diff options
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-support')
103 files changed, 4910 insertions, 1638 deletions
diff --git a/meta-openembedded/meta-networking/recipes-support/c-ares/c-ares/cmake-install-libcares.pc.patch b/meta-openembedded/meta-networking/recipes-support/c-ares/c-ares/cmake-install-libcares.pc.patch index 5dd4c7d77..8cadb2bba 100644 --- a/meta-openembedded/meta-networking/recipes-support/c-ares/c-ares/cmake-install-libcares.pc.patch +++ b/meta-openembedded/meta-networking/recipes-support/c-ares/c-ares/cmake-install-libcares.pc.patch @@ -1,23 +1,27 @@ -From 7e1ae687916fd5878ee755afbdea6b10494e0b92 Mon Sep 17 00:00:00 2001 -From: Alexey Firago <alexey_firago@mentor.com> -Date: Wed, 26 Jul 2017 23:21:25 +0300 +From 12414304245cce6ef0e8b9547949be5109845353 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Tue, 24 Jul 2018 13:33:33 +0800 Subject: [PATCH] cmake: Install libcares.pc Prepare and install libcares.pc file during cmake build, so libraries using pkg-config to find libcares will not fail. Signed-off-by: Alexey Firago <alexey_firago@mentor.com> + +update to 1.14.0, fix patch warning + +Signed-off-by: Changqing Li <changqing.li@windriver.com> --- - CMakeLists.txt | 21 +++++++++++++++++++++ + CMakeLists.txt | 23 +++++++++++++++++++++++ libcares.pc.cmakein | 20 ++++++++++++++++++++ - 2 files changed, 41 insertions(+) + 2 files changed, 43 insertions(+) create mode 100644 libcares.pc.cmakein diff --git a/CMakeLists.txt b/CMakeLists.txt -index 364b6c7..0016b67 100644 +index 60a880c..71eaa53 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -173,21 +173,29 @@ ADD_DEFINITIONS(${SYSFLAGS}) +@@ -193,22 +193,30 @@ ADD_DEFINITIONS(${SYSFLAGS}) # Tell C-Ares about libraries to depend on @@ -43,32 +47,35 @@ index 364b6c7..0016b67 100644 LIST (APPEND CARES_DEPENDENT_LIBS ws2_32) + LIST (APPEND CARES_PRIVATE_LIBS_LIST "-lws2_32") ENDIF () -+string (REPLACE ";" " " CARES_PRIVATE_LIBS "${CARES_PRIVATE_LIBS_LIST}") ++string (REPLACE ";" " " CARES_PRIVATE_LIBS "${CARES_PRIVATE_LIBS_LIST}") # When checking for symbols, we need to make sure we set the proper -@@ -489,6 +497,13 @@ CONFIGURE_FILE (ares_build.h.cmake ${PROJECT_BINARY_DIR}/ares_build.h) + # headers, libraries, and definitions for the detection to work properly +@@ -514,6 +522,15 @@ CONFIGURE_FILE (ares_build.h.cmake ${PROJECT_BINARY_DIR}/ares_build.h) # Write ares_config.h configuration file. This is used only for the build. CONFIGURE_FILE (ares_config.h.cmake ${PROJECT_BINARY_DIR}/ares_config.h) +# Pass required CFLAGS to pkg-config in case of static library +IF (CARES_STATIC) -+ SET (CPPFLAG_CARES_STATICLIB "-DCARES_STATICLIB") ++ SET (CPPFLAG_CARES_STATICLIB "-DCARES_STATICLIB") +ENDIF() + +# Write ares_config.h configuration file. This is used only for the build. +CONFIGURE_FILE (libcares.pc.cmakein ${PROJECT_BINARY_DIR}/libcares.pc @ONLY) ++ ++ # TRANSFORM_MAKEFILE_INC # -@@ -625,6 +640,12 @@ IF (CARES_INSTALL) - INSTALL (FILES "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}-config.cmake" DESTINATION ${CMAKECONFIG_INSTALL_DIR}) +@@ -664,6 +681,12 @@ IF (CARES_INSTALL) + INSTALL (FILES "${CMAKE_CURRENT_BINARY_DIR}/libcares.pc" DESTINATION "${CMAKE_INSTALL_LIBDIR}/pkgconfig") ENDIF () +# pkg-config file +IF (CARES_INSTALL) -+ SET (PKGCONFIG_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}/pkgconfig") -+ INSTALL (FILES "${CMAKE_CURRENT_BINARY_DIR}/libcares.pc" DESTINATION ${PKGCONFIG_INSTALL_DIR}) ++ SET (PKGCONFIG_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}/pkgconfig") ++ INSTALL (FILES "${CMAKE_CURRENT_BINARY_DIR}/libcares.pc" DESTINATION ${PKGCONFIG_INSTALL_DIR}) +ENDIF () + # Legacy chain-building variables (provided for compatibility with old code). @@ -76,7 +83,7 @@ index 364b6c7..0016b67 100644 SET (CARES_FOUND 1 CACHE INTERNAL "CARES LIBRARY FOUND") diff --git a/libcares.pc.cmakein b/libcares.pc.cmakein new file mode 100644 -index 0000000..f29fede +index 0000000..3579256 --- /dev/null +++ b/libcares.pc.cmakein @@ -0,0 +1,20 @@ diff --git a/meta-openembedded/meta-networking/recipes-support/c-ares/c-ares_1.13.0.bb b/meta-openembedded/meta-networking/recipes-support/c-ares/c-ares_1.14.0.bb index 70e497f5f..b31543d9c 100644 --- a/meta-openembedded/meta-networking/recipes-support/c-ares/c-ares_1.13.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/c-ares/c-ares_1.14.0.bb @@ -3,14 +3,17 @@ SUMMARY = "c-ares is a C library that resolves names asynchronously." HOMEPAGE = "http://daniel.haxx.se/projects/c-ares/" SECTION = "libs" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.md;md5=f4b026880834eb01c035c5e5cb47ccac" -SRCREV = "3be1924221e1326df520f8498d704a5c4c8d0cce" -PV = "1.13.0+gitr${SRCPV}" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=fb997454c8d62aa6a47f07a8cd48b006" + +PV = "1.14.0+gitr${SRCPV}" SRC_URI = "\ git://github.com/c-ares/c-ares.git \ file://cmake-install-libcares.pc.patch \ " +SRCREV = "17dc1b3102e0dfc3e7e31369989013154ee17893" + +UPSTREAM_CHECK_GITTAGREGEX = "cares-(?P<pver>\d+_(\d_?)+)" S = "${WORKDIR}/git" @@ -18,7 +21,6 @@ inherit cmake pkgconfig PACKAGES =+ "${PN}-utils" -FILES_${PN}-dev += "${libdir}/cmake" FILES_${PN}-utils = "${bindir}" -BBCLASSEXTEND = "native" +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-networking/recipes-support/celt051/celt051/0001-configure.ac-make-tools-support-optional.patch b/meta-openembedded/meta-networking/recipes-support/celt051/celt051/0001-configure.ac-make-tools-support-optional.patch new file mode 100644 index 000000000..b0809ee94 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/celt051/celt051/0001-configure.ac-make-tools-support-optional.patch @@ -0,0 +1,39 @@ +From 86df4200c9c33d999df0e8cc3c9771f17a297ec4 Mon Sep 17 00:00:00 2001 +From: Martin Jansa <Martin.Jansa@gmail.com> +Date: Wed, 13 Sep 2017 15:01:54 +0200 +Subject: [PATCH] configure.ac: make tools support optional + +* add --enable-tools option +* XIPH_PATH_OGG macro is provided by libogg so we cannot call + it without the libogg dependency + +Upstream-Status: Pending + +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> +--- + configure.ac | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index d4b1a3f..7d6b2dc 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -68,8 +68,14 @@ AC_MSG_RESULT($has_alloca) + + AC_CHECK_HEADERS(sys/soundcard.h sys/audioio.h) + +-XIPH_PATH_OGG([tools="tools"], [tools=""]) ++AC_ARG_ENABLE(tools, [ --enable-tools Compile ogg tools], ++[if test "$enableval" = yes; then ++ [tools="tools"] ++else ++ [tools=""] ++fi], + AC_SUBST(tools) ++) + + AC_CHECK_LIB(m, sin) + +-- +2.14.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/celt051/celt051/0001-tests-Include-entcode.c-into-test-sources-to-provide.patch b/meta-openembedded/meta-networking/recipes-support/celt051/celt051/0001-tests-Include-entcode.c-into-test-sources-to-provide.patch new file mode 100644 index 000000000..cc893f099 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/celt051/celt051/0001-tests-Include-entcode.c-into-test-sources-to-provide.patch @@ -0,0 +1,55 @@ +From 61fbdddb660c5944ac23b820754a7c4cf4eee097 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 8 Jun 2018 19:29:03 -0700 +Subject: [PATCH] tests: Include entcode.c into test sources to provide + definitions of functions e.g. ec_ilog() + +Fixes link errors in tests +| /usr/src/debug/celt051/0.5.1.3+gitAUTOINC+5555aae843-r0/git/tests/../libcelt/rangedec.c:202: undefined reference to `ec_ilog' + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + tests/cwrs32-test.c | 1 + + tests/ectest.c | 2 +- + tests/laplace-test.c | 1 + + 3 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/tests/cwrs32-test.c b/tests/cwrs32-test.c +index 3a95df2..a159ab3 100644 +--- a/tests/cwrs32-test.c ++++ b/tests/cwrs32-test.c +@@ -8,6 +8,7 @@ + #include "rangeenc.c" + #include "rangedec.c" + #include "cwrs.c" ++#include "entcode.c" + #include <string.h> + #define NMAX (10) + #define MMAX (9) +diff --git a/tests/ectest.c b/tests/ectest.c +index aa35453..94eb9a3 100644 +--- a/tests/ectest.c ++++ b/tests/ectest.c +@@ -5,7 +5,7 @@ + #include <stdlib.h> + #include <stdio.h> + #include <math.h> +-#include "entcode.h" ++#include "entcode.c" + #include "entenc.c" + #include "entdec.c" + #include "rangeenc.c" +diff --git a/tests/laplace-test.c b/tests/laplace-test.c +index 3f98ab3..8e1fb4e 100644 +--- a/tests/laplace-test.c ++++ b/tests/laplace-test.c +@@ -6,6 +6,7 @@ + #include <stdlib.h> + #include "laplace.c" + #include "stack_alloc.h" ++#include "entcode.c" + #include "entenc.c" + #include "entdec.c" + #include "rangeenc.c" diff --git a/meta-openembedded/meta-networking/recipes-support/celt051/celt051_git.bb b/meta-openembedded/meta-networking/recipes-support/celt051/celt051_git.bb new file mode 100644 index 000000000..116800522 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/celt051/celt051_git.bb @@ -0,0 +1,33 @@ +# +# Copyright (C) 2013 Wind River Systems, Inc. +# + +SUMMARY = "The CELT codec is a compression algorithm for audio" +DESCRIPTION = "The CELT codec is a compression algorithm for \ +audio. Like MP3, Vorbis, and AAC it is suitable for transmitting music \ +with high quality. Unlike these formats CELT imposes very little delay \ +on the signal, even less than is typical for speech centric formats \ +like Speex, GSM, or G.729." + +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=375f60ab360d17f0172737036ff155b2" + +PV = "0.5.1.3+git${SRCPV}" + +SRCREV = "5555aae843f57241d005e330b9cb65602d56db0f" + +SRC_URI = "git://git.xiph.org/celt.git;branch=compat-v0.5.1;protocol=https \ + file://0001-configure.ac-make-tools-support-optional.patch \ + file://0001-tests-Include-entcode.c-into-test-sources-to-provide.patch \ + " + +S = "${WORKDIR}/git" + +inherit pkgconfig autotools-brokensep + +PACKAGECONFIG_class-native = "" +PACKAGECONFIG ??= "" + +PACKAGECONFIG[ogg] = "--enable-tools,--disable-tools,libogg," + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-networking/recipes-support/chrony/chrony/arm_eabi.patch b/meta-openembedded/meta-networking/recipes-support/chrony/chrony/arm_eabi.patch index 92a2dbd93..9f943cdce 100644 --- a/meta-openembedded/meta-networking/recipes-support/chrony/chrony/arm_eabi.patch +++ b/meta-openembedded/meta-networking/recipes-support/chrony/chrony/arm_eabi.patch @@ -1,4 +1,7 @@ - chrony: fix build failure for arma9 +From 9ca48a6fef1da1bb0dd67ab94256c7e240da1834 Mon Sep 17 00:00:00 2001 +From: Joe Slater <jslater@windriver.com> +Date: Thu, 9 Mar 2017 10:58:06 -0800 +Subject: [PATCH] chrony: fix build failure for arma9 Eliminate references to syscalls not available for ARM_EABI. Also add a dependency on libseccomp @@ -16,9 +19,15 @@ Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> +--- + sys_linux.c | 19 +++++++++++++------ + 1 file changed, 13 insertions(+), 6 deletions(-) + +diff --git a/sys_linux.c b/sys_linux.c +index f4b532d..d05fa24 100644 --- a/sys_linux.c +++ b/sys_linux.c -@@ -465,14 +465,14 @@ SYS_Linux_EnableSystemCallFilter(int lev +@@ -482,14 +482,14 @@ SYS_Linux_EnableSystemCallFilter(int level) const int syscalls[] = { /* Clock */ SCMP_SYS(adjtimex), SCMP_SYS(clock_gettime), SCMP_SYS(gettimeofday), @@ -36,8 +45,8 @@ SCMP_SYS(mprotect), SCMP_SYS(mremap), SCMP_SYS(munmap), SCMP_SYS(shmdt), /* Filesystem */ SCMP_SYS(access), SCMP_SYS(chmod), SCMP_SYS(chown), SCMP_SYS(chown32), -@@ -483,14 +483,21 @@ - SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname), +@@ -500,14 +500,21 @@ SYS_Linux_EnableSystemCallFilter(int level) + SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname), SCMP_SYS(getsockopt), SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg), SCMP_SYS(sendmmsg), SCMP_SYS(sendmsg), SCMP_SYS(sendto), - /* TODO: check socketcall arguments */ diff --git a/meta-openembedded/meta-networking/recipes-support/chrony/chrony_3.2.bb b/meta-openembedded/meta-networking/recipes-support/chrony/chrony_3.3.bb index 8b90a354e..2586370fa 100644 --- a/meta-openembedded/meta-networking/recipes-support/chrony/chrony_3.2.bb +++ b/meta-openembedded/meta-networking/recipes-support/chrony/chrony_3.3.bb @@ -35,8 +35,8 @@ SRC_URI = "https://download.tuxfamily.org/chrony/chrony-${PV}.tar.gz \ file://chronyd \ file://arm_eabi.patch \ " -SRC_URI[md5sum] = "f4c4eb0dc92f35ee4bb7d3dcd8029ecb" -SRC_URI[sha256sum] = "329f6718dd8c3ece3eee78be1f4821cbbeb62608e7d23f25da293cfa433c4116" +SRC_URI[md5sum] = "81ab62cf5d60b4b3fa8cd2c1b267ffd9" +SRC_URI[sha256sum] = "0d1fb2d5875032f2d5a86f3770374c87ee4c941916f64171e81f7684f2a73128" DEPENDS = "pps-tools" diff --git a/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/01-support-cross-compile-for-linux-os.patch b/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/01-support-cross-compile-for-linux-os.patch deleted file mode 100644 index c9195b4f4..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/01-support-cross-compile-for-linux-os.patch +++ /dev/null @@ -1,24 +0,0 @@ -support cross-compile for linux-os. - -Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com> - -diff -Nurp ctdb-2.5.1.orig/configure ctdb-2.5.1/configure ---- ctdb-2.5.1.orig/configure 2015-05-07 16:24:28.545000238 +0900 -+++ ctdb-2.5.1/configure 2015-05-07 16:28:20.894000244 +0900 -@@ -10692,10 +10692,16 @@ if test x"$libreplace_cv_HAVE_GETADDRINF - # see bug 5910, use our replacements if we detect - # a broken system. - if test "$cross_compiling" = yes; then : -+ case "$target_os" in -+ *linux*) -+ ;; -+ *) - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 - $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} - as_fn_error $? "cannot run test program while cross compiling - See \`config.log' for more details" "$LINENO" 5; } -+ ;; -+ esac - else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext - /* end confdefs.h. */ diff --git a/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/02-link-rep_snprintf-for-ltdbtool.patch b/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/02-link-rep_snprintf-for-ltdbtool.patch deleted file mode 100644 index 1294fe41b..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/02-link-rep_snprintf-for-ltdbtool.patch +++ /dev/null @@ -1,17 +0,0 @@ -link rep_snprintf from lib/replace/snprintf.o for ltdbtool - -Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com> - -Index: ctdb-2.5.6/Makefile.in -=================================================================== ---- ctdb-2.5.6.orig/Makefile.in -+++ ctdb-2.5.6/Makefile.in -@@ -176,7 +176,7 @@ bin/ctdb: $(CTDB_CLIENT_OBJ) tools/ctdb. - @echo Linking $@ - $(WRAPPER) $(CC) $(CFLAGS) -o $@ tools/ctdb.o tools/ctdb_vacuum.o $(CTDB_CLIENT_OBJ) $(LIB_FLAGS) - --bin/ltdbtool: tools/ltdbtool.o $(TDB_OBJ) -+bin/ltdbtool: tools/ltdbtool.o $(TDB_OBJ) lib/replace/snprintf.o - @echo Linking $@ - $(WRAPPER) $(CC) $(CFLAGS) -o $@ $+ $(LIB_FLAGS) - diff --git a/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/service-ensure-the-PID-directory-is-created.patch b/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/service-ensure-the-PID-directory-is-created.patch deleted file mode 100644 index a7e987b85..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb/service-ensure-the-PID-directory-is-created.patch +++ /dev/null @@ -1,25 +0,0 @@ -From f02ff7383f1cc0c118732352ccbae476c7b3b3ba Mon Sep 17 00:00:00 2001 -From: Mark Asselstine <mark.asselstine@windriver.com> -Date: Tue, 17 Nov 2015 16:17:00 -0500 -Subject: [PATCH] service: ensure the PID directory is created - -Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> ---- - config/ctdb.service | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/config/ctdb.service b/config/ctdb.service -index ea37c30..8537105 100644 ---- a/config/ctdb.service -+++ b/config/ctdb.service -@@ -5,6 +5,7 @@ After=network.target - [Service] - Type=forking - LimitCORE=infinity -+RuntimeDirectory=/run/ctdb - PIDFile=/run/ctdb/ctdbd.pid - ExecStart=/usr/sbin/ctdbd_wrapper /run/ctdb/ctdbd.pid start - ExecStop=/usr/sbin/ctdbd_wrapper /run/ctdb/ctdbd.pid stop --- -2.1.4 - diff --git a/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb_2.5.6.bb b/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb_2.5.6.bb deleted file mode 100644 index b5a60645c..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ctdb/ctdb_2.5.6.bb +++ /dev/null @@ -1,57 +0,0 @@ -DESCRIPTION = "CTDB is a cluster implementation of the TDB database \ -used by Samba and other projects to store temporary data. If an \ -application is already using TDB for temporary data it is very easy \ -to convert that application to be cluster aware and use CTDB instead." -HOMEPAGE = "https://ctdb.samba.org/" -LICENSE = "GPL-2.0+ & LGPL-3.0+ & GPL-3.0+" - -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ - file://${COREBASE}/meta/files/common-licenses/LGPL-3.0;md5=bfccfe952269fff2b407dd11f2f3083b \ - file://${COREBASE}/meta/files/common-licenses/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6 \ - " - -SRC_URI = "https://ftp.samba.org/pub/${BPN}/${BP}.tar.gz \ - file://01-support-cross-compile-for-linux-os.patch \ - file://02-link-rep_snprintf-for-ltdbtool.patch \ - file://service-ensure-the-PID-directory-is-created.patch \ - " - -SRC_URI[md5sum] = "efc50109f90a4c790124c35e4ba234ad" -SRC_URI[sha256sum] = "fc1cdd7efcc91afc629f21408281bba5da107b9c17e74bdee2f28a532d14f874" - -inherit autotools-brokensep pkgconfig systemd - -PACKAGECONFIG ??= "" -PACKAGECONFIG[libtdb] = "--without-included-tdb,--with-included-tdb,libtdb" - -PARALLEL_MAKE = "" - -DEPENDS += "popt libtevent libtalloc libldb" -DEPENDS_append_libc-musl = " libtirpc" -CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc" -LDFLAGS_append_libc-musl = " -ltirpc" - -# ctdbd_wrapper requires pgrep, hence procps -RDEPENDS_${PN} += "procps" - -do_configure() { - oe_runconf -} - -do_install_append() { - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${S}/config/ctdb.service ${D}${systemd_unitdir}/system - sed -i -e 's,/usr/sbin/,${sbindir}/,' ${D}${systemd_unitdir}/system/ctdb.service - sed -i -e 's,\([=\ ]\)/run/,\1${localstatedir}/run/,' ${D}${systemd_unitdir}/system/ctdb.service - - rm -r ${D}/${localstatedir}/run -} - -# The systemd service is disabled by default, as the service will fail to -# start without /etc/ctdb/nodes. If the user supplies this, they can re-enable -# the service. -SYSTEMD_AUTO_ENABLE = "disable" -SYSTEMD_SERVICE_${PN} = "ctdb.service" - -# onnode is a shell script with bashisms and bash #! -RDEPENDS_${PN} += "bash" diff --git a/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb b/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb index 340f57dc7..799cf8611 100644 --- a/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb @@ -2,7 +2,7 @@ SUMMARY = "C++ library for client-side URL transfers" HOMEPAGE = "http://www.curlpp.org/" SECTION = "libdevel" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" +LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=fd0c9adf285a69aa3b4faf34384e1029" DEPENDS = "curl" DEPENDS_class-native = "curl-native" @@ -15,19 +15,4 @@ S = "${WORKDIR}/git" inherit cmake pkgconfig binconfig -do_install_append () { - sed -i 's,${STAGING_DIR_TARGET},,g' ${D}${libdir}/pkgconfig/curlpp.pc -} - -PACKAGES =+ "libcurlpp libcurlpp-dev libcurlpp-staticdev" - -FILES_lib${BPN} = "${libdir}/lib*.so.*" - -FILES_lib${BPN}-dev = "${includedir} \ - ${libdir}/pkgconfig \ - ${bindir}/*-config \ -" - -FILES_lib${BPN}-staticdev = "${libdir}/lib*.a" - BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch index 0991dd8b9..1bf0f75c1 100644 --- a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch +++ b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch @@ -1,7 +1,7 @@ From be1b3d2d0f1608cba5efee73d6aac5ad0709041b Mon Sep 17 00:00:00 2001 From: Joe MacDonald <joe_macdonald@mentor.com> Date: Tue, 9 Sep 2014 10:24:58 -0400 -Subject: [PATCH] Upstream-status: Inappropriate [OE specific] +Subject: [PATCH] Upstream-Status: Inappropriate [OE specific] Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb deleted file mode 100644 index d2465f82d..000000000 --- a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb +++ /dev/null @@ -1,9 +0,0 @@ -require dnsmasq.inc - -SRC_URI += "\ - file://lua.patch \ - file://CVE-2017-15107.patch \ -" - -SRC_URI[dnsmasq-2.78.md5sum] = "3bb97f264c73853f802bf70610150788" -SRC_URI[dnsmasq-2.78.sha256sum] = "c92e5d78aa6353354d02aabf74590d08980bb1385d8a00b80ef9bc80430aa1dc" diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.79.bb b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.79.bb new file mode 100644 index 000000000..a66b9a9ad --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.79.bb @@ -0,0 +1,8 @@ +require dnsmasq.inc + +SRC_URI[dnsmasq-2.79.md5sum] = "5d7120a46d0c16a334f46757d7e2ba55" +SRC_URI[dnsmasq-2.79.sha256sum] = "77512dd6f31ffd96718e8dcbbf54f02c083f051d4cca709bd32540aea269f789" +SRC_URI += "\ + file://lua.patch \ +" + diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/files/CVE-2017-15107.patch b/meta-openembedded/meta-networking/recipes-support/dnsmasq/files/CVE-2017-15107.patch deleted file mode 100644 index 701101bcb..000000000 --- a/meta-openembedded/meta-networking/recipes-support/dnsmasq/files/CVE-2017-15107.patch +++ /dev/null @@ -1,263 +0,0 @@ -From 5a56e1b78a753d3295564daddc9ce389cc69fd68 Mon Sep 17 00:00:00 2001 -From: Simon Kelley <simon@thekelleys.org.uk> -Date: Fri, 19 Jan 2018 12:26:08 +0000 -Subject: [PATCH] DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies. - -It's OK for NSEC records to be expanded from wildcards, -but in that case, the proof of non-existence is only valid -starting at the wildcard name, *.<domain> NOT the name expanded -from the wildcard. Without this check it's possible for an -attacker to craft an NSEC which wrongly proves non-existence -in a domain which includes a wildcard for NSEC. - -Upstream-Status: Backport [http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4fe6744a220eddd3f1749b40cac3dfc510787de6] -CVE: CVE-2017-15107 -Signed-off-by: Sinan Kaya <okaya@kernel.org> ---- - CHANGELOG | 44 +++++++++++++++++++ - src/dnssec.c | 117 +++++++++++++++++++++++++++++++++++++++++++++------ - 2 files changed, 147 insertions(+), 14 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 075fe1a6..5226dce8 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -1,3 +1,47 @@ -+version 2.79 -+ Fix parsing of CNAME arguments, which are confused by extra spaces. -+ Thanks to Diego Aguirre for spotting the bug. -+ -+ Where available, use IP_UNICAST_IF or IPV6_UNICAST_IF to bind -+ upstream servers to an interface, rather than SO_BINDTODEVICE. -+ Thanks to Beniamino Galvani for the patch. -+ -+ Always return a SERVFAIL answer to DNS queries without the -+ recursion desired bit set, UNLESS acting as an authoritative -+ DNS server. This avoids a potential route to cache snooping. -+ -+ Add support for Ed25519 signatures in DNSSEC validation. -+ -+ No longer support RSA/MD5 signatures in DNSSEC validation, -+ since these are not secure. This behaviour is mandated in -+ RFC-6944. -+ -+ Fix incorrect error exit code from dhcp_release6 utility. -+ Thanks Gaudenz Steinlin for the bug report. -+ -+ Use SIGINT (instead of overloading SIGHUP) to turn on DNSSEC -+ time validation when --dnssec-no-timecheck is in use. -+ Note that this is an incompatible change from earlier releases. -+ -+ Allow more than one --bridge-interface option to refer to an -+ interface, so that we can use -+ --bridge-interface=int1,alias1 -+ --bridge-interface=int1,alias2 -+ as an alternative to -+ --bridge-interface=int1,alias1,alias2 -+ Thanks to Neil Jerram for work on this. -+ -+ Fix for DNSSEC with wildcard-derived NSEC records. -+ It's OK for NSEC records to be expanded from wildcards, -+ but in that case, the proof of non-existence is only valid -+ starting at the wildcard name, *.<domain> NOT the name expanded -+ from the wildcard. Without this check it's possible for an -+ attacker to craft an NSEC which wrongly proves non-existence. -+ Thanks to Ralph Dolmans for finding this, and co-ordinating -+ the vulnerability tracking and fix release. -+ CVE-2017-15107 applies. -+ -+ - version 2.78 - Fix logic of appending ".<layer>" to PXE basename. Thanks to Chris - Novakovic for the patch. -diff --git a/src/dnssec.c b/src/dnssec.c -index a74d01ab..1417be56 100644 ---- a/src/dnssec.c -+++ b/src/dnssec.c -@@ -424,15 +424,17 @@ static void from_wire(char *name) - static int count_labels(char *name) - { - int i; -- -+ char *p; -+ - if (*name == 0) - return 0; - -- for (i = 0; *name; name++) -- if (*name == '.') -+ for (p = name, i = 0; *p; p++) -+ if (*p == '.') - i++; - -- return i+1; -+ /* Don't count empty first label. */ -+ return *name == '.' ? i : i+1; - } - - /* Implement RFC1982 wrapped compare for 32-bit numbers */ -@@ -1405,8 +1407,8 @@ static int hostname_cmp(const char *a, const char *b) - } - } - --static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count, -- char *workspace1, char *workspace2, char *name, int type, int *nons) -+static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, unsigned char **labels, int nsec_count, -+ char *workspace1_in, char *workspace2, char *name, int type, int *nons) - { - int i, rc, rdlen; - unsigned char *p, *psave; -@@ -1419,6 +1421,9 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi - /* Find NSEC record that proves name doesn't exist */ - for (i = 0; i < nsec_count; i++) - { -+ char *workspace1 = workspace1_in; -+ int sig_labels, name_labels; -+ - p = nsecs[i]; - if (!extract_name(header, plen, &p, workspace1, 1, 10)) - return 0; -@@ -1427,7 +1432,27 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi - psave = p; - if (!extract_name(header, plen, &p, workspace2, 1, 10)) - return 0; -- -+ -+ /* If NSEC comes from wildcard expansion, use original wildcard -+ as name for computation. */ -+ sig_labels = *labels[i]; -+ name_labels = count_labels(workspace1); -+ -+ if (sig_labels < name_labels) -+ { -+ int k; -+ for (k = name_labels - sig_labels; k != 0; k--) -+ { -+ while (*workspace1 != '.' && *workspace1 != 0) -+ workspace1++; -+ if (k != 1 && *workspace1 == '.') -+ workspace1++; -+ } -+ -+ workspace1--; -+ *workspace1 = '*'; -+ } -+ - rc = hostname_cmp(workspace1, name); - - if (rc == 0) -@@ -1825,24 +1850,26 @@ static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, uns - - static int prove_non_existence(struct dns_header *header, size_t plen, char *keyname, char *name, int qtype, int qclass, char *wildname, int *nons) - { -- static unsigned char **nsecset = NULL; -- static int nsecset_sz = 0; -+ static unsigned char **nsecset = NULL, **rrsig_labels = NULL; -+ static int nsecset_sz = 0, rrsig_labels_sz = 0; - - int type_found = 0; -- unsigned char *p = skip_questions(header, plen); -+ unsigned char *auth_start, *p = skip_questions(header, plen); - int type, class, rdlen, i, nsecs_found; - - /* Move to NS section */ - if (!p || !(p = skip_section(p, ntohs(header->ancount), header, plen))) - return 0; -+ -+ auth_start = p; - - for (nsecs_found = 0, i = ntohs(header->nscount); i != 0; i--) - { - unsigned char *pstart = p; - -- if (!(p = skip_name(p, header, plen, 10))) -+ if (!extract_name(header, plen, &p, daemon->workspacename, 1, 10)) - return 0; -- -+ - GETSHORT(type, p); - GETSHORT(class, p); - p += 4; /* TTL */ -@@ -1859,7 +1886,69 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key - if (!expand_workspace(&nsecset, &nsecset_sz, nsecs_found)) - return 0; - -- nsecset[nsecs_found++] = pstart; -+ if (type == T_NSEC) -+ { -+ /* If we're looking for NSECs, find the corresponding SIGs, to -+ extract the labels value, which we need in case the NSECs -+ are the result of wildcard expansion. -+ Note that the NSEC may not have been validated yet -+ so if there are multiple SIGs, make sure the label value -+ is the same in all, to avoid be duped by a rogue one. -+ If there are no SIGs, that's an error */ -+ unsigned char *p1 = auth_start; -+ int res, j, rdlen1, type1, class1; -+ -+ if (!expand_workspace(&rrsig_labels, &rrsig_labels_sz, nsecs_found)) -+ return 0; -+ -+ rrsig_labels[nsecs_found] = NULL; -+ -+ for (j = ntohs(header->nscount); j != 0; j--) -+ { -+ if (!(res = extract_name(header, plen, &p1, daemon->workspacename, 0, 10))) -+ return 0; -+ -+ GETSHORT(type1, p1); -+ GETSHORT(class1, p1); -+ p1 += 4; /* TTL */ -+ GETSHORT(rdlen1, p1); -+ -+ if (!CHECK_LEN(header, p1, plen, rdlen1)) -+ return 0; -+ -+ if (res == 1 && class1 == qclass && type1 == T_RRSIG) -+ { -+ int type_covered; -+ unsigned char *psav = p1; -+ -+ if (rdlen < 18) -+ return 0; /* bad packet */ -+ -+ GETSHORT(type_covered, p1); -+ -+ if (type_covered == T_NSEC) -+ { -+ p1++; /* algo */ -+ -+ /* labels field must be the same in every SIG we find. */ -+ if (!rrsig_labels[nsecs_found]) -+ rrsig_labels[nsecs_found] = p1; -+ else if (*rrsig_labels[nsecs_found] != *p1) /* algo */ -+ return 0; -+ } -+ p1 = psav; -+ } -+ -+ if (!ADD_RDLEN(header, p1, plen, rdlen1)) -+ return 0; -+ } -+ -+ /* Must have found at least one sig. */ -+ if (!rrsig_labels[nsecs_found]) -+ return 0; -+ } -+ -+ nsecset[nsecs_found++] = pstart; - } - - if (!ADD_RDLEN(header, p, plen, rdlen)) -@@ -1867,7 +1956,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key - } - - if (type_found == T_NSEC) -- return prove_non_existence_nsec(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, nons); -+ return prove_non_existence_nsec(header, plen, nsecset, rrsig_labels, nsecs_found, daemon->workspacename, keyname, name, qtype, nons); - else if (type_found == T_NSEC3) - return prove_non_existence_nsec3(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, wildname, nons); - else --- -2.19.0 - diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot_2.2.33.bb b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot_2.2.33.bb index 5ebda19eb..882d5d554 100644 --- a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot_2.2.33.bb +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot_2.2.33.bb @@ -15,11 +15,9 @@ SRC_URI = "http://dovecot.org/releases/2.2/dovecot-${PV}.tar.gz \ SRC_URI[md5sum] = "d61d1e923a22f9062cc9f47696882666" SRC_URI[sha256sum] = "e9483d68a7698d701bc06124fcf6e1b1f16380c2986c7ec0cf4e1475b9d0c218" -DEPENDS = "openssl xz zlib bzip2 libcap icu" - -DEPENDS_append_libc-musl = " libtirpc" -CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc" -LDFLAGS_append_libc-musl = " -ltirpc" +DEPENDS = "openssl xz zlib bzip2 libcap icu libtirpc" +CFLAGS += "-I${STAGING_INCDIR}/tirpc" +LDFLAGS += "-ltirpc" inherit autotools pkgconfig systemd useradd diff --git a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils/0001-Makefile.in-fix-permission-bits-for-drbd.service.patch b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils/0001-Makefile.in-fix-permission-bits-for-drbd.service.patch deleted file mode 100644 index 90dd1f861..000000000 --- a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils/0001-Makefile.in-fix-permission-bits-for-drbd.service.patch +++ /dev/null @@ -1,25 +0,0 @@ -Upstream-Status: Pending - -Subject: Makefile.in: fix permission bits for drbd.service - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - scripts/Makefile.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/scripts/Makefile.in b/scripts/Makefile.in -index 402b93b..4a45407 100644 ---- a/scripts/Makefile.in -+++ b/scripts/Makefile.in -@@ -65,7 +65,7 @@ endif - # yes, debian apparently allows installing both types from the same package - ifneq ($(initscripttype),sysv) # "systemd" or "both" - install -d $(DESTDIR)$(systemdunitdir) -- install -m 755 drbd.service $(DESTDIR)$(systemdunitdir)/ -+ install -m 644 drbd.service $(DESTDIR)$(systemdunitdir)/ - install -d $(DESTDIR)/lib/drbd/ - install -m 755 drbd $(DESTDIR)/lib/drbd/ - install -d $(DESTDIR)$(tmpfilesdir)/ --- -1.9.1 - diff --git a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils/0001-drbd-drbd-tools-only-rmmod-if-DRBD-is-a-module.patch b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils/0001-drbd-drbd-tools-only-rmmod-if-DRBD-is-a-module.patch new file mode 100644 index 000000000..c0f3adf24 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils/0001-drbd-drbd-tools-only-rmmod-if-DRBD-is-a-module.patch @@ -0,0 +1,43 @@ +Subject: drbd-tools: only rmmod if DRBD is a module + +Account for the case if the DRBD drive is built into +the kernel. Otherwise, errors, like the following, +will occur: + +root@localhost:~# /etc/init.d/drbd stop + Stopping all DRBD resources: ERROR: Module drbd + does not exist in /proc/modules + +Upstream-Status: Submitted [https://github.com/LINBIT/drbd-utils/pull/2] + +Signed-off-by: Aws Ismail <aws.ismail@windriver.com> +Signed-off-by: Jason Wessel <jason.wessel@windriver.com> + +[ refresh to 8.4.4: squash Aws' and Jason's patches ] +Signed-off-by: Michel Thebeau <michel.thebeau@windriver.com> + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +Signed-off-by: Changqing Li <changqing.li@windriver.com> + +--- + scripts/drbd | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/scripts/drbd b/scripts/drbd +index 20bf628..de589dc 100755 +--- a/scripts/drbd ++++ b/scripts/drbd +@@ -241,7 +241,9 @@ case "$1" in + if [ -d /sys/module/drbd/holders ]; then + (cd /sys/module/drbd/holders; for tr in *; do [ -d ${tr} ] && ${RMMOD} ${tr}; done) + fi +- $RMMOD drbd && break ++ if [ ! -z "$(cat /proc/modules | grep -w drbd)" ]; then ++ $RMMOD drbd && break ++ fi + fi + done + run_hook stop +-- +1.9.