[ppp] * Wed Sep 29 2010 Jiri Skala <jskala at redhat.com> - 2.4.5-12 - fixes #637513 - Missing: README.eap-tl
Jiri Skala
jskala at fedoraproject.org
Tue Oct 5 13:44:00 UTC 2010
commit 732177dcba17d84f7eb3285036a647a88f281819
Author: Jiri Skala <jskala at localhost.localdomain>
Date: Tue Oct 5 15:44:04 2010 +0200
* Wed Sep 29 2010 Jiri Skala <jskala at redhat.com> - 2.4.5-12
- fixes #637513 - Missing: README.eap-tls
- updated to latest eaptls upstream
- fixes #637886 - EAP-TLS not working with enabled PPP Multilink Framing option
...-0.98.patch => ppp-2.4.5-eaptls-mppe-0.99.patch | 157 +++++++++++---------
ppp.spec | 11 +-
2 files changed, 96 insertions(+), 72 deletions(-)
---
diff --git a/ppp-2.4.5-eaptls-mppe-0.98.patch b/ppp-2.4.5-eaptls-mppe-0.99.patch
similarity index 94%
rename from ppp-2.4.5-eaptls-mppe-0.98.patch
rename to ppp-2.4.5-eaptls-mppe-0.99.patch
index ad5c49a..16d7c2b 100644
--- a/ppp-2.4.5-eaptls-mppe-0.98.patch
+++ b/ppp-2.4.5-eaptls-mppe-0.99.patch
@@ -1,6 +1,6 @@
-diff -Naur ppp-2.4.5/README.eap-tls ppp-2.4.5-eaptls-mppe-0.98/README.eap-tls
+diff -Naur ppp-2.4.5/README.eap-tls ppp-2.4.5-eaptls-mppe-0.99/README.eap-tls
--- ppp-2.4.5/README.eap-tls 1970-01-01 01:00:00.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/README.eap-tls 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/README.eap-tls 2010-10-01 15:17:54.205272328 +0200
@@ -0,0 +1,169 @@
+EAP-TLS authentication support for PPP
+======================================
@@ -171,9 +171,9 @@ diff -Naur ppp-2.4.5/README.eap-tls ppp-2.4.5-eaptls-mppe-0.98/README.eap-tls
+ This is experimental code.
+ Send suggestions and comments to Jan Just Keijser <janjust at nikhef.nl>
+
-diff -Naur ppp-2.4.5/etc.ppp/eaptls-client ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/eaptls-client
+diff -Naur ppp-2.4.5/etc.ppp/eaptls-client ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-client
--- ppp-2.4.5/etc.ppp/eaptls-client 1970-01-01 01:00:00.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/eaptls-client 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-client 2010-10-01 15:17:54.205272328 +0200
@@ -0,0 +1,10 @@
+# Parameters for authentication using EAP-TLS (client)
+
@@ -185,9 +185,9 @@ diff -Naur ppp-2.4.5/etc.ppp/eaptls-client ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/ea
+# client private key file (required)
+
+#client server /root/cert/client.crt - /root/cert/ca.crt /root/cert/client.key
-diff -Naur ppp-2.4.5/etc.ppp/eaptls-server ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/eaptls-server
+diff -Naur ppp-2.4.5/etc.ppp/eaptls-server ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-server
--- ppp-2.4.5/etc.ppp/eaptls-server 1970-01-01 01:00:00.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/eaptls-server 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/eaptls-server 2010-10-01 15:17:54.205272328 +0200
@@ -0,0 +1,11 @@
+# Parameters for authentication using EAP-TLS (server)
+
@@ -200,9 +200,9 @@ diff -Naur ppp-2.4.5/etc.ppp/eaptls-server ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/ea
