From 2d2a8a6fdc85ff3851b6e925427bf37f6b2e7cf0 Mon Sep 17 00:00:00 2001 From: tigro Date: Mon, 30 Dec 2024 23:02:14 +0300 Subject: [PATCH] import xl2tpd-1.3.17-6.el10 --- .gitignore | 20 +- .xl2tpd.metadata | 1 + SOURCES/tmpfiles-xl2tpd.conf | 1 + .../xl2tpd-1.3.14-conf.patch | 0 .../xl2tpd-1.3.14-kernelmode.patch | 0 .../xl2tpd-1.3.14-md5-fips.patch | 0 SOURCES/xl2tpd.service | 16 + xl2tpd.spec => SPECS/xl2tpd.spec | 30 +- sources | 1 - xl2tpd-1.3.6-conf.patch | 40 -- xl2tpd-1.3.6-md5-fips.patch | 466 ----------------- xl2tpd-1.3.6-saref.patch | 36 -- xl2tpd-1.3.8-kernelmode.patch | 26 - xl2tpd-1.3.8-md5-fips.patch | 467 ------------------ xl2tpd-1.3.8-saref.patch | 59 --- 15 files changed, 43 insertions(+), 1120 deletions(-) create mode 100644 .xl2tpd.metadata create mode 100644 SOURCES/tmpfiles-xl2tpd.conf rename xl2tpd-1.3.14-conf.patch => SOURCES/xl2tpd-1.3.14-conf.patch (100%) rename xl2tpd-1.3.14-kernelmode.patch => SOURCES/xl2tpd-1.3.14-kernelmode.patch (100%) rename xl2tpd-1.3.14-md5-fips.patch => SOURCES/xl2tpd-1.3.14-md5-fips.patch (100%) create mode 100644 SOURCES/xl2tpd.service rename xl2tpd.spec => SPECS/xl2tpd.spec (95%) delete mode 100644 sources delete mode 100644 xl2tpd-1.3.6-conf.patch delete mode 100644 xl2tpd-1.3.6-md5-fips.patch delete mode 100644 xl2tpd-1.3.6-saref.patch delete mode 100644 xl2tpd-1.3.8-kernelmode.patch delete mode 100644 xl2tpd-1.3.8-md5-fips.patch delete mode 100644 xl2tpd-1.3.8-saref.patch diff --git a/.gitignore b/.gitignore index 0607a7b..f99f03d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,19 +1 @@ -xl2tpd-1.1.06.tar.gz -xl2tpd-1.1.07.tar.gz -xl2tpd-1.1.08.tar.gz -xl2tpd-1.1.09.tar.gz -xl2tpd-1.1.11.tar.gz -xl2tpd-1.1.12.tar.gz -xl2tpd-1.2.0.tar.gz -xl2tpd-1.2.4.tar.gz -xl2tpd-1.2.5.tar.gz -xl2tpd-1.2.7.tar.gz -xl2tpd-1.2.8.tar.gz -xl2tpd-1.3.0.tar.gz -xl2tpd-1.3.1.tar.gz -/xl2tpd-5619e1771048e74b729804e8602f409af0f3faea.tar.gz -/xl2tpd-1.3.8.tar.gz -/xl2tpd-1.3.14.tar.gz -/xl2tpd-1.3.15.tar.gz -/xl2tpd-1.3.16.tar.gz -/xl2tpd-1.3.17.tar.gz +SOURCES/xl2tpd-1.3.17.tar.gz diff --git a/.xl2tpd.metadata b/.xl2tpd.metadata new file mode 100644 index 0000000..912f16d --- /dev/null +++ b/.xl2tpd.metadata @@ -0,0 +1 @@ +94678d691e6e461ee32fd30d5898171d727e1a01 SOURCES/xl2tpd-1.3.17.tar.gz diff --git a/SOURCES/tmpfiles-xl2tpd.conf b/SOURCES/tmpfiles-xl2tpd.conf new file mode 100644 index 0000000..ee868fb --- /dev/null +++ b/SOURCES/tmpfiles-xl2tpd.conf @@ -0,0 +1 @@ +D /run/xl2tpd 0755 root root - diff --git a/xl2tpd-1.3.14-conf.patch b/SOURCES/xl2tpd-1.3.14-conf.patch similarity index 100% rename from xl2tpd-1.3.14-conf.patch rename to SOURCES/xl2tpd-1.3.14-conf.patch diff --git a/xl2tpd-1.3.14-kernelmode.patch b/SOURCES/xl2tpd-1.3.14-kernelmode.patch similarity index 100% rename from xl2tpd-1.3.14-kernelmode.patch rename to SOURCES/xl2tpd-1.3.14-kernelmode.patch diff --git a/xl2tpd-1.3.14-md5-fips.patch b/SOURCES/xl2tpd-1.3.14-md5-fips.patch similarity index 100% rename from xl2tpd-1.3.14-md5-fips.patch rename to SOURCES/xl2tpd-1.3.14-md5-fips.patch diff --git a/SOURCES/xl2tpd.service b/SOURCES/xl2tpd.service new file mode 100644 index 0000000..145dc0e --- /dev/null +++ b/SOURCES/xl2tpd.service @@ -0,0 +1,16 @@ +[Unit] +Description=Level 2 Tunnel Protocol Daemon (L2TP) +After=network.target +After=ipsec.service +# Some ISPs in Russia use l2tp without IPsec, so don't insist anymore +#Wants=ipsec.service + +[Service] +Type=simple +PIDFile=/run/xl2tpd/xl2tpd.pid +ExecStartPre=/sbin/modprobe -q l2tp_ppp +ExecStart=/usr/sbin/xl2tpd -D +Restart=on-abort + +[Install] +WantedBy=multi-user.target diff --git a/xl2tpd.spec b/SPECS/xl2tpd.spec similarity index 95% rename from xl2tpd.spec rename to SPECS/xl2tpd.spec index 6365c20..5e591d0 100644 --- a/xl2tpd.spec +++ b/SPECS/xl2tpd.spec @@ -3,8 +3,8 @@ Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661) Name: xl2tpd Version: 1.3.17 -Release: 1%{?dist} -License: GPL+ +Release: 6%{?dist} +License: GPL-1.0-or-later Url: https://github.com/xelerance/xl2tpd/ Source0: https://github.com/xelerance/xl2tpd/archive/refs/tags/v%{version}/xl2tpd-%{version}.tar.gz Source1: xl2tpd.service @@ -54,9 +54,9 @@ It was de-facto maintained by Jacco de Leeuw in 2002 and 2003. %prep %setup -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 +%patch -P1 -p1 +%patch -P2 -p1 +%patch -P3 -p1 %build export CFLAGS="$CFLAGS -fPIC -Wall -DTRUST_PPPD_TO_DIE" @@ -70,7 +70,7 @@ sed -i "s/lock/#obsolete: lock/" examples/ppp-options.xl2tpd %make_build %install -make DESTDIR=%{buildroot} PREFIX=%{_prefix} install +make DESTDIR=%{buildroot} PREFIX=%{_prefix} SBINDIR=%{buildroot}%{_sbindir} install install -d 0755 %{buildroot}%{_unitdir} install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/xl2tpd.service mkdir -p %{buildroot}/%{_tmpfilesdir} @@ -117,6 +117,24 @@ install -p -D -m755 -d %{buildroot}%{_rundir}/xl2tpd %ghost %attr(0600,root,root) %{_rundir}/xl2tpd/l2tp-control %changelog +* Mon Dec 30 2024 Arkady L. Shane - 1.3.17-6 +- Rebuilt for MSVSphere 10 + +* Sat Jul 20 2024 Fedora Release Engineering - 1.3.17-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Mon Jun 17 2024 Miroslav Suchý - 1.3.17-5 +- convert license to SPDX + +* Sat Jan 27 2024 