diff options
Diffstat (limited to 'package/network/services/ppp/patches/110-debian_defaultroute.patch')
| -rw-r--r-- | package/network/services/ppp/patches/110-debian_defaultroute.patch | 314 |
1 files changed, 0 insertions, 314 deletions
diff --git a/package/network/services/ppp/patches/110-debian_defaultroute.patch b/package/network/services/ppp/patches/110-debian_defaultroute.patch deleted file mode 100644 index 21b329e5d5..0000000000 --- a/package/network/services/ppp/patches/110-debian_defaultroute.patch +++ /dev/null @@ -1,314 +0,0 @@ -pppd: Add "replacedefaultroute" and "noreplacedefaultroute" options - -This patch implements two new options, "replacedefaultroute" to replace any -existing system default route when specified and "noreplacedefaultroute" to -disable the "replacedefaultroute" option, which is useful in multi user -environments where the administrator wants to allow users to dial pppd -connections but not allow them to change the system default route. - -The patch originated from the Debian project. - -Signed-off-by: Jo-Philipp Wich <jo@mein.io> - ---- a/pppd/ipcp.c -+++ b/pppd/ipcp.c -@@ -197,6 +197,14 @@ static option_t ipcp_option_list[] = { - "disable defaultroute option", OPT_ALIAS | OPT_A2CLR, - &ipcp_wantoptions[0].default_route }, - -+ { "replacedefaultroute", o_bool, -+ &ipcp_wantoptions[0].replace_default_route, -+ "Replace default route", 1 -+ }, -+ { "noreplacedefaultroute", o_bool, -+ &ipcp_allowoptions[0].replace_default_route, -+ "Never replace default route", OPT_A2COPY, -+ &ipcp_wantoptions[0].replace_default_route }, - { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, - "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, - { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, -@@ -270,7 +278,7 @@ struct protent ipcp_protent = { - ip_active_pkt - }; - --static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t)); -+static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool)); - static void ipcp_script __P((char *, int)); /* Run an up/down script */ - static void ipcp_script_done __P((void *)); - -@@ -1760,7 +1768,8 @@ ip_demand_conf(u) - if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) - return 0; - if (wo->default_route) -- if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr)) -+ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr, -+ wo->replace_default_route)) - default_route_set[u] = 1; - if (wo->proxy_arp) - if (sifproxyarp(u, wo->hisaddr)) -@@ -1848,7 +1857,8 @@ ipcp_up(f) - */ - if (demand) { - if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { -- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr); -+ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr, -+ wo->replace_default_route); - if (go->ouraddr != wo->ouraddr) { - warn("Local IP address changed to %I", go->ouraddr); - script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); -@@ -1873,7 +1883,8 @@ ipcp_up(f) - - /* assign a default route through the interface if required */ - if (ipcp_wantoptions[f->unit].default_route) -- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) -+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, -+ wo->replace_default_route)) - default_route_set[f->unit] = 1; - - /* Make a proxy ARP entry if requested. */ -@@ -1923,7 +1934,8 @@ ipcp_up(f) - - /* assign a default route through the interface if required */ - if (ipcp_wantoptions[f->unit].default_route) -- if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) -+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, -+ wo->replace_default_route)) - default_route_set[f->unit] = 1; - - /* Make a proxy ARP entry if requested. */ -@@ -2001,7 +2013,7 @@ ipcp_down(f) - sifnpmode(f->unit, PPP_IP, NPMODE_DROP); - sifdown(f->unit); - ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, -- ipcp_hisoptions[f->unit].hisaddr); -+ ipcp_hisoptions[f->unit].hisaddr, 0); - } - - /* Execute the ip-down script */ -@@ -2017,16 +2029,25 @@ ipcp_down(f) - * proxy arp entries, etc. - */ - static void --ipcp_clear_addrs(unit, ouraddr, hisaddr) -+ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute) - int unit; - u_int32_t