--- pptp-linux-1.8.0.orig/pptpsetup.8 +++ pptp-linux-1.8.0/pptpsetup.8 @@ -0,0 +1,207 @@ +.\" Automatically generated by Pod::Man 2.1801 (Pod::Simple 3.05) +.\" +.\" Standard preamble: +.\" ======================================================================== +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Vb \" Begin verbatim text +.ft CW +.nf +.ne \\$1 +.. +.de Ve \" End verbatim text +.ft R +.fi +.. +.\" Set up some character translations and predefined strings. \*(-- will +.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left +.\" double quote, and \*(R" will give a right double quote. \*(C+ will +.\" give a nicer C++. Capital omega is used to do unbreakable dashes and +.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, +.\" nothing in troff, for use with C<>. +.tr \(*W- +.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' +.ie n \{\ +. ds -- \(*W- +. ds PI pi +. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch +. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch +. ds L" "" +. ds R" "" +. ds C` "" +. ds C' "" +'br\} +.el\{\ +. ds -- \|\(em\| +. ds PI \(*p +. ds L" `` +. ds R" '' +'br\} +.\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" +.\" If the F register is turned on, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. +.ie \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" +.. +. nr % 0 +. rr F +.\} +.el \{\ +. de IX +.. +.\} +.\" +.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). +.\" Fear. Run. Save yourself. No user-serviceable parts. +. \" fudge factors for nroff and troff +.if n \{\ +. ds #H 0 +. ds #V .8m +. ds #F .3m +. ds #[ \f1 +. ds #] \fP +.\} +.if t \{\ +. ds #H ((1u-(\\\\n(.fu%2u))*.13m) +. ds #V .6m +. ds #F 0 +. ds #[ \& +. ds #] \& +.\} +. \" simple accents for nroff and troff +.if n \{\ +. ds ' \& +. ds ` \& +. ds ^ \& +. ds , \& +. ds ~ ~ +. ds / +.\} +.if t \{\ +. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" +. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' +. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' +. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' +. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' +. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' +.\} +. \" troff and (daisy-wheel) nroff accents +.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' +.ds 8 \h'\*(#H'\(*b\h'-\*(#H' +.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] +.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' +.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' +.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] +.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] +.ds ae a\h'-(\w'a'u*4/10)'e +.ds Ae A\h'-(\w'A'u*4/10)'E +. \" corrections for vroff +.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' +.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' +. \" for low resolution devices (crt and lpr) +.if \n(.H>23 .if \n(.V>19 \ +\{\ +. ds : e +. ds 8 ss +. ds o a +. ds d- d\h'-1'\(ga +. ds D- D\h'-1'\(hy +. ds th \o'bp' +. ds Th \o'LP' +. ds ae ae +. ds Ae AE +.\} +.rm #[ #] #H #V #F C +.\" ======================================================================== +.\" +.IX Title "PPTPSETUP 1" +.TH PPTPSETUP 1 "2009-04-12" "perl v5.10.0" "User Contributed Perl Documentation" +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh +.SH "NAME" +pptpsetup \- Point\-to\-Point Tunneling Protocol setup +.SH "SYNOPSIS" +.IX Header "SYNOPSIS" +.Vb 3 +\& pptpsetup \-\-create \-\-server [\-\-domain ] +\& \-\-username [\-\-password ] +\& [\-\-encrypt] [\-\-start] +\& +\& pptpsetup \-\-delete +.Ve +.SH "DESCRIPTION" +.IX Header "DESCRIPTION" +\&\s-1PPTP\s0 Client is a Linux, FreeBSD, NetBSD and OpenBSD client for the +proprietary Microsoft Point-to-Point Tunneling Protocol, \s-1PPTP\s0. +.PP +This script configures \s-1PPTP\s0 Client on Linux. +.SH "OPTIONS" +.IX Header "OPTIONS" +.IP "\-\-create \s-1TUNNEL\s0" 16 +.IX Item "--create TUNNEL" +create a tunnel named \s-1TUNNEL\s0 +.IP "\-\-delete \s-1TUNNEL\s0" 16 +.IX Item "--delete TUNNEL" +delete the file /etc/ppp/peers/TUNNEL and any lines from +/etc/ppp/chap\-secrets that contains \*(L"\s-1TUNNEL\s0\*(R" as a single word +.IP "\-\-server \s-1SERVER\s0" 16 +.IX Item "--server SERVER" +the \s-1IP\s0 address or host name of the server +.IP "\-\-domain \s-1DOMAIN\s0" 16 +.IX Item "--domain DOMAIN" +the authentication domain name (optional) +.IP "\-\-username \s-1USERNAME\s0" 16 +.IX Item "--username USERNAME" +the username you are to use +.IP "\-\-password \s-1PASSWORD\s0" 16 +.IX Item "--password PASSWORD" +the password you are to use. If you don't specify a password, +pptpsetup will ask for one. +.IP "\-\-encrypt" 16 +.IX Item "--encrypt" +whether encryption is required +.IP "\-\-start" 16 +.IX Item "--start" +whether the connection should be started after configuration. +.SH "AUTHOR" +.IX Header "AUTHOR" +Nelson Ferraz , +based on James