diff options
Diffstat (limited to 'meta/recipes-connectivity')
191 files changed, 4570 insertions, 6734 deletions
diff --git a/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb b/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb deleted file mode 100644 index 1510a0ef4f..0000000000 --- a/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb +++ /dev/null @@ -1,54 +0,0 @@ -require avahi.inc - -inherit features_check -ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" - -DEPENDS += "avahi" - -AVAHI_GTK = "gtk3" - -S = "${WORKDIR}/avahi-${PV}" - -PACKAGES += "${PN}-utils avahi-discover" - -FILES_${PN} = "${libdir}/libavahi-ui*.so.*" -FILES_${PN}-utils = "${bindir}/b* ${datadir}/applications/b*" -FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \ - ${datadir}/avahi/interfaces/avahi-discover.ui \ - ${bindir}/avahi-discover-standalone \ - " - -do_install_append () { - rm ${D}${sysconfdir} -rf - if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)}; then - if [ "${nonarch_base_libdir}" != "${base_libdir}" ];then - rm ${D}${nonarch_base_libdir} -rf - fi - else - rm ${D}${base_libdir} -rf - fi - rm ${D}${systemd_unitdir} -rf - # The ${systemd_unitdir} is /lib/systemd, so we need rmdir /lib, - # but not ${base_libdir} here. And the /lib may not exist - # whithout systemd. - [ ! -d ${D}/lib ] || rmdir ${D}/lib --ignore-fail-on-non-empty - rm ${D}${bindir}/avahi-b* - rm ${D}${bindir}/avahi-p* - rm ${D}${bindir}/avahi-r* - rm ${D}${bindir}/avahi-s* - rm ${D}${includedir}/avahi-c* -rf - rm ${D}${includedir}/avahi-g* -rf - rm ${D}${libdir}/libavahi-c* - rm ${D}${libdir}/libavahi-g* - rm ${D}${libdir}/pkgconfig/avahi-c* - rm ${D}${libdir}/pkgconfig/avahi-g* - rm ${D}${sbindir} -rf - rm ${D}${datadir}/avahi/a* - rm ${D}${datadir}/locale/ -rf - rm ${D}${datadir}/dbus* -rf - rm ${D}${mandir}/man1/a* - rm ${D}${mandir}/man5 -rf - rm ${D}${mandir}/man8 -rf - rm ${D}${libdir}/girepository-1.0/ -rf - rm ${D}${datadir}/gir-1.0/ -rf -} diff --git a/meta/recipes-connectivity/avahi/avahi.inc b/meta/recipes-connectivity/avahi/avahi.inc deleted file mode 100644 index 94fe6a16b6..0000000000 --- a/meta/recipes-connectivity/avahi/avahi.inc +++ /dev/null @@ -1,86 +0,0 @@ -SUMMARY = "Avahi IPv4LL network address configuration daemon" -DESCRIPTION = 'Avahi is a fully LGPL framework for Multicast DNS Service Discovery. It \ -allows programs to publish and discover services and hosts running on a local network \ -with no specific configuration. This tool implements IPv4LL, "Dynamic Configuration of \ -IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \ -configuration from the link-local 169.254.0.0/16 range without the need for a central \ -server.' -AUTHOR = "Lennart Poettering <lennart@poettering.net>" -HOMEPAGE = "http://avahi.org" -BUGTRACKER = "https://github.com/lathiat/avahi/issues" -SECTION = "network" - -# major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and -# python scripts are under GPLv2+ -LICENSE = "GPLv2+ & LGPLv2.1+" -LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ - file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ - file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ - file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ - file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" - -SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz \ - file://fix-CVE-2017-6519.patch \ - " - -UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" -SRC_URI[md5sum] = "d76c59d0882ac6c256d70a2a585362a6" -SRC_URI[sha256sum] = "57a99b5dfe7fdae794e3d1ee7a62973a368e91e414bd0dfa5d84434de5b14804" - -DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native" - -# For gtk related PACKAGECONFIGs: gtk, gtk3 -AVAHI_GTK ?= "" - -PACKAGECONFIG ??= "dbus ${AVAHI_GTK}" -PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" -PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+" -PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3" -PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus" - -inherit autotools pkgconfig gettext gobject-introspection - -EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ - --disable-stack-protector \ - --disable-gdbm \ - --disable-mono \ - --disable-monodoc \ - --disable-qt3 \ - --disable-qt4 \ - --disable-python \ - --disable-doxygen-doc \ - --enable-manpages \ - ${EXTRA_OECONF_SYSVINIT} \ - ${EXTRA_OECONF_SYSTEMD} \ - " - -# The distro choice determines what init scripts are installed -EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}" -EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_unitdir}/system/','--without-systemdsystemunitdir',d)}" - -do_configure_prepend() { - sed 's:AM_CHECK_PYMOD:echo "no pymod" #AM_CHECK_PYMOD:g' -i ${S}/configure.ac - - # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes - rm "${S}/common/introspection.m4" || true -} - -do_compile_prepend() { - export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs" -} - -RRECOMMENDS_${PN}_append_libc-glibc = " libnss-mdns" - -do_install() { - autotools_do_install - rm -rf ${D}/run - rm -rf ${D}${datadir}/dbus-1/interfaces - test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 - rm -rf ${D}${libdir}/avahi -} - -PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}" - -FILES_libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*" - -RPROVIDES_libavahi-compat-libdnssd = "libdns-sd" diff --git a/meta/recipes-connectivity/avahi/avahi_0.7.bb b/meta/recipes-connectivity/avahi/avahi_0.7.bb deleted file mode 100644 index 2e04d304c7..0000000000 --- a/meta/recipes-connectivity/avahi/avahi_0.7.bb +++ /dev/null @@ -1,81 +0,0 @@ -require avahi.inc - -SRC_URI += "file://00avahi-autoipd \ - file://99avahi-autoipd \ - file://initscript.patch \ - file://0001-Fix-opening-etc-resolv.conf-error.patch \ - " - -inherit update-rc.d systemd useradd - -PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils" - -# As avahi doesn't put any files into PN, clear the files list to avoid problems -# if extra libraries appear. -FILES_${PN} = "" -FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \ - ${sysconfdir}/avahi/avahi-autoipd.action \ - ${sysconfdir}/dhcp/*/avahi-autoipd \ - ${sysconfdir}/udhcpc.d/00avahi-autoipd \ - ${sysconfdir}/udhcpc.d/99avahi-autoipd" -FILES_libavahi-common = "${libdir}/libavahi-common.so.*" -FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" -FILES_avahi-daemon = "${sbindir}/avahi-daemon \ - ${sysconfdir}/avahi/avahi-daemon.conf \ - ${sysconfdir}/avahi/hosts \ - ${sysconfdir}/avahi/services \ - ${sysconfdir}/dbus-1 \ - ${sysconfdir}/init.d/avahi-daemon \ - ${datadir}/avahi/introspection/*.introspect \ - ${datadir}/avahi/avahi-service.dtd \ - ${datadir}/avahi/service-types \ - ${datadir}/dbus-1/system-services" -FILES_libavahi-client = "${libdir}/libavahi-client.so.*" -FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ - ${sysconfdir}/avahi/avahi-dnsconfd.action \ - ${sysconfdir}/init.d/avahi-dnsconfd" -FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*" -FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" -FILES_avahi-utils = "${bindir}/avahi-*" - -RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})" -RDEPENDS_${PN}-dev += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}" - -RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns" - -CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf" - -USERADD_PACKAGES = "avahi-daemon avahi-autoipd" -USERADD_PARAM_avahi-daemon = "--system --home /run/avahi-daemon \ - --no-create-home --shell /bin/false \ - --user-group avahi" - -USERADD_PARAM_avahi-autoipd = "--system --home /run/avahi-autoipd \ - --no-create-home --shell /bin/false \ - --user-group \ - -c \"Avahi autoip daemon\" \ - avahi-autoipd" - -INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd" -INITSCRIPT_NAME_avahi-daemon = "avahi-daemon" -INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19" -INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd" -INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19" - -SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd" -SYSTEMD_SERVICE_${PN}-daemon = "avahi-daemon.service" -SYSTEMD_SERVICE_${PN}-dnsconfd = "avahi-dnsconfd.service" - -do_install_append() { - install -d ${D}${sysconfdir}/udhcpc.d - install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d - install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d -} - -# At the time the postinst runs, dbus might not be setup so only restart if running -# Don't exit early, because update-rc.d needs to run subsequently. -pkg_postinst_avahi-daemon () { -if [ -z "$D" ]; then - killall -q -HUP dbus-daemon || true -fi -} diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb new file mode 100644 index 0000000000..a78e776a18 --- /dev/null +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -0,0 +1,198 @@ +SUMMARY = "Avahi IPv4LL network address configuration daemon" +DESCRIPTION = 'Avahi is a fully LGPL framework for Multicast DNS Service Discovery. It \ +allows programs to publish and discover services and hosts running on a local network \ +with no specific configuration. This tool implements IPv4LL, "Dynamic Configuration of \ +IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \ +configuration from the link-local 169.254.0.0/16 range without the need for a central \ +server.' +HOMEPAGE = "http://avahi.org" +BUGTRACKER = "https://github.com/avahi/avahi/issues" +SECTION = "network" + +# major part is under LGPL-2.1-or-later, but several .dtd, .xsl, initscripts and +# python scripts are under GPL-2.0-or-later +LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later" +LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ + file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ + file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ + file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ + file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" + +SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \ + file://00avahi-autoipd \ + file://99avahi-autoipd \ + file://initscript.patch \ + file://0001-Fix-opening-etc-resolv.conf-error.patch \ + file://handle-hup.patch \ + file://local-ping.patch \ + file://invalid-service.patch \ + file://CVE-2023-1981.patch \ + file://CVE-2023-38469-1.patch \ + file://CVE-2023-38469-2.patch \ + file://CVE-2023-38470-1.patch \ + file://CVE-2023-38470-2.patch \ + file://CVE-2023-38471-1.patch \ + file://CVE-2023-38471-2.patch \ + file://CVE-2023-38472.patch \ + file://CVE-2023-38473.patch \ + " + +GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/" +SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda" + +CVE_STATUS[CVE-2021-26720] = "not-applicable-platform: Issue only affects Debian/SUSE" + +DEPENDS = "expat libcap libdaemon glib-2.0 glib-2.0-native" + +# For gtk related PACKAGECONFIGs: gtk, gtk3 +AVAHI_GTK ?= "" + +PACKAGECONFIG ??= "dbus ${@bb.utils.contains_any('DISTRO_FEATURES','x11 wayland','${AVAHI_GTK}','',d)}" +PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" +PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+" +PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3" +PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus" +PACKAGECONFIG[libevent] = "--enable-libevent,--disable-libevent,libevent" +PACKAGECONFIG[qt5] = "--enable-qt5,--disable-qt5,qtbase" + +inherit autotools pkgconfig gettext gobject-introspection github-releases + +EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ + --disable-stack-protector \ + --disable-gdbm \ + --disable-dbm \ + --disable-mono \ + --disable-monodoc \ + --disable-qt3 \ + --disable-qt4 \ + --disable-python \ + --disable-doxygen-doc \ + --enable-manpages \ + ${EXTRA_OECONF_SYSVINIT} \ + ${EXTRA_OECONF_SYSTEMD} \ + " + +# The distro choice determines what init scripts are installed +EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}" +EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_system_unitdir}/','--without-systemdsystemunitdir',d)}" + +do_configure:prepend() { + # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes + rm "${S}/common/introspection.m4" || true +} + +do_compile:prepend() { + export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs" +} + +RRECOMMENDS:${PN}:append:libc-glibc = " libnss-mdns" + +do_install() { + autotools_do_install + rm -rf ${D}/run + test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 + rm -rf ${D}${libdir}/avahi + + # Move example service files out of /etc/avahi/services so we don't + # advertise ssh & sftp-ssh by default + install -d ${D}${docdir}/avahi + mv ${D}${sysconfdir}/avahi/services/* ${D}${docdir}/avahi +} + +PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}" + +FILES:libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*" + +RPROVIDES:libavahi-compat-libdnssd = "libdns-sd" + +inherit update-rc.d systemd useradd + +PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils avahi-discover avahi-ui" + +FILES:avahi-ui = "${libdir}/libavahi-ui*.so.*" +FILES:avahi-discover = "${datadir}/applications/avahi-discover.desktop \ + ${datadir}/avahi/interfaces/avahi-discover.ui \ + ${bindir}/avahi-discover-standalone \ + " + +LICENSE:libavahi-gobject = "LGPL-2.1-or-later" +LICENSE:avahi-daemon = "LGPL-2.1-or-later" +LICENSE:libavahi-common = "LGPL-2.1-or-later" +LICENSE:libavahi-core = "LGPL-2.1-or-later" +LICENSE:libavahi-client = "LGPL-2.1-or-later" +LICENSE:avahi-dnsconfd = "LGPL-2.1-or-later" +LICENSE:libavahi-glib = "LGPL-2.1-or-later" +LICENSE:avahi-autoipd = "LGPL-2.1-or-later" +LICENSE:avahi-utils = "LGPL-2.1-or-later" + +# As avahi doesn't put any files into PN, clear the files list to avoid problems +# if extra libraries appear. +FILES:${PN} = "" +FILES:avahi-autoipd = "${sbindir}/avahi-autoipd \ + ${sysconfdir}/avahi/avahi-autoipd.action \ + ${sysconfdir}/dhcp/*/avahi-autoipd \ + ${sysconfdir}/udhcpc.d/00avahi-autoipd \ + ${sysconfdir}/udhcpc.d/99avahi-autoipd" +FILES:libavahi-common = "${libdir}/libavahi-common.so.*" +FILES:libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" +FILES:avahi-daemon = "${sbindir}/avahi-daemon \ + ${sysconfdir}/avahi/avahi-daemon.conf \ + ${sysconfdir}/avahi/hosts \ + ${sysconfdir}/avahi/services \ + ${sysconfdir}/dbus-1 \ + ${sysconfdir}/init.d/avahi-daemon \ + ${datadir}/dbus-1/interfaces \ + ${datadir}/avahi/avahi-service.dtd \ + ${datadir}/avahi/service-types \ + ${datadir}/dbus-1/system-services" +FILES:libavahi-client = "${libdir}/libavahi-client.so.*" +FILES:avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ + ${sysconfdir}/avahi/avahi-dnsconfd.action \ + ${sysconfdir}/init.d/avahi-dnsconfd" +FILES:libavahi-glib = "${libdir}/libavahi-glib.so.*" +FILES:libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" +FILES:avahi-utils = "${bindir}/avahi-* ${bindir}/b* ${datadir}/applications/b*" + +DEV_PKG_DEPENDENCY = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})" +DEV_PKG_DEPENDENCY += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}" +RDEPENDS:${PN}-dnsconfd = "${PN}-daemon" + +RRECOMMENDS:avahi-daemon:append:libc-glibc = " libnss-mdns" + +CONFFILES:avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf" + +USERADD_PACKAGES = "avahi-daemon avahi-autoipd" +USERADD_PARAM:avahi-daemon = "--system --home /run/avahi-daemon \ + --no-create-home --shell /bin/false \ + --user-group avahi" + +USERADD_PARAM:avahi-autoipd = "--system --home /run/avahi-autoipd \ + --no-create-home --shell /bin/false \ + --user-group \ + -c \"Avahi autoip daemon\" \ + avahi-autoipd" + +INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd" +INITSCRIPT_NAME:avahi-daemon = "avahi-daemon" +INITSCRIPT_PARAMS:avahi-daemon = "defaults 21 19" +INITSCRIPT_NAME:avahi-dnsconfd = "avahi-dnsconfd" +INITSCRIPT_PARAMS:avahi-dnsconfd = "defaults 22 19" + +SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd" +SYSTEMD_SERVICE:${PN}-daemon = "avahi-daemon.service" +SYSTEMD_SERVICE:${PN}-dnsconfd = "avahi-dnsconfd.service" + +do_install:append() { + install -d ${D}${sysconfdir}/udhcpc.d + install ${UNPACKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d + install ${UNPACKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d +} + +# At the time the postinst runs, dbus might not be setup so only restart if running +# Don't exit early, because update-rc.d needs to run subsequently. +pkg_postinst:avahi-daemon () { +if [ -z "$D" ]; then + killall -q -HUP dbus-daemon || true +fi +} + diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch new file mode 100644 index 0000000000..4d7924d13a --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch @@ -0,0 +1,58 @@ +From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com> +Date: Thu, 17 Nov 2022 01:51:53 +0100 +Subject: [PATCH] Emit error if requested service is not found + +It currently just crashes instead of replying with error. Check return +value and emit error instead of passing NULL pointer to reply. + +Fixes #375 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-1981.patch?h=ubuntu/jammy-security +Upstream commit https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f] +CVE: CVE-2023-1981 +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------ + 1 file changed, 14 insertions(+), 6 deletions(-) + +diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c +index 70d7687bc..406d0b441 100644 +--- a/avahi-daemon/dbus-protocol.c ++++ b/avahi-daemon/dbus-protocol.c +@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM + } + + t = avahi_alternative_host_name(n); +- avahi_dbus_respond_string(c, m, t); +- avahi_free(t); ++ if (t) { ++ avahi_dbus_respond_string(c, m, t); ++ avahi_free(t); + +- return DBUS_HANDLER_RESULT_HANDLED; ++ return DBUS_HANDLER_RESULT_HANDLED; ++ } else { ++ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found"); ++ } + } + + static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) { +@@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB + } + + t = avahi_alternative_service_name(n); +- avahi_dbus_respond_string(c, m, t); +- avahi_free(t); ++ if (t) { ++ avahi_dbus_respond_string(c, m, t); ++ avahi_free(t); + +- return DBUS_HANDLER_RESULT_HANDLED; ++ return DBUS_HANDLER_RESULT_HANDLED; ++ } else { ++ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found"); ++ } + } + + static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) { diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch new file mode 100644 index 0000000000..a078f66102 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch @@ -0,0 +1,48 @@ +From 72842945085cc3adaccfdfa2853771b0e75ef991 Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin <evvers@ya.ru> +Date: Mon, 23 Oct 2023 20:29:31 +0000 +Subject: [PATCH] avahi: core: reject overly long TXT resource records + +Closes https://github.com/lathiat/avahi/issues/455 + +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf] +CVE: CVE-2023-38469 + +Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> +--- + avahi-core/rr.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/avahi-core/rr.c b/avahi-core/rr.c +index 7fa0bee..b03a24c 100644 +--- a/avahi-core/rr.c ++++ b/avahi-core/rr.c +@@ -32,6 +32,7 @@ + #include <avahi-common/malloc.h> + #include <avahi-common/defs.h> + ++#include "dns.h" + #include "rr.h" + #include "log.h" + #include "util.h" +@@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) { + case AVAHI_DNS_TYPE_TXT: { + + AvahiStringList *strlst; ++ size_t used = 0; + +- for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) ++ for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) { + if (strlst->size > 255 || strlst->size <= 0) + return 0; + ++ used += 1+strlst->size; ++ if (used > AVAHI_DNS_RDATA_MAX) ++ return 0; ++ } ++ + return 1; + } + } +-- +2.40.0 diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch new file mode 100644 index 0000000000..f8f60ddca1 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch @@ -0,0 +1,65 @@ +From c6cab87df290448a63323c8ca759baa516166237 Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin <evvers@ya.ru> +Date: Wed, 25 Oct 2023 18:15:42 +0000 +Subject: [PATCH] tests: pass overly long TXT resource records + +to make sure they don't crash avahi any more. +It reproduces https://github.com/lathiat/avahi/issues/455 + +Canonical notes: +nickgalanis> removed first hunk since there is no .github dir in this release + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38469-2.patch?h=ubuntu/jammy-security +Upstream commit https://github.com/lathiat/avahi/commit/c6cab87df290448a63323c8ca759baa516166237] +CVE: CVE-2023-38469 +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + avahi-client/client-test.c | 14 ++++++++++++++ + 1 files changed, 14 insertions(+) + +Index: avahi-0.8/avahi-client/client-test.c +=================================================================== +--- avahi-0.8.orig/avahi-client/client-test.c ++++ avahi-0.8/avahi-client/client-test.c +@@ -22,6 +22,7 @@ + #endif + + #include <stdio.h> ++#include <string.h> + #include <assert.h> + + #include <avahi-client/client.h> +@@ -33,6 +34,8 @@ + #include <avahi-common/malloc.h> + #include <avahi-common/timeval.h> + ++#include <avahi-core/dns.h> ++ + static const AvahiPoll *poll_api = NULL; + static AvahiSimplePoll *simple_poll = NULL; + +@@ -222,6 +225,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA + uint32_t cookie; + struct timeval tv; + AvahiAddress a; ++ uint8_t rdata[AVAHI_DNS_RDATA_MAX+1]; ++ AvahiStringList *txt = NULL; ++ int r; + + simple_poll = avahi_simple_poll_new(); + poll_api = avahi_simple_poll_get(simple_poll); +@@ -258,6 +264,14 @@ int main (AVAHI_GCC_UNUSED int argc, AVA + printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, NULL, 80, "foo=bar", NULL))); + printf("add_record: %d\n", avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", 6)); + ++ memset(rdata, 1, sizeof(rdata)); ++ r = avahi_string_list_parse(rdata, sizeof(rdata), &txt); ++ assert(r >= 0); ++ assert(avahi_string_list_serialize(txt, NULL, 0) == sizeof(rdata)); ++ error = avahi_entry_group_add_service_strlst(group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", "_qotd._tcp", NULL, NULL, 123, txt); ++ assert(error == AVAHI_ERR_INVALID_RECORD); ++ avahi_string_list_free(txt); ++ + avahi_entry_group_commit (group); + + domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u"); diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch new file mode 100644 index 0000000000..91f9e677ac --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch @@ -0,0 +1,59 @@ +From af7bfad67ca53a7c4042a4a2d85456b847e9f249 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com> +Date: Tue, 11 Apr 2023 15:29:59 +0200 +Subject: [PATCH] avahi: Ensure each label is at least one byte long + +The only allowed exception is single dot, where it should return empty +string. + +Fixes #454. + +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c] +CVE: CVE-2023-38470 + +Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> +--- + avahi-common/domain-test.c | 14 ++++++++++++++ + avahi-common/domain.c | 2 +- + 2 files changed, 15 insertions(+), 1 deletion(-) + +diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c +index cf763ec..3acc1c1 100644 +--- a/avahi-common/domain-test.c ++++ b/avahi-common/domain-test.c +@@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { + printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo.")); + avahi_free(s); + ++ printf("%s\n", s = avahi_normalize_name_strdup(".")); ++ avahi_free(s); ++ ++ s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}." ++ "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}" ++ ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`" ++ "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?." ++ "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}." ++ "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?" ++ "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM." ++ "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?." ++ "}.?.?.?.}.=.?.?.}"); ++ assert(s == NULL); ++ + printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff")); + printf("%i\n", avahi_domain_equal("A", "a")); + +diff --git a/avahi-common/domain.c b/avahi-common/domain.c +index 3b1ab68..e66d241 100644 +--- a/avahi-common/domain.c ++++ b/avahi-common/domain.c +@@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) { + } + + if (!empty) { +- if (size < 1) ++ if (size < 2) + return NULL; + + *(r++) = '.'; +-- +2.40.0 diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch new file mode 100644 index 0000000000..e0736bf210 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch @@ -0,0 +1,52 @@ +From 20dec84b2480821704258bc908e7b2bd2e883b24 Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin <evvers@ya.ru> +Date: Tue, 19 Sep 2023 03:21:25 +0000 +Subject: [PATCH] [common] bail out when escaped labels can't fit into ret + +Fixes: +``` +==93410==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f9e76f14c16 at pc 0x00000047208d bp 0x7ffee90a6a00 sp 0x7ffee90a61c8 +READ of size 1110 at 0x7f9e76f14c16 thread T0 + #0 0x47208c in __interceptor_strlen (out/fuzz-domain+0x47208c) (BuildId: 731b20c1eef22c2104e75a6496a399b10cfc7cba) + #1 0x534eb0 in avahi_strdup avahi/avahi-common/malloc.c:167:12 + #2 0x53862c in avahi_normalize_name_strdup avahi/avahi-common/domain.c:226:12 +``` +and +``` +fuzz-domain: fuzz/fuzz-domain.c:38: int LLVMFuzzerTestOneInput(const uint8_t *, size_t): Assertion `avahi_domain_equal(s, t)' failed. +==101571== ERROR: libFuzzer: deadly signal + #0 0x501175 in __sanitizer_print_stack_trace (/home/vagrant/avahi/out/fuzz-domain+0x501175) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8) + #1 0x45ad2c in fuzzer::PrintStackTrace() (/home/vagrant/avahi/out/fuzz-domain+0x45ad2c) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8) + #2 0x43fc07 in fuzzer::Fuzzer::CrashCallback() (/home/vagrant/avahi/out/fuzz-domain+0x43fc07) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8) + #3 0x7f1581d7ebaf (/lib64/libc.so.6+0x3dbaf) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) + #4 0x7f1581dcf883 in __pthread_kill_implementation (/lib64/libc.so.6+0x8e883) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) + #5 0x7f1581d7eafd in gsignal (/lib64/libc.so.6+0x3dafd) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) + #6 0x7f1581d6787e in abort (/lib64/libc.so.6+0x2687e) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) + #7 0x7f1581d6779a in __assert_fail_base.cold (/lib64/libc.so.6+0x2679a) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) + #8 0x7f1581d77186 in __assert_fail (/lib64/libc.so.6+0x36186) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) + #9 0x5344a4 in LLVMFuzzerTestOneInput /home/vagrant/avahi/fuzz/fuzz-domain.c:38:9 +``` + +It's a follow-up to 94cb6489114636940ac683515417990b55b5d66c + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38470-2.patch?h=ubuntu/jammy-security +CVE: CVE-2023-38470 #Follow-up patch +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + avahi-common/domain.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +Index: avahi-0.8/avahi-common/domain.c +=================================================================== +--- avahi-0.8.orig/avahi-common/domain.c ++++ avahi-0.8/avahi-common/domain.c +@@ -210,7 +210,8 @@ char *avahi_normalize_name(const char *s + } else + empty = 0; + +- avahi_escape_label(label, strlen(label), &r, &size); ++ if (!(avahi_escape_label(label, strlen(label), &r, &size))) ++ return NULL; + } + + return ret_s; diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch new file mode 100644 index 0000000000..b3f716495d --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch @@ -0,0 +1,73 @@ +From 48d745db7fd554fc33e96ec86d3675ebd530bb8e Mon Sep 17 00:00:00 2001 +From: Michal Sekletar <msekleta@redhat.com> +Date: Mon, 23 Oct 2023 13:38:35 +0200 +Subject: [PATCH] avahi: core: extract host name using avahi_unescape_label() + +Previously we could create invalid escape sequence when we split the +string on dot. For example, from valid host name "foo\\.bar" we have +created invalid name "foo\\" and tried to set that as the host name +which crashed the daemon. + +Fixes #453 + +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09] +CVE: CVE-2023-38471 + +Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> +--- + avahi-core/server.c | 27 +++++++++++++++++++++------ + 1 file changed, 21 insertions(+), 6 deletions(-) + +diff --git a/avahi-core/server.c b/avahi-core/server.c +index e507750..40f1d68 100644 +--- a/avahi-core/server.c ++++ b/avahi-core/server.c +@@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s) { + } + + int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { +- char *hn = NULL; ++ char label_escaped[AVAHI_LABEL_MAX*4+1]; ++ char label[AVAHI_LABEL_MAX]; ++ char *hn = NULL, *h; ++ size_t len; ++ + assert(s); + + AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME); +@@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { + else + hn = avahi_normalize_name_strdup(host_name); + +- hn[strcspn(hn, ".")] = 0; ++ h = hn; ++ if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) { ++ avahi_free(h); ++ return AVAHI_ERR_INVALID_HOST_NAME; ++ } ++ ++ avahi_free(h); ++ ++ h = label_escaped; ++ len = sizeof(label_escaped); ++ if (!avahi_escape_label(label, strlen(label), &h, &len)) ++ return AVAHI_ERR_INVALID_HOST_NAME; + +- if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) { +- avahi_free(hn); ++ if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION) + return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE); +- } + + withdraw_host_rrs(s); + + avahi_free(s->host_name); +- s->host_name = hn; ++ s->host_name = avahi_strdup(label_escaped); ++ if (!s->host_name) ++ return AVAHI_ERR_NO_MEMORY; + + update_fqdn(s); + +-- +2.40.0 diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch new file mode 100644 index 0000000000..44737bfc2e --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch @@ -0,0 +1,52 @@ +From b675f70739f404342f7f78635d6e2dcd85a13460 Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin <evvers@ya.ru> +Date: Tue, 24 Oct 2023 22:04:51 +0000 +Subject: [PATCH] core: return errors from avahi_server_set_host_name properly + +It's a follow-up to 894f085f402e023a98cbb6f5a3d117bd88d93b09 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38471-2.patch?h=ubuntu/jammy-security +Upstream commit https://github.com/lathiat/avahi/commit/b675f70739f404342f7f78635d6e2dcd85a13460] +CVE: CVE-2023-38471 #Follow-up Patch +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + avahi-core/server.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +Index: avahi-0.8/avahi-core/server.c +=================================================================== +--- avahi-0.8.orig/avahi-core/server.c ++++ avahi-0.8/avahi-core/server.c +@@ -1309,10 +1309,13 @@ int avahi_server_set_host_name(AvahiServ + else + hn = avahi_normalize_name_strdup(host_name); + ++ if (!hn) ++ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); ++ + h = hn; + if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) { + avahi_free(h); +- return AVAHI_ERR_INVALID_HOST_NAME; ++ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); + } + + avahi_free(h); +@@ -1320,7 +1323,7 @@ int avahi_server_set_host_name(AvahiServ + h = label_escaped; + len = sizeof(label_escaped); + if (!avahi_escape_label(label, strlen(label), &h, &len)) +- return AVAHI_ERR_INVALID_HOST_NAME; ++ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); + + if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION) + return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE); +@@ -1330,7 +1333,7 @@ int avahi_server_set_host_name(AvahiServ + avahi_free(s->host_name); + s->host_name = avahi_strdup(label_escaped); + if (!s->host_name) +- return AVAHI_ERR_NO_MEMORY; ++ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); + + update_fqdn(s); + diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch new file mode 100644 index 0000000000..85dbded73b --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch @@ -0,0 +1,46 @@ +From b024ae5749f4aeba03478e6391687c3c9c8dee40 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar <msekleta@redhat.com> +Date: Thu, 19 Oct 2023 17:36:44 +0200 +Subject: [PATCH] core: make sure there is rdata to process before parsing it + +Fixes #452 + +CVE-2023-38472 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38472.patch?h=ubuntu/jammy-security +Upstream commit https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40] +CVE: CVE-2023-38472 +Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + avahi-client/client-test.c | 3 +++ + avahi-daemon/dbus-entry-group.c | 2 +- + 2 files changed, 4 insertions(+), 1 deletion(-) + +Index: avahi-0.8/avahi-client/client-test.c +=================================================================== +--- avahi-0.8.orig/avahi-client/client-test.c ++++ avahi-0.8/avahi-client/client-test.c +@@ -272,6 +272,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA + assert(error == AVAHI_ERR_INVALID_RECORD); + avahi_string_list_free(txt); + ++ error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0); ++ assert(error != AVAHI_OK); ++ + avahi_entry_group_commit (group); + + domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u"); +Index: avahi-0.8/avahi-daemon/dbus-entry-group.c +=================================================================== +--- avahi-0.8.orig/avahi-daemon/dbus-entry-group.c ++++ avahi-0.8/avahi-daemon/dbus-entry-group.c +@@ -340,7 +340,7 @@ DBusHandlerResult avahi_dbus_msg_entry_g + if (!(r = avahi_record_new_full (name, clazz, type, ttl))) + return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, NULL); + +- if (avahi_rdata_parse (r, rdata, size) < 0) { ++ if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) { + avahi_record_unref (r); + return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, NULL); + } diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch new file mode 100644 index 0000000000..707acb60fe --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch @@ -0,0 +1,110 @@ +From 88cbbc48d5efff9726694557ca6c3f698f3affe4 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar <msekleta@redhat.com> +Date: Wed, 11 Oct 2023 17:45:44 +0200 +Subject: [PATCH] avahi: common: derive alternative host name from its + unescaped version + +Normalization of input makes sure we don't have to deal with special +cases like unescaped dot at the end of label. + +Fixes #451 #487 + +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797] +CVE: CVE-2023-38473 + +Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> +--- + avahi-common/alternative-test.c | 3 +++ + avahi-common/alternative.c | 27 +++++++++++++++++++-------- + 2 files changed, 22 insertions(+), 8 deletions(-) + +diff --git a/avahi-common/alternative-test.c b/avahi-common/alternative-test.c +index 9255435..681fc15 100644 +--- a/avahi-common/alternative-test.c ++++ b/avahi-common/alternative-test.c +@@ -31,6 +31,9 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { + const char* const test_strings[] = { + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXüüüüüüü", ++ ").", ++ "\\.", ++ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\\\", + "gurke", + "-", + " #", +diff --git a/avahi-common/alternative.c b/avahi-common/alternative.c +index b3d39f0..a094e6d 100644 +--- a/avahi-common/alternative.c ++++ b/avahi-common/alternative.c +@@ -49,15 +49,20 @@ static void drop_incomplete_utf8(char *c) { + } + + char *avahi_alternative_host_name(const char *s) { ++ char label[AVAHI_LABEL_MAX], alternative[AVAHI_LABEL_MAX*4+1]; ++ char *alt, *r, *ret; + const char *e; +- char *r; ++ size_t len; + + assert(s); + + if (!avahi_is_valid_host_name(s)) + return NULL; + +- if ((e = strrchr(s, '-'))) { ++ if (!avahi_unescape_label(&s, label, sizeof(label))) ++ return NULL; ++ ++ if ((e = strrchr(label, '-'))) { + const char *p; + + e++; +@@ -74,19 +79,18 @@ char *avahi_alternative_host_name(const char *s) { + + if (e) { + char *c, *m; +- size_t l; + int n; + + n = atoi(e)+1; + if (!(m = avahi_strdup_printf("%i", n))) + return NULL; + +- l = e-s-1; ++ len = e-label-1; + +- if (l >= AVAHI_LABEL_MAX-1-strlen(m)-1) +- l = AVAHI_LABEL_MAX-1-strlen(m)-1; ++ if (len >= AVAHI_LABEL_MAX-1-strlen(m)-1) ++ len = AVAHI_LABEL_MAX-1-strlen(m)-1; + +- if (!(c = avahi_strndup(s, l))) { ++ if (!(c = avahi_strndup(label, len))) { + avahi_free(m); + return NULL; + } +@@ -100,7 +104,7 @@ char *avahi_alternative_host_name(const char *s) { + } else { + char *c; + +- if (!(c = avahi_strndup(s, AVAHI_LABEL_MAX-1-2))) ++ if (!(c = avahi_strndup(label, AVAHI_LABEL_MAX-1-2))) + return NULL; + + drop_incomplete_utf8(c); +@@ -109,6 +113,13 @@ char *avahi_alternative_host_name(const char *s) { + avahi_free(c); + } + ++ alt = alternative; ++ len = sizeof(alternative); ++ ret = avahi_escape_label(r, strlen(r), &alt, &len); ++ ++ avahi_free(r); ++ r = avahi_strdup(ret); ++ + assert(avahi_is_valid_host_name(r)); + + return r; +-- +2.40.0 diff --git a/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch b/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch deleted file mode 100644 index 7461fe193d..0000000000 --- a/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch +++ /dev/null @@ -1,48 +0,0 @@ -Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/e111def] - -CVE: CVE-2017-6519 - -Signed-off-by: Kai Kang <kai.kang@windriver.com> - -From e111def44a7df4624a4aa3f85fe98054bffb6b4f Mon Sep 17 00:00:00 2001 -From: Trent Lloyd <trent@lloyd.id.au> -Date: Sat, 22 Dec 2018 09:06:07 +0800 -Subject: [PATCH] Drop legacy unicast queries from address not on local link - -When handling legacy unicast queries, ensure that the source IP is -inside a subnet on the local link, otherwise drop the packet. - -Fixes #145 -Fixes #203 -CVE-2017-6519 -CVE-2018-1000845 ---- - avahi-core/server.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/avahi-core/server.c b/avahi-core/server.c -index a2cb19a8..a2580e38 100644 ---- a/avahi-core/server.c -+++ b/avahi-core/server.c -@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres - - if (avahi_dns_packet_is_query(p)) { - int legacy_unicast = 0; -+ char t[AVAHI_ADDRESS_STR_MAX]; - - /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the - * AR section completely here, so far. Until the day we add -@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres - legacy_unicast = 1; - } - -+ if (!is_mdns_mcast_address(dst_address) && -+ !avahi_interface_address_on_link(i, src_address)) { -+ -+ avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol); -+ return; -+ } -+ - if (legacy_unicast) - reflect_legacy_unicast_query_packet(s, p, i, src_address, port); - diff --git a/meta/recipes-connectivity/avahi/files/handle-hup.patch b/meta/recipes-connectivity/avahi/files/handle-hup.patch new file mode 100644 index 0000000000..26632e5443 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/handle-hup.patch @@ -0,0 +1,41 @@ +CVE: CVE-2021-3468 +Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/330] +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001 +From: Riccardo Schirone <sirmy15@gmail.com> +Date: Fri, 26 Mar 2021 11:50:24 +0100 +Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in + client_work + +If a client fills the input buffer, client_work() disables the +AVAHI_WATCH_IN event, thus preventing the function from executing the +`read` syscall the next times it is called. However, if the client then +terminates the connection, the socket file descriptor receives a HUP +event, which is not handled, thus the kernel keeps marking the HUP event +as occurring. While iterating over the file descriptors that triggered +an event, the client file descriptor will keep having the HUP event and +the client_work() function is always called with AVAHI_WATCH_HUP but +without nothing being done, thus entering an infinite loop. + +See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938 +--- + avahi-daemon/simple-protocol.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c +index 3e0ebb11..6c0274d6 100644 +--- a/avahi-daemon/simple-protocol.c ++++ b/avahi-daemon/simple-protocol.c +@@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv + } + } + ++ if (events & AVAHI_WATCH_HUP) { ++ client_free(c); ++ return; ++ } ++ + c->server->poll_api->watch_update( + watch, + (c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) | diff --git a/meta/recipes-connectivity/avahi/files/invalid-service.patch b/meta/recipes-connectivity/avahi/files/invalid-service.patch new file mode 100644 index 0000000000..8f188aff2c --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/invalid-service.patch @@ -0,0 +1,29 @@ +From 46490e95151d415cd22f02565e530eb5efcef680 Mon Sep 17 00:00:00 2001 +From: Asger Hautop Drewsen <asger@princh.com> +Date: Mon, 9 Aug 2021 14:25:08 +0200 +Subject: [PATCH] Fix avahi-browse: Invalid service type + +Invalid service types will stop the browse from completing, or +in simple terms "my washing machine stops me from printing". + +Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/472] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + avahi-core/browse-service.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c +index 63e0275a..ac3d2ecb 100644 +--- a/avahi-core/browse-service.c ++++ b/avahi-core/browse-service.c +@@ -103,7 +103,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_prepare( + AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_PROTO_VALID(protocol), AVAHI_ERR_INVALID_PROTOCOL); + AVAHI_CHECK_VALIDITY_RETURN_NULL(server, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME); + AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_FLAGS_VALID(flags, AVAHI_LOOKUP_USE_WIDE_AREA|AVAHI_LOOKUP_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS); +- AVAHI_CHECK_VALIDITY_RETURN_NULL(server, avahi_is_valid_service_type_generic(service_type), AVAHI_ERR_INVALID_SERVICE_TYPE); ++ ++ if (!avahi_is_valid_service_type_generic(service_type)) ++ service_type = "_invalid._tcp"; + + if (!domain) + domain = server->domain_name; diff --git a/meta/recipes-connectivity/avahi/files/local-ping.patch b/meta/recipes-connectivity/avahi/files/local-ping.patch new file mode 100644 index 0000000000..29c192d296 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/local-ping.patch @@ -0,0 +1,153 @@ +CVE: CVE-2021-36217 +CVE: CVE-2021-3502 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001 +From: Tommi Rantala <tommi.t.rantala@nokia.com> +Date: Mon, 8 Feb 2021 11:04:43 +0200 +Subject: [PATCH] Fix NULL pointer crashes from #175 + +avahi-daemon is crashing when running "ping .local". +The crash is due to failing assertion from NULL pointer. +Add missing NULL pointer checks to fix it. + +Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd +--- + avahi-core/browse-dns-server.c | 5 ++++- + avahi-core/browse-domain.c | 5 ++++- + avahi-core/browse-service-type.c | 3 +++ + avahi-core/browse-service.c | 3 +++ + avahi-core/browse.c | 3 +++ + avahi-core/resolve-address.c | 5 ++++- + avahi-core/resolve-host-name.c | 5 ++++- + avahi-core/resolve-service.c | 5 ++++- + 8 files changed, 29 insertions(+), 5 deletions(-) + +diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c +index 049752e9..c2d914fa 100644 +--- a/avahi-core/browse-dns-server.c ++++ b/avahi-core/browse-dns-server.c +@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new( + AvahiSDNSServerBrowser* b; + + b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_dns_server_browser_start(b); + + return b; +-} +\ No newline at end of file ++} +diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c +index f145d56a..06fa70c0 100644 +--- a/avahi-core/browse-domain.c ++++ b/avahi-core/browse-domain.c +@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new( + AvahiSDomainBrowser *b; + + b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_domain_browser_start(b); + + return b; +-} +\ No newline at end of file ++} +diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c +index fdd22dcd..b1fc7af8 100644 +--- a/avahi-core/browse-service-type.c ++++ b/avahi-core/browse-service-type.c +@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new( + AvahiSServiceTypeBrowser *b; + + b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_service_type_browser_start(b); + + return b; +diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c +index 5531360c..63e0275a 100644 +--- a/avahi-core/browse-service.c ++++ b/avahi-core/browse-service.c +@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new( + AvahiSServiceBrowser *b; + + b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_service_browser_start(b); + + return b; +diff --git a/avahi-core/browse.c b/avahi-core/browse.c +index 2941e579..e8a915e9 100644 +--- a/avahi-core/browse.c ++++ b/avahi-core/browse.c +@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new( + AvahiSRecordBrowser *b; + + b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_record_browser_start_query(b); + + return b; +diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c +index ac0b29b1..e61dd242 100644 +--- a/avahi-core/resolve-address.c ++++ b/avahi-core/resolve-address.c +@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new( + AvahiSAddressResolver *b; + + b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_address_resolver_start(b); + + return b; +-} +\ No newline at end of file ++} +diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c +index 808b0e72..4e8e5973 100644 +--- a/avahi-core/resolve-host-name.c ++++ b/avahi-core/resolve-host-name.c +@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new( + AvahiSHostNameResolver *b; + + b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_host_name_resolver_start(b); + + return b; +-} +\ No newline at end of file ++} +diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c +index 66bf3cae..43771763 100644 +--- a/avahi-core/resolve-service.c ++++ b/avahi-core/resolve-service.c +@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new( + AvahiSServiceResolver *b; + + b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata); ++ if (!b) ++ return NULL; ++ + avahi_s_service_resolver_start(b); + + return b; +-} +\ No newline at end of file ++} diff --git a/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch b/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch index 8db96ec049..ec1bc7b567 100644 --- a/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch +++ b/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch @@ -17,7 +17,7 @@ index b2eec60..6e03936 100644 @@ -57,6 +57,7 @@ case "$1" in modprobe capability >/dev/null 2>&1 || true if [ ! -f /etc/bind/rndc.key ]; then - /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom + /usr/sbin/rndc-confgen -a -b 512 + chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true chmod 0640 /etc/bind/rndc.key fi diff --git a/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch b/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch deleted file mode 100644 index 9d31b98080..0000000000 --- a/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 2325a92f1896a2a7f586611686801b41fbc91b50 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Mon, 27 Aug 2018 15:00:51 +0800 -Subject: [PATCH] configure.in: remove useless `-L$use_openssl/lib' - -Since `--with-openssl=${STAGING_DIR_HOST}${prefix}' is used in bind recipe, -the `-L$use_openssl/lib' has a hardcoded suffix, removing it is harmless -and helpful for clean up host build path in isc-config.sh - -Upstream-Status: Inappropriate [oe-core specific] - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> - ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index e85a5c6..2bbfc58 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1631,7 +1631,7 @@ If you don't want OpenSSL, use --without-openssl]) - fi - ;; - *) -- DST_OPENSSL_LIBS="-L$use_openssl/lib -lcrypto" -+ DST_OPENSSL_LIBS="-lcrypto" - ;; - esac - fi diff --git a/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch index 75908aa638..4c10f33f04 100644 --- a/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch +++ b/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch @@ -1,4 +1,4 @@ -From a3af4a405baf5ff582e82aaba392dd9667d94bdc Mon Sep 17 00:00:00 2001 +From 4e83392e840fa7b05e778710b8c202d102477a13 Mon Sep 17 00:00:00 2001 From: Hongxu Jia <hongxu.jia@windriver.com> Date: Mon, 27 Aug 2018 21:24:20 +0800 Subject: [PATCH] `named/lwresd -V' and start log hide build options @@ -12,23 +12,24 @@ $ named -V Upstream-Status: Inappropriate [oe-core specific] Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> + +Refreshed for 9.16.0 +Signed-off-by: Armin Kuster <akuster@mvista.com> + --- - bin/named/include/named/globals.h | 2 +- + configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h -index ba3457e..7741da7 100644 ---- a/bin/named/include/named/globals.h -+++ b/bin/named/include/named/globals.h -@@ -68,7 +68,7 @@ EXTERN const char * ns_g_version INIT(VERSION); - EXTERN const char * ns_g_product INIT(PRODUCT); - EXTERN const char * ns_g_description INIT(DESCRIPTION); - EXTERN const char * ns_g_srcid INIT(SRCID); --EXTERN const char * ns_g_configargs INIT(CONFIGARGS); -+EXTERN const char * ns_g_configargs INIT("*** (options are hidden)"); - EXTERN const char * ns_g_builder INIT(BUILDER); - EXTERN in_port_t ns_g_port INIT(0); - EXTERN isc_dscp_t ns_g_dscp INIT(-1); --- -2.7.4 - +diff --git a/configure.ac b/configure.ac +index bf20690..c5d330f 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -35,7 +35,7 @@ AC_DEFINE([PACKAGE_VERSION_EXTRA], ["][bind_VERSION_EXTRA]["], [BIND 9 Extra par + AC_DEFINE([PACKAGE_DESCRIPTION], [m4_ifnblank(bind_DESCRIPTION, [" ]bind_DESCRIPTION["], [])], [An extra string to print after PACKAGE_STRING]) + AC_DEFINE([PACKAGE_SRCID], ["][bind_SRCID]["], [A short hash from git]) + +-bind_CONFIGARGS="${ac_configure_args:-default}" ++bind_CONFIGARGS="(removed for reproducibility)" + AC_DEFINE_UNQUOTED([PACKAGE_CONFIGARGS], ["$bind_CONFIGARGS"], [Either 'defaults' or used ./configure options]) + + AC_DEFINE([PACKAGE_BUILDER], ["make"], [make or Visual Studio]) diff --git a/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch b/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch index 84559e5f37..38d07cae39 100644 --- a/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ b/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch @@ -1,4 +1,4 @@ -From edda20fb5a6e88548f85e39d34d6c074306e15bc Mon Sep 17 00:00:00 2001 +From 5ae30329f168c1e8d2e0c3831988a4f3e9096e39 Mon Sep 17 00:00:00 2001 From: Paul Gortmaker <paul.gortmaker@windriver.com> Date: Tue, 9 Jun 2015 11:22:00 -0400 Subject: [PATCH] bind: ensure searching for json headers searches sysroot @@ -33,15 +33,15 @@ Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 17392fd..e85a5c6 100644 +index 2ab8ddd..92fe983 100644 --- a/configure.ac +++ b/configure.ac -@@ -2449,7 +2449,7 @@ case "$use_libjson" in - libjson_libs="" - ;; - auto|yes) -- for d in /usr /usr/local /opt/local -+ for d in "${STAGING_INCDIR}" - do - if test -f "${d}/include/json/json.h" - then +@@ -761,7 +761,7 @@ AS_CASE([$with_lmdb], + [no],[], + [auto|yes], [PKG_CHECK_MODULES([LMDB], [lmdb], + [ac_lib_lmdb_found=yes], +- [for ac_lib_lmdb_path in /usr /usr/local /opt /opt/local; do ++ [for ac_lib_lmdb_path in "${STAGING_INCDIR}"; do + AX_LIB_LMDB([$ac_lib_lmdb_path], + [ac_lib_lmdb_found=yes + break]) diff --git a/meta/recipes-connectivity/bind/bind/conf.patch b/meta/recipes-connectivity/bind/bind/conf.patch index aad345f9fc..aa3642acec 100644 --- a/meta/recipes-connectivity/bind/bind/conf.patch +++ b/meta/recipes-connectivity/bind/bind/conf.patch @@ -276,7 +276,7 @@ diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d + + modprobe capability >/dev/null 2>&1 || true + if [ ! -f /etc/bind/rndc.key ]; then -+ /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom ++ /usr/sbin/rndc-confgen -a -b 512 + chmod 0640 /etc/bind/rndc.key + fi + if [ -f /var/run/named/named.pid ]; then diff --git a/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh b/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh index ef915c0ae5..633e29c0e6 100644 --- a/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh +++ b/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh @@ -2,7 +2,7 @@ if [ ! -s /etc/bind/rndc.key ]; then echo -n "Generating /etc/bind/rndc.key:" - /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom + /usr/sbin/rndc-confgen -a -b 512 chown root:bind /etc/bind/rndc.key chmod 0640 /etc/bind/rndc.key fi diff --git a/meta/recipes-connectivity/bind/bind_9.11.13.bb b/meta/recipes-connectivity/bind/bind_9.11.13.bb deleted file mode 100644 index 338d6c717a..0000000000 --- a/meta/recipes-connectivity/bind/bind_9.11.13.bb +++ /dev/null @@ -1,139 +0,0 @@ -SUMMARY = "ISC Internet Domain Name Server" -HOMEPAGE = "http://www.isc.org/sw/bind/" -SECTION = "console/network" - -LICENSE = "ISC & BSD" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=8f17f64e47e83b60cd920a1e4b54419e" - -DEPENDS = "openssl libcap zlib" - -SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ - file://conf.patch \ - file://named.service \ - file://bind9 \ - file://generate-rndc-key.sh \ - file://make-etc-initd-bind-stop-work.patch \ - file://init.d-add-support-for-read-only-rootfs.patch \ - file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ - file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \ - file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ - file://0001-avoid-start-failure-with-bind-user.patch \ - " - -SRC_URI[md5sum] = "17de0d024ab1eac377f1c2854dc25057" -SRC_URI[sha256sum] = "fd3f3cc9fcfcdaa752db35eb24598afa1fdcc2509d3227fc90a8631b7b400f7d" - -UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" -# stay at 9.11 until 9.16, from 9.16 follow the ESV versions divisible by 4 -UPSTREAM_CHECK_REGEX = "(?P<pver>9.(11|16|20|24|28)(\.\d+)+(-P\d+)*)/" - -# BIND >= 9.11.2 need dhcpd >= 4.4.0, -# don't report it here since dhcpd is already recent enough. -CVE_CHECK_WHITELIST += "CVE-2019-6470" - -inherit autotools update-rc.d systemd useradd pkgconfig multilib_script - -MULTILIB_SCRIPTS = "${PN}:${bindir}/bind9-config ${PN}:${bindir}/isc-config.sh" - -# PACKAGECONFIGs readline and libedit should NOT be set at same time -PACKAGECONFIG ?= "readline" -PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" -PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline" -PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit" -PACKAGECONFIG[urandom] = "--with-randomdev=/dev/urandom,--with-randomdev=/dev/random,," -PACKAGECONFIG[python3] = "--with-python=yes --with-python-install-dir=${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native," - -ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}" -EXTRA_OECONF = " ${ENABLE_IPV6} --with-libtool --enable-threads \ - --disable-devpoll --enable-epoll --with-gost=no \ - --with-gssapi=no --with-ecdsa=yes --with-eddsa=no \ - --with-lmdb=no \ - --sysconfdir=${sysconfdir}/bind \ - --with-openssl=${STAGING_DIR_HOST}${prefix} \ - " - -inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native distutils3-base', '', d)} - -# dhcp needs .la so keep them -REMOVE_LIBTOOL_LA = "0" - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ - --user-group bind" - -INITSCRIPT_NAME = "bind" -INITSCRIPT_PARAMS = "defaults" - -SYSTEMD_SERVICE_${PN} = "named.service" - -do_install_prepend() { - # clean host path in isc-config.sh before the hardlink created - # by "make install": - # bind9-config -> isc-config.sh - sed -i -e "s,${STAGING_LIBDIR},${libdir}," ${B}/isc-config.sh -} - -do_install_append() { - - rmdir "${D}${localstatedir}/run" - rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" - install -d -o bind "${D}${localstatedir}/cache/bind" - install -d "${D}${sysconfdir}/bind" - install -d "${D}${sysconfdir}/init.d" - install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" - install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" - if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then - sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \ - ${D}${sbindir}/dnssec-coverage \ - ${D}${sbindir}/dnssec-checkds \ - ${D}${sbindir}/dnssec-keymgr - fi - - # Install systemd related files - install -d ${D}${sbindir} - install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ - -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_unitdir}/system/named.service - - install -d ${D}${sysconfdir}/default - install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/tmpfiles.d - echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf - fi -} - -CONFFILES_${PN} = " \ - ${sysconfdir}/bind/named.conf \ - ${sysconfdir}/bind/named.conf.local \ - ${sysconfdir}/bind/named.conf.options \ - ${sysconfdir}/bind/db.0 \ - ${sysconfdir}/bind/db.127 \ - ${sysconfdir}/bind/db.empty \ - ${sysconfdir}/bind/db.local \ - ${sysconfdir}/bind/db.root \ - " - -ALTERNATIVE_${PN}-utils = "nslookup" -ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" -ALTERNATIVE_PRIORITY = "100" - -PACKAGE_BEFORE_PN += "${PN}-utils" -FILES_${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" -FILES_${PN}-dev += "${bindir}/isc-config.h" -FILES_${PN} += "${sbindir}/generate-rndc-key.sh" - -PACKAGE_BEFORE_PN += "${PN}-libs" -FILES_${PN}-libs = "${libdir}/*.so*" -FILES_${PN}-staticdev += "${libdir}/*.la" - -PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}" -FILES_python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \ - ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}" - -RDEPENDS_${PN}-dev = "" -RDEPENDS_python3-bind = "python3-core python3-ply" diff --git a/meta/recipes-connectivity/bind/bind_9.20.1.bb b/meta/recipes-connectivity/bind/bind_9.20.1.bb new file mode 100644 index 0000000000..9c68c918e4 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind_9.20.1.bb @@ -0,0 +1,113 @@ +SUMMARY = "ISC Internet Domain Name Server" +HOMEPAGE = "https://www.isc.org/bind/" +DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" +SECTION = "console/network" + +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c7a0b6d9a1b692a5da9af9d503671f43" + +DEPENDS = "openssl libcap zlib libuv liburcu" + +SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ + file://conf.patch \ + file://named.service \ + file://bind9 \ + file://generate-rndc-key.sh \ + file://make-etc-initd-bind-stop-work.patch \ + file://init.d-add-support-for-read-only-rootfs.patch \ + file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ + file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ + file://0001-avoid-start-failure-with-bind-user.patch \ + " + +SRC_URI[sha256sum] = "fe6ddff74921410d33b62b5723ac23912e8d50138ef66d7a30dc2c421129aeb0" + +UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" +# follow the ESV versions divisible by 2 +UPSTREAM_CHECK_REGEX = "(?P<pver>9.