diff options
Diffstat (limited to 'meta-openembedded/meta-networking')
90 files changed, 405 insertions, 4260 deletions
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/kea/files/0001-Fix-error-call-of-overloaded-distance-is-ambiguous.patch b/meta-openembedded/meta-networking/recipes-connectivity/kea/files/0001-Fix-error-call-of-overloaded-distance-is-ambiguous.patch deleted file mode 100644 index fb16ecbf9..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/kea/files/0001-Fix-error-call-of-overloaded-distance-is-ambiguous.patch +++ /dev/null @@ -1,89 +0,0 @@ -From 8ea2ee451a1af7c5b5c8f4b36c1f77d44442064d Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Fri, 7 Sep 2018 13:02:35 -0700 -Subject: [PATCH] Fix error: call of overloaded distance is ambiguous -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The boost::iterators::distance function template is an adapted version -of std::distance for the Boost iterator traversal in 2.68 it has started -to fail with argument dependent lookup and compiler is erroring out - -with - -error: call of overloaded ‘distance' - -boost implementation of distance is protected against being found by ADL - -The way function is called in libdhcp means it will be found via ADL and -all namespaces will be considered which is providing problematic since -its getting it from both std:: and boost:: namespaces - -so let it not rely on ADL by qualifying then calls with std:: namespace - -Upstream-Status: Submitted [https://github.com/isc-projects/kea/pull/103] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/lib/dhcp/libdhcp++.cc | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git a/src/lib/dhcp/libdhcp++.cc b/src/lib/dhcp/libdhcp++.cc -index 330c02b..ced705d 100644 ---- a/src/lib/dhcp/libdhcp++.cc -+++ b/src/lib/dhcp/libdhcp++.cc -@@ -419,14 +419,14 @@ size_t LibDHCP::unpackOptions6(const OptionBuffer& buf, - // We previously did the lookup only for dhcp6 option space, but with the - // addition of S46 options, we now do it for every space. - range = idx.equal_range(opt_type); -- num_defs = distance(range.first, range.second); -+ num_defs = std::distance(range.first, range.second); - - // Standard option definitions do not include the definition for - // our option or we're searching for non-standard option. Try to - // find the definition among runtime option definitions. - if (num_defs == 0) { - range = runtime_idx.equal_range(opt_type); -- num_defs = distance(range.first, range.second); -+ num_defs = std::distance(range.first, range.second); - } - - OptionPtr opt; -@@ -538,14 +538,14 @@ size_t LibDHCP::unpackOptions4(const OptionBuffer& buf, - // may be standard options in other spaces (e.g. radius). So we now do - // the lookup for every space. - range = idx.equal_range(opt_type); -- num_defs = distance(range.first, range.second); -+ num_defs = std::distance(range.first, range.second); - - // Standard option definitions do not include the definition for - // our option or we're searching for non-standard option. Try to - // find the definition among runtime option definitions. - if (num_defs == 0) { - range = runtime_idx.equal_range(opt_type); -- num_defs = distance(range.first, range.second); -+ num_defs = std::distance(range.first, range.second); - } - - // Check if option unpacking must be deferred -@@ -638,7 +638,7 @@ size_t LibDHCP::unpackVendorOptions6(const uint32_t vendor_id, - idx->equal_range(opt_type); - // Get the number of returned option definitions for the - // option code. -- size_t num_defs = distance(range.first, range.second); -+ size_t num_defs = std::distance(range.first, range.second); - - if (num_defs > 1) { - // Multiple options of the same code are not supported -@@ -746,7 +746,7 @@ size_t LibDHCP::unpackVendorOptions4(const uint32_t vendor_id, const OptionBuffe - idx->equal_range(opt_type); - // Get the number of returned option definitions for - // the option code. -- size_t num_defs = distance(range.first, range.second); -+ size_t num_defs = std::distance(range.first, range.second); - - if (num_defs > 1) { - // Multiple options of the same code are not --- -2.18.0 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/kea/files/0001-remove-AC_TRY_RUN.patch b/meta-openembedded/meta-networking/recipes-connectivity/kea/files/0001-remove-AC_TRY_RUN.patch new file mode 100644 index 000000000..d7ca9ff8f --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/kea/files/0001-remove-AC_TRY_RUN.patch @@ -0,0 +1,34 @@ +From 9d6b8321c5b46199baca907f3d42bdcaaf1958a8 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <mingli.yu@windriver.com> +Date: Thu, 23 May 2019 23:59:42 -0700 +Subject: [PATCH] remove AC_TRY_RUN + +AC_TRY_RUN doesn't work in cross compile env, +use AC_COMPILE_IFELSE instead to fix below configure +error: + | checking for usuable C++11 regex... configure: error: in `/builddir/tmp/work/core2-64-poky-linux/kea/1.5.0-r0/build': + | configure: error: cannot run test program while cross compiling + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index c880b77..dd40c7c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -580,7 +580,7 @@ AC_TRY_COMPILE([ + AC_MSG_RESULT(no)) + + AC_MSG_CHECKING(for usuable C++11 regex) +-AC_TRY_RUN([ ++AC_COMPILE_IFELSE([ + #include <regex> + #include <iostream> + int main() { +-- +2.21.0 + diff --git a/meta-openembedded/meta-networking/recipes-connectivity/kea/kea_1.4.0.bb b/meta-openembedded/meta-networking/recipes-connectivity/kea/kea_1.5.0.bb index 67de07b31..fb166df60 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/kea/kea_1.4.0.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/kea/kea_1.5.0.bb @@ -3,26 +3,36 @@ DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It HOMEPAGE = "http://kea.isc.org" SECTION = "connectivity" LICENSE = "MPL-2.0 & Apache-2.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=1666a9c4bb55adbc8939d85643096bd3" +LIC_FILES_CHKSUM = "file://COPYING;md5=2ed44ce4e0bbfdc1abfa6bf949b7ba3a" DEPENDS += "kea-native" SRC_URI = "\ http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \ file://0003-Makefile.am-update-hooksdir-for-lease_cmds.patch \ - file://0001-Fix-error-call-of-overloaded-distance-is-ambiguous.patch \ + file://0001-remove-AC_TRY_RUN.patch \ file://kea-dhcp4.service \ file://kea-dhcp6.service \ file://kea-dhcp-ddns.service \ " -SRC_URI[md5sum] = "26eedd749101642757d788431605aaa5" -SRC_URI[sha256sum] = "c0f8ecb93657adfc5ab970c91706754e601084828493f053f159661d21b31128" +SRC_URI[md5sum] = "591d38e5fcc0251a8812e8bb1337578a" +SRC_URI[sha256sum] = "edce4fab68ca7af607cf7f5bc86596e04fe0ef4b8e88906e339cdefcf21daaec" inherit autotools systemd SYSTEMD_SERVICE_${PN} = "kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service" SYSTEMD_AUTO_ENABLE = "disable" +DEBUG_OPTIMIZATION_remove_mips = " -Og" +DEBUG_OPTIMIZATION_append_mips = " -O" +BUILD_OPTIMIZATION_remove_mips = " -Og" +BUILD_OPTIMIZATION_append_mips = " -O" + +DEBUG_OPTIMIZATION_remove_mipsel = " -Og" +DEBUG_OPTIMIZATION_append_mipsel = " -O" +BUILD_OPTIMIZATION_remove_mipsel = " -Og" +BUILD_OPTIMIZATION_append_mipsel = " -O" + do_configure_prepend_class-target() { mkdir -p ${B}/src/lib/log/compiler/ ln -sf ${STAGING_BINDIR_NATIVE}/kea-msg-compiler ${B}/src/lib/log/compiler/kea-msg-compiler diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0003-dlopen-failure.patch b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0003-dlopen-failure.patch deleted file mode 100644 index e99c22710..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/0003-dlopen-failure.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 57239fda56b68a8f3e413f7b6af5290ba0d86636 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Andreas=20M=C3=BCller?= <schnitzeltony@gmail.com> -Date: Thu, 22 Mar 2018 18:18:06 +0100 -Subject: [PATCH] musl: dlopen is included so LD_LIBS="" instead of - LD_LIBS="none required" -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Upstream-Status: Pending - -Stolen from [1] and prettyfied slightly - -[1] https://github.com/voidlinux/void-packages/tree/master/srcpkgs/NetworkManager/patches - -Signed-off-by: Andreas MĂ¼ller <schnitzeltony@gmail.com> ---- - configure.ac | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/configure.ac b/configure.ac -index 487a266..96ae4f7 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -235,6 +235,7 @@ dnl - dnl Checks for libdl - on certain platforms its part of libc - dnl - AC_SEARCH_LIBS([dlopen], [dl dld], [], [ac_cv_search_dlopen=]) -+AS_IF([test "$ac_cv_search_dlopen" = "none required"],[ac_cv_search_dlopen=""]) - AC_SUBST([DL_LIBS], "$ac_cv_search_dlopen") - - PKG_CHECK_MODULES(GLIB, [gio-unix-2.0 >= 2.37.6 gmodule-2.0], --- -2.14.3 diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/musl/0001-Fix-build-with-musl-systemd-specific.patch b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/musl/0001-Fix-build-with-musl-systemd-specific.patch index accd2f256..af6f938ce 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/musl/0001-Fix-build-with-musl-systemd-specific.patch +++ b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/musl/0001-Fix-build-with-musl-systemd-specific.patch @@ -1,7 +1,7 @@ -From 7b09945585e6ce65049fa4039f26caee8daa44b9 Mon Sep 17 00:00:00 2001 +From a89c2e6d40606f563467a83fb98933e990e71377 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=BCller?= <schnitzeltony@gmail.com> Date: Tue, 2 Apr 2019 01:34:35 +0200 -Subject: [PATCH 1/2] Fix build with musl - systemd specific +Subject: [PATCH] Fix build with musl - systemd specific MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -14,27 +14,27 @@ Upstream-Status: Pending Signed-off-by: Andreas MĂ¼ller <schnitzeltony@gmail.com> --- shared/systemd/src/basic/in-addr-util.c | 1 + - shared/systemd/src/basic/process-util.c | 9 ++++++++ - shared/systemd/src/basic/socket-util.h | 6 +++++ + shared/systemd/src/basic/process-util.c | 9 +++++++++ + shared/systemd/src/basic/socket-util.h | 6 ++++++ + shared/systemd/src/basic/sort-util.h | 27 ++++--------------------- shared/systemd/src/basic/stdio-util.h | 2 ++ shared/systemd/src/basic/string-util.h | 5 +++++ - shared/systemd/src/basic/util.h | 29 +++++-------------------- - 6 files changed, 28 insertions(+), 24 deletions(-) + 6 files changed, 27 insertions(+), 23 deletions(-) diff --git a/shared/systemd/src/basic/in-addr-util.c b/shared/systemd/src/basic/in-addr-util.c -index 5ced350..c6b52b8 100644 +index 5899f62..0adb248 100644 --- a/shared/systemd/src/basic/in-addr-util.c +++ b/shared/systemd/src/basic/in-addr-util.c -@@ -13,6 +13,7 @@ +@@ -14,6 +14,7 @@ #include "in-addr-util.h" #include "macro.h" #include "parse-util.h" +#include "string-util.h" + #include "random-util.h" + #include "strxcpyx.h" #include "util.h" - - bool in4_addr_is_null(const struct in_addr *a) { diff --git a/shared/systemd/src/basic/process-util.c b/shared/systemd/src/basic/process-util.c -index b0afb5c..7adc8bd 100644 +index 7431be3..189060a 100644 --- a/shared/systemd/src/basic/process-util.c +++ b/shared/systemd/src/basic/process-util.c @@ -21,6 +21,9 @@ @@ -47,7 +47,7 @@ index b0afb5c..7adc8bd 100644 #if 0 /* NM_IGNORED */ #if HAVE_VALGRIND_VALGRIND_H #include <valgrind/valgrind.h> -@@ -1168,11 +1171,13 @@ void reset_cached_pid(void) { +@@ -1183,11 +1186,13 @@ void reset_cached_pid(void) { cached_pid = CACHED_PID_UNSET; } @@ -61,7 +61,7 @@ index b0afb5c..7adc8bd 100644 pid_t getpid_cached(void) { static bool installed = false; -@@ -1201,7 +1206,11 @@ pid_t getpid_cached(void) { +@@ -1216,7 +1221,11 @@ pid_t getpid_cached(void) { * only half-documented (glibc doesn't document it but LSB does — though only superficially) * we'll check for errors only in the most generic fashion possible. */ @@ -74,7 +74,7 @@ index b0afb5c..7adc8bd 100644 cached_pid = CACHED_PID_UNSET; return new_pid; diff --git a/shared/systemd/src/basic/socket-util.h b/shared/systemd/src/basic/socket-util.h -index d2246a8..76f257f 100644 +index 15443f1..4807198 100644 --- a/shared/systemd/src/basic/socket-util.h +++ b/shared/systemd/src/basic/socket-util.h @@ -13,6 +13,12 @@ @@ -90,55 +90,13 @@ index d2246a8..76f257f 100644 #include "macro.h" #include "missing_socket.h" #include "sparse-endian.h" -diff --git a/shared/systemd/src/basic/stdio-util.h b/shared/systemd/src/basic/stdio-util.h -index dc67b6e..6336243 100644 ---- a/shared/systemd/src/basic/stdio-util.h -+++ b/shared/systemd/src/basic/stdio-util.h -@@ -1,7 +1,9 @@ - /* SPDX-License-Identifier: LGPL-2.1+ */ - #pragma once +diff --git a/shared/systemd/src/basic/sort-util.h b/shared/systemd/src/basic/sort-util.h +index e029f86..1e8b6e1 100644 +--- a/shared/systemd/src/basic/sort-util.h ++++ b/shared/systemd/src/basic/sort-util.h +@@ -5,15 +5,10 @@ -+#if defined(__GLIBC__) - #include <printf.h> -+#endif - #include <stdarg.h> - #include <stdio.h> - #include <sys/types.h> -diff --git a/shared/systemd/src/basic/string-util.h b/shared/systemd/src/basic/string-util.h -index 38070ab..6b918e0 100644 ---- a/shared/systemd/src/basic/string-util.h -+++ b/shared/systemd/src/basic/string-util.h -@@ -27,6 +27,11 @@ - #define strcaseeq(a,b) (strcasecmp((a),(b)) == 0) - #define strncaseeq(a, b, n) (strncasecmp((a), (b), (n)) == 0) - -+/* musl does not know strndupa */ -+#if !defined(__GLIBC__) -+#define strndupa(x,s) strncpy(alloca(strlen(x)+1),x,s) -+#endif -+ - int strcmp_ptr(const char *a, const char *b) _pure_; - - static inline bool streq_ptr(const char *a, const char *b) { -diff --git a/shared/systemd/src/basic/util.h b/shared/systemd/src/basic/util.h -index dc33d66..cc768e9 100644 ---- a/shared/systemd/src/basic/util.h -+++ b/shared/systemd/src/basic/util.h -@@ -27,6 +27,11 @@ #include "macro.h" - #include "time-util.h" - -+#if !defined(__GLIBC__) -+typedef int (*__compar_fn_t) (const void*, const void*); -+typedef __compar_fn_t comparison_fn_t; -+#endif -+ - size_t page_size(void) _pure_; - #define PAGE_ALIGN(l) ALIGN_TO((l), page_size()) - -@@ -66,16 +71,6 @@ int prot_from_flags(int flags) _const_; - bool in_initrd(void); - void in_initrd_force(bool value); -void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size, - __compar_d_fn_t compar, void *arg); @@ -149,14 +107,18 @@ index dc33d66..cc768e9 100644 - int (*_func_)(const typeof(b[0])*, const typeof(b[0])*, typeof(userdata)) = func; \ - xbsearch_r((const void*) _k, (b), (n), sizeof((b)[0]), (__compar_d_fn_t) _func_, userdata); \ - }) -- ++#if !defined(__GLIBC__) ++typedef int (*__compar_fn_t) (const void*, const void*); ++typedef __compar_fn_t comparison_fn_t; ++#endif + /** * Normal bsearch requires base to be nonnull. Here were require - * that only if nmemb > 0. -@@ -116,20 +111,6 @@ static inline void qsort_safe(void *base, size_t nmemb, size_t size, __compar_fn +@@ -54,17 +49,3 @@ static inline void qsort_safe(void *base, size_t nmemb, size_t size, __compar_fn + int (*_func_)(const typeof(p[0])*, const typeof(p[0])*) = func; \ qsort_safe((p), (n), sizeof((p)[0]), (__compar_fn_t) _func_); \ }) - +- -static inline void qsort_r_safe(void *base, size_t nmemb, size_t size, __compar_d_fn_t compar, void *userdata) { - if (nmemb <= 1) - return; @@ -170,10 +132,36 @@ index dc33d66..cc768e9 100644 - int (*_func_)(const typeof(p[0])*, const typeof(p[0])*, typeof(userdata)) = func; \ - qsort_r_safe((p), (n), sizeof((p)[0]), (__compar_d_fn_t) _func_, userdata); \ - }) -- - /* Normal memcpy requires src to be nonnull. We do nothing if n is 0. */ - static inline void memcpy_safe(void *dst, const void *src, size_t n) { - if (n == 0) +diff --git a/shared/systemd/src/basic/stdio-util.h b/shared/systemd/src/basic/stdio-util.h +index c3b9448..e80a938 100644 +--- a/shared/systemd/src/basic/stdio-util.h ++++ b/shared/systemd/src/basic/stdio-util.h +@@ -1,7 +1,9 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + #pragma once + ++#if defined(__GLIBC__) + #include <printf.h> ++#endif + #include <stdarg.h> + #include <stdio.h> + #include <sys/types.h> +diff --git a/shared/systemd/src/basic/string-util.h b/shared/systemd/src/basic/string-util.h +index b23f4c8..8f2f6e0 100644 +--- a/shared/systemd/src/basic/string-util.h ++++ b/shared/systemd/src/basic/string-util.h +@@ -27,6 +27,11 @@ + #define strcaseeq(a,b) (strcasecmp((a),(b)) == 0) + #define strncaseeq(a, b, n) (strncasecmp((a), (b), (n)) == 0) + ++/* musl does not know strndupa */ ++#if !defined(__GLIBC__) ++#define strndupa(x,s) strncpy(alloca(strlen(x)+1),x,s) ++#endif ++ + int strcmp_ptr(const char *a, const char *b) _pure_; + + static inline bool streq_ptr(const char *a, const char *b) { -- -2.20.1 +2.17.1 diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/musl/0002-Fix-build-with-musl.patch b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/musl/0002-Fix-build-with-musl.patch index 25f9a4a00..e0973af1e 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/musl/0002-Fix-build-with-musl.patch +++ b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager/musl/0002-Fix-build-with-musl.patch @@ -1,4 +1,4 @@ -From 0b0f2d5abe27b2c9587f449795f0ae3568fc3e38 Mon Sep 17 00:00:00 2001 +From 3d1307735667758f44378585482fe421db086af8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=BCller?= <schnitzeltony@gmail.com> Date: Mon, 8 Apr 2019 23:10:43 +0200 Subject: [PATCH 2/2] Fix build with musl @@ -23,7 +23,7 @@ The build issues caused by definition conflicts musl vs linux-libc headers Note: Be aware that this is still nasty business: We have to trust that musl headers define same signatures as linux would do - just because musl-makers consider -linux-libc headers 'notoriously broken for userspace' [2] (search for +linux-libc headers 'notoriously broken for userspace' [2] (search for 'error: redefinition of'). [1] http://lists.openembedded.org/pipermail/openembedded-core/2019-March/280440.html @@ -53,7 +53,7 @@ index 43fbbc1..3eae286 100644 #include "nmtui.h" diff --git a/libnm-core/nm-utils.h b/libnm-core/nm-utils.h -index 2b5baba..8a50131 100644 +index 2b5baba..f7abab6 100644 --- a/libnm-core/nm-utils.h +++ b/libnm-core/nm-utils.h @@ -25,6 +25,10 @@ @@ -68,7 +68,7 @@ index 2b5baba..8a50131 100644 #include <netinet/in.h> diff --git a/shared/nm-default.h b/shared/nm-default.h -index 26d6476..b29e8af 100644 +index 54e9916..26e9f4e 100644 --- a/shared/nm-default.h +++ b/shared/nm-default.h @@ -211,6 +211,9 @@ @@ -82,7 +82,7 @@ index 26d6476..b29e8af 100644 /*****************************************************************************/ diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c -index 7514fa7..d305fa5 100644 +index bd4fbcc..f70b309 100644 --- a/src/devices/nm-device.c +++ b/src/devices/nm-device.c @@ -24,6 +24,7 @@ @@ -102,17 +102,17 @@ index 7514fa7..d305fa5 100644 #include <linux/pkt_sched.h> diff --git a/src/platform/nm-linux-platform.c b/src/platform/nm-linux-platform.c -index 2f5c75b..d6ca6d9 100644 +index d4b0115..22a3a90 100644 --- a/src/platform/nm-linux-platform.c +++ b/src/platform/nm-linux-platform.c -@@ -27,7 +27,6 @@ - #include <fcntl.h> +@@ -28,7 +28,6 @@ #include <libudev.h> + #include <linux/fib_rules.h> #include <linux/ip.h> -#include <linux/if_arp.h> + #include <linux/if_bridge.h> #include <linux/if_link.h> #include <linux/if_tun.h> - #include <linux/if_tunnel.h> -- -2.20.1 +2.17.1 diff --git a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.16.0.bb b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.18.0.bb index 9f01f1bc1..9215a8676 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.16.0.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.18.0.bb @@ -26,15 +26,13 @@ SRC_URI = " \ ${GNOME_MIRROR}/NetworkManager/${@gnome_verdir("${PV}")}/NetworkManager-${PV}.tar.xz \ file://0001-Fixed-configure.ac-Fix-pkgconfig-sysroot-locations.patch \ file://0002-Do-not-create-settings-settings-property-documentati.patch \ - file://0003-dlopen-failure.patch \ " SRC_URI_append_libc-musl = " \ file://musl/0001-Fix-build-with-musl-systemd-specific.patch \ file://musl/0002-Fix-build-with-musl.patch \ " - -SRC_URI[md5sum] = "10abacaafb162a67d2942adf03e7e9e4" -SRC_URI[sha256sum] = "8e962833b6ca03edda1bc57ed6614a7b8c2339531b44acef098d05f2324c5d2c" +SRC_URI[md5sum] = "c8c27116a8083bab5d5fcca0d03e988a" +SRC_URI[sha256sum] = "c6e8df25e5a3c7309bc17664be8971689314884cdd08afdd6b0847d29d2a8ba6" UPSTREAM_CHECK_URI = "${GNOME_MIRROR}/NetworkManager/1.16/" UPSTREAM_CHECK_REGEX = "NetworkManager\-(?P<pver>1\.10(\.\d+)+).tar.xz" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.8.11.bb b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.8.12.bb index 8c08d1ed3..762a5bc61 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.8.11.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.8.12.bb @@ -30,8 +30,8 @@ SRC_URI_append_libc-musl = " \ file://cmocka-uintptr_t.patch \ " -SRC_URI[md5sum] = "de61611075e97ea98140a42d9189d9a5" -SRC_URI[sha256sum] = "d294a8d7455d7d252d7bafc9c474855ea6e0ebe559c3babcd303a5c24e58710a" +SRC_URI[md5sum] = "25de700c8f1148fd13973a49a51c059e" +SRC_URI[sha256sum] = "c162d519101e15d1a1d76df063bfefe8d1656f57fb74e1ef19fe05d341a65d8f" UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.8(\.\d+)+).tar.gz" @@ -41,6 +41,9 @@ RDEPENDS_${PN}_remove = "perl" DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libbsd libaio libpam" +RCONFLICTS_${PN} = "libldb" +RCONFLICTS_${PN}-python = "pyldb" + inherit distro_features_check REQUIRED_DISTRO_FEATURES = "pam" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-Add-format-string-to-fprintf-call.patch b/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-Add-format-string-to-fprintf-call.patch deleted file mode 100644 index 8e5f4da36..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-Add-format-string-to-fprintf-call.patch +++ /dev/null @@ -1,26 +0,0 @@ -From a0ad5128d14b022239445e251cf4a9826e86aa96 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Tue, 27 Jun 2017 07:48:31 -0700 -Subject: [PATCH] Add format string to fprintf() call - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/vt.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/vt.c b/src/vt.c -index 795d393..a533d3d 100644 ---- a/src/vt.c -+++ b/src/vt.c -@@ -499,7 +499,7 @@ static int vt_cmd_dump_candidates(const struct vt_handle *vh, - } - llen += cmdlen; - -- ret = fprintf(vh->vh_stream, e->cmd); -+ ret = fprintf(vh->vh_stream, "%s", e->cmd); - if (ret < 0) - return ret; - --- -2.13.2 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-replace-SIGCLD-with-SIGCHLD-and-include-sys-types.h.patch b/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-replace-SIGCLD-with-SIGCHLD-and-include-sys-types.h.patch deleted file mode 100644 index 153bced39..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-replace-SIGCLD-with-SIGCHLD-and-include-sys-types.h.patch +++ /dev/null @@ -1,38 +0,0 @@ -From f567740cf64978ac9db014c786b6d0267b244f33 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sun, 4 Mar 2018 22:30:30 -0800 -Subject: [PATCH 1/2] replace SIGCLD with SIGCHLD and include sys/types.h - -Fixes -main.c:129:10: error: 'SIGCLD' undeclared (first use in this function); did you mean 'SIGCHLD'? - signal(SIGCLD, sig_child); - ^~~~~~ - SIGCHLD - -main.c:125:2: warning: implicit declaration of function 'umask' [-Wimplicit-function-declaration] - umask(0); - ^~~~~ - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending - - src/main.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -Index: git/src/main.c -=================================================================== ---- git.orig/src/main.c -+++ git/src/main.c -@@ -133,9 +133,9 @@ static void daemon_start(int ignsigcld) - - if (ignsigcld) { - #ifdef SIGTSTP -- signal(SIGCLD, sig_child); -+ signal(SIGCHLD, sig_child); - #else -- signal(SIGCLD, SIG_IGN); -+ signal(SIGCHLD, SIG_IGN); - #endif - } - } diff --git a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-support-openssl-1.1.x.patch b/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-support-openssl-1.1.x.patch deleted file mode 100644 index d8355e25f..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0001-support-openssl-1.1.x.patch +++ /dev/null @@ -1,88 +0,0 @@ -From 62784e8b6df8ff3a907c1f816154808bea9d7064 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Tue, 25 Sep 2018 14:38:14 +0800 -Subject: [PATCH] support openssl 1.1.x - -Long time no maintain from upstream since 2013 -(git://git.umip.org/umip/umip.git), backport a -fix from openSUSE - -Upstream-Status: Backport [openSUSE] -http://ftp.gwdg.de/pub/opensuse/source/distribution/leap/15.0/repo/oss/src/mipv6d-2.0.2.umip.0.4-lp150.1.2.src.rpm - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - src/keygen.c | 12 ++++++++++++ - src/mh.c | 17 ++++++++++++++++- - 2 files changed, 28 insertions(+), 1 deletion(-) - -diff --git a/src/keygen.c b/src/keygen.c -index e434a38..b902644 100644 ---- a/src/keygen.c -+++ b/src/keygen.c -@@ -172,6 +172,7 @@ static void build_kgen_token(struct in6_addr *addr, uint8_t *nonce, - uint8_t tmp[20]; - #ifdef HAVE_LIBCRYPTO - unsigned int len = 20; -+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL - HMAC_CTX ctx; - - HMAC_CTX_init(&ctx); -@@ -182,6 +183,17 @@ static void build_kgen_token(struct in6_addr *addr, uint8_t *nonce, - HMAC_Final(&ctx, tmp, &len); - HMAC_CTX_cleanup(&ctx); - #else -+ HMAC_CTX *ctx; -+ ctx = HMAC_CTX_new(); -+ HMAC_Init_ex(ctx, key_cn, sizeof(key_cn), EVP_sha1(), NULL); -+ HMAC_Update(ctx, (unsigned char *)addr, sizeof(*addr)); -+ HMAC_Update(ctx, nonce, NONCE_LENGTH); -+ HMAC_Update(ctx, &id, sizeof(id)); -+ HMAC_Final(ctx, tmp, &len); -+ HMAC_CTX_free(ctx); -+#endif // End of defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL -+ -+#else - HMAC_SHA1_CTX ctx; - - HMAC_SHA1_init(&ctx, key_cn, sizeof(key_cn)); -diff --git a/src/mh.c b/src/mh.c -index cba9a33..212eb5a 100644 ---- a/src/mh.c -+++ b/src/mh.c -@@ -518,9 +518,10 @@ static int calculate_auth_data(const struct iovec *iov, int iovlen, - - #ifdef HAVE_LIBCRYPTO - unsigned int len = HMAC_SHA1_HASH_LEN; -- HMAC_CTX ctx; - const EVP_MD *evp_md = EVP_sha1(); - -+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL -+ HMAC_CTX ctx; - HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, key, HMAC_SHA1_KEY_SIZE, evp_md, NULL); - -@@ -532,6 +533,20 @@ static int calculate_auth_data(const struct iovec *iov, int iovlen, - HMAC_Final(&ctx, buf, &len); - HMAC_CTX_cleanup(&ctx); - #else -+ HMAC_CTX *ctx; -+ ctx = HMAC_CTX_new(); -+ HMAC_Init_ex(ctx, key, HMAC_SHA1_KEY_SIZE, evp_md, NULL); -+ -+ HMAC_Update(ctx, (uint8_t *)coa, sizeof(*coa)); -+ HMAC_Update(ctx, (uint8_t *)cn, sizeof(*coa)); -+ for (i = 0; i < iovlen; i++) { -+ HMAC_Update(ctx, (uint8_t *)iov[i].iov_base, iov[i].iov_len); -+ } -+ HMAC_Final(ctx, buf, &len); -+ HMAC_CTX_free(ctx); -+#endif -+ -+#else - HMAC_SHA1_CTX ctx; - - HMAC_SHA1_init(&ctx, key, HMAC_SHA1_KEY_SIZE); --- -2.7.4 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0002-replace-PTHREAD_MUTEX_FAST_NP-with-PTHREAD_MUTEX_NOR.patch b/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0002-replace-PTHREAD_MUTEX_FAST_NP-with-PTHREAD_MUTEX_NOR.patch deleted file mode 100644 index 90d12da14..