pptpd-1.4.0/0000775000175000017500000000000012231672221007644 500000000000000pptpd-1.4.0/our_syslog.h0000664000175000017500000000134612231653061012147 00000000000000/* * our_syslog.h * * Syslog replacement functions */ #ifndef _PPTPD_SYSLOG_H #define _PPTPD_SYSLOG_H /* * only enable this if you are debugging and running by hand * If init runs us you may not have an fd-2, and thus your write all over * someones FD and the die :-( */ #undef USE_STDERR #ifdef USE_STDERR /* * Send all errors to stderr */ #define openlog(a,b,c) ({}) #define syslog(a,b,c...) ({fprintf(stderr, "pptpd syslog: " b "\n" , ## c);}) #define closelog() ({}) #define syslog_perror perror #else /* * Send all errors to syslog */ #include #include #define syslog_perror(s) syslog(LOG_ERR, "%s: %s", s, strerror(errno)) #endif #endif /* !_PPTPD_SYSLOG_H */ pptpd-1.4.0/NEWS0000664000175000017500000001263212231672170010272 000000000000001.4.0: released 2013-10-23 - change GPL license FSF addresses [Cameron] - clean up unused return value warnings [Cameron] - don't leak memory on duplicate packet [Lauro] - clean up several compiler warnings [Lauro] - use pppd.h from ppp-dev [Teasdale] - do not drop connection on ENOBUFS [Curia] - fix binary trash when launching pppd [tevaum] - add remotenumber support [Tarasov / Poetters] - catch missing EOL at EOF [Biedl] - add bcrelay manual page [Trong] - fix segfault on invalid IP range [Naumov] - add support for VRFs through libvrf [Lamparter] - fix implementation of IDLE_WAIT [Douglass] - fix compilation with uclibc with legacy support disabled [Hiramoto] - avoid ipparam and logwtmp on BSD [Cameron] - compiler fix for pptp_gre_header [Naess] - suppress "ignored a SET LINK INFO packet with real ACCMs" [Cameron] - add missing logwtmp option on pptpd.conf manyal page [Cameron] - fix reordering some more [Oester] 1.3.4: released 2007-04-16 - fix two release critical packet reordering bugs [Oester] - accept both types of domain delimiter [Cameron] - deprecate PPP_WAIT workaround in favour of turning off pty echo [Brady] 1.3.3: released 2006-09-05 - add missing connections option in sample pptpd.conf [Cameron] - add message to indicate when constrained by IP range [Cameron] - fix segfault on -C option, Closes Gentoo Bug #132898 [Nastac] - support mixed architecture build on x86_64 [Gorlov] - fix configure --with and --without option processing again [Cameron] - include libutil in logwtmp build [Gorlov] - fix spec file [Howarth] 1.3.2: released 2006-04-18 - fix configure --with and --without option processing [Cameron] - avoid reporting packet loss if debug option not set [Cameron] 1.3.1: released 2006-02-14 - make connections limit configurable at run-time [Cameron] - migrate --with-pppd-ip-alloc to delegate option [Cameron] - prevent initial unwanted GRE ACK [Barker] - bcrelay, ignore ENOBUFS [Rajkumar] - remove superfluous sigset [Cameron/Gono] - compilation fixes for gcc 4.0.1 [Cameron] - factorise argument processing in pptpctrl [Cameron/Visi] 1.3.0: released 2005-08-03 - disable Van Jacobson compression by default [Pokrywka] - prototype packet buffering and reordering [Bharadwaj] - comply with RFC2637 on echo wait and idle wait parameters [Brox] - new pptpd-logwtmp-strip-domain option [Cameron] - include html directory in make dist [Cameron] - defer writes to pty until pppd has set it up properly [Cameron] - process initial packet length header properly [Beregszaszi] - ignore ENETDOWN and ENXIO on sendto in bcrelay [Cameron] - add section on debugging to pptpd.8 [Mueller] 1.2.3: released 2005-02-17 - error check critical dup2 calls [Cameron] - add --enable-facility configure feature for syslog customisation [Cameron] - performance, use writev() if available, avoiding memcpy() [Sundberg] - compilation fix for gcc old versions [Cameron] 1.2.2: released 2005-01-05 - fix deadlock hang due to syslog(3) called by signal handler [Cameron] - turn off logging to stderr, to prevent loopback [Hall] - allow RPM to be build on RHEL [Brady] - init.d script, avoid spitting garbage [Mueller] 1.2.1: released 2004-06-23 - depend on ppp 2.4.3 CVS packages for plugin [Cameron] - init.d script, warn that restart may cause problems [Mueller] 1.2.0-b4: released 2004-05-25 - fix rpmbuild [Cameron] - include Debian downstream packaging patches [Mayrhofer] - fix for options file check when no options file wanted [Cameron] - fix for SIGTERM handling [Guraj] - minor manual page edits [Wilson] - fix printing of connection speed [Dubiec] - fix segfault if built --with-bcrelay but no option used [Cameron] - add --logwtmp option to track users online [Cameron/Guraj] - remove vpnwho.pl from package (due to --logwtmp) [Cameron] - include README.portslave in distribution [Cameron] 1.2.0-b3: released 2004-04-25 (ANZAC day) - add hint for EIO to suggest pppd option syntax [Cameron] - add routing checklists to pptpd.conf man page [Cameron] - fix broken --stimeout option [Cameron] - rework all manual pages, cross check against programs [Cameron] - add --ppp option for portslave support [Cameron] - fix unanticipated exit() when --noipparam option used [Cameron] - fix segfault on pptpctrl called with no arguments [Cameron] {closes: Bug#140709} - include vpnwho.pl in package [!3runo] - note that speed is ineffective on Linux [Cameron] - rework comments in sample configuration files [Cameron] - update references to web sites [Cameron] - minor edits to manual pages [Cameron] - improve script comments [Cameron] - remove superfluous files and tidy CVS repository [Cameron] - disable obsolete scripts [Cameron] 1.2.0-b2: released 2004-04-22 to test team (Peter & Bruno) - fix build without bcrelay [Cameron] - adopt bcrelay version from main package [Cameron] - when built without bcrelay, the bcrelay will exit [Cameron] - GNU standards compliance, no CVS in dist - new maintainer [Cameron] 1.1.4-b4: - terminate call on any CALL_CLR_RQST [!3runo] - unblock SIGCHLD [Stamfest] {closes: Bug#248123} - report pppd path in debug mode [Cameron] - report cause of failed execvp() [Cameron] - explain pppd launch failure [Cameron] - pass ipparam to pppd [Ammirata] - add bcrelay [Bolhuis] - fix loss of first GRE packet [fghdgh] - fix inheritance of console file descriptors [fghdgh] - fix pidfile option [Mandzgaladze] - fix two buffer overflows [Otero] - fix potential buffer overflow [Vroede] - enhance callid [Latypov] {does not close Bug#171831} 1.1.3: pptpd-1.4.0/debian/0000775000175000017500000000000012231672221011066 500000000000000pptpd-1.4.0/debian/conffiles0000644000175000017500000000007112110522672012675 00000000000000/etc/pptpd.conf /etc/ppp/pptpd-options /etc/init.d/pptpd pptpd-1.4.0/debian/dirs0000644000175000017500000000004012110522672011662 00000000000000usr/sbin etc etc/ppp etc/init.d pptpd-1.4.0/debian/examples0000644000175000017500000000007612110522672012550 00000000000000samples/chap-secrets samples/options.pptpd samples/pptpd.conf pptpd-1.4.0/debian/control0000644000175000017500000000106012110522672012404 00000000000000Source: pptpd Section: net Priority: optional Maintainer: Rene Mayrhofer Standards-Version: 3.0.1.0 Build-Depends: libwrap0-dev, debhelper (>= 4.1.16) Package: pptpd Architecture: any Depends: ${shlibs:Depends}, ppp (>=2.4.2+20030811-1), netbase, debconf, perl-base Build-Depends: debhelper Description: PoPToP Point to Point Tunneling Server This implements a Virtual Private Networking Server (VPN) that is compatible with Microsoft VPN clients. It allows windows users to connect to an internal firewalled network using their dialup. pptpd-1.4.0/debian/pptpd.conf0000644000175000017500000000437012110522672013006 00000000000000############################################################################### # $Id: pptpd.conf,v 1.1 2004/05/17 02:16:35 quozl Exp $ # # Sample Poptop configuration file /etc/pptpd.conf # # Changes are effective when pptpd is restarted. ############################################################################### # TAG: ppp # Path to the pppd program, default '/usr/sbin/pppd' on Linux # #ppp /usr/sbin/pppd # TAG: option # Specifies the location of the PPP options file. # By default PPP looks in '/etc/ppp/options' # option /etc/ppp/pptpd-options # TAG: debug # Turns on (more) debugging to syslog # #debug # TAG: stimeout # Specifies timeout (in seconds) on starting ctrl connection # # stimeout 10 # TAG: noipparam # Suppress the passing of the client's IP address to PPP, which is # done by default otherwise. # #noipparam # TAG: logwtmp # Use wtmp(5) to record client connections and disconnections. # logwtmp # TAG: bcrelay # Turns on broadcast relay to clients from interface # #bcrelay eth1 # TAG: localip # TAG: remoteip # Specifies the local and remote IP address ranges. # # Any addresses work as long as the local machine takes care of the # routing. But if you want to use MS-Windows networking, you should # use IP addresses out of the LAN address space and use the proxyarp # option in the pppd options file, or run bcrelay. # # You can specify single IP addresses seperated by commas or you can # specify ranges, or both. For example: # # 192.168.0.234,192.168.0.245-249,192.168.0.254 # # IMPORTANT RESTRICTIONS: # # 1. No spaces are permitted between commas or within addresses. # # 2. If you give more IP addresses than MAX_CONNECTIONS, it will # start at the beginning of the list and go until it gets # MAX_CONNECTIONS IPs. Others will be ignored. # # 3. No shortcuts in ranges! ie. 234-8 does not mean 234 to 238, # you must type 234-238 if you mean this. # # 4. If you give a single localIP, that's ok - all local IPs will # be set to the given one. You MUST still give at least one remote # IP for each simultaneous client. # # (Recommended) #localip 192.168.0.1 #remoteip 192.168.0.234-238,192.168.0.245 # or #localip 192.168.0.234-238,192.168.0.245 #remoteip 192.168.1.234-238,192.168.1.245 pptpd-1.4.0/debian/po/0000775000175000017500000000000012231672222011505 500000000000000pptpd-1.4.0/debian/po/fr.po0000644000175000017500000001721212110522672012374 00000000000000# # Translators, if you are not familiar with the PO format, gettext # documentation is worth reading, especially sections dedicated to # this format, e.g. by running: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Some information specific to po-debconf are available at # /usr/share/doc/po-debconf/README-trans # or http://www.debian.org/intl/l10n/po-debconf/README-trans # # Developers do not need to manually edit POT or PO files. # msgid "" msgstr "" "Project-Id-Version: ddtpd 1.1.4-0.b3.2\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2003-09-07 13:05+0200\n" "PO-Revision-Date: 2003-09-07 18:20+0200\n" "Last-Translator: Nicolas Bertolissio \n" "Language-Team: French \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=ISO-8859-15\n" "Content-Transfer-Encoding: 8bit\n" #. Description #: ../templates:3 msgid "The local IP address of the virtual connections" msgstr "Adresse IP locale pour les connexions virtuelles" #. Description #: ../templates:3 msgid "Specify the local IP address for the virtual connections." msgstr "Veuillez indiquer l'adresse IP locale pour les connexions virtuelles." #. Description #: ../templates:3 msgid "" "Please note that any address works as long as the local machine takes care " "of the routing. But if you want to use MS-Windows networking, you should use " "an IP address out of the LAN address space." msgstr "" "Veuillez noter que toute adresse convient tant que la machine locale " "s'occupe du routage. Mais si vous souhaitez utiliser un réseau MS-Windows, " "vous devriez utiliser une adresse IP hors de l'espace d'adressage du réseau " "local." #. Description #: ../templates:3 msgid "" "You can give only one address or you can give multiple addresses if you want " "to, although they are really not needed. Multiple addresses can be given as " "either \"10.0.0.1,10.0.0.2,10.0.0.3\" or \"10.0.0.1-3\". No spaces should be " "used between commas or within addresses." msgstr "" "Vous pouvez ne fournir qu'une seule adresse, mais aussi plusieurs bien que " "cela ne soit pas nécessaire. Pour plusieurs adresses, vous pouvez utiliser " "soit « 10.0.0.1,10.0.0.2,10.0.0.3 » soit « 10.0.0.1-3 ». Aucun espace ne " "devrait figurer entre les virgules ou dans les adresses." #. Description #: ../templates:17 msgid "A list of remote IP addresses for the virtual connections" msgstr "Liste d'adresses IP distantes pour les connexions virtuelles" #. Description #: ../templates:17 msgid "Specify the remote IP addresses for the virtual connections." msgstr "" "Veuillez indiquer les adresses IP distantes pour les connexions virtuelles." #. Description #: ../templates:17 msgid "" "Please note that any addresses work as long as the local machine takes care " "of the routing. But if you want to use MS-Windows networking, you should use " "IP addresses out of the LAN address space." msgstr "" "Veuillez noter que toute adresse convient tant que la machine locale " "s'occupe du routage. Mais si vous souhaitez utiliser un réseau MS-Windows, " "vous devriez utiliser une adresse IP hors de l'espace d'adressage du réseau " "local." #. Description #: ../templates:17 msgid "" "You have to give one address for every concurrent connection. This will " "depend on how many clients you expect to be online at the same time. " "Multiple addresses can be given as either \"10.0.0.1,10.0.0.2,10.0.0.3\" or " "\"10.0.0.1-3\". No spaces should be used between commas or within addresses." msgstr "" "Vous devez fournir une adresse pour chaque connexion autorisée. Cela dépend " "du nombre de clients attendus en même temps. Pour plusieurs adresses, vous " "pouvez utiliser soit « 10.0.0.1,10.0.0.2,10.0.0.3 » soit « 10.0.0.1-3 ». " "Aucun espace ne devrait figurer entre les virgules ou dans les adresses." #. Description #: ../templates:31 msgid "The netmask used for virtual connections" msgstr "Masque de réseau pour les connexions virtuelles" #. Description #: ../templates:31 msgid "" "If you use IP addresses from the LAN address space, please use the same " "netmask as on your LAN." msgstr "" "Si vous utilisez des adresses IP de l'espace d'adressage du réseau local, " "veuillez indiquer le même masque que pour votre réseau." #. Description #: ../templates:37 msgid "The IP address of your WINS server" msgstr "Adresse IP de votre serveur WINS" #. Description #: ../templates:37 msgid "" "A WINS server is used for browsing available Computers in MS-Windows " "networking. This address is transmitted to the clients," msgstr "" "Un serveur WINS sert à trouver les ordinateurs disponibles sur un réseau MS-" "Windows. Cette adresse sera transmise aux clients." #. Description #: ../templates:43 msgid "The IP address of your DNS server" msgstr "Adresse IP de votre serveur DNS" #. Description #: ../templates:43 msgid "This address is transmitted to the clients." msgstr "Cette adresse sera transmise aux clients." #. Description #: ../templates:49 msgid "Do you want to use MPPE data encryption ?" msgstr "Faut-il utiliser le chiffrement de données MPPE ?" #. Description #: ../templates:49 msgid "" "The recommended way is to use the data encryption as it is one of the main " "benefits of a VPN. When you want to use MPPE (Microsoft Point-to-Point " "Encryption), you also have to use CHAPMSv2 for authentication." msgstr "" "Il est recommandé d'utiliser le chiffrement de données car il s'agit de l'un " "des principaux avantages d'un réseau privé virtuel. Si vous souhaitez " "utiliser MPPE (« Microsoft Point-to-Point Encryption », chiffrement point-à-" "point de Microsoft), vous devrez aussi utiliser CHAPMSv2 pour " "l'authentification." #. Description #: ../templates:49 msgid "" "Note that you have to install the modified ppp packages if you want to use " "this data encryption." msgstr "" "Veuillez notez que vous devez installer les paquets de ppp modifiés si vous " "souhaitez utiliser ce chiffrement de données." #. Description #: ../templates:59 msgid "Warning: data encryption is disabled" msgstr "Attention : le chiffrement de données est désactivé" #. Description #: ../templates:59 msgid "" "All data transferred between the local network and the client will be " "transmitted without encryption ! This is a security hole." msgstr "" "Toutes les données transférées entre le réseau local et le client seront " "transmises sans chiffrement ! Il s'agit d'une faille de sécurité." #. Description #: ../templates:59 msgid "You have been warned. Now you loose your product warranty :)" msgstr "" "Vous voilà prévenu. Vous perdez désormais la seule garantie de ce produit :)" #. Description #: ../templates:69 msgid "Which authentication method do you want to use ?" msgstr "Méthode d'authentification à utiliser" #. Description #: ../templates:69 msgid "" "Possible authentication methods are: - PAP - CHAP - CHAP with Microsoft " "extensions - CHAP with Microsoft extensions v2" msgstr "" "Les méthodes d'authentification disponibles sont : PAP, CHAP, CHAP avec des " "extensions de Microsoft et CHAP avec les extensions de Microsoft version 2." #. Description #: ../templates:69 msgid "" "The recommended authentication method is one of the CHAP methods. However, " "you have to use a separate database (/etc/ppp/chap-secrets) if you want to " "use these. If you use PAP, you can use the standard system passwords when " "the ppp-pam package is installed." msgstr "" "Les méthodes d'authentification CHAP sont recommandées. Quoi qu'il en soit, " "vous devrez utiliser une base de données séparée (/etc/ppp/chap-secrets) si " "vous souhaitez les utiliser. Si vous choisissez PAP, vous pourrez utiliser " "les mots de passe standards du système après l'installation du paquet ppp-" "pam." pptpd-1.4.0/debian/po/templates.pot0000644000175000017500000001122212110522672014142 00000000000000# # Translators, if you are not familiar with the PO format, gettext # documentation is worth reading, especially sections dedicated to # this format, e.g. by running: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Some information specific to po-debconf are available at # /usr/share/doc/po-debconf/README-trans # or http://www.debian.org/intl/l10n/po-debconf/README-trans # # Developers do not need to manually edit POT or PO files. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "POT-Creation-Date: 2003-05-02 20:05-0300\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" #. Description #: ../templates:3 msgid "The local IP address of the virtual connections" msgstr "" #. Description #: ../templates:3 msgid "Specify the local IP address for the virtual connections." msgstr "" #. Description #: ../templates:3 msgid "" "Please note that any address works as long as the local machine takes care " "of the routing. But if you want to use MS-Windows networking, you should use " "an IP address out of the LAN address space." msgstr "" #. Description #: ../templates:3 msgid "" "You can give only one address or you can give multiple addresses if you want " "to, although they are really not needed. Multiple addresses can be given as " "either \"10.0.0.1,10.0.0.2,10.0.0.3\" or \"10.0.0.1-3\". No spaces should be " "used between commas or within addresses." msgstr "" #. Description #: ../templates:17 msgid "A list of remote IP addresses for the virtual connections." msgstr "" #. Description #: ../templates:17 msgid "Specify the remote IP addresses for the virtual connections." msgstr "" #. Description #: ../templates:17 msgid "" "Please note that any addresses work as long as the local machine takes care " "of the routing. But if you want to use MS-Windows networking, you should use " "IP addresses out of the LAN address space." msgstr "" #. Description #: ../templates:17 msgid "" "You have to give one address for every concurrent connection. This will " "depend on how many clients you expect to be online at the same time. " "Multiple addresses can be given as either \"10.0.0.1,10.0.0.2,10.0.0.3\" or " "\"10.0.0.1-3\". No spaces should be used between commas or within addresses." msgstr "" #. Description #: ../templates:31 msgid "The netmask used for virtual connections." msgstr "" #. Description #: ../templates:31 msgid "" "If you use IP addresses from the LAN address space, please use the same " "netmask as on your LAN." msgstr "" #. Description #: ../templates:37 msgid "The IP address of your WINS server." msgstr "" #. Description #: ../templates:37 msgid "" "A WINS server is used for browsing available Computers in MS-Windows " "networking. This address is transmitted to the clients," msgstr "" #. Description #: ../templates:43 msgid "The IP address of your DNS server." msgstr "" #. Description #: ../templates:43 msgid "This address is transmitted to the clients." msgstr "" #. Description #: ../templates:49 msgid "Do you want to use MPPE data encryption ?" msgstr "" #. Description #: ../templates:49 msgid "" "The recommended way is to use the data encryption as it is one of the main " "benefits of a VPN. When you want to use MPPE (Microsoft Point-to-Point " "Encryption), you also have to use CHAPMSv2 for authentication. . Note that " "you have to install the modified ppp packages if you want to use this data " "encryption." msgstr "" #. Description #: ../templates:58 msgid "Warning: data encryption is disabled." msgstr "" #. Description #: ../templates:58 msgid "" "All data transferred between the local network and the client will be " "transmitted without encryption ! This is a security hole." msgstr "" #. Description #: ../templates:58 msgid "You have been warned. Now you loose your product warranty :)" msgstr "" #. Choices #: ../templates:66 msgid "pap, chap, chapms, chapms-v2" msgstr "" #. Description #: ../templates:68 msgid "Which authentication method do you want to use ?" msgstr "" #. Description #: ../templates:68 msgid "" "Possible authentication methods are: - PAP - CHAP - CHAP with Microsoft " "extensions - CHAP with Microsoft extensions v2" msgstr "" #. Description #: ../templates:68 msgid "" "The recommended authentication method is one of the CHAP methods. However, " "you have to use a separate database (/etc/ppp/chap-secrets) if you want to " "use these. If you use PAP, you can use the standard system passwords when " "the ppp-pam package is installed." msgstr "" pptpd-1.4.0/debian/po/POTFILES.in0000644000175000017500000000004412110522672013175 00000000000000[type: gettext/rfc822deb] templates pptpd-1.4.0/debian/po/pt_BR.po0000644000175000017500000001674612110522672013006 00000000000000# # Translators, if you are not familiar with the PO format, gettext # documentation is worth reading, especially sections dedicated to # this format, e.g. by running: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Some information specific to po-debconf are available at # /usr/share/doc/po-debconf/README-trans # or http://www.debian.org/intl/l10n/po-debconf/README-trans # # Developers do not need to manually edit POT or PO files. # msgid "" msgstr "" "Project-Id-Version: pptpd_1.1.4-0.b3.2\n" "POT-Creation-Date: 2003-05-02 20:05-0300\n" "PO-Revision-Date: 2003-05-02 20:26-0300\n" "Last-Translator: André Luís Lopes \n" "Language-Team: Debian-BR Project \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=ISO-8859-1\n" "Content-Transfer-Encoding: 8bit\n" #. Description #: ../templates:3 msgid "The local IP address of the virtual connections" msgstr "O endereço IP local das conexões virtuais" #. Description #: ../templates:3 msgid "Specify the local IP address for the virtual connections." msgstr "Especifique o endereço IP local para as conexões virtuais." #. Description #: ../templates:3 msgid "" "Please note that any address works as long as the local machine takes care " "of the routing. But if you want to use MS-Windows networking, you should use " "an IP address out of the LAN address space." msgstr "" "Por favor note que qualquer endereço funcionará contanto que o máquina " "local gerencie o roteamento. Mas caso você queira usar a rede " "MS-Windows você deverá usar um endereço IP fora do espaço de endereços " "da LAN." #. Description #: ../templates:3 msgid "" "You can give only one address or you can give multiple addresses if you want " "to, although they are really not needed. Multiple addresses can be given as " "either \"10.0.0.1,10.0.0.2,10.0.0.3\" or \"10.0.0.1-3\". No spaces should be " "used between commas or within addresses." msgstr "" "Você pode fornecer somente um endereço ou você pode fornecer diversos " "endereços caso deseje, porém eles realmente não são necessários. " "Múltiplos endereços podem ser fornecidos informados como " "\"10.0.0.1,10.0.0.3\" ou \"10.0.0.1-3\". Nenhum espaço deve ser " "informado entre as vírgulas ou como parte dos endereços." #. Description #: ../templates:17 msgid "A list of remote IP addresses for the virtual connections." msgstr "Uma lista de endereços IP remotos para as conexões virtuais." #. Description #: ../templates:17 msgid "Specify the remote IP addresses for the virtual connections." msgstr "Especifique os endereços IP remotos para as conexões virtuais." #. Description #: ../templates:17 msgid "" "Please note that any addresses work as long as the local machine takes care " "of the routing. But if you want to use MS-Windows networking, you should use " "IP addresses out of the LAN address space." msgstr "" "Por favor note que qualquer endereço funcionará contanto que o máquina " "local gerencie o roteamento. Mas caso você queira usar a rede " "MS-Windows você deverá usar endereços IP fora do espaço de endereços " "da LAN." #. Description #: ../templates:17 msgid "" "You have to give one address for every concurrent connection. This will " "depend on how many clients you expect to be online at the same time. " "Multiple addresses can be given as either \"10.0.0.1,10.0.0.2,10.0.0.3\" or " "\"10.0.0.1-3\". No spaces should be used between commas or within addresses." msgstr "" "Você precisa fornecer um endereço para cada conexão concorrente. Isso " "dependerá de quantos clientes você espera que estejam on-line ao mesmo " "tempo. Diversos endereços podem ser informados como " "\"10.0.0.1,10.0.0.2,10.0.0.3\" ou \"10.0.0.1-3\". Nenhum espaço deverá " "ser usado entre as vírgulas ou como parte dos endereços." #. Description #: ../templates:31 msgid "The netmask used for virtual connections." msgstr "A máscara de rede usada para conexões virtuais." #. Description #: ../templates:31 msgid "" "If you use IP addresses from the LAN address space, please use the same " "netmask as on your LAN." msgstr "" "Caso você utilize endereços IP do espaço de endereços da LAN por favor " "usae a mesma máscara de rede usada em sua LAN." #. Description #: ../templates:37 msgid "The IP address of your WINS server." msgstr "O endereço IP de seu servidor WINS." #. Description #: ../templates:37 msgid "" "A WINS server is used for browsing available Computers in MS-Windows " "networking. This address is transmitted to the clients," msgstr "" "Um servidor WINS é usado para navegar pelos computadores disponíveis " "em rede MS-Windows. Esse endereço é transmitido para os clientes." #. Description #: ../templates:43 msgid "The IP address of your DNS server." msgstr "O endereço IP de seu servidor DNS." #. Description #: ../templates:43 msgid "This address is transmitted to the clients." msgstr "Esse endereço é transmitido para os clientes." #. Description #: ../templates:49 msgid "Do you want to use MPPE data encryption ?" msgstr "Você deseja usar encriptação de dados MPPE ?" #. Description #: ../templates:49 msgid "" "The recommended way is to use the data encryption as it is one of the main " "benefits of a VPN. When you want to use MPPE (Microsoft Point-to-Point " "Encryption), you also have to use CHAPMSv2 for authentication. . Note that " "you have to install the modified ppp packages if you want to use this data " "encryption." msgstr "" "A maneira recomendada é usar a encriptação de dados uma vez que esse é " "um dos principais benefícios de um VPN. Quando usar MPPE (Microsoft " "Point-to-Point Encryption) você terá também que usar CHAPMSv2 para " "autenticação. Note que você precisa instalar os pacotes ppp modificados " "caso você queira usar essa encriptação de dados." #. Description #: ../templates:58 msgid "Warning: data encryption is disabled." msgstr "Aviso : a encriptação de dados está desabilitada." #. Description #: ../templates:58 msgid "" "All data transferred between the local network and the client will be " "transmitted without encryption ! This is a security hole." msgstr "" "Todos os dados transferidos entre a rede local e o cliente serão " "transferidos sem encriptação ! Isto é uma falha de segurança." #. Description #: ../templates:58 msgid "You have been warned. Now you loose your product warranty :)" msgstr "Você foi avisado. Agora você perdeu a garantia do produto :)" #. Choices #: ../templates:66 msgid "pap, chap, chapms, chapms-v2" msgstr "pap, chap, chapms, chapms-v2" #. Description #: ../templates:68 msgid "Which authentication method do you want to use ?" msgstr "Qual método de autenticação você deseja usar ?" #. Description #: ../templates:68 msgid "" "Possible authentication methods are: - PAP - CHAP - CHAP with Microsoft " "extensions - CHAP with Microsoft extensions v2" msgstr "" "Os métodos de autenticação possíveis são : PAP - CHAP - CHAP com " "extensões Microsoft - CHAP com extensões Microsoft v2" #. Description #: ../templates:68 msgid "" "The recommended authentication method is one of the CHAP methods. However, " "you have to use a separate database (/etc/ppp/chap-secrets) if you want to " "use these. If you use PAP, you can use the standard system passwords when " "the ppp-pam package is installed." msgstr "" "O método de autenticação recomendado é um dos métodos CHAP. Porém, você " "precisará usar uma base de dados separada (/etc/ppp/chap-secrets) caso " "você queira usá-los. Caso você use PAP, você poderá usar o sistema de " "senhas padrão quando o pacote ppp-pam for instalado." pptpd-1.4.0/debian/templates0000644000175000017500000000600112110522672012722 00000000000000Template: pptpd/localip Type: string _Description: Local IP address of the virtual connections Specify the local IP address for the virtual connections. . Please note that any address works as long as the local machine takes care of the routing. But if you want to use MS-Windows networking, you should use an IP address out of the LAN address space. . You can give only one address or you can give multiple addresses if you want to, although they are really not needed. Multiple addresses can be given as either "10.0.0.1,10.0.0.2,10.0.0.3" or "10.0.0.1-3". No spaces should be used between commas or within addresses. Template: pptpd/remoteip Type: string _Description: A list of remote IP addresses for the virtual connections. Specify the remote IP addresses for the virtual connections. . Please note that any addresses work as long as the local machine takes care of the routing. But if you want to use MS-Windows networking, you should use IP addresses out of the LAN address space. . You have to give one address for every concurrent connection. This will depend on how many clients you expect to be online at the same time. Multiple addresses can be given as either "10.0.0.1,10.0.0.2,10.0.0.3" or "10.0.0.1-3". No spaces should be used between commas or within addresses. Template: pptpd/netmask Type: string _Description: Netmask used for virtual connections. If you use IP addresses from the LAN address space, please use the same netmask as on your LAN. Template: pptpd/wins Type: string _Description: IP address of your WINS server. A WINS server is used for browsing available Computers in MS-Windows networking. This address is transmitted to the clients, Template: pptpd/dns Type: string _Description: IP address of your DNS server. This address is transmitted to the clients. Template: pptpd/mppe Type: boolean Default: true _Description: Do you want to use MPPE data encryption ? The recommended way is to use the data encryption as it is one of the main benefits of a VPN. When you want to use MPPE (Microsoft Point-to-Point Encryption), you also have to use CHAPMSv2 for authentication. . Note that you have to install the modified ppp packages if you want to use this data encryption. Template: pptpd/no-mppe Type: note _Description: Warning: data encryption is disabled. All data transferred between the local network and the client will be transmitted without encryption ! This is a security hole. . You have been warned. Now you loose your product warranty :) Template: pptpd/authentication Type: select _Choices: pap, chap, chapms, chapms-v2 Default: chap _Description: Which authentication method do you want to use ? Possible authentication methods are: - PAP - CHAP - CHAP with Microsoft extensions - CHAP with Microsoft extensions v2 . The recommended authentication method is one of the CHAP methods. However, you have to use a separate database (/etc/ppp/chap-secrets) if you want to use these. If you use PAP, you can use the standard system passwords when the ppp-pam package is installed. pptpd-1.4.0/debian/docs0000644000175000017500000000013212110522672011653 00000000000000AUTHORS ChangeLog-0.8 ChangeLog-0.9 README README.inetd README.slirp README.bcrelay TODO pptpd-1.4.0/debian/config0000644000175000017500000000063112110522672012174 00000000000000#!/bin/sh -e # Rene Mayrhofer , Oct. 1999 # I hereby put this script under the Artistic License. . /usr/share/debconf/confmodule.sh db_input high pptpd/localip db_input high pptpd/remoteip # ask if mppe encryption should be used db_input pptpd/mppe db_go # check the answer(s) db_get pptpd/mppe if [ "$RET" = "false" ]; then # display a warning db_input high pptpd/no-mppe db_go fi pptpd-1.4.0/debian/README.debian0000644000175000017500000000052612110522672013110 00000000000000pptpd for DEBIAN ---------------------- Please note that, if you want to use pptpd to create host-to-site tunnels (e.g. typical road-warrior setups), then you will need to enable IP forwarding. This can be done by setting ip_forward=yes in /etc/network/options. Rene Mayrhofer , Mon, 16 Aug 1999 11:27:43 +0200 pptpd-1.4.0/debian/pptpdconfig.pl0000644000175000017500000000305512110522672013661 00000000000000#!/usr/bin/perl -w use strict; use Debian::DebConf::Client::ConfModule ':all'; &pptpd("/etc/pptpd.conf", get("pptpd/localip"), get("pptpd/remoteip")); exit 0; sub pptpd ($$$) { my $line; # eine Zeile von IN my $xxx; my @lines; my $count; my $filename; my $localIp; my $remoteIp; my $spaces; my $foundlocal=0; my $foundremote=0; my $IDString="# generated by pptpdconfig"; $filename=shift; $localIp=shift; $remoteIp=shift; print("Configuring pptpd to use localip(s) $localIp and remoteip(s) "); print("$remoteIp ...\n"); open(IN, "<$filename") || die("$filename not found.\n"); @lines=; open(OUT, ">${filename}.old"); print OUT @lines; close OUT; $count=0; while ($count<=$#lines) { $line=$lines[$count]; if ($line=~/^\s*localip/) { if ($line=~/$IDString/) { ($spaces)=($line=~/^(\s*)\S*.*/); $lines[$count]="${spaces}localip $localIp $IDString\n"; $foundlocal=1; } else { $lines[$count]="# removed by pptpdconfig --- ".$lines[$count]."\n"; } } if ($line=~/^\s*remoteip/) { if ($line=~/$IDString/) { ($spaces)=($line=~/^(\s*)\S*.*/); $lines[$count]="${spaces}remoteip $remoteIp $IDString\n"; $foundremote=1; } else { $lines[$count]="# removed by pptpdconfig --- ".$lines[$count]."\n"; } } $count++; } if ($foundlocal==0) { push(@lines, "localip $localIp $IDString\n"); } if ($foundremote==0) { push(@lines, "remoteip $remoteIp $IDString\n"); } close IN; print("done\n"); open(OUT, ">$filename"); print OUT @lines; close OUT; } pptpd-1.4.0/debian/rules0000755000175000017500000000357412110522672012075 00000000000000#!/usr/bin/make -f # MAde with the aid of dh_make, by Craig Small # Sample debian/rules that uses debhelper. GNU copyright 1997 by Joey Hess. # Some lines taken from debmake, by Cristoph Lameter. # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 build: build-stamp build-stamp: dh_testdir ./configure --prefix=/usr --mandir=/usr/share/man \ --with-libwrap --with-bcrelay # Add here commands to compile the package. $(MAKE) touch build-stamp clean: dh_testdir dh_testroot rm -f build-stamp install-stamp # Add here commands to clean up after the build process. -$(MAKE) distclean dh_clean install: install-stamp install-stamp: build-stamp dh_testdir dh_testroot dh_clean -k dh_installdirs # Add here commands to install the package into debian/tmp. $(MAKE) install prefix=`pwd`/debian/tmp/usr mandir=`pwd`/debian/tmp/usr/share/man cp debian/pptpd.conf `pwd`/debian/tmp/etc cp debian/pptpd-options `pwd`/debian/tmp/etc/ppp #cp debian/pptpdconfig.pl `pwd`/debian/tmp/usr/sbin touch install-stamp # Build architecture-independent files here. binary-indep: build install # We have nothing to do by default. # Build architecture-dependent files here. binary-arch: build install # dh_testversion dh_testdir dh_testroot dh_installdocs # mv `pwd`/debian/tmp/usr/share/doc/pptpd/html/*.txt `pwd`/debian/tmp/usr/share/doc/pptpd/ dh_installexamples # dh_installmenu # dh_installemacsen dh_installinit # dh_installcron dh_installmanpages # dh_installdebconf # dh_undocumented dh_installchangelogs -k ChangeLog dh_strip dh_compress dh_fixperms dh_installdeb dh_shlibdeps dh_gencontrol # dh_makeshlibs dh_md5sums dh_builddeb source diff: @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false binary: binary-indep binary-arch .PHONY: build clean binary-indep binary-arch binary pptpd-1.4.0/debian/changelog0000664000175000017500000001522112231672170012664 00000000000000pptpd (1.4.0-0) unstable; urgency=low * Package built from upstream sources, not a Debian project package (Debian Developer expected to adjust this entry) -- James Cameron Wed, 23 Oct 2013 16:16:54 +1000 pptpd (1.3.4-0) unstable; urgency=low * Package built from upstream sources, not a Debian project package (Debian Developer expected to adjust this entry) -- James Cameron Mon, 16 Apr 2007 10:51:43 +1000 pptpd (1.2.0-0) unstable; urgency=low * Package built from upstream sources, not a Debian project package (Debian Developer expected to adjust this entry) Closes: #107933: pptpd: pptpd segfaults if called without arguments Closes: #126486: pptpd: wish it had better integration support with Portslave -- James Cameron Fri, 21 May 2004 20:13:51 +1000 pptpd (1.1.4.0b4-1) unstable; urgency=low * Finally acknowledge the bugs fixed in the NMUs: Closes: #132819 (Build-Depends on devhelper) Closes: #126712 (Mark /etc/init.d/pptpd as conffile) Closes: #57849 (Remove recommends line) * Enable the MSCHAP and MPPE options again in the default config, but now changed for the new upstream pppd syntax. * Also include the new upstream source in the upload - dpkg-buildpackage was confused by the version number. * Enhance the init script to: - Include a "status" option. - Force pptpd to close its file descriptors. Closes: #189426: pptpd does not close/redirect stdout and stderr * Use po-debconf for debconf translations and add pt_BR and FR translations. However, debconf is still not used for autoconfig until I find time to implement the config script properly. It will come, soon ;) Also fix some english short descriptions - thanks for pointing that out. Closes: #191703: Update packaging to use the newer gettext-based debconf template translation system Closes: #208049: Please switch to gettext-based debconf templates Closes: #211273: French translation of gettext debconf template I will leave #209082 open until the config script works.... * Also ship the README.bcrelay file in the binary package. * Move the HOWTO-IPX+PPTP.txt file from the html/ directory to the normal doc directory. Closes: #220707: CVS directory, and non-html in 'html' dir * Document that IP forwarding needs to be enabled, but refer to /etc/network/options instead of /proc/sys/net/ipv4/ip_forward. Closes: #168718: Documentation has no reference to /proc/sys/net/ipv4/ip_forward -- Rene Mayrhofer Wed, 23 Apr 2003 13:34:50 +0200 pptpd (1.1.4-0.b3.1) unstable; urgency=HIGH * New upstream release (to fix the security issue). Closes: #189363: pptpd: PoPToP versions earlier than 1.1.3 have a remotely exploitable buffer overflow Closes: #107933: pptpd: pptpd segfaults if called without arguments * Enabled the broadcast relay option. * The default pptpd-options no longer includes "+chapms" Closes: #179808: pptpd: Completely fails to work * Acknowledge bug report closed by NMUs: Closes: #132819 Closes: #126712 Closes: #57849 -- Rene Mayrhofer Wed, 23 Apr 2003 12:12:38 +0200 pptpd (1.1.2-2) unstable; urgency=low * New upstream version -- Rene Mayrhofer Wed, 30 Jul 2003 22:36:01 +0200 pptpd (1.1.2-1.3.woody.0) stable; urgency=HIGH * Security fix for the remotely exploitable buffer overflow. -- Rene Mayrhofer Wed, 23 Apr 2003 13:10:05 +0200 pptpd (1.1.2-1.2) unstable; urgency=low * Non-maintainer upload * Mark /etc/init.d/pptpd as a conffile, per policy (closes: #132819). -- Steve Langasek Sat, 16 Feb 2002 12:09:44 -0600 pptpd (1.1.2-1.1) unstable; urgency=low * NMU * Add build-depends: debhelper. Closes: #126712. -- LaMont Jones Mon, 14 Jan 2002 22:08:38 -0700 pptpd (1.1.2-1) unstable; urgency=low * Updated to new upstream version (declared as development version, but it is around long enough to seem stable). Closes: #109908 * Do not ship pptpdconfig.pl since it does not work correctly at the moment. Closes: #82385 * Took out all MPPE options from pptpd-options (the options for pppd) as long as the default pppd package does not support it. Closes: #61651 * Changed maintainer email to rmayr@debian.org -- Rene Mayrhofer Thu, 27 Dec 2001 11:17:51 +0100 pptpd (1.0.1-2) unstable; urgency=low * Changed the dependency from perl to perl-base. -- Rene Mayrhofer Tue, 26 Dec 2000 15:44:38 +0100 pptpd (1.0.1-1) unstable; urgency=low * New upstream release. The debconf support is still disabled because I do not have time to write a perl script that can change the configuration files (only 2 files need to be changed) thet is really safe (i.e. it does not mess with manual configuration in those files). If anybody can contribute, I would be very happy. -- Rene Mayrhofer Mon, 20 Nov 2000 17:38:35 +0100 pptpd (1.0.0-5) unstable; urgency=low * First try with debconf support and postinst config script -- Rene Mayrhofer Tue, 11 Jul 2000 17:06:10 +0200 pptpd (1.0.0-4) frozen unstable; urgency=low * Added a config script to the postinst (now disabled because of problems with debconf perl support - next upload will include it) * Preliminary support for debconf (now disabled because of problems with (debconf perl support - next upload will include it) * Removed the debug option from /etc/pptpd.conf * Updated the HOWTO with a new version from the upstream maintainer * Removed the Recommend: ppp-pam (closes: #57849) -- Rene Mayrhofer Fri, 1 Oct 1999 11:06:39 +0200 pptpd (1.0.0-3) unstable; urgency=low * The init script now uses the pidfile created by pptpd -- Rene Mayrhofer Thu, 30 Sep 1999 11:31:11 +0200 pptpd (1.0.0-2) unstable; urgency=low * Enhanced the init script to recognize force-reload. * Moved manual pages to /usr/share/man * Added support for TCP wrappers -- Rene Mayrhofer Wed, 29 Sep 1999 13:35:05 +0200 pptpd (1.0.0-1) unstable; urgency=low * New upstream release -- Rene Mayrhofer Tue, 28 Sep 1999 16:49:26 +0200 pptpd (0.9.13-1) unstable; urgency=low * New upstream release -- Rene Mayrhofer Tue, 24 Aug 1999 08:05:29 +0200 pptpd (0.9.12-1) unstable; urgency=low * Initial Release. -- Rene Mayrhofer Tue, 24 Aug 1999 08:05:10 +0200 pptpd-1.4.0/debian/pptpd-options0000644000175000017500000000565712110522672013564 00000000000000############################################################################### # $Id: pptpd-options,v 1.1 2004/05/17 02:16:35 quozl Exp $ # # Sample Poptop PPP options file /etc/ppp/pptpd-options # Options used by PPP when a connection arrives from a client. # This file is pointed to by /etc/pptpd.conf option keyword. # Changes are effective on the next connection. See "man pppd". # # You are expected to change this file to suit your system. As # packaged, it requires PPP 2.4.2 and the kernel MPPE module. ############################################################################### # Authentication # Name of the local system for authentication purposes # (must match the second field in /etc/ppp/chap-secrets entries) name pptpd # Optional: domain name to use for authentication # domain mydomain.net # Strip the domain prefix from the username before authentication. # (applies if you use pppd with chapms-strip-domain patch) #chapms-strip-domain # Encryption # Debian: on systems with a kernel built with the package # kernel-patch-mppe >= 2.4.2 and using ppp >= 2.4.2, ... # {{{ refuse-pap refuse-chap refuse-mschap # Require the peer to authenticate itself using MS-CHAPv2 [Microsoft # Challenge Handshake Authentication Protocol, Version 2] authentication. require-mschap-v2 # Require MPPE 128-bit encryption # (note that MPPE requires the use of MSCHAP-V2 during authentication) require-mppe-128 # }}} # Network and Routing # If pppd is acting as a server for Microsoft Windows clients, this # option allows pppd to supply one or two DNS (Domain Name Server) # addresses to the clients. The first instance of this option # specifies the primary DNS address; the second instance (if given) # specifies the secondary DNS address. #ms-dns 10.0.0.1 #ms-dns 10.0.0.2 # If pppd is acting as a server for Microsoft Windows or "Samba" # clients, this option allows pppd to supply one or two WINS (Windows # Internet Name Services) server addresses to the clients. The first # instance of this option specifies the primary WINS address; the # second instance (if given) specifies the secondary WINS address. #ms-wins 10.0.0.3 #ms-wins 10.0.0.4 # Add an entry to this system's ARP [Address Resolution Protocol] # table with the IP address of the peer and the Ethernet address of this # system. This will have the effect of making the peer appear to other # systems to be on the local ethernet. # (you do not need this if your PPTP server is responsible for routing # packets to the clients -- James Cameron) proxyarp # Debian: do not replace the default route nodefaultroute # Logging # Enable connection debugging facilities. # (see your syslog configuration for where pppd sends to) #debug # Print out all the option values which have been set. # (often requested by mailing list to verify options) #dump # Miscellaneous # Create a UUCP-style lock file for the pseudo-tty to ensure exclusive # access. lock # Disable BSD-Compress compression nobsdcomp pptpd-1.4.0/debian/copyright0000644000175000017500000000054612110522672012744 00000000000000This package was debianized by Rene Mayrhofer rene.mayrhofer@gibraltar.at on Mon, 16 Aug 1999 11:27:43 +0200. It was downloaded from 'http://www.moretonbay.com/vpn/pptp.html' Upstream Authors: Please look at file AUTHORS Copyright: PPTPd is released under the GPL. You should find a copy of the GPL in '/usr/share/common-licenses/GPL' on Debian systems. pptpd-1.4.0/debian/pptpd.init0000644000175000017500000000261012110522672013017 00000000000000#!/bin/sh # Copyright Rene Mayrhofer, ViaNova, 1999 # This script is distibuted under the GPL PATH=/bin:/usr/bin:/sbin:/usr/sbin DAEMON=/usr/sbin/pptpd PIDFILE=/var/run/pptpd.pid FLAGS="defaults 50" case "$1" in start) echo -n "Starting PPTP Daemon: " start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \ -- < /dev/null > /dev/null echo "pptpd." ;; stop) echo -n "Stopping PPTP: " start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON echo "pptpd." ;; reload) echo "Not implemented." ;; force-reload|restart) echo "Restarting PPTP: " sh $0 stop sh $0 start ;; status) if [ ! -r $PIDFILE ]; then # no pid file, process doesn't seem to be running correctly exit 3 fi PID=`cat $PIDFILE | sed 's/ //g'` EXE=/proc/$PID/exe if [ -x "$EXE" ] && [ "`ls -l \"$EXE\" | cut -d'>' -f2,2 | cut -d' ' -f2,2`" = \ "$DAEMON" ]; then # ok, process seems to be running exit 0 elif [ -r $PIDFILE ]; then # process not running, but pidfile exists exit 1 else # no lock file to check for, so simply return the stopped status exit 3 fi ;; *) echo "Usage: /etc/init.d/pptpd {start|stop|restart|force-reload|reload}" exit 1 ;; esac exit 0 pptpd-1.4.0/config.embed.h0000644000175000017500000000040012231653271012251 00000000000000/* * config.embed.h * * Dummy autoconf results for uClinux target. */ #define STDC_HEADERS 1 #define HAVE_SETSID 1 #define HAVE_MEMMOVE 1 #define HAVE_STRING_H 1 #define PPP_BINARY "/bin/pppd" #define BCRELAY_BIN "/bin/bcrelay" #define SBINDIR "/bin" pptpd-1.4.0/ctrlpacket.h0000664000175000017500000000120312231653013012063 00000000000000/* * ctrlpacket.h * * Functions to parse and send pptp control packets. */ #ifndef _PPTPD_CTRLPACKET_H #define _PPTPD_CTRLPACKET_H int read_pptp_packet(int clientFd, void *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size); ssize_t send_pptp_packet(int clientFd, void *packet, size_t packet_size); void make_echo_req_packet(struct pptp_out_call_rply *rply_packet, ssize_t * rply_size, u_int32_t echo_id); void make_call_admin_shutdown(struct pptp_out_call_rply *rply_packet, ssize_t * rply_size); void make_stop_ctrl_req(struct pptp_out_call_rply *rply_packet, ssize_t * rply_size); #endif /* !_PPTPD_CTRLPACKET_H */ pptpd-1.4.0/version0000755000175000017500000000072112110522672011175 00000000000000#!/bin/sh # # Little shell script to grab current version number from configure.in # # $Id: version,v 1.1 2002/06/21 08:52:02 fenix_nl Exp $ VER=`grep AM_INIT_AUTOMAKE configure.in | awk -F'[(),]' '{print $3}'` if [ "$1" == "-VERSION" ] then echo $VER | awk -F'.' '{print $1}' exit fi if [ "$1" == "-PATCHLEVEL" ] then echo $VER | awk -F'.' '{print $2}' exit fi if [ "$1" == "-SUBLEVEL" ] then echo $VER | awk -F'.' '{print $3}' exit fi echo $VER exit pptpd-1.4.0/aclocal.m40000664000175000017500000010503512231672170011433 00000000000000# generated automatically by aclocal 1.11.6 -*- Autoconf -*- # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, # 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, # Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],, [m4_warning([this file was generated for autoconf 2.69. You have another version of autoconf. It may work, but is not guaranteed to. If you have problems, you may need to regenerate the build system entirely. To do so, use the procedure documented by the package, typically `autoreconf'.])]) # Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008, 2011 Free Software # Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 1 # AM_AUTOMAKE_VERSION(VERSION) # ---------------------------- # Automake X.Y traces this macro to ensure aclocal.m4 has been # generated from the m4 files accompanying Automake X.Y. # (This private macro should not be called outside this file.) AC_DEFUN([AM_AUTOMAKE_VERSION], [am__api_version='1.11' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. m4_if([$1], [1.11.6], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) # _AM_AUTOCONF_VERSION(VERSION) # ----------------------------- # aclocal traces this macro to find the Autoconf version. # This is a private macro too. Using m4_define simplifies # the logic in aclocal, which can simply ignore this definition. m4_define([_AM_AUTOCONF_VERSION], []) # AM_SET_CURRENT_AUTOMAKE_VERSION # ------------------------------- # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], [AM_AUTOMAKE_VERSION([1.11.6])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) # AM_AUX_DIR_EXPAND -*- Autoconf -*- # Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 1 # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets # $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to # `$srcdir', `$srcdir/..', or `$srcdir/../..'. # # Of course, Automake must honor this variable whenever it calls a # tool from the auxiliary directory. The problem is that $srcdir (and # therefore $ac_aux_dir as well) can be either absolute or relative, # depending on how configure is run. This is pretty annoying, since # it makes $ac_aux_dir quite unusable in subdirectories: in the top # source directory, any form will work fine, but in subdirectories a # relative path needs to be adjusted first. # # $ac_aux_dir/missing # fails when called from a subdirectory if $ac_aux_dir is relative # $top_srcdir/$ac_aux_dir/missing # fails if $ac_aux_dir is absolute, # fails when called from a subdirectory in a VPATH build with # a relative $ac_aux_dir # # The reason of the latter failure is that $top_srcdir and $ac_aux_dir # are both prefixed by $srcdir. In an in-source build this is usually # harmless because $srcdir is `.', but things will broke when you # start a VPATH build or use an absolute $srcdir. # # So we could use something similar to $top_srcdir/$ac_aux_dir/missing, # iff we strip the leading $srcdir from $ac_aux_dir. That would be: # am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"` # and then we would define $MISSING as # MISSING="\${SHELL} $am_aux_dir/missing" # This will work as long as MISSING is not called from configure, because # unfortunately $(top_srcdir) has no meaning in configure. # However there are other variables, like CC, which are often used in # configure, and could therefore not use this "fixed" $ac_aux_dir. # # Another solution, used here, is to always expand $ac_aux_dir to an # absolute PATH. The drawback is that using absolute paths prevent a # configured tree to be moved without reconfiguration. AC_DEFUN([AM_AUX_DIR_EXPAND], [dnl Rely on autoconf to set up CDPATH properly. AC_PREREQ([2.50])dnl # expand $ac_aux_dir to an absolute path am_aux_dir=`cd $ac_aux_dir && pwd` ]) # AM_CONDITIONAL -*- Autoconf -*- # Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006, 2008 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 9 # AM_CONDITIONAL(NAME, SHELL-CONDITION) # ------------------------------------- # Define a conditional. AC_DEFUN([AM_CONDITIONAL], [AC_PREREQ(2.52)dnl ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl AC_SUBST([$1_TRUE])dnl AC_SUBST([$1_FALSE])dnl _AM_SUBST_NOTMAKE([$1_TRUE])dnl _AM_SUBST_NOTMAKE([$1_FALSE])dnl m4_define([_AM_COND_VALUE_$1], [$2])dnl if $2; then $1_TRUE= $1_FALSE='#' else $1_TRUE='#' $1_FALSE= fi AC_CONFIG_COMMANDS_PRE( [if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then AC_MSG_ERROR([[conditional "$1" was never defined. Usually this means the macro was only invoked conditionally.]]) fi])]) # Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009, # 2010, 2011 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 12 # There are a few dirty hacks below to avoid letting `AC_PROG_CC' be # written in clear, in which case automake, when reading aclocal.m4, # will think it sees a *use*, and therefore will trigger all it's # C support machinery. Also note that it means that autoscan, seeing # CC etc. in the Makefile, will ask for an AC_PROG_CC use... # _AM_DEPENDENCIES(NAME) # ---------------------- # See how the compiler implements dependency checking. # NAME is "CC", "CXX", "GCJ", or "OBJC". # We try a few techniques and use that to set a single cache variable. # # We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was # modified to invoke _AM_DEPENDENCIES(CC); we would have a circular # dependency, and given that the user is not expected to run this macro, # just rely on AC_PROG_CC. AC_DEFUN([_AM_DEPENDENCIES], [AC_REQUIRE([AM_SET_DEPDIR])dnl AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl AC_REQUIRE([AM_MAKE_INCLUDE])dnl AC_REQUIRE([AM_DEP_TRACK])dnl ifelse([$1], CC, [depcc="$CC" am_compiler_list=], [$1], CXX, [depcc="$CXX" am_compiler_list=], [$1], OBJC, [depcc="$OBJC" am_compiler_list='gcc3 gcc'], [$1], UPC, [depcc="$UPC" am_compiler_list=], [$1], GCJ, [depcc="$GCJ" am_compiler_list='gcc3 gcc'], [depcc="$$1" am_compiler_list=]) AC_CACHE_CHECK([dependency style of $depcc], [am_cv_$1_dependencies_compiler_type], [if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up # making a dummy file named `D' -- because `-MD' means `put the output # in D'. rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir # We will build objects and dependencies in a subdirectory because # it helps to detect inapplicable dependency modes. For instance # both Tru64's cc and ICC support -MD to output dependencies as a # side effect of compilation, but ICC will put the dependencies in # the current directory while Tru64 will put them in the object # directory. mkdir sub am_cv_$1_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` fi am__universal=false m4_case([$1], [CC], [case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac], [CXX], [case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac]) for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and # we should not choose a depcomp mode which is confused by this. # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with # Solaris 8's {/usr,}/bin/sh. touch sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf # We check with `-c' and `-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly # handle `-M -o', and we need to detect this. Also, some Intel # versions had trouble with output in subdirs am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in gcc) # This depmode causes a compiler race in universal mode. test "$am__universal" = false || continue ;; nosideeffect) # after this tag, mechanisms are not by side-effect, so they'll # only be used when explicitly requested if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) # This compiler won't grok `-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} am__minus_obj= ;; none) break ;; esac if depmode=$depmode \ source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message # that says an option was ignored or not supported. # When given -MP, icc 7.0 and 7.1 complain thusly: # icc: Command line warning: ignoring option '-M'; no argument required # The diagnosis changed in icc 8.0: # icc: Command line remark: option '-MP' not supported if (grep 'ignoring option' conftest.err || grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else am_cv_$1_dependencies_compiler_type=$depmode break fi fi done cd .. rm -rf conftest.dir else am_cv_$1_dependencies_compiler_type=none fi ]) AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) AM_CONDITIONAL([am__fastdep$1], [ test "x$enable_dependency_tracking" != xno \ && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) ]) # AM_SET_DEPDIR # ------------- # Choose a directory name for dependency files. # This macro is AC_REQUIREd in _AM_DEPENDENCIES AC_DEFUN([AM_SET_DEPDIR], [AC_REQUIRE([AM_SET_LEADING_DOT])dnl AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl ]) # AM_DEP_TRACK # ------------ AC_DEFUN([AM_DEP_TRACK], [AC_ARG_ENABLE(dependency-tracking, [ --disable-dependency-tracking speeds up one-time build --enable-dependency-tracking do not reject slow dependency extractors]) if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' am__nodep='_no' fi AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) AC_SUBST([AMDEPBACKSLASH])dnl _AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl AC_SUBST([am__nodep])dnl _AM_SUBST_NOTMAKE([am__nodep])dnl ]) # Generate code to set up dependency tracking. -*- Autoconf -*- # Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2008 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. #serial 5 # _AM_OUTPUT_DEPENDENCY_COMMANDS # ------------------------------ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], [{ # Autoconf 2.62 quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. case $CONFIG_FILES in *\'*) eval set x "$CONFIG_FILES" ;; *) set x $CONFIG_FILES ;; esac shift for mf do # Strip MF so we end up with the name of the file. mf=`echo "$mf" | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile or not. # We used to match only the files named `Makefile.in', but # some people rename them; so instead we look at the file content. # Grep'ing the first line is not enough: some people post-process # each Makefile.in and add a new line on top of each file to say so. # Grep'ing the whole file is not good either: AIX grep has a line # limit of 2048, but all sed's we know have understand at least 4000. if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then dirpart=`AS_DIRNAME("$mf")` else continue fi # Extract the definition of DEPDIR, am__include, and am__quote # from the Makefile without running `make'. DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` test -z "$DEPDIR" && continue am__include=`sed -n 's/^am__include = //p' < "$mf"` test -z "am__include" && continue am__quote=`sed -n 's/^am__quote = //p' < "$mf"` # When using ansi2knr, U may be empty or an underscore; expand it U=`sed -n 's/^U = //p' < "$mf"` # Find all dependency output files, they are included files with # $(DEPDIR) in their names. We invoke sed twice because it is the # simplest approach to changing $(DEPDIR) to its actual value in the # expansion. for file in `sed -n " s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do # Make sure the directory exists. test -f "$dirpart/$file" && continue fdir=`AS_DIRNAME(["$file"])` AS_MKDIR_P([$dirpart/$fdir]) # echo "creating $dirpart/$file" echo '# dummy' > "$dirpart/$file" done done } ])# _AM_OUTPUT_DEPENDENCY_COMMANDS # AM_OUTPUT_DEPENDENCY_COMMANDS # ----------------------------- # This macro should only be invoked once -- use via AC_REQUIRE. # # This code is only required when automatic dependency tracking # is enabled. FIXME. This creates each `.P' file that we will # need in order to bootstrap the dependency handling code. AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], [AC_CONFIG_COMMANDS([depfiles], [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) ]) # Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 8 # AM_CONFIG_HEADER is obsolete. It has been replaced by AC_CONFIG_HEADERS. AU_DEFUN([AM_CONFIG_HEADER], [AC_CONFIG_HEADERS($@)]) # Do all the work for Automake. -*- Autoconf -*- # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, # 2005, 2006, 2008, 2009 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 16 # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. # AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) # AM_INIT_AUTOMAKE([OPTIONS]) # ----------------------------------------------- # The call with PACKAGE and VERSION arguments is the old style # call (pre autoconf-2.50), which is being phased out. PACKAGE # and VERSION should now be passed to AC_INIT and removed from # the call to AM_INIT_AUTOMAKE. # We support both call styles for the transition. After # the next Automake release, Autoconf can make the AC_INIT # arguments mandatory, and then we can depend on a new Autoconf # release and drop the old call support. AC_DEFUN([AM_INIT_AUTOMAKE], [AC_PREREQ([2.62])dnl dnl Autoconf wants to disallow AM_ names. We explicitly allow dnl the ones we care about. m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl AC_REQUIRE([AC_PROG_INSTALL])dnl if test "`cd $srcdir && pwd`" != "`pwd`"; then # Use -I$(srcdir) only when $(srcdir) != ., so that make's output # is not polluted with repeated "-I." AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl # test to see if srcdir already configured if test -f $srcdir/config.status; then AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) fi fi # test whether we have cygpath if test -z "$CYGPATH_W"; then if (cygpath --version) >/dev/null 2>/dev/null; then CYGPATH_W='cygpath -w' else CYGPATH_W=echo fi fi AC_SUBST([CYGPATH_W]) # Define the identity of the package. dnl Distinguish between old-style and new-style calls. m4_ifval([$2], [m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl AC_SUBST([PACKAGE], [$1])dnl AC_SUBST([VERSION], [$2])], [_AM_SET_OPTIONS([$1])dnl dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. m4_if(m4_ifdef([AC_PACKAGE_NAME], 1)m4_ifdef([AC_PACKAGE_VERSION], 1), 11,, [m4_fatal([AC_INIT should be called with package and version arguments])])dnl AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl _AM_IF_OPTION([no-define],, [AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package]) AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl # Some tools Automake needs. AC_REQUIRE([AM_SANITY_CHECK])dnl AC_REQUIRE([AC_ARG_PROGRAM])dnl AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version}) AM_MISSING_PROG(AUTOCONF, autoconf) AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) AM_MISSING_PROG(AUTOHEADER, autoheader) AM_MISSING_PROG(MAKEINFO, makeinfo) AC_REQUIRE([AM_PROG_INSTALL_SH])dnl AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl AC_REQUIRE([AM_PROG_MKDIR_P])dnl # We need awk for the "check" target. The system "awk" is bad on # some platforms. AC_REQUIRE([AC_PROG_AWK])dnl AC_REQUIRE([AC_PROG_MAKE_SET])dnl AC_REQUIRE([AM_SET_LEADING_DOT])dnl _AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], [_AM_PROG_TAR([v7])])]) _AM_IF_OPTION([no-dependencies],, [AC_PROVIDE_IFELSE([AC_PROG_CC], [_AM_DEPENDENCIES(CC)], [define([AC_PROG_CC], defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl AC_PROVIDE_IFELSE([AC_PROG_CXX], [_AM_DEPENDENCIES(CXX)], [define([AC_PROG_CXX], defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl AC_PROVIDE_IFELSE([AC_PROG_OBJC], [_AM_DEPENDENCIES(OBJC)], [define([AC_PROG_OBJC], defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl ]) _AM_IF_OPTION([silent-rules], [AC_REQUIRE([AM_SILENT_RULES])])dnl dnl The `parallel-tests' driver may need to know about EXEEXT, so add the dnl `am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This macro dnl is hooked onto _AC_COMPILER_EXEEXT early, see below. AC_CONFIG_COMMANDS_PRE(dnl [m4_provide_if([_AM_COMPILER_EXEEXT], [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl ]) dnl Hook into `_AC_COMPILER_EXEEXT' early to learn its expansion. Do not dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further dnl mangled by Autoconf and run in a shell conditional statement. m4_define([_AC_COMPILER_EXEEXT], m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) # When config.status generates a header, we must update the stamp-h file. # This file resides in the same directory as the config header # that is generated. The stamp files are numbered to have different names. # Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the # loop where config.status creates the headers, so we can generate # our stamp files there. AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], [# Compute $1's index in $config_headers. _am_arg=$1 _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) # Copyright (C) 2001, 2003, 2005, 2008, 2011 Free Software Foundation, # Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 1 # AM_PROG_INSTALL_SH # ------------------ # Define $install_sh. AC_DEFUN([AM_PROG_INSTALL_SH], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl if test x"${install_sh}" != xset; then case $am_aux_dir in *\ * | *\ *) install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; *) install_sh="\${SHELL} $am_aux_dir/install-sh" esac fi AC_SUBST(install_sh)]) # Copyright (C) 2003, 2005 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 2 # Check whether the underlying file-system supports filenames # with a leading dot. For instance MS-DOS doesn't. AC_DEFUN([AM_SET_LEADING_DOT], [rm -rf .tst 2>/dev/null mkdir .tst 2>/dev/null if test -d .tst; then am__leading_dot=. else am__leading_dot=_ fi rmdir .tst 2>/dev/null AC_SUBST([am__leading_dot])]) # Check to see how 'make' treats includes. -*- Autoconf -*- # Copyright (C) 2001, 2002, 2003, 2005, 2009 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 4 # AM_MAKE_INCLUDE() # ----------------- # Check to see how make treats includes. AC_DEFUN([AM_MAKE_INCLUDE], [am_make=${MAKE-make} cat > confinc << 'END' am__doit: @echo this is the am__doit target .PHONY: am__doit END # If we don't find an include directive, just comment out the code. AC_MSG_CHECKING([for style of include used by $am_make]) am__include="#" am__quote= _am_result=none # First try GNU make style include. echo "include confinc" > confmf # Ignore all kinds of additional output from `make'. case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=include am__quote= _am_result=GNU ;; esac # Now try BSD make style include. if test "$am__include" = "#"; then echo '.include "confinc"' > confmf case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=.include am__quote="\"" _am_result=BSD ;; esac fi AC_SUBST([am__include]) AC_SUBST([am__quote]) AC_MSG_RESULT([$_am_result]) rm -f confinc confmf ]) # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- # Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005, 2008 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 6 # AM_MISSING_PROG(NAME, PROGRAM) # ------------------------------ AC_DEFUN([AM_MISSING_PROG], [AC_REQUIRE([AM_MISSING_HAS_RUN]) $1=${$1-"${am_missing_run}$2"} AC_SUBST($1)]) # AM_MISSING_HAS_RUN # ------------------ # Define MISSING if not defined so far and test if it supports --run. # If it does, set am_missing_run to use it, otherwise, to nothing. AC_DEFUN([AM_MISSING_HAS_RUN], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([missing])dnl if test x"${MISSING+set}" != xset; then case $am_aux_dir in *\ * | *\ *) MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; *) MISSING="\${SHELL} $am_aux_dir/missing" ;; esac fi # Use eval to expand $SHELL if eval "$MISSING --run true"; then am_missing_run="$MISSING --run " else am_missing_run= AC_MSG_WARN([`missing' script is too old or missing]) fi ]) # Copyright (C) 2003, 2004, 2005, 2006, 2011 Free Software Foundation, # Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 1 # AM_PROG_MKDIR_P # --------------- # Check for `mkdir -p'. AC_DEFUN([AM_PROG_MKDIR_P], [AC_PREREQ([2.60])dnl AC_REQUIRE([AC_PROG_MKDIR_P])dnl dnl Automake 1.8 to 1.9.6 used to define mkdir_p. We now use MKDIR_P, dnl while keeping a definition of mkdir_p for backward compatibility. dnl @MKDIR_P@ is magic: AC_OUTPUT adjusts its value for each Makefile. dnl However we cannot define mkdir_p as $(MKDIR_P) for the sake of dnl Makefile.ins that do not define MKDIR_P, so we do our own dnl adjustment using top_builddir (which is defined more often than dnl MKDIR_P). AC_SUBST([mkdir_p], ["$MKDIR_P"])dnl case $mkdir_p in [[\\/$]]* | ?:[[\\/]]*) ;; */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; esac ]) # Helper functions for option handling. -*- Autoconf -*- # Copyright (C) 2001, 2002, 2003, 2005, 2008, 2010 Free Software # Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 5 # _AM_MANGLE_OPTION(NAME) # ----------------------- AC_DEFUN([_AM_MANGLE_OPTION], [[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) # _AM_SET_OPTION(NAME) # -------------------- # Set option NAME. Presently that only means defining a flag for this option. AC_DEFUN([_AM_SET_OPTION], [m4_define(_AM_MANGLE_OPTION([$1]), 1)]) # _AM_SET_OPTIONS(OPTIONS) # ------------------------ # OPTIONS is a space-separated list of Automake options. AC_DEFUN([_AM_SET_OPTIONS], [m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) # _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) # ------------------------------------------- # Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. AC_DEFUN([_AM_IF_OPTION], [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) # Check to make sure that the build environment is sane. -*- Autoconf -*- # Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005, 2008 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 5 # AM_SANITY_CHECK # --------------- AC_DEFUN([AM_SANITY_CHECK], [AC_MSG_CHECKING([whether build environment is sane]) # Just in case sleep 1 echo timestamp > conftest.file # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' ' case `pwd` in *[[\\\"\#\$\&\'\`$am_lf]]*) AC_MSG_ERROR([unsafe absolute working directory name]);; esac case $srcdir in *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) AC_MSG_ERROR([unsafe srcdir value: `$srcdir']);; esac # Do `set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` if test "$[*]" = "X"; then # -L didn't work. set X `ls -t "$srcdir/configure" conftest.file` fi rm -f conftest.file if test "$[*]" != "X $srcdir/configure conftest.file" \ && test "$[*]" != "X conftest.file $srcdir/configure"; then # If neither matched, then we have a broken ls. This can happen # if, for instance, CONFIG_SHELL is bash and it inherits a # broken ls alias from the environment. This has actually # happened. Such a system could not be considered "sane". AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken alias in your environment]) fi test "$[2]" = conftest.file ) then # Ok. : else AC_MSG_ERROR([newly created file is older than distributed files! Check your system clock]) fi AC_MSG_RESULT(yes)]) # Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 1 # AM_PROG_INSTALL_STRIP # --------------------- # One issue with vendor `install' (even GNU) is that you can't # specify the program used to strip binaries. This is especially # annoying in cross-compiling environments, where the build's strip # is unlikely to handle the host's binaries. # Fortunately install-sh will honor a STRIPPROG variable, so we # always use install-sh in `make install-strip', and initialize # STRIPPROG with the value of the STRIP variable (set by the user). AC_DEFUN([AM_PROG_INSTALL_STRIP], [AC_REQUIRE([AM_PROG_INSTALL_SH])dnl # Installed binaries are usually stripped using `strip' when the user # run `make install-strip'. However `strip' might not be the right # tool to use in cross-compilation environments, therefore Automake # will honor the `STRIP' environment variable to overrule this program. dnl Don't test for $cross_compiling = yes, because it might be `maybe'. if test "$cross_compiling" != no; then AC_CHECK_TOOL([STRIP], [strip], :) fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" AC_SUBST([INSTALL_STRIP_PROGRAM])]) # Copyright (C) 2006, 2008, 2010 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 3 # _AM_SUBST_NOTMAKE(VARIABLE) # --------------------------- # Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. # This macro is traced by Automake. AC_DEFUN([_AM_SUBST_NOTMAKE]) # AM_SUBST_NOTMAKE(VARIABLE) # -------------------------- # Public sister of _AM_SUBST_NOTMAKE. AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) # Check how to create a tarball. -*- Autoconf -*- # Copyright (C) 2004, 2005, 2012 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # serial 2 # _AM_PROG_TAR(FORMAT) # -------------------- # Check how to create a tarball in format FORMAT. # FORMAT should be one of `v7', `ustar', or `pax'. # # Substitute a variable $(am__tar) that is a command # writing to stdout a FORMAT-tarball containing the directory # $tardir. # tardir=directory && $(am__tar) > result.tar # # Substitute a variable $(am__untar) that extract such # a tarball read from stdin. # $(am__untar) < result.tar AC_DEFUN([_AM_PROG_TAR], [# Always define AMTAR for backward compatibility. Yes, it's still used # in the wild :-( We should find a proper way to deprecate it ... AC_SUBST([AMTAR], ['$${TAR-tar}']) m4_if([$1], [v7], [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'], [m4_case([$1], [ustar],, [pax],, [m4_fatal([Unknown tar format])]) AC_MSG_CHECKING([how to create a $1 tar archive]) # Loop over all known methods to create a tar archive until one works. _am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' _am_tools=${am_cv_prog_tar_$1-$_am_tools} # Do not fold the above two line into one, because Tru64 sh and # Solaris sh will not grok spaces in the rhs of `-'. for _am_tool in $_am_tools do case $_am_tool in gnutar) for _am_tar in tar gnutar gtar; do AM_RUN_LOG([$_am_tar --version]) && break done am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' am__untar="$_am_tar -xf -" ;; plaintar) # Must skip GNU tar: if it does not support --format= it doesn't create # ustar tarball either. (tar --version) >/dev/null 2>&1 && continue am__tar='tar chf - "$$tardir"' am__tar_='tar chf - "$tardir"' am__untar='tar xf -' ;; pax) am__tar='pax -L -x $1 -w "$$tardir"' am__tar_='pax -L -x $1 -w "$tardir"' am__untar='pax -r' ;; cpio) am__tar='find "$$tardir" -print | cpio -o -H $1 -L' am__tar_='find "$tardir" -print | cpio -o -H $1 -L' am__untar='cpio -i -H $1 -d' ;; none) am__tar=false am__tar_=false am__untar=false ;; esac # If the value was cached, stop now. We just wanted to have am__tar # and am__untar set. test -n "${am_cv_prog_tar_$1}" && break # tar/untar a dummy directory, and stop if the command works rm -rf conftest.dir mkdir conftest.dir echo GrepMe > conftest.dir/file AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) rm -rf conftest.dir if test -s conftest.tar; then AM_RUN_LOG([$am__untar /dev/null 2>&1 && break fi done rm -rf conftest.dir AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) AC_MSG_RESULT([$am_cv_prog_tar_$1])]) AC_SUBST([am__tar]) AC_SUBST([am__untar]) ]) # _AM_PROG_TAR pptpd-1.4.0/reconf0000755000175000017500000000234412110522672010767 00000000000000#! /bin/sh # # Reconfigure for a release, by updating the Makefile dependencies and # running the autotools. # # $Id: reconf,v 1.3 2004/04/23 10:06:17 quozl Exp $ # make the existing config.h disappear temporarily if test -f config.h then mv -f config.h config.h.TMP fi touch config.h # rebuild dependencies (makedepend) for makefile in Makefile.am Makefile.uClinux do echo -n "Rebuilding $makefile..." head -`grep -n 'DO NOT ADD BELOW THIS POINT' $makefile | \ cut -d: -f1` $makefile > $makefile.new for file in *.c do if test "$makefile" = "Makefile.uClinux" then gcc -MM $file -include config.embed.h else gcc -MM $file -DHAVE_CONFIG_H fi echo '' done >> $makefile.new echo 'done.' if ! cmp -s $makefile.new $makefile then echo "Changes: <=old >=new" diff $makefile $makefile.new | grep '^[<>]' mv -f $makefile.new $makefile else rm -f $makefile.new echo "No change." fi done # restore the previous config.h rm -f config.h if test -f config.h.TMP then mv -f config.h.TMP config.h fi # show us what we do next set -x # reset the configuration rm -f config.cache rm -f config.log # run the build tools sequence aclocal autoconf automake -a --copy --verbose autoheader pptpd-1.4.0/compat.h0000664000175000017500000000402512231652765011234 00000000000000/* * compat.h * * Compatibility functions for different OSes (prototypes) */ #ifndef _PPTPD_COMPAT_H #define _PPTPD_COMPAT_H #if HAVE_CONFIG_H #include "config.h" #endif #if HAVE_SETSID #define SETSIDPGRP setsid #else #define SETSIDPGRP setpgrp #endif #include #ifndef HAVE_STRLCPY /* void since to be fast and portable, we use strncpy, but this * means we don't know how many bytes were copied */ extern void strlcpy(char *dst, const char *src, size_t size); #endif /* !HAVE_STRLCPY */ #ifndef HAVE_MEMMOVE extern void *memmove(void *dst, const void *src, size_t size); #endif /* !HAVE_MEMMOVE */ #ifndef HAVE_OPENPTY /* Originally from code by C. S. Ananian */ /* These are the Linux values - and fairly sane defaults. * Since we search from the start and just skip errors, they'll do. * Note that Unix98 has an openpty() call so we don't need to worry * about the new pty names here. */ #define PTYDEV "/dev/ptyxx" #define TTYDEV "/dev/ttyxx" #define PTYMAX 11 #define TTYMAX 11 #define PTYCHAR1 "pqrstuvwxyzabcde" #define PTYCHAR2 "0123456789abcdef" /* Dummy the last 2 args, so we don't have to find the right include * files on every OS to define the needed structures. */ extern int openpty(int *, int *, char *, void *, void *); #endif /* !HAVE_OPENPTY */ #ifndef HAVE_STRERROR extern char *strerror(int); #endif extern void my_setproctitle(int argc, char **argv, const char *format, ...) __attribute__ ((format (printf, 3, 4))); /* signal to pipe delivery implementation */ /* create a signal pipe, returns 0 for success, -1 with errno for failure */ int sigpipe_create(); /* generic handler for signals, writes signal number to pipe */ void sigpipe_handler(int signum); /* assign a signal number to the pipe */ void sigpipe_assign(int signum); /* return the signal pipe read file descriptor for select(2) */ int sigpipe_fd(); /* read and return the pending signal from the pipe */ int sigpipe_read(); void sigpipe_close(); #endif /* !