(\d*[02468])+(\.\d+)+(-P\d+)*)/" + +# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore +# so the issue doesn't affect us. +CVE_STATUS[CVE-2019-6470] = "not-applicable-config: Issue only affects dhcpd with recent bind versions and we don't ship dhcpd anymore." + +inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives + +# PACKAGECONFIGs readline and libedit should NOT be set at same time +PACKAGECONFIG ?= "readline" +PACKAGECONFIG[httpstats] = "--with-libxml2,--without-libxml2,libxml2" +PACKAGECONFIG[readline] = "--with-readline=readline,,readline" +PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit" +PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2" + +EXTRA_OECONF = " --disable-auto-validation \ + --with-gssapi=no --with-lmdb=no --with-zlib \ + --sysconfdir=${sysconfdir}/bind \ + --with-openssl=${STAGING_DIR_HOST}${prefix} \ + " +LDFLAGS += "-lz" + +# dhcp needs .la so keep them +REMOVE_LIBTOOL_LA = "0" + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM:${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ + --user-group bind" + +INITSCRIPT_NAME = "bind" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_SERVICE:${PN} = "named.service" + +do_install:append() { + + install -d -o bind "${D}${localstatedir}/cache/bind" + install -d "${D}${sysconfdir}/bind" + install -d "${D}${sysconfdir}/init.d" + install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" + install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" + + # Install systemd related files + install -d ${D}${sbindir} + install -m 755 ${UNPACKDIR}/generate-rndc-key.sh ${D}${sbindir} + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${UNPACKDIR}/named.service ${D}${systemd_system_unitdir} + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + ${D}${systemd_system_unitdir}/named.service + + install -d ${D}${sysconfdir}/default + install -m 0644 ${UNPACKDIR}/bind9 ${D}${sysconfdir}/default + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf + fi +} + +CONFFILES:${PN} = " \ + ${sysconfdir}/bind/named.conf \ + ${sysconfdir}/bind/named.conf.local \ + ${sysconfdir}/bind/named.conf.options \ + ${sysconfdir}/bind/db.0 \ + ${sysconfdir}/bind/db.127 \ + ${sysconfdir}/bind/db.empty \ + ${sysconfdir}/bind/db.local \ + ${sysconfdir}/bind/db.root \ + " + +ALTERNATIVE:${PN}-utils = "nslookup" +ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" +ALTERNATIVE_PRIORITY = "100" + +PACKAGE_BEFORE_PN += "${PN}-utils" +FILES:${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" +FILES:${PN}-dev += "${bindir}/isc-config.h" +FILES:${PN} += "${sbindir}/generate-rndc-key.sh" + +PACKAGE_BEFORE_PN += "${PN}-libs" +# special arrangement below due to +# https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88 +FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so" +FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so" + +DEV_PKG_DEPENDENCY = "" diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc index 484509350b..b3bcd278e6 100644 --- a/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/meta/recipes-connectivity/bluez5/bluez5.inc @@ -2,21 +2,30 @@ SUMMARY = "Linux Bluetooth Stack Userland V5" DESCRIPTION = "Linux Bluetooth stack V5 userland components. These include a system configurations, daemons, tools and system libraries." HOMEPAGE = "http://www.bluez.org" SECTION = "libs" -LICENSE = "GPLv2+ & LGPLv2.1+" +LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ file://COPYING.LIB;md5=fb504b67c50331fc78734fed90fb0e09 \ - file://src/main.c;beginline=1;endline=24;md5=9bc54b93cd7e17bf03f52513f39f926e" + file://src/main.c;beginline=1;endline=24;md5=0ad83ca0dc37ab08af448777c581e7ac" DEPENDS = "dbus glib-2.0" +RDEPENDS:${PN} += "dbus" PROVIDES += "bluez-hcidump" -RPROVIDES_${PN} += "bluez-hcidump" +RPROVIDES:${PN} += "bluez-hcidump" -RCONFLICTS_${PN} = "bluez4" +RCONFLICTS:${PN} = "bluez4" PACKAGECONFIG ??= "obex-profiles \ readline \ ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ a2dp-profiles \ avrcp-profiles \ + bap-profiles \ + bass-profiles \ + mcp-profiles \ + ccp-profiles \ + vcp-profiles \ + micp-profiles \ + csip-profiles \ + asha-profiles \ network-profiles \ hid-profiles \ hog-profiles \ @@ -38,40 +47,47 @@ PACKAGECONFIG[network-profiles] = "--enable-network,--disable-network" PACKAGECONFIG[hid-profiles] = "--enable-hid,--disable-hid" PACKAGECONFIG[hog-profiles] = "--enable-hog,--disable-hog" PACKAGECONFIG[health-profiles] = "--enable-health,--disable-health" +PACKAGECONFIG[bap-profiles] = "--enable-bap,--disable-bap" +PACKAGECONFIG[bass-profiles] = "--enable-bass,--disable-bass" +PACKAGECONFIG[mcp-profiles] = "--enable-mcp,--disable-mcp" +PACKAGECONFIG[ccp-profiles] = "--enable-ccp,--disable-ccp" +PACKAGECONFIG[vcp-profiles] = "--enable-vcp,--disable-vcp" +PACKAGECONFIG[micp-profiles] = "--enable-micp,--disable-micp" +PACKAGECONFIG[csip-profiles] = "--enable-csip,--disable-csip" +PACKAGECONFIG[asha-profiles] = "--enable-asha,--disable-asha" PACKAGECONFIG[sixaxis] = "--enable-sixaxis,--disable-sixaxis" PACKAGECONFIG[tools] = "--enable-tools,--disable-tools" PACKAGECONFIG[threads] = "--enable-threads,--disable-threads" PACKAGECONFIG[deprecated] = "--enable-deprecated,--disable-deprecated" -PACKAGECONFIG[mesh] = "--enable-mesh,--disable-mesh, json-c ell" -PACKAGECONFIG[btpclient] = "--enable-btpclient,--disable-btpclient, ell" +PACKAGECONFIG[mesh] = "--enable-mesh --enable-external-ell,--disable-mesh, json-c ell" +PACKAGECONFIG[btpclient] = "--enable-btpclient --enable-external-ell,--disable-btpclient, ell" PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,udev" - -SRC_URI = "\ - ${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ - file://out-of-tree.patch \ - file://init \ - file://run-ptest \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ - file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ - file://0001-test-gatt-Fix-hung-issue.patch \ - file://0001-Makefile.am-Fix-a-race-issue-for-tools.patch \ - file://CVE-2018-10910.patch \ - file://gcc9-fixes.patch \ - file://0001-tools-Fix-build-after-y2038-changes-in-glibc.patch \ - file://0001-tools-btpclient.c-include-signal.h.patch \ -" +PACKAGECONFIG[manpages] = "--enable-manpages,--disable-manpages,python3-docutils-native" + +SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ + file://init \ + file://run-ptest \ + file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ + file://0001-test-gatt-Fix-hung-issue.patch \ + file://0001-Provide-GNU-basename-compatible-implementation.patch \ + file://0001-mesh-Move-local-basename-into-utility-file.patch \ + " S = "${WORKDIR}/bluez-${PV}" CVE_PRODUCT = "bluez" -inherit autotools pkgconfig systemd update-rc.d features_check ptest gobject-introspection-data +inherit autotools pkgconfig systemd update-rc.d ptest gobject-introspection-data EXTRA_OECONF = "\ --enable-test \ --enable-datafiles \ --enable-library \ + --enable-pie \ + --without-zsh-completion-dir \ " +CFLAGS += "-DFIRMWARE_DIR=\\"${nonarch_base_libdir}/firmware\\"" + # bluez5 builds a large number of useful utilities but does not # install them. Specify which ones we want put into ${PN}-noinst-tools. NOINST_TOOLS_READLINE ??= "" @@ -83,53 +99,46 @@ NOINST_TOOLS = " \ ${@bb.utils.contains('PACKAGECONFIG', 'tools', '${NOINST_TOOLS_BT}', '', d)} \ " -do_install_append() { +do_install:append() { install -d ${D}${INIT_D_DIR} - install -m 0755 ${WORKDIR}/init ${D}${INIT_D_DIR}/bluetooth + install -m 0755 ${UNPACKDIR}/init ${D}${INIT_D_DIR}/bluetooth - install -d ${D}${sysconfdir}/bluetooth/ - if [ -f ${S}/profiles/network/network.conf ]; then - install -m 0644 ${S}/profiles/network/network.conf ${D}/${sysconfdir}/bluetooth/ - fi - if [ -f ${S}/profiles/input/input.conf ]; then - install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/ - fi - - if [ -f ${D}/${sysconfdir}/init.d/bluetooth ]; then - sed -i -e 's#@LIBEXECDIR@#${libexecdir}#g' ${D}/${sysconfdir}/init.d/bluetooth + if [ -f ${D}${sysconfdir}/init.d/bluetooth ]; then + sed -i -e 's#@LIBEXECDIR@#${libexecdir}#g' ${D}${sysconfdir}/init.d/bluetooth fi # Install desired tools that upstream leaves in build area for f in ${NOINST_TOOLS} ; do - install -m 755 ${B}/$f ${D}/${bindir} + install -m 755 ${B}/$f ${D}${bindir} done - # Patch python tools to use Python 3; they should be source compatible, but - # still refer to Python 2 in the shebang - sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${libdir}/bluez/test/* + # Fix the /etc/bluetooth directory permissions when systemd is disabled + if ${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'false', 'true', d)}; then + chmod 0755 ${D}${sysconfdir}/bluetooth + fi } PACKAGES =+ "${PN}-testtools ${PN}-obex ${PN}-noinst-tools" -FILES_${PN} += " \ +FILES:${PN} += " \ ${libdir}/bluetooth/plugins/*.so \ ${systemd_unitdir}/ ${datadir}/dbus-1 \ ${libdir}/cups \ " -FILES_${PN}-dev += " \ +FILES:${PN}-dev += " \ ${libdir}/bluetooth/plugins/*.la \ " -FILES_${PN}-obex = "${libexecdir}/bluetooth/obexd \ +FILES:${PN}-obex = "${libexecdir}/bluetooth/obexd \ ${exec_prefix}/lib/systemd/user/obex.service \ ${systemd_system_unitdir}/obex.service \ ${sysconfdir}/systemd/system/multi-user.target.wants/obex.service \ ${datadir}/dbus-1/services/org.bluez.obex.service \ ${sysconfdir}/dbus-1/system.d/obexd.conf \ " -SYSTEMD_SERVICE_${PN}-obex = "obex.service" +SYSTEMD_SERVICE:${PN}-obex = "obex.service" -FILES_${PN}-testtools = "${libdir}/bluez/test/*" +FILES:${PN}-testtools = "${libdir}/bluez/test/*" def get_noinst_tools_paths (d, bb, tools): s = list() @@ -139,14 +148,14 @@ def get_noinst_tools_paths (d, bb, tools): s.append("%s/%s" % (bindir, f)) return "\n".join(s) -FILES_${PN}-noinst-tools = "${@get_noinst_tools_paths(d, bb, d.getVar('NOINST_TOOLS'))}" +FILES:${PN}-noinst-tools = "${@get_noinst_tools_paths(d, bb, d.getVar('NOINST_TOOLS'))}" -RDEPENDS_${PN}-testtools += "python3-core python3-dbus" -RDEPENDS_${PN}-testtools += "${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'python3-pygobject', '', d)}" +RDEPENDS:${PN}-testtools += "python3-core python3-dbus" +RDEPENDS:${PN}-testtools += "${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'python3-pygobject', '', d)}" -SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'bluetooth.service', '', d)}" +SYSTEMD_SERVICE:${PN} = "${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'bluetooth.service', '', d)}" INITSCRIPT_PACKAGES = "${PN}" -INITSCRIPT_NAME_${PN} = "bluetooth" +INITSCRIPT_NAME:${PN} = "bluetooth" do_compile_ptest() { oe_runmake buildtests @@ -157,4 +166,4 @@ do_install_ptest() { rm -f ${D}${PTEST_PATH}/unit/*.o } -RDEPENDS_${PN}-ptest_append_libc-glibc = " glibc-gconv-utf-16" +RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-gconv-utf-16" diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch deleted file mode 100644 index da7140922d..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 99ccdbe155028c4c789803a429072675b87d0c3a Mon Sep 17 00:00:00 2001 -From: Giovanni Campagna <gcampagna-cNUdlRotFMnNLxjTenLetw@public.gmane.org> -Date: Sat, 12 Oct 2013 17:45:25 +0200 -Subject: [PATCH] Allow using obexd without systemd in the user session - -Not all sessions run systemd --user (actually, the majority -doesn't), so the dbus daemon must be able to spawn obexd -directly, and to do so it needs the full path of the daemon. - -Upstream-Status: Denied - -Not accepted by upstream maintainer for being a distro specific -configuration. See thread: - -http://thread.gmane.org/gmane.linux.bluez.kernel/38725/focus=38843 - -Signed-off-by: Javier Viguera <javier.viguera@digi.com> - ---- - Makefile.obexd | 4 ++-- - obexd/src/{org.bluez.obex.service => org.bluez.obex.service.in} | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - rename obexd/src/{org.bluez.obex.service => org.bluez.obex.service.in} (76%) - -diff --git a/Makefile.obexd b/Makefile.obexd -index c462692..0325f66 100644 ---- a/Makefile.obexd -+++ b/Makefile.obexd -@@ -1,12 +1,12 @@ - if SYSTEMD - systemduserunitdir = @SYSTEMD_USERUNITDIR@ - systemduserunit_DATA = obexd/src/obex.service -+endif - - dbussessionbusdir = @DBUS_SESSIONBUSDIR@ - dbussessionbus_DATA = obexd/src/org.bluez.obex.service --endif - --EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service -+EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service.in - - if OBEX - -diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service.in -similarity index 76% -rename from obexd/src/org.bluez.obex.service -rename to obexd/src/org.bluez.obex.service.in -index a538088..9c815f2 100644 ---- a/obexd/src/org.bluez.obex.service -+++ b/obexd/src/org.bluez.obex.service.in -@@ -1,4 +1,4 @@ - [D-BUS Service] - Name=org.bluez.obex --Exec=/bin/false -+Exec=@libexecdir@/obexd - SystemdService=dbus-org.bluez.obex.service diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-Makefile.am-Fix-a-race-issue-for-tools.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-Makefile.am-Fix-a-race-issue-for-tools.patch deleted file mode 100644 index b6cb978393..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/0001-Makefile.am-Fix-a-race-issue-for-tools.patch +++ /dev/null @@ -1,30 +0,0 @@ -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From 117c41242c01e057295aed80ed973c6dc7e35fe2 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@intel.com> -Date: Tue, 8 Oct 2019 11:01:56 +0100 -Subject: [PATCH BlueZ] Makefile.am: add missing mkdir in rules generation - -In parallel out-of-tree builds it's possible that tools/*.rules are -generated before the target directory has been implicitly created. Solve this by -creating the directory before writing into it. ---- - Makefile.am | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/Makefile.am b/Makefile.am -index 2ac28b23d..e7bcd2366 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -589,6 +589,7 @@ src/builtin.h: src/genbuiltin $(builtin_sources) - $(AM_V_GEN)$(srcdir)/src/genbuiltin $(builtin_modules) > $@ - - tools/%.rules: -+ $(AM_V_at)$(MKDIR_P) tools - $(AM_V_GEN)cp $(srcdir)/$(subst 97-,,$@) $@ - - $(lib_libbluetooth_la_OBJECTS): $(local_headers) --- -2.20.1 - diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-Provide-GNU-basename-compatible-implementation.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-Provide-GNU-basename-compatible-implementation.patch new file mode 100644 index 0000000000..4f028e589b --- /dev/null +++ b/meta/recipes-connectivity/bluez5/bluez5/0001-Provide-GNU-basename-compatible-implementation.patch @@ -0,0 +1,147 @@ +From 44e24350aae771daa93e5a85378856f91358688f Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 26 Aug 2024 09:55:03 -0700 +Subject: [PATCH] Provide GNU basename compatible implementation + +Call to basename() relies on a GNU extension +to take a const char * vs a char *. Let's define +a trivial helper function to ensure compatibility +with musl. + +Fixes Issue: https://github.com/bluez/bluez/issues/843 + +Upstream-Status: Submitted [https://lore.kernel.org/linux-bluetooth/20240826173844.2918630-1-raj.khem@gmail.com/T/#u] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + configure.ac | 11 ++++++++++- + mesh/mesh-config-json.c | 4 +++- + mesh/missing.h | 21 +++++++++++++++++++++ + mesh/rpl.c | 1 + + tools/hex2hcd.c | 1 + + tools/missing.h | 21 +++++++++++++++++++++ + 6 files changed, 57 insertions(+), 2 deletions(-) + create mode 100644 mesh/missing.h + create mode 100644 tools/missing.h + +diff --git a/configure.ac b/configure.ac +index a7fb51f..254f1a7 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -70,7 +70,16 @@ AC_CHECK_LIB(pthread, pthread_create, dummy=yes, + AC_CHECK_LIB(dl, dlopen, dummy=yes, + AC_MSG_ERROR(dynamic linking loader is required)) + +-AC_CHECK_HEADERS(linux/types.h linux/if_alg.h linux/uinput.h linux/uhid.h sys/random.h) ++AC_CHECK_HEADERS(string.h linux/types.h linux/if_alg.h linux/uinput.h linux/uhid.h sys/random.h) ++ ++# basename may be only available in libgen.h with the POSIX behavior, ++# not desired here ++AC_CHECK_DECLS([basename], [], ++ AC_MSG_WARN([GNU basename extension not found]), ++ [#define _GNU_SOURCE 1 ++ #include <string.h> ++ ]) ++ + + PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.28) + +diff --git a/mesh/mesh-config-json.c b/mesh/mesh-config-json.c +index c198627..e3b0a18 100644 +--- a/mesh/mesh-config-json.c ++++ b/mesh/mesh-config-json.c +@@ -28,6 +28,7 @@ + #include <ell/ell.h> + #include <json-c/json.h> + ++#include "mesh/missing.h" + #include "mesh/mesh-defs.h" + #include "mesh/util.h" + #include "mesh/mesh-config.h" +@@ -2694,7 +2695,8 @@ bool mesh_config_load_nodes(const char *cfgdir_name, mesh_config_node_func_t cb, + + void mesh_config_destroy_nvm(struct mesh_config *cfg) + { +- char *node_dir, *node_name; ++ char *node_dir; ++ const char* node_name; + char uuid[33]; + + if (!cfg) +diff --git a/mesh/missing.h b/mesh/missing.h +new file mode 100644 +index 0000000..eaf3281 +--- /dev/null ++++ b/mesh/missing.h +@@ -0,0 +1,21 @@ ++// SPDX-License-Identifier: LGPL-2.1-or-later ++/* ++ * ++ * BlueZ - Bluetooth protocol stack for Linux ++ * ++ * Copyright (C) 2024 Khem Raj <raj.khem@gmail.com> ++ * ++ */ ++ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++#if !HAVE_DECL_BASENAME ++#include <string.h> ++static inline const char *basename(const char *path) ++{ ++ const char *base = strrchr(path, '/'); ++ ++ return base ? base + 1 : path; ++} ++#endif +diff --git a/mesh/rpl.c b/mesh/rpl.c +index fb225dd..2fa17d7 100644 +--- a/mesh/rpl.c ++++ b/mesh/rpl.c +@@ -24,6 +24,7 @@ + + #include <ell/ell.h> + ++#include "mesh/missing.h" + #include "mesh/mesh-defs.h" + + #include "mesh/node.h" +diff --git a/tools/hex2hcd.c b/tools/hex2hcd.c +index e6dca5a..452ab2b 100644 +--- a/tools/hex2hcd.c ++++ b/tools/hex2hcd.c +@@ -24,6 +24,7 @@ + #include <stdlib.h> + #include <stdbool.h> + #include <sys/stat.h> ++#include "tools/missing.h" + + static ssize_t process_record(int fd, const char *line, uint16_t *upper_addr) + { +diff --git a/tools/missing.h b/tools/missing.h +new file mode 100644 +index 0000000..eaf3281 +--- /dev/null ++++ b/tools/missing.h +@@ -0,0 +1,21 @@ ++// SPDX-License-Identifier: LGPL-2.1-or-later ++/* ++ * ++ * BlueZ - Bluetooth protocol stack for Linux ++ * ++ * Copyright (C) 2024 Khem Raj <raj.khem@gmail.com> ++ * ++ */ ++ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++#if !HAVE_DECL_BASENAME ++#include <string.h> ++static inline const char *basename(const char *path) ++{ ++ const char *base = strrchr(path, '/'); ++ ++ return base ? base + 1 : path; ++} ++#endif diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-mesh-Move-local-basename-into-utility-file.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-mesh-Move-local-basename-into-utility-file.patch new file mode 100644 index 0000000000..33c12fc3a8 --- /dev/null +++ b/meta/recipes-connectivity/bluez5/bluez5/0001-mesh-Move-local-basename-into-utility-file.patch @@ -0,0 +1,114 @@ +From e64c2e70a74da452b0ee147350c4ce93e1db8d2f Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 16 Sep 2024 15:11:01 -0700 +Subject: [PATCH v2] mesh: Move local basename into utility file + +Defining an override via a missing.h can prove difficult when a file +needs to use basename and dirname both the APIs and needs to include +libgen.h for them, in such situations there will be signature clash +for basename function. + +Upstream-Status: Submitted [https://lore.kernel.org/linux-bluetooth/20240917031745.1641153-1-raj.khem@gmail.com/T/#u] +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +--- +v2: Remove reference to missing.h in Makefile.mesh + + Makefile.mesh | 2 +- + mesh/mesh-config-json.c | 3 +-- + mesh/missing.h | 21 --------------------- + mesh/rpl.c | 3 +-- + mesh/util.c | 10 ++++++++++ + mesh/util.h | 5 +++++ + 6 files changed, 18 insertions(+), 26 deletions(-) + delete mode 100644 mesh/missing.h + +--- a/mesh/mesh-config-json.c ++++ b/mesh/mesh-config-json.c +@@ -28,7 +28,6 @@ + #include <ell/ell.h> + #include <json-c/json.h> + +-#include "mesh/missing.h" + #include "mesh/mesh-defs.h" + #include "mesh/util.h" + #include "mesh/mesh-config.h" +@@ -2708,7 +2707,7 @@ void mesh_config_destroy_nvm(struct mesh + if (!hex2str(cfg->uuid, 16, uuid, sizeof(uuid))) + return; + +- node_name = basename(node_dir); ++ node_name = mesh_basename(node_dir); + + /* Make sure path name of node follows expected guidelines */ + if (strcmp(node_name, uuid)) +--- a/mesh/missing.h ++++ /dev/null +@@ -1,21 +0,0 @@ +-// SPDX-License-Identifier: LGPL-2.1-or-later +-/* +- * +- * BlueZ - Bluetooth protocol stack for Linux +- * +- * Copyright (C) 2024 Khem Raj <raj.khem@gmail.com> +- * +- */ +- +-#ifdef HAVE_CONFIG_H +-#include <config.h> +-#endif +-#if !HAVE_DECL_BASENAME +-#include <string.h> +-static inline const char *basename(const char *path) +-{ +- const char *base = strrchr(path, '/'); +- +- return base ? base + 1 : path; +-} +-#endif +--- a/mesh/rpl.c ++++ b/mesh/rpl.c +@@ -24,7 +24,6 @@ + + #include <ell/ell.h> + +-#include "mesh/missing.h" + #include "mesh/mesh-defs.h" + + #include "mesh/node.h" +@@ -147,7 +146,7 @@ static void get_entries(const char *iv_p + if (!dir) + return; + +- iv_txt = basename(iv_path); ++ iv_txt = mesh_basename(iv_path); + if (sscanf(iv_txt, "%08x", &iv_index) != 1) { + closedir(dir); + return; +--- a/mesh/util.c ++++ b/mesh/util.c +@@ -161,3 +161,13 @@ void enable_debug(void) + debug_enabled = true; + l_debug_enable("*"); + } ++ ++#if !HAVE_DECL_BASENAME ++#include <string.h> ++const char *mesh_basename(const char *path) ++{ ++ const char *base = strrchr(path, '/'); ++ ++ return base ? base + 1 : path; ++} ++#endif +--- a/mesh/util.h ++++ b/mesh/util.h +@@ -16,3 +16,8 @@ void print_packet(const char *label, con + int create_dir(const char *dir_name); + void del_path(const char *path); + void enable_debug(void); ++#if !HAVE_DECL_BASENAME ++const char *mesh_basename(const char *path); ++#else ++#define mesh_basename basename ++#endif diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch index e90b6a546f..1b1af4ba96 100644 --- a/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch +++ b/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch @@ -1,4 +1,4 @@ -From 61e741654cc2eb167bca212a3bb2ba8f3ba280c1 Mon Sep 17 00:00:00 2001 +From b8371d1111e21a9b3285ec0864b78e98d7acf79f Mon Sep 17 00:00:00 2001 From: Mingli Yu <Mingli.Yu@windriver.com> Date: Fri, 24 Aug 2018 12:04:03 +0800 Subject: [PATCH] test-gatt: Fix hung issue @@ -26,10 +26,10 @@ Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unit/test-gatt.c b/unit/test-gatt.c -index c7e28f8..b57373b 100644 +index 1613fbc..25dd614 100644 --- a/unit/test-gatt.c +++ b/unit/test-gatt.c -@@ -4463,7 +4463,7 @@ int main(int argc, char *argv[]) +@@ -4547,7 +4547,7 @@ int main(int argc, char *argv[]) test_server, service_db_1, NULL, raw_pdu(0x03, 0x00, 0x02), raw_pdu(0xbf, 0x00), @@ -38,6 +38,3 @@ index c7e28f8..b57373b 100644 define_test_server("/robustness/unkown-command", test_server, service_db_1, NULL, --- -2.7.4 - diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch index 24ddae6b63..b85c050ffc 100644 --- a/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch +++ b/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch @@ -1,4 +1,4 @@ -From 4bdf0f96dcaa945fd29f26d56e5b36d8c23e4c8b Mon Sep 17 00:00:00 2001 +From bbfecd4407b6425f409c4657ac96e67f0a995a12 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Fri, 1 Apr 2016 17:07:34 +0300 Subject: [PATCH] tests: add a target for building tests without running them @@ -10,10 +10,10 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> 1 file changed, 3 insertions(+) diff --git a/Makefile.am b/Makefile.am -index 1a48a71..ba3b92f 100644 +index 68bf058..a376d10 100644 --- a/Makefile.am +++ b/Makefile.am -@@ -425,6 +425,9 @@ endif +@@ -713,6 +713,9 @@ endif TESTS = $(unit_tests) AM_TESTS_ENVIRONMENT = MALLOC_CHECK_=3 MALLOC_PERTURB_=69 @@ -23,6 +23,3 @@ index 1a48a71..ba3b92f 100644 if DBUS_RUN_SESSION AM_TESTS_ENVIRONMENT += dbus-run-session -- endif --- -2.8.0.rc3 - diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-tools-Fix-build-after-y2038-changes-in-glibc.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-tools-Fix-build-after-y2038-changes-in-glibc.patch deleted file mode 100644 index 9ca20ae53b..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/0001-tools-Fix-build-after-y2038-changes-in-glibc.patch +++ /dev/null @@ -1,68 +0,0 @@ -From f36f71f60b1e68c0f12e615b9b128d089ec3dd19 Mon Sep 17 00:00:00 2001 -From: Bastien Nocera <hadess@hadess.net> -Date: Fri, 7 Jun 2019 09:51:33 +0200 -Subject: [PATCH] tools: Fix build after y2038 changes in glibc - -The 32-bit SIOCGSTAMP has been deprecated. Use the deprecated name -to fix the build. - -Upstream-Status: backport commit f36f71f60b1e68c0f12e615b9b128d089ec3dd19 - -Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> - ---- - tools/l2test.c | 6 +++++- - tools/rctest.c | 6 +++++- - 2 files changed, 10 insertions(+), 2 deletions(-) - -diff --git a/tools/l2test.c b/tools/l2test.c -index e755ac881..e787c2ce2 100644 ---- a/tools/l2test.c -+++ b/tools/l2test.c -@@ -55,6 +55,10 @@ - #define BREDR_DEFAULT_PSM 0x1011 - #define LE_DEFAULT_PSM 0x0080 - -+#ifndef SIOCGSTAMP_OLD -+#define SIOCGSTAMP_OLD SIOCGSTAMP -+#endif -+ - /* Test modes */ - enum { - SEND, -@@ -907,7 +911,7 @@ static void recv_mode(int sk) - if (timestamp) { - struct timeval tv; - -- if (ioctl(sk, SIOCGSTAMP, &tv) < 0) { -+ if (ioctl(sk, SIOCGSTAMP_OLD, &tv) < 0) { - timestamp = 0; - memset(ts, 0, sizeof(ts)); - } else { -diff --git a/tools/rctest.c b/tools/rctest.c -index 94490f462..bc8ed875d 100644 ---- a/tools/rctest.c -+++ b/tools/rctest.c -@@ -50,6 +50,10 @@ - - #include "src/shared/util.h" - -+#ifndef SIOCGSTAMP_OLD -+#define SIOCGSTAMP_OLD SIOCGSTAMP -+#endif -+ - /* Test modes */ - enum { - SEND, -@@ -505,7 +509,7 @@ static void recv_mode(int sk) - if (timestamp) { - struct timeval tv; - -- if (ioctl(sk, SIOCGSTAMP, &tv) < 0) { -+ if (ioctl(sk, SIOCGSTAMP_OLD, &tv) < 0) { - timestamp = 0; - memset(ts, 0, sizeof(ts)); - } else { --- -2.19.1 - diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-tools-btpclient.c-include-signal.h.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-tools-btpclient.c-include-signal.h.patch deleted file mode 100644 index 620aaabc68..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/0001-tools-btpclient.c-include-signal.h.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 0b1766514f6847c7367fce07f19a750ec74c11a6 Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Thu, 26 Sep 2019 16:19:34 +0800 -Subject: [PATCH] tools/btpclient.c: include signal.h - -Fix compile failure when configure --enable-btpclient: -btpclient.c:2834:7: error: 'SIGINT' undeclared (first use in this function) - -Upstream-Status: Backport [A subset of the full fix that went upstream] - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - tools/btpclient.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/tools/btpclient.c b/tools/btpclient.c -index b217df5..aece7fe 100644 ---- a/tools/btpclient.c -+++ b/tools/btpclient.c -@@ -29,6 +29,7 @@ - #include <stdlib.h> - #include <assert.h> - #include <getopt.h> -+#include <signal.h> - - #include <ell/ell.h> - --- -2.7.4 - diff --git a/meta/recipes-connectivity/bluez5/bluez5/CVE-2018-10910.patch b/meta/recipes-connectivity/bluez5/bluez5/CVE-2018-10910.patch deleted file mode 100644 index 2a78077443..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/CVE-2018-10910.patch +++ /dev/null @@ -1,505 +0,0 @@ -From 977321f2c7f974ea68a3d90df296c66189a3f254 Mon Sep 17 00:00:00 2001 -From: Lei Maohui <leimaohui@cn.fujitsu.com> -Date: Fri, 21 Jun 2019 17:57:35 +0900 -Subject: [PATCH] CVE-2018-10910 - -A bug in Bluez may allow for the Bluetooth Discoverable state being set to on -when no Bluetooth agent is registered with the system. This situation could -lead to the unauthorized pairing of certain Bluetooth devices without any -form of authentication. - -CVE: CVE-2018-10910 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -Subject: [PATCH BlueZ 1/4] client: Add discoverable-timeout command -From: Luiz Augusto von Dentz <luiz.dentz () gmail ! com> -Date: 2018-07-25 10:20:32 -Message-ID: 20180725102035.19439-1-luiz.dentz () gmail ! com -[Download RAW message or body] - -From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> - -This adds discoverable-timeout command which can be used to get/set -DiscoverableTimeout property: - -[bluetooth]# discoverable-timeout 180 -Changing discoverable-timeout 180 succeeded ---- - client/main.c | 82 +++++++++++++++++++++++++++++++++- - doc/adapter-api.txt | 6 +++ - src/adapter.c | 125 ++++++++++++++++++++++++++++++++++++++++++++++------ - 3 files changed, 198 insertions(+), 15 deletions(-) - -diff --git a/client/main.c b/client/main.c -index 87323d8..1a66a3a 100644 ---- a/client/main.c -+++ b/client/main.c -@@ -877,6 +877,7 @@ static void cmd_show(int argc, char *argv[]) - print_property(proxy, "Class"); - print_property(proxy, "Powered"); - print_property(proxy, "Discoverable"); -+ print_property(proxy, "DiscoverableTimeout"); - print_property(proxy, "Pairable"); - print_uuids(proxy); - print_property(proxy, "Modalias"); -@@ -1061,6 +1062,47 @@ static void cmd_discoverable(int argc, char *argv[]) - return bt_shell_noninteractive_quit(EXIT_FAILURE); - } - -+static void cmd_discoverable_timeout(int argc, char *argv[]) -+{ -+ uint32_t value; -+ char *endptr = NULL; -+ char *str; -+ -+ if (argc < 2) { -+ DBusMessageIter iter; -+ -+ if (!g_dbus_proxy_get_property(default_ctrl->proxy, -+ "DiscoverableTimeout", &iter)) { -+ bt_shell_printf("Unable to get DiscoverableTimeout\n"); -+ return bt_shell_noninteractive_quit(EXIT_FAILURE); -+ } -+ -+ dbus_message_iter_get_basic(&iter, &value); -+ -+ bt_shell_printf("DiscoverableTimeout: %d seconds\n", value); -+ -+ return; -+ } -+ -+ value = strtol(argv[1], &endptr, 0); -+ if (!endptr || *endptr != '\0' || value > UINT32_MAX) { -+ bt_shell_printf("Invalid argument\n"); -+ return bt_shell_noninteractive_quit(EXIT_FAILURE); -+ } -+ -+ str = g_strdup_printf("discoverable-timeout %d", value); -+ -+ if (g_dbus_proxy_set_property_basic(default_ctrl->proxy, -+ "DiscoverableTimeout", -+ DBUS_TYPE_UINT32, &value, -+ generic_callback, str, g_free)) -+ return; -+ -+ g_free(str); -+ -+ return bt_shell_noninteractive_quit(EXIT_FAILURE); -+} -+ - static void cmd_agent(int argc, char *argv[]) - { - dbus_bool_t enable; -@@ -1124,6 +1166,7 @@ static struct set_discovery_filter_args { - char **uuids; - size_t uuids_len; - dbus_bool_t duplicate; -+ dbus_bool_t discoverable; - bool set; - } filter = { - .rssi = DISTANCE_VAL_INVALID, -@@ -1163,6 +1206,11 @@ static void set_discovery_filter_setup(DBusMessageIter *iter, void *user_data) - DBUS_TYPE_BOOLEAN, - &args->duplicate); - -+ if (args->discoverable) -+ g_dbus_dict_append_entry(&dict, "Discoverable", -+ DBUS_TYPE_BOOLEAN, -+ &args->discoverable); -+ - dbus_message_iter_close_container(iter, &dict); - } - -@@ -1320,6 +1368,26 @@ static void cmd_scan_filter_duplicate_data(int argc, char *argv[]) - filter.set = false; - } - -+static void cmd_scan_filter_discoverable(int argc, char *argv[]) -+{ -+ if (argc < 2 || !strlen(argv[1])) { -+ bt_shell_printf("Discoverable: %s\n", -+ filter.discoverable ? "on" : "off"); -+ return bt_shell_noninteractive_quit(EXIT_SUCCESS); -+ } -+ -+ if (!strcmp(argv[1], "on")) -+ filter.discoverable = true; -+ else if (!strcmp(argv[1], "off")) -+ filter.discoverable = false; -+ else { -+ bt_shell_printf("Invalid option: %s\n", argv[1]); -+ return bt_shell_noninteractive_quit(EXIT_FAILURE); -+ } -+ -+ filter.set = false; -+} -+ - static void filter_clear_uuids(void) - { - g_strfreev(filter.uuids); -@@ -1348,6 +1416,11 @@ static void filter_clear_duplicate(void) - filter.duplicate = false; - } - -+static void filter_clear_discoverable(void) -+{ -+ filter.discoverable = false; -+} -+ - struct clear_entry { - const char *name; - void (*clear) (void); -@@ -1359,6 +1432,7 @@ static const struct clear_entry filter_clear[] = { - { "pathloss", filter_clear_pathloss }, - { "transport", filter_clear_transport }, - { "duplicate-data", filter_clear_duplicate }, -+ { "discoverable", filter_clear_discoverable }, - {} - }; - -@@ -2468,7 +2542,11 @@ static const struct bt_shell_menu scan_menu = { - { "duplicate-data", "[on/off]", cmd_scan_filter_duplicate_data, - "Set/Get duplicate data filter", - NULL }, -- { "clear", "[uuids/rssi/pathloss/transport/duplicate-data]", -+ { "discoverable", "[on/off]", cmd_scan_filter_discoverable, -+ "Set/Get discoverable filter", -+ NULL }, -+ { "clear", -+ "[uuids/rssi/pathloss/transport/duplicate-data/discoverable]", - cmd_scan_filter_clear, - "Clears discovery filter.", - filter_clear_generator }, -@@ -2549,6 +2627,8 @@ static const struct bt_shell_menu main_menu = { - { "discoverable", "<on/off>", cmd_discoverable, - "Set controller discoverable mode", - NULL }, -+ { "discoverable-timeout", "[value]", cmd_discoverable_timeout, -+ "Set discoverable timeout", NULL }, - { "agent", "<on/off/capability>", cmd_agent, - "Enable/disable agent with given capability", - capability_generator}, -diff --git a/doc/adapter-api.txt b/doc/adapter-api.txt -index d14d0ca..4791af2 100644 ---- a/doc/adapter-api.txt -+++ b/doc/adapter-api.txt -@@ -113,6 +113,12 @@ Methods void StartDiscovery() - generated for either ManufacturerData and - ServiceData everytime they are discovered. - -+ bool Discoverable (Default: false) -+ -+ Make adapter discoverable while discovering, -+ if the adapter is already discoverable this -+ setting this filter won't do anything. -+ - When discovery filter is set, Device objects will be - created as new devices with matching criteria are - discovered regardless of they are connectable or -diff --git a/src/adapter.c b/src/adapter.c -index af340fd..822bd34 100644 ---- a/src/adapter.c -+++ b/src/adapter.c -@@ -157,6 +157,7 @@ struct discovery_filter { - int16_t rssi; - GSList *uuids; - bool duplicate; -+ bool discoverable; - }; - - struct watch_client { -@@ -196,6 +197,7 @@ struct btd_adapter { - char *name; /* controller device name */ - char *short_name; /* controller short name */ - uint32_t supported_settings; /* controller supported settings */ -+ uint32_t pending_settings; /* pending controller settings */ - uint32_t current_settings; /* current controller settings */ - - char *path; /* adapter object path */ -@@ -213,6 +215,7 @@ struct btd_adapter { - - bool discovering; /* discovering property state */ - bool filtered_discovery; /* we are doing filtered discovery */ -+ bool filtered_discoverable; /* we are doing filtered discovery */ - bool no_scan_restart_delay; /* when this flag is set, restart scan - * without delay */ - uint8_t discovery_type; /* current active discovery type */ -@@ -509,8 +512,10 @@ static void settings_changed(struct btd_adapter *adapter, uint32_t settings) - changed_mask = adapter->current_settings ^ settings; - - adapter->current_settings = settings; -+ adapter->pending_settings &= ~changed_mask; - - DBG("Changed settings: 0x%08x", changed_mask); -+ DBG("Pending settings: 0x%08x", adapter->pending_settings); - - if (changed_mask & MGMT_SETTING_POWERED) { - g_dbus_emit_property_changed(dbus_conn, adapter->path, -@@ -596,10 +601,31 @@ static bool set_mode(struct btd_adapter *adapter, uint16_t opcode, - uint8_t mode) - { - struct mgmt_mode cp; -+ uint32_t setting = 0; - - memset(&cp, 0, sizeof(cp)); - cp.val = mode; - -+ switch (mode) { -+ case MGMT_OP_SET_POWERED: -+ setting = MGMT_SETTING_POWERED; -+ break; -+ case MGMT_OP_SET_CONNECTABLE: -+ setting = MGMT_SETTING_CONNECTABLE; -+ break; -+ case MGMT_OP_SET_FAST_CONNECTABLE: -+ setting = MGMT_SETTING_FAST_CONNECTABLE; -+ break; -+ case MGMT_OP_SET_DISCOVERABLE: -+ setting = MGMT_SETTING_DISCOVERABLE; -+ break; -+ case MGMT_OP_SET_BONDABLE: -+ setting = MGMT_SETTING_DISCOVERABLE; -+ break; -+ } -+ -+ adapter->pending_settings |= setting; -+ - DBG("sending set mode command for index %u", adapter->dev_id); - - if (mgmt_send(adapter->mgmt, opcode, -@@ -1818,7 +1844,17 @@ static void discovery_free(void *user_data) - g_free(client); - } - --static void discovery_remove(struct watch_client *client) -+static bool set_filtered_discoverable(struct btd_adapter *adapter, bool enable) -+{ -+ if (adapter->filtered_discoverable == enable) -+ return true; -+ -+ adapter->filtered_discoverable = enable; -+ -+ return set_discoverable(adapter, enable, 0); -+} -+ -+static void discovery_remove(struct watch_client *client, bool exit) - { - struct btd_adapter *adapter = client->adapter; - -@@ -1830,7 +1866,27 @@ static void discovery_remove(struct watch_client *client) - adapter->discovery_list = g_slist_remove(adapter->discovery_list, - client); - -- discovery_free(client); -+ if (adapter->filtered_discoverable && -+ client->discovery_filter->discoverable) { -+ GSList *l; -+ -+ for (l = adapter->discovery_list; l; l = g_slist_next(l)) { -+ struct watch_client *client = l->data; -+ -+ if (client->discovery_filter->discoverable) -+ break; -+ } -+ -+ /* Disable filtered discoverable if there are no clients */ -+ if (!l) -+ set_filtered_discoverable(adapter, false); -+ } -+ -+ if (!exit && client->discovery_filter) -+ adapter->set_filter_list = g_slist_prepend( -+ adapter->set_filter_list, client); -+ else -+ discovery_free(client); - - /* - * If there are other client discoveries in progress, then leave -@@ -1859,8 +1915,11 @@ static void stop_discovery_complete(uint8_t status, uint16_t length, - goto done; - } - -- if (client->msg) -+ if (client->msg) { - g_dbus_send_reply(dbus_conn, client->msg, DBUS_TYPE_INVALID); -+ dbus_message_unref(client->msg); -+ client->msg = NULL; -+ } - - adapter->discovery_type = 0x00; - adapter->discovery_enable = 0x00; -@@ -1873,7 +1932,7 @@ static void stop_discovery_complete(uint8_t status, uint16_t length, - trigger_passive_scanning(adapter); - - done: -- discovery_remove(client); -+ discovery_remove(client, false); - } - - static int compare_sender(gconstpointer a, gconstpointer b) -@@ -2094,14 +2153,14 @@ static int update_discovery_filter(struct btd_adapter *adapter) - return -EINPROGRESS; - } - --static int discovery_stop(struct watch_client *client) -+static int discovery_stop(struct watch_client *client, bool exit) - { - struct btd_adapter *adapter = client->adapter; - struct mgmt_cp_stop_discovery cp; - - /* Check if there are more client discovering */ - if (g_slist_next(adapter->discovery_list)) { -- discovery_remove(client); -+ discovery_remove(client, exit); - update_discovery_filter(adapter); - return 0; - } -@@ -2111,7 +2170,7 @@ static int discovery_stop(struct watch_client *client) - * and so it is enough to send out the signal and just return. - */ - if (adapter->discovery_enable == 0x00) { -- discovery_remove(client); -+ discovery_remove(client, exit); - adapter->discovering = false; - g_dbus_emit_property_changed(dbus_conn, adapter->path, - ADAPTER_INTERFACE, "Discovering"); -@@ -2136,7 +2195,7 @@ static void discovery_disconnect(DBusConnection *conn, void *user_data) - - DBG("owner %s", client->owner); - -- discovery_stop(client); -+ discovery_stop(client, true); - } - - /* -@@ -2200,6 +2259,15 @@ static DBusMessage *start_discovery(DBusConnection *conn, - adapter->set_filter_list, client); - adapter->discovery_list = g_slist_prepend( - adapter->discovery_list, client); -+ -+ /* Reset discoverable filter if already set */ -+ if (adapter->current_settings & MGMT_OP_SET_DISCOVERABLE) -+ goto done; -+ -+ /* Set discoverable if filter requires and it*/ -+ if (client->discovery_filter->discoverable) -+ set_filtered_discoverable(adapter, true); -+ - goto done; - } - -@@ -2324,6 +2392,17 @@ static bool parse_duplicate_data(DBusMessageIter *value, - return true; - } - -+static bool parse_discoverable(DBusMessageIter *value, -+ struct discovery_filter *filter) -+{ -+ if (dbus_message_iter_get_arg_type(value) != DBUS_TYPE_BOOLEAN) -+ return false; -+ -+ dbus_message_iter_get_basic(value, &filter->discoverable); -+ -+ return true; -+} -+ - struct filter_parser { - const char *name; - bool (*func)(DBusMessageIter *iter, struct discovery_filter *filter); -@@ -2333,6 +2412,7 @@ struct filter_parser { - { "Pathloss", parse_pathloss }, - { "Transport", parse_transport }, - { "DuplicateData", parse_duplicate_data }, -+ { "Discoverable", parse_discoverable }, - { } - }; - -@@ -2372,6 +2452,7 @@ static bool parse_discovery_filter_dict(struct btd_adapter *adapter, - (*filter)->rssi = DISTANCE_VAL_INVALID; - (*filter)->type = get_scan_type(adapter); - (*filter)->duplicate = false; -+ (*filter)->discoverable = false; - - dbus_message_iter_init(msg, &iter); - if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY || -@@ -2417,8 +2498,10 @@ static bool parse_discovery_filter_dict(struct btd_adapter *adapter, - goto invalid_args; - - DBG("filtered discovery params: transport: %d rssi: %d pathloss: %d " -- " duplicate data: %s ", (*filter)->type, (*filter)->rssi, -- (*filter)->pathloss, (*filter)->duplicate ? "true" : "false"); -+ " duplicate data: %s discoverable %s", (*filter)->type, -+ (*filter)->rssi, (*filter)->pathloss, -+ (*filter)->duplicate ? "true" : "false", -+ (*filter)->discoverable ? "true" : "false"); - - return true; - -@@ -2510,7 +2593,7 @@ static DBusMessage *stop_discovery(DBusConnection *conn, - if (client->msg) - return btd_error_busy(msg); - -- err = discovery_stop(client); -+ err = discovery_stop(client, false); - switch (err) { - case 0: - return dbus_message_new_method_return(msg); -@@ -2739,13 +2822,15 @@ static void property_set_mode(struct btd_adapter *adapter, uint32_t setting, - else - current_enable = FALSE; - -- if (enable == current_enable) { -+ if (enable == current_enable || adapter->pending_settings & setting) { - g_dbus_pending_property_success(id); - return; - } - - mode = (enable == TRUE) ? 0x01 : 0x00; - -+ adapter->pending_settings |= setting; -+ - switch (setting) { - case MGMT_SETTING_POWERED: - opcode = MGMT_OP_SET_POWERED; -@@ -2798,7 +2883,7 @@ static void property_set_mode(struct btd_adapter *adapter, uint32_t setting, - data->id = id; - - if (mgmt_send(adapter->mgmt, opcode, adapter->dev_id, len, param, -- property_set_mode_complete, data, g_free) > 0) -+ property_set_mode_complete, data, g_free) > 0) - return; - - g_free(data); -@@ -2875,6 +2960,7 @@ static void property_set_discoverable_timeout( - GDBusPendingPropertySet id, void *user_data) - { - struct btd_adapter *adapter = user_data; -+ bool enabled; - dbus_uint32_t value; - - dbus_message_iter_get_basic(iter, &value); -@@ -2888,8 +2974,19 @@ static void property_set_discoverable_timeout( - g_dbus_emit_property_changed(dbus_conn, adapter->path, - ADAPTER_INTERFACE, "DiscoverableTimeout"); - -+ if (adapter->pending_settings & MGMT_SETTING_DISCOVERABLE) { -+ if (adapter->current_settings & MGMT_SETTING_DISCOVERABLE) -+ enabled = false; -+ else -+ enabled = true; -+ } else { -+ if (adapter->current_settings & MGMT_SETTING_DISCOVERABLE) -+ enabled = true; -+ else -+ enabled = false; -+ } - -- if (adapter->current_settings & MGMT_SETTING_DISCOVERABLE) -+ if (enabled) - set_discoverable(adapter, 0x01, adapter->discoverable_timeout); - } - --- -2.7.4 - diff --git a/meta/recipes-connectivity/bluez5/bluez5/gcc9-fixes.patch b/meta/recipes-connectivity/bluez5/bluez5/gcc9-fixes.patch deleted file mode 100644 index ca678e601e..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/gcc9-fixes.patch +++ /dev/null @@ -1,301 +0,0 @@ -Backported commit from upstream master branch (post 5.50 release), which -resolves assertion failures in several unit tests. - -https://git.kernel.org/pub/scm/bluetooth/bluez.git/patch/?id=0be5246170 - -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -diff --git a/unit/test-avctp.c b/unit/test-avctp.c -index 3bc3569..24de663 100644 ---- a/unit/test-avctp.c -+++ b/unit/test-avctp.c -@@ -43,7 +43,7 @@ - - struct test_pdu { - bool valid; -- const uint8_t *data; -+ uint8_t *data; - size_t size; - }; - -@@ -66,7 +66,7 @@ struct context { - #define raw_pdu(args...) \ - { \ - .valid = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -91,6 +91,11 @@ static void test_debug(const char *str, void *user_data) - static void test_free(gconstpointer user_data) - { - const struct test_data *data = user_data; -+ struct test_pdu *pdu; -+ int i; -+ -+ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) -+ g_free(pdu->data); - - g_free(data->test_name); - g_free(data->pdu_list); -diff --git a/unit/test-avdtp.c b/unit/test-avdtp.c -index dd8aed7..e2c951a 100644 ---- a/unit/test-avdtp.c -+++ b/unit/test-avdtp.c -@@ -47,7 +47,7 @@ - struct test_pdu { - bool valid; - bool fragmented; -- const uint8_t *data; -+ uint8_t *data; - size_t size; - }; - -@@ -61,7 +61,7 @@ struct test_data { - #define raw_pdu(args...) \ - { \ - .valid = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -69,7 +69,7 @@ struct test_data { - { \ - .valid = true, \ - .fragmented = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -81,7 +81,7 @@ struct test_data { - static struct test_data data; \ - data.test_name = g_strdup(name); \ - data.pdu_list = g_memdup(pdus, sizeof(pdus)); \ -- tester_add(name, &data, NULL, function, NULL); \ -+ tester_add(name, &data, NULL, function, NULL); \ - } while (0) - - struct context { -@@ -109,6 +109,11 @@ static void test_debug(const char *str, void *user_data) - static void test_free(gconstpointer user_data) - { - const struct test_data *data = user_data; -+ struct test_pdu *pdu; -+ int i; -+ -+ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) -+ g_free(pdu->data); - - g_free(data->test_name); - g_free(data->pdu_list); -diff --git a/unit/test-avrcp.c b/unit/test-avrcp.c -index 01307e6..f1aa353 100644 ---- a/unit/test-avrcp.c -+++ b/unit/test-avrcp.c -@@ -49,7 +49,7 @@ struct test_pdu { - bool fragmented; - bool continuing; - bool browse; -- const uint8_t *data; -+ uint8_t *data; - size_t size; - }; - -@@ -74,7 +74,7 @@ struct context { - #define raw_pdu(args...) \ - { \ - .valid = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -82,7 +82,7 @@ struct context { - { \ - .valid = true, \ - .browse = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -90,7 +90,7 @@ struct context { - { \ - .valid = true, \ - .fragmented = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -98,7 +98,7 @@ struct context { - { \ - .valid = true, \ - .continuing = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -123,6 +123,11 @@ static void test_debug(const char *str, void *user_data) - static void test_free(gconstpointer user_data) - { - const struct test_data *data = user_data; -+ struct test_pdu *pdu; -+ int i; -+ -+ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) -+ g_free(pdu->data); - - g_free(data->test_name); - g_free(data->pdu_list); -diff --git a/unit/test-gatt.c b/unit/test-gatt.c -index c7e28f8..d49f7a0 100644 ---- a/unit/test-gatt.c -+++ b/unit/test-gatt.c -@@ -48,7 +48,7 @@ - - struct test_pdu { - bool valid; -- const uint8_t *data; -+ uint8_t *data; - size_t size; - }; - -@@ -86,7 +86,7 @@ struct context { - #define raw_pdu(args...) \ - { \ - .valid = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -306,6 +306,11 @@ static bt_uuid_t uuid_char_128 = { - static void test_free(gconstpointer user_data) - { - const struct test_data *data = user_data; -+ struct test_pdu *pdu; -+ int i; -+ -+ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) -+ g_free(pdu->data); - - g_free(data->test_name); - g_free(data->pdu_list); -@@ -1911,6 +1916,8 @@ static void test_server(gconstpointer data) - g_assert_cmpint(len, ==, pdu.size); - - util_hexdump('<', pdu.data, len, test_debug, "GATT: "); -+ -+ g_free(pdu.data); - } - - static void test_search_primary(gconstpointer data) -diff --git a/unit/test-hfp.c b/unit/test-hfp.c -index f2b9622..890eee6 100644 ---- a/unit/test-hfp.c -+++ b/unit/test-hfp.c -@@ -43,7 +43,7 @@ struct context { - - struct test_pdu { - bool valid; -- const uint8_t *data; -+ uint8_t *data; - size_t size; - enum hfp_gw_cmd_type type; - bool fragmented; -@@ -63,7 +63,7 @@ struct test_data { - #define raw_pdu(args...) \ - { \ - .valid = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - } - -@@ -75,7 +75,7 @@ struct test_data { - #define type_pdu(cmd_type, args...) \ - { \ - .valid = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - .type = cmd_type, \ - } -@@ -83,7 +83,7 @@ struct test_data { - #define frg_pdu(args...) \ - { \ - .valid = true, \ -- .data = data(args), \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ - .size = sizeof(data(args)), \ - .fragmented = true, \ - } -@@ -119,6 +119,11 @@ struct test_data { - static void test_free(gconstpointer user_data) - { - const struct test_data *data = user_data; -+ struct test_pdu *pdu; -+ int i; -+ -+ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) -+ g_free(pdu->data); - - g_free(data->test_name); - g_free(data->pdu_list); -diff --git a/unit/test-hog.c b/unit/test-hog.c -index d117968..25bdb42 100644 ---- a/unit/test-hog.c -+++ b/unit/test-hog.c -@@ -68,11 +68,11 @@ struct context { - - #define data(args...) ((const unsigned char[]) { args }) - --#define raw_pdu(args...) \ --{ \ -- .valid = true, \ -- .data = data(args), \ -- .size = sizeof(data(args)),\ -+#define raw_pdu(args...) \ -+{ \ -+ .valid = true, \ -+ .data = g_memdup(data(args), sizeof(data(args))), \ -+ .size = sizeof(data(args)), \ - } - - #define false_pdu() \ -diff --git a/unit/test-sdp.c b/unit/test-sdp.c -index ac921a9..c71ee1f 100644 ---- a/unit/test-sdp.c -+++ b/unit/test-sdp.c -@@ -59,14 +59,14 @@ struct test_data { - #define raw_pdu(args...) \ - { \ - .valid = true, \ -- .raw_data = raw_data(args), \ -+ .raw_data = g_memdup(raw_data(args), sizeof(raw_data(args))), \ - .raw_size = sizeof(raw_data(args)), \ - } - - #define raw_pdu_cont(cont, args...) \ - { \ - .valid = true, \ -- .raw_data = raw_data(args), \ -+ .raw_data = g_memdup(raw_data(args), sizeof(raw_data(args))), \ - .raw_size = sizeof(raw_data(args)), \ - .cont_len = cont, \ - } -@@ -103,7 +103,7 @@ struct test_data_de { - #define define_test_de_attr(name, input, exp) \ - do { \ - static struct test_data_de data; \ -- data.input_data = input; \ -+ data.input_data = g_memdup(input, sizeof(input)); \ - data.input_size = sizeof(input); \ - data.expected = exp; \ - tester_add("/sdp/DE/ATTR/" name, &data, NULL, \ diff --git a/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch b/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch deleted file mode 100644 index 76ed779258..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch +++ /dev/null @@ -1,26 +0,0 @@ -From ed55b49a226ca3909f52416be2ae5ce1c5ca2cb2 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@intel.com> -Date: Fri, 22 Apr 2016 15:40:37 +0100 -Subject: [PATCH] Makefile.obexd: add missing mkdir in builtin.h generation - -In parallel out-of-tree builds it's possible that obexd/src/builtin.h is -generated before the target directory has been implicitly created. Solve this by -creating the directory before writing into it. - -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> ---- - Makefile.obexd | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/Makefile.obexd b/Makefile.obexd -index 2e33cbc..c8286f0 100644 ---- a/Makefile.obexd -+++ b/Makefile.obexd -@@ -105,2 +105,3 @@ obexd/src/plugin.$(OBJEXT): obexd/src/builtin.h - obexd/src/builtin.h: obexd/src/genbuiltin $(obexd_builtin_sources) -+ $(AM_V_at)$(MKDIR_P) $(dir $@) - $(AM_V_GEN)$(srcdir)/obexd/src/genbuiltin $(obexd_builtin_modules) > $@ --- -2.8.0.rc3 - diff --git a/meta/recipes-connectivity/bluez5/bluez5/run-ptest b/meta/recipes-connectivity/bluez5/bluez5/run-ptest index 21df00c327..0335e68e48 100644 --- a/meta/recipes-connectivity/bluez5/bluez5/run-ptest +++ b/meta/recipes-connectivity/bluez5/bluez5/run-ptest @@ -6,7 +6,7 @@ failed=0 all=0 for f in test-*; do - "./$f" + "./$f" -q case "$?" in 0) echo "PASS: $f" diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.50.bb b/meta/recipes-connectivity/bluez5/bluez5_5.78.bb index 4e443e5fb0..23d1ad69d8 100644 --- a/meta/recipes-connectivity/bluez5/bluez5_5.50.bb +++ b/meta/recipes-connectivity/bluez5/bluez5_5.78.bb @@ -1,7 +1,8 @@ require bluez5.inc -SRC_URI[md5sum] = "8e35c67c81a55d3ad4c9f22280dae178" -SRC_URI[sha256sum] = "5ffcaae18bbb6155f1591be8c24898dc12f062075a40b538b745bfd477481911" +SRC_URI[sha256sum] = "830fed1915c5d375b8de0f5e6f45fcdea0dcc5ff5ffb3d31db6ed0f00d73c5e3" + +CVE_STATUS[CVE-2020-24490] = "cpe-incorrect: This issue has kernel fixes rather than bluez fixes" # noinst programs in Makefile.tools that are conditional on READLINE # support diff --git a/meta/recipes-connectivity/connman/connman-conf.bb b/meta/recipes-connectivity/connman/connman-conf.bb index 9a519ec866..73c54cddae 100644 --- a/meta/recipes-connectivity/connman/connman-conf.bb +++ b/meta/recipes-connectivity/connman/connman-conf.bb @@ -1,36 +1,22 @@ -SUMMARY = "Connman config to setup wired interface on qemu machines" -DESCRIPTION = "This is the ConnMan configuration to set up a Wired \ -network interface for a qemu machine." -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" +SUMMARY = "Connman config to ignore wired interface on qemu machines" +DESCRIPTION = "This is the ConnMan configuration to avoid touching wired \ +network interface inside qemu machines." +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6" -inherit systemd -SRC_URI_append_qemuall = " file://wired.config \ - file://wired-setup \ - file://wired-connection.service \ -" -PR = "r2" +SRC_URI = "file://main.conf \ + " -S = "${WORKDIR}" +S = "${WORKDIR}/sources" +UNPACKDIR = "${S}" PACKAGE_ARCH = "${MACHINE_ARCH}" -FILES_${PN} = "${localstatedir}/* ${datadir}/*" +FILES:${PN} = "${sysconfdir}/*" -do_install() { - #Configure Wired network interface in case of qemu* machines - if test -e ${WORKDIR}/wired.config && - test -e ${WORKDIR}/wired-setup && - test -e ${WORKDIR}/wired-connection.service; then - install -d ${D}${localstatedir}/lib/connman - install -m 0644 ${WORKDIR}/wired.config ${D}${localstatedir}/lib/connman - install -d ${D}${datadir}/connman - install -m 0755 ${WORKDIR}/wired-setup ${D}${datadir}/connman - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/wired-connection.service ${D}${systemd_system_unitdir} - sed -i -e 's|@SCRIPTDIR@|${datadir}/connman|g' ${D}${systemd_system_unitdir}/wired-connection.service - fi +# Kernel IP-Config is perfectly capable of setting up networking passed in via ip= +do_install:append:qemuall() { + mkdir -p ${D}${sysconfdir}/connman + cp ${S}/main.conf ${D}${sysconfdir}/connman/main.conf } - -SYSTEMD_SERVICE_${PN}_qemuall = "wired-connection.service" diff --git a/meta/recipes-connectivity/connman/connman-conf/main.conf b/meta/recipes-connectivity/connman/connman-conf/main.conf new file mode 100644 index 0000000000..3c9dd396f6 --- /dev/null +++ b/meta/recipes-connectivity/connman/connman-conf/main.conf @@ -0,0 +1,2 @@ +[General] +NetworkInterfaceBlacklist = eth,en diff --git a/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service b/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service deleted file mode 100644 index 48adfc08ac..0000000000 --- a/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Setup a wired interface -Before=connman.service - -[Service] -Type=oneshot -ExecStart=@SCRIPTDIR@/wired-setup - -[Install] -WantedBy=network.target diff --git a/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-setup b/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-setup deleted file mode 100644 index c46899ef32..0000000000 --- a/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-setup +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh - -CONFIGF=/var/lib/connman/wired.config - -# Extract wired network config from /proc/cmdline -NET_CONF=`cat /proc/cmdline |sed -ne 's/^.*ip=\([^ ]*\):\([^ ]*\):\([^ ]*\):\([^ ]*\).*$/\1\/\4\/\3/p'` - -# Check if eth0 is already set via kernel cmdline -if [ "x$NET_CONF" = "x" ]; then - # Wired interface is not configured via kernel cmdline - # Remove connman config file template - rm -f ${CONFIGF} -else - # Setup a connman config accordingly - sed -i -e "s|^IPv4 =.*|IPv4 = ${NET_CONF}|" ${CONFIGF} -fi diff --git a/meta/recipes-connectivity/connman/connman-conf/qemuall/wired.config b/meta/recipes-connectivity/connman/connman-conf/qemuall/wired.config deleted file mode 100644 index 42998ce897..0000000000 --- a/meta/recipes-connectivity/connman/connman-conf/qemuall/wired.config +++ /dev/null @@ -1,9 +0,0 @@ -[global] -Name = Wired -Description = Wired network configuration - -[service_ethernet] -Type = ethernet -IPv4 = -MAC = 52:54:00:12:34:56 -Nameservers = 8.8.8.8 diff --git a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb index 778bf50191..46b3f854c5 100644 --- a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb +++ b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb @@ -1,7 +1,7 @@ SUMMARY = "GTK+ frontend for the ConnMan network connection manager" HOMEPAGE = "http://connman.net/" SECTION = "libs/network" -LICENSE = "GPLv2 & LGPLv2.1" +LICENSE = "GPL-2.0-only & LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ file://properties/main.c;beginline=1;endline=20;md5=50c77c81871308b033ab7a1504626afb \ file://common/connman-dbus.c;beginline=1;endline=20;md5=de6b485c0e717a0236402d220187717a" @@ -10,10 +10,10 @@ DEPENDS = "gtk+3 dbus-glib dbus-glib-native intltool-native gettext-native" # 0.7 tag SRCREV = "cf3c325b23dae843c5499a113591cfbc98acb143" -SRC_URI = "git://github.com/connectivity/connman-gnome.git \ +SRC_URI = "git://github.com/connectivity/connman-gnome.git;branch=master;protocol=https \ file://0001-Removed-icon-from-connman-gnome-about-applet.patch \ file://null_check_for_ipv4_config.patch \ - file://images/* \ + file://images/ \ file://connman-gnome-fix-dbus-interface-name.patch \ file://0001-Port-to-Gtk3.patch \ " @@ -23,8 +23,12 @@ S = "${WORKDIR}/git" inherit autotools-brokensep gtk-icon-cache pkgconfig features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" -RDEPENDS_${PN} = "connman" +RDEPENDS:${PN} = "connman" -do_install_append() { - install -m 0644 ${WORKDIR}/images/* ${D}/usr/share/icons/hicolor/22x22/apps/ +do_install:append() { + install -m 0644 ${UNPACKDIR}/images/* ${D}/usr/share/icons/hicolor/22x22/apps/ } + +# http://errors.yoctoproject.org/Errors/Details/766926/ +# connman-client.c:200:15: error: assignment to 'GtkTreeModel *' {aka 'struct _GtkTreeModel *'} from incompatible pointer type 'GtkTreeStore *' {aka 'struct _GtkTreeStore *'} [-Wincompatible-pointer-types] +CFLAGS += "-Wno-error=incompatible-pointer-types" diff --git a/meta/recipes-connectivity/connman/connman.inc b/meta/recipes-connectivity/connman/connman.inc index fb38ab4fc1..073061eeda 100644 --- a/meta/recipes-connectivity/connman/connman.inc +++ b/meta/recipes-connectivity/connman/connman.inc @@ -9,15 +9,15 @@ configuration methods, like DHCP and domain name resolving, are \ implemented using plug-ins." HOMEPAGE = "http://connman.net/" BUGTRACKER = "https://01.org/jira/browse/CM" -LICENSE = "GPLv2" +LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ file://src/main.c;beginline=1;endline=20;md5=486a279a6ab0c8d152bcda3a5b5edc36" inherit autotools pkgconfig systemd update-rc.d update-alternatives -DEPENDS = "dbus glib-2.0 ppp readline" +CVE_PRODUCT = "connman connection_manager" -INC_PR = "r20" +DEPENDS = "dbus glib-2.0 ppp" EXTRA_OECONF += "\ ac_cv_path_WPASUPPLICANT=${sbindir}/wpa_supplicant \ @@ -27,23 +27,29 @@ EXTRA_OECONF += "\ --enable-ethernet \ --enable-tools \ --disable-polkit \ - --enable-client \ + --runstatedir=/run \ " +# For smooth operation it would be best to start only one wireless daemon at a time. +# If wpa-supplicant is running, connman will use it preferentially. +# Select either wpa-supplicant or iwd +WIRELESS_DAEMON ??