+# allowed addresses (required, can be *)
+
+#client server - /root/cert/server.crt /root/cert/ca.crt /root/cert/server.key 192.168.1.0/24
-diff -Naur ppp-2.4.5/etc.ppp/openssl.cnf ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/openssl.cnf
+diff -Naur ppp-2.4.5/etc.ppp/openssl.cnf ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/openssl.cnf
--- ppp-2.4.5/etc.ppp/openssl.cnf 1970-01-01 01:00:00.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/openssl.cnf 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/etc.ppp/openssl.cnf 2010-10-01 15:17:54.206272162 +0200
@@ -0,0 +1,14 @@
+openssl_conf = openssl_def
+
@@ -218,9 +218,9 @@ diff -Naur ppp-2.4.5/etc.ppp/openssl.cnf ppp-2.4.5-eaptls-mppe-0.98/etc.ppp/open
+MODULE_PATH = /usr/lib64/libeTPkcs11.so
+init = 0
+
-diff -Naur ppp-2.4.5/linux/Makefile.top ppp-2.4.5-eaptls-mppe-0.98/linux/Makefile.top
+diff -Naur ppp-2.4.5/linux/Makefile.top ppp-2.4.5-eaptls-mppe-0.99/linux/Makefile.top
--- ppp-2.4.5/linux/Makefile.top 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/linux/Makefile.top 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/linux/Makefile.top 2010-10-01 15:17:54.206272162 +0200
@@ -26,7 +26,7 @@
cd pppdump; $(MAKE) $(MFLAGS) install
@@ -241,27 +241,18 @@ diff -Naur ppp-2.4.5/linux/Makefile.top ppp-2.4.5-eaptls-mppe-0.98/linux/Makefil
$(BINDIR):
$(INSTALL) -d -m 755 $@
-diff -Naur ppp-2.4.5/openssl.cnf ppp-2.4.5-eaptls-mppe-0.98/openssl.cnf
---- ppp-2.4.5/openssl.cnf 1970-01-01 01:00:00.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/openssl.cnf 2010-02-09 10:58:38.000000000 +0100
-@@ -0,0 +1,14 @@
-+openssl_conf = openssl_def
-+
-+[ openssl_def ]
-+engines = engine_section
-+
-+[ engine_section ]
-+pkcs11 = pkcs11_section
-+
-+[ pkcs11_section ]
-+engine_id = pkcs11
-+dynamic_path = /usr/lib64/openssl/engines/engine_pkcs11.so
-+MODULE_PATH = /usr/lib64/libeTPkcs11.so
-+init = 0
-+
-diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd/Makefile.linux
+diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.99/pppd/Makefile.linux
--- ppp-2.4.5/pppd/Makefile.linux 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/Makefile.linux 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/Makefile.linux 2010-10-01 15:17:54.207272272 +0200
+@@ -33,7 +33,7 @@
+ # CC = gcc
+ #
+ COPTS = -O2 -pipe -Wall -g
+-LIBS =
++LIBS =
+
+ # Uncomment the next 2 lines to include support for Microsoft's
+ # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
@@ -73,6 +73,9 @@
# Enable EAP SRP-SHA1 authentication (requires libsrp)
#USE_SRP=y
@@ -278,8 +269,8 @@ diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd/Makefil
+# EAP-TLS
+ifdef USE_EAPTLS
-+CFLAGS += -DUSE_EAPTLS=1
-+LIBS += -lssl -lcrypto
++CFLAGS += -DUSE_EAPTLS=1 -I/usr/kerberos/include
++LIBS += -lssl
+PPPDSRC += eap-tls.c
+HEADERS += eap-tls.h
+PPPDOBJS += eap-tls.o
@@ -288,9 +279,9 @@ diff -Naur ppp-2.4.5/pppd/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd/Makefil
ifdef HAS_SHADOW
