diff options
Diffstat (limited to 'meta/recipes-connectivity')
214 files changed, 5007 insertions, 16861 deletions
diff --git a/meta/recipes-connectivity/avahi/avahi-ui_0.6.32.bb b/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb index ac364618e4..1510a0ef4f 100644 --- a/meta/recipes-connectivity/avahi/avahi-ui_0.6.32.bb +++ b/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb @@ -1,32 +1,18 @@ -LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ - file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ - file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ - file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ - file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" - require avahi.inc -inherit distro_features_check +inherit features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" -SRC_URI += "file://0001-configure.ac-install-GtkBuilder-interface-files-for-.patch" -SRC_URI[md5sum] = "22b5e705d3eabb31d26f2e1e7b074013" -SRC_URI[sha256sum] = "d54991185d514a0aba54ebeb408d7575b60f5818a772e28fa0e18b98bc1db454" - DEPENDS += "avahi" AVAHI_GTK = "gtk3" S = "${WORKDIR}/avahi-${PV}" -PACKAGES = "${PN} ${PN}-utils ${PN}-dbg ${PN}-dev ${PN}-staticdev ${PN}-doc avahi-discover" +PACKAGES += "${PN}-utils avahi-discover" FILES_${PN} = "${libdir}/libavahi-ui*.so.*" -FILES_${PN}-dev += "${libdir}/libavahi-ui${SOLIBSDEV}" -FILES_${PN}-staticdev += "${libdir}/libavahi-ui.a" - FILES_${PN}-utils = "${bindir}/b* ${datadir}/applications/b*" - FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \ ${datadir}/avahi/interfaces/avahi-discover.ui \ ${bindir}/avahi-discover-standalone \ @@ -34,7 +20,13 @@ FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \ do_install_append () { rm ${D}${sysconfdir} -rf - rm ${D}${base_libdir} -rf + if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)}; then + if [ "${nonarch_base_libdir}" != "${base_libdir}" ];then + rm ${D}${nonarch_base_libdir} -rf + fi + else + rm ${D}${base_libdir} -rf + fi rm ${D}${systemd_unitdir} -rf # The ${systemd_unitdir} is /lib/systemd, so we need rmdir /lib, # but not ${base_libdir} here. And the /lib may not exist @@ -52,7 +44,6 @@ do_install_append () { rm ${D}${libdir}/pkgconfig/avahi-g* rm ${D}${sbindir} -rf rm ${D}${datadir}/avahi/a* - rm ${D}${datadir}/avahi/s* rm ${D}${datadir}/locale/ -rf rm ${D}${datadir}/dbus* -rf rm ${D}${mandir}/man1/a* @@ -61,4 +52,3 @@ do_install_append () { rm ${D}${libdir}/girepository-1.0/ -rf rm ${D}${datadir}/gir-1.0/ -rf } - diff --git a/meta/recipes-connectivity/avahi/avahi.inc b/meta/recipes-connectivity/avahi/avahi.inc index 234646d291..94fe6a16b6 100644 --- a/meta/recipes-connectivity/avahi/avahi.inc +++ b/meta/recipes-connectivity/avahi/avahi.inc @@ -13,37 +13,32 @@ SECTION = "network" # major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and # python scripts are under GPLv2+ LICENSE = "GPLv2+ & LGPLv2.1+" - -DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native" +LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ + file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ + file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ + file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ + file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz \ - file://00avahi-autoipd \ - file://99avahi-autoipd \ - file://initscript.patch \ - " + file://fix-CVE-2017-6519.patch \ + " + UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" +SRC_URI[md5sum] = "d76c59d0882ac6c256d70a2a585362a6" +SRC_URI[sha256sum] = "57a99b5dfe7fdae794e3d1ee7a62973a368e91e414bd0dfa5d84434de5b14804" + +DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native" -# For gtk related PACKAGECONFIGs: gtk, gtk3 and pygtk +# For gtk related PACKAGECONFIGs: gtk, gtk3 AVAHI_GTK ?= "" PACKAGECONFIG ??= "dbus ${AVAHI_GTK}" PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+" PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3" -PACKAGECONFIG[pygtk] = "--enable-pygtk,--disable-pygtk," - -USERADD_PACKAGES = "avahi-daemon avahi-autoipd" -USERADD_PARAM_avahi-daemon = "--system --home /var/run/avahi-daemon \ - --no-create-home --shell /bin/false \ - --user-group avahi" - -USERADD_PARAM_avahi-autoipd = "--system --home /var/run/avahi-autoipd \ - --no-create-home --shell /bin/false \ - --user-group \ - -c \"Avahi autoip daemon\" \ - avahi-autoipd" +PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus" -inherit autotools pkgconfig update-rc.d gettext useradd gobject-introspection +inherit autotools pkgconfig gettext gobject-introspection EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ --disable-stack-protector \ @@ -54,7 +49,7 @@ EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ --disable-qt4 \ --disable-python \ --disable-doxygen-doc \ - --disable-manpages \ + --enable-manpages \ ${EXTRA_OECONF_SYSVINIT} \ ${EXTRA_OECONF_SYSTEMD} \ " @@ -63,10 +58,6 @@ EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}" EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_unitdir}/system/','--without-systemdsystemunitdir',d)}" - -LDFLAGS_append_libc-uclibc = " -lintl" -LDFLAGS_append_uclinux-uclibc = " -lintl" - do_configure_prepend() { sed 's:AM_CHECK_PYMOD:echo "no pymod" #AM_CHECK_PYMOD:g' -i ${S}/configure.ac @@ -78,88 +69,18 @@ do_compile_prepend() { export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs" } -PACKAGES =+ "avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib libavahi-ui avahi-autoipd avahi-utils" - -# As avahi doesn't put any files into PN, clear the files list to avoid problems -# if extra libraries appear. -FILES_${PN} = "" -FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \ - ${sysconfdir}/avahi/avahi-autoipd.action \ - ${sysconfdir}/dhcp/*/avahi-autoipd \ - ${sysconfdir}/udhcpc.d/00avahi-autoipd \ - ${sysconfdir}/udhcpc.d/99avahi-autoipd" -FILES_libavahi-common = "${libdir}/libavahi-common.so.*" -FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" -FILES_avahi-daemon = "${sbindir}/avahi-daemon \ - ${sysconfdir}/avahi/avahi-daemon.conf \ - ${sysconfdir}/avahi/hosts \ - ${sysconfdir}/avahi/services \ - ${sysconfdir}/dbus-1 \ - ${sysconfdir}/init.d/avahi-daemon \ - ${datadir}/avahi/introspection/*.introspect \ - ${datadir}/avahi/avahi-service.dtd \ - ${datadir}/avahi/service-types \ - ${datadir}/dbus-1/system-services" -FILES_libavahi-client = "${libdir}/libavahi-client.so.*" -FILES_libavahi-ui = "${libdir}/libavahi-ui.so.*" -FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ - ${sysconfdir}/avahi/avahi-dnsconfd.action \ - ${sysconfdir}/init.d/avahi-dnsconfd" -FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*" -FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" -FILES_avahi-utils = "${bindir}/avahi-*" - -RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV}) libavahi-client (= ${EXTENDPKGV})" - -# uclibc has no nss -RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns" RRECOMMENDS_${PN}_append_libc-glibc = " libnss-mdns" -RRECOMMENDS_avahi-dev = "expat-dev libcap-dev libdaemon-dev dbus-dev glib-2.0-dev update-rc.d-dev" -RRECOMMENDS_avahi-dev_append_libc-glibc = " gettext-dev" - -RRECOMMENDS_avahi-dev[nodeprrecs] = "1" - -CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf" - -INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd" -INITSCRIPT_NAME_avahi-daemon = "avahi-daemon" -INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19" -INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd" -INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19" - do_install() { autotools_do_install - - # don't install /var/run when populating rootfs. Do it through volatile - # /var/run of current version is empty, so just remove it. - # if /var/run become non-empty in the future, need to install it via volatile - rm -rf ${D}${localstatedir}/run - rmdir --ignore-fail-on-non-empty ${D}${localstatedir} + rm -rf ${D}/run rm -rf ${D}${datadir}/dbus-1/interfaces test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 rm -rf ${D}${libdir}/avahi - - install -d ${D}${sysconfdir}/udhcpc.d - install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d - install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d } -# At the time the postinst runs, dbus might not be setup so only restart if running -# Don't exit early, because update-rc.d needs to run subsequently. +PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}" -pkg_postinst_avahi-daemon () { -if [ -z "$D" ]; then - killall -q -HUP dbus-daemon || true -fi -} +FILES_libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*" -pkg_postrm_avahi-daemon () { - deluser avahi || true - delgroup avahi || true -} - -pkg_postrm_avahi-autoipd () { - deluser avahi-autoipd || true - delgroup avahi-autoipd || true -} +RPROVIDES_libavahi-compat-libdnssd = "libdns-sd" diff --git a/meta/recipes-connectivity/avahi/avahi_0.6.32.bb b/meta/recipes-connectivity/avahi/avahi_0.6.32.bb deleted file mode 100644 index bfa63044ea..0000000000 --- a/meta/recipes-connectivity/avahi/avahi_0.6.32.bb +++ /dev/null @@ -1,22 +0,0 @@ -require avahi.inc - -inherit systemd - -SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd" -SYSTEMD_SERVICE_${PN}-daemon = "avahi-daemon.service" -SYSTEMD_SERVICE_${PN}-dnsconfd = "avahi-dnsconfd.service" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ - file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ - file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ - file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ - file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" - -SRC_URI += "file://avahi-fix-resource-unavaiable.patch" - -SRC_URI[md5sum] = "22b5e705d3eabb31d26f2e1e7b074013" -SRC_URI[sha256sum] = "d54991185d514a0aba54ebeb408d7575b60f5818a772e28fa0e18b98bc1db454" - -DEPENDS += "intltool-native" - -PACKAGES =+ "libavahi-gobject" diff --git a/meta/recipes-connectivity/avahi/avahi_0.7.bb b/meta/recipes-connectivity/avahi/avahi_0.7.bb new file mode 100644 index 0000000000..2e04d304c7 --- /dev/null +++ b/meta/recipes-connectivity/avahi/avahi_0.7.bb @@ -0,0 +1,81 @@ +require avahi.inc + +SRC_URI += "file://00avahi-autoipd \ + file://99avahi-autoipd \ + file://initscript.patch \ + file://0001-Fix-opening-etc-resolv.conf-error.patch \ + " + +inherit update-rc.d systemd useradd + +PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils" + +# As avahi doesn't put any files into PN, clear the files list to avoid problems +# if extra libraries appear. +FILES_${PN} = "" +FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \ + ${sysconfdir}/avahi/avahi-autoipd.action \ + ${sysconfdir}/dhcp/*/avahi-autoipd \ + ${sysconfdir}/udhcpc.d/00avahi-autoipd \ + ${sysconfdir}/udhcpc.d/99avahi-autoipd" +FILES_libavahi-common = "${libdir}/libavahi-common.so.*" +FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" +FILES_avahi-daemon = "${sbindir}/avahi-daemon \ + ${sysconfdir}/avahi/avahi-daemon.conf \ + ${sysconfdir}/avahi/hosts \ + ${sysconfdir}/avahi/services \ + ${sysconfdir}/dbus-1 \ + ${sysconfdir}/init.d/avahi-daemon \ + ${datadir}/avahi/introspection/*.introspect \ + ${datadir}/avahi/avahi-service.dtd \ + ${datadir}/avahi/service-types \ + ${datadir}/dbus-1/system-services" +FILES_libavahi-client = "${libdir}/libavahi-client.so.*" +FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ + ${sysconfdir}/avahi/avahi-dnsconfd.action \ + ${sysconfdir}/init.d/avahi-dnsconfd" +FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*" +FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" +FILES_avahi-utils = "${bindir}/avahi-*" + +RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})" +RDEPENDS_${PN}-dev += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}" + +RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns" + +CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf" + +USERADD_PACKAGES = "avahi-daemon avahi-autoipd" +USERADD_PARAM_avahi-daemon = "--system --home /run/avahi-daemon \ + --no-create-home --shell /bin/false \ + --user-group avahi" + +USERADD_PARAM_avahi-autoipd = "--system --home /run/avahi-autoipd \ + --no-create-home --shell /bin/false \ + --user-group \ + -c \"Avahi autoip daemon\" \ + avahi-autoipd" + +INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd" +INITSCRIPT_NAME_avahi-daemon = "avahi-daemon" +INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19" +INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd" +INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19" + +SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd" +SYSTEMD_SERVICE_${PN}-daemon = "avahi-daemon.service" +SYSTEMD_SERVICE_${PN}-dnsconfd = "avahi-dnsconfd.service" + +do_install_append() { + install -d ${D}${sysconfdir}/udhcpc.d + install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d + install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d +} + +# At the time the postinst runs, dbus might not be setup so only restart if running +# Don't exit early, because update-rc.d needs to run subsequently. +pkg_postinst_avahi-daemon () { +if [ -z "$D" ]; then + killall -q -HUP dbus-daemon || true +fi +} diff --git a/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch b/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch new file mode 100644 index 0000000000..cb8b83fd23 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch @@ -0,0 +1,45 @@ +From 78967814f5c37ed67f4cf64d70c9f76a03ee89bc Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 20 Jun 2018 13:57:35 +0800 +Subject: [PATCH] Fix opening /etc/resolv.conf error + +Fix to start avahi-daemon after systemd-resolved.service. This is because +/etc/resolv.conf is a link to /etc/resolv-conf.systemd which in turn is +a symlink to /run/systemd/resolve/resolv.conf. And /run/systemd/resolve/resolv.conf +is created by systemd-resolved.service by default in current OE's systemd +based systems. + +This fixes errro like below. + + Failed to open /etc/resolv.conf: Invalid argument + +In fact, handling of /etc/resolv.conf is quite distro specific. So this patch +is marked as OE specific. + +Upstream-Status: Inappropriate [OE Specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> + +When connman installed to image, /etc/resolv.conf is link to +/etc/resolv-conf.connman. So launch avahi-daemon after connman too. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- + avahi-daemon/avahi-daemon.service.in | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/avahi-daemon/avahi-daemon.service.in b/avahi-daemon/avahi-daemon.service.in +index 548c834..63e28e4 100644 +--- a/avahi-daemon/avahi-daemon.service.in ++++ b/avahi-daemon/avahi-daemon.service.in +@@ -18,6 +18,7 @@ + [Unit] + Description=Avahi mDNS/DNS-SD Stack + Requires=avahi-daemon.socket ++After=systemd-resolved.service connman.service + + [Service] + Type=dbus +-- +2.11.0 + diff --git a/meta/recipes-connectivity/avahi/files/0001-configure.ac-install-GtkBuilder-interface-files-for-.patch b/meta/recipes-connectivity/avahi/files/0001-configure.ac-install-GtkBuilder-interface-files-for-.patch deleted file mode 100644 index 8ccef08dfc..0000000000 --- a/meta/recipes-connectivity/avahi/files/0001-configure.ac-install-GtkBuilder-interface-files-for-.patch +++ /dev/null @@ -1,28 +0,0 @@ -From a59f13fab31a6e25bb03b2c2bc3aea576f857b6c Mon Sep 17 00:00:00 2001 -From: Jussi Kukkonen <jussi.kukkonen@intel.com> -Date: Sun, 12 Jun 2016 18:32:49 +0300 -Subject: [PATCH] configure.ac: install GtkBuilder interface files for GTK+3 - too - -Upstream-Status: Pending -Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index aebb716..48bdf63 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -965,7 +965,7 @@ AC_SUBST(avahi_socket) - # - # Avahi interfaces dir - # --if test "x$HAVE_PYTHON_DBUS" = "xyes" -o "x$HAVE_GTK" = "xyes"; then -+if test "x$HAVE_PYTHON_DBUS" = "xyes" -o "x$HAVE_GTK" = "xyes" -o "x$HAVE_GTK3" = "xyes"; then - interfacesdir="${datadir}/${PACKAGE}/interfaces/" - AC_SUBST(interfacesdir) - fi --- -2.1.4 - diff --git a/meta/recipes-connectivity/avahi/files/avahi-fix-resource-unavaiable.patch b/meta/recipes-connectivity/avahi/files/avahi-fix-resource-unavaiable.patch deleted file mode 100644 index 5a2fd75f55..0000000000 --- a/meta/recipes-connectivity/avahi/files/avahi-fix-resource-unavaiable.patch +++ /dev/null @@ -1,30 +0,0 @@ -Upstream-Status: Backport - -Backport from: -https://github.com/experimental-platform/platform-hostname-avahi/pull/9 - -It sometimes fails to run avahi with error: "Could not receive return value -from daemon process". It has same root cause with -https://github.com/lxc/lxc/issues/25. - -Signed-off-by: Kai Kang <kai.kang@windriver.com> ---- -From 5150983102ad5ad43f0dae203cb332c168eb5a71 Mon Sep 17 00:00:00 2001 -From: Hinnerk Haardt <haardt@information-control.de> -Date: Thu, 17 Dec 2015 11:52:19 +0100 -Subject: [PATCH] Fix `chroot.c: fork() failed: Resource temporarily - unavailable` as per https://github.com/lxc/lxc/issues/25. - ---- - avahi-daemon/avahi-daemon.conf | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/avahi-daemon/avahi-daemon.conf b/avahi-daemon/avahi-daemon.conf -index 95166f8..3d5b7a6 100644 ---- a/avahi-daemon/avahi-daemon.conf -+++ b/avahi-daemon/avahi-daemon.conf -@@ -65,4 +65,3 @@ rlimit-data=4194304 - rlimit-fsize=0 - rlimit-nofile=768 - rlimit-stack=4194304 --rlimit-nproc=3 diff --git a/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch b/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch new file mode 100644 index 0000000000..7461fe193d --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch @@ -0,0 +1,48 @@ +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/e111def] + +CVE: CVE-2017-6519 + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From e111def44a7df4624a4aa3f85fe98054bffb6b4f Mon Sep 17 00:00:00 2001 +From: Trent Lloyd <trent@lloyd.id.au> +Date: Sat, 22 Dec 2018 09:06:07 +0800 +Subject: [PATCH] Drop legacy unicast queries from address not on local link + +When handling legacy unicast queries, ensure that the source IP is +inside a subnet on the local link, otherwise drop the packet. + +Fixes #145 +Fixes #203 +CVE-2017-6519 +CVE-2018-1000845 +--- + avahi-core/server.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/avahi-core/server.c b/avahi-core/server.c +index a2cb19a8..a2580e38 100644 +--- a/avahi-core/server.c ++++ b/avahi-core/server.c +@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres + + if (avahi_dns_packet_is_query(p)) { + int legacy_unicast = 0; ++ char t[AVAHI_ADDRESS_STR_MAX]; + + /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the + * AR section completely here, so far. Until the day we add +@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres + legacy_unicast = 1; + } + ++ if (!is_mdns_mcast_address(dst_address) && ++ !avahi_interface_address_on_link(i, src_address)) { ++ ++ avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol); ++ return; ++ } ++ + if (legacy_unicast) + reflect_legacy_unicast_query_packet(s, p, i, src_address, port); + diff --git a/meta/recipes-connectivity/avahi/files/initscript.patch b/meta/recipes-connectivity/avahi/files/initscript.patch index 193889eb5c..c856c3df04 100644 --- a/meta/recipes-connectivity/avahi/files/initscript.patch +++ b/meta/recipes-connectivity/avahi/files/initscript.patch @@ -1,10 +1,10 @@ Upstream-Status: Pending -diff --git a/initscript/debian/avahi-daemon.in b/initscript/debian/avahi-daemon.in -index 30a2c2f..b5848a8 100755 ---- a/initscript/debian/avahi-daemon.in -+++ b/initscript/debian/avahi-daemon.in -@@ -1,2 +1,14 @@ +Index: avahi-0.7/initscript/debian/avahi-daemon.in +=================================================================== +--- avahi-0.7.orig/initscript/debian/avahi-daemon.in ++++ avahi-0.7/initscript/debian/avahi-daemon.in +@@ -1,5 +1,17 @@ #!/bin/sh - +### BEGIN INIT INFO @@ -20,11 +20,14 @@ index 30a2c2f..b5848a8 100755 +# automatically +### END INIT INFO +# -diff --git a/initscript/debian/avahi-dnsconfd.in b/initscript/debian/avahi-dnsconfd.in -index ac34804..f95c340 100755 ---- a/initscript/debian/avahi-dnsconfd.in -+++ b/initscript/debian/avahi-dnsconfd.in -@@ -1,1 +1,14 @@ + # This file is part of avahi. + # + # avahi is free software; you can redistribute it and/or modify it +Index: avahi-0.7/initscript/debian/avahi-dnsconfd.in +=================================================================== +--- avahi-0.7.orig/initscript/debian/avahi-dnsconfd.in ++++ avahi-0.7/initscript/debian/avahi-dnsconfd.in +@@ -1,4 +1,17 @@ #!/bin/sh +### BEGIN INIT INFO +# Provides: avahi-dnsconfd @@ -39,3 +42,6 @@ index ac34804..f95c340 100755 +# automatically +### END INIT INFO +# + + # This file is part of avahi. + # diff --git a/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch b/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch new file mode 100644 index 0000000000..8db96ec049 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch @@ -0,0 +1,27 @@ +From 31dde3562f287429eea94b77250d184818b49063 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Mon, 15 Oct 2018 16:55:09 +0800 +Subject: [PATCH] avoid start failure with bind user + +Upstream-Status: Pending + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + init.d | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/init.d b/init.d +index b2eec60..6e03936 100644 +--- a/init.d ++++ b/init.d +@@ -57,6 +57,7 @@ case "$1" in + modprobe capability >/dev/null 2>&1 || true + if [ ! -f /etc/bind/rndc.key ]; then + /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom ++ chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true + chmod 0640 /etc/bind/rndc.key + fi + if [ -f /var/run/named/named.pid ]; then +-- +2.7.4 + diff --git a/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch b/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch deleted file mode 100644 index 805cbb3315..0000000000 --- a/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch +++ /dev/null @@ -1,50 +0,0 @@ -xml2-config is disabled, so change the configure script to use pkgconfig to find -libxml2. - -Upstream-Status: Inappropriate -Signed-off-by: Ross Burton <ross.burton@intel.com> - -Update context for version 9.10.3-P2. - -Signed-off-by: Kai Kang <kai.kang@windriver.com> ---- - configure.in | 23 +++-------------------- - 1 file changed, 3 insertions(+), 20 deletions(-) - -diff --git a/configure.in b/configure.in -index 0db826d..75819eb 100644 ---- a/configure.in -+++ b/configure.in -@@ -2107,26 +2107,9 @@ case "$use_libxml2" in - DST_LIBXML2_INC="" - ;; - auto|yes) -- case X`(xml2-config --version) 2>/dev/null` in -- X2.[[6789]].*) -- libxml2_libs=`xml2-config --libs` -- libxml2_cflags=`xml2-config --cflags` -- ;; -- *) -- if test "$use_libxml2" = "yes" ; then -- AC_MSG_RESULT(no) -- AC_MSG_ERROR(required libxml2 version not available) -- else -- libxml2_libs= -- libxml2_cflags= -- fi -- ;; -- esac -- ;; -- *) -- if test -f "$use_libxml2/bin/xml2-config" ; then -- libxml2_libs=`$use_libxml2/bin/xml2-config --libs` -- libxml2_cflags=`$use_libxml2/bin/xml2-config --cflags` -+ if pkg-config --exists libxml-2.0 ; then -+ libxml2_libs=`pkg-config libxml-2.0 --libs` -+ libxml2_cflags=`pkg-config libxml-2.0 --cflags` - fi - ;; - esac --- -2.1.4 - diff --git a/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch b/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch new file mode 100644 index 0000000000..9d31b98080 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch @@ -0,0 +1,30 @@ +From 2325a92f1896a2a7f586611686801b41fbc91b50 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Mon, 27 Aug 2018 15:00:51 +0800 +Subject: [PATCH] configure.in: remove useless `-L$use_openssl/lib' + +Since `--with-openssl=${STAGING_DIR_HOST}${prefix}' is used in bind recipe, +the `-L$use_openssl/lib' has a hardcoded suffix, removing it is harmless +and helpful for clean up host build path in isc-config.sh + +Upstream-Status: Inappropriate [oe-core specific] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> + +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index e85a5c6..2bbfc58 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1631,7 +1631,7 @@ If you don't want OpenSSL, use --without-openssl]) + fi + ;; + *) +- DST_OPENSSL_LIBS="-L$use_openssl/lib -lcrypto" ++ DST_OPENSSL_LIBS="-lcrypto" + ;; + esac + fi diff --git a/meta/recipes-connectivity/bind/bind/0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch b/meta/recipes-connectivity/bind/bind/0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch deleted file mode 100644 index 1215093716..0000000000 --- a/meta/recipes-connectivity/bind/bind/0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch +++ /dev/null @@ -1,25 +0,0 @@ -Upstream-Status: Pending - -Subject: gen.c: extend DIRNAMESIZE from 256 to 512 - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - lib/dns/gen.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/dns/gen.c b/lib/dns/gen.c -index 7a7dafb..51a0435 100644 ---- a/lib/dns/gen.c -+++ b/lib/dns/gen.c -@@ -148,7 +148,7 @@ static const char copyright[] = - #define TYPECLASSBUF (TYPECLASSLEN + 1) - #define TYPECLASSFMT "%" STR(TYPECLASSLEN) "[-0-9a-z]_%d" - #define ATTRIBUTESIZE 256 --#define DIRNAMESIZE 256 -+#define DIRNAMESIZE 512 - - static struct cc { - struct cc *next; --- -1.9.1 - diff --git a/meta/recipes-connectivity/bind/bind/0001-lib-dns-gen.c-fix-too-long-error.patch b/meta/recipes-connectivity/bind/bind/0001-lib-dns-gen.c-fix-too-long-error.patch deleted file mode 100644 index 1ed858cd3f..0000000000 --- a/meta/recipes-connectivity/bind/bind/0001-lib-dns-gen.c-fix-too-long-error.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 5bc3167a8b714ec0c4a3f1c7f3b9411296ec0a23 Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Wed, 16 Sep 2015 20:23:47 -0700 -Subject: [PATCH] lib/dns/gen.c: fix too long error - -The 512 is a little short when build in deep dir, and cause "too long" -error, use PATH_MAX if defined. - -Upstream-Status: Pending - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - lib/dns/gen.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/lib/dns/gen.c b/lib/dns/gen.c -index 51a0435..3d7214f 100644 ---- a/lib/dns/gen.c -+++ b/lib/dns/gen.c -@@ -148,7 +148,11 @@ static const char copyright[] = - #define TYPECLASSBUF (TYPECLASSLEN + 1) - #define TYPECLASSFMT "%" STR(TYPECLASSLEN) "[-0-9a-z]_%d" - #define ATTRIBUTESIZE 256 -+#ifdef PATH_MAX -+#define DIRNAMESIZE PATH_MAX -+#else - #define DIRNAMESIZE 512 -+#endif - - static struct cc { - struct cc *next; --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch new file mode 100644 index 0000000000..75908aa638 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch @@ -0,0 +1,34 @@ +From a3af4a405baf5ff582e82aaba392dd9667d94bdc Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Mon, 27 Aug 2018 21:24:20 +0800 +Subject: [PATCH] `named/lwresd -V' and start log hide build options + +The build options expose build path directories, so hide them. +[snip] +$ named -V +|built by make with *** (options are hidden) +[snip] + +Upstream-Status: Inappropriate [oe-core specific] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + bin/named/include/named/globals.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h +index ba3457e..7741da7 100644 +--- a/bin/named/include/named/globals.h ++++ b/bin/named/include/named/globals.h +@@ -68,7 +68,7 @@ EXTERN const char * ns_g_version INIT(VERSION); + EXTERN const char * ns_g_product INIT(PRODUCT); + EXTERN const char * ns_g_description INIT(DESCRIPTION); + EXTERN const char * ns_g_srcid INIT(SRCID); +-EXTERN const char * ns_g_configargs INIT(CONFIGARGS); ++EXTERN const char * ns_g_configargs INIT("*** (options are hidden)"); + EXTERN const char * ns_g_builder INIT(BUILDER); + EXTERN in_port_t ns_g_port INIT(0); + EXTERN isc_dscp_t ns_g_dscp INIT(-1); +-- +2.7.4 + diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch deleted file mode 100644 index 2149bd180d..0000000000 --- a/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch +++ /dev/null @@ -1,154 +0,0 @@ -From 70037e040e587329cec82123e12b9f4f7c945f67 Mon Sep 17 00:00:00 2001 -From: Mark Andrews <marka@isc.org> -Date: Thu, 18 Feb 2016 12:11:27 +1100 -Subject: [PATCH] 4318. [security] Malformed control messages can - trigger assertions in named and rndc. (CVE-2016-1285) - [RT #41666] - -(cherry picked from commit a2b15b3305acd52179e6f3dc7d073b07fbc40b8e) - -CVE: CVE-2016-1285 -Upstream-Status: Backport -[Removed doc/arm/notes.xml changes from upstream patch] - -Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> ---- - CHANGES | 3 +++ - bin/named/control.c | 2 +- - bin/named/controlconf.c | 2 +- - bin/rndc/rndc.c | 8 ++++---- - doc/arm/notes.xml | 11 +++++++++++ - lib/isccc/cc.c | 14 +++++++------- - 6 files changed, 27 insertions(+), 13 deletions(-) - -diff --git a/CHANGES b/CHANGES -index b9bd9ef..2c727d5 100644 ---- a/CHANGES -+++ b/CHANGES -@@ -1,3 +1,6 @@ -+4318. [security] Malformed control messages can trigger assertions -+ in named and rndc. (CVE-2016-1285) [RT #41666] -+ - --- 9.10.3-P3 released --- - - 4288. [bug] Fixed a regression in resolver.c:possibly_mark() -diff --git a/bin/named/control.c b/bin/named/control.c -index 8554335..81340ca 100644 ---- a/bin/named/control.c -+++ b/bin/named/control.c -@@ -69,7 +69,7 @@ ns_control_docommand(isccc_sexpr_t *message, isc_buffer_t *text) { - #endif - - data = isccc_alist_lookup(message, "_data"); -- if (data == NULL) { -+ if (!isccc_alist_alistp(data)) { - /* - * No data section. - */ -diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c -index 765afdd..a39ab8b 100644 ---- a/bin/named/controlconf.c -+++ b/bin/named/controlconf.c -@@ -402,7 +402,7 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) { - * Limit exposure to replay attacks. - */ - _ctrl = isccc_alist_lookup(request, "_ctrl"); -- if (_ctrl == NULL) { -+ if (!isccc_alist_alistp(_ctrl)) { - log_invalid(&conn->ccmsg, ISC_R_FAILURE); - goto cleanup_request; - } -diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c -index cb17050..b6e05c8 100644 ---- a/bin/rndc/rndc.c -+++ b/bin/rndc/rndc.c -@@ -255,8 +255,8 @@ rndc_recvdone(isc_task_t *task, isc_event_t *event) { - isccc_cc_fromwire(&source, &response, algorithm, &secret)); - - data = isccc_alist_lookup(response, "_data"); -- if (data == NULL) -- fatal("no data section in response"); -+ if (!isccc_alist_alistp(data)) -+ fatal("bad or missing data section in response"); - result = isccc_cc_lookupstring(data, "err", &errormsg); - if (result == ISC_R_SUCCESS) { - failed = ISC_TRUE; -@@ -321,8 +321,8 @@ rndc_recvnonce(isc_task_t *task, isc_event_t *event) { - isccc_cc_fromwire(&source, &response, algorithm, &secret)); - - _ctrl = isccc_alist_lookup(response, "_ctrl"); -- if (_ctrl == NULL) -- fatal("_ctrl section missing"); -+ if (!isccc_alist_alistp(_ctrl)) -+ fatal("bad or missing ctrl section in response"); - nonce = 0; - if (isccc_cc_lookupuint32(_ctrl, "_nonce", &nonce) != ISC_R_SUCCESS) - nonce = 0; -diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c -index 47a3b74..2bb961e 100644 ---- a/lib/isccc/cc.c -+++ b/lib/isccc/cc.c -@@ -403,13 +403,13 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, - * Extract digest. - */ - _auth = isccc_alist_lookup(alist, "_auth"); -- if (_auth == NULL) -+ if (!isccc_alist_alistp(_auth)) - return (ISC_R_FAILURE); - if (algorithm == ISCCC_ALG_HMACMD5) - hmac = isccc_alist_lookup(_auth, "hmd5"); - else - hmac = isccc_alist_lookup(_auth, "hsha"); -- if (hmac == NULL) -+ if (!isccc_sexpr_binaryp(hmac)) - return (ISC_R_FAILURE); - /* - * Compute digest. -@@ -728,7 +728,7 @@ isccc_cc_createack(isccc_sexpr_t *message, isc_boolean_t ok, - REQUIRE(ackp != NULL && *ackp == NULL); - - _ctrl = isccc_alist_lookup(message, "_ctrl"); -- if (_ctrl == NULL || -+ if (!isccc_alist_alistp(_ctrl) || - isccc_cc_lookupuint32(_ctrl, "_ser", &serial) != ISC_R_SUCCESS || - isccc_cc_lookupuint32(_ctrl, "_tim", &t) != ISC_R_SUCCESS) - return (ISC_R_FAILURE); -@@ -773,7 +773,7 @@ isccc_cc_isack(isccc_sexpr_t *message) - isccc_sexpr_t *_ctrl; - - _ctrl = isccc_alist_lookup(message, "_ctrl"); -- if (_ctrl == NULL) -+ if (!isccc_alist_alistp(_ctrl)) - return (ISC_FALSE); - if (isccc_cc_lookupstring(_ctrl, "_ack", NULL) == ISC_R_SUCCESS) - return (ISC_TRUE); -@@ -786,7 +786,7 @@ isccc_cc_isreply(isccc_sexpr_t *message) - isccc_sexpr_t *_ctrl; - - _ctrl = isccc_alist_lookup(message, "_ctrl"); -- if (_ctrl == NULL) -+ if (!isccc_alist_alistp(_ctrl)) - return (ISC_FALSE); - if (isccc_cc_lookupstring(_ctrl, "_rpl", NULL) == ISC_R_SUCCESS) - return (ISC_TRUE); -@@ -806,7 +806,7 @@ isccc_cc_createresponse(isccc_sexpr_t *message, isccc_time_t now, - - _ctrl = isccc_alist_lookup(message, "_ctrl"); - _data = isccc_alist_lookup(message, "_data"); -- if (_ctrl == NULL || _data == NULL || -+ if (!isccc_alist_alistp(_ctrl) || !isccc_alist_alistp(_data) || - isccc_cc_lookupuint32(_ctrl, "_ser", &serial) != ISC_R_SUCCESS || - isccc_cc_lookupstring(_data, "type", &type) != ISC_R_SUCCESS) - return (ISC_R_FAILURE); -@@ -995,7 +995,7 @@ isccc_cc_checkdup(isccc_symtab_t *symtab, isccc_sexpr_t *message, - isccc_sexpr_t *_ctrl; - - _ctrl = isccc_alist_lookup(message, "_ctrl"); -- if (_ctrl == NULL || -+ if (!isccc_alist_alistp(_ctrl) || - isccc_cc_lookupstring(_ctrl, "_ser", &_ser) != ISC_R_SUCCESS || - isccc_cc_lookupstring(_ctrl, "_tim", &_tim) != ISC_R_SUCCESS) - return (ISC_R_FAILURE); --- -1.9.1 - diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch deleted file mode 100644 index ae5cc48d9c..0000000000 --- a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch +++ /dev/null @@ -1,79 +0,0 @@ -From a3d327bf1ceaaeabb20223d8de85166e940b9f12 Mon Sep 17 00:00:00 2001 -From: Mukund Sivaraman <muks@isc.org> -Date: Mon, 22 Feb 2016 12:22:43 +0530 -Subject: [PATCH] Fix resolver assertion failure due to improper DNAME handling - (CVE-2016-1286) (#41753) - -(cherry picked from commit 5995fec51cc8bb7e53804e4936e60aa1537f3673) - -CVE: CVE-2016-1286 -Upstream-Status: Backport - -[Removed doc/arm/notes.xml changes from upstream patch.] - -Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> ---- -diff -ruN a/CHANGES b/CHANGES ---- a/CHANGES 2016-04-13 07:28:44.940873629 +0200 -+++ b/CHANGES 2016-04-13 07:38:38.923167851 +0200 -@@ -1,3 +1,7 @@ -+4319. [security] Fix resolver assertion failure due to improper -+ DNAME handling when parsing fetch reply messages. -+ (CVE-2016-1286) [RT #41753] -+ - 4318. [security] Malformed control messages can trigger assertions - in named and rndc. (CVE-2016-1285) [RT #41666] - -diff -ruN a/lib/dns/resolver.c b/lib/dns/resolver.c ---- a/lib/dns/resolver.c 2016-04-13 07:28:43.088953790 +0200 -+++ b/lib/dns/resolver.c 2016-04-13 07:38:20.411968925 +0200 -@@ -6967,21 +6967,26 @@ - isc_boolean_t found_dname = ISC_FALSE; - dns_name_t *dname_name; - -+ /* -+ * Only pass DNAME or RRSIG(DNAME). -+ */ -+ if (rdataset->type != dns_rdatatype_dname && -+ (rdataset->type != dns_rdatatype_rrsig || -+ rdataset->covers != dns_rdatatype_dname)) -+ continue; -+ -+ /* -+ * If we're not chaining, then the DNAME and -+ * its signature should not be external. -+ */ -+ if (!chaining && external) { -+ log_formerr(fctx, "external DNAME"); -+ return (DNS_R_FORMERR); -+ } -+ - found = ISC_FALSE; - aflag = 0; - if (rdataset->type == dns_rdatatype_dname) { -- /* -- * We're looking for something else, -- * but we found a DNAME. -- * -- * If we're not chaining, then the -- * DNAME should not be external. -- */ -- if (!chaining && external) { -- log_formerr(fctx, -- "external DNAME"); -- return (DNS_R_FORMERR); -- } - found = ISC_TRUE; - want_chaining = ISC_TRUE; - POST(want_chaining); -@@ -7010,9 +7015,7 @@ - &fctx->domain)) { - return (DNS_R_SERVFAIL); - } -- } else if (rdataset->type == dns_rdatatype_rrsig -- && rdataset->covers == -- dns_rdatatype_dname) { -+ } else { - /* - * We've found a signature that - * covers the DNAME. diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch deleted file mode 100644 index 5f5cb0d340..0000000000 --- a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch +++ /dev/null @@ -1,317 +0,0 @@ -From 7602be276a73a6eb5431c5acd9718e68a55e8b61 Mon Sep 17 00:00:00 2001 -From: Mark Andrews <marka@isc.org> -Date: Mon, 29 Feb 2016 07:16:48 +1100 -Subject: [PATCH] Part 2 of: 4319. [security] Fix resolver assertion - failure due to improper DNAME handling when parsing - fetch reply messages. (CVE-2016-1286) [RT #41753] - -CVE: CVE-2016-1286 -Upstream-Status: Backport - -(cherry picked from commit 2de89ee9de8c8da9dc153a754b02dcdbb7fe2374) -Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> ---- - lib/dns/resolver.c | 192 ++++++++++++++++++++++++++--------------------------- - 1 file changed, 93 insertions(+), 99 deletions(-) - -diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c -index 70aba87..41e9df4 100644 ---- a/lib/dns/resolver.c -+++ b/lib/dns/resolver.c -@@ -6074,14 +6074,11 @@ cname_target(dns_rdataset_t *rdataset, dns_name_t *tname) { - } - - static inline isc_result_t --dname_target(fetchctx_t *fctx, dns_rdataset_t *rdataset, dns_name_t *qname, -- dns_name_t *oname, dns_fixedname_t *fixeddname) -+dname_target(dns_rdataset_t *rdataset, dns_name_t *qname, -+ unsigned int nlabels, dns_fixedname_t *fixeddname) - { - isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; -- unsigned int nlabels; -- int order; -- dns_namereln_t namereln; - dns_rdata_dname_t dname; - dns_fixedname_t prefix; - -@@ -6096,21 +6093,6 @@ dname_target(fetchctx_t *fctx, dns_rdataset_t *rdataset, dns_name_t *qname, - if (result != ISC_R_SUCCESS) - return (result); - -- /* -- * Get the prefix of qname. -- */ -- namereln = dns_name_fullcompare(qname, oname, &order, &nlabels); -- if (namereln != dns_namereln_subdomain) { -- char qbuf[DNS_NAME_FORMATSIZE]; -- char obuf[DNS_NAME_FORMATSIZE]; -- -- dns_rdata_freestruct(&dname); -- dns_name_format(qname, qbuf, sizeof(qbuf)); -- dns_name_format(oname, obuf, sizeof(obuf)); -- log_formerr(fctx, "unrelated DNAME in answer: " -- "%s is not in %s", qbuf, obuf); -- return (DNS_R_FORMERR); -- } - dns_fixedname_init(&prefix); - dns_name_split(qname, nlabels, dns_fixedname_name(&prefix), NULL); - dns_fixedname_init(fixeddname); -@@ -6736,13 +6718,13 @@ static isc_result_t - answer_response(fetchctx_t *fctx) { - isc_result_t result; - dns_message_t *message; -- dns_name_t *name, *qname, tname, *ns_name; -+ dns_name_t *name, *dname, *qname, tname, *ns_name; - dns_rdataset_t *rdataset, *ns_rdataset; - isc_boolean_t done, external, chaining, aa, found, want_chaining; - isc_boolean_t have_answer, found_cname, found_type, wanted_chaining; - unsigned int aflag; - dns_rdatatype_t type; -- dns_fixedname_t dname, fqname; -+ dns_fixedname_t fdname, fqname; - dns_view_t *view; - - FCTXTRACE("answer_response"); -@@ -6770,10 +6752,15 @@ answer_response(fetchctx_t *fctx) { - view = fctx->res->view; - result = dns_message_firstname(message, DNS_SECTION_ANSWER); - while (!done && result == ISC_R_SUCCESS) { -+ dns_namereln_t namereln; -+ int order; -+ unsigned int nlabels; -+ - name = NULL; - dns_message_currentname(message, DNS_SECTION_ANSWER, &name); - external = ISC_TF(!dns_name_issubdomain(name, &fctx->domain)); -- if (dns_name_equal(name, qname)) { -+ namereln = dns_name_fullcompare(qname, name, &order, &nlabels); -+ if (namereln == dns_namereln_equal) { - wanted_chaining = ISC_FALSE; - for (rdataset = ISC_LIST_HEAD(name->list); - rdataset != NULL; -@@ -6898,10 +6885,11 @@ answer_response(fetchctx_t *fctx) { - */ - INSIST(!external); - if (aflag == -- DNS_RDATASETATTR_ANSWER) -+ DNS_RDATASETATTR_ANSWER) { - have_answer = ISC_TRUE; -- name->attributes |= -- DNS_NAMEATTR_ANSWER; -+ name->attributes |= -+ DNS_NAMEATTR_ANSWER; -+ } - rdataset->attributes |= aflag; - if (aa) - rdataset->trust = -@@ -6956,6 +6944,8 @@ answer_response(fetchctx_t *fctx) { - if (wanted_chaining) - chaining = ISC_TRUE; - } else { -+ dns_rdataset_t *dnameset = NULL; -+ - /* - * Look for a DNAME (or its SIG). Anything else is - * ignored. -@@ -6963,10 +6953,8 @@ answer_response(fetchctx_t *fctx) { - wanted_chaining = ISC_FALSE; - for (rdataset = ISC_LIST_HEAD(name->list); - rdataset != NULL; -- rdataset = ISC_LIST_NEXT(rdataset, link)) { -- isc_boolean_t found_dname = ISC_FALSE; -- dns_name_t *dname_name; -- -+ rdataset = ISC_LIST_NEXT(rdataset, link)) -+ { - /* - * Only pass DNAME or RRSIG(DNAME). - */ -@@ -6980,20 +6968,41 @@ answer_response(fetchctx_t *fctx) { - * its signature should not be external. - */ - if (!chaining && external) { -- log_formerr(fctx, "external DNAME"); -+ char qbuf[DNS_NAME_FORMATSIZE]; -+ char obuf[DNS_NAME_FORMATSIZE]; -+ -+ dns_name_format(name, qbuf, -+ sizeof(qbuf)); -+ dns_name_format(&fctx->domain, obuf, -+ sizeof(obuf)); -+ log_formerr(fctx, "external DNAME or " -+ "RRSIG covering DNAME " -+ "in answer: %s is " -+ "not in %s", qbuf, obuf); -+ return (DNS_R_FORMERR); -+ } -+ -+ if (namereln != dns_namereln_subdomain) { -+ char qbuf[DNS_NAME_FORMATSIZE]; -+ char obuf[DNS_NAME_FORMATSIZE]; -+ -+ dns_name_format(qname, qbuf, -+ sizeof(qbuf)); -+ dns_name_format(name, obuf, -+ sizeof(obuf)); -+ log_formerr(fctx, "unrelated DNAME " -+ "in answer: %s is " -+ "not in %s", qbuf, obuf); - return (DNS_R_FORMERR); - } - -- found = ISC_FALSE; - aflag = 0; - if (rdataset->type == dns_rdatatype_dname) { -- found = ISC_TRUE; - want_chaining = ISC_TRUE; - POST(want_chaining); - aflag = DNS_RDATASETATTR_ANSWER; -- result = dname_target(fctx, rdataset, -- qname, name, -- &dname); -+ result = dname_target(rdataset, qname, -+ nlabels, &fdname); - if (result == ISC_R_NOSPACE) { - /* - * We can't construct the -@@ -7005,14 +7014,12 @@ answer_response(fetchctx_t *fctx) { - } else if (result != ISC_R_SUCCESS) - return (result); - else -- found_dname = ISC_TRUE; -+ dnameset = rdataset; - -- dname_name = dns_fixedname_name(&dname); -+ dname = dns_fixedname_name(&fdname); - if (!is_answertarget_allowed(view, -- qname, -- rdataset->type, -- dname_name, -- &fctx->domain)) { -+ qname, rdataset->type, -+ dname, &fctx->domain)) { - return (DNS_R_SERVFAIL); - } - } else { -@@ -7020,73 +7027,60 @@ answer_response(fetchctx_t *fctx) { - * We've found a signature that - * covers the DNAME. - */ -- found = ISC_TRUE; - aflag = DNS_RDATASETATTR_ANSWERSIG; - } - -- if (found) { -+ /* -+ * We've found an answer to our -+ * question. -+ */ -+ name->attributes |= DNS_NAMEATTR_CACHE; -+ rdataset->attributes |= DNS_RDATASETATTR_CACHE; -+ rdataset->trust = dns_trust_answer; -+ if (!chaining) { - /* -- * We've found an answer to our -- * question. -+ * This data is "the" answer to -+ * our question only if we're -+ * not chaining. - */ -- name->attributes |= -- DNS_NAMEATTR_CACHE; -- rdataset->attributes |= -- DNS_RDATASETATTR_CACHE; -- rdataset->trust = dns_trust_answer; -- if (!chaining) { -- /* -- * This data is "the" answer -- * to our question only if -- * we're not chaining. -- */ -- INSIST(!external); -- if (aflag == -- DNS_RDATASETATTR_ANSWER) -- have_answer = ISC_TRUE; -+ INSIST(!external); -+ if (aflag == DNS_RDATASETATTR_ANSWER) { -+ have_answer = ISC_TRUE; - name->attributes |= - DNS_NAMEATTR_ANSWER; -- rdataset->attributes |= aflag; -- if (aa) -- rdataset->trust = -- dns_trust_authanswer; -- } else if (external) { -- rdataset->attributes |= -- DNS_RDATASETATTR_EXTERNAL; -- } -- -- /* -- * DNAME chaining. -- */ -- if (found_dname) { -- /* -- * Copy the dname into the -- * qname fixed name. -- * -- * Although we check for -- * failure of the copy -- * operation, in practice it -- * should never fail since -- * we already know that the -- * result fits in a fixedname. -- */ -- dns_fixedname_init(&fqname); -- result = dns_name_copy( -- dns_fixedname_name(&dname), -- dns_fixedname_name(&fqname), -- NULL); -- if (result != ISC_R_SUCCESS) -- return (result); -- wanted_chaining = ISC_TRUE; -- name->attributes |= -- DNS_NAMEATTR_CHAINING; -- rdataset->attributes |= -- DNS_RDATASETATTR_CHAINING; -- qname = dns_fixedname_name( -- &fqname); - } -+ rdataset->attributes |= aflag; -+ if (aa) -+ rdataset->trust = -+ dns_trust_authanswer; -+ } else if (external) { -+ rdataset->attributes |= -+ DNS_RDATASETATTR_EXTERNAL; - } - } -+ -+ /* -+ * DNAME chaining. -+ */ -+ if (dnameset != NULL) { -+ /* -+ * Copy the dname into the qname fixed name. -+ * -+ * Although we check for failure of the copy -+ * operation, in practice it should never fail -+ * since we already know that the result fits -+ * in a fixedname. -+ */ -+ dns_fixedname_init(&fqname); -+ qname = dns_fixedname_name(&fqname); -+ result = dns_name_copy(dname, qname, NULL); -+ if (result != ISC_R_SUCCESS) -+ return (result); -+ wanted_chaining = ISC_TRUE; -+ name->attributes |= DNS_NAMEATTR_CHAINING; -+ dnameset->attributes |= -+ DNS_RDATASETATTR_CHAINING; -+ } - if (wanted_chaining) - chaining = ISC_TRUE; - } --- -1.9.1 - diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch deleted file mode 100644 index 1b84d46b78..0000000000 --- a/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch +++ /dev/null @@ -1,247 +0,0 @@ -CVE-2016-2088 - -Backport commit d7ff9a1c41bf0ba9773cb3adb08b48b9fd57c956 from the -v9_10_3_patch branch. - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2088 -https://kb.isc.org/article/AA-01351 - -CVE: CVE-2016-2088 -Upstream-Status: Backport -Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> - - -Original commit message from Mark Andrews <marka@isc.org> below: - -4322. [security] Duplicate EDNS COOKIE options in a response could - trigger an assertion failure. (CVE-2016-2088) - [RT #41809] - -(cherry picked from commit 455c0848f80a8acda27aad1466c72987cafaa029) -(cherry picked from commit 7cd300abd6ee8b8ee8730593daf742ba53f90bc3) ---- - CHANGES | 4 ++++ - bin/dig/dighost.c | 9 +++++++++ - bin/named/client.c | 33 +++++++++++++++++++++++---------- - doc/arm/notes.xml | 7 +++++++ - lib/dns/resolver.c | 14 +++++++++++++- - 5 files changed, 56 insertions(+), 11 deletions(-) - -diff --git a/CHANGES b/CHANGES -index c5b5d2b..d2e3360 100644 ---- a/CHANGES -+++ b/CHANGES -@@ -1,3 +1,7 @@ -+4322. [security] Duplicate EDNS COOKIE options in a response could -+ trigger an assertion failure. (CVE-2016-2088) -+ [RT #41809] -+ - 4319. [security] Fix resolver assertion failure due to improper - DNAME handling when parsing fetch reply messages. - (CVE-2016-1286) [RT #41753] -diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c -index ca82f8e..340904f 100644 ---- a/bin/dig/dighost.c -+++ b/bin/dig/dighost.c -@@ -3458,6 +3458,7 @@ process_opt(dig_lookup_t *l, dns_message_t *msg) { - isc_buffer_t optbuf; - isc_uint16_t optcode, optlen; - dns_rdataset_t *opt = msg->opt; -+ isc_boolean_t seen_cookie = ISC_FALSE; - - result = dns_rdataset_first(opt); - if (result == ISC_R_SUCCESS) { -@@ -3470,7 +3471,15 @@ process_opt(dig_lookup_t *l, dns_message_t *msg) { - optlen = isc_buffer_getuint16(&optbuf); - switch (optcode) { - case DNS_OPT_COOKIE: -+ /* -+ * Only process the first cookie option. -+ */ -+ if (seen_cookie) { -+ isc_buffer_forward(&optbuf, optlen); -+ break; -+ } - process_sit(l, msg, &optbuf, optlen); -+ seen_cookie = ISC_TRUE; - break; - default: - isc_buffer_forward(&optbuf, optlen); -diff --git a/bin/named/client.c b/bin/named/client.c -index 683305c..0d7331a 100644 ---- a/bin/named/client.c -+++ b/bin/named/client.c -@@ -120,7 +120,10 @@ - */ - #endif - --#define SIT_SIZE 24U /* 8 + 4 + 4 + 8 */ -+#define COOKIE_SIZE 24U /* 8 + 4 + 4 + 8 */ -+ -+#define WANTNSID(x) (((x)->attributes & NS_CLIENTATTR_WANTNSID) != 0) -+#define WANTEXPIRE(x) (((x)->attributes & NS_CLIENTATTR_WANTEXPIRE) != 0) - - /*% nameserver client manager structure */ - struct ns_clientmgr { -@@ -1395,7 +1398,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, - { - char nsid[BUFSIZ], *nsidp; - #ifdef ISC_PLATFORM_USESIT -- unsigned char sit[SIT_SIZE]; -+ unsigned char sit[COOKIE_SIZE]; - #endif - isc_result_t result; - dns_view_t *view; -@@ -1420,7 +1423,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, - flags = client->extflags & DNS_MESSAGEEXTFLAG_REPLYPRESERVE; - - /* Set EDNS options if applicable */ -- if ((client->attributes & NS_CLIENTATTR_WANTNSID) != 0 && -+ if (WANTNSID(client) && - (ns_g_server->server_id != NULL || - ns_g_server->server_usehostname)) { - if (ns_g_server->server_usehostname) { -@@ -1453,7 +1456,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, - - INSIST(count < DNS_EDNSOPTIONS); - ednsopts[count].code = DNS_OPT_COOKIE; -- ednsopts[count].length = SIT_SIZE; -+ ednsopts[count].length = COOKIE_SIZE; - ednsopts[count].value = sit; - count++; - } -@@ -1661,19 +1664,26 @@ compute_sit(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce, - - static void - process_sit(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { -- unsigned char dbuf[SIT_SIZE]; -+ unsigned char dbuf[COOKIE_SIZE]; - unsigned char *old; - isc_stdtime_t now; - isc_uint32_t when; - isc_uint32_t nonce; - isc_buffer_t db; - -+ /* -+ * If we have already seen a ECS option skip this ECS option. -+ */ -+ if ((client->attributes & NS_CLIENTATTR_WANTSIT) != 0) { -+ isc_buffer_forward(buf, optlen); -+ return; -+ } - client->attributes |= NS_CLIENTATTR_WANTSIT; - - isc_stats_increment(ns_g_server->nsstats, - dns_nsstatscounter_sitopt); - -- if (optlen != SIT_SIZE) { -+ if (optlen != COOKIE_SIZE) { - /* - * Not our token. - */ -@@ -1717,14 +1727,13 @@ process_sit(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { - isc_buffer_init(&db, dbuf, sizeof(dbuf)); - compute_sit(client, when, nonce, &db); - -- if (!isc_safe_memequal(old, dbuf, SIT_SIZE)) { -+ if (!isc_safe_memequal(old, dbuf, COOKIE_SIZE)) { - isc_stats_increment(ns_g_server->nsstats, - dns_nsstatscounter_sitnomatch); - return; - } - isc_stats_increment(ns_g_server->nsstats, - dns_nsstatscounter_sitmatch); -- - client->attributes |= NS_CLIENTATTR_HAVESIT; - } - #endif -@@ -1783,7 +1792,9 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { - optlen = isc_buffer_getuint16(&optbuf); - switch (optcode) { - case DNS_OPT_NSID: -- isc_stats_increment(ns_g_server->nsstats, -+ if (!WANTNSID(client)) -+ isc_stats_increment( -+ ns_g_server->nsstats, - dns_nsstatscounter_nsidopt); - client->attributes |= NS_CLIENTATTR_WANTNSID; - isc_buffer_forward(&optbuf, optlen); -@@ -1794,7 +1805,9 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { - break; - #endif - case DNS_OPT_EXPIRE: -- isc_stats_increment(ns_g_server->nsstats, -+ if (!WANTEXPIRE(client)) -+ isc_stats_increment( -+ ns_g_server->nsstats, - dns_nsstatscounter_expireopt); - client->attributes |= NS_CLIENTATTR_WANTEXPIRE; - isc_buffer_forward(&optbuf, optlen); -diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml -index ebf4f55..095eb5b 100644 ---- a/doc/arm/notes.xml -+++ b/doc/arm/notes.xml -@@ -51,6 +51,13 @@ - <title>Security Fixes</title> - <itemizedlist> - <listitem> -+ <para> -+ Duplicate EDNS COOKIE options in a response could trigger -+ an assertion failure. This flaw is disclosed in CVE-2016-2088. -+ [RT #41809] -+ </para> -+ </listitem> -+ <listitem> - <para> - Specific APL data could trigger an INSIST. This flaw - was discovered by Brian Mitchell and is disclosed in -diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c -index a797e3f..ba1ae23 100644 ---- a/lib/dns/resolver.c -+++ b/lib/dns/resolver.c -@@ -7502,7 +7502,9 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) { - unsigned char *sit; - dns_adbaddrinfo_t *addrinfo; - unsigned char cookie[8]; -+ isc_boolean_t seen_cookie = ISC_FALSE; - #endif -+ isc_boolean_t seen_nsid = ISC_FALSE; - - result = dns_rdataset_first(opt); - if (result == ISC_R_SUCCESS) { -@@ -7516,14 +7518,23 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) { - INSIST(optlen <= isc_buffer_remaininglength(&optbuf)); - switch (optcode) { - case DNS_OPT_NSID: -- if (query->options & DNS_FETCHOPT_WANTNSID) -+ if (!seen_nsid && -+ query->options & DNS_FETCHOPT_WANTNSID) - log_nsid(&optbuf, optlen, query, - ISC_LOG_DEBUG(3), - query->fctx->res->mctx); - isc_buffer_forward(&optbuf, optlen); -+ seen_nsid = ISC_TRUE; - break; - #ifdef ISC_PLATFORM_USESIT - case DNS_OPT_COOKIE: -+ /* -+ * Only process the first cookie option. -+ */ -+ if (seen_cookie) { -+ isc_buffer_forward(&optbuf, optlen); -+ break; -+ } - sit = isc_buffer_current(&optbuf); - compute_cc(query, cookie, sizeof(cookie)); - INSIST(query->fctx->rmessage->sitbad == 0 && -@@ -7541,6 +7552,7 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) { - isc_buffer_forward(&optbuf, optlen); - inc_stats(query->fctx->res, - dns_resstatscounter_sitin); -+ seen_cookie = ISC_TRUE; - break; - #endif - default: --- -2.1.4 - diff --git a/meta/recipes-connectivity/bind/bind/bind-confgen-build-unix.o-once.patch b/meta/recipes-connectivity/bind/bind/bind-confgen-build-unix.o-once.patch deleted file mode 100644 index 096d5d84fc..0000000000 --- a/meta/recipes-connectivity/bind/bind/bind-confgen-build-unix.o-once.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 9b40619ff6fddfef2758ba797789f8487f412df3 Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Mon, 16 Feb 2015 00:50:01 -0800 -Subject: [PATCH] confgen: don't build unix.o twice - -Fixed: -unix/os.o: file not recognized: File truncated -collect2: error: ld returned 1 exit status - -This is because os.o was built twice: -* The implicity rule (depends on unix/os.o) -* The "make all" in unix subdir (depends on unix/os.o) - -Depend on subdirs which is unix only rather than unix/os.o will fix the -problem. - -Upstream-Status: Pending - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - bin/confgen/Makefile.in | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/bin/confgen/Makefile.in b/bin/confgen/Makefile.in -index 8b3e5aa..4868a24 100644 ---- a/bin/confgen/Makefile.in -+++ b/bin/confgen/Makefile.in -@@ -74,11 +74,11 @@ rndc-confgen.@O@: rndc-confgen.c - ddns-confgen.@O@: ddns-confgen.c - ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} -c ${srcdir}/ddns-confgen.c - --rndc-confgen@EXEEXT@: rndc-confgen.@O@ util.@O@ keygen.@O@ ${UOBJS} ${CONFDEPLIBS} -+rndc-confgen@EXEEXT@: rndc-confgen.@O@ util.@O@ keygen.@O@ ${CONFDEPLIBS} $(SUBDIRS) - export BASEOBJS="rndc-confgen.@O@ util.@O@ keygen.@O@ ${UOBJS}"; \ - ${FINALBUILDCMD} - --ddns-confgen@EXEEXT@: ddns-confgen.@O@ util.@O@ keygen.@O@ ${UOBJS} ${CONFDEPLIBS} -+ddns-confgen@EXEEXT@: ddns-confgen.@O@ util.@O@ keygen.@O@ ${CONFDEPLIBS} $(SUBDIRS) - export BASEOBJS="ddns-confgen.@O@ util.@O@ keygen.@O@ ${UOBJS}"; \ - ${FINALBUILDCMD} - --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch b/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch index 13df3bb0e9..84559e5f37 100644 --- a/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ b/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch @@ -1,4 +1,4 @@ -From 9473d29843579802e96b0293a3e953fed93de82c Mon Sep 17 00:00:00 2001 +From edda20fb5a6e88548f85e39d34d6c074306e15bc Mon Sep 17 00:00:00 2001 From: Paul Gortmaker <paul.gortmaker@windriver.com> Date: Tue, 9 Jun 2015 11:22:00 -0400 Subject: [PATCH] bind: ensure searching for json headers searches sysroot @@ -27,15 +27,16 @@ to make use of the combination some day. Upstream-Status: Inappropriate [OE Specific] Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> + --- - configure.in | 2 +- + configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/configure.in b/configure.in -index c9ef3a601343..17a1f613e9ac 100644 ---- a/configure.in -+++ b/configure.in -@@ -2139,7 +2139,7 @@ case "$use_libjson" in +diff --git a/configure.ac b/configure.ac +index 17392fd..e85a5c6 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -2449,7 +2449,7 @@ case "$use_libjson" in libjson_libs="" ;; auto|yes) @@ -44,6 +45,3 @@ index c9ef3a601343..17a1f613e9ac 100644 do if test -f "${d}/include/json/json.h" then --- -2.4.2 - diff --git a/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch b/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch deleted file mode 100644 index b02ecb1061..0000000000 --- a/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch +++ /dev/null @@ -1,17 +0,0 @@ -Upstream-Status: Pending - -Signed-off-by: Saul Wold <sgw@linux.intel.com> - -Index: bind-9.9.5/bin/Makefile.in -=================================================================== ---- bind-9.9.5.orig/bin/Makefile.in -+++ bind-9.9.5/bin/Makefile.in -@@ -19,7 +19,7 @@ srcdir = @srcdir@ - VPATH = @srcdir@ - top_srcdir = @top_srcdir@ - --SUBDIRS = named rndc dig delv dnssec tools tests nsupdate \ -+SUBDIRS = named rndc dig delv dnssec tools nsupdate \ - check confgen @PYTHON_TOOLS@ @PKCS11_TOOLS@ - TARGETS = - diff --git a/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh b/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh index db201270fa..ef915c0ae5 100644 --- a/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh +++ b/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh @@ -3,5 +3,6 @@ if [ ! -s /etc/bind/rndc.key ]; then echo -n "Generating /etc/bind/rndc.key:" /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom + chown root:bind /etc/bind/rndc.key chmod 0640 /etc/bind/rndc.key fi diff --git a/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff b/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff deleted file mode 100644 index 2930796b6a..0000000000 --- a/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff +++ /dev/null @@ -1,104 +0,0 @@ -bind: port a patch to fix a build failure - -mips1 does not support ll and sc instructions, and lead to below error, now -we port a patch from debian to fix it -[http://security.debian.org/debian-security/pool/updates/main/b/bind9/bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.diff.gz] - -| {standard input}: Assembler messages: -| {standard input}:47: Error: Opcode not supported on this processor: mips1 (mips1) `ll $3,0($6)' -| {standard input}:50: Error: Opcode not supported on this processor: mips1 (mips1) `sc $3,0($6)' - -Upstream-Status: Pending - -Signed-off-by: Roy Li <rongqing.li@windriver.com> - ---- bind9-9.8.4.dfsg.P1.orig/lib/isc/mips/include/isc/atomic.h -+++ bind9-9.8.4.dfsg.P1/lib/isc/mips/include/isc/atomic.h -@@ -31,18 +31,20 @@ - isc_atomic_xadd(isc_int32_t *p, int val) { - isc_int32_t orig; - -- /* add is a cheat, since MIPS has no mov instruction */ -- __asm__ volatile ( -- "1:" -- "ll $3, %1\n" -- "add %0, $0, $3\n" -- "add $3, $3, %2\n" -- "sc $3, %1\n" -- "beq $3, 0, 1b" -- : "=&r"(orig) -- : "m"(*p), "r"(val) -- : "memory", "$3" -- ); -+ __asm__ __volatile__ ( -+ " .set push \n" -+ " .set mips2 \n" -+ " .set noreorder \n" -+ " .set noat \n" -+ "1: ll $1, %1 \n" -+ " addu %0, $1, %2 \n" -+ " sc %0, %1 \n" -+ " beqz %0, 1b \n" -+ " move %0, $1 \n" -+ " .set pop \n" -+ : "=&r" (orig), "+R" (*p) -+ : "r" (val) -+ : "memory"); - - return (orig); - } -@@ -52,16 +54,7 @@ - */ - static inline void - isc_atomic_store(isc_int32_t *p, isc_int32_t val) { -- __asm__ volatile ( -- "1:" -- "ll $3, %0\n" -- "add $3, $0, %1\n" -- "sc $3, %0\n" -- "beq $3, 0, 1b" -- : -- : "m"(*p), "r"(val) -- : "memory", "$3" -- ); -+ *p = val; - } - - /* -@@ -72,20 +65,23 @@ - static inline isc_int32_t - isc_atomic_cmpxchg(isc_int32_t *p, int cmpval, int val) { - isc_int32_t orig; -+ isc_int32_t tmp; - -- __asm__ volatile( -- "1:" -- "ll $3, %1\n" -- "add %0, $0, $3\n" -- "bne $3, %2, 2f\n" -- "add $3, $0, %3\n" -- "sc $3, %1\n" -- "beq $3, 0, 1b\n" -- "2:" -- : "=&r"(orig) -- : "m"(*p), "r"(cmpval), "r"(val) -- : "memory", "$3" -- ); -+ __asm__ __volatile__ ( -+ " .set push \n" -+ " .set mips2 \n" -+ " .set noreorder \n" -+ " .set noat \n" -+ "1: ll $1, %1 \n" -+ " bne $1, %3, 2f \n" -+ " move %2, %4 \n" -+ " sc %2, %1 \n" -+ " beqz %2, 1b \n" -+ "2: move %0, $1 \n" -+ " .set pop \n" -+ : "=&r"(orig), "+R" (*p), "=r" (tmp) -+ : "r"(cmpval), "r"(val) -+ : "memory"); - - return (orig); - } diff --git a/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb b/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb deleted file mode 100644 index a99f0dd854..0000000000 --- a/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb +++ /dev/null @@ -1,109 +0,0 @@ -SUMMARY = "ISC Internet Domain Name Server" -HOMEPAGE = "http://www.isc.org/sw/bind/" -SECTION = "console/network" - -LICENSE = "ISC & BSD" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=0a95f52a0ab6c5f52dedc9a45e7abb3f" - -DEPENDS = "openssl libcap" - -SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ - file://conf.patch \ - file://make-etc-initd-bind-stop-work.patch \ - file://mips1-not-support-opcode.diff \ - file://dont-test-on-host.patch \ - file://generate-rndc-key.sh \ - file://named.service \ - file://bind9 \ - file://init.d-add-support-for-read-only-rootfs.patch \ - file://bind-confgen-build-unix.o-once.patch \ - file://0001-build-use-pkg-config-to-find-libxml2.patch \ - file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ - file://0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch \ - file://0001-lib-dns-gen.c-fix-too-long-error.patch \ - file://CVE-2016-1285.patch \ - file://CVE-2016-1286_1.patch \ - file://CVE-2016-1286_2.patch \ - file://CVE-2016-2088.patch \ - " - -SRC_URI[md5sum] = "bcf7e772b616f7259420a3edc5df350a" -SRC_URI[sha256sum] = "690810d1fbb72afa629e74638d19cd44e28d2b2e5eb63f55c705ad85d1a4cb83" - -ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}" -EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \ - --disable-devpoll --disable-epoll --with-gost=no \ - --with-gssapi=no --with-ecdsa=yes \ - --sysconfdir=${sysconfdir}/bind \ - --with-openssl=${STAGING_LIBDIR}/.. \ - " -inherit autotools update-rc.d systemd useradd pkgconfig - -# PACKAGECONFIGs readline and libedit should NOT be set at same time -PACKAGECONFIG ?= "readline" -PACKAGECONFIG[httpstats] = "--with-libxml2,--without-libxml2,libxml2" -PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline" -PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit" - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ - --user-group bind" - -INITSCRIPT_NAME = "bind" -INITSCRIPT_PARAMS = "defaults" - -SYSTEMD_SERVICE_${PN} = "named.service" - -PARALLEL_MAKE = "" - -RDEPENDS_${PN} = "python3-core" -RDEPENDS_${PN}-dev = "" - -PACKAGE_BEFORE_PN += "${PN}-utils" -FILES_${PN}-utils = "${bindir}/host ${bindir}/dig" -FILES_${PN}-dev += "${bindir}/isc-config.h" -FILES_${PN} += "${sbindir}/generate-rndc-key.sh" - -do_install_prepend() { - # clean host path in isc-config.sh before the hardlink created - # by "make install": - # bind9-config -> isc-config.sh - sed -i -e "s,${STAGING_LIBDIR},${libdir}," ${B}/isc-config.sh -} - -do_install_append() { - rm "${D}${bindir}/nslookup" - rm "${D}${mandir}/man1/nslookup.1" - rmdir "${D}${localstatedir}/run" - rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" - install -d -o bind "${D}${localstatedir}/cache/bind" - install -d "${D}${sysconfdir}/bind" - install -d "${D}${sysconfdir}/init.d" - install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" - install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" - sed -i -e '1s,#!.*python,#! /usr/bin/python3,' ${D}${sbindir}/dnssec-coverage ${D}${sbindir}/dnssec-checkds - - # Install systemd related files - install -d ${D}${sbindir} - install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ - -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_unitdir}/system/named.service - - install -d ${D}${sysconfdir}/default - install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default -} - -CONFFILES_${PN} = " \ - ${sysconfdir}/bind/named.conf \ - ${sysconfdir}/bind/named.conf.local \ - ${sysconfdir}/bind/named.conf.options \ - ${sysconfdir}/bind/db.0 \ - ${sysconfdir}/bind/db.127 \ - ${sysconfdir}/bind/db.empty \ - ${sysconfdir}/bind/db.local \ - ${sysconfdir}/bind/db.root \ - " - diff --git a/meta/recipes-connectivity/bind/bind_9.11.13.bb b/meta/recipes-connectivity/bind/bind_9.11.13.bb new file mode 100644 index 0000000000..338d6c717a --- /dev/null +++ b/meta/recipes-connectivity/bind/bind_9.11.13.bb @@ -0,0 +1,139 @@ +SUMMARY = "ISC Internet Domain Name Server" +HOMEPAGE = "http://www.isc.org/sw/bind/" +SECTION = "console/network" + +LICENSE = "ISC & BSD" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=8f17f64e47e83b60cd920a1e4b54419e" + +DEPENDS = "openssl libcap zlib" + +SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ + file://conf.patch \ + file://named.service \ + file://bind9 \ + file://generate-rndc-key.sh \ + file://make-etc-initd-bind-stop-work.patch \ + file://init.d-add-support-for-read-only-rootfs.patch \ + file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ + file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \ + file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ + file://0001-avoid-start-failure-with-bind-user.patch \ + " + +SRC_URI[md5sum] = "17de0d024ab1eac377f1c2854dc25057" +SRC_URI[sha256sum] = "fd3f3cc9fcfcdaa752db35eb24598afa1fdcc2509d3227fc90a8631b7b400f7d" + +UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" +# stay at 9.11 until 9.16, from 9.16 follow the ESV versions divisible by 4 +UPSTREAM_CHECK_REGEX = "(?P<pver>9.(11|16|20|24|28)(\.\d+)+(-P\d+)*)/" + +# BIND >= 9.11.2 need dhcpd >= 4.4.0, +# don't report it here since dhcpd is already recent enough. +CVE_CHECK_WHITELIST += "CVE-2019-6470" + +inherit autotools update-rc.d systemd useradd pkgconfig multilib_script + +MULTILIB_SCRIPTS = "${PN}:${bindir}/bind9-config ${PN}:${bindir}/isc-config.sh" + +# PACKAGECONFIGs readline and libedit should NOT be set at same time +PACKAGECONFIG ?= "readline" +PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" +PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline" +PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit" +PACKAGECONFIG[urandom] = "--with-randomdev=/dev/urandom,--with-randomdev=/dev/random,," +PACKAGECONFIG[python3] = "--with-python=yes --with-python-install-dir=${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native," + +ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}" +EXTRA_OECONF = " ${ENABLE_IPV6} --with-libtool --enable-threads \ + --disable-devpoll --enable-epoll --with-gost=no \ + --with-gssapi=no --with-ecdsa=yes --with-eddsa=no \ + --with-lmdb=no \ + --sysconfdir=${sysconfdir}/bind \ + --with-openssl=${STAGING_DIR_HOST}${prefix} \ + " + +inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native distutils3-base', '', d)} + +# dhcp needs .la so keep them +REMOVE_LIBTOOL_LA = "0" + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ + --user-group bind" + +INITSCRIPT_NAME = "bind" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_SERVICE_${PN} = "named.service" + +do_install_prepend() { + # clean host path in isc-config.sh before the hardlink created + # by "make install": + # bind9-config -> isc-config.sh + sed -i -e "s,${STAGING_LIBDIR},${libdir}," ${B}/isc-config.sh +} + +do_install_append() { + + rmdir "${D}${localstatedir}/run" + rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" + install -d -o bind "${D}${localstatedir}/cache/bind" + install -d "${D}${sysconfdir}/bind" + install -d "${D}${sysconfdir}/init.d" + install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" + install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" + if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then + sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \ + ${D}${sbindir}/dnssec-coverage \ + ${D}${sbindir}/dnssec-checkds \ + ${D}${sbindir}/dnssec-keymgr + fi + + # Install systemd related files + install -d ${D}${sbindir} + install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + ${D}${systemd_unitdir}/system/named.service + + install -d ${D}${sysconfdir}/default + install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf + fi +} + +CONFFILES_${PN} = " \ + ${sysconfdir}/bind/named.conf \ + ${sysconfdir}/bind/named.conf.local \ + ${sysconfdir}/bind/named.conf.options \ + ${sysconfdir}/bind/db.0 \ + ${sysconfdir}/bind/db.127 \ + ${sysconfdir}/bind/db.empty \ + ${sysconfdir}/bind/db.local \ + ${sysconfdir}/bind/db.root \ + " + +ALTERNATIVE_${PN}-utils = "nslookup" +ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" +ALTERNATIVE_PRIORITY = "100" + +PACKAGE_BEFORE_PN += "${PN}-utils" +FILES_${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" +FILES_${PN}-dev += "${bindir}/isc-config.h" +FILES_${PN} += "${sbindir}/generate-rndc-key.sh" + +PACKAGE_BEFORE_PN += "${PN}-libs" +FILES_${PN}-libs = "${libdir}/*.so*" +FILES_${PN}-staticdev += "${libdir}/*.la" + +PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}" +FILES_python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \ + ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}" + +RDEPENDS_${PN}-dev = "" +RDEPENDS_python3-bind = "python3-core python3-ply" diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc index ecefb7b593..150d909d73 100644 --- a/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/meta/recipes-connectivity/bluez5/bluez5.inc @@ -6,44 +6,75 @@ LICENSE = "GPLv2+ & LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ file://COPYING.LIB;md5=fb504b67c50331fc78734fed90fb0e09 \ file://src/main.c;beginline=1;endline=24;md5=9bc54b93cd7e17bf03f52513f39f926e" -DEPENDS = "udev libusb dbus-glib glib-2.0 libcheck readline" +DEPENDS = "dbus glib-2.0" PROVIDES += "bluez-hcidump" RPROVIDES_${PN} += "bluez-hcidump" RCONFLICTS_${PN} = "bluez4" -PACKAGECONFIG ??= "obex-profiles" -PACKAGECONFIG[obex-profiles] = "--enable-obex,--disable-obex,libical" -PACKAGECONFIG[experimental] = "--enable-experimental,--disable-experimental," - -SRC_URI = "\ - ${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ - file://out-of-tree.patch \ - file://init \ - file://run-ptest \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ - file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ +PACKAGECONFIG ??= "obex-profiles \ + readline \ + ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ + a2dp-profiles \ + avrcp-profiles \ + network-profiles \ + hid-profiles \ + hog-profiles \ + tools \ + deprecated \ + udev \ " +PACKAGECONFIG[obex-profiles] = "--enable-obex,--disable-obex,libical" +PACKAGECONFIG[readline] = "--enable-client,--disable-client,readline," +PACKAGECONFIG[testing] = "--enable-testing,--disable-testing" +PACKAGECONFIG[midi] = "--enable-midi,--disable-midi,alsa-lib" +PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd" +PACKAGECONFIG[cups] = "--enable-cups,--disable-cups,,cups" +PACKAGECONFIG[nfc] = "--enable-nfc,--disable-nfc" +PACKAGECONFIG[sap-profiles] = "--enable-sap,--disable-sap" +PACKAGECONFIG[a2dp-profiles] = "--enable-a2dp,--disable-a2dp" +PACKAGECONFIG[avrcp-profiles] = "--enable-avrcp,--disable-avrcp" +PACKAGECONFIG[network-profiles] = "--enable-network,--disable-network" +PACKAGECONFIG[hid-profiles] = "--enable-hid,--disable-hid" +PACKAGECONFIG[hog-profiles] = "--enable-hog,--disable-hog" +PACKAGECONFIG[health-profiles] = "--enable-health,--disable-health" +PACKAGECONFIG[sixaxis] = "--enable-sixaxis,--disable-sixaxis" +PACKAGECONFIG[tools] = "--enable-tools,--disable-tools" +PACKAGECONFIG[threads] = "--enable-threads,--disable-threads" +PACKAGECONFIG[deprecated] = "--enable-deprecated,--disable-deprecated" +PACKAGECONFIG[mesh] = "--enable-mesh,--disable-mesh, json-c ell" +PACKAGECONFIG[btpclient] = "--enable-btpclient,--disable-btpclient, ell" +PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,udev" + +SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ + file://init \ + file://run-ptest \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ + file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ + file://0001-test-gatt-Fix-hung-issue.patch \ + " S = "${WORKDIR}/bluez-${PV}" -inherit autotools pkgconfig systemd update-rc.d distro_features_check ptest +CVE_PRODUCT = "bluez" + +inherit autotools pkgconfig systemd update-rc.d features_check ptest gobject-introspection-data EXTRA_OECONF = "\ - --enable-tools \ - --disable-cups \ --enable-test \ --enable-datafiles \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--enable-systemd', '--disable-systemd', d)} \ --enable-library \ + --without-zsh-completion-dir \ " # bluez5 builds a large number of useful utilities but does not # install them. Specify which ones we want put into ${PN}-noinst-tools. NOINST_TOOLS_READLINE ??= "" -NOINST_TOOLS_EXPERIMENTAL ??= "" +NOINST_TOOLS_TESTING ??= "" +NOINST_TOOLS_BT ??= "" NOINST_TOOLS = " \ - ${NOINST_TOOLS_READLINE} \ - ${@bb.utils.contains('PACKAGECONFIG', 'experimental', '${NOINST_TOOLS_EXPERIMENTAL}', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'readline', '${NOINST_TOOLS_READLINE}', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'testing', '${NOINST_TOOLS_TESTING}', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'tools', '${NOINST_TOOLS_BT}', '', d)} \ " do_install_append() { @@ -51,43 +82,44 @@ do_install_append() { install -m 0755 ${WORKDIR}/init ${D}${INIT_D_DIR}/bluetooth install -d ${D}${sysconfdir}/bluetooth/ - if [ -f ${S}/profiles/audio/audio.conf ]; then - install -m 0644 ${S}/profiles/audio/audio.conf ${D}/${sysconfdir}/bluetooth/ - fi if [ -f ${S}/profiles/network/network.conf ]; then - install -m 0644 ${S}/profiles/network/network.conf ${D}/${sysconfdir}/bluetooth/ + install -m 0644 ${S}/profiles/network/network.conf ${D}/${sysconfdir}/bluetooth/ fi if [ -f ${S}/profiles/input/input.conf ]; then - install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/ + install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/ fi - if [ -f ${D}/${sysconfdir}/init.d/bluetooth ]; then - sed -i -e 's#@LIBEXECDIR@#${libexecdir}#g' ${D}/${sysconfdir}/init.d/bluetooth - fi + if [ -f ${D}/${sysconfdir}/init.d/bluetooth ]; then + sed -i -e 's#@LIBEXECDIR@#${libexecdir}#g' ${D}/${sysconfdir}/init.d/bluetooth + fi # Install desired tools that upstream leaves in build area - for f in ${NOINST_TOOLS} ; do - install -m 755 ${B}/$f ${D}/${bindir} + for f in ${NOINST_TOOLS} ; do + install -m 755 ${B}/$f ${D}/${bindir} done - # Patch python tools to use Python 3; they should be source compatible, but - # still refer to Python 2 in the shebang - sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${libdir}/bluez/test/* + # Patch python tools to use Python 3; they should be source compatible, but + # still refer to Python 2 in the shebang + sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${libdir}/bluez/test/* } -ALLOW_EMPTY_libasound-module-bluez = "1" -PACKAGES =+ "libasound-module-bluez ${PN}-testtools ${PN}-obex ${PN}-noinst-tools" +PACKAGES =+ "${PN}-testtools ${PN}-obex ${PN}-noinst-tools" -FILES_libasound-module-bluez = "${libdir}/alsa-lib/lib*.so ${datadir}/alsa" -FILES_${PN} += "${libdir}/bluetooth/plugins/*.so ${systemd_unitdir}/ ${datadir}/dbus-1" -FILES_${PN}-dev += "\ - ${libdir}/bluetooth/plugins/*.la \ - ${libdir}/alsa-lib/*.la \ +FILES_${PN} += " \ + ${libdir}/bluetooth/plugins/*.so \ + ${systemd_unitdir}/ ${datadir}/dbus-1 \ + ${libdir}/cups \ +" +FILES_${PN}-dev += " \ + ${libdir}/bluetooth/plugins/*.la \ " FILES_${PN}-obex = "${libexecdir}/bluetooth/obexd \ ${exec_prefix}/lib/systemd/user/obex.service \ + ${systemd_system_unitdir}/obex.service \ + ${sysconfdir}/systemd/system/multi-user.target.wants/obex.service \ ${datadir}/dbus-1/services/org.bluez.obex.service \ + ${sysconfdir}/dbus-1/system.d/obexd.conf \ " SYSTEMD_SERVICE_${PN}-obex = "obex.service" @@ -95,27 +127,28 @@ FILES_${PN}-testtools = "${libdir}/bluez/test/*" def get_noinst_tools_paths (d, bb, tools): s = list() - bindir = d.getVar("bindir", True) + bindir = d.getVar("bindir") for bdp in tools.split(): f = os.path.basename(bdp) s.append("%s/%s" % (bindir, f)) return "\n".join(s) -FILES_${PN}-noinst-tools = "${@get_noinst_tools_paths(d, bb, d.getVar('NOINST_TOOLS', True))}" +FILES_${PN}-noinst-tools = "${@get_noinst_tools_paths(d, bb, d.getVar('NOINST_TOOLS'))}" -RDEPENDS_${PN}-testtools += "python3 python3-dbus python3-pygobject" +RDEPENDS_${PN}-testtools += "python3-core python3-dbus" +RDEPENDS_${PN}-testtools += "${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'python3-pygobject', '', d)}" -SYSTEMD_SERVICE_${PN} = "bluetooth.service" +SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'bluetooth.service', '', d)}" INITSCRIPT_PACKAGES = "${PN}" INITSCRIPT_NAME_${PN} = "bluetooth" -EXCLUDE_FROM_WORLD = "1" - do_compile_ptest() { - oe_runmake buildtests + oe_runmake buildtests } do_install_ptest() { - cp -r ${B}/unit/ ${D}${PTEST_PATH} - rm -f ${D}${PTEST_PATH}/unit/*.o + cp -r ${B}/unit/ ${D}${PTEST_PATH} + rm -f ${D}${PTEST_PATH}/unit/*.o } + +RDEPENDS_${PN}-ptest_append_libc-glibc = " glibc-gconv-utf-16" diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch index 2fde7bc069..618ed734a9 100644 --- a/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch +++ b/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch @@ -1,3 +1,4 @@ +From f74eb97c9fb3c0ee2895742e773ac6a3c41c999c Mon Sep 17 00:00:00 2001 From: Giovanni Campagna <gcampagna-cNUdlRotFMnNLxjTenLetw@public.gmane.org> Date: Sat, 12 Oct 2013 17:45:25 +0200 Subject: [PATCH] Allow using obexd without systemd in the user session @@ -14,50 +15,42 @@ configuration. See thread: http://thread.gmane.org/gmane.linux.bluez.kernel/38725/focus=38843 Signed-off-by: Javier Viguera <javier.viguera@digi.com> + --- - Makefile.obexd | 4 ++-- - obexd/src/org.bluez.obex.service | 4 ---- - obexd/src/org.bluez.obex.service.in | 4 ++++ - 3 files changed, 6 insertions(+), 6 deletions(-) - delete mode 100644 obexd/src/org.bluez.obex.service - create mode 100644 obexd/src/org.bluez.obex.service.in + Makefile.obexd | 4 ++-- + .../src/{org.bluez.obex.service => org.bluez.obex.service.in} | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + rename obexd/src/{org.bluez.obex.service => org.bluez.obex.service.in} (76%) diff --git a/Makefile.obexd b/Makefile.obexd -index 2e33cbc72f2b..d5d858c857b4 100644 +index de59d29..73004a3 100644 --- a/Makefile.obexd +++ b/Makefile.obexd -@@ -2,12 +2,12 @@ +@@ -1,12 +1,12 @@ if SYSTEMD - systemduserunitdir = @SYSTEMD_USERUNITDIR@ + systemduserunitdir = $(SYSTEMD_USERUNITDIR) systemduserunit_DATA = obexd/src/obex.service +endif - dbussessionbusdir = @DBUS_SESSIONBUSDIR@ + dbussessionbusdir = $(DBUS_SESSIONBUSDIR) dbussessionbus_DATA = obexd/src/org.bluez.obex.service -endif -EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service +EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service.in - obex_plugindir = $(libdir)/obex/plugins + if OBEX -diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service -deleted file mode 100644 -index a53808884554..000000000000 +diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service.in +similarity index 76% +rename from obexd/src/org.bluez.obex.service +rename to obexd/src/org.bluez.obex.service.in +index a538088..9c815f2 100644 --- a/obexd/src/org.bluez.obex.service -+++ /dev/null -@@ -1,4 +0,0 @@ --[D-BUS Service] --Name=org.bluez.obex --Exec=/bin/false --SystemdService=dbus-org.bluez.obex.service -diff --git a/obexd/src/org.bluez.obex.service.in b/obexd/src/org.bluez.obex.service.in -new file mode 100644 -index 000000000000..9c815f246b77 ---- /dev/null +++ b/obexd/src/org.bluez.obex.service.in -@@ -0,0 +1,4 @@ -+[D-BUS Service] -+Name=org.bluez.obex +@@ -1,4 +1,4 @@ + [D-BUS Service] + Name=org.bluez.obex +-Exec=/bin/false +Exec=@libexecdir@/obexd -+SystemdService=dbus-org.bluez.obex.service + SystemdService=dbus-org.bluez.obex.service diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch new file mode 100644 index 0000000000..e90b6a546f --- /dev/null +++ b/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch @@ -0,0 +1,43 @@ +From 61e741654cc2eb167bca212a3bb2ba8f3ba280c1 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <Mingli.Yu@windriver.com> +Date: Fri, 24 Aug 2018 12:04:03 +0800 +Subject: [PATCH] test-gatt: Fix hung issue + +The below test hangs infinitely +$ unit/test-gatt -p /robustness/unkown-request -d +/robustness/unkown-request - init +/robustness/unkown-request - setup +/robustness/unkown-request - setup complete +/robustness/unkown-request - run + GATT: < 02 17 00 ... + bt_gatt_server:MTU exchange complete, with MTU: 23 + GATT: > 03 00 02 ... + PDU: = 03 00 02 ... + GATT: < bf 00 + +Actually, the /robustness/unkown-request test does +no action. + +Upstream-Status: Submitted [https://marc.info/?l=linux-bluetooth&m=153508881804635&w=2] + +Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> +--- + unit/test-gatt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/unit/test-gatt.c b/unit/test-gatt.c +index c7e28f8..b57373b 100644 +--- a/unit/test-gatt.c ++++ b/unit/test-gatt.c +@@ -4463,7 +4463,7 @@ int main(int argc, char *argv[]) + test_server, service_db_1, NULL, + raw_pdu(0x03, 0x00, 0x02), + raw_pdu(0xbf, 0x00), +- raw_pdu(0x01, 0xbf, 0x00, 0x00, 0x06)); ++ raw_pdu()); + + define_test_server("/robustness/unkown-command", + test_server, service_db_1, NULL, +-- +2.7.4 + diff --git a/meta/recipes-connectivity/bluez5/bluez5/init b/meta/recipes-connectivity/bluez5/bluez5/init index 489e9b9eba..ca9fa18549 100644 --- a/meta/recipes-connectivity/bluez5/bluez5/init +++ b/meta/recipes-connectivity/bluez5/bluez5/init @@ -1,5 +1,8 @@ #!/bin/sh +# Source function library +. /etc/init.d/functions + PATH=/sbin:/bin:/usr/sbin:/usr/bin DESC=bluetooth @@ -21,25 +24,22 @@ set -e case $1 in start) - echo "Starting $DESC" - + echo -n "Starting $DESC: " if test "$BLUETOOTH_ENABLED" = 0; then - echo "disabled. see /etc/default/bluetooth" + echo "disabled (see /etc/default/bluetooth)." exit 0 fi - start-stop-daemon --start --background $SSD_OPTIONS - echo "${DAEMON##*/}" - + echo "${DAEMON##*/}." ;; stop) - echo "Stopping $DESC" + echo -n "Stopping $DESC: " if test "$BLUETOOTH_ENABLED" = 0; then - echo "disabled." + echo "disabled (see /etc/default/bluetooth)." exit 0 fi start-stop-daemon --stop $SSD_OPTIONS - echo "${DAEMON}" + echo "${DAEMON##*/}." ;; restart|force-reload) $0 stop @@ -47,14 +47,7 @@ case $1 in $0 start ;; status) - pidof ${DAEMON} >/dev/null - status=$? - if [ $status -eq 0 ]; then - echo "bluetooth is running." - else - echo "bluetooth is not running" - fi - exit $status + status ${DAEMON} || exit $? ;; *) N=/etc/init.d/bluetooth diff --git a/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch b/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch deleted file mode 100644 index 3ee79d7047..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch +++ /dev/null @@ -1,26 +0,0 @@ -From ed55b49a226ca3909f52416be2ae5ce1c5ca2cb2 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@intel.com> -Date: Fri, 22 Apr 2016 15:40:37 +0100 -Subject: [PATCH] Makefile.obexd: add missing mkdir in builtin.h generation - -In parallel out-of-tree builds it's possible that obexd/src/builtin.h is -generated before the target directory has been implicitly created. Solve this by -creating the directory before writing into it. - -Upstream-Status: Submitted -Signed-off-by: Ross Burton <ross.burton@intel.com> ---- - Makefile.obexd | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/Makefile.obexd b/Makefile.obexd -index 2e33cbc..c8286f0 100644 ---- a/Makefile.obexd -+++ b/Makefile.obexd -@@ -105,2 +105,3 @@ obexd/src/plugin.$(OBJEXT): obexd/src/builtin.h - obexd/src/builtin.h: obexd/src/genbuiltin $(obexd_builtin_sources) -+ $(AM_V_at)$(MKDIR_P) $(dir $@) - $(AM_V_GEN)$(srcdir)/obexd/src/genbuiltin $(obexd_builtin_modules) > $@ --- -2.8.0.rc3 - diff --git a/meta/recipes-connectivity/bluez5/bluez5/run-ptest b/meta/recipes-connectivity/bluez5/bluez5/run-ptest index 21df00c327..0335e68e48 100644 --- a/meta/recipes-connectivity/bluez5/bluez5/run-ptest +++ b/meta/recipes-connectivity/bluez5/bluez5/run-ptest @@ -6,7 +6,7 @@ failed=0 all=0 for f in test-*; do - "./$f" + "./$f" -q case "$?" in 0) echo "PASS: $f" diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.41.bb b/meta/recipes-connectivity/bluez5/bluez5_5.52.bb index 522aab7d57..b86103014b 100644 --- a/meta/recipes-connectivity/bluez5/bluez5_5.41.bb +++ b/meta/recipes-connectivity/bluez5/bluez5_5.52.bb @@ -1,14 +1,12 @@ require bluez5.inc -REQUIRED_DISTRO_FEATURES = "bluez5" - -SRC_URI[md5sum] = "318341b2188698130adb73236ee69244" -SRC_URI[sha256sum] = "df7dc4462494dad4e60a2943240d584f6e760235dca64f5f10eba46dbab7f5f0" +SRC_URI[md5sum] = "a33eb9aadf1dd4153420958709d3ce60" +SRC_URI[sha256sum] = "f7144ce2039202cfac18ccb52426efea11c98e4f6e1bb8041bcb994b8378560a" # noinst programs in Makefile.tools that are conditional on READLINE # support NOINST_TOOLS_READLINE ?= " \ - attrib/gatttool \ + ${@bb.utils.contains('PACKAGECONFIG', 'deprecated', 'attrib/gatttool', '', d)} \ tools/obex-client-tool \ tools/obex-server-tool \ tools/bluetooth-player \ @@ -16,12 +14,13 @@ NOINST_TOOLS_READLINE ?= " \ tools/btmgmt \ " -# noinst programs in Makefile.tools that are conditional on EXPERIMENTAL +# noinst programs in Makefile.tools that are conditional on TESTING # support -NOINST_TOOLS_EXPERIMENTAL ?= " \ +NOINST_TOOLS_TESTING ?= " \ emulator/btvirt \ emulator/b1ee \ emulator/hfp \ + peripheral/btsensor \ tools/3dsp \ tools/mgmt-tester \ tools/gap-tester \ @@ -30,6 +29,13 @@ NOINST_TOOLS_EXPERIMENTAL ?= " \ tools/smp-tester \ tools/hci-tester \ tools/rfcomm-tester \ + tools/bnep-tester \ + tools/userchan-tester \ +" + +# noinst programs in Makefile.tools that are conditional on TOOLS +# support +NOINST_TOOLS_BT ?= " \ tools/bdaddr \ tools/avinfo \ tools/avtest \ @@ -39,17 +45,24 @@ NOINST_TOOLS_EXPERIMENTAL ?