Age | Commit message (Collapse) | Author |
|
Upstream stopped using it in 2008.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changes to libxcrypt revealed a missing dependency in the openssh recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix bug as following on aarch64BE:
Error: operand 1 must be an integer register -- `rev v31.16b,v31.16b'
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It fails to run ptest case test_shlibload which requires libcrypto.so
and libssl.so with version numbers now.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Pointer arithmatic results in implementation defined signed integer
type, so that 'd - dst’ in strlcat may trigger signed overflow if
pointer ‘d’ is near 0x7fffffff in 32 bits system. In case of ompilation
by gcc or clang with -ftrapv option, the overflow would generate
program abort.
Signed-off-by: hguo3 <heng.guo@windriver.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
[ YOCTO #13366 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The action of "dhclient -x eth0" and "dhclient -r eth0" is
same when enable ENABLE_GENTLE_SHUTDOWN. Disable ENABLE_GENTLE_SHUTDOWN
that will use the default signal hander.
Signed-off-by: Jiping Ma <jiping.ma2@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In minimal images the agent-ptrace test is skipped unless gdb is
installed which explains the difference in test counts. We don't
want a build dependency on gdb and the test isn't critical so just
document the dependency.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes the openssh tests in minimal images since they use options
not present in the busybox versions of the commands.
[YOCTO #13295]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backported patch removed.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Ship some obex files in the appropriate obex package. This fixes boot
error:
[FAILED] Failed to start Bluetooth OBEX service.
that was caused by the obex.service being shipped in the main package,
rather than the -obex (that includes obexd).
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upgrade from openssh_7.9p1.bb to openssh_8.0p1.bb.
-openssh/0001-upstream-Have-progressmeter-force-an-update-at-the-b.patch
-openssh/CVE-2018-20685.patch
-openssh/CVE-2019-6109.patch
-openssh/CVE-2019-6111.patch
-Removed since these are included in 8.0p1.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
fix below error:
file /etc/xinetd.d/telnet conflicts between attempted installs of netkit-telnet-0.17-r0.i586 and inetutils-telnetd-1.9.4-r0.i586
file /usr/sbin/in.telnetd conflicts between attempted installs of netkit-telnet-0.17-r0.i586 and inetutils-telnetd-1.9.4-r0.i586
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
udev is an optional dependency of bluez5, so use PACKAGECONFIG to give
users the ability to build bluez5 without udev support.
Signed-off-by: David Frey <dpfrey@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Adds a PACKAGECONFIG option to enable the libdns_sd compatibility
library.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
musl > v1.1.21 changed the implementation of the freeaddrinfo() function
not allowing anymore to pass null pointers to it.
This was causing a segmentation fault in connman.
Signed-off-by: Nicola Lunghi <nick83ola@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes build with musl where TEMP_FAILURE_RETRY is not provided
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch worked around a problem in musl but caused
the following:
iplink_bridge.c: In function 'br_dump_bridge_id':
iplink_bridge.c:77:2: warning: implicit declaration of function 'ether_ntoa_r'; did you mean 'inet_ntoa'? [-Wimplicit-function-declaration]
ether_ntoa_r((const struct ether_addr *)id->addr, eaddr);
^~~~~~~~~~~~
In the meantime upstream has already implemented a different
workaround for musl, so this patch can just be dropped.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without this we see test failures due to the sudo binary being missing.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's no point in building an NSS module for a C library
that doesn't support NSS.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove patch applied upstream.
Backport two fixes for build failures
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch fixes a following issue:
| omapip/isclib.c: In function 'dns_client_init':
| omapip/isclib.c:356:18: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'dnsclient'
| if (dhcp_gbl_ctx.dnsclient == NULL) {
| ^
| omapip/isclib.c:363:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'dnsclient'
| &dhcp_gbl_ctx.dnsclient,
| ^
| omapip/isclib.c:364:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'use_local4'
| (dhcp_gbl_ctx.use_local4 ?
| ^
| omapip/isclib.c:365:25: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'local4_sockaddr'
| &dhcp_gbl_ctx.local4_sockaddr
| ^
| omapip/isclib.c:367:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'use_local6'
| (dhcp_gbl_ctx.use_local6 ?
