1 |
commit: 481553feb5f5711c7504ee8779b378b2034692a2 |
2 |
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Feb 26 15:31:03 2020 +0000 |
4 |
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Feb 26 15:37:06 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=481553fe |
7 |
|
8 |
net-dialup/ppp: Bump to version 2.4.8 |
9 |
|
10 |
with security backport for CVE-2020-8597 |
11 |
(0017-pppd-Fix-bounds-check-in-EAP-code.patch) |
12 |
|
13 |
Bug: https://bugs.gentoo.org/710308 |
14 |
Closes: https://bugs.gentoo.org/704680 |
15 |
Package-Manager: Portage-2.3.89, Repoman-2.3.20 |
16 |
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org> |
17 |
|
18 |
net-dialup/ppp/Manifest | 2 + |
19 |
net-dialup/ppp/ppp-2.4.8.ebuild | 232 ++++++++++++++++++++++++++++++++++++++++ |
20 |
2 files changed, 234 insertions(+) |
21 |
|
22 |
diff --git a/net-dialup/ppp/Manifest b/net-dialup/ppp/Manifest |
23 |
index 4fd619a491a..193696f8047 100644 |
24 |
--- a/net-dialup/ppp/Manifest |
25 |
+++ b/net-dialup/ppp/Manifest |
26 |
@@ -1,3 +1,5 @@ |
27 |
DIST ppp-2.4.7-patches-7.tar.xz 40540 BLAKE2B 353814692aab3012f5d5ccdecc514d69357826ea7abe64a7581c562f333d868f9766f11516721cf0b116b4c1c8b01daee306d98ef7be356af6e8d16e22fc9fac SHA512 9d34c044ded09424a6d80047e88bb21130a9c2414c9ea4f52c7299d9db08b1391543b50cd97c0c8763e6943591fc325d01932b31966a1374dbfe5e977bbf4356 |
28 |
DIST ppp-2.4.7.tar.gz 688117 BLAKE2B e1c94ce31d98674536929d19e956e4013eb2b02c20c34e6184c0b99b50262ad1cd7fb6f4a1ed302872527a0c164af340e15ad1e2eaf191392c3f6ae2de21f5dd SHA512 e34ce24020af6a73e7a26c83c4f73a9c83fa455b7b363794dba27bf01f70368be06bff779777843949bd77f4bc9385d6ad455ea48bf8fff4e0d73cc8fef16ae2 |
29 |
+DIST ppp-2.4.8-patches-02.tar.xz 39700 BLAKE2B 8e03ecf306ff415370a96ba2eca4ecdb9daed2eaa569cabbd49b94ff279dc04081cbf6749463556ba42832f4baf6f8f4cbdc0c79d6419f57080b14f3214ca992 SHA512 4f2c08a8c1d659d79c18471b41aac2d18383f86ac22231993609b548f899ee32d1ea3cc25952f00b85d1357e53bad6cf93842c49a59ecf29ed20be3020378e78 |
30 |
+DIST ppp-2.4.8.tar.gz 697530 BLAKE2B 235114288699db45501bc7d9ce8f36c0b5684ab0dab09da93d7f2b4f7c3eca030ae26e34dfff25efa971374fbd7fde62f121ea6aa69872658f44c5ac8c7850a2 SHA512 a99b3b6c7bd80cd133bda4e29d33c793a76f3b67e1f8db774547e88932ce29564fad390a4f51d3fe30a75e006499b95000b042ae0f64cd360548426f8091a478 |
31 |
DIST ppp-dhcpc.tgz 33497 BLAKE2B ca59130012f007cf45af6bcfa468c112b0d521c8b11f42d42c566dd9de55bd6d6f1b1ceb83cbae18cfe79cb5cb36ba6c6858a4718915acc6987295008aca53da SHA512 aeaf791b14f5a09c0e2079072a157e65132cbff46e608bc0724e6a5827a01da934f5006e2774eb7105f83e607a52cb4987238f4385cf6f5cc86cbe305a556738 |
32 |
|
33 |
diff --git a/net-dialup/ppp/ppp-2.4.8.ebuild b/net-dialup/ppp/ppp-2.4.8.ebuild |
34 |
new file mode 100644 |
35 |
index 00000000000..50d429aa38c |
36 |
--- /dev/null |
37 |
+++ b/net-dialup/ppp/ppp-2.4.8.ebuild |
38 |
@@ -0,0 +1,232 @@ |
39 |
+# Copyright 1999-2020 Gentoo Authors |
40 |
+# Distributed under the terms of the GNU General Public License v2 |
