ppp: add shellsync support

Author: coolsnowwolf

feeds.conf.default

@@ -1,4 +1,4 @@
-src-git packages https://git.openwrt.org/feed/packages.git
+src-git packages https://github.com/coolsnowwolf/packages
 src-git luci https://github.com/coolsnowwolf/luci
 src-git routing https://git.openwrt.org/feed/routing.git
 src-git telephony https://git.openwrt.org/feed/telephony.git

package/network/services/ppp/Makefile

@@ -9,19 +9,18 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=ppp
-PKG_RELEASE:=2
+PKG_RELEASE:=5
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/paulusmack/ppp
-PKG_SOURCE_DATE:=2020-05-25
-PKG_SOURCE_VERSION:=ddd57c279f467e18c4fb3a661f21a069a5a37a1f
-PKG_MIRROR_HASH:=aac65e65dd25eaf8978a7a0b3258c863d90e29e247dd33d95276c0c189bcd424
+PKG_SOURCE_VERSION:=78cd384ce0f48bb5edb84e4fe9a574eab4a4ad14
+PKG_MIRROR_HASH:=cf284c312b0c90974d11f8aeece173bcac8475f5b810911f4feb2c5a4db263fe
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_LICENSE:=BSD-4-Clause
 PKG_CPE_ID:=cpe:/a:samba:ppp
 
 PKG_RELEASE_VERSION:=2.4.8
-PKG_VERSION:=$(PKG_RELEASE_VERSION).git-$(PKG_SOURCE_DATE)
+PKG_VERSION:=$(PKG_RELEASE_VERSION)
 
 PKG_BUILD_DEPENDS:=libpcap
 
@@ -39,7 +38,7 @@ endef
 
 define Package/ppp
 $(call Package/ppp/Default)
-  DEPENDS:=+kmod-ppp
+  DEPENDS:=+kmod-ppp +libpthread +shellsync +kmod-mppe
   TITLE:=PPP daemon
   VARIANT:=default
 endef

package/network/services/ppp/files/ppp.sh

@@ -74,7 +74,7 @@ ppp_generic_init_config() {
 	proto_config_add_string pppd_options
 	proto_config_add_string 'connect:file'
 	proto_config_add_string 'disconnect:file'
-	[ -e /proc/sys/net/ipv6 ] && proto_config_add_string ipv6
+	proto_config_add_string ipv6
 	proto_config_add_boolean authfail
 	proto_config_add_int mtu
 	proto_config_add_string pppname
@@ -88,9 +88,7 @@ ppp_generic_setup() {
 	local config="$1"; shift
 	local localip
 
-	json_get_vars ip6table demand keepalive keepalive_adaptive username password pppd_options pppname unnumbered persist maxfail holdoff peerdns
-
-	[ ! -e /proc/sys/net/ipv6 ] && ipv6=0 || json_get_var ipv6 ipv6
+	json_get_vars ipv6 ip6table demand keepalive keepalive_adaptive username password pppd_options pppname unnumbered persist maxfail holdoff peerdns
 
 	if [ "$ipv6" = 0 ]; then
 		ipv6=""
@@ -151,9 +149,9 @@ ppp_generic_setup() {
 		${connect:+connect "$connect"} \
 		${disconnect:+disconnect "$disconnect"} \
 		ip-up-script /lib/netifd/ppp-up \
-		${ipv6:+ipv6-up-script /lib/netifd/ppp6-up} \
+		ipv6-up-script /lib/netifd/ppp6-up \
 		ip-down-script /lib/netifd/ppp-down \
-		${ipv6:+ipv6-down-script /lib/netifd/ppp-down} \
+		ipv6-down-script /lib/netifd/ppp-down \
 		${mtu:+mtu $mtu mru $mtu} \
 		"$@" $pppd_options
 }
@@ -233,7 +231,16 @@ proto_pppoe_setup() {
 	json_get_var padi_attempts padi_attempts
 	json_get_var padi_timeout padi_timeout
 
