diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2021-05-08 00:09:40 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2021-05-27 15:46:22 +0300 |
commit | f103a7f6b5e3370ba34a5f547fb321eacc4fc5a0 (patch) | |
tree | 1f0fbdf0d25df477a98ec05d53de36832253af4e /meta-openembedded/meta-networking/recipes-connectivity | |
parent | c926e17c956a1babdf42d31f644bf0eedfa7f5f6 (diff) | |
download | openbmc-f103a7f6b5e3370ba34a5f547fb321eacc4fc5a0.tar.xz |
meta-openembedded: subtree update:08c0280b7c..4fe1065655
Alexander Kanavin (1):
libmicrohttpd: remove the recipe
Andreas Müller (4):
jack: upgrade 1.19.17 -> 1.19.18
xfce4-settings: upgrade 4.16.0 -> 4.16.1
zsh: reduce priority slightly to avoid conflict with bash
mutter/wayland: replace xserver-xorg-xwayland by xwayland in rdep
Andrej Kozemcak (1):
proftpd: Update to 1.3.7a release
Armin Kuster (3):
wireguard: update to v1.0.20210219 +1
nostromo: remove recipe
packagegroup-meta-webserver: remove nostromo from pkg grp
Chen Qi (3):
tigervnc: upgrade to 1.11.0
python3-django: upgrade to 2.2.20
tigervnc: fix do_package error when enabling user merge
Gianfranco (1):
vboxguestdrivers: upgrade 6.1.18 -> 6.1.20
Hongxu Jia (1):
debootstrap: explicitly add virtual/fakeroot-native to depends
Joe Hershberger (1):
strongswan: Make PACKAGECONFIG a default value
Justin Standring (1):
tslib: add PACKAGECONFIG for evthres, one-wire-ts-input
Kai Kang (1):
freeradius: check existence of openssl's commands in bootstrap
Khem Raj (36):
nss: Re-enable -Werror
gimp: Disable vector icon generation on mips/glibc too
iwd: Upgade to 1.13
python3-icu: Upgrade to 2.7.2
nodejs: Update to 14.16.1
nodejs: Fix build with icu-69
nodejs: Use qemu usermode to run target binaries during build
nodejs: Fix build on mips
nodejs: Fix build with clang for x86 target
tbb: Re-introduce PE
bearssl: Update to tip of master
gimp: Disable vector icons on musl/x86
gd: Replace deprecated types from tiff
nodejs: Enable snapshot
python3-docutils: Delete
libchamplain: Require opengl distro feature
aom: Match the name for AOM-Patent-License-1.0
libdevmapper,lvm2: Do not inherit license
gnome-disk-utility: Require polkit in distro features
README: Make git send-email example work
sysprof: Enable sysprofd/libsysprof only when polkit in DISTRO_FEATURES
packagegroup-gnome-apps: Add gnome-disk-utility only if polkit is in DISTRO_FEATURES
python3-jinja2_2.%.bbappend: Delete
python3-pyyaml: Do not check for meta-python
python3-pyyaml: Delete
python3-markupsafe: Delete bbappend
snort,proftpd,net-snmp: Deal with -ffile-prefix-map as well
apache2: Deal with -ffile-prefix-map
vk-gl-cts: Fix build with GCC 11
gegl: Update to 0.4.30
python3-m2crypto: Upgrade to 0.37.1
libupnp: Upgrade to 1.14.6
ctags: Switch to universal ctags
dibbler: Add libpthread to linker flags
libowfat: Replace __pure__ with pure and remove using __deprecated__
emacs: Do not use SIGSTKSZ
Leon Anavi (21):
python3-bitarray: Upgrade 1.9.2 -> 2.0.0
python3-xxhash: Upgrade 2.0.0 -> 2.0.2
python3-xlsxwriter: Upgrade 1.3.8 -> 1.3.9
python3-docutils: Upgrade 0.17 -> 0.17.1
python3-portion: Upgrade 2.1.5 -> 2.1.6
python3-huey: Upgrade 2.3.1 -> 2.3.2
python3-pysonos: Upgrade 0.0.42 -> 0.0.43
python3-asttokens: Upgrade 2.0.4 -> 2.0.5
python3-hyperframe: Upgrade 6.0.0 -> 6.0.1
python3-argcomplete: Upgrade 1.12.2 -> 1.12.3
python3-python-vlc: Upgrade 3.0.12117 -> 3.0.12118
python3-bitarray: Upgrade 2.0.0 -> 2.0.1
python3-sqlalchemy: Upgrade 1.4.7 -> 1.4.11
python3-watchdog: Upgrade 2.0.2 -> 2.0.3
python3-pytest-asyncio: Upgrade 0.14.0 -> 0.15.1
python3-xlsxwriter: Upgrade 1.3.9 -> 1.4.0
python3-astroid: Upgrade 2.5.3 -> 2.5.6
python3-arpeggio: Upgrade 1.10.1 -> 1.10.2
python3-cachetools: Upgrade 4.2.1 -> 4.2.2
python3-pymisp: Upgrade 2.4.141.1 -> 2.4.142
python3-et-xmlfile: Upgrade 1.0.1 -> 1.1.0
Mingli Yu (4):
python3-cryptography: Upgrade to 3.3.2
onig: add oniguruma to PROVIDES
php: Upgrade to 7.4.16
tk: adapt to potential pseudo changes
Persian Prince (1):
libdvdnav 6.1.1
Peter Kjellerstedt (1):
syslog-ng: Merge .bb and .inc
Ramon Fried (1):
bitwise: Upgrade 0.41 -> 0.42
Reto Schneider (1):
nng: Upgrade 1.2.5 -> 1.4.0
Saul Wold (2):
