From c0d4711ae346692e0157571d639ef81b5709dd77 Mon Sep 17 00:00:00 2001 From: reinhard Date: Fri, 24 Jan 2003 11:49:21 +0000 Subject: [PATCH] update to pptp-1.1.0; thx fgs@ for testing and tweaking --- net/pptp/Makefile | 53 ++-- net/pptp/distinfo | 6 +- net/pptp/files/patch-pptc_ctrl_c | 256 ------------------ net/pptp/files/pptp_reconnect | 14 +- net/pptp/patches/patch-Makefile | 48 ---- net/pptp/patches/patch-pptc_c | 59 ---- net/pptp/patches/patch-pptc_ctrl_c | 242 ----------------- net/pptp/patches/patch-pptc_gre_c | 62 ----- .../patches/patch-pptp-linux-1_1_0_pptp_c | 12 + .../patch-pptp-linux-1_1_0_pptp_callmgr_h | 11 + .../patches/patch-pptp-linux-1_1_0_version_c | 9 + net/pptp/patches/patch-pty_h | 29 -- net/pptp/patches/patch-util_c | 15 - net/pptp/pkg/DESCR | 2 - net/pptp/pkg/MESSAGE | 11 +- net/pptp/pkg/PLIST | 18 +- net/pptp/pkg/SECURITY | 4 +- 17 files changed, 86 insertions(+), 765 deletions(-) delete mode 100644 net/pptp/files/patch-pptc_ctrl_c delete mode 100644 net/pptp/patches/patch-Makefile delete mode 100644 net/pptp/patches/patch-pptc_c delete mode 100644 net/pptp/patches/patch-pptc_ctrl_c delete mode 100644 net/pptp/patches/patch-pptc_gre_c create mode 100644 net/pptp/patches/patch-pptp-linux-1_1_0_pptp_c create mode 100644 net/pptp/patches/patch-pptp-linux-1_1_0_pptp_callmgr_h create mode 100644 net/pptp/patches/patch-pptp-linux-1_1_0_version_c delete mode 100644 net/pptp/patches/patch-pty_h delete mode 100644 net/pptp/patches/patch-util_c diff --git a/net/pptp/Makefile b/net/pptp/Makefile index 1ba542968da..38244203247 100644 --- a/net/pptp/Makefile +++ b/net/pptp/Makefile @@ -1,44 +1,45 @@ -# $OpenBSD: Makefile,v 1.6 2002/10/28 01:38:46 naddy Exp $ +# $OpenBSD: Makefile,v 1.7 2003/01/24 11:49:21 reinhard Exp $ # $NetBSD: Makefile,v 1.1.1.1 2000/04/10 01:14:01 jtk Exp $ COMMENT= 'PPTP client package for Microsoft VPN servers' -DISTNAME= pptp-linux-1.0.2 -PKGNAME= pptp-1.0.2 +DISTNAME= pptp-linux-1.1.0-1 +PKGNAME= pptp-1.1.0 CATEGORIES= net -MASTER_SITES= http://cag.lcs.mit.edu/~cananian/Synaptics/release/ +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=pptpclient/} -HOMEPAGE= http://cag.lcs.mit.edu/~cananian/Projects/PPTP/ +HOMEPAGE= http://pptpclient.sf.net MAINTAINER= Reinhard J. Sammer -PERMIT_PACKAGE_CDROM= Yes -PERMIT_PACKAGE_FTP= Yes -PERMIT_DISTFILES_CDROM= Yes +# GPL +PERMIT_PACKAGE_CDROM= Yes +PERMIT_PACKAGE_FTP= Yes +PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -# bbaa: workaround for buggy Alcatel ADSL 1000 modems -FLAVORS+= bbaa -FLAVOR?= +WRKSRC= ${WRKDIST}/pptp-linux-1.1.0 +REGRESS_TARGET= vector_test -.if ${FLAVOR:L:Mbbaa} -# needs a slightly modified patch; backup default patch -pre-patch: - @cp -p ${PATCHDIR}/patch-pptc_ctrl_c ${PATCHDIR}/patch-pptc_ctrl_c.orig - @cp ${FILESDIR}/patch-pptc_ctrl_c ${PATCHDIR}/patch-pptc_ctrl_c -.endif +DIRS= Documentation Reference post-patch: - @cd ${WRKSRC}; sed -e s,PREFIX,${PREFIX}, \ - < ${FILESDIR}/pptp_8 > pptp.8 - @cd ${WRKSRC}; sed -e s,PREFIX,${PREFIX}, \ - < ${FILESDIR}/pptp_reconnect > pptp-reconnect + @cd ${WRKSRC}; sed -e s,PREFIX,${PREFIX}, < \ + ${FILESDIR}/pptp_8 > pptp.8 + @cd ${WRKSRC}; sed -e s,PREFIX,${PREFIX}, < \ + ${FILESDIR}/pptp_reconnect > pptp-reconnect -.if ${FLAVOR:L:Mbbaa} -# move default patch back -post-install: - @mv ${PATCHDIR}/patch-pptc_ctrl_c.orig ${PATCHDIR}/patch-pptc_ctrl_c -.endif +post-extract: + @cd ${WRKDIST} && tar xzf pptp-linux-1.1.0.tar.gz + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/pptp ${PREFIX}/sbin + ${INSTALL_SCRIPT} ${WRKSRC}/pptp-reconnect ${PREFIX}/sbin + ${INSTALL_MAN} ${WRKSRC}/pptp.8 ${PREFIX}/man/man8 + ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/pptp + ${INSTALL_DATA} ${WRKSRC}/USING ${PREFIX}/share/doc/pptp/ + @cd ${WRKSRC} && \ + tar cf - ${DIRS} | (cd ${PREFIX}/share/doc/pptp && tar -xf -) NO_REGRESS= Yes diff --git a/net/pptp/distinfo b/net/pptp/distinfo index 662307f7cac..8fc1aa93656 100644 --- a/net/pptp/distinfo +++ b/net/pptp/distinfo @@ -1,3 +1,3 @@ -MD5 (pptp-linux-1.0.2.tar.gz) = 257835dbb111673dcf80bdf927a1be87 -RMD160 (pptp-linux-1.0.2.tar.gz) = d82bb10a9ca78848bd9c44cad451aead31ee11b5 -SHA1 (pptp-linux-1.0.2.tar.gz) = fe7c7ea298483de37052d57f2641977753817fcf +MD5 (pptp-linux-1.1.0-1.tar.gz) = 03e340eb0a9118a8de94eef21560d6c9 +RMD160 (pptp-linux-1.1.0-1.tar.gz) = 995a3874b66434bdb59e43d79ce90cc2619782e4 +SHA1 (pptp-linux-1.1.0-1.tar.gz) = e5925022acd4ae0c773acd4a2c8d2904bb625901 diff --git a/net/pptp/files/patch-pptc_ctrl_c b/net/pptp/files/patch-pptc_ctrl_c deleted file mode 100644 index edc9b7a773c..00000000000 --- a/net/pptp/files/patch-pptc_ctrl_c +++ /dev/null @@ -1,256 +0,0 @@ -$OpenBSD: patch-pptc_ctrl_c,v 1.1 2001/02/04 14:57:29 reinhard Exp $ -# fix for Alcatel 1000 ADSL modem (bbaa) ---- pptp_ctrl.c.orig Wed Feb 18 23:42:14 1998 -+++ pptp_ctrl.c Sun Feb 4 15:08:25 2001 -@@ -159,6 +159,7 @@ PPTP_CONN * pptp_conn_open(int inet_sock - hton16(PPTP_MAX_CHANNELS), hton16(PPTP_FIRMWARE_VERSION), - PPTP_HOSTNAME, PPTP_VENDOR - }; -+ log("sending start ctrl conn rqst"); - if (pptp_send_ctrl_packet(conn, &packet, sizeof(packet))) - conn->conn_state = CONN_WAIT_CTL_REPLY; - else return NULL; /* could not send initial start request. */ -@@ -211,6 +212,7 @@ PPTP_CALL * pptp_call_open(PPTP_CONN * c - hton32(PPTP_BEARER_CAP), hton32(PPTP_FRAME_CAP), - hton16(PPTP_WINDOW), 0, 0, 0, {0}, {0} - }; -+ log("sending out call rqst"); - if (pptp_send_ctrl_packet(conn, &packet, sizeof(packet))) { - pptp_reset_timer(); - call->state.pns = PNS_WAIT_REPLY; -@@ -238,6 +240,7 @@ void pptp_call_close(PPTP_CONN * conn, P - * requests to be made. - */ - -+ log("sending call clear rqst"); - pptp_send_ctrl_packet(conn, &rqst, sizeof(rqst)); - pptp_reset_timer(); - call->state.pns = PNS_WAIT_DISCONNECT; -@@ -272,7 +275,7 @@ void pptp_conn_close(PPTP_CONN * conn, u - pptp_call_close(conn, vector_get_Nth(conn->call, i)); - - /* now close connection */ -- log("Closing PPTP connection"); -+ log("Closing PPTP connection (sending stop ctrl conn rqst)"); - pptp_send_ctrl_packet(conn, &rqst, sizeof(rqst)); - pptp_reset_timer(); /* wait 60 seconds for reply */ - conn->conn_state = CONN_WAIT_STOP_REPLY; -@@ -485,14 +488,27 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - hton32(PPTP_FRAME_CAP), hton32(PPTP_BEARER_CAP), - hton16(PPTP_MAX_CHANNELS), hton16(PPTP_FIRMWARE_VERSION), - PPTP_HOSTNAME, PPTP_VENDOR }; -+ log("received start conn rqst: v%d rcode %d ecode %d fcap %x bcap %x chans %d fw %x host `%.64s' vendor `%.64s'", -+ ntoh16(packet->version), -+ packet->result_code, -+ packet->error_code, -+ ntoh32(packet->framing_cap), -+ ntoh32(packet->bearer_cap), -+ ntoh16(packet->max_channels), -+ ntoh16(packet->firmware_rev), -+ packet->hostname, -+ packet->vendor -+ ); - if (conn->conn_state == CONN_IDLE) { - if (ntoh16(packet->version) < PPTP_VERSION) { - /* Can't support this (earlier) PPTP_VERSION */ - reply.version = packet->version; - reply.result_code = hton8(5); /* protocol version not supported */ -+ log("sending start ctrl conn reply (NAK)"); - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); - pptp_reset_timer(); /* give sender a chance for a retry */ - } else { /* same or greater version */ -+ log("sending start ctrl conn reply (ACK)"); - if (pptp_send_ctrl_packet(conn, &reply, sizeof(reply))) { - conn->conn_state=CONN_ESTABLISHED; - log("server connection ESTABLISHED."); -@@ -506,6 +522,17 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - { - struct pptp_start_ctrl_conn *packet = - (struct pptp_start_ctrl_conn *) buffer; -+ log("received start conn reply: v%d rcode %d ecode %d fcap %x bcap %x chans %d fw %x host `%.64s' vendor `%.64s'", -+ ntoh16(packet->version), -+ packet->result_code, -+ packet->error_code, -+ ntoh32(packet->framing_cap), -+ ntoh32(packet->bearer_cap), -+ ntoh16(packet->max_channels), -+ ntoh16(packet->firmware_rev), -+ packet->hostname, -+ packet->vendor -+ ); - if (conn->conn_state == CONN_WAIT_CTL_REPLY) { - /* XXX handle collision XXX [see rfc] */ - if (ntoh16(packet->version) != PPTP_VERSION) { -@@ -515,10 +542,14 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - } - if (ntoh8(packet->result_code)!=1) { /* some problem with start */ - /* if result_code == 5, we might fall back to different version */ -+ if ((ntoh8(packet->result_code)!=0)&&(ntoh8(packet->result_code)!=1)){ -+ /* The buggy Alcatel 1000 ADSL modem always returns 0 -+ * -+ */ - if (conn->callback!=NULL) conn->callback(conn, CONN_OPEN_FAIL); - close_reason = PPTP_STOP_PROTOCOL; - goto pptp_conn_close; -- } -+ }} - conn->conn_state = CONN_ESTABLISHED; - - /* log session properties */ -@@ -545,7 +576,14 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - PPTP_HEADER_CTRL(PPTP_STOP_CTRL_CONN_RPLY), - hton8(1), hton8(PPTP_GENERAL_ERROR_NONE), 0}; - -+ log("received stop conn rqst: reason %d err %d reserved %d", -+ packet->reason_result, -+ packet->error_code, -+ ntoh16(packet->reserved1) -+ ); -+ - if (conn->conn_state==CONN_IDLE) break; -+ log("sending stop ctrl conn reply"); - if (pptp_send_ctrl_packet(conn, &reply, sizeof(reply))) { - if (conn->callback!