+#By 蝈蝈：并发拨号同步的前期准备
+	syncppp_option=""
+	[ "$(uci get syncdial.config.enabled)" -eq "1" ] && {
+		ppp_if_cnt=$(uci show network | grep -c "\.proto=\'pppoe\'$")
+		syncppp_option="syncppp $ppp_if_cnt"
+		shellsync $ppp_if_cnt 10
+	}
+
 	ppp_generic_setup "$config" \
+		$syncppp_option \
 		plugin rp-pppoe.so \
 		${ac:+rp_pppoe_ac "$ac"} \
 		${service:+rp_pppoe_service "$service"} \

package/network/services/ppp/patches/100-debian_ip-ip_option.patch

@@ -85,7 +85,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
        "Enable multilink operation", OPT_PRIO | 1 },
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -335,6 +335,8 @@ extern int	connect_delay;	/* Time to del
+@@ -334,6 +334,8 @@ extern int	connect_delay;	/* Time to del
  extern int	max_data_rate;	/* max bytes/sec through charshunt */
  extern int	req_unit;	/* interface unit number to use */
  extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */

package/network/services/ppp/patches/105-debian_demand.patch

@@ -161,7 +161,7 @@
      } else {
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -602,7 +602,7 @@ void demand_conf __P((void));	/* config
+@@ -601,7 +601,7 @@ void demand_conf __P((void));	/* config
  void demand_block __P((void));	/* set all NPs to queue up packets */
  void demand_unblock __P((void)); /* set all NPs to pass packets */
  void demand_discard __P((void)); /* set all NPs to discard packets */

package/network/services/ppp/patches/110-debian_defaultroute.patch

@@ -137,7 +137,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
  .B disconnect \fIscript
  Execute the command specified by \fIscript\fR, by passing it to a
  shell, after
-@@ -751,7 +756,12 @@ disable both forms of hardware flow cont
+@@ -746,7 +751,12 @@ disable both forms of hardware flow cont
  .TP
  .B nodefaultroute
  Disable the \fIdefaultroute\fR option.  The system administrator who
@@ -153,7 +153,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
  .B nodefaultroute6
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -684,7 +684,7 @@ int  sif6addr __P((int, eui64_t, eui64_t
+@@ -683,7 +683,7 @@ int  sif6addr __P((int, eui64_t, eui64_t
  int  cif6addr __P((int, eui64_t, eui64_t));
  				/* Remove an IPv6 address from i/f */
  #endif
@@ -292,7 +292,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
  }
 --- a/pppd/sys-solaris.c
 +++ b/pppd/sys-solaris.c
-@@ -2120,12 +2120,18 @@ cifaddr(u, o, h)
+@@ -2119,12 +2119,18 @@ cifaddr(u, o, h)
   * sifdefaultroute - assign a default route through the address given.
   */
  int

package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch

@@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
      }
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -337,6 +337,8 @@ extern int	req_unit;	/* interface unit n
+@@ -336,6 +336,8 @@ extern int	req_unit;	/* interface unit n
  extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */
  extern char	path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
  extern char	path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */

package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch

@@ -0,0 +1,56 @@
+--- a/pppd/lcp.c
++++ b/pppd/lcp.c
+@@ -72,6 +72,7 @@ static void lcp_delayed_up __P((void *))
+  */
+ int	lcp_echo_interval = 0; 	/* Interval between LCP echo-requests */
+ int	lcp_echo_fails = 0;	/* Tolerance to unanswered echo-requests */
++bool	lcp_echo_adaptive = 0;	/* request echo only if the link was idle */
+ bool	lax_recv = 0;		/* accept control chars in asyncmap */
+ bool	noendpoint = 0;		/* don't send/accept endpoint discriminator */
+ 
+@@ -150,6 +151,8 @@ static option_t lcp_option_list[] = {
+       OPT_PRIO },
+     { "lcp-echo-interval", o_int, &lcp_echo_interval,
+       "Set time in seconds between LCP echo requests", OPT_PRIO },
++    { "lcp-echo-adaptive", o_bool, &lcp_echo_adaptive,
++      "Suppress LCP echo requests if traffic was received", 1 },
+     { "lcp-restart", o_int, &lcp_fsm[0].timeouttime,
+       "Set time in seconds between LCP retransmissions", OPT_PRIO },
+     { "lcp-max-terminate", o_int, &lcp_fsm[0].maxtermtransmits,
+@@ -2330,6 +2333,22 @@ LcpSendEchoRequest (f)
+ 	}
+     }
+ 
++    /*
++     * If adaptive echos have been enabled, only send the echo request if
++     * no traffic was received since the last one.
++     */
++    if (lcp_echo_adaptive) {
++	static unsigned int last_pkts_in = 0;
++
++	update_link_stats(f->unit);
++	link_stats_valid = 0;
++
++	if (link_stats.pkts_in != last_pkts_in) {
++	    last_pkts_in = link_stats.pkts_in;
++	    return;
++	}
++    }
++
+     /*
+      * Make and send the echo request frame.
+      */
+--- a/pppd/pppd.8
++++ b/pppd/pppd.8
+@@ -575,6 +575,11 @@ to 1) if the \fIproxyarp\fR option is us
+ dynamic IP address option (i.e. set /proc/sys/net/ipv4/ip_dynaddr to
+ 1) in demand mode if the local address changes.
+ .TP
++.B lcp\-echo\-adaptive
++If this option is used with the \fIlcp\-echo\-failure\fR option then
++pppd will send LCP echo\-request frames only if no traffic was received
++from the peer since the last echo\-request was sent.
++.TP
+ .B lcp\-echo\-failure \fIn
+ If this option is given, pppd will presume the peer to be dead
+ if \fIn\fR LCP echo\-requests are sent without receiving a valid LCP

package/network/services/ppp/patches/200-makefile.patch

@@ -34,7 +34,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 
  CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
 