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/0002-replace-PTHREAD_MUTEX_FAST_NP-with-PTHREAD_MUTEX_NOR.patch +++ /dev/null @@ -1,143 +0,0 @@ -From 19b6cf8099e1974b5fc39086fc54103b0cbc2658 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sun, 4 Mar 2018 23:01:25 -0800 -Subject: [PATCH 2/2] replace PTHREAD_MUTEX_FAST_NP with PTHREAD_MUTEX_NORMAL - -PTHREAD_MUTEX_FAST_NP is not available on non-posix systems -e.g. musl - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending - - src/ha.c | 2 +- - src/icmp6.c | 2 +- - src/mh.c | 2 +- - src/mn.c | 2 +- - src/movement.c | 2 +- - src/mpdisc_ha.c | 2 +- - src/mpdisc_mn.c | 2 +- - src/tqueue.c | 2 +- - src/tunnelctl.c | 2 +- - 9 files changed, 9 insertions(+), 9 deletions(-) - -diff --git a/src/ha.c b/src/ha.c -index fbdcff0..b2f811e 100644 ---- a/src/ha.c -+++ b/src/ha.c -@@ -1246,7 +1246,7 @@ int ha_init(void) - { - pthread_mutexattr_t mattrs; - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - if (pthread_mutex_init(&bu_worker_mutex, &mattrs) || - pthread_cond_init(&cond, NULL)) - return -1; -diff --git a/src/icmp6.c b/src/icmp6.c -index 3695135..6460634 100644 ---- a/src/icmp6.c -+++ b/src/icmp6.c -@@ -243,7 +243,7 @@ int icmp6_init(void) - return -1; - /* create ICMP listener thread */ - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - if (pthread_mutex_init(&icmp6_sock.send_mutex, &mattrs) || - pthread_rwlock_init(&handler_lock, NULL) || - pthread_create(&icmp6_listener, NULL, icmp6_listen, NULL)) -diff --git a/src/mh.c b/src/mh.c -index 60e345e..7928f4c 100644 ---- a/src/mh.c -+++ b/src/mh.c -@@ -204,7 +204,7 @@ int mh_init(void) - return -1; - - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - if (pthread_mutex_init(&mh_sock.send_mutex, &mattrs) || - pthread_rwlock_init(&handler_lock, NULL) || - pthread_create(&mh_listener, NULL, mh_listen, NULL)) -diff --git a/src/mn.c b/src/mn.c -index 092cfcb..8f7f448 100644 ---- a/src/mn.c -+++ b/src/mn.c -@@ -1478,7 +1478,7 @@ static struct home_addr_info *hai_copy(struct home_addr_info *conf_hai) - if (hai != NULL) { - pthread_mutexattr_t mattrs; - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - - memcpy(hai, conf_hai, sizeof(struct home_addr_info)); - -diff --git a/src/movement.c b/src/movement.c -index d985937..6400448 100644 ---- a/src/movement.c -+++ b/src/movement.c -@@ -2013,7 +2013,7 @@ int md_init(void) - int val; - - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - if (pthread_mutex_init(&iface_lock, &mattrs)) - return -1; - -diff --git a/src/mpdisc_ha.c b/src/mpdisc_ha.c -index 40ba05f..fd7a90d 100644 ---- a/src/mpdisc_ha.c -+++ b/src/mpdisc_ha.c -@@ -559,7 +559,7 @@ int mpd_ha_init(void) - { - pthread_mutexattr_t mattrs; - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - if (pthread_mutex_init(&mpa_lock, &mattrs) || - pthread_rwlock_init(&prefix_lock, NULL) || - hash_init(&mpa_hash, DOUBLE_ADDR, MPA_BUCKETS) < 0) -diff --git a/src/mpdisc_mn.c b/src/mpdisc_mn.c -index 4873bd6..ada02bd 100644 ---- a/src/mpdisc_mn.c -+++ b/src/mpdisc_mn.c -@@ -267,7 +267,7 @@ int mpd_mn_init(void) - { - pthread_mutexattr_t mattrs; - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - if (pthread_mutex_init(&mps_lock, &mattrs)) - return -1; - if (hash_init(&mps_hash, DOUBLE_ADDR, MPS_BUCKETS) < 0) -diff --git a/src/tqueue.c b/src/tqueue.c -index 2f7aa0b..9c185b8 100644 ---- a/src/tqueue.c -+++ b/src/tqueue.c -@@ -65,7 +65,7 @@ int taskqueue_init(void) - { - pthread_mutexattr_t mattrs; - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - if (pthread_mutex_init(&mutex, &mattrs) || - pthread_cond_init(&cond, NULL) || - pthread_create(&tq_runner, NULL, runner, NULL)) -diff --git a/src/tunnelctl.c b/src/tunnelctl.c -index 23fc20b..813b8ec 100644 ---- a/src/tunnelctl.c -+++ b/src/tunnelctl.c -@@ -433,7 +433,7 @@ int tunnelctl_init(void) - return -1; - - pthread_mutexattr_init(&mattrs); -- pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_FAST_NP); -+ pthread_mutexattr_settype(&mattrs, PTHREAD_MUTEX_NORMAL); - if (pthread_mutex_init(&tnl_lock, &mattrs)) - return -1; - --- -2.16.2 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/add-dependency-to-support-parallel-compilation.patch b/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/add-dependency-to-support-parallel-compilation.patch deleted file mode 100644 index dbf008264..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/add-dependency-to-support-parallel-compilation.patch +++ /dev/null @@ -1,23 +0,0 @@ -When "make -j10", the compilation will fail, -because scan.c has included gram.h, but gram.h was produced -after scan.c was compiled - -So add this dependency to ensure that gram.h is produced -before scan.c is produced. - -Upstream-Status: Inappropriate [upstream is not active] - -Signed-off-by: Roy.Li <RongQing.Li@windriver.com> -Signed-off-by: Jackie Huang <jackie.huang@windriver.com> ---- - src/Makefile.am | 2 ++ - 1 file changed, 2 insertions(+) - ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -81,3 +81,5 @@ CLEANFILES = gram.c gram.h \ - - DISTCLEANFILES = $(BUILT_SOURCES) - MAINTAINERCLEANFILES = Makefile.in -+ -+scan.c: gram.h diff --git a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/mip6d b/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/mip6d deleted file mode 100755 index ebd70a6cc..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/mip6d +++ /dev/null @@ -1,112 +0,0 @@ -#!/bin/sh -# -# mip6d Start script for the Mobile IPv6 daemon -# -# chkconfig: - 55 25 -# description: The mobile IPv6 daemon allows nodes to remain \ -# reachable while moving around in the IPv6 Internet. -# processname: mip6d -# config: /etc/mip6d.conf -# config: /etc/sysconfig/mip6d -# -### BEGIN INIT INFO -# Provides: mipv6-daemon -# Required-Start: $local_fs $remote_fs $network $named -# Required-Stop: $local_fs $remote_fs $network -# Should-Start: $syslog -# Should-Stop: $network $syslog -# Default-Start: -# Default-Stop: 0 1 6 -# Short-Description: Start and stop Mobile IPV6 daemon -# Description: The mobile IPv6 daemon allows nodes to remain -# reachable while moving around in the IPv6 Internet. -### END INIT INFO - -# Source function library. -. /etc/init.d/functions - -if [ -f /etc/sysconfig/mip6d ]; then - . /etc/sysconfig/mip6d -fi - -mip6d=/usr/sbin/mip6d -prog="mip6d" -lockfile=/var/lock/subsys/$prog - -start() { - [ -x $mip6d ] || exit 5 - echo -n $"Starting $prog: " - start-stop-daemon -S -x ${mip6d} && success || failure - retval=$? - echo - [ $retval -eq 0 ] && touch ${lockfile} - return $retval -} - -stop() { - echo -n $"Stopping $prog: " - start-stop-daemon -K -x $mip6d - retval=$? - echo - [ $retval -eq 0 ] && rm -f ${lockfile} - return $retval -} - -restart() { - stop - start -} - -reload() -{ - echo -n $"Reloading $prog configuration: " - killproc $mip6d -HUP - retval=$? - echo - return $retval -} - -force_reload() { - restart -} - -rh_status() { - status $prog -} - -rh_status_q() { - rh_status > /dev/null 2>&1 -} - -case "$1" in - start) - rh_status_q && exit 0 - $1 - ;; - stop) - rh_status_q || exit 0 - $1 - ;; - restart) - $1 - ;; - reload) - rh_status_q || exit 7 - $1 - ;; - force-reload) - force_reload - ;; - status) - rh_status - ;; - condrestart|try-restart) - rh_status_q || exit 0 - restart - ;; - *) - echo $"Usage: $prog {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" - exit 2 -esac - -exit $? diff --git a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/mip6d.service b/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/mip6d.service deleted file mode 100644 index 2b5a5b9f1..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip/mip6d.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=MIPL Mobile IPv6 -After=network.target - -[Service] -EnvironmentFile=-@SYSCONFDIR@/sysconfig/mip6d -ExecStart=@SBINDIR@/mip6d $ARGS - -[Install] -WantedBy=multi-user.target diff --git a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip_1.0.bb b/meta-openembedded/meta-networking/recipes-connectivity/umip/umip_1.0.bb deleted file mode 100644 index 43367b550..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/umip/umip_1.0.bb +++ /dev/null @@ -1,46 +0,0 @@ -SUMMARY = "Mobile IPv6 and NEMO for Linux" -DESCRIPTION = "UMIP is an open source implementation of Mobile IPv6 and NEMO \ -Basic Support for Linux. It is released under the GPLv2 license. It supports \ -the following IETF RFC: RFC6275 (Mobile IPv6), RFC3963 (NEMO), RFC3776 and \ -RFC4877 (IPsec and IKEv2)." -HOMEPAGE = "http://umip.org/" -SECTION = "System Environment/Base" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=073dc31ccb2ebed70db54f1e8aeb4c33" -DEPENDS = "openssl ipsec-tools radvd indent-native bison-native" - -SRC_URI = "git://git.umip.org/umip/umip.git \ - file://add-dependency-to-support-parallel-compilation.patch \ - file://mip6d \ - file://mip6d.service \ - file://0001-Add-format-string-to-fprintf-call.patch \ - file://0001-replace-SIGCLD-with-SIGCHLD-and-include-sys-types.h.patch \ - file://0002-replace-PTHREAD_MUTEX_FAST_NP-with-PTHREAD_MUTEX_NOR.patch \ - file://0001-support-openssl-1.1.x.patch \ - " -SRCREV = "cbd441c5db719db554ff2b4fcb02fef88ae2f791" - -# Depends on ipsec-tools which is already MACHINE_ARCH (and also RRECOMMENDS kernel modules) -PACKAGE_ARCH = "${MACHINE_ARCH}" - -S = "${WORKDIR}/git" - -EXTRA_OECONF = "--enable-vt" - -inherit autotools-brokensep systemd update-rc.d - -INITSCRIPT_NAME = "mip6d" -INITSCRIPT_PARAMS = "start 64 . stop 36 0 1 2 3 4 5 6 ." - -SYSTEMD_SERVICE_${PN} = "mip6d.service" -SYSTEMD_AUTO_ENABLE = "disable" - -do_install_append() { - install -D -m 0755 ${WORKDIR}/mip6d ${D}${sysconfdir}/init.d/mip6d - install -D -m 0644 ${WORKDIR}/mip6d.service ${D}${systemd_system_unitdir}/mip6d.service - sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' \ - -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_system_unitdir}/mip6d.service -} - -RRECOMMENDS_${PN} = "kernel-module-mip6 kernel-module-ipv6" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/wireless-regdb/wireless-regdb_2019.03.01.bb b/meta-openembedded/meta-networking/recipes-connectivity/wireless-regdb/wireless-regdb_2019.06.03.bb index 7b7de5849..ded44b3d4 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/wireless-regdb/wireless-regdb_2019.03.01.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/wireless-regdb/wireless-regdb_2019.06.03.bb @@ -5,8 +5,8 @@ LICENSE = "ISC" LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz" -SRC_URI[md5sum] = "b5eb2d0cc23f5e495a59405e34ce437f" -SRC_URI[sha256sum] = "3a4e6f7006599bc5764f86e1e86422710da13ad80e0242147b61c6855ebc915f" +SRC_URI[md5sum] = "4b5ba3f089db7fdb7b9daae6a7c1f2cb" +SRC_URI[sha256sum] = "cd917ed86b63ce8d93947979f1f18948f03a4ac0ad89ec25227b36ac00dc54bf" inherit bin_package allarch diff --git a/meta-openembedded/meta-networking/recipes-core/packagegroups/packagegroup-meta-networking.bb b/meta-openembedded/meta-networking/recipes-core/packagegroups/packagegroup-meta-networking.bb index 64eabe462..3770601a4 100644 --- a/meta-openembedded/meta-networking/recipes-core/packagegroups/packagegroup-meta-networking.bb +++ b/meta-openembedded/meta-networking/recipes-core/packagegroups/packagegroup-meta-networking.bb @@ -34,7 +34,7 @@ RDEPENDS_packagegroup-meta-networking-connectivity = "\ openconnect ez-ipupdate mosquitto sethdlc crda \ dibbler-server dibbler-client dibbler-requestor dibbler-relay \ libdnet ufw civetweb freeradius kea daq \ - mbedtls relayd snort dhcpcd rdate vlan umip vpnc \ + mbedtls relayd snort dhcpcd rdate vlan vpnc \ inetutils wolfssl lftp miniupnpd networkmanager \ networkmanager-openvpn rdist nanomsg python-networkmanager \ wireless-regdb \ @@ -93,7 +93,7 @@ RDEPENDS_packagegroup-meta-networking-support = "\ ncp ndisc6 mtr tinyproxy ssmping ntp \ wpan-tools bridge-utils ifenslave celt051 pimd \ nbd-client nbd-server nbd-trdump \ - phytool fwknop htpdate tcpreplay ipsec-tools \ + phytool fwknop htpdate tcpreplay \ traceroute geoip-perl geoip geoipupdate esmtp \ libtdb netcf dnsmasq curlpp openipmi drbd-utils \ drbd tunctl dovecot ipvsadm stunnel chrony spice-protocol \ diff --git a/meta-openembedded/meta-networking/recipes-daemons/atftp/atftp_git.bb b/meta-openembedded/meta-networking/recipes-daemons/atftp/atftp_0.7.2.bb index a9949d59a..ff9084dbf 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/atftp/atftp_git.