diff options
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-daemons')
21 files changed, 150 insertions, 814 deletions
diff --git a/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.conf.sample b/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.conf.sample deleted file mode 100644 index ec0584193..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.conf.sample +++ /dev/null @@ -1,21 +0,0 @@ -# options to dnrd - -# example: two default dns servers and dns servers for exampledomain.com. The -# latter are load balanced (-b) -# -# - -# DNRD_OPTS=" -# -s XXX.XXX.XX.XXX -# -s XXX.XXX.XX.XXX -# -b -# -s XXX.XXX.XX.XXX:exampledomain.com -# -s XXX.XXX.XX.XXX:exampledomain.com" - -# example: dnrd user -# - -# DNRD_USER="user" -# - - diff --git a/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.init b/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.init deleted file mode 100644 index 2fe583fcf..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.init +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/sh -# -# Startup script for dnrd -# -# Copyright 2008, Rakesh Pandit <rakesh.pandit@gmail.com> -# -# This source is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This source is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# chkconfig: - 85 15 -# description: dnrd is a proxying nameserver. It forwards DNS queries to the -# appropriate nameserver, but can also act as the primary nameserver for -# a subnet behind a firewall. It also has features such as caching DNS -# requests, support for DNS servers, cache poisoning prevention, TCP -# support, etc.. - -# processname: dnrd -# pidfile: /var/run/dnrd.pid -# config: /etc/dnrd/dnrd.conf - -# Provides: dnrd -# Required-Start: -# Should-Start: -# Required-Stop: -# Default-Stop: 0 1 2 6 -# Short-Description: Start dnrd daemon -# Description: Domain Name Relay Daemon -# END INIT INFO - -exe=/usr/sbin/dnrd -pfile=/etc/passwd - -# Source function library. -. /etc/init.d/functions - -# Source conf file -. /etc/dnrd/dnrd.conf - -[ -x $exe ] || exit 1 -[ -r "/etc/dnrd/dnrd.conf" ] || exit 1 -if [ $DNRD_USER ] -then - grep "^${LOGIN}:" $pfile >/dev/null 2>&1 - if [ $? -eq 0 ];then - echo "$DNRD_USER specified in /etc/dnrd/dnrd.conf does not exist!" - fi -else - echo "DNRD_USER not set at /etc/dnrd/dnrd.conf!" - exit 1 -fi - -case "$1" in - start) - echo -n "Starting dnrd: " - daemon dnrd $DNRD_OPTS -u $DNRD_USER - echo - touch /var/lock/subsys/dnrd - ;; - stop) - echo -n "Shutting down dnrd: " - killproc dnrd - echo - rm -f /var/lock/subsys/dnrd - rm -f /var/run/dnrd.pid - ;; - status) - status dnrd - ;; - restart) - $0 stop - $0 start - ;; - reload) - echo -n "Reloading dnrd: " - killproc dnrd -HUP - echo - ;; - *) - echo "Usage: $0 {start|stop|restart|reload|status}" - exit 1 -esac - -exit 0 diff --git a/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.service b/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.service deleted file mode 100644 index 9c9fa6639..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/dnrd/dnrd/dnrd.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Domain Name Relay Daemon -After=network.target - -[Service] -Type=forking -PIDFile=/var/run/dnrd.pid -EnvironmentFile=/etc/dnrd/dnrd.conf -ExecStart=/usr/sbin/dnrd $DNRD_OPTS -u $DNRD_USER - -[Install] -WantedBy=multi-user.target diff --git a/meta-openembedded/meta-networking/recipes-daemons/keepalived/keepalived_1.4.2.bb b/meta-openembedded/meta-networking/recipes-daemons/keepalived/keepalived_2.0.15.bb index 31c50ff6b..9a20e02db 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/keepalived/keepalived_1.4.2.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/keepalived/keepalived_2.0.15.bb @@ -11,8 +11,8 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRC_URI = "http://www.keepalived.org/software/${BP}.tar.gz" -SRC_URI[md5sum] = "610af6e04071f02d3469191de7499f4e" -SRC_URI[sha256sum] = "4e2d7cc01a6ee29a3955f5c622d47704ba7d9dd758189f15e9def016a2d1faa3" +SRC_URI[md5sum] = "68413d76fc23191ddd66246d498e19b5" +SRC_URI[sha256sum] = "933ee01bc6346aa573453b998f87510d3cce4aba4537c9642b24e6dbfba5c6f4" DEPENDS = "libnfnetlink openssl" diff --git a/meta-openembedded/meta-networking/recipes-daemons/networkd-dispatcher/networkd-dispatcher.bb b/meta-openembedded/meta-networking/recipes-daemons/networkd-dispatcher/networkd-dispatcher_2.0.1.bb index 050a93824..affd0aae0 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/networkd-dispatcher/networkd-dispatcher.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/networkd-dispatcher/networkd-dispatcher_2.0.1.bb @@ -15,11 +15,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=84dcc94da3adb52b53ae4fa38fe49e5d" RDEPENDS_${PN} = "systemd python3 python3-pygobject python3-dbus" -SRC_URI = "git://gitlab.com/craftyguy/networkd-dispatcher.git;protocol=https" -SRCREV = "c7e25623a161b64618ea778541c064d2a1df086b" -PV = "1.7+git${SRCPV}" - -S = "${WORKDIR}/git" +SRC_URI = "https://gitlab.com/craftyguy/networkd-dispatcher/-/archive/${PV}/networkd-dispatcher-${PV}.tar.bz2" +SRC_URI[md5sum] = "304d7dcc21331ea295e207f8493cb8d8" +SRC_URI[sha256sum] = "21f84c3646a043329dc64787e4e58dfce592b2559b0e3069af82c469805660c2" # Nothing to build, just a python script to install do_configure[noexec] = "1" diff --git a/meta-openembedded/meta-networking/recipes-daemons/openhpi/files/openhpi-fix-function-saHpiSensorThresholds.patch b/meta-openembedded/meta-networking/recipes-daemons/openhpi/files/openhpi-fix-function-saHpiSensorThresholds.patch new file mode 100644 index 000000000..b2771c0c9 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-daemons/openhpi/files/openhpi-fix-function-saHpiSensorThresholds.patch @@ -0,0 +1,35 @@ +From e0b2be7a1fce0fed63bac8c350b711b69edfe30e Mon Sep 17 00:00:00 2001 +From: "yanjun.zhu" <yanjun.zhu@windriver.com> +Date: Tue, 30 Apr 2019 10:04:58 +0800 +Subject: [PATCH] openhpid/safhpi.c: fix function saHpiSensorThresholdsSet + +In COPY_TH the SensorThresholds->TH will be copied to tmp.TH only if +TH.IsSupported == SAHPI_TRUE. So we should pass &tmp but not +SensorThresholds as the argument to OH_CALL_ABI. Otherwise the TH will +be set even if TH.IsSupported == SAHPI_FALSE. + +Upstream-Status: Submitted +[https://github.com/open-hpi/openhpi/pull/2744/commits/77a78bb1ada56e55c5ba6d7a5987c214705bf035] + +Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + openhpid/safhpi.