-@@ -126,10 +126,10 @@ CFLAGS   += -DHAS_SHADOW
+@@ -125,10 +125,10 @@ CFLAGS   += -DHAS_SHADOW
  #LIBS     += -lshadow $(LIBS)
  endif
 

package/network/services/ppp/patches/202-no_strip.patch

@@ -19,7 +19,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
  clean:
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -108,7 +108,7 @@ ifdef USE_SRP
+@@ -107,7 +107,7 @@ ifdef USE_SRP
  CFLAGS	+= -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
  LIBS	+= -lsrp -L/usr/local/ssl/lib -lcrypto
  TARGETS	+= srp-entry
@@ -28,7 +28,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
  MANPAGES += srp-entry.8
  EXTRACLEAN += srp-entry.o
  NEEDDES=y
-@@ -220,7 +220,7 @@ all: $(TARGETS)
+@@ -219,7 +219,7 @@ all: $(TARGETS)
  install: pppd
  	mkdir -p $(BINDIR) $(MANDIR)
  	$(EXTRAINSTALL)

package/network/services/ppp/patches/206-compensate_time_change.patch

@@ -0,0 +1,94 @@
+pppd: Watch out for time warps
+
+On many embedded systems there is no battery backed RTC and a proper system
+time only becomes available through NTP after establishing a connection.
+
+When the clock suddenly jumps forward, the internal accounting (connect time)
+is confused resulting in unreliable data.
+
+This patch implements periodic clock checking to look for time warps, if one
+is detected, the internal counters are adjusted accordingly.
+
+Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+
+--- a/pppd/main.c
++++ b/pppd/main.c
+@@ -89,6 +89,7 @@
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
++#include <sys/sysinfo.h>
+ 
+ #include "pppd.h"
+ #include "magic.h"
+@@ -226,6 +227,7 @@ static struct subprocess *children;
+ 
+ /* Prototypes for procedures local to this file. */
+ 
++static void check_time(void);
+ static void setup_signals __P((void));
+ static void create_pidfile __P((int pid));
+ static void create_linkpidfile __P((int pid));
+@@ -525,6 +527,7 @@ main(argc, argv)
+ 	    info("Starting link");
+ 	}
+ 
++	check_time();
+ 	gettimeofday(&start_time, NULL);
+ 	script_unsetenv("CONNECT_TIME");
+ 	script_unsetenv("BYTES_SENT");
+@@ -1274,6 +1277,36 @@ struct	callout {
+ 
+ static struct callout *callout = NULL;	/* Callout list */
+ static struct timeval timenow;		/* Current time */
++static long uptime_diff = 0;
++static int uptime_diff_set = 0;
++
++static void check_time(void)
++{
++	long new_diff;
++	struct timeval t;
++	struct sysinfo i;
++    struct callout *p;
++	
++	gettimeofday(&t, NULL);
++	sysinfo(&i);
++	new_diff = t.tv_sec - i.uptime;
++	
++	if (!uptime_diff_set) {
++		uptime_diff = new_diff;
++		uptime_diff_set = 1;
++		return;
++	}
++
++	if ((new_diff - 5 > uptime_diff) || (new_diff + 5 < uptime_diff)) {
++		/* system time has changed, update counters and timeouts */
++		info("System time change detected.");
++		start_time.tv_sec += new_diff - uptime_diff;
++		
++    	for (p = callout; p != NULL; p = p->c_next)
++			p->c_time.tv_sec += new_diff - uptime_diff;
++	}
++	uptime_diff = new_diff;
++}
+ 
+ /*
+  * timeout - Schedule a timeout.
+@@ -1344,6 +1377,8 @@ calltimeout()
+ {
+     struct callout *p;
+ 
++	check_time();
++	
+     while (callout != NULL) {
+ 	p = callout;
+ 
+@@ -1371,6 +1406,8 @@ timeleft(tvp)
+ {
+     if (callout == NULL)
+ 	return NULL;
++	
++	check_time();
+ 
+     gettimeofday(&timenow, NULL);
+     tvp->tv_sec = callout->c_time.tv_sec - timenow.tv_sec;

