| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Mark Jonas <toertel@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The dhcp-client has been removed from oe-core and the current
networkmanager does not support dhcpcd >= 9.0 (See bug report:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/410)
Remove the PACKAGECONFIG[dhclient] and pass --with-dhclient/dhcpcd=no
explicitly to EXTRA_OECONF. Otherwise it will search the host path when
configure.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This is security release in order to address CVE-2020-1472
(Unauthenticated domain takeover via netlogon ("ZeroLogon")).
See: https://www.samba.org/samba/history/samba-4.10.18.html
Also remove 3 backported patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add patch from upstream which fixes building on big endian.
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes Issue #280
Signed-off-by: Winfried Dobbe <winfried.dobbe@xmsnet.nl>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
IEC 61850 is an international standard for communication systems in
Substation Automation Systems (SAS) and management of Decentralized
Energy Resources (DER). It is seen as one of the communication
standards of the emerging Smart Grid.
Add two upstream patch fixing build issues with musl libc.
Enable the libiec61850 python binding (pyiec61850) that require a fix
to find the correct PYTHON_SITE_DIR path while cross-compiling.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The wireless-regdb has been moved to oe-core. According the commit
message:
wireless-regdb-static should be used with kernel >= 4.15.
wireless-regdb can be used with older kernels and is mostly
irrelevant here, but keeping it in meta-networking would
create needless recipe duplication.
it should replace runtime dependency wireless-regdb with
wireless-regdb-static.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.6.12:
Security:
- In some circumstances, Mosquitto could leak memory when handling
PUBLISH messages. This is limited to incoming QoS 2 messages,
and is related to the combination of the broker having
persistence enabled, a clean session=false client, which was
connected prior to the broker restarting, then has reconnected
and has now sent messages at a sufficiently high rate that the
incoming queue at the broker has filled up and hence messages
are being dropped. This is more likely to have an effect where
max_queued_messages is a small value. This has now been fixed.
Broker:
- Build warning fixes when building with WITH_BRIDGE=no and
WITH_TLS=no.
Clients:
- All clients exit with an error exit code on CONNACK failure.
- Don't busy loop with `mosquitto_pub -l` on a slow connection.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This helps it to use dropbear
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes
No GNU_HASH in the ELF binary /mnt/b/yoe/master/build/tmp/work/cortexa57-yoe-linux/bearssl/0.6-r0/packages-split/bearssl/usr/lib/libbearssl.so.6.0.0, didn't pass LDFLAGS? [ldflag
s]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
dhcp-client is being removed from oe-core
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fails to build on an aarch64 system with ipv6 disabled. This backported
patch fixes it.
Signed-off-by: Jack Mitchell <ml@embed.me.uk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Default Makefile of bearssl doesn't have a make target which hadn't
enough attraction when creating the recipe.
Add missing functionality.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add recipe for BearSSL - an an implementation of the SSL/TLS protocol with
the approach of:
* Be correct and secure.
* Be small
* Be highly portable
* Be feature-rich and extensible
See https://bearssl.org for more details.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Added recipe for autossh tool.
Signed-off-by: Colin McAllister <colinmca242@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.6.11:
Broker:
- Fix usage message only mentioning v3.1.1.
- Fix broker refusing to start if only websockets listeners were
defined.
- Change systemd unit files to create /var/log/mosquitto before
starting.
- Don't quit with an error if opening the log file isn't possible.
- Fix bridge topic remapping when using "" as the topic.
- Fix messages being queued for disconnected bridges when clean
start was set to true.
- Fix `autosave_interval` not being triggered by messages being
delivered.
- Fix websockets clients sometimes not being disconnected promptly.
- Fix "slow" file based logging by switching to line based
buffering.
- Log protocol error message where appropriate from a bad
UNSUBSCRIBE, rather than the generic "socket error".
- Don't try to start DLT logging if DLT unavailable, to avoid a
long delay when shutting down the broker.
- Fix potential memory leaks.
- Fix clients not receiving messages after a previous client with
the same client ID and positive will delay interval quit.
- Fix overly broad HAVE_PTHREAD_CANCEL compile guard.
Client library:
- Improved documentation around connect callback return codes.
- Fix `mosquitto_publish*()` no longer returning
`MOSQ_ERR_NO_CONN` when not connected.
- `mosquitto_loop_start()` now sets a thread name on Linux,
FreeBSD, NetBSD, and OpenBSD.
- Fix `mosquitto_loop_stop()` not stopping on Windows.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Drop upstreamed patch
Fixed compatibility with g++-10
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add patches to fix build with clang-11
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
chmod g+r ca.key
openssl pkcs12 -in server.p12 -out server.pem -passin pass:'whatever' -passout pass:'whatever'
chmod g+r server.pem
C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
error 7 at 0 depth lookup: certificate signature failure
140066667427072:error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for modulus:../openssl-1.1.1g/crypto/rsa/rsa_ossl.c:553:
140066667427072:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:../openssl-1.1.1g/crypto/asn1/a_verify.c:170:
error server.pem: verification failed
make: *** [Makefile:107: server.vrfy] Error 2
It seems the ca.pem mismatchs server.pem which results in failing to
execute "openssl verify -CAfile ca.pem server.pem", so add the logic
to check the file to avoid inconsistency.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
It fails to compile rdist occasionally when system load of build server
is high:
| In file included from common.c:57:
| ../include/defs.h:49:10: fatal error: y.tab.h: No such file or directory
| 49 | #include "y.tab.h"
| | ^~~~~~~~~
| compilation terminated.