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_8.9.6.bb b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.5.0.bb index 81f1cfec5..bd1e8576f 100644 --- a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_8.9.6.bb +++ b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.5.0.bb @@ -8,11 +8,17 @@ SECTION = "admin" LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=5574c6965ae5f583e55880e397fbb018" -SRC_URI = "http://www.linbit.com/downloads/drbd/utils/archive/${BP}.tar.gz \ - file://0001-Makefile.in-fix-permission-bits-for-drbd.service.patch \ +SRC_URI = "git://github.com/LINBIT/drbd-utils;name=drbd-utils \ + git://github.com/LINBIT/drbd-headers;name=drbd-headers;destsuffix=git/drbd-headers \ + file://0001-drbd-drbd-tools-only-rmmod-if-DRBD-is-a-module.patch \ " -SRC_URI[md5sum] = "76ed6d3190cd77b00890f3365353124b" -SRC_URI[sha256sum] = "297b77c9b3f88de2e7dae459234f2753ea4fc2805282b2d276e35cf51e292913" +# v9.5.0 +SRCREV_drbd-utils = "ee126652638328b55dc6bff47d07d6161ab768db" +SRCREV_drbd-headers = "b47cc11bcabe1a65c40ad23f71dcaf2da6419630" + +S = "${WORKDIR}/git" + +UPSTREAM_CHECK_URI = "https://github.com/LINBIT/drbd-utils/releases" SYSTEMD_SERVICE_${PN} = "drbd.service" SYSTEMD_AUTO_ENABLE = "disable" @@ -27,9 +33,20 @@ EXTRA_OECONF = " \ --with-distro debian \ --with-initscripttype=both \ --with-systemdunitdir=${systemd_unitdir}/system \ - --without-manual\ + --without-manual \ " +do_configure_prepend() { + # move the the file under folder /lib/drbd/ to /usr/lib/drbd when usrmerge enabled + if ${@bb.utils.contains('DISTRO_FEATURES', 'usrmerge', 'true', 'false', d)}; then + for m_file in `find ${S} -name 'Makefile.in'`; do + sed -i -e "s;\$(DESTDIR)\/lib\/drbd;\$(DESTDIR)\${nonarch_libdir}\/drbd;g" $m_file + done + # move the the file under folder /lib/udev/ to /usr/lib/udev when usrmerge enabled + sed -i -e "s;default_udevdir=/lib/udev;default_udevdir=\${prefix}/lib/udev;g" ${S}/configure.ac + fi + +} do_install_append() { # don't install empty /var/lock to avoid conflict with base-files rm -rf ${D}${localstatedir}/lock diff --git a/meta-openembedded/meta-networking/recipes-support/esmtp/esmtp_1.2.bb b/meta-openembedded/meta-networking/recipes-support/esmtp/esmtp_1.2.bb index 2da73e775..663161a9b 100644 --- a/meta-openembedded/meta-networking/recipes-support/esmtp/esmtp_1.2.bb +++ b/meta-openembedded/meta-networking/recipes-support/esmtp/esmtp_1.2.bb @@ -18,10 +18,12 @@ EXTRA_OECONF = "--with-libesmtp=${STAGING_EXECPREFIXDIR}" inherit autotools update-alternatives -ALTERNATIVE_${PN} = "sendmail" - +ALTERNATIVE_${PN} += "sendmail mailq newaliases" +ALTERNATIVE_TARGET[mailq] = "${bindir}/mailq" +ALTERNATIVE_TARGET[newaliases] = "${bindir}/newaliases" ALTERNATIVE_LINK_NAME[sendmail] = "${sbindir}/sendmail" ALTERNATIVE_TARGET[sendmail] = "${bindir}/esmtp" + ALTERNATIVE_PRIORITY = "10" ALTERNATIVE_${PN}-doc += "mailq.1 newaliases.1 sendmail.1" diff --git a/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail/02_remove_SSLv3.patch b/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail/02_remove_SSLv3.patch new file mode 100644 index 000000000..95cfa2f4a --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail/02_remove_SSLv3.patch @@ -0,0 +1,1576 @@ +Description: <short summary of the patch> + TODO: Put a short summary on the line above and replace this paragraph + with a longer explanation of this change. Complete the meta-information + with other relevant fields (see below for details). To make it easier, the + information below has been extracted from the changelog. Adjust it or drop + it. + . + fetchmail (6.3.26-2) unstable; urgency=low + . + * New maintainer (closes: #800750). + * Backport upstream fix for SSLv3 removal (closes: #804604) and do not + recommend SSLv3 (closes: #801178). + * Remove quilt and its usage. + * Add dh-python to build depends. + * Update upstream URLs. + * Update watch file. + * Update Standards-Version to 3.9.6 . +Author: Laszlo Boszormenyi (GCS) <gcs@debian.org> +Bug-Debian: https://bugs.debian.org/800750 +Bug-Debian: https://bugs.debian.org/801178 +Bug-Debian: https://bugs.debian.org/804604 + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: <vendor|upstream|other>, <url of original patch> +Bug: <url in upstream bugtracker> +Bug-Debian: https://bugs.debian.org/<bugnumber> +Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> +Forwarded: <no|not-needed|url proving that it has been forwarded> +Reviewed-By: <name and email of someone who approved the patch> +Last-Update: <YYYY-MM-DD> + +--- fetchmail-6.3.26.orig/Makefile.am ++++ fetchmail-6.3.26/Makefile.am +@@ -31,7 +31,7 @@ libfm_a_SOURCES= xmalloc.c base64.c rfc8 + servport.c ntlm.h smbbyteorder.h smbdes.h smbmd4.h \ + smbencrypt.h smbdes.c smbencrypt.c smbmd4.c smbutil.c \ + libesmtp/gethostbyname.h libesmtp/gethostbyname.c \ +- smbtypes.h fm_getaddrinfo.c tls.c rfc822valid.c \ ++ smbtypes.h fm_getaddrinfo.c starttls.c rfc822valid.c \ + xmalloc.h sdump.h sdump.c x509_name_match.c \ + fm_strl.h md5c.c + if NTLM_ENABLE +--- fetchmail-6.3.26.orig/Makefile.in ++++ fetchmail-6.3.26/Makefile.in +@@ -97,14 +97,14 @@ am__libfm_a_SOURCES_DIST = xmalloc.c bas + rfc2047e.c servport.c ntlm.h smbbyteorder.h smbdes.h smbmd4.h \ + smbencrypt.h smbdes.c smbencrypt.c smbmd4.c smbutil.c \ + libesmtp/gethostbyname.h libesmtp/gethostbyname.c smbtypes.h \ +- fm_getaddrinfo.c tls.c rfc822valid.c xmalloc.h sdump.h sdump.c \ ++ fm_getaddrinfo.c starttls.c rfc822valid.c xmalloc.h sdump.h sdump.c \ + x509_name_match.c fm_strl.h md5c.c ntlmsubr.c + @NTLM_ENABLE_TRUE@am__objects_1 = ntlmsubr.$(OBJEXT) + am_libfm_a_OBJECTS = xmalloc.$(OBJEXT) base64.$(OBJEXT) \ + rfc822.$(OBJEXT) report.$(OBJEXT) rfc2047e.$(OBJEXT) \ + servport.$(OBJEXT) smbdes.$(OBJEXT) smbencrypt.$(OBJEXT) \ + smbmd4.$(OBJEXT) smbutil.$(OBJEXT) gethostbyname.$(OBJEXT) \ +- fm_getaddrinfo.$(OBJEXT) tls.$(OBJEXT) rfc822valid.$(OBJEXT) \ ++ fm_getaddrinfo.$(OBJEXT) starttls.$(OBJEXT) rfc822valid.$(OBJEXT) \ + sdump.$(OBJEXT) x509_name_match.$(OBJEXT) md5c.$(OBJEXT) \ + $(am__objects_1) + libfm_a_OBJECTS = $(am_libfm_a_OBJECTS) +@@ -483,7 +483,7 @@ libfm_a_SOURCES = xmalloc.c base64.c rfc + servport.c ntlm.h smbbyteorder.h smbdes.h smbmd4.h \ + smbencrypt.h smbdes.c smbencrypt.c smbmd4.c smbutil.c \ + libesmtp/gethostbyname.h libesmtp/gethostbyname.c smbtypes.h \ +- fm_getaddrinfo.c tls.c rfc822valid.c xmalloc.h sdump.h sdump.c \ ++ fm_getaddrinfo.c starttls.c rfc822valid.c xmalloc.h sdump.h sdump.c \ + x509_name_match.c fm_strl.h md5c.c $(am__append_1) + libfm_a_LIBADD = $(EXTRAOBJ) + libfm_a_DEPENDENCIES = $(EXTRAOBJ) +--- fetchmail-6.3.26.orig/NEWS ++++ fetchmail-6.3.26/NEWS +@@ -51,8 +51,6 @@ removed from a 6.4.0 or newer release.) + * The --bsmtp - mode of operation may be removed in a future release. + * Given that OpenSSL is severely underdocumented, and needs license exceptions, + fetchmail may switch to a different SSL library. +-* SSLv2 support will be removed from a future fetchmail release. It has been +- obsolete for more than a decade. + + -------------------------------------------------------------------------------- + +--- fetchmail-6.3.26.orig/README.SSL ++++ fetchmail-6.3.26/README.SSL +@@ -11,36 +11,45 @@ specific to fetchmail. + In case of troubles, mail the README.SSL-SERVER file to your ISP and + have them check their server configuration against it. + +-Unfortunately, fetchmail confuses SSL/TLS protocol levels with whether +-a service needs to use in-band negotiation (STLS/STARTTLS for POP3/IMAP4) or is +-totally SSL-wrapped on a separate port. For compatibility reasons, this cannot +-be fixed in a bugfix release. ++Unfortunately, fetchmail confuses SSL/TLS protocol levels with whether a ++service needs to use in-band negotiation (STLS/STARTTLS for POP3/IMAP4) ++or is totally SSL-wrapped on a separate port. For compatibility ++reasons, this cannot be fixed in a bugfix or minor release. ++ ++Also, fetchmail 6.4.0 and newer releases changed some of the semantics ++as the result of a bug-fix, and will auto-negotiate TLSv1 or newer only. ++If your server does not support this, you may have to specify --sslproto ++ssl3. This is in order to prefer the newer TLS protocols, because SSLv2 ++and v3 are broken. + +- -- Matthias Andree, 2009-05-09 ++ -- Matthias Andree, 2015-01-16 + + + Quickstart + ---------- + ++Use an up-to-date release of OpenSSL 1.0.1 or newer, so as to get ++TLSv1.2 support. ++ + For use of SSL or TLS with in-band negotiation on the regular service's port, + i. e. with STLS or STARTTLS, use these command line options + +- --sslproto tls1 --sslcertck ++ --sslproto auto --sslcertck + + or these options in the rcfile (after the respective "user"... options) + +- sslproto tls1 sslcertck ++ sslproto auto sslcertck + + + For use of SSL or TLS on a separate port, if the whole TCP connection is +-SSL-encrypted from the very beginning, use these command line options (in the +-rcfile, omit all leading "--"): ++SSL-encrypted from the very beginning (SSL- or TLS-wrapped), use these ++command line options (in the rcfile, omit all leading "--"): + +- --ssl --sslproto ssl3 --sslcertck ++ --ssl --sslproto auto --sslcertck + + or these options in the rcfile (after the respective "user"... options) + +- ssl sslproto ssl3 sslcertck ++ ssl sslproto auto sslcertck + + + Background and use (long version :-)) +--- fetchmail-6.3.26.orig/config.h.in ++++ fetchmail-6.3.26/config.h.in +@@ -49,9 +49,9 @@ + don't. */ + #undef HAVE_DECL_H_ERRNO + +-/* Define to 1 if you have the declaration of `SSLv2_client_method', and to 0 ++/* Define to 1 if you have the declaration of `SSLv3_client_method', and to 0 + if you don't. */ +-#undef HAVE_DECL_SSLV2_CLIENT_METHOD ++#undef HAVE_DECL_SSLV3_CLIENT_METHOD + + /* Define to 1 if you have the declaration of `strerror', and to 0 if you + don't. */ +--- fetchmail-6.3.26.orig/configure ++++ fetchmail-6.3.26/configure +@@ -1,13 +1,11 @@ + #! /bin/sh + # Guess values for system-dependent variables and create Makefiles. +-# Generated by GNU Autoconf 2.68 for fetchmail 6.3.26. ++# Generated by GNU Autoconf 2.69 for fetchmail 6.3.26. + # + # Report bugs to <fetchmail-users@lists.berlios.de>. + # + # +-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, +-# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software +-# Foundation, Inc. ++# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. + # + # + # This configure script is free software; the Free Software Foundation +@@ -136,6 +134,31 @@ export LANGUAGE + # CDPATH. + (unset CDPATH) >/dev/null 2>&1 && unset CDPATH + ++# Use a proper internal environment variable to ensure we don't fall ++ # into an infinite loop, continuously re-executing ourselves. ++ if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then ++ _as_can_reexec=no; export _as_can_reexec; ++ # We cannot yet assume a decent shell, so we have to provide a ++# neutralization value for shells without unset; and this also ++# works around shells that cannot unset nonexistent variables. ++# Preserve -v and -x to the replacement shell. ++BASH_ENV=/dev/null ++ENV=/dev/null ++(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV ++case $- in # (((( ++ *v*x* | *x*v* ) as_opts=-vx ;; ++ *v* ) as_opts=-v ;; ++ *x* ) as_opts=-x ;; ++ * ) as_opts= ;; ++esac ++exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} ++# Admittedly, this is quite paranoid, since all the known shells bail ++# out after a failed `exec'. ++$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 ++as_fn_exit 255 ++ fi ++ # We don't want this to propagate to other subprocesses. ++ { _as_can_reexec=; unset _as_can_reexec;} + if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh +@@ -169,7 +192,8 @@ if ( set x; as_fn_ret_success y && test + else + exitcode=1; echo positional parameters were not saved. + fi +-test x\$exitcode = x0 || exit 1" ++test x\$exitcode = x0 || exit 1 ++test -x / || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && +@@ -214,21 +238,25 @@ IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : +- # We cannot yet assume a decent shell, so we have to provide a +- # neutralization value for shells without unset; and this also +- # works around shells that cannot unset nonexistent variables. +- # Preserve -v and -x to the replacement shell. +- BASH_ENV=/dev/null +- ENV=/dev/null +- (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +- export CONFIG_SHELL +- case $- in # (((( +- *v*x* | *x*v* ) as_opts=-vx ;; +- *v* ) as_opts=-v ;; +- *x* ) as_opts=-x ;; +- * ) as_opts= ;; +- esac +- exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"} ++ export CONFIG_SHELL ++ # We cannot yet assume a decent shell, so we have to provide a ++# neutralization value for shells without unset; and this also ++# works around shells that cannot unset nonexistent variables. ++# Preserve -v and -x to the replacement shell. ++BASH_ENV=/dev/null ++ENV=/dev/null ++(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV ++case $- in # (((( ++ *v*x* | *x*v* ) as_opts=-vx ;; ++ *v* ) as_opts=-v ;; ++ *x* ) as_opts=-x ;; ++ * ) as_opts= ;; ++esac ++exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} ++# Admittedly, this is quite paranoid, since all the known shells bail ++# out after a failed `exec'. ++$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 ++exit 255 + fi + + if test x$as_have_required = xno; then : +@@ -331,6 +359,14 @@ $as_echo X"$as_dir" | + + + } # as_fn_mkdir_p ++ ++# as_fn_executable_p FILE ++# ----------------------- ++# Test if FILE is an executable regular file. ++as_fn_executable_p () ++{ ++ test -f "$1" && test -x "$1" ++} # as_fn_executable_p + # as_fn_append VAR VALUE + # ---------------------- + # Append the text in VALUE to the end of the definition contained in VAR. Take +@@ -452,6 +488,10 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits + chmod +x "$as_me.lineno" || + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + ++ # If we had to re-execute with $CONFIG_SHELL, we're ensured to have ++ # already done that, so ensure we don't try to do so again and fall ++ # in an infinite loop. This has already happened in practice. ++ _as_can_reexec=no; export _as_can_reexec + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). +@@ -486,16 +526,16 @@ if (echo >conf$$.file) 2>/dev/null; then + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. +- # In both cases, we have to default to `cp -p'. ++ # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || +- as_ln_s='cp -p' ++ as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else +- as_ln_s='cp -p' ++ as_ln_s='cp -pR' + fi + else +- as_ln_s='cp -p' ++ as_ln_s='cp -pR' + fi + rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file + rmdir conf$$.dir 2>/dev/null +@@ -507,28 +547,8 @@ else + as_mkdir_p=false + fi + +-if test -x / >/dev/null 2>&1; then +- as_test_x='test -x' +-else +- if ls -dL / >/dev/null 2>&1; then +- as_ls_L_option=L +- else +- as_ls_L_option= +- fi +- as_test_x=' +- eval sh -c '\'' +- if test -d "$1"; then +- test -d "$1/."; +- else +- case $1 in #( +- -*)set "./$1";; +- esac; +- case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( +- ???[sx]*):;;*)false;;esac;fi +- '\'' sh +- ' +-fi +-as_executable_p=$as_test_x ++as_test_x='test -x' ++as_executable_p=as_fn_executable_p + + # Sed expression to map a string onto a valid CPP name. + as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" +@@ -742,6 +762,7 @@ infodir + docdir + oldincludedir + includedir ++runstatedir + localstatedir + sharedstatedir + sysconfdir +@@ -841,6 +862,7 @@ datadir='${datarootdir}' + sysconfdir='${prefix}/etc' + sharedstatedir='${prefix}/com' + localstatedir='${prefix}/var' ++runstatedir='${localstatedir}/run' + includedir='${prefix}/include' + oldincludedir='/usr/include' + docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +@@ -1093,6 +1115,15 @@ do + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + ++ -runstatedir | --runstatedir | --runstatedi | --runstated \ ++ | --runstate | --runstat | --runsta | --runst | --runs \ ++ | --run | --ru | --r) ++ ac_prev=runstatedir ;; ++ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ ++ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ ++ | --run=* | --ru=* | --r=*) ++ runstatedir=$ac_optarg ;; ++ + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ +@@ -1230,7 +1261,7 @@ fi + for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ +- libdir localedir mandir ++ libdir localedir mandir runstatedir + do + eval ac_val=\$$ac_var + # Remove trailing slashes. +@@ -1258,8 +1289,6 @@ target=$target_alias + if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe +- $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. +- If a cross compiler is detected then cross compile mode will be used" >&2 + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +@@ -1385,6 +1414,7 @@ Fine tuning of the installation director + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] ++ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] +@@ -1548,9 +1578,9 @@ test -n "$ac_init_help" && exit $ac_stat + if $ac_init_version; then + cat <<\_ACEOF + fetchmail configure 6.3.26 +-generated by GNU Autoconf 2.68 ++generated by GNU Autoconf 2.69 + +-Copyright (C) 2010 Free Software Foundation, Inc. ++Copyright (C) 2012 Free Software Foundation, Inc. + This configure script is free software; the Free Software Foundation + gives unlimited permission to copy, distribute and modify it. + _ACEOF +@@ -1827,7 +1857,7 @@ $as_echo "$ac_try_echo"; } >&5 + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || +- $as_test_x conftest$ac_exeext ++ test -x conftest$ac_exeext + }; then : + ac_retval=0 + else +@@ -2030,7 +2060,8 @@ int + main () + { + static int test_array [1 - 2 * !(($2) >= 0)]; +-test_array [0] = 0 ++test_array [0] = 0; ++return test_array [0]; + + ; + return 0; +@@ -2046,7 +2077,8 @@ int + main () + { + static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +-test_array [0] = 0 ++test_array [0] = 0; ++return test_array [0]; + + ; + return 0; +@@ -2072,7 +2104,8 @@ int + main () + { + static int test_array [1 - 2 * !(($2) < 0)]; +-test_array [0] = 0 ++test_array [0] = 0; ++return test_array [0]; + + ; + return 0; +@@ -2088,7 +2121,8 @@ int + main () + { + static int test_array [1 - 2 * !(($2) >= $ac_mid)]; +-test_array [0] = 0 ++test_array [0] = 0; ++return test_array [0]; + + ; + return 0; +@@ -2122,7 +2156,8 @@ int + main () + { + static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +-test_array [0] = 0 ++test_array [0] = 0; ++return test_array [0]; + + ; + return 0; +@@ -2195,7 +2230,7 @@ This file contains any messages produced + running configure, to aid debugging if configure makes a mistake. + + It was created by fetchmail $as_me 6.3.26, which was +-generated by GNU Autoconf 2.68. Invocation command line was ++generated by GNU Autoconf 2.69. Invocation command line was + + $ $0 $@ + +@@ -2689,7 +2724,7 @@ case $as_dir/ in #(( + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. +@@ -2858,7 +2893,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_STRIP="${ac_tool_prefix}strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -2898,7 +2933,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_STRIP="strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -2949,7 +2984,7 @@ do + test -z "$as_dir" && as_dir=. + for ac_prog in mkdir gmkdir; do + for ac_exec_ext in '' $ac_executable_extensions; do +- { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue ++ as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue + case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( + 'mkdir (GNU coreutils) '* | \ + 'mkdir (coreutils) '* | \ +@@ -3002,7 +3037,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_AWK="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -3295,7 +3330,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PYTHON="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -3466,7 +3501,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_AWK="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -3512,7 +3547,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -3552,7 +3587,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -3605,7 +3640,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -3646,7 +3681,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue +@@ -3704,7 +3739,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -3748,7 +3783,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -4194,8 +4229,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ + /* end confdefs.h. */ + #include <stdarg.h> + #include <stdio.h> +-#include <sys/types.h> +-#include <sys/stat.h> ++struct stat; + /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ + struct buf { int x; }; + FILE * (*rcsopen) (struct buf *, struct stat *, int); +@@ -4751,7 +4785,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -4791,7 +4825,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -4859,7 +4893,7 @@ do + for ac_prog in grep ggrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" +- { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue ++ as_fn_executable_p "$ac_path_GREP" || continue + # Check for GNU ac_path_GREP and select it if it is found. + # Check for GNU $ac_path_GREP + case `"$ac_path_GREP" --version 2>&1` in +@@ -4925,7 +4959,7 @@ do + for ac_prog in egrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" +- { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue ++ as_fn_executable_p "$ac_path_EGREP" || continue + # Check for GNU ac_path_EGREP and select it if it is found. + # Check for GNU $ac_path_EGREP + case `"$ac_path_EGREP" --version 2>&1` in +@@ -5132,8 +5166,8 @@ else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + +-# define __EXTENSIONS__ 1 +- $ac_includes_default ++# define __EXTENSIONS__ 1 ++ $ac_includes_default + int + main () + { +@@ -5513,11 +5547,11 @@ else + int + main () + { +-/* FIXME: Include the comments suggested by Paul. */ ++ + #ifndef __cplusplus +- /* Ultrix mips cc rejects this. */ ++ /* Ultrix mips cc rejects this sort of thing. */ + typedef int charset[2]; +- const charset cs; ++ const charset cs = { 0, 0 }; + /* SunOS 4.1.1 cc rejects this. */ + char const *const *pcpcc; + char **ppc; +@@ -5534,8 +5568,9 @@ main () + ++pcpcc; + ppc = (char**) pcpcc; + pcpcc = (char const *const *) ppc; +- { /* SCO 3.2v4 cc rejects this. */ +- char *t; ++ { /* SCO 3.2v4 cc rejects this sort of thing. */ ++ char tx; ++ char *t = &tx; + char const *s = 0 ? (char *) 0 : (char const *) 0; + + *t++ = 0; +@@ -5551,10 +5586,10 @@ main () + iptr p = 0; + ++p; + } +- { /* AIX XL C 1.02.0.0 rejects this saying ++ { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying + "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ +- struct s { int j; const int *ap[3]; }; +- struct s *b; b->j = 5; ++ struct s { int j; const int *ap[3]; } bx; ++ struct s *b = &bx; b->j = 5; + } + { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ + const int foo = 10; +@@ -5600,7 +5635,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_LEX="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -5632,7 +5667,8 @@ a { ECHO; } + b { REJECT; } + c { yymore (); } + d { yyless (1); } +-e { yyless (input () != 0); } ++e { /* IRIX 6.5 flex 2.5.4 underquotes its yyless argument. */ ++ yyless ((input () != 0)); } + f { unput (yytext[0]); } + . { BEGIN INITIAL; } + %% +@@ -5792,7 +5828,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_YACC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -6044,7 +6080,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_GMSGFMT="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -8548,7 +8584,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_procmail="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -8590,7 +8626,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_sendmail="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -8632,7 +8668,7 @@ do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do +- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_maildrop="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 +@@ -10121,16 +10157,16 @@ $as_echo "$as_me: WARNING: Consider re-r + fi + + case "$LIBS" in *-lssl*) +- ac_fn_c_check_decl "$LINENO" "SSLv2_client_method" "ac_cv_have_decl_SSLv2_client_method" "#include <openssl/ssl.h> ++ ac_fn_c_check_decl "$LINENO" "SSLv3_client_method" "ac_cv_have_decl_SSLv3_client_method" "#include <openssl/ssl.h> + " +-if test "x$ac_cv_have_decl_SSLv2_client_method" = xyes; then : ++if test "x$ac_cv_have_decl_SSLv3_client_method" = xyes; then : + ac_have_decl=1 + else + ac_have_decl=0 + fi + + cat >>confdefs.h <<_ACEOF +-#define HAVE_DECL_SSLV2_CLIENT_METHOD $ac_have_decl ++#define HAVE_DECL_SSLV3_CLIENT_METHOD $ac_have_decl + _ACEOF + + ;; +@@ -11334,16 +11370,16 @@ if (echo >conf$$.file) 2>/dev/null; then + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. +- # In both cases, we have to default to `cp -p'. ++ # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || +- as_ln_s='cp -p' ++ as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else +- as_ln_s='cp -p' ++ as_ln_s='cp -pR' + fi + else +- as_ln_s='cp -p' ++ as_ln_s='cp -pR' + fi + rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file + rmdir conf$$.dir 2>/dev/null +@@ -11403,28 +11439,16 @@ else + as_mkdir_p=false + fi + +-if test -x / >/dev/null 2>&1; then +- as_test_x='test -x' +-else +- if ls -dL / >/dev/null 2>&1; then +- as_ls_L_option=L +- else +- as_ls_L_option= +- fi +- as_test_x=' +- eval sh -c '\'' +- if test -d "$1"; then +- test -d "$1/."; +- else +- case $1 in #( +- -*)set "./$1";; +- esac; +- case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( +- ???[sx]*):;;*)false;;esac;fi +- '\'' sh +- ' +-fi +-as_executable_p=$as_test_x ++ ++# as_fn_executable_p FILE ++# ----------------------- ++# Test if FILE is an executable regular file. ++as_fn_executable_p () ++{ ++ test -f "$1" && test -x "$1" ++} # as_fn_executable_p ++as_test_x='test -x' ++as_executable_p=as_fn_executable_p + + # Sed expression to map a string onto a valid CPP name. + as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" +@@ -11446,7 +11470,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri + # values after options handling. + ac_log=" + This file was extended by fetchmail $as_me 6.3.26, which was +-generated by GNU Autoconf 2.68. Invocation command line was ++generated by GNU Autoconf 2.69. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS +@@ -11512,10 +11536,10 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_writ + ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" + ac_cs_version="\\ + fetchmail config.status 6.3.26 +-configured by $0, generated by GNU Autoconf 2.68, ++configured by $0, generated by GNU Autoconf 2.69, + with options \\"\$ac_cs_config\\" + +-Copyright (C) 2010 Free Software Foundation, Inc. ++Copyright (C) 2012 Free Software Foundation, Inc. + This config.status script is free software; the Free Software Foundation + gives unlimited permission to copy, distribute and modify it." + +@@ -11606,7 +11630,7 @@ fi + _ACEOF + cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + if \$ac_cs_recheck; then +- set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion ++ set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' +--- fetchmail-6.3.26.orig/configure.ac ++++ fetchmail-6.3.26/configure.ac +@@ -802,7 +802,7 @@ else + fi + + case "$LIBS" in *-lssl*) +- AC_CHECK_DECLS([SSLv2_client_method],,,[#include <openssl/ssl.h>]) ++ AC_CHECK_DECLS([SSLv3_client_method],,,[#include <openssl/ssl.h>]) + ;; + esac + +--- fetchmail-6.3.26.orig/fetchmail-FAQ.html ++++ fetchmail-6.3.26/fetchmail-FAQ.html +@@ -667,8 +667,8 @@ because there is not currently a standar + also uses this method, so the two will interoperate happily. They + better, because this is how Craig gets his mail ;-)</p> + +-<p>Finally, you can use <a href="#K5">SSL</a> for complete +-end-to-end encryption if you have an SSL-enabled mailserver.</p> ++<p>Finally, you can use <a href="#K5">SSL or TLS</a> for complete ++end-to-end encryption if you have a TLS-enabled mailserver.</p> + + <h2><a id="G11" name="G11">G11. Is any special configuration needed + to use a dynamic IP address?</a></h2> +@@ -2120,7 +2120,7 @@ SSL?</a></h2> + + <p>You'll need to have the <a + href="http://www.openssl.org/">OpenSSL</a> libraries installed, and they +-should at least be version 0.9.7. ++should at least be version 0.9.8, with 1.0.1 preferred. + Configure with --with-ssl. If you have the OpenSSL libraries + installed in commonly-used default locations, this will + suffice. If you have them installed in a non-default location, +@@ -2130,7 +2130,7 @@ to --with-ssl after an equal sign.</p> + <p>Fetchmail binaries built this way support <code>ssl</code>, + <code>sslkey</code>, and <code>sslcert</code> options that control + SSL encryption, and will automatically use <code>tls</code> if the +-server offers it. You will need to have an SSL-enabled mailserver to ++server offers it. You will need to have an SSL/TLS-enabled mailserver to + use these options. See the manual page for details and some words + of care on the limited security provided.</p> + +@@ -2155,13 +2155,14 @@ poll MYSERVER port 993 plugin "openssl s + protocol imap username MYUSERNAME password MYPASSWORD + </pre> + +-<p>You should note that SSL is only secure against a "man-in-the-middle" +-attack if the client is able to verify that the peer's public key is the +-correct one, and has not been substituted by an attacker. fetchmail can do +-this in one of two ways: by verifying the SSL certificate, or by checking +-the fingerprint of the peer's public key.</p> ++<p>You should note that SSL or TLS are only secure against a ++"man-in-the-middle" attack if the client is able to verify that the ++peer's public key is the correct one, and has not been substituted by an ++attacker. fetchmail can do this in one of two ways: by verifying the SSL ++certificate, or by checking the fingerprint of the peer's public ++key.</p> + +-<p>There are three parts to SSL certificate verification: checking that the ++<p>There are three parts to TLS certificate verification: checking that the + domain name in the certificate matches the hostname you asked to connect to; + checking that the certificate expiry date has not passed; and checking that + the certificate has been signed by a known Certificate Authority (CA). This +@@ -2227,8 +2228,12 @@ will automatically attempt TLS negotiati + time. This can however cause problems if the upstream didn't configure + his certificates properly.</p> + +-<p>In order to prevent fetchmail from trying TLS (STLS, STARTTLS) +-negotiation, add this option:</p> ++<p>In order to prevent fetchmail 6.4.0 and newer versions from trying ++STLS or STARTTLS negotiation, add this option:</p> ++<pre>sslproto ''</pre> ++ ++<p>In order to prevent older fetchmail versions from trying TLS (STLS, STARTTLS) ++negotiation where the above does not work, try this option:</p> + + <pre>sslproto ssl23</pre> + +@@ -2876,15 +2881,22 @@ need to say something like '<code>envelo + + <pre> + Received: from send103.yahoomail.com (send103.yahoomail.com [205.180.60.92]) +- by iserv.ttns.net (8.8.5/8.8.5) with SMTP id RAA10088 +- for <ksturgeon@fbceg.org>; Wed, 9 Sep 1998 17:01:59 -0700 ++ by iserv.example.net (8.8.5/8.8.5) with SMTP id RAA10088 ++ for <ksturgeon@fbceg.example.org>; Wed, 9 Sep 1998 17:01:59 -0700 + </pre> + +-<p>it checks to see if 'iserv.ttns.net' is a DNS alias of your +-mailserver before accepting 'ksturgeon@fbceg.org' as an envelope ++<p>it checks to see if 'iserv.example.net' is a DNS alias of your ++mailserver before accepting 'ksturgeon@fbceg.example.org' as an envelope + address. This check might fail if your DNS were misconfigured, or +-if you were using 'no dns' and had failed to declare iserv.ttns.net +-as an alias of your server.</p> ++if you were using 'no dns' and had failed to declare iserv.example.net ++as an alias of your server. The typical hint is logging similar to: ++<code>line rejected, iserv.example.net is not an alias of the mailserver</code>, ++if you use fetchmail in verbose mode.</p> ++ ++<p><strong>Workaround:</strong> You can specify the alias explicitly, with <code>aka ++ <em>iserv.example.net</em></code> statements in the rcfile. Replace ++<em>iserv.example.net</em> by the name you find in <strong>your</strong> ++'by' part of the 'Received:' line.</p> + + <h2><a id="M8" name="M8">M8. Users are getting multiple copies of + messages.</a></h2> +@@ -3237,6 +3249,8 @@ Hayes mode escape "+++".</p> + <h2><a id="X8" name="X8">X8. A spurious ) is being appended to my + messages.</a></h2> + ++<p><em>Fetchmail 6.3.5 and newer releases are supposed to fix this.</em></p> ++ + <p>Due to the problem described in <a href="#S2">S2</a>, the + IMAP support in fetchmail cannot follow the IMAP protocol 100 %. + Most of the time it doesn't matter, but if you combine it with an +@@ -3279,8 +3293,6 @@ it at the end of the message it forwards + on, you'll get a message about actual != expected.</li> + </ol> + +-<p>There is no fix for this.