tbb: Disable PPC as COMPATIBLE_MACHINE
packagegroup-meta-oe: conditional remove tbb for powerpc
Silcet (2):
ufw: fix python shebang
ufw: bump version to 0.36 and add services
Sinan Kaya (1):
zram: add support for mem_limit
Stefan Ghinea (1):
python3-django: fix CVE-2021-28658
Ulrich Ölmann (1):
v4l-utils: fix reproducibility
Yi Fan Yu (3):
syslog-ng: upgrade 3.24.1 -> 3.31.2
syslog-ng: remove CONFIG_TLS override for arm DEBUG_BUILD
syslog-ng: Drop an obsolete patch to add --enable-libnet
Yi Zhao (1):
gvfs: rdepend on gsettings-desktop-schemas
zangrc (19):
fuse3: upgrade 3.10.2 -> 3.10.3
cifs-utils: upgrade 6.12 -> 6.13
dnsmasq: upgrade 2.84 -> 2.85
nbdkit: upgrade 1.25.5 -> 1.25.6
wolfssl: upgrade 4.7.0 -> 4.7.1
networkmanager: upgrade 1.30.2 -> 1.30.4
libdvdread: upgrade 6.1.1 -> 6.1.2
libwebsockets: upgrade 4.1.6 -> 4.2.0
ostree: upgrade 2021.1 -> 2021.2
redis: upgrade 6.2.1 -> 6.2.2
tinyproxy: upgrade 1.10.0 -> 1.11.0
nss: upgrade 3.63 -> 3.64
babeld: upgrade 1.9.2 -> 1.10
fetchmail: upgrade 6.4.18 -> 6.4.19
openvpn: upgrade 2.5.1 -> 2.5.2
wireshark: upgrade 3.4.4 -> 3.4.5
debootstrap: upgrade 1.0.123 -> 1.0.124
mailcap: upgrade 2.1.52 -> 2.1.53
rsyslog: upgrade 8.2102.0 -> 8.2104.0
zhengruoqin (7):
irssi: upgrade 1.2.2 -> 1.2.3
librsync: upgrade 2.3.1 -> 2.3.2
hiawatha: upgrade 10.11 -> 10.12
python3-supervisor: upgrade 4.2.1 -> 4.2.2
python3-zopeinterface: upgrade 5.3.0 -> 5.4.0
sdparm: upgrade 1.11 -> 1.12
tcsh: upgrade 6.22.03 -> 6.22.04
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Iaeb2fe4ee0a49cf44ea60bc3c1aef83528d92f55
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-connectivity')
17 files changed, 194 insertions, 340 deletions
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/bearssl/bearssl_0.6.bb b/meta-openembedded/meta-networking/recipes-connectivity/bearssl/bearssl_0.6.bb index 1102bb95a..c0556e739 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/bearssl/bearssl_0.6.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/bearssl/bearssl_0.6.bb @@ -23,8 +23,9 @@ inherit lib_package LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=1fc37e1037ae673975fbcb96a98f7191" -SRCREV = "8ef7680081c61b486622f2d983c0d3d21e83caad" -SRC_URI = "git://www.bearssl.org/git/BearSSL;protocol=https;nobranch=1 \ +PV .= "+git${SRCPV}" +SRCREV = "79b1a9996c094ff593ae50bc4edc1f349f39dd6d" +SRC_URI = "git://www.bearssl.org/git/BearSSL;protocol=https \ file://0001-conf-Unix.mk-remove-fixed-command-definitions.patch \ file://0002-test-test_x509.c-fix-potential-overflow-issue.patch \ file://0001-make-Pass-LDFLAGS-when-building-shared-objects.patch \ diff --git a/meta-openembedded/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb b/meta-openembedded/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb index c2f482716..b19364e1e 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb @@ -29,6 +29,8 @@ inherit autotools DEPENDS += "flex-native" +LDFLAGS += "-pthread" + PACKAGES =+ "${PN}-requestor ${PN}-client ${PN}-relay ${PN}-server" FILES_${PN}-client = "${sbindir}/${PN}-client" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch new file mode 100644 index 000000000..fcadae93a --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch @@ -0,0 +1,38 @@ +bootstrap: check commands of openssl exist + +It calls openssl commands dhparam and pkcs12 in script bootstrap. These +commands are configurable based on configure options 'no-dh' and +'no-des', and may not be provided by openssl. So check existence of +these commands. If not, abort running of script bootstrap. + +1. https://github.com/openssl/openssl/blob/master/apps/build.info#L37 +2. https://github.com/openssl/openssl/blob/master/apps/build.info#L22 + +Upstream-Status: Denied [https://github.com/FreeRADIUS/freeradius-server/pull/4059] + The maintainer commented in the pull that the script could + be run on a host which provides these openssl commands. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- + raddb/certs/bootstrap | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/raddb/certs/bootstrap b/raddb/certs/bootstrap +index 0f719aafd4..17feddbeeb 100755 +--- a/raddb/certs/bootstrap ++++ b/raddb/certs/bootstrap +@@ -13,6 +13,14 @@ + umask 027 + cd `dirname $0` + ++# check commands of openssl exist ++for cmd in dhparam pkcs12; do ++ if ! openssl ${cmd} -help >/dev/null 2>&1; then ++ echo "Error: command ${cmd} is not supported by openssl." ++ exit 1 ++ fi ++done ++ + make -h > /dev/null 2>&1 + + # diff --git a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb index 864a4e944..a6df2aeb0 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb @@ -31,6 +31,7 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0 file://0001-workaround-error-with-autoconf-2.7.patch \ file://radiusd.service \ file://radiusd-volatiles.conf \ + file://check-openssl-cmds-in-script-bootstrap.patch \ " SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nng_1.2.5.bb b/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nng_1.4.0.bb index 77be27ffa..f61aa0549 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nng_1.2.5.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nng_1.4.0.bb @@ -2,20 +2,23 @@ SUMMARY = "nanomsg-next-generation -- light-weight brokerless messaging" DESCRIPTION = "NNG, like its predecessors nanomsg (and to some extent ZeroMQ), is a lightweight, broker-less library, offering a simple API to solve common recurring messaging problems, such as publish/subscribe, RPC-style request/reply, or service discovery." HOMEPAGE = "https://github.com/nanomsg/nng" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a19b15be6e844b39a54de2ef665bd6de" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a41e579bb4326c21c774f8e51e41d8a3" SECTION = "libs/networking" -SRCREV = "53ae1a5ab37fdfc9ad5c236df3eaf4dd63f0fee9" +SRCREV = "d020adda8f0348d094790618703b8341a26007a3" -SRC_URI = "git://github.com/nanomsg/nng.git;branch=v1.2.x" +SRC_URI = "git://github.com/nanomsg/nng.git" S = "${WORKDIR}/git" inherit cmake pkgconfig -EXTRA_OECMAKE = "-DBUILD_SHARED_LIBS=ON" +EXTRA_OECMAKE = "-DBUILD_SHARED_LIBS=ON -DNNG_ENABLE_NNGCAT=ON" PACKAGECONFIG ??= "" PACKAGECONFIG[mbedtls] = "-DNNG_ENABLE_TLS=ON,-DNNG_ENABLE_TLS=OFF,mbedtls" + +PACKAGES =+ "${PN}-tools" +FILES_${PN}-tools = "${bindir}/*" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.30.2.bb b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.30.4.bb index ec3bdd22b..7c07b0a34 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.30.2.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.30.4.bb @@ -31,7 +31,7 @@ SRC_URI_append_libc-musl = " \ file://musl/0001-Fix-build-with-musl-systemd-specific.patch \ file://musl/0002-Fix-build-with-musl-systemd-specific.patch \ " -SRC_URI[sha256sum] = "0c8e80e77877860e4a4e6ab4a0f7cdc1186e356b65b042a751897188b88944d2" +SRC_URI[sha256sum] = "6050b724212ea3ce7386113359bea9afa1f679a54f60d999a5999892e672c190" S = "${WORKDIR}/NetworkManager-${PV}" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/snort/snort_2.9.17.1.bb b/meta-openembedded/meta-networking/recipes-connectivity/snort/snort_2.9.17.1.bb index 9c20be537..b5ff43099 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/snort/snort_2.9.17.1.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/snort/snort_2.9.17.1.bb @@ -74,7 +74,7 @@ do_install_append() { install -d ${D}${sysconfdir}/default/volatiles install -m 0644 ${WORKDIR}/volatiles.99_snort ${D}${sysconfdir}/default/volatiles/99_snort - sed -i -e 's|-fdebug-prefix-map[^ ]*||g; s|-fmacro-prefix-map[^ ]*||g; s|${STAGING_DIR_TARGET}||g' ${D}${libdir}/pkgconfig/*.pc + sed -i -e 's|-ffile-prefix-map[^ ]*||g; s|-fdebug-prefix-map[^ ]*||g; s|-fmacro-prefix-map[^ ]*||g; s|${STAGING_DIR_TARGET}||g' ${D}${libdir}/pkgconfig/*.pc } pkg_postinst_${PN}() { diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0001-optimize-boot.patch b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0001-optimize-boot.patch index a1e56b7ca..28068bba1 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0001-optimize-boot.patch +++ b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0001-optimize-boot.patch @@ -1,18 +1,31 @@ -Author: Jamie Strandboge <jamie@canonical.com> -Description: to improve boot speed when disabled, don't source all of - ufw-init-functions (which also sources in other files). +From 92fcdbc1a57086e4decc1597217c0739dc16342a Mon Sep 17 00:00:00 2001 +From: Silcet <camorga1@gmail.com> +Date: Tue, 27 Apr 2021 05:34:59 +0000 +Subject: [PATCH] Author: Jamie Strandboge <jamie@canonical.com> +Description: +to improve boot speed when disabled, don't source all of ufw-init-functions +(which also sources in other files). Upstream-Status: Inappropriate [ not author ] Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> -Index: ufw-0.31/src/ufw-init -=================================================================== ---- ufw-0.31.orig/src/ufw-init 2012-03-09 17:07:11.000000000 -0600 -+++ ufw-0.31/src/ufw-init 2012-03-17 09:37:51.000000000 -0500 -@@ -18,6 +18,12 @@ - # - set -e +The patch was imported from the OpenEmbedded git server +(git://git.openembedded.org/openembedded) as of commit id +2cc1bd9dd060f5002c2fde7aacba86fe230c12af. + +Signed-off-by: Silcet <camorga1@gmail.com> +--- + src/ufw-init | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/ufw-init b/src/ufw-init +index 3505a02..dde37f0 100755 +--- a/src/ufw-init ++++ b/src/ufw-init +@@ -31,6 +31,12 @@ if [ "$1" = "--datadir" ] && [ -s "$2" ]; then + fi + export DATA_DIR="$datadir" +# Debian/Ubuntu: small boot speed improvement +. "#CONFIG_PREFIX#/ufw/ufw.conf" @@ -20,6 +33,6 @@ Index: ufw-0.31/src/ufw-init + exit 0 +fi + - if [ -s "#STATE_PREFIX#/ufw-init-functions" ]; then - . "#STATE_PREFIX#/ufw-init-functions" + if [ -s "${rootdir}#STATE_PREFIX#/ufw-init-functions" ]; then + . "${rootdir}#STATE_PREFIX#/ufw-init-functions" else diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/setup-add-an-option-to-specify-iptables-location.patch b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0002-add-an-option-to-specify-iptables-location.patch index 511742338..884fa1647 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/setup-add-an-option-to-specify-iptables-location.patch +++ b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0002-add-an-option-to-specify-iptables-location.patch @@ -1,6 +1,6 @@ -From c54d36d0582a60fd281cd9287077cea205fd849d Mon Sep 17 00:00:00 2001 -From: Joe MacDonald <joe_macdonald@mentor.com> -Date: Thu, 27 Nov 2014 15:20:34 -0500 +From 808577f8464f542076840d0d93fe168a5f79442c Mon Sep 17 00:00:00 2001 +From: Silcet <camorga1@gmail.com> +Date: Tue, 27 Apr 2021 05:40:03 +0000 Subject: [PATCH] setup: add an option to specify iptables location When cross-compiling it isn't certain that the location of iptables on the @@ -13,15 +13,21 @@ version of iptables to be used. Upstream-Status: Pending Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> + +The patch was imported from the OpenEmbedded git server +(git://git.openembedded.org/openembedded) as of commit id +2cc1bd9dd060f5002c2fde7aacba86fe230c12af. + +Signed-off-by: Silcet <camorga1@gmail.com> --- - setup.py | 69 ++++++++++++++++++++++++++++++++++++---------------------------- - 1 file changed, 39 insertions(+), 30 deletions(-) + setup.py | 65 ++++++++++++++++++++++++++++++++------------------------ + 1 file changed, 37 insertions(+), 28 deletions(-) diff --git a/setup.py b/setup.py -index 6fb3751..b13d11c 100644 +index 09204d3..2343bc9 100644 --- a/setup.py +++ b/setup.py -@@ -225,41 +225,50 @@ shutil.copytree('src', 'staging') +@@ -246,41 +246,50 @@ shutil.copytree('src', 'staging') os.unlink(os.path.join('staging', 'ufw-init')) os.unlink(os.path.join('staging', 'ufw-init-functions')) @@ -43,14 +49,6 @@ index 6fb3751..b13d11c 100644 - if iptables_exe != "": - break - -- --if iptables_exe == '': -- print("ERROR: could not find required binary 'iptables'", file=sys.stderr) -- sys.exit(1) -- --for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']: -- if not os.path.exists(os.path.join(iptables_dir, e)): -- print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr) +if "--iptables-dir" in sys.argv: + iptables_dir = sys.argv[sys.argv.index("--iptables-dir") + 1] + iptables_exe = os.path.join(iptables_dir, "iptables") @@ -70,10 +68,16 @@ index 6fb3751..b13d11c 100644 + print("Found '%s'" % iptables_exe) + else: + continue -+ + +-if iptables_exe == '': +- print("ERROR: could not find required binary 'iptables'", file=sys.stderr) +- sys.exit(1) + if iptables_exe != "": + break -+ + +-for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']: +- if not os.path.exists(os.path.join(iptables_dir, e)): +- print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr) + if iptables_exe == '': + print("ERROR: could not find required binary 'iptables'", file=sys.stderr) sys.exit(1) @@ -102,6 +106,3 @@ index 6fb3751..b13d11c 100644 setup (name='ufw', version=ufw_version, --- -1.9.1 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0002-lp1044361.patch b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0002-lp1044361.patch deleted file mode 100644 index 804c18bc9..