diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2021-09-03 05:05:58 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2021-09-04 17:46:34 +0300 |
commit | d159c7fb39550d7348052766f46e51b26d3fd4cc (patch) | |
tree | f719f75759697649453e6bed883c54bae951eb74 /poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb | |
parent | 5b587cab386c4691eefa4885b9fd30794934c106 (diff) | |
download | openbmc-d159c7fb39550d7348052766f46e51b26d3fd4cc.tar.xz |
subtree updates
poky: 94dfcaff64..359e1cb62f:
Alexander Kanavin (76):
tcf-agent: fetching over git:// no longer works
lighttpd: convert from autotools to meson
libxcrypt: upgrade 4.4.23 -> 4.4.25
python3-cython: upgrade 0.29.23 -> 0.29.24
python3-numpy: upgrade 1.21.0 -> 1.21.2
systemd: upgrade 249.1 -> 249.3
xeyes: upgrade 1.1.2 -> 1.2.0
btrfs-tools: update 5.13 -> 5.13.1
diffutils: update 3.7 -> 3.8
mc: update 4.8.26 - > 4.8.27
libsdl2: update 2.0.14 -> 2.0.16
vulkan-samples: update to latest revision
pulseaudio: update 14.2 -> 15.0
libjitterentropy: update 3.0.2 -> 3.1.0
usbutils: upgrade 013 -> 014
inetutils: upgrade 2.0 -> 2.1
mobile-broadband-provider-info: upgrade 20201225 -> 20210805
glib-networking: upgrade 2.68.1 -> 2.68.2
e2fsprogs: upgrade 1.46.2 -> 1.46.4
help2man: upgrade 1.48.3 -> 1.48.4
libedit: upgrade 20210522-3.1 -> 20210714-3.1
log4cplus: upgrade 2.0.6 -> 2.0.7
mtools: upgrade 4.0.34 -> 4.0.35
patchelf: upgrade 0.12 -> 0.13
pkgconf: upgrade 1.7.4 -> 1.8.0
python3-git: upgrade 3.1.18 -> 3.1.20
python3-pip: upgrade 21.2.1 -> 21.2.4
python3-pygments: upgrade 2.9.0 -> 2.10.0
python3-setuptools: upgrade 57.1.0 -> 57.4.0
squashfs-tools: upgrade 4.4 -> 4.5
acpica: upgrade 20210331 -> 20210730
libidn2: upgrade 2.3.1 -> 2.3.2
stress-ng: upgrade 0.12.12 -> 0.13.00
sudo: upgrade 1.9.7p1 -> 1.9.7p2
epiphany: upgrade 40.2 -> 40.3
libgudev: upgrade 236 -> 237
libjpeg-turbo: upgrade 2.1.0 -> 2.1.1
libepoxy: upgrade 1.5.8 -> 1.5.9
pango: upgrade 1.48.7 -> 1.48.9
mesa: upgrade 21.1.5 -> 21.2.1
libinput: upgrade 1.18.0 -> 1.18.1
libxfont2: upgrade 2.0.4 -> 2.0.5
libxft: upgrade 2.3.3 -> 2.3.4
xserver-xorg: upgrade 1.20.12 -> 1.20.13
linux-firmware: upgrade 20210511 -> 20210818
wireless-regdb: upgrade 2021.04.21 -> 2021.07.14
libwebp: upgrade 1.2.0 -> 1.2.1
webkitgtk: upgrade 2.32.2 -> 2.32.3
boost: upgrade 1.76.0 -> 1.77.0
diffoscope: upgrade 179 -> 181
enchant2: upgrade 2.3.0 -> 2.3.1
re2c: upgrade 2.1.1 -> 2.2
rng-tools: upgrade 6.13 -> 6.14
kea: backport a patch to fix build errors exposed by latest update batch
qemu: add a hint on how to enable CPU render nodes when a suitable GPU is absent
mc: fix reproducibility
libjitterentropy: remove contaminated hashequiv entry
binutils: drop target flex/bison from build dependencies
gnu-efi: update 3.0.13 -> 3.0.14
glib-2.0: upgrade 2.68.3 -> 2.68.4
util-linux: upgrade 2.37.1 -> 2.37.2
ccache: upgrade 4.3 -> 4.4
git: upgrade 2.32.0 -> 2.33.0
openssh: upgrade 8.6p1 -> 8.7p1
ell: upgrade 0.42 -> 0.43
python3-mako: upgrade 1.1.4 -> 1.1.5
vala: upgrade 0.52.4 -> 0.52.5
libnsl2: upgrade 1.3.0 -> 2.0.0
gi-docgen: upgrade 2021.6 -> 2021.7
json-glib: upgrade 1.6.2 -> 1.6.4
bind: upgrade 9.16.19 -> 9.16.20
harfbuzz: upgrade 2.8.2 -> 2.9.0
qemurunner.py: print output from runqemu/qemu-system in stop()
qemurunner.py: handle getOutput() having nothing to read
rust: fix upstream version checks
mesa: enable crocus driver for older intel graphics
Andreas Müller (2):
mesa: upgrade 21.1.5 -> 21.1.7
