppd $(BINDIR)/pppd
- 	if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \
- 	  chmod o-rx,u+s $(BINDIR)/pppd; fi
- 	$(INSTALL) -c -m 444 pppd.8 $(MANDIR)
---- a/pppd/plugins/radius/Makefile.linux
-+++ b/pppd/plugins/radius/Makefile.linux
-@@ -36,9 +36,9 @@ all: $(PLUGIN)
- 
- install: all
- 	$(INSTALL) -d -m 755 $(LIBDIR)
--	$(INSTALL) -s -c -m 755 radius.so $(LIBDIR)
--	$(INSTALL) -s -c -m 755 radattr.so $(LIBDIR)
--	$(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR)
-+	$(INSTALL) -c -m 755 radius.so $(LIBDIR)
-+	$(INSTALL) -c -m 755 radattr.so $(LIBDIR)
-+	$(INSTALL) -c -m 755 radrealms.so $(LIBDIR)
- 	$(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)
- 	$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
- 
---- a/pppd/plugins/rp-pppoe/Makefile.linux
-+++ b/pppd/plugins/rp-pppoe/Makefile.linux
-@@ -43,9 +43,9 @@ rp-pppoe.so: plugin.o discovery.o if.o c
- 
- install: all
- 	$(INSTALL) -d -m 755 $(LIBDIR)
--	$(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR)
-+	$(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR)
- 	$(INSTALL) -d -m 755 $(BINDIR)
--	$(INSTALL) -s -c -m 555 pppoe-discovery $(BINDIR)
-+	$(INSTALL) -c -m 555 pppoe-discovery $(BINDIR)
- 
- clean:
- 	rm -f *.o *.so pppoe-discovery
---- a/pppdump/Makefile.linux
-+++ b/pppdump/Makefile.linux
-@@ -17,5 +17,5 @@ clean:
- 
- install:
- 	mkdir -p $(BINDIR) $(MANDIR)
--	$(INSTALL) -s -c pppdump $(BINDIR)
-+	$(INSTALL) -c pppdump $(BINDIR)
- 	$(INSTALL) -c -m 444 pppdump.8 $(MANDIR)
---- a/pppstats/Makefile.linux
-+++ b/pppstats/Makefile.linux
-@@ -22,7 +22,7 @@ all: pppstats
- 
- install: pppstats
- 	-mkdir -p $(MANDIR)
--	$(INSTALL) -s -c pppstats $(BINDIR)
-+	$(INSTALL) -c pppstats $(BINDIR)
- 	$(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
- 
- pppstats: $(PPPSTATSRCS)

package/network/services/ppp/patches/203-opt_flags.patch

@@ -8,17 +8,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/plugins/radius/Makefile.linux
 +++ b/pppd/plugins/radius/Makefile.linux
-@@ -12,7 +12,8 @@ VERSION = $(shell awk -F '"' '/VERSION/
- INSTALL	= install
- 
- PLUGIN=radius.so radattr.so radrealms.so
--CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
-+COPTS = -O2
-+CFLAGS=-I. -I../.. -I../../../include $(COPTS) -fPIC -DRC_LOG_FACILITY=LOG_DAEMON
- 
- # Uncomment the next line to include support for Microsoft's
- # MS-CHAP authentication protocol.
-@@ -43,13 +44,13 @@ install: all
+@@ -47,13 +47,13 @@ install: all
  	$(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
  