Cameron's \s-1PPTP\s0 Client Debian \s-1HOWTO\s0. +.SH "SEE ALSO" +.IX Header "SEE ALSO" +.IP "\s-1PPTP\s0 Client Debian \s-1HOWTO\s0" 16 +.IX Item "PPTP Client Debian HOWTO" +http://pptpclient.sourceforge.net/howto\-debian.phtml +.IP "\s-1PPTP\s0 Client Diagnosis \s-1HOWTO\s0" 16 +.IX Item "PPTP Client Diagnosis HOWTO" +http://pptpclient.sourceforge.net/howto\-diagnosis.phtml +.SH "COPYRIGHT" +.IX Header "COPYRIGHT" +pptpsetup \- Point-to-Point Tunneling Protocol setup +.PP +Copyright (C) 2006 Nelson Ferraz +.PP +This program is free software; you can redistribute it and/or modify +it under the terms of the \s-1GNU\s0 General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. +.PP +This program is distributed in the hope that it will be useful, +but \s-1WITHOUT\s0 \s-1ANY\s0 \s-1WARRANTY\s0; without even the implied warranty of +\&\s-1MERCHANTABILITY\s0 or \s-1FITNESS\s0 \s-1FOR\s0 A \s-1PARTICULAR\s0 \s-1PURPOSE\s0. See the +\&\s-1GNU\s0 General Public License for more details. +.PP +You should have received a copy of the \s-1GNU\s0 General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, \s-1MA\s0 02110\-1301 \s-1USA\s0 --- pptp-linux-1.8.0.orig/pptp_ctrl.c +++ pptp-linux-1.8.0/pptp_ctrl.c @@ -20,6 +20,7 @@ #include #include #include +#include #include "pptp_msg.h" #include "pptp_ctrl.h" #include "pptp_options.h" @@ -325,6 +326,26 @@ return (conn->conn_state == CONN_ESTABLISHED); } +int randci () +{ + unsigned short int i=0; + int fd; + + fd=open ("/dev/random", O_RDONLY); + if (fd >= 0) { + read(fd,&i,2); + close(fd); + } + + if (i == 0) { + log("problem: opening /dev/random or getting number"); + log("using rand()"); + srand(time(NULL)); + i=(unsigned short int)(rand() & 0xffff); + } + return i; +} + /* This currently *only* works for client call requests. * We need to do something else to allocate calls for incoming requests. */ @@ -348,6 +369,8 @@ if (!vector_scan(conn->call, 0, PPTP_MAX_CHANNELS - 1, &i)) /* no more calls available! */ return NULL; + if (i == 0) + i=randci(); /* allocate structure. */ if ((call = malloc(sizeof(*call))) == NULL) return NULL; /* Initialize call structure */ --- pptp-linux-1.8.0.orig/pqueue.h +++ pptp-linux-1.8.0/pqueue.h @@ -9,7 +9,10 @@ extern int packet_timeout_usecs; /* assume packet is bad/spoofed if it's more than this many seqs ahead */ -#define MISSING_WINDOW 300 +/* default is NOT to check - command line override via '--missing-window '*/ +/* default value is 300 - recommended is 6000 for high speed data rates*/ +#define MISSING_WINDOW -1 +extern int missing_window; /* Packet queue structure: linked list of packets received out-of-order */ typedef struct pqueue { --- pptp-linux-1.8.0.orig/pptp_gre.c +++ pptp-linux-1.8.0/pptp_gre.c @@ -421,9 +421,9 @@ seq, seq_recv + 1); stats.rx_underwin++; /* sequence number too high, is it reasonably close? */ - } else if ( seq < seq_recv + MISSING_WINDOW || - WRAPPED(seq, seq_recv + MISSING_WINDOW) ) { - stats.rx_buffered++; + } else if ( (missing_window == -1) || + (seq < seq_recv + missing_window || WRAPPED(seq, seq_recv + missing_window)) ) { + stats.rx_buffered++; if ( log_level >= 1 ) log("%s packet %d (expecting %d, lost or reordered)", disable_buffer ? "accepting" : "buffering", --- pptp-linux-1.8.0.orig/pptp.8 +++ pptp-linux-1.8.0/pptp.8 @@ -230,7 +230,7 @@ .IR pppd (8) .PP Documentation in -.IR /usr/share/doc/pptp +.IR /usr/share/doc/pptp-linux .SH AUTHOR This manual page was written by James Cameron from text contributed by Thomas Quinot --- pptp-linux-1.8.0.orig/pptp.c +++ pptp-linux-1.8.0/pptp.c @@ -79,6 +79,7 @@ int disable_buffer = 0; int test_type = 0; int test_rate = 100; +int missing_window = MISSING_WINDOW; struct in_addr get_ip_address(char *name); int open_callmgr(struct in_addr inetaddr, char *phonenr, int argc,char **argv,char **envp, int pty_fd, int gre_fd); @@ -126,6 +127,7 @@ " --loglevel Sets the debugging level (0=low, 1=default, 2=high)\n" " --test-type Damage the packet stream by reordering\n" " --test-rate Do the test every n packets\n", + " --missing-window Activate 'missing window' validation and set tolerance to packages (300=default, 6000=recommended)\n", version, progname, progname); log("%s called with wrong arguments, program not started.", progname); @@ -219,6 +221,7 @@ {"version", 0, 0, 0}, {"test-type", 1, 0, 0}, {"test-rate", 1, 0, 0}, + {"missing-window", 1, 0, 0}, {"rtmark", 1, 0, 0}, {"nohostroute", 0, 0, 0}, {0, 0, 0, 0} @@ -299,6 +302,20 @@ test_type = atoi(optarg); } else if (option_index == 14) { /* --test-rate */ test_rate = atoi(optarg); + } else if (option_index == 15) { /* --missing window */ + int x = atoi(optarg); + if (x <= 0) { + fprintf(stderr, "--missing-window must be integer greater than zero\n"); + log("--missing-window must be integer greater than zero\n"); + exit(2); + } else if (x < 300) { + fprintf(stderr, "--missing-window is set very low: default=300, recommended=6000 - proceeding anyway\n"); + log("--missing-window is set very low: default=300, recommended=6000 - proceeding anyway\n"); + } else { + fprintf(stderr, "--missing-window validation is active and set to: %d\n", x); + log("--missing-window validation is active and set to: %d\n", x); + missing_window = x; + } } else if (option_index == 15) { /* --rtmark */ #ifdef SO_MARK rtmark = atoi(optarg); @@ -442,19 +459,27 @@ /*** get the ipaddress coming from the command line ***************************/ struct in_addr get_ip_address(char *name) { + int rc; struct in_addr retval; - struct hostent *host = gethostbyname(name); - if (host == NULL) { - if (h_errno == HOST_NOT_FOUND) - fatal("gethostbyname '%s': HOST NOT FOUND", name); - else if (h_errno == NO_ADDRESS) - fatal("gethostbyname '%s': NO IP ADDRESS", name); - else - fatal("gethostbyname '%s': name server error", name); - } - if (host->h_addrtype != AF_INET) - fatal("Host '%s' has non-internet address", name); - memcpy(&retval.s_addr, host->h_addr, sizeof(retval.s_addr)); + struct addrinfo hints, *ai; + + memset(&hints, '\0', sizeof(hints)); + hints.ai_family = AF_INET; +#if defined(__linux__) || defined(__FreeBSD__) + hints.ai_flags = AI_ADDRCONFIG; /* Unknown in OpenBSD. */ +#endif + + if ( (rc = getaddrinfo(name, NULL, &hints, &ai)) ) + fatal("getaddrinfo(): %s", gai_strerror(rc)); + + if (ai->ai_addr->sa_family != AF_INET) /* Should never happen. */ + fatal("Host '%s' possesses no IPv4 address", name); + + memcpy(&retval.s_addr, + &(((struct sockaddr_in *) ai->ai_addr)->sin_addr.s_addr), + sizeof(retval.s_addr)); + freeaddrinfo(ai); + return retval; } --- pptp-linux-1.8.0.orig/debian/watch +++ pptp-linux-1.8.0/debian/watch @@ -0,0 +1,3 @@ +version=2 + +http://www.mirrors.au.wiretapped.net/security/network-security/pptpclient/pptp-([0-9\.]*)\.tar\.gz debian uupdate --- pptp-linux-1.8.0.orig/debian/README.Debian +++ pptp-linux-1.8.0/debian/README.Debian @@ -0,0 +1,15 @@ +README.Debian +============= + +This package works with the ppp package with version 2.4.2 and higher. + +In order to make it cooperate with earlier versions of ppp you have to patch +the ppp package. + +If you want further information take a look at: +http://pptpclient.sourceforge.net/howto-debian.phtml + +MPPE (Microsoft Point-to-Point Encryption) support requires an additionnal +kernel module, provided by the Linux kernel version 2.6.15 and above. + + -- Ola Lundqvist , Tue Apr 22 08:15:04 2008 --- pptp-linux-1.8.0.orig/debian/pptp-linux.docs +++ pptp-linux-1.8.0/debian/pptp-linux.docs @@ -0,0 +1,7 @@ +debian/copyright +README +TODO +USING +AUTHORS +Documentation/*.* +Documentation/PORTING --- pptp-linux-1.8.0.orig/debian/copyright +++ pptp-linux-1.8.0/debian/copyright @@ -0,0 +1,28 @@ +This package was initially debianized by Christoph Lameter, +, on Sun, 25 Jan 1998 22:42:45 -0800. +It is now maintained by Ola Lundqvist + +The current release is available from: + http://pptpclient.sourceforge.net/ + +Copyright: + + Copyright (C) 2000 Free Software Foundation + +License: + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the + Free Software Foundation; either version 2 of the License, or (at your + option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + for more details. + + A copy of the GNU General Public License is available as + /usr/share/common-licenses/GPL in the Debian GNU/Linux distribution or on the + World Wide Web at http://www.gnu.org/copyleft/gpl.html. You can also + obtain it by writing to the Free Software Foundation, Inc., 51 Franklin St, + Fifth Floor, Boston, MA 02110-1301, USA. --- pptp-linux-1.8.0.orig/debian/compat +++ pptp-linux-1.8.0/debian/compat @@ -0,0 +1 @@ +7 --- pptp-linux-1.8.0.orig/debian/rules +++ pptp-linux-1.8.0/debian/rules @@ -0,0 +1,73 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# This file is public domain software, originally written by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# This is the debhelper compatibility version to use. +#export DH_COMPAT=4 + +build: build-stamp +build-stamp: + dh_testdir + + $(MAKE) + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp + + [ ! -f Makefile ] || $(MAKE) distclean + rm -f Reference/README.Reference + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_prep + dh_installdirs + + # Add here commands to install the package into debian/ + $(MAKE) install DESTDIR=$(CURDIR)/debian/pptp-linux + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir -a + dh_testroot -a +# dh_installdebconf -a + dh_installdocs -a + dh_installexamples -a + dh_installmenu -a +# dh_installlogrotate -a +# dh_installemacsen -a +# dh_installpam -a +# dh_installmime -a +# dh_installinit -a +# dh_installcron -a + dh_installman -a + dh_installinfo -a +# dh_undocumented -a + dh_installchangelogs -a NEWS + dh_link -a + dh_strip -a + dh_compress -a + dh_fixperms -a +# dh_makeshlibs -a + dh_installdeb -a +# dh_perl -a + dh_shlibdeps -a + dh_gencontrol -a + dh_md5sums -a + dh_builddeb -a + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- pptp-linux-1.8.0.orig/debian/control +++ pptp-linux-1.8.0/debian/control @@ -0,0 +1,14 @@ +Source: pptp-linux +Section: net +Priority: optional +Maintainer: Ola Lundqvist +Standards-Version: 3.9.0 +Build-Depends: debhelper (>= 7.0) + +Package: pptp-linux +Architecture: linux-any +Depends: ${shlibs:Depends}, ${misc:Depends}, ppp (>= 2.4.2), binutils +Description: Point-to-Point Tunneling Protocol (PPTP) Client + Client for the proprietary Microsoft Point-to-Point Tunneling + Protocol, PPTP. Allows connection to a PPTP based VPN as used + by employers and some cable and ADSL service providers. --- pptp-linux-1.8.0.orig/debian/changelog +++ pptp-linux-1.8.0/debian/changelog @@ -0,0 +1,244 @@ +pptp-linux (1.8.0-1) unstable; urgency=low + + * New upstream release. Closes: #741918. + * Closes: #721963. Applied patch from Alexander Oelzant that solve a + problem with simultaneous connections. Thanks to Yahor Zaleski + for pointing me to this patch. + * Closes: #680455. Applied a patch to solve ubuntu bug 681617. + This is a solution to a unresponsiveness problem when downloading things + at high speed. Thanks to Michael Hudson-Doyle + for this fix. + * Closes: #569964. Minor documentation fix (path). + + -- Ola Lundqvist Thu, 28 May 2015 22:46:07 +0200 + +pptp-linux (1.7.2-7) unstable; urgency=low + + * Making this package linux specific as it is not known whether it + works on BSD port and currently it is uninstallable on kFreeBSD + port. Closes: #648361. + + -- Ola Lundqvist Mon, 19 Mar 2012 21:29:19 +0100 + +pptp-linux (1.7.2-6) unstable; urgency=low + + * Now depends on binutils. Closes: #587506. + * Added ${misc:Depends} to the depends line as it uses debhelper. + * Updated from debhelper compatibility 4 to 7. + * Changed from dh_clean -k to dh_prep. + * Updated to standards version 3.9.0 (from 3.8.0). + + -- Ola Lundqvist Sun, 05 Sep 2010 21:07:06 +0200 + +pptp-linux (1.7.2-5) unstable; urgency=low + + * Applied patch from Mats Erik Andersson + that make sure that only IPv4 + addresses are returned from dns resolving. Is needed until IPv6 + support is available for this tool. Closes: #576671. + + -- Ola Lundqvist Wed, 16 Jun 2010 08:40:19 +0200 + +pptp-linux (1.7.2-4) unstable; urgency=low + + * Removed suggest for kernel-patch-mppe as that package has been + removed. Closes: #564030. + * Updated to standards version 3.8.0. + * Updated debian/rules clean target to be lintian compliant. + * Switched from DH_COMPAT in debian/rules to a compat file. Still version + 4 compatible. + + -- Ola Lundqvist Wed, 13 Jan 2010 08:32:28 +0100 + +pptp-linux (1.7.2-3) unstable; urgency=high + + * Instead of changing permissions after, make sure to set the proper + umask. Closes: #523476. + + -- Ola Lundqvist Tue, 28 Apr 2009 06:47:47 +0200 + +pptp-linux (1.7.2-2) unstable; urgency=low + + * Make sure that the pptpsetup --delete option do not make passwords + in chap-secrets file visible to anyone. Closes: #523476. + + -- Ola Lundqvist Sun, 12 Apr 2009 18:48:18 +0200 + +pptp-linux (1.7.2-1) unstable; urgency=low + + * New upstream release + * This new release fixes crash according to upstream. Closes: #427586. + * Updated copyright file according to changes in upstream file. This is + just editorial changes. Also made it clear about who is the current + maintainer. + * This new version includes pptpsetup with man page. This should make the + following bug obsolete. Closes: #167216. + * Removed non-free document. + * Updated to standards version 3.7.2. + + -- Ola Lundqvist Sun, 1 Jun 2008 20:54:10 +0200 + +pptp-linux (1.7.0-3) unstable; urgency=low + + * Updated description, closes: #473712. + + -- Ola Lundqvist Tue, 22 Apr 2008 08:13:25 +0200 + +pptp-linux (1.7.0-2) unstable; urgency=low + + * Updated description on when you need mppe patch, closes: #360106. + * Updated to debhelper 4 compatibility. + * Updated to standards version 3.6.2. + + -- Ola Lundqvist Sat, 1 Apr 2006 11:35:32 +0200 + +pptp-linux (1.7.0-1) unstable; urgency=low + + * New upstream release, closes: #313319, #314824. + * Created a debian/watch file to make it easier to update in the future. + * Removed non-free documentation from the orig tarball. + Reference/rfc* Reference/ms-chap.txt Reference/pptp-draft.txt + Closes: #312366. + + -- Ola Lundqvist Sun, 25 Sep 2005 13:49:58 +0200 + +pptp-linux (1.5.0-5) unstable; urgency=low + + * Fixed version reference in README.Debian, closes: #267696. + Also dded URL to upstream Debian howto. + + -- Ola Lundqvist Mon, 31 Jan 2005 21:08:40 +0100 + +pptp-linux (1.5.0-4) unstable; urgency=low + + * Fixed manpage issue with not quoted '-', closes: #264872. + + -- Ola Lundqvist Tue, 10 Aug 2004 20:59:37 +0200 + +pptp-linux (1.5.0-3) unstable; urgency=low + + * Updated manpage so that