= "wpa-supplicant" -PACKAGECONFIG ??= "wispr \ - ${@bb.utils.filter('DISTRO_FEATURES', '3g systemd wifi', d)} \ +PACKAGECONFIG ??= "wispr iptables client\ + ${@bb.utils.filter('DISTRO_FEATURES', '3g systemd', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ - iptables \ + ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'wifi ${WIRELESS_DAEMON}', '', d)} \ " # If you want ConnMan to support VPN, add following statement into # local.conf or distro config -# PACKAGECONFIG_append_pn-connman = " openvpn vpnc l2tp pptp" +# PACKAGECONFIG:append:pn-connman = " openvpn vpnc l2tp pptp" -PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''" -PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi, wpa-supplicant, wpa-supplicant" +PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_system_unitdir}/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''" +PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi" PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5, bluez5" PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono, ofono" +PACKAGECONFIG[wpa-supplicant] = ",,wpa-supplicant,wpa-supplicant" +PACKAGECONFIG[iwd] = "--enable-iwd,--disable-iwd,,iwd" PACKAGECONFIG[tist] = "--enable-tist,--disable-tist," PACKAGECONFIG[openvpn] = "--enable-openvpn --with-openvpn=${sbindir}/openvpn,--disable-openvpn,,openvpn" PACKAGECONFIG[vpnc] = "--enable-vpnc --with-vpnc=${sbindir}/vpnc,--disable-vpnc,,vpnc" @@ -51,9 +57,11 @@ PACKAGECONFIG[l2tp] = "--enable-l2tp --with-l2tp=${sbindir}/xl2tpd,--disable-l2t PACKAGECONFIG[pptp] = "--enable-pptp --with-pptp=${sbindir}/pptp,--disable-pptp,,pptp-linux" # WISPr support for logging into hotspots, requires TLS PACKAGECONFIG[wispr] = "--enable-wispr,--disable-wispr,gnutls," -PACKAGECONFIG[nftables] = "--with-firewall=nftables ,,libmnl libnftnl,,kernel-module-nf-tables-ipv4 kernel-module-nft-chain-nat-ipv4 kernel-module-nft-chain-route-ipv4 kernel-module-nft-meta kernel-module-nft-masq-ipv4 kernel-module-nft-nat" +PACKAGECONFIG[nftables] = "--with-firewall=nftables ,,libmnl libnftnl,,kernel-module-nf-tables kernel-module-nft-chain-nat-ipv4 kernel-module-nft-chain-route-ipv4 kernel-module-nft-masq-ipv4 kernel-module-nft-nat" PACKAGECONFIG[iptables] = "--with-firewall=iptables ,,iptables,iptables" PACKAGECONFIG[nfc] = "--enable-neard, --disable-neard, neard, neard" +PACKAGECONFIG[client] = "--enable-client,--disable-client,readline" +PACKAGECONFIG[wireguard] = "--enable-wireguard,--disable-wireguard,libmnl" INITSCRIPT_NAME = "connman" INITSCRIPT_PARAMS = "start 05 5 2 3 . stop 22 0 1 6 ." @@ -66,19 +74,19 @@ python __anonymous () { d.setVar('SYSTEMD_PACKAGES', systemd_packages) } -SYSTEMD_SERVICE_${PN} = "connman.service" -SYSTEMD_SERVICE_${PN}-vpn = "connman-vpn.service" -SYSTEMD_SERVICE_${PN}-wait-online = "connman-wait-online.service" +SYSTEMD_SERVICE:${PN} = "connman.service" +SYSTEMD_SERVICE:${PN}-vpn = "connman-vpn.service" +SYSTEMD_SERVICE:${PN}-wait-online = "connman-wait-online.service" ALTERNATIVE_PRIORITY = "100" -ALTERNATIVE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','resolv-conf','',d)}" +ALTERNATIVE:${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','resolv-conf','',d)}" ALTERNATIVE_TARGET[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv-conf.connman','',d)}" ALTERNATIVE_LINK_NAME[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv.conf','',d)}" -do_install_append() { +do_install:append() { if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/connman ${D}${sysconfdir}/init.d/connman + install -m 0755 ${UNPACKDIR}/connman ${D}${sysconfdir}/init.d/connman sed -i s%@DATADIR@%${datadir}% ${D}${sysconfdir}/init.d/connman fi @@ -87,7 +95,6 @@ do_install_append() { if [ -e ${B}/tools/wispr ]; then install -m 0755 ${B}/tools/wispr ${D}${bindir} fi - install -m 0755 ${B}/client/connmanctl ${D}${bindir} # We don't need to package an empty directory rmdir --ignore-fail-on-non-empty ${D}${libdir}/connman/scripts @@ -103,7 +110,7 @@ do_install_append() { } # These used to be plugins, but now they are core -RPROVIDES_${PN} = "\ +RPROVIDES:${PN} = "\ connman-plugin-loopback \ connman-plugin-ethernet \ ${@bb.utils.contains('PACKAGECONFIG', 'bluetooth','connman-plugin-bluetooth', '', d)} \ @@ -111,7 +118,7 @@ RPROVIDES_${PN} = "\ ${@bb.utils.contains('PACKAGECONFIG', '3g','connman-plugin-ofono', '', d)} \ " -RDEPENDS_${PN} = "\ +RDEPENDS:${PN} = "\ dbus \ " @@ -122,11 +129,11 @@ def add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, add_insane_skip): if plugintype in depmap: rdepends = map(lambda x: multilib_prefix + x, \ depmap[plugintype].split()) - d.setVar("RDEPENDS_%s" % pkg, " ".join(rdepends)) + d.setVar("RDEPENDS:%s" % pkg, " ".join(rdepends)) if add_insane_skip: - d.appendVar("INSANE_SKIP_%s" % pkg, "dev-so") + d.appendVar("INSANE_SKIP:%s" % pkg, "dev-so") -python populate_packages_prepend() { +python populate_packages:prepend() { depmap = dict(pppd="ppp") multilib_prefix = (d.getVar("MLPREFIX") or "") @@ -147,71 +154,72 @@ python populate_packages_prepend() { PACKAGES =+ "${PN}-tools ${PN}-tests ${PN}-client" -FILES_${PN}-tools = "${bindir}/wispr" -RDEPENDS_${PN}-tools ="${PN}" +FILES:${PN}-tools = "${bindir}/wispr" +RDEPENDS:${PN}-tools ="${PN}" -FILES_${PN}-tests = "${bindir}/*-test" +FILES:${PN}-tests = "${bindir}/*-test" -FILES_${PN}-client = "${bindir}/connmanctl" -RDEPENDS_${PN}-client ="${PN}" +FILES:${PN}-client = "${bindir}/connmanctl" +RDEPENDS:${PN}-client ="${PN}" -FILES_${PN} = "${bindir}/* ${sbindir}/* ${libexecdir}/* ${libdir}/lib*.so.* \ +FILES:${PN} = "${bindir}/* ${sbindir}/* ${libexecdir}/* ${libdir}/lib*.so.* \ ${libdir}/connman/plugins \ ${sysconfdir} ${sharedstatedir} ${localstatedir} ${datadir} \ ${base_bindir}/* ${base_sbindir}/* ${base_libdir}/*.so* ${datadir}/${PN} \ ${datadir}/dbus-1/system-services/* \ ${sysconfdir}/tmpfiles.d/connman_resolvconf.conf" -FILES_${PN}-dev += "${libdir}/connman/*/*.la" +FILES:${PN}-dev += "${libdir}/connman/*/*.la" PACKAGES =+ "${PN}-vpn ${PN}-wait-online" -SUMMARY_${PN}-vpn = "A daemon for managing VPN connections within embedded devices" -DESCRIPTION_${PN}-vpn = "The ConnMan VPN provides a daemon for \ +SUMMARY:${PN}-vpn = "A daemon for managing VPN connections within embedded devices" +DESCRIPTION:${PN}-vpn = "The ConnMan VPN provides a daemon for \ managing VPN connections within embedded devices running the Linux \ operating system. The connman-vpnd handles all the VPN connections \ and starts/stops VPN client processes when necessary. The connman-vpnd \ provides a DBus API for managing VPN connections. All the different \ VPN technogies are implemented using plug-ins." -FILES_${PN}-vpn += "${sbindir}/connman-vpnd \ +FILES:${PN}-vpn += "${sbindir}/connman-vpnd \ ${sysconfdir}/dbus-1/system.d/connman-vpn-dbus.conf \ ${datadir}/dbus-1/system-services/net.connman.vpn.service \ - ${systemd_unitdir}/system/connman-vpn.service" + ${systemd_system_unitdir}/connman-vpn.service" -SUMMARY_${PN}-wait-online = "A program that will return once ConnMan has connected to a network" -DESCRIPTION_${PN}-wait-online = "A service that can be enabled so that \ +SUMMARY:${PN}-wait-online = "A program that will return once ConnMan has connected to a network" +DESCRIPTION:${PN}-wait-online = "A service that can be enabled so that \ the system waits until a network connection is established." -FILES_${PN}-wait-online += "${sbindir}/connmand-wait-online \ - ${systemd_unitdir}/system/connman-wait-online.service" +FILES:${PN}-wait-online += "${sbindir}/connmand-wait-online \ + ${systemd_system_unitdir}/connman-wait-online.service" -SUMMARY_${PN}-plugin-vpn-openvpn = "An OpenVPN plugin for ConnMan VPN" -DESCRIPTION_${PN}-plugin-vpn-openvpn = "The ConnMan OpenVPN plugin uses openvpn client \ +SUMMARY:${PN}-plugin-vpn-openvpn = "An OpenVPN plugin for ConnMan VPN" +DESCRIPTION:${PN}-plugin-vpn-openvpn = "The ConnMan OpenVPN plugin uses openvpn client \ to create a VPN connection to OpenVPN server." -FILES_${PN}-plugin-vpn-openvpn += "${libdir}/connman/scripts/openvpn-script \ +FILES:${PN}-plugin-vpn-openvpn += "${libdir}/connman/scripts/openvpn-script \ ${libdir}/connman/plugins-vpn/openvpn.so" -RDEPENDS_${PN}-plugin-vpn-openvpn += "${PN}-vpn" -RRECOMMENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','openvpn','${PN}-plugin-vpn-openvpn', '', d)}" +RDEPENDS:${PN}-plugin-vpn-openvpn += "${PN}-vpn" +RRECOMMENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG','openvpn','${PN}-plugin-vpn-openvpn', '', d)}" -SUMMARY_${PN}-plugin-vpn-vpnc = "A vpnc plugin for ConnMan VPN" -DESCRIPTION_${PN}-plugin-vpn-vpnc = "The ConnMan vpnc plugin uses vpnc client \ +SUMMARY:${PN}-plugin-vpn-vpnc = "A vpnc plugin for ConnMan VPN" +DESCRIPTION:${PN}-plugin-vpn-vpnc = "The ConnMan vpnc plugin uses vpnc client \ to create a VPN connection to Cisco3000 VPN Concentrator." -FILES_${PN}-plugin-vpn-vpnc += "${libdir}/connman/scripts/openconnect-script \ - ${libdir}/connman/plugins-vpn/vpnc.so" -RDEPENDS_${PN}-plugin-vpn-vpnc += "${PN}-vpn" -RRECOMMENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','vpnc','${PN}-plugin-vpn-vpnc', '', d)}" - -SUMMARY_${PN}-plugin-vpn-l2tp = "A L2TP plugin for ConnMan VPN" -DESCRIPTION_${PN}-plugin-vpn-l2tp = "The ConnMan L2TP plugin uses xl2tpd daemon \ +FILES:${PN}-plugin-vpn-vpnc += "${libdir}/connman/scripts/openconnect-script \ + ${libdir}/connman/plugins-vpn/vpnc.so \ + ${libdir}/connman/scripts/vpn-script" +RDEPENDS:${PN}-plugin-vpn-vpnc += "${PN}-vpn" +RRECOMMENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG','vpnc','${PN}-plugin-vpn-vpnc', '', d)}" + +SUMMARY:${PN}-plugin-vpn-l2tp = "A L2TP plugin for ConnMan VPN" +DESCRIPTION:${PN}-plugin-vpn-l2tp = "The ConnMan L2TP plugin uses xl2tpd daemon \ to create a VPN connection to L2TP server." -FILES_${PN}-plugin-vpn-l2tp += "${libdir}/connman/scripts/libppp-plugin.so* \ +FILES:${PN}-plugin-vpn-l2tp += "${libdir}/connman/scripts/libppp-plugin.so* \ ${libdir}/connman/plugins-vpn/l2tp.so" -RDEPENDS_${PN}-plugin-vpn-l2tp += "${PN}-vpn" -RRECOMMENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','l2tp','${PN}-plugin-vpn-l2tp', '', d)}" +RDEPENDS:${PN}-plugin-vpn-l2tp += "${PN}-vpn" +RRECOMMENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG','l2tp','${PN}-plugin-vpn-l2tp', '', d)}" -SUMMARY_${PN}-plugin-vpn-pptp = "A PPTP plugin for ConnMan VPN" -DESCRIPTION_${PN}-plugin-vpn-pptp = "The ConnMan PPTP plugin uses pptp-linux client \ +SUMMARY:${PN}-plugin-vpn-pptp = "A PPTP plugin for ConnMan VPN" +DESCRIPTION:${PN}-plugin-vpn-pptp = "The ConnMan PPTP plugin uses pptp-linux client \ to create a VPN connection to PPTP server." -FILES_${PN}-plugin-vpn-pptp += "${libdir}/connman/scripts/libppp-plugin.so* \ +FILES:${PN}-plugin-vpn-pptp += "${libdir}/connman/scripts/libppp-plugin.so* \ ${libdir}/connman/plugins-vpn/pptp.so" -RDEPENDS_${PN}-plugin-vpn-pptp += "${PN}-vpn" -RRECOMMENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','pptp','${PN}-plugin-vpn-pptp', '', d)}" +RDEPENDS:${PN}-plugin-vpn-pptp += "${PN}-vpn" +RRECOMMENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG','pptp','${PN}-plugin-vpn-pptp', '', d)}" diff --git a/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch b/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch deleted file mode 100644 index 30f1432cd3..0000000000 --- a/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch +++ /dev/null @@ -1,34 +0,0 @@ -From f0a8c69971b30ea7ca255bb885fdd1179fa5d298 Mon Sep 17 00:00:00 2001 -From: Nicola Lunghi <nick83ola@gmail.com> -Date: Thu, 23 May 2019 07:55:25 +0100 -Subject: [PATCH] gweb: fix segfault with musl v1.1.21 - -In musl > v1.1.21 freeaddrinfo() implementation changed and -was causing a segmentation fault on recent Yocto using musl. - -See this commit: - - https://git.musl-libc.org/cgit/musl/commit/src/network/freeaddrinfo.c?id=d1395c43c019aec6b855cf3c656bf47c8a719e7f - -Upstream-Status: Submitted ---- - gweb/gweb.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/gweb/gweb.c b/gweb/gweb.c -index 393afe0a..12fcb1d8 100644 ---- a/gweb/gweb.c -+++ b/gweb/gweb.c -@@ -1274,7 +1274,8 @@ static bool is_ip_address(const char *host) - addr = NULL; - - result = getaddrinfo(host, NULL, &hints, &addr); -- freeaddrinfo(addr); -+ if(!result) -+ freeaddrinfo(addr); - - return result == 0; - } --- -2.19.1 - diff --git a/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch b/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch index 639ccfa2a2..9e2cc34995 100644 --- a/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch +++ b/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch @@ -1,85 +1,88 @@ -From 10b0d16d04b811b1ccd1f9b0cfe757bce8d876a1 Mon Sep 17 00:00:00 2001 +From 60783f0d885c9a0db8b6f1d528786321e53f1512 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Mon, 6 Apr 2015 23:02:21 -0700 -Subject: [PATCH 2/3] resolve: musl does not implement res_ninit +Subject: [PATCH] gweb/gresolv.c: make use of res_ninit optional and subject to + __RES -ported from +Not all libc implementation have those functions, and the way to determine +if they do is to check __RES which is explained in resolv.h thusly: + +/* + * Revision information. This is the release date in YYYYMMDD format. + * It can change every day so the right thing to do with it is use it + * in preprocessor commands such as "#if (__RES > 19931104)". Do not + * compare for equality; rather, use it to determine whether your resolver + * is new enough to contain a certain feature. + */ + +Indeed, it needs to be at least 19991006. + +The portion of the patch that implements a fallback is ported from +Alpine Linux: http://git.alpinelinux.org/cgit/aports/plain/testing/connman/libresolv.patch -Upstream-Status: Pending +Upstream-Status: Submitted [to connman@lists.linux.dev,marcel@holtmann.org] Signed-off-by: Khem Raj <raj.khem@gmail.com> --- - gweb/gresolv.c | 33 ++++++++++++--------------------- - 1 file changed, 12 insertions(+), 21 deletions(-) + gweb/gresolv.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) diff --git a/gweb/gresolv.c b/gweb/gresolv.c -index 5cf7a9a..3ad8e70 100644 +index 8101d71..9f1477c 100644 --- a/gweb/gresolv.c +++ b/gweb/gresolv.c -@@ -36,6 +36,7 @@ - #include <arpa/inet.h> - #include <arpa/nameser.h> - #include <net/if.h> -+#include <ctype.h> - - #include "gresolv.h" - -@@ -875,8 +875,6 @@ GResolv *g_resolv_new(int index) +@@ -879,7 +879,9 @@ GResolv *g_resolv_new(int index) resolv->index = index; resolv->nameserver_list = NULL; -- res_ninit(&resolv->res); -- ++#if (__RES >= 19991006) + res_ninit(&resolv->res); ++#endif + return resolv; } - -@@ -916,8 +914,6 @@ void g_resolv_unref(GResolv *resolv) +@@ -920,7 +922,9 @@ void g_resolv_unref(GResolv *resolv) flush_nameservers(resolv); -- res_nclose(&resolv->res); -- ++#if (__RES >= 19991006) + res_nclose(&resolv->res); ++#endif + g_free(resolv); } - -@@ -1020,24 +1016,19 @@ guint g_resolv_lookup_hostname(GResolv *resolv, const char *hostname, +@@ -1024,6 +1028,7 @@ guint g_resolv_lookup_hostname(GResolv *resolv, const char *hostname, debug(resolv, "hostname %s", hostname); if (!resolv->nameserver_list) { -- int i; -- -- for (i = 0; i < resolv->res.nscount; i++) { -- char buf[100]; -- int family = resolv->res.nsaddr_list[i].sin_family; -- void *sa_addr = &resolv->res.nsaddr_list[i].sin_addr; -- -- if (family != AF_INET && -- resolv->res._u._ext.nsaddrs[i]) { -- family = AF_INET6; -- sa_addr = &resolv->res._u._ext.nsaddrs[i]->sin6_addr; -+ FILE *f = fopen("/etc/resolv.conf", "r"); -+ if (f) { -+ char line[256], *s; -+ int i; -+ while (fgets(line, sizeof(line), f)) { -+ if (strncmp(line, "nameserver", 10) || !isspace(line[10])) -+ continue; -+ for (s = &line[11]; isspace(s[0]); s++); -+ for (i = 0; s[i] && !isspace(s[i]); i++); -+ s[i] = 0; -+ g_resolv_add_nameserver(resolv, s, 53, 0); - } -- -- if (family != AF_INET && family != AF_INET6) -- continue; -- -- if (inet_ntop(family, sa_addr, buf, sizeof(buf))) -- g_resolv_add_nameserver(resolv, buf, 53, 0); -+ fclose(f); ++#if (__RES >= 19991006) + int i; + + for (i = 0; i < resolv->res.nscount; i++) { +@@ -1043,6 +1048,22 @@ guint g_resolv_lookup_hostname(GResolv *resolv, const char *hostname, + if (inet_ntop(family, sa_addr, buf, sizeof(buf))) + g_resolv_add_nameserver(resolv, buf, 53, 0); } ++#else ++ FILE *f = fopen("/etc/resolv.conf", "r"); ++ if (f) { ++ char line[256], *s; ++ int i; ++ while (fgets(line, sizeof(line), f)) { ++ if (strncmp(line, "nameserver", 10) || !isspace(line[10])) ++ continue; ++ for (s = &line[11]; isspace(s[0]); s++); ++ for (i = 0; s[i] && !isspace(s[i]); i++); ++ s[i] = 0; ++ g_resolv_add_nameserver(resolv, s, 53, 0); ++ } ++ fclose(f); ++ } ++#endif if (!resolv->nameserver_list) + g_resolv_add_nameserver(resolv, "127.0.0.1", 53, 0); -- -2.5.1 +2.39.2 diff --git a/meta/recipes-connectivity/connman/connman/connman b/meta/recipes-connectivity/connman/connman/connman index c64fa0d715..a021fd4655 100644 --- a/meta/recipes-connectivity/connman/connman/connman +++ b/meta/recipes-connectivity/connman/connman/connman @@ -10,49 +10,11 @@ fi set -e -nfsroot=0 - -exec 9<&0 < /proc/mounts -while read dev mtpt fstype rest; do - if test $mtpt = "/" ; then - case $fstype in - nfs | nfs4) - nfsroot=1 - break - ;; - *) - ;; - esac - fi -done - do_start() { - EXTRA_PARAM="" - if test $nfsroot -eq 1 ; then - NET_DEVS=`cat /proc/net/dev | sed -ne 's/^\([a-zA-Z0-9 ]*\):.*$/\1/p'` - NET_ADDR=`cat /proc/cmdline | sed -ne 's/^.*ip=\([^ :]*\).*$/\1/p'` - - if [ ! -z "$NET_ADDR" ]; then - if [ "$NET_ADDR" = dhcp ]; then - ethn=`ifconfig | grep "^eth" | sed -e "s/\(eth[0-9]\)\(.*\)/\1/"` - if [ ! -z "$ethn" ]; then - EXTRA_PARAM="-I $ethn" - fi - else - for i in $NET_DEVS; do - ADDR=`ifconfig $i | sed 's/addr://g' | sed -ne 's/^.*inet \([0-9.]*\) .*$/\1/p'` - if [ "$NET_ADDR" = "$ADDR" ]; then - EXTRA_PARAM="-I $i" - break - fi - done - fi - fi - fi if [ -f @DATADIR@/connman/wired-setup ] ; then . @DATADIR@/connman/wired-setup fi - $DAEMON $EXTRA_PARAM + $DAEMON } do_stop() { diff --git a/meta/recipes-connectivity/connman/connman_1.37.bb b/meta/recipes-connectivity/connman/connman_1.37.bb deleted file mode 100644 index 00852bf0d6..0000000000 --- a/meta/recipes-connectivity/connman/connman_1.37.bb +++ /dev/null @@ -1,17 +0,0 @@ -require connman.inc - -SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ - file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \ - file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ - file://0001-gweb-fix-segfault-with-musl-v1.1.21.patch \ - file://connman \ - file://no-version-scripts.patch \ -" - -SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch" - -SRC_URI[md5sum] = "75012084f14fb63a84b116e66c6e94fb" -SRC_URI[sha256sum] = "6ce29b3eb0bb16a7387bc609c39455fd13064bdcde5a4d185fab3a0c71946e16" - -RRECOMMENDS_${PN} = "connman-conf" -RCONFLICTS_${PN} = "networkmanager" diff --git a/meta/recipes-connectivity/connman/connman_1.43.bb b/meta/recipes-connectivity/connman/connman_1.43.bb new file mode 100644 index 0000000000..1100599490 --- /dev/null +++ b/meta/recipes-connectivity/connman/connman_1.43.bb @@ -0,0 +1,15 @@ +require connman.inc + +SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ + file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \ + file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ + file://connman \ + file://no-version-scripts.patch \ + file://0002-resolve-musl-does-not-implement-res_ninit.patch \ + " + + +SRC_URI[sha256sum] = "1257cebe327e7900b7e2b84c0fb330aa90815e455898cd2f941f4308ed2be3bc" + +RRECOMMENDS:${PN} = "connman-conf" +RCONFLICTS:${PN} = "networkmanager" diff --git a/meta/recipes-connectivity/dhcp/dhcp.inc b/meta/recipes-connectivity/dhcp/dhcp.inc deleted file mode 100644 index c4697beaf1..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp.inc +++ /dev/null @@ -1,148 +0,0 @@ -SECTION = "console/network" -SUMMARY = "Internet Software Consortium DHCP package" -DESCRIPTION = "DHCP (Dynamic Host Configuration Protocol) is a protocol \ -which allows individual devices on an IP network to get their own \ -network configuration information from a server. DHCP helps make it \ -easier to administer devices." - -HOMEPAGE = "http://www.isc.org/" - -LICENSE = "ISC" -LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;md5=004a4db50a1e20972e924a8618747c01" - -DEPENDS = "openssl bind" - -SRC_URI = "http://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ - file://init-relay file://default-relay \ - file://init-server file://default-server \ - file://dhclient.conf file://dhcpd.conf \ - file://dhclient-systemd-wrapper \ - file://dhclient.service \ - file://dhcpd.service file://dhcrelay.service \ - file://dhcpd6.service \ - " -UPSTREAM_CHECK_URI = "http://ftp.isc.org/isc/dhcp/" -UPSTREAM_CHECK_REGEX = "(?P<pver>\d+\.\d+\.(\d+?))/" - -inherit autotools-brokensep systemd useradd update-rc.d - -USERADD_PACKAGES = "${PN}-server" -USERADD_PARAM_${PN}-server = "--system --no-create-home --home-dir /var/run/${BPN} --shell /bin/false --user-group ${BPN}" - -SYSTEMD_PACKAGES = "${PN}-server ${PN}-relay ${PN}-client" -SYSTEMD_SERVICE_${PN}-server = "dhcpd.service dhcpd6.service" -SYSTEMD_AUTO_ENABLE_${PN}-server = "disable" - -SYSTEMD_SERVICE_${PN}-relay = "dhcrelay.service" -SYSTEMD_AUTO_ENABLE_${PN}-relay = "disable" - -SYSTEMD_SERVICE_${PN}-client = "dhclient.service" -SYSTEMD_AUTO_ENABLE_${PN}-client = "disable" - -INITSCRIPT_PACKAGES = "dhcp-server" -INITSCRIPT_NAME_dhcp-server = "dhcp-server" -INITSCRIPT_PARAMS_dhcp-server = "defaults" - -CFLAGS += "-D_GNU_SOURCE" -EXTRA_OECONF = "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \ - --with-srv6-lease-file=${localstatedir}/lib/dhcp/dhcpd6.leases \ - --with-cli-lease-file=${localstatedir}/lib/dhcp/dhclient.leases \ - --with-cli6-lease-file=${localstatedir}/lib/dhcp/dhclient6.leases \ - --enable-paranoia --disable-static \ - --with-randomdev=/dev/random \ - --with-libbind=${STAGING_DIR_HOST} \ - --enable-libtool \ - " - -#Enable shared libs per dhcp README -do_configure_prepend () { - cp configure.ac+lt configure.ac -} - -do_install_append () { - install -d ${D}${sysconfdir}/init.d - install -d ${D}${sysconfdir}/default - install -d ${D}${sysconfdir}/dhcp - install -m 0755 ${WORKDIR}/init-relay ${D}${sysconfdir}/init.d/dhcp-relay - install -m 0644 ${WORKDIR}/default-relay ${D}${sysconfdir}/default/dhcp-relay - install -m 0755 ${WORKDIR}/init-server ${D}${sysconfdir}/init.d/dhcp-server - install -m 0644 ${WORKDIR}/default-server ${D}${sysconfdir}/default/dhcp-server - - rm -f ${D}${sysconfdir}/dhclient.conf* - rm -f ${D}${sysconfdir}/dhcpd.conf* - install -m 0644 ${WORKDIR}/dhclient.conf ${D}${sysconfdir}/dhcp/dhclient.conf - install -m 0644 ${WORKDIR}/dhcpd.conf ${D}${sysconfdir}/dhcp/dhcpd.conf - - install -d ${D}${base_sbindir}/ - if [ "${sbindir}" != "${base_sbindir}" ]; then - mv ${D}${sbindir}/dhclient ${D}${base_sbindir}/ - fi - install -m 0755 ${S}/client/scripts/linux ${D}${base_sbindir}/dhclient-script - - # Install systemd unit files - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/dhcpd.service ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/dhcpd6.service ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/dhcrelay.service ${D}${systemd_unitdir}/system - sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/dhcpd*.service ${D}${systemd_unitdir}/system/dhcrelay.service - sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhcpd*.service - sed -i -e 's,@base_bindir@,${base_bindir},g' ${D}${systemd_unitdir}/system/dhcpd*.service - sed -i -e 's,@localstatedir@,${localstatedir},g' ${D}${systemd_unitdir}/system/dhcpd*.service - sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhcrelay.service - - install -d ${D}${base_sbindir} - install -m 0755 ${WORKDIR}/dhclient-systemd-wrapper ${D}${base_sbindir}/dhclient-systemd-wrapper - install -m 0644 ${WORKDIR}/dhclient.service ${D}${systemd_unitdir}/system - sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhclient.service - sed -i -e 's,@BASE_SBINDIR@,${base_sbindir},g' ${D}${systemd_unitdir}/system/dhclient.service -} - -PACKAGES += "dhcp-libs dhcp-server dhcp-server-config dhcp-client dhcp-relay dhcp-omshell" - -PACKAGES_remove = "${PN}" -RDEPENDS_${PN}-dev = "" -RDEPENDS_${PN}-staticdev = "" -FILES_${PN}-libs = "${libdir}/libdhcpctl.so.0* ${libdir}/libomapi.so.0* ${libdir}/libdhcp.so.0*" - -FILES_${PN}-server = "${sbindir}/dhcpd ${sysconfdir}/init.d/dhcp-server" -RRECOMMENDS_${PN}-server = "dhcp-server-config" - -FILES_${PN}-server-config = "${sysconfdir}/default/dhcp-server ${sysconfdir}/dhcp/dhcpd.conf" - -FILES_${PN}-relay = "${sbindir}/dhcrelay ${sysconfdir}/init.d/dhcp-relay ${sysconfdir}/default/dhcp-relay" - -FILES_${PN}-client = "${base_sbindir}/dhclient \ - ${base_sbindir}/dhclient-script \ - ${sysconfdir}/dhcp/dhclient.conf \ - ${base_sbindir}/dhclient-systemd-wrapper \ - " - -FILES_${PN}-omshell = "${bindir}/omshell" - -pkg_postinst_dhcp-server() { - mkdir -p $D/${localstatedir}/lib/dhcp - touch $D/${localstatedir}/lib/dhcp/dhcpd.leases - touch $D/${localstatedir}/lib/dhcp/dhcpd6.leases -} - -pkg_postinst_dhcp-client() { - mkdir -p $D/${localstatedir}/lib/dhcp -} - -pkg_postrm_dhcp-server() { - rm -f $D/${localstatedir}/lib/dhcp/dhcpd.leases - rm -f $D/${localstatedir}/lib/dhcp/dhcpd6.leases - - if ! rmdir $D/${localstatedir}/lib/dhcp 2>/dev/null; then - echo "Not removing ${localstatedir}/lib/dhcp as it is non-empty." - fi -} - -pkg_postrm_dhcp-client() { - rm -f $D/${localstatedir}/lib/dhcp/dhclient.leases - rm -f $D/${localstatedir}/lib/dhcp/dhclient6.leases - - if ! rmdir $D/${localstatedir}/lib/dhcp 2>/dev/null; then - echo "Not removing ${localstatedir}/lib/dhcp as it is non-empty." - fi -} diff --git a/meta/recipes-connectivity/dhcp/dhcp/0001-Fix-a-NSUPDATE-compiling-issue.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-Fix-a-NSUPDATE-compiling-issue.patch deleted file mode 100644 index f12a112fcf..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0001-Fix-a-NSUPDATE-compiling-issue.patch +++ /dev/null @@ -1,68 +0,0 @@ -From a59cb98a473caa2afd64d7ae368480b6e9f91b3f Mon Sep 17 00:00:00 2001 -From: Ming Liu <liu.ming50@gmail.com> -Date: Tue, 14 May 2019 11:07:15 +0200 -Subject: [PATCH] Fix a NSUPDATE compiling issue - -Upstream-Status: Pending [Patch sent to: https://gitlab.isc.org/isc-projects/dhcp/issues/16] - -A following error was observed when NSUPDATE is not defined: -| omapip/isclib.c: In function 'dns_client_init': -| omapip/isclib.c:356:18: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'dnsclient' -| if (dhcp_gbl_ctx.dnsclient == NULL) { -| ^ -| omapip/isclib.c:363:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'dnsclient' -| &dhcp_gbl_ctx.dnsclient, -| ^ -| omapip/isclib.c:364:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'use_local4' -| (dhcp_gbl_ctx.use_local4 ? -| ^ -| omapip/isclib.c:365:25: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'local4_sockaddr' -| &dhcp_gbl_ctx.local4_sockaddr -| ^ -| omapip/isclib.c:367:24: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'use_local6' -| (dhcp_gbl_ctx.use_local6 ? -| ^ -| omapip/isclib.c:368:25: error: 'dhcp_context_t {aka struct dhcp_context}' has no member named 'local6_sockaddr' -| &dhcp_gbl_ctx.local6_sockaddr - -Fix it by adding NSUPDATE conditional checking. - -Signed-off-by: Ming Liu <liu.ming50@gmail.com> ---- - includes/omapip/isclib.h | 2 ++ - omapip/isclib.c | 2 ++ - 2 files changed, 4 insertions(+) - -diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h -index 538b927..6c20584 100644 ---- a/includes/omapip/isclib.h -+++ b/includes/omapip/isclib.h -@@ -141,6 +141,8 @@ void isclib_cleanup(void); - void dhcp_signal_handler(int signal); - extern int shutdown_signal; - -+#if defined (NSUPDATE) - isc_result_t dns_client_init(); -+#endif - - #endif /* ISCLIB_H */ -diff --git a/omapip/isclib.c b/omapip/isclib.c -index db3b895..ce4b4a1 100644 ---- a/omapip/isclib.c -+++ b/omapip/isclib.c -@@ -351,6 +351,7 @@ void dhcp_signal_handler(int signal) { - } - } - -+#if defined (NSUPDATE) - isc_result_t dns_client_init() { - isc_result_t result; - if (dhcp_gbl_ctx.dnsclient == NULL) { -@@ -387,3 +388,4 @@ isc_result_t dns_client_init() { - - return ISC_R_SUCCESS; - } -+#endif --- -2.7.4 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch deleted file mode 100644 index d1b57f0bb4..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 7cc29144535a622fc671dc86eb1da65b0473a7c4 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Tue, 15 Aug 2017 16:14:22 +0800 -Subject: [PATCH 01/11] define macro _PATH_DHCPD_CONF and _PATH_DHCLIENT_CONF - -Upstream-Status: Inappropriate [OE specific] - -Rebase to 4.3.6 -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - includes/site.h | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -Index: dhcp-4.4.1/includes/site.h -=================================================================== ---- dhcp-4.4.1.orig/includes/site.h -+++ dhcp-4.4.1/includes/site.h -@@ -148,7 +148,8 @@ - /* Define this if you want the dhcpd.conf file to go somewhere other than - the default location. By default, it goes in /etc/dhcpd.conf. */ - --/* #define _PATH_DHCPD_CONF "/etc/dhcpd.conf" */ -+#define _PATH_DHCPD_CONF "/etc/dhcp/dhcpd.conf" -+#define _PATH_DHCLIENT_CONF "/etc/dhcp/dhclient.conf" - - /* Network API definitions. You do not need to choose one of these - if - you don't choose, one will be chosen for you in your system's config diff --git a/meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch deleted file mode 100644 index 1bc1422475..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 8194daabfd590f17825f0c61e9534bee5c99cc86 Mon Sep 17 00:00:00 2001 -From: Thomas Markwalder <tmark@isc.org> -Date: Fri, 14 Sep 2018 13:41:41 -0400 -Subject: [master] Added includes of new BIND9 compatibility headers - - Merges in rt48072. - -Upstream-Status: Backport -Signed-off-by: Adrian Bunk <bunk@stusta.de> - -diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h -index 75a87ff6..538b927f 100644 ---- a/includes/omapip/isclib.h -+++ b/includes/omapip/isclib.h -@@ -48,6 +48,9 @@ - #include <string.h> - #include <netdb.h> - -+#include <isc/boolean.h> -+#include <isc/int.h> -+ - #include <isc/buffer.h> - #include <isc/lex.h> - #include <isc/lib.h> -diff --git a/includes/omapip/result.h b/includes/omapip/result.h -index 91243e1b..860298f6 100644 ---- a/includes/omapip/result.h -+++ b/includes/omapip/result.h -@@ -26,6 +26,7 @@ - #ifndef DHCP_RESULT_H - #define DHCP_RESULT_H 1 - -+#include <isc/boolean.h> - #include <isc/lang.h> - #include <isc/resultclass.h> - #include <isc/types.h> -diff --git a/server/dhcpv6.c b/server/dhcpv6.c -index a7110f98..cde4f617 100644 ---- a/server/dhcpv6.c -+++ b/server/dhcpv6.c -@@ -1034,7 +1034,8 @@ void check_pool6_threshold(struct reply_state *reply, - shared_name, - inet_ntop(AF_INET6, &lease->addr, - tmp_addr, sizeof(tmp_addr)), -- used, count); -+ (long long unsigned)(used), -+ (long long unsigned)(count)); - } - return; - } -@@ -1066,7 +1067,8 @@ void check_pool6_threshold(struct reply_state *reply, - "address: %s; high threshold %d%% %llu/%llu.", - shared_name, - inet_ntop(AF_INET6, &lease->addr, tmp_addr, sizeof(tmp_addr)), -- poolhigh, used, count); -+ poolhigh, (long long unsigned)(used), -+ (long long unsigned)(count)); - - /* handle the low threshold now, if we don't - * have one we default to 0. */ -@@ -1436,12 +1438,15 @@ pick_v6_address(struct reply_state *reply) - log_debug("Unable to pick client address: " - "no addresses available - shared network %s: " - " 2^64-1 < total, %llu active, %llu abandoned", -- shared_name, active - abandoned, abandoned); -+ shared_name, (long long unsigned)(active - abandoned), -+ (long long unsigned)(abandoned)); - } else { - log_debug("Unable to pick client address: " - "no addresses available - shared network %s: " - "%llu total, %llu active, %llu abandoned", -- shared_name, total, active - abandoned, abandoned); -+ shared_name, (long long unsigned)(total), -+ (long long unsigned)(active - abandoned), -+ (long long unsigned)(abandoned)); - } - - return ISC_R_NORESOURCES; - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0001-workaround-busybox-limitation-in-linux-dhclient-script.patch b/meta/recipes-connectivity/dhcp/dhcp/0001-workaround-busybox-limitation-in-linux-dhclient-script.patch deleted file mode 100644 index 2359381b93..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0001-workaround-busybox-limitation-in-linux-dhclient-script.patch +++ /dev/null @@ -1,65 +0,0 @@ -From eec0503cfc36f63d777f5cb3f2719cecedcb8468 Mon Sep 17 00:00:00 2001 -From: Haris Okanovic <haris.okanovic@ni.com> -Date: Mon, 7 Jan 2019 13:22:09 -0600 -Subject: [PATCH] Workaround busybox limitation in Linux dhclient-script - -Busybox is a lightweight implementation of coreutils commonly used on -space-constrained embedded Linux distributions. It's implementation of -chown and chmod doesn't provide a "--reference" option added to -client/scripts/linux as of commit 9261cb14. This change works around -that limitation by using stat to read ownership and permissions flags -and simple chown/chmod calls supported in both coreutils and busybox. - - modified: client/scripts/linux - -Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> -Upstream-Status: Pending [ISC-Bugs #48771] ---- - client/scripts/linux | 17 +++++++++++++---- - 1 file changed, 13 insertions(+), 4 deletions(-) - -diff --git a/client/scripts/linux b/client/scripts/linux -index 0c429697..2435a44b 100755 ---- a/client/scripts/linux -+++ b/client/scripts/linux -@@ -32,6 +32,17 @@ - # if your system holds ip tool in a non-standard location. - ip=/sbin/ip - -+chown_chmod_by_reference() { -+ local reference_file="$1" -+ local target_file="$2" -+ -+ local owner=$(stat -c "%u:%g" "$reference_file") -+ local perm=$(stat -c "%a" "$reference_file") -+ -+ chown "$owner" "$target_file" -+ chmod "$perm" "$target_file" -+} -+ - # update /etc/resolv.conf based on received values - # This updated version mostly follows Debian script by Andrew Pollock et al. - make_resolv_conf() { -@@ -74,8 +85,7 @@ make_resolv_conf() { - fi - - if [ -f /etc/resolv.conf ]; then -- chown --reference=/etc/resolv.conf $new_resolv_conf -- chmod --reference=/etc/resolv.conf $new_resolv_conf -+ chown_chmod_by_reference /etc/resolv.conf $new_resolv_conf - fi - mv -f $new_resolv_conf /etc/resolv.conf - # DHCPv6 -@@ -101,8 +111,7 @@ make_resolv_conf() { - fi - - if [ -f /etc/resolv.conf ]; then -- chown --reference=/etc/resolv.conf $new_resolv_conf -- chmod --reference=/etc/resolv.conf $new_resolv_conf -+ chown_chmod_by_reference /etc/resolv.conf $new_resolv_conf - fi - mv -f $new_resolv_conf /etc/resolv.conf - fi --- -2.20.0 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0002-dhclient-dbus.patch b/meta/recipes-connectivity/dhcp/dhcp/0002-dhclient-dbus.patch deleted file mode 100644 index 101c33f677..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0002-dhclient-dbus.patch +++ /dev/null @@ -1,117 +0,0 @@ -From be7540d31c356e80ee02e90e8bf162b7ac6e5ba5 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Tue, 15 Aug 2017 14:56:56 +0800 -Subject: [PATCH 02/11] dhclient dbus - -Upstream-Status: Inappropriate [distribution] - -Rebase to 4.3.6 -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - client/scripts/bsdos | 5 +++++ - client/scripts/freebsd | 5 +++++ - client/scripts/linux | 5 +++++ - client/scripts/netbsd | 5 +++++ - client/scripts/openbsd | 5 +++++ - client/scripts/solaris | 5 +++++ - 6 files changed, 30 insertions(+) - -diff --git a/client/scripts/bsdos b/client/scripts/bsdos -index d69d0d8..095b143 100755 ---- a/client/scripts/bsdos -+++ b/client/scripts/bsdos -@@ -45,6 +45,11 @@ exit_with_hooks() { - . /etc/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - -diff --git a/client/scripts/freebsd b/client/scripts/freebsd -index 8f3e2a2..ad7fb44 100755 ---- a/client/scripts/freebsd -+++ b/client/scripts/freebsd -@@ -89,6 +89,11 @@ exit_with_hooks() { - . /etc/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - -diff --git a/client/scripts/linux b/client/scripts/linux -index 5fb1612..3d447b6 100755 ---- a/client/scripts/linux -+++ b/client/scripts/linux -@@ -174,6 +174,11 @@ exit_with_hooks() { - exit_status=$? - fi - -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - -diff --git a/client/scripts/netbsd b/client/scripts/netbsd -index 07383b7..aaba8e8 100755 ---- a/client/scripts/netbsd -+++ b/client/scripts/netbsd -@@ -45,6 +45,11 @@ exit_with_hooks() { - . /etc/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - -diff --git a/client/scripts/openbsd b/client/scripts/openbsd -index e7f4746..56b980c 100644 ---- a/client/scripts/openbsd -+++ b/client/scripts/openbsd -@@ -45,6 +45,11 @@ exit_with_hooks() { - . /etc/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - -diff --git a/client/scripts/solaris b/client/scripts/solaris -index af553b9..4a2aa69 100755 ---- a/client/scripts/solaris -+++ b/client/scripts/solaris -@@ -26,6 +26,11 @@ exit_with_hooks() { - . /etc/dhclient-exit-hooks - fi - # probably should do something with exit status of the local script -+ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then -+ dbus-send --system --dest=com.redhat.dhcp \ -+ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ -+ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" -+ fi - exit $exit_status - } - --- -1.8.3.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch b/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch deleted file mode 100644 index 5b35933a54..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch +++ /dev/null @@ -1,35 +0,0 @@ -From d80bd792323dbd56269309f85b4506eb6b1b60e9 Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan <andrei@gherzan.ro> -Date: Tue, 15 Aug 2017 15:05:47 +0800 -Subject: [PATCH 03/11] link with lcrypto - -From 4.2.0 final release, -lcrypto check was removed and we compile -static libraries -from bind that are linked to libcrypto. This is why i added a patch in -order to add --lcrypto to LIBS. - -Upstream-Status: Pending -Signed-off-by: Andrei Gherzan <andrei@gherzan.ro> - -Rebase to 4.3.6 -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - configure.ac | 4 ++++ - 1 file changed, 4 insertions(+) - -Index: dhcp-4.4.1/configure.ac -=================================================================== ---- dhcp-4.4.1.orig/configure.ac -+++ dhcp-4.4.1/configure.ac -@@ -612,6 +612,10 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], - # Look for optional headers. - AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h) - -+# find an MD5 library -+AC_SEARCH_LIBS(MD5_Init, [crypto]) -+AC_SEARCH_LIBS(MD5Init, [crypto]) -+ - # Solaris needs some libraries for functions - AC_SEARCH_LIBS(socket, [socket]) - AC_SEARCH_LIBS(inet_ntoa, [nsl]) diff --git a/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch b/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch deleted file mode 100644 index b71c93dd6d..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch +++ /dev/null @@ -1,93 +0,0 @@ -From cccec0344d68dac4100b6f260ee24e7c2da9dfda Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Tue, 15 Aug 2017 15:08:22 +0800 -Subject: [PATCH 04/11] Fix out of tree builds - -Upstream-Status: Pending - -RP 2013/03/21 - -Rebase to 4.3.6 - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - client/Makefile.am | 4 ++-- - common/Makefile.am | 3 ++- - dhcpctl/Makefile.am | 2 ++ - omapip/Makefile.am | 1 + - relay/Makefile.am | 2 +- - server/Makefile.am | 2 +- - 6 files changed, 9 insertions(+), 5 deletions(-) - -Index: dhcp-4.4.1/common/Makefile.am -=================================================================== ---- dhcp-4.4.1.orig/common/Makefile.am -+++ dhcp-4.4.1/common/Makefile.am -@@ -1,4 +1,5 @@ --AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -+AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -+ - AM_CFLAGS = $(LDAP_CFLAGS) - - lib_LIBRARIES = libdhcp.a -Index: dhcp-4.4.1/dhcpctl/Makefile.am -=================================================================== ---- dhcp-4.4.1.orig/dhcpctl/Makefile.am -+++ dhcp-4.4.1/dhcpctl/Makefile.am -@@ -3,6 +3,8 @@ BINDLIBDNSDIR=@BINDLIBDNSDIR@ - BINDLIBISCCFGDIR=@BINDLIBISCCFGDIR@ - BINDLIBISCDIR=@BINDLIBISCDIR@ - -+AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) -+ - bin_PROGRAMS = omshell - lib_LIBRARIES = libdhcpctl.a - noinst_PROGRAMS = cltest -Index: dhcp-4.4.1/server/Makefile.am -=================================================================== ---- dhcp-4.4.1.orig/server/Makefile.am -+++ dhcp-4.4.1/server/Makefile.am -@@ -4,7 +4,7 @@ - # production code. Sadly, we are not there yet. - SUBDIRS = . tests - --AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"' -+AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes - - dist_sysconf_DATA = dhcpd.conf.example - sbin_PROGRAMS = dhcpd -Index: dhcp-4.4.1/client/Makefile.am -=================================================================== ---- dhcp-4.4.1.orig/client/Makefile.am -+++ dhcp-4.4.1/client/Makefile.am -@@ -5,7 +5,7 @@ - SUBDIRS = . tests - - AM_CPPFLAGS = -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' --AM_CPPFLAGS += -DLOCALSTATEDIR='"$(localstatedir)"' -+AM_CPPFLAGS += -DLOCALSTATEDIR='"$(localstatedir)"' -I$(top_srcdir)/includes - - dist_sysconf_DATA = dhclient.conf.example - sbin_PROGRAMS = dhclient -Index: dhcp-4.4.1/omapip/Makefile.am -=================================================================== ---- dhcp-4.4.1.orig/omapip/Makefile.am -+++ dhcp-4.4.1/omapip/Makefile.am -@@ -2,6 +2,7 @@ BINDLIBIRSDIR=@BINDLIBIRSDIR@ - BINDLIBDNSDIR=@BINDLIBDNSDIR@ - BINDLIBISCCFGDIR=@BINDLIBISCCFGDIR@ - BINDLIBISCDIR=@BINDLIBISCDIR@ -+AM_CPPFLAGS = -I$(top_srcdir)/includes - - lib_LIBRARIES = libomapi.a - noinst_PROGRAMS = svtest -Index: dhcp-4.4.1/relay/Makefile.am -=================================================================== ---- dhcp-4.4.1.orig/relay/Makefile.am -+++ dhcp-4.4.1/relay/Makefile.am -@@ -1,4 +1,4 @@ --AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -+AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes - - sbin_PROGRAMS = dhcrelay - dhcrelay_SOURCES = dhcrelay.c diff --git a/meta/recipes-connectivity/dhcp/dhcp/0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch b/meta/recipes-connectivity/dhcp/dhcp/0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch deleted file mode 100644 index dd56381b1d..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 2e8ff0e4f6d39e346ea86b8c514ab4ccc78fa359 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Tue, 15 Aug 2017 15:24:14 +0800 -Subject: [PATCH 05/11] dhcp-client: fix invoke dhclient-script failed on - Read-only file system - -In read-only file system, '/etc' is on the readonly partition, -and '/etc/resolv.conf' is symlinked to a separate writable -partition. - -In this situation, we create temp files 'resolv.conf.dhclient-new' -in /tmp dir. - -Upstream-Status: Pending - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - client/scripts/linux | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/client/scripts/linux b/client/scripts/linux -index 3d447b6..3122a75 100755 ---- a/client/scripts/linux -+++ b/client/scripts/linux -@@ -40,7 +40,7 @@ make_resolv_conf() { - # DHCPv4 - if [ -n "$new_domain_search" ] || [ -n "$new_domain_name" ] || - [ -n "$new_domain_name_servers" ]; then -- new_resolv_conf=/etc/resolv.conf.dhclient-new -+ new_resolv_conf=/tmp/resolv.conf.dhclient-new - rm -f $new_resolv_conf - - if [ -n "$new_domain_name" ]; then --- -1.8.3.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch b/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch deleted file mode 100644 index feb0754fff..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 7107511fd209f08f9a96f8938041ae48f3295895 Mon Sep 17 00:00:00 2001 -From: Christopher Larson <chris_larson@mentor.com> -Date: Tue, 15 Aug 2017 16:17:49 +0800 -Subject: [PATCH 07/11] Add configure argument to make the libxml2 dependency - explicit and determinisitic. - -Upstream-Status: Pending - -Signed-off-by: Christopher Larson <chris_larson@mentor.com> - -Rebase to 4.3.6 - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - configure.ac | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -Index: dhcp-4.4.1/configure.ac -=================================================================== ---- dhcp-4.4.1.orig/configure.ac -+++ dhcp-4.4.1/configure.ac -@@ -642,6 +642,17 @@ if test "$have_nanosleep" = "rt"; then - LIBS="-lrt $LIBS" - fi - -+AC_ARG_WITH(libxml2, -+ AS_HELP_STRING([--with-libxml2], [link against libxml2. this is needed if bind was built with xml2 support enabled]), -+ with_libxml2="$withval", with_libxml2="no") -+ -+if test x$with_libxml2 != xno; then -+ AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2], -+ [if test x$with_libxml2 != xauto; then -+ AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested]) -+ fi]) -+fi -+ - # check for /dev/random (declares HAVE_DEV_RANDOM) - AC_MSG_CHECKING(for random device) - AC_ARG_WITH(randomdev, -Index: dhcp-4.4.1/configure.ac+lt -=================================================================== ---- dhcp-4.4.1.orig/configure.ac+lt -+++ dhcp-4.4.1/configure.ac+lt -@@ -909,6 +909,18 @@ elif test "$want_libtool" = "yes" -a "$u - fi - AM_CONDITIONAL(INSTALL_BIND, test "$want_install_bind" = "yes") - -+AC_ARG_WITH(libxml2, -+ AS_HELP_STRING([--with-libxml2], [link against libxml2. this is needed if bind was built with xml2 support enabled]), -+ with_libxml2="$withval", with_libxml2="no") -+ -+if test x$with_libxml2 != xno; then -+ AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],, -+ [if test x$with_libxml2 != xauto; then -+ AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested]) -+ fi]) -+fi -+ -+ - # OpenLDAP support. - AC_ARG_WITH(ldap, - AS_HELP_STRING([--with-ldap],[enable OpenLDAP support in dhcpd (default is no)]), diff --git a/meta/recipes-connectivity/dhcp/dhcp/0009-remove-dhclient-script-bash-dependency.patch b/meta/recipes-connectivity/dhcp/dhcp/0009-remove-dhclient-script-bash-dependency.patch deleted file mode 100644 index 912b6d6312..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0009-remove-dhclient-script-bash-dependency.patch +++ /dev/null @@ -1,28 +0,0 @@ -From f3f8b7726e50e24ef3edf5fa5a17e31d39118d7e Mon Sep 17 00:00:00 2001 -From: Andre McCurdy <armccurdy@gmail.com> -Date: Tue, 15 Aug 2017 15:49:31 +0800 -Subject: [PATCH 09/11] remove dhclient-script bash dependency - -Upstream-Status: Inappropriate [OE specific] - -Signed-off-by: Andre McCurdy <armccurdy@gmail.com> - -Rebase to 4.3.6 -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - client/scripts/linux | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/client/scripts/linux b/client/scripts/linux -index 3122a75..1712d7d 100755 ---- a/client/scripts/linux -+++ b/client/scripts/linux -@@ -1,4 +1,4 @@ --#!/bin/bash -+#!/bin/sh - # dhclient-script for Linux. Dan Halbert, March, 1997. - # Updated for Linux 2.[12] by Brian J. Murrell, January 1999. - # No guarantees about this. I'm a novice at the details of Linux --- -1.8.3.1 - diff --git a/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch b/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch deleted file mode 100644 index 39ba65fbc4..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 501543b3ef715488a142e3d301ff2733aa33eec7 Mon Sep 17 00:00:00 2001 -From: Awais Belal <awais_belal@mentor.com> -Date: Wed, 25 Oct 2017 21:00:05 +0500 -Subject: [PATCH] dhcp: correct the intention for xml2 lib search - -A missing case breaks the build when libxml2 is -required and found appropriately. The third argument -to the function AC_SEARCH_LIB is action-if-found which -was mistakenly been used for the case where the library -is not found and hence breaks the configure phase -where it shoud actually pass. -We now pass on silently when action-if-found is -executed. - -Upstream-Status: Pending - -Signed-off-by: Awais Belal <awais_belal@mentor.com> ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: dhcp-4.4.1/configure.ac -=================================================================== ---- dhcp-4.4.1.orig/configure.ac -+++ dhcp-4.4.1/configure.ac -@@ -647,7 +647,7 @@ AC_ARG_WITH(libxml2, - with_libxml2="$withval", with_libxml2="no") - - if test x$with_libxml2 != xno; then -- AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2], -+ AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],, - [if test x$with_libxml2 != xauto; then - AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested]) - fi]) diff --git a/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch b/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch deleted file mode 100644 index fcec010bd0..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch +++ /dev/null @@ -1,64 +0,0 @@ -lib and include path is hardcoded for use_libbind - -use libdir and includedir vars - -Upstream-Status: Pending -Signed-off-by: Armin Kuster <akuster808@gmail.com> - -Index: dhcp-4.4.1/configure.ac+lt -=================================================================== ---- dhcp-4.4.1.orig/configure.ac+lt -+++ dhcp-4.4.1/configure.ac+lt -@@ -801,22 +801,22 @@ no) - if test ! -d "$use_libbind"; then - AC_MSG_ERROR([Cannot find bind directory at $use_libbind]) - fi -- if test ! -d "$use_libbind/include" -o \ -- ! -f "$use_libbind/include/isc/buffer.h" -+ if test ! -d "$use_libbind/$includedir" -o \ -+ ! -f "$use_libbind/$includedir/isc/buffer.h" - then -- AC_MSG_ERROR([Cannot find bind includes at $use_libbind/include]) -+ AC_MSG_ERROR([Cannot find bind includes at $use_libbind/$includedir]) - fi -- if test ! -d "$use_libbind/lib" -o \ -- \( ! -f "$use_libbind/lib/libisc.a" -a \ -- ! -f "$use_libbind/lib/libisc.la" \) -+ if test ! -d "$use_libbind/$libdir" -o \ -+ \( ! -f "$use_libbind/$libdir/libisc.a" -a \ -+ ! -f "$use_libbind/$libdir/libisc.la" \) - then -- AC_MSG_ERROR([Cannot find bind libraries at $use_libbind/lib]) -+ AC_MSG_ERROR([Cannot find bind libraries at $use_libbind/$libdir]) - fi - BINDDIR="$use_libbind" -- BINDLIBIRSDIR="$BINDDIR/lib" -- BINDLIBDNSDIR="$BINDDIR/lib" -- BINDLIBISCCFGDIR="$BINDDIR/lib" -- BINDLIBISCDIR="$BINDDIR/lib" -+ BINDLIBIRSDIR="$BINDDIR/$libdir" -+ BINDLIBDNSDIR="$BINDDIR/$libdir" -+ BINDLIBISCCFGDIR="$BINDDIR/$libdir" -+ BINDLIBISCDIR="$BINDDIR/$libdir" - DISTCHECK_LIBBIND_CONFIGURE_FLAG="--with-libbind=$use_libbind" - ;; - esac -@@ -856,14 +856,14 @@ AC_ARG_ENABLE(libtool, - - if test "$use_libbind" != "no"; then - if test "$want_libtool" = "yes" -a \ -- ! -f "$use_libbind/lib/libisc.la" -+ ! -f "$use_libbind/$libdir/libisc.la" - then -- AC_MSG_ERROR([Cannot find dynamic libraries at $use_libbind/lib]) -+ AC_MSG_ERROR([Cannot find dynamic libraries at $use_libbind/$libdir]) - fi - if test "$want_libtool" = "no" -a \ -- ! -f "$use_libbind/lib/libisc.a" -+ ! -f "$use_libbind/$libdir/libisc.a" - then -- AC_MSG_ERROR([Cannot find static libraries at $use_libbind/lib]) -+ AC_MSG_ERROR([Cannot find static libraries at $use_libbind/$libdir]) - fi - fi - diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb b/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb deleted file mode 100644 index 020777b8f2..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb +++ /dev/null @@ -1,23 +0,0 @@ -require dhcp.inc - -SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch \ - file://0002-dhclient-dbus.patch \ - file://0003-link-with-lcrypto.patch \ - file://0004-Fix-out-of-tree-builds.patch \ - file://0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch \ - file://0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch \ - file://0009-remove-dhclient-script-bash-dependency.patch \ - file://0012-dhcp-correct-the-intention-for-xml2-lib-search.patch \ - file://0013-fixup_use_libbind.patch \ - file://0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch \ - file://0001-Fix-a-NSUPDATE-compiling-issue.patch \ - file://0001-workaround-busybox-limitation-in-linux-dhclient-script.patch \ -" - -SRC_URI[md5sum] = "18c7f4dcbb0a63df25098216d47b1ede" -SRC_URI[sha256sum] = "2a22508922ab367b4af4664a0472dc220cc9603482cf3c16d9aff14f3a76b608" - -LDFLAGS_append = " -pthread" - -PACKAGECONFIG ?= "" -PACKAGECONFIG[bind-httpstats] = "--with-libxml2,--without-libxml2,libxml2" diff --git a/meta/recipes-connectivity/dhcp/files/default-relay b/meta/recipes-connectivity/dhcp/files/default-relay deleted file mode 100644 index 7961f014be..0000000000 --- a/meta/recipes-connectivity/dhcp/files/default-relay +++ /dev/null @@ -1,12 +0,0 @@ -# Defaults for dhcp-relay initscript -# sourced by /etc/init.d/dhcp-relay - -# What servers should the DHCP relay forward requests to? -# e.g: SERVERS="192.168.0.1" -SERVERS="" - -# On what interfaces should the DHCP relay (dhrelay) serve DHCP requests? -INTERFACES="" - -# Additional options that are passed to the DHCP relay daemon? -OPTIONS="" diff --git a/meta/recipes-connectivity/dhcp/files/default-server b/meta/recipes-connectivity/dhcp/files/default-server deleted file mode 100644 index 0385d16992..0000000000 --- a/meta/recipes-connectivity/dhcp/files/default-server +++ /dev/null @@ -1,7 +0,0 @@ -# Defaults for dhcp initscript -# sourced by /etc/init.d/dhcp-server -# installed at /etc/default/dhcp-server by the maintainer scripts - -# On what interfaces should the DHCP server (dhcpd) serve DHCP requests? -# Separate multiple interfaces with spaces, e.g. "eth0 eth1". -INTERFACES="" diff --git a/meta/recipes-connectivity/dhcp/files/dhclient-systemd-wrapper b/meta/recipes-connectivity/dhcp/files/dhclient-systemd-wrapper deleted file mode 100644 index 7d0e224a1d..0000000000 --- a/meta/recipes-connectivity/dhcp/files/dhclient-systemd-wrapper +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/sh - -# In case the interface is used for nfs, skip it. -nfsroot=0 -interfaces="" -exec 9<&0 < /proc/mounts -while read dev mtpt fstype rest; do - if test $mtpt = "/" ; then - case $fstype in - nfs | nfs4) - nfsroot=1 - nfs_addr=`echo $rest | sed -e 's/^.*addr=\([0-9.]*\).*$/\1/'` - break - ;; - *) - ;; - esac - fi -done -exec 0<&9 9<&- - -if [ $nfsroot -eq 0 ]; then - interfaces="$INTERFACES" -else - if [ -x /bin/ip -o -x /sbin/ip ] ; then - nfs_iface=`ip route get $nfs_addr | grep dev | sed -e 's/^.*dev \([-a-z0-9.]*\).*$/\1/'` - fi - for i in $INTERFACES; do - if test "x$i" = "x$nfs_iface"; then - echo "dhclient skipping nfsroot interface $i" - else - interfaces="$interfaces $i" - fi - done -fi - -if test "x$interfaces" != "x"; then - /sbin/dhclient -d -cf /etc/dhcp/dhclient.conf -q -lf /var/lib/dhcp/dhclient.leases $interfaces -fi diff --git a/meta/recipes-connectivity/dhcp/files/dhclient.conf b/meta/recipes-connectivity/dhcp/files/dhclient.conf deleted file mode 100644 index 0e6dcf96c2..0000000000 --- a/meta/recipes-connectivity/dhcp/files/dhclient.conf +++ /dev/null @@ -1,50 +0,0 @@ -# Configuration file for /sbin/dhclient, which is included in Debian's -# dhcp3-client package. -# -# This is a sample configuration file for dhclient. See dhclient.conf's -# man page for more information about the syntax of this file -# and a more comprehensive list of the parameters understood by -# dhclient. -# -# Normally, if the DHCP server provides reasonable information and does -# not leave anything out (like the domain name, for example), then -# few changes must be made to this file, if any. -# - -#send host-name "andare.fugue.com"; -#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; -#send dhcp-lease-time 3600; -#supersede domain-name "fugue.com home.vix.com"; -#prepend domain-name-servers 127.0.0.1; -request subnet-mask, broadcast-address, time-offset, routers, - domain-name, domain-name-servers, host-name, - netbios-name-servers, netbios-scope; -#require subnet-mask, domain-name-servers; -#timeout 60; -#retry 60; -#reboot 10; -#select-timeout 5; -#initial-interval 2; -#script "/etc/dhcp3/dhclient-script"; -#media "-link0 -link1 -link2", "link0 link1"; -#reject 192.33.137.209; - -#alias { -# interface "eth0"; -# fixed-address 192.5.5.213; -# option subnet-mask 255.255.255.255; -#} - -#lease { -# interface "eth0"; -# fixed-address 192.33.137.200; -# medium "link0 link1"; -# option host-name "andare.swiftmedia.com"; -# option subnet-mask 255.255.255.0; -# option broadcast-address 192.33.137.255; -# option routers 192.33.137.250; -# option domain-name-servers 127.0.0.1; -# renew 2 2000/1/12 00:00:01; -# rebind 2 2000/1/12 00:00:01; -# expire 2 2000/1/12 00:00:01; -#} diff --git a/meta/recipes-connectivity/dhcp/files/dhclient.service b/meta/recipes-connectivity/dhcp/files/dhclient.service deleted file mode 100644 index 9ddb4d1dfe..0000000000 --- a/meta/recipes-connectivity/dhcp/files/dhclient.