_PPTPD_COMPAT_H */ pptpd-1.4.0/COPYING0000664000175000017500000004325411352247755010644 00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. pptpd-1.4.0/AUTHORS0000644000175000017500000000307212110522672010634 00000000000000Poptop -- The PPTP Server ------------------------- Current Maintainer: James Cameron Previous Maintainer: Richard de Vroede Original Authors: Matthew Ramsay Kevin Thayer David Luyer Peter Galbavy Other Contributors: Ron O'Hara Allan Clark Harald Vogt Bruno Lopes F. Cabral [!3runo] Peter Stamfest Sergio M. Ammirata Norbert van Bolhuis Visarion Mandzgaladze Hernan Otero Jan Dubiec Pawel Guraj Chris Wilson Anton Gorlov Charlie Brady Michael Douglass David Lamparter The Linux PPTP Server takes advantage of some Linux PPTP client code written by C. Scott Ananian Other Credits: Moreton Bay Lineo Snapgear Linvision SourceForge - Current host for the mailing list and CVS repository. Christopher Schulte - Previous host for the PPTP Mailing List (sadly missed, in James' opinion). Peter Galbavy - Previous host for the PPTP CVS server. Luc Richards - The author of bcrelay. Wing Kwok - The author of ADS howto. pptpd-1.4.0/inststr.c0000664000175000017500000000255512231653042011445 00000000000000/* * inststr.c * * Little function to change the name of a process * * Originally from C. S. Ananian's pptpclient */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifndef HAVE_SETPROCTITLE #include "inststr.h" #include "compat.h" #include void inststr(int argc, char **argv, char *src) { if (strlen(src) <= strlen(argv[0])) { char *ptr, **pptr; for (ptr = argv[0]; *ptr; *(ptr++) = '\0') ; strcpy(argv[0], src); for (pptr = argv + 1; *pptr; pptr++) for (ptr = *pptr; *ptr; *(ptr++) = '\0') ; } else { /* Originally from the source to perl 4.036 (assigning to $0) */ char *ptr, *ptr2; int count; ptr = argv[0] + strlen(argv[0]); for (count = 1; count < argc; count++) { if (argv[count] == ptr + 1) { ptr++; ptr += strlen(ptr); } } count = 0; for (ptr2 = argv[0]; ptr2 <= ptr; ptr2++) { *ptr2 = '\0'; count++; } strlcpy(argv[0], src, count); } } #endif /* !HAVE_SETPROCTITLE */ pptpd-1.4.0/samples/0000775000175000017500000000000012231672221011310 500000000000000pptpd-1.4.0/samples/pptpd.conf0000644000175000017500000000615712110522672013235 00000000000000############################################################################### # $Id: pptpd.conf,v 1.11 2011/05/19 00:02:50 quozl Exp $ # # Sample Poptop configuration file /etc/pptpd.conf # # Changes are effective when pptpd is restarted. ############################################################################### # TAG: ppp # Path to the pppd program, default '/usr/sbin/pppd' on Linux # #ppp /usr/sbin/pppd # TAG: option # Specifies the location of the PPP options file. # By default PPP looks in '/etc/ppp/options' # option /etc/ppp/options.pptpd # TAG: debug # Turns on (more) debugging to syslog # #debug # TAG: stimeout # Specifies timeout (in seconds) on starting ctrl connection # # stimeout 10 # TAG: noipparam # Suppress the passing of the client's IP address to PPP, which is # done by default otherwise. # #noipparam # TAG: logwtmp # Use wtmp(5) to record client connections and disconnections. # logwtmp # TAG: vrf # Switches PPTP & GRE sockets to the specified VRF, which must exist # Only available if VRF support was compiled into pptpd. # #vrf test # TAG: bcrelay # Turns on broadcast relay to clients from interface # #bcrelay eth1 # TAG: delegate # Delegates the allocation of client IP addresses to pppd. # # Without this option, which is the default, pptpd manages the list of # IP addresses for clients and passes the next free address to pppd. # With this option, pptpd does not pass an address, and so pppd may use # radius or chap-secrets to allocate an address. # #delegate # TAG: connections # Limits the number of client connections that may be accepted. # # If pptpd is allocating IP addresses (e.g. delegate is not # used) then the number of connections is also limited by the # remoteip option. The default is 100. #connections 100 # TAG: localip # TAG: remoteip # Specifies the local and remote IP address ranges. # # These options are ignored if delegate option is set. # # Any addresses work as long as the local machine takes care of the # routing. But if you want to use MS-Windows networking, you should # use IP addresses out of the LAN address space and use the proxyarp # option in the pppd options file, or run bcrelay. # # You can specify single IP addresses seperated by commas or you can # specify ranges, or both. For example: # # 192.168.0.234,192.168.0.245-249,192.168.0.254 # # IMPORTANT RESTRICTIONS: # # 1. No spaces are permitted between commas or within addresses. # # 2. If you give more IP addresses than the value of connections, # it will start at the beginning of the list and go until it # gets connections IPs. Others will be ignored. # # 3. No shortcuts in ranges! ie. 234-8 does not mean 234 to 238, # you must type 234-238 if you mean this. # # 4. If you give a single localIP, that's ok - all local IPs will # be set to the given one. You MUST still give at least one remote # IP for each simultaneous client. # # (Recommended) #localip 192.168.0.1 #remoteip 192.168.0.234-238,192.168.0.245 # or #localip 192.168.0.234-238,192.168.0.245 #remoteip 192.168.1.234-238,192.168.1.245 pptpd-1.4.0/samples/chap-secrets0000644000175000017500000000015012110522672013526 00000000000000# Secrets for authentication using CHAP # client server secret IP addresses #username pptpd password * pptpd-1.4.0/samples/options.pptpd0000644000175000017500000001031612110522672013773 00000000000000############################################################################### # $Id: options.pptpd,v 1.11 2005/12/29 01:21:09 quozl Exp $ # # Sample Poptop PPP options file /etc/ppp/options.pptpd # Options used by PPP when a connection arrives from a client. # This file is pointed to by /etc/pptpd.conf option keyword. # Changes are effective on the next connection. See "man pppd". # # You are expected to change this file to suit your system. As # packaged, it requires PPP 2.4.2 and the kernel MPPE module. ############################################################################### # Authentication # Name of the local system for authentication purposes # (must match the second field in /etc/ppp/chap-secrets entries) name pptpd # Strip the domain prefix from the username before authentication. # (applies if you use pppd with chapms-strip-domain patch) #chapms-strip-domain # Encryption # (There have been multiple versions of PPP with encryption support, # choose with of the following sections you will use.) # BSD licensed ppp-2.4.2 upstream with MPPE only, kernel module ppp_mppe.o # {{{ refuse-pap refuse-chap refuse-mschap # Require the peer to authenticate itself using MS-CHAPv2 [Microsoft # Challenge Handshake Authentication Protocol, Version 2] authentication. require-mschap-v2 # Require MPPE 128-bit encryption # (note that MPPE requires the use of MSCHAP-V2 during authentication) require-mppe-128 # }}} # OpenSSL licensed ppp-2.4.1 fork with MPPE only, kernel module mppe.o # {{{ #-chap #-chapms # Require the peer to authenticate itself using MS-CHAPv2 [Microsoft # Challenge Handshake Authentication Protocol, Version 2] authentication. #+chapms-v2 # Require MPPE encryption # (note that MPPE requires the use of MSCHAP-V2 during authentication) #mppe-40 # enable either 40-bit or 128-bit, not both #mppe-128 #mppe-stateless # }}} # Network and Routing # If pppd is acting as a server for Microsoft Windows clients, this # option allows pppd to supply one or two DNS (Domain Name Server) # addresses to the clients. The first instance of this option # specifies the primary DNS address; the second instance (if given) # specifies the secondary DNS address. #ms-dns 10.0.0.1 #ms-dns 10.0.0.2 # If pppd is acting as a server for Microsoft Windows or "Samba" # clients, this option allows pppd to supply one or two WINS (Windows # Internet Name Services) server addresses to the clients. The first # instance of this option specifies the primary WINS address; the # second instance (if given) specifies the secondary WINS address. #ms-wins 10.0.0.3 #ms-wins 10.0.0.4 # Add an entry to this system's ARP [Address Resolution Protocol] # table with the IP address of the peer and the Ethernet address of this # system. This will have the effect of making the peer appear to other # systems to be on the local ethernet. # (you do not need this if your PPTP server is responsible for routing # packets to the clients -- James Cameron) proxyarp # Normally pptpd passes the IP address to pppd, but if pptpd has been # given the delegate option in pptpd.conf or the --delegate command line # option, then pppd will use chap-secrets or radius to allocate the # client IP address. The default local IP address used at the server # end is often the same as the address of the server. To override this, # specify the local IP address here. # (you must not use this unless you have used the delegate option) #10.8.0.100 # Logging # Enable connection debugging facilities. # (see your syslog configuration for where pppd sends to) #debug # Print out all the option values which have been set. # (often requested by mailing list to verify options) #dump # Miscellaneous # Create a UUCP-style lock file for the pseudo-tty to ensure exclusive # access. lock # Disable BSD-Compress compression nobsdcomp # Disable Van Jacobson compression # (needed on some networks with Windows 9x/ME/XP clients, see posting to # poptop-server on 14th April 2005 by Pawel Pokrywka and followups, # http://marc.theaimsgroup.com/?t=111343175400006&r=1&w=2 ) novj novjccomp # turn off logging to stderr, since this may be redirected to pptpd, # which may trigger a loopback nologfd # put plugins here # (putting them higher up may cause them to sent messages to the pty) pptpd-1.4.0/bcrelay.80000644000175000017500000000367712110522672011311 00000000000000.TH BCRELAY "8" "31 Dec 2010" "Version 1.3.4" "BCRELAY MANUAL PAGE" .SH NAME \fBbcrelay\fR \- a broadcast relay daemon .SH SYNOPSIS .B bcrelay [\fIOPTION\fR]... .SH DESCRIPTION .B bcrelay simply plays as a broadcast repeater. When \fBbcrelay\fR receives packets from the incomming interface, it will then relay them to the outgoing interface. .LP .SH OPTIONS .TP \fB-d\fR,\fB\-\-daemon\fR Run \fBbcrelay\fR as a daemon. .TP \fB-h\fR,\fB\-\-help\fR Show help message. .TP \fB-i\fR,\fB\-\-incoming\fR \fIinterface-in Defines from which interface broadcasts will be read. .TP \fB-s\fR,\fB\-\-outgoing\fR \fIinterface-out Defines to which interface broadcasts will be relayed. .TP \fB-n\fR,\fB\-\-nolog\fR Disable any logging and tracing to /var/log/messages except fatal error messages. .TP \fB-s\fR,\fB\-\-ipsec\fR \fIargument\fR Defines an ipsec tunnel to be relayed to. Since ipsec tunnels terminate on the same interface, we need to define the broadcast address of the other end-point of the tunnel. This is done as ipsec0:x.x.x.255. .TP \fB-v\fR,\fB\-\-version\fR Show the version of \fBbcrelay\fR. .TP Log messages and debugging information go to syslog as daemon. .TP Interfaces can be specified as regexpressions, ie. ppp[0-9]+. .SH AUTHORS .sp Original \fBbcrelay\fR program was written by Luc Richards . .sp \fBBcrelay\fR was modified for \fBpoptop\fR by Richard de Vroede and rewritten by Norbert van Bolhuis for version (v1.0+) of \fBbcrelay\fR. .sp This manual page was written by Nguyen Vinh for Debian GNU/Linux System (but may be used for others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License Version 2, and any later versions published by Free Software Foundation. There is no WARRANTY, to the extent permitted by the law. .SH SEE ALSO For more detailed information about \fBbcrelay\fR, please read README. pptpd-1.4.0/defaults.h0000664000175000017500000000414712231653020011546 00000000000000/* * defaults.h * * This file contains some tuneable parameters, most of which can be overriden * at run-time. */ #ifndef _PPTPD_DEFAULTS_H #define _PPTPD_DEFAULTS_H /* Definitions for true and false */ #ifndef FALSE #define FALSE 0 #define TRUE !FALSE #endif /* String sizes for the config file */ #define MAX_CONFIG_FILENAME_SIZE 256 #define MAX_CONFIG_STRING_SIZE 512 /* For IP parser */ #define LOCAL 0 #define REMOTE 1 /* Default configuration values, mostly configurable */ #define CONNECTIONS_DEFAULT 100 #define DEFAULT_LOCAL_IP_LIST "192.168.0.1-100" #define DEFAULT_REMOTE_IP_LIST "192.168.1.1-100" #define MAX_CALLS_PER_TCP_LINK 128 #ifdef PNS_MODE #define MAX_CALLS 60 #endif #define PPP_SPEED_DEFAULT "115200" #if EMBED #define PPTPD_CONFIG_FILE_DEFAULT "/etc/config/pptpd.conf" #else #define PPTPD_CONFIG_FILE_DEFAULT "/etc/pptpd.conf" #endif #define PIDFILE_DEFAULT "/var/run/pptpd.pid" #define STIMEOUT_DEFAULT 10 /* seconds */ /* Location of binaries */ #define PPTP_CTRL_BIN SBINDIR "/pptpctrl" #define PPTPD_BIN SBINDIR "/pptpd" #define BCRELAY_BIN SBINDIR "/bcrelay" /* Parameters permitted in the config file */ #define CONNECTIONS_KEYWORD "connections" #define SPEED_KEYWORD "speed" #define PPPD_OPTION_KEYWORD "option" #define DEBUG_KEYWORD "debug" #ifdef BCRELAY #define BCRELAY_KEYWORD "bcrelay" #endif #define LOCALIP_KEYWORD "localip" #define REMOTEIP_KEYWORD "remoteip" #define LISTEN_KEYWORD "listen" #define VRF_KEYWORD "vrf" #define PIDFILE_KEYWORD "pidfile" #define STIMEOUT_KEYWORD "stimeout" #define NOIPPARAM_KEYWORD "noipparam" #define PPP_BINARY_KEYWORD "ppp" #define LOGWTMP_KEYWORD "logwtmp" #define DELEGATE_KEYWORD "delegate" #endif /* !_PPTPD_DEFAULTS_H */ pptpd-1.4.0/README.inetd0000644000175000017500000000276012110522672011551 00000000000000It is possible to run from inetd but you must consider the following: You use pptpctrl not pptpd. You must put pptpctrl in /etc/services as port 1723. You must configure pppd to allocate IP addresses (eg, use /etc/options.ttyXX, the pppd erpcd hack and an erpcd, or some other modification to pppd). libwrap is not used in this mode - you should use tcp wrappers in inetd like with any other network service. The configuration file is ignored in this mode. An example command line is: pptpctrl 0 0 0 0 0 This would be put in inetd.conf as (assuming Linux tcp wrappers): pptpctrl stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/pptpctrl 0 0 0 0 0 --buffer-- Note the --buffer-- is just to make the process name longer so it can modify its name to something meaningful. First option: debugging (0 for off, 1 for on) Second option: PPP options file (0 for off, 1 followed by a file name for on) Third option: TTY speed (0 for default, 1 followed by a speed to set a speed) Fourth option: Local IP address (0 for pppd-determined, 1 followed by an address to set) Fifth option: Remote IP address (0 for pppd-determined, 1 followed by an address to set) Another example, debugging on, alternate config file, setting tty speed and specifying the local IP address: pptpctrl 1 1 /etc/ppp/options.PPTP 1 115200 1 192.168.0.1 0 David Luyer, luyer@ucs.uwa.edu.au Tue Jun 15 16:06:05 WST 1999 pptpd-1.4.0/README.slirp0000644000175000017500000000153212110522672011573 00000000000000How 2 use slirp with pptpd-0.9.0 o Grab the slirp-1.0c package and install it ftp://blitzen.canberra.edu.au/pub/slirp/slirp-1.0c.tar.gz (other versions might work also, but were not tested) Then install pptpd o ./configure --with-slirp o Set path to slirp in config.h right o Be sure to have a HOME variable set when you start pptpd, because slirp reads the HOME/.chap-secrets file for authentication This file must be filled in the same way as the chap-secrets for pppd o For the rest follow the pptpd instructions o I have tested this with a Solaris 2.4 server, gcc and pptpd running on this configuration. As client I used Win95 DUN 1.3. I only tested this on a local network because our routers still block port 47. With this test I get a clean authentication. Harald Vogt, vogt@serc.nl Mon Jun 14 09:49:40 MET DST 1999 pptpd-1.4.0/acconfig.h0000644000175000017500000000160512231653254011513 00000000000000/* * acconfig.h * * Additional autoconf defines for this program. */ /* Use BSD User land PPP? */ #undef BSDUSER_PPP /* Use SLIRP? */ #undef SLIRP /* Enable Broadcast Relay? */ #undef BCRELAY /* Work as a PNS rather than a PAC? */ #undef PNS_MODE /* Communicate between control and manager processes with a pipe */ #undef CTRL_MGR_PIPE /* Where is my pppd? */ #undef PPP_BINARY /* Syslog Facility to use? See openlog(3). */ #undef PPTP_FACILITY /* Have libwrap? */ #undef HAVE_LIBWRAP /* Package name */ #undef PACKAGE /* Version */ #undef VERSION /* Just #define to int if it's not defined */ #undef socklen_t /* These would be better as typedefs, but... */ #undef u_int8_t #undef u_int16_t #undef u_int32_t /* And the signed size_t */ /* (normal size_t is done by standard autoconf) */ #undef ssize_t /* Define if you have an openpty() (non-standard check) */ #undef HAVE_OPENPTY pptpd-1.4.0/Makefile.in0000664000175000017500000007277312231672215011654 00000000000000# Makefile.in generated by automake 1.11.6 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, # 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software # Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__make_dryrun = \ { \ am__dry=no; \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ *) \ for am__flg in $$MAKEFLAGS; do \ case $$am__flg in \ *=*|--*) ;; \ *n*) am__dry=yes; break;; \ esac; \ done;; \ esac; \ test $$am__dry = yes; \ } pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : EXTRA_PROGRAMS = sbin_PROGRAMS = pptpd$(EXEEXT) pptpctrl$(EXEEXT) bcrelay$(EXEEXT) subdir = . DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(srcdir)/config.h.in \ $(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \ TODO acconfig.h install-sh missing mkinstalldirs ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/configure.in am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ configure.lineno config.status.lineno mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man5dir)" \ "$(DESTDIR)$(man8dir)" PROGRAMS = $(sbin_PROGRAMS) am_bcrelay_OBJECTS = bcrelay.$(OBJEXT) bcrelay_OBJECTS = $(am_bcrelay_OBJECTS) bcrelay_LDADD = $(LDADD) am_pptpctrl_OBJECTS = pqueue.$(OBJEXT) pptpctrl.$(OBJEXT) \ ctrlpacket.$(OBJEXT) inststr.$(OBJEXT) compat.$(OBJEXT) \ pptpgre.$(OBJEXT) ppphdlc.$(OBJEXT) pptpctrl_OBJECTS = $(am_pptpctrl_OBJECTS) am__DEPENDENCIES_1 = pptpctrl_DEPENDENCIES = $(am__DEPENDENCIES_1) am_pptpd_OBJECTS = pqueue.$(OBJEXT) pptpd.$(OBJEXT) \ configfile.$(OBJEXT) pptpmanager.$(OBJEXT) compat.$(OBJEXT) \ inststr.$(OBJEXT) getopt.$(OBJEXT) getopt1.$(OBJEXT) pptpd_OBJECTS = $(am_pptpd_OBJECTS) pptpd_DEPENDENCIES = $(am__DEPENDENCIES_1) DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = am__depfiles_maybe = COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ SOURCES = $(bcrelay_SOURCES) $(pptpctrl_SOURCES) $(pptpd_SOURCES) DIST_SOURCES = $(bcrelay_SOURCES) $(pptpctrl_SOURCES) $(pptpd_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; am__install_max = 40 am__nobase_strip_setup = \ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` am__nobase_strip = \ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" am__nobase_list = $(am__nobase_strip_setup); \ for p in $$list; do echo "$$p $$p"; done | \ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ if (++n[$$2] == $(am__install_max)) \ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ END { for (dir in files) print dir, files[dir] }' am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__uninstall_files_from_dir = { \ test -z "$$files" \ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ $(am__cd) "$$dir" && rm -f $$files; }; \ } man5dir = $(mandir)/man5 man8dir = $(mandir)/man8 NROFF = nroff MANS = $(man_MANS) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) am__remove_distdir = \ if test -d "$(distdir)"; then \ find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ && rm -rf "$(distdir)" \ || { sleep 5 && rm -rf "$(distdir)"; }; \ else :; fi DIST_ARCHIVES = $(distdir).tar.gz GZIP_ENV = --best distuninstallcheck_listfiles = find . -type f -print am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \ | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$' distcleancheck_listfiles = find . -type f -print ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = -O2 -fno-builtin -Wall -DSBINDIR='"$(sbindir)"' CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ GREP = @GREP@ HAVE_OPENPTY = @HAVE_OPENPTY@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ XTRALIBS_CTRL = @XTRALIBS_CTRL@ XTRALIBS_MGR = @XTRALIBS_MGR@ XTRA_PROG = @XTRA_PROG@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ build_alias = @build_alias@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host_alias = @host_alias@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ # We have our own, simpler dependencies stuff in 'reconf' AUTOMAKE_OPTIONS = no-dependencies foreign INCLUDES = -I. #CFLAGS = -O2 -fno-builtin -Wall -ansi -DSBINDIR='"$(sbindir)"' #CFLAGS = -O2 -fno-builtin -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"' man_MANS = pptpctrl.8 pptpd.8 pptpd.conf.5 bcrelay.8 EXTRA_DIST = \ html README* ChangeLog NEWS TODO $(man_MANS) \ samples/chap-secrets samples/options.pptpd samples/pptpd.conf \ Makefile.uClinux config.embed.h version reconf \ tools/pptp-portslave tools/vpnstats tools/vpnstats.pl tools/vpnuser \ pptpd.init pptpd.spec makepackage \ plugins/Makefile plugins/*.h plugins/*.c \ debian/README.debian debian/changelog debian/conffiles debian/config \ debian/control debian/copyright debian/dirs debian/docs \ debian/examples debian/pptpd-options debian/pptpd.conf \ debian/pptpd.init debian/pptpdconfig.pl debian/rules debian/templates \ debian/po/POTFILES.in debian/po/fr.po debian/po/pt_BR.po \ debian/po/templates.pot # Header files are only used to determine what to put in a distribution, not # for dependencies, so just attribute them all to pptpd. pptpd_SOURCES = \ pqueue.c pptpd.c configfile.c pptpmanager.c compat.c inststr.c getopt.c getopt1.c \ pqueue.h compat.h configfile.h ctrlpacket.h defaults.h inststr.h our_getopt.h \ our_syslog.h ppphdlc.h pptpctrl.h pptpdefs.h pptpgre.h pptpmanager.h pptpctrl_SOURCES = \ pqueue.c pptpctrl.c ctrlpacket.c inststr.c compat.c pptpgre.c ppphdlc.c pptpd_LDADD = $(XTRALIBS_MGR) pptpctrl_LDADD = $(XTRALIBS_CTRL) bcrelay_SOURCES = bcrelay.c defaults.h our_syslog.h our_getopt.h subdirs = plugins all: config.h $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: .SUFFIXES: .c .o .obj am--refresh: Makefile @: $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \ $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \ && exit 0; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ echo ' $(SHELL) ./config.status'; \ $(SHELL) ./config.status;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck $(top_srcdir)/configure: $(am__configure_deps) $(am__cd) $(srcdir) && $(AUTOCONF) $(ACLOCAL_M4): $(am__aclocal_m4_deps) $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) $(am__aclocal_m4_deps): config.h: stamp-h1 @if test ! -f $@; then rm -f stamp-h1; else :; fi @if test ! -f $@; then $(MAKE) $(AM_MAKEFLAGS) stamp-h1; else :; fi stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status @rm -f stamp-h1 cd $(top_builddir) && $(SHELL) ./config.status config.h $(srcdir)/config.h.in: $(am__configure_deps) $(top_srcdir)/acconfig.h ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) rm -f stamp-h1 touch $@ distclean-hdr: -rm -f config.h stamp-h1 install-sbinPROGRAMS: $(sbin_PROGRAMS) @$(NORMAL_INSTALL) @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(sbindir)'"; \ $(MKDIR_P) "$(DESTDIR)$(sbindir)" || exit 1; \ fi; \ for p in $$list; do echo "$$p $$p"; done | \ sed 's/$(EXEEXT)$$//' | \ while read p p1; do if test -f $$p; \ then echo "$$p"; echo "$$p"; else :; fi; \ done | \ sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ sed 'N;N;N;s,\n, ,g' | \ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ if ($$2 == $$4) files[d] = files[d] " " $$1; \ else { print "f", $$3 "/" $$4, $$1; } } \ END { for (d in files) print "f", d, files[d] }' | \ while read type dir files; do \ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ test -z "$$files" || { \ echo " $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ } \ ; done uninstall-sbinPROGRAMS: @$(NORMAL_UNINSTALL) @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ -e 's/$$/$(EXEEXT)/' `; \ test -n "$$list" || exit 0; \ echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ cd "$(DESTDIR)$(sbindir)" && rm -f $$files clean-sbinPROGRAMS: -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) bcrelay$(EXEEXT): $(bcrelay_OBJECTS) $(bcrelay_DEPENDENCIES) $(EXTRA_bcrelay_DEPENDENCIES) @rm -f bcrelay$(EXEEXT) $(LINK) $(bcrelay_OBJECTS) $(bcrelay_LDADD) $(LIBS) pptpctrl$(EXEEXT): $(pptpctrl_OBJECTS) $(pptpctrl_DEPENDENCIES) $(EXTRA_pptpctrl_DEPENDENCIES) @rm -f pptpctrl$(EXEEXT) $(LINK) $(pptpctrl_OBJECTS) $(pptpctrl_LDADD) $(LIBS) pptpd$(EXEEXT): $(pptpd_OBJECTS) $(pptpd_DEPENDENCIES) $(EXTRA_pptpd_DEPENDENCIES) @rm -f pptpd$(EXEEXT) $(LINK) $(pptpd_OBJECTS) $(pptpd_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: $(COMPILE) -c $< .c.obj: $(COMPILE) -c `$(CYGPATH_W) '$<'` install-man5: $(man_MANS) @$(NORMAL_INSTALL) @list1=''; \ list2='$(man_MANS)'; \ test -n "$(man5dir)" \ && test -n "`echo $$list1$$list2`" \ || exit 0; \ echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ { for i in $$list1; do echo "$$i"; done; \ if test -n "$$list2"; then \ for i in $$list2; do echo "$$i"; done \ | sed -n '/\.5[a-z]*$$/p'; \ fi; \ } | while read p; do \ if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; echo "$$p"; \ done | \ sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ sed 'N;N;s,\n, ,g' | { \ list=; while read file base inst; do \ if test "$$base" = "$$inst"; then list="$$list $$file"; else \ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ fi; \ done; \ for i in $$list; do echo "$$i"; done | $(am__base_list) | \ while read files; do \ test -z "$$files" || { \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ done; } uninstall-man5: @$(NORMAL_UNINSTALL) @list=''; test -n "$(man5dir)" || exit 0; \ files=`{ for i in $$list; do echo "$$i"; done; \ l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ sed -n '/\.5[a-z]*$$/p'; \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) install-man8: $(man_MANS) @$(NORMAL_INSTALL) @list1=''; \ list2='$(man_MANS)'; \ test -n "$(man8dir)" \ && test -n "`echo $$list1$$list2`" \ || exit 0; \ echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ { for i in $$list1; do echo "$$i"; done; \ if test -n "$$list2"; then \ for i in $$list2; do echo "$$i"; done \ | sed -n '/\.8[a-z]*$$/p'; \ fi; \ } | while read p; do \ if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; echo "$$p"; \ done | \ sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ sed 'N;N;s,\n, ,g' | { \ list=; while read file base inst; do \ if test "$$base" = "$$inst"; then list="$$list $$file"; else \ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ fi; \ done; \ for i in $$list; do echo "$$i"; done | $(am__base_list) | \ while read files; do \ test -z "$$files" || { \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ done; } uninstall-man8: @$(NORMAL_UNINSTALL) @list=''; test -n "$(man8dir)" || exit 0; \ files=`{ for i in $$list; do echo "$$i"; done; \ l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ sed -n '/\.8[a-z]*$$/p'; \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) @list='$(MANS)'; if test -n "$$list"; then \ list=`for p in $$list; do \ if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ if test -n "$$list" && \ grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ echo " typically \`make maintainer-clean' will remove them" >&2; \ exit 1; \ else :; fi; \ else :; fi $(am__remove_distdir) test -d "$(distdir)" || mkdir "$(distdir)" @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done -test -n "$(am__skip_mode_fix)" \ || find "$(distdir)" -type d ! -perm -755 \ -exec chmod u+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ || chmod -R a+r "$(distdir)" dist-gzip: distdir tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz $(am__remove_distdir) dist-bzip2: distdir tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2 $(am__remove_distdir) dist-lzip: distdir tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz $(am__remove_distdir) dist-lzma: distdir tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma $(am__remove_distdir) dist-xz: distdir tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz $(am__remove_distdir) dist-tarZ: distdir tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z $(am__remove_distdir) dist-shar: distdir shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz $(am__remove_distdir) dist-zip: distdir -rm -f $(distdir).zip zip -rq $(distdir).zip $(distdir) $(am__remove_distdir) dist dist-all: distdir tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz $(am__remove_distdir) # This target untars the dist file and tries a VPATH configuration. Then # it guarantees that the distribution is self-contained by making another # tarfile. distcheck: dist case '$(DIST_ARCHIVES)' in \ *.tar.gz*) \ GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\ *.tar.bz2*) \ bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ *.tar.lzma*) \ lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\ *.tar.lz*) \ lzip -dc $(distdir).tar.lz | $(am__untar) ;;\ *.tar.xz*) \ xz -dc $(distdir).tar.xz | $(am__untar) ;;\ *.tar.Z*) \ uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ *.shar.gz*) \ GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\ *.zip*) \ unzip $(distdir).zip ;;\ esac chmod -R a-w $(distdir); chmod u+w $(distdir) mkdir $(distdir)/_build mkdir $(distdir)/_inst chmod a-w $(distdir) test -d $(distdir)/_build || exit 0; \ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ && am__cwd=`pwd` \ && $(am__cd) $(distdir)/_build \ && ../configure --srcdir=.. --prefix="$$dc_install_base" \ $(AM_DISTCHECK_CONFIGURE_FLAGS) \ $(DISTCHECK_CONFIGURE_FLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) dvi \ && $(MAKE) $(AM_MAKEFLAGS) check \ && $(MAKE) $(AM_MAKEFLAGS) install \ && $(MAKE) $(AM_MAKEFLAGS) installcheck \ && $(MAKE) $(AM_MAKEFLAGS) uninstall \ && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ distuninstallcheck \ && chmod -R a-w "$$dc_install_base" \ && ({ \ (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ } || { rm -rf "$$dc_destdir"; exit 1; }) \ && rm -rf "$$dc_destdir" \ && $(MAKE) $(AM_MAKEFLAGS) dist \ && rm -rf $(DIST_ARCHIVES) \ && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ && cd "$$am__cwd" \ || exit 1 $(am__remove_distdir) @(echo "$(distdir) archives ready for distribution: "; \ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' distuninstallcheck: @test -n '$(distuninstallcheck_dir)' || { \ echo 'ERROR: trying to run $@ with an empty' \ '$$(distuninstallcheck_dir)' >&2; \ exit 1; \ }; \ $(am__cd) '$(distuninstallcheck_dir)' || { \ echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \ exit 1; \ }; \ test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \ || { echo "ERROR: files left after uninstall:" ; \ if test -n "$(DESTDIR)"; then \ echo " (check DESTDIR support)"; \ fi ; \ $(distuninstallcheck_listfiles) ; \ exit 1; } >&2 distcleancheck: distclean @if test '$(srcdir)' = . ; then \ echo "ERROR: distcleancheck can only run from a VPATH build" ; \ exit 1 ; \ fi @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ || { echo "ERROR: files left in build directory after distclean:" ; \ $(distcleancheck_listfiles) ; \ exit 1; } >&2 check-am: all-am check: check-am all-am: Makefile $(PROGRAMS) $(MANS) config.h all-local installdirs: for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." clean: clean-am clean-am: clean-generic clean-local clean-sbinPROGRAMS mostlyclean-am distclean: distclean-am -rm -f $(am__CONFIG_DISTCLEAN_FILES) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-hdr distclean-tags dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-man install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-exec-local install-sbinPROGRAMS install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-man5 install-man8 install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -f $(am__CONFIG_DISTCLEAN_FILES) -rm -rf $(top_srcdir)/autom4te.cache -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: uninstall-local uninstall-man uninstall-sbinPROGRAMS uninstall-man: uninstall-man5 uninstall-man8 .MAKE: all install-am install-strip .PHONY: CTAGS GTAGS all all-am all-local am--refresh check check-am \ clean clean-generic clean-local clean-sbinPROGRAMS ctags dist \ dist-all dist-bzip2 dist-gzip dist-lzip dist-lzma dist-shar \ dist-tarZ dist-xz dist-zip distcheck distclean \ distclean-compile distclean-generic distclean-hdr \ distclean-tags distcleancheck distdir distuninstallcheck dvi \ dvi-am html html-am info info-am install install-am \ install-data install-data-am install-dvi install-dvi-am \ install-exec install-exec-am install-exec-local install-html \ install-html-am install-info install-info-am install-man \ install-man5 install-man8 install-pdf install-pdf-am \ install-ps install-ps-am install-sbinPROGRAMS install-strip \ installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ uninstall-am uninstall-local uninstall-man uninstall-man5 \ uninstall-man8 uninstall-sbinPROGRAMS @SET_MAKE@ export LIBDIR=$(libdir)/pptpd all-local: for d in $(subdirs); do $(MAKE) $(MFLAGS) -C $$d all; done install-exec-local: for d in $(subdirs); do $(MAKE) $(MFLAGS) -C $$d prefix=$(prefix) DESTDIR=$(DESTDIR) install; done clean-local: for d in $(subdirs); do $(MAKE) $(MFLAGS) -C $$d clean; done uninstall-local: for d in $(subdirs); do $(MAKE) $(MFLAGS) -C $$d prefix=$(prefix) DESTDIR=$(DESTDIR) uninstall; done package: deb rpm deb: fakeroot dpkg-buildpackage -us -uc rpm: fakeroot rpmbuild -ta pptpd-$(VERSION).tar.gz bcrelay.o: bcrelay.c config.h defaults.h our_syslog.h our_getopt.h compat.o: compat.c config.h compat.h our_syslog.h inststr.h configfile.o: configfile.c config.h defaults.h configfile.h our_syslog.h ctrlpacket.o: ctrlpacket.c config.h our_syslog.h pptpdefs.h pptpctrl.h \ ctrlpacket.h compat.h getopt.o: getopt.c config.h our_getopt.h getopt1.o: getopt1.c config.h our_getopt.h inststr.o: inststr.c config.h inststr.h compat.h ppphdlc.o: ppphdlc.c config.h ppphdlc.h pptpctrl.o: pptpctrl.c config.h our_syslog.h compat.h pptpctrl.h \ pptpgre.h pptpdefs.h ctrlpacket.h defaults.h pptpd.o: pptpd.c config.h our_syslog.h our_getopt.h configfile.h \ defaults.h compat.h pptpmanager.h pptpgre.o: pptpgre.c config.h our_syslog.h ppphdlc.h pptpgre.h pptpdefs.h \ pptpctrl.h defaults.h pqueue.h compat.h pptpmanager.o: pptpmanager.c config.h our_syslog.h configfile.h \ defaults.h pptpctrl.h pptpdefs.h pptpmanager.h compat.h pqueue.o: pqueue.c pqueue.h # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: pptpd-1.4.0/ppphdlc.h0000664000175000017500000000044612231653072011376 00000000000000/* * ppphdlc.h * * Copied from C. S. Ananians ppp_fcs.h */ #ifndef _PPTPD_PPPHDLC_H #define _PPTPD_PPPHDLC_H #define PPPINITFCS16 0xffff /* Initial FCS value */ #define PPPGOODFCS16 0xf0b8 /* Good final FCS value */ extern u_int16_t fcstab[256]; #endif /* !_PPTPD_PPPHDLC_H */ pptpd-1.4.0/config.h.in0000664000175000017500000001066712231672170011624 00000000000000/* config.h.in. Generated from configure.in by autoheader. */ /* * acconfig.h * * Additional autoconf defines for this program. */ /* Use BSD User land PPP? */ #undef BSDUSER_PPP /* Use SLIRP? */ #undef SLIRP /* Enable Broadcast Relay? */ #undef BCRELAY /* Work as a PNS rather than a PAC? */ #undef PNS_MODE /* Communicate between control and manager processes with a pipe */ #undef CTRL_MGR_PIPE /* Where is my pppd? */ #undef PPP_BINARY /* Syslog Facility to use? See openlog(3). */ #undef PPTP_FACILITY /* Have libwrap? */ #undef HAVE_LIBWRAP /* Package name */ #undef PACKAGE /* Version */ #undef VERSION /* Just #define to int if it's not defined */ #undef socklen_t /* These would be better as typedefs, but... */ #undef u_int8_t #undef u_int16_t #undef u_int32_t /* And the signed size_t */ /* (normal size_t is done by standard autoconf) */ #undef ssize_t /* Define if you have an openpty() (non-standard check) */ #undef HAVE_OPENPTY /* Define to 1 if you have the `daemon' function. */ #undef HAVE_DAEMON /* Define to 1 if you have the `fork' function. */ #undef HAVE_FORK /* Define to 1 if you have the `getservbyname' function. */ #undef HAVE_GETSERVBYNAME /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if you have the `c' library (-lc). */ #undef HAVE_LIBC /* Define to 1 if you have the `intl' library (-lintl). */ #undef HAVE_LIBINTL /* Define to 1 if you have the header file. */ #undef HAVE_LIBINTL_H /* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL /* Define to 1 if you have the `socket' library (-lsocket). */ #undef HAVE_LIBSOCKET /* Define to 1 if you have the `util' library (-lutil). */ #undef HAVE_LIBUTIL /* Define to 1 if you have the header file. */ #undef HAVE_LIBUTIL_H /* Define to 1 if you have the `memmove' function. */ #undef HAVE_MEMMOVE /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have the header file. */ #undef HAVE_PTY_H /* Define to 1 if you have the `setproctitle' function. */ #undef HAVE_SETPROCTITLE /* Define to 1 if you have the `setsid' function. */ #undef HAVE_SETSID /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the `strerror' function. */ #undef HAVE_STRERROR /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if you have the `strlcpy' function. */ #undef HAVE_STRLCPY /* Define to 1 if you have the header file. */ #undef HAVE_SYSLOG_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UIO_H /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* Define to 1 if you have the `writev' function. */ #undef HAVE_WRITEV /* Name of package */ #undef PACKAGE /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the home page for this package. */ #undef PACKAGE_URL /* Define to the version of this package. */ #undef PACKAGE_VERSION /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* Version number of package */ #undef VERSION /* Use vrf_socket from vrf library */ #undef VRF /* Define to empty if `const' does not conform to ANSI C. */ #undef const /* Define to `__inline__' or `__inline' if that's what the C compiler calls it, or to nothing if 'inline' is not supported under any name. */ #ifndef __cplusplus #undef inline #endif /* Define to `unsigned int' if does not define. */ #undef size_t /* Define to `int' if does not define. */ #undef ssize_t /* Define to `unsigned short' if does not define. */ #undef u_int16_t /* Define to `unsigned int' if does not define. */ #undef u_int32_t /* Define to `unsigned char' if does not define. */ #undef u_int8_t pptpd-1.4.0/README.bcrelay0000644000175000017500000000565112110522672012071 00000000000000BCrelay v0.5 by Richard de Vroede Original program by: TheyCallMeLuc(at)yahoo.com.au ------------------------------------------------------------------------------- Index 1. License 2. What is it? 3. Usage 4. Contact ------------------------------------------------------------------------------- 1. License This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. Your copy is available at: http://www.gnu.org/licenses/gpl.html ------------------------------------------------------------------------------- 2. What is it? A broadcast packet repeater. This packet repeater (currently designed for udp packets) will listen for broadcast packets. When it receives the packets on the incoming interface, it will then re-broadcast them to the outgoing interface. ------------------------------------------------------------------------------- 3. Usage Usage: /usr/sbin/bcrelay [options], where options are: [-d] [--daemon] Run as daemon. [-h] [--help] Displays this help message. [-i] [--incoming] Defines from which interface broadcasts will be relayed. [-o] [--outgoing] Defines to which interface broadcasts will be relayed. [-s] [--ipsec] Defines an ipsec tunnel to be relayed to. Since ipsec tunnels terminate on the same interface, we need to define the broadcast address of the other end-point of the tunnel. This is done as ipsec0:x.x.x.255 [-v] [--version] Displays the BCrelay version number. Logs and debugging go to syslog as DAEMON. Interfaces can be specified as regexpressions, ie. ppp[0-9]+ ------------------------------------------------------------------------------- 4. Contact All comments, patches, improvements can be mailed to me, or the mailing list. If it makes sense, I will update this package. Richard de Vroede : r.devroede@linvision.com Original author : TheyCallMeLuc@yahoo.com.au Poptop Mailinglist : poptop-server@lists.sourceforge.net Official Poptop website : http://www.poptop.org SourceForge Poptop website : http://sourgeforge.net/projects/poptop ------------------------------------------------------------------------------- pptpd-1.4.0/pptpmanager.c0000664000175000017500000004335612231653135012264 00000000000000/* * pptpmanager.c * * Manages the PoPToP sessions. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifdef __linux__ #define _GNU_SOURCE 1 /* broken arpa/inet.h */ #endif #include "our_syslog.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef VRF #include #endif #if HAVE_LIBWRAP /* re-include, just in case HAVE_SYSLOG_H wasn't defined */ #include #include int allow_severity = LOG_WARNING; int deny_severity = LOG_WARNING; #endif #ifdef __UCLIBC__ #define socklen_t int #endif #include "configfile.h" #include "defaults.h" #include "pptpctrl.h" #include "pptpdefs.h" #include "pptpmanager.h" #include "compat.h" /* command line arg variables */ extern char *ppp_binary; extern char *pppdoptstr; extern char *speedstr; extern char *bindaddr; extern int pptp_debug; extern int pptp_noipparam; extern int pptp_logwtmp; extern int pptp_delegate; /* option for timeout on starting ctrl connection */ extern int pptp_stimeout; extern int pptp_connections; /* local function prototypes */ static void connectCall(int clientSocket, int clientNumber); static int createHostSocket(int *hostSocket); /* this end's call identifier */ uint16_t unique_call_id = 0; /* slots - begin */ /* data about connection slots */ struct slot { pid_t pid; char *local; char *remote; } *slots; /* number of connection slots allocated */ int slot_count; static void slot_iterate(struct slot *slots, int count, void (*callback) (struct slot *slot)) { int i; for(i=0; ipid = 0; slot->local = NULL; slot->remote = NULL; } void slot_init(int count) { slot_count = count; slots = (struct slot *) calloc(slot_count, sizeof(struct slot)); slot_iterate(slots, slot_count, slot_slot_init); } static void slot_slot_free(struct slot *slot) { slot->pid = 0; if (slot->local) free(slot->local); slot->local = NULL; if (slot->remote) free(slot->remote); slot->remote = NULL; } void slot_free() { slot_iterate(slots, slot_count, slot_slot_free); free(slots); slots = NULL; slot_count = 0; } void slot_set_local(int i, char *ip) { struct slot *slot = &slots[i]; if (slot->local) free(slot->local); slot->local = strdup(ip); } void slot_set_remote(int i, char *ip) { struct slot *slot = &slots[i]; if (slot->remote) free(slot->remote); slot->remote = strdup(ip); } void slot_set_pid(int i, pid_t pid) { struct slot *slot = &slots[i]; slot->pid = pid; } int slot_find_by_pid(pid_t pid) { int i; for(i=0; ipid == pid) return i; } return -1; } int slot_find_empty() { return slot_find_by_pid(0); } char *slot_get_local(int i) { struct slot *slot = &slots[i]; return slot->local; } char *slot_get_remote(int i) { struct slot *slot = &slots[i]; return slot->remote; } /* slots - end */ static void sigchld_responder(int sig) { int child, status; while ((child = waitpid(-1, &status, WNOHANG)) > 0) { if (pptp_delegate) { if (pptp_debug) syslog(LOG_DEBUG, "MGR: Reaped child %d", child); } else { int i; i = slot_find_by_pid(child); if (i != -1) { slot_set_pid(i, 0); if (pptp_debug) syslog(LOG_DEBUG, "MGR: Reaped child %d", child); } else { syslog(LOG_INFO, "MGR: Reaped unknown child %d", child); } } } } int pptp_manager(int argc, char **argv) { int firstOpen = -1; int ctrl_pid; socklen_t addrsize; int hostSocket; fd_set connSet; int rc, sig_fd; rc = sigpipe_create(); if (rc < 0) { syslog(LOG_ERR, "MGR: unable to setup sigchld pipe!"); syslog_perror("sigpipe_create"); exit(-1); } sigpipe_assign(SIGCHLD); sigpipe_assign(SIGTERM); sig_fd = sigpipe_fd(); /* openlog() not required, done in pptpd.c */ syslog(LOG_INFO, "MGR: Manager process started"); if (!pptp_delegate) { syslog(LOG_INFO, "MGR: Maximum of %d connections available", pptp_connections); } /* Connect the host socket and activate it for listening */ if (createHostSocket(&hostSocket) < 0) { syslog(LOG_ERR, "MGR: Couldn't create host socket"); syslog_perror("createHostSocket"); exit(-1); } while (1) { int max_fd; FD_ZERO(&connSet); if (pptp_delegate) { FD_SET(hostSocket, &connSet); } else { firstOpen = slot_find_empty(); if (firstOpen == -1) { syslog(LOG_ERR, "MGR: No free connection slots or IPs - no more clients can connect!"); } else { FD_SET(hostSocket, &connSet); } } max_fd = hostSocket; FD_SET(sig_fd, &connSet); if (max_fd < sig_fd) max_fd = sig_fd; while (1) { if (select(max_fd + 1, &connSet, NULL, NULL, NULL) != -1) break; if (errno == EINTR) continue; syslog(LOG_ERR, "MGR: Error with manager select()!"); syslog_perror("select"); exit(-1); } if (FD_ISSET(sig_fd, &connSet)) { /* SIGCHLD */ int signum = sigpipe_read(); if (signum == SIGCHLD) sigchld_responder(signum); else if (signum == SIGTERM) return signum; } if (FD_ISSET(hostSocket, &connSet)) { /* A call came! */ int clientSocket; struct sockaddr_in client_addr; /* Accept call and launch PPTPCTRL */ addrsize = sizeof(client_addr); clientSocket = accept(hostSocket, (struct sockaddr *) &client_addr, &addrsize); #if HAVE_LIBWRAP if (clientSocket != -1) { struct request_info r; request_init(&r, RQ_DAEMON, "pptpd", RQ_FILE, clientSocket, NULL); fromhost(&r); if (!hosts_access(&r)) { /* send a permission denied message? this is a tcp wrapper * type deny so probably best to just drop it immediately like * this, as tcp wrappers usually do. */ close(clientSocket); /* this would never be file descriptor 0, so use it as a error * value */ clientSocket = 0; } } #endif if (clientSocket == -1) { /* accept failed, but life goes on... */ syslog(LOG_ERR, "MGR: accept() failed"); syslog_perror("accept"); } else if (clientSocket != 0) { fd_set rfds; struct timeval tv; struct pptp_header ph; /* TODO: this select below prevents other connections from being processed during the wait for the first data packet from the client. */ /* * DOS protection: get a peek at the first packet * and do some checks on it before we continue. * A 10 second timeout on the first packet seems reasonable * to me, if anything looks sus, throw it away. */ FD_ZERO(&rfds); FD_SET(clientSocket, &rfds); tv.tv_sec = pptp_stimeout; tv.tv_usec = 0; if (select(clientSocket + 1, &rfds, NULL, NULL, &tv) <= 0) { syslog(LOG_ERR, "MGR: dropped slow initial connection"); close(clientSocket); continue; } if (recv(clientSocket, &ph, sizeof(ph), MSG_PEEK) != sizeof(ph)) { syslog(LOG_ERR, "MGR: dropped small initial connection"); close(clientSocket); continue; } ph.length = ntohs(ph.length); ph.pptp_type = ntohs(ph.pptp_type); ph.magic = ntohl(ph.magic); ph.ctrl_type = ntohs(ph.ctrl_type); if (ph.length <= 0 || ph.length > PPTP_MAX_CTRL_PCKT_SIZE) { syslog(LOG_WARNING, "MGR: initial packet length %d outside " "(0 - %d)", ph.length, PPTP_MAX_CTRL_PCKT_SIZE); goto dos_exit; } if (ph.magic != PPTP_MAGIC_COOKIE) { syslog(LOG_WARNING, "MGR: initial packet bad magic"); goto dos_exit; } if (ph.pptp_type != PPTP_CTRL_MESSAGE) { syslog(LOG_WARNING, "MGR: initial packet has bad type"); goto dos_exit; } if (ph.ctrl_type != START_CTRL_CONN_RQST) { syslog(LOG_WARNING, "MGR: initial packet has bad ctrl type " "0x%x", ph.ctrl_type); dos_exit: close(clientSocket); continue; } #ifndef HAVE_FORK switch (ctrl_pid = vfork()) { #else switch (ctrl_pid = fork()) { #endif case -1: /* error */ syslog(LOG_ERR, "MGR: fork() failed launching " PPTP_CTRL_BIN); close(clientSocket); break; case 0: /* child */ close(hostSocket); if (pptp_debug) syslog(LOG_DEBUG, "MGR: Launching " PPTP_CTRL_BIN " to handle client"); connectCall(clientSocket, !pptp_delegate ? firstOpen : 0); _exit(1); /* NORETURN */ default: /* parent */ close(clientSocket); unique_call_id += MAX_CALLS_PER_TCP_LINK; if (!pptp_delegate) slot_set_pid(firstOpen, ctrl_pid); break; } } } /* FD_ISSET(hostSocket, &connSet) */ } /* while (1) */ } /* pptp_manager() */ /* * Author: Kevin Thayer * * This creates a socket to listen on, sets the max # of pending connections and * various other options. * * Returns the fd of the host socket. * * The function return values are: * 0 for sucessful * -1 for bad socket creation * -2 for bad socket options * -3 for bad bind * -4 for bad listen */ static int createHostSocket(int *hostSocket) { int opt = 1; struct sockaddr_in address; #ifdef HAVE_GETSERVBYNAME struct servent *serv; #endif /* create the master socket and check it worked */ if ((*hostSocket = vrf_socket(vrf, AF_INET, SOCK_STREAM, 0)) <= 0) return -1; /* set master socket to allow daemon to be restarted with connections active */ if (setsockopt(*hostSocket, SOL_SOCKET, SO_REUSEADDR, (char *) &opt, sizeof(opt)) < 0) return -2; /* set up socket */ memset(&address, 0, sizeof(address)); address.sin_family = AF_INET; if(bindaddr) address.sin_addr.s_addr = inet_addr(bindaddr); else address.sin_addr.s_addr = INADDR_ANY; #ifdef HAVE_GETSERVBYNAME if ((serv = getservbyname("pptp", "tcp")) != NULL) { address.sin_port = serv->s_port; } else #endif address.sin_port = htons(PPTP_PORT); /* bind the socket to the pptp port */ if (bind(*hostSocket, (struct sockaddr *) &address, sizeof(address)) < 0) return -3; /* minimal backlog to avoid DoS */ if (listen(*hostSocket, 3) < 0) return -4; return 0; } /* * Author: Kevin Thayer * * this routine sets up the arguments for the call handler and calls it. */ static void connectCall(int clientSocket, int clientNumber) { #define NUM2ARRAY(array, num) snprintf(array, sizeof(array), "%d", num) char *ctrl_argv[16]; /* arguments for launching 'pptpctrl' binary */ int pptpctrl_argc = 0; /* count the number of arguments sent to pptpctrl */ /* lame strings to hold passed args. */ char ctrl_debug[2]; char ctrl_noipparam[2]; char pppdoptfile_argv[2]; char speedgiven_argv[2]; extern char **environ; char callid_argv[16]; /* * Launch the CTRL manager binary; we send it some information such as * speed and option file on the command line. */ ctrl_argv[pptpctrl_argc++] = PPTP_CTRL_BIN " "; /* Pass socket as stdin */ if (clientSocket != 0) { dup2(clientSocket, 0); close(clientSocket); } /* get argv set up */ NUM2ARRAY(ctrl_debug, pptp_debug ? 1 : 0); ctrl_debug[1] = '\0'; ctrl_argv[pptpctrl_argc++] = ctrl_debug; NUM2ARRAY(ctrl_noipparam, pptp_noipparam ? 1 : 0); ctrl_noipparam[1] = '\0'; ctrl_argv[pptpctrl_argc++] = ctrl_noipparam; #ifdef VRF ctrl_argv[pptpctrl_argc++] = vrf ? vrf : ""; #endif /* optionfile = TRUE or FALSE; so the CTRL manager knows whether to load a non-standard options file */ NUM2ARRAY(pppdoptfile_argv, pppdoptstr ? 1 : 0); pppdoptfile_argv[1] = '\0'; ctrl_argv[pptpctrl_argc++] = pppdoptfile_argv; if (pppdoptstr) { /* send the option filename so the CTRL manager can launch pppd with this alternate file */ ctrl_argv[pptpctrl_argc++] = pppdoptstr; } /* tell the ctrl manager whether we were given a speed */ NUM2ARRAY(speedgiven_argv, speedstr ? 1 : 0); speedgiven_argv[1] = '\0'; ctrl_argv[pptpctrl_argc++] = speedgiven_argv; if (speedstr) { /* send the CTRL manager the speed of the connection so it can fire pppd at that speed */ ctrl_argv[pptpctrl_argc++] = speedstr; } if (pptp_delegate) { /* no local or remote address to specify */ ctrl_argv[pptpctrl_argc++] = "0"; ctrl_argv[pptpctrl_argc++] = "0"; } else { /* specify local & remote addresses for this call */ ctrl_argv[pptpctrl_argc++] = "1"; ctrl_argv[pptpctrl_argc++] = slot_get_local(clientNumber); ctrl_argv[pptpctrl_argc++] = "1"; ctrl_argv[pptpctrl_argc++] = slot_get_remote(clientNumber); } /* our call id to be included in GRE packets the client * will send to us */ NUM2ARRAY(callid_argv, unique_call_id); ctrl_argv[pptpctrl_argc++] = callid_argv; /* pass path to ppp binary */ ctrl_argv[pptpctrl_argc++] = ppp_binary; /* pass logwtmp flag */ ctrl_argv[pptpctrl_argc++] = pptp_logwtmp ? "1" : "0"; /* note: update pptpctrl.8 if the argument list format is changed */ /* terminate argv array with a NULL */ ctrl_argv[pptpctrl_argc] = NULL; pptpctrl_argc++; /* ok, args are setup: invoke the call handler */ execve(PPTP_CTRL_BIN, ctrl_argv, environ); syslog(LOG_ERR, "MGR: Failed to exec " PPTP_CTRL_BIN "!"); _exit(1); } pptpd-1.4.0/pqueue.c0000664000175000017500000001413112231652466011245 00000000000000#include #include #include #include #include #include "pqueue.h" #ifdef DEBUG_PQUEUE #define DEBUG_ON 1 #else #define DEBUG_ON 0 #endif #define DEBUG_CMD(_a) if (DEBUG_ON) { _a } #define MIN_CAPACITY 128 /* min allocated buffer for a packet */ static int pqueue_alloc (int seq, unsigned char *packet, int packlen, pqueue_t **new); int packet_timeout_usecs = DEFAULT_PACKET_TIMEOUT * 1000000; static pqueue_t *pq_head = NULL, *pq_tail = NULL; /* contains a list of free queue elements.*/ static pqueue_t *pq_freelist_head = NULL; static int pqueue_alloc(int seq, unsigned char *packet, int packlen, pqueue_t **new) { pqueue_t *newent; DEBUG_CMD(syslog(LOG_DEBUG, "seq=%d, packlen=%d", seq, packlen);); /* search the freelist for one that has sufficient space */ if (pq_freelist_head) { for (newent = pq_freelist_head; newent; newent = newent->next) { if (newent->capacity >= packlen) { /* unlink from freelist */ if (pq_freelist_head == newent) pq_freelist_head = newent->next; if (newent->prev) newent->prev->next = newent->next; if (newent->next) newent->next->prev = newent->prev; if (pq_freelist_head) pq_freelist_head->prev = NULL; break; } /* end if capacity >= packlen */ } /* end for */ /* nothing found? Take first and reallocate it */ if (NULL == newent) { newent = pq_freelist_head; pq_freelist_head = pq_freelist_head->next; if (pq_freelist_head) pq_freelist_head->prev = NULL; DEBUG_CMD(syslog(LOG_DEBUG, "realloc capacity %d to %d",newent->capacity, packlen);); newent->packet = (unsigned char *)realloc(newent->packet, packlen); if (!newent->packet) { syslog(LOG_WARNING, "error reallocating packet: %s", strerror(errno)); return -1; } newent->capacity = packlen; } DEBUG_CMD(syslog(LOG_DEBUG, "Recycle entry from freelist. Capacity: %d", newent->capacity);); } else { /* allocate a new one */ newent = (pqueue_t *)malloc( sizeof(pqueue_t) ); if (!newent) { syslog(LOG_WARNING, "error allocating newent: %s", strerror(errno)); return -1; } newent->capacity = 0; DEBUG_CMD(syslog(LOG_DEBUG, "Alloc new queue entry");); } if ( ! newent->capacity ) { /* a new queue entry was allocated. Allocate the packet buffer */ int size = packlen < MIN_CAPACITY ? MIN_CAPACITY : packlen; /* Allocate at least MIN_CAPACITY */ DEBUG_CMD(syslog(LOG_DEBUG, "allocating for packet size %d", size);); newent->packet = (unsigned char *)malloc(size); if (!newent->packet) { syslog(LOG_WARNING, "error allocating packet: %s", strerror(errno)); return -1; } newent->capacity = size; } /* endif ! capacity */ assert( newent->capacity >= packlen ); /* store the contents into the buffer */ memcpy(newent->packet, packet, packlen); newent->next = newent->prev = NULL; newent->seq = seq; newent->packlen = packlen; gettimeofday(&newent->expires, NULL); newent->expires.tv_usec += packet_timeout_usecs; newent->expires.tv_sec += (newent->expires.tv_usec / 1000000); newent->expires.tv_usec %= 1000000; *new = newent; return 0; } int pqueue_add (int seq, unsigned char *packet, int packlen) { pqueue_t *newent, *point; /* get a new entry */ if ( 0 != pqueue_alloc(seq, packet, packlen, &newent) ) { return -1; } for (point = pq_head; point != NULL; point = point->next) { if (point->seq == seq) { // queue already contains this packet syslog(LOG_WARNING, "discarding duplicate packet %d", seq); pqueue_del(newent); return -1; } if (point->seq > seq) { // gone too far: point->seq > seq and point->prev->seq < seq if (point->prev) { // insert between point->prev and point DEBUG_CMD(syslog(LOG_DEBUG, "adding %d between %d and %d", seq, point->prev->seq, point->seq);); point->prev->next = newent; } else { // insert at head of queue, before point DEBUG_CMD(syslog(LOG_DEBUG, "adding %d before %d", seq, point->seq);); pq_head = newent; } newent->prev = point->prev; // will be NULL, at head of queue newent->next = point; point->prev = newent; return 0; } } /* We didn't find anywhere to insert the packet, * so there are no packets in the queue with higher sequences than this one, * so all the packets in the queue have lower sequences, * so this packet belongs at the end of the queue (which might be empty) */ if (pq_head == NULL) { DEBUG_CMD(syslog(LOG_DEBUG, "adding %d to empty queue", seq);); pq_head = newent; } else { DEBUG_CMD(syslog(LOG_DEBUG, "adding %d as tail, after %d", seq, pq_tail->seq);); pq_tail->next = newent; } newent->prev = pq_tail; pq_tail = newent; return 0; } int pqueue_del (pqueue_t *point) { DEBUG_CMD(syslog(LOG_DEBUG, "Move seq %d to freelist", point->seq);); /* unlink from pq */ if (pq_head == point) pq_head = point->next; if (pq_tail == point) pq_tail = point->prev; if (point->prev) point->prev->next = point->next; if (point->next) point->next->prev = point->prev; /* add point to the freelist */ point->next = pq_freelist_head; point->prev = NULL; if (point->next) point->next->prev = point; pq_freelist_head = point; DEBUG_CMD( int pq_count = 0; int pq_freelist_count = 0; pqueue_t *point; for ( point = pq_head; point ; point = point->next) { ++pq_count; } for ( point = pq_freelist_head; point ; point = point->next) { ++pq_freelist_count; } syslog(LOG_DEBUG, "queue length is %d, freelist length is %d", pq_count, pq_freelist_count); ); return 0; } pqueue_t *pqueue_head () { return pq_head; } int pqueue_expiry_time (pqueue_t *entry) { struct timeval tv; int expiry_time; gettimeofday(&tv, NULL); expiry_time = (entry->expires.tv_sec - tv.tv_sec) * 1000000; expiry_time += (entry->expires.tv_usec - tv.tv_usec); return expiry_time; } pptpd-1.4.0/our_getopt.h0000664000175000017500000001367212231653055012141 00000000000000/* * our_getopt.h * * Header file for the getopt_long deprived. */ /* Declarations for getopt. Copyright (C) 1989,90,91,92,93,94,96,97,98 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. The GNU C Library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License for more details. You should have received a copy of the GNU Library General Public License along with the GNU C Library; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #ifndef _GETOPT_H #ifndef __need_getopt # define _GETOPT_H 1 #endif #ifdef __cplusplus extern "C" { #endif /* For communication from `getopt' to the caller. When `getopt' finds an option that takes an argument, the argument value is returned here. Also, when `ordering' is RETURN_IN_ORDER, each non-option ARGV-element is returned here. */ extern char *optarg; /* Index in ARGV of the next element to be scanned. This is used for communication to and from the caller and for communication between successive calls to `getopt'. On entry to `getopt', zero means this is the first call; initialize. When `getopt' returns -1, this is the index of the first of the non-option elements that the caller should itself scan. Otherwise, `optind' communicates from one call to the next how much of ARGV has been scanned so far. */ extern int optind; /* Callers store zero here to inhibit the error message `getopt' prints for unrecognized options. */ extern int opterr; /* Set to an option character which was unrecognized. */ extern int optopt; #ifndef __need_getopt /* Describe the long-named options requested by the application. The LONG_OPTIONS argument to getopt_long or getopt_long_only is a vector of `struct option' terminated by an element containing a name which is zero. The field `has_arg' is: no_argument (or 0) if the option does not take an argument, required_argument (or 1) if the option requires an argument, optional_argument (or 2) if the option takes an optional argument. If the field `flag' is not NULL, it points to a variable that is set to the value given in the field `val' when the option is found, but left unchanged if the option is not found. To have a long-named option do something other than set an `int' to a compiled-in constant, such as set a value from `optarg', set the option's `flag' field to zero and its `val' field to a nonzero value (the equivalent single-letter option character, if there is one). For long options that have a zero `flag' field, `getopt' returns the contents of the `val' field. */ struct option { # if defined __STDC__ && __STDC__ const char *name; # else char *name; # endif /* has_arg can't be an enum because some compilers complain about type mismatches in all the code that assumes it is an int. */ int has_arg; int *flag; int val; }; /* Names for the values of the `has_arg' field of `struct option'. */ # define no_argument 0 # define required_argument 1 # define optional_argument 2 #endif /* need getopt */ /* Get definitions and prototypes for functions to process the arguments in ARGV (ARGC of them, minus the program name) for options given in OPTS. Return the option character from OPTS just read. Return -1 when there are no more options. For unrecognized options, or options missing arguments, `optopt' is set to the option letter, and '?' is returned. The OPTS string is a list of characters which are recognized option letters, optionally followed by colons, specifying that that letter takes an argument, to be placed in `optarg'. If a letter in OPTS is followed by two colons, its argument is optional. This behavior is specific to the GNU `getopt'. The argument `--' causes premature termination of argument scanning, explicitly telling `getopt' that there are no more options. If OPTS begins with `--', then non-option arguments are treated as arguments to the option '\0'. This behavior is specific to the GNU `getopt'. */ #if defined __STDC__ && __STDC__ # ifdef __GNU_LIBRARY__ /* Many other libraries have conflicting prototypes for getopt, with differences in the consts, in stdlib.h. To avoid compilation errors, only prototype getopt for the GNU C library. */ extern int getopt (int __argc, char *const *__argv, const char *__shortopts); # else /* not __GNU_LIBRARY__ */ extern int getopt (); # endif /* __GNU_LIBRARY__ */ # ifndef __need_getopt extern int getopt_long (int __argc, char *const *__argv, const char *__shortopts, const struct option *__longopts, int *__longind); extern int getopt_long_only (int __argc, char *const *__argv, const char *__shortopts, const struct option *__longopts, int *__longind); /* Internal only. Users should not call this directly. */ extern int _getopt_internal (int __argc, char *const *__argv, const char *__shortopts, const struct option *__longopts, int *__longind, int __long_only); # endif #else /* not __STDC__ */ extern int getopt (); # ifndef __need_getopt extern int getopt_long (); extern int getopt_long_only (); extern int _getopt_internal (); # endif #endif /* __STDC__ */ #ifdef __cplusplus } #endif /* Make sure we later can get all the definitions and declarations. */ #undef __need_getopt #endif /* getopt.h */ pptpd-1.4.0/configure.in0000664000175000017500000001513112231672170012101 00000000000000AC_INIT(pptpmanager.c) AM_CONFIG_HEADER(config.h) AM_INIT_AUTOMAKE(pptpd,1.4.0) # check common command line options early AC_DEFINE(PPP_BINARY, "/usr/sbin/pppd") AC_MSG_CHECKING(command line for use of BSD PPP) AC_ARG_WITH(bsdppp, [ --with-bsdppp Use BSD user-space ppp ], [ case "$withval" in yes) AC_MSG_RESULT(BSD user-space ppp) AC_DEFINE(BSDUSER_PPP) BSDUSER_PPP=$with_bsdppp AC_DEFINE(PPP_BINARY, "/usr/sbin/ppp") break; ;; no) AC_MSG_RESULT(explicit standard pppd) ;; *) # only yes or no are expected for this option AC_MSG_RESULT(unrecognised... terminating) exit 1 ;; esac ], [AC_MSG_RESULT(default standard pppd)]) AC_MSG_CHECKING(command line for use of SLIRP) AC_ARG_WITH(slirp, [ --with-slirp Use SLIRP instead of pppd ], [ case "$withval" in yes) AC_MSG_RESULT(yes) AC_DEFINE(SLIRP) SLIRP=$with_slirp AC_DEFINE(PPP_BINARY, "/bin/slirp") break; ;; no) AC_MSG_RESULT(explicit no) ;; *) # only yes or no are expected for this option AC_MSG_RESULT(unrecognised... terminating) exit 1 ;; esac ], [AC_MSG_RESULT(default no)]) AC_MSG_CHECKING(command line for syslog facility name) AC_ARG_ENABLE(facility, [ --enable-facility=name Use another syslog facility, default LOG_DAEMON ], [ AC_MSG_RESULT($enableval) AC_DEFINE_UNQUOTED(PPTP_FACILITY, $enableval) ], [ AC_MSG_RESULT(default LOG_DAEMON) AC_DEFINE_UNQUOTED(PPTP_FACILITY, LOG_DAEMON) ]) AC_MSG_CHECKING(command line for bcrelay build) AC_ARG_ENABLE(bcrelay, [ --enable-bcrelay Enable broadcast relay function ], [ case "$enableval" in yes) AC_MSG_RESULT(yes) AC_DEFINE(BCRELAY) BCRELAY=$enableval break; ;; no) AC_MSG_RESULT(explicit no) ;; *) # only yes or no are expected for this option AC_MSG_RESULT(unrecognised... terminating) exit 1 ;; esac ], [AC_MSG_RESULT(default no)]) AC_MSG_CHECKING(command line for VRF build) AC_ARG_ENABLE(vrf, [ --enable-vrf Enable support for VRFs], [ case "$enableval" in yes) AC_MSG_RESULT(yes) VRF=$enableval ;; no) AC_MSG_RESULT(explicit no) ;; *) AC_MSG_RESULT(unrecognised... terminating) exit 1 ;; esac ], [AC_MSG_RESULT(default no)]) AC_PROG_CC AC_PROG_RANLIB AC_PROG_INSTALL AC_PROG_LN_S AC_PROG_MAKE_SET AC_C_CONST AC_C_INLINE AC_EXEEXT AC_OBJEXT AC_SYS_INTERPRETER AC_CHECK_FUNCS(setsid daemon setproctitle getservbyname strlcpy fork memmove strerror writev) AC_CHECK_HEADERS(pty.h) AC_CHECK_HEADERS(string.h) AC_CHECK_HEADERS(syslog.h) AC_CHECK_HEADERS(libintl.h) AC_CHECK_HEADERS(libutil.h) AC_CHECK_HEADERS(sys/uio.h) AC_CHECK_TYPE(size_t, unsigned int) AC_CHECK_TYPE(ssize_t, int) AC_CHECK_TYPE(u_int8_t, unsigned char) AC_CHECK_TYPE(u_int16_t, unsigned short) AC_CHECK_TYPE(u_int32_t, unsigned int) dnl Check for type in sys/socket.h - from Squid source (GPL) AC_CACHE_CHECK(for socklen_t, ac_cv_type_socklen_t, [ AC_EGREP_CPP([socklen_t[^a-zA-Z_0-9]], [#include #include #if STDC_HEADERS #include #include #endif], ac_cv_type_socklen_t=yes, ac_cv_type_socklen_t=no) ]) if test $ac_cv_type_socklen_t = no; then AC_DEFINE(socklen_t, int) fi dnl Check for libwrap (black magic check) AC_ARG_WITH(libwrap, [ --with-libwrap Use libwrap (tcp wrappers) ], [ if test "$with_libwrap" = "yes"; then XYZZY_LIBS="$LIBS" AC_MSG_CHECKING(for libwrap alone) LIBS="$XYZZY_LIBS -lwrap" AC_TRY_LINK([ int allow_severity, deny_severity; ], [ hosts_access(); ], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_LIBWRAP) LIBWRAP="yes" XTRALIBS_MGR="-lwrap" ], [ AC_MSG_RESULT(no) LIBS="$XYZZY_LIBS -lwrap -lnsl" AC_MSG_CHECKING(for libwrap with libnsl) AC_TRY_LINK([ int allow_severity, deny_severity; ], [ hosts_access(); ], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_LIBWRAP) LIBWRAP="yes" XTRALIBS_MGR="-lwrap -lnsl" ], [ AC_MSG_RESULT(no) ]) ]) LIBS="$XYZZY_LIBS" fi ]) dnl More ugliness; -lnsl, -lutil and -lsocket XYZZY_LIBS="$LIBS" AC_CHECK_LIB(c, accept) AC_CHECK_LIB(c, gethostbyname) AC_CHECK_LIB(c, openpty) AC_CHECK_LIB(c, gettext) AC_CHECK_LIB(socket, accept) AC_CHECK_LIB(nsl, gethostbyname) AC_CHECK_LIB(util, openpty) AC_CHECK_LIB(intl, gettext) LIBS="$XYZZY_LIBS" if test "$ac_cv_lib_c_accept" = no; then if test "$ac_cv_lib_socket_accept" = yes; then LIBS="$LIBS -lsocket" else echo "Couldn't find a usable accept!" 1>&2 exit 1 fi fi if test "$ac_cv_lib_c_gethostbyname" = no; then if test "$ac_cv_lib_nsl_gethostbyname" = yes; then LIBS="$LIBS -lnsl" if test "$XTRALIBS_MGR" = "-lwrap -lnsl"; then XTRALIBS_MGR="-lwrap" fi else echo "Couldn't find a usable gethostbyname!" 1>&2 exit 1 fi fi if test "$ac_cv_lib_c_openpty" = yes; then AC_DEFINE(HAVE_OPENPTY) else if test "$ac_cv_lib_util_openpty" = yes; then AC_DEFINE(HAVE_OPENPTY) XTRALIBS_CTRL="-lutil" fi fi if test "$ac_cv_header_libintl_h" = yes; then if test "$ac_cv_lib_c_gettext" = no; then if test "$ac_cv_lib_intl_gettext" = yes; then XTRALIBS_MGR = "$XTRALIBS_MGR -lintl" else echo "Have libintl.h but no usable gettext!" 1>&2 exit 1 fi fi fi if test "$BCRELAY" = "yes"; then if test "$BCRELAY" = "yes"; then XTRA_PROG="bcrelay" true else echo "No BCrelay selected." 1>&2 fi fi if test "$VRF" = "yes"; then AC_CHECKING([for vrf Library and Header files]) AC_CHECK_HEADER(vrf.h, , AC_MSG_ERROR([vrf headers were not found]) ) AC_CHECK_LIB(vrf, vrf_socket, [ AC_DEFINE(VRF, 1, [Use vrf_socket from vrf library]) XTRALIBS_CTRL="$XTRALIBS_CTRL -lvrf" XTRALIBS_MGR="$XTRALIBS_MGR -lvrf" ], [ AC_MSG_ERROR(vrf library was not found) ]) fi AC_SUBST(XTRALIBS_CTRL) AC_SUBST(XTRALIBS_MGR) AC_SUBST(XTRA_PROG) AC_SUBST(HAVE_OPENPTY) echo '===============================================================================' echo 'Configuration chosen:' echo -n ' PPPd: ' if test "$BSDUSER_PPP" = "yes"; then echo 'BSD user-space PPPd.' else if test "$SLIRP" = "yes"; then echo 'SLIRP.' else echo 'Standard.' fi fi echo -n ' LIBWRAP security: ' if test "$LIBWRAP" = "yes"; then echo 'Yes.' else echo 'No.' fi echo -n ' Broadcast Relay: ' if test "$BCRELAY" = "yes"; then echo 'Yes.' else echo 'No.' fi echo -n ' VRF support: ' if test "$VRF" = "yes"; then echo 'Yes.' else echo 'No.' fi AC_CACHE_SAVE AC_OUTPUT(Makefile) pptpd-1.4.0/README.cvs0000664000175000017500000000167412231672170011251 0000000000000020131023 file obsolete after migration to git 20040425 a) the main CVS module "poptop" is no longer the stable version, it is all versions, and the HEAD is unstable. b) CVS tags have been added: poptop-1_1_3-a is the previous stable version tag. (before merging 1.1.4 changes with 1.1.3 head) pptpd-1_2_0-b1 is the first beta of the new release. pptpd-1_2_0-b2 is the second beta of the new release. pptpd-1_2_0-b3 is the third beta of the new release. See "man cvs" for how to check out or track a tag release. c) the secondary CVS module "poptop-1.1.3" is deprecated, but HEAD contains 1.1.4-b4. d) 1.1.4-b4 plus a few minor edits has been released to a small test team as 1.2.0-b2. Results will be published when known. Other testers welcome; write to me. CVS Tags (module poptop) cvs tag -F pptpd-1_2_0-b3 cvs tag -F pptpd-1_2_0-b2 cvs tag -F poptop-1_1_3-a (before merging 1.1.4 changes with 1.1.3 head) pptpd-1.4.0/TODO0000644000175000017500000001142112110522672010251 00000000000000This is the pptpd project TODO list. (Note: tasks that are probably easy are marked with a [JJ], which means Junior Jobs, following the KDE tradition suggested by Adriaan de Groot in May 2004.) 20060714-1, 1.3.2, bcrelay is built even if --enable-bcrelay is not used. 20050105-1, 1.2.1, denial of service, for ten seconds (or --stimeout) the pptpd will not process further connections while it waits for a client to send data. The second select() will prevent any further accept() calls. To be tested. 20041108-0, 1.2.1, vpnstats does not parse RHEL3 log output successfully. It also creates a cron.weekly entry that is not removed when the package is removed. Yet to test if vpnstats.pl works okay. [JJ] 20040811-0, 1.2.1, RFC2637 timers IDLE_WAIT and MAX_ECHO_WAIT, in pptpdefs.h, make these configurable, requested by Tobias Brox. [JJ] 20040623-0, 1.2.1, "Plugin /usr/lib/pptpd/pptpd-logwtmp.so is for pppd version 2.4.2, this is 2.4.3" happens if pppd 2.4.3 is installed, or vice versa if 2.4.2 is installed. [JJ] Workaround on common distributions is to use makepackage instead of "make install". pptpd.init is also affected, as it has a hardcoded path to pptpd. Configure script should detect or accept version of pppd to build against. 20040521-4, 1.2.0-b3, running on Fedora Core 1, kernel ? , when a connection arrives a warning is issued by the kernel "application bug: pptpctrl($PID) has SIGCHLD set to SIG_IGN but calls wait(). (see the NOTES section of 'man 2 wait'). Workaround activated." 20040521-0, 1.2.0-b3, write bcrelay man page. (Debian lintian for pptpd 1.1.4-0b4-1) [JJ] feature: nuke prior login by user, by writing a new pppd plugin. feature: prevent login by user if prior login still in progress, using pppd plugin that captures old hook and re-uses it, during chap auth. 20040428-7, CVS HEAD, minor, pptpctrl.c refers to hard coded path /usr/lib/pptpd/pptpd-logwtmp.so instead of path derived from prefix given to configure script. also, the rpm build fails if not run in a fakeroot. review debian bug reports for pptpd package http://bugs.debian.org/pptpd 20040426-0 bug: terminating immediately on CALL_CLR_RQST from client (1.2.0-b3) may violate the RFC, but was done to fix zombie pppd, Bruno will try older version to gather system state information to see why it happened, but there is indeed a design defect that doesn't reap (wait() on the PID of) the pppd it had previously forked. it probably isn't right to simply kill() the pppd until it has had a chance to finish up, e.g. ip-down scripts. context is pptpctrl.c. on the other hand, if a stop control connection request arrives, are the active connections supposed to be closed; there are reports of pppd living on. minor bug: pptpctrl.c:302 (1.11) there is a test for absolute file descriptor numbers, which is probably not portable. bug: 1.2.0-b3 configfile.c opens, reads and closes /etc/pptpd.conf as many times as there are possible option values, and only returns the first match for a keyword, not the last. 20030214, ignore EPERM on GRE write for a short time in case netfilter is being adjusted by ip-up scripts, Bug #181005. 20030801, 1.1.3, XP seems to need mtu negotiation 4 lower than serverside. MS PPTP-server handles this correctly. 