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0002-lp1044361.patch +++ /dev/null @@ -1,118 +0,0 @@ -Origin: r795, r796 -Description: move netfilter capabilities checking into initcaps(), and call - initcaps() only when we need it. -Bug-Ubuntu: https://launchpad.net/bugs/1044361 - -Upstream-Status: Inappropriate [ not author ] - -Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> - -Index: ufw-0.33/src/backend_iptables.py -=================================================================== ---- ufw-0.33.orig/src/backend_iptables.py 2012-09-23 09:58:34.000000000 -0500 -+++ ufw-0.33/src/backend_iptables.py 2012-09-23 09:58:36.000000000 -0500 -@@ -160,6 +160,9 @@ - out += "> " + _("Checking raw ip6tables\n") - return out - -+ # Initialize the capabilities database -+ self.initcaps() -+ - args = ['-n', '-v', '-x', '-L'] - items = [] - items6 = [] -@@ -470,6 +473,9 @@ - if self.dryrun: - return False - -+ # Initialize the capabilities database -+ self.initcaps() -+ - prefix = "ufw" - exe = self.iptables - if v6: -@@ -684,6 +690,9 @@ - except Exception: - raise - -+ # Initialize the capabilities database -+ self.initcaps() -+ - chain_prefix = "ufw" - rules = self.rules - if v6: -@@ -830,6 +839,10 @@ - * updating user rules file - * reloading the user rules file if rule is modified - ''' -+ -+ # Initialize the capabilities database -+ self.initcaps() -+ - rstr = "" - - if rule.v6: -@@ -1073,6 +1086,9 @@ - if self.dryrun: - return - -+ # Initialize the capabilities database -+ self.initcaps() -+ - rules_t = [] - try: - rules_t = self._get_logging_rules(level) -Index: ufw-0.33/src/backend.py -=================================================================== ---- ufw-0.33.orig/src/backend.py 2012-09-23 09:58:34.000000000 -0500 -+++ ufw-0.33/src/backend.py 2012-09-23 09:59:03.000000000 -0500 -@@ -21,7 +21,7 @@ - import stat - import sys - import ufw.util --from ufw.util import warn, debug -+from ufw.util import error, warn, debug - from ufw.common import UFWError, config_dir, iptables_dir, UFWRule - import ufw.applications - -@@ -68,6 +68,17 @@ - err_msg = _("Couldn't determine iptables version") - raise UFWError(err_msg) - -+ # Initialize via initcaps only when we need it (LP: #1044361) -+ self.caps = None -+ -+ def initcaps(self): -+ '''Initialize the capabilities database. This needs to be called -+ before accessing the database.''' -+ -+ # Only initialize if not initialized already -+ if self.caps != None: -+ return -+ - self.caps = {} - self.caps['limit'] = {} - -@@ -78,14 +89,20 @@ - # Try to get capabilities from the running system if root - if self.do_checks and os.getuid() == 0 and not self.dryrun: - # v4 -- nf_caps = ufw.util.get_netfilter_capabilities(self.iptables) -+ try: -+ nf_caps = ufw.util.get_netfilter_capabilities(self.iptables) -+ except OSError as e: -+ error("initcaps\n%s" % e) - if 'recent-set' in nf_caps and 'recent-update' in nf_caps: - self.caps['limit']['4'] = True - else: - self.caps['limit']['4'] = False - - # v6 -- nf_caps = ufw.util.get_netfilter_capabilities(self.ip6tables) -+ try: -+ nf_caps = ufw.util.get_netfilter_capabilities(self.ip6tables) -+ except OSError as e: -+ error("initcaps\n%s" % e) - if 'recent-set' in nf_caps and 'recent-update' in nf_caps: - self.caps['limit']['6'] = True - else: diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0003-fix-typeerror-on-error.patch b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0003-fix-typeerror-on-error.patch deleted file mode 100644 index b259fdf78..