Fedora Release Engineering - 1.3.17-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sat Jul 22 2023 Fedora Release Engineering - 1.3.17-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Sat Jan 21 2023 Fedora Release Engineering - 1.3.17-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Mon Sep 19 2022 Paul Wouters - #include "l2tp.h" - -+#include -+ - extern void bufferDump (char *, int); - - /* FIXME: Accounting? */ -@@ -273,11 +275,11 @@ - #endif - - memset (chal->response, 0, MD_SIG_SIZE); -- MD5Init (&chal->md5); -- MD5Update (&chal->md5, &chal->ss, 1); -- MD5Update (&chal->md5, chal->secret, strlen ((char *)chal->secret)); -- MD5Update (&chal->md5, chal->challenge, chal->chal_len); -- MD5Final (chal->response, &chal->md5); -+ MD5_Init (&chal->md5); -+ MD5_Update (&chal->md5, &chal->ss, 1); -+ MD5_Update (&chal->md5, chal->secret, strlen ((char *)chal->secret)); -+ MD5_Update (&chal->md5, chal->challenge, chal->chal_len); -+ MD5_Final (chal->response, &chal->md5); - #ifdef DEBUG_AUTH - l2tp_log (LOG_DEBUG, "response is %X%X%X%X to '%s' and %X%X%X%X, %d\n", - *((int *) &chal->response[0]), -@@ -392,12 +394,12 @@ - buf->len += length; - /* Back to the beginning of real data, including the original length AVP */ - -- MD5Init (&t->chal_them.md5); -- MD5Update (&t->chal_them.md5, (void *) &attr, 2); -- MD5Update (&t->chal_them.md5, t->chal_them.secret, -+ MD5_Init (&t->chal_them.md5); -+ MD5_Update (&t->chal_them.md5, (void *) &attr, 2); -+ MD5_Update (&t->chal_them.md5, t->chal_them.secret, - strlen ((char *)t->chal_them.secret)); -- MD5Update (&t->chal_them.md5, t->chal_them.vector, VECTOR_SIZE); -- MD5Final (digest, &t->chal_them.md5); -+ MD5_Update (&t->chal_them.md5, t->chal_them.vector, VECTOR_SIZE); -+ MD5_Final (digest, &t->chal_them.md5); - - /* Though not a "MUST" in the spec, our subformat length is always a multiple of 16 */ - ptr = ((unsigned char *) new_hdr) + sizeof (struct avp_hdr); -@@ -421,11 +423,11 @@ - #endif - if (ptr < end) - { -- MD5Init (&t->chal_them.md5); -- MD5Update (&t->chal_them.md5, t->chal_them.secret, -+ MD5_Init (&t->chal_them.md5); -+ MD5_Update (&t->chal_them.md5, t->chal_them.secret, - strlen ((char *)t->chal_them.secret)); -- MD5Update (&t->chal_them.md5, previous_segment, MD_SIG_SIZE); -- MD5Final (digest, &t->chal_them.md5); -+ MD5_Update (&t->chal_them.md5, previous_segment, MD_SIG_SIZE); -+ MD5_Final (digest, &t->chal_them.md5); - } - previous_segment = ptr; - } -@@ -458,12 +460,12 @@ - that it will be padded to a 16 byte boundary, so we - have to be more careful than when encrypting */ - attr = ntohs (old_hdr->attr); -- MD5Init (&t->chal_us.md5); -- MD5Update (&t->chal_us.md5, (void *) &attr, 2); -- MD5Update (&t->chal_us.md5, t->chal_us.secret, -+ MD5_Init (&t->chal_us.md5); -+ MD5_Update (&t->chal_us.md5, (void *) &attr, 2); -+ MD5_Update (&t->chal_us.md5, t->chal_us.secret, - strlen ((char *)t->chal_us.secret)); -- MD5Update (&t->chal_us.md5, t->chal_us.vector, t->chal_us.vector_len); -- MD5Final (digest, &t->chal_us.md5); -+ MD5_Update (&t->chal_us.md5, t->chal_us.vector, t->chal_us.vector_len); -+ MD5_Final (digest, &t->chal_us.md5); - #ifdef DEBUG_HIDDEN - l2tp_log (LOG_DEBUG, "attribute is %d and challenge is: ", attr); - print_challenge (&t->chal_us); -@@ -474,11 +476,11 @@ - { - if (cnt >= MD_SIG_SIZE) - { -- MD5Init (&t->chal_us.md5); -- MD5Update (&t->chal_us.md5, t->chal_us.secret, -+ MD5_Init (&t->chal_us.md5); -+ MD5_Update (&t->chal_us.md5, t->chal_us.secret, - strlen ((char *)t->chal_us.secret)); -- MD5Update (&t->chal_us.md5, saved_segment, MD_SIG_SIZE); -- MD5Final (digest, &t->chal_us.md5); -+ MD5_Update (&t->chal_us.md5, saved_segment, MD_SIG_SIZE); -+ MD5_Final (digest, &t->chal_us.md5); - cnt = 0; - } - /* at the beginning of each segment, we save the current segment (16 octets or less) of cipher -diff -Naur xl2tpd-1.3.6-orig/aaa.h xl2tpd-1.3.6/aaa.h ---- xl2tpd-1.3.6-orig/aaa.h 2014-01-15 15:58:37.000000000 -0500 -+++ xl2tpd-1.3.6/aaa.h 2014-05-12 15:02:39.262697808 -0400 -@@ -15,7 +15,7 @@ - - #ifndef _AAA_H - #define _AAA_H --#include "md5.h" -+#include - - #define ADDR_HASH_SIZE 256 - #define MD_SIG_SIZE 16 -@@ -34,7 +34,7 @@ - - struct challenge - { -- struct MD5Context md5; -+ MD5_CTX md5; - unsigned char ss; /* State we're sending in */ - unsigned char secret[MAXSTRLEN]; /* The shared secret */ - unsigned char *challenge; /* The original challenge */ -diff -Naur xl2tpd-1.3.6-orig/Makefile xl2tpd-1.3.6/Makefile ---- xl2tpd-1.3.6-orig/Makefile 2014-01-15 15:58:37.000000000 -0500 -+++ xl2tpd-1.3.6/Makefile 2014-05-12 15:03:43.832223559 -0400 -@@ -92,8 +92,8 @@ - IPFLAGS?= -DIP_ALLOCATION - - CFLAGS+= $(DFLAGS) -O2 -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS) --HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h --OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o -+HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h -+OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o - SRCS=${OBJS:.o=.c} ${HDRS} - CONTROL_SRCS=xl2tpd-control.c - #LIBS= $(OSLIBS) # -lefence # efence for malloc checking -@@ -112,7 +112,7 @@ - rm -f $(OBJS) $(EXEC) pfc.o pfc $(CONTROL_EXEC) - - $(EXEC): $(OBJS) $(HDRS) -- $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LDLIBS) -+ $(CC) $(LDFLAGS) -o $@ $(OBJS) -lcrypto $(LDLIBS) - - $(CONTROL_EXEC): $(CONTROL_SRCS) - $(CC) $(CFLAGS) $(LDFLAGS) $(CONTROL_SRCS) -o $@ -diff -Naur xl2tpd-1.3.6-orig/md5.c xl2tpd-1.3.6/md5.c ---- xl2tpd-1.3.6-orig/md5.c 2014-01-15 15:58:37.000000000 -0500 -+++ xl2tpd-1.3.6/md5.