  radius.so: radius.o libradiusclient.a
@@ -35,26 +25,14 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
  CLIENTOBJS = avpair.o buildreq.o config.o dict.o ip_util.o \
  	clientid.o sendserver.o lock.o util.o md5.o
---- a/pppdump/Makefile.linux
-+++ b/pppdump/Makefile.linux
-@@ -2,7 +2,8 @@ DESTDIR = $(INSTROOT)@DESTDIR@
- BINDIR = $(DESTDIR)/sbin
- MANDIR = $(DESTDIR)/share/man/man8
- 
--CFLAGS= -O -I../include/net
-+COPTS = -O
-+CFLAGS= $(COPTS) -I../include/net
- OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
- 
- INSTALL= install
---- a/pppd/plugins/rp-pppoe/Makefile.linux
-+++ b/pppd/plugins/rp-pppoe/Makefile.linux
-@@ -39,7 +39,7 @@ debug.o: debug.c
+--- a/pppd/plugins/pppoe/Makefile.linux
++++ b/pppd/plugins/pppoe/Makefile.linux
+@@ -38,7 +38,7 @@ debug.o: debug.c
  	$(CC) $(CFLAGS) -I../../.. -c -o debug.o debug.c
  
- rp-pppoe.so: plugin.o discovery.o if.o common.o
--	$(CC) $(LDFLAGS) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
-+	$(CC) $(LDFLAGS) -fPIC -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
+ pppoe.so: plugin.o discovery.o if.o common.o
+-	$(CC) $(LDFLAGS) -o pppoe.so -shared plugin.o discovery.o if.o common.o
++	$(CC) $(LDFLAGS) -fPIC -o pppoe.so -shared plugin.o discovery.o if.o common.o
  
  install: all
  	$(INSTALL) -d -m 755 $(LIBDIR)

package/network/services/ppp/patches/205-no_exponential_timeout.patch

@@ -5,8 +5,8 @@ discovery attempts.
 
 Signed-off-by: Jo-Philipp Wich <[email protected]>
 
---- a/pppd/plugins/rp-pppoe/discovery.c
-+++ b/pppd/plugins/rp-pppoe/discovery.c
+--- a/pppd/plugins/pppoe/discovery.c
++++ b/pppd/plugins/pppoe/discovery.c
 @@ -632,7 +632,9 @@ discovery(PPPoEConnection *conn)
  	conn->discoveryState = STATE_SENT_PADI;
  	waitForPADO(conn, timeout);

package/network/services/ppp/patches/207-lcp_mtu_max.patch

@@ -8,7 +8,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/lcp.c
 +++ b/pppd/lcp.c
-@@ -1916,12 +1916,12 @@ lcp_up(f)
+@@ -1862,12 +1862,12 @@ lcp_up(fsm *f)
       * the interface MTU is set to the lowest of that, the
       * MTU we want to use, and our link MRU.
       */

package/network/services/ppp/patches/208-fix_status_code.patch

@@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -1052,7 +1052,8 @@ get_input()
+@@ -1034,7 +1034,8 @@ get_input(void)
  	}
  	notice("Modem hangup");
  	hungup = 1;

package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch

@@ -7,14 +7,14 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -190,8 +190,8 @@ endif
+@@ -210,8 +210,8 @@ LIBS	+= -ldl
+ endif
  
  ifdef FILTER
- ifneq ($(wildcard /usr/include/pcap-bpf.h),)
 -LIBS    += -lpcap
 -CFLAGS  += -DPPP_FILTER
 +LIBS    += -lpcap -L$(STAGING_DIR)/usr/lib
 +CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)/usr/include
  endif
- endif
  
+ ifdef HAVE_INET6

package/network/services/ppp/patches/310-precompile_filter.patch

@@ -13,7 +13,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -50,6 +50,9 @@ MPPE=y
+@@ -51,6 +51,9 @@ MPPE=y
  # and that the kernel driver support PPP packet filtering.
  #FILTER=y
  
@@ -23,8 +23,8 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  # Uncomment the next line to enable multilink PPP (enabled by default)
  # Linux distributions: Please leave multilink ENABLED in your builds
  # of pppd!
-@@ -195,6 +198,14 @@ CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)
- endif
+@@ -214,6 +217,14 @@ LIBS    += -lpcap -L$(STAGING_DIR)/usr/l
+ CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)/usr/include
  endif
  
 +ifdef PRECOMPILED_FILTER
@@ -40,7 +40,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
       HEADERS  += ipv6cp.h eui64.h
 --- a/pppd/options.c
 +++ b/pppd/options.c
-@@ -57,6 +57,7 @@
+@@ -56,6 +56,7 @@
  