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0003-fix-typeerror-on-error.patch +++ /dev/null @@ -1,20 +0,0 @@ -Origin: r797 -Description: src/backend_iptables.py: fix misplaced parenthesis - -Upstream-Status: Inappropriate [ not author ] - -Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> - -Index: ufw-0.33/src/backend_iptables.py -=================================================================== ---- ufw-0.33.orig/src/backend_iptables.py 2012-09-24 08:51:13.000000000 -0500 -+++ ufw-0.33/src/backend_iptables.py 2012-09-24 08:52:00.000000000 -0500 -@@ -1075,7 +1075,7 @@ - exe = self.ip6tables - (rc, out) = cmd([exe] + args) - if rc != 0: -- err_msg = _("Could not perform '%s'") % (args) -+ err_msg = _("Could not perform '%s'" % (args)) - if fail_ok: - debug("FAILOK: " + err_msg) - else: diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0003-only-make-one-reference-to-env.patch b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0003-only-make-one-reference-to-env.patch new file mode 100644 index 000000000..556d4459d --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0003-only-make-one-reference-to-env.patch @@ -0,0 +1,73 @@ +From 42170d379eddc12bd2d1fe84dc268882d8eb4d64 Mon Sep 17 00:00:00 2001 +From: Silcet <camorga1@gmail.com> +Date: Mon, 3 May 2021 08:59:28 +0000 +Subject: [PATCH] setup: only make one reference to env + +If sys.executable happens to be '/usr/bin/env python' or something +similar, the setup script will result in 'ufw' getting /usr/bin/env +repeated on the top line. This causes an error at runtime. Perform a +quick sanity check on sys.executable before doing the substitution. + +While we're at it, change the default value of 'exe' to the one we either +detected or specified on the build line. + +Upstream-Status: Inappropriate [ embedded specific ] + +Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> + +The patch was imported from the OpenEmbedded git server +(git://git.openembedded.org/openembedded) as of commit id +2cc1bd9dd060f5002c2fde7aacba86fe230c12af. + +A previous change had modified the way the python shebang was updated to +follow the same version as the one used to call setup.py. However, it +used a regex that was not matching anymore. To fix this, the regex +condition is removed so the shebang line is substituted with the sys.executable +value. Later in the installation distutils finds the string with the path +of sys.executable and replaces it with "#! /usr/bin/env python3". + +Signed-off-by: Silcet <camorga1@gmail.com> +--- + setup.py | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/setup.py b/setup.py +index 2343bc9..f8a638b 100644 +--- a/setup.py ++++ b/setup.py +@@ -64,7 +64,7 @@ class Install(_install, object): + real_sharedir = os.path.join(real_prefix, 'share', 'ufw') + + # Update the modules' paths +- for fn in [ 'common.py' ]: ++ for fn in [ 'common.py', 'util.py' ]: + # 'staging' is used with just 'install' but build_lib is used when + # using 'build'. We could probably override 'def build()' but this + # at least works +@@ -97,6 +97,12 @@ class Install(_install, object): + "-i", + "s%#SHARE_DIR#%" + real_sharedir + "%g", + f]) ++ ++ subprocess.call(["sed", ++ "-i.jjm", ++ "s%/sbin/iptables%" + iptables_exe + "%g", ++ f]) ++ + + if fn == 'common.py' and 'UFW_SKIP_CHECKS' in os.environ and \ + os.environ['UFW_SKIP_CHECKS'] != '': +@@ -123,10 +129,12 @@ class Install(_install, object): + self.mkpath(os.path.dirname(f)) + + # update the interpreter to that of the one the user specified for setup ++ # Distutils searches for the string of sys.executable and replaces it ++ # with the "#! /usr/bin/env pythonX" shebang on a later step + print("Updating staging/ufw to use %s" % (sys.executable)) + subprocess.call(["sed", + "-i", +- "1s%^#.*python.*%#! /usr/bin/env " + sys.executable + "%g", ++ "1s%/.*python.*%" + sys.executable + "%g", + 'staging/ufw']) + self.copy_file('staging/ufw', script) + self.copy_file('doc/ufw.8', manpage) diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0004-lp1039729.patch b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0004-lp1039729.patch deleted file mode 100644 index 695b26567..