ppp: update to version 2.4.7

This fixes: CVE-2014-3158 and some other bugs.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 42525
lede-17.01
Hauke Mehrtens 2014-09-13 20:56:13 +00:00
parent a8e1a031a8
commit 2c605ba1f1
15 changed files with 40 additions and 53 deletions

View File

@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=ppp
PKG_VERSION:=2.4.6
PKG_VERSION:=2.4.7
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.samba.org/pub/ppp/
PKG_MD5SUM:=3434d2cc9327167a0723aaaa8670083b
PKG_MD5SUM:=78818f40e6d33a1d1de68a1551f6595a
PKG_MAINTAINER:=Felix Fietkau <nbd@openwrt.org>
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)

View File

@ -85,7 +85,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
"Enable multilink operation", OPT_PRIO | 1 },
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -317,6 +317,8 @@ extern bool tune_kernel; /* May alter ke
@@ -318,6 +318,8 @@ extern bool tune_kernel; /* May alter ke
extern int connect_delay; /* Time to delay after connect script */
extern int max_data_rate; /* max bytes/sec through charshunt */
extern int req_unit; /* interface unit number to use */

View File

@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -453,6 +453,13 @@ int generic_establish_ppp (int fd)
@@ -458,6 +458,13 @@ int generic_establish_ppp (int fd)
if (new_style_driver) {
int flags;

View File

@ -150,7 +150,7 @@
} else {
--- a/pppd/ipv6cp.c
+++ b/pppd/ipv6cp.c
@@ -1243,7 +1243,7 @@ ipv6cp_up(f)
@@ -1232,7 +1232,7 @@ ipv6cp_up(f)
}
}
@ -161,7 +161,7 @@
} else {
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -584,7 +584,7 @@ void demand_conf __P((void)); /* config
@@ -585,7 +585,7 @@ void demand_conf __P((void)); /* config
void demand_block __P((void)); /* set all NPs to queue up packets */
void demand_unblock __P((void)); /* set all NPs to pass packets */
void demand_discard __P((void)); /* set all NPs to discard packets */

View File

@ -153,7 +153,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
.B nodeflate
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -664,7 +664,7 @@ int sif6addr __P((int, eui64_t, eui64_t
@@ -667,7 +667,7 @@ int sif6addr __P((int, eui64_t, eui64_t
int cif6addr __P((int, eui64_t, eui64_t));
/* Remove an IPv6 address from i/f */
#endif
@ -164,16 +164,16 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
/* Delete default route through i/f */
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -206,6 +206,8 @@ static unsigned char inbuf[512]; /* buff
@@ -207,6 +207,8 @@ static unsigned char inbuf[512]; /* buff
static int if_is_up; /* Interface has been marked up */
static int if6_is_up; /* Interface has been marked up for IPv6, to help differentiate */
static int have_default_route; /* Gateway for default route added */
+static struct rtentry old_def_rt; /* Old default route */
+static int default_rt_repl_rest; /* replace and restore old default rt */
static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */
static char proxy_arp_dev[16]; /* Device for proxy arp entry */
static u_int32_t our_old_addr; /* for detecting address changes */
@@ -1544,6 +1546,9 @@ static int read_route_table(struct rtent
@@ -1552,6 +1554,9 @@ static int read_route_table(struct rtent
p = NULL;
}
@ -183,7 +183,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16);
SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16);
SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16);
@@ -1613,20 +1618,51 @@ int have_route_to(u_int32_t addr)
@@ -1621,20 +1626,51 @@ int have_route_to(u_int32_t addr)
/********************************************************************
*
* sifdefaultroute - assign a default route through the address given.
@ -248,7 +248,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
}
memset (&rt, 0, sizeof (rt));
@@ -1641,10 +1677,16 @@ int sifdefaultroute (int unit, u_int32_t
@@ -1649,10 +1685,16 @@ int sifdefaultroute (int unit, u_int32_t
rt.rt_flags = RTF_UP;
if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) {
@ -266,7 +266,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
have_default_route = 1;
return 1;
@@ -1675,11 +1717,21 @@ int cifdefaultroute (int unit, u_int32_t
@@ -1683,11 +1725,21 @@ int cifdefaultroute (int unit, u_int32_t
rt.rt_flags = RTF_UP;
if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) {
if (still_ppp()) {
@ -291,7 +291,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
}
--- a/pppd/sys-solaris.c
+++ b/pppd/sys-solaris.c
@@ -2036,12 +2036,18 @@ cifaddr(u, o, h)
@@ -2039,12 +2039,18 @@ cifaddr(u, o, h)
* sifdefaultroute - assign a default route through the address given.
*/
int