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/atftp/atftp_0.7.2.bb @@ -3,17 +3,12 @@ SECTION = "net" HOMEPAGE = "http://packages.debian.org/atftp" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://LICENSE;md5=94d55d512a9ba36caa9b7df079bae19f" -PV = "0.7.1+git${SRCPV}" -PR = "r3" -SRCREV = "be3291a18c069ae23a124ffdc56d64a5ff0bbec7" +SRCREV = "52b71f0831dcbde508bd3a961d84abb80a62480f" SRC_URI = "git://git.code.sf.net/p/atftp/code \ - file://atftpd-0.7_circumvent_tftp_size_restrictions.patch \ - file://atftpd-0.7_unprotected_assignments_crash.patch \ file://atftpd.init \ file://atftpd.service \ - file://atftp-0.7-sorcerers_apprentice.patch \ " SRC_URI_append_libc-musl = " file://0001-argz.h-fix-musl-compile-add-missing-defines.patch \ file://0002-tftp.h-tftpd.h-fix-musl-compile-missing-include.patch \ diff --git a/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftp-0.7-sorcerers_apprentice.patch b/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftp-0.7-sorcerers_apprentice.patch deleted file mode 100644 index fc64291cd..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftp-0.7-sorcerers_apprentice.patch +++ /dev/null @@ -1,94 +0,0 @@ -atftp exhibits the well known "Sorcerer's Apprentice Syndrome"(SAS) problem. -According to RFC 1350, the fix to SAS is quite simple: further copies of the -acknowledgment for a particular data block would be ignored. - -Patch originally from OpenSUSE: -https://build.opensuse.org/package/view_file?file=atftp-0.7-sorcerers_apprentice.patch&package=atftp.539&project=openSUSE%3A12.1%3AUpdate&rev=84569792975e00573d7df597d2a6e895 - -Upstream-Status: Pending - -Signed-off-by: Roy.Li <rongqing.li@windriver.com> -Index: atftp-0.7/tftp_file.c -=================================================================== ---- atftp-0.7.orig/tftp_file.c 2011-11-22 15:12:53.792744083 +0100 -+++ atftp-0.7/tftp_file.c 2011-11-22 15:13:51.706421893 +0100 -@@ -605,6 +605,7 @@ - int timeout_state = state; /* what state should we go on when timeout */ - int result; - long block_number = 0; -+ long last_requested_block = -1; - long last_block = -1; - int data_size; /* size of data received */ - int sockfd = data->sockfd; /* just to simplify calls */ -@@ -765,6 +766,17 @@ - connected = 1; - } - block_number = ntohs(tftphdr->th_block); -+ -+ if (last_requested_block >= block_number) -+ { -+ if (data->trace) -+ fprintf(stderr, "received duplicated ACK <block: %ld >= %ld>\n", -+ last_requested_block, block_number); -+ break; -+ } -+ else -+ last_requested_block = block_number; -+ - if (data->trace) - fprintf(stderr, "received ACK <block: %ld>\n", - block_number); -Index: atftp-0.7/tftpd_file.c -=================================================================== ---- atftp-0.7.orig/tftpd_file.c 2011-11-22 15:12:53.793744112 +0100 -+++ atftp-0.7/tftpd_file.c 2011-11-22 15:15:04.617534260 +0100 -@@ -403,6 +403,7 @@ - int timeout_state = state; - int result; - long block_number = 0; -+ long last_requested_block = -1; - long last_block = -1; - int block_loops = 0; - int data_size; -@@ -859,6 +860,32 @@ - { - logger(LOG_DEBUG, "received ACK <block: %d>", block_number); - } -+ -+ /* check whether the block request isn't already fulfilled */ -+ -+ /* multicast, block numbers could contain gaps */ -+ if (multicast) { -+ if (last_requested_block >= block_number) -+ { -+ if (data->trace) -+ logger(LOG_DEBUG, "received duplicated ACK <block: %d >= %d>", last_requested_block, block_number); -+ break; -+ } -+ else -+ last_requested_block = block_number; -+ /* unicast, blocks should be requested one after another */ -+ } else { -+ if (last_requested_block + 1 != block_number && last_requested_block != -1) -+ { -+ if (data->trace) -+ logger(LOG_DEBUG, "received out of order ACK <block: %d != %d>", last_requested_block + 1, block_number); -+ break; -+ } -+ else -+ last_requested_block = block_number; -+ } -+ -+ - if (ntohs(tftphdr->th_block) == 65535) - { - block_loops++; -@@ -958,6 +985,8 @@ - /* nedd to send an oack to that client */ - state = S_SEND_OACK; - fseek(fp, 0, SEEK_SET); -+ /* reset the last block received counter */ -+ last_requested_block = -1; - } - else - { diff --git a/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftpd-0.7_circumvent_tftp_size_restrictions.patch b/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftpd-0.7_circumvent_tftp_size_restrictions.patch deleted file mode 100644 index 280b570b2..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftpd-0.7_circumvent_tftp_size_restrictions.patch +++ /dev/null @@ -1,163 +0,0 @@ -Fate #303031: Circumvent TFTP size restrictions in atftpd -The size of a single image file that can be transferred with TFTP is limited to -2^(2*8) *BLOCKSIZE (as per RFC 1350 there are only two bytes for the block -counter). This is problematic for one of our customers who needs to transfer -100+ MB Windows images using a TFTP client (NT bootloader) which has a -hardwared BLOCKSIZE setting of 1432). - -block rollover -http://www.compuphase.com/tftp.htm - -Patch originally from OpenSUSE: -https://build.opensuse.org/package/show?package=atftp&project=openSUSE%3A12.2 - -Upstream-Status: Pending - -Index: git/tftp_def.h -=================================================================== ---- git.orig/tftp_def.h 2012-11-19 16:28:50.221027144 -0800 -+++ git/tftp_def.h 2012-11-20 17:40:54.391206979 -0800 -@@ -32,6 +32,7 @@ - #define TIMEOUT 5 /* Client timeout */ - #define S_TIMEOUT 5 /* Server timout. */ - #define NB_OF_RETRY 5 -+#define MAXBLOCKS 1000000 /* maximum number of blocks in a download */ - - /* definition to use tftp_options structure */ - #define OPT_FILENAME 0 -Index: git/tftp_file.c -=================================================================== ---- git.orig/tftp_file.c 2012-11-19 16:28:50.221027144 -0800 -+++ git/tftp_file.c 2012-11-19 16:28:51.201027167 -0800 -@@ -622,8 +622,8 @@ - int state = S_SEND_REQ; /* current state in the state machine */ - int timeout_state = state; /* what state should we go on when timeout */ - int result; -- int block_number = 0; -- int last_block = -1; -+ long block_number = 0; -+ long last_block = -1; - int data_size; /* size of data received */ - int sockfd = data->sockfd; /* just to simplify calls */ - struct sockaddr_storage sa; /* a copy of data.sa_peer */ -@@ -637,8 +637,8 @@ - int convert = 0; /* if true, do netascii convertion */ - char string[MAXLEN]; - -- int prev_block_number = 0; /* needed to support netascii convertion */ -- int prev_file_pos = 0; -+ long prev_block_number = 0; /* needed to support netascii convertion */ -+ long prev_file_pos = 0; - int temp = 0; - - data->file_size = 0; -@@ -745,7 +745,7 @@ - data_size, data->data_buffer); - data->file_size += data_size; - if (data->trace) -- fprintf(stderr, "sent DATA <block: %d, size: %d>\n", -+ fprintf(stderr, "sent DATA <block: %ld, size: %d>\n", - block_number + 1, data_size - 4); - state = S_WAIT_PACKET; - break; -@@ -785,7 +785,7 @@ - } - block_number = ntohs(tftphdr->th_block); - if (data->trace) -- fprintf(stderr, "received ACK <block: %d>\n", -+ fprintf(stderr, "received ACK <block: %ld>\n", - block_number); - if ((last_block != -1) && (block_number > last_block)) - { -Index: git/tftp_io.c -=================================================================== ---- git.orig/tftp_io.c 2012-11-19 16:28:50.221027144 -0800 -+++ git/tftp_io.c 2012-11-19 16:28:51.201027167 -0800 -@@ -350,8 +350,8 @@ - /* - * Read from file and do netascii conversion if needed - */ --int tftp_file_read(FILE *fp, char *data_buffer, int data_buffer_size, int block_number, -- int convert, int *prev_block_number, int *prev_file_pos, int *temp) -+int tftp_file_read(FILE *fp, char *data_buffer, int data_buffer_size, long block_number, -+ int convert, long *prev_block_number, long *prev_file_pos, int *temp) - { - int i; - int c; -Index: git/tftp_io.h -=================================================================== ---- git.orig/tftp_io.h 2012-11-19 16:28:50.221027144 -0800 -+++ git/tftp_io.h 2012-11-19 16:28:51.201027167 -0800 -@@ -52,8 +52,8 @@ - int tftp_get_packet(int sock1, int sock2, int *sock, struct sockaddr_storage *sa, - struct sockaddr_storage *from, struct sockaddr_storage *to, - int timeout, int *size, char *data); --int tftp_file_read(FILE *fp, char *buffer, int buffer_size, int block_number, int convert, -- int *prev_block_number, int *prev_file_pos, int *temp); -+int tftp_file_read(FILE *fp, char *buffer, int buffer_size, long block_number, int convert, -+ long *prev_block_number, long *prev_file_pos, int *temp); - int tftp_file_write(FILE *fp, char *data_buffer, int data_buffer_size, int block_number, - int data_size, int convert, int *prev_block_number, int *temp); - #endif -Index: git/tftpd_file.c -=================================================================== ---- git.orig/tftpd_file.c 2012-11-19 16:28:50.225027144 -0800 -+++ git/tftpd_file.c 2012-11-19 16:28:51.201027167 -0800 -@@ -407,8 +407,9 @@ - int state = S_BEGIN; - int timeout_state = state; - int result; -- int block_number = 0; -- int last_block = -1; -+ long block_number = 0; -+ long last_block = -1; -+ int block_loops = 0; - int data_size; - struct sockaddr_storage *sa = &data->client_info->client; - struct sockaddr_storage from; -@@ -431,8 +432,8 @@ - struct client_info *client_old = NULL; - struct tftp_opt options[OPT_NUMBER]; - -- int prev_block_number = 0; /* needed to support netascii convertion */ -- int prev_file_pos = 0; -+ long prev_block_number = 0; /* needed to support netascii convertion */ -+ long prev_file_pos = 0; - int temp = 0; - - /* look for mode option */ -@@ -565,11 +566,12 @@ - logger(LOG_INFO, "blksize option -> %d", result); - } - -- /* Verify that the file can be sent in 2^16 block of BLKSIZE octets */ -- if ((file_stat.st_size / (data->data_buffer_size - 4)) > 65535) -+ /* Verify that the file can be sent in MAXBLOCKS blocks of BLKSIZE octets */ -+ if ((file_stat.st_size / (data->data_buffer_size - 4)) > MAXBLOCKS) - { - tftp_send_error(sockfd, sa, EUNDEF, data->data_buffer, data->data_buffer_size); -- logger(LOG_NOTICE, "Requested file to big, increase BLKSIZE"); -+ logger(LOG_NOTICE, "Requested file too big, increase BLKSIZE"); -+ logger(LOG_NOTICE, "Only %d blocks of %d bytes can be served.", MAXBLOCKS, data->data_buffer_size); - if (data->trace) - logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EUNDEF, - tftp_errmsg[EUNDEF]); -@@ -880,10 +882,15 @@ - } - /* The ACK is from the current client */ - number_of_timeout = 0; -- block_number = ntohs(tftphdr->th_block); -+ block_number = (block_loops * 65536) + ntohs(tftphdr->th_block); - if (data->trace) -- logger(LOG_DEBUG, "received ACK <block: %d>", -- block_number); -+ { -+ logger(LOG_DEBUG, "received ACK <block: %d>", block_number); -+ } -+ if (ntohs(tftphdr->th_block) == 65535) -+ { -+ block_loops++; -+ }; - if ((last_block != -1) && (block_number > last_block)) - { - state = S_END; diff --git a/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftpd-0.7_unprotected_assignments_crash.patch b/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftpd-0.7_unprotected_assignments_crash.patch deleted file mode 100644 index 28fba6cf5..