binutils: Apply upstream patch to fix 'too many open files' on qtwebengine
Andrej Valek (2):
busybox: 1.33.1 -> 1.34.0
vim: add option to disable NLS support
Andres Beltran (2):
buildhistory: Add output file listing package information
buildhistory: Label packages providing per-file dependencies in depends.dot
Andrey Zhizhikin (2):
lttng-modules: do not search in non-existing folder during install
nativesdk-packagegroup-sdk-host: add perl integer module
Armin Kuster (2):
lz4: Security Fix for CVE-2021-3520
lz4: remove rest of ptest artifacts
Bruce Ashfield (21):
linux-yocto/5.13: update to v5.13.7
linux-yocto/5.4: update to v5.4.137
linux-yocto/5.10: update to v5.10.55
linux-yocto/5.4: update to v5.4.139
linux-yocto/5.10: update to v5.10.57
linux-yocto/5.13: update to v5.13.9
linux-yocto/5.4: remove recipes
conf/machine: bump qemu preferred versions to 5.13
linux-yocto-dev: bump to v5.14+
lttng-modules: update to 2.13.0
kernel-devsrc: 5.14+ updates
kernel-devsrc: fix 5.14+ objtool compilation
poky/poky-tiny: set default kernel to 5.13
poky: set default kernel to 5.13
yocto-bsp: drop 5.4 bbappend
poky-alt: switch default kernel to 5.10
linux-yocto/5.13: update to v5.13.11
linux-yocto/5.10: update to v5.10.59
linux-yocto/5.13: update to v5.13.12
linux-yocto/5.10: update to v5.10.60
parselogs.py: ignore intermittent CD/DVDROM identification failure
Chen Qi (1):
package_rpm/update-alternatives: fix package's provides
Daniel Gomez (2):
wic: Add --no-fstab-update part option
oeqa: wic: Add tests for --no-fstab-update
Denys Dmytriyenko (1):
grep: upgrade 3.6 -> 3.7
Enrico Scholz (1):
bitbake: fetch2/wget: fix 'no_proxy' handling
Hongxu Jia (2):
nativesdk-pseudo: Fix to work with glibc 2.34 systems
glibc: fix create thread failed in unprivileged process
Hsia-Jun Li (1):
lib/oe/elf: Add Android OS to machine_dict
Jon Mason (8):
arch-armv8m-main: missing space
conf/machine: move tune files to architecture directories
yocto-bsp: update machine confs with new tune locations
docs: update docs with new tune locations
arch-arm*: add better support for gcc march extensions
tune-cortexr*: add support for all Arm Cortex-R processors
arch-arm*: Fix bugs with dsp and simd feature include files
tune-*: Use more specific DEFAULTTUNE
Jose Quaresma (1):
sstate.bbclass: get the number of threads from BB_NUMBER_THREADS
Joshua Watt (17):
bitbake: contrib: vim: Add "remove" override highlighting
bitbake.conf: Add lz4c, pzstd and zstd
bitbake: bitbake: asyncrpc: Defer all asyncio to child process
conf/licenses: Add FreeType SPDX mapping
tzdata: Remove BSD License specifier
glib-2.0: Use specific BSD license variant
e2fsprogs: Use specific BSD license variant
shadow: Use specific BSD license variant
libcap: Use specific BSD license variant
sudo: Use specific BSD license variant
libpam: Use specific BSD license variant
libxfont2: Use specific BSD license variant
libjitterentropy: Use specific BSD license variant
libx11: Use specific BSD license variant
font-util: Use specific BSD license variant
flac: Use specific BSD license variant
swig: Use specific BSD license variant
Kai Kang (2):
libcgroup: fix installed-vs-shipped qa issue
rustfmt: fix SRC_URI
Kevin Hao (2):
meta-yocto-bsp: Set the default kernel to v5.13
meta-yocto-bsp: Bump the kernel to v5.13.11
Khem Raj (2):
weston: Re-order gbm destruction at DRM-backend tear down
musl: Update to latest tip of trunk
Kristian Klausen (1):
systemd: Add repart PACKAGECONFIG
Marco Felsch (1):
bitbake: bitbake: bitbake-layers: add skip reason to output