41 |
+ |
42 |
+EAPI=7 |
43 |
+ |
44 |
+inherit linux-info multilib pam toolchain-funcs |
45 |
+ |
46 |
+PATCH_VER="02" |
47 |
+DESCRIPTION="Point-to-Point Protocol (PPP)" |
48 |
+HOMEPAGE="https://ppp.samba.org/" |
49 |
+SRC_URI="https://github.com/paulusmack/ppp/archive/ppp-2.4.8.tar.gz |
50 |
+ https://dev.gentoo.org/~polynomial-c/${P}-patches-${PATCH_VER}.tar.xz |
51 |
+ http://www.netservers.net.uk/gpl/ppp-dhcpc.tgz" |
52 |
+ |
53 |
+LICENSE="BSD GPL-2" |
54 |
+SLOT="0/${PV}" |
55 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86" |
56 |
+IUSE="activefilter atm dhcp eap-tls gtk ipv6 libressl pam radius" |
57 |
+ |
58 |
+DEPEND=" |
59 |
+ activefilter? ( net-libs/libpcap ) |
60 |
+ atm? ( net-dialup/linux-atm ) |
61 |
+ pam? ( sys-libs/pam ) |
62 |
+ gtk? ( x11-libs/gtk+:2 ) |
63 |
+ !libressl? ( dev-libs/openssl:0= ) |
64 |
+ libressl? ( dev-libs/libressl:= ) |
65 |
+" |
66 |
+RDEPEND="${DEPEND} |
67 |
+ !<net-misc/netifrc-0.7.1" |
68 |
+PDEPEND="net-dialup/ppp-scripts" |
69 |
+ |
70 |
+S="${WORKDIR}/${PN}-${P}" |
71 |
+ |
72 |
+src_prepare() { |
73 |
+ mv "${WORKDIR}/dhcp" "${S}/pppd/plugins" || die |
74 |
+ |
75 |
+ if ! use eap-tls ; then |
76 |
+ rm "${WORKDIR}"/patches/8?_all_eaptls-* || die |
77 |
+ fi |
78 |
+ eapply "${WORKDIR}"/patches |
79 |
+ |
80 |
+ if use atm ; then |
81 |
+ einfo "Enabling PPPoATM support" |
82 |
+ sed -i '/^#HAVE_LIBATM=yes/s:#::' \ |
83 |
+ pppd/plugins/pppoatm/Makefile.linux || die |
84 |
+ fi |
85 |
+ |
86 |
+ if ! use activefilter ; then |
87 |
+ einfo "Disabling active filter" |
88 |
+ sed -i '/^FILTER=y/s:^:#:' pppd/Makefile.linux || die |
89 |
+ fi |
90 |
+ |
91 |
+ if use pam ; then |
92 |
+ einfo "Enabling PAM" |
93 |
+ sed -i '/^#USE_PAM=y/s:^#::' pppd/Makefile.linux || die |
94 |
+ fi |
95 |
+ |
96 |
+ if use ipv6 ; then |
97 |
+ einfo "Enabling IPv6" |
98 |
+ sed -i '/#HAVE_INET6/s:#::' pppd/Makefile.linux || die |
99 |
+ echo "+ipv6" >> etc.ppp/options || die |
100 |
+ fi |
101 |
+ |
102 |
+ einfo "Enabling CBCP" |
103 |
+ sed -i '/^#CBCP=y/s:#::' pppd/Makefile.linux || die |
104 |
+ |
105 |
+ if use dhcp ; then |
106 |
+ einfo "Adding ppp-dhcp plugin files" |
107 |
+ sed \ |
108 |
+ -e '/^SUBDIRS :=/s:$: dhcp:' \ |
109 |
+ -i pppd/plugins/Makefile.linux || die |
110 |
+ fi |
111 |
+ |
112 |
+ # Set correct libdir |
113 |
+ sed -i -e "s:/lib/pppd:/$(get_libdir)/pppd:" \ |
114 |
+ pppd/{pathnames.h,pppd.8} || die |
115 |
+ |
116 |
+ if use radius ; then |
117 |
+ #set the right paths in radiusclient.conf |
118 |
+ sed -e "s:/usr/local/etc:/etc:" \ |
119 |
+ -e "s:/usr/local/sbin:/usr/sbin:" \ |
120 |
+ -i pppd/plugins/radius/etc/radiusclient.conf || die |
121 |
+ #set config dir to /etc/ppp/radius |
122 |
+ sed -i -e "s:/etc/radiusclient:/etc/ppp/radius:g" \ |
123 |
+ pppd/plugins/radius/{*.8,*.c,*.h} \ |
124 |
+ pppd/plugins/radius/etc/* || die |
125 |
+ else |
126 |
+ einfo "Disabling radius" |
127 |
+ sed -i -e '/+= radius/s:^:#:' pppd/plugins/Makefile.linux || die |