</p> +- + <h2><a id="X9" name="X9">X9. Missing "Content-Transfer-Encoding" header + with Domino IMAP</a></h2> + +--- fetchmail-6.3.26.orig/fetchmail.c ++++ fetchmail-6.3.26/fetchmail.c +@@ -54,6 +54,10 @@ + #define ENETUNREACH 128 /* Interactive doesn't know this */ + #endif /* ENETUNREACH */ + ++#ifdef SSL_ENABLE ++#include <openssl/ssl.h> /* for OPENSSL_NO_SSL2 and ..._SSL3 checks */ ++#endif ++ + /* prototypes for internal functions */ + static int load_params(int, char **, int); + static void dump_params (struct runctl *runp, struct query *, flag implicit); +@@ -138,7 +142,7 @@ static void printcopyright(FILE *fp) { + "Copyright (C) 2004 Matthias Andree, Eric S. Raymond,\n" + " Robert M. Funk, Graham Wilson\n" + "Copyright (C) 2005 - 2012 Sunil Shetye\n" +- "Copyright (C) 2005 - 2013 Matthias Andree\n" ++ "Copyright (C) 2005 - 2015 Matthias Andree\n" + )); + fprintf(fp, GT_("Fetchmail comes with ABSOLUTELY NO WARRANTY. This is free software, and you\n" + "are welcome to redistribute it under certain conditions. For details,\n" +@@ -262,6 +266,9 @@ int main(int argc, char **argv) + #endif /* ODMR_ENABLE */ + #ifdef SSL_ENABLE + "+SSL" ++#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0) || defined(OPENSSL_NO_SSL3) ++ "-SSLv3" ++#endif + #endif + #ifdef OPIE_ENABLE + "+OPIE" +--- fetchmail-6.3.26.orig/fetchmail.h ++++ fetchmail-6.3.26/fetchmail.h +@@ -771,9 +771,9 @@ int servport(const char *service); + int fm_getaddrinfo(const char *node, const char *serv, const struct addrinfo *hints, struct addrinfo **res); + void fm_freeaddrinfo(struct addrinfo *ai); + +-/* prototypes from tls.c */ +-int maybe_tls(struct query *ctl); +-int must_tls(struct query *ctl); ++/* prototypes from starttls.c */ ++int maybe_starttls(struct query *ctl); ++int must_starttls(struct query *ctl); + + /* prototype from rfc822valid.c */ + int rfc822_valid_msgid(const unsigned char *); +--- fetchmail-6.3.26.orig/fetchmail.man ++++ fetchmail-6.3.26/fetchmail.man +@@ -412,23 +412,22 @@ from. The folder information is written + .B \-\-ssl + (Keyword: ssl) + .br +-Causes the connection to the mail server to be encrypted +-via SSL. Connect to the server using the specified base protocol over a +-connection secured by SSL. This option defeats opportunistic starttls +-negotiation. It is highly recommended to use \-\-sslproto 'SSL3' +-\-\-sslcertck to validate the certificates presented by the server and +-defeat the obsolete SSLv2 negotiation. More information is available in +-the \fIREADME.SSL\fP file that ships with fetchmail. +-.IP +-Note that fetchmail may still try to negotiate SSL through starttls even +-if this option is omitted. You can use the \-\-sslproto option to defeat +-this behavior or tell fetchmail to negotiate a particular SSL protocol. ++Causes the connection to the mail server to be encrypted via SSL, by ++negotiating SSL directly after connecting (SSL-wrapped mode). It is ++highly recommended to use \-\-sslcertck to validate the certificates ++presented by the server. Please see the description of \-\-sslproto ++below! More information is available in the \fIREADME.SSL\fP file that ++ships with fetchmail. ++.IP ++Note that even if this option is omitted, fetchmail may still negotiate ++SSL in-band for POP3 or IMAP, through the STLS or STARTTLS feature. You ++can use the \-\-sslproto option to modify that behavior. + .IP + If no port is specified, the connection is attempted to the well known + port of the SSL version of the base protocol. This is generally a + different port than the port used by the base protocol. For IMAP, this + is port 143 for the clear protocol and port 993 for the SSL secured +-protocol, for POP3, it is port 110 for the clear text and port 995 for ++protocol; for POP3, it is port 110 for the clear text and port 995 for + the encrypted variant. + .IP + If your system lacks the corresponding entries from /etc/services, see +@@ -470,39 +469,73 @@ cause some complications in daemon mode. + .IP + Also see \-\-sslcert above. + .TP +-.B \-\-sslproto <name> +-(Keyword: sslproto) ++.B \-\-sslproto <value> ++(Keyword: sslproto, NOTE: semantic changes since v6.4.0) + .br +-Forces an SSL/TLS protocol. Possible values are \fB''\fP, +-\&'\fBSSL2\fP' (not supported on all systems), +-\&'\fBSSL23\fP', (use of these two values is discouraged +-and should only be used as a last resort) \&'\fBSSL3\fP', and +-\&'\fBTLS1\fP'. The default behaviour if this option is unset is: for +-connections without \-\-ssl, use \&'\fBTLS1\fP' so that fetchmail will +-opportunistically try STARTTLS negotiation with TLS1. You can configure +-this option explicitly if the default handshake (TLS1 if \-\-ssl is not +-used) does not work for your server. +-.IP +-Use this option with '\fBTLS1\fP' value to enforce a STARTTLS +-connection. In this mode, it is highly recommended to also use +-\-\-sslcertck (see below). Note that this will then cause fetchmail +-v6.3.19 to force STARTTLS negotiation even if it is not advertised by +-the server. +-.IP +-To defeat opportunistic TLSv1 negotiation when the server advertises +-STARTTLS or STLS, and use a cleartext connection use \fB''\fP. This +-option, even if the argument is the empty string, will also suppress the +-diagnostic 'SERVER: opportunistic upgrade to TLS.' message in verbose +-mode. The default is to try appropriate protocols depending on context. ++This option has a dual use, out of historic fetchmail behaviour. It ++controls both the SSL/TLS protocol version and, if \-\-ssl is not ++specified, the STARTTLS behaviour (upgrading the protocol to an SSL or ++TLS connection in-band). Some other options may however make TLS ++mandatory. ++.PP ++Only if this option and \-\-ssl are both missing for a poll, there will ++be opportunistic TLS for POP3 and IMAP, where fetchmail will attempt to ++upgrade to TLSv1 or newer. ++.PP ++Recognized values for \-\-sslproto are given below. You should normally ++chose one of the auto-negotiating options, i. e. '\fBauto\fP' or one of ++the options ending in a plus (\fB+\fP) character. Note that depending ++on OpenSSL library version and configuration, some options cause ++run-time errors because the requested SSL or TLS versions are not ++supported by the particular installed OpenSSL library. ++.RS ++.IP "\fB''\fP, the empty string" ++Disable STARTTLS. If \-\-ssl is given for the same server, log an error ++and pretend that '\fBauto\fP' had been used instead. ++.IP '\fBauto\fP' ++(default). Since v6.4.0. Require TLS. Auto-negotiate TLSv1 or newer, disable SSLv3 downgrade. ++(fetchmail 6.3.26 and older have auto-negotiated all protocols that ++their OpenSSL library supported, including the broken SSLv3). ++.IP "\&'\fBSSL23\fP' ++see '\fBauto\fP'. ++.IP \&'\fBSSL3\fP' ++Require SSLv3 exactly. SSLv3 is broken, not supported on all systems, avoid it ++if possible. This will make fetchmail negotiate SSLv3 only, and is the ++only way besides '\fBSSL3+\fP' to have fetchmail 6.4.0 or newer permit SSLv3. ++.IP \&'\fBSSL3+\fP' ++same as '\fBauto\fP', but permit SSLv3 as well. This is the only way ++besides '\fBSSL3\fP' to have fetchmail 6.4.0 or newer permit SSLv3. ++.IP \&'\fBTLS1\fP' ++Require TLSv1. This does not negotiate TLSv1.1 or newer, and is ++discouraged. Replace by TLS1+ unless the latter chokes your server. ++.IP \&'\fBTLS1+\fP' ++Since v6.4.0. See 'fBauto\fP'. ++.IP \&'\fBTLS1.1\fP' ++Since v6.4.0. Require TLS v1.1 exactly. ++.IP \&'\fBTLS1.1+\fP' ++Since v6.4.0. Require TLS. Auto-negotiate TLSv1.1 or newer. ++.IP \&'\fBTLS1.2\fP' ++Since v6.4.0. Require TLS v1.2 exactly. ++.IP '\fBTLS1.2+\fP' ++Since v6.4.0. Require TLS. Auto-negotiate TLSv1.2 or newer. ++.IP "Unrecognized parameters" ++are treated the same as '\fBauto\fP'. ++.RE ++.IP ++NOTE: you should hardly ever need to use anything other than '' (to ++force an unencrypted connection) or 'auto' (to enforce TLS). + .TP + .B \-\-sslcertck + (Keyword: sslcertck) + .br +-Causes fetchmail to strictly check the server certificate against a set of +-local trusted certificates (see the \fBsslcertfile\fP and \fBsslcertpath\fP +-options). If the server certificate cannot be obtained or is not signed by one +-of the trusted ones (directly or indirectly), the SSL connection will fail, +-regardless of the \fBsslfingerprint\fP option. ++Causes fetchmail to require that SSL/TLS be used and disconnect if it ++can not successfully negotiate SSL or TLS, or if it cannot successfully ++verify and validate the certificate and follow it to a trust anchor (or ++trusted root certificate). The trust anchors are given as a set of local ++trusted certificates (see the \fBsslcertfile\fP and \fBsslcertpath\fP ++options). If the server certificate cannot be obtained or is not signed ++by one of the trusted ones (directly or indirectly), fetchmail will ++disconnect, regardless of the \fBsslfingerprint\fP option. + .IP + Note that CRL (certificate revocation lists) are only supported in + OpenSSL 0.9.7 and newer! Your system clock should also be reasonably +@@ -1202,31 +1235,33 @@ capability response. Specify a user opti + username and the part to the right as the NTLM domain. + + .SS Secure Socket Layers (SSL) and Transport Layer Security (TLS) ++.PP All retrieval protocols can use SSL or TLS wrapping for the ++transport. Additionally, POP3 and IMAP retrival can also negotiate ++SSL/TLS by means of STARTTLS (or STLS). + .PP + Note that fetchmail currently uses the OpenSSL library, which is + severely underdocumented, so failures may occur just because the + programmers are not aware of OpenSSL's requirement of the day. + For instance, since v6.3.16, fetchmail calls + OpenSSL_add_all_algorithms(), which is necessary to support certificates +-using SHA256 on OpenSSL 0.9.8 -- this information is deeply hidden in the +-documentation and not at all obvious. Please do not hesitate to report +-subtle SSL failures. +-.PP +-You can access SSL encrypted services by specifying the \-\-ssl option. +-You can also do this using the "ssl" user option in the .fetchmailrc +-file. With SSL encryption enabled, queries are initiated over a +-connection after negotiating an SSL session, and the connection fails if +-SSL cannot be negotiated. Some services, such as POP3 and IMAP, have ++using SHA256 on OpenSSL 0.9.8 -- this information is deeply hidden in ++the documentation and not at all obvious. Please do not hesitate to ++report subtle SSL failures. ++.PP ++You can access SSL encrypted services by specifying the options starting ++with \-\-ssl, such as \-\-ssl, \-\-sslproto, \-\-sslcertck, and others. ++You can also do this using the corresponding user options in the .fetchmailrc ++file. Some services, such as POP3 and IMAP, have + different well known ports defined for the SSL encrypted services. The + encrypted ports will be selected automatically when SSL is enabled and +-no explicit port is specified. The \-\-sslproto 'SSL3' option should be +-used to select the SSLv3 protocol (default if unset: v2 or v3). Also, +-the \-\-sslcertck command line or sslcertck run control file option +-should be used to force strict certificate checking - see below. ++no explicit port is specified. Also, the \-\-sslcertck command line or ++sslcertck run control file option should be used to force strict ++certificate checking - see below. + .PP + If SSL is not configured, fetchmail will usually opportunistically try to use +-STARTTLS. STARTTLS can be enforced by using \-\-sslproto "TLS1". TLS +-connections use the same port as the unencrypted version of the ++STARTTLS. STARTTLS can be enforced by using \-\-sslproto\~auto and ++defeated by using \-\-sslproto\~''. ++TLS connections use the same port as the unencrypted version of the + protocol and negotiate TLS via special command. The \-\-sslcertck + command line or sslcertck run control file option should be used to + force strict certificate checking - see below. +--- fetchmail-6.3.26.orig/imap.c ++++ fetchmail-6.3.26/imap.c +@@ -405,6 +405,8 @@ static int imap_getauth(int sock, struct + /* apply for connection authorization */ + { + int ok = 0; ++ char *commonname; ++ + (void)greeting; + + /* +@@ -429,25 +431,21 @@ static int imap_getauth(int sock, struct + return(PS_SUCCESS); + } + +-#ifdef SSL_ENABLE +- if (maybe_tls(ctl)) { +- char *commonname; +- +- commonname = ctl->server.pollname; +- if (ctl->server.via) +- commonname = ctl->server.via; +- if (ctl->sslcommonname) +- commonname = ctl->sslcommonname; ++ commonname = ctl->server.pollname; ++ if (ctl->server.via) ++ commonname = ctl->server.via; ++ if (ctl->sslcommonname) ++ commonname = ctl->sslcommonname; + +- if (strstr(capabilities, "STARTTLS") +- || must_tls(ctl)) /* if TLS is mandatory, ignore capabilities */ ++#ifdef SSL_ENABLE ++ if (maybe_starttls(ctl)) { ++ if ((strstr(capabilities, "STARTTLS") && maybe_starttls(ctl)) ++ || must_starttls(ctl)) /* if TLS is mandatory, ignore capabilities */ + { +- /* Use "tls1" rather than ctl->sslproto because tls1 is the only +- * protocol that will work with STARTTLS. Don't need to worry +- * whether TLS is mandatory or opportunistic unless SSLOpen() fails +- * (see below). */ ++ /* Don't need to worry whether TLS is mandatory or ++ * opportunistic unless SSLOpen() fails (see below). */ + if (gen_transact(sock, "STARTTLS") == PS_SUCCESS +- && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, "tls1", ctl->sslcertck, ++ && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, ctl->sslproto, ctl->sslcertck, + ctl->sslcertfile, ctl->sslcertpath, ctl->sslfingerprint, commonname, + ctl->server.pollname, &ctl->remotename)) != -1) + { +@@ -470,7 +468,7 @@ static int imap_getauth(int sock, struct + { + report(stdout, GT_("%s: upgrade to TLS succeeded.\n"), commonname); + } +- } else if (must_tls(ctl)) { ++ } else if (must_starttls(ctl)) { + /* Config required TLS but we couldn't guarantee it, so we must + * stop. */ + set_timeout(0); +@@ -492,6 +490,10 @@ static int imap_getauth(int sock, struct + /* Usable. Proceed with authenticating insecurely. */ + } + } ++ } else { ++ if (strstr(capabilities, "STARTTLS") && outlevel >= O_VERBOSE) { ++ report(stdout, GT_("%s: WARNING: server offered STARTTLS but sslproto '' given.\n"), commonname); ++ } + } + #endif /* SSL_ENABLE */ + +--- fetchmail-6.3.26.orig/po/Makevars ++++ fetchmail-6.3.26/po/Makevars +@@ -46,3 +46,15 @@ MSGID_BUGS_ADDRESS = fetchmail-devel@lis + # This is the list of locale categories, beyond LC_MESSAGES, for which the + # message catalogs shall be used. It is usually empty. + EXTRA_LOCALE_CATEGORIES = ++ ++# This tells whether the $(DOMAIN).pot file contains messages with an 'msgctxt' ++# context. Possible values are "yes" and "no". Set this to yes if the ++# package uses functions taking also a message context, like pgettext(), or ++# if in $(XGETTEXT_OPTIONS) you define keywords with a context argument. ++USE_MSGCTXT = no ++ ++# These options get passed to msgmerge. ++# Useful options are in particular: ++# --previous to keep previous msgids of translated messages, ++# --quiet to reduce the verbosity. ++MSGMERGE_OPTIONS = +--- fetchmail-6.3.26.orig/pop3.c ++++ fetchmail-6.3.26/pop3.c +@@ -281,6 +281,7 @@ static int pop3_getauth(int sock, struct + #endif /* OPIE_ENABLE */ + #ifdef SSL_ENABLE + flag connection_may_have_tls_errors = FALSE; ++ char *commonname; + #endif /* SSL_ENABLE */ + + done_capa = FALSE; +@@ -393,7 +394,7 @@ static int pop3_getauth(int sock, struct + (ctl->server.authenticate == A_KERBEROS_V5) || + (ctl->server.authenticate == A_OTP) || + (ctl->server.authenticate == A_CRAM_MD5) || +- maybe_tls(ctl)) ++ maybe_starttls(ctl)) + { + if ((ok = capa_probe(sock)) != PS_SUCCESS) + /* we are in STAGE_GETAUTH => failure is PS_AUTHFAIL! */ +@@ -406,12 +407,12 @@ static int pop3_getauth(int sock, struct + (ok == PS_SOCKET && !ctl->wehaveauthed)) + { + #ifdef SSL_ENABLE +- if (must_tls(ctl)) { ++ if (must_starttls(ctl)) { + /* fail with mandatory STLS without repoll */ + report(stderr, GT_("TLS is mandatory for this session, but server refused CAPA command.\n")); + report(stderr, GT_("The CAPA command is however necessary for TLS.\n")); + return ok; +- } else if (maybe_tls(ctl)) { ++ } else if (maybe_starttls(ctl)) { + /* defeat opportunistic STLS */ + xfree(ctl->sslproto); + ctl->sslproto = xstrdup(""); +@@ -431,24 +432,19 @@ static int pop3_getauth(int sock, struct + } + + #ifdef SSL_ENABLE +- if (maybe_tls(ctl)) { +- char *commonname; ++ commonname = ctl->server.pollname; ++ if (ctl->server.via) ++ commonname = ctl->server.via; ++ if (ctl->sslcommonname) ++ commonname = ctl->sslcommonname; + +- commonname = ctl->server.pollname; +- if (ctl->server.via) +- commonname = ctl->server.via; +- if (ctl->sslcommonname) +- commonname = ctl->sslcommonname; +- +- if (has_stls +- || must_tls(ctl)) /* if TLS is mandatory, ignore capabilities */ ++ if (maybe_starttls(ctl)) { ++ if (has_stls || must_starttls(ctl)) /* if TLS is mandatory, ignore capabilities */ + { +- /* Use "tls1" rather than ctl->sslproto because tls1 is the only +- * protocol that will work with STARTTLS. Don't need to worry +- * whether TLS is mandatory or opportunistic unless SSLOpen() fails +- * (see below). */ ++ /* Don't need to worry whether TLS is mandatory or ++ * opportunistic unless SSLOpen() fails (see below). */ + if (gen_transact(sock, "STLS") == PS_SUCCESS +- && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, "tls1", ctl->sslcertck, ++ && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, ctl->sslproto, ctl->sslcertck, + ctl->sslcertfile, ctl->sslcertpath, ctl->sslfingerprint, commonname, + ctl->server.pollname, &ctl->remotename)) != -1) + { +@@ -475,7 +471,7 @@ static int pop3_getauth(int sock, struct + { + report(stdout, GT_("%s: upgrade to TLS succeeded.\n"), commonname); + } +- } else if (must_tls(ctl)) { ++ } else if (must_starttls(ctl)) { + /* Config required TLS but we couldn't guarantee it, so we must + * stop. */ + set_timeout(0); +@@ -495,7 +491,11 @@ static int pop3_getauth(int sock, struct + } + } + } +- } /* maybe_tls() */ ++ } else { /* maybe_starttls() */ ++ if (has_stls && outlevel >= O_VERBOSE) { ++ report(stdout, GT_("%s: WARNING: server offered STLS, but sslproto '' given.\n"), commonname); ++ } ++ } /* maybe_starttls() */ + #endif /* SSL_ENABLE */ + + /* +--- fetchmail-6.3.26.orig/socket.c ++++ fetchmail-6.3.26/socket.c +@@ -876,7 +876,9 @@ int SSLOpen(int sock, char *mycert, char + { + struct stat randstat; + int i; ++ int avoid_ssl_versions = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; + long sslopts = SSL_OP_ALL; ++ int ssle_connect = 0; + + SSL_load_error_strings(); + SSL_library_init(); +@@ -906,25 +908,57 @@ int SSLOpen(int sock, char *mycert, char + /* Make sure a connection referring to an older context is not left */ + _ssl_context[sock] = NULL; + if(myproto) { +- if(!strcasecmp("ssl2",myproto)) { +-#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0 +- _ctx[sock] = SSL_CTX_new(SSLv2_client_method()); ++ if(!strcasecmp("ssl3",myproto)) { ++#if (HAVE_DECL_SSLV3_CLIENT_METHOD > 0) && (0 == OPENSSL_NO_SSL3 + 0) ++ _ctx[sock] = SSL_CTX_new(SSLv3_client_method()); ++ avoid_ssl_versions &= ~SSL_OP_NO_SSLv3; + #else +- report(stderr, GT_("Your operating system does not support SSLv2.\n")); ++ report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n")); + return -1; + #endif +- } else if(!strcasecmp("ssl3",myproto)) { +- _ctx[sock] = SSL_CTX_new(SSLv3_client_method()); ++ } else if(!strcasecmp("ssl3+",myproto)) { ++ avoid_ssl_versions &= ~SSL_OP_NO_SSLv3; ++ myproto = NULL; + } else if(!strcasecmp("tls1",myproto)) { + _ctx[sock] = SSL_CTX_new(TLSv1_client_method()); +- } else if (!strcasecmp("ssl23",myproto)) { ++ } else if(!strcasecmp("tls1+",myproto)) { ++ myproto = NULL; ++#if defined(TLS1_1_VERSION) && TLS_MAX_VERSION >= TLS1_1_VERSION ++ } else if(!strcasecmp("tls1.1",myproto)) { ++ _ctx[sock] = SSL_CTX_new(TLSv1_1_client_method()); ++ } else if(!strcasecmp("tls1.1+",myproto)) { ++ myproto = NULL; ++ avoid_ssl_versions |= SSL_OP_NO_TLSv1; ++#else ++ } else if(!strcasecmp("tls1.1",myproto) || !strcasecmp("tls1.1+", myproto)) { ++ report(stderr, GT_("Your OpenSSL version does not support TLS v1.1.\n")); ++ return -1; ++#endif ++#if defined(TLS1_2_VERSION) && TLS_MAX_VERSION >= TLS1_2_VERSION ++ } else if(!strcasecmp("tls1.2",myproto)) { ++ _ctx[sock] = SSL_CTX_new(TLSv1_2_client_method()); ++ } else if(!strcasecmp("tls1.2+",myproto)) { ++ myproto = NULL; ++ avoid_ssl_versions |= SSL_OP_NO_TLSv1; ++ avoid_ssl_versions |= SSL_OP_NO_TLSv1_1; ++#else ++ } else if(!strcasecmp("tls1.2",myproto) || !strcasecmp("tls1.2+", myproto)) { ++ report(stderr, GT_("Your OpenSSL version does not support TLS v1.2.\n")); ++ return -1; ++#endif ++ } else if (!strcasecmp("ssl23",myproto) || 0 == strcasecmp("auto",myproto)) { + myproto = NULL; + } else { +- report(stderr,GT_("Invalid SSL protocol '%s' specified, using default (SSLv23).\n"), myproto); ++ report(stderr,GT_("Invalid SSL protocol '%s' specified, using default autoselect (SSL23).\n"), myproto); + myproto = NULL; + } + } +- if(!myproto) { ++ // do not combine into an else { } as myproto may be nulled ++ // above! ++ if (!myproto) { ++ // SSLv23 is a misnomer and will in fact use the best ++ // available protocol, subject to SSL_OP_NO* ++ // constraints. + _ctx[sock] = SSL_CTX_new(SSLv23_client_method()); + } + if(_ctx[sock] == NULL) { +@@ -938,7 +972,7 @@ int SSLOpen(int sock, char *mycert, char + sslopts &= ~ SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; + } + +- SSL_CTX_set_options(_ctx[sock], sslopts); ++ SSL_CTX_set_options(_ctx[sock], sslopts | avoid_ssl_versions); + + if (certck) { + SSL_CTX_set_verify(_ctx[sock], SSL_VERIFY_PEER, SSL_ck_verify_callback); +@@ -1008,8 +1042,18 @@ int SSLOpen(int sock, char *mycert, char + } + + if (SSL_set_fd(_ssl_context[sock], sock) == 0 +- || SSL_connect(_ssl_context[sock]) < 1) { ++ || (ssle_connect = SSL_connect(_ssl_context[sock])) < 1) { ++ int e = errno; ++ unsigned long ssle_err_from_queue = ERR_peek_error(); ++ unsigned long ssle_err_from_get_error = SSL_get_error(_ssl_context[sock], ssle_connect); + ERR_print_errors_fp(stderr); ++ if (SSL_ERROR_SYSCALL == ssle_err_from_get_error && 0 == ssle_err_from_queue) { ++ if (0 == ssle_connect) { ++ report(stderr, GT_("Server shut down connection prematurely during SSL_connect().\n")); ++ } else if (ssle_connect < 0) { ++ report(stderr, GT_("System error during SSL_connect(): %s\n"), strerror(e)); ++ } ++ } + SSL_free( _ssl_context[sock] ); + _ssl_context[sock] = NULL; + SSL_CTX_free(_ctx[sock]); +@@ -1017,6 +1061,24 @@ int SSLOpen(int sock, char *mycert, char + return(-1); + } + ++ if (outlevel >= O_VERBOSE) { ++ SSL_CIPHER const *sc; ++ int bitsmax, bitsused; ++ ++ const char *ver; ++ ++ ver = SSL_get_version(_ssl_context[sock]); ++ ++ sc = SSL_get_current_cipher(_ssl_context[sock]); ++ if (!sc) { ++ report (stderr, GT_("Cannot obtain current SSL/TLS cipher - no session established?\n")); ++ } else { ++ bitsused = SSL_CIPHER_get_bits(sc, &bitsmax); ++ report(stdout, GT_("SSL/TLS: using protocol %s, cipher %s, %d/%d secret/processed bits\n"), ++ ver, SSL_CIPHER_get_name(sc), bitsused, bitsmax); ++ } ++ } ++ + /* Paranoia: was the callback not called as we expected? */ + if (!_depth0ck) { + report(stderr, GT_("Certificate/fingerprint verification was somehow skipped!\n")); +--- /dev/null ++++ fetchmail-6.3.26/starttls.c +@@ -0,0 +1,37 @@ ++/** \file tls.c - collect common TLS functionality ++ * \author Matthias Andree ++ * \date 2006 ++ */ ++ ++#include "fetchmail.h" ++ ++#include <string.h> ++ ++#ifdef HAVE_STRINGS_H ++#include <strings.h> ++#endif ++ ++/** return true if user allowed opportunistic STARTTLS/STLS */ ++int maybe_starttls(struct query *ctl) { ++#ifdef SSL_ENABLE ++ /* opportunistic or forced TLS */ ++ return (!ctl->sslproto || strlen(ctl->sslproto)) ++ && !ctl->use_ssl; ++#else ++ (void)ctl; ++ return 0; ++#endif ++} ++ ++/** return true if user requires STARTTLS/STLS, note though that this ++ * code must always use a logical AND with maybe_tls(). */ ++int must_starttls(struct query *ctl) { ++#ifdef SSL_ENABLE ++ return maybe_starttls(ctl) ++ && (ctl->sslfingerprint || ctl->sslcertck ++ || (ctl->sslproto && !strcasecmp(ctl->sslproto, "tls1"))); ++#else ++ (void)ctl; ++ return 0; ++#endif ++} diff --git a/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail_6.3.26.bb b/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail_6.3.26.bb index 1d78288c8..5af5d0df6 100644 --- a/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail_6.3.26.bb +++ b/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail_6.3.26.bb @@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fbb509e0303f5ded1cbfc0cc8705f28c" DEPENDS = "openssl" -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz" +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz \ + file://02_remove_SSLv3.patch \ + " SRC_URI[md5sum] = "61b66faad044afa26e142bb1791aa2b3" SRC_URI[sha256sum] = "79b4c54cdbaf02c1a9a691d9948fcb1a77a1591a813e904283a8b614b757e850" diff --git a/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.50.bb b/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb index 95147bdad..ed5c3a979 100644 --- a/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.50.bb +++ b/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb @@ -7,10 +7,10 @@ DESCRIPTION = "perl library for country/city/organization to IP address or hostn HOMEPAGE = "http://www.maxmind.com/app/ip-location" SECTION = "libdevel" LICENSE = "Artistic-1.0 | GPL-1.0+" -LIC_FILES_CHKSUM = "file://LICENSE;md5=b7a36f55e8ba62aadd74e4f0886a405e" +LIC_FILES_CHKSUM = "file://LICENSE;md5=e4f3ea6e9b28af88dc0321190a1f8250" S = "${WORKDIR}/git" -SRCREV = "47f7d49bd15cfc2e5f8c0f5c4068dc8bb0e10e96" +SRCREV = "4cdfdc38eca237c19c22a8b90490446ce6d970fa" SRC_URI = "git://github.com/maxmind/geoip-api-perl.git;protocol=https; \ file://run-ptest \ " diff --git a/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.11.bb b/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb index 3527d0cba..4271c2e15 100644 --- a/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.11.bb +++ b/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb @@ -8,26 +8,28 @@ using reverse DNS lookups." HOMEPAGE = "http://dev.maxmind.com/geoip/" SECTION = "libdevel" +GEOIP_DATABASE_VERSION = "20181205" + SRC_URI = "git://github.com/maxmind/geoip-api-c.git \ - http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz;apply=no;name=GeoIP-dat \ - http://geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz;apply=no;name=GeoIPv6-dat \ - http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz;apply=no;name=GeoLiteCity-dat \ - http://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz;apply=no;name=GeoLiteCityv6-dat \ + http://sources.openembedded.org/GeoIP.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoIP-dat; \ + http://sources.openembedded.org/GeoIPv6.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoIPv6-dat; \ + http://sources.openembedded.org/GeoLiteCity.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoLiteCity-dat; \ + http://sources.openembedded.org/GeoLiteCityv6.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoLiteCityv6-dat; \ file://run-ptest \ " -SRCREV = "3169a8a88808c8df862e0b0355f99c738cce9f7e" +SRCREV = "4b526e7331ca1d692b74a0509ddcc725622ed31a" -SRC_URI[GeoIP-dat.md5sum] = "37c84ead332dda0362a5ac7b049b72d4" -SRC_URI[GeoIP-dat.sha256sum] = "79ff1099e96c2dc1c2539c9a18aaa13a9afd085cae477df60d95f1644d42bc07" +SRC_URI[GeoIP-dat.md5sum] = "d538e57ad9268fdc7955c6cf9a37c4a9" +SRC_URI[GeoIP-dat.sha256sum] = "b9c05eb8bfcf90a6ddfdc6815caf40a8db2710f0ce3dd48fbd6c24d485ae0449" -SRC_URI[GeoIPv6-dat.md5sum] = "e75b84a4044e81d6d4484e33816bc762" -SRC_URI[GeoIPv6-dat.sha256sum] = "a009b0f21968d2868e6dd19d14f3c3b8cd60ae84a4bfc2970df34d771a04811e" +SRC_URI[GeoIPv6-dat.md5sum] = "52d6aa0aac1adbfa5eb7fa4742197c11" +SRC_URI[GeoIPv6.sha256sum] = "416ac92fcc35a21d5efbb32e5c88e609c37aec1aa1af6247d088b8da1af6e9bf" -SRC_URI[GeoLiteCity-dat.md5sum] = "4b6588d0bfe1af22e267ac90aa97f769" -SRC_URI[GeoLiteCity-dat.sha256sum] = "8a6467033a528f68b1a97de24d9d0ce86c8e8e83683820e16e433ddbd3f712f7" +SRC_URI[GeoLiteCity-dat.md5sum] = "d700c137232f8e077ac8db8577f699d9" +SRC_URI[GeoLiteCity-dat.sha256sum] = "90db2e52195e3d1bcdb2c2789209006d09de5c742812dbd9a1b36c12675ec4cd" -SRC_URI[GeoLiteCityv6-dat.md5sum] = "ad0cb42518af7f752499425dca0952bb" -SRC_URI[GeoLiteCityv6-dat.sha256sum] = "eda67f4204ba9fa5204a53cdb629167cca9394c712f5378bc723a8c29c0b440f" +SRC_URI[GeoLiteCityv6-dat.md5sum] = "6734ccdc644fc0ba76eb276dce73d005" +SRC_URI[GeoLiteCityv6-dat.sha256sum] = "c95a9d2643b7f53d7abeed2114388870e13fbbad4653f450a49efa7e4b86aca4" LICENSE = "LGPL-2.1" @@ -44,10 +46,10 @@ EXTRA_OECONF = "--disable-static \ do_install() { make DESTDIR=${D} install install -d ${D}/${datadir}/GeoIP - install ${WORKDIR}/GeoIP.dat ${D}/${datadir}/GeoIP/ - install ${WORKDIR}/GeoIPv6.dat ${D}/${datadir}/GeoIP/ - install ${WORKDIR}/GeoLiteCity.dat ${D}/${datadir}/GeoIP/ - install ${WORKDIR}/GeoLiteCityv6.dat ${D}/${datadir}/GeoIP/ + install ${WORKDIR}/GeoIP.dat.${GEOIP_DATABASE_VERSION} ${D}/${datadir}/GeoIP/GeoIP.dat + install ${WORKDIR}/GeoIPv6.dat.${GEOIP_DATABASE_VERSION} ${D}/${datadir}/GeoIP/GeoIPv6.dat + install ${WORKDIR}/GeoLiteCity.dat.${GEOIP_DATABASE_VERSION} ${D}/${datadir}/GeoIP/GeoLiteCity.dat + install ${WORKDIR}/GeoLiteCityv6.dat.${GEOIP_DATABASE_VERSION} ${D}/${datadir}/GeoIP/GeoLiteCityv6.dat ln -s GeoLiteCity.dat ${D}${datadir}/GeoIP/GeoIPCity.dat } diff --git a/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Make-environment-variables-assignments-to-be-weak.patch b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Make-environment-variables-assignments-to-be-weak.patch new file mode 100644 index 000000000..0ee44c162 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Make-environment-variables-assignments-to-be-weak.patch @@ -0,0 +1,31 @@ +From 04603f52d793f964653e6a985944400fe4fa87ee Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 13 Jun 2018 17:50:20 -0700 +Subject: [PATCH] Make environment variables assignments to be weak + +So that OE can override them for cross builds + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + Makefile | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/Makefile b/Makefile +index 1c80c09..884126c 100644 +--- a/Makefile ++++ b/Makefile +@@ -2,11 +2,11 @@ prefix = $(DESTDIR)/usr + bindir = ${prefix}/bin + mandir = ${prefix}/share/man + +-CC = gcc ++CC ?= gcc + CFLAGS += -Wall -std=c99 -pedantic -O2 + +-INSTALL = /usr/bin/install -c +-STRIP = /usr/bin/strip -s ++INSTALL ?= /usr/bin/install -c ++STRIP ?= /usr/bin/strip -s + + all: htpdate + diff --git a/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Replace-ntp_adjtime-with-adjtimex.patch b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Replace-ntp_adjtime-with-adjtimex.patch new file mode 100644 index 000000000..cca8c6c36 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Replace-ntp_adjtime-with-adjtimex.patch @@ -0,0 +1,40 @@ +From 75646a2d2df14fdbc4a01e222a779afac94861d1 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Thu, 14 Jun 2018 20:11:08 -0700 +Subject: [PATCH] Replace ntp_adjtime with adjtimex. + +ntp_adjtime in glibc is an alias to adjtimex and +musl does not provide ntp_adjtime at all + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Pending + + htpdate.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/htpdate.c b/htpdate.c +index 4171efe..ff0bf8d 100644 +--- a/htpdate.c ++++ b/htpdate.c +@@ -391,7 +391,7 @@ static int htpdate_adjtimex( double drift ) { + + /* Read current kernel frequency */ + tmx.modes = 0; +- ntp_adjtime(&tmx); ++ adjtimex(&tmx); + + /* Calculate new frequency */ + freq = (long)(65536e6 * drift); +@@ -406,7 +406,7 @@ static int htpdate_adjtimex( double drift ) { + + /* Become root */ + swuid(0); +- return( ntp_adjtime(&tmx) ); ++ return( adjtimex(&tmx) ); + + } + +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate_1.2.0.bb b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate_1.2.0.bb new file mode 100644 index 000000000..eb6787846 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate_1.2.0.bb @@ -0,0 +1,39 @@ +# Copyright (C) 2018 Khem Raj <raj.khem@gmail.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +SUMMARY = "HTTP based time synchronization tool" + +DESCRIPTION = "The HTTP Time Protocol (HTP) is used to synchronize a computer's time with\ + web servers as reference time source. This program can be used instead\ + ntpdate or similar, in networks that has a firewall blocking the NTP port.\ + Htpdate will synchronize the computer time to Greenwich Mean Time (GMT),\ + using the timestamps from HTTP headers found in web servers response (the\ + HEAD method will be used to get the information).\ + Htpdate works through proxy servers. Accuracy of htpdate will be usually\ + within 0.5 seconds (better with multiple servers).\ +" + +HOMEPAGE = "http://www.vervest.org/htp/" + +LICENSE = "GPL-2.0+" +LIC_FILES_CHKSUM = "file://htpdate.c;beginline=26;endline=30;md5=d7018a4d2c5a6eab392709a05e5e168a" + +SRC_URI = "http://www.vervest.org/htp/archive/c/htpdate-${PV}.tar.xz \ + file://0001-Make-environment-variables-assignments-to-be-weak.patch \ + file://0001-Replace-ntp_adjtime-with-adjtimex.patch \ + " +SRC_URI[md5sum] = "9d5ca69be06edf5d535b52b5f790da4e" +SRC_URI[sha256sum] = "22b2cf3ec45b0eedecddd3ad2a3d754ac57942ae7dcbac410d254935f0bdbc03" + +do_configure () { + : +} + +do_compile () { + oe_runmake +} + +do_install () { + oe_runmake install 'INSTALL=install' 'STRIP=echo' 'DESTDIR=${D}' +} + diff --git a/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb b/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb index ea28b34aa..125b59e76 100644 --- a/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb +++ b/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb @@ -5,9 +5,11 @@ SECTION = "net" LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://debian/copyright;md5=acc89812938cf9ad6b1debc37cea0253" +inherit manpages +MAN_PKG = "${PN}" SRCREV = "42bfbb9beb924672ca86b86e9679ac3d6b87d992" -SRC_URI = "git://anonscm.debian.org/collab-maint/ifenslave.git" +SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https" S = "${WORKDIR}/git" @@ -23,5 +25,3 @@ do_install() { FILES_${PN}-doc_remove = "${mandir}" FILES_${PN} += "${mandir}/man8/ifenslave.8" - -RDEPENDS_${PN} = "man" diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch new file mode 100644 index 000000000..11a910393 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch @@ -0,0 +1,86 @@ +From 282d492e4cab7b4d9c7321f4c0c55b615948e280 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 11 May 2018 14:09:17 -0700 +Subject: [PATCH] Disable gcc8 specific warnings + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/libipsec/ipsec_dump_policy.c | 5 +++++ + src/libipsec/pfkey_dump.c | 5 +++++ + src/racoon/isakmp.c | 11 ++++++++++- + 3 files changed, 20 insertions(+), 1 deletion(-) + +diff --git a/src/libipsec/ipsec_dump_policy.c b/src/libipsec/ipsec_dump_policy.c +index 4d0eb77..c3fc842 100644 +--- a/src/libipsec/ipsec_dump_policy.c ++++ b/src/libipsec/ipsec_dump_policy.c +@@ -275,6 +275,10 @@ ipsec_dump_policy1(policy, delimiter, withports) + return buf; + } + ++#pragma GCC diagnostic push ++#if defined(__GNUC__) && (__GNUC__ >= 8) ++#pragma GCC diagnostic ignored "-Wformat-truncation" ++#endif + static char * + ipsec_dump_ipsecrequest(buf, len, xisr, bound, withports) + char *buf; +@@ -419,3 +423,4 @@ set_address(buf, len, sa, withports) + + return buf; + } ++#pragma GCC diagnostic pop +diff --git a/src/libipsec/pfkey_dump.c b/src/libipsec/pfkey_dump.c +index 4627ebc..451e535 100644 +--- a/src/libipsec/pfkey_dump.c ++++ b/src/libipsec/pfkey_dump.c +@@ -691,6 +691,10 @@ str_ipport(sa) + /* + * set "/prefix[port number]" to buffer. + */ ++#pragma GCC diagnostic push ++#if defined(__GNUC__) && (__GNUC__ >= 8) ++#pragma GCC diagnostic ignored "-Wformat-truncation" ++#endif + static char * + str_prefport(family, pref, port, ulp) + u_int family, pref, port, ulp; +@@ -735,6 +739,7 @@ str_prefport(family, pref, port, ulp) + + return buf; + } ++#pragma GCC diagnostic pop + + static void + str_upperspec(ulp, p1, p2) +diff --git a/src/racoon/isakmp.c b/src/racoon/isakmp.c +index 7ff53a3..4addf24 100644 +--- a/src/racoon/isakmp.c ++++ b/src/racoon/isakmp.c +@@ -3124,7 +3124,12 @@ script_hook(iph1, script) + #endif + + /* local address */ ++#pragma GCC diagnostic push ++#if defined(__GNUC__) && (__GNUC__ >= 8) ++#pragma GCC diagnostic ignored "-Wstringop-truncation" ++#endif + GETNAMEINFO(iph1->local, addrstr, portstr); ++#pragma GCC diagnostic pop + + if (script_env_append(&envp, &envc, "LOCAL_ADDR", addrstr) != 0) { + plog(LLV_ERROR, LOCATION, NULL, "Cannot set LOCAL_ADDR\n"); +@@ -3138,8 +3143,12 @@ script_hook(iph1, script) + + /* Peer address */ + if (iph1->remote != NULL) { ++#pragma GCC diagnostic push ++#if defined(__GNUC__) && (__GNUC__ >= 8) ++#pragma GCC diagnostic ignored "-Wstringop-truncation" ++#endif + GETNAMEINFO(iph1->remote, addrstr, portstr); +- ++#pragma GCC diagnostic pop + if (script_env_append(&envp, &envc, + "REMOTE_ADDR", addrstr) != 0) { + plog(LLV_ERROR, LOCATION, NULL, diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch new file mode 100644 index 000000000..228274436 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch @@ -0,0 +1,1086 @@ +From b572350a922187d43dd4629c3b43e19979fae3ef Mon Sep 17 00:00:00 2001 +From: Eneas U de Queiroz <cote2004-github@yahoo.com> +Date: Tue, 25 Sep 2018 15:30:04 +0800 +Subject: [PATCH] ipsec-tools: add openssl 1.1 support + +To: equeiroz@troianet.com.br + +This patch updates the calls to openssl 1.1 API, and adds a +compatibility layer so it compiles with (at least) openssl 1.0.2, I +haven't tested it with lower versions, but all that's needed is to edit +the openssl_compat.