it have options that is supported by pppd, + closes: #264849. + + -- Ola Lundqvist Tue, 10 Aug 2004 20:06:03 +0200 + +pptp-linux (1.5.0-2) unstable; urgency=low + + * Updated package description so it do not say that you need to patch + ppp. + * Made a versioned dependency on ppp. + + -- Ola Lundqvist Fri, 6 Aug 2004 20:58:04 +0200 + +pptp-linux (1.5.0-1) unstable; urgency=low + + * New upstream release, closes: #241789. + * Updated the README file to tell that it works with ppp in sarge + and sid, closes: #243497. + * Updated standards version to 3.6.1. + * Added versioned dependency on debhelper. + + -- Ola Lundqvist Wed, 28 Jul 2004 18:47:48 +0200 + +pptp-linux (1.3.1-1) unstable; urgency=low + + * New upstream version, closes: #197884. + + -- Ola Lundqvist Thu, 26 Jun 2003 11:12:25 +0200 + +pptp-linux (1.2.0-2) unstable; urgency=low + + * New maintainer, closes: #184657. + * Now suggests kernel-patch-mppe, closes: #180538. + * Added some more info in the description of the package and created + a README.Debian file. Noted that you need to patch ppp in order to + get things to work properly. + * Updated the standards version from 3.1.1 to 3.5.8 (no other changes). + * Removed CVS dir from installation. + * Cleaned up the rules file. + + -- Ola Lundqvist Wed, 16 Apr 2003 22:40:17 +0200 + +pptp-linux (1.2.0-1) unstable; urgency=low + + * New upstream release. Closes: #141173. + + -- Thomas Quinot Fri, 14 Mar 2003 00:00:00 +0000 + +pptp-linux (1.1.0-2) unstable; urgency=low + + * Update description. Closes: #150666. + + -- Thomas Quinot Sun, 23 Jun 2002 20:53:50 +0000 + +pptp-linux (1.1.0-1) unstable; urgency=low + + * New upstream release. + + -- Thomas Quinot Fri, 20 Mar 2002 11:30:55 +1100 + +pptp-linux (1.0.3-2) frozen unstable; urgency=low + + * Update upstream distribution information. Closes: #97159. + + -- Thomas Quinot Fri, 11 May 2001 16:57:11 +0200 + +pptp-linux (1.0.3-1) frozen unstable; urgency=low + + * New upstream release. Debian patches have been integrated. + * Get rid of yada. + + -- Thomas Quinot Thu, 10 May 2001 14:29:30 +0200 + +pptp-linux (1.0.2-5) frozen unstable; urgency=low + + * Remove bashism in debian/rules. + Reported by Peter Palfrader . + Closes: #87653. + * Make sure yada is executable. Closes: #86888. + + -- Thomas Quinot Tue, 13 Mar 2001 11:43:31 +0100 + +pptp-linux (1.0.2-4) frozen unstable; urgency=low + + * Updated YADA to 0.9.4. Closes: #84564. + + -- Thomas Quinot Sun, 4 Feb 2001 18:42:10 +0100 + +pptp-linux (1.0.2-3) frozen unstable; urgency=low + + * New maintainer. + * Update Standards-Version. + * Use YADA. + * Fix order of local and remote call ID. + Fix bearer capability specification. + Closes: #48536, #55532. + * Fix several gross bugs. Closes: #55583. + * Patch to allow bug-compatibility with Alcated ADSL 1000 modem. + + -- Thomas Quinot Mon, 10 Jul 2000 23:52:16 +0200 + +pptp-linux (1.0.2-2) frozen unstable; urgency=low + + * lintian: binary-without-manpage pptp, + binary-without-manpage pptp_callmgr + including links to undocumented.7.gz for now (Bug#20141) + + -- Roberto Lumbreras Tue, 24 Mar 1998 04:06:02 +0100 + +pptp-linux (1.0.2-1) unstable; urgency=low + + * new upstream version + * updated to Standards-Version 2.4.0.0 + + -- Roberto Lumbreras Mon, 2 Mar 1998 04:34:22 +0100 + +pptp-linux (1.0.1-1) unstable; urgency=low + + * Initial Release. + + -- Christoph Lameter Sun, 25 Jan 1998 22:42:45 -0800 + +Local variables: +mode: debian-changelog +End: --- pptp-linux-1.8.0.orig/debian/patches/use_getaddrinfo_in_pptp_c.diff +++ pptp-linux-1.8.0/debian/patches/use_getaddrinfo_in_pptp_c.diff @@ -0,0 +1,53 @@ +Description: Replace gethostbyname(3) by getaddrinfo(3). + The indicated change of library routine produces a robuster + resolver code. This is a standard technique, and also + prevents an environment variable "RES_OPTIONS=inet6", + or an entry "options inet6" in "/etc/resolv.conf, from + disturbing gethostbyname(), as these options will make + the returned hostentry list contain only IPv6 addresses. +Author: Mats Erik Andersson +Forwarded: no +X-Comment: Untested in a productive network. +Last-Update: 2010-06-09 +--- pptp-linux-1.7.2/pptp.c.orig 2008-05-14 08:33:55.000000000 +0200 ++++ pptp-linux-1.7.2/pptp.c 2010-06-09 23:27:36.000000000 +0200 +@@ -423,19 +423,27 @@ + /*** get the ipaddress coming from the command line ***************************/ + struct in_addr get_ip_address(char *name) + { ++ int rc; + struct in_addr retval; +- struct hostent *host = gethostbyname(name); +- if (host == NULL) { +- if (h_errno == HOST_NOT_FOUND) +- fatal("gethostbyname '%s': HOST NOT FOUND", name); +- else if (h_errno == NO_ADDRESS) +- fatal("gethostbyname '%s': NO IP ADDRESS", name); +- else +- fatal("gethostbyname '%s': name server error", name); +- } +- if (host->h_addrtype != AF_INET) +- fatal("Host '%s' has non-internet address", name); +- memcpy(&retval.s_addr, host->h_addr, sizeof(retval.s_addr)); ++ struct addrinfo hints, *ai; ++ ++ memset(&hints, '\0', sizeof(hints)); ++ hints.ai_family = AF_INET; ++#if defined(__linux__) || defined(__FreeBSD__) ++ hints.ai_flags = AI_ADDRCONFIG; /* Unknown in OpenBSD. */ ++#endif ++ ++ if ( (rc = getaddrinfo(name, NULL, &hints, &ai)) ) ++ fatal("getaddrinfo(): %s", gai_strerror(rc)); ++ ++ if (ai->ai_addr->sa_family != AF_INET) /* Should never happen. */ ++ fatal("Host '%s' possesses no IPv4 address", name); ++ ++ memcpy(&retval.s_addr, ++ &(((struct sockaddr_in *) ai->ai_addr)->sin_addr.s_addr), ++ sizeof(retval.s_addr)); ++ freeaddrinfo(ai); ++ + return retval; + } + --- pptp-linux-1.8.0.orig/debian/patches/adj_missing_window.diff +++ pptp-linux-1.8.0/debian/patches/adj_missing_window.diff @@ -0,0 +1,91 @@ +diff -aur pptp-1.7.2/pptp.c copy/pptp.c +--- pptp-1.7.2/pptp.c 2008-05-14 08:33:55.000000000 +0200 ++++ copy/pptp.c 2012-05-10 13:37:14.000000000 +0200 +@@ -79,6 +79,7 @@ + int disable_buffer = 0; + int test_type = 0; + int test_rate = 100; ++int missing_window = MISSING_WINDOW; + + struct in_addr get_ip_address(char *name); + int open_callmgr(struct in_addr inetaddr, char *phonenr, int argc,char **argv,char **envp, int pty_fd, int gre_fd); +@@ -116,13 +117,14 @@ + " --timeout Time to wait for reordered packets (0.01 to 10 secs)\n" + " --nobuffer Disable packet buffering and reordering completely\n" + " --idle-wait Time to wait before sending echo request\n" +- " --max-echo-wait Time to wait before giving up on lack of reply\n" ++ " --max-echo-wait Time to wait before giving up on lack of reply\n" + " --logstring Use instead of 'anon' in syslog messages\n" + " --localbind Bind to specified IP address instead of wildcard\n" + " --loglevel Sets the debugging level (0=low, 1=default, 2=high)\n" + " --test-type Damage the packet stream by reordering\n" +- " --test-rate Do the test every n packets\n", +- ++ " --test-rate yDo the test every n packets\n" ++ " --missing-window Activate 'missing window' validation and set tolerance to packages (300=default, 6000=recommended)\n", ++ + version, progname, progname); + log("%s called with wrong arguments, program not started.", progname); + exit(1); +@@ -212,6 +214,7 @@ + {"version", 0, 0, 0}, + {"test-type", 1, 0, 0}, + {"test-rate", 1, 0, 0}, ++ {"missing-window", 1, 0, 0}, + {0, 0, 0, 0} + }; + int option_index = 0; +@@ -290,7 +293,21 @@ + test_type = atoi(optarg); + } else if (option_index == 14) { /* --test-rate */ + test_rate = atoi(optarg); +- } ++ } else if (option_index == 15) { /* --missing window */ ++ int x = atoi(optarg); ++ if (x <= 0) { ++ fprintf(stderr, "--missing-window must be integer greater than zero\n"); ++ log("--missing-window must be integer greater than zero\n"); ++ exit(2); ++ } else if (x < 300) { ++ fprintf(stderr, "--missing-window is set very low: default=300, recommended=6000 - proceeding anyway\n"); ++ log("--missing-window is set very low: default=300, recommended=6000 - proceeding anyway\n"); ++ } else { ++ fprintf(stderr, "--missing-window validation is active and set to: %d\n", x); ++ log("--missing-window validation is active and set to: %d\n", x); ++ missing_window = x; ++ } ++ } + break; + case '?': /* unrecognised option */ + /* fall through */ +diff -aur pptp-1.7.2/pptp_gre.c copy/pptp_gre.c +--- pptp-1.7.2/pptp_gre.c 2008-05-14 08:33:55.000000000 +0200 ++++ copy/pptp_gre.c 2012-05-10 14:00:20.554335736 +0200 +@@ -405,9 +405,9 @@ + seq, seq_recv + 1); + stats.rx_underwin++; + /* sequence number too high, is it reasonably close? */ +- } else if ( seq < seq_recv + MISSING_WINDOW || +- WRAPPED(seq, seq_recv + MISSING_WINDOW) ) { +- stats.rx_buffered++; ++ } else if ( (missing_window == -1) || ++ (seq < seq_recv + missing_window || WRAPPED(seq, seq_recv + missing_window)) ) { ++ stats.rx_buffered++; + if ( log_level >= 1 ) + log("%s packet %d (expecting %d, lost or reordered)", + disable_buffer ? "accepting" : "buffering", +diff -aur pptp-1.7.2/pqueue.h copy/pqueue.h +--- pptp-1.7.2/pqueue.h 2008-05-14 08:33:55.000000000 +0200 ++++ copy/pqueue.h 2012-05-10 13:37:22.000000000 +0200 +@@ -9,7 +9,10 @@ + extern int packet_timeout_usecs; + + /* assume packet is bad/spoofed if it's more than this many seqs ahead */ +-#define MISSING_WINDOW 300 ++/* default is NOT to check - command line override via '--missing-window '*/ ++/* default value is 300 - recommended is 6000 for high speed data rates*/ ++#define MISSING_WINDOW -1 ++extern int missing_window; + + /* Packet queue structure: linked list of packets received out-of-order */ + typedef struct pqueue { --- pptp-linux-1.8.0.orig/debian/patches/569964-pptp.8.diff +++ pptp-linux-1.8.0/debian/patches/569964-pptp.8.diff @@ -0,0 +1,13 @@ +only in patch2: +unchanged: +--- pptp-linux-1.7.2.orig/pptp.8 ++++ pptp-linux-1.7.2/pptp.8 +@@ -193,7 +193,7 @@ + .IR pppd (8) + .PP + Documentation in +-.IR /usr/share/doc/pptp ++.IR /usr/share/doc/pptp-linux + .SH AUTHOR + This manual page was written by James Cameron + from text contributed by Thomas Quinot --- pptp-linux-1.8.0.orig/debian/patches/680455-pptp-linux_1.7.2-6_1.7.2-6ubuntu1.diff +++ pptp-linux-1.8.0/debian/patches/680455-pptp-linux_1.7.2-6_1.7.2-6ubuntu1.diff @@ -0,0 +1,202 @@ +diff -u pptp-linux-1.7.2/pptp.c pptp-linux-1.7.2/pptp.c +--- pptp-linux-1.7.2/pptp.c ++++ pptp-linux-1.7.2/pptp.c +@@ -79,6 +79,7 @@ + int disable_buffer = 0; + int test_type = 0; + int test_rate = 100; ++int missing_window = MISSING_WINDOW; + + struct in_addr get_ip_address(char *name); + int open_callmgr(struct in_addr inetaddr, char *phonenr, int argc,char **argv,char **envp, int pty_fd, int gre_fd); +@@ -116,13 +117,14 @@ + " --timeout Time to wait for reordered packets (0.01 to 10 secs)\n" + " --nobuffer Disable packet buffering and reordering completely\n" + " --idle-wait Time to wait before sending echo request\n" +- " --max-echo-wait Time to wait before giving up on lack of reply\n" ++ " --max-echo-wait Time to wait before giving up on lack of reply\n" + " --logstring Use instead of 'anon' in syslog messages\n" + " --localbind Bind to specified IP address instead of wildcard\n" + " --loglevel Sets the debugging level (0=low, 1=default, 2=high)\n" + " --test-type Damage the packet stream by reordering\n" +- " --test-rate Do the test every n packets\n", +- ++ " --test-rate yDo the test every n packets\n" ++ " --missing-window Activate 'missing window' validation and set tolerance to packages (300=default, 6000=recommended)\n", ++ + version, progname, progname); + log("%s called with wrong arguments, program not started.", progname); + exit(1); +@@ -212,6 +214,7 @@ + {"version", 0, 0, 0}, + {"test-type", 1, 0, 0}, + {"test-rate", 1, 0, 0}, ++ {"missing-window", 1, 0, 0}, + {0, 0, 0, 0} + }; + int option_index = 0; +@@ -290,7 +293,21 @@ + test_type = atoi(optarg); + } else if (option_index == 14) { /* --test-rate */ + test_rate = atoi(optarg); +- } ++ } else if (option_index == 15) { /* --missing window */ ++ int x = atoi(optarg); ++ if (x <= 0) { ++ fprintf(stderr, "--missing-window must be integer greater than zero\n"); ++ log("--missing-window must be integer greater than zero\n"); ++ exit(2); ++ } else if (x < 300) { ++ fprintf(stderr, "--missing-window is set very low: default=300, recommended=6000 - proceeding anyway\n"); ++ log("--missing-window is set very low: default=300, recommended=6000 - proceeding anyway\n"); ++ } else { ++ fprintf(stderr, "--missing-window validation is active and set to: %d\n", x); ++ log("--missing-window validation is active and set to: %d\n", x); ++ missing_window = x; ++ } ++ } + break; + case '?': /* unrecognised option */ + /* fall through */ +diff -u pptp-linux-1.7.2/debian/changelog pptp-linux-1.7.2/debian/changelog +--- pptp-linux-1.7.2/debian/changelog ++++ pptp-linux-1.7.2/debian/changelog +@@ -1,3 +1,9 @@ ++pptp-linux (1.7.2-6ubuntu1) precise; urgency=low ++ ++ * Include adj_missing_window.patch from bug #681617 ++ ++ -- Michael Hudson-Doyle Wed, 04 Jul 2012 10:29:36 +1200 ++ + pptp-linux (1.7.2-6) unstable; urgency=low + + * Now depends on binutils. Closes: #587506. +only in patch2: +unchanged: +--- pptp-linux-1.7.2.orig/pqueue.h ++++ pptp-linux-1.7.2/pqueue.h +@@ -9,7 +9,10 @@ + extern int packet_timeout_usecs; + + /* assume packet is bad/spoofed if it's more than this many seqs ahead */ +-#define MISSING_WINDOW 300 ++/* default is NOT to check - command line override via '--missing-window '*/ ++/* default value is 300 - recommended is 6000 for high speed data rates*/ ++#define MISSING_WINDOW -1 ++extern int missing_window; + + /* Packet queue structure: linked list of packets received out-of-order */ + typedef struct pqueue { +only in patch2: +unchanged: +--- pptp-linux-1.7.2.orig/pptp_gre.c ++++ pptp-linux-1.7.2/pptp_gre.c +@@ -405,9 +405,9 @@ + seq, seq_recv + 1); + stats.rx_underwin++; + /* sequence number too high, is it reasonably close? */ +- } else if ( seq < seq_recv + MISSING_WINDOW || +- WRAPPED(seq, seq_recv + MISSING_WINDOW) ) { +- stats.rx_buffered++; ++ } else if ( (missing_window == -1) || ++ (seq < seq_recv + missing_window || WRAPPED(seq, seq_recv + missing_window)) ) { ++ stats.rx_buffered++; + if ( log_level >= 1 ) + log("%s packet %d (expecting %d, lost or reordered)", + disable_buffer ? "accepting" : "buffering", +only in patch2: +unchanged: +--- pptp-linux-1.7.2.orig/debian/patches/adj_missing_window.diff ++++ pptp-linux-1.7.2/debian/patches/adj_missing_window.diff +@@ -0,0 +1,91 @@ ++diff -aur pptp-1.7.2/pptp.c copy/pptp.c ++--- pptp-1.7.2/pptp.c 2008-05-14 08:33:55.000000000 +0200 +++++ copy/pptp.c 2012-05-10 13:37:14.000000000 +0200 ++@@ -79,6 +79,7 @@ ++ int disable_buffer = 0; ++ int test_type = 0; ++ int test_rate = 100; +++int missing_window = MISSING_WINDOW; ++ ++ struct in_addr get_ip_address(char *name); ++ int open_callmgr(struct in_addr inetaddr, char *phonenr, int argc,char **argv,char **envp, int pty_fd, int gre_fd); ++@@ -116,13 +117,14 @@ ++ " --timeout Time to wait for reordered packets (0.01 to 10 secs)\n" ++ " --nobuffer Disable packet buffering and reordering completely\n" ++ " --idle-wait Time to wait before sending echo request\n" ++- " --max-echo-wait Time to wait before giving up on lack of reply\n" +++ " --max-echo-wait Time to wait before giving up on lack of reply\n" ++ " --logstring Use instead of 'anon' in syslog messages\n" ++ " --localbind Bind to specified IP address instead of wildcard\n" ++ " --loglevel Sets the debugging level (0=low, 1=default, 2=high)\n" ++ " --test-type Damage the packet stream by reordering\n" ++- " --test-rate Do the test every n packets\n", ++- +++ " --test-rate yDo the test every n packets\n" +++ " --missing-window Activate 'missing window' validation and set tolerance to packages (300=default, 6000=recommended)\n", +++ ++ version, progname, progname); ++ log("%s called with wrong arguments, program not started.", progname); ++ exit(1); ++@@ -212,6 +214,7 @@ ++ {"version", 0, 0, 0}, ++ {"test-type", 1, 0, 0}, ++ {"test-rate", 1, 0, 0}, +++ {"missing-window", 1, 0, 0}, ++ {0, 0, 0, 0} ++ }; ++ int option_index = 0; ++@@ -290,7 +293,21 @@ ++ test_type = atoi(optarg); ++ } else if (option_index == 14) { /* --test-rate */ ++ test_rate = atoi(optarg); ++- } +++ } else if (option_index == 15) { /* --missing window */ +++ int x = atoi(optarg); +++ if (x <= 0) { +++ fprintf(stderr, "--missing-window must be integer greater than zero\n"); +++ log("--missing-window must be integer greater than zero\n"); +++ exit(2); +++ } else if (x < 300) { +++ fprintf(stderr, "--missing-window is set very low: default=300, recommended=6000 - proceeding anyway\n"); +++ log("--missing-window is set very low: default=300, recommended=6000 - proceeding anyway\n"); +++ } else { +++ fprintf(stderr, "--missing-window validation is active and set to: %d\n", x); +++ log("--missing-window validation is active and set to: %d\n", x); +++ missing_window = x; +++ } +++ } ++ break; ++ case '?': /* unrecognised option */ ++ /* fall through */ ++diff -aur pptp-1.7.2/pptp_gre.c copy/pptp_gre.c ++--- pptp-1.7.2/pptp_gre.c 2008-05-14 08:33:55.000000000 +0200 +++++ copy/pptp_gre.c 2012-05-10 14:00:20.554335736 +0200 ++@@ -405,9 +405,9 @@ ++ seq, seq_recv + 1); ++ stats.rx_underwin++; ++ /* sequence number too high, is it reasonably close? */ ++- } else if ( seq < seq_recv + MISSING_WINDOW || ++- WRAPPED(seq, seq_recv + MISSING_WINDOW) ) { ++- stats.rx_buffered++; +++ } else if ( (missing_window == -1) || +++ (seq < seq_recv + missing_window || WRAPPED(seq, seq_recv + missing_window)) ) { +++ stats.rx_buffered++; ++ if ( log_level >= 1 ) ++ log("%s packet %d (expecting %d, lost or reordered)", ++ disable_buffer ? "accepting" : "buffering", ++diff -aur pptp-1.7.2/pqueue.h copy/pqueue.h ++--- pptp-1.7.2/pqueue.h 2008-05-14 08:33:55.000000000 +0200 +++++ copy/pqueue.h 2012-05-10 13:37:22.000000000 +0200 ++@@ -9,7 +9,10 @@ ++ extern int packet_timeout_usecs; ++ ++ /* assume packet is bad/spoofed if it's more than this many seqs ahead */ ++-#define MISSING_WINDOW 300 +++/* default is NOT to check - command line override via '--missing-window '*/ +++/* default value is 300 - recommended is 6000 for high speed data rates*/ +++#define MISSING_WINDOW -1 +++extern int missing_window; ++ ++ /* Packet queue structure: linked list of packets received out-of-order */ ++ typedef struct pqueue { --- pptp-linux-1.8.0.orig/debian/patches/721963-pptp-linux-1.3.1-rand.diff +++ pptp-linux-1.8.0/debian/patches/721963-pptp-linux-1.3.1-rand.diff @@ -0,0 +1,47 @@ +diff -ur --exclude=pptp --exclude=config.h --exclude='*.o' pptp-linux-1.3.1.orig/pptp_ctrl.c pptp-linux-1.3.1-rand/pptp_ctrl.c +--- pptp-linux-1.3.1.orig/pptp_ctrl.c 2003-06-11 10:42:07.000000000 +0200 ++++ pptp-linux-1.3.1-rand/pptp_ctrl.c 2003-10-15 16:09:14.000000000 +0200 +@@ -16,6 +16,7 @@ + #include + #include + #include ++#include + #include "pptp_msg.h" + #include "pptp_ctrl.h" + #include "pptp_options.h" +@@ -242,6 +243,26 @@ + return conn; + } + ++int randci () ++{ ++ unsigned short int i=0; ++ int fd; ++ ++ fd=open ("/dev/random", O_RDONLY); ++ if (fd >= 0) { ++ read(fd,&i,2); ++ close(fd); ++ } ++ ++ if (i == 0) { ++ log("problem: opening /dev/random or getting number"); ++ log("using rand()"); ++ srand(time(NULL)); ++ i=(unsigned short int)(rand() & 0xffff); ++ } ++ return i; ++} ++ + /* This currently *only* works for client call requests. + * We need to do something else to allocate calls for incoming requests. + */ +@@ -256,6 +277,8 @@ + if (!vector_scan(conn->call, 0, PPTP_MAX_CHANNELS-1, &i)) + /* no more calls available! */ + return NULL; ++ if (i == 0) ++ i=randci(); + + /* allocate structure. */ + if ((call = malloc(sizeof(*call)))==NULL) return NULL;