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0004-lp1039729.patch +++ /dev/null @@ -1,40 +0,0 @@ -Origin: r803, r804 -Description: Don't call get_netfilter_capabilities() with ipv6 if ipv6 is - disabled. -Bug-Ubuntu: https://launchpad.net/ufw/bugs/1039729 - -Upstream-Status: Inappropriate [ not author ] - -Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> - -Index: ufw-0.33/src/backend.py -=================================================================== ---- ufw-0.33.orig/src/backend.py 2012-12-04 09:21:57.000000000 -0600 -+++ ufw-0.33/src/backend.py 2012-12-04 09:22:40.000000000 -0600 -@@ -98,15 +98,17 @@ - else: - self.caps['limit']['4'] = False - -- # v6 -- try: -- nf_caps = ufw.util.get_netfilter_capabilities(self.ip6tables) -- except OSError as e: -- error("initcaps\n%s" % e) -- if 'recent-set' in nf_caps and 'recent-update' in nf_caps: -- self.caps['limit']['6'] = True -- else: -- self.caps['limit']['6'] = False -+ # v6 (skip capabilities check for ipv6 if ipv6 is disabled in ufw -+ # because the system may not have ipv6 support (LP: #1039729) -+ if self.use_ipv6(): -+ try: -+ nf_caps = ufw.util.get_netfilter_capabilities(self.ip6tables) -+ except OSError as e: -+ error("initcaps\n%s" % e) -+ if 'recent-set' in nf_caps and 'recent-update' in nf_caps: -+ self.caps['limit']['6'] = True -+ else: -+ self.caps['limit']['6'] = False - - def is_enabled(self): - '''Is firewall configured as enabled''' diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0005-lp1191197.patch b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0005-lp1191197.patch deleted file mode 100644 index b760d3fd3..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0005-lp1191197.patch +++ /dev/null @@ -1,32 +0,0 @@ -Origin: r816 -Description: add check for -m rt --rt-type 0 -Bug-Ubuntu: https://launchpad.net/bugs/1191197 -Forwarded: yes - -Upstream-Status: Inappropriate [ not author ] - -Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> - -Index: ufw-0.33/tests/check-requirements -=================================================================== ---- ufw-0.33.orig/tests/check-requirements 2012-08-17 16:12:49.000000000 -0500 -+++ ufw-0.33/tests/check-requirements 2013-06-15 07:47:00.000000000 -0500 -@@ -3,7 +3,7 @@ - # check-requirements: verify all the required iptables functionality is - # available - # --# Copyright 2008-2012 Canonical Ltd. -+# Copyright 2008-2013 Canonical Ltd. - # - # This program is free software: you can redistribute it and/or modify - # it under the terms of the GNU General Public License version 3, -@@ -218,6 +218,9 @@ - echo -n "icmpv6 with hl ($j): " - runcmd $exe -A $c -p icmpv6 --icmpv6-type $j -m hl --hl-eq 255 -j ACCEPT - done -+ -+ echo -n "ipv6 rt: " -+ runcmd $exe -A $c -m rt --rt-type 0 -j ACCEPT - fi - - echo "" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/setup-only-make-one-reference-to-env.patch b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/setup-only-make-one-reference-to-env.patch deleted file mode 100644 index ff704b5a4..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/setup-only-make-one-reference-to-env.patch +++ /dev/null @@ -1,77 +0,0 @@ -From be53eea06a5655fdc98f47a73be8277b65bb42ed Mon Sep 17 00:00:00 2001 -From: Joe MacDonald <joe_macdonald@mentor.com> -Date: Tue, 11 Nov 2014 21:41:14 -0500 -Subject: [PATCH] setup: only make one reference to env - -If sys.executable happens to be '/usr/bin/env python' or something -similar, the setup script will result in 'ufw' getting /usr/bin/env -repeated on the top line. This causes an error at runtime. Perform a -quick sanity check on sys.executable before doing the substitution. - -While we're at it, change the default value of 'exe' to the one we either -detected or specified on the build line. - -Upstream-Status: Inappropriate [ embedded specific ] - -Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> ---- - setup.py | 34 ++++++++++++++++++++++++++++------ - 1 file changed, 28 insertions(+), 6 deletions(-) - -diff --git a/setup.py b/setup.py -index b13d11c..73acdef 100644 ---- a/setup.py -+++ b/setup.py -@@ -64,7 +64,7 @@ class Install(_install, object): - real_sharedir = os.path.join(real_prefix, 'share', 'ufw') - - # Update the modules' paths -- for file in [ 'common.py' ]: -+ for file