package/network/services/ppp/patches/208-fix_status_code.patch

@@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 
 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -1052,7 +1052,8 @@ get_input()
+@@ -1055,7 +1055,8 @@ get_input()
  	}
  	notice("Modem hangup");
  	hungup = 1;

package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch

@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -190,8 +190,8 @@ endif
+@@ -189,8 +189,8 @@ endif
 
  ifdef FILTER
  ifneq ($(wildcard /usr/include/pcap-bpf.h),)

package/network/services/ppp/patches/310-precompile_filter.patch

@@ -23,7 +23,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
  # Uncomment the next line to enable multilink PPP (enabled by default)
  # Linux distributions: Please leave multilink ENABLED in your builds
  # of pppd!
-@@ -195,6 +198,14 @@ CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)
+@@ -194,6 +197,14 @@ CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)
  endif
  endif
 
@@ -77,7 +77,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
  #ifdef MAXOCTETS
      { "maxoctets", o_int, &maxoctets,
        "Set connection traffic limit",
-@@ -1516,6 +1532,29 @@ callfile(argv)
+@@ -1511,6 +1527,29 @@ callfile(argv)
      return ok;
  }
 

package/network/services/ppp/patches/401-no_record_file.patch

@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -326,7 +326,6 @@ extern int	holdoff;	/* Dead time before
+@@ -325,7 +325,6 @@ extern int	holdoff;	/* Dead time before
  extern bool	holdoff_specified; /* true if user gave a holdoff value */
  extern bool	notty;		/* Stdin/out is not a tty */
  extern char	*pty_socket;	/* Socket to connect to pty */

package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch

@@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 
 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -883,14 +883,17 @@ struct protocol_list {
+@@ -886,14 +886,17 @@ struct protocol_list {
      const char	*name;
  } protocol_list[] = {
      { 0x21,	"IP" },
@@ -25,7 +25,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
      { 0x33,	"Stream Protocol ST-II" },
      { 0x35,	"Banyan Vines" },
      { 0x39,	"AppleTalk EDDP" },
-@@ -904,8 +907,11 @@ struct protocol_list {
+@@ -907,8 +910,11 @@ struct protocol_list {
      { 0x49,	"Serial Data Transport Protocol (PPP-SDTP)" },
      { 0x4b,	"SNA over 802.2" },
      { 0x4d,	"SNA" },
@@ -37,7 +37,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
      { 0x53,	"Encryption" },
      { 0x55,	"Individual Link Encryption" },
      { 0x57,	"IPv6" },
-@@ -916,12 +922,15 @@ struct protocol_list {
+@@ -919,12 +925,15 @@ struct protocol_list {
      { 0x65,	"RTP IPHC Compressed non-TCP" },
      { 0x67,	"RTP IPHC Compressed UDP 8" },
      { 0x69,	"RTP IPHC Compressed RTP 8" },
@@ -53,7 +53,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
      { 0x0203,	"IBM Source Routing BPDU" },
      { 0x0205,	"DEC LANBridge100 Spanning Tree" },
      { 0x0207,	"Cisco Discovery Protocol" },
-@@ -933,15 +942,19 @@ struct protocol_list {
+@@ -936,15 +945,19 @@ struct protocol_list {
      { 0x0231,	"Luxcom" },
      { 0x0233,	"Sigma Network Systems" },
      { 0x0235,	"Apple Client Server Protocol" },
@@ -73,7 +73,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
      { 0x4001,	"Cray Communications Control Protocol" },
      { 0x4003,	"CDPD Mobile Network Registration Protocol" },
      { 0x4005,	"Expand accelerator protocol" },
-@@ -952,8 +965,10 @@ struct protocol_list {
+@@ -955,8 +968,10 @@ struct protocol_list {
      { 0x4023,	"RefTek Protocol" },
      { 0x4025,	"Fibre Channel" },
      { 0x4027,	"EMIT Protocols" },
@@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
      { 0x8023,	"OSI Network Layer Control Protocol" },
      { 0x8025,	"Xerox NS IDP Control Protocol" },
      { 0x8027,	"DECnet Phase IV Control Protocol" },
-@@ -962,7 +977,9 @@ struct protocol_list {
+@@ -965,7 +980,9 @@ struct protocol_list {
      { 0x8031,	"Bridging NCP" },
      { 0x8033,	"Stream Protocol Control Protocol" },
      { 0x8035,	"Banyan Vines Control Protocol" },
@@ -94,7 +94,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
      { 0x803f,	"NETBIOS Framing Control Protocol" },
      { 0x8041,	"Cisco Systems Control Protocol" },
      { 0x8043,	"Ascom Timeplex" },
-@@ -971,18 +988,24 @@ struct protocol_list {
+@@ -974,18 +991,24 @@ struct protocol_list {
      { 0x8049,	"Serial Data Control Protocol (PPP-SDCP)" },
      { 0x804b,	"SNA over 802.2 Control Protocol" },
      { 0x804d,	"SNA Control Protocol" },
@@ -119,7 +119,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
      { 0x8207,	"Cisco Discovery Protocol Control" },
      { 0x8209,	"Netcs Twin Routing" },
      { 0x820b,	"STP - Control Protocol" },
-@@ -991,24 +1014,29 @@ struct protocol_list {
+@@ -994,24 +1017,29 @@ struct protocol_list {
      { 0x8281,	"MPLSCP" },
      { 0x8285,	"IEEE p1284.4 standard - Protocol Control" },
      { 0x8287,	"ETSI TETRA TNP1 Control Protocol" },

