Merge branch 'debian-sid' of github.com:xelerance/xl2tpd into debian-sid

.gitignore

@@ -1,7 +1,8 @@
 *.o
 *~
 *.bak
+*.sw?
+tags
 xl2tpd
 xl2tpd-control
 pfc
-tags

.travis.yml

@@ -1,9 +1,25 @@
-os:
-  - linux
-
 language: c
-compiler:
-  - gcc
+
+jobs:
+  include:
+    - os: linux
+      dist: xenial
+      compiler: gcc
+    - os: linux
+      dist: xenial
+      compiler: clang
+    - os: linux
+      dist: bionic
+      compiler: gcc
+    - os: linux
+      dist: bionic
+      compiler: clang
+    - os: linux
+      dist: focal
+      compiler: gcc
+    - os: linux
+      dist: focal
+      compiler: clang
 
 sudo: false
 
@@ -17,10 +33,12 @@ addons:
 
 cache:
   directories:
-  - $HOME/.ccache
+    - $HOME/.ccache
 
 before_script:
-    make clean
+  - make clean
 
 script:
-    make
+  - make
+  - ./xl2tpd-control --version
+  - ./xl2tpd-control --help

CHANGES

@@ -1,3 +1,75 @@
+v1.3.16 (October 23, 2020)
+* Re-add braces for if-else that have only statement [Samir Hussain]
+* xl2tpd-control refactoring [Alexander Naumov]
+* fix travis 'script' syntax [Alexander Naumov]
+* adding xl2tpd-control tests to travis [Alexander Naumov]
+* Re-adding text giving more inofrmation about using ipsec with xl2tpd [Samir Hussain]
+* Update README: typo, links to RFC, link to travis [Alexander Naumov]
+* Travis will test different compiler on linux distro [Samir Hussain]
+* Update travis for proper matrix [Samir Hussain]
+* Add Focal to travis testing [Samir Hussain]
+* yet another man-page update [Alexander Naumov]
+* update man-pages, fix typo [Alexander Naumov]
+* set_flow: result of operation is garbage or undefined [Alexander Naumov]
+* Update README [Alexander Naumov]
+* adding xl2tpd.init.patch [Alexander Naumov]
+* adding Makefile.patch [Alexander Naumov]
+* moving changes to separate file [Alexander Naumov]
+* sync/update spec file with official SUSE version [Alexander Naumov]
+* Set IP_PKTINFO even if setting of IPPROTO_IP fails (as it was in 1.3.9) [shadyhh]
+* Update .gitignore vim swap file [Samir Hussain]
+* Travis will test supported Ubuntu LTS distros [Samir Hussain]
+* Updating COMPATABILITY_ISSUES with info on Miktrotik servers [Samir Hussain]
+* Add work around for Android 10 maxium retries in COMPATIBILITY_ISSUES [Samir Hussain]
+* Add compatability issues with Ciso ASA [Samir Hussain]
+
+v1.3.15 (October 13, 2019)
+* Fix spacing of CONTRIBUTION.md [Samir Hussain]
+* Add CONTRIBUTION.md [Samir Hussain]
+* Specify missing log arguments [Patch by github user: 川島和津実]
+* Use matrix for .travis.yaml to test for multiple Linux distro [Samir Hussain]
+* Fixing .travis.yaml spacing warning [Samir Hussain]
+* Sockopt bug fix for multiple IP's [JDTX]
+* Add Clang as compiler test for travis [Samir Hussain]
+* Add info on building and installing xl2tpd [Samir Hussain]
+
+v1.3.14 (April 17, 2019)
+* osport.h: replace SUSv3-specific functions by POSIX variants [Fabrice Fontaine]
+* avp: Error Code field in Result Code AVP is optional [Pau Espin Pedrol]
+* network_thread: Early continue in loop to remove huge indented block [Pau Espin Pedrol]
+*  network_thread: Simplify while loop using for loop [Pau Espin Pedrol]
+* network: connect_pppol2tp: early return to avoid huge indentation block [Pau Espin Pedrol]
+* xl2tpd: start_pppd: Fix truncation of last character [Pau Espin Pedrol]
+* handle_packet: Remove unneded else clause when handling payload [Pau Espin Pedrol]
+* control: Split control message handling into its own function [Pau Espin Pedrol]
+* handle_packet: Rearrange code flow to simplify it [Pau Espin Pedrol]
+* avp: Early failure if no handler to remove indent block [Pau Espin Pedrol]
+* xl2tpd: Mark internal symbols as static [Pau Espin Pedrol]
+* Fix indentation and whitespace in code block [Pau Espin Pedrol]
+* xl2tpd: Remove unused variable [Pau Espin Pedrol]
+* network: Add missing close(kernel_fd) on init network failure [Pau Espin Pedrol]
+* network: Add missing close(server_fd) on init network failure [Pau Espin Pedrol]
+* Add 'cap backoff' option, limiting exponential backoff retries will
+  be delayed by exponentially longer time, unless that time is capped
+  by configuration. [Bart Trojanowski]
+* Add program to show status icon in system tray. [Github user: username34]
+* Add info on building and installing xl2tpd [Samir Hussain]
+* Update formatting of README.md [Samir Hussain]
+* Rename README.xl2tpd to README.md [Samir Hussain]
+* Update Debian changelog [Samir Hussain]
+
+v1.3.13 (December 3, 2018)
+* Specify email address for reporting security vulnerabilities [Samir Hussain]
+* Fix compile warning with USE_KERNEL in xl2tpd.c [Samir Hussain]
+* Applying patch that reduces compile warnings and fixes warnings from gcc and clang. [Gareth Ansell]
+* Fix compiler warnings in network.c [Gareth Ansell]
+* Add a make command for packaging's prep work [Samir Hussain]
+* Add Makefile directive for getting version [Samir Hussain]
+* Add a preproc for Watchguard firewall (Github issue #136) [daniel1111]
+* Convert from ISO-8859 to UTF-8 [Simon Deziel]
+* Update README to provide latest info on xl2tpd + Linux kernel 4.15+ [Samir Hussain]
+* Use dh_auto_build in order to allow cross compiles [Helmut Grohne]
+
 v1.3.12 (May 18, 2018)
 * TOS value to copy to the tunnel header (Yurkovskyy)
 * Fix for ENODEV (No such device) error with Linux kernel 4.15 (Douglas Kosovic)