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/atftp/files/atftpd-0.7_unprotected_assignments_crash.patch +++ /dev/null @@ -1,152 +0,0 @@ -Avoid assigning thread data outside of mutex lock - -Patch originally from OpenSUSE: -https://build.opensuse.org/package/show?package=atftp&project=openSUSE%3A12.2 - -Upstream-Status: Pending - -Index: git/tftpd_list.c -=================================================================== ---- git.orig/tftpd_list.c 2012-10-24 21:48:47.000000000 -0700 -+++ git/tftpd_list.c 2012-10-24 21:52:04.266205076 -0700 -@@ -49,11 +49,11 @@ - */ - int tftpd_list_add(struct thread_data *new) - { -- struct thread_data *current = thread_data; -+ struct thread_data *current; - int ret; - - pthread_mutex_lock(&thread_list_mutex); -- -+ current = thread_data; - number_of_thread++; - - ret = number_of_thread; -@@ -81,11 +81,13 @@ - */ - int tftpd_list_remove(struct thread_data *old) - { -- struct thread_data *current = thread_data; -+ struct thread_data *current; - int ret; - - pthread_mutex_lock(&thread_list_mutex); - -+ current = thread_data; -+ - number_of_thread--; - ret = number_of_thread; - -@@ -137,23 +139,26 @@ - struct thread_data *data, - struct client_info *client) - { -- struct thread_data *current = thread_data; /* head of the list */ -- struct tftp_opt *tftp_options = data->tftp_options; -+ struct thread_data *current; /* head of the list */ -+ struct tftp_opt *tftp_options; - struct client_info *tmp; - char options[MAXLEN]; - char string[MAXLEN]; - char *index; - int len; - -+ /* lock the whole list before walking it */ -+ pthread_mutex_lock(&thread_list_mutex); -+ - *thread = NULL; - -+ current = thread_data; -+ tftp_options = data->tftp_options; -+ - opt_request_to_string(tftp_options, options, MAXLEN); - index = strstr(options, "multicast"); - len = (int)index - (int)options; - -- /* lock the whole list before walking it */ -- pthread_mutex_lock(&thread_list_mutex); -- - while (current) - { - if (current != data) -@@ -214,9 +219,10 @@ - void tftpd_clientlist_remove(struct thread_data *thread, - struct client_info *client) - { -- struct client_info *tmp = thread->client_info; -+ struct client_info *tmp; - - pthread_mutex_lock(&thread->client_mutex); -+ tmp = thread->client_info; - while ((tmp->next != client) && (tmp->next != NULL)) - tmp = tmp->next; - if (tmp->next == NULL) -@@ -231,9 +237,11 @@ - void tftpd_clientlist_free(struct thread_data *thread) - { - struct client_info *tmp; -- struct client_info *head = thread->client_info; -+ struct client_info *head; - - pthread_mutex_lock(&thread->client_mutex); -+ head = thread->client_info; -+ - while (head) - { - tmp = head; -@@ -250,9 +258,10 @@ - struct client_info *client, - struct sockaddr_storage *sock) - { -- struct client_info *head = thread->client_info; -+ struct client_info *head; - - pthread_mutex_lock(&thread->client_mutex); -+ head = thread->client_info; - - if (client) - { -@@ -334,10 +343,10 @@ - - void tftpd_list_kill_threads(void) - { -- struct thread_data *current = thread_data; /* head of list */ -+ struct thread_data *current; /* head of list */ - - pthread_mutex_lock(&thread_list_mutex); -- -+ current = thread_data; - - while (current != NULL) - { -Index: git/tftpd_mcast.c -=================================================================== ---- git.orig/tftpd_mcast.c 2012-10-24 21:48:47.000000000 -0700 -+++ git/tftpd_mcast.c 2012-10-24 21:49:11.570201582 -0700 -@@ -51,9 +51,11 @@ - */ - int tftpd_mcast_get_tid(char **addr, short *port) - { -- struct tid *current = tid_list; -+ struct tid *current; - - pthread_mutex_lock(&mcast_tid_list); -+ current = tid_list; -+ - /* walk the list for a free tid */ - while (current != NULL) - { -@@ -74,9 +76,11 @@ - - int tftpd_mcast_free_tid(char *addr, short port) - { -- struct tid *current = tid_list; -+ struct tid *current; - - pthread_mutex_lock(&mcast_tid_list); -+ current = tid_list; -+ - while (current != NULL) - { - if ((current->used == 1) && (current->port == port) && diff --git a/meta-openembedded/meta-networking/recipes-daemons/igmpproxy/igmpproxy/0001-src-igmpproxy.h-Include-sys-types.h-for-u_short-u_in.patch b/meta-openembedded/meta-networking/recipes-daemons/igmpproxy/igmpproxy/0001-src-igmpproxy.h-Include-sys-types.h-for-u_short-u_in.patch deleted file mode 100644 index 82cdc36ac..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/igmpproxy/igmpproxy/0001-src-igmpproxy.h-Include-sys-types.h-for-u_short-u_in.patch +++ /dev/null @@ -1,25 +0,0 @@ -From a557651a08e21e3c7c7f5eca9f5405f86624903f Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Fri, 14 Jul 2017 22:42:51 -0700 -Subject: [PATCH] src/igmpproxy.h: Include sys/types.h for u_short/u_init - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/igmpproxy.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/igmpproxy.h b/src/igmpproxy.h -index 4dabd1c..4454729 100644 ---- a/src/igmpproxy.h -+++ b/src/igmpproxy.h -@@ -46,6 +46,7 @@ - #include <stdbool.h> - - #include <sys/socket.h> -+#include <sys/types.h> - #include <sys/un.h> - #include <sys/time.h> - #include <sys/ioctl.h> --- -2.13.3 - diff --git a/meta-openembedded/meta-networking/recipes-daemons/igmpproxy/igmpproxy_0.2.1.bb b/meta-openembedded/meta-networking/recipes-daemons/igmpproxy/igmpproxy_0.2.1.bb index c99ebe0e9..db96d487b 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/igmpproxy/igmpproxy_0.2.1.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/igmpproxy/igmpproxy_0.2.1.bb @@ -4,12 +4,8 @@ HOMEPAGE = "http://sourceforge.net/projects/igmpproxy/" LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=432040ff3a55670c1dec0c32b209ad69" -SRC_URI = "https://github.com/pali/igmpproxy/releases/download/${PV}/igmpproxy-${PV}.tar.gz \ - file://0001-src-igmpproxy.h-Include-sys-types.h-for-u_short-u_in.patch \ -" +SRC_URI = "https://github.com/pali/igmpproxy/releases/download/${PV}/${BP}.tar.gz" SRC_URI[md5sum] = "3a9c2cb42c1f5ee0cb769a4884545641" SRC_URI[sha256sum] = "d351e623037390f575c1203d9cbb7ba33a8bdef85a3c5e1d2901c5a2a38449a1" inherit autotools pkgconfig - -CFLAGS += "-D_GNU_SOURCE" diff --git a/meta-openembedded/meta-networking/recipes-daemons/lldpd/files/0001-priv-include-limits.h-for-PATH_MAX.patch b/meta-openembedded/meta-networking/recipes-daemons/lldpd/files/0001-priv-include-limits.h-for-PATH_MAX.patch new file mode 100644 index 000000000..9ea4a9ffb --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-daemons/lldpd/files/0001-priv-include-limits.h-for-PATH_MAX.patch @@ -0,0 +1,27 @@ +From c6a283bfcbfefe9c89113e81b0f792c12c4eefb8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=B6ren=20Tempel?= <soeren+git@soeren-tempel.net> +Date: Mon, 25 Mar 2019 18:43:03 +0100 +Subject: [PATCH] priv: include limits.h for PATH_MAX + +Upstream-Status: Backport + +Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> +--- + src/daemon/priv.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/daemon/priv.c b/src/daemon/priv.c +index f4d6bdf..ba5ae58 100644 +--- a/src/daemon/priv.c ++++ b/src/daemon/priv.c +@@ -27,6 +27,7 @@ + #include <unistd.h> + #include <signal.h> + #include <errno.h> ++#include <limits.h> + #include <sys/wait.h> + #include <sys/stat.h> + #include <sys/socket.h> +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-daemons/lldpd/files/src-daemon-lldpd.service.in-Use-fixed-path-for-mkdir.patch b/meta-openembedded/meta-networking/recipes-daemons/lldpd/files/src-daemon-lldpd.service.in-Use-fixed-path-for-mkdir.patch deleted file mode 100644 index 4876e1794..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/lldpd/files/src-daemon-lldpd.service.in-Use-fixed-path-for-mkdir.patch +++ /dev/null @@ -1,32 +0,0 @@ -From f9f3e4dd31588cce5f655730da7b5c3f56a9bdc1 Mon Sep 17 00:00:00 2001 -From: Fabio Berton <fabio.berton@ossystems.com.br> -Date: Tue, 26 Sep 2017 09:19:51 -0300 -Subject: [PATCH] src/daemon/lldpd.service.in: Use fixed path for mkdir command -Organization: O.S. Systems Software LTDA. - -@mkdir_p@ is expanded to host tools path ../build/tmp/hosttools/mkdir that -doesn't exist on target. Remove @mkdir_p@ and use /bin/mkdir -p to -create /var/run/lldpd directory. - -Upstream-Status: Inappropriate [configuration] - -Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br> ---- - src/daemon/lldpd.service.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/daemon/lldpd.service.in b/src/daemon/lldpd.service.in -index fdb7338..4291830 100644 ---- a/src/daemon/lldpd.service.in -+++ b/src/daemon/lldpd.service.in -@@ -9,7 +9,7 @@ Type=notify - NotifyAccess=main - EnvironmentFile=-/etc/default/lldpd - EnvironmentFile=-/etc/sysconfig/lldpd --ExecStartPre=@mkdir_p@ @PRIVSEP_CHROOT@ -+ExecStartPre=/bin/mkdir -p @PRIVSEP_CHROOT@ - ExecStart=@sbindir@/lldpd $DAEMON_ARGS $LLDPD_OPTIONS - Restart=on-failure - PrivateTmp=yes --- -2.14.2 diff --git a/meta-openembedded/meta-networking/recipes-daemons/lldpd/lldpd_0.9.8.bb b/meta-openembedded/meta-networking/recipes-daemons/lldpd/lldpd_1.0.3.bb index dbd84cf67..e650b5795 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/lldpd/lldpd_0.9.8.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/lldpd/lldpd_1.0.3.bb @@ -9,11 +9,11 @@ SRC_URI = "\ http://media.luffy.cx/files/${BPN}/${BPN}-${PV}.tar.gz \ file://lldpd.init.d \ file://lldpd.default \ - file://src-daemon-lldpd.service.in-Use-fixed-path-for-mkdir.patch \ + file://0001-priv-include-limits.h-for-PATH_MAX.patch \ " -SRC_URI[md5sum] = "8809600492f6b73149eb19158e819c1f" -SRC_URI[sha256sum] = "9ee494e91bc33938575b2c09b26188c486ef8eac6e2155d250c189cc4e988c4f" +SRC_URI[md5sum] = "04844328f053ee343344d892efb8a00c" +SRC_URI[sha256sum] = "39fced395168015416bfe78b95414facf066f841f349024433aa20ab54e4c360" inherit autotools update-rc.d useradd systemd pkgconfig bash-completion diff --git a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0001-Catch-std-ifstream-failure-by-reference.patch b/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0001-Catch-std-ifstream-failure-by-reference.patch deleted file mode 100644 index 30fdb8bf1..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0001-Catch-std-ifstream-failure-by-reference.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 38c5343f84799fc5041575f3ec808f7476b6eea3 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 16 Apr 2018 14:33:35 -0700 -Subject: [PATCH] Catch std::ifstream::failure by reference - -Fixes -error: catching polymorphic type 'class std::ios_base::failure' by value -[-Werror=catch-value=] - } catch (std::ofstream::failure) { - ^~~~~~~ - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- - src/base/conf.cc | 4 ++-- - src/dtm/dtmnd/dtm_main.cc | 2 +- - src/dtm/dtmnd/multicast.cc | 2 +- - 3 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/base/conf.cc b/src/base/conf.cc -index d5755a1..4820357 100644 ---- a/src/base/conf.cc -+++ b/src/base/conf.cc -@@ -189,7 +189,7 @@ std::string Conf::ReadFile(const std::string& path_name, - try { - str.open(path_name); - str >> contents; -- } catch (std::ifstream::failure) { -+ } catch (std::ifstream::failure& e) { - contents.clear(); - } - return (str.fail() || contents.empty()) ? default_contents : contents; -@@ -203,7 +203,7 @@ void Conf::WriteFileAtomically(const std::string& path_name, - try { - str.open(tmp_file, std::ofstream::out | std::ofstream::trunc); - str << contents << std::endl; -- } catch (std::ofstream::failure) { -+ } catch (std::ofstream::failure& e) { - success = false; - } - str.close(); -diff --git a/src/dtm/dtmnd/dtm_main.cc b/src/dtm/dtmnd/dtm_main.cc -index 585e11e..5cf6ad7 100644 ---- a/src/dtm/dtmnd/dtm_main.cc -+++ b/src/dtm/dtmnd/dtm_main.cc -@@ -367,7 +367,7 @@ void UpdateNodeIdFile(DTM_INTERNODE_CB *cb) { - try { - str.open(PKGLOCALSTATEDIR "/node_id", std::ofstream::out); - str << std::hex << node_id << std::endl; -- } catch (std::ofstream::failure) { -+ } catch (std::ofstream::failure& e) { - } - str.close(); - } -diff --git a/src/dtm/dtmnd/multicast.cc b/src/dtm/dtmnd/multicast.cc -index cadc002..7c25fea 100644 ---- a/src/dtm/dtmnd/multicast.cc -+++ b/src/dtm/dtmnd/multicast.cc -@@ -199,7 +199,7 @@ bool Multicast::GetPeersFromFile(const std::string &path_name) { - } - } - } -- } catch (std::ifstream::failure) { -+ } catch (std::ifstream::failure& e) { - LOG_ER("Caught std::ifstream::failure when reading file '%s', peers=%zu", - path_name.c_str(), static_cast<size_t>(peers_.size())); - peers_.clear(); diff --git a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0001-Fix-string-overflow-in-snprintf.patch b/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0001-Fix-string-overflow-in-snprintf.patch deleted file mode 100644 index 93c75777f..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0001-Fix-string-overflow-in-snprintf.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 88661a60629894353512c53ed32f2b901f64149c Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 16 Apr 2018 18:29:17 -0700 -Subject: [PATCH] Fix string overflow in snprintf - -Fixes errors like -error: '%s' dir -ective output may be truncated writing up to 255 bytes into a region of size 32 [-Werror=forma -t-truncation=] - snprintf(reinterpret_cast<char *>(Healthy.key), sizeof(Healthy.key), "%s", - ^~~~ - hlth_str); - ~~~~~~~~ - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- - src/log/logd/lgs_util.cc | 4 ++-- - src/rde/rded/rde_amf.cc | 2 +- - src/smf/smfd/SmfUpgradeCampaign.cc | 4 ++-- - 3 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/src/log/logd/lgs_util.cc b/src/log/logd/lgs_util.cc -index ac93d5a..cce80f3 100644 ---- a/src/log/logd/lgs_util.cc -+++ b/src/log/logd/lgs_util.cc -@@ -200,12 +200,12 @@ char *lgs_get_time(time_t *time_in) { - - stringSize = 5 * sizeof(char); - snprintf(srcString, (size_t)stringSize, "%d", -- (timeStampData->tm_year + START_YEAR)); -+ (timeStampData->tm_year + START_YEAR) & 0x4dU); - - strncpy(timeStampString, srcString, stringSize); - - stringSize = 3 * sizeof(char); -- snprintf(srcString, (size_t)stringSize, "%02d", (timeStampData->tm_mon + 1)); -+ snprintf(srcString, (size_t)stringSize, "%02d", (timeStampData->tm_mon + 1) & 0x2dU); - - strncat(timeStampString, srcString, stringSize); - -diff --git a/src/rde/rded/rde_amf.cc b/src/rde/rded/rde_amf.cc -index 81e521e..d53cc48 100644 ---- a/src/rde/rded/rde_amf.cc -+++ b/src/rde/rded/rde_amf.cc -@@ -102,7 +102,7 @@ static uint32_t rde_amf_healthcheck_start(RDE_AMF_CB *rde_amf_cb) { - SaAmfHealthcheckKeyT Healthy; - SaNameT SaCompName; - char *phlth_ptr; -- char hlth_str[256]; -+ char hlth_str[32]; - - TRACE_ENTER(); - -diff --git a/src/smf/smfd/SmfUpgradeCampaign.cc b/src/smf/smfd/SmfUpgradeCampaign.cc -index c30ea14..098f17a 100644 ---- a/src/smf/smfd/SmfUpgradeCampaign.cc -+++ b/src/smf/smfd/SmfUpgradeCampaign.cc -@@ -447,7 +447,7 @@ SaAisErrorT SmfUpgradeCampaign::tooManyRestarts(bool *o_result) { - TRACE_ENTER(); - SaAisErrorT rc = SA_AIS_OK; - SaImmAttrValuesT_2 **attributes; -- int curCnt = 0; -+ short int curCnt = 0; - - /* Read the SmfCampRestartInfo object smfCampRestartCnt attr */ - std::string obj = "smfRestartInfo=info," + -@@ -473,7 +473,7 @@ SaAisErrorT SmfUpgradeCampaign::tooManyRestarts(bool *o_result) { - attrsmfCampRestartCnt.SetAttributeName("smfCampRestartCnt"); - attrsmfCampRestartCnt.SetAttributeType("SA_IMM_ATTR_SAUINT32T"); - char buf[5]; -- snprintf(buf, 4, "%d", curCnt); -+ snprintf(buf, 4, "%hd", curCnt); - attrsmfCampRestartCnt.AddAttributeValue(buf); - imoCampRestartInfo.AddValue(attrsmfCampRestartCnt); - diff --git a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0002-Fix-format-truncation-errors.patch b/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0002-Fix-format-truncation-errors.patch deleted file mode 100644 index f98e28da9..