Marek Vasut (1):
weston: Add rdp PACKAGECONFIG
Marta Rybczynska (1):
lzo: add CVE_PRODUCT
Martin Jansa (3):
bitbake: prserv: handle PRSERV_HOST = "127.0.0.1:0" the same as "localhost:0"
bitbake: cooker/process: Fix typos in exiting message
rust: remove unused patches
Michael Halstead (2):
uninative: Upgrade to 3.3, support glibc 2.34
uninative: Upgrade to 3.4
Michael Opdenacker (2):
maintainers.inc: maintainer for alsa-*, flac, lame and speex
meta: stop using "virtual/" in RPROVIDES and RDEPENDS
Mingli Yu (2):
shadow: fix default value in SHA_get_salt_rounds()
bitbake: prserv: make localhost work
Oleksandr Popovych (1):
utils: Reduce the number of calls to the "dirname" command
Oliver Kranz (1):
Allow global override of golang GO_DYNLINK
Paul Barker (2):
bitbake: prserv: Replace XML RPC with modern asyncrpc implementation
bitbake: prserv: Add read-only mode
Paul Gortmaker (1):
ltp: backport ioctl_ns05 fix from upstream
Peter Kjellerstedt (7):
lttng-modules: Make it build when CONFIG_TRACEPOINTS is not enabled again
poky-floating-revisions.inc: Use new override syntax for commented vars
local.conf.sample: Use the new override syntax for a commented variable
bitbake.conf: Use the new variable override syntax in a comment
buildhistory-collect-srcrevs: Adapt to the new variable override syntax
meson.bbclass: Make the default buildtype "debug" if DEBUG_BUILD is 1
bitbake: providers: Use new override syntax when handling pn- "override"
Purushottam Choudhary (1):
assimp: added patch to fix hardcoded non-existing paths in CMake modules
Randy MacLeod (8):
openssl: upgrade from 1.1.1k to 1.1.1l
rust: initial merge of most of meta-rust
rust: mv README.md to recipes-devtools/rust/README-rust.md
rust: update the README to conform to being in oe-core
cargo/rust/rustfmt: exclude from world
maintainers: Add myself as maintainer for rust pkgs
cargo_common: remove http_proxy
rust: remove Rust version 1.51.0 toolchain
Richard Purdie (27):
elfutils: Add zstd PACKAGECONFIG for determinism
man-db: Add compression PACKAGECONFIG entries
oeqa/selftest/glibc: Handle incorrect encoding issuesin glibc test results
package/scripts: Fix FILES_INFO handling
package: Fix overrides converion issue with PKGSIZE
bitbake: bitbake: Make 3.6.0 the minimum python version
elfutils: Fix ptest dependencies
bsp-guide: Fix reference to bbappend section of dev-manual
ref-manual: Fix reference to bbappend section of dev-manual
gcc: Fix nativesdk builds and multilib fixes with gcc 11
bitbake: README: Add note about test suite and new tests
pseudo: Fix to work with glibc 2.34 systems
bitbake: README: Fix typo
rust-cross*: Fix OVERRRIDE references in task signature computation
rust-cross-canadian-common: Use rust.inc directly, not rust-target
cargo: Ensure cargo-cross-canadian doesn't have native/nativesdk versions
rust-native: Avoid stripped warning
rust-llvm: Add missing HOMEPAGE
rust: Skip target recipe since it doesn't work
oeqa/selftest/distrodata: Fix up rust maintainer testing
rust: Avoid buildtools+uninative issues with glibc symbols mismatches
rust-common: Add LDFLAGS to cc wrapper
oeqa/selftest/reproducibile: Exclude rust packages
kernel: Use unexpanded EXTENDPKGV
oeqa/buildtools-cases: Allow bitbake time to shutdown
cargo: Apply uninative fix to snapshot as with rust
rust-common: Hack around LD_LIBRARY_PATH issues on centos7
Robert P. J. Day (1):
scripts/lib/wic/help/py: "Redhat" -> "Red Hat"
Ross Burton (11):