CFLAGS += -DHAS_SHADOW
#LIBS += -lshadow $(LIBS)
-diff -Naur ppp-2.4.5/pppd/auth.c ppp-2.4.5-eaptls-mppe-0.98/pppd/auth.c
+diff -Naur ppp-2.4.5/pppd/auth.c ppp-2.4.5-eaptls-mppe-0.99/pppd/auth.c
--- ppp-2.4.5/pppd/auth.c 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/auth.c 2010-02-09 10:58:55.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/auth.c 2010-10-01 15:17:54.210272021 +0200
@@ -109,6 +109,9 @@
#include "upap.h"
#include "chap-new.h"
@@ -784,9 +775,9 @@ diff -Naur ppp-2.4.5/pppd/auth.c ppp-2.4.5-eaptls-mppe-0.98/pppd/auth.c
+}
+#endif
+
-diff -Naur ppp-2.4.5/pppd/ccp.c ppp-2.4.5-eaptls-mppe-0.98/pppd/ccp.c
+diff -Naur ppp-2.4.5/pppd/ccp.c ppp-2.4.5-eaptls-mppe-0.99/pppd/ccp.c
--- ppp-2.4.5/pppd/ccp.c 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/ccp.c 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/ccp.c 2010-10-01 15:17:54.211272258 +0200
@@ -540,6 +540,9 @@
if (go->mppe) {
ccp_options *ao = &ccp_allowoptions[f->unit];
@@ -822,9 +813,9 @@ diff -Naur ppp-2.4.5/pppd/ccp.c ppp-2.4.5-eaptls-mppe-0.98/pppd/ccp.c
lcp_close(f->unit, "MPPE required but not available");
return;
}
-diff -Naur ppp-2.4.5/pppd/chap-md5.c ppp-2.4.5-eaptls-mppe-0.98/pppd/chap-md5.c
+diff -Naur ppp-2.4.5/pppd/chap-md5.c ppp-2.4.5-eaptls-mppe-0.99/pppd/chap-md5.c
--- ppp-2.4.5/pppd/chap-md5.c 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/chap-md5.c 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/chap-md5.c 2010-10-01 15:17:54.212272142 +0200
@@ -36,7 +36,11 @@
#include "chap-new.h"
#include "chap-md5.h"
@@ -837,10 +828,10 @@ diff -Naur ppp-2.4.5/pppd/chap-md5.c ppp-2.4.5-eaptls-mppe-0.98/pppd/chap-md5.c
#define MD5_HASH_SIZE 16
#define MD5_MIN_CHALLENGE 16
-diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.c
--- ppp-2.4.5/pppd/eap-tls.c 1970-01-01 01:00:00.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c 2010-02-09 10:58:38.000000000 +0100
-@@ -0,0 +1,1146 @@
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.c 2010-10-05 15:12:45.881615580 +0200
+@@ -0,0 +1,1174 @@
+/*
+ * eap-tls.c - EAP-TLS implementation for PPP
+ *
@@ -887,6 +878,8 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+#include "pppd.h"
+#include "eap.h"
+#include "eap-tls.h"
++#include "fsm.h"
++#include "lcp.h"
+#include "pathnames.h"
+
+/* The openssl configuration file and engines can be loaded only once */
@@ -1388,6 +1381,28 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+}
+
+/*
++ * Determine the maximum packet size by looking at the LCP handshake
++ */
++
++int eaptls_get_mtu(int unit)
++{
++ int mtu, mru;
++
++ lcp_options *wo = &lcp_wantoptions[unit];
++ lcp_options *go = &lcp_gotoptions[unit];
++ lcp_options *ho = &lcp_hisoptions[unit];
++ lcp_options *ao = &lcp_allowoptions[unit];
++
++ mtu = ho->neg_mru? ho->mru: PPP_MRU;
++ mru = go->neg_mru? MAX(wo->mru, go->mru): PPP_MRU;
++ mtu = MIN(MIN(mtu, mru), ao->mru)- PPP_HDRLEN - 10;
++
++ dbglog("MTU = %d", mtu);
++ return mtu;
++}
++
++
++/*
+ * Init the ssl handshake (server mode)
+ */
+int eaptls_init_ssl_server(eap_state * esp)