COMPATIBILITY_ISSUES

@@ -0,0 +1,29 @@
+* Android  9 & 10 fails on maximum retries exceeded for tunnel
+
+There are reports that with Android 9 & 10, some users are getting "Maximum retries"
+error messages. It seems to related to some of the phones not responding to
+L2TP keepalive heartbeats
+
+A possible work around is to use the max_retries option. Using "max retries"
+in the xl2tpd.conf (e.g. max retries = 100) has known to work for some
+users. Alternatively, another works around is to not to enable L2TP
+keepalive on the VPN servers.
+
+For more information, please refer to: https://github.com/xelerance/xl2tpd/issues/191
+
+* Issues with Cisco ASA
+
+Some users are reporting that newer version of xl2tpd (1.310 onward) are
+not able to connect to Cisco ASA.
+
+A possible work around is to use x2ltpd 1.39 and disable use of kernel module
+(comment out the directive OSFLAGS+= -DUSE_KERNEL -D in the Makefile)
+
+For more information, please refer to: https://github.com/xelerance/xl2tpd/issues/187
+
+* AVP is incorrect size issues with Miktrotik server
+
+There are reports of problems connecting to Miktrotik server.
+
+Github user reported that the following configuration works for them:
+https://github.com/xelerance/xl2tpd/issues/156#issuecomment-678674101

CONTRIBUTION.md

@@ -0,0 +1,44 @@
+# Contributing to xl2tpd
+
+First of, thank you for taking the time to contribute.
+
+*Before spending a lot of time on something, please ask for feedback on your
+idea first!* You can ask in the [mailing list](https://lists.openswan.org/cgi-bin/mailman/listinfo/xl2tpd)
+or create an [issue](https://github.com/xelerance/xl2tpd/issues).
+
+This project welcomes contribution from the community! Here are a few
+suggestions:
+
+* Update the [ipv6 branch](https://github.com/xelerance/xl2tpd/tree/ipv6).
+  It needs to be tested and updated (it has diverged from master quite a bit).
+* Test and fix up the [libevent branch](https://github.com/xelerance/xl2tpd/tree/libevent).
+  There have been reports of crashes. They need to be investigated.  User can
+  get more information with the custom  *--debug-signals* and
+  *--debug-libevent* option (which is only in this branch)
+
+## **Did you find a bug?**
+
+To report a security issue please send an e-mail to [email protected]
+
+For non-security problems, ensure the bug was not already reported by
+searching on GitHub under "[Issues](https://github.com/xelerance/xl2tpd/issues)"
+and "[Pull requests](https://github.com/xelerance/xl2tpd/pulls)".
+
+When reporting an issue, please provide output and the content of the logs.
+
+## **Did you write a patch that fixes a bug?**
+
+* Open a new GitHub pull request with the patch.
+* Ensure the PR description clearly describes the problem and solution.
+  Include the relevant issue number if applicable.
+* Always write a clear log message for your commits. One-line messages are
+  fine for small changes, but bigger changes should look like this:
+
+    $ git commit -m "A brief summary of the commit
+    >
+    > A paragraph describing what changed and its impact."
+
+    $ git commit -m "A brief summary of the commit
+    >
+    > A paragraph describing what changed and its impact."
+