= " \ tools/hcieventmask \ tools/hcisecfilter \ tools/btinfo \ - tools/btattach \ tools/btsnoop \ tools/btproxy \ tools/btiotest \ + tools/bneptest \ tools/mcaptest \ tools/cltest \ tools/oobtest \ + tools/advtest \ tools/seq2bseq \ + tools/nokfw \ + tools/create-image \ + tools/eddystone \ tools/ibeacon \ tools/btgatt-client \ tools/btgatt-server \ + tools/test-runner \ + tools/check-selftest \ tools/gatt-service \ profiles/iap/iapd \ + ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient', '', d)} \ " diff --git a/meta/recipes-connectivity/connman/connman-gnome/0001-Port-to-Gtk3.patch b/meta/recipes-connectivity/connman/connman-gnome/0001-Port-to-Gtk3.patch index 279ca05d6f..c93e9b4654 100644 --- a/meta/recipes-connectivity/connman/connman-gnome/0001-Port-to-Gtk3.patch +++ b/meta/recipes-connectivity/connman/connman-gnome/0001-Port-to-Gtk3.patch @@ -1,11 +1,10 @@ -From 092fe0793b39c6feb6464bfbd568b050960d62c0 Mon Sep 17 00:00:00 2001 +From a59b0fac02e74a971ac3f08bf28c17ce361a9526 Mon Sep 17 00:00:00 2001 From: Jussi Kukkonen <jussi.kukkonen@intel.com> Date: Wed, 2 Mar 2016 15:47:49 +0200 Subject: [PATCH] Port to Gtk3 Some unused (or not useful) code was removed, functionality should stay -the same, although applet now loads icons based on actual size available -to it. +the same. Code still contains quite a few uses of deprecated API. @@ -13,13 +12,13 @@ Upstream-Status: Submitted Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> --- applet/agent.c | 3 +-- - applet/main.c | 43 ------------------------------ - applet/status.c | 74 +++++++++++++++++++++++++++++++++------------------ + applet/main.c | 43 ------------------------------------------- + applet/status.c | 8 -------- configure.ac | 3 +-- - properties/ethernet.c | 14 +++++----- + properties/ethernet.c | 14 +++++++------- properties/main.c | 2 +- - properties/wifi.c | 12 ++++----- - 7 files changed, 64 insertions(+), 87 deletions(-) + properties/wifi.c | 12 ++++++------ + 7 files changed, 16 insertions(+), 69 deletions(-) diff --git a/applet/agent.c b/applet/agent.c index 65bed08..04fe86a 100644 @@ -43,7 +42,7 @@ index 65bed08..04fe86a 100644 label = gtk_label_new(_("Please provide some network information:")); gtk_misc_set_alignment(GTK_MISC(label), 0.0, 0.0); diff --git a/applet/main.c b/applet/main.c -index c7b3c7f..f2ce46b 100644 +index f12d371..cd16285 100644 --- a/applet/main.c +++ b/applet/main.c @@ -157,46 +157,6 @@ static void name_owner_changed(DBusGProxy *proxy, const char *name, @@ -104,26 +103,10 @@ index c7b3c7f..f2ce46b 100644 "copyright", "Copyright \xc2\xa9 2008 Intel Corporation", "comments", _("A connection manager for the GNOME desktop"), diff --git a/applet/status.c b/applet/status.c -index aed6f1e..6ecbf3a 100644 +index aed6f1e..015ff29 100644 --- a/applet/status.c +++ b/applet/status.c -@@ -30,13 +30,14 @@ - static gboolean available = FALSE; - - static GtkStatusIcon *statusicon = NULL; -+static gint icon_size = 0; - - static GdkPixbuf *pixbuf_load(GtkIconTheme *icontheme, const gchar *name) - { - GdkPixbuf *pixbuf; - GError *error = NULL; - -- pixbuf = gtk_icon_theme_load_icon(icontheme, name, 22, 0, &error); -+ pixbuf = gtk_icon_theme_load_icon(icontheme, name, icon_size, 0, &error); - - if (pixbuf == NULL) { - g_warning("Missing icon %s: %s", name, error->message); -@@ -102,8 +103,6 @@ static void icon_animation_start(IconAnimation *animation, +@@ -102,8 +102,6 @@ static void icon_animation_start(IconAnimation *animation, { available = TRUE; @@ -132,7 +115,7 @@ index aed6f1e..6ecbf3a 100644 animation->start = start; animation->end = (end == 0) ? animation->count - 1 : end; -@@ -120,8 +119,6 @@ static void icon_animation_stop(IconAnimation *animation) +@@ -120,8 +118,6 @@ static void icon_animation_stop(IconAnimation *animation) { available = TRUE; @@ -141,96 +124,7 @@ index aed6f1e..6ecbf3a 100644 if (animation->id > 0) g_source_remove(animation->id); -@@ -190,6 +187,42 @@ static GdkPixbuf *pixbuf_none; - static GdkPixbuf *pixbuf_wired; - static GdkPixbuf *pixbuf_signal[5]; - -+static void -+load_icons (gint size) -+{ -+ // educated guess to preload correct size -+ if (size == 0) -+ size = 34; -+ -+ if (icon_size == size) -+ return; -+ -+ icon_size = size; -+ -+ if(pixbuf_none) -+ status_cleanup(); -+ -+ g_debug ("Loading icons at size %d", icon_size); -+ animation = icon_animation_load(icontheme, "connman-connecting", 33); -+ pixbuf_signal[0] = pixbuf_load(icontheme, "connman-signal-01"); -+ pixbuf_signal[1] = pixbuf_load(icontheme, "connman-signal-02"); -+ pixbuf_signal[2] = pixbuf_load(icontheme, "connman-signal-03"); -+ pixbuf_signal[3] = pixbuf_load(icontheme, "connman-signal-04"); -+ pixbuf_signal[4] = pixbuf_load(icontheme, "connman-signal-05"); -+ -+ pixbuf_none = pixbuf_load(icontheme, "connman-type-none"); -+ pixbuf_wired = pixbuf_load(icontheme, "connman-type-wired"); -+ pixbuf_notifier = pixbuf_load(icontheme, "connman-notifier-unavailable"); -+} -+ -+static gboolean -+size_changed_cb (GtkStatusIcon *statusicon, -+ gint size, -+ gpointer user_data) -+{ -+ load_icons (size); -+} -+ - int status_init(StatusCallback activate, GtkWidget *popup) - { - GdkScreen *screen; -@@ -204,17 +237,9 @@ int status_init(StatusCallback activate, GtkWidget *popup) - - gtk_icon_theme_append_search_path(icontheme, ICONDIR); - -- animation = icon_animation_load(icontheme, "connman-connecting", 33); -- -- pixbuf_signal[0] = pixbuf_load(icontheme, "connman-signal-01"); -- pixbuf_signal[1] = pixbuf_load(icontheme, "connman-signal-02"); -- pixbuf_signal[2] = pixbuf_load(icontheme, "connman-signal-03"); -- pixbuf_signal[3] = pixbuf_load(icontheme, "connman-signal-04"); -- pixbuf_signal[4] = pixbuf_load(icontheme, "connman-signal-05"); -- -- pixbuf_none = pixbuf_load(icontheme, "connman-type-none"); -- pixbuf_wired = pixbuf_load(icontheme, "connman-type-wired"); -- pixbuf_notifier = pixbuf_load(icontheme, "connman-notifier-unavailable"); -+ g_signal_connect (statusicon, "size-changed", -+ G_CALLBACK(size_changed_cb), NULL); -+ load_icons (gtk_status_icon_get_size (statusicon)); - - if (activate != NULL) - g_signal_connect(statusicon, "activate", -@@ -231,17 +256,18 @@ void status_cleanup(void) - int i; - - icon_animation_free(animation); -+ animation = NULL; - - for (i = 0; i < 5; i++) -- g_object_unref(pixbuf_signal[i]); -+ g_clear_object(&pixbuf_signal[i]); - -- g_object_unref(pixbuf_none); -- g_object_unref(pixbuf_wired); -- g_object_unref(pixbuf_notifier); -+ g_clear_object(&pixbuf_none); -+ g_clear_object(&pixbuf_wired); -+ g_clear_object(&pixbuf_notifier); - -- g_object_unref(icontheme); -+ g_clear_object(&icontheme); - -- g_object_unref(statusicon); -+ g_clear_object(&statusicon); - } - - void status_unavailable(void) -@@ -251,8 +277,6 @@ void status_unavailable(void) +@@ -251,8 +247,6 @@ void status_unavailable(void) available = FALSE; gtk_status_icon_set_from_pixbuf(statusicon, pixbuf_notifier); @@ -239,7 +133,7 @@ index aed6f1e..6ecbf3a 100644 gtk_status_icon_set_visible(statusicon, TRUE); } -@@ -299,7 +323,6 @@ static void set_ready(gint signal) +@@ -299,7 +293,6 @@ static void set_ready(gint signal) if (signal < 0) { gtk_status_icon_set_from_pixbuf(statusicon, pixbuf_wired); @@ -247,7 +141,7 @@ index aed6f1e..6ecbf3a 100644 return; } -@@ -311,7 +334,6 @@ static void set_ready(gint signal) +@@ -311,7 +304,6 @@ static void set_ready(gint signal) index = 4; gtk_status_icon_set_from_pixbuf(statusicon, pixbuf_signal[index]); @@ -379,5 +273,5 @@ index bd325ef..a5827e0 100644 } break; -- -2.1.4 +2.8.1 diff --git a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb index a56bd3751f..778bf50191 100644 --- a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb +++ b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb @@ -20,7 +20,7 @@ SRC_URI = "git://github.com/connectivity/connman-gnome.git \ S = "${WORKDIR}/git" -inherit autotools-brokensep gtk-icon-cache pkgconfig distro_features_check +inherit autotools-brokensep gtk-icon-cache pkgconfig features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" RDEPENDS_${PN} = "connman" diff --git a/meta/recipes-connectivity/connman/connman.inc b/meta/recipes-connectivity/connman/connman.inc index 35a7eed0a9..ff3aff5f1f 100644 --- a/meta/recipes-connectivity/connman/connman.inc +++ b/meta/recipes-connectivity/connman/connman.inc @@ -13,9 +13,9 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ file://src/main.c;beginline=1;endline=20;md5=486a279a6ab0c8d152bcda3a5b5edc36" -inherit autotools pkgconfig systemd update-rc.d bluetooth +inherit autotools pkgconfig systemd update-rc.d update-alternatives -DEPENDS = "dbus glib-2.0 ppp iptables readline" +DEPENDS = "dbus glib-2.0 ppp readline" INC_PR = "r20" @@ -31,10 +31,9 @@ EXTRA_OECONF += "\ " PACKAGECONFIG ??= "wispr \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd','systemd', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'wifi','wifi', '', d)} \ + ${@bb.utils.filter('DISTRO_FEATURES', '3g systemd wifi', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', '3g','3g', '', d)} \ + iptables \ " # If you want ConnMan to support VPN, add following statement into @@ -43,7 +42,7 @@ PACKAGECONFIG ??= "wispr \ PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''" PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi, wpa-supplicant, wpa-supplicant" -PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, ${BLUEZ}, ${BLUEZ}" +PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5, bluez5" PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono, ofono" PACKAGECONFIG[tist] = "--enable-tist,--disable-tist," PACKAGECONFIG[openvpn] = "--enable-openvpn --with-openvpn=${sbindir}/openvpn,--disable-openvpn,,openvpn" @@ -52,13 +51,16 @@ PACKAGECONFIG[l2tp] = "--enable-l2tp --with-l2tp=${sbindir}/xl2tpd,--disable-l2t PACKAGECONFIG[pptp] = "--enable-pptp --with-pptp=${sbindir}/pptp,--disable-pptp,,pptp-linux" # WISPr support for logging into hotspots, requires TLS PACKAGECONFIG[wispr] = "--enable-wispr,--disable-wispr,gnutls," +PACKAGECONFIG[nftables] = "--with-firewall=nftables ,,libmnl libnftnl,,kernel-module-nf-tables kernel-module-nft-chain-nat-ipv4 kernel-module-nft-chain-route-ipv4 kernel-module-nft-masq-ipv4 kernel-module-nft-nat" +PACKAGECONFIG[iptables] = "--with-firewall=iptables ,,iptables,iptables" +PACKAGECONFIG[nfc] = "--enable-neard, --disable-neard, neard, neard" INITSCRIPT_NAME = "connman" INITSCRIPT_PARAMS = "start 05 5 2 3 . stop 22 0 1 6 ." python __anonymous () { - systemd_packages = "${PN}" - pkgconfig = d.getVar('PACKAGECONFIG', True) + systemd_packages = "${PN} ${PN}-wait-online" + pkgconfig = d.getVar('PACKAGECONFIG') if ('openvpn' or 'vpnc' or 'l2tp' or 'pptp') in pkgconfig.split(): systemd_packages += " ${PN}-vpn" d.setVar('SYSTEMD_PACKAGES', systemd_packages) @@ -68,6 +70,11 @@ SYSTEMD_SERVICE_${PN} = "connman.service" SYSTEMD_SERVICE_${PN}-vpn = "connman-vpn.service" SYSTEMD_SERVICE_${PN}-wait-online = "connman-wait-online.service" +ALTERNATIVE_PRIORITY = "100" +ALTERNATIVE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','resolv-conf','',d)}" +ALTERNATIVE_TARGET[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv-conf.connman','',d)}" +ALTERNATIVE_LINK_NAME[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv.conf','',d)}" + do_install_append() { if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then install -d ${D}${sysconfdir}/init.d @@ -88,6 +95,11 @@ do_install_append() { # Automake 1.12 won't install empty directories, but we need the # plugins directory to be present for ownership mkdir -p ${D}${libdir}/connman/plugins + + # For read-only filesystem, do not create links during bootup + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + ln -sf ../run/connman/resolv.conf ${D}${sysconfdir}/resolv-conf.connman + fi } # These used to be plugins, but now they are core @@ -116,20 +128,20 @@ def add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, add_insane_skip): python populate_packages_prepend() { depmap = dict(pppd="ppp") - multilib_prefix = (d.getVar("MLPREFIX", True) or "") + multilib_prefix = (d.getVar("MLPREFIX") or "") hook = lambda file,pkg,x,y,z: \ add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, False) plugin_dir = d.expand('${libdir}/connman/plugins/') plugin_name = d.expand('${PN}-plugin-%s') - do_split_packages(d, plugin_dir, '^(.*).so$', plugin_name, \ + do_split_packages(d, plugin_dir, r'^(.*).so$', plugin_name, \ '${PN} plugin for %s', extra_depends='', hook=hook, prepend=True ) hook = lambda file,pkg,x,y,z: \ add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, True) plugin_dir = d.expand('${libdir}/connman/plugins-vpn/') plugin_name = d.expand('${PN}-plugin-vpn-%s') - do_split_packages(d, plugin_dir, '^(.*).so$', plugin_name, \ + do_split_packages(d, plugin_dir, r'^(.*).so$', plugin_name, \ '${PN} VPN plugin for %s', extra_depends='', hook=hook, prepend=True ) } @@ -145,7 +157,7 @@ RDEPENDS_${PN}-client ="${PN}" FILES_${PN} = "${bindir}/* ${sbindir}/* ${libexecdir}/* ${libdir}/lib*.so.* \ ${libdir}/connman/plugins \ - ${sysconfdir} ${sharedstatedir} ${localstatedir} \ + ${sysconfdir} ${sharedstatedir} ${localstatedir} ${datadir} \ ${base_bindir}/* ${base_sbindir}/* ${base_libdir}/*.so* ${datadir}/${PN} \ ${datadir}/dbus-1/system-services/* \ ${sysconfdir}/tmpfiles.d/connman_resolvconf.conf" diff --git a/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch b/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch new file mode 100644 index 0000000000..8e2e0bd02d --- /dev/null +++ b/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch @@ -0,0 +1,29 @@ +From 9f70b94ebf18f52c115634642652830fa77f27a1 Mon Sep 17 00:00:00 2001 +From: "Maxin B. John" <maxin.john@intel.com> +Date: Mon, 12 Jun 2017 16:52:39 +0300 +Subject: [PATCH] connman.service: stop systemd-resolved when we use connman + +Stop systemd-resolved service when we use connman as network manager. + +Upstream-Status: Inappropriate [configuration] + +Signed-off-by: Maxin B. John <maxin.john@intel.com> +--- + src/connman.service.in | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/connman.service.in b/src/connman.service.in +index 9f5c10f..dab48bc 100644 +--- a/src/connman.service.in ++++ b/src/connman.service.in +@@ -6,6 +6,7 @@ RequiresMountsFor=@localstatedir@/lib/connman + After=dbus.service network-pre.target systemd-sysusers.service + Before=network.target multi-user.target shutdown.target + Wants=network.target ++Conflicts=systemd-resolved.service + + [Service] + Type=dbus +-- +2.4.0 + diff --git a/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch b/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch new file mode 100644 index 0000000000..30f1432cd3 --- /dev/null +++ b/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch @@ -0,0 +1,34 @@ +From f0a8c69971b30ea7ca255bb885fdd1179fa5d298 Mon Sep 17 00:00:00 2001 +From: Nicola Lunghi <nick83ola@gmail.com> +Date: Thu, 23 May 2019 07:55:25 +0100 +Subject: [PATCH] gweb: fix segfault with musl v1.1.21 + +In musl > v1.1.21 freeaddrinfo() implementation changed and +was causing a segmentation fault on recent Yocto using musl. + +See this commit: + + https://git.musl-libc.org/cgit/musl/commit/src/network/freeaddrinfo.c?id=d1395c43c019aec6b855cf3c656bf47c8a719e7f + +Upstream-Status: Submitted +--- + gweb/gweb.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/gweb/gweb.c b/gweb/gweb.c +index 393afe0a..12fcb1d8 100644 +--- a/gweb/gweb.c ++++ b/gweb/gweb.c +@@ -1274,7 +1274,8 @@ static bool is_ip_address(const char *host) + addr = NULL; + + result = getaddrinfo(host, NULL, &hints, &addr); +- freeaddrinfo(addr); ++ if(!result) ++ freeaddrinfo(addr); + + return result == 0; + } +-- +2.19.1 + diff --git a/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch b/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch index 0593427710..639ccfa2a2 100644 --- a/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch +++ b/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch @@ -17,6 +17,14 @@ diff --git a/gweb/gresolv.c b/gweb/gresolv.c index 5cf7a9a..3ad8e70 100644 --- a/gweb/gresolv.c +++ b/gweb/gresolv.c +@@ -36,6 +36,7 @@ + #include <arpa/inet.h> + #include <arpa/nameser.h> + #include <net/if.h> ++#include <ctype.h> + + #include "gresolv.h" + @@ -875,8 +875,6 @@ GResolv *g_resolv_new(int index) resolv->index = index; resolv->nameserver_list = NULL; diff --git a/meta/recipes-connectivity/connman/connman/includes.patch b/meta/recipes-connectivity/connman/connman/includes.patch deleted file mode 100644 index 55cb187931..0000000000 --- a/meta/recipes-connectivity/connman/connman/includes.patch +++ /dev/null @@ -1,423 +0,0 @@ -Fix various issues which cause problems under musl. - -Upstream-Status: Submitted -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From 630516bcc0233b047f65665c003201ba6e77453d Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@intel.com> -Date: Tue, 9 Aug 2016 16:22:36 +0100 -Subject: [PATCH 1/3] Use AC_USE_SYSTEM_EXTENSIONS - -Instead of using #define _GNU_SOURCE in some source files which causes problems -when building with musl as more files need the define, simply use -AC_USE_SYSTEM_EXTENSIONS in configure.ac to get it defined globally. ---- - configure.ac | 1 + - gdhcp/client.c | 1 - - plugins/tist.c | 1 - - src/backtrace.c | 1 - - src/inet.c | 1 - - src/log.c | 1 - - src/ntp.c | 1 - - src/resolver.c | 1 - - src/rfkill.c | 1 - - src/stats.c | 1 - - src/timezone.c | 1 - - tools/stats-tool.c | 1 - - tools/tap-test.c | 1 - - tools/wispr.c | 1 - - vpn/plugins/vpn.c | 1 - - 15 files changed, 1 insertion(+), 14 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 6e66ab3..bacf5ec 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -20,6 +20,7 @@ AC_SUBST(abs_top_srcdir) - AC_SUBST(abs_top_builddir) - - AC_LANG_C -+AC_USE_SYSTEM_EXTENSIONS - - AC_PROG_CC - AM_PROG_CC_C_O -diff --git a/gdhcp/client.c b/gdhcp/client.c -index fbb40ab..3aeb089 100644 ---- a/gdhcp/client.c -+++ b/gdhcp/client.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <errno.h> - #include <unistd.h> -diff --git a/plugins/tist.c b/plugins/tist.c -index ad5ef79..cc2800a 100644 ---- a/plugins/tist.c -+++ b/plugins/tist.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <stdbool.h> - #include <stdlib.h> -diff --git a/src/backtrace.c b/src/backtrace.c -index 6a66c0a..4dbdda8 100644 ---- a/src/backtrace.c -+++ b/src/backtrace.c -@@ -24,7 +24,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <unistd.h> - #include <stdlib.h> -diff --git a/src/inet.c b/src/inet.c -index 69ded19..81d92c2 100644 ---- a/src/inet.c -+++ b/src/inet.c -@@ -25,7 +25,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <errno.h> - #include <unistd.h> -diff --git a/src/log.c b/src/log.c -index 9bae4a3..f7e82e5 100644 ---- a/src/log.c -+++ b/src/log.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <unistd.h> - #include <stdarg.h> -diff --git a/src/ntp.c b/src/ntp.c -index dd246eb..db8ae96 100644 ---- a/src/ntp.c -+++ b/src/ntp.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <errno.h> - #include <fcntl.h> - #include <unistd.h> -diff --git a/src/resolver.c b/src/resolver.c -index fbe4be7..ef61f92 100644 ---- a/src/resolver.c -+++ b/src/resolver.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <errno.h> - #include <fcntl.h> -diff --git a/src/rfkill.c b/src/rfkill.c -index 2bfb092..af49d12 100644 ---- a/src/rfkill.c -+++ b/src/rfkill.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <errno.h> - #include <fcntl.h> -diff --git a/src/stats.c b/src/stats.c -index 26343b1..cfcdc94 100644 ---- a/src/stats.c -+++ b/src/stats.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <errno.h> - #include <sys/mman.h> - #include <sys/types.h> -diff --git a/src/timezone.c b/src/timezone.c -index e346b11..8e91267 100644 ---- a/src/timezone.c -+++ b/src/timezone.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <errno.h> - #include <stdio.h> - #include <fcntl.h> -diff --git a/tools/stats-tool.c b/tools/stats-tool.c -index b076478..428d94b 100644 ---- a/tools/stats-tool.c -+++ b/tools/stats-tool.c -@@ -22,7 +22,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <sys/mman.h> - #include <sys/types.h> - #include <sys/stat.h> -diff --git a/tools/tap-test.c b/tools/tap-test.c -index fdc098a..57917f5 100644 ---- a/tools/tap-test.c -+++ b/tools/tap-test.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <errno.h> - #include <fcntl.h> -diff --git a/tools/wispr.c b/tools/wispr.c -index d5f9341..e56dfc1 100644 ---- a/tools/wispr.c -+++ b/tools/wispr.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <stdio.h> - #include <fcntl.h> - #include <unistd.h> -diff --git a/vpn/plugins/vpn.c b/vpn/plugins/vpn.c -index 9a42385..479c3a7 100644 ---- a/vpn/plugins/vpn.c -+++ b/vpn/plugins/vpn.c -@@ -23,7 +23,6 @@ - #include <config.h> - #endif - --#define _GNU_SOURCE - #include <string.h> - #include <fcntl.h> - #include <unistd.h> --- -2.8.1 - - -From b8b7878e6cb2a1ed4fcfa256f7e232511a40e3d9 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@intel.com> -Date: Tue, 9 Aug 2016 15:37:50 +0100 -Subject: [PATCH 2/3] Check for in6_pktinfo.ipi6_addr explicitly - -Instead of assuming that just glibc has this structure, check for it at -configure as musl also has it. - -Based on work by Khem Raj <raj.khem@gmail.com>. ---- - configure.ac | 2 ++ - gdhcp/common.h | 5 +++-- - 2 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index bacf5ec..ad00456 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -186,6 +186,8 @@ AC_CHECK_LIB(resolv, ns_initparse, dummy=yes, [ - AC_CHECK_HEADERS([execinfo.h]) - AM_CONDITIONAL([BACKTRACE], [test "${ac_cv_header_execinfo_h}" = "yes"]) - -+AC_CHECK_MEMBERS([struct in6_pktinfo.ipi6_addr], [], [], [[#include <netinet/in.h>]]) -+ - AC_CHECK_FUNC(signalfd, dummy=yes, - AC_MSG_ERROR(signalfd support is required)) - -diff --git a/gdhcp/common.h b/gdhcp/common.h -index 75abc18..6899499 100644 ---- a/gdhcp/common.h -+++ b/gdhcp/common.h -@@ -19,6 +19,7 @@ - * - */ - -+#include <config.h> - #include <netinet/udp.h> - #include <netinet/ip.h> - -@@ -170,8 +171,8 @@ static const uint8_t dhcp_option_lengths[] = { - [OPTION_U32] = 4, - }; - --/* already defined within netinet/in.h if using GNU compiler */ --#ifndef __USE_GNU -+/* already defined within netinet/in.h if using glibc or musl */ -+#ifndef HAVE_STRUCT_IN6_PKTINFO_IPI6_ADDR - struct in6_pktinfo { - struct in6_addr ipi6_addr; /* src/dst IPv6 address */ - unsigned int ipi6_ifindex; /* send/recv interface index */ --- -2.8.1 - - -From c0726e432fa0274a2b9c70179b03df6720972816 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@intel.com> -Date: Tue, 9 Aug 2016 15:19:23 +0100 -Subject: [PATCH 3/3] Rationalise includes - -gweb/gresolv.c uses snprintf() and isspace() so it should include stdio.h and -ctype.h. - -tools/dnsproxy-test uses functions from stdio.h. - -musl warns when sys/ headers are included when the non-sys form should be used, -so switch sys/errno.h and so on to errno.h. - -musl also causes redefinition errors when pieces of the networking headers are -included, so remove the redundant includes. - -Based on work by Khem Raj <raj.khem@gmail.com>. ---- - gweb/gresolv.c | 2 ++ - plugins/wifi.c | 3 +-- - src/ippool.c | 1 - - src/iptables.c | 2 +- - src/tethering.c | 2 -- - tools/dhcp-test.c | 1 - - tools/dnsproxy-test.c | 1 + - tools/private-network-test.c | 2 +- - tools/tap-test.c | 2 +- - 9 files changed, 7 insertions(+), 9 deletions(-) - -diff --git a/gweb/gresolv.c b/gweb/gresolv.c -index 8a51a9f..d55027c 100644 ---- a/gweb/gresolv.c -+++ b/gweb/gresolv.c -@@ -23,11 +23,13 @@ - #include <config.h> - #endif - -+#include <ctype.h> - #include <errno.h> - #include <unistd.h> - #include <stdarg.h> - #include <string.h> - #include <stdlib.h> -+#include <stdio.h> - #include <resolv.h> - #include <sys/types.h> - #include <sys/socket.h> -diff --git a/plugins/wifi.c b/plugins/wifi.c -index 9d56671..148131d 100644 ---- a/plugins/wifi.c -+++ b/plugins/wifi.c -@@ -30,9 +30,8 @@ - #include <string.h> - #include <sys/ioctl.h> - #include <sys/socket.h> --#include <linux/if_arp.h> --#include <linux/wireless.h> - #include <net/ethernet.h> -+#include <linux/wireless.h> - - #ifndef IFF_LOWER_UP - #define IFF_LOWER_UP 0x10000 -diff --git a/src/ippool.c b/src/ippool.c -index cea1dcc..8a645da 100644 ---- a/src/ippool.c -+++ b/src/ippool.c -@@ -28,7 +28,6 @@ - #include <stdio.h> - #include <string.h> - #include <unistd.h> --#include <sys/errno.h> - #include <sys/socket.h> - - #include "connman.h" -diff --git a/src/iptables.c b/src/iptables.c -index 5ef757a..82e3ac4 100644 ---- a/src/iptables.c -+++ b/src/iptables.c -@@ -28,7 +28,7 @@ - #include <stdio.h> - #include <string.h> - #include <unistd.h> --#include <sys/errno.h> -+#include <errno.h> - #include <sys/socket.h> - #include <xtables.h> - #include <inttypes.h> -diff --git a/src/tethering.c b/src/tethering.c -index 3153349..ad062d5 100644 ---- a/src/tethering.c -+++ b/src/tethering.c -@@ -31,10 +31,8 @@ - #include <stdio.h> - #include <sys/ioctl.h> - #include <net/if.h> --#include <linux/sockios.h> - #include <string.h> - #include <fcntl.h> --#include <linux/if_tun.h> - #include <netinet/in.h> - #include <linux/if_bridge.h> - -diff --git a/tools/dhcp-test.c b/tools/dhcp-test.c -index c34e10a..eae66fc 100644 ---- a/tools/dhcp-test.c -+++ b/tools/dhcp-test.c -@@ -33,7 +33,6 @@ - #include <arpa/inet.h> - #include <net/route.h> - #include <net/ethernet.h> --#include <linux/if_arp.h> - - #include <gdhcp/gdhcp.h> - -diff --git a/tools/dnsproxy-test.c b/tools/dnsproxy-test.c -index 551cae9..371e2e2 100644 ---- a/tools/dnsproxy-test.c -+++ b/tools/dnsproxy-test.c -@@ -24,6 +24,7 @@ - #endif - - #include <errno.h> -+#include <stdio.h> - #include <stdlib.h> - #include <string.h> - #include <unistd.h> -diff --git a/tools/private-network-test.c b/tools/private-network-test.c -index 3dd115b..2828bb3 100644 ---- a/tools/private-network-test.c -+++ b/tools/private-network-test.c -@@ -32,7 +32,7 @@ - #include <stdlib.h> - #include <string.h> - #include <signal.h> --#include <sys/poll.h> -+#include <poll.h> - #include <sys/signalfd.h> - #include <unistd.h> - -diff --git a/tools/tap-test.c b/tools/tap-test.c -index 57917f5..cb3ee62 100644 ---- a/tools/tap-test.c -+++ b/tools/tap-test.c -@@ -28,7 +28,7 @@ - #include <fcntl.h> - #include <unistd.h> - #include <string.h> --#include <sys/poll.h> -+#include <poll.h> - #include <sys/ioctl.h> - - #include <netinet/in.h> --- -2.8.1 diff --git a/meta/recipes-connectivity/connman/connman_1.33.bb b/meta/recipes-connectivity/connman/connman_1.37.bb index 6ea1a08dc1..00852bf0d6 100644 --- a/meta/recipes-connectivity/connman/connman_1.33.bb +++ b/meta/recipes-connectivity/connman/connman_1.37.bb @@ -2,13 +2,16 @@ require connman.inc SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \ + file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ + file://0001-gweb-fix-segfault-with-musl-v1.1.21.patch \ file://connman \ file://no-version-scripts.patch \ - file://includes.patch \ - " +" + SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch" -SRC_URI[md5sum] = "c51903fd3e7a6a371d12ac5d72a1fa01" -SRC_URI[sha256sum] = "bc8946036fa70124d663136f9f6b6238d897ca482782df907b07a428b09df5a0" +SRC_URI[md5sum] = "75012084f14fb63a84b116e66c6e94fb" +SRC_URI[sha256sum] = "6ce29b3eb0bb16a7387bc609c39455fd13064bdcde5a4d185fab3a0c71946e16" RRECOMMENDS_${PN} = "connman-conf" +RCONFLICTS_${PN} = "networkmanager" diff --git a/meta/recipes-connectivity/dhcp/dhcp.inc b/meta/recipes-connectivity/dhcp/dhcp.inc index aafdd0a13d..c4697beaf1 100644 --- a/meta/recipes-connectivity/dhcp/dhcp.inc +++ b/meta/recipes-connectivity/dhcp/dhcp.inc @@ -8,48 +8,57 @@ easier to administer devices." HOMEPAGE = "http://www.isc.org/" LICENSE = "ISC" -LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;md5=c5c64d696107f84b56fe337d14da1753" +LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;md5=004a4db50a1e20972e924a8618747c01" DEPENDS = "openssl bind" -SRC_URI = "ftp://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ - file://define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch \ +SRC_URI = "http://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ file://init-relay file://default-relay \ file://init-server file://default-server \ file://dhclient.conf file://dhcpd.conf \ + file://dhclient-systemd-wrapper \ + file://dhclient.service \ file://dhcpd.service file://dhcrelay.service \ file://dhcpd6.service \ - file://search-for-libxml2.patch " - -UPSTREAM_CHECK_URI = "ftp://ftp.isc.org/isc/dhcp/" + " +UPSTREAM_CHECK_URI = "http://ftp.isc.org/isc/dhcp/" UPSTREAM_CHECK_REGEX = "(?P<pver>\d+\.\d+\.(\d+?))/" -inherit autotools systemd useradd update-rc.d +inherit autotools-brokensep systemd useradd update-rc.d USERADD_PACKAGES = "${PN}-server" -USERADD_PARAM_${PN}-server = "--system --no-create-home --home-dir /var/run/${PN} --shell /bin/false --user-group ${PN}" +USERADD_PARAM_${PN}-server = "--system --no-create-home --home-dir /var/run/${BPN} --shell /bin/false --user-group ${BPN}" -SYSTEMD_PACKAGES = "${PN}-server ${PN}-relay" +SYSTEMD_PACKAGES = "${PN}-server ${PN}-relay ${PN}-client" SYSTEMD_SERVICE_${PN}-server = "dhcpd.service dhcpd6.service" SYSTEMD_AUTO_ENABLE_${PN}-server = "disable" SYSTEMD_SERVICE_${PN}-relay = "dhcrelay.service" SYSTEMD_AUTO_ENABLE_${PN}-relay = "disable" +SYSTEMD_SERVICE_${PN}-client = "dhclient.service" +SYSTEMD_AUTO_ENABLE_${PN}-client = "disable" + INITSCRIPT_PACKAGES = "dhcp-server" INITSCRIPT_NAME_dhcp-server = "dhcp-server" INITSCRIPT_PARAMS_dhcp-server = "defaults" -TARGET_CFLAGS += "-D_GNU_SOURCE" +CFLAGS += "-D_GNU_SOURCE" EXTRA_OECONF = "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \ --with-srv6-lease-file=${localstatedir}/lib/dhcp/dhcpd6.leases \ --with-cli-lease-file=${localstatedir}/lib/dhcp/dhclient.leases \ --with-cli6-lease-file=${localstatedir}/lib/dhcp/dhclient6.leases \ - --with-libbind=${STAGING_LIBDIR}/ \ - --enable-paranoia \ + --enable-paranoia --disable-static \ --with-randomdev=/dev/random \ + --with-libbind=${STAGING_DIR_HOST} \ + --enable-libtool \ " +#Enable shared libs per dhcp README +do_configure_prepend () { + cp configure.ac+lt configure.ac +} + do_install_append () { install -d ${D}${sysconfdir}/init.d install -d ${D}${sysconfdir}/default @@ -79,14 +88,21 @@ do_install_append () { sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhcpd*.service sed -i -e 's,@base_bindir@,${base_bindir},g' ${D}${systemd_unitdir}/system/dhcpd*.service sed -i -e 's,@localstatedir@,${localstatedir},g' ${D}${systemd_unitdir}/system/dhcpd*.service - sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhcrelay.service + sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhcrelay.service + + install -d ${D}${base_sbindir} + install -m 0755 ${WORKDIR}/dhclient-systemd-wrapper ${D}${base_sbindir}/dhclient-systemd-wrapper + install -m 0644 ${WORKDIR}/dhclient.service ${D}${systemd_unitdir}/system + sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhclient.service + sed -i -e 's,@BASE_SBINDIR@,${base_sbindir},g' ${D}${systemd_unitdir}/system/dhclient.service } -PACKAGES += "dhcp-server dhcp-server-config dhcp-client dhcp-relay dhcp-omshell" +PACKAGES += "dhcp-libs dhcp-server dhcp-server-config dhcp-client dhcp-relay dhcp-omshell" -FILES_${PN} = "" +PACKAGES_remove = "${PN}" RDEPENDS_${PN}-dev = "" RDEPENDS_${PN}-staticdev = "" +FILES_${PN}-libs = "${libdir}/libdhcpctl.so.0* ${libdir}/libomapi.so.0* ${libdir}/libdhcp.so.0*" FILES_${PN}-server = "${sbindir}/dhcpd ${sysconfdir}/init.d/dhcp-server" RRECOMMENDS_${PN}-server = "dhcp-server-config" @@ -95,7 +111,11 @@ FILES_${PN}-server-config = "${sysconfdir}/default/dhcp-server ${sysconfdir}/dhc FILES_${PN}-relay = "${sbindir}/dhcrelay ${sysconfdir}/init.d/dhcp-relay ${sysconfdir}/default/dhcp-relay" -FILES_${PN}-client = "${base_sbindir}/dhclient ${base_sbindir}/dhclient-script ${sysconfdir}/dhcp/dhclient.conf" +FILES_${PN}-client = "${base_sbindir}/dhclient \ + ${base_sbindir}/dhclient-script \ + ${sysconfdir}/dhcp/dhclient.conf \ + ${base_sbindir}/dhclient-systemd-wrapper \ + " FILES_${PN}-omshell = "${bindir}/omshell" diff --git a/meta/recipes-connectivity/dhcp/dhcp/0001-Fix-a-NSUPDATE-compiling-issue.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-Fix-a-NSUPDATE-compiling-issue.patch new file mode 100644 index 0000000000..f12a112fcf --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0001-Fix-a-NSUPDATE-compiling-issue.patch @@ -0,0 +1,68 @@ +From a59cb98a473caa2afd64d7ae368480b6e9f91b3f Mon Sep 17 00:00:00 2001 +From: Ming Liu <liu.ming50@gmail.com> +Date: Tue, 14 May 2019 11:07:15 +0200 +Subject: [PATCH] Fix a NSUPDATE compiling issue + +Upstream-Status: Pending [Patch sent to: https://gitlab.isc.org/isc-projects/dhcp/issues/16] + +A following error was observed when NSUPDATE is not defined: +| omapip/isclib.c: In function 'dns_client_init': +| omapip/isclib.c:356:18: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'dnsclient' +| if (dhcp_gbl_ctx.dnsclient == NULL) { +| ^ +| omapip/isclib.c:363:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'dnsclient' +| &dhcp_gbl_ctx.dnsclient, +| ^ +| omapip/isclib.c:364:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'use_local4' +| (dhcp_gbl_ctx.use_local4 ? +| ^ +| omapip/isclib.c:365:25: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'local4_sockaddr' +| &dhcp_gbl_ctx.local4_sockaddr +| ^ +| omapip/isclib.c:367:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'use_local6' +| (dhcp_gbl_ctx.use_local6 ? +| ^ +| omapip/isclib.c:368:25: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'local6_sockaddr' +| &dhcp_gbl_ctx.local6_sockaddr + +Fix it by adding NSUPDATE conditional checking. + +Signed-off-by: Ming Liu <liu.ming50@gmail.com> +--- + includes/omapip/isclib.h | 2 ++ + omapip/isclib.c | 2 ++ + 2 files changed, 4 insertions(+) + +diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h +index 538b927..6c20584 100644 +--- a/includes/omapip/isclib.h ++++ b/includes/omapip/isclib.h +@@ -141,6 +141,8 @@ void isclib_cleanup(void); + void dhcp_signal_handler(int signal); + extern int shutdown_signal; + ++#if defined (NSUPDATE) + isc_result_t dns_client_init(); ++#endif + + #endif /* ISCLIB_H */ +diff --git a/omapip/isclib.c b/omapip/isclib.c +index db3b895..ce4b4a1 100644 +--- a/omapip/isclib.c ++++ b/omapip/isclib.c +@@ -351,6 +351,7 @@ void dhcp_signal_handler(int signal) { + } + } + ++#if defined (NSUPDATE) + isc_result_t dns_client_init() { + isc_result_t result; + if (dhcp_gbl_ctx.dnsclient == NULL) { +@@ -387,3 +388,4 @@ isc_result_t dns_client_init() { + + return ISC_R_SUCCESS; + } ++#endif +-- +2.7.4 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch index 32bdaf08e7..d1b57f0bb4 100644 --- a/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch +++ b/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch @@ -1,17 +1,21 @@ -define macro _PATH_DHCPD_CONF and _PATH_DHCLIENT_CONF +From 7cc29144535a622fc671dc86eb1da65b0473a7c4 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Tue, 15 Aug 2017 16:14:22 +0800 +Subject: [PATCH 01/11] define macro _PATH_DHCPD_CONF and _PATH_DHCLIENT_CONF Upstream-Status: Inappropriate [OE specific] +Rebase to 4.3.6 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> --- includes/site.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -diff --git a/includes/site.h b/includes/site.h -index d87b309..17bc40d 100644 ---- a/includes/site.h -+++ b/includes/site.h -@@ -139,7 +139,8 @@ +Index: dhcp-4.4.1/includes/site.h +=================================================================== +--- dhcp-4.4.1.orig/includes/site.h ++++ dhcp-4.4.1/includes/site.h +@@ -148,7 +148,8 @@ /* Define this if you want the dhcpd.conf file to go somewhere other than the default location. By default, it goes in /etc/dhcpd.conf. */ @@ -21,6 +25,3 @@ index d87b309..17bc40d 100644 /* Network API definitions. You do not need to choose one of these - if you don't choose, one will be chosen for you in your system's config --- -1.9.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch new file mode 100644 index 0000000000..1bc1422475 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch @@ -0,0 +1,79 @@ +From 8194daabfd590f17825f0c61e9534bee5c99cc86 Mon Sep 17 00:00:00 2001 +From: Thomas Markwalder <tmark@isc.org> +Date: Fri, 14 Sep 2018 13:41:41 -0400 +Subject: [master] Added includes of new BIND9 compatibility headers + + Merges in rt48072. + +Upstream-Status: Backport +Signed-off-by: Adrian Bunk <bunk@stusta.de> + +diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h +index 75a87ff6..538b927f 100644 +--- a/includes/omapip/isclib.h ++++ b/includes/omapip/isclib.h +@@ -48,6 +48,9 @@ + #include <string.h> + #include <netdb.h> + ++#include <isc/boolean.h> ++#include <isc/int.h> ++ + #include <isc/buffer.h> + #include <isc/lex.h> + #include <isc/lib.h> +diff --git a/includes/omapip/result.h b/includes/omapip/result.h +index 91243e1b..860298f6 100644 +--- a/includes/omapip/result.h ++++ b/includes/omapip/result.h +@@ -26,6 +26,7 @@ + #ifndef DHCP_RESULT_H + #define DHCP_RESULT_H 1 + ++#include <isc/boolean.h> + #include <isc/lang.h> + #include <isc/resultclass.h> + #include <isc/types.h> +diff --git a/server/dhcpv6.c b/server/dhcpv6.c +index a7110f98..cde4f617 100644 +--- a/server/dhcpv6.c ++++ b/server/dhcpv6.c +@@ -1034,7 +1034,8 @@ void check_pool6_threshold(struct reply_state *reply, + shared_name, + inet_ntop(AF_INET6, &lease->addr, + tmp_addr, sizeof(tmp_addr)), +- used, count); ++ (long long unsigned)(used), ++ (long long unsigned)(count)); + } + return; + } +@@ -1066,7 +1067,8 @@ void check_pool6_threshold(struct reply_state *reply, + "address: %s; high threshold %d%% %llu/%llu.", + shared_name, + inet_ntop(AF_INET6, &lease->addr, tmp_addr, sizeof(tmp_addr)), +- poolhigh, used, count); ++ poolhigh, (long long unsigned)(used), ++ (long long unsigned)(count)); + + /* handle the low threshold now, if we don't + * have one we default to 0. */ +@@ -1436,12 +1438,15 @@ pick_v6_address(struct reply_state *reply) + log_debug("Unable to pick client address: " + "no addresses available - shared network %s: " + " 2^64-1 < total, %llu active, %llu abandoned", +- shared_name, active - abandoned, abandoned); ++ shared_name, (long long unsigned)(active - abandoned), ++ (long long unsigned)(abandoned)); + } else { + log_debug("Unable to pick client address: " + "no addresses available - shared network %s: " + "%llu total, %llu active, %llu abandoned", +- shared_name, total, active - abandoned, abandoned); ++ shared_name, (long long unsigned)(total), ++ (long long unsigned)(active - abandoned), ++ (long long unsigned)(abandoned)); + } + + return ISC_R_NORESOURCES; + diff --git a/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch deleted file mode 100644 index 47443a50ef..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch +++ /dev/null @@ -1,25 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - -Subject: [PATCH] site.h: enable gentle shutdown - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - includes/site.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/includes/site.h b/includes/site.h -index 1dd1251..abb66e4 100644 ---- a/includes/site.h -+++ b/includes/site.h -@@ -289,7 +289,7 @@ - situations. We plan to revisit this feature and may - make non-backwards compatible changes including the - removal of this define. Use at your own risk. */ --/* #define ENABLE_GENTLE_SHUTDOWN */ -+#define ENABLE_GENTLE_SHUTDOWN - - /* Include old error codes. This is provided in case you - are building an external program similar to omshell for --- -2.8.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0001-workaround-busybox-limitation-in-linux-dhclient-script.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-workaround-busybox-limitation-in-linux-dhclient-script.patch new file mode 100644 index 0000000000..2359381b93 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0001-workaround-busybox-limitation-in-linux-dhclient-script.patch @@ -0,0 +1,65 @@ +From eec0503cfc36f63d777f5cb3f2719cecedcb8468 Mon Sep 17 00:00:00 2001 +From: Haris Okanovic <haris.okanovic@ni.com> +Date: Mon, 7 Jan 2019 13:22:09 -0600 +Subject: [PATCH] Workaround busybox limitation in Linux dhclient-script + +Busybox is a lightweight implementation of coreutils commonly used on +space-constrained embedded Linux distributions. It's implementation of +chown and chmod doesn't provide a "--reference" option added to +client/scripts/linux as of commit 9261cb14. This change works around +that limitation by using stat to read ownership and permissions flags +and simple chown/chmod calls supported in both coreutils and busybox. + + modified: client/scripts/linux + +Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> +Upstream-Status: Pending [ISC-Bugs #48771] +--- + client/scripts/linux | 17 +++++++++++++---- + 1 file changed, 13 insertions(+), 4 deletions(-) + +diff --git a/client/scripts/linux b/client/scripts/linux +index 0c429697..2435a44b 100755 +--- a/client/scripts/linux ++++ b/client/scripts/linux +@@ -32,6 +32,17 @@ + # if your system holds ip tool in a non-standard location. + ip=/sbin/ip + ++chown_chmod_by_reference() { ++ local reference_file="$1" ++ local target_file="$2" ++ ++ local owner=$(stat -c "%u:%g" "$reference_file") ++ local perm=$(stat -c "%a" "$reference_file") ++ ++ chown "$owner" "$target_file" ++ chmod "$perm" "$target_file" ++} ++ + # update /etc/resolv.conf based on received values + # This updated version mostly follows Debian script by Andrew Pollock et al. + make_resolv_conf() { +@@ -74,8 +85,7 @@ make_resolv_conf() { + fi + + if [ -f /etc/resolv.conf ]; then +- chown --reference=/etc/resolv.conf $new_resolv_conf +- chmod --reference=/etc/resolv.conf $new_resolv_conf ++ chown_chmod_by_reference /etc/resolv.conf $new_resolv_conf + fi + mv -f $new_resolv_conf /etc/resolv.conf + # DHCPv6 +@@ -101,8 +111,7 @@ make_resolv_conf() { + fi + + if [ -f /etc/resolv.conf ]; then +- chown --reference=/etc/resolv.conf $new_resolv_conf +- chmod --reference=/etc/resolv.conf $new_resolv_conf ++ chown_chmod_by_reference /etc/resolv.conf $new_resolv_conf + fi + mv -f $new_resolv_conf /etc/resolv.conf + fi +-- +2.20.0 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/0002-dhclient-dbus.patch b/meta/recipes-connectivity/dhcp/dhcp/0002-dhclient-dbus.patch new file mode 100644 index 0000000000..101c33f677 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0002-dhclient-dbus.patch @@ -0,0 +1,117 @@ +From be7540d31c356e80ee02e90e8bf162b7ac6e5ba5 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Tue, 15 Aug 2017 14:56:56 +0800 +Subject: [PATCH 02/11] dhclient dbus + +Upstream-Status: Inappropriate [distribution] + +Rebase to 4.3.6 +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + client/scripts/bsdos | 5 +++++ + client/scripts/freebsd | 5 +++++ + client/scripts/linux | 5 +++++ + client/scripts/netbsd | 5 +++++ + client/scripts/openbsd | 5 +++++ + client/scripts/solaris | 5 +++++ + 6 files changed, 30 insertions(+) + +diff --git a/client/scripts/bsdos b/client/scripts/bsdos +index d69d0d8..095b143 100755 +--- a/client/scripts/bsdos ++++ b/client/scripts/bsdos +@@ -45,6 +45,11 @@ exit_with_hooks() { + . /etc/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +diff --git a/client/scripts/freebsd b/client/scripts/freebsd +index 8f3e2a2..ad7fb44 100755 +--- a/client/scripts/freebsd ++++ b/client/scripts/freebsd +@@ -89,6 +89,11 @@ exit_with_hooks() { + . /etc/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +diff --git a/client/scripts/linux b/client/scripts/linux +index 5fb1612..3d447b6 100755 +--- a/client/scripts/linux ++++ b/client/scripts/linux +@@ -174,6 +174,11 @@ exit_with_hooks() { + exit_status=$? + fi + ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +diff --git a/client/scripts/netbsd b/client/scripts/netbsd +index 07383b7..aaba8e8 100755 +--- a/client/scripts/netbsd ++++ b/client/scripts/netbsd +@@ -45,6 +45,11 @@ exit_with_hooks() { + . /etc/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +diff --git a/client/scripts/openbsd b/client/scripts/openbsd +index e7f4746..56b980c 100644 +--- a/client/scripts/openbsd ++++ b/client/scripts/openbsd +@@ -45,6 +45,11 @@ exit_with_hooks() { + . /etc/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +diff --git a/client/scripts/solaris b/client/scripts/solaris +index af553b9..4a2aa69 100755 +--- a/client/scripts/solaris ++++ b/client/scripts/solaris +@@ -26,6 +26,11 @@ exit_with_hooks() { + . /etc/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +-- +1.8.3.1 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/link-with-lcrypto.patch b/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch index 0d0e0dd08e..5b35933a54 100644 --- a/meta/recipes-connectivity/dhcp/dhcp/link-with-lcrypto.patch +++ b/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch @@ -1,24 +1,28 @@ -Author: Andrei Gherzan <andrei@gherzan.ro> -Date: Thu Feb 2 23:59:11 2012 +0200 +From d80bd792323dbd56269309f85b4506eb6b1b60e9 Mon Sep 17 00:00:00 2001 +From: Andrei Gherzan <andrei@gherzan.ro> +Date: Tue, 15 Aug 2017 15:05:47 +0800 +Subject: [PATCH 03/11] link with lcrypto -From 4.2.0 final release, -lcrypto check was removed and we compile static libraries -from bind that are linked to libcrypto. This is why i added a patch in order to add +From 4.2.0 final release, -lcrypto check was removed and we compile +static libraries +from bind that are linked to libcrypto. This is why i added a patch in +order to add -lcrypto to LIBS. Upstream-Status: Pending Signed-off-by: Andrei Gherzan <andrei@gherzan.ro> -Rebase to 4.3.4 +Rebase to 4.3.6 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> --- configure.ac | 4 ++++ 1 file changed, 4 insertions(+) -diff --git a/configure.ac b/configure.ac -index 097b0c3..726c88e 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -584,6 +584,10 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[void foo() __attribute__((noreturn)); +Index: dhcp-4.4.1/configure.ac +=================================================================== +--- dhcp-4.4.1.orig/configure.ac ++++ dhcp-4.4.1/configure.ac +@@ -612,6 +612,10 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], # Look for optional headers. AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h) @@ -29,6 +33,3 @@ index 097b0c3..726c88e 100644 # Solaris needs some libraries for functions AC_SEARCH_LIBS(socket, [socket]) AC_SEARCH_LIBS(inet_ntoa, [nsl]) --- -2.8.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch b/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch new file mode 100644 index 0000000000..b71c93dd6d --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch @@ -0,0 +1,93 @@ +From cccec0344d68dac4100b6f260ee24e7c2da9dfda Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Tue, 15 Aug 2017 15:08:22 +0800 +Subject: [PATCH 04/11] Fix out of tree builds + +Upstream-Status: Pending + +RP 2013/03/21 + +Rebase to 4.3.6 + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + client/Makefile.am | 4 ++-- + common/Makefile.am | 3 ++- + dhcpctl/Makefile.am | 2 ++ + omapip/Makefile.am | 1 + + relay/Makefile.am | 2 +- + server/Makefile.am | 2 +- + 6 files changed, 9 insertions(+), 5 deletions(-) + +Index: dhcp-4.4.1/common/Makefile.am +=================================================================== +--- dhcp-4.4.1.orig/common/Makefile.am ++++ dhcp-4.4.1/common/Makefile.am +@@ -1,4 +1,5 @@ +-AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' ++AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' ++ + AM_CFLAGS = $(LDAP_CFLAGS) + + lib_LIBRARIES = libdhcp.a +Index: dhcp-4.4.1/dhcpctl/Makefile.am +=================================================================== +--- dhcp-4.4.1.orig/dhcpctl/Makefile.am ++++ dhcp-4.4.1/dhcpctl/Makefile.am +@@ -3,6 +3,8 @@ BINDLIBDNSDIR=@BINDLIBDNSDIR@ + BINDLIBISCCFGDIR=@BINDLIBISCCFGDIR@ + BINDLIBISCDIR=@BINDLIBISCDIR@ + ++AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) ++ + bin_PROGRAMS = omshell + lib_LIBRARIES = libdhcpctl.a + noinst_PROGRAMS = cltest +Index: dhcp-4.4.1/server/Makefile.am +=================================================================== +--- dhcp-4.4.1.orig/server/Makefile.am ++++ dhcp-4.4.1/server/Makefile.am +@@ -4,7 +4,7 @@ + # production code. Sadly, we are not there yet. + SUBDIRS = . tests + +-AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"' ++AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes + + dist_sysconf_DATA = dhcpd.conf.example + sbin_PROGRAMS = dhcpd +Index: dhcp-4.4.1/client/Makefile.am +=================================================================== +--- dhcp-4.4.1.orig/client/Makefile.am ++++ dhcp-4.4.1/client/Makefile.am +@@ -5,7 +5,7 @@ + SUBDIRS = . tests + + AM_CPPFLAGS = -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' +-AM_CPPFLAGS += -DLOCALSTATEDIR='"$(localstatedir)"' ++AM_CPPFLAGS += -DLOCALSTATEDIR='"$(localstatedir)"' -I$(top_srcdir)/includes + + dist_sysconf_DATA = dhclient.conf.example + sbin_PROGRAMS = dhclient +Index: dhcp-4.4.1/omapip/Makefile.am +=================================================================== +--- dhcp-4.4.1.orig/omapip/Makefile.am ++++ dhcp-4.4.1/omapip/Makefile.am +@@ -2,6 +2,7 @@ BINDLIBIRSDIR=@BINDLIBIRSDIR@ + BINDLIBDNSDIR=@BINDLIBDNSDIR@ + BINDLIBISCCFGDIR=@BINDLIBISCCFGDIR@ + BINDLIBISCDIR=@BINDLIBISCDIR@ ++AM_CPPFLAGS = -I$(top_srcdir)/includes + + lib_LIBRARIES = libomapi.a + noinst_PROGRAMS = svtest +Index: dhcp-4.4.1/relay/Makefile.am +=================================================================== +--- dhcp-4.4.1.orig/relay/Makefile.am ++++ dhcp-4.4.1/relay/Makefile.am +@@ -1,4 +1,4 @@ +-AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' ++AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes + + sbin_PROGRAMS = dhcrelay + dhcrelay_SOURCES = dhcrelay.c diff --git a/meta/recipes-connectivity/dhcp/dhcp/0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch b/meta/recipes-connectivity/dhcp/dhcp/0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch new file mode 100644 index 0000000000..dd56381b1d --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch @@ -0,0 +1,36 @@ +From 2e8ff0e4f6d39e346ea86b8c514ab4ccc78fa359 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Tue, 15 Aug 2017 15:24:14 +0800 +Subject: [PATCH 05/11] dhcp-client: fix invoke dhclient-script failed on + Read-only file system + +In read-only file system, '/etc' is on the readonly partition, +and '/etc/resolv.conf' is symlinked to a separate writable +partition. + +In this situation, we create temp files 'resolv.conf.dhclient-new' +in /tmp dir. + +Upstream-Status: Pending + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + client/scripts/linux | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/client/scripts/linux b/client/scripts/linux +index 3d447b6..3122a75 100755 +--- a/client/scripts/linux ++++ b/client/scripts/linux +@@ -40,7 +40,7 @@ make_resolv_conf() { + # DHCPv4 + if [ -n "$new_domain_search" ] || [ -n "$new_domain_name" ] || + [ -n "$new_domain_name_servers" ]; then +- new_resolv_conf=/etc/resolv.conf.dhclient-new ++ new_resolv_conf=/tmp/resolv.conf.dhclient-new + rm -f $new_resolv_conf + + if [ -n "$new_domain_name" ]; then +-- +1.8.3.1 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch b/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch new file mode 100644 index 0000000000..feb0754fff --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch @@ -0,0 +1,62 @@ +From 7107511fd209f08f9a96f8938041ae48f3295895 Mon Sep 17 00:00:00 2001 +From: Christopher Larson <chris_larson@mentor.com> +Date: Tue, 15 Aug 2017 16:17:49 +0800 +Subject: [PATCH 07/11] Add configure argument to make the libxml2 dependency + explicit and determinisitic. + +Upstream-Status: Pending + +Signed-off-by: Christopher Larson <chris_larson@mentor.com> + +Rebase to 4.3.6 + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + configure.ac | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +Index: dhcp-4.4.1/configure.ac +=================================================================== +--- dhcp-4.4.1.orig/configure.ac ++++ dhcp-4.4.1/configure.ac +@@ -642,6 +642,17 @@ if test "$have_nanosleep" = "rt"; then + LIBS="-lrt $LIBS" + fi + ++AC_ARG_WITH(libxml2, ++ AS_HELP_STRING([--with-libxml2], [link against libxml2. this is needed if bind was built with xml2 support enabled]), ++ with_libxml2="$withval", with_libxml2="no") ++ ++if test x$with_libxml2 != xno; then ++ AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2], ++ [if test x$with_libxml2 != xauto; then ++ AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested]) ++ fi]) ++fi ++ + # check for /dev/random (declares HAVE_DEV_RANDOM) + AC_MSG_CHECKING(for random device) + AC_ARG_WITH(randomdev, +Index: dhcp-4.4.1/configure.ac+lt +=================================================================== +--- dhcp-4.4.1.orig/configure.ac+lt ++++ dhcp-4.4.1/configure.ac+lt +@@ -909,6 +909,18 @@ elif test "$want_libtool" = "yes" -a "$u + fi + AM_CONDITIONAL(INSTALL_BIND, test "$want_install_bind" = "yes") + ++AC_ARG_WITH(libxml2, ++ AS_HELP_STRING([--with-libxml2], [link against libxml2. this is needed if bind was built with xml2 support enabled]), ++ with_libxml2="$withval", with_libxml2="no") ++ ++if test x$with_libxml2 != xno; then ++ AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],, ++ [if test x$with_libxml2 != xauto; then ++ AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested]) ++ fi]) ++fi ++ ++ + # OpenLDAP support. + AC_ARG_WITH(ldap, + AS_HELP_STRING([--with-ldap],[enable OpenLDAP support in dhcpd (default is no)]), diff --git a/meta/recipes-connectivity/dhcp/dhcp/0009-remove-dhclient-script-bash-dependency.patch b/meta/recipes-connectivity/dhcp/dhcp/0009-remove-dhclient-script-bash-dependency.patch new file mode 100644 index 0000000000..912b6d6312 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0009-remove-dhclient-script-bash-dependency.patch @@ -0,0 +1,28 @@ +From f3f8b7726e50e24ef3edf5fa5a17e31d39118d7e Mon Sep 17 00:00:00 2001 +From: Andre McCurdy <armccurdy@gmail.com> +Date: Tue, 15 Aug 2017 15:49:31 +0800 +Subject: [PATCH 09/11] remove dhclient-script bash dependency + +Upstream-Status: Inappropriate [OE specific] + +Signed-off-by: Andre McCurdy <armccurdy@gmail.com> + +Rebase to 4.3.6 +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + client/scripts/linux | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/client/scripts/linux b/client/scripts/linux +index 3122a75..1712d7d 100755 +--- a/client/scripts/linux ++++ b/client/scripts/linux +@@ -1,4 +1,4 @@ +-#!/bin/bash ++#!/bin/sh + # dhclient-script for Linux. Dan Halbert, March, 1997. + # Updated for Linux 2.[12] by Brian J. Murrell, January 1999. + # No guarantees about this. I'm a novice at the details of Linux +-- +1.8.3.1 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch b/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch new file mode 100644 index 0000000000..39ba65fbc4 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch @@ -0,0 +1,34 @@ +From 501543b3ef715488a142e3d301ff2733aa33eec7 Mon Sep 17 00:00:00 2001 +From: Awais Belal <awais_belal@mentor.com> +Date: Wed, 25 Oct 2017 21:00:05 +0500 +Subject: [PATCH] dhcp: correct the intention for xml2 lib search + +A missing case breaks the build when libxml2 is +required and found appropriately. The third argument +to the function AC_SEARCH_LIB is action-if-found which +was mistakenly been used for the case where the library +is not found and hence breaks the configure phase +where it shoud actually pass. +We now pass on silently when action-if-found is +executed. + +Upstream-Status: Pending + +Signed-off-by: Awais Belal <awais_belal@mentor.com> +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: dhcp-4.4.1/configure.ac +=================================================================== +--- dhcp-4.4.1.orig/configure.ac ++++ dhcp-4.4.1/configure.ac +@@ -647,7 +647,7 @@ AC_ARG_WITH(libxml2, + with_libxml2="$withval", with_libxml2="no") + + if test x$with_libxml2 != xno; then +- AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2], ++ AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],, + [if test x$with_libxml2 != xauto; then + AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested]) + fi]) diff --git a/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch b/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch new file mode 100644 index 0000000000..fcec010bd0 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch @@ -0,0 +1,64 @@ +lib and include path is hardcoded for use_libbind + +use libdir and includedir vars + +Upstream-Status: Pending +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +Index: dhcp-4.4.1/configure.ac+lt +=================================================================== +--- dhcp-4.4.1.orig/configure.ac+lt ++++ dhcp-4.4.1/configure.ac+lt +@@ -801,22 +801,22 @@ no) + if test ! -d "$use_libbind"; then + AC_MSG_ERROR([Cannot find bind directory at $use_libbind]) + fi +- if test ! -d "$use_libbind/include" -o \ +- ! -f "$use_libbind/include/isc/buffer.h" ++ if test ! -d "$use_libbind/$includedir" -o \ ++ ! -f "$use_libbind/$includedir/isc/buffer.h" + then +- AC_MSG_ERROR([Cannot find bind includes at $use_libbind/include]) ++ AC_MSG_ERROR([Cannot find bind includes at $use_libbind/$includedir]) + fi +- if test ! -d "$use_libbind/lib" -o \ +- \( ! -f "$use_libbind/lib/libisc.a" -a \ +- ! -f "$use_libbind/lib/libisc.la" \) ++ if test ! -d "$use_libbind/$libdir" -o \ ++ \( ! -f "$use_libbind/$libdir/libisc.a" -a \ ++ ! -f "$use_libbind/$libdir/libisc.la" \) + then +- AC_MSG_ERROR([Cannot find bind libraries at $use_libbind/lib]) ++ AC_MSG_ERROR([Cannot find bind libraries at $use_libbind/$libdir]) + fi + BINDDIR="$use_libbind" +- BINDLIBIRSDIR="$BINDDIR/lib" +- BINDLIBDNSDIR="$BINDDIR/lib" +- BINDLIBISCCFGDIR="$BINDDIR/lib" +- BINDLIBISCDIR="$BINDDIR/lib" ++ BINDLIBIRSDIR="$BINDDIR/$libdir" ++ BINDLIBDNSDIR="$BINDDIR/$libdir" ++ BINDLIBISCCFGDIR="$BINDDIR/$libdir" ++ BINDLIBISCDIR="$BINDDIR/$libdir" + DISTCHECK_LIBBIND_CONFIGURE_FLAG="--with-libbind=$use_libbind" + ;; + esac +@@ -856,14 +856,14 @@ AC_ARG_ENABLE(libtool, + + if test "$use_libbind" != "no"; then + if test "$want_libtool" = "yes" -a \ +- ! -f "$use_libbind/lib/libisc.la" ++ ! -f "$use_libbind/$libdir/libisc.la" + then +- AC_MSG_ERROR([Cannot find dynamic libraries at $use_libbind/lib]) ++ AC_MSG_ERROR([Cannot find dynamic libraries at $use_libbind/$libdir]) + fi + if test "$want_libtool" = "no" -a \ +- ! -f "$use_libbind/lib/libisc.a" ++ ! -f "$use_libbind/$libdir/libisc.a" + then +- AC_MSG_ERROR([Cannot find static libraries at $use_libbind/lib]) ++ AC_MSG_ERROR([Cannot find static libraries at $use_libbind/$libdir]) + fi + fi + diff --git a/meta/recipes-connectivity/dhcp/dhcp/dhclient-script-drop-resolv.conf.dhclient.patch b/meta/recipes-connectivity/dhcp/dhcp/dhclient-script-drop-resolv.conf.dhclient.patch deleted file mode 100644 index 96095a5e08..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/dhclient-script-drop-resolv.conf.dhclient.patch +++ /dev/null @@ -1,70 +0,0 @@ -dhcp-client: fix invoke dhclient-script failed on Read-only file system - -In read-only file system, '/etc' is on the readonly partition, -and '/etc/resolv.conf' is symlinked to a separate writable -partition. - -In this situation, we should use shell variable to instead of -temp files '/etc/resolv.conf.dhclient' and '/etc/resolv.conf.dhclient6'. - -Upstream-Status: Pending -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - client/scripts/linux | 20 +++++++++----------- - 1 file changed, 9 insertions(+), 11 deletions(-) - -diff --git a/client/scripts/linux b/client/scripts/linux ---- a/client/scripts/linux -+++ b/client/scripts/linux -@@ -27,27 +27,25 @@ ip=/sbin/ip - - make_resolv_conf() { - if [ x"$new_domain_name_servers" != x ]; then -- cat /dev/null > /etc/resolv.conf.dhclient -- chmod 644 /etc/resolv.conf.dhclient -+ resolv_conf="" - if [ x"$new_domain_search" != x ]; then -- echo search $new_domain_search >> /etc/resolv.conf.dhclient -+ resolv_conf="search ${new_domain_search}\n" - elif [ x"$new_domain_name" != x ]; then - # Note that the DHCP 'Domain Name Option' is really just a domain - # name, and that this practice of using the domain name option as - # a search path is both nonstandard and deprecated. -- echo search $new_domain_name >> /etc/resolv.conf.dhclient -+ resolv_conf="search ${new_domain_name}\n" - fi - for nameserver in $new_domain_name_servers; do -- echo nameserver $nameserver >>/etc/resolv.conf.dhclient -+ resolv_conf="${resolv_conf}nameserver ${nameserver}\n" - done - -- mv /etc/resolv.conf.dhclient /etc/resolv.conf -+ echo -e "${resolv_conf}" > /etc/resolv.conf - elif [ "x${new_dhcp6_name_servers}" != x ] ; then -- cat /dev/null > /etc/resolv.conf.dhclient6 -- chmod 644 /etc/resolv.conf.dhclient6 -+ resolv_conf="" - - if [ "x${new_dhcp6_domain_search}" != x ] ; then -- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6 -+ resolv_conf="search ${new_dhcp6_domain_search}\n" - fi - shopt -s nocasematch - for nameserver in ${new_dhcp6_name_servers} ; do -@@ -59,11 +57,11 @@ make_resolv_conf() { - else - zone_id= - fi -- echo nameserver ${nameserver}$zone_id >> /etc/resolv.conf.dhclient6 -+ resolv_conf="${resolv_conf}nameserver ${nameserver}$zone_id\n" - done - shopt -u nocasematch - -- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf -+ echo -e "${resolv_conf}" > /etc/resolv.conf - fi - } - --- -2.8.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/dhcp-3.0.3-dhclient-dbus.patch b/meta/recipes-connectivity/dhcp/dhcp/dhcp-3.0.3-dhclient-dbus.patch deleted file mode 100644 index b4a666d106..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/dhcp-3.0.3-dhclient-dbus.patch +++ /dev/null @@ -1,86 +0,0 @@ -Upstream-Status: Inappropriate [distribution] - ---- client/scripts/bsdos -+++ client/scripts/bsdos -@@ -47,6 +47,11 @@ - . /etc/dhcp/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - ---- client/scripts/freebsd -+++ client/scripts/freebsd -@@ -57,6 +57,11 @@ - . /etc/dhcp/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - ---- client/scripts/linux -+++ client/scripts/linux -@@ -69,6 +69,11 @@ - . /etc/dhcp/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - ---- client/scripts/netbsd -+++ client/scripts/netbsd -@@ -47,6 +47,11 @@ - . /etc/dhcp/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - ---- client/scripts/openbsd -+++ client/scripts/openbsd -@@ -47,6 +47,11 @@ - . /etc/dhcp/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - ---- client/scripts/solaris -+++ client/scripts/solaris -@@ -47,6 +47,11 @@ - . /etc/dhcp/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - diff --git a/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch b/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch deleted file mode 100644 index 2f44147ad6..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch +++ /dev/null @@ -1,97 +0,0 @@ -Fix out of tree builds - -Upstream-Status: Pending - -RP 2013/03/21 - -Rebase to 4.3.4 - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - client/Makefile.am | 4 ++-- - common/Makefile.am | 3 ++- - dhcpctl/Makefile.am | 2 ++ - omapip/Makefile.am | 1 + - relay/Makefile.am | 2 +- - server/Makefile.am | 2 +- - 6 files changed, 9 insertions(+), 5 deletions(-) - -diff --git a/client/Makefile.am b/client/Makefile.am -index 2cb83d8..4730bb3 100644 ---- a/client/Makefile.am -+++ b/client/Makefile.am -@@ -7,11 +7,11 @@ SUBDIRS = . tests - BINDLIBDIR = @BINDDIR@/lib - - AM_CPPFLAGS = -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \ -- -DLOCALSTATEDIR='"$(localstatedir)"' -+ -DLOCALSTATEDIR='"$(localstatedir)"' -I$(top_srcdir)/includes - - dist_sysconf_DATA = dhclient.conf.example - sbin_PROGRAMS = dhclient --dhclient_SOURCES = clparse.c dhclient.c dhc6.c \ -+dhclient_SOURCES = $(srcdir)/clparse.c $(srcdir)/dhclient.c $(srcdir)/dhc6.c \ - scripts/bsdos scripts/freebsd scripts/linux scripts/macos \ - scripts/netbsd scripts/nextstep scripts/openbsd \ - scripts/solaris scripts/openwrt -diff --git a/common/Makefile.am b/common/Makefile.am -index 113aee8..0f24fbb 100644 ---- a/common/Makefile.am -+++ b/common/Makefile.am -@@ -1,4 +1,5 @@ --AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -+AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -+ - AM_CFLAGS = $(LDAP_CFLAGS) - - noinst_LIBRARIES = libdhcp.a -diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am -index ceb0de1..ba8dd8b 100644 ---- a/dhcpctl/Makefile.am -+++ b/dhcpctl/Makefile.am -@@ -1,5 +1,7 @@ - BINDLIBDIR = @BINDDIR@/lib - -+AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) -+ - bin_PROGRAMS = omshell - lib_LIBRARIES = libdhcpctl.a - noinst_PROGRAMS = cltest -diff --git a/omapip/Makefile.am b/omapip/Makefile.am -index 446a594..dd1afa0 100644 ---- a/omapip/Makefile.am -+++ b/omapip/Makefile.am -@@ -1,4 +1,5 @@ - BINDLIBDIR = @BINDDIR@/lib -+AM_CPPFLAGS = -I$(top_srcdir)/includes - - lib_LIBRARIES = libomapi.a - noinst_PROGRAMS = svtest -diff --git a/relay/Makefile.am b/relay/Makefile.am -index 3060eca..6d652f6 100644 ---- a/relay/Makefile.am -+++ b/relay/Makefile.am -@@ -1,6 +1,6 @@ - BINDLIBDIR = @BINDDIR@/lib - --AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -+AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes - - sbin_PROGRAMS = dhcrelay - dhcrelay_SOURCES = dhcrelay.c -diff --git a/server/Makefile.am b/server/Makefile.am -index 54feedf..3990b9c 100644 ---- a/server/Makefile.am -+++ b/server/Makefile.am -@@ -6,7 +6,7 @@ SUBDIRS = . tests - - BINDLIBDIR = @BINDDIR@/lib - --AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"' -+AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes - - dist_sysconf_DATA = dhcpd.conf.example - sbin_PROGRAMS = dhcpd --- -2.8.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/libxml2-configure-argument.patch b/meta/recipes-connectivity/dhcp/dhcp/libxml2-configure-argument.patch deleted file mode 100644 index 14356621c0..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/libxml2-configure-argument.patch +++ /dev/null @@ -1,38 +0,0 @@ -Add configure argument to make the libxml2 dependency explicit and -determinisitic. - -Upstream-Status: Pending - -Signed-off-by: Christopher Larson <chris_larson@mentor.com> - -Rebase to 4.3.4 -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - configure.ac | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 726c88e..1684df1 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -718,7 +718,16 @@ AC_SUBST(BINDSRCDIR) - - # We need to find libxml2 if bind was built with support enabled - # otherwise we'll fail to build omapip/test.c --AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],) -+AC_ARG_WITH(libxml2, -+ AS_HELP_STRING([--with-libxml2], [link against libxml2. this is needed if bind was built with xml2 support enabled]), -+ with_libxml2="$withval", with_libxml2="no") -+ -+if test x$with_libxml2 != xno; then -+ AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2], -+ [if test x$with_libxml2 != xauto; then -+ AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested]) -+ fi]) -+fi - - # OpenLDAP support. - AC_ARG_WITH(ldap, --- -2.8.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/remove-dhclient-script-bash-dependency.patch b/meta/recipes-connectivity/dhcp/dhcp/remove-dhclient-script-bash-dependency.patch deleted file mode 100644 index 997b9f6ba9..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/remove-dhclient-script-bash-dependency.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 8aed2a9ff09cb0d584ad0a7340fe3a596879d9b1 Mon Sep 17 00:00:00 2001 -From: Andre McCurdy <armccurdy@gmail.com> -Date: Thu, 21 Jul 2016 19:07:02 -0700 -Subject: [PATCH] remove dhclient-script bash dependency - -Take the dash compatible IPv6 link-local address test from the Debian -version of dhclient-script. - -Note that although "echo -e" in the OE version of dhclient-script is -technically bash specific too, it is supported by Busybox echo when -Busybox is configured with CONFIG_FEATURE_FANCY_ECHO enabled (which -is the default in the OE Busybox defconfig) therefore leave as-is. - -Upstream-Status: Inappropriate [OE specific] - -Signed-off-by: Andre McCurdy <armccurdy@gmail.com> ---- - client/scripts/linux | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/client/scripts/linux b/client/scripts/linux -index 232a0aa..1383f46 100755 ---- a/client/scripts/linux -+++ b/client/scripts/linux -@@ -1,4 +1,4 @@ --#!/bin/bash -+#!/bin/sh - # dhclient-script for Linux. Dan Halbert, March, 1997. - # Updated for Linux 2.[12] by Brian J. Murrell, January 1999. - # No guarantees about this. I'm a novice at the details of Linux -@@ -47,11 +47,11 @@ make_resolv_conf() { - if [ "x${new_dhcp6_domain_search}" != x ] ; then - resolv_conf="search ${new_dhcp6_domain_search}\n" - fi -- shopt -s nocasematch - for nameserver in ${new_dhcp6_name_servers} ; do - # If the nameserver has a link-local address - # add a <zone_id> (interface name) to it. -- if [[ "$nameserver" =~ ^fe80:: ]] -+ if [ "${nameserver##fe80::}" != "$nameserver" ] || -+ [ "${nameserver##FE80::}" != "$nameserver" ] - then - zone_id="%$interface" - else -@@ -59,7 +59,6 @@ make_resolv_conf() { - fi - resolv_conf="${resolv_conf}nameserver ${nameserver}$zone_id\n" - done -- shopt -u nocasematch - - echo -e "${resolv_conf}" > /etc/resolv.conf - fi --- -1.9.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/replace-ifconfig-route.patch b/meta/recipes-connectivity/dhcp/dhcp/replace-ifconfig-route.patch deleted file mode 100644 index d84df5cd34..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/replace-ifconfig-route.patch +++ /dev/null @@ -1,188 +0,0 @@ -Found this patch here: -https://lists.isc.org/pipermail/dhcp-users/2011-January/012910.html - -and made some adjustments/updates to make it work with this version. -Wasn't able to find that why this patch was not accepted by ISC DHCP developers. - -Upstream-Status: Pending - -Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com> - -Rebase to 4.3.4 - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - client/scripts/linux | 82 ++++++++++++++++++++++++++++------------------------ - 1 file changed, 45 insertions(+), 37 deletions(-) - -diff --git a/client/scripts/linux b/client/scripts/linux -index a02cfd9..232a0aa 100755 ---- a/client/scripts/linux -+++ b/client/scripts/linux -@@ -101,17 +101,11 @@ fi - if [ x$old_broadcast_address != x ]; then - old_broadcast_arg="broadcast $old_broadcast_address" - fi --if [ x$new_subnet_mask != x ]; then -- new_subnet_arg="netmask $new_subnet_mask" -+if [ -n "$new_subnet_mask" ]; then -+ new_mask="/$new_subnet_mask" - fi --if [ x$old_subnet_mask != x ]; then -- old_subnet_arg="netmask $old_subnet_mask" --fi --if [ x$alias_subnet_mask != x ]; then -- alias_subnet_arg="netmask $alias_subnet_mask" --fi --if [ x$new_interface_mtu != x ]; then -- mtu_arg="mtu $new_interface_mtu" -+if [ -n "$alias_subnet_mask" ]; then -+ alias_mask="/$alias_subnet_mask" - fi - if [ x$IF_METRIC != x ]; then - metric_arg="metric $IF_METRIC" -@@ -125,9 +119,9 @@ fi - if [ x$reason = xPREINIT ]; then - if [ x$alias_ip_address != x ]; then - # Bring down alias interface. Its routes will disappear too. -- ifconfig $interface:0- inet 0 -+ ${ip} -4 addr flush dev ${interface} label ${interface}:0 - fi -- ifconfig $interface 0 up -+ ${ip} link set dev ${interface} up - - # We need to give the kernel some time to get the interface up. - sleep 1 -@@ -154,25 +148,30 @@ if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ - if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \ - [ x$alias_ip_address != x$old_ip_address ]; then - # Possible new alias. Remove old alias. -- ifconfig $interface:0- inet 0 -+ ${ip} -4 addr flush dev ${interface} label ${interface}:0 - fi - if [ x$old_ip_address != x ] && [ x$old_ip_address != x$new_ip_address ]; then - # IP address changed. Bringing down the interface will delete all routes, - # and clear the ARP cache. -- ifconfig $interface inet 0 down -+ ${ip} -4 addr flush dev ${interface} label ${interface} - - fi - if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ - [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then - -- ifconfig $interface inet $new_ip_address $new_subnet_arg \ -- $new_broadcast_arg $mtu_arg -+ ${ip} -4 addr add ${new_ip_address}${new_mask} ${new_broadcast_arg} \ -+ dev ${interface} label ${interface} -+ if [ -n "$new_interface_mtu" ]; then -+ # set MTU -+ ${ip} link set dev ${interface} mtu ${new_interface_mtu} -+ fi - # Add a network route to the computed network address. - for router in $new_routers; do - if [ "x$new_subnet_mask" = "x255.255.255.255" ] ; then -- route add -host $router dev $interface -+ ${ip} -4 route add ${router} dev $interface >/dev/null 2>&1 - fi -- route add default gw $router $metric_arg dev $interface -+ ${ip} -4 route add default via ${router} dev ${interface} \ -+ ${metric_arg} >/dev/null 2>&1 - done - else - # we haven't changed the address, have we changed other options -@@ -180,21 +179,23 @@ if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ - if [ x$new_routers != x ] && [ x$new_routers != x$old_routers ] ; then - # if we've changed routers delete the old and add the new. - for router in $old_routers; do -- route del default gw $router -+ ${ip} -4 route delete default via ${router} - done - for router in $new_routers; do - if [ "x$new_subnet_mask" = "x255.255.255.255" ] ; then -- route add -host $router dev $interface -- fi -- route add default gw $router $metric_arg dev $interface -+ ${ip} -4 route add ${router} dev $interface >/dev/null 2>&1 -+ fi -+ ${ip} -4 route add default via ${router} dev ${interface} \ -+ ${metric_arg} >/dev/null 2>&1 - done - fi - fi - if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; - then -- ifconfig $interface:0- inet 0 -- ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg -- route add -host $alias_ip_address $interface:0 -+ ${ip} -4 addr flush dev ${interface} label ${interface}:0 -+ ${ip} -4 addr add ${alias_ip_address}${alias_mask} \ -+ dev ${interface} label ${interface}:0 -+ ${ip} -4 route add ${alias_ip_address} dev ${interface} >/dev/null 2>&1 - fi - make_resolv_conf - exit_with_hooks 0 -@@ -204,42 +205,49 @@ if [ x$reason = xEXPIRE ] || [ x$reason = xFAIL ] || [ x$reason = xRELEASE ] \ - || [ x$reason = xSTOP ]; then - if [ x$alias_ip_address != x ]; then - # Turn off alias interface. -- ifconfig $interface:0- inet 0 -+ ${ip} -4 addr flush dev ${interface} label ${interface}:0 - fi - if [ x$old_ip_address != x ]; then - # Shut down interface, which will delete routes and clear arp cache. -- ifconfig $interface inet 0 down -+ ${ip} -4 addr flush dev ${interface} label ${interface} - fi - if [ x$alias_ip_address != x ]; then -- ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg -- route add -host $alias_ip_address $interface:0 -+ ${ip} -4 addr add ${alias_ip_address}${alias_network_arg} \ -+ dev ${interface} label ${interface}:0 -+ ${ip} -4 route add ${alias_ip_address} dev ${interface} >/dev/null 2>&1 - fi - exit_with_hooks 0 - fi - - if [ x$reason = xTIMEOUT ]; then - if [ x$alias_ip_address != x ]; then -- ifconfig $interface:0- inet 0 -+ ${ip} -4 addr flush dev ${interface} label ${interface}:0 -+ fi -+ ${ip} -4 addr add ${new_ip_address}${new_mask} ${new_broadcast_arg} \ -+ dev ${interface} label ${interface} -+ if [ -n "$new_interface_mtu" ]; then -+ # set MTU -+ ip link set dev ${interface} mtu ${new_interface_mtu} - fi -- ifconfig $interface inet $new_ip_address $new_subnet_arg \ -- $new_broadcast_arg $mtu_arg - set $new_routers - if ping -q -c 1 $1; then - if [ x$new_ip_address != x$alias_ip_address ] && \ - [ x$alias_ip_address != x ]; then -- ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg -- route add -host $alias_ip_address dev $interface:0 -+ ${ip} -4 addr add ${alias_ip_address}${alias_mask} \ -+ dev ${interface} label ${interface}:0 -+ ${ip} -4 route add ${alias_ip_address} dev ${interface} >/dev/null 2>&1 - fi - for router in $new_routers; do - if [ "x$new_subnet_mask" = "x255.255.255.255" ] ; then -- route add -host $router dev $interface -+ ${ip} -4 route add ${router} dev $interface >/dev/null 2>&1 - fi -- route add default gw $router $metric_arg dev $interface -+ ${ip} -4 route add default via ${router} dev ${interface} \ -+ ${metric_arg} >/dev/null 2>&1 - done - make_resolv_conf - exit_with_hooks 0 - fi -- ifconfig $interface inet 0 down -+ ${ip} -4 addr flush dev ${interface} - exit_with_hooks 1 - fi - --- -2.8.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch b/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch deleted file mode 100644 index a08a5b725f..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch +++ /dev/null @@ -1,23 +0,0 @@ -libdns requires libxml2 if bind was built with libxml2 support -enabled. Compilation will fail for omapip/test.c in case -lxml2 isn't used during the build. So, we add losely coupled -search path which will pick up the lib if it is present. - -Signed-off-by: Awais Belal <awais_belal@mentor.com> -Upstream-Status: Pending - -diff --git a/configure.ac b/configure.ac -index c9dc8b5..85f59be 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -602,6 +602,10 @@ no) - esac - AC_SUBST([libbind]) - -+# We need to find libxml2 if bind was built with support enabled -+# otherwise we'll fail to build omapip/test.c -+AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],) -+ - # OpenLDAP support. - AC_ARG_WITH(ldap, - AS_HELP_STRING([--with-ldap],[enable OpenLDAP support in dhcpd (default is no)]), diff --git a/meta/recipes-connectivity/dhcp/dhcp/tweak-to-support-external-bind.patch b/meta/recipes-connectivity/dhcp/dhcp/tweak-to-support-external-bind.patch deleted file mode 100644 index 03c6abb799..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/tweak-to-support-external-bind.patch +++ /dev/null @@ -1,117 +0,0 @@ -From ad7bb401f47714fc30c408853b796ce0f1c7e65f Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Sat, 11 Jun 2016 22:51:44 -0400 -Subject: [PATCH] tweak to support external bind - -Tweak the external bind to oe-core's sysroot rather than -external bind source build. - -Upstream-Status: Inappropriate <oe-core specific> - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - client/Makefile.am | 2 +- - client/tests/Makefile.am | 2 +- - common/tests/Makefile.am | 2 +- - dhcpctl/Makefile.am | 2 +- - omapip/Makefile.am | 2 +- - relay/Makefile.am | 2 +- - server/Makefile.am | 2 +- - server/tests/Makefile.am | 2 +- - 8 files changed, 8 insertions(+), 8 deletions(-) - -diff --git a/client/Makefile.am b/client/Makefile.am -index 4730bb3..84d8131 100644 ---- a/client/Makefile.am -+++ b/client/Makefile.am -@@ -4,7 +4,7 @@ - # production code. Sadly, we are not there yet. - SUBDIRS = . tests - --BINDLIBDIR = @BINDDIR@/lib -+BINDLIBDIR = @BINDDIR@ - - AM_CPPFLAGS = -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \ - -DLOCALSTATEDIR='"$(localstatedir)"' -I$(top_srcdir)/includes -diff --git a/client/tests/Makefile.am b/client/tests/Makefile.am -index da69ea9..fe35e57 100644 ---- a/client/tests/Makefile.am -+++ b/client/tests/Makefile.am -@@ -1,6 +1,6 @@ - SUBDIRS = . - --BINDLIBDIR = @BINDDIR@/lib -+BINDLIBDIR = @BINDDIR@ - - AM_CPPFLAGS = $(ATF_CFLAGS) -DUNIT_TEST -I$(top_srcdir)/includes - AM_CPPFLAGS += -I@BINDDIR@/include -I$(top_srcdir) -diff --git a/common/tests/Makefile.am b/common/tests/Makefile.am -index f8d6b0e..05cd9c1 100644 ---- a/common/tests/Makefile.am -+++ b/common/tests/Makefile.am -@@ -1,6 +1,6 @@ - SUBDIRS = . - --BINDLIBDIR = @BINDDIR@/lib -+BINDLIBDIR = @BINDDIR@ - - AM_CPPFLAGS = $(ATF_CFLAGS) -I$(top_srcdir)/includes - -diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am -index ba8dd8b..9b2486e 100644 ---- a/dhcpctl/Makefile.am -+++ b/dhcpctl/Makefile.am -@@ -1,4 +1,4 @@ --BINDLIBDIR = @BINDDIR@/lib -+BINDLIBDIR = @BINDDIR@ - - AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) - -diff --git a/omapip/Makefile.am b/omapip/Makefile.am -index dd1afa0..e4a8599 100644 ---- a/omapip/Makefile.am -+++ b/omapip/Makefile.am -@@ -1,4 +1,4 @@ --BINDLIBDIR = @BINDDIR@/lib -+BINDLIBDIR = @BINDDIR@ - AM_CPPFLAGS = -I$(top_srcdir)/includes - - lib_LIBRARIES = libomapi.a -diff --git a/relay/Makefile.am b/relay/Makefile.am -index 6d652f6..b3bf578 100644 ---- a/relay/Makefile.am -+++ b/relay/Makefile.am -@@ -1,4 +1,4 @@ --BINDLIBDIR = @BINDDIR@/lib -+BINDLIBDIR = @BINDDIR@ - - AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes - -diff --git a/server/Makefile.am b/server/Makefile.am -index 3990b9c..b5d8c2d 100644 ---- a/server/Makefile.am -+++ b/server/Makefile.am -@@ -4,7 +4,7 @@ - # production code. Sadly, we are not there yet. - SUBDIRS = . tests - --BINDLIBDIR = @BINDDIR@/lib -+BINDLIBDIR = @BINDDIR@ - - AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes - -diff --git a/server/tests/Makefile.am b/server/tests/Makefile.am -index 65a9f74..2892309 100644 ---- a/server/tests/Makefile.am -+++ b/server/tests/Makefile.am -@@ -1,6 +1,6 @@ - SUBDIRS = . - --BINDLIBDIR = @BINDDIR@/lib -+BINDLIBDIR = @BINDDIR@ - - AM_CPPFLAGS = $(ATF_CFLAGS) -DUNIT_TEST -I$(top_srcdir)/includes - AM_CPPFLAGS += -I@BINDDIR@/include -I$(top_srcdir) --- -2.8.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.3.4.bb b/meta/recipes-connectivity/dhcp/dhcp_4.3.4.bb deleted file mode 100644 index 4151eb1836..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp_4.3.4.bb +++ /dev/null @@ -1,18 +0,0 @@ -require dhcp.inc - -SRC_URI += "file://dhcp-3.0.3-dhclient-dbus.patch;striplevel=0 \ - file://link-with-lcrypto.patch \ - file://fixsepbuild.patch \ - file://dhclient-script-drop-resolv.conf.dhclient.patch \ - file://replace-ifconfig-route.patch \ - file://0001-site.h-enable-gentle-shutdown.patch \ - file://libxml2-configure-argument.patch \ - file://tweak-to-support-external-bind.patch \ - file://remove-dhclient-script-bash-dependency.patch \ - " - -SRC_URI[md5sum] = "0138319fe2b788cf4bdf34fbeaf9ff54" -SRC_URI[sha256sum] = "f5115aee3dd3e6925de4ba47b80ab732ba48b481c8364b6ebade2d43698d607e" - -PACKAGECONFIG ?= "" -PACKAGECONFIG[bind-httpstats] = "--with-libxml2,--without-libxml2,libxml2" diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb b/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb new file mode 100644 index 0000000000..020777b8f2 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb @@ -0,0 +1,23 @@ +require dhcp.inc + +SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch \ + file://0002-dhclient-dbus.patch \ + file://0003-link-with-lcrypto.patch \ + file://0004-Fix-out-of-tree-builds.patch \ + file://0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch \ + file://0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch \ + file://0009-remove-dhclient-script-bash-dependency.patch \ + file://0012-dhcp-correct-the-intention-for-xml2-lib-search.patch \ + file://0013-fixup_use_libbind.patch \ + file://0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch \ + file://0001-Fix-a-NSUPDATE-compiling-issue.patch \ + file://0001-workaround-busybox-limitation-in-linux-dhclient-script.patch \ +" + +SRC_URI[md5sum] = "18c7f4dcbb0a63df25098216d47b1ede" +SRC_URI[sha256sum] = "2a22508922ab367b4af4664a0472dc220cc9603482cf3c16d9aff14f3a76b608" + +LDFLAGS_append = " -pthread" + +PACKAGECONFIG ?= "" +PACKAGECONFIG[bind-httpstats] = "--with-libxml2,--without-libxml2,libxml2" diff --git a/meta/recipes-connectivity/dhcp/files/dhclient-systemd-wrapper b/meta/recipes-connectivity/dhcp/files/dhclient-systemd-wrapper new file mode 100644 index 0000000000..7d0e224a1d --- /dev/null +++ b/meta/recipes-connectivity/dhcp/files/dhclient-systemd-wrapper @@ -0,0 +1,39 @@ +#!/bin/sh + +# In case the interface is used for nfs, skip it. +nfsroot=0 +interfaces="" +exec 9<&0 < /proc/mounts +while read dev mtpt fstype rest; do + if test $mtpt = "/" ; then + case $fstype in + nfs | nfs4) + nfsroot=1 + nfs_addr=`echo $rest | sed -e 's/^.*addr=\([0-9.]*\).*$/\1/'` + break + ;; + *) + ;; + esac + fi +done +exec 0<&9 9<&- + +if [ $nfsroot -eq 0 ]; then + interfaces="$INTERFACES" +else + if [ -x /bin/ip -o -x /sbin/ip ] ; then + nfs_iface=`ip route get $nfs_addr | grep dev | sed -e 's/^.*dev \([-a-z0-9.]*\).*$/\1/'` + fi + for i in $INTERFACES; do + if test "x$i" = "x$nfs_iface"; then + echo "dhclient skipping nfsroot interface $i" + else + interfaces="$interfaces $i" + fi + done +fi + +if test "x$interfaces" != "x"; then + /sbin/dhclient -d -cf /etc/dhcp/dhclient.conf -q -lf /var/lib/dhcp/dhclient.leases $interfaces +fi diff --git a/meta/recipes-connectivity/dhcp/files/dhclient.service b/meta/recipes-connectivity/dhcp/files/dhclient.service new file mode 100644 index 0000000000..9ddb4d1dfe --- /dev/null +++ b/meta/recipes-connectivity/dhcp/files/dhclient.service @@ -0,0 +1,13 @@ +[Unit] +Description=Dynamic Host Configuration Protocol (DHCP) +Wants=network.target +Before=network.target +After=systemd-udevd.service + +[Service] +EnvironmentFile=-@SYSCONFDIR@/default/dhcp-client +ExecStart=@BASE_SBINDIR@/dhclient-systemd-wrapper +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/dhcp/files/dhcpd6.service b/meta/recipes-connectivity/dhcp/files/dhcpd6.service index ca96abb838..52a6224dc2 100644 --- a/meta/recipes-connectivity/dhcp/files/dhcpd6.service +++ b/meta/recipes-connectivity/dhcp/files/dhcpd6.service @@ -9,7 +9,7 @@ PIDFile=@localstatedir@/run/dhcpd6.pid EnvironmentFile=@SYSCONFDIR@/default/dhcp-server EnvironmentFile=-@SYSCONFDIR@/sysconfig/dhcpd6 ExecStartPre=@base_bindir@/touch @localstatedir@/lib/dhcp/dhcpd6.leases -ExecStart=@SBINDIR@/dhcpd -f -6 -cf @SYSCONFDIR@/dhcp/dhcpd.conf -pf @localstatedir@/run/dhcpd6.pid $DHCPDARGS -q $INTERFACES +ExecStart=@SBINDIR@/dhcpd -f -6 -cf @SYSCONFDIR@/dhcp/dhcpd6.conf -pf @localstatedir@/run/dhcpd6.pid $DHCPDARGS -q $INTERFACES [Install] WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/inetutils/inetutils/0001-rcp-fix-to-work-with-large-files.patch b/meta/recipes-connectivity/inetutils/inetutils/0001-rcp-fix-to-work-with-large-files.patch new file mode 100644 index 0000000000..d4764f5867 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/0001-rcp-fix-to-work-with-large-files.patch @@ -0,0 +1,31 @@ +Upstream-Status: Pending + +Subject: rcp: fix to work with large files + +When we copy file by rcp command, if the file > 2GB, it will fail. +The cause is that it used incorrect data type on file size in sink() of rcp. + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/rcp.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/rcp.c b/src/rcp.c +index 21f55b6..bafa35f 100644 +--- a/src/rcp.c ++++ b/src/rcp.c +@@ -876,9 +876,9 @@ sink (int argc, char *argv[]) + enum + { YES, NO, DISPLAYED } wrerr; + BUF *bp; +- off_t i, j; ++ off_t i, j, size; + int amt, count, exists, first, mask, mode, ofd, omode; +- int setimes, size, targisdir, wrerrno; ++ int setimes, targisdir, wrerrno; + char ch, *cp, *np, *targ, *vect[1], buf[BUFSIZ]; + const char *why; + +-- +1.9.1 + diff --git a/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch b/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch new file mode 100644 index 0000000000..a91913cb51 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch @@ -0,0 +1,25 @@ +tftpd: Fix abort on error path + +When trying to fetch a non existent file, the app crashes with: + +*** buffer overflow detected ***: +Aborted + + +Upstream-Status: Submitted [https://www.mail-archive.com/bug-inetutils@gnu.org/msg03036.