=NULL) conn->callback(conn, CONN_CLOSE_RQST); - conn->conn_state=CONN_IDLE; -@@ -560,6 +598,11 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - /* conn_state should be CONN_WAIT_STOP_REPLY, but it - * could be something else */ - -+ log("received stop conn reply: reason %d err %d reserved %d", -+ packet->reason_result, -+ packet->error_code, -+ ntoh16(packet->reserved1) -+ ); - if (conn->conn_state == CONN_IDLE) break; - conn->conn_state=CONN_IDLE; - pptp_conn_destroy(conn); -@@ -570,6 +613,12 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - { - struct pptp_echo_rply *packet = - (struct pptp_echo_rply *) buffer; -+ log("received echo rply: id %x result %d err %d reserved %d", -+ ntoh32(packet->identifier), -+ packet->result_code, -+ packet->error_code, -+ ntoh16(packet->reserved1) -+ ); - if ((conn->ka_state == KA_OUTSTANDING) && - (ntoh32(packet->identifier)==conn->ka_id)) { - conn->ka_id++; -@@ -586,6 +635,10 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - PPTP_HEADER_CTRL(PPTP_ECHO_RPLY), - packet->identifier, /* skip hton32(ntoh32(id)) */ - hton8(1), hton8(PPTP_GENERAL_ERROR_NONE), 0}; -+ log("received echo rqst: id %x", -+ ntoh32(packet->identifier) -+ ); -+ log("sending echo reply"); - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); - pptp_reset_timer(); - break; -@@ -600,8 +653,23 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - 0 /* callid */, packet->call_id, 1, PPTP_GENERAL_ERROR_NONE, 0, - hton32(PPTP_CONNECT_SPEED), - hton16(PPTP_WINDOW), hton16(PPTP_DELAY), 0 }; -+ log("received out call rqst: id %x csn %d minbps %d max %d bearer %x framing %x rsize %d delay %d plen %d rsv1 %d phone `%.64s' sub `%.64s'", -+ ntoh16(packet->call_id), -+ ntoh16(packet->call_sernum), -+ ntoh32(packet->bps_min), -+ ntoh32(packet->bps_max), -+ ntoh32(packet->bearer), -+ ntoh32(packet->framing), -+ ntoh16(packet->recv_size), -+ ntoh16(packet->delay), -+ ntoh16(packet->phone_len), -+ ntoh16(packet->reserved1), -+ packet->phone_num, -+ packet->subaddress -+ ); - /* XXX PAC: eventually this should make an outgoing call. XXX */ - reply.result_code = hton8(7); /* outgoing calls verboten */ -+ log("sending out call reply (NAK)"); - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); - break; - } -@@ -611,6 +679,18 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - (struct pptp_out_call_rply *)buffer; - PPTP_CALL * call; - u_int16_t callid = ntoh16(packet->call_id_peer); -+ -+ log("received out call reply: id %x peer %d result %d err %d cause %x speed %d rsize %d delay %d channel %x", -+ ntoh16(packet->call_id), -+ ntoh16(packet->call_id_peer), -+ packet->result_code, -+ packet->error_code, -+ ntoh16(packet->cause_code), -+ ntoh32(packet->speed), -+ ntoh16(packet->recv_size), -+ ntoh16(packet->delay), -+ ntoh32(packet->channel) -+ ); - if (!vector_search(conn->call, (int) callid, &call)) { - log("PPTP_OUT_CALL_RPLY received for non-existant call."); - break; -@@ -634,7 +714,9 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - call->speed = ntoh32(packet->speed); - pptp_reset_timer(); - if (call->callback!=NULL) call->callback(conn, call, CALL_OPEN_DONE); -- log("Outgoing call established.\n"); -+ log("Outgoing call established: cid %d @ %d bps.\n", -+ call->peer_call_id, -+ call->speed); - } - } - break; -@@ -650,10 +732,15 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - PPTP_HEADER_CTRL(PPTP_CALL_CLEAR_NTFY), packet->call_id, - 1, PPTP_GENERAL_ERROR_NONE, 0, 0, {0} - }; -+ log("received call clear rqst: cid %d reserved %d", -+ ntoh16(packet->call_id), -+ ntoh16(packet->reserved1) -+ ); - if (vector_contains(conn->call, ntoh16(packet->call_id))) { - PPTP_CALL * call; - vector_search(conn->call, ntoh16(packet->call_id), &call); - if (call->callback!=NULL) call->callback(conn, call, CALL_CLOSE_RQST); -+ log("sending call clear ntfy"); - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); - pptp_call_destroy(conn, call); - log("Call closed (RQST) (call id %d)", (int) call->call_id); -@@ -664,6 +751,14 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - { - struct pptp_call_clear_ntfy *packet = - (struct pptp_call_clear_ntfy *)buffer; -+ log("received call clear ntfy: cid %d result %d err %d cause %x reserved %d", -+ ntoh16(packet->call_id), -+ packet->result_code, -+ packet->error_code, -+ ntoh16(packet->cause_code), -+ ntoh16(packet->reserved1) -+ ); -+ - if (vector_contains(conn->call, ntoh16(packet->call_id))) { - PPTP_CALL * call; - vector_search(conn->call, ntoh16(packet->call_id), &call); -@@ -679,6 +774,12 @@ void pptp_dispatch_ctrl_packet(PPTP_CONN - /* this is really dealt with in the HDLC deencapsulation, anyway. */ - struct pptp_set_link_info *packet = - (struct pptp_set_link_info *)buffer; -+ log("received set link info: peer %x res %d send %x recv %x\n", -+ ntoh16(packet->call_id_peer), -+ ntoh16(packet->reserved1), -+ ntoh32(packet->send_accm), -+ ntoh32(packet->recv_accm) -+ ); - if (ntoh32(packet->send_accm)==0 && ntoh32(packet->recv_accm)==0) - break; /* this is what we expect. */ - /* log it, otherwise. */ -@@ -752,6 +853,7 @@ static void pptp_handle_timer(int sig) { - else { /* ka_state == NONE */ /* send keep-alive */ - struct pptp_echo_rqst rqst = { - PPTP_HEADER_CTRL(PPTP_ECHO_RQST), hton32(global.conn->ka_id) }; -+ log("sending echo request: %d", global.conn->ka_id); - pptp_send_ctrl_packet(global.conn, &rqst, sizeof(rqst)); - global.conn->ka_state = KA_OUTSTANDING; - /* XXX FIXME: wake up ctrl thread -- or will the SIGALRM do that diff --git a/net/pptp/files/pptp_reconnect b/net/pptp/files/pptp_reconnect index aeb9bbcb678..3800ed69b8a 100644 --- a/net/pptp/files/pptp_reconnect +++ b/net/pptp/files/pptp_reconnect @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: pptp_reconnect,v 1.3 2001/06/08 17:59:19 fgsch Exp $ +# $OpenBSD: pptp_reconnect,v 1.4 2003/01/24 11:49:21 reinhard Exp $ # # PPTP reconnect script # @@ -9,7 +9,7 @@ # # INSTALL-INSTRUCTIONS: edit following IP and uncomment the line #MODEMIP=10.0.0.138 - + PATH=/bin:/usr/bin:/sbin:/usr/sbin:PREFIX/sbin if [ "$MODEMIP" = "" ]; then @@ -18,19 +18,21 @@ if [ "$MODEMIP" = "" ]; then fi echo "Killing pppd." -kill -9 `ps -ax|grep pppd|grep -v grep|awk '{print $1}'` +kill -9 `ps -axocomm,pid | awk '/pppd/ {print $2}'` /bin/sleep 3 -echo "Killing pptp." -kill -9 `ps -ax|grep pptp|grep -v pptp-reconnect|grep -v grep|awk '{print $1}'` +echo -n "Killing pptp" +kill -9 `ps -axocomm,pid | grep -v pptp-reconnect | awk '/pptp/ {print $2}'` /bin/sleep 3 if [ -S /var/run/pptp/$MODEMIP ]; then /bin/rm -f /var/run/pptp/$MODEMIP + echo -n " (removing socket)" fi +echo "." echo "Establishing connection." echo "=========================================================" >> /var/log/ppp.log -echo "Establishing connection at `date`." >> /var/log/ppp.log +echo "Establishing connection at `date`." >> /var/log/ppp.log PREFIX/sbin/pptp $MODEMIP >> /var/log/ppp.log 2>&1 /bin/sleep 7 diff --git a/net/pptp/patches/patch-Makefile b/net/pptp/patches/patch-Makefile deleted file mode 100644 index c57afeeb66e..00000000000 --- a/net/pptp/patches/patch-Makefile +++ /dev/null @@ -1,48 +0,0 @@ ---- Makefile.orig Wed Feb 18 23:42:14 1998 -+++ Makefile Fri Mar 16 15:57:18 2001 -@@ -1,10 +1,9 @@ - VERSION = 1.0.2 --VERSION_DEFINE = '-DPPTP_LINUX_VERSION="${VERSION}"' -+VERSION_DEFINE = '-DPPTP_LINUX_VERSION="${VERSION}"' -DPROGRAM_NAME='"pptp"' - --CC = gcc -Wall --DEBUG = -g -+RM = rm - INCLUDE = --CFLAGS = -O9 $(VERSION_DEFINE) $(DEBUG) $(INCLUDE) -+CFLAGS += $(VERSION_DEFINE) $(INCLUDE) - LIBS = - LDFLAGS = - -@@ -24,7 +23,21 @@ CALLMGR_BIN = pptp_callmgr - CALLMGR_OBJS = pptp_callmgr.o pptp_ctrl.o dirutil.o util.o vector.o version.o - CALLMGR_DEPS = pptp_callmgr.h pptp_ctrl.h dirutil.h pptp_msg.h vector.h - --all: $(PPTP_BIN) $(CALLMGR_BIN) -+MANPAGE=pptp.8 -+ -+all: $(PPTP_BIN) $(CALLMGR_BIN) $(MANPAGE) -+ -+install: -+ $(INSTALL) -c $(PPTP_BIN) ${PREFIX}/sbin/${PPTP_BIN} -+ $(INSTALL) -c $(CALLMGR_BIN) ${PREFIX}/sbin/${CALLMGR_BIN} -+ $(INSTALL) -c -m 755 pptp-reconnect ${PREFIX}/sbin/ -+ $(INSTALL) -c -m 444 $(MANPAGE) ${PREFIX}/man/man8/$(MANPAGE) -+ mkdir -p ${PREFIX}/share/doc/pptp -+ $(INSTALL) -c -m 444 USING ${PREFIX}/share/doc/pptp/USING -+ $(INSTALL) -c -m 444 README ${PREFIX}/share/doc/pptp/README -+ $(INSTALL) -c -m 444 INSTALL ${PREFIX}/share/doc/pptp/INSTALL -+ $(INSTALL) -c -m 444 NEWS ${PREFIX}/share/doc/pptp/NEWS -+ tar cf - Reference Documentation |(cd ${PREFIX}/share/doc/pptp && tar xpBf -) - - $(PPTP_BIN): $(PPTP_OBJS) $(PPTP_DEPS) - $(CC) -o $(PPTP_BIN) $(PPTP_OBJS) $(LDFLAGS) $(LIBS) -@@ -36,7 +49,7 @@ vector_test: vector_test.o vector.o - $(CC) -o vector_test vector_test.o vector.o - - clean: -- $(RM) *.o *~ -+ $(RM) -f *.o *~ - - clobber: clean - $(RM) $(PPTP_BIN) $(CALLMGR_BIN) vector_test diff --git a/net/pptp/patches/patch-pptc_c b/net/pptp/patches/patch-pptc_c deleted file mode 100644 index f0837ea92f4..00000000000 --- a/net/pptp/patches/patch-pptc_c +++ /dev/null @@ -1,59 +0,0 @@ -$OpenBSD: patch-pptc_c,v 1.1.1.1 2000/12/21 14:04:09 reinhard Exp $ -$NetBSD: patch-ab,v 1.1.1.1 2000/04/10 01:14:02 jtk Exp $ - -Index: pptp.c ---- pptp.c.orig 1998/09/02 14:40:54 -+++ pptp.c 1999/02/12 14:23:28 -@@ -71,6 +71,8 @@ - /* Step 1: Get IP address for the hostname in argv[1] */ - inetaddr = get_ip_address(argv[1]); - -+ log("using