  #ifdef PPP_FILTER
  #include <pcap.h>
@@ -48,21 +48,21 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  /*
   * There have been 3 or 4 different names for this in libpcap CVS, but
   * this seems to be what they have settled on...
-@@ -169,6 +170,13 @@ static int setlogfile __P((char **));
- static int loadplugin __P((char **));
+@@ -168,6 +169,13 @@ static int setlogfile(char **);
+ static int loadplugin(char **);
  #endif
  
 +#ifdef PPP_PRECOMPILED_FILTER
 +#include "pcap_pcc.h"
-+static int setprecompiledpassfilter __P((char **));
-+static int setprecompiledactivefilter __P((char **));
++static int setprecompiledpassfilter(char **);
++static int setprecompiledactivefilter(char **);
 +#undef PPP_FILTER
 +#endif
 +
  #ifdef PPP_FILTER
- static int setpassfilter __P((char **));
- static int setactivefilter __P((char **));
-@@ -361,6 +369,14 @@ option_t general_options[] = {
+ static int setpassfilter(char **);
+ static int setactivefilter(char **);
+@@ -360,6 +368,14 @@ option_t general_options[] = {
        "set filter for active pkts", OPT_PRIO },
  #endif
  
@@ -77,7 +77,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  #ifdef MAXOCTETS
      { "maxoctets", o_int, &maxoctets,
        "Set connection traffic limit",
-@@ -1516,6 +1532,29 @@ callfile(argv)
+@@ -1468,6 +1484,27 @@ callfile(char **argv)
      return ok;
  }
  
@@ -87,8 +87,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 + * precompiled expression
 + */
 +static int
-+setprecompiledpassfilter(argv)
-+    char **argv;
++setprecompiledpassfilter(char **argv)
 +{
 +    return pcap_pre_compiled (*argv, &pass_filter);
 +}
@@ -97,8 +96,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 + * setactivefilter - Set the active filter for packets
 + */
 +static int
-+setprecompiledactivefilter(argv)
-+    char **argv;
++setprecompiledactivefilter(char **argv)
 +{
 +    return pcap_pre_compiled (*argv, &active_filter);
 +}

package/network/services/ppp/patches/321-multilink_support_custom_iface_names.patch

@@ -16,17 +16,17 @@ Signed-off-by: George Kashperko <[email protected]>
  
  #include "pppd.h"
  #include "fsm.h"
-@@ -56,7 +57,8 @@ static void iterate_bundle_links __P((vo
+@@ -56,7 +57,8 @@ static void iterate_bundle_links(void (*
  
- static int get_default_epdisc __P((struct epdisc *));
- static int parse_num __P((char *str, const char *key, int *valp));
--static int owns_unit __P((TDB_DATA pid, int unit));
-+static int parse_str __P((char *str, const char *key, char *buf, int buflen));
-+static int owns_link __P((TDB_DATA pid, char *ifname));
+ static int get_default_epdisc(struct epdisc *);
+ static int parse_num(char *str, const char *key, int *valp);
+-static int owns_unit(TDB_DATA pid, int unit);
++static int parse_str(char *str, const char *key, char *buf, int buflen);
++static int owns_link(TDB_DATA pid, char *ifname);
  
  #define set_ip_epdisc(ep, addr) do {	\
  	ep->length = 4;			\
-@@ -197,35 +199,38 @@ mp_join_bundle()
+@@ -197,35 +199,38 @@ mp_join_bundle(void)
  	key.dptr = bundle_id;
  	key.dsize = p - bundle_id;
  	pid = tdb_fetch(pppdb, key);
@@ -73,16 +73,12 @@ Signed-off-by: George Kashperko <[email protected]>
  	}
  
  	/* we have to make a new bundle */
-@@ -408,22 +413,45 @@ parse_num(str, key, valp)
+@@ -405,20 +410,39 @@ parse_num(char *str, const char *key, in
  	return 0;
  }
  