* files and add the missing functions there--they're +usually trivial. + +Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> + +Upstream-Status: Submitted [https://sourceforge.net/p/ipsec-tools/mailman/message/36327963/] +https://github.com/openwrt/packages/blob/master/net/ipsec-tools/patches/015-openssl-1.1.patch + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + src/racoon/Makefile.am | 10 +-- + src/racoon/algorithm.c | 6 +- + src/racoon/crypto_openssl.c | 197 +++++++++++++++++++++------------------- + src/racoon/crypto_openssl.h | 2 +- + src/racoon/eaytest.c | 7 +- + src/racoon/ipsec_doi.c | 2 +- + src/racoon/openssl_compat.c | 213 ++++++++++++++++++++++++++++++++++++++++++++ + src/racoon/openssl_compat.h | 45 ++++++++++ + src/racoon/plainrsa-gen.c | 41 +++++---- + src/racoon/prsa_par.y | 28 ++++-- + src/racoon/rsalist.c | 5 +- + 11 files changed, 430 insertions(+), 126 deletions(-) + create mode 100644 src/racoon/openssl_compat.c + create mode 100644 src/racoon/openssl_compat.h + +diff --git a/src/racoon/Makefile.am b/src/racoon/Makefile.am +index 0662957..272b009 100644 +--- a/src/racoon/Makefile.am ++++ b/src/racoon/Makefile.am +@@ -4,7 +4,7 @@ sbin_PROGRAMS = racoon racoonctl plainrsa-gen + noinst_PROGRAMS = eaytest + include_racoon_HEADERS = racoonctl.h var.h vmbuf.h misc.h gcmalloc.h admin.h \ + schedule.h sockmisc.h isakmp_var.h isakmp.h isakmp_xauth.h \ +- isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h ++ isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h openssl_compat.h + lib_LTLIBRARIES = libracoon.la + + adminsockdir=${localstatedir}/racoon +@@ -32,7 +32,7 @@ racoon_SOURCES = \ + gssapi.c dnssec.c getcertsbyname.c privsep.c \ + pfkey.c admin.c evt.c ipsec_doi.c oakley.c grabmyaddr.c vendorid.c \ + policy.c localconf.c remoteconf.c crypto_openssl.c algorithm.c \ +- proposal.c sainfo.c strnames.c \ ++ openssl_compat.c proposal.c sainfo.c strnames.c \ + plog.c logger.c schedule.c str2val.c \ + safefile.c backupsa.c genlist.c rsalist.c \ + cftoken.l cfparse.y prsa_tok.l prsa_par.y +@@ -51,12 +51,12 @@ libracoon_la_SOURCES = kmpstat.c vmbuf.c sockmisc.c misc.c + libracoon_la_CFLAGS = -DNOUSE_PRIVSEP $(AM_CFLAGS) + + plainrsa_gen_SOURCES = plainrsa-gen.c plog.c \ +- crypto_openssl.c logger.c ++ crypto_openssl.c logger.c openssl_compat.c + EXTRA_plainrsa_gen_SOURCES = $(MISSING_ALGOS) + plainrsa_gen_LDADD = $(CRYPTOBJS) vmbuf.o misc.o + plainrsa_gen_DEPENDENCIES = $(CRYPTOBJS) vmbuf.o misc.o + +-eaytest_SOURCES = eaytest.c plog.c logger.c ++eaytest_SOURCES = eaytest.c plog.c logger.c openssl_compat.c + EXTRA_eaytest_SOURCES = missing/crypto/sha2/sha2.c + eaytest_LDADD = crypto_openssl_test.o vmbuf.o str2val.o misc_noplog.o \ + $(CRYPTOBJS) +@@ -75,7 +75,7 @@ noinst_HEADERS = \ + debugrm.h isakmp.h misc.h sainfo.h \ + dhgroup.h isakmp_agg.h netdb_dnssec.h schedule.h \ + isakmp_cfg.h isakmp_xauth.h isakmp_unity.h isakmp_frag.h \ +- throttle.h privsep.h \ ++ throttle.h privsep.h openssl_compat.h \ + cfparse_proto.h cftoken_proto.h genlist.h rsalist.h \ + missing/crypto/sha2/sha2.h missing/crypto/rijndael/rijndael_local.h \ + missing/crypto/rijndael/rijndael-api-fst.h \ +diff --git a/src/racoon/algorithm.c b/src/racoon/algorithm.c +index 3fd50f6..66c874b 100644 +--- a/src/racoon/algorithm.c ++++ b/src/racoon/algorithm.c +@@ -128,7 +128,7 @@ static struct enc_algorithm oakley_encdef[] = { + { "aes", algtype_aes, OAKLEY_ATTR_ENC_ALG_AES, 16, + eay_aes_encrypt, eay_aes_decrypt, + eay_aes_weakkey, eay_aes_keylen, }, +-#ifdef HAVE_OPENSSL_CAMELLIA_H ++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) + { "camellia", algtype_camellia, OAKLEY_ATTR_ENC_ALG_CAMELLIA, 16, + eay_camellia_encrypt, eay_camellia_decrypt, + eay_camellia_weakkey, eay_camellia_keylen, }, +@@ -168,7 +168,7 @@ static struct enc_algorithm ipsec_encdef[] = { + { "twofish", algtype_twofish, IPSECDOI_ESP_TWOFISH, 16, + NULL, NULL, + NULL, eay_twofish_keylen, }, +-#ifdef HAVE_OPENSSL_IDEA_H ++#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) + { "3idea", algtype_3idea, IPSECDOI_ESP_3IDEA, 8, + NULL, NULL, + NULL, NULL, }, +@@ -179,7 +179,7 @@ static struct enc_algorithm ipsec_encdef[] = { + { "rc4", algtype_rc4, IPSECDOI_ESP_RC4, 8, + NULL, NULL, + NULL, NULL, }, +-#ifdef HAVE_OPENSSL_CAMELLIA_H ++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) + { "camellia", algtype_camellia, IPSECDOI_ESP_CAMELLIA, 16, + NULL, NULL, + NULL, eay_camellia_keylen, }, +diff --git a/src/racoon/crypto_openssl.c b/src/racoon/crypto_openssl.c +index 55b076a..8fb358f 100644 +--- a/src/racoon/crypto_openssl.c ++++ b/src/racoon/crypto_openssl.c +@@ -90,6 +90,7 @@ + #endif + #endif + #include "plog.h" ++#include "openssl_compat.h" + + #define USE_NEW_DES_API + +@@ -316,9 +317,12 @@ eay_cmp_asn1dn(n1, n2) + i = idx+1; + goto end; + } +- if ((ea->value->length == 1 && ea->value->data[0] == '*') || +- (eb->value->length == 1 && eb->value->data[0] == '*')) { +- if (OBJ_cmp(ea->object,eb->object)) { ++ ASN1_STRING *sa = X509_NAME_ENTRY_get_data(ea); ++ ASN1_STRING *sb = X509_NAME_ENTRY_get_data(eb); ++ if ((ASN1_STRING_length(sa) == 1 && ASN1_STRING_get0_data(sa)[0] == '*') || ++ (ASN1_STRING_length(sb) == 1 && ASN1_STRING_get0_data(sb)[0] == '*')) { ++ if (OBJ_cmp(X509_NAME_ENTRY_get_object(ea), ++ X509_NAME_ENTRY_get_object(eb))) { + i = idx+1; + goto end; + } +@@ -430,7 +434,7 @@ cb_check_cert_local(ok, ctx) + + if (!ok) { + X509_NAME_oneline( +- X509_get_subject_name(ctx->current_cert), ++ X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), + buf, + 256); + /* +@@ -438,7 +442,8 @@ cb_check_cert_local(ok, ctx) + * ok if they are self signed. But we should still warn + * the user. + */ +- switch (ctx->error) { ++ int ctx_error = X509_STORE_CTX_get_error(ctx); ++ switch (ctx_error) { + case X509_V_ERR_CERT_HAS_EXPIRED: + case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: + case X509_V_ERR_INVALID_CA: +@@ -453,9 +458,9 @@ cb_check_cert_local(ok, ctx) + } + plog(log_tag, LOCATION, NULL, + "%s(%d) at depth:%d SubjectName:%s\n", +- X509_verify_cert_error_string(ctx->error), +- ctx->error, +- ctx->error_depth, ++ X509_verify_cert_error_string(ctx_error), ++ ctx_error, ++ X509_STORE_CTX_get_error_depth(ctx), + buf); + } + ERR_clear_error(); +@@ -477,10 +482,11 @@ cb_check_cert_remote(ok, ctx) + + if (!ok) { + X509_NAME_oneline( +- X509_get_subject_name(ctx->current_cert), ++ X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), + buf, + 256); +- switch (ctx->error) { ++ int ctx_error=X509_STORE_CTX_get_error(ctx); ++ switch (ctx_error) { + case X509_V_ERR_UNABLE_TO_GET_CRL: + ok = 1; + log_tag = LLV_WARNING; +@@ -490,9 +496,9 @@ cb_check_cert_remote(ok, ctx) + } + plog(log_tag, LOCATION, NULL, + "%s(%d) at depth:%d SubjectName:%s\n", +- X509_verify_cert_error_string(ctx->error), +- ctx->error, +- ctx->error_depth, ++ X509_verify_cert_error_string(ctx_error), ++ ctx_error, ++ X509_STORE_CTX_get_error_depth(ctx), + buf); + } + ERR_clear_error(); +@@ -516,14 +522,15 @@ eay_get_x509asn1subjectname(cert) + if (x509 == NULL) + goto error; + ++ X509_NAME *subject_name = X509_get_subject_name(x509); + /* get the length of the name */ +- len = i2d_X509_NAME(x509->cert_info->subject, NULL); ++ len = i2d_X509_NAME(subject_name, NULL); + name = vmalloc(len); + if (!name) + goto error; + /* get the name */ + bp = (unsigned char *) name->v; +- len = i2d_X509_NAME(x509->cert_info->subject, &bp); ++ len = i2d_X509_NAME(subject_name, &bp); + + X509_free(x509); + +@@ -661,15 +668,16 @@ eay_get_x509asn1issuername(cert) + if (x509 == NULL) + goto error; + ++ X509_NAME *issuer_name = X509_get_issuer_name(x509); + /* get the length of the name */ +- len = i2d_X509_NAME(x509->cert_info->issuer, NULL); ++ len = i2d_X509_NAME(issuer_name, NULL); + name = vmalloc(len); + if (name == NULL) + goto error; + + /* get the name */ + bp = (unsigned char *) name->v; +- len = i2d_X509_NAME(x509->cert_info->issuer, &bp); ++ len = i2d_X509_NAME(issuer_name, &bp); + + X509_free(x509); + +@@ -850,7 +858,7 @@ eay_check_x509sign(source, sig, cert) + return -1; + } + +- res = eay_rsa_verify(source, sig, evp->pkey.rsa); ++ res = eay_rsa_verify(source, sig, EVP_PKEY_get0_RSA(evp)); + + EVP_PKEY_free(evp); + X509_free(x509); +@@ -992,7 +1000,7 @@ eay_get_x509sign(src, privkey) + if (evp == NULL) + return NULL; + +- sig = eay_rsa_sign(src, evp->pkey.rsa); ++ sig = eay_rsa_sign(src, EVP_PKEY_get0_RSA(evp)); + + EVP_PKEY_free(evp); + +@@ -1079,7 +1087,11 @@ eay_strerror() + int line, flags; + unsigned long es; + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ es = 0; /* even when allowed by OPENSSL_API_COMPAT, it is defined as 0 */ ++#else + es = CRYPTO_thread_id(); ++#endif + + while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){ + n = snprintf(ebuf + len, sizeof(ebuf) - len, +@@ -1100,7 +1112,7 @@ vchar_t * + evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc) + { + vchar_t *res; +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + + if (!e) + return NULL; +@@ -1111,7 +1123,7 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc + if ((res = vmalloc(data->l)) == NULL) + return NULL; + +- EVP_CIPHER_CTX_init(&ctx); ++ ctx = EVP_CIPHER_CTX_new(); + + switch(EVP_CIPHER_nid(e)){ + case NID_bf_cbc: +@@ -1125,54 +1137,41 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc + /* XXX: can we do that also for algos with a fixed key size ? + */ + /* init context without key/iv +- */ +- if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc)) +- { +- OpenSSL_BUG(); +- vfree(res); +- return NULL; +- } ++ */ ++ if (!EVP_CipherInit(ctx, e, NULL, NULL, enc)) ++ goto out; + +- /* update key size +- */ +- if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l)) +- { +- OpenSSL_BUG(); +- vfree(res); +- return NULL; +- } +- +- /* finalize context init with desired key size +- */ +- if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v, ++ /* update key size ++ */ ++ if (!EVP_CIPHER_CTX_set_key_length(ctx, key->l)) ++ goto out; ++ ++ /* finalize context init with desired key size ++ */ ++ if (!EVP_CipherInit(ctx, NULL, (u_char *) key->v, + (u_char *) iv->v, enc)) +- { +- OpenSSL_BUG(); +- vfree(res); +- return NULL; +- } ++ goto out; + break; + default: +- if (!EVP_CipherInit(&ctx, e, (u_char *) key->v, +- (u_char *) iv->v, enc)) { +- OpenSSL_BUG(); +- vfree(res); +- return NULL; +- } ++ if (!EVP_CipherInit(ctx, e, (u_char *) key->v, ++ (u_char *) iv->v, enc)) ++ goto out; + } + + /* disable openssl padding */ +- EVP_CIPHER_CTX_set_padding(&ctx, 0); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); + +- if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) { +- OpenSSL_BUG(); +- vfree(res); +- return NULL; +- } ++ if (!EVP_Cipher(ctx, (u_char *) res->v, (u_char *) data->v, data->l)) ++ goto out; + +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_free(ctx); + + return res; ++out: ++ EVP_CIPHER_CTX_free(ctx); ++ OpenSSL_BUG(); ++ vfree(res); ++ return NULL; + } + + int +@@ -1230,7 +1229,7 @@ eay_des_keylen(len) + return evp_keylen(len, EVP_des_cbc()); + } + +-#ifdef HAVE_OPENSSL_IDEA_H ++#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) + /* + * IDEA-CBC + */ +@@ -1587,7 +1586,7 @@ eay_aes_keylen(len) + return len; + } + +-#if defined(HAVE_OPENSSL_CAMELLIA_H) ++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) + /* + * CAMELLIA-CBC + */ +@@ -1680,9 +1679,9 @@ eay_hmac_init(key, md) + vchar_t *key; + const EVP_MD *md; + { +- HMAC_CTX *c = racoon_malloc(sizeof(*c)); ++ HMAC_CTX *c = HMAC_CTX_new(); + +- HMAC_Init(c, key->v, key->l, md); ++ HMAC_Init_ex(c, key->v, key->l, md, NULL); + + return (caddr_t)c; + } +@@ -1761,8 +1760,7 @@ eay_hmacsha2_512_final(c) + + HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); + res->l = l; +- HMAC_cleanup((HMAC_CTX *)c); +- (void)racoon_free(c); ++ HMAC_CTX_free((HMAC_CTX *)c); + + if (SHA512_DIGEST_LENGTH != res->l) { + plog(LLV_ERROR, LOCATION, NULL, +@@ -1811,8 +1809,7 @@ eay_hmacsha2_384_final(c) + + HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); + res->l = l; +- HMAC_cleanup((HMAC_CTX *)c); +- (void)racoon_free(c); ++ HMAC_CTX_free((HMAC_CTX *)c); + + if (SHA384_DIGEST_LENGTH != res->l) { + plog(LLV_ERROR, LOCATION, NULL, +@@ -1861,8 +1858,7 @@ eay_hmacsha2_256_final(c) + + HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); + res->l = l; +- HMAC_cleanup((HMAC_CTX *)c); +- (void)racoon_free(c); ++ HMAC_CTX_free((HMAC_CTX *)c); + + if (SHA256_DIGEST_LENGTH != res->l) { + plog(LLV_ERROR, LOCATION, NULL, +@@ -1912,8 +1908,7 @@ eay_hmacsha1_final(c) + + HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); + res->l = l; +- HMAC_cleanup((HMAC_CTX *)c); +- (void)racoon_free(c); ++ HMAC_CTX_free((HMAC_CTX *)c); + + if (SHA_DIGEST_LENGTH != res->l) { + plog(LLV_ERROR, LOCATION, NULL, +@@ -1962,8 +1957,7 @@ eay_hmacmd5_final(c) + + HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); + res->l = l; +- HMAC_cleanup((HMAC_CTX *)c); +- (void)racoon_free(c); ++ HMAC_CTX_free((HMAC_CTX *)c); + + if (MD5_DIGEST_LENGTH != res->l) { + plog(LLV_ERROR, LOCATION, NULL, +@@ -2266,6 +2260,7 @@ eay_dh_generate(prime, g, publen, pub, priv) + u_int32_t g; + { + BIGNUM *p = NULL; ++ BIGNUM *BNg = NULL; + DH *dh = NULL; + int error = -1; + +@@ -2276,25 +2271,28 @@ eay_dh_generate(prime, g, publen, pub, priv) + + if ((dh = DH_new()) == NULL) + goto end; +- dh->p = p; +- p = NULL; /* p is now part of dh structure */ +- dh->g = NULL; +- if ((dh->g = BN_new()) == NULL) ++ if ((BNg = BN_new()) == NULL) + goto end; +- if (!BN_set_word(dh->g, g)) ++ if (!BN_set_word(BNg, g)) + goto end; ++ if (! DH_set0_pqg(dh, p, NULL, BNg)) ++ goto end; ++ BNg = NULL; ++ p = NULL; /* p is now part of dh structure */ + + if (publen != 0) +- dh->length = publen; ++ DH_set_length(dh, publen); + + /* generate public and private number */ + if (!DH_generate_key(dh)) + goto end; + + /* copy results to buffers */ +- if (eay_bn2v(pub, dh->pub_key) < 0) ++ BIGNUM *pub_key, *priv_key; ++ DH_get0_key(dh, (const BIGNUM**) &pub_key, (const BIGNUM**) &priv_key); ++ if (eay_bn2v(pub, pub_key) < 0) + goto end; +- if (eay_bn2v(priv, dh->priv_key) < 0) { ++ if (eay_bn2v(priv, priv_key) < 0) { + vfree(*pub); + goto end; + } +@@ -2306,6 +2304,8 @@ end: + DH_free(dh); + if (p != 0) + BN_free(p); ++ if (BNg != 0) ++ BN_free(BNg); + return(error); + } + +@@ -2319,6 +2319,10 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) + int l; + unsigned char *v = NULL; + int error = -1; ++ BIGNUM *p = BN_new(); ++ BIGNUM *BNg = BN_new(); ++ BIGNUM *pub_key = BN_new(); ++ BIGNUM *priv_key = BN_new(); + + /* make public number to compute */ + if (eay_v2bn(&dh_pub, pub2) < 0) +@@ -2327,19 +2331,21 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) + /* make DH structure */ + if ((dh = DH_new()) == NULL) + goto end; +- if (eay_v2bn(&dh->p, prime) < 0) ++ if (p == NULL || BNg == NULL || pub_key == NULL || priv_key == NULL) + goto end; +- if (eay_v2bn(&dh->pub_key, pub) < 0) ++ ++ if (eay_v2bn(&p, prime) < 0) + goto end; +- if (eay_v2bn(&dh->priv_key, priv) < 0) ++ if (eay_v2bn(&pub_key, pub) < 0) + goto end; +- dh->length = pub2->l * 8; +- +- dh->g = NULL; +- if ((dh->g = BN_new()) == NULL) ++ if (eay_v2bn(&priv_key, priv) < 0) + goto end; +- if (!BN_set_word(dh->g, g)) ++ if (!BN_set_word(BNg, g)) + goto end; ++ DH_set0_key(dh, pub_key, priv_key); ++ DH_set_length(dh, pub2->l * 8); ++ DH_set0_pqg(dh, p, NULL, BNg); ++ pub_key = priv_key = p = BNg = NULL; + + if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL) + goto end; +@@ -2350,6 +2356,14 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) + error = 0; + + end: ++ if (p != NULL) ++ BN_free(p); ++ if (BNg != NULL) ++ BN_free(BNg); ++ if (pub_key != NULL) ++ BN_free(pub_key); ++ if (priv_key != NULL) ++ BN_free(priv_key); + if (dh_pub != NULL) + BN_free(dh_pub); + if (dh != NULL) +@@ -2400,12 +2414,14 @@ eay_bn2v(var, bn) + void + eay_init() + { ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + #ifdef HAVE_OPENSSL_ENGINE_H + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); + #endif ++#endif + } + + vchar_t * +@@ -2504,8 +2520,7 @@ binbuf_pubkey2rsa(vchar_t *binbuf) + goto out; + } + +- rsa_pub->n = mod; +- rsa_pub->e = exp; ++ RSA_set0_key(rsa_pub, mod, exp, NULL); + + out: + return rsa_pub; +@@ -2582,5 +2597,5 @@ eay_random() + const char * + eay_version() + { +- return SSLeay_version(SSLEAY_VERSION); ++ return OpenSSL_version(OPENSSL_VERSION); + } +diff --git a/src/racoon/crypto_openssl.h b/src/racoon/crypto_openssl.h +index 66fac73..ee5b765 100644 +--- a/src/racoon/crypto_openssl.h ++++ b/src/racoon/crypto_openssl.h +@@ -124,7 +124,7 @@ extern vchar_t *eay_aes_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); + extern int eay_aes_weakkey __P((vchar_t *)); + extern int eay_aes_keylen __P((int)); + +-#if defined(HAVE_OPENSSL_CAMELLIA_H) ++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) + /* Camellia */ + extern vchar_t *eay_camellia_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); + extern vchar_t *eay_camellia_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); +diff --git a/src/racoon/eaytest.c b/src/racoon/eaytest.c +index d609e4f..d2d20da 100644 +--- a/src/racoon/eaytest.c ++++ b/src/racoon/eaytest.c +@@ -62,6 +62,7 @@ + #include "dhgroup.h" + #include "crypto_openssl.h" + #include "gnuc.h" ++#include "openssl_compat.h" + + #include "package_version.h" + +@@ -103,7 +104,7 @@ rsa_verify_with_pubkey(src, sig, pubkey_txt) + printf ("PEM_read_PUBKEY(): %s\n", eay_strerror()); + return -1; + } +- error = eay_check_rsasign(src, sig, evp->pkey.rsa); ++ error = eay_check_rsasign(src, sig, EVP_PKEY_get0_RSA(evp)); + + return error; + } +@@ -698,7 +699,7 @@ ciphertest(ac, av) + eay_cast_encrypt, eay_cast_decrypt) < 0) + return -1; + +-#ifdef HAVE_OPENSSL_IDEA_H ++#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) + if (ciphertest_1 ("IDEA", + &data, 8, + &key, key.l, +@@ -715,7 +716,7 @@ ciphertest(ac, av) + eay_rc5_encrypt, eay_rc5_decrypt) < 0) + return -1; + #endif +-#if defined(HAVE_OPENSSL_CAMELLIA_H) ++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) + if (ciphertest_1 ("CAMELLIA", + &data, 16, + &key, key.l, +diff --git a/src/racoon/ipsec_doi.c b/src/racoon/ipsec_doi.c +index 08e4325..7b1604d 100644 +--- a/src/racoon/ipsec_doi.c ++++ b/src/racoon/ipsec_doi.c +@@ -715,7 +715,7 @@ out: + /* key length must not be specified on some algorithms */ + if (keylen) { + if (sa->enctype == OAKLEY_ATTR_ENC_ALG_DES +-#ifdef HAVE_OPENSSL_IDEA_H ++#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) + || sa->enctype == OAKLEY_ATTR_ENC_ALG_IDEA + #endif + || sa->enctype == OAKLEY_ATTR_ENC_ALG_3DES) { +diff --git a/src/racoon/openssl_compat.c b/src/racoon/openssl_compat.c +new file mode 100644 +index 0000000..864b5fb +--- /dev/null ++++ b/src/racoon/openssl_compat.c +@@ -0,0 +1,213 @@ ++/* ++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include "openssl_compat.h" ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++#include <string.h> ++ ++static void *OPENSSL_zalloc(size_t num) ++{ ++ void *ret = OPENSSL_malloc(num); ++ ++ if (ret != NULL) ++ memset(ret, 0, num); ++ return ret; ++} ++ ++int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) ++{ ++ /* If the fields n and e in r are NULL, the corresponding input ++ * parameters MUST be non-NULL for n and e. d may be ++ * left NULL (in case only the public key is used). ++ */ ++ if ((r->n == NULL && n == NULL) ++ || (r->e == NULL && e == NULL)) ++ return 0; ++ ++ if (n != NULL) { ++ BN_free(r->n); ++ r->n = n; ++ } ++ if (e != NULL) { ++ BN_free(r->e); ++ r->e = e; ++ } ++ if (d != NULL) { ++ BN_free(r->d); ++ r->d = d; ++ } ++ ++ return 1; ++} ++ ++int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) ++{ ++ /* If the fields p and q in r are NULL, the corresponding input ++ * parameters MUST be non-NULL. ++ */ ++ if ((r->p == NULL && p == NULL) ++ || (r->q == NULL && q == NULL)) ++ return 0; ++ ++ if (p != NULL) { ++ BN_free(r->p); ++ r->p = p; ++ } ++ if (q != NULL) { ++ BN_free(r->q); ++ r->q = q; ++ } ++ ++ return 1; ++} ++ ++int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) ++{ ++ /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input ++ * parameters MUST be non-NULL. ++ */ ++ if ((r->dmp1 == NULL && dmp1 == NULL) ++ || (r->dmq1 == NULL && dmq1 == NULL) ++ || (r->iqmp == NULL && iqmp == NULL)) ++ return 0; ++ ++ if (dmp1 != NULL) { ++ BN_free(r->dmp1); ++ r->dmp1 = dmp1; ++ } ++ if (dmq1 != NULL) { ++ BN_free(r->dmq1); ++ r->dmq1 = dmq1; ++ } ++ if (iqmp != NULL) { ++ BN_free(r->iqmp); ++ r->iqmp = iqmp; ++ } ++ ++ return 1; ++} ++ ++void RSA_get0_key(const RSA *r, ++ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) ++{ ++ if (n != NULL) ++ *n = r->n; ++ if (e != NULL) ++ *e = r->e; ++ if (d != NULL) ++ *d = r->d; ++} ++ ++void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) ++{ ++ if (p != NULL) ++ *p = r->p; ++ if (q != NULL) ++ *q = r->q; ++} ++ ++void RSA_get0_crt_params(const RSA *r, ++ const BIGNUM **dmp1, const BIGNUM **dmq1, ++ const BIGNUM **iqmp) ++{ ++ if (dmp1 != NULL) ++ *dmp1 = r->dmp1; ++ if (dmq1 != NULL) ++ *dmq1 = r->dmq1; ++ if (iqmp != NULL) ++ *iqmp = r->iqmp; ++} ++ ++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) ++{ ++ /* If the fields p and g in d are NULL, the corresponding input ++ * parameters MUST be non-NULL. q may remain NULL. ++ */ ++ if ((dh->p == NULL && p == NULL) ++ || (dh->g == NULL && g == NULL)) ++ return 0; ++ ++ if (p != NULL) { ++ BN_free(dh->p); ++ dh->p = p; ++ } ++ if (q != NULL) { ++ BN_free(dh->q); ++ dh->q = q; ++ } ++ if (g != NULL) { ++ BN_free(dh->g); ++ dh->g = g; ++ } ++ ++ if (q != NULL) { ++ dh->length = BN_num_bits(q); ++ } ++ ++ return 1; ++} ++ ++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++ if (pub_key != NULL) ++ *pub_key = dh->pub_key; ++ if (priv_key != NULL) ++ *priv_key = dh->priv_key; ++} ++ ++int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) ++{ ++ /* If the field pub_key in dh is NULL, the corresponding input ++ * parameters MUST be non-NULL. The priv_key field may ++ * be left NULL. ++ */ ++ if (dh->pub_key == NULL && pub_key == NULL) ++ return 0; ++ ++ if (pub_key != NULL) { ++ BN_free(dh->pub_key); ++ dh->pub_key = pub_key; ++ } ++ if (priv_key != NULL) { ++ BN_free(dh->priv_key); ++ dh->priv_key = priv_key; ++ } ++ ++ return 1; ++} ++ ++int DH_set_length(DH *dh, long length) ++{ ++ dh->length = length; ++ return 1; ++} ++ ++HMAC_CTX *HMAC_CTX_new(void) ++{ ++ return OPENSSL_zalloc(sizeof(HMAC_CTX)); ++} ++ ++void HMAC_CTX_free(HMAC_CTX *ctx) ++{ ++ HMAC_CTX_cleanup(ctx); ++ OPENSSL_free(ctx); ++} ++ ++RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) ++{ ++ if (pkey->type != EVP_PKEY_RSA) { ++ return NULL; ++ } ++ return pkey->pkey.rsa; ++} ++ ++ ++#endif /* OPENSSL_VERSION_NUMBER */ +diff --git a/src/racoon/openssl_compat.h b/src/racoon/openssl_compat.h +new file mode 100644 +index 0000000..9e152c2 +--- /dev/null ++++ b/src/racoon/openssl_compat.h +@@ -0,0 +1,45 @@ ++#ifndef OPENSSL_COMPAT_H ++#define OPENSSL_COMPAT_H ++ ++#include <openssl/opensslv.h> ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++#include <openssl/rsa.h> ++#include <openssl/dh.h> ++#include <openssl/evp.h> ++#include <openssl/hmac.h> ++ ++int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); ++int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); ++int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); ++void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); ++void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); ++void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); ++ ++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); ++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); ++int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); ++int DH_set_length(DH *dh, long length); ++ ++HMAC_CTX *HMAC_CTX_new(void); ++void HMAC_CTX_free(HMAC_CTX* ctx); ++ ++RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); ++ ++#define ASN1_STRING_length(s) s->length ++#define ASN1_STRING_get0_data(s) s->data ++ ++#define X509_get_subject_name(x) x->cert_info->subject ++#define X509_get_issuer_name(x) x->cert_info->issuer ++#define X509_NAME_ENTRY_get_data(n) n->value ++#define X509_NAME_ENTRY_get_object(n) n->object ++#define X509_STORE_CTX_get_current_cert(ctx) ctx->current_cert ++#define X509_STORE_CTX_get_error(ctx) ctx->error ++#define X509_STORE_CTX_get_error_depth(ctx) ctx->error_depth ++ ++#define OPENSSL_VERSION SSLEAY_VERSION ++#define OpenSSL_version SSLeay_version ++ ++#endif /* OPENSSL_VERSION_NUMBER */ ++ ++#endif /* OPENSSL_COMPAT_H */ +diff --git a/src/racoon/plainrsa-gen.c b/src/racoon/plainrsa-gen.c +index cad1861..b949b08 100644 +--- a/src/racoon/plainrsa-gen.c ++++ b/src/racoon/plainrsa-gen.c +@@ -60,6 +60,7 @@ + #include "vmbuf.h" + #include "plog.h" + #include "crypto_openssl.h" ++#include "openssl_compat.h" + + #include "package_version.h" + +@@ -90,12 +91,14 @@ mix_b64_pubkey(const RSA *key) + char *binbuf; + long binlen, ret; + vchar_t *res; +- +- binlen = 1 + BN_num_bytes(key->e) + BN_num_bytes(key->n); ++ const BIGNUM *e, *n; ++ ++ RSA_get0_key(key, &n, &e, NULL); ++ binlen = 1 + BN_num_bytes(e) + BN_num_bytes(n); + binbuf = malloc(binlen); + memset(binbuf, 0, binlen); +- binbuf[0] = BN_bn2bin(key->e, (unsigned char *) &binbuf[1]); +- ret = BN_bn2bin(key->n, (unsigned char *) (&binbuf[binbuf[0] + 1])); ++ binbuf[0] = BN_bn2bin(e, (unsigned char *) &binbuf[1]); ++ ret = BN_bn2bin(n, (unsigned char *) (&binbuf[binbuf[0] + 1])); + if (1 + binbuf[0] + ret != binlen) { + plog(LLV_ERROR, LOCATION, NULL, + "Pubkey generation failed. This is really strange...\n"); +@@ -131,16 +134,20 @@ print_rsa_key(FILE *fp, const RSA *key) + + fprintf(fp, "# : PUB 0s%s\n", pubkey64->v); + fprintf(fp, ": RSA\t{\n"); +- fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(key->n)); ++ const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp; ++ RSA_get0_key(key, &n, &e, &d); ++ RSA_get0_factors(key, &p, &q); ++ RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp); ++ fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(n)); + fprintf(fp, "\t# pubkey=0s%s\n", pubkey64->v); +- fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(key->n))); +- fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(key->e))); +- fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(key->d))); +- fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(key->p))); +- fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(key->q))); +- fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(key->dmp1))); +- fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(key->dmq1))); +- fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(key->iqmp))); ++ fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(n))); ++ fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(e))); ++ fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(d))); ++ fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(p))); ++ fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(q))); ++ fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(dmp1))); ++ fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(dmq1))); ++ fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(iqmp))); + fprintf(fp, " }\n"); + + vfree(pubkey64); +@@ -203,11 +210,13 @@ int + gen_rsa_key(FILE *fp, size_t bits, unsigned long exp) + { + int ret; +- RSA *key; ++ RSA *key = RSA_new(); ++ BIGNUM *e = BN_new(); + +- key = RSA_generate_key(bits, exp, NULL, NULL); +- if (!key) { ++ BN_set_word(e, exp); ++ if (! RSA_generate_key_ex(key, bits, e, NULL)) { + fprintf(stderr, "RSA_generate_key(): %s\n", eay_strerror()); ++ RSA_free(key); + return -1; + } + +diff --git a/src/racoon/prsa_par.y b/src/racoon/prsa_par.y +index 1987e4d..27ce4c6 100644 +--- a/src/racoon/prsa_par.y ++++ b/src/racoon/prsa_par.y +@@ -68,6 +68,7 @@ + #include "isakmp_var.h" + #include "handler.h" + #include "crypto_openssl.h" ++#include "openssl_compat.h" + #include "sockmisc.h" + #include "rsalist.h" + +@@ -85,7 +86,18 @@ char *prsa_cur_fname = NULL; + struct genlist *prsa_cur_list = NULL; + enum rsa_key_type prsa_cur_type = RSA_TYPE_ANY; + +-static RSA *rsa_cur; ++struct my_rsa_st { ++ BIGNUM *n; ++ BIGNUM *e; ++ BIGNUM *d; ++ BIGNUM *p; ++ BIGNUM *q; ++ BIGNUM *dmp1; ++ BIGNUM *dmq1; ++ BIGNUM *iqmp; ++}; ++ ++static struct my_rsa_st *rsa_cur; + + void + prsaerror(const char *s, ...) +@@ -201,8 +213,12 @@ rsa_statement: + rsa_cur->iqmp = NULL; + } + } +- $$ = rsa_cur; +- rsa_cur = RSA_new(); ++ RSA * rsa_tmp = RSA_new(); ++ RSA_set0_key(rsa_tmp, rsa_cur->n, rsa_cur->e, rsa_cur->d); ++ RSA_set0_factors(rsa_tmp, rsa_cur->p, rsa_cur->q); ++ RSA_set0_crt_params(rsa_tmp, rsa_cur->dmp1, rsa_cur->dmq1, rsa_cur->iqmp); ++ $$ = rsa_tmp; ++ memset(rsa_cur, 0, sizeof(struct my_rsa_st)); + } + | TAG_PUB BASE64 + { +@@ -351,10 +367,12 @@ prsa_parse_file(struct genlist *list, char *fname, enum rsa_key_type type) + prsa_cur_fname = fname; + prsa_cur_list = list; + prsa_cur_type = type; +- rsa_cur = RSA_new(); ++ rsa_cur = malloc(sizeof(struct my_rsa_st)); ++ memset(rsa_cur, 0, sizeof(struct my_rsa_st)); + ret = prsaparse(); + if (rsa_cur) { +- RSA_free(rsa_cur); ++ memset(rsa_cur, 0, sizeof(struct my_rsa_st)); ++ free(rsa_cur); + rsa_cur = NULL; + } + fclose (fp); +diff --git a/src/racoon/rsalist.c b/src/racoon/rsalist.c +index f152c82..96e8363 100644 +--- a/src/racoon/rsalist.c ++++ b/src/racoon/rsalist.c +@@ -52,6 +52,7 @@ + #include "genlist.h" + #include "remoteconf.h" + #include "crypto_openssl.h" ++#include "openssl_compat.h" + + #ifndef LIST_FIRST + #define LIST_FIRST(head) ((head)->lh_first) +@@ -98,7 +99,9 @@ rsa_key_dup(struct rsa_key *key) + return NULL; + + if (key->rsa) { +- new->rsa = key->rsa->d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa); ++ const BIGNUM *d; ++ RSA_get0_key(key->rsa, NULL, NULL, &d); ++ new->rsa = (d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa)); + if (new->rsa == NULL) + goto dup_error; + } +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb index 5cbeb15ad..a6d473b59 100644 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb +++ b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb @@ -25,6 +25,8 @@ SRC_URI = "http://ftp.netbsd.org/pub/NetBSD/misc/ipsec-tools/0.8/ipsec-tools-${P file://0001-Fix-header-issues-found-with-musl-libc.patch \ file://0002-cfparse-clear-memory-equal-to-size-of-array.patch \ file://fix-CVE-2016-10396.patch \ + file://0001-Disable-gcc8-specific-warnings.patch \ + file://0001-ipsec-tools-add-openssl-1.1-support.patch \ " SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41" SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d" diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0001-Modify-the-Makefile-for-cross-compile.patch b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0001-Modify-the-Makefile-for-cross-compile.patch index 7c3dfe4a8..d7b0267d5 100644 --- a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0001-Modify-the-Makefile-for-cross-compile.patch +++ b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0001-Modify-the-Makefile-for-cross-compile.patch @@ -1,18 +1,22 @@ -From 58292175115bae7a4c3600d3022e59ea57213025 Mon Sep 17 00:00:00 2001 -From: Jianchuan Wang <jianchuan.wang@windriver.com> -Date: Mon, 12 Jan 2015 15:53:23 +0800 +From 801224257015788d3aff026bf2ae1cd8531d4fcc Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Wed, 25 Jul 2018 13:12:04 +0800 Subject: [PATCH] Modify the Makefile for cross compile. Upstream-Status: Inappropriate [embedded specific] Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com> + +update to version 1.29 + +Signed-off-by: Changqing Li <changqing.li@windriver.com> --- - Makefile | 23 ++++++----------------- + Makefile | 9 ++++----- libipvs/Makefile | 3 +-- - 2 files changed, 7 insertions(+), 19 deletions(-) + 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile -index e4e03cc..461c021 100644 +index 91a2991..906086d 100644 --- a/Makefile +++ b/Makefile @@ -35,10 +35,9 @@ ARCH = $(shell uname -m) @@ -23,57 +27,29 @@ index e4e03cc..461c021 100644 INCLUDE = SBIN = $(BUILD_ROOT)/sbin -MANDIR = usr/man -+MANDIR = usr/share/man ++MANDIR = usr/share/man MAN = $(BUILD_ROOT)/$(MANDIR)/man8 INIT = $(BUILD_ROOT)/etc/rc.d/init.d MKDIR = mkdir -@@ -62,17 +61,7 @@ RPMBUILD = $(shell \ - echo "/bin/rpm"; \ - fi ) - --ifeq (,$(FORCE_GETOPT)) --LIB_SEARCH = /lib64 /usr/lib64 /usr/local/lib64 /lib /usr/lib /usr/local/lib --POPT_LIB = $(shell for i in $(LIB_SEARCH); do \ -- if [ -f $$i/libpopt.a ]; then \ -- if nm $$i/libpopt.a | fgrep -q poptGetContext; then \ -- echo "-lpopt"; \ -- break; \ -- fi; \ -- fi; \ --done) --endif -+POPT_LIB = -lpopt - - ifneq (,$(POPT_LIB)) - POPT_DEFINE = -DHAVE_POPT -@@ -81,7 +70,7 @@ endif - OBJS = ipvsadm.o config_stream.o dynamic_array.o - LIBS = $(POPT_LIB) - ifneq (0,$(HAVE_NL)) --LIBS += -lnl -+LIBS += -lnl-3 -lnl-genl-3 - endif - DEFINES = -DVERSION=\"$(VERSION)\" -DSCHEDULERS=\"$(SCHEDULERS)\" \ - -DPE_LIST=\"$(PE_LIST)\" $(POPT_DEFINE) -@@ -91,13 +80,13 @@ DEFINES += $(shell if [ ! -f ../ip_vs.h ]; then \ +@@ -81,13 +80,13 @@ DEFINES += $(shell if [ ! -f ../ip_vs.h ]; then \ .PHONY = all clean install dist distclean rpm rpms -all: libs ipvsadm -+all: ipvsadm ++all: ipvsadm libs: make -C libipvs -ipvsadm: $(OBJS) $(STATIC_LIBS) - $(CC) $(CFLAGS) -o $@ $^ $(LIBS) -+ipvsadm: $(OBJS) libs ++ipvsadm: $(OBJS) libs + $(CC) $(CFLAGS) -o $@ $(OBJS) $(STATIC_LIBS) $(LIBS) install: all if [ ! -d $(SBIN) ]; then $(MKDIR) -p $(SBIN); fi diff --git a/libipvs/Makefile b/libipvs/Makefile -index a527a7f..b7300ec 100644 +index f845c8b..dafab30 100644 --- a/libipvs/Makefile +++ b/libipvs/Makefile @@ -1,6 +1,5 @@ @@ -83,7 +59,7 @@ index a527a7f..b7300ec 100644 CFLAGS = -Wall -Wunused -Wstrict-prototypes -g -fPIC ifneq (0,$(HAVE_NL)) CFLAGS += -DLIBIPVS_USE_NL -@@ -18,7 +17,7 @@ SHARED_LIB = libipvs.so +@@ -30,7 +29,7 @@ SHARED_LIB = libipvs.so all: $(STATIC_LIB) $(SHARED_LIB) $(STATIC_LIB): libipvs.o ip_vs_nl_policy.o @@ -93,5 +69,5 @@ index a527a7f..b7300ec 100644 $(SHARED_LIB): libipvs.o ip_vs_nl_policy.o $(CC) -shared -Wl,-soname,$@ -o $@ $^ -- -1.9.1 +2.7.4 diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0002-Replace-nl_handle-to-nl_sock.patch b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0002-Replace-nl_handle-to-nl_sock.patch deleted file mode 100644 index 7896d6d1e..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0002-Replace-nl_handle-to-nl_sock.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 2686213259b15df9cf1d969c5a14d62f14cfbaae Mon Sep 17 00:00:00 2001 -From: Jianchuan Wang <jianchuan.wang@windriver.com> -Date: Thu, 8 Jan 2015 17:37:11 +0800 -Subject: [PATCH 2/2] Replace nl_handle to nl_sock. - -The nl_handle was replace with nl_sock in the libnl-3. - -Upstream-Status: Inappropriate [embedded specific] - -Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com> ---- - libipvs/libipvs.