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/openhpid/safhpi.c b/openhpid/safhpi.c +index 28a2632..61b7f03 100644 +--- a/openhpid/safhpi.c ++++ b/openhpid/safhpi.c +@@ -1933,7 +1933,7 @@ SaErrorT SAHPI_API saHpiSensorThresholdsSet ( + oh_release_domain(d); /* Unlock domain */ + + OH_CALL_ABI(h, set_sensor_thresholds, SA_ERR_HPI_INVALID_CMD, rv, +- ResourceId, SensorNum, SensorThresholds); ++ ResourceId, SensorNum, &tmp); + oh_release_handler(h); + + return rv; +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-daemons/openhpi/files/openhpi-fix-testfail-errors.patch b/meta-openembedded/meta-networking/recipes-daemons/openhpi/files/openhpi-fix-testfail-errors.patch deleted file mode 100644 index 60e2e7919..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/openhpi/files/openhpi-fix-testfail-errors.patch +++ /dev/null @@ -1,33 +0,0 @@ -Fix for saftest failures. - -Upstream-Status: Pending - -Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> - -Index: openhpi-3.6.1/openhpid/safhpi.c -=================================================================== ---- openhpi-3.6.1.orig/openhpid/safhpi.c -+++ openhpi-3.6.1/openhpid/safhpi.c -@@ -1933,7 +1933,7 @@ SaErrorT SAHPI_API saHpiSensorThresholds - oh_release_domain(d); /* Unlock domain */ - - OH_CALL_ABI(h, set_sensor_thresholds, SA_ERR_HPI_INVALID_CMD, rv, -- ResourceId, SensorNum, SensorThresholds); -+ ResourceId, SensorNum, &tmp); - oh_release_handler(h); - - return rv; -Index: openhpi-3.6.1/utils/sahpi_struct_utils.c -=================================================================== ---- openhpi-3.6.1.orig/utils/sahpi_struct_utils.c -+++ openhpi-3.6.1/utils/sahpi_struct_utils.c -@@ -3861,6 +3861,9 @@ SaHpiBoolT oh_valid_textbuffer(SaHpiText - /* found a unpaired surrogate */ - return SAHPI_FALSE; - } -+ } else { -+ /*the first 2 bytes wrong*/ -+ return SAHPI_FALSE; - } - } - break; diff --git a/meta-openembedded/meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb b/meta-openembedded/meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb index ca9130db1..e3a0c2eb6 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb @@ -33,7 +33,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.gz \ file://openhpi-glib-cross-compile.patch \ file://openhpi-linkfix.patch \ file://openhpi-fix-host-gcc.patch \ - file://openhpi-fix-testfail-errors.patch \ + file://openhpi-fix-function-saHpiSensorThresholds.patch \ file://openhpi-add-libnetsnmp-when-link.patch \ file://openhpi-invalide-session.patch \ file://openhpi-use-serial-tests-config-needed-by-ptest.patch \ @@ -70,10 +70,10 @@ export DISTRO do_install_append () { install -m 0755 -d ${D}${sysconfdir}/${BPN} - install -m 0755 ${S}/openhpiclient.conf.example ${D}${sysconfdir}/${BPN}/openhpiclient.conf - install -m 0700 ${S}/openhpi.conf.example ${D}${sysconfdir}/${BPN}/openhpi.conf - install -m 0755 ${S}/simulation.data.example ${D}${sysconfdir}/${BPN}/simulation.data - install -m 0755 ${S}/test_agent.data.example ${D}${sysconfdir}/${BPN}/test_agent.data + install -m 0644 ${S}/openhpiclient.conf.example ${D}${sysconfdir}/${BPN}/openhpiclient.conf + install -m 0600 ${S}/openhpi.conf.example ${D}${sysconfdir}/${BPN}/openhpi.conf + install -m 0644 ${S}/simulation.data.example ${D}${sysconfdir}/${BPN}/simulation.data + install -m 0644 ${S}/test_agent.data.example ${D}${sysconfdir}/${BPN}/test_agent.data install -m 0755 ${WORKDIR}/openhpi.init ${D}${sysconfdir}/init.d/openhpid install -d ${D}${systemd_unitdir}/system @@ -105,6 +105,9 @@ do_install_ptest () { sed -i "s/^Makefile:/MM:/g" ${x}; done; + install -m 644 ${S}/openhpid/t/ohpi/openhpi.conf ${D}${PTEST_PATH}/openhpid/t/ohpi/ + sed -i "s:OPENHPI_CONF=[^ ]*:OPENHPI_CONF=./openhpi.conf:g" ${D}${PTEST_PATH}/openhpid/t/ohpi/Makefile + mkdir -p ${D}${PTEST_PATH}/plugins/watchdog/ cp -L ${D}/${libdir}/${BPN}/libwatchdog.so ${D}${PTEST_PATH}/plugins/watchdog/ cp -L ${D}/${libdir}/${BPN}/libsimulator.so ${D}${PTEST_PATH}/plugins/watchdog/ diff --git a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf_5.18.09.bb b/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf_5.19.01.bb index f1aedc4de..3e4d33e00 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf_5.18.09.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf_5.19.01.bb @@ -29,8 +29,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/releases/${BPN}-${PV}.tar.gz \ file://0001-Fix-string-overflow-in-snprintf.patch \ file://0008-check-for-size-before-using-strncpy.patch \ " -SRC_URI[md5sum] = "45044fde0b35eac057a5fa05c27b8040" -SRC_URI[sha256sum] = "230a0ea628ba278170a913746c39b2c8cd529d7dc25326b2e17b5c095cf94025" +SRC_URI[md5sum] = "d9f44f778e23cf739085f74c5ff793b1" +SRC_URI[sha256sum] = "5713fbe21c557c9a992af6805bc44521f2cf6cf950ae873036d9a81c73364b60" inherit autotools useradd systemd pkgconfig diff --git a/meta-openembedded/meta-networking/recipes-daemons/postfix/files/linux_5.x.patch b/meta-openembedded/meta-networking/recipes-daemons/postfix/files/linux_5.x.patch deleted file mode 100644 index fbb811c06..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/postfix/files/linux_5.x.patch +++ /dev/null @@ -1,27 +0,0 @@ -Recognise kernel 5.x versioning scheme - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- a/makedefs -+++ b/makedefs -@@ -543,7 +543,7 @@ EOF - : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} - : ${PLUGIN_LD="${CC-gcc} -shared"} - ;; -- Linux.