oeqa/selftest/buildoptions: test buildhistory PKGSIZE and FILELIST fields
uninative: Improve glob to handle glibc 2.34
oeqa/sdk: add relocation test for buildtools
glibc: package the stub .a libaries into glibc-dev
oeqa/sdk: add HTTPS test for buildtools
libcgroup: upgrade to 2.0
gcc: also relocate the musl loader
local.conf.sample.extended: fix commented-out override syntax
cpio: backport fix for CVE-2021-38185
mesa: fix build on Arm V5 with soft float
ptest: allow the ptest-packagelists.inc warning to be disabled
Sakib Sajal (1):
qemu: fix CVE-2021-3682
Scott Murray (2):
bitbake: bitbake: asyncrpc: always create new asyncio loops
prservice: remove connection caching
Stefan Herbrechtsmeier (4):
u-boot: Remove redundancy from installed and deployed SPL artifact names
u-boot: Remove misplaced configuration type variable
u-boot: Make SPL suffix configurable
u-boot: Make UBOOT_BINARYNAME configurable
Tim Orling (7):
python3-importlib-metadata: upgrade 4.6.3 -> 4.6.4
python3-hypothesis: upgrade 6.14.5 -> 6.14.8
python3-hypothesis: upgrade 6.14.8 -> 6.15.0
python3-hypothesis: enable ptest
python3-pluggy: upgrade 0.13.1 -> 1.0.0
python3-pytest: allow python3-pluggy >=1.0.0
rust-common.bbclass: export RUST_TARGET_PATH
Trevor Gamblin (1):
bluez: upgrade 5.60 -> 5.61
Trevor Woerner (1):
distro_features_check: expand with IMAGE_FEATURES
Vinay Kumar (2):
glibc: Fix CVE-2021-38604
rust-common.inc: Fix build failure with qemuppc64.
Yi Zhao (2):
prelink: add PACKAGECONFIG for selinux
shadow: add /etc/default/useradd
Zoltán Böszörményi (4):
kernel-module-split.bbclass: Support zstd-compressed modules
Allow opt-out of split kernel modules
kernel.bbclass: Use full versions for inter-package dependencies
base/kernel: Support zstd-compressed squashfs and cpio initramfs
leimaohui (2):
Fix conflict error when enable multilib.
wordsize.h: Fix a miss, this file in arm and aarch64 should be the same.
meta-raspberrypi: 32921fc9bd..a6fa6b3aec:
Khem Raj (4):
machines: Use tune files from new location in oe-core
linux-raspberrypi: Update to 5.10.59
raspberrypi-firmware: Update to latest
raspberrypi4: Use full kms (vc4-kms-v3d) DT overlay
Marcus Comstedt (1):
pi-bluetooth: Add compatibility with non-systemd builds
Tom Rini (1):
xserver-xf86-config: Correctly append to FILES:${PN}
meta-security: c885d399cd..1f18c623e9:
Armin Kuster (10):
cryfs: add new package
kas-security-bas: bump conf value
kas: fix DISTRO appends
dm-verity-img.bbclass: more overided fixups
krill: Rust is in core now
suricata: rust is in core
layer.conf: drop dynamic-layer
layer.conf: drop meta-rust
harden-image-minimal: fix useradd inherit
kas: remove rust layers
Daiane Angolini (1):
meta-integrity: kernel-modsign: Change weak default value
George Liu (1):
meta: Fix typos
Marta Rybczynska (2):
README: fix mailing lists
README: fix mailing lists and a typo
meta-openembedded: a13db91f19..9fdc7960ba:
Andreas Müller (6):
catch2: upgrade 2.13.6 -> 2.13.7
fltk/CMake: Do not export executable 'fluid'
fltk: upgrade 1.3.6 -> 1.3.7
network-manager-applet: upgrade 1.22.0 -> 1.24.0
networkmanager: upgrade 1.32.4 -> 1.32.8
udisks2: upgrade 2.9.2 -> 2.9.3
Anton Blanchard (2):
boost-url: Use GNUInstallDirs instead of hard wiring install directories
cereal: Use GNUInstallDirs instead of hard wiring install directories
Changqing Li (1):
linuxptp: upgrade 3.1 -> 3.1.1
Devendra Tewari (1):
android-tools: Add flag to enable adbd service (#147)
Dmitry Baryshkov (1):
image_types_sparse: stop using ext2simg