@@ -1416,11 +1431,12 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+ if (!get_eaptls_secret(esp->es_unit, esp->es_server.ea_peer,
+ esp->es_server.ea_name, clicertfile,
+ servcertfile, cacertfile, pkfile, 1)) {
-+ error( "EAP-TLS: Cannot get secret/password" );
++ error( "EAP-TLS: Cannot get secret/password for client \"%s\", server \"%s\"",
++ esp->es_server.ea_peer, esp->es_server.ea_name );
+ return 0;
+ }
+
-+ ets->mtu = netif_get_mtu(esp->es_unit) - PPP_HDRLEN - 10;
++ ets->mtu = eaptls_get_mtu(esp->es_unit);
+
+ ets->ctx = eaptls_init_ssl(1, cacertfile, servcertfile, clicertfile, pkfile);
+ if (!ets->ctx)
@@ -1500,14 +1516,15 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+ strncpy(ets->peer, esp->es_client.ea_peer, MAXWORDLEN);
+ else
+ ets->peer[0] = 0;
-+
-+ ets->mtu = netif_get_mtu(esp->es_unit) - PPP_HDRLEN - 10;
++
++ ets->mtu = eaptls_get_mtu(esp->es_unit);
+
+ dbglog( "calling get_eaptls_secret" );
+ if (!get_eaptls_secret(esp->es_unit, esp->es_client.ea_name,
+ esp->es_client.ea_peer, clicertfile,
+ servcertfile, cacertfile, pkfile, 0)) {
-+ error( "EAP-TLS: Cannot get secret/password" );
++ error( "EAP-TLS: Cannot get secret/password for client \"%s\", server \"%s\"",
++ esp->es_client.ea_name, esp->es_client.ea_peer );
+ return 0;
+ }
+
@@ -1524,6 +1541,7 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+ /*
+ * Initialize the BIOs we use to read/write to ssl engine
+ */
++ dbglog( "Initializing SSL BIOs" );
+ ets->into_ssl = BIO_new(BIO_s_mem());
+ ets->from_ssl = BIO_new(BIO_s_mem());
+ SSL_set_bio(ets->ssl, ets->into_ssl, ets->from_ssl);
@@ -1557,6 +1575,7 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+ return 1;
+
+fail:
++ dbglog( "eaptls_init_ssl_client: fail" );
+ SSL_CTX_free(ets->ctx);
+ return 0;
+
@@ -1709,7 +1728,7 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+ }
+
+ size = ets->datalen - ets->offset;
-+
++
+ if (size > ets->mtu) {
+ size = ets->mtu;
+ ets->frag = 1;
@@ -1987,9 +2006,9 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.c
+ dbglog("%s", string);
+}
+
-diff -Naur ppp-2.4.5/pppd/eap-tls.h ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.h
+diff -Naur ppp-2.4.5/pppd/eap-tls.h ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.h
--- ppp-2.4.5/pppd/eap-tls.h 1970-01-01 01:00:00.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.h 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap-tls.h 2010-10-01 15:17:54.213271816 +0200
@@ -0,0 +1,107 @@
+/*
+ * eap-tls.h
@@ -2098,9 +2117,9 @@ diff -Naur ppp-2.4.5/pppd/eap-tls.h ppp-2.4.5-eaptls-mppe-0.98/pppd/eap-tls.h
+#endif
+
+#endif
-diff -Naur ppp-2.4.5/pppd/eap.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.c
+diff -Naur ppp-2.4.5/pppd/eap.c ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.c
--- ppp-2.4.5/pppd/eap.c 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.c 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.c 2010-01-29 16:31:29.000000000 +0100
@@ -43,6 +43,11 @@
* Based on draft-ietf-pppext-eap-srp-03.txt.