ouraddr; /* local address */ - u_int32_t hisaddr; /* remote address */ -+ bool replacedefaultroute; - { - if (proxy_arp_set[unit]) { - cifproxyarp(unit, hisaddr); - proxy_arp_set[unit] = 0; - } -- if (default_route_set[unit]) { -+ /* If replacedefaultroute, sifdefaultroute will be called soon -+ * with replacedefaultroute set and that will overwrite the current -+ * default route. This is the case only when doing demand, otherwise -+ * during demand, this cifdefaultroute would restore the old default -+ * route which is not what we want in this case. In the non-demand -+ * case, we'll delete the default route and restore the old if there -+ * is one saved by an sifdefaultroute with replacedefaultroute. -+ */ -+ if (!replacedefaultroute && default_route_set[unit]) { - cifdefaultroute(unit, ouraddr, hisaddr); - default_route_set[unit] = 0; - } ---- a/pppd/ipcp.h -+++ b/pppd/ipcp.h -@@ -70,6 +70,7 @@ typedef struct ipcp_options { - bool old_addrs; /* Use old (IP-Addresses) option? */ - bool req_addr; /* Ask peer to send IP address? */ - bool default_route; /* Assign default route through interface? */ -+ bool replace_default_route; /* Replace default route through interface? */ - bool proxy_arp; /* Make proxy ARP entry for peer? */ - bool neg_vj; /* Van Jacobson Compression? */ - bool old_vj; /* use old (short) form of VJ option? */ ---- a/pppd/pppd.8 -+++ b/pppd/pppd.8 -@@ -133,6 +133,11 @@ the gateway, when IPv6CP negotiation is - This entry is removed when the PPP connection is broken. This option - is privileged if the \fInodefaultroute6\fR option has been specified. - .TP -+.B replacedefaultroute -+This option is a flag to the defaultroute option. If defaultroute is -+set and this flag is also set, pppd replaces an existing default route -+with the new default route. -+.TP - .B disconnect \fIscript - Execute the command specified by \fIscript\fR, by passing it to a - shell, after -@@ -756,7 +761,12 @@ disable both forms of hardware flow cont - .TP - .B nodefaultroute - Disable the \fIdefaultroute\fR option. The system administrator who --wishes to prevent users from creating default routes with pppd -+wishes to prevent users from adding a default route with pppd -+can do so by placing this option in the /etc/ppp/options file. -+.TP -+.B noreplacedefaultroute -+Disable the \fIreplacedefaultroute\fR option. The system administrator who -+wishes to prevent users from replacing a default route with pppd - can do so by placing this option in the /etc/ppp/options file. - .TP - .B nodefaultroute6 ---- a/pppd/pppd.h -+++ b/pppd/pppd.h -@@ -684,7 +684,7 @@ int sif6addr __P((int, eui64_t, eui64_t - int cif6addr __P((int, eui64_t, eui64_t)); - /* Remove an IPv6 address from i/f */ - #endif --int sifdefaultroute __P((int, u_int32_t, u_int32_t)); -+int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt)); - /* Create default route through i/f */ - int cifdefaultroute __P((int, u_int32_t, u_int32_t)); - /* Delete default route through i/f */ ---- a/pppd/sys-linux.c -+++ b/pppd/sys-linux.c -@@ -209,6 +209,8 @@ static int if_is_up; /* Interface has be - static int if6_is_up; /* Interface has been marked up for IPv6, to help differentiate */ - static int have_default_route; /* Gateway for default route added */ - static int have_default_route6; /* Gateway for default IPv6 route added */ -+static struct rtentry old_def_rt; /* Old default route */ -+static int default_rt_repl_rest; /* replace and restore old default rt */ - static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ - static char proxy_arp_dev[16]; /* Device for proxy arp entry */ - static u_int32_t our_old_addr; /* for detecting address changes */ -@@ -1577,6 +1579,9 @@ static int read_route_table(struct rtent - p = NULL; - } - -+ SET_SA_FAMILY (rt->rt_dst, AF_INET); -+ SET_SA_FAMILY (rt->rt_gateway, AF_INET); -+ - SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); - SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); - SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); -@@ -1649,20 +1654,52 @@ int have_route_to(u_int32_t addr) - /******************************************************************** - * - * sifdefaultroute - assign a default route through the address given. -- */ -- --int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway) --{ -- struct rtentry rt; -- -- if (defaultroute_exists(&rt, dfl_route_metric) && strcmp(rt.rt_dev, ifname) != 0) { -- if (rt.rt_flags & RTF_GATEWAY) -- error("not replacing existing default route via %I with metric %d", -- SIN_ADDR(rt.rt_gateway), dfl_route_metric); -- else -+ * -+ * If the global default_rt_repl_rest flag is set, then this function -+ * already replaced the original system defaultroute with some other -+ * route and it should just replace the current defaultroute with -+ * another one, without saving the current route. Use: demand mode, -+ * when pppd sets first a defaultroute it it's temporary ppp0 addresses -+ * and then changes the temporary addresses to the addresses for the real -+ * ppp connection when it has come up. -+ */ -+ -+int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace) -+{ -+ struct rtentry rt, tmp_rt; -+ struct rtentry *del_rt = NULL; -+ -+ if (default_rt_repl_rest) { -+ /* We have already reclaced the original defaultroute, if we -+ are called again, we will delete the current default route -+ and set the new default route in this function. -+ - this is normally only the case the doing demand: */ -+ if (defaultroute_exists(&tmp_rt, dfl_route_metric)) -+ del_rt = &tmp_rt; -+ } else if (defaultroute_exists(&old_def_rt, dfl_route_metric) && -+ strcmp(old_def_rt.rt_dev, ifname) != 0) { -+ /* We did not yet replace an existing default route, let's -+ check if we should save and replace a default route: */ -+ if (old_def_rt.rt_flags & RTF_GATEWAY) { -+ if (!replace) { -+ error("not replacing existing default route via %I with metric %d", -+ SIN_ADDR(old_def_rt.rt_gateway), dfl_route_metric); -+ return 0; -+ } else { -+ /* we need to copy rt_dev because we need it permanent too: */ -+ char *tmp_dev = malloc(strlen(old_def_rt.rt_dev) + 1); -+ strcpy(tmp_dev, old_def_rt.rt_dev); -+ old_def_rt.rt_dev = tmp_dev; -+ -+ notice("replacing old default route to %s [%I] with metric %d", -+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway), -+ dfl_route_metric); -+ default_rt_repl_rest = 1; -+ del_rt = &old_def_rt; -+ } -+ } else - error("not replacing existing default route through %s with metric %d", -- rt.rt_dev, dfl_route_metric); -- return 0; -+ old_def_rt.rt_dev, dfl_route_metric); - } - - memset (&rt, 0, sizeof (rt)); -@@ -1678,10 +1715,16 @@ int sifdefaultroute (int unit, u_int32_t - - rt.rt_flags = RTF_UP; - if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) { -- if ( ! ok_error ( errno )) -+ if (!ok_error(errno)) - error("default route ioctl(SIOCADDRT): %m"); - return 0; - } -+ if (default_rt_repl_rest && del_rt) -+ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) { -+ if (!ok_error(errno)) -+ error("del old default route ioctl(SIOCDELRT): %m"); -+ return 0; -+ } - - have_default_route = 1; - return 1; -@@ -1715,11 +1758,21 @@ int cifdefaultroute (int unit, u_int32_t - rt.rt_flags = RTF_UP; - if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) { - if (still_ppp()) { -- if ( ! ok_error ( errno )) -+ if (!ok_error(errno)) - error("default route ioctl(SIOCDELRT): %m"); - return 0; - } - } -+ if (default_rt_repl_rest) { -+ notice("restoring old default route to %s [%I]", -+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); -+ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) { -+ if (!ok_error(errno)) -+ error("restore default route ioctl(SIOCADDRT): %m"); -+ return 0; -+ } -+ default_rt_repl_rest = 0; -+ } - - return 1; - } ---- a/pppd/sys-solaris.c -+++ b/pppd/sys-solaris.c -@@ -2120,12 +2120,18 @@ cifaddr(u, o, h) - * sifdefaultroute - assign a default route through the address given. - */ - int --sifdefaultroute(u, l, g) -+sifdefaultroute(u, l, g, replace) - int u; - u_int32_t l, g; -+ bool replace; - { - struct rtentry rt; - -+ if (replace) { -+ error("replacedefaultroute not supported on this platform"); -+ return 0; -+ } -+ - #if defined(__USLC__) - g = l; /* use the local address as gateway */ - #endif |