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/libipvs/libipvs.c b/libipvs/libipvs.c -index a157e18..21a9bfa 100644 ---- a/libipvs/libipvs.c -+++ b/libipvs/libipvs.c -@@ -32,7 +32,7 @@ static void* ipvs_func = NULL; - struct ip_vs_getinfo ipvs_info; - - #ifdef LIBIPVS_USE_NL --static struct nl_handle *sock = NULL; -+static struct nl_sock *sock = NULL; - static int family, try_nl = 1; - #endif - -@@ -73,7 +73,7 @@ int ipvs_nl_send_message(struct nl_msg *msg, nl_recvmsg_msg_cb_t func, void *arg - { - int err = EINVAL; - -- sock = nl_handle_alloc(); -+ sock = nl_socket_alloc(); - if (!sock) { - nlmsg_free(msg); - return -1; -@@ -88,7 +88,7 @@ int ipvs_nl_send_message(struct nl_msg *msg, nl_recvmsg_msg_cb_t func, void *arg - - /* To test connections and set the family */ - if (msg == NULL) { -- nl_handle_destroy(sock); -+ nl_socket_free(sock); - sock = NULL; - return 0; - } -@@ -104,12 +104,12 @@ int ipvs_nl_send_message(struct nl_msg *msg, nl_recvmsg_msg_cb_t func, void *arg - - nlmsg_free(msg); - -- nl_handle_destroy(sock); -+ nl_socket_free(sock); - - return 0; - - fail_genl: -- nl_handle_destroy(sock); -+ nl_socket_free(sock); - sock = NULL; - nlmsg_free(msg); - errno = err; --- -1.8.3.1 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/makefile-add-ldflags.patch b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/makefile-add-ldflags.patch index 1bf1eed4c..a2c5235c3 100644 --- a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/makefile-add-ldflags.patch +++ b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/makefile-add-ldflags.patch @@ -1,19 +1,33 @@ -Add LDFLAGS variable to Makefile, make sure the extra linker flags can be passed. +From 8aff1e965ec17262f3a5b376f7eb3e053d81905c Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Tue, 24 Jul 2018 18:18:05 +0800 +Subject: [PATCH] Add LDFLAGS variable to Makefile, make sure the extra linker + flags can be passed. Upstream-Status: Pending Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +Update to version 1.29 + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + diff --git a/Makefile b/Makefile -index 461c021..8bc9cde 100644 +index f29bbae..81beb5a 100644 --- a/Makefile +++ b/Makefile @@ -86,7 +86,7 @@ libs: make -C libipvs - ipvsadm: $(OBJS) libs + ipvsadm: $(OBJS) libs - $(CC) $(CFLAGS) -o $@ $(OBJS) $(STATIC_LIBS) $(LIBS) + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS) $(STATIC_LIBS) $(LIBS) install: all if [ ! -d $(SBIN) ]; then $(MKDIR) -p $(SBIN); fi +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.26.bb b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.29.bb index b35a9f4a4..4f3c16dc3 100644 --- a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.26.bb +++ b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.29.bb @@ -12,19 +12,20 @@ locality-based least-connection, locality-based least-connection with replicati destination-hashing, and source-hashing)." SECTION = "net" LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://README;beginline=40;endline=56;md5=a54cba37b64924aa5008881607942892" +LIC_FILES_CHKSUM = "file://README;beginline=40;endline=56;md5=b4e40069f15598d0e3fe2aa177e5ec77" DEPENDS += "libnl popt" -SRC_URI = "http://www.linuxvirtualserver.org/software/kernel-2.6/${BP}.tar.gz \ +SRC_URI = "https://mirrors.edge.kernel.org/pub/linux/utils/kernel/ipvsadm/${BP}.tar.gz \ file://0001-Modify-the-Makefile-for-cross-compile.patch \ - file://0002-Replace-nl_handle-to-nl_sock.patch \ file://0003-ipvsadm-remove-dependency-on-bash.patch \ file://makefile-add-ldflags.patch \ " -SRC_URI[md5sum] = "eac3ba3f62cd4dea2da353aeddd353a8" -SRC_URI[sha256sum] = "6d6c46fecb1c532a892616b4445c73b71730e8790d5630f60269fd9cbee0eb2d" +SRC_URI[md5sum] = "88b35030b4766b3e44ad15aacdef65c4" +SRC_URI[sha256sum] = "297f5cd459c3eef81ed0ca32e53bf320ed6b132fe7ed6ea5e44aa6b1fbd2a7de" + +UPSTREAM_CHECK_URI = "${KERNELORG_MIRROR}/linux/utils/kernel/ipvsadm" do_compile() { oe_runmake \ @@ -33,5 +34,8 @@ do_compile() { } do_install() { + sed -i -e "s;SBIN\t\t= \$(BUILD_ROOT)/sbin;SBIN\t\t= \$(BUILD_ROOT)/$base_sbindir;" ${S}/Makefile oe_runmake 'BUILD_ROOT=${D}' install } + +inherit pkgconfig diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0001-libldb-fix-config-error.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0001-libldb-fix-config-error.patch new file mode 100644 index 000000000..5818d57f7 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0001-libldb-fix-config-error.patch @@ -0,0 +1,87 @@ +From bc4ff7e37ce120c257e52a81fe3475499dfd2573 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Tue, 24 Jul 2018 10:10:24 +0800 +Subject: [PATCH] libldb: fix config error + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + wscript | 58 +++++++++++++++++++++++++++++----------------------------- + 1 file changed, 29 insertions(+), 29 deletions(-) + +diff --git a/wscript b/wscript +index b0af7b6..8ad9f96 100644 +--- a/wscript ++++ b/wscript +@@ -115,40 +115,40 @@ def configure(conf): + onlyif='talloc tdb tevent pyldb-util', + implied_deps='replace talloc tdb tevent'): + conf.define('USING_SYSTEM_LDB', 1) ++ if not Options.options.without_ldb_lmdb: ++ if not conf.CHECK_CODE('return !(sizeof(size_t) >= 8)', ++ "HAVE_64_BIT_SIZE_T_FOR_LMDB", ++ execute=True, ++ msg='Checking for a 64-bit host to ' ++ 'support lmdb'): ++ Logs.warn("--without-ldb-lmdb implied as this " ++ "host is not 64-bit") ++ ++ if not conf.env.standalone_ldb and \ ++ not Options.options.without_ad_dc and \ ++ conf.CONFIG_GET('ENABLE_SELFTEST'): ++ Logs.warn("NOTE: Some AD DC parts of selftest will fail") + +- if not conf.CHECK_CODE('return !(sizeof(size_t) >= 8)', +- "HAVE_64_BIT_SIZE_T_FOR_LMDB", +- execute=True, +- msg='Checking for a 64-bit host to ' +- 'support lmdb'): +- Logs.warn("--without-ldb-lmdb implied as this " +- "host is not 64-bit") +- +- if not conf.env.standalone_ldb and \ +- not Options.options.without_ad_dc and \ +- conf.CONFIG_GET('ENABLE_SELFTEST'): +- Logs.warn("NOTE: Some AD DC parts of selftest will fail") +- +- conf.env.REQUIRE_LMDB = False +- else: +- if conf.env.standalone_ldb: +- if Options.options.without_ldb_lmdb: +- conf.env.REQUIRE_LMDB = False +- else: +- conf.env.REQUIRE_LMDB = True +- elif Options.options.without_ad_dc: + conf.env.REQUIRE_LMDB = False + else: +- if Options.options.without_ldb_lmdb: +- if not Options.options.without_ad_dc and \ +- conf.CONFIG_GET('ENABLE_SELFTEST'): +- raise Utils.WafError('--without-ldb-lmdb conflicts ' +- 'with --enable-selftest while ' +- 'building the AD DC') +- ++ if conf.env.standalone_ldb: ++ if Options.options.without_ldb_lmdb: ++ conf.env.REQUIRE_LMDB = False ++ else: ++ conf.env.REQUIRE_LMDB = True ++ elif Options.options.without_ad_dc: + conf.env.REQUIRE_LMDB = False + else: +- conf.env.REQUIRE_LMDB = True ++ if Options.options.without_ldb_lmdb: ++ if not Options.options.without_ad_dc and \ ++ conf.CONFIG_GET('ENABLE_SELFTEST'): ++ raise Utils.WafError('--without-ldb-lmdb conflicts ' ++ 'with --enable-selftest while ' ++ 'building the AD DC') ++ ++ conf.env.REQUIRE_LMDB = False ++ else: ++ conf.env.REQUIRE_LMDB = True + + + if conf.CONFIG_SET('USING_SYSTEM_LDB'): +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/avoid-openldap-unless-wanted.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/avoid-openldap-unless-wanted.patch index 8ab094fa7..b30afeee2 100644 --- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/avoid-openldap-unless-wanted.patch +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/avoid-openldap-unless-wanted.patch @@ -1,6 +1,16 @@ ---- a/wscript 2015-11-18 12:43:33.000000000 +0100 -+++ b/wscript 2015-11-18 12:46:25.000000000 +0100 -@@ -58,9 +58,7 @@ +From 63570b98ef63c91d8508478fcbe6b89c90c8398f Mon Sep 17 00:00:00 2001 +From: Jens Rehsack <rehsack@gmail.com> +Date: Thu, 19 Nov 2015 20:45:56 +0100 + +--- + wscript | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/wscript b/wscript +index e7c05d2..1633593 100644 +--- a/wscript ++++ b/wscript +@@ -161,9 +161,7 @@ def configure(conf): if conf.env.standalone_ldb: conf.CHECK_XSLTPROC_MANPAGES() diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/do-not-import-target-module-while-cross-compile.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/do-not-import-target-module-while-cross-compile.patch index fdd312c0a..ee4936a5a 100755..100644 --- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/do-not-import-target-module-while-cross-compile.patch +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/do-not-import-target-module-while-cross-compile.patch @@ -1,12 +1,21 @@ +From f4cda3a71311e4496b725bc5f46af93413ec7a1c Mon Sep 17 00:00:00 2001 +From: Bian Naimeng <biannm@cn.fujitsu.com> +Date: Fri, 17 Jul 2015 11:58:49 +0800 +Subject: [PATCH] libldb: add new recipe + Some modules such as dynamic library maybe cann't be imported while cross compile, we just check whether does the module exist. Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com> -Index: ldb-1.1.26/buildtools/wafsamba/samba_bundled.py -=================================================================== ---- ldb-1.1.26.orig/buildtools/wafsamba/samba_bundled.py -+++ ldb-1.1.26/buildtools/wafsamba/samba_bundled.py +--- + buildtools/wafsamba/samba_bundled.py | 32 ++++++++++++++++++++++++-------- + 1 file changed, 24 insertions(+), 8 deletions(-) + +diff --git a/buildtools/wafsamba/samba_bundled.py b/buildtools/wafsamba/samba_bundled.py +index 253d604..398cc6a 100644 +--- a/buildtools/wafsamba/samba_bundled.py ++++ b/buildtools/wafsamba/samba_bundled.py @@ -2,6 +2,7 @@ import sys @@ -15,7 +24,7 @@ Index: ldb-1.1.26/buildtools/wafsamba/samba_bundled.py from Configure import conf from samba_utils import TO_LIST -@@ -230,17 +231,32 @@ def CHECK_BUNDLED_SYSTEM_PYTHON(conf, li +@@ -249,17 +250,32 @@ def CHECK_BUNDLED_SYSTEM_PYTHON(conf, libname, modulename, minversion='0.0.0'): # versions minversion = minimum_library_version(conf, libname, minversion) diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-conflict-type-error.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-conflict-type-error.patch new file mode 100644 index 000000000..444fa3ff1 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-conflict-type-error.patch @@ -0,0 +1,45 @@ +From 5bd7b5d04435bd593349825973ce32290f5f604d Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Wed, 25 Jul 2018 09:55:25 +0800 +Subject: [PATCH] libldb: fix musl libc conflicting types error + +/third_party/cmocka/cmocka.h:126:28: error: conflicting types for 'uintptr_t' + typedef unsigned int uintptr_t; + ^~~~~~~~~ +use __DEFINED_uintptr_t in alltypes.h to check if uintptr already defined + +Upstream-Status: Pending + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + third_party/cmocka/cmocka.h | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +diff --git a/third_party/cmocka/cmocka.h b/third_party/cmocka/cmocka.h +index 4fd82a9..5443a08 100644 +--- a/third_party/cmocka/cmocka.h ++++ b/third_party/cmocka/cmocka.h +@@ -110,7 +110,7 @@ typedef uintmax_t LargestIntegralType; + ((LargestIntegralType)(value)) + + /* Smallest integral type capable of holding a pointer. */ +-#if !defined(_UINTPTR_T) && !defined(_UINTPTR_T_DEFINED) ++#if !defined(__DEFINED_uintptr_t) + # if defined(_WIN32) + /* WIN32 is an ILP32 platform */ + typedef unsigned int uintptr_t; +@@ -134,9 +134,8 @@ typedef uintmax_t LargestIntegralType; + # endif /* __WORDSIZE */ + # endif /* _WIN32 */ + +-# define _UINTPTR_T +-# define _UINTPTR_T_DEFINED +-#endif /* !defined(_UINTPTR_T) || !defined(_UINTPTR_T_DEFINED) */ ++# define __DEFINED_uintptr_t ++#endif /* !defined(__DEFINED_uintptr_t) + + /* Perform an unsigned cast to uintptr_t. */ + #define cast_to_pointer_integral_type(value) \ +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-unkown-type-error.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-unkown-type-error.patch new file mode 100644 index 000000000..c0e7e8907 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-unkown-type-error.patch @@ -0,0 +1,31 @@ +From d90534469c5c43bf2a97e5698a5ddb4b7471f92a Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Tue, 24 Jul 2018 10:53:16 +0800 +Subject: [PATCH] libldb: fix musl libc unkoown type error + +tevent.h:1440:8: error: unknown type name 'pid_t'; did you mean 'div_t'? + pid_t *pid, + ^~~~~ + div_t + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + lib/tevent/tevent.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h +index aa6fe0d..2572696 100644 +--- a/lib/tevent/tevent.h ++++ b/lib/tevent/tevent.h +@@ -32,6 +32,8 @@ + #include <talloc.h> + #include <sys/time.h> + #include <stdbool.h> ++#include <sys/stat.h> ++#include <sys/types.h> + + struct tevent_context; + struct tevent_ops; +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.3.1.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.4.1.patch index ffe253b63..357afbea5 100644 --- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.3.1.patch +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.4.1.patch @@ -1,7 +1,7 @@ -From a4da3ab4d76013aaa731d43d52ccca1ebd37c395 Mon Sep 17 00:00:00 2001 -From: Jackie Huang <jackie.huang@windriver.com> -Date: Wed, 21 Sep 2016 10:06:39 +0800 -Subject: [PATCH 1/1] ldb: Add configure options for packages +From ffffd29bc6303d60b3d77048fbbf6776f6fbbe01 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Thu, 19 Jul 2018 16:40:31 +0800 +Subject: [PATCH] ldb: Add configure options for packages Add configure options for the following packages: - acl @@ -14,30 +14,22 @@ Add configure options for the following packages: Upstream-Status: Inappropriate [oe deterministic build specific] Signed-off-by: Jackie Huang <jackie.huang@windriver.com> + +Update to version 1.4.1, and fix one configure error + +Cross answers file cross-answers-i586.txt is incomplete with +"Checking for a 64-bit host to support lmdb: UNKNOWN" + +we don't support lmdb, so only check when lmdb is support + +Signed-off-by: Changqing Li <changqing.li@windriver.com> --- - lib/replace/system/wscript_configure | 6 ++- - lib/replace/wscript | 94 +++++++++++++++++++++++++++--------- - wscript | 7 +++ - 3 files changed, 83 insertions(+), 24 deletions(-) + lib/replace/wscript | 94 ++++++++++++++++++++++++++++++++++++++++------------- + wscript | 6 ++++ + 2 files changed, 77 insertions(+), 23 deletions(-) -diff --git a/lib/replace/system/wscript_configure b/lib/replace/system/wscript_configure -index 2035474..10f9ae7 100644 ---- a/lib/replace/system/wscript_configure -+++ b/lib/replace/system/wscript_configure -@@ -1,6 +1,10 @@ - #!/usr/bin/env python - --conf.CHECK_HEADERS('sys/capability.h') -+import Options -+ -+if Options.options.enable_libcap: -+ conf.CHECK_HEADERS('sys/capability.h') -+ - conf.CHECK_FUNCS('getpwnam_r getpwuid_r getpwent_r') - - # solaris varients of getXXent_r diff --git a/lib/replace/wscript b/lib/replace/wscript -index 2f94d49..68b2d3a 100644 +index fd00a42..434192e 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -23,6 +23,41 @@ def set_options(opt): @@ -113,9 +105,9 @@ index 2f94d49..68b2d3a 100644 conf.CHECK_HEADERS('port.h') conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h sys/fs/vx/quota.h') conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h') -@@ -73,7 +121,9 @@ def configure(conf): - - conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h', define='HAVE_RPCSVC_YP_PROT_H') +@@ -108,7 +156,9 @@ def configure(conf): + conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h sys/sysmacros.h') + conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h') - conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h') + if Options.options.enable_valgrind: @@ -124,7 +116,7 @@ index 2f94d49..68b2d3a 100644 conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h') conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h') conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h') -@@ -266,22 +316,20 @@ def configure(conf): +@@ -340,22 +390,20 @@ def configure(conf): conf.CHECK_FUNCS('prctl dirname basename') @@ -161,7 +153,7 @@ index 2f94d49..68b2d3a 100644 conf.CHECK_CODE(''' struct ucred cred; -@@ -632,7 +680,7 @@ removeea setea +@@ -699,7 +747,7 @@ def configure(conf): # look for a method of finding the list of network interfaces for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']: bsd_for_strlcpy = '' @@ -171,12 +163,12 @@ index 2f94d49..68b2d3a 100644 if conf.CHECK_CODE(''' #define %s 1 diff --git a/wscript b/wscript -index 8ae5be3..a178cc4 100644 +index ad91bc6..2d20fee 100644 --- a/wscript +++ b/wscript -@@ -31,6 +31,13 @@ def set_options(opt): - opt.RECURSE('lib/replace') - opt.tool_options('python') # options for disabling pyc or pyo compilation +@@ -36,6 +36,12 @@ def set_options(opt): + help='disable new LMDB backend for LDB', + action='store_true', dest='without_ldb_lmdb', default=False) + opt.add_option('--with-valgrind', + help=("enable use of valgrind"), @@ -184,10 +176,9 @@ index 8ae5be3..a178cc4 100644 + opt.add_option('--without-valgrind', + help=("disable use of valgrind"), + action="store_false", dest='enable_valgrind', default=False) -+ + def configure(conf): conf.RECURSE('lib/tdb') - conf.RECURSE('lib/tevent') -- -2.16.2 +2.7.4 diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.3.1.bb b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb index 7e14cde35..3c7e5455e 100644 --- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.3.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb @@ -4,11 +4,14 @@ SECTION = "libs" LICENSE = "LGPL-3.0+ & LGPL-2.1+ & GPL-3.0+" DEPENDS += "libtdb libtalloc libtevent popt" -RDEPENDS_pyldb += "python" +RDEPENDS_pyldb += "python samba" SRC_URI = "http://samba.org/ftp/ldb/ldb-${PV}.tar.gz \ file://do-not-import-target-module-while-cross-compile.patch \ - file://options-1.3.1.patch \ + file://options-1.4.1.patch \ + file://0001-libldb-fix-config-error.patch \ + file://libldb-fix-musl-libc-unkown-type-error.patch \ + file://libldb-fix-musl-libc-conflict-type-error.patch \ " PACKAGECONFIG ??= "\ @@ -29,10 +32,11 @@ LIC_FILES_CHKSUM = "file://pyldb.h;endline=24;md5=dfbd238cecad76957f7f860fbe9ada file://man/ldb.3.xml;beginline=261;endline=262;md5=137f9fd61040c1505d1aa1019663fd08 \ file://tools/ldbdump.c;endline=19;md5=a7d4fc5d1f75676b49df491575a86a42" -SRC_URI[md5sum] = "e5233f202bca27f6ce8474fb8ae65983" -SRC_URI[sha256sum] = "b19f2c9f55ae0f46aa5ebaea0bf1a47ec1ac135e1d78af0f6318cf50bf62cbd2" +SRC_URI[md5sum] = "159a1b1a56dcccf410d1bba911be6076" +SRC_URI[sha256sum] = "2df13aa25b376b314ce24182c37691959019523de3cc5356c40c1a333b0890a2" -inherit waf-samba +inherit waf-samba distro_features_check +REQUIRED_DISTRO_FEATURES = "pam" S = "${WORKDIR}/ldb-${PV}" @@ -43,6 +47,7 @@ EXTRA_OECONF += "--disable-rpath \ --with-modulesdir=${libdir}/ldb/modules \ --with-privatelibdir=${libdir}/ldb \ --with-libiconv=${STAGING_DIR_HOST}${prefix}\ + --without-ldb-lmdb \ " PACKAGES =+ "pyldb pyldb-dbg pyldb-dev" diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/avoid-attr-unless-wanted.patch b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/avoid-attr-unless-wanted.patch index a3ee9ccd9..db3ddce2c 100644 --- a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/avoid-attr-unless-wanted.patch +++ b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/avoid-attr-unless-wanted.patch @@ -1,20 +1,20 @@ --- a/lib/replace/wscript 2015-11-13 16:04:04.000000000 +0100 +++ b/lib/replace/wscript 2015-11-13 16:23:20.000000000 +0100 -@@ -636,8 +636,6 @@ +@@ -837,8 +837,6 @@ def build(bld): if not bld.CONFIG_SET('HAVE_INET_ATON'): REPLACE_SOURCE += ' inet_aton.c' if not bld.CONFIG_SET('HAVE_INET_NTOP'): REPLACE_SOURCE += ' inet_ntop.c' if not bld.CONFIG_SET('HAVE_INET_PTON'): REPLACE_SOURCE += ' inet_pton.c' - if not bld.CONFIG_SET('HAVE_GETXATTR') or bld.CONFIG_SET('XATTR_ADDITIONAL_OPTIONS'): - REPLACE_SOURCE += ' xattr.c' - bld.SAMBA_LIBRARY('replace', - source=REPLACE_SOURCE, -@@ -648,7 +646,7 @@ + if not bld.CONFIG_SET('HAVE_CLOSEFROM'): + REPLACE_SOURCE += ' closefrom.c' +@@ -852,7 +850,7 @@ def build(bld): # at the moment: # hide_symbols=bld.BUILTIN_LIBRARY('replace'), private_library=True, - deps='crypt dl nsl socket rt attr' + extra_libs) + deps='crypt dl nsl socket rt ' + extra_libs) - bld.SAMBA_SUBSYSTEM('replace-test', - source='''test/testsuite.c test/strptime.c + replace_test_cflags="-Wno-format-zero-length" + if bld.CONFIG_SET('HAVE_WNO_FORMAT_TRUNCATION'): diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.10.patch b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.14.patch index 63f21e775..df45d36e9 100644 --- a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.10.patch +++ b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.14.patch @@ -1,6 +1,6 @@ -From efc1b02144f23fdf84dbc5ff15307815e0f2a425 Mon Sep 17 00:00:00 2001 +From 319a2a1bb46ae35fa9d66878cb08285035f0bd5f Mon Sep 17 00:00:00 2001 From: Jackie Huang <jackie.huang@windriver.com> -Date: Wed, 14 Sep 2016 11:11:35 +0800 +Date: Thu, 19 Jul 2018 15:41:31 +0800 Subject: [PATCH] talloc: Add configure options for packages Add configure options for the following packages: @@ -19,36 +19,22 @@ Modified to apply to version 2.1.10. Signed-off-by: Joe Slater <joe.slater@windriver.com> +Modified tp apply to version 2.1.14 +Signed-off-by: Changqing Li <changqing.li@windriver.com> --- - lib/replace/system/wscript_configure | 6 ++- - lib/replace/wscript | 85 ++++++++++++++++++++++++++++-------- - wscript | 7 ++- - 3 files changed, 79 insertions(+), 19 deletions(-) + lib/replace/wscript | 90 +++++++++++++++++++++++++++++++++++++++++------------ + wscript | 7 +++++ + 2 files changed, 77 insertions(+), 20 deletions(-) -Index: talloc-2.1.11/lib/replace/system/wscript_configure -=================================================================== ---- talloc-2.1.11.orig/lib/replace/system/wscript_configure -+++ talloc-2.1.11/lib/replace/system/wscript_configure -@@ -1,6 +1,10 @@ - #!/usr/bin/env python - --conf.CHECK_HEADERS('sys/capability.h') -+import Options -+ -+if Options.options.enable_libcap: -+ conf.CHECK_HEADERS('sys/capability.h') -+ - conf.CHECK_FUNCS('getpwnam_r getpwuid_r getpwent_r') - - # solaris varients of getXXent_r -Index: talloc-2.1.11/lib/replace/wscript -=================================================================== ---- talloc-2.1.11.orig/lib/replace/wscript -+++ talloc-2.1.11/lib/replace/wscript -@@ -23,6 +23,41 @@ def set_options(opt): +diff --git a/lib/replace/wscript b/lib/replace/wscript +index fd00a42..a77c058 100644 +--- a/lib/replace/wscript ++++ b/lib/replace/wscript +@@ -22,6 +22,41 @@ def set_options(opt): + opt.BUILTIN_DEFAULT('NONE') opt.PRIVATE_EXTENSION_DEFAULT('') opt.RECURSE('buildtools/wafsamba') - ++ + opt.add_option('--with-acl', + help=("Enable use of acl"), + action="store_true", dest='enable_acl') @@ -83,10 +69,9 @@ Index: talloc-2.1.11/lib/replace/wscript + opt.add_option('--without-libcap', + help=("Disable use of libcap"), + action="store_false", dest='enable_libcap', default=False) -+ + @Utils.run_once def configure(conf): - conf.RECURSE('buildtools/wafsamba') @@ -32,12 +67,25 @@ def configure(conf): conf.DEFINE('HAVE_LIBREPLACE', 1) conf.DEFINE('LIBREPLACE_NETWORK_CHECKS', 1) @@ -94,7 +79,7 @@ Index: talloc-2.1.11/lib/replace/wscript - conf.CHECK_HEADERS('linux/types.h crypt.h locale.h acl/libacl.h compat.h') - conf.CHECK_HEADERS('acl/libacl.h attr/xattr.h compat.h ctype.h dustat.h') + conf.CHECK_HEADERS('linux/types.h crypt.h locale.h compat.h') -+ conf.CHECK_HEADERS('compat.h ctype.h dustat.h') ++ conf.CHECK_HEADERS('attr/xattr.h compat.h ctype.h dustat.h') conf.CHECK_HEADERS('fcntl.h fnmatch.h glob.h history.h krb5.h langinfo.h') - conf.CHECK_HEADERS('libaio.h locale.h ndir.h pwd.h') - conf.CHECK_HEADERS('shadow.h sys/acl.h') @@ -118,9 +103,9 @@ Index: talloc-2.1.11/lib/replace/wscript conf.CHECK_HEADERS('port.h') conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h sys/fs/vx/quota.h') conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h') -@@ -73,7 +121,9 @@ def configure(conf): - - conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h', define='HAVE_RPCSVC_YP_PROT_H') +@@ -108,7 +156,9 @@ def configure(conf): + conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h sys/sysmacros.h') + conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h') - conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h') + if Options.options.enable_valgrind: @@ -129,19 +114,14 @@ Index: talloc-2.1.11/lib/replace/wscript conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h') conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h') conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h') -@@ -267,21 +317,21 @@ def configure(conf): - conf.CHECK_FUNCS('prctl dirname basename') +@@ -342,20 +392,20 @@ def configure(conf): strlcpy_in_bsd = False -- + - # libbsd on some platforms provides strlcpy and strlcat - if not conf.CHECK_FUNCS('strlcpy strlcat'): - if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h', -+ if Options.options.enable_libbsd: -+ # libbsd on some platforms provides strlcpy and strlcat -+ if not conf.CHECK_FUNCS('strlcpy strlcat'): -+ if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h', - checklibc=True): +- checklibc=True): - strlcpy_in_bsd = True - if not conf.CHECK_FUNCS('getpeereid'): - conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h') @@ -149,6 +129,14 @@ Index: talloc-2.1.11/lib/replace/wscript - conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h') - if not conf.CHECK_FUNCS('setproctitle_init'): - conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h') +- +- if not conf.CHECK_FUNCS('closefrom'): +- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h') ++ if Options.options.enable_libbsd: ++ # libbsd on some platforms provides strlcpy and strlcat ++ if not conf.CHECK_FUNCS('strlcpy strlcat'): ++ if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h', ++ checklibc=True): + strlcpy_in_bsd = True + if not conf.CHECK_FUNCS('getpeereid'): + conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h') @@ -156,29 +144,29 @@ Index: talloc-2.1.11/lib/replace/wscript + conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h') + if not conf.CHECK_FUNCS('setproctitle_init'): + conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h') - -- if not conf.CHECK_FUNCS('closefrom'): -- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h') + if not conf.CHECK_FUNCS('closefrom'): + conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h') conf.CHECK_CODE(''' struct ucred cred; -Index: talloc-2.1.11/wscript -=================================================================== ---- talloc-2.1.11.orig/wscript -+++ talloc-2.1.11/wscript -@@ -32,7 +32,12 @@ def set_options(opt): +diff --git a/wscript b/wscript +index 18f726e..fed8ab9 100644 +--- a/wscript ++++ b/wscript +@@ -32,6 +32,13 @@ def set_options(opt): opt.add_option('--enable-talloc-compat1', help=("Build talloc 1.x.x compat library [False]"), action="store_true", dest='TALLOC_COMPAT1', default=False) -- + opt.add_option('--with-valgrind', + help=("enable use of valgrind"), + action="store_true", dest='enable_valgrind') + opt.add_option('--without-valgrind', + help=("disable use of valgrind"), + action="store_false", dest='enable_valgrind', default=False) ++ + def configure(conf): - conf.RECURSE('lib/replace') +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.11.bb b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.14.bb index 848cf4d99..9a463a6dc 100644 --- a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.11.bb +++ b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.14.bb @@ -7,10 +7,10 @@ LIC_FILES_CHKSUM = "file://talloc.h;beginline=3;endline=27;md5=a301712782cad6dd6 SRC_URI = "https://samba.org/ftp/talloc/talloc-${PV}.tar.gz \ - file://options-2.1.10.patch \ + file://options-2.1.14.patch \ " -SRC_URI[md5sum] = "452596f904ca2b10322bdaabf147a721" -SRC_URI[sha256sum] = "639eb35556a0af999123c4d883e79be05ff9f00ab4f9e4ac2e5775f9c5eeeed3" +SRC_URI[md5sum] = "7478da02e309316231a497a9f17a980d" +SRC_URI[sha256sum] = "b185602756a628bac507fa8af8b9df92ace69d27c0add5dab93190ad7c3367ce" inherit waf-samba @@ -37,13 +37,13 @@ EXTRA_OECONF += "--disable-rpath \ --with-libiconv=${STAGING_DIR_HOST}${prefix}\ " -PACKAGES += "pytalloc pytalloc-dbg pytalloc-dev" +PACKAGES += "pytalloc pytalloc-dev" + +RPROVIDES_${PN}-dbg += "pytalloc-dbg" FILES_pytalloc = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \ ${libdir}/libpytalloc-util.so.2 \ ${libdir}/libpytalloc-util.so.2.1.1 \ " -FILES_pytalloc-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug \ - ${libdir}/.debug/libpytalloc-util.so.2.1.1" FILES_pytalloc-dev = "${libdir}/libpytalloc-util.so" RDEPENDS_pytalloc = "python" diff --git a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb/tdb-Add-configure-options-for-packages.patch b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb/tdb-Add-configure-options-for-packages.patch index 272921e56..365b92da2 100644 --- a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb/tdb-Add-configure-options-for-packages.patch +++ b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb/tdb-Add-configure-options-for-packages.patch @@ -1,10 +1,7 @@ -From 24911f36bcb00412e5dc4cd11fda139e09d58798 Mon Sep 17 00:00:00 2001 -From: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> -Date: Tue, 1 Aug 2017 03:12:09 +0900 -Subject: [PATCH] From 10ac5e5fdda44adcc2a159b6f9a2d51a51361057 Mon Sep 17 - 00:00:00 2001 From: Jackie Huang <jackie.huang@windriver.com> Date: Wed, 21 - Sep 2016 10:46:19 +0800 Subject: [PATCH] tdb: Add configure options for - packages +From 6de1affddde4003a956523c330ecf24e22e094ac Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Thu, 19 Jul 2018 16:20:32 +0800 +Subject: [PATCH] tdb: Add configure options for packages Add configure options for the following packages: - acl @@ -21,30 +18,16 @@ Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Update for libtdb_1.3.14. Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> + +Update for libtdb_1.3.16 +Signed-off-by: Changqing Li <changqing.li@windriver.com> --- - lib/replace/system/wscript_configure | 6 ++- - lib/replace/wscript | 85 ++++++++++++++++++++++++++++-------- - wscript | 7 ++- - 3 files changed, 79 insertions(+), 19 deletions(-) + lib/replace/wscript | 89 +++++++++++++++++++++++++++++++++++++++++------------ + wscript | 6 ++++ + 2 files changed, 75 insertions(+), 20 deletions(-) -diff --git a/lib/replace/system/wscript_configure b/lib/replace/system/wscript_configure -index 2035474..10f9ae7 100644 ---- a/lib/replace/system/wscript_configure -+++ b/lib/replace/system/wscript_configure -@@ -1,6 +1,10 @@ - #!/usr/bin/env python - --conf.CHECK_HEADERS('sys/capability.h') -+import Options -+ -+if Options.options.enable_libcap: -+ conf.CHECK_HEADERS('sys/capability.h') -+ - conf.CHECK_FUNCS('getpwnam_r getpwuid_r getpwent_r') - - # solaris varients of getXXent_r diff --git a/lib/replace/wscript b/lib/replace/wscript -index 7c50e1d..15df5c3 100644 +index fd00a42..2df83cd 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -23,6 +23,41 @@ def set_options(opt): @@ -96,7 +79,7 @@ index 7c50e1d..15df5c3 100644 - conf.CHECK_HEADERS('linux/types.h crypt.h locale.h acl/libacl.h compat.h') - conf.CHECK_HEADERS('acl/libacl.h attr/xattr.h compat.h ctype.h dustat.h') + conf.CHECK_HEADERS('linux/types.h crypt.h locale.h compat.h') -+ conf.CHECK_HEADERS('compat.h ctype.h dustat.h') ++ conf.CHECK_HEADERS('attr/xattr.h compat.h ctype.h dustat.h') conf.CHECK_HEADERS('fcntl.h fnmatch.h glob.h history.h krb5.h langinfo.h') - conf.CHECK_HEADERS('libaio.h locale.h ndir.h pwd.h') - conf.CHECK_HEADERS('shadow.h sys/acl.h') @@ -120,9 +103,9 @@ index 7c50e1d..15df5c3 100644 conf.CHECK_HEADERS('port.h') conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h sys/fs/vx/quota.h') conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h') -@@ -73,7 +121,9 @@ def configure(conf): - - conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h', define='HAVE_RPCSVC_YP_PROT_H') +@@ -108,7 +156,9 @@ def configure(conf): + conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h sys/sysmacros.h') + conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h') - conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h') + if Options.options.enable_valgrind: @@ -131,18 +114,21 @@ index 7c50e1d..15df5c3 100644 conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h') conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h') conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h') -@@ -251,17 +301,18 @@ def configure(conf): +@@ -342,20 +392,19 @@ def configure(conf): - conf.CHECK_FUNCS('prctl dirname basename') + strlcpy_in_bsd = False - # libbsd on some platforms provides strlcpy and strlcat - if not conf.CHECK_FUNCS('strlcpy strlcat'): -- conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h', -- checklibc=True) +- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h', +- checklibc=True): +- strlcpy_in_bsd = True - if not conf.CHECK_FUNCS('getpeereid'): - conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h') - if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'): - conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h') +- if not conf.CHECK_FUNCS('setproctitle_init'): +- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h') - - if not conf.CHECK_FUNCS('closefrom'): - conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h') @@ -158,18 +144,18 @@ index 7c50e1d..15df5c3 100644 + + if not conf.CHECK_FUNCS('closefrom'): + conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h') ++ conf.CHECK_CODE(''' struct ucred cred; diff --git a/wscript b/wscript -index 1c9655a..8c20d3b 100644 +index 6505648..6608481 100644 --- a/wscript +++ b/wscript -@@ -62,7 +62,12 @@ def set_options(opt): - help=("Disable the use of pthread robust mutexes"), +@@ -63,6 +63,12 @@ def set_options(opt): action="store_true", dest='disable_tdb_mutex_locking', default=False) -- + + opt.add_option('--with-valgrind', + help=("enable use of valgrind"), + action="store_true", dest='enable_valgrind') diff --git a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.15.bb b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.16.bb index 302a306b3..0579ed6e3 100644 --- a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.15.bb +++ b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.16.bb @@ -11,8 +11,8 @@ SRC_URI = "https://samba.org/ftp/tdb/tdb-${PV}.tar.gz \ file://tdb-Add-configure-options-for-packages.patch \ " -SRC_URI[md5sum] = "60ece3996acc8d85b6f713199da971a6" -SRC_URI[sha256sum] = "b4a1bf3833601bd9f10aff363cb750860aef9ce5b4617989239923192f946728" +SRC_URI[md5sum] = "7d06d8709188e07df853d9e91db88927" +SRC_URI[sha256sum] = "6a3fc2616567f23993984ada3cea97d953a27669ffd1bfbbe961f26e0cf96cc5" PACKAGECONFIG ??= "\ ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \ @@ -35,10 +35,11 @@ EXTRA_OECONF += "--disable-rpath \ --with-libiconv=${STAGING_DIR_HOST}${prefix}\ " -PACKAGES += "tdb-tools python-tdb python-tdb-dbg" +PACKAGES += "tdb-tools python-tdb" + +RPROVIDES_${PN}-dbg += "python-tdb-dbg" FILES_${PN} = "${libdir}/*.so.