20030620, 1.1.3, PPTP daemon waiting for infinite time if the pptpd.conf file does not have a new line character at the EOF. So we need a config-check routine. It is allready there, but it seems to output to stdout. 20030611, 1.1.3, pptpd incorrectly hides all pppd error output. This is a defect and should be fixed. It apparently doesn't even wait for and report the pppd exit status. 20030526, 1.1.3, Make choice between slirp, pppd and BSD userspace PPPD a runtime one instead of compile time. 20030218, 1.1.3, ask IP-info from a real DHCP-server. It is possible to get a Radius-server to do this. 20030128, 1.1.3, Make the logentries more verbose, so that they actually mean something to the admins. 20021220, 1.1.3, Add a way to define pools for different usergroups. 19990802, 1.1.3, We don't actually implement any kind of window protocol, congestion control, etc, etc. Very simple algorithm which works well on LANs and good performance links but could be improved for slow distant dialups/bad routing and links. 19990705, 1.1.3, PNS mode and all things which go with it aren't supported properly. We're only an IP tunnelling PAC, and our clients act as a PNS, as per the draft. We may implement PNS mode and related things like multiple calls from one client IP in the future (post-1.0). 19990413, 1.1.3, SET LINK INFO (CTRL Message 15) is not fully implemented. This doesn't cause any problem with Win95/98/NT or Linux clients. NT clients send a default set of ACCMs which we validate and ignore, the others don't send anything. Probably fine for all IP tunneling clients (post-1.0). pptpd-1.4.0/Makefile.am0000664000175000017500000000703412231672170011627 00000000000000# We have our own, simpler dependencies stuff in 'reconf' AUTOMAKE_OPTIONS = no-dependencies foreign @SET_MAKE@ export LIBDIR=$(libdir)/pptpd INCLUDES = -I. ## Change this if you don't have gcc ## -pedantic removed for now (OpenBSD header files). ## -Werror removed for now (getopt stuff on OSF/1 throws a ## warning with -Wmissing-prototypes). ## -Wmissing-prototypes removed (eg, Linux 2.2.6 headers ## aren't up to it). CFLAGS = -O2 -fno-builtin -Wall -DSBINDIR='"$(sbindir)"' #CFLAGS = -O2 -fno-builtin -Wall -ansi -DSBINDIR='"$(sbindir)"' #CFLAGS = -O2 -fno-builtin -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"' man_MANS = pptpctrl.8 pptpd.8 pptpd.conf.5 bcrelay.8 EXTRA_DIST = \ html README* ChangeLog NEWS TODO $(man_MANS) \ samples/chap-secrets samples/options.pptpd samples/pptpd.conf \ Makefile.uClinux config.embed.h version reconf \ tools/pptp-portslave tools/vpnstats tools/vpnstats.pl tools/vpnuser \ pptpd.init pptpd.spec makepackage \ plugins/Makefile plugins/*.h plugins/*.c \ debian/README.debian debian/changelog debian/conffiles debian/config \ debian/control debian/copyright debian/dirs debian/docs \ debian/examples debian/pptpd-options debian/pptpd.conf \ debian/pptpd.init debian/pptpdconfig.pl debian/rules debian/templates \ debian/po/POTFILES.in debian/po/fr.po debian/po/pt_BR.po \ debian/po/templates.pot EXTRA_PROGRAMS = sbin_PROGRAMS = pptpd pptpctrl bcrelay # Header files are only used to determine what to put in a distribution, not # for dependencies, so just attribute them all to pptpd. pptpd_SOURCES = \ pqueue.c pptpd.c configfile.c pptpmanager.c compat.c inststr.c getopt.c getopt1.c \ pqueue.h compat.h configfile.h ctrlpacket.h defaults.h inststr.h our_getopt.h \ our_syslog.h ppphdlc.h pptpctrl.h pptpdefs.h pptpgre.h pptpmanager.h pptpctrl_SOURCES = \ pqueue.c pptpctrl.c ctrlpacket.c inststr.c compat.c pptpgre.c ppphdlc.c pptpd_LDADD = $(XTRALIBS_MGR) pptpctrl_LDADD = $(XTRALIBS_CTRL) bcrelay_SOURCES = bcrelay.c defaults.h our_syslog.h our_getopt.h subdirs = plugins all-local: for d in $(subdirs); do $(MAKE) $(MFLAGS) -C $$d all; done install-exec-local: for d in $(subdirs); do $(MAKE) $(MFLAGS) -C $$d prefix=$(prefix) DESTDIR=$(DESTDIR) install; done clean-local: for d in $(subdirs); do $(MAKE) $(MFLAGS) -C $$d clean; done uninstall-local: for d in $(subdirs); do $(MAKE) $(MFLAGS) -C $$d prefix=$(prefix) DESTDIR=$(DESTDIR) uninstall; done package: deb rpm deb: fakeroot dpkg-buildpackage -us -uc rpm: fakeroot rpmbuild -ta pptpd-$(VERSION).tar.gz ##CLEANFILES = ## DO NOT ADD BELOW THIS POINT, DEPS ARE AUTOMATICALLY ADDED bcrelay.o: bcrelay.c config.h defaults.h our_syslog.h our_getopt.h compat.o: compat.c config.h compat.h our_syslog.h inststr.h configfile.o: configfile.c config.h defaults.h configfile.h our_syslog.h ctrlpacket.o: ctrlpacket.c config.h our_syslog.h pptpdefs.h pptpctrl.h \ ctrlpacket.h compat.h getopt.o: getopt.c config.h our_getopt.h getopt1.o: getopt1.c config.h our_getopt.h inststr.o: inststr.c config.h inststr.h compat.h ppphdlc.o: ppphdlc.c config.h ppphdlc.h pptpctrl.o: pptpctrl.c config.h our_syslog.h compat.h pptpctrl.h \ pptpgre.h pptpdefs.h ctrlpacket.h defaults.h pptpd.o: pptpd.c config.h our_syslog.h our_getopt.h configfile.h \ defaults.h compat.h pptpmanager.h pptpgre.o: pptpgre.c config.h our_syslog.h ppphdlc.h pptpgre.h pptpdefs.h \ pptpctrl.h defaults.h pqueue.h compat.h pptpmanager.o: pptpmanager.c config.h our_syslog.h configfile.h \ defaults.h pptpctrl.h pptpdefs.h pptpmanager.h compat.h pqueue.o: pqueue.c pqueue.h pptpd-1.4.0/README.portslave0000644000175000017500000000054112110522672012460 00000000000000Contributed by Russell Coker on Debian Bug#126486. /etc/pptp.conf: option /etc/ppp/pptp.options localip 192.168.236.133 # refer pptpd to use the pptp-portslave script instead of regular pppd pppd /usr/sbin/pptp-portslave /etc/portslave/pslave.conf: # configure it as usual, but with lines defined for pseudo-tty devices s{1000-1063}.tty pts/{0-63} pptpd-1.4.0/mkinstalldirs0000755000175000017500000000132612110522672012372 00000000000000#! /bin/sh # mkinstalldirs --- make directory hierarchy # Author: Noah Friedman # Created: 1993-05-16 # Public domain # $Id: mkinstalldirs,v 1.1 2002/06/21 08:52:00 fenix_nl Exp $ errstatus=0 for file do set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'` shift pathcomp= for d do pathcomp="$pathcomp$d" case "$pathcomp" in -* ) pathcomp=./$pathcomp ;; esac if test ! -d "$pathcomp"; then echo "mkdir $pathcomp" mkdir "$pathcomp" || lasterr=$? if test ! -d "$pathcomp"; then errstatus=$lasterr fi fi pathcomp="$pathcomp/" done done exit $errstatus # mkinstalldirs ends here pptpd-1.4.0/pptpd.c0000664000175000017500000007136612231653111011071 00000000000000/* * pptpd.c * * Grabs any command line argument and processes any further options in * the pptpd config file, before throwing over to pptpmanager.c. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifdef __linux__ #define _GNU_SOURCE 1 /* strdup() prototype, broken arpa/inet.h */ #endif #ifdef __svr4__ #define __EXTENSIONS__ 1 /* strdup() prototype */ #endif #ifdef __sgi__ #define _XOPEN_SOURCE 500 /* strdup() prototype */ #endif #include "our_syslog.h" #include "our_getopt.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include "configfile.h" #include "defaults.h" #include "compat.h" #include "pptpmanager.h" #ifdef CONFIG_NETtel #include #endif /* command line arg variables */ char *ppp_binary = NULL; char *pppdoptstr = NULL; char *speedstr = NULL; char *bindaddr = NULL; #ifdef VRF char *vrf = NULL; #endif #ifdef BCRELAY char *bcrelay = NULL; #endif int pptp_debug = 0; int pptp_noipparam = 0; int pptp_logwtmp = 0; int pptp_delegate = 0; int pptp_stimeout = STIMEOUT_DEFAULT; int pptp_connections = CONNECTIONS_DEFAULT; /* Local prototypes */ static void processIPStr(int type, char *ipstr); #ifndef HAVE_DAEMON static void my_daemon(int argc, char **argv); #endif static void log_pid(char *pid_file); static char *lookup(char *); #ifdef BCRELAY static void launch_bcrelay(); static pid_t bcrelayfork; #endif static void showusage(char *prog) { printf("\npptpd v%s\n", VERSION); printf("Usage: pptpd [options], where options are:\n\n"); #ifdef BCRELAY #define OPT_BCRELAY "b" printf(" [-b] [--bcrelay if] Use broadcast relay for broadcasts comming from.\n"); printf(" the specified interface (default is eth1).\n"); #else #define OPT_BCRELAY "" #endif printf(" [-c] [--conf file] Specifies the config file to read default\n"); printf(" settings from (default is %s).\n", PPTPD_CONFIG_FILE_DEFAULT); printf(" [-d] [--debug] Turns on debugging (to syslog).\n"); printf(" [-e] [--ppp file] Use alternate pppd binary, default %s.\n", PPP_BINARY); printf(" [-f] [--fg] Run in foreground.\n"); printf(" [-h] [--help] Displays this help message.\n"); printf(" [-i] [--noipparam] Suppress the passing of the client's IP address\n"); printf(" to PPP, which is done by default otherwise.\n"); printf(" [-l] [--listen x.x.x.x] Specifies IP of local interface to listen to.\n"); #ifdef VRF #define OPT_VRFA "V:" #define OPT_VRF "V" printf(" [-V] [--vrf name] Use given VRF for GRE/TCP sockets.\n"); #else #define OPT_VRFA "" #define OPT_VRF "" #endif #if !defined(BSDUSER_PPP) printf(" [-o] [--option file] Specifies the PPP options file to use\n"); printf(" (default is /etc/ppp/options).\n"); #endif printf(" [-p] [--pidfile file] Specifies the file to write the process ID to\n"); printf(" (default is /var/run/pptpd.pid).\n"); #if !defined(BSDUSER_PPP) printf(" [-s] [--speed baud] Specifies the baud speed for the PPP daemon\n"); printf(" (default is 115200).\n"); #endif printf(" [-t] [--stimeout seconds] Specifies the timeout for the first packet. This is a DOS protection\n"); printf(" (default is 10).\n"); printf(" [-v] [--version] Displays the pptpd version number.\n"); printf(" [-w] [--logwtmp] Update wtmp as users login.\n"); printf(" [-C] [--connections n] Limit on number of connections.\n"); printf(" [-D] [--delegate] Delegate IP allocation to pppd.\n"); printf("\n\nLogs and debugging go to syslog as DAEMON."); printf("\n\nCommand line options will override any default settings and any settings\n"); printf("specified in the config file (default config file: %s).\n\n", PPTPD_CONFIG_FILE_DEFAULT); } static void showversion() { printf("pptpd v%s\n", VERSION); } int main(int argc, char **argv) { /* command line options */ int c; /* function-local options */ int foreground = FALSE; char *pid_file = NULL; /* config file */ char *configFile = NULL; /* config file parsing temp strings */ char tmp[MAX_CONFIG_STRING_SIZE], *tmpstr; /* open a connection to the syslog daemon */ openlog("pptpd", LOG_PID, PPTP_FACILITY); /* process command line options */ while (1) { int option_index = 0; char *optstring = OPT_BCRELAY ":c:de:fhil:o:p:s:t:vwC:D" OPT_VRFA; static struct option long_options[] = { #ifdef BCRELAY {"bcrelay", 1, 0, 0}, #endif {"conf", 1, 0, 0}, {"debug", 0, 0, 0}, {"ppp", 1, 0, 0}, {"fg", 0, 0, 0}, {"help", 0, 0, 0}, {"noipparam", 0, 0, 0}, {"listen", 1, 0, 0}, {"option", 1, 0, 0}, {"pidfile", 1, 0, 0}, {"speed", 1, 0, 0}, {"stimeout", 1, 0, 0}, {"version", 0, 0, 0}, {"logwtmp", 0, 0, 0}, {"connections", 1, 0, 0}, {"delegate", 0, 0, 0}, #ifdef VRF {"vrf", 1, 0, 0}, #endif {0, 0, 0, 0} }; c = getopt_long(argc, argv, optstring, long_options, &option_index); if (c == -1) break; /* convert long options to short form */ if (c == 0) c = OPT_BCRELAY "cdefhilopstvwCD" OPT_VRF [option_index]; switch (c) { #ifdef BCRELAY case 'b': /* --bcrelay */ if (bcrelay) free(bcrelay); bcrelay = strdup(optarg); break; #endif case 'l': /* --listen */ tmpstr = lookup(optarg); if (!tmpstr) { syslog(LOG_ERR, "MGR: Invalid listening address: %s!", optarg); return 1; } if (bindaddr) free(bindaddr); bindaddr = strdup(tmpstr); break; #ifdef VRF case 'V': /* --vrf */ if (vrf) free(vrf); vrf = strdup(optarg); break; #endif case 'h': /* --help */ showusage(argv[0]); return 0; case 'i': /* --noipparam */ pptp_noipparam = TRUE; break; case 'e': /* --ppp */ if (ppp_binary) free(ppp_binary); ppp_binary = strdup(optarg); break; case 'd': /* --debug */ pptp_debug = TRUE; break; case 'f': /* --fg */ foreground = TRUE; break; case 'v': /* --version */ showversion(); return 0; case 'w': /* --logwtmp */ pptp_logwtmp = TRUE; break; case 'C': /* --connections */ pptp_connections = atoi(optarg); break; case 'D': /* --delegate */ pptp_delegate = TRUE; break; case 'o': /* --option */ if (pppdoptstr) free(pppdoptstr); pppdoptstr = strdup(optarg); break; case 'p': /* --pidfile */ if (pid_file) free(pid_file); pid_file = strdup(optarg); break; case 's': /* --speed */ if (speedstr) free(speedstr); speedstr = strdup(optarg); break; case 't': /* --stimeout */ pptp_stimeout = atoi(optarg); break; case 'c': /* --conf */ { FILE *f; if (!(f = fopen(optarg, "r"))) { syslog(LOG_ERR, "MGR: Config file not found!"); return 1; } fclose(f); if(configFile) free(configFile); configFile = strdup(optarg); break; } default: showusage(argv[0]); return 1; } } /* Now that we have all the command line args.. lets open the * conf file and add anything else (remembering not to override * anything since the command line has more privilages :-) */ if (!configFile) configFile = strdup(PPTPD_CONFIG_FILE_DEFAULT); if (read_config_file(configFile, CONNECTIONS_KEYWORD, tmp) > 0) { pptp_connections = atoi(tmp); if (pptp_connections <= 0) pptp_connections = CONNECTIONS_DEFAULT; } slot_init(pptp_connections); if (!pptp_debug && read_config_file(configFile, DEBUG_KEYWORD, tmp) > 0) pptp_debug = TRUE; #ifdef BCRELAY if (!bcrelay && read_config_file(configFile, BCRELAY_KEYWORD, tmp) > 0) bcrelay = strdup(tmp); #endif if (!pptp_stimeout && read_config_file(configFile, STIMEOUT_KEYWORD, tmp) > 0) { pptp_stimeout = atoi(tmp); if (pptp_stimeout <= 0) pptp_stimeout = STIMEOUT_DEFAULT; } if (!pptp_noipparam && read_config_file(configFile, NOIPPARAM_KEYWORD, tmp) > 0) { pptp_noipparam = TRUE; } if (!bindaddr && read_config_file(configFile, LISTEN_KEYWORD, tmp) > 0) { tmpstr = lookup(tmp); if(!tmpstr) { syslog(LOG_ERR, "MGR: Invalid listening address: %s!", tmp); return 1; } bindaddr = strdup(tmpstr); } #ifdef VRF if (!vrf && read_config_file(configFile, VRF_KEYWORD, tmp) > 0) { vrf = strdup(tmp); } #endif if (!speedstr && read_config_file(configFile, SPEED_KEYWORD, tmp) > 0) speedstr = strdup(tmp); if (!pppdoptstr && read_config_file(configFile, PPPD_OPTION_KEYWORD, tmp) > 0) { pppdoptstr = strdup(tmp); } if (!ppp_binary && read_config_file(configFile, PPP_BINARY_KEYWORD, tmp) > 0) { ppp_binary = strdup(tmp); } if (!pptp_logwtmp && read_config_file(configFile, LOGWTMP_KEYWORD, tmp) > 0) { pptp_logwtmp = TRUE; } if (!pptp_delegate && read_config_file(configFile, DELEGATE_KEYWORD, tmp) > 0) { pptp_delegate = TRUE; } if (!pid_file) pid_file = strdup((read_config_file(configFile, PIDFILE_KEYWORD, tmp) > 0) ? tmp : PIDFILE_DEFAULT); if (!pptp_delegate) { /* NOTE: remote then local, reason can be seen at the end of processIPStr */ /* grab the remoteip string from the config file */ if (read_config_file(configFile, REMOTEIP_KEYWORD, tmp) <= 0) { /* use "smart" defaults */ strlcpy(tmp, DEFAULT_REMOTE_IP_LIST, sizeof(tmp)); } processIPStr(REMOTE, tmp); /* grab the localip string from the config file */ if (read_config_file(configFile, LOCALIP_KEYWORD, tmp) <= 0) { /* use "smart" defaults */ strlcpy(tmp, DEFAULT_LOCAL_IP_LIST, sizeof(tmp)); } processIPStr(LOCAL, tmp); } free(configFile); /* if not yet set, adopt default PPP binary path */ if (!ppp_binary) ppp_binary = strdup(PPP_BINARY); /* check that the PPP binary is executable */ if (access(ppp_binary, X_OK) < 0) { syslog(LOG_ERR, "MGR: PPP binary %s not executable", ppp_binary); return 1; } /* check that the PPP options file is readable */ if (pppdoptstr && access(pppdoptstr, R_OK) < 0) { syslog(LOG_ERR, "MGR: PPP options file %s not readable", pppdoptstr); return 1; } #ifdef BCRELAY /* check that the bcrelay binary is executable */ if (bcrelay && access(BCRELAY_BIN, X_OK) < 0) { syslog(LOG_ERR, "MGR: bcrelay binary %s not executable", BCRELAY_BIN); return 1; } #endif if (!foreground) { #if HAVE_DAEMON closelog(); if (freopen("/dev/null", "r", stdin) == NULL) { syslog_perror("freopen"); } if (daemon(0, 0) == -1) { syslog_perror("daemon"); } /* returns to child only */ /* pid will have changed */ openlog("pptpd", LOG_PID, PPTP_FACILITY); #else /* !HAVE_DAEMON */ my_daemon(argc, argv); /* returns to child if !HAVE_FORK * never returns if HAVE_FORK (re-execs with -f) */ #endif } #ifdef BCRELAY if (bcrelay) { syslog(LOG_DEBUG, "CTRL: BCrelay incoming interface is %s", bcrelay); /* Launch BCrelay */ #ifndef HAVE_FORK switch(bcrelayfork = vfork()){ #else switch(bcrelayfork = fork()){ #endif case -1: /* fork() error */ syslog(LOG_ERR, "CTRL: Error forking to exec bcrelay"); _exit(1); case 0: /* child */ syslog(LOG_DEBUG, "CTRL (BCrelay Launcher): Launching BCrelay with pid %i", bcrelayfork); launch_bcrelay(); syslog(LOG_ERR, "CTRL (BCrelay Launcher): Failed to launch BCrelay."); _exit(1); } } /* End bcrelay */ #endif #ifdef CONFIG_NETtel /* turn the NETtel VPN LED on */ ledman_cmd(LEDMAN_CMD_ON, LEDMAN_VPN); #endif /* after we have our final pid... */ log_pid(pid_file); /* manage connections until SIGTERM */ pptp_manager(argc, argv); #ifdef BCRELAY if (bcrelayfork > 0) { syslog(LOG_DEBUG, "CTRL: Closing child BCrelay with pid %i", bcrelayfork); kill(bcrelayfork, SIGTERM); } #endif slot_free(); return 0; } static void log_pid(char *pid_file) { FILE *f; pid_t pid; pid = getpid(); if ((f = fopen(pid_file, "w")) == NULL) { syslog(LOG_ERR, "PPTPD: failed to open(%s), errno=%d\n", pid_file, errno); return; } fprintf(f, "%d\n", pid); fclose(f); } #ifndef HAVE_DAEMON static void my_daemon(int argc, char **argv) { #ifndef HAVE_FORK /* need to use vfork - eg, uClinux */ char **new_argv; int pid; extern char **environ; int fdr; new_argv = malloc((argc + 2) * sizeof(char **)); fdr = open("/dev/null", O_RDONLY); syslog(LOG_INFO, "MGR: Option parse OK, re-execing as daemon"); fflush(stderr); if ((pid = vfork()) == 0) { if (fdr != 0) { dup2(fdr, 0); close(fdr); } SETSIDPGRP(); chdir("/"); umask(0); memcpy(new_argv + 1, argv, (argc + 1) * sizeof(char **)); new_argv[0] = PPTPD_BIN; new_argv[1] = "-f"; execve(PPTPD_BIN, new_argv, environ); _exit(1); } else if (pid > 0) { exit(0); } else { syslog_perror("vfork"); exit(1); } #else int pid; closelog(); if ((pid = fork()) < 0) { syslog_perror("fork"); exit(1); } else if (pid) exit(0); if (freopen("/dev/null", "r", stdin) == NULL) { syslog_perror("freopen"); } SETSIDPGRP(); chdir("/"); umask(0); /* pid will have changed */ openlog("pptpd", LOG_PID, PPTP_FACILITY); #endif } #endif /* added for hostname/address lookup -tmk * returns NULL if not a valid hostname */ static char *lookup(char *hostname) { struct hostent *ent; struct in_addr hst_addr; /* Try to parse IP directly */ if (inet_addr(hostname) != -1) return hostname; /* Else lookup hostname, return NULL if it fails */ if ((ent = gethostbyname(hostname)) == NULL) return NULL; /* That worked, print it back as a dotted quad. */ memcpy(&hst_addr.s_addr, ent->h_addr, ent->h_length); return inet_ntoa(hst_addr); } #define DEBUG_IP_PARSER 0 /* Return the address or NULL if not valid */ static char *validip(char *hostname) { /* Try to parse IP directly */ if (inet_addr(hostname) != -1) return hostname; else return NULL; } /* Check if it's a valid IP range */ static int isIpRange(char *str) { int dashes = 0; int dots = 0; #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Checking if %s is a valid IP range", str); #endif do { if (*str == '-') dashes++; else if (*str == '.') dots++; else if (!strchr("0123456789", *str)) { #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Not an IP range: character %c is not valid", *str); #endif return 0; } } while (*++str); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Dashes = %d (wanted: 1), Dots = %d (wanted: 4)", dashes, dots); #endif return (dashes == 1 && dots == 3); } /* process a type 0 (LOCAL) or type 1 (REMOTE) IP string */ static void processIPStr(int type, char *ipstr) { int pos; char *tmpstr; /* char tmpstr2[20]; xxx.xxx.xxx.xxx-xxx (largest we can get) */ char tmpstr2[128]; /* allow hostnames */ char *tmpstr3; char tmpstr5[16]; char *tmpstr6; char *tmpstr7; int num; char ipa[8]; /* xxx-xxx (largest we can get) */ char ipb[8]; char ipc[8]; char ipd[8]; char ip_pre[13]; /* xxx.xxx.xxx. (largest we can get) */ char ip_post[13]; char ipl[4]; char ipu[4]; int bail = FALSE; /* so we know when to stop formatting the ip line */ int lower, upper, n; num = 0; while (!bail) { if ((tmpstr = strchr(ipstr, ',')) == NULL) { /* last (or only) entry reached */ strlcpy(tmpstr2, ipstr, sizeof(tmpstr2)); bail = TRUE; } else { pos = tmpstr - ipstr; ipstr[pos] = '\0'; strlcpy(tmpstr2, ipstr, sizeof(tmpstr2)); ipstr = tmpstr + 1; } #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Parsing segment: %s", tmpstr2); #endif if (!isIpRange(tmpstr2)) { /* We got a normal IP * Check if the IP address is valid, use it if so */ if ((tmpstr7 = lookup(tmpstr2)) == NULL) { syslog(LOG_ERR, "MGR: Bad IP address (%s) in config file!", tmpstr2); exit(1); } if (num == pptp_connections) { syslog(LOG_WARNING, "MGR: connections limit (%d) reached, extra IP addresses ignored", pptp_connections); return; } #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Setting IP %d = %s", num, tmpstr7); #endif if (type == LOCAL) slot_set_local(num, tmpstr7); else slot_set_remote(num, tmpstr7); num++; } else { /* Got a range; * eg. 192.168.0.234-238 * or (thanx Kev! :-).. i thought i was finished :-) * 192.168-178.1.231 */ /* lose the "."'s */ while ((tmpstr3 = strchr(tmpstr2, '.')) != NULL) { pos = tmpstr3 - tmpstr2; tmpstr2[pos] = ' '; } if ((tmpstr3 = strchr(tmpstr2, '-')) == NULL || strchr(tmpstr3 + 1, '-') != NULL) { syslog(LOG_ERR, "MGR: Confused in IP parse routines (multiple hyphens)"); continue; } /* should be left with "192 168 0 234-238" * or 192 168-178 1 231 */ sscanf(tmpstr2, "%7s %7s %7s %7s", ipa, ipb, ipc, ipd); if ((tmpstr6 = strchr(ipd, '-')) != NULL) { pos = tmpstr6 - ipd; ipd[pos] = ' '; sscanf(ipd, "%3s %3s", ipl, ipu); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: (lower upper) = (%s %s)", ipl, ipu); #endif lower = atoi(ipl); upper = atoi(ipu); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Range = %d to %d on 4th segment", lower, upper); #endif sprintf(ip_pre, "%.3s.%.3s.%.3s.", ipa, ipb, ipc); ip_post[0] = '\0'; #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Pre = %s Post = %s", ip_pre, ip_post); #endif } else if ((tmpstr6 = strchr(ipc, '-')) != NULL) { pos = tmpstr6 - ipc; ipc[pos] = ' '; sscanf(ipc, "%3s %3s", ipl, ipu); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: (lower upper) = (%s %s)", ipl, ipu); #endif lower = atoi(ipl); upper = atoi(ipu); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Range = %d to %d on 3rd segment", lower, upper); #endif sprintf(ip_pre, "%.3s.%.3s.", ipa, ipb); sprintf(ip_post, ".%.3s", ipd); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Pre = %s Post = %s", ip_pre, ip_post); #endif } else if ((tmpstr6 = strchr(ipb, '-')) != NULL) { pos = tmpstr6 - ipb; ipb[pos] = ' '; sscanf(ipb, "%3s %3s", ipl, ipu); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: (lower upper) = (%s %s)", ipl, ipu); #endif lower = atoi(ipl); upper = atoi(ipu); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Range = %d to %d on 2nd segment", lower, upper); #endif sprintf(ip_pre, "%.3s.", ipa); sprintf(ip_post, ".%.3s.%.3s", ipc, ipd); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Pre = %s Post = %s", ip_pre, ip_post); #endif } else if ((tmpstr6 = strchr(ipa, '-')) != NULL) { pos = tmpstr6 - ipa; ipa[pos] = ' '; sscanf(ipa, "%3s %3s", ipl, ipu); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: (lower upper) = (%s %s)", ipl, ipu); #endif lower = atoi(ipl); upper = atoi(ipu); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Range = %d to %d on 1st segment", lower, upper); #endif ip_pre[0] = '\0'; sprintf(ip_post, ".%.3s.%.3s.%.3s", ipb, ipc, ipd); #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Pre = %s Post = %s", ip_pre, ip_post); #endif } else { syslog(LOG_ERR, "MGR: Confused in IP parse routines (lost hyphen)"); continue; } if (upper < lower) { syslog(LOG_ERR, "MGR: Bad %s IP range: %s", (type == LOCAL) ? "local" : "remote", ipstr); exit(1); } for (n = lower; n <= upper; n++) { sprintf(tmpstr5, "%s%d%s", ip_pre, n, ip_post); /* Check if the ip address is valid */ if ((tmpstr7 = validip(tmpstr5)) == NULL) { syslog(LOG_ERR, "MGR: Bad IP address (%s) in config file!", tmpstr5); exit(1); } if (num == pptp_connections) { syslog(LOG_WARNING, "MGR: connections limit (%d) reached, extra IP addresses ignored", pptp_connections); return; } #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Setting IP %d = %s", num, tmpstr7); #endif if (type == LOCAL) slot_set_local(num, tmpstr7); else slot_set_remote(num, tmpstr7); num++; } } } if (num == 1 && type == LOCAL && pptp_connections > 1) { #if DEBUG_IP_PARSER syslog(LOG_DEBUG, "MGR: Setting all %d local IPs to %s", pptp_connections, slot_get_local(0)); #endif for (n = 1; n < pptp_connections; n++) slot_set_local(n, slot_get_local(0)); } else if (pptp_connections > num) { syslog(LOG_INFO, "MGR: Maximum of %d connections reduced to %d, not enough IP addresses given", pptp_connections, num); pptp_connections = num; } } #ifdef BCRELAY /* launch_bcrelay * Launches broadcast relay. Broadcast relay is responsible for relaying broadcasts to the clients * retn: 0 on success, -1 on failure. */ static void launch_bcrelay() { char *bcrelay_argv[8]; int an = 0; if (bcrelay) { syslog(LOG_DEBUG, "MGR: BCrelay incoming interface is %s", bcrelay); syslog(LOG_DEBUG, "MGR: BCrelay outgoing interface is regexp ppp[0-9].*"); bcrelay_argv[an++] = BCRELAY_BIN; bcrelay_argv[an++] = "-i"; bcrelay_argv[an++] = bcrelay; bcrelay_argv[an++] = "-o"; bcrelay_argv[an++] = "ppp[0-9].*"; if (!pptp_debug) { bcrelay_argv[an++] = "-n"; } bcrelay_argv[an++] = NULL; execvp(bcrelay_argv[0], bcrelay_argv); } } #endif pptpd-1.4.0/pptpd.spec0000664000175000017500000001267312231672170011603 00000000000000%{!?__id_u: %define __id_u %([ -x /bin/id ]&&echo /bin/id||([ -x /usr/bin/id ]&&echo /usr/bin/id|| echo /bin/true)) -u} # Available rpmbuild options: # # --without libwrap # --with bsdppp # --with slirp # --with ipalloc # --without bcrelay # %define ppp_version %(rpm -q --qf='%{Version}\\n' ppp) Summary: PoPToP Point to Point Tunneling Server Name: pptpd Version: 1.4.0 Release: 1%{?dist} License: GPL Group: Applications/Internet URL: http://poptop.sourceforge.net/ Source0: http://dl.sf.net/poptop/pptpd-%{version}.tar.gz Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: ppp = %{ppp_version} BuildRequires: ppp %if %{?_without_libwrap:0}%{!?_without_libwrap:1} BuildRequires: tcp_wrappers %endif Requires(post): /sbin/chkconfig Requires(preun): /sbin/chkconfig, /sbin/service Requires(postun): /sbin/service %description This implements a Virtual Private Networking (VPN) Server that is compatible with Microsoft VPN clients. It allows windows users to connect to an internal firewalled network using their dialup. %prep %setup -q date +'#define DATE "%d %b %y"' > plugins/patchlevel.h echo '#define VERSION "%{ppp_version}"' >> plugins/patchlevel.h # Fix permissions for debuginfo package %{__chmod} 644 *.[ch] # Fix for distros with %{_libdir} = /usr/lib64 %{__perl} -pi -e 's,/usr/lib/pptpd,%{_libdir}/pptpd,;' pptpctrl.c %build %configure \ %{!?_without_libwrap:--with-libwrap} \ %{?_without_libwrap:--without-libwrap} \ %{!?_with_bsdppp:--without-bsdppp} \ %{?_with_bsdppp:--with-bsdppp} \ %{!?_with_slirp:--without-slirp} \ %{?_with_slirp:--with-slirp} \ %{!?_with_ipalloc:--without-pppd-ip-alloc} \ %{?_with_ipalloc:--with-pppd-ip-alloc} \ %{!?_without_bcrelay:--with-bcrelay} \ %{?_without_bcrelay:--without-bcrelay} %{__make} CFLAGS='-fno-builtin -fPIC -DSBINDIR=\"%{_sbindir}\" %{optflags}' %install %{__rm} -rf %{buildroot} %{__mkdir_p} %{buildroot}/etc/rc.d/init.d %{__mkdir_p} %{buildroot}/etc/ppp %{__mkdir_p} %{buildroot}%{_bindir} %{__mkdir_p} %{buildroot}%{_mandir}/man{5,8} %{__make} \ DESTDIR=%{buildroot} \ INSTALL=%{__install} \ LIBDIR=%{buildroot}%{_libdir}/pptpd \ install %{__install} -m 0755 pptpd.init %{buildroot}/etc/rc.d/init.d/pptpd %{__install} -m 0644 samples/pptpd.conf %{buildroot}/etc/pptpd.conf %{__install} -m 0644 samples/options.pptpd %{buildroot}/etc/ppp/options.pptpd %{__install} -m 0755 tools/vpnuser %{buildroot}%{_bindir}/vpnuser %{__install} -m 0755 tools/vpnstats.pl %{buildroot}%{_bindir}/vpnstats.pl %{__install} -m 0755 tools/pptp-portslave %{buildroot}%{_sbindir}/pptp-portslave %{__install} -m 0644 pptpd.conf.5 %{buildroot}%{_mandir}/man5/pptpd.conf.5 %{__install} -m 0644 pptpd.8 %{buildroot}%{_mandir}/man8/pptpd.8 %{__install} -m 0644 pptpctrl.8 %{buildroot}%{_mandir}/man8/pptpctrl.8 %post /sbin/chkconfig --add pptpd || : OUTD="" ; for i in d manager ctrl ; do test -x /sbin/pptp$i && OUTD="$OUTD /sbin/pptp$i" ; done test -z "$OUTD" || \ { echo "possible outdated executable detected; we now use %{_sbindir}/pptp*, perhaps you should run the following command:"; echo "rm -i $OUTD" ;} %postun [ $1 -gt 0 ] && /sbin/service pptpd condrestart &> /dev/null || : %preun if [ "$1" -lt 1 ]; then /sbin/service pptpd stop &> /dev/null || : /sbin/chkconfig --del pptpd || : fi %clean %{__rm} -rf %{buildroot} %files %defattr(-,root,root,0755) %doc AUTHORS COPYING README* TODO ChangeLog* samples %{_sbindir}/pptpd %{_sbindir}/pptpctrl %{_sbindir}/pptp-portslave %{!?_without_bcrelay:%{_sbindir}/bcrelay} %{_libdir}/pptpd/pptpd-logwtmp.so %{_bindir}/vpnuser %{_bindir}/vpnstats.pl %{_mandir}/man5/pptpd.conf.5* %{_mandir}/man8/pptpd.8* %{_mandir}/man8/pptpctrl.8* /etc/rc.d/init.d/pptpd %config(noreplace) /etc/pptpd.conf %config(noreplace) /etc/ppp/options.pptpd %changelog * Thu Aug 30 2012 Charlie Brady 1.3.4-2 - Update pptpd-logwtmp plugin version compatibility to match buildsys ppp version. - Enforce ppp version compatibility via strict dependency. - Remove 'INSTALL' file from documentation directory * Tue Sep 5 2006 Paul Howarth - 1.3.3-1 - Update to 1.3.3 - Add dist tag - Add %%postun scriptlet dependency for /sbin/service * Fri Mar 31 2006 Paul Howarth - 1.3.1-1 - Update to 1.3.1 * Fri Mar 31 2006 Paul Howarth - 1.3.0-1 - update to 1.3.0 - remove redundant macro definitions - change Group: to one listed in rpm's GROUPS file - use full URL for source - simplify conditional build code - use macros for destination directories - honour %%{optflags} - general spec file cleanup - initscript updates: don't enable the service by default add reload and condrestart options - condrestart service on package upgrade - fix build on x86_64 - add buildreq tcp_wrappers * Fri Feb 18 2005 James Cameron - fix to use ppp 2.4.3 for plugin * Thu Nov 11 2004 James Cameron - adjust for building on Red Hat Enterprise Linux, per Charlie Brady - remove vpnstats, superceded by vpnstats.pl * Fri May 21 2004 James Cameron - adjust for packaging naming and test * Fri Apr 23 2004 James Cameron - include vpnwho.pl * Thu Apr 22 2004 James Cameron - change description wording - change URL for upstream - release first candidate for 1.2.0 * Fri Jul 18 2003 R. de Vroede - Check the ChangeLog files. pptpd-1.4.0/pptpgre.h0000664000175000017500000000430312231653131011415 00000000000000/* * pptpgre.h * * Functions to handle the GRE en/decapsulation */ #ifndef _PPTPD_PPTPGRE_H #define _PPTPD_PPTPGRE_H extern int decaps_hdlc(int fd, int (*cb) (int cl, void *pack, unsigned len), int cl); extern int encaps_hdlc(int fd, void *pack, unsigned len); extern int decaps_gre(int fd, int (*cb) (int cl, void *pack, unsigned len), int cl); extern int encaps_gre(int fd, void *pack, unsigned len); extern int pptp_gre_init(u_int32_t call_id_pair, int pty_fd, struct in_addr *inetaddrs); struct gre_state { u_int32_t ack_sent, ack_recv; u_int32_t seq_sent, seq_recv; u_int32_t call_id_pair; }; extern int disable_buffer; typedef struct pack_track { uint32_t seq; // seq no of this tracked packet uint64_t time; // time when this tracked packet was sent (in usecs) } pack_track_t; typedef struct gre_stats { /* statistics for GRE receive */ uint32_t rx_accepted; // data packet was passed to pppd uint32_t rx_lost; // data packet did not arrive before timeout uint32_t rx_underwin; // data packet was under window (arrived too late // or duplicate packet) uint32_t rx_overwin; // data packet was over window // (too many packets lost?) uint32_t rx_buffered; // data packet arrived earlier than expected, // packet(s) before it were lost or reordered uint32_t rx_errors; // OS error on receive uint32_t rx_truncated; // truncated packet uint32_t rx_invalid; // wrong protocol or invalid flags uint32_t rx_acks; // acknowledgement only /* statistics for GRE transmit */ uint32_t tx_sent; // data packet write() to GRE socket succeeded uint32_t tx_failed; // data packet write() to GRE socket returned error uint32_t tx_short; // data packet write() to GRE socket underflowed uint32_t tx_acks; // sent packet with just ACK uint32_t tx_oversize; // data packet dropped because it was too large /* statistics for packet tracking, for RTT calculation */ pack_track_t pt; // last data packet seq/time int rtt; // estimated round-trip time in us } gre_stats_t; extern gre_stats_t stats; #endif /* !_PPTPD_PPTPGRE_H */ pptpd-1.4.0/Makefile.uClinux0000664000175000017500000000346012231672170012660 00000000000000 PACKAGE = pptpd EXEC1 = pptpd OBJS1 = pptpd.o configfile.o pptpmanager.o compat.o getopt.o getopt1.o $(LIBRESOLV) EXEC2 = pptpctrl OBJS2 = pptpctrl.o ctrlpacket.o inststr.o compat.o pptpgre.o ppphdlc.o EXEC3 = bcrelay OBJS3 = bcrelay.o CFLAGS += -include config.embed.h -DPACKAGE='"$(PACKAGE)"' -DVERSION='"$(pptpd.VERSION).$(pptpd.PATCHLEVEL).$(pptpd.SUBLEVEL)"' FLTFLAGS += -s 8192 ifdef BUILD_NETtel CFLAGS += -DCONFIG_NETtel endif all: $(EXEC1) $(EXEC2) $(EXEC3) $(EXEC1): $(OBJS1) $(CC) $(LDFLAGS) -o $@ $(OBJS1) $(LDLIBS) $(EXEC2): $(OBJS2) $(CC) $(LDFLAGS) -o $@ $(OBJS2) $(LDLIBS) $(EXEC3): $(OBJS3) $(CC) $(LDFLAGS) -o $@ $(OBJS3) $(LDLIBS) clean: -rm -f $(EXEC1) $(EXEC2) $(EXEC3) *.elf *.o ## DO NOT ADD BELOW THIS POINT, DEPS ARE AUTOMATICALLY ADDED bcrelay.o: bcrelay.c config.embed.h defaults.h our_syslog.h our_getopt.h compat.o: compat.c config.embed.h compat.h our_syslog.h inststr.h configfile.o: configfile.c config.embed.h defaults.h configfile.h \ our_syslog.h ctrlpacket.o: ctrlpacket.c config.embed.h our_syslog.h pptpdefs.h \ pptpctrl.h ctrlpacket.h compat.h getopt.o: getopt.c config.embed.h our_getopt.h getopt1.o: getopt1.c config.embed.h our_getopt.h inststr.o: inststr.c config.embed.h inststr.h compat.h ppphdlc.o: ppphdlc.c config.embed.h ppphdlc.h pptpctrl.o: pptpctrl.c config.embed.h our_syslog.h compat.h pptpctrl.h \ pptpgre.h pptpdefs.h ctrlpacket.h defaults.h pptpd.o: pptpd.c config.embed.h our_syslog.h our_getopt.h configfile.h \ defaults.h compat.h pptpmanager.h pptpgre.o: pptpgre.c config.embed.h our_syslog.h ppphdlc.h pptpgre.h \ pptpdefs.h pptpctrl.h defaults.h pqueue.h compat.h pptpmanager.o: pptpmanager.c config.embed.h our_syslog.h configfile.h \ defaults.h pptpctrl.h pptpdefs.h pptpmanager.h compat.h pqueue.o: pqueue.c config.embed.h pqueue.h pptpd-1.4.0/getopt.c0000664000175000017500000010335112231653034011236 00000000000000/* * getopt.c * * Ripped from GLIBC - original copyright follows * * NOTE: Changed to make dependencies work better: * * changed to "config.h" * * #include "our_getopt.h" near #define ELIDE_CODE */ /* Getopt for GNU. NOTE: getopt is now part of the C library, so if you don't know what "Keep this file name-space clean" means, talk to drepper@gnu.org before changing it! Copyright (C) 1987, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99 Free Software Foundation, Inc. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. The GNU C Library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License for more details. You should have received a copy of the GNU Library General Public License along with the GNU C Library; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* This tells Alpha OSF/1 not to define a getopt prototype in . Ditto for AIX 3.2 and . */ #ifndef _NO_PROTO # define _NO_PROTO #endif #ifdef HAVE_CONFIG_H # include "config.h" #endif #if !defined __STDC__ || !__STDC__ /* This is a separate conditional since some stdc systems reject `defined (const)'. */ # ifndef const # define const # endif #endif #include /* Comment out all this code if we are using the GNU C Library, and are not actually compiling the library itself. This code is part of the GNU C Library, but also included in many other GNU distributions. Compiling and linking in this code is a waste when using the GNU C library (especially if it is a shared library). Rather than having every GNU program understand `configure --with-gnu-libc' and omit the object files, it is simpler to just do this in the source for each such file. */ #define GETOPT_INTERFACE_VERSION 2 #if !defined _LIBC && defined __GLIBC__ && __GLIBC__ >= 2 # include # if _GNU_GETOPT_INTERFACE_VERSION == GETOPT_INTERFACE_VERSION # define ELIDE_CODE # include "our_getopt.h" /* for dependency consistency */ # endif #endif #ifndef ELIDE_CODE /* This needs to come after some library #include to get __GNU_LIBRARY__ defined. */ #ifdef __GNU_LIBRARY__ /* Don't include stdlib.h for non-GNU C libraries because some of them contain conflicting prototypes for getopt. */ # include # include #endif /* GNU C library. */ #ifdef VMS # include # if HAVE_STRING_H - 0 # include # endif #endif #ifndef _ /* This is for other GNU distributions with internationalized messages. When compiling libc, the _ macro is predefined. */ # ifdef HAVE_LIBINTL_H # include # define _(msgid) gettext (msgid) # else # define _(msgid) (msgid) # endif #endif /* This version of `getopt' appears to the caller like standard Unix `getopt' but it behaves differently for the user, since it allows the user to intersperse the options with the other arguments. As `getopt' works, it permutes the elements of ARGV so that, when it is done, all the options precede everything else. Thus all application programs are extended to handle flexible argument order. Setting the environment variable POSIXLY_CORRECT disables permutation. Then the behavior is completely standard. GNU application programs can use a third alternative mode in which they can distinguish the relative order of options and other arguments. */ #include "our_getopt.h" /* For communication from `getopt' to the caller. When `getopt' finds an option that takes an argument, the argument value is returned here. Also, when `ordering' is RETURN_IN_ORDER, each non-option ARGV-element is returned here. */ char *optarg; /* Index in ARGV of the next element to be scanned. This is used for communication to and from the caller and for communication between successive calls to `getopt'. On entry to `getopt', zero means this is the first call; initialize. When `getopt' returns -1, this is the index of the first of the non-option elements that the caller should itself scan. Otherwise, `optind' communicates from one call to the next how much of ARGV has been scanned so far. */ /* 1003.2 says this must be 1 before any call. */ int optind = 1; /* Formerly, initialization of getopt depended on optind==0, which causes problems with re-calling getopt as programs generally don't know that. */ int __getopt_initialized; /* The next char to be scanned in the option-element in which the last option character we returned was found. This allows us to pick up the scan where we left off. If this is zero, or a null string, it means resume the scan by advancing to the next ARGV-element. */ static char *nextchar; /* Callers store zero here to inhibit the error message for unrecognized options. */ int opterr = 1; /* Set to an option character which was unrecognized. This must be initialized on some systems to avoid linking in the system's own getopt implementation. */ int optopt = '?'; /* Describe how to deal with options that follow non-option ARGV-elements. If the caller did not specify anything, the default is REQUIRE_ORDER if the environment variable POSIXLY_CORRECT is defined, PERMUTE otherwise. REQUIRE_ORDER means don't recognize them as options; stop option processing when the first non-option is seen. This is what Unix does. This mode of operation is selected by either setting the environment variable POSIXLY_CORRECT, or using `+' as the first character of the list of option characters. PERMUTE is the default. We permute the contents of ARGV as we scan, so that eventually all the non-options are at the end. This allows options to be given in any order, even with programs that were not written to expect this. RETURN_IN_ORDER is an option available to programs that were written to expect options and other ARGV-elements in any order and that care about the ordering of the two. We describe each non-option ARGV-element as if it were the argument of an option with character code 1. Using `-' as the first character of the list of option characters selects this mode of operation. The special argument `--' forces an end of option-scanning regardless of the value of `ordering'. In the case of RETURN_IN_ORDER, only `--' can cause `getopt' to return -1 with `optind' != ARGC. */ static enum { REQUIRE_ORDER, PERMUTE, RETURN_IN_ORDER } ordering; /* Value of POSIXLY_CORRECT environment variable. */ static char *posixly_correct; #ifdef __GNU_LIBRARY__ /* We want to avoid inclusion of string.h with non-GNU libraries because there are many ways it can cause trouble. On some systems, it contains special magic macros that don't work in GCC. */ # include # define my_index strchr #else # if HAVE_STRING_H # include # else # include # endif /* Avoid depending on library functions or files whose names are inconsistent. */ #ifndef getenv extern char *getenv (); #endif static char * my_index (str, chr) const char *str; int chr; { while (*str) { if (*str == chr) return (char *) str; str++; } return 0; } /* If using GCC, we can safely declare strlen this way. If not using GCC, it is ok not to declare it. */ #ifdef __GNUC__ /* Note that Motorola Delta 68k R3V7 comes with GCC but not stddef.h. That was relevant to code that was here before. */ # if (!defined __STDC__ || !__STDC__) && !defined strlen /* gcc with -traditional declares the built-in strlen to return int, and has done so at least since version 2.4.5. -- rms. */ extern int strlen (const char *); # endif /* not __STDC__ */ #endif /* __GNUC__ */ #endif /* not __GNU_LIBRARY__ */ /* Handle permutation of arguments. */ /* Describe the part of ARGV that contains non-options that have been skipped. `first_nonopt' is the index in ARGV of the first of them; `last_nonopt' is the index after the last of them. */ static int first_nonopt; static int last_nonopt; #ifdef _LIBC /* Bash 2.0 gives us an environment variable containing flags indicating ARGV elements that should not be considered arguments. */ /* Defined in getopt_init.c */ extern char *__getopt_nonoption_flags; static int nonoption_flags_max_len; static int nonoption_flags_len; static int original_argc; static char *const *original_argv; /* Make sure the environment variable bash 2.0 puts in the environment is valid for the getopt call we must make sure that the ARGV passed to getopt is that one passed to the process. */ static void __attribute__ ((unused)) store_args_and_env (int argc, char *const *argv) { /* XXX This is no good solution. We should rather copy the args so that we can compare them later. But we must not use malloc(3). */ original_argc = argc; original_argv = argv; } # ifdef text_set_element text_set_element (__libc_subinit, store_args_and_env); # endif /* text_set_element */ # define SWAP_FLAGS(ch1, ch2) \ if (nonoption_flags_len > 0) \ { \ char __tmp = __getopt_nonoption_flags[ch1]; \ __getopt_nonoption_flags[ch1] = __getopt_nonoption_flags[ch2]; \ __getopt_nonoption_flags[ch2] = __tmp; \ } #else /* !_LIBC */ # define SWAP_FLAGS(ch1, ch2) #endif /* _LIBC */ /* Exchange two adjacent subsequences of ARGV. One subsequence is elements [first_nonopt,last_nonopt) which contains all the non-options that have been skipped so far. The other is elements [last_nonopt,optind), which contains all the options processed since those non-options were skipped. `first_nonopt' and `last_nonopt' are relocated so that they describe the new indices of the non-options in ARGV after they are moved. */ #if defined __STDC__ && __STDC__ static void exchange (char **); #endif static void exchange (argv) char **argv; { int bottom = first_nonopt; int middle = last_nonopt; int top = optind; char *tem; /* Exchange the shorter segment with the far end of the longer segment. That puts the shorter segment into the right place. It leaves the longer segment in the right place overall, but it consists of two parts that need to be swapped next. */ #ifdef _LIBC /* First make sure the handling of the `__getopt_nonoption_flags' string can work normally. Our top argument must be in the range of the string. */ if (nonoption_flags_len > 0 && top >= nonoption_flags_max_len) { /* We must extend the array. The user plays games with us and presents new arguments. */ char *new_str = malloc (top + 1); if (new_str == NULL) nonoption_flags_len = nonoption_flags_max_len = 0; else { memset (__mempcpy (new_str, __getopt_nonoption_flags, nonoption_flags_max_len), '\0', top + 1 - nonoption_flags_max_len); nonoption_flags_max_len = top + 1; __getopt_nonoption_flags = new_str; } } #endif while (top > middle && middle > bottom) { if (top - middle > middle - bottom) { /* Bottom segment is the short one. */ int len = middle - bottom; register int i; /* Swap it with the top part of the top segment. */ for (i = 0; i < len; i++) { tem = argv[bottom + i]; argv[bottom + i] = argv[top - (middle - bottom) + i]; argv[top - (middle - bottom) + i] = tem; SWAP_FLAGS (bottom + i, top - (middle - bottom) + i); } /* Exclude the moved bottom segment from further swapping. */ top -= len; } else { /* Top segment is the short one. */ int len = top - middle; register int i; /* Swap it with the bottom part of the bottom segment. */ for (i = 0; i < len; i++) { tem = argv[bottom + i]; argv[bottom + i] = argv[middle + i]; argv[middle + i] = tem; SWAP_FLAGS (bottom + i, middle + i); } /* Exclude the moved top segment from further swapping. */ bottom += len; } } /* Update records for the slots the non-options now occupy. */ first_nonopt += (optind - last_nonopt); last_nonopt = optind; } /* Initialize the internal data when the first call is made. */ #if defined __STDC__ && __STDC__ static const char *_getopt_initialize (int, char *const *, const char *); #endif static const char * _getopt_initialize (argc, argv, optstring) int argc; char *const *argv; const char *optstring; { /* Start processing options with ARGV-element 1 (since ARGV-element 0 is the program name); the sequence of previously skipped non-option ARGV-elements is empty. */ first_nonopt = last_nonopt = optind; nextchar = NULL; posixly_correct = getenv ("POSIXLY_CORRECT"); /* Determine how to handle the ordering of options and nonoptions. */ if (optstring[0] == '-') { ordering = RETURN_IN_ORDER; ++optstring; } else if (optstring[0] == '+') { ordering = REQUIRE_ORDER; ++optstring; } else if (posixly_correct != NULL) ordering = REQUIRE_ORDER; else ordering = PERMUTE; #ifdef _LIBC if (posixly_correct == NULL && argc == original_argc && argv == original_argv) { if (nonoption_flags_max_len == 0) { if (__getopt_nonoption_flags == NULL || __getopt_nonoption_flags[0] == '\0') nonoption_flags_max_len = -1; else { const char *orig_str = __getopt_nonoption_flags; int len = nonoption_flags_max_len = strlen (orig_str); if (nonoption_flags_max_len < argc) nonoption_flags_max_len = argc; __getopt_nonoption_flags = (char *) malloc (nonoption_flags_max_len); if (__getopt_nonoption_flags == NULL) nonoption_flags_max_len = -1; else memset (__mempcpy (__getopt_nonoption_flags, orig_str, len), '\0', nonoption_flags_max_len - len); } } nonoption_flags_len = nonoption_flags_max_len; } else nonoption_flags_len = 0; #endif return optstring; } /* Scan elements of ARGV (whose length is ARGC) for option characters given in OPTSTRING. If an element of ARGV starts with '-', and is not exactly "-" or "--", then it is an option element. The characters of this element (aside from the initial '-') are option characters. If `getopt' is called repeatedly, it returns successively each of the option characters from each of the option elements. If `getopt' finds another option character, it returns that character, updating `optind' and `nextchar' so that the next call to `getopt' can resume the scan with the following option character or ARGV-element. If there are no more option characters, `getopt' returns -1. Then `optind' is the index in ARGV of the first ARGV-element that is not an option. (The ARGV-elements have been permuted so that those that are not options now come last.) OPTSTRING is a string containing the legitimate option characters. If an option character is seen that is not listed in OPTSTRING, return '?' after printing an error message. If you set `opterr' to zero, the error message is suppressed but we still return '?'. If a char in OPTSTRING is followed by a colon, that means it wants an arg, so the following text in the same ARGV-element, or the text of the following ARGV-element, is returned in `optarg'. Two colons mean an option that wants an optional arg; if there is text in the current ARGV-element, it is returned in `optarg', otherwise `optarg' is set to zero. If OPTSTRING starts with `-' or `+', it requests different methods of handling the non-option ARGV-elements. See the comments about RETURN_IN_ORDER and REQUIRE_ORDER, above. Long-named options begin with `--' instead of `-'. Their names may be abbreviated as long as the abbreviation is unique or is an exact match for some defined option. If they have an argument, it follows the option name in the same ARGV-element, separated from the option name by a `=', or else the in next ARGV-element. When `getopt' finds a long-named option, it returns 0 if that option's `flag' field is nonzero, the value of the option's `val' field if the `flag' field is zero. The elements of ARGV aren't really const, because we permute them. But we pretend they're const in the prototype to be compatible with other systems. LONGOPTS is a vector of `struct option' terminated by an element containing a name which is zero. LONGIND returns the index in LONGOPT of the long-named option found. It is only valid when a long-named option has been found by the most recent call. If LONG_ONLY is nonzero, '-' as well as '--' can introduce long-named options. */ int _getopt_internal (argc, argv, optstring, longopts, longind, long_only) int argc; char *const *argv; const char *optstring; const struct option *longopts; int *longind; int long_only; { optarg = NULL; if (optind == 0 || !__getopt_initialized) { if (optind == 0) optind = 1; /* Don't scan ARGV[0], the program name. */ optstring = _getopt_initialize (argc, argv, optstring); __getopt_initialized = 1; } /* Test whether ARGV[optind] points to a non-option argument. Either it does not have option syntax, or there is an environment flag from the shell indicating it is not an option. The later information is only used when the used in the GNU libc. */ #ifdef _LIBC # define NONOPTION_P (argv[optind][0] != '-' || argv[optind][1] == '\0' \ || (optind < nonoption_flags_len \ && __getopt_nonoption_flags[optind] == '1')) #else # define NONOPTION_P (argv[optind][0] != '-' || argv[optind][1] == '\0') #endif if (nextchar == NULL || *nextchar == '\0') { /* Advance to the next ARGV-element. */ /* Give FIRST_NONOPT & LAST_NONOPT rational values if OPTIND has been moved back by the user (who may also have changed the arguments). */ if (last_nonopt > optind) last_nonopt = optind; if (first_nonopt > optind) first_nonopt = optind; if (ordering == PERMUTE) { /* If we have just processed some options following some non-options, exchange them so that the options come first. */ if (first_nonopt != last_nonopt && last_nonopt != optind) exchange ((char **) argv); else if (last_nonopt != optind) first_nonopt = optind; /* Skip any additional non-options and extend the range of non-options previously skipped. */ while (optind < argc && NONOPTION_P) optind++; last_nonopt = optind; } /* The special ARGV-element `--' means premature end of options. Skip it like a null option, then exchange with previous non-options as if it were an option, then skip everything else like a non-option. */ if (optind != argc && !strcmp (argv[optind], "--")) { optind++; if (first_nonopt != last_nonopt && last_nonopt != optind) exchange ((char **) argv); else if (first_nonopt == last_nonopt) first_nonopt = optind; last_nonopt = argc; optind = argc; } /* If we have done all the ARGV-elements, stop the scan and back over any non-options that we skipped and permuted. */ if (optind == argc) { /* Set the next-arg-index to point at the non-options that we previously skipped, so the caller will digest them. */ if (first_nonopt != last_nonopt) optind = first_nonopt; return -1; } /* If we have come to a non-option and did not permute it, either stop the scan or describe it to the caller and pass it by. */ if (NONOPTION_P) { if (ordering == REQUIRE_ORDER) return -1; optarg = argv[optind++]; return 1; } /* We have found another option-ARGV-element. Skip the initial punctuation. */ nextchar = (argv[optind] + 1 + (longopts != NULL && argv[optind][1] == '-')); } /* Decode the current option-ARGV-element. */ /* Check whether the ARGV-element is a long option. If long_only and the ARGV-element has the form "-f", where f is a valid short option, don't consider it an abbreviated form of a long option that starts with f. Otherwise there would be no way to give the -f short option. On the other hand, if there's a long option "fubar" and the ARGV-element is "-fu", do consider that an abbreviation of the long option, just like "--fu", and not "-f" with arg "u". This distinction seems to be the most useful approach. */ if (longopts != NULL && (argv[optind][1] == '-' || (long_only && (argv[optind][2] || !my_index (optstring, argv[optind][1]))))) { char *nameend; const struct option *p; const struct option *pfound = NULL; int exact = 0; int ambig = 0; int indfound = -1; int option_index; for (nameend = nextchar; *nameend && *nameend != '='; nameend++) /* Do nothing. */ ; /* Test all long options for either exact match or abbreviated matches. */ for (p = longopts, option_index = 0; p->name; p++, option_index++) if (!strncmp (p->name, nextchar, nameend - nextchar)) { if ((unsigned int) (nameend - nextchar) == (unsigned int) strlen (p->name)) { /* Exact match found. */ pfound = p; indfound = option_index; exact = 1; break; } else if (pfound == NULL) { /* First nonexact match found. */ pfound = p; indfound = option_index; } else /* Second or later nonexact match found. */ ambig = 1; } if (ambig && !exact) { if (opterr) fprintf (stderr, _("%s: option `%s' is ambiguous\n"), argv[0], argv[optind]); nextchar += strlen (nextchar); optind++; optopt = 0; return '?'; } if (pfound != NULL) { option_index = indfound; optind++; if (*nameend) { /* Don't test has_arg with >, because some C compilers don't allow it to be used on enums. */ if (pfound->has_arg) optarg = nameend + 1; else { if (opterr) { if (argv[optind - 1][1] == '-') /* --option */ fprintf (stderr, _("%s: option `--%s' doesn't allow an argument\n"), argv[0], pfound->name); else /* +option or -option */ fprintf (stderr, _("%s: option `%c%s' doesn't allow an argument\n"), argv[0], argv[optind - 1][0], pfound->name); } nextchar += strlen (nextchar); optopt = pfound->val; return '?'; } } else if (pfound->has_arg == 1) { if (optind < argc) optarg = argv[optind++]; else { if (opterr) fprintf (stderr, _("%s: option `%s' requires an argument\n"), argv[0], argv[optind - 1]); nextchar += strlen (nextchar); optopt = pfound->val; return optstring[0] == ':' ? ':' : '?'; } } nextchar += strlen (nextchar); if (longind != NULL) *longind = option_index; if (pfound->flag) { *(pfound->flag) = pfound->val; return 0; } return pfound->val; } /* Can't find it as a long option. If this is not getopt_long_only, or the option starts with '--' or is not a valid short option, then it's an error. Otherwise interpret it as a short option. */ if (!long_only || argv[optind][1] == '-' || my_index (optstring, *nextchar) == NULL) { if (opterr) { if (argv[optind][1] == '-') /* --option */ fprintf (stderr, _("%s: unrecognized option `--%s'\n"), argv[0], nextchar); else /* +option or -option */ fprintf (stderr, _("%s: unrecognized option `%c%s'\n"), argv[0], argv[optind][0], nextchar); } nextchar = (char *) ""; optind++; optopt = 0; return '?'; } } /* Look at and handle the next short option-character. */ { char c = *nextchar++; char *temp = my_index (optstring, c); /* Increment `optind' when we start to process its last character. */ if (*nextchar == '\0') ++optind; if (temp == NULL || c == ':') { if (opterr) { if (posixly_correct) /* 1003.2 specifies the format of this message. */ fprintf (stderr, _("%s: illegal option -- %c\n"), argv[0], c); else fprintf (stderr, _("%s: invalid option -- %c\n"), argv[0], c); } optopt = c; return '?'; } /* Convenience. Treat POSIX -W foo same as long option --foo */ if (temp[0] == 'W' && temp[1] == ';') { char *nameend; const struct option *p; const struct option *pfound = NULL; int exact = 0; int ambig = 0; int indfound = 0; int option_index; /* This is an option that requires an argument. */ if (*nextchar != '\0') { optarg = nextchar; /* If we end this ARGV-element by taking the rest as an arg, we must advance to the next element now. */ optind++; } else if (optind == argc) { if (opterr) { /* 1003.2 specifies the format of this message. */ fprintf (stderr, _("%s: option requires an argument -- %c\n"), argv[0], c); } optopt = c; if (optstring[0] == ':') c = ':'; else c = '?'; return c; } else /* We already incremented `optind' once; increment it again when taking next ARGV-elt as argument. */ optarg = argv[optind++]; /* optarg is now the argument, see if it's in the table of longopts. */ for (nextchar = nameend = optarg; *nameend && *nameend != '='; nameend++) /* Do nothing. */ ; /* Test all long options for either exact match or abbreviated matches. */ for (p = longopts, option_index = 0; p->name; p++, option_index++) if (!strncmp (p->name, nextchar, nameend - nextchar)) { if ((unsigned int) (nameend - nextchar) == strlen (p->name)) { /* Exact match found. */ pfound = p; indfound = option_index; exact = 1; break; } else if (pfound == NULL) { /* First nonexact match found. */ pfound = p; indfound = option_index; } else /* Second or later nonexact match found. */ ambig = 1; } if (ambig && !exact) { if (opterr) fprintf (stderr, _("%s: option `-W %s' is ambiguous\n"), argv[0], argv[optind]); nextchar += strlen (nextchar); optind++; return '?'; } if (pfound != NULL) { option_index = indfound; if (*nameend) { /* Don't test has_arg with >, because some C compilers don't allow it to be used on enums. */ if (pfound->has_arg) optarg = nameend + 1; else { if (opterr) fprintf (stderr, _("\ %s: option `-W %s' doesn't allow an argument\n"), argv[0], pfound->name); nextchar += strlen (nextchar); return '?'; } } else if (pfound->has_arg == 1) { if (optind < argc) optarg = argv[optind++]; else { if (opterr) fprintf (stderr, _("%s: option `%s' requires an argument\n"), argv[0], argv[optind - 1]); nextchar += strlen (nextchar); return optstring[0] == ':' ? ':' : '?'; } } nextchar += strlen (nextchar); if (longind != NULL) *longind = option_index; if (pfound->flag) { *(pfound->flag) = pfound->val; return 0; } return pfound->val; } nextchar = NULL; return 'W'; /* Let the application handle it. */ } if (temp[1] == ':') { if (temp[2] == ':') { /* This is an option that accepts an argument optionally. */ if (*nextchar != '\0') { optarg = nextchar; optind++; } else optarg = NULL; nextchar = NULL; } else { /* This is an option that requires an argument. */ if (*nextchar != '\0') { optarg = nextchar; /* If we end this ARGV-element by taking the rest as an arg, we must advance to the next element now. */ optind++; } else if (optind == argc) { if (opterr) { /* 1003.2 specifies the format of this message. */ fprintf (stderr, _("%s: option requires an argument -- %c\n"), argv[0], c); } optopt = c; if (optstring[0] == ':') c = ':'; else c = '?'; } else /* We already incremented `optind' once; increment it again when taking next ARGV-elt as argument. */ optarg = argv[optind++]; nextchar = NULL; } } return c; } } int getopt (argc, argv, optstring) int argc; char *const *argv; const char *optstring; { return _getopt_internal (argc, argv, optstring, (const struct option *) 0, (int *) 0, 0); } #endif /* Not ELIDE_CODE. */ #ifdef TEST /* Compile with -DTEST to make an executable for use in testing the above definition of `getopt'. */ int main (argc, argv) int argc; char **argv; { int c; int digit_optind = 0; while (1) { int this_option_optind = optind ? optind : 1; c = getopt (argc, argv, "abc:d:0123456789"); if (c == -1) break; switch (c) { case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': if (digit_optind != 0 && digit_optind != this_option_optind) printf ("digits occur in two different argv-elements.\n"); digit_optind = this_option_optind; printf ("option %c\n", c); break; case 'a': printf ("option a\n"); break; case 'b': printf ("option b\n"); break; case 'c': printf ("option c with value `%s'\n", optarg); break; case '?': break; default: printf ("?? getopt returned character code 0%o ??\n", c); } } if (optind < argc) { printf ("non-option ARGV-elements: "); while (optind < argc) printf ("%s ", argv[optind++]); printf ("\n"); } exit (0); } #endif /* TEST */ pptpd-1.4.0/ppphdlc.c0000664000175000017500000000731712231653065011377 00000000000000/* * ppphdlc.c * * Copied from C. S. Ananian's linux client ppp_fcs.c * This code can also be found in RFC1662 */ /* Fast Frame Check Sequence (FCS) Implementation, for HDLC-like framing of * PPP. Adapted by C. Scott Ananian * from RFC1662: * * C.2. 16-bit FCS Computation Method * * The following code provides a table lookup computation for * calculating the Frame Check Sequence as data arrives at the * interface. This implementation is based on [7], [8], and [9]. * * [7] Perez, "Byte-wise CRC Calculations", IEEE Micro, June 1983. * * [8] Morse, G., "Calculating CRC's by Bits and Bytes", Byte, * September 1986. * * [9] LeVan, J., "A Fast CRC", Byte, November 1987. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #include #include "ppphdlc.h" /* * FCS lookup table as calculated by the table generator. */ u_int16_t fcstab[256] = { 0x0000, 0x1189, 0x2312, 0x329b, 0x4624, 0x57ad, 0x6536, 0x74bf, 0x8c48, 0x9dc1, 0xaf5a, 0xbed3, 0xca6c, 0xdbe5, 0xe97e, 0xf8f7, 0x1081, 0x0108, 0x3393, 0x221a, 0x56a5, 0x472c, 0x75b7, 0x643e, 0x9cc9, 0x8d40, 0xbfdb, 0xae52, 0xdaed, 0xcb64, 0xf9ff, 0xe876, 0x2102, 0x308b, 0x0210, 0x1399, 0x6726, 0x76af, 0x4434, 0x55bd, 0xad4a, 0xbcc3, 0x8e58, 0x9fd1, 0xeb6e, 0xfae7, 0xc87c, 0xd9f5, 0x3183, 0x200a, 0x1291, 0x0318, 0x77a7, 0x662e, 0x54b5, 0x453c, 0xbdcb, 0xac42, 0x9ed9, 0x8f50, 0xfbef, 0xea66, 0xd8fd, 0xc974, 0x4204, 0x538d, 0x6116, 0x709f, 0x0420, 0x15a9, 0x2732, 0x36bb, 0xce4c, 0xdfc5, 0xed5e, 0xfcd7, 0x8868, 0x99e1, 0xab7a, 0xbaf3, 0x5285, 0x430c, 0x7197, 0x601e, 0x14a1, 0x0528, 0x37b3, 0x263a, 0xdecd, 0xcf44, 0xfddf, 0xec56, 0x98e9, 0x8960, 0xbbfb, 0xaa72, 0x6306, 0x728f, 0x4014, 0x519d, 0x2522, 0x34ab, 0x0630, 0x17b9, 0xef4e, 0xfec7, 0xcc5c, 0xddd5, 0xa96a, 0xb8e3, 0x8a78, 0x9bf1, 0x7387, 0x620e, 0x5095, 0x411c, 0x35a3, 0x242a, 0x16b1, 0x0738, 0xffcf, 0xee46, 0xdcdd, 0xcd54, 0xb9eb, 0xa862, 0x9af9, 0x8b70, 0x8408, 0x9581, 0xa71a, 0xb693, 0xc22c, 0xd3a5, 0xe13e, 0xf0b7, 0x0840, 0x19c9, 0x2b52, 0x3adb, 0x4e64, 0x5fed, 0x6d76, 0x7cff, 0x9489, 0x8500, 0xb79b, 0xa612, 0xd2ad, 0xc324, 0xf1bf, 0xe036, 0x18c1, 0x0948, 0x3bd3, 0x2a5a, 0x5ee5, 0x4f6c, 0x7df7, 0x6c7e, 0xa50a, 0xb483, 0x8618, 0x9791, 0xe32e, 0xf2a7, 0xc03c, 0xd1b5, 0x2942, 0x38cb, 0x0a50, 0x1bd9, 0x6f66, 0x7eef, 0x4c74, 0x5dfd, 0xb58b, 0xa402, 0x9699, 0x8710, 0xf3af, 0xe226, 0xd0bd, 0xc134, 0x39c3, 0x284a, 0x1ad1, 0x0b58, 0x7fe7, 0x6e6e, 0x5cf5, 0x4d7c, 0xc60c, 0xd785, 0xe51e, 0xf497, 0x8028, 0x91a1, 0xa33a, 0xb2b3, 0x4a44, 0x5bcd, 0x6956, 0x78df, 0x0c60, 0x1de9, 0x2f72, 0x3efb, 0xd68d, 0xc704, 0xf59f, 0xe416, 0x90a9, 0x8120, 0xb3bb, 0xa232, 0x5ac5, 0x4b4c, 0x79d7, 0x685e, 0x1ce1, 0x0d68, 0x3ff3, 0x2e7a, 0xe70e, 0xf687, 0xc41c, 0xd595, 0xa12a, 0xb0a3, 0x8238, 0x93b1, 0x6b46, 0x7acf, 0x4854, 0x59dd, 0x2d62, 0x3ceb, 0x0e70, 0x1ff9, 0xf78f, 0xe606, 0xd49d, 0xc514, 0xb1ab, 0xa022, 0x92b9, 0x8330, 0x7bc7, 0x6a4e, 0x58d5, 0x495c, 0x3de3, 0x2c6a, 0x1ef1, 0x0f78 }; #ifndef PPPINITFCS16 #define PPPINITFCS16 0xffff /* Initial FCS value */ #endif #ifndef PPPGOODFCS16 #define PPPGOODFCS16 0xf0b8 /* Good final FCS value */ #endif #if 0 /* * Calculate a new fcs given the current fcs and the new data. * * "#if 0" since the checksumming is now done 'on the fly' */ u_int16_t pppfcs16(u_int16_t fcs, void *_cp, int len) { register unsigned char *cp = (unsigned char *) _cp; while (len--) fcs = (fcs >> 8) ^ fcstab[(fcs ^ *cp++) & 0xff]; return (fcs); } #endif pptpd-1.4.0/bcrelay.c0000664000175000017500000011366412231652232011364 00000000000000// A broadcast packet repeater. This packet repeater (currently designed for // udp packets) will listen for broadcast packets. // When it receives the packets, it will then re-broadcast the packet. // // Written by TheyCallMeLuc(at)yahoo.com.au // I accept no responsiblity for the function of this program if you // choose to use it. // Modified for Poptop by Richard de Vroede // Ditto on the no responsibility. // // Rewritten by Norbert van Bolhuis bcrelay (v1.0+) // now supports/does: // 1) Relaying from PPP (VPN tunnel) interfaces, hereby creating a virtual // LAN (w.r.t. UDP broadcasts) for VPN clients and ethernet PCs // belonging/matching the subnet portion of the VPN IP addresses. // So now broadcasting to/from all systems of the VPN has been implemented. // Note that bcrelay v0.5 only relayed from LAN to VPN clients. // It doesn't matter whether the systems on the VPN are on the LAN of the // VPN server or have a VPN/PPTP connection (over the internet) to the VPN // server. Broadcasts will always be relayed to/from all given interfaces. And // as long as the subnet portion of the IP addresses of the systems on the VPN // matches, the VPN server will be able to route properly. This means all // networking applications/games that rely on a UDP broadcast from one or // more PPP (VPN tunnel) interfaces will now see eachother and work over // the VPN. // Note that it depends on the networking application/game and whoever // acts as application/game server/host who is sending (UPD) broadcasts // and who is listening. // 2) UDP broadcasts received on a PPP interface (VPN tunnel) sometimes // don't carry the VPN IP address which pptpd provisioned. I've seen // this happening on a WinXP SP1 box, especially when the application // responsible for the UDP broadcasts isn't aware of the PPP interface. // In this case it just uses the LAN IP src address for the IP src // address of the inner (GRE encapsulated) IP packet. This breaks // the "virtual LAN" and therefore bcrelay, as of this version, changes // the src IP address to the VPN IP address (which pptpd provisioned) // before relaying. // 3) To avoid a UDP broadcast loop, bcrelay changes the IP TTL and the // UDP checksum (to 1 and 0 respectively) of the UDP broadcasts it relays. // No relaying will be done for UDP broadcasts with IP TTL=1 and UDP // checksum=0. Could also (mis)use IP identification for this, but IP TTL // and UDP chksum combination is expected to work fine. // 4) bcrelay v0.5 forgot to update IP/UDP checksum when it changed the // dest. IP address (e.g. from 192.168.1.255 to 255.255.255.255). // Of course as of this version bcrelay always updates the IP/UDP // checksum since the IP TTL and src IP address will change also. // 5) Enhanced the (syslog) debugging capabilities. By default bcrelay will // show what it is doing. Bcrelay will syslog the IP interfaces it tries // to read/relay UDP broadcasts from/to. These interfaces are called // the 'active interfaces', bcrelay will syslog the initial set of active // interfaces and whenever the set changes. Currently there is no difference // between an incoming interface (given with -i) and an outgoing interface // (given with -o), so bcrelay won't show this attribute. Also, bcrelay will // syslog a successfully relayed UDP broadcast, including the UDP port numbers, // the incoming interface and the interface(s) to which it was successfully // relayed. The (new) -n option allows to suppress syslog tracing. // If -n is given, bcrelay shows/syslogs nothing, except fatal error // messages. // // This software is completely free. You can use and/or modify this // software to your hearts content. You are free to redistribute it as // long as it is accompanied with the source and my credit is included. #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifdef __linux__ #define _GNU_SOURCE 1 /* strdup() prototype, broken arpa/inet.h */ #endif #ifdef __svr4__ #define __EXTENSIONS__ 1 /* strdup() prototype */ #endif #ifdef __sgi__ #define _XOPEN_SOURCE 500 /* strdup() prototype */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "defaults.h" #include "our_syslog.h" #include "our_getopt.h" //#define VERSION "1.0" /* uncomment if you compile this without poptop's configure script */ //#define HAVE_FORK /* * Value-return macros to fields in the IP PDU header */ #define IP_IPPDU_IHL(ippdu) (*(unsigned char *)(ippdu) & 0x0F) #define IP_IPPDU_PROTO(ippdu) (*((unsigned char *)(ippdu) + 9) & 0xFF) /* * Pointer macros to fields in the IP PDU header */ #define IP_IPPDU_CHECKSUM_MSB_PTR(ippdu) ((unsigned char *)(ippdu) + 10 ) #define IP_IPPDU_CHECKSUM_LSB_PTR(ippdu) ((unsigned char *)(ippdu) + 11 ) /* * Pointer macros to fields in the UDP PDU header */ #define IP_UDPPDU_CHECKSUM_MSB_PTR(udppdu) ((unsigned char *)(udppdu) + 6 ) #define IP_UDPPDU_CHECKSUM_LSB_PTR(udppdu) ((unsigned char *)(udppdu) + 7 ) #define MAXIF 255 // Maximum interfaces to use #define MAX_SELECT_WAIT 3 // Maximum time (in secs) to wait for input on the socket/interfaces // A time-out triggers the discovery of new interfaces. #define MAX_NODISCOVER_IFS 12 // Maximum time (in secs) to elaps before a discovery of new // interfaces is triggered. Only when a packet keeps coming in // (this prevents a select time-out) a variable initialized with // this #define becomes 0 and a rediscovery of the interfaces is // triggered. #define MAX_IFLOGTOSTR 16 /* Local function prototypes */ static void showusage(char *prog); static void showversion(); #ifndef HAVE_DAEMON static void my_daemon(int argc, char **argv); #endif static void mainloop(int argc, char **argv); struct packet { struct iphdr ip; struct udphdr udp; char data[ETHERMTU]; }; /* * struct that keeps track of the interfaces of the system * selected upon usage by bcrelay (with -i and -o option). * An array of this struct is returned by discoverActiveInterfaces. * This array is reset (filled from scratch) each time * discoverActiveInterfaces is called. */ struct iflist { //Fix 3mar2003 //char index; int index; u_int32_t bcast; char ifname[16+1]; unsigned long ifaddr; unsigned long ifdstaddr; unsigned long flags1; }; #define IFLIST_FLAGS1_IF_IS_ETH 0x00000001 #define IFLIST_FLAGS1_IF_IS_PPP 0x00000002 #define IFLIST_FLAGS1_IF_IS_UNKNOWN 0x00000004 #define IFLIST_FLAGS1_CHANGED_INNER_SADDR 0x00010000 /* * struct that keeps track of the socket fd's for every interface * that is in use (and thus present in iflist). * Two permanent arrays of this struct are used, one for the * previous/old list and one for the current list. */ struct ifsnr { int sock_nr; int ifindex; }; static void copy_ifsnr(struct ifsnr *from, struct ifsnr *to); static int find_sock_nr(struct ifsnr *l, int ifidx); struct iflist *discoverActiveInterfaces(int s); void ip_update_checksum(unsigned char *ippdu); static char *IpProtToString( unsigned char prot ); static char *iflistToString( struct iflist *ifp ); static char *iflistLogIToString( struct iflist *ifp, int idx, struct ifsnr *ifnr ); static char *iflistLogRToString( struct iflist *ifp, int idx, struct ifsnr *ifnr ); static void bind_to_iface(int fd, int ifindex); /* * This global variable determines whether NVBCR_PRINTF actually * displays something. While developping v1.0, NVBCR_PRINTF were * printf and a lot of tracing/logging/debugging was done with these. * Of course, by default these 'info' messages have been turned off * now. Enable by setting variable to 1. Note that output will only * appear in non-daemon mode (see also NVBCR_PRINTF). */ static int do_org_info_printfs = 0; static int vnologging = 0; static int vdaemon = 0; #define NVBCR_PRINTF( args ) \ if ((vdaemon == 0) && (do_org_info_printfs == 1)) printf args static char empty[1] = ""; static char interfaces[32]; static char log_interfaces[MAX_IFLOGTOSTR*MAXIF]; static char log_relayed[(MAX_IFLOGTOSTR-1)*MAXIF+81]; static char *ipsec = empty; static void showusage(char *prog) { printf("\nBCrelay v%s\n\n", VERSION); printf("A broadcast packet repeater. This packet repeater (currently designed for udp packets) will listen\n"); printf(" for broadcast packets. When it receives the packets, it will then re-broadcast the packet.\n\n"); printf("Usage: %s [options], where options are:\n\n", prog); printf(" [-d] [--daemon] Run as daemon.\n"); printf(" [-h] [--help] Displays this help message.\n"); printf(" [-i] [--incoming ] Defines from which interface broadcasts will be relayed.\n"); printf(" [-n] [--nolog] No logging/tracing to /var/log/messages.\n"); printf(" [-o] [--outgoing ] Defines to which interface broadcasts will be relayed.\n"); printf(" [-s] [--ipsec ] Defines an ipsec tunnel to be relayed to.\n"); printf(" Since ipsec tunnels terminate on the same interface, we need to define the broadcast\n"); printf(" address of the other end-point of the tunnel. This is done as ipsec0:x.x.x.255\n"); printf(" [-v] [--version] Displays the BCrelay version number.\n"); printf("\nLog messages and debugging go to syslog as DAEMON.\n\n"); printf("\nInterfaces can be specified as regexpressions, ie. ppp[0-9]+\n\n"); } static void showversion() { printf("BCrelay v%s\n", VERSION); } #ifndef HAVE_DAEMON static void my_daemon(int argc, char **argv) { pid_t pid; #ifndef BCRELAY_BIN /* Need a smart way to locate the binary -rdv */ #define BCRELAY_BIN argv[0] #endif #ifndef HAVE_FORK /* need to use vfork - eg, uClinux */ char **new_argv; extern char **environ; int minusd=0; int i; int fdr; /* Strip -d option */ new_argv = malloc((argc) * sizeof(char **)); fdr = open("/dev/null", O_RDONLY); new_argv[0] = BCRELAY_BIN; for (i = 1; argv[i] != NULL; i++) { if (fdr != 0) { dup2(fdr, 0); close(fdr); } if ( (strcmp(argv[i],"-d")) == 0 ) { minusd=1; } if (minusd) { new_argv[i] = argv[i+1]; } else { new_argv[i] = argv[i]; } } syslog(LOG_DEBUG, "Option parse OK, re-execing as daemon"); fflush(stderr); if ((pid = vfork()) == 0) { if (setsid() < 0) { /* shouldn't fail */ syslog(LOG_ERR, "Setsid failed!"); _exit(1); } chdir("/"); umask(0); /* execve only returns on an error */ execve(BCRELAY_BIN, new_argv, environ); exit(1); } else if (pid > 0) { syslog(LOG_DEBUG, "Success re-execing as daemon!"); exit(0); } else { syslog(LOG_ERR, "Error vforking"); exit(1); } #else pid=fork(); if (pid<0) { syslog(LOG_ERR, "Error forking"); _exit(1); } if (pid>0) { syslog(LOG_DEBUG, "Parent exits"); _exit(0); } if (pid==0) { syslog(LOG_DEBUG, "Running as child"); } /* child (daemon) continues */ if (setsid() < 0) { /* shouldn't fail */ syslog(LOG_ERR, "Setsid failed!"); _exit(1); } chdir("/"); #endif } #endif int main(int argc, char **argv) { regex_t preg; /* command line options */ int c; char *ifout = empty; char *ifin = empty; #ifndef BCRELAY fprintf(stderr, "bcrelay: pptpd was compiled without support for bcrelay, exiting.\n" " run configure --with-bcrelay, make, and install.\n"); exit(1); #endif /* open a connection to the syslog daemon */ openlog("bcrelay", LOG_PID, PPTP_FACILITY); while (1) { int option_index = 0; static struct option long_options[] = { {"nolog", 0, 0, 0}, {"daemon", 0, 0, 0}, {"help", 0, 0, 0}, {"incoming", 1, 0, 0}, {"outgoing", 1, 0, 0}, {"ipsec", 1, 0, 0}, {"version", 0, 0, 0}, {0, 0, 0, 0} }; c = getopt_long(argc, argv, "ndhi:o:s:v", long_options, &option_index); if (c == -1) break; /* convert long options to short form */ if (c == 0) c = "ndhiosv"[option_index]; switch (c) { case 'n': vnologging = 1; break; case 'd': vdaemon = 1; break; case 'h': showusage(argv[0]); return 0; case 'i': ifin = strdup(optarg); break; case 'o': ifout = strdup(optarg); break; case 's': ipsec = strdup(optarg); // Validate the ipsec parameters regcomp(&preg, "ipsec[0-9]+:[0-9]+.[0-9]+.