Easwar Hariharan (1):
chrony: Fix privdrop packageconfig
Joe Slater (1):
nginx: fix CVE-2021-3618
Justin Bronder (1):
hidapi: add rdep on glibc-gconv-utf-16
Khem Raj (7):
layer.conf: Add ttf-ipa to SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS on fontconfig
mpich: link explictly with libgcc
packagegroup-meta-networking: Add bmon
libnss-nisplus: Remove
pipewire: Upgrade to 0.3.34
bluealsa: Add recipe
apitrace: Enable on glibc >= 2.34
Leon Anavi (21):
python3-astroid: Upgrade 2.6.6 -> 2.7.0
python3-ujson: Upgrade 4.0.2 -> 4.1.0
python3-pycurl: Upgrade 7.44.0 -> 7.44.1
python3-websocket-client: Upgrade 1.1.0 -> 1.2.1
python3-bitarray: Upgrade 2.2.5 -> 2.3.0
python3-langtable: Upgrade 0.0.54 -> 0.0.56
python3-pandas: Upgrade 1.3.1 -> 1.3.2
python3-tzlocal: Upgrade 2.1 -> 3.0
python3-zeroconf: Upgrade 0.34.3 -> 0.36.0
python3-dbus-next: Upgrade 0.2.2 -> 0.2.3
python3-astroid: Upgrade 2.7.0 -> 2.7.1
python3-ruamel-yaml: Upgrade 0.17.10 -> 0.17.11
python3-unidiff: Upgrade 0.6.0 -> 0.7.0
python3-qrcode: Upgrade 7.2 -> 7.3
python3-simplejson: Upgrade 3.17.3 -> 3.17.4
python3-regex: Upgrade 2021.7.6 -> 2021.8.3
python3-colorlog: Upgrade 5.0.1 -> 6.4.1
python3-ruamel-yaml: Upgrade 0.17.11 -> 0.17.13
python3-simplejson: Upgrade 3.17.4 -> 3.17.5
python3-bitarray: Upgrade 2.3.0 -> 2.3.2
python3-watchdog: Upgrade 2.1.3 -> 2.1.5
Martin Jansa (1):
layer.conf: Add ttf-takao to SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS on fontconfig
Matija Tudan (1):
gpsd: upgrade 3.20 -> 3.23
Matteo Croce (1):
libbpf: bump to 0.4.0
Michael Opdenacker (2):
meta-multimedia: stop using "virtual/" in RPROVIDES and RDEPENDS
meta-oe: stop using "virtual/" in RPROVIDES and RDEPENDS
Mingli Yu (4):
polkit: fix CVE-2021-3560
vsftpd: Upgrade to 3.0.5
mariadb: Upgrade to 10.6.4
jemalloc: improve reproducibility
Nathan Rossi (1):
nginx: Fix off_t size passed in configure
Oleksandr Kravchuk (6):
font-adobe-100dpi: fix UPSTREAM_CHECK_REGEX
font-adobe-utopia-100dpi: fix UPSTREAM_CHECK_REGEX
font-bh-100dpi: fix UPSTREAM_CHECK_REGEX
font-bh-lucidatypewriter-100dpi: fix UPSTREAM_CHECK_REGEX
font-bitstream-100dpi: fix UPSTREAM_CHECK_REGEX
xf86-input-tslib: update to 1.1.1
Patrick Areny (2):
libConfuse: Add recipe
bmon: Add recipe
Peter Kjellerstedt (6):
gpsd: Let scons install the udev and systemd files
gpsd: Move /usr/share/gpsd/doc to the gpsd-doc package
poppler: Explicitly enable/disable boost together with splash
chrony: Use new override syntax for USERADD_PARAM
gpsd: Correct the installation of gpsd.hotplug if systemd is not enabled
gpsd: Do not install gpsd.hotplug unconditionally
Peter Morrow (1):
libbpf: remove stale comment
Sakib Sajal (2):
lmdb: use libprefix in Makefile to install libraries
gd: fix CVE-2021-38115
Sinan Kaya (4):
c-ares: remove custom patches
grpc: make SHARED library build optional
libkcapi: add a hash only packageconfig
libkcapi: allow an option to build natively
Tim Orling (2):
bootchart: drop; unfetchable
python3-django_2.2.x: only check upstream 2.2.x
Trevor Gamblin (5):
python3-click: Add missing ptest artifacts
python3-eventlet: add 0.30.2 to meta-python
python3-gunicorn: tweak run-ptest, add RDEPENDS
python3-license-expression: add ptest artifacts
nftables: upgrade 0.9.9 -> 1.0.0
Vesa Jääskeläinen (2):
python3-cached-property: Add recipe for version 1.5.2
python3-pkcs11: Add recipe for version 0.7.0
Yi Zhao (2):
audit: upgrade 3.0.4 -> 3.0.5
krb5: filtering out -f*-prefix-map from krb5-config