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91205] +Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> +diff --git a/src/tftpd.c b/src/tftpd.c +index 56002a0..144012f 100644 +--- a/src/tftpd.c ++++ b/src/tftpd.c +@@ -864,9 +864,8 @@ nak (int error) + pe->e_msg = strerror (error - 100); + tp->th_code = EUNDEF; /* set 'undef' errorcode */ + } +- strcpy (tp->th_msg, pe->e_msg); + length = strlen (pe->e_msg); +- tp->th_msg[length] = '\0'; ++ memcpy(tp->th_msg, pe->e_msg, length + 1); + length += 5; + if (sendto (peer, buf, length, 0, (struct sockaddr *) &from, fromlen) != length) + syslog (LOG_ERR, "nak: %m\n"); diff --git a/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch b/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch new file mode 100644 index 0000000000..24c134fcac --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch @@ -0,0 +1,83 @@ +Upstream: http://www.mail-archive.com/bug-inetutils@gnu.org/msg02103.html + +Upstream-Status: Pending + +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> +--- + ping/ping_common.h | 20 ++++++++++++++++++++ + 1 file changed, 20 insertions(+) + +diff --git a/ping/ping_common.h b/ping/ping_common.h +index 1dfd1b5..3bfbd12 100644 +--- a/ping/ping_common.h ++++ b/ping/ping_common.h +@@ -17,10 +17,14 @@ + You should have received a copy of the GNU General Public License + along with this program. If not, see `http://www.gnu.org/licenses/'. */ + ++#include <config.h> ++ + #include <netinet/in_systm.h> + #include <netinet/in.h> + #include <netinet/ip.h> ++#ifdef HAVE_IPV6 + #include <netinet/icmp6.h> ++#endif + #include <icmp.h> + #include <error.h> + #include <progname.h> +@@ -62,7 +66,12 @@ struct ping_stat + want to follow the traditional behaviour of ping. */ + #define DEFAULT_PING_COUNT 0 + ++#ifdef HAVE_IPV6 + #define PING_HEADER_LEN (USE_IPV6 ? sizeof (struct icmp6_hdr) : ICMP_MINLEN) ++#else ++#define PING_HEADER_LEN (ICMP_MINLEN) ++#endif ++ + #define PING_TIMING(s) ((s) >= sizeof (struct timeval)) + #define PING_DATALEN (64 - PING_HEADER_LEN) /* default data length */ + +@@ -74,13 +83,20 @@ struct ping_stat + (t).tv_usec = ((i)%PING_PRECISION)*(1000000/PING_PRECISION) ;\ + } while (0) + ++#ifdef HAVE_IPV6 + /* FIXME: Adjust IPv6 case for options and their consumption. */ + #define _PING_BUFLEN(p, u) ((u)? ((p)->ping_datalen + sizeof (struct icmp6_hdr)) : \ + (MAXIPLEN + (p)->ping_datalen + ICMP_TSLEN)) + ++#else ++#define _PING_BUFLEN(p, u) (MAXIPLEN + (p)->ping_datalen + ICMP_TSLEN) ++#endif ++ ++#ifdef HAVE_IPV6 + typedef int (*ping_efp6) (int code, void *closure, struct sockaddr_in6 * dest, + struct sockaddr_in6 * from, struct icmp6_hdr * icmp, + int datalen); ++#endif + + typedef int (*ping_efp) (int code, + void *closure, +@@ -89,13 +105,17 @@ typedef int (*ping_efp) (int code, + struct ip * ip, icmphdr_t * icmp, int datalen); + + union event { ++#ifdef HAVE_IPV6 + ping_efp6 handler6; ++#endif + ping_efp handler; + }; + + union ping_address { + struct sockaddr_in ping_sockaddr; ++#ifdef HAVE_IPV6 + struct sockaddr_in6 ping_sockaddr6; ++#endif + }; + + typedef struct ping_data PING; +-- +2.8.3 + diff --git a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch new file mode 100644 index 0000000000..3da4e9f55a --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch @@ -0,0 +1,29 @@ +From 552a7d64ad4a7188a9b7cd89933ae7caf7ebfe90 Mon Sep 17 00:00:00 2001 +From: Mike Frysinger <vapier at gentoo.org> +Date: Thu, 18 Nov 2010 16:59:14 -0500 +Subject: [PATCH gnulib] printf-parse: pull in features.h for __GLIBC__ + +Upstream-Status: Pending + +Signed-off-by: Mike Frysinger <vapier at gentoo.org> +--- + lib/printf-parse.h | 3 +++ + 1 files changed, 3 insertions(+), 0 deletions(-) + +diff --git a/lib/printf-parse.h b/lib/printf-parse.h +index 67a4a2a..3bd6152 100644 +--- a/lib/printf-parse.h ++++ b/lib/printf-parse.h +@@ -25,6 +25,9 @@ + + #include "printf-args.h" + ++#ifdef HAVE_FEATURES_H ++# include <features.h> /* for __GLIBC__ */ ++#endif + + /* Flags */ + #define FLAG_GROUP 1 /* ' flag */ +-- +1.7.3.2 + diff --git a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0003-wchar.patch b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0003-wchar.patch new file mode 100644 index 0000000000..b13bb9229f --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0003-wchar.patch @@ -0,0 +1,14 @@ +Upstream-Status: Pending + +--- inetutils-1.8/lib/wchar.in.h ++++ inetutils-1.8/lib/wchar.in.h +@@ -70,6 +70,9 @@ + /* The include_next requires a split double-inclusion guard. */ + #if @HAVE_WCHAR_H@ + # @INCLUDE_NEXT@ @NEXT_WCHAR_H@ ++#else ++# include <stddef.h> ++# define MB_CUR_MAX 1 + #endif + + #undef _GL_ALREADY_INCLUDING_WCHAR_H diff --git a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch new file mode 100644 index 0000000000..2592989a90 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch @@ -0,0 +1,26 @@ +inetutils: define PATH_PROCNET_DEV if not already defined + +this prevents the following compilation error : +system/linux.c:401:15: error: 'PATH_PROCNET_DEV' undeclared (first use in this function) + +this patch comes from : + http://repository.timesys.com/buildsources/i/inetutils/inetutils-1.9/ + +Upstream-Status: Inappropriate [not author] + +Signed-of-by: Eric Bénard <eric@eukrea.com> +--- +diff -Naur inetutils-1.9.orig/ifconfig/system/linux.c inetutils-1.9/ifconfig/system/linux.c +--- inetutils-1.9.orig/ifconfig/system/linux.c 2012-01-04 16:31:36.000000000 -0500 ++++ inetutils-1.9/ifconfig/system/linux.c 2012-01-04 16:40:53.000000000 -0500 +@@ -49,6 +49,10 @@ + #include "../ifconfig.h" + + ++#ifndef PATH_PROCNET_DEV ++ #define PATH_PROCNET_DEV "/proc/net/dev" ++#endif ++ + /* ARPHRD stuff. */ + + static void diff --git a/meta/recipes-connectivity/inetutils/inetutils/inetutils-only-check-pam_appl.h-when-pam-enabled.patch b/meta/recipes-connectivity/inetutils/inetutils/inetutils-only-check-pam_appl.h-when-pam-enabled.patch new file mode 100644 index 0000000000..ff3abd86aa --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/inetutils-only-check-pam_appl.h-when-pam-enabled.patch @@ -0,0 +1,40 @@ +Only check security/pam_appl.h which is provided by package libpam when pam is +enabled. + +Upstream-Status: Pending + +Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- +diff --git a/configure.ac b/configure.ac +index b35e672..e78a751 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -195,6 +195,19 @@ fi + + # See if we have libpam.a. Investigate PAM versus Linux-PAM. + if test "$with_pam" = yes ; then ++ AC_CHECK_HEADERS([security/pam_appl.h], [], [], [ ++#include <sys/types.h> ++#ifdef HAVE_NETINET_IN_SYSTM_H ++# include <netinet/in_systm.h> ++#endif ++#include <netinet/in.h> ++#ifdef HAVE_NETINET_IP_H ++# include <netinet/ip.h> ++#endif ++#ifdef HAVE_SYS_PARAM_H ++# include <sys/param.h> ++#endif ++]) + AC_CHECK_LIB(dl, dlopen, LIBDL=-ldl) + AC_CHECK_LIB(pam, pam_authenticate, LIBPAM=-lpam) + if test "$ac_cv_lib_pam_pam_authenticate" = yes ; then +@@ -587,7 +600,7 @@ AC_HEADER_DIRENT + AC_CHECK_HEADERS([arpa/nameser.h errno.h fcntl.h features.h \ + glob.h memory.h netinet/ether.h netinet/in_systm.h \ + netinet/ip.h netinet/ip_icmp.h netinet/ip_var.h \ +- security/pam_appl.h shadow.h \ ++ shadow.h \ + stdarg.h stdlib.h string.h stropts.h sys/tty.h \ + sys/utsname.h sys/ptyvar.h sys/msgbuf.h sys/filio.h \ + sys/ioctl_compat.h sys/cdefs.h sys/stream.h sys/mkdev.h \ diff --git a/meta/recipes-connectivity/inetutils/inetutils/rexec.xinetd.inetutils b/meta/recipes-connectivity/inetutils/inetutils/rexec.xinetd.inetutils new file mode 100644 index 0000000000..30e81ef450 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/rexec.xinetd.inetutils @@ -0,0 +1,20 @@ +# default: off +# description: +# Rexecd is the server for the rexec program. The server provides remote +# execution facilities with authentication based on user names and +# passwords. +# +service exec +{ + socket_type = stream + protocol = tcp + flags = NAMEINARGS + wait = no + user = root + group = root + log_on_success += USERID + log_on_failure += USERID + server = @SBINDIR@/tcpd + server_args = @SBINDIR@/in.rexecd + disable = yes +} diff --git a/meta/recipes-connectivity/inetutils/inetutils/rlogin.xinetd.inetutils b/meta/recipes-connectivity/inetutils/inetutils/rlogin.xinetd.inetutils new file mode 100644 index 0000000000..21b55da9a9 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/rlogin.xinetd.inetutils @@ -0,0 +1,23 @@ +# default: off +# description: +# Rlogind is a server for the rlogin program. The server provides remote +# execution with authentication based on privileged port numbers from trusted +# host +# +service login +{ + socket_type = stream + protocol = tcp + flags = NAMEINARGS + wait = no + user = root + group = root + log_on_success += USERID + log_on_failure += USERID + server = @SBINDIR@/tcpd + server_args = @SBINDIR@/in.rlogind -a + disable = yes +} + + + diff --git a/meta/recipes-connectivity/inetutils/inetutils/rsh.xinetd.inetutils b/meta/recipes-connectivity/inetutils/inetutils/rsh.xinetd.inetutils new file mode 100644 index 0000000000..2b894a74bd --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/rsh.xinetd.inetutils @@ -0,0 +1,21 @@ +# default: off +# description: +# The rshd server is a server for the rcmd(3) routine and, +# consequently, for the rsh(1) program. The server provides +# remote execution facilities with authentication based on +# privileged port numbers from trusted hosts. +# +service shell +{ + socket_type = stream + protocol = tcp + flags = NAMEINARGS + wait = no + user = root + group = root + log_on_success += USERID + log_on_failure += USERID + server = @SBINDIR@/tcpd + server_args = @SBINDIR@/in.rshd -aL + disable = yes +} diff --git a/meta/recipes-connectivity/inetutils/inetutils/telnet.xinetd.inetutils b/meta/recipes-connectivity/inetutils/inetutils/telnet.xinetd.inetutils new file mode 100644 index 0000000000..2d9a0408c0 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/telnet.xinetd.inetutils @@ -0,0 +1,13 @@ +# default: on +# description: The telnet server serves telnet sessions; it uses \ +# unencrypted username/password pairs for authentication. +service telnet +{ + disable = no + flags = REUSE + socket_type = stream + wait = no + user = root + server = @SBINDIR@/in.telnetd + log_on_failure += USERID +} diff --git a/meta/recipes-connectivity/inetutils/inetutils/tftpd.xinetd.inetutils b/meta/recipes-connectivity/inetutils/inetutils/tftpd.xinetd.inetutils new file mode 100644 index 0000000000..67b44c43e8 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/tftpd.xinetd.inetutils @@ -0,0 +1,19 @@ +# default: off +# description: +# Tftpd is a server which supports the Internet Trivial File Transfer +# Pro-tocol (RFC 783). The TFTP server operates at the port indicated +# in the tftp service description; see services(5). +# +service tftp +{ + disable = yes + socket_type = dgram + protocol = udp + flags = IPv6 + wait = yes + user = root + group = root + server = @SBINDIR@/in.tftpd + server_args = /tftpboot +} + diff --git a/meta/recipes-connectivity/inetutils/inetutils/version.patch b/meta/recipes-connectivity/inetutils/inetutils/version.patch new file mode 100644 index 0000000000..532a0e5c08 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/version.patch @@ -0,0 +1,17 @@ +Upstream-Status: Pending + +remove m4_esyscmd function + +Signed-off-by: Chunrong Guo <b40290@freescale.com> +--- inetutils-1.9.1/configure.ac 2012-01-06 22:05:05.000000000 +0800 ++++ inetutils-1.9.1/configure.ac 2012-11-12 14:01:11.732957019 +0800 +@@ -20,8 +20,7 @@ + + AC_PREREQ(2.59) + +-AC_INIT([GNU inetutils], +- m4_esyscmd([build-aux/git-version-gen .tarball-version 's/inetutils-/v/;s/_/./g']), ++AC_INIT([GNU inetutils],[1.9.4], + [bug-inetutils@gnu.org]) + + AC_CONFIG_SRCDIR([src/inetd.c]) diff --git a/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb b/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb new file mode 100644 index 0000000000..684fbe09e1 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb @@ -0,0 +1,210 @@ +DESCRIPTION = "The GNU inetutils are a collection of common \ +networking utilities and servers including ftp, ftpd, rcp, \ +rexec, rlogin, rlogind, rsh, rshd, syslog, syslogd, talk, \ +talkd, telnet, telnetd, tftp, tftpd, and uucpd." +HOMEPAGE = "http://www.gnu.org/software/inetutils" +SECTION = "net" +DEPENDS = "ncurses netbase readline virtual/crypt" + +LICENSE = "GPLv3" + +LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7" + +SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.gz \ + file://version.patch \ + file://inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch \ + file://inetutils-1.8-0003-wchar.patch \ + file://rexec.xinetd.inetutils \ + file://rlogin.xinetd.inetutils \ + file://rsh.xinetd.inetutils \ + file://telnet.xinetd.inetutils \ + file://tftpd.xinetd.inetutils \ + file://inetutils-1.9-PATH_PROCNET_DEV.patch \ + file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \ + file://0001-rcp-fix-to-work-with-large-files.patch \ + file://fix-buffer-fortify-tfpt.patch \ +" + +SRC_URI[md5sum] = "04852c26c47cc8c6b825f2b74f191f52" +SRC_URI[sha256sum] = "be8f75eff936b8e41b112462db51adf689715658a1b09e0d6b05d11ec92cc616" + +inherit autotools gettext update-alternatives texinfo + +acpaths = "-I ./m4" + +SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '', 'file://fix-disable-ipv6.patch', d)}" + +PACKAGECONFIG ??= "ftp uucpd \ + ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6 ping6', '', d)} \ + " +PACKAGECONFIG[ftp] = "--enable-ftp,--disable-ftp,readline" +PACKAGECONFIG[uucpd] = "--enable-uucpd,--disable-uucpd,readline" +PACKAGECONFIG[pam] = "--with-pam,--without-pam,libpam" +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6 gl_cv_socket_ipv6=no," +PACKAGECONFIG[ping6] = "--enable-ping6,--disable-ping6," + +EXTRA_OECONF = "--with-ncurses-include-dir=${STAGING_INCDIR} \ + inetutils_cv_path_login=${base_bindir}/login \ + --with-libreadline-prefix=${STAGING_LIBDIR} \ + --enable-rpath=no \ +" + +# These are horrible for security, disable them +EXTRA_OECONF_append = " --disable-rsh --disable-rshd --disable-rcp \ + --disable-rlogin --disable-rlogind --disable-rexec --disable-rexecd" + +do_configure_prepend () { + export HELP2MAN='true' + cp ${STAGING_DATADIR_NATIVE}/gettext/config.rpath ${S}/build-aux/config.rpath + install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess ${S} + install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub ${S} + rm -f ${S}/glob/configure* +} + +do_install_append () { + install -m 0755 -d ${D}${base_sbindir} + install -m 0755 -d ${D}${sbindir} + install -m 0755 -d ${D}${sysconfdir}/xinetd.d + if [ "${base_bindir}" != "${bindir}" ] ; then + install -m 0755 -d ${D}${base_bindir} + mv ${D}${bindir}/ping* ${D}${base_bindir}/ + mv ${D}${bindir}/hostname ${D}${base_bindir}/ + fi + mv ${D}${bindir}/ifconfig ${D}${base_sbindir}/ + mv ${D}${libexecdir}/syslogd ${D}${base_sbindir}/ + mv ${D}${libexecdir}/tftpd ${D}${sbindir}/in.tftpd + mv ${D}${libexecdir}/telnetd ${D}${sbindir}/in.telnetd + if [ -e ${D}${libexecdir}/rexecd ]; then + mv ${D}${libexecdir}/rexecd ${D}${sbindir}/in.rexecd + cp ${WORKDIR}/rexec.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rexec + fi + if [ -e ${D}${libexecdir}/rlogind ]; then + mv ${D}${libexecdir}/rlogind ${D}${sbindir}/in.rlogind + cp ${WORKDIR}/rlogin.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rlogin + fi + if [ -e ${D}${libexecdir}/rshd ]; then + mv ${D}${libexecdir}/rshd ${D}${sbindir}/in.rshd + cp ${WORKDIR}/rsh.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rsh + fi + if [ -e ${D}${libexecdir}/talkd ]; then + mv ${D}${libexecdir}/talkd ${D}${sbindir}/in.talkd + fi + mv ${D}${libexecdir}/uucpd ${D}${sbindir}/in.uucpd + mv ${D}${libexecdir}/* ${D}${bindir}/ + cp ${WORKDIR}/telnet.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/telnet + cp ${WORKDIR}/tftpd.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/tftpd + + sed -e 's,@SBINDIR@,${sbindir},g' -i ${D}/${sysconfdir}/xinetd.d/* + if [ -e ${D}${libdir}/charset.alias ]; then + rm -rf ${D}${libdir}/charset.alias + fi + rm -rf ${D}${libexecdir}/ + # remove usr/lib if empty + rmdir ${D}${libdir} || true +} + +PACKAGES =+ "${PN}-ping ${PN}-ping6 ${PN}-hostname ${PN}-ifconfig \ +${PN}-tftp ${PN}-logger ${PN}-traceroute ${PN}-syslogd \ +${PN}-ftp ${PN}-ftpd ${PN}-tftpd ${PN}-telnet ${PN}-telnetd ${PN}-inetd \ +${PN}-rsh ${PN}-rshd" + +# The packages tftpd, telnetd and rshd conflict with the ones +# provided by netkit, so add the corresponding -dbg packages +# for them to avoid the confliction between the dbg package +# of inetutils and netkit. +PACKAGES =+ "${PN}-tftpd-dbg ${PN}-telnetd-dbg ${PN}-rshd-dbg" +NOAUTOPACKAGEDEBUG = "1" + +ALTERNATIVE_PRIORITY = "79" +ALTERNATIVE_${PN} = "whois" +ALTERNATIVE_LINK_NAME[uucpd] = "${sbindir}/in.uucpd" + +ALTERNATIVE_PRIORITY_${PN}-logger = "60" +ALTERNATIVE_${PN}-logger = "logger" +ALTERNATIVE_${PN}-syslogd = "syslogd" +ALTERNATIVE_LINK_NAME[syslogd] = "${base_sbindir}/syslogd" + +ALTERNATIVE_${PN}-ftp = "ftp" +ALTERNATIVE_${PN}-ftpd = "ftpd" +ALTERNATIVE_${PN}-tftp = "tftp" +ALTERNATIVE_${PN}-tftpd = "tftpd" +ALTERNATIVE_LINK_NAME[tftpd] = "${sbindir}/tftpd" +ALTERNATIVE_TARGET[tftpd] = "${sbindir}/in.tftpd" + +ALTERNATIVE_${PN}-telnet = "telnet" +ALTERNATIVE_${PN}-telnetd = "telnetd" +ALTERNATIVE_LINK_NAME[telnetd] = "${sbindir}/telnetd" +ALTERNATIVE_TARGET[telnetd] = "${sbindir}/in.telnetd" + +ALTERNATIVE_${PN}-inetd= "inetd" +ALTERNATIVE_${PN}-traceroute = "traceroute" + +ALTERNATIVE_${PN}-hostname = "hostname" +ALTERNATIVE_LINK_NAME[hostname] = "${base_bindir}/hostname" + +ALTERNATIVE_${PN}-doc = "hostname.1 dnsdomainname.1 logger.1 syslogd.8" +ALTERNATIVE_LINK_NAME[hostname.1] = "${mandir}/man1/hostname.1" +ALTERNATIVE_LINK_NAME[dnsdomainname.1] = "${mandir}/man1/dnsdomainname.1" +ALTERNATIVE_LINK_NAME[logger.1] = "${mandir}/man1/logger.1" +ALTERNATIVE_LINK_NAME[syslogd.8] = "${mandir}/man8/syslogd.8" + +ALTERNATIVE_${PN}-ifconfig = "ifconfig" +ALTERNATIVE_LINK_NAME[ifconfig] = "${base_sbindir}/ifconfig" + +ALTERNATIVE_${PN}-ping = "ping" +ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" + +ALTERNATIVE_${PN}-ping6 = "${@bb.utils.filter('PACKAGECONFIG', 'ping6', d)}" +ALTERNATIVE_LINK_NAME[ping6] = "${base_bindir}/ping6" + + +FILES_${PN}-dbg += "${base_bindir}/.debug ${base_sbindir}/.debug ${bindir}/.debug ${sbindir}/.debug" +FILES_${PN}-ping = "${base_bindir}/ping.${BPN}" +FILES_${PN}-ping6 = "${base_bindir}/ping6.${BPN}" +FILES_${PN}-hostname = "${base_bindir}/hostname.${BPN}" +FILES_${PN}-ifconfig = "${base_sbindir}/ifconfig.${BPN}" +FILES_${PN}-traceroute = "${bindir}/traceroute.${BPN}" +FILES_${PN}-logger = "${bindir}/logger.${BPN}" + +FILES_${PN}-syslogd = "${base_sbindir}/syslogd.${BPN}" +RCONFLICTS_${PN}-syslogd = "rsyslog busybox-syslog sysklogd syslog-ng" + +FILES_${PN}-ftp = "${bindir}/ftp.${BPN}" + +FILES_${PN}-tftp = "${bindir}/tftp.${BPN}" +FILES_${PN}-telnet = "${bindir}/telnet.${BPN}" + +# We make us of RCONFLICTS / RPROVIDES here rather than using the normal +# alternatives method as this leads to packaging QA issues when using +# musl as that library does not provide what these applications need to +# build. +FILES_${PN}-rsh = "${bindir}/rsh ${bindir}/rlogin ${bindir}/rexec ${bindir}/rcp" +RCONFLICTS_${PN}-rsh += "netkit-rsh-client" +RPROVIDES_${PN}-rsh = "rsh" + +FILES_${PN}-rshd = "${sbindir}/in.rshd ${sbindir}/in.rlogind ${sbindir}/in.rexecd \ + ${sysconfdir}/xinetd.d/rsh ${sysconfdir}/xinetd.d/rlogin ${sysconfdir}/xinetd.d/rexec" +FILES_${PN}-rshd-dbg = "${sbindir}/.debug/in.rshd ${sbindir}/.debug/in.rlogind ${sbindir}/.debug/in.rexecd" +RDEPENDS_${PN}-rshd += "xinetd tcp-wrappers" +RCONFLICTS_${PN}-rshd += "netkit-rshd-server" +RPROVIDES_${PN}-rshd = "rshd" + +FILES_${PN}-ftpd = "${bindir}/ftpd.${BPN}" +FILES_${PN}-ftpd-dbg = "${bindir}/.debug/ftpd.${BPN}" +RDEPENDS_${PN}-ftpd += "xinetd" + +FILES_${PN}-tftpd = "${sbindir}/in.tftpd ${sysconfdir}/xinetd.d/tftpd" +FILES_${PN}-tftpd-dbg = "${sbindir}/.debug/in.tftpd" +RCONFLICTS_${PN}-tftpd += "netkit-tftpd" +RDEPENDS_${PN}-tftpd += "xinetd" + +FILES_${PN}-telnetd = "${sbindir}/in.telnetd ${sysconfdir}/xinetd.d/telnet" +FILES_${PN}-telnetd-dbg = "${sbindir}/.debug/in.telnetd" +RCONFLICTS_${PN}-telnetd += "netkit-telnet" +RPROVIDES_${PN}-telnetd = "telnetd" +RDEPENDS_${PN}-telnetd += "xinetd" + +FILES_${PN}-inetd = "${bindir}/inetd.${BPN}" + +RDEPENDS_${PN} = "xinetd" diff --git a/meta/recipes-connectivity/iproute2/iproute2.inc b/meta/recipes-connectivity/iproute2/iproute2.inc index 63e7ca9e83..fc31b8444e 100644 --- a/meta/recipes-connectivity/iproute2/iproute2.inc +++ b/meta/recipes-connectivity/iproute2/iproute2.inc @@ -9,16 +9,23 @@ LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ file://ip/ip.c;beginline=3;endline=8;md5=689d691d0410a4b64d3899f8d6e31817" -DEPENDS = "flex-native bison-native iptables elfutils" +DEPENDS = "flex-native bison-native iptables libcap" -inherit update-alternatives bash-completion +inherit update-alternatives bash-completion pkgconfig -EXTRA_OEMAKE = "CC='${CC}' KERNEL_INCLUDE=${STAGING_INCDIR} DOCDIR=${docdir}/iproute2 SUBDIRS='lib tc ip bridge misc genl' SBINDIR='${base_sbindir}' LIBDIR='${libdir}'" +CLEANBROKEN = "1" + +PACKAGECONFIG ??= "tipc elf" +PACKAGECONFIG[tipc] = ",,libmnl," +PACKAGECONFIG[elf] = ",,elfutils," + +EXTRA_OEMAKE = "CC='${CC}' KERNEL_INCLUDE=${STAGING_INCDIR} DOCDIR=${docdir}/iproute2 SUBDIRS='lib tc ip bridge misc genl \ + ${@bb.utils.contains('PACKAGECONFIG', 'tipc', 'tipc', '', d)}' SBINDIR='${base_sbindir}' LIBDIR='${libdir}'" do_configure_append () { sh configure ${STAGING_INCDIR} # Explicitly disable ATM support - sed -i -e '/TC_CONFIG_ATM/d' Config + sed -i -e '/TC_CONFIG_ATM/d' config.mk } do_install () { @@ -32,17 +39,31 @@ do_install () { # The .so files in iproute2-tc are modules, not traditional libraries INSANE_SKIP_${PN}-tc = "dev-so" -PACKAGES =+ "${PN}-tc ${PN}-lnstat ${PN}-ifstat ${PN}-genl ${PN}-rtacct ${PN}-nstat ${PN}-ss" +PACKAGES =+ "${PN}-tc \ + ${PN}-lnstat \ + ${PN}-ifstat \ + ${PN}-genl \ + ${PN}-rtacct \ + ${PN}-nstat \ + ${PN}-ss \ + ${@bb.utils.contains('PACKAGECONFIG', 'tipc', '${PN}-tipc', '', d)}" FILES_${PN}-tc = "${base_sbindir}/tc* \ ${libdir}/tc/*.so" -FILES_${PN}-lnstat = "${base_sbindir}/lnstat ${base_sbindir}/ctstat ${base_sbindir}/rtstat" +FILES_${PN}-lnstat = "${base_sbindir}/lnstat \ + ${base_sbindir}/ctstat \ + ${base_sbindir}/rtstat" FILES_${PN}-ifstat = "${base_sbindir}/ifstat" FILES_${PN}-genl = "${base_sbindir}/genl" FILES_${PN}-rtacct = "${base_sbindir}/rtacct" FILES_${PN}-nstat = "${base_sbindir}/nstat" FILES_${PN}-ss = "${base_sbindir}/ss" +FILES_${PN}-tipc = "${base_sbindir}/tipc" ALTERNATIVE_${PN} = "ip" ALTERNATIVE_TARGET[ip] = "${base_sbindir}/ip.${BPN}" ALTERNATIVE_LINK_NAME[ip] = "${base_sbindir}/ip" ALTERNATIVE_PRIORITY = "100" + +ALTERNATIVE_${PN}-tc = "tc" +ALTERNATIVE_LINK_NAME[tc] = "${base_sbindir}/tc" +ALTERNATIVE_PRIORITY_${PN}-tc = "100" diff --git a/meta/recipes-connectivity/iproute2/iproute2/0001-iproute2-de-bash-scripts.patch b/meta/recipes-connectivity/iproute2/iproute2/0001-iproute2-de-bash-scripts.patch deleted file mode 100644 index 39c7d40319..0000000000 --- a/meta/recipes-connectivity/iproute2/iproute2/0001-iproute2-de-bash-scripts.patch +++ /dev/null @@ -1,64 +0,0 @@ -Subject: [PATCH] iproute2: de-bash scripts - -de-bash these two scripts to make iproute2 not depend on bash. - -Upstream-Status: Pending - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> - ---- - ip/ifcfg | 15 ++++++++------- - ip/rtpr | 2 +- - 2 files changed, 9 insertions(+), 8 deletions(-) - -diff --git a/ip/ifcfg b/ip/ifcfg -index 083d9df..60bcf1f 100644 ---- a/ip/ifcfg -+++ b/ip/ifcfg -@@ -1,12 +1,13 @@ --#! /bin/bash -+#! /bin/sh - - CheckForwarding () { -- local sbase fwd -+ local sbase fwd forwarding - sbase=/proc/sys/net/ipv4/conf - fwd=0 - if [ -d $sbase ]; then - for dir in $sbase/*/forwarding; do -- fwd=$[$fwd + `cat $dir`] -+ forwarding=`cat $dir` -+ fwd=$(($fwd+$forwarding)) - done - else - fwd=2 -@@ -127,12 +128,12 @@ fi - arping -q -A -c 1 -I $dev $ipaddr - noarp=$? - ( sleep 2 ; -- arping -q -U -c 1 -I $dev $ipaddr ) >& /dev/null </dev/null & -+ arping -q -U -c 1 -I $dev $ipaddr ) > /dev/null 2>&1 </dev/null & - --ip route add unreachable 224.0.0.0/24 >& /dev/null --ip route add unreachable 255.255.255.255 >& /dev/null -+ip route add unreachable 224.0.0.0/24 > /dev/null 2>&1 -+ip route add unreachable 255.255.255.255 > /dev/null 2>&1 - if [ `ip link ls $dev | grep -c MULTICAST` -ge 1 ]; then -- ip route add 224.0.0.0/4 dev $dev scope global >& /dev/null -+ ip route add 224.0.0.0/4 dev $dev scope global > /dev/null 2>&1 - fi - - if [ $fwd -eq 0 ]; then -diff --git a/ip/rtpr b/ip/rtpr -index c3629fd..674198d 100644 ---- a/ip/rtpr -+++ b/ip/rtpr -@@ -1,4 +1,4 @@ --#! /bin/bash -+#! /bin/sh - - exec tr "[\\\\]" "[ - ]" --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch b/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch new file mode 100644 index 0000000000..50c4bfb0f2 --- /dev/null +++ b/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch @@ -0,0 +1,41 @@ +From b7d96340c55afb7023ded0041107c63dbd886196 Mon Sep 17 00:00:00 2001 +From: Baruch Siach <baruch@tkos.co.il> +Date: Thu, 22 Dec 2016 15:26:30 +0200 +Subject: [PATCH] libc-compat.h: add musl workaround + +The libc-compat.h kernel header uses glibc specific macros (__GLIBC__ and +__USE_MISC) to solve conflicts with libc provided headers. This patch makes +libc-compat.h work for musl libc as well. + +Upstream-Status: Pending + +Taken From: +https://git.buildroot.net/buildroot/tree/package/iproute2/0001-Add-the-musl-workaround-to-the-libc-compat.h-copy.patch + +Signed-off-by: Baruch Siach <baruch@tkos.co.il> +Signed-off-by: Maxin B. John <maxin.john@intel.com> +--- + include/uapi/linux/libc-compat.h | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/include/uapi/linux/libc-compat.h b/include/uapi/linux/libc-compat.h +index f38571d..30f0b67 100644 +--- a/include/uapi/linux/libc-compat.h ++++ b/include/uapi/linux/libc-compat.h +@@ -49,10 +49,12 @@ + #define _LIBC_COMPAT_H + + /* We have included glibc headers... */ +-#if defined(__GLIBC__) ++#if 1 ++#define __USE_MISC + + /* Coordinate with glibc net/if.h header. */ + #if defined(_NET_IF_H) && defined(__USE_MISC) ++#define __UAPI_DEF_IF_NET_DEVICE_FLAGS_LOWER_UP_DORMANT_ECHO 0 + + /* GLIBC headers included first so don't define anything + * that would already be defined. */ +-- +2.4.0 + diff --git a/meta/recipes-connectivity/iproute2/iproute2/configure-cross.patch b/meta/recipes-connectivity/iproute2/iproute2/configure-cross.patch deleted file mode 100644 index 866609ca99..0000000000 --- a/meta/recipes-connectivity/iproute2/iproute2/configure-cross.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 85b0589b4843c03e8e6fd9416d71ea449a73c5c0 Mon Sep 17 00:00:00 2001 -From: Koen Kooi <koen@dominion.thruhere.net> -Date: Thu, 3 Nov 2011 10:46:16 +0100 -Subject: [PATCH] make configure cross compile safe - -According to Kevin Tian: -Upstream-Status: Pending - -Signed-off-by: Koen Kooi <koen@dominion.thruhere.net> -Signed-off-by: Shane Wang <shane.wang@intel.com> - -Index: iproute2-3.7.0/configure -=================================================================== ---- iproute2-3.7.0.orig/configure -+++ iproute2-3.7.0/configure -@@ -2,6 +2,7 @@ - # This is not an autconf generated configure - # - INCLUDE=${1:-"$PWD/include"} -+SYSROOT=$1 - - # Make a temp directory in build tree. - TMPDIR=$(mktemp -d config.XXXXXX) -@@ -158,7 +159,7 @@ check_ipt_lib_dir() - return - fi - -- for dir in /lib /usr/lib /usr/local/lib -+ for dir in $SYSROOT/lib $SYSROOT/usr/lib $SYSROOT/usr/local/lib - do - for file in $dir/{xtables,iptables}/lib*t_*so ; do - if [ -f $file ]; then diff --git a/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch b/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch deleted file mode 100644 index 8c078f69d0..0000000000 --- a/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch +++ /dev/null @@ -1,85 +0,0 @@ -Subject: [PATCH] Avoid in6_addr redefinition - -Due to both <netinet/in.h> and <linux/in6.h> being included, the -in6_addr is being redefined: once from the C library headers and once -from the kernel headers. This causes some build failures with for -example the musl C library. - -In order to fix this, use just the C library header <netinet/in.h>. -Original patch taken from -http://git.alpinelinux.org/cgit/aports/tree/main/iproute2/musl-fixes.patch. - -(Refreshed the patch for 4.6 release) - -Upstream-Status: Pending - -Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> -Signed-off-by: Maxin B. John <maxin.john@intel.com> ----- -diff -Naur iproute2-4.6.0-orig/include/libiptc/ipt_kernel_headers.h iproute2-4.6.0/include/libiptc/ipt_kernel_headers.h ---- iproute2-4.6.0-orig/include/libiptc/ipt_kernel_headers.h 2016-05-23 12:03:23.821826910 +0300 -+++ iproute2-4.6.0/include/libiptc/ipt_kernel_headers.h 2016-05-23 12:04:23.714078154 +0300 -@@ -6,7 +6,6 @@ - #include <limits.h> - - #include <netinet/ip.h> --#include <netinet/in.h> - #include <netinet/ip_icmp.h> - #include <netinet/tcp.h> - #include <netinet/udp.h> -diff -Naur iproute2-4.6.0-orig/include/linux/if_bridge.h iproute2-4.6.0/include/linux/if_bridge.h ---- iproute2-4.6.0-orig/include/linux/if_bridge.h 2016-05-23 12:03:23.821826910 +0300 -+++ iproute2-4.6.0/include/linux/if_bridge.h 2016-05-23 12:04:23.716078129 +0300 -@@ -15,7 +15,6 @@ - - #include <linux/types.h> - #include <linux/if_ether.h> --#include <linux/in6.h> - - #define SYSFS_BRIDGE_ATTR "bridge" - #define SYSFS_BRIDGE_FDB "brforward" -diff -Naur iproute2-4.6.0-orig/include/linux/netfilter.h iproute2-4.6.0/include/linux/netfilter.h ---- iproute2-4.6.0-orig/include/linux/netfilter.h 2016-05-23 12:03:23.821826910 +0300 -+++ iproute2-4.6.0/include/linux/netfilter.h 2016-05-23 12:04:23.717078117 +0300 -@@ -4,8 +4,6 @@ - #include <linux/types.h> - - #include <linux/sysctl.h> --#include <linux/in.h> --#include <linux/in6.h> - - /* Responses from hook functions. */ - #define NF_DROP 0 -diff -Naur iproute2-4.6.0-orig/include/linux/netfilter_ipv4/ip_tables.h iproute2-4.6.0/include/linux/netfilter_ipv4/ip_tables.h ---- iproute2-4.6.0-orig/include/linux/netfilter_ipv4/ip_tables.h 2016-05-18 21:56:02.000000000 +0300 -+++ iproute2-4.6.0/include/linux/netfilter_ipv4/ip_tables.h 2016-05-23 12:09:22.888337961 +0300 -@@ -17,7 +17,6 @@ - - #include <linux/types.h> - --#include <linux/if.h> - #include <linux/netfilter_ipv4.h> - - #include <linux/netfilter/x_tables.h> -diff -Naur iproute2-4.6.0-orig/include/linux/xfrm.h iproute2-4.6.0/include/linux/xfrm.h ---- iproute2-4.6.0-orig/include/linux/xfrm.h 2016-05-23 12:03:23.821826910 +0300 -+++ iproute2-4.6.0/include/linux/xfrm.h 2016-05-23 12:04:23.718078104 +0300 -@@ -1,7 +1,6 @@ - #ifndef _LINUX_XFRM_H - #define _LINUX_XFRM_H - --#include <linux/in6.h> - #include <linux/types.h> - - /* All of the structures in this file may not change size as they are -diff -Naur iproute2-4.6.0-orig/include/utils.h iproute2-4.6.0/include/utils.h ---- iproute2-4.6.0-orig/include/utils.h 2016-05-23 12:03:23.821826910 +0300 -+++ iproute2-4.6.0/include/utils.h 2016-05-23 12:04:23.718078104 +0300 -@@ -1,6 +1,7 @@ - #ifndef __UTILS_H__ - #define __UTILS_H__ 1 - -+#include <sys/param.h> /* MAXPATHLEN */ - #include <sys/types.h> - #include <asm/types.h> - #include <resolv.h> diff --git a/meta/recipes-connectivity/iproute2/iproute2_4.7.0.bb b/meta/recipes-connectivity/iproute2/iproute2_4.7.0.bb deleted file mode 100644 index 426f989160..0000000000 --- a/meta/recipes-connectivity/iproute2/iproute2_4.7.0.bb +++ /dev/null @@ -1,13 +0,0 @@ -require iproute2.inc - -SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ - file://configure-cross.patch \ - file://0001-iproute2-de-bash-scripts.patch \ - file://iproute2-4.3.0-musl.patch \ - " -SRC_URI[md5sum] = "d4b205830cdc2702f8a0cbd6232129cd" -SRC_URI[sha256sum] = "8f60dbcfb33a79daae0638f53bdcaa4310c0aa59ae39af8a234020dc69bb7b92" - -# CFLAGS are computed in Makefile and reference CCOPTS -# -EXTRA_OEMAKE_append = " CCOPTS='${CFLAGS}'" diff --git a/meta/recipes-connectivity/iproute2/iproute2_5.3.0.bb b/meta/recipes-connectivity/iproute2/iproute2_5.3.0.bb new file mode 100644 index 0000000000..8a86cbf78c --- /dev/null +++ b/meta/recipes-connectivity/iproute2/iproute2_5.3.0.bb @@ -0,0 +1,12 @@ +require iproute2.inc + +SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ + file://0001-libc-compat.h-add-musl-workaround.patch \ + " + +SRC_URI[md5sum] = "227404413c8d6db649d6188ead1e5a6e" +SRC_URI[sha256sum] = "cb1c1e45993a3bd2438543fd4332d70f1726a6e6ff97dc613a8258c993117b3f" + +# CFLAGS are computed in Makefile and reference CCOPTS +# +EXTRA_OEMAKE_append = " CCOPTS='${CFLAGS}'" diff --git a/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/init b/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/init deleted file mode 100755 index 6f29e9c6ed..0000000000 --- a/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/init +++ /dev/null @@ -1,78 +0,0 @@ -#! /bin/sh -### BEGIN INIT INFO -# Provides: irda -# Required-Start: $network $remote_fs -# Required-Stop: $network $remote_fs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Infrared port support -### END INIT INFO - -NAME="irattach" -test -x "$IRDA_DAEMON" || IRDA_DAEMON=/usr/sbin/irattach -test -z "$IRATTACH_PID" && IRATTACH_PID=/var/run/irattach.pid - -# Source function library. -. /etc/init.d/functions - -module_id() { - awk 'BEGIN { FS=": " } /Hardware/ { print $2 } ' </proc/cpuinfo -} - -if [ ! -f /etc/sysconfig/irda ]; then - case `module_id` in - "HP iPAQ H2200" | "HP iPAQ HX4700" | "HTC Universal") - IRDA=yes - DEVICE=/dev/ttyS2 - DONGLE= - DISCOVERY= - ;; - *) - IRDA=yes - DEVICE=/dev/ttyS1 - DONGLE= - DISCOVERY= - ;; - esac -else - . /etc/sysconfig/irda -fi - -# Check that irda is up. -[ ${IRDA} = "no" ] && exit 0 - -[ -f /usr/sbin/irattach ] || exit 0 - -ARGS= -if [ $DONGLE ]; then - ARGS="$ARGS -d $DONGLE" -fi -if [ "$DISCOVERY" = "yes" ];then - ARGS="$ARGS -s" -fi - -case "$1" in - start) - echo -n "Starting IrDA: $NAME" - start-stop-daemon --start --quiet --exec "$IRDA_DAEMON" ${DEVICE} ${ARGS} --pidfile "$IRATTACH_PID" - sleep 1 - [ -f /var/run/irattach.pid ] && echo " done" || echo " fail" - ;; - stop) - echo "Stopping IrDA: $NAME" - start-stop-daemon --stop --quiet --exec "$IRDA_DAEMON" --pidfile "$IRATTACH_PID" - ;; - restart|force-reload) - $0 stop - $0 start - ;; - status) - status irattach - exit $? - ;; - *) - N=/etc/init.d/$NAME - echo "Usage: $N {start|stop|restart|force-reload|status}" >&2 - exit 1 - ;; -esac diff --git a/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/ldflags.patch b/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/ldflags.patch deleted file mode 100644 index e95fe35f8f..0000000000 --- a/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/ldflags.patch +++ /dev/null @@ -1,75 +0,0 @@ -Obey LDFLAGS - -Signed-off-by: Christopher Larson <chris_larson@mentor.com> -Upstream-Status: Pending - ---- irda-utils-0.9.18.orig/findchip/Makefile -+++ irda-utils-0.9.18/findchip/Makefile -@@ -65,5 +65,5 @@ install: findchip - - gfindchip: gfindchip.c - $(prn_cc) -- $(ECMD))$(CC) $(CFLAGS) `gtk-config --cflags` $< -o $@ `gtk-config --libs` -+ $(ECMD)$(CC) $(CFLAGS) $(LDFLAGS) `gtk-config --cflags` $< -o $@ `gtk-config --libs` - ---- irda-utils-0.9.18.orig/irattach/Makefile -+++ irda-utils-0.9.18/irattach/Makefile -@@ -49,13 +49,13 @@ all: $(TARGETS) - - irattach: irattach.o util.o - $(prn_cc_o) -- $(ECMD)$(CC) $(CFLAGS) irattach.o util.o -o $@ -+ $(ECMD)$(CC) $(CFLAGS) $(LDFLAGS) irattach.o util.o -o $@ - - - - dongle_attach: dongle_attach.o - $(prn_cc_o) -- $(ECMD)$(CC) $(CFLAGS) dongle_attach.o -o $@ -+ $(ECMD)$(CC) $(CFLAGS) $(LDFLAGS) dongle_attach.o -o $@ - - - install: $(TARGETS) ---- irda-utils-0.9.18.orig/irdadump/Makefile -+++ irda-utils-0.9.18/irdadump/Makefile -@@ -40,7 +40,7 @@ lib_irdadump.a: $(LIBIRDADUMP_OBJS) - - irdadump: $(IRDADUMP_OBJS) $(LIBIRDADUMP_TARGET) - $(prn_cc_o) -- $(ECMD)$(CC) $(CFLAGS) `pkg-config --libs glib-2.0` -o $(IRDADUMP_TARGET) $< $(LIBIRDADUMP_TARGET) -+ $(ECMD)$(CC) $(CFLAGS) $(LDFLAGS) `pkg-config --libs glib-2.0` -o $(IRDADUMP_TARGET) $< $(LIBIRDADUMP_TARGET) - - - .c.o: ---- irda-utils-0.9.18.orig/irdaping/Makefile -+++ irda-utils-0.9.18/irdaping/Makefile -@@ -56,7 +56,7 @@ all: $(TARGETS) - - irdaping: $(OBJS) - $(prn_cc_o) -- $(ECMD)$(CC) $(CFLAGS) $(OBJS) -o $@ -+ $(ECMD)$(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) -o $@ - - - .c.o: ---- irda-utils-0.9.18.orig/irnetd/Makefile -+++ irda-utils-0.9.18/irnetd/Makefile -@@ -50,7 +50,7 @@ all: $(TARGETS) - - irnetd: $(OBJS) - $(prn_cc_o) -- $(ECMD)$(CC) $(CFLAGS) $(OBJS) -o $@ -+ $(ECMD)$(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) -o $@ - - - install: irnetd ---- irda-utils-0.9.18.orig/psion/Makefile -+++ irda-utils-0.9.18/psion/Makefile -@@ -25,4 +25,4 @@ install: $(PSION_TARGETS) - CFLAGS += -g -I../include -Wall -Wstrict-prototypes $(RPM_OPT_FLAGS) - irpsion5: - $(prn_cc_o) -- $(ECMD)$(CC) $(CFLAGS) $(PSION_SRC) -o $@ -\ No newline at end of file -+ $(ECMD)$(CC) $(CFLAGS) $(LDFLAGS) $(PSION_SRC) -o $@ -\ No newline at end of file diff --git a/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch b/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch deleted file mode 100644 index 97eb975023..0000000000 --- a/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch +++ /dev/null @@ -1,29 +0,0 @@ -Replace use of <net/if_packet.h> with <linux/if_packet.h>. - -kernel headers <linux/if_packet.h> already provides the -needed definitions, moreover not all libc implementations -provide if_packet.h e.g. musl - -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Upstream-Status: Pending - -Index: irda-utils-0.9.18/irdaping/irdaping.c -=================================================================== ---- irda-utils-0.9.18.orig/irdaping/irdaping.c -+++ irda-utils-0.9.18/irdaping/irdaping.c -@@ -33,7 +33,6 @@ - #include <sys/socket.h> - #include <sys/ioctl.h> - #include <net/if.h> /* For struct ifreq */ --#include <net/if_packet.h> /* For struct sockaddr_pkt */ - #include <net/if_arp.h> /* For ARPHRD_IRDA */ - #include <netinet/if_ether.h> /* For ETH_P_ALL */ - #include <netinet/in.h> /* For htons */ -@@ -46,6 +45,7 @@ - #include <asm/byteorder.h> /* __cpu_to_le32 and co. */ - - #include <linux/types.h> /* For __u8 and co. */ -+#include <linux/if_packet.h> /* For struct sockaddr_pkt */ - #include <irda.h> - - #ifndef AF_IRDA diff --git a/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb b/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb deleted file mode 100644 index 11b2ee9117..0000000000 --- a/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb +++ /dev/null @@ -1,51 +0,0 @@ -SUMMARY = "Common files for IrDA" -DESCRIPTION = "Provides common files needed to use IrDA. \ -IrDA allows communication over Infrared with other devices \ -such as phones and laptops." -HOMEPAGE = "http://irda.sourceforge.net/" -BUGTRACKER = "http://sourceforge.net/p/irda/bugs/" -SECTION = "base" -LICENSE = "GPLv2+" -LIC_FILES_CHKSUM = "file://irdadump/COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ - file://smcinit/COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3 \ - file://man/COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ - file://irdadump/irdadump.c;beginline=1;endline=24;md5=d78b9dce3cd78c2220250c9c7a2be178" - -SRC_URI = "${SOURCEFORGE_MIRROR}/irda/irda-utils-${PV}.tar.gz \ - file://ldflags.patch \ - file://musl.patch \ - file://init" - -SRC_URI[md5sum] = "84dc12aa4c3f61fccb8d8919bf4079bb" -SRC_URI[sha256sum] = "61980551e46b2eaa9e17ad31cbc1a638074611fc33bff34163d10c7a67a9fdc6" - -inherit update-rc.d - -EXTRA_OEMAKE = "\ - 'CC=${CC}' \ - 'LD=${LD}' \ - 'CFLAGS=${CFLAGS}' \ - 'LDFLAGS=${LDFLAGS}' \ - 'SYS_INCLUDES=' \ - 'V=1' \ -" - -INITSCRIPT_NAME = "irattach" -INITSCRIPT_PARAMS = "defaults 20" - -TARGETS ??= "irattach irdaping" -do_compile () { - for t in ${TARGETS}; do - oe_runmake -C $t - done -} - -do_install () { - install -d ${D}${sbindir} - for t in ${TARGETS}; do - oe_runmake -C $t ROOT="${D}" install - done - - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/${INITSCRIPT_NAME} -} diff --git a/meta/recipes-connectivity/iw/iw/separate-objdir.patch b/meta/recipes-connectivity/iw/iw/separate-objdir.patch index 0ea6a52789..eb01a5a14e 100644 --- a/meta/recipes-connectivity/iw/iw/separate-objdir.patch +++ b/meta/recipes-connectivity/iw/iw/separate-objdir.patch @@ -7,29 +7,36 @@ Upstream-Status: Pending Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Maxin B. John <maxin.john@intel.com> --- -diff -Naur iw-4.3-origin/Makefile iw-4.3/Makefile ---- iw-4.3-origin/Makefile 2015-11-20 16:37:58.752077287 +0200 -+++ iw-4.3/Makefile 2015-11-20 16:57:15.510615815 +0200 -@@ -1,5 +1,7 @@ + Makefile | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/Makefile b/Makefile +index 33aaf6a..9030796 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,5 +1,9 @@ MAKEFLAGS += --no-print-directory -- + +SRCDIR ?= $(dir $(lastword $(MAKEFILE_LIST))) +OBJDIR ?= $(PWD) +VPATH = $(SRCDIR) ++ PREFIX ?= /usr SBINDIR ?= $(PREFIX)/sbin MANDIR ?= $(PREFIX)/share/man -@@ -95,11 +97,11 @@ +@@ -103,11 +107,11 @@ VERSION_OBJS := $(filter-out version.o, $(OBJS)) version.c: version.sh $(patsubst %.o,%.c,$(VERSION_OBJS)) nl80211.h iw.h Makefile \ $(wildcard .git/index .git/refs/tags) @$(NQ) ' GEN ' $@ - $(Q)./version.sh $@ + $(Q)cd $(SRCDIR) && ./version.sh $(OBJDIR)/$@ - + %.o: %.c iw.h nl80211.h @$(NQ) ' CC ' $@ -- $(Q)$(CC) $(CFLAGS) -c -o $@ $< -+ $(Q)$(CC) -I$(SRCDIR) $(CFLAGS) -c -o $@ $< - +- $(Q)$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $< ++ $(Q)$(CC) -I$(SRCDIR) $(CFLAGS) $(CPPFLAGS) -c -o $@ $< + ifeq ($(IW_ANDROID_BUILD),) iw: $(OBJS) +-- +2.20.1 (Apple Git-117) diff --git a/meta/recipes-connectivity/iw/iw_4.7.bb b/meta/recipes-connectivity/iw/iw_5.3.bb index e9f414129c..f7f13f5a30 100644 --- a/meta/recipes-connectivity/iw/iw_4.7.bb +++ b/meta/recipes-connectivity/iw/iw_5.3.bb @@ -4,7 +4,7 @@ wireless devices. It supports almost all new drivers that have been added \ to the kernel recently. " HOMEPAGE = "http://wireless.kernel.org/en/users/Documentation/iw" SECTION = "base" -LICENSE = "BSD" +LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=878618a5c4af25e9b93ef0be1a93f774" DEPENDS = "libnl" @@ -14,8 +14,8 @@ SRC_URI = "http://www.kernel.org/pub/software/network/iw/${BP}.tar.gz \ file://separate-objdir.patch \ " -SRC_URI[md5sum] = "19d1edd276b2ac0c6cccfc7ae8d2b732" -SRC_URI[sha256sum] = "758092229f13d691968060a0ad41364ba8eb8da4503626c20233a5b1eb33b4d9" +SRC_URI[md5sum] = "6d4d1c0ee34f3a7bda0e6aafcd7aaf31" +SRC_URI[sha256sum] = "175abbfce86348c0b70e778c13a94c0bfc9abc7a506d2bd608261583aeedf64a" inherit pkgconfig @@ -26,7 +26,6 @@ EXTRA_OEMAKE = "\ 'SBINDIR=${sbindir}' \ 'MANDIR=${mandir}' \ " -B = "${WORKDIR}/build" do_install() { oe_runmake 'DESTDIR=${D}' install diff --git a/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch b/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch deleted file mode 100644 index f63eb90cdc..0000000000 --- a/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch +++ /dev/null @@ -1,56 +0,0 @@ -From bdf01a581d58eb5340e9238d143dbcac9db5b11c Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sat, 30 Jan 2016 19:29:45 +0000 -Subject: [PATCH] check for nss.h - -nss.h may not available on all libc implementations, e.g. musl does not -have this header, this patch detects nss.h presence and defines the data -types that are required if nss.h is missing on platform - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending - - configure.ac | 2 +- - src/nss.c | 11 +++++++++++ - 2 files changed, 12 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index aa66bc6..ce19b07 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -71,7 +71,7 @@ AC_PROG_LIBTOOL - - # Checks for header files. - AC_HEADER_STDC --AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h]) -+AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h nss.h]) - - # Checks for typedefs, structures, and compiler characteristics. - AC_C_CONST -diff --git a/src/nss.c b/src/nss.c -index e48e315..406733b 100644 ---- a/src/nss.c -+++ b/src/nss.c -@@ -29,7 +29,18 @@ - #include <assert.h> - #include <netdb.h> - #include <sys/socket.h> -+#ifdef HAVE_NSS_H - #include <nss.h> -+#else -+enum nss_status { -+ NSS_STATUS_TRYAGAIN = -2, -+ NSS_STATUS_UNAVAIL, -+ NSS_STATUS_NOTFOUND, -+ NSS_STATUS_SUCCESS, -+ NSS_STATUS_RETURN -+}; -+#endif -+ - #include <stdio.h> - #include <stdlib.h> - --- -2.7.0 - diff --git a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb index 8d2feec769..953505971a 100644 --- a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb +++ b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb @@ -9,7 +9,6 @@ DEPENDS = "avahi" PR = "r7" SRC_URI = "http://0pointer.de/lennart/projects/nss-mdns/nss-mdns-${PV}.tar.gz \ - file://0001-check-for-nss.h.patch \ " SRC_URI[md5sum] = "03938f17646efbb50aa70ba5f99f51d7" @@ -17,8 +16,12 @@ SRC_URI[sha256sum] = "1e683c2e7c3921814706d62fbbd3e9cbf493a75fa00255e0e715508d81 S = "${WORKDIR}/nss-mdns-${PV}" +localstatedir = "/" + inherit autotools +COMPATIBLE_HOST_libc-musl = 'null' + EXTRA_OECONF = "--libdir=${base_libdir} --disable-lynx --enable-avahi" # suppress warning, but don't bother with autonamer @@ -28,13 +31,16 @@ DEBIANNAME_${PN} = "libnss-mdns" RDEPENDS_${PN} = "avahi-daemon" pkg_postinst_${PN} () { - sed -e '/^hosts:/s/\s*\<mdns\>//' \ - -e 's/\(^hosts:.*\)\(\<files\>\)\(.*\)\(\<dns\>\)\(.*\)/\1\2 mdns4_minimal [NOTFOUND=return]\3\4 mdns\5/' \ - -i $D${sysconfdir}/nsswitch.conf + sed ' + /^hosts:/ !b + /\<mdns\(4\|6\)\?\(_minimal\)\?\>/ b + s/\([[:blank:]]\+\)dns\>/\1mdns4_minimal [NOTFOUND=return] dns/g + ' -i $D${sysconfdir}/nsswitch.conf } pkg_prerm_${PN} () { - sed -e '/^hosts:/s/\s*\<mdns\>//' \ - -e '/^hosts:/s/\s*mdns4_minimal\s\+\[NOTFOUND=return\]//' \ - -i $D${sysconfdir}/nsswitch.conf + sed ' + /^hosts:/ !b + s/[[:blank:]]\+mdns\(4\|6\)\?\(_minimal\( \[NOTFOUND=return\]\)\?\)\?//g + ' -i $D${sysconfdir}/nsswitch.conf } diff --git a/meta/recipes-connectivity/libpcap/libpcap.inc b/meta/recipes-connectivity/libpcap/libpcap.inc deleted file mode 100644 index 7b29a52dcd..0000000000 --- a/meta/recipes-connectivity/libpcap/libpcap.inc +++ /dev/null @@ -1,43 +0,0 @@ -SUMMARY = "Interface for user-level network packet capture" -DESCRIPTION = "Libpcap provides a portable framework for low-level network \ -monitoring. Libpcap can provide network statistics collection, \ -security monitoring and network debugging." -HOMEPAGE = "http://www.tcpdump.org/" -BUGTRACKER = "http://sourceforge.net/tracker/?group_id=53067&atid=469577" -SECTION = "libs/network" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \ - file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2" -DEPENDS = "flex-native bison-native" - -INC_PR = "r5" - -SRC_URI = "http://www.tcpdump.org/release/${BP}.tar.gz" - -BINCONFIG = "${bindir}/pcap-config" - -inherit autotools binconfig-disabled pkgconfig bluetooth - -EXTRA_OECONF = "--with-pcap=linux" - -PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', '${BLUEZ}', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)} \ -" -PACKAGECONFIG[bluez4] = "--enable-bluetooth,--disable-bluetooth,bluez4" -# Add a dummy PACKAGECONFIG for bluez5 since it is not supported by libpcap. -PACKAGECONFIG[bluez5] = ",," -PACKAGECONFIG[canusb] = "--enable-canusb,--enable-canusb=no,libusb" -PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," -PACKAGECONFIG[libnl] = "--with-libnl,--without-libnl,libnl" - -CPPFLAGS_prepend = "-I${S} " -CFLAGS_prepend = "-I${S} " -CXXFLAGS_prepend = "-I${S} " - -do_configure_prepend () { - if [ ! -e ${S}/acinclude.m4 ]; then - cat ${S}/aclocal.m4 > ${S}/acinclude.m4 - fi - sed -i -e's,^V_RPATH_OPT=.*$,V_RPATH_OPT=,' ${S}/pcap-config.in -} diff --git a/meta/recipes-connectivity/libpcap/libpcap/aclocal.patch b/meta/recipes-connectivity/libpcap/libpcap/aclocal.patch deleted file mode 100644 index 21519825c3..0000000000 --- a/meta/recipes-connectivity/libpcap/libpcap/aclocal.patch +++ /dev/null @@ -1,167 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - -diff -ruN libpcap-1.1.1-orig/aclocal.m4 libpcap-1.1.1/aclocal.m4 ---- libpcap-1.1.1-orig/aclocal.m4 2010-06-29 10:46:32.815117569 +0800 -+++ libpcap-1.1.1/aclocal.m4 2010-06-29 10:49:17.150149949 +0800 -@@ -37,7 +37,7 @@ - dnl AC_LBL_C_INIT. Now, we run AC_LBL_C_INIT_BEFORE_CC, AC_PROG_CC, - dnl and AC_LBL_C_INIT at the top level. - dnl --AC_DEFUN(AC_LBL_C_INIT_BEFORE_CC, -+AC_DEFUN([AC_LBL_C_INIT_BEFORE_CC], - [ - AC_BEFORE([$0], [AC_LBL_C_INIT]) - AC_BEFORE([$0], [AC_PROG_CC]) -@@ -90,7 +90,7 @@ - dnl LDFLAGS - dnl LBL_CFLAGS - dnl --AC_DEFUN(AC_LBL_C_INIT, -+AC_DEFUN([AC_LBL_C_INIT], - [ - AC_BEFORE([$0], [AC_LBL_FIXINCLUDES]) - AC_BEFORE([$0], [AC_LBL_DEVEL]) -@@ -217,7 +217,7 @@ - dnl V_SONAME_OPT - dnl V_RPATH_OPT - dnl --AC_DEFUN(AC_LBL_SHLIBS_INIT, -+AC_DEFUN([AC_LBL_SHLIBS_INIT], - [AC_PREREQ(2.50) - if test "$GCC" = yes ; then - # -@@ -361,7 +361,7 @@ - # Make sure we use the V_CCOPT flags, because some of those might - # disable inlining. - # --AC_DEFUN(AC_LBL_C_INLINE, -+AC_DEFUN([AC_LBL_C_INLINE], - [AC_MSG_CHECKING(for inline) - save_CFLAGS="$CFLAGS" - CFLAGS="$V_CCOPT" -@@ -407,7 +407,7 @@ - dnl - dnl AC_LBL_FIXINCLUDES - dnl --AC_DEFUN(AC_LBL_FIXINCLUDES, -+AC_DEFUN([AC_LBL_FIXINCLUDES], - [if test "$GCC" = yes ; then - AC_MSG_CHECKING(for ANSI ioctl definitions) - AC_CACHE_VAL(ac_cv_lbl_gcc_fixincludes, -@@ -453,7 +453,7 @@ - dnl $2 (yacc appended) - dnl $3 (optional flex and bison -P prefix) - dnl --AC_DEFUN(AC_LBL_LEX_AND_YACC, -+AC_DEFUN([AC_LBL_LEX_AND_YACC], - [AC_ARG_WITH(flex, [ --without-flex don't use flex]) - AC_ARG_WITH(bison, [ --without-bison don't use bison]) - if test "$with_flex" = no ; then -@@ -506,7 +506,7 @@ - dnl - dnl DECLWAITSTATUS (defined) - dnl --AC_DEFUN(AC_LBL_UNION_WAIT, -+AC_DEFUN([AC_LBL_UNION_WAIT], - [AC_MSG_CHECKING(if union wait is used) - AC_CACHE_VAL(ac_cv_lbl_union_wait, - AC_TRY_COMPILE([ -@@ -535,7 +535,7 @@ - dnl - dnl HAVE_SOCKADDR_SA_LEN (defined) - dnl --AC_DEFUN(AC_LBL_SOCKADDR_SA_LEN, -+AC_DEFUN([AC_LBL_SOCKADDR_SA_LEN], - [AC_MSG_CHECKING(if sockaddr struct has the sa_len member) - AC_CACHE_VAL(ac_cv_lbl_sockaddr_has_sa_len, - AC_TRY_COMPILE([ -@@ -560,7 +560,7 @@ - dnl - dnl HAVE_SOCKADDR_STORAGE (defined) - dnl --AC_DEFUN(AC_LBL_SOCKADDR_STORAGE, -+AC_DEFUN([AC_LBL_SOCKADDR_STORAGE], - [AC_MSG_CHECKING(if sockaddr_storage struct exists) - AC_CACHE_VAL(ac_cv_lbl_has_sockaddr_storage, - AC_TRY_COMPILE([ -@@ -593,7 +593,7 @@ - dnl won't be using code that would use that member, or we wouldn't - dnl compile in any case). - dnl --AC_DEFUN(AC_LBL_HP_PPA_INFO_T_DL_MODULE_ID_1, -+AC_DEFUN([AC_LBL_HP_PPA_INFO_T_DL_MODULE_ID_1], - [AC_MSG_CHECKING(if dl_hp_ppa_info_t struct has dl_module_id_1 member) - AC_CACHE_VAL(ac_cv_lbl_dl_hp_ppa_info_t_has_dl_module_id_1, - AC_TRY_COMPILE([ -@@ -619,7 +619,7 @@ - dnl - dnl ac_cv_lbl_have_run_path (yes or no) - dnl --AC_DEFUN(AC_LBL_HAVE_RUN_PATH, -+AC_DEFUN([AC_LBL_HAVE_RUN_PATH], - [AC_MSG_CHECKING(for ${CC-cc} -R) - AC_CACHE_VAL(ac_cv_lbl_have_run_path, - [echo 'main(){}' > conftest.c -@@ -644,7 +644,7 @@ - dnl - dnl LBL_ALIGN (DEFINED) - dnl --AC_DEFUN(AC_LBL_UNALIGNED_ACCESS, -+AC_DEFUN([AC_LBL_UNALIGNED_ACCESS], - [AC_MSG_CHECKING(if unaligned accesses fail) - AC_CACHE_VAL(ac_cv_lbl_unaligned_fail, - [case "$host_cpu" in -@@ -749,7 +749,7 @@ - dnl HAVE_OS_PROTO_H (defined) - dnl os-proto.h (symlinked) - dnl --AC_DEFUN(AC_LBL_DEVEL, -+AC_DEFUN([AC_LBL_DEVEL], - [rm -f os-proto.h - if test "${LBL_CFLAGS+set}" = set; then - $1="$$1 ${LBL_CFLAGS}" -@@ -886,7 +886,7 @@ - dnl statically and happen to have a libresolv.a lying around (and no - dnl libnsl.a). - dnl --AC_DEFUN(AC_LBL_LIBRARY_NET, [ -+AC_DEFUN([AC_LBL_LIBRARY_NET], [ - # Most operating systems have gethostbyname() in the default searched - # libraries (i.e. libc): - # Some OSes (eg. Solaris) place it in libnsl -@@ -909,7 +909,7 @@ - dnl Test for __attribute__ - dnl - --AC_DEFUN(AC_C___ATTRIBUTE__, [ -+AC_DEFUN([AC_C___ATTRIBUTE__], [ - AC_MSG_CHECKING(for __attribute__) - AC_CACHE_VAL(ac_cv___attribute__, [ - AC_COMPILE_IFELSE( -@@ -947,7 +947,7 @@ - dnl - dnl -Scott Barron - dnl --AC_DEFUN(AC_LBL_TPACKET_STATS, -+AC_DEFUN([AC_LBL_TPACKET_STATS], - [AC_MSG_CHECKING(if if_packet.h has tpacket_stats defined) - AC_CACHE_VAL(ac_cv_lbl_tpacket_stats, - AC_TRY_COMPILE([ -@@ -976,7 +976,7 @@ - dnl doesn't have that member (which is OK, as either we won't be using - dnl code that would use that member, or we wouldn't compile in any case). - dnl --AC_DEFUN(AC_LBL_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI, -+AC_DEFUN([AC_LBL_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI], - [AC_MSG_CHECKING(if tpacket_auxdata struct has tp_vlan_tci member) - AC_CACHE_VAL(ac_cv_lbl_dl_hp_ppa_info_t_has_dl_module_id_1, - AC_TRY_COMPILE([ -@@ -1003,7 +1003,7 @@ - dnl - dnl HAVE_DLPI_PASSIVE (defined) - dnl --AC_DEFUN(AC_LBL_DL_PASSIVE_REQ_T, -+AC_DEFUN([AC_LBL_DL_PASSIVE_REQ_T], - [AC_MSG_CHECKING(if dl_passive_req_t struct exists) - AC_CACHE_VAL(ac_cv_lbl_has_dl_passive_req_t, - AC_TRY_COMPILE([ diff --git a/meta/recipes-connectivity/libpcap/libpcap/libpcap-pkgconfig-support.patch b/meta/recipes-connectivity/libpcap/libpcap/libpcap-pkgconfig-support.patch deleted file mode 100644 index b8615135b0..0000000000 --- a/meta/recipes-connectivity/libpcap/libpcap/libpcap-pkgconfig-support.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 8887132e85892a72a84ca3878e60f254ad2ce939 Mon Sep 17 00:00:00 2001 -From: Joe MacDonald <joe_macdonald@mentor.com> -Date: Tue, 24 Feb 2015 15:56:06 -0500 -Subject: [PATCH] libpcap: pkgconfig support - -Adding basic structure to support pkg-config. - -Upstream-Status: Inappropriate [embedded specific] - -Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> ---- - Makefile.in | 5 +++++ - configure.in | 1 + - libpcap.pc.in | 10 ++++++++++ - 3 files changed, 16 insertions(+) - create mode 100644 libpcap.pc.in - -diff --git a/Makefile.in b/Makefile.in -index 1c2d745..1f25faf 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -60,6 +60,10 @@ V_RPATH_OPT = @V_RPATH_OPT@ - DEPENDENCY_CFLAG = @DEPENDENCY_CFLAG@ - PROG=libpcap - -+# pkgconfig support -+pkgconfigdir = $(libdir)/pkgconfig -+pkgconfig_DATA = libpcap.pc -+ - # Standard CFLAGS - FULL_CFLAGS = $(CCOPT) $(INCLS) $(DEFS) $(CFLAGS) - -@@ -275,6 +279,7 @@ EXTRA_DIST = \ - lbl/os-solaris2.h \ - lbl/os-sunos4.h \ - lbl/os-ultrix4.h \ -+ libpcap.pc \ - missing/snprintf.c \ - mkdep \ - msdos/bin2c.c \ -diff --git a/configure.in b/configure.in -index 8f5c86b..fb51b35 100644 ---- a/configure.in -+++ b/configure.in -@@ -1700,6 +1700,7 @@ esac - AC_PROG_INSTALL - - AC_CONFIG_HEADER(config.h) -+AC_CONFIG_FILES([libpcap.pc]) - - AC_OUTPUT_COMMANDS([if test -f .devel; then - echo timestamp > stamp-h -diff --git a/libpcap.pc.in b/libpcap.pc.in -new file mode 100644 -index 0000000..4f78ad8 ---- /dev/null -+++ b/libpcap.pc.in -@@ -0,0 +1,10 @@ -+prefix=@prefix@ -+exec_prefix=@exec_prefix@ -+libdir=@libdir@ -+includedir=@includedir@ -+ -+Name: libpcap -+Description: System-independent interface for user-level packet capture. -+Version: @VERSION@ -+Libs: -L${libdir} -lpcap -+Cflags: -I${includedir} --- -1.9.1 - diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.7.4.bb b/meta/recipes-connectivity/libpcap/libpcap_1.7.4.bb deleted file mode 100644 index 8d12b25213..0000000000 --- a/meta/recipes-connectivity/libpcap/libpcap_1.7.4.bb +++ /dev/null @@ -1,26 +0,0 @@ -require libpcap.inc - -SRC_URI += "file://aclocal.patch \ - file://libpcap-pkgconfig-support.patch \ - " -SRC_URI[md5sum] = "b2e13142bbaba857ab1c6894aedaf547" -SRC_URI[sha256sum] = "7ad3112187e88328b85e46dce7a9b949632af18ee74d97ffc3f2b41fe7f448b0" - -# -# make install doesn't cover the shared lib -# make install-shared is just broken (no symlinks) -# - -do_configure_prepend () { - #remove hardcoded references to /usr/include - sed 's|\([ "^'\''I]\+\)/usr/include/|\1${STAGING_INCDIR}/|g' -i ${S}/configure.in -} - -do_install_prepend () { - install -d ${D}${libdir} - install -d ${D}${bindir} - oe_runmake install-shared DESTDIR=${D} - oe_libinstall -a -so libpcap ${D}${libdir} - sed "s|@VERSION@|${PV}|" -i ${B}/libpcap.pc - install -D -m 0644 libpcap.pc ${D}${libdir}/pkgconfig/libpcap.pc -} diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.9.1.bb b/meta/recipes-connectivity/libpcap/libpcap_1.9.1.bb new file mode 100644 index 0000000000..35bb5650b3 --- /dev/null +++ b/meta/recipes-connectivity/libpcap/libpcap_1.9.1.bb @@ -0,0 +1,44 @@ +SUMMARY = "Interface for user-level network packet capture" +DESCRIPTION = "Libpcap provides a portable framework for low-level network \ +monitoring. Libpcap can provide network statistics collection, \ +security monitoring and network debugging." +HOMEPAGE = "http://www.tcpdump.org/" +BUGTRACKER = "http://sourceforge.net/tracker/?group_id=53067&atid=469577" +SECTION = "libs/network" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \ + file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2" +DEPENDS = "flex-native bison-native" + +SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \ + " +SRC_URI[md5sum] = "21af603d9a591c7d96a6457021d84e6c" +SRC_URI[sha256sum] = "635237637c5b619bcceba91900666b64d56ecb7be63f298f601ec786ce087094" + +inherit autotools binconfig-disabled pkgconfig + +BINCONFIG = "${bindir}/pcap-config" + +# Explicitly disable dag support. We don't have recipe for it and if enabled here, +# configure script poisons the include dirs with /usr/local/include even when the +# support hasn't been detected. +EXTRA_OECONF = " \ + --with-pcap=linux \ + --without-dag \ + " +EXTRA_AUTORECONF += "--exclude=aclocal" + +PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez5', '', d)} \ + ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ +" +PACKAGECONFIG[bluez5] = "--enable-bluetooth,--disable-bluetooth,bluez5" +PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," +PACKAGECONFIG[libnl] = "--with-libnl,--without-libnl,libnl" + +do_configure_prepend () { + #remove hardcoded references to /usr/include + sed 's|\([ "^'\''I]\+\)/usr/include/|\1${STAGING_INCDIR}/|g' -i ${S}/configure.ac +} + +BBCLASSEXTEND = "native" diff --git a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index bd488eb089..0b0bbab168 100644 --- a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -1,12 +1,15 @@ SUMMARY = "Mobile Broadband Service Provider Database" +HOMEPAGE = "http://live.gnome.org/NetworkManager/MobileBroadband/ServiceProviders" SECTION = "network" LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" -SRCREV = "519465766fabc85b9fdea5f2b5ee3d08c2b1f70d" -PV = "20151214" +SRCREV = "22b49d86fb7aded2c195a9d49e5924da696b3228" +PV = "20190618" PE = "1" -SRC_URI = "git://git.gnome.org/mobile-broadband-provider-info" +SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https" S = "${WORKDIR}/git" inherit autotools + +DEPENDS += "libxslt-native" diff --git a/meta/recipes-connectivity/neard/neard/0001-Add-header-dependency-to-nciattach.o.patch b/meta/recipes-connectivity/neard/neard/0001-Add-header-dependency-to-nciattach.o.patch new file mode 100644 index 0000000000..d8e8a5e5da --- /dev/null +++ b/meta/recipes-connectivity/neard/neard/0001-Add-header-dependency-to-nciattach.o.patch @@ -0,0 +1,35 @@ +From affaa2021a54c30353e4e1fee09c13a4de2196be Mon Sep 17 00:00:00 2001 +From: Jussi Kukkonen <jussi.kukkonen@intel.com> +Date: Fri, 17 Mar 2017 14:24:29 +0200 +Subject: [PATCH] Add header dependency to nciattach.o + +This can happen when compiling nciattach.o: + +| In file included from ../neard-0.16/tools/nciattach.c:47:0: +| ../neard-0.16/src/near.h:30:27: fatal error: near/nfc_copy.h: No such +file or directory +| #include <near/nfc_copy.h> + +Add the missing dependency to local headers. + +Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> +Upstream-Status: Submitted [mailinglist] +--- + Makefile.am | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/Makefile.am b/Makefile.am +index fa552ee..acef6ba 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -253,6 +253,7 @@ se/builtin.h: src/genbuiltin $(builtin_se_sources) + + $(src_neard_OBJECTS) \ + $(tools_nfctool_nfctool_OBJECTS) \ ++$(tools_nciattach_OBJECTS) \ + $(plugin_objects) \ + $(se_seeld_OBJECTS) \ + $(unit_test_ndef_parse_OBJECTS) \ +-- +2.11.0 + diff --git a/meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch b/meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch index 466067693d..6e864079a9 100644 --- a/meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch +++ b/meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch @@ -16,18 +16,15 @@ Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Makefile.am | 1 + 1 file changed, 1 insertion(+) -diff --git a/Makefile.am b/Makefile.am -index 3241311..a43eaa2 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -164,6 +164,7 @@ MAINTAINERCLEANFILES = Makefile.in \ +Index: neard-0.16/Makefile.am +=================================================================== +--- neard-0.16.orig/Makefile.am ++++ neard-0.16/Makefile.am +@@ -244,6 +244,7 @@ SED_PROCESS = $(AM_V_GEN)$(MKDIR_P) $(di src/plugin.$(OBJEXT): src/builtin.h src/builtin.h: src/genbuiltin $(builtin_sources) + $(AM_V_at)$(MKDIR_P) src $(AM_V_GEN)$(srcdir)/src/genbuiltin $(builtin_modules) > $@ - $(src_neard_OBJECTS) \ --- -1.7.9.5 - + se/plugin.$(OBJEXT): se/builtin.h diff --git a/meta/recipes-connectivity/neard/neard_0.16.bb b/meta/recipes-connectivity/neard/neard_0.16.bb index 5433dc3c3e..7c124a3c0b 100644 --- a/meta/recipes-connectivity/neard/neard_0.16.bb +++ b/meta/recipes-connectivity/neard/neard_0.16.bb @@ -9,6 +9,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/nfc/${BP}.tar.xz \ file://neard.in \ file://Makefile.am-fix-parallel-issue.patch \ file://Makefile.am-do-not-ship-version.h.patch \ + file://0001-Add-header-dependency-to-nciattach.o.patch \ " SRC_URI[md5sum] = "5c691fb7872856dc0d909c298bc8cb41" SRC_URI[sha256sum] = "eae3b11c541a988ec11ca94b7deab01080cd5b58cfef3ced6ceac9b6e6e65b36" @@ -17,9 +18,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ file://src/near.h;beginline=1;endline=20;md5=358e4deefef251a4761e1ffacc965d13 \ " -inherit autotools pkgconfig systemd update-rc.d bluetooth +inherit autotools pkgconfig systemd update-rc.d -PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_unitdir}/system/ --with-systemduserunitdir=${systemd_unitdir}/user/,--disable-systemd" @@ -39,7 +40,7 @@ RDEPENDS_${PN} = "dbus" # Bluez & Wifi are not mandatory except for handover RRECOMMENDS_${PN} = "\ - ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', '${BLUEZ}', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez5', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'wifi','wpa-supplicant', '', d)} \ " diff --git a/meta/recipes-connectivity/nfs-utils/libnfsidmap/0001-include-sys-types.h-for-getting-u_-typedefs.patch b/meta/recipes-connectivity/nfs-utils/libnfsidmap/0001-include-sys-types.h-for-getting-u_-typedefs.patch deleted file mode 100644 index 4ac5290440..0000000000 --- a/meta/recipes-connectivity/nfs-utils/libnfsidmap/0001-include-sys-types.h-for-getting-u_-typedefs.patch +++ /dev/null @@ -1,27 +0,0 @@ -From a5e95a42e7bceddc9ecad06694c1a0588f4bafc8 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Tue, 14 Apr 2015 07:22:47 -0700 -Subject: [PATCH] include sys/types.h for getting u_* typedefs - -Upstream-Status: Pending - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - cfg.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/cfg.h b/cfg.h -index d4d4cab..fe49e8f 100644 ---- a/cfg.h -+++ b/cfg.h -@@ -33,6 +33,7 @@ - #ifndef _CONF_H_ - #define _CONF_H_ - -+#include <sys/types.h> - #include "queue.h" - - struct conf_list_node { --- -2.1.4 - diff --git a/meta/recipes-connectivity/nfs-utils/libnfsidmap/Set_nobody_user_group.patch b/meta/recipes-connectivity/nfs-utils/libnfsidmap/Set_nobody_user_group.patch deleted file mode 100644 index 4633da919e..0000000000 --- a/meta/recipes-connectivity/nfs-utils/libnfsidmap/Set_nobody_user_group.patch +++ /dev/null @@ -1,18 +0,0 @@ -Set nobody user and group - -Upstream-Status: Inappropriate [configuration] - -Signed-off-by: Roy.Li <rongqing.li@windriver.com> ---- a/idmapd.conf -+++ b/idmapd.conf -@@ -17,8 +17,8 @@ - - [Mapping] - --#Nobody-User = nobody --#Nobody-Group = nobody -+Nobody-User = nobody -+Nobody-Group = nogroup - - [Translation] - diff --git a/meta/recipes-connectivity/nfs-utils/libnfsidmap/fix-ac-prereq.patch b/meta/recipes-connectivity/nfs-utils/libnfsidmap/fix-ac-prereq.patch deleted file mode 100644 index d81c7c5f32..0000000000 --- a/meta/recipes-connectivity/nfs-utils/libnfsidmap/fix-ac-prereq.patch +++ /dev/null @@ -1,13 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - ---- a/configure.in -+++ b/configure.in -@@ -1,7 +1,7 @@ - # -*- Autoconf -*- - # Process this file with autoconf to produce a configure script. - --AC_PREREQ([2.68]) -+AC_PREREQ([2.65]) - AC_INIT([libnfsidmap],[0.25],[linux-nfs@vger.kernel.org]) - AC_CONFIG_SRCDIR([nfsidmap.h]) - AC_CONFIG_MACRO_DIR([m4]) diff --git a/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb b/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb deleted file mode 100644 index 2565771006..0000000000 --- a/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb +++ /dev/null @@ -1,27 +0,0 @@ -SUMMARY = "NFS id mapping library" -HOMEPAGE = "http://www.citi.umich.edu/projects/nfsv4/linux/" -SECTION = "libs" - -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=d9c6a2a0ca6017fda7cd905ed2739b37" - -SRC_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/${BPN}-${PV}.tar.gz \ - file://fix-ac-prereq.patch \ - file://Set_nobody_user_group.patch \ - file://0001-include-sys-types.h-for-getting-u_-typedefs.patch \ - " - -SRC_URI[md5sum] = "2ac4893c92716add1a1447ae01df77ab" -SRC_URI[sha256sum] = "656d245d84400e1030f8f40a5a27da76370690c4a932baf249110f047fe7efcf" - -UPSTREAM_CHECK_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/" - -inherit autotools - -EXTRA_OECONF = "--disable-ldap" - -do_install_append () { - install -d ${D}${sysconfdir}/ - install -m 0644 ${WORKDIR}/${BPN}-${PV}/idmapd.conf ${D}${sysconfdir}/idmapd.conf -} - diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Don-t-build-tools-with-CC_FOR_BUILD.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Don-t-build-tools-with-CC_FOR_BUILD.patch new file mode 100644 index 0000000000..23bc3eaf72 --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Don-t-build-tools-with-CC_FOR_BUILD.patch @@ -0,0 +1,40 @@ +From 79019d976584c598f8d0a9d8de43c989946f974b Mon Sep 17 00:00:00 2001 +From: Pascal Bach <pascal.bach@siemens.com> +Date: Wed, 13 Feb 2019 09:28:07 +0100 +Subject: [PATCH] Don't build tools with CC_FOR_BUILD + +The tools are intended for the target not for the host. + +Upstream-Status: Pending + +Signed-off-by: Pascal Bach <pascal.bach@siemens.com> +--- + tools/locktest/Makefile.am | 1 - + tools/rpcgen/Makefile.am | 1 - + 2 files changed, 2 deletions(-) + +diff --git a/tools/locktest/Makefile.am b/tools/locktest/Makefile.am +index 3156815..87d0bac 100644 +--- a/tools/locktest/Makefile.am ++++ b/tools/locktest/Makefile.am +@@ -1,6 +1,5 @@ + ## Process this file with automake to produce Makefile.in + +-CC=$(CC_FOR_BUILD) + LIBTOOL = @LIBTOOL@ --tag=CC + + noinst_PROGRAMS = testlk +diff --git a/tools/rpcgen/Makefile.am b/tools/rpcgen/Makefile.am +index 8a9ec89..3e092c9 100644 +--- a/tools/rpcgen/Makefile.am ++++ b/tools/rpcgen/Makefile.am +@@ -1,6 +1,5 @@ + ## Process this file with automake to produce Makefile.in + +-CC=$(CC_FOR_BUILD) + LIBTOOL = @LIBTOOL@ --tag=CC + + noinst_PROGRAMS = rpcgen +-- +2.11.0 + diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Fix-include-order-between-config.h-and-stat.h.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Fix-include-order-between-config.h-and-stat.h.patch new file mode 100644 index 0000000000..7b0f93535f --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Fix-include-order-between-config.h-and-stat.h.patch @@ -0,0 +1,156 @@ +From 2fbc62e2a13fc22b6ae4910e295a2c10fb790486 Mon Sep 17 00:00:00 2001 +From: Zoltan Karcagi <zkr7432@gmail.com> +Date: Mon, 12 Aug 2019 13:27:16 -0400 +Subject: [PATCH] Fix include order between config.h and stat.h + +At least on Arch linux ARM, the definition of struct stat in stat.h depends +on __USE_FILE_OFFSET64. This symbol comes from config.h when defined, +therefore config.h must always be included before stat.h. Fix all +occurrences where the order is wrong by moving config.h to the top. + +This fixes the client side error "Stale file handle" when mounting from +a server running Arch Linux ARM. + +Signed-off-by: Zoltan Karcagi <zkr7432@gmail.com> +Signed-off-by: Steve Dickson <steved@redhat.com> + +Upstream-Status: Backport +[http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commit;h=2fbc62e2a13fc22b6ae4910e295a2c10fb790486] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + support/misc/nfsd_path.c | 5 ++++- + support/misc/xstat.c | 5 ++++- + support/nfs/conffile.c | 8 +++++++- + utils/blkmapd/device-discovery.c | 8 ++++---- + utils/idmapd/idmapd.c | 8 ++++---- + 5 files changed, 23 insertions(+), 11 deletions(-) + +diff --git a/support/misc/nfsd_path.c b/support/misc/nfsd_path.c +index 84e4802..f078a66 100644 +--- a/support/misc/nfsd_path.c ++++ b/support/misc/nfsd_path.c +@@ -1,3 +1,7 @@ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++ + #include <errno.h> + #include <sys/types.h> + #include <sys/stat.h> +@@ -5,7 +9,6 @@ + #include <stdlib.h> + #include <unistd.h> + +-#include "config.h" + #include "conffile.h" + #include "xmalloc.h" + #include "xlog.h" +diff --git a/support/misc/xstat.c b/support/misc/xstat.c +index fa04788..4c997ee 100644 +--- a/support/misc/xstat.c ++++ b/support/misc/xstat.c +@@ -1,3 +1,7 @@ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++ + #include <errno.h> + #include <sys/types.h> + #include <fcntl.h> +@@ -5,7 +9,6 @@ + #include <sys/sysmacros.h> + #include <unistd.h> + +-#include "config.h" + #include "xstat.h" + + #ifdef HAVE_FSTATAT +diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c +index b6400be..6ba8a35 100644 +--- a/support/nfs/conffile.c ++++ b/support/nfs/conffile.c +@@ -500,7 +500,7 @@ conf_readfile(const char *path) + + if ((stat (path, &sb) == 0) || (errno != ENOENT)) { + char *new_conf_addr = NULL; +- size_t sz = sb.st_size; ++ off_t sz; + int fd = open (path, O_RDONLY, 0); + + if (fd == -1) { +@@ -517,6 +517,11 @@ conf_readfile(const char *path) + + /* only after we have the lock, check the file size ready to read it */ + sz = lseek(fd, 0, SEEK_END); ++ if (sz < 0) { ++ xlog_warn("conf_readfile: unable to determine file size: %s", ++ strerror(errno)); ++ goto fail; ++ } + lseek(fd, 0, SEEK_SET); + + new_conf_addr = malloc(sz+1); +@@ -2162,6 +2167,7 @@ conf_write(const char *filename, const char *section, const char *arg, + ret = 0; + + cleanup: ++ flush_outqueue(&inqueue, NULL); + flush_outqueue(&outqueue, NULL); + + if (buff) +diff --git a/utils/blkmapd/device-discovery.c b/utils/blkmapd/device-discovery.c +index e811703..f5f9b10 100644 +--- a/utils/blkmapd/device-discovery.c ++++ b/utils/blkmapd/device-discovery.c +@@ -26,6 +26,10 @@ + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + ++#ifdef HAVE_CONFIG_H ++#include "config.h" ++#endif /* HAVE_CONFIG_H */ ++ + #include <sys/sysmacros.h> + #include <sys/types.h> + #include <sys/stat.h> +@@ -51,10 +55,6 @@ + #include <errno.h> + #include <libdevmapper.h> + +-#ifdef HAVE_CONFIG_H +-#include "config.h" +-#endif /* HAVE_CONFIG_H */ +- + #include "device-discovery.h" + #include "xcommon.h" + #include "nfslib.h" +diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c +index 62e37b8..267acea 100644 +--- a/utils/idmapd/idmapd.c ++++ b/utils/idmapd/idmapd.c +@@ -34,6 +34,10 @@ + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + ++#ifdef HAVE_CONFIG_H ++#include "config.h" ++#endif /* HAVE_CONFIG_H */ ++ + #include <sys/types.h> + #include <sys/time.h> + #include <sys/inotify.h> +@@ -62,10 +66,6 @@ + #include <libgen.h> + #include <nfsidmap.h> + +-#ifdef HAVE_CONFIG_H +-#include "config.h" +-#endif /* HAVE_CONFIG_H */ +- + #include "xlog.h" + #include "conffile.h" + #include "queue.h" +-- +2.7.4 + diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch new file mode 100644 index 0000000000..fcb0e99b33 --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch @@ -0,0 +1,295 @@ +From 690a90a5b7786e40b5447ad7c5f19a7657d27405 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <Mingli.Yu@windriver.com> +Date: Fri, 14 Dec 2018 17:44:32 +0800 +Subject: [PATCH] Makefile.am: fix undefined function for libnsm.a + +The source file of libnsm.a uses some function +in ../support/misc/file.c, add ../support/misc/file.c +to libnsm_a_SOURCES to fix build error when run +"make -C tests statdb_dump": +| ../support/nsm/libnsm.a(file.o): In function `nsm_make_pathname': +| /usr/src/debug/nfs-utils/2.3.3-r0/nfs-utils-2.3.3/support/nsm/file.c:175: undefined reference to `generic_make_pathname' +| /usr/src/debug/nfs-utils/2.3.3-r0/nfs-utils-2.3.3/support/nsm/file.c:175: undefined reference to `generic_make_pathname' +| /usr/src/debug/nfs-utils/2.3.3-r0/nfs-utils-2.3.3/support/nsm/file.c:175: undefined reference to `generic_make_pathname' +| ../support/nsm/libnsm.a(file.o): In function `nsm_setup_pathnames': +| /usr/src/debug/nfs-utils/2.3.3-r0/nfs-utils-2.3.3/support/nsm/file.c:280: undefined reference to `generic_setup_basedir' +| collect2: error: ld returned 1 exit status + +As there is already one source file named file.c +as support/nsm/file.c in support/nsm/Makefile.am, +so rename ../support/misc/file.c to ../support/misc/misc.c. + +Upstream-Status: Submitted[https://marc.info/?l=linux-nfs&m=154502780423058&w=2] + +Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> + +Rebase it. + +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> +--- + support/misc/Makefile.am | 2 +- + support/misc/file.c | 111 --------------------------------------------------------------------------------------------------------------- + support/misc/misc.c | 111 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + support/nsm/Makefile.am | 2 +- + 4 files changed, 113 insertions(+), 113 deletions(-) + +diff --git a/support/misc/Makefile.am b/support/misc/Makefile.am +index f9993e3..8b0e9db 100644 +--- a/support/misc/Makefile.am ++++ b/support/misc/Makefile.am +@@ -1,7 +1,7 @@ + ## Process this file with automake to produce Makefile.in + + noinst_LIBRARIES = libmisc.a +-libmisc_a_SOURCES = tcpwrapper.c from_local.c mountpoint.c file.c \ ++libmisc_a_SOURCES = tcpwrapper.c from_local.c mountpoint.c misc.c \ + nfsd_path.c workqueue.c xstat.c + + MAINTAINERCLEANFILES = Makefile.in +diff --git a/support/misc/file.c b/support/misc/file.c +deleted file mode 100644 +index e7c3819..0000000 +--- a/support/misc/file.c ++++ /dev/null +@@ -1,111 +0,0 @@ +-/* +- * Copyright 2009 Oracle. All rights reserved. +- * Copyright 2017 Red Hat, Inc. All rights reserved. +- * +- * This file is part of nfs-utils. +- * +- * nfs-utils is free software; you can redistribute it and/or modify +- * it under the terms of the GNU General Public License as published by +- * the Free Software Foundation; either version 2 of the License, or +- * (at your option) any later version. +- * +- * nfs-utils is distributed in the hope that it will be useful, +- * but WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- * GNU General Public License for more details. +- * +- * You should have received a copy of the GNU General Public License +- * along with nfs-utils. If not, see <http://www.gnu.org/licenses/>. +- */ +- +-#include <sys/stat.h> +- +-#include <string.h> +-#include <libgen.h> +-#include <stdio.h> +-#include <errno.h> +-#include <dirent.h> +-#include <stdlib.h> +-#include <stdbool.h> +-#include <limits.h> +- +-#include "xlog.h" +-#include "misc.h" +- +-/* +- * Returns a dynamically allocated, '\0'-terminated buffer +- * containing an appropriate pathname, or NULL if an error +- * occurs. Caller must free the returned result with free(3). +- */ +-__attribute__((__malloc__)) +-char * +-generic_make_pathname(const char *base, const char *leaf) +-{ +- size_t size; +- char *path; +- int len; +- +- size = strlen(base) + strlen(leaf) + 2; +- if (size > PATH_MAX) +- return NULL; +- +- path = malloc(size); +- if (path == NULL) +- return NULL; +- +- len = snprintf(path, size, "%s/%s", base, leaf); +- if ((len < 0) || ((size_t)len >= size)) { +- free(path); +- return NULL; +- } +- +- return path; +-} +- +- +-/** +- * generic_setup_basedir - set up basedir +- * @progname: C string containing name of program, for error messages +- * @parentdir: C string containing pathname to on-disk state, or NULL +- * @base: character buffer to contain the basedir that is set up +- * @baselen: size of @base in bytes +- * +- * This runs before logging is set up, so error messages are directed +- * to stderr. +- * +- * Returns true and sets up our basedir, if @parentdir was valid +- * and usable; otherwise false is returned. +- */ +-_Bool +-generic_setup_basedir(const char *progname, const char *parentdir, char *base, +- const size_t baselen) +-{ +- static char buf[PATH_MAX]; +- struct stat st; +- char *path; +- +- /* First: test length of name and whether it exists */ +- if ((strlen(parentdir) >= baselen) || (strlen(parentdir) >= PATH_MAX)) { +- (void)fprintf(stderr, "%s: Directory name too long: %s", +- progname, parentdir); +- return false; +- } +- if (lstat(parentdir, &st) == -1) { +- (void)fprintf(stderr, "%s: Failed to stat %s: %s", +- progname, parentdir, strerror(errno)); +- return false; +- } +- +- /* Ensure we have a clean directory pathname */ +- strncpy(buf, parentdir, sizeof(buf)-1); +- path = dirname(buf); +- if (*path == '.') { +- (void)fprintf(stderr, "%s: Unusable directory %s", +- progname, parentdir); +- return false; +- } +- +- xlog(D_CALL, "Using %s as the state directory", parentdir); +- strcpy(base, parentdir); +- return true; +-} +diff --git a/support/misc/misc.c b/support/misc/misc.c +new file mode 100644 +index 0000000..e7c3819 +--- /dev/null ++++ b/support/misc/misc.c +@@ -0,0 +1,111 @@ ++/* ++ * Copyright 2009 Oracle. All rights reserved. ++ * Copyright 2017 Red Hat, Inc. All rights reserved. ++ * ++ * This file is part of nfs-utils. ++ * ++ * nfs-utils is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * nfs-utils is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with nfs-utils. If not, see <http://www.gnu.org/licenses/>. ++ */ ++ ++#include <sys/stat.h> ++ ++#include <string.h> ++#include <libgen.h> ++#include <stdio.h> ++#include <errno.h> ++#include <dirent.h> ++#include <stdlib.h> ++#include <stdbool.h> ++#include <limits.h> ++ ++#include "xlog.h" ++#include "misc.h" ++ ++/* ++ * Returns a dynamically allocated, '\0'-terminated buffer ++ * containing an appropriate pathname, or NULL if an error ++ * occurs. Caller must free the returned result with free(3). ++ */ ++__attribute__((__malloc__)) ++char * ++generic_make_pathname(const char *base, const char *leaf) ++{ ++ size_t size; ++ char *path; ++ int len; ++ ++ size = strlen(base) + strlen(leaf) + 2; ++ if (size > PATH_MAX) ++ return NULL; ++ ++ path = malloc(size); ++ if (path == NULL) ++ return NULL; ++ ++ len = snprintf(path, size, "%s/%s", base, leaf); ++ if ((len < 0) || ((size_t)len >= size)) { ++ free(path); ++ return NULL; ++ } ++ ++ return path; ++} ++ ++ ++/** ++ * generic_setup_basedir - set up basedir ++ * @progname: C string containing name of program, for error messages ++ * @parentdir: C string containing pathname to on-disk state, or NULL ++ * @base: character buffer to contain the basedir that is set up ++ * @baselen: size of @base in bytes ++ * ++ * This runs before logging is set up, so error messages are directed ++ * to stderr. ++ * ++ * Returns true and sets up our basedir, if @parentdir was valid ++ * and usable; otherwise false is returned. ++ */ ++_Bool ++generic_setup_basedir(const char *progname, const char *parentdir, char *base, ++ const size_t baselen) ++{ ++ static char buf[PATH_MAX]; ++ struct stat st; ++ char *path; ++ ++ /* First: test length of name and whether it exists */ ++ if ((strlen(parentdir) >= baselen) || (strlen(parentdir) >= PATH_MAX)) { ++ (void)fprintf(stderr, "%s: Directory name too long: %s", ++ progname, parentdir); ++ return false; ++ } ++ if (lstat(parentdir, &st) == -1) { ++ (void)fprintf(stderr, "%s: Failed to stat %s: %s", ++ progname, parentdir, strerror(errno)); ++ return false; ++ } ++ ++ /* Ensure we have a clean directory pathname */ ++ strncpy(buf, parentdir, sizeof(buf)-1); ++ path = dirname(buf); ++ if (*path == '.') { ++ (void)fprintf(stderr, "%s: Unusable directory %s", ++ progname, parentdir); ++ return false; ++ } ++ ++ xlog(D_CALL, "Using %s as the state directory", parentdir); ++ strcpy(base, parentdir); ++ return true; ++} +diff --git a/support/nsm/Makefile.am b/support/nsm/Makefile.am +index 8f5874e..68f1a46 100644 +--- a/support/nsm/Makefile.am ++++ b/support/nsm/Makefile.am +@@ -10,7 +10,7 @@ GENFILES = $(GENFILES_CLNT) $(GENFILES_SVC) $(GENFILES_XDR) $(GENFILES_H) + EXTRA_DIST = sm_inter.x + + noinst_LIBRARIES = libnsm.a +-libnsm_a_SOURCES = $(GENFILES) file.c rpc.c ++libnsm_a_SOURCES = $(GENFILES) ../misc/misc.c file.c rpc.c + + BUILT_SOURCES = $(GENFILES) + diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-cacheio-use-intmax_t-for-formatted-IO.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-cacheio-use-intmax_t-for-formatted-IO.patch new file mode 100644 index 0000000000..bafff5b9c0 --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-cacheio-use-intmax_t-for-formatted-IO.patch @@ -0,0 +1,38 @@ +From ac32b813f5d6f9a2de944015cf9bb98d68e0203a Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sat, 1 Dec 2018 10:02:12 -0800 +Subject: [PATCH] cacheio: use intmax_t for formatted IO + +time_t is not same size on x32 ABI (ILP32) + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + support/nfs/cacheio.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/support/nfs/cacheio.c b/support/nfs/cacheio.c +index 9dc4cf1..2086a95 100644 +--- a/support/nfs/cacheio.c ++++ b/support/nfs/cacheio.c +@@ -17,6 +17,7 @@ + + #include <nfslib.h> + #include <stdio.h> ++#include <inttypes.h> + #include <stdio_ext.h> + #include <string.h> + #include <ctype.h> +@@ -234,7 +235,7 @@ cache_flush(int force) + stb.st_mtime > now) + stb.st_mtime = time(0); + +- sprintf(stime, "%ld\n", stb.st_mtime); ++ sprintf(stime, "%jd\n", (intmax_t)stb.st_mtime); + for (c=0; cachelist[c]; c++) { + int fd; + sprintf(path, "/proc/net/rpc/%s/flush", cachelist[c]); +-- +2.19.2 + diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure-Allow-to-explicitly-disable-nfsidmap.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure-Allow-to-explicitly-disable-nfsidmap.patch deleted file mode 100644 index 7025fb555c..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure-Allow-to-explicitly-disable-nfsidmap.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 9b84cff305866abd150cf1a4c6e7e5ebf8a7eb3a Mon Sep 17 00:00:00 2001 -From: Martin Jansa <Martin.Jansa@gmail.com> -Date: Fri, 15 Nov 2013 23:21:35 +0100 -Subject: [PATCH] configure: Allow to explicitly disable nfsidmap - -* keyutils availability is autodetected and builds aren't reproducible - -Upstream-Status: Pending - -Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> ---- - configure.ac | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index bf433d6..28a8f62 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -69,6 +69,12 @@ AC_ARG_ENABLE(nfsv4, - AC_SUBST(enable_nfsv4) - AM_CONDITIONAL(CONFIG_NFSV4, [test "$enable_nfsv4" = "yes"]) - -+AC_ARG_ENABLE(nfsidmap, -+ [AC_HELP_STRING([--enable-nfsidmap], -+ [enable support for NFSv4 idmapper @<:@default=yes@:>@])], -+ enable_nfsidmap=$enableval, -+ enable_nfsidmap=yes) -+ - AC_ARG_ENABLE(nfsv41, - [AC_HELP_STRING([--enable-nfsv41], - [enable support for NFSv41 @<:@default=yes@:>@])], -@@ -296,7 +302,7 @@ fi - - dnl enable nfsidmap when its support by libnfsidmap - AM_CONDITIONAL(CONFIG_NFSDCLTRACK, [test "$enable_nfsdcltrack" = "yes" ]) --AM_CONDITIONAL(CONFIG_NFSIDMAP, [test "$ac_cv_header_keyutils_h$ac_cv_lib_nfsidmap_nfs4_owner_to_uid" = "yesyes"]) -+AM_CONDITIONAL(CONFIG_NFSIDMAP, [test "$enable_nfsidmap$ac_cv_header_keyutils_h$ac_cv_lib_nfsidmap_nfs4_owner_to_uid" = "yesyesyes"]) - - - if test "$knfsd_cv_glibc2" = no; then --- -1.8.4.3 - diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch new file mode 100644 index 0000000000..d14f0789ff --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch @@ -0,0 +1,40 @@ +From 66471fbf7106917da7a1536b18a0a77d07479779 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <Mingli.Yu@windriver.com> +Date: Mon, 17 Dec 2018 15:29:47 +0800 +Subject: [PATCH] configure.ac: Do not fatalize -Wmissing-prototypes + +There comes below error when run "make -C tests/nsm_client nsm_client" +| nlm_sm_inter_svc.c:20:1: error: no previous prototype for 'nlm_sm_prog_3' [-Werror=missing-prototypes] + +It is because rpcgen doesn't generate -Wmissing-prototypes +free code for nlm_sm_inter_svc.c with below logic +in tests/nsm_client/Makefile.am +[snip] +GENFILES_SVC = nlm_sm_inter_svc.c +[snip] +$(GENFILES_SVC): %_svc.c: %.x $(RPCGEN) + test -f $@ && rm -rf $@ || true + $(RPCGEN) -m -o $@ $< + +So add the logic not to fatalize -Wmissing-prototypes. + +Upstream-Status: Submitted[https://marc.info/?l=linux-nfs&m=154503260323936&w=2] + +Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 50002b4..aebff01 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -582,7 +582,7 @@ my_am_cflags="\ + -Wall \ + -Wextra \ + $rpcgen_cflags \ +- -Werror=missing-prototypes \ ++ -Wmissing-prototypes \ + -Werror=missing-declarations \ + -Werror=format=2 \ + -Werror=undef \ diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch deleted file mode 100644 index de0b045c8c..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch +++ /dev/null @@ -1,113 +0,0 @@ -Upstream-Status: Pending - -Subject: nfs-utils/statd: fix a segfault caused by improper usage of RPC interface - -There is a hack which uses the bottom-level RPC improperly as below -in the current statd implementation: -insert a socket in the svc_fdset without a corresponding transport handle -and passes the socket to the svc_getreqset subroutine, this usage causes -a segfault of statd on a huge amount of sm-notifications. - -Fix the issue by separating the non-RPC-server sock from RPC dispatcher. - -Signed-off-by: Shan Hai <shan.hai@windriver.com> -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - utils/statd/rmtcall.c | 1 - - utils/statd/statd.c | 5 +++-- - utils/statd/statd.h | 2 +- - utils/statd/svc_run.c | 8 ++++++-- - 4 files changed, 10 insertions(+), 6 deletions(-) - -diff --git a/utils/statd/rmtcall.c b/utils/statd/rmtcall.c -index fd576d9..cde091b 100644 ---- a/utils/statd/rmtcall.c -+++ b/utils/statd/rmtcall.c -@@ -104,7 +104,6 @@ statd_get_socket(void) - if (sockfd < 0) - return -1; - -- FD_SET(sockfd, &SVC_FDSET); - return sockfd; - } - -diff --git a/utils/statd/statd.c b/utils/statd/statd.c -index 51a016e..e21a259 100644 ---- a/utils/statd/statd.c -+++ b/utils/statd/statd.c -@@ -247,6 +247,7 @@ int main (int argc, char **argv) - int port = 0, out_port = 0; - int nlm_udp = 0, nlm_tcp = 0; - struct rlimit rlim; -+ int notify_sockfd; - - int pipefds[2] = { -1, -1}; - char status; -@@ -473,7 +474,7 @@ int main (int argc, char **argv) - } - - /* Make sure we have a privilege port for calling into the kernel */ -- if (statd_get_socket() < 0) -+ if ((notify_sockfd = statd_get_socket()) < 0) - exit(1); - - /* If sm-notify didn't take all the state files, load -@@ -528,7 +529,7 @@ int main (int argc, char **argv) - * Handle incoming requests: SM_NOTIFY socket requests, as - * well as callbacks from lockd. - */ -- my_svc_run(); /* I rolled my own, Olaf made it better... */ -+ my_svc_run(notify_sockfd); /* I rolled my own, Olaf made it better... */ - - /* Only get here when simulating a crash so we should probably - * start sm-notify running again. As we have already dropped -diff --git a/utils/statd/statd.h b/utils/statd/statd.h -index a1d8035..231ac7e 100644 ---- a/utils/statd/statd.h -+++ b/utils/statd/statd.h -@@ -28,7 +28,7 @@ extern _Bool statd_present_address(const struct sockaddr *sap, char *buf, - __attribute__((__malloc__)) - extern char * statd_canonical_name(const char *hostname); - --extern void my_svc_run(void); -+extern void my_svc_run(int); - extern void notify_hosts(void); - extern void shuffle_dirs(void); - extern int statd_get_socket(void); -diff --git a/utils/statd/svc_run.c b/utils/statd/svc_run.c -index d98ecee..28c1ad6 100644 ---- a/utils/statd/svc_run.c -+++ b/utils/statd/svc_run.c -@@ -78,7 +78,7 @@ my_svc_exit(void) - * The heart of the server. A crib from libc for the most part... - */ - void --my_svc_run(void) -+my_svc_run(int sockfd) - { - FD_SET_TYPE readfds; - int selret; -@@ -96,6 +96,8 @@ my_svc_run(void) - } - - readfds = SVC_FDSET; -+ /* Set notify sockfd for waiting for reply */ -+ FD_SET(sockfd, &readfds); - if (notify) { - struct timeval tv; - -@@ -125,8 +127,10 @@ my_svc_run(void) - - default: - selret -= process_reply(&readfds); -- if (selret) -+ if (selret) { -+ FD_CLR(sockfd, &readfds); - svc_getreqset(&readfds); -+ } - } - } - } --- -1.9.1 - diff --git a/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch index 14bd4036af..f13d7b380c 100644 --- a/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch @@ -12,23 +12,28 @@ instead but forgot to update the mount.nfs helper 'start-statd' accordingly. Upstream-Status: Inappropriate [other] Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de> + +Rebase it. + +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> --- - utils/statd/start-statd | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) + utils/statd/start-statd | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/statd/start-statd b/utils/statd/start-statd -index 8211a90..3c2aa6f 100755 +index af5c950..df9b9be 100755 --- a/utils/statd/start-statd +++ b/utils/statd/start-statd -@@ -16,7 +16,7 @@ fi +@@ -28,10 +28,10 @@ fi # First try systemd if it's installed. if [ -d /run/systemd/system ]; then # Quit only if the call worked. -- systemctl start rpc-statd.service && exit -+ systemctl start nfs-statd.service && exit +- if systemctl start rpc-statd.service; then ++ if systemctl start nfs-statd.service; then + # Ensure systemd knows not to stop rpc.statd or its dependencies + # on 'systemctl isolate ..' +- systemctl add-wants --runtime remote-fs.target rpc-statd.service ++ systemctl add-wants --runtime remote-fs.target nfs-statd.service + exit 0 + fi fi - - # Fall back to launching it ourselves. --- -2.1.4 - diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-format-string.