package/network/services/ppp/patches/511-syncppp.patch

@@ -0,0 +1,207 @@
+--- a/pppd/chap-new.c
++++ b/pppd/chap-new.c
+@@ -37,6 +37,8 @@
+ #include "chap-new.h"
+ #include "chap-md5.h"
+ 
++#include "syncppp.h"
++
+ #ifdef CHAPMS
+ #include "chap_ms.h"
+ #define MDTYPE_ALL (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT | MDTYPE_MD5)
+@@ -492,6 +494,19 @@ chap_respond(struct chap_client_state *c
+ 	p[2] = len >> 8;
+ 	p[3] = len;
+ 
++    if (npppd > 1) {
++        if (syncppp(npppd) < 0) {
++            error("syncppp sync fail");
++            sem_unlink(SEM_COUNT_NAME);
++            sem_unlink(SEM_BLOCK_NAME);
++        } else {
++            info("syncppp sync succeeded");
++        }   
++    } else {
++        info("syncppp not active");
++    }
++
++
+ 	output(0, response, PPP_HDRLEN + len);
+ }
+ 
+--- a/pppd/Makefile.linux
++++ b/pppd/Makefile.linux
+@@ -13,16 +13,16 @@ TARGETS = pppd
+ 
+ PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap-new.c md5.c ccp.c \
+ 	   ecp.c ipxcp.c auth.c options.c sys-linux.c md4.c chap_ms.c \
+-	   demand.c utils.c tty.c eap.c chap-md5.c session.c
++	   demand.c utils.c tty.c eap.c chap-md5.c session.c syncppp.c
+ 
+ HEADERS = ccp.h session.h chap-new.h ecp.h fsm.h ipcp.h \
+ 	ipxcp.h lcp.h magic.h md5.h patchlevel.h pathnames.h pppd.h \
+-	upap.h eap.h
++	upap.h eap.h syncppp.h
+ 
+ MANPAGES = pppd.8
+ PPPDOBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o md5.o ccp.o \
+ 	   ecp.o auth.o options.o demand.o utils.o sys-linux.o ipxcp.o tty.o \
+-	   eap.o chap-md5.o session.o
++	   eap.o chap-md5.o session.o syncppp.o
+ 
+ #
+ # include dependencies if present
+@@ -33,7 +33,7 @@ endif
+ # CC = gcc
+ #
+ COPTS = -O2 -pipe -Wall -g
+-LIBS =
++LIBS = -lpthread
+ 
+ # Uncomment the next line to include support for Microsoft's
+ # MS-CHAP authentication protocol.  Also, edit plugins/radius/Makefile.linux.
+--- a/pppd/options.c
++++ b/pppd/options.c
+@@ -128,6 +128,7 @@ bool	dump_options;		/* print out option
+ bool	dryrun;			/* print out option values and exit */
+ char	*domain;		/* domain name set by domain option */
+ int	child_wait = 5;		/* # seconds to wait for children at exit */
++int	npppd = 0;      /* synchronize between multiple pppd */
+ struct userenv *userenv_list;	/* user environment variables */
+ int	dfl_route_metric = -1;	/* metric of the default route to set over the PPP link */
+ 
+@@ -342,6 +343,10 @@ option_t general_options[] = {
+       "Set pathname of ipv6-down script",
+       OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+ 
++    { "syncppp", o_int, &npppd,
++      "sync among multiple pppd when sending chap/pap respond", OPT_PRIO },
++
++
+ #ifdef HAVE_MULTILINK
+     { "multilink", o_bool, &multilink,
+       "Enable multilink operation", OPT_PRIO | 1 },
+--- a/pppd/pppd.h
++++ b/pppd/pppd.h
+@@ -343,6 +343,7 @@ extern char	*bundle_name;	/* bundle name
+ extern bool	dump_options;	/* print out option values */
+ extern bool	dryrun;		/* check everything, print options, exit */
+ extern int	child_wait;	/* # seconds to wait for children at end */
++extern int npppd;  /* synchronize between multiple pppd */