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,274 +0,0 @@ --#ifdef FREEBSD --# include --#elif defined(OPENBSD) --# define __BSD_VISIBLE 0 --# include --#elif defined(LINUX) --# include --#elif defined(SOLARIS) --# include --#endif --#if __BYTE_ORDER == __BIG_ENDIAN --#define HIGHFIRST 1 --#endif -- --/* -- * This code implements the MD5 message-digest algorithm. -- * The algorithm is due to Ron Rivest. This code was -- * written by Colin Plumb in 1993, no copyright is claimed. -- * This code is in the public domain; do with it what you wish. -- * -- * Equivalent code is available from RSA Data Security, Inc. -- * This code has been tested against that, and is equivalent, -- * except that you don't need to include two pages of legalese -- * with every copy. -- * -- * To compute the message digest of a chunk of bytes, declare an -- * MD5Context structure, pass it to MD5Init, call MD5Update as -- * needed on buffers full of bytes, and then call MD5Final, which -- * will fill a supplied 16-byte array with the digest. -- */ --#include /* for memcpy() */ --#include "md5.h" -- --#ifndef HIGHFIRST --#define byteReverse(buf, len) /* Nothing */ --#else --void byteReverse (unsigned char *buf, unsigned longs); -- --#ifndef ASM_MD5 --/* -- * Note: this code is harmless on little-endian machines. -- */ --void byteReverse (unsigned char *buf, unsigned longs) --{ -- uint32 t; -- do -- { -- t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 | -- ((unsigned) buf[1] << 8 | buf[0]); -- *(uint32 *) buf = t; -- buf += 4; -- } -- while (--longs); --} --#endif --#endif -- --/* -- * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious -- * initialization constants. -- */ --void MD5Init (struct MD5Context *ctx) --{ -- ctx->buf[0] = 0x67452301; -- ctx->buf[1] = 0xefcdab89; -- ctx->buf[2] = 0x98badcfe; -- ctx->buf[3] = 0x10325476; -- -- ctx->bits[0] = 0; -- ctx->bits[1] = 0; --} -- --/* -- * Update context to reflect the concatenation of another buffer full -- * of bytes. -- */ --void MD5Update (struct MD5Context *ctx, unsigned char const *buf, -- unsigned len) --{ -- uint32 t; -- -- /* Update bitcount */ -- -- t = ctx->bits[0]; -- if ((ctx->bits[0] = t + ((uint32) len << 3)) < t) -- ctx->bits[1]++; /* Carry from low to high */ -- ctx->bits[1] += len >> 29; -- -- t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ -- -- /* Handle any leading odd-sized chunks */ -- -- if (t) -- { -- unsigned char *p = (unsigned char *) ctx->in + t; -- -- t = 64 - t; -- if (len < t) -- { -- memcpy (p, buf, len); -- return; -- } -- memcpy (p, buf, t); -- byteReverse (ctx->in, 16); -- MD5Transform (ctx->buf, (uint32 *) ctx->in); -- buf += t; -- len -= t; -- } -- /* Process data in 64-byte chunks */ -- -- while (len >= 64) -- { -- memcpy (ctx->in, buf, 64); -- byteReverse (ctx->in, 16); -- MD5Transform (ctx->buf, (uint32 *) ctx->in); -- buf += 64; -- len -= 64; -- } -- -- /* Handle any remaining bytes of data. */ -- -- memcpy (ctx->in, buf, len); --} -- --/* -- * Final wrapup - pad to 64-byte boundary with the bit pattern -- * 1 0* (64-bit count of bits processed, MSB-first) -- */ --void MD5Final (unsigned char digest[16], struct MD5Context *ctx) --{ -- unsigned count; -- unsigned char *p; -- -- /* Compute number of bytes mod 64 */ -- count = (ctx->bits[0] >> 3) & 0x3F; -- -- /* Set the first char of padding to 0x80. This is safe since there is -- always at least one byte free */ -- p = ctx->in + count; -- *p++ = 0x80; -- -- /* Bytes of padding needed to make 64 bytes */ -- count = 64 - 1 - count; -- -- /* Pad out to 56 mod 64 */ -- if (count < 8) -- { -- /* Two lots of padding: Pad the first block to 64 bytes */ -- memset (p, 0, count); -- byteReverse (ctx->in, 16); -- MD5Transform (ctx->buf, (uint32 *) ctx->in); -- -- /* Now fill the next block with 56 bytes */ -- memset (ctx->in, 0, 56); -- } -- else -- { -- /* Pad block to 56 bytes */ -- memset (p, 0, count - 8); -- } -- byteReverse (ctx->in, 14); -- -- /* Append length in bits and transform */ -- memcpy(ctx->in + 14 * sizeof(uint32), ctx->bits, sizeof(ctx->bits)); -- -- MD5Transform (ctx->buf, (uint32 *) ctx->in); -- byteReverse ((unsigned char *) ctx->buf, 4); -- memcpy (digest, ctx->buf, 16); -- memset (ctx, 0, sizeof (ctx)); /* In case it's sensitive */ --} -- --#ifndef ASM_MD5 -- --/* The four core functions - F1 is optimized somewhat */ -- --/* #define F1(x, y, z) (x & y | ~x & z) */ --#define F1(x, y, z) (z ^ (x & (y ^ z))) --#define F2(x, y, z) F1(z, x, y) --#define F3(x, y, z) (x ^ y ^ z) --#define F4(x, y, z) (y ^ (x | ~z)) -- --/* This is the central step in the MD5 algorithm. */ --#define MD5STEP(f, w, x, y, z, data, s) \ -- ( w += f(x, y, z) + data, w = w<>(32-s), w += x ) -- --/* -- * The core of the MD5 algorithm, this alters an existing MD5 hash to -- * reflect the addition of 16 longwords of new data. MD5Update blocks -- * the data and converts