Zoltán Böszörményi (1):
metacity: Add a patch to create build/src/core before moving generated sources to it
leimaohui (3):
packagegroup-meta-oe: Update ttf-ipa package name.
uim: Dleted takao fonts from DEPENDS.
takao-fonts: It should be in ttf-fonts directory as the other ttf fonts.
wangmy (14):
fetchmail: upgrade 6.4.20 -> 6.4.21
c-ares: upgrade 1.17.1 -> 1.17.2
icewm: upgrade 2.6.0 -> 2.7.0
netplan: upgrade 0.102 -> 0.103
ctags: upgrade 5.9.20210801.0 -> 5.9.20210815.0
live555: upgrade 20210720 -> 20210809
opensc: upgrade 0.21.0 -> 0.22.0
xfsprogs: upgrade 5.12.0 -> 5.13.0
networkmanager: upgrade 1.32.8 -> 1.32.10
can-utils: upgrade 2021.06.0 -> 2021.08.0
doxygen: upgrade 1.9.1 -> 1.9.2
gensio: upgrade 2.2.8 -> 2.2.9
live555: upgrade 20210809 -> 20210824
sedutil: upgrade 1.15.1.01 -> 1.20.0
zangrc (14):
python3-flask-migrate: upgrade 3.0.1 -> 3.1.0
python3-flask-socketio: upgrade 5.1.0 -> 5.1.1
python3-google-api-python-client: upgrade 2.15.0 -> 2.17.0
python3-grpcio-tools: upgrade 1.38.1 -> 1.39.0
python3-grpcio: upgrade 1.38.1 -> 1.39.0
python3-wheel: upgrade 0.36.2 -> 0.37.0
libio-socket-ssl-perl: upgrade 2.071 -> 2.072
python3-aiohttp-jinja2: upgrade 1.4.2 -> 1.5
python3-gevent: upgrade 21.1.2 -> 21.8.0
python3-google-api-python-client: upgrade 2.17.0 -> 2.18.0
python3-h5py: upgrade 3.3.0 -> 3.4.0
python3-haversine: upgrade 2.3.1 -> 2.4.0
python3-pyephem: upgrade 3.7.7.1 -> 4.0.0.2
rdma-core: upgrade 35.0 -> 36.0
zhengruoqin (12):
libqmi: upgrade 1.28.8 -> 1.30.0
sedutil: upgrade 1.15.1 -> 1.15.1.01
libencode-perl: upgrade 3.11 -> 3.12
python3-pymisp: upgrade 2.4.144 -> 2.4.148
python3-pyzmq: upgrade 22.1.0 -> 22.2.1
python3-tqdm: upgrade 4.62.0 -> 4.62.2
iwd: upgrade 1.16 -> 1.17
xmlsec1: upgrade 1.2.31 -> 1.2.32
xrdb: upgrade 1.2.0 -> 1.2.1
python3-regex: upgrade 2021.8.3 -> 2021.8.27
python3-sqlalchemy: upgrade 1.4.22 -> 1.4.23
python3-stevedore: upgrade 3.3.0 -> 3.4.0
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I2960f1ce53a1e2cde8b03b929829db9a2f105541
Diffstat (limited to 'poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb')
-rw-r--r-- | poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb | 248 |
1 files changed, 248 insertions, 0 deletions
diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb new file mode 100644 index 000000000..b241ba78b --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb @@ -0,0 +1,248 @@ +SUMMARY = "Secure Socket Layer" +DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." +HOMEPAGE = "http://www.openssl.org/" +BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" +SECTION = "libs/network" + +# "openssl" here actually means both OpenSSL and SSLeay licenses apply +# (see meta/files/common-licenses/OpenSSL to which "openssl" is SPDXLICENSEMAPped) +LICENSE = "openssl" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8" + +DEPENDS = "hostperl-runtime-native" + +SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ + file://run-ptest \ + file://0001-skip-test_symbol_presence.patch \ + file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ + file://afalg.patch \ + file://reproducible.patch \ + " + +SRC_URI:append:class-nativesdk = " \ + file://environment.d-openssl.sh \ + " + +SRC_URI:append:riscv32 = " \ + file://0003-Add-support-for-io_pgetevents_time64-syscall.patch \ + file://0004-Fixup-support-for-io_pgetevents_time64-syscall.patch \ + " + +SRC_URI[sha256sum] = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1" + +inherit lib_package multilib_header multilib_script ptest +MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" + +PACKAGECONFIG ?