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Dynamic Host Configuration Protocol (DHCP) -Wants=network.target -Before=network.target -After=systemd-udevd.service - -[Service] -EnvironmentFile=-@SYSCONFDIR@/default/dhcp-client -ExecStart=@BASE_SBINDIR@/dhclient-systemd-wrapper -RemainAfterExit=yes - -[Install] -WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/dhcp/files/dhcpd.conf b/meta/recipes-connectivity/dhcp/files/dhcpd.conf deleted file mode 100644 index 0001c0f00e..0000000000 --- a/meta/recipes-connectivity/dhcp/files/dhcpd.conf +++ /dev/null @@ -1,108 +0,0 @@ -# -# Sample configuration file for ISC dhcpd for Debian -# -# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $ -# - -# The ddns-updates-style parameter controls whether or not the server will -# attempt to do a DNS update when a lease is confirmed. We default to the -# behavior of the version 2 packages ('none', since DHCP v2 didn't -# have support for DDNS.) -ddns-update-style none; - -# option definitions common to all supported networks... -option domain-name "example.org"; -option domain-name-servers ns1.example.org, ns2.example.org; - -default-lease-time 600; -max-lease-time 7200; - -# If this DHCP server is the official DHCP server for the local -# network, the authoritative directive should be uncommented. -#authoritative; - -# Use this to send dhcp log messages to a different log file (you also -# have to hack syslog.conf to complete the redirection). -log-facility local7; - -# No service will be given on this subnet, but declaring it helps the -# DHCP server to understand the network topology. - -#subnet 10.152.187.0 netmask 255.255.255.0 { -#} - -# This is a very basic subnet declaration. - -#subnet 10.254.239.0 netmask 255.255.255.224 { -# range 10.254.239.10 10.254.239.20; -# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org; -#} - -# This declaration allows BOOTP clients to get dynamic addresses, -# which we don't really recommend. - -#subnet 10.254.239.32 netmask 255.255.255.224 { -# range dynamic-bootp 10.254.239.40 10.254.239.60; -# option broadcast-address 10.254.239.31; -# option routers rtr-239-32-1.example.org; -#} - -# A slightly different configuration for an internal subnet. -#subnet 10.5.5.0 netmask 255.255.255.224 { -# range 10.5.5.26 10.5.5.30; -# option domain-name-servers ns1.internal.example.org; -# option domain-name "internal.example.org"; -# option routers 10.5.5.1; -# option broadcast-address 10.5.5.31; -# default-lease-time 600; -# max-lease-time 7200; -#} - -# Hosts which require special configuration options can be listed in -# host statements. If no address is specified, the address will be -# allocated dynamically (if possible), but the host-specific information -# will still come from the host declaration. - -#host passacaglia { -# hardware ethernet 0:0:c0:5d:bd:95; -# filename "vmunix.passacaglia"; -# server-name "toccata.fugue.com"; -#} - -# Fixed IP addresses can also be specified for hosts. These addresses -# should not also be listed as being available for dynamic assignment. -# Hosts for which fixed IP addresses have been specified can boot using -# BOOTP or DHCP. Hosts for which no fixed address is specified can only -# be booted with DHCP, unless there is an address range on the subnet -# to which a BOOTP client is connected which has the dynamic-bootp flag -# set. -#host fantasia { -# hardware ethernet 08:00:07:26:c0:a5; -# fixed-address fantasia.fugue.com; -#} - -# You can declare a class of clients and then do address allocation -# based on that. The example below shows a case where all clients -# in a certain class get addresses on the 10.17.224/24 subnet, and all -# other clients get addresses on the 10.0.29/24 subnet. - -#class "foo" { -# match if substring (option vendor-class-identifier, 0, 4) = "SUNW"; -#} - -#shared-network 224-29 { -# subnet 10.17.224.0 netmask 255.255.255.0 { -# option routers rtr-224.example.org; -# } -# subnet 10.0.29.0 netmask 255.255.255.0 { -# option routers rtr-29.example.org; -# } -# pool { -# allow members of "foo"; -# range 10.17.224.10 10.17.224.250; -# } -# pool { -# deny members of "foo"; -# range 10.0.29.10 10.0.29.230; -# } -#} diff --git a/meta/recipes-connectivity/dhcp/files/dhcpd.service b/meta/recipes-connectivity/dhcp/files/dhcpd.service deleted file mode 100644 index ae4f93eca5..0000000000 --- a/meta/recipes-connectivity/dhcp/files/dhcpd.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=DHCPv4 Server Daemon -Documentation=man:dhcpd(8) man:dhcpd.conf(5) -After=network.target -After=time-sync.target - -[Service] -PIDFile=@localstatedir@/run/dhcpd.pid -EnvironmentFile=@SYSCONFDIR@/default/dhcp-server -EnvironmentFile=-@SYSCONFDIR@/sysconfig/dhcp-server -ExecStartPre=@base_bindir@/touch @localstatedir@/lib/dhcp/dhcpd.leases -ExecStart=@SBINDIR@/dhcpd -f -cf @SYSCONFDIR@/dhcp/dhcpd.conf -pf @localstatedir@/run/dhcpd.pid $DHCPDARGS -q $INTERFACES - -[Install] -WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/dhcp/files/dhcpd6.service b/meta/recipes-connectivity/dhcp/files/dhcpd6.service deleted file mode 100644 index 52a6224dc2..0000000000 --- a/meta/recipes-connectivity/dhcp/files/dhcpd6.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=DHCPv6 Server Daemon -Documentation=man:dhcpd(8) man:dhcpd.conf(5) -After=network.target -After=time-sync.target - -[Service] -PIDFile=@localstatedir@/run/dhcpd6.pid -EnvironmentFile=@SYSCONFDIR@/default/dhcp-server -EnvironmentFile=-@SYSCONFDIR@/sysconfig/dhcpd6 -ExecStartPre=@base_bindir@/touch @localstatedir@/lib/dhcp/dhcpd6.leases -ExecStart=@SBINDIR@/dhcpd -f -6 -cf @SYSCONFDIR@/dhcp/dhcpd6.conf -pf @localstatedir@/run/dhcpd6.pid $DHCPDARGS -q $INTERFACES - -[Install] -WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/dhcp/files/dhcrelay.service b/meta/recipes-connectivity/dhcp/files/dhcrelay.service deleted file mode 100644 index 15ff927d34..0000000000 --- a/meta/recipes-connectivity/dhcp/files/dhcrelay.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=DHCP Relay Agent Daemon -After=network.target - -[Service] -EnvironmentFile=@SYSCONFDIR@/default/dhcp-relay -ExecStart=@SBINDIR@/dhcrelay -d --no-pid -q $SERVERS - -[Install] -WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/dhcp/files/init-relay b/meta/recipes-connectivity/dhcp/files/init-relay deleted file mode 100644 index 019a7e84cf..0000000000 --- a/meta/recipes-connectivity/dhcp/files/init-relay +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh -# -# $Id: dhcp3-relay,v 1.1 2004/04/16 15:41:08 ml Exp $ -# - -# It is not safe to start if we don't have a default configuration... -if [ ! -f /etc/default/dhcp-relay ]; then - echo "/etc/default/dhcp-relay does not exist! - Aborting..." - echo "create this file to fix the problem." - exit 1 -fi - -# Read init script configuration (interfaces the daemon should listen on -# and the DHCP server we should forward requests to.) -. /etc/default/dhcp-relay - -# Build command line for interfaces (will be passed to dhrelay below.) -IFCMD="" -if test "$INTERFACES" != ""; then - for I in $INTERFACES; do - IFCMD=${IFCMD}"-i "${I}" " - done -fi - -DHCRELAYPID=/var/run/dhcrelay.pid - -case "$1" in - start) - start-stop-daemon -S -x /usr/sbin/dhcrelay -- -q $OPTIONS $IFCMD $SERVERS - ;; - stop) - start-stop-daemon -K -x /usr/sbin/dhcrelay - ;; - restart | force-reload) - $0 stop - sleep 2 - $0 start - ;; - *) - echo "Usage: /etc/init.d/dhcp-relay {start|stop|restart|force-reload}" - exit 1 -esac - -exit 0 diff --git a/meta/recipes-connectivity/dhcp/files/init-server b/meta/recipes-connectivity/dhcp/files/init-server deleted file mode 100644 index 5e693adf78..0000000000 --- a/meta/recipes-connectivity/dhcp/files/init-server +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh -# -# $Id: dhcp3-server.init.d,v 1.4 2003/07/13 19:12:41 mdz Exp $ -# - -test -f /usr/sbin/dhcpd || exit 0 - -# It is not safe to start if we don't have a default configuration... -if [ ! -f /etc/default/dhcp-server ]; then - echo "/etc/default/dhcp-server does not exist! - Aborting..." - exit 0 -fi - -# Read init script configuration (so far only interfaces the daemon -# should listen on.) -. /etc/default/dhcp-server - -case "$1" in - start) - echo -n "Starting DHCP server: " - test -d /var/lib/dhcp/ || mkdir -p /var/lib/dhcp/ - test -f /var/lib/dhcp/dhcpd.leases || touch /var/lib/dhcp/dhcpd.leases - start-stop-daemon -S -x /usr/sbin/dhcpd -- -q $INTERFACES -user dhcp -group dhcp - echo "." - ;; - stop) - echo -n "Stopping DHCP server: dhcpd3" - start-stop-daemon -K -x /usr/sbin/dhcpd - echo "." - ;; - restart | force-reload) - $0 stop - sleep 2 - $0 start - if [ "$?" != "0" ]; then - exit 1 - fi - ;; - *) - echo "Usage: /etc/init.d/dhcp-server {start|stop|restart|force-reload}" - exit 1 -esac - -exit 0 diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.10.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.10.bb new file mode 100644 index 0000000000..0ae9db911c --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.10.bb @@ -0,0 +1,61 @@ +SECTION = "console/network" +SUMMARY = "dhcpcd - a DHCP client" +DESCRIPTION = "dhcpcd runs on your machine and silently configures your \ + computer to work on the attached networks without trouble \ + and mostly without configuration." + +HOMEPAGE = "http://roy.marples.name/projects/dhcpcd/" + +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d296c4bec306f351e676705aaf237c8c" + +SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=master \ + file://0001-remove-INCLUDEDIR-to-prevent-build-issues.patch \ + file://0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch \ + file://dhcpcd.service \ + file://dhcpcd@.service \ + file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \ + " + +SRCREV = "ab5ec18e755c1bb450c74d3a4657ea48d0f7f314" +S = "${WORKDIR}/git" + +inherit pkgconfig autotools-brokensep systemd useradd + +SYSTEMD_SERVICE:${PN} = "dhcpcd.service" + +PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" + +PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev" +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" +# ntp conflicts with chrony +PACKAGECONFIG[ntp] = "--with-hook=ntp, , ,ntp" +PACKAGECONFIG[chrony] = "--with-hook=ntp, , ,chrony" +PACKAGECONFIG[ypbind] = "--with-eghook=yp, , ,ypbind-mt" + +# add option to override DBDIR location +DBDIR ?= "${localstatedir}/lib/${BPN}" + +EXTRA_OECONF = "--enable-ipv4 \ + --dbdir=${DBDIR} \ + --sbindir=${base_sbindir} \ + --runstatedir=/run \ + --enable-privsep \ + --privsepuser=dhcpcd \ + --with-hooks \ + --with-eghooks \ + " + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM:${PN} = "--system -d ${DBDIR} -M -s /bin/false -U dhcpcd" + +do_install:append () { + # install systemd unit files + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${UNPACKDIR}/dhcpcd*.service ${D}${systemd_system_unitdir} + + chmod 700 ${D}${DBDIR} + chown dhcpcd:dhcpcd ${D}${DBDIR} +} + +FILES:${PN}-dbg += "${libdir}/dhcpcd/dev/.debug" diff --git a/meta/recipes-connectivity/dhcpcd/files/0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch b/meta/recipes-connectivity/dhcpcd/files/0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch new file mode 100644 index 0000000000..8d1ed6671a --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch @@ -0,0 +1,82 @@ +From 02acc4d875ee81e6fd19ef66d69c9f55b4b4a7e7 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 9 Nov 2022 16:33:18 +0800 +Subject: [PATCH] 20-resolv.conf: improve the sitation of working with systemd + +systemd's resolvconf implementation ignores the protocol part. +See https://github.com/systemd/systemd/issues/25032. + +When using 'dhcp server + dns server + dhcpcd + systemd', we +get an integration issue, that is dhcpcd runs 'resolvconf -d eth0.ra', +yet systemd's resolvconf treats it as eth0. This will delete the +DNS information set by 'resolvconf -a eth0.dhcp'. + +Fortunately, 20-resolv.conf has the ability to build the resolv.conf +file contents itself. We can just pass the generated contents to +systemd's resolvconf. This way, the DNS information is not incorrectly +deleted. Also, it does not cause behavior regression for dhcpcd +in other cases. + +Upstream-Status: Inappropriate [OE Specific] +This patch has been rejected by dhcpcd upstream. +See details in https://github.com/NetworkConfiguration/dhcpcd/pull/152 + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + hooks/20-resolv.conf | 17 +++++++++++++---- + 1 file changed, 13 insertions(+), 4 deletions(-) + +diff --git a/hooks/20-resolv.conf b/hooks/20-resolv.conf +index 7c29e276..becc019f 100644 +--- a/hooks/20-resolv.conf ++++ b/hooks/20-resolv.conf +@@ -11,8 +11,12 @@ nocarrier_roaming_dir="$state_dir/roaming" + NL=" + " + : ${resolvconf:=resolvconf} ++resolvconf_from_systemd=false + if command -v "$resolvconf" >/dev/null 2>&1; then + have_resolvconf=true ++ if [ $(basename $(readlink -f $(which $resolvconf))) = resolvectl ]; then ++ resolvconf_from_systemd=true ++ fi + else + have_resolvconf=false + fi +@@ -69,8 +73,13 @@ build_resolv_conf() + else + echo "# /etc/resolv.conf.tail can replace this line" >> "$cf" + fi +- if change_file /etc/resolv.conf "$cf"; then +- chmod 644 /etc/resolv.conf ++ if $resolvconf_from_systemd; then ++ [ -n "$ifmetric" ] && export IF_METRIC="$ifmetric" ++ "$resolvconf" -a "$ifname" <"$cf" ++ else ++ if change_file /etc/resolv.conf "$cf"; then ++ chmod 644 /etc/resolv.conf ++ fi + fi + rm -f "$cf" + } +@@ -170,7 +179,7 @@ add_resolv_conf() + for x in ${new_domain_name_servers}; do + conf="${conf}nameserver $x$NL" + done +- if $have_resolvconf; then ++ if $have_resolvconf && ! $resolvconf_from_systemd; then + [ -n "$ifmetric" ] && export IF_METRIC="$ifmetric" + printf %s "$conf" | "$resolvconf" -a "$ifname" + return $? +@@ -186,7 +195,7 @@ add_resolv_conf() + + remove_resolv_conf() + { +- if $have_resolvconf; then ++ if $have_resolvconf && ($if_down || ! $resolvconf_from_systemd); then + "$resolvconf" -d "$ifname" -f + else + if [ -e "$resolv_conf_dir/$ifname" ]; then +-- +2.17.1 + diff --git a/meta/recipes-connectivity/dhcpcd/files/0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch b/meta/recipes-connectivity/dhcpcd/files/0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch new file mode 100644 index 0000000000..b958110ef1 --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch @@ -0,0 +1,43 @@ +From 1115784dfdf2e7095cf599f9becef705ac57f80e Mon Sep 17 00:00:00 2001 +From: Lei Maohui <leimaohui@fujitsu.com> +Date: Fri, 10 Mar 2023 03:48:46 +0000 +Subject: [PATCH] dhcpcd.8: Fix conflict error when enable multilib. + +Error: Transaction test error: + file /usr/share/man/man8/dhcpcd.8 conflicts between attempted + installs of dhcpcd-doc-9.4.1-r0.cortexa57 and + lib32-dhcpcd-doc-9.4.1-r0.armv7ahf_neon + +The differences between the two files are as follows: +@@ -821,7 +821,7 @@ + If you always use the same options, put them here. + .It Pa /usr/libexec/dhcpcd-run-hooks + Bourne shell script that is run to configure or de-configure an interface. +-.It Pa /usr/lib64/dhcpcd/dev ++.It Pa /usr/lib/dhcpcd/dev + Linux + .Pa /dev + management modules. + +It is just a man file, there is no necessary to manage multiple +versions. + +Upstream-Status: Inappropriate [oe specific] +Signed-off-by: Lei Maohui <leimaohui@fujitsu.com> +--- + src/dhcpcd.8.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/dhcpcd.8.in b/src/dhcpcd.8.in +index 04bf7d90..9cf10d24 100644 +--- a/src/dhcpcd.8.in ++++ b/src/dhcpcd.8.in +@@ -826,7 +826,7 @@ Configuration file for dhcpcd. + If you always use the same options, put them here. + .It Pa @SCRIPT@ + Bourne shell script that is run to configure or de-configure an interface. +-.It Pa @LIBDIR@/dhcpcd/dev ++.It Pa /usr/<libdir>/dhcpcd/dev + Linux + .Pa /dev + management modules. diff --git a/meta/recipes-connectivity/dhcpcd/files/0001-remove-INCLUDEDIR-to-prevent-build-issues.patch b/meta/recipes-connectivity/dhcpcd/files/0001-remove-INCLUDEDIR-to-prevent-build-issues.patch new file mode 100644 index 0000000000..8890c2d7dc --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/0001-remove-INCLUDEDIR-to-prevent-build-issues.patch @@ -0,0 +1,42 @@ +From 69babef33b0ee4c60d8821797777b9affedd47da Mon Sep 17 00:00:00 2001 +From: Stefano Cappa <stefano.cappa.ks89@gmail.com> +Date: Sun, 13 Jan 2019 01:50:52 +0100 +Subject: [PATCH] remove INCLUDEDIR to prevent build issues + +Upstream-Status: Pending + +Signed-off-by: Stefano Cappa <stefano.cappa.ks89@gmail.com> +--- + configure | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/configure b/configure +index 1a772b02..0f915b39 100755 +--- a/configure ++++ b/configure +@@ -26,7 +26,6 @@ BUILD= + HOST= + HOSTCC= + TARGET= +-INCLUDEDIR= + DEBUG= + FORK= + STATIC= +@@ -89,7 +88,6 @@ for x do + --mandir) MANDIR=$var;; + --datadir) DATADIR=$var;; + --with-ccopts|CFLAGS) CFLAGS=$var;; +- -I|--includedir) INCLUDEDIR="$INCLUDEDIR${INCLUDEDIR:+ }-I$var";; + CC) CC=$var;; + CPPFLAGS) CPPFLAGS=$var;; + PKG_CONFIG) PKG_CONFIG=$var;; +@@ -346,9 +344,6 @@ if [ -n "$CPPFLAGS" ]; then + echo "CPPFLAGS=" >>$CONFIG_MK + echo "CPPFLAGS+= $CPPFLAGS" >>$CONFIG_MK + fi +-if [ -n "$INCLUDEDIR" ]; then +- echo "CPPFLAGS+= $INCLUDEDIR" >>$CONFIG_MK +-fi + if [ -n "$LDFLAGS" ]; then + echo "LDFLAGS=" >>$CONFIG_MK + echo "LDFLAGS+= $LDFLAGS" >>$CONFIG_MK diff --git a/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service b/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service new file mode 100644 index 0000000000..6c967ddaf0 --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service @@ -0,0 +1,11 @@ +[Unit] +Description=A minimalistic network configuration daemon with DHCPv4, rdisc and DHCPv6 support +Wants=network.target +Before=network.target +Conflicts=connman.service + +[Service] +ExecStart=/sbin/dhcpcd -q --nobackground + +[Install] +WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service b/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service new file mode 100644 index 0000000000..845b83b9e5 --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service @@ -0,0 +1,16 @@ +[Unit] +Description=dhcpcd on %I +Wants=network.target +Before=network.target +BindsTo=sys-subsystem-net-devices-%i.device +After=sys-subsystem-net-devices-%i.device +Conflicts=connman.service + +[Service] +Type=forking +PIDFile=/run/dhcpcd/%I.pid +ExecStart=/sbin/dhcpcd -q %I +ExecStop=/sbin/dhcpcd -x %I + +[Install] +WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/inetutils/inetutils/0001-rcp-fix-to-work-with-large-files.patch b/meta/recipes-connectivity/inetutils/inetutils/0001-rcp-fix-to-work-with-large-files.patch deleted file mode 100644 index d4764f5867..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/0001-rcp-fix-to-work-with-large-files.patch +++ /dev/null @@ -1,31 +0,0 @@ -Upstream-Status: Pending - -Subject: rcp: fix to work with large files - -When we copy file by rcp command, if the file > 2GB, it will fail. -The cause is that it used incorrect data type on file size in sink() of rcp. - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - src/rcp.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/rcp.c b/src/rcp.c -index 21f55b6..bafa35f 100644 ---- a/src/rcp.c -+++ b/src/rcp.c -@@ -876,9 +876,9 @@ sink (int argc, char *argv[]) - enum - { YES, NO, DISPLAYED } wrerr; - BUF *bp; -- off_t i, j; -+ off_t i, j, size; - int amt, count, exists, first, mask, mode, ofd, omode; -- int setimes, size, targisdir, wrerrno; -+ int setimes, targisdir, wrerrno; - char ch, *cp, *np, *targ, *vect[1], buf[BUFSIZ]; - const char *why; - --- -1.9.1 - diff --git a/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch b/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch deleted file mode 100644 index a91913cb51..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch +++ /dev/null @@ -1,25 +0,0 @@ -tftpd: Fix abort on error path - -When trying to fetch a non existent file, the app crashes with: - -*** buffer overflow detected ***: -Aborted - - -Upstream-Status: Submitted [https://www.mail-archive.com/bug-inetutils@gnu.org/msg03036.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91205] -Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> -diff --git a/src/tftpd.c b/src/tftpd.c -index 56002a0..144012f 100644 ---- a/src/tftpd.c -+++ b/src/tftpd.c -@@ -864,9 +864,8 @@ nak (int error) - pe->e_msg = strerror (error - 100); - tp->th_code = EUNDEF; /* set 'undef' errorcode */ - } -- strcpy (tp->th_msg, pe->e_msg); - length = strlen (pe->e_msg); -- tp->th_msg[length] = '\0'; -+ memcpy(tp->th_msg, pe->e_msg, length + 1); - length += 5; - if (sendto (peer, buf, length, 0, (struct sockaddr *) &from, fromlen) != length) - syslog (LOG_ERR, "nak: %m\n"); diff --git a/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch b/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch deleted file mode 100644 index 24c134fcac..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch +++ /dev/null @@ -1,83 +0,0 @@ -Upstream: http://www.mail-archive.com/bug-inetutils@gnu.org/msg02103.html - -Upstream-Status: Pending - -Signed-off-by: Jackie Huang <jackie.huang@windriver.com> ---- - ping/ping_common.h | 20 ++++++++++++++++++++ - 1 file changed, 20 insertions(+) - -diff --git a/ping/ping_common.h b/ping/ping_common.h -index 1dfd1b5..3bfbd12 100644 ---- a/ping/ping_common.h -+++ b/ping/ping_common.h -@@ -17,10 +17,14 @@ - You should have received a copy of the GNU General Public License - along with this program. If not, see `http://www.gnu.org/licenses/'. */ - -+#include <config.h> -+ - #include <netinet/in_systm.h> - #include <netinet/in.h> - #include <netinet/ip.h> -+#ifdef HAVE_IPV6 - #include <netinet/icmp6.h> -+#endif - #include <icmp.h> - #include <error.h> - #include <progname.h> -@@ -62,7 +66,12 @@ struct ping_stat - want to follow the traditional behaviour of ping. */ - #define DEFAULT_PING_COUNT 0 - -+#ifdef HAVE_IPV6 - #define PING_HEADER_LEN (USE_IPV6 ? sizeof (struct icmp6_hdr) : ICMP_MINLEN) -+#else -+#define PING_HEADER_LEN (ICMP_MINLEN) -+#endif -+ - #define PING_TIMING(s) ((s) >= sizeof (struct timeval)) - #define PING_DATALEN (64 - PING_HEADER_LEN) /* default data length */ - -@@ -74,13 +83,20 @@ struct ping_stat - (t).tv_usec = ((i)%PING_PRECISION)*(1000000/PING_PRECISION) ;\ - } while (0) - -+#ifdef HAVE_IPV6 - /* FIXME: Adjust IPv6 case for options and their consumption. */ - #define _PING_BUFLEN(p, u) ((u)? ((p)->ping_datalen + sizeof (struct icmp6_hdr)) : \ - (MAXIPLEN + (p)->ping_datalen + ICMP_TSLEN)) - -+#else -+#define _PING_BUFLEN(p, u) (MAXIPLEN + (p)->ping_datalen + ICMP_TSLEN) -+#endif -+ -+#ifdef HAVE_IPV6 - typedef int (*ping_efp6) (int code, void *closure, struct sockaddr_in6 * dest, - struct sockaddr_in6 * from, struct icmp6_hdr * icmp, - int datalen); -+#endif - - typedef int (*ping_efp) (int code, - void *closure, -@@ -89,13 +105,17 @@ typedef int (*ping_efp) (int code, - struct ip * ip, icmphdr_t * icmp, int datalen); - - union event { -+#ifdef HAVE_IPV6 - ping_efp6 handler6; -+#endif - ping_efp handler; - }; - - union ping_address { - struct sockaddr_in ping_sockaddr; -+#ifdef HAVE_IPV6 - struct sockaddr_in6 ping_sockaddr6; -+#endif - }; - - typedef struct ping_data PING; --- -2.8.3 - diff --git a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch deleted file mode 100644 index 3da4e9f55a..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 552a7d64ad4a7188a9b7cd89933ae7caf7ebfe90 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger <vapier at gentoo.org> -Date: Thu, 18 Nov 2010 16:59:14 -0500 -Subject: [PATCH gnulib] printf-parse: pull in features.h for __GLIBC__ - -Upstream-Status: Pending - -Signed-off-by: Mike Frysinger <vapier at gentoo.org> ---- - lib/printf-parse.h | 3 +++ - 1 files changed, 3 insertions(+), 0 deletions(-) - -diff --git a/lib/printf-parse.h b/lib/printf-parse.h -index 67a4a2a..3bd6152 100644 ---- a/lib/printf-parse.h -+++ b/lib/printf-parse.h -@@ -25,6 +25,9 @@ - - #include "printf-args.h" - -+#ifdef HAVE_FEATURES_H -+# include <features.h> /* for __GLIBC__ */ -+#endif - - /* Flags */ - #define FLAG_GROUP 1 /* ' flag */ --- -1.7.3.2 - diff --git a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0003-wchar.patch b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0003-wchar.patch deleted file mode 100644 index b13bb9229f..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0003-wchar.patch +++ /dev/null @@ -1,14 +0,0 @@ -Upstream-Status: Pending - ---- inetutils-1.8/lib/wchar.in.h -+++ inetutils-1.8/lib/wchar.in.h -@@ -70,6 +70,9 @@ - /* The include_next requires a split double-inclusion guard. */ - #if @HAVE_WCHAR_H@ - # @INCLUDE_NEXT@ @NEXT_WCHAR_H@ -+#else -+# include <stddef.h> -+# define MB_CUR_MAX 1 - #endif - - #undef _GL_ALREADY_INCLUDING_WCHAR_H diff --git a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch deleted file mode 100644 index 2592989a90..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch +++ /dev/null @@ -1,26 +0,0 @@ -inetutils: define PATH_PROCNET_DEV if not already defined - -this prevents the following compilation error : -system/linux.c:401:15: error: 'PATH_PROCNET_DEV' undeclared (first use in this function) - -this patch comes from : - http://repository.timesys.com/buildsources/i/inetutils/inetutils-1.9/ - -Upstream-Status: Inappropriate [not author] - -Signed-of-by: Eric Bénard <eric@eukrea.com> ---- -diff -Naur inetutils-1.9.orig/ifconfig/system/linux.c inetutils-1.9/ifconfig/system/linux.c ---- inetutils-1.9.orig/ifconfig/system/linux.c 2012-01-04 16:31:36.000000000 -0500 -+++ inetutils-1.9/ifconfig/system/linux.c 2012-01-04 16:40:53.000000000 -0500 -@@ -49,6 +49,10 @@ - #include "../ifconfig.h" - - -+#ifndef PATH_PROCNET_DEV -+ #define PATH_PROCNET_DEV "/proc/net/dev" -+#endif -+ - /* ARPHRD stuff. */ - - static void diff --git a/meta/recipes-connectivity/inetutils/inetutils/inetutils-only-check-pam_appl.h-when-pam-enabled.patch b/meta/recipes-connectivity/inetutils/inetutils/inetutils-only-check-pam_appl.h-when-pam-enabled.patch deleted file mode 100644 index ff3abd86aa..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/inetutils-only-check-pam_appl.h-when-pam-enabled.patch +++ /dev/null @@ -1,40 +0,0 @@ -Only check security/pam_appl.h which is provided by package libpam when pam is -enabled. - -Upstream-Status: Pending - -Signed-off-by: Kai Kang <kai.kang@windriver.com> ---- -diff --git a/configure.ac b/configure.ac -index b35e672..e78a751 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -195,6 +195,19 @@ fi - - # See if we have libpam.a. Investigate PAM versus Linux-PAM. - if test "$with_pam" = yes ; then -+ AC_CHECK_HEADERS([security/pam_appl.h], [], [], [ -+#include <sys/types.h> -+#ifdef HAVE_NETINET_IN_SYSTM_H -+# include <netinet/in_systm.h> -+#endif -+#include <netinet/in.h> -+#ifdef HAVE_NETINET_IP_H -+# include <netinet/ip.h> -+#endif -+#ifdef HAVE_SYS_PARAM_H -+# include <sys/param.h> -+#endif -+]) - AC_CHECK_LIB(dl, dlopen, LIBDL=-ldl) - AC_CHECK_LIB(pam, pam_authenticate, LIBPAM=-lpam) - if test "$ac_cv_lib_pam_pam_authenticate" = yes ; then -@@ -587,7 +600,7 @@ AC_HEADER_DIRENT - AC_CHECK_HEADERS([arpa/nameser.h errno.h fcntl.h features.h \ - glob.h memory.h netinet/ether.h netinet/in_systm.h \ - netinet/ip.h netinet/ip_icmp.h netinet/ip_var.h \ -- security/pam_appl.h shadow.h \ -+ shadow.h \ - stdarg.h stdlib.h string.h stropts.h sys/tty.h \ - sys/utsname.h sys/ptyvar.h sys/msgbuf.h sys/filio.h \ - sys/ioctl_compat.h sys/cdefs.h sys/stream.h sys/mkdev.h \ diff --git a/meta/recipes-connectivity/inetutils/inetutils/version.patch b/meta/recipes-connectivity/inetutils/inetutils/version.patch deleted file mode 100644 index 532a0e5c08..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/version.patch +++ /dev/null @@ -1,17 +0,0 @@ -Upstream-Status: Pending - -remove m4_esyscmd function - -Signed-off-by: Chunrong Guo <b40290@freescale.com> ---- inetutils-1.9.1/configure.ac 2012-01-06 22:05:05.000000000 +0800 -+++ inetutils-1.9.1/configure.ac 2012-11-12 14:01:11.732957019 +0800 -@@ -20,8 +20,7 @@ - - AC_PREREQ(2.59) - --AC_INIT([GNU inetutils], -- m4_esyscmd([build-aux/git-version-gen .tarball-version 's/inetutils-/v/;s/_/./g']), -+AC_INIT([GNU inetutils],[1.9.4], - [bug-inetutils@gnu.org]) - - AC_CONFIG_SRCDIR([src/inetd.c]) diff --git a/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb b/meta/recipes-connectivity/inetutils/inetutils_2.5.bb index 684fbe09e1..afb0462c61 100644 --- a/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb +++ b/meta/recipes-connectivity/inetutils/inetutils_2.5.bb @@ -1,3 +1,4 @@ +SUMMARY = "The GNU inetutils are a collection of common networking utilities and servers." DESCRIPTION = "The GNU inetutils are a collection of common \ networking utilities and servers including ftp, ftpd, rcp, \ rexec, rlogin, rlogind, rsh, rshd, syslog, syslogd, talk, \ @@ -6,34 +7,23 @@ HOMEPAGE = "http://www.gnu.org/software/inetutils" SECTION = "net" DEPENDS = "ncurses netbase readline virtual/crypt" -LICENSE = "GPLv3" +LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7" -SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.gz \ - file://version.patch \ - file://inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch \ - file://inetutils-1.8-0003-wchar.patch \ - file://rexec.xinetd.inetutils \ +SRC_URI[sha256sum] = "87697d60a31e10b5cb86a9f0651e1ec7bee98320d048c0739431aac3d5764fb6" +SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \ + file://rexec.xinetd.inetutils \ file://rlogin.xinetd.inetutils \ file://rsh.xinetd.inetutils \ file://telnet.xinetd.inetutils \ file://tftpd.xinetd.inetutils \ - file://inetutils-1.9-PATH_PROCNET_DEV.patch \ - file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \ - file://0001-rcp-fix-to-work-with-large-files.patch \ - file://fix-buffer-fortify-tfpt.patch \ -" - -SRC_URI[md5sum] = "04852c26c47cc8c6b825f2b74f191f52" -SRC_URI[sha256sum] = "be8f75eff936b8e41b112462db51adf689715658a1b09e0d6b05d11ec92cc616" + " inherit autotools gettext update-alternatives texinfo acpaths = "-I ./m4" -SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '', 'file://fix-disable-ipv6.patch', d)}" - PACKAGECONFIG ??= "ftp uucpd \ ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6 ping6', '', d)} \ @@ -45,24 +35,36 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6 gl_cv_socket_ipv6=no," PACKAGECONFIG[ping6] = "--enable-ping6,--disable-ping6," EXTRA_OECONF = "--with-ncurses-include-dir=${STAGING_INCDIR} \ - inetutils_cv_path_login=${base_bindir}/login \ --with-libreadline-prefix=${STAGING_LIBDIR} \ --enable-rpath=no \ -" + --with-path-login=${base_bindir}/login \ + --with-path-cp=${base_bindir}/cp \ + --with-path-uucico=${libexecdir}/uuico \ + --with-path-procnet-dev=/proc/net/dev \ + " + +EXTRA_OECONF:append:libc-musl = " --with-path-utmpx=/dev/null/utmpx --with-path-wtmpx=/dev/null/wtmpx" # These are horrible for security, disable them -EXTRA_OECONF_append = " --disable-rsh --disable-rshd --disable-rcp \ +EXTRA_OECONF:append = " --disable-rsh --disable-rshd --disable-rcp \ --disable-rlogin --disable-rlogind --disable-rexec --disable-rexecd" -do_configure_prepend () { +# The configure script guesses many paths in cross builds, check for this happening +do_configure_cross_check() { + if grep "may be incorrect because of cross-compilation" ${B}/config.log; then + bberror Default path values used, these must be set explicitly + fi +} +do_configure[postfuncs] += "do_configure_cross_check" + +# The --with-path options are not actually options, so this check needs to be silenced +ERROR_QA:remove = "unknown-configure-option" + +do_configure:prepend () { export HELP2MAN='true' - cp ${STAGING_DATADIR_NATIVE}/gettext/config.rpath ${S}/build-aux/config.rpath - install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess ${S} - install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub ${S} - rm -f ${S}/glob/configure* } -do_install_append () { +do_install:append () { install -m 0755 -d ${D}${base_sbindir} install -m 0755 -d ${D}${sbindir} install -m 0755 -d ${D}${sysconfdir}/xinetd.d @@ -70,6 +72,7 @@ do_install_append () { install -m 0755 -d ${D}${base_bindir} mv ${D}${bindir}/ping* ${D}${base_bindir}/ mv ${D}${bindir}/hostname ${D}${base_bindir}/ + mv ${D}${bindir}/dnsdomainname ${D}${base_bindir}/ fi mv ${D}${bindir}/ifconfig ${D}${base_sbindir}/ mv ${D}${libexecdir}/syslogd ${D}${base_sbindir}/ @@ -77,23 +80,23 @@ do_install_append () { mv ${D}${libexecdir}/telnetd ${D}${sbindir}/in.telnetd if [ -e ${D}${libexecdir}/rexecd ]; then mv ${D}${libexecdir}/rexecd ${D}${sbindir}/in.rexecd - cp ${WORKDIR}/rexec.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rexec + cp ${UNPACKDIR}/rexec.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rexec fi if [ -e ${D}${libexecdir}/rlogind ]; then mv ${D}${libexecdir}/rlogind ${D}${sbindir}/in.rlogind - cp ${WORKDIR}/rlogin.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rlogin + cp ${UNPACKDIR}/rlogin.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rlogin fi if [ -e ${D}${libexecdir}/rshd ]; then mv ${D}${libexecdir}/rshd ${D}${sbindir}/in.rshd - cp ${WORKDIR}/rsh.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rsh + cp ${UNPACKDIR}/rsh.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rsh fi if [ -e ${D}${libexecdir}/talkd ]; then mv ${D}${libexecdir}/talkd ${D}${sbindir}/in.talkd fi mv ${D}${libexecdir}/uucpd ${D}${sbindir}/in.uucpd mv ${D}${libexecdir}/* ${D}${bindir}/ - cp ${WORKDIR}/telnet.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/telnet - cp ${WORKDIR}/tftpd.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/tftpd + cp ${UNPACKDIR}/telnet.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/telnet + cp ${UNPACKDIR}/tftpd.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/tftpd sed -e 's,@SBINDIR@,${sbindir},g' -i ${D}/${sysconfdir}/xinetd.d/* if [ -e ${D}${libdir}/charset.alias ]; then @@ -117,94 +120,99 @@ PACKAGES =+ "${PN}-tftpd-dbg ${PN}-telnetd-dbg ${PN}-rshd-dbg" NOAUTOPACKAGEDEBUG = "1" ALTERNATIVE_PRIORITY = "79" -ALTERNATIVE_${PN} = "whois" +ALTERNATIVE:${PN} = "whois dnsdomainname" ALTERNATIVE_LINK_NAME[uucpd] = "${sbindir}/in.uucpd" +ALTERNATIVE_LINK_NAME[dnsdomainname] = "${base_bindir}/dnsdomainname" ALTERNATIVE_PRIORITY_${PN}-logger = "60" -ALTERNATIVE_${PN}-logger = "logger" -ALTERNATIVE_${PN}-syslogd = "syslogd" +ALTERNATIVE:${PN}-logger = "logger" +ALTERNATIVE:${PN}-syslogd = "syslogd" ALTERNATIVE_LINK_NAME[syslogd] = "${base_sbindir}/syslogd" -ALTERNATIVE_${PN}-ftp = "ftp" -ALTERNATIVE_${PN}-ftpd = "ftpd" -ALTERNATIVE_${PN}-tftp = "tftp" -ALTERNATIVE_${PN}-tftpd = "tftpd" +ALTERNATIVE:${PN}-ftp = "ftp" +ALTERNATIVE:${PN}-ftpd = "ftpd" +ALTERNATIVE:${PN}-tftp = "tftp" +ALTERNATIVE:${PN}-tftpd = "tftpd" ALTERNATIVE_LINK_NAME[tftpd] = "${sbindir}/tftpd" ALTERNATIVE_TARGET[tftpd] = "${sbindir}/in.tftpd" -ALTERNATIVE_${PN}-telnet = "telnet" -ALTERNATIVE_${PN}-telnetd = "telnetd" +ALTERNATIVE:${PN}-telnet = "telnet" +ALTERNATIVE:${PN}-telnetd = "telnetd" ALTERNATIVE_LINK_NAME[telnetd] = "${sbindir}/telnetd" ALTERNATIVE_TARGET[telnetd] = "${sbindir}/in.telnetd" -ALTERNATIVE_${PN}-inetd= "inetd" -ALTERNATIVE_${PN}-traceroute = "traceroute" +ALTERNATIVE:${PN}-inetd= "inetd" +ALTERNATIVE:${PN}-traceroute = "traceroute" -ALTERNATIVE_${PN}-hostname = "hostname" +ALTERNATIVE:${PN}-hostname = "hostname" ALTERNATIVE_LINK_NAME[hostname] = "${base_bindir}/hostname" -ALTERNATIVE_${PN}-doc = "hostname.1 dnsdomainname.1 logger.1 syslogd.8" +ALTERNATIVE:${PN}-doc = "hostname.1 dnsdomainname.1 logger.1 syslogd.8 \ + tftpd.8 tftp.1 telnetd.8" ALTERNATIVE_LINK_NAME[hostname.1] = "${mandir}/man1/hostname.1" ALTERNATIVE_LINK_NAME[dnsdomainname.1] = "${mandir}/man1/dnsdomainname.1" ALTERNATIVE_LINK_NAME[logger.1] = "${mandir}/man1/logger.1" ALTERNATIVE_LINK_NAME[syslogd.8] = "${mandir}/man8/syslogd.8" +ALTERNATIVE_LINK_NAME[telnetd.8] = "${mandir}/man8/telnetd.8" +ALTERNATIVE_LINK_NAME[tftpd.8] = "${mandir}/man8/tftpd.8" +ALTERNATIVE_LINK_NAME[tftp.1] = "${mandir}/man1/tftp.1" -ALTERNATIVE_${PN}-ifconfig = "ifconfig" +ALTERNATIVE:${PN}-ifconfig = "ifconfig" ALTERNATIVE_LINK_NAME[ifconfig] = "${base_sbindir}/ifconfig" -ALTERNATIVE_${PN}-ping = "ping" +ALTERNATIVE:${PN}-ping = "ping" ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" -ALTERNATIVE_${PN}-ping6 = "${@bb.utils.filter('PACKAGECONFIG', 'ping6', d)}" +ALTERNATIVE:${PN}-ping6 = "${@bb.utils.filter('PACKAGECONFIG', 'ping6', d)}" ALTERNATIVE_LINK_NAME[ping6] = "${base_bindir}/ping6" -FILES_${PN}-dbg += "${base_bindir}/.debug ${base_sbindir}/.debug ${bindir}/.debug ${sbindir}/.debug" -FILES_${PN}-ping = "${base_bindir}/ping.${BPN}" -FILES_${PN}-ping6 = "${base_bindir}/ping6.${BPN}" -FILES_${PN}-hostname = "${base_bindir}/hostname.${BPN}" -FILES_${PN}-ifconfig = "${base_sbindir}/ifconfig.${BPN}" -FILES_${PN}-traceroute = "${bindir}/traceroute.${BPN}" -FILES_${PN}-logger = "${bindir}/logger.${BPN}" +FILES:${PN}-dbg += "${base_bindir}/.debug ${base_sbindir}/.debug ${bindir}/.debug ${sbindir}/.debug" +FILES:${PN}-ping = "${base_bindir}/ping.${BPN}" +FILES:${PN}-ping6 = "${base_bindir}/ping6.${BPN}" +FILES:${PN}-hostname = "${base_bindir}/hostname.${BPN}" +FILES:${PN}-ifconfig = "${base_sbindir}/ifconfig.${BPN}" +FILES:${PN}-traceroute = "${bindir}/traceroute.${BPN}" +FILES:${PN}-logger = "${bindir}/logger.${BPN}" -FILES_${PN}-syslogd = "${base_sbindir}/syslogd.${BPN}" -RCONFLICTS_${PN}-syslogd = "rsyslog busybox-syslog sysklogd syslog-ng" +FILES:${PN}-syslogd = "${base_sbindir}/syslogd.${BPN}" +RCONFLICTS:${PN}-syslogd = "rsyslog busybox-syslog sysklogd syslog-ng" -FILES_${PN}-ftp = "${bindir}/ftp.${BPN}" +FILES:${PN}-ftp = "${bindir}/ftp.${BPN}" -FILES_${PN}-tftp = "${bindir}/tftp.${BPN}" -FILES_${PN}-telnet = "${bindir}/telnet.${BPN}" +FILES:${PN}-tftp = "${bindir}/tftp.${BPN}" +FILES:${PN}-telnet = "${bindir}/telnet.${BPN}" # We make us of RCONFLICTS / RPROVIDES here rather than using the normal # alternatives method as this leads to packaging QA issues when using # musl as that library does not provide what these applications need to # build. -FILES_${PN}-rsh = "${bindir}/rsh ${bindir}/rlogin ${bindir}/rexec ${bindir}/rcp" -RCONFLICTS_${PN}-rsh += "netkit-rsh-client" -RPROVIDES_${PN}-rsh = "rsh" +FILES:${PN}-rsh = "${bindir}/rsh ${bindir}/rlogin ${bindir}/rexec ${bindir}/rcp" +RCONFLICTS:${PN}-rsh += "netkit-rsh-client" +RPROVIDES:${PN}-rsh = "rsh" -FILES_${PN}-rshd = "${sbindir}/in.rshd ${sbindir}/in.rlogind ${sbindir}/in.rexecd \ +FILES:${PN}-rshd = "${sbindir}/in.rshd ${sbindir}/in.rlogind ${sbindir}/in.rexecd \ ${sysconfdir}/xinetd.d/rsh ${sysconfdir}/xinetd.d/rlogin ${sysconfdir}/xinetd.d/rexec" -FILES_${PN}-rshd-dbg = "${sbindir}/.debug/in.rshd ${sbindir}/.debug/in.rlogind ${sbindir}/.debug/in.rexecd" -RDEPENDS_${PN}-rshd += "xinetd tcp-wrappers" -RCONFLICTS_${PN}-rshd += "netkit-rshd-server" -RPROVIDES_${PN}-rshd = "rshd" +FILES:${PN}-rshd-dbg = "${sbindir}/.debug/in.rshd ${sbindir}/.debug/in.rlogind ${sbindir}/.debug/in.rexecd" +RDEPENDS:${PN}-rshd += "xinetd tcp-wrappers" +RCONFLICTS:${PN}-rshd += "netkit-rshd-server" +RPROVIDES:${PN}-rshd = "rshd" -FILES_${PN}-ftpd = "${bindir}/ftpd.${BPN}" -FILES_${PN}-ftpd-dbg = "${bindir}/.debug/ftpd.${BPN}" -RDEPENDS_${PN}-ftpd += "xinetd" +FILES:${PN}-ftpd = "${bindir}/ftpd.${BPN}" +FILES:${PN}-ftpd-dbg = "${bindir}/.debug/ftpd.${BPN}" +RDEPENDS:${PN}-ftpd += "xinetd" -FILES_${PN}-tftpd = "${sbindir}/in.tftpd ${sysconfdir}/xinetd.d/tftpd" -FILES_${PN}-tftpd-dbg = "${sbindir}/.debug/in.tftpd" -RCONFLICTS_${PN}-tftpd += "netkit-tftpd" -RDEPENDS_${PN}-tftpd += "xinetd" +FILES:${PN}-tftpd = "${sbindir}/in.tftpd ${sysconfdir}/xinetd.d/tftpd" +FILES:${PN}-tftpd-dbg = "${sbindir}/.debug/in.tftpd" +RCONFLICTS:${PN}-tftpd += "netkit-tftpd" +RDEPENDS:${PN}-tftpd += "xinetd" -FILES_${PN}-telnetd = "${sbindir}/in.telnetd ${sysconfdir}/xinetd.d/telnet" -FILES_${PN}-telnetd-dbg = "${sbindir}/.debug/in.telnetd" -RCONFLICTS_${PN}-telnetd += "netkit-telnet" -RPROVIDES_${PN}-telnetd = "telnetd" -RDEPENDS_${PN}-telnetd += "xinetd" +FILES:${PN}-telnetd = "${sbindir}/in.telnetd ${sysconfdir}/xinetd.d/telnet" +FILES:${PN}-telnetd-dbg = "${sbindir}/.debug/in.telnetd" +RCONFLICTS:${PN}-telnetd += "netkit-telnet" +RPROVIDES:${PN}-telnetd = "telnetd" +RDEPENDS:${PN}-telnetd += "xinetd" -FILES_${PN}-inetd = "${bindir}/inetd.${BPN}" +FILES:${PN}-inetd = "${bindir}/inetd.${BPN}" -RDEPENDS_${PN} = "xinetd" +RDEPENDS:${PN} = "xinetd" diff --git a/meta/recipes-connectivity/iproute2/iproute2.inc b/meta/recipes-connectivity/iproute2/iproute2.inc deleted file mode 100644 index fc31b8444e..0000000000 --- a/meta/recipes-connectivity/iproute2/iproute2.inc +++ /dev/null @@ -1,69 +0,0 @@ -SUMMARY = "TCP / IP networking and traffic control utilities" -DESCRIPTION = "Iproute2 is a collection of utilities for controlling \ -TCP / IP networking and traffic control in Linux. Of the utilities ip \ -and tc are the most important. ip controls IPv4 and IPv6 \ -configuration and tc stands for traffic control." -HOMEPAGE = "http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2" -SECTION = "base" -LICENSE = "GPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ - file://ip/ip.c;beginline=3;endline=8;md5=689d691d0410a4b64d3899f8d6e31817" - -DEPENDS = "flex-native bison-native iptables libcap" - -inherit update-alternatives bash-completion pkgconfig - -CLEANBROKEN = "1" - -PACKAGECONFIG ??= "tipc elf" -PACKAGECONFIG[tipc] = ",,libmnl," -PACKAGECONFIG[elf] = ",,elfutils," - -EXTRA_OEMAKE = "CC='${CC}' KERNEL_INCLUDE=${STAGING_INCDIR} DOCDIR=${docdir}/iproute2 SUBDIRS='lib tc ip bridge misc genl \ - ${@bb.utils.contains('PACKAGECONFIG', 'tipc', 'tipc', '', d)}' SBINDIR='${base_sbindir}' LIBDIR='${libdir}'" - -do_configure_append () { - sh configure ${STAGING_INCDIR} - # Explicitly disable ATM support - sed -i -e '/TC_CONFIG_ATM/d' config.mk -} - -do_install () { - oe_runmake DESTDIR=${D} install - mv ${D}${base_sbindir}/ip ${D}${base_sbindir}/ip.iproute2 - install -d ${D}${datadir} - mv ${D}/share/* ${D}${datadir}/ || true - rm ${D}/share -rf || true -} - -# The .so files in iproute2-tc are modules, not traditional libraries -INSANE_SKIP_${PN}-tc = "dev-so" - -PACKAGES =+ "${PN}-tc \ - ${PN}-lnstat \ - ${PN}-ifstat \ - ${PN}-genl \ - ${PN}-rtacct \ - ${PN}-nstat \ - ${PN}-ss \ - ${@bb.utils.contains('PACKAGECONFIG', 'tipc', '${PN}-tipc', '', d)}" -FILES_${PN}-tc = "${base_sbindir}/tc* \ - ${libdir}/tc/*.so" -FILES_${PN}-lnstat = "${base_sbindir}/lnstat \ - ${base_sbindir}/ctstat \ - ${base_sbindir}/rtstat" -FILES_${PN}-ifstat = "${base_sbindir}/ifstat" -FILES_${PN}-genl = "${base_sbindir}/genl" -FILES_${PN}-rtacct = "${base_sbindir}/rtacct" -FILES_${PN}-nstat = "${base_sbindir}/nstat" -FILES_${PN}-ss = "${base_sbindir}/ss" -FILES_${PN}-tipc = "${base_sbindir}/tipc" - -ALTERNATIVE_${PN} = "ip" -ALTERNATIVE_TARGET[ip] = "${base_sbindir}/ip.${BPN}" -ALTERNATIVE_LINK_NAME[ip] = "${base_sbindir}/ip" -ALTERNATIVE_PRIORITY = "100" - -ALTERNATIVE_${PN}-tc = "tc" -ALTERNATIVE_LINK_NAME[tc] = "${base_sbindir}/tc" -ALTERNATIVE_PRIORITY_${PN}-tc = "100" diff --git a/meta/recipes-connectivity/iproute2/iproute2/0001-include-libnetlink.h-add-missing-include-for-htobe64.patch b/meta/recipes-connectivity/iproute2/iproute2/0001-include-libnetlink.h-add-missing-include-for-htobe64.patch new file mode 100644 index 0000000000..555d63b240 --- /dev/null +++ b/meta/recipes-connectivity/iproute2/iproute2/0001-include-libnetlink.h-add-missing-include-for-htobe64.patch @@ -0,0 +1,24 @@ +From f3c574b27000fd887cee84ab47adf23f767cbea1 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex@linutronix.de> +Date: Sat, 24 Aug 2024 15:32:25 +0200 +Subject: [PATCH] include/libnetlink.h: add missing include for htobe64 + definitions + +Upstream-Status: Submitted [by email to stephen@networkplumber.org netdev@vger.kernel.org] +Signed-off-by: Alexander Kanavin <alex@linutronix.de> +--- + include/libnetlink.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/include/libnetlink.h b/include/libnetlink.h +index 30f0c2d..77e8181 100644 +--- a/include/libnetlink.h ++++ b/include/libnetlink.h +@@ -12,6 +12,7 @@ + #include <linux/neighbour.h> + #include <linux/netconf.h> + #include <arpa/inet.h> ++#include <endian.h> + + struct rtnl_handle { + int fd; diff --git a/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch b/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch deleted file mode 100644 index 50c4bfb0f2..0000000000 --- a/meta/recipes-connectivity/iproute2/iproute2/0001-libc-compat.h-add-musl-workaround.patch +++ /dev/null @@ -1,41 +0,0 @@ -From b7d96340c55afb7023ded0041107c63dbd886196 Mon Sep 17 00:00:00 2001 -From: Baruch Siach <baruch@tkos.co.il> -Date: Thu, 22 Dec 2016 15:26:30 +0200 -Subject: [PATCH] libc-compat.h: add musl workaround - -The libc-compat.h kernel header uses glibc specific macros (__GLIBC__ and -__USE_MISC) to solve conflicts with libc provided headers. This patch makes -libc-compat.h work for musl libc as well. - -Upstream-Status: Pending - -Taken From: -https://git.buildroot.net/buildroot/tree/package/iproute2/0001-Add-the-musl-workaround-to-the-libc-compat.h-copy.patch - -Signed-off-by: Baruch Siach <baruch@tkos.co.il> -Signed-off-by: Maxin B. John <maxin.john@intel.com> ---- - include/uapi/linux/libc-compat.h | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/include/uapi/linux/libc-compat.h b/include/uapi/linux/libc-compat.h -index f38571d..30f0b67 100644 ---- a/include/uapi/linux/libc-compat.h -+++ b/include/uapi/linux/libc-compat.h -@@ -49,10 +49,12 @@ - #define _LIBC_COMPAT_H - - /* We have included glibc headers... */ --#if defined(__GLIBC__) -+#if 1 -+#define __USE_MISC - - /* Coordinate with glibc net/if.h header. */ - #if defined(_NET_IF_H) && defined(__USE_MISC) -+#define __UAPI_DEF_IF_NET_DEVICE_FLAGS_LOWER_UP_DORMANT_ECHO 0 - - /* GLIBC headers included first so don't define anything - * that would already be defined. */ --- -2.4.0 - diff --git a/meta/recipes-connectivity/iproute2/iproute2_5.3.0.bb b/meta/recipes-connectivity/iproute2/iproute2_5.3.0.bb deleted file mode 100644 index 8a86cbf78c..0000000000 --- a/meta/recipes-connectivity/iproute2/iproute2_5.3.0.bb +++ /dev/null @@ -1,12 +0,0 @@ -require iproute2.inc - -SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ - file://0001-libc-compat.h-add-musl-workaround.patch \ - " - -SRC_URI[md5sum] = "227404413c8d6db649d6188ead1e5a6e" -SRC_URI[sha256sum] = "cb1c1e45993a3bd2438543fd4332d70f1726a6e6ff97dc613a8258c993117b3f" - -# CFLAGS are computed in Makefile and reference CCOPTS -# -EXTRA_OEMAKE_append = " CCOPTS='${CFLAGS}'" diff --git a/meta/recipes-connectivity/iproute2/iproute2_6.10.0.bb b/meta/recipes-connectivity/iproute2/iproute2_6.10.0.bb new file mode 100644 index 0000000000..9f0c9aab59 --- /dev/null +++ b/meta/recipes-connectivity/iproute2/iproute2_6.10.0.bb @@ -0,0 +1,111 @@ +SUMMARY = "TCP / IP networking and traffic control utilities" +DESCRIPTION = "Iproute2 is a collection of utilities for controlling \ +TCP / IP networking and traffic control in Linux. Of the utilities ip \ +and tc are the most important. ip controls IPv4 and IPv6 \ +configuration and tc stands for traffic control." +HOMEPAGE = "http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2" +SECTION = "base" +LICENSE = "GPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ + " + +DEPENDS = "flex-native bison-native iptables libcap" + +SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ + file://0001-include-libnetlink.h-add-missing-include-for-htobe64.patch \ + " + +SRC_URI[sha256sum] = "91a62f82737b44905a00fa803369c447d549e914e9a2a4018fdd75b1d54e8dce" + +inherit update-alternatives bash-completion pkgconfig + +PACKAGECONFIG ??= "tipc elf devlink" +PACKAGECONFIG[tipc] = ",,libmnl," +PACKAGECONFIG[elf] = ",,elfutils," +PACKAGECONFIG[devlink] = ",,libmnl," +PACKAGECONFIG[rdma] = ",,libmnl," +PACKAGECONFIG[selinux] = ",,libselinux" + +IPROUTE2_MAKE_SUBDIRS = "lib tc ip bridge misc genl ${@bb.utils.filter('PACKAGECONFIG', 'devlink tipc rdma', d)}" + +# This is needed with GCC-14 and musl +CFLAGS += "-Wno-error=incompatible-pointer-types" +# CFLAGS are computed in Makefile and reference CCOPTS +# +EXTRA_OEMAKE = "\ + CC='${CC}' \ + KERNEL_INCLUDE=${STAGING_INCDIR} \ + DOCDIR=${docdir}/iproute2 \ + SUBDIRS='${IPROUTE2_MAKE_SUBDIRS}' \ + SBINDIR='${base_sbindir}' \ + CONF_USR_DIR='${libdir}/iproute2' \ + LIBDIR='${libdir}' \ + CCOPTS='${CFLAGS}' \ +" + +do_configure:append () { + sh configure ${STAGING_INCDIR} + # Explicitly disable ATM support + sed -i -e '/TC_CONFIG_ATM/d' config.mk +} + +do_install () { + oe_runmake DESTDIR=${D} install + mv ${D}${base_sbindir}/ip ${D}${base_sbindir}/ip.iproute2 + install -d ${D}${datadir} + mv ${D}/share/* ${D}${datadir}/ || true + rm ${D}/share -rf || true + + # Remove support fot ipt and xt in tc. So tc library directory is not needed. + rm ${D}${libdir}/tc -rf +} + +# The .so files in iproute2-tc are modules, not traditional libraries +INSANE_SKIP:${PN}-tc = "dev-so" + +IPROUTE2_PACKAGES =+ "\ + ${PN}-bridge \ + ${PN}-devlink \ + ${PN}-genl \ + ${PN}-ifstat \ + ${PN}-ip \ + ${PN}-lnstat \ + ${PN}-nstat \ + ${PN}-routel \ + ${PN}-rtacct \ + ${PN}-ss \ + ${PN}-tc \ + ${PN}-tipc \ + ${PN}-rdma \ +" + +PACKAGE_BEFORE_PN = "${IPROUTE2_PACKAGES}" +RDEPENDS:${PN} += "${PN}-ip" + +FILES:${PN}-tc = "${base_sbindir}/tc* \ + ${libdir}/tc/*.so" +FILES:${PN}-lnstat = "${base_sbindir}/lnstat \ + ${base_sbindir}/ctstat \ + ${base_sbindir}/rtstat" +FILES:${PN}-ifstat = "${base_sbindir}/ifstat" +FILES:${PN}-ip = "${base_sbindir}/ip.* ${libdir}/iproute2" +FILES:${PN}-genl = "${base_sbindir}/genl" +FILES:${PN}-rtacct = "${base_sbindir}/rtacct" +FILES:${PN}-nstat = "${base_sbindir}/nstat" +FILES:${PN}-ss = "${base_sbindir}/ss" +FILES:${PN}-tipc = "${base_sbindir}/tipc" +FILES:${PN}-devlink = "${base_sbindir}/devlink" +FILES:${PN}-rdma = "${base_sbindir}/rdma" +FILES:${PN}-routel = "${base_sbindir}/routel" +FILES:${PN}-bridge = "${base_sbindir}/bridge" + +RDEPENDS:${PN}-routel = "python3-core" + +ALTERNATIVE:${PN}-ip = "ip" +ALTERNATIVE_TARGET[ip] = "${base_sbindir}/ip.${BPN}" +ALTERNATIVE_LINK_NAME[ip] = "${base_sbindir}/ip" +ALTERNATIVE_PRIORITY = "100" + +ALTERNATIVE:${PN}-tc = "tc" +ALTERNATIVE_LINK_NAME[tc] = "${base_sbindir}/tc" +ALTERNATIVE_PRIORITY_${PN}-tc = "100" diff --git a/meta/recipes-connectivity/iw/iw/separate-objdir.patch b/meta/recipes-connectivity/iw/iw/separate-objdir.patch index eb01a5a14e..179fd90124 100644 --- a/meta/recipes-connectivity/iw/iw/separate-objdir.patch +++ b/meta/recipes-connectivity/iw/iw/separate-objdir.patch @@ -1,3 +1,6 @@ +From ff9f0a631c99fb6e2677c02bf572a5e69c70f5cf Mon Sep 17 00:00:00 2001 +From: Changhyeok Bae <changhyeok.bae@gmail.com> +Date: Mon, 27 Jan 2020 22:48:03 +0100 Subject: [PATCH] Support separation of SRCDIR and OBJDIR Typical use of VPATH to locate the sources. @@ -11,12 +14,12 @@ Signed-off-by: Maxin B. John <maxin.john@intel.com> 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile -index 33aaf6a..9030796 100644 +index 90f2251..714cdb9 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,9 @@ MAKEFLAGS += --no-print-directory - + +SRCDIR ?= $(dir $(lastword $(MAKEFILE_LIST))) +OBJDIR ?= $(PWD) +VPATH = $(SRCDIR) @@ -24,19 +27,24 @@ index 33aaf6a..9030796 100644 PREFIX ?= /usr SBINDIR ?= $(PREFIX)/sbin MANDIR ?= $(PREFIX)/share/man -@@ -103,11 +107,11 @@ VERSION_OBJS := $(filter-out version.o, $(OBJS)) +@@ -92,7 +96,7 @@ all: $(ALL) version.c: version.sh $(patsubst %.o,%.c,$(VERSION_OBJS)) nl80211.h iw.h Makefile \ $(wildcard .git/index .git/refs/tags) @$(NQ) ' GEN ' $@ - $(Q)./version.sh $@ + $(Q)cd $(SRCDIR) && ./version.sh $(OBJDIR)/$@ - - %.o: %.c iw.h nl80211.h + + nl80211-commands.inc: nl80211.h + @$(NQ) ' GEN ' $@ +@@ -100,7 +104,7 @@ nl80211-commands.inc: nl80211.h + + %.o: %.c iw.h nl80211.h nl80211-commands.inc @$(NQ) ' CC ' $@ - $(Q)$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $< + $(Q)$(CC) -I$(SRCDIR) $(CFLAGS) $(CPPFLAGS) -c -o $@ $< - + ifeq ($(IW_ANDROID_BUILD),) iw: $(OBJS) --- -2.20.1 (Apple Git-117) +-- +2.23.0 + diff --git a/meta/recipes-connectivity/iw/iw_5.3.bb b/meta/recipes-connectivity/iw/iw_6.9.bb index f7f13f5a30..e34400e18b 100644 --- a/meta/recipes-connectivity/iw/iw_5.3.bb +++ b/meta/recipes-connectivity/iw/iw_6.9.bb @@ -2,9 +2,9 @@ SUMMARY = "nl80211 based CLI configuration utility for wireless devices" DESCRIPTION = "iw is a new nl80211 based CLI configuration utility for \ wireless devices. It supports almost all new drivers that have been added \ to the kernel recently. " -HOMEPAGE = "http://wireless.kernel.org/en/users/Documentation/iw" +HOMEPAGE = "https://wireless.wiki.kernel.org/en/users/documentation/iw" SECTION = "base" -LICENSE = "BSD-2-Clause" +LICENSE = "ISC" LIC_FILES_CHKSUM = "file://COPYING;md5=878618a5c4af25e9b93ef0be1a93f774" DEPENDS = "libnl" @@ -14,8 +14,7 @@ SRC_URI = "http://www.kernel.org/pub/software/network/iw/${BP}.tar.gz \ file://separate-objdir.patch \ " -SRC_URI[md5sum] = "6d4d1c0ee34f3a7bda0e6aafcd7aaf31" -SRC_URI[sha256sum] = "175abbfce86348c0b70e778c13a94c0bfc9abc7a506d2bd608261583aeedf64a" +SRC_URI[sha256sum] = "4c3194778b175d58442907d51d1977e7270fce5cbebff0eab11c45c1da287a4b" inherit pkgconfig diff --git a/meta/recipes-connectivity/kea/files/0001-Replace-Name-NameString-with-vector-of-uint8_t.patch b/meta/recipes-connectivity/kea/files/0001-Replace-Name-NameString-with-vector-of-uint8_t.patch new file mode 100644 index 0000000000..a7deeca243 --- /dev/null +++ b/meta/recipes-connectivity/kea/files/0001-Replace-Name-NameString-with-vector-of-uint8_t.patch @@ -0,0 +1,90 @@ +From 6b9fb56e3573aa65923df9a08201dd5321a1b1f1 Mon Sep 17 00:00:00 2001 +From: Dimitry Andric <dimitry@andric.com> +Date: Sat, 3 Aug 2024 14:37:52 +0200 +Subject: [PATCH 1/2] Replace Name::NameString with vector of uint8_t + +As noted in the libc++ 19 release notes, it now only provides +std::char_traits<> for types char, char8_t, char16_t, char32_t and +wchar_t, and any instantiation for other types will fail. + +Name::NameString is defined as a std::basic_string<uint8_t>, so that +will no longer work. Redefine it as a std::vector<uint8_t> instead. + +Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2410] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/lib/dns/name.cc | 12 ++++++------ + src/lib/dns/name.h | 2 +- + 2 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/src/lib/dns/name.cc b/src/lib/dns/name.cc +index ac48205..085229b 100644 +--- a/src/lib/dns/name.cc ++++ b/src/lib/dns/name.cc +@@ -303,7 +303,7 @@ Name::Name(const std::string &namestring, bool downcase) { + // And get the output + labelcount_ = offsets.size(); + isc_throw_assert(labelcount_ > 0 && labelcount_ <= Name::MAX_LABELS); +- ndata_.assign(ndata.data(), ndata.size()); ++ ndata_.assign(ndata.data(), ndata.data() + ndata.size()); + length_ = ndata_.size(); + offsets_.assign(offsets.begin(), offsets.end()); + } +@@ -336,7 +336,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin, + // Get the output + labelcount_ = offsets.size(); + isc_throw_assert(labelcount_ > 0 && labelcount_ <= Name::MAX_LABELS); +- ndata_.assign(ndata.data(), ndata.size()); ++ ndata_.assign(ndata.data(), ndata.data() + ndata.size()); + length_ = ndata_.size(); + offsets_.assign(offsets.begin(), offsets.end()); + +@@ -347,7 +347,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin, + // Drop the last character of the data (the \0) and append a copy of + // the origin's data + ndata_.erase(ndata_.end() - 1); +- ndata_.append(origin->ndata_); ++ ndata_.insert(ndata.end(), origin->ndata_.begin(), origin->ndata_.end()); + + // Do a similar thing with offsets. However, we need to move them + // so they point after the prefix we parsed before. +@@ -582,7 +582,7 @@ Name::concatenate(const Name& suffix) const { + + Name retname; + retname.ndata_.reserve(length); +- retname.ndata_.assign(ndata_, 0, length_ - 1); ++ retname.ndata_.assign(ndata_.data(), ndata_.data() + length_ - 1); + retname.ndata_.insert(retname.ndata_.end(), + suffix.ndata_.begin(), suffix.ndata_.end()); + isc_throw_assert(retname.ndata_.size() == length); +@@ -622,7 +622,7 @@ Name::reverse() const { + NameString::const_iterator n0 = ndata_.begin(); + retname.offsets_.push_back(0); + while (rit1 != offsets_.rend()) { +- retname.ndata_.append(n0 + *rit1, n0 + *rit0); ++ retname.ndata_.insert(retname.ndata_.end(), n0 + *rit1, n0 + *rit0); + retname.offsets_.push_back(retname.ndata_.size()); + ++rit0; + ++rit1; +@@ -662,7 +662,7 @@ Name::split(const unsigned int first, const unsigned int n) const { + // original name, and append the trailing dot explicitly. + // + retname.ndata_.reserve(retname.offsets_.back() + 1); +- retname.ndata_.assign(ndata_, offsets_[first], retname.offsets_.back()); ++ retname.ndata_.assign(ndata_.data() + offsets_[first], ndata_.data() + retname.offsets_.back()); + retname.ndata_.push_back(0); + + retname.length_ = retname.ndata_.size(); +diff --git a/src/lib/dns/name.h b/src/lib/dns/name.h +index 37723e8..fac0036 100644 +--- a/src/lib/dns/name.h ++++ b/src/lib/dns/name.h +@@ -228,7 +228,7 @@ class Name { + //@{ + private: + /// \brief Name data string +- typedef std::basic_string<uint8_t> NameString; ++ typedef std::vector<uint8_t> NameString; + /// \brief Name offsets type + typedef std::vector<uint8_t> NameOffsets; + diff --git a/meta/recipes-connectivity/kea/files/0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch b/meta/recipes-connectivity/kea/files/0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch new file mode 100644 index 0000000000..94fbd12737 --- /dev/null +++ b/meta/recipes-connectivity/kea/files/0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch @@ -0,0 +1,28 @@ +From 841924e1fe8db2bff3eab8d37634ef08f86c00ec Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Tue, 10 Nov 2020 15:57:03 +0000 +Subject: [PATCH] src/lib/log/logger_unittest_support.cc: do not write build + path into binary + +This breaks reproducibility and is needed only in unit testing. + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> + +--- + src/lib/log/logger_unittest_support.