[34].*) SYSTYPE=LINUX$RELEASE_MAJOR -+ Linux.[345].*) SYSTYPE=LINUX$RELEASE_MAJOR - case "$CCARGS" in - *-DNO_DB*) ;; - *-DHAS_DB*) ;; ---- a/src/util/sys_defs.h -+++ b/src/util/sys_defs.h -@@ -749,7 +749,7 @@ extern int initgroups(const char *, int) - /* - * LINUX. - */ --#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) -+#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5) - #define SUPPORTED - #define UINT32_TYPE unsigned int - #define UINT16_TYPE unsigned short diff --git a/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.1.bb b/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.5.bb index 73380d8c6..3ce805553 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.1.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.5.bb @@ -4,9 +4,8 @@ SRC_URI += "file://0001-makedefs-Use-native-compiler-to-build-makedefs.test.patc file://postfix-install.patch \ file://icu-config.patch \ file://0001-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \ - file://linux_5.x.patch \ " -SRC_URI[md5sum] = "d292bb49a1c79ff6d2eb9c5e88c51425" -SRC_URI[sha256sum] = "8c9763f7a8ec70d499257b7f25bb50e1f3da8a4c43e59826ba8a26c4a778d0ce" +SRC_URI[md5sum] = "093109941095390562166de766d4720d" +SRC_URI[sha256sum] = "8b2ba54f9d2a049582a0ed3ee2dbe96ba57e278feea9cb4f80e1a61844e6319f" UPSTREAM_CHECK_REGEX = "postfix\-(?P<pver>3\.3(\.\d+)+).tar.gz" diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-Bug-4843-pt1-ext_edirectory_userip_acl-refactoring-f.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-Bug-4843-pt1-ext_edirectory_userip_acl-refactoring-f.patch deleted file mode 100644 index 001d9e906..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-Bug-4843-pt1-ext_edirectory_userip_acl-refactoring-f.patch +++ /dev/null @@ -1,506 +0,0 @@ -From 01a44c96dbd04936e9cb2501745a834a0b09d504 Mon Sep 17 00:00:00 2001 -From: Amos Jeffries <yadij@users.noreply.github.com> -Date: Sun, 13 May 2018 06:57:41 +0000 -Subject: [PATCH] Bug 4843 pt1: ext_edirectory_userip_acl refactoring for GCC-8 - (#204) - -Proposed changes to this helper to fix strcat / strncat buffer -overread / overflow issues. - -The approach takes three parts: - -* adds a makeHexString function to replace many for-loops - catenating bits of strings together with hex conversion into a - second buffer. Replacing with a snprintf() and buffer overflow - handling. - -* a copy of Ip::Address::lookupHostIp to convert the input - string into IP address binary format, then generate the hex - string using the above new hex function instead of looped - sub-string concatenations across several buffers. - This removes all the "00" and "0000" strncat() calls and - allows far simpler code even with added buffer overflow - handling. - -* replace multiple string part concatenations with a few simpler - calls to snprintf() for all the search_ip buffer constructions. - Adding buffer overflow handling as needed for the new calls. ---- -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Upstream-Status: Backport - - .../ext_edirectory_userip_acl.cc | 376 ++++++------------ - 1 file changed, 120 insertions(+), 256 deletions(-) - -diff --git a/helpers/external_acl/eDirectory_userip/ext_edirectory_userip_acl.cc b/helpers/external_acl/eDirectory_userip/ext_edirectory_userip_acl.cc -index 63609e4..ad16bfd 100644 ---- a/helpers/external_acl/eDirectory_userip/ext_edirectory_userip_acl.cc -+++ b/helpers/external_acl/eDirectory_userip/ext_edirectory_userip_acl.cc -@@ -67,6 +67,9 @@ - #ifdef HAVE_LDAP_H - #include <ldap.h> - #endif -+#ifdef HAVE_NETDB_H -+#include <netdb.h> -+#endif - - #ifdef HELPER_INPUT_BUFFER - #define EDUI_MAXLEN HELPER_INPUT_BUFFER -@@ -714,11 +717,14 @@ BindLDAP(edui_ldap_t *l, char *dn, char *pw, unsigned int t) - - /* Copy details - dn and pw CAN be NULL for anonymous and/or TLS */ - if (dn != NULL) { -+ if (strlen(dn) >= sizeof(l->dn)) -+ return LDAP_ERR_OOB; /* DN too large */ -+ - if ((l->basedn[0] != '\0') && (strstr(dn, l->basedn) == NULL)) { - /* We got a basedn, but it's not part of dn */ -- xstrncpy(l->dn, dn, sizeof(l->dn)); -- strncat(l->dn, ",", 1); -- strncat(l->dn, l->basedn, strlen(l->basedn)); -+ const int x = snprintf(l->dn, sizeof(l->dn)-1, "%s,%s", dn, l->basedn); -+ if (x < 0 || static_cast<size_t>(x) >= sizeof(l->dn)) -+ return LDAP_ERR_OOB; /* DN too large */ - } else - xstrncpy(l->dn, dn, sizeof(l->dn)); - } -@@ -778,24 +784,73 @@ BindLDAP(edui_ldap_t *l, char *dn, char *pw, unsigned int t) - } - } - -+// XXX: duplicate (partial) of Ip::Address::lookupHostIp -+/** -+ * Convert the IP address string representation in src to -+ * its binary representation. -+ * -+ * \return binary representation of the src IP address. -+ * Must be free'd using freeaddrinfo(). -+ */ -+static struct addrinfo * -+makeIpBinary(const char *src) -+{ -+ struct addrinfo want; -+ memset(&want, 0, sizeof(want)); -+ want.ai_flags = AI_NUMERICHOST; // prevent actual DNS lookups! -+ -+ struct addrinfo *dst = nullptr; -+ if (getaddrinfo(src, nullptr, &want, &dst) != 0) { -+ // not an IP address -+ /* free any memory getaddrinfo() dynamically allocated. */ -+ if (dst) -+ freeaddrinfo(dst); -+ return nullptr; -+ } -+ -+ return dst; -+} -+ -+/** -+ * Convert srcLen bytes from src into HEX and store into dst, which -+ * has a maximum content size of dstSize including c-string terminator. -+ * The dst value produced will be a 0-terminated c-string. -+ * -+ * \retval N length of dst written (excluding c-string terminator) -+ * \retval -11 (LDAP_ERR_OOB) buffer overflow detected -+ */ -+static int -+makeHexString(char *dst, const int dstSize, const char *src, const int srcLen) -+{ -+ // HEX encoding doubles the amount of bytes/octets copied -+ if ((srcLen*2) >= dstSize) -+ return LDAP_ERR_OOB; // cannot copy that many -+ -+ *dst = 0; -+ -+ for (int k = 0; k < srcLen; ++k) { -+ int c = static_cast<int>(src[k]); -+ if (c < 