Makefile

@@ -7,6 +7,9 @@
 # This is free software.  You may distribute it under
 # the terms of the GNU General Public License,
 # version 2, or at your option any later version.
+
+include Makefile.ver
+
 #
 # Note on debugging flags:
 # -DDEBUG_ZLB shows all ZLB exchange traffic
@@ -97,7 +100,7 @@ OSFLAGS+= -DUSE_KERNEL
 
 IPFLAGS?= -DIP_ALLOCATION
 
-CFLAGS+= $(DFLAGS) -Os -Wall -DSANITY $(OSFLAGS) $(IPFLAGS)
+CFLAGS+= $(DFLAGS) -Os -Wall -Wextra -DSANITY $(OSFLAGS) $(IPFLAGS)
 HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h
 OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o
 SRCS=${OBJS:.o=.c} ${HDRS}
@@ -130,6 +133,15 @@ pfc:
 romfs:
 	$(ROMFSINST) /bin/$(EXEC)
 
+version:
+	@echo ${XL2TPDVERSION}
+
+packagingprep:
+	sed -i "s/XL2TPDVERSION=.*/XL2TPDVERSION=${XL2TPDBASEVERSION}/" Makefile.ver
+	sed -i "s/#define SERVER_VERSION .*/#define SERVER_VERSION \"xl2tpd-${XL2TPDBASEVERSION}\"/" l2tp.h
+	sed -i "s/Version: .*/Version: ${XL2TPDBASEVERSION}/" packaging/*/*.spec
+	sed -i "s/PKG_VERSION:=.*/PKG_VERSION:=${XL2TPDBASEVERSION}/" packaging/openwrt/Makefile
+
 install: ${EXEC} pfc ${CONTROL_EXEC}
 	install -d -m 0755 ${SBINDIR}
 	install -m 0755 $(EXEC) ${SBINDIR}/$(EXEC)

Makefile.ver

@@ -0,0 +1 @@
+XL2TPDVERSION=1.3.16

README.md

@@ -0,0 +1,47 @@
+# xl2tpd
+
+[![Build Status](https://travis-ci.org/xelerance/xl2tpd.svg?branch=1.3.16dev)](https://travis-ci.org/xelerance/xl2tpd)
+
+xl2tpd is a **FREE** implementation of the Layer 2 Tunneling Protocol
+as defined by [RFC 2661](https://tools.ietf.org/rfc/rfc2661.txt).
+L2TP allows you to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user
+sessions from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP
+servers. Another important application is Virtual Private Networks where
+the IPsec protocol is used to secure the L2TP connection (L2TP/IPsec is
+defined by [RFC 3193](https://tools.ietf.org/rfc/rfc3193.txt). xl2tpd can
+be used in combination with IPsec implementations such as Openswan. Example
+configuration files for such a setup are included in the examples directory.
+
+xl2tpd uses a pseudo-tty to communicate with pppd.
+It runs in userspace but supports kernel mode L2TP.
+
+xl2tpd supports IPsec SA Reference tracking to enable overlapping internal
+NAT'ed IP's by different clients (eg all clients connecting from their
+linksys internal IP 192.168.1.101) as well as multiple clients behind
+the same NAT router.
+
+Xl2tpd is based on the L2TP code base of Jeff McAdams <[email protected]>.
+It was de-facto maintained by Jacco de Leeuw <[email protected]> in 2002 and 2003.
+
+NOTE: In Linux kernel 4.15+ there is a kernel bug with ancillary IP_PKTINFO.
+      As such, for Linux kernel 4.15+ we recommend the community use xl2tpd
+      1.3.12+
+
+## Build and install
+    make
+    sudo make install
+
+The xl2tpd.conf(5) man page has details on how to configure xl2tpd.
+
+
+## Mailing Lists
+
+https://lists.openswan.org/cgi-bin/mailman/listinfo/xl2tpd
+is home of the mailing list.
+
+Note: This is a closed list - you **must** be subscribed to be able
+to post mails.
+
+## Security Vulnerability
+
+Security vulnerabilities can be e-mailed to: [email protected]