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/lib/log/logger_unittest_support.cc b/src/lib/log/logger_unittest_support.cc +index fc01c6e..f46d17e 100644 +--- a/src/lib/log/logger_unittest_support.cc ++++ b/src/lib/log/logger_unittest_support.cc +@@ -84,7 +84,7 @@ void initLogger(isc::log::Severity severity, int dbglevel) { + const char* localfile = getenv("KEA_LOGGER_LOCALMSG"); + + // Set a directory for creating lockfiles when running tests +- setenv("KEA_LOCKFILE_DIR", TOP_BUILDDIR, 0); ++ //setenv("KEA_LOCKFILE_DIR", TOP_BUILDDIR, 0); + + // Initialize logging + initLogger(root, severity, dbglevel, localfile); diff --git a/meta/recipes-connectivity/kea/files/0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch b/meta/recipes-connectivity/kea/files/0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch new file mode 100644 index 0000000000..a24a25f1c9 --- /dev/null +++ b/meta/recipes-connectivity/kea/files/0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch @@ -0,0 +1,36 @@ +From b5f6cc6b3a2b2c35c9b9bb856861c502771079cc Mon Sep 17 00:00:00 2001 +From: Dimitry Andric <dimitry@unified-streaming.com> +Date: Wed, 28 Aug 2024 22:32:44 +0200 +Subject: [PATCH 2/2] Fix unittests: * Typo in `Name::Name`: append to + `ndata_`, not `ndata` * In `Name::split`, use the correct iterators for + assigning + +Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2410] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/lib/dns/name.cc | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/lib/dns/name.cc b/src/lib/dns/name.cc +index 085229b..47d9b8f 100644 +--- a/src/lib/dns/name.cc ++++ b/src/lib/dns/name.cc +@@ -347,7 +347,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin, + // Drop the last character of the data (the \0) and append a copy of + // the origin's data + ndata_.erase(ndata_.end() - 1); +- ndata_.insert(ndata.end(), origin->ndata_.begin(), origin->ndata_.end()); ++ ndata_.insert(ndata_.end(), origin->ndata_.begin(), origin->ndata_.end()); + + // Do a similar thing with offsets. However, we need to move them + // so they point after the prefix we parsed before. +@@ -662,7 +662,8 @@ Name::split(const unsigned int first, const unsigned int n) const { + // original name, and append the trailing dot explicitly. + // + retname.ndata_.reserve(retname.offsets_.back() + 1); +- retname.ndata_.assign(ndata_.data() + offsets_[first], ndata_.data() + retname.offsets_.back()); ++ auto it = ndata_.data() + offsets_[first]; ++ retname.ndata_.assign(it, it + retname.offsets_.back()); + retname.ndata_.push_back(0); + + retname.length_ = retname.ndata_.size(); diff --git a/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch b/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch new file mode 100644 index 0000000000..5b135b3aee --- /dev/null +++ b/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch @@ -0,0 +1,58 @@ +From 06ebd1b2ced426c420ed162980eca194f9f918ae Mon Sep 17 00:00:00 2001 +From: Kai Kang <kai.kang@windriver.com> +Date: Tue, 22 Sep 2020 15:02:33 +0800 +Subject: [PATCH] There are conflict of config files between kea and lib32-kea: + +| Error: Transaction test error: +| file /etc/kea/kea-ctrl-agent.conf conflicts between attempted installs of + lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64 +| file /etc/kea/kea-dhcp4.conf conflicts between attempted installs of + lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64 + +Because they are all commented out, replace the expanded libdir path with +'$libdir' in the config files to avoid conflict. + +Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/issues/2602] +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +--- + src/bin/keactrl/kea-ctrl-agent.conf.pre | 3 ++- + src/bin/keactrl/kea-dhcp4.conf.pre | 4 ++-- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/bin/keactrl/kea-ctrl-agent.conf.pre b/src/bin/keactrl/kea-ctrl-agent.conf.pre +index e6ae8b8..50a3092 100644 +--- a/src/bin/keactrl/kea-ctrl-agent.conf.pre ++++ b/src/bin/keactrl/kea-ctrl-agent.conf.pre +@@ -51,7 +51,8 @@ + // Agent will fail to start. + "hooks-libraries": [ + // { +-// "library": "@libdir@/kea/hooks/control-agent-commands.so", ++// // Replace $libdir with real library path /usr/lib or /usr/lib64 ++// "library": "$libdir/kea/hooks/control-agent-commands.so", + // "parameters": { + // "param1": "foo" + // } +diff --git a/src/bin/keactrl/kea-dhcp4.conf.pre b/src/bin/keactrl/kea-dhcp4.conf.pre +index 6edb8a1..b2a7385 100644 +--- a/src/bin/keactrl/kea-dhcp4.conf.pre ++++ b/src/bin/keactrl/kea-dhcp4.conf.pre +@@ -255,7 +255,7 @@ + // // of all devices serviced by Kea, including their identifiers + // // (like MAC address), their location in the network, times + // // when they were active etc. +- // "library": "@libdir@/kea/hooks/libdhcp_legal_log.so", ++ // "library": "$libdir/kea/hooks/libdhcp_legal_log.so", + // "parameters": { + // "path": "/var/lib/kea", + // "base-name": "kea-forensic4" +@@ -272,7 +272,7 @@ + // // of specific options or perhaps even a combination of several + // // options and fields to uniquely identify a client. Those scenarios + // // are addressed by the Flexible Identifiers hook application. +- // "library": "@libdir@/kea/hooks/libdhcp_flex_id.so", ++ // "library": "$libdir/kea/hooks/libdhcp_flex_id.so", + // "parameters": { + // "identifier-expression": "relay4[2].hex" + // } diff --git a/meta/recipes-connectivity/kea/files/fix_pid_keactrl.patch b/meta/recipes-connectivity/kea/files/fix_pid_keactrl.patch new file mode 100644 index 0000000000..2f5a217d3f --- /dev/null +++ b/meta/recipes-connectivity/kea/files/fix_pid_keactrl.patch @@ -0,0 +1,35 @@ +From f5125725e4e2e250ccc78a17a8b77431100e7c15 Mon Sep 17 00:00:00 2001 +From: Armin kuster <akuster808@gmail.com> +Date: Wed, 14 Oct 2020 22:48:31 -0700 +Subject: [PATCH] Busybox does not support ps -p so use pgrep + +Upstream-Status: Inappropriate [embedded specific] +Based on changes from Diego Sueiro <Diego.Sueiro@arm.com> + +Signed-off-by: Armin kuster <akuster808@gmail.com> + +Refresh to apply on top of 2.6.1. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + src/bin/keactrl/keactrl.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/bin/keactrl/keactrl.in b/src/bin/keactrl/keactrl.in +index cccfdac303..20ae2e6ec5 100644 +--- a/src/bin/keactrl/keactrl.in ++++ b/src/bin/keactrl/keactrl.in +@@ -146,8 +146,8 @@ check_running() { + # Get the PID from the PID file (if it exists) + get_pid_from_file "${proc_name}" + if [ ${_pid} -gt 0 ]; then +- # Use ps to check if PID is alive +- if ps -p ${_pid} 1>/dev/null; then ++ # Use pgrep and grep to check if PID is alive ++ if pgrep -v 1 | grep ${_pid} 1>/dev/null; then + # No error, so PID IS ALIVE + _running=1 + fi +-- +2.39.2 + diff --git a/meta/recipes-connectivity/kea/files/kea-dhcp-ddns-server b/meta/recipes-connectivity/kea/files/kea-dhcp-ddns-server new file mode 100644 index 0000000000..50fe40d439 --- /dev/null +++ b/meta/recipes-connectivity/kea/files/kea-dhcp-ddns-server @@ -0,0 +1,46 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: kea-dhcp-ddns-server +# Required-Start: $local_fs $network $remote_fs $syslog +# Required-Stop: $local_fs $network $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: ISC KEA DHCP IPv6 Server +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="kea-dhcp-ddns-server" +NAME=kea-dhcp-ddns +DAEMON=/usr/sbin/keactrl +DAEMON_ARGS=" -s dhcp_ddns" + +set -e + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Source function library. +. /etc/init.d/functions + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon -S -b -n $NAME -x $DAEMON -- start $DAEMON_ARGS + echo "done." + ;; + stop) + echo -n "Stopping $DESC: " + kpid=`pidof $NAME` + kill $kpid + echo "done." + ;; + restart|force-reload) + # + $0 stop + $0 start + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2 + exit 1 + ;; +esac diff --git a/meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service b/meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service new file mode 100644 index 0000000000..f6059d73cb --- /dev/null +++ b/meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service @@ -0,0 +1,12 @@ +[Unit] +Description=Kea DHCP-DDNS Server +Wants=network-online.target +After=network-online.target +After=time-sync.target + +[Service] +ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/ +ExecStart=@SBINDIR@/kea-dhcp-ddns -c @SYSCONFDIR@/kea/kea-dhcp-ddns.conf + +[Install] +WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/kea/files/kea-dhcp4-server b/meta/recipes-connectivity/kea/files/kea-dhcp4-server new file mode 100644 index 0000000000..e83e51025d --- /dev/null +++ b/meta/recipes-connectivity/kea/files/kea-dhcp4-server @@ -0,0 +1,46 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: kea-dhcp4-server +# Required-Start: $local_fs $network $remote_fs $syslog +# Required-Stop: $local_fs $network $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: ISC KEA DHCP IPv6 Server +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="kea-dhcp4-server" +NAME=kea-dhcp4 +DAEMON=/usr/sbin/keactrl +DAEMON_ARGS=" -s dhcp4" + +set -e + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Source function library. +. /etc/init.d/functions + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon -S -b -n $NAME -x $DAEMON -- start $DAEMON_ARGS + echo "done." + ;; + stop) + echo -n "Stopping $DESC: " + kpid=`pidof $NAME` + kill $kpid + echo "done." + ;; + restart|force-reload) + # + $0 stop + $0 start + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2 + exit 1 + ;; +esac diff --git a/meta/recipes-connectivity/kea/files/kea-dhcp4.service b/meta/recipes-connectivity/kea/files/kea-dhcp4.service new file mode 100644 index 0000000000..b851ea71c5 --- /dev/null +++ b/meta/recipes-connectivity/kea/files/kea-dhcp4.service @@ -0,0 +1,13 @@ +[Unit] +Description=Kea DHCPv4 Server +Wants=network-online.target +After=network-online.target +After=time-sync.target + +[Service] +ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/ +ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/lib/kea +ExecStart=@SBINDIR@/kea-dhcp4 -c @SYSCONFDIR@/kea/kea-dhcp4.conf + +[Install] +WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/kea/files/kea-dhcp6-server b/meta/recipes-connectivity/kea/files/kea-dhcp6-server new file mode 100644 index 0000000000..10f2d22641 --- /dev/null +++ b/meta/recipes-connectivity/kea/files/kea-dhcp6-server @@ -0,0 +1,47 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: kea-dhcp6-server +# Required-Start: $local_fs $network $remote_fs $syslog +# Required-Stop: $local_fs $network $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: ISC KEA DHCP IPv6 Server +### END INIT INFO + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="kea-dhcp6-server" +NAME=kea-dhcp6 +DAEMON=/usr/sbin/keactrl +DAEMON_ARGS=" -s dhcp6" + +set -e + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Source function library. +. /etc/init.d/functions + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon -S -b -n $NAME -x $DAEMON -- start $DAEMON_ARGS + echo "done." + ;; + stop) + echo -n "Stopping $DESC: " + kpid=`pidof $NAME` + kill $kpid + echo "done." + ;; + restart|force-reload) + # + $0 stop + $0 start + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2 + exit 1 + ;; +esac diff --git a/meta/recipes-connectivity/kea/files/kea-dhcp6.service b/meta/recipes-connectivity/kea/files/kea-dhcp6.service new file mode 100644 index 0000000000..0f9f0ef8d9 --- /dev/null +++ b/meta/recipes-connectivity/kea/files/kea-dhcp6.service @@ -0,0 +1,13 @@ +[Unit] +Description=Kea DHCPv6 Server +Wants=network-online.target +After=network-online.target +After=time-sync.target + +[Service] +ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/ +ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/lib/kea +ExecStart=@SBINDIR@/kea-dhcp6 -c @SYSCONFDIR@/kea/kea-dhcp6.conf + +[Install] +WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/kea/kea_2.6.1.bb b/meta/recipes-connectivity/kea/kea_2.6.1.bb new file mode 100644 index 0000000000..4f8c4124cb --- /dev/null +++ b/meta/recipes-connectivity/kea/kea_2.6.1.bb @@ -0,0 +1,81 @@ +SUMMARY = "ISC Kea DHCP Server" +DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It supports both DHCPv4 and DHCPv6 protocols along with their extensions, e.g. prefix delegation and dynamic updates to DNS." +HOMEPAGE = "http://kea.isc.org" +SECTION = "connectivity" +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=618093ea9de92c70a115268c1d53421f" + +DEPENDS = "boost log4cplus openssl" + +SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \ + file://kea-dhcp4.service \ + file://kea-dhcp6.service \ + file://kea-dhcp-ddns.service \ + file://kea-dhcp4-server \ + file://kea-dhcp6-server \ + file://kea-dhcp-ddns-server \ + file://fix-multilib-conflict.patch \ + file://fix_pid_keactrl.patch \ + file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \ + file://0001-Replace-Name-NameString-with-vector-of-uint8_t.patch \ + file://0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch \ + " +SRC_URI[sha256sum] = "d2ce14a91c2e248ad2876e29152d647bcc5e433bc68dafad0ee96ec166fcfad1" + +inherit autotools systemd update-rc.d upstream-version-is-even + +INITSCRIPT_NAME = "kea-dhcp4-server" +INITSCRIPT_PARAMS = "defaults 30" + +SYSTEMD_SERVICE:${PN} = "kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service" +SYSTEMD_AUTO_ENABLE = "disable" + +DEBUG_OPTIMIZATION:remove:mips = " -Og" +DEBUG_OPTIMIZATION:append:mips = " -O" +BUILD_OPTIMIZATION:remove:mips = " -Og" +BUILD_OPTIMIZATION:append:mips = " -O" + +DEBUG_OPTIMIZATION:remove:mipsel = " -Og" +DEBUG_OPTIMIZATION:append:mipsel = " -O" +BUILD_OPTIMIZATION:remove:mipsel = " -Og" +BUILD_OPTIMIZATION:append:mipsel = " -O" + +CXXFLAGS:remove = "-fvisibility-inlines-hidden" +EXTRA_OECONF = "--with-boost-libs=-lboost_system \ + --with-log4cplus=${STAGING_DIR_TARGET}${prefix} \ + --with-openssl=${STAGING_DIR_TARGET}${prefix}" + +do_configure:prepend() { + # replace abs_top_builddir to avoid introducing the build path + # don't expand the abs_top_builddir on the target as the abs_top_builddir is meanlingless on the target + find ${S} -type f -name *.sh.in | xargs sed -i "s:@abs_top_builddir@:@abs_top_builddir_placeholder@:g" + sed -i "s:@abs_top_builddir@:@abs_top_builddir_placeholder@:g" ${S}/src/bin/admin/kea-admin.in +} + +# patch out build host paths for reproducibility +do_compile:prepend:class-target() { + sed -i -e "s,${WORKDIR},,g" ${B}/config.report +} + +do_install:append() { + install -d ${D}${sysconfdir}/init.d + install -d ${D}${systemd_system_unitdir} + + install -m 0644 ${UNPACKDIR}/kea-dhcp*service ${D}${systemd_system_unitdir} + install -m 0755 ${UNPACKDIR}/kea-*-server ${D}${sysconfdir}/init.d + sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@LOCALSTATEDIR@,${localstatedir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' \ + ${D}${systemd_system_unitdir}/kea-dhcp*service ${D}${sbindir}/keactrl + sed -i "s:${B}/../${BPN}-${PV}:@abs_top_builddir_placeholder@:g" ${D}${sbindir}/kea-admin +} + +do_install:append() { + rm -rf "${D}${localstatedir}" +} + +CONFFILES:${PN} = "${sysconfdir}/kea/keactrl.conf" + +FILES:${PN}-staticdev += "${libdir}/kea/hooks/*.a ${libdir}/hooks/*.a" +FILES:${PN} += "${libdir}/hooks/*.so" + +PARALLEL_MAKEINST = "" diff --git a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb deleted file mode 100644 index 953505971a..0000000000 --- a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb +++ /dev/null @@ -1,46 +0,0 @@ -SUMMARY = "Name Service Switch module for Multicast DNS (zeroconf) name resolution" -HOMEPAGE = "http://0pointer.de/lennart/projects/nss-mdns/" -SECTION = "libs" - -LICENSE = "LGPLv2.1+" -LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1" - -DEPENDS = "avahi" -PR = "r7" - -SRC_URI = "http://0pointer.de/lennart/projects/nss-mdns/nss-mdns-${PV}.tar.gz \ - " - -SRC_URI[md5sum] = "03938f17646efbb50aa70ba5f99f51d7" -SRC_URI[sha256sum] = "1e683c2e7c3921814706d62fbbd3e9cbf493a75fa00255e0e715508d8134fa6d" - -S = "${WORKDIR}/nss-mdns-${PV}" - -localstatedir = "/" - -inherit autotools - -COMPATIBLE_HOST_libc-musl = 'null' - -EXTRA_OECONF = "--libdir=${base_libdir} --disable-lynx --enable-avahi" - -# suppress warning, but don't bother with autonamer -LEAD_SONAME = "libnss_mdns.so" -DEBIANNAME_${PN} = "libnss-mdns" - -RDEPENDS_${PN} = "avahi-daemon" - -pkg_postinst_${PN} () { - sed ' - /^hosts:/ !b - /\<mdns\(4\|6\)\?\(_minimal\)\?\>/ b - s/\([[:blank:]]\+\)dns\>/\1mdns4_minimal [NOTFOUND=return] dns/g - ' -i $D${sysconfdir}/nsswitch.conf -} - -pkg_prerm_${PN} () { - sed ' - /^hosts:/ !b - s/[[:blank:]]\+mdns\(4\|6\)\?\(_minimal\( \[NOTFOUND=return\]\)\?\)\?//g - ' -i $D${sysconfdir}/nsswitch.conf -} diff --git a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.15.1.bb b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.15.1.bb new file mode 100644 index 0000000000..0db609fc47 --- /dev/null +++ b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.15.1.bb @@ -0,0 +1,39 @@ +SUMMARY = "Name Service Switch module for Multicast DNS (zeroconf) name resolution" +HOMEPAGE = "https://github.com/lathiat/nss-mdns" +DESCRIPTION = "nss-mdns is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing host name resolution via Multicast DNS (aka Zeroconf, aka Apple Rendezvous, aka Apple Bonjour), effectively allowing name resolution by common Unix/Linux programs in the ad-hoc mDNS domain .local." +SECTION = "libs" + +LICENSE = "LGPL-2.1-or-later" +LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1" + +DEPENDS = "avahi" + +SRC_URI = "git://github.com/lathiat/nss-mdns;branch=master;protocol=https \ + " + +SRCREV = "4b3cfe818bf72d99a02b8ca8b8813cb2d6b40633" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig + +COMPATIBLE_HOST:libc-musl = 'null' + +EXTRA_OECONF = "--libdir=${base_libdir}" + +RDEPENDS:${PN} = "avahi-daemon" + +pkg_postinst:${PN} () { + sed ' + /^hosts:/ !b + /\<mdns\(4\|6\)\?\(_minimal\)\?\>/ b + s/\([[:blank:]]\+\)dns\>/\1mdns4_minimal [NOTFOUND=return] dns/g + ' -i $D${sysconfdir}/nsswitch.conf +} + +pkg_prerm:${PN} () { + sed ' + /^hosts:/ !b + s/[[:blank:]]\+mdns\(4\|6\)\?\(_minimal\( \[NOTFOUND=return\]\)\?\)\?//g + ' -i $D${sysconfdir}/nsswitch.conf +} diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.9.1.bb b/meta/recipes-connectivity/libpcap/libpcap_1.10.5.bb index 35bb5650b3..7ad52acd06 100644 --- a/meta/recipes-connectivity/libpcap/libpcap_1.9.1.bb +++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.5.bb @@ -10,10 +10,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \ file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2" DEPENDS = "flex-native bison-native" -SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \ - " -SRC_URI[md5sum] = "21af603d9a591c7d96a6457021d84e6c" -SRC_URI[sha256sum] = "635237637c5b619bcceba91900666b64d56ecb7be63f298f601ec786ce087094" +SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.xz" +SRC_URI[sha256sum] = "84fa89ac6d303028c1c5b754abff77224f45eca0a94eb1a34ff0aa9ceece3925" inherit autotools binconfig-disabled pkgconfig @@ -21,10 +19,11 @@ BINCONFIG = "${bindir}/pcap-config" # Explicitly disable dag support. We don't have recipe for it and if enabled here, # configure script poisons the include dirs with /usr/local/include even when the -# support hasn't been detected. +# support hasn't been detected. Do the same thing for DPDK. EXTRA_OECONF = " \ --with-pcap=linux \ --without-dag \ + --without-dpdk \ " EXTRA_AUTORECONF += "--exclude=aclocal" @@ -36,9 +35,9 @@ PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," PACKAGECONFIG[libnl] = "--with-libnl,--without-libnl,libnl" -do_configure_prepend () { +do_configure:prepend () { #remove hardcoded references to /usr/include sed 's|\([ "^'\''I]\+\)/usr/include/|\1${STAGING_INCDIR}/|g' -i ${S}/configure.ac } -BBCLASSEXTEND = "native" +BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-connectivity/libuv/libuv_1.48.0.bb b/meta/recipes-connectivity/libuv/libuv_1.48.0.bb new file mode 100644 index 0000000000..87a2c22a7c --- /dev/null +++ b/meta/recipes-connectivity/libuv/libuv_1.48.0.bb @@ -0,0 +1,22 @@ +SUMMARY = "A multi-platform support library with a focus on asynchronous I/O" +HOMEPAGE = "https://github.com/libuv/libuv" +DESCRIPTION = "libuv is a multi-platform support library with a focus on asynchronous I/O. It was primarily developed for use by Node.js, but it's also used by Luvit, Julia, pyuv, and others." +BUGTRACKER = "https://github.com/libuv/libuv/issues" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://LICENSE;md5=74b6f2f7818a4e3a80d03556f71b129b \ + file://LICENSE-extra;md5=f9307417749e19bd1d6d68a394b49324" + +SRCREV = "e9f29cb984231524e3931aa0ae2c5dae1a32884e" +SRC_URI = "git://github.com/libuv/libuv.git;branch=v1.x;protocol=https" +UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)" + +S = "${WORKDIR}/git" + +inherit autotools + +do_configure() { + ${S}/autogen.sh || bbnote "${PN} failed to autogen.sh" + oe_runconf +} + +BBCLASSEXTEND = "native" diff --git a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index 0b0bbab168..06ded45934 100644 --- a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -1,15 +1,17 @@ SUMMARY = "Mobile Broadband Service Provider Database" HOMEPAGE = "http://live.gnome.org/NetworkManager/MobileBroadband/ServiceProviders" +DESCRIPTION = "Mobile Broadband Service Provider Database stores service provider specific information. When this Database is available the information can be fetched there" SECTION = "network" LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" -SRCREV = "22b49d86fb7aded2c195a9d49e5924da696b3228" -PV = "20190618" + +SRCREV = "55ba955d53305df96123534488fd160ea882b4dd" +PV = "20240407" PE = "1" -SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https" +SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main" S = "${WORKDIR}/git" -inherit autotools +inherit meson DEPENDS += "libxslt-native" diff --git a/meta/recipes-connectivity/neard/neard_0.16.bb b/meta/recipes-connectivity/neard/neard_0.19.bb index 7c124a3c0b..94df1ac3d6 100644 --- a/meta/recipes-connectivity/neard/neard_0.16.bb +++ b/meta/recipes-connectivity/neard/neard_0.19.bb @@ -1,45 +1,46 @@ SUMMARY = "Linux NFC daemon" DESCRIPTION = "A daemon for the Linux Near Field Communication stack" HOMEPAGE = "http://01.org/linux-nfc" -LICENSE = "GPLv2" +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ + file://src/near.h;beginline=1;endline=20;md5=358e4deefef251a4761e1ffacc965d13 \ + " -DEPENDS = "dbus glib-2.0 libnl" +DEPENDS = "dbus glib-2.0 libnl autoconf-archive-native" -SRC_URI = "${KERNELORG_MIRROR}/linux/network/nfc/${BP}.tar.xz \ +SRC_URI = "git://git.kernel.org/pub/scm/network/nfc/neard.git;protocol=https;branch=master \ file://neard.in \ file://Makefile.am-fix-parallel-issue.patch \ file://Makefile.am-do-not-ship-version.h.patch \ file://0001-Add-header-dependency-to-nciattach.o.patch \ " -SRC_URI[md5sum] = "5c691fb7872856dc0d909c298bc8cb41" -SRC_URI[sha256sum] = "eae3b11c541a988ec11ca94b7deab01080cd5b58cfef3ced6ceac9b6e6e65b36" -LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ - file://src/near.h;beginline=1;endline=20;md5=358e4deefef251a4761e1ffacc965d13 \ - " +SRCREV = "a1dc8a75cba999728e154a0f811ab9dd50c809f7" + +S = "${WORKDIR}/git" inherit autotools pkgconfig systemd update-rc.d PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" -PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_unitdir}/system/ --with-systemduserunitdir=${systemd_unitdir}/user/,--disable-systemd" +PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir}/ --with-systemduserunitdir=${systemd_unitdir}/user/,--disable-systemd" EXTRA_OECONF += "--enable-tools" # This would copy neard start-stop shell and test scripts -do_install_append() { +do_install:append() { if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then install -d ${D}${sysconfdir}/init.d/ - sed "s:@installpath@:${libexecdir}/nfc:" ${WORKDIR}/neard.in \ + sed "s:@installpath@:${libexecdir}/nfc:" ${UNPACKDIR}/neard.in \ > ${D}${sysconfdir}/init.d/neard chmod 0755 ${D}${sysconfdir}/init.d/neard fi } -RDEPENDS_${PN} = "dbus" +RDEPENDS:${PN} = "dbus" # Bluez & Wifi are not mandatory except for handover -RRECOMMENDS_${PN} = "\ +RRECOMMENDS:${PN} = "\ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez5', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'wifi','wpa-supplicant', '', d)} \ " @@ -47,4 +48,4 @@ RRECOMMENDS_${PN} = "\ INITSCRIPT_NAME = "neard" INITSCRIPT_PARAMS = "defaults 64" -SYSTEMD_SERVICE_${PN} = "neard.service" +SYSTEMD_SERVICE:${PN} = "neard.service" diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Don-t-build-tools-with-CC_FOR_BUILD.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Don-t-build-tools-with-CC_FOR_BUILD.patch deleted file mode 100644 index 23bc3eaf72..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Don-t-build-tools-with-CC_FOR_BUILD.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 79019d976584c598f8d0a9d8de43c989946f974b Mon Sep 17 00:00:00 2001 -From: Pascal Bach <pascal.bach@siemens.com> -Date: Wed, 13 Feb 2019 09:28:07 +0100 -Subject: [PATCH] Don't build tools with CC_FOR_BUILD - -The tools are intended for the target not for the host. - -Upstream-Status: Pending - -Signed-off-by: Pascal Bach <pascal.bach@siemens.com> ---- - tools/locktest/Makefile.am | 1 - - tools/rpcgen/Makefile.am | 1 - - 2 files changed, 2 deletions(-) - -diff --git a/tools/locktest/Makefile.am b/tools/locktest/Makefile.am -index 3156815..87d0bac 100644 ---- a/tools/locktest/Makefile.am -+++ b/tools/locktest/Makefile.am -@@ -1,6 +1,5 @@ - ## Process this file with automake to produce Makefile.in - --CC=$(CC_FOR_BUILD) - LIBTOOL = @LIBTOOL@ --tag=CC - - noinst_PROGRAMS = testlk -diff --git a/tools/rpcgen/Makefile.am b/tools/rpcgen/Makefile.am -index 8a9ec89..3e092c9 100644 ---- a/tools/rpcgen/Makefile.am -+++ b/tools/rpcgen/Makefile.am -@@ -1,6 +1,5 @@ - ## Process this file with automake to produce Makefile.in - --CC=$(CC_FOR_BUILD) - LIBTOOL = @LIBTOOL@ --tag=CC - - noinst_PROGRAMS = rpcgen --- -2.11.0 - diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Fix-include-order-between-config.h-and-stat.h.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Fix-include-order-between-config.h-and-stat.h.patch deleted file mode 100644 index 7b0f93535f..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Fix-include-order-between-config.h-and-stat.h.patch +++ /dev/null @@ -1,156 +0,0 @@ -From 2fbc62e2a13fc22b6ae4910e295a2c10fb790486 Mon Sep 17 00:00:00 2001 -From: Zoltan Karcagi <zkr7432@gmail.com> -Date: Mon, 12 Aug 2019 13:27:16 -0400 -Subject: [PATCH] Fix include order between config.h and stat.h - -At least on Arch linux ARM, the definition of struct stat in stat.h depends -on __USE_FILE_OFFSET64. This symbol comes from config.h when defined, -therefore config.h must always be included before stat.h. Fix all -occurrences where the order is wrong by moving config.h to the top. - -This fixes the client side error "Stale file handle" when mounting from -a server running Arch Linux ARM. - -Signed-off-by: Zoltan Karcagi <zkr7432@gmail.com> -Signed-off-by: Steve Dickson <steved@redhat.com> - -Upstream-Status: Backport -[http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commit;h=2fbc62e2a13fc22b6ae4910e295a2c10fb790486] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - support/misc/nfsd_path.c | 5 ++++- - support/misc/xstat.c | 5 ++++- - support/nfs/conffile.c | 8 +++++++- - utils/blkmapd/device-discovery.c | 8 ++++---- - utils/idmapd/idmapd.c | 8 ++++---- - 5 files changed, 23 insertions(+), 11 deletions(-) - -diff --git a/support/misc/nfsd_path.c b/support/misc/nfsd_path.c -index 84e4802..f078a66 100644 ---- a/support/misc/nfsd_path.c -+++ b/support/misc/nfsd_path.c -@@ -1,3 +1,7 @@ -+#ifdef HAVE_CONFIG_H -+#include <config.h> -+#endif -+ - #include <errno.h> - #include <sys/types.h> - #include <sys/stat.h> -@@ -5,7 +9,6 @@ - #include <stdlib.h> - #include <unistd.h> - --#include "config.h" - #include "conffile.h" - #include "xmalloc.h" - #include "xlog.h" -diff --git a/support/misc/xstat.c b/support/misc/xstat.c -index fa04788..4c997ee 100644 ---- a/support/misc/xstat.c -+++ b/support/misc/xstat.c -@@ -1,3 +1,7 @@ -+#ifdef HAVE_CONFIG_H -+#include <config.h> -+#endif -+ - #include <errno.h> - #include <sys/types.h> - #include <fcntl.h> -@@ -5,7 +9,6 @@ - #include <sys/sysmacros.h> - #include <unistd.h> - --#include "config.h" - #include "xstat.h" - - #ifdef HAVE_FSTATAT -diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c -index b6400be..6ba8a35 100644 ---- a/support/nfs/conffile.c -+++ b/support/nfs/conffile.c -@@ -500,7 +500,7 @@ conf_readfile(const char *path) - - if ((stat (path, &sb) == 0) || (errno != ENOENT)) { - char *new_conf_addr = NULL; -- size_t sz = sb.st_size; -+ off_t sz; - int fd = open (path, O_RDONLY, 0); - - if (fd == -1) { -@@ -517,6 +517,11 @@ conf_readfile(const char *path) - - /* only after we have the lock, check the file size ready to read it */ - sz = lseek(fd, 0, SEEK_END); -+ if (sz < 0) { -+ xlog_warn("conf_readfile: unable to determine file size: %s", -+ strerror(errno)); -+ goto fail; -+ } - lseek(fd, 0, SEEK_SET); - - new_conf_addr = malloc(sz+1); -@@ -2162,6 +2167,7 @@ conf_write(const char *filename, const char *section, const char *arg, - ret = 0; - - cleanup: -+ flush_outqueue(&inqueue, NULL); - flush_outqueue(&outqueue, NULL); - - if (buff) -diff --git a/utils/blkmapd/device-discovery.c b/utils/blkmapd/device-discovery.c -index e811703..f5f9b10 100644 ---- a/utils/blkmapd/device-discovery.c -+++ b/utils/blkmapd/device-discovery.c -@@ -26,6 +26,10 @@ - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif /* HAVE_CONFIG_H */ -+ - #include <sys/sysmacros.h> - #include <sys/types.h> - #include <sys/stat.h> -@@ -51,10 +55,6 @@ - #include <errno.h> - #include <libdevmapper.h> - --#ifdef HAVE_CONFIG_H --#include "config.h" --#endif /* HAVE_CONFIG_H */ -- - #include "device-discovery.h" - #include "xcommon.h" - #include "nfslib.h" -diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c -index 62e37b8..267acea 100644 ---- a/utils/idmapd/idmapd.c -+++ b/utils/idmapd/idmapd.c -@@ -34,6 +34,10 @@ - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif /* HAVE_CONFIG_H */ -+ - #include <sys/types.h> - #include <sys/time.h> - #include <sys/inotify.h> -@@ -62,10 +66,6 @@ - #include <libgen.h> - #include <nfsidmap.h> - --#ifdef HAVE_CONFIG_H --#include "config.h" --#endif /* HAVE_CONFIG_H */ -- - #include "xlog.h" - #include "conffile.h" - #include "queue.h" --- -2.7.4 - diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch index fcb0e99b33..7603eb680d 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch @@ -19,7 +19,7 @@ As there is already one source file named file.c as support/nsm/file.c in support/nsm/Makefile.am, so rename ../support/misc/file.c to ../support/misc/misc.c. -Upstream-Status: Submitted[https://marc.info/?l=linux-nfs&m=154502780423058&w=2] +Upstream-Status: Submitted [https://marc.info/?l=linux-nfs&m=154502780423058&w=2] Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> @@ -28,10 +28,10 @@ Rebase it. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> --- support/misc/Makefile.am | 2 +- - support/misc/file.c | 111 --------------------------------------------------------------------------------------------------------------- + support/misc/file.c | 115 --------------------------------------------------------------------------------------------------------------- support/misc/misc.c | 111 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ support/nsm/Makefile.am | 2 +- - 4 files changed, 113 insertions(+), 113 deletions(-) + 4 files changed, 113 insertions(+), 117 deletions(-) diff --git a/support/misc/Makefile.am b/support/misc/Makefile.am index f9993e3..8b0e9db 100644 @@ -48,10 +48,10 @@ index f9993e3..8b0e9db 100644 MAINTAINERCLEANFILES = Makefile.in diff --git a/support/misc/file.c b/support/misc/file.c deleted file mode 100644 -index e7c3819..0000000 +index 06f6bb2..0000000 --- a/support/misc/file.c +++ /dev/null -@@ -1,111 +0,0 @@ +@@ -1,115 +0,0 @@ -/* - * Copyright 2009 Oracle. All rights reserved. - * Copyright 2017 Red Hat, Inc. All rights reserved. @@ -72,6 +72,10 @@ index e7c3819..0000000 - * along with nfs-utils. If not, see <http://www.gnu.org/licenses/>. - */ - +-#ifdef HAVE_CONFIG_H +-#include <config.h> +-#endif +- -#include <sys/stat.h> - -#include <string.h> diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-cacheio-use-intmax_t-for-formatted-IO.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-cacheio-use-intmax_t-for-formatted-IO.patch deleted file mode 100644 index bafff5b9c0..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-cacheio-use-intmax_t-for-formatted-IO.patch +++ /dev/null @@ -1,38 +0,0 @@ -From ac32b813f5d6f9a2de944015cf9bb98d68e0203a Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sat, 1 Dec 2018 10:02:12 -0800 -Subject: [PATCH] cacheio: use intmax_t for formatted IO - -time_t is not same size on x32 ABI (ILP32) - -Upstream-Status: Pending - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - support/nfs/cacheio.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/support/nfs/cacheio.c b/support/nfs/cacheio.c -index 9dc4cf1..2086a95 100644 ---- a/support/nfs/cacheio.c -+++ b/support/nfs/cacheio.c -@@ -17,6 +17,7 @@ - - #include <nfslib.h> - #include <stdio.h> -+#include <inttypes.h> - #include <stdio_ext.h> - #include <string.h> - #include <ctype.h> -@@ -234,7 +235,7 @@ cache_flush(int force) - stb.st_mtime > now) - stb.st_mtime = time(0); - -- sprintf(stime, "%ld\n", stb.st_mtime); -+ sprintf(stime, "%jd\n", (intmax_t)stb.st_mtime); - for (c=0; cachelist[c]; c++) { - int fd; - sprintf(path, "/proc/net/rpc/%s/flush", cachelist[c]); --- -2.19.2 - diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch deleted file mode 100644 index d14f0789ff..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 66471fbf7106917da7a1536b18a0a77d07479779 Mon Sep 17 00:00:00 2001 -From: Mingli Yu <Mingli.Yu@windriver.com> -Date: Mon, 17 Dec 2018 15:29:47 +0800 -Subject: [PATCH] configure.ac: Do not fatalize -Wmissing-prototypes - -There comes below error when run "make -C tests/nsm_client nsm_client" -| nlm_sm_inter_svc.c:20:1: error: no previous prototype for 'nlm_sm_prog_3' [-Werror=missing-prototypes] - -It is because rpcgen doesn't generate -Wmissing-prototypes -free code for nlm_sm_inter_svc.c with below logic -in tests/nsm_client/Makefile.am -[snip] -GENFILES_SVC = nlm_sm_inter_svc.c -[snip] -$(GENFILES_SVC): %_svc.c: %.x $(RPCGEN) - test -f $@ && rm -rf $@ || true - $(RPCGEN) -m -o $@ $< - -So add the logic not to fatalize -Wmissing-prototypes. - -Upstream-Status: Submitted[https://marc.info/?l=linux-nfs&m=154503260323936&w=2] - -Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 50002b4..aebff01 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -582,7 +582,7 @@ my_am_cflags="\ - -Wall \ - -Wextra \ - $rpcgen_cflags \ -- -Werror=missing-prototypes \ -+ -Wmissing-prototypes \ - -Werror=missing-declarations \ - -Werror=format=2 \ - -Werror=undef \ diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-locktest-Makefile.am-Do-not-use-build-flags.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-locktest-Makefile.am-Do-not-use-build-flags.patch new file mode 100644 index 0000000000..351407ddcd --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-locktest-Makefile.am-Do-not-use-build-flags.patch @@ -0,0 +1,36 @@ +From 9efa7a0d37665d9bb0f46d2407883a5ab42c2b84 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 24 Jul 2023 20:39:16 -0700 +Subject: [PATCH] locktest: Makefile.am: Do not use build flags + +Using CFLAGS_FOR_BUILD etc. here means it is using wrong flags +when thse flags are speficied different than target flags which +is common when cross-building. It can pass wrong paths to linker +and it would find incompatible libraries during link since they +are from host system and target maybe not same as build host. + +Fixes subtle errors like +| aarch64-yoe-linux-ld.lld: error: /mnt/b/yoe/master/build/tmp/work/cortexa72-cortexa53-crypto-yoe-linux/nfs-utils/2.6.3-r0/recipe-sysroot-native/usr/lib/libsqlite3.so is incompatible with elf64-littleaarch64 + +Upstream-Status: Submitted [https://marc.info/?l=linux-nfs&m=169025681008001&w=2] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + tools/locktest/Makefile.am | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/tools/locktest/Makefile.am b/tools/locktest/Makefile.am +index e8914655..2fd36971 100644 +--- a/tools/locktest/Makefile.am ++++ b/tools/locktest/Makefile.am +@@ -2,8 +2,5 @@ + + noinst_PROGRAMS = testlk + testlk_SOURCES = testlk.c +-testlk_CFLAGS=$(CFLAGS_FOR_BUILD) +-testlk_CPPFLAGS=$(CPPFLAGS_FOR_BUILD) +-testlk_LDFLAGS=$(LDFLAGS_FOR_BUILD) + + MAINTAINERCLEANFILES = Makefile.in +-- +2.41.0 + diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-support-include-junction.h-Define-macros-for-musl.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-support-include-junction.h-Define-macros-for-musl.patch new file mode 100644 index 0000000000..c94990b969 --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-support-include-junction.h-Define-macros-for-musl.patch @@ -0,0 +1,46 @@ +From 6f82ffa0e01e88e4e73972cb0125fcb6e78e27cf Mon Sep 17 00:00:00 2001 +From: Robert Yang <liezhi.yang@windriver.com> +Date: Sun, 8 Sep 2024 09:45:41 +0000 +Subject: [PATCH] support/include/junction.h: Define macros for musl + +Fixed 1: +In file included from cache.c:1217: +../../support/include/junction.h:128:21: error: expected ';' before 'char' + 128 | __attribute_malloc__ + | ^ + | ; + 129 | char **nfs_dup_string_array(char **array); + +Fixed 2: +junction.c: In function 'junction_set_sticky_bit': +junction.c:164:39: error: 'ALLPERMS' undeclared (first use in this function) + 164 | stb.st_mode &= (unsigned int)~ALLPERMS; + +Upstream-Status: Submitted [https://marc.info/?l=linux-nfs&m=172579572428765&w=2] + +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> +--- + support/include/junction.h | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/support/include/junction.h b/support/include/junction.h +index 7257d80..d127dd5 100644 +--- a/support/include/junction.h ++++ b/support/include/junction.h +@@ -26,6 +26,16 @@ + #ifndef _NFS_JUNCTION_H_ + #define _NFS_JUNCTION_H_ + ++/* For musl, refered to glibc's sys/cdefs.h */ ++#ifndef __attribute_malloc__ ++#define __attribute_malloc__ __attribute__((__malloc__)) ++#endif ++ ++/* For musl, refered to glibc's sys/stat.h */ ++#ifndef ALLPERMS ++#define ALLPERMS (S_ISUID|S_ISGID|S_ISVTX|S_IRWXU|S_IRWXG|S_IRWXO)/* 07777 */ ++#endif ++ + #include <stdint.h> + + /* diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-support-junction-path.c-Fix-build-for-musl.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-support-junction-path.c-Fix-build-for-musl.patch new file mode 100644 index 0000000000..ae2b0c566c --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-support-junction-path.c-Fix-build-for-musl.patch @@ -0,0 +1,35 @@ +From ad4ec0c40aaea37b8e7ec3e73d7b35cbda2d3841 Mon Sep 17 00:00:00 2001 +From: Robert Yang <liezhi.yang@windriver.com> +Date: Sun, 8 Sep 2024 08:34:28 +0000 +Subject: [PATCH] support/junction/path.c: Fix build for musl + +Fixed: +path.c:164:24: error: implicit declaration of function 'strchrnul'; did you mean 'strchr'? [-Wimplicit-function-declaration] +[snip] + +path.c:239:27: error: 'NAME_MAX' undeclared (first use in this function); did you mean 'AF_MAX'? + +Upstream-Status: Submitted [https://marc.info/?l=linux-nfs&m=172579572228762&w=2] + +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> +--- + support/junction/path.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/support/junction/path.c b/support/junction/path.c +index c25cc52..6e28df3 100644 +--- a/support/junction/path.c ++++ b/support/junction/path.c +@@ -23,6 +23,12 @@ + * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt + */ + ++/* For musl */ ++#ifndef _GNU_SOURCE ++#define _GNU_SOURCE ++#endif ++#include <limits.h> ++ + #include <sys/types.h> + #include <sys/stat.h> + diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-format-string.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-format-string.patch deleted file mode 100644 index 1d693e4142..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-format-string.patch +++ /dev/null @@ -1,183 +0,0 @@ -Clang comes up with more printf format warnings -Correcting “format string is not a string literal” warning -requires us to declare that parameter is a printf style -format using the attribute flag - -Upstream-Status: Pending - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -Index: nfs-utils-2.3.3/support/include/xcommon.h -=================================================================== ---- nfs-utils-2.3.3.orig/support/include/xcommon.h -+++ nfs-utils-2.3.3/support/include/xcommon.h -@@ -27,7 +27,7 @@ - - /* Functions in sundries.c that are used in mount.c and umount.c */ - char *canonicalize (const char *path); --void nfs_error (const char *fmt, ...); -+void nfs_error (const char *fmt, ...) __attribute__((__format__ (__printf__, 1, 2))); - void *xmalloc (size_t size); - void *xrealloc(void *p, size_t size); - void xfree(void *); -@@ -36,9 +36,9 @@ char *xstrndup (const char *s, int n); - char *xstrconcat2 (const char *, const char *); - char *xstrconcat3 (const char *, const char *, const char *); - char *xstrconcat4 (const char *, const char *, const char *, const char *); --void die (int errcode, const char *fmt, ...); -+void die (int errcode, const char *fmt, ...) __attribute__((__format__ (__printf__, 2, 3))); - --extern void die(int err, const char *fmt, ...); -+extern void die(int err, const char *fmt, ...) __attribute__((__format__ (__printf__, 2, 3))); - extern void (*at_die)(void); - - /* exit status - bits below are ORed */ -Index: nfs-utils-2.3.3/support/include/xlog.h -=================================================================== ---- nfs-utils-2.3.3.orig/support/include/xlog.h -+++ nfs-utils-2.3.3/support/include/xlog.h -@@ -43,10 +43,10 @@ void xlog_config(int fac, int on); - void xlog_sconfig(char *, int on); - void xlog_from_conffile(char *); - int xlog_enabled(int fac); --void xlog(int fac, const char *fmt, ...); --void xlog_warn(const char *fmt, ...); --void xlog_err(const char *fmt, ...); --void xlog_errno(int err, const char *fmt, ...); --void xlog_backend(int fac, const char *fmt, va_list args); -+void xlog(int fac, const char *fmt, ...) __attribute__((__format__ (__printf__, 2, 3))); -+void xlog_warn(const char *fmt, ...) __attribute__((__format__ (__printf__, 1, 2))); -+void xlog_err(const char *fmt, ...) __attribute__((__format__ (__printf__, 1, 2))); -+void xlog_errno(int err, const char *fmt, ...) __attribute__((__format__ (__printf__, 2, 3))); -+void xlog_backend(int fac, const char *fmt, va_list args) __attribute__((__format__ (__printf__, 2, 0))); - - #endif /* XLOG_H */ -Index: nfs-utils-2.3.3/support/nfs/xcommon.c -=================================================================== ---- nfs-utils-2.3.3.orig/support/nfs/xcommon.c -+++ nfs-utils-2.3.3/support/nfs/xcommon.c -@@ -93,7 +93,10 @@ nfs_error (const char *fmt, ...) { - - fmt2 = xstrconcat2 (fmt, "\n"); - va_start (args, fmt); -+#pragma clang diagnostic push -+#pragma clang diagnostic ignored "-Wformat-nonliteral" - vfprintf (stderr, fmt2, args); -+#pragma clang diagnostic pop - va_end (args); - free (fmt2); - } -Index: nfs-utils-2.3.3/utils/exportfs/exportfs.c -=================================================================== ---- nfs-utils-2.3.3.orig/utils/exportfs/exportfs.c -+++ nfs-utils-2.3.3/utils/exportfs/exportfs.c -@@ -644,6 +644,7 @@ out: - return result; - } - -+__attribute__((__format__ (__printf__, 2, 3))) - static char - dumpopt(char c, char *fmt, ...) - { -Index: nfs-utils-2.3.3/utils/statd/statd.c -=================================================================== ---- nfs-utils-2.3.3.orig/utils/statd/statd.c -+++ nfs-utils-2.3.3/utils/statd/statd.c -@@ -136,7 +136,7 @@ static void log_modes(void) - strcat(buf, "TI-RPC "); - #endif - -- xlog_warn(buf); -+ xlog_warn("%s", buf); - } - - /* -Index: nfs-utils-2.3.3/support/nfs/svc_create.c -=================================================================== ---- nfs-utils-2.3.3.orig/support/nfs/svc_create.c -+++ nfs-utils-2.3.3/support/nfs/svc_create.c -@@ -184,7 +184,7 @@ svc_create_sock(const struct sockaddr *s - type = SOCK_STREAM; - break; - default: -- xlog(D_GENERAL, "%s: Unrecognized bind address semantics: %u", -+ xlog(D_GENERAL, "%s: Unrecognized bind address semantics: %lu", - __func__, nconf->nc_semantics); - return -1; - } -Index: nfs-utils-2.3.3/support/nsm/rpc.c -=================================================================== ---- nfs-utils-2.3.3.orig/support/nsm/rpc.c -+++ nfs-utils-2.3.3/support/nsm/rpc.c -@@ -182,7 +182,7 @@ nsm_xmit_getport(const int sock, const s - uint32_t xid; - XDR xdr; - -- xlog(D_CALL, "Sending PMAP_GETPORT for %u, %u, udp", program, version); -+ xlog(D_CALL, "Sending PMAP_GETPORT for %lu, %lu, udp", program, version); - - nsm_init_xdrmem(msgbuf, NSM_MAXMSGSIZE, &xdr); - xid = nsm_init_rpc_header(PMAPPROG, PMAPVERS, -Index: nfs-utils-2.3.3/utils/mountd/cache.c -=================================================================== ---- nfs-utils-2.3.3.orig/utils/mountd/cache.c -+++ nfs-utils-2.3.3/utils/mountd/cache.c -@@ -968,8 +968,7 @@ lookup_export(char *dom, char *path, str - } else if (found_type == i && found->m_warned == 0) { - xlog(L_WARNING, "%s exported to both %s and %s, " - "arbitrarily choosing options from first", -- path, found->m_client->m_hostname, exp->m_client->m_hostname, -- dom); -+ path, found->m_client->m_hostname, exp->m_client->m_hostname); - found->m_warned = 1; - } - } -Index: nfs-utils-2.3.3/utils/mountd/mountd.c -=================================================================== ---- nfs-utils-2.3.3.orig/utils/mountd/mountd.c -+++ nfs-utils-2.3.3/utils/mountd/mountd.c -@@ -213,7 +213,7 @@ static void - sig_hup (int sig) - { - /* don't exit on SIGHUP */ -- xlog (L_NOTICE, "Received SIGHUP... Ignoring.\n", sig); -+ xlog (L_NOTICE, "Received SIGHUP(%d)... Ignoring.\n", sig); - return; - } - -Index: nfs-utils-2.3.3/utils/statd/rmtcall.c -=================================================================== ---- nfs-utils-2.3.3.orig/utils/statd/rmtcall.c -+++ nfs-utils-2.3.3/utils/statd/rmtcall.c -@@ -247,7 +247,7 @@ process_reply(FD_SET_TYPE *rfds) - xlog_warn("%s: service %d not registered on localhost", - __func__, NL_MY_PROG(lp)); - } else { -- xlog(D_GENERAL, "%s: Callback to %s (for %d) succeeded", -+ xlog(D_GENERAL, "%s: Callback to %s (for %s) succeeded", - __func__, NL_MY_NAME(lp), NL_MON_NAME(lp)); - } - nlist_free(¬ify, lp); -Index: nfs-utils-2.3.3/utils/statd/svc_run.c -=================================================================== ---- nfs-utils-2.3.3.orig/utils/statd/svc_run.c -+++ nfs-utils-2.3.3/utils/statd/svc_run.c -@@ -53,6 +53,7 @@ - - #include <errno.h> - #include <time.h> -+#include <inttypes.h> - #include "statd.h" - #include "notlist.h" - -@@ -104,8 +105,8 @@ my_svc_run(int sockfd) - - tv.tv_sec = NL_WHEN(notify) - now; - tv.tv_usec = 0; -- xlog(D_GENERAL, "Waiting for reply... (timeo %d)", -- tv.tv_sec); -+ xlog(D_GENERAL, "Waiting for reply... (timeo %jd)", -+ (intmax_t)tv.tv_sec); - selret = select(FD_SETSIZE, &readfds, - (void *) 0, (void *) 0, &tv); - } else { diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-warnings.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-warnings.patch new file mode 100644 index 0000000000..fde99b599e --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-warnings.patch @@ -0,0 +1,36 @@ +From 1ab0c326405c6daa06f1a7eb4b0b60bf4e0584c2 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 31 Dec 2019 08:15:34 -0800 +Subject: [PATCH] Detect warning options during configure + +Certain options maybe compiler specific therefore its better +to detect them before use. + +nfs_error copies the format string and appends newline to it +but compiler can forget that it was format string since its not +same fmt string that was passed. Ignore the warning + +Wdiscarded-qualifiers is gcc specific and this is no longer needed + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +--- + support/nfs/xcommon.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/support/nfs/xcommon.c b/support/nfs/xcommon.c +index 3989f0b..e080423 100644 +--- a/support/nfs/xcommon.c ++++ b/support/nfs/xcommon.c +@@ -98,7 +98,10 @@ nfs_error (const char *fmt, ...) { + + fmt2 = xstrconcat2 (fmt, "\n"); + va_start (args, fmt); ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wformat-nonliteral" + vfprintf (stderr, fmt2, args); ++#pragma GCC diagnostic pop + va_end (args); + free (fmt2); + } diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service index c01415de84..ebfe64b9ce 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service @@ -12,6 +12,7 @@ ConditionPathExists=@SYSCONFDIR@/exports EnvironmentFile=-@SYSCONFDIR@/nfs-utils.conf ExecStart=@SBINDIR@/rpc.mountd -F $MOUNTD_OPTS LimitNOFILE=@HIGH_RLIMIT_NOFILE@ +StateDirectory=nfs [Install] WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service index 6481377d80..15ceee04d0 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service @@ -17,8 +17,8 @@ ExecStop=@SBINDIR@/rpc.nfsd 0 ExecStopPost=@SBINDIR@/exportfs -au ExecStopPost=@SBINDIR@/exportfs -f ExecReload=@SBINDIR@/exportfs -r -StandardError=syslog RemainAfterExit=yes +StateDirectory=nfs [Install] WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service index 4fa64e1998..b519194121 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service @@ -4,11 +4,13 @@ DefaultDependencies=no Conflicts=umount.target Requires=nss-lookup.target rpcbind.service After=network.target nss-lookup.target rpcbind.service +ConditionPathExists=@SYSCONFDIR@/exports [Service] EnvironmentFile=-@SYSCONFDIR@/nfs-utils.conf ExecStart=@SBINDIR@/rpc.statd -F $STATD_OPTS LimitNOFILE=@HIGH_RLIMIT_NOFILE@ +StateDirectory=nfs [Install] WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch deleted file mode 100644 index 921f5edc82..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch +++ /dev/null @@ -1,46 +0,0 @@ -From caa19231196d73541445728e6813c8fa70345acb Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Tue, 26 Jun 2018 15:59:00 +0800 -Subject: [PATCH] nfs-utils: 2.1.1 -> 2.3.1 - -Fixed: -configure: error: res_querydomain needed - -Upstream-Status: Pending [https://github.com/alpinelinux/aports/blob/master/main/nfs-utils/musl-configure_ac.patch] - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> - ---- - configure.ac | 9 ++++----- - 1 file changed, 4 insertions(+), 5 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 50002b4..dcadb23 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -582,10 +582,10 @@ my_am_cflags="\ - -Wall \ - -Wextra \ - $rpcgen_cflags \ -- -Werror=missing-prototypes \ -- -Werror=missing-declarations \ -+ -Wmissing-prototypes \ -+ -Wmissing-declarations \ - -Werror=format=2 \ -- -Werror=undef \ -+ -Wundef \ - -Werror=missing-include-dirs \ - -Werror=strict-aliasing=2 \ - -Werror=init-self \ -@@ -614,10 +614,9 @@ AC_DEFUN([CHECK_CCSUPPORT], [ - - CHECK_CCSUPPORT([-Werror=format-overflow=2], [flg1]) - CHECK_CCSUPPORT([-Werror=int-conversion], [flg2]) --CHECK_CCSUPPORT([-Werror=incompatible-pointer-types], [flg3]) - CHECK_CCSUPPORT([-Werror=misleading-indentation], [flg4]) - --AC_SUBST([AM_CFLAGS], ["$my_am_cflags $flg1 $flg2 $flg3 $flg4"]) -+AC_SUBST([AM_CFLAGS], ["$my_am_cflags $flg1 $flg2 $flg4"]) - - # Make sure that $ACLOCAL_FLAGS are used during a rebuild - AC_SUBST([ACLOCAL_AMFLAGS], ["-I $ac_macro_dir \$(ACLOCAL_FLAGS)"]) diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.7.1.bb index eb32bccb57..849ea0e43b 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.7.1.bb @@ -4,18 +4,18 @@ NFS server and related tools." HOMEPAGE = "http://nfs.sourceforge.net/" SECTION = "console/network" -LICENSE = "MIT & GPLv2+ & BSD" +LICENSE = "MIT & GPL-2.0-or-later & BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=95f3a93a5c3c7888de623b46ea085a84" # util-linux for libblkid -DEPENDS = "libcap libevent util-linux sqlite3 libtirpc" -RDEPENDS_${PN} = "${PN}-client" -RRECOMMENDS_${PN} = "kernel-module-nfsd" +DEPENDS = "libcap libevent util-linux sqlite3 libtirpc libxml2" +RDEPENDS:${PN} = "${PN}-client" +RRECOMMENDS:${PN} = "kernel-module-nfsd" inherit useradd USERADD_PACKAGES = "${PN}-client" -USERADD_PARAM_${PN}-client = "--system --home-dir /var/lib/nfs \ +USERADD_PARAM:${PN}-client = "--system --home-dir /var/lib/nfs \ --shell /bin/false --user-group rpcuser" SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.xz \ @@ -28,17 +28,13 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x file://proc-fs-nfsd.mount \ file://nfs-utils-debianize-start-statd.patch \ file://bugfix-adjust-statd-service-name.patch \ - file://0001-cacheio-use-intmax_t-for-formatted-IO.patch \ - file://clang-format-string.patch \ file://0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch \ - file://0001-Don-t-build-tools-with-CC_FOR_BUILD.patch \ - file://0001-Fix-include-order-between-config.h-and-stat.h.patch \ -" -SRC_URI_append_libc-glibc = " file://0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch" -SRC_URI_append_libc-musl = " file://nfs-utils-musl-res_querydomain.patch" - -SRC_URI[md5sum] = "161efe469ec1b06f1c750bd87f8ba6dd" -SRC_URI[sha256sum] = "85274ada94479b1beba9f8eeffd19f477c53a6710b9998d1192c807854087736" + file://clang-warnings.patch \ + file://0001-locktest-Makefile.am-Do-not-use-build-flags.patch \ + file://0001-support-include-junction.h-Define-macros-for-musl.patch \ + file://0001-support-junction-path.c-Fix-build-for-musl.patch \ + " +SRC_URI[sha256sum] = "885c948a84a58bca4148f459588f9a7369dbb40dcc466f04e455c6b10fd0aa48" # Only kernel-module-nfsd is required here (but can be built-in) - the nfsd module will # pull in the remainder of the dependencies. @@ -46,14 +42,14 @@ SRC_URI[sha256sum] = "85274ada94479b1beba9f8eeffd19f477c53a6710b9998d1192c807854 INITSCRIPT_PACKAGES = "${PN} ${PN}-client" INITSCRIPT_NAME = "nfsserver" INITSCRIPT_PARAMS = "defaults" -INITSCRIPT_NAME_${PN}-client = "nfscommon" -INITSCRIPT_PARAMS_${PN}-client = "defaults 19 21" +INITSCRIPT_NAME:${PN}-client = "nfscommon" +INITSCRIPT_PARAMS:${PN}-client = "defaults 19 21" inherit autotools-brokensep update-rc.d systemd pkgconfig SYSTEMD_PACKAGES = "${PN} ${PN}-client" -SYSTEMD_SERVICE_${PN} = "nfs-server.service nfs-mountd.service" -SYSTEMD_SERVICE_${PN}-client = "nfs-statd.service" +SYSTEMD_SERVICE:${PN} = "nfs-server.service nfs-mountd.service" +SYSTEMD_SERVICE:${PN}-client = "nfs-statd.service" # --enable-uuid is need for cross-compiling EXTRA_OECONF = "--with-statduser=rpcuser \ @@ -63,80 +59,87 @@ EXTRA_OECONF = "--with-statduser=rpcuser \ --disable-gss \ --disable-nfsdcltrack \ --with-statdpath=/var/lib/nfs/statd \ + --with-rpcgen=${HOSTTOOLS_DIR}/rpcgen \ " -CFLAGS += "-Wno-error=format-overflow" +LDFLAGS += "-lsqlite3 -levent" PACKAGECONFIG ??= "tcp-wrappers \ ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ " -PACKAGECONFIG_remove_libc-musl = "tcp-wrappers" +PACKAGECONFIG:remove:libc-musl = "tcp-wrappers" PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," # libdevmapper is available in meta-oe -PACKAGECONFIG[nfsv41] = "--enable-nfsv41,--disable-nfsv41,libdevmapper" -# keyutils is available in meta-security -PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils" +PACKAGECONFIG[nfsv41] = "--enable-nfsv41,--disable-nfsv41,libdevmapper,libdevmapper" +# keyutils is available in meta-oe +PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils,python3-core" -PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats" +PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats ${PN}-rpcctl" -CONFFILES_${PN}-client += "${localstatedir}/lib/nfs/etab \ +CONFFILES:${PN}-client += "${localstatedir}/lib/nfs/etab \ ${localstatedir}/lib/nfs/rmtab \ ${localstatedir}/lib/nfs/xtab \ ${localstatedir}/lib/nfs/statd/state \ ${sysconfdir}/nfsmount.conf" -FILES_${PN}-client = "${sbindir}/*statd \ +FILES:${PN}-client = "${sbindir}/*statd \ + ${libdir}/libnfsidmap.so.* \ ${sbindir}/rpc.idmapd ${sbindir}/sm-notify \ ${sbindir}/showmount ${sbindir}/nfsstat \ ${localstatedir}/lib/nfs \ ${sysconfdir}/nfs-utils.conf \ ${sysconfdir}/nfsmount.conf \ ${sysconfdir}/init.d/nfscommon \ - ${systemd_unitdir}/system/nfs-statd.service" -RDEPENDS_${PN}-client = "${PN}-mount rpcbind" + ${systemd_system_unitdir}/nfs-statd.service" +RDEPENDS:${PN}-client = "${PN}-mount rpcbind" + +FILES:${PN}-mount = "${base_sbindir}/*mount.nfs*" -FILES_${PN}-mount = "${base_sbindir}/*mount.nfs*" +FILES:${PN}-stats = "${sbindir}/mountstats ${sbindir}/nfsiostat ${sbindir}/nfsdclnts" +RDEPENDS:${PN}-stats = "python3-core" -FILES_${PN}-stats = "${sbindir}/mountstats ${sbindir}/nfsiostat" -RDEPENDS_${PN}-stats = "python3-core" +FILES:${PN}-rpcctl = "${sbindir}/rpcctl" +RDEPENDS:${PN}-rpcctl = "python3-core" -FILES_${PN} += "${systemd_unitdir}" +FILES:${PN}-staticdev += "${libdir}/libnfsidmap/*.a" -do_configure_prepend() { - sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \ - ${S}/utils/mount/Makefile.am +FILES:${PN} += "${systemd_unitdir} ${libdir}/libnfsidmap/ ${nonarch_libdir}/modprobe.d" + +do_configure:prepend() { + sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \ + ${S}/utils/mount/Makefile.am } # Make clean needed because the package comes with # precompiled 64-bit objects that break the build -do_compile_prepend() { +do_compile:prepend() { make clean } # Works on systemd only HIGH_RLIMIT_NOFILE ??