bytes into longwords for this routine. -- */ --void MD5Transform (uint32 buf[4], uint32 const in[16]) --{ -- register uint32 a, b, c, d; -- -- a = buf[0]; -- b = buf[1]; -- c = buf[2]; -- d = buf[3]; -- -- MD5STEP (F1, a, b, c, d, in[0] + 0xd76aa478, 7); -- MD5STEP (F1, d, a, b, c, in[1] + 0xe8c7b756, 12); -- MD5STEP (F1, c, d, a, b, in[2] + 0x242070db, 17); -- MD5STEP (F1, b, c, d, a, in[3] + 0xc1bdceee, 22); -- MD5STEP (F1, a, b, c, d, in[4] + 0xf57c0faf, 7); -- MD5STEP (F1, d, a, b, c, in[5] + 0x4787c62a, 12); -- MD5STEP (F1, c, d, a, b, in[6] + 0xa8304613, 17); -- MD5STEP (F1, b, c, d, a, in[7] + 0xfd469501, 22); -- MD5STEP (F1, a, b, c, d, in[8] + 0x698098d8, 7); -- MD5STEP (F1, d, a, b, c, in[9] + 0x8b44f7af, 12); -- MD5STEP (F1, c, d, a, b, in[10] + 0xffff5bb1, 17); -- MD5STEP (F1, b, c, d, a, in[11] + 0x895cd7be, 22); -- MD5STEP (F1, a, b, c, d, in[12] + 0x6b901122, 7); -- MD5STEP (F1, d, a, b, c, in[13] + 0xfd987193, 12); -- MD5STEP (F1, c, d, a, b, in[14] + 0xa679438e, 17); -- MD5STEP (F1, b, c, d, a, in[15] + 0x49b40821, 22); -- -- MD5STEP (F2, a, b, c, d, in[1] + 0xf61e2562, 5); -- MD5STEP (F2, d, a, b, c, in[6] + 0xc040b340, 9); -- MD5STEP (F2, c, d, a, b, in[11] + 0x265e5a51, 14); -- MD5STEP (F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); -- MD5STEP (F2, a, b, c, d, in[5] + 0xd62f105d, 5); -- MD5STEP (F2, d, a, b, c, in[10] + 0x02441453, 9); -- MD5STEP (F2, c, d, a, b, in[15] + 0xd8a1e681, 14); -- MD5STEP (F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); -- MD5STEP (F2, a, b, c, d, in[9] + 0x21e1cde6, 5); -- MD5STEP (F2, d, a, b, c, in[14] + 0xc33707d6, 9); -- MD5STEP (F2, c, d, a, b, in[3] + 0xf4d50d87, 14); -- MD5STEP (F2, b, c, d, a, in[8] + 0x455a14ed, 20); -- MD5STEP (F2, a, b, c, d, in[13] + 0xa9e3e905, 5); -- MD5STEP (F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); -- MD5STEP (F2, c, d, a, b, in[7] + 0x676f02d9, 14); -- MD5STEP (F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); -- -- MD5STEP (F3, a, b, c, d, in[5] + 0xfffa3942, 4); -- MD5STEP (F3, d, a, b, c, in[8] + 0x8771f681, 11); -- MD5STEP (F3, c, d, a, b, in[11] + 0x6d9d6122, 16); -- MD5STEP (F3, b, c, d, a, in[14] + 0xfde5380c, 23); -- MD5STEP (F3, a, b, c, d, in[1] + 0xa4beea44, 4); -- MD5STEP (F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); -- MD5STEP (F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); -- MD5STEP (F3, b, c, d, a, in[10] + 0xbebfbc70, 23); -- MD5STEP (F3, a, b, c, d, in[13] + 0x289b7ec6, 4); -- MD5STEP (F3, d, a, b, c, in[0] + 0xeaa127fa, 11); -- MD5STEP (F3, c, d, a, b, in[3] + 0xd4ef3085, 16); -- MD5STEP (F3, b, c, d, a, in[6] + 0x04881d05, 23); -- MD5STEP (F3, a, b, c, d, in[9] + 0xd9d4d039, 4); -- MD5STEP (F3, d, a, b, c, in[12] + 0xe6db99e5, 11); -- MD5STEP (F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); -- MD5STEP (F3, b, c, d, a, in[2] + 0xc4ac5665, 23); -- -- MD5STEP (F4, a, b, c, d, in[0] + 0xf4292244, 6); -- MD5STEP (F4, d, a, b, c, in[7] + 0x432aff97, 10); -- MD5STEP (F4, c, d, a, b, in[14] + 0xab9423a7, 15); -- MD5STEP (F4, b, c, d, a, in[5] + 0xfc93a039, 21); -- MD5STEP (F4, a, b, c, d, in[12] + 0x655b59c3, 6); -- MD5STEP (F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); -- MD5STEP (F4, c, d, a, b, in[10] + 0xffeff47d, 15); -- MD5STEP (F4, b, c, d, a, in[1] + 0x85845dd1, 21); -- MD5STEP (F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); -- MD5STEP (F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); -- MD5STEP (F4, c, d, a, b, in[6] + 0xa3014314, 15); -- MD5STEP (F4, b, c, d, a, in[13] + 0x4e0811a1, 21); -- MD5STEP (F4, a, b, c, d, in[4] + 0xf7537e82, 6); -- MD5STEP (F4, d, a, b, c, in[11] + 0xbd3af235, 10); -- MD5STEP (F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); -- MD5STEP (F4, b, c, d, a, in[9] + 0xeb86d391, 21); -- -- buf[0] += a; -- buf[1] += b; -- buf[2] += c; -- buf[3] += d; --} -- --#endif -diff -Naur xl2tpd-1.3.6-orig/md5.h xl2tpd-1.3.6/md5.h ---- xl2tpd-1.3.6-orig/md5.h 2014-01-15 15:58:37.000000000 -0500 -+++ xl2tpd-1.3.6/md5.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,28 +0,0 @@ --#ifndef MD5_H --#define MD5_H -- --#ifdef __alpha --typedef unsigned int uint32; --#else --typedef unsigned long uint32; --#endif -- --struct MD5Context --{ -- uint32 buf[4]; -- uint32 bits[2]; -- unsigned char in[64]; --}; -- --void MD5Init (struct MD5Context *context); --void MD5Update (struct MD5Context *context, unsigned char const *buf, -- unsigned len); --void MD5Final (unsigned char digest[16], struct MD5Context *context); --void MD5Transform (uint32 buf[4], uint32 const in[16]); -- --/* -- * This is needed to make RSAREF happy on some MS-DOS compilers. -- */ --typedef struct MD5Context MD5_CTX; -- --#endif /* !MD5_H */ -diff -Naur xl2tpd-1.3.6-orig/xl2tpd.c xl2tpd-1.3.6/xl2tpd.c ---- xl2tpd-1.3.6-orig/xl2tpd.c 2014-01-15 15:58:37.000000000 -0500 -+++ xl2tpd-1.3.6/xl2tpd.c 2014-05-12 14:58:58.903490392 -0400 -@@ -1310,7 +1310,10 @@ - - - void usage(void) { -- printf("\nxl2tpd version: %s\n", SERVER_VERSION); -+ printf("\nxl2tpd version: %s\n" -+"This product includes software developed by the OpenSSL Project for use\n" -+"in the OpenSSL Toolkit. (http://www.openssl.org/)\n" -+, SERVER_VERSION); - printf("Usage: xl2tpd [-c ] [-s ] [-p ]\n" - " [-C ] [-D]\n" - " [-v, --version]\n"); diff --git a/xl2tpd-1.3.6-saref.patch b/xl2tpd-1.3.6-saref.patch deleted file mode 100644 index c0b2160..0000000 --- a/xl2tpd-1.3.6-saref.patch +++ /dev/null @@ -1,36 +0,0 @@ -diff -Naur xl2tpd-5619e1771048e74b729804e8602f409af0f3faea-orig/file.c xl2tpd-5619e1771048e74b729804e8602f409af0f3faea/file.c ---- xl2tpd-5619e1771048e74b729804e8602f409af0f3faea-orig/file.c 2014-01-15 15:58:37.000000000 -0500 -+++ xl2tpd-5619e1771048e74b729804e8602f409af0f3faea/file.c 2014-06-14 12:34:06.422355636 -0400 -@@ -42,6 +42,8 @@ - - gconfig.port = UDP_LISTEN_PORT; - gconfig.sarefnum = IP_IPSEC_REFINFO; /* default use the latest we know */ -+ gconfig.ipsecsaref = 0; /* default off - requires patched KLIPS kernel module */ -+ gconfig.forceuserspace = 0; /* default off - allow kernel decap of data packets */ - gconfig.listenaddr = htonl(INADDR_ANY); /* Default is to bind (listen) to all interfaces */ - gconfig.debug_avp = 0; - gconfig.debug_network = 0; -diff -Naur xl2tpd-5619e1771048e74b729804e8602f409af0f3faea-orig/network.c xl2tpd-5619e1771048e74b729804e8602f409af0f3faea/network.c ---- xl2tpd-5619e1771048e74b729804e8602f409af0f3faea-orig/network.c 2014-01-15 15:58:37.000000000 -0500 -+++ xl2tpd-5619e1771048e74b729804e8602f409af0f3faea/network.c 2014-06-14 12:37:06.953574143 -0400 -@@ -78,6 +78,12 @@ - * For L2TP/IPsec with KLIPSng, set the socket to receive IPsec REFINFO - * values. - */ -+ if (!gconfig.ipsecsaref) -+ { -+ l2tp_log (LOG_INFO, "Not looking for kernel SAref support.\n"); -+ } -+ else -+ { - arg=1; - if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum, - &arg, sizeof(arg)) != 0) { -@@ -85,6 +91,7 @@ - - gconfig.ipsecsaref=0; - } -+ } - - arg=1; - if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) { diff --git a/xl2tpd-1.3.8-kernelmode.patch b/xl2tpd-1.3.8-kernelmode.patch deleted file mode 100644 index 9349a8c..0000000 --- a/xl2tpd-1.3.8-kernelmode.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -Naur xl2tpd-1.3.8-orig/network.c xl2tpd-1.3.8/network.c ---- xl2tpd-1.3.8-orig/network.c 2016-08-24 11:56:13.438007170 -0400 -+++ xl2tpd-1.3.8/network.c 2016-08-24 12:22:36.945960487 -0400 -@@ -781,6 +781,9 @@ - sax.pppol2tp.addr.sin_family = AF_INET; - sax.pppol2tp.s_tunnel = t->ourtid; - sax.pppol2tp.d_tunnel = t->tid; -+ sax.pppol2tp.s_session = 0; -+ sax.pppol2tp.d_session = 0; -+ - if ((connect(fd2, (struct sockaddr *)&sax, sizeof(sax))) < 0) { - l2tp_log (LOG_WARNING, "%s: Unable to connect PPPoL2TP socket. %d %s\n", - __FUNCTION__, errno, strerror(errno)); -diff -Naur xl2tpd-1.3.8-orig/xl2tpd.c xl2tpd-1.3.8/xl2tpd.c ---- xl2tpd-1.3.8-orig/xl2tpd.c 2016-08-24 11:56:13.436007180 -0400 -+++ xl2tpd-1.3.8/xl2tpd.c 2016-08-24 12:07:47.057504872 -0400 -@@ -274,9 +274,6 @@ - * OK...pppd died, we can go ahead and close the pty for - * it - */ --#ifdef USE_KERNEL -- if (!kernel_support) --#endif - close (c->fd); - c->fd = -1; - /* diff --git a/xl2tpd-1.3.8-md5-fips.patch b/xl2tpd-1.3.8-md5-fips.patch deleted file mode 100644 index bc4d965..0000000 --- a/xl2tpd-1.3.8-md5-fips.patch +++ /dev/null @@ -1,467 +0,0 @@ -diff -Naur xl2tpd-1.3.8-orig/aaa.c xl2tpd-1.3.8/aaa.c ---- xl2tpd-1.3.8-orig/aaa.c 2016-08-11 20:56:53.000000000 -0400 -+++ xl2tpd-1.3.8/aaa.c 2016-08-24 11:40:46.784683160 -0400 -@@ -21,6 +21,8 @@ - #include - #include "l2tp.h" - -+#include -+ - extern void bufferDump (char *, int); - - /* FIXME: Accounting? */ -@@ -273,11 +275,11 @@ - #endif - - memset (chal->response, 0, MD_SIG_SIZE); -- MD5Init (&chal->md5); -- MD5Update (&chal->md5, &chal->ss, 1); -- MD5Update (&chal->md5, chal->secret, strlen ((char *)chal->secret)); -- MD5Update (&chal->md5, chal->challenge, chal->chal_len); -- MD5Final (chal->response, &chal->md5); -+ MD5_Init (&chal->md5); -+ MD5_Update (&chal->md5, &chal->ss, 1); -+ MD5_Update (&chal->md5, chal->secret, strlen ((char *)chal->secret)); -+ MD5_Update (&chal->md5, chal->challenge, chal->chal_len); -+ MD5_Final (chal->response, &chal->md5); - #ifdef DEBUG_AUTH - l2tp_log (LOG_DEBUG, "response is %X%X%X%X to '%s' and %X%X%X%X, %d\n", - *((int *) &chal->response[0]), -@@ -392,12 +394,12 @@ - buf->len += length; - /* Back to the beginning of real data, including the original length AVP */ - -- MD5Init (&t->chal_them.md5); -- MD5Update (&t->chal_them.md5, (void *) &attr, 2); -- MD5Update (&t->chal_them.md5, t->chal_them.secret, -+ MD5_Init (&t->chal_them.md5); -+ MD5_Update (&t->chal_them.md5, (void *) &attr, 2); -+ MD5_Update (&t->chal_them.md5, t->chal_them.secret, - strlen ((char *)t->chal_them.secret)); -- MD5Update (&t->chal_them.md5, t->chal_them.vector, VECTOR_SIZE); -- MD5Final (digest, &t->chal_them.md5); -+ MD5_Update (&t->chal_them.md5, t->chal_them.vector, VECTOR_SIZE); -+ MD5_Final (digest, &t->chal_them.md5); - - /* Though not a "MUST" in the spec, our subformat length is always a multiple of 16 */ - ptr = ((unsigned char *) new_hdr) + sizeof (struct avp_hdr); -@@ -421,11 +423,11 @@ - #endif - if (ptr < end) - { -- MD5Init (&t->chal_them.md5); -- MD5Update (&t->chal_them.md5, t->chal_them.secret, -+ MD5_Init (&t->chal_them.md5); -+ MD5_Update (&t->chal_them.md5, t->chal_them.secret, - strlen ((char *)t->chal_them.secret)); -- MD5Update (&t->chal_them.md5, previous_segment, MD_SIG_SIZE); -- MD5Final (digest, &t->chal_them.md5); -+ MD5_Update (&t->chal_them.md5, previous_segment, MD_SIG_SIZE); -+ MD5_Final (digest, &t->chal_them.md5); - } - previous_segment = ptr; - } -@@ -458,12 +460,12 @@ - that it will be padded to a 16 byte boundary, so we - have to be more careful than when encrypting */ - attr = ntohs (old_hdr->attr); -- MD5Init (&t->chal_us.md5); -- MD5Update (&t->chal_us.md5, (void *) &attr, 2); -- MD5Update (&t->chal_us.md5, t->chal_us.secret, -+ MD5_Init (&t->chal_us.md5); -+ MD5_Update (&t->chal_us.md5, (void *) &attr, 2); -+ MD5_Update (&t->chal_us.md5, t->chal_us.secret, - strlen ((char *)t->chal_us.secret)); -- MD5Update (&t->chal_us.md5, t->chal_us.vector, t->chal_us.vector_len); -- MD5Final (digest, &t->chal_us.md5); -+ MD5_Update (&t->chal_us.md5, t->chal_us.vector, t->chal_us.vector_len); -+ MD5_Final (digest, &t->chal_us.md5); - #ifdef DEBUG_HIDDEN - l2tp_log (LOG_DEBUG, "attribute is %d and challenge is: ", attr); - print_challenge (&t->chal_us); -@@ -474,11 +476,11 @@ - { - if (cnt >= MD_SIG_SIZE) - { -- MD5Init (&t->chal_us.md5); -- MD5Update (&t->chal_us.md5, t->chal_us.secret, -+ MD5_Init (&t->chal_us.md5); -+ MD5_Update (&t->chal_us.md5, t->chal_us.secret, - strlen ((char *)t->chal_us.secret)); -- MD5Update (&t->chal_us.md5, saved_segment, MD_SIG_SIZE); -- MD5Final (digest, &t->chal_us.md5); -+ MD5_Update (&t->chal_us.md5, saved_segment, MD_SIG_SIZE); -+ MD5_Final (digest, &t->chal_us.md5); - cnt = 0; - } - /* at the beginning of each segment, we save the current segment (16 octets or less) of cipher -diff -Naur xl2tpd-1.3.8-orig/aaa.h xl2tpd-1.3.8/aaa.h ---- xl2tpd-1.3.8-orig/aaa.h 2016-08-11 20:56:53.000000000 -0400 -+++ xl2tpd-1.3.8/aaa.h 2016-08-24 11:41:21.032506562 -0400 -@@ -15,7 +15,7 @@ - - #ifndef _AAA_H - #define _AAA_H --#include "md5.h" -+#include - - #define ADDR_HASH_SIZE 256 - #define MD_SIG_SIZE 16 -@@ -34,7 +34,7 @@ - - struct challenge - { -- struct MD5Context md5; -+ MD5_CTX md5; - unsigned char ss; /* State we're sending in */ - unsigned char secret[MAXSTRLEN]; /* The shared secret */ - unsigned char *challenge; /* The original challenge */ -diff -Naur xl2tpd-1.3.8-orig/Makefile xl2tpd-1.3.8/Makefile ---- xl2tpd-1.3.8-orig/Makefile 2016-08-11 20:56:53.000000000 -0400 -+++ xl2tpd-1.3.8/Makefile 2016-08-24 11:42:18.389210804 -0400 -@@ -98,8 +98,8 @@ - IPFLAGS?= -DIP_ALLOCATION - - CFLAGS+= $(DFLAGS) -Os -Wall -DSANITY $(OSFLAGS) $(IPFLAGS) --HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h --OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o -+HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h -+OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o - SRCS=${OBJS:.o=.c} ${HDRS} - CONTROL_SRCS=xl2tpd-control.c - #LIBS= $(OSLIBS) # -lefence # efence for malloc checking -@@ -119,7 +119,7 @@ - rm -f $(OBJS) $(EXEC) pfc.o pfc $(CONTROL_EXEC) - - $(EXEC): $(OBJS) $(HDRS) -- $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LDLIBS) -+ $(CC) $(LDFLAGS) -o $@ $(OBJS) -lcrypto $(LDLIBS) - - $(CONTROL_EXEC): $(CONTROL_SRCS) - $(CC) $(CFLAGS) $(LDFLAGS) $(CONTROL_SRCS) -o $@ -diff -Naur xl2tpd-1.3.8-orig/md5.c xl2tpd-1.3.8/md5.c ---- xl2tpd-1.3.8-orig/md5.c 2016-08-11 20:56:53.000000000 -0400 -+++ xl2tpd-1.3.8/md5.c 2016-08-24 11:42:47.940058425 -0400 -@@ -1,274 +0,0 @@ --#ifdef FREEBSD --# include --#elif defined(OPENBSD) || defined(NETBSD) --# define __BSD_VISIBLE 0 --# include --#elif defined(LINUX) --# include --#elif defined(SOLARIS) --# include --#endif --#if __BYTE_ORDER == __BIG_ENDIAN --#define HIGHFIRST 1 --#endif -- --/* -- * This code implements the MD5 message-digest algorithm. -- * The algorithm is due to Ron Rivest. This code was -- * written by Colin Plumb in 1993, no copyright is claimed. -- * This code is in the public domain; do with it what you wish. -- * -- * Equivalent code is available from RSA Data Security, Inc. -- * This code has been tested against that, and is equivalent, -- * except that you don't need to include two pages of legalese -- * with every copy. -- * -- * To compute the message digest of a chunk of bytes, declare an -- * MD5Context structure, pass it to MD5Init, call MD5Update as -- * needed on buffers full of bytes, and then call MD5Final, which -- * will fill a supplied 16-byte array with the digest. -- */ --#include /* for memcpy() */ --#include "md5.h" -- --#ifndef HIGHFIRST --#define byteReverse(buf, len) /* Nothing */ --#else --void byteReverse (unsigned char *buf, unsigned longs); -- --#ifndef ASM_MD5 --/* -- * Note: this code is harmless on little-endian machines. -- */ --void byteReverse (unsigned char *buf, unsigned longs) --{ -- uint32 t; -- do -- { -- t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 | -- ((unsigned) buf[1] << 8 | buf[0]); -- *(uint32 *) buf = t; -- buf += 4; -- } -- while (--longs); --} --#endif --#endif -- --/* -- * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious -- * initialization constants. -- */ --void MD5Init (struct MD5Context *ctx) --{ -- ctx->buf[0] = 0x67452301; -- ctx->buf[1] = 0xefcdab89; -- ctx->buf[2] = 0x98badcfe; -- ctx->buf[3] = 