 +static int
-+parse_str(str, key, buf, buflen)
-+     char *str;
-+     const char *key;
-+     char *buf;
-+     int buflen;
++parse_str(char *str, const char *key, char *buf, int buflen)
 +{
 +	char *p, *endp;
 +	int i;
@@ -103,11 +99,8 @@ Signed-off-by: George Kashperko <[email protected]>
 + * Check whether the pppd identified by `key' still owns ppp link `ifname'.
   */
  static int
--owns_unit(key, unit)
-+owns_link(key, ifname)
-      TDB_DATA key;
--     int unit;
-+     char *ifname;
+-owns_unit(TDB_DATA key, int unit)
++owns_link(TDB_DATA key, char *ifname)
  {
 -	char ifkey[32];
 +	char ifkey[7 + IFNAMSIZ];
@@ -126,7 +119,7 @@ Signed-off-by: George Kashperko <[email protected]>
  			&& memcmp(vd.dptr, key.dptr, vd.dsize) == 0;
 --- a/pppd/sys-linux.c
 +++ b/pppd/sys-linux.c
-@@ -700,6 +700,16 @@ void cfg_bundle(int mrru, int mtru, int
+@@ -706,6 +706,16 @@ void cfg_bundle(int mrru, int mtru, int
  	add_fd(ppp_dev_fd);
  }
  
@@ -143,7 +136,7 @@ Signed-off-by: George Kashperko <[email protected]>
  /*
   * make_new_bundle - create a new PPP unit (i.e. a bundle)
   * and connect our channel to it.  This should only get called
-@@ -718,6 +728,8 @@ void make_new_bundle(int mrru, int mtru,
+@@ -724,6 +734,8 @@ void make_new_bundle(int mrru, int mtru,
  
  	/* set the mrru and flags */
  	cfg_bundle(mrru, mtru, rssn, tssn);

package/network/services/ppp/patches/330-retain_foreign_default_routes.patch

@@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/sys-linux.c
 +++ b/pppd/sys-linux.c
-@@ -1767,6 +1767,7 @@ int cifdefaultroute (int unit, u_int32_t
+@@ -1770,6 +1770,7 @@ int cifdefaultroute (int unit, u_int32_t
  	SIN_ADDR(rt.rt_genmask) = 0L;
      }
  

package/network/services/ppp/patches/340-populate_default_gateway.patch

@@ -13,7 +13,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/sys-linux.c
 +++ b/pppd/sys-linux.c
-@@ -1717,6 +1717,9 @@ int sifdefaultroute (int unit, u_int32_t
+@@ -1720,6 +1720,9 @@ int sifdefaultroute (int unit, u_int32_t
      memset (&rt, 0, sizeof (rt));
      SET_SA_FAMILY (rt.rt_dst, AF_INET);
  
@@ -23,12 +23,12 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      rt.rt_dev = ifname;
      rt.rt_metric = dfl_route_metric + 1; /* +1 for binary compatibility */
  
-@@ -1725,7 +1728,7 @@ int sifdefaultroute (int unit, u_int32_t
+@@ -1728,7 +1731,7 @@ int sifdefaultroute (int unit, u_int32_t
  	SIN_ADDR(rt.rt_genmask) = 0L;
      }
  
 -    rt.rt_flags = RTF_UP;
 +    rt.rt_flags = RTF_UP | RTF_GATEWAY;
      if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) {
- 	if (!ok_error(errno))
+ 	if ( ! ok_error ( errno ))
  	    error("default route ioctl(SIOCADDRT): %m");

package/network/services/ppp/patches/400-simplify_kernel_checks.patch

@@ -10,7 +10,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/sys-linux.c
 +++ b/pppd/sys-linux.c
-@@ -200,7 +200,7 @@ static int driver_is_old       = 0;
+@@ -206,7 +206,7 @@ static int driver_is_old       = 0;
  static int restore_term        = 0;	/* 1 => we've munged the terminal */
  static struct termios inittermios;	/* Initial TTY termios */
  