128 |
+ fi |
129 |
+ |
130 |
+ # Respect our pkg-config settings. |
131 |
+ sed -i \ |
132 |
+ -e 's:pkg-config:$(PKG_CONFIG):' \ |
133 |
+ contrib/pppgetpass/Makefile.linux || die |
134 |
+ sed -i \ |
135 |
+ -e '/^LIBS/{s:-L/usr/local/ssl/lib::;s:-lcrypto:`$(PKG_CONFIG) --libs libcrypto`:}' \ |
136 |
+ pppd/Makefile.linux || die |
137 |
+ |
138 |
+ eapply_user #549588 |
139 |
+} |
140 |
+ |
141 |
+src_compile() { |
142 |
+ tc-export AR CC PKG_CONFIG |
143 |
+ emake COPTS="${CFLAGS} -D_GNU_SOURCE" |
144 |
+ |
145 |
+ # build pppgetpass |
146 |
+ cd contrib/pppgetpass || die |
147 |
+ if use gtk ; then |
148 |
+ emake -f Makefile.linux |
149 |
+ else |
150 |
+ emake pppgetpass.vt |
151 |
+ fi |
152 |
+} |
153 |
+ |
154 |
+src_install() { |
155 |
+ local i |
156 |
+ for i in chat pppd pppdump pppstats ; do |
157 |
+ doman ${i}/${i}.8 |
158 |
+ dosbin ${i}/${i} |
159 |
+ done |
160 |
+ fperms u+s-w /usr/sbin/pppd |
161 |
+ |
162 |
+ # Install pppd header files |
163 |
+ emake -C pppd INSTROOT="${D}" install-devel |
164 |
+ |
165 |
+ dosbin pppd/plugins/rp-pppoe/pppoe-discovery |
166 |
+ |
167 |
+ dodir /etc/ppp/peers |
168 |
+ insinto /etc/ppp |
169 |
+ insopts -m0600 |
170 |
+ newins etc.ppp/pap-secrets pap-secrets.example |
171 |
+ newins etc.ppp/chap-secrets chap-secrets.example |
172 |
+ |
173 |
+ insopts -m0644 |
174 |
+ doins etc.ppp/options |
175 |
+ |
176 |
+ pamd_mimic_system ppp auth account session |
177 |
+ |
178 |
+ local PLUGINS_DIR="/usr/$(get_libdir)/pppd/${PV}" |
179 |
+ insinto "${PLUGINS_DIR}" |
180 |
+ insopts -m0755 |
181 |
+ doins pppd/plugins/minconn.so |
182 |
+ doins pppd/plugins/passprompt.so |
183 |
+ doins pppd/plugins/passwordfd.so |
184 |
+ doins pppd/plugins/winbind.so |
185 |
+ doins pppd/plugins/rp-pppoe/rp-pppoe.so |
186 |
+ doins pppd/plugins/pppol2tp/openl2tp.so |
187 |
+ doins pppd/plugins/pppol2tp/pppol2tp.so |
188 |
+ if use atm ; then |
189 |
+ doins pppd/plugins/pppoatm/pppoatm.so |
190 |
+ fi |
191 |
+ if use dhcp ; then |
192 |
+ doins pppd/plugins/dhcp/dhcpc.so |
193 |
+ fi |
194 |
+ if use radius ; then |
195 |
+ doins pppd/plugins/radius/rad{ius,attr,realms}.so |
196 |
+ |
197 |
+ #Copy radiusclient configuration files (#92878) |
198 |
+ insinto /etc/ppp/radius |
199 |
+ insopts -m0644 |
200 |
+ doins pppd/plugins/radius/etc/{dictionary*,issue,port-id-map,radiusclient.conf,realms,servers} |
201 |
+ |
202 |
+ doman pppd/plugins/radius/pppd-rad{ius,attr}.8 |
203 |
+ fi |
204 |
+ |
205 |
+ insinto /etc/modprobe.d |
206 |
+ insopts -m0644 |
207 |
+ newins "${FILESDIR}/modules.ppp" ppp.conf |
208 |
+ |
209 |
+ dodoc PLUGINS README* SETUP Changes-2.3 FAQ |
210 |
+ dodoc "${FILESDIR}/README.mpls" |
211 |
+ |
212 |
+ dosbin scripts/p{on,off,log} |
213 |
+ doman scripts/pon.1 |
214 |
+ |
215 |
+ # Adding misc. specialized scripts to doc dir |
216 |
+ insinto /usr/share/doc/${PF}/scripts/chatchat |
217 |
+ doins scripts/chatchat/* |
218 |
+ insinto /usr/share/doc/${PF}/scripts |