0) -+ c = c + 256; -+ char hexc[4]; -+ const int hlen = snprintf(hexc, sizeof(hexc), "%02X", c); -+ if (hlen < 0 || static_cast<size_t>(hlen) > sizeof(hexc)) // should be impossible -+ return LDAP_ERR_OOB; -+ strcat(dst, hexc); -+ } -+ return strlen(dst); -+} -+ - /* - * ConvertIP() - <edui_ldap_t> <ip> - * - * Take an IPv4 address in dot-decimal or IPv6 notation, and convert to 2-digit HEX stored in l->search_ip - * This is the networkAddress that we search LDAP for. -- * -- * PENDING -- CHANGE OVER TO inet*_pton, but inet6_pton does not provide the correct syntax -- * - */ - static int - ConvertIP(edui_ldap_t *l, char *ip) - { -- char bufa[EDUI_MAXLEN], bufb[EDUI_MAXLEN], obj[EDUI_MAXLEN]; -- char hexc[4], *p; - void *y, *z; -- size_t s; -- long x; -- int i, j, t, swi; /* IPv6 "::" cut over toggle */ - if (l == NULL) return LDAP_ERR_NULL; - if (ip == NULL) return LDAP_ERR_PARAM; - if (!(l->status & LDAP_INIT_S)) return LDAP_ERR_INIT; /* Not initalized */ -@@ -831,183 +886,22 @@ ConvertIP(edui_ldap_t *l, char *ip) - l->status |= (LDAP_IPV4_S); - z = NULL; - } -- s = strlen(ip); -- *(bufa) = '\0'; -- *(bufb) = '\0'; -- *(obj) = '\0'; -- /* StringSplit() will zero out bufa & obj at each call */ -- memset(l->search_ip, '\0', sizeof(l->search_ip)); -- xstrncpy(bufa, ip, sizeof(bufa)); /* To avoid segfaults, use bufa instead of ip */ -- swi = 0; -- if (l->status & LDAP_IPV6_S) { -- /* Search for :: in string */ -- if ((bufa[0] == ':') && (bufa[1] == ':')) { -- /* bufa starts with a ::, so just copy and clear */ -- xstrncpy(bufb, bufa, sizeof(bufb)); -- *(bufa) = '\0'; -- ++swi; /* Indicates that there is a bufb */ -- } else if ((bufa[0] == ':') && (bufa[1] != ':')) { -- /* bufa starts with a :, a typo so just fill in a ':', cat and clear */ -- bufb[0] = ':'; -- strncat(bufb, bufa, strlen(bufa)); -- *(bufa) = '\0'; -- ++swi; /* Indicates that there is a bufb */ -- } else { -- p = strstr(bufa, "::"); -- if (p != NULL) { -- /* Found it, break bufa down and split into bufb here */ -- *(bufb) = '\0'; -- i = strlen(p); -- memcpy(bufb, p, i); -- *p = '\0'; -- bufb[i] = '\0'; -- ++swi; /* Indicates that there is a bufb */ -- } -- } -- } -- s = strlen(bufa); -- if (s < 1) -- s = strlen(bufb); -- while (s > 0) { -- if ((l->status & LDAP_IPV4_S) && (swi == 0)) { -- /* Break down IPv4 address */ -- t = StringSplit(bufa, '.', obj, sizeof(obj)); -- if (t > 0) { -- errno = 0; -- x = strtol(obj, (char **)NULL, 10); -- if (((x < 0) || (x > 255)) || ((errno != 0) && (x == 0)) || ((obj[0] != '0') && (x == 0))) -- return LDAP_ERR_OOB; /* Out of bounds -- Invalid address */ -- memset(hexc, '\0', sizeof(hexc)); -- int hlen = snprintf(hexc, sizeof(hexc), "%02X", (int)x); -- strncat(l->search_ip, hexc, hlen); -- } else -- break; /* reached end of octet */ -- } else if (l->status & LDAP_IPV6_S) { -- /* Break down IPv6 address */ -- if (swi > 1) -- t = StringSplit(bufb, ':', obj, sizeof(obj)); /* After "::" */ -- else -- t = StringSplit(bufa, ':', obj, sizeof(obj)); /* Before "::" */ -- /* Convert octet by size (t) - and fill 0's */ -- switch (t) { /* IPv6 is already in HEX, copy contents */ -- case 4: -- hexc[0] = (char) toupper((int)obj[0]); -- i = (int)hexc[0]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[1] = (char) toupper((int)obj[1]); -- i = (int)hexc[1]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[2] = '\0'; -- strncat(l->search_ip, hexc, 2); -- hexc[0] = (char) toupper((int)obj[2]); -- i = (int)hexc[0]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[1] = (char) toupper((int)obj[3]); -- i = (int)hexc[1]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[2] = '\0'; -- strncat(l->search_ip, hexc, 2); -- break; -- case 3: -- hexc[0] = '0'; -- hexc[1] = (char) toupper((int)obj[0]); -- i = (int)hexc[1]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[2] = '\0'; -- strncat(l->search_ip, hexc, 2); -- hexc[0] = (char) toupper((int)obj[1]); -- i = (int)hexc[0]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[1] = (char) toupper((int)obj[2]); -- i = (int)hexc[1]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[2] = '\0'; -- strncat(l->search_ip, hexc, 2); -- break; -- case 2: -- strncat(l->search_ip, "00", 2); -- hexc[0] = (char) toupper((int)obj[0]); -- i = (int)hexc[0]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[1] = (char) toupper((int)obj[1]); -- i = (int)hexc[1]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[2] = '\0'; -- strncat(l->search_ip, hexc, 2); -- break; -- case 1: -- strncat(l->search_ip, "00", 2); -- hexc[0] = '0'; -- hexc[1] = (char) toupper((int)obj[0]); -- i = (int)hexc[1]; -- if (!isxdigit(i)) -- return LDAP_ERR_OOB; /* Out of bounds */ -- hexc[2] = '\0'; -- strncat(l->search_ip, hexc, 2); -- break; -- default: -- if (t > 4) -- return LDAP_ERR_OOB; -- break; -- } -- /* Code to pad the address with 0's between a '::' */ -- if ((strlen(bufa) == 0) && (swi == 1)) { -- /* We are *AT* the split, pad in some 0000 */ -- t = strlen(bufb); -- /* How many ':' exist in bufb ? */ -- j = 0; -- for (i = 0; i < t; ++i) { -- if (bufb[i] == ':') -- ++j; -- } -- --j; /* Preceding "::" doesn't count */ -- t = 8 - (strlen(l->search_ip) / 4) - j; /* Remainder */ -- if (t > 0) { -- for (i = 0; i < t; ++i) -- strncat(l->search_ip, "0000", 4); -- } -- } -- } -- if ((bufa[0] == '\0') && (swi > 0)) { -- s = strlen(bufb); -- ++swi; -- } else -- s = strlen(bufa); -- } -- s = strlen(l->search_ip); - -- /* CHECK sizes of address, truncate or pad */ -- /* if "::" is at end of ip, then pad another block or two */ -- while ((l->status & LDAP_IPV6_S) && (s < 32)) { -- strncat(l->search_ip, "0000", 4); -- s = strlen(l->search_ip); -- } -- if ((l->status & LDAP_IPV6_S) && (s > 32)) { -- /* Too long, truncate */ -- l->search_ip[32] = '\0'; -- s = strlen(l->search_ip); -- } -- /* If at end of ip, and its not long enough, then pad another block or two */ -- while ((l->status & LDAP_IPV4_S) && (s < 8)) { -- strncat(l->search_ip, "00", 2); -- s = strlen(l->search_ip); -- } -- if ((l->status & LDAP_IPV4_S) && (s > 8)) { -- /* Too long, truncate */ -- l->search_ip[8] = '\0'; -- s = strlen(l->search_ip); -+ size_t s = LDAP_ERR_INVALID; -+ if (struct addrinfo *dst = makeIpBinary(ip)) { -+ if (dst->ai_family == AF_INET6) { -+ struct sockaddr_in6 *sia = reinterpret_cast<struct sockaddr_in6 *>(dst->ai_addr); -+ const char *ia = reinterpret_cast<const char *>(sia->sin6_addr.s6_addr); -+ s = makeHexString(l->search_ip, sizeof(l->search_ip), ia, 16); // IPv6 = 16-byte address -+ -+ } else if (dst->ai_family == AF_INET) { -+ struct sockaddr_in *sia = reinterpret_cast<struct sockaddr_in *>(dst->ai_addr); -+ const char *ia = reinterpret_cast<const char *>(&(sia->sin_addr)); -+ s = makeHexString(l->search_ip, sizeof(l->search_ip), ia, 4); // IPv4 = 4-byte address -+ } // else leave s with LDAP_ERR_INVALID value -+ freeaddrinfo(dst); - } - -- /* Completed, s is length of address in HEX */ - return s; - } - -@@ -1099,48 +993,42 @@ SearchFilterLDAP(edui_ldap_t *l, char *group) - } - if (group == NULL) { - /* No groupMembership= to add, yay! */ -- xstrncpy(bufa, "(&", sizeof(bufa)); -- strncat(bufa, edui_conf.search_filter, strlen(edui_conf.search_filter)); - /* networkAddress */ -- snprintf(bufb, sizeof(bufb), "(|(networkAddress=1\\23%s)", bufc); - if (l->status & LDAP_IPV4_S) { -- int ln = snprintf(bufd, sizeof(bufd), "(networkAddress=8\\23\\00\\00%s)(networkAddress=9\\23\\00\\00%s))", \ -- bufc, bufc); -- strncat(bufb, bufd, ln); -+ const int ln = snprintf(bufd, sizeof(bufd), "(networkAddress=8\\23\\00\\00%s)(networkAddress=9\\23\\00\\00%s)", bufc, bufc); -+ if (ln < 0 || static_cast<size_t>(ln) >= sizeof(bufd)) -+ return LDAP_ERR_OOB; -+ - } else if (l->status & LDAP_IPV6_S) { -- int ln = snprintf(bufd, sizeof(bufd), "(networkAddress=10\\23\\00\\00%s)(networkAddress=11\\23\\00\\00%s))", \ -- bufc, bufc); -- strncat(bufb, bufd, ln); -- } else -- strncat(bufb, ")", 1); -- strncat(bufa, bufb, strlen(bufb)); -- strncat(bufa, ")", 1); -+ const int ln = snprintf(bufd, sizeof(bufd), "(networkAddress=10\\23\\00\\00%s)(networkAddress=11\\23\\00\\00%s)", bufc, bufc); -+ if (ln < 0 || static_cast<size_t>(ln) >= sizeof(bufd)) -+ return LDAP_ERR_OOB; -+ } -+ const int x = snprintf(bufa, sizeof(bufa), "(&%s(|(networkAddress=1\\23%s)%s))", edui_conf.search_filter, bufc, bufd); -+ if (x < 0 || static_cast<size_t>(x) >= sizeof(bufa)) -+ return LDAP_ERR_OOB; -+ - } else { - /* Needs groupMembership= to add... */ -- xstrncpy(bufa, "(&(&", sizeof(bufa)); -- strncat(bufa, edui_conf.search_filter, strlen(edui_conf.search_filter)); - /* groupMembership -- NOTE: Squid *MUST* provide "cn=" from squid.conf */ -- snprintf(bufg, sizeof(bufg), "(groupMembership=%s", group); - if ((l->basedn[0] != '\0') && (strstr(group, l->basedn) == NULL)) { -- strncat(bufg, ",", 1); -- strncat(bufg, l->basedn, strlen(l->basedn)); -+ const int ln = snprintf(bufg, sizeof(bufg), ",%s", l->basedn); -+ if (ln < 0 || static_cast<size_t>(ln) >= sizeof(bufd)) -+ return LDAP_ERR_OOB; - } -- strncat(bufg, ")", 1); -- strncat(bufa, bufg, strlen(bufg)); - /* networkAddress */ -- snprintf(bufb, sizeof(bufb), "(|(networkAddress=1\\23%s)", bufc); - if (l->status & LDAP_IPV4_S) { -- int ln = snprintf(bufd, sizeof(bufd), "(networkAddress=8\\23\\00\\00%s)(networkAddress=9\\23\\00\\00%s))", \ -- bufc, bufc); -- strncat(bufb, bufd, ln); -+ const int ln = snprintf(bufd, sizeof(bufd), "(networkAddress=8\\23\\00\\00%s)(networkAddress=9\\23\\00\\00%s)", bufc, bufc); -+ if (ln < 0 || static_cast<size_t>(ln) >= sizeof(bufd)) -+ return LDAP_ERR_OOB; - } else if (l->status & LDAP_IPV6_S) { -- int ln = snprintf(bufd, sizeof(bufd), "(networkAddress=10\\23\\00\\00%s)(networkAddress=11\\23\\00\\00%s))", \ -- bufc, bufc); -- strncat(bufb, bufd, ln); -- } else -- strncat(bufb, ")", 1); -- strncat(bufa, bufb, strlen(bufb)); -- strncat(bufa, "))", 2); -+ const int ln = snprintf(bufd, sizeof(bufd), "(networkAddress=10\\23\\00\\00%s)(networkAddress=11\\23\\00\\00%s)", bufc, bufc); -+ if (ln < 0 || static_cast<size_t>(ln) >= sizeof(bufd)) -+ return LDAP_ERR_OOB; -+ } -+ const int x = snprintf(bufa, sizeof(bufa), "(&(&%s(groupMembership=%s%s)(|(networkAddress=1\\23%s)%s)))", edui_conf.search_filter, group, bufg, bufc, bufd); -+ if (x < 0 || static_cast<size_t>(x) >= sizeof(bufa)) -+ return LDAP_ERR_OOB; - } - s = strlen(bufa); - xstrncpy(l->search_filter, bufa, sizeof(l->search_filter)); -@@ -1212,10 +1100,10 @@ static int - SearchIPLDAP(edui_ldap_t *l) - { - ber_len_t i, x; -- ber_len_t j, k; -- ber_len_t y, z; -- int c; -- char bufa[EDUI_MAXLEN], bufb[EDUI_MAXLEN], hexc[4]; -+ ber_len_t j; -+ ber_len_t z; -+ char bufa[EDUI_MAXLEN]; -+ char bufb[EDUI_MAXLEN]; - LDAPMessage *ent; - if (l == NULL) return LDAP_ERR_NULL; - if (l->lp == NULL) return LDAP_ERR_POINTER; -@@ -1273,19 +1161,11 @@ SearchIPLDAP(edui_ldap_t *l) - /* bufa is the address, just compare it */ - if (!(l->status & LDAP_IPV4_S) || (l->status & LDAP_IPV6_S)) - break; /* Not looking for IPv4 */ -- for (k = 0; k < z; ++k) { -- c = (int) bufa[k]; -- if (c < 0) -- c = c + 256; -- int hlen = snprintf(hexc, sizeof(hexc), "%02X", c); -- if (k == 0) -- xstrncpy(bufb, hexc, sizeof(bufb)); -- else -- strncat(bufb, hexc, hlen); -- } -- y = strlen(bufb); -+ const int blen = makeHexString(bufb, sizeof(bufb), bufa, z); -+ if (blen < 0) -+ return blen; - /* Compare value with IP */ -- if (memcmp(l->search_ip, bufb, y) == 0) { -+ if (memcmp(l->search_ip, bufb, blen) == 0) { - /* We got a match! - Scan 'ber' for 'cn' values */ - z = ldap_count_values_len(ber); - for (j = 0; j < z; ++j) { -@@ -1308,19 +1188,11 @@ SearchIPLDAP(edui_ldap_t *l) - /* bufa + 2 is the address (skip 2 digit port) */ - if (!