+ 
+ #ifdef MAXOCTETS
+ extern unsigned int maxoctets;	     /* Maximum octetes per session (in bytes) */
+--- /dev/null
++++ b/pppd/syncppp.c
+@@ -0,0 +1,75 @@
++#include<stdio.h>
++#include<semaphore.h>
++#include<fcntl.h>
++#include<stdlib.h>
++#include<time.h>
++#include<errno.h>
++#include "pppd.h"
++#include "syncppp.h"
++
++int syncppp(int nproc)
++{
++    int flags;
++    int value;
++    sem_t *block; 
++    sem_t *count;
++    struct timespec ts;
++
++    if (nproc <= 1) {
++        error("syncppp: number of pppd should be larger than 1");
++        return -1;
++    }
++
++    if (clock_gettime(CLOCK_REALTIME, &ts) == -1) {
++        error("clock_gettime error");
++        return -1;
++    }
++    ts.tv_sec += SYNCPPP_TIMEOUT;
++
++
++    flags = O_RDWR | O_CREAT;
++    block = sem_open(SEM_BLOCK_NAME, flags, 0644, 0);
++    count = sem_open(SEM_COUNT_NAME, flags, 0644, 0);
++    if (block == SEM_FAILED || count == SEM_FAILED) {
++        error("syncppp: sem_open failed");
++        return -1;
++    }
++
++    if (sem_post(count) < 0) {
++        error("syncppp: sem_post failed");
++        return -1;
++    }
++    if (sem_getvalue(count, &value) < 0) {
++        error("syncppp: sem_getvalue failed");
++        return -1;
++    }
++    info("%d pppd have arrived, waiting for the left %d", value, nproc-value);
++    if (value >= nproc) {
++        while (nproc-1 > 0) {
++            if (sem_post(block) < 0) {
++                error("syncppp: sem_post failed");
++                return -1;
++            }
++            nproc--;
++        }
++    } else {
++        if (sem_timedwait(block, &ts) < 0) {
++            if (errno == ETIMEDOUT) {
++                error("syncppp: sem_timewait time out");
++            } else {
++                error("syncppp: sem_timewait error");
++            }
++            return -1;
++        }
++
++    }
++
++    sem_close(count);
++    sem_close(block);
++
++    sem_unlink(SEM_COUNT_NAME);
++    sem_unlink(SEM_BLOCK_NAME);
++
++    return 0;
++}
++
+--- /dev/null
++++ b/pppd/syncppp.h
+@@ -0,0 +1,3 @@
++#define SEM_BLOCK_NAME  "block"
++#define SEM_COUNT_NAME  "count"
++#define SYNCPPP_TIMEOUT 5
+--- a/pppd/upap.c
++++ b/pppd/upap.c
+@@ -52,6 +52,7 @@
+ #include "pppd.h"
+ #include "upap.h"
+ 
++#include "syncppp.h"
+ 
+ static bool hide_password = 1;
+ 
+@@ -567,6 +568,18 @@ upap_sauthreq(u)
+     PUTCHAR(u->us_passwdlen, outp);
+     BCOPY(u->us_passwd, outp, u->us_passwdlen);
+ 
++    if (npppd > 1) {
++        if (syncppp(npppd) < 0) {
++            error("syncppp sync fail");
++            sem_unlink(SEM_COUNT_NAME);
++            sem_unlink(SEM_BLOCK_NAME);
++        } else {
++            info("syncppp sync succeeded");
++        }
++    } else {
++        info("syncppp not active");
++    }   
++
+     output(u->us_unit, outpacket_buf, outlen + PPP_HDRLEN);
+ 
+     TIMEOUT(upap_timeout, u, u->us_timeouttime);
+

package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch

@@ -17,7 +17,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
 +++ b/pppd/Makefile.linux
 @@ -35,10 +35,10 @@ endif
  COPTS = -O2 -pipe -Wall -g
- LIBS = -lrt
+ LIBS =
 