Make $(COMMONOBJS) which include common.o to depends on related header files
and y.tab.h to fix the parallel build failure.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This is a security release in order to address the following defects:
CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
DC LDAP Server with ASQ, VLV and paged_results.
CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU
CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
paged_results and VLV.
CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
Also backport 3 patches to fix build error with musl.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
nft build dependency has been removed in @3f7419dcb50a5bdcf800512d2491.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
License checksum changed due to modified copyright years.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
nngpp is a c++ wrapper for nng
Signed-off-by: Johan Jeppsson <johanje@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This is seen with glibc 2.32 where these names are also defined
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
NetworkManager depends on libudev, but not on libgudev.
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
nmcli depends on libreadline which is licensed under GPLv3.
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes the occasional error:
# cd /etc/raddb/certs
# ./bootstrap
[snip]
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key 'whatever' -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
Using configuration from ./client.cnf
Check that the request matches the signature
Signature ok
ERROR:There is already a certificate for /C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
The matching entry has the following details
Type :Valid
Expires on :200908024833Z
Serial Number :02
File name :unknown
Subject Name :/C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
make: *** [Makefile:128: client.crt] Error 1
Add the check to fix the above error and it does the same for server.crt.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Since networkmanager: upgrade 1.22.10 -> 1.22.14, it added a new
build option 'firewalld-zone', while enabling multilib, there is
a QA issue
...
ERROR: QA Issue: networkmanager: Files/directories were installed but not shipped in any package:
/usr/lib/firewalld
/usr/lib/firewalld/zones
/usr/lib/firewalld/zones/nm-shared.xml
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
See full changelogs
- https://github.com/firewalld/firewalld/releases/tag/v0.7.4
- https://github.com/firewalld/firewalld/releases/tag/v0.7.5
Make documentation build optional.
Delete RedHat specific modprobe config file.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
2.1.3
Changes
* Force cython to use python language version 3
Bugs fixed
* Fix tooltip not updating when bluetooth is disabled
* Fix dbus timeout in DhcClient
* Call the right method when pulseaudio crashes
* Handle os.remove failing
2.1.2
Bugs fixed
* Signal bar updates with multiple adapters
* Pairing with pincode
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
================================================
NetworkManager-1.22.14
Overview of changes since NetworkManager-1.22.12
================================================
This is a new stable release of NetworkManager. Notable changes include:
* ifcfg-rh: handle "802-1x.{,phase2-}ca-path". Otherwise setting this
property silently fails and a profile might accidentally not perform
any authentication (CVE-2020-10754).
* ifcfg-rh: handle 802-1x.pin properties.
================================================
NetworkManager-1.22.12
Overview of changes since NetworkManager-1.22.10
================================================
This is a new stable release of NetworkManager. Notable changes include:
* Fix a bug preventing lease renewal in the internal DHCP client.
* Add a new build option 'firewalld-zone'; when enabled,
NetworkManager installs a firewalld zone for connection sharing and
puts interfaces using IPv4 or IPv6 shared mode in this zone during
activation. The option is enabled by default.
Note that NetworkManager still calls to iptables to enable
masquerading and open needed ports for DHCP and DNS. The new option
is useful on systems using firewalld with the nftables backend,
where the iptables rules would not be sufficient.
* Support changing the MTU of OVS interfaces.
* Better handle a restart of ovsdb process.
* Support the 'no-reload' and 'trust-ad' resolv.conf options.
* Various minor bug fixes and improvements.
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Main new features of netplan release 0.99:
- YAML parser is now in a separate library named libnetplan
- Systemd unit file for launching WPA Supplicant with netplan
configuration is now generated at runtime
See here for a full comparison:
https://github.com/CanonicalLtd/netplan/compare/0.98...0.99
Signed-off-by: Jacopo Dall'Aglio <jacopo.dallaglio@kynetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The "ssl" PACKAGECONFIG setting contains WITH_EC_OFF instead of
WITH_EC=OFF, resulting in a build break when "ssl" is not set.
Signed-off-by: Martin Kelly <mkelly@xevo.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Martin Kelly <mkelly@xevo.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
-0001-chdeck-for-gettid-API-during-configure.patch
Removed since this is included in 2.9.16
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
zangrc
Mark Jonas
Yi Zhao
Alexander Vickberg
Winfried Dobbe
Romain Naour
Robert Yang
Todd Cunningham
Armin Kuster
Leon Anavi
Khem Raj
Jack Mitchell
Jens Rehsack
Colin McAllister
Mingli Yu
Kai Kang
Oleksandr Kravchuk
Johan Jeppsson
Christian Eggers
Hongxu Jia
Adrian
Andreas Müller
Jacopo Dall'Aglio
Martin Kelly
Zheng Ruoqin