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-format-string.patch new file mode 100644 index 0000000000..1d693e4142 --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-format-string.patch @@ -0,0 +1,183 @@ +Clang comes up with more printf format warnings +Correcting “format string is not a string literal” warning +requires us to declare that parameter is a printf style +format using the attribute flag + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +Index: nfs-utils-2.3.3/support/include/xcommon.h +=================================================================== +--- nfs-utils-2.3.3.orig/support/include/xcommon.h ++++ nfs-utils-2.3.3/support/include/xcommon.h +@@ -27,7 +27,7 @@ + + /* Functions in sundries.c that are used in mount.c and umount.c */ + char *canonicalize (const char *path); +-void nfs_error (const char *fmt, ...); ++void nfs_error (const char *fmt, ...) __attribute__((__format__ (__printf__, 1, 2))); + void *xmalloc (size_t size); + void *xrealloc(void *p, size_t size); + void xfree(void *); +@@ -36,9 +36,9 @@ char *xstrndup (const char *s, int n); + char *xstrconcat2 (const char *, const char *); + char *xstrconcat3 (const char *, const char *, const char *); + char *xstrconcat4 (const char *, const char *, const char *, const char *); +-void die (int errcode, const char *fmt, ...); ++void die (int errcode, const char *fmt, ...) __attribute__((__format__ (__printf__, 2, 3))); + +-extern void die(int err, const char *fmt, ...); ++extern void die(int err, const char *fmt, ...) __attribute__((__format__ (__printf__, 2, 3))); + extern void (*at_die)(void); + + /* exit status - bits below are ORed */ +Index: nfs-utils-2.3.3/support/include/xlog.h +=================================================================== +--- nfs-utils-2.3.3.orig/support/include/xlog.h ++++ nfs-utils-2.3.3/support/include/xlog.h +@@ -43,10 +43,10 @@ void xlog_config(int fac, int on); + void xlog_sconfig(char *, int on); + void xlog_from_conffile(char *); + int xlog_enabled(int fac); +-void xlog(int fac, const char *fmt, ...); +-void xlog_warn(const char *fmt, ...); +-void xlog_err(const char *fmt, ...); +-void xlog_errno(int err, const char *fmt, ...); +-void xlog_backend(int fac, const char *fmt, va_list args); ++void xlog(int fac, const char *fmt, ...) __attribute__((__format__ (__printf__, 2, 3))); ++void xlog_warn(const char *fmt, ...) __attribute__((__format__ (__printf__, 1, 2))); ++void xlog_err(const char *fmt, ...) __attribute__((__format__ (__printf__, 1, 2))); ++void xlog_errno(int err, const char *fmt, ...) __attribute__((__format__ (__printf__, 2, 3))); ++void xlog_backend(int fac, const char *fmt, va_list args) __attribute__((__format__ (__printf__, 2, 0))); + + #endif /* XLOG_H */ +Index: nfs-utils-2.3.3/support/nfs/xcommon.c +=================================================================== +--- nfs-utils-2.3.3.orig/support/nfs/xcommon.c ++++ nfs-utils-2.3.3/support/nfs/xcommon.c +@@ -93,7 +93,10 @@ nfs_error (const char *fmt, ...) { + + fmt2 = xstrconcat2 (fmt, "\n"); + va_start (args, fmt); ++#pragma clang diagnostic push ++#pragma clang diagnostic ignored "-Wformat-nonliteral" + vfprintf (stderr, fmt2, args); ++#pragma clang diagnostic pop + va_end (args); + free (fmt2); + } +Index: nfs-utils-2.3.3/utils/exportfs/exportfs.c +=================================================================== +--- nfs-utils-2.3.3.orig/utils/exportfs/exportfs.c ++++ nfs-utils-2.3.3/utils/exportfs/exportfs.c +@@ -644,6 +644,7 @@ out: + return result; + } + ++__attribute__((__format__ (__printf__, 2, 3))) + static char + dumpopt(char c, char *fmt, ...) + { +Index: nfs-utils-2.3.3/utils/statd/statd.c +=================================================================== +--- nfs-utils-2.3.3.orig/utils/statd/statd.c ++++ nfs-utils-2.3.3/utils/statd/statd.c +@@ -136,7 +136,7 @@ static void log_modes(void) + strcat(buf, "TI-RPC "); + #endif + +- xlog_warn(buf); ++ xlog_warn("%s", buf); + } + + /* +Index: nfs-utils-2.3.3/support/nfs/svc_create.c +=================================================================== +--- nfs-utils-2.3.3.orig/support/nfs/svc_create.c ++++ nfs-utils-2.3.3/support/nfs/svc_create.c +@@ -184,7 +184,7 @@ svc_create_sock(const struct sockaddr *s + type = SOCK_STREAM; + break; + default: +- xlog(D_GENERAL, "%s: Unrecognized bind address semantics: %u", ++ xlog(D_GENERAL, "%s: Unrecognized bind address semantics: %lu", + __func__, nconf->nc_semantics); + return -1; + } +Index: nfs-utils-2.3.3/support/nsm/rpc.c +=================================================================== +--- nfs-utils-2.3.3.orig/support/nsm/rpc.c ++++ nfs-utils-2.3.3/support/nsm/rpc.c +@@ -182,7 +182,7 @@ nsm_xmit_getport(const int sock, const s + uint32_t xid; + XDR xdr; + +- xlog(D_CALL, "Sending PMAP_GETPORT for %u, %u, udp", program, version); ++ xlog(D_CALL, "Sending PMAP_GETPORT for %lu, %lu, udp", program, version); + + nsm_init_xdrmem(msgbuf, NSM_MAXMSGSIZE, &xdr); + xid = nsm_init_rpc_header(PMAPPROG, PMAPVERS, +Index: nfs-utils-2.3.3/utils/mountd/cache.c +=================================================================== +--- nfs-utils-2.3.3.orig/utils/mountd/cache.c ++++ nfs-utils-2.3.3/utils/mountd/cache.c +@@ -968,8 +968,7 @@ lookup_export(char *dom, char *path, str + } else if (found_type == i && found->m_warned == 0) { + xlog(L_WARNING, "%s exported to both %s and %s, " + "arbitrarily choosing options from first", +- path, found->m_client->m_hostname, exp->m_client->m_hostname, +- dom); ++ path, found->m_client->m_hostname, exp->m_client->m_hostname); + found->m_warned = 1; + } + } +Index: nfs-utils-2.3.3/utils/mountd/mountd.c +=================================================================== +--- nfs-utils-2.3.3.orig/utils/mountd/mountd.c ++++ nfs-utils-2.3.3/utils/mountd/mountd.c +@@ -213,7 +213,7 @@ static void + sig_hup (int sig) + { + /* don't exit on SIGHUP */ +- xlog (L_NOTICE, "Received SIGHUP... Ignoring.\n", sig); ++ xlog (L_NOTICE, "Received SIGHUP(%d)... Ignoring.\n", sig); + return; + } + +Index: nfs-utils-2.3.3/utils/statd/rmtcall.c +=================================================================== +--- nfs-utils-2.3.3.orig/utils/statd/rmtcall.c ++++ nfs-utils-2.3.3/utils/statd/rmtcall.c +@@ -247,7 +247,7 @@ process_reply(FD_SET_TYPE *rfds) + xlog_warn("%s: service %d not registered on localhost", + __func__, NL_MY_PROG(lp)); + } else { +- xlog(D_GENERAL, "%s: Callback to %s (for %d) succeeded", ++ xlog(D_GENERAL, "%s: Callback to %s (for %s) succeeded", + __func__, NL_MY_NAME(lp), NL_MON_NAME(lp)); + } + nlist_free(¬ify, lp); +Index: nfs-utils-2.3.3/utils/statd/svc_run.c +=================================================================== +--- nfs-utils-2.3.3.orig/utils/statd/svc_run.c ++++ nfs-utils-2.3.3/utils/statd/svc_run.c +@@ -53,6 +53,7 @@ + + #include <errno.h> + #include <time.h> ++#include <inttypes.h> + #include "statd.h" + #include "notlist.h" + +@@ -104,8 +105,8 @@ my_svc_run(int sockfd) + + tv.tv_sec = NL_WHEN(notify) - now; + tv.tv_usec = 0; +- xlog(D_GENERAL, "Waiting for reply... (timeo %d)", +- tv.tv_sec); ++ xlog(D_GENERAL, "Waiting for reply... (timeo %jd)", ++ (intmax_t)tv.tv_sec); + selret = select(FD_SETSIZE, &readfds, + (void *) 0, (void *) 0, &tv); + } else { diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service index 613ddc003a..c01415de84 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service @@ -1,11 +1,17 @@ [Unit] Description=NFS Mount Daemon -After=rpcbind.service nfs-server.service -Requires=rpcbind.service nfs-server.service +DefaultDependencies=no +After=rpcbind.socket +Requires=proc-fs-nfsd.mount +After=proc-fs-nfsd.mount +After=network.target local-fs.target +BindsTo=nfs-server.service +ConditionPathExists=@SYSCONFDIR@/exports [Service] EnvironmentFile=-@SYSCONFDIR@/nfs-utils.conf ExecStart=@SBINDIR@/rpc.mountd -F $MOUNTD_OPTS +LimitNOFILE=@HIGH_RLIMIT_NOFILE@ [Install] WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service index 147d7a7b5f..6481377d80 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service @@ -1,7 +1,12 @@ [Unit] -Description=NFS Server -Requires=rpcbind.service nfs-mountd.service -After=rpcbind.service +Description=NFS server and services +DefaultDependencies=no +Requires=network.target proc-fs-nfsd.mount +Requires=nfs-mountd.service +Wants=rpcbind.service +After=local-fs.target +After=network.target proc-fs-nfsd.mount rpcbind.service nfs-mountd.service +ConditionPathExists=@SYSCONFDIR@/exports [Service] Type=oneshot @@ -9,6 +14,7 @@ EnvironmentFile=-@SYSCONFDIR@/nfs-utils.conf ExecStartPre=@SBINDIR@/exportfs -r ExecStart=@SBINDIR@/rpc.nfsd $NFSD_OPTS $NFSD_COUNT ExecStop=@SBINDIR@/rpc.nfsd 0 +ExecStopPost=@SBINDIR@/exportfs -au ExecStopPost=@SBINDIR@/exportfs -f ExecReload=@SBINDIR@/exportfs -r StandardError=syslog diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service index 746dacf056..4fa64e1998 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service @@ -1,12 +1,14 @@ [Unit] -Description=NFS file locking service -After=rpcbind.service -Requires=rpcbind.service -Before=remote-fs-pre.target +Description=NFS status monitor for NFSv2/3 locking. +DefaultDependencies=no +Conflicts=umount.target +Requires=nss-lookup.target rpcbind.service +After=network.target nss-lookup.target rpcbind.service [Service] EnvironmentFile=-@SYSCONFDIR@/nfs-utils.conf ExecStart=@SBINDIR@/rpc.statd -F $STATD_OPTS +LimitNOFILE=@HIGH_RLIMIT_NOFILE@ [Install] WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.2.3-sm-notify-res_init.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.2.3-sm-notify-res_init.patch deleted file mode 100644 index d8f8181670..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.2.3-sm-notify-res_init.patch +++ /dev/null @@ -1,36 +0,0 @@ -Fixes errors like -sm-notify[1070]: DNS resolution of a.b.c.d..com failed; retrying later -This error will occur anytime sm-notify is run before the network if fully up, -which is happening more and more with parallel startup systems. -The res_init() call is simple, safe, quick, and a patch to use it should be -able to go upstream. Presumably the whole reason sm-notify tries several -times is to wait for possible changes to the network configuration, but without -calling res_init() it will never be aware of those changes - -Backported drom Fedora - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> - - -diff -up nfs-utils-1.2.3/utils/statd/sm-notify.c.orig nfs-utils-1.2.3/utils/statd/sm-notify.c ---- nfs-utils-1.2.3/utils/statd/sm-notify.c.orig 2010-09-28 08:24:16.000000000 -0400 -+++ nfs-utils-1.2.3/utils/statd/sm-notify.c 2010-10-15 16:44:43.487119601 -0400 -@@ -28,6 +28,9 @@ - #include <netdb.h> - #include <errno.h> - #include <grp.h> -+#include <netinet/in.h> -+#include <arpa/nameser.h> -+#include <resolv.h> - - #include "sockaddr.h" - #include "xlog.h" -@@ -84,6 +87,7 @@ smn_lookup(const char *name) - }; - int error; - -+ res_init(); - error = getaddrinfo(name, NULL, &hint, &ai); - if (error != 0) { - xlog(D_GENERAL, "getaddrinfo(3): %s", gai_strerror(error)); diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch deleted file mode 100644 index 993f1e5ea5..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch +++ /dev/null @@ -1,42 +0,0 @@ -nfs-utils: Do not pass CFLAGS to gcc while building - -Do not pass CFLAGS/LDFLAGS to gcc while building, The needed flags has -been passed by xxx_CFLAGS=$(CFLAGS_FOR_BUILD). - -Upstream-Status: Pending - -Signed-off-by: Chong Lu <Chong.Lu@windriver.com> ---- - tools/locktest/Makefile.am | 2 ++ - tools/rpcgen/Makefile.am | 2 ++ - 2 files changed, 4 insertions(+) - -diff --git a/tools/locktest/Makefile.am b/tools/locktest/Makefile.am -index 3156815..1729fd1 100644 ---- a/tools/locktest/Makefile.am -+++ b/tools/locktest/Makefile.am -@@ -1,6 +1,8 @@ - ## Process this file with automake to produce Makefile.in - - CC=$(CC_FOR_BUILD) -+CFLAGS= -+LDFLAGS= - LIBTOOL = @LIBTOOL@ --tag=CC - - noinst_PROGRAMS = testlk -diff --git a/tools/rpcgen/Makefile.am b/tools/rpcgen/Makefile.am -index 8a9ec89..8bacdaa 100644 ---- a/tools/rpcgen/Makefile.am -+++ b/tools/rpcgen/Makefile.am -@@ -1,6 +1,8 @@ - ## Process this file with automake to produce Makefile.in - - CC=$(CC_FOR_BUILD) -+CFLAGS= -+LDFLAGS= - LIBTOOL = @LIBTOOL@ --tag=CC - - noinst_PROGRAMS = rpcgen --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch index 85002290f0..ede0dcefc4 100644 --- a/meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch @@ -9,17 +9,18 @@ Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> --- - utils/statd/start-statd | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) + utils/statd/start-statd | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/utils/statd/start-statd b/utils/statd/start-statd -index ec9383b..3969b8c 100755 +index 2fd6039..f591b34 100755 --- a/utils/statd/start-statd +++ b/utils/statd/start-statd -@@ -6,6 +6,13 @@ - # site. - PATH="/sbin:/usr/sbin:/bin:/usr/bin" - +@@ -17,6 +17,14 @@ then + # statd already running - must have been slow to respond. + exit 0 + fi ++ +# Read config +DEFAULTFILE=/etc/default/nfs-common +NEED_IDMAPD= @@ -28,14 +29,14 @@ index ec9383b..3969b8c 100755 +fi + # First try systemd if it's installed. - if systemctl --help >/dev/null 2>&1; then + if [ -d /run/systemd/system ]; then # Quit only if the call worked. -@@ -13,4 +20,4 @@ if systemctl --help >/dev/null 2>&1; then - fi +@@ -25,4 +33,4 @@ fi + cd / # Fall back to launching it ourselves. -exec rpc.statd --no-notify +exec rpc.statd --no-notify $STATDOPTS -- -1.9.1 +2.6.6 diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch new file mode 100644 index 0000000000..921f5edc82 --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch @@ -0,0 +1,46 @@ +From caa19231196d73541445728e6813c8fa70345acb Mon Sep 17 00:00:00 2001 +From: Robert Yang <liezhi.yang@windriver.com> +Date: Tue, 26 Jun 2018 15:59:00 +0800 +Subject: [PATCH] nfs-utils: 2.1.1 -> 2.3.1 + +Fixed: +configure: error: res_querydomain needed + +Upstream-Status: Pending [https://github.com/alpinelinux/aports/blob/master/main/nfs-utils/musl-configure_ac.patch] + +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> + +--- + configure.ac | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 50002b4..dcadb23 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -582,10 +582,10 @@ my_am_cflags="\ + -Wall \ + -Wextra \ + $rpcgen_cflags \ +- -Werror=missing-prototypes \ +- -Werror=missing-declarations \ ++ -Wmissing-prototypes \ ++ -Wmissing-declarations \ + -Werror=format=2 \ +- -Werror=undef \ ++ -Wundef \ + -Werror=missing-include-dirs \ + -Werror=strict-aliasing=2 \ + -Werror=init-self \ +@@ -614,10 +614,9 @@ AC_DEFUN([CHECK_CCSUPPORT], [ + + CHECK_CCSUPPORT([-Werror=format-overflow=2], [flg1]) + CHECK_CCSUPPORT([-Werror=int-conversion], [flg2]) +-CHECK_CCSUPPORT([-Werror=incompatible-pointer-types], [flg3]) + CHECK_CCSUPPORT([-Werror=misleading-indentation], [flg4]) + +-AC_SUBST([AM_CFLAGS], ["$my_am_cflags $flg1 $flg2 $flg3 $flg4"]) ++AC_SUBST([AM_CFLAGS], ["$my_am_cflags $flg1 $flg2 $flg4"]) + + # Make sure that $ACLOCAL_FLAGS are used during a rebuild + AC_SUBST([ACLOCAL_AMFLAGS], ["-I $ac_macro_dir \$(ACLOCAL_FLAGS)"]) diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver index 7ed93a59d4..0f5747cc6d 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver @@ -40,7 +40,7 @@ test "$NFS_SERVERS" != "" && test "$NFS_SERVERS" -gt 0 && test "$NFS_SERVERS" -l #mountd start_mountd(){ echo -n 'starting mountd: ' - start-stop-daemon --start --exec "$NFS_MOUNTD" -- "-f /etc/exports $@" + start-stop-daemon --start --exec "$NFS_MOUNTD" -- "$@" echo done } stop_mountd(){ @@ -107,7 +107,7 @@ stop_nfsd(){ #FIXME: need to create the /var/lib/nfs/... directories case "$1" in start) - exportfs -r + test -r /etc/exports && exportfs -r start_nfsd "$NFS_SERVERS" start_mountd test -r /etc/exports && exportfs -a;; diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb index 8540503df9..eb32bccb57 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb @@ -8,9 +8,8 @@ LICENSE = "MIT & GPLv2+ & BSD" LIC_FILES_CHKSUM = "file://COPYING;md5=95f3a93a5c3c7888de623b46ea085a84" # util-linux for libblkid -DEPENDS = "libcap libnfsidmap libevent util-linux sqlite3 libtirpc" -RDEPENDS_${PN}-client = "rpcbind bash" -RDEPENDS_${PN} = "${PN}-client bash" +DEPENDS = "libcap libevent util-linux sqlite3 libtirpc" +RDEPENDS_${PN} = "${PN}-client" RRECOMMENDS_${PN} = "kernel-module-nfsd" inherit useradd @@ -20,8 +19,6 @@ USERADD_PARAM_${PN}-client = "--system --home-dir /var/lib/nfs \ --shell /bin/false --user-group rpcuser" SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.xz \ - file://0001-configure-Allow-to-explicitly-disable-nfsidmap.patch \ - file://nfs-utils-1.2.3-sm-notify-res_init.patch \ file://nfsserver \ file://nfscommon \ file://nfs-utils.conf \ @@ -29,14 +26,19 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x file://nfs-mountd.service \ file://nfs-statd.service \ file://proc-fs-nfsd.mount \ - file://nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch \ file://nfs-utils-debianize-start-statd.patch \ - file://0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch \ file://bugfix-adjust-statd-service-name.patch \ + file://0001-cacheio-use-intmax_t-for-formatted-IO.patch \ + file://clang-format-string.patch \ + file://0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch \ + file://0001-Don-t-build-tools-with-CC_FOR_BUILD.patch \ + file://0001-Fix-include-order-between-config.h-and-stat.h.patch \ " +SRC_URI_append_libc-glibc = " file://0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch" +SRC_URI_append_libc-musl = " file://nfs-utils-musl-res_querydomain.patch" -SRC_URI[md5sum] = "cd6b568c2e9301cc3bfac09d87fbbc0b" -SRC_URI[sha256sum] = "700d689c5622c87953c34102e5befafc4d3c811e676852238f0dd79c9c0c084d" +SRC_URI[md5sum] = "161efe469ec1b06f1c750bd87f8ba6dd" +SRC_URI[sha256sum] = "85274ada94479b1beba9f8eeffd19f477c53a6710b9998d1192c807854087736" # Only kernel-module-nfsd is required here (but can be built-in) - the nfsd module will # pull in the remainder of the dependencies. @@ -49,32 +51,34 @@ INITSCRIPT_PARAMS_${PN}-client = "defaults 19 21" inherit autotools-brokensep update-rc.d systemd pkgconfig +SYSTEMD_PACKAGES = "${PN} ${PN}-client" SYSTEMD_SERVICE_${PN} = "nfs-server.service nfs-mountd.service" SYSTEMD_SERVICE_${PN}-client = "nfs-statd.service" -SYSTEMD_AUTO_ENABLE = "disable" # --enable-uuid is need for cross-compiling EXTRA_OECONF = "--with-statduser=rpcuser \ --enable-mountconfig \ --enable-libmount-mount \ - --disable-nfsv41 \ --enable-uuid \ --disable-gss \ --disable-nfsdcltrack \ --with-statdpath=/var/lib/nfs/statd \ " +CFLAGS += "-Wno-error=format-overflow" + PACKAGECONFIG ??= "tcp-wrappers \ - ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)} \ + ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ " PACKAGECONFIG_remove_libc-musl = "tcp-wrappers" PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers" -PACKAGECONFIG[nfsidmap] = "--enable-nfsidmap,--disable-nfsidmap,keyutils" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," +# libdevmapper is available in meta-oe +PACKAGECONFIG[nfsv41] = "--enable-nfsv41,--disable-nfsv41,libdevmapper" +# keyutils is available in meta-security +PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils" -INHIBIT_AUTO_STAGE = "1" - -PACKAGES =+ "${PN}-client ${PN}-stats" +PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats" CONFFILES_${PN}-client += "${localstatedir}/lib/nfs/etab \ ${localstatedir}/lib/nfs/rmtab \ @@ -82,7 +86,7 @@ CONFFILES_${PN}-client += "${localstatedir}/lib/nfs/etab \ ${localstatedir}/lib/nfs/statd/state \ ${sysconfdir}/nfsmount.conf" -FILES_${PN}-client = "${base_sbindir}/*mount.nfs* ${sbindir}/*statd \ +FILES_${PN}-client = "${sbindir}/*statd \ ${sbindir}/rpc.idmapd ${sbindir}/sm-notify \ ${sbindir}/showmount ${sbindir}/nfsstat \ ${localstatedir}/lib/nfs \ @@ -90,6 +94,10 @@ FILES_${PN}-client = "${base_sbindir}/*mount.nfs* ${sbindir}/*statd \ ${sysconfdir}/nfsmount.conf \ ${sysconfdir}/init.d/nfscommon \ ${systemd_unitdir}/system/nfs-statd.service" +RDEPENDS_${PN}-client = "${PN}-mount rpcbind" + +FILES_${PN}-mount = "${base_sbindir}/*mount.nfs*" + FILES_${PN}-stats = "${sbindir}/mountstats ${sbindir}/nfsiostat" RDEPENDS_${PN}-stats = "python3-core" @@ -98,9 +106,6 @@ FILES_${PN} += "${systemd_unitdir}" do_configure_prepend() { sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \ ${S}/utils/mount/Makefile.am - - sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \ - ${S}/utils/osd_login/Makefile.am } # Make clean needed because the package comes with @@ -109,6 +114,9 @@ do_compile_prepend() { make clean } +# Works on systemd only +HIGH_RLIMIT_NOFILE ??= "4096" + do_install_append () { install -d ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/nfsserver ${D}${sysconfdir}/init.d/nfsserver @@ -123,10 +131,9 @@ do_install_append () { install -m 0644 ${WORKDIR}/nfs-statd.service ${D}${systemd_unitdir}/system/ sed -i -e 's,@SBINDIR@,${sbindir},g' \ -e 's,@SYSCONFDIR@,${sysconfdir},g' \ + -e 's,@HIGH_RLIMIT_NOFILE@,${HIGH_RLIMIT_NOFILE},g' \ ${D}${systemd_unitdir}/system/*.service if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -d ${D}${sysconfdir}/modules-load.d - echo "nfsd" > ${D}${sysconfdir}/modules-load.d/nfsd.conf install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount ${D}${systemd_unitdir}/system/ install -d ${D}${systemd_unitdir}/system/sysinit.target.wants/ ln -sf ../proc-fs-nfsd.mount ${D}${systemd_unitdir}/system/sysinit.target.wants/proc-fs-nfsd.mount @@ -139,11 +146,6 @@ do_install_append () { chown -R rpcuser:rpcuser ${D}${localstatedir}/lib/nfs/statd chmod 0644 ${D}${localstatedir}/lib/nfs/statd/state - # the following are built by CC_FOR_BUILD - rm -f ${D}${sbindir}/rpcdebug - rm -f ${D}${sbindir}/rpcgen - rm -f ${D}${sbindir}/locktest - # Make python tools use python 3 sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${sbindir}/mountstats ${D}${sbindir}/nfsiostat diff --git a/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch b/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch new file mode 100644 index 0000000000..8a5a300adc --- /dev/null +++ b/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch @@ -0,0 +1,36 @@ +From 22b52db4842611ac31a356f023fc09595384e2ad Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Thu, 23 May 2019 18:11:22 -0700 +Subject: [PATCH] mbim: add an optional TEMP_FAILURE_RETRY macro copy + +Fixes build on musl which does not provide this macro + +Upstream-Status: Submitted [https://lists.ofono.org/pipermail/ofono/2019-May/019370.html] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + drivers/mbimmodem/mbim-private.h | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/drivers/mbimmodem/mbim-private.h b/drivers/mbimmodem/mbim-private.h +index e159235..51693ea 100644 +--- a/drivers/mbimmodem/mbim-private.h ++++ b/drivers/mbimmodem/mbim-private.h +@@ -21,6 +21,15 @@ + + #define align_len(len, boundary) (((len)+(boundary)-1) & ~((boundary)-1)) + ++#ifndef TEMP_FAILURE_RETRY ++#define TEMP_FAILURE_RETRY(expression) ({ \ ++ __typeof(expression) __result; \ ++ do { \ ++ __result = (expression); \ ++ } while (__result == -1 && errno == EINTR); \ ++ __result; }) ++#endif ++ + enum mbim_control_message { + MBIM_OPEN_MSG = 0x1, + MBIM_CLOSE_MSG = 0x2, +-- +2.21.0 + diff --git a/meta/recipes-connectivity/ofono/ofono_1.18.bb b/meta/recipes-connectivity/ofono/ofono_1.18.bb deleted file mode 100644 index b0707311ad..0000000000 --- a/meta/recipes-connectivity/ofono/ofono_1.18.bb +++ /dev/null @@ -1,10 +0,0 @@ -require ofono.inc - -SRC_URI = "\ - ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ - file://ofono \ -" -SRC_URI[md5sum] = "0a6b37c8ace891cb2a7ca5d121043a0a" -SRC_URI[sha256sum] = "53cdbf342913f46bce4827241c60e24255a3d43a94945edf77482ae5b312d51f" - -CFLAGS_append_libc-uclibc = " -D_GNU_SOURCE" diff --git a/meta/recipes-connectivity/ofono/ofono.inc b/meta/recipes-connectivity/ofono/ofono_1.31.bb index 9c47c6fde5..7d0976ad7f 100644 --- a/meta/recipes-connectivity/ofono/ofono.inc +++ b/meta/recipes-connectivity/ofono/ofono_1.31.bb @@ -1,42 +1,50 @@ -HOMEPAGE = "http://www.ofono.org" -SUMMARY = "open source telephony" +SUMMARY = "open source telephony" DESCRIPTION = "oFono is a stack for mobile telephony devices on Linux. oFono supports speaking to telephony devices through specific drivers, or with generic AT commands." -LICENSE = "GPLv2" +HOMEPAGE = "http://www.ofono.org" +BUGTRACKER = "https://01.org/jira/browse/OF" +LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ file://src/ofono.h;beginline=1;endline=20;md5=3ce17d5978ef3445def265b98899c2ee" +DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ell" -inherit autotools pkgconfig update-rc.d systemd bluetooth +SRC_URI = "\ + ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ + file://ofono \ + file://0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch \ +" +SRC_URI[md5sum] = "1c26340e3c6ed132cc812595081bb3dc" +SRC_URI[sha256sum] = "a15c5d28096c10eb30e47a68b6dc2e7c4a5a99d7f4cfedf0b69624f33d859e9b" -DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info" +inherit autotools pkgconfig update-rc.d systemd gobject-introspection-data INITSCRIPT_NAME = "ofono" INITSCRIPT_PARAMS = "defaults 22" +SYSTEMD_SERVICE_${PN} = "ofono.service" PACKAGECONFIG ??= "\ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \ + ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ - " +" PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir=" -PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, ${BLUEZ}" +PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5" -EXTRA_OECONF += "--enable-test" - -SYSTEMD_SERVICE_${PN} = "ofono.service" +EXTRA_OECONF += "--enable-test --enable-external-ell" do_install_append() { install -d ${D}${sysconfdir}/init.d/ install -m 0755 ${WORKDIR}/ofono ${D}${sysconfdir}/init.d/ofono - - # Ofono still has one test tool that refers to Python 2 in the shebang - sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${libdir}/ofono/test/set-ddr - } PACKAGES =+ "${PN}-tests" -RDEPENDS_${PN} += "dbus" -RRECOMMENDS_${PN} += "kernel-module-tun mobile-broadband-provider-info" - FILES_${PN} += "${systemd_unitdir}" FILES_${PN}-tests = "${libdir}/${BPN}/test" -RDEPENDS_${PN}-tests = "python3 python3-pygobject python3-dbus" + +RDEPENDS_${PN} += "dbus" +RDEPENDS_${PN}-tests = "\ + python3-core \ + python3-dbus \ + ${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'python3-pygobject', '', d)} \ +" + +RRECOMMENDS_${PN} += "kernel-module-tun mobile-broadband-provider-info" diff --git a/meta/recipes-connectivity/ofono/ofono_git.bb b/meta/recipes-connectivity/ofono/ofono_git.bb deleted file mode 100644 index beafb775c2..0000000000 --- a/meta/recipes-connectivity/ofono/ofono_git.bb +++ /dev/null @@ -1,14 +0,0 @@ -require ofono.inc - -S = "${WORKDIR}/git" -SRCREV = "14544d5996836f628613c2ce544380ee6fc8f514" -PV = "0.12-git${SRCPV}" -PR = "r5" - -SRC_URI = "git://git.kernel.org/pub/scm/network/ofono/ofono.git \ - file://ofono" - -do_configure_prepend () { - ${S}/bootstrap -} - diff --git a/meta/recipes-connectivity/openssh/openssh/add-test-support-for-busybox.patch b/meta/recipes-connectivity/openssh/openssh/add-test-support-for-busybox.patch index adc25c668f..b8402a4dee 100644 --- a/meta/recipes-connectivity/openssh/openssh/add-test-support-for-busybox.patch +++ b/meta/recipes-connectivity/openssh/openssh/add-test-support-for-busybox.patch @@ -6,64 +6,42 @@ Adjust test cases to work with busybox. Signed-off-by: Maxin B. John <maxin.john@enea.com> Upstream-Status: Pending -Index: openssh-6.8p1/regress/cipher-speed.sh +Index: openssh-7.6p1/regress/cipher-speed.sh =================================================================== ---- openssh-6.8p1.orig/regress/cipher-speed.sh -+++ openssh-6.8p1/regress/cipher-speed.sh +--- openssh-7.6p1.orig/regress/cipher-speed.sh ++++ openssh-7.6p1/regress/cipher-speed.sh @@ -17,7 +17,7 @@ for c in `${SSH} -Q cipher`; do n=0; for printf "%-60s" "$c/$m:" ( ${SSH} -o 'compression no' \ - -F $OBJ/ssh_proxy -2 -m $m -c $c somehost \ + -F $OBJ/ssh_proxy -m $m -c $c somehost \ - exec sh -c \'"dd of=/dev/null obs=32k"\' \ + exec sh -c \'"dd of=/dev/null bs=32k"\' \ < ${DATA} ) 2>&1 | getbytes if [ $? -ne 0 ]; then -@@ -42,7 +42,7 @@ for c in $ciphers; do - printf "%-60s" "$c:" - ( ${SSH} -o 'compression no' \ - -F $OBJ/ssh_proxy -1 -c $c somehost \ -- exec sh -c \'"dd of=/dev/null obs=32k"\' \ -+ exec sh -c \'"dd of=/dev/null bs=32k"\' \ - < ${DATA} ) 2>&1 | getbytes - if [ $? -ne 0 ]; then - fail "ssh -1 failed with cipher $c" -Index: openssh-6.8p1/regress/transfer.sh -=================================================================== ---- openssh-6.8p1.orig/regress/transfer.sh -+++ openssh-6.8p1/regress/transfer.sh -@@ -15,7 +15,7 @@ for p in ${SSH_PROTOCOLS}; do - for s in 10 100 1k 32k 64k 128k 256k; do - trace "proto $p dd-size ${s}" - rm -f ${COPY} -- dd if=$DATA obs=${s} 2> /dev/null | \ -+ dd if=$DATA bs=${s} 2> /dev/null | \ - ${SSH} -q -$p -F $OBJ/ssh_proxy somehost "cat > ${COPY}" - if [ $? -ne 0 ]; then - fail "ssh cat $DATA failed" -Index: openssh-6.8p1/regress/yes-head.sh +Index: openssh-7.6p1/regress/transfer.sh =================================================================== ---- openssh-6.8p1.orig/regress/yes-head.sh -+++ openssh-6.8p1/regress/yes-head.sh -@@ -4,7 +4,7 @@ - tid="yes pipe head" - - for p in ${SSH_PROTOCOLS}; do -- lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'sh -c "while true;do echo yes;done | _POSIX2_VERSION=199209 head -2000"' | (sleep 3 ; wc -l)` -+ lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'sh -c "while true;do echo yes;done | _POSIX2_VERSION=199209 head -n 2000"' | (sleep 3 ; wc -l)` +--- openssh-7.6p1.orig/regress/transfer.sh ++++ openssh-7.6p1/regress/transfer.sh +@@ -13,7 +13,7 @@ cmp ${DATA} ${COPY} || fail "corrupted + for s in 10 100 1k 32k 64k 128k 256k; do + trace "dd-size ${s}" + rm -f ${COPY} +- dd if=$DATA obs=${s} 2> /dev/null | \ ++ dd if=$DATA bs=${s} 2> /dev/null | \ + ${SSH} -q -F $OBJ/ssh_proxy somehost "cat > ${COPY}" if [ $? -ne 0 ]; then - fail "yes|head test failed" - lines = 0; -Index: openssh-6.8p1/regress/key-options.sh + fail "ssh cat $DATA failed" +Index: openssh-7.6p1/regress/key-options.sh =================================================================== ---- openssh-6.8p1.orig/regress/key-options.sh -+++ openssh-6.8p1/regress/key-options.sh -@@ -54,7 +54,7 @@ for p in ${SSH_PROTOCOLS}; do +--- openssh-7.6p1.orig/regress/key-options.sh ++++ openssh-7.6p1/regress/key-options.sh +@@ -47,7 +47,7 @@ for f in 127.0.0.1 '127.0.0.0\/8'; do fi sed 's/.*/from="'"$f"'" &/' $origkeys >$authkeys - from=`head -1 $authkeys | cut -f1 -d ' '` + from=`head -n 1 $authkeys | cut -f1 -d ' '` - verbose "key option proto $p $from" - r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost 'echo true'` + verbose "key option $from" + r=`${SSH} -q -F $OBJ/ssh_proxy somehost 'echo true'` if [ "$r" = "true" ]; then diff --git a/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch b/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch index df64a140d3..20036da931 100644 --- a/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch +++ b/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch @@ -8,17 +8,20 @@ type, so that 's - src' in strlcpy and others may trigger signed overflow. In case of compilation by gcc or clang with -ftrapv option, the overflow would lead to program abort. -Upstream-status: Submitted [http://bugzilla.mindrot.org/show_bug.cgi?id=2608] +Upstream-Status: Submitted [http://bugzilla.mindrot.org/show_bug.cgi?id=2608] Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> + +Complete the fix +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> --- - openbsd-compat/strlcat.c | 8 ++++++-- - openbsd-compat/strlcpy.c | 8 ++++++-- - openbsd-compat/strnlen.c | 8 ++++++-- - 3 files changed, 18 insertions(+), 6 deletions(-) + openbsd-compat/strlcat.c | 10 +++++++--- + openbsd-compat/strlcpy.c | 8 ++++++-- + openbsd-compat/strnlen.c | 8 ++++++-- + 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/openbsd-compat/strlcat.c b/openbsd-compat/strlcat.c -index bcc1b61..e758ebf 100644 +index bcc1b61..124e1e3 100644 --- a/openbsd-compat/strlcat.c +++ b/openbsd-compat/strlcat.c @@ -23,6 +23,7 @@ @@ -29,6 +32,15 @@ index bcc1b61..e758ebf 100644 /* * Appends src to string dst of size siz (unlike strncat, siz is the +@@ -42,7 +43,7 @@ strlcat(char *dst, const char *src, size_t siz) + /* Find the end of dst and adjust bytes left but don't go past end */ + while (n-- != 0 && *d != '\0') + d++; +- dlen = d - dst; ++ dlen = (uintptr_t)d - (uintptr_t)dst; + n = siz - dlen; + + if (n == 0) @@ -55,8 +56,11 @@ strlcat(char *dst, const char *src, size_t siz) s++; } @@ -70,7 +82,7 @@ index b4b1b60..b06f374 100644 #endif /* !HAVE_STRLCPY */ diff --git a/openbsd-compat/strnlen.c b/openbsd-compat/strnlen.c -index 93d5155..9b8de5d 100644 +index 7ad3573..7040f1f 100644 --- a/openbsd-compat/strnlen.c +++ b/openbsd-compat/strnlen.c @@ -23,6 +23,7 @@ @@ -95,5 +107,5 @@ index 93d5155..9b8de5d 100644 } #endif -- -1.9.1 +2.17.1 diff --git a/meta/recipes-connectivity/openssh/openssh/init b/meta/recipes-connectivity/openssh/openssh/init index 1f63725cc0..8887e3af13 100644 --- a/meta/recipes-connectivity/openssh/openssh/init +++ b/meta/recipes-connectivity/openssh/openssh/init @@ -19,11 +19,6 @@ fi [ -z "$SYSCONFDIR" ] && SYSCONFDIR=/etc/ssh mkdir -p $SYSCONFDIR -HOST_KEY_RSA=$SYSCONFDIR/ssh_host_rsa_key -HOST_KEY_DSA=$SYSCONFDIR/ssh_host_dsa_key -HOST_KEY_ECDSA=$SYSCONFDIR/ssh_host_ecdsa_key -HOST_KEY_ED25519=$SYSCONFDIR/ssh_host_ed25519_key - check_for_no_start() { # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists if [ -e $SYSCONFDIR/sshd_not_to_be_run ]; then @@ -41,27 +36,7 @@ check_privsep_dir() { } check_config() { - /usr/sbin/sshd -t $SSHD_OPTS || exit 1 -} - -check_keys() { - # create keys if necessary - if [ ! -f $HOST_KEY_RSA ]; then - echo " generating ssh RSA key..." - ssh-keygen -q -f $HOST_KEY_RSA -N '' -t rsa - fi - if [ ! -f $HOST_KEY_ECDSA ]; then - echo " generating ssh ECDSA key..." - ssh-keygen -q -f $HOST_KEY_ECDSA -N '' -t ecdsa - fi - if [ ! -f $HOST_KEY_DSA ]; then - echo " generating ssh DSA key..." - ssh-keygen -q -f $HOST_KEY_DSA -N '' -t dsa - fi - if [ ! -f $HOST_KEY_ED25519 ]; then - echo " generating ssh ED25519 key..." - ssh-keygen -q -f $HOST_KEY_ED25519 -N '' -t ed25519 - fi + /usr/sbin/sshd $SSHD_OPTS -t || exit 1 } export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" @@ -70,30 +45,30 @@ case "$1" in start) check_for_no_start echo "Starting OpenBSD Secure Shell server: sshd" - check_keys + @LIBEXECDIR@/sshd_check_keys check_privsep_dir start-stop-daemon -S -p $PIDFILE -x /usr/sbin/sshd -- $SSHD_OPTS - echo "done." + echo "done." ;; stop) - echo -n "Stopping OpenBSD Secure Shell server: sshd" + echo -n "Stopping OpenBSD Secure Shell server: sshd" start-stop-daemon -K -p $PIDFILE -x /usr/sbin/sshd - echo "." + echo "." ;; reload|force-reload) check_for_no_start - check_keys + @LIBEXECDIR@/sshd_check_keys check_config - echo -n "Reloading OpenBSD Secure Shell server's configuration" + echo -n "Reloading OpenBSD Secure Shell server's configuration" start-stop-daemon -K -p $PIDFILE -s 1 -x /usr/sbin/sshd echo "." ;; restart) - check_keys + @LIBEXECDIR@/sshd_check_keys check_config - echo -n "Restarting OpenBSD Secure Shell server: sshd" + echo -n "Restarting OpenBSD Secure Shell server: sshd" start-stop-daemon -K -p $PIDFILE --oknodo -x /usr/sbin/sshd check_for_no_start check_privsep_dir diff --git a/meta/recipes-connectivity/openssh/openssh/openssh-7.1p1-conditional-compile-des-in-cipher.patch b/meta/recipes-connectivity/openssh/openssh/openssh-7.1p1-conditional-compile-des-in-cipher.patch deleted file mode 100644 index 2773c14e5a..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/openssh-7.1p1-conditional-compile-des-in-cipher.patch +++ /dev/null @@ -1,118 +0,0 @@ -From d7eb26785ad4f25fb09fae46726ab8ca3fe16921 Mon Sep 17 00:00:00 2001 -From: Haiqing Bai <Haiqing.Bai@windriver.com> -Date: Mon, 22 Aug 2016 14:11:16 +0300 -Subject: [PATCH] Remove des in cipher. - -Upstream-Status: Pending - -Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> -Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> ---- - cipher.c | 18 ++++++++++++++++++ - 1 file changed, 18 insertions(+) - -diff --git a/cipher.c b/cipher.c -index 031bda9..6cd667a 100644 ---- a/cipher.c -+++ b/cipher.c -@@ -53,8 +53,10 @@ - - #ifdef WITH_SSH1 - extern const EVP_CIPHER *evp_ssh1_bf(void); -+#ifndef OPENSSL_NO_DES - extern const EVP_CIPHER *evp_ssh1_3des(void); - extern int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); -+#endif /* OPENSSL_NO_DES */ - #endif - - struct sshcipher { -@@ -79,15 +81,19 @@ struct sshcipher { - - static const struct sshcipher ciphers[] = { - #ifdef WITH_SSH1 -+#ifndef OPENSSL_NO_DES - { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, - { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, -+#endif /* OPENSSL_NO_DES */ - # ifndef OPENSSL_NO_BF - { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf }, - # endif /* OPENSSL_NO_BF */ - #endif /* WITH_SSH1 */ - #ifdef WITH_OPENSSL - { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, -+#ifndef OPENSSL_NO_DES - { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, -+#endif /* OPENSSL_NO_DES */ - # ifndef OPENSSL_NO_BF - { "blowfish-cbc", - SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, -@@ -171,8 +177,10 @@ cipher_keylen(const struct sshcipher *c) - u_int - cipher_seclen(const struct sshcipher *c) - { -+#ifndef OPENSSL_NO_DES - if (strcmp("3des-cbc", c->name) == 0) - return 14; -+#endif /* OPENSSL_NO_DES */ - return cipher_keylen(c); - } - -@@ -209,11 +217,13 @@ u_int - cipher_mask_ssh1(int client) - { - u_int mask = 0; -+#ifndef OPENSSL_NO_DES - mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ - mask |= 1 << SSH_CIPHER_BLOWFISH; - if (client) { - mask |= 1 << SSH_CIPHER_DES; - } -+#endif /*OPENSSL_NO_DES*/ - return mask; - } - -@@ -553,7 +563,9 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) - switch (c->number) { - #ifdef WITH_OPENSSL - case SSH_CIPHER_SSH2: -+#ifndef OPENSSL_NO_DES - case SSH_CIPHER_DES: -+#endif /* OPENSSL_NO_DES */ - case SSH_CIPHER_BLOWFISH: - evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); - if (evplen == 0) -@@ -576,8 +588,10 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) - break; - #endif - #ifdef WITH_SSH1 -+#ifndef OPENSSL_NO_DES - case SSH_CIPHER_3DES: - return ssh1_3des_iv(&cc->evp, 0, iv, 24); -+#endif /* OPENSSL_NO_DES */ - #endif - default: - return SSH_ERR_INVALID_ARGUMENT; -@@ -601,7 +615,9 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) - switch (c->number) { - #ifdef WITH_OPENSSL - case SSH_CIPHER_SSH2: -+#ifndef OPENSSL_NO_DES - case SSH_CIPHER_DES: -+#endif /* OPENSSL_NO_DES */ - case SSH_CIPHER_BLOWFISH: - evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); - if (evplen <= 0) -@@ -616,8 +632,10 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) - break; - #endif - #ifdef WITH_SSH1 -+#ifndef OPENSSL_NO_DES - case SSH_CIPHER_3DES: - return ssh1_3des_iv(&cc->evp, 1, (u_char *)iv, 24); -+#endif /* OPENSSL_NO_DES */ - #endif - default: - return SSH_ERR_INVALID_ARGUMENT; --- -2.1.4 - diff --git a/meta/recipes-connectivity/openssh/openssh/openssh-7.1p1-conditional-compile-des-in-pkcs11.patch b/meta/recipes-connectivity/openssh/openssh/openssh-7.1p1-conditional-compile-des-in-pkcs11.patch deleted file mode 100644 index 815af422ff..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/openssh-7.1p1-conditional-compile-des-in-pkcs11.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 04cfd84423f693d879dc3ffebb0f6fe2680c254f Mon Sep 17 00:00:00 2001 -From: Haiqing Bai <Haiqing.Bai@windriver.com> -Date: Fri, 18 Mar 2016 15:59:21 +0800 -Subject: [PATCH 3/3] remove des in pkcs11. - -Upstream-Status: Pending - -Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> - ---- - pkcs11.h | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/pkcs11.h b/pkcs11.h -index b01d58f..98b36e6 100644 ---- a/pkcs11.h -+++ b/pkcs11.h -@@ -342,9 +342,11 @@ typedef unsigned long ck_key_type_t; - #define CKK_GENERIC_SECRET (0x10) - #define CKK_RC2 (0x11) - #define CKK_RC4 (0x12) -+#ifndef OPENSSL_NO_DES - #define CKK_DES (0x13) - #define CKK_DES2 (0x14) - #define CKK_DES3 (0x15) -+#endif /* OPENSSL_NO_DES */ - #define CKK_CAST (0x16) - #define CKK_CAST3 (0x17) - #define CKK_CAST128 (0x18) -@@ -512,6 +514,7 @@ typedef unsigned long ck_mechanism_type_t; - #define CKM_RC2_CBC_PAD (0x105) - #define CKM_RC4_KEY_GEN (0x110) - #define CKM_RC4 (0x111) -+#ifndef OPENSSL_NO_DES - #define CKM_DES_KEY_GEN (0x120) - #define CKM_DES_ECB (0x121) - #define CKM_DES_CBC (0x122) -@@ -525,6 +528,7 @@ typedef unsigned long ck_mechanism_type_t; - #define CKM_DES3_MAC (0x134) - #define CKM_DES3_MAC_GENERAL (0x135) - #define CKM_DES3_CBC_PAD (0x136) -+#endif /* OPENSSL_NO_DES */ - #define CKM_CDMF_KEY_GEN (0x140) - #define CKM_CDMF_ECB (0x141) - #define CKM_CDMF_CBC (0x142) -@@ -610,8 +614,10 @@ typedef unsigned long ck_mechanism_type_t; - #define CKM_MD5_KEY_DERIVATION (0x390) - #define CKM_MD2_KEY_DERIVATION (0x391) - #define CKM_SHA1_KEY_DERIVATION (0x392) -+#ifndef OPENSSL_NO_DES - #define CKM_PBE_MD2_DES_CBC (0x3a0) - #define CKM_PBE_MD5_DES_CBC (0x3a1) -+#endif /* OPENSSL_NO_DES */ - #define CKM_PBE_MD5_CAST_CBC (0x3a2) - #define CKM_PBE_MD5_CAST3_CBC (0x3a3) - #define CKM_PBE_MD5_CAST5_CBC (0x3a4) -@@ -620,8 +626,10 @@ typedef unsigned long ck_mechanism_type_t; - #define CKM_PBE_SHA1_CAST128_CBC (0x3a5) - #define CKM_PBE_SHA1_RC4_128 (0x3a6) - #define CKM_PBE_SHA1_RC4_40 (0x3a7) -+#ifndef OPENSSL_NO_DES - #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8) - #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9) -+#endif /* OPENSSL_NO_DES */ - #define CKM_PBE_SHA1_RC2_128_CBC (0x3aa) - #define CKM_PBE_SHA1_RC2_40_CBC (0x3ab) - #define CKM_PKCS5_PBKD2 (0x3b0) --- -1.9.1 - diff --git a/meta/recipes-connectivity/openssh/openssh/run-ptest b/meta/recipes-connectivity/openssh/openssh/run-ptest index 36a3d2a7b7..daf62cca5b 100755 --- a/meta/recipes-connectivity/openssh/openssh/run-ptest +++ b/meta/recipes-connectivity/openssh/openssh/run-ptest @@ -5,7 +5,7 @@ export TEST_SHELL=sh cd regress sed -i "/\t\tagent-ptrace /d" Makefile make -k .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="sudo" tests \ - | sed -e 's/^skipped/SKIP: /g' -e 's/^ok /PASS: /g' -e 's/^failed/FAIL: /g' + | sed -u -e 's/^skipped/SKIP: /g' -e 's/^ok /PASS: /g' -e 's/^failed/FAIL: /g' SSHAGENT=`which ssh-agent` GDB=`which gdb` diff --git a/meta/recipes-connectivity/openssh/openssh/ssh_config b/meta/recipes-connectivity/openssh/openssh/ssh_config index 9e919156d3..e0d023803e 100644 --- a/meta/recipes-connectivity/openssh/openssh/ssh_config +++ b/meta/recipes-connectivity/openssh/openssh/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.28 2013/09/16 11:35:43 sthen Exp $ +# $OpenBSD: ssh_config,v 1.33 2017/05/07 23:12:57 djm Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -31,14 +31,14 @@ Host * # AddressFamily any # ConnectTimeout 0 # StrictHostKeyChecking ask -# IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa +# IdentityFile ~/.ssh/id_ecdsa +# IdentityFile ~/.ssh/id_ed25519 # Port 22 -# Protocol 2,1 -# Cipher 3des -# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc -# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 +# Protocol 2 +# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc +# MACs hmac-md5,hmac-sha1,umac-64@openssh.com # EscapeChar ~ # Tunnel no # TunnelDevice any:any diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys new file mode 100644 index 0000000000..1931dc7153 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys @@ -0,0 +1,78 @@ +#! /bin/sh + +generate_key() { + local FILE=$1 + local TYPE=$2 + local DIR="$(dirname "$FILE")" + + mkdir -p "$DIR" + ssh-keygen -q -f "${FILE}.tmp" -N '' -t $TYPE + + # Atomically rename file public key + mv -f "${FILE}.tmp.pub" "${FILE}.pub" + + # This sync does double duty: Ensuring that the data in the temporary + # private key file is on disk before the rename, and ensuring that the + # public key rename is completed before the private key rename, since we + # switch on the existence of the private key to trigger key generation. + # This does mean it is possible for the public key to exist, but be garbage + # but this is OK because in that case the private key won't exist and the + # keys will be regenerated. + # + # In the event that sync understands arguments that limit what it tries to + # fsync(), we provided them. If it does not, it will simply call sync() + # which is just as well + sync "${FILE}.pub" "$DIR" "${FILE}.tmp" + + mv "${FILE}.tmp" "$FILE" + + # sync to ensure the atomic rename is committed + sync "$DIR" +} + +# /etc/default/ssh may set SYSCONFDIR and SSHD_OPTS +if test -f /etc/default/ssh; then + . /etc/default/ssh +fi + +[ -z "$SYSCONFDIR" ] && SYSCONFDIR=/etc/ssh +mkdir -p $SYSCONFDIR + +# parse sshd options +set -- ${SSHD_OPTS} -- +sshd_config=/etc/ssh/sshd_config +while true ; do + case "$1" in + -f*) if [ "$1" = "-f" ] ; then + sshd_config="$2" + shift + else + sshd_config="${1#-f}" + fi + shift + ;; + --) shift; break;; + *) shift;; + esac +done + +HOST_KEYS=$(sed -n 's/^[ \t]*HostKey[ \t]\+\(.*\)/\1/p' "${sshd_config}") +[ -z "${HOST_KEYS}" ] && HOST_KEYS="$SYSCONFDIR/ssh_host_rsa_key $SYSCONFDIR/ssh_host_ecdsa_key $SYSCONFDIR/ssh_host_ed25519_key" + +for key in ${HOST_KEYS} ; do + [ -f $key ] && continue + case $key in + *_rsa_key) + echo " generating ssh RSA host key..." + generate_key $key rsa + ;; + *_ecdsa_key) + echo " generating ssh ECDSA host key..." + generate_key $key ecdsa + ;; + *_ed25519_key) + echo " generating ssh ED25519 host key..." + generate_key $key ed25519 + ;; + esac +done diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index d48bd2b98d..15f061b570 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ +# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -7,7 +7,7 @@ # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options change a +# possible, but leave them commented. Uncommented options override the # default value. #Port 22 @@ -15,43 +15,30 @@ #ListenAddress 0.0.0.0 #ListenAddress :: -# The default requires explicit activation of protocol 1 -Protocol 2 - -# HostKey for protocol version 1 -#HostKey /etc/ssh/ssh_host_key -# HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_dsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key -# Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 1h -#ServerKeyBits 1024 - # Ciphers and keying #RekeyLimit default none # Logging -# obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m -#PermitRootLogin yes +#PermitRootLogin prohibit-password #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 -#RSAAuthentication yes #PubkeyAuthentication yes # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 # but this is overridden so installations will only check .ssh/authorized_keys -AuthorizedKeysFile .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys #AuthorizedPrincipalsFile none @@ -59,11 +46,9 @@ AuthorizedKeysFile .ssh/authorized_keys #AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#RhostsRSAAuthentication no -# similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for -# RhostsRSAAuthentication and HostbasedAuthentication +# HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes @@ -72,7 +57,8 @@ AuthorizedKeysFile .ssh/authorized_keys #PasswordAuthentication yes #PermitEmptyPasswords no -# Change to no to disable s/key passwords +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) ChallengeResponseAuthentication no # Kerberos options @@ -107,12 +93,11 @@ ChallengeResponseAuthentication no #PrintLastLog yes #TCPKeepAlive yes #UseLogin no -UsePrivilegeSeparation sandbox # Default for new installations. #PermitUserEnvironment no Compression no ClientAliveInterval 15 ClientAliveCountMax 4 -#UseDNS yes +#UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no diff --git a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service index 148e6ad63a..603c33787f 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service +++ b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service @@ -1,22 +1,8 @@ [Unit] Description=OpenSSH Key Generation RequiresMountsFor=/var /run -ConditionPathExists=!/var/run/ssh/ssh_host_rsa_key -ConditionPathExists=!/var/run/ssh/ssh_host_dsa_key -ConditionPathExists=!/var/run/ssh/ssh_host_ecdsa_key -ConditionPathExists=!/var/run/ssh/ssh_host_ed25519_key -ConditionPathExists=!/etc/ssh/ssh_host_rsa_key -ConditionPathExists=!/etc/ssh/ssh_host_dsa_key -ConditionPathExists=!/etc/ssh/ssh_host_ecdsa_key -ConditionPathExists=!/etc/ssh/ssh_host_ed25519_key [Service] -Environment="SYSCONFDIR=/etc/ssh" -EnvironmentFile=-/etc/default/ssh -ExecStart=@BASE_BINDIR@/mkdir -p $SYSCONFDIR -ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' -t rsa -ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' -t dsa -ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_ecdsa_key -N '' -t ecdsa -ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_ed25519_key -N '' -t ed25519 +ExecStart=@LIBEXECDIR@/sshd_check_keys Type=oneshot RemainAfterExit=yes diff --git a/meta/recipes-connectivity/openssh/openssh_7.3p1.bb b/meta/recipes-connectivity/openssh/openssh_8.1p1.bb index 039b0ffdde..024ebca402 100644 --- a/meta/recipes-connectivity/openssh/openssh_7.3p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.1p1.bb @@ -5,10 +5,10 @@ Ssh (Secure Shell) is a program for logging into a remote machine \ and for executing commands on a remote machine." HOMEPAGE = "http://www.openssh.com/" SECTION = "console/network" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENCE;md5=e326045657e842541d3f35aada442507" +LICENSE = "BSD & ISC & MIT" +LIC_FILES_CHKSUM = "file://LICENCE;md5=18d9e5a8b3dd1790d73502f50426d4d3" -DEPENDS = "zlib openssl" +DEPENDS = "zlib openssl virtual/crypt" DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \ @@ -20,19 +20,17 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://sshd@.service \ file://sshdgenkeys.service \ file://volatiles.99_sshd \ - file://add-test-support-for-busybox.patch \ file://run-ptest \ - file://openssh-7.1p1-conditional-compile-des-in-cipher.patch \ - file://openssh-7.1p1-conditional-compile-des-in-pkcs11.patch \ file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ + file://sshd_check_keys \ + file://add-test-support-for-busybox.patch \ " +SRC_URI[md5sum] = "513694343631a99841e815306806edf0" +SRC_URI[sha256sum] = "02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff" PAM_SRC_URI = "file://sshd" -SRC_URI[md5sum] = "dfadd9f035d38ce5d58a3bf130b86d08" -SRC_URI[sha256sum] = "3ffb989a6dcaa69594c3b550d4855a5a2e1718ccdde7f5e36387b424220fbecc" - -inherit useradd update-rc.d update-alternatives systemd +inherit manpages useradd update-rc.d update-alternatives systemd USERADD_PACKAGES = "${PN}-sshd" USERADD_PARAM_${PN}-sshd = "--system --no-create-home --home-dir /var/run/sshd --shell /bin/false --user-group sshd" @@ -45,19 +43,27 @@ SYSTEMD_SERVICE_${PN}-sshd = "sshd.socket" inherit autotools-brokensep ptest -# LFS support: -CFLAGS += "-D__FILE_OFFSET_BITS=64" +PACKAGECONFIG ??= "" +PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" +PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns" +PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit" +PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat" + +EXTRA_AUTORECONF += "--exclude=aclocal" # login path is hardcoded in sshd EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \ --without-zlib-version-check \ - --with-privsep-path=/var/run/sshd \ + --with-privsep-path=${localstatedir}/run/sshd \ --sysconfdir=${sysconfdir}/ssh \ - --with-xauth=/usr/bin/xauth \ + --with-xauth=${bindir}/xauth \ --disable-strip \ " +# musl doesn't implement wtmp/utmp +EXTRA_OECONF_append_libc-musl = " --disable-wtmp" + # Since we do not depend on libbsd, we do not want configure to use it # just because it finds libutil.h. But, specifying --disable-libutil # causes compile errors, so... @@ -69,34 +75,26 @@ CACHED_CONFIGUREVARS += "ac_cv_path_PATH_PASSWD_PROG=${bindir}/passwd" # We don't want to depend on libblockfile CACHED_CONFIGUREVARS += "ac_cv_header_maillock_h=no" -# This is a workaround for uclibc because including stdio.h -# pulls in pthreads.h and causes conflicts in function prototypes. -# This results in compilation failure, so unless this is fixed, -# disable pam for uclibc. -EXTRA_OECONF_append_libc-uclibc=" --without-pam" - do_configure_prepend () { export LD="${CC}" install -m 0644 ${WORKDIR}/sshd_config ${B}/ install -m 0644 ${WORKDIR}/ssh_config ${B}/ - if [ ! -e acinclude.m4 -a -e aclocal.m4 ]; then - cp aclocal.m4 acinclude.m4 - fi } do_compile_ptest() { # skip regress/unittests/ binaries: this will silently skip # unittests in run-ptests which is good because they are so slow. - oe_runmake regress/modpipe regress/setuid-allowed regress/netcat + oe_runmake regress/modpipe regress/setuid-allowed regress/netcat \ + regress/check-perm regress/mkdtemp } do_install_append () { - if [ "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then install -D -m 0644 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config fi - if [ "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)}" = "x11" ]; then + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" ]; then sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' ${D}${sysconfdir}/ssh/sshd_config fi @@ -113,7 +111,6 @@ do_install_append () { install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly - echo "HostKey /var/run/ssh/ssh_host_dsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly @@ -124,7 +121,13 @@ do_install_append () { sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ -e 's,@SBINDIR@,${sbindir},g' \ -e 's,@BINDIR@,${bindir},g' \ + -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ ${D}${systemd_unitdir}/system/sshd.socket ${D}${systemd_unitdir}/system/*.service + + sed -i -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ + ${D}${sysconfdir}/init.d/sshd + + install -D -m 0755 ${WORKDIR}/sshd_check_keys ${D}${libexecdir}/${BPN}/sshd_check_keys } do_install_ptest () { @@ -139,6 +142,7 @@ FILES_${PN}-scp = "${bindir}/scp.${BPN}" FILES_${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config" FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${systemd_unitdir}/system" FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd" +FILES_${PN}-sshd += "${libexecdir}/${BPN}/sshd_check_keys" FILES_${PN}-sftp = "${bindir}/sftp" FILES_${PN}-sftp-server = "${libexecdir}/sftp-server" FILES_${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" @@ -146,14 +150,15 @@ FILES_${PN}-keygen = "${bindir}/ssh-keygen" RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" RDEPENDS_${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" -RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make" +RRECOMMENDS_${PN}-sshd_append_class-target = " rng-tools" +# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies +RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils" RPROVIDES_${PN}-ssh = "ssh" RPROVIDES_${PN}-sshd = "sshd" RCONFLICTS_${PN} = "dropbear" RCONFLICTS_${PN}-sshd = "dropbear" -RCONFLICTS_${PN}-keygen = "ssh-keygen" CONFFILES_${PN}-sshd = "${sysconfdir}/ssh/sshd_config" CONFFILES_${PN}-ssh = "${sysconfdir}/ssh/ssh_config" @@ -162,3 +167,4 @@ ALTERNATIVE_PRIORITY = "90" ALTERNATIVE_${PN}-scp = "scp" ALTERNATIVE_${PN}-ssh = "ssh" +BBCLASSEXTEND += "nativesdk" diff --git a/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh b/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh new file mode 100644 index 0000000000..b9cc24a7ac --- /dev/null +++ b/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh @@ -0,0 +1 @@ +export OPENSSL_CONF="$OECORE_NATIVE_SYSROOT/usr/lib/ssl/openssl.cnf" diff --git a/meta/recipes-connectivity/openssl/openssl.inc b/meta/recipes-connectivity/openssl/openssl.inc deleted file mode 100644 index f3a2c5abd7..0000000000 --- a/meta/recipes-connectivity/openssl/openssl.inc +++ /dev/null @@ -1,242 +0,0 @@ -SUMMARY = "Secure Socket Layer" -DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." -HOMEPAGE = "http://www.openssl.org/" -BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" -SECTION = "libs/network" - -# "openssl | SSLeay" dual license -LICENSE = "openssl" -LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" - -DEPENDS = "makedepend-native hostperl-runtime-native" -DEPENDS_append_class-target = " openssl-native" - -SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ - " -S = "${WORKDIR}/openssl-${PV}" - -PACKAGECONFIG[perl] = ",,," - -AR_append = " r" -TERMIO_libc-musl = "-DTERMIOS" -TERMIO ?= "-DTERMIO" -# Avoid binaries being marked as requiring an executable stack since it -# doesn't(which causes and this causes issues with SELinux -CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ - ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack" - -export DIRS = "crypto ssl apps" -export EX_LIBS = "-lgcc -ldl" -export AS = "${CC} -c" -EXTRA_OEMAKE = "-e MAKEFLAGS=" - -inherit pkgconfig siteinfo multilib_header ptest - -PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf" -FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" -FILES_libssl = "${libdir}/libssl${SOLIBS}" -FILES_${PN} =+ " ${libdir}/ssl/*" -FILES_${PN}-misc = "${libdir}/ssl/misc" -RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" - -# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto -# package RRECOMMENDS on this package. This will enable the configuration -# file to be installed for both the base openssl package and the libcrypto -# package since the base openssl package depends on the libcrypto package. -FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" -CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" -RRECOMMENDS_libcrypto += "openssl-conf" -RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc" - -# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE -# vulnerability -EXTRA_OECONF = " -no-ssl3" - -do_configure_prepend_darwin () { - sed -i -e '/version-script=openssl\.ld/d' Configure -} - -do_configure () { - cd util - perl perlpath.pl ${STAGING_BINDIR_NATIVE} - cd .. - ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ - - os=${HOST_OS} - case $os in - linux-uclibc |\ - linux-uclibceabi |\ - linux-gnueabi |\ - linux-uclibcspe |\ - linux-gnuspe |\ - linux-musl*) - os=linux - ;; - *) - ;; - esac - target="$os-${HOST_ARCH}" - case $target in - linux-arm) - target=linux-armv4 - ;; - linux-armeb) - target=linux-elf-armeb - ;; - linux-aarch64*) - target=linux-generic64 - ;; - linux-sh3) - target=debian-sh3 - ;; - linux-sh4) - target=debian-sh4 - ;; - linux-i486) - target=debian-i386-i486 - ;; - linux-i586 | linux-viac3) - target=debian-i386-i586 - ;; - linux-i686) - target=debian-i386-i686/cmov - ;; - linux-gnux32-x86_64) - target=linux-x32 - ;; - linux-gnu64-x86_64) - target=linux-x86_64 - ;; - linux-mips) - target=debian-mips - ;; - linux-mipsel) - target=debian-mipsel - ;; - linux-*-mips64 | linux-mips64) - target=debian-mips64 - ;; - linux-*-mips64el | linux-mips64el) - target=debian-mips64el - ;; - linux-microblaze*|linux-nios2*) - target=linux-generic32 - ;; - linux-powerpc) - target=linux-ppc - ;; - linux-powerpc64) - target=linux-ppc64 - ;; - linux-supersparc) - target=linux-sparcv8 - ;; - linux-sparc) - target=linux-sparcv8 - ;; - darwin-i386) - target=darwin-i386-cc - ;; - esac - # inject machine-specific flags - sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure - useprefix=${prefix} - if [ "x$useprefix" = "x" ]; then - useprefix=/ - fi - perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target -} - -do_compile_prepend_class-target () { - sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile -} - -do_compile () { - oe_runmake depend - oe_runmake -} - -do_compile_ptest () { - # build dependencies for test directory too - export DIRS="$DIRS test" - oe_runmake depend - oe_runmake buildtest -} - -do_install () { - # Create ${D}/${prefix} to fix parallel issues - mkdir -p ${D}/${prefix}/ - - oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install - - oe_libinstall -so libcrypto ${D}${libdir} - oe_libinstall -so libssl ${D}${libdir} - - install -d ${D}${includedir} - cp --dereference -R include/openssl ${D}${includedir} - - install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash - sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash - - oe_multilib_header openssl/opensslconf.h - if [ "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then - sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl - sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget - else - rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget - fi - - # Create SSL structure - install -d ${D}${sysconfdir}/ssl/ - mv ${D}${libdir}/ssl/openssl.cnf \ - ${D}${libdir}/ssl/certs \ - ${D}${libdir}/ssl/private \ - \ - ${D}${sysconfdir}/ssl/ - ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs - ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private - ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf -} - -do_install_ptest () { - cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH} - cp Configure config e_os.h ${D}${PTEST_PATH} - cp -r -L include ${D}${PTEST_PATH} - ln -sf ${libdir}/libcrypto.a ${D}${PTEST_PATH} - ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH} - mkdir -p ${D}${PTEST_PATH}/crypto - cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto - cp -r certs ${D}${PTEST_PATH} - mkdir -p ${D}${PTEST_PATH}/apps - ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps - ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps - ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps - cp apps/server.pem ${D}${PTEST_PATH}/apps - cp apps/server2.pem ${D}${PTEST_PATH}/apps - mkdir -p ${D}${PTEST_PATH}/util - install util/opensslwrap.sh ${D}${PTEST_PATH}/util - install util/shlib_wrap.sh ${D}${PTEST_PATH}/util - # Time stamps are relevant for "make alltests", otherwise - # make may try to recompile binaries. Not only must the - # binary files be newer than the sources, they also must - # be more recent than the header files in /usr/include. - # - # Using "cp -a" is not sufficient, because do_install - # does not preserve the original time stamps. - # - # So instead of using the original file stamps, we set - # the current time for all files. Binaries will get - # modified again later when stripping them, but that's okay. - touch ${D}${PTEST_PATH} - find ${D}${PTEST_PATH} -type f -print0 | xargs --verbose -0 touch -r ${D}${PTEST_PATH} -} - -do_install_append_class-native() { - create_wrapper ${D}${bindir}/openssl \ - OPENSSL_CONF=${libdir}/ssl/openssl.cnf \ - SSL_CERT_DIR=${libdir}/ssl/certs \ - SSL_CERT_FILE=${libdir}/ssl/cert.pem \ - OPENSSL_ENGINES=${libdir}/ssl/engines -} - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch b/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch new file mode 100644 index 0000000000..949c788344 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch @@ -0,0 +1,76 @@ +From 3e1d00481093e10775eaf69d619c45b32a4aa7dc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Martin=20Hundeb=C3=B8ll?= <martin@geanix.com> +Date: Tue, 6 Nov 2018 14:50:47 +0100 +Subject: [PATCH] buildinfo: strip sysroot and debug-prefix-map from compiler + info +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The openssl build system generates buildinf.h containing the full +compiler command line used to compile objects. This breaks +reproducibility, as the compile command is baked into libcrypto, where +it is used when running `openssl version -f`. + +Add stripped build variables for the compiler and cflags lines, and use +those when generating buildinfo.h. + +This is based on a similar patch for older openssl versions: +https://patchwork.openembedded.org/patch/147229/ + +Upstream-Status: Inappropriate [OE specific] +Signed-off-by: Martin Hundebøll <martin@geanix.com> + + +Update to fix buildpaths qa issue for '-fmacro-prefix-map'. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- + Configurations/unix-Makefile.tmpl | 10 +++++++++- + crypto/build.info | 2 +- + 2 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl +index 16af4d2087..54c162784c 100644 +--- a/Configurations/unix-Makefile.tmpl ++++ b/Configurations/unix-Makefile.tmpl +@@ -317,13 +317,22 @@ BIN_LDFLAGS={- join(' ', $target{bin_lflags} || (), + '$(CNF_LDFLAGS)', '$(LDFLAGS)') -} + BIN_EX_LIBS=$(CNF_EX_LIBS) $(EX_LIBS) + +-# CPPFLAGS_Q is used for one thing only: to build up buildinf.h ++# *_Q variables are used for one thing only: to build up buildinf.h + CPPFLAGS_Q={- $cppflags1 =~ s|([\\"])|\\$1|g; + $cppflags2 =~ s|([\\"])|\\$1|g; + $lib_cppflags =~ s|([\\"])|\\$1|g; + join(' ', $lib_cppflags || (), $cppflags2 || (), + $cppflags1 || ()) -} + ++CFLAGS_Q={- for (@{$config{CFLAGS}}) { ++ s|-fdebug-prefix-map=[^ ]+|-fdebug-prefix-map=|g; ++ s|-fmacro-prefix-map=[^ ]+|-fmacro-prefix-map=|g; ++ } ++ join(' ', @{$config{CFLAGS}}) -} ++ ++CC_Q={- $config{CC} =~ s|--sysroot=[^ ]+|--sysroot=recipe-sysroot|g; ++ join(' ', $config{CC}) -} ++ + PERLASM_SCHEME= {- $target{perlasm_scheme} -} + + # For x86 assembler: Set PROCESSOR to 386 if you want to support +diff --git a/crypto/build.info b/crypto/build.info +index b515b7318e..8c9cee2a09 100644 +--- a/crypto/build.info ++++ b/crypto/build.info +@@ -10,7 +10,7 @@ EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ + ppccpuid.pl pariscid.pl alphacpuid.pl arm64cpuid.pl armv4cpuid.pl + + DEPEND[cversion.o]=buildinf.h +-GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)" ++GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC_Q) $(CFLAGS_Q) $(CPPFLAGS_Q)" "$(PLATFORM)" + DEPEND[buildinf.h]=../configdata.pm + + GENERATE[uplink-x86.s]=../ms/uplink-x86.pl $(PERLASM_SCHEME) +-- +2.19.1 + diff --git a/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch b/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch new file mode 100644 index 0000000000..d8d9651b64 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch @@ -0,0 +1,46 @@ +From a9401b2289656c5a36dd1b0ecebf0d23e291ce70 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Tue, 2 Oct 2018 23:58:24 +0800 +Subject: [PATCH] skip test_symbol_presence + +We cannot skip `01-test_symbol_presence.t' by configuring option `no-shared' +as INSTALL told us the shared libraries will not be built. + +[INSTALL snip] + Notes on shared libraries + ------------------------- + + For most systems the OpenSSL Configure script knows what is needed to + build shared libraries for libcrypto and libssl. On these systems + the shared libraries will be created by default. This can be suppressed and + only static libraries created by using the "no-shared" option. On systems + where OpenSSL does not know how to build shared libraries the "no-shared" + option will be forced and only static libraries will be created. +[INSTALL snip] + +Hence directly modification the case to skip it. + +Upstream-Status: Inappropriate [OE Specific] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + test/recipes/01-test_symbol_presence.t | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t +index 7f2a2d7..0b93745 100644 +--- a/test/recipes/01-test_symbol_presence.t ++++ b/test/recipes/01-test_symbol_presence.t +@@ -14,8 +14,7 @@ use OpenSSL::Test::Utils; + + setup("test_symbol_presence"); + +-plan skip_all => "Only useful when building shared libraries" +- if disabled("shared"); ++plan skip_all => "The case needs debug symbols then we just disable it"; + + my @libnames = ("crypto", "ssl"); + my $testcount = scalar @libnames; +-- +2.7.4 + diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2019-1551.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2019-1551.patch new file mode 100644 index 0000000000..0cc19cb5f4 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2019-1551.patch @@ -0,0 +1,758 @@ +From 419102400a2811582a7a3d4a4e317d72e5ce0a8f Mon Sep 17 00:00:00 2001 +From: Andy Polyakov <appro@openssl.org> +Date: Wed, 4 Dec 2019 12:48:21 +0100 +Subject: [PATCH] Fix an overflow bug in rsaz_512_sqr + +There is an overflow bug in the x64_64 Montgomery squaring procedure used in +exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis +suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a +result of this defect would be very difficult to perform and are not believed +likely. Attacks against DH512 are considered just feasible. However, for an +attack the target would have to re-use the DH512 private key, which is not +recommended anyway. Also applications directly using the low level API +BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. + +CVE-2019-1551 + +Reviewed-by: Paul Dale <paul.dale@oracle.com> +Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> +(Merged from https://github.com/openssl/openssl/pull/10575) + +CVE: CVE-2019-1551 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + crypto/bn/asm/rsaz-x86_64.pl | 381 ++++++++++++++++++----------------- + 1 file changed, 197 insertions(+), 184 deletions(-) + +diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl +index b1797b649f0..7534d5cd03e 100755 +--- a/crypto/bn/asm/rsaz-x86_64.pl ++++ b/crypto/bn/asm/rsaz-x86_64.pl +@@ -116,7 +116,7 @@ + subq \$128+24, %rsp + .cfi_adjust_cfa_offset 128+24 + .Lsqr_body: +- movq $mod, %rbp # common argument ++ movq $mod, %xmm1 # common off-load + movq ($inp), %rdx + movq 8($inp), %rax + movq $n0, 128(%rsp) +@@ -134,7 +134,8 @@ + .Loop_sqr: + movl $times,128+8(%rsp) + #first iteration +- movq %rdx, %rbx ++ movq %rdx, %rbx # 0($inp) ++ mov %rax, %rbp # 8($inp) + mulq %rdx + movq %rax, %r8 + movq 16($inp), %rax +@@ -173,31 +174,29 @@ + mulq %rbx + addq %rax, %r14 + movq %rbx, %rax +- movq %rdx, %r15 +- adcq \$0, %r15 ++ adcq \$0, %rdx + +- addq %r8, %r8 #shlq \$1, %r8 +- movq %r9, %rcx +- adcq %r9, %r9 #shld \$1, %r8, %r9 ++ xorq %rcx,%rcx # rcx:r8 = r8 << 1 ++ addq %r8, %r8 ++ movq %rdx, %r15 ++ adcq \$0, %rcx + + mulq %rax +- movq %rax, (%rsp) +- addq %rdx, %r8 +- adcq \$0, %r9 ++ addq %r8, %rdx ++ adcq \$0, %rcx + +- movq %r8, 8(%rsp) +- shrq \$63, %rcx ++ movq %rax, (%rsp) ++ movq %rdx, 8(%rsp) + + #second iteration +- movq 8($inp), %r8 + movq 16($inp), %rax +- mulq %r8 ++ mulq %rbp + addq %rax, %r10 + movq 24($inp), %rax + movq %rdx, %rbx + adcq \$0, %rbx + +- mulq %r8 ++ mulq %rbp + addq %rax, %r11 + movq 32($inp), %rax + adcq \$0, %rdx +@@ -205,7 +204,7 @@ + movq %rdx, %rbx + adcq \$0, %rbx + +- mulq %r8 ++ mulq %rbp + addq %rax, %r12 + movq 40($inp), %rax + adcq \$0, %rdx +@@ -213,7 +212,7 @@ + movq %rdx, %rbx + adcq \$0, %rbx + +- mulq %r8 ++ mulq %rbp + addq %rax, %r13 + movq 48($inp), %rax + adcq \$0, %rdx +@@ -221,7 +220,7 @@ + movq %rdx, %rbx + adcq \$0, %rbx + +- mulq %r8 ++ mulq %rbp + addq %rax, %r14 + movq 56($inp), %rax + adcq \$0, %rdx +@@ -229,39 +228,39 @@ + movq %rdx, %rbx + adcq \$0, %rbx + +- mulq %r8 ++ mulq %rbp + addq %rax, %r15 +- movq %r8, %rax ++ movq %rbp, %rax + adcq \$0, %rdx + addq %rbx, %r15 +- movq %rdx, %r8 +- movq %r10, %rdx +- adcq \$0, %r8 ++ adcq \$0, %rdx + +- add %rdx, %rdx +- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10 +- movq %r11, %rbx +- adcq %r11, %r11 #shld \$1, %r10, %r11 ++ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1 ++ addq %r9, %r9 ++ movq %rdx, %r8 ++ adcq %r10, %r10 ++ adcq \$0, %rbx + + mulq %rax ++ addq %rcx, %rax ++ movq 16($inp), %rbp ++ adcq \$0, %rdx + addq %rax, %r9 ++ movq 24($inp), %rax + adcq %rdx, %r10 +- adcq \$0, %r11 ++ adcq \$0, %rbx + + movq %r9, 16(%rsp) + movq %r10, 24(%rsp) +- shrq \$63, %rbx + + #third iteration +- movq 16($inp), %r9 +- movq 24($inp), %rax +- mulq %r9 ++ mulq %rbp + addq %rax, %r12 + movq 32($inp), %rax + movq %rdx, %rcx + adcq \$0, %rcx + +- mulq %r9 ++ mulq %rbp + addq %rax, %r13 + movq 40($inp), %rax + adcq \$0, %rdx +@@ -269,7 +268,7 @@ + movq %rdx, %rcx + adcq \$0, %rcx + +- mulq %r9 ++ mulq %rbp + addq %rax, %r14 + movq 48($inp), %rax + adcq \$0, %rdx +@@ -277,9 +276,7 @@ + movq %rdx, %rcx + adcq \$0, %rcx + +- mulq %r9 +- movq %r12, %r10 +- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12 ++ mulq %rbp + addq %rax, %r15 + movq 56($inp), %rax + adcq \$0, %rdx +@@ -287,36 +284,40 @@ + movq %rdx, %rcx + adcq \$0, %rcx + +- mulq %r9 +- shrq \$63, %r10 ++ mulq %rbp + addq %rax, %r8 +- movq %r9, %rax ++ movq %rbp, %rax + adcq \$0, %rdx + addq %rcx, %r8 +- movq %rdx, %r9 +- adcq \$0, %r9 ++ adcq \$0, %rdx + +- movq %r13, %rcx +- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13 ++ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1 ++ addq %r11, %r11 ++ movq %rdx, %r9 ++ adcq %r12, %r12 ++ adcq \$0, %rcx + + mulq %rax ++ addq %rbx, %rax ++ movq 24($inp), %r10 ++ adcq \$0, %rdx + addq %rax, %r11 ++ movq 32($inp), %rax + adcq %rdx, %r12 +- adcq \$0, %r13 ++ adcq \$0, %rcx + + movq %r11, 32(%rsp) + movq %r12, 40(%rsp) +- shrq \$63, %rcx + + #fourth iteration +- movq 24($inp), %r10 +- movq 32($inp), %rax ++ mov %rax, %r11 # 32($inp) + mulq %r10 + addq %rax, %r14 + movq 40($inp), %rax + movq %rdx, %rbx + adcq \$0, %rbx + ++ mov %rax, %r12 # 40($inp) + mulq %r10 + addq %rax, %r15 + movq 48($inp), %rax +@@ -325,9 +326,8 @@ + movq %rdx, %rbx + adcq \$0, %rbx + ++ mov %rax, %rbp # 48($inp) + mulq %r10 +- movq %r14, %r12 +- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14 + addq %rax, %r8 + movq 56($inp), %rax + adcq \$0, %rdx +@@ -336,32 +336,33 @@ + adcq \$0, %rbx + + mulq %r10 +- shrq \$63, %r12 + addq %rax, %r9 + movq %r10, %rax + adcq \$0, %rdx + addq %rbx, %r9 +- movq %rdx, %r10 +- adcq \$0, %r10 ++ adcq \$0, %rdx + +- movq %r15, %rbx +- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15 ++ xorq %rbx, %rbx # rbx:r13:r14 = r13:r14 << 1 ++ addq %r13, %r13 ++ movq %rdx, %r10 ++ adcq %r14, %r14 ++ adcq \$0, %rbx + + mulq %rax ++ addq %rcx, %rax ++ adcq \$0, %rdx + addq %rax, %r13 ++ movq %r12, %rax # 40($inp) + adcq %rdx, %r14 +- adcq \$0, %r15 ++ adcq \$0, %rbx + + movq %r13, 48(%rsp) + movq %r14, 56(%rsp) +- shrq \$63, %rbx + + #fifth iteration +- movq 32($inp), %r11 +- movq 40($inp), %rax + mulq %r11 + addq %rax, %r8 +- movq 48($inp), %rax ++ movq %rbp, %rax # 48($inp) + movq %rdx, %rcx + adcq \$0, %rcx + +@@ -369,97 +370,99 @@ + addq %rax, %r9 + movq 56($inp), %rax + adcq \$0, %rdx +- movq %r8, %r12 +- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8 + addq %rcx, %r9 + movq %rdx, %rcx + adcq \$0, %rcx + ++ mov %rax, %r14 # 56($inp) + mulq %r11 +- shrq \$63, %r12 + addq %rax, %r10 + movq %r11, %rax + adcq \$0, %rdx + addq %rcx, %r10 +- movq %rdx, %r11 +- adcq \$0, %r11 ++ adcq \$0, %rdx + +- movq %r9, %rcx +- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9 ++ xorq %rcx, %rcx # rcx:r8:r15 = r8:r15 << 1 ++ addq %r15, %r15 ++ movq %rdx, %r11 ++ adcq %r8, %r8 ++ adcq \$0, %rcx + + mulq %rax ++ addq %rbx, %rax ++ adcq \$0, %rdx + addq %rax, %r15 ++ movq %rbp, %rax # 48($inp) + adcq %rdx, %r8 +- adcq \$0, %r9 ++ adcq \$0, %rcx + + movq %r15, 64(%rsp) + movq %r8, 72(%rsp) +- shrq \$63, %rcx + + #sixth iteration +- movq 40($inp), %r12 +- movq 48($inp), %rax + mulq %r12 + addq %rax, %r10 +- movq 56($inp), %rax ++ movq %r14, %rax # 56($inp) + movq %rdx, %rbx + adcq \$0, %rbx + + mulq %r12 + addq %rax, %r11 + movq %r12, %rax +- movq %r10, %r15 +- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10 + adcq \$0, %rdx +- shrq \$63, %r15 + addq %rbx, %r11 +- movq %rdx, %r12 +- adcq \$0, %r12 ++ adcq \$0, %rdx + +- movq %r11, %rbx +- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11 ++ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1 ++ addq %r9, %r9 ++ movq %rdx, %r12 ++ adcq %r10, %r10 ++ adcq \$0, %rbx + + mulq %rax ++ addq %rcx, %rax ++ adcq \$0, %rdx + addq %rax, %r9 ++ movq %r14, %rax # 56($inp) + adcq %rdx, %r10 +- adcq \$0, %r11 ++ adcq \$0, %rbx + + movq %r9, 80(%rsp) + movq %r10, 88(%rsp) + + #seventh iteration +- movq 48($inp), %r13 +- movq 56($inp), %rax +- mulq %r13 ++ mulq %rbp + addq %rax, %r12 +- movq %r13, %rax +- movq %rdx, %r13 +- adcq \$0, %r13 ++ movq %rbp, %rax ++ adcq \$0, %rdx + +- xorq %r14, %r14 +- shlq \$1, %rbx +- adcq %r12, %r12 #shld \$1, %rbx, %r12 +- adcq %r13, %r13 #shld \$1, %r12, %r13 +- adcq %r14, %r14 #shld \$1, %r13, %r14 ++ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1 ++ addq %r11, %r11 ++ movq %rdx, %r13 ++ adcq %r12, %r12 ++ adcq \$0, %rcx + + mulq %rax ++ addq %rbx, %rax ++ adcq \$0, %rdx + addq %rax, %r11 ++ movq %r14, %rax # 56($inp) + adcq %rdx, %r12 +- adcq \$0, %r13 ++ adcq \$0, %rcx + + movq %r11, 96(%rsp) + movq %r12, 104(%rsp) + + #eighth iteration +- movq 56($inp), %rax ++ xorq %rbx, %rbx # rbx:r13 = r13 << 1 ++ addq %r13, %r13 ++ adcq \$0, %rbx ++ + mulq %rax +- addq %rax, %r13 ++ addq %rcx, %rax + adcq \$0, %rdx +- +- addq %rdx, %r14 +- +- movq %r13, 112(%rsp) +- movq %r14, 120(%rsp) ++ addq %r13, %rax ++ adcq %rbx, %rdx + + movq (%rsp), %r8 + movq 8(%rsp), %r9 +@@ -469,6 +472,10 @@ + movq 40(%rsp), %r13 + movq 48(%rsp), %r14 + movq 56(%rsp), %r15 ++ movq %xmm1, %rbp ++ ++ movq %rax, 112(%rsp) ++ movq %rdx, 120(%rsp) + + call __rsaz_512_reduce + +@@ -500,9 +507,9 @@ + .Loop_sqrx: + movl $times,128+8(%rsp) + movq $out, %xmm0 # off-load +- movq %rbp, %xmm1 # off-load + #first iteration + mulx %rax, %r8, %r9 ++ mov %rax, %rbx + + mulx 16($inp), %rcx, %r10 + xor %rbp, %rbp # cf=0, of=0 +@@ -510,40 +517,39 @@ + mulx 24($inp), %rax, %r11 + adcx %rcx, %r9 + +- mulx 32($inp), %rcx, %r12 ++ .byte 0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($inp), %rcx, %r12 + adcx %rax, %r10 + +- mulx 40($inp), %rax, %r13 ++ .byte 0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00 # mulx 40($inp), %rax, %r13 + adcx %rcx, %r11 + +- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14 ++ mulx 48($inp), %rcx, %r14 + adcx %rax, %r12 + adcx %rcx, %r13 + +- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15 ++ mulx 56($inp), %rax, %r15 + adcx %rax, %r14 + adcx %rbp, %r15 # %rbp is 0 + +- mov %r9, %rcx +- shld \$1, %r8, %r9 +- shl \$1, %r8 +- +- xor %ebp, %ebp +- mulx %rdx, %rax, %rdx +- adcx %rdx, %r8 +- mov 8($inp), %rdx +- adcx %rbp, %r9 ++ mulx %rdx, %rax, $out ++ mov %rbx, %rdx # 8($inp) ++ xor %rcx, %rcx ++ adox %r8, %r8 ++ adcx $out, %r8 ++ adox %rbp, %rcx ++ adcx %rbp, %rcx + + mov %rax, (%rsp) + mov %r8, 8(%rsp) + + #second iteration +- mulx 16($inp), %rax, %rbx ++ .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00 # mulx 16($inp), %rax, %rbx + adox %rax, %r10 + adcx %rbx, %r11 + +- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8 ++ mulx 24($inp), $out, %r8 + adox $out, %r11 ++ .byte 0x66 + adcx %r8, %r12 + + mulx 32($inp), %rax, %rbx +@@ -561,24 +567,25 @@ + .byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8 + adox $out, %r15 + adcx %rbp, %r8 ++ mulx %rdx, %rax, $out + adox %rbp, %r8 ++ .byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx + +- mov %r11, %rbx +- shld \$1, %r10, %r11 +- shld \$1, %rcx, %r10 +- +- xor %ebp,%ebp +- mulx %rdx, %rax, %rcx +- mov 16($inp), %rdx ++ xor %rbx, %rbx ++ adcx %rcx, %rax ++ adox %r9, %r9 ++ adcx %rbp, $out ++ adox %r10, %r10 + adcx %rax, %r9 +- adcx %rcx, %r10 +- adcx %rbp, %r11 ++ adox %rbp, %rbx ++ adcx $out, %r10 ++ adcx %rbp, %rbx + + mov %r9, 16(%rsp) + .byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp) + + #third iteration +- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9 ++ mulx 24($inp), $out, %r9 + adox $out, %r12 + adcx %r9, %r13 + +@@ -586,7 +593,7 @@ + adox %rax, %r13 + adcx %rcx, %r14 + +- mulx 40($inp), $out, %r9 ++ .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r9 + adox $out, %r14 + adcx %r9, %r15 + +@@ -594,27 +601,28 @@ + adox %rax, %r15 + adcx %rcx, %r8 + +- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9 ++ mulx 56($inp), $out, %r9 + adox $out, %r8 + adcx %rbp, %r9 ++ mulx %rdx, %rax, $out + adox %rbp, %r9 ++ mov 24($inp), %rdx + +- mov %r13, %rcx +- shld \$1, %r12, %r13 +- shld \$1, %rbx, %r12 +- +- xor %ebp, %ebp +- mulx %rdx, %rax, %rdx ++ xor %rcx, %rcx ++ adcx %rbx, %rax ++ adox %r11, %r11 ++ adcx %rbp, $out ++ adox %r12, %r12 + adcx %rax, %r11 +- adcx %rdx, %r12 +- mov 24($inp), %rdx +- adcx %rbp, %r13 ++ adox %rbp, %rcx ++ adcx $out, %r12 ++ adcx %rbp, %rcx + + mov %r11, 32(%rsp) +- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp) ++ mov %r12, 40(%rsp) + + #fourth iteration +- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx ++ mulx 32($inp), %rax, %rbx + adox %rax, %r14 + adcx %rbx, %r15 + +@@ -629,25 +637,25 @@ + mulx 56($inp), $out, %r10 + adox $out, %r9 + adcx %rbp, %r10 ++ mulx %rdx, %rax, $out + adox %rbp, %r10 ++ mov 32($inp), %rdx + +- .byte 0x66 +- mov %r15, %rbx +- shld \$1, %r14, %r15 +- shld \$1, %rcx, %r14 +- +- xor %ebp, %ebp +- mulx %rdx, %rax, %rdx ++ xor %rbx, %rbx ++ adcx %rcx, %rax ++ adox %r13, %r13 ++ adcx %rbp, $out ++ adox %r14, %r14 + adcx %rax, %r13 +- adcx %rdx, %r14 +- mov 32($inp), %rdx +- adcx %rbp, %r15 ++ adox %rbp, %rbx ++ adcx $out, %r14 ++ adcx %rbp, %rbx + + mov %r13, 48(%rsp) + mov %r14, 56(%rsp) + + #fifth iteration +- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11 ++ mulx 40($inp), $out, %r11 + adox $out, %r8 + adcx %r11, %r9 + +@@ -658,18 +666,19 @@ + mulx 56($inp), $out, %r11 + adox $out, %r10 + adcx %rbp, %r11 ++ mulx %rdx, %rax, $out ++ mov 40($inp), %rdx + adox %rbp, %r11 + +- mov %r9, %rcx +- shld \$1, %r8, %r9 +- shld \$1, %rbx, %r8 +- +- xor %ebp, %ebp +- mulx %rdx, %rax, %rdx ++ xor %rcx, %rcx ++ adcx %rbx, %rax ++ adox %r15, %r15 ++ adcx %rbp, $out ++ adox %r8, %r8 + adcx %rax, %r15 +- adcx %rdx, %r8 +- mov 40($inp), %rdx +- adcx %rbp, %r9 ++ adox %rbp, %rcx ++ adcx $out, %r8 ++ adcx %rbp, %rcx + + mov %r15, 64(%rsp) + mov %r8, 72(%rsp) +@@ -682,18 +691,19 @@ + .byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12 + adox $out, %r11 + adcx %rbp, %r12 ++ mulx %rdx, %rax, $out + adox %rbp, %r12 ++ mov 48($inp), %rdx + +- mov %r11, %rbx +- shld \$1, %r10, %r11 +- shld \$1, %rcx, %r10 +- +- xor %ebp, %ebp +- mulx %rdx, %rax, %rdx ++ xor %rbx, %rbx ++ adcx %rcx, %rax ++ adox %r9, %r9 ++ adcx %rbp, $out ++ adox %r10, %r10 + adcx %rax, %r9 +- adcx %rdx, %r10 +- mov 48($inp), %rdx +- adcx %rbp, %r11 ++ adcx $out, %r10 ++ adox %rbp, %rbx ++ adcx %rbp, %rbx + + mov %r9, 80(%rsp) + mov %r10, 88(%rsp) +@@ -703,31 +713,31 @@ + adox %rax, %r12 + adox %rbp, %r13 + +- xor %r14, %r14 +- shld \$1, %r13, %r14 +- shld \$1, %r12, %r13 +- shld \$1, %rbx, %r12 +- +- xor %ebp, %ebp +- mulx %rdx, %rax, %rdx +- adcx %rax, %r11 +- adcx %rdx, %r12 ++ mulx %rdx, %rax, $out ++ xor %rcx, %rcx + mov 56($inp), %rdx +- adcx %rbp, %r13 ++ adcx %rbx, %rax ++ adox %r11, %r11 ++ adcx %rbp, $out ++ adox %r12, %r12 ++ adcx %rax, %r11 ++ adox %rbp, %rcx ++ adcx $out, %r12 ++ adcx %rbp, %rcx + + .byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp) + .byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp) + + #eighth iteration + mulx %rdx, %rax, %rdx +- adox %rax, %r13 +- adox %rbp, %rdx ++ xor %rbx, %rbx ++ adcx %rcx, %rax ++ adox %r13, %r13 ++ adcx %rbp, %rdx ++ adox %rbp, %rbx ++ adcx %r13, %rax ++ adcx %rdx, %rbx + +- .byte 0x66 +- add %rdx, %r14 +- +- movq %r13, 112(%rsp) +- movq %r14, 120(%rsp) + movq %xmm0, $out + movq %xmm1, %rbp + +@@ -741,6 +751,9 @@ + movq 48(%rsp), %r14 + movq 56(%rsp), %r15 + ++ movq %rax, 112(%rsp) ++ movq %rbx, 120(%rsp) ++ + call __rsaz_512_reducex + + addq 64(%rsp), %r8 diff --git a/meta/recipes-connectivity/openssl/openssl/Makefiles-ptest.patch b/meta/recipes-connectivity/openssl/openssl/Makefiles-ptest.patch deleted file mode 100644 index 249446a5bd..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/Makefiles-ptest.patch +++ /dev/null @@ -1,77 +0,0 @@ -Add 'buildtest' and 'runtest' targets to Makefile, to build and run tests -cross-compiled. - -Signed-off-by: Anders Roxell <anders.roxell@enea.com> -Signed-off-by: Maxin B. John <maxin.john@enea.com> -Upstream-Status: Pending ---- -Index: openssl-1.0.2/Makefile.org -=================================================================== ---- openssl-1.0.2.orig/Makefile.org -+++ openssl-1.0.2/Makefile.org -@@ -451,8 +451,16 @@ rehash.time: certs apps - test: tests - - tests: rehash -+ $(MAKE) buildtest -+ $(MAKE) runtest -+ -+buildtest: -+ @(cd test && \ -+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf exe apps); -+ -+runtest: - @(cd test && echo "testing..." && \ -- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests ); -+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf alltests ); - OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a - - report: -Index: openssl-1.0.2/test/Makefile -=================================================================== ---- openssl-1.0.2.orig/test/Makefile -+++ openssl-1.0.2/test/Makefile -@@ -137,7 +137,7 @@ tests: exe apps $(TESTS) - apps: - @(cd ..; $(MAKE) DIRS=apps all) - --alltests: \ -+all-tests= \ - test_des test_idea test_sha test_md4 test_md5 test_hmac \ - test_md2 test_mdc2 test_wp \ - test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \ -@@ -148,6 +148,11 @@ alltests: \ - test_jpake test_srp test_cms test_ocsp test_v3name test_heartbeat \ - test_constant_time - -+alltests: -+ @(for i in $(all-tests); do \ -+ ( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \ -+ done) -+ - test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt - ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt - -@@ -213,7 +218,7 @@ test_x509: ../apps/openssl$(EXE_EXT) tx5 - echo test second x509v3 certificate - sh ./tx509 v3-cert2.pem 2>/dev/null - --test_rsa: $(RSATEST)$(EXE_EXT) ../apps/openssl$(EXE_EXT) trsa testrsa.pem -+test_rsa: ../apps/openssl$(EXE_EXT) trsa testrsa.pem - @sh ./trsa 2>/dev/null - ../util/shlib_wrap.sh ./$(RSATEST) - -@@ -313,11 +318,11 @@ test_tsa: ../apps/openssl$(EXE_EXT) test - sh ./testtsa; \ - fi - --test_ige: $(IGETEST)$(EXE_EXT) -+test_ige: - @echo "Test IGE mode" - ../util/shlib_wrap.sh ./$(IGETEST) - --test_jpake: $(JPAKETEST)$(EXE_EXT) -+test_jpake: - @echo "Test JPAKE" - ../util/shlib_wrap.sh ./$(JPAKETEST) - diff --git a/meta/recipes-connectivity/openssl/openssl/afalg.patch b/meta/recipes-connectivity/openssl/openssl/afalg.patch new file mode 100644 index 0000000000..b7c0e9697f --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/afalg.patch @@ -0,0 +1,31 @@ +Don't refuse to build afalgeng if cross-compiling or the host kernel is too old. + +Upstream-Status: Submitted [hhttps://github.com/openssl/openssl/pull/7688] +Signed-off-by: Ross Burton <ross.burton@intel.com> + +diff --git a/Configure b/Configure +index 3baa8ce..9ef52ed 100755 +--- a/Configure ++++ b/Configure +@@ -1550,20 +1550,7 @@ unless ($disabled{"crypto-mdebug-backtrace"}) + unless ($disabled{afalgeng}) { + $config{afalgeng}=""; + if (grep { $_ eq 'afalgeng' } @{$target{enable}}) { +- my $minver = 4*10000 + 1*100 + 0; +- if ($config{CROSS_COMPILE} eq "") { +- my $verstr = `uname -r`; +- my ($ma, $mi1, $mi2) = split("\\.", $verstr); +- ($mi2) = $mi2 =~ /(\d+)/; +- my $ver = $ma*10000 + $mi1*100 + $mi2; +- if ($ver < $minver) { +- disable('too-old-kernel', 'afalgeng'); +- } else { +- push @{$config{engdirs}}, "afalg"; +- } +- } else { +- disable('cross-compiling', 'afalgeng'); +- } ++ push @{$config{engdirs}}, "afalg"; + } else { + disable('not-linux', 'afalgeng'); + } diff --git a/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch b/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch deleted file mode 100644 index 613dc7b71c..