aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/dhcp/dhcp
AgeCommit message (Collapse)Author
2018-07-01dhcp: update 4.4.1akuster/master-pkg-updatesArmin Kuster
include several CVE fixes. CVE: CVE-2018-5733 CVE: CVE-2018-5732 LIC_CHKSUM_FILE updated to SPFX format https://kb.isc.org/article/AA-01571 remove several patches now included in update. Shared libarary support is now enabled in configure+lt, use it and revert to autotools-brokensep Refresh patches aligns support with bind 9.11.x add libxml2 support to configure.ac+lt [v2] cleaned up do_configure per feedback fix hard coded lib & include patch Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13dhcp: Security Advisory - CVE-2017-3144Yue Tao
Fix CVE-2017-3144 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144 https://kb.isc.org/article/AA-01541 Patch from: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commitdiff;h=5097bc0559f592683faac1f67bf350e1bddf6ed4 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-12-10meta: fix malformed/missing Upstream-Status tagsRoss Burton
Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-10dhcp: fix build issue with libxml2 supportAwais Belal
A missing case breaks the build when libxml2 is required and found appropriately. The third argument to the function AC_SEARCH_LIB is action-if-found which was mistakenly been used for the case where the library is not found and hence breaks the configure phase where it shoud actually pass. We now pass on silently when action-if-found is executed. Signed-off-by: Awais Belal <awais_belal@mentor.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-08-17dhcp: 4.3.5 -> 4.3.6Hongxu Jia
1. Rebase patches to 4.3.6 - define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch -> 0001 - dhcp-3.0.3-dhclient-dbus.patch -> 0002 - link-with-lcrypto.patch -> 0003 - fixsepbuild.patch -> 0004 - dhclient-script-drop-resolv.conf.dhclient.patch -> 0005 - 0001-site.h-enable-gentle-shutdown.patch -> 0006 - libxml2-configure-argument.patch -> 0007 - tweak-to-support-external-bind.patch -> 0008 - remove-dhclient-script-bash-dependency.patch -> 0009 - build-shared-libs.patch -> 0010 - Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch -> 0011 2. Drop search-for-libxml2.patch It is overrided by libxml2-configure-argument.patch 3. Rework dhclient-script-drop-resolv.conf.dhclient.patch and Drop replace-ifconfig-route.patch. vim client/scripts/linux ... Script refresh in 2017. The aliasing code was too convoluted and needs to go away. Migrated DHCPv4 script to ip command from iproute2 suite. This is based on Debian script with some tweaks. ifconfig is no longer used. Everything is done using ip tool from ip-route2. ... Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-07-17dhcp: fix shutdown not work by SIGTERM while bind9 enable threadsHongxu Jia
In https://source.isc.org/git/bind9.git, since the following commit applied: ... commit b99bfa184bc9375421b5df915eea7dfac6a68a99 Author: Evan Hunt <each@isc.org> Date: Wed Apr 10 13:49:57 2013 -0700 [master] unify internal and export libraries 3550. [func] Unified the internal and export versions of the BIND libraries, allowing external clients to use the same libraries as BIND. [RT #33131] ... (git show b99bfa184bc9375421b5df915eea7dfac6a68a99 -- ./lib/isc/unix/app.c) In this commit, if bind9 enable threads(ISC_PLATFORM_USETHREADS), it blocks signal SIGHUP, SIGINT and SIGTERM in isc__app_ctxstart. Which caused dhclient/dhcpd could not be stopped by SIGTERM. It caused systemd's reboot hung which send SIGTERM by default. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-05-29dhcp: build shared librariesKai Kang
When enable bind threads support, it fails to compile dhcp: | tmp/work/armv5e-poky-linux-gnueabi/bind/9.10.3-P3-r0/build/lib/isc/pthreads/../../../ | ../bind-9.10.3-P3/lib/isc/pthreads/thread.c:64: undefined reference to `pthread_create' Enable build shared libraries for bind and dhcp to fix the build failure. And the patch is ported from Fedora. Add sub-package dhcp-libs to package shared libraries. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-07-25dhcp: remove dhclient-script bash dependencyAndre McCurdy
Take the dash compatible IPv6 link-local address test from the Debian version of dhclient-script. Note that although "echo -e" in the OE version of dhclient-script is technically bash specific too, it is supported by Busybox echo when Busybox is configured with CONFIG_FEATURE_FANCY_ECHO enabled (which is the default in the OE Busybox defconfig) therefore leave as-is. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-06-14dhcp: upgrade to 4.3.4Hongxu Jia