 -# Uncomment the next line to include support for Microsoft's
 +# Uncomment the next 2 lines to include support for Microsoft's
@@ -28,7 +28,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
  # Don't use MSLANMAN unless you really know what you're doing.
  #MSLANMAN=y
  # Uncomment the next line to include support for MPPE.  CHAPMS (above) must
-@@ -141,8 +141,7 @@ endif
+@@ -140,8 +140,7 @@ endif
 
  ifdef NEEDDES
  ifndef USE_CRYPT

package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch

@@ -0,0 +1,30 @@
+From 858976b1fc3107f1261aae337831959b511b83c2 Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus@ozlabs.org>
+Date: Sat, 4 Jan 2020 12:01:32 +1100
+Subject: [PATCH] radius: Prevent buffer overflow in rc_mksid()
+
+On some systems getpid() can return a value greater than 65535.
+Increase the size of buf[] to allow for this, and use slprintf()
+to make sure we never overflow it.
+
+Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
+---
+ pppd/plugins/radius/util.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/pppd/plugins/radius/util.c b/pppd/plugins/radius/util.c
+index 6f976a712951..740131e8377c 100644
+--- a/pppd/plugins/radius/util.c
++++ b/pppd/plugins/radius/util.c
+@@ -73,9 +73,9 @@ void rc_mdelay(int msecs)
+ char *
+ rc_mksid (void)
+ {
+-  static char buf[15];
++  static char buf[32];
+   static unsigned short int cnt = 0;
+-  sprintf (buf, "%08lX%04X%02hX",
++  slprintf(buf, sizeof(buf), "%08lX%04X%02hX",
+ 	   (unsigned long int) time (NULL),
+ 	   (unsigned int) getpid (),
+ 	   cnt & 0xFF);

package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch

@@ -0,0 +1,37 @@
+From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus@ozlabs.org>
+Date: Mon, 3 Feb 2020 15:53:28 +1100
+Subject: [PATCH] pppd: Fix bounds check in EAP code
+
+Given that we have just checked vallen < len, it can never be the case
+that vallen >= len + sizeof(rhostname).  This fixes the check so we
+actually avoid overflowing the rhostname array.
+
+Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
+Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
+---
+ pppd/eap.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/pppd/eap.c b/pppd/eap.c
+index 94407f56a336..1b93db01aebd 100644
+--- a/pppd/eap.c
++++ b/pppd/eap.c
+@@ -1420,7 +1420,7 @@ int len;
+ 		}
+ 
+ 		/* Not so likely to happen. */
+-		if (vallen >= len + sizeof (rhostname)) {
++		if (len - vallen >= sizeof (rhostname)) {
+ 			dbglog("EAP: trimming really long peer name down");
+ 			BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
+ 			rhostname[sizeof (rhostname) - 1] = '\0';
+@@ -1846,7 +1846,7 @@ int len;
+ 		}
+ 
+ 		/* Not so likely to happen. */
+-		if (vallen >= len + sizeof (rhostname)) {
++		if (len - vallen >= sizeof (rhostname)) {
+ 			dbglog("EAP: trimming really long peer name down");
+ 			BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
+ 			rhostname[sizeof (rhostname) - 1] = '\0';

package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch

@@ -0,0 +1,61 @@
+From 8d45443bb5c9372b4c6a362ba2f443d41c5636af Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus@ozlabs.org>
+Date: Mon, 3 Feb 2020 16:31:42 +1100
+Subject: [PATCH] pppd: Ignore received EAP messages when not doing EAP
+
+This adds some basic checks to the subroutines of eap_input to check
+that we have requested or agreed to doing EAP authentication before
+doing any processing on the received packet.  The motivation is to
+make it harder for a malicious peer to disrupt the operation of pppd
+by sending unsolicited EAP packets.  Note that eap_success() already
+has a check that the EAP client state is reasonable, and does nothing
+(apart from possibly printing a debug message) if not.
+
+Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
+---
+ pppd/eap.c | 18 ++++++++++++++++++
+ 1 file changed, 18 insertions(+)
+
+diff --git a/pppd/eap.c b/pppd/eap.c
+index 1b93db01aebd..082e95343120 100644
+--- a/pppd/eap.c
++++ b/pppd/eap.c
+@@ -1328,6 +1328,12 @@ int len;
+ 	int fd;
+ #endif /* USE_SRP */
+ 
++	/*
++	 * Ignore requests if we're not open
++	 */
++	if (esp->es_client.ea_state <= eapClosed)
++		return;
++
+ 	/*
+ 	 * Note: we update es_client.ea_id *only if* a Response
+ 	 * message is being generated.  Otherwise, we leave it the
+@@ -1736,6 +1742,12 @@ int len;
+ 	u_char dig[SHA_DIGESTSIZE];
+ #endif /* USE_SRP */
+ 
++	/*
++	 * Ignore responses if we're not open
++	 */
++	if (esp->es_server.ea_state <= eapClosed)
++		return;
++
+ 	if (esp->es_server.ea_id != id) {
+ 		dbglog("EAP: discarding Response %d; expected ID %d", id,
+ 		    esp->es_server.ea_id);
+@@ -2047,6 +2059,12 @@ u_char *inp;
+ int id;
+ int len;
+ {
++	/*
++	 * Ignore failure messages if we're not open
++	 */
++	if (esp->es_client.ea_state <= eapClosed)
++		return;
++
+ 	if (!eap_client_active(esp)) {
+ 		dbglog("EAP unexpected failure message in state %s (%d)",
+ 		    eap_state_name(esp->es_client.ea_state),