*" FILES_tdb-tools = "${bindir}/*" FILES_python-tdb = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*" -FILES_python-tdb-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*" RDEPENDS_python-tdb = "python" diff --git a/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent/0001-libtevent-fix-musl-libc-compile-error.patch b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent/0001-libtevent-fix-musl-libc-compile-error.patch new file mode 100644 index 000000000..e3aeda9c3 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent/0001-libtevent-fix-musl-libc-compile-error.patch @@ -0,0 +1,32 @@ +From 7ba1de909c587b6773a39ba9f6f9890987f35b24 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Tue, 24 Jul 2018 11:30:53 +0800 +Subject: [PATCH] libtevent: fix musl libc compile error + +libldb depend on libtevent, build libldb with musl libc, +will report error: +tevent.h:1440:8: error: unknown type name 'pid_t'; did you mean 'div_t'? + +add missing headers to fix it. + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + tevent.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tevent.h b/tevent.h +index aa6fe0d..2572696 100644 +--- a/tevent.h ++++ b/tevent.h +@@ -32,6 +32,8 @@ + #include <talloc.h> + #include <sys/time.h> + #include <stdbool.h> ++#include <sys/stat.h> ++#include <sys/types.h> + + struct tevent_context; + struct tevent_ops; +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.36.bb b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.37.bb index c91b221b1..4df251c7f 100644 --- a/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.36.bb +++ b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.37.bb @@ -8,11 +8,12 @@ RDEPENDS_python-tevent = "python" SRC_URI = "https://samba.org/ftp/tevent/tevent-${PV}.tar.gz \ file://options-0.9.36.patch \ + file://0001-libtevent-fix-musl-libc-compile-error.patch \ " LIC_FILES_CHKSUM = "file://tevent.h;endline=26;md5=4e458d658cb25e21efc16f720e78b85a" -SRC_URI[md5sum] = "87d67bca75b231814435c47bec0aff8a" -SRC_URI[sha256sum] = "bd2b6be3fd1601ed7f176e99111e322c57d58e425cc149ee80c7dd4fed263b4c" +SRC_URI[md5sum] = "6859cd4081fdb2a76b1cb4bf1c803a59" +SRC_URI[sha256sum] = "168345ed65eac03785cf77b95238e7dc66cbb473a42811693a6b0916e5dae7e0" inherit waf-samba @@ -38,7 +39,8 @@ EXTRA_OECONF += "--disable-rpath \ --without-gettext \ " -PACKAGES += "python-tevent python-tevent-dbg" +PACKAGES += "python-tevent" + +RPROVIDES_${PN}-dbg += "python-tevent-dbg" FILES_python-tevent = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*" -FILES_python-tevent-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug" diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-0b0dce7a36fb-actually-belongs-to-v4.19.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-0b0dce7a36fb-actually-belongs-to-v4.19.patch new file mode 100644 index 000000000..7599b1bcf --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-0b0dce7a36fb-actually-belongs-to-v4.19.patch @@ -0,0 +1,31 @@ +From e5952a0cdfa8b1b56a5823574835f1f771f14ae0 Mon Sep 17 00:00:00 2001 +From: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +Date: Fri, 24 Aug 2018 09:53:00 -0300 +Subject: [PATCH] build: 0b0dce7a36fb actually belongs to v4.19 + +Typo or not, this commit actually belongs to v4.19 and made me wonder why +on v4.18 it didn't find this feature. + +Fixes: 817f0bfa248f ("build: add two defines for Peer Address Parameters extensions on sctp_paddrparams") +Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +Reviewed-by: Xin Long <lucien.xin@gmail.com> +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index f55775a..5de5c76 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -101,7 +101,7 @@ LKSCTP_CHECK_TYPE([struct sctp_prinfo], [HAVE_SCTP_SENDV]) + # added on v4.16, 30f6ebf65bc4 + LKSCTP_CHECK_DECL([SCTP_AUTH_NO_AUTH], [HAVE_SCTP_AUTH_NO_AUTH]) + +-# New members to sctp_paddrparams, added on v4.18, 0b0dce7a36fb ++# New members to sctp_paddrparams, added on v4.19, 0b0dce7a36fb + LKSCTP_CHECK_MEMBER([struct sctp_paddrparams.spp_ipv6_flowlabel], + [HAVE_SCTP_SPP_IPV6_FLOWLABEL]) + LKSCTP_CHECK_MEMBER([struct sctp_paddrparams.spp_dscp], +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-netinet-sctp.h-not-to-be-installed.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-netinet-sctp.h-not-to-be-installed.patch new file mode 100644 index 000000000..03c6c4f73 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-netinet-sctp.h-not-to-be-installed.patch @@ -0,0 +1,35 @@ +From 378560050a8f93786c590cc99a55461666205b61 Mon Sep 17 00:00:00 2001 +From: Xin Long <lucien.xin@gmail.com> +Date: Fri, 24 Aug 2018 01:13:32 +0800 +Subject: [PATCH] build: fix netinet/sctp.h not to be installed + +After libcnetinet_HEADERS was set to sctp.h.in, netinet/sctp.h can +no longer be installed into ${includedir}. + +Since "AC_CONFIG_HEADERS([src/include/netinet/sctp.h])" is already +added into configure.ac, there's no need to generate sctp.h by +automake. + +So we simply set libcnetinet_HEADERS back to sctp.h. + +Fixes: 9607dd85e70a ("netinet/sctp.h: dynamically build based on system setup") +Signed-off-by: Xin Long <lucien.xin@gmail.com> +Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +--- + src/include/netinet/Makefile.am | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/include/netinet/Makefile.am b/src/include/netinet/Makefile.am +index ca0aac2..965db8c 100644 +--- a/src/include/netinet/Makefile.am ++++ b/src/include/netinet/Makefile.am +@@ -11,5 +11,4 @@ libcnetinetdir = $(includedir)/netinet + # API. + include_HEADERS = + +-libcnetinet_HEADERS = sctp.h.in +-BUILT_SOURCES = sctp.h ++libcnetinet_HEADERS = sctp.h +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-probing-for-HAVE_SCTP_SENDV.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-probing-for-HAVE_SCTP_SENDV.patch new file mode 100644 index 000000000..89c89835d --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-probing-for-HAVE_SCTP_SENDV.patch @@ -0,0 +1,35 @@ +From 596efd6631b83069d41782fb0ee2d6cf76a50dfa Mon Sep 17 00:00:00 2001 +From: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +Date: Fri, 24 Aug 2018 09:52:59 -0300 +Subject: [PATCH] build: fix probing for HAVE_SCTP_SENDV + +Somehow it was using a type that is non-existent. The right one is +sctp_prinfo, introduced on ed63afb8a318 ("sctp: add support for PR-SCTP +Information for sendmsg"), present on v4.17. + +Fixes: 1b798f1ca3b5 ("build: add define HAVE_SCTP_AUTH_NO_AUTH") +Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +Reviewed-by: Xin Long <lucien.xin@gmail.com> +--- + configure.ac | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index dad658c..f55775a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -94,9 +94,8 @@ LKSCTP_CHECK_MEMBER([struct sctp_pdapi_event.pdapi_stream], + LKSCTP_CHECK_MEMBER([struct sctp_pdapi_event.pdapi_seq], + [HAVE_SCTP_PDAPI_EVENT_PDAPI_SEQ]) + +-# PR-SCTP field used to probe for sendv/recvv support, added on v4.17 +-LKSCTP_CHECK_MEMBER([struct sendv_prinfo.sctp_prinfo], +- [HAVE_SCTP_SENDV]) ++# PR-SCTP struct used to probe for sendv/recvv support, added on v4.17 ++LKSCTP_CHECK_TYPE([struct sctp_prinfo], [HAVE_SCTP_SENDV]) + + # This event indicates that the peer does not support SCTP authentication, + # added on v4.16, 30f6ebf65bc4 +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-remove-v4.12-secondary-defines-in-favor-of-HAV.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-remove-v4.12-secondary-defines-in-favor-of-HAV.patch new file mode 100644 index 000000000..d22cda681 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-remove-v4.12-secondary-defines-in-favor-of-HAV.patch @@ -0,0 +1,52 @@ +From db6d15bf12a0123e4320e5fd7cb688331dea1bdc Mon Sep 17 00:00:00 2001 +From: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +Date: Fri, 24 Aug 2018 09:52:58 -0300 +Subject: [PATCH] build: remove v4.12 secondary defines in favor of + HAVE_SCTP_STREAM_RECONFIG + +These were backups, commented out since beginning. +HAVE_SCTP_STREAM_RECONFIG is enough to identify that these are there, so +lets use only one. + +Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +Reviewed-by: Xin Long <lucien.xin@gmail.com> +--- + configure.ac | 8 -------- + src/include/netinet/sctp.h.in | 2 -- + 2 files changed, 10 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 2ae36ec..dad658c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -82,14 +82,6 @@ AC_CHECK_FUNCS([bzero gethostbyname gettimeofday memmove memset select socket \ + LKSCTP_CHECK_MEMBER([struct sctp_event_subscribe.sctp_stream_reset_event], + [HAVE_SCTP_STREAM_RESET_EVENT]) + +-# Support for assoc reset event, added on v4.12, c95129d127c6 +-#LKSCTP_CHECK_MEMBER([struct sctp_event_subscribe.sctp_assoc_reset_event], \ +-# [HAVE_SCTP_ASSOC_RESET_EVENT]) +- +-# Support for stream change event, added on v4.12, b444153fb5a6 +-#LKSCTP_CHECK_MEMBER([struct sctp_event_subscribe.sctp_stream_change_event], \ +-# [HAVE_SCTP_STREAM_CHANGE_EVENT]) +- + # RFC 6525 (Stream Reconf), finished on v4.12, c0d8bab6ae51 + LKSCTP_CHECK_DECL([SCTP_RECONFIG_SUPPORTED], [HAVE_SCTP_STREAM_RECONFIG]) + +diff --git a/src/include/netinet/sctp.h.in b/src/include/netinet/sctp.h.in +index c049077..2009f1c 100644 +--- a/src/include/netinet/sctp.h.in ++++ b/src/include/netinet/sctp.h.in +@@ -61,8 +61,6 @@ extern "C" { + #define HAVE_SCTP_CANSET_PRIMARY + + #undef HAVE_SCTP_STREAM_RESET_EVENT +-#undef HAVE_SCTP_ASSOC_RESET_EVENT +-#undef HAVE_SCTP_STREAM_CHANGE_EVENT + #undef HAVE_SCTP_STREAM_RECONFIG + #undef HAVE_SCTP_PEELOFF_FLAGS + #undef HAVE_SCTP_PDAPI_EVENT_PDAPI_STREAM +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch new file mode 100644 index 000000000..bec9bf0d1 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch @@ -0,0 +1,71 @@ +From 7de2bd7e769f10521e3d0c2cb42c6f6b9b505dd0 Mon Sep 17 00:00:00 2001 +From: Xin Long <lucien.xin@gmail.com> +Date: Thu, 16 Aug 2018 14:12:30 +0800 +Subject: [PATCH] configure.ac: add CURRENT REVISION and AGE for libsctp and + libwithsctp + +Add CURRENT REVISION and AGE for libsctp and libwithsctp in +configure.ac to update these 2 library version information. + +Compatible with before, they will start from 1:18:0. But each +will get updated according to their definitions in the future. + +Signed-off-by: Xin Long <lucien.xin@gmail.com> +Acked-by: Neil Horman <nhorman@tuxdriver.com> +Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +--- + configure.ac | 7 +++++++ + src/lib/Makefile.am | 7 +++++-- + src/withsctp/Makefile.am | 3 ++- + 3 files changed, 14 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 275ef4e..2ae36ec 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -14,6 +14,13 @@ dnl reduce clutter in the root; if we put it below AM_INIT_AUTOMAKE, + dnl configure will fail ...) + + AC_INIT([lksctp-tools], [1.0.18], [], [], [http://www.lksctp.org/]) ++AC_SUBST(LIBSCTP_CURRENT, 1) ++AC_SUBST(LIBSCTP_REVISION, 18) ++AC_SUBST(LIBSCTP_AGE, 0) ++AC_SUBST(LIBWITHSCTP_CURRENT, 1) ++AC_SUBST(LIBWITHSCTP_REVISION, 18) ++AC_SUBST(LIBWITHSCTP_AGE, 0) ++ + AC_CONFIG_AUX_DIR(bin) + AC_CONFIG_SRCDIR([src/apps/sctp_darn.c]) + AC_CONFIG_HEADERS([config.h]) +diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am +index 6100c56..1d62175 100644 +--- a/src/lib/Makefile.am ++++ b/src/lib/Makefile.am +@@ -8,5 +8,8 @@ AM_CPPFLAGS = -I$(top_srcdir)/src/include + + lib_LTLIBRARIES = libsctp.la + +-libsctp_la_SOURCES = bindx.c connectx.c peeloff.c opt_info.c addrs.c sendmsg.c recvmsg.c Versions.map +-libsctp_la_LDFLAGS = -version-info 1:17:0 -Wl,--version-script=$(srcdir)/Versions.map ++libsctp_la_SOURCES = bindx.c connectx.c peeloff.c opt_info.c \ ++ addrs.c sendmsg.c recvmsg.c Versions.map ++libsctp_la_LDFLAGS = -version-info \ ++ @LIBSCTP_CURRENT@:@LIBSCTP_REVISION@:@LIBSCTP_AGE@ \ ++ -Wl,--version-script=$(srcdir)/Versions.map +diff --git a/src/withsctp/Makefile.am b/src/withsctp/Makefile.am +index 70b1cca..1f6ca37 100644 +--- a/src/withsctp/Makefile.am ++++ b/src/withsctp/Makefile.am +@@ -14,7 +14,8 @@ AM_CPPFLAGS=-I$(top_srcdir)/src/include + pkglib_LTLIBRARIES = libwithsctp.la + libwithsctp_la_SOURCES = sctp_load_libs.c sctp_socket.c sctp_bind.c \ + sctp_sockopt.c sctp_socket.h +-libwithsctp_la_LDFLAGS = -version-info 1:17:0 -ldl ++libwithsctp_la_LDFLAGS = -version-info \ ++ @LIBWITHSCTP_CURRENT@:@LIBWITHSCTP_REVISION@:@LIBWITHSCTP_AGE@ -ldl + + pkgdoc_DATA = sctp_load_libs.c sctp_socket.c sctp_bind.c \ + sctp_sockopt.c sctp_socket.h checksctp.c +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-test_1_to_1_events.c-initialize-event-properly.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-test_1_to_1_events.c-initialize-event-properly.patch new file mode 100644 index 000000000..621e6f469 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-test_1_to_1_events.c-initialize-event-properly.patch @@ -0,0 +1,44 @@ +From e1e670defb84d51efdd124e5f3fa166a1a4b7c1d Mon Sep 17 00:00:00 2001 +From: Mingli Yu <Mingli.Yu@windriver.com> +Date: Tue, 25 Sep 2018 11:39:43 +0800 +Subject: [PATCH] test_1_to_1_events.c: initialize event properly + +Initialize event properly to avoid below +Segmentation fault when run below test +related to AUTH_NO_AUTH. + + # ./test_1_to_1_events +test_1_to_1_events.c 1 PASS : COMM_UP notification on client socket - SUCCESS +test_1_to_1_events.c 2 PASS : COMM_UP notification on server socket - SUCCESS +test_1_to_1_events.c 3 BROK : Got a datamsg, expecting notification +DUMP_CORE sctputil.c: 187 +[ 1468.733938] test_1_to_1_eve[2376]: segfault at 0 ip 0000561a4a3d5079 sp 00007ffd49101580 error 6 in test_1_to_1_events[561a4a3d4000+2000] +[ 1468.734479] Code: ff bf 0a 00 00 00 e8 e6 ef ff ff b9 c9 00 00 00 48 8d 15 61 13 00 00 bf 01 00 00 00 31 c0 48 8d 35 c7 0f 00 00 e8 97 f0 +Segmentation fault + +Upstream-Status: Pending + +Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> +--- + src/func_tests/test_1_to_1_events.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/func_tests/test_1_to_1_events.c b/src/func_tests/test_1_to_1_events.c +index 46439bf..a086832 100644 +--- a/src/func_tests/test_1_to_1_events.c ++++ b/src/func_tests/test_1_to_1_events.c +@@ -92,9 +92,11 @@ main(int argc, char *argv[]) + /* Create the client socket. */ + clt_sk = test_socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP); + ++ memset(&event, 0, sizeof(event)); + event.sctp_data_io_event = 1; + event.sctp_association_event = 1; + event.sctp_shutdown_event = 1; ++ event.sctp_authentication_event = 1; + len = sizeof(struct sctp_event_subscribe); + test_setsockopt(svr_sk, SCTP_EVENTS, &event, len); + test_setsockopt(clt_sk, SCTP_EVENTS, &event, len); +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch new file mode 100644 index 000000000..2537bb976 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch @@ -0,0 +1,43 @@ +From 7c0ef4d441b3833e721df58f56e2cb8c81b34df4 Mon Sep 17 00:00:00 2001 +From: Xin Long <lucien.xin@gmail.com> +Date: Thu, 16 Aug 2018 14:12:01 +0800 +Subject: [PATCH] withsctp: use @PACKAGE_VERSION@ in withsctp.h + +use @PACKAGE_VERSION@ to replace the hardcode version. + +Signed-off-by: Xin Long <lucien.xin@gmail.com> +Acked-by: Neil Horman <nhorman@tuxdriver.com> +Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> +--- + Makefile.rules | 3 ++- + src/withsctp/withsctp.in | 3 ++- + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/Makefile.rules b/Makefile.rules +index 83f5f0c..d3693fa 100644 +--- a/Makefile.rules ++++ b/Makefile.rules +@@ -15,4 +15,5 @@ + edit = @sed \ + -e "s|\@bindir\@|$(bindir)|" \ + -e "s|\@libdir\@|$(libdir)|" \ +- -e "s|\@PACKAGE\@|$(PACKAGE)|" ++ -e "s|\@PACKAGE\@|$(PACKAGE)|" \ ++ -e "s|\@PACKAGE_VERSION\@|$(PACKAGE_VERSION)|" +diff --git a/src/withsctp/withsctp.in b/src/withsctp/withsctp.in +index 7f182ba..fda5ebc 100644 +--- a/src/withsctp/withsctp.in ++++ b/src/withsctp/withsctp.in +@@ -2,7 +2,8 @@ + # -*- sh -*- + LIBDIR=@libdir@/@PACKAGE@ + BINDIR=@bindir@ +-export LD_PRELOAD=${LIBDIR}/libwithsctp.so.1.0.17 ++LIBVER=@PACKAGE_VERSION@ ++export LD_PRELOAD=${LIBDIR}/libwithsctp.so.${LIBVER} + if ! ${BINDIR}/checksctp 2> /dev/null + then + ${BINDIR}/checksctp; +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb index 121cc9945..70cea6c7b 100644 --- a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb @@ -8,13 +8,20 @@ LIC_FILES_CHKSUM = " \ file://COPYING;md5=0c56db0143f4f80c369ee3af7425af6e \ " -SRCREV = "736b91d340e3f2519714f2930ed63b164d363511" +SRCREV = "1b077af62d83d53c34b1bde8bad6648149d5edf9" PV .= "+git${SRCPV}" -LK_REL = "1.0.17" +LK_REL = "1.0.18" SRC_URI = " \ git://github.com/sctp/lksctp-tools.git \ + file://0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch \ + file://0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch \ + file://0001-build-fix-netinet-sctp.h-not-to-be-installed.patch \ + file://0001-build-remove-v4.12-secondary-defines-in-favor-of-HAV.patch \ + file://0001-build-fix-probing-for-HAVE_SCTP_SENDV.patch \ + file://0001-build-0b0dce7a36fb-actually-belongs-to-v4.19.patch \ + file://0001-test_1_to_1_events.c-initialize-event-properly.patch \ file://run-ptest \ file://v4test.sh \ file://v6test.sh \ @@ -24,7 +31,7 @@ S = "${WORKDIR}/git" BBCLASSEXTEND = "native" -inherit autotools pkgconfig binconfig ptest +inherit autotools-brokensep pkgconfig binconfig ptest do_install_ptest () { install -m 0755 ${WORKDIR}/v4test.sh ${D}${PTEST_PATH} diff --git a/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools/0001-Fix-potential-string-truncation-in-strncpy.patch b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools/0001-Fix-potential-string-truncation-in-strncpy.patch new file mode 100644 index 000000000..e621d8f2a --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools/0001-Fix-potential-string-truncation-in-strncpy.patch @@ -0,0 +1,139 @@ +From 58b6d9a2efe101e5b80fd708e6f84c7ca779ce93 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Thu, 31 May 2018 20:27:43 -0700 +Subject: [PATCH] Fix potential string truncation in strncpy() + +GCC 8 complains about the string truncation during copy + +error: 'strncpy' specified bound 16 equals destination size + +Upstream-Status: Inappropriate [depricated component] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + tests/listen-packet.c | 3 ++- + tests/listen.c | 3 ++- + tests/test2.c | 4 ++-- + tests/test3.c | 3 ++- + tests/test4.c | 3 ++- + tests/test5.c | 3 ++- + tests/test6.c | 3 ++- + tests/test7.c | 3 ++- + 8 files changed, 16 insertions(+), 9 deletions(-) + +diff --git a/tests/listen-packet.c b/tests/listen-packet.c +index e40af81..eae0c71 100644 +--- a/tests/listen-packet.c ++++ b/tests/listen-packet.c +@@ -50,7 +50,8 @@ int main(int argc, char **argv) { + return 1; + } + +- strncpy(req.ifr_name, iface, IF_NAMESIZE); ++ strncpy(req.ifr_name, iface, IF_NAMESIZE - 1); ++ req.ifr_name[IF_NAMESIZE - 1] = '\0'; + ret = ioctl(sd, SIOCGIFINDEX, &req); + if (ret < 0) + perror("ioctl: SIOCGIFINDEX"); +diff --git a/tests/listen.c b/tests/listen.c +index 75c320b..5ce1ed9 100644 +--- a/tests/listen.c ++++ b/tests/listen.c +@@ -47,7 +47,8 @@ int main(int argc, char **argv) { + return 1; + } + +- strncpy(req.ifr_name, iface, IFNAMSIZ); ++ strncpy(req.ifr_name, iface, IFNAMSIZ - 1); ++ req.ifr_name[IF_NAMESIZE - 1] = '\0'; + ret = ioctl(sd, SIOCGIFHWADDR, &req); + if (ret < 0) + perror("ioctl: SIOCGIFHWADDR"); +diff --git a/tests/test2.c b/tests/test2.c +index 58eb74b..5d02838 100644 +--- a/tests/test2.c ++++ b/tests/test2.c +@@ -45,8 +45,8 @@ int main(int argc, char **argv) { + perror("socket"); + return 1; + } +- +- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE); ++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1); ++ req.ifr_name[IF_NAMESIZE - 1] = '\0'; + ret = ioctl(sd, SIOCGIFHWADDR, &req); + if (ret < 0) + perror("ioctl: SIOCGIFHWADDR"); +diff --git a/tests/test3.c b/tests/test3.c +index fb36627..2f50a5a 100644 +--- a/tests/test3.c ++++ b/tests/test3.c +@@ -46,7 +46,8 @@ int main(int argc, char **argv) { + return 1; + } + +- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE); ++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1); ++ req.ifr_name[IF_NAMESIZE - 1] = '\0'; + ret = ioctl(sd, SIOCGIFHWADDR, &req); + if (ret < 0) + perror("ioctl: SIOCGIFHWADDR"); +diff --git a/tests/test4.c b/tests/test4.c +index 33c274c..8737149 100644 +--- a/tests/test4.c ++++ b/tests/test4.c +@@ -46,7 +46,8 @@ int main(int argc, char **argv) { + return 1; + } + +- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE); ++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1); ++ req.ifr_name[IF_NAMESIZE - 1] = '\0'; + ret = ioctl(sd, SIOCGIFHWADDR, &req); + if (ret < 0) + perror("ioctl: SIOCGIFHWADDR"); +diff --git a/tests/test5.c b/tests/test5.c +index 4439dfa..28db562 100644 +--- a/tests/test5.c ++++ b/tests/test5.c +@@ -45,7 +45,8 @@ int main(int argc, char **argv) { + return 1; + } + +- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE); ++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1); ++ req.ifr_name[IF_NAMESIZE - 1] = '\0'; + ret = ioctl(sd, SIOCGIFADDR, &req); + if (ret < 0) { + perror("ioctl: SIOCGIFADDR"); +diff --git a/tests/test6.c b/tests/test6.c +index e375bfb..ce7de59 100644 +--- a/tests/test6.c ++++ b/tests/test6.c +@@ -45,7 +45,8 @@ int main(int argc, char **argv) { + return 1; + } + +- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE); ++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1); ++ req.ifr_name[IF_NAMESIZE - 1] = '\0'; + ret = ioctl(sd, SIOCGIFADDR, &req); + if (ret < 0) { + perror("ioctl: SIOCGIFADDR"); +diff --git a/tests/test7.c b/tests/test7.c +index e9a5a55..37da22d 100644 +--- a/tests/test7.c ++++ b/tests/test7.c +@@ -58,7 +58,8 @@ int main(int argc, char **argv) { + if (ret) + perror("setsockopt"); + +- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE); ++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1); ++ req.ifr_name[IF_NAMESIZE - 1] = '\0'; + ret = ioctl(sd, SIOCGIFHWADDR, &req); + if (ret < 0) + perror("ioctl: SIOCGIFHWADDR"); +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb index d0fe59c98..b70c43f15 100644 --- a/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/linux-wpan/lowpan-tools \ file://0001-src-iz.c-Undef-dprintf-before-redefining.patch \ file://0001-Remove-newline-from-format-line.patch \ file://0001-coordinator-Fix-strncpy-range-warning.patch \ + file://0001-Fix-potential-string-truncation-in-strncpy.patch \ " SRCREV = "1c2d8674cc6f4b1166a066e8822e295c105ae7a2" diff --git a/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.0.bb b/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.10.bb index fd3d171f0..d2cafc9f6 100644 --- a/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.10.bb @@ -22,8 +22,8 @@ RDEPENDS_${PN} += "perl perl-module-posix perl-module-autoloader \ SRC_URI = "http://www.memcached.org/files/${BP}.tar.gz \ file://memcached-add-hugetlbfs-check.patch \ " -SRC_URI[md5sum] = "81326513f60d7ba482f8131975cd55ae" -SRC_URI[sha256sum] = "c001f812024bb461b5e4d7d0506daab63dff9614eea26f46536c3b7e1e601c32" +SRC_URI[md5sum] = "8462616b554183a75845b03c56837cca" +SRC_URI[sha256sum] = "494c060dbd96d546c74ab85a3cc3984d009b4423767ac33e05dd2340c01f1c4b" # set the same COMPATIBLE_HOST as libhugetlbfs COMPATIBLE_HOST = '(i.86|x86_64|powerpc|powerpc64|arm).*-linux' diff --git a/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.11.bb b/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.17.bb index 2ad75bda6..356023681 100644 --- a/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.11.bb +++ b/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.17.bb @@ -7,8 +7,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS = "glib-2.0" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz" -SRC_URI[md5sum] = "73d11644a28b9f335292cdb3bdc4b74b" -SRC_URI[sha256sum] = "14420f74cb16dc609a9302ed1efd653064bed7a8357e9d73daabc33608e3f2a0" +SRC_URI[md5sum] = "98b74c655ed94a66686c5ba19480d98e" +SRC_URI[sha256sum] = "d95c6bb1a3ab33b953af99b73fb4833e123bd25433513b32d57dbeb1a0a0d189" inherit autotools pkgconfig diff --git a/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb b/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb index cebc1d9cd..ec4879752 100644 --- a/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb @@ -19,13 +19,10 @@ inherit autotools gettext EXTRA_OECONF += "PERL=${USRBINPATH}/perl" -LDFLAGS += "-fuse-ld=gold" -LDFLAGS_remove_riscv64 = "-fuse-ld=gold" - -TOOLCHAIN = "gcc" - USE_NLS = "yes" +EXTRA_OECONF += "--disable-rpath" + do_configure_prepend() { cp ${STAGING_DATADIR_NATIVE}/gettext/gettext.h ${S}/include ${S}/autogen.sh diff --git a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd/0001-bundle-own-base64-encode-decode-functions.patch b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd/0001-bundle-own-base64-encode-decode-functions.patch index 0966b6580..929f63f4a 100644 --- a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd/0001-bundle-own-base64-encode-decode-functions.patch +++ b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd/0001-bundle-own-base64-encode-decode-functions.patch @@ -1,40 +1,47 @@ -From ccd166b73eaae4dd1e1785c63ceb9b303568ed46 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Tue, 21 Mar 2017 11:30:49 -0700 +From 3da48ec13a44b71ca51adbc803b42c1b29a43f57 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Tue, 24 Jul 2018 14:03:51 +0800 Subject: [PATCH] bundle own base64 encode/decode functions Not all libc implementations provide it. as an aside libresolv is no longer needed +Upstream-Status: Pending + Signed-off-by: Khem Raj <raj.khem@gmail.com> + +Update to version 1.190-2 +Signed-off-by: Changqing Li <changqing.li@windriver.com> --- Makefile | 4 +- base64.c | 313 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - netcat.c | 2 + + netcat.c | 3 + socks.c | 3 + - 4 files changed, 320 insertions(+), 2 deletions(-) + 4 files changed, 321 insertions(+), 2 deletions(-) create mode 100644 base64.c -Index: netcat-openbsd-1.105/Makefile -=================================================================== ---- netcat-openbsd-1.105.orig/Makefile -+++ netcat-openbsd-1.105/Makefile -@@ -1,9 +1,9 @@ - # $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $ +diff --git a/Makefile b/Makefile +index 8247cfd..b8d8547 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,10 +1,10 @@ + # $OpenBSD: Makefile,v 1.7 2015/09/11 21:07:01 beck Exp $ PROG= nc -SRCS= netcat.c atomicio.c socks.c +SRCS= netcat.c atomicio.c socks.c base64.c --LIBS= `pkg-config --libs libbsd` -lresolv -+LIBS= `pkg-config --libs libbsd` + PKG_CONFIG ?= pkg-config +-LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv ++LIBS= `$(PKG_CONFIG) --libs libbsd` OBJS= $(SRCS:.c=.o) CFLAGS= -g -O2 LDFLAGS= -Wl,--no-add-needed -Index: netcat-openbsd-1.105/base64.c -=================================================================== +diff --git a/base64.c b/base64.c +new file mode 100644 +index 0000000..b0ee6c2 --- /dev/null -+++ netcat-openbsd-1.105/base64.c ++++ b/base64.c @@ -0,0 +1,313 @@ +/* + * Copyright (c) 1996-1999 by Internet Software Consortium. @@ -349,31 +356,34 @@ Index: netcat-openbsd-1.105/base64.c + + return (tarindex); +} -Index: netcat-openbsd-1.105/netcat.c -=================================================================== ---- netcat-openbsd-1.105.orig/netcat.c -+++ netcat-openbsd-1.105/netcat.c -@@ -169,6 +169,9 @@ static int connect_with_timeout(int fd, - socklen_t salen, int ctimeout); +diff --git a/netcat.c b/netcat.c +index a0fb51b..9c4ed23 100644 +--- a/netcat.c ++++ b/netcat.c +@@ -240,6 +240,9 @@ static int connect_with_timeout(int fd, const struct sockaddr *sa, + static void quit(); -+int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize); -+int b64_pton(char const *src, u_char *target, size_t targsize); ++int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize); ++int b64_pton(char const *src, u_char *target, size_t targsize); + int main(int argc, char *argv[]) { -Index: netcat-openbsd-1.105/socks.c -=================================================================== ---- netcat-openbsd-1.105.orig/socks.c -+++ netcat-openbsd-1.105/socks.c +diff --git a/socks.c b/socks.c +index 9068f39..c576f6b 100644 +--- a/socks.c ++++ b/socks.c @@ -53,6 +53,9 @@ #define SOCKS_DOMAIN 3 #define SOCKS_IPV6 4 -+int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize); -+int b64_pton(char const *src, u_char *target, size_t targsize); ++int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize); ++int b64_pton(char const *src, u_char *target, size_t targsize); + int remote_connect(const char *, const char *, struct addrinfo); int socks_connect(const char *, const char *, struct addrinfo, const char *, const char *, struct addrinfo, int, +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.190.bb index 9d7420f8c..defc05cd1 100644 --- a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb +++ b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.190.bb @@ -1,21 +1,21 @@ require netcat.inc SUMMARY = "OpenBSD Netcat" HOMEPAGE = "http://ftp.debian.org" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://debian/copyright;md5=ee6bbaacb5db5f2973818f0902c3ae6f" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://debian/copyright;md5=f39e60ae4ea9fdb559c833be2e59de99" DEPENDS += "glib-2.0 libbsd" do_patch[depends] = "quilt-native:do_populate_sysroot" -SRC_URI = "${DEBIAN_MIRROR}/main/n/netcat-openbsd/netcat-openbsd_${PV}.orig.tar.gz;name=netcat \ - ${DEBIAN_MIRROR}/main/n/netcat-openbsd/netcat-openbsd_${PV}-7.debian.tar.gz;name=netcat-patch;subdir=${BP} \ +SRC_URI = "https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/netcat-openbsd/1.190-2/netcat-openbsd_${PV}.orig.tar.gz;name=netcat \ + https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/netcat-openbsd/1.190-2/netcat-openbsd_${PV}-2.debian.tar.xz;name=netcat-patch;subdir=${BP} \ file://0001-bundle-own-base64-encode-decode-functions.patch \ " -SRC_URI[netcat.md5sum] = "7e67b22f1ad41a1b7effbb59ff28fca1" -SRC_URI[netcat.sha256sum] = "40653fe66c1516876b61b07e093d826e2a5463c5d994f1b7e6ce328f3edb211e" -SRC_URI[netcat-patch.md5sum] = "e914f8eb7eda5c75c679dd77787ac76b" -SRC_URI[netcat-patch.sha256sum] = "eee759327ffea293e81d0dde67921b7fcfcad279ffd7a2c9d037bbc8f882b363" +SRC_URI[netcat.md5sum] = "dd32fd1d7903b541ad8709794539b959" +SRC_URI[netcat.sha256sum] = "68ccc448392c05ec51baed0167a72b8c650454f990b895d6e6877d416a38e536" +SRC_URI[netcat-patch.md5sum] = "78058b7af0170654b877b02c37716cdf" +SRC_URI[netcat-patch.sha256sum] = "88088af3f520c7825e59bc133d65e70fc4a30139d451c6faabbd9f240bc78374" inherit pkgconfig @@ -30,7 +30,7 @@ netcat_do_patch() { rm -rf ${S}/.pc mv ${S}/.pc-netcat ${S}/.pc QUILT_PATCHES=${S}/debian/patches quilt pop -a - rm -rf ${S}/.pc ${S}/debian + rm -rf ${S}/.pc fi QUILT_PATCHES=${S}/debian/patches quilt push -a mv ${S}/.pc ${S}/.pc-netcat diff --git a/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb b/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb index 9a6f60ea2..a4a9c91c6 100644 --- a/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb +++ b/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb @@ -12,6 +12,8 @@ PV .= "+git${SRCPV}" SRC_URI = "git://pagure.io/netcf.git;protocol=https \ " +UPSTREAM_CHECK_GITTAGREGEX = "release-(?P<pver>(\d+(\.\d+)+))" + DEPENDS += "augeas libnl libxslt libxml2 gnulib" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/netperf/files/0001-netlib.c-Move-including-sched.h-out-og-function.patch b/meta-openembedded/meta-networking/recipes-support/netperf/files/0001-netlib.c-Move-including-sched.h-out-og-function.patch new file mode 100644 index 000000000..515737c8e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/netperf/files/0001-netlib.c-Move-including-sched.h-out-og-function.patch @@ -0,0 +1,50 @@ +From 51a092ebb36dcc6180ceb93a9777258e826d9990 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 26 Sep 2018 18:11:10 -0700 +Subject: [PATCH] netlib.c: Move including sched.h out og function + +The shutdown_control() has this code where system headers are being +included inside function body and this results in compile errors on musl +especially when sched.h is included because sched.h defines a macro +which defines a static function. This means it ends up being a static +function inside another function and compiler calls it out + +In function 'bind_to_specific_processor': +| +/mnt/a/yoe/build/tmp/work/i586-yoe-linux-musl/netperf/2.7.0+git999-r0/recipe-sysroot/usr/include/sched.h:102:1: +error: invalid storage class for function '__CPU_AND_S' +| __CPU_op_func_S(AND, &) +| ^~~~~~~~~~~~~~~ + +Moving the definition out of function definition fixes the problem + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/netlib.