- Drop fix-external-bind.patch, which dhcp 4.3.4 supports option --with-libbind=PATH - Add tweak-to-support-external-bind.patch, tweak the external bind to oe-core's sysroot rather than external bind source build. - Drop CVE-2015-8605.patch, CVE-2016-2774.patch, dhcp 4.3.4 has fixed them - Add configure option --with-randomdev=/dev/random Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-05-30dhcp: fix non-deterministic libxml2 dependencyChristopher Larson
This dependency was floating, which results in non-deterministic builds. Add a configure argument and associated PACKAGECONFIG to fix this. The libxml dep is only needed when bind was built with a dep on libxml due to its httpstats feature. So, when you enable the httpstats config in bind, and want to build dhcp, be sure to also enable the bind-httpstats config in dhcp. Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-04-18dhcp: CVE-2016-2774Catalin Enache
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2774 Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-03-20dhcp: enable gentle shutdownChen Qi
For now, `systemctl stop dhcpd' cannot stop dhcpd correctly, the SIGTERM signal would time out, causing a SIGKILL signal sent to dhcpd. Patch site.h to enable gentle shutdown to so that dhcpd could be stopped by SIGTERM. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-03-02dhcp: CVE-2015-8605Mariano Lopez
ISC DHCP allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-01-26meta: fix capitalisation in Upstream-StatusRoss Burton
Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-01-13dhcp: 4.3.2 -> 4.3.3Hongxu Jia
- Rebase: fix-external-bind.patch and fixsepbuild.patch for 4.3.3 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-13dhcp: search libxml2 for bindAwais Belal
libdns requires libxml2 if bind was built with libxml2 support enabled. Compilation will fail for omapip/test.c in case -lxml2 isn't used during the build. So, we add losely coupled search path which will pick up the lib if it is present. Signed-off-by: Awais Belal <awais_belal@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-07dhcp: 4.3.1 -> 4.3.2Robert Yang
Removed dhcp-xen-checksum.patch since already merged. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-02-14dhcp-client: Ignore partial checksumsRob Woolley
dhclient will fail to get an IP address if run inside a guest when traffic is flowing over a virtual network interface. The user will see the error message: 5 bad udp checksums in 5 packets No DHCPOFFERS received. Unable to obtain a lease on first try. Exiting. Failed to bring up eth0. This is because Linux only uses partial checksums for packets that go over virtual network interfaces and dhclient does not like this. See linux kernel commit 78ea85f17b15390e30d8b47488ec7b6cf0790663 ("net: skbuff: improve comment on checksumming") An application can detect this behaviour by checking for the TP_STATUS_CSUMNOTREADY flag in the tp_status field. See linux kernel commit 8dc4194474159660d7f37c495e3fc3f10d0db8cc ("Add optional checksum computation for recvmsg") An extra parameter is added to decode_udp_ip_header() in dhclient to indicate whether or not dhclient should ignore partial checksums. This is used when the TP_STATUS_CSUMNOTREADY bit is set by the guest kernel. This fix has been included in Fedora and Ubuntu, however it has not yet been accepted by ISC upstream. Likely because it is specific to behaviour in Linux and other UNIX variants do not seem to be affected. The patch was imported from the dhcp source RPM in Fedora 21 (http://pkgs.fedoraproject.org/cgit/dhcp.git/tree/dhcp-xen-checksum.patch?h=f21) Originally contributed to fedora-cvs-commit by David Cantrell on Jan 30 2007 (https://www.redhat.com/archives/fedora-cvs-commits/2007-January/msg01442.html) Submitted to dhcp-bugs@isc.org - [ISC-Bugs #22806] - by Michael S. Tsirkin (http://comments.gmane.org/gmane.comp.emulators.kvm.devel/65236) (https://lists.isc.org/pipermail/dhcp-hackers/2010-April/001835.html) Upstream-Status: Submitted [dhcp-bugs@isc.org] Signed-off-by: Rob Woolley <rob.woolley@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-01-23dhcp: not override site.hHongxu Jia
Previously, site.h was overridden for setting _PATH_DHCPD_CONF and _PATH_DHCLIENT_CONF, it caused other MACROs were missing, so we use a patch to instead. The macros NSUPDATE and COMPACT_LEASES existed in site.h Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
2015-01-23dhcp: upgrade to 4.3.1Hongxu Jia
Rebase fixsepbuild.patch to 4.3.1 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
2014-08-23dhcp: do not use ifconfig/route in dhclient-scriptFahad Usman