package/network/services/shellsync/Makefile

@@ -0,0 +1,34 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=shellsync
+PKG_VERSION:=0.2
+PKG_RELEASE:=2
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/shellsync
+  CATEGORY:=Utilities
+  TITLE:=shellsync
+  DEPENDS:=+libpthread +kmod-macvlan
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+	$(CP) ./src/* $(PKG_BUILD_DIR)/
+endef
+
+define Package/shellsync/description
+A tool to sync different shell scripts.Based on syncppp patch by morfast.
+endef
+
+define Build/Compile
+	$(TARGET_CROSS)gcc -pthread -o $(PKG_BUILD_DIR)/shellsync $(PKG_BUILD_DIR)/shellsync.c
+endef
+
+define Package/shellsync/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/shellsync $(1)/usr/bin
+endef
+
+
+$(eval $(call BuildPackage,shellsync))

package/network/services/shellsync/src/shellsync.c

@@ -0,0 +1,106 @@
+/*************************************************************************
+	> File Name: shellsync.c
+	> Author: GuoGuo
+	> Mail: gch981213@gmail.com
+	> Created Time: 2014年11月06日 星期四 19时15分30秒
+ ************************************************************************/
+#include<stdio.h>
+#include<semaphore.h>
+#include<fcntl.h>
+#include<stdlib.h>
+#include<time.h>
+#include<errno.h>
+#define SEM_BLOCK_NAME  "SYNCSHELL_block"
+#define SEM_COUNT_NAME  "SYNCSHELL_count"
+int wait_timeout;
+int sync_wait(int nproc)
+{
+    int flags;
+    int value;
+    sem_t *block; 
+    sem_t *count;
+    struct timespec ts;
+
+    if (nproc <= 1) {
+        printf("sync_wait: number of processes should be larger than 1\n");
+        return -1;
+    }
+
+    if (clock_gettime(CLOCK_REALTIME, &ts) == -1) {
+        printf("clock_gettime error\n");
+        return -1;
+    }
+    ts.tv_sec += wait_timeout;
+
+
+    flags = O_RDWR | O_CREAT;
+    block = sem_open(SEM_BLOCK_NAME, flags, 0644, 0);
+    count = sem_open(SEM_COUNT_NAME, flags, 0644, 0);
+    if (block == SEM_FAILED || count == SEM_FAILED) {
+        printf("sync_wait: sem_open failed\n");
+        return -1;
+    }
+
+    if (sem_post(count) < 0) {
+        printf("sync_wait: sem_post failed\n");
+        return -1;
+    }
+    if (sem_getvalue(count, &value) < 0) {
+        printf("sync_wait: sem_getvalue failed\n");
+        return -1;
+    }
+    printf("%d processes have arrived, waiting for the left %d\n", value, nproc-value);
+    if (value >= nproc) {
+        while (nproc-1 > 0) {
+            if (sem_post(block) < 0) {
+                printf("sync_wait: sem_post failed\n");
+                return -1;
+            }
+            nproc--;
+        }
+    } else {
+        if (sem_timedwait(block, &ts) < 0) {
+            if (errno == ETIMEDOUT) {
+                printf("sync_wait: sem_timewait time out\n");
+            } else {
+                printf("sync_wait: sem_timewait error\n");
+            }
+            return -1;
+        }
+
+    }
+
+    sem_close(count);
+    sem_close(block);
+
+    sem_unlink(SEM_COUNT_NAME);
+    sem_unlink(SEM_BLOCK_NAME);
+
+    return 0;
+}
+
+int main(int argc,char *argv[])
+{
+    if(argc!=3)
+    {
+        printf("Usage: shellsync <process num> <wait_timeout>\n");
+    }
+    else
+    {
+        int proc_num;
+        sscanf(argv[1],"%d",&proc_num);
+        sscanf(argv[2],"%d",&wait_timeout);
+        if(sync_wait(proc_num)<0)
+        {
+            printf("Processes sync failed.\n");
+            sem_unlink(SEM_COUNT_NAME);
+            sem_unlink(SEM_BLOCK_NAME);
+            return 1;
+        }
+        else
+        {
+            printf("Processes sync succeed.\n");
+            return 0;
+        }
+    }
+}