View File

@ -48,7 +48,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
"Enable multilink operation", OPT_PRIO | 1 },
--- a/pppd/ipv6cp.c
+++ b/pppd/ipv6cp.c
@@ -1303,7 +1303,7 @@ ipv6cp_up(f)
@@ -1269,7 +1269,7 @@ ipv6cp_up(f)
*/
if (ipv6cp_script_state == s_down && ipv6cp_script_pid == 0) {
ipv6cp_script_state = s_up;
@ -57,7 +57,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
}
}
@@ -1357,7 +1357,7 @@ ipv6cp_down(f)
@@ -1321,7 +1321,7 @@ ipv6cp_down(f)
/* Execute the ipv6-down script */
if (ipv6cp_script_state == s_up && ipv6cp_script_pid == 0) {
ipv6cp_script_state = s_down;
@ -66,7 +66,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
}
}
@@ -1400,13 +1400,13 @@ ipv6cp_script_done(arg)
@@ -1364,13 +1364,13 @@ ipv6cp_script_done(arg)
case s_up:
if (ipv6cp_fsm[0].state != OPENED) {
ipv6cp_script_state = s_down;
@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
}
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -319,6 +319,8 @@ extern int max_data_rate; /* max bytes/s
@@ -320,6 +320,8 @@ extern int max_data_rate; /* max bytes/s
extern int req_unit; /* interface unit number to use */
extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */

View File

@ -77,7 +77,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
#ifdef MAXOCTETS
{ "maxoctets", o_int, &maxoctets,
"Set connection traffic limit",
@@ -1488,6 +1504,29 @@ callfile(argv)
@@ -1493,6 +1509,29 @@ callfile(argv)
return ok;
}

View File

@ -56,7 +56,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
/*
* Limits.
*/
@@ -316,6 +320,7 @@ extern char *record_file; /* File to rec
@@ -317,6 +321,7 @@ extern char *record_file; /* File to rec
extern bool sync_serial; /* Device is synchronous serial device */
extern int maxfail; /* Max # of unsuccessful connection attempts */
extern char linkname[MAXPATHLEN]; /* logical name for link */
@ -77,7 +77,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
static int tty_disc = N_TTY; /* The TTY discipline */
static int ppp_disc = N_PPP; /* The PPP discpline */
static int initfdflags = -1; /* Initial file descriptor flags for fd */
@@ -615,7 +619,8 @@ void generic_disestablish_ppp(int dev_fd
@@ -620,7 +624,8 @@ void generic_disestablish_ppp(int dev_fd
*/
static int make_ppp_unit()
{
@ -87,7 +87,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
if (ppp_dev_fd >= 0) {
dbglog("in make_ppp_unit, already had /dev/ppp open?");
@@ -638,6 +643,30 @@ static int make_ppp_unit()
@@ -643,6 +648,30 @@ static int make_ppp_unit()
}
if (x < 0)
error("Couldn't create new ppp unit: %m");

View File

@ -118,7 +118,7 @@ Signed-off-by: George Kashperko <george@znau.edu.ua>
&& memcmp(vd.dptr, key.dptr, vd.dsize) == 0;
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -693,6 +693,16 @@ void cfg_bundle(int mrru, int mtru, int
@@ -698,6 +698,16 @@ void cfg_bundle(int mrru, int mtru, int
add_fd(ppp_dev_fd);
}
@ -135,7 +135,7 @@ Signed-off-by: George Kashperko <george@znau.edu.ua>
/*
* make_new_bundle - create a new PPP unit (i.e. a bundle)
* and connect our channel to it. This should only get called
@@ -711,6 +721,8 @@ void make_new_bundle(int mrru, int mtru,
@@ -716,6 +726,8 @@ void make_new_bundle(int mrru, int mtru,
/* set the mrru and flags */
cfg_bundle(mrru, mtru, rssn, tssn);

View File

@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -1748,6 +1748,7 @@ int cifdefaultroute (int unit, u_int32_t
@@ -1756,6 +1756,7 @@ int cifdefaultroute (int unit, u_int32_t
SIN_ADDR(rt.rt_genmask) = 0L;
}

View File

@ -13,7 +13,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -1702,6 +1702,9 @@ int sifdefaultroute (int unit, u_int32_t
@@ -1710,6 +1710,9 @@ int sifdefaultroute (int unit, u_int32_t
memset (&rt, 0, sizeof (rt));
SET_SA_FAMILY (rt.rt_dst, AF_INET);
@ -23,7 +23,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
rt.rt_dev = ifname;
if (kernel_version > KVERSION(2,1,0)) {
@@ -1709,7 +1712,7 @@ int sifdefaultroute (int unit, u_int32_t
@@ -1717,7 +1720,7 @@ int sifdefaultroute (int unit, u_int32_t
SIN_ADDR(rt.rt_genmask) = 0L;
}