remote IP address %s\n", inet_ntoa(inetaddr)); -+ - /* Step 2: Open connection to call manager - * (Launch call manager if necessary.) - */ -@@ -127,8 +129,8 @@ - } - - /* Step 6: Do GRE copy until close. */ -- pptp_gre_copy(call_id, peer_call_id, pty_fd, inetaddr); -- -+ pptp_gre_copy(peer_call_id, call_id, pty_fd, inetaddr); -+ - shutdown: - /* on close, kill all. */ - kill(parent_pid, SIGTERM); -@@ -140,13 +142,14 @@ - struct in_addr get_ip_address(char *name) { - struct in_addr retval; - struct hostent *host = gethostbyname(name); -- if (host==NULL) -+ if (host==NULL) { - if (h_errno == HOST_NOT_FOUND) - fatal("gethostbyname: HOST NOT FOUND"); - else if (h_errno == NO_ADDRESS) - fatal("gethostbyname: NO IP ADDRESS"); - else - fatal("gethostbyname: name server error"); -+ } - - if (host->h_addrtype != AF_INET) - fatal("Host has non-internet address"); -@@ -239,9 +242,14 @@ - new_argv[0] = PPPD_BINARY; - new_argv[1] = ttydev; - new_argv[2] = "38400"; -- for (i=0; iconn_state = CONN_WAIT_CTL_REPLY; - else return NULL; /* could not send initial start request. */ -@@ -211,6 +212,7 @@ - hton32(PPTP_BEARER_CAP), hton32(PPTP_FRAME_CAP), - hton16(PPTP_WINDOW), 0, 0, 0, {0}, {0} - }; -+ log("sending out call rqst"); - if (pptp_send_ctrl_packet(conn, &packet, sizeof(packet))) { - pptp_reset_timer(); - call->state.pns = PNS_WAIT_REPLY; -@@ -238,6 +240,7 @@ - * requests to be made. - */ - -+ log("sending call clear rqst"); - pptp_send_ctrl_packet(conn, &rqst, sizeof(rqst)); - pptp_reset_timer(); - call->state.pns = PNS_WAIT_DISCONNECT; -@@ -272,7 +275,7 @@ - pptp_call_close(conn, vector_get_Nth(conn->call, i)); - - /* now close connection */ -- log("Closing PPTP connection"); -+ log("Closing PPTP connection (sending stop ctrl conn rqst)"); - pptp_send_ctrl_packet(conn, &rqst, sizeof(rqst)); - pptp_reset_timer(); /* wait 60 seconds for reply */ - conn->conn_state = CONN_WAIT_STOP_REPLY; -@@ -485,14 +488,27 @@ - hton32(PPTP_FRAME_CAP), hton32(PPTP_BEARER_CAP), - hton16(PPTP_MAX_CHANNELS), hton16(PPTP_FIRMWARE_VERSION), - PPTP_HOSTNAME, PPTP_VENDOR }; -+ log("received start conn rqst: v%d rcode %d ecode %d fcap %x bcap %x chans %d fw %x host `%.64s' vendor `%.64s'", -+ ntoh16(packet->version), -+ packet->result_code, -+ packet->error_code, -+ ntoh32(packet->framing_cap), -+ ntoh32(packet->bearer_cap), -+ ntoh16(packet->max_channels), -+ ntoh16(packet->firmware_rev), -+ packet->hostname, -+ packet->vendor -+ ); - if (conn->conn_state == CONN_IDLE) { - if (ntoh16(packet->version) < PPTP_VERSION) { - /* Can't support this (earlier) PPTP_VERSION */ - reply.version = packet->version; - reply.result_code = hton8(5); /* protocol version not supported */ -+ log("sending start ctrl conn reply (NAK)"); - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); - pptp_reset_timer(); /* give sender a chance for a retry */ - } else { /* same or greater version */ -+ log("sending start ctrl conn reply (ACK)"); - if (pptp_send_ctrl_packet(conn, &reply, sizeof(reply))) { - conn->conn_state=CONN_ESTABLISHED; - log("server connection ESTABLISHED."); -@@ -506,6 +522,17 @@ - { - struct pptp_start_ctrl_conn *packet = - (struct pptp_start_ctrl_conn *) buffer; -+ log("received start conn reply: v%d rcode %d ecode %d fcap %x bcap %x chans %d fw %x host `%.64s' vendor `%.64s'", -+ ntoh16(packet->version), -+ packet->result_code, -+ packet->error_code, -+ ntoh32(packet->framing_cap), -+ ntoh32(packet->bearer_cap), -+ ntoh16(packet->max_channels), -+ ntoh16(packet->firmware_rev), -+ packet->hostname, -+ packet->vendor -+ ); - if (conn->conn_state == CONN_WAIT_CTL_REPLY) { - /* XXX handle collision XXX [see rfc] */ - if (ntoh16(packet->version) != PPTP_VERSION) { -@@ -545,7 +572,14 @@ - PPTP_HEADER_CTRL(PPTP_STOP_CTRL_CONN_RPLY), - hton8(1), hton8(PPTP_GENERAL_ERROR_NONE), 0}; - -+ log("received stop conn rqst: reason %d err %d reserved %d", -+ packet->reason_result, -+ packet->error_code, -+ ntoh16(packet->reserved1) -+ ); -+ - if (conn->conn_state==CONN_IDLE) break; -+ log("sending stop ctrl conn reply"); - if (pptp_send_ctrl_packet(conn, &reply, sizeof(reply))) { - if (conn->callback!