@@ -19,7 +19,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
  static char loop_name[20];
  static unsigned char inbuf[512]; /* buffer for chars read from loopback */
-@@ -219,8 +219,8 @@ static int	looped;			/* 1 if using loop
+@@ -225,8 +225,8 @@ static int	looped;			/* 1 if using loop
  static int	link_mtu;		/* mtu for the link (not bundle) */
  
  static struct utsname utsname;	/* for the kernel version */
@@ -29,7 +29,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
  #define MAX_IFS		100
  
-@@ -1453,11 +1453,12 @@ int ccp_fatal_error (int unit)
+@@ -1455,11 +1455,12 @@ int ccp_fatal_error (int unit)
   *
   * path_to_procfs - find the path to the proc file system mount point
   */
@@ -44,7 +44,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      struct mntent *mntent;
      FILE *fp;
  
-@@ -1479,6 +1480,7 @@ static char *path_to_procfs(const char *
+@@ -1481,6 +1482,7 @@ static char *path_to_procfs(const char *
  	    fclose (fp);
  	}
      }
@@ -52,7 +52,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
      strlcpy(proc_path + proc_path_len, tail,
  	    sizeof(proc_path) - proc_path_len);
-@@ -2332,15 +2334,19 @@ int ppp_available(void)
+@@ -2365,15 +2367,19 @@ int ppp_available(void)
      int    my_version, my_modification, my_patch;
      int osmaj, osmin, ospatch;
  
@@ -72,7 +72,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
  	/* XXX should get from driver */
  	driver_version = 2;
-@@ -2400,6 +2406,7 @@ int ppp_available(void)
+@@ -2433,6 +2439,7 @@ int ppp_available(void)
  
      if (ok && ((ifr.ifr_hwaddr.sa_family & ~0xFF) != ARPHRD_PPP))
  	ok = 0;
@@ -80,7 +80,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  
  /*
   *  This is the PPP device. Validate the version of the driver at this
-@@ -2936,6 +2943,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
+@@ -3106,6 +3113,7 @@ get_pty(int *master_fdp, int *slave_fdp,
      }
  #endif /* TIOCGPTN */
  
@@ -88,7 +88,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      if (sfd < 0) {
  	/* the old way - scan through the pty name space */
  	for (i = 0; i < 64; ++i) {
-@@ -2954,6 +2962,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
+@@ -3124,6 +3132,7 @@ get_pty(int *master_fdp, int *slave_fdp,
  	    }
  	}
      }
@@ -98,11 +98,11 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  	return 0;
 --- a/pppd/plugins/pppoatm/pppoatm.c
 +++ b/pppd/plugins/pppoatm/pppoatm.c
-@@ -168,14 +168,6 @@ static void disconnect_pppoatm(void)
+@@ -171,14 +171,6 @@ static void disconnect_pppoatm(void)
  
  void plugin_init(void)
  {
--#if defined(__linux__)
+-#ifdef linux
 -	extern int new_style_driver;	/* From sys-linux.c */
 -	if (!ppp_available() && !new_style_driver)
 -		fatal("Kernel doesn't support ppp_generic - "
@@ -110,12 +110,12 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 -#else
 -	fatal("No PPPoATM support on this OS");
 -#endif
- 	info("PPPoATM plugin_init");
  	add_options(pppoa_options);
  }
---- a/pppd/plugins/rp-pppoe/plugin.c
-+++ b/pppd/plugins/rp-pppoe/plugin.c
-@@ -59,9 +59,6 @@ static char const RCSID[] =
+ 
+--- a/pppd/plugins/pppoe/plugin.c
++++ b/pppd/plugins/pppoe/plugin.c
+@@ -58,9 +58,6 @@ static char const RCSID[] =
  
  char pppd_version[] = VERSION;
  