[0-9]+.255", REG_EXTENDED); if (regexec(&preg, ipsec, 0, NULL, 0)) { syslog(LOG_INFO,"Bad syntax: %s", ipsec); fprintf(stderr, "\nBad syntax: %s\n", ipsec); showusage(argv[0]); return 0; } else { regfree(&preg); break; } case 'v': showversion(); return 0; default: showusage(argv[0]); return 1; } } if (ifin == empty) { syslog(LOG_INFO,"Incoming interface required!"); showusage(argv[0]); _exit(1); } if (ifout == empty && ipsec == empty) { syslog(LOG_INFO,"Listen-mode or outgoing or IPsec interface required!"); showusage(argv[0]); _exit(1); } else { sprintf(interfaces,"%s|%s", ifin, ifout); } // If specified, become Daemon. if (vdaemon) { #if HAVE_DAEMON closelog(); if (freopen("/dev/null", "r", stdin) == NULL) { syslog(LOG_ERR, "failed to reopen stdin"); } /* set noclose, we want stdout/stderr still attached if we can */ if (daemon(0, 1) == -1) { syslog_perror("daemon"); } /* returns to child only */ /* pid will have changed */ openlog("bcrelay", LOG_PID, PPTP_FACILITY); #else /* !HAVE_DAEMON */ my_daemon(argc, argv); /* returns to child if !HAVE_FORK * never returns if HAVE_FORK (re-execs without -d) */ #endif } else { syslog(LOG_INFO, "Running as child\n"); } mainloop(argc,argv); _exit(0); } static void mainloop(int argc, char **argv) { socklen_t salen = sizeof(struct sockaddr_ll); int i, s, rcg, j, no_discifs_cntr, ifs_change; int logstr_cntr; struct iflist *iflist = NULL; // Initialised after the 1st packet struct sockaddr_ll sa; struct packet *ipp_p; unsigned char *udppdu; fd_set sock_set; struct timeval time_2_wait; static struct ifsnr old_ifsnr[MAXIF+1]; // Old iflist to socket fd's mapping list static struct ifsnr cur_ifsnr[MAXIF+1]; // Current iflist to socket fd's mapping list unsigned char buf[1518]; char *logstr = empty; no_discifs_cntr = MAX_NODISCOVER_IFS; ifs_change = 0; /* * Open general ethernet socket, only used to discover interfaces. */ if ((s = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL))) < 0) syslog(LOG_INFO,"%s: Error creating socket", *argv); /* * Discover interfaces (initial set) and create a dedicated socket bound to the interface */ memset(old_ifsnr, -1, sizeof(old_ifsnr)); memset(cur_ifsnr, -1, sizeof(cur_ifsnr)); iflist = discoverActiveInterfaces(s); for (i=0; iflist[i].index; ++i) { if ((cur_ifsnr[i].sock_nr = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL))) < 0) { syslog(LOG_ERR, "mainloop: Error, socket error! (rv=%d, errno=%d)", cur_ifsnr[i].sock_nr, errno); exit(1); } bind_to_iface(cur_ifsnr[i].sock_nr, iflist[i].index); cur_ifsnr[i].ifindex = iflist[i].index; } NVBCR_PRINTF(("Displaying INITIAL active interfaces..\n")); if (vnologging == 0) { logstr = log_interfaces; logstr_cntr = sprintf(logstr, "Initial active interfaces: "); logstr += logstr_cntr; } for (i = 0; iflist[i].index; i++) { NVBCR_PRINTF(("\t\tactive interface number: %d, if=(%s), sock_nr=%d\n", i, iflistToString(&(iflist[i])), cur_ifsnr[i].sock_nr)); if (vnologging == 0) { logstr_cntr = sprintf(logstr, "%s ", iflistLogIToString(&(iflist[i]), i, &(cur_ifsnr[i]))); logstr += logstr_cntr; } } if (vnologging == 0) syslog(LOG_INFO, "%s", log_interfaces); // Main loop while (1) { /* * Check all (interface) sockets for incoming packets */ FD_ZERO(&sock_set); for (i=0; iflist[i].index; ++i) { if (cur_ifsnr[i].sock_nr >= 0) { FD_SET(cur_ifsnr[i].sock_nr, &sock_set); } } /* * Don't wait more than MAX_SELECT_WAIT seconds */ time_2_wait.tv_sec = MAX_SELECT_WAIT; time_2_wait.tv_usec = 0L; /* select on sockets */ rcg = select(MAXIF, &sock_set, (fd_set *) NULL,(fd_set *) NULL, &time_2_wait); if (rcg < 0) { syslog(LOG_ERR, "Error, select error! (rv=%d, errno=%d)", rcg, errno); exit(1); } if (rcg == 0) { /* TimeOut, rediscover interfaces */ NVBCR_PRINTF(("Select timeout, rediscover interfaces\n")); copy_ifsnr(cur_ifsnr, old_ifsnr); memset(cur_ifsnr, -1, sizeof(cur_ifsnr)); iflist = discoverActiveInterfaces(s); /* * Build new cur_ifsnr list. * Make iflist[i] correspond with cur_ifsnr[i], so iflist[i].index == cur_ifsnr[i].ifindex * The old list (old_ifsnr) is used to compare. */ for (i=0; iflist[i].index; ++i) { /* check to see if it is a NEW interface */ int fsnr = find_sock_nr(old_ifsnr, iflist[i].index); if (fsnr == -1) { /* found new interface, open dedicated socket and bind it to the interface */ if ((cur_ifsnr[i].sock_nr = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL))) < 0) { syslog(LOG_ERR, "mainloop: Error, socket error! (rv=%d, errno=%d)", cur_ifsnr[i].sock_nr, errno); exit(1); } bind_to_iface(cur_ifsnr[i].sock_nr, iflist[i].index); ifs_change = 1; } else { /* * not a new interface, socket already openen, interface already * bound. Update cur_ifsnr. */ cur_ifsnr[i].sock_nr = fsnr; } cur_ifsnr[i].ifindex = iflist[i].index; } /* Close disappeared interfaces */ for (i=0; i displaying current active interfaces..\n")); if (vnologging == 0) { logstr = log_interfaces; logstr_cntr = sprintf(logstr, "Active interface set changed to: "); logstr += logstr_cntr; } for (i = 0; iflist[i].index; i++) { NVBCR_PRINTF(("\t\tactive interface number: %d, if=(%s), sock_nr=%d\n", i, iflistToString(&(iflist[i])), cur_ifsnr[i].sock_nr)); if (vnologging == 0) { logstr_cntr = sprintf(logstr, "%s ", iflistLogIToString(&(iflist[i]), i, &(cur_ifsnr[i]))); logstr += logstr_cntr; } } if (vnologging == 0) syslog(LOG_INFO, "%s", log_interfaces); ifs_change = 0; } continue; } if (rcg > 0) { /* rcg interfaces have pending input */ for (i=0; ((iflist[i].index != 0) && (rcg > 0)); ++i) { if ((cur_ifsnr[i].sock_nr != -1) && (FD_ISSET(cur_ifsnr[i].sock_nr,&sock_set))) { /* Valid socket number and pending input, let's read */ int rlen = read(cur_ifsnr[i].sock_nr, buf, sizeof(buf)); ipp_p = (struct packet *)&(buf[0]); NVBCR_PRINTF(("IP_Packet=(tot_len=%d, id=%02x%02x, ttl=%d, prot=%s, src_ip=%d.%d.%d.%d, dst_ip=%d.%d.%d.%d) (on if: %d/%d) ", ntohs(ipp_p->ip.tot_len), (ntohs(ipp_p->ip.id))>>8, (ntohs(ipp_p->ip.id))&0x00ff, ipp_p->ip.ttl, IpProtToString(ipp_p->ip.protocol), (ntohl(ipp_p->ip.saddr))>>24, ((ntohl(ipp_p->ip.saddr))&0x00ff0000)>>16, ((ntohl(ipp_p->ip.saddr))&0x0000ff00)>>8, (ntohl(ipp_p->ip.saddr))&0x000000ff, (ntohl(ipp_p->ip.daddr))>>24, ((ntohl(ipp_p->ip.daddr))&0x00ff0000)>>16, ((ntohl(ipp_p->ip.daddr))&0x0000ff00)>>8, (ntohl(ipp_p->ip.daddr))&0x000000ff, i, iflist[i].index)); rcg -= 1; if ( (ipp_p->ip.protocol == IPPROTO_UDP) && (((ntohl(ipp_p->ip.daddr)) & 0x000000ff) == 0x000000ff) && (ipp_p->ip.ttl != 1) && (!((*IP_UDPPDU_CHECKSUM_MSB_PTR((unsigned char *)ipp_p+(4*ipp_p->ip.ihl)) == 0) && (*IP_UDPPDU_CHECKSUM_LSB_PTR((unsigned char *)ipp_p+(4*ipp_p->ip.ihl)) == 0))) ) { int nrsent; int ifindex_to_exclude = iflist[i].index; NVBCR_PRINTF(("is an UDP BROADCAST (dstPort=%d, srcPort=%d) (with TTL!=1 and UDP_CHKSUM!=0)\n\n", ntohs(ipp_p->udp.dest), ntohs(ipp_p->udp.source))); if (vnologging == 0) { logstr = log_relayed; logstr_cntr = sprintf(logstr, "UDP_BroadCast(sp=%d,dp=%d) from: %s relayed to: ", ntohs(ipp_p->udp.source), ntohs(ipp_p->udp.dest), iflistLogRToString(&(iflist[i]), i, &(cur_ifsnr[i]))); logstr += logstr_cntr; } /* going to relay a broadcast packet on all the other interfaces */ for (j=0; iflist[j].index; ++j) { int prepare_ipp = 0; // Changing the incoming UDP broadcast needs to be done once if (iflist[j].index != ifindex_to_exclude) { NVBCR_PRINTF(("Going to sent UDP Broadcast on interface: %s, sock_nr=%d\n", iflistToString(&(iflist[j])), cur_ifsnr[j].sock_nr)); memset(&sa, 0, salen); sa.sll_family = AF_PACKET; sa.sll_ifindex = iflist[j].index; /* Must be the SIOCGIFINDEX number */ // Set the outgoing hardware address to 1's. True Broadcast sa.sll_addr[0] = sa.sll_addr[1] = sa.sll_addr[2] = sa.sll_addr[3] = 0xff; sa.sll_addr[4] = sa.sll_addr[5] = sa.sll_addr[6] = sa.sll_addr[7] = 0xff; sa.sll_halen = 6; /* * htons(ETH_P_IP) is necessary otherwise sendto will * succeed but no packet is actually sent on the wire (this * was the case for PPP interfaces, for ETH interfaces an unknown * LAN frame is sent if htons(ETH_P_IP) is not set as protocol). */ sa.sll_protocol = htons(ETH_P_IP); /* ETH_P_PPP_MP */ if (prepare_ipp == 0) { // change TimeToLive to 1, This is to avoid loops, bcrelay will *NOT* relay // anything with TTL==1. ipp_p->ip.ttl = 1; // The CRC gets broken here when sending over ipsec tunnels but that // should not matter as we reassemble the packet at the other end. ipp_p->ip.daddr = iflist[j].bcast; // check IP srcAddr (on some winXP boxes it is found to be // different from the configured ppp address). // Only do this for PPP interfaces. if ((iflist[i].flags1 & IFLIST_FLAGS1_IF_IS_PPP) && (ntohl(ipp_p->ip.saddr) != iflist[i].ifdstaddr)) { ipp_p->ip.saddr = htonl(iflist[i].ifdstaddr); iflist[i].flags1 |= IFLIST_FLAGS1_CHANGED_INNER_SADDR; } // Update IP checkSum (TTL and src/dest IP Address might have changed) ip_update_checksum((unsigned char *)ipp_p); /* Disable upper layer checksum */ udppdu = (unsigned char *)ipp_p + (4 * ipp_p->ip.ihl); *IP_UDPPDU_CHECKSUM_MSB_PTR(udppdu) = (unsigned char)0; *IP_UDPPDU_CHECKSUM_LSB_PTR(udppdu) = (unsigned char)0; prepare_ipp = 1; } /* * The beauty of sending IP packets on a PACKET socket of type SOCK_DGRAM is that * there is no need to concern about the physical/link layer header because it is * filled in automatically (based on the contents of sa). */ if ((nrsent = sendto(cur_ifsnr[j].sock_nr, ipp_p, rlen, MSG_DONTWAIT|MSG_TRYHARD, (struct sockaddr *)&sa, salen)) < 0) { if (errno == ENETDOWN) { syslog(LOG_NOTICE, "ignored ENETDOWN from sendto(), a network interface was going down?"); } else if (errno == ENXIO) { syslog(LOG_NOTICE, "ignored ENXIO from sendto(), a network interface went down?"); } else if (errno == ENOBUFS) { syslog(LOG_NOTICE, "ignored ENOBUFS from sendto(), temporary shortage of buffer memory"); } else { syslog(LOG_ERR, "mainloop: Error, sendto failed! (rv=%d, errno=%d)", nrsent, errno); exit(1); } } NVBCR_PRINTF(("Successfully relayed %d bytes \n", nrsent)); if (vnologging == 0) { logstr_cntr = sprintf(logstr, "%s ", iflistLogRToString(&(iflist[j]), j, &(cur_ifsnr[j]))); logstr += logstr_cntr; } } } if (vnologging == 0) syslog(LOG_INFO, "%s", log_relayed); } else { NVBCR_PRINTF(("is NOT an UDP BROADCAST (with TTL!=1 and UDP_CHKSUM!=0)\n\n")); } } } /* * Don't forget to discover new interfaces if we keep getting * incoming packets (on an already discovered interface). */ if (no_discifs_cntr == 0) { no_discifs_cntr = MAX_NODISCOVER_IFS; /* no_discifs_cntr became 0, rediscover interfaces */ NVBCR_PRINTF(("no_discifs_cntr became 0, rediscover interfaces\n")); copy_ifsnr(cur_ifsnr, old_ifsnr); memset(cur_ifsnr, -1, sizeof(cur_ifsnr)); iflist = discoverActiveInterfaces(s); /* * Build new cur_ifsnr list. * Make iflist[i] correspond with cur_ifsnr[i], so iflist[i].index == cur_ifsnr[i].ifindex * The old list (old_ifsnr) is used to compare. */ for (i=0; iflist[i].index; ++i) { /* check to see if it is a NEW interface */ int fsnr = find_sock_nr(old_ifsnr, iflist[i].index); if (fsnr == -1) { /* found new interface, open dedicated socket and bind it to the interface */ if ((cur_ifsnr[i].sock_nr = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL))) < 0) { syslog(LOG_ERR, "mainloop: Error, socket error! (rv=%d, errno=%d)", cur_ifsnr[i].sock_nr, errno); exit(1); } bind_to_iface(cur_ifsnr[i].sock_nr, iflist[i].index); ifs_change = 1; } else { /* * not a new interface, socket already openen, interface already * bound. Update cur_ifsnr. */ cur_ifsnr[i].sock_nr = fsnr; } cur_ifsnr[i].ifindex = iflist[i].index; } /* Close disappeared interfaces */ for (i=0; i displaying current active interfaces..\n")); if (vnologging == 0) { logstr = log_interfaces; logstr_cntr = sprintf(logstr, "Active interface set changed to: "); logstr += logstr_cntr; } for (i = 0; iflist[i].index; i++) { NVBCR_PRINTF(("\t\tactive interface number: %d, if=(%s), sock_nr=%d\n", i, iflistToString(&(iflist[i])), cur_ifsnr[i].sock_nr)); if (vnologging == 0) { logstr_cntr = sprintf(logstr, "%s ", iflistLogIToString(&(iflist[i]), i, &(cur_ifsnr[i]))); logstr += logstr_cntr; } } if (vnologging == 0) syslog(LOG_INFO, "%s", log_interfaces); ifs_change = 0; } } else { no_discifs_cntr -= MAX_SELECT_WAIT; } } } } // Discover active interfaces struct iflist * discoverActiveInterfaces(int s) { static struct iflist iflist[MAXIF+1]; // Allow for MAXIF interfaces static struct ifconf ifs; int i, cntr = 0; regex_t preg; struct ifreq ifrflags, ifr; struct sockaddr_in *sin; /* Reset iflist */ memset(iflist, 0, sizeof(iflist)); /* Reset ifs */ memset(&ifs, 0, sizeof(ifs)); //regcomp(&preg, argv[1], REG_ICASE|REG_EXTENDED); regcomp(&preg, interfaces, REG_ICASE|REG_EXTENDED); ifs.ifc_len = MAXIF*sizeof(struct ifreq); ifs.ifc_req = malloc(ifs.ifc_len); ioctl(s, SIOCGIFCONF, &ifs); // Discover active interfaces for (i = 0; i * sizeof(struct ifreq) < ifs.ifc_len && cntr < MAXIF; i++) { if (regexec(&preg, ifs.ifc_req[i].ifr_name, 0, NULL, 0) == 0) { /* * Get interface flags and check status and type. * Only if interface is up it will be used. */ memset(&ifrflags, 0, sizeof(ifrflags)); strncpy(ifrflags.ifr_name, ifs.ifc_req[i].ifr_name, strlen(ifs.ifc_req[i].ifr_name)); if (ioctl(s, SIOCGIFFLAGS, &ifrflags) < 0) { syslog(LOG_ERR, "discoverActiveInterfaces: Error, SIOCGIFFLAGS Failed! (errno=%d)", errno); exit(1); } if (ifrflags.ifr_flags & IFF_UP) { /* * Get interface index */ ioctl(s, SIOCGIFINDEX, &ifs.ifc_req[i]); //Fix 3mar2003 //iflist[cntr].index = (char)ifs.ifc_req[i].ifr_ifindex; iflist[cntr].index = ifs.ifc_req[i].ifr_ifindex; /* * Get interface name */ strncpy(iflist[cntr].ifname, ifs.ifc_req[i].ifr_ifrn.ifrn_name, sizeof(iflist[cntr].ifname)); iflist[cntr].ifname[sizeof(iflist[cntr].ifname)-1] = 0; /* * Get local IP address */ memset(&ifr, 0, sizeof(ifr)); ifr.ifr_addr.sa_family = AF_INET; (void)strncpy(ifr.ifr_name, iflist[cntr].ifname, strlen(iflist[cntr].ifname)+1); if (ioctl(s, SIOCGIFADDR, (char *)&ifr) < 0) { syslog(LOG_ERR, "discoverActiveInterfaces: Error, SIOCGIFADDR Failed! (errno=%d)", errno); exit(1); } sin = (struct sockaddr_in *)&ifr.ifr_addr; iflist[cntr].ifaddr = ntohl(sin->sin_addr.s_addr); iflist[cntr].flags1 = 0; if (ifrflags.ifr_flags & IFF_POINTOPOINT) { /* * Get remote IP address (only for PPP interfaces) */ memset(&ifr, 0, sizeof(ifr)); ifr.ifr_addr.sa_family = AF_INET; (void)strncpy(ifr.ifr_name, iflist[cntr].ifname, strlen(iflist[cntr].ifname)+1); if (ioctl(s, SIOCGIFDSTADDR, (char *)&ifr) < 0) { syslog(LOG_ERR, "discoverActiveInterfaces: Error, SIOCGIFDSTADDR Failed! (errno=%d)", errno); exit(1); } sin = (struct sockaddr_in *)&ifr.ifr_addr; iflist[cntr].ifdstaddr = ntohl(sin->sin_addr.s_addr); iflist[cntr].flags1 |= IFLIST_FLAGS1_IF_IS_PPP; iflist[cntr].bcast = INADDR_BROADCAST; } else if (ifrflags.ifr_flags & IFF_BROADCAST) { iflist[cntr].ifdstaddr = 0; iflist[cntr].flags1 |= IFLIST_FLAGS1_IF_IS_ETH; iflist[cntr].bcast = INADDR_BROADCAST; } else { iflist[cntr].ifdstaddr = 0; iflist[cntr].flags1 |= IFLIST_FLAGS1_IF_IS_UNKNOWN; iflist[cntr].bcast = INADDR_BROADCAST; } cntr++; } // IPSEC tunnels are a fun one. We must change the destination address // so that it will be routed to the correct tunnel end point. // We can define several tunnel end points for the same ipsec interface. } else if (ipsec != empty && strncmp(ifs.ifc_req[i].ifr_name, "ipsec", 5) == 0) { if (strncmp(ifs.ifc_req[i].ifr_name, ipsec, 6) == 0) { struct hostent *hp = gethostbyname(ipsec+7); ioctl(s, SIOCGIFINDEX, &ifs.ifc_req[i]); iflist[cntr].index = ifs.ifc_req[i].ifr_ifindex; /* Store the SIOCGIFINDEX number */ memcpy(&(iflist[cntr++].bcast), hp->h_addr, sizeof(u_int32_t)); } } } iflist[cntr].index = 0; // Terminate list free(ifs.ifc_req); // Stop that leak. regfree(&preg); return iflist; } unsigned int ip_compute_checksum(unsigned char *ippdu, int hlen) { unsigned int sum = 0, temp; unsigned char *p; unsigned char cs_msb; unsigned char cs_lsb; /* Save original checksum */ cs_msb = *IP_IPPDU_CHECKSUM_MSB_PTR(ippdu); cs_lsb = *IP_IPPDU_CHECKSUM_LSB_PTR(ippdu); *IP_IPPDU_CHECKSUM_MSB_PTR(ippdu) = 0; *IP_IPPDU_CHECKSUM_LSB_PTR(ippdu) = 0; p = ippdu; hlen /= 2; /* We'll compute taking two bytes a a time */ while(hlen--) { sum += ((*p * 256) + *(p + 1)); p += 2; } while ((temp = (sum >> 16))) { sum = (temp + (sum & 0xFFFF)); } /* Restore original checksum */ *IP_IPPDU_CHECKSUM_MSB_PTR(ippdu) = cs_msb; *IP_IPPDU_CHECKSUM_LSB_PTR(ippdu) = cs_lsb; return(~sum & 0xFFFF); } void ip_update_checksum(unsigned char *ippdu) { unsigned int cs; cs = ip_compute_checksum(ippdu, 4 * IP_IPPDU_IHL(ippdu)); *IP_IPPDU_CHECKSUM_MSB_PTR(ippdu) = (unsigned char)((cs >> 8) & 0xFF); *IP_IPPDU_CHECKSUM_LSB_PTR(ippdu) = (unsigned char)(cs & 0xFF); } static char *IpProtToString( unsigned char prot ) { switch( prot ) { case 0x11: return "UDP"; case 0x6: return "TCP"; case 0x2f: return "GRE"; case 0x1: return "ICMP"; default: return "???"; } } static char *iflistToString( struct iflist *ifp ) { static char str_tr[80+1]; sprintf(str_tr, "index=%d, ifname=%s, ifaddr=%ld.%ld.%ld.%ld, ifdstaddr=%ld.%ld.%ld.%ld, flags1=0x%04lx", ifp->index, ifp->ifname, (ifp->ifaddr)>>24, ((ifp->ifaddr)&0x00ff0000)>>16, ((ifp->ifaddr)&0x0000ff00)>>8, (ifp->ifaddr)&0x000000ff, (ifp->ifdstaddr)>>24, ((ifp->ifdstaddr)&0x00ff0000)>>16, ((ifp->ifdstaddr)&0x0000ff00)>>8, (ifp->ifdstaddr)&0x000000ff, ifp->flags1); return str_tr; } static char *iflistLogRToString( struct iflist *ifp, int idx, struct ifsnr *ifnr ) { static char str_tr[MAX_IFLOGTOSTR]; /* * This makes function: 1) non-reentrant (doesn't matter). * 2) not useable multiple times by (s)printf. */ sprintf(str_tr, "%s", ifp->ifname); return str_tr; } static char *iflistLogIToString( struct iflist *ifp, int idx, struct ifsnr *ifnr ) { static char str_tr[MAX_IFLOGTOSTR]; /* * This makes function: 1) non-reentrant (doesn't matter). * 2) not useable multiple times by (s)printf. */ sprintf(str_tr, "%s(%d/%d/%d)", ifp->ifname, idx, ifp->index, ifnr->sock_nr); return str_tr; } static void bind_to_iface(int fd, int ifindex) { struct sockaddr_ll sll; memset(&sll, 0, sizeof(sll)); sll.sll_family = AF_PACKET; sll.sll_ifindex = ifindex; sll.sll_protocol = htons(ETH_P_ALL); if (bind(fd, (struct sockaddr *) &sll, sizeof(sll)) == -1) { syslog(LOG_ERR, "bind_to_iface: Error, bind failed! (rv=-1, errno=%d)", errno); exit(1); } } static void copy_ifsnr(struct ifsnr *from, struct ifsnr *to) { int i; for (i=0; i #include #include #include #include #include #include #include #include #include #include #include #include #ifdef HAVE_SYS_UIO_H #include #endif #ifdef VRF #include #endif #include "ppphdlc.h" #include "pptpgre.h" #include "pptpdefs.h" #include "pptpctrl.h" #include "defaults.h" #include "pqueue.h" #ifndef HAVE_STRERROR #include "compat.h" #endif #define PACKET_MAX 8196 typedef int (*callback_t)(int cl, void *pack, unsigned int len); /* test for a 32 bit counter overflow */ #define WRAPPED( curseq, lastseq) \ ((((curseq) & 0xffffff00) == 0) && \ (((lastseq) & 0xffffff00 ) == 0xffffff00)) static struct gre_state gre; gre_stats_t stats; static uint64_t time_now_usecs() { struct timeval tv; gettimeofday(&tv, NULL); return (tv.tv_sec * 1000000) + tv.tv_usec; } int pptp_gre_init(u_int32_t call_id_pair, int pty_fd, struct in_addr *inetaddrs) { struct sockaddr_in addr; int gre_fd; /* Open IP protocol socket */ gre_fd = vrf_socket(vrf, AF_INET, SOCK_RAW, PPTP_PROTO); if (gre_fd < 0) { syslog(LOG_ERR, "GRE: socket() failed"); return -1; } memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; addr.sin_addr = inetaddrs[0]; addr.sin_port = 0; if (bind(gre_fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) { syslog(LOG_ERR, "GRE: bind() failed: %s", strerror(errno)); syslog(LOG_ERR, "GRE: continuing, but may not work if multi-homed"); } addr.sin_family = AF_INET; addr.sin_addr = inetaddrs[1]; addr.sin_port = 0; if (connect(gre_fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) { syslog(LOG_ERR, "GRE: connect() failed: %s", strerror(errno)); close(gre_fd); return -1; } gre.seq_sent = 0; gre.ack_sent = gre.ack_recv = gre.seq_recv = 0xFFFFFFFF; /* seq_recv is -1, therefore next packet expected is seq 0, to comply with RFC 2637: 'The sequence number for each user session is set to zero at session startup.' */ gre.call_id_pair = call_id_pair; /* network byte order */ return gre_fd; } /* ONE blocking read per call; dispatches all packets possible */ /* returns 0 on success, or <0 on read failure */ int decaps_hdlc(int fd, int (*cb) (int cl, void *pack, unsigned len), int cl) { static unsigned char buffer[PACKET_MAX], copy[PACKET_MAX]; static unsigned start = 0, end = 0; static unsigned len = 0, escape = 0; static u_int16_t fcs = PPPINITFCS16; static unsigned char err = 0; unsigned char c; int status; /* we do one read only, since it may block. and only if the * buffer is empty (start == end) */ if (fd == -1) { if(cb == NULL) { /* peek mode */ return err ? -1 : 0; } else if (!err) { /* re-xmit and nothing queued */ syslog(LOG_ERR, "GRE: Re-xmit called with nothing queued"); return -1; } } if (!err) { /* All known data is processed. This true unless the last * network write failed. */ if ((status = read(fd, buffer, sizeof(buffer))) <= 0) { syslog(LOG_ERR, "GRE: read(fd=%d,buffer=%lx,len=%d) from PTY failed: status = %d error = %s%s", fd, (unsigned long) buffer, (int) sizeof(buffer), status, status ? strerror(errno) : "No error", errno != EIO ? "" : ", usually caused by unexpected termination of pppd, check option syntax and pppd logs"); /* FAQ: mistakes in pppd option spelling in * /etc/ppp/options.pptpd often cause EIO, * with pppd not reporting the problem to any * logs. Termination of pppd by signal can * *also* cause this situation. -- James Cameron */ return -1; } end = status; start = 0; } else { /* We're here because of a network write failure. Try again. * Then do what we would do normally and enter the loop as if * just continuing the while(1). Not sure that this ever * really happens, but since we error-check status then we * should have the code to handle an error :-) */ err = 0; if ((status = cb(cl, copy, len)) < 0) { syslog(LOG_ERR, "GRE: re-xmit failed from decaps_hdlc: %s", strerror(errno)); err = 1; return status; /* return error */ } /* Great! Let's do more! */ fcs = PPPINITFCS16; len = 0; escape = 0; } while (1) { /* Infinite loop, we return when we're out of data */ /* Check if out of data */ if (start == end) return 0; /* Add to the packet up till the next HDLC_FLAG (start/end of * packet marker). Copy to 'copy', un-escape and checksum as we go. */ while (buffer[start] != HDLC_FLAG) { /* Dispose of 'too long' packets */ if (len >= PACKET_MAX) { syslog(LOG_ERR, "GRE: Received too long packet from pppd."); while (buffer[start] != HDLC_FLAG && start < end) start++; if (start < end) { goto newpacket; } else return 0; } /* Read a character, un-escaping if needed */ if (buffer[start] == HDLC_ESCAPE && !escape) escape = 1; else { if (escape) { copy[len] = c = buffer[start] ^ 0x20; escape = 0; } else copy[len] = c = buffer[start]; fcs = (fcs >> 8) ^ fcstab[(fcs ^ c) & 0xff]; len++; } start++; /* Check if out of data */ if (start == end) return 0; } /* Found flag. Skip past it */ start++; /* Check for over-short packets and silently discard, as per RFC1662 */ if ((len < 4) || (escape == 1)) { /* len == 0 is possible, we generate it :-) [using HDLC_ESCAPE at * start and end of packet]. Others are worth recording. */ if (len && len < 4) syslog(LOG_ERR, "GRE: Received too short packet from pppd."); if (escape) syslog(LOG_ERR, "GRE: Received bad packet from pppd."); goto newpacket; } /* Check, then remove the 16-bit FCS checksum field */ if (fcs != PPPGOODFCS16) { syslog(LOG_ERR, "GRE: Bad checksum from pppd."); goto newpacket; } len -= sizeof(u_int16_t); /* So now we have a packet of length 'len' in 'copy' */ if ((status = cb(cl, copy, len)) < 0) { syslog(LOG_ERR, "GRE: xmit failed from decaps_hdlc: %s", strerror(errno)); err = 1; return status; /* return error */ } newpacket: /* Great! Let's do more! */ fcs = PPPINITFCS16; len = 0; escape = 0; } } #define seq_greater(A,B) ((A)>(B) || \ (((u_int32_t)(A)<0xff) && ((~((u_int32_t)(B)))<0xff))) /* Macro used in encaps_hdlc(). add "val" to "dest" at position "pos", * incrementing "pos" to point after the added value. set "tmp" to "val" * as a side-effect. */ #define ADD_CHAR(dest, pos, val, tmp) \ tmp = (val); \ if ((tmp<0x20) || (tmp==HDLC_FLAG) || (tmp==HDLC_ESCAPE)) { \ dest[pos++]=HDLC_ESCAPE; \ dest[pos++]=tmp^0x20; \ } else \ dest[pos++]=tmp /* Make stripped packet into HDLC packet */ int encaps_hdlc(int fd, void *pack, unsigned len) { unsigned char *source = (unsigned char *) pack; /* largest expansion possible - double all + double fcs + 2 flags */ static unsigned char dest[2 * PACKET_MAX + 6]; unsigned pos = 1, i; u_int16_t fcs; unsigned char c; fcs = PPPINITFCS16; /* make sure overflow is impossible so we don't have to bounds check * in loop. drop large packets. */ if (len > PACKET_MAX) { syslog(LOG_ERR, "GRE: Asked to encapsulate too large packet (len = %d)", len); return -1; } /* start character */ dest[0] = HDLC_FLAG; /* escape the payload */ for (i = 0; i < len; i++) { ADD_CHAR(dest, pos, source[i], c); fcs = (fcs >> 8) ^ fcstab[(fcs ^ c) & 0xff]; } fcs ^= 0xFFFF; ADD_CHAR(dest, pos, fcs & 0xFF, c); ADD_CHAR(dest, pos, fcs >> 8, c); /* tack on the end-flag */ dest[pos++] = HDLC_FLAG; /* now write this packet */ return write(fd, dest, pos); } #undef ADD_CHAR static int dequeue_gre (callback_t callback, int cl) { pqueue_t *head; int status; /* process packets in the queue that either are expected or have timed out. */ head = pqueue_head(); while ( head != NULL && ( (head->seq == gre.seq_recv + 1) || /* wrap-around safe */ (pqueue_expiry_time(head) <= 0) ) ) { /* if it is timed out... */ if (head->seq != gre.seq_recv + 1 ) { /* wrap-around safe */ stats.rx_lost += head->seq - gre.seq_recv - 1; if (pptpctrl_debug) syslog(LOG_DEBUG, "GRE: timeout waiting for %d packets", head->seq - gre.seq_recv - 1); } if (pptpctrl_debug) syslog(LOG_DEBUG, "GRE: accepting #%d from queue", head->seq); gre.seq_recv = head->seq; status = callback(cl, head->packet, head->packlen); pqueue_del(head); if (status < 0) return status; head = pqueue_head(); } return 0; } int decaps_gre(int fd, int (*cb) (int cl, void *pack, unsigned len), int cl) { static unsigned char buffer[PACKET_MAX + 64 /*ip header */ ]; struct pptp_gre_header *header; int status, ip_len = 0; dequeue_gre(cb, cl); if ((status = read(fd, buffer, sizeof(buffer))) <= 0) { syslog(LOG_ERR, "GRE: read(fd=%d,buffer=%lx,len=%d) from network failed: status = %d error = %s", fd, (unsigned long) buffer, (int) sizeof(buffer), status, status ? strerror(errno) : "No error"); stats.rx_errors++; return -1; } /* strip off IP header, if present */ if ((buffer[0] & 0xF0) == 0x40) ip_len = (buffer[0] & 0xF) * 4; header = (struct pptp_gre_header *) (buffer + ip_len); /* verify packet (else discard) */ if (((ntoh8(header->ver) & 0x7F) != PPTP_GRE_VER) || /* version should be 1 */ (ntoh16(header->protocol) != PPTP_GRE_PROTO) || /* GRE protocol for PPTP */ PPTP_GRE_IS_C(ntoh8(header->flags)) || /* flag C should be clear */ PPTP_GRE_IS_R(ntoh8(header->flags)) || /* flag R should be clear */ (!PPTP_GRE_IS_K(ntoh8(header->flags))) || /* flag K should be set */ ((ntoh8(header->flags) & 0xF) != 0)) { /* routing and recursion ctrl = 0 */ /* if invalid, discard this packet */ syslog(LOG_ERR, "GRE: Discarding packet by header check"); stats.rx_invalid++; return 0; } if (header->call_id != GET_VALUE(PAC, gre.call_id_pair)) { /* * Discard silently to allow more than one GRE tunnel from * the same IP address in case clients are behind the * firewall. * * syslog(LOG_ERR, "GRE: Discarding for incorrect call"); */ return 0; } if (PPTP_GRE_IS_A(ntoh8(header->ver))) { /* acknowledgement present */ u_int32_t ack = (PPTP_GRE_IS_S(ntoh8(header->flags))) ? ntoh32(header->ack) : ntoh32(header->seq); /* ack in different place if S=0 */ if (seq_greater(ack, gre.ack_recv)) gre.ack_recv = ack; /* also handle sequence number wrap-around */ if (WRAPPED(ack,gre.ack_recv)) gre.ack_recv = ack; if (gre.ack_recv == stats.pt.seq) { int rtt = time_now_usecs() - stats.pt.time; stats.rtt = (stats.rtt + rtt) / 2; } } if (PPTP_GRE_IS_S(ntoh8(header->flags))) { /* payload present */ unsigned headersize = sizeof(*header); unsigned payload_len = ntoh16(header->payload_len); u_int32_t seq = ntoh32(header->seq); if (!PPTP_GRE_IS_A(ntoh8(header->ver))) headersize -= sizeof(header->ack); /* check for incomplete packet (length smaller than expected) */ if (status - headersize < payload_len) { stats.rx_truncated++; return 0; } /* check for out-of-order sequence number * N.B.: some client implementations violate RFC 2637 * and start their sequence numbers at 1 instead of 0, * so we have to introduce a kludge to deal with it. * on wrap we may allow an out of order packet to pass */ if (seq == gre.seq_recv + 1 || seq == 1) { if (pptpctrl_debug) syslog(LOG_DEBUG, "GRE: accepting packet #%d", seq); stats.rx_accepted++; gre.seq_recv = seq; return cb(cl, buffer + ip_len + headersize, payload_len); } else if (!seq_greater(seq, gre.seq_recv)) { if (pptpctrl_debug) syslog(LOG_DEBUG, "GRE: discarding duplicate or old packet #%d (expecting #%d)", seq, gre.seq_recv + 1); return 0; /* discard duplicate packets */ } else { stats.rx_buffered++; if (pptpctrl_debug) syslog(LOG_DEBUG, "GRE: buffering packet #%d (expecting #%d, lost or reordered)", seq, gre.seq_recv + 1); pqueue_add(seq, buffer + ip_len + headersize, payload_len); return 0; /* discard out-of-order packets */ } } return 0; /* ack, but no payload */ } int encaps_gre(int fd, void *pack, unsigned len) { static union { struct pptp_gre_header header; unsigned char buffer[PACKET_MAX + sizeof(struct pptp_gre_header)]; } u; unsigned header_len; ssize_t status; #ifdef HAVE_WRITEV struct iovec iovec[2]; #endif if(fd == -1) /* peek mode */ return (gre.ack_sent == gre.seq_recv) ? 0 : -1; /* package this up in a GRE shell. */ u.header.flags = hton8(PPTP_GRE_FLAG_K); u.header.ver = hton8(PPTP_GRE_VER); u.header.protocol = hton16(PPTP_GRE_PROTO); u.header.payload_len = hton16(len); u.header.call_id = GET_VALUE(PNS, gre.call_id_pair); /* special case ACK with no payload */ if (pack == NULL) { if (gre.ack_sent != gre.seq_recv) { u.header.ver |= hton8(PPTP_GRE_FLAG_A); u.header.payload_len = hton16(0); u.header.seq = hton32(gre.seq_recv); /* ack is in odd place because S=0 */ gre.ack_sent = gre.seq_recv; /* don't sent ACK field, ACK is in SYN field */ return write(fd, u.buffer, sizeof(u.header) - sizeof(u.header.ack)); } else return 0; /* we don't need to send ACK */ } /* send packet with payload */ u.header.flags |= hton8(PPTP_GRE_FLAG_S); u.header.seq = hton32(gre.seq_sent); gre.seq_sent++; if (gre.ack_sent != gre.seq_recv) { /* send ack with this message */ u.header.ver |= hton8(PPTP_GRE_FLAG_A); u.header.ack = hton32(gre.seq_recv); gre.ack_sent = gre.seq_recv; header_len = sizeof(u.header); } else { /* don't send ack */ header_len = sizeof(u.header) - sizeof(u.header.ack); } if (len > PACKET_MAX) { syslog(LOG_ERR, "GRE: packet is too large %d", len); stats.tx_oversize++; return 0; /* drop this, it's too big */ } #ifdef HAVE_WRITEV /* write header and buffer without copying. */ iovec[0].iov_base = u.buffer; iovec[0].iov_len = header_len; iovec[1].iov_base = pack; iovec[1].iov_len = len; status = writev(fd, iovec, 2); #else /* copy payload into buffer */ memcpy(u.buffer + header_len, pack, len); /* record and increment sequence numbers */ /* write this baby out to the net */ status = write(fd, u.buffer, header_len + len); #endif /* if ENOBUFS, do not close the connection */ if ((status < 0) && (errno == ENOBUFS)) { gre.seq_sent--; status = 0; } return status; } pptpd-1.4.0/README0000644000175000017500000000142012110522672010437 00000000000000PoPToP README ------------- You *must* do a 'make install' or PoPToP will *NOT* find the binaries! See INSTALL for generic compile/install instructions, and run "./configure --help" for a list of valid options, or just type: ./configure make make install (make install copies the binaries to /usr/local/sbin, so you better be root) To run PoPToP simply type: 'pptpd' (or /usr/local/sbin/pptpd if you don't have /usr/local/sbin in your path). You may specify a number of options on the command line to change how PoPToP launches PPPD. Type: 'pptpd -h' for options you may specify on the command line. A sample config file is in samples/ For more help look in html/ or visit the PoPToP Web site at: http://www.moretonbay.com/vpn/pptp.html Good Luck! -PoPToP Development Team pptpd-1.4.0/configfile.h0000664000175000017500000000034112231652777012056 00000000000000/* * configfile.h * * Function to read pptpd config file. */ #ifndef _PPTPD_CONFIGFILE_H #define _PPTPD_CONFIGFILE_H int read_config_file(char *filename, char *keyword, char *value); #endif /* !_PPTPD_CONFIGFILE_H */ pptpd-1.4.0/pptpd.80000644000175000017500000001245112110522672011005 00000000000000.TH PPTPD 8 "29 December 2005" .SH NAME pptpd - PPTP VPN daemon .SH SYNOPSIS .PP .B pptpd [ .IR options ] .SH DESCRIPTION .B pptpd is the Poptop PPTP daemon, which manages tunnelled PPP connections encapsulated in GRE using the PPTP VPN protocol. It may contain features like IP address management and TCP wrappers if compiled in. .SH OPTIONS Here we document the command line options. See .BR pptpd.conf (5) for configuration directives, IP address allocation, routing, and firewall rules. .TP \fB-b\fR|\fB--bcrelay \fIinternal-interface specifies that broadcasts received on the server's internal network interface should be relayed to the clients. .TP \fB-c\fR|\fB--conf \fIconf-file specifies the configuration file for .B pptpd (default .IR /etc/pptpd.conf ) .TP .BR -d | --debug turns on debugging mode, causing more debugging messages to be sent to syslog. .TP \fB-e\fR|\fB--ppp \fIpppd-program use .I pppd-program in place of the default .BR pppd (8). .TP .BR -f | --fg run in the foreground instead of detaching from terminal .TP .BR -h | --help display program usage. .TP .BR -i | --noipparam do not send the client's IP address to ip-up scripts (required if you are using the .BR pppd (8) .I ipparam option for some other purpose). .TP \fB-l\fR|\fB--listen \fIx.x.x.x specifies the local interface IP address to listen on. .TP \fB-o\fR|\fB--option \fIppp-conf-file specifies that pptpd should specify an alternate configuration file for the ppp daemon (the default is normally .I /etc/ppp/options but may vary depending on your ppp daemon). .TP \fB-p\fR|\fB--pidfile \fIpid-file specifies an alternate location to store the process ID file (default .IR /var/run/pptpd.pid ). .TP \fB-s\fR|\fB--speed \fIbaud specifies that the speed .I baud should be passed to the ppp daemon as the tty speed to use (in some cases this is ignored by the ppp daemon). .TP \fB-t\fR|\fB--stimeout \fIseconds specifies the number of seconds to wait for the first packet before dropping the connection. This is a denial of service protection feature. .TP .BR -w | --logwtmp update .BR wtmp (5) as users connect and disconnect. See .BR wtmp (1). .TP \fB-C\fR|\fB--connections \fIn limits the number of client connections that may be accepted. Corresponds to the .BR connections option in .IR pptpd.conf . If pptpd is allocating IP addresses (e.g. .BR --delegate is not used) then the number of connections is also limited by the .BR remoteip option in .IR pptpd.conf . .TP .BR -D | --delegate delegates the allocation of client IP addresses to .BR pppd (8). Without this option, which is the default, pptpd manages the list of IP addresses for clients and passes the next free address to pppd. With this option, pptpd does not pass an address, and so pppd may use radius or chap-secrets to allocate an address. .TP \fB-V\fR|\fB--vrf \fIvrf-name specifies the VRF to be used for listening in. .TP .BR -v | --version displays the current version of the pptp daemon. .SH FILES /etc/pptpd.conf .br /var/run/pptpd.pid .SH DEBUGGING To turn on debugging, add 'debug' to /etc/pptpd.conf and your PPP options file, and restart pptpd. .br .LP Typically the PPP options file is options.pptpd in /etc/ppp, though on some distributions it may be pptpd-options. Use your package manager to find it, e.g. 'rpm -ql pptpd | grep options' or 'dpkg --listfiles pptpd | grep options'. .br .LP You may need to configure syslogd to catch debug messages. e.g. edit /etc/syslog.conf and add something similar to the example below, then restart syslogd. .br .LP # debug logging .br *.debug;mail.none /var/log/debug .br .LP This will log all debug information, except mail, to the file /var/log/debug. Note that this is a lot of information and might flood your disks. If performance is an issue, you can try turning off sync during your debugging, by prefixing the destination with '-'. .br .LP # debug logging .br *.debug;mail.none -/var/log/debug .br .LP Disable this line and restart syslog after you are done debugging. See the syslog man pages for more details. .br .LP .SH AUTHORS Poptop is written by Matthew Ramsay , David Luyer , Kevin Thayer , Peter Galbavy and others. Development has been moved to SourceForge and worked on by Richard de Vroede since June 26, 2002. .SH COPYRIGHT Copyright \(co 1999 Matthew Ramsay and others. .LP Poptop is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. .LP Poptop is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. .LP You should have received a copy of the GNU General Public License along with Poptop; see the file COPYING. If not, write to the Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. .SH AVAILABILITY The most recent version of Poptop is available for download from SourceForge at .IR http://sourceforge.net/projects/poptop . .SH "SEE ALSO" .BR pppd (8), .BR pptpd (8), .BR pptpd.conf (5). pptpd-1.4.0/pptpdefs.h0000664000175000017500000003111012231653117011561 00000000000000/* * pptpdefs.h * * PPTP structs and defines */ #ifndef _PPTPD_PPTPDEFS_H #define _PPTPD_PPTPDEFS_H /* define "portable" htons, etc, copied to make Ananian's gre stuff work. */ #define hton8(x) (x) #define ntoh8(x) (x) #define hton16(x) htons(x) #define ntoh16(x) ntohs(x) #define hton32(x) htonl(x) #define ntoh32(x) ntohl(x) #include /* PPTP ctrl message port */ #define PPTP_PORT 1723 /* PPTP gre prototype */ #define PPTP_PROTO 47 /* PPTP version */ #define PPTP_VERSION 0x0100 #define PPTP_FIRMWARE_VERSION 0x0001 /* Hostname and Vendor */ #define PPTP_HOSTNAME "local" #define PPTP_VENDOR "linux" #define MAX_HOSTNAME_SIZE 64 #define MAX_VENDOR_SIZE 64 /* Magic Cookie */ #define PPTP_MAGIC_COOKIE 0x1a2b3c4d /* Message types */ #define PPTP_CTRL_MESSAGE 1 /* Maximum size of any PPTP control packet we will get */ #define PPTP_MAX_CTRL_PCKT_SIZE 220 /* Control Connection Management */ #define START_CTRL_CONN_RQST 1 #define START_CTRL_CONN_RPLY 2 #define STOP_CTRL_CONN_RQST 3 #define STOP_CTRL_CONN_RPLY 4 #define ECHO_RQST 5 #define ECHO_RPLY 6 /* Call Management */ #define OUT_CALL_RQST 7 #define OUT_CALL_RPLY 8 #define IN_CALL_RQST 9 #define IN_CALL_RPLY 10 #define IN_CALL_CONN 11 #define CALL_CLR_RQST 12 #define CALL_DISCONN_NTFY 13 /* Error Reporting */ #define WAN_ERR_NTFY 14 /* PPP Session Control */ #define SET_LINK_INFO 15 /* how long before a link is idle? (seconds) */ #define IDLE_WAIT 60 /* how long should we wait for an echo reply? (seconds) */ #define MAX_ECHO_WAIT 60 #define RESERVED 0x0000 /* Start Control Connection Reply */ #define ASYNCHRONOUS_FRAMING 0x00000001 #define SYNCHRONOUS_FRAMING 0x00000002 #define ANALOG_ACCESS 0x00000001 #define DIGITAL_ACCESS 0x00000002 /* Our properties - we don't actually have any physical serial i/f's and only want * one call per client! */ #define OUR_FRAMING 0x00000000 #define OUR_BEARER 0x00000000 #define MAX_CHANNELS 0x0001 /* Out Call Reply Defines */ #define PCKT_RECV_WINDOW_SIZE 0x0001 #define PCKT_PROCESS_DELAY 0x0000 #define CHANNEL_ID 0x00000000 /* ERROR CODES */ #define NO_ERROR 0x00 /* CALL_CLEAR RESULT CODES */ #define LOST_CARRIER 0x01 #define ADMIN_SHUTDOWN 0x03 #define CALL_CLEAR_REQUEST 0x04 /* RESULT CODES */ #define CONNECTED 0x01 #define DISCONNECTED 0x01 #define GENERAL_ERROR 0x02 /* also for ERROR CODES, CALL CLEAR */ #define NO_CARRIER 0x03 #define BUSY 0x04 #define NO_DIAL_TONE 0x05 #define TIME_OUT 0x06 #define DO_NOT_ACCEPT 0x07 /* CTRL CLOSE CODES */ #define GENERAL_STOP_CTRL 0x01 #define STOP_PROTOCOL 0x02 #define STOP_LOCAL_SHUTDOWN 0x03 /* PPTP CTRL structs */ struct pptp_header { u_int16_t length; /* pptp message length incl header */ u_int16_t pptp_type; /* pptp message type */ u_int32_t magic; /* magic cookie */ u_int16_t ctrl_type; /* control message type */ u_int16_t reserved0; /* reserved */ }; struct pptp_start_ctrl_conn_rqst { struct pptp_header header; /* pptp header */ u_int16_t version; /* pptp protocol version */ u_int16_t reserved1; /* reserved */ u_int32_t framing_cap; /* framing capabilities */ u_int32_t bearer_cap; /* bearer capabilities */ u_int16_t max_channels; /* maximum channels */ u_int16_t firmware_rev; /* firmware revision */ u_int8_t hostname[MAX_HOSTNAME_SIZE]; /* hostname */ u_int8_t vendor[MAX_VENDOR_SIZE]; /* vendor */ }; struct pptp_start_ctrl_conn_rply { struct pptp_header header; /* pptp header */ u_int16_t version; /* pptp protocol version */ u_int8_t result_code; /* result code */ u_int8_t error_code; /* error code */ u_int32_t framing_cap; /* framing capabilities */ u_int32_t bearer_cap; /* bearer capabilities */ u_int16_t max_channels; /* maximum channels */ u_int16_t firmware_rev; /* firmware revision */ u_int8_t hostname[MAX_HOSTNAME_SIZE]; /* hostname */ u_int8_t vendor[MAX_VENDOR_SIZE]; /* vendor */ }; struct pptp_stop_ctrl_conn_rqst { struct pptp_header header; /* header */ u_int8_t reason; /* reason for closing */ u_int8_t reserved1; /* reserved */ u_int16_t reserved2; /* reserved */ }; struct pptp_stop_ctrl_conn_rply { struct pptp_header header; /* header */ u_int8_t result_code; /* result code */ u_int8_t error_code; /* error code */ u_int16_t reserved1; /* reserved */ }; struct pptp_echo_rqst { struct pptp_header header; /* header */ u_int32_t identifier; /* value to match rply with rqst */ }; struct pptp_echo_rply { struct pptp_header header; /* header */ u_int32_t identifier; /* identifier of echo rqst */ u_int8_t result_code; /* result code */ u_int8_t error_code; /* error code */ u_int16_t reserved1; /* reserved */ }; struct pptp_out_call_rqst { struct pptp_header header; /* header */ u_int16_t call_id; /* unique identifier to PAC-PNS pair */ u_int16_t call_serial; /* session identifier */ u_int32_t min_bps; /* minimum line speed */ u_int32_t max_bps; /* maximum line speed */ u_int32_t bearer_type; /* bearer type */ u_int32_t framing_type; /* framing type */ u_int16_t pckt_recv_size; /* packet recv window size */ u_int16_t pckt_delay; /* packet processing delay */ u_int16_t phone_len; /* phone number length */ u_int16_t reserved1; /* reserved */ u_int8_t phone_num[64]; /* phone number */ u_int8_t subaddress[64]; /* additional dialing info */ }; struct pptp_out_call_rply { struct pptp_header header; /* header */ u_int16_t call_id; /* unique identifier to PAC-PNS pair */ u_int16_t call_id_peer; /* set to call_id of the call rqst */ u_int8_t result_code; /* result code */ u_int8_t error_code; /* error code */ u_int16_t cause_code; /* additional failure information */ u_int32_t speed; /* actual connection speed */ u_int16_t pckt_recv_size; /* packet recv window size */ u_int16_t pckt_delay; /* packet processing delay */ u_int32_t channel_id; /* physical channel ID */ }; struct pptp_in_call_rqst { struct pptp_header header; /* header */ u_int16_t call_id; /* unique identifier for tunnel */ u_int16_t call_serial; /* session identifier */ u_int32_t bearer_type; /* bearer capability */ u_int32_t channel_id; /* channel ID */ u_int16_t dialed_len; /* dialed length */ u_int16_t dialing_len; /* dialing length */ u_int8_t dialed_num[64]; /* number that was dialed by the caller */ u_int8_t dialing_num[64]; /* the number from which the call was placed */ u_int8_t subaddress[64]; /* additional dialing information */ }; struct pptp_in_call_rply { struct pptp_header header; /* header */ u_int16_t call_id; /* unique identifier for the tunnel */ u_int16_t peers_call_id; /* set to rcvd call ID */ u_int8_t result_code; /* result code */ u_int8_t error_code; /* error code */ u_int16_t pckt_recv_size; /* packet recv window size */ u_int16_t pckt_delay; /* packet transmit delay */ u_int16_t reserved1; /* reserved */ }; struct pptp_in_call_connect { struct pptp_header header; /* header */ u_int16_t peers_call_id; /* set to rcvd call ID */ u_int16_t reserved1; /* reserved */ u_int32_t speed; /* connect speed */ u_int16_t pckt_recv_size; /* packet rcvd window size */ u_int16_t pckt_delay; /* packet transmit delay */ u_int32_t framing_type; /* framing type */ }; struct pptp_call_clr_rqst { struct pptp_header header; /* header */ u_int16_t call_id; /* call ID assigned by the PNS */ u_int16_t reserved1; /* reserved */ }; struct pptp_call_disconn_ntfy { struct pptp_header header; /* header */ u_int16_t call_id; /* call ID assigned by the PAC */ u_int8_t result_code; /* result code */ u_int8_t error_code; /* error code */ u_int16_t cause_code; /* additional disconnect info */ u_int16_t reserved1; /* reserved */ u_int8_t call_stats[128]; /* vendor specific call stats */ }; struct pptp_wan_err_ntfy { struct pptp_header header; /* header */ u_int16_t peers_call_id; /* call ID assigned by PNS */ u_int16_t reserved1; /* reserved */ u_int32_t crc_errors; /* # of PPP frames rcvd with CRC errors */ u_int32_t framing_errors; /* # of improperly framed PPP pckts */ u_int32_t hardware_overruns; /* # of receive buffer overruns */ u_int32_t buff_overruns; /* # of buffer overruns */ u_int32_t timeout_errors; /* # of timeouts */ u_int32_t align_errors; /* # of alignment errors */ }; struct pptp_set_link_info { struct pptp_header header; u_int16_t peers_call_id; /* call ID assigned by PAC */ u_int16_t reserved1; /* reserved */ u_int32_t send_accm; /* send ACCM value the client should use */ u_int32_t recv_accm; /* recv ACCM value the client should use */ }; /* GRE and PPP structs */ /* Copied from C. S. Ananian */ #define HDLC_FLAG 0x7E #define HDLC_ESCAPE 0x7D #define PPTP_GRE_PROTO 0x880B #define PPTP_GRE_VER 0x1 #define PPTP_GRE_FLAG_C 0x80 #define PPTP_GRE_FLAG_R 0x40 #define PPTP_GRE_FLAG_K 0x20 #define PPTP_GRE_FLAG_S 0x10 #define PPTP_GRE_FLAG_A 0x80 #define PPTP_GRE_IS_C(f) ((f)&PPTP_GRE_FLAG_C) #define PPTP_GRE_IS_R(f) ((f)&PPTP_GRE_FLAG_R) #define PPTP_GRE_IS_K(f) ((f)&PPTP_GRE_FLAG_K) #define PPTP_GRE_IS_S(f) ((f)&PPTP_GRE_FLAG_S) #define PPTP_GRE_IS_A(f) ((f)&PPTP_GRE_FLAG_A) struct pptp_gre_header { u_int8_t flags; /* bitfield */ u_int8_t ver; /* should be PPTP_GRE_VER (enhanced GRE) */ u_int16_t protocol; /* should be PPTP_GRE_PROTO (ppp-encaps) */ u_int16_t payload_len; /* size of ppp payload, not inc. gre header */ u_int16_t call_id; /* peer's call_id for this session */ u_int32_t seq; /* sequence number. Present if S==1 */ u_int32_t ack; /* seq number of highest packet recieved by */ /* sender in this session */ } __attribute__((packed)); /* For our call ID pairs */ #define PNS_VALUE 0 #define PAC_VALUE 1 #define GET_VALUE(which, where) ((which ## _VALUE) ? ((where) & 0xffff) : ((where) >> 16)) #define NOTE_VALUE(which, where, what) ((which ## _VALUE) \ ? ((where) = ((where) & 0xffff0000) | (what)) \ : ((where) = ((where) & 0xffff) | ((what) << 16))) #endif /* !_PPTPD_PPTPDEFS_H */ pptpd-1.4.0/configfile.c0000664000175000017500000001077712231652772012062 00000000000000/* * configfile.c * * Methods for accessing the PPTPD config file and searching for * PPTPD keywords. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #include #include #include #include "defaults.h" #include "configfile.h" #include "our_syslog.h" /* Local function prototypes */ static FILE *open_config_file(char *filename); static void close_config_file(FILE * file); /* * read_config_file * * This method opens up the file specified by 'filename' and searches * through the file for 'keyword'. If 'keyword' is found any string * following it is stored in 'value'. * * args: filename (IN) - config filename * keyword (IN) - word to search for in config file * value (OUT) - value of keyword * * retn: -1 on error, 0 if keyword not found, 1 on value success */ int read_config_file(char *filename, char *keyword, char *value) { FILE *in; int len = 0, keyword_len = 0; int foundit = 0; char *buff_ptr; char buffer[MAX_CONFIG_STRING_SIZE]; *value = '\0'; buff_ptr = buffer; keyword_len = strlen(keyword); in = open_config_file(filename); if (in == NULL) { /* Couldn't find config file, or permission denied */ return -1; } while ((fgets(buffer, MAX_CONFIG_STRING_SIZE - 1, in)) != NULL) { /* ignore long lines */ if (buffer[(len = strlen(buffer)) - 1] != '\n') { if (len >= MAX_CONFIG_STRING_SIZE - 2) { syslog(LOG_ERR, "Long config file line ignored."); char *p; do p = fgets(buffer, MAX_CONFIG_STRING_SIZE - 1, in); while (p && buffer[strlen(buffer) - 1] != '\n'); continue; } } else { len--; /* For the NL at the end */ } while (--len >= 0) if (buffer[len] != ' ' && buffer[len] != '\t') break; len++; buffer[len] = '\0'; buff_ptr = buffer; /* Short-circuit blank lines and comments */ if (!len || *buff_ptr == '#') continue; /* Non-blank lines starting with a space are an error */ if (*buff_ptr == ' ' || *buff_ptr == '\t') { syslog(LOG_ERR, "Config file line starts with a space: %s", buff_ptr); continue; } /* At this point we have a line trimmed for trailing spaces. */ /* Now we need to check if the keyword matches, and if so */ /* then get the value (if any). */ /* Check if it's the right keyword */ do { if (*buff_ptr == ' ' || *buff_ptr == '\t') break; } while (*++buff_ptr); len = buff_ptr - buffer; if (len == keyword_len && !strncmp(buffer, keyword, len)) { foundit++; break; } } close_config_file(in); if (foundit) { /* Right keyword, now get the value (if any) */ do { if (*buff_ptr != ' ' && *buff_ptr != '\t') break; } while (*++buff_ptr); strcpy(value, buff_ptr); return 1; } else { /* didn't find it - better luck next time */ return 0; } } /* * open_config_file * * Opens up the PPTPD config file for reading. * * args: filename - the config filename (eg. '/etc/pptpd.conf') * * retn: NULL on error, file descriptor on success * */ static FILE *open_config_file(char *filename) { FILE *in; static int first = 1; if ((in = fopen(filename, "r")) == NULL) { /* Couldn't open config file */ if (first) { perror(filename); first = 0; } return NULL; } return in; } /* * close_config_file * * Closes the PPTPD config file descriptor * */ static void close_config_file(FILE * in) { fclose(in); } pptpd-1.4.0/pptpctrl.h0000664000175000017500000000043212231653104011603 00000000000000/* * pptpctrl.h * * PPTP control function prototypes. */ #ifndef _PPTPD_PPTPCTRL_H #define _PPTPD_PPTPCTRL_H extern int pptpctrl_debug; #ifdef VRF extern char *vrf; #else #define vrf_socket(vrf, dom, typ, prot) socket(dom, typ, prot) #endif #endif /* !_PPTPD_PPTPCTRL_H */ pptpd-1.4.0/compat.c0000664000175000017500000001120012231652757011221 00000000000000/* * compat.c * * Compatibility functions for different OSes */ #if HAVE_CONFIG_H #include "config.h" #endif #include "compat.h" #include "our_syslog.h" #ifndef HAVE_STRLCPY #include #include void strlcpy(char *dst, const char *src, size_t size) { strncpy(dst, src, size - 1); dst[size - 1] = '\0'; } #endif #ifndef HAVE_MEMMOVE void *memmove(void *dst, const void *src, size_t size) { bcopy(src, dst, size); return dst; } #endif #ifndef HAVE_OPENPTY /* * Finds a free PTY/TTY pair. * * This is derived from C.S. Ananian's pty.c that was with his pptp client. * ************************************************************************* * pty.c - find a free pty/tty pair. * inspired by the xterm source. * NOTE: This is very likely to be highly non-portable. * C. Scott Ananian * * Heavily modified to chage from getpseudopty() to openpty(). */ #include #include #include #if HAVE_SYSLOG_H #include #else #include "our_syslog.h" #endif int openpty(int *master, int *slave, char *name, void *unused1, void *unused2) { int devindex = 0, letter = 0; int fd1, fd2; char ttydev[PTYMAX], ptydev[TTYMAX]; syslog(LOG_DEBUG, "CTRL: Allocating pty/tty pair"); strcpy(ttydev, TTYDEV); strcpy(ptydev, PTYDEV); while (PTYCHAR1[letter]) { ttydev[TTYMAX - 3] = ptydev[PTYMAX - 3] = PTYCHAR1[letter]; while (PTYCHAR2[devindex]) { ttydev[TTYMAX - 2] = ptydev[PTYMAX - 2] = PTYCHAR2[devindex]; if ((fd1 = open(ptydev, O_RDWR)) >= 0) { if ((fd2 = open(ttydev, O_RDWR)) >= 0) { goto out; } else { close(fd1); } } devindex++; } devindex = 0; letter++; } syslog(LOG_ERR, "CTRL: Failed to allocate pty"); return -1; /* Unable to allocate pty */ out: syslog(LOG_INFO, "CTRL: Allocated pty/tty pair (%s,%s)", ptydev, ttydev); if (master) *master = fd1; if (slave) *slave = fd2; if (name) strcpy(name, ttydev); /* no way to bounds check */ return 0; } #endif #ifndef HAVE_STRERROR char *strerror(int errnum) { static char buf[16]; sprintf(buf, "Error %d", errnum); return buf; } #endif #ifndef HAVE_SETPROCTITLE #include "inststr.h" #endif #define __USE_BSD 1 #include #include void my_setproctitle(int argc, char **argv, const char *format, ...) { char proctitle[64]; va_list parms; va_start(parms, format); vsnprintf(proctitle, sizeof(proctitle), format, parms); #ifndef HAVE_SETPROCTITLE inststr(argc, argv, proctitle); #else setproctitle(proctitle); #endif va_end(parms); } /* signal to pipe delivery implementation */ #include #include #include /* pipe private to process */ static int sigpipe[2]; /* create a signal pipe, returns 0 for success, -1 with errno for failure */ int sigpipe_create() { int rc; rc = pipe(sigpipe); if (rc < 0) return rc; fcntl(sigpipe[0], F_SETFD, FD_CLOEXEC); fcntl(sigpipe[1], F_SETFD, FD_CLOEXEC); #ifdef O_NONBLOCK #define FLAG_TO_SET O_NONBLOCK #else #ifdef SYSV #define FLAG_TO_SET O_NDELAY #else /* BSD */ #define FLAG_TO_SET FNDELAY #endif #endif rc = fcntl(sigpipe[1], F_GETFL); if (rc != -1) rc = fcntl(sigpipe[1], F_SETFL, rc | FLAG_TO_SET); if (rc < 0) return rc; return 0; #undef FLAG_TO_SET } /* generic handler for signals, writes signal number to pipe */ void sigpipe_handler(int signum) { if (write(sigpipe[1], &signum, sizeof(signum)) == -1) { syslog_perror("sigpipe write"); } signal(signum, sigpipe_handler); } /* assign a signal number to the pipe */ void sigpipe_assign(int signum) { struct sigaction sa; memset(&sa, 0, sizeof(sa)); sa.sa_handler = sigpipe_handler; sigaction(signum, &sa, NULL); } /* return the signal pipe read file descriptor for select(2) */ int sigpipe_fd() { return sigpipe[0]; } /* read and return the pending signal from the pipe */ int sigpipe_read() { int signum; if (read(sigpipe[0], &signum, sizeof(signum)) == -1) { syslog_perror("sigpipe read"); return 0; } return signum; } void sigpipe_close() { close(sigpipe[0]); close(sigpipe[1]); } pptpd-1.4.0/pqueue.h0000644000175000017500000000141712110522672011242 00000000000000#ifndef PQUEUE_H #define PQUEUE_H #include #include /* wait this many seconds for missing packets before forgetting about them */ #define DEFAULT_PACKET_TIMEOUT 0.3 extern int packet_timeout_usecs; /* assume packet is bad/spoofed if it's more than this many seqs ahead */ #define MISSING_WINDOW 300 /* Packet queue structure: linked list of packets received out-of-order */ typedef struct pqueue { struct pqueue *next; struct pqueue *prev; int seq; struct timeval expires; unsigned char *packet; int packlen; int capacity; } pqueue_t; int pqueue_add (int seq, unsigned char *packet, int packlen); int pqueue_del (pqueue_t *point); pqueue_t *pqueue_head (); int pqueue_expiry_time (pqueue_t *entry); #endif /* PQUEUE_H */ pptpd-1.4.0/pptpmanager.h0000664000175000017500000000073312231653143012260 00000000000000/* * pptpmanager.h * * Manager function prototype. */ #ifndef _PPTPD_PPTPSERVER_H #define _PPTPD_PPTPSERVER_H void slot_init(int count); void slot_free(); void slot_set_local(int i, char *ip); void slot_set_remote(int i, char *ip); void slot_set_pid(int i, pid_t pid); int slot_find_by_pid(pid_t pid); int slot_find_empty(); char *slot_get_local(int i); char *slot_get_remote(int i); extern int pptp_manager(int argc, char **argv); #endif /* !_PPTPD_PPTPSERVER_H */ pptpd-1.4.0/ctrlpacket.c0000664000175000017500000006433712231653006012101 00000000000000/* * ctrlpacket.c * * PPTP Control Message packet reading, formatting and writing. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #if HAVE_SYSLOG_H #include #else #include "our_syslog.h" #endif #include #include #include #include #include #include #include #include #include #include #include "pptpdefs.h" #include "pptpctrl.h" #include "ctrlpacket.h" #ifndef HAVE_STRERROR #include "compat.h" #endif /* Local function prototypes */ static ssize_t read_pptp_header(int clientFd, unsigned char *packet, int *ctrl_message_type); static void deal_start_ctrl_conn(void *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size); static void deal_stop_ctrl_conn(void *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size); static void deal_out_call(unsigned char *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size); static void deal_echo(unsigned char *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size); static void deal_call_clr(unsigned char *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size); static void deal_set_link_info(unsigned char *packet); static u_int16_t getcall(); static u_int16_t freecall(); #if notyet static int make_out_call_rqst(unsigned char *rply_packet, ssize_t * rply_size); #endif /* * read_pptp_packet * * Sees if a packet can be read and if so what type of packet it is. The * method then calls the appropriate function to examine the details of the * packet and form a suitable reply packet. * * args: clientFd (IN) - Client socket to read from. * packet (OUT) - Packet read from the client. * rply_packet (OUT) - Reply packet for the client. * rply_size (OUT) - Size of the reply packet. * * retn: PPTP control message type of the packet on success. * -1 on retryable error. * 0 on error to abort on. */ int read_pptp_packet(int clientFd, void *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size) { ssize_t bytes_read; int pptp_ctrl_type = 0; /* Control Message Type */ /* read a packet and parse header */ if ((bytes_read = read_pptp_header(clientFd, packet, &pptp_ctrl_type)) <= 0) { /* error reading packet */ syslog(LOG_ERR, "CTRL: couldn't read packet header (%s)", bytes_read ? "retry" : "exit"); return bytes_read; } /* launch appropriate method to form suitable reply to the packet */ switch (pptp_ctrl_type) { case START_CTRL_CONN_RQST: /* Start Control Connection Request */ deal_start_ctrl_conn(packet, rply_packet, rply_size); break; case STOP_CTRL_CONN_RQST: deal_stop_ctrl_conn(packet, rply_packet, rply_size); break; case OUT_CALL_RQST: /* Outgoing Call Request */ deal_out_call(packet, rply_packet, rply_size); break; case ECHO_RQST: /* Echo Request */ deal_echo(packet, rply_packet, rply_size); break; case CALL_CLR_RQST: /* Call Clear Request (Disconnect Request) */ deal_call_clr(packet, rply_packet, rply_size); break; case SET_LINK_INFO: /* Set Link Info */ /* no reply packet but process it */ deal_set_link_info(packet); break; case ECHO_RPLY: /* Echo Reply */ case STOP_CTRL_CONN_RPLY: /* Stop Control Connection Reply */ case CALL_DISCONN_NTFY: /* Call Disconnect Notify */ /* no reply packet */ break; default: syslog(LOG_ERR, "CTRL: PPTP Control Message type %d not supported.", pptp_ctrl_type); pptp_ctrl_type = -1; } return pptp_ctrl_type; } /* * send_pptp_packet * * Sends a PPTP packet to a file descriptor. * * args: clientFd (IN) - file descriptor to write the packet to. * packet (IN) - the packet data to write. * packet_size (IN) - the packet size. * * retn: Number of bytes written on success. * -1 on write failure. */ ssize_t send_pptp_packet(int clientFd, void *packet, size_t packet_size) { ssize_t bytes_written; if ((bytes_written = write(clientFd, packet, packet_size)) == -1) { /* write failed */ syslog(LOG_ERR, "CTRL: Couldn't write packet to client."); return -1; } else { /* debugging */ if (pptpctrl_debug) { syslog(LOG_DEBUG, "CTRL: I wrote %lu bytes to the client.", (unsigned long) packet_size); syslog(LOG_DEBUG, "CTRL: Sent packet to client"); } return bytes_written; } } /* * ignoreErrno * * Check if an errno represents a read error which should be ignored, and * put back to be select()ed on again later. * * Very similar to the function in Squid by Duane Wessels (under GPL). * * args: an errno value * * retn: 1 if the error is unimportant * 0 if the error is important */ static int ignoreErrno(int ierrno) { switch (ierrno) { case EAGAIN: /* nothing to read */ case EINTR: /* signal received */ #ifdef ERESTART #if ERESTART != EINTR case ERESTART: /* signal received, should restart syscall */ #endif #endif #if EWOULDBLOCK != EAGAIN case EWOULDBLOCK: /* shouldn't get this one but anyway, just in case */ #endif return 1; default: return 0; } } /* * read_pptp_header * * Reads a packet from a file descriptor and determines whether it is a * valid PPTP Control Message. If a valid PPTP Control Message is detected * it extracts the Control Message type from the packet header. * * args: clientFd (IN) - Clients file descriptor. * packet (OUT) - Packet we read from the client. * pptp_ctrl_type (OUT) - PPTP Control Message type of the packet. * * retn: Number of bytes read on success. * -1 on retryable error. * 0 on error to exit on. */ ssize_t read_pptp_header(int clientFd, unsigned char *packet, int *pptp_ctrl_type) { ssize_t bytes_ttl, bytes_this; /* quantities read (total and this read) */ u_int16_t length; /* length of this packet */ struct pptp_header *header; /* the received header */ static char *buffer = NULL; /* buffer between calls */ static int buffered = 0; /* size of buffer */ *pptp_ctrl_type = 0; /* initialise return arg */ /* read any previously buffered data */ if (buffered) { memcpy(packet, buffer, buffered); free(buffer); buffer = NULL; bytes_ttl = buffered; buffered = 0; if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Read in previous incomplete ctrl packet"); } else bytes_ttl = 0; /* try and get the length in */ if (bytes_ttl < 2) { bytes_this = read(clientFd, packet + bytes_ttl, 2 - bytes_ttl); switch (bytes_this) { case -1: if (ignoreErrno(errno)) { /* re-tryable error, re-buffer and return */ if (bytes_ttl) { buffered = bytes_ttl; buffer = malloc(bytes_ttl); if (!buffer) return(0); memcpy(buffer, packet, bytes_ttl); } syslog(LOG_ERR, "CTRL: Error reading ctrl packet length (bytes_ttl=%lu): %s", (unsigned long) bytes_ttl, strerror(errno)); return -1; } /* FALLTHRU */ case 0: syslog(LOG_ERR, "CTRL: EOF or bad error reading ctrl packet length."); return 0; default: bytes_ttl += bytes_this; /* Not enough data to proceed */ if (bytes_ttl == 1) { buffered = bytes_ttl; buffer = malloc(bytes_ttl); if (!buffer) return(0); memcpy(buffer, packet, bytes_ttl); if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Incomplete ctrl packet length, retry later"); return -1; } } } /* OK, we have (at least) the first 2 bytes, and there is data waiting * * length includes the header, so a length less than 2 is someone * trying to hack into us or a badly corrupted packet. * Why not require length to be at least 10? Since we later cast * packet to struct pptp_header and use at least the 10 first bytes.. * Thanks to Timo Sirainen for mentioning this. */ length = htons(*(u_int16_t *) packet); if (length <= 10 || length > PPTP_MAX_CTRL_PCKT_SIZE) { syslog(LOG_ERR, "CTRL: 11 < Control packet (length=%d) < " "PPTP_MAX_CTRL_PCKT_SIZE (%d)", length, PPTP_MAX_CTRL_PCKT_SIZE); /* we loose sync (unless we malloc something big, which isn't a good * idea - potential DoS) so we must close connection (draft states that * if you loose sync you must close the control connection immediately) */ return 0; } /* Now read the actual control packet */ bytes_this = read(clientFd, packet + bytes_ttl, length - bytes_ttl); switch (bytes_this) { case -1: if(ignoreErrno(errno)) { /* re-tryable error, re-buffer and return */ if (bytes_ttl) { buffered = bytes_ttl; buffer = malloc(bytes_ttl); if (!buffer) return(0); memcpy(buffer, packet, bytes_ttl); } syslog(LOG_ERR, "CTRL: Error reading ctrl packet (bytes_ttl=%lu,length=%d): %s", (unsigned long) bytes_ttl, length, strerror(errno)); return -1; } /* FALLTHRU */ case 0: syslog(LOG_ERR, "CTRL: EOF or bad error reading ctrl packet."); return 0; default: bytes_ttl += bytes_this; /* not enough data to proceed */ if (bytes_ttl != length) { buffered = bytes_ttl; buffer = malloc(bytes_ttl); if (!buffer) return(0); memcpy(buffer, packet, bytes_ttl); if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Incomplete ctrl packet, retry later"); return -1; } } /* We got one :-) */ /* Cast the packet into the PPTP Control Message format */ header = (struct pptp_header *) packet; /* Packet sanity check on magic cookie */ if (ntohl(header->magic) != PPTP_MAGIC_COOKIE) { /* Oops! Not a valid Control Message */ syslog(LOG_ERR, "CTRL: Bad magic cookie - lost syncronization, closing control connection."); /* draft states loss of syncronization must result in * immediate closing of the control connection */ return 0; } /* Woohoo! Looks like we got a valid PPTP packet */ *pptp_ctrl_type = (int) (ntohs(header->ctrl_type)); if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Received PPTP Control Message (type: %d)", *pptp_ctrl_type); return bytes_ttl; } /* Macros to use in making response packets */ #define MAKE_CTRL_HEADER(where, what) \ where.header.length = htons(sizeof(where)); \ where.header.pptp_type = htons(PPTP_CTRL_MESSAGE); \ where.header.magic = htonl(PPTP_MAGIC_COOKIE); \ where.header.ctrl_type = htons(what); \ where.header.reserved0 = htons(RESERVED) #define COPY_CTRL_PACKET(from, to, size) \ memcpy(to, &from, ((*size) = sizeof(from))) #define DEBUG_PACKET(what) \ if(pptpctrl_debug) \ syslog(LOG_DEBUG, "CTRL: Made a " what " packet") /* * deal_start_ctrl_conn * * This method 'deals' with a START-CONTROL-CONNECTION-REQUEST. After * stripping down the connection request a suitable reply is formed and * stored in 'rply_packet' ready for sending. * * args: packet (IN) - the packet that we have to deal with (should be a * START-CONTROL-CONNECTION-REQUEST packet) * rply_packet (OUT) - suitable reply to the 'packet' we got. * rply_size (OUT) - size of the reply packet */ void deal_start_ctrl_conn(void *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size) { struct pptp_start_ctrl_conn_rply start_ctrl_conn_rply; MAKE_CTRL_HEADER(start_ctrl_conn_rply, START_CTRL_CONN_RPLY); start_ctrl_conn_rply.version = htons(PPTP_VERSION); start_ctrl_conn_rply.result_code = CONNECTED; start_ctrl_conn_rply.error_code = NO_ERROR; start_ctrl_conn_rply.framing_cap = htons(OUR_FRAMING); start_ctrl_conn_rply.bearer_cap = htons(OUR_BEARER); start_ctrl_conn_rply.max_channels = htons(MAX_CHANNELS); start_ctrl_conn_rply.firmware_rev = htons(PPTP_FIRMWARE_VERSION); memset(start_ctrl_conn_rply.hostname, 0, MAX_HOSTNAME_SIZE); strncpy((char *)start_ctrl_conn_rply.hostname, PPTP_HOSTNAME, MAX_HOSTNAME_SIZE); memset(start_ctrl_conn_rply.vendor, 0, MAX_VENDOR_SIZE); strncpy((char *)start_ctrl_conn_rply.vendor, PPTP_VENDOR, MAX_VENDOR_SIZE); COPY_CTRL_PACKET(start_ctrl_conn_rply, rply_packet, rply_size); DEBUG_PACKET("START CTRL CONN RPLY"); } /* * deal_stop_ctrl_conn * * This method response to a STOP-CONTROL-CONNECTION-REQUEST with a * STOP-CONTROL-CONNECTION-REPLY. */ void deal_stop_ctrl_conn(void *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size) { struct pptp_stop_ctrl_conn_rply stop_ctrl_conn_rply; MAKE_CTRL_HEADER(stop_ctrl_conn_rply, STOP_CTRL_CONN_RPLY); stop_ctrl_conn_rply.result_code = DISCONNECTED; stop_ctrl_conn_rply.error_code = NO_ERROR; stop_ctrl_conn_rply.reserved1 = htons(RESERVED); COPY_CTRL_PACKET(stop_ctrl_conn_rply, rply_packet, rply_size); DEBUG_PACKET("STOP CTRL CONN RPLY"); } /* * deal_out_call * * This method 'deals' with a OUT-GOING-CALL-REQUEST. After * stripping down the request a suitable reply is formed and stored in * 'rply_packet' ready for sending. * * args: packet (IN) - the packet that we have to deal with (should be a * OUT-GOING-CALL-REQUEST packet) * rply_packet (OUT) - suitable reply to the 'packet' we got. * rply_size (OUT) - size of the reply packet * */ void deal_out_call(unsigned char *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size) { u_int16_t pac_call_id; struct pptp_out_call_rqst *out_call_rqst; struct pptp_out_call_rply out_call_rply; out_call_rqst = (struct pptp_out_call_rqst *) packet; if ((pac_call_id = getcall()) == htons(-1)) { /* XXX should reject call */ syslog(LOG_ERR, "CTRL: No free Call IDs!"); pac_call_id = 0; } MAKE_CTRL_HEADER(out_call_rply, OUT_CALL_RPLY); /* call_id is used for ctrl, call_id_peer is used for GRE * call_id_peer is what we were sent by the other end in ctrl initilization */ out_call_rply.call_id = pac_call_id; out_call_rply.call_id_peer = out_call_rqst->call_id; out_call_rply.result_code = CONNECTED; out_call_rply.error_code = NO_ERROR; out_call_rply.cause_code = NO_ERROR; /* maybe limit to pppd speed? but pppd doesn't accept 10Mbps as a speed and yet * still performs at over 115200, eg, 60kbyte/sec and higher observed. */ out_call_rply.speed = out_call_rqst->max_bps; /* lets match their window size for now... was htons(PCKT_RECV_WINDOW_SIZE) */ out_call_rply.pckt_recv_size = out_call_rqst->pckt_recv_size; if(pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Set parameters to %d maxbps, %d window size", ntohl(out_call_rply.speed), ntohs(out_call_rply.pckt_recv_size)); out_call_rply.pckt_delay = htons(PCKT_PROCESS_DELAY); out_call_rply.channel_id = htonl(CHANNEL_ID); COPY_CTRL_PACKET(out_call_rply, rply_packet, rply_size); DEBUG_PACKET("OUT CALL RPLY"); } /* * deal_echo * * This method 'deals' with a ECHO-REQUEST. After stripping down the * connection request a suitable reply is formed and stored in * 'rply_packet' ready for sending. * * args: packet (IN) - the packet that we have to deal with (should be a * ECHO-REQUEST packet) * rply_packet (OUT) - suitable reply to the 'packet' we got. * rply_size (OUT) - size of the reply packet * */ void deal_echo(unsigned char *packet, struct pptp_out_call_rply *rply_packet, ssize_t * rply_size) { struct pptp_echo_rqst *echo_rqst; struct pptp_echo_rply echo_rply; echo_rqst = (struct pptp_echo_rqst *) packet; MAKE_CTRL_HEADER(echo_rply, ECHO_RPLY); echo_rply.identifier = echo_rqst->identifier; echo_rply.result_code = CONNECTED; echo_rply.error_code = NO_ERROR; echo_rply.reserved1 = htons(RESERVED); COPY_CTRL_PACKET(echo_rply, rply_packet, rply_size); DEBUG_PACKET("ECHO RPLY"); } /* * deal_call_clr * * This method 'deals' with a CALL-CLEAR-REQUEST. After stripping down the * connection request a suitable reply is formed and stored in * 'rply_packet' ready for sending. * * args: packet (IN) - the packet that we have to deal with (should be a * CALL-CLEAR-REQUEST packet) * rply_packet (OUT) - suitable reply to the 'packet' we got. * rply_size (OUT) - size of the reply packet * */ void deal_call_clr(unsigned char *packet, struct pptp_out_call_rply *rply_packet, ssize_t *rply_size) { struct pptp_call_disconn_ntfy call_disconn_ntfy; u_int16_t pac_call_id; /* Form a reply * The reply packet is a CALL-DISCONECT-NOTIFY * In single call mode we don't care what peer's call ID is, so don't even bother looking */ if ((pac_call_id = freecall()) == htons(-1)) { /* XXX should return an error */ syslog(LOG_ERR, "CTRL: Could not free Call ID [call clear]!"); } MAKE_CTRL_HEADER(call_disconn_ntfy, CALL_DISCONN_NTFY); call_disconn_ntfy.call_id = pac_call_id; call_disconn_ntfy.result_code = CALL_CLEAR_REQUEST; /* disconnected by call_clr_rqst */ call_disconn_ntfy.error_code = NO_ERROR; call_disconn_ntfy.cause_code = htons(NO_ERROR); call_disconn_ntfy.reserved1 = htons(RESERVED); memset(call_disconn_ntfy.call_stats, 0, 128); COPY_CTRL_PACKET(call_disconn_ntfy, rply_packet, rply_size); DEBUG_PACKET("CALL DISCONNECT RPLY"); } /* * deal_set_link_info * * @FIXME This function is *not* completed * * This method 'deals' with a SET-LINK-INFO. After stripping down the * connection request a suitable reply is formed and stored in * 'rply_packet' ready for sending. * * args: packet (IN) - the packet that we have to deal with (should be a * SET-LINK-INFO packet) * rply_packet (OUT) - suitable reply to the 'packet' we got. * rply_size (OUT) - size of the reply packet * */ void deal_set_link_info(unsigned char *packet) { struct pptp_set_link_info *set_link_info; set_link_info = (struct pptp_set_link_info *) packet; if (set_link_info->send_accm != 0xffffffff || set_link_info->recv_accm != 0xffffffff) { /* Async-Control-Character-Map (ACCM) are bits that show which control characters should be escaped by the PPP implementation ... pptpd leaves pppd to negotiate that via LCP and does not process SET LINK INFO packets ... this is not complaint with the RFC but still works. */ if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Ignored a SET LINK INFO packet with real ACCMs! (intentional non-compliance with section 2.15 of RFC 2637, ACCM is negotiated by PPP LCP asyncmap)"); } else if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Got a SET LINK INFO packet with standard ACCMs"); } void make_echo_req_packet(struct pptp_out_call_rply *rply_packet, ssize_t * rply_size, u_int32_t echo_id) { struct pptp_echo_rqst echo_packet; MAKE_CTRL_HEADER(echo_packet, ECHO_RQST); echo_packet.identifier = echo_id; COPY_CTRL_PACKET(echo_packet, rply_packet, rply_size); DEBUG_PACKET("ECHO REQ"); } void make_stop_ctrl_req(struct pptp_out_call_rply *rply_packet, ssize_t * rply_size) { struct pptp_stop_ctrl_conn_rqst stop_ctrl; MAKE_CTRL_HEADER(stop_ctrl, STOP_CTRL_CONN_RQST); stop_ctrl.reason = GENERAL_STOP_CTRL; stop_ctrl.reserved1 = RESERVED; stop_ctrl.reserved2 = htons(RESERVED); COPY_CTRL_PACKET(stop_ctrl, rply_packet, rply_size); DEBUG_PACKET("STOP CTRL REQ"); } void make_call_admin_shutdown(struct pptp_out_call_rply *rply_packet, ssize_t * rply_size) { struct pptp_call_disconn_ntfy call_disconn_ntfy; u_int16_t pac_call_id; /* Form a reply * The reply packet is a CALL-DISCONECT-NOTIFY * In single call mode we don't care what peer's call ID is, so don't even bother looking */ if ((pac_call_id = freecall()) == htons(-1)) { /* XXX should return an error */ syslog(LOG_ERR, "CTRL: Could not free Call ID [admin shutdown]!"); } MAKE_CTRL_HEADER(call_disconn_ntfy, CALL_DISCONN_NTFY); call_disconn_ntfy.call_id = pac_call_id; call_disconn_ntfy.result_code = ADMIN_SHUTDOWN; /* disconnected by admin shutdown */ call_disconn_ntfy.error_code = NO_ERROR; call_disconn_ntfy.cause_code = htons(NO_ERROR); call_disconn_ntfy.reserved1 = htons(RESERVED); memset(call_disconn_ntfy.call_stats, 0, 128); COPY_CTRL_PACKET(call_disconn_ntfy, rply_packet, rply_size); DEBUG_PACKET("CALL DISCONNECT RPLY"); } #if PNS_MODE /* out of date. really PNS isn't 'trivially different', it's quite different */ #define C_BITS (sizeof(unsigned int) * 8) #define C_SEG(x) (x/C_BITS) #define C_BIT(x) ((1U)<<(x%C_BITS)) static unsigned int activeCalls[(MAX_CALLS / C_BITS) + 1]; /* * get_call_id * * Assigns a call ID and peer call ID to the session. * * args: call_id (OUT) - the call ID for the session * retn: 0 on success, -1 on failure */ int get_call_id(u_int16_t * loc) { for (i = 0; i < MAX_CALLS; i++) { if (!(activeCalls[C_SEG(i)] & C_BIT(i))) { activeCalls[C_SEG(i)] |= C_BIT(i); *loc = i; return 0; } } return -1; } /* * free_call_id * * args: call_id (IN) - the call ID for a terminated session * retn: 0 on success, -1 on failure */ int free_call_id(u_int16_t call_id) { if (!(activeCalls[C_SEG(i)] & C_BIT(i))) return -1; activeCalls[C_SEG(i)] &= ~C_BIT(i); return 0; } #else static int _pac_call_id; static u_int16_t _pac_init = 0; /* * getcall * * Assigns a call ID to the session and stores/returns it * * we only permit one call at a time, so the chance of wrapping 65k on one * control connection is zero to none... */ u_int16_t getcall() { static u_int16_t i = 0; extern u_int16_t unique_call_id; /* Start with a random Call ID. This is to allocate unique * Call ID's across multiple TCP PPTP connections. In this * way remote clients masqueraded by a firewall will put * unique peer call ID's into GRE packets that will have the * same source IP address of the firewall. */ if (!i) { if (unique_call_id == 0xFFFF) { struct timeval tv; if (gettimeofday(&tv, NULL) == 0) { i = ((tv.tv_sec & 0x0FFF) << 4) + (tv.tv_usec >> 16); } } else { i = unique_call_id; } } if(!_pac_init) { _pac_call_id = htons(-1); _pac_init = 1; } if(_pac_call_id != htons(-1)) syslog(LOG_ERR, "CTRL: Asked to allocate call id when call open, not handled well"); _pac_call_id = htons(i); i++; return _pac_call_id; } /* * freecall * * Notes termination of current call * * retn: -1 on failure, PAC call ID on success */ u_int16_t freecall() { u_int16_t ret; if(!_pac_init) { _pac_call_id = htons(-1); _pac_init = 1; } ret = _pac_call_id; if(_pac_call_id == htons(-1)) syslog(LOG_ERR, "CTRL: Asked to free call when no call open, not handled well"); _pac_call_id = htons(-1); return ret; } #endif pptpd-1.4.0/html/0000755000175000017500000000000012110522672010606 500000000000000pptpd-1.4.0/html/setup_pptp_client.html0000644000175000017500000000435212110522672015161 00000000000000 Setting up a Linux PPTP Client with WinNT PPTP Server