= "4096" -do_install_append () { +do_install:append () { install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/nfsserver ${D}${sysconfdir}/init.d/nfsserver - install -m 0755 ${WORKDIR}/nfscommon ${D}${sysconfdir}/init.d/nfscommon + install -m 0755 ${UNPACKDIR}/nfsserver ${D}${sysconfdir}/init.d/nfsserver + install -m 0755 ${UNPACKDIR}/nfscommon ${D}${sysconfdir}/init.d/nfscommon - install -m 0755 ${WORKDIR}/nfs-utils.conf ${D}${sysconfdir} + install -m 0755 ${UNPACKDIR}/nfs-utils.conf ${D}${sysconfdir} install -m 0755 ${S}/utils/mount/nfsmount.conf ${D}${sysconfdir} - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/nfs-server.service ${D}${systemd_unitdir}/system/ - install -m 0644 ${WORKDIR}/nfs-mountd.service ${D}${systemd_unitdir}/system/ - install -m 0644 ${WORKDIR}/nfs-statd.service ${D}${systemd_unitdir}/system/ + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${UNPACKDIR}/nfs-server.service ${D}${systemd_system_unitdir}/ + install -m 0644 ${UNPACKDIR}/nfs-mountd.service ${D}${systemd_system_unitdir}/ + install -m 0644 ${UNPACKDIR}/nfs-statd.service ${D}${systemd_system_unitdir}/ sed -i -e 's,@SBINDIR@,${sbindir},g' \ -e 's,@SYSCONFDIR@,${sysconfdir},g' \ -e 's,@HIGH_RLIMIT_NOFILE@,${HIGH_RLIMIT_NOFILE},g' \ - ${D}${systemd_unitdir}/system/*.service + ${D}${systemd_system_unitdir}/*.service if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount ${D}${systemd_unitdir}/system/ - install -d ${D}${systemd_unitdir}/system/sysinit.target.wants/ - ln -sf ../proc-fs-nfsd.mount ${D}${systemd_unitdir}/system/sysinit.target.wants/proc-fs-nfsd.mount + install -m 0644 ${UNPACKDIR}/proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/ + install -d ${D}${systemd_system_unitdir}/sysinit.target.wants/ + ln -sf ../proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/sysinit.target.wants/proc-fs-nfsd.mount fi # kernel code as of 3.8 hard-codes this path as a default @@ -146,7 +149,6 @@ do_install_append () { chown -R rpcuser:rpcuser ${D}${localstatedir}/lib/nfs/statd chmod 0644 ${D}${localstatedir}/lib/nfs/statd/state - # Make python tools use python 3 - sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${sbindir}/mountstats ${D}${sbindir}/nfsiostat - + # Make python tools use python 3 + sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${sbindir}/mountstats ${D}${sbindir}/nfsiostat } diff --git a/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch b/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch deleted file mode 100644 index 8a5a300adc..0000000000 --- a/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 22b52db4842611ac31a356f023fc09595384e2ad Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Thu, 23 May 2019 18:11:22 -0700 -Subject: [PATCH] mbim: add an optional TEMP_FAILURE_RETRY macro copy - -Fixes build on musl which does not provide this macro - -Upstream-Status: Submitted [https://lists.ofono.org/pipermail/ofono/2019-May/019370.html] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - drivers/mbimmodem/mbim-private.h | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/drivers/mbimmodem/mbim-private.h b/drivers/mbimmodem/mbim-private.h -index e159235..51693ea 100644 ---- a/drivers/mbimmodem/mbim-private.h -+++ b/drivers/mbimmodem/mbim-private.h -@@ -21,6 +21,15 @@ - - #define align_len(len, boundary) (((len)+(boundary)-1) & ~((boundary)-1)) - -+#ifndef TEMP_FAILURE_RETRY -+#define TEMP_FAILURE_RETRY(expression) ({ \ -+ __typeof(expression) __result; \ -+ do { \ -+ __result = (expression); \ -+ } while (__result == -1 && errno == EINTR); \ -+ __result; }) -+#endif -+ - enum mbim_control_message { - MBIM_OPEN_MSG = 0x1, - MBIM_CLOSE_MSG = 0x2, --- -2.21.0 - diff --git a/meta/recipes-connectivity/ofono/ofono_1.31.bb b/meta/recipes-connectivity/ofono/ofono_2.10.bb index 7d0976ad7f..c1f686b164 100644 --- a/meta/recipes-connectivity/ofono/ofono_1.31.bb +++ b/meta/recipes-connectivity/ofono/ofono_2.10.bb @@ -2,49 +2,47 @@ SUMMARY = "open source telephony" DESCRIPTION = "oFono is a stack for mobile telephony devices on Linux. oFono supports speaking to telephony devices through specific drivers, or with generic AT commands." HOMEPAGE = "http://www.ofono.org" BUGTRACKER = "https://01.org/jira/browse/OF" -LICENSE = "GPLv2" +LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ - file://src/ofono.h;beginline=1;endline=20;md5=3ce17d5978ef3445def265b98899c2ee" + file://src/ofono.h;beginline=1;endline=6;md5=13e42133935ceecfc9bcb547f256e277" DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ell" SRC_URI = "\ ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://ofono \ - file://0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch \ " -SRC_URI[md5sum] = "1c26340e3c6ed132cc812595081bb3dc" -SRC_URI[sha256sum] = "a15c5d28096c10eb30e47a68b6dc2e7c4a5a99d7f4cfedf0b69624f33d859e9b" +SRC_URI[sha256sum] = "ce65c12e446f7b15d2ed98a220f9cc6f1571b269d83c4f14b0a2d67c33919fef" inherit autotools pkgconfig update-rc.d systemd gobject-introspection-data INITSCRIPT_NAME = "ofono" INITSCRIPT_PARAMS = "defaults 22" -SYSTEMD_SERVICE_${PN} = "ofono.service" +SYSTEMD_SERVICE:${PN} = "ofono.service" PACKAGECONFIG ??= "\ ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ " -PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir=" +PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_system_unitdir}/,--with-systemdunitdir=" PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5" EXTRA_OECONF += "--enable-test --enable-external-ell" -do_install_append() { - install -d ${D}${sysconfdir}/init.d/ - install -m 0755 ${WORKDIR}/ofono ${D}${sysconfdir}/init.d/ofono +do_install:append() { + install -d ${D}${sysconfdir}/init.d/ + install -m 0755 ${UNPACKDIR}/ofono ${D}${sysconfdir}/init.d/ofono } PACKAGES =+ "${PN}-tests" -FILES_${PN} += "${systemd_unitdir}" -FILES_${PN}-tests = "${libdir}/${BPN}/test" +FILES:${PN} += "${systemd_unitdir}" +FILES:${PN}-tests = "${libdir}/${BPN}/test" -RDEPENDS_${PN} += "dbus" -RDEPENDS_${PN}-tests = "\ +RDEPENDS:${PN} += "dbus" +RDEPENDS:${PN}-tests = "\ python3-core \ python3-dbus \ ${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'python3-pygobject', '', d)} \ " -RRECOMMENDS_${PN} += "kernel-module-tun mobile-broadband-provider-info" +RRECOMMENDS:${PN} += "kernel-module-tun mobile-broadband-provider-info" diff --git a/meta/recipes-connectivity/openssh/openssh/0001-Cast-to-sockaddr-in-systemd-interface.patch b/meta/recipes-connectivity/openssh/openssh/0001-Cast-to-sockaddr-in-systemd-interface.patch new file mode 100644 index 0000000000..c41642ae10 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/0001-Cast-to-sockaddr-in-systemd-interface.patch @@ -0,0 +1,30 @@ +From a3068c6edb81c0b0b9a2ced82e8632c79314e409 Mon Sep 17 00:00:00 2001 +From: Darren Tucker <dtucker@dtucker.net> +Date: Sun, 7 Jul 2024 18:46:19 +1000 +Subject: [PATCH] Cast to sockaddr * in systemd interface. + +Fixes build with musl libx. bz#3707. + +Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/8b664df75966e5aed8dabea00b8838303d3488b8] + +Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> +--- + openbsd-compat/port-linux.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c +index 4c024c6d2..8adfec5a7 100644 +--- a/openbsd-compat/port-linux.c ++++ b/openbsd-compat/port-linux.c +@@ -366,7 +366,7 @@ ssh_systemd_notify(const char *fmt, ...) + error_f("socket \"%s\": %s", path, strerror(errno)); + goto out; + } +- if (connect(fd, &addr, sizeof(addr)) != 0) { ++ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) != 0) { + error_f("socket \"%s\" connect: %s", path, strerror(errno)); + goto out; + } +-- +2.45.2 + diff --git a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch new file mode 100644 index 0000000000..f424288e37 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch @@ -0,0 +1,59 @@ +From 5cc897fe2effe549e1e280c2f606bce8b532b61e Mon Sep 17 00:00:00 2001 +From: Mikko Rapeli <mikko.rapeli@linaro.org> +Date: Mon, 11 Sep 2023 09:55:21 +0100 +Subject: [PATCH] regress/banner.sh: log input and output files on error + +Some test environments like yocto with qemu are seeing these +tests failing. There may be additional error messages in the +stderr of ssh cloent command. busybox cmp shows this error when +first input file has less new line characters then second +input file: + +cmp: EOF on /usr/lib/openssh/ptest/regress/banner.in + +Logging the full banner.out will show what other error messages +are captured in addition of the expected banner. + +Full log of a failing banner test runs is: + +run test banner.sh ... +test banner: missing banner file +test banner: size 0 +cmp: EOF on /usr/lib/openssh/ptest/regress/banner.in +banner size 0 mismatch +test banner: size 10 +test banner: size 100 +cmp: EOF on /usr/lib/openssh/ptest/regress/banner.in +banner size 100 mismatch +test banner: size 1000 +test banner: size 10000 +test banner: size 100000 +test banner: suppress banner (-q) +FAIL: banner +return value: 1 + +See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 + +Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] + +Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> +Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> +--- + regress/banner.sh | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/regress/banner.sh b/regress/banner.sh +index a84feb5..de84957 100644 +--- a/regress/banner.sh ++++ b/regress/banner.sh +@@ -32,7 +32,9 @@ for s in 0 10 100 1000 10000 100000 ; do + verbose "test $tid: size $s" + ( ${SSH} -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \ + cmp $OBJ/banner.in $OBJ/banner.out ) || \ +- fail "banner size $s mismatch" ++ ( verbose "Contents of $OBJ/banner.in:"; cat $OBJ/banner.in; \ ++ verbose "Contents of $OBJ/banner.out:"; cat $OBJ/banner.out; \ ++ fail "banner size $s mismatch" ) + done + + trace "test suppress banner (-q)" diff --git a/meta/recipes-connectivity/openssh/openssh/0001-regress-test-exec-use-the-absolute-path-in-the-SSH-e.patch b/meta/recipes-connectivity/openssh/openssh/0001-regress-test-exec-use-the-absolute-path-in-the-SSH-e.patch new file mode 100644 index 0000000000..b90cd2e69d --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/0001-regress-test-exec-use-the-absolute-path-in-the-SSH-e.patch @@ -0,0 +1,35 @@ +From fb762172fb678fe29327b667f8fe7380962a4540 Mon Sep 17 00:00:00 2001 +From: Jose Quaresma <jose.quaresma@foundries.io> +Date: Mon, 15 Jul 2024 18:43:08 +0100 +Subject: [PATCH] regress/test-exec: use the absolute path in the SSH env + +The SSHAGENT_BIN was changed in [1] to SSH_BIN but +the last one don't use the absolute path and consequently +the function increase_datafile_size can loops forever +if the binary not found. + +[1] https://github.com/openssh/openssh-portable/commit/a68f80f2511f0e0c5cef737a8284cc2dfabad818 + +Upstream-Status: Submitted [https://github.com/openssh/openssh-portable/pull/510] + +Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> +--- + regress/test-exec.sh | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/regress/test-exec.sh b/regress/test-exec.sh +index 7afc2807..175f554b 100644 +--- a/regress/test-exec.sh ++++ b/regress/test-exec.sh +@@ -175,6 +175,11 @@ if [ "x$TEST_SSH_OPENSSL" != "x" ]; then + fi + + # Path to sshd must be absolute for rexec ++case "$SSH" in ++/*) ;; ++*) SSH=`which $SSH` ;; ++esac ++ + case "$SSHD" in + /*) ;; + *) SSHD=`which $SSHD` ;; diff --git a/meta/recipes-connectivity/openssh/openssh/add-test-support-for-busybox.patch b/meta/recipes-connectivity/openssh/openssh/add-test-support-for-busybox.patch deleted file mode 100644 index b8402a4dee..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/add-test-support-for-busybox.patch +++ /dev/null @@ -1,47 +0,0 @@ -Adjust test cases to work with busybox. - -- Replace dd parameter "obs" with "bs". -- Replace "head -<num>" with "head -n <num>". - -Signed-off-by: Maxin B. John <maxin.john@enea.com> -Upstream-Status: Pending - -Index: openssh-7.6p1/regress/cipher-speed.sh -=================================================================== ---- openssh-7.6p1.orig/regress/cipher-speed.sh -+++ openssh-7.6p1/regress/cipher-speed.sh -@@ -17,7 +17,7 @@ for c in `${SSH} -Q cipher`; do n=0; for - printf "%-60s" "$c/$m:" - ( ${SSH} -o 'compression no' \ - -F $OBJ/ssh_proxy -m $m -c $c somehost \ -- exec sh -c \'"dd of=/dev/null obs=32k"\' \ -+ exec sh -c \'"dd of=/dev/null bs=32k"\' \ - < ${DATA} ) 2>&1 | getbytes - - if [ $? -ne 0 ]; then -Index: openssh-7.6p1/regress/transfer.sh -=================================================================== ---- openssh-7.6p1.orig/regress/transfer.sh -+++ openssh-7.6p1/regress/transfer.sh -@@ -13,7 +13,7 @@ cmp ${DATA} ${COPY} || fail "corrupted - for s in 10 100 1k 32k 64k 128k 256k; do - trace "dd-size ${s}" - rm -f ${COPY} -- dd if=$DATA obs=${s} 2> /dev/null | \ -+ dd if=$DATA bs=${s} 2> /dev/null | \ - ${SSH} -q -F $OBJ/ssh_proxy somehost "cat > ${COPY}" - if [ $? -ne 0 ]; then - fail "ssh cat $DATA failed" -Index: openssh-7.6p1/regress/key-options.sh -=================================================================== ---- openssh-7.6p1.orig/regress/key-options.sh -+++ openssh-7.6p1/regress/key-options.sh -@@ -47,7 +47,7 @@ for f in 127.0.0.1 '127.0.0.0\/8'; do - fi - - sed 's/.*/from="'"$f"'" &/' $origkeys >$authkeys -- from=`head -1 $authkeys | cut -f1 -d ' '` -+ from=`head -n 1 $authkeys | cut -f1 -d ' '` - verbose "key option $from" - r=`${SSH} -q -F $OBJ/ssh_proxy somehost 'echo true'` - if [ "$r" = "true" ]; then diff --git a/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch b/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch deleted file mode 100644 index 20036da931..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch +++ /dev/null @@ -1,111 +0,0 @@ -From 3328e98bcbf2930cd7eea3e6c92ad5dcbdf4794f Mon Sep 17 00:00:00 2001 -From: Yuanjie Huang <yuanjie.huang@windriver.com> -Date: Wed, 24 Aug 2016 03:15:43 +0000 -Subject: [PATCH] Fix potential signed overflow in pointer arithmatic - -Pointer arithmatic results in implementation defined signed integer -type, so that 's - src' in strlcpy and others may trigger signed overflow. -In case of compilation by gcc or clang with -ftrapv option, the overflow -would lead to program abort. - -Upstream-Status: Submitted [http://bugzilla.mindrot.org/show_bug.cgi?id=2608] - -Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> - -Complete the fix -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - openbsd-compat/strlcat.c | 10 +++++++--- - openbsd-compat/strlcpy.c | 8 ++++++-- - openbsd-compat/strnlen.c | 8 ++++++-- - 3 files changed, 19 insertions(+), 7 deletions(-) - -diff --git a/openbsd-compat/strlcat.c b/openbsd-compat/strlcat.c -index bcc1b61..124e1e3 100644 ---- a/openbsd-compat/strlcat.c -+++ b/openbsd-compat/strlcat.c -@@ -23,6 +23,7 @@ - - #include <sys/types.h> - #include <string.h> -+#include <stdint.h> - - /* - * Appends src to string dst of size siz (unlike strncat, siz is the -@@ -42,7 +43,7 @@ strlcat(char *dst, const char *src, size_t siz) - /* Find the end of dst and adjust bytes left but don't go past end */ - while (n-- != 0 && *d != '\0') - d++; -- dlen = d - dst; -+ dlen = (uintptr_t)d - (uintptr_t)dst; - n = siz - dlen; - - if (n == 0) -@@ -55,8 +56,11 @@ strlcat(char *dst, const char *src, size_t siz) - s++; - } - *d = '\0'; -- -- return(dlen + (s - src)); /* count does not include NUL */ -+ /* -+ * Cast pointers to unsigned type before calculation, to avoid signed -+ * overflow when the string ends where the MSB has changed. -+ */ -+ return (dlen + ((uintptr_t)s - (uintptr_t)src)); /* count does not include NUL */ - } - - #endif /* !HAVE_STRLCAT */ -diff --git a/openbsd-compat/strlcpy.c b/openbsd-compat/strlcpy.c -index b4b1b60..b06f374 100644 ---- a/openbsd-compat/strlcpy.c -+++ b/openbsd-compat/strlcpy.c -@@ -23,6 +23,7 @@ - - #include <sys/types.h> - #include <string.h> -+#include <stdint.h> - - /* - * Copy src to string dst of size siz. At most siz-1 characters -@@ -51,8 +52,11 @@ strlcpy(char *dst, const char *src, size_t siz) - while (*s++) - ; - } -- -- return(s - src - 1); /* count does not include NUL */ -+ /* -+ * Cast pointers to unsigned type before calculation, to avoid signed -+ * overflow when the string ends where the MSB has changed. -+ */ -+ return ((uintptr_t)s - (uintptr_t)src - 1); /* count does not include NUL */ - } - - #endif /* !HAVE_STRLCPY */ -diff --git a/openbsd-compat/strnlen.c b/openbsd-compat/strnlen.c -index 7ad3573..7040f1f 100644 ---- a/openbsd-compat/strnlen.c -+++ b/openbsd-compat/strnlen.c -@@ -23,6 +23,7 @@ - #include <sys/types.h> - - #include <string.h> -+#include <stdint.h> - - size_t - strnlen(const char *str, size_t maxlen) -@@ -31,7 +32,10 @@ strnlen(const char *str, size_t maxlen) - - for (cp = str; maxlen != 0 && *cp != '\0'; cp++, maxlen--) - ; -- -- return (size_t)(cp - str); -+ /* -+ * Cast pointers to unsigned type before calculation, to avoid signed -+ * overflow when the string ends where the MSB has changed. -+ */ -+ return (size_t)((uintptr_t)cp - (uintptr_t)str); - } - #endif --- -2.17.1 - diff --git a/meta/recipes-connectivity/openssh/openssh/run-ptest b/meta/recipes-connectivity/openssh/openssh/run-ptest index daf62cca5b..c9100f9f37 100755 --- a/meta/recipes-connectivity/openssh/openssh/run-ptest +++ b/meta/recipes-connectivity/openssh/openssh/run-ptest @@ -1,10 +1,26 @@ #!/bin/sh +export TEST_SSH_SSH=ssh export TEST_SHELL=sh +export SKIP_UNIT=1 cd regress + +# copied from openssh-portable/.github/run_test.sh +output_failed_logs() { + for i in failed*.log; do + if [ -f "$i" ]; then + echo ------------------------------------------------------------------------- + echo LOGFILE $i + cat $i + echo ------------------------------------------------------------------------- + fi + done +} +trap output_failed_logs 0 + sed -i "/\t\tagent-ptrace /d" Makefile -make -k .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="sudo" tests \ +make -k BUILDDIR=`pwd`/.. .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="" tests \ | sed -u -e 's/^skipped/SKIP: /g' -e 's/^ok /PASS: /g' -e 's/^failed/FAIL: /g' SSHAGENT=`which ssh-agent` diff --git a/meta/recipes-connectivity/openssh/openssh/ssh_config b/meta/recipes-connectivity/openssh/openssh/ssh_config index e0d023803e..cb2774a163 100644 --- a/meta/recipes-connectivity/openssh/openssh/ssh_config +++ b/meta/recipes-connectivity/openssh/openssh/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.33 2017/05/07 23:12:57 djm Exp $ +# $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -17,11 +17,11 @@ # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. -Host * - ForwardAgent yes - ForwardX11 yes -# RhostsRSAAuthentication no -# RSAAuthentication yes +Include /etc/ssh/ssh_config.d/*.conf + +# Host * +# ForwardAgent no +# ForwardX11 no # PasswordAuthentication yes # HostbasedAuthentication no # GSSAPIAuthentication no @@ -36,7 +36,6 @@ Host * # IdentityFile ~/.ssh/id_ecdsa # IdentityFile ~/.ssh/id_ed25519 # Port 22 -# Protocol 2 # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc # MACs hmac-md5,hmac-sha1,umac-64@openssh.com # EscapeChar ~ @@ -46,3 +45,4 @@ Host * # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h +# UserKnownHostsFile ~/.ssh/known_hosts.d/%k diff --git a/meta/recipes-connectivity/openssh/openssh/sshd.service b/meta/recipes-connectivity/openssh/openssh/sshd.service new file mode 100644 index 0000000000..c71fff1cc1 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/sshd.service @@ -0,0 +1,18 @@ +[Unit] +Description=OpenSSH server daemon +Wants=sshdgenkeys.service +After=sshdgenkeys.service +After=nss-user-lookup.target + +[Service] +Type=notify-reload +Environment="SSHD_OPTS=" +EnvironmentFile=-/etc/default/ssh +ExecStartPre=@BASE_BINDIR@/mkdir -p /var/run/sshd +ExecStart=-@SBINDIR@/sshd -D $SSHD_OPTS +KillMode=process +Restart=on-failure +RestartSec=42s + +[Install] +WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/openssh/openssh/sshd.socket b/meta/recipes-connectivity/openssh/openssh/sshd.socket index 12c39b26b5..7dd2ed0626 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd.socket +++ b/meta/recipes-connectivity/openssh/openssh/sshd.socket @@ -1,5 +1,7 @@ [Unit] Conflicts=sshd.service +Wants=sshdgenkeys.service +After=nss-user-lookup.target [Socket] ExecStartPre=@BASE_BINDIR@/mkdir -p /var/run/sshd diff --git a/meta/recipes-connectivity/openssh/openssh/sshd@.service b/meta/recipes-connectivity/openssh/openssh/sshd@.service index 9d83dfb2bb..9d9965e624 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd@.service +++ b/meta/recipes-connectivity/openssh/openssh/sshd@.service @@ -1,13 +1,10 @@ [Unit] Description=OpenSSH Per-Connection Daemon -Wants=sshdgenkeys.service After=sshdgenkeys.service [Service] Environment="SSHD_OPTS=" EnvironmentFile=-/etc/default/ssh ExecStart=-@SBINDIR@/sshd -i $SSHD_OPTS -ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID StandardInput=socket -StandardError=syslog KillMode=process diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys index 1931dc7153..606d1894b5 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys +++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys @@ -6,6 +6,7 @@ generate_key() { local DIR="$(dirname "$FILE")" mkdir -p "$DIR" + rm -f ${FILE}.tmp ssh-keygen -q -f "${FILE}.tmp" -N '' -t $TYPE # Atomically rename file public key @@ -56,8 +57,7 @@ while true ; do esac done -HOST_KEYS=$(sed -n 's/^[ \t]*HostKey[ \t]\+\(.*\)/\1/p' "${sshd_config}") -[ -z "${HOST_KEYS}" ] && HOST_KEYS="$SYSCONFDIR/ssh_host_rsa_key $SYSCONFDIR/ssh_host_ecdsa_key $SYSCONFDIR/ssh_host_ed25519_key" +HOST_KEYS=$(sshd -G -f "${sshd_config}" | grep -i '^hostkey ' | cut -f2 -d' ') for key in ${HOST_KEYS} ; do [ -f $key ] && continue diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index 15f061b570..e9eaf93157 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $ +# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -10,6 +10,8 @@ # possible, but leave them commented. Uncommented options override the # default value. +Include /etc/ssh/sshd_config.d/*.conf + #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 @@ -57,9 +59,9 @@ AuthorizedKeysFile .ssh/authorized_keys #PasswordAuthentication yes #PermitEmptyPasswords no -# Change to yes to enable challenge-response passwords (beware issues with -# some PAM modules and threads) -ChallengeResponseAuthentication no +# Change to yes to enable keyboard-interactive authentication (beware issues +# with some PAM modules and threads) +KbdInteractiveAuthentication no # Kerberos options #KerberosAuthentication no @@ -73,13 +75,13 @@ ChallengeResponseAuthentication no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and +# be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass +# PAM authentication via KbdInteractiveAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. +# and KbdInteractiveAuthentication to 'no'. #UsePAM no #AllowAgentForwarding yes @@ -92,7 +94,6 @@ ChallengeResponseAuthentication no #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes -#UseLogin no #PermitUserEnvironment no Compression no ClientAliveInterval 15 diff --git a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service index 603c33787f..fd81793d51 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service +++ b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service @@ -6,3 +6,4 @@ RequiresMountsFor=/var /run ExecStart=@LIBEXECDIR@/sshd_check_keys Type=oneshot RemainAfterExit=yes +Nice=10 diff --git a/meta/recipes-connectivity/openssh/openssh_8.1p1.bb b/meta/recipes-connectivity/openssh/openssh_8.1p1.bb deleted file mode 100644 index 024ebca402..0000000000 --- a/meta/recipes-connectivity/openssh/openssh_8.1p1.bb +++ /dev/null @@ -1,170 +0,0 @@ -SUMMARY = "A suite of security-related network utilities based on \ -the SSH protocol including the ssh client and sshd server" -DESCRIPTION = "Secure rlogin/rsh/rcp/telnet replacement (OpenSSH) \ -Ssh (Secure Shell) is a program for logging into a remote machine \ -and for executing commands on a remote machine." -HOMEPAGE = "http://www.openssh.com/" -SECTION = "console/network" -LICENSE = "BSD & ISC & MIT" -LIC_FILES_CHKSUM = "file://LICENCE;md5=18d9e5a8b3dd1790d73502f50426d4d3" - -DEPENDS = "zlib openssl virtual/crypt" -DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" - -SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \ - file://sshd_config \ - file://ssh_config \ - file://init \ - ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ - file://sshd.socket \ - file://sshd@.service \ - file://sshdgenkeys.service \ - file://volatiles.99_sshd \ - file://run-ptest \ - file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ - file://sshd_check_keys \ - file://add-test-support-for-busybox.patch \ - " -SRC_URI[md5sum] = "513694343631a99841e815306806edf0" -SRC_URI[sha256sum] = "02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff" - -PAM_SRC_URI = "file://sshd" - -inherit manpages useradd update-rc.d update-alternatives systemd - -USERADD_PACKAGES = "${PN}-sshd" -USERADD_PARAM_${PN}-sshd = "--system --no-create-home --home-dir /var/run/sshd --shell /bin/false --user-group sshd" -INITSCRIPT_PACKAGES = "${PN}-sshd" -INITSCRIPT_NAME_${PN}-sshd = "sshd" -INITSCRIPT_PARAMS_${PN}-sshd = "defaults 9" - -SYSTEMD_PACKAGES = "${PN}-sshd" -SYSTEMD_SERVICE_${PN}-sshd = "sshd.socket" - -inherit autotools-brokensep ptest - -PACKAGECONFIG ??= "" -PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" -PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns" -PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit" -PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat" - -EXTRA_AUTORECONF += "--exclude=aclocal" - -# login path is hardcoded in sshd -EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \ - ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \ - --without-zlib-version-check \ - --with-privsep-path=${localstatedir}/run/sshd \ - --sysconfdir=${sysconfdir}/ssh \ - --with-xauth=${bindir}/xauth \ - --disable-strip \ - " - -# musl doesn't implement wtmp/utmp -EXTRA_OECONF_append_libc-musl = " --disable-wtmp" - -# Since we do not depend on libbsd, we do not want configure to use it -# just because it finds libutil.h. But, specifying --disable-libutil -# causes compile errors, so... -CACHED_CONFIGUREVARS += "ac_cv_header_bsd_libutil_h=no ac_cv_header_libutil_h=no" - -# passwd path is hardcoded in sshd -CACHED_CONFIGUREVARS += "ac_cv_path_PATH_PASSWD_PROG=${bindir}/passwd" - -# We don't want to depend on libblockfile -CACHED_CONFIGUREVARS += "ac_cv_header_maillock_h=no" - -do_configure_prepend () { - export LD="${CC}" - install -m 0644 ${WORKDIR}/sshd_config ${B}/ - install -m 0644 ${WORKDIR}/ssh_config ${B}/ -} - -do_compile_ptest() { - # skip regress/unittests/ binaries: this will silently skip - # unittests in run-ptests which is good because they are so slow. - oe_runmake regress/modpipe regress/setuid-allowed regress/netcat \ - regress/check-perm regress/mkdtemp -} - -do_install_append () { - if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then - install -D -m 0644 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd - sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config - fi - - if [ "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" ]; then - sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' ${D}${sysconfdir}/ssh/sshd_config - fi - - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd - rm -f ${D}${bindir}/slogin ${D}${datadir}/Ssh.bin - rmdir ${D}${localstatedir}/run/sshd ${D}${localstatedir}/run ${D}${localstatedir} - install -d ${D}/${sysconfdir}/default/volatiles - install -m 644 ${WORKDIR}/volatiles.99_sshd ${D}/${sysconfdir}/default/volatiles/99_sshd - install -m 0755 ${S}/contrib/ssh-copy-id ${D}${bindir} - - # Create config files for read-only rootfs - install -d ${D}${sysconfdir}/ssh - install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly - sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly - echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly - echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly - echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly - - install -d ${D}${systemd_unitdir}/system - install -c -m 0644 ${WORKDIR}/sshd.socket ${D}${systemd_unitdir}/system - install -c -m 0644 ${WORKDIR}/sshd@.service ${D}${systemd_unitdir}/system - install -c -m 0644 ${WORKDIR}/sshdgenkeys.service ${D}${systemd_unitdir}/system - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ - -e 's,@SBINDIR@,${sbindir},g' \ - -e 's,@BINDIR@,${bindir},g' \ - -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ - ${D}${systemd_unitdir}/system/sshd.socket ${D}${systemd_unitdir}/system/*.service - - sed -i -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ - ${D}${sysconfdir}/init.d/sshd - - install -D -m 0755 ${WORKDIR}/sshd_check_keys ${D}${libexecdir}/${BPN}/sshd_check_keys -} - -do_install_ptest () { - sed -i -e "s|^SFTPSERVER=.*|SFTPSERVER=${libexecdir}/sftp-server|" regress/test-exec.sh - cp -r regress ${D}${PTEST_PATH} -} - -ALLOW_EMPTY_${PN} = "1" - -PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server" -FILES_${PN}-scp = "${bindir}/scp.${BPN}" -FILES_${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config" -FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${systemd_unitdir}/system" -FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd" -FILES_${PN}-sshd += "${libexecdir}/${BPN}/sshd_check_keys" -FILES_${PN}-sftp = "${bindir}/sftp" -FILES_${PN}-sftp-server = "${libexecdir}/sftp-server" -FILES_${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" -FILES_${PN}-keygen = "${bindir}/ssh-keygen" - -RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" -RDEPENDS_${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" -RRECOMMENDS_${PN}-sshd_append_class-target = " rng-tools" -# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies -RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils" - -RPROVIDES_${PN}-ssh = "ssh" -RPROVIDES_${PN}-sshd = "sshd" - -RCONFLICTS_${PN} = "dropbear" -RCONFLICTS_${PN}-sshd = "dropbear" - -CONFFILES_${PN}-sshd = "${sysconfdir}/ssh/sshd_config" -CONFFILES_${PN}-ssh = "${sysconfdir}/ssh/ssh_config" - -ALTERNATIVE_PRIORITY = "90" -ALTERNATIVE_${PN}-scp = "scp" -ALTERNATIVE_${PN}-ssh = "ssh" - -BBCLASSEXTEND += "nativesdk" diff --git a/meta/recipes-connectivity/openssh/openssh_9.8p1.bb b/meta/recipes-connectivity/openssh/openssh_9.8p1.bb new file mode 100644 index 0000000000..83145dbd18 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh_9.8p1.bb @@ -0,0 +1,225 @@ +SUMMARY = "A suite of security-related network utilities based on \ +the SSH protocol including the ssh client and sshd server" +DESCRIPTION = "Secure rlogin/rsh/rcp/telnet replacement (OpenSSH) \ +Ssh (Secure Shell) is a program for logging into a remote machine \ +and for executing commands on a remote machine." +HOMEPAGE = "http://www.openssh.com/" +SECTION = "console/network" +LICENSE = "BSD-2-Clause & BSD-3-Clause & ISC & MIT" +LIC_FILES_CHKSUM = "file://LICENCE;md5=072979064e691d342002f43cd89c0394" + +DEPENDS = "zlib openssl virtual/crypt" +DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" + +SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \ + file://sshd_config \ + file://ssh_config \ + file://init \ + ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ + file://sshd.service \ + file://sshd.socket \ + file://sshd@.service \ + file://sshdgenkeys.service \ + file://volatiles.99_sshd \ + file://run-ptest \ + file://sshd_check_keys \ + file://0001-Cast-to-sockaddr-in-systemd-interface.patch \ + file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ + file://0001-regress-test-exec-use-the-absolute-path-in-the-SSH-e.patch \ + " +SRC_URI[sha256sum] = "dd8bd002a379b5d499dfb050dd1fa9af8029e80461f4bb6c523c49973f5a39f3" + +CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here." + +# This CVE is specific to OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 +# and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded +CVE_STATUS[CVE-2014-9278] = "not-applicable-platform: This CVE is specific to OpenSSH server, as used in Fedora and \ +Red Hat Enterprise Linux 7 and when running in a Kerberos environment" + +CVE_STATUS[CVE-2008-3844] = "not-applicable-platform: Only applies to some distributed RHEL binaries." +CVE_STATUS[CVE-2023-51767] = "upstream-wontfix: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1." + +PAM_SRC_URI = "file://sshd" + +inherit manpages useradd update-rc.d update-alternatives systemd + +USERADD_PACKAGES = "${PN}-sshd" +USERADD_PARAM:${PN}-sshd = "--system --no-create-home --home-dir /var/run/sshd --shell /bin/false --user-group sshd" +INITSCRIPT_PACKAGES = "${PN}-sshd" +INITSCRIPT_NAME:${PN}-sshd = "sshd" +INITSCRIPT_PARAMS:${PN}-sshd = "defaults 9" + +SYSTEMD_PACKAGES = "${PN}-sshd" +SYSTEMD_SERVICE:${PN}-sshd = "${@bb.utils.contains('PACKAGECONFIG','systemd-sshd-socket-mode','sshd.socket', '', d)} ${@bb.utils.contains('PACKAGECONFIG','systemd-sshd-service-mode','sshd.service', '', d)}" + +inherit autotools-brokensep ptest pkgconfig + +# systemd-sshd-socket-mode means installing sshd.socket +# and systemd-sshd-service-mode corresponding to sshd.service +PACKAGECONFIG ??= "systemd-sshd-socket-mode hostkey-ecdsa" +PACKAGECONFIG[fido2] = "--with-security-key-builtin,--disable-security-key,libfido2" +PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" +PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns" +PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit" +PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat" +PACKAGECONFIG[systemd-sshd-socket-mode] = "" +PACKAGECONFIG[systemd-sshd-service-mode] = "" +PACKAGECONFIG[hostkey-rsa] = "" +PACKAGECONFIG[hostkey-ecdsa] = "" +PACKAGECONFIG[hostkey-ed25519] = "" + +EXTRA_AUTORECONF += "--exclude=aclocal" + +# login path is hardcoded in sshd +EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \ + ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \ + --without-zlib-version-check \ + --with-privsep-path=${localstatedir}/run/sshd \ + --sysconfdir=${sysconfdir}/ssh \ + --with-xauth=${bindir}/xauth \ + --disable-strip \ + " + +# musl doesn't implement wtmp/utmp and logwtmp +EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog" + +# Work around ICE on mips/mips64 starting in 9.6p1 +EXTRA_OECONF:append:mips = " --without-hardening" +EXTRA_OECONF:append:mips64 = " --without-hardening" + +# Work around ICE on powerpc64le starting in 9.6p1 +EXTRA_OECONF:append:powerpc64le = " --without-hardening" + +# Since we do not depend on libbsd, we do not want configure to use it +# just because it finds libutil.h. But, specifying --disable-libutil +# causes compile errors, so... +CACHED_CONFIGUREVARS += "ac_cv_header_bsd_libutil_h=no ac_cv_header_libutil_h=no" + +# passwd path is hardcoded in sshd +CACHED_CONFIGUREVARS += "ac_cv_path_PATH_PASSWD_PROG=${bindir}/passwd" + +# We don't want to depend on libblockfile +CACHED_CONFIGUREVARS += "ac_cv_header_maillock_h=no" + +do_configure:prepend () { + export LD="${CC}" + install -m 0644 ${UNPACKDIR}/sshd_config ${B}/ + install -m 0644 ${UNPACKDIR}/ssh_config ${B}/ +} + +do_compile_ptest() { + oe_runmake regress-binaries regress-unit-binaries +} + +sshd_hostkey_setup() { + # Enable specific ssh host keys + sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config + if ${@bb.utils.contains('PACKAGECONFIG','hostkey-rsa','true','false',d)}; then + echo "HostKey /etc/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config + fi + if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ecdsa','true','false',d)}; then + echo "HostKey /etc/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config + fi + if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ed25519','true','false',d)}; then + echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config + fi + + sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly + if ${@bb.utils.contains('PACKAGECONFIG','hostkey-rsa','true','false',d)}; then + echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly + fi + if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ecdsa','true','false',d)}; then + echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly + fi + if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ed25519','true','false',d)}; then + echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly + fi +} + +do_install:append () { + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then + install -D -m 0644 ${UNPACKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd + sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config + fi + + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" ]; then + sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' ${D}${sysconfdir}/ssh/sshd_config + fi + + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${UNPACKDIR}/init ${D}${sysconfdir}/init.d/sshd + rm -f ${D}${bindir}/slogin ${D}${datadir}/Ssh.bin + rmdir ${D}${localstatedir}/run/sshd ${D}${localstatedir}/run ${D}${localstatedir} + install -d ${D}/${sysconfdir}/default/volatiles + install -m 644 ${UNPACKDIR}/volatiles.99_sshd ${D}/${sysconfdir}/default/volatiles/99_sshd + install -m 0755 ${S}/contrib/ssh-copy-id ${D}${bindir} + + # Create config files for read-only rootfs + install -d ${D}${sysconfdir}/ssh + install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly + + install -d ${D}${systemd_system_unitdir} + if ${@bb.utils.contains('PACKAGECONFIG','systemd-sshd-socket-mode','true','false',d)}; then + install -c -m 0644 ${UNPACKDIR}/sshd.socket ${D}${systemd_system_unitdir} + install -c -m 0644 ${UNPACKDIR}/sshd@.service ${D}${systemd_system_unitdir} + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + -e 's,@BINDIR@,${bindir},g' \ + -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ + ${D}${systemd_system_unitdir}/sshd.socket + fi + if ${@bb.utils.contains('PACKAGECONFIG','systemd-sshd-service-mode','true','false',d)}; then + install -c -m 0644 ${UNPACKDIR}/sshd.service ${D}${systemd_system_unitdir} + fi + install -c -m 0644 ${UNPACKDIR}/sshdgenkeys.service ${D}${systemd_system_unitdir} + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + -e 's,@BINDIR@,${bindir},g' \ + -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ + ${D}${systemd_system_unitdir}/*.service + + sed -i -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ + ${D}${sysconfdir}/init.d/sshd + + install -D -m 0755 ${UNPACKDIR}/sshd_check_keys ${D}${libexecdir}/${BPN}/sshd_check_keys + sshd_hostkey_setup +} + +do_install_ptest () { + sed -i -e "s|^SFTPSERVER=.*|SFTPSERVER=${libexecdir}/sftp-server|" regress/test-exec.sh + cp -r regress ${D}${PTEST_PATH} + cp config.h ${D}${PTEST_PATH} +} + +ALLOW_EMPTY:${PN} = "1" + +PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server" +FILES:${PN}-scp = "${bindir}/scp.${BPN}" +FILES:${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config" +FILES:${PN}-sshd = "${sbindir}/sshd ${libexecdir}/sshd-session ${sysconfdir}/init.d/sshd ${systemd_system_unitdir}" +FILES:${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd" +FILES:${PN}-sshd += "${libexecdir}/${BPN}/sshd_check_keys" +FILES:${PN}-sftp = "${bindir}/sftp" +FILES:${PN}-sftp-server = "${libexecdir}/sftp-server" +FILES:${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" +FILES:${PN}-keygen = "${bindir}/ssh-keygen" + +RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen ${PN}-sftp-server" +RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" +# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies +RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed coreutils openssl-bin" + +RPROVIDES:${PN}-ssh = "ssh" +RPROVIDES:${PN}-sshd = "sshd" + +RCONFLICTS:${PN} = "dropbear" +RCONFLICTS:${PN}-sshd = "dropbear" + +CONFFILES:${PN}-sshd = "${sysconfdir}/ssh/sshd_config" +CONFFILES:${PN}-ssh = "${sysconfdir}/ssh/ssh_config" + +ALTERNATIVE_PRIORITY = "90" +ALTERNATIVE:${PN}-scp = "scp" +ALTERNATIVE:${PN}-ssh = "ssh" + +BBCLASSEXTEND += "nativesdk" diff --git a/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh b/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh index b9cc24a7ac..f90088aab7 100644 --- a/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh +++ b/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh @@ -1 +1,6 @@ export OPENSSL_CONF="$OECORE_NATIVE_SYSROOT/usr/lib/ssl/openssl.cnf" +export SSL_CERT_DIR="$OECORE_NATIVE_SYSROOT/usr/lib/ssl/certs" +export SSL_CERT_FILE="$OECORE_NATIVE_SYSROOT/usr/lib/ssl/certs/ca-certificates.crt" +export OPENSSL_MODULES="$OECORE_NATIVE_SYSROOT/usr/lib/ossl-modules/" +export OPENSSL_ENGINES="$OECORE_NATIVE_SYSROOT/usr/lib/engines-3" +export BB_ENV_PASSTHROUGH_ADDITIONS="$BB_ENV_PASSTHROUGH_ADDITIONS SSL_CERT_DIR SSL_CERT_FILE OPENSSL_CONF OPENSSL_MODULES OPENSSL_ENGINES" diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch b/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch new file mode 100644 index 0000000000..aa2e5bb800 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch @@ -0,0 +1,374 @@ +From 5ba65051fea0513db0d997f0ab7cafb9826ed74a Mon Sep 17 00:00:00 2001 +From: William Lyu <William.Lyu@windriver.com> +Date: Fri, 20 Oct 2023 16:22:37 -0400 +Subject: [PATCH] Added handshake history reporting when test fails + +Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/22481] + +Signed-off-by: William Lyu <William.Lyu@windriver.com> +--- + test/helpers/handshake.c | 139 +++++++++++++++++++++++++++++---------- + test/helpers/handshake.h | 70 +++++++++++++++++++- + test/ssl_test.c | 44 +++++++++++++ + 3 files changed, 218 insertions(+), 35 deletions(-) + +diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c +index e0422469e4..ae2ad59dd4 100644 +--- a/test/helpers/handshake.c ++++ b/test/helpers/handshake.c +@@ -1,5 +1,5 @@ + /* +- * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy +@@ -24,6 +24,102 @@ + #include <netinet/sctp.h> + #endif + ++/* Shamelessly copied from test/helpers/ssl_test_ctx.c */ ++/* Maps string names to various enumeration type */ ++typedef struct { ++ const char *name; ++ int value; ++} enum_name_map; ++ ++static const enum_name_map connect_phase_names[] = { ++ {"Handshake", HANDSHAKE}, ++ {"RenegAppData", RENEG_APPLICATION_DATA}, ++ {"RenegSetup", RENEG_SETUP}, ++ {"RenegHandshake", RENEG_HANDSHAKE}, ++ {"AppData", APPLICATION_DATA}, ++ {"Shutdown", SHUTDOWN}, ++ {"ConnectionDone", CONNECTION_DONE} ++}; ++ ++static const enum_name_map peer_status_names[] = { ++ {"PeerSuccess", PEER_SUCCESS}, ++ {"PeerRetry", PEER_RETRY}, ++ {"PeerError", PEER_ERROR}, ++ {"PeerWaiting", PEER_WAITING}, ++ {"PeerTestFail", PEER_TEST_FAILURE} ++}; ++ ++static const enum_name_map handshake_status_names[] = { ++ {"HandshakeSuccess", HANDSHAKE_SUCCESS}, ++ {"ClientError", CLIENT_ERROR}, ++ {"ServerError", SERVER_ERROR}, ++ {"InternalError", INTERNAL_ERROR}, ++ {"HandshakeRetry", HANDSHAKE_RETRY} ++}; ++ ++/* Shamelessly copied from test/helpers/ssl_test_ctx.c */ ++static const char *enum_name(const enum_name_map *enums, size_t num_enums, ++ int value) ++{ ++ size_t i; ++ for (i = 0; i < num_enums; i++) { ++ if (enums[i].value == value) { ++ return enums[i].name; ++ } ++ } ++ return "InvalidValue"; ++} ++ ++const char *handshake_connect_phase_name(connect_phase_t phase) ++{ ++ return enum_name(connect_phase_names, OSSL_NELEM(connect_phase_names), ++ (int)phase); ++} ++ ++const char *handshake_status_name(handshake_status_t handshake_status) ++{ ++ return enum_name(handshake_status_names, OSSL_NELEM(handshake_status_names), ++ (int)handshake_status); ++} ++ ++const char *handshake_peer_status_name(peer_status_t peer_status) ++{ ++ return enum_name(peer_status_names, OSSL_NELEM(peer_status_names), ++ (int)peer_status); ++} ++ ++static void save_loop_history(HANDSHAKE_HISTORY *history, ++ connect_phase_t phase, ++ handshake_status_t handshake_status, ++ peer_status_t server_status, ++ peer_status_t client_status, ++ int client_turn_count, ++ int is_client_turn) ++{ ++ HANDSHAKE_HISTORY_ENTRY *new_entry = NULL; ++ ++ /* ++ * Create a new history entry for a handshake loop with statuses given in ++ * the arguments. Potentially evicting the oldest entry when the ++ * ring buffer is full. ++ */ ++ ++(history->last_idx); ++ history->last_idx &= MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK; ++ ++ new_entry = &((history->entries)[history->last_idx]); ++ new_entry->phase = phase; ++ new_entry->handshake_status = handshake_status; ++ new_entry->server_status = server_status; ++ new_entry->client_status = client_status; ++ new_entry->client_turn_count = client_turn_count; ++ new_entry->is_client_turn = is_client_turn; ++ ++ /* Evict the oldest handshake loop entry when the ring buffer is full. */ ++ if (history->entry_count < MAX_HANDSHAKE_HISTORY_ENTRY) { ++ ++(history->entry_count); ++ } ++} ++ + HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void) + { + HANDSHAKE_RESULT *ret; +@@ -719,15 +815,6 @@ static void configure_handshake_ssl(SSL *server, SSL *client, + SSL_set_post_handshake_auth(client, 1); + } + +-/* The status for each connection phase. */ +-typedef enum { +- PEER_SUCCESS, +- PEER_RETRY, +- PEER_ERROR, +- PEER_WAITING, +- PEER_TEST_FAILURE +-} peer_status_t; +- + /* An SSL object and associated read-write buffers. */ + typedef struct peer_st { + SSL *ssl; +@@ -1074,17 +1161,6 @@ static void do_shutdown_step(PEER *peer) + } + } + +-typedef enum { +- HANDSHAKE, +- RENEG_APPLICATION_DATA, +- RENEG_SETUP, +- RENEG_HANDSHAKE, +- APPLICATION_DATA, +- SHUTDOWN, +- CONNECTION_DONE +-} connect_phase_t; +- +- + static int renegotiate_op(const SSL_TEST_CTX *test_ctx) + { + switch (test_ctx->handshake_mode) { +@@ -1162,19 +1238,6 @@ static void do_connect_step(const SSL_TEST_CTX *test_ctx, PEER *peer, + } + } + +-typedef enum { +- /* Both parties succeeded. */ +- HANDSHAKE_SUCCESS, +- /* Client errored. */ +- CLIENT_ERROR, +- /* Server errored. */ +- SERVER_ERROR, +- /* Peers are in inconsistent state. */ +- INTERNAL_ERROR, +- /* One or both peers not done. */ +- HANDSHAKE_RETRY +-} handshake_status_t; +- + /* + * Determine the handshake outcome. + * last_status: the status of the peer to have acted last. +@@ -1539,6 +1602,10 @@ static HANDSHAKE_RESULT *do_handshake_internal( + + start = time(NULL); + ++ save_loop_history(&(ret->history), ++ phase, status, server.status, client.status, ++ client_turn_count, client_turn); ++ + /* + * Half-duplex handshake loop. + * Client and server speak to each other synchronously in the same process. +@@ -1560,6 +1627,10 @@ static HANDSHAKE_RESULT *do_handshake_internal( + 0 /* server went last */); + } + ++ save_loop_history(&(ret->history), ++ phase, status, server.status, client.status, ++ client_turn_count, client_turn); ++ + switch (status) { + case HANDSHAKE_SUCCESS: + client_turn_count = 0; +diff --git a/test/helpers/handshake.h b/test/helpers/handshake.h +index 78b03f9f4b..b9967c2623 100644 +--- a/test/helpers/handshake.h ++++ b/test/helpers/handshake.h +@@ -1,5 +1,5 @@ + /* +- * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy +@@ -12,6 +12,11 @@ + + #include "ssl_test_ctx.h" + ++#define MAX_HANDSHAKE_HISTORY_ENTRY_BIT 4 ++#define MAX_HANDSHAKE_HISTORY_ENTRY (1 << MAX_HANDSHAKE_HISTORY_ENTRY_BIT) ++#define MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK \ ++ ((1 << MAX_HANDSHAKE_HISTORY_ENTRY_BIT) - 1) ++ + typedef struct ctx_data_st { + unsigned char *npn_protocols; + size_t npn_protocols_len; +@@ -22,6 +27,63 @@ typedef struct ctx_data_st { + char *session_ticket_app_data; + } CTX_DATA; + ++typedef enum { ++ HANDSHAKE, ++ RENEG_APPLICATION_DATA, ++ RENEG_SETUP, ++ RENEG_HANDSHAKE, ++ APPLICATION_DATA, ++ SHUTDOWN, ++ CONNECTION_DONE ++} connect_phase_t; ++ ++/* The status for each connection phase. */ ++typedef enum { ++ PEER_SUCCESS, ++ PEER_RETRY, ++ PEER_ERROR, ++ PEER_WAITING, ++ PEER_TEST_FAILURE ++} peer_status_t; ++ ++typedef enum { ++ /* Both parties succeeded. */ ++ HANDSHAKE_SUCCESS, ++ /* Client errored. */ ++ CLIENT_ERROR, ++ /* Server errored. */ ++ SERVER_ERROR, ++ /* Peers are in inconsistent state. */ ++ INTERNAL_ERROR, ++ /* One or both peers not done. */ ++ HANDSHAKE_RETRY ++} handshake_status_t; ++ ++/* Stores the various status information in a handshake loop. */ ++typedef struct handshake_history_entry_st { ++ connect_phase_t phase; ++ handshake_status_t handshake_status; ++ peer_status_t server_status; ++ peer_status_t client_status; ++ int client_turn_count; ++ int is_client_turn; ++} HANDSHAKE_HISTORY_ENTRY; ++ ++typedef struct handshake_history_st { ++ /* Implemented using ring buffer. */ ++ /* ++ * The valid entries are |entries[last_idx]|, |entries[last_idx-1]|, ++ * ..., etc., going up to |entry_count| number of entries. Note that when ++ * the index into the array |entries| becomes < 0, we wrap around to ++ * the end of |entries|. ++ */ ++ HANDSHAKE_HISTORY_ENTRY entries[MAX_HANDSHAKE_HISTORY_ENTRY]; ++ /* The number of valid entries in |entries| array. */ ++ size_t entry_count; ++ /* The index of the last valid entry in the |entries| array. */ ++ size_t last_idx; ++} HANDSHAKE_HISTORY; ++ + typedef struct handshake_result { + ssl_test_result_t result; + /* These alerts are in the 2-byte format returned by the info_callback. */ +@@ -77,6 +139,8 @@ typedef struct handshake_result { + char *cipher; + /* session ticket application data */ + char *result_session_ticket_app_data; ++ /* handshake loop history */ ++ HANDSHAKE_HISTORY history; + } HANDSHAKE_RESULT; + + HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void); +@@ -95,4 +159,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, + CTX_DATA *server2_ctx_data, + CTX_DATA *client_ctx_data); + ++const char *handshake_connect_phase_name(connect_phase_t phase); ++const char *handshake_status_name(handshake_status_t handshake_status); ++const char *handshake_peer_status_name(peer_status_t peer_status); ++ + #endif /* OSSL_TEST_HANDSHAKE_HELPER_H */ +diff --git a/test/ssl_test.c b/test/ssl_test.c +index ea608518f9..9d6b093c81 100644 +--- a/test/ssl_test.c ++++ b/test/ssl_test.c +@@ -26,6 +26,44 @@ static OSSL_LIB_CTX *libctx = NULL; + /* Currently the section names are of the form test-<number>, e.g. test-15. */ + #define MAX_TESTCASE_NAME_LENGTH 100 + ++static void print_handshake_history(const HANDSHAKE_HISTORY *history) ++{ ++ size_t first_idx; ++ size_t i; ++ size_t cur_idx; ++ const HANDSHAKE_HISTORY_ENTRY *cur_entry; ++ const char header_template[] = "|%14s|%16s|%16s|%16s|%17s|%14s|"; ++ const char body_template[] = "|%14s|%16s|%16s|%16s|%17d|%14s|"; ++ ++ TEST_info("The following is the server/client state " ++ "in the most recent %d handshake loops.", ++ MAX_HANDSHAKE_HISTORY_ENTRY); ++ ++ TEST_note("==================================================" ++ "=================================================="); ++ TEST_note(header_template, ++ "phase", "handshake status", "server status", ++ "client status", "client turn count", "is client turn"); ++ TEST_note("+--------------+----------------+----------------" ++ "+----------------+-----------------+--------------+"); ++ ++ first_idx = (history->last_idx - history->entry_count + 1) & ++ MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK; ++ for (i = 0; i < history->entry_count; ++i) { ++ cur_idx = (first_idx + i) & MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK; ++ cur_entry = &(history->entries)[cur_idx]; ++ TEST_note(body_template, ++ handshake_connect_phase_name(cur_entry->phase), ++ handshake_status_name(cur_entry->handshake_status), ++ handshake_peer_status_name(cur_entry->server_status), ++ handshake_peer_status_name(cur_entry->client_status), ++ cur_entry->client_turn_count, ++ cur_entry->is_client_turn ? "true" : "false"); ++ } ++ TEST_note("==================================================" ++ "=================================================="); ++} ++ + static const char *print_alert(int alert) + { + return alert ? SSL_alert_desc_string_long(alert) : "no alert"; +@@ -388,6 +426,12 @@ static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) + ret &= check_client_sign_type(result, test_ctx); + ret &= check_client_ca_names(result, test_ctx); + } ++ ++ /* Print handshake loop history if any check fails. */ ++ if (!ret) { ++ print_handshake_history(&(result->history)); ++ } ++ + return ret; + } + +-- +2.25.1 + diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch b/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch new file mode 100644 index 0000000000..502a7aaf32 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch @@ -0,0 +1,39 @@ +From 0377f0d5b5c1079e3b9a80881f4dcc891cbe9f9a Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex@linutronix.de> +Date: Tue, 30 May 2023 09:11:27 -0700 +Subject: [PATCH] Configure: do not tweak mips cflags + +This conflicts with mips machine definitons from yocto, +e.g. +| Error: -mips3 conflicts with the other architecture options, which imply -mips64r2 + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin <alex@linutronix.de> + +Refreshed for openssl-3.1.1 +Signed-off-by: Tim Orling <tim.orling@konsulko.com> +--- + Configure | 10 ---------- + 1 file changed, 10 deletions(-) + +diff --git a/Configure b/Configure +index 4569952..adf019b 100755 +--- a/Configure ++++ b/Configure +@@ -1422,16 +1422,6 @@ if ($target =~ /^mingw/ && `$config{CC} --target-help 2>&1` =~ m/-mno-cygwin/m) + push @{$config{shared_ldflag}}, "-mno-cygwin"; + } + +-if ($target =~ /linux.*-mips/ && !$disabled{asm} +- && !grep { $_ =~ /-m(ips|arch=)/ } (@{$config{CFLAGS}})) { +- # minimally required architecture flags for assembly modules +- my $value; +- $value = '-mips2' if ($target =~ /mips32/); +- $value = '-mips3' if ($target =~ /mips64/); +- unshift @{$config{cflags}}, $value; +- unshift @{$config{cxxflags}}, $value if $config{CXX}; +-} +- + # If threads aren't disabled, check how possible they are + unless ($disabled{threads}) { + if ($auto_threads) { diff --git a/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch b/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch index 949c788344..bafdbaa46f 100644 --- a/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch +++ b/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch @@ -1,4 +1,4 @@ -From 3e1d00481093e10775eaf69d619c45b32a4aa7dc Mon Sep 17 00:00:00 2001 +From 5985253f2c9025d7c127443a3a9938946f80c2a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Hundeb=C3=B8ll?= <martin@geanix.com> Date: Tue, 6 Nov 2018 14:50:47 +0100 Subject: [PATCH] buildinfo: strip sysroot and debug-prefix-map from compiler @@ -21,20 +21,24 @@ https://patchwork.openembedded.org/patch/147229/ Upstream-Status: Inappropriate [OE specific] Signed-off-by: Martin Hundebøll <martin@geanix.com> - Update to fix buildpaths qa issue for '-fmacro-prefix-map'. Signed-off-by: Kai Kang <kai.kang@windriver.com> + +Update to fix buildpaths qa issue for '-ffile-prefix-map'. + +Signed-off-by: Khem Raj <raj.khem@gmail.com> + --- - Configurations/unix-Makefile.tmpl | 10 +++++++++- + Configurations/unix-Makefile.tmpl | 12 +++++++++++- crypto/build.info | 2 +- - 2 files changed, 10 insertions(+), 2 deletions(-) + 2 files changed, 12 insertions(+), 2 deletions(-) -diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl -index 16af4d2087..54c162784c 100644 ---- a/Configurations/unix-Makefile.tmpl -+++ b/Configurations/unix-Makefile.tmpl -@@ -317,13 +317,22 @@ BIN_LDFLAGS={- join(' ', $target{bin_lflags} || (), +Index: openssl-3.0.4/Configurations/unix-Makefile.tmpl +=================================================================== +--- openssl-3.0.4.orig/Configurations/unix-Makefile.tmpl ++++ openssl-3.0.4/Configurations/unix-Makefile.tmpl +@@ -472,13 +472,23 @@ BIN_LDFLAGS={- join(' ', $target{bin_lfl '$(CNF_LDFLAGS)', '$(LDFLAGS)') -} BIN_EX_LIBS=$(CNF_EX_LIBS) $(EX_LIBS) @@ -49,6 +53,7 @@ index 16af4d2087..54c162784c 100644 +CFLAGS_Q={- for (@{$config{CFLAGS}}) { + s|-fdebug-prefix-map=[^ ]+|-fdebug-prefix-map=|g; + s|-fmacro-prefix-map=[^ ]+|-fmacro-prefix-map=|g; ++ s|-ffile-prefix-map=[^ ]+|-ffile-prefix-map=|g; + } + join(' ', @{$config{CFLAGS}}) -} + @@ -58,19 +63,16 @@ index 16af4d2087..54c162784c 100644 PERLASM_SCHEME= {- $target{perlasm_scheme} -} # For x86 assembler: Set PROCESSOR to 386 if you want to support -diff --git a/crypto/build.info b/crypto/build.info -index b515b7318e..8c9cee2a09 100644 ---- a/crypto/build.info -+++ b/crypto/build.info -@@ -10,7 +10,7 @@ EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ - ppccpuid.pl pariscid.pl alphacpuid.pl arm64cpuid.pl armv4cpuid.pl +Index: openssl-3.0.4/crypto/build.info +=================================================================== +--- openssl-3.0.4.orig/crypto/build.info ++++ openssl-3.0.4/crypto/build.info +@@ -109,7 +109,7 @@ DEFINE[../libcrypto]=$UPLINKDEF + DEPEND[info.o]=buildinf.h DEPEND[cversion.o]=buildinf.h -GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)" +GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC_Q) $(CFLAGS_Q) $(CPPFLAGS_Q)" "$(PLATFORM)" - DEPEND[buildinf.h]=../configdata.pm - GENERATE[uplink-x86.s]=../ms/uplink-x86.pl $(PERLASM_SCHEME) --- -2.19.1 - + GENERATE[uplink-x86.S]=../ms/uplink-x86.pl + GENERATE[uplink-x86_64.s]=../ms/uplink-x86_64.pl diff --git a/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch b/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch deleted file mode 100644 index d8d9651b64..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch +++ /dev/null @@ -1,46 +0,0 @@ -From a9401b2289656c5a36dd1b0ecebf0d23e291ce70 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Tue, 2 Oct 2018 23:58:24 +0800 -Subject: [PATCH] skip test_symbol_presence - -We cannot skip `01-test_symbol_presence.t' by configuring option `no-shared' -as INSTALL told us the shared libraries will not be built. - -[INSTALL snip] - Notes on shared libraries - ------------------------- - - For most systems the OpenSSL Configure script knows what is needed to - build shared libraries for libcrypto and libssl. On these systems - the shared libraries will be created by default. This can be suppressed and - only static libraries created by using the "no-shared" option. On systems - where OpenSSL does not know how to build shared libraries the "no-shared" - option will be forced and only static libraries will be created. -[INSTALL snip] - -Hence directly modification the case to skip it. - -Upstream-Status: Inappropriate [OE Specific] - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - test/recipes/01-test_symbol_presence.t | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t -index 7f2a2d7..0b93745 100644 ---- a/test/recipes/01-test_symbol_presence.t -+++ b/test/recipes/01-test_symbol_presence.t -@@ -14,8 +14,7 @@ use OpenSSL::Test::Utils; - - setup("test_symbol_presence"); - --plan skip_all => "Only useful when building shared libraries" -- if disabled("shared"); -+plan skip_all => "The case needs debug symbols then we just disable it"; - - my @libnames = ("crypto", "ssl"); - my $testcount = scalar @libnames; --- -2.7.4 - diff --git a/meta/recipes-connectivity/openssl/openssl/afalg.patch b/meta/recipes-connectivity/openssl/openssl/afalg.patch deleted file mode 100644 index b7c0e9697f..