@@ -125,7 +125,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  char *pppd_pppoe_service = NULL;
  static char *acName = NULL;
  static char *existingSession = NULL;
-@@ -394,10 +391,6 @@ PPPoEDevnameHook(char *cmd, char **argv,
+@@ -407,10 +404,6 @@ PPPoEDevnameHook(char *cmd, char **argv,
  void
  plugin_init(void)
  {
@@ -135,7 +135,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 -
      add_options(Options);
  
-     info("RP-PPPoE plugin version %s compiled against pppd %s",
+     info("PPPoE plugin from pppd %s", VERSION);
 --- a/pppd/plugins/pppol2tp/pppol2tp.c
 +++ b/pppd/plugins/pppol2tp/pppol2tp.c
 @@ -490,12 +490,7 @@ static void pppol2tp_cleanup(void)

package/network/services/ppp/patches/401-no_record_file.patch

@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -326,7 +326,6 @@ extern int	holdoff;	/* Dead time before
+@@ -317,7 +317,6 @@ extern int	holdoff;	/* Dead time before
  extern bool	holdoff_specified; /* true if user gave a holdoff value */
  extern bool	notty;		/* Stdin/out is not a tty */
  extern char	*pty_socket;	/* Socket to connect to pty */
@@ -17,7 +17,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  extern char	linkname[MAXPATHLEN]; /* logical name for link */
 --- a/pppd/tty.c
 +++ b/pppd/tty.c
-@@ -145,7 +145,7 @@ char	*disconnect_script = NULL; /* Scrip
+@@ -143,7 +143,7 @@ char	*disconnect_script = NULL; /* Scrip
  char	*welcomer = NULL;	/* Script to run after phys link estab. */
  char	*ptycommand = NULL;	/* Command to run on other side of pty */
  bool	notty = 0;		/* Stdin/out is not a tty */
@@ -26,7 +26,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
  int	max_data_rate;		/* max bytes/sec through charshunt */
  bool	sync_serial = 0;	/* Device is synchronous serial device */
  char	*pty_socket = NULL;	/* Socket to connect to pty */
-@@ -201,8 +201,10 @@ option_t tty_options[] = {
+@@ -199,8 +199,10 @@ option_t tty_options[] = {
        "Send and receive over socket, arg is host:port",
        OPT_PRIO | OPT_DEVNAM },
  

package/network/services/ppp/patches/403-no_wtmp.patch

@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/sys-linux.c
 +++ b/pppd/sys-linux.c
-@@ -2470,6 +2470,7 @@ int ppp_available(void)
+@@ -2503,6 +2503,7 @@ int ppp_available(void)
  
  void logwtmp (const char *line, const char *name, const char *host)
  {
@@ -15,7 +15,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      struct utmp ut, *utp;
      pid_t  mypid = getpid();
  #if __GLIBC__ < 2
-@@ -2535,6 +2536,7 @@ void logwtmp (const char *line, const ch
+@@ -2568,6 +2569,7 @@ void logwtmp (const char *line, const ch
  	close (wtmp);
      }
  #endif