=NULL) conn->callback(conn, CONN_CLOSE_RQST); - conn->conn_state=CONN_IDLE; -@@ -560,6 +594,11 @@ - /* conn_state should be CONN_WAIT_STOP_REPLY, but it - * could be something else */ - -+ log("received stop conn reply: reason %d err %d reserved %d", -+ packet->reason_result, -+ packet->error_code, -+ ntoh16(packet->reserved1) -+ ); - if (conn->conn_state == CONN_IDLE) break; - conn->conn_state=CONN_IDLE; - pptp_conn_destroy(conn); -@@ -570,6 +609,12 @@ - { - struct pptp_echo_rply *packet = - (struct pptp_echo_rply *) buffer; -+ log("received echo rply: id %x result %d err %d reserved %d", -+ ntoh32(packet->identifier), -+ packet->result_code, -+ packet->error_code, -+ ntoh16(packet->reserved1) -+ ); - if ((conn->ka_state == KA_OUTSTANDING) && - (ntoh32(packet->identifier)==conn->ka_id)) { - conn->ka_id++; -@@ -586,6 +631,10 @@ - PPTP_HEADER_CTRL(PPTP_ECHO_RPLY), - packet->identifier, /* skip hton32(ntoh32(id)) */ - hton8(1), hton8(PPTP_GENERAL_ERROR_NONE), 0}; -+ log("received echo rqst: id %x", -+ ntoh32(packet->identifier) -+ ); -+ log("sending echo reply"); - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); - pptp_reset_timer(); - break; -@@ -600,8 +649,23 @@ - 0 /* callid */, packet->call_id, 1, PPTP_GENERAL_ERROR_NONE, 0, - hton32(PPTP_CONNECT_SPEED), - hton16(PPTP_WINDOW), hton16(PPTP_DELAY), 0 }; -+ log("received out call rqst: id %x csn %d minbps %d max %d bearer %x framing %x rsize %d delay %d plen %d rsv1 %d phone `%.64s' sub `%.64s'", -+ ntoh16(packet->call_id), -+ ntoh16(packet->call_sernum), -+ ntoh32(packet->bps_min), -+ ntoh32(packet->bps_max), -+ ntoh32(packet->bearer), -+ ntoh32(packet->framing), -+ ntoh16(packet->recv_size), -+ ntoh16(packet->delay), -+ ntoh16(packet->phone_len), -+ ntoh16(packet->reserved1), -+ packet->phone_num, -+ packet->subaddress -+ ); - /* XXX PAC: eventually this should make an outgoing call. XXX */ - reply.result_code = hton8(7); /* outgoing calls verboten */ -+ log("sending out call reply (NAK)"); - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); - break; - } -@@ -611,6 +675,18 @@ - (struct pptp_out_call_rply *)buffer; - PPTP_CALL * call; - u_int16_t callid = ntoh16(packet->call_id_peer); -+ -+ log("received out call reply: id %x peer %d result %d err %d cause %x speed %d rsize %d delay %d channel %x", -+ ntoh16(packet->call_id), -+ ntoh16(packet->call_id_peer), -+ packet->result_code, -+ packet->error_code, -+ ntoh16(packet->cause_code), -+ ntoh32(packet->speed), -+ ntoh16(packet->recv_size), -+ ntoh16(packet->delay), -+ ntoh32(packet->channel) -+ ); - if (!vector_search(conn->call, (int) callid, &call)) { - log("PPTP_OUT_CALL_RPLY received for non-existant call."); - break; -@@ -634,7 +710,9 @@ - call->speed = ntoh32(packet->speed); - pptp_reset_timer(); - if (call->callback!=NULL) call->callback(conn, call, CALL_OPEN_DONE); -- log("Outgoing call established.\n"); -+ log("Outgoing call established: cid %d @ %d bps.\n", -+ call->peer_call_id, -+ call->speed); - } - } - break; -@@ -650,10 +728,15 @@ - PPTP_HEADER_CTRL(PPTP_CALL_CLEAR_NTFY), packet->call_id, - 1, PPTP_GENERAL_ERROR_NONE, 0, 0, {0} - }; -+ log("received call clear rqst: cid %d reserved %d", -+ ntoh16(packet->call_id), -+ ntoh16(packet->reserved1) -+ ); - if (vector_contains(conn->call, ntoh16(packet->call_id))) { - PPTP_CALL * call; - vector_search(conn->call, ntoh16(packet->call_id), &call); - if (call->callback!=NULL) call->callback(conn, call, CALL_CLOSE_RQST); -+ log("sending call clear ntfy"); - pptp_send_ctrl_packet(conn, &reply, sizeof(reply)); - pptp_call_destroy(conn, call); - log("Call closed (RQST) (call id %d)", (int) call->call_id); -@@ -664,6 +747,14 @@ - { - struct pptp_call_clear_ntfy *packet = - (struct pptp_call_clear_ntfy *)buffer; -+ log("received call clear ntfy: cid %d result %d err %d cause %x reserved %d", -+ ntoh16(packet->call_id), -+ packet->result_code, -+ packet->error_code, -+ ntoh16(packet->cause_code), -+ ntoh16(packet->reserved1) -+ ); -+ - if (vector_contains(conn->call, ntoh16(packet->call_id))) { - PPTP_CALL * call; - vector_search(conn->call, ntoh16(packet->call_id), &call); -@@ -679,6 +770,12 @@ - /* this is really dealt with in the HDLC deencapsulation, anyway. */ - struct pptp_set_link_info *packet = - (struct pptp_set_link_info *)buffer; -+ log("received set link info: peer %x res %d send %x recv %x\n", -+ ntoh16(packet->call_id_peer), -+ ntoh16(packet->reserved1), -+ ntoh32(packet->send_accm), -+ ntoh32(packet->recv_accm) -+ ); - if (ntoh32(packet->send_accm)==0 && ntoh32(packet->recv_accm)==0) - break; /* this is what we expect. */ - /* log it, otherwise. */ -@@ -752,6 +849,7 @@ - else { /* ka_state == NONE */ /* send keep-alive */ - struct pptp_echo_rqst rqst = { - PPTP_HEADER_CTRL(PPTP_ECHO_RQST), hton32(global.conn->ka_id) }; -+ log("sending echo request: %d", global.conn->ka_id); - pptp_send_ctrl_packet(global.conn, &rqst, sizeof(rqst)); - global.conn->ka_state = KA_OUTSTANDING; - /* XXX FIXME: wake up ctrl thread -- or will the SIGALRM do that diff --git a/net/pptp/patches/patch-pptc_gre_c b/net/pptp/patches/patch-pptc_gre_c