(l->status & LDAP_IPV4_S) || (l->status & LDAP_IPV6_S)) - break; /* Not looking for IPv4 */ -- for (k = 2; k < z; ++k) { -- c = (int) bufa[k]; -- if (c < 0) -- c = c + 256; -- int hlen = snprintf(hexc, sizeof(hexc), "%02X", c); -- if (k == 2) -- xstrncpy(bufb, hexc, sizeof(bufb)); -- else -- strncat(bufb, hexc, hlen); -- } -- y = strlen(bufb); -+ const int blen = makeHexString(bufb, sizeof(bufb), &bufa[2], z); -+ if (blen < 0) -+ return blen; - /* Compare value with IP */ -- if (memcmp(l->search_ip, bufb, y) == 0) { -+ if (memcmp(l->search_ip, bufb, blen) == 0) { - /* We got a match! - Scan 'ber' for 'cn' values */ - z = ldap_count_values_len(ber); - for (j = 0; j < z; ++j) { -@@ -1343,19 +1215,11 @@ SearchIPLDAP(edui_ldap_t *l) - /* bufa + 2 is the address (skip 2 digit port) */ - if (!(l->status & LDAP_IPV6_S)) - break; /* Not looking for IPv6 */ -- for (k = 2; k < z; ++k) { -- c = (int) bufa[k]; -- if (c < 0) -- c = c + 256; -- int hlen = snprintf(hexc, sizeof(hexc), "%02X", c); -- if (k == 2) -- xstrncpy(bufb, hexc, sizeof(bufb)); -- else -- strncat(bufb, hexc, hlen); -- } -- y = strlen(bufb); -+ const int blen = makeHexString(bufb, sizeof(bufb), &bufa[2], z); -+ if (blen < 0) -+ return blen; - /* Compare value with IP */ -- if (memcmp(l->search_ip, bufb, y) == 0) { -+ if (memcmp(l->search_ip, bufb, blen) == 0) { - /* We got a match! - Scan 'ber' for 'cn' values */ - z = ldap_count_values_len(ber); - for (j = 0; j < z; ++j) { diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-splay.cc-fix-bind-is-not-a-member-of-std.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-splay.cc-fix-bind-is-not-a-member-of-std.patch new file mode 100644 index 000000000..fbbad1597 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-splay.cc-fix-bind-is-not-a-member-of-std.patch @@ -0,0 +1,31 @@ +From 1def5b4278d97f197520d23c1dce52f93a1b2f46 Mon Sep 17 00:00:00 2001 +From: Andrej Valek <andrej.valek@siemens.com> +Date: Tue, 9 Apr 2019 09:40:30 +0200 +Subject: [PATCH] splay.cc: fix bind is not a member of std + +fix +| ../../squid-4.6/test-suite/splay.cc:134:28: error: 'bind' is not a member of 'std' +| auto nextRandom = std::bind (distribution, generator); +| ^~~~ +| ../../squid-4.6/test-suite/splay.cc:134:28: note: 'std::bind' is defined in header '<functional>'; did you forget to '#include <functional>'? + +Signed-off-by: Andrej Valek <andrej.valek@siemens.com> +--- + test-suite/splay.cc | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/test-suite/splay.cc b/test-suite/splay.cc +index f71b337..4e21adc 100644 +--- a/test-suite/splay.cc ++++ b/test-suite/splay.cc +@@ -20,6 +20,7 @@ + #include <unistd.h> + #endif + #include <random> ++#include <functional> + + class intnode + { +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-tools.cc-fixed-unused-result-warning.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-tools.cc-fixed-unused-result-warning.patch index 8ea55d0e1..f267875ed 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-tools.cc-fixed-unused-result-warning.patch +++ b/meta-openembedded/meta-networking/recipes-daemons/squid/files/0001-tools.cc-fixed-unused-result-warning.patch @@ -1,4 +1,4 @@ -From faaa796a138cbd5033b1e53f33faac0cf4162bf5 Mon Sep 17 00:00:00 2001 +From 86dae8010310d13bd2a2beb006b4085d06ae1556 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Sun, 25 Jun 2017 00:59:24 -0700 Subject: [PATCH] tools.cc: fixed unused-result warning @@ -12,21 +12,23 @@ fix Signed-off-by: Khem Raj <raj.khem@gmail.com> --- - src/tools.cc | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) + src/tools.cc | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/tools.cc b/src/tools.cc -index 8137a03..843e266 100644 +index 5829574..19f0836 100644 --- a/src/tools.cc +++ b/src/tools.cc -@@ -612,8 +612,8 @@ enter_suid(void) - if (setresuid((uid_t)-1, 0, (uid_t)-1) < 0) - debugs (21, 3, "enter_suid: setresuid failed: " << xstrerror ()); +@@ -581,8 +581,10 @@ enter_suid(void) + debugs (21, 3, "enter_suid: setresuid failed: " << xstrerr(xerrno)); + } #else - - setuid(0); -+ if (setuid(0) < 0) -+ debugs(50, DBG_IMPORTANT, "WARNING: no_suid: setuid(0): " << xstrerror()); ++ if (setuid(0) < 0) { ++ const auto xerrno = errno; ++ debugs(50, DBG_IMPORTANT, "WARNING: no_suid: setuid(0): " << xstrerr(xerrno)); ++ } #endif #if HAVE_PRCTL && defined(PR_SET_DUMPABLE) /* Set Linux DUMPABLE flag */ diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch deleted file mode 100644 index c8f0c47bd..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch +++ /dev/null @@ -1,39 +0,0 @@ -From a6b1e0fd14311587186e40d09bff5c8c3aada2e4 Mon Sep 17 00:00:00 2001 -From: Amos Jeffries <squid3@treenet.co.nz> -Date: Sat, 25 Jul 2015 05:53:16 -0700 -Subject: [PATCH] smblib: fix buffer over-read - -When parsing SMB LanManager packets with invalid protocol ID and the -default set of Squid supported protocols. It may access memory outside -the buffer storing protocol names. - -smblib is only used by already deprecated helpers which are deprecated -due to far more significant NTLM protocol issues. It will also only -result in packets being rejected later with invalid protocol names. So -this is a minor bug rather than a vulnerability. - - Detected by Coverity Scan. Issue 1256165 ---- -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Upstream-Status: Backport - - lib/smblib/smblib-util.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/lib/smblib/smblib-util.c b/lib/smblib/smblib-util.c -index 6139ae2..e722cbb 100644 ---- a/lib/smblib/smblib-util.c -+++ b/lib/smblib/smblib-util.c -@@ -204,7 +204,11 @@ int SMB_Figure_Protocol(const char *dialects[], int prot_index) - { - int i; - -- if (dialects == SMB_Prots) { /* The jobs is easy, just index into table */ -+ // prot_index may be a value outside the table SMB_Types[] -+ // which holds data at offsets 0 to 11 -+ int ourType = (prot_index < 0 || prot_index > 11); -+ -+ if (ourType && dialects == SMB_Prots) { /* The jobs is easy, just index into table */ - - return(SMB_Types[prot_index]); - } else { /* Search through SMB_Prots looking for a match */ diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/Fix-flawed-dynamic-ldb-link-test-in-configure.