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0002-Fix-format-truncation-errors.patch +++ /dev/null @@ -1,100 +0,0 @@ -From c5034fe42df8923bcefc10e163151997d70b6241 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 16 Apr 2018 14:56:47 -0700 -Subject: [PATCH] Fix format-truncation errors - -Fixes errors with gcc8 eg. -error: '%u' directive output may be truncated writing between 1 and 10 bytes into a region of size between 0 and 254 [-Werror=format-truncation=] - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- - src/base/daemon.c | 4 ++-- - src/mds/mds_c_db.c | 8 ++++---- - src/mds/mds_core.h | 4 ++-- - src/mds/mds_dt2c.h | 2 +- - 4 files changed, 9 insertions(+), 9 deletions(-) - -diff --git a/src/base/daemon.c b/src/base/daemon.c -index 361dd8d..4001b73 100644 ---- a/src/base/daemon.c -+++ b/src/base/daemon.c -@@ -95,11 +95,11 @@ static int __create_pidfile(const char *pidfile) - { - FILE *file = NULL; - int fd, rc = 0; -- char pidfiletmp[NAME_MAX] = {0}; -+ char pidfiletmp[NAME_MAX+12] = {0}; - pid_t pid; - - pid = getpid(); -- snprintf(pidfiletmp, NAME_MAX, "%s.%u.tmp", pidfile, pid); -+ snprintf(pidfiletmp, NAME_MAX+12, "%s.%u.tmp", pidfile, pid); - - /* open the file and associate a stream with it */ - if (((fd = open(pidfiletmp, O_RDWR | O_CREAT, 0644)) == -1) || -diff --git a/src/mds/mds_c_db.c b/src/mds/mds_c_db.c -index e6b95cd..3d4a222 100644 ---- a/src/mds/mds_c_db.c -+++ b/src/mds/mds_c_db.c -@@ -124,10 +124,10 @@ void get_adest_details(MDS_DEST adest, char *adest_details) - } - - if (remote == true) -- snprintf(adest_details, MDS_MAX_PROCESS_NAME_LEN, -+ snprintf(adest_details, MDS_MAX_PROCESS_NAME_LEN+24, - "<rem_nodeid[0x%" PRIx32 "]:%s>", ncs_node_id, process_name); - else -- snprintf(adest_details, MDS_MAX_PROCESS_NAME_LEN, -+ snprintf(adest_details, MDS_MAX_PROCESS_NAME_LEN+24, - "<nodeid[0x%" PRIx32 "]:%s>", ncs_node_id, process_name); - - m_MDS_LOG_DBG("MDS:DB: adest_details: %s ", adest_details); -@@ -207,10 +207,10 @@ void get_subtn_adest_details(MDS_PWE_HDL pwe_hdl, MDS_SVC_ID svc_id, - } - - if (remote == true) -- snprintf(adest_details, MDS_MAX_PROCESS_NAME_LEN, -+ snprintf(adest_details, MDS_MAX_PROCESS_NAME_LEN+24, - "<rem_node[0x%" PRIx32 "]:%s>", ncs_node_id, process_name); - else -- snprintf(adest_details, MDS_MAX_PROCESS_NAME_LEN, -+ snprintf(adest_details, MDS_MAX_PROCESS_NAME_LEN+24, - "<node[0x%" PRIx32 "]:%s>", ncs_node_id, process_name); - done: - m_MDS_LOG_DBG("MDS:DB: adest_details: %s ", adest_details); -diff --git a/src/mds/mds_core.h b/src/mds/mds_core.h -index 37696d4..7f5225d 100644 ---- a/src/mds/mds_core.h -+++ b/src/mds/mds_core.h -@@ -163,7 +163,7 @@ typedef struct mds_subscription_results_info { - uint32_t msg_snd_cnt; /* Message send count to this destination */ - uint32_t msg_rcv_cnt; /* Message rcv count from this destination */ - char sub_adest_details -- [MDS_MAX_PROCESS_NAME_LEN]; /* <node[slotno]:processname[pid]> */ -+ [MDS_MAX_PROCESS_NAME_LEN+24]; /* <node[slotno]:processname[pid]> */ - - } MDS_SUBSCRIPTION_RESULTS_INFO; - -@@ -194,7 +194,7 @@ typedef struct mds_subscription_info { - count is grater than ZERO bcast (multi-unicast) */ - uint32_t prev_ver_sub_count; - char sub_adest_details -- [MDS_MAX_PROCESS_NAME_LEN]; /* <node[slotno]:processname[pid]> */ -+ [MDS_MAX_PROCESS_NAME_LEN+24]; /* <node[slotno]:processname[pid]> */ - - } MDS_SUBSCRIPTION_INFO; - -diff --git a/src/mds/mds_dt2c.h b/src/mds/mds_dt2c.h -index 012999c..006b722 100644 ---- a/src/mds/mds_dt2c.h -+++ b/src/mds/mds_dt2c.h -@@ -143,7 +143,7 @@ typedef struct mdtm_send_req { - */ - MDS_DEST adest; /* MDTM to do local/remote routing, destination adest */ - char sub_adest_details -- [MDS_MAX_PROCESS_NAME_LEN]; /* <node[nodeid]:processname[pid]> */ -+ [MDS_MAX_PROCESS_NAME_LEN+24]; /* <node[nodeid]:processname[pid]> */ - MDS_SEND_PRIORITY_TYPE pri; - MDS_CLIENT_MSG_FORMAT_VER - msg_fmt_ver; /* message format version specification */ diff --git a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0008-check-for-size-before-using-strncpy.patch b/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0008-check-for-size-before-using-strncpy.patch deleted file mode 100644 index 497bb07d8..000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf/0008-check-for-size-before-using-strncpy.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 29510dd81e3a5e96151afdb0702863cbfd640766 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Fri, 22 Jun 2018 18:58:59 -0700 -Subject: [PATCH] check for size before using strncpy - -ensures that size is never execeding the string length -that execPath can hold - -Fixes -error: '__builtin___strncpy_chk' specified size between 18446744071562067968 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=] - -Upstream-Status: Pending - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/imm/immnd/immnd_proc.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/imm/immnd/immnd_proc.c b/src/imm/immnd/immnd_proc.c -index 015932a..c8f115e 100644 ---- a/src/imm/immnd/immnd_proc.c -+++ b/src/imm/immnd/immnd_proc.c -@@ -1902,6 +1902,10 @@ static int immnd_forkPbe(IMMND_CB *cb) - LOG_ER("Pathname too long: %u max is 1023", newLen); - return -1; - } -+ if (execDirLen > 1023 || execDirLen < 0) { -+ LOG_ER("Execdir name too long: %u max is 1023", execDirLen); -+ return -1; -+ } - - strncpy(execPath, cb->mProgName, execDirLen); - execPath[execDirLen] = 0; diff --git a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf_5.19.01.bb b/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf_5.19.03.bb index 3e4d33e00..0cccebdfc 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf_5.19.01.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/opensaf/opensaf_5.19.03.bb @@ -24,13 +24,9 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/releases/${BPN}-${PV}.tar.gz \ file://0001-configure-Disable-format-overflow-if-supported-by-gc.patch \ file://0001-src-Add-missing-header-limits.h-for-_POSIX_HOST_NAME.patch \ file://0001-immpbe_dump.cc-Use-sys-wait.h-instead-of-wait.h.patch \ - file://0001-Catch-std-ifstream-failure-by-reference.patch \ - file://0002-Fix-format-truncation-errors.patch \ - file://0001-Fix-string-overflow-in-snprintf.patch \ - file://0008-check-for-size-before-using-strncpy.patch \ " -SRC_URI[md5sum] = "d9f44f778e23cf739085f74c5ff793b1" -SRC_URI[sha256sum] = "5713fbe21c557c9a992af6805bc44521f2cf6cf950ae873036d9a81c73364b60" +SRC_URI[md5sum] = "4dd1497ccd82d275735853bf0db5c510" +SRC_URI[sha256sum] = "de42c8dd850990716ca494ca598165cc7a23b5b7f2bc21af5d71a3d971ddd595" inherit autotools useradd systemd pkgconfig diff --git a/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl/run-ptest b/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl/run-ptest deleted file mode 100644 index f1c833e6c..000000000 --- a/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl/run-ptest +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/sh -# - -# prepare testing config -CONF_USERS=`readlink -f /etc/raddb/users` -mv ${CONF_USERS} ${CONF_USERS}_orig -echo "testing Cleartext-Password := \"testpassword\"" > ${CONF_USERS} -cat ${CONF_USERS}_orig >> ${CONF_USERS} - -# restart radiusd server -systemctl restart radiusd || /etc/init.d/radiusd restart || { - echo "FAIL: Start radiusd service." - exit 1 -} - -# run teests -perl test.pl - -# restore the config and restart -mv ${CONF_USERS}_orig ${CONF_USERS} -systemctl restart radiusd || /etc/init.d/radiusd restart diff --git a/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl/test.pl-adjust-for-ptest.patch b/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl/test.pl-adjust-for-ptest.patch deleted file mode 100644 index 9798af497..000000000 --- a/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl/test.pl-adjust-for-ptest.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 829302792bf0e4935d29efc23ca1f2e9e7ee7dfd Mon Sep 17 00:00:00 2001 -From: Jackie Huang <jackie.huang@windriver.com> -Date: Thu, 7 Jan 2016 03:12:38 -0500 -Subject: [PATCH] test.pl: adjust for ptest - -* Don't use interactive inputs, set default test - settings instead. -* Change the test results output to the ptest format - -Upstream-Status: Inappropriate [OE ptest specific] - -Signed-off-by: Jackie Huang <jackie.huang@windriver.com> ---- - test.pl | 31 ++++++++++++++++++------------- - 1 file changed, 18 insertions(+), 13 deletions(-) - -diff --git a/test.pl b/test.pl -index cfd1c1e..9b4f10e 100644 ---- a/test.pl -+++ b/test.pl -@@ -7,11 +7,11 @@ - # Change 1..1 below to 1..last_test_to_print . - # (It may become useful if the test is moved to ./t subdirectory.) - --BEGIN {print "1..5\n";} --END {print "not ok 1\n" unless $loaded;} -+BEGIN {print "Start testing for libauthen-radius-perl\n";} -+END {print "\nFAIL: test1\n" unless $loaded;} - use Authen::Radius; - $loaded = 1; --print "ok 1\n"; -+print "\nPASS: test1\n"; - - ######################### End of black magic. - -@@ -19,26 +19,31 @@ print "ok 1\n"; - # (correspondingly "not ok 13") depending on the success of chunk 13 - # of the test code): - -+$host = "127.0.0.1"; -+$secret = "testing123"; -+$user = "testing"; -+$pwd = "testpassword"; -+ - print "Make sure this machine is in your Radius clients file!\n"; --print "Enter hostname[:port] of your Radius server: "; chomp ($host = <STDIN>); --print "Enter shared-secret of your Radius server: "; chomp ($secret = <STDIN>); --print "Enter a username to be validated: "; chomp ($user = <STDIN>); --print "Enter this user's password: "; chomp ($pwd = <STDIN>); -+print "hostname of your Radius server: $host\n"; -+print "shared-secret of your Radius server: $secret\n"; -+print "The username to be validated: $user\n"; -+print "The user's password: $pwd\n"; - - $t = 2; - if ($host ne '') { - $r = new Authen::Radius(Host => $host, Secret => $secret, Debug => 1); -- print defined($r) ? "" : "not ", "ok $t\n"; $t++; -+ print defined($r) ? "\nPASS: test$t\n" : "\nFAIL: test$t\n"; $t++; - #Authen::Radius->load_dictionary; -- print $r->check_pwd($user, $pwd) ? "" : "not ", "ok $t\n"; $t++; -+ print $r->check_pwd($user, $pwd) ? "\nPASS: test$t\n" : "\nFAIL: test$t\n"; $t++; - @a = $r->get_attributes; -- print $#a != -1 ? "" : "not ", "ok $t\n"; $t++; -+ print $#a != -1 ? "\nPASS: test$t\n" : "\nFAIL: test$t\n"; $t++; - #for $a (@a) { - # print "attr: name=$a->{'Name'} value=$a->{'Value'}\n"; - #} - } else { - foreach my $t (2..4) { -- print "skipped $t\n"; -+ print "\nSKIP test$t\n"; - } - } - -@@ -53,9 +58,9 @@ my $data = "what do ya want for nothing?"; - my $etalon_digest = hex_to_ascii("750c783e6ab0b503eaa86e310a5db738"); - my $digest = Authen::Radius::hmac_md5(undef, $data, $key); - if ($etalon_digest eq $digest) { -- print "ok 5\n"; -+ print "\nPASS: test5\n"; - } else { -- print "not ok 5\n"; -+ print "\nFAIL: test5\n"; - } - - exit; --- -1.9.1 - diff --git a/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl_0.22.bb b/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl_0.22.bb deleted file mode 100644 index ea5bb1b0c..000000000 --- a/meta-openembedded/meta-networking/recipes-devtools/perl/libauthen/libauthen-radius-perl_0.22.bb +++ /dev/null @@ -1,39 +0,0 @@ -SUMMARY = "Authen::Radius - provide simple Radius client facilities" -DESCRIPTION = "The Authen::Radius module provides a simple class that \ - allows you to send/receive Radius requests/responses to/from a \ - Radius server. \ -" - -HOMEPAGE = "http://search.cpan.org/~manowar/RadiusPerl" -SECTION = "libs" - -LICENSE = "Artistic-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=78ab6ea0cba1f1ec1680ebb149e3bc11" - -DEPENDS = "perl" - -SRC_URI = "http://search.cpan.org/CPAN/authors/id/M/MA/MANOWAR/RadiusPerl-${PV}.tar.gz \ - file://test.pl-adjust-for-ptest.patch \ - file://run-ptest \ -" -SRC_URI[md5sum] = "d1fe2d6ecf7ea99299e4e3a8f945aad8" -SRC_URI[sha256sum] = "3b276506986ccaa4949d92b13ce053a0017ad11562a991cc753364923fe81ca7" - -S = "${WORKDIR}/Authen-Radius-${PV}" - -inherit cpan ptest - -do_install_ptest() { - install -m 0755 ${S}/test.pl ${D}${PTEST_PATH} -} - -RDEPENDS_${PN} += "\ - libdata-hexdump-perl \ - perl-module-digest-md5 \ - perl-module-data-dumper \ - perl-module-io-select \ - perl-module-io-socket \ -" -RDEPENDS_${PN}-ptest += "${PN} freeradius" - -BBCLASSEXTEND = "native" diff --git a/meta-openembedded/meta-networking/recipes-devtools/python/python-ldap_2.4.45.bb b/meta-openembedded/meta-networking/recipes-devtools/python/python-ldap_3.2.0.bb index dde8a52dc..af8961e32 100644 --- a/meta-openembedded/meta-networking/recipes-devtools/python/python-ldap_2.4.45.bb +++ b/meta-openembedded/meta-networking/recipes-devtools/python/python-ldap_3.2.0.bb @@ -15,8 +15,8 @@ PYPI_PACKAGE = "python-ldap" inherit pypi setuptools LIC_FILES_CHKSUM = "file://LICENCE;md5=36ce9d726d0321b73c1521704d07db1b" -SRC_URI[md5sum] = "6108e189a44eea8bc7d1cc281c222978" -SRC_URI[sha256sum] = "824fde180a53772e23edc031c4dd64ac1af4a3eade78f00d9d510937d562f64e" +SRC_URI[md5sum] = "fe22522208dc9b06d16eb70f8553eaab" +SRC_URI[sha256sum] = "7d1c4b15375a533564aad3d3deade789221e450052b21ebb9720fb822eccdb8e" do_configure_prepend() { sed -i -e 's:^library_dirs =.