0x10325476; -- -- ctx->bits[0] = 0; -- ctx->bits[1] = 0; --} -- --/* -- * Update context to reflect the concatenation of another buffer full -- * of bytes. -- */ --void MD5Update (struct MD5Context *ctx, unsigned char const *buf, -- unsigned len) --{ -- uint32 t; -- -- /* Update bitcount */ -- -- t = ctx->bits[0]; -- if ((ctx->bits[0] = t + ((uint32) len << 3)) < t) -- ctx->bits[1]++; /* Carry from low to high */ -- ctx->bits[1] += len >> 29; -- -- t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ -- -- /* Handle any leading odd-sized chunks */ -- -- if (t) -- { -- unsigned char *p = (unsigned char *) ctx->in + t; -- -- t = 64 - t; -- if (len < t) -- { -- memcpy (p, buf, len); -- return; -- } -- memcpy (p, buf, t); -- byteReverse (ctx->in, 16); -- MD5Transform (ctx->buf, (uint32 *) ctx->in); -- buf += t; -- len -= t; -- } -- /* Process data in 64-byte chunks */ -- -- while (len >= 64) -- { -- memcpy (ctx->in, buf, 64); -- byteReverse (ctx->in, 16); -- MD5Transform (ctx->buf, (uint32 *) ctx->in); -- buf += 64; -- len -= 64; -- } -- -- /* Handle any remaining bytes of data. */ -- -- memcpy (ctx->in, buf, len); --} -- --/* -- * Final wrapup - pad to 64-byte boundary with the bit pattern -- * 1 0* (64-bit count of bits processed, MSB-first) -- */ --void MD5Final (unsigned char digest[16], struct MD5Context *ctx) --{ -- unsigned count; -- unsigned char *p; -- -- /* Compute number of bytes mod 64 */ -- count = (ctx->bits[0] >> 3) & 0x3F; -- -- /* Set the first char of padding to 0x80. This is safe since there is -- always at least one byte free */ -- p = ctx->in + count; -- *p++ = 0x80; -- -- /* Bytes of padding needed to make 64 bytes */ -- count = 64 - 1 - count; -- -- /* Pad out to 56 mod 64 */ -- if (count < 8) -- { -- /* Two lots of padding: Pad the first block to 64 bytes */ -- memset (p, 0, count); -- byteReverse (ctx->in, 16); -- MD5Transform (ctx->buf, (uint32 *) ctx->in); -- -- /* Now fill the next block with 56 bytes */ -- memset (ctx->in, 0, 56); -- } -- else -- { -- /* Pad block to 56 bytes */ -- memset (p, 0, count - 8); -- } -- byteReverse (ctx->in, 14); -- -- /* Append length in bits and transform */ -- memcpy(ctx->in + 14 * sizeof(uint32), ctx->bits, sizeof(ctx->bits)); -- -- MD5Transform (ctx->buf, (uint32 *) ctx->in); -- byteReverse ((unsigned char *) ctx->buf, 4); -- memcpy (digest, ctx->buf, 16); -- memset (ctx, 0, sizeof (*ctx)); /* In case it's sensitive */ --} -- --#ifndef ASM_MD5 -- --/* The four core functions - F1 is optimized somewhat */ -- --/* #define F1(x, y, z) (x & y | ~x & z) */ --#define F1(x, y, z) (z ^ (x & (y ^ z))) --#define F2(x, y, z) F1(z, x, y) --#define F3(x, y, z) (x ^ y ^ z) --#define F4(x, y, z) (y ^ (x | ~z)) -- --/* This is the central step in the MD5 algorithm. */ --#define MD5STEP(f, w, x, y, z, data, s) \ -- ( w += f(x, y, z) + data, w = w<>(32-s), w += x ) -- --/* -- * The core of the MD5 algorithm, this alters an existing MD5 hash to -- * reflect the addition of 16 longwords of new data. MD5Update blocks -- * the data and converts bytes into longwords for this routine. -- */ --void MD5Transform (uint32 buf[4], uint32 const in[16]) --{ -- register uint32 a, b, c, d; -- -- a = buf[0]; -- b = buf[1]; -- c = buf[2]; -- d = buf[3]; -- -- MD5STEP (F1, a, b, c, d, in[0] + 0xd76aa478, 7); -- MD5STEP (F1, d, a, b, c, in[1] + 0xe8c7b756, 12); -- MD5STEP (F1, c, d, a, b, in[2] + 0x242070db, 17); -- MD5STEP (F1, b, c, d, a, in[3] + 0xc1bdceee, 22); -- MD5STEP (F1, a, b, c, d, in[4] + 0xf57c0faf, 7); -- MD5STEP (F1, d, a, b, c, in[5] + 0x4787c62a, 12); -- MD5STEP (F1, c, d, a, b, in[6] + 0xa8304613, 17); -- MD5STEP (F1, b, c, d, a, in[7] + 0xfd469501, 22); -- MD5STEP (F1, a, b, c, d, in[8] + 0x698098d8, 7); -- MD5STEP (F1, d, a, b, c, in[9] + 0x8b44f7af, 12); -- MD5STEP (F1, c, d, a, b, in[10] + 0xffff5bb1, 17); -- MD5STEP (F1, b, c, d, a, in[11] + 0x895cd7be, 22); -- MD5STEP (F1, a, b, c, d, in[12] + 0x6b901122, 7); -- MD5STEP (F1, d, a, b, c, in[13] + 0xfd987193, 12); -- MD5STEP (F1, c, d, a, b, in[14] + 0xa679438e, 17); -- MD5STEP (F1, b, c, d, a, in[15] + 0x49b40821, 22); -- -- MD5STEP (F2, a, b, c, d, in[1] + 0xf61e2562, 5); -- MD5STEP (F2, d, a, b, c, in[6] + 0xc040b340, 9); -- MD5STEP (F2, c, d, a, b, in[11] + 0x265e5a51, 14); -- MD5STEP (F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); -- MD5STEP (F2, a, b, c, d, in[5] + 0xd62f105d, 5); -- MD5STEP (F2, d, a, b, c, in[10] + 0x02441453, 9); -- MD5STEP (F2, c, d, a, b, in[15] + 0xd8a1e681, 14); -- MD5STEP (F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); -- MD5STEP (F2, a, b, c, d, in[9] + 0x21e1cde6, 5); -- MD5STEP (F2, d, a, b, c, in[14] + 0xc33707d6, 9); -- MD5STEP (F2, c, d, a, b, in[3] + 0xf4d50d87, 14); -- MD5STEP (F2, b, c, d, a, in[8] + 0x455a14ed, 20); -- MD5STEP (F2, a, b, c, d, in[13] + 0xa9e3e905, 5); -- MD5STEP (F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); -- MD5STEP (F2, c, d, a, b, in[7] + 0x676f02d9, 14); -- MD5STEP (F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); -- -- MD5STEP (F3, a, b, c, d, in[5] + 0xfffa3942, 4); -- MD5STEP (F3, d, a, b, c, in[8] + 0x8771f681, 11); -- MD5STEP (F3, c, d, a, b, in[11] + 0x6d9d6122, 16); -- MD5STEP (F3, b, c, d, a, in[14] + 0xfde5380c, 