| ^
| omapip/isclib.c:368:25: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'local6_sockaddr'
| &dhcp_gbl_ctx.local6_sockaddr
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
IrDA support was removed in kernel 4.17.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
OpenSSL 1.0 has been replaced by 1.1, and it would be harder
to security-support after the upstream EOL at the end of 2019.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Avoid the warning:
WARNING: Nothing RPROVIDES 'nativesdk-rng-tools' (but virtual:nativesdk:/home/pokybuild/yocto-worker/build-appliance/build/meta/recipes-connectivity/openssh/openssh_7.9p1.bb RDEPENDS on or otherwise requires it)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since openssl 1.1.1 and openssh which uses it, sshd
startup is delayed. The delays range from few seconds
to minutes and even to hours. The delays are visible
in host keys generation and when sshd process is started
in response to incoming TCP connection but is failing
to provide SSH version string and clients or tests time out.
In all cases traces show that sshd is waiting for getentropy()
system call to return from Linux kernel, which returns only
after kernel side random number pool is initialized. The pool
is initialized via various entropy source which may be
missing on embedded development boards or via rngd from
rng-tools package from userspace. HW random number generation
and kernel support help but rngd is till needed to feed that data
back to the Linux kernel.
Example from an NXP imx8 board shows that kernel random number pool
initialization can take over 400 seconds without rngd,
and with rngd it is initialized at around 4 seconds after boot.
The completion of initialization is visible in kernel dmesg with line
"random: crng init done".
More details are available from:
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912087
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897572
* https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43838a23a05fbd13e47d750d3dfd77001536dd33
* http://www.man7.org/linux/man-pages/man2/getrandom.2.html
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Cc: Mark Hatle <mark.hatle@windriver.com>
Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Cc: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License checksums were changed due to modified copyright years.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove patches for issues fixed upstream.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix some missing or corrupted patch Upstream-Status values.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Also backport a patch to fix issues introduced by fix for CVE-2019-6109.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
enabled
* import 2 fixes from LuneOS
* with l2tp PACKAGECONFIG enabled connman depends on MACHINE_ARCH xl2tpd:
=== Comparing signatures for task do_package_write_ipk.sigdata between hammerhead and mako ===
ERROR: connman different signature for task do_package_write_ipk.sigdata between hammerhead and mako
NOTE: Starting bitbake server...
Hash for dependent task xl2tpd/xl2tpd_git.bb.do_packagedata changed from 6312d5711b5c2c1a85ee235d09bf37a8ec00f7ad9e7248c087bb83ef1d5bd078 to c0d3ef52b37bda945d8b2a015980ddb8fe7b4b3dca3d82d71a84176cc5125142
Unable to find matching sigdata for /OE/build/luneos-master/webos-ports/meta-openembedded/meta-networking/recipes-protocols/xl2tpd/xl2tpd_git.bb.do_packagedata with hashes 6312d5711b5c2c1a85ee235d09bf37a8ec00f7ad9e7248c087bb83ef1d5bd078 or c0d3ef52b37bda945d8b2a015980ddb8fe7b4b3dca3d82d71a84176cc5125142
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
upstream patch
This also fixes a dhcp breakage noticed by Enrico Scholz.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removed patch has been upstreamed.
Changelog:
- Fix issue with handling invalid gateway addresses.
- Fix issue with handling updates of default gateway.
- Fix issue with DHCP servers that require broadcast flag.
- Add support for option to use gateways as time servers.
- Add support for option to select default technology.
- Add support for Address Conflict Detection (ACD).
- Add support for IPv6 iptables management.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bugfix-only compared to 9.11.5, mostly CVE fixes.
COPYRIGHT checksum changed due to 2018 -> 2019.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need to run sed with the -u option to ensure the output is unbuffered else
ptest-runner may timeout thinkig things were idle. Busybox doesn't have the -u
option so we need to RDEPEND on sed (which is a good thing to do if we use it
anyway).
Alex Kanavin should get credit for discovering the problem.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix CVE-2017-6519.
CVE: CVE-2017-6519
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix this CVE (Bluetooth discoverability may be enabled with no agents to handle
requests) by backporting a number of patches from upstream.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: copyright years updated
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We had a c_rehash shell re-implementation being used for the native
package however the ca-certificates now uses the openssl rehash
internal application so there is no use for the c_rehash anymore.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The tc command is provided both by busybox and iproute2.
Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|