*::' setup.cfg @@ -26,4 +26,6 @@ do_configure_prepend() { RDEPENDS_${PN} = " \ ${PYTHON_PN}-pprint \ ${PYTHON_PN}-threading \ + ${PYTHON_PN}-pyasn1 \ + ${PYTHON_PN}-pyasn1-modules \ " diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb b/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb index db4b1c98c..4b035af36 100644 --- a/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb @@ -63,3 +63,4 @@ FILES_${PN} += "${sbindir}/in.* ${libdir}/* ${sysconfdir}/xinetd.d/*" # http://errors.yoctoproject.org/Errors/Details/186954/ EXCLUDE_FROM_WORLD_libc-musl = "1" +RCONFLICTS_${PN} = "inetutils-telnetd" diff --git a/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns_765.50.9.bb b/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns_878.200.35.bb index 9a7152fcf..1bd17031a 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns_765.50.9.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns_878.200.35.bb @@ -6,14 +6,13 @@ LIC_FILES_CHKSUM = "file://../LICENSE;md5=31c50371921e0fb731003bbc665f29bf" RPROVIDES_${PN} += "libdns_sd.so" -SRC_URI = "http://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-${PV}.tar.gz \ +SRC_URI = "https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-${PV}.tar.gz \ file://build.patch;patchdir=.. \ file://mdns.service \ file://0001-nss_mdns-Do-not-include-nss.h-when-libc-glibc.patch;patchdir=.. \ " - -SRC_URI[md5sum] = "4a6bc1628851002634ea3833a4dca317" -SRC_URI[sha256sum] = "de61dd0034357aa50c60806726fb1f70fa8e953ff9cb62eccfb73efad10dba0a" +SRC_URI[md5sum] = "e773f290a7d29f1072247985d6add2ff" +SRC_URI[sha256sum] = "e777b4d7dbf5eb1552cb80090ad1ede319067ab6e45e3990d68aabf6e8b3f5a0" PARALLEL_MAKE = "" diff --git a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb index 673142b4a..f0acaa801 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb @@ -214,7 +214,11 @@ FILES_${PN}-lib-trapd = "${libdir}/libnetsnmptrapd${SOLIBS}" FILES_${PN} = "" FILES_${PN}-client = "${bindir}/* ${datadir}/snmp/" FILES_${PN}-dbg += "${libdir}/.debug/ ${sbindir}/.debug/ ${bindir}/.debug/" -FILES_${PN}-dev += "${bindir}/mib2c ${bindir}/mib2c-update" +FILES_${PN}-dev += "${bindir}/mib2c \ + ${bindir}/mib2c-update \ + ${bindir}/net-snmp-config \ + ${bindir}/net-snmp-create-v3-user \ +" CONFFILES_${PN}-server-snmpd = "${sysconfdir}/snmp/snmpd.conf" CONFFILES_${PN}-server-snmptrapd = "${sysconfdir}/snmp/snmptrapd.conf" diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-src-restrictions.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-src-restrictions.patch deleted file mode 100644 index 03697ff1f..000000000 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-src-restrictions.patch +++ /dev/null @@ -1,31 +0,0 @@ -From a6a85ec5c85cbd3c86743b6e2fa391198869bff8 Mon Sep 17 00:00:00 2001 -From: Tom Rini <tom_rini@mentor.com> -Date: Wed, 27 Jul 2011 03:46:52 +0000 -Subject: [PATCH] rp-pppoe: Port from oe.dev - -Relax restrictions on the PPPoE src address, as per debian bug -293811: - - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=293811 - -Upstream-Status: Inappropriate [Backport from Debian] - ---- - src/discovery.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/discovery.c b/src/discovery.c -index 7ee259d..5213a37 100644 ---- a/src/discovery.c -+++ b/src/discovery.c -@@ -472,8 +472,8 @@ waitForPADO(PPPoEConnection *conn, int timeout) - if (!packetIsForMe(conn, &packet)) continue; - - if (packet.code == CODE_PADO) { -- if (NOT_UNICAST(packet.ethHdr.h_source)) { -- printErr("Ignoring PADO packet from non-unicast MAC address"); -+ if (BROADCAST(packet.ethHdr.h_source)) { -+ printErr("Ignoring broadcast PADO packet"); - continue; - } - #ifdef PLUGIN diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/0001-ppoe-Dont-include-linux-if_ether.h.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/0001-ppoe-Dont-include-linux-if_ether.h.patch index 7601f0d32..7601f0d32 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/0001-ppoe-Dont-include-linux-if_ether.h.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/0001-ppoe-Dont-include-linux-if_ether.h.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/0002-Enable-support-for-the-kernel-module.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/0002-Enable-support-for-the-kernel-module.patch index 2103b3888..2103b3888 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/0002-Enable-support-for-the-kernel-module.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/0002-Enable-support-for-the-kernel-module.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/configure.in-Error-fix.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/configure.in-Error-fix.patch index bbd516fde..bbd516fde 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/configure.in-Error-fix.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/configure.in-Error-fix.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/configure.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/configure.patch index be892803e..be892803e 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/configure.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/configure.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/configure_in_cross.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/configure_in_cross.patch index 3b945934f..3b945934f 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/configure_in_cross.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/configure_in_cross.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/discard-use-of-dnl-in-Makefile.am.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/discard-use-of-dnl-in-Makefile.am.patch index 9801f6e27..9801f6e27 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/discard-use-of-dnl-in-Makefile.am.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/discard-use-of-dnl-in-Makefile.am.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/dont-swallow-errors.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/dont-swallow-errors.patch index 8a857888b..8a857888b 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/dont-swallow-errors.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/dont-swallow-errors.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-server.default b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/pppoe-server.default index 996d57f3c..996d57f3c 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-server.default +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/pppoe-server.default diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-server.init b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/pppoe-server.init index 21afe0be3..21afe0be3 100755 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-server.init +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/pppoe-server.init diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-server.service b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/pppoe-server.service index 41e0b9e85..41e0b9e85 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/pppoe-server.service +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/pppoe-server.service diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/top-autoconf.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/top-autoconf.patch index f64da4fa2..f64da4fa2 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/top-autoconf.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/top-autoconf.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/update-config.patch b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/update-config.patch index c759e09aa..c759e09aa 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe-3.12/update-config.patch +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/update-config.patch diff --git a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe_3.12.bb b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe_3.13.bb index fbe015f5e..492ade5ae 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe_3.12.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe_3.13.bb @@ -6,10 +6,9 @@ LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=a194eaefae2be54ee3221339b10d0581" PR = "r10" -SRC_URI = "http://www.roaringpenguin.com/files/download/${BP}.tar.gz \ +SRC_URI = "https://dianne.skoll.ca/projects/rp-pppoe/download/rp-pppoe-${PV}.tar.gz \ file://top-autoconf.patch \ file://configure_in_cross.patch \ - file://pppoe-src-restrictions.patch \ file://update-config.patch \ file://dont-swallow-errors.patch \ file://discard-use-of-dnl-in-Makefile.am.patch \ @@ -22,8 +21,8 @@ SRC_URI = "http://www.roaringpenguin.com/files/download/${BP}.tar.gz \ file://0002-Enable-support-for-the-kernel-module.patch \ " -SRC_URI[md5sum] = "216eb52b69062b92a64ee37fd71f4b66" -SRC_URI[sha256sum] = "00794e04031546b0e9b8cf286f2a6d1ccfc4a621b2a3abb2d7ef2a7ab7cc86c2" +SRC_URI[md5sum] = "ec9dccd9a367a1f71f2dc81069796dd8" +SRC_URI[sha256sum] = "8cd6bc71ba46bd5f6eb4daf60220ccdcd991a8525111dee466501b1b9717e676" inherit autotools-brokensep update-rc.d systemd diff --git a/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc/0001-Makefile-pass-extra-linker-flags.patch b/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc/0001-Makefile-pass-extra-linker-flags.patch index 38d306475..e95b6f993 100644 --- a/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc/0001-Makefile-pass-extra-linker-flags.patch +++ b/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc/0001-Makefile-pass-extra-linker-flags.patch @@ -1,4 +1,4 @@ -From fd80c0599083013a1b583feba5d7473f52b35938 Mon Sep 17 00:00:00 2001 +From 7fd0e0b88df692dfc67335f235a1bb74854a0498 Mon Sep 17 00:00:00 2001 From: Mariia Movchan <mmovchan@cisco.com> Date: Tue, 6 Mar 2018 16:03:39 +0200 Subject: [PATCH] Makefile: pass extra linker flags @@ -9,16 +9,17 @@ ERROR: QA Issue: No GNU_HASH in the elf binary Upstream-Status: Pending Signed-off-by: Mariia Movchan <mmovchan@cisco.com> + --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile -index 8beff8f..047f02a 100644 +index 54569c1..798988f 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,7 @@ LIBS?= - VERSION=0.2.2 + VERSION=0.2.3 CC?=gcc CFLAGS?=-O2 -g -Wall -LDFLAGS=$(LIBS) @@ -26,6 +27,3 @@ index 8beff8f..047f02a 100644 ifeq ($(USE_GEOIP),yes) ifeq ($(USE_DYN_GEOIP),yes) --- -2.15.1 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc_0.2.2.bb b/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb index b45642404..ad0ec2700 100644 --- a/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc_0.2.2.bb +++ b/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb @@ -7,7 +7,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" S = "${WORKDIR}/git" -SRCREV = "8348808a7869ca8f25a5b5deeaa418c2f6d52758" +SRCREV = "c3ee70c878b9c5833a77a1f339f1ca4dc6f225c5" SRC_URI = "\ git://github.com/nmav/ipcalc.git;protocol=https; \ file://0001-Makefile-pass-extra-linker-flags.patch \ diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch deleted file mode 100644 index 11a910393..