Setting up the Linux PPTP 1.0.2 client (and PPP 2.3.5) with Windows NT PPTP Server

About the systems

This document assumes the following:

  • remote machine name = orge
  • domain remote machine belongs to = gnoll
  • username on remote machine = billybob
  • password for billybob = bobbybill
We want to connect our local machine to the remote machine using PPTP. The remote machine is a Windows NT box while our local machine is a Linux box.

PPP chap-secrets file

Find the chap-secrets file which should be in /etc/ppp/. This file should look like this:

# chap-secrets
# clientserversecretIP adresses
gnoll\\billyboborgebobbybill

Setting up PPP debugging

PPP debugging is handled by syslogd. To setup debugging open syslog.conf which should be found in /etc/ and add the following entry:

daemon.debug /var/log/pppd.log

Launching PPTP

The following command is issued on the linux box to connect to the remote NT machine.

pptp orge debug name gnoll\\billybob remotename orge

Errors

E=691
This error occurs when you supply an incorrect username/password to the remote NT machine. Check the chap-secrets file and the command line where PPTP is launched.

Testing

  • run 'ifconfig' and check that a ppp0 interface exists
  • find P-t-P: xxx.xxx.xxx.xxx from the output of ifconfig
  • run 'netstat -i' and record the RX-OK and TX-OK values for ppp0
  • type 'ping xxx.xxx.xxx.xxx'
  • run 'netstat -i' again and see if the values for RX and TX increased.. if yes then it would appear to be working ok....... in theory anyway.
PoPToP Home Page pptpd-1.4.0/html/HOWTO-PoPToP.txt0000644000175000017500000010504212110522672013310 00000000000000PoPToP HOWTO/FAQ ---------------- Last Updated: 20021024 Send changes to: Richard de Vroede HOWTO/FAQ mostly compiled from PoPToP help pages and the PoPToP Mailing List (hosted by Christopher Schulte) by Matthew Ramsay. Large contributions from Steve Rhodes and Michael Walter. Contents -------- 1.0 Introduction 1.1 About PoPToP 1.2 Credits 2.0 System Requirements 3.0 PPP with MSCHAPv2/MPPE Installation 4.0 PoPToP Installation 5.0 Windows Client Setup 6.0 FAQ 1.0 Introduction ---------------- 1.1 About PoPToP PoPToP is the PPTP Server solution for Linux. PoPToP allows Linux servers to function seamlessly in the PPTP VPN environment. This enables administrators to leverage the considerable benefits of both Microsoft and Linux. The current pre-release version supports Windows 95/98/NT/2000 PPTP clients and PPTP Linux clients. PoPToP is free GNU software. PoPToP Home Page: http://www.moretonbay.com/vpn/pptp.html 1.2 Credits PoPToP was originally started by Matthew Ramsay under the control of Moreton Bay Ventures (http://www.moretonbay.com). Around March 1999 PoPToP was publically released under the GNU GPL by Moreton Bay/Lineo. PoPToP is what it is today due to the help of a number of intelligent and experienced hackers. More specifically Kevin Thayer, David Luyer and Peter Galbavy. More contributors to PoPToP (in various forms) include Allan Clark, Seth Vidal, Harald Vogt and Ron O'Hara. And finally, credit to all the PoPToP followers who test and report problems. 1.3 PopToP migrating from poptop.lineo.com March 18, 2002 The main PoPToP developers left Lineo with the SnapGear spin-out. The ball is being picked up by Daniel Djamludin. PoPToP has been actively developed within SnapGear and a number of improvements need to be rolled out. Henceforth from this sentence onwards you should refer to "PoPToP" as "Poptop" for ease of use and typing. Lineo have been asked to forward poptop.lineo.com to poptop.sourceforge.net The sources are being gathered to go into CVS, new binaries and dev images will follow. Source Forge looks like the best neutral ground to smooth out future upheavals. 2.0 System Requirements ----------------------- 1. A modern Linux distribution (such as Debian, Red Hat, etc.) with a recent kernel (2.4.x recommended, 2.2.x should be ok). Note: ports exist for Solaris, BSD and others but are not supported in this HOWTO at this time. 2. PPP (2.4.1 recommended, 2.3.11 should be ok) (and the MSCHAPv2/MPPE patch if you want enhanced Microsoft compatible authentication and encryption). 3. PoPToP v1.1.3 (or download the latest release at: http://sourceforge.net/projects/poptop 3.0 PoPToP Installation ----------------------- Check out the documentation at http://sourceforge.net/docman/?group_id=44827 4.0 Windows Client Setup ------------------------ Install it using the add-remove programs tool. Go to windows->communications and install VPN support. (If you do above you may *not* need to follow the instructions below as it will already be installed... ? follow the instructions: 1.start->settings->control panel->network 2.Click add 3.choose adapter 4.Click add 5.select microsoft as the Manufactuarer 6.select Microsoft Virtual Private Networking Adapter 7.Click ok 8.Insert any necessary disks 9.Reboot your Machine take a little nap here... Once your Machine is back 1.go to dial-up networking (usually start->programs->Accessories->communications->Dial-up Networking) YMMV 2.Click make new connection 3.Name the Connection whatever you'd like. 4.Select Microsoft VPN adapter as the device 5.click next 6.type in the ip address or hostname of your pptp server 7.click next 8.click finish 9.Right-click on the intranet icon 10.select properties 11.choose server types 12.check require encrypted password 13.uncheck netbeui, ipx/spx compatible 14.click tcp/ip settings 15.turn off use IP header compression 16.turn off use default gw on remote network 17.click ok. 18.start that connection 19.type in your username and pw (yadda, yadda, yadda) 20.once it finishes its connection your up. Note that the Win95 routine is similar but requires Dial Up Networking Update 1.3 (free from Microsoft) to be installed first. 5.0 FAQ ------- Q&A. INTRODUCTION After spending the better part of two weeks developing my configuration for a pptp sever for remote file access by Windows(tm) clients, I thought I would pass along these notes to those who may be interested. The basic configuration involves a Samba/PoPToP server behind a firewall, through which clients using Win98 machines will connect using the VPN facility built into that OS. This is diagrammed below. _____ ___ ______ ______ | | | \ | fire | | file | | win | ---> / net \ ---> | wall | ---> | srvr | |_____| \__/\_/ |______| |______| The components of the system consist of the Win98 clients running the built-in VPN facility dialing in to their ISP's and connecting through the firewall to the Samba server on the internal network using the pptp protocol. The firewall uses Network Address Translation to convert an open Internet IP address to an internal one. Sounds simple enough right? SIMPLE TEST SETUP As a starting point, I configured a Win98 box to connect directly to a PoPToP server without any authentication or encryption. This was just to get a feel for how pptp works and verify the setup. Using the pre-packaged rpm's was a big help here. You just rpm the thing onto the system and fire it up, and you're in business. The diagram below represents this simple system. 192.168.56.142 192.168.56.11 _____ ______ | | | file | | win | ------------------> | srvr | |_____| |______| Emboldend by my success, I set out to turn on MS authentication and encrytion, and this is where the fun started. AUTHENTICATION AND ENCRYPTION This is an area where Microsoft really shows its true colors. Turning on password and data encryption on the Win98 VPN server configuration was quite the eye opening experience. First with the authentication, you will have to go through a somewhat difficult compilation of the ppp-2.3.8 package. The worst part here is getting all the pieces together, namely the rc4 files. This process is well documented in this archive, so I won't go into it here. The next realization is that Microsoft prepends the domain name to the user name when submitting the login credentials. For example, srhodes is now DBNET\\srhodes. If that wasn't bad enough, I found that the domain wasn't even the one I was logged into. My best guess is that the first domain that the computer ever logs into is stuck with it for ever. This is a real problem if you have multiple domains that you log into. I modified the pppd.c code to strip out the domain on MSCHAP logins, but you can just set the user name in chap-secrets to match the windows version. Then I spent a whole day trying to figure out why data encryption does not work. I tried just about everything I could think of that could be wrong. That's when I discovered this archive, for which I am truly grateful. It turns out that the Win9x implementation of encrytpion is FUBAR! You have to download one of those patches from Microsoft, MSDUN 1.4 to get the thing to work. Windows 95 http://download.microsoft.com/download/win95/Update/17648/W95/EN-US/dun14-95.exe Windows 98 http://download.microsoft.com/download/win98/Update/17648/W98/EN-US/dun14-98.exe Windows 98se http://download.microsoft.com/download/win98SE/Update/17648/W98/EN-US/dun14-SE.exe FIREWALL CONFIGURATION The issue with a firewall in this setup is that you need to cover two types of protocol communication. There is one connection which is a tcp connection on port 1723 that handles the control functions and another connection using IP type 47, or GRE, which handles the actual data communication. This second connection presents a problem for the convention linux firewall, ipfwadm. You see, its only set up to handle tcp, udp and icmp protocols. It doesn't know about GRE. The trick around this block is to use one of the new 2.2 kernels, which employ a new firewall called ipchains. This tool willl handle arbitrary protocols, which can be specified by their numbers. 192.168.2.142 192.168.56.11 _____ ______ ______ | | | fire | 192.168.56.1 | file | | win | --------------->| wall | --------------> | srvr | |_____| 192.168.2.1 |______| |______| You need to remember a few things before getting too deep into this. The default gateway on win is set to 192.168.2.1, and the default gateway on file srvr is set to 192.168.56.1. The firewall has the two network interfaces spanning the two subnets and is configured for IP forwarding. If you have not yet applied any firewall rules, this configuration will work as before. The interesing part is to block out all other access to file srvr by implementing ipchains rules. The short story is: ipchains -F ipchains -P forward DENY ipchains -I forward -p tcp -d 192.168.56.11 1723 -j ACCEPT ipchains -A forward -p tcp -s 192.168.56.11 1723 -j ACCEPT ipchains -A forward -p 47 -d 192.168.56.11 -j ACCEPT ipchains -A forward -p 47 -s 192.168.56.11 -j ACCEPT NETWORK ADDRESS TRANSLATION The next hurdle is to configure the firewall so that it can run an open internet IP address on the outside and allow access to an internal address on the inside. NAT is very well suited to this task, although you may hear otherwise from knowledgable sources. It happens to be my preference, though certainly not the only way to skin this cat. You can obtain the NAT software and some detailed information from http://www.csn.tu-chemnitz.de/HyperNews/get/linux-ip-nat.html But again, there is a problem with the GRE protocol of type 47. The tool for configuring NAT, ipnatadm, like its half-brother ipfwadm, is not set up to handle arbitrary protocols. Unfortunately, you'll have to go into the code and make a slight modification if you want to use it for this purpose. There is a procedure called parse_protocol in the file routines.c that discriminates the type of protocol to be filtered. The basic idea is to accept a string representing a number and use that as the filter. Since you have to recompile the kernel anyway to get the NAT functionality, maybe it's not so horrible, relatively speaking. For those ambitous enough, here is the diff for the routines file, copy this into a file called routines.diff and use the command patch -p0 < routines.diff from within the same directory. --- routines.c Thu Mar 25 15:41:58 1999 +++ /mnt/zip/nat/routines.c Wed Jul 21 21:09:28 1999 @@ -112,11 +112,18 @@ else if (strncmp("icmp", s, strlen(s)) == 0) nat_set.nat.protocol = IPPROTO_ICMP; else { + int number; + char * end; + number = (int)strtol(s, &end, 10); + nat_set.nat.protocol = number; + } + /* + else { fprintf(stderr, "ipnatadm: invalid protocol \"%s\" specified\n", s); exit_tryhelp(2); - /* make the compiler happy... */ return; } + */ } void parse_hostnetworkmask(char *name, struct in_addr **addrpp, __u32 *maskp, int *naddrs) The patch is actually lifted from ipchains, which was derived from ipfwadm, which provides the basis for ipnatadm. Once you've got all that running, what you want to do is to set up the NAT rules so that the incoming client thinks its talking to the firewall, as does the outgoing file server. The short of it is: ipnatadm -F ipnatadm -I -i -P 6 -D 192.168.2.1 1723 -N 192.168.56.11 1723 ipnatadm -O -i -P 6 -S 192.168.56.11 1723 -M 192.168.2.1 1723 ipnatadm -I -i -P 47 -D 192.168.2.1 -N 192.168.56.11 ipnatadm -O -i -P 47 -S 192.168.56.11 -M 192.168.2.1 Here, the -P argument sets the protocol, 6 is tcp and 47 is GRE. PPTP packets targeting the firewall are translated to the internal host inbound and vice-versa on the way out. Very slick. SAMBA Here's a subject so complex you could probably devote a whole career to it. We don't want to get too bogged down, so I'll be brief. Samba implements the NetBIOS protocol, which has more quirks than you can shake a stick at. One of the biggest problems is the use of subnet broadcasting. Suffice it to say, if you want the best results, you should set your PoPToP IP addresses to reside within the subnet on which the file server ethernet is located. I choose 192.168.56.12 for the server address, and it hands out IP's from 192.168.13-127. Setting the IP forwarding on the file server to true will give you access to other machines on the internal network. When you go at the samba sever from Win98, you have to use encrypted password. Look at smbpasswd and related stuff. Finding shares on the server is not so easy. The short story here is that browsing is implemented via broadcast packets, and broadcast packets will not travel down a PPP link. The only way to get browsing to work over pptp is to set Samba up as a WINS server and a Domain login server, and configure the clients to use that WINS server and force them to login to that Domain. Believe me, I tried just about everything to avoid that. You will also want to set the samba server as the domain master and preferred master for the browsing. If you can't do that, you can set the ppp/options file to include a ms-wins setting for the samba server. This will set the client up so they can at least resolve host names. The only way to find a share under this configuration is to name it explicitly. You can use the tools menu from the Win98 file browser and say find -> computer and enter in the name of the samba server and it will be found. I have found that setting domain master = yes and preferred master = yes gives a rather nice boost to the speed of name lookups on the network. Here is my abbreviated smb.conf [global] workgroup = VAULT server string = acer log file = /var/log/samba/log.%m max log size = 50 security = user encrypt passwords = yes smb passwd file = /etc/smbpasswd socket options = TCP_NODELAY domain master = yes preferred master = yes domain logons = yes wins support = yes dns proxy = no [homes] comment = Home Directories browseable = no writable = yes You should also use the lmhosts option for nmbd (-H) and set up an lmhosts file on the samba server. Make sure also the the samba server can resolve its own name, through either /etc/hosts or DNS. In all honesty , I went through the same simple test setup with samba as I did for PoPToP, although its not shown here explicitly. CONCLUSION PoPToP is a good program, as is Samba. This configuration can work if you put a little effort into it. I have seen a lot of questions here and in other places about these types of systems, so I would think that there is some demand on the part of users who want this type of functionality. I hope these notes are useful to you if this is what you want to do. **************************************************************************** Q&A I have a pptp server set up on my office LAN. I can connect to the server and ping to it fine, but I can't ping any other hosts on the office subnet. I have ip-forwarding turned on and I have proxyarp set in the ppp/options file. What can be wrong? There seem to be a lot of questions floating around about routing and masq'ing associated with this issue. Well, my curiosity got the best of me, so I thought I would check this out. Shown below is my test setup for investigating this problem. 192.168.8.142 192.168.56.10 192.168.56.11 192.168.56.12 ________ _______ ______ _____ | | | | | | | | | client |------->| fire |-------->| pptp |----->| host | | | | wall | | srvr | | | |________| |_______| |______| |______| H H H 192.168.8.10 H H H H===================================H 192.168.5.12 pptp connection 192.168.5.11 For the sake of simplicity, we will ignore address translation issues associated with the firewall. This assumes that the client at 192.168.8.142 is going to use 192.168.56.11 as its target address for the pptp connection to pptp_srvr. The firewall will block all access to the 192.168.56.0 subnet except for pptp connections associated with pptp_srvr. This can be implemented with ipchains ipchains -P input DENY ipchains -P forward DENY ipchains -A input 192.168.56.0/24 -j ACCEPT /* allow connections from inside */ ipchains -A input -p tcp -d 192.168.56.11 1723 -j ACCEPT ipchains -A input -p 47 -d 192.168.56.11 -j ACCEPT ipchains -A forward -p tcp -d 192.168.56.11 1723 -j ACCEPT ipchains -A forward -p tcp -s 192.168.56.11 1723 -j ACCEPT ipchains -A forward -p 47 -d 192.168.56.11 -j ACCEPT ipchains -A forward -p 47 -s 192.168.56.11 -j ACCEPT When you connect from client to pptp_srvr, you will be able to complete the connection and ping to pptp_srvr. However, if you attempt to ping host, at 192.168.56.12, this will fail. A clue to this problem can be found in the /var/tmp/messages file on pptp_srvr. There, in the pppd messages, you will find Cannot determine ethernet address for proxy ARP This is due to an issue with the pppd program, which attempts to find a hardware interface on the subnet to which the pppd client has been assigned. In this case its looking for a hardware interface on the 192.168.5.0 subnet. It will fail to find one, and will drop the proxyarp request. The simplest way around this problem, and the one that is suggested in the pppd documentation, is to set the pppd client IP assignment to be on the local subnet. An example in this case might be 192.168.56.129. However, it may not be possible to do that. In the case of a fully loaded subnet, there may not be any addresses to spare. Or there may be some security issues with giving out local subnet addresses. What to do? The place to look is in the arp table. If you run tcpdump on host (192.168.56.12) during the time when client is pinging, you will see unanswered arp requests from host attempting to find the hardware address for 192.168.5.12. You need to proxy the hardware address of the pptp_srvr for client in order for this request to be fulfilled. This is the job of proxyarp. However, proxyarp has let us down in this instance, and we need to find a workaround. This can be done manually using the arp command on pptp_srvr. For example, if the hardware address of the ethernet card on pptp_srvr is 00:60:08:98:14:14, you could force the arp to proxy the client pptp address by saying arp --set 192.168.5.12 00:60:08:98:14:13 pub You should now be able to ping from client to host through the pptp connection. This can be a problem, however, in a dynamic environment when clients are logging into and out of the pptp server on a continuous basis. One way around this problem is to write a script that will execute upon the initiation of each ppp connection. The place to do this is in /etc/ppp/ip-up. This script is executed each time a new ppp connection is started. It gets some variables passed into it, one of which is the assigned IP address of the client. Note that RedHat systems use ip-up.local as the place for you to make the script. Don't forget to chmod +x ! #! /bin/bash REMOTE_IP_ADDRESS=$5 date > /var/run/ppp.up echo "REMOTE_IP_ADDRESS = " $REMOTE_IP_ADDRESS >> /var/run/ppp.up arp --set $REMOTE_IP_ADDRESS 00:60:08:98:14:14 pub >> /var/run/ppp.up exit 0 This should put you in business for accessing the remote subnet under this scenario. I am a little bit concerned, however, because I also built a script ip-down.local, that should remove the arp proxy when client disconnected. It doesn't seem to do anything, however, and if I try to delete the arp entry manually, it just spits out a cryptic error message. The arp entries remain persistent, as far as I can tell. If this is a problem or not, I don't know. The next few clients that log in are treated well, so I guess its OK. **************************************************************************** Q. Also, after running pptpd and monitoring its log file and seeing that it failed to open ttyp1 - I chmod +rw /dev/ttyp[0-9] and it seemed to work somewhat. But, after I rebooted, I had to do this again. Is this normal? A. pptpd should be running as root (unless you have a system with a setuid openpty() helper, which isn't very common). If it fails to open a pty/tty pair as root then that is probably because it is in use. Other programs which use pty/tty's will change their permissions back to the standard ones. **************************************************************************** Q. sometimes when I make a connection to my pptpd server I see a message like Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-21 Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-26 Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-24 Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-21 Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-26 Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-24 Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-26 Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-24 Jul 2 17:30:03 ape modprobe: can't locate module ppp-compress-21 in /var/log/messages on the server. Any idea what I can do about it? A. yeah, in your /lib/modules//net/ directory, there should be files called bsd_comp.o and ppp_deflate.o.. insmod those files and you'll be good to go. **************************************************************************** Q. Hi, I'm having trouble getting pptpd & mschap-v2 to work. I downloaded all of the patches and compiled everything but whenever i try to connect from my win98 machine, it says: Error 691: The computer you have dialed in to has denied access because the username and/or password is invalid on the domain. What is this suppose to mean? A. Error 691 is an authentication problem probably due to the fact that MS chap uses the domain name and username combo to authenticate. If you look at the logs you will probably see a message saying that MS chap is trying to authenticate user "domain\\username". I got it to work by putting the full domain and user string in the client portion of the chap-secrets file. # Secrets for authentication using CHAP # client server secret IP addresses workgroup\\user server password * If anyone knows how to get it to default to a particular domain, I would like to know. **************************************************************************** Q. how do I go about checking who is logged in via tunnel? I need some way of writing the pppd data to wtmp/utmp. (and not sessreg either) does anyone know of any way of doing this via ppp? A. pppd syslogs everything to /var/log/messages (that's the default on my box anyways) and it will say something like : pppd[15450]: CHAP peer authentication succeeded for you could do a tail /var/log/messages -n2000 | grep CHAP if you wanted to see who has been logging in. other than that, there's not much i know of. all the authentication is provided by pppd (if you don't have an auth or a require-chap (or pap, etc.) option, it doesn't even ask for a username. **************************************************************************** Q. My NT client won't connect! A. Try taking header and software compression off. **************************************************************************** Q. PPTP *client* stops working. A. go to /var/run/pptp/ and look for a socket named x.x.x.x delete it and try it again. **************************************************************************** Q. How many clients does PoPToP support? A. The limits under Linux are: per-process filedescriptors - one per client (would limit clients to 256 by default, or 1024 with kernel recompile, or more with major libc/kernel hackery) - no relevant limit ttys - currently, with a standard kernel, 256 clients - with Unix98 ptys and a small amount of coding, 2048 ppp devices - no limit in kernel source for ppp - limit of 100 in dev_alloc_name() in 2.2.x for(i=0;i<100;i++) { sprintf(dev->name,name,i); if(dev_get(dev->name)==NULL) return i; } best fix is probably to keep a static int ppp_maxdev so you don't end up doing 2000 dev_get's to allocated the 2001'th device. processes - 2 per client plus system processes - standard kernel max = 512 processes, ie 256 clients - i386 max = 4096 processes, ie 2048 clients So it seems that 2048 will be the limit, if you fix a few things and with a minor kernel mod (I could do all of these pretty easily and send you a trivial kernel patch). To go above 2048 the easiest approach would be to combine pptpctrl and pppd in one process, which would get you to 4096. Beyond there, you need to go for a select() based model, which would be significant coding effort and require large fd-set sizes and so on. So 4096 is the practical limit, and 2048 the easy limit. **************************************************************************** Q. What authentication methods (PAP/CHAP) does PoPToP work with? A. PoPToP uses whatever authentication methods your PPPd provides (usually PAP and CHAP). With PPPd patches you can get MSCHAP and MSCHAPv2 authentication as well. **************************************************************************** Q. When running PoPToP I get the following error: Jun 11 08:29:04 server pptpd[4875]: MGR: No more free connection slots! What does this mean? A. I'd say at a guess you've only configured one IP address and you have connected a client, and as such there are no more free connection slots should any more clients wish to connect. **************************************************************************** Q. Does PoPToP suffer from the same security flaws (http://www.counterpane.com/pptp.html) as the Windows NT PPTP server? A. An initial look at the article suggests that what the authors hammered was not the PPTP protocol, but the authentication that the PPTP VPN servers on NT offered access to via open internet. PPTP seems initially to be just the path to the weakness, not the weakness itself. Part of their observance of weakness deals with use of poor passwords as well, a cheap component, simple enough to fix. > While no flaws were found in PPTP itself, several serious flaws were > found in the Microsoft implementation of it. > (http://www.counterpane.com/pptp-pressrel.html) The authors do not specifically say "this is ONLY effective against NT", just that NT is affected. This implies that they do not recognize PoPToP, and it may be included. The fact that PoPToP has to interOp with MS DUN's VPN client means that it will have the same weaknesses. It can only protect itself from DoS attacks, have immediate response to out-of-sequence packets or illogical packets, etc. The protocol is not considered weak in this analysis, but the weaknesses have to be replicated in apparent behavior by PoPToP. The only thing the developers can do with PoPToP is make it a stronger server per se -- more able to handle the attacks when the come. In conclusion: PoPToP suffers the same security vulnerabilities as the NT sever (this is because it operates with Windows clients). Update: MSCHAPv2 has been released and addresses some of the security issues. PoPToP works with MSCHAPv2. **************************************************************************** Q. Does PoPToP support data encryption? A. Yes.. with appropriate PPPd patches. Patches are available for PPPd to provide Microsoft compatible RC4 data encryption. The PPPd patch supports 40 and 128 bit RC4 encryption. **************************************************************************** Q. PoPToP or IPsec? Which is better suited to my needs? A. 1. The difference between PoPToP and IPsec is that PoPToP is ready NOW.. and requires *no* third party software on the Windows client end (Windows comes with a free PPTP client that is trivial to set up). 2. PoPToP is a completely *free* solution. Update: Unfortunately not true for Mac *clients* though. The Mac client software is around $400 US a copy. 3. PoPToP can be integrated with the latest PPPD patches that take advantage of MSCHAPv2 and MPPE (Microsoft encryption using RC4 - 40/128 bits). More details follow from Emir Toktar: (Refs: A Comprehensive Guide to Virtual Private Networks, IBM. Virtual Private Networking: An Overview White Paper - DRAFT, 3/18/98 Microsoft.) Neither network layer-based (L2TP, PPTP,...) nor application layer-based (IPSec,SSL,SSH) security techniques are the best choice for all situations. There will be trade-offs. Network layer security protects the information created by upper layer protocols, but it requires that IPSec be implemented in the communications stack. With network layer security, there is no need to modify existing upper layer applications. On the other hand, if security features are already imbedded within a given application, then the data for that specific application will be protected while it is in transit, even in the absence of network layer security. Therefore security functions must be imbedded on a per-application basis. There are still other considerations: Authentication is provided only for the identity of tunnel endpoints, but not for each individual packet that flows inside the tunnel. This can expose the tunnel to man-in-the-middle and spoofing attacks. Network layer security gives blanket protection, but this may not be as fine-grained as would be desired for a given application. It protects all traffic and is transparent to users and applications. Network layer security does not provide protection once the datagram has arrived at its destination host. That is, it is vulnerable to attack within the upper layers of the protocol stack at the destination machine. Application layer security can protect the information that has been generated within the upper layers of the stack, but it offers no protection against several common network layer attacks while the datagram is in transit. For example, a datagram in transit would be vulnerable to spoofing attacks against its source or destination address. Application layer security is more intelligent (as it knows the application) but also more complex and slower. IPSec provides for tunnel authentication, while PPTP does not. Layer 2 tunneling protocols inherit the user authentication schemes of PPP, including the EAP methods discussed below. Many Layer 3 tunneling schemes assume that the endpoints were well known (and authenticated) before the tunnel was established. An exception to this is IPSec ISAKMP negotiation, which provides mutual authentication of the tunnel endpoints. (Note that most IPSec implementations support machine-based certificates only, rather than user certificates. As a result, any user with access to one of the endpoint machines can use the tunnel. This potential security weakness can be eliminated when IPSec is paired with a Layer 2 protocol such as L2TP. Using the Extensible Authentication Protocol (EAP), Layer 2 tunneling protocols can support a wide variety of authentication methods, including one-time passwords, cryptographic calculators, and smart cards. Layer 3 tunneling protocols (IPSec) can use similar methods; for example, IPSec defines public key certificate authentication in its ISAKMP/Oakley negotiation. Layer 2 tunneling supports dynamic assignment of client addresses based on the Network Control Protocol (NCP) negotiation mechanism. Generally, Layer 3 tunneling schemes assume that an address has already been assigned prior to initiation of the tunnel. Schemes for assignment of addresses in IPSec tunnel mode are currently under development and are not yet available. Layer 2 tunneling protocols support PPP-based compression schemes. For example, the Microsoft implementations of both PPTP and L2TP use Microsoft Point-to-Point Compression (MPPC). The IETF is investigating similar mechanisms (such as IP Compression) for the Layer 3 tunneling protocols. Layer 2 tunneling protocols support PPP-based data encryption mechanisms. Microsoft's implementation of PPTP supports optional use of Microsoft Point-to-Point Encryption (MPPE), based on the RSA/RC4 algorithm. Layer 3 tunneling protocols can use similar methods; for example, IPSec defines several optional data encryption methods which are negotiated during the ISAKMP/Oakley exchange. MPPE, a Layer 2 protocol, relies on the initial key generated during user authentication, and then refreshes it periodically. IPSec, explicitly negotiates a common key during the ISAKMP exchange, and also refreshes it periodically. Layer 2 tunneling supports multiple payload protocols, which makes it easy for tunneling clients to access their corporate networks using IP, IPX, NetBEUI, and so forth. In contrast, Layer 3 tunneling protocols, such as IPSec tunnel mode, typically support only target networks that use the IP protocol. IPSec is not multi-protocol. IPSec will be suported by Windows 2000. Many cases can occur, each of which needs to be examined on its own merit. It may be desirable to employ a mix of both network layer security techniques and application layer techniques to achieve the desired overall level of protection. For example, you could use an upper layer mechanism such as Secure Sockets Layer (SSL) to encrypt upper layer data. SSL could then be supplemented with IPSec's AH protocol at the network layer to provide per-packet data origin authentication and protection against spoofing attacks. **************************************************************************** Q. I get a 'createHostSocket: Address already in use' error! what gives? A. Address already in use in createHostSocket means something is already using TCP port 1723 - maybe another pptp daemon is running? **************************************************************************** Q. Does PoPToP work with Windows 2000 clients? A. PoPToP v0.9.5 and above should work with Windows 2000 clients. **************************************************************************** pptpd-1.4.0/html/poptop_ads_howto/0000755000175000017500000000000012110522672014176 500000000000000pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_11.htm0000644000175000017500000001306412110522672020525 00000000000000 Poptop MSCHAP2 ADS Howto

17. pptp Client Installation

I will only describe the Windows XP pptp client installation. For other operating system, please see the documents in here.

  • Start -> Settings -> Control Panels -> Network Connections.
  • Click on "Create a new connection" on the left pane.
  • A Winzard starts. Click on Next.
  • Choose "Connect to the network at my workplace". Next.
  • Choose "Virtual Private Network Connection". Next.
  • Key in the company name. Next.
  • Choose "Do not dial the initial connection". Next
  • Type in the external IP address of Hostname of the pptpd gateway. Next.
  • Choose "Anyone's use". Next
  • Check the "Add a shortcut to this connection to my desktop". Finish.
  • A new icon appears on the Network Connections under the header Virtual Private Network. Right click on it and choose Properties.
  • Click on the Security tab. Check "Advanced (custom settings)" and then click the Settings button.
  • Choose "Maximum strength encryption (disconnect if server declines)" on Data Encryption.
  • In the same tab, choose "Allow these protocols" and undo all except "Microsoft CHAP Version 2 (MS-CHAP v2)". Click OK and click OK again to close the window.

That's all for a standard configuration. All traffic from the PC will pipe through the pptp tunnel except those for the local attached network segment. This is the recommended way of implementing VPN for security reasons.

17.1 Split Tunneling

Split Tunneling allows you to configure the network so that only selected traffic is directed to the VPN tunnel. For instance, you want browsing traffic to go to the Internet directly but corporate traffic goes via the VPN, then you will need split tunneling. It is also important if your ISP requires a heatbeat from your machine to keep the connection alive.

While split tunneling provides convenience, it causes security problems because it essentially renders the VPN vulnerable to attack as it is accessible through the public, non-secure network. Check your company security policy before inplementing split tunneling.

To set up split tunneling:

  • Right click on the icon which you created in section 15 and choose Properties.
  • Choose the Networking tab. Highligth the Internet Protocol (TCP/IP) and click on the Properties button.
  • Click on the Advanced Button and then deselect "Use default gateway on remote network". Click OK. Click OK and then click OK.

If you have a simple private network which has only one single segment, you have finished the configuration. Take a break and enjoy you day.

If you have multiple subnets in the private network, there are still works to do. By not using the PPP as the default gateway, we introduce another problem. The PPP client will set up routing only to the subnet that is directly attached to the pptp gateway. Traffic will not route to the other subnets. In our test environment, you can only access 10.0.0.0 but not 172.16.0.0. To resolve this problem, I created a VBScript to add the extra routes.

The VBScript is listed here: 

Option Explicit
Dim IP_Address
Dim TmpFile : TmpFile = "c:\ip.txt"
Dim route1

route1 = "route add 172.16.0.0 mask 255.255.255.0 "

SaveIP
IP_Address = GetIP()
route1 = route1 & IP_Address
AddRoute

Sub SaveIP
  Dim ws : Set ws = CreateObject("WScript.Shell")
  ws.run "%comspec% /c ipconfig > " & TmpFile, 0, True
  Set ws = Nothing
End Sub

Function GetIP()
  Dim fso : Set fso = CreateObject("Scripting.FileSystemObject")
  Dim re : Set re = New RegExp
  re.Global = TRUE

  Dim file, fileline, matches
  Dim pppsection : pppsection = FALSE

  If fso.FileExists(TmpFile) Then
    Set file = fso.OpenTextFile(TmpFile)

    Do While Not file.AtEndOfStream
      fileline = file.ReadLine

      If Not pppsection Then
        If left(fileline,3) = "PPP" Then
          pppsection = TRUE
        End If
      Else
        re.Pattern = "IP Address[\. ]+: "
        If re.Test(fileline) Then
          matches = split(fileline,":")
          GetIP = right(matches(1),len(matches(1))-1)
        End If
      End If

    Loop
    file.Close
  End If

  Set re = Nothing
  Set fso = Nothing
End Function

Sub AddRoute
  Dim ws : Set ws = CreateObject("WScript.Shell")
  ws.run "%comspec% /c " & route1, 0, True
  Set ws = Nothing
End Sub

Create the VBScript file somewhere in your PC and create a shortcut on the desktop. When the PPP connects, double click on the shortcut will add the route accordingly.

Note: you will need to modify the line in bold for your environment.

Next   Previous  Content

 

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_5.htm0000644000175000017500000000560112110522672020446 00000000000000 Poptop MSCHAP2 ADS Howto

9. Samba

Fedora 8 comes with samba v3.0.26a. The current samba RPM version from yum at the time of writing for F8 is v3.0.32. It is highly recommended to use the latest version.

The required RPM packages for samba in Fedora are samba, samba-client, samba-common. Install through yum if any of them is missing. 

[root@pptp ~]# yum install samba samba-common samba-client

Note: Information on Samba for FC4 / 5 / 6 can be found in Appendix A3.

9.1 Configure Samba

No matter you choose to use winbind or freeradius to connect to Active Directory, you will have to configure samba properly. The configuration file of samba is in /etc/samba and is called smb.conf. The file should have at least the following lines. 

[global]
# define the netbios name of the domain
workgroup = EXAMPLE
# define the pptp server netbios name
netbios name = PPTPDSVR
# define the AD domain name
realm = EXAMPLENET.ORG
# server description
server string = pptpd Server
# printer stuff
printcap name = /etc/printcap
load printers = no
cups options = raw
# log file stuff
log file = /var/log/samba/%m.log
max log size = 50
# must set to ads
security = ads                     
# address of domain controller
password server = 10.0.0.1
# enable encrypt passwords
encrypt passwords = yes
# default socket options setting on older samba. It is not defined in v3.0.23c or above
;socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# not to be a master browser
domain master = no 
preferred master = no
# address of the WINS server
wins server = 10.0.0.1
dns proxy = no
# require this line to join the domain in older samba
# I don't need this for samba v3.0.23 or above
;client use spnego = yes
# winbind stuff
idmap uid = 50001-550000
idmap gid = 50001-550000
winbind separator = +
winbind nested groups = Yes
winbind enum users=yes
winbind enum groups=yes
template shell = /bin/false
winbind use default domain = no

The lines in bold are the important ones that you should pay attention to. Execute "testparm" to check the configuration. Correct any errors before proceeding to the next step.

Next   Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_8.htm0000644000175000017500000001676612110522672020467 00000000000000 Poptop MSCHAP2 ADS Howto

13. Software for Radius Setup

freeradius is not in the Fedora 8 DVD although it is in the F8 yum repository. Therefore, by default, it is not installed. Installing it through yum is recommended as it has quite a few dependences. yum will resolve all required dependences automagically. The version of freeradius in F8 is v1.1.7. 

[root@pptp ~]# yum install freeradius

The second software you will need is radiusclient-ng. It is also available in the F8 yum repository. The version of the software is v0.5.6. 

[root@pptp ~]# yum install radiusclient-ng

Note: information for FC4 / 5 / 6 is in Appendix A4.

14. radiusclient-ng

The pppd radius plugin relies on the radiusclient package. Fedora, however, provides radiusclient-ng. To make pppd work with radiusclient-ng, create a soft link with the following command.

[root@pptp ~]# cd /etc
[root@pptp etc]# ln -s radiusclient-ng radiusclient

There are a few configuration files in /etc/radiusclient-ng to look at. The first one is /etc/radiusclient-ng/servers which specify the radius server name and key. We have the radius server in the same box. So the file is like this:

#Server Name or Client/Server pair              Key
#----------------                               ---------------
localhost                                       testing123

The key is the secret of the radius server which is specified in /etc/raddb/clients.conf. Older version of freeradius has the default key "testing123". Of course, it is a bad idea to use the default.

14.1 radiusclient.conf

The main configuration file for radiusclient is /etc/radiusclient-ng/radiusclient.conf. Here is how it should be when all remarks are stripped off:

auth_order radius
login_tries 4
login_timeout 60
nologin /etc/nologin
issue /etc/radiusclient-ng/issue
authserver localhost
acctserver localhost
servers /etc/radiusclient-ng/servers
dictionary /usr/share/radiusclient-ng/dictionary
login_radius /usr/sbin/login.radius
seqfile /var/run/radius.seq
mapfile /etc/radiusclient-ng/port-id-map
default_realm
radius_timeout 10
radius_retries 3
#bindaddr *
login_local /bin/login

Basically, all of the lines are default. I have not changed anything.

14.2 dictionary.microsoft

In /usr/share/radiusclient-ng directory, there is a file called dictionary. Add the following line to the end of the file.

INCLUDE /usr/share/radiusclient-ng/dictionary.microsoft

The file, dictionary.microsoft, is not included in the radiusclient-ng package. We can modify the one from freeradius so that it can be used by pppd.

First of all, copy the freeradius one, /usr/share/freeradius/dictionary.microsoft, to /usr/share/radiusclient-ng. Then change the word "octets" to "string" in the file. Add the word Microsoft to all attributes. Here is my version: 

#
#       Microsoft's VSA's, from RFC 2548
#
#       $Id: poptop_ads_howto_8.htm,v 1.8 2008/10/02 08:11:48 wskwok Exp $
#

VENDOR          Microsoft       311     Microsoft

BEGIN VENDOR    Microsoft
ATTRIBUTE       MS-CHAP-Response        1       string  Microsoft
ATTRIBUTE       MS-CHAP-Error           2       string  Microsoft
ATTRIBUTE       MS-CHAP-CPW-1           3       string  Microsoft
ATTRIBUTE       MS-CHAP-CPW-2           4       string  Microsoft
ATTRIBUTE       MS-CHAP-LM-Enc-PW       5       string  Microsoft
ATTRIBUTE       MS-CHAP-NT-Enc-PW       6       string  Microsoft
ATTRIBUTE       MS-MPPE-Encryption-Policy 7     string  Microsoft
# This is referred to as both singular and plural in the RFC.
# Plural seems to make more sense.
ATTRIBUTE       MS-MPPE-Encryption-Type 8       string  Microsoft
ATTRIBUTE       MS-MPPE-Encryption-Types  8     string  Microsoft
ATTRIBUTE       MS-RAS-Vendor           9       integer Microsoft
ATTRIBUTE       MS-CHAP-Domain          10      string  Microsoft
ATTRIBUTE       MS-CHAP-Challenge       11      string  Microsoft
ATTRIBUTE       MS-CHAP-MPPE-Keys       12      string  Microsoft encrypt=1
ATTRIBUTE       MS-BAP-Usage            13      integer Microsoft
ATTRIBUTE       MS-Link-Utilization-Threshold 14 integer        Microsoft
ATTRIBUTE       MS-Link-Drop-Time-Limit 15      integer Microsoft
ATTRIBUTE       MS-MPPE-Send-Key        16      string  Microsoft
ATTRIBUTE       MS-MPPE-Recv-Key        17      string  Microsoft
ATTRIBUTE       MS-RAS-Version          18      string  Microsoft
ATTRIBUTE       MS-Old-ARAP-Password    19      string  Microsoft
ATTRIBUTE       MS-New-ARAP-Password    20      string  Microsoft
ATTRIBUTE       MS-ARAP-PW-Change-Reason 21     integer Microsoft

ATTRIBUTE       MS-Filter               22      string  Microsoft
ATTRIBUTE       MS-Acct-Auth-Type       23      integer Microsoft
ATTRIBUTE       MS-Acct-EAP-Type        24      integer Microsoft

ATTRIBUTE       MS-CHAP2-Response       25      string  Microsoft
ATTRIBUTE       MS-CHAP2-Success        26      string  Microsoft
ATTRIBUTE       MS-CHAP2-CPW            27      string  Microsoft

ATTRIBUTE       MS-Primary-DNS-Server   28      ipaddr
ATTRIBUTE       MS-Secondary-DNS-Server 29      ipaddr
ATTRIBUTE       MS-Primary-NBNS-Server  30      ipaddr
ATTRIBUTE       MS-Secondary-NBNS-Server 31     ipaddr

#ATTRIBUTE      MS-ARAP-Challenge       33      string  Microsoft

#
#       Integer Translations
#

#       MS-BAP-Usage Values

VALUE           MS-BAP-Usage            Not-Allowed     0
VALUE           MS-BAP-Usage            Allowed         1
VALUE           MS-BAP-Usage            Required        2

#       MS-ARAP-Password-Change-Reason Values

VALUE   MS-ARAP-PW-Change-Reason        Just-Change-Password            1
VALUE   MS-ARAP-PW-Change-Reason        Expired-Password                2
VALUE   MS-ARAP-PW-Change-Reason        Admin-Requires-Password-Change  3
VALUE   MS-ARAP-PW-Change-Reason        Password-Too-Short              4

#       MS-Acct-Auth-Type Values

VALUE           MS-Acct-Auth-Type       PAP             1
VALUE           MS-Acct-Auth-Type       CHAP            2
VALUE           MS-Acct-Auth-Type       MS-CHAP-1       3
VALUE           MS-Acct-Auth-Type       MS-CHAP-2       4
VALUE           MS-Acct-Auth-Type       EAP             5

#       MS-Acct-EAP-Type Values

VALUE           MS-Acct-EAP-Type        MD5             4
VALUE           MS-Acct-EAP-Type        OTP             5
VALUE           MS-Acct-EAP-Type        Generic-Token-Card      6
VALUE           MS-Acct-EAP-Type        TLS             13

END-VENDOR Microsoft

Next   Previous  Content

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_9.htm0000644000175000017500000000705512110522672020457 00000000000000 Poptop MSCHAP2 ADS Howto

15. Freeradius

Firstly, for Fedora 8, add user radiusd to group wbpriv.

[root@pptp ~]# usermod -G wbpriv radiusd

For Fedora 4 / 5 / 6, change the permission of the winbind_privileged directory. 

[root@pptp ~]# chgrp radiusd /var/cache/samba/winbindd_privileged/

Secondly, we will need to modify the freeradius configuration file. Fortunately, we have only to change a few lines.

15.1 Configure Freeradius for MSCHAPv2

Edit /etc/raddb/radiusd.conf to enable MSCAHP2. Open the file and locate the module section and then the mschap subsection.

modules {

        ....[snip]....

        mschap {
                use_mppe = yes
                require_encryption = yes
                require_strong = yes
                ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
        }

        ....[snip]....

}

The mschap option in the authorize and authenticate sections is enabled by default. If they are not, enable them accordingly. Save the file.

The radius server has a secret key for security. The default key for freeradius is testing123. It is a good idea to change it for obvious security reasons. The key is in /etc/raddb/clients.conf. 

client 127.0.0.1 {
        #
        #  The shared secret use to "encrypt" and "sign" packets between
        #  the NAS and FreeRADIUS.  You MUST change this secret from the
        #  default, otherwise it's not a secret any more!
        #
        #  The secret can be any string, up to 32 characters in length.
        #
        secret          = testing123 

        ....[snip]....

Note: if you change the secret key, you must modify the /etc/radiusclient-ng/servers so that they match each other.

Refer to Appendix 6 for information on Fedora 4 / 5 / 6.

15.2 PPTP Access Control

The above configuration allows everyone with a valid userID in the AD to connect to the pptpd server. If you want to restrict access to a group of users, you can create a group, say VPN_Allowed, in the AD. Add users to the group and modify the ntml_auth line in /etc/raddb/radius.conf to include the parameter "--require-membership-of=EXAMPLE+VPN_Allowed".

In the example, I split the line into multiple lines for clarity. It should be one continuous line in the configuration file. 

ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key 
                  --username=%{Stripped-User-Name:-%{User-Name:-None}} 
                  --challenge=%{mschap:Challenge:-00} 
                  --nt-response=%{mschap:NT-Response:-00} 
                  --require-membership-of=EXAMPLE+VPN_Allowed"

Next   Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_1.htm0000644000175000017500000002563312110522672020451 00000000000000 Poptop MSCHAP2 ADS Howto

PopTop + MSCHAPv2 + Samba + Radius + Microsoft Active Directory + Fedora Howto

Copyright © 2005-2009 Wing S Kwok

by: Wing S Kwok
email: wskwok18 (at) gmail.com

Revision History:

Release 1.5 - 22 March 2009
- Added a section on how to retrict one connection per user

Release 1.4 - 30 September 2008
- Updated information of the Howto to focus on Fedora 8
- Moved FC5/FC6 specific information to Appendix

Release 1.3 - 19 May 2007
- Added info on potential problem of selinux on pptpd
- Added info to build rpm from pptpd tar ball
- Updated version information of software

Release 1.21 - 23 February 2007
- Fixed up typo in dictionary.microsoft

Release 1.2 - 15 January 2007
- Added Fedora Core 6 information

Release 1.1 - 25 September 2006
- Updated version information on kernel, samba and pptpd

Release 1.0 - 7 May 2006
- Updated the Howto to focus on Fedora Core 5
- Rearranged the order of steps to make the walkthrough more logical
- Moved Fedora Core 4 specific info to Appendix

Release 0.8 - 5 March 2006
- Updated information on pptpd, samba version
- Updated information on FC4 kernel version
- Added info on changing MTU size

Release 0.71 - 3 February 2006
- Problem with kernel 2.6.15 and ppp-2.4.3-5 is Gentoo specific. Corrected the document.