The original patch was submitted on ISC's mailing list but it didn't get merged for some reason, it can be found here; https://lists.isc.org/pipermail/dhcp-users/2011-January/012910.html "The ISC DHCP's dhclient-script for Linux still uses the legacy commands 'ifconfig' & 'route' to manage IPv4 network addresses & routes, while it uses iproute2's new "ip" command to manage IPv6 network data. This requires users & distributions to have both types of commands installed The attached patch tries to improve the situation by replacing the old "ifconfig" resp. "route" commands with their "ip" counterparts. It even improves the logic a bit by only flushing the IPv4 addresses instead of taking down the whole interface, which may still have active IPv6 connections." Signed-off-by: Fahad Usman <fahad.usman@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-11dhcp: Update to 4.3.0Saul Wold
Rebase fix-external-bind patch LICENSE file has date update to 2014 Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-07dhcp-client: fix invoke dhclient-script failed on Read-only file systemHongxu Jia
In read-only file system, '/etc' is on the readonly partition, and '/etc/resolv.conf' is symlinked to a separate writable partition. In this situation, we should use shell variable to instead of the temp file '/etc/resolv.conf.dhclient'. [YOCTO #5624] Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-12-10meta/*: remove unnecessary patchesChong Lu
The following patches are found, but not used by any recipe, so we should remove them. meta/recipes-connectivity/avahi/files/fix_for_automake_1.11.2.patch meta/recipes-connectivity/dhcp/dhcp/fix-client-path.patch meta/recipes-connectivity/libnss-mdns/files/alignment-fix.patch meta/recipes-core/dbus/dbus-1.6.10/test-run-path.patch meta/recipes-core/gettext/gettext-0.16.1/fixchicken.patch meta/recipes-core/gettext/gettext-0.16.1/getline.m4.patch meta/recipes-core/systemd/systemd/use-rootlibdir.patch meta/recipes-core/util-linux/util-linux/remove-lscpu.patch meta/recipes-core/util-linux/util-linux/remove_sigsetmark.patch meta/recipes-core/util-linux/util-linux/uclibc-compile.patch meta/recipes-devtools/autoconf/autoconf/autoconf-x.patch meta/recipes-devtools/btrfs-tools/btrfs-tools/btrfs-progs-fix-parallel-build.patch meta/recipes-devtools/btrfs-tools/btrfs-tools/btrfs-progs-fix-parallel-build2.patch meta/recipes-devtools/cdrtools/cdrtools-native/no_usr_src.patch meta/recipes-devtools/elfutils/elfutils-0.155/elfutils-robustify.patch meta/recipes-devtools/gdb/gdb/libiberty-cross.patch meta/recipes-devtools/perl/perl-5.14.3/asm-pageh-fix.patch meta/recipes-devtools/python/python-native/sys_platform_is_now_always_linux2.patch meta/recipes-devtools/python/python-pygobject/generate-constants.patch meta/recipes-devtools/qemu/files/3f08ffb4a4741d147634761dc053ed386243a0de.patch meta/recipes-devtools/qemu/files/enable-i386-linux-user.patch meta/recipes-devtools/qemu/files/init-info.patch meta/recipes-devtools/rpm/rpm/rpm_fix_for_automake-1.12.patch meta/recipes-devtools/tcf-agent/tcf-agent/fix_tcf-agent.init.patch meta/recipes-extended/iputils/files/arping-break-libsysfs-dependency.patch meta/recipes-extended/libarchive/libarchive/0003-Patch-from-upstream-rev-2516.patch meta/recipes-extended/procps/procps-3.2.8/pagesz-not-constant.patch meta/recipes-gnome/gtk+/gtk+-2.24.22/no-demos.patch meta/recipes-gnome/libglade/libglade-2.6.4/no-deprecation.patch meta/recipes-graphics/mesa/mesa/0005-llvmpipe-remove-the-power-of-two-sizeof-struct-cmd_b.patch meta/recipes-graphics/xorg-lib/libxxf86dga/libxxf86dga-1.1.3_fix_for_x32.patch meta/recipes-kernel/kmod/kmod/fix-undefined-O_CLOEXEC.patch meta/recipes-kernel/linux-libc-headers/linux-libc-headers/connector-msg-size-fix.patch meta/recipes-kernel/linux/linux-yocto/tools-perf-no-scripting.patch meta/recipes-support/gnutls/gnutls/gnutls-texinfo-euro.patch meta/recipes-support/nspr/nspr/fix-build-on-aarch64.patch [YOCTO #5180] Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-06-17dhcp: drop noattrmode.patchKevin Strasser
This change no longer needs to be backported now that a newer version of dhcp is being used. The patch isn't causing errors because it is not included in the dhcp recipe's SRC_URI. Signed-off-by: Kevin Strasser <kevin.strasser@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-06-17dhcp: drop fixincludes.patchKevin Strasser
Recent versions of dhcp have swapped out use of __u16 for u_int16_t and therefor asm/types.h no longer needs to be included. Drop fixincludes.patch from dhcp recipe. Signed-off-by: Kevin Strasser <kevin.strasser@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-04-29dhcp: Update to 4.2.5-P1Saul Wold
Signed-off-by: Saul Wold <sgw@linux.intel.com>