Age | Commit message (Collapse) | Author |
|
It fails occasionally with missing generated header files:
| ../git/common/asn1.c:42:10: fatal error: openssl.asn.h: No such file or directory
| 42 | #include "openssl.asn.h"
| | ^~~~~~~~~~~~~~~
| compilation terminated.
According to meson manual page:
https://mesonbuild.com/Wrap-best-practices-and-tips.html#declare-generated-headers-explicitly
'asn_h_dep' should be a dependency of static_library target 'libp11_asn1'
to make sure that required header files generated before compile
common/asn1.c.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog:
============
* rpc: fix serialization of NULL mechanism pointer
* fix meson build failure in macOS (appleframeworks not found)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Switch to gitsm:// to fetch https://github.com/p11-glue/pkcs11-json.git
as a submodule (otherwise meson will try to do that in do_configure).
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
If qemu-usermode is not available then p11-kit fails to configure:
meson.build:313:24: ERROR: Can not run test applications in this cross environment.
This has already been fixed upstream, so backport the patches.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog:
- add PKCS#11 3.0 support
- add support for profile objects
- add ability to adjust module and config paths at run-time via system environmental exports
- make terminal output nicer
- p11-kit: add command to print merged configuration
- p11-kit: add commands to list, add and delete profiles of a token
- trust: add command to check format of .p11-kit files
- virtual: fix libffi type signatures for PKCS#11 3.0 functions
- server: fix umask setting when --group is specified
- server: check SHELL only when neither --sh nor --csh is specified
- rpc: use space string in C_InitToken
- rpc: fix two off-by-one errors identified by asan
- modules: make logging message more translatable
- pkcs11.h: support CRYPTOKI_GNU for IBM vendor mechanisms
- pkcs11.h: add IBM specific mechanism and attributes
- pkcs11.h: add ChaCha20/Salsa20 and Poly1305 mechanisms
- pkcs11.h: add AES-GCM mechanism parameters for message-based encryption
- po: update translations from Transifex
- bug and build fixes
- test fixes
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This recipe is needed to build softhsm (in meta-oe) in with p11-kit
support, which is useful when multiple PKCS#11 modules need to be used.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Github has announced there will be no more git:// fetching from their servers:
https://github.blog/2021-09-01-improving-git-protocol-security-github/#no-more-unauthenticated-git
and they're about to start having brownout periods to encourage people
to update. This runs the conversion script over OE-Core to update our
urls to use https instead of git.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
This update was made with the script added to contrib in this patch which
aims to help others convert other layers.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* Use inclusive language on certificate distrust. Note: This changes the directory and attribute names to distrust certain CAs to
"blocklist" [#324]
* Fix issues spotted by coverity and ASan [#349, #351]
* Integrate gettext with tools more tightly [#358]
* rpc: Forbid use of array of attributes [#365, #367]
* Build fixes [#342, #344, #345, #353, #362, #364]
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes: [YOCTO #13471]
Signed-off-by: Ida Delphine <idadelm@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
https://github.com/p11-glue/p11-kit/releases/tag/0.23.22
Release notes:
Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
anchor: Prefer persistent format when storing anchor [#329]
common: Fix infloop in p11_path_build [#326, #327]
proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [#325]
common: Check for a NULL locale before freeing it [#321]
Build and test fixes [#313, #315, #317, #318, #319, #323, #330, #333, #334, #335, #338, #339]
https://github.com/p11-glue/p11-kit/commit/c4e75e10021ce86ab42682ea4936dce94ced2f77
patch to fix trailing newline using custom_target() caused error
with DISTRO_FEATURES api-documentation due to meson bugs, enable
manpages PACKAGECONFIG should prevent this error.
| warning: failed to load external entity "../version.xml"
| ../p11-kit-docs.xml:11: parser error : Failure to process entity version
| <releaseinfo>for p11-kit &version;</releaseinfo>
| ^
| ../p11-kit-docs.xml:11: parser error : Entity 'version' not defined
| <releaseinfo>for p11-kit &version;</releaseinfo>
| ^
| unable to parse ../p11-kit-docs.xml
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The nativesdk variant is needed by the buildtools-tarball, when
p11-kit feature is enabled for gnutls. The error message is:
Missing or unbuildable dependency chain was: ['buildtools-tarball', 'nativesdk-wget', 'nativesdk-gnutls', 'nativesdk-p11-kit']
Signed-off-by: Codrin Ciubotariu <codrin.ciubotariu@microchip.com>
Cc: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In systemd enabled builds this was failing with unpackaged unit files.
Fix this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add libtasn-native dependency as meson builds need asn1Parser executable.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The license of p11-kit is BSD-3-Clause.
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop the patch that has been merged upstream.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add trust-paths PACKAGECONFIG item which enables support for default
trust-paths in /etc/ssl/certs/ca-certificates.crt
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
p11-kit is no longer doing odd/even for development/stable releases, so
drop the custom UPSTREAM_CHECK_GITTAGREGEX.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The previous tarball URI seems to be gone.
Also, adjust a few things to make it actually build;
handling autotools-based projects from git checkouts is always harder
than taking them from tarballs :-(
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
This recipe was ignoring the wrong test, so update INSANE_SKIP.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
These .so files are actually loadable modules, so should be installed into $PN
not $PN-dev.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
In some recipes overly-split -dbg packages were merged into PN-dbg. Unless
there's a very good reason, recipes should have a single -dev and -dbg package.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Configure option --with-trust-paths is only used for test scripts
trust/test-extract which is not packaged by default. If the option is
not provided, it checks 4 files on build machine. If the files don't
exist, configure fails.
Add configure option '--without-trust-paths' to fix this issue.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
p11-kit is a dependency of gcr (which is a dependency of epiphany)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|