23); -- MD5STEP (F3, a, b, c, d, in[1] + 0xa4beea44, 4); -- MD5STEP (F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); -- MD5STEP (F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); -- MD5STEP (F3, b, c, d, a, in[10] + 0xbebfbc70, 23); -- MD5STEP (F3, a, b, c, d, in[13] + 0x289b7ec6, 4); -- MD5STEP (F3, d, a, b, c, in[0] + 0xeaa127fa, 11); -- MD5STEP (F3, c, d, a, b, in[3] + 0xd4ef3085, 16); -- MD5STEP (F3, b, c, d, a, in[6] + 0x04881d05, 23); -- MD5STEP (F3, a, b, c, d, in[9] + 0xd9d4d039, 4); -- MD5STEP (F3, d, a, b, c, in[12] + 0xe6db99e5, 11); -- MD5STEP (F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); -- MD5STEP (F3, b, c, d, a, in[2] + 0xc4ac5665, 23); -- -- MD5STEP (F4, a, b, c, d, in[0] + 0xf4292244, 6); -- MD5STEP (F4, d, a, b, c, in[7] + 0x432aff97, 10); -- MD5STEP (F4, c, d, a, b, in[14] + 0xab9423a7, 15); -- MD5STEP (F4, b, c, d, a, in[5] + 0xfc93a039, 21); -- MD5STEP (F4, a, b, c, d, in[12] + 0x655b59c3, 6); -- MD5STEP (F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); -- MD5STEP (F4, c, d, a, b, in[10] + 0xffeff47d, 15); -- MD5STEP (F4, b, c, d, a, in[1] + 0x85845dd1, 21); -- MD5STEP (F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); -- MD5STEP (F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); -- MD5STEP (F4, c, d, a, b, in[6] + 0xa3014314, 15); -- MD5STEP (F4, b, c, d, a, in[13] + 0x4e0811a1, 21); -- MD5STEP (F4, a, b, c, d, in[4] + 0xf7537e82, 6); -- MD5STEP (F4, d, a, b, c, in[11] + 0xbd3af235, 10); -- MD5STEP (F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); -- MD5STEP (F4, b, c, d, a, in[9] + 0xeb86d391, 21); -- -- buf[0] += a; -- buf[1] += b; -- buf[2] += c; -- buf[3] += d; --} -- --#endif -diff -Naur xl2tpd-1.3.8-orig/md5.h xl2tpd-1.3.8/md5.h ---- xl2tpd-1.3.8-orig/md5.h 2016-08-11 20:56:53.000000000 -0400 -+++ xl2tpd-1.3.8/md5.h 2016-08-24 11:42:51.182041708 -0400 -@@ -1,29 +0,0 @@ --#ifndef MD5_H --#define MD5_H -- --#ifdef __alpha --typedef unsigned int uint32; --#else --#include --typedef uint32_t uint32; --#endif -- --struct MD5Context --{ -- uint32 buf[4]; -- uint32 bits[2]; -- unsigned char in[64]; --}; -- --void MD5Init (struct MD5Context *context); --void MD5Update (struct MD5Context *context, unsigned char const *buf, -- unsigned len); --void MD5Final (unsigned char digest[16], struct MD5Context *context); --void MD5Transform (uint32 buf[4], uint32 const in[16]); -- --/* -- * This is needed to make RSAREF happy on some MS-DOS compilers. -- */ --typedef struct MD5Context MD5_CTX; -- --#endif /* !MD5_H */ -diff -Naur xl2tpd-1.3.8-orig/xl2tpd.c xl2tpd-1.3.8/xl2tpd.c ---- xl2tpd-1.3.8-orig/xl2tpd.c 2016-08-11 20:56:53.000000000 -0400 -+++ xl2tpd-1.3.8/xl2tpd.c 2016-08-24 11:43:37.704807118 -0400 -@@ -1630,7 +1630,10 @@ - - - void usage(void) { -- printf("\nxl2tpd version: %s\n", SERVER_VERSION); -+ printf("\nxl2tpd version: %s\n" -+"This product includes software developed by the OpenSSL Project for use\n" -+"in the OpenSSL Toolkit. (http://www.openssl.org/)\n" -+, SERVER_VERSION); - printf("Usage: xl2tpd [-c ] [-s ] [-p ]\n" - " [-C ] [-D] [-l]\n" - " [-v, --version]\n"); diff --git a/xl2tpd-1.3.8-saref.patch b/xl2tpd-1.3.8-saref.patch deleted file mode 100644 index 3cd9a23..0000000 --- a/xl2tpd-1.3.8-saref.patch +++ /dev/null @@ -1,59 +0,0 @@ -diff --git a/file.c b/file.c -index f61c221..a6362c0 100644 ---- a/file.c -+++ b/file.c -@@ -42,6 +42,8 @@ int init_config () - - gconfig.port = UDP_LISTEN_PORT; - gconfig.sarefnum = IP_IPSEC_REFINFO; /* default use the latest we know */ -+ gconfig.ipsecsaref = 0; /* default off - requires patched KLIPS kernel module */ -+ gconfig.forceuserspace = 0; /* default off - allow kernel decap of data packets */ - gconfig.listenaddr = htonl(INADDR_ANY); /* Default is to bind (listen) to all interfaces */ - gconfig.debug_avp = 0; - gconfig.debug_network = 0; -diff --git a/network.c b/network.c -index 543d30e..c66d1e3 100644 ---- a/network.c -+++ b/network.c -@@ -78,23 +78,27 @@ int init_network (void) - * For L2TP/IPsec with KLIPSng, set the socket to receive IPsec REFINFO - * values. - */ -- arg=1; -- if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum, -- &arg, sizeof(arg)) != 0) { -- l2tp_log(LOG_CRIT, "setsockopt recvref[%d]: %s\n", gconfig.sarefnum, strerror(errno)); -- -- gconfig.ipsecsaref=0; -- } -- -- arg=1; -- if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) { -- l2tp_log(LOG_CRIT, "setsockopt IP_PKTINFO: %s\n", strerror(errno)); -+ if (!gconfig.ipsecsaref) -+ { -+ l2tp_log (LOG_INFO, "Not looking for kernel SAref support.\n"); - } --#else -+ else - { -- l2tp_log(LOG_INFO, "No attempt being made to use IPsec SAref's since we're not on a Linux machine.\n"); -+ arg=1; -+ if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum, &arg, sizeof(arg)) != 0) { -+ l2tp_log(LOG_CRIT, "setsockopt recvref[%d]: %s\n", gconfig.sarefnum, strerror(errno)); -+ gconfig.ipsecsaref=0; -+ } -+ else -+ { -+ arg=1; -+ if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) { -+ l2tp_log(LOG_CRIT, "setsockopt IP_PKTINFO: %s\n", strerror(errno)); -+ } -+ } - } -- -+#else -+ l2tp_log(LOG_INFO, "No attempt being made to use IPsec SAref's since we're not on a Linux machine.\n"); - #endif - - #ifdef USE_KERNEL