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/netlib.c b/src/netlib.c +index 9258424..60b032d 100644 +--- a/src/netlib.c ++++ b/src/netlib.c +@@ -2262,6 +2262,10 @@ shutdown_control() + + } + ++#if HAVE_SCHED_SETAFFINITY ++#include <sched.h> ++#endif ++ + /* + bind_to_specific_processor will bind the calling process to the + processor in "processor" It has lots of ugly ifdefs to deal with +@@ -2308,7 +2312,6 @@ bind_to_specific_processor(int processor_affinity, int use_cpu_map) + value will not tell you if you are bound vs unbound. */ + bindprocessor(BINDPROCESS,getpid(),(cpu_t)mapped_affinity); + #elif HAVE_SCHED_SETAFFINITY +-#include <sched.h> + /* in theory this should cover systems with more CPUs than bits in a + long, without having to specify __USE_GNU. we "cheat" by taking + defines from /usr/include/bits/sched.h, which we ass-u-me is diff --git a/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb b/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb index f0e0f9cf1..8921ea746 100644 --- a/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb @@ -8,10 +8,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a0ab17253e7a3f318da85382c7d5d5d6" PV = "2.7.0+git${SRCPV}" -SRC_URI="git://github.com/HewlettPackard/netperf.git \ - file://cpu_set.patch \ - file://vfork.patch \ - file://init" +SRC_URI = "git://github.com/HewlettPackard/netperf.git \ + file://cpu_set.patch \ + file://vfork.patch \ + file://init \ + file://0001-netlib.c-Move-including-sched.h-out-og-function.patch \ + " SRCREV = "f482bab49fcedee46fc5b755da127f608325cd13" diff --git a/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb b/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb index 4e27e32d4..bb401666c 100644 --- a/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb +++ b/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb @@ -20,7 +20,7 @@ SRC_URI = "git://github.com/thkukuk/yp-tools \ S = "${WORKDIR}/git" -DEPENDS = "libtirpc libnsl2" +DEPENDS = "libtirpc libnsl2 virtual/crypt" inherit autotools systemd SYSTEMD_SERVICE_${PN} = "domainname.service" diff --git a/meta-openembedded/meta-networking/recipes-support/ntop/ntop/0001-plugins-Makefile.am-fix-for-automake-1.16.1.patch b/meta-openembedded/meta-networking/recipes-support/ntop/ntop/0001-plugins-Makefile.am-fix-for-automake-1.16.1.patch new file mode 100644 index 000000000..d6f7eb555 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/ntop/ntop/0001-plugins-Makefile.am-fix-for-automake-1.16.1.patch @@ -0,0 +1,74 @@ +From d22ddc73f00ed056032a635ee8379305ec83bf81 Mon Sep 17 00:00:00 2001 +From: Robert Yang <liezhi.yang@windriver.com> +Date: Wed, 11 Jul 2018 12:02:50 +0800 +Subject: [PATCH] plugins/Makefile.am: fix for automake 1.16.1 + +Fixed: +| i586-poky-linux-gcc: error: netflowPlugin.o: No such file or directory +| i586-poky-linux-gcc: error: unrecognized command line option '-flat_namespace'; did you mean '-Wnamespaces'? +| i586-poky-linux-gcc: fatal error: no input files + +The previous code make things complicated, but we don't have to, let libtool do +most of the things can fix the problem. + +Upstream-Status: Pending [ntop is not longer maintained any more, we need consider moving to ntopng] + +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> +--- + plugins/Makefile.am | 34 ++++++---------------------------- + 1 file changed, 6 insertions(+), 28 deletions(-) + +diff --git a/plugins/Makefile.am b/plugins/Makefile.am +index 64492e0..bcd0c10 100644 +--- a/plugins/Makefile.am ++++ b/plugins/Makefile.am +@@ -69,40 +69,18 @@ libsflowPlugin_la_CFLAGS = $(AM_CFLAGS) + # by default ntop looks for plugins in the plugins/ subdirectory + # + +- +-.libs/libnetflowPlugin.so@SO_VERSION_PATCH@: +- @if test -f libnetflowPlugin_la-netflowPlugin.o; then \ +- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/libnetflowPlugin.so@SO_VERSION_PATCH@ libnetflowPlugin_la-netflowPlugin.o; \ +- else \ +- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/libnetflowPlugin.so@SO_VERSION_PATCH@ netflowPlugin.o; \ +- fi +- +-netflowPlugin.so$(EXEEXT): .libs/libnetflowPlugin.so@SO_VERSION_PATCH@ +- @$(LN_S) .libs/libnetflowPlugin.so netflowPlugin.so ++netflowPlugin.so$(EXEEXT): libnetflowPlugin.la ++ @$(LN_S) -f .libs/libnetflowPlugin.so netflowPlugin.so + + ############### + +-.libs/librrdPlugin.so@SO_VERSION_PATCH@: +- @if test -f librrdPlugin_la-rrdPlugin.o; then \ +- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/librrdPlugin.so@SO_VERSION_PATCH@ librrdPlugin_la-rrdPlugin.o; \ +- else \ +- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/librrdPlugin.so@SO_VERSION_PATCH@ rrdPlugin.o; \ +- fi +- +-rrdPlugin.so$(EXEEXT): .libs/librrdPlugin.so@SO_VERSION_PATCH@ +- @$(LN_S) .libs/librrdPlugin.so rrdPlugin.so ++rrdPlugin.so$(EXEEXT): librrdPlugin.la ++ @$(LN_S) -f .libs/librrdPlugin.so rrdPlugin.so + + ############### + +-.libs/libsflowPlugin.so@SO_VERSION_PATCH@: +- @if test -f libsflowPlugin_la-sflowPlugin.o; then \ +- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/libsflowPlugin.so@SO_VERSION_PATCH@ libsflowPlugin_la-sflowPlugin.o; \ +- else \ +- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/libsflowPlugin.so@SO_VERSION_PATCH@ sflowPlugin.o; \ +- fi +- +-sflowPlugin.so$(EXEEXT): .libs/libsflowPlugin.so@SO_VERSION_PATCH@ +- @$(LN_S) .libs/libsflowPlugin.so sflowPlugin.so ++sflowPlugin.so$(EXEEXT): libsflowPlugin.la ++ @$(LN_S) -f .libs/libsflowPlugin.so sflowPlugin.so + + ############### + +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb b/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb index 298fbec61..2a7a7f2cb 100644 --- a/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb @@ -17,10 +17,13 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/ntop/ntop-${PV}.tar.gz \ file://ntop.service \ file://use-static-inline.patch \ file://0001-nDPI-Include-sys-types.h.patch \ + file://0001-plugins-Makefile.am-fix-for-automake-1.16.1.patch \ " SRC_URI[md5sum] = "01710b6925a8a5ffe1a41b8b512ebd69" SRC_URI[sha256sum] = "7e8e84cb14d2173beaca4d4cb991a14d84a4bef84ec37b2276bc363f45c52ef8" +UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/ntop/files/ntop/Stable" + inherit autotools-brokensep useradd pythonnative pkgconfig systemd DEPENDS = "geoip rrdtool python zlib libpcap gdbm" diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-fixed-path-to-posix-shell.patch b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-fixed-path-to-posix-shell.patch new file mode 100644 index 000000000..571db75f7 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-fixed-path-to-posix-shell.patch @@ -0,0 +1,15 @@ +--- ntp-4.2.8p12.original/sntp/libopts/m4/libopts.m4 2018-11-12 17:54:57.747220846 +1300 ++++ ntp-4.2.8p12/sntp/libopts/m4/libopts.m4 2018-11-12 18:00:50.626211641 +1300 +@@ -114,12 +114,6 @@ + AC_PROG_SED + [while : + do +- POSIX_SHELL=`which bash` +- test -x "$POSIX_SHELL" && break +- POSIX_SHELL=`which dash` +- test -x "$POSIX_SHELL" && break +- POSIX_SHELL=/usr/xpg4/bin/sh +- test -x "$POSIX_SHELL" && break + POSIX_SHELL=`/bin/sh -c ' + exec 2>/dev/null + if ! true ; then exit 1 ; fi diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-respect-source-date-epoch.patch b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-respect-source-date-epoch.patch new file mode 100644 index 000000000..58e71c3b8 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-respect-source-date-epoch.patch @@ -0,0 +1,16 @@ +--- ntp-4.2.8p12.original/scripts/build/mkver.in 2018-11-12 14:06:49.333020430 +1300 ++++ ntp-4.2.8p12/scripts/build/mkver.in 2018-11-12 14:15:04.947480167 +1300 +@@ -15,7 +15,12 @@ + *) ConfStr="${ConfStr}-@VER_SUFFIX@" ;; + esac + +-ConfStr="$ConfStr `LC_TIME=C TZ=UTC date`" ++if [ -n "$SOURCE_DATE_EPOCH" ]; then ++ ConfStr="$ConfStr `LC_TIME=C TZ=UTC date -d@$SOURCE_DATE_EPOCH 2>/dev/null`" || ++ ConfStr="$ConfStr `LC_TIME=C TZ=UTC date -r $SOURCE_DATE_EPOCH`" ++else ++ ConfStr="$ConfStr `LC_TIME=C TZ=UTC date`" ++fi + + if [ ! -f .version ]; then + echo 0 > .version diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p12.bb index c698fa049..53e41297a 100644 --- a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb +++ b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p12.bb @@ -12,6 +12,8 @@ DEPENDS = "libevent" SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.gz \ file://ntp-4.2.4_p6-nano.patch \ + file://reproducibility-fixed-path-to-posix-shell.patch \ + file://reproducibility-respect-source-date-epoch.patch \ file://ntpd \ file://ntp.conf \ file://ntpdate \ @@ -23,8 +25,8 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g file://ntpd.list \ " -SRC_URI[md5sum] = "00950ca2855579541896513e78295361" -SRC_URI[sha256sum] = "f14a39f753688252d683ff907035ffff106ba8d3db21309b742e09b5c3cd278e" +SRC_URI[md5sum] = "1522d66574bae14abb2622746dad2bdc" +SRC_URI[sha256sum] = "709b222b5013d77d26bfff532b5ea470a8039497ef29d09363931c036cb30454" inherit autotools update-rc.d useradd systemd pkgconfig @@ -120,6 +122,7 @@ SYSTEMD_PACKAGES = "${PN} ntpdate sntp" SYSTEMD_SERVICE_${PN} = "ntpd.service" SYSTEMD_SERVICE_ntpdate = "ntpdate.service" SYSTEMD_SERVICE_sntp = "sntp.service" +SYSTEMD_AUTO_ENABLE_sntp = "disable" RPROVIDES_${PN} += "${PN}-systemd" RREPLACES_${PN} += "${PN}-systemd" diff --git a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns/0001-util.h-endian.h-is-available-on-musl-on-linux.patch b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns/0001-util.h-endian.h-is-available-on-musl-on-linux.patch index 825e2bf6a..fbdc4e911 100644 --- a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns/0001-util.h-endian.h-is-available-on-musl-on-linux.patch +++ b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns/0001-util.h-endian.h-is-available-on-musl-on-linux.patch @@ -13,10 +13,10 @@ include/libisns/util.h:114:12: fatal error: sys/endian.h: No such file or direct # include <sys/endian.h> ^~~~~~~~~~~~~~ -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- Upstream-Status: Submitted +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- include/libisns/util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.97.bb b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.98.bb index abfa7510e..5e64f893e 100644 --- a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.97.bb +++ b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.98.bb @@ -17,7 +17,7 @@ SRC_URI = "git://github.com/open-iscsi/open-isns \ file://0001-util.h-endian.h-is-available-on-musl-on-linux.patch \ " -SRCREV ?= "09954404e948e41eb0fce8e28836018b4ce3d20d" +SRCREV = "e84374ce7d1f5fc58a4c0fc751e075b2cc752c34" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/0001-lanserv-Rename-struct-parameter-printf-for-namespace.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/0001-lanserv-Rename-struct-parameter-printf-for-namespace.patch deleted file mode 100644 index 25057fbce..000000000 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/0001-lanserv-Rename-struct-parameter-printf-for-namespace.patch +++ /dev/null @@ -1,618 +0,0 @@ -From 8b51a6bf5a4829d8add535a098c0c06a049a9958 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sat, 26 Aug 2017 22:50:57 -0700 -Subject: [PATCH] lanserv: Rename struct parameter printf for namespace - collision - -This comes to fore when we use hardening flags where printf -is treated as macro and gets replaced with printf_chk - -Fixes errors like - -error: no member named '__printf_chk' in 'struct emu_out_s' - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - lanserv/OpenIPMI/serv.h | 2 +- - lanserv/emu_cmd.c | 132 ++++++++++++++++++++++++------------------------ - lanserv/ipmi_sim.c | 10 ++-- - 3 files changed, 72 insertions(+), 72 deletions(-) - -diff --git a/lanserv/OpenIPMI/serv.h b/lanserv/OpenIPMI/serv.h -index d12d63a..8555c85 100644 ---- a/lanserv/OpenIPMI/serv.h -+++ b/lanserv/OpenIPMI/serv.h -@@ -522,7 +522,7 @@ uint8_t ipmb_checksum(uint8_t *data, int size, uint8_t start); - typedef struct emu_data_s emu_data_t; - typedef struct emu_out_s - { -- void (*printf)(struct emu_out_s *out, char *format, ...); -+ void (*eprintf)(struct emu_out_s *out, char *format, ...); - void *data; - } emu_out_t; - -diff --git a/lanserv/emu_cmd.c b/lanserv/emu_cmd.c -index ca44032..54b6f7b 100644 ---- a/lanserv/emu_cmd.c -+++ b/lanserv/emu_cmd.c -@@ -76,7 +76,7 @@ emu_get_uchar(emu_out_t *out, char **toks, unsigned char *val, char *errstr, - if (empty_ok) - return ENOSPC; - if (errstr) -- out->printf(out, "**No %s given\n", errstr); -+ out->eprintf(out, "**No %s given\n", errstr); - return EINVAL; - } - if (str[0] == '\'') { -@@ -86,7 +86,7 @@ emu_get_uchar(emu_out_t *out, char **toks, unsigned char *val, char *errstr, - *val = strtoul(str, &tmpstr, 0); - if (*tmpstr != '\0') { - if (errstr) -- out->printf(out, "**Invalid %s given\n", errstr); -+ out->eprintf(out, "**Invalid %s given\n", errstr); - return EINVAL; - } - -@@ -108,7 +108,7 @@ emu_get_uchar_with_vals(emu_out_t *out, char **toks, - if (empty_ok) - return ENOSPC; - if (errstr) -- out->printf(out, "**No %s given\n", errstr); -+ out->eprintf(out, "**No %s given\n", errstr); - return EINVAL; - } - if (str[0] == '\'') { -@@ -131,7 +131,7 @@ emu_get_uchar_with_vals(emu_out_t *out, char **toks, - *val = strtoul(str, &tmpstr, 0); - if (*tmpstr != '\0') { - if (errstr) -- out->printf(out, "**Invalid %s given\n", errstr); -+ out->eprintf(out, "**Invalid %s given\n", errstr); - return EINVAL; - } - out: -@@ -150,12 +150,12 @@ emu_get_bitmask(emu_out_t *out, char **toks, uint16_t *val, char *errstr, - if (empty_ok) - return ENOSPC; - if (errstr) -- out->printf(out, "**No %s given\n", errstr); -+ out->eprintf(out, "**No %s given\n", errstr); - return EINVAL; - } - if (strlen(str) != size) { - if (errstr) -- out->printf(out, "**invalid number of bits in %s\n", errstr); -+ out->eprintf(out, "**invalid number of bits in %s\n", errstr); - return EINVAL; - } - *val = 0; -@@ -166,7 +166,7 @@ emu_get_bitmask(emu_out_t *out, char **toks, uint16_t *val, char *errstr, - *val |= 1 << i; - } else { - if (errstr) -- out->printf(out, "**Invalid bit value '%c' in %s\n", str[j], -+ out->eprintf(out, "**Invalid bit value '%c' in %s\n", str[j], - errstr); - return EINVAL; - } -@@ -184,13 +184,13 @@ emu_get_uint(emu_out_t *out, char **toks, unsigned int *val, char *errstr) - str = mystrtok(NULL, " \t\n", toks); - if (!str) { - if (errstr) -- out->printf(out, "**No %s given\n", errstr); -+ out->eprintf(out, "**No %s given\n", errstr); - return EINVAL; - } - *val = strtoul(str, &tmpstr, 0); - if (*tmpstr != '\0') { - if (errstr) -- out->printf(out, "**Invalid %s given\n", errstr); -+ out->eprintf(out, "**Invalid %s given\n", errstr); - return EINVAL; - } - -@@ -206,7 +206,7 @@ emu_get_bytes(emu_out_t *out, char **tokptr, unsigned char *data, char *errstr, - - if (!tok) { - if (errstr) -- out->printf(out, "**No %s given\n", errstr); -+ out->eprintf(out, "**No %s given\n", errstr); - return EINVAL; - } - if (*tok == '"') { -@@ -215,7 +215,7 @@ emu_get_bytes(emu_out_t *out, char **tokptr, unsigned char *data, char *errstr, - tok++; - end = strlen(tok) - 1; - if (tok[end] != '"') { -- out->printf(out, "**ASCII %s doesn't end in '\"'", errstr); -+ out->eprintf(out, "**ASCII %s doesn't end in '\"'", errstr); - return EINVAL; - } - if (end > (len - 1)) -@@ -228,7 +228,7 @@ emu_get_bytes(emu_out_t *out, char **tokptr, unsigned char *data, char *errstr, - char c[3]; - /* HEX pw */ - if (strlen(tok) != 32) { -- out->printf(out, "**HEX %s not 32 HEX characters long", errstr); -+ out->eprintf(out, "**HEX %s not 32 HEX characters long", errstr); - return EINVAL; - } - c[2] = '\0'; -@@ -239,7 +239,7 @@ emu_get_bytes(emu_out_t *out, char **tokptr, unsigned char *data, char *errstr, - tok++; - data[i] = strtoul(c, &end, 16); - if (*end != '\0') { -- out->printf(out, "**Invalid HEX character in %s", errstr); -+ out->eprintf(out, "**Invalid HEX character in %s", errstr); - return -1; - } - } -@@ -263,12 +263,12 @@ read_command_file(emu_out_t *out, emu_data_t *emu, const char *command_file) - - buffer = malloc(INPUT_BUFFER_SIZE); - if (!buffer) { -- out->printf(out, "Could not allocate buffer memory\n"); -+ out->eprintf(out, "Could not allocate buffer memory\n"); - rv = ENOMEM; - goto out; - } - while (fgets(buffer+pos, INPUT_BUFFER_SIZE-pos, f)) { -- out->printf(out, "%s", buffer+pos); -+ out->eprintf(out, "%s", buffer+pos); - if (buffer[pos] == '#') - continue; - pos = strlen(buffer); -@@ -318,7 +318,7 @@ sel_enable(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_mc_enable_sel(mc, max_records, flags); - if (rv) -- out->printf(out, "**Unable to enable sel, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to enable sel, error 0x%x\n", rv); - return rv; - } - -@@ -343,9 +343,9 @@ sel_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_mc_add_to_sel(mc, record_type, data, &r); - if (rv) -- out->printf(out, "**Unable to add to sel, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to add to sel, error 0x%x\n", rv); - else -- out->printf(out, "Added record %d\n", r); -+ out->eprintf(out, "Added record %d\n", r); - return rv; - } - -@@ -361,14 +361,14 @@ main_sdr_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - if (rv == ENOSPC) - break; - if (rv) { -- out->printf(out, "**Error 0x%x in data byte %d\n", rv, i); -+ out->eprintf(out, "**Error 0x%x in data byte %d\n", rv, i); - return rv; - } - } - - rv = ipmi_mc_add_main_sdr(mc, data, i); - if (rv) -- out->printf(out, "**Unable to add to sdr, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to add to sdr, error 0x%x\n", rv); - return rv; - } - -@@ -389,14 +389,14 @@ device_sdr_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - if (rv == ENOSPC) - break; - if (rv) { -- out->printf(out, "**Error 0x%x in data byte %d\n", rv, i); -+ out->eprintf(out, "**Error 0x%x in data byte %d\n", rv, i); - return rv; - } - } - - rv = ipmi_mc_add_device_sdr(mc, lun, data, i); - if (rv) -- out->printf(out, "**Unable to add to sdr, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to add to sdr, error 0x%x\n", rv); - return rv; - } - -@@ -439,7 +439,7 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - while (tok) { - if (strcmp(tok, "poll") == 0) { - if (handler) { -- out->printf(out, "**poll given twice in sensor\n", tok); -+ out->eprintf(out, "**poll given twice in sensor\n", tok); - return -1; - } - -@@ -449,27 +449,27 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - tok = mystrtok(NULL, " \t\n", toks); - if (!tok) { -- out->printf(out, "**No polled sensor handler given\n", tok); -+ out->eprintf(out, "**No polled sensor handler given\n", tok); - return -1; - } - - handler = ipmi_sensor_find_handler(tok); - if (!handler) { -- out->printf(out, "**Invalid sensor handler: %s\n", tok); -+ out->eprintf(out, "**Invalid sensor handler: %s\n", tok); - return -1; - } - - rv = handler->init(mc, lun, num, toks, handler->cb_data, &rcb_data, - &errstr); - if (rv) { -- out->printf(out, "**Error initializing sensor handler: %s\n", -+ out->eprintf(out, "**Error initializing sensor handler: %s\n", - errstr); - return rv; - } - } else if (strcmp(tok, "event-only") == 0) { - event_only = 1; - } else { -- out->printf(out, "**Unknown sensor option: %s\n", tok); -+ out->eprintf(out, "**Unknown sensor option: %s\n", tok); - return -1; - } - -@@ -477,7 +477,7 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - } - - if (handler && event_only) { -- out->printf(out, "**An event-only sensor cannot be polled\n"); -+ out->eprintf(out, "**An event-only sensor cannot be polled\n"); - return -1; - } - -@@ -488,7 +488,7 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - if (!rv && handler->postinit) { - rv = handler->postinit(rcb_data, &errstr); - if (rv) { -- out->printf(out, "**Error in sensor handler postinit: %s\n", -+ out->eprintf(out, "**Error in sensor handler postinit: %s\n", - errstr); - } - } -@@ -496,7 +496,7 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - rv = ipmi_mc_add_sensor(mc, lun, num, type, code, event_only); - } - if (rv) -- out->printf(out, "**Unable to add to sensor, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to add to sensor, error 0x%x\n", rv); - return rv; - } - -@@ -532,7 +532,7 @@ sensor_set_bit(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_mc_sensor_set_bit(mc, lun, num, bit, value, gen_event); - if (rv) -- out->printf(out, "**Unable to set sensor bit, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set sensor bit, error 0x%x\n", rv); - return rv; - } - -@@ -563,7 +563,7 @@ sensor_set_bit_clr_rest(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char ** - - rv = ipmi_mc_sensor_set_bit_clr_rest(mc, lun, num, bit, gen_event); - if (rv) -- out->printf(out, "**Unable to set sensor bit, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set sensor bit, error 0x%x\n", rv); - return rv; - } - -@@ -594,7 +594,7 @@ sensor_set_value(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_mc_sensor_set_value(mc, lun, num, value, gen_event); - if (rv) -- out->printf(out, "**Unable to set sensor value, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set sensor value, error 0x%x\n", rv); - return rv; - } - -@@ -637,7 +637,7 @@ sensor_set_hysteresis(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **to - rv = ipmi_mc_sensor_set_hysteresis(mc, lun, num, support, positive, - negative); - if (rv) -- out->printf(out, "**Unable to set sensor hysteresis, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set sensor hysteresis, error 0x%x\n", rv); - return rv; - } - -@@ -682,7 +682,7 @@ sensor_set_threshold(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **tok - rv = ipmi_mc_sensor_set_threshold(mc, lun, num, support, - enabled, 1, thresholds); - if (rv) -- out->printf(out, "**Unable to set sensor thresholds, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set sensor thresholds, error 0x%x\n", rv); - return rv; - } - -@@ -759,7 +759,7 @@ sensor_set_event_support(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char * - assert_support, deassert_support, - assert_enabled, deassert_enabled); - if (rv) -- out->printf(out, "**Unable to set sensor thresholds, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set sensor thresholds, error 0x%x\n", rv); - return rv; - } - -@@ -819,7 +819,7 @@ mc_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - else if (strcmp("persist_sdr", tok) == 0) - flags |= IPMI_MC_PERSIST_SDR; - else { -- out->printf(out, "**Invalid MC flag: %s\n", tok); -+ out->eprintf(out, "**Invalid MC flag: %s\n", tok); - return -1; - } - } -@@ -833,7 +833,7 @@ mc_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - device_revision, major_fw_rev, minor_fw_rev, - device_support, mfg_id, product_id, flags); - if (rv) -- out->printf(out, "**Unable to add the MC, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to add the MC, error 0x%x\n", rv); - return rv; - } - -@@ -890,7 +890,7 @@ mc_set_power(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_mc_set_power(mc, power, gen_int); - if (rv) -- out->printf(out, "**Unable to set power, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set power, error 0x%x\n", rv); - return rv; - } - -@@ -916,7 +916,7 @@ mc_add_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - tok = mystrtok(NULL, " \t\n", toks); - if (!tok) { -- out->printf(out, "**No FRU data type given"); -+ out->eprintf(out, "**No FRU data type given"); - return -1; - } - if (strcmp(tok, "file") == 0) { -@@ -929,13 +929,13 @@ mc_add_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = get_delim_str(toks, &frufn, &errstr); - if (rv) { -- out->printf(out, "**Error with FRU filename: %d", strerror(rv)); -+ out->eprintf(out, "**Error with FRU filename: %d", strerror(rv)); - return rv; - } - rv = ipmi_mc_add_fru_file(mc, devid, length, file_offset, - (void *) frufn); - if (rv) -- out->printf(out, "**Unable to add FRU file, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to add FRU file, error 0x%x\n", rv); - - } else if (strcmp(tok, "data") == 0) { - for (i=0; i<length; i++) { -@@ -943,14 +943,14 @@ mc_add_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - if (rv == ENOSPC) - break; - if (rv) { -- out->printf(out, "**Error 0x%x in data byte %d\n", rv, i); -+ out->eprintf(out, "**Error 0x%x in data byte %d\n", rv, i); - return rv; - } - } - - rv = emu_get_uchar(out, toks, &data[i], "data byte", 1); - if (rv != ENOSPC) { -- out->printf(out, "**Error: input data too long for FRU\n", rv, i); -+ out->eprintf(out, "**Error: input data too long for FRU\n", rv, i); - return EINVAL; - } - -@@ -958,9 +958,9 @@ mc_add_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_mc_add_fru_data(mc, devid, length, NULL, data); - if (rv) -- out->printf(out, "**Unable to add FRU data, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to add FRU data, error 0x%x\n", rv); - } else { -- out->printf(out, "**FRU type not given, need file or data\n"); -+ out->eprintf(out, "**FRU type not given, need file or data\n"); - rv = EINVAL; - } - return rv; -@@ -981,28 +981,28 @@ mc_dump_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_mc_get_fru_data_len(mc, devid, &length); - if (rv) { -- out->printf(out, "**Unable to dump FRU data, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to dump FRU data, error 0x%x\n", rv); - goto out; - } - - data = malloc(length); - if (!data) { -- out->printf(out, "**Unable to dump FRU data, out of memory\n", rv); -+ out->eprintf(out, "**Unable to dump FRU data, out of memory\n", rv); - goto out; - } - - rv = ipmi_mc_get_fru_data(mc, devid, length, data); - if (rv) { -- out->printf(out, "**Unable to dump FRU data, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to dump FRU data, error 0x%x\n", rv); - goto out; - } - - for (i=0; i<length; i++) { - if ((i > 0) && ((i % 8) == 0)) -- out->printf(out, "\n"); -- out->printf(out, " 0x%2.2x", data[i]); -+ out->eprintf(out, "\n"); -+ out->eprintf(out, " 0x%2.2x", data[i]); - } -- out->printf(out, "\n"); -+ out->eprintf(out, "\n"); - - out: - if (data) -@@ -1021,7 +1021,7 @@ mc_setbmc(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - return rv; - rv = ipmi_emu_set_bmc_mc(emu, ipmb); - if (rv) -- out->printf(out, "**Invalid IPMB address\n"); -+ out->eprintf(out, "**Invalid IPMB address\n"); - return rv; - } - -@@ -1032,7 +1032,7 @@ atca_enable(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_emu_atca_enable(emu); - if (rv) -- out->printf(out, "**Unable to enable ATCA mode, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to enable ATCA mode, error 0x%x\n", rv); - return rv; - } - -@@ -1056,7 +1056,7 @@ atca_set_site(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_emu_atca_set_site(emu, hw_address, site_type, site_number); - if (rv) -- out->printf(out, "**Unable to set site type, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set site type, error 0x%x\n", rv); - return rv; - } - -@@ -1072,7 +1072,7 @@ mc_set_num_leds(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - rv = ipmi_mc_set_num_leds(mc, count); - if (rv) -- out->printf(out, "**Unable to set number of LEDs, error 0x%x\n", rv); -+ out->eprintf(out, "**Unable to set number of LEDs, error 0x%x\n", rv); - return rv; - } - -@@ -1085,7 +1085,7 @@ read_cmds(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - err = get_delim_str(toks, &filename, &errstr); - if (err) { -- out->printf(out, "Could not get include filename: %s\n", errstr); -+ out->eprintf(out, "Could not get include filename: %s\n", errstr); - return err; - } - -@@ -1097,7 +1097,7 @@ read_cmds(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - { - char *nf = malloc(strlen(BASE_CONF_STR) + strlen(filename) + 2); - if (!nf) { -- out->printf(out, "Out of memory in include\n", errstr); -+ out->eprintf(out, "Out of memory in include\n", errstr); - goto out_err; - } - strcpy(nf, BASE_CONF_STR); -@@ -1107,7 +1107,7 @@ read_cmds(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - filename = nf; - err = read_command_file(out, emu, filename); - if (err) { -- out->printf(out, "Could not read include file %s\n", filename); -+ out->eprintf(out, "Could not read include file %s\n", filename); - } - } - -@@ -1147,7 +1147,7 @@ debug_cmd(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - } else if (strcmp(tok, "sol") == 0) { - level |= DEBUG_SOL; - } else { -- out->printf(out, "Invalid debug level '%s', options are 'raw' and 'msg'\n", -+ out->eprintf(out, "Invalid debug level '%s', options are 'raw' and 'msg'\n", - tok); - return EINVAL; - } -@@ -1168,7 +1168,7 @@ persist_cmd(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - } else if (strcmp(tok, "off") == 0) { - persist_enable = 0; - } else { -- out->printf(out, "Invalid persist vale '%s', options are 'on' and 'off'\n", -+ out->eprintf(out, "Invalid persist vale '%s', options are 'on' and 'off'\n", - tok); - return EINVAL; - } -@@ -1194,18 +1194,18 @@ do_define(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks) - - name = mystrtok(NULL, " \t\n", toks); - if (!name) { -- out->printf(out, "No variable name given for define\n"); -+ out->eprintf(out, "No variable name given for define\n"); - return EINVAL; - } - err = get_delim_str(toks, &value, &errstr); - if (err) { -- out->printf(out, "Could not get variable %s value: %s\n", name, errstr); -+ out->eprintf(out, "Could not get variable %s value: %s\n", name, errstr); - return err; - } - err = add_variable(name, value); - if (err) { - free(value); -- out->printf(out, "Out of memory setting variable %s\n", name); -+ out->eprintf(out, "Out of memory setting variable %s\n", name); - return err; - } - return 0; -@@ -1301,7 +1301,7 @@ ipmi_emu_cmd(emu_out_t *out, emu_data_t *emu, char *cmd_str) - return rv; - rv = ipmi_emu_get_mc_by_addr(emu, ipmb, &mc); - if (rv) { -- out->printf(out, "**Invalid MC address\n"); -+ out->eprintf(out, "**Invalid MC address\n"); - return rv; - } - } -@@ -1312,7 +1312,7 @@ ipmi_emu_cmd(emu_out_t *out, emu_data_t *emu, char *cmd_str) - } - } - -- out->printf(out, "**Unknown command: %s\n", cmd); -+ out->eprintf(out, "**Unknown command: %s\n", cmd); - - out: - return rv; -diff --git a/lanserv/ipmi_sim.c b/lanserv/ipmi_sim.c -index 9472cce..30c4f27 100644 ---- a/lanserv/ipmi_sim.c -+++ b/lanserv/ipmi_sim.c -@@ -607,8 +607,8 @@ isim_log(sys_data_t *sys, int logtype, msg_t *msg, const char *format, - - con = data->consoles; - while (con) { -- con->out.printf(&con->out, "%s", str); -- con->out.printf(&con->out, "\n"); -+ con->out.eprintf(&con->out, "%s", str); -+ con->out.eprintf(&con->out, "\n"); - con = con->next; - } - #if HAVE_SYSLOG -@@ -956,7 +956,7 @@ console_bind_ready(int fd, void *cb_data, os_hnd_fd_id_t *id) - newcon->shutdown_on_close = 0; - newcon->telnet = 1; - newcon->tn_pos = 0; -- newcon->out.printf = emu_printf; -+ newcon->out.eprintf = emu_printf; - newcon->out.data = newcon; - - setsockopt(rv, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val)); -@@ -1463,10 +1463,10 @@ main(int argc, const char *argv[]) - stdio_console.telnet = 0; - stdio_console.tn_pos = 0; - if (nostdio) { -- stdio_console.out.printf = dummy_printf; -+ stdio_console.out.eprintf = dummy_printf; - stdio_console.out.data = &stdio_console; - } else { -- stdio_console.out.printf = emu_printf; -+ stdio_console.out.eprintf = emu_printf; - stdio_console.out.data = &stdio_console; - } - stdio_console.next = NULL; --- -2.14.1 - diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch new file mode 100644 index 000000000..389407590 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch @@ -0,0 +1,26 @@ +openipmi load swig/python/.libs/_OpenIPMI.so to create .pyc and .pyo files. +It fails when multilib is enable: + +| ImportError: .../lib32-openipmi/2.0.25-r0/OpenIPMI-2.0.25/swig/python/.libs/_OpenIPMI.so: wrong ELF class: ELFCLASS32 + +Don't compile and install .pyc and .pyo files to fix the failure. + +Upstream-Status: Inappropriate [OE specific] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> +diff --git a/swig/python/openipmigui/Makefile.am b/swig/python/openipmigui/Makefile.am +index 570e7b9..88258bf 100644 +--- a/swig/python/openipmigui/Makefile.am ++++ b/swig/python/openipmigui/Makefile.am +@@ -34,9 +34,9 @@ localcopy: + fi \ + done + +-all-local: localcopy $(PYC_FILES) $(PYO_FILES) ++all-local: localcopy + +-install-exec-local: $(EXTRA_DIST) $(PYC_FILES) $(PYO_FILES) ++install-exec-local: $(EXTRA_DIST) + $(INSTALL) -d $(DESTDIR)$(PYTHON_INSTALL_DIR)/openipmigui + $(INSTALL_DATA) $^ $(DESTDIR)$(PYTHON_INSTALL_DIR)/openipmigui + diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.24.bb b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.25.bb index a4f63c5f4..d28ebd484 100644 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.24.bb +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.25.bb @@ -29,14 +29,14 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/openipmi/OpenIPMI-${PV}.tar.gz \ file://ipmi-init-fix-the-arguments.patch \ file://do-not-install-pyc-and-pyo.patch \ file://include_sys_types.patch \ + file://openipmigui-not-compile-pyc-pyo.patch \ file://openipmi-helper \ file://ipmi.service \ - file://0001-lanserv-Rename-struct-parameter-printf-for-namespace.patch \ " S = "${WORKDIR}/OpenIPMI-${PV}" -SRC_URI[md5sum] = "58f9542cbfcb5fe250b77cf88345e1ec" -SRC_URI[sha256sum] = "bca39a27071278a8b74610181ede8df51e155e5e9031bc8eaa3699d1720292b4" +SRC_URI[md5sum] = "1461ac4d78fc516646fd0a6e605a8b05" +SRC_URI[sha256sum] = "f0f1a0ec732409930b7a31a6daa6cf39b585f52059b62a5f092b7ece21aa75a5" inherit autotools-brokensep pkgconfig pythonnative perlnative update-rc.d systemd diff --git a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.4.bb b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.6.bb index 4cad99869..84fd467c7 100644 --- a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.4.bb +++ b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.6.bb @@ -2,22 +2,26 @@ SUMMARY = "A full-featured SSL VPN solution via tun device." HOMEPAGE = "http://openvpn.sourceforge.net" SECTION = "net" LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=e9b64491ec98eb6c6493ac5e4118f107" +LIC_FILES_CHKSUM = "file://COPYING;md5=7aee596ed2deefe3e8a861e24292abba" DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" -inherit autotools systemd +inherit autotools systemd update-rc.d SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ file://openvpn \ file://openvpn@.service \ file://openvpn-volatile.conf" -SRC_URI[md5sum] = "705a79d005558d94fa1e2b74e4413e97" -SRC_URI[sha256sum] = "1ae883d9522c9fa6d189e5e4aaa058a93edd3d0b897e3c2664107c4785099fc3" +SRC_URI[md5sum] = "971d57e29b78b4b902eb2f4aae2f05a7" +SRC_URI[sha256sum] = "738dbd37fcf8eb9382c53628db22258c41ba9550165519d9200e8bebaef4cbe2" SYSTEMD_SERVICE_${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service" SYSTEMD_AUTO_ENABLE = "disable" +INITSCRIPT_PACKAGES = "${PN}" +INITSCRIPT_NAME_${PN} = "openvpn" +INITSCRIPT_PARAMS_${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ." + CFLAGS += "-fno-inline" # I want openvpn to be able to read password from file (hrw) diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-Remove-man-files-which-cant-be-built.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-Remove-man-files-which-cant-be-built.patch new file mode 100644 index 000000000..4b595613f --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-Remove-man-files-which-cant-be-built.patch @@ -0,0 +1,103 @@ +From 5a8a2f81ef8650f06d1d9d268add612ab46025f1 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 12 Jun 2018 22:57:04 -0700 +Subject: [PATCH] Remove man files which cant be built + +Remove need for pandoc-prebuilt during cross build + +Fixes errors + +| CMake Error at libibumad/man/cmake_install.cmake:105 (file): +| file INSTALL cannot find +| "/mnt/a/oe/build/tmp/work/core2-64-bec-linux-musl/rdma-core/18.1-r0/git/buildlib/pandoc-prebuilt/41bbb0bed7a781be59e8c0dcd8b7278af2ce6882". +| Call Stack (most recent call first): +| cmake_install.cmake:48 (include) + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + libibumad/man/CMakeLists.txt | 1 - + libibverbs/man/CMakeLists.txt | 15 --------------- + providers/mlx5/man/CMakeLists.txt | 1 - + 3 files changed, 17 deletions(-) + +diff --git a/libibumad/man/CMakeLists.txt b/libibumad/man/CMakeLists.txt +index 185584a0..ac45a4e9 100644 +--- a/libibumad/man/CMakeLists.txt ++++ b/libibumad/man/CMakeLists.txt +@@ -15,7 +15,6 @@ rdma_man_pages( + umad_get_mad_addr.3 + umad_get_pkey.3 + umad_get_port.3 +- umad_init.3.md + umad_open_port.3 + umad_poll.3 + umad_recv.3 +diff --git a/libibverbs/man/CMakeLists.txt b/libibverbs/man/CMakeLists.txt +index 86dd49de..b54675be 100644 +--- a/libibverbs/man/CMakeLists.txt ++++ b/libibverbs/man/CMakeLists.txt +@@ -5,7 +5,6 @@ rdma_man_pages( + ibv_alloc_pd.3 + ibv_alloc_td.3 + ibv_asyncwatch.1 +- ibv_attach_mcast.3.md + ibv_bind_mw.3 + ibv_create_ah.3 + ibv_create_ah_from_wc.3 +@@ -14,7 +13,6 @@ rdma_man_pages( + ibv_create_cq_ex.3 + ibv_modify_cq.3 + ibv_create_flow.3 +- ibv_create_flow_action.3.md + ibv_create_qp.3 + ibv_create_qp_ex.3 + ibv_create_rwq_ind_table.3 +@@ -23,15 +21,9 @@ rdma_man_pages( + ibv_create_wq.3 + ibv_devices.1 + ibv_devinfo.1 +- ibv_event_type_str.3.md +- ibv_fork_init.3.md + ibv_get_async_event.3 + ibv_get_cq_event.3 +- ibv_get_device_guid.3.md + ibv_get_device_list.3 +- ibv_get_device_name.3.md +- ibv_get_srq_num.3.md +- ibv_inc_rkey.3.md + ibv_modify_qp.3 + ibv_modify_qp_rate_limit.3 + ibv_modify_srq.3 +@@ -46,19 +38,12 @@ rdma_man_pages( + ibv_post_srq_recv.3 + ibv_query_device.3 + ibv_query_device_ex.3 +- ibv_query_gid.3.md +- ibv_query_pkey.3.md + ibv_query_port.3 + ibv_query_qp.3 + ibv_query_rt_values_ex.3 + ibv_query_srq.3 +- ibv_rate_to_mbps.3.md +- ibv_rate_to_mult.3.md + ibv_rc_pingpong.1 + ibv_reg_mr.3 +- ibv_req_notify_cq.3.md +- ibv_rereg_mr.3.md +- ibv_resize_cq.3.md + ibv_srq_pingpong.1 + ibv_uc_pingpong.1 + ibv_ud_pingpong.1 +diff --git a/providers/mlx5/man/CMakeLists.txt b/providers/mlx5/man/CMakeLists.txt +index cdc7115e..876b6fcf 100644 +--- a/providers/mlx5/man/CMakeLists.txt ++++ b/providers/mlx5/man/CMakeLists.txt +@@ -1,5 +1,4 @@ + rdma_man_pages( +- mlx5dv_flow_action_esp.3.md + mlx5dv_get_clock_info.3 + mlx5dv_init_obj.3 + mlx5dv_query_device.3 +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-S_IFSOCK-is-defined-in-both-glibc-musl.