= "" +PACKAGECONFIG:class-native = "" +PACKAGECONFIG:class-nativesdk = "" + +PACKAGECONFIG[cryptodev-linux] = "enable-devcryptoeng,disable-devcryptoeng,cryptodev-linux,,cryptodev-module" +PACKAGECONFIG[no-tls1] = "no-tls1" +PACKAGECONFIG[no-tls1_1] = "no-tls1_1" + +B = "${WORKDIR}/build" +do_configure[cleandirs] = "${B}" + +#| ./libcrypto.so: undefined reference to `getcontext' +#| ./libcrypto.so: undefined reference to `setcontext' +#| ./libcrypto.so: undefined reference to `makecontext' +EXTRA_OECONF:append:libc-musl = " no-async" +EXTRA_OECONF:append:libc-musl:powerpc64 = " no-asm" + +# adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions +# (native versions can be built with newer glibc, but then relocated onto a system with older glibc) +EXTRA_OECONF:class-native = "--with-rand-seed=os,devrandom" +EXTRA_OECONF:class-nativesdk = "--with-rand-seed=os,devrandom" + +# Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. +CFLAGS:append:class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" +CFLAGS:append:class-nativesdk = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" + +# Disable deprecated crypto algorithms +# Retained for compatibilty +# des (curl) +# dh (python-ssl) +# dsa (rpm) +# md4 (cyrus-sasl freeradius hostapd) +# bf (wvstreams postgresql x11vnc crda znc cfengine) +# rc4 (freerdp librtorrent ettercap xrdp transmission pam-ssh-agent-auth php) +# rc2 (mailx) +# psk (qt5) +# srp (libest) +# whirlpool (qca) +DEPRECATED_CRYPTO_FLAGS = "no-ssl no-idea no-rc5 no-md2 no-camellia no-mdc2 no-scrypt no-seed no-siphash no-sm2 no-sm3 no-sm4" + +do_configure () { + os=${HOST_OS} + case $os in + linux-gnueabi |\ + linux-gnuspe |\ + linux-musleabi |\ + linux-muslspe |\ + linux-musl ) + os=linux + ;; + *) + ;; + esac + target="$os-${HOST_ARCH}" + case $target in + linux-arm*) + target=linux-armv4 + ;; + linux-aarch64*) + target=linux-aarch64 + ;; + linux-i?86 | linux-viac3) + target=linux-x86 + ;; + linux-gnux32-x86_64 | linux-muslx32-x86_64 ) + target=linux-x32 + ;; + linux-gnu64-x86_64) + target=linux-x86_64 + ;; + linux-mips | linux-mipsel) + # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags + target="linux-mips32 ${TARGET_CC_ARCH}" + ;; + linux-gnun32-mips*) + target=linux-mips64 + ;; + linux-*-mips64 | linux-mips64 | linux-*-mips64el | linux-mips64el) + target=linux64-mips64 + ;; + linux-microblaze* | linux-nios2* | linux-sh3 | linux-sh4 | linux-arc*) + target=linux-generic32 + ;; + linux-powerpc) + target=linux-ppc + ;; + linux-powerpc64) + target=linux-ppc64 + ;; + linux-powerpc64le) + target=linux-ppc64le + ;; + linux-riscv32) + target=linux-generic32 + ;; + linux-riscv64) + target=linux-generic64 + ;; + linux-sparc | linux-supersparc) + target=linux-sparcv9 + ;; + mingw32-x86_64) + target=mingw64 + ;; + esac + + useprefix=${prefix} + if [ "x$useprefix" = "x" ]; then + useprefix=/ + fi + # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the + # environment variables set by bitbake. Adjust the environment variables instead. + HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \ + perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} ${DEPRECATED_CRYPTO_FLAGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir} $target + perl ${B}/configdata.pm --dump +} + +do_install () { + oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install + + oe_multilib_header