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/Fix-flawed-dynamic-ldb-link-test-in-configure.patch index 25f68aff8..1516bb014 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/squid/files/Fix-flawed-dynamic-ldb-link-test-in-configure.patch +++ b/meta-openembedded/meta-networking/recipes-daemons/squid/files/Fix-flawed-dynamic-ldb-link-test-in-configure.patch @@ -1,4 +1,4 @@ -From b4943594654cd340b95aabdc2f3750a4705cc0de Mon Sep 17 00:00:00 2001 +From b73b802282bf95d214c86ba943c5765ba6930bc1 Mon Sep 17 00:00:00 2001 From: Jim Somerville <Jim.Somerville@windriver.com> Date: Mon, 21 Oct 2013 12:50:44 -0400 Subject: [PATCH] Fix flawed dynamic -ldb link test in configure @@ -12,19 +12,17 @@ about why and setting the need for -ldb incorrectly. Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com> --- - configure.ac | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) + configure.ac | 10 ++++++++++ + 1 file changed, 10 insertions(+) diff --git a/configure.ac b/configure.ac -index 57cd1ac..3827222 100644 +index d2f7feb..c7ae568 100644 --- a/configure.ac +++ b/configure.ac -@@ -3229,8 +3229,16 @@ AC_CHECK_DECL(dbopen,,,[ - #include <db.h> - #endif]) +@@ -3235,6 +3235,16 @@ case "$host" in + ;; + esac --dnl 1.85 --SQUID_CHECK_DBOPEN_NEEDS_LIBDB +if test "x$ac_cv_have_decl_dbopen" = "xyes"; then + dnl 1.85 + SQUID_CHECK_DBOPEN_NEEDS_LIBDB @@ -35,6 +33,6 @@ index 57cd1ac..3827222 100644 + # dynamic compile/link test. + ac_cv_dbopen_libdb="yes" +fi - if test "x$ac_cv_dbopen_libdb" = "xyes"; then - LIB_DB="-ldb" - fi + dnl System-specific library modifications + dnl + case "$host" in diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/Skip-AC_RUN_IFELSE-tests.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/Skip-AC_RUN_IFELSE-tests.patch index 6a3352548..dd83b62e6 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/squid/files/Skip-AC_RUN_IFELSE-tests.patch +++ b/meta-openembedded/meta-networking/recipes-daemons/squid/files/Skip-AC_RUN_IFELSE-tests.patch @@ -1,4 +1,4 @@ -From a85311965707ba2fa78f7ce044e6f61e65e66fd0 Mon Sep 17 00:00:00 2001 +From e4778299a3e49a634d2c7fe4fd9ac77777e829e3 Mon Sep 17 00:00:00 2001 From: Jim Somerville <Jim.Somerville@windriver.com> Date: Tue, 14 Oct 2014 02:56:08 -0400 Subject: [PATCH] Skip AC_RUN_IFELSE tests @@ -17,7 +17,7 @@ Signed-off-by: Jackie Huang <jackie.huang@windriver.com> 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/acinclude/krb5.m4 b/acinclude/krb5.m4 -index 5c83d88..c264118 100644 +index ad0ba60..4477446 100644 --- a/acinclude/krb5.m4 +++ b/acinclude/krb5.m4 @@ -61,7 +61,15 @@ main(void) @@ -38,10 +38,10 @@ index 5c83d88..c264118 100644 ]) ]) dnl SQUID_CHECK_KRB5_HEIMDAL_BROKEN_KRB5_H diff --git a/acinclude/lib-checks.m4 b/acinclude/lib-checks.m4 -index c4874da..ba72982 100644 +index 7624b56..b449c5a 100644 --- a/acinclude/lib-checks.m4 +++ b/acinclude/lib-checks.m4 -@@ -177,7 +177,9 @@ AC_DEFUN([SQUID_CHECK_OPENSSL_CONST_SSL_METHOD],[ +@@ -217,7 +217,9 @@ AC_DEFUN([SQUID_CHECK_OPENSSL_CONST_SSL_METHOD],[ [ AC_MSG_RESULT([no]) ], @@ -51,8 +51,8 @@ index c4874da..ba72982 100644 + ]) SQUID_STATE_ROLLBACK(check_const_SSL_METHOD) - ] -@@ -265,7 +267,9 @@ AC_DEFUN([SQUID_CHECK_OPENSSL_TXTDB],[ + ]) +@@ -377,7 +379,9 @@ AC_DEFUN([SQUID_CHECK_OPENSSL_TXTDB],[ AC_MSG_RESULT([yes]) AC_DEFINE(SQUID_USE_SSLLHASH_HACK, 1) ], diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/set_sysroot_patch.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/set_sysroot_patch.patch index e990480a6..124e04490 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/squid/files/set_sysroot_patch.patch +++ b/meta-openembedded/meta-networking/recipes-daemons/squid/files/set_sysroot_patch.patch @@ -17,25 +17,25 @@ diff --git a/configure.ac b/configure.ac index 504a844..ff4688c 100644 --- a/configure.ac +++ b/configure.ac -@@ -974,15 +974,15 @@ if test "x$squid_opt_use_esi" = "xyes" -a "x$with_libxml2" != "xno" ; then - dnl Find the main header and include path... - AC_CACHE_CHECK([location of libxml2 include files], [ac_cv_libxml2_include], [ - AC_CHECK_HEADERS([libxml/parser.h], [], [ -- AC_MSG_NOTICE([Testing in /usr/include/libxml2]) -+ AC_MSG_NOTICE([Testing in $SYSROOT/usr/include/libxml2]) - SAVED_CPPFLAGS="$CPPFLAGS" -- CPPFLAGS="-I/usr/include/libxml2 $CPPFLAGS" -+ CPPFLAGS="-I$SYSROOT/usr/include/libxml2 $CPPFLAGS" - unset ac_cv_header_libxml_parser_h -- AC_CHECK_HEADERS([libxml/parser.h], [ac_cv_libxml2_include="-I/usr/include/libxml2"], [ -- AC_MSG_NOTICE([Testing in /usr/local/include/libxml2]) -- CPPFLAGS="-I/usr/local/include/libxml2 $SAVED_CPPFLAGS" -+ AC_CHECK_HEADERS([libxml/parser.h], [ac_cv_libxml2_include="-I$SYSROOT/usr/include/libxml2"], [ -+ AC_MSG_NOTICE([Testing in $SYSROOT/usr/local/include/libxml2]) -+ CPPFLAGS="-I$SYSROOT/usr/local/include/libxml2 $SAVED_CPPFLAGS" +@@ -931,15 +931,15 @@ if test "x$squid_opt_use_esi" = "xyes" -a "x$with_libxml2" != "xno" ; then + dnl Find the main header and include path... + AC_CACHE_CHECK([location of libxml2 include files], [ac_cv_libxml2_include], [ + AC_CHECK_HEADERS([libxml/parser.h], [], [ +- AC_MSG_NOTICE([Testing in /usr/include/libxml2]) ++ AC_MSG_NOTICE([Testing in $SYSROOT/usr/include/libxml2]) + SAVED_CPPFLAGS="$CPPFLAGS" +- CPPFLAGS="-I/usr/include/libxml2 $CPPFLAGS" ++ CPPFLAGS="-I$SYSROOT/usr/include/libxml2 $CPPFLAGS" unset ac_cv_header_libxml_parser_h -- AC_CHECK_HEADERS([libxml/parser.h], [ac_cv_libxml2_include="-I/usr/local/include/libxml2"], [ -+ AC_CHECK_HEADERS([libxml/parser.h], [ac_cv_libxml2_include="-I$SYSROOT/usr/local/include/libxml2"], [ - AC_MSG_NOTICE([Failed to find libxml2 header file libxml/parser.h]) +- AC_CHECK_HEADERS([libxml/parser.h], [LIBXML2_CFLAGS="$LIBXML2_CFLAGS -I/usr/include/libxml2"], [ +- AC_MSG_NOTICE([Testing in /usr/local/include/libxml2]) +- CPPFLAGS="-I/usr/local/include/libxml2 $SAVED_CPPFLAGS" ++ AC_CHECK_HEADERS([libxml/parser.h], [LIBXML2_CFLAGS="$LIBXML2_CFLAGS -I$SYSROOT/usr/include/libxml2"], [ ++ AC_MSG_NOTICE([Testing in $SYSROOT/usr/local/include/libxml2]) ++ CPPFLAGS="-I$SYSROOT/usr/local/include/libxml2 $SAVED_CPPFLAGS" + unset ac_cv_header_libxml_parser_h +- AC_CHECK_HEADERS([libxml/parser.h], [LIBXML2_CFLAGS="$LIBXML2_CFLAGS -I/usr/local/include/libxml2"], [ ++ AC_CHECK_HEADERS([libxml/parser.h], [LIBXML2_CFLAGS="$LIBXML2_CFLAGS -I$SYSROOT/usr/local/include/libxml2"], [ + AC_MSG_NOTICE([Failed to find libxml2 header file libxml/parser.h]) + ]) ]) - ]) diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/squid-use-serial-tests-config-needed-by-ptest.