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-S_IFSOCK-is-defined-in-both-glibc-musl.patch new file mode 100644 index 000000000..b04c9b723 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-S_IFSOCK-is-defined-in-both-glibc-musl.patch @@ -0,0 +1,29 @@ +From f2df1db11f3a9580774300e703b6f53dbcdb28ef Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 8 Jun 2018 20:17:57 -0700 +Subject: [PATCH] S_IFSOCK is defined in both glibc/musl + +Fixes + +preload.c:1183:46: error: '__S_IFSOCK' undeclared (first use in this function); did you mean 'S_IFSOCK'? + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + librdmacm/preload.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/librdmacm/preload.c b/librdmacm/preload.c +index 0f2aa250..d46beb1b 100644 +--- a/librdmacm/preload.c ++++ b/librdmacm/preload.c +@@ -1180,7 +1180,7 @@ int __fxstat(int ver, int socket, struct stat *buf) + if (fd_get(socket, &fd) == fd_rsocket) { + ret = real.fxstat(ver, socket, buf); + if (!ret) +- buf->st_mode = (buf->st_mode & ~S_IFMT) | __S_IFSOCK; ++ buf->st_mode = (buf->st_mode & ~S_IFMT) | S_IFSOCK; + } else { + ret = real.fxstat(ver, fd, buf); + } diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-include-endian.h-for-htole32-and-friends.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-include-endian.h-for-htole32-and-friends.patch new file mode 100644 index 000000000..aa335244b --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-include-endian.h-for-htole32-and-friends.patch @@ -0,0 +1,25 @@ +From 65b9a47c07be4611b4fbbcafff1993186bcb0537 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 12 Jun 2018 19:15:52 -0700 +Subject: [PATCH 1/2] include endian.h for htole32 and friends + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + providers/hns/hns_roce_u.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/providers/hns/hns_roce_u.h b/providers/hns/hns_roce_u.h +index bd66c6e7..b07424db 100644 +--- a/providers/hns/hns_roce_u.h ++++ b/providers/hns/hns_roce_u.h +@@ -34,6 +34,7 @@ + #define _HNS_ROCE_U_H + + #include <stddef.h> ++#include <endian.h> + #include <util/compiler.h> + + #include <infiniband/driver.h> +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-Remove-unused-include-for-execinfo.h.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-Remove-unused-include-for-execinfo.h.patch new file mode 100644 index 000000000..347f964e9 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-Remove-unused-include-for-execinfo.h.patch @@ -0,0 +1,27 @@ +From 3d9cae15c69c0b3260a024ad5d6802a8d85515a2 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 12 Jun 2018 19:18:24 -0700 +Subject: [PATCH 2/2] Remove unused include for execinfo.h + +Fixes build on musl + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + providers/qedr/qelr_verbs.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/providers/qedr/qelr_verbs.c b/providers/qedr/qelr_verbs.c +index e3b01f28..2ee1c832 100644 +--- a/providers/qedr/qelr_verbs.c ++++ b/providers/qedr/qelr_verbs.c +@@ -54,7 +54,6 @@ + + #include <stdio.h> + #include <stdlib.h> +-#include <execinfo.h> + + #define QELR_SQE_ELEMENT_SIZE (sizeof(struct rdma_sq_sge)) + #define QELR_RQE_ELEMENT_SIZE (sizeof(struct rdma_rq_sge)) +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-neigh.c-Do-not-include-net-if_packet.h.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-neigh.c-Do-not-include-net-if_packet.h.patch new file mode 100644 index 000000000..e887f222b --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-neigh.c-Do-not-include-net-if_packet.h.patch @@ -0,0 +1,26 @@ +From 82486f7e1ee2aa07a5c12cb357834993aa8c1d20 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 8 Jun 2018 20:19:13 -0700 +Subject: [PATCH] neigh.c: Do not include net/if_packet.h + +This header is glibc specific + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + libibverbs/neigh.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/libibverbs/neigh.c b/libibverbs/neigh.c +index 21177db0..cfc593a0 100644 +--- a/libibverbs/neigh.c ++++ b/libibverbs/neigh.c +@@ -2,7 +2,6 @@ + */ + + #include "config.h" +-#include <net/if_packet.h> + #include <linux/netlink.h> + #include <linux/rtnetlink.h> + #include <endian.h> diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_18.1.bb b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_18.1.bb new file mode 100644 index 000000000..6ad864d1e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_18.1.bb @@ -0,0 +1,30 @@ +SUMMARY = "Userspace support for InfiniBand/RDMA verbs" +DESCRIPTION = "This is the userspace components for the Linux Kernel's drivers Infiniband/RDMA subsystem." +SECTION = "libs" + +DEPENDS = "libnl" +RDEPENDS_${PN} = "bash perl" + +SRC_URI = "git://github.com/linux-rdma/rdma-core.git;branch=stable-v18 \ + file://0001-S_IFSOCK-is-defined-in-both-glibc-musl.patch \ + file://0002-neigh.c-Do-not-include-net-if_packet.h.patch \ + file://0001-include-endian.h-for-htole32-and-friends.patch \ + file://0002-Remove-unused-include-for-execinfo.h.patch \ + file://0001-Remove-man-files-which-cant-be-built.patch \ + " +SRCREV = "7844b3fbe5120623d63b29ecb43eb83a61129658" +S = "${WORKDIR}/git" + +#Default Dual License https://github.com/linux-rdma/rdma-core/blob/master/COPYING.md +LICENSE = "BSD-2-Clause | GPLv2" +LIC_FILES_CHKSUM = "file://COPYING.BSD_FB;md5=0ec18bae1a9df92c8d6ae01f94a289ae \ + file://COPYING.GPL2;md5=b234ee4d69f5fce4486a80fdaf4a4263" + + +FILES_SOLIBSDEV = "" +FILES_${PN} += "${libdir}/*" +INSANE_SKIP_${PN} += "dev-so" + +inherit cmake + +OECMAKE_FIND_ROOT_PATH_MODE_PROGRAM = "BOTH" diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb new file mode 100644 index 000000000..30d0a7675 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb @@ -0,0 +1,28 @@ +# +# Copyright (C) 2013 Wind River Systems, Inc. +# + +SUMMARY = "Simple Protocol for Independent Computing Environments" +DESCRIPTION = "SPICE (the Simple Protocol for Independent Computing \ +Environments) is a remote-display system built for virtual \ +environments which allows users to view a computing 'desktop' \ +environment - not only on its computer-server machine, but also from \ +anywhere on the Internet and using a wide variety of machine \ +architectures." + +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=b37311cb5604f3e5cc2fb0fd23527e95" + +PV = "0.12.13+git${SRCPV}" + +SRCREV = "87441524f4e7b79658e42bd8f1f6c3e3c8649aa5" + +SRC_URI = " \ + git://anongit.freedesktop.org/spice/spice-protocol \ +" + +S = "${WORKDIR}/git" + +inherit autotools gettext pkgconfig + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch new file mode 100644 index 000000000..505b7c890 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch @@ -0,0 +1,66 @@ +From 0726ce6d6f52e135e28f15ca8392568c84909b1d Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sat, 16 Jun 2018 16:21:39 -0700 +Subject: [PATCH] Convert pthread_t to be numeric + +typecast pthread_t to unsigned long +pthread_t is implemented as a struct point in musl and its as per standard + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Pending + + server/red-channel.c | 5 +++-- + server/red-client.c | 6 +++--- + 2 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/server/red-channel.c b/server/red-channel.c +index 1b38f04d..11dc667b 100644 +--- a/server/red-channel.c ++++ b/server/red-channel.c +@@ -192,7 +192,7 @@ red_channel_constructed(GObject *object) + { + RedChannel *self = RED_CHANNEL(object); + +- red_channel_debug(self, "thread_id 0x%lx", self->priv->thread_id); ++ red_channel_debug(self, "thread_id 0x%lx", (unsigned long)self->priv->thread_id); + + RedChannelClass *klass = RED_CHANNEL_GET_CLASS(self); + +@@ -475,7 +475,8 @@ void red_channel_remove_client(RedChannel *channel, RedChannelClient *rcc) + red_channel_warning(channel, "channel->thread_id (0x%lx) != pthread_self (0x%lx)." + "If one of the threads is != io-thread && != vcpu-thread, " + "this might be a BUG", +- channel->priv->thread_id, pthread_self()); ++ (unsigned long)channel->priv->thread_id, ++ (unsigned long)pthread_self()); + } + spice_return_if_fail(channel); + link = g_list_find(channel->priv->clients, rcc); +diff --git a/server/red-client.c b/server/red-client.c +index ddfc5400..76986640 100644 +--- a/server/red-client.c ++++ b/server/red-client.c +@@ -180,7 +180,7 @@ void red_client_migrate(RedClient *client) + spice_warning("client->thread_id (0x%lx) != pthread_self (0x%lx)." + "If one of the threads is != io-thread && != vcpu-thread," + " this might be a BUG", +- client->thread_id, pthread_self()); ++ (unsigned long)client->thread_id, (unsigned long)pthread_self()); + } + FOREACH_CHANNEL_CLIENT(client, rcc) { + if (red_channel_client_is_connected(rcc)) { +@@ -199,8 +199,8 @@ void red_client_destroy(RedClient *client) + spice_warning("client->thread_id (0x%lx) != pthread_self (0x%lx)." + "If one of the threads is != io-thread && != vcpu-thread," + " this might be a BUG", +- client->thread_id, +- pthread_self()); ++ (unsigned long)client->thread_id, ++ (unsigned long)pthread_self()); + } + red_client_set_disconnecting(client); + FOREACH_CHANNEL_CLIENT(client, rcc) { +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch new file mode 100644 index 000000000..1f9d5fdd7 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch @@ -0,0 +1,36 @@ +From 7023732c65b4dc509c46a54fb7715da275b5597f Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Thu, 13 Sep 2018 12:39:44 +0800 +Subject: [PATCH] spice: fix compile fail problem + +compile error: +format '%d' expects argument of type 'int', but argument 6 has +type 'long unsigned int' [-Werror=format=] + +spice compile failed on 32bit system, since upstream commit +9541cd2fe(in V0.14.1) change %ld to %PRIdPTR, %PRIdPTR is %d, but argument +strm.total_out is uLong. + +Upstream-Status: Submitted[https://github.com/freedesktop/spice/pull/1] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + server/red-replay-qxl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/server/red-replay-qxl.c b/server/red-replay-qxl.c +index 1fce76c..bd33b58 100644 +--- a/server/red-replay-qxl.c ++++ b/server/red-replay-qxl.c +@@ -266,7 +266,7 @@ static replay_t read_binary(SpiceReplay *replay, const char *prefix, size_t *siz + exit(1); + } + if ((ret = inflate(&strm, Z_NO_FLUSH)) != Z_STREAM_END) { +- spice_error("inflate error %d (disc: %" PRIdPTR ")", ret, *size - strm.total_out); ++ spice_error("inflate error %d (disc: %ld)", ret, *size - strm.total_out); + if (ret == Z_DATA_ERROR) { + /* last operation may be wrong. since we do the recording + * in red_worker, when there is a shutdown from the vcpu/io thread +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb new file mode 100644 index 000000000..1ad46c2c3 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb @@ -0,0 +1,57 @@ +# +# Copyright (C) 2013 Wind River Systems, Inc. +# + +SUMMARY = "Simple Protocol for Independent Computing Environments" +DESCRIPTION = "SPICE (the Simple Protocol for Independent Computing \ +Environments) is a remote-display system built for virtual \ +environments which allows users to view a computing 'desktop' \ +environment - not only on its computer-server machine, but also from \ +anywhere on the Internet and using a wide variety of machine \ +architectures." + +LICENSE = "BSD & LGPLv2.1+" +LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" + +PV = "0.14.1+git${SRCPV}" + +SRCREV_spice = "eaa07ef15cfc3bf57a69da2576af66f028787774" +SRCREV_spice-common = "6b93b3fce8909b836ef1d1434d191900d8aa00be" + +SRCREV_FORMAT = "spice_spice-common" + +SRC_URI = " \ + git://anongit.freedesktop.org/spice/spice;name=spice \ + git://anongit.freedesktop.org/spice/spice-common;destsuffix=git/subprojects/spice-common;name=spice-common \ + file://0001-Convert-pthread_t-to-be-numeric.patch \ + file://0001-spice-fix-compile-fail-problem.patch \ +" + +S = "${WORKDIR}/git" + +inherit autotools gettext pythonnative python-dir pkgconfig + +DEPENDS += "spice-protocol jpeg pixman alsa-lib glib-2.0 python-pyparsing-native python-six-native glib-2.0-native" +DEPENDS_append_class-nativesdk = "nativesdk-openssl" + +export PYTHON="${STAGING_BINDIR_NATIVE}/python-native/python" +export PYTHONPATH="${PKG_CONFIG_SYSROOT_DIR}${libdir}/python2.7/site-packages" + +PACKAGECONFIG_class-native = "" +PACKAGECONFIG_class-nativesdk = "" +PACKAGECONFIG ?= "sasl" + +PACKAGECONFIG[celt051] = "--enable-celt051,--disable-celt051,celt051" +PACKAGECONFIG[smartcard] = "--enable-smartcard,--disable-smartcard,libcacard," +PACKAGECONFIG[sasl] = "--with-sasl,--without-sasl,cyrus-sasl," +PACKAGECONFIG[client] = "--enable-client,--disable-client,," +PACKAGECONFIG[gui] = "--enable-gui,--disable-gui,," +PACKAGECONFIG[opus] = "--enable-opus,--disable-opus,libopus," +PACKAGECONFIG[opengl] = "--enable-opengl,--disable-opengl,," +PACKAGECONFIG[xinerama] = "--enable-xinerama,--disable-xinerama,libxinerama," + +COMPATIBLE_HOST = '(x86_64|i.86).*-linux' + +BBCLASSEXTEND = "native nativesdk" + +EXTRA_OECONF_toolchain-clang += "--disable-werror" diff --git a/meta-openembedded/meta-networking/recipes-support/spice/usbredir_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/usbredir_git.bb new file mode 100644 index 000000000..3fea7528e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/spice/usbredir_git.bb @@ -0,0 +1,21 @@ +SUMMARY = "usbredir libraries and utilities" + +LICENSE = "GPLv2+ & LGPLv2.1+" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://COPYING.LIB;md5=4b54a1fd55a448865a0b32d41598759d \ +" + +DEPENDS = "libusb1" + +SRCREV = "39aa3c69f61bba28856a3eef3fe4ab37a3968e88" +PV = "0.7.1+git${SRCPV}" + +SRC_URI = " \ + git://anongit.freedesktop.org/spice/usbredir \ +" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch b/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch index be660d1fd..5945507bf 100644 --- a/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch +++ b/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch @@ -3,7 +3,7 @@ From: "Roy.Li" <rongqing.li@windriver.com> Date: Tue, 4 Mar 2014 14:38:42 +0800 Subject: [PATCH] fix the function parameter -Upstream-Status: pending +Upstream-Status: Pending Original openssl_diffie_hellman_create has three parameters, but it is reassigned a function pointer which has one parameter, and diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.6.2.bb b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.7.1.bb index f2fe1f1cb..c8bb17c5b 100644 --- a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.6.2.bb +++ b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.7.1.bb @@ -12,8 +12,10 @@ SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \ file://0001-memory.h-Include-stdint.h-for-uintptr_t.patch \ " -SRC_URI[md5sum] = "46aa3aa18fbc4bd528f9a0345ce79913" -SRC_URI[sha256sum] = "e0a60a30ebf3c534c223559e1686497a21ded709a5d605c5123c2f52bcc22e92" +SRC_URI[md5sum] = "86b7e9321cde075cf382268fd282e0b0" +SRC_URI[sha256sum] = "006f9c9126e2a2f4e7a874b5e1bd2abec1bbbb193c8b3b3a4c6ccd8c2d454bec" + +UPSTREAM_CHECK_REGEX = "strongswan-(?P<pver>\d+(\.\d+)+)\.tar" EXTRA_OECONF = " \ --without-lib-prefix \ diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.35.bb b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.35.bb deleted file mode 100644 index ec8478d6b..000000000 --- a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.35.bb +++ /dev/null @@ -1,24 +0,0 @@ -SUMMARY = "Program for providing universal TLS/SSL tunneling service" -HOMEPAGE = "http://www.stunnel.org/" -DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-startable) or remote server." -SECTION = "net" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=866cdc7459d91e092b174388fab8d283" -DEPENDS = "openssl zlib tcp-wrappers" - -RDEPENDS_${PN} += "perl" - -SRC_URI = "ftp://ftp.stunnel.org/stunnel/archive/5.x/${BP}.tar.gz \ - file://fix-openssl-no-des.patch \ -" - -SRC_URI[md5sum] = "9079f5fafbccaf88b7d92b227d78249a" -SRC_URI[sha256sum] = "ffa386ae4c825f35f35157c285e7402a6d58779ad8c3822f74a9d355b54aba1d" - -inherit autotools - -EXTRA_OECONF += "--with-ssl='${STAGING_EXECPREFIXDIR}' --disable-fips" - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)}" -PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd" -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.49.bb b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.49.bb new file mode 100644 index 000000000..eca77cf84 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.49.bb @@ -0,0 +1,37 @@ +SUMMARY = "Program for providing universal TLS/SSL tunneling service" +DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-startable) or remote server." +HOMEPAGE = "https://www.stunnel.org/" +SECTION = "net" +# Note: Linking stunnel statically or dynamically with other modules is making +# a combined work based on stunnel. Thus, the terms and conditions of the GNU +# General Public License cover the whole combination. +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=f6b7fe7379c9c2d7db6c80f7bd41e06d" + +DEPENDS = "autoconf-archive libnsl2 openssl" + +SRC_URI = "ftp://ftp.stunnel.org/stunnel/archive/5.x/${BP}.tar.gz \ + file://fix-openssl-no-des.patch \ +" + +SRC_URI[md5sum] = "0b41240e5585ec7d55ca343feed5530f" +SRC_URI[sha256sum] = "3d6641213a82175c19f23fde1c3d1c841738385289eb7ca1554f4a58b96d955e" + +inherit autotools + +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} libwrap" + +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," +PACKAGECONFIG[libwrap] = "--enable-libwrap,--disable-libwrap,tcp-wrappers" +PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd" + +EXTRA_OECONF += "--with-ssl='${STAGING_EXECPREFIXDIR}' --disable-fips" + +# When cross compiling, configure defaults to nobody, but provides no option to change it. +EXTRA_OEMAKE += "DEFAULT_GROUP='nogroup'" + +# stunnel3 is a Perl wrapper to allow use of the legacy stunnel 3.x commandline +# syntax with stunnel >= 4.05 +PACKAGES =+ "stunnel3" +FILES_stunnel3 = "${bindir}/stunnel3" +RDEPENDS_stunnel3 += "${PN} perl" diff --git a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/disable-documentation.patch b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/disable-documentation.patch index 01d0236be..91508d721 100644 --- a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/disable-documentation.patch +++ b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/disable-documentation.patch @@ -1,19 +1,40 @@ ---- a/configure.ac 2016-01-01 17:42:27.000000000 +0100 -+++ b/configure.ac 2017-04-20 14:03:37.238254471 +0200 -@@ -284,24 +284,12 @@ - AC_SUBST(LIBS) - AC_SUBST(ADDITIONAL_OBJECTS) +From b71eb384522b5ce4629dee6e8be257fb4880fef3 Mon Sep 17 00:00:00 2001 +From: Benjamin Gaignard <benjamin.gaignard@linaro.org> +Date: Thu, 20 Apr 2017 14:25:18 +0200 + +--- + Makefile.am | 1 - + configure.ac | 9 --------- + 2 files changed, 10 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index e9113c2..2fe3d54 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -2,7 +2,6 @@ SUBDIRS = \ + src \ + data \ + etc \ +- docs \ + m4macros \ + tests + +diff --git a/configure.ac b/configure.ac +index 48ee0b2..a1a5fa1 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -194,10 +194,6 @@ AC_SUBST(ADDITIONAL_OBJECTS) + AC_PATH_PROG(XSLTPROC, xsltproc, no) + AM_CONDITIONAL(HAVE_XSLTPROC, test "x$XSLTPROC" != "xno") -# Check for asciidoc -AC_PATH_PROG(A2X, a2x, no) -AM_CONDITIONAL(HAVE_A2X, test "x$A2X" != "xno") --if test x"$A2X" = x"no"; then -- AC_MSG_ERROR([Test for asciidoc failed. See the file 'INSTALL' for help.]) --fi - - AC_CONFIG_FILES([ - Makefile - src/Makefile + # checking xmllint + AC_PATH_PROG(XMLLINT, xmllint, no) + if test "x$XMLLINT" != "xno"; then +@@ -219,11 +215,6 @@ src/Makefile data/Makefile data/templates/Makefile etc/Makefile @@ -25,13 +46,3 @@ m4macros/Makefile tests/Makefile tests/scripts/Makefile ---- a/Makefile.am 2016-01-01 17:42:27.000000000 +0100 -+++ b/Makefile.am 2017-04-20 14:03:53.842822997 +0200 -@@ -2,7 +2,6 @@ - src \ - data \ - etc \ -- docs \ - m4macros \ - tests - diff --git a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/tinyproxy.service b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/tinyproxy.service index ea079f955..df4274573 100644 --- a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/tinyproxy.service +++ b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/tinyproxy.service @@ -8,7 +8,7 @@ ExecStartPre=/bin/mkdir -p /var/log/tinyproxy ExecStartPre=/bin/chown -R nobody.tinyproxy /var/log/tinyproxy ExecStartPre=/bin/mkdir -p /var/run/tinyproxy ExecStartPre=/bin/chown -R nobody.tinyproxy /var/run/tinyproxy -ExecStart=/usr/sbin/tinyproxy -d +ExecStart=/usr/bin/tinyproxy -d [Install] WantedBy=multi-user.target diff --git a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.8.4.bb b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.10.0.bb index 98192dc99..144dcf33a 100644 --- a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.8.4.bb +++ b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.10.0.bb @@ -7,13 +7,12 @@ SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.gz file://disable-documentation.patch \ file://tinyproxy.service" -SRC_URI[md5sum] = "3b60f7d08e0821ed1a3e2cf1e5778cac" -SRC_URI[sha256sum] = "8234c879a129feee61efa98bac14a1a3e46e5cf08f01696a216940872aa70faf" +SRC_URI[md5sum] = "423047c8dc53a15e19f78e238198549c" +SRC_URI[sha256sum] = "6020955e6a0ef0ef898ad5bb17a448c47f9e4c003c464b4ae7c4dba063272055" EXTRA_OECONF += " \ --enable-filter \ --enable-transparent \ - --disable-regexcheck \ --enable-reverse \ --enable-upstream \ --enable-xtinyproxy \ diff --git a/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.3.bb b/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.8.bb index 1166f9a8d..0bbdd6b1d 100644 --- a/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.3.bb +++ b/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.8.bb @@ -6,8 +6,8 @@ LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=d32239bcb673463ab874e80d47fae504" SRC_URI = "${SOURCEFORGE_MIRROR}/uftp-multicast/source-tar/uftp-${PV}.tar.gz" -SRC_URI[md5sum] = "231d6ba7820d89a712fe7d727ab0f8e6" -SRC_URI[sha256sum] = "9e9215af0315257c6cc4f40fbc6161057e861be1fff10a38a5564f699e99c78f" +SRC_URI[md5sum] = "f7a5affd3000b5aafbb13df49719b6c0" +SRC_URI[sha256sum] = "e98c6318e497124d777ca71eae752d213207c35de9f782c8bcaaf82ece20e599" DEPENDS = "openssl" diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/files/libgcrypt.patch b/meta-openembedded/meta-networking/recipes-support/wireshark/files/libgcrypt.patch deleted file mode 100644 index 2aa58f73c..000000000 --- a/meta-openembedded/meta-networking/recipes-support/wireshark/files/libgcrypt.patch +++ /dev/null @@ -1,53 +0,0 @@ -use OR PKG_CONFIG scheme for libgcrypt - -Upstream-Status: Inappropriate OE specific - -Signed-off-by: Armin Kuster <akuster808@gmail.com> - -Index: wireshark-2.4.4/m4/libgcrypt.m4 -=================================================================== ---- wireshark-2.4.4.orig/m4/libgcrypt.m4 -+++ wireshark-2.4.4/m4/libgcrypt.m4 -@@ -27,11 +27,11 @@ AC_DEFUN([AM_PATH_LIBGCRYPT], - libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="") - if test x$libgcrypt_config_prefix != x ; then - if test x${LIBGCRYPT_CONFIG+set} != xset ; then -- LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/bin/libgcrypt-config -+ LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/libgcrypt.pc - fi - fi - -- AC_PATH_PROG(LIBGCRYPT_CONFIG, libgcrypt-config, no) -+ AC_PATH_PROG(LIBGCRYPT_CONFIG, libgcrypt.pc, no) - tmp=ifelse([$1], ,1:1.2.0,$1) - if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then - req_libgcrypt_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'` -@@ -50,7 +50,7 @@ AC_DEFUN([AM_PATH_LIBGCRYPT], - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'` - req_micro=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'` -- libgcrypt_config_version=`$LIBGCRYPT_CONFIG --version` -+ libgcrypt_config_version=`$PKG_CONFIG --modversion libgcrypt` - major=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'` - minor=`echo $libgcrypt_config_version | \ -@@ -82,7 +82,7 @@ AC_DEFUN([AM_PATH_LIBGCRYPT], - # If we have a recent libgcrypt, we should also check that the - # API is compatible - if test "$req_libgcrypt_api" -gt 0 ; then -- tmp=`$LIBGCRYPT_CONFIG --api-version 2>/dev/null || echo 0` -+ tmp=`$PKG_CONFIG --api-version libgcrypt 2>/dev/null || echo 0` - if test "$tmp" -gt 0 ; then - AC_MSG_CHECKING([LIBGCRYPT API version]) - if test "$req_libgcrypt_api" -eq "$tmp" ; then -@@ -95,8 +95,8 @@ AC_DEFUN([AM_PATH_LIBGCRYPT], - fi - fi - if test $ok = yes; then -- LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags` -- LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs` -+ LIBGCRYPT_CFLAGS=`$PKG_CONFIG --cflags libgcrypt` -+ LIBGCRYPT_LIBS=`$PKG_CONFIG --libs libgcrypt` - ifelse([$2], , :, [$2]) - else - LIBGCRYPT_CFLAGS="" diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark/0001-Add-libm-to-link-for-fmod-API.patch b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark/0001-Add-libm-to-link-for-fmod-API.patch new file mode 100644 index 000000000..e65ef9b10 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark/0001-Add-libm-to-link-for-fmod-API.patch @@ -0,0 +1,29 @@ +From 1a6a5d2bcb1adec9ba138c2ebee7bbc994620aff Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 12 Jun 2018 23:23:44 -0700 +Subject: [PATCH] Add libm to link for fmod() API + +fixes +ld: CMakeFiles/tshark.dir/ui/cli/tap-comparestat.c.o: undefined reference to symbol 'fmod@@GLIBC_2.2.5' +| /mnt/a/oe/build/tmp/work/core2-64-bec-linux/wireshark/1_2.6.1-r0/recipe-sysroot/lib/libm.so.6: error adding symbols: DSO missing from command line + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + CMakeLists.txt | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 7950e85..acee140 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -2494,6 +2494,7 @@ if(BUILD_tshark) + ${LIBEPAN_LIBS} + ${APPLE_CORE_FOUNDATION_LIBRARY} + ${APPLE_SYSTEM_CONFIGURATION_LIBRARY} ++ m + ) + set(tshark_FILES + capture_opts.c +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.4.8.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.4.8.bb deleted file mode 100644 index 51a7aa8cd..000000000 --- a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.4.8.bb +++ /dev/null @@ -1,73 +0,0 @@ -DESCRIPTION = "wireshark - a popular network protocol analyzer" -HOMEPAGE = "http://www.wireshark.org" -SECTION = "net" -LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=6e271234ba1a13c6e512e76b94ac2f77" - -DEPENDS = "pcre expat glib-2.0 glib-2.0-native libgcrypt libgpg-error" - -SRC_URI = "https://1.as.dl.wireshark.org/src/all-versions/${BP}.tar.xz" -SRC_URI += "file://libgcrypt.patch" - -UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" - -SRC_URI[md5sum] = "25f93aa6a2b3fdd9d1f01a49f84d224f" -SRC_URI[sha256sum] = "db8ed7828c157e4ffb91fb8c41fa5a2f37fd44259175951a5c37848bf641f5e8" - -PE = "1" - -inherit autotools pkgconfig perlnative upstream-version-is-even - -ARM_INSTRUCTION_SET = "arm" - -PACKAGECONFIG ?= "libpcap gnutls libnl libcap sbc" -PACKAGECONFIG += " ${@bb.utils.contains("DISTRO_FEATURES", "x11", "gtk2 graphics", "", d)}" - -PACKAGECONFIG[libcap] = "--with-libcap=${STAGING_DIR_HOST}/usr, --with-libcap=no --enable-pcap-ng-default , libcap" -PACKAGECONFIG[libpcap] = "--with-pcap=${STAGING_DIR_HOST}/usr --with-pcap-remote, --with-pcap=no --enable-pcap-ng-default , libpcap" -PACKAGECONFIG[libsmi] = "--with-libsmi=yes, --with-libsmi=no, libsmi" -PACKAGECONFIG[libnl] = "--with-libnl=yes, --with-libnl=no, libnl" -PACKAGECONFIG[portaudio] = "--with-portaudio=yes, --with-portaudio=no, portaudio-v19" -PACKAGECONFIG[gtk2] = "--with-gtk=2, , gtk+" -PACKAGECONFIG[gtk3] = "--with-gtk=3, , gtk+3" -PACKAGECONFIG[graphics] = "--enable-wireshark, --with-gtk=no --disable-wireshark," -PACKAGECONFIG[gnutls] = "--with-gnutls=yes, --with-gnutls=no, gnutls" -PACKAGECONFIG[ssl] = "--with-ssl=yes, --with-ssl=no, openssl" -PACKAGECONFIG[krb5] = "--with-krb5=yes, --with-krb5=no, krb5" -PACKAGECONFIG[lua] = "--with-lua=yes, --with-lua=no, lua" -PACKAGECONFIG[zlib] = "--with-zlib=yes, --with-zlib=no, zlib" -PACKAGECONFIG[geoip] = "--with-geoip=yes, --with-geoip=no, geoip" -PACKAGECONFIG[plugins] = "--with-plugins=yes, --with-plugins=no" -PACKAGECONFIG[sbc] = "--with-sbc=yes, --with-sbc=no, sbc" -PACKAGECONFIG[libssh] = "--with-libssh=${STAGING_DIR_HOST}/usr, --with-libssh=no, libssh2" -PACKAGECONFIG[lz4] = "--with-lz4=${STAGING_DIR_HOST}/usr, --with-lz4=no, lz4" - -# these next two options require addional layers -PACKAGECONFIG[c-ares] = "--with-c-ares=yes, --with-c-ares=no, c-ares" - -EXTRA_OECONF += "--with-libgcrypt-prefix=${PKG_CONFIG_DIR} --with-qt=no --enable-tshark --enable-rawshark" - -LDFLAGS_append = " -lgpg-error" - -# Currently wireshark does not install header files -do_install_append () { - - install -d ${D}/${includedir}/${BPN} - install -d ${D}/${includedir}/${BPN}/epan - install -d ${D}/${includedir}/${BPN}/epan/crypt - install -d ${D}/${includedir}/${BPN}/epan/dfilter - install -d ${D}/${includedir}/${BPN}/epan/dissectors - install -d ${D}/${includedir}/${BPN}/epan/ftypes - install -d ${D}/${includedir}/${BPN}/epan/wmem - - install config.h ${D}/${includedir}/${BPN} - install ${S}/register.h ${D}/${includedir}/${BPN} - install -D ${S}/epan/*.h ${D}/${includedir}/${BPN}/epan - install -D ${S}/epan/crypt/*.h ${D}/${includedir}/${BPN}/epan/crypt - install -D ${S}/epan/dfilter/*.h ${D}/${includedir}/${BPN}/epan/dfilter - install -D ${S}/epan/dissectors/*.h ${D}/${includedir}/${BPN}/epan/dissectors - install -D ${S}/epan/ftypes/*.h ${D}/${includedir}/${BPN}/epan/ftypes - install -D ${S}/epan/wmem/*.h ${D}/${includedir}/${BPN}/epan/wmem -} - -FILES_${PN} += "${datadir}*" diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.4.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.4.bb new file mode 100644 index 000000000..595502e76 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.4.bb @@ -0,0 +1,94 @@ +DESCRIPTION = "wireshark - a popular network protocol analyzer" +HOMEPAGE = "http://www.wireshark.org" +SECTION = "net" +LICENSE = "GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=6e271234ba1a13c6e512e76b94ac2f77" + +DEPENDS = "pcre expat glib-2.0 glib-2.0-native libgcrypt libgpg-error libxml2 bison-native" + +DEPENDS_append_class-target = " wireshark-native chrpath-replacement-native " + +SRC_URI = "https://1.as.dl.wireshark.org/src/all-versions/${BP}.tar.xz \ + file://0001-Add-libm-to-link-for-fmod-API.patch \ + " + +UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" + +SRC_URI[md5sum] = "8aa7b8c8ce0b6ce4256a081493819d6f" +SRC_URI[sha256sum] = "a06b007e6343f148b8b93443b2fcfc9bb3204311cd268565d54d1b71660bc861" + +PE = "1" + +inherit cmake pkgconfig pythonnative perlnative upstream-version-is-even + +ARM_INSTRUCTION_SET = "arm" + +# Options: gtk+, gtk+3 and qt5 +GTK = "gtk+3" + +PACKAGECONFIG ?= "libpcap gnutls libnl libcap sbc" +PACKAGECONFIG_append_class-target = " ${@bb.utils.contains("DISTRO_FEATURES", "x11", " ${GTK}", "", d)}" + +PACKAGECONFIG_class-native = "libpcap gnutls ssl libssh" + +PACKAGECONFIG[libcap] = "-DENABLE_CAP=ON,-DENABLE_CAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON, libcap" +PACKAGECONFIG[libpcap] = "-DENABLE_PCAP=ON,-DENABLE_PCAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON , libpcap" +PACKAGECONFIG[libsmi] = "-DENABLE_SMI=ON,-DENABLE_SMI=OFF,libsmi" +PACKAGECONFIG[libnl] = ",,libnl" +PACKAGECONFIG[portaudio] = "-DENABLE_PORTAUDIO=ON,-DENABLE_PORTAUDIO=OFF, portaudio-v19" +PACKAGECONFIG[gtk+] = "-DENABLE_GTK=ON -DBUILD_wireshark_gtk=ON, -DENABLE_GTK=OFF, gtk+" +PACKAGECONFIG[gtk+3] = "-DENABLE_GTK3=ON -DBUILD_wireshark_gtk=ON, -DENABLE_GTK3=OFF, gtk+3" +PACKAGECONFIG[gnutls] = "-DENABLE_GNUTLS=ON,-DENABLE_GNUTLS=OFF, gnutls" +PACKAGECONFIG[ssl] = ",,openssl" +PACKAGECONFIG[krb5] = "-DENABLE_KRB5=ON,-DENABLE_KRB5=OFF, krb5" +PACKAGECONFIG[lua] = "-DENABLE_LUA=ON,-DENABLE_LUA=OFF, lua" +PACKAGECONFIG[zlib] = "-DENABLE_ZLIB=ON,-DENABLE_ZLIB=OFF, zlib" +PACKAGECONFIG[geoip] = ",, geoip" +PACKAGECONFIG[plugins] = "-DENABLE_PLUGINS=ON,-DENABLE_PLUGINS=OFF" +PACKAGECONFIG[sbc] = "-DENABLE_SBC=ON,-DENABLE_SBC=OFF, sbc" +PACKAGECONFIG[libssh] = ",,libssh2" +PACKAGECONFIG[lz4] = "-DENABLE_LZ4=ON,-DENABLE_LZ4=OFF, lz4" + +# these next two options require addional layers +PACKAGECONFIG[c-ares] = "-DENABLE_CARES=ON,-DENABLE_CARES=OFF, c-ares" +PACKAGECONFIG[qt5] = "-DENABLE_QT5=ON -DBUILD_wireshark=ON, -DENABLE_QT5=OFF -DBUILD_wireshark=OFF, qtbase" + +EXTRA_OECMAKE += "-DENABLE_NETLINK=ON \ + -DBUILD_mmdbresolve=OFF \ + -DBUILD_randpktdump=OFF \ + -DBUILD_androiddump=OFF \ + -DBUILD_dcerpcidl2wrs=OFF \ + -DM_INCLUDE_DIR=${includedir} \ + -DM_LIBRARY=${libdir} \ + " +CFLAGS_append = " -lm" + +do_install_append_class-native() { + install -d ${D}${bindir} + for f in lemon + do + install -m 0755 ${B}/run/$f ${D}${bindir} + done +} + +do_install_append_class-target() { + for f in `find ${D}${libdir} ${D}${bindir} -type f -executable` + do + chrpath --delete $f + done +} + +PACKAGE_BEFORE_PN += "tshark" +PACKAGE_BEFORE_PN += "${PN}-gtk" + +FILES_tshark = "${bindir}/tshark ${mandir}/man1/tshark.*" +FILES_${PN}-gtk = "${bindir}/wireshark-gtk ${datadir}/icons ${datadir}/appdata \ + ${datadir}/applications ${datadir}/wireshark ${datadir}/mime \ + ${mandir}/man1/wireshark.* " + +FILES_${PN} += "${datadir}*" + +RDEPENDS_tshark = "wireshark" +RDEPENDS_${PN}-gtk = "${@bb.utils.contains("DISTRO_FEATURES", "x11", "${GTK}", "", d)} wireshark" + +BBCLASSEXTEND = "native" |