Release 0.7 -- 1 February 2006
- Section 12.2 has been rewritten.
- Updated information on Samba version.
- Provided a link to information on problem with kernel 2.6.15 and ppp-2.4.3-5

Release 0.6 -- 5 January 2006
- Added a new section on pptp server administration.
- Updated information on Samba version.

Release 0.5 -- 17 November 2005
- Included info on kernel 2.6.15-rc1 and MPPE support

Release 0.4 -- 30 October 2005
- Updated kernel-ppp-mppe version number

Release 0.3 -- 23 October 2005
- added the Acknowledgements section
- added information on problem with FC4 2.6.13 kernel and mppe kernel module
- added information on kernel upgrade and dkms_autoinstaller
- added information on pptp access control
- updated the software version info to reflect the latest available version

Release 0.2 -- 23 September 2005
- Rewrote part of the pptp client configuration section and included split tunneling information.

Release 0.1 -- 12 September 2005
- added Kerberos version information
- added the full path of winbindd_privileged directory
- fixed the VBScript which had a few lines missing
- corrected a few typos
First Release -- 5 September 2005

This document covers how to integrate Poptop with Microsoft Active Directory on Fedora 8. Two different implementations are described: a) winbind; and b) freeradius.

Table of Contents
1. Introduction
2. Disclaimer
3. Acknowledgements
4. The Test Environment
5. Fedora and SELINUX
6. Network Configuration
6.1 Default Route and Static Routes
6.2 Enable Packet Forwarding
7. Install MPPE Kernel Module
8. pppd and pptpd
8.1 pppd
8.2 Install pptpd
9. Samba
9.1 Configure Samba
10. Kerberos
10.1 Configure Kerberos
10.2 Test Kerberos
11. Join the AD Domain
12. pptpd and winbindd
12.1 Enable and Test winbindd
12.2 Configure pptpd
12.3 PPTP Access Control
13. Software for Radius Setup
14. Radiusclient
14.1 radiusclient.conf
14.2 dictionary.microsoft
15. Freeradius
15.1 Configure Freeradius for MSCHAPv2
15.2 PPTP Access Control
16. pptpd and freeradius
16.1 Enable freeradius
16.2 Configure pptpd
17. pptp Client Installation
17.1 Split Tunneling
18. pptp Server Administration
18.1 Who is Online?
18.2 Accounting
18.3 Disconnect a User
18.4 Allow One Connection per User
A1. Install MPPE Module on Fedora Core 4 / 5 / 6
A1.1 Fedora Core 5 / 6
A1.2 Fedora Core 4
A1.3 Kernel Upgrade and dkms_autoinstaller
A2. Update pppd on Fedora Core 4 / 5 / 6
A2.1 Fedora Core 5 / 6
A2.2 Fedora Core 4
A3. Samba for Fedora Core 4 / 5 / 6
A3.1 Fedora Core 5 / 6
A3.2 Fedora Core 4
A4. Software for Radius Setup on Fedora Core 4 / 5 / 6
A4.1 Fedora Core 5 / 6
A4.2 Fedora Core 4
A5. Radiusclient Configuration for Fedora 4 / 5 / 6
A5.1 radiusclient.conf
A5.2 dicitonary.microsoft
A6. Configure Freeradius for MSCHAP2 on Fedora 4 / 5 / 6
1. Introduction

This document descibes how to build a Linux PPTP server with Poptop and use Microsoft Active Directory to authenticate users. There are a few howtos on this topic, such as the Replacing a Windows PPTP Server with Linux Howto created by Matt Alexander and maintained by James Cameron. Most of them, however, concentrate on Samba and winbind. I followed them and got it working in the test environment. Unfortunately, winbind does not scale very well in a AD setup which has thousands of objects. The AD in my work is a big tree. It spans across all continents and has thousands of users and groups. Winbind simply times out before it can harvest a complete list of users/groups.

The other way of doing it is with radius. Information on how to setup pptpd with radius against Active Directory is scarce. I can only find bits and pieces information from forums but never find any comprehensive documents. I spent days to try to get it configured properly. After countless frustrations and tears, I eventually got a working setup. I therefore decided to make this howto to document it. Hopefully, you will find it useful.

To make this howto complete, I include the winbind configuration as well although it may duplicate Matt's work.

Note:
- this howto is based on Fedora 8 and use pre-packaged RPMs whenever possible. If you are using other distributions or like to compile software, you will have to make the necessary adjustments.
- Information for Fedora Core 4/5/6 has been moved to Appendix and will not be updated anymore.

2. Disclaimer

This document is provided as is. I have tried my best to make it as accurate as I can but it may contain wrong information. Use it at your own risk.

Any comments on this document will be greatly appreciated..

3. Acknowledgements

Thanks to the following individuals who provided feedback and suggestions to make this document better.

Peter Mueller - suggested to add information on Kerberos version (R0.1)
Francis Lessard - provided details on implementing pptp access control (R0.3)
James Cameron - provided info on MPPE support on kernel v2.6.15-rc1 (R0.5)
Phil Oester - pointed out the kernel-2.6.15/ppp-2.4.3-5 problem is Gentoo specific (R0.71)
Nicolas Ross - pointed out typo in dictionary.microsoft (R1.21)
Frederick Chapleau - info on the potential problem of SELINUX on PPTPD (R1.3)

Next   Content pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_6a.htm0000644000175000017500000000655412110522672020620 00000000000000 Poptop MSCHAP2 ADS Howto

10. Join the AD Domain

Once the Kerberos and Samba are configured, it's time to add the pptpd server to the AD domain. For Samba version below 3.0.23:

[root@pptp ~]# net ads join -U skwok@EXAMPLENET.ORG "Asiapac/Australia/Sydney/Servers"
skwok@EXAMPLENET.ORG's password: 
Using short domain name --  EXAMPLE
Joined 'PPTPDSVR' to realm 'EXAMPLENET.ORG'

For Samba version 3.0.23 or above:

[root@pptp ~]# net ads join -U skwok@EXAMPLENET.ORG createcomputer="Asiapac/Australia/Sydney/Servers"
skwok@EXAMPLENET.ORG's password: 
Using short domain name -- EXAMPLEE
Joined 'PPTPDSVR' to realm 'EXAMPLENET.ORG'

The above net ads join command creates the server in the container

"OU=Servers,OU=Sydney,OU=Australia,OU=Asiapac,DC=EXAMPLENET,DC=ORG"

The user must have admin right on the container to create the server object. If the operation is successful, you will see a new server object created in the AD.

Another test to see if the trust between the pptpd server and the domain is working is smbclient.

[root@pptp ~]# smbclient //dc1/c$ -k
OS=[Windows Server 2003 3790 Service Pack 1] Server=[Windows Server 2003 5.2]
smb: \> dir
  AUTOEXEC.BAT                        A        0  Wed Jul 20 10:53:47 2005
  boot.ini                         AHSR      208  Fri Jul 22 10:41:57 2005
  CONFIG.SYS                          A        0  Wed Jul 20 10:53:47 2005
  Documents and Settings              D        0  Fri Jul 22 16:25:51 2005
  download                            D        0  Thu Aug  4 17:31:28 2005
  IO.SYS                           AHSR        0  Wed Jul 20 10:53:47 2005
  MSDOS.SYS                        AHSR        0  Wed Jul 20 10:53:47 2005
  NTDETECT.COM                     AHSR    47772  Fri Jul 22 10:16:32 2005
  ntldr                            AHSR   295536  Fri Jul 22 10:16:32 2005
  pagefile.sys                      AHS 805306368  Fri Aug 12 11:24:27 2005
  Program Files                      DR        0  Wed Jul 20 10:51:09 2005
  shared1                             D        0  Thu Jul 21 17:06:28 2005
  System Volume Information         DHS        0  Fri Jul 22 10:52:09 2005
  WINDOWS                             D        0  Tue Aug 16 14:33:36 2005
  wmpub                               D        0  Wed Jul 20 10:55:13 2005

39064 blocks of size 524288. 31129 blocks available
smb: \>

Note: With Samba v3.0.14a or v3.0.20, everytime I run "net ads join", the command crash at the end with message "*** glibc detected *** net: free(): invalid pointer: 0x001cddb0 ***" and then a dump to the screen. The join seems to be working fine though. Samba v3.0.21a or above does not have this problem.

Next   Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/test.txt0000644000175000017500000000000512110522672015631 00000000000000test pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_a6.htm0000644000175000017500000000405412110522672020611 00000000000000 Poptop MSCHAP2 ADS Howto

A6. Configure Freeradius for MSCHAPv2 on Fedora 4 / 5 / 6
(last update: 19 May 2007)

Edit /etc/raddb/radiusd.conf to enable MSCAHP2. Open the file and locate the module section and then the mschap subsection.

modules {

        ....[snip]....

        mschap {
                authtype = MS-CHAP
                use_mppe = yes
                require_encryption = yes
                require_strong = yes
                ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
        }

        ....[snip]....

}

The mschap option in the authorize and authenticate sections is enabled by default. If they are not, enable them accordingly. Save the file.

The radius server has a secret key for security. The default key for freeradius is testing123. It is a good idea to change it for obvious security reasons. The key is in /etc/raddb/clients.conf. 

client 127.0.0.1 {
        #
        #  The shared secret use to "encrypt" and "sign" packets between
        #  the NAS and FreeRADIUS.  You MUST change this secret from the
        #  default, otherwise it's not a secret any more!
        #
        #  The secret can be any string, up to 32 characters in length.
        #
        secret          = testing123 

        ....[snip]....

Note: if you change the secret key, you must modify the /etc/radiusclient/servers so that they match each other.

Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_a3.htm0000644000175000017500000000460012110522672020603 00000000000000 Poptop MSCHAP2 ADS Howto

A3. Samba for Fedora Core 4 / 5 / 6

A3.1 Fedora Core 5 / 6
(last update: 19 May 2007)

FC5 comes with samba v3.0.21b and FC6 has version 3.0.23c. The current samba RPM version from yum at the time of writing for FC5/6 is v3.0.24. It is highly recommended to use the latest version.

The required RPM packages for samba in Fedora are samba, samba-client, samba-common. Install through yum if any of them is missing. 

[root@pptp ~]# yum install samba samba-common samba-client

Please go to Section 9.1 to continue the Samba configuration.

Note: Information on Samba and FC4 can be found in the next section.

A3.2 Fedora Core 4
(last update: 6 March 2006)

FC4 comes with samba v3.0.14a. The samba project released v3.0.20 on 20 August 2005. Here is a quote from the v3.0.20 release note about winbind.

-- quote --
Winbindd has been completely rewritten in this release to support an almost completely non-blocking, asynchronous request/reply model. This means that winbindd will scale much better in large domain environments and on high latency networks.
-- quote --

It is highly recommended to upgrade samba to v3.0.20 or above. The latest samba v3.0.21c rpms for FC4 can be found in here. Download a copy and then update samba with command "rpm -Uvh samba*.rpm".

Please go to Section 9.1 to continue the Samba configuration.

Note: Samba v3.0.21 has a bug on the oplock code. Avoid this version. Use v3.0.21a or above.

Next  Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_a5.htm0000644000175000017500000001465012110522672020613 00000000000000 Poptop MSCHAP2 ADS Howto

A5. Radiusclient Configuration for Fedora Core 4 / 5 / 6
(last update: 19 May 2007)

Radiusclient is required because the pppd radius plugin relies on it. There are a few configuration files in /etc/radiusclient to look at. The first one is /etc/radiusclient/servers which specify the radius server name and key. We have the radius server in the same box. So the file is like this:

#Server Name or Client/Server pair              Key
#----------------                               ---------------
localhost                                       testing123

The key is the secret of the radius server which is specified in /etc/raddb/clients.conf. Older version of freeradius has the default key "testing123". Of course, it is a bad idea to use the default.

A5.1 radiusclient.conf
(last update: 19 May 2007)

The main configuration file for radiusclient is /etc/radiusclient/radiusclient.conf. Here is how it should be when all remarks are stripped off:

auth_order radius
login_tries 4
login_timeout 60
nologin /etc/nologin
issue /etc/radiusclient/issue
authserver localhost
acctserver localhost
servers /etc/radiusclient/servers
dictionary /etc/radiusclient/dictionary
login_radius /usr/sbin/login.radius
seqfile /var/run/radius.seq
mapfile /etc/radiusclient/port-id-map
default_realm
radius_timeout 10
radius_retries 3

Basically, all of the lines are default. I have not changed anything.

A5.2 dictionary.microsoft
(last update: 19 May 2007)

In /etc/radiusclient, there is a file called dictionary. Add the following line to the end of the file.

INCLUDE /etc/radiusclient/dictionary.microsoft

The file, dictionary.microsoft, is not included in the radiusclient. We can modify the one from freeradius so that it can be used by pppd.

First of all, copy the freeradius one, /usr/share/freeradius/dictionary.microsoft, to /etc/radiusclient. Then change the word "octets" to "string" in the file. Add the word Microsoft to all attributes. Here is my version: 

#
#       Microsoft's VSA's, from RFC 2548
#
#       $Id: poptop_ads_howto_a5.htm,v 1.1 2008/10/02 08:11:48 wskwok Exp $
#

VENDOR          Microsoft       311     Microsoft

ATTRIBUTE       MS-CHAP-Response        1       string  Microsoft
ATTRIBUTE       MS-CHAP-Error           2       string  Microsoft
ATTRIBUTE       MS-CHAP-CPW-1           3       string  Microsoft
ATTRIBUTE       MS-CHAP-CPW-2           4       string  Microsoft
ATTRIBUTE       MS-CHAP-LM-Enc-PW       5       string  Microsoft
ATTRIBUTE       MS-CHAP-NT-Enc-PW       6       string  Microsoft
ATTRIBUTE       MS-MPPE-Encryption-Policy 7     string  Microsoft
# This is referred to as both singular and plural in the RFC.
# Plural seems to make more sense.
ATTRIBUTE       MS-MPPE-Encryption-Type 8       string  Microsoft
ATTRIBUTE       MS-MPPE-Encryption-Types  8     string  Microsoft
ATTRIBUTE       MS-RAS-Vendor           9       integer Microsoft
ATTRIBUTE       MS-CHAP-Domain          10      string  Microsoft
ATTRIBUTE       MS-CHAP-Challenge       11      string  Microsoft
ATTRIBUTE       MS-CHAP-MPPE-Keys       12      string  Microsoft encrypt=1
ATTRIBUTE       MS-BAP-Usage            13      integer Microsoft
ATTRIBUTE       MS-Link-Utilization-Threshold 14 integer        Microsoft
ATTRIBUTE       MS-Link-Drop-Time-Limit 15      integer Microsoft
ATTRIBUTE       MS-MPPE-Send-Key        16      string  Microsoft
ATTRIBUTE       MS-MPPE-Recv-Key        17      string  Microsoft
ATTRIBUTE       MS-RAS-Version          18      string  Microsoft
ATTRIBUTE       MS-Old-ARAP-Password    19      string  Microsoft
ATTRIBUTE       MS-New-ARAP-Password    20      string  Microsoft
ATTRIBUTE       MS-ARAP-PW-Change-Reason 21     integer Microsoft

ATTRIBUTE       MS-Filter               22      string  Microsoft
ATTRIBUTE       MS-Acct-Auth-Type       23      integer Microsoft
ATTRIBUTE       MS-Acct-EAP-Type        24      integer Microsoft

ATTRIBUTE       MS-CHAP2-Response       25      string  Microsoft
ATTRIBUTE       MS-CHAP2-Success        26      string  Microsoft
ATTRIBUTE       MS-CHAP2-CPW            27      string  Microsoft

ATTRIBUTE       MS-Primary-DNS-Server   28      ipaddr
ATTRIBUTE       MS-Secondary-DNS-Server 29      ipaddr
ATTRIBUTE       MS-Primary-NBNS-Server  30      ipaddr
ATTRIBUTE       MS-Secondary-NBNS-Server 31     ipaddr

#ATTRIBUTE      MS-ARAP-Challenge       33      string  Microsoft

#
#       Integer Translations
#

#       MS-BAP-Usage Values

VALUE           MS-BAP-Usage            Not-Allowed     0
VALUE           MS-BAP-Usage            Allowed         1
VALUE           MS-BAP-Usage            Required        2

#       MS-ARAP-Password-Change-Reason Values

VALUE   MS-ARAP-PW-Change-Reason        Just-Change-Password            1
VALUE   MS-ARAP-PW-Change-Reason        Expired-Password                2
VALUE   MS-ARAP-PW-Change-Reason        Admin-Requires-Password-Change  3
VALUE   MS-ARAP-PW-Change-Reason        Password-Too-Short              4

#       MS-Acct-Auth-Type Values

VALUE           MS-Acct-Auth-Type       PAP             1
VALUE           MS-Acct-Auth-Type       CHAP            2
VALUE           MS-Acct-Auth-Type       MS-CHAP-1       3
VALUE           MS-Acct-Auth-Type       MS-CHAP-2       4
VALUE           MS-Acct-Auth-Type       EAP             5

#       MS-Acct-EAP-Type Values

VALUE           MS-Acct-EAP-Type        MD5             4
VALUE           MS-Acct-EAP-Type        OTP             5
VALUE           MS-Acct-EAP-Type        Generic-Token-Card      6
VALUE           MS-Acct-EAP-Type        TLS             13

END-VENDOR Microsoft

 

Next  Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_a4.htm0000644000175000017500000000447312110522672020614 00000000000000 Poptop MSCHAP2 ADS Howto

A4. Software for Radius Setup on Fedora Core 4 / 5 / 6

A4.1 Fedora 5 / 6
(last update: 19 May 2007)

FC5 and FC6 have freeradius bundled. FC5 has freeradius-1.0.5 and FC6 has freeradius-1.1.3. Get it from yum if it is not installed. It has quite a few dependences and yum will resolve all required dependences automagically.

[root@pptp ~]# yum install freeradius

The second software you will need is radiusclient. Get the rpm, radiusclient-0.3.2-0.2.fc5.rf.i386.rpm or radiusclient-0.3.2-0.2.fc6.rf.i386.rpm, from here. Install it with "rpm -ivh".

After installing freeradius and radiusclient, move to Appendix A5

Note: information for FC4 is in the next section .

A4.2 Fedore 4
(last update: 1 February 2006)

In additional to the software we installed in the previous sections, we need two more. Freeradius is one of them. FC4 comes with freeradius-1.0.2-2 but it is broken. At the time of writing, the latest one is freeradius-1.0.4-1.FC4.1. Get it from yum as it has quite a few dependences. yum will resolve all required dependences automagically. 

[root@pptp ~]# yum install freeradius

The second software you will need is radiusclient. Get the FC4 rpm, radiusclient-0.3.2-0.2.fc4.rf.i386.rpm, from RPMforge. Install it with "rpm -ivh".

After installing freeradius and radiusclient, move to Appendix A5

Next  Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_12.htm0000644000175000017500000001325012110522672020523 00000000000000 Poptop MSCHAP2 ADS Howto

18. pptp Server Administration

This section covers a few tricks on pptp server management. It is far from a complete guide. Any suggestions are welcome.

The packages psacct and SysVinit are required for the utilities used in here. They should be installed by default. If they are not, please install them through yum.

[root@pptp ~]# yum install psacct SysVinit

18.1 Who is Online?

To check who is online, the "last" command is used:

[root@pptp ~]# last | grep ppp | grep still
James    ppp3         202.xx.xxx.xxx   Sat Nov 19 17:38   still logged in   
Andrew   ppp1         220.xxx.xxx.xx   Sat Nov 19 17:23   still logged in   
Mary     ppp2         1.2.3.4          Sat Nov 19 16:59   still logged in   
Sue      ppp0         202.xx.xxx.xxx   Sat Nov 19 16:43   still logged in   
Mark     ppp7         203.xxx.xxx.xxx  Sat Nov 19 14:59   still logged in

last is from SysVinit. It reads the information from /var/log/wtmp.

Note: for last to work properly, the logwtmp option in the /etc/pptpd.conf must be enabled. If you are sure there are pptp connections but see no output from the above mentioned command, check the logwtmp option in the pptpd.conf file is enabled.

18.2 Accounting

The "ac" utility from package psacct will provide a report on the connection time.

[root@pptp ~]# ac -d -p
        Amy                                  3.77
        George                               0.08
        Mark                                 1.78
        Richard                              0.35
        Lee                                  3.66
        Simon                                5.78
        Nicole                               1.05
Nov  1  total       16.46
        Amy                                  2.43
        Nicole                               8.61
        Richard                              4.77
        Mark                                 0.90
        Lee                                  4.68
        Keith                                1.84
Nov  2  total       23.23

The ac command reads the information from /var/log/wtmp. It has a lot of options. Read the man page for details.

Note:
1. If you want the statistics from older version of wtmp, use the -f parameter in "ac" to specify the file.
2. If users use shell to log in the server as well, the ac will return the connection time of both pptp and shell connections.

18.3 Disconnect a User

To disconnect an active connection, you will have to kill the pppd process associate with it. Firstly, run the command in section 16.1 to find out the remote ip address of the user. Say you want to disconnect Mary, her ip address in the above example is 1.2.3.4. Then, find the PID of the pppd process. 

[root@pptp /]# ps -ef | grep 1.2.3.4 | grep pppd
root   8672  8671  0 16:59 ?      00:00:00 /usr/sbin/pppd local file /etc/ppp/options.pptpd 115200 
                                               10.0.0.10:10.0.0.124 ipparam 1.2.3.4. 
                                               plugin /usr/lib/pptpd/pptpd-logwtmp.so 
                                               pptpd-original-ip 1.2.3.4

The second field of the output, 8672 in our example, is the PID of the pppd process. Kill the process will disconnect the user.

[root@pptp /]# kill 8672

18.4 Allow Only One Connection per User

By default, a user can make multiple connections to the pptpd server. To restrict one connection per user, create two script files in the /etc/ppp directory. When the same user logs in twice, the first connection will be disconnected. This is actually done on the ppp level, not with the pptpd.

The first file is /etc/ppp/auth-up

  #!/bin/sh
  # get the username/ppp line number from the parameters
  PPPLINE=$1
  USER=$2
  # create the directory to keep pid files per user
  mkdir -p /var/run/pptpd-users
  # if there is a session already for this user, terminate the old one
  if [ -f /var/run/pptpd-users/$USER ]; then
    kill -HUP `cat /var/run/pptpd-users/$USER`
    rm /var/run/pptpd-users/$USER
  fi
  # write down the username in the ppp line file
  echo $USER > /var/run/pptpd-users/$PPPLINE.new

The second file is /etc/ppp/ip-up.local

  #!/bin/sh
  REALDEVICE=$1
  # Get the username from the ppp line record file
  USER=`cat /var/run/pptpd-users/$REALDEVICE.new`
  # Copy the ppp line pid
  cp "/var/run/$REALDEVICE.pid" /var/run/pptpd-users/$USER
  # remove the ppp line record file
  rm "/var/run/pptpd-users/$REALDEVICE.new"

The method presented here may not be the best one, but it works for me. (If you have a better way, please let me know.)

Next   Previous  Content pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_3.htm0000644000175000017500000001031012110522672020435 00000000000000 Poptop MSCHAP2 ADS Howto

5. Fedora and SELINUX

There is a report from Frederick Chapleau on SELINUX causing problem on PPTPD. It affects user authentication with Winbind and Radius. SELINUX is enabled by default on Fedora, you may very likely run into this problem if you take all default settings when installing Fedora.

Frederick said in his email:

"This issue was not appearing with plain text file (chap.secret) or with CHAPv1 authentication. Only in the combination of MS-CHAPv2 and Winbind (with or without radius)"

Disabling SELINUX may be an easy fix but you may want to consider the security implication too.

For more information on this issue, please go to here.

6. Network Configuration

Microsoft AD depends heavily on DNS. You should have the DNS server working first.

The pptp gateway should use the Active Directory DNS server instead of the one provided by your ISP. Otherwise, the gateway may have problems to locate the domain controller. Here is the /etc/resolv.conf in my test gateway. 

search examplenet.org
nameserver 10.0.0.1

6.1 Default Gateway and Static Routes

The pptp gateway has two network cards. It is important that the default gateway is pointing to the Internet, your ISP router. Make sure that the internal network card does not have a default gateway address configured. Check the network card configuration files in /etc/sysconfig/network-scripts.

In my test setup, eth0 is the internal card and eth1 is the external one. In the /etc/sysconfig/network-scripts/ifcfg-eth0, it does not have the line GATEWAY="x.x.x.x". In the ifcfg-eth1, it has an entry GATEWAY="x.x.x.x" pointing to the ISP router ip address.

My test internal network has multiple subnets, static routes are set up to direct traffic correctly. If you have a simple single segment internal network, you can skip the following step and go to step 6.2.

To set up static routes in Fedora, create a file static-routes in /etc/sysconfig directory. My static-routes file has one line: 

any net 172.16.0.0 netmask 255.255.255.0 dev eth0

The syntax of the line is important. The line must start with the word "any".

Check your routing table with the netstat command.

[root@pptp sysconfig]# netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
172.16.0.0      0.0.0.0         255.255.255.0   U         0 0          0 eth0
10.0.0.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
0.0.0.0         192.168.0.2     0.0.0.0         UG        0 0          0 eth1

6.2 Enable Packet Forwarding

For ppp to work, the packet forwarding must be enabled. Edit /etc/sysctl.conf with your favourite editor and change the line:

net.ipv4.ip_forward = 0

to

net.ipv4.ip_forward = 1

The change will be effective on the next reboot. To enable it immediately:

[root@pptp etc]# sysctl -p

Next   Previous  Content pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_7.htm0000644000175000017500000001361512110522672020454 00000000000000 Poptop MSCHAP2 ADS Howto

12. pptpd and winbindd

The section covers how to configure pptpd + winbindd + AD. If you are working on the freeradius configuration, you may skip this section and go to the next one.

Most of the hard work has been done in the previous sections. You are very close to the final stage.

12.1 Enable and Test winbindd

For Fedora 8, start samba and winbindd with the "service" command.

[root@pptp ~]# service smb start
Starting SMB services: [  OK  ]
[root@pptp ~]# service nmb start
Starting NMB services: [  OK  ]
[root@pptp ~]# service winbind start
Starting Winbind services: [  OK  ]

For older version of Fedora, the "service smb start" will start both smb and nmb.

[root@pptp ~]# service smb start
Starting SMB services: [  OK  ]
Starting NMB services: [  OK  ]
[root@pptp ~]# service winbind start
Starting Winbind services: [  OK  ]

Winbind starts and spawns two threads. 

[root@pptp ~]# ps -ef | grep winbind | grep -v grep
root     18762     1  0 15:59 ?        00:00:00 winbindd
root     18763 18762  0 15:59 ?        00:00:00 winbindd

Wait a few minutes for winbindd to contact the domain controller. Then we can test if winbindd is working fine. If you see no error messages from the wbinfo command, you are in business. 

[root@acna-pptp etc]# wbinfo -t
checking the trust secret via RPC calls succeeded

[root@acna-pptp etc]# wbinfo -u
EXAMPLE+Administrator
EXAMPLE+Guest
EXAMPLE+SUPPORT_388945a0
EXAMPLE+DC1$
EXAMPLE+krbtgt
EXAMPLE+skwok
EXAMPLE+ldapuser
EXAMPLE+pptpdsvr$

To enable samba, nmb and winbind on bootup, use the chkconfig command.

[root@pptp ~]# chkconfig winbind on
[root@pptp ~]# chkconfig nmb on
[root@pptp ~]# chkconfig smb on

Please note that for older version of Fedora, smb will spawn nmb automatically. But for F8, they are separated.

12.2 Configure pptpd

There are two configuration files for pptpd. The first one is /etc/pptpd.conf. You can very much keep it as it is except the ip address range for the ppp connections. Edit the file and add two lines at the bottom to specify the local ip address and the ip address pool for the remote connections. 

localip 10.0.0.10
remoteip 10.0.0.101-200

10.0.0.10 is the ip address of the internal network card eth0. The remoteip is the address pool for the remote connections. If you are running FC6 or above, please refer to Section 8.2 for details on the logwtmp option.

Please note that pptpd by default has a 100 connections limit. You can override it by the "connections" parameter in the pptp.conf file. Read the remarks in the file.

The second configuration file is /etc/ppp/options.pptpd. I stripped off all remarks from my options.pptpd and it is like this:

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 10.0.0.1
ms-wins 10.0.0.1
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
auth
nodefaultroute
plugin winbind.so
ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1"

If you have Windows XP clients, you may want to reduce the MTU size. Add the line, /sbin/ifconfig $1 mtu 1400, to /etc/ppp/ip-up as shown in the following list.

[root@pptp ppp]# cat ip-up
#!/bin/bash
# This file should not be modified -- make local changes to
# /etc/ppp/ip-up.local instead

PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH

LOGDEVICE=$6
REALDEVICE=$1

[ -f /etc/sysconfig/network-scripts/ifcfg-${LOGDEVICE} ] && /etc/sysconfig/network-scripts/ifup-post ifcfg-${LOGDEVICE}

/etc/ppp/ip-up.ipv6to4 ${LOGDEVICE}

[ -x /etc/ppp/ip-up.local ] && /etc/ppp/ip-up.local "$@"

/sbin/ifconfig $1 mtu 1400
exit 0

The above example reduces the MTU size to 1400. In my environment, I found that XP will connect the VPN and ping all servers without problems, however, it cannot connect to the Microsoft Exchange server properly. Reduce the MTU size to 1400 fixed the problem.

After fixing the files, we can start pptpd and connect to it from remote client. To start it:

[root@pptp ~]# chkconfig pptpd on

[root@pptp ~]# service pptpd start
Starting pptpd: [  OK  ]

11.3 PPTP Access Control

The above configuration allows everyone with a valid userID in the AD to connect to the pptpd server. If you want to restrict access to a group of users, you can create a group, say VPN_Allowed, in the AD. Add users to the group and modify the ntml_auth-helper line in the /etc/ppp/options.pptpd:

ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1 --require-membership-of=EXAMPLE+VPN-Allowed"

That's all on the server side. If winbind works for you, you can proceed to configure the client. The client PCs require special configurations and is discussed in here.

Next   Previous  Content pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_a1.htm0000644000175000017500000001002512110522672020577 00000000000000 Poptop MSCHAP2 ADS Howto

APPENDIX

A1. Install MPPE Kernel Module on Fedora Core 4 / 5 / 6

In summary, Fedora Core 5 or above, the Kernel has built-in MPPE functionality.

A1.1 Fedora Core 5 and 6
(last update: 19 May 2007)

Kernel version 2.6.15 or above has MPPE built-in which is required for MSCHAPv2. Fedora Core 5 and 6 kernel version on the CD are 2.6.15 and 2.6.18 respectively. That means you do not need to install the MPPE module as you have to for Fedora Core 4. Information for FC4 and MPPE is in Appendix A1.2.

To test if your kernel supports MPPE:

[root@pptp ~]# modprobe ppp-compress-18 && echo ok

It should return an "ok". Then move to step 8.

Note: The latest kernel for Fedora Core 5/6 at the time of writing is 2.6.20.

A1.2 Fedora Core 4
(last update: 6 March 2006)

MPPE support is required for MSCHAPv2. Depending on the kernel version, you may or may not require to perform this step. Kernel version 2.6.15 or above has MPPE built-in. If you are using the latest FC4 2.6.15 kernel, you can go to Step 8 now. If you are using an older kernel which does not support MPPE, you will have to add this feature to it.

To test if your kernel supports MPPE:

[root@pptp ~]# modprobe ppp-compress-18 && echo ok

If it returns an "ok", you can safely skip this step and move to Step 8 . If you see "FATAL: Module ppp_mppe not found.", install MPPE support as described in the following procedure:

Download the MPPE module builder in rpm format from here. The required RPMs are::

dkms-2.0.6-1.noarch.rpm
kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm

Install them with command "rpm -ivh".

[root@pptp ~]# rpm -ivh dkms-2.0.6-1.noarch.rpm
[root@pptp ~]# rpm -ivh kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm

If you upgrade your kernel to 2.6.13 or above, kernel_ppp_mppe version 1.0.2 or above must be used. Otherwise, the pptp tunnel will not connect and you will see error message "This system lacks kernel support for PPP." in /var/log/messages.

Please see A1.3 Kernel Upgrade and dkms_autoinstaller for more information on dkms.

Note:
(1) Fedora Extra provides also a dkms rpm, dkms-2.0.6-3.fc4.noarch.rpm. I have not tested it. You may want to use the one I mentioned above to make sure the installation will work.

A1.3 Kernel Upgrade and dkms_autoinstaller
(last update: 6 March 2006)

If you upgrade your kernel after installing dkms, thanks to the dkms_autoinstaller service, you will not have to worry about the dkms kernel module. dkms_autoinstaller runs on every bootup. It checks the dkms module to ensure it match the kernel version. If a mismatch is found, it will create a proper one for the boot kernel.

For dkms_autoinstaller to work, you will need the correct kernel-devel version installed in your system. It is always a good idea to install the kernel-devel rpm alongside with your new kernel.

Next   Previous  Content pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_a2.htm0000644000175000017500000000346412110522672020611 00000000000000 Poptop MSCHAP2 ADS Howto

A2. Upgrade pppd on Fedora Core 4 / 5 / 6

A2.1 Fedora 5 and 6
(last update: 19 May 2007)

FC5 comes with ppp-2.4.3-6.2.1 and FC6 has ppp-2.4.4-1. MPPE support is already enabled. If ppp is not installed, use yum to install it.

[root@pptp ~]# yum install ppp

Note: Information on how to update ppp module on FC4 is in the next section.

A2.2 Fedora Core 4
(last update: 6 March 2006)

FC4 comes with ppp-2.4.2-7. It is required to be upgraded to a patched version which supports MPPE. The patched version can be found in here. Download the rpm for FC4. At the time of writing, the latest version is 2.4.3-5. Get the FC4 rpm: 

ppp-2.4.3-5.fc4.i386.rpm

Upgrade the ppp with the downloaded version:

[root@pptp ~]# rpm -Uvh ppp-2.4.3-5.fc4.i386.rpm

Note: If you are a Gentoo user, and are using kernel v2.6.15, the ppp-2.4.3-5 does NOT work because of MPPC. You may find more information from here.

Next  Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/diagram1.jpg0000644000175000017500000003477212110522672016322 00000000000000ÿØÿàJFIF``ÿÛC    $.' ",#(7),01444'9=82<.342ÿÛC  2!!22222222222222222222222222222222222222222222222222ÿÀ¢"ÿÄ ÿĵ}!1AQa"q2‘¡#B±ÁRÑð$3br‚ %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzƒ„…†‡ˆ‰Š’“”•–—˜™š¢£¤¥¦§¨©ª²³´µ¶·¸¹ºÂÃÄÅÆÇÈÉÊÒÓÔÕÖ×ØÙÚáâãäåæçèéêñòóôõö÷øùúÿÄ ÿĵw!1AQaq"2B‘¡±Á #3RðbrÑ $4á%ñ&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz‚ƒ„…†‡ˆ‰Š’“”•–—˜™š¢£¤¥¦§¨©ª²³´µ¶·¸¹ºÂÃÄÅÆÇÈÉÊÒÓÔÕÖ×ØÙÚâãäåæçèéêòóôõö÷øùúÿÚ ?÷ú(¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (¢€ (ª÷÷Öúfsy'—kkÍ3í'j(%Ž'”bŠòû|TŠ;ýJYô?´¥­ôøK%Î¥R3;†ùcoî¯Þ }·ü)/‡Ÿô/äíÇÿ @¢¼Þok¼¶Ô|;ÙÁ¸MáëëÇki##$B[>\…9Óg4¯ /mÌÓ:³+ÑgÆÇ?(?*–û£5sMÕ-5kvšÑä!¤‰,O‘¶ã€ÊpAÀô ÐÊ+ÇÅN£yµ¼Ó–—>D²ZK3àû©YBI•†Æ9PXdjMKÄ~•p¶óý®YÊ1ÚYMrȤ ‘Š‚C[ÚØÎ5(¨àž«x®-åŽh%@ñÉWR2#‚ç5_KÕlu«¿Óncº´wtI£åX£”lãržG¨Èæ€.QEQEQEF'…®ÝeŒÎˆ®ñ†•X¤Ž ¬ï´úP”V~™®èúß›ý“ªØßù8ó>Ép’ìÎq¤ã8=} Zîc¨Á§^j¶6÷Óíòm¦¸D’MÇjíRrrAMhQUï¯ìôË9//îà´µæžA.H,x$Æ‹û=NÎ;Ë ¸.ídÎÉ H‚AÃ#ð  TbxZáíÖXÌèŠïa¹U‰ Hê*ÀûO¥SÓ5Ý[ó²u[ÿ'gÙ.]™Î3´œg¯¡  (®nè·Vñ\[Ŭͨ9#Ñ/Y]HÈ ˆ°Aæ€:J+Ÿÿ„ËKÿŸ]sÿW¿üføL´¿ùõ×?ðE{ÿÆh ¢¹ÿøL´¿ùõ×?ðE{ÿÆj9¼u¡Z –ñµ+87ªîô›¨"BÌn‘ã £$ ’4ÒQTõVÇIKw¿¹Žqq¬;ºÉ+¶ÕEI'ò“€ ªwÞ(ÒtëÉ-®&œ4XóåŽÒY!ƒ ÞʪR<) w°Âǃ@V?ü%Oöؼé÷y¾GŸöI~ÏægnÏ?o—»wÉÙßòýî*櫪Øèz]Ƨ©ÜÇmgn›å•ú(þd“€ä’É4rŠËÔ¼A§éW o?Ú圠s¥”×,ŠI°‰¨$0±­Œàâ¼Þ/Ðáp>×$±lWk›{yf·YCó"˜Ðm*ÙfV p4¹ESÔµKM&Ýf»yw EË$‚pˆ€³Hà)=4iº¥¦­nÓZ<„#”‘%‰â’6À8tpN 2„¹EgÿnibóPµ7ð,ÚlI5ègÀ·G T»„cÉà`žÌzoˆ4ýVá­àû\S„.#»²šÙA•¢–•®q¹sŒŒ€jQEeëúý†ô¶¿¿i."†W|·· iÕAõ'5+“¹‚oxÞ8fŠÒ]BxçË)ó´ 6 ¢Å*>@;& ÃOJÒüo«çRÖ‡çJHÒ,í­¥û4cz…ó™_{ݾìcï £#nç„ü>ÞÑ œ÷QÞÞKq5ÕÝâÛ¬&âY±vPHÎ^½trŠ( «Ãagoysy ¤Ý]mûDÉ.Ñ…ÜÖÀàg¥X¢€ (¢€#žn­å·¸Š9 • IŠ]HÁ#ŒWðáßL‹Xð}ÅçÚfðýØŠbÌÿd‘Dob,e€À1ŒÜW/¬øB]GŶ>!°Ö'Ò®¢´’Êåà…$yá,*mpNvsŒŽ(¨¢¼¿UÖ™ðÝ[Åqo,sA*ŽHØ2º‘AG9  (¢Š(¢Š(¢Š(¢Š+çÿ ÿÉ^Óÿìkñþ“Å_@WÏþÿ’½§ÿØ×âý'Š€>€¢Š(¯?ø§ÿ2Wýv?û=zyÿÅ?ù’¿ìk±ÿÙè ðoü€îì+©élÕ¹<Ý[ËoqsA*’92º‘‚<G®Âv¾*màÁ¬èÈŸÚwà‡Òec»ísn9#‚Ù v œdî}ÆôÐÿðM7ÿ%P7ðÙXh·÷rǯŠ5G¸¸•‚Ç —¾@] :('»ÔŠÜðÅýœú†½y ÜZêªýŠd¹Ûgo-‡ƒ€ã8ØßÝ8±ö?ÐwCÿÁ4ßü•GØüaÿAÝÿÓòUrþ¿³ºÓ~iV÷pM©iž_Ûìã4Ö›l&¼Ô¦•à0ÌS[ ®èúgŒ¯5ýVÆÖÆûJ²û%Ì÷‘Üm’å›ËbpøFN3€ëê+Cì~0ÿ î‡ÿ‚i¿ù*±øÃþƒºþ ¦ÿäªÂ0BÞÑ´kø£3¦l—vS¨ÜªÑm"HÏ ®¸#¬;“Á¿ò¹ÿ°®¥ÿ¥³Qö?ÐwCÿÁ4ßü•GØüaÿAÝÿÓòUtW?ö?ÐwCÿÁ4ßü•GØüaÿAÝÿÓòUtW ÇŒ%ñ î“ý¯¡³ZAsæÿdMóy¯2íÇÚxÇ“œçݱ·ØüaÿAÝÿÓòUtæþ%±·²ÿ…ŠmãÚÓøi&•‹gsöÞI<œz*ªŒê>Çãúèø&›ÿ’ª1¦x©náu‰ÝA¢K¹•I* ûVH˜Ûqõ  /?ä¡èßö ¿ÿѶ•Ïë_ò,|Rÿ¶ÿúm‚®Yø;RÓíî­ì›Â6Ð]¦Ë˜áðã"̸#ÎaˆÁõ>µ%×…µ‹íF Fò \_A·É¹›ÃÎòG´î]¬nr0I# hx‡þCžÿ°¬ŸúEuG‡¿ä9âÏû Çÿ¤VµNçúõí½Í½Ýï†'‚éÃÜG.€ì³0 pnpÄ@ þèô[xw^²·¶·´½ðÄZ¹{xâÐV!(Îî Þ>¦€0üKcoeÿ Ûǵ§ðÒM+,Îçí¼’y8(ôUUÔ^ÉCÑ¿ìÿ£m*1¦x©náu‰ÝA¢K¹•I* ûVH˜Ûqõªzg…µÍþɟ–v<ϲxyâߌã;nFq“×ÔЇŽÿäžx—þÁW_ú)«‹Dñn³ãïè:Š£Ðt½,ÒÚÚ=* ”,ç8 §ŽzöÅnx¶ÛÄ‘ø#ÄMªéSÚ*ï|pi’Díû—ÆÎÀsá>œuªþÿ’½ñþáŸúNÔÂ%ñþŠþP-ÿÆøD¾!ÿÑOÿÊ¿ø× Q@ÿ—Ä?ú)ÿù@·ÿåõ{¯išŠ|5®x›ûjÕ¼w~§ì[m|˜ÇÜäàß¿N+Ú+Çüwÿ%Ä¿öOî¿ôkPyã8!m2ÎᢌΚžž‰!Q¹U¯mËz€J©#¾Ñé\ߌ"Þž%Ñ´Ýv¯µˆ˜-­³wq3[¬Kä³0I›cħzm%:±øÃþƒºþ ¦ÿäª>Çãúèø&›ÿ’¨/Sñ.ƒ®kÉáá­é°ý’öœ=Ò d¸ŽE’8"BrNõ]Í‚?€e‹îxçìwßsÏ)åô¹Eyÿ‰õŸiÚÕžš÷ÓÿfiQ^yÊlÒ9dc0ÍÓJWþäåm ä|¸“TÕ5ô¸×å´Õ£…-µ‹ >Ò&µWT=åùÇï\ ‘¹¹?&ÀòŠóûío[´iÜ_^̺ØÓÅÌ l.Þ3d.²7…‡po—%@Ø:nù¨ÑŸRÔfãæ9ÃÚd—“¼3Þ\Au83ɵ¥„¡Âî‘å¦pí£9År~'šóVø}ã=BçéQO²Y]¢,Ë•%™Tyª ‡;¶rv±Jô Ï›DÓ®-uKim÷Cªîûjïaææ%ˆóŸ—äEc¦zóZQEQEQEW›ê×?ð|rÑî™ ŠÇÄz{ØÈ<ß/uÄ-¹dqŒ;ÉóŸ˜@}"¹ÿxcþh¯>Å}iwí•ç•æùFÙ ³ 7†6qÅtW›ÚüGÖ4o>ÏÆ^Õb¸µ•„ú–•dóXy=DÛÉÜ)É1=Tvž×!ñ‰©­ÝªHò!‚î0’ÆÈíPNåèô« afþfëHÍ•'“1ƒ¾D۵ϫ ‰ƒÔm_AV(  w:N›{osow§ÚOÓ‡¸ŽXU–f@.Ã'û£ÐPºNš¯dë§Ú°B–l!\Û©P¤GÇÈ €01ÀÅ\¢€ (®OÅ¿ô_^ÚZêiw! ²½¬bAkõO6QÊ…œ@9 ÏÖWðê“GÔõ†ºžâ=kU¹¿·3ÆÈËa8ÝÎÓhËÀùX `W?ªj^ ø›gwáÍ;DÕ|7¦Mý³TÕ`h¥Á'1E#~ìNìm.åsé6úfmag—kkC n'j(FO'´bŠ( Š( Š( ¸x“Ä–ž(Ñ<=áHô©¯¯¢ž{Ÿ·¬Œ¶ñ ]®ÞYÊ«Ê À®â¼Å9ðσ¾1ϪËv÷ ¡Gj‹jECæK+$ƒ9Ø‹ooŸ'ägÞøóâÅ•ýí¡ðî›?Ùœ – #Pxæ!–ØänP™8²‘•Ë ð|Eø»6—y|Þ´ˆÛ¼h¶òiW¾lå÷}À P¤±$9$â%ñ ÚÏŒu}nÞæíEíÄÆ6‘ÈBùP‡ñå˜Éã¥c™ækt·id0#³¤eŽÕf1 $*‚{í”ë–ºÇÄ„‚rÞÕRAºfÀÕ¢ûD®ùr)DjÌYœà"ýì`à„“â;èvº©Ò'EšìZÉj×ZçŸoÔù›&0;—wP:ä žy®®%¸¸–I§•ËÉ$ŒY‰É$žI'œÔy$·RÉw;ÉwŸ´»HI›,ï?ÅóÜ÷õ dÓõ?‰:…Ä0 jV¯-Äpsq­"¨rA‘›Ï!Qp7só Î4ìüSñKÂ:;i6~‚î; ¹-aˆi·ó±ˆ3dü­á-»h^1Íy'‚'šoøQ%–GHu;T‰Y‰¾xl/ ÜÌp;’{Öç¯4¸¼s©ÚÇ«j°Æ5]EîäŽÓæˆÊv2"ý£k©ÚTœFJžw *€z¾±ão‹ZD¨ƒÃÚUúÉh—Q½–™} mÍ·Ë9ÁIË`¸מø™ãû¿iÖ¾(ð·öf‘q(†[¯ì˘ö;± ÌÄ Ò^Gñvë^añ^o³ËáH¬®g6²øRÊ2XyfXÃ3.õŽª­·$'®Àw/k®O43yWZIydgIÛA,‰òŸ#îÇ.pÊö½Q@Q@Q@Q@ýŸü”=gþÁVú6îº çìÿä¡ë?ö °ÿÑ·uÐPEPEPEPEåz‡€¼)â»ø§^°‘î$¸ºE’;£@–ÀÛðYÖ<““.ðr$Õ+›ñí݃/nµY.`á+]}˜™|Ôò¹|°$ØKçåžqŠø²ÞÝ." vÜ/̨åU fr]˜a¸P»8à5Ë©4Ymìa·†î b·qurH´JAeÄyùcå–Ürªh9Ríz®©cwáë+-;ÅZ冧—öCþ[i~Ñ„!¿vu«¹°ÜtÆ+f©ÿEK\ÿÁ­—ÿ,kÈ᳑<’"lb c»iÚ0Hà¶=':šõÞ…{ö7Ñt¹ôß./*xe¸3ùŒ:Kæ|Í’ …UAx…öûŸè–Z›G\¸»³òšîSâȱt‹1òÒù›q]̪ŸÆr¹Û4˜lm´k4³Óã·-LroSP “¸mÇ99¯’<á½TO=ç™t-t+«í;$)ªÉ I GÝÀ†Îq´·?á› GƺŸ(’âÎêöÖÕ×Ë,H¿+Œ–‚ 8à}ÇE|9âë 3ÅZÍ’4¶Ôî`HJåc‰ ‡,K äq€rrq럳âA¨êQŒÉw’ÎYÔàBbíPw ùòä°ÁÂí9W ¡è¢Š(¢Š(¢Š(¢Š(¢Š+‹€ øòò9#ŽÛC×Þ9a™ž4A©Êñª»2$jÙcÊ@%ŸÚV_ˆ|=¦øŸFŸKÕ-£š Q‚³"³DÅJïMÀ…pàãŠÔ¢¼ÎÃÅz¿ÃË/°|@2M§Çp-¬¼C\)FeF >‚¶OSÆöë?á;ðý zþ aÿ⨠¢¸;ÿ‰–7Ú§ü#þëšäˆJ¼G6–ÃåýäÒŽ ÙÂn$¼1—§øÅ>lj,u¿íOMº]^Úà•‡RÎݱ#d¼°#mêØ;Pí¡Eqz'Äÿjû5[¸ô R$Cu§j­öy!f6‡ ‚;$ â´'øƒàÛkyghÅ#Bì#½Ø€3©%°žÔÐO<6¶òÜ\K0D…ä’F ¨ d’OÎkƒøq2x¢óXñãÚÏöœ¢ÛO[‰Ìv€¿.9MÒ —8È~ñË{m_â퍗–·zO%À·•‚\j­œ€áI)##žFg §¨A6¶ñ[ÛÅ0D#Ž5 ¨ `Æ(J(¢€ (¢€ (¢€ (¢€ çåðv›>§%Ϊ³^ʲȰjwè#XGHÇ''ß ¢€89þ ø êâ[‹I§•ËÉ$—÷,ÎÄä’L™$žsQÿÂ’øyÿB÷þNÜñÊô (ÏÿáI|<ÿ¡{ÿ'n?øåð¤¾нÿ“·ür½Šæàð6‹ko½¼ºÌ0D#Ž=nõU —Æ*OøCt¿ùú×?ð{{ÿÇ« ¢€9ÿøCt¿ùú×?ð{{ÿǨÿ„7KÿŸ­sÿ·¿üzº (ž“¦Ã£hÖ:]»HÐY[ÇoHAb¨¡A8gÐUÊ( Š( Š+›ñ•Û%–Ÿ¥¦£&˜u‹Õ±ûtN¨ð‚Žä!aî#òÔõ@FH€X×ücáÏ #6µ¬ZZ8@þK>éYKmc\» çCèk?Mñõ—ˆ-ÚïÃzf¥­Ù£˜ÞæÔE¬€P‰ä²Sù‡9È/4¿iööºMêi¶Æîã̶Y¥TžkœóQÉÞÓüÃ÷€ïÉ95çzà›Kñ§òèwª1oofÚÕƱI3ÐÂ׫)ÜÁ‹€ PÁ[ÜC}ªEâÝ[þ-pý¦Ò o+̲ù|§™·gí<çÎÆ1ÆÞùâœÿôK+‰a¿·’ÐÀågó5 hvœ6cK†rFʪ[ŒOÇéšî¯ª[Ýk×¾'“Gu¼¡îf¹•¹ þŠ"¶óP±ÚæHÆNW W‰´-Eíõ{~î >Ñöh.ílîµZå—•ŽYíü¨‹†9†(Tœ.ß”z‰ñ7Á~!¸û>â FŸz"Ç6èFc…$ \’1…ÏQê+¬®ONð®yqm¬A6²ÑyídµÔåžUž) ‡GŽës¨Ìj~]¹ÀÎáZ.“ªj6öºœi"C,Zc¸ac÷—÷|åbm€*}Õ(ÛpåQ@Q@x9‡ÄÖþÕ®´ÏøŽÊûSˆÞI¥^?‘pÈï,0ÊFØ•¥‘¾`20§qÁ'Þ( Š-üã x¤–/øŽ£ûµé³Ñ²²É–ê2]¸!ƒ6HÆ gÁ~6kt·o x€ÀŽÎ‘› ¶«0ˆp  žûG¥}¯ðÌó$RÆï ì•U(ÛCa½ÖSƒØƒÞ¤ ‰‚ülÖénÞñ#6mV`6àA=öJ¹gá_XÜ_øsÄrÃs*›ýÖnÌÁÀ*_%AÆåÉäGØöwÖú„ 5¬ždk,“´ŒK8®“Âú„RZ–þ5#ƒ‚霨Ã/94¿ Þéþ- —Ç+ši®â¸½<1»ÙØÛF6ã*à q^é4ðÛ yåŽ$.¨Ø(,ÌG=ËîH%|ùâ‡Zf½¬ê—§WÖ`‚öâKˆí¿áÔ]mävRî¹8.ÁbFxQ…ÛÑü8ðm‡†îlí!Õõ˹P7¡nt;«X-¥‹ºíF>nKù¶"ã<×°Q@Q@Q@Q@Q@Q@—â]Jmº¾©n±´öVS\F²T²!`8ÈõÍßx‚óL¼’ÎÿǾ ´ºážÌÆëÊ›¼Œ‚ã@¤ðCuo-½ÄQͨRHäPÊêF ðAb¸ ø/·:=ÃÏá­Wú{˜…[¹•G+Ð(ÀQÿÂ_ÿUÀßøÿÝ•OL×aÒ­^Þ‰^ d{‰î x;¥•¥aÅØãs=±×­z%…ž™g…¤–±çd0F#EÉ$áG$“øÕŠóÿøKÿê£øÿÿû²º ÷Xÿ„‡RÒuk›Ÿ³Ú[\Ç-¥«Áþ±æR¤4œy äÔІ§¡húß•ý­¥Xßù9òþ×n’ìÎ3Àã8=SƒÁ~µ¸ŠâßÃZ43Äáã’;•‘È …È óšÜ¢€ (¢€ (¢€ (¢€ (¢€ (¢€+ßý³û:çû;Èûw”ÿgûF|¿3nüs·8Î9År÷¾7Ú¾¸²µÝk¬EÉóŽc’[hUp ºV'‘û²¿Å¹{ äí¼O[ÜÏ'Ùõ„’ÝLn7¬24²±9\óng¨Ú#î ‰¯<ž%šÄË6±]ÇbŠð³I4ÿg{‡ƒ…]†"Ž©"ã•5&›ã V·k›MJ3n-Íן"4Q´@ήà ì' ´ñTì¼7y¯‡|Ù 7z„Ú…öÖ; “Eqæ¸ÎÑ$ÿ(nvŽI=sÿ἟ÃÚ^“=Ôù¸Ñ§•|I*@¡Ô7(ò˜òAéêp¡gã;+[UC.ËKYIo$s¬²É2ùmûˆHö¦Ýͼc;–µ,Ó$PL^8£{ag*‡( 7’du;T*TÀx§F[;;£yû›ÛO¶[“,YŒ «Œ–&hÀLn%Àš¹¦ê–šµ»MhòŽRD–'ŠHÛáÑÀe8 €@È`zk›ÁÏlºûGäNײ«[Ç3°¯qË( žtó‘s°˜ÊwlxnÂÿNÓ¤‹P—,Ò—ŠµIuä&ÙçHÉ– ù`1¿háEaëž"×¼)h5-Pi·pJ“•³µ‰ãhš;yn0ffa Ä%3å¦wÀÆÒjzþ½ ]Ác{6›{=òm46ÀÆâÞ º™\È3r“ýYù²±Ë ø“Z‹VƒYµÒ¢mJÒâÈ]Á}$ÆÎRc‰¡PyÚ\—ˆÎp¨‹&§ kÚýÜ×°é¶SØ 6ÐÃvó¬ì.-çñ‰ c6ÁrÿÖ— aµ]z GM¸¾Ñ’{;xo$Ô¤·x Š3˜Œ¤±¾bŒ>ƒ¡á}bmbÊæIg´»H. Q_Y)X.×b6øÆæà34g ß4mÈû¢œ6^$MF÷Zû6”—ÓŷؾÕ#ÆñÄfmÞw– 13tòØb<SCAÓï-S»¿Gu¨Ý‹—† ‰"Ž ¡Ê©lˆƒghÆìsŒ Š(¢€ äüm¥Xë—Ó5;hîlî59XŸ£±\þ ƒ‚äÁÖVŠ4‹íVÊÚm&ò;]SO¸vo2o‰Ü#¡I]Œ²:’¸# Ž˜ ~$ð-棧Gma¨Ás ¼¢æ =v}‘Aw³oÚÁœ1“Í 0)°¨®O‡~2Ó´¸tûmÃÙ³í›û!$žV°i#º•bœày¥ŠnÊG™gãktˆ¯ˆ4ëíâ=¢s{6ÈJƒ‘t¹„®NÐK)$c+ ±¿³Ôìã¼°»‚îÖLìš ˆØ$0àà‚? ãîïZÓ­-üKà[íRKyLÀl³HKá”-®ß¢¹“Ï<b¾¿o©xŠò‡À“Å4±<3j7š½±Ž<¨|£1–2IÌn¬„ãr°Î=Šóÿ øOÆ6>dW~$ƒO°å#³°‹í Š1µÖY—lmÆÒ‰ˆ.v¢•ë4išÝËa‚{·W¸žyäžYJ®ÕÝ$ŒÌ@gœu5Ÿ?Žô·–]>êMeãBÆ-½lã…o(0BÝò àóÁÅM~îâþûY†;y\%–œ ¼¢–Ì’:’ ¾AÚ¤… £$–  Ê(¢€ (¢€8¿^ZAâ­ SX»Ó´¹l¯vŠåíãfW¶ÙæH¸1€Xá·.I “¼«r÷ÚƤ-Ùõ-WRµÖ‡…ì®m-4+.¤Âã 4¥” áðAFØ6ú„šl2ë6Ú£4ž}½¼Öè ¥dhÙ‰ã9ÌKŽ{ž½ˆôØbÖnuEi<û‹xmÝIBÆÒ2‘Æs™[<ö;€yÞ¡$Zgü&­g©_[ÝÿÂA¦™M¼ï4ÑG'Ù9HÎÿ½ºU) f ¨QcûF/±mþØŸþoí¿'ûCûAöý—ì{óö½Ûöý«åÝ¿ï~ï8ùk¼ÔôØu[T·¤TKˆ.BÝ«*ŽAãr}³Ó­\ _áó¤žEyöØÛP¿+u•>p7saò€)Ï_”ÏÉèzÄÆâÍ×UÖn¯‡.®u;HÌÑ_)¶Þ#GVpY‡“÷S*6(s»Õ+OðúXê"öMBúöH¢h-…Û«}ž&*YC ùòãù¤.ß ç%²åóßçê–÷WÛ4‹;½åfƒ]¹¹ˆ¼d–Au F*@À%“ ‡£¨jð°'¶°A2j©gºœÉ#Ú•„˲ÍP¤ÊIœy­÷NâJˆ‘Ey|š¿Št½þBý§û#v’¿i˜·Ÿ4žgÙÚ_œo‘±§|üö©³Ž|³WÔ'ÑɳÎò÷}ßÞgËëòãø¨Ñ<=¬Xjš]íÊXüŸÚŸkHµ\¬é°˜ÆülÚs³®Fq‚¨ž/ÐÞÞîãír,¶ïtÒ=¼ª²Bƒ-$D¨ ;£Ü>eþòçRÆúßR³ŽîÒO6ÞL˜ä @p —=Tã!‡  A¯?³ø{}máëý30yÃDŸIµ¹—R¹¸ó7¢®ÿ-þKu&5%?P>oH Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( ÇòOÿÂWÿº+ƒñ*KáÉu n4_†±iöw©b..´)•¤• I°?3kã9þÓŠÔšÞOQÒ&×>4hz®›¨C~¶þE¬;ž3‘ó$™ŽýzWIðûƺo•$Ž¾l¯)RÂáAÁr3Ò¬}ÆôÐÿðM7ÿ%PA^Gªiºõç|M&—¥$ö%ck3¢îû%¿P·öã8#øo˜ôÄqøªg™"ñ‡Ýá}’ªé’´6ý+ƒµ”àö ÷¬9|ãoí;ûÛ/AaöéVi¡ƒC“x#Èó$f,kÞ€8=cBø¥ö‰—HÓµ) –Ü yµ™¡h$Ëe‘~ß '~ñ#å(çwª|>]ž åO5 ñåÜIæHŸéspí¹·0îw6O9=k“†ßÄ×6FöZl¶Ù é¥Ú2T20Ü ØzWI¢øwÅš&˜,£ñ.•sûÙfy§ÑŸ{¼’4ŒNÛ…_¼ç ¡àßùÜÿØWRÿÒÙ« ¬}ËûL†Æöþ ®®.î%©ä‰d–I'eD,Ç€[Œ“…&¶(¢Š(¢Š(¢Š(¢Š(¢Š(¢Š(¢Š(¢Š(¢Š(¢Š(¢Š(¢Š( µ{áãX4v³Ž; ,§ggËÊñ´å…@&#žI€/Ÿ 犣ñ)ÓZóF¾HlšêuK)mŠ³°&ó4˜Ë),¶ˆŽG̵±>›4¾*ÓõEhü‹{+›wRNâÒ< ¤qŒb&Ï=Ç^Ñéz}æ›g©Ì õ+»¹îrd(’s¶c´íÄI ýÒ~c’@+Ù^ëž!ƒIÕ®lnþÕi5ÌrÚZ½¿—åQ¸í§ªè÷ˆÌ¨C¦Ø†²—Nd·»y÷Ãq$>s1&ÇXâmœ0,Ã8ψ|HÞ›Åô¨ôØíPŠÐÛÈóOo´Ê¤óŠB›T€²À°$£SUñ,Ö~3ÐôkxäK·c{3 b™â ;—h$çœÎG̦£Ö-|Iw®#ŧéWzU¾É-áŸP’ó|É@àí8عÀ#yËlÙ^ãÁw_ð’ÚjÖÚõöÏíS¨][Ê Ùÿí ˆ·}݉‚ßwqÎü5vQEQEQEQEQEQEQEQEQEQEaøÒ ®¼ â{x¤šytË”Ž8Ô³;˜ä’xÅrúΕ¯ÚM¨•Ôu+û‘o²¾x˜mÞhþÙÛuŒ³í\C° E†Fcè”P‘ÝXx–må-õ/I zf§-±†‹fyBÛy)‰ç'ÌóJï`ç  ¸m‰á»´Õ®,µâðݵĩZÉw$åÌ6¯dˆ™75ß$• yTÑ( µÓ¼Em¦ê pú­µýÆ¡i6­7•u8d6 ¸Ä!u-þ’6Ÿ!†ÐݨZìª^ü=†ÒWžöãÍGtž/%îm–à9ˆ£»žS¶[wï%±ØQ@oã[‰õ­5o´+UKÈ|ð.ÅŒ°LXX^ VO•ä\mÝ( Kn?S‡Å~ˆeŽûUûw•¨l··³¹Ûål—ìÛ%2ù¿Ô䧛»ƒÿ- zÅæú–‹5ŸŽôXÕuÉ´›[»y‘ÍÍÕÀIdŠñ³îc·)lNÕ s#îôŠ( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( Š( ÿÙpptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_6.htm0000644000175000017500000000653512110522672020456 00000000000000 Poptop MSCHAP2 ADS Howto

10. Kerberos

There are two different versions of the Kerberos client, version 4 from KTH and 5 from MIT. As Microsoft uses version 5, you should use the MIT version. Fedora includes the MIT one so you will be ok to use the stock standard one.

Packages krb5-lib and krb5-workstation are required. They are installed by default. If they are not, please get the latest version from yum.

10.1 Configure Kerberos

The configuration file of Kerberos is /etc/krb5.conf. To connect to AD, the settings must match the domain configuration.

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
default_realm = EXAMPLENET.ORG
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes

[realms]
EXAMPLENET.ORG = {
kdc = dc1.examplenet.org:88
# admin_server = kerberos.example.com:749
default_domain = examplenet.org
}

[domain_realm]
.examplenet.org = EXAMPLENET.ORG
examplenet.org = EXAMPLENET.ORG

[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}

Lines shown in bold are the ones you should pay attention to. Use uppercase as shown.

10.2 Test Kerberos

Before trying to connect to AD, the AD DNS should have a A record for the pptp server. To add the A record, on your Windows DNS server, click Start -> Administrative Tools -> DNS. The dnsmgmt window pops up. Click on the "+" of "Forward Lookup Zones". Right click on AD Domain name, in our test environment is EXAMPLENET.ORG, and choose "New Host (A)...". Put in the server Netbios name which is defined in smb.conf and the ip address. Then press the "Add Host" button.

When the DNS is ready, it is time to test Kerberos. Please note that the domain name must be in capital. 

[root@pptp etc]# kinit -V skwok@EXAMPLENET.ORG
Password for skwok@EXAMPLENET.ORG: 
Authenticated to Kerberos v5

To check the Kerberos tickets:

[root@pptp etc]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: skwok@EXAMPLENET.ORG
Valid starting     Expires            Service principal
09/03/05 14:43:47  09/04/05 00:43:04  krbtgt/EXAMPLENET.ORG@EXAMPLENET.ORG
        renew until 09/04/05 14:43:47
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached

Next   Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_2.htm0000644000175000017500000000367312110522672020452 00000000000000 Poptop MSCHAP2 ADS Howto

4. The Test Environment

I have built a test environment as shown in the diagram. In the rest of the howto, the configurations of software are based on this topology.

A Windows 2003 R2 SP2 Server is set up as the AD domain controller, DNS server and WINS server. The pptp gateway is the Linux box which has 2 network cards. One connects to the internal network, 10.0.0.0/24, and the other one connects to the Internet with ip address 192.168.0.10/24. The internal network has two subnets, 10.0.0.0/24 and 172.16.0.0/24.

The domain name of the Windows AD domain is EXAMPLENET.ORG and the corresponding netbios name is EXAMPLE.

Windows Domain Summary:

Domain Controller Name dc1.examplenet.org
Domain Controller IP Address 10.0.0.1
DNS IP Address 10.0.0.1
WINS IP Address 10.0.0.1
AD Domain Name examplenet.org
AD Netbios Domain Name example

Note: The Windows server that I used for FC4/5/6 testing was a Windows 2003 standard with SP1. In another word, the information presented in Appendix for FC 4, 5 and 6 is not tested for Windows 2003 R2 although I believe it should work.

Next   Previous  Content pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_10.htm0000644000175000017500000000777212110522672020535 00000000000000 Poptop MSCHAP2 ADS Howto

16. pptpd and freeradius

The section covers the configuration of pptpd + freeradius + AD. If you are looking at the integration via winbind. Go to this section.

16.1 Enable freeradius

To enable radiusd on bootup, use the chkconfig command.

[root@pptp ~]# chkconfig radiusd on

To start radiusd in daemon mode: 

[root@pptp ~]# service radiusd start
Starting RADIUS server: Sun Sep  4 11:26:24 2005 : Info: Starting - reading configuration files ...
[  OK  ]

16.2 Configure pptpd

There are two configuration files for pptpd. The first one is /etc/pptpd.conf. You can very much keep it as it is except the ip address range for the ppp connections. Edit the file and add two lines at the bottom to specify the local ip address and the ip address pool for the remote connections. 

localip 10.0.0.10
remoteip 10.0.0.101-200

10.0.0.10 is the ip address of the internal network card eth0. The remoteip is the address pool for the remote connections. If you are running FC6, please refer to Section 8.2 for details on the logwtmp option.

Please note that pptpd by default has a 100 connections limit. You can override it by the "connection" parameter in the pptp.conf file. Read the remarks in the file.

The second configuration file is /etc/ppp/options.pptpd. I stripped off all remarks from my options.pptpd and it is like this:

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 10.0.0.1
ms-wins 10.0.0.1
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
auth
nodefaultroute
plugin radius.so
plugin radattr.so

There are two plugins we used in here. The first one radius.so is required while the second one radattr.so is optional. Radattr.so basically records the parameters passed from radius to pppd in a file. Check the man page of pppd-radattr for details.

If you have Windows XP clients, you may want to reduce the MTU size. Add the line, /sbin/ifconfig $1 mtu 1400, to /etc/ppp/ip-up as shown in the following list.

[root@pptp ppp]# cat ip-up
#!/bin/bash
# This file should not be modified -- make local changes to
# /etc/ppp/ip-up.local instead

PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH

LOGDEVICE=$6
REALDEVICE=$1

[ -f /etc/sysconfig/network-scripts/ifcfg-${LOGDEVICE} ] && /etc/sysconfig/network-scripts/ifup-post ifcfg-${LOGDEVICE}

/etc/ppp/ip-up.ipv6to4 ${LOGDEVICE}

[ -x /etc/ppp/ip-up.local ] && /etc/ppp/ip-up.local "$@"

/sbin/ifconfig $1 mtu 1400
exit 0

The above example reduces the MTU size to 1400. In my environment, I found that XP will connect the VPN and ping all servers without problems, however, it cannot connect to the Microsoft Exchange server properly. Reduce the MTU size to 1400 fixed the problem.

After fixing the files and permission, we can start pptpd and connect to it from remote client. To start it:

[root@pptp ~]# chkconfig pptpd on

[root@pptp ~]# service pptpd start
Starting pptpd: [  OK  ]

That's all on the server side.

Note: The client PCs require special configurations. It will be discussed in here.

Next   Previous  Content

 

pptpd-1.4.0/html/poptop_ads_howto/poptop_ads_howto_4.htm0000644000175000017500000000700612110522672020446 00000000000000 Poptop MSCHAP2 ADS Howto

7. Install MPPE Kernel Module

If you plan to use MSCHAPv2, MPPE is required. Kernel version 2.6.15 or above has already got MPPE built-in. Fedora Core 8 kernel version on the DVD is 2.6.23.1. That means you do not need to install the MPPE module as you have to for older kernels. Information for MPPE on FC4 / 5 / 6 is in Appendix A1.

To test if your kernel supports MPPE:

[root@pptp ~]# modprobe ppp-compress-18 && echo ok

It should return an "ok".

Note: The latest kernel for Fedora Core 8 at the time of writing is 2.6.26.3.

8. pppd and pptpd

8.1 pppd

FC8 comes with ppp-2.4.4-2. MPPE support is already enabled. If ppp is not installed, use yum to install it.

[root@pptp ~]# yum install ppp

Note: Information on how to update ppp module on FC4 / 5/ 6 is in Appendix A2.

8.2 Install pptpd

From here download the pptpd tar ball, pptpd-1.3.4.tar.gz. You can make a RPM from it with the rpmbuild command. If you don't have the rpmbuild command installed. Get the package rpm-build through yum. 

[root@pptp ~]# rpmbuild -ta pptpd-1.3.4.tar.gz

The command will create a pptpd rpm in /usr/src/redhat/RPMS/i386 directory. Install the package with the rpm commad.

[root@pptp ~]# cd /usr/src/redhat/RPMS/i386/
[root@pptp i386]# rpm -ivh pptpd-1.3.4-1.i386.rpm

Note:
The pptpd rpm package is built against ppp-2.4.3 but FC6 or above has ppp-2.4.4. It prevents the tunnel to be established and gives the following error message is in /var/log/message.

Plugin /usr/lib/pptpd/pptpd-logwtmp.so is for pppd version 2.4.3, this is 2.4.4

The workaround is to disable the logwtmp option in /etc/pptpd.conf. The drawback is the last command won't show the pptpd login information.

I have produced a patched RPMs for pptpd to address the problem. You can find them from the following links.