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/afalg.patch +++ /dev/null @@ -1,31 +0,0 @@ -Don't refuse to build afalgeng if cross-compiling or the host kernel is too old. - -Upstream-Status: Submitted [hhttps://github.com/openssl/openssl/pull/7688] -Signed-off-by: Ross Burton <ross.burton@intel.com> - -diff --git a/Configure b/Configure -index 3baa8ce..9ef52ed 100755 ---- a/Configure -+++ b/Configure -@@ -1550,20 +1550,7 @@ unless ($disabled{"crypto-mdebug-backtrace"}) - unless ($disabled{afalgeng}) { - $config{afalgeng}=""; - if (grep { $_ eq 'afalgeng' } @{$target{enable}}) { -- my $minver = 4*10000 + 1*100 + 0; -- if ($config{CROSS_COMPILE} eq "") { -- my $verstr = `uname -r`; -- my ($ma, $mi1, $mi2) = split("\\.", $verstr); -- ($mi2) = $mi2 =~ /(\d+)/; -- my $ver = $ma*10000 + $mi1*100 + $mi2; -- if ($ver < $minver) { -- disable('too-old-kernel', 'afalgeng'); -- } else { -- push @{$config{engdirs}}, "afalg"; -- } -- } else { -- disable('cross-compiling', 'afalgeng'); -- } -+ push @{$config{engdirs}}, "afalg"; - } else { - disable('not-linux', 'afalgeng'); - } diff --git a/meta/recipes-connectivity/openssl/openssl/run-ptest b/meta/recipes-connectivity/openssl/openssl/run-ptest index 3fb22471f8..cd29bb1446 100644 --- a/meta/recipes-connectivity/openssl/openssl/run-ptest +++ b/meta/recipes-connectivity/openssl/openssl/run-ptest @@ -1,12 +1,19 @@ #!/bin/sh -set -e +set -eu -# Optional arguments are 'list' to lists all tests, or the test name (base name -# ie test_evp, not 03_test_evp.t). +# Optional arguments are 'list' to lists the tests, or the test name (base name +# ie test_evp, not 03_test_evp.t). Without any arguments we run all tests. + +if test $# -gt 0; then + TESTS=$* +else + # Skip test_symbol_presence as this is for developers + TESTS="alltests -test_symbol_presence" +fi export TOP=. -# OPENSSL_ENGINES is relative from the test binaries -export OPENSSL_ENGINES=../engines +# Run four jobs in parallel +export HARNESS_JOBS=4 -perl ./test/run_tests.pl $* | perl -0pe 's#(.*) \.*.ok#PASS: \1#g; s#(.*) \.*.skipped: (.*)#SKIP: \1 (\2)#g; s#(.*) \.*.\nDubious#FAIL: \1#;' +{ perl ./test/run_tests.pl $TESTS || echo "FAIL: openssl" ; } | sed -u -r -e '/(.*) \.*.ok/ s/^/PASS: /g' -r -e '/Dubious(.*)/ s/^/FAIL: /g' -e '/(.*) \.*.skipped: (.*)/ s/^/SKIP: /g' diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb deleted file mode 100644 index f653e05acc..0000000000 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb +++ /dev/null @@ -1,208 +0,0 @@ -SUMMARY = "Secure Socket Layer" -DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." -HOMEPAGE = "http://www.openssl.org/" -BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" -SECTION = "libs/network" - -# "openssl" here actually means both OpenSSL and SSLeay licenses apply -# (see meta/files/common-licenses/OpenSSL to which "openssl" is SPDXLICENSEMAPped) -LICENSE = "openssl" -LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8" - -DEPENDS = "hostperl-runtime-native" - -SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ - file://run-ptest \ - file://0001-skip-test_symbol_presence.patch \ - file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ - file://afalg.patch \ - " - -SRC_URI_append_class-nativesdk = " \ - file://environment.d-openssl.sh \ - " - -SRC_URI[md5sum] = "3be209000dbc7e1b95bcdf47980a3baa" -SRC_URI[sha256sum] = "1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2" - -inherit lib_package multilib_header multilib_script ptest -MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" - -PACKAGECONFIG ?= "" -PACKAGECONFIG_class-native = "" -PACKAGECONFIG_class-nativesdk = "" - -PACKAGECONFIG[cryptodev-linux] = "enable-devcryptoeng,disable-devcryptoeng,cryptodev-linux" - -B = "${WORKDIR}/build" -do_configure[cleandirs] = "${B}" - -#| ./libcrypto.so: undefined reference to `getcontext' -#| ./libcrypto.so: undefined reference to `setcontext' -#| ./libcrypto.so: undefined reference to `makecontext' -EXTRA_OECONF_append_libc-musl = " no-async" -EXTRA_OECONF_append_libc-musl_powerpc64 = " no-asm" - -# adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions -# (native versions can be built with newer glibc, but then relocated onto a system with older glibc) -EXTRA_OECONF_class-native = "--with-rand-seed=os,devrandom" -EXTRA_OECONF_class-nativesdk = "--with-rand-seed=os,devrandom" - -# Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. -CFLAGS_append_class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" -CFLAGS_append_class-nativesdk = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" - -do_configure () { - os=${HOST_OS} - case $os in - linux-gnueabi |\ - linux-gnuspe |\ - linux-musleabi |\ - linux-muslspe |\ - linux-musl ) - os=linux - ;; - *) - ;; - esac - target="$os-${HOST_ARCH}" - case $target in - linux-arm*) - target=linux-armv4 - ;; - linux-aarch64*) - target=linux-aarch64 - ;; - linux-i?86 | linux-viac3) - target=linux-x86 - ;; - linux-gnux32-x86_64 | linux-muslx32-x86_64 ) - target=linux-x32 - ;; - linux-gnu64-x86_64) - target=linux-x86_64 - ;; - linux-mips | linux-mipsel) - # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags - target="linux-mips32 ${TARGET_CC_ARCH}" - ;; - linux-gnun32-mips*) - target=linux-mips64 - ;; - linux-*-mips64 | linux-mips64 | linux-*-mips64el | linux-mips64el) - target=linux64-mips64 - ;; - linux-microblaze* | linux-nios2* | linux-sh3 | linux-sh4 | linux-arc*) - target=linux-generic32 - ;; - linux-powerpc) - target=linux-ppc - ;; - linux-powerpc64) - target=linux-ppc64 - ;; - linux-riscv32) - target=linux-generic32 - ;; - linux-riscv64) - target=linux-generic64 - ;; - linux-sparc | linux-supersparc) - target=linux-sparcv9 - ;; - esac - - useprefix=${prefix} - if [ "x$useprefix" = "x" ]; then - useprefix=/ - fi - # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the - # environment variables set by bitbake. Adjust the environment variables instead. - PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \ - perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir} $target - perl ${B}/configdata.pm --dump -} - -do_install () { - oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install - - oe_multilib_header openssl/opensslconf.h - - # Create SSL structure for packages such as ca-certificates which - # contain hard-coded paths to /etc/ssl. Debian does the same. - install -d ${D}${sysconfdir}/ssl - mv ${D}${libdir}/ssl-1.1/certs \ - ${D}${libdir}/ssl-1.1/private \ - ${D}${libdir}/ssl-1.1/openssl.cnf \ - ${D}${sysconfdir}/ssl/ - - # Although absolute symlinks would be OK for the target, they become - # invalid if native or nativesdk are relocated from sstate. - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf -} - -do_install_append_class-native () { - create_wrapper ${D}${bindir}/openssl \ - OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \ - SSL_CERT_DIR=${libdir}/ssl-1.1/certs \ - SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \ - OPENSSL_ENGINES=${libdir}/engines-1.1 -} - -do_install_append_class-nativesdk () { - mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d - install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh - sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh -} - -PTEST_BUILD_HOST_FILES += "configdata.pm" -PTEST_BUILD_HOST_PATTERN = "perl_version =" -do_install_ptest () { - # Prune the build tree - rm -f ${B}/fuzz/*.* ${B}/test/*.* - - cp ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} - cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} - - # For test_shlibload - ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/ - ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/ - - install -d ${D}${PTEST_PATH}/apps - ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps - install -m644 ${S}/apps/*.pem ${S}/apps/*.srl ${S}/apps/openssl.cnf ${D}${PTEST_PATH}/apps - install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps - - install -d ${D}${PTEST_PATH}/engines - install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines -} - -# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto -# package RRECOMMENDS on this package. This will enable the configuration -# file to be installed for both the openssl-bin package and the libcrypto -# package since the openssl-bin package depends on the libcrypto package. - -PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc" - -FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" -FILES_libssl = "${libdir}/libssl${SOLIBS}" -FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" -FILES_${PN}-engines = "${libdir}/engines-1.1" -FILES_${PN}-misc = "${libdir}/ssl-1.1/misc" -FILES_${PN} =+ "${libdir}/ssl-1.1/*" -FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" - -CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" - -RRECOMMENDS_libcrypto += "openssl-conf" -RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash" - -BBCLASSEXTEND = "native nativesdk" - -CVE_PRODUCT = "openssl:openssl" - -# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37 -# Apache in meta-webserver is already recent enough -CVE_CHECK_WHITELIST += "CVE-2019-0190" diff --git a/meta/recipes-connectivity/openssl/openssl_3.3.1.bb b/meta/recipes-connectivity/openssl/openssl_3.3.1.bb new file mode 100644 index 0000000000..3bc0153429 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl_3.3.1.bb @@ -0,0 +1,269 @@ +SUMMARY = "Secure Socket Layer" +DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." +HOMEPAGE = "http://www.openssl.org/" +BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" +SECTION = "libs/network" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c75985e733726beaba57bc5253e96d04" + +SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ + file://run-ptest \ + file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ + file://0001-Configure-do-not-tweak-mips-cflags.patch \ + file://0001-Added-handshake-history-reporting-when-test-fails.patch \ + " + +SRC_URI:append:class-nativesdk = " \ + file://environment.d-openssl.sh \ + " + +SRC_URI[sha256sum] = "777cd596284c883375a2a7a11bf5d2786fc5413255efab20c50d6ffe6d020b7e" + +inherit lib_package multilib_header multilib_script ptest perlnative manpages +MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" + +PACKAGECONFIG ?= "" +PACKAGECONFIG:class-native = "" +PACKAGECONFIG:class-nativesdk = "" + +PACKAGECONFIG[cryptodev-linux] = "enable-devcryptoeng,disable-devcryptoeng,cryptodev-linux,,cryptodev-module" +PACKAGECONFIG[no-tls1] = "no-tls1" +PACKAGECONFIG[no-tls1_1] = "no-tls1_1" +PACKAGECONFIG[manpages] = "" + +B = "${WORKDIR}/build" +do_configure[cleandirs] = "${B}" + +EXTRA_OECONF = "${@bb.utils.contains('PTEST_ENABLED', '1', '', 'no-tests', d)}" + +#| ./libcrypto.so: undefined reference to `getcontext' +#| ./libcrypto.so: undefined reference to `setcontext' +#| ./libcrypto.so: undefined reference to `makecontext' +EXTRA_OECONF:append:libc-musl = " no-async" +EXTRA_OECONF:append:libc-musl:powerpc64 = " no-asm" + +# adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions +# (native versions can be built with newer glibc, but then relocated onto a system with older glibc) +EXTRA_OECONF:append:class-native = " --with-rand-seed=os,devrandom" +EXTRA_OECONF:append:class-nativesdk = " --with-rand-seed=os,devrandom" + +# Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. +CFLAGS:append:class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" +CFLAGS:append:class-nativesdk = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" + +# This allows disabling deprecated or undesirable crypto algorithms. +# The default is to trust upstream choices. +DEPRECATED_CRYPTO_FLAGS ?= "" + +do_configure () { + # When we upgrade glibc but not uninative we see obtuse failures in openssl. Make + # the issue really clear that perl isn't functional due to symbol mismatch issues. + cat <<- EOF > ${WORKDIR}/perltest + #!/usr/bin/env perl + use POSIX; + EOF + chmod a+x ${WORKDIR}/perltest + ${WORKDIR}/perltest + + os=${HOST_OS} + case $os in + linux-gnueabi |\ + linux-gnuspe |\ + linux-musleabi |\ + linux-muslspe |\ + linux-musl ) + os=linux + ;; + *) + ;; + esac + target="$os-${HOST_ARCH}" + case $target in + linux-arc | linux-microblaze*) + target=linux-latomic + ;; + linux-arm*) + target=linux-armv4 + ;; + linux-aarch64*) + target=linux-aarch64 + ;; + linux-i?86 | linux-viac3) + target=linux-x86 + ;; + linux-gnux32-x86_64 | linux-muslx32-x86_64 ) + target=linux-x32 + ;; + linux-gnu64-x86_64) + target=linux-x86_64 + ;; + linux-loongarch64) + target=linux64-loongarch64 + ;; + linux-mips | linux-mipsel) + # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags + target="linux-mips32 ${TARGET_CC_ARCH}" + ;; + linux-gnun32-mips*) + target=linux-mips64 + ;; + linux-*-mips64 | linux-mips64 | linux-*-mips64el | linux-mips64el) + target=linux64-mips64 + ;; + linux-nios2* | linux-sh3 | linux-sh4 | linux-arc*) + target=linux-generic32 + ;; + linux-powerpc) + target=linux-ppc + ;; + linux-powerpc64) + target=linux-ppc64 + ;; + linux-powerpc64le) + target=linux-ppc64le + ;; + linux-riscv32) + target=linux32-riscv32 + ;; + linux-riscv64) + target=linux64-riscv64 + ;; + linux-sparc | linux-supersparc) + target=linux-sparcv9 + ;; + mingw32-x86_64) + target=mingw64 + ;; + esac + + # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the + # environment variables set by bitbake. Adjust the environment variables instead. + PERLEXTERNAL="$(realpath ${S}/external/perl/Text-Template-*/lib)" + test -d "$PERLEXTERNAL" || bberror "PERLEXTERNAL '$PERLEXTERNAL' not found!" + HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="$PERLEXTERNAL" \ + perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} ${DEPRECATED_CRYPTO_FLAGS} --prefix=${prefix} --openssldir=${libdir}/ssl-3 --libdir=${baselib} $target + perl ${B}/configdata.pm --dump +} + +do_compile:append () { + # The test suite binaries are large and we don't need the debugging in them + if test -d ${B}/test; then + find ${B}/test -type f -executable -exec ${STRIP} {} \; + fi +} + +do_install () { + oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install_sw install_ssldirs ${@bb.utils.contains('PACKAGECONFIG', 'manpages', 'install_docs', '', d)} + + oe_multilib_header openssl/opensslconf.h + oe_multilib_header openssl/configuration.h + + # Create SSL structure for packages such as ca-certificates which + # contain hard-coded paths to /etc/ssl. Debian does the same. + install -d ${D}${sysconfdir}/ssl + mv ${D}${libdir}/ssl-3/certs \ + ${D}${libdir}/ssl-3/private \ + ${D}${libdir}/ssl-3/openssl.cnf \ + ${D}${sysconfdir}/ssl/ + + # Although absolute symlinks would be OK for the target, they become + # invalid if native or nativesdk are relocated from sstate. + ln -sf ${@oe.path.relative('${libdir}/ssl-3', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-3/certs + ln -sf ${@oe.path.relative('${libdir}/ssl-3', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-3/private + ln -sf ${@oe.path.relative('${libdir}/ssl-3', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-3/openssl.cnf +} + +do_install:append:class-native () { + create_wrapper ${D}${bindir}/openssl \ + OPENSSL_CONF=${libdir}/ssl-3/openssl.cnf \ + SSL_CERT_DIR=${libdir}/ssl-3/certs \ + SSL_CERT_FILE=${libdir}/ssl-3/cert.pem \ + OPENSSL_ENGINES=${libdir}/engines-3 \ + OPENSSL_MODULES=${libdir}/ossl-modules +} + +do_install:append:class-nativesdk () { + mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d + install -m 644 ${UNPACKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh + sed 's|/usr/lib/ssl/|/usr/lib/ssl-3/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh +} + +PTEST_BUILD_HOST_FILES += "configdata.pm" +PTEST_BUILD_HOST_PATTERN = "perl_version =" +do_install_ptest() { + install -m644 ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} + cp -rf ${S}/Configurations ${S}/external ${D}${PTEST_PATH}/ + + install -d ${D}${PTEST_PATH}/apps + ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps + + cd ${S} + find test/certs test/ct test/d2i-tests test/recipes test/ocsp-tests test/ssl-tests test/smime-certs -type f -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.cnf -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.der -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.pem -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find util -name \*.p[lm] -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + + cd ${B} + # Everything but .? (.o and .d) + find test -type f -name \*[^.]? -exec install -m755 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.cnf -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.pem -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.srl -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + install -m755 ${B}/util/*wrap.* ${D}${PTEST_PATH}/util/ + + install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps/ + install -m755 ${S}/test/*.pl ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/shibboleth.pfx ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/*.bin ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/dane*.in ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/smcont*.txt ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/ssl_test.tmpl ${D}${PTEST_PATH}/test/ + + sed 's|${S}|${PTEST_PATH}|g' -i ${D}${PTEST_PATH}/configdata.pm ${D}${PTEST_PATH}/util/wrap.pl + + install -d ${D}${PTEST_PATH}/engines + install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines/ + install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines/ + ln -s ${libdir}/engines-3/loader_attic.so ${D}${PTEST_PATH}/engines/ + ln -s ${libdir}/ossl-modules/ ${D}${PTEST_PATH}/providers +} + +# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto +# package RRECOMMENDS on this package. This will enable the configuration +# file to be installed for both the openssl-bin package and the libcrypto +# package since the openssl-bin package depends on the libcrypto package. + +PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc ${PN}-ossl-module-legacy" + +FILES:libcrypto = "${libdir}/libcrypto${SOLIBS}" +FILES:libssl = "${libdir}/libssl${SOLIBS}" +FILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf \ + ${libdir}/ssl-3/openssl.cnf* \ + " +FILES:${PN}-engines = "${libdir}/engines-3" +# ${prefix} comes from what we pass into --prefix at configure time (which is used for INSTALLTOP) +FILES:${PN}-engines:append:mingw32:class-nativesdk = " ${prefix}${libdir}/engines-3" +FILES:${PN}-misc = "${libdir}/ssl-3/misc ${bindir}/c_rehash" +FILES:${PN}-ossl-module-legacy = "${libdir}/ossl-modules/legacy.so" +FILES:${PN} =+ "${libdir}/ssl-3/* ${libdir}/ossl-modules/" +FILES:${PN}:append:class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" + +CONFFILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf" + +RRECOMMENDS:libcrypto += "openssl-conf ${PN}-ossl-module-legacy" +RDEPENDS:${PN}-misc = "perl" +RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash sed openssl-engines openssl-ossl-module-legacy" + +RDEPENDS:${PN}-bin += "openssl-conf" + +# The test suite is installed stripped +INSANE_SKIP:${PN} = "already-stripped" + +BBCLASSEXTEND = "native nativesdk" + +CVE_PRODUCT = "openssl:openssl" + +CVE_VERSION_SUFFIX = "alphabetical" + diff --git a/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb b/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb index b5f68951d7..0ee47d47c2 100644 --- a/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb +++ b/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb @@ -1,8 +1,8 @@ SUMMARY = "Enables PPP dial-in through a serial connection" SECTION = "console/network" +DESCRIPTION = "PPP dail-in provides a point to point protocol (PPP), so that other computers can dial up to it and access connected networks." DEPENDS = "ppp" -RDEPENDS_${PN} = "ppp" -PR = "r8" +RDEPENDS:${PN} = "ppp" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" @@ -11,17 +11,18 @@ SRC_URI = "file://host-peer \ inherit allarch useradd -S = "${WORKDIR}" +S = "${WORKDIR}/sources" +UNPACKDIR = "${S}" do_install() { install -d ${D}${sysconfdir}/ppp/peers - install -m 0644 ${WORKDIR}/host-peer ${D}${sysconfdir}/ppp/peers/host + install -m 0644 ${S}/host-peer ${D}${sysconfdir}/ppp/peers/host install -d ${D}${sbindir} - install -m 0755 ${WORKDIR}/ppp-dialin ${D}${sbindir} + install -m 0755 ${S}/ppp-dialin ${D}${sbindir} } USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home /dev/null \ +USERADD_PARAM:${PN} = "--system --home /dev/null \ --no-create-home --shell ${sbindir}/ppp-dialin \ --no-user-group --gid nogroup ppp" diff --git a/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch b/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch deleted file mode 100644 index 763e374488..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch +++ /dev/null @@ -1,163 +0,0 @@ -From 52a1e41d7541b2c936285844c59bd1be21797860 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Fri, 29 May 2015 14:57:05 -0700 -Subject: [PATCH] Fix build with musl - -There are several assumption about glibc - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending - - include/net/ppp_defs.h | 2 ++ - pppd/Makefile.linux | 2 +- - pppd/magic.h | 6 +++--- - pppd/plugins/rp-pppoe/config.h | 5 ++++- - pppd/plugins/rp-pppoe/plugin.c | 1 - - pppd/plugins/rp-pppoe/pppoe-discovery.c | 8 ++++---- - pppd/plugins/rp-pppoe/pppoe.h | 2 +- - pppd/sys-linux.c | 3 ++- - 8 files changed, 17 insertions(+), 12 deletions(-) - -diff --git a/include/net/ppp_defs.h b/include/net/ppp_defs.h -index b06eda5..dafa36c 100644 ---- a/include/net/ppp_defs.h -+++ b/include/net/ppp_defs.h -@@ -38,6 +38,8 @@ - #ifndef _PPP_DEFS_H_ - #define _PPP_DEFS_H_ - -+#include <sys/time.h> -+ - /* - * The basic PPP frame. - */ -diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux -index 8ab2102..d7e2564 100644 ---- a/pppd/Makefile.linux -+++ b/pppd/Makefile.linux -@@ -126,7 +126,7 @@ LIBS += -lcrypt - #endif - - ifdef USE_LIBUTIL --CFLAGS += -DHAVE_LOGWTMP=1 -+#CFLAGS += -DHAVE_LOGWTMP=1 - LIBS += -lutil - endif - -diff --git a/pppd/magic.h b/pppd/magic.h -index c81213b..9d399e3 100644 ---- a/pppd/magic.h -+++ b/pppd/magic.h -@@ -42,8 +42,8 @@ - * $Id: magic.h,v 1.5 2003/06/11 23:56:26 paulus Exp $ - */ - --void magic_init __P((void)); /* Initialize the magic number generator */ --u_int32_t magic __P((void)); /* Returns the next magic number */ -+void magic_init (void); /* Initialize the magic number generator */ -+u_int32_t magic (void); /* Returns the next magic number */ - - /* Fill buffer with random bytes */ --void random_bytes __P((unsigned char *buf, int len)); -+void random_bytes (unsigned char *buf, int len); -diff --git a/pppd/plugins/rp-pppoe/config.h b/pppd/plugins/rp-pppoe/config.h -index 5703087..fff032e 100644 ---- a/pppd/plugins/rp-pppoe/config.h -+++ b/pppd/plugins/rp-pppoe/config.h -@@ -78,8 +78,9 @@ - #define HAVE_NET_IF_ARP_H 1 - - /* Define if you have the <net/ethernet.h> header file. */ -+#ifdef __GLIBC__ - #define HAVE_NET_ETHERNET_H 1 -- -+#endif - /* Define if you have the <net/if.h> header file. */ - #define HAVE_NET_IF_H 1 - -@@ -102,7 +103,9 @@ - #define HAVE_NETPACKET_PACKET_H 1 - - /* Define if you have the <sys/cdefs.h> header file. */ -+#ifdef __GLIBC__ - #define HAVE_SYS_CDEFS_H 1 -+#endif - - /* Define if you have the <sys/dlpi.h> header file. */ - /* #undef HAVE_SYS_DLPI_H */ -diff --git a/pppd/plugins/rp-pppoe/plugin.c b/pppd/plugins/rp-pppoe/plugin.c -index a8c2bb4..ca34d79 100644 ---- a/pppd/plugins/rp-pppoe/plugin.c -+++ b/pppd/plugins/rp-pppoe/plugin.c -@@ -46,7 +46,6 @@ static char const RCSID[] = - #include <unistd.h> - #include <fcntl.h> - #include <signal.h> --#include <net/ethernet.h> - #include <net/if_arp.h> - #include <linux/ppp_defs.h> - #include <linux/if_pppox.h> -diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c -index 3d3bf4e..d42f619 100644 ---- a/pppd/plugins/rp-pppoe/pppoe-discovery.c -+++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c -@@ -27,10 +27,6 @@ - #include <linux/if_packet.h> - #endif - --#ifdef HAVE_NET_ETHERNET_H --#include <net/ethernet.h> --#endif -- - #ifdef HAVE_ASM_TYPES_H - #include <asm/types.h> - #endif -@@ -47,6 +43,10 @@ - #include <net/if_arp.h> - #endif - -+#ifndef __GLIBC__ -+#define error(x...) fprintf(stderr, x) -+#endif -+ - char *xstrdup(const char *s); - void usage(void); - -diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h -index 9ab2eee..75b9004 100644 ---- a/pppd/plugins/rp-pppoe/pppoe.h -+++ b/pppd/plugins/rp-pppoe/pppoe.h -@@ -92,7 +92,7 @@ typedef unsigned long UINT32_t; - #ifdef HAVE_SYS_SOCKET_H - #include <sys/socket.h> - #endif --#ifndef HAVE_SYS_DLPI_H -+#if !defined HAVE_SYS_DLPI_H && defined HAVE_NET_ETHERNET_H - #include <netinet/if_ether.h> - #endif - #endif -diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c -index a105505..49b0273 100644 ---- a/pppd/sys-linux.c -+++ b/pppd/sys-linux.c -@@ -112,7 +112,7 @@ - #include <linux/types.h> - #include <linux/if.h> - #include <linux/if_arp.h> --#include <linux/route.h> -+/* #include <linux/route.h> */ - #include <linux/if_ether.h> - #endif - #include <netinet/in.h> -@@ -145,6 +145,7 @@ - #endif - - #ifdef INET6 -+#include <net/route.h> - #ifndef _LINUX_IN6_H - /* - * This is in linux/include/net/ipv6.h. --- -2.1.4 - diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch deleted file mode 100644 index ea4969b366..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch +++ /dev/null @@ -1,30 +0,0 @@ -From ba0f6058d1f25b2b60fc31ab2656bf12a71ffdab Mon Sep 17 00:00:00 2001 -From: Lu Chong <Chong.Lu@windriver.com> -Date: Tue, 5 Nov 2013 17:32:56 +0800 -Subject: [PATCH] ppp: Fix compilation errors in Makefile - -Make can't exit while compilation error occurs in subdir for plugins building. - -Upstream-Status: Pending - -Signed-off-by: Lu Chong <Chong.Lu@windriver.com> ---- - pppd/plugins/Makefile.linux | 1 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/pppd/plugins/Makefile.linux b/pppd/plugins/Makefile.linux -index 0a7ec7b..2a2c15a 100644 ---- a/pppd/plugins/Makefile.linux -+++ b/pppd/plugins/Makefile.linux -@@ -20,7 +20,7 @@ include .depend - endif - - all: $(PLUGINS) -- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all; done -+ for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all || exit 1; done - - %.so: %.c - $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^ --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch deleted file mode 100644 index a32f89fbc8..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/0001-ppp-Remove-unneeded-include.patch +++ /dev/null @@ -1,43 +0,0 @@ -commit cd90fd147844a0cfec101f1e2db7a3c59d236621 -Author: Jussi Kukkonen <jussi.kukkonen@intel.com> -Date: Wed Dec 28 14:11:22 2016 +0200 - -pppol2tp plugin: Remove unneeded include - -The include is not required and will break compile on musl libc with - -| In file included from pppol2tp.c:34:0: -| /usr/include/linux/if.h:97:2: error: expected identifier before numeric constant -| IFF_LOWER_UP = 1<<16, /* __volatile__ */ - -Patch originally from Khem Raj. - -Upstream-Status: Pending [https://github.com/paulusmack/ppp/issues/73] -Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> - -diff --git a/pppd/plugins/pppol2tp/openl2tp.c b/pppd/plugins/pppol2tp/openl2tp.c -index 9643b96..458316b 100644 ---- a/pppd/plugins/pppol2tp/openl2tp.c -+++ b/pppd/plugins/pppol2tp/openl2tp.c -@@ -47,7 +47,6 @@ - #include <linux/if_ether.h> - #include <linux/ppp_defs.h> - #include <linux/if_ppp.h> --#include <linux/if_pppox.h> - #include <linux/if_pppol2tp.h> - - #include "l2tp_event.h" -diff --git a/pppd/plugins/pppol2tp/pppol2tp.c b/pppd/plugins/pppol2tp/pppol2tp.c -index 0e28606..4f6d98c 100644 ---- a/pppd/plugins/pppol2tp/pppol2tp.c -+++ b/pppd/plugins/pppol2tp/pppol2tp.c -@@ -46,7 +46,6 @@ - #include <linux/if_ether.h> - #include <linux/ppp_defs.h> - #include <linux/if_ppp.h> --#include <linux/if_pppox.h> - #include <linux/if_pppol2tp.h> - - /* should be added to system's socket.h... */ ---- - diff --git a/meta/recipes-connectivity/ppp/ppp/0001-pppoe-include-netinet-in.h-before-linux-in.h.patch b/meta/recipes-connectivity/ppp/ppp/0001-pppoe-include-netinet-in.h-before-linux-in.h.patch deleted file mode 100644 index 9362d12648..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/0001-pppoe-include-netinet-in.h-before-linux-in.h.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 50a2997b256e0e0ef7a46fae133f56f60fce539c Mon Sep 17 00:00:00 2001 -From: Lubomir Rintel <lkundrak@v3.sk> -Date: Mon, 9 Jan 2017 13:34:23 +0000 -Subject: [PATCH] pppoe: include netinet/in.h before linux/in.h - -This fixes builds with newer kernels. Basically, <netinet/in.h> needs to be -included before <linux/in.h> otherwise the earlier, unaware of the latter, -tries to redefine symbols and structures. Also, <linux/if_pppox.h> doesn't work -alone anymore, since it pulls the headers in the wrong order, so we better -include <netinet/in.h> early. - -Upstream-Status: Backport -[https://github.com/paulusmack/ppp/commit/50a2997b256e0e0ef7a46fae133f56f60fce539c] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - pppd/plugins/rp-pppoe/pppoe.h | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) - -diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h -index 9ab2eee..c4aaa6e 100644 ---- a/pppd/plugins/rp-pppoe/pppoe.h -+++ b/pppd/plugins/rp-pppoe/pppoe.h -@@ -47,6 +47,10 @@ - #include <sys/socket.h> - #endif - -+/* This has to be included before Linux 4.8's linux/in.h -+ * gets dragged in. */ -+#include <netinet/in.h> -+ - /* Ugly header files on some Linux boxes... */ - #if defined(HAVE_LINUX_IF_H) - #include <linux/if.h> -@@ -84,8 +88,6 @@ typedef unsigned long UINT32_t; - #include <linux/if_ether.h> - #endif - --#include <netinet/in.h> -- - #ifdef HAVE_NETINET_IF_ETHER_H - #include <sys/types.h> - -@@ -98,7 +100,6 @@ typedef unsigned long UINT32_t; - #endif - - -- - /* Ethernet frame types according to RFC 2516 */ - #define ETH_PPPOE_DISCOVERY 0x8863 - #define ETH_PPPOE_SESSION 0x8864 --- -2.7.4 - diff --git a/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch b/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch deleted file mode 100644 index 7dd69d8f4d..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/cifdefroute.patch +++ /dev/null @@ -1,297 +0,0 @@ -This patch comes from OpenEmbedded. -The original patch is from Debian / SuSE to implement replacedefaultroute -Rebased it to fit ppp-2.4.5. Dongxiao Xu <dongxiao.xu@intel.com> - -Upstream-Status: Inappropriate [debian/suse patches] - -Index: ppp-2.4.7/pppd/ipcp.c -=================================================================== ---- ppp-2.4.7.orig/pppd/ipcp.c -+++ ppp-2.4.7/pppd/ipcp.c -@@ -198,6 +198,16 @@ static option_t ipcp_option_list[] = { - "disable defaultroute option", OPT_ALIAS | OPT_A2CLR, - &ipcp_wantoptions[0].default_route }, - -+#ifdef __linux__ -+ { "replacedefaultroute", o_bool, -+ &ipcp_wantoptions[0].replace_default_route, -+ "Replace default route", 1 -+ }, -+ { "noreplacedefaultroute", o_bool, -+ &ipcp_allowoptions[0].replace_default_route, -+ "Never replace default route", OPT_A2COPY, -+ &ipcp_wantoptions[0].replace_default_route }, -+#endif - { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, - "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, - { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, -@@ -271,7 +281,7 @@ struct protent ipcp_protent = { - ip_active_pkt - }; - --static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t)); -+static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool)); - static void ipcp_script __P((char *, int)); /* Run an up/down script */ - static void ipcp_script_done __P((void *)); - -@@ -1761,7 +1771,12 @@ ip_demand_conf(u) - if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) - return 0; - if (wo->default_route) -+#ifndef __linux__ - if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr)) -+#else -+ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[u] = 1; - if (wo->proxy_arp) - if (sifproxyarp(u, wo->hisaddr)) -@@ -1849,7 +1864,8 @@ ipcp_up(f) - */ - if (demand) { - if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { -- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr); -+ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr, -+ wo->replace_default_route); - if (go->ouraddr != wo->ouraddr) { - warn("Local IP address changed to %I", go->ouraddr); - script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); -@@ -1874,7 +1890,12 @@ ipcp_up(f) - - /* assign a default route through the interface if required */ - if (ipcp_wantoptions[f->unit].default_route) -+#ifndef __linux__ - if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) -+#else -+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[f->unit] = 1; - - /* Make a proxy ARP entry if requested. */ -@@ -1924,7 +1945,12 @@ ipcp_up(f) - - /* assign a default route through the interface if required */ - if (ipcp_wantoptions[f->unit].default_route) -+#ifndef __linux__ - if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) -+#else -+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[f->unit] = 1; - - /* Make a proxy ARP entry if requested. */ -@@ -2002,7 +2028,7 @@ ipcp_down(f) - sifnpmode(f->unit, PPP_IP, NPMODE_DROP); - sifdown(f->unit); - ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, -- ipcp_hisoptions[f->unit].hisaddr); -+ ipcp_hisoptions[f->unit].hisaddr, 0); - } - - /* Execute the ip-down script */ -@@ -2018,12 +2044,21 @@ ipcp_down(f) - * proxy arp entries, etc. - */ - static void --ipcp_clear_addrs(unit, ouraddr, hisaddr) -+ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute) - int unit; - u_int32_t ouraddr; /* local address */ - u_int32_t hisaddr; /* remote address */ -+ bool replacedefaultroute; - { -- if (proxy_arp_set[unit]) { -+ /* If replacedefaultroute, sifdefaultroute will be called soon -+ * with replacedefaultroute set and that will overwrite the current -+ * default route. This is the case only when doing demand, otherwise -+ * during demand, this cifdefaultroute would restore the old default -+ * route which is not what we want in this case. In the non-demand -+ * case, we'll delete the default route and restore the old if there -+ * is one saved by an sifdefaultroute with replacedefaultroute. -+ */ -+ if (!replacedefaultroute && default_route_set[unit]) { - cifproxyarp(unit, hisaddr); - proxy_arp_set[unit] = 0; - } -Index: ppp-2.4.7/pppd/ipcp.h -=================================================================== ---- ppp-2.4.7.orig/pppd/ipcp.h -+++ ppp-2.4.7/pppd/ipcp.h -@@ -70,6 +70,7 @@ typedef struct ipcp_options { - bool old_addrs; /* Use old (IP-Addresses) option? */ - bool req_addr; /* Ask peer to send IP address? */ - bool default_route; /* Assign default route through interface? */ -+ bool replace_default_route; /* Replace default route through interface? */ - bool proxy_arp; /* Make proxy ARP entry for peer? */ - bool neg_vj; /* Van Jacobson Compression? */ - bool old_vj; /* use old (short) form of VJ option? */ -Index: ppp-2.4.7/pppd/pppd.8 -=================================================================== ---- ppp-2.4.7.orig/pppd/pppd.8 -+++ ppp-2.4.7/pppd/pppd.8 -@@ -121,6 +121,13 @@ the gateway, when IPCP negotiation is su - This entry is removed when the PPP connection is broken. This option - is privileged if the \fInodefaultroute\fR option has been specified. - .TP -+.B replacedefaultroute -+This option is a flag to the defaultroute option. If defaultroute is -+set and this flag is also set, pppd replaces an existing default route -+with the new default route. -+ -+ -+.TP - .B disconnect \fIscript - Execute the command specified by \fIscript\fR, by passing it to a - shell, after -@@ -734,7 +741,12 @@ disable both forms of hardware flow cont - .TP - .B nodefaultroute - Disable the \fIdefaultroute\fR option. The system administrator who --wishes to prevent users from creating default routes with pppd -+wishes to prevent users from adding a default route with pppd -+can do so by placing this option in the /etc/ppp/options file. -+.TP -+.B noreplacedefaultroute -+Disable the \fIreplacedefaultroute\fR option. The system administrator who -+wishes to prevent users from replacing a default route with pppd - can do so by placing this option in the /etc/ppp/options file. - .TP - .B nodeflate -Index: ppp-2.4.7/pppd/pppd.h -=================================================================== ---- ppp-2.4.7.orig/pppd/pppd.h -+++ ppp-2.4.7/pppd/pppd.h -@@ -665,7 +665,11 @@ int sif6addr __P((int, eui64_t, eui64_t - int cif6addr __P((int, eui64_t, eui64_t)); - /* Remove an IPv6 address from i/f */ - #endif -+#ifndef __linux__ - int sifdefaultroute __P((int, u_int32_t, u_int32_t)); -+#else -+int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt)); -+#endif - /* Create default route through i/f */ - int cifdefaultroute __P((int, u_int32_t, u_int32_t)); - /* Delete default route through i/f */ -Index: ppp-2.4.7/pppd/sys-linux.c -=================================================================== ---- ppp-2.4.7.orig/pppd/sys-linux.c -+++ ppp-2.4.7/pppd/sys-linux.c -@@ -207,6 +207,8 @@ static unsigned char inbuf[512]; /* buff - static int if_is_up; /* Interface has been marked up */ - static int if6_is_up; /* Interface has been marked up for IPv6, to help differentiate */ - static int have_default_route; /* Gateway for default route added */ -+static struct rtentry old_def_rt; /* Old default route */ -+static int default_rt_repl_rest; /* replace and restore old default rt */ - static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ - static char proxy_arp_dev[16]; /* Device for proxy arp entry */ - static u_int32_t our_old_addr; /* for detecting address changes */ -@@ -1545,6 +1547,9 @@ static int read_route_table(struct rtent - p = NULL; - } - -+ SET_SA_FAMILY (rt->rt_dst, AF_INET); -+ SET_SA_FAMILY (rt->rt_gateway, AF_INET); -+ - SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); - SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); - SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); -@@ -1614,20 +1619,51 @@ int have_route_to(u_int32_t addr) - /******************************************************************** - * - * sifdefaultroute - assign a default route through the address given. -- */ -- --int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway) --{ -- struct rtentry rt; -- -- if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) { -- if (rt.rt_flags & RTF_GATEWAY) -- error("not replacing existing default route via %I", -- SIN_ADDR(rt.rt_gateway)); -- else -- error("not replacing existing default route through %s", -- rt.rt_dev); -- return 0; -+ * -+ * If the global default_rt_repl_rest flag is set, then this function -+ * already replaced the original system defaultroute with some other -+ * route and it should just replace the current defaultroute with -+ * another one, without saving the current route. Use: demand mode, -+ * when pppd sets first a defaultroute it it's temporary ppp0 addresses -+ * and then changes the temporary addresses to the addresses for the real -+ * ppp connection when it has come up. -+ */ -+ -+int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace) -+{ -+ struct rtentry rt, tmp_rt; -+ struct rtentry *del_rt = NULL; -+ -+ if (default_rt_repl_rest) { -+ /* We have already reclaced the original defaultroute, if we -+ * are called again, we will delete the current default route -+ * and set the new default route in this function. -+ * - this is normally only the case the doing demand: */ -+ if (defaultroute_exists( &tmp_rt )) -+ del_rt = &tmp_rt; -+ } else if ( defaultroute_exists( &old_def_rt ) && -+ strcmp( old_def_rt.rt_dev, ifname ) != 0) { -+ /* We did not yet replace an existing default route, let's -+ * check if we should save and replace a default route: -+ */ -+ u_int32_t old_gateway = SIN_ADDR(old_def_rt.rt_gateway); -+ if (old_gateway != gateway) { -+ if (!replace) { -+ error("not replacing default route to %s [%I]", -+ old_def_rt.rt_dev, old_gateway); -+ return 0; -+ } else { -+ // we need to copy rt_dev because we need it permanent too: -+ char * tmp_dev = malloc(strlen(old_def_rt.rt_dev)+1); -+ strcpy(tmp_dev, old_def_rt.rt_dev); -+ old_def_rt.rt_dev = tmp_dev; -+ -+ notice("replacing old default route to %s [%I]", -+ old_def_rt.rt_dev, old_gateway); -+ default_rt_repl_rest = 1; -+ del_rt = &old_def_rt; -+ } -+ } - } - - memset (&rt, 0, sizeof (rt)); -@@ -1646,6 +1682,12 @@ int sifdefaultroute (int unit, u_int32_t - error("default route ioctl(SIOCADDRT): %m"); - return 0; - } -+ if (default_rt_repl_rest && del_rt) -+ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) { -+ if ( ! ok_error ( errno )) -+ error("del old default route ioctl(SIOCDELRT): %m(%d)", errno); -+ return 0; -+ } - - have_default_route = 1; - return 1; -@@ -1681,6 +1723,16 @@ int cifdefaultroute (int unit, u_int32_t - return 0; - } - } -+ if (default_rt_repl_rest) { -+ notice("restoring old default route to %s [%I]", -+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); -+ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) { -+ if ( ! ok_error ( errno )) -+ error("restore default route ioctl(SIOCADDRT): %m(%d)", errno); -+ return 0; -+ } -+ default_rt_repl_rest = 0; -+ } - - return 1; - } diff --git a/meta/recipes-connectivity/ppp/ppp/copts.patch b/meta/recipes-connectivity/ppp/ppp/copts.patch deleted file mode 100644 index 53ff06e03e..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/copts.patch +++ /dev/null @@ -1,21 +0,0 @@ -ppp: use build system CFLAGS when compiling - -Upstream-Status: Pending - -Override the hard-coded COPTS make variables with -CFLAGS. Add COPTS into one Makefile that did not -use it. - -Signed-off-by: Joe Slater <jslater@windriver.com> - ---- a/pppd/plugins/radius/Makefile.linux -+++ b/pppd/plugins/radius/Makefile.linux -@@ -12,7 +12,7 @@ VERSION = $(shell awk -F '"' '/VERSION/ - INSTALL = install - - PLUGIN=radius.so radattr.so radrealms.so --CFLAGS=-I. -I../.. -I../../../include -O2 -fPIC -DRC_LOG_FACILITY=LOG_DAEMON -+CFLAGS=-I. -I../.. -I../../../include $(COPTS) -fPIC -DRC_LOG_FACILITY=LOG_DAEMON - - # Uncomment the next line to include support for Microsoft's - # MS-CHAP authentication protocol. diff --git a/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch b/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch deleted file mode 100644 index c5a0be86f5..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch +++ /dev/null @@ -1,30 +0,0 @@ -ppp: Buffer overflow in radius plugin - -From: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;bug=782450 - -Upstream-Status: Backport -CVE: CVE-2015-3310 - -On systems with more than 65535 processes running, pppd aborts when -sending a "start" accounting message to the RADIUS server because of a -buffer overflow in rc_mksid. - -The process id is used in rc_mksid to generate a pseudo-unique string, -assuming that the hex representation of the pid will be at most 4 -characters (FFFF). __sprintf_chk(), used when compiling with -optimization levels greater than 0 and FORTIFY_SOURCE, detects the -buffer overflow and makes pppd crash. - -The following patch fixes the problem. - ---- ppp-2.4.6.orig/pppd/plugins/radius/util.c -+++ ppp-2.4.6/pppd/plugins/radius/util.c -@@ -77,7 +77,7 @@ rc_mksid (void) - static unsigned short int cnt = 0; - sprintf (buf, "%08lX%04X%02hX", - (unsigned long int) time (NULL), -- (unsigned int) getpid (), -+ (unsigned int) getpid () % 65535, - cnt & 0xFF); - cnt++; - return buf; diff --git a/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch b/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch deleted file mode 100644 index 8a69396cc7..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch +++ /dev/null @@ -1,38 +0,0 @@ -The patch comes from OpenEmbedded. -Rebased for ppp-2.4.5. Dongxiao Xu <dongxiao.xu@intel.com> - -Updated from OE-Classic to include the pcap hunk. -Signed-off-by: Andreas Oberritter <obi@opendreambox.org> - -Upstream-Status: Inappropriate [configuration] - -Index: ppp-2.4.7/pppd/Makefile.linux -=================================================================== ---- ppp-2.4.7.orig/pppd/Makefile.linux -+++ ppp-2.4.7/pppd/Makefile.linux -@@ -120,10 +120,10 @@ CFLAGS += -DHAS_SHADOW - #LIBS += -lshadow $(LIBS) - endif - --ifneq ($(wildcard /usr/include/crypt.h),) -+#ifneq ($(wildcard /usr/include/crypt.h),) - CFLAGS += -DHAVE_CRYPT_H=1 - LIBS += -lcrypt --endif -+#endif - - ifdef USE_LIBUTIL - CFLAGS += -DHAVE_LOGWTMP=1 -@@ -177,10 +177,10 @@ LIBS += -ldl - endif - - ifdef FILTER --ifneq ($(wildcard /usr/include/pcap-bpf.h),) -+#ifneq ($(wildcard /usr/include/pcap-bpf.h),) - LIBS += -lpcap - CFLAGS += -DPPP_FILTER --endif -+#endif - endif - - ifdef HAVE_INET6 diff --git a/meta/recipes-connectivity/ppp/ppp/makefile.patch b/meta/recipes-connectivity/ppp/ppp/makefile.patch deleted file mode 100644 index 2d09baf5d0..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/makefile.patch +++ /dev/null @@ -1,95 +0,0 @@ -The patch comes from OpenEmbedded -Rebased for ppp-2.4.5. Dongxiao Xu <dongxiao.xu@intel.com> - -Upstream-Status: Inappropriate [configuration] - -diff -ruN ppp-2.4.5-orig/chat/Makefile.linux ppp-2.4.5/chat/Makefile.linux ---- ppp-2.4.5-orig/chat/Makefile.linux 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/chat/Makefile.linux 2010-06-30 15:51:30.450118446 +0800 -@@ -25,7 +25,7 @@ - - install: chat - mkdir -p $(BINDIR) $(MANDIR) -- $(INSTALL) -s -c chat $(BINDIR) -+ $(INSTALL) -c chat $(BINDIR) - $(INSTALL) -c -m 644 chat.8 $(MANDIR) - - clean: -diff -ruN ppp-2.4.5-orig/pppd/Makefile.linux ppp-2.4.5/pppd/Makefile.linux ---- ppp-2.4.5-orig/pppd/Makefile.linux 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/Makefile.linux 2010-06-30 15:52:11.214170607 +0800 -@@ -99,7 +99,7 @@ - CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include - LIBS += -lsrp -L/usr/local/ssl/lib -lcrypto - TARGETS += srp-entry --EXTRAINSTALL = $(INSTALL) -s -c -m 555 srp-entry $(BINDIR)/srp-entry -+EXTRAINSTALL = $(INSTALL) -c -m 555 srp-entry $(BINDIR)/srp-entry - MANPAGES += srp-entry.8 - EXTRACLEAN += srp-entry.o - NEEDDES=y -@@ -200,7 +200,7 @@ - install: pppd - mkdir -p $(BINDIR) $(MANDIR) - $(EXTRAINSTALL) -- $(INSTALL) -s -c -m 555 pppd $(BINDIR)/pppd -+ $(INSTALL) -c -m 555 pppd $(BINDIR)/pppd - if chgrp pppusers $(BINDIR)/pppd 2>/dev/null; then \ - chmod o-rx,u+s $(BINDIR)/pppd; fi - $(INSTALL) -c -m 444 pppd.8 $(MANDIR) -diff -ruN ppp-2.4.5-orig/pppd/plugins/radius/Makefile.linux ppp-2.4.5/pppd/plugins/radius/Makefile.linux ---- ppp-2.4.5-orig/pppd/plugins/radius/Makefile.linux 2010-06-30 15:51:12.047676187 +0800 -+++ ppp-2.4.5/pppd/plugins/radius/Makefile.linux 2010-06-30 15:53:47.750182267 +0800 -@@ -36,11 +36,11 @@ - - install: all - $(INSTALL) -d -m 755 $(LIBDIR) -- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR) -- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR) -- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR) -- $(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR) -- $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR) -+ $(INSTALL) -c -m 755 radius.so $(LIBDIR) -+ $(INSTALL) -c -m 755 radattr.so $(LIBDIR) -+ $(INSTALL) -c -m 755 radrealms.so $(LIBDIR) -+ $(INSTALL) -m 444 pppd-radius.8 $(MANDIR) -+ $(INSTALL) -m 444 pppd-radattr.8 $(MANDIR) - - radius.so: radius.o libradiusclient.a - $(CC) -o radius.so -shared radius.o libradiusclient.a -diff -ruN ppp-2.4.5-orig/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.5/pppd/plugins/rp-pppoe/Makefile.linux ---- ppp-2.4.5-orig/pppd/plugins/rp-pppoe/Makefile.linux 2010-06-30 15:51:12.047676187 +0800 -+++ ppp-2.4.5/pppd/plugins/rp-pppoe/Makefile.linux 2010-06-30 15:53:15.454486877 +0800 -@@ -43,9 +43,9 @@ - - install: all - $(INSTALL) -d -m 755 $(LIBDIR) -- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR) -+ $(INSTALL) -c -m 4550 rp-pppoe.so $(LIBDIR) - $(INSTALL) -d -m 755 $(BINDIR) -- $(INSTALL) -s -c -m 555 pppoe-discovery $(BINDIR) -+ $(INSTALL) -c -m 555 pppoe-discovery $(BINDIR) - - clean: - rm -f *.o *.so pppoe-discovery -diff -ruN ppp-2.4.5-orig/pppdump/Makefile.linux ppp-2.4.5/pppdump/Makefile.linux ---- ppp-2.4.5-orig/pppdump/Makefile.linux 2010-06-30 15:51:12.058183383 +0800 -+++ ppp-2.4.5/pppdump/Makefile.linux 2010-06-30 15:52:25.762183537 +0800 -@@ -17,5 +17,5 @@ - - install: - mkdir -p $(BINDIR) $(MANDIR) -- $(INSTALL) -s -c pppdump $(BINDIR) -+ $(INSTALL) -c pppdump $(BINDIR) - $(INSTALL) -c -m 444 pppdump.8 $(MANDIR) -diff -ruN ppp-2.4.5-orig/pppstats/Makefile.linux ppp-2.4.5/pppstats/Makefile.linux ---- ppp-2.4.5-orig/pppstats/Makefile.linux 2010-06-30 15:51:12.058183383 +0800 -+++ ppp-2.4.5/pppstats/Makefile.linux 2010-06-30 15:52:42.486341081 +0800 -@@ -22,7 +22,7 @@ - - install: pppstats - -mkdir -p $(MANDIR) -- $(INSTALL) -s -c pppstats $(BINDIR) -+ $(INSTALL) -c pppstats $(BINDIR) - $(INSTALL) -c -m 444 pppstats.8 $(MANDIR) - - pppstats: $(PPPSTATSRCS) diff --git a/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch b/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch deleted file mode 100644 index e53f240543..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch +++ /dev/null @@ -1,84 +0,0 @@ -Used openssl for the DES instead of the libcrypt / glibc - -Upstream-Status: Pending - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -Index: ppp-2.4.7/pppd/Makefile.linux -=================================================================== ---- ppp-2.4.7.orig/pppd/Makefile.linux -+++ ppp-2.4.7/pppd/Makefile.linux -@@ -38,7 +38,7 @@ LIBS = - # Uncomment the next 2 lines to include support for Microsoft's - # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux. - CHAPMS=y --USE_CRYPT=y -+#USE_CRYPT=y - # Don't use MSLANMAN unless you really know what you're doing. - #MSLANMAN=y - # Uncomment the next line to include support for MPPE. CHAPMS (above) must -@@ -132,7 +132,7 @@ endif - - ifdef NEEDDES - ifndef USE_CRYPT --LIBS += -ldes $(LIBS) -+LIBS += -lcrypto - else - CFLAGS += -DUSE_CRYPT=1 - endif -Index: ppp-2.4.7/pppd/pppcrypt.c -=================================================================== ---- ppp-2.4.7.orig/pppd/pppcrypt.c -+++ ppp-2.4.7/pppd/pppcrypt.c -@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key w - des_key[7] = Get7Bits(key, 49); - - #ifndef USE_CRYPT -- des_set_odd_parity((des_cblock *)des_key); -+ DES_set_odd_parity((DES_cblock *)des_key); - #endif - } - -@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */ - } - - #else /* USE_CRYPT */ --static des_key_schedule key_schedule; -+static DES_key_schedule key_schedule; - - bool - DesSetkey(key) - u_char *key; - { -- des_cblock des_key; -+ DES_cblock des_key; - MakeKey(key, des_key); -- des_set_key(&des_key, key_schedule); -+ DES_set_key(&des_key, &key_schedule); - return (1); - } - - bool --DesEncrypt(clear, key, cipher) -+DesEncrypt(clear, cipher) - u_char *clear; /* IN 8 octets */ - u_char *cipher; /* OUT 8 octets */ - { -- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, -- key_schedule, 1); -+ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher, -+ &key_schedule, 1); - return (1); - } - -@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear) - u_char *cipher; /* IN 8 octets */ - u_char *clear; /* OUT 8 octets */ - { -- des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear, -- key_schedule, 0); -+ DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear, -+ &key_schedule, 0); - return (1); - } - diff --git a/meta/recipes-connectivity/ppp/ppp/pppd-resolv-varrun.patch b/meta/recipes-connectivity/ppp/ppp/pppd-resolv-varrun.patch deleted file mode 100644 index a72414ff8a..