package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch

@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -883,14 +883,17 @@ struct protocol_list {
+@@ -866,14 +866,17 @@ struct protocol_list {
      const char	*name;
  } protocol_list[] = {
      { 0x21,	"IP" },
@@ -25,7 +25,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      { 0x33,	"Stream Protocol ST-II" },
      { 0x35,	"Banyan Vines" },
      { 0x39,	"AppleTalk EDDP" },
-@@ -904,8 +907,11 @@ struct protocol_list {
+@@ -887,8 +890,11 @@ struct protocol_list {
      { 0x49,	"Serial Data Transport Protocol (PPP-SDTP)" },
      { 0x4b,	"SNA over 802.2" },
      { 0x4d,	"SNA" },
@@ -37,7 +37,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      { 0x53,	"Encryption" },
      { 0x55,	"Individual Link Encryption" },
      { 0x57,	"IPv6" },
-@@ -916,12 +922,15 @@ struct protocol_list {
+@@ -899,12 +905,15 @@ struct protocol_list {
      { 0x65,	"RTP IPHC Compressed non-TCP" },
      { 0x67,	"RTP IPHC Compressed UDP 8" },
      { 0x69,	"RTP IPHC Compressed RTP 8" },
@@ -53,7 +53,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      { 0x0203,	"IBM Source Routing BPDU" },
      { 0x0205,	"DEC LANBridge100 Spanning Tree" },
      { 0x0207,	"Cisco Discovery Protocol" },
-@@ -933,15 +942,19 @@ struct protocol_list {
+@@ -916,15 +925,19 @@ struct protocol_list {
      { 0x0231,	"Luxcom" },
      { 0x0233,	"Sigma Network Systems" },
      { 0x0235,	"Apple Client Server Protocol" },
@@ -73,7 +73,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      { 0x4001,	"Cray Communications Control Protocol" },
      { 0x4003,	"CDPD Mobile Network Registration Protocol" },
      { 0x4005,	"Expand accelerator protocol" },
-@@ -952,8 +965,10 @@ struct protocol_list {
+@@ -935,8 +948,10 @@ struct protocol_list {
      { 0x4023,	"RefTek Protocol" },
      { 0x4025,	"Fibre Channel" },
      { 0x4027,	"EMIT Protocols" },
@@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      { 0x8023,	"OSI Network Layer Control Protocol" },
      { 0x8025,	"Xerox NS IDP Control Protocol" },
      { 0x8027,	"DECnet Phase IV Control Protocol" },
-@@ -962,7 +977,9 @@ struct protocol_list {
+@@ -945,7 +960,9 @@ struct protocol_list {
      { 0x8031,	"Bridging NCP" },
      { 0x8033,	"Stream Protocol Control Protocol" },
      { 0x8035,	"Banyan Vines Control Protocol" },
@@ -94,7 +94,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      { 0x803f,	"NETBIOS Framing Control Protocol" },
      { 0x8041,	"Cisco Systems Control Protocol" },
      { 0x8043,	"Ascom Timeplex" },
-@@ -971,18 +988,24 @@ struct protocol_list {
+@@ -954,18 +971,24 @@ struct protocol_list {
      { 0x8049,	"Serial Data Control Protocol (PPP-SDCP)" },
      { 0x804b,	"SNA over 802.2 Control Protocol" },
      { 0x804d,	"SNA Control Protocol" },
@@ -119,7 +119,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
      { 0x8207,	"Cisco Discovery Protocol Control" },
      { 0x8209,	"Netcs Twin Routing" },
      { 0x820b,	"STP - Control Protocol" },
-@@ -991,24 +1014,29 @@ struct protocol_list {
+@@ -974,24 +997,29 @@ struct protocol_list {
      { 0x8281,	"MPLSCP" },
      { 0x8285,	"IEEE p1284.4 standard - Protocol Control" },
      { 0x8287,	"ETSI TETRA TNP1 Control Protocol" },

package/network/services/ppp/patches/405-no_multilink_option.patch

@@ -9,7 +9,7 @@ Signed-off-by: Jo-Philipp Wich <[email protected]>
 
 --- a/pppd/options.c
 +++ b/pppd/options.c
-@@ -349,13 +349,14 @@ option_t general_options[] = {
+@@ -348,13 +348,14 @@ option_t general_options[] = {
        "Enable multilink operation", OPT_PRIOSUB | OPT_ALIAS | 1 },
      { "nomultilink", o_bool, &multilink,
        "Disable multilink operation", OPT_PRIOSUB | 0 },