in [ 'common.py', 'util.py' ]: - print("Updating " + file) - subprocess.call(["sed", - "-i", -@@ -91,6 +91,11 @@ class Install(_install, object): - "s%#SHARE_DIR#%" + real_sharedir + "%g", - os.path.join('staging', file)]) - -+ subprocess.call(["sed", -+ "-i.jjm", -+ "s%/sbin/iptables%" + iptables_exe + "%g", -+ os.path.join('staging', file)]) -+ - # Now byte-compile everything - super(Install, self).run() - -@@ -107,12 +112,23 @@ class Install(_install, object): - for f in [ script, manpage, manpage_f ]: - self.mkpath(os.path.dirname(f)) - -+ # if sys.executable == /usr/bin/env python* the result will be the top -+ # of ufw getting: -+ # -+ # #! /usr/bin/env /usr/bin/env python -+ # -+ # which is not ideal -+ # - # update the interpreter to that of the one the user specified for setup -- print("Updating staging/ufw to use %s" % (sys.executable)) -- subprocess.call(["sed", -- "-i", -- "1s%^#.*python.*%#! /usr/bin/env " + sys.executable + "%g", -- 'staging/ufw']) -+ print("Updating staging/ufw to use (%s)" % (sys.executable)) -+ -+ if re.search("(/usr/bin/env)", sys.executable): -+ print("found 'env' in sys.executable (%s)" % (sys.executable)) -+ subprocess.call(["sed", -+ "-i.jjm", -+ "1s%^#.*python.*%#! " + sys.executable + "%g", -+ 'staging/ufw']) -+ - self.copy_file('staging/ufw', script) - self.copy_file('doc/ufw.8', manpage) - self.copy_file('doc/ufw-framework.8', manpage_f) --- -1.9.1 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.33.bb b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.36.bb index 42fc26258..8e35dc01e 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.33.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.36.bb @@ -1,3 +1,4 @@ + SUMMARY = "Uncomplicated Firewall" DESCRIPTION = "UFW stands for Uncomplicated Firewall, and is program for \ managing a netfilter firewall. It provides a command line interface and aims \ @@ -7,23 +8,18 @@ SECTION = "net" LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949" -SRC_URI = " \ - https://launchpad.net/ufw/0.33/0.33/+download/ufw-0.33.tar.gz \ - file://setup-add-an-option-to-specify-iptables-location.patch \ - file://setup-only-make-one-reference-to-env.patch \ +SRC_URI = "https://launchpad.net/ufw/0.36/0.36/+download/ufw-0.36.tar.gz \ file://0001-optimize-boot.patch \ - file://0002-lp1044361.patch \ - file://0003-fix-typeerror-on-error.patch \ - file://0004-lp1039729.patch \ - file://0005-lp1191197.patch \ -" + file://0002-add-an-option-to-specify-iptables-location.patch \ + file://0003-only-make-one-reference-to-env.patch \ + " UPSTREAM_CHECK_URI = "https://launchpad.net/ufw" -SRC_URI[md5sum] = "3747b453d76709e5a99da209fc0bb5f5" -SRC_URI[sha256sum] = "5f85a8084ad3539b547bec097286948233188c971f498890316dec170bdd1da8" +SRC_URI[md5sum] = "6d8ab1506da21ae003f4628f93d05781" +SRC_URI[sha256sum] = "754b22ae5edff0273460ac9f57509c3938187e0cf4fb9692c6a02833fff33cfc" -inherit setuptools3 features_check +inherit setuptools3 features_check systemd update-rc.d RDEPENDS_${PN} = " \ iptables \ @@ -43,6 +39,19 @@ RRECOMMENDS_${PN} = " \ kernel-module-nf-recent \ " +do_install_append() { + install -d ${D}${systemd_unitdir}/system/ + install -m 0644 ${S}/doc/systemd.example ${D}${systemd_unitdir}/system/ufw.service + + install -d ${D}${sysconfdir}/init.d/ + install -m 0755 ${S}/doc/initscript.example ${D}${sysconfdir}/init.d/ufw +} + +SYSTEMD_SERVICE_${PN} = "ufw.service" + +INITSCRIPT_NAME = "ufw" +INITSCRIPT_PARAMS = "defaults" + # Certain items are explicitly put under /lib, not base_libdir when installed. # FILES_${PN} += " \ diff --git a/meta-openembedded/meta-networking/recipes-connectivity/wolfssl/wolfssl_4.7.0.bb b/meta-openembedded/meta-networking/recipes-connectivity/wolfssl/wolfssl_4.7.1.bb index 83406f507..76a5fd75c 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/wolfssl/wolfssl_4.7.0.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/wolfssl/wolfssl_4.7.1.bb @@ -14,7 +14,7 @@ RPROVIDES_${PN} = "cyassl" SRC_URI = "git://github.com/wolfSSL/wolfssl.git;protocol=https \ " -SRCREV = "830de9a9fb99e30f9ac9caa0a7f7bba29c3b4863" +SRCREV = "95b91d89133a712a3d0f389442924612c103da24" S = "${WORKDIR}/git" inherit autotools |