View File

@ -19,7 +19,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
static char loop_name[20];
static unsigned char inbuf[512]; /* buffer for chars read from loopback */
@@ -213,8 +213,8 @@ static int looped; /* 1 if using loop
@@ -214,8 +214,8 @@ static int looped; /* 1 if using loop
static int link_mtu; /* mtu for the link (not bundle) */
static struct utsname utsname; /* for the kernel version */
@ -29,7 +29,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
#define MAX_IFS 100
@@ -1443,11 +1443,12 @@ int ccp_fatal_error (int unit)
@@ -1451,11 +1451,12 @@ int ccp_fatal_error (int unit)
*
* path_to_procfs - find the path to the proc file system mount point
*/
@ -44,7 +44,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
struct mntent *mntent;
FILE *fp;
@@ -1469,6 +1470,7 @@ static char *path_to_procfs(const char *
@@ -1477,6 +1478,7 @@ static char *path_to_procfs(const char *
fclose (fp);
}
}
@ -52,7 +52,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
strlcpy(proc_path + proc_path_len, tail,
sizeof(proc_path) - proc_path_len);
@@ -2121,15 +2123,19 @@ int ppp_available(void)
@@ -2129,15 +2131,19 @@ int ppp_available(void)
int my_version, my_modification, my_patch;
int osmaj, osmin, ospatch;
@ -72,7 +72,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
/* XXX should get from driver */
driver_version = 2;
@@ -2189,6 +2195,7 @@ int ppp_available(void)
@@ -2197,6 +2203,7 @@ int ppp_available(void)
if (ok && ((ifr.ifr_hwaddr.sa_family & ~0xFF) != ARPHRD_PPP))
ok = 0;
@ -80,7 +80,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
/*
* This is the PPP device. Validate the version of the driver at this
@@ -2684,6 +2691,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
@@ -2730,6 +2737,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
}
#endif /* TIOCGPTN */
@ -88,7 +88,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
if (sfd < 0) {
/* the old way - scan through the pty name space */
for (i = 0; i < 64; ++i) {
@@ -2702,6 +2710,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
@@ -2748,6 +2756,7 @@ get_pty(master_fdp, slave_fdp, slave_nam
}
}
}
@ -138,7 +138,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
info("RP-PPPoE plugin version %s compiled against pppd %s",
--- a/pppd/plugins/pppol2tp/pppol2tp.c
+++ b/pppd/plugins/pppol2tp/pppol2tp.c
@@ -500,12 +500,7 @@ static void pppol2tp_cleanup(void)
@@ -486,12 +486,7 @@ static void pppol2tp_cleanup(void)
void plugin_init(void)
{

View File

@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
--- a/pppd/pppd.h
+++ b/pppd/pppd.h
@@ -316,7 +316,6 @@ extern int holdoff; /* Dead time before
@@ -317,7 +317,6 @@ extern int holdoff; /* Dead time before
extern bool holdoff_specified; /* true if user gave a holdoff value */
extern bool notty; /* Stdin/out is not a tty */
extern char *pty_socket; /* Socket to connect to pty */
@ -17,7 +17,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
extern char linkname[MAXPATHLEN]; /* logical name for link */
--- a/pppd/tty.c
+++ b/pppd/tty.c
@@ -145,7 +145,7 @@ char *disconnect_script = NULL; /* Scrip
@@ -146,7 +146,7 @@ char *disconnect_script = NULL; /* Scrip
char *welcomer = NULL; /* Script to run after phys link estab. */
char *ptycommand = NULL; /* Command to run on other side of pty */
bool notty = 0; /* Stdin/out is not a tty */
@ -26,7 +26,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
int max_data_rate; /* max bytes/sec through charshunt */
bool sync_serial = 0; /* Device is synchronous serial device */
char *pty_socket = NULL; /* Socket to connect to pty */
@@ -201,8 +201,10 @@ option_t tty_options[] = {
@@ -202,8 +202,10 @@ option_t tty_options[] = {
"Send and receive over socket, arg is host:port",
OPT_PRIO | OPT_DEVNAM },

View File

@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
--- a/pppd/sys-linux.c
+++ b/pppd/sys-linux.c
@@ -2259,6 +2259,7 @@ int ppp_available(void)
@@ -2267,6 +2267,7 @@ int ppp_available(void)
void logwtmp (const char *line, const char *name, const char *host)
{
@ -15,7 +15,7 @@ Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
struct utmp ut, *utp;
pid_t mypid = getpid();
#if __GLIBC__ < 2
@@ -2324,6 +2325,7 @@ void logwtmp (const char *line, const ch
@@ -2332,6 +2333,7 @@ void logwtmp (const char *line, const ch
close (wtmp);
}
#endif

View File

@ -1,13 +0,0 @@
Index: ppp-2.4.6/pppd/chap_ms.c
===================================================================
--- ppp-2.4.6.orig/pppd/chap_ms.c 2014-07-29 00:38:03.073968867 +0100
+++ ppp-2.4.6/pppd/chap_ms.c 2014-07-29 00:41:52.897964689 +0100
@@ -382,7 +382,7 @@
unsigned char *private)
{
const struct chapms2_response_cache_entry *cache_entry;
- unsigned char auth_response[MS_AUTH_RESPONSE_LENGTH];
+ unsigned char auth_response[MS_AUTH_RESPONSE_LENGTH+1];
challenge++; /* skip length, should be 16 */
*response++ = MS_CHAP2_RESPONSE_LEN;