package/network/services/ppp/patches/500-add-pptp-plugin.patch

@@ -1,8 +1,8 @@
 --- a/configure
 +++ b/configure
-@@ -195,7 +195,7 @@ if [ -d "$ksrc" ]; then
+@@ -133,7 +133,7 @@ if [ -d "$ksrc" ]; then
      mkmkf $ksrc/Makedefs$compiletype Makedefs.com
-     for dir in pppd pppstats chat pppdump pppd/plugins pppd/plugins/rp-pppoe \
+     for dir in pppd pppstats chat pppdump pppd/plugins pppd/plugins/pppoe \
  	       pppd/plugins/radius pppd/plugins/pppoatm \
 -	       pppd/plugins/pppol2tp; do
 +	       pppd/plugins/pppol2tp pppd/plugins/pptp ; do
@@ -11,12 +11,12 @@
      if [ -f $ksrc/Makefile.$makext$archvariant ]; then
 --- a/pppd/plugins/Makefile.linux
 +++ b/pppd/plugins/Makefile.linux
-@@ -9,7 +9,7 @@ BINDIR = $(DESTDIR)/sbin
- MANDIR = $(DESTDIR)/share/man/man8
- LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
+@@ -14,7 +14,7 @@ INSTALL	= install
+ # EAP-TLS
+ CFLAGS += -DUSE_EAPTLS=1
  
--SUBDIRS := rp-pppoe pppoatm pppol2tp
-+SUBDIRS := rp-pppoe pppoatm pppol2tp pptp
+-SUBDIRS := pppoe pppoatm pppol2tp
++SUBDIRS := pppoe pppoatm pppol2tp pptp
  # Uncomment the next line to include the radius authentication plugin
  SUBDIRS += radius
  PLUGINS := minconn.so passprompt.so passwordfd.so winbind.so

package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch

@@ -15,8 +15,8 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
 
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -35,10 +35,10 @@ endif
- COPTS = -O2 -pipe -Wall -g
+@@ -36,10 +36,10 @@ endif
+ 
  LIBS = -lrt
  
 -# Uncomment the next line to include support for Microsoft's
@@ -28,19 +28,19 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
  # Don't use MSLANMAN unless you really know what you're doing.
  #MSLANMAN=y
  # Uncomment the next line to include support for MPPE.  CHAPMS (above) must
-@@ -141,8 +141,7 @@ endif
+@@ -158,8 +158,7 @@ endif
  
  ifdef NEEDDES
  ifndef USE_CRYPT
 -CFLAGS   += -I$(shell $(CC) --print-sysroot)/usr/include/openssl
--LIBS     += -lcrypto
+-NEEDCRYPTOLIB = y
 +LIBS     += -ldes $(LIBS)
  else
  CFLAGS   += -DUSE_CRYPT=1
  endif
 --- a/pppd/pppcrypt.c
 +++ b/pppd/pppcrypt.c
-@@ -64,7 +64,7 @@ u_char *des_key;	/* OUT 64 bit DES key w
+@@ -62,7 +62,7 @@ MakeKey(u_char *key, u_char *des_key)
  	des_key[7] = Get7Bits(key, 49);
  
  #ifndef USE_CRYPT
@@ -49,7 +49,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
  #endif
  }
  
-@@ -158,25 +158,25 @@ u_char *clear;	/* OUT 8 octets */
+@@ -147,30 +147,30 @@ DesDecrypt(u_char *cipher, u_char *clear
  }
  
  #else /* USE_CRYPT */
@@ -57,8 +57,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
 +static des_key_schedule	key_schedule;
  
  bool
- DesSetkey(key)
- u_char *key;
+ DesSetkey(u_char *key)
  {
 -	DES_cblock des_key;
 +	des_cblock des_key;
@@ -69,10 +68,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
  }
  
  bool
--DesEncrypt(clear, cipher)
-+DesEncrypt(clear, key, cipher)
- u_char *clear;	/* IN  8 octets */
- u_char *cipher;	/* OUT 8 octets */
+ DesEncrypt(u_char *clear, u_char *cipher)
  {
 -	DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
 -	    &key_schedule, 1);
@@ -81,9 +77,8 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
  	return (1);
  }
  
-@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
- u_char *cipher;	/* IN  8 octets */
- u_char *clear;	/* OUT 8 octets */
+ bool
+ DesDecrypt(u_char *cipher, u_char *clear)
  {
 -	DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
 -	    &key_schedule, 0);