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch +++ /dev/null @@ -1,27 +0,0 @@ -Add musl triplet support - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -Index: openssl-1.0.2a/Configure -=================================================================== ---- openssl-1.0.2a.orig/Configure -+++ openssl-1.0.2a/Configure -@@ -431,7 +431,7 @@ my %table=( - # - # ./Configure linux-armv4 -march=armv6 -D__ARM_MAX_ARCH__=8 - # --"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-aarch64","gcc: -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - # Configure script adds minimally required -march for assembly support, - # if no -march was specified at command line. mips32 and mips64 below -@@ -504,6 +504,8 @@ my %table=( - "linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-musleabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-musleabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - - "linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).", - diff --git a/meta/recipes-connectivity/openssl/openssl/configure-targets.patch b/meta/recipes-connectivity/openssl/openssl/configure-targets.patch deleted file mode 100644 index 691e74afbd..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/configure-targets.patch +++ /dev/null @@ -1,37 +0,0 @@ -Upstream-Status: Inappropriate [embedded specific] - -The number of colons are important :) - - ---- - Configure | 16 ++++++++++++++++ - 1 file changed, 16 insertions(+) - -Index: openssl-1.0.2a/Configure -=================================================================== ---- openssl-1.0.2a.orig/Configure -+++ openssl-1.0.2a/Configure -@@ -443,6 +443,23 @@ my %table=( - "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", - "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", - -+ -+# Linux on ARM -+"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ -+"linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).", -+ -+#### Linux on MIPS/MIPS64 -+"linux-mips","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mips64","$ENV{'CC'}:-DB_ENDIAN -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mips64el","$ENV{'CC'}:-DL_ENDIAN -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mipsel","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ - # Android: linux-* but without pointers to headers and libs. - "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch b/meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch deleted file mode 100644 index 68e54d561e..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001 -From: Ludwig Nussel <ludwig.nussel@suse.de> -Date: Wed, 21 Apr 2010 15:52:10 +0200 -Subject: [PATCH] also create old hash for compatibility - -Upstream-Status: Backport [debian] - -diff --git a/tools/c_rehash.in b/tools/c_rehash.in -index b086ff9..b777d79 100644 ---- a/tools/c_rehash.in -+++ b/tools/c_rehash.in -@@ -8,8 +8,6 @@ my $prefix; - - my $openssl = $ENV{OPENSSL} || "openssl"; - my $pwd; --my $x509hash = "-subject_hash"; --my $crlhash = "-hash"; - my $verbose = 0; - my $symlink_exists=eval {symlink("",""); 1}; - my $removelinks = 1; -@@ -18,10 +16,7 @@ my $removelinks = 1; - while ( $ARGV[0] =~ /^-/ ) { - my $flag = shift @ARGV; - last if ( $flag eq '--'); -- if ( $flag eq '-old') { -- $x509hash = "-subject_hash_old"; -- $crlhash = "-hash_old"; -- } elsif ( $flag eq '-h') { -+ if ( $flag eq '-h') { - help(); - } elsif ( $flag eq '-n' ) { - $removelinks = 0; -@@ -113,7 +108,9 @@ sub hash_dir { - next; - } - link_hash_cert($fname) if($cert); -+ link_hash_cert_old($fname) if($cert); - link_hash_crl($fname) if($crl); -+ link_hash_crl_old($fname) if($crl); - } - } - -@@ -146,6 +143,7 @@ sub check_file { - - sub link_hash_cert { - my $fname = $_[0]; -+ my $x509hash = $_[1] || '-subject_hash'; - $fname =~ s/'/'\\''/g; - my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; - chomp $hash; -@@ -176,11 +174,21 @@ sub link_hash_cert { - $hashlist{$hash} = $fprint; - } - -+sub link_hash_cert_old { -+ link_hash_cert($_[0], '-subject_hash_old'); -+} -+ -+sub link_hash_crl_old { -+ link_hash_crl($_[0], '-hash_old'); -+} -+ -+ - # Same as above except for a CRL. CRL links are of the form <hash>.r<n> - - sub link_hash_crl { - my $fname = $_[0]; -+ my $crlhash = $_[1] || "-hash"; - $fname =~ s/'/'\\''/g; - my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`; - chomp $hash; diff --git a/meta/recipes-connectivity/openssl/openssl/debian/ca.patch b/meta/recipes-connectivity/openssl/openssl/debian/ca.patch deleted file mode 100644 index fb745e4394..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/ca.patch +++ /dev/null @@ -1,22 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-0.9.8m/apps/CA.pl.in -=================================================================== ---- openssl-0.9.8m.orig/apps/CA.pl.in 2006-04-28 00:28:51.000000000 +0000 -+++ openssl-0.9.8m/apps/CA.pl.in 2010-02-27 00:36:51.000000000 +0000 -@@ -65,6 +65,7 @@ - foreach (@ARGV) { - if ( /^(-\?|-h|-help)$/ ) { - print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-signcert|-verify\n"; -+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; - exit 0; - } elsif (/^-newcert$/) { - # create a certificate -@@ -165,6 +166,7 @@ - } else { - print STDERR "Unknown arg $_\n"; - print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; -+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; - exit 1; - } - } diff --git a/meta/recipes-connectivity/openssl/openssl/debian/debian-targets.patch b/meta/recipes-connectivity/openssl/openssl/debian/debian-targets.patch deleted file mode 100644 index 39d4328184..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/debian-targets.patch +++ /dev/null @@ -1,73 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.2/Configure -=================================================================== ---- openssl-1.0.2.orig/Configure -+++ openssl-1.0.2/Configure -@@ -107,6 +107,10 @@ my $gcc_devteam_warn = "-Wall -pedantic - - my $clang_disabled_warnings = "-Wno-language-extension-token -Wno-extended-offsetof -Wno-padded -Wno-shorten-64-to-32 -Wno-format-nonliteral -Wno-missing-noreturn -Wno-unused-parameter -Wno-sign-conversion -Wno-unreachable-code -Wno-conversion -Wno-documentation -Wno-missing-variable-declarations -Wno-cast-align -Wno-incompatible-pointer-types-discards-qualifiers -Wno-missing-variable-declarations -Wno-missing-field-initializers -Wno-unused-macros -Wno-disabled-macro-expansion -Wno-conditional-uninitialized -Wno-switch-enum"; - -+# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS -+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall"; -+$debian_cflags =~ s/\n/ /g; -+ - my $strict_warnings = 0; - - my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; -@@ -343,6 +347,55 @@ my %table=( - "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so", - "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so", - -+# Debian GNU/* (various architectures) -+"debian-alpha","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-alpha-ev4","gcc:-DTERMIO ${debian_cflags} -mcpu=ev4::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-alpha-ev5","gcc:-DTERMIO ${debian_cflags} -mcpu=ev5::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-arm64","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::", -+"debian-avr32", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -fomit-frame-pointer::-D_REENTRANT::-ldl:BN_LLONG_BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-hppa","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -mtune=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-ia64","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i586::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i686::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-m68k","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mips", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mipsn32", "mips64-linux-gnuabin32-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mipsn32el", "mips64el-linux-gnuabin32-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mips64", "mips64-linux-gnuabi64-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mips64el", "mips64el-linux-gnuabi64-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-alpha","gcc:-DTERMIOS ${debian_cflags}::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-mips","gcc:-DL_ENDIAN ${debian_cflags}::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-or1k", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-powerpcspe","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-ppc64el","gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-s390","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-s390x","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-m32r","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v8 -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v9 -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags} -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-x32","gcc:-mx32 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32", -+ - #### - #### Variety of LINUX:-) - #### diff --git a/meta/recipes-connectivity/openssl/openssl/debian/man-dir.patch b/meta/recipes-connectivity/openssl/openssl/debian/man-dir.patch deleted file mode 100644 index 4085e3b1d7..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/man-dir.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.0c/Makefile.org -=================================================================== ---- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:27.000000000 +0100 -+++ openssl-1.0.0c/Makefile.org 2010-12-12 16:11:37.000000000 +0100 -@@ -131,7 +131,7 @@ - - MAKEFILE= Makefile - --MANDIR=$(OPENSSLDIR)/man -+MANDIR=/usr/share/man - MAN1=1 - MAN3=3 - MANSUFFIX= diff --git a/meta/recipes-connectivity/openssl/openssl/debian/man-section.patch b/meta/recipes-connectivity/openssl/openssl/debian/man-section.patch deleted file mode 100644 index 21c1d1a4eb..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/man-section.patch +++ /dev/null @@ -1,34 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.0c/Makefile.org -=================================================================== ---- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:37.000000000 +0100 -+++ openssl-1.0.0c/Makefile.org 2010-12-12 16:13:28.000000000 +0100 -@@ -160,7 +160,8 @@ - MANDIR=/usr/share/man - MAN1=1 - MAN3=3 --MANSUFFIX= -+MANSUFFIX=ssl -+MANSECTION=SSL - HTMLSUFFIX=html - HTMLDIR=$(OPENSSLDIR)/html - SHELL=/bin/sh -@@ -651,7 +652,7 @@ - echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ - (cd `$(PERL) util/dirname.pl $$i`; \ - sh -c "$$pod2man \ -- --section=$$sec --center=OpenSSL \ -+ --section=$${sec}$(MANSECTION) --center=OpenSSL \ - --release=$(VERSION) `basename $$i`") \ - > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ - $(PERL) util/extract-names.pl < $$i | \ -@@ -668,7 +669,7 @@ - echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ - (cd `$(PERL) util/dirname.pl $$i`; \ - sh -c "$$pod2man \ -- --section=$$sec --center=OpenSSL \ -+ --section=$${sec}$(MANSECTION) --center=OpenSSL \ - --release=$(VERSION) `basename $$i`") \ - > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ - $(PERL) util/extract-names.pl < $$i | \ diff --git a/meta/recipes-connectivity/openssl/openssl/debian/no-rpath.patch b/meta/recipes-connectivity/openssl/openssl/debian/no-rpath.patch deleted file mode 100644 index 1ccb3b86ee..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/no-rpath.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.0c/Makefile.shared -=================================================================== ---- openssl-1.0.0c.orig/Makefile.shared 2010-08-21 13:36:49.000000000 +0200 -+++ openssl-1.0.0c/Makefile.shared 2010-12-12 16:13:36.000000000 +0100 -@@ -153,7 +153,7 @@ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ - SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" - --DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" -+DO_GNU_APP=LDFLAGS="$(CFLAGS)" - - #This is rather special. It's a special target with which one can link - #applications without bothering with any features that have anything to diff --git a/meta/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch b/meta/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch deleted file mode 100644 index cc4408ab7d..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.0c/Makefile.shared -=================================================================== ---- openssl-1.0.0c.orig/Makefile.shared 2010-12-12 16:13:36.000000000 +0100 -+++ openssl-1.0.0c/Makefile.shared 2010-12-12 16:13:44.000000000 +0100 -@@ -151,7 +151,7 @@ - SHLIB_SUFFIX=; \ - ALLSYMSFLAGS='-Wl,--whole-archive'; \ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ -- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" -+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" - - DO_GNU_APP=LDFLAGS="$(CFLAGS)" - diff --git a/meta/recipes-connectivity/openssl/openssl/debian/pic.patch b/meta/recipes-connectivity/openssl/openssl/debian/pic.patch deleted file mode 100644 index bfda3888bf..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/pic.patch +++ /dev/null @@ -1,177 +0,0 @@ -Upstream-Status: Backport [debian] - -Index: openssl-1.0.1c/crypto/des/asm/desboth.pl -=================================================================== ---- openssl-1.0.1c.orig/crypto/des/asm/desboth.pl 2001-10-24 23:20:56.000000000 +0200 -+++ openssl-1.0.1c/crypto/des/asm/desboth.pl 2012-07-29 14:15:26.000000000 +0200 -@@ -16,6 +16,11 @@ - - &push("edi"); - -+ &call (&label("pic_point0")); -+ &set_label("pic_point0"); -+ &blindpop("ebp"); -+ &add ("ebp", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]"); -+ - &comment(""); - &comment("Load the data words"); - &mov($L,&DWP(0,"ebx","",0)); -@@ -47,15 +52,21 @@ - &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); - &mov(&swtmp(1), "eax"); - &mov(&swtmp(0), "ebx"); -- &call("DES_encrypt2"); -+ &exch("ebx", "ebp"); -+ &call("DES_encrypt2\@PLT"); -+ &exch("ebx", "ebp"); - &mov(&swtmp(2), (DWC(($enc)?"0":"1"))); - &mov(&swtmp(1), "edi"); - &mov(&swtmp(0), "ebx"); -- &call("DES_encrypt2"); -+ &exch("ebx", "ebp"); -+ &call("DES_encrypt2\@PLT"); -+ &exch("ebx", "ebp"); - &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); - &mov(&swtmp(1), "esi"); - &mov(&swtmp(0), "ebx"); -- &call("DES_encrypt2"); -+ &exch("ebx", "ebp"); -+ &call("DES_encrypt2\@PLT"); -+ &exch("ebx", "ebp"); - - &stack_pop(3); - &mov($L,&DWP(0,"ebx","",0)); -Index: openssl-1.0.1c/crypto/perlasm/cbc.pl -=================================================================== ---- openssl-1.0.1c.orig/crypto/perlasm/cbc.pl 2011-07-13 08:22:46.000000000 +0200 -+++ openssl-1.0.1c/crypto/perlasm/cbc.pl 2012-07-29 14:15:26.000000000 +0200 -@@ -122,7 +122,11 @@ - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - -- &call($enc_func); -+ &call (&label("pic_point0")); -+ &set_label("pic_point0"); -+ &blindpop("ebx"); -+ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]"); -+ &call("$enc_func\@PLT"); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); -@@ -185,7 +189,11 @@ - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - -- &call($enc_func); -+ &call (&label("pic_point1")); -+ &set_label("pic_point1"); -+ &blindpop("ebx"); -+ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point1") . "]"); -+ &call("$enc_func\@PLT"); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); -@@ -218,7 +226,11 @@ - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - -- &call($dec_func); -+ &call (&label("pic_point2")); -+ &set_label("pic_point2"); -+ &blindpop("ebx"); -+ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point2") . "]"); -+ &call("$dec_func\@PLT"); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # -@@ -261,7 +273,11 @@ - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - -- &call($dec_func); -+ &call (&label("pic_point3")); -+ &set_label("pic_point3"); -+ &blindpop("ebx"); -+ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point3") . "]"); -+ &call("$dec_func\@PLT"); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # -Index: openssl-1.0.1c/crypto/perlasm/x86gas.pl -=================================================================== ---- openssl-1.0.1c.orig/crypto/perlasm/x86gas.pl 2011-12-09 20:16:35.000000000 +0100 -+++ openssl-1.0.1c/crypto/perlasm/x86gas.pl 2012-07-29 14:15:26.000000000 +0200 -@@ -161,6 +161,7 @@ - if ($::macosx) { push (@out,"$tmp,2\n"); } - elsif ($::elf) { push (@out,"$tmp,4\n"); } - else { push (@out,"$tmp\n"); } -+ if ($::elf) { push (@out,".hidden\tOPENSSL_ia32cap_P\n"); } - } - push(@out,$initseg) if ($initseg); - } -@@ -218,8 +219,23 @@ - elsif ($::elf) - { $initseg.=<<___; - .section .init -+___ -+ if ($::pic) -+ { $initseg.=<<___; -+ pushl %ebx -+ call .pic_point0 -+.pic_point0: -+ popl %ebx -+ addl \$_GLOBAL_OFFSET_TABLE_+[.-.pic_point0],%ebx -+ call $f\@PLT -+ popl %ebx -+___ -+ } -+ else -+ { $initseg.=<<___; - call $f - ___ -+ } - } - elsif ($::coff) - { $initseg.=<<___; # applies to both Cygwin and Mingw -Index: openssl-1.0.1c/crypto/x86cpuid.pl -=================================================================== ---- openssl-1.0.1c.orig/crypto/x86cpuid.pl 2012-02-28 15:20:34.000000000 +0100 -+++ openssl-1.0.1c/crypto/x86cpuid.pl 2012-07-29 14:15:26.000000000 +0200 -@@ -8,6 +8,8 @@ - - for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -+push(@out, ".hidden OPENSSL_ia32cap_P\n"); -+ - &function_begin("OPENSSL_ia32_cpuid"); - &xor ("edx","edx"); - &pushf (); -@@ -139,9 +141,7 @@ - &set_label("nocpuid"); - &function_end("OPENSSL_ia32_cpuid"); - --&external_label("OPENSSL_ia32cap_P"); -- --&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); -+&function_begin_B("OPENSSL_rdtsc"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); -@@ -155,7 +155,7 @@ - # This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host], - # but it's safe to call it on any [supported] 32-bit platform... - # Just check for [non-]zero return value... --&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); -+&function_begin_B("OPENSSL_instrument_halt"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"ecx"),4); - &jnc (&label("nohalt")); # no TSC -@@ -222,7 +222,7 @@ - &ret (); - &function_end_B("OPENSSL_far_spin"); - --&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); -+&function_begin_B("OPENSSL_wipe_cpu"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); diff --git a/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch b/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch deleted file mode 100644 index a24918000a..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch +++ /dev/null @@ -1,4663 +0,0 @@ -Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure -=================================================================== ---- openssl-1.0.2~beta1.obsolete.0.0498436515490575.orig/Configure 2014-02-24 21:02:30.000000000 +0100 -+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure 2014-02-24 21:02:30.000000000 +0100 -@@ -1651,6 +1651,8 @@ - } - } - -+$shared_ldflag .= " -Wl,--version-script=openssl.ld"; -+ - open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n"; - unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new"; - open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n"; -Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld 2014-02-24 22:19:08.601827266 +0100 -@@ -0,0 +1,4615 @@ -+OPENSSL_1.0.0 { -+ global: -+ BIO_f_ssl; -+ BIO_new_buffer_ssl_connect; -+ BIO_new_ssl; -+ BIO_new_ssl_connect; -+ BIO_proxy_ssl_copy_session_id; -+ BIO_ssl_copy_session_id; -+ BIO_ssl_shutdown; -+ d2i_SSL_SESSION; -+ DTLSv1_client_method; -+ DTLSv1_method; -+ DTLSv1_server_method; -+ ERR_load_SSL_strings; -+ i2d_SSL_SESSION; -+ kssl_build_principal_2; -+ kssl_cget_tkt; -+ kssl_check_authent; -+ kssl_ctx_free; -+ kssl_ctx_new; -+ kssl_ctx_setkey; -+ kssl_ctx_setprinc; -+ kssl_ctx_setstring; -+ kssl_ctx_show; -+ kssl_err_set; -+ kssl_krb5_free_data_contents; -+ kssl_sget_tkt; -+ kssl_skip_confound; -+ kssl_validate_times; -+ PEM_read_bio_SSL_SESSION; -+ PEM_read_SSL_SESSION; -+ PEM_write_bio_SSL_SESSION; -+ PEM_write_SSL_SESSION; -+ SSL_accept; -+ SSL_add_client_CA; -+ SSL_add_dir_cert_subjects_to_stack; -+ SSL_add_dir_cert_subjs_to_stk; -+ SSL_add_file_cert_subjects_to_stack; -+ SSL_add_file_cert_subjs_to_stk; -+ SSL_alert_desc_string; -+ SSL_alert_desc_string_long; -+ SSL_alert_type_string; -+ SSL_alert_type_string_long; -+ SSL_callback_ctrl; -+ SSL_check_private_key; -+ SSL_CIPHER_description; -+ SSL_CIPHER_get_bits; -+ SSL_CIPHER_get_name; -+ SSL_CIPHER_get_version; -+ SSL_clear; -+ SSL_COMP_add_compression_method; -+ SSL_COMP_get_compression_methods; -+ SSL_COMP_get_compress_methods; -+ SSL_COMP_get_name; -+ SSL_connect; -+ SSL_copy_session_id; -+ SSL_ctrl; -+ SSL_CTX_add_client_CA; -+ SSL_CTX_add_session; -+ SSL_CTX_callback_ctrl; -+ SSL_CTX_check_private_key; -+ SSL_CTX_ctrl; -+ SSL_CTX_flush_sessions; -+ SSL_CTX_free; -+ SSL_CTX_get_cert_store; -+ SSL_CTX_get_client_CA_list; -+ SSL_CTX_get_client_cert_cb; -+ SSL_CTX_get_ex_data; -+ SSL_CTX_get_ex_new_index; -+ SSL_CTX_get_info_callback; -+ SSL_CTX_get_quiet_shutdown; -+ SSL_CTX_get_timeout; -+ SSL_CTX_get_verify_callback; -+ SSL_CTX_get_verify_depth; -+ SSL_CTX_get_verify_mode; -+ SSL_CTX_load_verify_locations; -+ SSL_CTX_new; -+ SSL_CTX_remove_session; -+ SSL_CTX_sess_get_get_cb; -+ SSL_CTX_sess_get_new_cb; -+ SSL_CTX_sess_get_remove_cb; -+ SSL_CTX_sessions; -+ SSL_CTX_sess_set_get_cb; -+ SSL_CTX_sess_set_new_cb; -+ SSL_CTX_sess_set_remove_cb; -+ SSL_CTX_set1_param; -+ SSL_CTX_set_cert_store; -+ SSL_CTX_set_cert_verify_callback; -+ SSL_CTX_set_cert_verify_cb; -+ SSL_CTX_set_cipher_list; -+ SSL_CTX_set_client_CA_list; -+ SSL_CTX_set_client_cert_cb; -+ SSL_CTX_set_client_cert_engine; -+ SSL_CTX_set_cookie_generate_cb; -+ SSL_CTX_set_cookie_verify_cb; -+ SSL_CTX_set_default_passwd_cb; -+ SSL_CTX_set_default_passwd_cb_userdata; -+ SSL_CTX_set_default_verify_paths; -+ SSL_CTX_set_def_passwd_cb_ud; -+ SSL_CTX_set_def_verify_paths; -+ SSL_CTX_set_ex_data; -+ SSL_CTX_set_generate_session_id; -+ SSL_CTX_set_info_callback; -+ SSL_CTX_set_msg_callback; -+ SSL_CTX_set_psk_client_callback; -+ SSL_CTX_set_psk_server_callback; -+ SSL_CTX_set_purpose; -+ SSL_CTX_set_quiet_shutdown; -+ SSL_CTX_set_session_id_context; -+ SSL_CTX_set_ssl_version; -+ SSL_CTX_set_timeout; -+ SSL_CTX_set_tmp_dh_callback; -+ SSL_CTX_set_tmp_ecdh_callback; -+ SSL_CTX_set_tmp_rsa_callback; -+ SSL_CTX_set_trust; -+ SSL_CTX_set_verify; -+ SSL_CTX_set_verify_depth; -+ SSL_CTX_use_cert_chain_file; -+ SSL_CTX_use_certificate; -+ SSL_CTX_use_certificate_ASN1; -+ SSL_CTX_use_certificate_chain_file; -+ SSL_CTX_use_certificate_file; -+ SSL_CTX_use_PrivateKey; -+ SSL_CTX_use_PrivateKey_ASN1; -+ SSL_CTX_use_PrivateKey_file; -+ SSL_CTX_use_psk_identity_hint; -+ SSL_CTX_use_RSAPrivateKey; -+ SSL_CTX_use_RSAPrivateKey_ASN1; -+ SSL_CTX_use_RSAPrivateKey_file; -+ SSL_do_handshake; -+ SSL_dup; -+ SSL_dup_CA_list; -+ SSLeay_add_ssl_algorithms; -+ SSL_free; -+ SSL_get1_session; -+ SSL_get_certificate; -+ SSL_get_cipher_list; -+ SSL_get_ciphers; -+ SSL_get_client_CA_list; -+ SSL_get_current_cipher; -+ SSL_get_current_compression; -+ SSL_get_current_expansion; -+ SSL_get_default_timeout; -+ SSL_get_error; -+ SSL_get_ex_data; -+ SSL_get_ex_data_X509_STORE_CTX_idx; -+ SSL_get_ex_d_X509_STORE_CTX_idx; -+ SSL_get_ex_new_index; -+ SSL_get_fd; -+ SSL_get_finished; -+ SSL_get_info_callback; -+ SSL_get_peer_cert_chain; -+ SSL_get_peer_certificate; -+ SSL_get_peer_finished; -+ SSL_get_privatekey; -+ SSL_get_psk_identity; -+ SSL_get_psk_identity_hint; -+ SSL_get_quiet_shutdown; -+ SSL_get_rbio; -+ SSL_get_read_ahead; -+ SSL_get_rfd; -+ SSL_get_servername; -+ SSL_get_servername_type; -+ SSL_get_session; -+ SSL_get_shared_ciphers; -+ SSL_get_shutdown; -+ SSL_get_SSL_CTX; -+ SSL_get_ssl_method; -+ SSL_get_verify_callback; -+ SSL_get_verify_depth; -+ SSL_get_verify_mode; -+ SSL_get_verify_result; -+ SSL_get_version; -+ SSL_get_wbio; -+ SSL_get_wfd; -+ SSL_has_matching_session_id; -+ SSL_library_init; -+ SSL_load_client_CA_file; -+ SSL_load_error_strings; -+ SSL_new; -+ SSL_peek; -+ SSL_pending; -+ SSL_read; -+ SSL_renegotiate; -+ SSL_renegotiate_pending; -+ SSL_rstate_string; -+ SSL_rstate_string_long; -+ SSL_SESSION_cmp; -+ SSL_SESSION_free; -+ SSL_SESSION_get_ex_data; -+ SSL_SESSION_get_ex_new_index; -+ SSL_SESSION_get_id; -+ SSL_SESSION_get_time; -+ SSL_SESSION_get_timeout; -+ SSL_SESSION_hash; -+ SSL_SESSION_new; -+ SSL_SESSION_print; -+ SSL_SESSION_print_fp; -+ SSL_SESSION_set_ex_data; -+ SSL_SESSION_set_time; -+ SSL_SESSION_set_timeout; -+ SSL_set1_param; -+ SSL_set_accept_state; -+ SSL_set_bio; -+ SSL_set_cipher_list; -+ SSL_set_client_CA_list; -+ SSL_set_connect_state; -+ SSL_set_ex_data; -+ SSL_set_fd; -+ SSL_set_generate_session_id; -+ SSL_set_info_callback; -+ SSL_set_msg_callback; -+ SSL_set_psk_client_callback; -+ SSL_set_psk_server_callback; -+ SSL_set_purpose; -+ SSL_set_quiet_shutdown; -+ SSL_set_read_ahead; -+ SSL_set_rfd; -+ SSL_set_session; -+ SSL_set_session_id_context; -+ SSL_set_session_secret_cb; -+ SSL_set_session_ticket_ext; -+ SSL_set_session_ticket_ext_cb; -+ SSL_set_shutdown; -+ SSL_set_SSL_CTX; -+ SSL_set_ssl_method; -+ SSL_set_tmp_dh_callback; -+ SSL_set_tmp_ecdh_callback; -+ SSL_set_tmp_rsa_callback; -+ SSL_set_trust; -+ SSL_set_verify; -+ SSL_set_verify_depth; -+ SSL_set_verify_result; -+ SSL_set_wfd; -+ SSL_shutdown; -+ SSL_state; -+ SSL_state_string; -+ SSL_state_string_long; -+ SSL_use_certificate; -+ SSL_use_certificate_ASN1; -+ SSL_use_certificate_file; -+ SSL_use_PrivateKey; -+ SSL_use_PrivateKey_ASN1; -+ SSL_use_PrivateKey_file; -+ SSL_use_psk_identity_hint; -+ SSL_use_RSAPrivateKey; -+ SSL_use_RSAPrivateKey_ASN1; -+ SSL_use_RSAPrivateKey_file; -+ SSLv23_client_method; -+ SSLv23_method; -+ SSLv23_server_method; -+ SSLv2_client_method; -+ SSLv2_method; -+ SSLv2_server_method; -+ SSLv3_client_method; -+ SSLv3_method; -+ SSLv3_server_method; -+ SSL_version; -+ SSL_want; -+ SSL_write; -+ TLSv1_client_method; -+ TLSv1_method; -+ TLSv1_server_method; -+ -+ -+ SSLeay; -+ SSLeay_version; -+ ASN1_BIT_STRING_asn1_meth; -+ ASN1_HEADER_free; -+ ASN1_HEADER_new; -+ ASN1_IA5STRING_asn1_meth; -+ ASN1_INTEGER_get; -+ ASN1_INTEGER_set; -+ ASN1_INTEGER_to_BN; -+ ASN1_OBJECT_create; -+ ASN1_OBJECT_free; -+ ASN1_OBJECT_new; -+ ASN1_PRINTABLE_type; -+ ASN1_STRING_cmp; -+ ASN1_STRING_dup; -+ ASN1_STRING_free; -+ ASN1_STRING_new; -+ ASN1_STRING_print; -+ ASN1_STRING_set; -+ ASN1_STRING_type_new; -+ ASN1_TYPE_free; -+ ASN1_TYPE_new; -+ ASN1_UNIVERSALSTRING_to_string; -+ ASN1_UTCTIME_check; -+ ASN1_UTCTIME_print; -+ ASN1_UTCTIME_set; -+ ASN1_check_infinite_end; -+ ASN1_d2i_bio; -+ ASN1_d2i_fp; -+ ASN1_digest; -+ ASN1_dup; -+ ASN1_get_object; -+ ASN1_i2d_bio; -+ ASN1_i2d_fp; -+ ASN1_object_size; -+ ASN1_parse; -+ ASN1_put_object; -+ ASN1_sign; -+ ASN1_verify; -+ BF_cbc_encrypt; -+ BF_cfb64_encrypt; -+ BF_ecb_encrypt; -+ BF_encrypt; -+ BF_ofb64_encrypt; -+ BF_options; -+ BF_set_key; -+ BIO_CONNECT_free; -+ BIO_CONNECT_new; -+ BIO_accept; -+ BIO_ctrl; -+ BIO_int_ctrl; -+ BIO_debug_callback; -+ BIO_dump; -+ BIO_dup_chain; -+ BIO_f_base64; -+ BIO_f_buffer; -+ BIO_f_cipher; -+ BIO_f_md; -+ BIO_f_null; -+ BIO_f_proxy_server; -+ BIO_fd_non_fatal_error; -+ BIO_fd_should_retry; -+ BIO_find_type; -+ BIO_free; -+ BIO_free_all; -+ BIO_get_accept_socket; -+ BIO_get_filter_bio; -+ BIO_get_host_ip; -+ BIO_get_port; -+ BIO_get_retry_BIO; -+ BIO_get_retry_reason; -+ BIO_gethostbyname; -+ BIO_gets; -+ BIO_new; -+ BIO_new_accept; -+ BIO_new_connect; -+ BIO_new_fd; -+ BIO_new_file; -+ BIO_new_fp; -+ BIO_new_socket; -+ BIO_pop; -+ BIO_printf; -+ BIO_push; -+ BIO_puts; -+ BIO_read; -+ BIO_s_accept; -+ BIO_s_connect; -+ BIO_s_fd; -+ BIO_s_file; -+ BIO_s_mem; -+ BIO_s_null; -+ BIO_s_proxy_client; -+ BIO_s_socket; -+ BIO_set; -+ BIO_set_cipher; -+ BIO_set_tcp_ndelay; -+ BIO_sock_cleanup; -+ BIO_sock_error; -+ BIO_sock_init; -+ BIO_sock_non_fatal_error; -+ BIO_sock_should_retry; -+ BIO_socket_ioctl; -+ BIO_write; -+ BN_CTX_free; -+ BN_CTX_new; -+ BN_MONT_CTX_free; -+ BN_MONT_CTX_new; -+ BN_MONT_CTX_set; -+ BN_add; -+ BN_add_word; -+ BN_hex2bn; -+ BN_bin2bn; -+ BN_bn2hex; -+ BN_bn2bin; -+ BN_clear; -+ BN_clear_bit; -+ BN_clear_free; -+ BN_cmp; -+ BN_copy; -+ BN_div; -+ BN_div_word; -+ BN_dup; -+ BN_free; -+ BN_from_montgomery; -+ BN_gcd; -+ BN_generate_prime; -+ BN_get_word; -+ BN_is_bit_set; -+ BN_is_prime; -+ BN_lshift; -+ BN_lshift1; -+ BN_mask_bits; -+ BN_mod; -+ BN_mod_exp; -+ BN_mod_exp_mont; -+ BN_mod_exp_simple; -+ BN_mod_inverse; -+ BN_mod_mul; -+ BN_mod_mul_montgomery; -+ BN_mod_word; -+ BN_mul; -+ BN_new; -+ BN_num_bits; -+ BN_num_bits_word; -+ BN_options; -+ BN_print; -+ BN_print_fp; -+ BN_rand; -+ BN_reciprocal; -+ BN_rshift; -+ BN_rshift1; -+ BN_set_bit; -+ BN_set_word; -+ BN_sqr; -+ BN_sub; -+ BN_to_ASN1_INTEGER; -+ BN_ucmp; -+ BN_value_one; -+ BUF_MEM_free; -+ BUF_MEM_grow; -+ BUF_MEM_new; -+ BUF_strdup; -+ CONF_free; -+ CONF_get_number; -+ CONF_get_section; -+ CONF_get_string; -+ CONF_load; -+ CRYPTO_add_lock; -+ CRYPTO_dbg_free; -+ CRYPTO_dbg_malloc; -+ CRYPTO_dbg_realloc; -+ CRYPTO_dbg_remalloc; -+ CRYPTO_free; -+ CRYPTO_get_add_lock_callback; -+ CRYPTO_get_id_callback; -+ CRYPTO_get_lock_name; -+ CRYPTO_get_locking_callback; -+ CRYPTO_get_mem_functions; -+ CRYPTO_lock; -+ CRYPTO_malloc; -+ CRYPTO_mem_ctrl; -+ CRYPTO_mem_leaks; -+ CRYPTO_mem_leaks_cb; -+ CRYPTO_mem_leaks_fp; -+ CRYPTO_realloc; -+ CRYPTO_remalloc; -+ CRYPTO_set_add_lock_callback; -+ CRYPTO_set_id_callback; -+ CRYPTO_set_locking_callback; -+ CRYPTO_set_mem_functions; -+ CRYPTO_thread_id; -+ DH_check; -+ DH_compute_key; -+ DH_free; -+ DH_generate_key; -+ DH_generate_parameters; -+ DH_new; -+ DH_size; -+ DHparams_print; -+ DHparams_print_fp; -+ DSA_free; -+ DSA_generate_key; -+ DSA_generate_parameters; -+ DSA_is_prime; -+ DSA_new; -+ DSA_print; -+ DSA_print_fp; -+ DSA_sign; -+ DSA_sign_setup; -+ DSA_size; -+ DSA_verify; -+ DSAparams_print; -+ DSAparams_print_fp; -+ ERR_clear_error; -+ ERR_error_string; -+ ERR_free_strings; -+ ERR_func_error_string; -+ ERR_get_err_state_table; -+ ERR_get_error; -+ ERR_get_error_line; -+ ERR_get_state; -+ ERR_get_string_table; -+ ERR_lib_error_string; -+ ERR_load_ASN1_strings; -+ ERR_load_BIO_strings; -+ ERR_load_BN_strings; -+ ERR_load_BUF_strings; -+ ERR_load_CONF_strings; -+ ERR_load_DH_strings; -+ ERR_load_DSA_strings; -+ ERR_load_ERR_strings; -+ ERR_load_EVP_strings; -+ ERR_load_OBJ_strings; -+ ERR_load_PEM_strings; -+ ERR_load_PROXY_strings; -+ ERR_load_RSA_strings; -+ ERR_load_X509_strings; -+ ERR_load_crypto_strings; -+ ERR_load_strings; -+ ERR_peek_error; -+ ERR_peek_error_line; -+ ERR_print_errors; -+ ERR_print_errors_fp; -+ ERR_put_error; -+ ERR_reason_error_string; -+ ERR_remove_state; -+ EVP_BytesToKey; -+ EVP_CIPHER_CTX_cleanup; -+ EVP_CipherFinal; -+ EVP_CipherInit; -+ EVP_CipherUpdate; -+ EVP_DecodeBlock; -+ EVP_DecodeFinal; -+ EVP_DecodeInit; -+ EVP_DecodeUpdate; -+ EVP_DecryptFinal; -+ EVP_DecryptInit; -+ EVP_DecryptUpdate; -+ EVP_DigestFinal; -+ EVP_DigestInit; -+ EVP_DigestUpdate; -+ EVP_EncodeBlock; -+ EVP_EncodeFinal; -+ EVP_EncodeInit; -+ EVP_EncodeUpdate; -+ EVP_EncryptFinal; -+ EVP_EncryptInit; -+ EVP_EncryptUpdate; -+ EVP_OpenFinal; -+ EVP_OpenInit; -+ EVP_PKEY_assign; -+ EVP_PKEY_copy_parameters; -+ EVP_PKEY_free; -+ EVP_PKEY_missing_parameters; -+ EVP_PKEY_new; -+ EVP_PKEY_save_parameters; -+ EVP_PKEY_size; -+ EVP_PKEY_type; -+ EVP_SealFinal; -+ EVP_SealInit; -+ EVP_SignFinal; -+ EVP_VerifyFinal; -+ EVP_add_alias; -+ EVP_add_cipher; -+ EVP_add_digest; -+ EVP_bf_cbc; -+ EVP_bf_cfb64; -+ EVP_bf_ecb; -+ EVP_bf_ofb; -+ EVP_cleanup; -+ EVP_des_cbc; -+ EVP_des_cfb64; -+ EVP_des_ecb; -+ EVP_des_ede; -+ EVP_des_ede3; -+ EVP_des_ede3_cbc; -+ EVP_des_ede3_cfb64; -+ EVP_des_ede3_ofb; -+ EVP_des_ede_cbc; -+ EVP_des_ede_cfb64; -+ EVP_des_ede_ofb; -+ EVP_des_ofb; -+ EVP_desx_cbc; -+ EVP_dss; -+ EVP_dss1; -+ EVP_enc_null; -+ EVP_get_cipherbyname; -+ EVP_get_digestbyname; -+ EVP_get_pw_prompt; -+ EVP_idea_cbc; -+ EVP_idea_cfb64; -+ EVP_idea_ecb; -+ EVP_idea_ofb; -+ EVP_md2; -+ EVP_md5; -+ EVP_md_null; -+ EVP_rc2_cbc; -+ EVP_rc2_cfb64; -+ EVP_rc2_ecb; -+ EVP_rc2_ofb; -+ EVP_rc4; -+ EVP_read_pw_string; -+ EVP_set_pw_prompt; -+ EVP_sha; -+ EVP_sha1; -+ MD2; -+ MD2_Final; -+ MD2_Init; -+ MD2_Update; -+ MD2_options; -+ MD5; -+ MD5_Final; -+ MD5_Init; -+ MD5_Update; -+ MDC2; -+ MDC2_Final; -+ MDC2_Init; -+ MDC2_Update; -+ NETSCAPE_SPKAC_free; -+ NETSCAPE_SPKAC_new; -+ NETSCAPE_SPKI_free; -+ NETSCAPE_SPKI_new; -+ NETSCAPE_SPKI_sign; -+ NETSCAPE_SPKI_verify; -+ OBJ_add_object; -+ OBJ_bsearch; -+ OBJ_cleanup; -+ OBJ_cmp; -+ OBJ_create; -+ OBJ_dup; -+ OBJ_ln2nid; -+ OBJ_new_nid; -+ OBJ_nid2ln; -+ OBJ_nid2obj; -+ OBJ_nid2sn; -+ OBJ_obj2nid; -+ OBJ_sn2nid; -+ OBJ_txt2nid; -+ PEM_ASN1_read; -+ PEM_ASN1_read_bio; -+ PEM_ASN1_write; -+ PEM_ASN1_write_bio; -+ PEM_SealFinal; -+ PEM_SealInit; -+ PEM_SealUpdate; -+ PEM_SignFinal; -+ PEM_SignInit; -+ PEM_SignUpdate; -+ PEM_X509_INFO_read; -+ PEM_X509_INFO_read_bio; -+ PEM_X509_INFO_write_bio; -+ PEM_dek_info; -+ PEM_do_header; -+ PEM_get_EVP_CIPHER_INFO; -+ PEM_proc_type; -+ PEM_read; -+ PEM_read_DHparams; -+ PEM_read_DSAPrivateKey; -+ PEM_read_DSAparams; -+ PEM_read_PKCS7; -+ PEM_read_PrivateKey; -+ PEM_read_RSAPrivateKey; -+ PEM_read_X509; -+ PEM_read_X509_CRL; -+ PEM_read_X509_REQ; -+ PEM_read_bio; -+ PEM_read_bio_DHparams; -+ PEM_read_bio_DSAPrivateKey; -+ PEM_read_bio_DSAparams; -+ PEM_read_bio_PKCS7; -+ PEM_read_bio_PrivateKey; -+ PEM_read_bio_RSAPrivateKey; -+ PEM_read_bio_X509; -+ PEM_read_bio_X509_CRL; -+ PEM_read_bio_X509_REQ; -+ PEM_write; -+ PEM_write_DHparams; -+ PEM_write_DSAPrivateKey; -+ PEM_write_DSAparams; -+ PEM_write_PKCS7; -+ PEM_write_PrivateKey; -+ PEM_write_RSAPrivateKey; -+ PEM_write_X509; -+ PEM_write_X509_CRL; -+ PEM_write_X509_REQ; -+ PEM_write_bio; -+ PEM_write_bio_DHparams; -+ PEM_write_bio_DSAPrivateKey; -+ PEM_write_bio_DSAparams; -+ PEM_write_bio_PKCS7; -+ PEM_write_bio_PrivateKey; -+ PEM_write_bio_RSAPrivateKey; -+ PEM_write_bio_X509; -+ PEM_write_bio_X509_CRL; -+ PEM_write_bio_X509_REQ; -+ PKCS7_DIGEST_free; -+ PKCS7_DIGEST_new; -+ PKCS7_ENCRYPT_free; -+ PKCS7_ENCRYPT_new; -+ PKCS7_ENC_CONTENT_free; -+ PKCS7_ENC_CONTENT_new; -+ PKCS7_ENVELOPE_free; -+ PKCS7_ENVELOPE_new; -+ PKCS7_ISSUER_AND_SERIAL_digest; -+ PKCS7_ISSUER_AND_SERIAL_free; -+ PKCS7_ISSUER_AND_SERIAL_new; -+ PKCS7_RECIP_INFO_free; -+ PKCS7_RECIP_INFO_new; -+ PKCS7_SIGNED_free; -+ PKCS7_SIGNED_new; -+ PKCS7_SIGNER_INFO_free; -+ PKCS7_SIGNER_INFO_new; -+ PKCS7_SIGN_ENVELOPE_free; -+ PKCS7_SIGN_ENVELOPE_new; -+ PKCS7_dup; -+ PKCS7_free; -+ PKCS7_new; -+ PROXY_ENTRY_add_noproxy; -+ PROXY_ENTRY_clear_noproxy; -+ PROXY_ENTRY_free; -+ PROXY_ENTRY_get_noproxy; -+ PROXY_ENTRY_new; -+ PROXY_ENTRY_set_server; -+ PROXY_add_noproxy; -+ PROXY_add_server; -+ PROXY_check_by_host; -+ PROXY_check_url; -+ PROXY_clear_noproxy; -+ PROXY_free; -+ PROXY_get_noproxy; -+ PROXY_get_proxies; -+ PROXY_get_proxy_entry; -+ PROXY_load_conf; -+ PROXY_new; -+ PROXY_print; -+ RAND_bytes; -+ RAND_cleanup; -+ RAND_file_name; -+ RAND_load_file; -+ RAND_screen; -+ RAND_seed; -+ RAND_write_file; -+ RC2_cbc_encrypt; -+ RC2_cfb64_encrypt; -+ RC2_ecb_encrypt; -+ RC2_encrypt; -+ RC2_ofb64_encrypt; -+ RC2_set_key; -+ RC4; -+ RC4_options; -+ RC4_set_key; -+ RSAPrivateKey_asn1_meth; -+ RSAPrivateKey_dup; -+ RSAPublicKey_dup; -+ RSA_PKCS1_SSLeay; -+ RSA_free; -+ RSA_generate_key; -+ RSA_new; -+ RSA_new_method; -+ RSA_print; -+ RSA_print_fp; -+ RSA_private_decrypt; -+ RSA_private_encrypt; -+ RSA_public_decrypt; -+ RSA_public_encrypt; -+ RSA_set_default_method; -+ RSA_sign; -+ RSA_sign_ASN1_OCTET_STRING; -+ RSA_size; -+ RSA_verify; -+ RSA_verify_ASN1_OCTET_STRING; -+ SHA; -+ SHA1; -+ SHA1_Final; -+ SHA1_Init; -+ SHA1_Update; -+ SHA_Final; -+ SHA_Init; -+ SHA_Update; -+ OpenSSL_add_all_algorithms; -+ OpenSSL_add_all_ciphers; -+ OpenSSL_add_all_digests; -+ TXT_DB_create_index; -+ TXT_DB_free; -+ TXT_DB_get_by_index; -+ TXT_DB_insert; -+ TXT_DB_read; -+ TXT_DB_write; -+ X509_ALGOR_free; -+ X509_ALGOR_new; -+ X509_ATTRIBUTE_free; -+ X509_ATTRIBUTE_new; -+ X509_CINF_free; -+ X509_CINF_new; -+ X509_CRL_INFO_free; -+ X509_CRL_INFO_new; -+ X509_CRL_add_ext; -+ X509_CRL_cmp; -+ X509_CRL_delete_ext; -+ X509_CRL_dup; -+ X509_CRL_free; -+ X509_CRL_get_ext; -+ X509_CRL_get_ext_by_NID; -+ X509_CRL_get_ext_by_OBJ; -+ X509_CRL_get_ext_by_critical; -+ X509_CRL_get_ext_count; -+ X509_CRL_new; -+ X509_CRL_sign; -+ X509_CRL_verify; -+ X509_EXTENSION_create_by_NID; -+ X509_EXTENSION_create_by_OBJ; -+ X509_EXTENSION_dup; -+ X509_EXTENSION_free; -+ X509_EXTENSION_get_critical; -+ X509_EXTENSION_get_data; -+ X509_EXTENSION_get_object; -+ X509_EXTENSION_new; -+ X509_EXTENSION_set_critical; -+ X509_EXTENSION_set_data; -+ X509_EXTENSION_set_object; -+ X509_INFO_free; -+ X509_INFO_new; -+ X509_LOOKUP_by_alias; -+ X509_LOOKUP_by_fingerprint; -+ X509_LOOKUP_by_issuer_serial; -+ X509_LOOKUP_by_subject; -+ X509_LOOKUP_ctrl; -+ X509_LOOKUP_file; -+ X509_LOOKUP_free; -+ X509_LOOKUP_hash_dir; -+ X509_LOOKUP_init; -+ X509_LOOKUP_new; -+ X509_LOOKUP_shutdown; -+ X509_NAME_ENTRY_create_by_NID; -+ X509_NAME_ENTRY_create_by_OBJ; -+ X509_NAME_ENTRY_dup; -+ X509_NAME_ENTRY_free; -+ X509_NAME_ENTRY_get_data; -+ X509_NAME_ENTRY_get_object; -+ X509_NAME_ENTRY_new; -+ X509_NAME_ENTRY_set_data; -+ X509_NAME_ENTRY_set_object; -+ X509_NAME_add_entry; -+ X509_NAME_cmp; -+ X509_NAME_delete_entry; -+ X509_NAME_digest; -+ X509_NAME_dup; -+ X509_NAME_entry_count; -+ X509_NAME_free; -+ X509_NAME_get_entry; -+ X509_NAME_get_index_by_NID; -+ X509_NAME_get_index_by_OBJ; -+ X509_NAME_get_text_by_NID; -+ X509_NAME_get_text_by_OBJ; -+ X509_NAME_hash; -+ X509_NAME_new; -+ X509_NAME_oneline; -+ X509_NAME_print; -+ X509_NAME_set; -+ X509_OBJECT_free_contents; -+ X509_OBJECT_retrieve_by_subject; -+ X509_OBJECT_up_ref_count; -+ X509_PKEY_free; -+ X509_PKEY_new; -+ X509_PUBKEY_free; -+ X509_PUBKEY_get; -+ X509_PUBKEY_new; -+ X509_PUBKEY_set; -+ X509_REQ_INFO_free; -+ X509_REQ_INFO_new; -+ X509_REQ_dup; -+ X509_REQ_free; -+ X509_REQ_get_pubkey; -+ X509_REQ_new; -+ X509_REQ_print; -+ X509_REQ_print_fp; -+ X509_REQ_set_pubkey; -+ X509_REQ_set_subject_name; -+ X509_REQ_set_version; -+ X509_REQ_sign; -+ X509_REQ_to_X509; -+ X509_REQ_verify; -+ X509_REVOKED_add_ext; -+ X509_REVOKED_delete_ext; -+ X509_REVOKED_free; -+ X509_REVOKED_get_ext; -+ X509_REVOKED_get_ext_by_NID; -+ X509_REVOKED_get_ext_by_OBJ; -+ X509_REVOKED_get_ext_by_critical; -+ X509_REVOKED_get_ext_by_critic; -+ X509_REVOKED_get_ext_count; -+ X509_REVOKED_new; -+ X509_SIG_free; -+ X509_SIG_new; -+ X509_STORE_CTX_cleanup; -+ X509_STORE_CTX_init; -+ X509_STORE_add_cert; -+ X509_STORE_add_lookup; -+ X509_STORE_free; -+ X509_STORE_get_by_subject; -+ X509_STORE_load_locations; -+ X509_STORE_new; -+ X509_STORE_set_default_paths; -+ X509_VAL_free; -+ X509_VAL_new; -+ X509_add_ext; -+ X509_asn1_meth; -+ X509_certificate_type; -+ X509_check_private_key; -+ X509_cmp_current_time; -+ X509_delete_ext; -+ X509_digest; -+ X509_dup; -+ X509_free; -+ X509_get_default_cert_area; -+ X509_get_default_cert_dir; -+ X509_get_default_cert_dir_env; -+ X509_get_default_cert_file; -+ X509_get_default_cert_file_env; -+ X509_get_default_private_dir; -+ X509_get_ext; -+ X509_get_ext_by_NID; -+ X509_get_ext_by_OBJ; -+ X509_get_ext_by_critical; -+ X509_get_ext_count; -+ X509_get_issuer_name; -+ X509_get_pubkey; -+ X509_get_pubkey_parameters; -+ X509_get_serialNumber; -+ X509_get_subject_name; -+ X509_gmtime_adj; -+ X509_issuer_and_serial_cmp; -+ X509_issuer_and_serial_hash; -+ X509_issuer_name_cmp; -+ X509_issuer_name_hash; -+ X509_load_cert_file; -+ X509_new; -+ X509_print; -+ X509_print_fp; -+ X509_set_issuer_name; -+ X509_set_notAfter; -+ X509_set_notBefore; -+ X509_set_pubkey; -+ X509_set_serialNumber; -+ X509_set_subject_name; -+ X509_set_version; -+ X509_sign; -+ X509_subject_name_cmp; -+ X509_subject_name_hash; -+ X509_to_X509_REQ; -+ X509_verify; -+ X509_verify_cert; -+ X509_verify_cert_error_string; -+ X509v3_add_ext; -+ X509v3_add_extension; -+ X509v3_add_netscape_extensions; -+ X509v3_add_standard_extensions; -+ X509v3_cleanup_extensions; -+ X509v3_data_type_by_NID; -+ X509v3_data_type_by_OBJ; -+ X509v3_delete_ext; -+ X509v3_get_ext; -+ X509v3_get_ext_by_NID; -+ X509v3_get_ext_by_OBJ; -+ X509v3_get_ext_by_critical; -+ X509v3_get_ext_count; -+ X509v3_pack_string; -+ X509v3_pack_type_by_NID; -+ X509v3_pack_type_by_OBJ; -+ X509v3_unpack_string; -+ _des_crypt; -+ a2d_ASN1_OBJECT; -+ a2i_ASN1_INTEGER; -+ a2i_ASN1_STRING; -+ asn1_Finish; -+ asn1_GetSequence; -+ bn_div_words; -+ bn_expand2; -+ bn_mul_add_words; -+ bn_mul_words; -+ BN_uadd; -+ BN_usub; -+ bn_sqr_words; -+ _ossl_old_crypt; -+ d2i_ASN1_BIT_STRING; -+ d2i_ASN1_BOOLEAN; -+ d2i_ASN1_HEADER; -+ d2i_ASN1_IA5STRING; -+ d2i_ASN1_INTEGER; -+ d2i_ASN1_OBJECT; -+ d2i_ASN1_OCTET_STRING; -+ d2i_ASN1_PRINTABLE; -+ d2i_ASN1_PRINTABLESTRING; -+ d2i_ASN1_SET; -+ d2i_ASN1_T61STRING; -+ d2i_ASN1_TYPE; -+ d2i_ASN1_UTCTIME; -+ d2i_ASN1_bytes; -+ d2i_ASN1_type_bytes; -+ d2i_DHparams; -+ d2i_DSAPrivateKey; -+ d2i_DSAPrivateKey_bio; -+ d2i_DSAPrivateKey_fp; -+ d2i_DSAPublicKey; -+ d2i_DSAparams; -+ d2i_NETSCAPE_SPKAC; -+ d2i_NETSCAPE_SPKI; -+ d2i_Netscape_RSA; -+ d2i_PKCS7; -+ d2i_PKCS7_DIGEST; -+ d2i_PKCS7_ENCRYPT; -+ d2i_PKCS7_ENC_CONTENT; -+ d2i_PKCS7_ENVELOPE; -+ d2i_PKCS7_ISSUER_AND_SERIAL; -+ d2i_PKCS7_RECIP_INFO; -+ d2i_PKCS7_SIGNED; -+ d2i_PKCS7_SIGNER_INFO; -+ d2i_PKCS7_SIGN_ENVELOPE; -+ d2i_PKCS7_bio; -+ d2i_PKCS7_fp; -+ d2i_PrivateKey; -+ d2i_PublicKey; -+ d2i_RSAPrivateKey; -+ d2i_RSAPrivateKey_bio; -+ d2i_RSAPrivateKey_fp; -+ d2i_RSAPublicKey; -+ d2i_X509; -+ d2i_X509_ALGOR; -+ d2i_X509_ATTRIBUTE; -+ d2i_X509_CINF; -+ d2i_X509_CRL; -+ d2i_X509_CRL_INFO; -+ d2i_X509_CRL_bio; -+ d2i_X509_CRL_fp; -+ d2i_X509_EXTENSION; -+ d2i_X509_NAME; -+ d2i_X509_NAME_ENTRY; -+ d2i_X509_PKEY; -+ d2i_X509_PUBKEY; -+ d2i_X509_REQ; -+ d2i_X509_REQ_INFO; -+ d2i_X509_REQ_bio; -+ d2i_X509_REQ_fp; -+ d2i_X509_REVOKED; -+ d2i_X509_SIG; -+ d2i_X509_VAL; -+ d2i_X509_bio; -+ d2i_X509_fp; -+ DES_cbc_cksum; -+ DES_cbc_encrypt; -+ DES_cblock_print_file; -+ DES_cfb64_encrypt; -+ DES_cfb_encrypt; -+ DES_decrypt3; -+ DES_ecb3_encrypt; -+ DES_ecb_encrypt; -+ DES_ede3_cbc_encrypt; -+ DES_ede3_cfb64_encrypt; -+ DES_ede3_ofb64_encrypt; -+ DES_enc_read; -+ DES_enc_write; -+ DES_encrypt1; -+ DES_encrypt2; -+ DES_encrypt3; -+ DES_fcrypt; -+ DES_is_weak_key; -+ DES_key_sched; -+ DES_ncbc_encrypt; -+ DES_ofb64_encrypt; -+ DES_ofb_encrypt; -+ DES_options; -+ DES_pcbc_encrypt; -+ DES_quad_cksum; -+ DES_random_key; -+ _ossl_old_des_random_seed; -+ _ossl_old_des_read_2passwords; -+ _ossl_old_des_read_password; -+ _ossl_old_des_read_pw; -+ _ossl_old_des_read_pw_string; -+ DES_set_key; -+ DES_set_odd_parity; -+ DES_string_to_2keys; -+ DES_string_to_key; -+ DES_xcbc_encrypt; -+ DES_xwhite_in2out; -+ fcrypt_body; -+ i2a_ASN1_INTEGER; -+ i2a_ASN1_OBJECT; -+ i2a_ASN1_STRING; -+ i2d_ASN1_BIT_STRING; -+ i2d_ASN1_BOOLEAN; -+ i2d_ASN1_HEADER; -+ i2d_ASN1_IA5STRING; -+ i2d_ASN1_INTEGER; -+ i2d_ASN1_OBJECT; -+ i2d_ASN1_OCTET_STRING; -+ i2d_ASN1_PRINTABLE; -+ i2d_ASN1_SET; -+ i2d_ASN1_TYPE; -+ i2d_ASN1_UTCTIME; -+ i2d_ASN1_bytes; -+ i2d_DHparams; -+ i2d_DSAPrivateKey; -+ i2d_DSAPrivateKey_bio; -+ i2d_DSAPrivateKey_fp; -+ i2d_DSAPublicKey; -+ i2d_DSAparams; -+ i2d_NETSCAPE_SPKAC; -+ i2d_NETSCAPE_SPKI; -+ i2d_Netscape_RSA; -+ i2d_PKCS7; -+ i2d_PKCS7_DIGEST; -+ i2d_PKCS7_ENCRYPT; -+ i2d_PKCS7_ENC_CONTENT; -+ i2d_PKCS7_ENVELOPE; -+ i2d_PKCS7_ISSUER_AND_SERIAL; -+ i2d_PKCS7_RECIP_INFO; -+ i2d_PKCS7_SIGNED; -+ i2d_PKCS7_SIGNER_INFO; -+ i2d_PKCS7_SIGN_ENVELOPE; -+ i2d_PKCS7_bio; -+ i2d_PKCS7_fp; -+ i2d_PrivateKey; -+ i2d_PublicKey; -+ i2d_RSAPrivateKey; -+ i2d_RSAPrivateKey_bio; -+ i2d_RSAPrivateKey_fp; -+ i2d_RSAPublicKey; -+ i2d_X509; -+ i2d_X509_ALGOR; -+ i2d_X509_ATTRIBUTE; -+ i2d_X509_CINF; -+ i2d_X509_CRL; -+ i2d_X509_CRL_INFO; -+ i2d_X509_CRL_bio; -+ i2d_X509_CRL_fp; -+ i2d_X509_EXTENSION; -+ i2d_X509_NAME; -+ i2d_X509_NAME_ENTRY; -+ i2d_X509_PKEY; -+ i2d_X509_PUBKEY; -+ i2d_X509_REQ; -+ i2d_X509_REQ_INFO; -+ i2d_X509_REQ_bio; -+ i2d_X509_REQ_fp; -+ i2d_X509_REVOKED; -+ i2d_X509_SIG; -+ i2d_X509_VAL; -+ i2d_X509_bio; -+ i2d_X509_fp; -+ idea_cbc_encrypt; -+ idea_cfb64_encrypt; -+ idea_ecb_encrypt; -+ idea_encrypt; -+ idea_ofb64_encrypt; -+ idea_options; -+ idea_set_decrypt_key; -+ idea_set_encrypt_key; -+ lh_delete; -+ lh_doall; -+ lh_doall_arg; -+ lh_free; -+ lh_insert; -+ lh_new; -+ lh_node_stats; -+ lh_node_stats_bio; -+ lh_node_usage_stats; -+ lh_node_usage_stats_bio; -+ lh_retrieve; -+ lh_stats; -+ lh_stats_bio; -+ lh_strhash; -+ sk_delete; -+ sk_delete_ptr; -+ sk_dup; -+ sk_find; -+ sk_free; -+ sk_insert; -+ sk_new; -+ sk_pop; -+ sk_pop_free; -+ sk_push; -+ sk_set_cmp_func; -+ sk_shift; -+ sk_unshift; -+ sk_zero; -+ BIO_f_nbio_test; -+ ASN1_TYPE_get; -+ ASN1_TYPE_set; -+ PKCS7_content_free; -+ ERR_load_PKCS7_strings; -+ X509_find_by_issuer_and_serial; -+ X509_find_by_subject; -+ PKCS7_ctrl; -+ PKCS7_set_type; -+ PKCS7_set_content; -+ PKCS7_SIGNER_INFO_set; -+ PKCS7_add_signer; -+ PKCS7_add_certificate; -+ PKCS7_add_crl; -+ PKCS7_content_new; -+ PKCS7_dataSign; -+ PKCS7_dataVerify; -+ PKCS7_dataInit; -+ PKCS7_add_signature; -+ PKCS7_cert_from_signer_info; -+ PKCS7_get_signer_info; -+ EVP_delete_alias; -+ EVP_mdc2; -+ PEM_read_bio_RSAPublicKey; -+ PEM_write_bio_RSAPublicKey; -+ d2i_RSAPublicKey_bio; -+ i2d_RSAPublicKey_bio; -+ PEM_read_RSAPublicKey; -+ PEM_write_RSAPublicKey; -+ d2i_RSAPublicKey_fp; -+ i2d_RSAPublicKey_fp; -+ BIO_copy_next_retry; -+ RSA_flags; -+ X509_STORE_add_crl; -+ X509_load_crl_file; -+ EVP_rc2_40_cbc; -+ EVP_rc4_40; -+ EVP_CIPHER_CTX_init; -+ HMAC; -+ HMAC_Init; -+ HMAC_Update; -+ HMAC_Final; -+ ERR_get_next_error_library; -+ EVP_PKEY_cmp_parameters; -+ HMAC_cleanup; -+ BIO_ptr_ctrl; -+ BIO_new_file_internal; -+ BIO_new_fp_internal; -+ BIO_s_file_internal; -+ BN_BLINDING_convert; -+ BN_BLINDING_invert; -+ BN_BLINDING_update; -+ RSA_blinding_on; -+ RSA_blinding_off; -+ i2t_ASN1_OBJECT; -+ BN_BLINDING_new; -+ BN_BLINDING_free; -+ EVP_cast5_cbc; -+ EVP_cast5_cfb64; -+ EVP_cast5_ecb; -+ EVP_cast5_ofb; -+ BF_decrypt; -+ CAST_set_key; -+ CAST_encrypt; -+ CAST_decrypt; -+ CAST_ecb_encrypt; -+ CAST_cbc_encrypt; -+ CAST_cfb64_encrypt; -+ CAST_ofb64_encrypt; -+ RC2_decrypt; -+ OBJ_create_objects; -+ BN_exp; -+ BN_mul_word; -+ BN_sub_word; -+ BN_dec2bn; -+ BN_bn2dec; -+ BIO_ghbn_ctrl; -+ CRYPTO_free_ex_data; -+ CRYPTO_get_ex_data; -+ CRYPTO_set_ex_data; -+ ERR_load_CRYPTO_strings; -+ ERR_load_CRYPTOlib_strings; -+ EVP_PKEY_bits; -+ MD5_Transform; -+ SHA1_Transform; -+ SHA_Transform; -+ X509_STORE_CTX_get_chain; -+ X509_STORE_CTX_get_current_cert; -+ X509_STORE_CTX_get_error; -+ X509_STORE_CTX_get_error_depth; -+ X509_STORE_CTX_get_ex_data; -+ X509_STORE_CTX_set_cert; -+ X509_STORE_CTX_set_chain; -+ X509_STORE_CTX_set_error; -+ X509_STORE_CTX_set_ex_data; -+ CRYPTO_dup_ex_data; -+ CRYPTO_get_new_lockid; -+ CRYPTO_new_ex_data; -+ RSA_set_ex_data; -+ RSA_get_ex_data; -+ RSA_get_ex_new_index; -+ RSA_padding_add_PKCS1_type_1; -+ RSA_padding_add_PKCS1_type_2; -+ RSA_padding_add_SSLv23; -+ RSA_padding_add_none; -+ RSA_padding_check_PKCS1_type_1; -+ RSA_padding_check_PKCS1_type_2; -+ RSA_padding_check_SSLv23; -+ RSA_padding_check_none; -+ bn_add_words; -+ d2i_Netscape_RSA_2; -+ CRYPTO_get_ex_new_index; -+ RIPEMD160_Init; -+ RIPEMD160_Update; -+ RIPEMD160_Final; -+ RIPEMD160; -+ RIPEMD160_Transform; -+ RC5_32_set_key; -+ RC5_32_ecb_encrypt; -+ RC5_32_encrypt; -+ RC5_32_decrypt; -+ RC5_32_cbc_encrypt; -+ RC5_32_cfb64_encrypt; -+ RC5_32_ofb64_encrypt; -+ BN_bn2mpi; -+ BN_mpi2bn; -+ ASN1_BIT_STRING_get_bit; -+ ASN1_BIT_STRING_set_bit; -+ BIO_get_ex_data; -+ BIO_get_ex_new_index; -+ BIO_set_ex_data; -+ X509v3_get_key_usage; -+ X509v3_set_key_usage; -+ a2i_X509v3_key_usage; -+ i2a_X509v3_key_usage; -+ EVP_PKEY_decrypt; -+ EVP_PKEY_encrypt; -+ PKCS7_RECIP_INFO_set; -+ PKCS7_add_recipient; -+ PKCS7_add_recipient_info; -+ PKCS7_set_cipher; -+ ASN1_TYPE_get_int_octetstring; -+ ASN1_TYPE_get_octetstring; -+ ASN1_TYPE_set_int_octetstring; -+ ASN1_TYPE_set_octetstring; -+ ASN1_UTCTIME_set_string; -+ ERR_add_error_data; -+ ERR_set_error_data; -+ EVP_CIPHER_asn1_to_param; -+ EVP_CIPHER_param_to_asn1; -+ EVP_CIPHER_get_asn1_iv; -+ EVP_CIPHER_set_asn1_iv; -+ EVP_rc5_32_12_16_cbc; -+ EVP_rc5_32_12_16_cfb64; -+ EVP_rc5_32_12_16_ecb; -+ EVP_rc5_32_12_16_ofb; -+ asn1_add_error; -+ d2i_ASN1_BMPSTRING; -+ i2d_ASN1_BMPSTRING; -+ BIO_f_ber; -+ BN_init; -+ COMP_CTX_new; -+ COMP_CTX_free; -+ COMP_CTX_compress_block; -+ COMP_CTX_expand_block; -+ X509_STORE_CTX_get_ex_new_index; -+ OBJ_NAME_add; -+ BIO_socket_nbio; -+ EVP_rc2_64_cbc; -+ OBJ_NAME_cleanup; -+ OBJ_NAME_get; -+ OBJ_NAME_init; -+ OBJ_NAME_new_index; -+ OBJ_NAME_remove; -+ BN_MONT_CTX_copy; -+ BIO_new_socks4a_connect; -+ BIO_s_socks4a_connect; -+ PROXY_set_connect_mode; -+ RAND_SSLeay; -+ RAND_set_rand_method; -+ RSA_memory_lock; -+ bn_sub_words; -+ bn_mul_normal; -+ bn_mul_comba8; -+ bn_mul_comba4; -+ bn_sqr_normal; -+ bn_sqr_comba8; -+ bn_sqr_comba4; -+ bn_cmp_words; -+ bn_mul_recursive; -+ bn_mul_part_recursive; -+ bn_sqr_recursive; -+ bn_mul_low_normal; -+ BN_RECP_CTX_init; -+ BN_RECP_CTX_new; -+ BN_RECP_CTX_free; -+ BN_RECP_CTX_set; -+ BN_mod_mul_reciprocal; -+ BN_mod_exp_recp; -+ BN_div_recp; -+ BN_CTX_init; -+ BN_MONT_CTX_init; -+ RAND_get_rand_method; -+ PKCS7_add_attribute; -+ PKCS7_add_signed_attribute; -+ PKCS7_digest_from_attributes; -+ PKCS7_get_attribute; -+ PKCS7_get_issuer_and_serial; -+ PKCS7_get_signed_attribute; -+ COMP_compress_block; -+ COMP_expand_block; -+ COMP_rle; -+ COMP_zlib; -+ ms_time_diff; -+ ms_time_new; -+ ms_time_free; -+ ms_time_cmp; -+ ms_time_get; -+ PKCS7_set_attributes; -+ PKCS7_set_signed_attributes; -+ X509_ATTRIBUTE_create; -+ X509_ATTRIBUTE_dup; -+ ASN1_GENERALIZEDTIME_check; -+ ASN1_GENERALIZEDTIME_print; -+ ASN1_GENERALIZEDTIME_set; -+ ASN1_GENERALIZEDTIME_set_string; -+ ASN1_TIME_print; -+ BASIC_CONSTRAINTS_free; -+ BASIC_CONSTRAINTS_new; -+ ERR_load_X509V3_strings; -+ NETSCAPE_CERT_SEQUENCE_free; -+ NETSCAPE_CERT_SEQUENCE_new; -+ OBJ_txt2obj; -+ PEM_read_NETSCAPE_CERT_SEQUENCE; -+ PEM_read_NS_CERT_SEQ; -+ PEM_read_bio_NETSCAPE_CERT_SEQUENCE; -+ PEM_read_bio_NS_CERT_SEQ; -+ PEM_write_NETSCAPE_CERT_SEQUENCE; -+ PEM_write_NS_CERT_SEQ; -+ PEM_write_bio_NETSCAPE_CERT_SEQUENCE; -+ PEM_write_bio_NS_CERT_SEQ; -+ X509V3_EXT_add; -+ X509V3_EXT_add_alias; -+ X509V3_EXT_add_conf; -+ X509V3_EXT_cleanup; -+ X509V3_EXT_conf; -+ X509V3_EXT_conf_nid; -+ X509V3_EXT_get; -+ X509V3_EXT_get_nid; -+ X509V3_EXT_print; -+ X509V3_EXT_print_fp; -+ X509V3_add_standard_extensions; -+ X509V3_add_value; -+ X509V3_add_value_bool; -+ X509V3_add_value_int; -+ X509V3_conf_free; -+ X509V3_get_value_bool; -+ X509V3_get_value_int; -+ X509V3_parse_list; -+ d2i_ASN1_GENERALIZEDTIME; -+ d2i_ASN1_TIME; -+ d2i_BASIC_CONSTRAINTS; -+ d2i_NETSCAPE_CERT_SEQUENCE; -+ d2i_ext_ku; -+ ext_ku_free; -+ ext_ku_new; -+ i2d_ASN1_GENERALIZEDTIME; -+ i2d_ASN1_TIME; -+ i2d_BASIC_CONSTRAINTS; -+ i2d_NETSCAPE_CERT_SEQUENCE; -+ i2d_ext_ku; -+ EVP_MD_CTX_copy; -+ i2d_ASN1_ENUMERATED; -+ d2i_ASN1_ENUMERATED; -+ ASN1_ENUMERATED_set; -+ ASN1_ENUMERATED_get; -+ BN_to_ASN1_ENUMERATED; -+ ASN1_ENUMERATED_to_BN; -+ i2a_ASN1_ENUMERATED; -+ a2i_ASN1_ENUMERATED; -+ i2d_GENERAL_NAME; -+ d2i_GENERAL_NAME; -+ GENERAL_NAME_new; -+ GENERAL_NAME_free; -+ GENERAL_NAMES_new; -+ GENERAL_NAMES_free; -+ d2i_GENERAL_NAMES; -+ i2d_GENERAL_NAMES; -+ i2v_GENERAL_NAMES; -+ i2s_ASN1_OCTET_STRING; -+ s2i_ASN1_OCTET_STRING; -+ X509V3_EXT_check_conf; -+ hex_to_string; -+ string_to_hex; -+ DES_ede3_cbcm_encrypt; -+ RSA_padding_add_PKCS1_OAEP; -+ RSA_padding_check_PKCS1_OAEP; -+ X509_CRL_print_fp; -+ X509_CRL_print; -+ i2v_GENERAL_NAME; -+ v2i_GENERAL_NAME; -+ i2d_PKEY_USAGE_PERIOD; -+ d2i_PKEY_USAGE_PERIOD; -+ PKEY_USAGE_PERIOD_new; -+ PKEY_USAGE_PERIOD_free; -+ v2i_GENERAL_NAMES; -+ i2s_ASN1_INTEGER; -+ X509V3_EXT_d2i; -+ name_cmp; -+ str_dup; -+ i2s_ASN1_ENUMERATED; -+ i2s_ASN1_ENUMERATED_TABLE; -+ BIO_s_log; -+ BIO_f_reliable; -+ PKCS7_dataFinal; -+ PKCS7_dataDecode; -+ X509V3_EXT_CRL_add_conf; -+ BN_set_params; -+ BN_get_params; -+ BIO_get_ex_num; -+ BIO_set_ex_free_func; -+ EVP_ripemd160; -+ ASN1_TIME_set; -+ i2d_AUTHORITY_KEYID; -+ d2i_AUTHORITY_KEYID; -+ AUTHORITY_KEYID_new; -+ AUTHORITY_KEYID_free; -+ ASN1_seq_unpack; -+ ASN1_seq_pack; -+ ASN1_unpack_string; -+ ASN1_pack_string; -+ PKCS12_pack_safebag; -+ PKCS12_MAKE_KEYBAG; -+ PKCS8_encrypt; -+ PKCS12_MAKE_SHKEYBAG; -+ PKCS12_pack_p7data; -+ PKCS12_pack_p7encdata; -+ PKCS12_add_localkeyid; -+ PKCS12_add_friendlyname_asc; -+ PKCS12_add_friendlyname_uni; -+ PKCS12_get_friendlyname; -+ PKCS12_pbe_crypt; -+ PKCS12_decrypt_d2i; -+ PKCS12_i2d_encrypt; -+ PKCS12_init; -+ PKCS12_key_gen_asc; -+ PKCS12_key_gen_uni; -+ PKCS12_gen_mac; -+ PKCS12_verify_mac; -+ PKCS12_set_mac; -+ PKCS12_setup_mac; -+ OPENSSL_asc2uni; -+ OPENSSL_uni2asc; -+ i2d_PKCS12_BAGS; -+ PKCS12_BAGS_new; -+ d2i_PKCS12_BAGS; -+ PKCS12_BAGS_free; -+ i2d_PKCS12; -+ d2i_PKCS12; -+ PKCS12_new; -+ PKCS12_free; -+ i2d_PKCS12_MAC_DATA; -+ PKCS12_MAC_DATA_new; -+ d2i_PKCS12_MAC_DATA; -+ PKCS12_MAC_DATA_free; -+ i2d_PKCS12_SAFEBAG; -+ PKCS12_SAFEBAG_new; -+ d2i_PKCS12_SAFEBAG; -+ PKCS12_SAFEBAG_free; -+ ERR_load_PKCS12_strings; -+ PKCS12_PBE_add; -+ PKCS8_add_keyusage; -+ PKCS12_get_attr_gen; -+ PKCS12_parse; -+ PKCS12_create; -+ i2d_PKCS12_bio; -+ i2d_PKCS12_fp; -+ d2i_PKCS12_bio; -+ d2i_PKCS12_fp; -+ i2d_PBEPARAM; -+ PBEPARAM_new; -+ d2i_PBEPARAM; -+ PBEPARAM_free; -+ i2d_PKCS8_PRIV_KEY_INFO; -+ PKCS8_PRIV_KEY_INFO_new; -+ d2i_PKCS8_PRIV_KEY_INFO; -+ PKCS8_PRIV_KEY_INFO_free; -+ EVP_PKCS82PKEY; -+ EVP_PKEY2PKCS8; -+ PKCS8_set_broken; -+ EVP_PBE_ALGOR_CipherInit; -+ EVP_PBE_alg_add; -+ PKCS5_pbe_set; -+ EVP_PBE_cleanup; -+ i2d_SXNET; -+ d2i_SXNET; -+ SXNET_new; -+ SXNET_free; -+ i2d_SXNETID; -+ d2i_SXNETID; -+ SXNETID_new; -+ SXNETID_free; -+ DSA_SIG_new; -+ DSA_SIG_free; -+ DSA_do_sign; -+ DSA_do_verify; -+ d2i_DSA_SIG; -+ i2d_DSA_SIG; -+ i2d_ASN1_VISIBLESTRING; -+ d2i_ASN1_VISIBLESTRING; -+ i2d_ASN1_UTF8STRING; -+ d2i_ASN1_UTF8STRING; -+ i2d_DIRECTORYSTRING; -+ d2i_DIRECTORYSTRING; -+ i2d_DISPLAYTEXT; -+ d2i_DISPLAYTEXT; -+ d2i_ASN1_SET_OF_X509; -+ i2d_ASN1_SET_OF_X509; -+ i2d_PBKDF2PARAM; -+ PBKDF2PARAM_new; -+ d2i_PBKDF2PARAM; -+ PBKDF2PARAM_free; -+ i2d_PBE2PARAM; -+ PBE2PARAM_new; -+ d2i_PBE2PARAM; -+ PBE2PARAM_free; -+ d2i_ASN1_SET_OF_GENERAL_NAME; -+ i2d_ASN1_SET_OF_GENERAL_NAME; -+ d2i_ASN1_SET_OF_SXNETID; -+ i2d_ASN1_SET_OF_SXNETID; -+ d2i_ASN1_SET_OF_POLICYQUALINFO; -+ i2d_ASN1_SET_OF_POLICYQUALINFO; -+ d2i_ASN1_SET_OF_POLICYINFO; -+ i2d_ASN1_SET_OF_POLICYINFO; -+ SXNET_add_id_asc; -+ SXNET_add_id_ulong; -+ SXNET_add_id_INTEGER; -+ SXNET_get_id_asc; -+ SXNET_get_id_ulong; -+ SXNET_get_id_INTEGER; -+ X509V3_set_conf_lhash; -+ i2d_CERTIFICATEPOLICIES; -+ CERTIFICATEPOLICIES_new; -+ CERTIFICATEPOLICIES_free; -+ d2i_CERTIFICATEPOLICIES; -+ i2d_POLICYINFO; -+ POLICYINFO_new; -+ d2i_POLICYINFO; -+ POLICYINFO_free; -+ i2d_POLICYQUALINFO; -+ POLICYQUALINFO_new; -+ d2i_POLICYQUALINFO; -+ POLICYQUALINFO_free; -+ i2d_USERNOTICE; -+ USERNOTICE_new; -+ d2i_USERNOTICE; -+ USERNOTICE_free; -+ i2d_NOTICEREF; -+ NOTICEREF_new; -+ d2i_NOTICEREF; -+ NOTICEREF_free; -+ X509V3_get_string; -+ X509V3_get_section; -+ X509V3_string_free; -+ X509V3_section_free; -+ X509V3_set_ctx; -+ s2i_ASN1_INTEGER; -+ CRYPTO_set_locked_mem_functions; -+ CRYPTO_get_locked_mem_functions; -+ CRYPTO_malloc_locked; -+ CRYPTO_free_locked; -+ BN_mod_exp2_mont; -+ ERR_get_error_line_data; -+ ERR_peek_error_line_data; -+ PKCS12_PBE_keyivgen; -+ X509_ALGOR_dup; -+ d2i_ASN1_SET_OF_DIST_POINT; -+ i2d_ASN1_SET_OF_DIST_POINT; -+ i2d_CRL_DIST_POINTS; -+ CRL_DIST_POINTS_new; -+ CRL_DIST_POINTS_free; -+ d2i_CRL_DIST_POINTS; -+ i2d_DIST_POINT; -+ DIST_POINT_new; -+ d2i_DIST_POINT; -+ DIST_POINT_free; -+ i2d_DIST_POINT_NAME; -+ DIST_POINT_NAME_new; -+ DIST_POINT_NAME_free; -+ d2i_DIST_POINT_NAME; -+ X509V3_add_value_uchar; -+ d2i_ASN1_SET_OF_X509_ATTRIBUTE; -+ i2d_ASN1_SET_OF_ASN1_TYPE; -+ d2i_ASN1_SET_OF_X509_EXTENSION; -+ d2i_ASN1_SET_OF_X509_NAME_ENTRY; -+ d2i_ASN1_SET_OF_ASN1_TYPE; -+ i2d_ASN1_SET_OF_X509_ATTRIBUTE; -+ i2d_ASN1_SET_OF_X509_EXTENSION; -+ i2d_ASN1_SET_OF_X509_NAME_ENTRY; -+ X509V3_EXT_i2d; -+ X509V3_EXT_val_prn; -+ X509V3_EXT_add_list; -+ EVP_CIPHER_type; -+ EVP_PBE_CipherInit; -+ X509V3_add_value_bool_nf; -+ d2i_ASN1_UINTEGER; -+ sk_value; -+ sk_num; -+ sk_set; -+ i2d_ASN1_SET_OF_X509_REVOKED; -+ sk_sort; -+ d2i_ASN1_SET_OF_X509_REVOKED; -+ i2d_ASN1_SET_OF_X509_ALGOR; -+ i2d_ASN1_SET_OF_X509_CRL; -+ d2i_ASN1_SET_OF_X509_ALGOR; -+ d2i_ASN1_SET_OF_X509_CRL; -+ i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO; -+ i2d_ASN1_SET_OF_PKCS7_RECIP_INFO; -+ d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO; -+ d2i_ASN1_SET_OF_PKCS7_RECIP_INFO; -+ PKCS5_PBE_add; -+ PEM_write_bio_PKCS8; -+ i2d_PKCS8_fp; -+ PEM_read_bio_PKCS8_PRIV_KEY_INFO; -+ PEM_read_bio_P8_PRIV_KEY_INFO; -+ d2i_PKCS8_bio; -+ d2i_PKCS8_PRIV_KEY_INFO_fp; -+ PEM_write_bio_PKCS8_PRIV_KEY_INFO; -+ PEM_write_bio_P8_PRIV_KEY_INFO; -+ PEM_read_PKCS8; -+ d2i_PKCS8_PRIV_KEY_INFO_bio; -+ d2i_PKCS8_fp; -+ PEM_write_PKCS8; -+ PEM_read_PKCS8_PRIV_KEY_INFO; -+ PEM_read_P8_PRIV_KEY_INFO; -+ PEM_read_bio_PKCS8; -+ PEM_write_PKCS8_PRIV_KEY_INFO; -+ PEM_write_P8_PRIV_KEY_INFO; -+ PKCS5_PBE_keyivgen; -+ i2d_PKCS8_bio; -+ i2d_PKCS8_PRIV_KEY_INFO_fp; -+ i2d_PKCS8_PRIV_KEY_INFO_bio; -+ BIO_s_bio; -+ PKCS5_pbe2_set; -+ PKCS5_PBKDF2_HMAC_SHA1; -+ PKCS5_v2_PBE_keyivgen; -+ PEM_write_bio_PKCS8PrivateKey; -+ PEM_write_PKCS8PrivateKey; -+ BIO_ctrl_get_read_request; -+ BIO_ctrl_pending; -+ BIO_ctrl_wpending; -+ BIO_new_bio_pair; -+ BIO_ctrl_get_write_guarantee; -+ CRYPTO_num_locks; -+ CONF_load_bio; -+ CONF_load_fp; -+ i2d_ASN1_SET_OF_ASN1_OBJECT; -+ d2i_ASN1_SET_OF_ASN1_OBJECT; -+ PKCS7_signatureVerify; -+ RSA_set_method; -+ RSA_get_method; -+ RSA_get_default_method; -+ RSA_check_key; -+ OBJ_obj2txt; -+ DSA_dup_DH; -+ X509_REQ_get_extensions; -+ X509_REQ_set_extension_nids; -+ BIO_nwrite; -+ X509_REQ_extension_nid; -+ BIO_nread; -+ X509_REQ_get_extension_nids; -+ BIO_nwrite0; -+ X509_REQ_add_extensions_nid; -+ BIO_nread0; -+ X509_REQ_add_extensions; -+ BIO_new_mem_buf; -+ DH_set_ex_data; -+ DH_set_method; -+ DSA_OpenSSL; -+ DH_get_ex_data; -+ DH_get_ex_new_index; -+ DSA_new_method; -+ DH_new_method; -+ DH_OpenSSL; -+ DSA_get_ex_new_index; -+ DH_get_default_method; -+ DSA_set_ex_data; -+ DH_set_default_method; -+ DSA_get_ex_data; -+ X509V3_EXT_REQ_add_conf; -+ NETSCAPE_SPKI_print; -+ NETSCAPE_SPKI_set_pubkey; -+ NETSCAPE_SPKI_b64_encode; -+ NETSCAPE_SPKI_get_pubkey; -+ NETSCAPE_SPKI_b64_decode; -+ UTF8_putc; -+ UTF8_getc; -+ RSA_null_method; -+ ASN1_tag2str; -+ BIO_ctrl_reset_read_request; -+ DISPLAYTEXT_new; -+ ASN1_GENERALIZEDTIME_free; -+ X509_REVOKED_get_ext_d2i; -+ X509_set_ex_data; -+ X509_reject_set_bit_asc; -+ X509_NAME_add_entry_by_txt; -+ X509_NAME_add_entry_by_NID; -+ X509_PURPOSE_get0; -+ PEM_read_X509_AUX; -+ d2i_AUTHORITY_INFO_ACCESS; -+ PEM_write_PUBKEY; -+ ACCESS_DESCRIPTION_new; -+ X509_CERT_AUX_free; -+ d2i_ACCESS_DESCRIPTION; -+ X509_trust_clear; -+ X509_TRUST_add; -+ ASN1_VISIBLESTRING_new; -+ X509_alias_set1; -+ ASN1_PRINTABLESTRING_free; -+ EVP_PKEY_get1_DSA; -+ ASN1_BMPSTRING_new; -+ ASN1_mbstring_copy; -+ ASN1_UTF8STRING_new; -+ DSA_get_default_method; -+ i2d_ASN1_SET_OF_ACCESS_DESCRIPTION; -+ ASN1_T61STRING_free; -+ DSA_set_method; -+ X509_get_ex_data; -+ ASN1_STRING_type; -+ X509_PURPOSE_get_by_sname; -+ ASN1_TIME_free; -+ ASN1_OCTET_STRING_cmp; -+ ASN1_BIT_STRING_new; -+ X509_get_ext_d2i; -+ PEM_read_bio_X509_AUX; -+ ASN1_STRING_set_default_mask_asc; -+ ASN1_STRING_set_def_mask_asc; -+ PEM_write_bio_RSA_PUBKEY; -+ ASN1_INTEGER_cmp; -+ d2i_RSA_PUBKEY_fp; -+ X509_trust_set_bit_asc; -+ PEM_write_bio_DSA_PUBKEY; -+ X509_STORE_CTX_free; -+ EVP_PKEY_set1_DSA; -+ i2d_DSA_PUBKEY_fp; -+ X509_load_cert_crl_file; -+ ASN1_TIME_new; -+ i2d_RSA_PUBKEY; -+ X509_STORE_CTX_purpose_inherit; -+ PEM_read_RSA_PUBKEY; -+ d2i_X509_AUX; -+ i2d_DSA_PUBKEY; -+ X509_CERT_AUX_print; -+ PEM_read_DSA_PUBKEY; -+ i2d_RSA_PUBKEY_bio; -+ ASN1_BIT_STRING_num_asc; -+ i2d_PUBKEY; -+ ASN1_UTCTIME_free; -+ DSA_set_default_method; -+ X509_PURPOSE_get_by_id; -+ ACCESS_DESCRIPTION_free; -+ PEM_read_bio_PUBKEY; -+ ASN1_STRING_set_by_NID; -+ X509_PURPOSE_get_id; -+ DISPLAYTEXT_free; -+ OTHERNAME_new; -+ X509_CERT_AUX_new; -+ X509_TRUST_cleanup; -+ X509_NAME_add_entry_by_OBJ; -+ X509_CRL_get_ext_d2i; -+ X509_PURPOSE_get0_name; -+ PEM_read_PUBKEY; -+ i2d_DSA_PUBKEY_bio; -+ i2d_OTHERNAME; -+ ASN1_OCTET_STRING_free; -+ ASN1_BIT_STRING_set_asc; -+ X509_get_ex_new_index; -+ ASN1_STRING_TABLE_cleanup; -+ X509_TRUST_get_by_id; -+ X509_PURPOSE_get_trust; -+ ASN1_STRING_length; -+ d2i_ASN1_SET_OF_ACCESS_DESCRIPTION; -+ ASN1_PRINTABLESTRING_new; -+ X509V3_get_d2i; -+ ASN1_ENUMERATED_free; -+ i2d_X509_CERT_AUX; -+ X509_STORE_CTX_set_trust; -+ ASN1_STRING_set_default_mask; -+ X509_STORE_CTX_new; -+ EVP_PKEY_get1_RSA; -+ DIRECTORYSTRING_free; -+ PEM_write_X509_AUX; -+ ASN1_OCTET_STRING_set; -+ d2i_DSA_PUBKEY_fp; -+ d2i_RSA_PUBKEY; -+ X509_TRUST_get0_name; -+ X509_TRUST_get0; -+ AUTHORITY_INFO_ACCESS_free; -+ ASN1_IA5STRING_new; -+ d2i_DSA_PUBKEY; -+ X509_check_purpose; -+ ASN1_ENUMERATED_new; -+ d2i_RSA_PUBKEY_bio; -+ d2i_PUBKEY; -+ X509_TRUST_get_trust; -+ X509_TRUST_get_flags; -+ ASN1_BMPSTRING_free; -+ ASN1_T61STRING_new; -+ ASN1_UTCTIME_new; -+ i2d_AUTHORITY_INFO_ACCESS; -+ EVP_PKEY_set1_RSA; -+ X509_STORE_CTX_set_purpose; -+ ASN1_IA5STRING_free; -+ PEM_write_bio_X509_AUX; -+ X509_PURPOSE_get_count; -+ CRYPTO_add_info; -+ X509_NAME_ENTRY_create_by_txt; -+ ASN1_STRING_get_default_mask; -+ X509_alias_get0; -+ ASN1_STRING_data; -+ i2d_ACCESS_DESCRIPTION; -+ X509_trust_set_bit; -+ ASN1_BIT_STRING_free; -+ PEM_read_bio_RSA_PUBKEY; -+ X509_add1_reject_object; -+ X509_check_trust; -+ PEM_read_bio_DSA_PUBKEY; -+ X509_PURPOSE_add; -+ ASN1_STRING_TABLE_get; -+ ASN1_UTF8STRING_free; -+ d2i_DSA_PUBKEY_bio; -+ PEM_write_RSA_PUBKEY; -+ d2i_OTHERNAME; -+ X509_reject_set_bit; -+ PEM_write_DSA_PUBKEY; -+ X509_PURPOSE_get0_sname; -+ EVP_PKEY_set1_DH; -+ ASN1_OCTET_STRING_dup; -+ ASN1_BIT_STRING_set; -+ X509_TRUST_get_count; -+ ASN1_INTEGER_free; -+ OTHERNAME_free; -+ i2d_RSA_PUBKEY_fp; -+ ASN1_INTEGER_dup; -+ d2i_X509_CERT_AUX; -+ PEM_write_bio_PUBKEY; -+ ASN1_VISIBLESTRING_free; -+ X509_PURPOSE_cleanup; -+ ASN1_mbstring_ncopy; -+ ASN1_GENERALIZEDTIME_new; -+ EVP_PKEY_get1_DH; -+ ASN1_OCTET_STRING_new; -+ ASN1_INTEGER_new; -+ i2d_X509_AUX; -+ ASN1_BIT_STRING_name_print; -+ X509_cmp; -+ ASN1_STRING_length_set; -+ DIRECTORYSTRING_new; -+ X509_add1_trust_object; -+ PKCS12_newpass; -+ SMIME_write_PKCS7; -+ SMIME_read_PKCS7; -+ DES_set_key_checked; -+ PKCS7_verify; -+ PKCS7_encrypt; -+ DES_set_key_unchecked; -+ SMIME_crlf_copy; -+ i2d_ASN1_PRINTABLESTRING; -+ PKCS7_get0_signers; -+ PKCS7_decrypt; -+ SMIME_text; -+ PKCS7_simple_smimecap; -+ PKCS7_get_smimecap; -+ PKCS7_sign; -+ PKCS7_add_attrib_smimecap; -+ CRYPTO_dbg_set_options; -+ CRYPTO_remove_all_info; -+ CRYPTO_get_mem_debug_functions; -+ CRYPTO_is_mem_check_on; -+ CRYPTO_set_mem_debug_functions; -+ CRYPTO_pop_info; -+ CRYPTO_push_info_; -+ CRYPTO_set_mem_debug_options; -+ PEM_write_PKCS8PrivateKey_nid; -+ PEM_write_bio_PKCS8PrivateKey_nid; -+ PEM_write_bio_PKCS8PrivKey_nid; -+ d2i_PKCS8PrivateKey_bio; -+ ASN1_NULL_free; -+ d2i_ASN1_NULL; -+ ASN1_NULL_new; -+ i2d_PKCS8PrivateKey_bio; -+ i2d_PKCS8PrivateKey_fp; -+ i2d_ASN1_NULL; -+ i2d_PKCS8PrivateKey_nid_fp; -+ d2i_PKCS8PrivateKey_fp; -+ i2d_PKCS8PrivateKey_nid_bio; -+ i2d_PKCS8PrivateKeyInfo_fp; -+ i2d_PKCS8PrivateKeyInfo_bio; -+ PEM_cb; -+ i2d_PrivateKey_fp; -+ d2i_PrivateKey_bio; -+ d2i_PrivateKey_fp; -+ i2d_PrivateKey_bio; -+ X509_reject_clear; -+ X509_TRUST_set_default; -+ d2i_AutoPrivateKey; -+ X509_ATTRIBUTE_get0_type; -+ X509_ATTRIBUTE_set1_data; -+ X509at_get_attr; -+ X509at_get_attr_count; -+ X509_ATTRIBUTE_create_by_NID; -+ X509_ATTRIBUTE_set1_object; -+ X509_ATTRIBUTE_count; -+ X509_ATTRIBUTE_create_by_OBJ; -+ X509_ATTRIBUTE_get0_object; -+ X509at_get_attr_by_NID; -+ X509at_add1_attr; -+ X509_ATTRIBUTE_get0_data; -+ X509at_delete_attr; -+ X509at_get_attr_by_OBJ; -+ RAND_add; -+ BIO_number_written; -+ BIO_number_read; -+ X509_STORE_CTX_get1_chain; -+ ERR_load_RAND_strings; -+ RAND_pseudo_bytes; -+ X509_REQ_get_attr_by_NID; -+ X509_REQ_get_attr; -+ X509_REQ_add1_attr_by_NID; -+ X509_REQ_get_attr_by_OBJ; -+ X509at_add1_attr_by_NID; -+ X509_REQ_add1_attr_by_OBJ; -+ X509_REQ_get_attr_count; -+ X509_REQ_add1_attr; -+ X509_REQ_delete_attr; -+ X509at_add1_attr_by_OBJ; -+ X509_REQ_add1_attr_by_txt; -+ X509_ATTRIBUTE_create_by_txt; -+ X509at_add1_attr_by_txt; -+ BN_pseudo_rand; -+ BN_is_prime_fasttest; -+ BN_CTX_end; -+ BN_CTX_start; -+ BN_CTX_get; -+ EVP_PKEY2PKCS8_broken; -+ ASN1_STRING_TABLE_add; -+ CRYPTO_dbg_get_options; -+ AUTHORITY_INFO_ACCESS_new; -+ CRYPTO_get_mem_debug_options; -+ DES_crypt; -+ PEM_write_bio_X509_REQ_NEW; -+ PEM_write_X509_REQ_NEW; -+ BIO_callback_ctrl; -+ RAND_egd; -+ RAND_status; -+ bn_dump1; -+ DES_check_key_parity; -+ lh_num_items; -+ RAND_event; -+ DSO_new; -+ DSO_new_method; -+ DSO_free; -+ DSO_flags; -+ DSO_up; -+ DSO_set_default_method; -+ DSO_get_default_method; -+ DSO_get_method; -+ DSO_set_method; -+ DSO_load; -+ DSO_bind_var; -+ DSO_METHOD_null; -+ DSO_METHOD_openssl; -+ DSO_METHOD_dlfcn; -+ DSO_METHOD_win32; -+ ERR_load_DSO_strings; -+ DSO_METHOD_dl; -+ NCONF_load; -+ NCONF_load_fp; -+ NCONF_new; -+ NCONF_get_string; -+ NCONF_free; -+ NCONF_get_number; -+ CONF_dump_fp; -+ NCONF_load_bio; -+ NCONF_dump_fp; -+ NCONF_get_section; -+ NCONF_dump_bio; -+ CONF_dump_bio; -+ NCONF_free_data; -+ CONF_set_default_method; -+ ERR_error_string_n; -+ BIO_snprintf; -+ DSO_ctrl; -+ i2d_ASN1_SET_OF_ASN1_INTEGER; -+ i2d_ASN1_SET_OF_PKCS12_SAFEBAG; -+ i2d_ASN1_SET_OF_PKCS7; -+ BIO_vfree; -+ d2i_ASN1_SET_OF_ASN1_INTEGER; -+ d2i_ASN1_SET_OF_PKCS12_SAFEBAG; -+ ASN1_UTCTIME_get; -+ X509_REQ_digest; -+ X509_CRL_digest; -+ d2i_ASN1_SET_OF_PKCS7; -+ EVP_CIPHER_CTX_set_key_length; -+ EVP_CIPHER_CTX_ctrl; -+ BN_mod_exp_mont_word; -+ RAND_egd_bytes; -+ X509_REQ_get1_email; -+ X509_get1_email; -+ X509_email_free; -+ i2d_RSA_NET; -+ d2i_RSA_NET_2; -+ d2i_RSA_NET; -+ DSO_bind_func; -+ CRYPTO_get_new_dynlockid; -+ sk_new_null; -+ CRYPTO_set_dynlock_destroy_callback; -+ CRYPTO_set_dynlock_destroy_cb; -+ CRYPTO_destroy_dynlockid; -+ CRYPTO_set_dynlock_size; -+ CRYPTO_set_dynlock_create_callback; -+ CRYPTO_set_dynlock_create_cb; -+ CRYPTO_set_dynlock_lock_callback; -+ CRYPTO_set_dynlock_lock_cb; -+ CRYPTO_get_dynlock_lock_callback; -+ CRYPTO_get_dynlock_lock_cb; -+ CRYPTO_get_dynlock_destroy_callback; -+ CRYPTO_get_dynlock_destroy_cb; -+ CRYPTO_get_dynlock_value; -+ CRYPTO_get_dynlock_create_callback; -+ CRYPTO_get_dynlock_create_cb; -+ c2i_ASN1_BIT_STRING; -+ i2c_ASN1_BIT_STRING; -+ RAND_poll; -+ c2i_ASN1_INTEGER; -+ i2c_ASN1_INTEGER; -+ BIO_dump_indent; -+ ASN1_parse_dump; -+ c2i_ASN1_OBJECT; -+ X509_NAME_print_ex_fp; -+ ASN1_STRING_print_ex_fp; -+ X509_NAME_print_ex; -+ ASN1_STRING_print_ex; -+ MD4; -+ MD4_Transform; -+ MD4_Final; -+ MD4_Update; -+ MD4_Init; -+ EVP_md4; -+ i2d_PUBKEY_bio; -+ i2d_PUBKEY_fp; -+ d2i_PUBKEY_bio; -+ ASN1_STRING_to_UTF8; -+ BIO_vprintf; -+ BIO_vsnprintf; -+ d2i_PUBKEY_fp; -+ X509_cmp_time; -+ X509_STORE_CTX_set_time; -+ X509_STORE_CTX_get1_issuer; -+ X509_OBJECT_retrieve_match; -+ X509_OBJECT_idx_by_subject; -+ X509_STORE_CTX_set_flags; -+ X509_STORE_CTX_trusted_stack; -+ X509_time_adj; -+ X509_check_issued; -+ ASN1_UTCTIME_cmp_time_t; -+ DES_set_weak_key_flag; -+ DES_check_key; -+ DES_rw_mode; -+ RSA_PKCS1_RSAref; -+ X509_keyid_set1; -+ BIO_next; -+ DSO_METHOD_vms; -+ BIO_f_linebuffer; -+ BN_bntest_rand; -+ OPENSSL_issetugid; -+ BN_rand_range; -+ ERR_load_ENGINE_strings; -+ ENGINE_set_DSA; -+ ENGINE_get_finish_function; -+ ENGINE_get_default_RSA; -+ ENGINE_get_BN_mod_exp; -+ DSA_get_default_openssl_method; -+ ENGINE_set_DH; -+ ENGINE_set_def_BN_mod_exp_crt; -+ ENGINE_set_default_BN_mod_exp_crt; -+ ENGINE_init; -+ DH_get_default_openssl_method; -+ RSA_set_default_openssl_method; -+ ENGINE_finish; -+ ENGINE_load_public_key; -+ ENGINE_get_DH; -+ ENGINE_ctrl; -+ ENGINE_get_init_function; -+ ENGINE_set_init_function; -+ ENGINE_set_default_DSA; -+ ENGINE_get_name; -+ ENGINE_get_last; -+ ENGINE_get_prev; -+ ENGINE_get_default_DH; -+ ENGINE_get_RSA; -+ ENGINE_set_default; -+ ENGINE_get_RAND; -+ ENGINE_get_first; -+ ENGINE_by_id; -+ ENGINE_set_finish_function; -+ ENGINE_get_def_BN_mod_exp_crt; -+ ENGINE_get_default_BN_mod_exp_crt; -+ RSA_get_default_openssl_method; -+ ENGINE_set_RSA; -+ ENGINE_load_private_key; -+ ENGINE_set_default_RAND; -+ ENGINE_set_BN_mod_exp; -+ ENGINE_remove; -+ ENGINE_free; -+ ENGINE_get_BN_mod_exp_crt; -+ ENGINE_get_next; -+ ENGINE_set_name; -+ ENGINE_get_default_DSA; -+ ENGINE_set_default_BN_mod_exp; -+ ENGINE_set_default_RSA; -+ ENGINE_get_default_RAND; -+ ENGINE_get_default_BN_mod_exp; -+ ENGINE_set_RAND; -+ ENGINE_set_id; -+ ENGINE_set_BN_mod_exp_crt; -+ ENGINE_set_default_DH; -+ ENGINE_new; -+ ENGINE_get_id; -+ DSA_set_default_openssl_method; -+ ENGINE_add; -+ DH_set_default_openssl_method; -+ ENGINE_get_DSA; -+ ENGINE_get_ctrl_function; -+ ENGINE_set_ctrl_function; -+ BN_pseudo_rand_range; -+ X509_STORE_CTX_set_verify_cb; -+ ERR_load_COMP_strings; -+ PKCS12_item_decrypt_d2i; -+ ASN1_UTF8STRING_it; -+ ENGINE_unregister_ciphers; -+ ENGINE_get_ciphers; -+ d2i_OCSP_BASICRESP; -+ KRB5_CHECKSUM_it; -+ EC_POINT_add; -+ ASN1_item_ex_i2d; -+ OCSP_CERTID_it; -+ d2i_OCSP_RESPBYTES; -+ X509V3_add1_i2d; -+ PKCS7_ENVELOPE_it; -+ UI_add_input_boolean; -+ ENGINE_unregister_RSA; -+ X509V3_EXT_nconf; -+ ASN1_GENERALSTRING_free; -+ d2i_OCSP_CERTSTATUS; -+ X509_REVOKED_set_serialNumber; -+ X509_print_ex; -+ OCSP_ONEREQ_get1_ext_d2i; -+ ENGINE_register_all_RAND; -+ ENGINE_load_dynamic; -+ PBKDF2PARAM_it; -+ EXTENDED_KEY_USAGE_new; -+ EC_GROUP_clear_free; -+ OCSP_sendreq_bio; -+ ASN1_item_digest; -+ OCSP_BASICRESP_delete_ext; -+ OCSP_SIGNATURE_it; -+ X509_CRL_it; -+ OCSP_BASICRESP_add_ext; -+ KRB5_ENCKEY_it; -+ UI_method_set_closer; -+ X509_STORE_set_purpose; -+ i2d_ASN1_GENERALSTRING; -+ OCSP_response_status; -+ i2d_OCSP_SERVICELOC; -+ ENGINE_get_digest_engine; -+ EC_GROUP_set_curve_GFp; -+ OCSP_REQUEST_get_ext_by_OBJ; -+ _ossl_old_des_random_key; -+ ASN1_T61STRING_it; -+ EC_GROUP_method_of; -+ i2d_KRB5_APREQ; -+ _ossl_old_des_encrypt; -+ ASN1_PRINTABLE_new; -+ HMAC_Init_ex; -+ d2i_KRB5_AUTHENT; -+ OCSP_archive_cutoff_new; -+ EC_POINT_set_Jprojective_coordinates_GFp; -+ EC_POINT_set_Jproj_coords_GFp; -+ _ossl_old_des_is_weak_key; -+ OCSP_BASICRESP_get_ext_by_OBJ; -+ EC_POINT_oct2point; -+ OCSP_SINGLERESP_get_ext_count; -+ UI_ctrl; -+ _shadow_DES_rw_mode; -+ asn1_do_adb; -+ ASN1_template_i2d; -+ ENGINE_register_DH; -+ UI_construct_prompt; -+ X509_STORE_set_trust; -+ UI_dup_input_string; -+ d2i_KRB5_APREQ; -+ EVP_MD_CTX_copy_ex; -+ OCSP_request_is_signed; -+ i2d_OCSP_REQINFO; -+ KRB5_ENCKEY_free; -+ OCSP_resp_get0; -+ GENERAL_NAME_it; -+ ASN1_GENERALIZEDTIME_it; -+ X509_STORE_set_flags; -+ EC_POINT_set_compressed_coordinates_GFp; -+ EC_POINT_set_compr_coords_GFp; -+ OCSP_response_status_str; -+ d2i_OCSP_REVOKEDINFO; -+ OCSP_basic_add1_cert; -+ ERR_get_implementation; -+ EVP_CipherFinal_ex; -+ OCSP_CERTSTATUS_new; -+ CRYPTO_cleanup_all_ex_data; -+ OCSP_resp_find; -+ BN_nnmod; -+ X509_CRL_sort; -+ X509_REVOKED_set_revocationDate; -+ ENGINE_register_RAND; -+ OCSP_SERVICELOC_new; -+ EC_POINT_set_affine_coordinates_GFp; -+ EC_POINT_set_affine_coords_GFp; -+ _ossl_old_des_options; -+ SXNET_it; -+ UI_dup_input_boolean; -+ PKCS12_add_CSPName_asc; -+ EC_POINT_is_at_infinity; -+ ENGINE_load_cryptodev; -+ DSO_convert_filename; -+ POLICYQUALINFO_it; -+ ENGINE_register_ciphers; -+ BN_mod_lshift_quick; -+ DSO_set_filename; -+ ASN1_item_free; -+ KRB5_TKTBODY_free; -+ AUTHORITY_KEYID_it; -+ KRB5_APREQBODY_new; -+ X509V3_EXT_REQ_add_nconf; -+ ENGINE_ctrl_cmd_string; -+ i2d_OCSP_RESPDATA; -+ EVP_MD_CTX_init; -+ EXTENDED_KEY_USAGE_free; -+ PKCS7_ATTR_SIGN_it; -+ UI_add_error_string; -+ KRB5_CHECKSUM_free; -+ OCSP_REQUEST_get_ext; -+ ENGINE_load_ubsec; -+ ENGINE_register_all_digests; -+ PKEY_USAGE_PERIOD_it; -+ PKCS12_unpack_authsafes; -+ ASN1_item_unpack; -+ NETSCAPE_SPKAC_it; -+ X509_REVOKED_it; -+ ASN1_STRING_encode; -+ EVP_aes_128_ecb; -+ KRB5_AUTHENT_free; -+ OCSP_BASICRESP_get_ext_by_critical; -+ OCSP_BASICRESP_get_ext_by_crit; -+ OCSP_cert_status_str; -+ d2i_OCSP_REQUEST; -+ UI_dup_info_string; -+ _ossl_old_des_xwhite_in2out; -+ PKCS12_it; -+ OCSP_SINGLERESP_get_ext_by_critical; -+ OCSP_SINGLERESP_get_ext_by_crit; -+ OCSP_CERTSTATUS_free; -+ _ossl_old_des_crypt; -+ ASN1_item_i2d; -+ EVP_DecryptFinal_ex; -+ ENGINE_load_openssl; -+ ENGINE_get_cmd_defns; -+ ENGINE_set_load_privkey_function; -+ ENGINE_set_load_privkey_fn; -+ EVP_EncryptFinal_ex; -+ ENGINE_set_default_digests; -+ X509_get0_pubkey_bitstr; -+ asn1_ex_i2c; -+ ENGINE_register_RSA; -+ ENGINE_unregister_DSA; -+ _ossl_old_des_key_sched; -+ X509_EXTENSION_it; -+ i2d_KRB5_AUTHENT; -+ SXNETID_it; -+ d2i_OCSP_SINGLERESP; -+ EDIPARTYNAME_new; -+ PKCS12_certbag2x509; -+ _ossl_old_des_ofb64_encrypt; -+ d2i_EXTENDED_KEY_USAGE; -+ ERR_print_errors_cb; -+ ENGINE_set_ciphers; -+ d2i_KRB5_APREQBODY; -+ UI_method_get_flusher; -+ X509_PUBKEY_it; -+ _ossl_old_des_enc_read; -+ PKCS7_ENCRYPT_it; -+ i2d_OCSP_RESPONSE; -+ EC_GROUP_get_cofactor; -+ PKCS12_unpack_p7data; -+ d2i_KRB5_AUTHDATA; -+ OCSP_copy_nonce; -+ KRB5_AUTHDATA_new; -+ OCSP_RESPDATA_new; -+ EC_GFp_mont_method; -+ OCSP_REVOKEDINFO_free; -+ UI_get_ex_data; -+ KRB5_APREQBODY_free; -+ EC_GROUP_get0_generator; -+ UI_get_default_method; -+ X509V3_set_nconf; -+ PKCS12_item_i2d_encrypt; -+ X509_add1_ext_i2d; -+ PKCS7_SIGNER_INFO_it; -+ KRB5_PRINCNAME_new; -+ PKCS12_SAFEBAG_it; -+ EC_GROUP_get_order; -+ d2i_OCSP_RESPID; -+ OCSP_request_verify; -+ NCONF_get_number_e; -+ _ossl_old_des_decrypt3; -+ X509_signature_print; -+ OCSP_SINGLERESP_free; -+ ENGINE_load_builtin_engines; -+ i2d_OCSP_ONEREQ; -+ OCSP_REQUEST_add_ext; -+ OCSP_RESPBYTES_new; -+ EVP_MD_CTX_create; -+ OCSP_resp_find_status; -+ X509_ALGOR_it; -+ ASN1_TIME_it; -+ OCSP_request_set1_name; -+ OCSP_ONEREQ_get_ext_count; -+ UI_get0_result; -+ PKCS12_AUTHSAFES_it; -+ EVP_aes_256_ecb; -+ PKCS12_pack_authsafes; -+ ASN1_IA5STRING_it; -+ UI_get_input_flags; -+ EC_GROUP_set_generator; -+ _ossl_old_des_string_to_2keys; -+ OCSP_CERTID_free; -+ X509_CERT_AUX_it; -+ CERTIFICATEPOLICIES_it; -+ _ossl_old_des_ede3_cbc_encrypt; -+ RAND_set_rand_engine; -+ DSO_get_loaded_filename; -+ X509_ATTRIBUTE_it; -+ OCSP_ONEREQ_get_ext_by_NID; -+ PKCS12_decrypt_skey; -+ KRB5_AUTHENT_it; -+ UI_dup_error_string; -+ RSAPublicKey_it; -+ i2d_OCSP_REQUEST; -+ PKCS12_x509crl2certbag; -+ OCSP_SERVICELOC_it; -+ ASN1_item_sign; -+ X509_CRL_set_issuer_name; -+ OBJ_NAME_do_all_sorted; -+ i2d_OCSP_BASICRESP; -+ i2d_OCSP_RESPBYTES; -+ PKCS12_unpack_p7encdata; -+ HMAC_CTX_init; -+ ENGINE_get_digest; -+ OCSP_RESPONSE_print; -+ KRB5_TKTBODY_it; -+ ACCESS_DESCRIPTION_it; -+ PKCS7_ISSUER_AND_SERIAL_it; -+ PBE2PARAM_it; -+ PKCS12_certbag2x509crl; -+ PKCS7_SIGNED_it; -+ ENGINE_get_cipher; -+ i2d_OCSP_CRLID; -+ OCSP_SINGLERESP_new; -+ ENGINE_cmd_is_executable; -+ RSA_up_ref; -+ ASN1_GENERALSTRING_it; -+ ENGINE_register_DSA; -+ X509V3_EXT_add_nconf_sk; -+ ENGINE_set_load_pubkey_function; -+ PKCS8_decrypt; -+ PEM_bytes_read_bio; -+ DIRECTORYSTRING_it; -+ d2i_OCSP_CRLID; -+ EC_POINT_is_on_curve; -+ CRYPTO_set_locked_mem_ex_functions; -+ CRYPTO_set_locked_mem_ex_funcs; -+ d2i_KRB5_CHECKSUM; -+ ASN1_item_dup; -+ X509_it; -+ BN_mod_add; -+ KRB5_AUTHDATA_free; -+ _ossl_old_des_cbc_cksum; -+ ASN1_item_verify; -+ CRYPTO_set_mem_ex_functions; -+ EC_POINT_get_Jprojective_coordinates_GFp; -+ EC_POINT_get_Jproj_coords_GFp; -+ ZLONG_it; -+ CRYPTO_get_locked_mem_ex_functions; -+ CRYPTO_get_locked_mem_ex_funcs; -+ ASN1_TIME_check; -+ UI_get0_user_data; -+ HMAC_CTX_cleanup; -+ DSA_up_ref; -+ _ossl_old_des_ede3_cfb64_encrypt; -+ _ossl_odes_ede3_cfb64_encrypt; -+ ASN1_BMPSTRING_it; -+ ASN1_tag2bit; -+ UI_method_set_flusher; -+ X509_ocspid_print; -+ KRB5_ENCDATA_it; -+ ENGINE_get_load_pubkey_function; -+ UI_add_user_data; -+ OCSP_REQUEST_delete_ext; -+ UI_get_method; -+ OCSP_ONEREQ_free; -+ ASN1_PRINTABLESTRING_it; -+ X509_CRL_set_nextUpdate; -+ OCSP_REQUEST_it; -+ OCSP_BASICRESP_it; -+ AES_ecb_encrypt; -+ BN_mod_sqr; -+ NETSCAPE_CERT_SEQUENCE_it; -+ GENERAL_NAMES_it; -+ AUTHORITY_INFO_ACCESS_it; -+ ASN1_FBOOLEAN_it; -+ UI_set_ex_data; -+ _ossl_old_des_string_to_key; -+ ENGINE_register_all_RSA; -+ d2i_KRB5_PRINCNAME; -+ OCSP_RESPBYTES_it; -+ X509_CINF_it; -+ ENGINE_unregister_digests; -+ d2i_EDIPARTYNAME; -+ d2i_OCSP_SERVICELOC; -+ ENGINE_get_digests; -+ _ossl_old_des_set_odd_parity; -+ OCSP_RESPDATA_free; -+ d2i_KRB5_TICKET; -+ OTHERNAME_it; -+ EVP_MD_CTX_cleanup; -+ d2i_ASN1_GENERALSTRING; -+ X509_CRL_set_version; -+ BN_mod_sub; -+ OCSP_SINGLERESP_get_ext_by_NID; -+ ENGINE_get_ex_new_index; -+ OCSP_REQUEST_free; -+ OCSP_REQUEST_add1_ext_i2d; -+ X509_VAL_it; -+ EC_POINTs_make_affine; -+ EC_POINT_mul; -+ X509V3_EXT_add_nconf; -+ X509_TRUST_set; -+ X509_CRL_add1_ext_i2d; -+ _ossl_old_des_fcrypt; -+ DISPLAYTEXT_it; -+ X509_CRL_set_lastUpdate; -+ OCSP_BASICRESP_free; -+ OCSP_BASICRESP_add1_ext_i2d; -+ d2i_KRB5_AUTHENTBODY; -+ CRYPTO_set_ex_data_implementation; -+ CRYPTO_set_ex_data_impl; -+ KRB5_ENCDATA_new; -+ DSO_up_ref; -+ OCSP_crl_reason_str; -+ UI_get0_result_string; -+ ASN1_GENERALSTRING_new; -+ X509_SIG_it; -+ ERR_set_implementation; -+ ERR_load_EC_strings; -+ UI_get0_action_string; -+ OCSP_ONEREQ_get_ext; -+ EC_POINT_method_of; -+ i2d_KRB5_APREQBODY; -+ _ossl_old_des_ecb3_encrypt; -+ CRYPTO_get_mem_ex_functions; -+ ENGINE_get_ex_data; -+ UI_destroy_method; -+ ASN1_item_i2d_bio; -+ OCSP_ONEREQ_get_ext_by_OBJ; -+ ASN1_primitive_new; -+ ASN1_PRINTABLE_it; -+ EVP_aes_192_ecb; -+ OCSP_SIGNATURE_new; -+ LONG_it; -+ ASN1_VISIBLESTRING_it; -+ OCSP_SINGLERESP_add1_ext_i2d; -+ d2i_OCSP_CERTID; -+ ASN1_item_d2i_fp; -+ CRL_DIST_POINTS_it; -+ GENERAL_NAME_print; -+ OCSP_SINGLERESP_delete_ext; -+ PKCS12_SAFEBAGS_it; -+ d2i_OCSP_SIGNATURE; -+ OCSP_request_add1_nonce; -+ ENGINE_set_cmd_defns; -+ OCSP_SERVICELOC_free; -+ EC_GROUP_free; -+ ASN1_BIT_STRING_it; -+ X509_REQ_it; -+ _ossl_old_des_cbc_encrypt; -+ ERR_unload_strings; -+ PKCS7_SIGN_ENVELOPE_it; -+ EDIPARTYNAME_free; -+ OCSP_REQINFO_free; -+ EC_GROUP_new_curve_GFp; -+ OCSP_REQUEST_get1_ext_d2i; -+ PKCS12_item_pack_safebag; -+ asn1_ex_c2i; -+ ENGINE_register_digests; -+ i2d_OCSP_REVOKEDINFO; -+ asn1_enc_restore; -+ UI_free; -+ UI_new_method; -+ EVP_EncryptInit_ex; -+ X509_pubkey_digest; -+ EC_POINT_invert; -+ OCSP_basic_sign; -+ i2d_OCSP_RESPID; -+ OCSP_check_nonce; -+ ENGINE_ctrl_cmd; -+ d2i_KRB5_ENCKEY; -+ OCSP_parse_url; -+ OCSP_SINGLERESP_get_ext; -+ OCSP_CRLID_free; -+ OCSP_BASICRESP_get1_ext_d2i; -+ RSAPrivateKey_it; -+ ENGINE_register_all_DH; -+ i2d_EDIPARTYNAME; -+ EC_POINT_get_affine_coordinates_GFp; -+ EC_POINT_get_affine_coords_GFp; -+ OCSP_CRLID_new; -+ ENGINE_get_flags; -+ OCSP_ONEREQ_it; -+ UI_process; -+ ASN1_INTEGER_it; -+ EVP_CipherInit_ex; -+ UI_get_string_type; -+ ENGINE_unregister_DH; -+ ENGINE_register_all_DSA; -+ OCSP_ONEREQ_get_ext_by_critical; -+ bn_dup_expand; -+ OCSP_cert_id_new; -+ BASIC_CONSTRAINTS_it; -+ BN_mod_add_quick; -+ EC_POINT_new; -+ EVP_MD_CTX_destroy; -+ OCSP_RESPBYTES_free; -+ EVP_aes_128_cbc; -+ OCSP_SINGLERESP_get1_ext_d2i; -+ EC_POINT_free; -+ DH_up_ref; -+ X509_NAME_ENTRY_it; -+ UI_get_ex_new_index; -+ BN_mod_sub_quick; -+ OCSP_ONEREQ_add_ext; -+ OCSP_request_sign; -+ EVP_DigestFinal_ex; -+ ENGINE_set_digests; -+ OCSP_id_issuer_cmp; -+ OBJ_NAME_do_all; -+ EC_POINTs_mul; -+ ENGINE_register_complete; -+ X509V3_EXT_nconf_nid; -+ ASN1_SEQUENCE_it; -+ UI_set_default_method; -+ RAND_query_egd_bytes; -+ UI_method_get_writer; -+ UI_OpenSSL; -+ PEM_def_callback; -+ ENGINE_cleanup; -+ DIST_POINT_it; -+ OCSP_SINGLERESP_it; -+ d2i_KRB5_TKTBODY; -+ EC_POINT_cmp; -+ OCSP_REVOKEDINFO_new; -+ i2d_OCSP_CERTSTATUS; -+ OCSP_basic_add1_nonce; -+ ASN1_item_ex_d2i; -+ BN_mod_lshift1_quick; -+ UI_set_method; -+ OCSP_id_get0_info; -+ BN_mod_sqrt; -+ EC_GROUP_copy; -+ KRB5_ENCDATA_free; -+ _ossl_old_des_cfb_encrypt; -+ OCSP_SINGLERESP_get_ext_by_OBJ; -+ OCSP_cert_to_id; -+ OCSP_RESPID_new; -+ OCSP_RESPDATA_it; -+ d2i_OCSP_RESPDATA; -+ ENGINE_register_all_complete; -+ OCSP_check_validity; -+ PKCS12_BAGS_it; -+ OCSP_url_svcloc_new; -+ ASN1_template_free; -+ OCSP_SINGLERESP_add_ext; -+ KRB5_AUTHENTBODY_it; -+ X509_supported_extension; -+ i2d_KRB5_AUTHDATA; -+ UI_method_get_opener; -+ ENGINE_set_ex_data; -+ OCSP_REQUEST_print; -+ CBIGNUM_it; -+ KRB5_TICKET_new; -+ KRB5_APREQ_new; -+ EC_GROUP_get_curve_GFp; -+ KRB5_ENCKEY_new; -+ ASN1_template_d2i; -+ _ossl_old_des_quad_cksum; -+ OCSP_single_get0_status; -+ BN_swap; -+ POLICYINFO_it; -+ ENGINE_set_destroy_function; -+ asn1_enc_free; -+ OCSP_RESPID_it; -+ EC_GROUP_new; -+ EVP_aes_256_cbc; -+ i2d_KRB5_PRINCNAME; -+ _ossl_old_des_encrypt2; -+ _ossl_old_des_encrypt3; -+ PKCS8_PRIV_KEY_INFO_it; -+ OCSP_REQINFO_it; -+ PBEPARAM_it; -+ KRB5_AUTHENTBODY_new; -+ X509_CRL_add0_revoked; -+ EDIPARTYNAME_it; -+ NETSCAPE_SPKI_it; -+ UI_get0_test_string; -+ ENGINE_get_cipher_engine; -+ ENGINE_register_all_ciphers; -+ EC_POINT_copy; -+ BN_kronecker; -+ _ossl_old_des_ede3_ofb64_encrypt; -+ _ossl_odes_ede3_ofb64_encrypt; -+ UI_method_get_reader; -+ OCSP_BASICRESP_get_ext_count; -+ ASN1_ENUMERATED_it; -+ UI_set_result; -+ i2d_KRB5_TICKET; -+ X509_print_ex_fp; -+ EVP_CIPHER_CTX_set_padding; -+ d2i_OCSP_RESPONSE; -+ ASN1_UTCTIME_it; -+ _ossl_old_des_enc_write; -+ OCSP_RESPONSE_new; -+ AES_set_encrypt_key; -+ OCSP_resp_count; -+ KRB5_CHECKSUM_new; -+ ENGINE_load_cswift; -+ OCSP_onereq_get0_id; -+ ENGINE_set_default_ciphers; -+ NOTICEREF_it; -+ X509V3_EXT_CRL_add_nconf; -+ OCSP_REVOKEDINFO_it; -+ AES_encrypt; -+ OCSP_REQUEST_new; -+ ASN1_ANY_it; -+ CRYPTO_ex_data_new_class; -+ _ossl_old_des_ncbc_encrypt; -+ i2d_KRB5_TKTBODY; -+ EC_POINT_clear_free; -+ AES_decrypt; -+ asn1_enc_init; -+ UI_get_result_maxsize; -+ OCSP_CERTID_new; -+ ENGINE_unregister_RAND; -+ UI_method_get_closer; -+ d2i_KRB5_ENCDATA; -+ OCSP_request_onereq_count; -+ OCSP_basic_verify; -+ KRB5_AUTHENTBODY_free; -+ ASN1_item_d2i; -+ ASN1_primitive_free; -+ i2d_EXTENDED_KEY_USAGE; -+ i2d_OCSP_SIGNATURE; -+ asn1_enc_save; -+ ENGINE_load_nuron; -+ _ossl_old_des_pcbc_encrypt; -+ PKCS12_MAC_DATA_it; -+ OCSP_accept_responses_new; -+ asn1_do_lock; -+ PKCS7_ATTR_VERIFY_it; -+ KRB5_APREQBODY_it; -+ i2d_OCSP_SINGLERESP; -+ ASN1_item_ex_new; -+ UI_add_verify_string; -+ _ossl_old_des_set_key; -+ KRB5_PRINCNAME_it; -+ EVP_DecryptInit_ex; -+ i2d_OCSP_CERTID; -+ ASN1_item_d2i_bio; -+ EC_POINT_dbl; -+ asn1_get_choice_selector; -+ i2d_KRB5_CHECKSUM; -+ ENGINE_set_table_flags; -+ AES_options; -+ ENGINE_load_chil; -+ OCSP_id_cmp; -+ OCSP_BASICRESP_new; -+ OCSP_REQUEST_get_ext_by_NID; -+ KRB5_APREQ_it; -+ ENGINE_get_destroy_function; -+ CONF_set_nconf; -+ ASN1_PRINTABLE_free; -+ OCSP_BASICRESP_get_ext_by_NID; -+ DIST_POINT_NAME_it; -+ X509V3_extensions_print; -+ _ossl_old_des_cfb64_encrypt; -+ X509_REVOKED_add1_ext_i2d; -+ _ossl_old_des_ofb_encrypt; -+ KRB5_TKTBODY_new; -+ ASN1_OCTET_STRING_it; -+ ERR_load_UI_strings; -+ i2d_KRB5_ENCKEY; -+ ASN1_template_new; -+ OCSP_SIGNATURE_free; -+ ASN1_item_i2d_fp; -+ KRB5_PRINCNAME_free; -+ PKCS7_RECIP_INFO_it; -+ EXTENDED_KEY_USAGE_it; -+ EC_GFp_simple_method; -+ EC_GROUP_precompute_mult; -+ OCSP_request_onereq_get0; -+ UI_method_set_writer; -+ KRB5_AUTHENT_new; -+ X509_CRL_INFO_it; -+ DSO_set_name_converter; -+ AES_set_decrypt_key; -+ PKCS7_DIGEST_it; -+ PKCS12_x5092certbag; -+ EVP_DigestInit_ex; -+ i2a_ACCESS_DESCRIPTION; -+ OCSP_RESPONSE_it; -+ PKCS7_ENC_CONTENT_it; -+ OCSP_request_add0_id; -+ EC_POINT_make_affine; -+ DSO_get_filename; -+ OCSP_CERTSTATUS_it; -+ OCSP_request_add1_cert; -+ UI_get0_output_string; -+ UI_dup_verify_string; -+ BN_mod_lshift; -+ KRB5_AUTHDATA_it; -+ asn1_set_choice_selector; -+ OCSP_basic_add1_status; -+ OCSP_RESPID_free; -+ asn1_get_field_ptr; -+ UI_add_input_string; -+ OCSP_CRLID_it; -+ i2d_KRB5_AUTHENTBODY; -+ OCSP_REQUEST_get_ext_count; -+ ENGINE_load_atalla; -+ X509_NAME_it; -+ USERNOTICE_it; -+ OCSP_REQINFO_new; -+ OCSP_BASICRESP_get_ext; -+ CRYPTO_get_ex_data_implementation; -+ CRYPTO_get_ex_data_impl; -+ ASN1_item_pack; -+ i2d_KRB5_ENCDATA; -+ X509_PURPOSE_set; -+ X509_REQ_INFO_it; -+ UI_method_set_opener; -+ ASN1_item_ex_free; -+ ASN1_BOOLEAN_it; -+ ENGINE_get_table_flags; -+ UI_create_method; -+ OCSP_ONEREQ_add1_ext_i2d; -+ _shadow_DES_check_key; -+ d2i_OCSP_REQINFO; -+ UI_add_info_string; -+ UI_get_result_minsize; -+ ASN1_NULL_it; -+ BN_mod_lshift1; -+ d2i_OCSP_ONEREQ; -+ OCSP_ONEREQ_new; -+ KRB5_TICKET_it; -+ EVP_aes_192_cbc; -+ KRB5_TICKET_free; -+ UI_new; -+ OCSP_response_create; -+ _ossl_old_des_xcbc_encrypt; -+ PKCS7_it; -+ OCSP_REQUEST_get_ext_by_critical; -+ OCSP_REQUEST_get_ext_by_crit; -+ ENGINE_set_flags; -+ _ossl_old_des_ecb_encrypt; -+ OCSP_response_get1_basic; -+ EVP_Digest; -+ OCSP_ONEREQ_delete_ext; -+ ASN1_TBOOLEAN_it; -+ ASN1_item_new; -+ ASN1_TIME_to_generalizedtime; -+ BIGNUM_it; -+ AES_cbc_encrypt; -+ ENGINE_get_load_privkey_function; -+ ENGINE_get_load_privkey_fn; -+ OCSP_RESPONSE_free; -+ UI_method_set_reader; -+ i2d_ASN1_T61STRING; -+ EC_POINT_set_to_infinity; -+ ERR_load_OCSP_strings; -+ EC_POINT_point2oct; -+ KRB5_APREQ_free; -+ ASN1_OBJECT_it; -+ OCSP_crlID_new; -+ OCSP_crlID2_new; -+ CONF_modules_load_file; -+ CONF_imodule_set_usr_data; -+ ENGINE_set_default_string; -+ CONF_module_get_usr_data; -+ ASN1_add_oid_module; -+ CONF_modules_finish; -+ OPENSSL_config; -+ CONF_modules_unload; -+ CONF_imodule_get_value; -+ CONF_module_set_usr_data; -+ CONF_parse_list; -+ CONF_module_add; -+ CONF_get1_default_config_file; -+ CONF_imodule_get_flags; -+ CONF_imodule_get_module; -+ CONF_modules_load; -+ CONF_imodule_get_name; -+ ERR_peek_top_error; -+ CONF_imodule_get_usr_data; -+ CONF_imodule_set_flags; -+ ENGINE_add_conf_module; -+ ERR_peek_last_error_line; -+ ERR_peek_last_error_line_data; -+ ERR_peek_last_error; -+ DES_read_2passwords; -+ DES_read_password; -+ UI_UTIL_read_pw; -+ UI_UTIL_read_pw_string; -+ ENGINE_load_aep; -+ ENGINE_load_sureware; -+ OPENSSL_add_all_algorithms_noconf; -+ OPENSSL_add_all_algo_noconf; -+ OPENSSL_add_all_algorithms_conf; -+ OPENSSL_add_all_algo_conf; -+ OPENSSL_load_builtin_modules; -+ AES_ofb128_encrypt; -+ AES_ctr128_encrypt; -+ AES_cfb128_encrypt; -+ ENGINE_load_4758cca; -+ _ossl_096_des_random_seed; -+ EVP_aes_256_ofb; -+ EVP_aes_192_ofb; -+ EVP_aes_128_cfb128; -+ EVP_aes_256_cfb128; -+ EVP_aes_128_ofb; -+ EVP_aes_192_cfb128; -+ CONF_modules_free; -+ NCONF_default; -+ OPENSSL_no_config; -+ NCONF_WIN32; -+ ASN1_UNIVERSALSTRING_new; -+ EVP_des_ede_ecb; -+ i2d_ASN1_UNIVERSALSTRING; -+ ASN1_UNIVERSALSTRING_free; -+ ASN1_UNIVERSALSTRING_it; -+ d2i_ASN1_UNIVERSALSTRING; -+ EVP_des_ede3_ecb; -+ X509_REQ_print_ex; -+ ENGINE_up_ref; -+ BUF_MEM_grow_clean; -+ CRYPTO_realloc_clean; -+ BUF_strlcat; -+ BIO_indent; -+ BUF_strlcpy; -+ OpenSSLDie; -+ OPENSSL_cleanse; -+ ENGINE_setup_bsd_cryptodev; -+ ERR_release_err_state_table; -+ EVP_aes_128_cfb8; -+ FIPS_corrupt_rsa; -+ FIPS_selftest_des; -+ EVP_aes_128_cfb1; -+ EVP_aes_192_cfb8; -+ FIPS_mode_set; -+ FIPS_selftest_dsa; -+ EVP_aes_256_cfb8; -+ FIPS_allow_md5; -+ DES_ede3_cfb_encrypt; -+ EVP_des_ede3_cfb8; -+ FIPS_rand_seeded; -+ AES_cfbr_encrypt_block; -+ AES_cfb8_encrypt; -+ FIPS_rand_seed; -+ FIPS_corrupt_des; -+ EVP_aes_192_cfb1; -+ FIPS_selftest_aes; -+ FIPS_set_prng_key; -+ EVP_des_cfb8; -+ FIPS_corrupt_dsa; -+ FIPS_test_mode; -+ FIPS_rand_method; -+ EVP_aes_256_cfb1; -+ ERR_load_FIPS_strings; -+ FIPS_corrupt_aes; -+ FIPS_selftest_sha1; -+ FIPS_selftest_rsa; -+ FIPS_corrupt_sha1; -+ EVP_des_cfb1; -+ FIPS_dsa_check; -+ AES_cfb1_encrypt; -+ EVP_des_ede3_cfb1; -+ FIPS_rand_check; -+ FIPS_md5_allowed; -+ FIPS_mode; -+ FIPS_selftest_failed; -+ sk_is_sorted; -+ X509_check_ca; -+ HMAC_CTX_set_flags; -+ d2i_PROXY_CERT_INFO_EXTENSION; -+ PROXY_POLICY_it; -+ i2d_PROXY_POLICY; -+ i2d_PROXY_CERT_INFO_EXTENSION; -+ d2i_PROXY_POLICY; -+ PROXY_CERT_INFO_EXTENSION_new; -+ PROXY_CERT_INFO_EXTENSION_free; -+ PROXY_CERT_INFO_EXTENSION_it; -+ PROXY_POLICY_free; -+ PROXY_POLICY_new; -+ BN_MONT_CTX_set_locked; -+ FIPS_selftest_rng; -+ EVP_sha384; -+ EVP_sha512; -+ EVP_sha224; -+ EVP_sha256; -+ FIPS_selftest_hmac; -+ FIPS_corrupt_rng; -+ BN_mod_exp_mont_consttime; -+ RSA_X931_hash_id; -+ RSA_padding_check_X931; -+ RSA_verify_PKCS1_PSS; -+ RSA_padding_add_X931; -+ RSA_padding_add_PKCS1_PSS; -+ PKCS1_MGF1; -+ BN_X931_generate_Xpq; -+ RSA_X931_generate_key; -+ BN_X931_derive_prime; -+ BN_X931_generate_prime; -+ RSA_X931_derive; -+ BIO_new_dgram; -+ BN_get0_nist_prime_384; -+ ERR_set_mark; -+ X509_STORE_CTX_set0_crls; -+ ENGINE_set_STORE; -+ ENGINE_register_ECDSA; -+ STORE_meth_set_list_start_fn; -+ STORE_method_set_list_start_function; -+ BN_BLINDING_invert_ex; -+ NAME_CONSTRAINTS_free; -+ STORE_ATTR_INFO_set_number; -+ BN_BLINDING_get_thread_id; -+ X509_STORE_CTX_set0_param; -+ POLICY_MAPPING_it; -+ STORE_parse_attrs_start; -+ POLICY_CONSTRAINTS_free; -+ EVP_PKEY_add1_attr_by_NID; -+ BN_nist_mod_192; -+ EC_GROUP_get_trinomial_basis; -+ STORE_set_method; -+ GENERAL_SUBTREE_free; -+ NAME_CONSTRAINTS_it; -+ ECDH_get_default_method; -+ PKCS12_add_safe; -+ EC_KEY_new_by_curve_name; -+ STORE_meth_get_update_store_fn; -+ STORE_method_get_update_store_function; -+ ENGINE_register_ECDH; -+ SHA512_Update; -+ i2d_ECPrivateKey; -+ BN_get0_nist_prime_192; -+ STORE_modify_certificate; -+ EC_POINT_set_affine_coordinates_GF2m; -+ EC_POINT_set_affine_coords_GF2m; -+ BN_GF2m_mod_exp_arr; -+ STORE_ATTR_INFO_modify_number; -+ X509_keyid_get0; -+ ENGINE_load_gmp; -+ pitem_new; -+ BN_GF2m_mod_mul_arr; -+ STORE_list_public_key_endp; -+ o2i_ECPublicKey; -+ EC_KEY_copy; -+ BIO_dump_fp; -+ X509_policy_node_get0_parent; -+ EC_GROUP_check_discriminant; -+ i2o_ECPublicKey; -+ EC_KEY_precompute_mult; -+ a2i_IPADDRESS; -+ STORE_meth_set_initialise_fn; -+ STORE_method_set_initialise_function; -+ X509_STORE_CTX_set_depth; -+ X509_VERIFY_PARAM_inherit; -+ EC_POINT_point2bn; -+ STORE_ATTR_INFO_set_dn; -+ X509_policy_tree_get0_policies; -+ EC_GROUP_new_curve_GF2m; -+ STORE_destroy_method; -+ ENGINE_unregister_STORE; -+ EVP_PKEY_get1_EC_KEY; -+ STORE_ATTR_INFO_get0_number; -+ ENGINE_get_default_ECDH; -+ EC_KEY_get_conv_form; -+ ASN1_OCTET_STRING_NDEF_it; -+ STORE_delete_public_key; -+ STORE_get_public_key; -+ STORE_modify_arbitrary; -+ ENGINE_get_static_state; -+ pqueue_iterator; -+ ECDSA_SIG_new; -+ OPENSSL_DIR_end; -+ BN_GF2m_mod_sqr; -+ EC_POINT_bn2point; -+ X509_VERIFY_PARAM_set_depth; -+ EC_KEY_set_asn1_flag; -+ STORE_get_method; -+ EC_KEY_get_key_method_data; -+ ECDSA_sign_ex; -+ STORE_parse_attrs_end; -+ EC_GROUP_get_point_conversion_form; -+ EC_GROUP_get_point_conv_form; -+ STORE_method_set_store_function; -+ STORE_ATTR_INFO_in; -+ PEM_read_bio_ECPKParameters; -+ EC_GROUP_get_pentanomial_basis; -+ EVP_PKEY_add1_attr_by_txt; -+ BN_BLINDING_set_flags; -+ X509_VERIFY_PARAM_set1_policies; -+ X509_VERIFY_PARAM_set1_name; -+ X509_VERIFY_PARAM_set_purpose; -+ STORE_get_number; -+ ECDSA_sign_setup; -+ BN_GF2m_mod_solve_quad_arr; -+ EC_KEY_up_ref; -+ POLICY_MAPPING_free; -+ BN_GF2m_mod_div; -+ X509_VERIFY_PARAM_set_flags; -+ EC_KEY_free; -+ STORE_meth_set_list_next_fn; -+ STORE_method_set_list_next_function; -+ PEM_write_bio_ECPrivateKey; -+ d2i_EC_PUBKEY; -+ STORE_meth_get_generate_fn; -+ STORE_method_get_generate_function; -+ STORE_meth_set_list_end_fn; -+ STORE_method_set_list_end_function; -+ pqueue_print; -+ EC_GROUP_have_precompute_mult; -+ EC_KEY_print_fp; -+ BN_GF2m_mod_arr; -+ PEM_write_bio_X509_CERT_PAIR; -+ EVP_PKEY_cmp; -+ X509_policy_level_node_count; -+ STORE_new_engine; -+ STORE_list_public_key_start; -+ X509_VERIFY_PARAM_new; -+ ECDH_get_ex_data; -+ EVP_PKEY_get_attr; -+ ECDSA_do_sign; -+ ENGINE_unregister_ECDH; -+ ECDH_OpenSSL; -+ EC_KEY_set_conv_form; -+ EC_POINT_dup; -+ GENERAL_SUBTREE_new; -+ STORE_list_crl_endp; -+ EC_get_builtin_curves; -+ X509_policy_node_get0_qualifiers; -+ X509_pcy_node_get0_qualifiers; -+ STORE_list_crl_end; -+ EVP_PKEY_set1_EC_KEY; -+ BN_GF2m_mod_sqrt_arr; -+ i2d_ECPrivateKey_bio; -+ ECPKParameters_print_fp; -+ pqueue_find; -+ ECDSA_SIG_free; -+ PEM_write_bio_ECPKParameters; -+ STORE_method_set_ctrl_function; -+ STORE_list_public_key_end; -+ EC_KEY_set_private_key; -+ pqueue_peek; -+ STORE_get_arbitrary; -+ STORE_store_crl; -+ X509_policy_node_get0_policy; -+ PKCS12_add_safes; -+ BN_BLINDING_convert_ex; -+ X509_policy_tree_free; -+ OPENSSL_ia32cap_loc; -+ BN_GF2m_poly2arr; -+ STORE_ctrl; -+ STORE_ATTR_INFO_compare; -+ BN_get0_nist_prime_224; -+ i2d_ECParameters; -+ i2d_ECPKParameters; -+ BN_GENCB_call; -+ d2i_ECPKParameters; -+ STORE_meth_set_generate_fn; -+ STORE_method_set_generate_function; -+ ENGINE_set_ECDH; -+ NAME_CONSTRAINTS_new; -+ SHA256_Init; -+ EC_KEY_get0_public_key; -+ PEM_write_bio_EC_PUBKEY; -+ STORE_ATTR_INFO_set_cstr; -+ STORE_list_crl_next; -+ STORE_ATTR_INFO_in_range; -+ ECParameters_print; -+ STORE_meth_set_delete_fn; -+ STORE_method_set_delete_function; -+ STORE_list_certificate_next; -+ ASN1_generate_nconf; -+ BUF_memdup; -+ BN_GF2m_mod_mul; -+ STORE_meth_get_list_next_fn; -+ STORE_method_get_list_next_function; -+ STORE_ATTR_INFO_get0_dn; -+ STORE_list_private_key_next; -+ EC_GROUP_set_seed; -+ X509_VERIFY_PARAM_set_trust; -+ STORE_ATTR_INFO_free; -+ STORE_get_private_key; -+ EVP_PKEY_get_attr_count; -+ STORE_ATTR_INFO_new; -+ EC_GROUP_get_curve_GF2m; -+ STORE_meth_set_revoke_fn; -+ STORE_method_set_revoke_function; -+ STORE_store_number; -+ BN_is_prime_ex; -+ STORE_revoke_public_key; -+ X509_STORE_CTX_get0_param; -+ STORE_delete_arbitrary; -+ PEM_read_X509_CERT_PAIR; -+ X509_STORE_set_depth; -+ ECDSA_get_ex_data; -+ SHA224; -+ BIO_dump_indent_fp; -+ EC_KEY_set_group; -+ BUF_strndup; -+ STORE_list_certificate_start; -+ BN_GF2m_mod; -+ X509_REQ_check_private_key; -+ EC_GROUP_get_seed_len; -+ ERR_load_STORE_strings; -+ PEM_read_bio_EC_PUBKEY; -+ STORE_list_private_key_end; -+ i2d_EC_PUBKEY; -+ ECDSA_get_default_method; -+ ASN1_put_eoc; -+ X509_STORE_CTX_get_explicit_policy; -+ X509_STORE_CTX_get_expl_policy; -+ X509_VERIFY_PARAM_table_cleanup; -+ STORE_modify_private_key; -+ X509_VERIFY_PARAM_free; -+ EC_METHOD_get_field_type; -+ EC_GFp_nist_method; -+ STORE_meth_set_modify_fn; -+ STORE_method_set_modify_function; -+ STORE_parse_attrs_next; -+ ENGINE_load_padlock; -+ EC_GROUP_set_curve_name; -+ X509_CERT_PAIR_it; -+ STORE_meth_get_revoke_fn; -+ STORE_method_get_revoke_function; -+ STORE_method_set_get_function; -+ STORE_modify_number; -+ STORE_method_get_store_function; -+ STORE_store_private_key; -+ BN_GF2m_mod_sqr_arr; -+ RSA_setup_blinding; -+ BIO_s_datagram; -+ STORE_Memory; -+ sk_find_ex; -+ EC_GROUP_set_curve_GF2m; -+ ENGINE_set_default_ECDSA; -+ POLICY_CONSTRAINTS_new; -+ BN_GF2m_mod_sqrt; -+ ECDH_set_default_method; -+ EC_KEY_generate_key; -+ SHA384_Update; -+ BN_GF2m_arr2poly; -+ STORE_method_get_get_function; -+ STORE_meth_set_cleanup_fn; -+ STORE_method_set_cleanup_function; -+ EC_GROUP_check; -+ d2i_ECPrivateKey_bio; -+ EC_KEY_insert_key_method_data; -+ STORE_meth_get_lock_store_fn; -+ STORE_method_get_lock_store_function; -+ X509_VERIFY_PARAM_get_depth; -+ SHA224_Final; -+ STORE_meth_set_update_store_fn; -+ STORE_method_set_update_store_function; -+ SHA224_Update; -+ d2i_ECPrivateKey; -+ ASN1_item_ndef_i2d; -+ STORE_delete_private_key; -+ ERR_pop_to_mark; -+ ENGINE_register_all_STORE; -+ X509_policy_level_get0_node; -+ i2d_PKCS7_NDEF; -+ EC_GROUP_get_degree; -+ ASN1_generate_v3; -+ STORE_ATTR_INFO_modify_cstr; -+ X509_policy_tree_level_count; -+ BN_GF2m_add; -+ EC_KEY_get0_group; -+ STORE_generate_crl; -+ STORE_store_public_key; -+ X509_CERT_PAIR_free; -+ STORE_revoke_private_key; -+ BN_nist_mod_224; -+ SHA512_Final; -+ STORE_ATTR_INFO_modify_dn; -+ STORE_meth_get_initialise_fn; -+ STORE_method_get_initialise_function; -+ STORE_delete_number; -+ i2d_EC_PUBKEY_bio; -+ BIO_dgram_non_fatal_error; -+ EC_GROUP_get_asn1_flag; -+ STORE_ATTR_INFO_in_ex; -+ STORE_list_crl_start; -+ ECDH_get_ex_new_index; -+ STORE_meth_get_modify_fn; -+ STORE_method_get_modify_function; -+ v2i_ASN1_BIT_STRING; -+ STORE_store_certificate; -+ OBJ_bsearch_ex; -+ X509_STORE_CTX_set_default; -+ STORE_ATTR_INFO_set_sha1str; -+ BN_GF2m_mod_inv; -+ BN_GF2m_mod_exp; -+ STORE_modify_public_key; -+ STORE_meth_get_list_start_fn; -+ STORE_method_get_list_start_function; -+ EC_GROUP_get0_seed; -+ STORE_store_arbitrary; -+ STORE_meth_set_unlock_store_fn; -+ STORE_method_set_unlock_store_function; -+ BN_GF2m_mod_div_arr; -+ ENGINE_set_ECDSA; -+ STORE_create_method; -+ ECPKParameters_print; -+ EC_KEY_get0_private_key; -+ PEM_write_EC_PUBKEY; -+ X509_VERIFY_PARAM_set1; -+ ECDH_set_method; -+ v2i_GENERAL_NAME_ex; -+ ECDH_set_ex_data; -+ STORE_generate_key; -+ BN_nist_mod_521; -+ X509_policy_tree_get0_level; -+ EC_GROUP_set_point_conversion_form; -+ EC_GROUP_set_point_conv_form; -+ PEM_read_EC_PUBKEY; -+ i2d_ECDSA_SIG; -+ ECDSA_OpenSSL; -+ STORE_delete_crl; -+ EC_KEY_get_enc_flags; -+ ASN1_const_check_infinite_end; -+ EVP_PKEY_delete_attr; -+ ECDSA_set_default_method; -+ EC_POINT_set_compressed_coordinates_GF2m; -+ EC_POINT_set_compr_coords_GF2m; -+ EC_GROUP_cmp; -+ STORE_revoke_certificate; -+ BN_get0_nist_prime_256; -+ STORE_meth_get_delete_fn; -+ STORE_method_get_delete_function; -+ SHA224_Init; -+ PEM_read_ECPrivateKey; -+ SHA512_Init; -+ STORE_parse_attrs_endp; -+ BN_set_negative; -+ ERR_load_ECDSA_strings; -+ EC_GROUP_get_basis_type; -+ STORE_list_public_key_next; -+ i2v_ASN1_BIT_STRING; -+ STORE_OBJECT_free; -+ BN_nist_mod_384; -+ i2d_X509_CERT_PAIR; -+ PEM_write_ECPKParameters; -+ ECDH_compute_key; -+ STORE_ATTR_INFO_get0_sha1str; -+ ENGINE_register_all_ECDH; -+ pqueue_pop; -+ STORE_ATTR_INFO_get0_cstr; -+ POLICY_CONSTRAINTS_it; -+ STORE_get_ex_new_index; -+ EVP_PKEY_get_attr_by_OBJ; -+ X509_VERIFY_PARAM_add0_policy; -+ BN_GF2m_mod_solve_quad; -+ SHA256; -+ i2d_ECPrivateKey_fp; -+ X509_policy_tree_get0_user_policies; -+ X509_pcy_tree_get0_usr_policies; -+ OPENSSL_DIR_read; -+ ENGINE_register_all_ECDSA; -+ X509_VERIFY_PARAM_lookup; -+ EC_POINT_get_affine_coordinates_GF2m; -+ EC_POINT_get_affine_coords_GF2m; -+ EC_GROUP_dup; -+ ENGINE_get_default_ECDSA; -+ EC_KEY_new; -+ SHA256_Transform; -+ EC_KEY_set_enc_flags; -+ ECDSA_verify; -+ EC_POINT_point2hex; -+ ENGINE_get_STORE; -+ SHA512; -+ STORE_get_certificate; -+ ECDSA_do_sign_ex; -+ ECDSA_do_verify; -+ d2i_ECPrivateKey_fp; -+ STORE_delete_certificate; -+ SHA512_Transform; -+ X509_STORE_set1_param; -+ STORE_method_get_ctrl_function; -+ STORE_free; -+ PEM_write_ECPrivateKey; -+ STORE_meth_get_unlock_store_fn; -+ STORE_method_get_unlock_store_function; -+ STORE_get_ex_data; -+ EC_KEY_set_public_key; -+ PEM_read_ECPKParameters; -+ X509_CERT_PAIR_new; -+ ENGINE_register_STORE; -+ RSA_generate_key_ex; -+ DSA_generate_parameters_ex; -+ ECParameters_print_fp; -+ X509V3_NAME_from_section; -+ EVP_PKEY_add1_attr; -+ STORE_modify_crl; -+ STORE_list_private_key_start; -+ POLICY_MAPPINGS_it; -+ GENERAL_SUBTREE_it; -+ EC_GROUP_get_curve_name; -+ PEM_write_X509_CERT_PAIR; -+ BIO_dump_indent_cb; -+ d2i_X509_CERT_PAIR; -+ STORE_list_private_key_endp; -+ asn1_const_Finish; -+ i2d_EC_PUBKEY_fp; -+ BN_nist_mod_256; -+ X509_VERIFY_PARAM_add0_table; -+ pqueue_free; -+ BN_BLINDING_create_param; -+ ECDSA_size; -+ d2i_EC_PUBKEY_bio; -+ BN_get0_nist_prime_521; -+ STORE_ATTR_INFO_modify_sha1str; -+ BN_generate_prime_ex; -+ EC_GROUP_new_by_curve_name; -+ SHA256_Final; -+ DH_generate_parameters_ex; -+ PEM_read_bio_ECPrivateKey; -+ STORE_meth_get_cleanup_fn; -+ STORE_method_get_cleanup_function; -+ ENGINE_get_ECDH; -+ d2i_ECDSA_SIG; -+ BN_is_prime_fasttest_ex; -+ ECDSA_sign; -+ X509_policy_check; -+ EVP_PKEY_get_attr_by_NID; -+ STORE_set_ex_data; -+ ENGINE_get_ECDSA; -+ EVP_ecdsa; -+ BN_BLINDING_get_flags; -+ PKCS12_add_cert; -+ STORE_OBJECT_new; -+ ERR_load_ECDH_strings; -+ EC_KEY_dup; -+ EVP_CIPHER_CTX_rand_key; -+ ECDSA_set_method; -+ a2i_IPADDRESS_NC; -+ d2i_ECParameters; -+ STORE_list_certificate_end; -+ STORE_get_crl; -+ X509_POLICY_NODE_print; -+ SHA384_Init; -+ EC_GF2m_simple_method; -+ ECDSA_set_ex_data; -+ SHA384_Final; -+ PKCS7_set_digest; -+ EC_KEY_print; -+ STORE_meth_set_lock_store_fn; -+ STORE_method_set_lock_store_function; -+ ECDSA_get_ex_new_index; -+ SHA384; -+ POLICY_MAPPING_new; -+ STORE_list_certificate_endp; -+ X509_STORE_CTX_get0_policy_tree; -+ EC_GROUP_set_asn1_flag; -+ EC_KEY_check_key; -+ d2i_EC_PUBKEY_fp; -+ PKCS7_set0_type_other; -+ PEM_read_bio_X509_CERT_PAIR; -+ pqueue_next; -+ STORE_meth_get_list_end_fn; -+ STORE_method_get_list_end_function; -+ EVP_PKEY_add1_attr_by_OBJ; -+ X509_VERIFY_PARAM_set_time; -+ pqueue_new; -+ ENGINE_set_default_ECDH; -+ STORE_new_method; -+ PKCS12_add_key; -+ DSO_merge; -+ EC_POINT_hex2point; -+ BIO_dump_cb; -+ SHA256_Update; -+ pqueue_insert; -+ pitem_free; -+ BN_GF2m_mod_inv_arr; -+ ENGINE_unregister_ECDSA; -+ BN_BLINDING_set_thread_id; -+ get_rfc3526_prime_8192; -+ X509_VERIFY_PARAM_clear_flags; -+ get_rfc2409_prime_1024; -+ DH_check_pub_key; -+ get_rfc3526_prime_2048; -+ get_rfc3526_prime_6144; -+ get_rfc3526_prime_1536; -+ get_rfc3526_prime_3072; -+ get_rfc3526_prime_4096; -+ get_rfc2409_prime_768; -+ X509_VERIFY_PARAM_get_flags; -+ EVP_CIPHER_CTX_new; -+ EVP_CIPHER_CTX_free; -+ Camellia_cbc_encrypt; -+ Camellia_cfb128_encrypt; -+ Camellia_cfb1_encrypt; -+ Camellia_cfb8_encrypt; -+ Camellia_ctr128_encrypt; -+ Camellia_cfbr_encrypt_block; -+ Camellia_decrypt; -+ Camellia_ecb_encrypt; -+ Camellia_encrypt; -+ Camellia_ofb128_encrypt; -+ Camellia_set_key; -+ EVP_camellia_128_cbc; -+ EVP_camellia_128_cfb128; -+ EVP_camellia_128_cfb1; -+ EVP_camellia_128_cfb8; -+ EVP_camellia_128_ecb; -+ EVP_camellia_128_ofb; -+ EVP_camellia_192_cbc; -+ EVP_camellia_192_cfb128; -+ EVP_camellia_192_cfb1; -+ EVP_camellia_192_cfb8; -+ EVP_camellia_192_ecb; -+ EVP_camellia_192_ofb; -+ EVP_camellia_256_cbc; -+ EVP_camellia_256_cfb128; -+ EVP_camellia_256_cfb1; -+ EVP_camellia_256_cfb8; -+ EVP_camellia_256_ecb; -+ EVP_camellia_256_ofb; -+ a2i_ipadd; -+ ASIdentifiers_free; -+ i2d_ASIdOrRange; -+ EVP_CIPHER_block_size; -+ v3_asid_is_canonical; -+ IPAddressChoice_free; -+ EVP_CIPHER_CTX_set_app_data; -+ BIO_set_callback_arg; -+ v3_addr_add_prefix; -+ IPAddressOrRange_it; -+ BIO_set_flags; -+ ASIdentifiers_it; -+ v3_addr_get_range; -+ BIO_method_type; -+ v3_addr_inherits; -+ IPAddressChoice_it; -+ AES_ige_encrypt; -+ v3_addr_add_range; -+ EVP_CIPHER_CTX_nid; -+ d2i_ASRange; -+ v3_addr_add_inherit; -+ v3_asid_add_id_or_range; -+ v3_addr_validate_resource_set; -+ EVP_CIPHER_iv_length; -+ EVP_MD_type; -+ v3_asid_canonize; -+ IPAddressRange_free; -+ v3_asid_add_inherit; -+ EVP_CIPHER_CTX_key_length; -+ IPAddressRange_new; -+ ASIdOrRange_new; -+ EVP_MD_size; -+ EVP_MD_CTX_test_flags; -+ BIO_clear_flags; -+ i2d_ASRange; -+ IPAddressRange_it; -+ IPAddressChoice_new; -+ ASIdentifierChoice_new; -+ ASRange_free; -+ EVP_MD_pkey_type; -+ EVP_MD_CTX_clear_flags; -+ IPAddressFamily_free; -+ i2d_IPAddressFamily; -+ IPAddressOrRange_new; -+ EVP_CIPHER_flags; -+ v3_asid_validate_resource_set; -+ d2i_IPAddressRange; -+ AES_bi_ige_encrypt; -+ BIO_get_callback; -+ IPAddressOrRange_free; -+ v3_addr_subset; -+ d2i_IPAddressFamily; -+ v3_asid_subset; -+ BIO_test_flags; -+ i2d_ASIdentifierChoice; -+ ASRange_it; -+ d2i_ASIdentifiers; -+ ASRange_new; -+ d2i_IPAddressChoice; -+ v3_addr_get_afi; -+ EVP_CIPHER_key_length; -+ EVP_Cipher; -+ i2d_IPAddressOrRange; -+ ASIdOrRange_it; -+ EVP_CIPHER_nid; -+ i2d_IPAddressChoice; -+ EVP_CIPHER_CTX_block_size; -+ ASIdentifiers_new; -+ v3_addr_validate_path; -+ IPAddressFamily_new; -+ EVP_MD_CTX_set_flags; -+ v3_addr_is_canonical; -+ i2d_IPAddressRange; -+ IPAddressFamily_it; -+ v3_asid_inherits; -+ EVP_CIPHER_CTX_cipher; -+ EVP_CIPHER_CTX_get_app_data; -+ EVP_MD_block_size; -+ EVP_CIPHER_CTX_flags; -+ v3_asid_validate_path; -+ d2i_IPAddressOrRange; -+ v3_addr_canonize; -+ ASIdentifierChoice_it; -+ EVP_MD_CTX_md; -+ d2i_ASIdentifierChoice; -+ BIO_method_name; -+ EVP_CIPHER_CTX_iv_length; -+ ASIdOrRange_free; -+ ASIdentifierChoice_free; -+ BIO_get_callback_arg; -+ BIO_set_callback; -+ d2i_ASIdOrRange; -+ i2d_ASIdentifiers; -+ SEED_decrypt; -+ SEED_encrypt; -+ SEED_cbc_encrypt; -+ EVP_seed_ofb; -+ SEED_cfb128_encrypt; -+ SEED_ofb128_encrypt; -+ EVP_seed_cbc; -+ SEED_ecb_encrypt; -+ EVP_seed_ecb; -+ SEED_set_key; -+ EVP_seed_cfb128; -+ X509_EXTENSIONS_it; -+ X509_get1_ocsp; -+ OCSP_REQ_CTX_free; -+ i2d_X509_EXTENSIONS; -+ OCSP_sendreq_nbio; -+ OCSP_sendreq_new; -+ d2i_X509_EXTENSIONS; -+ X509_ALGORS_it; -+ X509_ALGOR_get0; -+ X509_ALGOR_set0; -+ AES_unwrap_key; -+ AES_wrap_key; -+ X509at_get0_data_by_OBJ; -+ ASN1_TYPE_set1; -+ ASN1_STRING_set0; -+ i2d_X509_ALGORS; -+ BIO_f_zlib; -+ COMP_zlib_cleanup; -+ d2i_X509_ALGORS; -+ CMS_ReceiptRequest_free; -+ PEM_write_CMS; -+ CMS_add0_CertificateChoices; -+ CMS_unsigned_add1_attr_by_OBJ; -+ ERR_load_CMS_strings; -+ CMS_sign_receipt; -+ i2d_CMS_ContentInfo; -+ CMS_signed_delete_attr; -+ d2i_CMS_bio; -+ CMS_unsigned_get_attr_by_NID; -+ CMS_verify; -+ SMIME_read_CMS; -+ CMS_decrypt_set1_key; -+ CMS_SignerInfo_get0_algs; -+ CMS_add1_cert; -+ CMS_set_detached; -+ CMS_encrypt; -+ CMS_EnvelopedData_create; -+ CMS_uncompress; -+ CMS_add0_crl; -+ CMS_SignerInfo_verify_content; -+ CMS_unsigned_get0_data_by_OBJ; -+ PEM_write_bio_CMS; -+ CMS_unsigned_get_attr; -+ CMS_RecipientInfo_ktri_cert_cmp; -+ CMS_RecipientInfo_ktri_get0_algs; -+ CMS_RecipInfo_ktri_get0_algs; -+ CMS_ContentInfo_free; -+ CMS_final; -+ CMS_add_simple_smimecap; -+ CMS_SignerInfo_verify; -+ CMS_data; -+ CMS_ContentInfo_it; -+ d2i_CMS_ReceiptRequest; -+ CMS_compress; -+ CMS_digest_create; -+ CMS_SignerInfo_cert_cmp; -+ CMS_SignerInfo_sign; -+ CMS_data_create; -+ i2d_CMS_bio; -+ CMS_EncryptedData_set1_key; -+ CMS_decrypt; -+ int_smime_write_ASN1; -+ CMS_unsigned_delete_attr; -+ CMS_unsigned_get_attr_count; -+ CMS_add_smimecap; -+ PEM_read_CMS; -+ CMS_signed_get_attr_by_OBJ; -+ d2i_CMS_ContentInfo; -+ CMS_add_standard_smimecap; -+ CMS_ContentInfo_new; -+ CMS_RecipientInfo_type; -+ CMS_get0_type; -+ CMS_is_detached; -+ CMS_sign; -+ CMS_signed_add1_attr; -+ CMS_unsigned_get_attr_by_OBJ; -+ SMIME_write_CMS; -+ CMS_EncryptedData_decrypt; -+ CMS_get0_RecipientInfos; -+ CMS_add0_RevocationInfoChoice; -+ CMS_decrypt_set1_pkey; -+ CMS_SignerInfo_set1_signer_cert; -+ CMS_get0_signers; -+ CMS_ReceiptRequest_get0_values; -+ CMS_signed_get0_data_by_OBJ; -+ CMS_get0_SignerInfos; -+ CMS_add0_cert; -+ CMS_EncryptedData_encrypt; -+ CMS_digest_verify; -+ CMS_set1_signers_certs; -+ CMS_signed_get_attr; -+ CMS_RecipientInfo_set0_key; -+ CMS_SignedData_init; -+ CMS_RecipientInfo_kekri_get0_id; -+ CMS_verify_receipt; -+ CMS_ReceiptRequest_it; -+ PEM_read_bio_CMS; -+ CMS_get1_crls; -+ CMS_add0_recipient_key; -+ SMIME_read_ASN1; -+ CMS_ReceiptRequest_new; -+ CMS_get0_content; -+ CMS_get1_ReceiptRequest; -+ CMS_signed_add1_attr_by_OBJ; -+ CMS_RecipientInfo_kekri_id_cmp; -+ CMS_add1_ReceiptRequest; -+ CMS_SignerInfo_get0_signer_id; -+ CMS_unsigned_add1_attr_by_NID; -+ CMS_unsigned_add1_attr; -+ CMS_signed_get_attr_by_NID; -+ CMS_get1_certs; -+ CMS_signed_add1_attr_by_NID; -+ CMS_unsigned_add1_attr_by_txt; -+ CMS_dataFinal; -+ CMS_RecipientInfo_ktri_get0_signer_id; -+ CMS_RecipInfo_ktri_get0_sigr_id; -+ i2d_CMS_ReceiptRequest; -+ CMS_add1_recipient_cert; -+ CMS_dataInit; -+ CMS_signed_add1_attr_by_txt; -+ CMS_RecipientInfo_decrypt; -+ CMS_signed_get_attr_count; -+ CMS_get0_eContentType; -+ CMS_set1_eContentType; -+ CMS_ReceiptRequest_create0; -+ CMS_add1_signer; -+ CMS_RecipientInfo_set0_pkey; -+ ENGINE_set_load_ssl_client_cert_function; -+ ENGINE_set_ld_ssl_clnt_cert_fn; -+ ENGINE_get_ssl_client_cert_function; -+ ENGINE_get_ssl_client_cert_fn; -+ ENGINE_load_ssl_client_cert; -+ ENGINE_load_capi; -+ OPENSSL_isservice; -+ FIPS_dsa_sig_decode; -+ EVP_CIPHER_CTX_clear_flags; -+ FIPS_rand_status; -+ FIPS_rand_set_key; -+ CRYPTO_set_mem_info_functions; -+ RSA_X931_generate_key_ex; -+ int_ERR_set_state_func; -+ int_EVP_MD_set_engine_callbacks; -+ int_CRYPTO_set_do_dynlock_callback; -+ FIPS_rng_stick; -+ EVP_CIPHER_CTX_set_flags; -+ BN_X931_generate_prime_ex; -+ FIPS_selftest_check; -+ FIPS_rand_set_dt; -+ CRYPTO_dbg_pop_info; -+ FIPS_dsa_free; -+ RSA_X931_derive_ex; -+ FIPS_rsa_new; -+ FIPS_rand_bytes; -+ fips_cipher_test; -+ EVP_CIPHER_CTX_test_flags; -+ CRYPTO_malloc_debug_init; -+ CRYPTO_dbg_push_info; -+ FIPS_corrupt_rsa_keygen; -+ FIPS_dh_new; -+ FIPS_corrupt_dsa_keygen; -+ FIPS_dh_free; -+ fips_pkey_signature_test; -+ EVP_add_alg_module; -+ int_RAND_init_engine_callbacks; -+ int_EVP_CIPHER_set_engine_callbacks; -+ int_EVP_MD_init_engine_callbacks; -+ FIPS_rand_test_mode; -+ FIPS_rand_reset; -+ FIPS_dsa_new; -+ int_RAND_set_callbacks; -+ BN_X931_derive_prime_ex; -+ int_ERR_lib_init; -+ int_EVP_CIPHER_init_engine_callbacks; -+ FIPS_rsa_free; -+ FIPS_dsa_sig_encode; -+ CRYPTO_dbg_remove_all_info; -+ OPENSSL_init; -+ CRYPTO_strdup; -+ JPAKE_STEP3A_process; -+ JPAKE_STEP1_release; -+ JPAKE_get_shared_key; -+ JPAKE_STEP3B_init; -+ JPAKE_STEP1_generate; -+ JPAKE_STEP1_init; -+ JPAKE_STEP3B_process; -+ JPAKE_STEP2_generate; -+ JPAKE_CTX_new; -+ JPAKE_CTX_free; -+ JPAKE_STEP3B_release; -+ JPAKE_STEP3A_release; -+ JPAKE_STEP2_process; -+ JPAKE_STEP3B_generate; -+ JPAKE_STEP1_process; -+ JPAKE_STEP3A_generate; -+ JPAKE_STEP2_release; -+ JPAKE_STEP3A_init; -+ ERR_load_JPAKE_strings; -+ JPAKE_STEP2_init; -+ pqueue_size; -+ i2d_TS_ACCURACY; -+ i2d_TS_MSG_IMPRINT_fp; -+ i2d_TS_MSG_IMPRINT; -+ EVP_PKEY_print_public; -+ EVP_PKEY_CTX_new; -+ i2d_TS_TST_INFO; -+ EVP_PKEY_asn1_find; -+ DSO_METHOD_beos; -+ TS_CONF_load_cert; -+ TS_REQ_get_ext; -+ EVP_PKEY_sign_init; -+ ASN1_item_print; -+ TS_TST_INFO_set_nonce; -+ TS_RESP_dup; -+ ENGINE_register_pkey_meths; -+ EVP_PKEY_asn1_add0; -+ PKCS7_add0_attrib_signing_time; -+ i2d_TS_TST_INFO_fp; -+ BIO_asn1_get_prefix; -+ TS_TST_INFO_set_time; -+ EVP_PKEY_meth_set_decrypt; -+ EVP_PKEY_set_type_str; -+ EVP_PKEY_CTX_get_keygen_info; -+ TS_REQ_set_policy_id; -+ d2i_TS_RESP_fp; -+ ENGINE_get_pkey_asn1_meth_engine; -+ ENGINE_get_pkey_asn1_meth_eng; -+ WHIRLPOOL_Init; -+ TS_RESP_set_status_info; -+ EVP_PKEY_keygen; -+ EVP_DigestSignInit; -+ TS_ACCURACY_set_millis; -+ TS_REQ_dup; -+ GENERAL_NAME_dup; -+ ASN1_SEQUENCE_ANY_it; -+ WHIRLPOOL; -+ X509_STORE_get1_crls; -+ ENGINE_get_pkey_asn1_meth; -+ EVP_PKEY_asn1_new; -+ BIO_new_NDEF; -+ ENGINE_get_pkey_meth; -+ TS_MSG_IMPRINT_set_algo; -+ i2d_TS_TST_INFO_bio; -+ TS_TST_INFO_set_ordering; -+ TS_TST_INFO_get_ext_by_OBJ; -+ CRYPTO_THREADID_set_pointer; -+ TS_CONF_get_tsa_section; -+ SMIME_write_ASN1; -+ TS_RESP_CTX_set_signer_key; -+ EVP_PKEY_encrypt_old; -+ EVP_PKEY_encrypt_init; -+ CRYPTO_THREADID_cpy; -+ ASN1_PCTX_get_cert_flags; -+ i2d_ESS_SIGNING_CERT; -+ TS_CONF_load_key; -+ i2d_ASN1_SEQUENCE_ANY; -+ d2i_TS_MSG_IMPRINT_bio; -+ EVP_PKEY_asn1_set_public; -+ b2i_PublicKey_bio; -+ BIO_asn1_set_prefix; -+ EVP_PKEY_new_mac_key; -+ BIO_new_CMS; -+ CRYPTO_THREADID_cmp; -+ TS_REQ_ext_free; -+ EVP_PKEY_asn1_set_free; -+ EVP_PKEY_get0_asn1; -+ d2i_NETSCAPE_X509; -+ EVP_PKEY_verify_recover_init; -+ EVP_PKEY_CTX_set_data; -+ EVP_PKEY_keygen_init; -+ TS_RESP_CTX_set_status_info; -+ TS_MSG_IMPRINT_get_algo; -+ TS_REQ_print_bio; -+ EVP_PKEY_CTX_ctrl_str; -+ EVP_PKEY_get_default_digest_nid; -+ PEM_write_bio_PKCS7_stream; -+ TS_MSG_IMPRINT_print_bio; -+ BN_asc2bn; -+ TS_REQ_get_policy_id; -+ ENGINE_set_default_pkey_asn1_meths; -+ ENGINE_set_def_pkey_asn1_meths; -+ d2i_TS_ACCURACY; -+ DSO_global_lookup; -+ TS_CONF_set_tsa_name; -+ i2d_ASN1_SET_ANY; -+ ENGINE_load_gost; -+ WHIRLPOOL_BitUpdate; -+ ASN1_PCTX_get_flags; -+ TS_TST_INFO_get_ext_by_NID; -+ TS_RESP_new; -+ ESS_CERT_ID_dup; -+ TS_STATUS_INFO_dup; -+ TS_REQ_delete_ext; -+ EVP_DigestVerifyFinal; -+ EVP_PKEY_print_params; -+ i2d_CMS_bio_stream; -+ TS_REQ_get_msg_imprint; -+ OBJ_find_sigid_by_algs; -+ TS_TST_INFO_get_serial; -+ TS_REQ_get_nonce; -+ X509_PUBKEY_set0_param; -+ EVP_PKEY_CTX_set0_keygen_info; -+ DIST_POINT_set_dpname; -+ i2d_ISSUING_DIST_POINT; -+ ASN1_SET_ANY_it; -+ EVP_PKEY_CTX_get_data; -+ TS_STATUS_INFO_print_bio; -+ EVP_PKEY_derive_init; -+ d2i_TS_TST_INFO; -+ EVP_PKEY_asn1_add_alias; -+ d2i_TS_RESP_bio; -+ OTHERNAME_cmp; -+ GENERAL_NAME_set0_value; -+ PKCS7_RECIP_INFO_get0_alg; -+ TS_RESP_CTX_new; -+ TS_RESP_set_tst_info; -+ PKCS7_final; -+ EVP_PKEY_base_id; -+ TS_RESP_CTX_set_signer_cert; -+ TS_REQ_set_msg_imprint; -+ EVP_PKEY_CTX_ctrl; -+ TS_CONF_set_digests; -+ d2i_TS_MSG_IMPRINT; -+ EVP_PKEY_meth_set_ctrl; -+ TS_REQ_get_ext_by_NID; -+ PKCS5_pbe_set0_algor; -+ BN_BLINDING_thread_id; -+ TS_ACCURACY_new; -+ X509_CRL_METHOD_free; -+ ASN1_PCTX_get_nm_flags; -+ EVP_PKEY_meth_set_sign; -+ CRYPTO_THREADID_current; -+ EVP_PKEY_decrypt_init; -+ NETSCAPE_X509_free; -+ i2b_PVK_bio; -+ EVP_PKEY_print_private; -+ GENERAL_NAME_get0_value; -+ b2i_PVK_bio; -+ ASN1_UTCTIME_adj; -+ TS_TST_INFO_new; -+ EVP_MD_do_all_sorted; -+ TS_CONF_set_default_engine; -+ TS_ACCURACY_set_seconds; -+ TS_TST_INFO_get_time; -+ PKCS8_pkey_get0; -+ EVP_PKEY_asn1_get0; -+ OBJ_add_sigid; -+ PKCS7_SIGNER_INFO_sign; -+ EVP_PKEY_paramgen_init; -+ EVP_PKEY_sign; -+ OBJ_sigid_free; -+ EVP_PKEY_meth_set_init; -+ d2i_ESS_ISSUER_SERIAL; -+ ISSUING_DIST_POINT_new; -+ ASN1_TIME_adj; -+ TS_OBJ_print_bio; -+ EVP_PKEY_meth_set_verify_recover; -+ EVP_PKEY_meth_set_vrfy_recover; -+ TS_RESP_get_status_info; -+ CMS_stream; -+ EVP_PKEY_CTX_set_cb; -+ PKCS7_to_TS_TST_INFO; -+ ASN1_PCTX_get_oid_flags; -+ TS_TST_INFO_add_ext; -+ EVP_PKEY_meth_set_derive; -+ i2d_TS_RESP_fp; -+ i2d_TS_MSG_IMPRINT_bio; -+ TS_RESP_CTX_set_accuracy; -+ TS_REQ_set_nonce; -+ ESS_CERT_ID_new; -+ ENGINE_pkey_asn1_find_str; -+ TS_REQ_get_ext_count; -+ BUF_reverse; -+ TS_TST_INFO_print_bio; -+ d2i_ISSUING_DIST_POINT; -+ ENGINE_get_pkey_meths; -+ i2b_PrivateKey_bio; -+ i2d_TS_RESP; -+ b2i_PublicKey; -+ TS_VERIFY_CTX_cleanup; -+ TS_STATUS_INFO_free; -+ TS_RESP_verify_token; -+ OBJ_bsearch_ex_; -+ ASN1_bn_print; -+ EVP_PKEY_asn1_get_count; -+ ENGINE_register_pkey_asn1_meths; -+ ASN1_PCTX_set_nm_flags; -+ EVP_DigestVerifyInit; -+ ENGINE_set_default_pkey_meths; -+ TS_TST_INFO_get_policy_id; -+ TS_REQ_get_cert_req; -+ X509_CRL_set_meth_data; -+ PKCS8_pkey_set0; -+ ASN1_STRING_copy; -+ d2i_TS_TST_INFO_fp; -+ X509_CRL_match; -+ EVP_PKEY_asn1_set_private; -+ TS_TST_INFO_get_ext_d2i; -+ TS_RESP_CTX_add_policy; -+ d2i_TS_RESP; -+ TS_CONF_load_certs; -+ TS_TST_INFO_get_msg_imprint; -+ ERR_load_TS_strings; -+ TS_TST_INFO_get_version; -+ EVP_PKEY_CTX_dup; -+ EVP_PKEY_meth_set_verify; -+ i2b_PublicKey_bio; -+ TS_CONF_set_certs; -+ EVP_PKEY_asn1_get0_info; -+ TS_VERIFY_CTX_free; -+ TS_REQ_get_ext_by_critical; -+ TS_RESP_CTX_set_serial_cb; -+ X509_CRL_get_meth_data; -+ TS_RESP_CTX_set_time_cb; -+ TS_MSG_IMPRINT_get_msg; -+ TS_TST_INFO_ext_free; -+ TS_REQ_get_version; -+ TS_REQ_add_ext; -+ EVP_PKEY_CTX_set_app_data; -+ OBJ_bsearch_; -+ EVP_PKEY_meth_set_verifyctx; -+ i2d_PKCS7_bio_stream; -+ CRYPTO_THREADID_set_numeric; -+ PKCS7_sign_add_signer; -+ d2i_TS_TST_INFO_bio; -+ TS_TST_INFO_get_ordering; -+ TS_RESP_print_bio; -+ TS_TST_INFO_get_exts; -+ HMAC_CTX_copy; -+ PKCS5_pbe2_set_iv; -+ ENGINE_get_pkey_asn1_meths; -+ b2i_PrivateKey; -+ EVP_PKEY_CTX_get_app_data; -+ TS_REQ_set_cert_req; -+ CRYPTO_THREADID_set_callback; -+ TS_CONF_set_serial; -+ TS_TST_INFO_free; -+ d2i_TS_REQ_fp; -+ TS_RESP_verify_response; -+ i2d_ESS_ISSUER_SERIAL; -+ TS_ACCURACY_get_seconds; -+ EVP_CIPHER_do_all; -+ b2i_PrivateKey_bio; -+ OCSP_CERTID_dup; -+ X509_PUBKEY_get0_param; -+ TS_MSG_IMPRINT_dup; -+ PKCS7_print_ctx; -+ i2d_TS_REQ_bio; -+ EVP_whirlpool; -+ EVP_PKEY_asn1_set_param; -+ EVP_PKEY_meth_set_encrypt; -+ ASN1_PCTX_set_flags; -+ i2d_ESS_CERT_ID; -+ TS_VERIFY_CTX_new; -+ TS_RESP_CTX_set_extension_cb; -+ ENGINE_register_all_pkey_meths; -+ TS_RESP_CTX_set_status_info_cond; -+ TS_RESP_CTX_set_stat_info_cond; -+ EVP_PKEY_verify; -+ WHIRLPOOL_Final; -+ X509_CRL_METHOD_new; -+ EVP_DigestSignFinal; -+ TS_RESP_CTX_set_def_policy; -+ NETSCAPE_X509_it; -+ TS_RESP_create_response; -+ PKCS7_SIGNER_INFO_get0_algs; -+ TS_TST_INFO_get_nonce; -+ EVP_PKEY_decrypt_old; -+ TS_TST_INFO_set_policy_id; -+ TS_CONF_set_ess_cert_id_chain; -+ EVP_PKEY_CTX_get0_pkey; -+ d2i_TS_REQ; -+ EVP_PKEY_asn1_find_str; -+ BIO_f_asn1; -+ ESS_SIGNING_CERT_new; -+ EVP_PBE_find; -+ X509_CRL_get0_by_cert; -+ EVP_PKEY_derive; -+ i2d_TS_REQ; -+ TS_TST_INFO_delete_ext; -+ ESS_ISSUER_SERIAL_free; -+ ASN1_PCTX_set_str_flags; -+ ENGINE_get_pkey_asn1_meth_str; -+ TS_CONF_set_signer_key; -+ TS_ACCURACY_get_millis; -+ TS_RESP_get_token; -+ TS_ACCURACY_dup; -+ ENGINE_register_all_pkey_asn1_meths; -+ ENGINE_reg_all_pkey_asn1_meths; -+ X509_CRL_set_default_method; -+ CRYPTO_THREADID_hash; -+ CMS_ContentInfo_print_ctx; -+ TS_RESP_free; -+ ISSUING_DIST_POINT_free; -+ ESS_ISSUER_SERIAL_new; -+ CMS_add1_crl; -+ PKCS7_add1_attrib_digest; -+ TS_RESP_CTX_add_md; -+ TS_TST_INFO_dup; -+ ENGINE_set_pkey_asn1_meths; -+ PEM_write_bio_Parameters; -+ TS_TST_INFO_get_accuracy; -+ X509_CRL_get0_by_serial; -+ TS_TST_INFO_set_version; -+ TS_RESP_CTX_get_tst_info; -+ TS_RESP_verify_signature; -+ CRYPTO_THREADID_get_callback; -+ TS_TST_INFO_get_tsa; -+ TS_STATUS_INFO_new; -+ EVP_PKEY_CTX_get_cb; -+ TS_REQ_get_ext_d2i; -+ GENERAL_NAME_set0_othername; -+ TS_TST_INFO_get_ext_count; -+ TS_RESP_CTX_get_request; -+ i2d_NETSCAPE_X509; -+ ENGINE_get_pkey_meth_engine; -+ EVP_PKEY_meth_set_signctx; -+ EVP_PKEY_asn1_copy; -+ ASN1_TYPE_cmp; -+ EVP_CIPHER_do_all_sorted; -+ EVP_PKEY_CTX_free; -+ ISSUING_DIST_POINT_it; -+ d2i_TS_MSG_IMPRINT_fp; -+ X509_STORE_get1_certs; -+ EVP_PKEY_CTX_get_operation; -+ d2i_ESS_SIGNING_CERT; -+ TS_CONF_set_ordering; -+ EVP_PBE_alg_add_type; -+ TS_REQ_set_version; -+ EVP_PKEY_get0; -+ BIO_asn1_set_suffix; -+ i2d_TS_STATUS_INFO; -+ EVP_MD_do_all; -+ TS_TST_INFO_set_accuracy; -+ PKCS7_add_attrib_content_type; -+ ERR_remove_thread_state; -+ EVP_PKEY_meth_add0; -+ TS_TST_INFO_set_tsa; -+ EVP_PKEY_meth_new; -+ WHIRLPOOL_Update; -+ TS_CONF_set_accuracy; -+ ASN1_PCTX_set_oid_flags; -+ ESS_SIGNING_CERT_dup; -+ d2i_TS_REQ_bio; -+ X509_time_adj_ex; -+ TS_RESP_CTX_add_flags; -+ d2i_TS_STATUS_INFO; -+ TS_MSG_IMPRINT_set_msg; -+ BIO_asn1_get_suffix; -+ TS_REQ_free; -+ EVP_PKEY_meth_free; -+ TS_REQ_get_exts; -+ TS_RESP_CTX_set_clock_precision_digits; -+ TS_RESP_CTX_set_clk_prec_digits; -+ TS_RESP_CTX_add_failure_info; -+ i2d_TS_RESP_bio; -+ EVP_PKEY_CTX_get0_peerkey; -+ PEM_write_bio_CMS_stream; -+ TS_REQ_new; -+ TS_MSG_IMPRINT_new; -+ EVP_PKEY_meth_find; -+ EVP_PKEY_id; -+ TS_TST_INFO_set_serial; -+ a2i_GENERAL_NAME; -+ TS_CONF_set_crypto_device; -+ EVP_PKEY_verify_init; -+ TS_CONF_set_policies; -+ ASN1_PCTX_new; -+ ESS_CERT_ID_free; -+ ENGINE_unregister_pkey_meths; -+ TS_MSG_IMPRINT_free; -+ TS_VERIFY_CTX_init; -+ PKCS7_stream; -+ TS_RESP_CTX_set_certs; -+ TS_CONF_set_def_policy; -+ ASN1_GENERALIZEDTIME_adj; -+ NETSCAPE_X509_new; -+ TS_ACCURACY_free; -+ TS_RESP_get_tst_info; -+ EVP_PKEY_derive_set_peer; -+ PEM_read_bio_Parameters; -+ TS_CONF_set_clock_precision_digits; -+ TS_CONF_set_clk_prec_digits; -+ ESS_ISSUER_SERIAL_dup; -+ TS_ACCURACY_get_micros; -+ ASN1_PCTX_get_str_flags; -+ NAME_CONSTRAINTS_check; -+ ASN1_BIT_STRING_check; -+ X509_check_akid; -+ ENGINE_unregister_pkey_asn1_meths; -+ ENGINE_unreg_pkey_asn1_meths; -+ ASN1_PCTX_free; -+ PEM_write_bio_ASN1_stream; -+ i2d_ASN1_bio_stream; -+ TS_X509_ALGOR_print_bio; -+ EVP_PKEY_meth_set_cleanup; -+ EVP_PKEY_asn1_free; -+ ESS_SIGNING_CERT_free; -+ TS_TST_INFO_set_msg_imprint; -+ GENERAL_NAME_cmp; -+ d2i_ASN1_SET_ANY; -+ ENGINE_set_pkey_meths; -+ i2d_TS_REQ_fp; -+ d2i_ASN1_SEQUENCE_ANY; -+ GENERAL_NAME_get0_otherName; -+ d2i_ESS_CERT_ID; -+ OBJ_find_sigid_algs; -+ EVP_PKEY_meth_set_keygen; -+ PKCS5_PBKDF2_HMAC; -+ EVP_PKEY_paramgen; -+ EVP_PKEY_meth_set_paramgen; -+ BIO_new_PKCS7; -+ EVP_PKEY_verify_recover; -+ TS_ext_print_bio; -+ TS_ASN1_INTEGER_print_bio; -+ check_defer; -+ DSO_pathbyaddr; -+ EVP_PKEY_set_type; -+ TS_ACCURACY_set_micros; -+ TS_REQ_to_TS_VERIFY_CTX; -+ EVP_PKEY_meth_set_copy; -+ ASN1_PCTX_set_cert_flags; -+ TS_TST_INFO_get_ext; -+ EVP_PKEY_asn1_set_ctrl; -+ TS_TST_INFO_get_ext_by_critical; -+ EVP_PKEY_CTX_new_id; -+ TS_REQ_get_ext_by_OBJ; -+ TS_CONF_set_signer_cert; -+ X509_NAME_hash_old; -+ ASN1_TIME_set_string; -+ EVP_MD_flags; -+ TS_RESP_CTX_free; -+ DSAparams_dup; -+ DHparams_dup; -+ OCSP_REQ_CTX_add1_header; -+ OCSP_REQ_CTX_set1_req; -+ X509_STORE_set_verify_cb; -+ X509_STORE_CTX_get0_current_crl; -+ X509_STORE_CTX_get0_parent_ctx; -+ X509_STORE_CTX_get0_current_issuer; -+ X509_STORE_CTX_get0_cur_issuer; -+ X509_issuer_name_hash_old; -+ X509_subject_name_hash_old; -+ EVP_CIPHER_CTX_copy; -+ UI_method_get_prompt_constructor; -+ UI_method_get_prompt_constructr; -+ UI_method_set_prompt_constructor; -+ UI_method_set_prompt_constructr; -+ EVP_read_pw_string_min; -+ CRYPTO_cts128_encrypt; -+ CRYPTO_cts128_decrypt_block; -+ CRYPTO_cfb128_1_encrypt; -+ CRYPTO_cbc128_encrypt; -+ CRYPTO_ctr128_encrypt; -+ CRYPTO_ofb128_encrypt; -+ CRYPTO_cts128_decrypt; -+ CRYPTO_cts128_encrypt_block; -+ CRYPTO_cbc128_decrypt; -+ CRYPTO_cfb128_encrypt; -+ CRYPTO_cfb128_8_encrypt; -+ -+ local: -+ *; -+}; -+ -+ -+OPENSSL_1.0.1 { -+ global: -+ SSL_renegotiate_abbreviated; -+ TLSv1_1_method; -+ TLSv1_1_client_method; -+ TLSv1_1_server_method; -+ SSL_CTX_set_srp_client_pwd_callback; -+ SSL_CTX_set_srp_client_pwd_cb; -+ SSL_get_srp_g; -+ SSL_CTX_set_srp_username_callback; -+ SSL_CTX_set_srp_un_cb; -+ SSL_get_srp_userinfo; -+ SSL_set_srp_server_param; -+ SSL_set_srp_server_param_pw; -+ SSL_get_srp_N; -+ SSL_get_srp_username; -+ SSL_CTX_set_srp_password; -+ SSL_CTX_set_srp_strength; -+ SSL_CTX_set_srp_verify_param_callback; -+ SSL_CTX_set_srp_vfy_param_cb; -+ SSL_CTX_set_srp_cb_arg; -+ SSL_CTX_set_srp_username; -+ SSL_CTX_SRP_CTX_init; -+ SSL_SRP_CTX_init; -+ SRP_Calc_A_param; -+ SRP_generate_server_master_secret; -+ SRP_gen_server_master_secret; -+ SSL_CTX_SRP_CTX_free; -+ SRP_generate_client_master_secret; -+ SRP_gen_client_master_secret; -+ SSL_srp_server_param_with_username; -+ SSL_srp_server_param_with_un; -+ SSL_SRP_CTX_free; -+ SSL_set_debug; -+ SSL_SESSION_get0_peer; -+ TLSv1_2_client_method; -+ SSL_SESSION_set1_id_context; -+ TLSv1_2_server_method; -+ SSL_cache_hit; -+ SSL_get0_kssl_ctx; -+ SSL_set0_kssl_ctx; -+ SSL_set_state; -+ SSL_CIPHER_get_id; -+ TLSv1_2_method; -+ kssl_ctx_get0_client_princ; -+ SSL_export_keying_material; -+ SSL_set_tlsext_use_srtp; -+ SSL_CTX_set_next_protos_advertised_cb; -+ SSL_CTX_set_next_protos_adv_cb; -+ SSL_get0_next_proto_negotiated; -+ SSL_get_selected_srtp_profile; -+ SSL_CTX_set_tlsext_use_srtp; -+ SSL_select_next_proto; -+ SSL_get_srtp_profiles; -+ SSL_CTX_set_next_proto_select_cb; -+ SSL_CTX_set_next_proto_sel_cb; -+ SSL_SESSION_get_compress_id; -+ -+ SRP_VBASE_get_by_user; -+ SRP_Calc_server_key; -+ SRP_create_verifier; -+ SRP_create_verifier_BN; -+ SRP_Calc_u; -+ SRP_VBASE_free; -+ SRP_Calc_client_key; -+ SRP_get_default_gN; -+ SRP_Calc_x; -+ SRP_Calc_B; -+ SRP_VBASE_new; -+ SRP_check_known_gN_param; -+ SRP_Calc_A; -+ SRP_Verify_A_mod_N; -+ SRP_VBASE_init; -+ SRP_Verify_B_mod_N; -+ EC_KEY_set_public_key_affine_coordinates; -+ EC_KEY_set_pub_key_aff_coords; -+ EVP_aes_192_ctr; -+ EVP_PKEY_meth_get0_info; -+ EVP_PKEY_meth_copy; -+ ERR_add_error_vdata; -+ EVP_aes_128_ctr; -+ EVP_aes_256_ctr; -+ EC_GFp_nistp224_method; -+ EC_KEY_get_flags; -+ RSA_padding_add_PKCS1_PSS_mgf1; -+ EVP_aes_128_xts; -+ EVP_aes_256_xts; -+ EVP_aes_128_gcm; -+ EC_KEY_clear_flags; -+ EC_KEY_set_flags; -+ EVP_aes_256_ccm; -+ RSA_verify_PKCS1_PSS_mgf1; -+ EVP_aes_128_ccm; -+ EVP_aes_192_gcm; -+ X509_ALGOR_set_md; -+ RAND_init_fips; -+ EVP_aes_256_gcm; -+ EVP_aes_192_ccm; -+ CMAC_CTX_copy; -+ CMAC_CTX_free; -+ CMAC_CTX_get0_cipher_ctx; -+ CMAC_CTX_cleanup; -+ CMAC_Init; -+ CMAC_Update; -+ CMAC_resume; -+ CMAC_CTX_new; -+ CMAC_Final; -+ CRYPTO_ctr128_encrypt_ctr32; -+ CRYPTO_gcm128_release; -+ CRYPTO_ccm128_decrypt_ccm64; -+ CRYPTO_ccm128_encrypt; -+ CRYPTO_gcm128_encrypt; -+ CRYPTO_xts128_encrypt; -+ EVP_rc4_hmac_md5; -+ CRYPTO_nistcts128_decrypt_block; -+ CRYPTO_gcm128_setiv; -+ CRYPTO_nistcts128_encrypt; -+ EVP_aes_128_cbc_hmac_sha1; -+ CRYPTO_gcm128_tag; -+ CRYPTO_ccm128_encrypt_ccm64; -+ ENGINE_load_rdrand; -+ CRYPTO_ccm128_setiv; -+ CRYPTO_nistcts128_encrypt_block; -+ CRYPTO_gcm128_aad; -+ CRYPTO_ccm128_init; -+ CRYPTO_nistcts128_decrypt; -+ CRYPTO_gcm128_new; -+ CRYPTO_ccm128_tag; -+ CRYPTO_ccm128_decrypt; -+ CRYPTO_ccm128_aad; -+ CRYPTO_gcm128_init; -+ CRYPTO_gcm128_decrypt; -+ ENGINE_load_rsax; -+ CRYPTO_gcm128_decrypt_ctr32; -+ CRYPTO_gcm128_encrypt_ctr32; -+ CRYPTO_gcm128_finish; -+ EVP_aes_256_cbc_hmac_sha1; -+ PKCS5_pbkdf2_set; -+ CMS_add0_recipient_password; -+ CMS_decrypt_set1_password; -+ CMS_RecipientInfo_set0_password; -+ RAND_set_fips_drbg_type; -+ X509_REQ_sign_ctx; -+ RSA_PSS_PARAMS_new; -+ X509_CRL_sign_ctx; -+ X509_signature_dump; -+ d2i_RSA_PSS_PARAMS; -+ RSA_PSS_PARAMS_it; -+ RSA_PSS_PARAMS_free; -+ X509_sign_ctx; -+ i2d_RSA_PSS_PARAMS; -+ ASN1_item_sign_ctx; -+ EC_GFp_nistp521_method; -+ EC_GFp_nistp256_method; -+ OPENSSL_stderr; -+ OPENSSL_cpuid_setup; -+ OPENSSL_showfatal; -+ BIO_new_dgram_sctp; -+ BIO_dgram_sctp_msg_waiting; -+ BIO_dgram_sctp_wait_for_dry; -+ BIO_s_datagram_sctp; -+ BIO_dgram_is_sctp; -+ BIO_dgram_sctp_notification_cb; -+} OPENSSL_1.0.0; -+ -+OPENSSL_1.0.1d { -+ global: -+ CRYPTO_memcmp; -+} OPENSSL_1.0.1; -+ -+OPENSSL_1.0.2 { -+ global: -+ SSL_CTX_set_alpn_protos; -+ SSL_set_alpn_protos; -+ SSL_CTX_set_alpn_select_cb; -+ SSL_get0_alpn_selected; -+ SSL_CTX_set_custom_cli_ext; -+ SSL_CTX_set_custom_srv_ext; -+ SSL_CTX_set_srv_supp_data; -+ SSL_CTX_set_cli_supp_data; -+ SSL_set_cert_cb; -+ SSL_CTX_use_serverinfo; -+ SSL_CTX_use_serverinfo_file; -+ SSL_CTX_set_cert_cb; -+ SSL_CTX_get0_param; -+ SSL_get0_param; -+ SSL_certs_clear; -+ DTLSv1_2_method; -+ DTLSv1_2_server_method; -+ DTLSv1_2_client_method; -+ DTLS_method; -+ DTLS_server_method; -+ DTLS_client_method; -+ SSL_CTX_get_ssl_method; -+ SSL_CTX_get0_certificate; -+ SSL_CTX_get0_privatekey; -+ SSL_COMP_set0_compression_methods; -+ SSL_COMP_free_compression_methods; -+ SSL_CIPHER_find; -+ SSL_is_server; -+ SSL_CONF_CTX_new; -+ SSL_CONF_CTX_finish; -+ SSL_CONF_CTX_free; -+ SSL_CONF_CTX_set_flags; -+ SSL_CONF_CTX_clear_flags; -+ SSL_CONF_CTX_set1_prefix; -+ SSL_CONF_CTX_set_ssl; -+ SSL_CONF_CTX_set_ssl_ctx; -+ SSL_CONF_cmd; -+ SSL_CONF_cmd_argv; -+ SSL_CONF_cmd_value_type; -+ SSL_trace; -+ SSL_CIPHER_standard_name; -+ SSL_get_tlsa_record_byname; -+ ASN1_TIME_diff; -+ BIO_hex_string; -+ CMS_RecipientInfo_get0_pkey_ctx; -+ CMS_RecipientInfo_encrypt; -+ CMS_SignerInfo_get0_pkey_ctx; -+ CMS_SignerInfo_get0_md_ctx; -+ CMS_SignerInfo_get0_signature; -+ CMS_RecipientInfo_kari_get0_alg; -+ CMS_RecipientInfo_kari_get0_reks; -+ CMS_RecipientInfo_kari_get0_orig_id; -+ CMS_RecipientInfo_kari_orig_id_cmp; -+ CMS_RecipientEncryptedKey_get0_id; -+ CMS_RecipientEncryptedKey_cert_cmp; -+ CMS_RecipientInfo_kari_set0_pkey; -+ CMS_RecipientInfo_kari_get0_ctx; -+ CMS_RecipientInfo_kari_decrypt; -+ CMS_SharedInfo_encode; -+ DH_compute_key_padded; -+ d2i_DHxparams; -+ i2d_DHxparams; -+ DH_get_1024_160; -+ DH_get_2048_224; -+ DH_get_2048_256; -+ DH_KDF_X9_42; -+ ECDH_KDF_X9_62; -+ ECDSA_METHOD_new; -+ ECDSA_METHOD_free; -+ ECDSA_METHOD_set_app_data; -+ ECDSA_METHOD_get_app_data; -+ ECDSA_METHOD_set_sign; -+ ECDSA_METHOD_set_sign_setup; -+ ECDSA_METHOD_set_verify; -+ ECDSA_METHOD_set_flags; -+ ECDSA_METHOD_set_name; -+ EVP_des_ede3_wrap; -+ EVP_aes_128_wrap; -+ EVP_aes_192_wrap; -+ EVP_aes_256_wrap; -+ EVP_aes_128_cbc_hmac_sha256; -+ EVP_aes_256_cbc_hmac_sha256; -+ CRYPTO_128_wrap; -+ CRYPTO_128_unwrap; -+ OCSP_REQ_CTX_nbio; -+ OCSP_REQ_CTX_new; -+ OCSP_set_max_response_length; -+ OCSP_REQ_CTX_i2d; -+ OCSP_REQ_CTX_nbio_d2i; -+ OCSP_REQ_CTX_get0_mem_bio; -+ OCSP_REQ_CTX_http; -+ RSA_padding_add_PKCS1_OAEP_mgf1; -+ RSA_padding_check_PKCS1_OAEP_mgf1; -+ RSA_OAEP_PARAMS_free; -+ RSA_OAEP_PARAMS_it; -+ RSA_OAEP_PARAMS_new; -+ SSL_get_sigalgs; -+ SSL_get_shared_sigalgs; -+ SSL_check_chain; -+ X509_chain_up_ref; -+ X509_http_nbio; -+ X509_CRL_http_nbio; -+ X509_REVOKED_dup; -+ i2d_re_X509_tbs; -+ X509_get0_signature; -+ X509_get_signature_nid; -+ X509_CRL_diff; -+ X509_chain_check_suiteb; -+ X509_CRL_check_suiteb; -+ X509_check_host; -+ X509_check_email; -+ X509_check_ip; -+ X509_check_ip_asc; -+ X509_STORE_set_lookup_crls_cb; -+ X509_STORE_CTX_get0_store; -+ X509_VERIFY_PARAM_set1_host; -+ X509_VERIFY_PARAM_add1_host; -+ X509_VERIFY_PARAM_set_hostflags; -+ X509_VERIFY_PARAM_get0_peername; -+ X509_VERIFY_PARAM_set1_email; -+ X509_VERIFY_PARAM_set1_ip; -+ X509_VERIFY_PARAM_set1_ip_asc; -+ X509_VERIFY_PARAM_get0_name; -+ X509_VERIFY_PARAM_get_count; -+ X509_VERIFY_PARAM_get0; -+ X509V3_EXT_free; -+ EC_GROUP_get_mont_data; -+ EC_curve_nid2nist; -+ EC_curve_nist2nid; -+ PEM_write_bio_DHxparams; -+ PEM_write_DHxparams; -+ SSL_CTX_add_client_custom_ext; -+ SSL_CTX_add_server_custom_ext; -+ SSL_extension_supported; -+ BUF_strnlen; -+ sk_deep_copy; -+ SSL_test_functions; -+} OPENSSL_1.0.1d; -+ -Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld 2014-02-24 21:02:30.000000000 +0100 -@@ -0,0 +1,10 @@ -+OPENSSL_1.0.0 { -+ global: -+ bind_engine; -+ v_check; -+ OPENSSL_init; -+ OPENSSL_finish; -+ local: -+ *; -+}; -+ -Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld 2014-02-24 21:02:30.000000000 +0100 -@@ -0,0 +1,10 @@ -+OPENSSL_1.0.0 { -+ global: -+ bind_engine; -+ v_check; -+ OPENSSL_init; -+ OPENSSL_finish; -+ local: -+ *; -+}; -+ diff --git a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch deleted file mode 100644 index c43bcd1c77..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch +++ /dev/null @@ -1,29 +0,0 @@ -From: Raphael Geissert <geissert@debian.org> -Description: make X509_verify_cert indicate that any certificate whose - name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked. -Forwarded: not-needed -Origin: vendor -Last-Update: 2011-11-05 - -Upstream-Status: Backport [debian] - - -Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c -=================================================================== ---- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.488028844 +0100 -+++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.484028929 +0100 -@@ -964,10 +964,11 @@ - for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) - { - x = sk_X509_value(ctx->chain, i); -- /* Mark DigiNotar certificates as revoked, no matter -- * where in the chain they are. -+ /* Mark certificates containing the following names as -+ * revoked, no matter where in the chain they are. - */ -- if (x->name && strstr(x->name, "DigiNotar")) -+ if (x->name && (strstr(x->name, "DigiNotar") || -+ strstr(x->name, "Digicert Sdn. Bhd."))) - { - ctx->error = X509_V_ERR_CERT_REVOKED; - ctx->error_depth = i; diff --git a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch deleted file mode 100644 index d81e22cd8d..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch +++ /dev/null @@ -1,68 +0,0 @@ -From: Raphael Geissert <geissert@debian.org> -Description: make X509_verify_cert indicate that any certificate whose - name contains "DigiNotar" is revoked. -Forwarded: not-needed -Origin: vendor -Last-Update: 2011-09-08 -Bug: http://bugs.debian.org/639744 -Reviewed-by: Kurt Roeckx <kurt@roeckx.be> -Reviewed-by: Dr Stephen N Henson <shenson@drh-consultancy.co.uk> - -This is not meant as final patch. - -Upstream-Status: Backport [debian] - -Signed-off-by: Armin Kuster <akuster@mvista.com> - -Index: openssl-1.0.2g/crypto/x509/x509_vfy.c -=================================================================== ---- openssl-1.0.2g.orig/crypto/x509/x509_vfy.c -+++ openssl-1.0.2g/crypto/x509/x509_vfy.c -@@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *c - static int check_revocation(X509_STORE_CTX *ctx); - static int check_cert(X509_STORE_CTX *ctx); - static int check_policy(X509_STORE_CTX *ctx); -+static int check_ca_blacklist(X509_STORE_CTX *ctx); - - static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, - unsigned int *preasons, X509_CRL *crl, X509 *x); -@@ -489,6 +490,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx - if (!ok) - goto err; - -+ ok = check_ca_blacklist(ctx); -+ if(!ok) goto err; -+ - #ifndef OPENSSL_NO_RFC3779 - /* RFC 3779 path validation, now that CRL check has been done */ - ok = v3_asid_validate_path(ctx); -@@ -996,6 +1000,29 @@ static int check_crl_time(X509_STORE_CTX - return 1; - } - -+static int check_ca_blacklist(X509_STORE_CTX *ctx) -+ { -+ X509 *x; -+ int i; -+ /* Check all certificates against the blacklist */ -+ for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) -+ { -+ x = sk_X509_value(ctx->chain, i); -+ /* Mark DigiNotar certificates as revoked, no matter -+ * where in the chain they are. -+ */ -+ if (x->name && strstr(x->name, "DigiNotar")) -+ { -+ ctx->error = X509_V_ERR_CERT_REVOKED; -+ ctx->error_depth = i; -+ ctx->current_cert = x; -+ if (!ctx->verify_cb(0,ctx)) -+ return 0; -+ } -+ } -+ return 1; -+ } -+ - static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, - X509 **pissuer, int *pscore, unsigned int *preasons, - STACK_OF(X509_CRL) *crls) diff --git a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch deleted file mode 100644 index 29f11a288e..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch +++ /dev/null @@ -1,4656 +0,0 @@ -Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure -=================================================================== ---- openssl-1.0.2~beta1.obsolete.0.0498436515490575.orig/Configure 2014-02-24 21:02:30.000000000 +0100 -+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure 2014-02-24 21:02:30.000000000 +0100 -@@ -1651,6 +1651,8 @@ - } - } - -+$shared_ldflag .= " -Wl,--version-script=openssl.ld"; -+ - open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n"; - unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new"; - open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n"; -Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld 2014-02-24 22:19:08.601827266 +0100 -@@ -0,0 +1,4608 @@ -+OPENSSL_1.0.2d { -+ global: -+ BIO_f_ssl; -+ BIO_new_buffer_ssl_connect; -+ BIO_new_ssl; -+ BIO_new_ssl_connect; -+ BIO_proxy_ssl_copy_session_id; -+ BIO_ssl_copy_session_id; -+ BIO_ssl_shutdown; -+ d2i_SSL_SESSION; -+ DTLSv1_client_method; -+ DTLSv1_method; -+ DTLSv1_server_method; -+ ERR_load_SSL_strings; -+ i2d_SSL_SESSION; -+ kssl_build_principal_2; -+ kssl_cget_tkt; -+ kssl_check_authent; -+ kssl_ctx_free; -+ kssl_ctx_new; -+ kssl_ctx_setkey; -+ kssl_ctx_setprinc; -+ kssl_ctx_setstring; -+ kssl_ctx_show; -+ kssl_err_set; -+ kssl_krb5_free_data_contents; -+ kssl_sget_tkt; -+ kssl_skip_confound; -+ kssl_validate_times; -+ PEM_read_bio_SSL_SESSION; -+ PEM_read_SSL_SESSION; -+ PEM_write_bio_SSL_SESSION; -+ PEM_write_SSL_SESSION; -+ SSL_accept; -+ SSL_add_client_CA; -+ SSL_add_dir_cert_subjects_to_stack; -+ SSL_add_dir_cert_subjs_to_stk; -+ SSL_add_file_cert_subjects_to_stack; -+ SSL_add_file_cert_subjs_to_stk; -+ SSL_alert_desc_string; -+ SSL_alert_desc_string_long; -+ SSL_alert_type_string; -+ SSL_alert_type_string_long; -+ SSL_callback_ctrl; -+ SSL_check_private_key; -+ SSL_CIPHER_description; -+ SSL_CIPHER_get_bits; -+ SSL_CIPHER_get_name; -+ SSL_CIPHER_get_version; -+ SSL_clear; -+ SSL_COMP_add_compression_method; -+ SSL_COMP_get_compression_methods; -+ SSL_COMP_get_compress_methods; -+ SSL_COMP_get_name; -+ SSL_connect; -+ SSL_copy_session_id; -+ SSL_ctrl; -+ SSL_CTX_add_client_CA; -+ SSL_CTX_add_session; -+ SSL_CTX_callback_ctrl; -+ SSL_CTX_check_private_key; -+ SSL_CTX_ctrl; -+ SSL_CTX_flush_sessions; -+ SSL_CTX_free; -+ SSL_CTX_get_cert_store; -+ SSL_CTX_get_client_CA_list; -+ SSL_CTX_get_client_cert_cb; -+ SSL_CTX_get_ex_data; -+ SSL_CTX_get_ex_new_index; -+ SSL_CTX_get_info_callback; -+ SSL_CTX_get_quiet_shutdown; -+ SSL_CTX_get_timeout; -+ SSL_CTX_get_verify_callback; -+ SSL_CTX_get_verify_depth; -+ SSL_CTX_get_verify_mode; -+ SSL_CTX_load_verify_locations; -+ SSL_CTX_new; -+ SSL_CTX_remove_session; -+ SSL_CTX_sess_get_get_cb; -+ SSL_CTX_sess_get_new_cb; -+ SSL_CTX_sess_get_remove_cb; -+ SSL_CTX_sessions; -+ SSL_CTX_sess_set_get_cb; -+ SSL_CTX_sess_set_new_cb; -+ SSL_CTX_sess_set_remove_cb; -+ SSL_CTX_set1_param; -+ SSL_CTX_set_cert_store; -+ SSL_CTX_set_cert_verify_callback; -+ SSL_CTX_set_cert_verify_cb; -+ SSL_CTX_set_cipher_list; -+ SSL_CTX_set_client_CA_list; -+ SSL_CTX_set_client_cert_cb; -+ SSL_CTX_set_client_cert_engine; -+ SSL_CTX_set_cookie_generate_cb; -+ SSL_CTX_set_cookie_verify_cb; -+ SSL_CTX_set_default_passwd_cb; -+ SSL_CTX_set_default_passwd_cb_userdata; -+ SSL_CTX_set_default_verify_paths; -+ SSL_CTX_set_def_passwd_cb_ud; -+ SSL_CTX_set_def_verify_paths; -+ SSL_CTX_set_ex_data; -+ SSL_CTX_set_generate_session_id; -+ SSL_CTX_set_info_callback; -+ SSL_CTX_set_msg_callback; -+ SSL_CTX_set_psk_client_callback; -+ SSL_CTX_set_psk_server_callback; -+ SSL_CTX_set_purpose; -+ SSL_CTX_set_quiet_shutdown; -+ SSL_CTX_set_session_id_context; -+ SSL_CTX_set_ssl_version; -+ SSL_CTX_set_timeout; -+ SSL_CTX_set_tmp_dh_callback; -+ SSL_CTX_set_tmp_ecdh_callback; -+ SSL_CTX_set_tmp_rsa_callback; -+ SSL_CTX_set_trust; -+ SSL_CTX_set_verify; -+ SSL_CTX_set_verify_depth; -+ SSL_CTX_use_cert_chain_file; -+ SSL_CTX_use_certificate; -+ SSL_CTX_use_certificate_ASN1; -+ SSL_CTX_use_certificate_chain_file; -+ SSL_CTX_use_certificate_file; -+ SSL_CTX_use_PrivateKey; -+ SSL_CTX_use_PrivateKey_ASN1; -+ SSL_CTX_use_PrivateKey_file; -+ SSL_CTX_use_psk_identity_hint; -+ SSL_CTX_use_RSAPrivateKey; -+ SSL_CTX_use_RSAPrivateKey_ASN1; -+ SSL_CTX_use_RSAPrivateKey_file; -+ SSL_do_handshake; -+ SSL_dup; -+ SSL_dup_CA_list; -+ SSLeay_add_ssl_algorithms; -+ SSL_free; -+ SSL_get1_session; -+ SSL_get_certificate; -+ SSL_get_cipher_list; -+ SSL_get_ciphers; -+ SSL_get_client_CA_list; -+ SSL_get_current_cipher; -+ SSL_get_current_compression; -+ SSL_get_current_expansion; -+ SSL_get_default_timeout; -+ SSL_get_error; -+ SSL_get_ex_data; -+ SSL_get_ex_data_X509_STORE_CTX_idx; -+ SSL_get_ex_d_X509_STORE_CTX_idx; -+ SSL_get_ex_new_index; -+ SSL_get_fd; -+ SSL_get_finished; -+ SSL_get_info_callback; -+ SSL_get_peer_cert_chain; -+ SSL_get_peer_certificate; -+ SSL_get_peer_finished; -+ SSL_get_privatekey; -+ SSL_get_psk_identity; -+ SSL_get_psk_identity_hint; -+ SSL_get_quiet_shutdown; -+ SSL_get_rbio; -+ SSL_get_read_ahead; -+ SSL_get_rfd; -+ SSL_get_servername; -+ SSL_get_servername_type; -+ SSL_get_session; -+ SSL_get_shared_ciphers; -+ SSL_get_shutdown; -+ SSL_get_SSL_CTX; -+ SSL_get_ssl_method; -+ SSL_get_verify_callback; -+ SSL_get_verify_depth; -+ SSL_get_verify_mode; -+ SSL_get_verify_result; -+ SSL_get_version; -+ SSL_get_wbio; -+ SSL_get_wfd; -+ SSL_has_matching_session_id; -+ SSL_library_init; -+ SSL_load_client_CA_file; -+ SSL_load_error_strings; -+ SSL_new; -+ SSL_peek; -+ SSL_pending; -+ SSL_read; -+ SSL_renegotiate; -+ SSL_renegotiate_pending; -+ SSL_rstate_string; -+ SSL_rstate_string_long; -+ SSL_SESSION_cmp; -+ SSL_SESSION_free; -+ SSL_SESSION_get_ex_data; -+ SSL_SESSION_get_ex_new_index; -+ SSL_SESSION_get_id; -+ SSL_SESSION_get_time; -+ SSL_SESSION_get_timeout; -+ SSL_SESSION_hash; -+ SSL_SESSION_new; -+ SSL_SESSION_print; -+ SSL_SESSION_print_fp; -+ SSL_SESSION_set_ex_data; -+ SSL_SESSION_set_time; -+ SSL_SESSION_set_timeout; -+ SSL_set1_param; -+ SSL_set_accept_state; -+ SSL_set_bio; -+ SSL_set_cipher_list; -+ SSL_set_client_CA_list; -+ SSL_set_connect_state; -+ SSL_set_ex_data; -+ SSL_set_fd; -+ SSL_set_generate_session_id; -+ SSL_set_info_callback; -+ SSL_set_msg_callback; -+ SSL_set_psk_client_callback; -+ SSL_set_psk_server_callback; -+ SSL_set_purpose; -+ SSL_set_quiet_shutdown; -+ SSL_set_read_ahead; -+ SSL_set_rfd; -+ SSL_set_session; -+ SSL_set_session_id_context; -+ SSL_set_session_secret_cb; -+ SSL_set_session_ticket_ext; -+ SSL_set_session_ticket_ext_cb; -+ SSL_set_shutdown; -+ SSL_set_SSL_CTX; -+ SSL_set_ssl_method; -+ SSL_set_tmp_dh_callback; -+ SSL_set_tmp_ecdh_callback; -+ SSL_set_tmp_rsa_callback; -+ SSL_set_trust; -+ SSL_set_verify; -+ SSL_set_verify_depth; -+ SSL_set_verify_result; -+ SSL_set_wfd; -+ SSL_shutdown; -+ SSL_state; -+ SSL_state_string; -+ SSL_state_string_long; -+ SSL_use_certificate; -+ SSL_use_certificate_ASN1; -+ SSL_use_certificate_file; -+ SSL_use_PrivateKey; -+ SSL_use_PrivateKey_ASN1; -+ SSL_use_PrivateKey_file; -+ SSL_use_psk_identity_hint; -+ SSL_use_RSAPrivateKey; -+ SSL_use_RSAPrivateKey_ASN1; -+ SSL_use_RSAPrivateKey_file; -+ SSLv23_client_method; -+ SSLv23_method; -+ SSLv23_server_method; -+ SSLv2_client_method; -+ SSLv2_method; -+ SSLv2_server_method; -+ SSLv3_client_method; -+ SSLv3_method; -+ SSLv3_server_method; -+ SSL_version; -+ SSL_want; -+ SSL_write; -+ TLSv1_client_method; -+ TLSv1_method; -+ TLSv1_server_method; -+ -+ -+ SSLeay; -+ SSLeay_version; -+ ASN1_BIT_STRING_asn1_meth; -+ ASN1_HEADER_free; -+ ASN1_HEADER_new; -+ ASN1_IA5STRING_asn1_meth; -+ ASN1_INTEGER_get; -+ ASN1_INTEGER_set; -+ ASN1_INTEGER_to_BN; -+ ASN1_OBJECT_create; -+ ASN1_OBJECT_free; -+ ASN1_OBJECT_new; -+ ASN1_PRINTABLE_type; -+ ASN1_STRING_cmp; -+ ASN1_STRING_dup; -+ ASN1_STRING_free; -+ ASN1_STRING_new; -+ ASN1_STRING_print; -+ ASN1_STRING_set; -+ ASN1_STRING_type_new; -+ ASN1_TYPE_free; -+ ASN1_TYPE_new; -+ ASN1_UNIVERSALSTRING_to_string; -+ ASN1_UTCTIME_check; -+ ASN1_UTCTIME_print; -+ ASN1_UTCTIME_set; -+ ASN1_check_infinite_end; -+ ASN1_d2i_bio; -+ ASN1_d2i_fp; -+ ASN1_digest; -+ ASN1_dup; -+ ASN1_get_object; -+ ASN1_i2d_bio; -+ ASN1_i2d_fp; -+ ASN1_object_size; -+ ASN1_parse; -+ ASN1_put_object; -+ ASN1_sign; -+ ASN1_verify; -+ BF_cbc_encrypt; -+ BF_cfb64_encrypt; -+ BF_ecb_encrypt; -+ BF_encrypt; -+ BF_ofb64_encrypt; -+ BF_options; -+ BF_set_key; -+ BIO_CONNECT_free; -+ BIO_CONNECT_new; -+ BIO_accept; -+ BIO_ctrl; -+ BIO_int_ctrl; -+ BIO_debug_callback; -+ BIO_dump; -+ BIO_dup_chain; -+ BIO_f_base64; -+ BIO_f_buffer; -+ BIO_f_cipher; -+ BIO_f_md; -+ BIO_f_null; -+ BIO_f_proxy_server; -+ BIO_fd_non_fatal_error; -+ BIO_fd_should_retry; -+ BIO_find_type; -+ BIO_free; -+ BIO_free_all; -+ BIO_get_accept_socket; -+ BIO_get_filter_bio; -+ BIO_get_host_ip; -+ BIO_get_port; -+ BIO_get_retry_BIO; -+ BIO_get_retry_reason; -+ BIO_gethostbyname; -+ BIO_gets; -+ BIO_new; -+ BIO_new_accept; -+ BIO_new_connect; -+ BIO_new_fd; -+ BIO_new_file; -+ BIO_new_fp; -+ BIO_new_socket; -+ BIO_pop; -+ BIO_printf; -+ BIO_push; -+ BIO_puts; -+ BIO_read; -+ BIO_s_accept; -+ BIO_s_connect; -+ BIO_s_fd; -+ BIO_s_file; -+ BIO_s_mem; -+ BIO_s_null; -+ BIO_s_proxy_client; -+ BIO_s_socket; -+ BIO_set; -+ BIO_set_cipher; -+ BIO_set_tcp_ndelay; -+ BIO_sock_cleanup; -+ BIO_sock_error; -+ BIO_sock_init; -+ BIO_sock_non_fatal_error; -+ BIO_sock_should_retry; -+ BIO_socket_ioctl; -+ BIO_write; -+ BN_CTX_free; -+ BN_CTX_new; -+ BN_MONT_CTX_free; -+ BN_MONT_CTX_new; -+ BN_MONT_CTX_set; -+ BN_add; -+ BN_add_word; -+ BN_hex2bn; -+ BN_bin2bn; -+ BN_bn2hex; -+ BN_bn2bin; -+ BN_clear; -+ BN_clear_bit; -+ BN_clear_free; -+ BN_cmp; -+ BN_copy; -+ BN_div; -+ BN_div_word; -+ BN_dup; -+ BN_free; -+ BN_from_montgomery; -+ BN_gcd; -+ BN_generate_prime; -+ BN_get_word; -+ BN_is_bit_set; -+ BN_is_prime; -+ BN_lshift; -+ BN_lshift1; -+ BN_mask_bits; -+ BN_mod; -+ BN_mod_exp; -+ BN_mod_exp_mont; -+ BN_mod_exp_simple; -+ BN_mod_inverse; -+ BN_mod_mul; -+ BN_mod_mul_montgomery; -+ BN_mod_word; -+ BN_mul; -+ BN_new; -+ BN_num_bits; -+ BN_num_bits_word; -+ BN_options; -+ BN_print; -+ BN_print_fp; -+ BN_rand; -+ BN_reciprocal; -+ BN_rshift; -+ BN_rshift1; -+ BN_set_bit; -+ BN_set_word; -+ BN_sqr; -+ BN_sub; -+ BN_to_ASN1_INTEGER; -+ BN_ucmp; -+ BN_value_one; -+ BUF_MEM_free; -+ BUF_MEM_grow; -+ BUF_MEM_new; -+ BUF_strdup; -+ CONF_free; -+ CONF_get_number; -+ CONF_get_section; -+ CONF_get_string; -+ CONF_load; -+ CRYPTO_add_lock; -+ CRYPTO_dbg_free; -+ CRYPTO_dbg_malloc; -+ CRYPTO_dbg_realloc; -+ CRYPTO_dbg_remalloc; -+ CRYPTO_free; -+ CRYPTO_get_add_lock_callback; -+ CRYPTO_get_id_callback; -+ CRYPTO_get_lock_name; -+ CRYPTO_get_locking_callback; -+ CRYPTO_get_mem_functions; -+ CRYPTO_lock; -+ CRYPTO_malloc; -+ CRYPTO_mem_ctrl; -+ CRYPTO_mem_leaks; -+ CRYPTO_mem_leaks_cb; -+ CRYPTO_mem_leaks_fp; -+ CRYPTO_realloc; -+ CRYPTO_remalloc; -+ CRYPTO_set_add_lock_callback; -+ CRYPTO_set_id_callback; -+ CRYPTO_set_locking_callback; -+ CRYPTO_set_mem_functions; -+ CRYPTO_thread_id; -+ DH_check; -+ DH_compute_key; -+ DH_free; -+ DH_generate_key; -+ DH_generate_parameters; -+ DH_new; -+ DH_size; -+ DHparams_print; -+ DHparams_print_fp; -+ DSA_free; -+ DSA_generate_key; -+ DSA_generate_parameters; -+ DSA_is_prime; -+ DSA_new; -+ DSA_print; -+ DSA_print_fp; -+ DSA_sign; -+ DSA_sign_setup; -+ DSA_size; -+ DSA_verify; -+ DSAparams_print; -+ DSAparams_print_fp; -+ ERR_clear_error; -+ ERR_error_string; -+ ERR_free_strings; -+ ERR_func_error_string; -+ ERR_get_err_state_table; -+ ERR_get_error; -+ ERR_get_error_line; -+ ERR_get_state; -+ ERR_get_string_table; -+ ERR_lib_error_string; -+ ERR_load_ASN1_strings; -+ ERR_load_BIO_strings; -+ ERR_load_BN_strings; -+ ERR_load_BUF_strings; -+ ERR_load_CONF_strings; -+ ERR_load_DH_strings; -+ ERR_load_DSA_strings; -+ ERR_load_ERR_strings; -+ ERR_load_EVP_strings; -+ ERR_load_OBJ_strings; -+ ERR_load_PEM_strings; -+ ERR_load_PROXY_strings; -+ ERR_load_RSA_strings; -+ ERR_load_X509_strings; -+ ERR_load_crypto_strings; -+ ERR_load_strings; -+ ERR_peek_error; -+ ERR_peek_error_line; -+ ERR_print_errors; -+ ERR_print_errors_fp; -+ ERR_put_error; -+ ERR_reason_error_string; -+ ERR_remove_state; -+ EVP_BytesToKey; -+ EVP_CIPHER_CTX_cleanup; -+ EVP_CipherFinal; -+ EVP_CipherInit; -+ EVP_CipherUpdate; -+ EVP_DecodeBlock; -+ EVP_DecodeFinal; -+ EVP_DecodeInit; -+ EVP_DecodeUpdate; -+ EVP_DecryptFinal; -+ EVP_DecryptInit; -+ EVP_DecryptUpdate; -+ EVP_DigestFinal; -+ EVP_DigestInit; -+ EVP_DigestUpdate; -+ EVP_EncodeBlock; -+ EVP_EncodeFinal; -+ EVP_EncodeInit; -+ EVP_EncodeUpdate; -+ EVP_EncryptFinal; -+ EVP_EncryptInit; -+ EVP_EncryptUpdate; -+ EVP_OpenFinal; -+ EVP_OpenInit; -+ EVP_PKEY_assign; -+ EVP_PKEY_copy_parameters; -+ EVP_PKEY_free; -+ EVP_PKEY_missing_parameters; -+ EVP_PKEY_new; -+ EVP_PKEY_save_parameters; -+ EVP_PKEY_size; -+ EVP_PKEY_type; -+ EVP_SealFinal; -+ EVP_SealInit; -+ EVP_SignFinal; -+ EVP_VerifyFinal; -+ EVP_add_alias; -+ EVP_add_cipher; -+ EVP_add_digest; -+ EVP_bf_cbc; -+ EVP_bf_cfb64; -+ EVP_bf_ecb; -+ EVP_bf_ofb; -+ EVP_cleanup; -+ EVP_des_cbc; -+ EVP_des_cfb64; -+ EVP_des_ecb; -+ EVP_des_ede; -+ EVP_des_ede3; -+ EVP_des_ede3_cbc; -+ EVP_des_ede3_cfb64; -+ EVP_des_ede3_ofb; -+ EVP_des_ede_cbc; -+ EVP_des_ede_cfb64; -+ EVP_des_ede_ofb; -+ EVP_des_ofb; -+ EVP_desx_cbc; -+ EVP_dss; -+ EVP_dss1; -+ EVP_enc_null; -+ EVP_get_cipherbyname; -+ EVP_get_digestbyname; -+ EVP_get_pw_prompt; -+ EVP_idea_cbc; -+ EVP_idea_cfb64; -+ EVP_idea_ecb; -+ EVP_idea_ofb; -+ EVP_md2; -+ EVP_md5; -+ EVP_md_null; -+ EVP_rc2_cbc; -+ EVP_rc2_cfb64; -+ EVP_rc2_ecb; -+ EVP_rc2_ofb; -+ EVP_rc4; -+ EVP_read_pw_string; -+ EVP_set_pw_prompt; -+ EVP_sha; -+ EVP_sha1; -+ MD2; -+ MD2_Final; -+ MD2_Init; -+ MD2_Update; -+ MD2_options; -+ MD5; -+ MD5_Final; -+ MD5_Init; -+ MD5_Update; -+ MDC2; -+ MDC2_Final; -+ MDC2_Init; -+ MDC2_Update; -+ NETSCAPE_SPKAC_free; -+ NETSCAPE_SPKAC_new; -+ NETSCAPE_SPKI_free; -+ NETSCAPE_SPKI_new; -+ NETSCAPE_SPKI_sign; -+ NETSCAPE_SPKI_verify; -+ OBJ_add_object; -+ OBJ_bsearch; -+ OBJ_cleanup; -+ OBJ_cmp; -+ OBJ_create; -+ OBJ_dup; -+ OBJ_ln2nid; -+ OBJ_new_nid; -+ OBJ_nid2ln; -+ OBJ_nid2obj; -+ OBJ_nid2sn; -+ OBJ_obj2nid; -+ OBJ_sn2nid; -+ OBJ_txt2nid; -+ PEM_ASN1_read; -+ PEM_ASN1_read_bio; -+ PEM_ASN1_write; -+ PEM_ASN1_write_bio; -+ PEM_SealFinal; -+ PEM_SealInit; -+ PEM_SealUpdate; -+ PEM_SignFinal; -+ PEM_SignInit; -+ PEM_SignUpdate; -+ PEM_X509_INFO_read; -+ PEM_X509_INFO_read_bio; -+ PEM_X509_INFO_write_bio; -+ PEM_dek_info; -+ PEM_do_header; -+ PEM_get_EVP_CIPHER_INFO; -+ PEM_proc_type; -+ PEM_read; -+ PEM_read_DHparams; -+ PEM_read_DSAPrivateKey; -+ PEM_read_DSAparams; -+ PEM_read_PKCS7; -+ PEM_read_PrivateKey; -+ PEM_read_RSAPrivateKey; -+ PEM_read_X509; -+ PEM_read_X509_CRL; -+ PEM_read_X509_REQ; -+ PEM_read_bio; -+ PEM_read_bio_DHparams; -+ PEM_read_bio_DSAPrivateKey; -+ PEM_read_bio_DSAparams; -+ PEM_read_bio_PKCS7; -+ PEM_read_bio_PrivateKey; -+ PEM_read_bio_RSAPrivateKey; -+ PEM_read_bio_X509; -+ PEM_read_bio_X509_CRL; -+ PEM_read_bio_X509_REQ; -+ PEM_write; -+ PEM_write_DHparams; -+ PEM_write_DSAPrivateKey; -+ PEM_write_DSAparams; -+ PEM_write_PKCS7; -+ PEM_write_PrivateKey; -+ PEM_write_RSAPrivateKey; -+ PEM_write_X509; -+ PEM_write_X509_CRL; -+ PEM_write_X509_REQ; -+ PEM_write_bio; -+ PEM_write_bio_DHparams; -+ PEM_write_bio_DSAPrivateKey; -+ PEM_write_bio_DSAparams; -+ PEM_write_bio_PKCS7; -+ PEM_write_bio_PrivateKey; -+ PEM_write_bio_RSAPrivateKey; -+ PEM_write_bio_X509; -+ PEM_write_bio_X509_CRL; -+ PEM_write_bio_X509_REQ; -+ PKCS7_DIGEST_free; -+ PKCS7_DIGEST_new; -+ PKCS7_ENCRYPT_free; -+ PKCS7_ENCRYPT_new; -+ PKCS7_ENC_CONTENT_free; -+ PKCS7_ENC_CONTENT_new; -+ PKCS7_ENVELOPE_free; -+ PKCS7_ENVELOPE_new; -+ PKCS7_ISSUER_AND_SERIAL_digest; -+ PKCS7_ISSUER_AND_SERIAL_free; -+ PKCS7_ISSUER_AND_SERIAL_new; -+ PKCS7_RECIP_INFO_free; -+ PKCS7_RECIP_INFO_new; -+ PKCS7_SIGNED_free; -+ PKCS7_SIGNED_new; -+ PKCS7_SIGNER_INFO_free; -+ PKCS7_SIGNER_INFO_new; -+ PKCS7_SIGN_ENVELOPE_free; -+ PKCS7_SIGN_ENVELOPE_new; -+ PKCS7_dup; -+ PKCS7_free; -+ PKCS7_new; -+ PROXY_ENTRY_add_noproxy; -+ PROXY_ENTRY_clear_noproxy; -+ PROXY_ENTRY_free; -+ PROXY_ENTRY_get_noproxy; -+ PROXY_ENTRY_new; -+ PROXY_ENTRY_set_server; -+ PROXY_add_noproxy; -+ PROXY_add_server; -+ PROXY_check_by_host; -+ PROXY_check_url; -+ PROXY_clear_noproxy; -+ PROXY_free; -+ PROXY_get_noproxy; -+ PROXY_get_proxies; -+ PROXY_get_proxy_entry; -+ PROXY_load_conf; -+ PROXY_new; -+ PROXY_print; -+ RAND_bytes; -+ RAND_cleanup; -+ RAND_file_name; -+ RAND_load_file; -+ RAND_screen; -+ RAND_seed; -+ RAND_write_file; -+ RC2_cbc_encrypt; -+ RC2_cfb64_encrypt; -+ RC2_ecb_encrypt; -+ RC2_encrypt; -+ RC2_ofb64_encrypt; -+ RC2_set_key; -+ RC4; -+ RC4_options; -+ RC4_set_key; -+ RSAPrivateKey_asn1_meth; -+ RSAPrivateKey_dup; -+ RSAPublicKey_dup; -+ RSA_PKCS1_SSLeay; -+ RSA_free; -+ RSA_generate_key; -+ RSA_new; -+ RSA_new_method; -+ RSA_print; -+ RSA_print_fp; -+ RSA_private_decrypt; -+ RSA_private_encrypt; -+ RSA_public_decrypt; -+ RSA_public_encrypt; -+ RSA_set_default_method; -+ RSA_sign; -+ RSA_sign_ASN1_OCTET_STRING; -+ RSA_size; -+ RSA_verify; -+ RSA_verify_ASN1_OCTET_STRING; -+ SHA; -+ SHA1; -+ SHA1_Final; -+ SHA1_Init; -+ SHA1_Update; -+ SHA_Final; -+ SHA_Init; -+ SHA_Update; -+ OpenSSL_add_all_algorithms; -+ OpenSSL_add_all_ciphers; -+ OpenSSL_add_all_digests; -+ TXT_DB_create_index; -+ TXT_DB_free; -+ TXT_DB_get_by_index; -+ TXT_DB_insert; -+ TXT_DB_read; -+ TXT_DB_write; -+ X509_ALGOR_free; -+ X509_ALGOR_new; -+ X509_ATTRIBUTE_free; -+ X509_ATTRIBUTE_new; -+ X509_CINF_free; -+ X509_CINF_new; -+ X509_CRL_INFO_free; -+ X509_CRL_INFO_new; -+ X509_CRL_add_ext; -+ X509_CRL_cmp; -+ X509_CRL_delete_ext; -+ X509_CRL_dup; -+ X509_CRL_free; -+ X509_CRL_get_ext; -+ X509_CRL_get_ext_by_NID; -+ X509_CRL_get_ext_by_OBJ; -+ X509_CRL_get_ext_by_critical; -+ X509_CRL_get_ext_count; -+ X509_CRL_new; -+ X509_CRL_sign; -+ X509_CRL_verify; -+ X509_EXTENSION_create_by_NID; -+ X509_EXTENSION_create_by_OBJ; -+ X509_EXTENSION_dup; -+ X509_EXTENSION_free; -+ X509_EXTENSION_get_critical; -+ X509_EXTENSION_get_data; -+ X509_EXTENSION_get_object; -+ X509_EXTENSION_new; -+ X509_EXTENSION_set_critical; -+ X509_EXTENSION_set_data; -+ X509_EXTENSION_set_object; -+ X509_INFO_free; -+ X509_INFO_new; -+ X509_LOOKUP_by_alias; -+ X509_LOOKUP_by_fingerprint; -+ X509_LOOKUP_by_issuer_serial; -+ X509_LOOKUP_by_subject; -+ X509_LOOKUP_ctrl; -+ X509_LOOKUP_file; -+ X509_LOOKUP_free; -+ X509_LOOKUP_hash_dir; -+ X509_LOOKUP_init; -+ X509_LOOKUP_new; -+ X509_LOOKUP_shutdown; -+ X509_NAME_ENTRY_create_by_NID; -+ X509_NAME_ENTRY_create_by_OBJ; -+ X509_NAME_ENTRY_dup; -+ X509_NAME_ENTRY_free; -+ X509_NAME_ENTRY_get_data; -+ X509_NAME_ENTRY_get_object; -+ X509_NAME_ENTRY_new; -+ X509_NAME_ENTRY_set_data; -+ X509_NAME_ENTRY_set_object; -+ X509_NAME_add_entry; -+ X509_NAME_cmp; -+ X509_NAME_delete_entry; -+ X509_NAME_digest; -+ X509_NAME_dup; -+ X509_NAME_entry_count; -+ X509_NAME_free; -+ X509_NAME_get_entry; -+ X509_NAME_get_index_by_NID; -+ X509_NAME_get_index_by_OBJ; -+ X509_NAME_get_text_by_NID; -+ X509_NAME_get_text_by_OBJ; -+ X509_NAME_hash; -+ X509_NAME_new; -+ X509_NAME_oneline; -+ X509_NAME_print; -+ X509_NAME_set; -+ X509_OBJECT_free_contents; -+ X509_OBJECT_retrieve_by_subject; -+ X509_OBJECT_up_ref_count; -+ X509_PKEY_free; -+ X509_PKEY_new; -+ X509_PUBKEY_free; -+ X509_PUBKEY_get; -+ X509_PUBKEY_new; -+ X509_PUBKEY_set; -+ X509_REQ_INFO_free; -+ X509_REQ_INFO_new; -+ X509_REQ_dup; -+ X509_REQ_free; -+ X509_REQ_get_pubkey; -+ X509_REQ_new; -+ X509_REQ_print; -+ X509_REQ_print_fp; -+ X509_REQ_set_pubkey; -+ X509_REQ_set_subject_name; -+ X509_REQ_set_version; -+ X509_REQ_sign; -+ X509_REQ_to_X509; -+ X509_REQ_verify; -+ X509_REVOKED_add_ext; -+ X509_REVOKED_delete_ext; -+ X509_REVOKED_free; -+ X509_REVOKED_get_ext; -+ X509_REVOKED_get_ext_by_NID; -+ X509_REVOKED_get_ext_by_OBJ; -+ X509_REVOKED_get_ext_by_critical; -+ X509_REVOKED_get_ext_by_critic; -+ X509_REVOKED_get_ext_count; -+ X509_REVOKED_new; -+ X509_SIG_free; -+ X509_SIG_new; -+ X509_STORE_CTX_cleanup; -+ X509_STORE_CTX_init; -+ X509_STORE_add_cert; -+ X509_STORE_add_lookup; -+ X509_STORE_free; -+ X509_STORE_get_by_subject; -+ X509_STORE_load_locations; -+ X509_STORE_new; -+ X509_STORE_set_default_paths; -+ X509_VAL_free; -+ X509_VAL_new; -+ X509_add_ext; -+ X509_asn1_meth; -+ X509_certificate_type; -+ X509_check_private_key; -+ X509_cmp_current_time; -+ X509_delete_ext; -+ X509_digest; -+ X509_dup; -+ X509_free; -+ X509_get_default_cert_area; -+ X509_get_default_cert_dir; -+ X509_get_default_cert_dir_env; -+ X509_get_default_cert_file; -+ X509_get_default_cert_file_env; -+ X509_get_default_private_dir; -+ X509_get_ext; -+ X509_get_ext_by_NID; -+ X509_get_ext_by_OBJ; -+ X509_get_ext_by_critical; -+ X509_get_ext_count; -+ X509_get_issuer_name; -+ X509_get_pubkey; -+ X509_get_pubkey_parameters; -+ X509_get_serialNumber; -+ X509_get_subject_name; -+ X509_gmtime_adj; -+ X509_issuer_and_serial_cmp; -+ X509_issuer_and_serial_hash; -+ X509_issuer_name_cmp; -+ X509_issuer_name_hash; -+ X509_load_cert_file; -+ X509_new; -+ X509_print; -+ X509_print_fp; -+ X509_set_issuer_name; -+ X509_set_notAfter; -+ X509_set_notBefore; -+ X509_set_pubkey; -+ X509_set_serialNumber; -+ X509_set_subject_name; -+ X509_set_version; -+ X509_sign; -+ X509_subject_name_cmp; -+ X509_subject_name_hash; -+ X509_to_X509_REQ; -+ X509_verify; -+ X509_verify_cert; -+ X509_verify_cert_error_string; -+ X509v3_add_ext; -+ X509v3_add_extension; -+ X509v3_add_netscape_extensions; -+ X509v3_add_standard_extensions; -+ X509v3_cleanup_extensions; -+ X509v3_data_type_by_NID; -+ X509v3_data_type_by_OBJ; -+ X509v3_delete_ext; -+ X509v3_get_ext; -+ X509v3_get_ext_by_NID; -+ X509v3_get_ext_by_OBJ; -+ X509v3_get_ext_by_critical; -+ X509v3_get_ext_count; -+ X509v3_pack_string; -+ X509v3_pack_type_by_NID; -+ X509v3_pack_type_by_OBJ; -+ X509v3_unpack_string; -+ _des_crypt; -+ a2d_ASN1_OBJECT; -+ a2i_ASN1_INTEGER; -+ a2i_ASN1_STRING; -+ asn1_Finish; -+ asn1_GetSequence; -+ bn_div_words; -+ bn_expand2; -+ bn_mul_add_words; -+ bn_mul_words; -+ BN_uadd; -+ BN_usub; -+ bn_sqr_words; -+ _ossl_old_crypt; -+ d2i_ASN1_BIT_STRING; -+ d2i_ASN1_BOOLEAN; -+ d2i_ASN1_HEADER; -+ d2i_ASN1_IA5STRING; -+ d2i_ASN1_INTEGER; -+ d2i_ASN1_OBJECT; -+ d2i_ASN1_OCTET_STRING; -+ d2i_ASN1_PRINTABLE; -+ d2i_ASN1_PRINTABLESTRING; -+ d2i_ASN1_SET; -+ d2i_ASN1_T61STRING; -+ d2i_ASN1_TYPE; -+ d2i_ASN1_UTCTIME; -+ d2i_ASN1_bytes; -+ d2i_ASN1_type_bytes; -+ d2i_DHparams; -+ d2i_DSAPrivateKey; -+ d2i_DSAPrivateKey_bio; -+ d2i_DSAPrivateKey_fp; -+ d2i_DSAPublicKey; -+ d2i_DSAparams; -+ d2i_NETSCAPE_SPKAC; -+ d2i_NETSCAPE_SPKI; -+ d2i_Netscape_RSA; -+ d2i_PKCS7; -+ d2i_PKCS7_DIGEST; -+ d2i_PKCS7_ENCRYPT; -+ d2i_PKCS7_ENC_CONTENT; -+ d2i_PKCS7_ENVELOPE; -+ d2i_PKCS7_ISSUER_AND_SERIAL; -+ d2i_PKCS7_RECIP_INFO; -+ d2i_PKCS7_SIGNED; -+ d2i_PKCS7_SIGNER_INFO; -+ d2i_PKCS7_SIGN_ENVELOPE; -+ d2i_PKCS7_bio; -+ d2i_PKCS7_fp; -+ d2i_PrivateKey; -+ d2i_PublicKey; -+ d2i_RSAPrivateKey; -+ d2i_RSAPrivateKey_bio; -+ d2i_RSAPrivateKey_fp; -+ d2i_RSAPublicKey; -+ d2i_X509; -+ d2i_X509_ALGOR; -+ d2i_X509_ATTRIBUTE; -+ d2i_X509_CINF; -+ d2i_X509_CRL; -+ d2i_X509_CRL_INFO; -+ d2i_X509_CRL_bio; -+ d2i_X509_CRL_fp; -+ d2i_X509_EXTENSION; -+ d2i_X509_NAME; -+ d2i_X509_NAME_ENTRY; -+ d2i_X509_PKEY; -+ d2i_X509_PUBKEY; -+ d2i_X509_REQ; -+ d2i_X509_REQ_INFO; -+ d2i_X509_REQ_bio; -+ d2i_X509_REQ_fp; -+ d2i_X509_REVOKED; -+ d2i_X509_SIG; -+ d2i_X509_VAL; -+ d2i_X509_bio; -+ d2i_X509_fp; -+ DES_cbc_cksum; -+ DES_cbc_encrypt; -+ DES_cblock_print_file; -+ DES_cfb64_encrypt; -+ DES_cfb_encrypt; -+ DES_decrypt3; -+ DES_ecb3_encrypt; -+ DES_ecb_encrypt; -+ DES_ede3_cbc_encrypt; -+ DES_ede3_cfb64_encrypt; -+ DES_ede3_ofb64_encrypt; -+ DES_enc_read; -+ DES_enc_write; -+ DES_encrypt1; -+ DES_encrypt2; -+ DES_encrypt3; -+ DES_fcrypt; -+ DES_is_weak_key; -+ DES_key_sched; -+ DES_ncbc_encrypt; -+ DES_ofb64_encrypt; -+ DES_ofb_encrypt; -+ DES_options; -+ DES_pcbc_encrypt; -+ DES_quad_cksum; -+ DES_random_key; -+ _ossl_old_des_random_seed; -+ _ossl_old_des_read_2passwords; -+ _ossl_old_des_read_password; -+ _ossl_old_des_read_pw; -+ _ossl_old_des_read_pw_string; -+ DES_set_key; -+ DES_set_odd_parity; -+ DES_string_to_2keys; -+ DES_string_to_key; -+ DES_xcbc_encrypt; -+ DES_xwhite_in2out; -+ fcrypt_body; -+ i2a_ASN1_INTEGER; -+ i2a_ASN1_OBJECT; -+ i2a_ASN1_STRING; -+ i2d_ASN1_BIT_STRING; -+ i2d_ASN1_BOOLEAN; -+ i2d_ASN1_HEADER; -+ i2d_ASN1_IA5STRING; -+ i2d_ASN1_INTEGER; -+ i2d_ASN1_OBJECT; -+ i2d_ASN1_OCTET_STRING; -+ i2d_ASN1_PRINTABLE; -+ i2d_ASN1_SET; -+ i2d_ASN1_TYPE; -+ i2d_ASN1_UTCTIME; -+ i2d_ASN1_bytes; -+ i2d_DHparams; -+ i2d_DSAPrivateKey; -+ i2d_DSAPrivateKey_bio; -+ i2d_DSAPrivateKey_fp; -+ i2d_DSAPublicKey; -+ i2d_DSAparams; -+ i2d_NETSCAPE_SPKAC; -+ i2d_NETSCAPE_SPKI; -+ i2d_Netscape_RSA; -+ i2d_PKCS7; -+ i2d_PKCS7_DIGEST; -+ i2d_PKCS7_ENCRYPT; -+ i2d_PKCS7_ENC_CONTENT; -+ i2d_PKCS7_ENVELOPE; -+ i2d_PKCS7_ISSUER_AND_SERIAL; -+ i2d_PKCS7_RECIP_INFO; -+ i2d_PKCS7_SIGNED; -+ i2d_PKCS7_SIGNER_INFO; -+ i2d_PKCS7_SIGN_ENVELOPE; -+ i2d_PKCS7_bio; -+ i2d_PKCS7_fp; -+ i2d_PrivateKey; -+ i2d_PublicKey; -+ i2d_RSAPrivateKey; -+ i2d_RSAPrivateKey_bio; -+ i2d_RSAPrivateKey_fp; -+ i2d_RSAPublicKey; -+ i2d_X509; -+ i2d_X509_ALGOR; -+ i2d_X509_ATTRIBUTE; -+ i2d_X509_CINF; -+ i2d_X509_CRL; -+ i2d_X509_CRL_INFO; -+ i2d_X509_CRL_bio; -+ i2d_X509_CRL_fp; -+ i2d_X509_EXTENSION; -+ i2d_X509_NAME; -+ i2d_X509_NAME_ENTRY; -+ i2d_X509_PKEY; -+ i2d_X509_PUBKEY; -+ i2d_X509_REQ; -+ i2d_X509_REQ_INFO; -+ i2d_X509_REQ_bio; -+ i2d_X509_REQ_fp; -+ i2d_X509_REVOKED; -+ i2d_X509_SIG; -+ i2d_X509_VAL; -+ i2d_X509_bio; -+ i2d_X509_fp; -+ idea_cbc_encrypt; -+ idea_cfb64_encrypt; -+ idea_ecb_encrypt; -+ idea_encrypt; -+ idea_ofb64_encrypt; -+ idea_options; -+ idea_set_decrypt_key; -+ idea_set_encrypt_key; -+ lh_delete; -+ lh_doall; -+ lh_doall_arg; -+ lh_free; -+ lh_insert; -+ lh_new; -+ lh_node_stats; -+ lh_node_stats_bio; -+ lh_node_usage_stats; -+ lh_node_usage_stats_bio; -+ lh_retrieve; -+ lh_stats; -+ lh_stats_bio; -+ lh_strhash; -+ sk_delete; -+ sk_delete_ptr; -+ sk_dup; -+ sk_find; -+ sk_free; -+ sk_insert; -+ sk_new; -+ sk_pop; -+ sk_pop_free; -+ sk_push; -+ sk_set_cmp_func; -+ sk_shift; -+ sk_unshift; -+ sk_zero; -+ BIO_f_nbio_test; -+ ASN1_TYPE_get; -+ ASN1_TYPE_set; -+ PKCS7_content_free; -+ ERR_load_PKCS7_strings; -+ X509_find_by_issuer_and_serial; -+ X509_find_by_subject; -+ PKCS7_ctrl; -+ PKCS7_set_type; -+ PKCS7_set_content; -+ PKCS7_SIGNER_INFO_set; -+ PKCS7_add_signer; -+ PKCS7_add_certificate; -+ PKCS7_add_crl; -+ PKCS7_content_new; -+ PKCS7_dataSign; -+ PKCS7_dataVerify; -+ PKCS7_dataInit; -+ PKCS7_add_signature; -+ PKCS7_cert_from_signer_info; -+ PKCS7_get_signer_info; -+ EVP_delete_alias; -+ EVP_mdc2; -+ PEM_read_bio_RSAPublicKey; -+ PEM_write_bio_RSAPublicKey; -+ d2i_RSAPublicKey_bio; -+ i2d_RSAPublicKey_bio; -+ PEM_read_RSAPublicKey; -+ PEM_write_RSAPublicKey; -+ d2i_RSAPublicKey_fp; -+ i2d_RSAPublicKey_fp; -+ BIO_copy_next_retry; -+ RSA_flags; -+ X509_STORE_add_crl; -+ X509_load_crl_file; -+ EVP_rc2_40_cbc; -+ EVP_rc4_40; -+ EVP_CIPHER_CTX_init; -+ HMAC; -+ HMAC_Init; -+ HMAC_Update; -+ HMAC_Final; -+ ERR_get_next_error_library; -+ EVP_PKEY_cmp_parameters; -+ HMAC_cleanup; -+ BIO_ptr_ctrl; -+ BIO_new_file_internal; -+ BIO_new_fp_internal; -+ BIO_s_file_internal; -+ BN_BLINDING_convert; -+ BN_BLINDING_invert; -+ BN_BLINDING_update; -+ RSA_blinding_on; -+ RSA_blinding_off; -+ i2t_ASN1_OBJECT; -+ BN_BLINDING_new; -+ BN_BLINDING_free; -+ EVP_cast5_cbc; -+ EVP_cast5_cfb64; -+ EVP_cast5_ecb; -+ EVP_cast5_ofb; -+ BF_decrypt; -+ CAST_set_key; -+ CAST_encrypt; -+ CAST_decrypt; -+ CAST_ecb_encrypt; -+ CAST_cbc_encrypt; -+ CAST_cfb64_encrypt; -+ CAST_ofb64_encrypt; -+ RC2_decrypt; -+ OBJ_create_objects; -+ BN_exp; -+ BN_mul_word; -+ BN_sub_word; -+ BN_dec2bn; -+ BN_bn2dec; -+ BIO_ghbn_ctrl; -+ CRYPTO_free_ex_data; -+ CRYPTO_get_ex_data; -+ CRYPTO_set_ex_data; -+ ERR_load_CRYPTO_strings; -+ ERR_load_CRYPTOlib_strings; -+ EVP_PKEY_bits; -+ MD5_Transform; -+ SHA1_Transform; -+ SHA_Transform; -+ X509_STORE_CTX_get_chain; -+ X509_STORE_CTX_get_current_cert; -+ X509_STORE_CTX_get_error; -+ X509_STORE_CTX_get_error_depth; -+ X509_STORE_CTX_get_ex_data; -+ X509_STORE_CTX_set_cert; -+ X509_STORE_CTX_set_chain; -+ X509_STORE_CTX_set_error; -+ X509_STORE_CTX_set_ex_data; -+ CRYPTO_dup_ex_data; -+ CRYPTO_get_new_lockid; -+ CRYPTO_new_ex_data; -+ RSA_set_ex_data; -+ RSA_get_ex_data; -+ RSA_get_ex_new_index; -+ RSA_padding_add_PKCS1_type_1; -+ RSA_padding_add_PKCS1_type_2; -+ RSA_padding_add_SSLv23; -+ RSA_padding_add_none; -+ RSA_padding_check_PKCS1_type_1; -+ RSA_padding_check_PKCS1_type_2; -+ RSA_padding_check_SSLv23; -+ RSA_padding_check_none; -+ bn_add_words; -+ d2i_Netscape_RSA_2; -+ CRYPTO_get_ex_new_index; -+ RIPEMD160_Init; -+ RIPEMD160_Update; -+ RIPEMD160_Final; -+ RIPEMD160; -+ RIPEMD160_Transform; -+ RC5_32_set_key; -+ RC5_32_ecb_encrypt; -+ RC5_32_encrypt; -+ RC5_32_decrypt; -+ RC5_32_cbc_encrypt; -+ RC5_32_cfb64_encrypt; -+ RC5_32_ofb64_encrypt; -+ BN_bn2mpi; -+ BN_mpi2bn; -+ ASN1_BIT_STRING_get_bit; -+ ASN1_BIT_STRING_set_bit; -+ BIO_get_ex_data; -+ BIO_get_ex_new_index; -+ BIO_set_ex_data; -+ X509v3_get_key_usage; -+ X509v3_set_key_usage; -+ a2i_X509v3_key_usage; -+ i2a_X509v3_key_usage; -+ EVP_PKEY_decrypt; -+ EVP_PKEY_encrypt; -+ PKCS7_RECIP_INFO_set; -+ PKCS7_add_recipient; -+ PKCS7_add_recipient_info; -+ PKCS7_set_cipher; -+ ASN1_TYPE_get_int_octetstring; -+ ASN1_TYPE_get_octetstring; -+ ASN1_TYPE_set_int_octetstring; -+ ASN1_TYPE_set_octetstring; -+ ASN1_UTCTIME_set_string; -+ ERR_add_error_data; -+ ERR_set_error_data; -+ EVP_CIPHER_asn1_to_param; -+ EVP_CIPHER_param_to_asn1; -+ EVP_CIPHER_get_asn1_iv; -+ EVP_CIPHER_set_asn1_iv; -+ EVP_rc5_32_12_16_cbc; -+ EVP_rc5_32_12_16_cfb64; -+ EVP_rc5_32_12_16_ecb; -+ EVP_rc5_32_12_16_ofb; -+ asn1_add_error; -+ d2i_ASN1_BMPSTRING; -+ i2d_ASN1_BMPSTRING; -+ BIO_f_ber; -+ BN_init; -+ COMP_CTX_new; -+ COMP_CTX_free; -+ COMP_CTX_compress_block; -+ COMP_CTX_expand_block; -+ X509_STORE_CTX_get_ex_new_index; -+ OBJ_NAME_add; -+ BIO_socket_nbio; -+ EVP_rc2_64_cbc; -+ OBJ_NAME_cleanup; -+ OBJ_NAME_get; -+ OBJ_NAME_init; -+ OBJ_NAME_new_index; -+ OBJ_NAME_remove; -+ BN_MONT_CTX_copy; -+ BIO_new_socks4a_connect; -+ BIO_s_socks4a_connect; -+ PROXY_set_connect_mode; -+ RAND_SSLeay; -+ RAND_set_rand_method; -+ RSA_memory_lock; -+ bn_sub_words; -+ bn_mul_normal; -+ bn_mul_comba8; -+ bn_mul_comba4; -+ bn_sqr_normal; -+ bn_sqr_comba8; -+ bn_sqr_comba4; -+ bn_cmp_words; -+ bn_mul_recursive; -+ bn_mul_part_recursive; -+ bn_sqr_recursive; -+ bn_mul_low_normal; -+ BN_RECP_CTX_init; -+ BN_RECP_CTX_new; -+ BN_RECP_CTX_free; -+ BN_RECP_CTX_set; -+ BN_mod_mul_reciprocal; -+ BN_mod_exp_recp; -+ BN_div_recp; -+ BN_CTX_init; -+ BN_MONT_CTX_init; -+ RAND_get_rand_method; -+ PKCS7_add_attribute; -+ PKCS7_add_signed_attribute; -+ PKCS7_digest_from_attributes; -+ PKCS7_get_attribute; -+ PKCS7_get_issuer_and_serial; -+ PKCS7_get_signed_attribute; -+ COMP_compress_block; -+ COMP_expand_block; -+ COMP_rle; -+ COMP_zlib; -+ ms_time_diff; -+ ms_time_new; -+ ms_time_free; -+ ms_time_cmp; -+ ms_time_get; -+ PKCS7_set_attributes; -+ PKCS7_set_signed_attributes; -+ X509_ATTRIBUTE_create; -+ X509_ATTRIBUTE_dup; -+ ASN1_GENERALIZEDTIME_check; -+ ASN1_GENERALIZEDTIME_print; -+ ASN1_GENERALIZEDTIME_set; -+ ASN1_GENERALIZEDTIME_set_string; -+ ASN1_TIME_print; -+ BASIC_CONSTRAINTS_free; -+ BASIC_CONSTRAINTS_new; -+ ERR_load_X509V3_strings; -+ NETSCAPE_CERT_SEQUENCE_free; -+ NETSCAPE_CERT_SEQUENCE_new; -+ OBJ_txt2obj; -+ PEM_read_NETSCAPE_CERT_SEQUENCE; -+ PEM_read_NS_CERT_SEQ; -+ PEM_read_bio_NETSCAPE_CERT_SEQUENCE; -+ PEM_read_bio_NS_CERT_SEQ; -+ PEM_write_NETSCAPE_CERT_SEQUENCE; -+ PEM_write_NS_CERT_SEQ; -+ PEM_write_bio_NETSCAPE_CERT_SEQUENCE; -+ PEM_write_bio_NS_CERT_SEQ; -+ X509V3_EXT_add; -+ X509V3_EXT_add_alias; -+ X509V3_EXT_add_conf; -+ X509V3_EXT_cleanup; -+ X509V3_EXT_conf; -+ X509V3_EXT_conf_nid; -+ X509V3_EXT_get; -+ X509V3_EXT_get_nid; -+ X509V3_EXT_print; -+ X509V3_EXT_print_fp; -+ X509V3_add_standard_extensions; -+ X509V3_add_value; -+ X509V3_add_value_bool; -+ X509V3_add_value_int; -+ X509V3_conf_free; -+ X509V3_get_value_bool; -+ X509V3_get_value_int; -+ X509V3_parse_list; -+ d2i_ASN1_GENERALIZEDTIME; -+ d2i_ASN1_TIME; -+ d2i_BASIC_CONSTRAINTS; -+ d2i_NETSCAPE_CERT_SEQUENCE; -+ d2i_ext_ku; -+ ext_ku_free; -+ ext_ku_new; -+ i2d_ASN1_GENERALIZEDTIME; -+ i2d_ASN1_TIME; -+ i2d_BASIC_CONSTRAINTS; -+ i2d_NETSCAPE_CERT_SEQUENCE; -+ i2d_ext_ku; -+ EVP_MD_CTX_copy; -+ i2d_ASN1_ENUMERATED; -+ d2i_ASN1_ENUMERATED; -+ ASN1_ENUMERATED_set; -+ ASN1_ENUMERATED_get; -+ BN_to_ASN1_ENUMERATED; -+ ASN1_ENUMERATED_to_BN; -+ i2a_ASN1_ENUMERATED; -+ a2i_ASN1_ENUMERATED; -+ i2d_GENERAL_NAME; -+ d2i_GENERAL_NAME; -+ GENERAL_NAME_new; -+ GENERAL_NAME_free; -+ GENERAL_NAMES_new; -+ GENERAL_NAMES_free; -+ d2i_GENERAL_NAMES; -+ i2d_GENERAL_NAMES; -+ i2v_GENERAL_NAMES; -+ i2s_ASN1_OCTET_STRING; -+ s2i_ASN1_OCTET_STRING; -+ X509V3_EXT_check_conf; -+ hex_to_string; -+ string_to_hex; -+ DES_ede3_cbcm_encrypt; -+ RSA_padding_add_PKCS1_OAEP; -+ RSA_padding_check_PKCS1_OAEP; -+ X509_CRL_print_fp; -+ X509_CRL_print; -+ i2v_GENERAL_NAME; -+ v2i_GENERAL_NAME; -+ i2d_PKEY_USAGE_PERIOD; -+ d2i_PKEY_USAGE_PERIOD; -+ PKEY_USAGE_PERIOD_new; -+ PKEY_USAGE_PERIOD_free; -+ v2i_GENERAL_NAMES; -+ i2s_ASN1_INTEGER; -+ X509V3_EXT_d2i; -+ name_cmp; -+ str_dup; -+ i2s_ASN1_ENUMERATED; -+ i2s_ASN1_ENUMERATED_TABLE; -+ BIO_s_log; -+ BIO_f_reliable; -+ PKCS7_dataFinal; -+ PKCS7_dataDecode; -+ X509V3_EXT_CRL_add_conf; -+ BN_set_params; -+ BN_get_params; -+ BIO_get_ex_num; -+ BIO_set_ex_free_func; -+ EVP_ripemd160; -+ ASN1_TIME_set; -+ i2d_AUTHORITY_KEYID; -+ d2i_AUTHORITY_KEYID; -+ AUTHORITY_KEYID_new; -+ AUTHORITY_KEYID_free; -+ ASN1_seq_unpack; -+ ASN1_seq_pack; -+ ASN1_unpack_string; -+ ASN1_pack_string; -+ PKCS12_pack_safebag; -+ PKCS12_MAKE_KEYBAG; -+ PKCS8_encrypt; -+ PKCS12_MAKE_SHKEYBAG; -+ PKCS12_pack_p7data; -+ PKCS12_pack_p7encdata; -+ PKCS12_add_localkeyid; -+ PKCS12_add_friendlyname_asc; -+ PKCS12_add_friendlyname_uni; -+ PKCS12_get_friendlyname; -+ PKCS12_pbe_crypt; -+ PKCS12_decrypt_d2i; -+ PKCS12_i2d_encrypt; -+ PKCS12_init; -+ PKCS12_key_gen_asc; -+ PKCS12_key_gen_uni; -+ PKCS12_gen_mac; -+ PKCS12_verify_mac; -+ PKCS12_set_mac; -+ PKCS12_setup_mac; -+ OPENSSL_asc2uni; -+ OPENSSL_uni2asc; -+ i2d_PKCS12_BAGS; -+ PKCS12_BAGS_new; -+ d2i_PKCS12_BAGS; -+ PKCS12_BAGS_free; -+ i2d_PKCS12; -+ d2i_PKCS12; -+ PKCS12_new; -+ PKCS12_free; -+ i2d_PKCS12_MAC_DATA; -+ PKCS12_MAC_DATA_new; -+ d2i_PKCS12_MAC_DATA; -+ PKCS12_MAC_DATA_free; -+ i2d_PKCS12_SAFEBAG; -+ PKCS12_SAFEBAG_new; -+ d2i_PKCS12_SAFEBAG; -+ PKCS12_SAFEBAG_free; -+ ERR_load_PKCS12_strings; -+ PKCS12_PBE_add; -+ PKCS8_add_keyusage; -+ PKCS12_get_attr_gen; -+ PKCS12_parse; -+ PKCS12_create; -+ i2d_PKCS12_bio; -+ i2d_PKCS12_fp; -+ d2i_PKCS12_bio; -+ d2i_PKCS12_fp; -+ i2d_PBEPARAM; -+ PBEPARAM_new; -+ d2i_PBEPARAM; -+ PBEPARAM_free; -+ i2d_PKCS8_PRIV_KEY_INFO; -+ PKCS8_PRIV_KEY_INFO_new; -+ d2i_PKCS8_PRIV_KEY_INFO; -+ PKCS8_PRIV_KEY_INFO_free; -+ EVP_PKCS82PKEY; -+ EVP_PKEY2PKCS8; -+ PKCS8_set_broken; -+ EVP_PBE_ALGOR_CipherInit; -+ EVP_PBE_alg_add; -+ PKCS5_pbe_set; -+ EVP_PBE_cleanup; -+ i2d_SXNET; -+ d2i_SXNET; -+ SXNET_new; -+ SXNET_free; -+ i2d_SXNETID; -+ d2i_SXNETID; -+ SXNETID_new; -+ SXNETID_free; -+ DSA_SIG_new; -+ DSA_SIG_free; -+ DSA_do_sign; -+ DSA_do_verify; -+ d2i_DSA_SIG; -+ i2d_DSA_SIG; -+ i2d_ASN1_VISIBLESTRING; -+ d2i_ASN1_VISIBLESTRING; -+ i2d_ASN1_UTF8STRING; -+ d2i_ASN1_UTF8STRING; -+ i2d_DIRECTORYSTRING; -+ d2i_DIRECTORYSTRING; -+ i2d_DISPLAYTEXT; -+ d2i_DISPLAYTEXT; -+ d2i_ASN1_SET_OF_X509; -+ i2d_ASN1_SET_OF_X509; -+ i2d_PBKDF2PARAM; -+ PBKDF2PARAM_new; -+ d2i_PBKDF2PARAM; -+ PBKDF2PARAM_free; -+ i2d_PBE2PARAM; -+ PBE2PARAM_new; -+ d2i_PBE2PARAM; -+ PBE2PARAM_free; -+ d2i_ASN1_SET_OF_GENERAL_NAME; -+ i2d_ASN1_SET_OF_GENERAL_NAME; -+ d2i_ASN1_SET_OF_SXNETID; -+ i2d_ASN1_SET_OF_SXNETID; -+ d2i_ASN1_SET_OF_POLICYQUALINFO; -+ i2d_ASN1_SET_OF_POLICYQUALINFO; -+ d2i_ASN1_SET_OF_POLICYINFO; -+ i2d_ASN1_SET_OF_POLICYINFO; -+ SXNET_add_id_asc; -+ SXNET_add_id_ulong; -+ SXNET_add_id_INTEGER; -+ SXNET_get_id_asc; -+ SXNET_get_id_ulong; -+ SXNET_get_id_INTEGER; -+ X509V3_set_conf_lhash; -+ i2d_CERTIFICATEPOLICIES; -+ CERTIFICATEPOLICIES_new; -+ CERTIFICATEPOLICIES_free; -+ d2i_CERTIFICATEPOLICIES; -+ i2d_POLICYINFO; -+ POLICYINFO_new; -+ d2i_POLICYINFO; -+ POLICYINFO_free; -+ i2d_POLICYQUALINFO; -+ POLICYQUALINFO_new; -+ d2i_POLICYQUALINFO; -+ POLICYQUALINFO_free; -+ i2d_USERNOTICE; -+ USERNOTICE_new; -+ d2i_USERNOTICE; -+ USERNOTICE_free; -+ i2d_NOTICEREF; -+ NOTICEREF_new; -+ d2i_NOTICEREF; -+ NOTICEREF_free; -+ X509V3_get_string; -+ X509V3_get_section; -+ X509V3_string_free; -+ X509V3_section_free; -+ X509V3_set_ctx; -+ s2i_ASN1_INTEGER; -+ CRYPTO_set_locked_mem_functions; -+ CRYPTO_get_locked_mem_functions; -+ CRYPTO_malloc_locked; -+ CRYPTO_free_locked; -+ BN_mod_exp2_mont; -+ ERR_get_error_line_data; -+ ERR_peek_error_line_data; -+ PKCS12_PBE_keyivgen; -+ X509_ALGOR_dup; -+ d2i_ASN1_SET_OF_DIST_POINT; -+ i2d_ASN1_SET_OF_DIST_POINT; -+ i2d_CRL_DIST_POINTS; -+ CRL_DIST_POINTS_new; -+ CRL_DIST_POINTS_free; -+ d2i_CRL_DIST_POINTS; -+ i2d_DIST_POINT; -+ DIST_POINT_new; -+ d2i_DIST_POINT; -+ DIST_POINT_free; -+ i2d_DIST_POINT_NAME; -+ DIST_POINT_NAME_new; -+ DIST_POINT_NAME_free; -+ d2i_DIST_POINT_NAME; -+ X509V3_add_value_uchar; -+ d2i_ASN1_SET_OF_X509_ATTRIBUTE; -+ i2d_ASN1_SET_OF_ASN1_TYPE; -+ d2i_ASN1_SET_OF_X509_EXTENSION; -+ d2i_ASN1_SET_OF_X509_NAME_ENTRY; -+ d2i_ASN1_SET_OF_ASN1_TYPE; -+ i2d_ASN1_SET_OF_X509_ATTRIBUTE; -+ i2d_ASN1_SET_OF_X509_EXTENSION; -+ i2d_ASN1_SET_OF_X509_NAME_ENTRY; -+ X509V3_EXT_i2d; -+ X509V3_EXT_val_prn; -+ X509V3_EXT_add_list; -+ EVP_CIPHER_type; -+ EVP_PBE_CipherInit; -+ X509V3_add_value_bool_nf; -+ d2i_ASN1_UINTEGER; -+ sk_value; -+ sk_num; -+ sk_set; -+ i2d_ASN1_SET_OF_X509_REVOKED; -+ sk_sort; -+ d2i_ASN1_SET_OF_X509_REVOKED; -+ i2d_ASN1_SET_OF_X509_ALGOR; -+ i2d_ASN1_SET_OF_X509_CRL; -+ d2i_ASN1_SET_OF_X509_ALGOR; -+ d2i_ASN1_SET_OF_X509_CRL; -+ i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO; -+ i2d_ASN1_SET_OF_PKCS7_RECIP_INFO; -+ d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO; -+ d2i_ASN1_SET_OF_PKCS7_RECIP_INFO; -+ PKCS5_PBE_add; -+ PEM_write_bio_PKCS8; -+ i2d_PKCS8_fp; -+ PEM_read_bio_PKCS8_PRIV_KEY_INFO; -+ PEM_read_bio_P8_PRIV_KEY_INFO; -+ d2i_PKCS8_bio; -+ d2i_PKCS8_PRIV_KEY_INFO_fp; -+ PEM_write_bio_PKCS8_PRIV_KEY_INFO; -+ PEM_write_bio_P8_PRIV_KEY_INFO; -+ PEM_read_PKCS8; -+ d2i_PKCS8_PRIV_KEY_INFO_bio; -+ d2i_PKCS8_fp; -+ PEM_write_PKCS8; -+ PEM_read_PKCS8_PRIV_KEY_INFO; -+ PEM_read_P8_PRIV_KEY_INFO; -+ PEM_read_bio_PKCS8; -+ PEM_write_PKCS8_PRIV_KEY_INFO; -+ PEM_write_P8_PRIV_KEY_INFO; -+ PKCS5_PBE_keyivgen; -+ i2d_PKCS8_bio; -+ i2d_PKCS8_PRIV_KEY_INFO_fp; -+ i2d_PKCS8_PRIV_KEY_INFO_bio; -+ BIO_s_bio; -+ PKCS5_pbe2_set; -+ PKCS5_PBKDF2_HMAC_SHA1; -+ PKCS5_v2_PBE_keyivgen; -+ PEM_write_bio_PKCS8PrivateKey; -+ PEM_write_PKCS8PrivateKey; -+ BIO_ctrl_get_read_request; -+ BIO_ctrl_pending; -+ BIO_ctrl_wpending; -+ BIO_new_bio_pair; -+ BIO_ctrl_get_write_guarantee; -+ CRYPTO_num_locks; -+ CONF_load_bio; -+ CONF_load_fp; -+ i2d_ASN1_SET_OF_ASN1_OBJECT; -+ d2i_ASN1_SET_OF_ASN1_OBJECT; -+ PKCS7_signatureVerify; -+ RSA_set_method; -+ RSA_get_method; -+ RSA_get_default_method; -+ RSA_check_key; -+ OBJ_obj2txt; -+ DSA_dup_DH; -+ X509_REQ_get_extensions; -+ X509_REQ_set_extension_nids; -+ BIO_nwrite; -+ X509_REQ_extension_nid; -+ BIO_nread; -+ X509_REQ_get_extension_nids; -+ BIO_nwrite0; -+ X509_REQ_add_extensions_nid; -+ BIO_nread0; -+ X509_REQ_add_extensions; -+ BIO_new_mem_buf; -+ DH_set_ex_data; -+ DH_set_method; -+ DSA_OpenSSL; -+ DH_get_ex_data; -+ DH_get_ex_new_index; -+ DSA_new_method; -+ DH_new_method; -+ DH_OpenSSL; -+ DSA_get_ex_new_index; -+ DH_get_default_method; -+ DSA_set_ex_data; -+ DH_set_default_method; -+ DSA_get_ex_data; -+ X509V3_EXT_REQ_add_conf; -+ NETSCAPE_SPKI_print; -+ NETSCAPE_SPKI_set_pubkey; -+ NETSCAPE_SPKI_b64_encode; -+ NETSCAPE_SPKI_get_pubkey; -+ NETSCAPE_SPKI_b64_decode; -+ UTF8_putc; -+ UTF8_getc; -+ RSA_null_method; -+ ASN1_tag2str; -+ BIO_ctrl_reset_read_request; -+ DISPLAYTEXT_new; -+ ASN1_GENERALIZEDTIME_free; -+ X509_REVOKED_get_ext_d2i; -+ X509_set_ex_data; -+ X509_reject_set_bit_asc; -+ X509_NAME_add_entry_by_txt; -+ X509_NAME_add_entry_by_NID; -+ X509_PURPOSE_get0; -+ PEM_read_X509_AUX; -+ d2i_AUTHORITY_INFO_ACCESS; -+ PEM_write_PUBKEY; -+ ACCESS_DESCRIPTION_new; -+ X509_CERT_AUX_free; -+ d2i_ACCESS_DESCRIPTION; -+ X509_trust_clear; -+ X509_TRUST_add; -+ ASN1_VISIBLESTRING_new; -+ X509_alias_set1; -+ ASN1_PRINTABLESTRING_free; -+ EVP_PKEY_get1_DSA; -+ ASN1_BMPSTRING_new; -+ ASN1_mbstring_copy; -+ ASN1_UTF8STRING_new; -+ DSA_get_default_method; -+ i2d_ASN1_SET_OF_ACCESS_DESCRIPTION; -+ ASN1_T61STRING_free; -+ DSA_set_method; -+ X509_get_ex_data; -+ ASN1_STRING_type; -+ X509_PURPOSE_get_by_sname; -+ ASN1_TIME_free; -+ ASN1_OCTET_STRING_cmp; -+ ASN1_BIT_STRING_new; -+ X509_get_ext_d2i; -+ PEM_read_bio_X509_AUX; -+ ASN1_STRING_set_default_mask_asc; -+ ASN1_STRING_set_def_mask_asc; -+ PEM_write_bio_RSA_PUBKEY; -+ ASN1_INTEGER_cmp; -+ d2i_RSA_PUBKEY_fp; -+ X509_trust_set_bit_asc; -+ PEM_write_bio_DSA_PUBKEY; -+ X509_STORE_CTX_free; -+ EVP_PKEY_set1_DSA; -+ i2d_DSA_PUBKEY_fp; -+ X509_load_cert_crl_file; -+ ASN1_TIME_new; -+ i2d_RSA_PUBKEY; -+ X509_STORE_CTX_purpose_inherit; -+ PEM_read_RSA_PUBKEY; -+ d2i_X509_AUX; -+ i2d_DSA_PUBKEY; -+ X509_CERT_AUX_print; -+ PEM_read_DSA_PUBKEY; -+ i2d_RSA_PUBKEY_bio; -+ ASN1_BIT_STRING_num_asc; -+ i2d_PUBKEY; -+ ASN1_UTCTIME_free; -+ DSA_set_default_method; -+ X509_PURPOSE_get_by_id; -+ ACCESS_DESCRIPTION_free; -+ PEM_read_bio_PUBKEY; -+ ASN1_STRING_set_by_NID; -+ X509_PURPOSE_get_id; -+ DISPLAYTEXT_free; -+ OTHERNAME_new; -+ X509_CERT_AUX_new; -+ X509_TRUST_cleanup; -+ X509_NAME_add_entry_by_OBJ; -+ X509_CRL_get_ext_d2i; -+ X509_PURPOSE_get0_name; -+ PEM_read_PUBKEY; -+ i2d_DSA_PUBKEY_bio; -+ i2d_OTHERNAME; -+ ASN1_OCTET_STRING_free; -+ ASN1_BIT_STRING_set_asc; -+ X509_get_ex_new_index; -+ ASN1_STRING_TABLE_cleanup; -+ X509_TRUST_get_by_id; -+ X509_PURPOSE_get_trust; -+ ASN1_STRING_length; -+ d2i_ASN1_SET_OF_ACCESS_DESCRIPTION; -+ ASN1_PRINTABLESTRING_new; -+ X509V3_get_d2i; -+ ASN1_ENUMERATED_free; -+ i2d_X509_CERT_AUX; -+ X509_STORE_CTX_set_trust; -+ ASN1_STRING_set_default_mask; -+ X509_STORE_CTX_new; -+ EVP_PKEY_get1_RSA; -+ DIRECTORYSTRING_free; -+ PEM_write_X509_AUX; -+ ASN1_OCTET_STRING_set; -+ d2i_DSA_PUBKEY_fp; -+ d2i_RSA_PUBKEY; -+ X509_TRUST_get0_name; -+ X509_TRUST_get0; -+ AUTHORITY_INFO_ACCESS_free; -+ ASN1_IA5STRING_new; -+ d2i_DSA_PUBKEY; -+ X509_check_purpose; -+ ASN1_ENUMERATED_new; -+ d2i_RSA_PUBKEY_bio; -+ d2i_PUBKEY; -+ X509_TRUST_get_trust; -+ X509_TRUST_get_flags; -+ ASN1_BMPSTRING_free; -+ ASN1_T61STRING_new; -+ ASN1_UTCTIME_new; -+ i2d_AUTHORITY_INFO_ACCESS; -+ EVP_PKEY_set1_RSA; -+ X509_STORE_CTX_set_purpose; -+ ASN1_IA5STRING_free; -+ PEM_write_bio_X509_AUX; -+ X509_PURPOSE_get_count; -+ CRYPTO_add_info; -+ X509_NAME_ENTRY_create_by_txt; -+ ASN1_STRING_get_default_mask; -+ X509_alias_get0; -+ ASN1_STRING_data; -+ i2d_ACCESS_DESCRIPTION; -+ X509_trust_set_bit; -+ ASN1_BIT_STRING_free; -+ PEM_read_bio_RSA_PUBKEY; -+ X509_add1_reject_object; -+ X509_check_trust; -+ PEM_read_bio_DSA_PUBKEY; -+ X509_PURPOSE_add; -+ ASN1_STRING_TABLE_get; -+ ASN1_UTF8STRING_free; -+ d2i_DSA_PUBKEY_bio; -+ PEM_write_RSA_PUBKEY; -+ d2i_OTHERNAME; -+ X509_reject_set_bit; -+ PEM_write_DSA_PUBKEY; -+ X509_PURPOSE_get0_sname; -+ EVP_PKEY_set1_DH; -+ ASN1_OCTET_STRING_dup; -+ ASN1_BIT_STRING_set; -+ X509_TRUST_get_count; -+ ASN1_INTEGER_free; -+ OTHERNAME_free; -+ i2d_RSA_PUBKEY_fp; -+ ASN1_INTEGER_dup; -+ d2i_X509_CERT_AUX; -+ PEM_write_bio_PUBKEY; -+ ASN1_VISIBLESTRING_free; -+ X509_PURPOSE_cleanup; -+ ASN1_mbstring_ncopy; -+ ASN1_GENERALIZEDTIME_new; -+ EVP_PKEY_get1_DH; -+ ASN1_OCTET_STRING_new; -+ ASN1_INTEGER_new; -+ i2d_X509_AUX; -+ ASN1_BIT_STRING_name_print; -+ X509_cmp; -+ ASN1_STRING_length_set; -+ DIRECTORYSTRING_new; -+ X509_add1_trust_object; -+ PKCS12_newpass; -+ SMIME_write_PKCS7; -+ SMIME_read_PKCS7; -+ DES_set_key_checked; -+ PKCS7_verify; -+ PKCS7_encrypt; -+ DES_set_key_unchecked; -+ SMIME_crlf_copy; -+ i2d_ASN1_PRINTABLESTRING; -+ PKCS7_get0_signers; -+ PKCS7_decrypt; -+ SMIME_text; -+ PKCS7_simple_smimecap; -+ PKCS7_get_smimecap; -+ PKCS7_sign; -+ PKCS7_add_attrib_smimecap; -+ CRYPTO_dbg_set_options; -+ CRYPTO_remove_all_info; -+ CRYPTO_get_mem_debug_functions; -+ CRYPTO_is_mem_check_on; -+ CRYPTO_set_mem_debug_functions; -+ CRYPTO_pop_info; -+ CRYPTO_push_info_; -+ CRYPTO_set_mem_debug_options; -+ PEM_write_PKCS8PrivateKey_nid; -+ PEM_write_bio_PKCS8PrivateKey_nid; -+ PEM_write_bio_PKCS8PrivKey_nid; -+ d2i_PKCS8PrivateKey_bio; -+ ASN1_NULL_free; -+ d2i_ASN1_NULL; -+ ASN1_NULL_new; -+ i2d_PKCS8PrivateKey_bio; -+ i2d_PKCS8PrivateKey_fp; -+ i2d_ASN1_NULL; -+ i2d_PKCS8PrivateKey_nid_fp; -+ d2i_PKCS8PrivateKey_fp; -+ i2d_PKCS8PrivateKey_nid_bio; -+ i2d_PKCS8PrivateKeyInfo_fp; -+ i2d_PKCS8PrivateKeyInfo_bio; -+ PEM_cb; -+ i2d_PrivateKey_fp; -+ d2i_PrivateKey_bio; -+ d2i_PrivateKey_fp; -+ i2d_PrivateKey_bio; -+ X509_reject_clear; -+ X509_TRUST_set_default; -+ d2i_AutoPrivateKey; -+ X509_ATTRIBUTE_get0_type; -+ X509_ATTRIBUTE_set1_data; -+ X509at_get_attr; -+ X509at_get_attr_count; -+ X509_ATTRIBUTE_create_by_NID; -+ X509_ATTRIBUTE_set1_object; -+ X509_ATTRIBUTE_count; -+ X509_ATTRIBUTE_create_by_OBJ; -+ X509_ATTRIBUTE_get0_object; -+ X509at_get_attr_by_NID; -+ X509at_add1_attr; -+ X509_ATTRIBUTE_get0_data; -+ X509at_delete_attr; -+ X509at_get_attr_by_OBJ; -+ RAND_add; -+ BIO_number_written; -+ BIO_number_read; -+ X509_STORE_CTX_get1_chain; -+ ERR_load_RAND_strings; -+ RAND_pseudo_bytes; -+ X509_REQ_get_attr_by_NID; -+ X509_REQ_get_attr; -+ X509_REQ_add1_attr_by_NID; -+ X509_REQ_get_attr_by_OBJ; -+ X509at_add1_attr_by_NID; -+ X509_REQ_add1_attr_by_OBJ; -+ X509_REQ_get_attr_count; -+ X509_REQ_add1_attr; -+ X509_REQ_delete_attr; -+ X509at_add1_attr_by_OBJ; -+ X509_REQ_add1_attr_by_txt; -+ X509_ATTRIBUTE_create_by_txt; -+ X509at_add1_attr_by_txt; -+ BN_pseudo_rand; -+ BN_is_prime_fasttest; -+ BN_CTX_end; -+ BN_CTX_start; -+ BN_CTX_get; -+ EVP_PKEY2PKCS8_broken; -+ ASN1_STRING_TABLE_add; -+ CRYPTO_dbg_get_options; -+ AUTHORITY_INFO_ACCESS_new; -+ CRYPTO_get_mem_debug_options; -+ DES_crypt; -+ PEM_write_bio_X509_REQ_NEW; -+ PEM_write_X509_REQ_NEW; -+ BIO_callback_ctrl; -+ RAND_egd; -+ RAND_status; -+ bn_dump1; -+ DES_check_key_parity; -+ lh_num_items; -+ RAND_event; -+ DSO_new; -+ DSO_new_method; -+ DSO_free; -+ DSO_flags; -+ DSO_up; -+ DSO_set_default_method; -+ DSO_get_default_method; -+ DSO_get_method; -+ DSO_set_method; -+ DSO_load; -+ DSO_bind_var; -+ DSO_METHOD_null; -+ DSO_METHOD_openssl; -+ DSO_METHOD_dlfcn; -+ DSO_METHOD_win32; -+ ERR_load_DSO_strings; -+ DSO_METHOD_dl; -+ NCONF_load; -+ NCONF_load_fp; -+ NCONF_new; -+ NCONF_get_string; -+ NCONF_free; -+ NCONF_get_number; -+ CONF_dump_fp; -+ NCONF_load_bio; -+ NCONF_dump_fp; -+ NCONF_get_section; -+ NCONF_dump_bio; -+ CONF_dump_bio; -+ NCONF_free_data; -+ CONF_set_default_method; -+ ERR_error_string_n; -+ BIO_snprintf; -+ DSO_ctrl; -+ i2d_ASN1_SET_OF_ASN1_INTEGER; -+ i2d_ASN1_SET_OF_PKCS12_SAFEBAG; -+ i2d_ASN1_SET_OF_PKCS7; -+ BIO_vfree; -+ d2i_ASN1_SET_OF_ASN1_INTEGER; -+ d2i_ASN1_SET_OF_PKCS12_SAFEBAG; -+ ASN1_UTCTIME_get; -+ X509_REQ_digest; -+ X509_CRL_digest; -+ d2i_ASN1_SET_OF_PKCS7; -+ EVP_CIPHER_CTX_set_key_length; -+ EVP_CIPHER_CTX_ctrl; -+ BN_mod_exp_mont_word; -+ RAND_egd_bytes; -+ X509_REQ_get1_email; -+ X509_get1_email; -+ X509_email_free; -+ i2d_RSA_NET; -+ d2i_RSA_NET_2; -+ d2i_RSA_NET; -+ DSO_bind_func; -+ CRYPTO_get_new_dynlockid; -+ sk_new_null; -+ CRYPTO_set_dynlock_destroy_callback; -+ CRYPTO_set_dynlock_destroy_cb; -+ CRYPTO_destroy_dynlockid; -+ CRYPTO_set_dynlock_size; -+ CRYPTO_set_dynlock_create_callback; -+ CRYPTO_set_dynlock_create_cb; -+ CRYPTO_set_dynlock_lock_callback; -+ CRYPTO_set_dynlock_lock_cb; -+ CRYPTO_get_dynlock_lock_callback; -+ CRYPTO_get_dynlock_lock_cb; -+ CRYPTO_get_dynlock_destroy_callback; -+ CRYPTO_get_dynlock_destroy_cb; -+ CRYPTO_get_dynlock_value; -+ CRYPTO_get_dynlock_create_callback; -+ CRYPTO_get_dynlock_create_cb; -+ c2i_ASN1_BIT_STRING; -+ i2c_ASN1_BIT_STRING; -+ RAND_poll; -+ c2i_ASN1_INTEGER; -+ i2c_ASN1_INTEGER; -+ BIO_dump_indent; -+ ASN1_parse_dump; -+ c2i_ASN1_OBJECT; -+ X509_NAME_print_ex_fp; -+ ASN1_STRING_print_ex_fp; -+ X509_NAME_print_ex; -+ ASN1_STRING_print_ex; -+ MD4; -+ MD4_Transform; -+ MD4_Final; -+ MD4_Update; -+ MD4_Init; -+ EVP_md4; -+ i2d_PUBKEY_bio; -+ i2d_PUBKEY_fp; -+ d2i_PUBKEY_bio; -+ ASN1_STRING_to_UTF8; -+ BIO_vprintf; -+ BIO_vsnprintf; -+ d2i_PUBKEY_fp; -+ X509_cmp_time; -+ X509_STORE_CTX_set_time; -+ X509_STORE_CTX_get1_issuer; -+ X509_OBJECT_retrieve_match; -+ X509_OBJECT_idx_by_subject; -+ X509_STORE_CTX_set_flags; -+ X509_STORE_CTX_trusted_stack; -+ X509_time_adj; -+ X509_check_issued; -+ ASN1_UTCTIME_cmp_time_t; -+ DES_set_weak_key_flag; -+ DES_check_key; -+ DES_rw_mode; -+ RSA_PKCS1_RSAref; -+ X509_keyid_set1; -+ BIO_next; -+ DSO_METHOD_vms; -+ BIO_f_linebuffer; -+ BN_bntest_rand; -+ OPENSSL_issetugid; -+ BN_rand_range; -+ ERR_load_ENGINE_strings; -+ ENGINE_set_DSA; -+ ENGINE_get_finish_function; -+ ENGINE_get_default_RSA; -+ ENGINE_get_BN_mod_exp; -+ DSA_get_default_openssl_method; -+ ENGINE_set_DH; -+ ENGINE_set_def_BN_mod_exp_crt; -+ ENGINE_set_default_BN_mod_exp_crt; -+ ENGINE_init; -+ DH_get_default_openssl_method; -+ RSA_set_default_openssl_method; -+ ENGINE_finish; -+ ENGINE_load_public_key; -+ ENGINE_get_DH; -+ ENGINE_ctrl; -+ ENGINE_get_init_function; -+ ENGINE_set_init_function; -+ ENGINE_set_default_DSA; -+ ENGINE_get_name; -+ ENGINE_get_last; -+ ENGINE_get_prev; -+ ENGINE_get_default_DH; -+ ENGINE_get_RSA; -+ ENGINE_set_default; -+ ENGINE_get_RAND; -+ ENGINE_get_first; -+ ENGINE_by_id; -+ ENGINE_set_finish_function; -+ ENGINE_get_def_BN_mod_exp_crt; -+ ENGINE_get_default_BN_mod_exp_crt; -+ RSA_get_default_openssl_method; -+ ENGINE_set_RSA; -+ ENGINE_load_private_key; -+ ENGINE_set_default_RAND; -+ ENGINE_set_BN_mod_exp; -+ ENGINE_remove; -+ ENGINE_free; -+ ENGINE_get_BN_mod_exp_crt; -+ ENGINE_get_next; -+ ENGINE_set_name; -+ ENGINE_get_default_DSA; -+ ENGINE_set_default_BN_mod_exp; -+ ENGINE_set_default_RSA; -+ ENGINE_get_default_RAND; -+ ENGINE_get_default_BN_mod_exp; -+ ENGINE_set_RAND; -+ ENGINE_set_id; -+ ENGINE_set_BN_mod_exp_crt; -+ ENGINE_set_default_DH; -+ ENGINE_new; -+ ENGINE_get_id; -+ DSA_set_default_openssl_method; -+ ENGINE_add; -+ DH_set_default_openssl_method; -+ ENGINE_get_DSA; -+ ENGINE_get_ctrl_function; -+ ENGINE_set_ctrl_function; -+ BN_pseudo_rand_range; -+ X509_STORE_CTX_set_verify_cb; -+ ERR_load_COMP_strings; -+ PKCS12_item_decrypt_d2i; -+ ASN1_UTF8STRING_it; -+ ENGINE_unregister_ciphers; -+ ENGINE_get_ciphers; -+ d2i_OCSP_BASICRESP; -+ KRB5_CHECKSUM_it; -+ EC_POINT_add; -+ ASN1_item_ex_i2d; -+ OCSP_CERTID_it; -+ d2i_OCSP_RESPBYTES; -+ X509V3_add1_i2d; -+ PKCS7_ENVELOPE_it; -+ UI_add_input_boolean; -+ ENGINE_unregister_RSA; -+ X509V3_EXT_nconf; -+ ASN1_GENERALSTRING_free; -+ d2i_OCSP_CERTSTATUS; -+ X509_REVOKED_set_serialNumber; -+ X509_print_ex; -+ OCSP_ONEREQ_get1_ext_d2i; -+ ENGINE_register_all_RAND; -+ ENGINE_load_dynamic; -+ PBKDF2PARAM_it; -+ EXTENDED_KEY_USAGE_new; -+ EC_GROUP_clear_free; -+ OCSP_sendreq_bio; -+ ASN1_item_digest; -+ OCSP_BASICRESP_delete_ext; -+ OCSP_SIGNATURE_it; -+ X509_CRL_it; -+ OCSP_BASICRESP_add_ext; -+ KRB5_ENCKEY_it; -+ UI_method_set_closer; -+ X509_STORE_set_purpose; -+ i2d_ASN1_GENERALSTRING; -+ OCSP_response_status; -+ i2d_OCSP_SERVICELOC; -+ ENGINE_get_digest_engine; -+ EC_GROUP_set_curve_GFp; -+ OCSP_REQUEST_get_ext_by_OBJ; -+ _ossl_old_des_random_key; -+ ASN1_T61STRING_it; -+ EC_GROUP_method_of; -+ i2d_KRB5_APREQ; -+ _ossl_old_des_encrypt; -+ ASN1_PRINTABLE_new; -+ HMAC_Init_ex; -+ d2i_KRB5_AUTHENT; -+ OCSP_archive_cutoff_new; -+ EC_POINT_set_Jprojective_coordinates_GFp; -+ EC_POINT_set_Jproj_coords_GFp; -+ _ossl_old_des_is_weak_key; -+ OCSP_BASICRESP_get_ext_by_OBJ; -+ EC_POINT_oct2point; -+ OCSP_SINGLERESP_get_ext_count; -+ UI_ctrl; -+ _shadow_DES_rw_mode; -+ asn1_do_adb; -+ ASN1_template_i2d; -+ ENGINE_register_DH; -+ UI_construct_prompt; -+ X509_STORE_set_trust; -+ UI_dup_input_string; -+ d2i_KRB5_APREQ; -+ EVP_MD_CTX_copy_ex; -+ OCSP_request_is_signed; -+ i2d_OCSP_REQINFO; -+ KRB5_ENCKEY_free; -+ OCSP_resp_get0; -+ GENERAL_NAME_it; -+ ASN1_GENERALIZEDTIME_it; -+ X509_STORE_set_flags; -+ EC_POINT_set_compressed_coordinates_GFp; -+ EC_POINT_set_compr_coords_GFp; -+ OCSP_response_status_str; -+ d2i_OCSP_REVOKEDINFO; -+ OCSP_basic_add1_cert; -+ ERR_get_implementation; -+ EVP_CipherFinal_ex; -+ OCSP_CERTSTATUS_new; -+ CRYPTO_cleanup_all_ex_data; -+ OCSP_resp_find; -+ BN_nnmod; -+ X509_CRL_sort; -+ X509_REVOKED_set_revocationDate; -+ ENGINE_register_RAND; -+ OCSP_SERVICELOC_new; -+ EC_POINT_set_affine_coordinates_GFp; -+ EC_POINT_set_affine_coords_GFp; -+ _ossl_old_des_options; -+ SXNET_it; -+ UI_dup_input_boolean; -+ PKCS12_add_CSPName_asc; -+ EC_POINT_is_at_infinity; -+ ENGINE_load_cryptodev; -+ DSO_convert_filename; -+ POLICYQUALINFO_it; -+ ENGINE_register_ciphers; -+ BN_mod_lshift_quick; -+ DSO_set_filename; -+ ASN1_item_free; -+ KRB5_TKTBODY_free; -+ AUTHORITY_KEYID_it; -+ KRB5_APREQBODY_new; -+ X509V3_EXT_REQ_add_nconf; -+ ENGINE_ctrl_cmd_string; -+ i2d_OCSP_RESPDATA; -+ EVP_MD_CTX_init; -+ EXTENDED_KEY_USAGE_free; -+ PKCS7_ATTR_SIGN_it; -+ UI_add_error_string; -+ KRB5_CHECKSUM_free; -+ OCSP_REQUEST_get_ext; -+ ENGINE_load_ubsec; -+ ENGINE_register_all_digests; -+ PKEY_USAGE_PERIOD_it; -+ PKCS12_unpack_authsafes; -+ ASN1_item_unpack; -+ NETSCAPE_SPKAC_it; -+ X509_REVOKED_it; -+ ASN1_STRING_encode; -+ EVP_aes_128_ecb; -+ KRB5_AUTHENT_free; -+ OCSP_BASICRESP_get_ext_by_critical; -+ OCSP_BASICRESP_get_ext_by_crit; -+ OCSP_cert_status_str; -+ d2i_OCSP_REQUEST; -+ UI_dup_info_string; -+ _ossl_old_des_xwhite_in2out; -+ PKCS12_it; -+ OCSP_SINGLERESP_get_ext_by_critical; -+ OCSP_SINGLERESP_get_ext_by_crit; -+ OCSP_CERTSTATUS_free; -+ _ossl_old_des_crypt; -+ ASN1_item_i2d; -+ EVP_DecryptFinal_ex; -+ ENGINE_load_openssl; -+ ENGINE_get_cmd_defns; -+ ENGINE_set_load_privkey_function; -+ ENGINE_set_load_privkey_fn; -+ EVP_EncryptFinal_ex; -+ ENGINE_set_default_digests; -+ X509_get0_pubkey_bitstr; -+ asn1_ex_i2c; -+ ENGINE_register_RSA; -+ ENGINE_unregister_DSA; -+ _ossl_old_des_key_sched; -+ X509_EXTENSION_it; -+ i2d_KRB5_AUTHENT; -+ SXNETID_it; -+ d2i_OCSP_SINGLERESP; -+ EDIPARTYNAME_new; -+ PKCS12_certbag2x509; -+ _ossl_old_des_ofb64_encrypt; -+ d2i_EXTENDED_KEY_USAGE; -+ ERR_print_errors_cb; -+ ENGINE_set_ciphers; -+ d2i_KRB5_APREQBODY; -+ UI_method_get_flusher; -+ X509_PUBKEY_it; -+ _ossl_old_des_enc_read; -+ PKCS7_ENCRYPT_it; -+ i2d_OCSP_RESPONSE; -+ EC_GROUP_get_cofactor; -+ PKCS12_unpack_p7data; -+ d2i_KRB5_AUTHDATA; -+ OCSP_copy_nonce; -+ KRB5_AUTHDATA_new; -+ OCSP_RESPDATA_new; -+ EC_GFp_mont_method; -+ OCSP_REVOKEDINFO_free; -+ UI_get_ex_data; -+ KRB5_APREQBODY_free; -+ EC_GROUP_get0_generator; -+ UI_get_default_method; -+ X509V3_set_nconf; -+ PKCS12_item_i2d_encrypt; -+ X509_add1_ext_i2d; -+ PKCS7_SIGNER_INFO_it; -+ KRB5_PRINCNAME_new; -+ PKCS12_SAFEBAG_it; -+ EC_GROUP_get_order; -+ d2i_OCSP_RESPID; -+ OCSP_request_verify; -+ NCONF_get_number_e; -+ _ossl_old_des_decrypt3; -+ X509_signature_print; -+ OCSP_SINGLERESP_free; -+ ENGINE_load_builtin_engines; -+ i2d_OCSP_ONEREQ; -+ OCSP_REQUEST_add_ext; -+ OCSP_RESPBYTES_new; -+ EVP_MD_CTX_create; -+ OCSP_resp_find_status; -+ X509_ALGOR_it; -+ ASN1_TIME_it; -+ OCSP_request_set1_name; -+ OCSP_ONEREQ_get_ext_count; -+ UI_get0_result; -+ PKCS12_AUTHSAFES_it; -+ EVP_aes_256_ecb; -+ PKCS12_pack_authsafes; -+ ASN1_IA5STRING_it; -+ UI_get_input_flags; -+ EC_GROUP_set_generator; -+ _ossl_old_des_string_to_2keys; -+ OCSP_CERTID_free; -+ X509_CERT_AUX_it; -+ CERTIFICATEPOLICIES_it; -+ _ossl_old_des_ede3_cbc_encrypt; -+ RAND_set_rand_engine; -+ DSO_get_loaded_filename; -+ X509_ATTRIBUTE_it; -+ OCSP_ONEREQ_get_ext_by_NID; -+ PKCS12_decrypt_skey; -+ KRB5_AUTHENT_it; -+ UI_dup_error_string; -+ RSAPublicKey_it; -+ i2d_OCSP_REQUEST; -+ PKCS12_x509crl2certbag; -+ OCSP_SERVICELOC_it; -+ ASN1_item_sign; -+ X509_CRL_set_issuer_name; -+ OBJ_NAME_do_all_sorted; -+ i2d_OCSP_BASICRESP; -+ i2d_OCSP_RESPBYTES; -+ PKCS12_unpack_p7encdata; -+ HMAC_CTX_init; -+ ENGINE_get_digest; -+ OCSP_RESPONSE_print; -+ KRB5_TKTBODY_it; -+ ACCESS_DESCRIPTION_it; -+ PKCS7_ISSUER_AND_SERIAL_it; -+ PBE2PARAM_it; -+ PKCS12_certbag2x509crl; -+ PKCS7_SIGNED_it; -+ ENGINE_get_cipher; -+ i2d_OCSP_CRLID; -+ OCSP_SINGLERESP_new; -+ ENGINE_cmd_is_executable; -+ RSA_up_ref; -+ ASN1_GENERALSTRING_it; -+ ENGINE_register_DSA; -+ X509V3_EXT_add_nconf_sk; -+ ENGINE_set_load_pubkey_function; -+ PKCS8_decrypt; -+ PEM_bytes_read_bio; -+ DIRECTORYSTRING_it; -+ d2i_OCSP_CRLID; -+ EC_POINT_is_on_curve; -+ CRYPTO_set_locked_mem_ex_functions; -+ CRYPTO_set_locked_mem_ex_funcs; -+ d2i_KRB5_CHECKSUM; -+ ASN1_item_dup; -+ X509_it; -+ BN_mod_add; -+ KRB5_AUTHDATA_free; -+ _ossl_old_des_cbc_cksum; -+ ASN1_item_verify; -+ CRYPTO_set_mem_ex_functions; -+ EC_POINT_get_Jprojective_coordinates_GFp; -+ EC_POINT_get_Jproj_coords_GFp; -+ ZLONG_it; -+ CRYPTO_get_locked_mem_ex_functions; -+ CRYPTO_get_locked_mem_ex_funcs; -+ ASN1_TIME_check; -+ UI_get0_user_data; -+ HMAC_CTX_cleanup; -+ DSA_up_ref; -+ _ossl_old_des_ede3_cfb64_encrypt; -+ _ossl_odes_ede3_cfb64_encrypt; -+ ASN1_BMPSTRING_it; -+ ASN1_tag2bit; -+ UI_method_set_flusher; -+ X509_ocspid_print; -+ KRB5_ENCDATA_it; -+ ENGINE_get_load_pubkey_function; -+ UI_add_user_data; -+ OCSP_REQUEST_delete_ext; -+ UI_get_method; -+ OCSP_ONEREQ_free; -+ ASN1_PRINTABLESTRING_it; -+ X509_CRL_set_nextUpdate; -+ OCSP_REQUEST_it; -+ OCSP_BASICRESP_it; -+ AES_ecb_encrypt; -+ BN_mod_sqr; -+ NETSCAPE_CERT_SEQUENCE_it; -+ GENERAL_NAMES_it; -+ AUTHORITY_INFO_ACCESS_it; -+ ASN1_FBOOLEAN_it; -+ UI_set_ex_data; -+ _ossl_old_des_string_to_key; -+ ENGINE_register_all_RSA; -+ d2i_KRB5_PRINCNAME; -+ OCSP_RESPBYTES_it; -+ X509_CINF_it; -+ ENGINE_unregister_digests; -+ d2i_EDIPARTYNAME; -+ d2i_OCSP_SERVICELOC; -+ ENGINE_get_digests; -+ _ossl_old_des_set_odd_parity; -+ OCSP_RESPDATA_free; -+ d2i_KRB5_TICKET; -+ OTHERNAME_it; -+ EVP_MD_CTX_cleanup; -+ d2i_ASN1_GENERALSTRING; -+ X509_CRL_set_version; -+ BN_mod_sub; -+ OCSP_SINGLERESP_get_ext_by_NID; -+ ENGINE_get_ex_new_index; -+ OCSP_REQUEST_free; -+ OCSP_REQUEST_add1_ext_i2d; -+ X509_VAL_it; -+ EC_POINTs_make_affine; -+ EC_POINT_mul; -+ X509V3_EXT_add_nconf; -+ X509_TRUST_set; -+ X509_CRL_add1_ext_i2d; -+ _ossl_old_des_fcrypt; -+ DISPLAYTEXT_it; -+ X509_CRL_set_lastUpdate; -+ OCSP_BASICRESP_free; -+ OCSP_BASICRESP_add1_ext_i2d; -+ d2i_KRB5_AUTHENTBODY; -+ CRYPTO_set_ex_data_implementation; -+ CRYPTO_set_ex_data_impl; -+ KRB5_ENCDATA_new; -+ DSO_up_ref; -+ OCSP_crl_reason_str; -+ UI_get0_result_string; -+ ASN1_GENERALSTRING_new; -+ X509_SIG_it; -+ ERR_set_implementation; -+ ERR_load_EC_strings; -+ UI_get0_action_string; -+ OCSP_ONEREQ_get_ext; -+ EC_POINT_method_of; -+ i2d_KRB5_APREQBODY; -+ _ossl_old_des_ecb3_encrypt; -+ CRYPTO_get_mem_ex_functions; -+ ENGINE_get_ex_data; -+ UI_destroy_method; -+ ASN1_item_i2d_bio; -+ OCSP_ONEREQ_get_ext_by_OBJ; -+ ASN1_primitive_new; -+ ASN1_PRINTABLE_it; -+ EVP_aes_192_ecb; -+ OCSP_SIGNATURE_new; -+ LONG_it; -+ ASN1_VISIBLESTRING_it; -+ OCSP_SINGLERESP_add1_ext_i2d; -+ d2i_OCSP_CERTID; -+ ASN1_item_d2i_fp; -+ CRL_DIST_POINTS_it; -+ GENERAL_NAME_print; -+ OCSP_SINGLERESP_delete_ext; -+ PKCS12_SAFEBAGS_it; -+ d2i_OCSP_SIGNATURE; -+ OCSP_request_add1_nonce; -+ ENGINE_set_cmd_defns; -+ OCSP_SERVICELOC_free; -+ EC_GROUP_free; -+ ASN1_BIT_STRING_it; -+ X509_REQ_it; -+ _ossl_old_des_cbc_encrypt; -+ ERR_unload_strings; -+ PKCS7_SIGN_ENVELOPE_it; -+ EDIPARTYNAME_free; -+ OCSP_REQINFO_free; -+ EC_GROUP_new_curve_GFp; -+ OCSP_REQUEST_get1_ext_d2i; -+ PKCS12_item_pack_safebag; -+ asn1_ex_c2i; -+ ENGINE_register_digests; -+ i2d_OCSP_REVOKEDINFO; -+ asn1_enc_restore; -+ UI_free; -+ UI_new_method; -+ EVP_EncryptInit_ex; -+ X509_pubkey_digest; -+ EC_POINT_invert; -+ OCSP_basic_sign; -+ i2d_OCSP_RESPID; -+ OCSP_check_nonce; -+ ENGINE_ctrl_cmd; -+ d2i_KRB5_ENCKEY; -+ OCSP_parse_url; -+ OCSP_SINGLERESP_get_ext; -+ OCSP_CRLID_free; -+ OCSP_BASICRESP_get1_ext_d2i; -+ RSAPrivateKey_it; -+ ENGINE_register_all_DH; -+ i2d_EDIPARTYNAME; -+ EC_POINT_get_affine_coordinates_GFp; -+ EC_POINT_get_affine_coords_GFp; -+ OCSP_CRLID_new; -+ ENGINE_get_flags; -+ OCSP_ONEREQ_it; -+ UI_process; -+ ASN1_INTEGER_it; -+ EVP_CipherInit_ex; -+ UI_get_string_type; -+ ENGINE_unregister_DH; -+ ENGINE_register_all_DSA; -+ OCSP_ONEREQ_get_ext_by_critical; -+ bn_dup_expand; -+ OCSP_cert_id_new; -+ BASIC_CONSTRAINTS_it; -+ BN_mod_add_quick; -+ EC_POINT_new; -+ EVP_MD_CTX_destroy; -+ OCSP_RESPBYTES_free; -+ EVP_aes_128_cbc; -+ OCSP_SINGLERESP_get1_ext_d2i; -+ EC_POINT_free; -+ DH_up_ref; -+ X509_NAME_ENTRY_it; -+ UI_get_ex_new_index; -+ BN_mod_sub_quick; -+ OCSP_ONEREQ_add_ext; -+ OCSP_request_sign; -+ EVP_DigestFinal_ex; -+ ENGINE_set_digests; -+ OCSP_id_issuer_cmp; -+ OBJ_NAME_do_all; -+ EC_POINTs_mul; -+ ENGINE_register_complete; -+ X509V3_EXT_nconf_nid; -+ ASN1_SEQUENCE_it; -+ UI_set_default_method; -+ RAND_query_egd_bytes; -+ UI_method_get_writer; -+ UI_OpenSSL; -+ PEM_def_callback; -+ ENGINE_cleanup; -+ DIST_POINT_it; -+ OCSP_SINGLERESP_it; -+ d2i_KRB5_TKTBODY; -+ EC_POINT_cmp; -+ OCSP_REVOKEDINFO_new; -+ i2d_OCSP_CERTSTATUS; -+ OCSP_basic_add1_nonce; -+ ASN1_item_ex_d2i; -+ BN_mod_lshift1_quick; -+ UI_set_method; -+ OCSP_id_get0_info; -+ BN_mod_sqrt; -+ EC_GROUP_copy; -+ KRB5_ENCDATA_free; -+ _ossl_old_des_cfb_encrypt; -+ OCSP_SINGLERESP_get_ext_by_OBJ; -+ OCSP_cert_to_id; -+ OCSP_RESPID_new; -+ OCSP_RESPDATA_it; -+ d2i_OCSP_RESPDATA; -+ ENGINE_register_all_complete; -+ OCSP_check_validity; -+ PKCS12_BAGS_it; -+ OCSP_url_svcloc_new; -+ ASN1_template_free; -+ OCSP_SINGLERESP_add_ext; -+ KRB5_AUTHENTBODY_it; -+ X509_supported_extension; -+ i2d_KRB5_AUTHDATA; -+ UI_method_get_opener; -+ ENGINE_set_ex_data; -+ OCSP_REQUEST_print; -+ CBIGNUM_it; -+ KRB5_TICKET_new; -+ KRB5_APREQ_new; -+ EC_GROUP_get_curve_GFp; -+ KRB5_ENCKEY_new; -+ ASN1_template_d2i; -+ _ossl_old_des_quad_cksum; -+ OCSP_single_get0_status; -+ BN_swap; -+ POLICYINFO_it; -+ ENGINE_set_destroy_function; -+ asn1_enc_free; -+ OCSP_RESPID_it; -+ EC_GROUP_new; -+ EVP_aes_256_cbc; -+ i2d_KRB5_PRINCNAME; -+ _ossl_old_des_encrypt2; -+ _ossl_old_des_encrypt3; -+ PKCS8_PRIV_KEY_INFO_it; -+ OCSP_REQINFO_it; -+ PBEPARAM_it; -+ KRB5_AUTHENTBODY_new; -+ X509_CRL_add0_revoked; -+ EDIPARTYNAME_it; -+ NETSCAPE_SPKI_it; -+ UI_get0_test_string; -+ ENGINE_get_cipher_engine; -+ ENGINE_register_all_ciphers; -+ EC_POINT_copy; -+ BN_kronecker; -+ _ossl_old_des_ede3_ofb64_encrypt; -+ _ossl_odes_ede3_ofb64_encrypt; -+ UI_method_get_reader; -+ OCSP_BASICRESP_get_ext_count; -+ ASN1_ENUMERATED_it; -+ UI_set_result; -+ i2d_KRB5_TICKET; -+ X509_print_ex_fp; -+ EVP_CIPHER_CTX_set_padding; -+ d2i_OCSP_RESPONSE; -+ ASN1_UTCTIME_it; -+ _ossl_old_des_enc_write; -+ OCSP_RESPONSE_new; -+ AES_set_encrypt_key; -+ OCSP_resp_count; -+ KRB5_CHECKSUM_new; -+ ENGINE_load_cswift; -+ OCSP_onereq_get0_id; -+ ENGINE_set_default_ciphers; -+ NOTICEREF_it; -+ X509V3_EXT_CRL_add_nconf; -+ OCSP_REVOKEDINFO_it; -+ AES_encrypt; -+ OCSP_REQUEST_new; -+ ASN1_ANY_it; -+ CRYPTO_ex_data_new_class; -+ _ossl_old_des_ncbc_encrypt; -+ i2d_KRB5_TKTBODY; -+ EC_POINT_clear_free; -+ AES_decrypt; -+ asn1_enc_init; -+ UI_get_result_maxsize; -+ OCSP_CERTID_new; -+ ENGINE_unregister_RAND; -+ UI_method_get_closer; -+ d2i_KRB5_ENCDATA; -+ OCSP_request_onereq_count; -+ OCSP_basic_verify; -+ KRB5_AUTHENTBODY_free; -+ ASN1_item_d2i; -+ ASN1_primitive_free; -+ i2d_EXTENDED_KEY_USAGE; -+ i2d_OCSP_SIGNATURE; -+ asn1_enc_save; -+ ENGINE_load_nuron; -+ _ossl_old_des_pcbc_encrypt; -+ PKCS12_MAC_DATA_it; -+ OCSP_accept_responses_new; -+ asn1_do_lock; -+ PKCS7_ATTR_VERIFY_it; -+ KRB5_APREQBODY_it; -+ i2d_OCSP_SINGLERESP; -+ ASN1_item_ex_new; -+ UI_add_verify_string; -+ _ossl_old_des_set_key; -+ KRB5_PRINCNAME_it; -+ EVP_DecryptInit_ex; -+ i2d_OCSP_CERTID; -+ ASN1_item_d2i_bio; -+ EC_POINT_dbl; -+ asn1_get_choice_selector; -+ i2d_KRB5_CHECKSUM; -+ ENGINE_set_table_flags; -+ AES_options; -+ ENGINE_load_chil; -+ OCSP_id_cmp; -+ OCSP_BASICRESP_new; -+ OCSP_REQUEST_get_ext_by_NID; -+ KRB5_APREQ_it; -+ ENGINE_get_destroy_function; -+ CONF_set_nconf; -+ ASN1_PRINTABLE_free; -+ OCSP_BASICRESP_get_ext_by_NID; -+ DIST_POINT_NAME_it; -+ X509V3_extensions_print; -+ _ossl_old_des_cfb64_encrypt; -+ X509_REVOKED_add1_ext_i2d; -+ _ossl_old_des_ofb_encrypt; -+ KRB5_TKTBODY_new; -+ ASN1_OCTET_STRING_it; -+ ERR_load_UI_strings; -+ i2d_KRB5_ENCKEY; -+ ASN1_template_new; -+ OCSP_SIGNATURE_free; -+ ASN1_item_i2d_fp; -+ KRB5_PRINCNAME_free; -+ PKCS7_RECIP_INFO_it; -+ EXTENDED_KEY_USAGE_it; -+ EC_GFp_simple_method; -+ EC_GROUP_precompute_mult; -+ OCSP_request_onereq_get0; -+ UI_method_set_writer; -+ KRB5_AUTHENT_new; -+ X509_CRL_INFO_it; -+ DSO_set_name_converter; -+ AES_set_decrypt_key; -+ PKCS7_DIGEST_it; -+ PKCS12_x5092certbag; -+ EVP_DigestInit_ex; -+ i2a_ACCESS_DESCRIPTION; -+ OCSP_RESPONSE_it; -+ PKCS7_ENC_CONTENT_it; -+ OCSP_request_add0_id; -+ EC_POINT_make_affine; -+ DSO_get_filename; -+ OCSP_CERTSTATUS_it; -+ OCSP_request_add1_cert; -+ UI_get0_output_string; -+ UI_dup_verify_string; -+ BN_mod_lshift; -+ KRB5_AUTHDATA_it; -+ asn1_set_choice_selector; -+ OCSP_basic_add1_status; -+ OCSP_RESPID_free; -+ asn1_get_field_ptr; -+ UI_add_input_string; -+ OCSP_CRLID_it; -+ i2d_KRB5_AUTHENTBODY; -+ OCSP_REQUEST_get_ext_count; -+ ENGINE_load_atalla; -+ X509_NAME_it; -+ USERNOTICE_it; -+ OCSP_REQINFO_new; -+ OCSP_BASICRESP_get_ext; -+ CRYPTO_get_ex_data_implementation; -+ CRYPTO_get_ex_data_impl; -+ ASN1_item_pack; -+ i2d_KRB5_ENCDATA; -+ X509_PURPOSE_set; -+ X509_REQ_INFO_it; -+ UI_method_set_opener; -+ ASN1_item_ex_free; -+ ASN1_BOOLEAN_it; -+ ENGINE_get_table_flags; -+ UI_create_method; -+ OCSP_ONEREQ_add1_ext_i2d; -+ _shadow_DES_check_key; -+ d2i_OCSP_REQINFO; -+ UI_add_info_string; -+ UI_get_result_minsize; -+ ASN1_NULL_it; -+ BN_mod_lshift1; -+ d2i_OCSP_ONEREQ; -+ OCSP_ONEREQ_new; -+ KRB5_TICKET_it; -+ EVP_aes_192_cbc; -+ KRB5_TICKET_free; -+ UI_new; -+ OCSP_response_create; -+ _ossl_old_des_xcbc_encrypt; -+ PKCS7_it; -+ OCSP_REQUEST_get_ext_by_critical; -+ OCSP_REQUEST_get_ext_by_crit; -+ ENGINE_set_flags; -+ _ossl_old_des_ecb_encrypt; -+ OCSP_response_get1_basic; -+ EVP_Digest; -+ OCSP_ONEREQ_delete_ext; -+ ASN1_TBOOLEAN_it; -+ ASN1_item_new; -+ ASN1_TIME_to_generalizedtime; -+ BIGNUM_it; -+ AES_cbc_encrypt; -+ ENGINE_get_load_privkey_function; -+ ENGINE_get_load_privkey_fn; -+ OCSP_RESPONSE_free; -+ UI_method_set_reader; -+ i2d_ASN1_T61STRING; -+ EC_POINT_set_to_infinity; -+ ERR_load_OCSP_strings; -+ EC_POINT_point2oct; -+ KRB5_APREQ_free; -+ ASN1_OBJECT_it; -+ OCSP_crlID_new; -+ OCSP_crlID2_new; -+ CONF_modules_load_file; -+ CONF_imodule_set_usr_data; -+ ENGINE_set_default_string; -+ CONF_module_get_usr_data; -+ ASN1_add_oid_module; -+ CONF_modules_finish; -+ OPENSSL_config; -+ CONF_modules_unload; -+ CONF_imodule_get_value; -+ CONF_module_set_usr_data; -+ CONF_parse_list; -+ CONF_module_add; -+ CONF_get1_default_config_file; -+ CONF_imodule_get_flags; -+ CONF_imodule_get_module; -+ CONF_modules_load; -+ CONF_imodule_get_name; -+ ERR_peek_top_error; -+ CONF_imodule_get_usr_data; -+ CONF_imodule_set_flags; -+ ENGINE_add_conf_module; -+ ERR_peek_last_error_line; -+ ERR_peek_last_error_line_data; -+ ERR_peek_last_error; -+ DES_read_2passwords; -+ DES_read_password; -+ UI_UTIL_read_pw; -+ UI_UTIL_read_pw_string; -+ ENGINE_load_aep; -+ ENGINE_load_sureware; -+ OPENSSL_add_all_algorithms_noconf; -+ OPENSSL_add_all_algo_noconf; -+ OPENSSL_add_all_algorithms_conf; -+ OPENSSL_add_all_algo_conf; -+ OPENSSL_load_builtin_modules; -+ AES_ofb128_encrypt; -+ AES_ctr128_encrypt; -+ AES_cfb128_encrypt; -+ ENGINE_load_4758cca; -+ _ossl_096_des_random_seed; -+ EVP_aes_256_ofb; -+ EVP_aes_192_ofb; -+ EVP_aes_128_cfb128; -+ EVP_aes_256_cfb128; -+ EVP_aes_128_ofb; -+ EVP_aes_192_cfb128; -+ CONF_modules_free; -+ NCONF_default; -+ OPENSSL_no_config; -+ NCONF_WIN32; -+ ASN1_UNIVERSALSTRING_new; -+ EVP_des_ede_ecb; -+ i2d_ASN1_UNIVERSALSTRING; -+ ASN1_UNIVERSALSTRING_free; -+ ASN1_UNIVERSALSTRING_it; -+ d2i_ASN1_UNIVERSALSTRING; -+ EVP_des_ede3_ecb; -+ X509_REQ_print_ex; -+ ENGINE_up_ref; -+ BUF_MEM_grow_clean; -+ CRYPTO_realloc_clean; -+ BUF_strlcat; -+ BIO_indent; -+ BUF_strlcpy; -+ OpenSSLDie; -+ OPENSSL_cleanse; -+ ENGINE_setup_bsd_cryptodev; -+ ERR_release_err_state_table; -+ EVP_aes_128_cfb8; -+ FIPS_corrupt_rsa; -+ FIPS_selftest_des; -+ EVP_aes_128_cfb1; -+ EVP_aes_192_cfb8; -+ FIPS_mode_set; -+ FIPS_selftest_dsa; -+ EVP_aes_256_cfb8; -+ FIPS_allow_md5; -+ DES_ede3_cfb_encrypt; -+ EVP_des_ede3_cfb8; -+ FIPS_rand_seeded; -+ AES_cfbr_encrypt_block; -+ AES_cfb8_encrypt; -+ FIPS_rand_seed; -+ FIPS_corrupt_des; -+ EVP_aes_192_cfb1; -+ FIPS_selftest_aes; -+ FIPS_set_prng_key; -+ EVP_des_cfb8; -+ FIPS_corrupt_dsa; -+ FIPS_test_mode; -+ FIPS_rand_method; -+ EVP_aes_256_cfb1; -+ ERR_load_FIPS_strings; -+ FIPS_corrupt_aes; -+ FIPS_selftest_sha1; -+ FIPS_selftest_rsa; -+ FIPS_corrupt_sha1; -+ EVP_des_cfb1; -+ FIPS_dsa_check; -+ AES_cfb1_encrypt; -+ EVP_des_ede3_cfb1; -+ FIPS_rand_check; -+ FIPS_md5_allowed; -+ FIPS_mode; -+ FIPS_selftest_failed; -+ sk_is_sorted; -+ X509_check_ca; -+ HMAC_CTX_set_flags; -+ d2i_PROXY_CERT_INFO_EXTENSION; -+ PROXY_POLICY_it; -+ i2d_PROXY_POLICY; -+ i2d_PROXY_CERT_INFO_EXTENSION; -+ d2i_PROXY_POLICY; -+ PROXY_CERT_INFO_EXTENSION_new; -+ PROXY_CERT_INFO_EXTENSION_free; -+ PROXY_CERT_INFO_EXTENSION_it; -+ PROXY_POLICY_free; -+ PROXY_POLICY_new; -+ BN_MONT_CTX_set_locked; -+ FIPS_selftest_rng; -+ EVP_sha384; -+ EVP_sha512; -+ EVP_sha224; -+ EVP_sha256; -+ FIPS_selftest_hmac; -+ FIPS_corrupt_rng; -+ BN_mod_exp_mont_consttime; -+ RSA_X931_hash_id; -+ RSA_padding_check_X931; -+ RSA_verify_PKCS1_PSS; -+ RSA_padding_add_X931; -+ RSA_padding_add_PKCS1_PSS; -+ PKCS1_MGF1; -+ BN_X931_generate_Xpq; -+ RSA_X931_generate_key; -+ BN_X931_derive_prime; -+ BN_X931_generate_prime; -+ RSA_X931_derive; -+ BIO_new_dgram; -+ BN_get0_nist_prime_384; -+ ERR_set_mark; -+ X509_STORE_CTX_set0_crls; -+ ENGINE_set_STORE; -+ ENGINE_register_ECDSA; -+ STORE_meth_set_list_start_fn; -+ STORE_method_set_list_start_function; -+ BN_BLINDING_invert_ex; -+ NAME_CONSTRAINTS_free; -+ STORE_ATTR_INFO_set_number; -+ BN_BLINDING_get_thread_id; -+ X509_STORE_CTX_set0_param; -+ POLICY_MAPPING_it; -+ STORE_parse_attrs_start; -+ POLICY_CONSTRAINTS_free; -+ EVP_PKEY_add1_attr_by_NID; -+ BN_nist_mod_192; -+ EC_GROUP_get_trinomial_basis; -+ STORE_set_method; -+ GENERAL_SUBTREE_free; -+ NAME_CONSTRAINTS_it; -+ ECDH_get_default_method; -+ PKCS12_add_safe; -+ EC_KEY_new_by_curve_name; -+ STORE_meth_get_update_store_fn; -+ STORE_method_get_update_store_function; -+ ENGINE_register_ECDH; -+ SHA512_Update; -+ i2d_ECPrivateKey; -+ BN_get0_nist_prime_192; -+ STORE_modify_certificate; -+ EC_POINT_set_affine_coordinates_GF2m; -+ EC_POINT_set_affine_coords_GF2m; -+ BN_GF2m_mod_exp_arr; -+ STORE_ATTR_INFO_modify_number; -+ X509_keyid_get0; -+ ENGINE_load_gmp; -+ pitem_new; -+ BN_GF2m_mod_mul_arr; -+ STORE_list_public_key_endp; -+ o2i_ECPublicKey; -+ EC_KEY_copy; -+ BIO_dump_fp; -+ X509_policy_node_get0_parent; -+ EC_GROUP_check_discriminant; -+ i2o_ECPublicKey; -+ EC_KEY_precompute_mult; -+ a2i_IPADDRESS; -+ STORE_meth_set_initialise_fn; -+ STORE_method_set_initialise_function; -+ X509_STORE_CTX_set_depth; -+ X509_VERIFY_PARAM_inherit; -+ EC_POINT_point2bn; -+ STORE_ATTR_INFO_set_dn; -+ X509_policy_tree_get0_policies; -+ EC_GROUP_new_curve_GF2m; -+ STORE_destroy_method; -+ ENGINE_unregister_STORE; -+ EVP_PKEY_get1_EC_KEY; -+ STORE_ATTR_INFO_get0_number; -+ ENGINE_get_default_ECDH; -+ EC_KEY_get_conv_form; -+ ASN1_OCTET_STRING_NDEF_it; -+ STORE_delete_public_key; -+ STORE_get_public_key; -+ STORE_modify_arbitrary; -+ ENGINE_get_static_state; -+ pqueue_iterator; -+ ECDSA_SIG_new; -+ OPENSSL_DIR_end; -+ BN_GF2m_mod_sqr; -+ EC_POINT_bn2point; -+ X509_VERIFY_PARAM_set_depth; -+ EC_KEY_set_asn1_flag; -+ STORE_get_method; -+ EC_KEY_get_key_method_data; -+ ECDSA_sign_ex; -+ STORE_parse_attrs_end; -+ EC_GROUP_get_point_conversion_form; -+ EC_GROUP_get_point_conv_form; -+ STORE_method_set_store_function; -+ STORE_ATTR_INFO_in; -+ PEM_read_bio_ECPKParameters; -+ EC_GROUP_get_pentanomial_basis; -+ EVP_PKEY_add1_attr_by_txt; -+ BN_BLINDING_set_flags; -+ X509_VERIFY_PARAM_set1_policies; -+ X509_VERIFY_PARAM_set1_name; -+ X509_VERIFY_PARAM_set_purpose; -+ STORE_get_number; -+ ECDSA_sign_setup; -+ BN_GF2m_mod_solve_quad_arr; -+ EC_KEY_up_ref; -+ POLICY_MAPPING_free; -+ BN_GF2m_mod_div; -+ X509_VERIFY_PARAM_set_flags; -+ EC_KEY_free; -+ STORE_meth_set_list_next_fn; -+ STORE_method_set_list_next_function; -+ PEM_write_bio_ECPrivateKey; -+ d2i_EC_PUBKEY; -+ STORE_meth_get_generate_fn; -+ STORE_method_get_generate_function; -+ STORE_meth_set_list_end_fn; -+ STORE_method_set_list_end_function; -+ pqueue_print; -+ EC_GROUP_have_precompute_mult; -+ EC_KEY_print_fp; -+ BN_GF2m_mod_arr; -+ PEM_write_bio_X509_CERT_PAIR; -+ EVP_PKEY_cmp; -+ X509_policy_level_node_count; -+ STORE_new_engine; -+ STORE_list_public_key_start; -+ X509_VERIFY_PARAM_new; -+ ECDH_get_ex_data; -+ EVP_PKEY_get_attr; -+ ECDSA_do_sign; -+ ENGINE_unregister_ECDH; -+ ECDH_OpenSSL; -+ EC_KEY_set_conv_form; -+ EC_POINT_dup; -+ GENERAL_SUBTREE_new; -+ STORE_list_crl_endp; -+ EC_get_builtin_curves; -+ X509_policy_node_get0_qualifiers; -+ X509_pcy_node_get0_qualifiers; -+ STORE_list_crl_end; -+ EVP_PKEY_set1_EC_KEY; -+ BN_GF2m_mod_sqrt_arr; -+ i2d_ECPrivateKey_bio; -+ ECPKParameters_print_fp; -+ pqueue_find; -+ ECDSA_SIG_free; -+ PEM_write_bio_ECPKParameters; -+ STORE_method_set_ctrl_function; -+ STORE_list_public_key_end; -+ EC_KEY_set_private_key; -+ pqueue_peek; -+ STORE_get_arbitrary; -+ STORE_store_crl; -+ X509_policy_node_get0_policy; -+ PKCS12_add_safes; -+ BN_BLINDING_convert_ex; -+ X509_policy_tree_free; -+ OPENSSL_ia32cap_loc; -+ BN_GF2m_poly2arr; -+ STORE_ctrl; -+ STORE_ATTR_INFO_compare; -+ BN_get0_nist_prime_224; -+ i2d_ECParameters; -+ i2d_ECPKParameters; -+ BN_GENCB_call; -+ d2i_ECPKParameters; -+ STORE_meth_set_generate_fn; -+ STORE_method_set_generate_function; -+ ENGINE_set_ECDH; -+ NAME_CONSTRAINTS_new; -+ SHA256_Init; -+ EC_KEY_get0_public_key; -+ PEM_write_bio_EC_PUBKEY; -+ STORE_ATTR_INFO_set_cstr; -+ STORE_list_crl_next; -+ STORE_ATTR_INFO_in_range; -+ ECParameters_print; -+ STORE_meth_set_delete_fn; -+ STORE_method_set_delete_function; -+ STORE_list_certificate_next; -+ ASN1_generate_nconf; -+ BUF_memdup; -+ BN_GF2m_mod_mul; -+ STORE_meth_get_list_next_fn; -+ STORE_method_get_list_next_function; -+ STORE_ATTR_INFO_get0_dn; -+ STORE_list_private_key_next; -+ EC_GROUP_set_seed; -+ X509_VERIFY_PARAM_set_trust; -+ STORE_ATTR_INFO_free; -+ STORE_get_private_key; -+ EVP_PKEY_get_attr_count; -+ STORE_ATTR_INFO_new; -+ EC_GROUP_get_curve_GF2m; -+ STORE_meth_set_revoke_fn; -+ STORE_method_set_revoke_function; -+ STORE_store_number; -+ BN_is_prime_ex; -+ STORE_revoke_public_key; -+ X509_STORE_CTX_get0_param; -+ STORE_delete_arbitrary; -+ PEM_read_X509_CERT_PAIR; -+ X509_STORE_set_depth; -+ ECDSA_get_ex_data; -+ SHA224; -+ BIO_dump_indent_fp; -+ EC_KEY_set_group; -+ BUF_strndup; -+ STORE_list_certificate_start; -+ BN_GF2m_mod; -+ X509_REQ_check_private_key; -+ EC_GROUP_get_seed_len; -+ ERR_load_STORE_strings; -+ PEM_read_bio_EC_PUBKEY; -+ STORE_list_private_key_end; -+ i2d_EC_PUBKEY; -+ ECDSA_get_default_method; -+ ASN1_put_eoc; -+ X509_STORE_CTX_get_explicit_policy; -+ X509_STORE_CTX_get_expl_policy; -+ X509_VERIFY_PARAM_table_cleanup; -+ STORE_modify_private_key; -+ X509_VERIFY_PARAM_free; -+ EC_METHOD_get_field_type; -+ EC_GFp_nist_method; -+ STORE_meth_set_modify_fn; -+ STORE_method_set_modify_function; -+ STORE_parse_attrs_next; -+ ENGINE_load_padlock; -+ EC_GROUP_set_curve_name; -+ X509_CERT_PAIR_it; -+ STORE_meth_get_revoke_fn; -+ STORE_method_get_revoke_function; -+ STORE_method_set_get_function; -+ STORE_modify_number; -+ STORE_method_get_store_function; -+ STORE_store_private_key; -+ BN_GF2m_mod_sqr_arr; -+ RSA_setup_blinding; -+ BIO_s_datagram; -+ STORE_Memory; -+ sk_find_ex; -+ EC_GROUP_set_curve_GF2m; -+ ENGINE_set_default_ECDSA; -+ POLICY_CONSTRAINTS_new; -+ BN_GF2m_mod_sqrt; -+ ECDH_set_default_method; -+ EC_KEY_generate_key; -+ SHA384_Update; -+ BN_GF2m_arr2poly; -+ STORE_method_get_get_function; -+ STORE_meth_set_cleanup_fn; -+ STORE_method_set_cleanup_function; -+ EC_GROUP_check; -+ d2i_ECPrivateKey_bio; -+ EC_KEY_insert_key_method_data; -+ STORE_meth_get_lock_store_fn; -+ STORE_method_get_lock_store_function; -+ X509_VERIFY_PARAM_get_depth; -+ SHA224_Final; -+ STORE_meth_set_update_store_fn; -+ STORE_method_set_update_store_function; -+ SHA224_Update; -+ d2i_ECPrivateKey; -+ ASN1_item_ndef_i2d; -+ STORE_delete_private_key; -+ ERR_pop_to_mark; -+ ENGINE_register_all_STORE; -+ X509_policy_level_get0_node; -+ i2d_PKCS7_NDEF; -+ EC_GROUP_get_degree; -+ ASN1_generate_v3; -+ STORE_ATTR_INFO_modify_cstr; -+ X509_policy_tree_level_count; -+ BN_GF2m_add; -+ EC_KEY_get0_group; -+ STORE_generate_crl; -+ STORE_store_public_key; -+ X509_CERT_PAIR_free; -+ STORE_revoke_private_key; -+ BN_nist_mod_224; -+ SHA512_Final; -+ STORE_ATTR_INFO_modify_dn; -+ STORE_meth_get_initialise_fn; -+ STORE_method_get_initialise_function; -+ STORE_delete_number; -+ i2d_EC_PUBKEY_bio; -+ BIO_dgram_non_fatal_error; -+ EC_GROUP_get_asn1_flag; -+ STORE_ATTR_INFO_in_ex; -+ STORE_list_crl_start; -+ ECDH_get_ex_new_index; -+ STORE_meth_get_modify_fn; -+ STORE_method_get_modify_function; -+ v2i_ASN1_BIT_STRING; -+ STORE_store_certificate; -+ OBJ_bsearch_ex; -+ X509_STORE_CTX_set_default; -+ STORE_ATTR_INFO_set_sha1str; -+ BN_GF2m_mod_inv; -+ BN_GF2m_mod_exp; -+ STORE_modify_public_key; -+ STORE_meth_get_list_start_fn; -+ STORE_method_get_list_start_function; -+ EC_GROUP_get0_seed; -+ STORE_store_arbitrary; -+ STORE_meth_set_unlock_store_fn; -+ STORE_method_set_unlock_store_function; -+ BN_GF2m_mod_div_arr; -+ ENGINE_set_ECDSA; -+ STORE_create_method; -+ ECPKParameters_print; -+ EC_KEY_get0_private_key; -+ PEM_write_EC_PUBKEY; -+ X509_VERIFY_PARAM_set1; -+ ECDH_set_method; -+ v2i_GENERAL_NAME_ex; -+ ECDH_set_ex_data; -+ STORE_generate_key; -+ BN_nist_mod_521; -+ X509_policy_tree_get0_level; -+ EC_GROUP_set_point_conversion_form; -+ EC_GROUP_set_point_conv_form; -+ PEM_read_EC_PUBKEY; -+ i2d_ECDSA_SIG; -+ ECDSA_OpenSSL; -+ STORE_delete_crl; -+ EC_KEY_get_enc_flags; -+ ASN1_const_check_infinite_end; -+ EVP_PKEY_delete_attr; -+ ECDSA_set_default_method; -+ EC_POINT_set_compressed_coordinates_GF2m; -+ EC_POINT_set_compr_coords_GF2m; -+ EC_GROUP_cmp; -+ STORE_revoke_certificate; -+ BN_get0_nist_prime_256; -+ STORE_meth_get_delete_fn; -+ STORE_method_get_delete_function; -+ SHA224_Init; -+ PEM_read_ECPrivateKey; -+ SHA512_Init; -+ STORE_parse_attrs_endp; -+ BN_set_negative; -+ ERR_load_ECDSA_strings; -+ EC_GROUP_get_basis_type; -+ STORE_list_public_key_next; -+ i2v_ASN1_BIT_STRING; -+ STORE_OBJECT_free; -+ BN_nist_mod_384; -+ i2d_X509_CERT_PAIR; -+ PEM_write_ECPKParameters; -+ ECDH_compute_key; -+ STORE_ATTR_INFO_get0_sha1str; -+ ENGINE_register_all_ECDH; -+ pqueue_pop; -+ STORE_ATTR_INFO_get0_cstr; -+ POLICY_CONSTRAINTS_it; -+ STORE_get_ex_new_index; -+ EVP_PKEY_get_attr_by_OBJ; -+ X509_VERIFY_PARAM_add0_policy; -+ BN_GF2m_mod_solve_quad; -+ SHA256; -+ i2d_ECPrivateKey_fp; -+ X509_policy_tree_get0_user_policies; -+ X509_pcy_tree_get0_usr_policies; -+ OPENSSL_DIR_read; -+ ENGINE_register_all_ECDSA; -+ X509_VERIFY_PARAM_lookup; -+ EC_POINT_get_affine_coordinates_GF2m; -+ EC_POINT_get_affine_coords_GF2m; -+ EC_GROUP_dup; -+ ENGINE_get_default_ECDSA; -+ EC_KEY_new; -+ SHA256_Transform; -+ EC_KEY_set_enc_flags; -+ ECDSA_verify; -+ EC_POINT_point2hex; -+ ENGINE_get_STORE; -+ SHA512; -+ STORE_get_certificate; -+ ECDSA_do_sign_ex; -+ ECDSA_do_verify; -+ d2i_ECPrivateKey_fp; -+ STORE_delete_certificate; -+ SHA512_Transform; -+ X509_STORE_set1_param; -+ STORE_method_get_ctrl_function; -+ STORE_free; -+ PEM_write_ECPrivateKey; -+ STORE_meth_get_unlock_store_fn; -+ STORE_method_get_unlock_store_function; -+ STORE_get_ex_data; -+ EC_KEY_set_public_key; -+ PEM_read_ECPKParameters; -+ X509_CERT_PAIR_new; -+ ENGINE_register_STORE; -+ RSA_generate_key_ex; -+ DSA_generate_parameters_ex; -+ ECParameters_print_fp; -+ X509V3_NAME_from_section; -+ EVP_PKEY_add1_attr; -+ STORE_modify_crl; -+ STORE_list_private_key_start; -+ POLICY_MAPPINGS_it; -+ GENERAL_SUBTREE_it; -+ EC_GROUP_get_curve_name; -+ PEM_write_X509_CERT_PAIR; -+ BIO_dump_indent_cb; -+ d2i_X509_CERT_PAIR; -+ STORE_list_private_key_endp; -+ asn1_const_Finish; -+ i2d_EC_PUBKEY_fp; -+ BN_nist_mod_256; -+ X509_VERIFY_PARAM_add0_table; -+ pqueue_free; -+ BN_BLINDING_create_param; -+ ECDSA_size; -+ d2i_EC_PUBKEY_bio; -+ BN_get0_nist_prime_521; -+ STORE_ATTR_INFO_modify_sha1str; -+ BN_generate_prime_ex; -+ EC_GROUP_new_by_curve_name; -+ SHA256_Final; -+ DH_generate_parameters_ex; -+ PEM_read_bio_ECPrivateKey; -+ STORE_meth_get_cleanup_fn; -+ STORE_method_get_cleanup_function; -+ ENGINE_get_ECDH; -+ d2i_ECDSA_SIG; -+ BN_is_prime_fasttest_ex; -+ ECDSA_sign; -+ X509_policy_check; -+ EVP_PKEY_get_attr_by_NID; -+ STORE_set_ex_data; -+ ENGINE_get_ECDSA; -+ EVP_ecdsa; -+ BN_BLINDING_get_flags; -+ PKCS12_add_cert; -+ STORE_OBJECT_new; -+ ERR_load_ECDH_strings; -+ EC_KEY_dup; -+ EVP_CIPHER_CTX_rand_key; -+ ECDSA_set_method; -+ a2i_IPADDRESS_NC; -+ d2i_ECParameters; -+ STORE_list_certificate_end; -+ STORE_get_crl; -+ X509_POLICY_NODE_print; -+ SHA384_Init; -+ EC_GF2m_simple_method; -+ ECDSA_set_ex_data; -+ SHA384_Final; -+ PKCS7_set_digest; -+ EC_KEY_print; -+ STORE_meth_set_lock_store_fn; -+ STORE_method_set_lock_store_function; -+ ECDSA_get_ex_new_index; -+ SHA384; -+ POLICY_MAPPING_new; -+ STORE_list_certificate_endp; -+ X509_STORE_CTX_get0_policy_tree; -+ EC_GROUP_set_asn1_flag; -+ EC_KEY_check_key; -+ d2i_EC_PUBKEY_fp; -+ PKCS7_set0_type_other; -+ PEM_read_bio_X509_CERT_PAIR; -+ pqueue_next; -+ STORE_meth_get_list_end_fn; -+ STORE_method_get_list_end_function; -+ EVP_PKEY_add1_attr_by_OBJ; -+ X509_VERIFY_PARAM_set_time; -+ pqueue_new; -+ ENGINE_set_default_ECDH; -+ STORE_new_method; -+ PKCS12_add_key; -+ DSO_merge; -+ EC_POINT_hex2point; -+ BIO_dump_cb; -+ SHA256_Update; -+ pqueue_insert; -+ pitem_free; -+ BN_GF2m_mod_inv_arr; -+ ENGINE_unregister_ECDSA; -+ BN_BLINDING_set_thread_id; -+ get_rfc3526_prime_8192; -+ X509_VERIFY_PARAM_clear_flags; -+ get_rfc2409_prime_1024; -+ DH_check_pub_key; -+ get_rfc3526_prime_2048; -+ get_rfc3526_prime_6144; -+ get_rfc3526_prime_1536; -+ get_rfc3526_prime_3072; -+ get_rfc3526_prime_4096; -+ get_rfc2409_prime_768; -+ X509_VERIFY_PARAM_get_flags; -+ EVP_CIPHER_CTX_new; -+ EVP_CIPHER_CTX_free; -+ Camellia_cbc_encrypt; -+ Camellia_cfb128_encrypt; -+ Camellia_cfb1_encrypt; -+ Camellia_cfb8_encrypt; -+ Camellia_ctr128_encrypt; -+ Camellia_cfbr_encrypt_block; -+ Camellia_decrypt; -+ Camellia_ecb_encrypt; -+ Camellia_encrypt; -+ Camellia_ofb128_encrypt; -+ Camellia_set_key; -+ EVP_camellia_128_cbc; -+ EVP_camellia_128_cfb128; -+ EVP_camellia_128_cfb1; -+ EVP_camellia_128_cfb8; -+ EVP_camellia_128_ecb; -+ EVP_camellia_128_ofb; -+ EVP_camellia_192_cbc; -+ EVP_camellia_192_cfb128; -+ EVP_camellia_192_cfb1; -+ EVP_camellia_192_cfb8; -+ EVP_camellia_192_ecb; -+ EVP_camellia_192_ofb; -+ EVP_camellia_256_cbc; -+ EVP_camellia_256_cfb128; -+ EVP_camellia_256_cfb1; -+ EVP_camellia_256_cfb8; -+ EVP_camellia_256_ecb; -+ EVP_camellia_256_ofb; -+ a2i_ipadd; -+ ASIdentifiers_free; -+ i2d_ASIdOrRange; -+ EVP_CIPHER_block_size; -+ v3_asid_is_canonical; -+ IPAddressChoice_free; -+ EVP_CIPHER_CTX_set_app_data; -+ BIO_set_callback_arg; -+ v3_addr_add_prefix; -+ IPAddressOrRange_it; -+ BIO_set_flags; -+ ASIdentifiers_it; -+ v3_addr_get_range; -+ BIO_method_type; -+ v3_addr_inherits; -+ IPAddressChoice_it; -+ AES_ige_encrypt; -+ v3_addr_add_range; -+ EVP_CIPHER_CTX_nid; -+ d2i_ASRange; -+ v3_addr_add_inherit; -+ v3_asid_add_id_or_range; -+ v3_addr_validate_resource_set; -+ EVP_CIPHER_iv_length; -+ EVP_MD_type; -+ v3_asid_canonize; -+ IPAddressRange_free; -+ v3_asid_add_inherit; -+ EVP_CIPHER_CTX_key_length; -+ IPAddressRange_new; -+ ASIdOrRange_new; -+ EVP_MD_size; -+ EVP_MD_CTX_test_flags; -+ BIO_clear_flags; -+ i2d_ASRange; -+ IPAddressRange_it; -+ IPAddressChoice_new; -+ ASIdentifierChoice_new; -+ ASRange_free; -+ EVP_MD_pkey_type; -+ EVP_MD_CTX_clear_flags; -+ IPAddressFamily_free; -+ i2d_IPAddressFamily; -+ IPAddressOrRange_new; -+ EVP_CIPHER_flags; -+ v3_asid_validate_resource_set; -+ d2i_IPAddressRange; -+ AES_bi_ige_encrypt; -+ BIO_get_callback; -+ IPAddressOrRange_free; -+ v3_addr_subset; -+ d2i_IPAddressFamily; -+ v3_asid_subset; -+ BIO_test_flags; -+ i2d_ASIdentifierChoice; -+ ASRange_it; -+ d2i_ASIdentifiers; -+ ASRange_new; -+ d2i_IPAddressChoice; -+ v3_addr_get_afi; -+ EVP_CIPHER_key_length; -+ EVP_Cipher; -+ i2d_IPAddressOrRange; -+ ASIdOrRange_it; -+ EVP_CIPHER_nid; -+ i2d_IPAddressChoice; -+ EVP_CIPHER_CTX_block_size; -+ ASIdentifiers_new; -+ v3_addr_validate_path; -+ IPAddressFamily_new; -+ EVP_MD_CTX_set_flags; -+ v3_addr_is_canonical; -+ i2d_IPAddressRange; -+ IPAddressFamily_it; -+ v3_asid_inherits; -+ EVP_CIPHER_CTX_cipher; -+ EVP_CIPHER_CTX_get_app_data; -+ EVP_MD_block_size; -+ EVP_CIPHER_CTX_flags; -+ v3_asid_validate_path; -+ d2i_IPAddressOrRange; -+ v3_addr_canonize; -+ ASIdentifierChoice_it; -+ EVP_MD_CTX_md; -+ d2i_ASIdentifierChoice; -+ BIO_method_name; -+ EVP_CIPHER_CTX_iv_length; -+ ASIdOrRange_free; -+ ASIdentifierChoice_free; -+ BIO_get_callback_arg; -+ BIO_set_callback; -+ d2i_ASIdOrRange; -+ i2d_ASIdentifiers; -+ SEED_decrypt; -+ SEED_encrypt; -+ SEED_cbc_encrypt; -+ EVP_seed_ofb; -+ SEED_cfb128_encrypt; -+ SEED_ofb128_encrypt; -+ EVP_seed_cbc; -+ SEED_ecb_encrypt; -+ EVP_seed_ecb; -+ SEED_set_key; -+ EVP_seed_cfb128; -+ X509_EXTENSIONS_it; -+ X509_get1_ocsp; -+ OCSP_REQ_CTX_free; -+ i2d_X509_EXTENSIONS; -+ OCSP_sendreq_nbio; -+ OCSP_sendreq_new; -+ d2i_X509_EXTENSIONS; -+ X509_ALGORS_it; -+ X509_ALGOR_get0; -+ X509_ALGOR_set0; -+ AES_unwrap_key; -+ AES_wrap_key; -+ X509at_get0_data_by_OBJ; -+ ASN1_TYPE_set1; -+ ASN1_STRING_set0; -+ i2d_X509_ALGORS; -+ BIO_f_zlib; -+ COMP_zlib_cleanup; -+ d2i_X509_ALGORS; -+ CMS_ReceiptRequest_free; -+ PEM_write_CMS; -+ CMS_add0_CertificateChoices; -+ CMS_unsigned_add1_attr_by_OBJ; -+ ERR_load_CMS_strings; -+ CMS_sign_receipt; -+ i2d_CMS_ContentInfo; -+ CMS_signed_delete_attr; -+ d2i_CMS_bio; -+ CMS_unsigned_get_attr_by_NID; -+ CMS_verify; -+ SMIME_read_CMS; -+ CMS_decrypt_set1_key; -+ CMS_SignerInfo_get0_algs; -+ CMS_add1_cert; -+ CMS_set_detached; -+ CMS_encrypt; -+ CMS_EnvelopedData_create; -+ CMS_uncompress; -+ CMS_add0_crl; -+ CMS_SignerInfo_verify_content; -+ CMS_unsigned_get0_data_by_OBJ; -+ PEM_write_bio_CMS; -+ CMS_unsigned_get_attr; -+ CMS_RecipientInfo_ktri_cert_cmp; -+ CMS_RecipientInfo_ktri_get0_algs; -+ CMS_RecipInfo_ktri_get0_algs; -+ CMS_ContentInfo_free; -+ CMS_final; -+ CMS_add_simple_smimecap; -+ CMS_SignerInfo_verify; -+ CMS_data; -+ CMS_ContentInfo_it; -+ d2i_CMS_ReceiptRequest; -+ CMS_compress; -+ CMS_digest_create; -+ CMS_SignerInfo_cert_cmp; -+ CMS_SignerInfo_sign; -+ CMS_data_create; -+ i2d_CMS_bio; -+ CMS_EncryptedData_set1_key; -+ CMS_decrypt; -+ int_smime_write_ASN1; -+ CMS_unsigned_delete_attr; -+ CMS_unsigned_get_attr_count; -+ CMS_add_smimecap; -+ PEM_read_CMS; -+ CMS_signed_get_attr_by_OBJ; -+ d2i_CMS_ContentInfo; -+ CMS_add_standard_smimecap; -+ CMS_ContentInfo_new; -+ CMS_RecipientInfo_type; -+ CMS_get0_type; -+ CMS_is_detached; -+ CMS_sign; -+ CMS_signed_add1_attr; -+ CMS_unsigned_get_attr_by_OBJ; -+ SMIME_write_CMS; -+ CMS_EncryptedData_decrypt; -+ CMS_get0_RecipientInfos; -+ CMS_add0_RevocationInfoChoice; -+ CMS_decrypt_set1_pkey; -+ CMS_SignerInfo_set1_signer_cert; -+ CMS_get0_signers; -+ CMS_ReceiptRequest_get0_values; -+ CMS_signed_get0_data_by_OBJ; -+ CMS_get0_SignerInfos; -+ CMS_add0_cert; -+ CMS_EncryptedData_encrypt; -+ CMS_digest_verify; -+ CMS_set1_signers_certs; -+ CMS_signed_get_attr; -+ CMS_RecipientInfo_set0_key; -+ CMS_SignedData_init; -+ CMS_RecipientInfo_kekri_get0_id; -+ CMS_verify_receipt; -+ CMS_ReceiptRequest_it; -+ PEM_read_bio_CMS; -+ CMS_get1_crls; -+ CMS_add0_recipient_key; -+ SMIME_read_ASN1; -+ CMS_ReceiptRequest_new; -+ CMS_get0_content; -+ CMS_get1_ReceiptRequest; -+ CMS_signed_add1_attr_by_OBJ; -+ CMS_RecipientInfo_kekri_id_cmp; -+ CMS_add1_ReceiptRequest; -+ CMS_SignerInfo_get0_signer_id; -+ CMS_unsigned_add1_attr_by_NID; -+ CMS_unsigned_add1_attr; -+ CMS_signed_get_attr_by_NID; -+ CMS_get1_certs; -+ CMS_signed_add1_attr_by_NID; -+ CMS_unsigned_add1_attr_by_txt; -+ CMS_dataFinal; -+ CMS_RecipientInfo_ktri_get0_signer_id; -+ CMS_RecipInfo_ktri_get0_sigr_id; -+ i2d_CMS_ReceiptRequest; -+ CMS_add1_recipient_cert; -+ CMS_dataInit; -+ CMS_signed_add1_attr_by_txt; -+ CMS_RecipientInfo_decrypt; -+ CMS_signed_get_attr_count; -+ CMS_get0_eContentType; -+ CMS_set1_eContentType; -+ CMS_ReceiptRequest_create0; -+ CMS_add1_signer; -+ CMS_RecipientInfo_set0_pkey; -+ ENGINE_set_load_ssl_client_cert_function; -+ ENGINE_set_ld_ssl_clnt_cert_fn; -+ ENGINE_get_ssl_client_cert_function; -+ ENGINE_get_ssl_client_cert_fn; -+ ENGINE_load_ssl_client_cert; -+ ENGINE_load_capi; -+ OPENSSL_isservice; -+ FIPS_dsa_sig_decode; -+ EVP_CIPHER_CTX_clear_flags; -+ FIPS_rand_status; -+ FIPS_rand_set_key; -+ CRYPTO_set_mem_info_functions; -+ RSA_X931_generate_key_ex; -+ int_ERR_set_state_func; -+ int_EVP_MD_set_engine_callbacks; -+ int_CRYPTO_set_do_dynlock_callback; -+ FIPS_rng_stick; -+ EVP_CIPHER_CTX_set_flags; -+ BN_X931_generate_prime_ex; -+ FIPS_selftest_check; -+ FIPS_rand_set_dt; -+ CRYPTO_dbg_pop_info; -+ FIPS_dsa_free; -+ RSA_X931_derive_ex; -+ FIPS_rsa_new; -+ FIPS_rand_bytes; -+ fips_cipher_test; -+ EVP_CIPHER_CTX_test_flags; -+ CRYPTO_malloc_debug_init; -+ CRYPTO_dbg_push_info; -+ FIPS_corrupt_rsa_keygen; -+ FIPS_dh_new; -+ FIPS_corrupt_dsa_keygen; -+ FIPS_dh_free; -+ fips_pkey_signature_test; -+ EVP_add_alg_module; -+ int_RAND_init_engine_callbacks; -+ int_EVP_CIPHER_set_engine_callbacks; -+ int_EVP_MD_init_engine_callbacks; -+ FIPS_rand_test_mode; -+ FIPS_rand_reset; -+ FIPS_dsa_new; -+ int_RAND_set_callbacks; -+ BN_X931_derive_prime_ex; -+ int_ERR_lib_init; -+ int_EVP_CIPHER_init_engine_callbacks; -+ FIPS_rsa_free; -+ FIPS_dsa_sig_encode; -+ CRYPTO_dbg_remove_all_info; -+ OPENSSL_init; -+ CRYPTO_strdup; -+ JPAKE_STEP3A_process; -+ JPAKE_STEP1_release; -+ JPAKE_get_shared_key; -+ JPAKE_STEP3B_init; -+ JPAKE_STEP1_generate; -+ JPAKE_STEP1_init; -+ JPAKE_STEP3B_process; -+ JPAKE_STEP2_generate; -+ JPAKE_CTX_new; -+ JPAKE_CTX_free; -+ JPAKE_STEP3B_release; -+ JPAKE_STEP3A_release; -+ JPAKE_STEP2_process; -+ JPAKE_STEP3B_generate; -+ JPAKE_STEP1_process; -+ JPAKE_STEP3A_generate; -+ JPAKE_STEP2_release; -+ JPAKE_STEP3A_init; -+ ERR_load_JPAKE_strings; -+ JPAKE_STEP2_init; -+ pqueue_size; -+ i2d_TS_ACCURACY; -+ i2d_TS_MSG_IMPRINT_fp; -+ i2d_TS_MSG_IMPRINT; -+ EVP_PKEY_print_public; -+ EVP_PKEY_CTX_new; -+ i2d_TS_TST_INFO; -+ EVP_PKEY_asn1_find; -+ DSO_METHOD_beos; -+ TS_CONF_load_cert; -+ TS_REQ_get_ext; -+ EVP_PKEY_sign_init; -+ ASN1_item_print; -+ TS_TST_INFO_set_nonce; -+ TS_RESP_dup; -+ ENGINE_register_pkey_meths; -+ EVP_PKEY_asn1_add0; -+ PKCS7_add0_attrib_signing_time; -+ i2d_TS_TST_INFO_fp; -+ BIO_asn1_get_prefix; -+ TS_TST_INFO_set_time; -+ EVP_PKEY_meth_set_decrypt; -+ EVP_PKEY_set_type_str; -+ EVP_PKEY_CTX_get_keygen_info; -+ TS_REQ_set_policy_id; -+ d2i_TS_RESP_fp; -+ ENGINE_get_pkey_asn1_meth_engine; -+ ENGINE_get_pkey_asn1_meth_eng; -+ WHIRLPOOL_Init; -+ TS_RESP_set_status_info; -+ EVP_PKEY_keygen; -+ EVP_DigestSignInit; -+ TS_ACCURACY_set_millis; -+ TS_REQ_dup; -+ GENERAL_NAME_dup; -+ ASN1_SEQUENCE_ANY_it; -+ WHIRLPOOL; -+ X509_STORE_get1_crls; -+ ENGINE_get_pkey_asn1_meth; -+ EVP_PKEY_asn1_new; -+ BIO_new_NDEF; -+ ENGINE_get_pkey_meth; -+ TS_MSG_IMPRINT_set_algo; -+ i2d_TS_TST_INFO_bio; -+ TS_TST_INFO_set_ordering; -+ TS_TST_INFO_get_ext_by_OBJ; -+ CRYPTO_THREADID_set_pointer; -+ TS_CONF_get_tsa_section; -+ SMIME_write_ASN1; -+ TS_RESP_CTX_set_signer_key; -+ EVP_PKEY_encrypt_old; -+ EVP_PKEY_encrypt_init; -+ CRYPTO_THREADID_cpy; -+ ASN1_PCTX_get_cert_flags; -+ i2d_ESS_SIGNING_CERT; -+ TS_CONF_load_key; -+ i2d_ASN1_SEQUENCE_ANY; -+ d2i_TS_MSG_IMPRINT_bio; -+ EVP_PKEY_asn1_set_public; -+ b2i_PublicKey_bio; -+ BIO_asn1_set_prefix; -+ EVP_PKEY_new_mac_key; -+ BIO_new_CMS; -+ CRYPTO_THREADID_cmp; -+ TS_REQ_ext_free; -+ EVP_PKEY_asn1_set_free; -+ EVP_PKEY_get0_asn1; -+ d2i_NETSCAPE_X509; -+ EVP_PKEY_verify_recover_init; -+ EVP_PKEY_CTX_set_data; -+ EVP_PKEY_keygen_init; -+ TS_RESP_CTX_set_status_info; -+ TS_MSG_IMPRINT_get_algo; -+ TS_REQ_print_bio; -+ EVP_PKEY_CTX_ctrl_str; -+ EVP_PKEY_get_default_digest_nid; -+ PEM_write_bio_PKCS7_stream; -+ TS_MSG_IMPRINT_print_bio; -+ BN_asc2bn; -+ TS_REQ_get_policy_id; -+ ENGINE_set_default_pkey_asn1_meths; -+ ENGINE_set_def_pkey_asn1_meths; -+ d2i_TS_ACCURACY; -+ DSO_global_lookup; -+ TS_CONF_set_tsa_name; -+ i2d_ASN1_SET_ANY; -+ ENGINE_load_gost; -+ WHIRLPOOL_BitUpdate; -+ ASN1_PCTX_get_flags; -+ TS_TST_INFO_get_ext_by_NID; -+ TS_RESP_new; -+ ESS_CERT_ID_dup; -+ TS_STATUS_INFO_dup; -+ TS_REQ_delete_ext; -+ EVP_DigestVerifyFinal; -+ EVP_PKEY_print_params; -+ i2d_CMS_bio_stream; -+ TS_REQ_get_msg_imprint; -+ OBJ_find_sigid_by_algs; -+ TS_TST_INFO_get_serial; -+ TS_REQ_get_nonce; -+ X509_PUBKEY_set0_param; -+ EVP_PKEY_CTX_set0_keygen_info; -+ DIST_POINT_set_dpname; -+ i2d_ISSUING_DIST_POINT; -+ ASN1_SET_ANY_it; -+ EVP_PKEY_CTX_get_data; -+ TS_STATUS_INFO_print_bio; -+ EVP_PKEY_derive_init; -+ d2i_TS_TST_INFO; -+ EVP_PKEY_asn1_add_alias; -+ d2i_TS_RESP_bio; -+ OTHERNAME_cmp; -+ GENERAL_NAME_set0_value; -+ PKCS7_RECIP_INFO_get0_alg; -+ TS_RESP_CTX_new; -+ TS_RESP_set_tst_info; -+ PKCS7_final; -+ EVP_PKEY_base_id; -+ TS_RESP_CTX_set_signer_cert; -+ TS_REQ_set_msg_imprint; -+ EVP_PKEY_CTX_ctrl; -+ TS_CONF_set_digests; -+ d2i_TS_MSG_IMPRINT; -+ EVP_PKEY_meth_set_ctrl; -+ TS_REQ_get_ext_by_NID; -+ PKCS5_pbe_set0_algor; -+ BN_BLINDING_thread_id; -+ TS_ACCURACY_new; -+ X509_CRL_METHOD_free; -+ ASN1_PCTX_get_nm_flags; -+ EVP_PKEY_meth_set_sign; -+ CRYPTO_THREADID_current; -+ EVP_PKEY_decrypt_init; -+ NETSCAPE_X509_free; -+ i2b_PVK_bio; -+ EVP_PKEY_print_private; -+ GENERAL_NAME_get0_value; -+ b2i_PVK_bio; -+ ASN1_UTCTIME_adj; -+ TS_TST_INFO_new; -+ EVP_MD_do_all_sorted; -+ TS_CONF_set_default_engine; -+ TS_ACCURACY_set_seconds; -+ TS_TST_INFO_get_time; -+ PKCS8_pkey_get0; -+ EVP_PKEY_asn1_get0; -+ OBJ_add_sigid; -+ PKCS7_SIGNER_INFO_sign; -+ EVP_PKEY_paramgen_init; -+ EVP_PKEY_sign; -+ OBJ_sigid_free; -+ EVP_PKEY_meth_set_init; -+ d2i_ESS_ISSUER_SERIAL; -+ ISSUING_DIST_POINT_new; -+ ASN1_TIME_adj; -+ TS_OBJ_print_bio; -+ EVP_PKEY_meth_set_verify_recover; -+ EVP_PKEY_meth_set_vrfy_recover; -+ TS_RESP_get_status_info; -+ CMS_stream; -+ EVP_PKEY_CTX_set_cb; -+ PKCS7_to_TS_TST_INFO; -+ ASN1_PCTX_get_oid_flags; -+ TS_TST_INFO_add_ext; -+ EVP_PKEY_meth_set_derive; -+ i2d_TS_RESP_fp; -+ i2d_TS_MSG_IMPRINT_bio; -+ TS_RESP_CTX_set_accuracy; -+ TS_REQ_set_nonce; -+ ESS_CERT_ID_new; -+ ENGINE_pkey_asn1_find_str; -+ TS_REQ_get_ext_count; -+ BUF_reverse; -+ TS_TST_INFO_print_bio; -+ d2i_ISSUING_DIST_POINT; -+ ENGINE_get_pkey_meths; -+ i2b_PrivateKey_bio; -+ i2d_TS_RESP; -+ b2i_PublicKey; -+ TS_VERIFY_CTX_cleanup; -+ TS_STATUS_INFO_free; -+ TS_RESP_verify_token; -+ OBJ_bsearch_ex_; -+ ASN1_bn_print; -+ EVP_PKEY_asn1_get_count; -+ ENGINE_register_pkey_asn1_meths; -+ ASN1_PCTX_set_nm_flags; -+ EVP_DigestVerifyInit; -+ ENGINE_set_default_pkey_meths; -+ TS_TST_INFO_get_policy_id; -+ TS_REQ_get_cert_req; -+ X509_CRL_set_meth_data; -+ PKCS8_pkey_set0; -+ ASN1_STRING_copy; -+ d2i_TS_TST_INFO_fp; -+ X509_CRL_match; -+ EVP_PKEY_asn1_set_private; -+ TS_TST_INFO_get_ext_d2i; -+ TS_RESP_CTX_add_policy; -+ d2i_TS_RESP; -+ TS_CONF_load_certs; -+ TS_TST_INFO_get_msg_imprint; -+ ERR_load_TS_strings; -+ TS_TST_INFO_get_version; -+ EVP_PKEY_CTX_dup; -+ EVP_PKEY_meth_set_verify; -+ i2b_PublicKey_bio; -+ TS_CONF_set_certs; -+ EVP_PKEY_asn1_get0_info; -+ TS_VERIFY_CTX_free; -+ TS_REQ_get_ext_by_critical; -+ TS_RESP_CTX_set_serial_cb; -+ X509_CRL_get_meth_data; -+ TS_RESP_CTX_set_time_cb; -+ TS_MSG_IMPRINT_get_msg; -+ TS_TST_INFO_ext_free; -+ TS_REQ_get_version; -+ TS_REQ_add_ext; -+ EVP_PKEY_CTX_set_app_data; -+ OBJ_bsearch_; -+ EVP_PKEY_meth_set_verifyctx; -+ i2d_PKCS7_bio_stream; -+ CRYPTO_THREADID_set_numeric; -+ PKCS7_sign_add_signer; -+ d2i_TS_TST_INFO_bio; -+ TS_TST_INFO_get_ordering; -+ TS_RESP_print_bio; -+ TS_TST_INFO_get_exts; -+ HMAC_CTX_copy; -+ PKCS5_pbe2_set_iv; -+ ENGINE_get_pkey_asn1_meths; -+ b2i_PrivateKey; -+ EVP_PKEY_CTX_get_app_data; -+ TS_REQ_set_cert_req; -+ CRYPTO_THREADID_set_callback; -+ TS_CONF_set_serial; -+ TS_TST_INFO_free; -+ d2i_TS_REQ_fp; -+ TS_RESP_verify_response; -+ i2d_ESS_ISSUER_SERIAL; -+ TS_ACCURACY_get_seconds; -+ EVP_CIPHER_do_all; -+ b2i_PrivateKey_bio; -+ OCSP_CERTID_dup; -+ X509_PUBKEY_get0_param; -+ TS_MSG_IMPRINT_dup; -+ PKCS7_print_ctx; -+ i2d_TS_REQ_bio; -+ EVP_whirlpool; -+ EVP_PKEY_asn1_set_param; -+ EVP_PKEY_meth_set_encrypt; -+ ASN1_PCTX_set_flags; -+ i2d_ESS_CERT_ID; -+ TS_VERIFY_CTX_new; -+ TS_RESP_CTX_set_extension_cb; -+ ENGINE_register_all_pkey_meths; -+ TS_RESP_CTX_set_status_info_cond; -+ TS_RESP_CTX_set_stat_info_cond; -+ EVP_PKEY_verify; -+ WHIRLPOOL_Final; -+ X509_CRL_METHOD_new; -+ EVP_DigestSignFinal; -+ TS_RESP_CTX_set_def_policy; -+ NETSCAPE_X509_it; -+ TS_RESP_create_response; -+ PKCS7_SIGNER_INFO_get0_algs; -+ TS_TST_INFO_get_nonce; -+ EVP_PKEY_decrypt_old; -+ TS_TST_INFO_set_policy_id; -+ TS_CONF_set_ess_cert_id_chain; -+ EVP_PKEY_CTX_get0_pkey; -+ d2i_TS_REQ; -+ EVP_PKEY_asn1_find_str; -+ BIO_f_asn1; -+ ESS_SIGNING_CERT_new; -+ EVP_PBE_find; -+ X509_CRL_get0_by_cert; -+ EVP_PKEY_derive; -+ i2d_TS_REQ; -+ TS_TST_INFO_delete_ext; -+ ESS_ISSUER_SERIAL_free; -+ ASN1_PCTX_set_str_flags; -+ ENGINE_get_pkey_asn1_meth_str; -+ TS_CONF_set_signer_key; -+ TS_ACCURACY_get_millis; -+ TS_RESP_get_token; -+ TS_ACCURACY_dup; -+ ENGINE_register_all_pkey_asn1_meths; -+ ENGINE_reg_all_pkey_asn1_meths; -+ X509_CRL_set_default_method; -+ CRYPTO_THREADID_hash; -+ CMS_ContentInfo_print_ctx; -+ TS_RESP_free; -+ ISSUING_DIST_POINT_free; -+ ESS_ISSUER_SERIAL_new; -+ CMS_add1_crl; -+ PKCS7_add1_attrib_digest; -+ TS_RESP_CTX_add_md; -+ TS_TST_INFO_dup; -+ ENGINE_set_pkey_asn1_meths; -+ PEM_write_bio_Parameters; -+ TS_TST_INFO_get_accuracy; -+ X509_CRL_get0_by_serial; -+ TS_TST_INFO_set_version; -+ TS_RESP_CTX_get_tst_info; -+ TS_RESP_verify_signature; -+ CRYPTO_THREADID_get_callback; -+ TS_TST_INFO_get_tsa; -+ TS_STATUS_INFO_new; -+ EVP_PKEY_CTX_get_cb; -+ TS_REQ_get_ext_d2i; -+ GENERAL_NAME_set0_othername; -+ TS_TST_INFO_get_ext_count; -+ TS_RESP_CTX_get_request; -+ i2d_NETSCAPE_X509; -+ ENGINE_get_pkey_meth_engine; -+ EVP_PKEY_meth_set_signctx; -+ EVP_PKEY_asn1_copy; -+ ASN1_TYPE_cmp; -+ EVP_CIPHER_do_all_sorted; -+ EVP_PKEY_CTX_free; -+ ISSUING_DIST_POINT_it; -+ d2i_TS_MSG_IMPRINT_fp; -+ X509_STORE_get1_certs; -+ EVP_PKEY_CTX_get_operation; -+ d2i_ESS_SIGNING_CERT; -+ TS_CONF_set_ordering; -+ EVP_PBE_alg_add_type; -+ TS_REQ_set_version; -+ EVP_PKEY_get0; -+ BIO_asn1_set_suffix; -+ i2d_TS_STATUS_INFO; -+ EVP_MD_do_all; -+ TS_TST_INFO_set_accuracy; -+ PKCS7_add_attrib_content_type; -+ ERR_remove_thread_state; -+ EVP_PKEY_meth_add0; -+ TS_TST_INFO_set_tsa; -+ EVP_PKEY_meth_new; -+ WHIRLPOOL_Update; -+ TS_CONF_set_accuracy; -+ ASN1_PCTX_set_oid_flags; -+ ESS_SIGNING_CERT_dup; -+ d2i_TS_REQ_bio; -+ X509_time_adj_ex; -+ TS_RESP_CTX_add_flags; -+ d2i_TS_STATUS_INFO; -+ TS_MSG_IMPRINT_set_msg; -+ BIO_asn1_get_suffix; -+ TS_REQ_free; -+ EVP_PKEY_meth_free; -+ TS_REQ_get_exts; -+ TS_RESP_CTX_set_clock_precision_digits; -+ TS_RESP_CTX_set_clk_prec_digits; -+ TS_RESP_CTX_add_failure_info; -+ i2d_TS_RESP_bio; -+ EVP_PKEY_CTX_get0_peerkey; -+ PEM_write_bio_CMS_stream; -+ TS_REQ_new; -+ TS_MSG_IMPRINT_new; -+ EVP_PKEY_meth_find; -+ EVP_PKEY_id; -+ TS_TST_INFO_set_serial; -+ a2i_GENERAL_NAME; -+ TS_CONF_set_crypto_device; -+ EVP_PKEY_verify_init; -+ TS_CONF_set_policies; -+ ASN1_PCTX_new; -+ ESS_CERT_ID_free; -+ ENGINE_unregister_pkey_meths; -+ TS_MSG_IMPRINT_free; -+ TS_VERIFY_CTX_init; -+ PKCS7_stream; -+ TS_RESP_CTX_set_certs; -+ TS_CONF_set_def_policy; -+ ASN1_GENERALIZEDTIME_adj; -+ NETSCAPE_X509_new; -+ TS_ACCURACY_free; -+ TS_RESP_get_tst_info; -+ EVP_PKEY_derive_set_peer; -+ PEM_read_bio_Parameters; -+ TS_CONF_set_clock_precision_digits; -+ TS_CONF_set_clk_prec_digits; -+ ESS_ISSUER_SERIAL_dup; -+ TS_ACCURACY_get_micros; -+ ASN1_PCTX_get_str_flags; -+ NAME_CONSTRAINTS_check; -+ ASN1_BIT_STRING_check; -+ X509_check_akid; -+ ENGINE_unregister_pkey_asn1_meths; -+ ENGINE_unreg_pkey_asn1_meths; -+ ASN1_PCTX_free; -+ PEM_write_bio_ASN1_stream; -+ i2d_ASN1_bio_stream; -+ TS_X509_ALGOR_print_bio; -+ EVP_PKEY_meth_set_cleanup; -+ EVP_PKEY_asn1_free; -+ ESS_SIGNING_CERT_free; -+ TS_TST_INFO_set_msg_imprint; -+ GENERAL_NAME_cmp; -+ d2i_ASN1_SET_ANY; -+ ENGINE_set_pkey_meths; -+ i2d_TS_REQ_fp; -+ d2i_ASN1_SEQUENCE_ANY; -+ GENERAL_NAME_get0_otherName; -+ d2i_ESS_CERT_ID; -+ OBJ_find_sigid_algs; -+ EVP_PKEY_meth_set_keygen; -+ PKCS5_PBKDF2_HMAC; -+ EVP_PKEY_paramgen; -+ EVP_PKEY_meth_set_paramgen; -+ BIO_new_PKCS7; -+ EVP_PKEY_verify_recover; -+ TS_ext_print_bio; -+ TS_ASN1_INTEGER_print_bio; -+ check_defer; -+ DSO_pathbyaddr; -+ EVP_PKEY_set_type; -+ TS_ACCURACY_set_micros; -+ TS_REQ_to_TS_VERIFY_CTX; -+ EVP_PKEY_meth_set_copy; -+ ASN1_PCTX_set_cert_flags; -+ TS_TST_INFO_get_ext; -+ EVP_PKEY_asn1_set_ctrl; -+ TS_TST_INFO_get_ext_by_critical; -+ EVP_PKEY_CTX_new_id; -+ TS_REQ_get_ext_by_OBJ; -+ TS_CONF_set_signer_cert; -+ X509_NAME_hash_old; -+ ASN1_TIME_set_string; -+ EVP_MD_flags; -+ TS_RESP_CTX_free; -+ DSAparams_dup; -+ DHparams_dup; -+ OCSP_REQ_CTX_add1_header; -+ OCSP_REQ_CTX_set1_req; -+ X509_STORE_set_verify_cb; -+ X509_STORE_CTX_get0_current_crl; -+ X509_STORE_CTX_get0_parent_ctx; -+ X509_STORE_CTX_get0_current_issuer; -+ X509_STORE_CTX_get0_cur_issuer; -+ X509_issuer_name_hash_old; -+ X509_subject_name_hash_old; -+ EVP_CIPHER_CTX_copy; -+ UI_method_get_prompt_constructor; -+ UI_method_get_prompt_constructr; -+ UI_method_set_prompt_constructor; -+ UI_method_set_prompt_constructr; -+ EVP_read_pw_string_min; -+ CRYPTO_cts128_encrypt; -+ CRYPTO_cts128_decrypt_block; -+ CRYPTO_cfb128_1_encrypt; -+ CRYPTO_cbc128_encrypt; -+ CRYPTO_ctr128_encrypt; -+ CRYPTO_ofb128_encrypt; -+ CRYPTO_cts128_decrypt; -+ CRYPTO_cts128_encrypt_block; -+ CRYPTO_cbc128_decrypt; -+ CRYPTO_cfb128_encrypt; -+ CRYPTO_cfb128_8_encrypt; -+ SSL_renegotiate_abbreviated; -+ TLSv1_1_method; -+ TLSv1_1_client_method; -+ TLSv1_1_server_method; -+ SSL_CTX_set_srp_client_pwd_callback; -+ SSL_CTX_set_srp_client_pwd_cb; -+ SSL_get_srp_g; -+ SSL_CTX_set_srp_username_callback; -+ SSL_CTX_set_srp_un_cb; -+ SSL_get_srp_userinfo; -+ SSL_set_srp_server_param; -+ SSL_set_srp_server_param_pw; -+ SSL_get_srp_N; -+ SSL_get_srp_username; -+ SSL_CTX_set_srp_password; -+ SSL_CTX_set_srp_strength; -+ SSL_CTX_set_srp_verify_param_callback; -+ SSL_CTX_set_srp_vfy_param_cb; -+ SSL_CTX_set_srp_cb_arg; -+ SSL_CTX_set_srp_username; -+ SSL_CTX_SRP_CTX_init; -+ SSL_SRP_CTX_init; -+ SRP_Calc_A_param; -+ SRP_generate_server_master_secret; -+ SRP_gen_server_master_secret; -+ SSL_CTX_SRP_CTX_free; -+ SRP_generate_client_master_secret; -+ SRP_gen_client_master_secret; -+ SSL_srp_server_param_with_username; -+ SSL_srp_server_param_with_un; -+ SSL_SRP_CTX_free; -+ SSL_set_debug; -+ SSL_SESSION_get0_peer; -+ TLSv1_2_client_method; -+ SSL_SESSION_set1_id_context; -+ TLSv1_2_server_method; -+ SSL_cache_hit; -+ SSL_get0_kssl_ctx; -+ SSL_set0_kssl_ctx; -+ SSL_set_state; -+ SSL_CIPHER_get_id; -+ TLSv1_2_method; -+ kssl_ctx_get0_client_princ; -+ SSL_export_keying_material; -+ SSL_set_tlsext_use_srtp; -+ SSL_CTX_set_next_protos_advertised_cb; -+ SSL_CTX_set_next_protos_adv_cb; -+ SSL_get0_next_proto_negotiated; -+ SSL_get_selected_srtp_profile; -+ SSL_CTX_set_tlsext_use_srtp; -+ SSL_select_next_proto; -+ SSL_get_srtp_profiles; -+ SSL_CTX_set_next_proto_select_cb; -+ SSL_CTX_set_next_proto_sel_cb; -+ SSL_SESSION_get_compress_id; -+ -+ SRP_VBASE_get_by_user; -+ SRP_Calc_server_key; -+ SRP_create_verifier; -+ SRP_create_verifier_BN; -+ SRP_Calc_u; -+ SRP_VBASE_free; -+ SRP_Calc_client_key; -+ SRP_get_default_gN; -+ SRP_Calc_x; -+ SRP_Calc_B; -+ SRP_VBASE_new; -+ SRP_check_known_gN_param; -+ SRP_Calc_A; -+ SRP_Verify_A_mod_N; -+ SRP_VBASE_init; -+ SRP_Verify_B_mod_N; -+ EC_KEY_set_public_key_affine_coordinates; -+ EC_KEY_set_pub_key_aff_coords; -+ EVP_aes_192_ctr; -+ EVP_PKEY_meth_get0_info; -+ EVP_PKEY_meth_copy; -+ ERR_add_error_vdata; -+ EVP_aes_128_ctr; -+ EVP_aes_256_ctr; -+ EC_GFp_nistp224_method; -+ EC_KEY_get_flags; -+ RSA_padding_add_PKCS1_PSS_mgf1; -+ EVP_aes_128_xts; -+ EVP_aes_256_xts; -+ EVP_aes_128_gcm; -+ EC_KEY_clear_flags; -+ EC_KEY_set_flags; -+ EVP_aes_256_ccm; -+ RSA_verify_PKCS1_PSS_mgf1; -+ EVP_aes_128_ccm; -+ EVP_aes_192_gcm; -+ X509_ALGOR_set_md; -+ RAND_init_fips; -+ EVP_aes_256_gcm; -+ EVP_aes_192_ccm; -+ CMAC_CTX_copy; -+ CMAC_CTX_free; -+ CMAC_CTX_get0_cipher_ctx; -+ CMAC_CTX_cleanup; -+ CMAC_Init; -+ CMAC_Update; -+ CMAC_resume; -+ CMAC_CTX_new; -+ CMAC_Final; -+ CRYPTO_ctr128_encrypt_ctr32; -+ CRYPTO_gcm128_release; -+ CRYPTO_ccm128_decrypt_ccm64; -+ CRYPTO_ccm128_encrypt; -+ CRYPTO_gcm128_encrypt; -+ CRYPTO_xts128_encrypt; -+ EVP_rc4_hmac_md5; -+ CRYPTO_nistcts128_decrypt_block; -+ CRYPTO_gcm128_setiv; -+ CRYPTO_nistcts128_encrypt; -+ EVP_aes_128_cbc_hmac_sha1; -+ CRYPTO_gcm128_tag; -+ CRYPTO_ccm128_encrypt_ccm64; -+ ENGINE_load_rdrand; -+ CRYPTO_ccm128_setiv; -+ CRYPTO_nistcts128_encrypt_block; -+ CRYPTO_gcm128_aad; -+ CRYPTO_ccm128_init; -+ CRYPTO_nistcts128_decrypt; -+ CRYPTO_gcm128_new; -+ CRYPTO_ccm128_tag; -+ CRYPTO_ccm128_decrypt; -+ CRYPTO_ccm128_aad; -+ CRYPTO_gcm128_init; -+ CRYPTO_gcm128_decrypt; -+ ENGINE_load_rsax; -+ CRYPTO_gcm128_decrypt_ctr32; -+ CRYPTO_gcm128_encrypt_ctr32; -+ CRYPTO_gcm128_finish; -+ EVP_aes_256_cbc_hmac_sha1; -+ PKCS5_pbkdf2_set; -+ CMS_add0_recipient_password; -+ CMS_decrypt_set1_password; -+ CMS_RecipientInfo_set0_password; -+ RAND_set_fips_drbg_type; -+ X509_REQ_sign_ctx; -+ RSA_PSS_PARAMS_new; -+ X509_CRL_sign_ctx; -+ X509_signature_dump; -+ d2i_RSA_PSS_PARAMS; -+ RSA_PSS_PARAMS_it; -+ RSA_PSS_PARAMS_free; -+ X509_sign_ctx; -+ i2d_RSA_PSS_PARAMS; -+ ASN1_item_sign_ctx; -+ EC_GFp_nistp521_method; -+ EC_GFp_nistp256_method; -+ OPENSSL_stderr; -+ OPENSSL_cpuid_setup; -+ OPENSSL_showfatal; -+ BIO_new_dgram_sctp; -+ BIO_dgram_sctp_msg_waiting; -+ BIO_dgram_sctp_wait_for_dry; -+ BIO_s_datagram_sctp; -+ BIO_dgram_is_sctp; -+ BIO_dgram_sctp_notification_cb; -+ CRYPTO_memcmp; -+ SSL_CTX_set_alpn_protos; -+ SSL_set_alpn_protos; -+ SSL_CTX_set_alpn_select_cb; -+ SSL_get0_alpn_selected; -+ SSL_CTX_set_custom_cli_ext; -+ SSL_CTX_set_custom_srv_ext; -+ SSL_CTX_set_srv_supp_data; -+ SSL_CTX_set_cli_supp_data; -+ SSL_set_cert_cb; -+ SSL_CTX_use_serverinfo; -+ SSL_CTX_use_serverinfo_file; -+ SSL_CTX_set_cert_cb; -+ SSL_CTX_get0_param; -+ SSL_get0_param; -+ SSL_certs_clear; -+ DTLSv1_2_method; -+ DTLSv1_2_server_method; -+ DTLSv1_2_client_method; -+ DTLS_method; -+ DTLS_server_method; -+ DTLS_client_method; -+ SSL_CTX_get_ssl_method; -+ SSL_CTX_get0_certificate; -+ SSL_CTX_get0_privatekey; -+ SSL_COMP_set0_compression_methods; -+ SSL_COMP_free_compression_methods; -+ SSL_CIPHER_find; -+ SSL_is_server; -+ SSL_CONF_CTX_new; -+ SSL_CONF_CTX_finish; -+ SSL_CONF_CTX_free; -+ SSL_CONF_CTX_set_flags; -+ SSL_CONF_CTX_clear_flags; -+ SSL_CONF_CTX_set1_prefix; -+ SSL_CONF_CTX_set_ssl; -+ SSL_CONF_CTX_set_ssl_ctx; -+ SSL_CONF_cmd; -+ SSL_CONF_cmd_argv; -+ SSL_CONF_cmd_value_type; -+ SSL_trace; -+ SSL_CIPHER_standard_name; -+ SSL_get_tlsa_record_byname; -+ ASN1_TIME_diff; -+ BIO_hex_string; -+ CMS_RecipientInfo_get0_pkey_ctx; -+ CMS_RecipientInfo_encrypt; -+ CMS_SignerInfo_get0_pkey_ctx; -+ CMS_SignerInfo_get0_md_ctx; -+ CMS_SignerInfo_get0_signature; -+ CMS_RecipientInfo_kari_get0_alg; -+ CMS_RecipientInfo_kari_get0_reks; -+ CMS_RecipientInfo_kari_get0_orig_id; -+ CMS_RecipientInfo_kari_orig_id_cmp; -+ CMS_RecipientEncryptedKey_get0_id; -+ CMS_RecipientEncryptedKey_cert_cmp; -+ CMS_RecipientInfo_kari_set0_pkey; -+ CMS_RecipientInfo_kari_get0_ctx; -+ CMS_RecipientInfo_kari_decrypt; -+ CMS_SharedInfo_encode; -+ DH_compute_key_padded; -+ d2i_DHxparams; -+ i2d_DHxparams; -+ DH_get_1024_160; -+ DH_get_2048_224; -+ DH_get_2048_256; -+ DH_KDF_X9_42; -+ ECDH_KDF_X9_62; -+ ECDSA_METHOD_new; -+ ECDSA_METHOD_free; -+ ECDSA_METHOD_set_app_data; -+ ECDSA_METHOD_get_app_data; -+ ECDSA_METHOD_set_sign; -+ ECDSA_METHOD_set_sign_setup; -+ ECDSA_METHOD_set_verify; -+ ECDSA_METHOD_set_flags; -+ ECDSA_METHOD_set_name; -+ EVP_des_ede3_wrap; -+ EVP_aes_128_wrap; -+ EVP_aes_192_wrap; -+ EVP_aes_256_wrap; -+ EVP_aes_128_cbc_hmac_sha256; -+ EVP_aes_256_cbc_hmac_sha256; -+ CRYPTO_128_wrap; -+ CRYPTO_128_unwrap; -+ OCSP_REQ_CTX_nbio; -+ OCSP_REQ_CTX_new; -+ OCSP_set_max_response_length; -+ OCSP_REQ_CTX_i2d; -+ OCSP_REQ_CTX_nbio_d2i; -+ OCSP_REQ_CTX_get0_mem_bio; -+ OCSP_REQ_CTX_http; -+ RSA_padding_add_PKCS1_OAEP_mgf1; -+ RSA_padding_check_PKCS1_OAEP_mgf1; -+ RSA_OAEP_PARAMS_free; -+ RSA_OAEP_PARAMS_it; -+ RSA_OAEP_PARAMS_new; -+ SSL_get_sigalgs; -+ SSL_get_shared_sigalgs; -+ SSL_check_chain; -+ X509_chain_up_ref; -+ X509_http_nbio; -+ X509_CRL_http_nbio; -+ X509_REVOKED_dup; -+ i2d_re_X509_tbs; -+ X509_get0_signature; -+ X509_get_signature_nid; -+ X509_CRL_diff; -+ X509_chain_check_suiteb; -+ X509_CRL_check_suiteb; -+ X509_check_host; -+ X509_check_email; -+ X509_check_ip; -+ X509_check_ip_asc; -+ X509_STORE_set_lookup_crls_cb; -+ X509_STORE_CTX_get0_store; -+ X509_VERIFY_PARAM_set1_host; -+ X509_VERIFY_PARAM_add1_host; -+ X509_VERIFY_PARAM_set_hostflags; -+ X509_VERIFY_PARAM_get0_peername; -+ X509_VERIFY_PARAM_set1_email; -+ X509_VERIFY_PARAM_set1_ip; -+ X509_VERIFY_PARAM_set1_ip_asc; -+ X509_VERIFY_PARAM_get0_name; -+ X509_VERIFY_PARAM_get_count; -+ X509_VERIFY_PARAM_get0; -+ X509V3_EXT_free; -+ EC_GROUP_get_mont_data; -+ EC_curve_nid2nist; -+ EC_curve_nist2nid; -+ PEM_write_bio_DHxparams; -+ PEM_write_DHxparams; -+ SSL_CTX_add_client_custom_ext; -+ SSL_CTX_add_server_custom_ext; -+ SSL_extension_supported; -+ BUF_strnlen; -+ sk_deep_copy; -+ SSL_test_functions; -+ -+ local: -+ *; -+}; -+ -+OPENSSL_1.0.2g { -+ global: -+ SRP_VBASE_get1_by_user; -+ SRP_user_pwd_free; -+} OPENSSL_1.0.2d; -+ -Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld 2014-02-24 21:02:30.000000000 +0100 -@@ -0,0 +1,10 @@ -+OPENSSL_1.0.2 { -+ global: -+ bind_engine; -+ v_check; -+ OPENSSL_init; -+ OPENSSL_finish; -+ local: -+ *; -+}; -+ -Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld 2014-02-24 21:02:30.000000000 +0100 -@@ -0,0 +1,10 @@ -+OPENSSL_1.0.2 { -+ global: -+ bind_engine; -+ v_check; -+ OPENSSL_init; -+ OPENSSL_finish; -+ local: -+ *; -+}; -+ diff --git a/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch deleted file mode 100644 index a5746483e6..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch +++ /dev/null @@ -1,64 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - - -Index: openssl-1.0.2/engines/Makefile -=================================================================== ---- openssl-1.0.2.orig/engines/Makefile -+++ openssl-1.0.2/engines/Makefile -@@ -107,13 +107,13 @@ install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ -- $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \ -+ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines; \ - for l in $(LIBNAMES); do \ - ( echo installing $$l; \ - pfx=lib; \ - if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \ - sfx=".so"; \ -- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ -+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ - else \ - case "$(CFLAGS)" in \ - *DSO_BEOS*) sfx=".so";; \ -@@ -122,10 +122,10 @@ install: - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ -- cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ -+ cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ - fi; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ -+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ -+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx ); \ - done; \ - fi - @target=install; $(RECURSIVE_MAKE) -Index: openssl-1.0.2/engines/ccgost/Makefile -=================================================================== ---- openssl-1.0.2.orig/engines/ccgost/Makefile -+++ openssl-1.0.2/engines/ccgost/Makefile -@@ -47,7 +47,7 @@ install: - pfx=lib; \ - if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \ - sfx=".so"; \ -- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ -+ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - else \ - case "$(CFLAGS)" in \ - *DSO_BEOS*) sfx=".so";; \ -@@ -56,10 +56,10 @@ install: - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ -- cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ -+ cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - fi; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ -+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ -+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx; \ - fi - - links: diff --git a/meta/recipes-connectivity/openssl/openssl/find.pl b/meta/recipes-connectivity/openssl/openssl/find.pl deleted file mode 100644 index 8e1b42c88a..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/find.pl +++ /dev/null @@ -1,54 +0,0 @@ -warn "Legacy library @{[(caller(0))[6]]} will be removed from the Perl core distribution in the next major release. Please install it from the CPAN distribution Perl4::CoreLibs. It is being used at @{[(caller)[1]]}, line @{[(caller)[2]]}.\n"; - -# This library is deprecated and unmaintained. It is included for -# compatibility with Perl 4 scripts which may use it, but it will be -# removed in a future version of Perl. Please use the File::Find module -# instead. - -# Usage: -# require "find.pl"; -# -# &find('/foo','/bar'); -# -# sub wanted { ... } -# where wanted does whatever you want. $dir contains the -# current directory name, and $_ the current filename within -# that directory. $name contains "$dir/$_". You are cd'ed -# to $dir when the function is called. The function may -# set $prune to prune the tree. -# -# For example, -# -# find / -name .nfs\* -mtime +7 -exec rm -f {} \; -o -fstype nfs -prune -# -# corresponds to this -# -# sub wanted { -# /^\.nfs.*$/ && -# (($dev,$ino,$mode,$nlink,$uid,$gid) = lstat($_)) && -# int(-M _) > 7 && -# unlink($_) -# || -# ($nlink || (($dev,$ino,$mode,$nlink,$uid,$gid) = lstat($_))) && -# $dev < 0 && -# ($prune = 1); -# } -# -# Set the variable $dont_use_nlink if you're using AFS, since AFS cheats. - -use File::Find (); - -*name = *File::Find::name; -*prune = *File::Find::prune; -*dir = *File::Find::dir; -*topdir = *File::Find::topdir; -*topdev = *File::Find::topdev; -*topino = *File::Find::topino; -*topmode = *File::Find::topmode; -*topnlink = *File::Find::topnlink; - -sub find { - &File::Find::find(\&wanted, @_); -} - -1; diff --git a/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch b/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch deleted file mode 100644 index 2a318a4584..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch +++ /dev/null @@ -1,21 +0,0 @@ -Upstream-Status: Submitted - -This patch adds the fix for one of the ciphers used in openssl, namely -the cipher des-ede3-cfb1. Complete bug log and patch is present here: -http://rt.openssl.org/Ticket/Display.html?id=2867 - -Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com> - -Index: openssl-1.0.2/crypto/evp/e_des3.c -=================================================================== ---- openssl-1.0.2.orig/crypto/evp/e_des3.c -+++ openssl-1.0.2/crypto/evp/e_des3.c -@@ -211,7 +211,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPH - size_t n; - unsigned char c[1], d[1]; - -- for (n = 0; n < inl; ++n) { -+ for (n = 0; n * 8 < inl; ++n) { - c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; - DES_ede3_cfb_encrypt(c, d, 1, 1, - &data(ctx)->ks1, &data(ctx)->ks2, diff --git a/meta/recipes-connectivity/openssl/openssl/oe-ldflags.patch b/meta/recipes-connectivity/openssl/openssl/oe-ldflags.patch deleted file mode 100644 index 292e13dc5f..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/oe-ldflags.patch +++ /dev/null @@ -1,24 +0,0 @@ -Upstream-Status: Inappropriate [open-embedded] - -Index: openssl-1.0.0/Makefile.shared -=================================================================== ---- openssl-1.0.0.orig/Makefile.shared -+++ openssl-1.0.0/Makefile.shared -@@ -92,7 +92,7 @@ - LINK_APP= \ - ( $(SET_X); \ - LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ -- LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \ -+ LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$(OE_LDFLAGS) $${LDFLAGS:-$(CFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ -@@ -102,7 +102,7 @@ - ( $(SET_X); \ - LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \ - SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \ -- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ -+ SHAREDFLAGS="$(OE_LDFLAGS) $${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-1.0.2a-x32-asm.patch b/meta/recipes-connectivity/openssl/openssl/openssl-1.0.2a-x32-asm.patch deleted file mode 100644 index 1e5bfa17d6..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/openssl-1.0.2a-x32-asm.patch +++ /dev/null @@ -1,46 +0,0 @@ -https://rt.openssl.org/Ticket/Display.html?id=3759&user=guest&pass=guest - -From 6257d59b3a68d2feb9d64317a1c556dc3813ee61 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger <vapier@gentoo.org> -Date: Sat, 21 Mar 2015 06:01:25 -0400 -Subject: [PATCH] crypto: use bigint in x86-64 perl - -Upstream-Status: Pending -Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> - -When building on x32 systems where the default type is 32bit, make sure -we can transparently represent 64bit integers. Otherwise we end up with -build errors like: -/usr/bin/perl asm/ghash-x86_64.pl elf > ghash-x86_64.s -Integer overflow in hexadecimal number at asm/../../perlasm/x86_64-xlate.pl line 201, <> line 890. -... -ghash-x86_64.s: Assembler messages: -ghash-x86_64.s:890: Error: junk '.15473355479995e+19' after expression - -We don't enable this globally as there are some cases where we'd get -32bit values interpreted as unsigned when we need them as signed. - -Reported-by: Bertrand Jacquin <bertrand@jacquin.bzh> -URL: https://bugs.gentoo.org/542618 ---- - crypto/perlasm/x86_64-xlate.pl | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl -index aae8288..0bf9774 100755 ---- a/crypto/perlasm/x86_64-xlate.pl -+++ b/crypto/perlasm/x86_64-xlate.pl -@@ -195,6 +195,10 @@ my %globals; - sub out { - my $self = shift; - -+ # When building on x32 ABIs, the expanded hex value might be too -+ # big to fit into 32bits. Enable transparent 64bit support here -+ # so we can safely print it out. -+ use bigint; - if ($gas) { - # Solaris /usr/ccs/bin/as can't handle multiplications - # in $self->{value} --- -2.3.3 - diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch deleted file mode 100644 index f736e5c098..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch +++ /dev/null @@ -1,23 +0,0 @@ -openssl: avoid NULL pointer dereference in EVP_DigestInit_ex() - -We should avoid accessing the type pointer if it's NULL, -this could happen if ctx->digest is not NULL. - -Upstream-Status: Submitted -http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html - -Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> ---- -Index: openssl-1.0.2h/crypto/evp/digest.c -=================================================================== ---- openssl-1.0.2h.orig/crypto/evp/digest.c -+++ openssl-1.0.2h/crypto/evp/digest.c -@@ -211,7 +211,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c - type = ctx->digest; - } - #endif -- if (ctx->digest != type) { -+ if (type && (ctx->digest != type)) { - if (ctx->digest && ctx->digest->ctx_size) { - OPENSSL_free(ctx->md_data); - ctx->md_data = NULL; diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-c_rehash.sh b/meta/recipes-connectivity/openssl/openssl/openssl-c_rehash.sh deleted file mode 100644 index f67f415544..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/openssl-c_rehash.sh +++ /dev/null @@ -1,210 +0,0 @@ -#!/bin/sh -# -# Ben Secrest <blsecres@gmail.com> -# -# sh c_rehash script, scan all files in a directory -# and add symbolic links to their hash values. -# -# based on the c_rehash perl script distributed with openssl -# -# LICENSE: See OpenSSL license -# ^^acceptable?^^ -# - -# default certificate location -DIR=/etc/openssl - -# for filetype bitfield -IS_CERT=$(( 1 << 0 )) -IS_CRL=$(( 1 << 1 )) - - -# check to see if a file is a certificate file or a CRL file -# arguments: -# 1. the filename to be scanned -# returns: -# bitfield of file type; uses ${IS_CERT} and ${IS_CRL} -# -check_file() -{ - local IS_TYPE=0 - - # make IFS a newline so we can process grep output line by line - local OLDIFS=${IFS} - IFS=$( printf "\n" ) - - # XXX: could be more efficient to have two 'grep -m' but is -m portable? - for LINE in $( grep '^-----BEGIN .*-----' ${1} ) - do - if echo ${LINE} \ - | grep -q -E '^-----BEGIN (X509 |TRUSTED )?CERTIFICATE-----' - then - IS_TYPE=$(( ${IS_TYPE} | ${IS_CERT} )) - - if [ $(( ${IS_TYPE} & ${IS_CRL} )) -ne 0 ] - then - break - fi - elif echo ${LINE} | grep -q '^-----BEGIN X509 CRL-----' - then - IS_TYPE=$(( ${IS_TYPE} | ${IS_CRL} )) - - if [ $(( ${IS_TYPE} & ${IS_CERT} )) -ne 0 ] - then - break - fi - fi - done - - # restore IFS - IFS=${OLDIFS} - - return ${IS_TYPE} -} - - -# -# use openssl to fingerprint a file -# arguments: -# 1. the filename to fingerprint -# 2. the method to use (x509, crl) -# returns: -# none -# assumptions: -# user will capture output from last stage of pipeline -# -fingerprint() -{ - ${SSL_CMD} ${2} -fingerprint -noout -in ${1} | sed 's/^.*=//' | tr -d ':' -} - - -# -# link_hash - create links to certificate files -# arguments: -# 1. the filename to create a link for -# 2. the type of certificate being linked (x509, crl) -# returns: -# 0 on success, 1 otherwise -# -link_hash() -{ - local FINGERPRINT=$( fingerprint ${1} ${2} ) - local HASH=$( ${SSL_CMD} ${2} -hash -noout -in ${1} ) - local SUFFIX=0 - local LINKFILE='' - local TAG='' - - if [ ${2} = "crl" ] - then - TAG='r' - fi - - LINKFILE=${HASH}.${TAG}${SUFFIX} - - while [ -f ${LINKFILE} ] - do - if [ ${FINGERPRINT} = $( fingerprint ${LINKFILE} ${2} ) ] - then - echo "NOTE: Skipping duplicate file ${1}" >&2 - return 1 - fi - - SUFFIX=$(( ${SUFFIX} + 1 )) - LINKFILE=${HASH}.${TAG}${SUFFIX} - done - - echo "${1} => ${LINKFILE}" - - # assume any system with a POSIX shell will either support symlinks or - # do something to handle this gracefully - ln -s ${1} ${LINKFILE} - - return 0 -} - - -# hash_dir create hash links in a given directory -hash_dir() -{ - echo "Doing ${1}" - - cd ${1} - - ls -1 * 2>/dev/null | while read FILE - do - if echo ${FILE} | grep -q -E '^[[:xdigit:]]{8}\.r?[[:digit:]]+$' \ - && [ -h "${FILE}" ] - then - rm ${FILE} - fi - done - - ls -1 *.pem *.cer *.crt *.crl 2>/dev/null | while read FILE - do - check_file ${FILE} - local FILE_TYPE=${?} - local TYPE_STR='' - - if [ $(( ${FILE_TYPE} & ${IS_CERT} )) -ne 0 ] - then - TYPE_STR='x509' - elif [ $(( ${FILE_TYPE} & ${IS_CRL} )) -ne 0 ] - then - TYPE_STR='crl' - else - echo "NOTE: ${FILE} does not contain a certificate or CRL: skipping" >&2 - continue - fi - - link_hash ${FILE} ${TYPE_STR} - done -} - - -# choose the name of an ssl application -if [ -n "${OPENSSL}" ] -then - SSL_CMD=$(which ${OPENSSL} 2>/dev/null) -else - SSL_CMD=/usr/bin/openssl - OPENSSL=${SSL_CMD} - export OPENSSL -fi - -# fix paths -PATH=${PATH}:${DIR}/bin -export PATH - -# confirm existance/executability of ssl command -if ! [ -x ${SSL_CMD} ] -then - echo "${0}: rehashing skipped ('openssl' program not available)" >&2 - exit 0 -fi - -# determine which directories to process -old_IFS=$IFS -if [ ${#} -gt 0 ] -then - IFS=':' - DIRLIST=${*} -elif [ -n "${SSL_CERT_DIR}" ] -then - DIRLIST=$SSL_CERT_DIR -else - DIRLIST=${DIR}/certs -fi - -IFS=':' - -# process directories -for CERT_DIR in ${DIRLIST} -do - if [ -d ${CERT_DIR} -a -w ${CERT_DIR} ] - then - IFS=$old_IFS - hash_dir ${CERT_DIR} - IFS=':' - fi -done diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch b/meta/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch deleted file mode 100644 index de49729e5e..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch +++ /dev/null @@ -1,19 +0,0 @@ -openssl: Fix pod2man des.pod error on Ubuntu 12.04 - -This is a formatting fix, '=back' is required before -'=head1' on Ubuntu 12.04. - -Upstream-Status: Pending -Signed-off-by: Baogen Shang <baogen.shang@windriver.com> -diff -urpN a_origin/des.pod b_modify/des.pod ---- a_origin/crypto/des/des.pod 2013-08-15 15:02:56.211674589 +0800 -+++ b_modify/crypto/des/des.pod 2013-08-15 15:04:14.439674580 +0800 -@@ -181,6 +181,8 @@ the uuencoded file to embed in the begin - output. If there is no name specified after the B<-u>, the name text.des - will be embedded in the header. - -+=back -+ - =head1 SEE ALSO - - ps(1), diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-util-perlpath.pl-cwd.patch b/meta/recipes-connectivity/openssl/openssl/openssl-util-perlpath.pl-cwd.patch deleted file mode 100644 index 065b9b122a..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/openssl-util-perlpath.pl-cwd.patch +++ /dev/null @@ -1,34 +0,0 @@ -From e427748f3bb5d37e78dc8d70a558c373aa8ababb Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Mon, 19 Sep 2016 22:06:28 -0700 -Subject: [PATCH] util/perlpath.pl: make it work when cwd is not in @INC - -Fixed when building on Debian-testing: -| Can't locate find.pl in @INC (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.22.2 /usr/local/share/perl/5.22.2 /usr/lib/x86_64-linux-gnu/perl5/5.22 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.22 /usr/share/perl/5.22 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at perlpath.pl line 7. - -The find.pl is added by oe-core, so once openssl/find.pl is removed, -then this patch can be dropped. - -Upstream-Status: Inappropriate [OE-Specific] - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - util/perlpath.pl | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/util/perlpath.pl b/util/perlpath.pl -index a1f236b..5599892 100755 ---- a/util/perlpath.pl -+++ b/util/perlpath.pl -@@ -4,6 +4,8 @@ - # line in all scripts that rely on perl. - # - -+BEGIN { unshift @INC, "."; } -+ - require "find.pl"; - - $#ARGV == 0 || print STDERR "usage: perlpath newpath (eg /usr/bin)\n"; --- -2.9.0 - diff --git a/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch b/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch deleted file mode 100644 index 0f08a642f6..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch +++ /dev/null @@ -1,39 +0,0 @@ -Upstream-Status: Pending - -Received from H J Liu @ Intel -Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors. -Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13 - -ported the patch to the 1.0.0e version -Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01 -Index: openssl-1.0.2/crypto/bn/bn.h -=================================================================== ---- openssl-1.0.2.orig/crypto/bn/bn.h -+++ openssl-1.0.2/crypto/bn/bn.h -@@ -173,6 +173,13 @@ extern "C" { - # endif - # endif - -+/* Address type. */ -+#ifdef _WIN64 -+#define BN_ADDR unsigned long long -+#else -+#define BN_ADDR unsigned long -+#endif -+ - /* - * assuming long is 64bit - this is the DEC Alpha unsigned long long is only - * 64 bits :-(, don't define BN_LLONG for the DEC Alpha -Index: openssl-1.0.2/crypto/bn/bn_exp.c -=================================================================== ---- openssl-1.0.2.orig/crypto/bn/bn_exp.c -+++ openssl-1.0.2/crypto/bn/bn_exp.c -@@ -638,7 +638,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU - * multiple. - */ - #define MOD_EXP_CTIME_ALIGN(x_) \ -- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) -+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) - - /* - * This variant of BN_mod_exp_mont() uses fixed windows and the special diff --git a/meta/recipes-connectivity/openssl/openssl/parallel.patch b/meta/recipes-connectivity/openssl/openssl/parallel.patch deleted file mode 100644 index f3f4c99888..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/parallel.patch +++ /dev/null @@ -1,337 +0,0 @@ -Fix the parallel races in the Makefiles. - -This patch was taken from the Gentoo packaging: -https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2g-parallel-build.patch - -Upstream-Status: Pending -Signed-off-by: Ross Burton <ross.burton@intel.com> - -Refreshed for 1.0.2i -Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> - ---- openssl-1.0.2g/crypto/Makefile -+++ openssl-1.0.2g/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o - $(RANLIB) $(LIB) || echo Never mind. -@@ -111,7 +111,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -120,7 +120,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- openssl-1.0.2g/engines/Makefile -+++ openssl-1.0.2g/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- openssl-1.0.2g/Makefile.org -+++ openssl-1.0.2g/Makefile.org -@@ -279,17 +279,17 @@ - build_libssl: build_ssl libssl.pc - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) - build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) - build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) - build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) - build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) - build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -544,7 +544,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ ---- openssl-1.0.2g/Makefile.shared -+++ openssl-1.0.2g/Makefile.shared -@@ -105,6 +105,7 @@ - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ -@@ -122,6 +123,7 @@ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- openssl-1.0.2g/test/Makefile -+++ openssl-1.0.2g/test/Makefile -@@ -144,7 +144,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -438,136 +438,136 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(FIPS_BUILD_CMD) -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) -- @target=$(EVPEXTRATEST); $(BUILD_CMD) -+ +@target=$(EVPEXTRATEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) -- @target=$(SRPTEST); $(BUILD_CMD) -+ +@target=$(SRPTEST); $(BUILD_CMD) - - $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO) -- @target=$(V3NAMETEST); $(BUILD_CMD) -+ +@target=$(V3NAMETEST); $(BUILD_CMD) - - $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) -- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) -+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) - - $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o -- @target=$(CONSTTIMETEST) $(BUILD_CMD) -+ +@target=$(CONSTTIMETEST) $(BUILD_CMD) - - $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o -- @target=$(VERIFYEXTRATEST) $(BUILD_CMD) -+ +@target=$(VERIFYEXTRATEST) $(BUILD_CMD) - - $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o -- @target=$(CLIENTHELLOTEST) $(BUILD_CMD) -+ +@target=$(CLIENTHELLOTEST) $(BUILD_CMD) - - $(BADDTLSTEST)$(EXE_EXT): $(BADDTLSTEST).o -- @target=$(BADDTLSTEST) $(BUILD_CMD) -+ +@target=$(BADDTLSTEST) $(BUILD_CMD) - - $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o -- @target=$(SSLV2CONFTEST) $(BUILD_CMD) -+ +@target=$(SSLV2CONFTEST) $(BUILD_CMD) - - $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD) -+ +@target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -580,6 +580,6 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. -