219 |
+ doins scripts/* |
220 |
+ |
221 |
+ if use gtk ; then |
222 |
+ dosbin contrib/pppgetpass/{pppgetpass.vt,pppgetpass.gtk} |
223 |
+ newsbin contrib/pppgetpass/pppgetpass.sh pppgetpass |
224 |
+ else |
225 |
+ newsbin contrib/pppgetpass/pppgetpass.vt pppgetpass |
226 |
+ fi |
227 |
+ doman contrib/pppgetpass/pppgetpass.8 |
228 |
+} |
229 |
+ |
230 |
+pkg_postinst() { |
231 |
+ if linux-info_get_any_version && linux_config_src_exists ; then |
232 |
+ echo |
233 |
+ ewarn "If the following test report contains a missing kernel configuration option that you need," |
234 |
+ ewarn "you should reconfigure and rebuild your kernel before running pppd." |
235 |
+ CONFIG_CHECK="~PPP ~PPP_ASYNC ~PPP_SYNC_TTY" |
236 |
+ local ERROR_PPP="CONFIG_PPP:\t missing PPP support (REQUIRED)" |
237 |
+ local ERROR_PPP_ASYNC="CONFIG_PPP_ASYNC:\t missing asynchronous serial line discipline (optional, but highly recommended)" |
238 |
+ local WARNING_PPP_SYNC_TTY="CONFIG_PPP_SYNC_TTY:\t missing synchronous serial line discipline (optional; used by 'sync' pppd option)" |
239 |
+ if use activefilter ; then |
240 |
+ CONFIG_CHECK="${CONFIG_CHECK} ~PPP_FILTER" |
241 |
+ local ERROR_PPP_FILTER="CONFIG_PPP_FILTER:\t missing PPP filtering support (REQUIRED)" |
242 |
+ fi |
243 |
+ CONFIG_CHECK="${CONFIG_CHECK} ~PPP_DEFLATE ~PPP_BSDCOMP ~PPP_MPPE" |
244 |
+ local ERROR_PPP_DEFLATE="CONFIG_PPP_DEFLATE:\t missing Deflate compression (optional, but highly recommended)" |
245 |
+ local ERROR_PPP_BSDCOMP="CONFIG_PPP_BSDCOMP:\t missing BSD-Compress compression (optional, but highly recommended)" |
246 |
+ local WARNING_PPP_MPPE="CONFIG_PPP_MPPE:\t missing MPPE encryption (optional, mostly used by PPTP links)" |
247 |
+ CONFIG_CHECK="${CONFIG_CHECK} ~PPPOE ~PACKET" |
248 |
+ local WARNING_PPPOE="CONFIG_PPPOE:\t missing PPPoE support (optional, needed by rp-pppoe plugin)" |
249 |
+ local WARNING_PACKET="CONFIG_PACKET:\t missing AF_PACKET support (optional, used by rp-pppoe and dhcpc plugins)" |
250 |
+ if use atm ; then |
251 |
+ CONFIG_CHECK="${CONFIG_CHECK} ~PPPOATM" |
252 |
+ local WARNING_PPPOATM="CONFIG_PPPOATM:\t missing PPPoA support (optional, needed by pppoatm plugin)" |
253 |
+ fi |
254 |
+ check_extra_config |
255 |
+ fi |
256 |
+ |
257 |
+ # create *-secrets files if not exists |
258 |
+ [[ -f "${EROOT}/etc/ppp/pap-secrets" ]] || \ |
259 |
+ cp -pP "${EROOT}/etc/ppp/pap-secrets.example" "${EROOT}/etc/ppp/pap-secrets" |
260 |
+ [[ -f "${EROOT}/etc/ppp/chap-secrets" ]] || \ |
261 |
+ cp -pP "${EROOT}/etc/ppp/chap-secrets.example" "${EROOT}/etc/ppp/chap-secrets" |
262 |
+ |
263 |
+ # lib name has changed |
264 |
+ sed -i -e "s:^pppoe.so:rp-pppoe.so:" "${EROOT}/etc/ppp/options" || die |
265 |
+ |
266 |
+ echo |
267 |
+ elog "Pon, poff and plog scripts have been supplied for experienced users." |
268 |
+ elog "Users needing particular scripts (ssh,rsh,etc.) should check out the" |
269 |
+ elog "/usr/share/doc/${PF}/scripts directory." |
270 |
+} |