*/
@@ -2692,9 +2711,9 @@ diff -Naur ppp-2.4.5/pppd/eap.c ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.c
return (inp - pstart);
}
+
-diff -Naur ppp-2.4.5/pppd/eap.h ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.h
+diff -Naur ppp-2.4.5/pppd/eap.h ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.h
--- ppp-2.4.5/pppd/eap.h 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.h 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/eap.h 2010-10-01 15:17:54.214270927 +0200
@@ -84,6 +84,16 @@
eapClosed, /* Authentication not in use */
eapListen, /* Client ready (and timer running) */
@@ -2763,9 +2782,9 @@ diff -Naur ppp-2.4.5/pppd/eap.h ppp-2.4.5-eaptls-mppe-0.98/pppd/eap.h
#define EAP_DEFREQTIME 20 /* Time to wait for peer request */
#define EAP_DEFALLOWREQ 20 /* max # times to accept requests */
-diff -Naur ppp-2.4.5/pppd/md5.c ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.c
+diff -Naur ppp-2.4.5/pppd/md5.c ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.c
--- ppp-2.4.5/pppd/md5.c 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.c 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.c 2010-10-01 15:17:54.214270927 +0200
@@ -33,6 +33,8 @@
***********************************************************************
*/
@@ -2781,9 +2800,9 @@ diff -Naur ppp-2.4.5/pppd/md5.c ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.c
*/
+#endif /* USE_EAPTLS */
+
-diff -Naur ppp-2.4.5/pppd/md5.h ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.h
+diff -Naur ppp-2.4.5/pppd/md5.h ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.h
--- ppp-2.4.5/pppd/md5.h 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.h 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/md5.h 2010-10-01 15:17:54.215271014 +0200
@@ -36,6 +36,7 @@
** documentation and/or software. **
***********************************************************************
@@ -2798,9 +2817,9 @@ diff -Naur ppp-2.4.5/pppd/md5.h ppp-2.4.5-eaptls-mppe-0.98/pppd/md5.h
#endif /* __MD5_INCLUDE__ */
+
+#endif /* USE_EAPTLS */
-diff -Naur ppp-2.4.5/pppd/options.c ppp-2.4.5-eaptls-mppe-0.98/pppd/options.c
+diff -Naur ppp-2.4.5/pppd/options.c ppp-2.4.5-eaptls-mppe-0.99/pppd/options.c
--- ppp-2.4.5/pppd/options.c 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/options.c 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/options.c 2010-10-01 15:17:54.215271014 +0200
@@ -119,6 +119,10 @@
bool dryrun; /* print out option values and exit */
char *domain; /* domain name set by domain option */
@@ -2825,9 +2844,9 @@ diff -Naur ppp-2.4.5/pppd/options.c ppp-2.4.5-eaptls-mppe-0.98/pppd/options.c
{ NULL }
};
-diff -Naur ppp-2.4.5/pppd/pathnames.h ppp-2.4.5-eaptls-mppe-0.98/pppd/pathnames.h
+diff -Naur ppp-2.4.5/pppd/pathnames.h ppp-2.4.5-eaptls-mppe-0.99/pppd/pathnames.h
--- ppp-2.4.5/pppd/pathnames.h 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/pathnames.h 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/pathnames.h 2010-10-01 15:17:54.215271014 +0200
@@ -21,6 +21,13 @@
#define _PATH_UPAPFILE _ROOT_PATH "/etc/ppp/pap-secrets"
#define _PATH_CHAPFILE _ROOT_PATH "/etc/ppp/chap-secrets"
@@ -2842,9 +2861,9 @@ diff -Naur ppp-2.4.5/pppd/pathnames.h ppp-2.4.5-eaptls-mppe-0.98/pppd/pathnames.
#define _PATH_SYSOPTIONS _ROOT_PATH "/etc/ppp/options"
#define _PATH_IPUP _ROOT_PATH "/etc/ppp/ip-up"
#define _PATH_IPDOWN _ROOT_PATH "/etc/ppp/ip-down"
-diff -Naur ppp-2.4.5/pppd/plugins/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/Makefile.linux
+diff -Naur ppp-2.4.5/pppd/plugins/Makefile.linux ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/Makefile.linux