deleted file mode 100644 index 48ac95a84ee..00000000000 --- a/net/pptp/patches/patch-pptc_gre_c +++ /dev/null @@ -1,62 +0,0 @@ -$OpenBSD: patch-pptc_gre_c,v 1.1.1.1 2000/12/21 14:04:09 reinhard Exp $ -$NetBSD: patch-ad,v 1.2 2000/04/10 01:24:39 jtk Exp $ - -Index: pptp_gre.c ---- pptp_gre.c.orig Wed Feb 18 17:42:14 1998 -+++ pptp_gre.c Sun Apr 9 21:21:00 2000 -@@ -6,8 +6,8 @@ - */ - -+#include - #include - #include - #include --#include - #include - #include -@@ -35,10 +35,10 @@ - #if 1 - #include --void print_packet(int fd, void *pack, unsigned len) { -+void print_packet(int fd, void *pack, unsigned len, const char *msg) { - unsigned char *b = (unsigned char *)pack; - unsigned i,j; - FILE *out = fdopen(fd, "w"); - -- fprintf(out,"-- begin packet (%u) --\n", len); -+ fprintf(out,"-- begin %s packet (%u) --\n", msg, len); - for (i=0; i=end) { - if ((status=read(fd,buffer,sizeof(buffer)))<0) return status; -+ if (status == 0) -+ return -1; /* FD is closed */ - end = status; start = 0; - } -@@ -199,4 +201,5 @@ - header = (struct pptp_gre_header *)(buffer+ip_len); - -+/* print_packet(2, buffer, status, "in");*/ - /* verify packet (else discard) */ - if (((ntoh8(header->ver)&0x7F)!=PPTP_GRE_VER) || /* version should be 1 */ -@@ -259,5 +262,5 @@ - - /* special case ACK with no payload */ -- if (pack==NULL) -+ if (pack==NULL) { - if (ack_sent != seq_recv) { - u.header.ver |= hton8(PPTP_GRE_FLAG_A); -@@ -267,4 +270,5 @@ - return write(fd, &u.header, sizeof(u.header)-sizeof(u.header.seq)); - } else return 0; /* we don't need to send ACK */ -+ } - /* send packet with payload */ - u.header.flags |= hton8(PPTP_GRE_FLAG_S); -@@ -284,5 +288,5 @@ - seq_sent = seq; seq++; - /* write this baby out to the net */ -- /* print_packet(2, u.buffer, header_len+len); */ -+/* print_packet(2, u.buffer, header_len+len, "out");*/ - return write(fd, u.buffer, header_len+len); - } diff --git a/net/pptp/patches/patch-pptp-linux-1_1_0_pptp_c b/net/pptp/patches/patch-pptp-linux-1_1_0_pptp_c new file mode 100644 index 00000000000..5ef6d243fc4 --- /dev/null +++ b/net/pptp/patches/patch-pptp-linux-1_1_0_pptp_c @@ -0,0 +1,12 @@ +$OpenBSD: patch-pptp-linux-1_1_0_pptp_c,v 1.1 2003/01/24 11:49:21 reinhard Exp $ +--- pptp-linux-1.1.0/pptp.c.orig Mon Mar 11 02:51:41 2002 ++++ pptp-linux-1.1.0/pptp.c Tue Aug 6 13:43:11 2002 +@@ -9,7 +9,7 @@ + #include + #if defined(__FreeBSD__) + #include +-#elif defined(__NetBSD__) ++#elif defined(__NetBSD__) || defined(__OpenBSD__) + #include + #else + #include diff --git a/net/pptp/patches/patch-pptp-linux-1_1_0_pptp_callmgr_h b/net/pptp/patches/patch-pptp-linux-1_1_0_pptp_callmgr_h new file mode 100644 index 00000000000..3e11f10120b --- /dev/null +++ b/net/pptp/patches/patch-pptp-linux-1_1_0_pptp_callmgr_h @@ -0,0 +1,11 @@ +$OpenBSD: patch-pptp-linux-1_1_0_pptp_callmgr_h,v 1.1 2003/01/24 11:49:21 reinhard Exp $ +--- pptp-linux-1.1.0/pptp_callmgr.h.orig Sat Dec 23 09:19:51 2000 ++++ pptp-linux-1.1.0/pptp_callmgr.h Tue Aug 6 13:37:44 2002 +@@ -6,4 +6,7 @@ + */ + + #define PPTP_SOCKET_PREFIX "/var/run/pptp/" ++ ++#ifndef PPTP_CALLMGR_BINARY + #define PPTP_CALLMGR_BINARY "./pptp_callmgr" ++#endif diff --git a/net/pptp/patches/patch-pptp-linux-1_1_0_version_c b/net/pptp/patches/patch-pptp-linux-1_1_0_version_c new file mode 100644 index 00000000000..09c213593d2 --- /dev/null +++ b/net/pptp/patches/patch-pptp-linux-1_1_0_version_c @@ -0,0 +1,9 @@ +$OpenBSD: patch-pptp-linux-1_1_0_version_c,v 1.1 2003/01/24 11:49:21 reinhard Exp $ +--- pptp-linux-1.1.0/version.c.orig Mon Mar 11 02:50:47 2002 ++++ pptp-linux-1.1.0/version.c Tue Aug 6 17:46:37 2002 +@@ -5,4 +5,4 @@ + */ + + #include "config.h" +-const char * version = "pptp-linux version " PPTP_LINUX_VERSION; ++const char * version = "pptp-client version " PPTP_LINUX_VERSION; diff --git a/net/pptp/patches/patch-pty_h b/net/pptp/patches/patch-pty_h deleted file mode 100644 index c0179285909..00000000000 --- a/net/pptp/patches/patch-pty_h +++ /dev/null @@ -1,29 +0,0 @@ -$OpenBSD: patch-pty_h,v 1.1.1.1 2000/12/21 14:04:09 reinhard Exp $ -$NetBSD: patch-ae,v 1.1.1.1 2000/04/10 01:14:02 jtk Exp $ - -Index: pty.h ---- pty.h.orig 1998/09/02 14:40:55 -+++ pty.h 1998/09/03 13:33:54 -@@ -19,6 +19,22 @@ - #define PTYCHAR2 "0123456789abcdef" - #endif - -+#ifdef __OpenBSD__ -+#define PTYDEV "/dev/ptyxx" -+#define TTYDEV "/dev/ttyxx" -+ -+#define PTYMAX (strlen(PTYDEV)+1) -+#define TTYMAX (strlen(TTYDEV)+1) -+ -+#ifdef __i386__ -+/* PCVT conflicts with ttyv*. */ -+#define PTYCHAR1 "pqrstuwxyzPQRST" -+#else -+#define PTYCHAR1 "pqrstuvwxyzPQRST" -+#endif -+#define PTYCHAR2 "0123456789abcdef" -+#endif -+ - /* Get pty/tty pair, put filename in ttydev, ptydev (which must be - * at least PTYMAX characters long), and return file descriptor of - * open pty. diff --git a/net/pptp/patches/patch-util_c b/net/pptp/patches/patch-util_c deleted file mode 100644 index 9b7f0729e96..00000000000 --- a/net/pptp/patches/patch-util_c +++ /dev/null @@ -1,15 +0,0 @@ -$OpenBSD: patch-util_c,v 1.1.1.1 2000/12/21 14:04:09 reinhard Exp $ -$NetBSD: patch-af,v 1.1.1.1 2000/04/10 01:14:02 jtk Exp $ - -Index: util.c ---- util.c.orig 1998/09/02 14:40:55 -+++ util.c 2000/04/09 23:24:53 -@@ -18,7 +18,7 @@ - static void close_log(void) __attribute__ ((destructor)); - - static void open_log(void) { -- openlog(PROGRAM_NAME, LOG_PERROR | LOG_PID, LOG_DAEMON); -+ openlog(PROGRAM_NAME, /* LOG_PERROR | (too noisy!) */ LOG_PID, LOG_DAEMON); - } - static void close_log(void) { - closelog(); diff --git a/net/pptp/pkg/DESCR b/net/pptp/pkg/DESCR index bb78bff9573..ae378e59ade 100644 --- a/net/pptp/pkg/DESCR +++ b/net/pptp/pkg/DESCR @@ -9,6 +9,4 @@ ${PREFIX}/share/doc/pptp/USING; design notes are in the Documentation directory; and the standards documents used to implement pptp-linux can be found in the Reference directory. -bbaa FLAVOR: fix for buggy Alcatel 1000 ADSL modem (model type BBAA) - WWW: ${HOMEPAGE} diff --git a/net/pptp/pkg/MESSAGE b/net/pptp/pkg/MESSAGE index 86d0bd6c499..c633102e7f9 100644 --- a/net/pptp/pkg/MESSAGE +++ b/net/pptp/pkg/MESSAGE @@ -1,20 +1,21 @@ Documentation has been installed in ${PREFIX}/share/doc/pptp/. -A reconnect-script has been installed as ${PREFIX}/sbin/pptp-reconnect, +A reconnect-script has been installed as ${PREFIX}/sbin/pptp-reconnect, edit it to reflect your environment. -Next, setup /etc/ppp/{options,pap-secrets} with information provided -by your ISP. +Next, setup /etc/ppp/{options,chap-secrets,pap-secrets} with +information provided by your ISP. -If you get "LCP timeout sending config request" messages, build a +If you get "LCP timeout sending config request" messages, build a kernel without "GRE encapsulation interface" support. (NB: look in /usr/src/sys/conf/GENERIC for "pseudo-device gre 1".) + +See http://www.counterpane.com/pptp-faq.html for a list of security flaws. ========================================================================== ATTENTION: Alcatel ADSL modems contain default logins with easily computed passwords. See http://security.sdsc.edu/self-help/alcatel/ for more information. ========================================================================== - You may want to use TCP/IP packet filter rules to prevent unauthorized access to your modem (from internal net or spoofed/bounced TCP/IP packets). diff --git a/net/pptp/pkg/PLIST b/net/pptp/pkg/PLIST index 8cbc5a78344..9868e6d83a2 100644 --- a/net/pptp/pkg/PLIST +++ b/net/pptp/pkg/PLIST @@ -1,11 +1,10 @@ -@comment $OpenBSD: PLIST,v 1.1.1.1 2000/12/21 14:02:52 reinhard Exp $ +@comment $OpenBSD: PLIST,v 1.2 2003/01/24 11:49:21 reinhard Exp $ +man/man8/pptp.8 sbin/pptp -sbin/pptp_callmgr sbin/pptp-reconnect -share/doc/pptp/USING -share/doc/pptp/INSTALL -share/doc/pptp/README -share/doc/pptp/NEWS +share/doc/pptp/Documentation/DESIGN.CALLMGR +share/doc/pptp/Documentation/DESIGN.PPTP +share/doc/pptp/Documentation/PORTING share/doc/pptp/Reference/README share/doc/pptp/Reference/ms-chap.txt share/doc/pptp/Reference/pptp-draft.txt @@ -16,10 +15,7 @@ share/doc/pptp/Reference/rfc1702.txt share/doc/pptp/Reference/rfc1990.txt share/doc/pptp/Reference/rfc791.txt share/doc/pptp/Reference/rfc793.txt -share/doc/pptp/Documentation/DESIGN.CALLMGR -share/doc/pptp/Documentation/DESIGN.PPTP -share/doc/pptp/Documentation/PORTING -man/man8/pptp.8 -@dirrm share/doc/pptp/Documentation +share/doc/pptp/USING @dirrm share/doc/pptp/Reference +@dirrm share/doc/pptp/Documentation @dirrm share/doc/pptp diff --git a/net/pptp/pkg/SECURITY b/net/pptp/pkg/SECURITY index 0e9580b2c9b..f3ecdda468a 100644 --- a/net/pptp/pkg/SECURITY +++ b/net/pptp/pkg/SECURITY @@ -1,8 +1,10 @@ +See http://www.counterpane.com/pptp.html for a list of security flaws. + ========================================================================== ATTENTION: Alcatel ADSL modems contain default logins with easily computed passwords. See http://security.sdsc.edu/self-help/alcatel/ for more information. ========================================================================== -You may want to use TCP/IP packet filter rules to prevent unauthorized +You may want to use TCP/IP packet filter rules to prevent unauthorized access to your modem (from internal net or spoofed/bounced TCP/IP packets).