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/pppd-resolv-varrun.patch +++ /dev/null @@ -1,45 +0,0 @@ -The patch comes from OpenEmbedded -Rebased for ppp-2.4.5. Dongxiao Xu <dongxiao.xu@intel.com> - -Upstream-Status: Inappropriate [embedded specific] - -diff -ruN ppp-2.4.5-orig/pppd/ipcp.c ppp-2.4.5/pppd/ipcp.c ---- ppp-2.4.5-orig/pppd/ipcp.c 2010-06-30 15:51:12.050166398 +0800 -+++ ppp-2.4.5/pppd/ipcp.c 2010-06-30 17:02:33.930393283 +0800 -@@ -55,6 +55,8 @@ - #include <sys/socket.h> - #include <netinet/in.h> - #include <arpa/inet.h> -+#include <sys/stat.h> -+#include <unistd.h> - - #include "pppd.h" - #include "fsm.h" -@@ -2095,6 +2097,14 @@ - u_int32_t peerdns1, peerdns2; - { - FILE *f; -+ struct stat dirinfo; -+ -+ if(stat(_PATH_OUTDIR, &dirinfo)) { -+ if(mkdir(_PATH_OUTDIR, 0775)) { -+ error("Failed to create directory %s: %m", _PATH_OUTDIR); -+ return; -+ } -+ } - - f = fopen(_PATH_RESOLV, "w"); - if (f == NULL) { -diff -ruN ppp-2.4.5-orig/pppd/pathnames.h ppp-2.4.5/pppd/pathnames.h ---- ppp-2.4.5-orig/pppd/pathnames.h 2010-06-30 15:51:12.043682063 +0800 -+++ ppp-2.4.5/pppd/pathnames.h 2010-06-30 17:03:20.594371055 +0800 -@@ -30,7 +30,8 @@ - #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." - #define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors" - #define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/" --#define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf" -+#define _PATH_OUTDIR _ROOT_PATH _PATH_VARRUN "/ppp" -+#define _PATH_RESOLV _PATH_OUTDIR "/resolv.conf" - - #define _PATH_USEROPT ".ppprc" - #define _PATH_PSEUDONYM ".ppp_pseudonym" diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb deleted file mode 100644 index 644cde4562..0000000000 --- a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb +++ /dev/null @@ -1,106 +0,0 @@ -SUMMARY = "Point-to-Point Protocol (PPP) support" -DESCRIPTION = "ppp (Paul's PPP Package) is an open source package which implements \ -the Point-to-Point Protocol (PPP) on Linux and Solaris systems." -SECTION = "console/network" -HOMEPAGE = "http://samba.org/ppp/" -BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs" -DEPENDS = "libpcap openssl virtual/crypt" -LICENSE = "BSD & GPLv2+ & LGPLv2+ & PD" -LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \ - file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \ - file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 \ - file://chat/chat.c;beginline=1;endline=15;md5=0d374b8545ee5c62d7aff1acbd38add2" - -SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \ - file://makefile.patch \ - file://cifdefroute.patch \ - file://pppd-resolv-varrun.patch \ - file://makefile-remove-hard-usr-reference.patch \ - file://pon \ - file://poff \ - file://init \ - file://ip-up \ - file://ip-down \ - file://08setupdns \ - file://92removedns \ - file://copts.patch \ - file://pap \ - file://ppp_on_boot \ - file://provider \ - file://0001-ppp-Fix-compilation-errors-in-Makefile.patch \ - file://ppp@.service \ - file://fix-CVE-2015-3310.patch \ - file://0001-pppoe-include-netinet-in.h-before-linux-in.h.patch \ - file://0001-ppp-Remove-unneeded-include.patch \ - file://ppp-2.4.7-DES-openssl.patch \ -" - -SRC_URI_append_libc-musl = "\ - file://0001-Fix-build-with-musl.patch \ -" -SRC_URI[md5sum] = "78818f40e6d33a1d1de68a1551f6595a" -SRC_URI[sha256sum] = "02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30" - -inherit autotools-brokensep systemd - -TARGET_CC_ARCH += " ${LDFLAGS}" -EXTRA_OEMAKE = "STRIPPROG=${STRIP} MANDIR=${D}${datadir}/man/man8 INCDIR=${D}${includedir} LIBDIR=${D}${libdir}/pppd/${PV} BINDIR=${D}${sbindir}" -EXTRA_OECONF = "--disable-strip" - -# Package Makefile computes CFLAGS, referencing COPTS. -# Typically hard-coded to '-O2 -g' in the Makefile's. -# -EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${STAGING_INCDIR}/openssl -I${S}/include"' - -do_configure () { - oe_runconf -} - -do_install_append () { - make install-etcppp ETCDIR=${D}/${sysconfdir}/ppp - mkdir -p ${D}${bindir}/ ${D}${sysconfdir}/init.d - mkdir -p ${D}${sysconfdir}/ppp/ip-up.d/ - mkdir -p ${D}${sysconfdir}/ppp/ip-down.d/ - install -m 0755 ${WORKDIR}/pon ${D}${bindir}/pon - install -m 0755 ${WORKDIR}/poff ${D}${bindir}/poff - install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/ppp - install -m 0755 ${WORKDIR}/ip-up ${D}${sysconfdir}/ppp/ - install -m 0755 ${WORKDIR}/ip-down ${D}${sysconfdir}/ppp/ - install -m 0755 ${WORKDIR}/08setupdns ${D}${sysconfdir}/ppp/ip-up.d/ - install -m 0755 ${WORKDIR}/92removedns ${D}${sysconfdir}/ppp/ip-down.d/ - mkdir -p ${D}${sysconfdir}/chatscripts - mkdir -p ${D}${sysconfdir}/ppp/peers - install -m 0755 ${WORKDIR}/pap ${D}${sysconfdir}/chatscripts - install -m 0755 ${WORKDIR}/ppp_on_boot ${D}${sysconfdir}/ppp/ppp_on_boot - install -m 0755 ${WORKDIR}/provider ${D}${sysconfdir}/ppp/peers/provider - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/ppp@.service ${D}${systemd_unitdir}/system - sed -i -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_unitdir}/system/ppp@.service - rm -rf ${D}/${mandir}/man8/man8 - chmod u+s ${D}${sbindir}/pppd -} - -do_install_append_libc-musl () { - install -Dm 0644 ${S}/include/net/ppp_defs.h ${D}${includedir}/net/ppp_defs.h -} - -CONFFILES_${PN} = "${sysconfdir}/ppp/pap-secrets ${sysconfdir}/ppp/chap-secrets ${sysconfdir}/ppp/options" -PACKAGES =+ "${PN}-oa ${PN}-oe ${PN}-radius ${PN}-winbind ${PN}-minconn ${PN}-password ${PN}-l2tp ${PN}-tools" -FILES_${PN} = "${sysconfdir} ${bindir} ${sbindir}/chat ${sbindir}/pppd ${systemd_unitdir}/system/ppp@.service" -FILES_${PN}-oa = "${libdir}/pppd/${PV}/pppoatm.so" -FILES_${PN}-oe = "${sbindir}/pppoe-discovery ${libdir}/pppd/${PV}/rp-pppoe.so" -FILES_${PN}-radius = "${libdir}/pppd/${PV}/radius.so ${libdir}/pppd/${PV}/radattr.so ${libdir}/pppd/${PV}/radrealms.so" -FILES_${PN}-winbind = "${libdir}/pppd/${PV}/winbind.so" -FILES_${PN}-minconn = "${libdir}/pppd/${PV}/minconn.so" -FILES_${PN}-password = "${libdir}/pppd/${PV}/pass*.so" -FILES_${PN}-l2tp = "${libdir}/pppd/${PV}/*l2tp.so" -FILES_${PN}-tools = "${sbindir}/pppstats ${sbindir}/pppdump" -SUMMARY_${PN}-oa = "Plugin for PPP for PPP-over-ATM support" -SUMMARY_${PN}-oe = "Plugin for PPP for PPP-over-Ethernet support" -SUMMARY_${PN}-radius = "Plugin for PPP for RADIUS support" -SUMMARY_${PN}-winbind = "Plugin for PPP to authenticate against Samba or Windows" -SUMMARY_${PN}-minconn = "Plugin for PPP to set a delay before the idle timeout applies" -SUMMARY_${PN}-password = "Plugin for PPP to get passwords via a pipe" -SUMMARY_${PN}-l2tp = "Plugin for PPP for l2tp support" -SUMMARY_${PN}-tools = "Additional tools for the PPP package" diff --git a/meta/recipes-connectivity/ppp/ppp_2.5.0.bb b/meta/recipes-connectivity/ppp/ppp_2.5.0.bb new file mode 100644 index 0000000000..36e2585de4 --- /dev/null +++ b/meta/recipes-connectivity/ppp/ppp_2.5.0.bb @@ -0,0 +1,75 @@ +SUMMARY = "Point-to-Point Protocol (PPP) support" +DESCRIPTION = "ppp (Paul's PPP Package) is an open source package which implements \ +the Point-to-Point Protocol (PPP) on Linux and Solaris systems." +SECTION = "console/network" +HOMEPAGE = "http://samba.org/ppp/" +BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs" +DEPENDS = "libpcap openssl virtual/crypt" +LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & LGPL-2.0-or-later & PD & RSA-MD" +LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \ + file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \ + file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 \ + file://chat/chat.c;beginline=1;endline=15;md5=0d374b8545ee5c62d7aff1acbd38add2" + +SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \ + file://pon \ + file://poff \ + file://init \ + file://ip-up \ + file://ip-down \ + file://08setupdns \ + file://92removedns \ + file://pap \ + file://ppp_on_boot \ + file://provider \ + file://ppp@.service \ + " + +SRC_URI[sha256sum] = "5cae0e8075f8a1755f16ca290eb44e6b3545d3f292af4da65ecffe897de636ff" + +inherit autotools systemd + +EXTRA_OECONF += "--with-openssl=${STAGING_EXECPREFIXDIR}" + +do_install:append () { + mkdir -p ${D}${bindir}/ ${D}${sysconfdir}/init.d + mkdir -p ${D}${sysconfdir}/ppp/ip-up.d/ + mkdir -p ${D}${sysconfdir}/ppp/ip-down.d/ + install -m 0755 ${UNPACKDIR}/pon ${D}${bindir}/pon + install -m 0755 ${UNPACKDIR}/poff ${D}${bindir}/poff + install -m 0755 ${UNPACKDIR}/init ${D}${sysconfdir}/init.d/ppp + install -m 0755 ${UNPACKDIR}/ip-up ${D}${sysconfdir}/ppp/ + install -m 0755 ${UNPACKDIR}/ip-down ${D}${sysconfdir}/ppp/ + install -m 0755 ${UNPACKDIR}/08setupdns ${D}${sysconfdir}/ppp/ip-up.d/ + install -m 0755 ${UNPACKDIR}/92removedns ${D}${sysconfdir}/ppp/ip-down.d/ + mkdir -p ${D}${sysconfdir}/chatscripts + mkdir -p ${D}${sysconfdir}/ppp/peers + install -m 0755 ${UNPACKDIR}/pap ${D}${sysconfdir}/chatscripts + install -m 0755 ${UNPACKDIR}/ppp_on_boot ${D}${sysconfdir}/ppp/ppp_on_boot + install -m 0755 ${UNPACKDIR}/provider ${D}${sysconfdir}/ppp/peers/provider + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${UNPACKDIR}/ppp@.service ${D}${systemd_system_unitdir} + sed -i -e 's,@SBINDIR@,${sbindir},g' \ + ${D}${systemd_system_unitdir}/ppp@.service +} + +CONFFILES:${PN} = "${sysconfdir}/ppp/pap-secrets ${sysconfdir}/ppp/chap-secrets ${sysconfdir}/ppp/options" +PACKAGES =+ "${PN}-oa ${PN}-oe ${PN}-radius ${PN}-winbind ${PN}-minconn ${PN}-password ${PN}-l2tp ${PN}-tools" +FILES:${PN} = "${sysconfdir} ${bindir} ${sbindir}/chat ${sbindir}/pppd ${systemd_system_unitdir}/ppp@.service" +FILES:${PN}-oa = "${libdir}/pppd/${PV}/pppoatm.so" +FILES:${PN}-oe = "${sbindir}/pppoe-discovery ${libdir}/pppd/${PV}/*pppoe.so" +FILES:${PN}-radius = "${libdir}/pppd/${PV}/radius.so ${libdir}/pppd/${PV}/radattr.so ${libdir}/pppd/${PV}/radrealms.so" +FILES:${PN}-winbind = "${libdir}/pppd/${PV}/winbind.so" +FILES:${PN}-minconn = "${libdir}/pppd/${PV}/minconn.so" +FILES:${PN}-password = "${libdir}/pppd/${PV}/pass*.so" +FILES:${PN}-l2tp = "${libdir}/pppd/${PV}/*l2tp.so" +FILES:${PN}-tools = "${sbindir}/pppstats ${sbindir}/pppdump" +SUMMARY:${PN}-oa = "Plugin for PPP for PPP-over-ATM support" +SUMMARY:${PN}-oe = "Plugin for PPP for PPP-over-Ethernet support" +SUMMARY:${PN}-radius = "Plugin for PPP for RADIUS support" +SUMMARY:${PN}-winbind = "Plugin for PPP to authenticate against Samba or Windows" +SUMMARY:${PN}-minconn = "Plugin for PPP to set a delay before the idle timeout applies" +SUMMARY:${PN}-password = "Plugin for PPP to get passwords via a pipe" +SUMMARY:${PN}-l2tp = "Plugin for PPP for l2tp support" +SUMMARY:${PN}-tools = "Additional tools for the PPP package" + diff --git a/meta/recipes-connectivity/resolvconf/resolvconf/0001-avoid-using-m-option-for-readlink.patch b/meta/recipes-connectivity/resolvconf/resolvconf/0001-avoid-using-m-option-for-readlink.patch new file mode 100644 index 0000000000..ab32f26754 --- /dev/null +++ b/meta/recipes-connectivity/resolvconf/resolvconf/0001-avoid-using-m-option-for-readlink.patch @@ -0,0 +1,37 @@ +From 6bf2bb136a0b3961339369bc08e58b661fba0edb Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Thu, 17 Nov 2022 17:26:30 +0800 +Subject: [PATCH] avoid using -m option for readlink + +Use a more widely used option '-f' instead of '-m' here to +avoid dependency on coreutils. + +Looking at the git history of the resolvconf repo, the '-m' +is deliberately used. And it wants to depend on coreutils. +But in case of OE, the existence of /etc is ensured, and busybox +readlink provides '-f' option, so we can just use '-f'. In this +way, the coreutils dependency is not necessary any more. + +Upstream-Status: Inappropriate [OE Specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + etc/resolvconf/update.d/libc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/etc/resolvconf/update.d/libc b/etc/resolvconf/update.d/libc +index 1c4f6bc..f75d22c 100755 +--- a/etc/resolvconf/update.d/libc ++++ b/etc/resolvconf/update.d/libc +@@ -57,7 +57,7 @@ fi + report_warning() { echo "$0: Warning: $*" >&2 ; } + + resolv_conf_is_symlinked_to_dynamic_file() { +- [ -L ${ETC}/resolv.conf ] && [ "$(readlink -m ${ETC}/resolv.conf)" = "$DYNAMICRSLVCNFFILE" ] ++ [ -L ${ETC}/resolv.conf ] && [ "$(readlink -f ${ETC}/resolv.conf)" = "$DYNAMICRSLVCNFFILE" ] + } + + if ! resolv_conf_is_symlinked_to_dynamic_file ; then +-- +2.17.1 + diff --git a/meta/recipes-connectivity/resolvconf/resolvconf/fix-path-for-busybox.patch b/meta/recipes-connectivity/resolvconf/resolvconf/fix-path-for-busybox.patch deleted file mode 100644 index 1aead07869..0000000000 --- a/meta/recipes-connectivity/resolvconf/resolvconf/fix-path-for-busybox.patch +++ /dev/null @@ -1,20 +0,0 @@ - -busybox installs readlink into /usr/bin, so ensure /usr/bin -is in the path. - -Upstream-Status: Submitted -Signed-off-by: Saul Wold <sgw@linux.intel.com> - -Index: resolvconf-1.76/etc/resolvconf/update.d/libc -=================================================================== ---- resolvconf-1.76.orig/etc/resolvconf/update.d/libc -+++ resolvconf-1.76/etc/resolvconf/update.d/libc -@@ -16,7 +16,7 @@ - # - - set -e --PATH=/sbin:/bin -+PATH=/sbin:/bin:/usr/bin - - [ -x /lib/resolvconf/list-records ] || exit 1 - diff --git a/meta/recipes-connectivity/resolvconf/resolvconf_1.79.bb b/meta/recipes-connectivity/resolvconf/resolvconf_1.92.bb index 8550177288..c3ce5bc22e 100644 --- a/meta/recipes-connectivity/resolvconf/resolvconf_1.79.bb +++ b/meta/recipes-connectivity/resolvconf/resolvconf_1.92.bb @@ -5,33 +5,31 @@ itself up as the intermediary between programs that supply \ nameserver information and programs that need nameserver \ information." SECTION = "console/network" -LICENSE = "GPLv2+" +LICENSE = "GPL-2.0-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b" -AUTHOR = "Thomas Hood" HOMEPAGE = "http://packages.debian.org/resolvconf" -RDEPENDS_${PN} = "bash" +RDEPENDS:${PN} = "bash sed util-linux-flock" -SRC_URI = "http://snapshot.debian.org/archive/debian/20160520T044340Z/pool/main/r/${BPN}/${BPN}_1.79.tar.xz \ - file://fix-path-for-busybox.patch \ +SRC_URI = "git://salsa.debian.org/debian/resolvconf.git;protocol=https;branch=unstable \ file://99_resolvconf \ - " + file://0001-avoid-using-m-option-for-readlink.patch \ + " -SRC_URI[md5sum] = "aab2382020fc518f06a06e924c56d300" -SRC_URI[sha256sum] = "8e2843cd4162b706f0481b3c281657728cbc2822e50a64fff79b79bd8aa870a0" +SRCREV = "86047276c80705c51859a19f0c472102e0822f34" + +S = "${WORKDIR}/git" # the package is taken from snapshots.debian.org; that source is static and goes stale # so we check the latest upstream from a directory that does get updated UPSTREAM_CHECK_URI = "${DEBIAN_MIRROR}/main/r/resolvconf/" -inherit allarch - do_compile () { : } do_install () { install -d ${D}${sysconfdir}/default/volatiles - install -m 0644 ${WORKDIR}/99_resolvconf ${D}${sysconfdir}/default/volatiles + install -m 0644 ${UNPACKDIR}/99_resolvconf ${D}${sysconfdir}/default/volatiles if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -d ${D}${sysconfdir}/tmpfiles.d echo "d /run/${BPN}/interface - - - -" \ @@ -39,12 +37,14 @@ do_install () { fi install -d ${D}${base_libdir}/${BPN} install -d ${D}${sysconfdir}/${BPN} + install -d ${D}${nonarch_base_libdir}/${BPN} ln -snf ${localstatedir}/run/${BPN} ${D}${sysconfdir}/${BPN}/run install -d ${D}${sysconfdir} ${D}${base_sbindir} install -d ${D}${mandir}/man8 ${D}${docdir}/${P} - cp -pPR etc/* ${D}${sysconfdir}/ + cp -pPR etc/resolvconf ${D}${sysconfdir}/ chown -R root:root ${D}${sysconfdir}/ install -m 0755 bin/resolvconf ${D}${base_sbindir}/ + install -m 0755 bin/normalize-resolvconf ${D}${nonarch_base_libdir}/${BPN} install -m 0755 bin/list-records ${D}${base_libdir}/${BPN} install -d ${D}/${sysconfdir}/network/if-up.d install -m 0755 debian/resolvconf.000resolvconf.if-up ${D}/${sysconfdir}/network/if-up.d/000resolvconf @@ -54,7 +54,7 @@ do_install () { install -m 0644 man/resolvconf.8 ${D}${mandir}/man8/ } -pkg_postinst_${PN} () { +pkg_postinst:${PN} () { if [ -z "$D" ]; then if command -v systemd-tmpfiles >/dev/null; then systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/resolvconf.conf @@ -64,4 +64,4 @@ pkg_postinst_${PN} () { fi } -FILES_${PN} += "${base_libdir}/${BPN}" +FILES:${PN} += "${base_libdir}/${BPN} ${nonarch_base_libdir}/${BPN}" diff --git a/meta/recipes-connectivity/slirp/libslirp_git.bb b/meta/recipes-connectivity/slirp/libslirp_git.bb new file mode 100644 index 0000000000..05830ce833 --- /dev/null +++ b/meta/recipes-connectivity/slirp/libslirp_git.bb @@ -0,0 +1,18 @@ +SUMMARY = "A general purpose TCP-IP emulator" +DESCRIPTION = "A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services." +HOMEPAGE = "https://gitlab.freedesktop.org/slirp/libslirp" +LICENSE = "BSD-3-Clause & MIT" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=bca0186b14e6b05e338e729f106db727" + +SRC_URI = "git://gitlab.freedesktop.org/slirp/libslirp.git;protocol=https;branch=master" +SRCREV = "ce314e39458223c2c42245fe536fbe1bcd94e9b1" +PV = "4.8.0" +S = "${WORKDIR}/git" + +DEPENDS = " \ + glib-2.0 \ +" + +inherit meson pkgconfig + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-connectivity/socat/files/0001-fix-compile-procan.c-failed.patch b/meta/recipes-connectivity/socat/files/0001-fix-compile-procan.c-failed.patch new file mode 100644 index 0000000000..9051ae1abe --- /dev/null +++ b/meta/recipes-connectivity/socat/files/0001-fix-compile-procan.c-failed.patch @@ -0,0 +1,62 @@ +From 4f887cc665c9a48b83e20ef4abe57afa7e365e0e Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@eng.windriver.com> +Date: Tue, 5 Dec 2023 23:02:22 -0800 +Subject: [PATCH v2] fix compile procan.c failed + +1. Compile socat failed if out of tree build (build dir != source dir) +... +gcc -c -D CC="gcc" -o procan.o procan.c +cc1: fatal error: procan.c: No such file or directory +... +Explicitly add $srcdir to makefile rule + +2. Compile socat failed if multiple words in $(CC), such as CC="gcc -m64" +... +from ../socat-1.8.0.0/procan.c:10: +../socat-1.8.0.0/sysincludes.h:18:10: fatal error: inttypes.h: No such file or directory + 18 | #include <inttypes.h> /* uint16_t */ +... + +In commit [Procan: print umask, CC, and couple more new infos][1], +it defeines marcro CC in C source, the space in CC will break +C source compile. Use first word of $(CC) to defeine marco CC + +[1] https://repo.or.cz/socat.git/commit/cd5673dbd0786c94e0b3ace7e35fab14c01e3185 + +Upstream-Status: Submitted [socat@dest-unreach.org] +Signed-off-by: Hongxu Jia <hongxu.jia@eng.windriver.com> +--- + Makefile.in | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +index c01b1a4..48dad69 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -109,8 +109,8 @@ depend: $(CFILES) $(HFILES) + socat: socat.o libxio.a + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ socat.o libxio.a $(CLIBS) + +-procan.o: procan.c +- $(CC) $(CFLAGS) -c -D CC=\"$(CC)\" -o $@ procan.c ++procan.o: $(srcdir)/procan.c ++ $(CC) $(CFLAGS) -c -D CC=\"$(firstword $(CC))\" -o $@ $(srcdir)/procan.c + + PROCAN_OBJS=procan_main.o procan.o procan-cdefs.o hostan.o error.o sycls.o sysutils.o utils.o vsnprintf_r.o snprinterr.o + procan: $(PROCAN_OBJS) +@@ -132,9 +132,9 @@ install: progs $(srcdir)/doc/socat.1 + mkdir -p $(DESTDIR)$(BINDEST) + $(INSTALL) -m 755 socat $(DESTDIR)$(BINDEST)/socat1 + ln -sf socat1 $(DESTDIR)$(BINDEST)/socat +- $(INSTALL) -m 755 socat-chain.sh $(DESTDIR)$(BINDEST) +- $(INSTALL) -m 755 socat-mux.sh $(DESTDIR)$(BINDEST) +- $(INSTALL) -m 755 socat-broker.sh $(DESTDIR)$(BINDEST) ++ $(INSTALL) -m 755 $(srcdir)/socat-chain.sh $(DESTDIR)$(BINDEST) ++ $(INSTALL) -m 755 $(srcdir)/socat-mux.sh $(DESTDIR)$(BINDEST) ++ $(INSTALL) -m 755 $(srcdir)/socat-broker.sh $(DESTDIR)$(BINDEST) + $(INSTALL) -m 755 procan $(DESTDIR)$(BINDEST) + $(INSTALL) -m 755 filan $(DESTDIR)$(BINDEST) + mkdir -p $(DESTDIR)$(MANDEST)/man1 +-- +2.42.0 + diff --git a/meta/recipes-connectivity/socat/socat_1.7.3.3.bb b/meta/recipes-connectivity/socat/socat_1.8.0.0.bb index 1dbbe5cd55..912605c95c 100644 --- a/meta/recipes-connectivity/socat/socat_1.7.3.3.bb +++ b/meta/recipes-connectivity/socat/socat_1.8.0.0.bb @@ -5,17 +5,15 @@ HOMEPAGE = "http://www.dest-unreach.org/socat/" SECTION = "console/network" -DEPENDS = "openssl" - LICENSE = "GPL-2.0-with-OpenSSL-exception" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://README;beginline=257;endline=287;md5=338c05eadd013872abb1d6e198e10a3f" + file://README;beginline=241;endline=271;md5=338c05eadd013872abb1d6e198e10a3f" SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \ + file://0001-fix-compile-procan.c-failed.patch \ " -SRC_URI[md5sum] = "b2a032a47b8b89a18485697fa975154f" -SRC_URI[sha256sum] = "0dd63ffe498168a4aac41d307594c5076ff307aa0ac04b141f8f1cec6594d04a" +SRC_URI[sha256sum] = "e1de683dd22ee0e3a6c6bbff269abe18ab0c9d7eb650204f125155b9005faca7" inherit autotools @@ -31,20 +29,23 @@ TERMBITS_SHIFTS ?= "sc_cv_sys_crdly_shift=9 \ sc_cv_sys_tabdly_shift=11 \ sc_cv_sys_csize_shift=4" -TERMBITS_SHIFTS_powerpc = "sc_cv_sys_crdly_shift=12 \ +TERMBITS_SHIFTS:powerpc = "sc_cv_sys_crdly_shift=12 \ sc_cv_sys_tabdly_shift=10 \ sc_cv_sys_csize_shift=8" -TERMBITS_SHIFTS_powerpc64 = "sc_cv_sys_crdly_shift=12 \ +TERMBITS_SHIFTS:powerpc64 = "sc_cv_sys_crdly_shift=12 \ sc_cv_sys_tabdly_shift=10 \ sc_cv_sys_csize_shift=8" -PACKAGECONFIG_class-target ??= "tcp-wrappers readline" -PACKAGECONFIG ??= "readline" +PACKAGECONFIG:class-target ??= "tcp-wrappers readline openssl" +PACKAGECONFIG ??= "readline openssl" PACKAGECONFIG[tcp-wrappers] = "--enable-libwrap,--disable-libwrap,tcp-wrappers" PACKAGECONFIG[readline] = "--enable-readline,--disable-readline,readline" +PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl" + +CFLAGS += "-fcommon" -do_install_prepend () { +do_install:prepend () { mkdir -p ${D}${bindir} install -d ${D}${bindir} ${D}${mandir}/man1 } diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key Binary files differnew file mode 100644 index 0000000000..30443c9438 --- /dev/null +++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key new file mode 100644 index 0000000000..86c2104ec8 --- /dev/null +++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key @@ -0,0 +1,9 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS +1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQRJR6iZxr/NTqQN9NOwV+WPtu42r2eF +rJ0xsnlqw5bpmfz6aDR8RQvVHUZjRGQfR/RXPbQ5x+bjjdm176TuXNhHAAAAqAoE27MKBN +uzAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElHqJnGv81OpA30 +07BX5Y+27javZ4WsnTGyeWrDlumZ/PpoNHxFC9UdRmNEZB9H9Fc9tDnH5uON2bXvpO5c2E +cAAAAgLiHv/IWhxwosz9BiNILOOPlXaueL5hVTBKUJkpOi48sAAAANcm9vdEBxZW11bWlw +cwECAw== +-----END OPENSSH PRIVATE KEY----- diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub new file mode 100644 index 0000000000..a358aeb88a --- /dev/null +++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub @@ -0,0 +1 @@ +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElHqJnGv81OpA3007BX5Y+27javZ4WsnTGyeWrDlumZ/PpoNHxFC9UdRmNEZB9H9Fc9tDnH5uON2bXvpO5c2Ec= root@qemupregen diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key new file mode 100644 index 0000000000..00ed9adae2 --- /dev/null +++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACDHSFTAbJ3OTd1r1E8G5JleCmsJEpQHmdTGtMcYqwWbbwAAAJChFtV0oRbV +dAAAAAtzc2gtZWQyNTUxOQAAACDHSFTAbJ3OTd1r1E8G5JleCmsJEpQHmdTGtMcYqwWbbw +AAAEA8UiUsygsTbP0HkDi5leXpQaVXihDyCHeitkBCItJGhcdIVMBsnc5N3WvUTwbkmV4K +awkSlAeZ1Ma0xxirBZtvAAAADXJvb3RAcWVtdW1pcHM= +-----END OPENSSH PRIVATE KEY----- diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub new file mode 100644 index 0000000000..cc0e2f43ed --- /dev/null +++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdIVMBsnc5N3WvUTwbkmV4KawkSlAeZ1Ma0xxirBZtv root@qemupregen diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key new file mode 100644 index 0000000000..a8e4406ba3 --- /dev/null +++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key @@ -0,0 +1,38 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn +NhAAAAAwEAAQAAAYEA2Q6dzF1xziCQCFq+e+Fv6w0607gNlyKnkhuoRq8G7/HEqXU2eEtC +i3AMUrAP8k7s9kP5vI5CyfSgFuC9MxDV2YL2bsmvRxBSKgg6KbNxkoTaFBqyqHopuWQca8 +KRahvzt5dh9fsmeqamIwgMWKTSwtDHcsbyt84nmO2Z2ZrNXobgueMIj+HiJVgmWn86FQFL +EoONAA+qb4SciPsxvmTlaQ/DMAh3llVo/IMLD9oyAyAI2kbHNnZttlYv5TmY7ICd3yCW8z +PXrxNcEF3Qs1d68gVJxLjLKTlYGzJW2J+RwY+1DJZ0w4lozeQiZXTXVtzcJB0tm2DcvQMz +kqyARmncSUwcPbEClEW6Y2xQnLeSHjexzlCCndiUbBTeG5iRl4OL6DN40iI9Lw2VROtj2Y +59n9PCfaoUs08dsgJLaNrDbRHrCRLSdZJ6OQFiC/nAx/t4e4+wdUgNOqLyJqomdNdaLXPq +tzr9ssrcY5j1DmmwKtzfTI5VM9LRQo+REIiUCNTFAAAFiFh232tYdt9rAAAAB3NzaC1yc2 +EAAAGBANkOncxdcc4gkAhavnvhb+sNOtO4DZcip5IbqEavBu/xxKl1NnhLQotwDFKwD/JO +7PZD+byOQsn0oBbgvTMQ1dmC9m7Jr0cQUioIOimzcZKE2hQasqh6KblkHGvCkWob87eXYf +X7JnqmpiMIDFik0sLQx3LG8rfOJ5jtmdmazV6G4LnjCI/h4iVYJlp/OhUBSxKDjQAPqm+E +nIj7Mb5k5WkPwzAId5ZVaPyDCw/aMgMgCNpGxzZ2bbZWL+U5mOyAnd8glvMz168TXBBd0L +NXevIFScS4yyk5WBsyVtifkcGPtQyWdMOJaM3kImV011bc3CQdLZtg3L0DM5KsgEZp3ElM +HD2xApRFumNsUJy3kh43sc5Qgp3YlGwU3huYkZeDi+gzeNIiPS8NlUTrY9mOfZ/Twn2qFL +NPHbICS2jaw20R6wkS0nWSejkBYgv5wMf7eHuPsHVIDTqi8iaqJnTXWi1z6rc6/bLK3GOY +9Q5psCrc30yOVTPS0UKPkRCIlAjUxQAAAAMBAAEAAAGAGIj+bUtiwdoMbeVUAszIydkE/U +mgv6S7LFjT/KlsL1M017LYJWDcdMaFnhMouksRngSxBg9OnWV5cxyURmFwytVy5bMGjRHb +N8UWTgBqphU+UWdzKngkn0AhtkyYA1aFhgsml5d8EgEkZnFSc/KtoDfZU7AJX519/FtfOK +m27Shx3pE7Nohh97avHyuidR1gTwdvuMIMke57g0BhrxPYmredaKCMZAHjjCeD6JbRcGj+ +ly3I9u8MF8BGSbLpBlLDUFCwP8G5CdmMua8bPJYhPSRqMLQhclI7hc6FaYk+gZV9B74Iv/ +SAxcCwI97dNbE0IAsbbWoUdoKGpAYQ5gOdhu5ioqZwKWjNjB3Xx48mq8xtmIR9HEnYzEnk +b/tDWNRWrGkvNK7vpLvnbsSSKBqOAbMzmQdJxogTgjE5doSmu2/krIMR6KUcUox2ZrR8Ot +JM6bXyNFBviiXmYvw/SZTDrVJu8BPMu5EMS5pBl8jPFBGI/ePk4qg7lWAJeQ89ThtBAAAA +wQDEU4HjomWwJsn9UWdoodXTV5aPY9B1OPkmYnRPtsjSAcXgtBzUXMEOsmXODOK3aQjsE0 +jQKpWDAUcUf6KKZKRehxUN4MlwujCG9czn65S6B8BsP1YUfZQjpNyub8vDBfeKzlxKBEEM +lb4iBT+LEGkihK13H5CbqRg1GDAThZzwrV4pj3S40zgyHhn8JjK4x4djEY6NwkWH8E2DgD +8vYG/FKh5E/VIZtCgtAHa4QNAgGB4VMRn1VpSJzxjCxb1wancAAADBAPT7F34WYEI3Vc52 +p1U5rPa6dZtg5QM14V0+KtMlb3frd0/F+JVj4t6COQ8J9pkOuD0YjOYJuFXIWAAYIjCdWt +cbTi/sSERawOWxrgSwJo2vjt5izrBQtr3N8tiB6KDGa5sdgJl5XzJ0SsdStfBbyhcJO4RV +p9lc+X8OsUfFsClmyIs45vlxBRH06DP6/zmYCAmqvlrfZJKqlpKAEWDDObRy/3+mSNhZ0J +BdmncASiASRlPPIoIHznyA1COUn6+TnwAAAMEA4tH89Dez2JauyPVeCyHAC680vrBKjmMx +WYdpq2Xzd/LNl2L9oc0IEZzerLTuaCh6qsbbk2wWj1nrYXvefz/xUtDR427tvRXckcsWhP +2HYohdYBkwTpp9QuscIV76GdwbTImuNEzvABH1hpTG6DSzqeyf/EVmSq07nptJIs5lpU49 +tW2aWraSvswHR9xfts1U79w9f4BNDy1rTmfuLERTRNF/T9CIFsk9tArLUNT64mhHtoEs8F +9AyGuq6v49bN0bAAAADXJvb3RAcWVtdW1pcHMBAgMEBQ== +-----END OPENSSH PRIVATE KEY----- diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub new file mode 100644 index 0000000000..9eb8c3838f --- /dev/null +++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZDp3MXXHOIJAIWr574W/rDTrTuA2XIqeSG6hGrwbv8cSpdTZ4S0KLcAxSsA/yTuz2Q/m8jkLJ9KAW4L0zENXZgvZuya9HEFIqCDops3GShNoUGrKoeim5ZBxrwpFqG/O3l2H1+yZ6pqYjCAxYpNLC0MdyxvK3zieY7ZnZms1ehuC54wiP4eIlWCZafzoVAUsSg40AD6pvhJyI+zG+ZOVpD8MwCHeWVWj8gwsP2jIDIAjaRsc2dm22Vi/lOZjsgJ3fIJbzM9evE1wQXdCzV3ryBUnEuMspOVgbMlbYn5HBj7UMlnTDiWjN5CJldNdW3NwkHS2bYNy9AzOSrIBGadxJTBw9sQKURbpjbFCct5IeN7HOUIKd2JRsFN4bmJGXg4voM3jSIj0vDZVE62PZjn2f08J9qhSzTx2yAkto2sNtEesJEtJ1kno5AWIL+cDH+3h7j7B1SA06ovImqiZ011otc+q3Ov2yytxjmPUOabAq3N9MjlUz0tFCj5EQiJQI1MU= root@qemupregen diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb new file mode 100644 index 0000000000..db5a0eb8ce --- /dev/null +++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb @@ -0,0 +1,24 @@ +SUMMARY = "Pre generated host keys mainly for speeding up our qemu tests" + +SRC_URI = "file://dropbear_rsa_host_key \ + file://openssh" + +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +S = "${WORKDIR}/sources" +UNPACKDIR = "${S}" + +INHIBIT_DEFAULT_DEPS = "1" + +COMPATIBLE_MACHINE = "^qemu.*$" + +do_install () { + install -d ${D}${sysconfdir}/dropbear + install ${UNPACKDIR}/dropbear_rsa_host_key -m 0600 ${D}${sysconfdir}/dropbear/ + + install -d ${D}${sysconfdir}/ssh + install ${UNPACKDIR}/openssh/* ${D}${sysconfdir}/ssh/ + chmod 0600 ${D}${sysconfdir}/ssh/* + chmod 0644 ${D}${sysconfdir}/ssh/*.pub +} diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch deleted file mode 100644 index 7b0713cf6d..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch +++ /dev/null @@ -1,82 +0,0 @@ -hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication -of disconnection in certain situations because source address validation is -mishandled. This is a denial of service that should have been prevented by PMF -(aka management frame protection). The attacker must send a crafted 802.11 frame -from a location that is within the 802.11 communications range. - -CVE: CVE-2019-16275 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From 8c07fa9eda13e835f3f968b2e1c9a8be3a851ff9 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Thu, 29 Aug 2019 11:52:04 +0300 -Subject: [PATCH] AP: Silently ignore management frame from unexpected source - address - -Do not process any received Management frames with unexpected/invalid SA -so that we do not add any state for unexpected STA addresses or end up -sending out frames to unexpected destination. This prevents unexpected -sequences where an unprotected frame might end up causing the AP to send -out a response to another device and that other device processing the -unexpected response. - -In particular, this prevents some potential denial of service cases -where the unexpected response frame from the AP might result in a -connected station dropping its association. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/ap/drv_callbacks.c | 13 +++++++++++++ - src/ap/ieee802_11.c | 12 ++++++++++++ - 2 files changed, 25 insertions(+) - -diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c -index 31587685fe3b..34ca379edc3d 100644 ---- a/src/ap/drv_callbacks.c -+++ b/src/ap/drv_callbacks.c -@@ -131,6 +131,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, - "hostapd_notif_assoc: Skip event with no address"); - return -1; - } -+ -+ if (is_multicast_ether_addr(addr) || -+ is_zero_ether_addr(addr) || -+ os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { -+ /* Do not process any frames with unexpected/invalid SA so that -+ * we do not add any state for unexpected STA addresses or end -+ * up sending out frames to unexpected destination. */ -+ wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR -+ " in received indication - ignore this indication silently", -+ __func__, MAC2STR(addr)); -+ return 0; -+ } -+ - random_add_randomness(addr, ETH_ALEN); - - hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, -diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c -index c85a28db44b7..e7065372e158 100644 ---- a/src/ap/ieee802_11.c -+++ b/src/ap/ieee802_11.c -@@ -4626,6 +4626,18 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, - fc = le_to_host16(mgmt->frame_control); - stype = WLAN_FC_GET_STYPE(fc); - -+ if (is_multicast_ether_addr(mgmt->sa) || -+ is_zero_ether_addr(mgmt->sa) || -+ os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { -+ /* Do not process any frames with unexpected/invalid SA so that -+ * we do not add any state for unexpected STA addresses or end -+ * up sending out frames to unexpected destination. */ -+ wpa_printf(MSG_DEBUG, "MGMT: Invalid SA=" MACSTR -+ " in received frame - ignore this frame silently", -+ MAC2STR(mgmt->sa)); -+ return 0; -+ } -+ - if (stype == WLAN_FC_STYPE_BEACON) { - handle_beacon(hapd, mgmt, len, fi); - return 1; --- -2.20.1 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-macsec_linux-Hardware-offload-requires-Linux-headers.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-macsec_linux-Hardware-offload-requires-Linux-headers.patch new file mode 100644 index 0000000000..f9634e47c9 --- /dev/null +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-macsec_linux-Hardware-offload-requires-Linux-headers.patch @@ -0,0 +1,53 @@ +From 809d9d8172db8e2a08ff639875f838b5b86d2641 Mon Sep 17 00:00:00 2001 +From: Sergey Matyukevich <geomatsi@gmail.com> +Date: Thu, 22 Aug 2024 00:03:41 +0300 +Subject: [PATCH] macsec_linux: Hardware offload requires Linux headers >= v5.7 + +Hardware offload in Linux macsec driver is enabled in compile time if +libnl version is >= v3.6. This is not sufficient for successful build +since enum 'macsec_offload' has been added to Linux header if_link.h +in kernels v5.6 and v5.7, see commits: +- https://github.com/torvalds/linux/commit/21114b7feec29e4425a3ac48a037569c016a46c8 +- https://github.com/torvalds/linux/commit/76564261a7db80c5f5c624e0122a28787f266bdf + +New libnl with older Linux headers is a valid combination. This is how +hostapd build failure has been detected by Buildroot autobuilder, see: +- http://autobuild.buildroot.net/results/b59d5bc5bd17683a3a1e3577c40c802e81911f84/ + +Extend compile time condition for the enablement of the macsec hardware +offload adding Linux headers version check. + +Fixes: 40c139664439 ("macsec_linux: Add support for MACsec hardware offload") +Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com> + +Upstream-Status: Backport [https://w1.fi/cgit/hostap/patch/?id=809d9d8172db8e2a08ff639875f838b5b86d2641] +Signed-off-by: Jon Mason <jdmason@kudzu.us> +--- + src/drivers/driver_macsec_linux.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/drivers/driver_macsec_linux.c b/src/drivers/driver_macsec_linux.c +index c867154981e9..fad47a292f9f 100644 +--- a/src/drivers/driver_macsec_linux.c ++++ b/src/drivers/driver_macsec_linux.c +@@ -19,6 +19,7 @@ + #include <netlink/route/link.h> + #include <netlink/route/link/macsec.h> + #include <linux/if_macsec.h> ++#include <linux/version.h> + #include <inttypes.h> + + #include "utils/common.h" +@@ -32,7 +33,8 @@ + + #define UNUSED_SCI 0xffffffffffffffff + +-#if LIBNL_VER_NUM >= LIBNL_VER(3, 6) ++#if (LIBNL_VER_NUM >= LIBNL_VER(3, 6) && \ ++ LINUX_VERSION_CODE >= KERNEL_VERSION(5, 7, 0)) + #define LIBNL_HAS_OFFLOAD + #endif + +-- +2.39.2 + diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch deleted file mode 100644 index a476cf040e..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 94c401733a5a3d294cc412671166e6adfb409f53 Mon Sep 17 00:00:00 2001 -From: Joshua DeWeese <jdeweese@hennypenny.com> -Date: Wed, 30 Jan 2019 16:19:47 -0500 -Subject: [PATCH] replace systemd install Alias with WantedBy - -According to the systemd documentation "WantedBy=foo.service in a -service bar.service is mostly equivalent to -Alias=foo.service.wants/bar.service in the same file." However, -this is not really the intended purpose of install Aliases. - -Upstream-Status: Submitted [hostap@lists.infradead.org] - -Signed-off-by: Joshua DeWeese <jdeweese@hennypenny.com> ---- - wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in | 2 +- - wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in | 2 +- - wpa_supplicant/systemd/wpa_supplicant.service.arg.in | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in -index 03ac507..da69a87 100644 ---- a/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in -+++ b/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in -@@ -12,4 +12,4 @@ Type=simple - ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-nl80211-%I.conf -Dnl80211 -i%I - - [Install] --Alias=multi-user.target.wants/wpa_supplicant-nl80211@%i.service -+WantedBy=multi-user.target -diff --git a/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in -index c8a744d..ca3054b 100644 ---- a/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in -+++ b/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in -@@ -12,4 +12,4 @@ Type=simple - ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-wired-%I.conf -Dwired -i%I - - [Install] --Alias=multi-user.target.wants/wpa_supplicant-wired@%i.service -+WantedBy=multi-user.target -diff --git a/wpa_supplicant/systemd/wpa_supplicant.service.arg.in b/wpa_supplicant/systemd/wpa_supplicant.service.arg.in -index 7788b38..55d2b9c 100644 ---- a/wpa_supplicant/systemd/wpa_supplicant.service.arg.in -+++ b/wpa_supplicant/systemd/wpa_supplicant.service.arg.in -@@ -12,4 +12,4 @@ Type=simple - ExecStart=@BINDIR@/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-%I.conf -i%I - - [Install] --Alias=multi-user.target.wants/wpa_supplicant@%i.service -+WantedBy=multi-user.target --- -2.7.4 - diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/defconfig b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/defconfig deleted file mode 100644 index f04e398fdb..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/defconfig +++ /dev/null @@ -1,552 +0,0 @@ -# Example wpa_supplicant build time configuration -# -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cases, these lines should use += in order not -# to override previous values of the variables. - - -# Uncomment following two lines and fix the paths if you have installed OpenSSL -# or GnuTLS in non-default location -#CFLAGS += -I/usr/local/openssl/include -#LIBS += -L/usr/local/openssl/lib - -# Some Red Hat versions seem to include kerberos header files from OpenSSL, but -# the kerberos files are not in the default include path. Following line can be -# used to fix build issues on such systems (krb5.h not found). -#CFLAGS += -I/usr/include/kerberos - -# Example configuration for various cross-compilation platforms - -#### sveasoft (e.g., for Linksys WRT54G) ###################################### -#CC=mipsel-uclibc-gcc -#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc -#CFLAGS += -Os -#CPPFLAGS += -I../src/include -I../../src/router/openssl/include -#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl -############################################################################### - -#### openwrt (e.g., for Linksys WRT54G) ####################################### -#CC=mipsel-uclibc-gcc -#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc -#CFLAGS += -Os -#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \ -# -I../WRT54GS/release/src/include -#LIBS = -lssl -############################################################################### - - -# Driver interface for Host AP driver -CONFIG_DRIVER_HOSTAP=y - -# Driver interface for Agere driver -#CONFIG_DRIVER_HERMES=y -# Change include directories to match with the local setup -#CFLAGS += -I../../hcf -I../../include -I../../include/hcf -#CFLAGS += -I../../include/wireless - -# Driver interface for madwifi driver -# Deprecated; use CONFIG_DRIVER_WEXT=y instead. -#CONFIG_DRIVER_MADWIFI=y -# Set include directory to the madwifi source tree -#CFLAGS += -I../../madwifi - -# Driver interface for ndiswrapper -# Deprecated; use CONFIG_DRIVER_WEXT=y instead. -#CONFIG_DRIVER_NDISWRAPPER=y - -# Driver interface for Atmel driver -# CONFIG_DRIVER_ATMEL=y - -# Driver interface for old Broadcom driver -# Please note that the newer Broadcom driver ("hybrid Linux driver") supports -# Linux wireless extensions and does not need (or even work) with the old -# driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver. -#CONFIG_DRIVER_BROADCOM=y -# Example path for wlioctl.h; change to match your configuration -#CFLAGS += -I/opt/WRT54GS/release/src/include - -# Driver interface for Intel ipw2100/2200 driver -# Deprecated; use CONFIG_DRIVER_WEXT=y instead. -#CONFIG_DRIVER_IPW=y - -# Driver interface for Ralink driver -#CONFIG_DRIVER_RALINK=y - -# Driver interface for generic Linux wireless extensions -# Note: WEXT is deprecated in the current Linux kernel version and no new -# functionality is added to it. nl80211-based interface is the new -# replacement for WEXT and its use allows wpa_supplicant to properly control -# the driver to improve existing functionality like roaming and to support new -# functionality. -CONFIG_DRIVER_WEXT=y - -# Driver interface for Linux drivers using the nl80211 kernel interface -CONFIG_DRIVER_NL80211=y - -# driver_nl80211.c requires libnl. If you are compiling it yourself -# you may need to point hostapd to your version of libnl. -# -#CFLAGS += -I$<path to libnl include files> -#LIBS += -L$<path to libnl library files> - -# Use libnl v2.0 (or 3.0) libraries. -#CONFIG_LIBNL20=y - -# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) -CONFIG_LIBNL32=y - - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib -#LIBS_p += -L/usr/local/lib -#LIBS_c += -L/usr/local/lib - -# Driver interface for Windows NDIS -#CONFIG_DRIVER_NDIS=y -#CFLAGS += -I/usr/include/w32api/ddk -#LIBS += -L/usr/local/lib -# For native build using mingw -#CONFIG_NATIVE_WINDOWS=y -# Additional directories for cross-compilation on Linux host for mingw target -#CFLAGS += -I/opt/mingw/mingw32/include/ddk -#LIBS += -L/opt/mingw/mingw32/lib -#CC=mingw32-gcc -# By default, driver_ndis uses WinPcap for low-level operations. This can be -# replaced with the following option which replaces WinPcap calls with NDISUIO. -# However, this requires that WZC is disabled (net stop wzcsvc) before starting -# wpa_supplicant. -# CONFIG_USE_NDISUIO=y - -# Driver interface for development testing -#CONFIG_DRIVER_TEST=y - -# Driver interface for wired Ethernet drivers -CONFIG_DRIVER_WIRED=y - -# Driver interface for the Broadcom RoboSwitch family -#CONFIG_DRIVER_ROBOSWITCH=y - -# Driver interface for no driver (e.g., WPS ER only) -#CONFIG_DRIVER_NONE=y - -# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is -# included) -CONFIG_IEEE8021X_EAPOL=y - -# EAP-MD5 -CONFIG_EAP_MD5=y - -# EAP-MSCHAPv2 -CONFIG_EAP_MSCHAPV2=y - -# EAP-TLS -CONFIG_EAP_TLS=y - -# EAL-PEAP -CONFIG_EAP_PEAP=y - -# EAP-TTLS -CONFIG_EAP_TTLS=y - -# EAP-FAST -# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed -# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g., -# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions. -#CONFIG_EAP_FAST=y - -# EAP-GTC -CONFIG_EAP_GTC=y - -# EAP-OTP -CONFIG_EAP_OTP=y - -# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) -#CONFIG_EAP_SIM=y - -# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# EAP-pwd (secure authentication using only a password) -#CONFIG_EAP_PWD=y - -# EAP-PAX -#CONFIG_EAP_PAX=y - -# LEAP -CONFIG_EAP_LEAP=y - -# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) -#CONFIG_EAP_AKA=y - -# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used). -# This requires CONFIG_EAP_AKA to be enabled, too. -#CONFIG_EAP_AKA_PRIME=y - -# Enable USIM simulator (Milenage) for EAP-AKA -#CONFIG_USIM_SIMULATOR=y - -# EAP-SAKE -#CONFIG_EAP_SAKE=y - -# EAP-GPSK -#CONFIG_EAP_GPSK=y -# Include support for optional SHA256 cipher suite in EAP-GPSK -#CONFIG_EAP_GPSK_SHA256=y - -# EAP-TNC and related Trusted Network Connect support (experimental) -#CONFIG_EAP_TNC=y - -# Wi-Fi Protected Setup (WPS) -CONFIG_WPS=y -# Enable WSC 2.0 support -#CONFIG_WPS2=y -# Enable WPS external registrar functionality -#CONFIG_WPS_ER=y -# Disable credentials for an open network by default when acting as a WPS -# registrar. -#CONFIG_WPS_REG_DISABLE_OPEN=y -# Enable WPS support with NFC config method -#CONFIG_WPS_NFC=y - -# EAP-IKEv2 -#CONFIG_EAP_IKEV2=y - -# EAP-EKE -#CONFIG_EAP_EKE=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -CONFIG_PKCS12=y - -# Smartcard support (i.e., private key on a smartcard), e.g., with openssl -# engine. -CONFIG_SMARTCARD=y - -# PC/SC interface for smartcards (USIM, GSM SIM) -# Enable this if EAP-SIM or EAP-AKA is included -#CONFIG_PCSC=y - -# Support HT overrides (disable HT/HT40, mask MCS rates, etc.) -#CONFIG_HT_OVERRIDES=y - -# Support VHT overrides (disable VHT, mask MCS rates, etc.) -#CONFIG_VHT_OVERRIDES=y - -# Development testing -#CONFIG_EAPOL_TEST=y - -# Select control interface backend for external programs, e.g, wpa_cli: -# unix = UNIX domain sockets (default for Linux/*BSD) -# udp = UDP sockets using localhost (127.0.0.1) -# named_pipe = Windows Named Pipe (default for Windows) -# udp-remote = UDP sockets with remote access (only for tests systems/purpose) -# y = use default (backwards compatibility) -# If this option is commented out, control interface is not included in the -# build. -CONFIG_CTRL_IFACE=y - -# Include support for GNU Readline and History Libraries in wpa_cli. -# When building a wpa_cli binary for distribution, please note that these -# libraries are licensed under GPL and as such, BSD license may not apply for -# the resulting binary. -#CONFIG_READLINE=y - -# Include internal line edit mode in wpa_cli. This can be used as a replacement -# for GNU Readline to provide limited command line editing and history support. -#CONFIG_WPA_CLI_EDIT=y - -# Remove debugging code that is printing out debug message to stdout. -# This can be used to reduce the size of the wpa_supplicant considerably -# if debugging code is not needed. The size reduction can be around 35% -# (e.g., 90 kB). -#CONFIG_NO_STDOUT_DEBUG=y - -# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save -# 35-50 kB in code size. -#CONFIG_NO_WPA=y - -# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support -# This option can be used to reduce code size by removing support for -# converting ASCII passphrases into PSK. If this functionality is removed, the -# PSK can only be configured as the 64-octet hexstring (e.g., from -# wpa_passphrase). This saves about 0.5 kB in code size. -#CONFIG_NO_WPA_PASSPHRASE=y - -# Disable scan result processing (ap_mode=1) to save code size by about 1 kB. -# This can be used if ap_scan=1 mode is never enabled. -#CONFIG_NO_SCAN_PROCESSING=y - -# Select configuration backend: -# file = text file (e.g., wpa_supplicant.conf; note: the configuration file -# path is given on command line, not here; this option is just used to -# select the backend that allows configuration files to be used) -# winreg = Windows registry (see win_example.reg for an example) -CONFIG_BACKEND=file - -# Remove configuration write functionality (i.e., to allow the configuration -# file to be updated based on runtime configuration changes). The runtime -# configuration can still be changed, the changes are just not going to be -# persistent over restarts. This option can be used to reduce code size by -# about 3.5 kB. -#CONFIG_NO_CONFIG_WRITE=y - -# Remove support for configuration blobs to reduce code size by about 1.5 kB. -#CONFIG_NO_CONFIG_BLOBS=y - -# Select program entry point implementation: -# main = UNIX/POSIX like main() function (default) -# main_winsvc = Windows service (read parameters from registry) -# main_none = Very basic example (development use only) -#CONFIG_MAIN=main - -# Select wrapper for operatins system and C library specific functions -# unix = UNIX/POSIX like systems (default) -# win32 = Windows systems -# none = Empty template -#CONFIG_OS=unix - -# Select event loop implementation -# eloop = select() loop (default) -# eloop_win = Windows events and WaitForMultipleObject() loop -#CONFIG_ELOOP=eloop - -# Should we use poll instead of select? Select is used by default. -#CONFIG_ELOOP_POLL=y - -# Select layer 2 packet implementation -# linux = Linux packet socket (default) -# pcap = libpcap/libdnet/WinPcap -# freebsd = FreeBSD libpcap -# winpcap = WinPcap with receive thread -# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y) -# none = Empty template -#CONFIG_L2_PACKET=linux - -# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) -CONFIG_PEERKEY=y - -# IEEE 802.11w (management frame protection), also known as PMF -# Driver support is also needed for IEEE 802.11w. -#CONFIG_IEEE80211W=y - -# Select TLS implementation -# openssl = OpenSSL (default) -# gnutls = GnuTLS -# internal = Internal TLSv1 implementation (experimental) -# none = Empty template -#CONFIG_TLS=openssl - -# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) -# can be enabled to get a stronger construction of messages when block ciphers -# are used. It should be noted that some existing TLS v1.0 -based -# implementation may not be compatible with TLS v1.1 message (ClientHello is -# sent prior to negotiating which version will be used) -#CONFIG_TLSV11=y - -# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2) -# can be enabled to enable use of stronger crypto algorithms. It should be -# noted that some existing TLS v1.0 -based implementation may not be compatible -# with TLS v1.2 message (ClientHello is sent prior to negotiating which version -# will be used) -#CONFIG_TLSV12=y - -# If CONFIG_TLS=internal is used, additional library and include paths are -# needed for LibTomMath. Alternatively, an integrated, minimal version of -# LibTomMath can be used. See beginning of libtommath.c for details on benefits -# and drawbacks of this option. -#CONFIG_INTERNAL_LIBTOMMATH=y -#ifndef CONFIG_INTERNAL_LIBTOMMATH -#LTM_PATH=/usr/src/libtommath-0.39 -#CFLAGS += -I$(LTM_PATH) -#LIBS += -L$(LTM_PATH) -#LIBS_p += -L$(LTM_PATH) -#endif -# At the cost of about 4 kB of additional binary size, the internal LibTomMath -# can be configured to include faster routines for exptmod, sqr, and div to -# speed up DH and RSA calculation considerably -#CONFIG_INTERNAL_LIBTOMMATH_FAST=y - -# Include NDIS event processing through WMI into wpa_supplicant/wpasvc. -# This is only for Windows builds and requires WMI-related header files and -# WbemUuid.Lib from Platform SDK even when building with MinGW. -#CONFIG_NDIS_EVENTS_INTEGRATED=y -#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" - -# Add support for old DBus control interface -# (fi.epitest.hostap.WPASupplicant) -#CONFIG_CTRL_IFACE_DBUS=y - -# Add support for new DBus control interface -# (fi.w1.hostap.wpa_supplicant1) -CONFIG_CTRL_IFACE_DBUS_NEW=y - -# Add introspection support for new DBus control interface -#CONFIG_CTRL_IFACE_DBUS_INTRO=y - -# Add support for loading EAP methods dynamically as shared libraries. -# When this option is enabled, each EAP method can be either included -# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn). -# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to -# be loaded in the beginning of the wpa_supplicant configuration file -# (see load_dynamic_eap parameter in the example file) before being used in -# the network blocks. -# -# Note that some shared parts of EAP methods are included in the main program -# and in order to be able to use dynamic EAP methods using these parts, the -# main program must have been build with the EAP method enabled (=y or =dyn). -# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries -# unless at least one of them was included in the main build to force inclusion -# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included -# in the main build to be able to load these methods dynamically. -# -# Please also note that using dynamic libraries will increase the total binary -# size. Thus, it may not be the best option for targets that have limited -# amount of memory/flash. -#CONFIG_DYNAMIC_EAP_METHODS=y - -# IEEE Std 802.11r-2008 (Fast BSS Transition) -#CONFIG_IEEE80211R=y - -# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) -#CONFIG_DEBUG_FILE=y - -# Send debug messages to syslog instead of stdout -#CONFIG_DEBUG_SYSLOG=y -# Set syslog facility for debug messages -#CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON - -# Add support for sending all debug messages (regardless of debug verbosity) -# to the Linux kernel tracing facility. This helps debug the entire stack by -# making it easy to record everything happening from the driver up into the -# same file, e.g., using trace-cmd. -#CONFIG_DEBUG_LINUX_TRACING=y - -# Enable privilege separation (see README 'Privilege separation' for details) -#CONFIG_PRIVSEP=y - -# Enable mitigation against certain attacks against TKIP by delaying Michael -# MIC error reports by a random amount of time between 0 and 60 seconds -#CONFIG_DELAYED_MIC_ERROR_REPORT=y - -# Enable tracing code for developer debugging -# This tracks use of memory allocations and other registrations and reports -# incorrect use with a backtrace of call (or allocation) location. -#CONFIG_WPA_TRACE=y -# For BSD, uncomment these. -#LIBS += -lexecinfo -#LIBS_p += -lexecinfo -#LIBS_c += -lexecinfo - -# Use libbfd to get more details for developer debugging -# This enables use of libbfd to get more detailed symbols for the backtraces -# generated by CONFIG_WPA_TRACE=y. -#CONFIG_WPA_TRACE_BFD=y -# For BSD, uncomment these. -#LIBS += -lbfd -liberty -lz -#LIBS_p += -lbfd -liberty -lz -#LIBS_c += -lbfd -liberty -lz - -CONFIG_TLS = %ssl% -CONFIG_CTRL_IFACE_DBUS=y -CONFIG_CTRL_IFACE_DBUS_NEW=y - -# wpa_supplicant depends on strong random number generation being available -# from the operating system. os_get_random() function is used to fetch random -# data when needed, e.g., for key generation. On Linux and BSD systems, this -# works by reading /dev/urandom. It should be noted that the OS entropy pool -# needs to be properly initialized before wpa_supplicant is started. This is -# important especially on embedded devices that do not have a hardware random -# number generator and may by default start up with minimal entropy available -# for random number generation. -# -# As a safety net, wpa_supplicant is by default trying to internally collect -# additional entropy for generating random data to mix in with the data fetched -# from the OS. This by itself is not considered to be very strong, but it may -# help in cases where the system pool is not initialized properly. However, it -# is very strongly recommended that the system pool is initialized with enough -# entropy either by using hardware assisted random number generator or by -# storing state over device reboots. -# -# wpa_supplicant can be configured to maintain its own entropy store over -# restarts to enhance random number generation. This is not perfect, but it is -# much more secure than using the same sequence of random numbers after every -# reboot. This can be enabled with -e<entropy file> command line option. The -# specified file needs to be readable and writable by wpa_supplicant. -# -# If the os_get_random() is known to provide strong random data (e.g., on -# Linux/BSD, the board in question is known to have reliable source of random -# data from /dev/urandom), the internal wpa_supplicant random pool can be -# disabled. This will save some in binary size and CPU use. However, this -# should only be considered for builds that are known to be used on devices -# that meet the requirements described above. -#CONFIG_NO_RANDOM_POOL=y - -# IEEE 802.11n (High Throughput) support (mainly for AP mode) -#CONFIG_IEEE80211N=y - -# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode) -# (depends on CONFIG_IEEE80211N) -#CONFIG_IEEE80211AC=y - -# Wireless Network Management (IEEE Std 802.11v-2011) -# Note: This is experimental and not complete implementation. -#CONFIG_WNM=y - -# Interworking (IEEE 802.11u) -# This can be used to enable functionality to improve interworking with -# external networks (GAS/ANQP to learn more about the networks and network -# selection based on available credentials). -#CONFIG_INTERWORKING=y - -# Hotspot 2.0 -#CONFIG_HS20=y - -# Disable roaming in wpa_supplicant -#CONFIG_NO_ROAMING=y - -# AP mode operations with wpa_supplicant -# This can be used for controlling AP mode operations with wpa_supplicant. It -# should be noted that this is mainly aimed at simple cases like -# WPA2-Personal while more complex configurations like WPA2-Enterprise with an -# external RADIUS server can be supported with hostapd. -CONFIG_AP=y - -CONFIG_BGSCAN_SIMPLE=y - -# P2P (Wi-Fi Direct) -# This can be used to enable P2P support in wpa_supplicant. See README-P2P for -# more information on P2P operations. -#CONFIG_P2P=y - -# Enable TDLS support -#CONFIG_TDLS=y - -# Wi-Fi Direct -# This can be used to enable Wi-Fi Direct extensions for P2P using an external -# program to control the additional information exchanges in the messages. -#CONFIG_WIFI_DISPLAY=y - -# Autoscan -# This can be used to enable automatic scan support in wpa_supplicant. -# See wpa_supplicant.conf for more information on autoscan usage. -# -# Enabling directly a module will enable autoscan support. -# For exponential module: -CONFIG_AUTOSCAN_EXPONENTIAL=y -# For periodic module: -#CONFIG_AUTOSCAN_PERIODIC=y - -# Password (and passphrase, etc.) backend for external storage -# These optional mechanisms can be used to add support for storing passwords -# and other secrets in external (to wpa_supplicant) location. This allows, for -# example, operating system specific key storage to be used -# -# External password backend for testing purposes (developer use) -#CONFIG_EXT_PASSWORD_TEST=y diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.11.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.11.bb new file mode 100644 index 0000000000..257ef43b6e --- /dev/null +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.11.bb @@ -0,0 +1,135 @@ +SUMMARY = "Client for Wi-Fi Protected Access (WPA)" +DESCRIPTION = "wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver." +HOMEPAGE = "http://w1.fi/wpa_supplicant/" +BUGTRACKER = "http://w1.fi/security/" +SECTION = "network" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://COPYING;md5=5ebcb90236d1ad640558c3d3cd3035df \ + file://README;beginline=1;endline=56;md5=6e4b25e7d74bfc44a32ba37bdf5210a6 \ + file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=f5ccd57ea91e04800edb88267bf8eae4" + +DEPENDS = "dbus libnl" + +SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \ + file://wpa-supplicant.sh \ + file://wpa_supplicant.conf \ + file://wpa_supplicant.conf-sane \ + file://99_wpa_supplicant \ + file://0001-macsec_linux-Hardware-offload-requires-Linux-headers.patch \ + " +SRC_URI[sha256sum] = "912ea06f74e30a8e36fbb68064d6cdff218d8d591db0fc5d75dee6c81ac7fc0a" + +S = "${WORKDIR}/wpa_supplicant-${PV}" + +inherit pkgconfig systemd + +PACKAGECONFIG ?= "openssl" +PACKAGECONFIG[gnutls] = ",,gnutls libgcrypt" +PACKAGECONFIG[openssl] = ",,openssl" + +CVE_PRODUCT = "wpa_supplicant" + +EXTRA_OEMAKE = "'LIBDIR=${libdir}' 'INCDIR=${includedir}' 'BINDIR=${sbindir}'" + +do_configure () { + ${MAKE} -C wpa_supplicant clean + sed -e '/^CONFIG_TLS=/d' <wpa_supplicant/defconfig >wpa_supplicant/.config + + if ${@ bb.utils.contains('PACKAGECONFIG', 'openssl', 'true', 'false', d) }; then + echo 'CONFIG_TLS=openssl' >>wpa_supplicant/.config + elif ${@ bb.utils.contains('PACKAGECONFIG', 'gnutls', 'true', 'false', d) }; then + echo 'CONFIG_TLS=gnutls' >>wpa_supplicant/.config + sed -i -e 's/\(^CONFIG_DPP=\)/#\1/' \ + -e 's/\(^CONFIG_EAP_PWD=\)/#\1/' \ + -e 's/\(^CONFIG_SAE=\)/#\1/' wpa_supplicant/.config + fi + + # For rebuild + rm -f wpa_supplicant/*.d wpa_supplicant/dbus/*.d +} + +do_compile () { + oe_runmake -C wpa_supplicant + if [ -z "${DISABLE_STATIC}" ]; then + oe_runmake -C wpa_supplicant libwpa_client.a + fi +} + +do_install () { + oe_runmake -C wpa_supplicant DESTDIR="${D}" install + + install -d ${D}${docdir}/wpa_supplicant + install -m 644 wpa_supplicant/README ${UNPACKDIR}/wpa_supplicant.conf ${D}${docdir}/wpa_supplicant + + install -d ${D}${sysconfdir} + install -m 600 ${UNPACKDIR}/wpa_supplicant.conf-sane ${D}${sysconfdir}/wpa_supplicant.conf + + install -d ${D}${sysconfdir}/network/if-pre-up.d/ + install -d ${D}${sysconfdir}/network/if-post-down.d/ + install -d ${D}${sysconfdir}/network/if-down.d/ + install -m 755 ${UNPACKDIR}/wpa-supplicant.sh ${D}${sysconfdir}/network/if-pre-up.d/wpa-supplicant + ln -sf ../if-pre-up.d/wpa-supplicant ${D}${sysconfdir}/network/if-post-down.d/wpa-supplicant + + install -d ${D}/${sysconfdir}/dbus-1/system.d + install -m 644 ${S}/wpa_supplicant/dbus/dbus-wpa_supplicant.conf ${D}/${sysconfdir}/dbus-1/system.d + install -d ${D}/${datadir}/dbus-1/system-services + install -m 644 ${S}/wpa_supplicant/dbus/*.service ${D}/${datadir}/dbus-1/system-services + + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}/${systemd_system_unitdir} + install -m 644 ${S}/wpa_supplicant/systemd/*.service ${D}/${systemd_system_unitdir} + fi + + install -d ${D}/etc/default/volatiles + install -m 0644 ${UNPACKDIR}/99_wpa_supplicant ${D}/etc/default/volatiles + + install -d ${D}${includedir} + install -m 0644 ${S}/src/common/wpa_ctrl.h ${D}${includedir} + + if [ -z "${DISABLE_STATIC}" ]; then + install -d ${D}${libdir} + install -m 0644 wpa_supplicant/libwpa_client.a ${D}${libdir} + fi +} + +pkg_postinst:${PN} () { + # If we're offline, we don't need to do this. + if [ "x$D" = "x" ]; then + killall -q -HUP dbus-daemon || true + fi +} + +PACKAGE_BEFORE_PN += "${PN}-passphrase ${PN}-cli" +PACKAGES =+ "${PN}-lib" +PACKAGES += "${PN}-plugins" +ALLOW_EMPTY:${PN}-plugins = "1" + +PACKAGES_DYNAMIC += "^${PN}-plugin-.*$" +NOAUTOPACKAGEDEBUG = "1" + +FILES:${PN}-passphrase = "${sbindir}/wpa_passphrase" +FILES:${PN}-cli = "${sbindir}/wpa_cli" +FILES:${PN}-lib = "${libdir}/libwpa_client*${SOLIBSDEV}" +FILES:${PN} += "${datadir}/dbus-1/system-services/* ${systemd_system_unitdir}/*" +FILES:${PN}-dbg += "${sbindir}/.debug ${libdir}/.debug" + +CONFFILES:${PN} += "${sysconfdir}/wpa_supplicant.conf" + +RRECOMMENDS:${PN} = "${PN}-passphrase ${PN}-cli ${PN}-plugins" + +SYSTEMD_SERVICE:${PN} = "wpa_supplicant.service" +SYSTEMD_AUTO_ENABLE = "disable" + +python split_wpa_supplicant_libs () { + libdir = d.expand('${libdir}/wpa_supplicant') + dbglibdir = os.path.join(libdir, '.debug') + + split_packages = do_split_packages(d, libdir, r'^(.*)\.so', '${PN}-plugin-%s', 'wpa_supplicant %s plugin', prepend=True) + split_dbg_packages = do_split_packages(d, dbglibdir, r'^(.*)\.so', '${PN}-plugin-%s-dbg', 'wpa_supplicant %s plugin - Debugging files', prepend=True, extra_depends='${PN}-dbg') + + if split_packages: + pn = d.getVar('PN') + d.setVar('RRECOMMENDS:' + pn + '-plugins', ' '.join(split_packages)) + d.appendVar('RRECOMMENDS:' + pn + '-dbg', ' ' + ' '.join(split_dbg_packages)) +} +PACKAGESPLITFUNCS += "split_wpa_supplicant_libs" diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb deleted file mode 100644 index 3e92427bb0..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb +++ /dev/null @@ -1,110 +0,0 @@ -SUMMARY = "Client for Wi-Fi Protected Access (WPA)" -HOMEPAGE = "http://w1.fi/wpa_supplicant/" -BUGTRACKER = "http://w1.fi/security/" -SECTION = "network" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://COPYING;md5=279b4f5abb9c153c285221855ddb78cc \ - file://README;beginline=1;endline=56;md5=e7d3dbb01f75f0b9799e192731d1e1ff \ - file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=0a8b56d3543498b742b9c0e94cc2d18b" -DEPENDS = "dbus libnl" -RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli" - -PACKAGECONFIG ??= "gnutls" -PACKAGECONFIG[gnutls] = ",,gnutls libgcrypt" -PACKAGECONFIG[openssl] = ",,openssl" - -inherit pkgconfig systemd - -SYSTEMD_SERVICE_${PN} = "wpa_supplicant.service wpa_supplicant-nl80211@.service wpa_supplicant-wired@.service" -SYSTEMD_AUTO_ENABLE = "disable" - -SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \ - file://defconfig \ - file://wpa-supplicant.sh \ - file://wpa_supplicant.conf \ - file://wpa_supplicant.conf-sane \ - file://99_wpa_supplicant \ - file://0001-replace-systemd-install-Alias-with-WantedBy.patch \ - file://0001-AP-Silently-ignore-management-frame-from-unexpected-.patch \ - " -SRC_URI[md5sum] = "2d2958c782576dc9901092fbfecb4190" -SRC_URI[sha256sum] = "fcbdee7b4a64bea8177973299c8c824419c413ec2e3a95db63dd6a5dc3541f17" - -CVE_PRODUCT = "wpa_supplicant" - -S = "${WORKDIR}/wpa_supplicant-${PV}" - -PACKAGES_prepend = "wpa-supplicant-passphrase wpa-supplicant-cli " -FILES_wpa-supplicant-passphrase = "${bindir}/wpa_passphrase" -FILES_wpa-supplicant-cli = "${sbindir}/wpa_cli" -FILES_${PN} += "${datadir}/dbus-1/system-services/*" -CONFFILES_${PN} += "${sysconfdir}/wpa_supplicant.conf" - -do_configure () { - ${MAKE} -C wpa_supplicant clean - install -m 0755 ${WORKDIR}/defconfig wpa_supplicant/.config - - if echo "${PACKAGECONFIG}" | grep -qw "openssl"; then - ssl=openssl - elif echo "${PACKAGECONFIG}" | grep -qw "gnutls"; then - ssl=gnutls - fi - if [ -n "$ssl" ]; then - sed -i "s/%ssl%/$ssl/" wpa_supplicant/.config - fi - - # For rebuild - rm -f wpa_supplicant/*.d wpa_supplicant/dbus/*.d -} - -export EXTRA_CFLAGS = "${CFLAGS}" -export BINDIR = "${sbindir}" - -do_compile () { - unset CFLAGS CPPFLAGS CXXFLAGS - sed -e "s:CFLAGS\ =.*:& \$(EXTRA_CFLAGS):g" -i ${S}/src/lib.rules - oe_runmake -C wpa_supplicant -} - -do_install () { - install -d ${D}${sbindir} - install -m 755 wpa_supplicant/wpa_supplicant ${D}${sbindir} - install -m 755 wpa_supplicant/wpa_cli ${D}${sbindir} - - install -d ${D}${bindir} - install -m 755 wpa_supplicant/wpa_passphrase ${D}${bindir} - - install -d ${D}${docdir}/wpa_supplicant - install -m 644 wpa_supplicant/README ${WORKDIR}/wpa_supplicant.conf ${D}${docdir}/wpa_supplicant - - install -d ${D}${sysconfdir} - install -m 600 ${WORKDIR}/wpa_supplicant.conf-sane ${D}${sysconfdir}/wpa_supplicant.conf - - install -d ${D}${sysconfdir}/network/if-pre-up.d/ - install -d ${D}${sysconfdir}/network/if-post-down.d/ - install -d ${D}${sysconfdir}/network/if-down.d/ - install -m 755 ${WORKDIR}/wpa-supplicant.sh ${D}${sysconfdir}/network/if-pre-up.d/wpa-supplicant - cd ${D}${sysconfdir}/network/ && \ - ln -sf ../if-pre-up.d/wpa-supplicant if-post-down.d/wpa-supplicant - - install -d ${D}/${sysconfdir}/dbus-1/system.d - install -m 644 ${S}/wpa_supplicant/dbus/dbus-wpa_supplicant.conf ${D}/${sysconfdir}/dbus-1/system.d - install -d ${D}/${datadir}/dbus-1/system-services - install -m 644 ${S}/wpa_supplicant/dbus/*.service ${D}/${datadir}/dbus-1/system-services - - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -d ${D}/${systemd_unitdir}/system - install -m 644 ${S}/wpa_supplicant/systemd/*.service ${D}/${systemd_unitdir}/system - fi - - install -d ${D}/etc/default/volatiles - install -m 0644 ${WORKDIR}/99_wpa_supplicant ${D}/etc/default/volatiles -} - -pkg_postinst_wpa-supplicant () { - # If we're offline, we don't need to do this. - if [ "x$D" = "x" ]; then - killall -q -HUP dbus-daemon || true - fi - -} |