\ No newline at end of file diff --git a/meta/recipes-connectivity/openssl/openssl/ptest-deps.patch b/meta/recipes-connectivity/openssl/openssl/ptest-deps.patch deleted file mode 100644 index ef6d17934d..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/ptest-deps.patch +++ /dev/null @@ -1,34 +0,0 @@ -Remove Makefile dependencies for test targets - -These are probably here because the executables aren't always built for -other platforms (e.g. Windows); however we can safely assume they'll -always be there. None of the other test targets have such dependencies -and if we don't remove them, make tries to rebuild the executables and -fails during run-ptest. - -Upstream-Status: Inappropriate [config] - -Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> - -Index: openssl-1.0.2/test/Makefile -=================================================================== ---- openssl-1.0.2.orig/test/Makefile -+++ openssl-1.0.2/test/Makefile -@@ -330,7 +330,7 @@ test_cms: ../apps/openssl$(EXE_EXT) cms- - @echo "CMS consistency test" - $(PERL) cms-test.pl - --test_srp: $(SRPTEST)$(EXE_EXT) -+test_srp: - @echo "Test SRP" - ../util/shlib_wrap.sh ./srptest - -@@ -342,7 +342,7 @@ test_v3name: $(V3NAMETEST)$(EXE_EXT) - @echo "Test X509v3_check_*" - ../util/shlib_wrap.sh ./$(V3NAMETEST) - --test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT) -+test_heartbeat: - ../util/shlib_wrap.sh ./$(HEARTBEATTEST) - - test_constant_time: $(CONSTTIMETEST)$(EXE_EXT) diff --git a/meta/recipes-connectivity/openssl/openssl/ptest_makefile_deps.patch b/meta/recipes-connectivity/openssl/openssl/ptest_makefile_deps.patch deleted file mode 100644 index 4202e61d1e..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/ptest_makefile_deps.patch +++ /dev/null @@ -1,248 +0,0 @@ -Additional Makefile dependencies removal for test targets - -Removing the dependency check for test targets as these tests are -causing a number of failures and "noise" during ptest execution. - -Upstream-Status: Inappropriate [config] - -Signed-off-by: Maxin B. John <maxin.john@intel.com> - -diff -Naur openssl-1.0.2d-orig/test/Makefile openssl-1.0.2d/test/Makefile ---- openssl-1.0.2d-orig/test/Makefile 2015-09-28 12:50:41.530022979 +0300 -+++ openssl-1.0.2d/test/Makefile 2015-09-28 12:57:45.930717240 +0300 -@@ -155,67 +155,67 @@ - ( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \ - done) - --test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt -+test_evp: - ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt - --test_evp_extra: $(EVPEXTRATEST)$(EXE_EXT) -+test_evp_extra: - ../util/shlib_wrap.sh ./$(EVPEXTRATEST) - --test_des: $(DESTEST)$(EXE_EXT) -+test_des: - ../util/shlib_wrap.sh ./$(DESTEST) - --test_idea: $(IDEATEST)$(EXE_EXT) -+test_idea: - ../util/shlib_wrap.sh ./$(IDEATEST) - --test_sha: $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) -+test_sha: - ../util/shlib_wrap.sh ./$(SHATEST) - ../util/shlib_wrap.sh ./$(SHA1TEST) - ../util/shlib_wrap.sh ./$(SHA256TEST) - ../util/shlib_wrap.sh ./$(SHA512TEST) - --test_mdc2: $(MDC2TEST)$(EXE_EXT) -+test_mdc2: - ../util/shlib_wrap.sh ./$(MDC2TEST) - --test_md5: $(MD5TEST)$(EXE_EXT) -+test_md5: - ../util/shlib_wrap.sh ./$(MD5TEST) - --test_md4: $(MD4TEST)$(EXE_EXT) -+test_md4: - ../util/shlib_wrap.sh ./$(MD4TEST) - --test_hmac: $(HMACTEST)$(EXE_EXT) -+test_hmac: - ../util/shlib_wrap.sh ./$(HMACTEST) - --test_wp: $(WPTEST)$(EXE_EXT) -+test_wp: - ../util/shlib_wrap.sh ./$(WPTEST) - --test_md2: $(MD2TEST)$(EXE_EXT) -+test_md2: - ../util/shlib_wrap.sh ./$(MD2TEST) - --test_rmd: $(RMDTEST)$(EXE_EXT) -+test_rmd: - ../util/shlib_wrap.sh ./$(RMDTEST) - --test_bf: $(BFTEST)$(EXE_EXT) -+test_bf: - ../util/shlib_wrap.sh ./$(BFTEST) - --test_cast: $(CASTTEST)$(EXE_EXT) -+test_cast: - ../util/shlib_wrap.sh ./$(CASTTEST) - --test_rc2: $(RC2TEST)$(EXE_EXT) -+test_rc2: - ../util/shlib_wrap.sh ./$(RC2TEST) - --test_rc4: $(RC4TEST)$(EXE_EXT) -+test_rc4: - ../util/shlib_wrap.sh ./$(RC4TEST) - --test_rc5: $(RC5TEST)$(EXE_EXT) -+test_rc5: - ../util/shlib_wrap.sh ./$(RC5TEST) - --test_rand: $(RANDTEST)$(EXE_EXT) -+test_rand: - ../util/shlib_wrap.sh ./$(RANDTEST) - --test_enc: ../apps/openssl$(EXE_EXT) testenc -+test_enc: - @sh ./testenc - --test_x509: ../apps/openssl$(EXE_EXT) tx509 testx509.pem v3-cert1.pem v3-cert2.pem -+test_x509: - echo test normal x509v1 certificate - sh ./tx509 2>/dev/null - echo test first x509v3 certificate -@@ -223,25 +223,25 @@ - echo test second x509v3 certificate - sh ./tx509 v3-cert2.pem 2>/dev/null - --test_rsa: ../apps/openssl$(EXE_EXT) trsa testrsa.pem -+test_rsa: - @sh ./trsa 2>/dev/null - ../util/shlib_wrap.sh ./$(RSATEST) - --test_crl: ../apps/openssl$(EXE_EXT) tcrl testcrl.pem -+test_crl: - @sh ./tcrl 2>/dev/null - --test_sid: ../apps/openssl$(EXE_EXT) tsid testsid.pem -+test_sid: - @sh ./tsid 2>/dev/null - --test_req: ../apps/openssl$(EXE_EXT) treq testreq.pem testreq2.pem -+test_req: - @sh ./treq 2>/dev/null - @sh ./treq testreq2.pem 2>/dev/null - --test_pkcs7: ../apps/openssl$(EXE_EXT) tpkcs7 tpkcs7d testp7.pem pkcs7-1.pem -+test_pkcs7: - @sh ./tpkcs7 2>/dev/null - @sh ./tpkcs7d 2>/dev/null - --test_bn: $(BNTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) bctest -+test_bn: - @echo starting big number library test, could take a while... - @../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest - @echo quit >>tmp.bntest -@@ -250,33 +250,33 @@ - @echo 'test a^b%c implementations' - ../util/shlib_wrap.sh ./$(EXPTEST) - --test_ec: $(ECTEST)$(EXE_EXT) -+test_ec: - @echo 'test elliptic curves' - ../util/shlib_wrap.sh ./$(ECTEST) - --test_ecdsa: $(ECDSATEST)$(EXE_EXT) -+test_ecdsa: - @echo 'test ecdsa' - ../util/shlib_wrap.sh ./$(ECDSATEST) - --test_ecdh: $(ECDHTEST)$(EXE_EXT) -+test_ecdh: - @echo 'test ecdh' - ../util/shlib_wrap.sh ./$(ECDHTEST) - --test_verify: ../apps/openssl$(EXE_EXT) -+test_verify: - @echo "The following command should have some OK's and some failures" - @echo "There are definitly a few expired certificates" - ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem - --test_dh: $(DHTEST)$(EXE_EXT) -+test_dh: - @echo "Generate a set of DH parameters" - ../util/shlib_wrap.sh ./$(DHTEST) - --test_dsa: $(DSATEST)$(EXE_EXT) -+test_dsa: - @echo "Generate a set of DSA parameters" - ../util/shlib_wrap.sh ./$(DSATEST) - ../util/shlib_wrap.sh ./$(DSATEST) -app2_1 - --test_gen testreq.pem: ../apps/openssl$(EXE_EXT) testgen test.cnf -+test_gen testreq.pem: - @echo "Generate and verify a certificate request" - @sh ./testgen - -@@ -288,13 +288,11 @@ - @cat certCA.ss certU.ss > intP1.ss - @cat certCA.ss certU.ss certP1.ss > intP2.ss - --test_engine: $(ENGINETEST)$(EXE_EXT) -+test_engine: - @echo "Manipulate the ENGINE structures" - ../util/shlib_wrap.sh ./$(ENGINETEST) - --test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \ -- intP1.ss intP2.ss $(SSLTEST)$(EXE_EXT) testssl testsslproxy \ -- ../apps/server2.pem serverinfo.pem -+test_ssl: - @echo "test SSL protocol" - @if [ -n "$(FIPSCANLIB)" ]; then \ - sh ./testfipsssl keyU.ss certU.ss certCA.ss; \ -@@ -304,7 +302,7 @@ - @sh ./testsslproxy keyP1.ss certP1.ss intP1.ss - @sh ./testsslproxy keyP2.ss certP2.ss intP2.ss - --test_ca: ../apps/openssl$(EXE_EXT) testca CAss.cnf Uss.cnf -+test_ca: - @if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \ - echo "skipping CA.sh test -- requires RSA"; \ - else \ -@@ -312,11 +310,11 @@ - sh ./testca; \ - fi - --test_aes: #$(AESTEST) -+test_aes: - # @echo "test Rijndael" - # ../util/shlib_wrap.sh ./$(AESTEST) - --test_tsa: ../apps/openssl$(EXE_EXT) testtsa CAtsa.cnf ../util/shlib_wrap.sh -+test_tsa: - @if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \ - echo "skipping testtsa test -- requires RSA"; \ - else \ -@@ -331,7 +329,7 @@ - @echo "Test JPAKE" - ../util/shlib_wrap.sh ./$(JPAKETEST) - --test_cms: ../apps/openssl$(EXE_EXT) cms-test.pl smcont.txt -+test_cms: - @echo "CMS consistency test" - $(PERL) cms-test.pl - -@@ -339,22 +337,22 @@ - @echo "Test SRP" - ../util/shlib_wrap.sh ./srptest - --test_ocsp: ../apps/openssl$(EXE_EXT) tocsp -+test_ocsp: - @echo "Test OCSP" - @sh ./tocsp - --test_v3name: $(V3NAMETEST)$(EXE_EXT) -+test_v3name: - @echo "Test X509v3_check_*" - ../util/shlib_wrap.sh ./$(V3NAMETEST) - - test_heartbeat: - ../util/shlib_wrap.sh ./$(HEARTBEATTEST) - --test_constant_time: $(CONSTTIMETEST)$(EXE_EXT) -+test_constant_time: - @echo "Test constant time utilites" - ../util/shlib_wrap.sh ./$(CONSTTIMETEST) - --test_verify_extra: $(VERIFYEXTRATEST)$(EXE_EXT) -+test_verify_extra: - @echo $(START) $@ - ../util/shlib_wrap.sh ./$(VERIFYEXTRATEST) - diff --git a/meta/recipes-connectivity/openssl/openssl/run-ptest b/meta/recipes-connectivity/openssl/openssl/run-ptest index 3b20fce1ee..3fb22471f8 100755..100644 --- a/meta/recipes-connectivity/openssl/openssl/run-ptest +++ b/meta/recipes-connectivity/openssl/openssl/run-ptest @@ -1,2 +1,12 @@ #!/bin/sh -make -k runtest + +set -e + +# Optional arguments are 'list' to lists all tests, or the test name (base name +# ie test_evp, not 03_test_evp.t). + +export TOP=. +# OPENSSL_ENGINES is relative from the test binaries +export OPENSSL_ENGINES=../engines + +perl ./test/run_tests.pl $* | perl -0pe 's#(.*) \.*.ok#PASS: \1#g; s#(.*) \.*.skipped: (.*)#SKIP: \1 (\2)#g; s#(.*) \.*.\nDubious#FAIL: \1#;' diff --git a/meta/recipes-connectivity/openssl/openssl/shared-libs.patch b/meta/recipes-connectivity/openssl/openssl/shared-libs.patch deleted file mode 100644 index a7ca0a3078..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/shared-libs.patch +++ /dev/null @@ -1,41 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - -Index: openssl-1.0.1e/crypto/Makefile -=================================================================== ---- openssl-1.0.1e.orig/crypto/Makefile -+++ openssl-1.0.1e/crypto/Makefile -@@ -108,7 +108,7 @@ $(LIB): $(LIBOBJ) - - shared: buildinf.h lib subdirs - if [ -n "$(SHARED_LIBS)" ]; then \ -- (cd ..; $(MAKE) $(SHARED_LIB)); \ -+ (cd ..; $(MAKE) -e $(SHARED_LIB)); \ - fi - - libs: -Index: openssl-1.0.1e/Makefile.org -=================================================================== ---- openssl-1.0.1e.orig/Makefile.org -+++ openssl-1.0.1e/Makefile.org -@@ -310,7 +310,7 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_ - - libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a - @if [ "$(SHLIB_TARGET)" != "" ]; then \ -- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ -+ $(MAKE) -e SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ - else \ - echo "There's no support for shared libraries on this platform" >&2; \ - exit 1; \ -Index: openssl-1.0.1e/ssl/Makefile -=================================================================== ---- openssl-1.0.1e.orig/ssl/Makefile -+++ openssl-1.0.1e/ssl/Makefile -@@ -62,7 +62,7 @@ lib: $(LIBOBJ) - - shared: lib - if [ -n "$(SHARED_LIBS)" ]; then \ -- (cd ..; $(MAKE) $(SHARED_LIB)); \ -+ (cd ..; $(MAKE) -e $(SHARED_LIB)); \ - fi - - files: diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb deleted file mode 100644 index 257e3cfc4b..0000000000 --- a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb +++ /dev/null @@ -1,58 +0,0 @@ -require openssl.inc - -# For target side versions of openssl enable support for OCF Linux driver -# if they are available. -DEPENDS += "cryptodev-linux" - -CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6" - -export DIRS = "crypto ssl apps engines" -export OE_LDFLAGS="${LDFLAGS}" - -SRC_URI += "file://find.pl;subdir=${BP}/util/ \ - file://run-ptest \ - file://openssl-c_rehash.sh \ - file://configure-targets.patch \ - file://shared-libs.patch \ - file://oe-ldflags.patch \ - file://engines-install-in-libdir-ssl.patch \ - file://debian1.0.2/block_diginotar.patch \ - file://debian1.0.2/block_digicert_malaysia.patch \ - file://debian/ca.patch \ - file://debian/c_rehash-compat.patch \ - file://debian/debian-targets.patch \ - file://debian/man-dir.patch \ - file://debian/man-section.patch \ - file://debian/no-rpath.patch \ - file://debian/no-symbolic.patch \ - file://debian/pic.patch \ - file://debian1.0.2/version-script.patch \ - file://openssl_fix_for_x32.patch \ - file://fix-cipher-des-ede3-cfb1.patch \ - file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \ - file://openssl-fix-des.pod-error.patch \ - file://Makefiles-ptest.patch \ - file://ptest-deps.patch \ - file://openssl-1.0.2a-x32-asm.patch \ - file://ptest_makefile_deps.patch \ - file://configure-musl-target.patch \ - file://parallel.patch \ - file://openssl-util-perlpath.pl-cwd.patch \ - " -SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b" -SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431" - -PACKAGES =+ "${PN}-engines" -FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines" - -# The crypto_use_bigint patch means that perl's bignum module needs to be -# installed, but some distributions (for example Fedora 23) don't ship it by -# default. As the resulting error is very misleading check for bignum before -# building. -do_configure_prepend() { - if ! perl -Mbigint -e true; then - bbfatal "The perl module 'bignum' was not found but this is required to build openssl. Please install this module (often packaged as perl-bignum) and re-run bitbake." - fi -} diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb new file mode 100644 index 0000000000..458ae7daf4 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb @@ -0,0 +1,209 @@ +SUMMARY = "Secure Socket Layer" +DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." +HOMEPAGE = "http://www.openssl.org/" +BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" +SECTION = "libs/network" + +# "openssl" here actually means both OpenSSL and SSLeay licenses apply +# (see meta/files/common-licenses/OpenSSL to which "openssl" is SPDXLICENSEMAPped) +LICENSE = "openssl" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8" + +DEPENDS = "hostperl-runtime-native" + +SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ + file://run-ptest \ + file://0001-skip-test_symbol_presence.patch \ + file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ + file://afalg.patch \ + file://CVE-2019-1551.patch \ + " + +SRC_URI_append_class-nativesdk = " \ + file://environment.d-openssl.sh \ + " + +SRC_URI[md5sum] = "3be209000dbc7e1b95bcdf47980a3baa" +SRC_URI[sha256sum] = "1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2" + +inherit lib_package multilib_header multilib_script ptest +MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" + +PACKAGECONFIG ?= "" +PACKAGECONFIG_class-native = "" +PACKAGECONFIG_class-nativesdk = "" + +PACKAGECONFIG[cryptodev-linux] = "enable-devcryptoeng,disable-devcryptoeng,cryptodev-linux" + +B = "${WORKDIR}/build" +do_configure[cleandirs] = "${B}" + +#| ./libcrypto.so: undefined reference to `getcontext' +#| ./libcrypto.so: undefined reference to `setcontext' +#| ./libcrypto.so: undefined reference to `makecontext' +EXTRA_OECONF_append_libc-musl = " no-async" +EXTRA_OECONF_append_libc-musl_powerpc64 = " no-asm" + +# adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions +# (native versions can be built with newer glibc, but then relocated onto a system with older glibc) +EXTRA_OECONF_class-native = "--with-rand-seed=os,devrandom" +EXTRA_OECONF_class-nativesdk = "--with-rand-seed=os,devrandom" + +# Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. +CFLAGS_append_class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" +CFLAGS_append_class-nativesdk = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" + +do_configure () { + os=${HOST_OS} + case $os in + linux-gnueabi |\ + linux-gnuspe |\ + linux-musleabi |\ + linux-muslspe |\ + linux-musl ) + os=linux + ;; + *) + ;; + esac + target="$os-${HOST_ARCH}" + case $target in + linux-arm*) + target=linux-armv4 + ;; + linux-aarch64*) + target=linux-aarch64 + ;; + linux-i?86 | linux-viac3) + target=linux-x86 + ;; + linux-gnux32-x86_64 | linux-muslx32-x86_64 ) + target=linux-x32 + ;; + linux-gnu64-x86_64) + target=linux-x86_64 + ;; + linux-mips | linux-mipsel) + # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags + target="linux-mips32 ${TARGET_CC_ARCH}" + ;; + linux-gnun32-mips*) + target=linux-mips64 + ;; + linux-*-mips64 | linux-mips64 | linux-*-mips64el | linux-mips64el) + target=linux64-mips64 + ;; + linux-microblaze* | linux-nios2* | linux-sh3 | linux-sh4 | linux-arc*) + target=linux-generic32 + ;; + linux-powerpc) + target=linux-ppc + ;; + linux-powerpc64) + target=linux-ppc64 + ;; + linux-riscv32) + target=linux-generic32 + ;; + linux-riscv64) + target=linux-generic64 + ;; + linux-sparc | linux-supersparc) + target=linux-sparcv9 + ;; + esac + + useprefix=${prefix} + if [ "x$useprefix" = "x" ]; then + useprefix=/ + fi + # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the + # environment variables set by bitbake. Adjust the environment variables instead. + PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \ + perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir} $target + perl ${B}/configdata.pm --dump +} + +do_install () { + oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install + + oe_multilib_header openssl/opensslconf.h + + # Create SSL structure for packages such as ca-certificates which + # contain hard-coded paths to /etc/ssl. Debian does the same. + install -d ${D}${sysconfdir}/ssl + mv ${D}${libdir}/ssl-1.1/certs \ + ${D}${libdir}/ssl-1.1/private \ + ${D}${libdir}/ssl-1.1/openssl.cnf \ + ${D}${sysconfdir}/ssl/ + + # Although absolute symlinks would be OK for the target, they become + # invalid if native or nativesdk are relocated from sstate. + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf +} + +do_install_append_class-native () { + create_wrapper ${D}${bindir}/openssl \ + OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \ + SSL_CERT_DIR=${libdir}/ssl-1.1/certs \ + SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \ + OPENSSL_ENGINES=${libdir}/engines-1.1 +} + +do_install_append_class-nativesdk () { + mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d + install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh + sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh +} + +PTEST_BUILD_HOST_FILES += "configdata.pm" +PTEST_BUILD_HOST_PATTERN = "perl_version =" +do_install_ptest () { + # Prune the build tree + rm -f ${B}/fuzz/*.* ${B}/test/*.* + + cp ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} + cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} + + # For test_shlibload + ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/ + ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/ + + install -d ${D}${PTEST_PATH}/apps + ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps + install -m644 ${S}/apps/*.pem ${S}/apps/*.srl ${S}/apps/openssl.cnf ${D}${PTEST_PATH}/apps + install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps + + install -d ${D}${PTEST_PATH}/engines + install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines +} + +# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto +# package RRECOMMENDS on this package. This will enable the configuration +# file to be installed for both the openssl-bin package and the libcrypto +# package since the openssl-bin package depends on the libcrypto package. + +PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc" + +FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" +FILES_libssl = "${libdir}/libssl${SOLIBS}" +FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" +FILES_${PN}-engines = "${libdir}/engines-1.1" +FILES_${PN}-misc = "${libdir}/ssl-1.1/misc" +FILES_${PN} =+ "${libdir}/ssl-1.1/*" +FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" + +CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" + +RRECOMMENDS_libcrypto += "openssl-conf" +RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash" + +BBCLASSEXTEND = "native nativesdk" + +CVE_PRODUCT = "openssl:openssl" + +# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37 +# Apache in meta-webserver is already recent enough +CVE_CHECK_WHITELIST += "CVE-2019-0190" diff --git a/meta/recipes-connectivity/portmap/portmap.inc b/meta/recipes-connectivity/portmap/portmap.inc deleted file mode 100644 index 338af33a38..0000000000 --- a/meta/recipes-connectivity/portmap/portmap.inc +++ /dev/null @@ -1,17 +0,0 @@ -SUMMARY = "RPC program number mapper" -HOMEPAGE = "http://neil.brown.name/portmap/" -SECTION = "console/network" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://portmap.c;beginline=2;endline=31;md5=51ff67e66ec84b2009b017b1f94afbf4 \ - file://from_local.c;beginline=9;endline=35;md5=1bec938a2268b8b423c58801ace3adc1" - -INITSCRIPT_NAME = "portmap" -INITSCRIPT_PARAMS = "start 10 2 3 4 5 . stop 32 0 1 6 ." - -inherit update-rc.d systemd - -SYSTEMD_SERVICE_${PN} = "portmap.service" - -PACKAGES =+ "portmap-utils" -FILES_portmap-utils = "${base_sbindir}/pmap_set ${base_sbindir}/pmap_dump" -FILES_${PN}-doc += "${docdir}" diff --git a/meta/recipes-connectivity/portmap/portmap/destdir-no-strip.patch b/meta/recipes-connectivity/portmap/portmap/destdir-no-strip.patch deleted file mode 100644 index 2fbf784b73..0000000000 --- a/meta/recipes-connectivity/portmap/portmap/destdir-no-strip.patch +++ /dev/null @@ -1,46 +0,0 @@ -Upstream-Status: Backport - -From: Mike Frysinger <vapier@gentoo.org> -Date: Sun, 13 May 2007 21:15:12 +0000 (-0400) -Subject: respect DESTDIR and dont use -s with install -X-Git-Url: http://neil.brown.name/git?p=portmap;a=commitdiff_plain;h=603c59b978c04df2354f68d4a2dc676a758ff46d - -respect DESTDIR and dont use -s with install - -$(DESTDIR) is the standard for installing into other trees, not $(BASEDIR) ... -so I've converted the Makefile to use that. I've also left in $(BASEDIR) as a -default to support old installs; not sure if you'd just cut it. - -Stripping should be left to the person to handle, not automatically done by -the install step. Also, `install -s` always calls `strip` which is -wrong/undesired in cross-compiling scenarios. - -Signed-off-by: Mike Frysinger <vapier@gentoo.org> -Signed-off-by: Neil Brown <neilb@suse.de> ---- - -diff --git a/Makefile b/Makefile -index 9e9a4b4..5343428 100644 ---- a/Makefile -+++ b/Makefile -@@ -135,13 +135,14 @@ from_local: CPPFLAGS += -DTEST - portmap.man : portmap.8 - sed $(MAN_SED) < portmap.8 > portmap.man - -+DESTDIR = $(BASEDIR) - install: all -- install -o root -g root -m 0755 -s portmap ${BASEDIR}/sbin -- install -o root -g root -m 0755 -s pmap_dump ${BASEDIR}/sbin -- install -o root -g root -m 0755 -s pmap_set ${BASEDIR}/sbin -- install -o root -g root -m 0644 portmap.man ${BASEDIR}/usr/share/man/man8/portmap.8 -- install -o root -g root -m 0644 pmap_dump.8 ${BASEDIR}/usr/share/man/man8 -- install -o root -g root -m 0644 pmap_set.8 ${BASEDIR}/usr/share/man/man8 -+ install -o root -g root -m 0755 portmap $(DESTDIR)/sbin -+ install -o root -g root -m 0755 pmap_dump $(DESTDIR)/sbin -+ install -o root -g root -m 0755 pmap_set $(DESTDIR)/sbin -+ install -o root -g root -m 0644 portmap.man $(DESTDIR)/usr/share/man/man8/portmap.8 -+ install -o root -g root -m 0644 pmap_dump.8 $(DESTDIR)/usr/share/man/man8 -+ install -o root -g root -m 0644 pmap_set.8 $(DESTDIR)/usr/share/man/man8 - - clean: - rm -f *.o portmap pmap_dump pmap_set from_local \ diff --git a/meta/recipes-connectivity/portmap/portmap/portmap.init b/meta/recipes-connectivity/portmap/portmap/portmap.init deleted file mode 100755 index 621aa171ae..0000000000 --- a/meta/recipes-connectivity/portmap/portmap/portmap.init +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/sh -# -### BEGIN INIT INFO -# Provides: portmap -# Required-Start: $network -# Required-Stop: $network -# Default-Start: S 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: The RPC portmapper -# Description: Portmap is a server that converts RPC (Remote -# Procedure Call) program numbers into DARPA -# protocol port numbers. It must be running in -# order to make RPC calls. Services that use -# RPC include NFS and NIS. -### END INIT INFO - -test -f /sbin/portmap || exit 0 - -case "$1" in - start) - echo "Starting portmap daemon..." - start-stop-daemon --start --quiet --exec /sbin/portmap - - if [ -f /var/run/portmap.upgrade-state ]; then - echo "Restoring old RPC service information..." - sleep 1 # needs a short pause or pmap_set won't work. :( - pmap_set </var/run/portmap.upgrade-state - rm -f /var/run/portmap.upgrade-state - echo "done." - fi - - ;; - stop) - echo "Stopping portmap daemon..." - start-stop-daemon --stop --quiet --exec /sbin/portmap - ;; - reload) - ;; - force-reload) - $0 restart - ;; - restart) - # pmap_dump and pmap_set may be in a different package and not installed... - if [ -f /sbin/pmap_dump -a -f /sbin/pmap_set ]; then - do_state=1 - else - do_state=0 - fi - [ $do_state -eq 1 ] && pmap_dump >/var/run/portmap.state - $0 stop - $0 start - if [ $do_state -eq 1 ]; then - if [ ! -f /var/run/portmap.upgrade-state ]; then - sleep 1 - pmap_set </var/run/portmap.state - fi - rm -f /var/run/portmap.state - fi - ;; - *) - echo "Usage: /etc/init.d/portmap {start|stop|reload|restart}" - exit 1 - ;; -esac - -exit 0 - diff --git a/meta/recipes-connectivity/portmap/portmap/portmap.service b/meta/recipes-connectivity/portmap/portmap/portmap.service deleted file mode 100644 index 7ef9d7b02e..0000000000 --- a/meta/recipes-connectivity/portmap/portmap/portmap.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=The RPC portmapper -After=network.target - -[Service] -Type=forking -ExecStart=@BASE_SBINDIR@/portmap - -[Install] -WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/portmap/portmap/tcpd-config.patch b/meta/recipes-connectivity/portmap/portmap/tcpd-config.patch deleted file mode 100644 index 2f25058095..0000000000 --- a/meta/recipes-connectivity/portmap/portmap/tcpd-config.patch +++ /dev/null @@ -1,30 +0,0 @@ -Upstream-Status: Backport - -From: Mike Frysinger <vapier@gentoo.org> -Date: Sun, 13 May 2007 21:17:32 +0000 (-0400) -Subject: fix building with tcpd support disabled -X-Git-Url: http://neil.brown.name/git?p=portmap;a=commitdiff_plain;h=7847207aed1b44faf077eed14a9ac9c68244eba5 - -fix building with tcpd support disabled - -Make sure pmap_check.c only includes tcpd.h when HOSTS_ACCESS is defined. - -Signed-off-by: Timothy Redaelli <drizzt@gentoo.org> -Signed-off-by: Mike Frysinger <vapier@gentoo.org> -Signed-off-by: Neil Brown <neilb@suse.de> ---- - -diff --git a/pmap_check.c b/pmap_check.c -index 84f2c12..443a822 100644 ---- a/pmap_check.c -+++ b/pmap_check.c -@@ -44,7 +44,9 @@ - #include <netinet/in.h> - #include <rpc/rpcent.h> - #endif -+#ifdef HOSTS_ACCESS - #include <tcpd.h> -+#endif - #include <arpa/inet.h> - #include <grp.h> - diff --git a/meta/recipes-connectivity/portmap/portmap_6.0.bb b/meta/recipes-connectivity/portmap/portmap_6.0.bb deleted file mode 100644 index 999b4a9374..0000000000 --- a/meta/recipes-connectivity/portmap/portmap_6.0.bb +++ /dev/null @@ -1,35 +0,0 @@ -require portmap.inc - -DEPENDS_append_libc-musl = " libtirpc " - -PR = "r9" - -SRC_URI = "http://www.sourcefiles.org/Networking/Tools/Miscellanenous/portmap-6.0.tgz \ - file://destdir-no-strip.patch \ - file://tcpd-config.patch \ - file://portmap.init \ - file://portmap.service" - -SRC_URI[md5sum] = "ac108ab68bf0f34477f8317791aaf1ff" -SRC_URI[sha256sum] = "02c820d39f3e6e729d1bea3287a2d8a6c684f1006fb9612f97dcad4a281d41de" - -S = "${WORKDIR}/${BPN}_${PV}/" - -PACKAGECONFIG ??= "tcp-wrappers" -PACKAGECONFIG[tcp-wrappers] = ",,tcp-wrappers" - -CPPFLAGS += "-DFACILITY=LOG_DAEMON -DENABLE_DNS -DHOSTS_ACCESS" -CFLAGS += "-Wall -Wstrict-prototypes -fPIC" -EXTRA_OEMAKE += "'NO_TCP_WRAPPER=${@bb.utils.contains('PACKAGECONFIG', 'tcp-wrappers', '', '1', d)}'" -CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc " -LDFLAGS_append_libc-musl = " -ltirpc " - -do_install() { - install -d ${D}${mandir}/man8/ ${D}${base_sbindir} ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/portmap.init ${D}${sysconfdir}/init.d/portmap - oe_runmake install DESTDIR=${D} - - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/portmap.service ${D}${systemd_unitdir}/system - sed -i -e 's,@BASE_SBINDIR@,${base_sbindir},g' ${D}${systemd_unitdir}/system/portmap.service -} diff --git a/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb b/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb index 51a76b4299..b5f68951d7 100644 --- a/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb +++ b/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb @@ -4,8 +4,7 @@ DEPENDS = "ppp" RDEPENDS_${PN} = "ppp" PR = "r8" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ - file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" SRC_URI = "file://host-peer \ file://ppp-dialin" diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch index 8aa2d2e678..ea4969b366 100644 --- a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch +++ b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch @@ -3,34 +3,14 @@ From: Lu Chong <Chong.Lu@windriver.com> Date: Tue, 5 Nov 2013 17:32:56 +0800 Subject: [PATCH] ppp: Fix compilation errors in Makefile -This patch fixes below issues: - -1. Make can't exit while compilation error occurs in subdir for plugins building. - -2. If build ppp with newer kernel (3.10.10), it will pick 'if_pppox.h' from sysroot-dir and - 'if_pppol2tp.h' from its own source dir, this cause below build errors: - - bitbake_build/tmp/sysroots/intel-x86-64/usr/include/linux/if_pppox.h:84:26: - error: field 'pppol2tp' has incomplete type - struct pppol2tpin6_addr pppol2tp; - ^ - bitbake_build/tmp/sysroots/intel-x86-64/usr/include/linux/if_pppox.h:99:28: - error: field 'pppol2tp' has incomplete type - struct pppol2tpv3in6_addr pppol2tp; - ^ - -The 'sysroot-dir/if_pppox.h' enabled ipv6 support but the 'source-dir/if_pppol2tp.h' lost -related structure definitions, we should use both header files from sysroots to fix this -build failure. +Make can't exit while compilation error occurs in subdir for plugins building. Upstream-Status: Pending Signed-off-by: Lu Chong <Chong.Lu@windriver.com> --- - pppd/plugins/Makefile.linux | 2 +- - pppd/plugins/pppol2tp/Makefile.linux | 2 +- - pppd/plugins/rp-pppoe/Makefile.linux | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) + pppd/plugins/Makefile.linux | 1 +- + 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux index 0a7ec7b..2a2c15a 100644 @@ -45,31 +25,6 @@ index 0a7ec7b..2a2c15a 100644 %.so: %.c $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^ -diff --git a/pppd/plugins/pppol2tp/Makefile.linux b/pppd/plugins/pppol2tp/Makefile.linux -index 19eff67..feb2f52 100644 ---- a/pppd/plugins/pppol2tp/Makefile.linux -+++ b/pppd/plugins/pppol2tp/Makefile.linux -@@ -1,6 +1,6 @@ - #CC = gcc - COPTS = -O2 -g --CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC -+CFLAGS = $(COPTS) -I. -I../.. -fPIC - LDFLAGS = -shared - INSTALL = install - -diff --git a/pppd/plugins/rp-pppoe/Makefile.linux b/pppd/plugins/rp-pppoe/Makefile.linux -index f078991..15b9118 100644 ---- a/pppd/plugins/rp-pppoe/Makefile.linux -+++ b/pppd/plugins/rp-pppoe/Makefile.linux -@@ -26,7 +26,7 @@ INSTALL = install - RP_VERSION=3.8p - - COPTS=-O2 -g --CFLAGS=$(COPTS) -I../../../include '-DRP_VERSION="$(RP_VERSION)"' -+CFLAGS=$(COPTS) '-DRP_VERSION="$(RP_VERSION)"' - all: rp-pppoe.so pppoe-discovery - - pppoe-discovery: pppoe-discovery.o debug.o -- 1.7.9.5 diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch new file mode 100644 index 0000000000..a32f89fbc8 --- /dev/null +++ b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch @@ -0,0 +1,43 @@ +commit cd90fd147844a0cfec101f1e2db7a3c59d236621 +Author: Jussi Kukkonen <jussi.kukkonen@intel.com> +Date: Wed Dec 28 14:11:22 2016 +0200 + +pppol2tp plugin: Remove unneeded include + +The include is not required and will break compile on musl libc with + +| In file included from pppol2tp.c:34:0: +| /usr/include/linux/if.h:97:2: error: expected identifier before numeric constant +| IFF_LOWER_UP = 1<<16, /* __volatile__ */ + +Patch originally from Khem Raj. + +Upstream-Status: Pending [https://github.com/paulusmack/ppp/issues/73] +Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> + +diff --git a/pppd/plugins/pppol2tp/openl2tp.c b/pppd/plugins/pppol2tp/openl2tp.c +index 9643b96..458316b 100644 +--- a/pppd/plugins/pppol2tp/openl2tp.c ++++ b/pppd/plugins/pppol2tp/openl2tp.c +@@ -47,7 +47,6 @@ + #include <linux/if_ether.h> + #include <linux/ppp_defs.h> + #include <linux/if_ppp.h> +-#include <linux/if_pppox.h> + #include <linux/if_pppol2tp.h> + + #include "l2tp_event.h" +diff --git a/pppd/plugins/pppol2tp/pppol2tp.c b/pppd/plugins/pppol2tp/pppol2tp.c +index 0e28606..4f6d98c 100644 +--- a/pppd/plugins/pppol2tp/pppol2tp.c ++++ b/pppd/plugins/pppol2tp/pppol2tp.c +@@ -46,7 +46,6 @@ + #include <linux/if_ether.h> + #include <linux/ppp_defs.h> + #include <linux/if_ppp.h> +-#include <linux/if_pppox.h> + #include <linux/if_pppol2tp.h> + + /* should be added to system's socket.h... */ +--- + diff --git a/meta/recipes-connectivity/ppp/ppp/0001-pppoe-include-netinet-in.h-before-linux-in.h.patch b/meta/recipes-connectivity/ppp/ppp/0001-pppoe-include-netinet-in.h-before-linux-in.h.patch new file mode 100644 index 0000000000..9362d12648 --- /dev/null +++ b/meta/recipes-connectivity/ppp/ppp/0001-pppoe-include-netinet-in.h-before-linux-in.h.patch @@ -0,0 +1,54 @@ +From 50a2997b256e0e0ef7a46fae133f56f60fce539c Mon Sep 17 00:00:00 2001 +From: Lubomir Rintel <lkundrak@v3.sk> +Date: Mon, 9 Jan 2017 13:34:23 +0000 +Subject: [PATCH] pppoe: include netinet/in.h before linux/in.h + +This fixes builds with newer kernels. Basically, <netinet/in.h> needs to be +included before <linux/in.h> otherwise the earlier, unaware of the latter, +tries to redefine symbols and structures. Also, <linux/if_pppox.h> doesn't work +alone anymore, since it pulls the headers in the wrong order, so we better +include <netinet/in.h> early. + +Upstream-Status: Backport +[https://github.com/paulusmack/ppp/commit/50a2997b256e0e0ef7a46fae133f56f60fce539c] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + pppd/plugins/rp-pppoe/pppoe.h | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h +index 9ab2eee..c4aaa6e 100644 +--- a/pppd/plugins/rp-pppoe/pppoe.h ++++ b/pppd/plugins/rp-pppoe/pppoe.h +@@ -47,6 +47,10 @@ + #include <sys/socket.h> + #endif + ++/* This has to be included before Linux 4.8's linux/in.h ++ * gets dragged in. */ ++#include <netinet/in.h> ++ + /* Ugly header files on some Linux boxes... */ + #if defined(HAVE_LINUX_IF_H) + #include <linux/if.h> +@@ -84,8 +88,6 @@ typedef unsigned long UINT32_t; + #include <linux/if_ether.h> + #endif + +-#include <netinet/in.h> +- + #ifdef HAVE_NETINET_IF_ETHER_H + #include <sys/types.h> + +@@ -98,7 +100,6 @@ typedef unsigned long UINT32_t; + #endif + + +- + /* Ethernet frame types according to RFC 2516 */ + #define ETH_PPPOE_DISCOVERY 0x8863 + #define ETH_PPPOE_SESSION 0x8864 +-- +2.7.4 + diff --git a/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch b/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch index db4dbc27a9..7dd69d8f4d 100644 --- a/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch +++ b/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch @@ -4,10 +4,11 @@ Rebased it to fit ppp-2.4.5. Dongxiao Xu <dongxiao.xu@intel.com> Upstream-Status: Inappropriate [debian/suse patches] -diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c ---- ppp-2.4.5-orig/pppd/ipcp.c 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/pppd/ipcp.c 2010-06-30 16:40:00.478716855 +0800 -@@ -198,6 +198,16 @@ +Index: ppp-2.4.7/pppd/ipcp.c +=================================================================== +--- ppp-2.4.7.orig/pppd/ipcp.c ++++ ppp-2.4.7/pppd/ipcp.c +@@ -198,6 +198,16 @@ static option_t ipcp_option_list[] = { "disable defaultroute option", OPT_ALIAS | OPT_A2CLR, &ipcp_wantoptions[0].default_route }, @@ -24,7 +25,7 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, -@@ -271,7 +281,7 @@ +@@ -271,7 +281,7 @@ struct protent ipcp_protent = { ip_active_pkt }; @@ -33,7 +34,7 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c static void ipcp_script __P((char *, int)); /* Run an up/down script */ static void ipcp_script_done __P((void *)); -@@ -1742,7 +1752,12 @@ +@@ -1761,7 +1771,12 @@ ip_demand_conf(u) if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) return 0; if (wo->default_route) @@ -46,7 +47,7 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c default_route_set[u] = 1; if (wo->proxy_arp) if (sifproxyarp(u, wo->hisaddr)) -@@ -1830,7 +1845,8 @@ +@@ -1849,7 +1864,8 @@ ipcp_up(f) */ if (demand) { if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { @@ -56,7 +57,7 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c if (go->ouraddr != wo->ouraddr) { warn("Local IP address changed to %I", go->ouraddr); script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); -@@ -1855,7 +1871,12 @@ +@@ -1874,7 +1890,12 @@ ipcp_up(f) /* assign a default route through the interface if required */ if (ipcp_wantoptions[f->unit].default_route) @@ -69,7 +70,7 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c default_route_set[f->unit] = 1; /* Make a proxy ARP entry if requested. */ -@@ -1905,7 +1926,12 @@ +@@ -1924,7 +1945,12 @@ ipcp_up(f) /* assign a default route through the interface if required */ if (ipcp_wantoptions[f->unit].default_route) @@ -82,7 +83,7 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c default_route_set[f->unit] = 1; /* Make a proxy ARP entry if requested. */ -@@ -1983,7 +2009,7 @@ +@@ -2002,7 +2028,7 @@ ipcp_down(f) sifnpmode(f->unit, PPP_IP, NPMODE_DROP); sifdown(f->unit); ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, @@ -91,7 +92,7 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c } /* Execute the ip-down script */ -@@ -1999,12 +2025,21 @@ +@@ -2018,12 +2044,21 @@ ipcp_down(f) * proxy arp entries, etc. */ static void @@ -115,10 +116,11 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c cifproxyarp(unit, hisaddr); proxy_arp_set[unit] = 0; } -diff -urN ppp-2.4.5-orig/pppd/ipcp.h ppp-2.4.5/pppd/ipcp.h ---- ppp-2.4.5-orig/pppd/ipcp.h 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/ipcp.h 2010-06-30 16:40:49.586203129 +0800 -@@ -70,6 +70,7 @@ +Index: ppp-2.4.7/pppd/ipcp.h +=================================================================== +--- ppp-2.4.7.orig/pppd/ipcp.h ++++ ppp-2.4.7/pppd/ipcp.h +@@ -70,6 +70,7 @@ typedef struct ipcp_options { bool old_addrs; /* Use old (IP-Addresses) option? */ bool req_addr; /* Ask peer to send IP address? */ bool default_route; /* Assign default route through interface? */ @@ -126,10 +128,11 @@ diff -urN ppp-2.4.5-orig/pppd/ipcp.h ppp-2.4.5/pppd/ipcp.h bool proxy_arp; /* Make proxy ARP entry for peer? */ bool neg_vj; /* Van Jacobson Compression? */ bool old_vj; /* use old (short) form of VJ option? */ -diff -urN ppp-2.4.5-orig/pppd/pppd.8 ppp-2.4.5/pppd/pppd.8 ---- ppp-2.4.5-orig/pppd/pppd.8 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/pppd.8 2010-06-30 16:42:47.102413859 +0800 -@@ -121,6 +121,13 @@ +Index: ppp-2.4.7/pppd/pppd.8 +=================================================================== +--- ppp-2.4.7.orig/pppd/pppd.8 ++++ ppp-2.4.7/pppd/pppd.8 +@@ -121,6 +121,13 @@ the gateway, when IPCP negotiation is su This entry is removed when the PPP connection is broken. This option is privileged if the \fInodefaultroute\fR option has been specified. .TP @@ -143,7 +146,7 @@ diff -urN ppp-2.4.5-orig/pppd/pppd.8 ppp-2.4.5/pppd/pppd.8 .B disconnect \fIscript Execute the command specified by \fIscript\fR, by passing it to a shell, after -@@ -717,7 +724,12 @@ +@@ -734,7 +741,12 @@ disable both forms of hardware flow cont .TP .B nodefaultroute Disable the \fIdefaultroute\fR option. The system administrator who @@ -157,10 +160,11 @@ diff -urN ppp-2.4.5-orig/pppd/pppd.8 ppp-2.4.5/pppd/pppd.8 can do so by placing this option in the /etc/ppp/options file. .TP .B nodeflate -diff -urN ppp-2.4.5-orig/pppd/pppd.h ppp-2.4.5/pppd/pppd.h ---- ppp-2.4.5-orig/pppd/pppd.h 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/pppd/pppd.h 2010-06-30 16:43:36.514148327 +0800 -@@ -643,7 +643,11 @@ +Index: ppp-2.4.7/pppd/pppd.h +=================================================================== +--- ppp-2.4.7.orig/pppd/pppd.h ++++ ppp-2.4.7/pppd/pppd.h +@@ -665,7 +665,11 @@ int sif6addr __P((int, eui64_t, eui64_t int cif6addr __P((int, eui64_t, eui64_t)); /* Remove an IPv6 address from i/f */ #endif @@ -172,19 +176,20 @@ diff -urN ppp-2.4.5-orig/pppd/pppd.h ppp-2.4.5/pppd/pppd.h /* Create default route through i/f */ int cifdefaultroute __P((int, u_int32_t, u_int32_t)); /* Delete default route through i/f */ -diff -urN ppp-2.4.5-orig/pppd/sys-linux.c ppp-2.4.5/pppd/sys-linux.c ---- ppp-2.4.5-orig/pppd/sys-linux.c 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/pppd/sys-linux.c 2010-06-30 16:54:00.362716231 +0800 -@@ -206,6 +206,8 @@ - +Index: ppp-2.4.7/pppd/sys-linux.c +=================================================================== +--- ppp-2.4.7.orig/pppd/sys-linux.c ++++ ppp-2.4.7/pppd/sys-linux.c +@@ -207,6 +207,8 @@ static unsigned char inbuf[512]; /* buff static int if_is_up; /* Interface has been marked up */ + static int if6_is_up; /* Interface has been marked up for IPv6, to help differentiate */ static int have_default_route; /* Gateway for default route added */ +static struct rtentry old_def_rt; /* Old default route */ +static int default_rt_repl_rest; /* replace and restore old default rt */ static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ static char proxy_arp_dev[16]; /* Device for proxy arp entry */ static u_int32_t our_old_addr; /* for detecting address changes */ -@@ -1537,6 +1539,9 @@ +@@ -1545,6 +1547,9 @@ static int read_route_table(struct rtent p = NULL; } @@ -194,7 +199,7 @@ diff -urN ppp-2.4.5-orig/pppd/sys-linux.c ppp-2.4.5/pppd/sys-linux.c SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); -@@ -1606,20 +1611,51 @@ +@@ -1614,20 +1619,51 @@ int have_route_to(u_int32_t addr) /******************************************************************** * * sifdefaultroute - assign a default route through the address given. @@ -260,7 +265,7 @@ diff -urN ppp-2.4.5-orig/pppd/sys-linux.c ppp-2.4.5/pppd/sys-linux.c } memset (&rt, 0, sizeof (rt)); -@@ -1638,6 +1674,12 @@ +@@ -1646,6 +1682,12 @@ int sifdefaultroute (int unit, u_int32_t error("default route ioctl(SIOCADDRT): %m"); return 0; } @@ -273,7 +278,7 @@ diff -urN ppp-2.4.5-orig/pppd/sys-linux.c ppp-2.4.5/pppd/sys-linux.c have_default_route = 1; return 1; -@@ -1673,6 +1715,16 @@ +@@ -1681,6 +1723,16 @@ int cifdefaultroute (int unit, u_int32_t return 0; } } diff --git a/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch b/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch index d59717ebd3..8a69396cc7 100644 --- a/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch +++ b/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch @@ -6,10 +6,11 @@ Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Upstream-Status: Inappropriate [configuration] -diff -urN ppp-2.4.5-orig/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux ---- ppp-2.4.5-orig/pppd/Makefile.linux 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/Makefile.linux 2010-06-30 17:08:21.806363042 +0800 -@@ -117,10 +117,10 @@ +Index: ppp-2.4.7/pppd/Makefile.linux +=================================================================== +--- ppp-2.4.7.orig/pppd/Makefile.linux ++++ ppp-2.4.7/pppd/Makefile.linux +@@ -120,10 +120,10 @@ CFLAGS += -DHAS_SHADOW #LIBS += -lshadow $(LIBS) endif @@ -20,9 +21,9 @@ diff -urN ppp-2.4.5-orig/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux -endif +#endif - ifdef NEEDDES - ifndef USE_CRYPT -@@ -169,10 +169,10 @@ + ifdef USE_LIBUTIL + CFLAGS += -DHAVE_LOGWTMP=1 +@@ -177,10 +177,10 @@ LIBS += -ldl endif ifdef FILTER diff --git a/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch b/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch new file mode 100644 index 0000000000..e53f240543 --- /dev/null +++ b/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch @@ -0,0 +1,84 @@ +Used openssl for the DES instead of the libcrypt / glibc + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +Index: ppp-2.4.7/pppd/Makefile.linux +=================================================================== +--- ppp-2.4.7.orig/pppd/Makefile.linux ++++ ppp-2.4.7/pppd/Makefile.linux +@@ -38,7 +38,7 @@ LIBS = + # Uncomment the next 2 lines to include support for Microsoft's + # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux. + CHAPMS=y +-USE_CRYPT=y ++#USE_CRYPT=y + # Don't use MSLANMAN unless you really know what you're doing. + #MSLANMAN=y + # Uncomment the next line to include support for MPPE. CHAPMS (above) must +@@ -132,7 +132,7 @@ endif + + ifdef NEEDDES + ifndef USE_CRYPT +-LIBS += -ldes $(LIBS) ++LIBS += -lcrypto + else + CFLAGS += -DUSE_CRYPT=1 + endif +Index: ppp-2.4.7/pppd/pppcrypt.c +=================================================================== +--- ppp-2.4.7.orig/pppd/pppcrypt.c ++++ ppp-2.4.7/pppd/pppcrypt.c +@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key w + des_key[7] = Get7Bits(key, 49); + + #ifndef USE_CRYPT +- des_set_odd_parity((des_cblock *)des_key); ++ DES_set_odd_parity((DES_cblock *)des_key); + #endif + } + +@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */ + } + + #else /* USE_CRYPT */ +-static des_key_schedule key_schedule; ++static DES_key_schedule key_schedule; + + bool + DesSetkey(key) + u_char *key; + { +- des_cblock des_key; ++ DES_cblock des_key; + MakeKey(key, des_key); +- des_set_key(&des_key, key_schedule); ++ DES_set_key(&des_key, &key_schedule); + return (1); + } + + bool +-DesEncrypt(clear, key, cipher) ++DesEncrypt(clear, cipher) + u_char *clear; /* IN 8 octets */ + u_char *cipher; /* OUT 8 octets */ + { +- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, +- key_schedule, 1); ++ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher, ++ &key_schedule, 1); + return (1); + } + +@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear) + u_char *cipher; /* IN 8 octets */ + u_char *clear; /* OUT 8 octets */ + { +- des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear, +- key_schedule, 0); ++ DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear, ++ &key_schedule, 0); + return (1); + } + diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb index 4437b5c519..644cde4562 100644 --- a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb +++ b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb @@ -4,14 +4,14 @@ the Point-to-Point Protocol (PPP) on Linux and Solaris systems." SECTION = "console/network" HOMEPAGE = "http://samba.org/ppp/" BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs" -DEPENDS = "libpcap" +DEPENDS = "libpcap openssl virtual/crypt" LICENSE = "BSD & GPLv2+ & LGPLv2+ & PD" LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \ file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \ file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 \ file://chat/chat.c;beginline=1;endline=15;md5=0d374b8545ee5c62d7aff1acbd38add2" -SRC_URI = "http://ppp.samba.org/ftp/ppp/ppp-${PV}.tar.gz \ +SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \ file://makefile.patch \ file://cifdefroute.patch \ file://pppd-resolv-varrun.patch \ @@ -30,6 +30,9 @@ SRC_URI = "http://ppp.samba.org/ftp/ppp/ppp-${PV}.tar.gz \ file://0001-ppp-Fix-compilation-errors-in-Makefile.patch \ file://ppp@.service \ file://fix-CVE-2015-3310.patch \ + file://0001-pppoe-include-netinet-in.h-before-linux-in.h.patch \ + file://0001-ppp-Remove-unneeded-include.patch \ + file://ppp-2.4.7-DES-openssl.patch \ " SRC_URI_append_libc-musl = "\ @@ -47,7 +50,7 @@ EXTRA_OECONF = "--disable-strip" # Package Makefile computes CFLAGS, referencing COPTS. # Typically hard-coded to '-O2 -g' in the Makefile's. # -EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${S}/include"' +EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${STAGING_INCDIR}/openssl -I${S}/include"' do_configure () { oe_runconf @@ -78,6 +81,10 @@ do_install_append () { chmod u+s ${D}${sbindir}/pppd } +do_install_append_libc-musl () { + install -Dm 0644 ${S}/include/net/ppp_defs.h ${D}${includedir}/net/ppp_defs.h +} + CONFFILES_${PN} = "${sysconfdir}/ppp/pap-secrets ${sysconfdir}/ppp/chap-secrets ${sysconfdir}/ppp/options" PACKAGES =+ "${PN}-oa ${PN}-oe ${PN}-radius ${PN}-winbind ${PN}-minconn ${PN}-password ${PN}-l2tp ${PN}-tools" FILES_${PN} = "${sysconfdir} ${bindir} ${sbindir}/chat ${sbindir}/pppd ${systemd_unitdir}/system/ppp@.service" diff --git a/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch b/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch deleted file mode 100644 index c0e27f3d78..0000000000 --- a/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch +++ /dev/null @@ -1,52 +0,0 @@ -From fb10ab134d630705cae0c7be42437cc289af7d32 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Tue, 15 Mar 2016 21:36:02 +0000 -Subject: [PATCH] Use __c_ispeed and __c_ospeed on musl - -Original intention of these asserts is to find if termios structure -is mapped correctly to locally define union, the get* APIs for -baudrate would not do the right thing since they do not return the -value from c_ospeed/c_ispeed but the value which is stored in iflag -for baudrate. - -So we check if we are on Linux but not using glibc then we use -__c_ispeed and __c_ospeed as defined in musl, however these are -internal elements of structs it should not have been used this -way. - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- -Upstream-Status: Pending - - xioinitialize.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/xioinitialize.c b/xioinitialize.c -index 9f50155..8fb2e4c 100644 ---- a/xioinitialize.c -+++ b/xioinitialize.c -@@ -65,6 +65,12 @@ int xioinitialize(void) { - #if HAVE_TERMIOS_ISPEED && (ISPEED_OFFSET != -1) && (OSPEED_OFFSET != -1) - #if defined(ISPEED_OFFSET) && (ISPEED_OFFSET != -1) - #if defined(OSPEED_OFFSET) && (OSPEED_OFFSET != -1) -+#if defined(__linux__) && !defined(__GLIBC__) -+ tdata.termarg.__c_ispeed = 0x56789abc; -+ tdata.termarg.__c_ospeed = 0x6789abcd; -+ assert(tdata.termarg.__c_ispeed == tdata.speeds[ISPEED_OFFSET]); -+ assert(tdata.termarg.__c_ospeed == tdata.speeds[OSPEED_OFFSET]); -+#else - tdata.termarg.c_ispeed = 0x56789abc; - tdata.termarg.c_ospeed = 0x6789abcd; - assert(tdata.termarg.c_ispeed == tdata.speeds[ISPEED_OFFSET]); -@@ -72,6 +78,7 @@ int xioinitialize(void) { - #endif - #endif - #endif -+#endif - } - #endif - --- -2.8.0 - diff --git a/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch b/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch deleted file mode 100644 index 4bbd36766d..0000000000 --- a/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch +++ /dev/null @@ -1,32 +0,0 @@ -From e6a7d96fa3675bdd3f4d7a3d7682381789eef22f Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 15 Feb 2016 20:25:34 +0000 -Subject: [PATCH] define NETDB_INTERNAL to -1 if not available - -helps build with musl - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending - - compat.h | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/compat.h b/compat.h -index c8bee4d..bfb013a 100644 ---- a/compat.h -+++ b/compat.h -@@ -666,6 +666,10 @@ typedef int sig_atomic_t; - # define NETDB_INTERNAL h_NETDB_INTERNAL - #endif - -+#if !defined(NETDB_INTERNAL) -+# define NETDB_INTERNAL (-1) -+#endif -+ - #ifndef INET_ADDRSTRLEN - # define INET_ADDRSTRLEN sizeof(struct sockaddr_in) - #endif --- -2.7.1 - diff --git a/meta/recipes-connectivity/socat/socat/Makefile.in-fix-for-parallel-build.patch b/meta/recipes-connectivity/socat/socat/Makefile.in-fix-for-parallel-build.patch deleted file mode 100644 index aa4db65a79..0000000000 --- a/meta/recipes-connectivity/socat/socat/Makefile.in-fix-for-parallel-build.patch +++ /dev/null @@ -1,35 +0,0 @@ -From c6f0080b55679b6e8b5d332d6e05fdcbda1e4064 Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Mon, 4 May 2015 00:58:47 -0700 -Subject: [PATCH] Makefile.in: fix for parallel build - -Fixed: -vsnprintf_r.o: file not recognized: File truncated -collect2: error: ld returned 3 exit status -Makefile:122: recipe for target 'filan' failed - -Let filan depend on vsnprintf_r.o and snprinterr.o to fix the issue. - -Upstream-Status: Pending - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - Makefile.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile.in b/Makefile.in -index f2a6edb..88b784b 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -118,7 +118,7 @@ PROCAN_OBJS=procan_main.o procan.o procan-cdefs.o hostan.o error.o sycls.o sysut - procan: $(PROCAN_OBJS) - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(PROCAN_OBJS) $(CLIBS) - --filan: filan_main.o filan.o fdname.o error.o sycls.o sysutils.o utils.o -+filan: filan_main.o filan.o fdname.o error.o sycls.o sysutils.o utils.o vsnprintf_r.o snprinterr.o - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ filan_main.o filan.o fdname.o error.o sycls.o sysutils.o utils.o vsnprintf_r.o snprinterr.o $(CLIBS) - - libxio.a: $(XIOOBJS) $(UTLOBJS) --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/socat/socat_1.7.3.1.bb b/meta/recipes-connectivity/socat/socat_1.7.3.1.bb deleted file mode 100644 index 4da6d3970b..0000000000 --- a/meta/recipes-connectivity/socat/socat_1.7.3.1.bb +++ /dev/null @@ -1,38 +0,0 @@ -SUMMARY = "Multipurpose relay for bidirectional data transfer" -DESCRIPTION = "Socat is a relay for bidirectional data \ -transfer between two independent data channels." -HOMEPAGE = "http://www.dest-unreach.org/socat/" - -SECTION = "console/network" - -DEPENDS = "openssl readline" - -LICENSE = "GPL-2.0+-with-OpenSSL-exception" -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://README;beginline=257;endline=287;md5=338c05eadd013872abb1d6e198e10a3f" - - -SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \ - file://Makefile.in-fix-for-parallel-build.patch \ - file://0001-define-NETDB_INTERNAL-to-1-if-not-available.patch \ - file://0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch \ -" - -SRC_URI[md5sum] = "334e46924f2b386299c9db2ac22bcd36" -SRC_URI[sha256sum] = "d2da659540c38139f388e9437bfaae16bb458d174d056cb3228432a8f489fbaa" - -inherit autotools - -EXTRA_AUTORECONF += "--exclude=autoheader" - -EXTRA_OECONF += "ac_cv_have_z_modifier=yes \ - ac_cv_header_bsd_libutil_h=no \ -" - -PACKAGECONFIG ??= "tcp-wrappers" -PACKAGECONFIG[tcp-wrappers] = "--enable-libwrap,--disable-libwrap,tcp-wrappers" - -do_install_prepend () { - mkdir -p ${D}${bindir} - install -d ${D}${bindir} ${D}${mandir}/man1 -} diff --git a/meta/recipes-connectivity/socat/socat_1.7.3.3.bb b/meta/recipes-connectivity/socat/socat_1.7.3.3.bb new file mode 100644 index 0000000000..1dbbe5cd55 --- /dev/null +++ b/meta/recipes-connectivity/socat/socat_1.7.3.3.bb @@ -0,0 +1,52 @@ +SUMMARY = "Multipurpose relay for bidirectional data transfer" +DESCRIPTION = "Socat is a relay for bidirectional data \ +transfer between two independent data channels." +HOMEPAGE = "http://www.dest-unreach.org/socat/" + +SECTION = "console/network" + +DEPENDS = "openssl" + +LICENSE = "GPL-2.0-with-OpenSSL-exception" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://README;beginline=257;endline=287;md5=338c05eadd013872abb1d6e198e10a3f" + +SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \ +" + +SRC_URI[md5sum] = "b2a032a47b8b89a18485697fa975154f" +SRC_URI[sha256sum] = "0dd63ffe498168a4aac41d307594c5076ff307aa0ac04b141f8f1cec6594d04a" + +inherit autotools + +EXTRA_AUTORECONF += "--exclude=autoheader" + +EXTRA_OECONF += "ac_cv_have_z_modifier=yes \ + ac_cv_header_bsd_libutil_h=no \ + sc_cv_termios_ispeed=no \ + ${TERMBITS_SHIFTS} \ +" + +TERMBITS_SHIFTS ?= "sc_cv_sys_crdly_shift=9 \ + sc_cv_sys_tabdly_shift=11 \ + sc_cv_sys_csize_shift=4" + +TERMBITS_SHIFTS_powerpc = "sc_cv_sys_crdly_shift=12 \ + sc_cv_sys_tabdly_shift=10 \ + sc_cv_sys_csize_shift=8" + +TERMBITS_SHIFTS_powerpc64 = "sc_cv_sys_crdly_shift=12 \ + sc_cv_sys_tabdly_shift=10 \ + sc_cv_sys_csize_shift=8" + +PACKAGECONFIG_class-target ??= "tcp-wrappers readline" +PACKAGECONFIG ??= "readline" +PACKAGECONFIG[tcp-wrappers] = "--enable-libwrap,--disable-libwrap,tcp-wrappers" +PACKAGECONFIG[readline] = "--enable-readline,--disable-readline,readline" + +do_install_prepend () { + mkdir -p ${D}${bindir} + install -d ${D}${bindir} ${D}${mandir}/man1 +} + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-connectivity/wireless-tools/wireless-tools/avoid_strip.patch b/meta/recipes-connectivity/wireless-tools/wireless-tools/avoid_strip.patch deleted file mode 100644 index f34e243de9..0000000000 --- a/meta/recipes-connectivity/wireless-tools/wireless-tools/avoid_strip.patch +++ /dev/null @@ -1,21 +0,0 @@ -wireless_tools: Avoid stripping iwmulticall - -Upstream-Status: Inappropriate [other] - The removed code was from upstream. - -Signed-off-by: Mark Hatle <mark.hatle@windriver.com> - -diff -ur wireless_tools.29.orig/Makefile wireless_tools.29/Makefile ---- wireless_tools.29.orig/Makefile 2011-06-18 11:35:12.183907453 -0500 -+++ wireless_tools.29/Makefile 2011-06-18 11:38:09.995907985 -0500 -@@ -135,9 +135,8 @@ - - macaddr: macaddr.o $(IWLIB) - --# Always do symbol stripping here - iwmulticall: iwmulticall.o -- $(CC) $(LDFLAGS) -Wl,-s $(XCFLAGS) -o $@ $^ $(LIBS) -+ $(CC) $(LDFLAGS) $(STRIPFLAGS) $(XCFLAGS) -o $@ $^ $(LIBS) - - # It's a kind of magic... - wireless.h: diff --git a/meta/recipes-connectivity/wireless-tools/wireless-tools/ldflags.patch b/meta/recipes-connectivity/wireless-tools/wireless-tools/ldflags.patch deleted file mode 100644 index 6c0d8cbd2e..0000000000 --- a/meta/recipes-connectivity/wireless-tools/wireless-tools/ldflags.patch +++ /dev/null @@ -1,22 +0,0 @@ -wireless-tools: Remove QA warning: No GNU_HASH in the elf binary - -Upstream-Status: Inappropriate [other] - Useful within bitbake environment only. - -Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com> - ---- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- wireless_tools.29.orig/Makefile -+++ wireless_tools.29/Makefile -@@ -144,7 +144,7 @@ wireless.h: - - # Compilation of the dynamic library - $(DYNAMIC): $(OBJS:.o=.so) -- $(CC) -shared -o $@ -Wl,-soname,$@ $(STRIPFLAGS) $(LIBS) -lc $^ -+ $(CC) -shared -o $@ -Wl,-soname,$@ $(LDFLAGS) $(STRIPFLAGS) $(LIBS) -lc $^ - - # Compilation of the static library - $(STATIC): $(OBJS:.o=.so) diff --git a/meta/recipes-connectivity/wireless-tools/wireless-tools/man.patch b/meta/recipes-connectivity/wireless-tools/wireless-tools/man.patch deleted file mode 100644 index 6a757dae76..0000000000 --- a/meta/recipes-connectivity/wireless-tools/wireless-tools/man.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - -Index: wireless_tools.30/Makefile -=================================================================== ---- wireless_tools.30.orig/Makefile 2014-02-01 00:21:04.148463382 -0800 -+++ wireless_tools.30/Makefile 2014-02-01 00:23:35.448072279 -0800 -@@ -76,7 +76,7 @@ - INSTALL_DIR= $(PREFIX)/sbin - INSTALL_LIB= $(PREFIX)/lib - INSTALL_INC= $(PREFIX)/include --INSTALL_MAN= $(PREFIX)/man -+INSTALL_MAN= $(PREFIX)/share/man - - # Various commands - RM = rm -f diff --git a/meta/recipes-connectivity/wireless-tools/wireless-tools/remove.ldconfig.call.patch b/meta/recipes-connectivity/wireless-tools/wireless-tools/remove.ldconfig.call.patch deleted file mode 100644 index 3a22c3f1e7..0000000000 --- a/meta/recipes-connectivity/wireless-tools/wireless-tools/remove.ldconfig.call.patch +++ /dev/null @@ -1,19 +0,0 @@ -When /etc/ld.so.cache is writeable by user running bitbake then it creates invalid cache -(in my case libstdc++.so cannot be found after building zlib(-native) and I have to call -touch */libstdc++.so && /sbin/ldconfig to fix it. - -So remove ldconfig call from make install-libs - -Upstream-Status: Inappropriate [disable feature] - -diff -uNr wireless_tools.29.orig/Makefile wireless_tools.29/Makefile ---- wireless_tools.29.orig/Makefile 2007-09-18 01:56:46.000000000 +0200 -+++ wireless_tools.29/Makefile 2012-02-15 20:46:41.780763514 +0100 -@@ -163,7 +163,6 @@ - install -m 755 $(DYNAMIC) $(INSTALL_LIB) - ln -sfn $(DYNAMIC) $(INSTALL_LIB)/$(DYNAMIC_LINK) - @echo "*** Don't forget to add $(INSTALL_LIB) to /etc/ld.so.conf, and run ldconfig as root. ***" -- @$(LDCONFIG) || echo "*** Could not run ldconfig ! ***" - - # Install the static library - install-static:: $(STATIC) diff --git a/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb b/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb deleted file mode 100644 index c3b8f665b1..0000000000 --- a/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb +++ /dev/null @@ -1,50 +0,0 @@ -SUMMARY = "Tools for the Linux Standard Wireless Extension Subsystem" -HOMEPAGE = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Tools.html" -LICENSE = "GPLv2 & (LGPLv2.1 | MPL-1.1 | BSD)" -LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ - file://iwconfig.c;beginline=1;endline=12;md5=cf710eb1795c376eb10ea4ff04649caf \ - file://iwevent.c;beginline=59;endline=72;md5=d66a10026d4394f0a5b1c5587bce4537 \ - file://sample_enc.c;beginline=1;endline=4;md5=838372be07874260b566bae2f6ed33b6" -SECTION = "base" -PE = "1" - -SRC_URI = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/wireless_tools.${PV}.tar.gz \ - file://remove.ldconfig.call.patch \ - file://man.patch \ - file://avoid_strip.patch \ - file://ldflags.patch \ - " -SRC_URI[md5sum] = "ca91ba7c7eff9bfff6926b1a34a4697d" -SRC_URI[sha256sum] = "abd9c5c98abf1fdd11892ac2f8a56737544fe101e1be27c6241a564948f34c63" - -UPSTREAM_CHECK_URI = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Tools.html" -UPSTREAM_CHECK_REGEX = "wireless_tools\.(?P<pver>(\d+)(\..*|))\.tar\.gz" - -S = "${WORKDIR}/wireless_tools.30" - -CFLAGS =+ "-I${S}" -EXTRA_OEMAKE = "-e 'BUILD_SHARED=y' \ - 'INSTALL_DIR=${D}${base_sbindir}' \ - 'INSTALL_LIB=${D}${libdir}' \ - 'INSTALL_INC=${D}${includedir}' \ - 'INSTALL_MAN=${D}${mandir}'" - -do_compile() { - oe_runmake all libiw.a -} - -do_install() { - oe_runmake PREFIX=${D} install-iwmulticall install-dynamic install-man install-hdr - install -d ${D}${sbindir} - install -m 0755 ifrename ${D}${sbindir}/ifrename -} - -PACKAGES = "libiw libiw-dev libiw-doc ifrename-doc ifrename ${PN} ${PN}-doc ${PN}-dbg" - -FILES_libiw = "${libdir}/*.so.*" -FILES_libiw-dev = "${libdir}/*.a ${libdir}/*.so ${includedir}" -FILES_libiw-doc = "${mandir}/man7" -FILES_ifrename = "${sbindir}/ifrename" -FILES_ifrename-doc = "${mandir}/man8/ifrename.8 ${mandir}/man5/iftab.5" -FILES_${PN} = "${bindir} ${sbindir}/iw* ${base_sbindir} ${base_bindir} ${sysconfdir}/network" -FILES_${PN}-doc = "${mandir}" diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch new file mode 100644 index 0000000000..7b0713cf6d --- /dev/null +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch @@ -0,0 +1,82 @@ +hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication +of disconnection in certain situations because source address validation is +mishandled. This is a denial of service that should have been prevented by PMF +(aka management frame protection). The attacker must send a crafted 802.11 frame +from a location that is within the 802.11 communications range. + +CVE: CVE-2019-16275 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 8c07fa9eda13e835f3f968b2e1c9a8be3a851ff9 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <j@w1.fi> +Date: Thu, 29 Aug 2019 11:52:04 +0300 +Subject: [PATCH] AP: Silently ignore management frame from unexpected source + address + +Do not process any received Management frames with unexpected/invalid SA +so that we do not add any state for unexpected STA addresses or end up +sending out frames to unexpected destination. This prevents unexpected +sequences where an unprotected frame might end up causing the AP to send +out a response to another device and that other device processing the +unexpected response. + +In particular, this prevents some potential denial of service cases +where the unexpected response frame from the AP might result in a +connected station dropping its association. + +Signed-off-by: Jouni Malinen <j@w1.fi> +--- + src/ap/drv_callbacks.c | 13 +++++++++++++ + src/ap/ieee802_11.c | 12 ++++++++++++ + 2 files changed, 25 insertions(+) + +diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c +index 31587685fe3b..34ca379edc3d 100644 +--- a/src/ap/drv_callbacks.c ++++ b/src/ap/drv_callbacks.c +@@ -131,6 +131,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, + "hostapd_notif_assoc: Skip event with no address"); + return -1; + } ++ ++ if (is_multicast_ether_addr(addr) || ++ is_zero_ether_addr(addr) || ++ os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { ++ /* Do not process any frames with unexpected/invalid SA so that ++ * we do not add any state for unexpected STA addresses or end ++ * up sending out frames to unexpected destination. */ ++ wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR ++ " in received indication - ignore this indication silently", ++ __func__, MAC2STR(addr)); ++ return 0; ++ } ++ + random_add_randomness(addr, ETH_ALEN); + + hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, +diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c +index c85a28db44b7..e7065372e158 100644 +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -4626,6 +4626,18 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, + fc = le_to_host16(mgmt->frame_control); + stype = WLAN_FC_GET_STYPE(fc); + ++ if (is_multicast_ether_addr(mgmt->sa) || ++ is_zero_ether_addr(mgmt->sa) || ++ os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { ++ /* Do not process any frames with unexpected/invalid SA so that ++ * we do not add any state for unexpected STA addresses or end ++ * up sending out frames to unexpected destination. */ ++ wpa_printf(MSG_DEBUG, "MGMT: Invalid SA=" MACSTR ++ " in received frame - ignore this frame silently", ++ MAC2STR(mgmt->sa)); ++ return 0; ++ } ++ + if (stype == WLAN_FC_STYPE_BEACON) { + handle_beacon(hapd, mgmt, len, fi); + return 1; +-- +2.20.1 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch deleted file mode 100644 index dd7d5f7267..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 73e4abb24a936014727924d8b0b2965edfc117dd Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <jouni@qca.qualcomm.com> -Date: Fri, 4 Mar 2016 18:46:41 +0200 -Subject: [PATCH 1/3] Reject psk parameter set with invalid passphrase - character - -WPA/WPA2-Personal passphrase is not allowed to include control -characters. Reject a passphrase configuration attempt if that passphrase -includes an invalid passphrase. - -This fixes an issue where wpa_supplicant could have updated the -configuration file psk parameter with arbitrary data from the control -interface or D-Bus interface. While those interfaces are supposed to be -accessible only for trusted users/applications, it may be possible that -an untrusted user has access to a management software component that -does not validate the passphrase value before passing it to -wpa_supplicant. - -This could allow such an untrusted user to inject up to 63 characters of -almost arbitrary data into the configuration file. Such configuration -file could result in wpa_supplicant trying to load a library (e.g., -opensc_engine_path, pkcs11_engine_path, pkcs11_module_path, -load_dynamic_eap) from user controlled location when starting again. -This would allow code from that library to be executed under the -wpa_supplicant process privileges. - -Upstream-Status: Backport - -CVE: CVE-2016-4477 - -Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> -Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com> ---- - wpa_supplicant/config.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index b1c7870..fdd9643 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -478,6 +478,12 @@ static int wpa_config_parse_psk(const struct parse_data *data, - } - wpa_hexdump_ascii_key(MSG_MSGDUMP, "PSK (ASCII passphrase)", - (u8 *) value, len); -+ if (has_ctrl_char((u8 *) value, len)) { -+ wpa_printf(MSG_ERROR, -+ "Line %d: Invalid passphrase character", -+ line); -+ return -1; -+ } - if (ssid->passphrase && os_strlen(ssid->passphrase) == len && - os_memcmp(ssid->passphrase, value, len) == 0) { - /* No change to the previously configured value */ --- -1.9.1 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch deleted file mode 100644 index db222e41d4..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch +++ /dev/null @@ -1,86 +0,0 @@ -From ecbb0b3dc122b0d290987cf9c84010bbe53e1022 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <jouni@qca.qualcomm.com> -Date: Fri, 4 Mar 2016 17:20:18 +0200 -Subject: [PATCH 1/2] WPS: Reject a Credential with invalid passphrase - -WPA/WPA2-Personal passphrase is not allowed to include control -characters. Reject a Credential received from a WPS Registrar both as -STA (Credential) and AP (AP Settings) if the credential is for WPAPSK or -WPA2PSK authentication type and includes an invalid passphrase. - -This fixes an issue where hostapd or wpa_supplicant could have updated -the configuration file PSK/passphrase parameter with arbitrary data from -an external device (Registrar) that may not be fully trusted. Should -such data include a newline character, the resulting configuration file -could become invalid and fail to be parsed. - -Upstream-Status: Backport - -CVE: CVE-2016-4476 - -Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> -Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com> ---- - src/utils/common.c | 12 ++++++++++++ - src/utils/common.h | 1 + - src/wps/wps_attr_process.c | 10 ++++++++++ - 3 files changed, 23 insertions(+) - -diff --git a/src/utils/common.c b/src/utils/common.c -index 450e2c6..27b7c02 100644 ---- a/src/utils/common.c -+++ b/src/utils/common.c -@@ -697,6 +697,18 @@ int is_hex(const u8 *data, size_t len) - } - - -+int has_ctrl_char(const u8 *data, size_t len) -+{ -+ size_t i; -+ -+ for (i = 0; i < len; i++) { -+ if (data[i] < 32 || data[i] == 127) -+ return 1; -+ } -+ return 0; -+} -+ -+ - size_t merge_byte_arrays(u8 *res, size_t res_len, - const u8 *src1, size_t src1_len, - const u8 *src2, size_t src2_len) -diff --git a/src/utils/common.h b/src/utils/common.h -index 701dbb2..a972240 100644 ---- a/src/utils/common.h -+++ b/src/utils/common.h -@@ -488,6 +488,7 @@ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len); - - char * wpa_config_parse_string(const char *value, size_t *len); - int is_hex(const u8 *data, size_t len); -+int has_ctrl_char(const u8 *data, size_t len); - size_t merge_byte_arrays(u8 *res, size_t res_len, - const u8 *src1, size_t src1_len, - const u8 *src2, size_t src2_len); -diff --git a/src/wps/wps_attr_process.c b/src/wps/wps_attr_process.c -index eadb22f..e8c4579 100644 ---- a/src/wps/wps_attr_process.c -+++ b/src/wps/wps_attr_process.c -@@ -229,6 +229,16 @@ static int wps_workaround_cred_key(struct wps_credential *cred) - cred->key_len--; - #endif /* CONFIG_WPS_STRICT */ - } -+ -+ -+ if (cred->auth_type & (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK) && -+ (cred->key_len < 8 || has_ctrl_char(cred->key, cred->key_len))) { -+ wpa_printf(MSG_INFO, "WPS: Reject credential with invalid WPA/WPA2-Personal passphrase"); -+ wpa_hexdump_ascii_key(MSG_INFO, "WPS: Network Key", -+ cred->key, cred->key_len); -+ return -1; -+ } -+ - return 0; - } - --- -1.9.1 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch new file mode 100644 index 0000000000..a476cf040e --- /dev/null +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch @@ -0,0 +1,52 @@ +From 94c401733a5a3d294cc412671166e6adfb409f53 Mon Sep 17 00:00:00 2001 +From: Joshua DeWeese <jdeweese@hennypenny.com> +Date: Wed, 30 Jan 2019 16:19:47 -0500 +Subject: [PATCH] replace systemd install Alias with WantedBy + +According to the systemd documentation "WantedBy=foo.service in a +service bar.service is mostly equivalent to +Alias=foo.service.wants/bar.service in the same file." However, +this is not really the intended purpose of install Aliases. + +Upstream-Status: Submitted [hostap@lists.infradead.org] + +Signed-off-by: Joshua DeWeese <jdeweese@hennypenny.com> +--- + wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in | 2 +- + wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in | 2 +- + wpa_supplicant/systemd/wpa_supplicant.service.arg.in | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in +index 03ac507..da69a87 100644 +--- a/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in ++++ b/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in +@@ -12,4 +12,4 @@ Type=simple + ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-nl80211-%I.conf -Dnl80211 -i%I + + [Install] +-Alias=multi-user.target.wants/wpa_supplicant-nl80211@%i.service ++WantedBy=multi-user.target +diff --git a/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in +index c8a744d..ca3054b 100644 +--- a/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in ++++ b/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in +@@ -12,4 +12,4 @@ Type=simple + ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-wired-%I.conf -Dwired -i%I + + [Install] +-Alias=multi-user.target.wants/wpa_supplicant-wired@%i.service ++WantedBy=multi-user.target +diff --git a/wpa_supplicant/systemd/wpa_supplicant.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant.service.arg.in +index 7788b38..55d2b9c 100644 +--- a/wpa_supplicant/systemd/wpa_supplicant.service.arg.in ++++ b/wpa_supplicant/systemd/wpa_supplicant.service.arg.in +@@ -12,4 +12,4 @@ Type=simple + ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-%I.conf -i%I + + [Install] +-Alias=multi-user.target.wants/wpa_supplicant@%i.service ++WantedBy=multi-user.target +-- +2.7.4 + diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Reject-SET_CRED-commands-with-newline-characters-in-.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Reject-SET_CRED-commands-with-newline-characters-in-.patch deleted file mode 100644 index cad7425c36..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Reject-SET_CRED-commands-with-newline-characters-in-.patch +++ /dev/null @@ -1,66 +0,0 @@ -From b166cd84a77a6717be9600bf95378a0055d6f5a5 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <jouni@qca.qualcomm.com> -Date: Tue, 5 Apr 2016 23:33:10 +0300 -Subject: [PATCH 2/3] Reject SET_CRED commands with newline characters in the - string values - -Most of the cred block parameters are written as strings without -filtering and if there is an embedded newline character in the value, -unexpected configuration file data might be written. - -This fixes an issue where wpa_supplicant could have updated the -configuration file cred parameter with arbitrary data from the control -interface or D-Bus interface. While those interfaces are supposed to be -accessible only for trusted users/applications, it may be possible that -an untrusted user has access to a management software component that -does not validate the credential value before passing it to -wpa_supplicant. - -This could allow such an untrusted user to inject almost arbitrary data -into the configuration file. Such configuration file could result in -wpa_supplicant trying to load a library (e.g., opensc_engine_path, -pkcs11_engine_path, pkcs11_module_path, load_dynamic_eap) from user -controlled location when starting again. This would allow code from that -library to be executed under the wpa_supplicant process privileges. - -Upstream-Status: Backport - -CVE: CVE-2016-4477 - -Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> -Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com> ---- - wpa_supplicant/config.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index eb97cd5..69152ef 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -2896,6 +2896,8 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var, - - if (os_strcmp(var, "password") == 0 && - os_strncmp(value, "ext:", 4) == 0) { -+ if (has_newline(value)) -+ return -1; - str_clear_free(cred->password); - cred->password = os_strdup(value); - cred->ext_password = 1; -@@ -2946,9 +2948,14 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var, - } - - val = wpa_config_parse_string(value, &len); -- if (val == NULL) { -+ if (val == NULL || -+ (os_strcmp(var, "excluded_ssid") != 0 && -+ os_strcmp(var, "roaming_consortium") != 0 && -+ os_strcmp(var, "required_roaming_consortium") != 0 && -+ has_newline(val))) { - wpa_printf(MSG_ERROR, "Line %d: invalid field '%s' string " - "value '%s'.", line, var, value); -+ os_free(val); - return -1; - } - --- -1.9.1 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Remove-newlines-from-wpa_supplicant-config-network-o.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Remove-newlines-from-wpa_supplicant-config-network-o.patch deleted file mode 100644 index cc7b01ad57..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Remove-newlines-from-wpa_supplicant-config-network-o.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 0fe5a234240a108b294a87174ad197f6b5cb38e9 Mon Sep 17 00:00:00 2001 -From: Paul Stewart <pstew@google.com> -Date: Thu, 3 Mar 2016 15:40:19 -0800 -Subject: [PATCH 2/2] Remove newlines from wpa_supplicant config network - output - -Spurious newlines output while writing the config file can corrupt the -wpa_supplicant configuration. Avoid writing these for the network block -parameters. This is a generic filter that cover cases that may not have -been explicitly addressed with a more specific commit to avoid control -characters in the psk parameter. - -Upstream-Status: Backport - -CVE: CVE-2016-4476 - -Signed-off-by: Paul Stewart <pstew@google.com> -Signed-off-by: Zhixiong Chi <Zhixiong.Chi.wrs.com> ---- - src/utils/common.c | 11 +++++++++++ - src/utils/common.h | 1 + - wpa_supplicant/config.c | 15 +++++++++++++-- - 3 files changed, 25 insertions(+), 2 deletions(-) - -diff --git a/src/utils/common.c b/src/utils/common.c -index 27b7c02..9856463 100644 ---- a/src/utils/common.c -+++ b/src/utils/common.c -@@ -709,6 +709,17 @@ int has_ctrl_char(const u8 *data, size_t len) - } - - -+int has_newline(const char *str) -+{ -+ while (*str) { -+ if (*str == '\n' || *str == '\r') -+ return 1; -+ str++; -+ } -+ return 0; -+} -+ -+ - size_t merge_byte_arrays(u8 *res, size_t res_len, - const u8 *src1, size_t src1_len, - const u8 *src2, size_t src2_len) -diff --git a/src/utils/common.h b/src/utils/common.h -index a972240..d19927b 100644 ---- a/src/utils/common.h -+++ b/src/utils/common.h -@@ -489,6 +489,7 @@ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len); - char * wpa_config_parse_string(const char *value, size_t *len); - int is_hex(const u8 *data, size_t len); - int has_ctrl_char(const u8 *data, size_t len); -+int has_newline(const char *str); - size_t merge_byte_arrays(u8 *res, size_t res_len, - const u8 *src1, size_t src1_len, - const u8 *src2, size_t src2_len); -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index fdd9643..eb97cd5 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -2699,8 +2699,19 @@ char * wpa_config_get(struct wpa_ssid *ssid, const char *var) - - for (i = 0; i < NUM_SSID_FIELDS; i++) { - const struct parse_data *field = &ssid_fields[i]; -- if (os_strcmp(var, field->name) == 0) -- return field->writer(field, ssid); -+ if (os_strcmp(var, field->name) == 0) { -+ char *ret = field->writer(field, ssid); -+ -+ if (ret && has_newline(ret)) { -+ wpa_printf(MSG_ERROR, -+ "Found newline in value for %s; not returning it", -+ var); -+ os_free(ret); -+ ret = NULL; -+ } -+ -+ return ret; -+ } - } - - return NULL; --- -1.9.1 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-Reject-SET-commands-with-newline-characters-in-the-s.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-Reject-SET-commands-with-newline-characters-in-the-s.patch deleted file mode 100644 index 5375db74b3..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-Reject-SET-commands-with-newline-characters-in-the-s.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 2a3f56502b52375c3bf113cf92adfa99bad6b488 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <jouni@qca.qualcomm.com> -Date: Tue, 5 Apr 2016 23:55:48 +0300 -Subject: [PATCH 3/3] Reject SET commands with newline characters in the - string values - -Many of the global configuration parameters are written as strings -without filtering and if there is an embedded newline character in the -value, unexpected configuration file data might be written. - -This fixes an issue where wpa_supplicant could have updated the -configuration file global parameter with arbitrary data from the control -interface or D-Bus interface. While those interfaces are supposed to be -accessible only for trusted users/applications, it may be possible that -an untrusted user has access to a management software component that -does not validate the value of a parameter before passing it to -wpa_supplicant. - -This could allow such an untrusted user to inject almost arbitrary data -into the configuration file. Such configuration file could result in -wpa_supplicant trying to load a library (e.g., opensc_engine_path, -pkcs11_engine_path, pkcs11_module_path, load_dynamic_eap) from user -controlled location when starting again. This would allow code from that -library to be executed under the wpa_supplicant process privileges. - -Upstream-Status: Backport - -CVE: CVE-2016-4477 - -Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> -Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com> ---- - wpa_supplicant/config.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index 69152ef..d9a1603 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -3764,6 +3764,12 @@ static int wpa_global_config_parse_str(const struct global_parse_data *data, - return -1; - } - -+ if (has_newline(pos)) { -+ wpa_printf(MSG_ERROR, "Line %d: invalid %s value with newline", -+ line, data->name); -+ return -1; -+ } -+ - tmp = os_strdup(pos); - if (tmp == NULL) - return -1; --- -1.9.1 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/wpa-supplicant.sh b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/wpa-supplicant.sh index 5c9e5d33a7..35a1aa639e 100644 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/wpa-supplicant.sh +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/wpa-supplicant.sh @@ -4,6 +4,7 @@ WPA_SUP_BIN="/usr/sbin/wpa_supplicant" WPA_SUP_PNAME="wpa_supplicant" WPA_SUP_PIDFILE="/var/run/wpa_supplicant.$IFACE.pid" +WPA_COMMON_CTRL_IFACE="/var/run/wpa_supplicant" WPA_SUP_OPTIONS="-B -P $WPA_SUP_PIDFILE -i $IFACE" VERBOSITY=0 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb index a4160e1c5c..3e92427bb0 100644 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb @@ -2,10 +2,10 @@ SUMMARY = "Client for Wi-Fi Protected Access (WPA)" HOMEPAGE = "http://w1.fi/wpa_supplicant/" BUGTRACKER = "http://w1.fi/security/" SECTION = "network" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=36b27801447e0662ee0138d17fe93880 \ - file://README;beginline=1;endline=56;md5=7f393579f8b109fe91f3b9765d26c7d3 \ - file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=3430fda79f2ba1dd545f0b3c4d6e4d24" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://COPYING;md5=279b4f5abb9c153c285221855ddb78cc \ + file://README;beginline=1;endline=56;md5=e7d3dbb01f75f0b9799e192731d1e1ff \ + file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=0a8b56d3543498b742b9c0e94cc2d18b" DEPENDS = "dbus libnl" RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli" @@ -13,7 +13,7 @@ PACKAGECONFIG ??= "gnutls" PACKAGECONFIG[gnutls] = ",,gnutls libgcrypt" PACKAGECONFIG[openssl] = ",,openssl" -inherit systemd +inherit pkgconfig systemd SYSTEMD_SERVICE_${PN} = "wpa_supplicant.service wpa_supplicant-nl80211@.service wpa_supplicant-wired@.service" SYSTEMD_AUTO_ENABLE = "disable" @@ -24,14 +24,13 @@ SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \ file://wpa_supplicant.conf \ file://wpa_supplicant.conf-sane \ file://99_wpa_supplicant \ - file://0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch \ - file://0002-Remove-newlines-from-wpa_supplicant-config-network-o.patch \ - file://0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch \ - file://0002-Reject-SET_CRED-commands-with-newline-characters-in-.patch \ - file://0003-Reject-SET-commands-with-newline-characters-in-the-s.patch \ + file://0001-replace-systemd-install-Alias-with-WantedBy.patch \ + file://0001-AP-Silently-ignore-management-frame-from-unexpected-.patch \ " -SRC_URI[md5sum] = "96ff75c3a514f1f324560a2376f13110" -SRC_URI[sha256sum] = "cce55bae483b364eae55c35ba567c279be442ed8bab5b80a3c7fb0d057b9b316" +SRC_URI[md5sum] = "2d2958c782576dc9901092fbfecb4190" +SRC_URI[sha256sum] = "fcbdee7b4a64bea8177973299c8c824419c413ec2e3a95db63dd6a5dc3541f17" + +CVE_PRODUCT = "wpa_supplicant" S = "${WORKDIR}/wpa_supplicant-${PV}" @@ -44,8 +43,6 @@ CONFFILES_${PN} += "${sysconfdir}/wpa_supplicant.conf" do_configure () { ${MAKE} -C wpa_supplicant clean install -m 0755 ${WORKDIR}/defconfig wpa_supplicant/.config - echo "CFLAGS +=\"-I${STAGING_INCDIR}/libnl3\"" >> wpa_supplicant/.config - echo "DRV_CFLAGS +=\"-I${STAGING_INCDIR}/libnl3\"" >> wpa_supplicant/.config if echo "${PACKAGECONFIG}" | grep -qw "openssl"; then ssl=openssl |