openssl/opensslconf.h + + # Create SSL structure for packages such as ca-certificates which + # contain hard-coded paths to /etc/ssl. Debian does the same. + install -d ${D}${sysconfdir}/ssl + mv ${D}${libdir}/ssl-1.1/certs \ + ${D}${libdir}/ssl-1.1/private \ + ${D}${libdir}/ssl-1.1/openssl.cnf \ + ${D}${sysconfdir}/ssl/ + + # Although absolute symlinks would be OK for the target, they become + # invalid if native or nativesdk are relocated from sstate. + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf +} + +do_install:append:class-native () { + create_wrapper ${D}${bindir}/openssl \ + OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \ + SSL_CERT_DIR=${libdir}/ssl-1.1/certs \ + SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \ + OPENSSL_ENGINES=${libdir}/engines-1.1 +} + +do_install:append:class-nativesdk () { + mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d + install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh + sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh +} + +PTEST_BUILD_HOST_FILES += "configdata.pm" +PTEST_BUILD_HOST_PATTERN = "perl_version =" +do_install_ptest () { + # Prune the build tree + rm -f ${B}/fuzz/*.* ${B}/test/*.* + + cp ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} + cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} + + # For test_shlibload + ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/ + ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/ + + install -d ${D}${PTEST_PATH}/apps + ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps + install -m644 ${S}/apps/*.pem ${S}/apps/*.srl ${S}/apps/openssl.cnf ${D}${PTEST_PATH}/apps + install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps + + install -d ${D}${PTEST_PATH}/engines + install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines + + # seems to be needed with perl 5.32.1 + install -d ${D}${PTEST_PATH}/util/perl/recipes + cp ${D}${PTEST_PATH}/test/recipes/tconversion.pl ${D}${PTEST_PATH}/util/perl/recipes/ +} + +# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto +# package RRECOMMENDS on this package. This will enable the configuration +# file to be installed for both the openssl-bin package and the libcrypto +# package since the openssl-bin package depends on the libcrypto package. + +PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc" + +FILES:libcrypto = "${libdir}/libcrypto${SOLIBS}" +FILES:libssl = "${libdir}/libssl${SOLIBS}" +FILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf \ + ${libdir}/ssl-1.1/openssl.cnf* \ + " +FILES:${PN}-engines = "${libdir}/engines-1.1" +# ${prefix} comes from what we pass into --prefix at configure time (which is used for INSTALLTOP) +FILES:${PN}-engines:append:mingw32:class-nativesdk = " ${prefix}${libdir}/engines-1_1" +FILES:${PN}-misc = "${libdir}/ssl-1.1/misc ${bindir}/c_rehash" +FILES:${PN} =+ "${libdir}/ssl-1.1/*" +FILES:${PN}:append:class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" + +CONFFILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf" + +RRECOMMENDS:libcrypto += "openssl-conf" +RDEPENDS:${PN}-misc = "perl" +RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash" + +RDEPENDS:${PN}-bin += "openssl-conf" + +BBCLASSEXTEND = "native nativesdk" + +CVE_PRODUCT = "openssl:openssl" + +CVE_VERSION_SUFFIX = "alphabetical" + +# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37 +# Apache in meta-webserver is already recent enough +CVE_CHECK_WHITELIST += "CVE-2019-0190" |