For Fedora 8
pptpd-1.3.4-2.fc8.i386.rpm (binary RPM - current version)
pptpd-1.3.4-2.fc8.src.rpm (source RPM)
For Fedora 6
pptpd-1.3.3-2.fc6.i386.rpm (binary RPM - older version)
pptpd-1.3.4-2.FC6.i386.rpm (binary RPM - current version)

Next  Previous  Content pptpd-1.4.0/getopt1.c0000664000175000017500000001172612231653026011324 00000000000000/* * getopt1.c * * Ripped from GLIBC - original copyright follows * * NOTE: Changed to make dependencies work better: * * changed to "config.h" */ /* getopt_long and getopt_long_only entry points for GNU getopt. Copyright (C) 1987,88,89,90,91,92,93,94,96,97,98 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. The GNU C Library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License for more details. You should have received a copy of the GNU Library General Public License along with the GNU C Library; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #include "our_getopt.h" #if !defined __STDC__ || !__STDC__ /* This is a separate conditional since some stdc systems reject `defined (const)'. */ #ifndef const #define const #endif #endif #include /* Comment out all this code if we are using the GNU C Library, and are not actually compiling the library itself. This code is part of the GNU C Library, but also included in many other GNU distributions. Compiling and linking in this code is a waste when using the GNU C library (especially if it is a shared library). Rather than having every GNU program understand `configure --with-gnu-libc' and omit the object files, it is simpler to just do this in the source for each such file. */ #define GETOPT_INTERFACE_VERSION 2 #if !defined _LIBC && defined __GLIBC__ && __GLIBC__ >= 2 #include #if _GNU_GETOPT_INTERFACE_VERSION == GETOPT_INTERFACE_VERSION #define ELIDE_CODE #endif #endif #ifndef ELIDE_CODE /* This needs to come after some library #include to get __GNU_LIBRARY__ defined. */ #ifdef __GNU_LIBRARY__ #include #endif #ifndef NULL #define NULL 0 #endif int getopt_long (argc, argv, options, long_options, opt_index) int argc; char *const *argv; const char *options; const struct option *long_options; int *opt_index; { return _getopt_internal (argc, argv, options, long_options, opt_index, 0); } /* Like getopt_long, but '-' as well as '--' can indicate a long option. If an option that starts with '-' (not '--') doesn't match a long option, but does match a short option, it is parsed as a short option instead. */ int getopt_long_only (argc, argv, options, long_options, opt_index) int argc; char *const *argv; const char *options; const struct option *long_options; int *opt_index; { return _getopt_internal (argc, argv, options, long_options, opt_index, 1); } #endif /* Not ELIDE_CODE. */ #ifdef TEST #include int main (argc, argv) int argc; char **argv; { int c; int digit_optind = 0; while (1) { int this_option_optind = optind ? optind : 1; int option_index = 0; static struct option long_options[] = { {"add", 1, 0, 0}, {"append", 0, 0, 0}, {"delete", 1, 0, 0}, {"verbose", 0, 0, 0}, {"create", 0, 0, 0}, {"file", 1, 0, 0}, {0, 0, 0, 0} }; c = getopt_long (argc, argv, "abc:d:0123456789", long_options, &option_index); if (c == -1) break; switch (c) { case 0: printf ("option %s", long_options[option_index].name); if (optarg) printf (" with arg %s", optarg); printf ("\n"); break; case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': if (digit_optind != 0 && digit_optind != this_option_optind) printf ("digits occur in two different argv-elements.\n"); digit_optind = this_option_optind; printf ("option %c\n", c); break; case 'a': printf ("option a\n"); break; case 'b': printf ("option b\n"); break; case 'c': printf ("option c with value `%s'\n", optarg); break; case 'd': printf ("option d with value `%s'\n", optarg); break; case '?': break; default: printf ("?? getopt returned character code 0%o ??\n", c); } } if (optind < argc) { printf ("non-option ARGV-elements: "); while (optind < argc) printf ("%s ", argv[optind++]); printf ("\n"); } exit (0); } #endif /* TEST */ pptpd-1.4.0/plugins/0000775000175000017500000000000012231672221011325 500000000000000pptpd-1.4.0/plugins/patchlevel.h0000644000175000017500000000026612110522672013547 00000000000000/* upstream patchlevel.h,v 1.60 2004/01/13 04:46:52 paulus Exp */ /* $Id: patchlevel.h,v 1.4 2005/02/24 01:25:34 quozl Exp $ */ #define VERSION "2.4.3" #define DATE "13 Jan 2004" pptpd-1.4.0/plugins/pptpd-logwtmp.c0000644000175000017500000000340412110522672014226 00000000000000/* * $Id: pptpd-logwtmp.c,v 1.6 2013/02/07 00:37:39 quozl Exp $ * pptpd-logwtmp.c - pppd plugin to update wtmp for a pptpd user * * Copyright 2004 James Cameron. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. */ #include #include #include #include char pppd_version[] = VERSION; static char pptpd_original_ip[PATH_MAX+1]; static bool pptpd_logwtmp_strip_domain = 0; static option_t options[] = { { "pptpd-original-ip", o_string, pptpd_original_ip, "Original IP address of the PPTP connection", OPT_STATIC, NULL, PATH_MAX }, { "pptpd-logwtmp-strip-domain", o_bool, &pptpd_logwtmp_strip_domain, "Strip domain from username before logging", OPT_PRIO | 1 }, { NULL } }; static char *reduce(char *user) { char *sep; if (!pptpd_logwtmp_strip_domain) return user; sep = strstr(user, "//"); /* two slash */ if (sep != NULL) user = sep + 2; sep = strstr(user, "\\"); /* or one backslash */ if (sep != NULL) user = sep + 1; return user; } static void ip_up(void *opaque, int arg) { char *user = reduce(peer_authname); if (debug) notice("pptpd-logwtmp.so ip-up %s %s %s", ifname, user, pptpd_original_ip); logwtmp(ifname, user, pptpd_original_ip); } static void ip_down(void *opaque, int arg) { if (debug) notice("pptpd-logwtmp.so ip-down %s", ifname); logwtmp(ifname, "", ""); } void plugin_init(void) { add_options(options); add_notifier(&ip_up_notifier, ip_up, NULL); add_notifier(&ip_down_notifier, ip_down, NULL); if (debug) notice("pptpd-logwtmp: $Version$"); } pptpd-1.4.0/plugins/Makefile0000644000175000017500000000106712110522672012707 00000000000000CC = gcc COPTS = -O2 -g CFLAGS = $(COPTS) -I.. -I../../include -fPIC LDFLAGS = -shared LDADD = -lutil INSTALL = install -o root prefix = /usr/local PLUGINS = pptpd-logwtmp.so # include dependencies if present ifeq (.depend,$(wildcard .depend)) include .depend endif all: $(PLUGINS) %.so: %.c $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^ $(LDADD) LIBDIR ?= $(DESTDIR)$(prefix)/lib/pptpd install: $(PLUGINS) $(INSTALL) -d $(LIBDIR) $(INSTALL) $? $(LIBDIR) uninstall: rm -f $(LIBDIR)$(PLUGINS) clean: rm -f *.o *.so *.a depend: $(CPP) -M $(CFLAGS) *.c >.depend pptpd-1.4.0/ChangeLog0000664000175000017500000006652512231672170011357 00000000000000Wed Oct 23 16:23:58 2013 James Cameron * pptpd-1.4.0.tar.gz: released. Mon Oct 21 20:50:07 2013 John Lauro * pqueue.c: don't leak memory from duplicate packet. * pptpgre.c, pptpmanager.c: don't leak handle on connect fail and detect error on socket creation instead later. * bcrelay.c: code cleanup - warning fix. * ctrlpacket.c, ctrlpacket.h, pptpctrl.c: clean up warning dereferecing type-punned pointer from mixing struct and unsigned char. * ctrlpacket.c, pptpgre.c: fix several warnings in newer compilers, caused by format and type discrepancies. * ctrlpacket.c, ctrlpacket.h: use unsigned types to properly handle negative error codes. * bcrelay.c: code cleanup (potential off by one error, bcrelay), switch a copy function to strncpy, as original had a potential off by one error as the size check didn't account for trailing 0 to be added in next line. * bcrelay.c: fix several warnings in newer compilers, caused by format and type discrepancies, and comparing with == directly to "", as "" is not guaranteed to always be the same when redefined. Thu Feb 7 11:51:46 2013 James Cameron * plugins/pptpd-logwtmp.c: use pppd.h provided by ppp package instead of our own, fix for debian #369714. Author: Stu Teasdale Author: Christoph Biedl Thu Feb 7 11:50:03 2013 James Cameron * pptpctrl.c: fix binary trash when launching ppp, fix for debian #693196. Author: tevaum@gmail.com Thu Feb 7 11:48:32 2013 James Cameron * pptpgre.c: avoid dropping connection when kernel returns ENOBUFS, fix for debian #629129. Author: Maximiliano Curia Author: James Cameron Thu Feb 7 11:47:33 2013 James Cameron * pptpctrl.c: add remotenumber support, fix for debian #610375, #625459, and ubuntu #704245. Author: Igor A Tarasov Author: Michael Poetters Thu Feb 7 11:46:18 2013 James Cameron * configfile.c: catch missing EOL at EOF, fix for sf.net poptop ticket #35, debian #567480. Author: Christoph Biedl Thu Feb 7 11:45:45 2013 James Cameron * bcrelay.8: add manual page, fix for debian #426553. Author: Khang Nguyen Trong Thu Feb 7 11:44:59 2013 James Cameron * pptpd.c: fix a segmentation fault on invalid IP range entry. Author: Sergey Naumov Wed May 18 14:42:28 2011 David Lamparter * pptpctrl.c, pptpd.c, pptpgre.c, pptpmanager.c: introduce VRFs this adds support for VRFs (Virtual Routing and Forwarding instances) through libvrf from vrf-tools. pptpd gains the ability to have its TCP and GRE sockets in a VRF different from the one the process is running in. As pppd is started from pptpd and does not have VRF support, the pppX devices will be in the initial VRF. The PPTP traffic will however be flowing in the given VRF. This allows full separation of encapsulated and encapsulating networks. Mon Jun 15 12:53:58 2009 Michael Douglass * pptpctrl.c (pptp_handle_ctrl_connection): fix IDLE_WAIT implementation. pptpd processes were not terminating when the remote pptp client went off the network unexpectedly. An strace of pptpd showed the select() loop in pptctrl.c was never timing out because the /dev/ptmx descriptor was sending data to pptpd every 10 seconds. Since the select() loop was never timing out, the IDLE_WAIT mechanism never triggered. The patch below makes the following changes: - select() returning 0 is no longer a direct trigger case for sending an ECHO REQ - track the last time we heard anything from our TCP socket in last_time (initialized to now on startup) - any time we go through the loop and we don't hear from our TCP socket, we check to see if our last_time is older than IDLE_WAIT, if so, send an ECHO REQ Fri Nov 14 10:28:27 2008 Karl Hiramoto * ctrlpacket.c (deal_start_ctrl_conn): fix compilation with uclibc with legacy support disabled. From "man bzero": This function is deprecated (marked as LEGACY in POSIX.1-2001): use memset(3) in new programs. POSIX.1-2008 removes the specification of bzero(). Wed Oct 8 09:47:33 2008 James Cameron * pptpctrl.c (launch_pppd): exclude ipparam and plugin from SLIRP and BSD PPP configurations. Reported by Richard P. Koett. Fri Jul 20 10:27:37 2007 Eivind Naess * pptpdefs.h: add packed attribute to pptp_gre_header, to ensure compiler alignment efforts do not conflict with processing the header. Mon May 28 12:17:06 2007 James Cameron * ctrlpacket.c (deal_set_link_info): change the "Ignored a SET LINK INFO" message to be LOG_DEBUG, only emit when debug mode is enabled, and explain further what it is. Thu May 24 10:43:45 2007 James Cameron * pptpd.conf.5: add missing logwtmp option. Tue Apr 24 13:11:28 2007 Phil Oester * pptpgre.c (decaps_gre): further testing has revealed a couple more problems with the packet reordering/buffering code: 1) Some clients (notably the PPTP client) start their sequence numbers at 1 instead of 0 as the RFC mandates. My previous fix caused problems with these clients. 2) Duplicate packets were causing corruption when they were placed on the queue but never used -or- when they were placed on the queue but already existed on the queue (i.e. they previously arrived out of order). Mon Apr 16 10:32:40 2007 James Cameron * pptpd-1.3.4.tar.gz: released. Mon Apr 16 09:38:13 2007 Phil Oester * pptpgre.c: fixes two packet reordering bugs, (1) the check for out-of-order sequence numbers only validates that the sequence received is greater than the previous sequence received. But this is invalid if for instance packet 20 is received after packet 10. It should instead verify packet received is equal previous packet plus one. (2) the packet dequeue function was using the wrong pointer, which led to corruption of all packets placed on the queue when they were dequeued. Thanks to James Cameron for the testing tools which made discovery of these bugs possible. Thu Feb 8 09:59:00 2007 James Cameron * plugins/pptpd-logwtmp.c (ip_up): accept either two forward or two reverse slashes as the delimiter. Fri Dec 8 10:49:27 2006 Charlie Brady * pptpctrl.c (startCall): turn off echo on the slave pty, so that any packets that arrive before pppd is ready will not be echoed back to the client. Deprecate PPP_WAIT. Tue Sep 5 09:42:46 2006 James Cameron * pptpd-1.3.3.tar.gz: released. Tue Sep 5 09:25:25 2006 James Cameron * defaults.h: remove MAX_CONNECTIONS reference. * samples/pptpd.conf: add connections clause, remove reference to MAX_CONNECTIONS. Tue Sep 5 09:10:55 2006 James Cameron * pptpd.c (processIPStr): add new informational message to indicate when the number of connections is constrained by the configured IP address ranges. Tue Sep 5 08:52:20 2006 James Cameron * pptpd.c: fix segfault on -C option, cause was option string didn't include argument flag for number of connections. Closes Gentoo Bug #132898 thanks to Alin Nastac (mrness at gentoo.org) and Peter Volkov. Thu Aug 3 12:02:02 2006 James Cameron * plugins/Makefile (LIBDIR), Makefile.am (LIBDIR): support build of x86_64 mixed architecture. From: Anton Gorlov. Thu Aug 3 11:14:59 2006 James Cameron * configure.in: rewrite use of AC_ARG_WITH and AC_ARG_ENABLE to more properly support the negative case. Reported by: Phil Oester. Thu Aug 3 09:55:25 2006 James Cameron * plugins/Makefile: include libutil. From: Anton Gorlov. Thu Apr 20 16:18:26 2006 James Cameron * pptpd.init: ensures the service is not enabled by default when installed, and adds a "condrestart" target that will restart the daemon if and only if it's already running. Reported by: Paul Howarth. Tue Apr 18 14:47:29 2006 James Cameron * pptpd-1.3.2.tar.gz: released. * configure.in: fix --with flags to work --without, change --with-bcrelay to --enable-bcrelay. Mon Mar 27 11:42:36 2006 James Cameron * pptpgre.c (decaps_gre, dequeue_gre): only report to LOG_DEBUG if the debug option is set. Reported by: Thomas Stein Tue Feb 14 10:52:13 2006 James Cameron * pptpd-1.3.1.tar.gz: released. Thu Dec 29 17:39:15 2005 James Cameron * pptpd.c, pptpmanager.c, pptpmanager.h, defaults.h: make connections limit a run-time option. Thu Dec 29 15:45:51 2005 James Cameron * pptpd.c (launch_bcrelay): insufficient space was allocated in the argv array for the number of elements used. Thu Dec 29 12:11:23 2005 James Cameron * pptpd: remove PPPD_IP_ALLOC in favour of a configuration option. * pptpd.8: add --delegate * pptpd.conf.5, samples/pptpd.conf: add delegate option * config.h.in, configure.in: remove --with-pppd-ip-alloc option * pptpmanager.c, defaults.h, pptpd.c: convert from conditional compilation to run-time checking. * samples/options.pptpd: describe how to force local IP for tunnel even in delegate mode. * INSTALL: remove build.sh reference. Thu Dec 29 11:04:13 2005 James Cameron * pptpgre.c (pptp_gre_init): prevent initial unwanted GRE ACK. From: Jonathan Barker Mon Nov 21 10:53:09 2005 James Cameron * bcrelay.c (mainloop): ignore ENOBUFS rather than fail. From: Rajkumar S Mon Oct 31 09:21:11 2005 James Cameron * pptpctrl.c: change GETARG to GETARG_VALUE and add a GETARG_INT and GETARG_STRING macro, to improve readability. Mon Aug 22 10:45:14 2005 James Cameron * compat.c (sigpipe_assign): remove superfluous sigset variable and calls; they served no purpose. Reported by: Pavol Gono. Wed Aug 3 19:04:07 2005 James Cameron * plugins/pptpd-logwtmp.c: fix compilation warning by including string.h * ctrlpacket.c (read_pptp_packet): initialise return control message type, to fix compilation warnings. * pqueue.c: compilation fixes, use of log() and warn() replaced with syslog(). Wed Aug 3 17:33:40 2005 James Cameron * pptpd-1.3.0.tar.gz: released. Tue Aug 2 21:31:25 2005 James Cameron * samples/options.pptpd: disable Van Jacobson compression. Reported by Pawel Pokrywka. Tue Aug 2 21:27:11 2005 James Cameron * pptpgre.c: packet reordering implementation, contributed by Vijay Bharadwaj. Tue Aug 2 19:32:47 2005 James Cameron * pptpdefs.h (MAX_ECHO_WAIT, IDLE_WAIT): comply with RFC2637, reported by Tobias Brox, updates 20040811-0. Tue Aug 2 19:30:30 2005 James Cameron * plugins/pptpd-logwtmp.c (ip_up): implement pptpd-logwtmp-strip-domain option, closes 20050401-1. Tue Aug 2 19:01:42 2005 James Cameron * Makefile.am (EXTRA_DIST): add html directory, missing from distribution, closes 20050729-1. Fri Jul 29 22:56:08 2005 James Cameron * pptpdefs.h (PPP_WAIT): default ten seconds wait for PPP packets to begin to be sent. * pptpctrl.c (pptp_handle_ctrl_connection): wait for first packet from pppd before continuing, an experimental fix for bug 20040521-1. Tue Jul 12 16:33:23 2005 James Cameron * pptpmanager.c (pptpmanager): process initial packet header length field properly. Reported by: Alex Beregszaszi Thu Mar 3 16:19:17 2005 James Cameron * bcrelay.c (mainloop): ignore ENETDOWN and ENXIO from sendto(2). Closes 20040428-0. Thu Feb 24 11:48:08 2005 James Cameron * pptpd.8: add section on debugging, contributed by Peter Mueller. Thu Feb 17 13:05:31 2005 James Cameron * pptpd-1.2.3.tar.gz: released. Thu Feb 17 13:01:22 2005 James Cameron * pptpd.c (showusage, showversion): change from poptop to pptpd. Tue Jan 25 09:01:49 2005 James Cameron * pptpctrl.c: perform error checking on dup2 calls, as on Linux they can fail under certain circumstances. Fri Jan 14 13:38:58 2005 James Cameron * pptpd.c, pptpctrl.c, bcrelay.c, configure.in, acconfig.h: add configure option --enable-facility to set syslog facility to use in logging. e.g. LOG_LOCAL0 Mon Jan 10 09:51:05 2005 James Cameron * config.h.in, configure.in, pptpgre.c (encaps_gre): uses writev() if available, to avoid a memcpy() of the GRE payload when sending off the packet. From: Marcus Sundberg. Thu Jan 6 10:07:39 2005 James Cameron * pptpmanager.c (pptp_manager): compilation fix for gcc < 3, a regression introduced in pptpd-1.2.2. Reported by: Peter Mueller. Wed Jan 5 22:12:38 2005 James Cameron * pptpd-1.2.2.tar.gz: released. Wed Jan 5 21:16:15 2005 James Cameron * compat.h, compat.c (sigpipe_*): build a generalised signal pipe delivery ... thing, for use by pptpd and pptpctrl. * pptpctrl.c (main): use signal pipe delivery instead of calling syslog(3) in the SIGTERM handler, call the old handler bail() when SIGTERM is delivered via the pipe. * pptpd.c: kill bcrelay outside a signal handler in order to avoid deadlock. * pptpmanager.c (pptp_manager): use generalised signal pipe delivery, return to caller on SIGTERM. Wed Jan 5 17:30:50 2005 James Cameron * pptpmanager.c: fix bug 2004-01-05-0, hang due to syslog(3) called by signal(2) handler. Derived from contributions to PPTP Client by Jean Wolter. * pptpmanager.c: add pipe for queueing SIGCHLD events. * pptpmanager.c (sigchld_handler): add safe handler for SIGCHLD. * pptpmanager.c (sigchld_responder): move old handler into non-signal context function called from main event loop. * pptpmanager.c (sigchld_setup): move SIGCHLD signal handling setup into own function. * pptpmanager.c (pptp_manager): call the new signal handling setup function, FD_ZERO each time around (it wasn't being reset), watch the signal handling pipe in the main event loop, handle EINTR return from select by ignoring it and restarting the select(). Added code to handle signal pipe data. Removed code for blocking SIGCHLD on new connection, now that the signal handling is linear. Thu Dec 23 09:17:29 2004 James Cameron * samples/options.pptpd: turn off logging to stderr by default, to prevent loopback detected. From: Andrew Hall Thu Nov 11 14:20:18 2004 James Cameron * pptpd.spec: allows the RPM to be built on Red Hat Enterprise Linux systems that use an older version of autotools. From: Charlie Brady Thu Jun 24 09:35:58 2004 Peter Mueller * pptpd.init: avoid spitting garbage if no processes exist. Wed Jun 23 19:42:33 2004 James Cameron * pptpd-1.2.1.tar.gz: released. * plugins/patchlevel.h: update pppd version requirement, so that pptpd works with Paul Howarth's pppd 2.4.3 CVS packages. Fri Jun 4 13:56:20 2004 James Cameron * pptpd.init: warn that restart may cause problems, provide restart-kill. From: Peter Mueller. Tue May 25 11:35:49 2004 James Cameron * pptpd-1.2.0-b4.tar.gz: released. Mon May 24 20:27:53 2004 James Cameron * debian/copyright: fix spelling to fix lintian warning. * debian/changelog: remove emacs stuff to fix lintian warning. * pptpd.8: refer to pptpd.conf(5) early on, and remove EXAMPLES section, as it contributes nothing. * pptpd.conf.5: add documentation for firewall rules. Fri May 21 20:43:55 2004 James Cameron * pptpd.spec: rework to build under rpm 4.0.4, depend on ppp >= 2.4.2, change description to match Debian package, add vendor, propogate changes since 1.1.4-b3 involving obsolete scripts and new plugin. * Makefile.am, plugins/Makefile: add missing pptpd.init, add debian packaging from downstream, propogate DESTDIR and prefix to plugins install target. * debian/changelog: change the version to -0 to avoid clobbering the later Debian package. Mon May 17 16:28:49 2004 James Cameron * pptpd.c: bug fix, only check PPP options file readability if an options file has been given in the configuration file or command line. Reported by: Andrew Alexandrov Mon May 17 12:31:34 2004 James Cameron * Makefile.am (EXTRA_DIST): remove html, as the documentation is out of date, explicitly name samples, tools and plugins files to prevent CVS in tarball. Mon May 17 12:31:09 2004 James Cameron * debian: merge upstream Debian patches. From Rene Mayrhofer. Fri May 14 15:50:35 2004 James Cameron * pptpd.c (killbcrelay): bug fix, pptpd catches SIGTERM to kill bcrelay, but doesn't kill itself. "This patch solves partially the problem. When there is a connection established klling the main pptpd process will not kill the control connection process." From: Pawel Guraj. Thu Apr 29 20:18:19 2004 James Cameron * pptpd.8, pptpd.conf.5: adopt man page review suggestions. From: Chris Wilson. Thu Apr 29 19:49:59 2004 James Cameron * plugins/pptpd-logwtmp.c (ip_up): use the username that was authenticated from the peer_authname variable rather than the local host name hiding in the user variable. Reported by: Pawel Guraj. Thu Apr 29 16:56:05 2004 James Cameron * ctrlpacket.c (deal_out_call): print connection speed properly. From: Jan Dubiec. Thu Apr 29 16:49:03 2004 James Cameron * pptpd.c: fix segfault if built --with-bcrelay but neither bcrelay config option nor --bcrelay command line flag used. From: Jan Dubiec, Pawel Guraj. Wed Apr 28 21:24:25 2004 James Cameron * README.logwtmp: write up new feature to track user connections and disconnections using the standard wtmp(5) mechanism. * defaults.h, pptpd.8, pptpctrl.8, pptpctrl.c, pptpd.c, pptpmanager.c, samples/pptpd.conf: add --logwtmp option. * plugins/Makefile: derive from PPP CVS plugins example. * plugins/patchlevel.h, plugins/pppd.h: copy headers from PPP CVS. * plugins/pptpd-logwtmp.c: add plugin to update wtmp. * Makefile.am: add targets for plugins build and any future subdirectories. * tools/vpnwho.pl: mark as obsolete. Wed Apr 28 19:54:04 2004 James Cameron * pptpctrl.c (main): waitpid() rather than kill() the pppd, so that ip-down scripts get executed. Tue Apr 27 09:11:32 2004 James Cameron * NEWS: change attribution on request from author. * Makefile.am (EXTRA_DIST): include README.portslave, re-order list. Sun Apr 25 20:31:52 2004 James Cameron * pptpd-1.2.0-b3.tar.gz: released. Sat Apr 24 20:51:54 2004 James Cameron * pptpgre.c (decaps_hdlc): add hint for EIO on read() of PTY, suggesting a look at option syntax and pppd logs. To address a FAQ seen on mailing lists. * pptpd.conf.5: add routing checklists for three different methods of allocating subnets and configuring pptpd. * pptpd.8, pptpd.conf.5: add noipparam option documentation. Move speed option to end of list. Rework text for simplicity. Cross check against pptpd.c. * pptpctrl.8: rework argument list, cross check against pptpctrl.c, remove examples because running from inetd(8) is unusual and not encouraged. * pptpd.c, pptpd.8, pptpmanager.c, pptpctrl.c, defaults.h: add --ppp option to specify PPP program to use in place of default PPP_BINARY, and pass the new parameter to pptpctrl. Also reworked option handling and validation to simplify code. Use access() instead of fopen() to verify that files can be read or executed. * pptpd.c: bug fix, --stimeout option was not working due to use of strdup() and a blind cast instead of atoi(). * pptpd.c: bug fix, --noipparam option on command line was causing premature exit during option processing. Fri Apr 23 21:01:31 2004 James Cameron * tools/pptp-portslave: add contribution from Russell Coker, on Debian Bug#126486. Fri Apr 23 20:34:28 2004 James Cameron * pptpctrl.c (main): fail if arguments insufficient, closes Debian Bug#107933. * .cvsignore: include config.h and stamp-h, to assist with CVS updates. Fri Apr 23 20:13:43 2004 James Cameron * AUTHORS: hide author e-mails, add contributors since last release. Fri Apr 23 20:00:02 2004 James Cameron * stamp-h, config.h: remove from CVS. * import: remove huge superfluous screen snapshot that was slowing CVS access. * .cvsignore: update for new build environment, include everything that might normally be in a user directory checked out from CVS. * samples/options: not relevant, removed. * tools/confmod.sh: mark as obsolete, relevant only for ppp-2.4.1 forks. * reconf, version: adjust comments. * pptpd.spec: include vpnwho.pl (old version at this stage until Bruno finds me the latest version) in the RPM packaging. * pptpd.conf.5, pptpd.8: expand acronymn DOS. * pptpctrl.8: add note that speed is ineffective on Linux. * makepackage: use complete version, including beta release, as part of the packaging; don't hide the beta release version. * configure.in: remove warning about /usr/local/bin/pptpd, since /usr/local/bin is locally administered; we have no right to warn, we may have been responsible even in this version for placing the file there. * Anon-CVS-Root: obsolete, removed. * build.sh: obsolete build.sh * README.bcrelay: wrap to 80 columns. * README: rework for new release. Fri Apr 23 17:05:23 2004 James Cameron * makerpm: remove from CVS in favour of makepackage per Richard's e-mail on 1st August 2003. * Makefile.am (EXTRA_DIST): add README.bcrelay, older ChangeLogs, tools, spec file, and makepackage script. Fri Apr 23 16:15:59 2004 James Cameron * reconf: remove setting of pptpd.conf version. * samples/pptpd.conf: remove package version from file, use CVS revision header instead. * samples/options.pptpd: clarify comments, default to work with PPP 2.4.2. Thu Apr 22 16:38:01 2004 James Cameron * pptpctrl.c: remove report of connection speed for Linux pppd. Thu Apr 22 13:41:11 2004 James Cameron * pptpd-1.2.0-b1.tar.gz: released to test team. * AUTHORS: adjust to reflect new maintainer. * bcrelay.c: when compiling without --with-bcrelay, fail immediately with an error message suggesting a rebuild. * bcrelay.c: adopt VERSION from main package, cause my_daemon() to be conditional on not HAVE_DAEMON. * pptpd.c (killbcrelay): avoid code when BCRELAY is not defined. Fixes compiler error when pptpd is configured using defaults. * Makefile.am (dist-hook, EXTRA_DIST): remove CVS from final source distribution. * samples/pptpd.conf: remove some whitespace and wrap. * Makefile.am: remove CVS from dist target. * RELEASING: new file of release instructions, for 1.2.0 release candidate. * configure.in: change version. * pptpd.spec: change version. * ChangeLog: adopt GNU format. Fri Feb 27 09:53:19 2004 James Cameron * pptpctrl.c (pptp_handle_ctrl_connection): on any CALL_CLR_RQST, terminate the call. From: "Bruno Lopes F. Cabral" 2004-01-08 http://marc.theaimsgroup.com/?l=poptop-server&m=107359240120864&w=2 Fri Feb 27 09:50:41 2004 James Cameron * pptpctrl.c (launch_pppd): make sure SIGCHLD is unblocked. The procmask gets inherited from the manager and usually has the SIGCHLD blocked. Actually pppd does not expect that somebody tampered with its signal mask, thus we just unblock all signals and leave them to be handled by pppd. This fixes the "ip-up zombie" bug. From: Peter Stamfest 2003-09-06 http://marc.theaimsgroup.com/?l=poptop-server&m=106284825408104&w=2 Thu Feb 26 15:17:37 2004 James Cameron * pptpd.8, pptpd.conf.5 (speed): note that speed is ineffective on Linux, despite being accepted by pppd. Wed Dec 10 09:28:01 2003 James Cameron * pptpctrl.c (launch_pppd): report program binary path. Tue Dec 9 10:22:01 2003 James Cameron * pptpctrl.c (launch_pppd): report cause of failed execvp(). * pptpctrl.c (startCall): better explain launch failure. poptop (1.1.4-b5) unstable; urgency=low * Added code to pass ipparam to pppd - By Sergio M. Ammirata * Added Debian packaging information (not included in .tar.gz) * Added bcrelay_v1 - By Norbert van Bolhuis -- R. de Vroede Fri, 18 Jul 2003 11:34:05 +0200 poptop (1.1.4-b4) unstable; urgency=low * Bugfix: First GRE packet always discarded - By: fghdgh (gcc111) * Bugfix: Console fds left open, ssh hangs - By: fghdgh (gcc111) * Bugfix: Pidfile option doesn't work - By: Visarion Mandzgaladze -- R. de Vroede Fri, Jun 20 2003 11:34:05 +0200 poptop (1.1.4-b3) unstable; urgency=low * Bugfix: Two buffer overflows in pptpctrl.c - By: Hernan Otero -- R. de Vroede Tue, May 13 2003 11:34:05 +0200 poptop (1.1.4-b2) unstable; urgency=low * Bugfix: Potential buffer-overflow in ctrlpacket.c * Callid enhancements. From: Ilguiz Latypov, Debian Bug#171831 -- R. de Vroede Wed, Apr 9 2003 11:34:05 +0200 poptop (1.1.4-b1) unstable; urgency=low * Added BCrelay (Broadcast relay) -- R. de Vroede Fri, Oct 11 2002 11:34:05 +0200 Poptop ChangeLog --------------------------------------------------------------------------- v1.1.3 * Wed Apr 9 2003 Richard de Vroede - fixed a potential buffer-overflow in ctrlpacket.c * Thu Aug 22 2002 Richard de Vroede - added stimeout option to pptpd.conf manpage - updated the Changelog file ;-) * Tue Aug 20 2002 Richard de Vroede - removed debug commandline option from pptpd.init * Thu Aug 1 2002 Richard de Vroede - added config(noreplace) so old configs don't get replaced - fixed postscriptlet - adapted spec to cvs tree * Wed Jun 26 2002 Richard de Vroede - specfile now supports --with[out] options --------------------------------------------------------------------------- v0.9.13 -> v1.1.3 * June 18 2002 Richard de Vroede - migrated to version higher than last poptop release - bugfixed --------------------------------------------------------------------------- pptpd-1.4.0/inststr.h0000664000175000017500000000036312231653047011452 00000000000000/* * inststr.h * * Change process title * From code by C. S. Ananian */ #ifndef _PPTPD_INSTSTR_H #define _PPTPD_INSTSTR_H #ifndef HAVE_SETPROCTITLE void inststr(int argc, char **argv, char *src); #endif #endif /* !_PPTPD_INSTSTR_H */ pptpd-1.4.0/pptpctrl.c0000664000175000017500000007336412231653077011625 00000000000000/* * pptpctrl.c * * PPTP control connection between PAC-PNS pair */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifdef __linux__ #define _GNU_SOURCE 1 /* kill() prototype, broken arpa/inet.h */ #endif #include "our_syslog.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef HAVE_OPENPTY #ifdef HAVE_PTY_H #include #include #endif #ifdef HAVE_LIBUTIL_H #include #endif #endif #ifdef __UCLIBC__ #define socklen_t int #endif #include "compat.h" #include "pptpctrl.h" #include "pptpgre.h" #include "pptpdefs.h" #include "ctrlpacket.h" #include "defaults.h" // placing net/if.h here fixes build on Solaris #include #ifdef VRF char *vrf = NULL; #endif static char *ppp_binary = PPP_BINARY; static int pptp_logwtmp; static int noipparam; /* if true, don't send ipparam to ppp */ static char speed[32]; static char pppdxfig[256]; static pid_t pppfork; /* so we can kill it after disconnect */ /* * Global to handle dying * * I'd be nice if someone could figure out a way to do it * without the global, but i don't think you can.. -tmk */ #define clientSocket 0 /* in case it changes back to a variable */ static u_int32_t call_id_pair; /* call id (to terminate call) */ /* Needed by this and ctrlpacket.c */ int pptpctrl_debug = 0; /* specifies if debugging is on or off */ uint16_t unique_call_id = 0xFFFF; /* Start value for our call IDs on this TCP link */ int gargc; /* Command line argument count */ char **gargv; /* Command line argument vector */ /* Local function prototypes */ static void bail(int sigraised); static void pptp_handle_ctrl_connection(char **pppaddrs, struct in_addr *inetaddrs); static int startCall(char **pppaddrs, struct in_addr *inetaddrs); static void launch_pppd(char **pppaddrs, struct in_addr *inetaddrs); /* Oh the horror.. lets hope this covers all the ones we have to handle */ #if defined(O_NONBLOCK) && !defined(__sun__) && !defined(__sun) #define OUR_NB_MODE O_NONBLOCK #else #define OUR_NB_MODE O_NDELAY #endif /* read a command line argument, a flag alone */ #define GETARG_INT(X) \ X = atoi(argv[arg++]) /* read a command line argument, a string alone */ #define GETARG_STRING(X) \ X = strdup(argv[arg++]) /* read a command line argument, a presence flag followed by string */ #define GETARG_VALUE(X) \ if(atoi(argv[arg++]) != 0) \ strlcpy(X, argv[arg++], sizeof(X)); \ else \ *X = '\0' int main(int argc, char **argv) { char pppLocal[16]; /* local IP to pass to pppd */ char pppRemote[16]; /* remote IP address to pass to pppd */ struct sockaddr_in addr; /* client address */ socklen_t addrlen; int arg = 1; int flags; struct in_addr inetaddrs[2]; char *pppaddrs[2] = { pppLocal, pppRemote }; gargc = argc; gargv = argv; /* fail if argument count invalid */ if (argc < 7) { fprintf(stderr, "pptpctrl: insufficient arguments, see man pptpctrl\n"); exit(2); } /* open a connection to the syslog daemon */ openlog("pptpd", LOG_PID, PPTP_FACILITY); /* autoreap if supported */ signal(SIGCHLD, SIG_IGN); /* note: update pptpctrl.8 if the argument list format is changed */ GETARG_INT(pptpctrl_debug); GETARG_INT(noipparam); #ifdef VRF GETARG_STRING(vrf); #endif GETARG_VALUE(pppdxfig); GETARG_VALUE(speed); GETARG_VALUE(pppLocal); GETARG_VALUE(pppRemote); if (arg < argc) GETARG_INT(unique_call_id); if (arg < argc) GETARG_STRING(ppp_binary); if (arg < argc) GETARG_INT(pptp_logwtmp); #ifdef VRF if (!*vrf) { free(vrf); vrf = NULL; } #endif if (pptpctrl_debug) { #ifdef VRF syslog(LOG_DEBUG, "CTRL: VRF used = %s", vrf ? vrf : "NONE"); #endif if (*pppLocal) syslog(LOG_DEBUG, "CTRL: local address = %s", pppLocal); if (*pppRemote) syslog(LOG_DEBUG, "CTRL: remote address = %s", pppRemote); if (*speed) syslog(LOG_DEBUG, "CTRL: pppd speed = %s", speed); if (*pppdxfig) syslog(LOG_DEBUG, "CTRL: pppd options file = %s", pppdxfig); } addrlen = sizeof(addr); if (getsockname(clientSocket, (struct sockaddr *) &addr, &addrlen) != 0) { syslog(LOG_ERR, "CTRL: getsockname() failed"); syslog_perror("getsockname"); close(clientSocket); bail(0); /* NORETURN */ } inetaddrs[0] = addr.sin_addr; addrlen = sizeof(addr); if (getpeername(clientSocket, (struct sockaddr *) &addr, &addrlen) != 0) { syslog(LOG_ERR, "CTRL: getpeername() failed"); syslog_perror("getpeername"); close(clientSocket); bail(0); /* NORETURN */ } inetaddrs[1] = addr.sin_addr; /* Set non-blocking */ if ((flags = fcntl(clientSocket, F_GETFL, arg /* ignored */)) == -1 || fcntl(clientSocket, F_SETFL, flags|OUR_NB_MODE) == -1) { syslog(LOG_ERR, "CTRL: Failed to set client socket non-blocking"); syslog_perror("fcntl"); close(clientSocket); bail(0); /* NORETURN */ } /* Fiddle with argv */ my_setproctitle(gargc, gargv, "pptpd [%s]%20c", inet_ntoa(addr.sin_addr), ' '); /* be ready for a grisly death */ sigpipe_create(); sigpipe_assign(SIGTERM); NOTE_VALUE(PAC, call_id_pair, htons(-1)); NOTE_VALUE(PNS, call_id_pair, htons(-1)); syslog(LOG_INFO, "CTRL: Client %s control connection started", inet_ntoa(addr.sin_addr)); pptp_handle_ctrl_connection(pppaddrs, inetaddrs); syslog(LOG_DEBUG, "CTRL: Reaping child PPP[%i]", pppfork); if (pppfork > 0) waitpid(pppfork, NULL, 0); syslog(LOG_INFO, "CTRL: Client %s control connection finished", inet_ntoa(addr.sin_addr)); bail(0); /* NORETURN */ return 1; /* make gcc happy */ } /* * Local functions only below */ /* * pptp_handle_ctrl_connection * * 1. read a packet (should be start_ctrl_conn_rqst) * 2. reply to packet (send a start_ctrl_conn_rply) * 3. proceed with GRE and CTRL connections * * args: pppaddrs - ppp local and remote addresses (strings) * inetaddrs - local and client socket address * retn: 0 success, -1 failure */ static void pptp_handle_ctrl_connection(char **pppaddrs, struct in_addr *inetaddrs) { /* For echo requests used to check link is alive */ int echo_wait = FALSE; /* Waiting for echo? */ u_int32_t echo_count = 0; /* Sequence # of echo */ time_t echo_time = 0; /* Time last echo req sent */ time_t last_time = time(NULL); /* Time last received data */ struct timeval idleTime; /* How long to select() */ /* General local variables */ ssize_t rply_size; /* Reply packet size */ fd_set fds; /* For select() */ int maxfd = clientSocket; /* For select() */ int send_packet; /* Send a packet this time? */ #if BSDUSER_PPP || SLIRP /* not needed by stuff which uses socketpair() in startCall() */ #define init 1 #else int init = 0; /* Has pppd initialized the pty? */ #endif int pty_fd = -1; /* File descriptor of pty */ int gre_fd = -1; /* Network file descriptor */ int sig_fd = sigpipe_fd(); /* Signal pipe descriptor */ struct pptp_echo_rply *packet = alloca(PPTP_MAX_CTRL_PCKT_SIZE); struct pptp_out_call_rply *rply_packet = alloca(PPTP_MAX_CTRL_PCKT_SIZE); for (;;) { FD_ZERO(&fds); FD_SET(sig_fd, &fds); FD_SET(clientSocket, &fds); if (pty_fd != -1) FD_SET(pty_fd, &fds); if (gre_fd != -1 && init) FD_SET(gre_fd, &fds); /* set timeout */ if (encaps_gre(-1, NULL, 0) || decaps_hdlc(-1, NULL, 0)) { idleTime.tv_sec = 0; idleTime.tv_usec = 50000; /* don't ack immediately */ } else { idleTime.tv_sec = IDLE_WAIT; idleTime.tv_usec = 0; } /* default: do nothing */ send_packet = FALSE; switch (select(maxfd + 1, &fds, NULL, NULL, &idleTime)) { case -1: /* Error with select() */ if (errno != EINTR) syslog(LOG_ERR, "CTRL: Error with select(), quitting"); goto leave_clear_call; case 0: if (decaps_hdlc(-1, NULL, 0)) { if(decaps_hdlc(-1, encaps_gre, gre_fd)) syslog(LOG_ERR, "CTRL: GRE re-xmit failed"); } else if (encaps_gre(-1, NULL, 0)) /* Pending ack and nothing else to do */ encaps_gre(gre_fd, NULL, 0); /* send ack with no payload */ break; default: break; } /* check for pending SIGTERM delivery */ if (FD_ISSET(sig_fd, &fds)) { if (sigpipe_read() == SIGTERM) bail(SIGTERM); } /* detect startup of pppd */ #ifndef init if (!init && pty_fd != -1 && FD_ISSET(pty_fd, &fds)) init = 1; #endif /* handle actual packets */ /* send from pty off via GRE */ if (pty_fd != -1 && FD_ISSET(pty_fd, &fds) && decaps_hdlc(pty_fd, encaps_gre, gre_fd) < 0) { syslog(LOG_ERR, "CTRL: PTY read or GRE write failed (pty,gre)=(%d,%d)", pty_fd, gre_fd); break; } /* send from GRE off to pty */ if (gre_fd != -1 && FD_ISSET(gre_fd, &fds) && decaps_gre(gre_fd, encaps_hdlc, pty_fd) < 0) { if (gre_fd == 6 && pty_fd == 5) { syslog(LOG_ERR, "CTRL: GRE-tunnel has collapsed (GRE read or PTY write failed (gre,pty)=(%d,%d))", gre_fd, pty_fd); } else { syslog(LOG_ERR, "CTRL: GRE read or PTY write failed (gre,pty)=(%d,%d)", gre_fd, pty_fd); } break; } /* handle control messages */ if (FD_ISSET(clientSocket, &fds)) { time(&last_time); send_packet = TRUE; switch (read_pptp_packet(clientSocket, (unsigned char *) packet, rply_packet, &rply_size)) { case 0: syslog(LOG_ERR, "CTRL: CTRL read failed"); goto leave_drop_call; case -1: send_packet = FALSE; break; case STOP_CTRL_CONN_RQST: if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Received STOP CTRL CONN request (disconnecting)"); if (gre_fd != -1 || pty_fd != -1) syslog(LOG_WARNING, "CTRL: Request to close control connection when call is open, closing"); send_pptp_packet(clientSocket, rply_packet, rply_size); goto leave_drop_call; case CALL_CLR_RQST: if(pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Received CALL CLR request (closing call)"); if (gre_fd == -1 || pty_fd == -1) syslog(LOG_WARNING, "CTRL: Request to close call but call not open"); if (gre_fd != -1) { FD_CLR(gre_fd, &fds); close(gre_fd); gre_fd = -1; } if (pty_fd != -1) { FD_CLR(pty_fd, &fds); close(pty_fd); pty_fd = -1; } /* violating RFC */ goto leave_drop_call; case OUT_CALL_RQST: /* for killing off the link later (ugly) */ NOTE_VALUE(PAC, call_id_pair, rply_packet->call_id); NOTE_VALUE(PNS, call_id_pair, rply_packet->call_id_peer); if (gre_fd != -1 || pty_fd != -1) { syslog(LOG_WARNING, "CTRL: Request to open call when call is already open, closing"); if (gre_fd != -1) { FD_CLR(gre_fd, &fds); close(gre_fd); gre_fd = -1; } if (pty_fd != -1) { FD_CLR(pty_fd, &fds); close(pty_fd); pty_fd = -1; } } /* change process title for accounting and status scripts */ my_setproctitle(gargc, gargv, "pptpd [%s:%04X - %04X]", inet_ntoa(inetaddrs[1]), ntohs(rply_packet->call_id_peer), ntohs(rply_packet->call_id)); /* start the call, by launching pppd */ syslog(LOG_INFO, "CTRL: Starting call (launching pppd, opening GRE)"); pty_fd = startCall(pppaddrs, inetaddrs); if (pty_fd > maxfd) maxfd = pty_fd; if ((gre_fd = pptp_gre_init(call_id_pair, pty_fd, inetaddrs)) > maxfd) maxfd = gre_fd; break; case ECHO_RPLY: if (echo_wait == TRUE && packet->identifier == echo_count) echo_wait = FALSE; else syslog(LOG_WARNING, "CTRL: Unexpected ECHO REPLY packet"); /* FALLTHRU */ case SET_LINK_INFO: send_packet = FALSE; break; #ifdef PNS_MODE case IN_CALL_RQST: case IN_CALL_RPLY: case IN_CALL_CONN: #endif case CALL_DISCONN_NTFY: case STOP_CTRL_CONN_RPLY: /* These don't generate replies. Also they come from things we don't send in this section. */ syslog(LOG_WARNING, "CTRL: Got a reply to a packet we didn't send"); send_packet = FALSE; break; /* Otherwise, the already-formed reply will do fine, so send it */ } /* send echo request packet if we have not heard from the TCP socket in IDLE_TIME */ } else if (echo_wait != TRUE && (time(NULL) - last_time) > IDLE_WAIT) { echo_count++; if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Sending ECHO REQ id %d", echo_count); time(&echo_time); make_echo_req_packet(rply_packet, &rply_size, echo_count); echo_wait = TRUE; send_packet = TRUE; } /* send reply packet - this may block, but it should be very rare */ if (send_packet == TRUE && send_pptp_packet(clientSocket, rply_packet, rply_size) < 0) { syslog(LOG_ERR, "CTRL: Error sending GRE, aborting call"); goto leave_clear_call; } /* waiting for echo reply and curtime - echo_time > max wait */ if (echo_wait == TRUE && (time(NULL) - echo_time) > MAX_ECHO_WAIT) { syslog(LOG_INFO, "CTRL: Session timed out, ending call"); goto leave_clear_call; } } /* Finished! :-) */ leave_drop_call: NOTE_VALUE(PAC, call_id_pair, htons(-1)); NOTE_VALUE(PNS, call_id_pair, htons(-1)); close(clientSocket); leave_clear_call: /* leave clientSocket and call_id_pair alone for bail() */ if (gre_fd != -1) close(gre_fd); gre_fd = -1; if (pty_fd != -1) close(pty_fd); pty_fd = -1; return; #ifdef init #undef init #endif } /* * This is the custom exit() for this program. * * Updated to also be the default SIGTERM handler, and if * the link is going down for unnatural reasons, we will close it * right now, it's only been tested for win98, other tests would be nice * -tmk */ static void bail(int sigraised) { if (sigraised) syslog(LOG_INFO, "CTRL: Exiting on signal %d", sigraised); /* send a disconnect to the other end */ /* ignore any errors */ if (GET_VALUE(PAC, call_id_pair) != htons(-1)) { fd_set connSet; /* fd_set for select() */ struct timeval tv; /* time to wait for reply */ unsigned char packet[PPTP_MAX_CTRL_PCKT_SIZE]; struct pptp_out_call_rply *rply_packet = alloca(PPTP_MAX_CTRL_PCKT_SIZE); ssize_t rply_size; /* reply packet size */ int pkt; int retry = 0; if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Exiting with active call"); make_call_admin_shutdown(rply_packet, &rply_size); if(send_pptp_packet(clientSocket, rply_packet, rply_size) < 0) goto skip; make_stop_ctrl_req(rply_packet, &rply_size); if(send_pptp_packet(clientSocket, rply_packet, rply_size) < 0) goto skip; FD_ZERO(&connSet); FD_SET(clientSocket, &connSet); tv.tv_sec = 5; /* wait 5 secs for a reply then quit */ tv.tv_usec = 0; /* Wait for STOP CTRL CONN RQST or RPLY */ while (select(clientSocket + 1, &connSet, NULL, NULL, &tv) == 1) { switch((pkt = read_pptp_packet(clientSocket, packet, rply_packet, &rply_size))) { case STOP_CTRL_CONN_RQST: send_pptp_packet(clientSocket, rply_packet, rply_size); goto skip; case CALL_CLR_RQST: syslog(LOG_WARNING, "CTRL: Got call clear request after call manually shutdown - buggy client"); break; case STOP_CTRL_CONN_RPLY: goto skip; case -1: syslog(LOG_WARNING, "CTRL: Retryable error in disconnect sequence"); retry++; break; case 0: syslog(LOG_WARNING, "CTRL: Fatal error reading control message in disconnect sequence"); goto skip; default: syslog(LOG_WARNING, "CTRL: Unexpected control message %d in disconnect sequence", pkt); retry++; break; } tv.tv_sec = 5; /* wait 5 secs for another reply then quit */ tv.tv_usec = 0; if (retry > 100) { syslog(LOG_WARNING, "CTRL: Too many retries (%d) - giving up", retry); break; } } skip: close(clientSocket); } if (pptpctrl_debug) syslog(LOG_DEBUG, "CTRL: Exiting now"); } /* * startCall * * Launches PPPD for the call. * * args: pppaddrs - local/remote IPs or "" for either/both if none * retn: pty file descriptor * */ static int startCall(char **pppaddrs, struct in_addr *inetaddrs) { /* PTY/TTY pair for talking to PPPd */ int pty_fd, tty_fd; /* register pids of children */ #if BSDUSER_PPP || SLIRP int sockfd[2]; #ifndef AF_LOCAL #ifdef AF_UNIX #define AF_LOCAL AF_UNIX /* Old BSD */ #else #define AF_LOCAL AF_FILE /* POSIX */ #endif #endif /* userspace ppp doesn't need to waste a real pty/tty pair */ if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sockfd)) { syslog(LOG_ERR, "CTRL: socketpair() error"); syslog_perror("socketpair"); exit(1); } tty_fd = sockfd[0]; pty_fd = sockfd[1]; #else /* Finds an open pty/tty pair */ if (openpty(&pty_fd, &tty_fd, NULL, NULL, NULL) != 0) { syslog(LOG_ERR, "CTRL: openpty() error"); syslog_perror("openpty"); exit(1); } else { struct termios tios; /* Turn off echo in the slave - to prevent loopback. pppd will do this, but might not do it before we try to send data. */ if (tcgetattr(tty_fd, &tios) < 0) { syslog(LOG_ERR, "CTRL: tcgetattr() error"); syslog_perror("tcgetattr"); exit(1); } tios.c_lflag &= ~(ECHO | ECHONL); if (tcsetattr(tty_fd, TCSAFLUSH, &tios) < 0) { syslog(LOG_ERR, "CTRL: tcsetattr() error"); syslog_perror("tcsetattr"); exit(1); } } #endif if (pptpctrl_debug) { syslog(LOG_DEBUG, "CTRL: pty_fd = %d", pty_fd); syslog(LOG_DEBUG, "CTRL: tty_fd = %d", tty_fd); } /* Launch the PPPD */ #ifndef HAVE_FORK switch(pppfork=vfork()){ #else switch(pppfork=fork()){ #endif case -1: /* fork() error */ syslog(LOG_ERR, "CTRL: Error forking to exec pppd"); _exit(1); case 0: /* child */ if (dup2(tty_fd, 0) == -1) { syslog(LOG_ERR, "CTRL: child tty_fd dup2 to stdin, %s", strerror(errno)); exit(1); } if (dup2(tty_fd, 1) == -1) { syslog(LOG_ERR, "CTRL: child tty_fd dup2 to stdout, %s", strerror(errno)); exit(1); } #if 0 /* This must never be used if !HAVE_SYSLOG since that logs to stderr. * Trying just never using it to see if it causes anyone else problems. * It may let people see the pppd errors, which would be good. */ dup2(tty_fd, 2); #endif if (tty_fd > 1) close(tty_fd); if (pty_fd > 1) close(pty_fd); /* In case we move clientSocket back off stdin */ #ifndef clientSocket if (clientSocket > 1) close(clientSocket); #elif clientSocket > 1 close(clientSocket); #endif launch_pppd(pppaddrs, inetaddrs); syslog(LOG_ERR, "CTRL: PPPD launch failed! (launch_pppd did not fork)"); _exit(1); } close(tty_fd); return pty_fd; } /* * launch_pppd * * Launches the PPP daemon. The PPP daemon is responsible for assigning the * PPTP client its IP address.. These values are assigned via the command * line. * * Add return of connected ppp interface * * retn: 0 on success, -1 on failure. * */ static void launch_pppd(char **pppaddrs, struct in_addr *inetaddrs) { char *pppd_argv[16]; int an = 0; sigset_t sigs; char pppInterfaceIPs[33]; pppd_argv[an++] = ppp_binary; if (pptpctrl_debug) { syslog(LOG_DEBUG, "CTRL (PPPD Launcher): program binary = %s", pppd_argv[an - 1]); } #if BSDUSER_PPP /* The way that Brian Somers' user-land ppp works is to use the * system name as a reference for most of the useful options. Hence * most things can't be defined on the command line. On OpenBSD at * least the file used for the systems is /etc/ppp/ppp.conf, where * the pptp stanza should look something like: pptp: set speed sync enable pap enable chap set dns a.a.a.a b.b.b.b set ndbs x.x.x.x y.y.y.y accept dns add 10.0.0/24 * To be honest, at the time of writing, I haven't had the thing * working enough to understand :) I will update this comment and * make a sample config available when I get there. */ /* options for BSDUSER_PPP * * ignores IP addresses, config file option, speed * fix usage info in pptpd.c and configure script if this changes * * IP addresses can be specified in /etc/ppp/ppp.secret per user */ pppd_argv[an++] = "-direct"; pppd_argv[an++] = "pptp"; /* XXX this is the system name */ /* should be dynamic - PMG */ #elif SLIRP /* options for SLIRP * * ignores IP addresses from config - SLIRP handles this */ pppd_argv[an++] = "-P"; pppd_argv[an++] = "+chap"; pppd_argv[an++] = "-b"; /* If a speed has been specified, use it * if not, use "smart" default (defaults.h) */ if (*speed) { pppd_argv[an++] = speed; } else { pppd_argv[an++] = PPP_SPEED_DEFAULT; } if (*pppdxfig) { pppd_argv[an++] = "-f"; pppd_argv[an++] = pppdxfig; } if (pptpctrl_debug) { syslog(LOG_DEBUG, "CTRL (PPPD Launcher): Connection speed = %s", pppd_argv[an - 1]); } #else /* options for 'normal' pppd */ pppd_argv[an++] = "local"; /* If a pppd option file is specified, use it * if not, pppd will default to /etc/ppp/options */ if (*pppdxfig) { pppd_argv[an++] = "file"; pppd_argv[an++] = pppdxfig; } /* If a speed has been specified, use it * if not, use "smart" default (defaults.h) */ if (*speed) { pppd_argv[an++] = speed; } else { pppd_argv[an++] = PPP_SPEED_DEFAULT; } if (pptpctrl_debug) { if (*pppaddrs[0]) syslog(LOG_DEBUG, "CTRL (PPPD Launcher): local address = %s", pppaddrs[0]); if (*pppaddrs[1]) syslog(LOG_DEBUG, "CTRL (PPPD Launcher): remote address = %s", pppaddrs[1]); } if (*pppaddrs[0] || *pppaddrs[1]) { sprintf(pppInterfaceIPs, "%s:%s", pppaddrs[0], pppaddrs[1]); pppd_argv[an++] = pppInterfaceIPs; } if (!noipparam) { pppd_argv[an++] = "ipparam"; pppd_argv[an++] = inet_ntoa(inetaddrs[1]); } if (pptp_logwtmp) { pppd_argv[an++] = "plugin"; pppd_argv[an++] = "/usr/lib/pptpd/pptpd-logwtmp.so"; pppd_argv[an++] = "pptpd-original-ip"; pppd_argv[an++] = inet_ntoa(inetaddrs[1]); } #endif pppd_argv[an++] = "remotenumber"; pppd_argv[an++] = inet_ntoa(inetaddrs[1]); /* argv arrays must always be NULL terminated */ pppd_argv[an++] = NULL; /* make sure SIGCHLD is unblocked, pppd does not expect it */ sigfillset(&sigs); sigprocmask(SIG_UNBLOCK, &sigs, NULL); /* run pppd now */ execvp(pppd_argv[0], pppd_argv); /* execvp() failed */ syslog(LOG_ERR, "CTRL (PPPD Launcher): Failed to launch PPP daemon. %s", strerror(errno)); } pptpd-1.4.0/missing0000755000175000017500000002540612110522672011170 00000000000000#! /bin/sh # Common stub for a few missing GNU programs while installing. scriptversion=2005-06-08.21 # Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005 # Free Software Foundation, Inc. # Originally by Fran,cois Pinard , 1996. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301, USA. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. if test $# -eq 0; then echo 1>&2 "Try \`$0 --help' for more information" exit 1 fi run=: # In the cases where this matters, `missing' is being run in the # srcdir already. if test -f configure.ac; then configure_ac=configure.ac else configure_ac=configure.in fi msg="missing on your system" case "$1" in --run) # Try to run requested program, and just exit if it succeeds. run= shift "$@" && exit 0 # Exit code 63 means version mismatch. This often happens # when the user try to use an ancient version of a tool on # a file that requires a minimum version. In this case we # we should proceed has if the program had been absent, or # if --run hadn't been passed. if test $? = 63; then run=: msg="probably too old" fi ;; -h|--h|--he|--hel|--help) echo "\ $0 [OPTION]... PROGRAM [ARGUMENT]... Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an error status if there is no known handling for PROGRAM. Options: -h, --help display this help and exit -v, --version output version information and exit --run try to run the given command, and emulate it if it fails Supported PROGRAM values: aclocal touch file \`aclocal.m4' autoconf touch file \`configure' autoheader touch file \`config.h.in' automake touch all \`Makefile.in' files bison create \`y.tab.[ch]', if possible, from existing .[ch] flex create \`lex.yy.c', if possible, from existing .c help2man touch the output file lex create \`lex.yy.c', if possible, from existing .c makeinfo touch the output file tar try tar, gnutar, gtar, then tar without non-portable flags yacc create \`y.tab.[ch]', if possible, from existing .[ch] Send bug reports to ." exit $? ;; -v|--v|--ve|--ver|--vers|--versi|--versio|--version) echo "missing $scriptversion (GNU Automake)" exit $? ;; -*) echo 1>&2 "$0: Unknown \`$1' option" echo 1>&2 "Try \`$0 --help' for more information" exit 1 ;; esac # Now exit if we have it, but it failed. Also exit now if we # don't have it and --version was passed (most likely to detect # the program). case "$1" in lex|yacc) # Not GNU programs, they don't have --version. ;; tar) if test -n "$run"; then echo 1>&2 "ERROR: \`tar' requires --run" exit 1 elif test "x$2" = "x--version" || test "x$2" = "x--help"; then exit 1 fi ;; *) if test -z "$run" && ($1 --version) > /dev/null 2>&1; then # We have it, but it failed. exit 1 elif test "x$2" = "x--version" || test "x$2" = "x--help"; then # Could not run --version or --help. This is probably someone # running `$TOOL --version' or `$TOOL --help' to check whether # $TOOL exists and not knowing $TOOL uses missing. exit 1 fi ;; esac # If it does not exist, or fails to run (possibly an outdated version), # try to emulate it. case "$1" in aclocal*) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified \`acinclude.m4' or \`${configure_ac}'. You might want to install the \`Automake' and \`Perl' packages. Grab them from any GNU archive site." touch aclocal.m4 ;; autoconf) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified \`${configure_ac}'. You might want to install the \`Autoconf' and \`GNU m4' packages. Grab them from any GNU archive site." touch configure ;; autoheader) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified \`acconfig.h' or \`${configure_ac}'. You might want to install the \`Autoconf' and \`GNU m4' packages. Grab them from any GNU archive site." files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}` test -z "$files" && files="config.h" touch_files= for f in $files; do case "$f" in *:*) touch_files="$touch_files "`echo "$f" | sed -e 's/^[^:]*://' -e 's/:.*//'`;; *) touch_files="$touch_files $f.in";; esac done touch $touch_files ;; automake*) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'. You might want to install the \`Automake' and \`Perl' packages. Grab them from any GNU archive site." find . -type f -name Makefile.am -print | sed 's/\.am$/.in/' | while read f; do touch "$f"; done ;; autom4te) echo 1>&2 "\ WARNING: \`$1' is needed, but is $msg. You might have modified some files without having the proper tools for further handling them. You can get \`$1' as part of \`Autoconf' from any GNU archive site." file=`echo "$*" | sed -n 's/.*--output[ =]*\([^ ]*\).*/\1/p'` test -z "$file" && file=`echo "$*" | sed -n 's/.*-o[ ]*\([^ ]*\).*/\1/p'` if test -f "$file"; then touch $file else test -z "$file" || exec >$file echo "#! /bin/sh" echo "# Created by GNU Automake missing as a replacement of" echo "# $ $@" echo "exit 0" chmod +x $file exit 1 fi ;; bison|yacc) echo 1>&2 "\ WARNING: \`$1' $msg. You should only need it if you modified a \`.y' file. You may need the \`Bison' package in order for those modifications to take effect. You can get \`Bison' from any GNU archive site." rm -f y.tab.c y.tab.h if [ $# -ne 1 ]; then eval LASTARG="\${$#}" case "$LASTARG" in *.y) SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` if [ -f "$SRCFILE" ]; then cp "$SRCFILE" y.tab.c fi SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` if [ -f "$SRCFILE" ]; then cp "$SRCFILE" y.tab.h fi ;; esac fi if [ ! -f y.tab.h ]; then echo >y.tab.h fi if [ ! -f y.tab.c ]; then echo 'main() { return 0; }' >y.tab.c fi ;; lex|flex) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified a \`.l' file. You may need the \`Flex' package in order for those modifications to take effect. You can get \`Flex' from any GNU archive site." rm -f lex.yy.c if [ $# -ne 1 ]; then eval LASTARG="\${$#}" case "$LASTARG" in *.l) SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` if [ -f "$SRCFILE" ]; then cp "$SRCFILE" lex.yy.c fi ;; esac fi if [ ! -f lex.yy.c ]; then echo 'main() { return 0; }' >lex.yy.c fi ;; help2man) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified a dependency of a manual page. You may need the \`Help2man' package in order for those modifications to take effect. You can get \`Help2man' from any GNU archive site." file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'` if test -z "$file"; then file=`echo "$*" | sed -n 's/.*--output=\([^ ]*\).*/\1/p'` fi if [ -f "$file" ]; then touch $file else test -z "$file" || exec >$file echo ".ab help2man is required to generate this page" exit 1 fi ;; makeinfo) echo 1>&2 "\ WARNING: \`$1' is $msg. You should only need it if you modified a \`.texi' or \`.texinfo' file, or any other file indirectly affecting the aspect of the manual. The spurious call might also be the consequence of using a buggy \`make' (AIX, DU, IRIX). You might want to install the \`Texinfo' package or the \`GNU make' package. Grab either from any GNU archive site." # The file to touch is that specified with -o ... file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'` if test -z "$file"; then # ... or it is the one specified with @setfilename ... infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $infile` # ... or it is derived from the source name (dir/f.texi becomes f.info) test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info fi # If the file does not exist, the user really needs makeinfo; # let's fail without touching anything. test -f $file || exit 1 touch $file ;; tar) shift # We have already tried tar in the generic part. # Look for gnutar/gtar before invocation to avoid ugly error # messages. if (gnutar --version > /dev/null 2>&1); then gnutar "$@" && exit 0 fi if (gtar --version > /dev/null 2>&1); then gtar "$@" && exit 0 fi firstarg="$1" if shift; then case "$firstarg" in *o*) firstarg=`echo "$firstarg" | sed s/o//` tar "$firstarg" "$@" && exit 0 ;; esac case "$firstarg" in *h*) firstarg=`echo "$firstarg" | sed s/h//` tar "$firstarg" "$@" && exit 0 ;; esac fi echo 1>&2 "\ WARNING: I can't seem to be able to run \`tar' with the given arguments. You may want to install GNU tar or Free paxutils, or check the command line arguments." exit 1 ;; *) echo 1>&2 "\ WARNING: \`$1' is needed, and is $msg. You might have modified some files without having the proper tools for further handling them. Check the \`README' file, it often tells you about the needed prerequisites for installing this package. You may also peek at any GNU archive site, in case some other package would contain this missing \`$1' program." exit 1 ;; esac exit 0 # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-end: "$" # End: pptpd-1.4.0/install-sh0000755000175000017500000001273612110522672011577 00000000000000#!/bin/sh # # install - install a program, script, or datafile # This comes from X11R5 (mit/util/scripts/install.sh). # # Copyright 1991 by the Massachusetts Institute of Technology # # Permission to use, copy, modify, distribute, and sell this software and its # documentation for any purpose is hereby granted without fee, provided that # the above copyright notice appear in all copies and that both that # copyright notice and this permission notice appear in supporting # documentation, and that the name of M.I.T. not be used in advertising or # publicity pertaining to distribution of the software without specific, # written prior permission. M.I.T. makes no representations about the # suitability of this software for any purpose. It is provided "as is" # without express or implied warranty. # # Calling this script install-sh is preferred over install.sh, to prevent # `make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. It can only install one file at a time, a restriction # shared with many OS's install programs. # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. doit="${DOITPROG-}" # put in absolute paths if you don't have them in your path; or use env. vars. mvprog="${MVPROG-mv}" cpprog="${CPPROG-cp}" chmodprog="${CHMODPROG-chmod}" chownprog="${CHOWNPROG-chown}" chgrpprog="${CHGRPPROG-chgrp}" stripprog="${STRIPPROG-strip}" rmprog="${RMPROG-rm}" mkdirprog="${MKDIRPROG-mkdir}" transformbasename="" transform_arg="" instcmd="$mvprog" chmodcmd="$chmodprog 0755" chowncmd="" chgrpcmd="" stripcmd="" rmcmd="$rmprog -f" mvcmd="$mvprog" src="" dst="" dir_arg="" while [ x"$1" != x ]; do case $1 in -c) instcmd="$cpprog" shift continue;; -d) dir_arg=true shift continue;; -m) chmodcmd="$chmodprog $2" shift shift continue;; -o) chowncmd="$chownprog $2" shift shift continue;; -g) chgrpcmd="$chgrpprog $2" shift shift continue;; -s) stripcmd="$stripprog" shift continue;; -t=*) transformarg=`echo $1 | sed 's/-t=//'` shift continue;; -b=*) transformbasename=`echo $1 | sed 's/-b=//'` shift continue;; *) if [ x"$src" = x ] then src=$1 else # this colon is to work around a 386BSD /bin/sh bug : dst=$1 fi shift continue;; esac done if [ x"$src" = x ] then echo "install: no input file specified" exit 1 else true fi if [ x"$dir_arg" != x ]; then dst=$src src="" if [ -d $dst ]; then instcmd=: chmodcmd="" else instcmd=mkdir fi else # Waiting for this to be detected by the "$instcmd $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if [ -f $src -o -d $src ] then true else echo "install: $src does not exist" exit 1 fi if [ x"$dst" = x ] then echo "install: no destination specified" exit 1 else true fi # If destination is a directory, append the input filename; if your system # does not like double slashes in filenames, you may need to add some logic if [ -d $dst ] then dst="$dst"/`basename $src` else true fi fi ## this sed command emulates the dirname command dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` # Make sure that the destination directory exists. # this part is taken from Noah Friedman's mkinstalldirs script # Skip lots of stat calls in the usual case. if [ ! -d "$dstdir" ]; then defaultIFS=' ' IFS="${IFS-${defaultIFS}}" oIFS="${IFS}" # Some sh's can't handle IFS=/ for some reason. IFS='%' set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` IFS="${oIFS}" pathcomp='' while [ $# -ne 0 ] ; do pathcomp="${pathcomp}${1}" shift if [ ! -d "${pathcomp}" ] ; then $mkdirprog "${pathcomp}" else true fi pathcomp="${pathcomp}/" done fi if [ x"$dir_arg" != x ] then $doit $instcmd $dst && if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi else # If we're going to rename the final executable, determine the name now. if [ x"$transformarg" = x ] then dstfile=`basename $dst` else dstfile=`basename $dst $transformbasename | sed $transformarg`$transformbasename fi # don't allow the sed command to completely eliminate the filename if [ x"$dstfile" = x ] then dstfile=`basename $dst` else true fi # Make a temp file name in the proper directory. dsttmp=$dstdir/#inst.$$# # Move or copy the file name to the temp name $doit $instcmd $src $dsttmp && trap "rm -f ${dsttmp}" 0 && # and set any options; do chmod last to preserve setuid bits # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $instcmd $src $dsttmp" command. if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && # Now rename the file to the real destination. $doit $rmcmd -f $dstdir/$dstfile && $doit $mvcmd $dsttmp $dstdir/$dstfile fi && exit 0 pptpd-1.4.0/configure0000775000175000017500000057631012231672170011512 00000000000000#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Use a proper internal environment variable to ensure we don't fall # into an infinite loop, continuously re-executing ourselves. if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then _as_can_reexec=no; export _as_can_reexec; # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 as_fn_exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST else case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi " as_required="as_fn_return () { (exit \$1); } as_fn_success () { as_fn_return 0; } as_fn_failure () { as_fn_return 1; } as_fn_ret_success () { return 0; } as_fn_ret_failure () { return 1; } exitcode=0 as_fn_success || { exitcode=1; echo as_fn_success failed.; } as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : else exitcode=1; echo positional parameters were not saved. fi test x\$exitcode = x0 || exit 1 test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 test \$(( 1 + 1 )) = 2 || exit 1" if (eval "$as_required") 2>/dev/null; then : as_have_required=yes else as_have_required=no fi if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. as_found=: case $as_dir in #( /*) for as_base in sh bash ksh sh5; do # Try only shells that exist, to save several forks. as_shell=$as_dir/$as_base if { test -f "$as_shell" || test -f "$as_shell.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : CONFIG_SHELL=$as_shell as_have_required=yes if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : break 2 fi fi done;; esac as_found=false done $as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : CONFIG_SHELL=$SHELL as_have_required=yes fi; } IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : export CONFIG_SHELL # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi if test x$as_have_required = xno; then : $as_echo "$0: This script requires a shell more modern than all" $as_echo "$0: the shells that I found on your system." if test x${ZSH_VERSION+set} = xset ; then $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" $as_echo "$0: be upgraded to zsh 4.3.4 or later." else $as_echo "$0: Please tell bug-autoconf@gnu.org about your system, $0: including any error possibly output before this $0: message. Then install a modern shell, or manually run $0: the script under such a shell if you do have one." fi exit 1 fi fi fi SHELL=${CONFIG_SHELL-/bin/sh} export SHELL # Unset more variables known to interfere with behavior of common tools. CLICOLOR_FORCE= GREP_OPTIONS= unset CLICOLOR_FORCE GREP_OPTIONS ## --------------------- ## ## M4sh Shell Functions. ## ## --------------------- ## # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits as_lineno_1=$LINENO as_lineno_1a=$LINENO as_lineno_2=$LINENO as_lineno_2a=$LINENO eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= ' <$as_myself | sed ' s/[$]LINENO.*/&-/ t lineno b :lineno N :loop s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ t loop s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # If we had to re-execute with $CONFIG_SHELL, we're ensured to have # already done that, so ensure we don't try to do so again and fall # in an infinite loop. This has already happened in practice. _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). . "./$as_me.lineno" # Exit status is that of the last command. exit } ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. # hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` # # Initializations. # ac_default_prefix=/usr/local ac_clean_files= ac_config_libobj_dir=. LIBOBJS= cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME= PACKAGE_TARNAME= PACKAGE_VERSION= PACKAGE_STRING= PACKAGE_BUGREPORT= PACKAGE_URL= ac_unique_file="pptpmanager.c" # Factoring default headers for most tests. ac_includes_default="\ #include #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_SYS_STAT_H # include #endif #ifdef STDC_HEADERS # include # include #else # ifdef HAVE_STDLIB_H # include # endif #endif #ifdef HAVE_STRING_H # if !defined STDC_HEADERS && defined HAVE_MEMORY_H # include # endif # include #endif #ifdef HAVE_STRINGS_H # include #endif #ifdef HAVE_INTTYPES_H # include #endif #ifdef HAVE_STDINT_H # include #endif #ifdef HAVE_UNISTD_H # include #endif" ac_subst_vars='am__EXEEXT_FALSE am__EXEEXT_TRUE LTLIBOBJS LIBOBJS HAVE_OPENPTY XTRA_PROG XTRALIBS_MGR XTRALIBS_CTRL EGREP GREP CPP LN_S RANLIB am__fastdepCC_FALSE am__fastdepCC_TRUE CCDEPMODE am__nodep AMDEPBACKSLASH AMDEP_FALSE AMDEP_TRUE am__quote am__include DEPDIR OBJEXT EXEEXT ac_ct_CC CPPFLAGS LDFLAGS CFLAGS CC am__untar am__tar AMTAR am__leading_dot SET_MAKE AWK mkdir_p MKDIR_P INSTALL_STRIP_PROGRAM STRIP install_sh MAKEINFO AUTOHEADER AUTOMAKE AUTOCONF ACLOCAL VERSION PACKAGE CYGPATH_W am__isrc INSTALL_DATA INSTALL_SCRIPT INSTALL_PROGRAM target_alias host_alias build_alias LIBS ECHO_T ECHO_N ECHO_C DEFS mandir localedir libdir psdir pdfdir dvidir htmldir infodir docdir oldincludedir includedir localstatedir sharedstatedir sysconfdir datadir datarootdir libexecdir sbindir bindir program_transform_name prefix exec_prefix PACKAGE_URL PACKAGE_BUGREPORT PACKAGE_STRING PACKAGE_VERSION PACKAGE_TARNAME PACKAGE_NAME PATH_SEPARATOR SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking with_bsdppp with_slirp enable_facility enable_bcrelay enable_vrf enable_dependency_tracking with_libwrap ' ac_precious_vars='build_alias host_alias target_alias CC CFLAGS LDFLAGS LIBS CPPFLAGS CPP' # Initialize some variables set by options. ac_init_help= ac_init_version=false ac_unrecognized_opts= ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. # (The list follows the same order as the GNU Coding Standards.) bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datarootdir='${prefix}/share' datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' pdfdir='${docdir}' psdir='${docdir}' libdir='${exec_prefix}/lib' localedir='${datarootdir}/locale' mandir='${datarootdir}/man' ac_prev= ac_dashdash= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval $ac_prev=\$ac_option ac_prev= continue fi case $ac_option in *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; *=) ac_optarg= ;; *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. case $ac_dashdash$ac_option in --) ac_dashdash=yes ;; -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=*) datadir=$ac_optarg ;; -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ | --dataroo | --dataro | --datar) ac_prev=datarootdir ;; -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) datarootdir=$ac_optarg ;; -disable-* | --disable-*) ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) docdir=$ac_optarg ;; -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) ac_prev=dvidir ;; -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) dvidir=$ac_optarg ;; -enable-* | --enable-*) ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) ac_prev=htmldir ;; -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ | --ht=*) htmldir=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localedir | --localedir | --localedi | --localed | --locale) ac_prev=localedir ;; -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) localedir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst | --locals) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) ac_prev=pdfdir ;; -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) pdfdir=$ac_optarg ;; -psdir | --psdir | --psdi | --psd | --ps) ac_prev=psdir ;; -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) psdir=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) as_fn_error $? "unrecognized option: \`$ac_option' Try \`$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` as_fn_error $? "missing argument to $ac_option" fi if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi # Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir do eval ac_val=\$$ac_var # Remove trailing slashes. case $ac_val in */ ) ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` eval $ac_var=\$ac_val;; esac # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. ac_confdir=`$as_dirname -- "$as_myself" || $as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_myself" : 'X\(//\)[^/]' \| \ X"$as_myself" : 'X\(//\)$' \| \ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` srcdir=$ac_confdir if test ! -r "$srcdir/$ac_unique_file"; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then srcdir=. fi # Remove unnecessary trailing slashes from srcdir. # Double slashes in file names in object file debugging info # mess up M-x gdb in Emacs. case $srcdir in */) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; esac for ac_var in $ac_precious_vars; do eval ac_env_${ac_var}_set=\${${ac_var}+set} eval ac_env_${ac_var}_value=\$${ac_var} eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} eval ac_cv_env_${ac_var}_value=\$${ac_var} done # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures this package to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or \`..'] Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify an installation prefix other than \`$ac_default_prefix' using \`--prefix', for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] --datadir=DIR read-only architecture-independent data [DATAROOTDIR] --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF Program names: --program-prefix=PREFIX prepend PREFIX to installed program names --program-suffix=SUFFIX append SUFFIX to installed program names --program-transform-name=PROGRAM run sed PROGRAM on installed program names _ACEOF fi if test -n "$ac_init_help"; then cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --enable-facility=name Use another syslog facility, default LOG_DAEMON --enable-bcrelay Enable broadcast relay function --enable-vrf Enable support for VRFs --disable-dependency-tracking speeds up one-time build --enable-dependency-tracking do not reject slow dependency extractors Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-bsdppp Use BSD user-space ppp --with-slirp Use SLIRP instead of pppd --with-libwrap Use libwrap (tcp wrappers) Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to the package provider. _ACEOF ac_status=$? fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d "$ac_dir" || { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix cd "$ac_dir" || { ac_status=$?; continue; } # Check for guested configure. if test -f "$ac_srcdir/configure.gnu"; then echo && $SHELL "$ac_srcdir/configure.gnu" --help=recursive elif test -f "$ac_srcdir/configure"; then echo && $SHELL "$ac_srcdir/configure" --help=recursive else $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF configure generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi ## ------------------------ ## ## Autoconf initialization. ## ## ------------------------ ## # ac_fn_c_try_compile LINENO # -------------------------- # Try to compile conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest.$ac_objext; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would # interfere with the next link command; also delete a directory that is # left behind by Apple's compiler. We do this before executing the actions. rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_link # ac_fn_c_check_func LINENO FUNC VAR # ---------------------------------- # Tests whether FUNC exists, setting the cache variable VAR accordingly ac_fn_c_check_func () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Define $2 to an innocuous variant, in case declares $2. For example, HP-UX 11i declares gettimeofday. */ #define $2 innocuous_$2 /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $2 (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $2 /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char $2 (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined __stub_$2 || defined __stub___$2 choke me #endif int main () { return $2 (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_func # ac_fn_c_try_cpp LINENO # ---------------------- # Try to preprocess conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_cpp () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_cpp conftest.$ac_ext" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } > conftest.i && { test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || test ! -s conftest.err }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp # ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists, giving a warning if it cannot be compiled using # the include files in INCLUDES and setting the cache variable VAR # accordingly. ac_fn_c_check_header_mongrel () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if eval \${$3+:} false; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } else # Is the header compilable? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 $as_echo_n "checking $2 usability... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_header_compiler=yes else ac_header_compiler=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 $as_echo "$ac_header_compiler" >&6; } # Is the header present? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 $as_echo_n "checking $2 presence... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include <$2> _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : ac_header_preproc=yes else ac_header_preproc=no fi rm -f conftest.err conftest.i conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 $as_echo "$ac_header_preproc" >&6; } # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( yes:no: ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 $as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; no:yes:* ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 $as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 $as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 $as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 $as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=\$ac_header_compiler" fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_mongrel # ac_fn_c_try_run LINENO # ---------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. Assumes # that executables *can* be run. ac_fn_c_try_run () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then : ac_retval=0 else $as_echo "$as_me: program exited with status $ac_status" >&5 $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=$ac_status fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_run # ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists and can be compiled using the include files in # INCLUDES, setting the cache variable VAR accordingly. ac_fn_c_check_header_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_compile # ac_fn_c_check_type LINENO TYPE VAR INCLUDES # ------------------------------------------- # Tests whether TYPE exists after having included INCLUDES, setting cache # variable VAR accordingly. ac_fn_c_check_type () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { if (sizeof ($2)) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { if (sizeof (($2))) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else eval "$3=yes" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_type cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` /usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. $as_echo "PATH: $as_dir" done IFS=$as_save_IFS } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; 2) as_fn_append ac_configure_args1 " '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi as_fn_append ac_configure_args " '$ac_arg'" ;; esac done done { ac_configure_args0=; unset ac_configure_args0;} { ac_configure_args1=; unset ac_configure_args1;} # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Use '\'' to represent an apostrophe within the trap. # WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. trap 'exit_status=$? # Save into config.log some information that might help in debugging. { echo $as_echo "## ---------------- ## ## Cache variables. ## ## ---------------- ##" echo # The following way of writing the cache mishandles newlines in values, ( for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( *${as_nl}ac_space=\ *) sed -n \ "s/'\''/'\''\\\\'\'''\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" ;; #( *) sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) echo $as_echo "## ----------------- ## ## Output variables. ## ## ----------------- ##" echo for ac_var in $ac_subst_vars do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo if test -n "$ac_subst_files"; then $as_echo "## ------------------- ## ## File substitutions. ## ## ------------------- ##" echo for ac_var in $ac_subst_files do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo fi if test -s confdefs.h; then $as_echo "## ----------- ## ## confdefs.h. ## ## ----------- ##" echo cat confdefs.h echo fi test "$ac_signal" != 0 && $as_echo "$as_me: caught signal $ac_signal" $as_echo "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h $as_echo "/* confdefs.h */" > confdefs.h # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_URL "$PACKAGE_URL" _ACEOF # Let the site file select an alternate cache file if it wants to. # Prefer an explicitly selected file to automatically selected ones. ac_site_file1=NONE ac_site_file2=NONE if test -n "$CONFIG_SITE"; then # We do not want a PATH search for config.site. case $CONFIG_SITE in #(( -*) ac_site_file1=./$CONFIG_SITE;; */*) ac_site_file1=$CONFIG_SITE;; *) ac_site_file1=./$CONFIG_SITE;; esac elif test "x$prefix" != xNONE; then ac_site_file1=$prefix/share/config.site ac_site_file2=$prefix/etc/config.site else ac_site_file1=$ac_default_prefix/share/config.site ac_site_file2=$ac_default_prefix/etc/config.site fi for ac_site_file in "$ac_site_file1" "$ac_site_file2" do test "x$ac_site_file" = xNONE && continue if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 $as_echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file See \`config.log' for more details" "$LINENO" 5; } fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special files # actually), so we avoid doing that. DJGPP emulates it as a regular file. if test /dev/null != "$cache_file" && test -f "$cache_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 $as_echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 $as_echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in $ac_precious_vars; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val=\$ac_cv_env_${ac_var}_value eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then # differences in whitespace do not lead to failure. ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 $as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 $as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 $as_echo "$as_me: former value: \`$ac_old_val'" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 $as_echo "$as_me: current value: \`$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) as_fn_append ac_configure_args " '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 $as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## ## -------------------- ## ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_config_headers="$ac_config_headers config.h" am__api_version='1.11' ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do if test -f "$ac_dir/install-sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break elif test -f "$ac_dir/install.sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break elif test -f "$ac_dir/shtool"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/shtool install -c" break fi done if test -z "$ac_aux_dir"; then as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 fi # These three variables are undocumented and unsupported, # and are intended to be withdrawn in a future Autoconf release. # They can cause serious problems if a builder's source tree is in a directory # whose full name contains unusual characters. ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AmigaOS /C/install, which installs bootblocks on floppy discs # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. # Reject install programs that cannot install multiple files. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 $as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then if ${ac_cv_path_install+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. # Account for people who put trailing slashes in PATH elements. case $as_dir/ in #(( ./ | .// | /[cC]/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else rm -rf conftest.one conftest.two conftest.dir echo one > conftest.one echo two > conftest.two mkdir conftest.dir if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && test -s conftest.one && test -s conftest.two && test -s conftest.dir/conftest.one && test -s conftest.dir/conftest.two then ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" break 3 fi fi fi done done ;; esac done IFS=$as_save_IFS rm -rf conftest.one conftest.two conftest.dir fi if test "${ac_cv_path_install+set}" = set; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. Don't cache a # value for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. INSTALL=$ac_install_sh fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 $as_echo "$INSTALL" >&6; } # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 $as_echo_n "checking whether build environment is sane... " >&6; } # Just in case sleep 1 echo timestamp > conftest.file # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' ' case `pwd` in *[\\\"\#\$\&\'\`$am_lf]*) as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;; esac case $srcdir in *[\\\"\#\$\&\'\`$am_lf\ \ ]*) as_fn_error $? "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;; esac # Do `set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` if test "$*" = "X"; then # -L didn't work. set X `ls -t "$srcdir/configure" conftest.file` fi rm -f conftest.file if test "$*" != "X $srcdir/configure conftest.file" \ && test "$*" != "X conftest.file $srcdir/configure"; then # If neither matched, then we have a broken ls. This can happen # if, for instance, CONFIG_SHELL is bash and it inherits a # broken ls alias from the environment. This has actually # happened. Such a system could not be considered "sane". as_fn_error $? "ls -t appears to fail. Make sure there is not a broken alias in your environment" "$LINENO" 5 fi test "$2" = conftest.file ) then # Ok. : else as_fn_error $? "newly created file is older than distributed files! Check your system clock" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } test "$program_prefix" != NONE && program_transform_name="s&^&$program_prefix&;$program_transform_name" # Use a double $ so make ignores it. test "$program_suffix" != NONE && program_transform_name="s&\$&$program_suffix&;$program_transform_name" # Double any \ or $. # By default was `s,x,x', remove it if useless. ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` # expand $ac_aux_dir to an absolute path am_aux_dir=`cd $ac_aux_dir && pwd` if test x"${MISSING+set}" != xset; then case $am_aux_dir in *\ * | *\ *) MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; *) MISSING="\${SHELL} $am_aux_dir/missing" ;; esac fi # Use eval to expand $SHELL if eval "$MISSING --run true"; then am_missing_run="$MISSING --run " else am_missing_run= { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`missing' script is too old or missing" >&5 $as_echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;} fi if test x"${install_sh}" != xset; then case $am_aux_dir in *\ * | *\ *) install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; *) install_sh="\${SHELL} $am_aux_dir/install-sh" esac fi # Installed binaries are usually stripped using `strip' when the user # run `make install-strip'. However `strip' might not be the right # tool to use in cross-compilation environments, therefore Automake # will honor the `STRIP' environment variable to overrule this program. if test "$cross_compiling" != no; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. set dummy ${ac_tool_prefix}strip; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_STRIP+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$STRIP"; then ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi STRIP=$ac_cv_prog_STRIP if test -n "$STRIP"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 $as_echo "$STRIP" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_STRIP"; then ac_ct_STRIP=$STRIP # Extract the first word of "strip", so it can be a program name with args. set dummy strip; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_STRIP+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_STRIP"; then ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP if test -n "$ac_ct_STRIP"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 $as_echo "$ac_ct_STRIP" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_STRIP" = x; then STRIP=":" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac STRIP=$ac_ct_STRIP fi else STRIP="$ac_cv_prog_STRIP" fi fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 $as_echo_n "checking for a thread-safe mkdir -p... " >&6; } if test -z "$MKDIR_P"; then if ${ac_cv_path_mkdir+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in mkdir gmkdir; do for ac_exec_ext in '' $ac_executable_extensions; do as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( 'mkdir (GNU coreutils) '* | \ 'mkdir (coreutils) '* | \ 'mkdir (fileutils) '4.1*) ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext break 3;; esac done done done IFS=$as_save_IFS fi test -d ./--version && rmdir ./--version if test "${ac_cv_path_mkdir+set}" = set; then MKDIR_P="$ac_cv_path_mkdir -p" else # As a last resort, use the slow shell script. Don't cache a # value for MKDIR_P within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. MKDIR_P="$ac_install_sh -d" fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 $as_echo "$MKDIR_P" >&6; } mkdir_p="$MKDIR_P" case $mkdir_p in [\\/$]* | ?:[\\/]*) ;; */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; esac for ac_prog in gawk mawk nawk awk do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_AWK+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$AWK"; then ac_cv_prog_AWK="$AWK" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi AWK=$ac_cv_prog_AWK if test -n "$AWK"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 $as_echo "$AWK" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$AWK" && break done { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF # GNU make sometimes prints "make[1]: Entering ...", which would confuse us. case `${MAKE-make} -f conftest.make 2>/dev/null` in *@@@%%%=?*=@@@%%%*) eval ac_cv_prog_make_${ac_make}_set=yes;; *) eval ac_cv_prog_make_${ac_make}_set=no;; esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } SET_MAKE= else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi rm -rf .tst 2>/dev/null mkdir .tst 2>/dev/null if test -d .tst; then am__leading_dot=. else am__leading_dot=_ fi rmdir .tst 2>/dev/null if test "`cd $srcdir && pwd`" != "`pwd`"; then # Use -I$(srcdir) only when $(srcdir) != ., so that make's output # is not polluted with repeated "-I." am__isrc=' -I$(srcdir)' # test to see if srcdir already configured if test -f $srcdir/config.status; then as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 fi fi # test whether we have cygpath if test -z "$CYGPATH_W"; then if (cygpath --version) >/dev/null 2>/dev/null; then CYGPATH_W='cygpath -w' else CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE=pptpd VERSION=1.4.0 cat >>confdefs.h <<_ACEOF #define PACKAGE "$PACKAGE" _ACEOF cat >>confdefs.h <<_ACEOF #define VERSION "$VERSION" _ACEOF # Some tools Automake needs. ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} # We need awk for the "check" target. The system "awk" is bad on # some platforms. # Always define AMTAR for backward compatibility. Yes, it's still used # in the wild :-( We should find a proper way to deprecate it ... AMTAR='$${TAR-tar}' am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -' # check common command line options early $as_echo "#define PPP_BINARY \"/usr/sbin/pppd\"" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: checking command line for use of BSD PPP" >&5 $as_echo_n "checking command line for use of BSD PPP... " >&6; } # Check whether --with-bsdppp was given. if test "${with_bsdppp+set}" = set; then : withval=$with_bsdppp; case "$withval" in yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: BSD user-space ppp" >&5 $as_echo "BSD user-space ppp" >&6; } $as_echo "#define BSDUSER_PPP 1" >>confdefs.h BSDUSER_PPP=$with_bsdppp $as_echo "#define PPP_BINARY \"/usr/sbin/ppp\"" >>confdefs.h break; ;; no) { $as_echo "$as_me:${as_lineno-$LINENO}: result: explicit standard pppd" >&5 $as_echo "explicit standard pppd" >&6; } ;; *) # only yes or no are expected for this option { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised... terminating" >&5 $as_echo "unrecognised... terminating" >&6; } exit 1 ;; esac else { $as_echo "$as_me:${as_lineno-$LINENO}: result: default standard pppd" >&5 $as_echo "default standard pppd" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking command line for use of SLIRP" >&5 $as_echo_n "checking command line for use of SLIRP... " >&6; } # Check whether --with-slirp was given. if test "${with_slirp+set}" = set; then : withval=$with_slirp; case "$withval" in yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } $as_echo "#define SLIRP 1" >>confdefs.h SLIRP=$with_slirp $as_echo "#define PPP_BINARY \"/bin/slirp\"" >>confdefs.h break; ;; no) { $as_echo "$as_me:${as_lineno-$LINENO}: result: explicit no" >&5 $as_echo "explicit no" >&6; } ;; *) # only yes or no are expected for this option { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised... terminating" >&5 $as_echo "unrecognised... terminating" >&6; } exit 1 ;; esac else { $as_echo "$as_me:${as_lineno-$LINENO}: result: default no" >&5 $as_echo "default no" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking command line for syslog facility name" >&5 $as_echo_n "checking command line for syslog facility name... " >&6; } # Check whether --enable-facility was given. if test "${enable_facility+set}" = set; then : enableval=$enable_facility; { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enableval" >&5 $as_echo "$enableval" >&6; } cat >>confdefs.h <<_ACEOF #define PPTP_FACILITY $enableval _ACEOF else { $as_echo "$as_me:${as_lineno-$LINENO}: result: default LOG_DAEMON" >&5 $as_echo "default LOG_DAEMON" >&6; } cat >>confdefs.h <<_ACEOF #define PPTP_FACILITY LOG_DAEMON _ACEOF fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking command line for bcrelay build" >&5 $as_echo_n "checking command line for bcrelay build... " >&6; } # Check whether --enable-bcrelay was given. if test "${enable_bcrelay+set}" = set; then : enableval=$enable_bcrelay; case "$enableval" in yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } $as_echo "#define BCRELAY 1" >>confdefs.h BCRELAY=$enableval break; ;; no) { $as_echo "$as_me:${as_lineno-$LINENO}: result: explicit no" >&5 $as_echo "explicit no" >&6; } ;; *) # only yes or no are expected for this option { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised... terminating" >&5 $as_echo "unrecognised... terminating" >&6; } exit 1 ;; esac else { $as_echo "$as_me:${as_lineno-$LINENO}: result: default no" >&5 $as_echo "default no" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking command line for VRF build" >&5 $as_echo_n "checking command line for VRF build... " >&6; } # Check whether --enable-vrf was given. if test "${enable_vrf+set}" = set; then : enableval=$enable_vrf; case "$enableval" in yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } VRF=$enableval ;; no) { $as_echo "$as_me:${as_lineno-$LINENO}: result: explicit no" >&5 $as_echo "explicit no" >&6; } ;; *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised... terminating" >&5 $as_echo "unrecognised... terminating" >&6; } exit 1 ;; esac else { $as_echo "$as_me:${as_lineno-$LINENO}: result: default no" >&5 $as_echo "default no" >&6; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl.exe do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl.exe do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$ac_ct_CC" && break done if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi fi fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then sed '10a\ ... rest of stderr output deleted ... 10q' conftest.err >conftest.er1 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 $as_echo_n "checking whether the C compiler works... " >&6; } ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` # The possible output files: ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" ac_rmfiles= for ac_file in $ac_files do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; * ) ac_rmfiles="$ac_rmfiles $ac_file";; esac done rm -f $ac_rmfiles if { { ac_try="$ac_link_default" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. # So ignore a value of `no', otherwise this would lead to `EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, # so that the user can short-circuit this test for compilers unknown to # Autoconf. for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi # We set ac_cv_exeext here because the later test for it is not # safe: cross compilers may not add the suffix if given an `-o' # argument, so we may need to know it at that point already. # Even if this section looks crufty: it has the advantage of # actually working. break;; * ) break;; esac done test "$ac_cv_exeext" = no && ac_cv_exeext= else ac_file='' fi if test -z "$ac_file"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables See \`config.log' for more details" "$LINENO" 5; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 $as_echo_n "checking for C compiler default output file name... " >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 $as_echo "$ac_file" >&6; } ac_exeext=$ac_cv_exeext rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 $as_echo_n "checking for suffix of executables... " >&6; } if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` break;; * ) break;; esac done else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 $as_echo "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main () { FILE *f = fopen ("conftest.out", "w"); return ferror (f) || fclose (f) != 0; ; return 0; } _ACEOF ac_clean_files="$ac_clean_files conftest.out" # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 $as_echo_n "checking whether we are cross compiling... " >&6; } if test "$cross_compiling" != yes; then { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if { ac_try='./conftest$ac_cv_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details" "$LINENO" 5; } fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 $as_echo "$cross_compiling" >&6; } rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } if ${ac_cv_objext+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 $as_echo "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } if ${ac_cv_c_compiler_gnu+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_compiler_gnu=yes else ac_compiler_gnu=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 $as_echo "$ac_cv_c_compiler_gnu" >&6; } if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } if ${ac_cv_prog_cc_g+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes else CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 $as_echo "$ac_cv_prog_cc_g" >&6; } if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; /* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters inside strings and character constants. */ #define FOO(x) 'x' int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c89=$ac_arg fi rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c89" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 $as_echo "none needed" >&6; } ;; xno) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c89" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 $as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac if test "x$ac_cv_prog_cc_c89" != xno; then : fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu DEPDIR="${am__leading_dot}deps" ac_config_commands="$ac_config_commands depfiles" am_make=${MAKE-make} cat > confinc << 'END' am__doit: @echo this is the am__doit target .PHONY: am__doit END # If we don't find an include directive, just comment out the code. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5 $as_echo_n "checking for style of include used by $am_make... " >&6; } am__include="#" am__quote= _am_result=none # First try GNU make style include. echo "include confinc" > confmf # Ignore all kinds of additional output from `make'. case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=include am__quote= _am_result=GNU ;; esac # Now try BSD make style include. if test "$am__include" = "#"; then echo '.include "confinc"' > confmf case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=.include am__quote="\"" _am_result=BSD ;; esac fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 $as_echo "$_am_result" >&6; } rm -f confinc confmf # Check whether --enable-dependency-tracking was given. if test "${enable_dependency_tracking+set}" = set; then : enableval=$enable_dependency_tracking; fi if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' am__nodep='_no' fi if test "x$enable_dependency_tracking" != xno; then AMDEP_TRUE= AMDEP_FALSE='#' else AMDEP_TRUE='#' AMDEP_FALSE= fi depcc="$CC" am_compiler_list= { $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 $as_echo_n "checking dependency style of $depcc... " >&6; } if ${am_cv_CC_dependencies_compiler_type+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up # making a dummy file named `D' -- because `-MD' means `put the output # in D'. rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir # We will build objects and dependencies in a subdirectory because # it helps to detect inapplicable dependency modes. For instance # both Tru64's cc and ICC support -MD to output dependencies as a # side effect of compilation, but ICC will put the dependencies in # the current directory while Tru64 will put them in the object # directory. mkdir sub am_cv_CC_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` fi am__universal=false case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and # we should not choose a depcomp mode which is confused by this. # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with # Solaris 8's {/usr,}/bin/sh. touch sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf # We check with `-c' and `-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly # handle `-M -o', and we need to detect this. Also, some Intel # versions had trouble with output in subdirs am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in gcc) # This depmode causes a compiler race in universal mode. test "$am__universal" = false || continue ;; nosideeffect) # after this tag, mechanisms are not by side-effect, so they'll # only be used when explicitly requested if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) # This compiler won't grok `-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} am__minus_obj= ;; none) break ;; esac if depmode=$depmode \ source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message # that says an option was ignored or not supported. # When given -MP, icc 7.0 and 7.1 complain thusly: # icc: Command line warning: ignoring option '-M'; no argument required # The diagnosis changed in icc 8.0: # icc: Command line remark: option '-MP' not supported if (grep 'ignoring option' conftest.err || grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else am_cv_CC_dependencies_compiler_type=$depmode break fi fi done cd .. rm -rf conftest.dir else am_cv_CC_dependencies_compiler_type=none fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 $as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type if test "x$enable_dependency_tracking" != xno \ && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then am__fastdepCC_TRUE= am__fastdepCC_FALSE='#' else am__fastdepCC_TRUE='#' am__fastdepCC_FALSE= fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 $as_echo "$RANLIB" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_RANLIB"; then ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 $as_echo "$ac_ct_RANLIB" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_RANLIB" = x; then RANLIB=":" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac RANLIB=$ac_ct_RANLIB fi else RANLIB="$ac_cv_prog_RANLIB" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 $as_echo_n "checking whether ln -s works... " >&6; } LN_S=$as_ln_s if test "$LN_S" = "ln -s"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 $as_echo "no, using $LN_S" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF # GNU make sometimes prints "make[1]: Entering ...", which would confuse us. case `${MAKE-make} -f conftest.make 2>/dev/null` in *@@@%%%=?*=@@@%%%*) eval ac_cv_prog_make_${ac_make}_set=yes;; *) eval ac_cv_prog_make_${ac_make}_set=no;; esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } SET_MAKE= else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 $as_echo_n "checking for an ANSI C-conforming const... " >&6; } if ${ac_cv_c_const+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __cplusplus /* Ultrix mips cc rejects this sort of thing. */ typedef int charset[2]; const charset cs = { 0, 0 }; /* SunOS 4.1.1 cc rejects this. */ char const *const *pcpcc; char **ppc; /* NEC SVR4.0.2 mips cc rejects this. */ struct point {int x, y;}; static struct point const zero = {0,0}; /* AIX XL C 1.02.0.0 rejects this. It does not let you subtract one const X* pointer from another in an arm of an if-expression whose if-part is not a constant expression */ const char *g = "string"; pcpcc = &g + (g ? g-g : 0); /* HPUX 7.0 cc rejects these. */ ++pcpcc; ppc = (char**) pcpcc; pcpcc = (char const *const *) ppc; { /* SCO 3.2v4 cc rejects this sort of thing. */ char tx; char *t = &tx; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; if (s) return 0; } { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ int x[] = {25, 17}; const int *foo = &x[0]; ++foo; } { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ typedef const int *iptr; iptr p = 0; ++p; } { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ struct s { int j; const int *ap[3]; } bx; struct s *b = &bx; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; if (!foo) return 0; } return !cs[0] && !zero.x; #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_c_const=yes else ac_cv_c_const=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 $as_echo "$ac_cv_c_const" >&6; } if test $ac_cv_c_const = no; then $as_echo "#define const /**/" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 $as_echo_n "checking for inline... " >&6; } if ${ac_cv_c_inline+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifndef __cplusplus typedef int foo_t; static $ac_kw foo_t static_foo () {return 0; } $ac_kw foo_t foo () {return 0; } #endif _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_c_inline=$ac_kw fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext test "$ac_cv_c_inline" != no && break done fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 $as_echo "$ac_cv_c_inline" >&6; } case $ac_cv_c_inline in inline | yes) ;; *) case $ac_cv_c_inline in no) ac_val=;; *) ac_val=$ac_cv_c_inline;; esac cat >>confdefs.h <<_ACEOF #ifndef __cplusplus #define inline $ac_val #endif _ACEOF ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether #! works in shell scripts" >&5 $as_echo_n "checking whether #! works in shell scripts... " >&6; } if ${ac_cv_sys_interpreter+:} false; then : $as_echo_n "(cached) " >&6 else echo '#! /bin/cat exit 69 ' >conftest chmod u+x conftest (SHELL=/bin/sh; export SHELL; ./conftest >/dev/null 2>&1) if test $? -ne 69; then ac_cv_sys_interpreter=yes else ac_cv_sys_interpreter=no fi rm -f conftest fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_interpreter" >&5 $as_echo "$ac_cv_sys_interpreter" >&6; } interpval=$ac_cv_sys_interpreter for ac_func in setsid daemon setproctitle getservbyname strlcpy fork memmove strerror writev do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 $as_echo_n "checking how to run the C preprocessor... " >&6; } # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if ${ac_cv_prog_CPP+:} false; then : $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : break fi done ac_cv_prog_CPP=$CPP fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 $as_echo "$CPP" >&6; } ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 $as_echo_n "checking for grep that handles long lines and -e... " >&6; } if ${ac_cv_path_GREP+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$GREP"; then ac_path_GREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in *GNU*) ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'GREP' >> "conftest.nl" "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_GREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_GREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_GREP"; then as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_GREP=$GREP fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 $as_echo "$ac_cv_path_GREP" >&6; } GREP="$ac_cv_path_GREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 $as_echo_n "checking for egrep... " >&6; } if ${ac_cv_path_EGREP+:} false; then : $as_echo_n "(cached) " >&6 else if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 then ac_cv_path_EGREP="$GREP -E" else if test -z "$EGREP"; then ac_path_EGREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in *GNU*) ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'EGREP' >> "conftest.nl" "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_EGREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP"; then as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_EGREP=$EGREP fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 $as_echo "$ac_cv_path_EGREP" >&6; } EGREP="$ac_cv_path_EGREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_stdc=yes else ac_cv_header_stdc=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) return 2; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : else ac_cv_header_stdc=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 $as_echo "$ac_cv_header_stdc" >&6; } if test $ac_cv_header_stdc = yes; then $as_echo "#define STDC_HEADERS 1" >>confdefs.h fi # On IRIX 5.3, sys/types and inttypes.h are conflicting. for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in pty.h do : ac_fn_c_check_header_mongrel "$LINENO" "pty.h" "ac_cv_header_pty_h" "$ac_includes_default" if test "x$ac_cv_header_pty_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PTY_H 1 _ACEOF fi done for ac_header in string.h do : ac_fn_c_check_header_mongrel "$LINENO" "string.h" "ac_cv_header_string_h" "$ac_includes_default" if test "x$ac_cv_header_string_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRING_H 1 _ACEOF fi done for ac_header in syslog.h do : ac_fn_c_check_header_mongrel "$LINENO" "syslog.h" "ac_cv_header_syslog_h" "$ac_includes_default" if test "x$ac_cv_header_syslog_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYSLOG_H 1 _ACEOF fi done for ac_header in libintl.h do : ac_fn_c_check_header_mongrel "$LINENO" "libintl.h" "ac_cv_header_libintl_h" "$ac_includes_default" if test "x$ac_cv_header_libintl_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBINTL_H 1 _ACEOF fi done for ac_header in libutil.h do : ac_fn_c_check_header_mongrel "$LINENO" "libutil.h" "ac_cv_header_libutil_h" "$ac_includes_default" if test "x$ac_cv_header_libutil_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBUTIL_H 1 _ACEOF fi done for ac_header in sys/uio.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/uio.h" "ac_cv_header_sys_uio_h" "$ac_includes_default" if test "x$ac_cv_header_sys_uio_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_UIO_H 1 _ACEOF fi done ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" if test "x$ac_cv_type_size_t" = xyes; then : else cat >>confdefs.h <<_ACEOF #define size_t unsigned int _ACEOF fi ac_fn_c_check_type "$LINENO" "ssize_t" "ac_cv_type_ssize_t" "$ac_includes_default" if test "x$ac_cv_type_ssize_t" = xyes; then : else cat >>confdefs.h <<_ACEOF #define ssize_t int _ACEOF fi ac_fn_c_check_type "$LINENO" "u_int8_t" "ac_cv_type_u_int8_t" "$ac_includes_default" if test "x$ac_cv_type_u_int8_t" = xyes; then : else cat >>confdefs.h <<_ACEOF #define u_int8_t unsigned char _ACEOF fi ac_fn_c_check_type "$LINENO" "u_int16_t" "ac_cv_type_u_int16_t" "$ac_includes_default" if test "x$ac_cv_type_u_int16_t" = xyes; then : else cat >>confdefs.h <<_ACEOF #define u_int16_t unsigned short _ACEOF fi ac_fn_c_check_type "$LINENO" "u_int32_t" "ac_cv_type_u_int32_t" "$ac_includes_default" if test "x$ac_cv_type_u_int32_t" = xyes; then : else cat >>confdefs.h <<_ACEOF #define u_int32_t unsigned int _ACEOF fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for socklen_t" >&5 $as_echo_n "checking for socklen_t... " >&6; } if ${ac_cv_type_socklen_t+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #if STDC_HEADERS #include #include #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "socklen_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then : ac_cv_type_socklen_t=yes else ac_cv_type_socklen_t=no fi rm -f conftest* fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_socklen_t" >&5 $as_echo "$ac_cv_type_socklen_t" >&6; } if test $ac_cv_type_socklen_t = no; then $as_echo "#define socklen_t int" >>confdefs.h fi # Check whether --with-libwrap was given. if test "${with_libwrap+set}" = set; then : withval=$with_libwrap; if test "$with_libwrap" = "yes"; then XYZZY_LIBS="$LIBS" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libwrap alone" >&5 $as_echo_n "checking for libwrap alone... " >&6; } LIBS="$XYZZY_LIBS -lwrap" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int allow_severity, deny_severity; int main () { hosts_access(); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } $as_echo "#define HAVE_LIBWRAP 1" >>confdefs.h LIBWRAP="yes" XTRALIBS_MGR="-lwrap" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } LIBS="$XYZZY_LIBS -lwrap -lnsl" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libwrap with libnsl" >&5 $as_echo_n "checking for libwrap with libnsl... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int allow_severity, deny_severity; int main () { hosts_access(); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } $as_echo "#define HAVE_LIBWRAP 1" >>confdefs.h LIBWRAP="yes" XTRALIBS_MGR="-lwrap -lnsl" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS="$XYZZY_LIBS" fi fi XYZZY_LIBS="$LIBS" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for accept in -lc" >&5 $as_echo_n "checking for accept in -lc... " >&6; } if ${ac_cv_lib_c_accept+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lc $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char accept (); int main () { return accept (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_c_accept=yes else ac_cv_lib_c_accept=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c_accept" >&5 $as_echo "$ac_cv_lib_c_accept" >&6; } if test "x$ac_cv_lib_c_accept" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBC 1 _ACEOF LIBS="-lc $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lc" >&5 $as_echo_n "checking for gethostbyname in -lc... " >&6; } if ${ac_cv_lib_c_gethostbyname+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lc $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char gethostbyname (); int main () { return gethostbyname (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_c_gethostbyname=yes else ac_cv_lib_c_gethostbyname=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c_gethostbyname" >&5 $as_echo "$ac_cv_lib_c_gethostbyname" >&6; } if test "x$ac_cv_lib_c_gethostbyname" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBC 1 _ACEOF LIBS="-lc $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for openpty in -lc" >&5 $as_echo_n "checking for openpty in -lc... " >&6; } if ${ac_cv_lib_c_openpty+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lc $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char openpty (); int main () { return openpty (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_c_openpty=yes else ac_cv_lib_c_openpty=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c_openpty" >&5 $as_echo "$ac_cv_lib_c_openpty" >&6; } if test "x$ac_cv_lib_c_openpty" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBC 1 _ACEOF LIBS="-lc $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gettext in -lc" >&5 $as_echo_n "checking for gettext in -lc... " >&6; } if ${ac_cv_lib_c_gettext+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lc $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char gettext (); int main () { return gettext (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_c_gettext=yes else ac_cv_lib_c_gettext=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c_gettext" >&5 $as_echo "$ac_cv_lib_c_gettext" >&6; } if test "x$ac_cv_lib_c_gettext" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBC 1 _ACEOF LIBS="-lc $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for accept in -lsocket" >&5 $as_echo_n "checking for accept in -lsocket... " >&6; } if ${ac_cv_lib_socket_accept+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char accept (); int main () { return accept (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_socket_accept=yes else ac_cv_lib_socket_accept=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_accept" >&5 $as_echo "$ac_cv_lib_socket_accept" >&6; } if test "x$ac_cv_lib_socket_accept" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBSOCKET 1 _ACEOF LIBS="-lsocket $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lnsl" >&5 $as_echo_n "checking for gethostbyname in -lnsl... " >&6; } if ${ac_cv_lib_nsl_gethostbyname+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char gethostbyname (); int main () { return gethostbyname (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_nsl_gethostbyname=yes else ac_cv_lib_nsl_gethostbyname=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_gethostbyname" >&5 $as_echo "$ac_cv_lib_nsl_gethostbyname" >&6; } if test "x$ac_cv_lib_nsl_gethostbyname" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBNSL 1 _ACEOF LIBS="-lnsl $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for openpty in -lutil" >&5 $as_echo_n "checking for openpty in -lutil... " >&6; } if ${ac_cv_lib_util_openpty+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lutil $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char openpty (); int main () { return openpty (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_util_openpty=yes else ac_cv_lib_util_openpty=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_util_openpty" >&5 $as_echo "$ac_cv_lib_util_openpty" >&6; } if test "x$ac_cv_lib_util_openpty" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBUTIL 1 _ACEOF LIBS="-lutil $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gettext in -lintl" >&5 $as_echo_n "checking for gettext in -lintl... " >&6; } if ${ac_cv_lib_intl_gettext+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lintl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char gettext (); int main () { return gettext (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_intl_gettext=yes else ac_cv_lib_intl_gettext=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_intl_gettext" >&5 $as_echo "$ac_cv_lib_intl_gettext" >&6; } if test "x$ac_cv_lib_intl_gettext" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBINTL 1 _ACEOF LIBS="-lintl $LIBS" fi LIBS="$XYZZY_LIBS" if test "$ac_cv_lib_c_accept" = no; then if test "$ac_cv_lib_socket_accept" = yes; then LIBS="$LIBS -lsocket" else echo "Couldn't find a usable accept!" 1>&2 exit 1 fi fi if test "$ac_cv_lib_c_gethostbyname" = no; then if test "$ac_cv_lib_nsl_gethostbyname" = yes; then LIBS="$LIBS -lnsl" if test "$XTRALIBS_MGR" = "-lwrap -lnsl"; then XTRALIBS_MGR="-lwrap" fi else echo "Couldn't find a usable gethostbyname!" 1>&2 exit 1 fi fi if test "$ac_cv_lib_c_openpty" = yes; then $as_echo "#define HAVE_OPENPTY 1" >>confdefs.h else if test "$ac_cv_lib_util_openpty" = yes; then $as_echo "#define HAVE_OPENPTY 1" >>confdefs.h XTRALIBS_CTRL="-lutil" fi fi if test "$ac_cv_header_libintl_h" = yes; then if test "$ac_cv_lib_c_gettext" = no; then if test "$ac_cv_lib_intl_gettext" = yes; then XTRALIBS_MGR = "$XTRALIBS_MGR -lintl" else echo "Have libintl.h but no usable gettext!" 1>&2 exit 1 fi fi fi if test "$BCRELAY" = "yes"; then if test "$BCRELAY" = "yes"; then XTRA_PROG="bcrelay" true else echo "No BCrelay selected." 1>&2 fi fi if test "$VRF" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for vrf Library and Header files..." >&5 $as_echo "$as_me: checking for vrf Library and Header files..." >&6;} ac_fn_c_check_header_mongrel "$LINENO" "vrf.h" "ac_cv_header_vrf_h" "$ac_includes_default" if test "x$ac_cv_header_vrf_h" = xyes; then : else as_fn_error $? "vrf headers were not found" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for vrf_socket in -lvrf" >&5 $as_echo_n "checking for vrf_socket in -lvrf... " >&6; } if ${ac_cv_lib_vrf_vrf_socket+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lvrf $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char vrf_socket (); int main () { return vrf_socket (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_vrf_vrf_socket=yes else ac_cv_lib_vrf_vrf_socket=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_vrf_vrf_socket" >&5 $as_echo "$ac_cv_lib_vrf_vrf_socket" >&6; } if test "x$ac_cv_lib_vrf_vrf_socket" = xyes; then : $as_echo "#define VRF 1" >>confdefs.h XTRALIBS_CTRL="$XTRALIBS_CTRL -lvrf" XTRALIBS_MGR="$XTRALIBS_MGR -lvrf" else as_fn_error $? "vrf library was not found" "$LINENO" 5 fi fi echo '===============================================================================' echo 'Configuration chosen:' echo -n ' PPPd: ' if test "$BSDUSER_PPP" = "yes"; then echo 'BSD user-space PPPd.' else if test "$SLIRP" = "yes"; then echo 'SLIRP.' else echo 'Standard.' fi fi echo -n ' LIBWRAP security: ' if test "$LIBWRAP" = "yes"; then echo 'Yes.' else echo 'No.' fi echo -n ' Broadcast Relay: ' if test "$BCRELAY" = "yes"; then echo 'Yes.' else echo 'No.' fi echo -n ' VRF support: ' if test "$VRF" = "yes"; then echo 'Yes.' else echo 'No.' fi cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) # `set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) | sed ' /^ac_cv_env_/b end t clear :clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else case $cache_file in #( */* | ?:*) mv -f confcache "$cache_file"$$ && mv -f "$cache_file"$$ "$cache_file" ;; #( *) mv -f confcache "$cache_file" ;; esac fi fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache ac_config_files="$ac_config_files Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) # `set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) | sed ' /^ac_cv_env_/b end t clear :clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else case $cache_file in #( */* | ?:*) mv -f confcache "$cache_file"$$ && mv -f "$cache_file"$$ "$cache_file" ;; #( *) mv -f confcache "$cache_file" ;; esac fi fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs if test -n "$EXEEXT"; then am__EXEEXT_TRUE= am__EXEEXT_FALSE='#' else am__EXEEXT_TRUE='#' am__EXEEXT_FALSE= fi if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then as_fn_error $? "conditional \"AMDEP\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then as_fn_error $? "conditional \"am__fastdepCC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 $as_echo "$as_me: creating $CONFIG_STATUS" >&6;} as_write_fail=0 cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} export SHELL _ASEOF cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" exec 6>&1 ## ----------------------------------- ## ## Main body of $CONFIG_STATUS script. ## ## ----------------------------------- ## _ASEOF test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by $as_me, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ on `(hostname || uname -n) 2>/dev/null | sed 1q` " _ACEOF case $ac_config_files in *" "*) set x $ac_config_files; shift; ac_config_files=$*;; esac case $ac_config_headers in *" "*) set x $ac_config_headers; shift; ac_config_headers=$*;; esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" config_commands="$ac_config_commands" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ \`$as_me' instantiates files and other configuration actions from templates according to the current configuration. Unless the files and actions are specified as TAGs, all are instantiated by default. Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit --config print configuration, then exit -q, --quiet, --silent do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE --header=FILE[:TEMPLATE] instantiate the configuration header FILE Configuration files: $config_files Configuration headers: $config_headers Configuration commands: $config_commands Report bugs to the package provider." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ config.status configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' MKDIR_P='$MKDIR_P' AWK='$AWK' test -n "\$AWK" || AWK=awk _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; --*=) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg= ac_shift=: ;; *) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; esac case $ac_option in # Handling of the options. -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) $as_echo "$ac_cs_version"; exit ;; --config | --confi | --conf | --con | --co | --c ) $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; esac as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header as_fn_error $? "ambiguous option: \`$1' Try \`$0 --help' for more information.";; --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) as_fn_error $? "unrecognized option: \`$1' Try \`$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' export CONFIG_SHELL exec "\$@" fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX $as_echo "$ac_log" } >&5 _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # # INIT-COMMANDS # AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets do case $ac_config_target in "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason against having it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Hook for its removal unless debugging. # Note that there is a small window in which the directory will not be cleaned: # after its creation but before its name has been assigned to `$tmp'. $debug || { tmp= ac_tmp= trap 'exit_status=$? : "${ac_tmp:=$tmp}" { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. # This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then ac_cr=`echo X | tr X '\015'` # On cygwin, bash can eat \r inside `` if the user requested igncr. # But we know of no other shell where ac_cr would be empty at this # point, so we can use a bashism as a fallback. if test "x$ac_cr" = x; then eval ac_cr=\$\'\\r\' fi ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then ac_cs_awk_cr='\\r' else ac_cs_awk_cr=$ac_cr fi echo 'BEGIN {' >"$ac_tmp/subs1.awk" && _ACEOF { echo "cat >conf$$subs.awk <<_ACEOF" && echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && echo "_ACEOF" } >conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do . ./conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h s/^/S["/; s/!.*/"]=/ p g s/^[^!]*!// :repl t repl s/'"$ac_delim"'$// t delim :nl h s/\(.\{148\}\)..*/\1/ t more1 s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ p n b repl :more1 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t nl :delim h s/\(.\{148\}\)..*/\1/ t more2 s/["\\]/\\&/g; s/^/"/; s/$/"/ p b :more2 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t delim ' >$CONFIG_STATUS || ac_write_fail=1 rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" } { line = $ 0 nfields = split(line, field, "@") substed = 0 len = length(field[1]) for (i = 2; i < nfields; i++) { key = field[i] keylen = length(key) if (S_is_set[key]) { value = S[key] line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) len += length(value) + length(field[++i]) substed = 1 } else len += 1 + keylen } print line } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF # VPATH may cause trouble with some makes, so we remove sole $(srcdir), # ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ h s/// s/^/:/ s/[ ]*$/:/ s/:\$(srcdir):/:/g s/:\${srcdir}:/:/g s/:@srcdir@:/:/g s/^:*// s/:*$// x s/\(=[ ]*\).*/\1/ G s/\n// s/^[^=]*=[ ]*$// }' fi cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" # Set up the scripts for CONFIG_HEADERS section. # No need to generate them if there are no CONFIG_HEADERS. # This happens for instance with `./config.status Makefile'. if test -n "$CONFIG_HEADERS"; then cat >"$ac_tmp/defines.awk" <<\_ACAWK || BEGIN { _ACEOF # Transform confdefs.h into an awk script `defines.awk', embedded as # here-document in config.status, that substitutes the proper values into # config.h.in to produce config.h. # Create a delimiter string that does not exist in confdefs.h, to ease # handling of long lines. ac_delim='%!_!# ' for ac_last_try in false false :; do ac_tt=`sed -n "/$ac_delim/p" confdefs.h` if test -z "$ac_tt"; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done # For the awk script, D is an array of macro values keyed by name, # likewise P contains macro parameters if any. Preserve backslash # newline sequences. ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* sed -n ' s/.\{148\}/&'"$ac_delim"'/g t rset :rset s/^[ ]*#[ ]*define[ ][ ]*/ / t def d :def s/\\$// t bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3"/p s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p d :bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3\\\\\\n"\\/p t cont s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p t cont d :cont n s/.\{148\}/&'"$ac_delim"'/g t clear :clear s/\\$// t bsnlc s/["\\]/\\&/g; s/^/"/; s/$/"/p d :bsnlc s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p b cont ' >$CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 for (key in D) D_is_set[key] = 1 FS = "" } /^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { line = \$ 0 split(line, arg, " ") if (arg[1] == "#") { defundef = arg[2] mac1 = arg[3] } else { defundef = substr(arg[1], 2) mac1 = arg[2] } split(mac1, mac2, "(") #) macro = mac2[1] prefix = substr(line, 1, index(line, defundef) - 1) if (D_is_set[macro]) { # Preserve the white space surrounding the "#". print prefix "define", macro P[macro] D[macro] next } else { # Replace #undef with comments. This is necessary, for example, # in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. if (defundef == "undef") { print "/*", prefix defundef, macro, "*/" next } } } { print } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 fi # test -n "$CONFIG_HEADERS" eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" shift for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac ac_save_IFS=$IFS IFS=: set x $ac_tag IFS=$ac_save_IFS shift ac_file=$1 shift case $ac_mode in :L) ac_source=$1;; :[FH]) ac_file_inputs= for ac_f do case $ac_f in -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. test -f "$ac_f" || case $ac_f in [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 $as_echo "$as_me: creating $ac_file" >&6;} fi # Neutralize special characters interpreted by sed in replacement strings. case $configure_input in #( *\&* | *\|* | *\\* ) ac_sed_conf_input=`$as_echo "$configure_input" | sed 's/[\\\\&|]/\\\\&/g'`;; #( *) ac_sed_conf_input=$configure_input;; esac case $ac_tag in *:-:* | *:-) cat >"$ac_tmp/stdin" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac ac_dir=`$as_dirname -- "$ac_file" || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix case $ac_mode in :F) # # CONFIG_FILE # case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; esac ac_MKDIR_P=$MKDIR_P case $MKDIR_P in [\\/$]* | ?:[\\/]* ) ;; */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; esac _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= ac_sed_dataroot=' /datarootdir/ { p q } /@datadir@/p /@docdir@/p /@infodir@/p /@localedir@/p /@mandir@/p' case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 $as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_sed_extra="$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t s&@builddir@&$ac_builddir&;t t s&@abs_builddir@&$ac_abs_builddir&;t t s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t s&@MKDIR_P@&$ac_MKDIR_P&;t t $ac_datarootdir_hack " eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" case $ac_file in -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # if test x"$ac_file" != x-; then { $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" } >"$ac_tmp/config.h" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 $as_echo "$as_me: $ac_file is unchanged" >&6;} else rm -f "$ac_file" mv "$ac_tmp/config.h" "$ac_file" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ || as_fn_error $? "could not create -" "$LINENO" 5 fi # Compute "$ac_file"'s index in $config_headers. _am_arg="$ac_file" _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || $as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$_am_arg" : 'X\(//\)[^/]' \| \ X"$_am_arg" : 'X\(//\)$' \| \ X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$_am_arg" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'`/stamp-h$_am_stamp_count ;; :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 $as_echo "$as_me: executing $ac_file commands" >&6;} ;; esac case $ac_file$ac_mode in "depfiles":C) test x"$AMDEP_TRUE" != x"" || { # Autoconf 2.62 quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. case $CONFIG_FILES in *\'*) eval set x "$CONFIG_FILES" ;; *) set x $CONFIG_FILES ;; esac shift for mf do # Strip MF so we end up with the name of the file. mf=`echo "$mf" | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile or not. # We used to match only the files named `Makefile.in', but # some people rename them; so instead we look at the file content. # Grep'ing the first line is not enough: some people post-process # each Makefile.in and add a new line on top of each file to say so. # Grep'ing the whole file is not good either: AIX grep has a line # limit of 2048, but all sed's we know have understand at least 4000. if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then dirpart=`$as_dirname -- "$mf" || $as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$mf" : 'X\(//\)[^/]' \| \ X"$mf" : 'X\(//\)$' \| \ X"$mf" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$mf" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` else continue fi # Extract the definition of DEPDIR, am__include, and am__quote # from the Makefile without running `make'. DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` test -z "$DEPDIR" && continue am__include=`sed -n 's/^am__include = //p' < "$mf"` test -z "am__include" && continue am__quote=`sed -n 's/^am__quote = //p' < "$mf"` # When using ansi2knr, U may be empty or an underscore; expand it U=`sed -n 's/^U = //p' < "$mf"` # Find all dependency output files, they are included files with # $(DEPDIR) in their names. We invoke sed twice because it is the # simplest approach to changing $(DEPDIR) to its actual value in the # expansion. for file in `sed -n " s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do # Make sure the directory exists. test -f "$dirpart/$file" && continue fdir=`$as_dirname -- "$file" || $as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$file" : 'X\(//\)[^/]' \| \ X"$file" : 'X\(//\)$' \| \ X"$file" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir=$dirpart/$fdir; as_fn_mkdir_p # echo "creating $dirpart/$file" echo '# dummy' > "$dirpart/$file" done done } ;; esac done # for ac_tag as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save test $ac_write_fail = 0 || as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi pptpd-1.4.0/pptpctrl.80000644000175000017500000000734512110522672011534 00000000000000.TH PPTPCTRL 8 "28 April 2004" .SH NAME pptpctrl - PPTP control connection manager .SH SYNOPSIS .B pptpctrl .IR pptp-debug-flag .IR no-ipparam-flag .IR ppp-options-value .IR ppp-speed-value .IR ppp-local-ip-value .IR ppp-remote-ip-value .RB [ .IR pptp-call-id ] .RB [ .IR ppp-binary ] .RB [ .IR pptp-logwtmp ] .SH DESCRIPTION .B pptpctrl is usually run by .BR pptpd (8), but can also be run from .BR inetd (8) if some of the features of .BR pptpd (8), such as IP pool management, and inbuilt TCP wrappers, are not required. .SH OPTIONS .B pptpctrl options are unconventional, as they are designed for use by .BR pptpd (8) rather than users. The option order is critical. Flag options consist of a 0 or 1, and must be present. Value options consist of a 0, or a 1 followed by the value. Either the 0 or both the 1 and the value must be present. The remaining options are optional, but must be present in the defined order. The options are as follows: .TP pptp-debug-flag if set (1), enables debug messages to syslog from pptpctrl. This has no effect on the setting of the PPP debug option. .TP no-ipparam-flag if set, .B pptpctrl will not pass the client's IP address to .BR pppd (8) using the .IR ipparam option. See the .IR noipparam option in .BR pptpd.conf (5). .TP ppp-options-value file to use for PPP options. See the .IR file option in .BR pppd (8). .TP ppp-speed-value value for the .IR speed option given to .BR pppd (8). Note that on Linux, this parameter is ineffective. .TP ppp-local-ip-value if set, specifies the IP address that .BR pppd (8) is to use for the network interface on the server. If not set, .BR pppd (8) will determine it based on options; usually it will be the ethernet address of the server. .TP ppp-remote-ip-value if set, specifies the IP address that .BR pppd (8) is to use for the network interface on the client. If not set, .BR pppd (8) will determine it based on options; usually it will be the ethernet address of the client, or an address given in .IR chap-secrets. Must be set if .IR ppp-local-ip-value is set. .TP pptp-call-id if present, specifies the call identification for the PPTP session. If omitted, the call identification is zero. Normally the ID is allocated by .BR pptpd (8) and passed to pptpctrl. .TP ppp-binary if present, path to the PPP binary to use. If omitted, the default value is used. .TP pptp-logwtmp if present, specifies whether .BR wtmp (5) should be updated as users connect and disconnect. .SH FILES none. .SH AUTHORS Poptop is written by Matthew Ramsay , David Luyer , Kevin Thayer , Peter Galbavy and others. Development has been moved to SourceForge and worked on by Richard de Vroede since June 26, 2002. .SH COPYRIGHT Copyright \(co 1999 Matthew Ramsay and others. .LP Poptop is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. .LP Poptop is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. .LP You should have received a copy of the GNU General Public License along with Poptop; see the file COPYING. If not, write to the Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. .SH AVAILABILITY The most recent version of Poptop is available for download from SourceForge at .IR http://sourceforge.net/projects/poptop . .SH "SEE ALSO" .BR inetd (8), .BR inetd.conf (5), .BR pppd (8), .BR pptpd (8), .BR pptpd.conf (5), .BR tcpd (8). pptpd-1.4.0/tools/0000775000175000017500000000000012231672221011004 500000000000000pptpd-1.4.0/tools/vpnstats.pl0000755000175000017500000000772312110522672013155 00000000000000#!/usr/bin/perl -w use strict; # # vpnstats - generate list of VPN connections from PPTP+PPP log messages # copyright (C) 2002 Scott Merrill (skippy@skippy.net) # # usage: vpnstats /var/log/messages # # version 1.4 09-09-2003 # - thanks to Masaya Miyamoto (miyamo@po.ntts.co.jp) # and David Fuzishima (david_f@zipmail.com.br) for fixing the # date/time regexes to catch single-digit days (9 instead of 09). # # version 1.3 # - thanks to Andy Behrens for # fixing up the regex to catch extraneous whitespace, and # domain names that inlucde numbers and underscores. # - I modified the output to report when a user is still connected # - thanks to Wolfgang Powisch for fixing hostnames included a "-" # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # my @messages = (); my %PID_USER = (); my %PID_IP = (); my %PID_LENGTH = (); my %PID_SENT = (); my %PID_RECEIVED = (); my %PID_DATETIME = (); my %USER_TOTAL_CONNECT = (); my %USER_TOTAL_TIME = (); my %USER_TOTAL_SENT = (); my %USER_TOTAL_RECEIVED = (); my %vpnstats = (); @messages = <>; # for each line of input foreach my $x (@messages) { if ($x =~ /^(\w+\s+\d+\s\d+:\d+:\d+)\s # $1 = date+time \S+\spppd\[(\d+)\]:\s # $2 = PID MSCHAP-v2\speer\sauthentication\ssucceeded\sfor\s # I don't want the DOMAIN\\ prefix (.+\\)*(\w+)$ # $4 = username /x) { $PID_USER{$2} = $4; $PID_DATETIME{$2} = $1; $USER_TOTAL_CONNECT{$4}++; } elsif ($x =~ /^(\w+\s+\d+\s\d+:\d+:\d+)\s # $1 = date+time \S+\spppd\[(\d+)\]:\s # $2 = PID Connect\stime\s (\d*\.\d*) # $3 = minutes \sminutes\.$ /x) { $PID_LENGTH{$2} = $3; $USER_TOTAL_TIME{$PID_USER{$2}} += $3; } elsif ($x =~ /^(\w+\s+\d+\s\d+:\d+:\d+)\s # $1 = date+time \S+\spppd\[(\d+)\]:\s # $2 = PID Sent\s(\d+)\sbytes,\s # $3 = bytes sent received\s(\d+)\s # $4 = bytes received /x) { $PID_SENT{$2} = $3; $PID_RECEIVED{$2} = $4; $USER_TOTAL_SENT{$PID_USER{$2}} += $3; $USER_TOTAL_RECEIVED{$PID_USER{$2}} += $4; } elsif ($x =~ /^(\w+\s+\d+\s\d+:\d+:\d+)\s # $1 = date+time \S+\spptpd\[(\d+)\]:\s # $2 = PID CTRL:\sClient\s (\d+\.\d+\.\d+\.\d+)\s # $3 = IP control\sconnection\sfinished$ /x) { $PID_IP{($2+1)} = $3; if (!defined ($PID_USER{($2+1)})) { $PID_DATETIME{($2+1)} = $1; $PID_USER{($2+1)} = "FAILED"; $USER_TOTAL_CONNECT{"FAILED"}++; } } } foreach my $user (sort keys %USER_TOTAL_CONNECT) { if (! defined $user) { next }; if ($user ne "FAILED") { print $user, ": ", $USER_TOTAL_CONNECT{$user}, " connections, "; print $USER_TOTAL_TIME{$user}, " minutes ("; print $USER_TOTAL_SENT{$user}, " sent, "; print $USER_TOTAL_RECEIVED{$user}, " received).\n"; foreach my $pid (sort keys %PID_DATETIME) { if ($user eq $PID_USER{$pid}) { print " "; print $PID_DATETIME{$pid}, ": connected "; if ($PID_IP{$pid}) { print "from $PID_IP{$pid} "; print "for $PID_LENGTH{$pid} minutes.\n"; } else { print "\n"; } } } } } if (defined $USER_TOTAL_CONNECT{"FAILED"}) { print "\n\n"; print "FAILED CONNECTION ATTEMPTS: "; print $USER_TOTAL_CONNECT{"FAILED"}, "\n"; foreach my $pid (sort keys %PID_DATETIME) { if ($PID_USER{$pid} eq "FAILED") { print " "; print $PID_DATETIME{$pid}, ": attempt from "; print $PID_IP{$pid}, "\n"; } } } pptpd-1.4.0/tools/pptp-portslave0000755000175000017500000000033412110522672013650 00000000000000#!/bin/bash export PORTSLAVELOGNAME="AutoPPP" export PORTSLAVE_SESSION=`date +%s``printf "%X" $RANDOM` export PORTSLAVE_START_TIME=`date +%s` export PORTSLAVE_DO_ACCT="1" exec /usr/sbin/pppd $* plugin /usr/lib/libpsr.so pptpd-1.4.0/tools/vpnuser0000755000175000017500000000254712110522672012362 00000000000000#! /bin/sh # # vpnuser Add/Del user to chap-secrets for VPN # Version 1.0 beta by Richard de Vroede - Linvision BV # Ideas or worshipping to: richard@linvision.com # config="/etc/ppp/chap-secrets" ERROR="Usage:\n$0 add or\n$0 del or\n$0 show [] or\n$0 domain " # See how we were called. case "$1" in add) if [ "$(echo $2)" != "" ] & [ "$(echo $3)" != "" ]; then echo -e "$2\t*\t$3\t*" >> $config chmod 600 $config else echo -e $ERROR exit 1 fi ;; del) if [ "$(echo $2)" != "" ]; then grep -vw "$2" $config > /tmp/vpnblaat mv /tmp/vpnblaat $config chmod 600 $config else echo -e $ERROR exit 1 fi ;; show) echo -e "User\tServer\tPasswd\tIPnumber" echo "---------------------------------" if [ "$(echo $2)" != "" ]; then grep -w $2 $config else cat $config fi ;; domain) if [ "$(echo $2)" != "" ] & [ "$(echo $3)" != "" ]; then grep -vw "$2" $config > /tmp/vpnblaat DATA=`grep -w "$2" $config` mv /tmp/vpnblaat $config DOM=`echo $3 | tr a-z A-Z` dom=`echo $3 | tr A-Z a-z` echo "$DOM\\\\$DATA" >> $config echo "$dom\\\\$DATA" >> $config chmod 600 $config else echo -e $ERROR exit 1 fi ;; *) echo -e $ERROR exit 1 esac pptpd-1.4.0/tools/vpnstats0000755000175000017500000000400712110522672012533 00000000000000#!/bin/bash # # vpnstats Get commaseparated file and mail it to the admin # Version 1.0 beta by Richard de Vroede - Linvision BV # # check for conf file, else create with defaults CONF=/etc/vpnstats.conf if [ ! -f $CONF ]; then echo "LOGFILE=/var/log/messages.1" > $CONF echo "STATFILE=/var/log/vpnstats" >> $CONF echo "TEMPFILE=/tmp/tmpvpnstats" >> $CONF echo "SMTP=localhost" >> $CONF echo "FROM=" >> $CONF echo "TO=" >> $CONF fi . $CONF # check for weekly crontab, else create it CRON=/etc/cron.weekly/vpnstats.cron if [ ! -f $CRON ]; then echo "#!/bin/bash" > $CRON echo "$0" >> $CRON chmod 755 $CRON fi echo "Name,Login,Logout,Connected Minutes,Recieved Bytes,Transmitted Bytes" > $STATFILE PPPDPID=$(grep "peer authentication succeeded" $LOGFILE | cut -d [ -f2 | cut -d ] -f 1) while [ "$PPPDPID" != "" ]; do PID=$(echo $PPPDPID | awk '{print $1}') grep $PID $LOGFILE | grep pppd | grep -v pptpd > $TEMPFILE NAME=$(grep "succeeded for" $TEMPFILE | awk -F "succeeded for" '{print $2}' | cut -d " " -f 2) LOGIN=$(grep "succeeded for" $TEMPFILE | cut -d " " -f 1-3) LOGOUT=$(grep "Connect time" $TEMPFILE | cut -d " " -f 1-3) CONNECT=$(grep "Connect time" $TEMPFILE | cut -d ] -f 2 | cut -d " " -f 4) RXB=$(grep "Sent" $TEMPFILE | cut -d ] -f 2 | cut -d " " -f 3) TXB=$(grep "Sent" $TEMPFILE | cut -d ] -f 2 | cut -d " " -f 6) echo "$NAME,$LOGIN,$LOGOUT,$CONNECT,$RXB,$TXB" >> $STATFILE PPPDPID=$(echo $PPPDPID | sed "s%$PID%%") rm -f $TEMPFILE done MAILER=$(echo $(locate sendEmail) | awk '{print$1}') if [ "$MAILER" != "" ]; then if [ "$FROM" = "" ]; then FROM=root@`uname -n`; fi if [ "$TO" = "" ]; then TO=root@localhost; fi $MAILER -s $SMTP -u "VPNstats" -f $FROM -t $TO -m " " -a $STATFILE else if [ -f "/bin/mail" ]; then cat $STATFILE | /bin/mail -s "VPNstats" $TO else echo "You need /bin/mail OR" echo "the Perl program sendEmail located at http://freshmeat.net/projects/sendemail/" fi fi pptpd-1.4.0/makepackage0000755000175000017500000000164712110522672011751 00000000000000#!/bin/bash # given source tree build .tar.gz and package for distribution on this host os=$(uname) if [ -f /etc/redhat-release ]; then DISTRO="RedHat" DVER=$(cat /etc/redhat-release | cut -d " " -f5-) elif [ -f /etc/SuSE-release ]; then DISTRO="SuSE" DVER=$(cat /etc/SuSE-release | head -n1 | cut -d " " -f3) elif [ -f /etc/debian_version ]; then DISTRO="Debian" DVER=$(cat /etc/debian_version) else DISTRO=$os fi version=$(./version) if [ "$DISTRO" == "RedHat" ]; then mkdir -p /tmp/pptpd-$version cp -ar * /tmp/pptpd-$version/ cd /tmp tar -czf /usr/src/redhat/SOURCES/pptpd-$version.tar.gz pptpd-$version cd - rpmbuild -ba pptpd.spec elif [ "$DISTRO" == "Debian" ]; then DPKG_BP=`which dpkg-buildpackage 2>/dev/null` if [ -z "$DPKG_BP" ]; then echo "dpkg-buildpackage not installed. Do: apt-get install dpkg-dev" exit 1 fi $DPKG_BP -rfakeroot else echo "No packagebuilder implemented yet." fi pptpd-1.4.0/INSTALL0000644000175000017500000001745412110522672010626 00000000000000Note: logwtmp plugin source file patchlevel.h must match pppd version on system if it is used. Edit the file plugins/patchlevel.h accordingly. -- Basic Installation ================== These are generic installation instructions. The `configure' shell script attempts to guess correct values for various system-dependent variables used during compilation. It uses those values to create a `Makefile' in each directory of the package. It may also create one or more `.h' files containing system-dependent definitions. Finally, it creates a shell script `config.status' that you can run in the future to recreate the current configuration, a file `config.cache' that saves the results of its tests to speed up reconfiguring, and a file `config.log' containing compiler output (useful mainly for debugging `configure'). If you need to do unusual things to compile the package, please try to figure out how `configure' could check whether to do them, and mail diffs or instructions to the address given in the `README' so they can be considered for the next release. If at some point `config.cache' contains results you don't want to keep, you may remove or edit it. The file `configure.in' is used to create `configure' by a program called `autoconf'. You only need `configure.in' if you want to change it or regenerate `configure' using a newer version of `autoconf'. The simplest way to compile this package is: 1. `cd' to the directory containing the package's source code and type `./configure' to configure the package for your system. If you're using `csh' on an old version of System V, you might need to type `sh ./configure' instead to prevent `csh' from trying to execute `configure' itself. Running `configure' takes awhile. While running, it prints some messages telling which features it is checking for. 2. Type `make' to compile the package. 3. Optionally, type `make check' to run any self-tests that come with the package. 4. Type `make install' to install the programs and any data files and documentation. 5. You can remove the program binaries and object files from the source code directory by typing `make clean'. To also remove the files that `configure' created (so you can compile the package for a different kind of computer), type `make distclean'. There is also a `make maintainer-clean' target, but that is intended mainly for the package's developers. If you use it, you may have to get all sorts of other programs in order to regenerate files that came with the distribution. Compilers and Options ===================== Some systems require unusual options for compilation or linking that the `configure' script does not know about. You can give `configure' initial values for variables by setting them in the environment. Using a Bourne-compatible shell, you can do that on the command line like this: CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure Or on systems that have the `env' program, you can do it like this: env CPPFLAGS=-I/usr/local/include LDFLAGS=-s ./configure Compiling For Multiple Architectures ==================================== You can compile the package for more than one kind of computer at the same time, by placing the object files for each architecture in their own directory. To do this, you must use a version of `make' that supports the `VPATH' variable, such as GNU `make'. `cd' to the directory where you want the object files and executables to go and run the `configure' script. `configure' automatically checks for the source code in the directory that `configure' is in and in `..'. If you have to use a `make' that does not supports the `VPATH' variable, you have to compile the package for one architecture at a time in the source code directory. After you have installed the package for one architecture, use `make distclean' before reconfiguring for another architecture. Installation Names ================== By default, `make install' will install the package's files in `/usr/local/bin', `/usr/local/man', etc. You can specify an installation prefix other than `/usr/local' by giving `configure' the option `--prefix=PATH'. You can specify separate installation prefixes for architecture-specific files and architecture-independent files. If you give `configure' the option `--exec-prefix=PATH', the package will use PATH as the prefix for installing programs and libraries. Documentation and other data files will still use the regular prefix. In addition, if you use an unusual directory layout you can give options like `--bindir=PATH' to specify different values for particular kinds of files. Run `configure --help' for a list of the directories you can set and what kinds of files go in them. If the package supports it, you can cause programs to be installed with an extra prefix or suffix on their names by giving `configure' the option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. Optional Features ================= Some packages pay attention to `--enable-FEATURE' options to `configure', where FEATURE indicates an optional part of the package. They may also pay attention to `--with-PACKAGE' options, where PACKAGE is something like `gnu-as' or `x' (for the X Window System). The `README' should mention any `--enable-' and `--with-' options that the package recognizes. For packages that use the X Window System, `configure' can usually find the X include and library files automatically, but if it doesn't, you can use the `configure' options `--x-includes=DIR' and `--x-libraries=DIR' to specify their locations. Specifying the System Type ========================== There may be some features `configure' can not figure out automatically, but needs to determine by the type of host the package will run on. Usually `configure' can figure that out, but if it prints a message saying it can not guess the host type, give it the `--host=TYPE' option. TYPE can either be a short name for the system type, such as `sun4', or a canonical name with three fields: CPU-COMPANY-SYSTEM See the file `config.sub' for the possible values of each field. If `config.sub' isn't included in this package, then this package doesn't need to know the host type. If you are building compiler tools for cross-compiling, you can also use the `--target=TYPE' option to select the type of system they will produce code for and the `--build=TYPE' option to select the type of system on which you are compiling the package. Sharing Defaults ================ If you want to set default values for `configure' scripts to share, you can create a site shell script called `config.site' that gives default values for variables like `CC', `cache_file', and `prefix'. `configure' looks for `PREFIX/share/config.site' if it exists, then `PREFIX/etc/config.site' if it exists. Or, you can set the `CONFIG_SITE' environment variable to the location of the site script. A warning: not all `configure' scripts look for a site script. Operation Controls ================== `configure' recognizes the following options to control how it operates. `--cache-file=FILE' Use and save the results of the tests in FILE instead of `./config.cache'. Set FILE to `/dev/null' to disable caching, for debugging `configure'. `--help' Print a summary of the options to `configure', and exit. `--quiet' `--silent' `-q' Do not print messages saying which checks are being made. To suppress all normal output, redirect it to `/dev/null' (any error messages will still be shown). `--srcdir=DIR' Look for the package's source code in directory DIR. Usually `configure' can determine that directory automatically. `--version' Print the version of Autoconf used to generate the `configure' script, and exit. `configure' also accepts some other, not widely useful, options. pptpd-1.4.0/README.logwtmp0000644000175000017500000000264112110522672012135 00000000000000$Id: README.logwtmp,v 1.1 2004/04/28 11:36:07 quozl Exp $ pptpd 1.2.0 logwtmp feature, by James Cameron, 28th April 2004. The --logwtmp feature uses the standard wtmp feature to track users who have connections to the server. It works as follows. When a connection occurs, pptpd launches pppd with two additional options. The first option directs pppd to load the pptpd-logwtmp.so plugin. The second option is the IP address of the client. "plugin /usr/lib/pptpd/pptpd-logwtmp.so" "pptpd-original-ip 10.0.0.1" The plugin defines the pptpd-original-ip option so that pppd will accept it. If the plugin fails to load, pppd will fail in the usual manner. Such a failure will usually be related to a missing file in /usr/lib/pptpd. The plugin asks pppd to notify it when IP comes up or goes down. When IP comes up, the plugin's ip_up() function executes, calling logwtmp() to mark the user as logged in. Once this has happened, commands like "who" will show the user. The tty will be set to the PPP interface name. When IP goes down, the plugin's ip_down() function executes, removing the entry from wtmp. Note that a "kill -9" on the pppd will result in a user appearing to remain logged in. Don't use "kill -9", use an ordinary kill. If pppd debug mode is enabled, the plugin announces it's version when loaded, and reports the parameters it is handing over to the logwtmp call. See the plugins/pptpd-logwtmp.c source. -- pptpd-1.4.0/pptpd.conf.50000644000175000017500000001502712110522672011730 00000000000000.TH PPTPD.CONF 5 "29 December 2005" .SH NAME .B pptpd.conf - PPTP VPN daemon configuration .SH DESCRIPTION .BR pptpd (8) reads options from this file, usually .IR /etc/pptpd.conf . Most options can be overridden by the command line. The local and remote IP addresses for clients must come from the configuration file or from .BR pppd (8) configuration files. .SH OPTIONS .TP .BI "option " option-file the name of an option file to be passed to .BR pppd (8) in place of the default .IR /etc/ppp/options so that PPTP specific options can be given. Equivalent to the command line .B --option option. .TP .BI "stimeout " seconds number of seconds to wait for a PPTP packet before forking the .BR pptpctrl (8) program to handle the client. The default is 10 seconds. This is a denial of service protection feature. Equivalent to the command line .B --stimeout option. .TP .BI "logwtmp" update .BR wtmp (5) as users connect and disconnect. See .BR wtmp (1). .TP .B debug turns on debugging mode, sending debugging information to .BR syslog (3). Has no effect on .BR pppd (8) debugging. Equivalent to the command line .B --debug option. .TP .BI "bcrelay " internal-interface turns on broadcast relay mode, sending all broadcasts received on the server's internal interface to the clients. Equivalent to the command line .B --bcrelay option. .TP .BI "connections " n limits the number of client connections that may be accepted. If pptpd is allocating IP addresses (e.g. .BR delegate is not used) then the number of connections is also limited by the .BR remoteip option. The default is 100. .TP .BI "delegate" delegates the allocation of client IP addresses to .BR pppd (8). Without this option, which is the default, pptpd manages the list of IP addresses for clients and passes the next free address to pppd. With this option, pptpd does not pass an address, and so pppd may use radius or chap-secrets to allocate an address. .TP .BI "localip " ip-specification one or many IP addresses to be used at the local end of the tunnelled PPP links between the server and the client. If one address only is given, this address is used for all clients. Otherwise, one address per client must be given, and if there are no free addresses then any new clients will be refused. .B localip will be ignored if the .B delegate option is used. .TP .BI "remoteip " ip-specification a list of IP addresses to assign to remote PPTP clients. Each connected client must have a different address, so there must be at least as many addresses as you have simultaneous clients, and preferably some spare, since you cannot change this list without restarting pptpd. A warning will be sent to .BR syslog (3) when the IP address pool is exhausted. .B remoteip will be ignored if the .B delegate option is used. .TP .B noipparam by default, the original client IP address is given to ip-up scripts using the .BR pppd (8) option .B ipparam. The .B noipparam option prevents this. Equivalent to the command line .B --noipparam option. .TP .BI "listen " ip-address the local interface IP address to listen on for incoming PPTP connections (TCP port 1723). Equivalent to the command line .B --listen option. .TP .BI "vrf " vrf-name VRF to use for the TCP listening socket as well as the GRE packets. Equivalent to the command line .B --vrf option. .TP .BI "pidfile " pid-file specifies an alternate location to store the process ID file (default /var/run/pptpd.pid). Equivalent to the command line .B --pidfile option. .TP .BI "speed " speed specifies a speed (in bits per second) to pass to the PPP daemon as the interface speed for the tty/pty pair. This is ignored by some PPP daemons, such as Linux's .BR pppd (8). The default is 115200 bytes per second, which some implementations interpret as meaning "no limit". Equivalent to the command line .B --speed option. .SH NOTES An .I ip-specification above (for the .B localip and .B remoteip tags) may be a list of IP addresses (for example 192.168.0.2,192.168.0.3), a range (for example 192.168.0.1-254 or 192.168.0-255.2) or some combination (for example 192.168.0.2,192.168.0.5-8). For some valid pairs might be (depending on use of the VPN): .P .BI "localip " 192.168.0.1 .br .BI "remoteip " 192.168.0.2-254 .P or .P .BI "localip " 192.168.1.2-254 .br .BI "remoteip " 192.168.0.2-254 .SH ROUTING CHECKLIST - PROXYARP Allocate a section of your LAN addresses for use by clients. .P In .IR /etc/ppp/options.pptpd. set the .B proxyarp option. In .IR pptpd.conf do not set .B localip option, but set .B remoteip to the allocated address range. Enable kernel forwarding of packets, (e.g. using .IR /proc/sys/net/ipv4/ip_forward ). .P The server will advertise the clients to the LAN using ARP, providing it's own ethernet address. .BR bcrelay (8) should not be required. .SH ROUTING CHECKLIST - FORWARDING Allocate a subnet for the clients that is routable from your LAN, but is not part of your LAN. .P In .IR pptpd.conf set .B localip to a single address or range in the allocated subnet, set .B remoteip to a range in the allocated subnet. Enable kernel forwarding of packets, (e.g. using .IR /proc/sys/net/ipv4/ip_forward ). The LAN must have a route to the clients using the server as gateway. .P The server will forward the packets unchanged between the clients and the LAN. .BR bcrelay (8) will be required to support broadcast protocols such as NETBIOS. .SH ROUTING CHECKLIST - MASQUERADE Allocate a subnet for the clients that is not routable from your LAN, and not otherwise routable from the server (e.g. 10.0.0.0/24). .P Set .B localip to a single address in the subnet (e.g. 10.0.0.1), set .B remoteip to a range for the rest of the subnet, (e.g. 10.0.0.2-200). Enable kernel forwarding of packets, (e.g. using .IR /proc/sys/net/ipv4/ip_forward ). Enable masquerading on eth0 (e.g. .I iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE ). .P The server will translate the packets between the clients and the LAN. The clients will appear to the LAN as having the address corresponding to the server. The LAN need not have an explicit route to the clients. .BR bcrelay (8) will be required to support broadcast protocols such as NETBIOS. .SH FIREWALL RULES .BR pptpd (8) accepts control connections on TCP port 1723, and then uses GRE (protocol 47) to exchange data packets. Add these rules to your .BR iptables (8) configuration, or use them as the basis for your own rules: .P iptables --append INPUT --protocol 47 --jump ACCEPT .br .nf iptables --append INPUT --protocol tcp --match tcp \\ .br --destination-port 1723 --jump ACCEPT .fi .P .SH "SEE ALSO" .BR pppd (8), .BR pptpd (8), .BR pptpd.conf (5). pptpd-1.4.0/pptpd.init0000644000175000017500000000250412110522672011577 00000000000000#!/bin/sh # # Startup script for pptpd # # chkconfig: - 85 15 # description: PPTP server # processname: pptpd # config: /etc/pptpd.conf # Source function library. . /etc/rc.d/init.d/functions # See how we were called. case "$1" in start) echo -n "Starting pptpd: " if [ -f /var/lock/subsys/pptpd ] ; then echo exit 1 fi daemon /usr/sbin/pptpd echo touch /var/lock/subsys/pptpd ;; stop) echo -n "Shutting down pptpd: " killproc pptpd echo rm -f /var/lock/subsys/pptpd ;; status) status pptpd ;; condrestart) if [ -f /var/lock/subsys/pptpd ]; then $0 stop $0 start fi ;; reload|restart) $0 stop $0 start echo "Warning: a pptpd restart does not terminate existing " echo "connections, so new connections may be assigned the same IP " echo "address and cause unexpected results. Use restart-kill to " echo "destroy existing connections during a restart." ;; restart-kill) $0 stop ps -ef | grep pptpd | grep -v grep | grep -v rc.d | awk '{print $2}' | uniq | xargs kill 1> /dev/null 2>&1 $0 start ;; *) echo "Usage: $0 {start|stop|restart|restart-kill|status}" exit 1 esac exit 0