--- ppp-2.4.5/pppd/plugins/Makefile.linux 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/Makefile.linux 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/Makefile.linux 2010-10-01 15:17:54.215271014 +0200
@@ -4,6 +4,9 @@
LDFLAGS = -shared
INSTALL = install
@@ -2855,9 +2874,9 @@ diff -Naur ppp-2.4.5/pppd/plugins/Makefile.linux ppp-2.4.5-eaptls-mppe-0.98/pppd
DESTDIR = $(INSTROOT)@DESTDIR@
BINDIR = $(DESTDIR)/sbin
MANDIR = $(DESTDIR)/share/man/man8
-diff -Naur ppp-2.4.5/pppd/plugins/passprompt.c ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/passprompt.c
+diff -Naur ppp-2.4.5/pppd/plugins/passprompt.c ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passprompt.c
--- ppp-2.4.5/pppd/plugins/passprompt.c 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/passprompt.c 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passprompt.c 2010-10-01 15:17:54.215271014 +0200
@@ -107,4 +107,7 @@
{
add_options(options);
@@ -2866,9 +2885,9 @@ diff -Naur ppp-2.4.5/pppd/plugins/passprompt.c ppp-2.4.5-eaptls-mppe-0.98/pppd/p
+ eaptls_passwd_hook = promptpass;
+#endif
}
-diff -Naur ppp-2.4.5/pppd/plugins/passwordfd.c ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/passwordfd.c
+diff -Naur ppp-2.4.5/pppd/plugins/passwordfd.c ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passwordfd.c
--- ppp-2.4.5/pppd/plugins/passwordfd.c 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/plugins/passwordfd.c 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/plugins/passwordfd.c 2010-10-01 15:17:54.216270820 +0200
@@ -79,4 +79,9 @@
chap_check_hook = pwfd_check;
@@ -2879,9 +2898,9 @@ diff -Naur ppp-2.4.5/pppd/plugins/passwordfd.c ppp-2.4.5-eaptls-mppe-0.98/pppd/p
+ eaptls_passwd_hook = pwfd_passwd;
+#endif
}
-diff -Naur ppp-2.4.5/pppd/pppd.h ppp-2.4.5-eaptls-mppe-0.98/pppd/pppd.h
+diff -Naur ppp-2.4.5/pppd/pppd.h ppp-2.4.5-eaptls-mppe-0.99/pppd/pppd.h
--- ppp-2.4.5/pppd/pppd.h 2009-11-16 23:26:07.000000000 +0100
-+++ ppp-2.4.5-eaptls-mppe-0.98/pppd/pppd.h 2010-02-09 10:58:38.000000000 +0100
++++ ppp-2.4.5-eaptls-mppe-0.99/pppd/pppd.h 2010-10-01 15:17:54.216270820 +0200
@@ -320,6 +320,10 @@
extern bool dryrun; /* check everything, print options, exit */
extern int child_wait; /* # seconds to wait for children at end */
diff --git a/ppp.spec b/ppp.spec
index bc135c7..a53a1ee 100644
--- a/ppp.spec
+++ b/ppp.spec
@@ -1,7 +1,7 @@
Summary: The Point-to-Point Protocol daemon
Name: ppp
Version: 2.4.5
-Release: 11%{?dist}
+Release: 12%{?dist}
License: BSD and LGPLv2+ and GPLv2+ and Public Domain
Group: System Environment/Daemons
URL: http://www.samba.org/ppp
@@ -26,7 +26,7 @@ Patch23: ppp-2.4.2-dontwriteetc.patch
Patch24: ppp-2.4.4-fd_leak.patch
Patch25: ppp-2.4.5-var_run_ppp.patch
Patch26: ppp-2.4.5-manpg.patch
-Patch27: ppp-2.4.5-eaptls-mppe-0.98.patch
+Patch27: ppp-2.4.5-eaptls-mppe-0.99.patch
Patch28: ppp-2.4.5-ppp_resolv.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -133,7 +133,7 @@ rm -rf $RPM_BUILD_ROOT
%config(noreplace) /etc/ppp/pap-secrets
%config(noreplace) /etc/pam.d/ppp
%config(noreplace) /etc/logrotate.d/ppp
-%doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample
+%doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample README.eap-tls
%files devel
%defattr(-,root,root)
@@ -141,6 +141,11 @@ rm -rf $RPM_BUILD_ROOT
%doc PLUGINS
%changelog
+* Wed Sep 29 2010 Jiri Skala <jskala at redhat.com> - 2.4.5-12
+- fixes #637513 - Missing: README.eap-tls
+- updated to latest eaptls upstream
+- fixes #637886 - EAP-TLS not working with enabled PPP Multilink Framing option
+
* Thu Aug 05 2010 Jiri Skala <jskala at redhat.com> - 2.4.5-11
- fixes #617625 - FTBFS in ppp due to change in kernel-headers
- fixes pppol2tp Makefile
More information about the scm-commits
mailing list