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/squid-use-serial-tests-config-needed-by-ptest.patch index 9c75f17e7..732cf17f7 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/squid/files/squid-use-serial-tests-config-needed-by-ptest.patch +++ b/meta-openembedded/meta-networking/recipes-daemons/squid/files/squid-use-serial-tests-config-needed-by-ptest.patch @@ -1,4 +1,4 @@ -From 9bcec221a2bb438d8a9ed59aed846ffe3be9cffa Mon Sep 17 00:00:00 2001 +From 3d881c112bba765731d581194aae95651819b715 Mon Sep 17 00:00:00 2001 From: Jackie Huang <jackie.huang@windriver.com> Date: Tue, 19 Jul 2016 01:56:23 -0400 Subject: [PATCH] squid: use serial-tests config needed by ptest @@ -15,15 +15,15 @@ Signed-off-by: Jackie Huang <jackie.huang@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 3827222..504a844 100644 +index c7ae568..5e1454e 100644 --- a/configure.ac +++ b/configure.ac @@ -10,7 +10,7 @@ AC_PREREQ(2.61) AC_CONFIG_HEADERS([include/autoconf.h]) AC_CONFIG_AUX_DIR(cfgaux) AC_CONFIG_SRCDIR([src/main.cc]) --AM_INIT_AUTOMAKE([tar-ustar nostdinc subdir-objects]) -+AM_INIT_AUTOMAKE([tar-ustar nostdinc subdir-objects serial-tests]) +-AM_INIT_AUTOMAKE([tar-ustar nostdinc subdir-objects dist-xz]) ++AM_INIT_AUTOMAKE([tar-ustar nostdinc subdir-objects dist-xz serial-tests]) AC_REVISION($Revision$)dnl AC_PREFIX_DEFAULT(/usr/local/squid) AM_MAINTAINER_MODE diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/squid_3.5.28.bb b/meta-openembedded/meta-networking/recipes-daemons/squid/squid_4.6.bb index e33c1b7cc..ca4927dda 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/squid/squid_3.5.28.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/squid/squid_4.6.bb @@ -12,7 +12,7 @@ LICENSE = "GPLv2+" MAJ_VER = "${@oe.utils.trim_version("${PV}", 1)}" MIN_VER = "${@oe.utils.trim_version("${PV}", 2)}" -SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${MIN_VER}/${BPN}-${PV}.tar.bz2 \ +SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2 \ file://Set-up-for-cross-compilation.patch \ file://Skip-AC_RUN_IFELSE-tests.patch \ file://Fix-flawed-dynamic-ldb-link-test-in-configure.patch \ @@ -23,34 +23,34 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${MIN_VER}/${BPN}-${P file://squid-don-t-do-squid-conf-tests-at-build-time.patch \ file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch \ file://0001-tools.cc-fixed-unused-result-warning.patch \ - file://0001-Bug-4843-pt1-ext_edirectory_userip_acl-refactoring-f.patch \ - file://0002-smblib-fix-buffer-over-read.patch \ + file://0001-splay.cc-fix-bind-is-not-a-member-of-std.patch \ " SRC_URI_remove_toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch" -SRC_URI[md5sum] = "4ae3f6277b3aa6386cb5ad2d954179c2" -SRC_URI[sha256sum] = "11971bfe3c13f438e42569ea551206caf68ecaa968305c30f7b422b556ebc7ac" +SRC_URI[md5sum] = "6fb9f2be772b9bcaf2b3322d9e16ee1e" +SRC_URI[sha256sum] = "73c1970467618db194057f6c43c80019a4dc47847579fc404796ff2dcd215f05" -LIC_FILES_CHKSUM = "file://COPYING;md5=c492e2d6d32ec5c1aad0e0609a141ce9 \ - file://errors/COPYRIGHT;md5=1c0781e2ecd3051c765d525572defbc7 \ - " -DEPENDS = "libtool krb5 openldap db cyrus-sasl openssl expat libxml2" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://errors/COPYRIGHT;md5=19cc4dd146f397e72f3ff6f9f58fbfbe \ + " +DEPENDS = "libtool krb5 openldap db cyrus-sasl" inherit autotools pkgconfig useradd ptest perlnative +LDFLAGS_append_mipsarch = " -latomic" +LDFLAGS_append_powerpc = " -latomic" + USERADD_PACKAGES = "${PN}" USERADD_PARAM_${PN} = "--system --no-create-home --home-dir /var/run/squid --shell /bin/false --user-group squid" -PACKAGECONFIG ??= "${@bb.utils.contains('TARGET_ARCH', 'powerpc', 'noatomics', '', d)} \ - ${@bb.utils.contains('TARGET_ARCH', 'mips', 'noatomics', '', d)} \ - ${@bb.utils.contains('TARGET_ARCH', 'mipsel', 'noatomics', '', d)} \ - ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ " PACKAGECONFIG[libnetfilter-conntrack] = "--with-netfilter-conntrack=${includedir}, --without-netfilter-conntrack, libnetfilter-conntrack" -PACKAGECONFIG[noatomics] = "squid_cv_gnu_atomics=no,squid_cv_gnu_atomics=yes,," PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," PACKAGECONFIG[werror] = "--enable-strict-error-checking,--disable-strict-error-checking," +PACKAGECONFIG[esi] = "--enable-esi,--disable-esi,expat libxml2" +PACKAGECONFIG[ssl] = "--with-openssl=yes,--with-openssl=no,openssl" BASIC_AUTH = "DB SASL LDAP" diff --git a/meta-openembedded/meta-networking/recipes-daemons/vblade/vblade_22.bb b/meta-openembedded/meta-networking/recipes-daemons/vblade/vblade_22.bb index a51a8c31c..a52a1e92b 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/vblade/vblade_22.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/vblade/vblade_22.bb @@ -4,6 +4,8 @@ SECTION = "admin" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" +UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/aoetools/files/vblade/" + SRC_URI = "${SOURCEFORGE_MIRROR}/aoetools/${BP}.tar.gz \ file://cross.patch \ file://makefile-add-ldflags.patch \ |