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 282d492e4cab7b4d9c7321f4c0c55b615948e280 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Fri, 11 May 2018 14:09:17 -0700 -Subject: [PATCH] Disable gcc8 specific warnings - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/libipsec/ipsec_dump_policy.c | 5 +++++ - src/libipsec/pfkey_dump.c | 5 +++++ - src/racoon/isakmp.c | 11 ++++++++++- - 3 files changed, 20 insertions(+), 1 deletion(-) - -diff --git a/src/libipsec/ipsec_dump_policy.c b/src/libipsec/ipsec_dump_policy.c -index 4d0eb77..c3fc842 100644 ---- a/src/libipsec/ipsec_dump_policy.c -+++ b/src/libipsec/ipsec_dump_policy.c -@@ -275,6 +275,10 @@ ipsec_dump_policy1(policy, delimiter, withports) - return buf; - } - -+#pragma GCC diagnostic push -+#if defined(__GNUC__) && (__GNUC__ >= 8) -+#pragma GCC diagnostic ignored "-Wformat-truncation" -+#endif - static char * - ipsec_dump_ipsecrequest(buf, len, xisr, bound, withports) - char *buf; -@@ -419,3 +423,4 @@ set_address(buf, len, sa, withports) - - return buf; - } -+#pragma GCC diagnostic pop -diff --git a/src/libipsec/pfkey_dump.c b/src/libipsec/pfkey_dump.c -index 4627ebc..451e535 100644 ---- a/src/libipsec/pfkey_dump.c -+++ b/src/libipsec/pfkey_dump.c -@@ -691,6 +691,10 @@ str_ipport(sa) - /* - * set "/prefix[port number]" to buffer. - */ -+#pragma GCC diagnostic push -+#if defined(__GNUC__) && (__GNUC__ >= 8) -+#pragma GCC diagnostic ignored "-Wformat-truncation" -+#endif - static char * - str_prefport(family, pref, port, ulp) - u_int family, pref, port, ulp; -@@ -735,6 +739,7 @@ str_prefport(family, pref, port, ulp) - - return buf; - } -+#pragma GCC diagnostic pop - - static void - str_upperspec(ulp, p1, p2) -diff --git a/src/racoon/isakmp.c b/src/racoon/isakmp.c -index 7ff53a3..4addf24 100644 ---- a/src/racoon/isakmp.c -+++ b/src/racoon/isakmp.c -@@ -3124,7 +3124,12 @@ script_hook(iph1, script) - #endif - - /* local address */ -+#pragma GCC diagnostic push -+#if defined(__GNUC__) && (__GNUC__ >= 8) -+#pragma GCC diagnostic ignored "-Wstringop-truncation" -+#endif - GETNAMEINFO(iph1->local, addrstr, portstr); -+#pragma GCC diagnostic pop - - if (script_env_append(&envp, &envc, "LOCAL_ADDR", addrstr) != 0) { - plog(LLV_ERROR, LOCATION, NULL, "Cannot set LOCAL_ADDR\n"); -@@ -3138,8 +3143,12 @@ script_hook(iph1, script) - - /* Peer address */ - if (iph1->remote != NULL) { -+#pragma GCC diagnostic push -+#if defined(__GNUC__) && (__GNUC__ >= 8) -+#pragma GCC diagnostic ignored "-Wstringop-truncation" -+#endif - GETNAMEINFO(iph1->remote, addrstr, portstr); -- -+#pragma GCC diagnostic pop - if (script_env_append(&envp, &envc, - "REMOTE_ADDR", addrstr) != 0) { - plog(LLV_ERROR, LOCATION, NULL, diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Fix-build-with-clang.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Fix-build-with-clang.patch deleted file mode 100644 index 5c0914745..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Fix-build-with-clang.patch +++ /dev/null @@ -1,115 +0,0 @@ -From 9135ca401186fb14e5e5110bbb04d1ccc480360a Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Tue, 15 Nov 2016 04:15:44 +0000 -Subject: [PATCH] Fix build with clang - -Fixes for following errors found by clang - -src/racoon/eaytest.c:316:6: error: comparison of array 'dnstr_w1' not equal to a null pointer is always true - [-Werror,-Wtautological-pointer-compare] - if (dnstr_w1 != NULL) { - ^~~~~~~~ ~~~~ -src/racoon/eaytest.c:326:6: error: comparison of array 'dnstr_w1' not equal to a null pointer is always true - [-Werror,-Wtautological-pointer-compare] - if (dnstr_w1 != NULL) { - ^~~~~~~~ ~~~~ - -src/racoon/isakmp.c:1134:11: error: promoted type 'int' of K&R function parameter is not compatible with the - parameter type 'u_int8_t' (aka 'unsigned char') declared in a previous prototype [-Werror,-Wknr-promoted-parameter] - u_int8_t etype; - ^ -src/racoon/isakmp.c:184:48: note: previous declaration is here - struct sockaddr *, struct sockaddr *, u_int8_t)); - ^ - 1 error generated. - -src/racoon/racoonctl.c:1457:15: error: incompatible pointer types passing 'struct evt_async *' to parameter of type - 'caddr_t' (aka 'char *') [-Werror,-Wincompatible-pointer-types] - print_cfg(ec, len); - ^~ - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/racoon/eaytest.c | 4 ++-- - src/racoon/isakmp.c | 10 +++++----- - src/racoon/racoonctl.c | 7 +++---- - 3 files changed, 10 insertions(+), 11 deletions(-) - -diff --git a/src/racoon/eaytest.c b/src/racoon/eaytest.c -index 1474bdc..d609e4f 100644 ---- a/src/racoon/eaytest.c -+++ b/src/racoon/eaytest.c -@@ -313,7 +313,7 @@ certtest(ac, av) - - printf("exact match: succeed.\n"); - -- if (dnstr_w1 != NULL) { -+ if (dnstr_w1[0] != '\0') { - asn1dn = eay_str2asn1dn(dnstr_w1, strlen(dnstr_w1)); - if (asn1dn == NULL || asn1dn->l == asn1dn0.l) - errx(1, "asn1dn length wrong for wildcard 1\n"); -@@ -323,7 +323,7 @@ certtest(ac, av) - printf("wildcard 1 match: succeed.\n"); - } - -- if (dnstr_w1 != NULL) { -+ if (dnstr_w1[0] != '\0') { - asn1dn = eay_str2asn1dn(dnstr_w2, strlen(dnstr_w2)); - if (asn1dn == NULL || asn1dn->l == asn1dn0.l) - errx(1, "asn1dn length wrong for wildcard 2\n"); -diff --git a/src/racoon/isakmp.c b/src/racoon/isakmp.c -index 2672f7a..da7ebe8 100644 ---- a/src/racoon/isakmp.c -+++ b/src/racoon/isakmp.c -@@ -567,7 +567,7 @@ isakmp_main(msg, remote, local) - - /* it must be responder's 1st exchange. */ - if (isakmp_ph1begin_r(msg, remote, local, -- isakmp->etype) < 0) -+ (u_int8_t)isakmp->etype) < 0) - return -1; - break; - -@@ -1128,10 +1128,10 @@ isakmp_ph1begin_i(rmconf, remote, local) - - /* new negotiation of phase 1 for responder */ - static int --isakmp_ph1begin_r(msg, remote, local, etype) -- vchar_t *msg; -- struct sockaddr *remote, *local; -- u_int8_t etype; -+isakmp_ph1begin_r(vchar_t *msg, -+ struct sockaddr *remote, -+ struct sockaddr *local, -+ u_int8_t etype) - { - struct isakmp *isakmp = (struct isakmp *)msg->v; - struct ph1handle *iph1; -diff --git a/src/racoon/racoonctl.c b/src/racoon/racoonctl.c -index da28ecd..bbf068e 100644 ---- a/src/racoon/racoonctl.c -+++ b/src/racoon/racoonctl.c -@@ -1299,9 +1299,8 @@ print_evt(evtdump) - * Print ISAKMP mode config info (IP and banner) - */ - void --print_cfg(buf, len) -- caddr_t buf; -- int len; -+print_cfg(caddr_t buf, -+ int len) - { - struct evt_async *evtdump = (struct evt_async *)buf; - struct isakmp_data *attr; -@@ -1454,7 +1453,7 @@ handle_recv(combuf) - else if (evt_quit_event == ec->ec_type) { - switch (ec->ec_type) { - case EVT_PHASE1_MODE_CFG: -- print_cfg(ec, len); -+ print_cfg((caddr_t)ec, len); - break; - default: - print_evt(ec); --- -1.9.1 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Fix-header-issues-found-with-musl-libc.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Fix-header-issues-found-with-musl-libc.patch deleted file mode 100644 index 630ecdb5f..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Fix-header-issues-found-with-musl-libc.patch +++ /dev/null @@ -1,249 +0,0 @@ -From 7d9585be093c9cb2428b373c0b0088bb778942d0 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 20 Mar 2017 21:37:47 -0700 -Subject: [PATCH] Fix header issues found with musl libc - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/libipsec/ipsec_strerror.h | 3 +++ - src/libipsec/libpfkey.h | 4 +++- - src/racoon/admin.c | 2 +- - src/racoon/backupsa.c | 6 +++--- - src/racoon/cftoken.l | 4 ++++ - src/racoon/logger.h | 3 +++ - src/racoon/misc.h | 3 +++ - src/racoon/missing/crypto/sha2/sha2.h | 3 +++ - src/racoon/netdb_dnssec.h | 3 +++ - src/racoon/pfkey.c | 1 - - src/racoon/plog.h | 2 ++ - src/racoon/str2val.h | 3 +++ - src/racoon/vmbuf.h | 3 +++ - src/setkey/extern.h | 3 ++- - src/setkey/setkey.c | 1 - - 15 files changed, 36 insertions(+), 8 deletions(-) - -diff --git a/src/libipsec/ipsec_strerror.h b/src/libipsec/ipsec_strerror.h -index 2b4264f..dac66a1 100644 ---- a/src/libipsec/ipsec_strerror.h -+++ b/src/libipsec/ipsec_strerror.h -@@ -34,6 +34,9 @@ - #ifndef _IPSEC_STRERROR_H - #define _IPSEC_STRERROR_H - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ -+ - extern int __ipsec_errcode; - extern void __ipsec_set_strerror __P((const char *)); - -diff --git a/src/libipsec/libpfkey.h b/src/libipsec/libpfkey.h -index 61d2f2a..f7991b7 100644 ---- a/src/libipsec/libpfkey.h -+++ b/src/libipsec/libpfkey.h -@@ -34,6 +34,9 @@ - #ifndef _LIBPFKEY_H - #define _LIBPFKEY_H - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ -+ - #ifndef KAME_LIBPFKEY_H - #define KAME_LIBPFKEY_H - -@@ -43,7 +46,6 @@ - - #define PRIORITY_OFFSET_POSITIVE_MAX 0x3fffffff - #define PRIORITY_OFFSET_NEGATIVE_MAX 0x40000000 -- - struct sadb_msg; - extern void pfkey_sadump __P((struct sadb_msg *)); - extern void pfkey_sadump_withports __P((struct sadb_msg *)); -diff --git a/src/racoon/admin.c b/src/racoon/admin.c -index 4b1875b..03ea3f8 100644 ---- a/src/racoon/admin.c -+++ b/src/racoon/admin.c -@@ -36,7 +36,6 @@ - #include <sys/types.h> - #include <sys/param.h> - #include <sys/socket.h> --#include <sys/signal.h> - #include <sys/stat.h> - #include <sys/un.h> - -@@ -46,6 +45,7 @@ - #include PATH_IPSEC_H - - -+#include <signal.h> - #include <stdlib.h> - #include <stdio.h> - #include <string.h> -diff --git a/src/racoon/backupsa.c b/src/racoon/backupsa.c -index 82d74ca..95307ca 100644 ---- a/src/racoon/backupsa.c -+++ b/src/racoon/backupsa.c -@@ -276,9 +276,9 @@ do { \ - GETNEXTNUM(sa_args.a_keylen, strtoul); - GETNEXTNUM(sa_args.flags, strtoul); - GETNEXTNUM(sa_args.l_alloc, strtoul); -- GETNEXTNUM(sa_args.l_bytes, strtouq); -- GETNEXTNUM(sa_args.l_addtime, strtouq); -- GETNEXTNUM(sa_args.l_usetime, strtouq); -+ GETNEXTNUM(sa_args.l_bytes, strtoull); -+ GETNEXTNUM(sa_args.l_addtime, strtoull); -+ GETNEXTNUM(sa_args.l_usetime, strtoull); - GETNEXTNUM(sa_args.seq, strtoul); - - #undef GETNEXTNUM -diff --git a/src/racoon/cftoken.l b/src/racoon/cftoken.l -index 1701922..787f4a9 100644 ---- a/src/racoon/cftoken.l -+++ b/src/racoon/cftoken.l -@@ -77,6 +77,10 @@ - - #include "cfparse.h" - -+#ifndef GLOB_TILDE -+#define GLOB_TILDE 0 -+#endif -+ - int yyerrorcount = 0; - - #if defined(YIPS_DEBUG) -diff --git a/src/racoon/logger.h b/src/racoon/logger.h -index 3fd3e94..67af5f0 100644 ---- a/src/racoon/logger.h -+++ b/src/racoon/logger.h -@@ -34,6 +34,9 @@ - #ifndef _LOGGER_H - #define _LOGGER_H - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ -+ - struct log { - int head; - int siz; -diff --git a/src/racoon/misc.h b/src/racoon/misc.h -index 3e758d9..30d9825 100644 ---- a/src/racoon/misc.h -+++ b/src/racoon/misc.h -@@ -34,6 +34,9 @@ - #ifndef _MISC_H - #define _MISC_H - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ -+ - #define BIT2STR(b) bit2str(b, sizeof(b)<<3) - - #ifdef HAVE_FUNC_MACRO -diff --git a/src/racoon/missing/crypto/sha2/sha2.h b/src/racoon/missing/crypto/sha2/sha2.h -index 42bcc2a..c043dfe 100644 ---- a/src/racoon/missing/crypto/sha2/sha2.h -+++ b/src/racoon/missing/crypto/sha2/sha2.h -@@ -40,6 +40,9 @@ - #ifndef __SHA2_H__ - #define __SHA2_H__ - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ -+ - #ifdef __cplusplus - extern "C" { - #endif -diff --git a/src/racoon/netdb_dnssec.h b/src/racoon/netdb_dnssec.h -index a11209d..98fd813 100644 ---- a/src/racoon/netdb_dnssec.h -+++ b/src/racoon/netdb_dnssec.h -@@ -34,6 +34,9 @@ - #ifndef _NETDB_DNSSEC_H - #define _NETDB_DNSSEC_H - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ -+ - #ifndef T_CERT - #define T_CERT 37 /* defined by RFC2538 section 2 */ - #endif -diff --git a/src/racoon/pfkey.c b/src/racoon/pfkey.c -index 8f26c19..a06c30e 100644 ---- a/src/racoon/pfkey.c -+++ b/src/racoon/pfkey.c -@@ -59,7 +59,6 @@ - #include <sys/param.h> - #include <sys/socket.h> - #include <sys/queue.h> --#include <sys/sysctl.h> - - #include <net/route.h> - #include <net/pfkeyv2.h> -diff --git a/src/racoon/plog.h b/src/racoon/plog.h -index ed43c8b..920c850 100644 ---- a/src/racoon/plog.h -+++ b/src/racoon/plog.h -@@ -34,6 +34,8 @@ - #ifndef _PLOG_H - #define _PLOG_H - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ - #ifdef HAVE_STDARG_H - #include <stdarg.h> - #else -diff --git a/src/racoon/str2val.h b/src/racoon/str2val.h -index 4a7cec1..d3d698e 100644 ---- a/src/racoon/str2val.h -+++ b/src/racoon/str2val.h -@@ -34,6 +34,9 @@ - #ifndef _STR2VAL_H - #define _STR2VAL_H - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ -+ - extern caddr_t val2str __P((const char *, size_t)); - extern char *str2val __P((const char *, int, size_t *)); - -diff --git a/src/racoon/vmbuf.h b/src/racoon/vmbuf.h -index 3f2f4ea..8287a00 100644 ---- a/src/racoon/vmbuf.h -+++ b/src/racoon/vmbuf.h -@@ -34,6 +34,9 @@ - #ifndef _VMBUF_H - #define _VMBUF_H - -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ -+ - /* - * bp v - * v v -diff --git a/src/setkey/extern.h b/src/setkey/extern.h -index 6f439fa..a1d9d14 100644 ---- a/src/setkey/extern.h -+++ b/src/setkey/extern.h -@@ -1,6 +1,7 @@ - /* $NetBSD: extern.h,v 1.5 2009/03/06 11:45:03 tteras Exp $ */ - -- -+#undef __P -+#define __P(protos) protos /* ANSI C prototypes */ - - void parse_init __P((void)); - int parse __P((FILE **)); -diff --git a/src/setkey/setkey.c b/src/setkey/setkey.c -index c400faa..51f8b75 100644 ---- a/src/setkey/setkey.c -+++ b/src/setkey/setkey.c -@@ -40,7 +40,6 @@ - #include <sys/socket.h> - #include <sys/time.h> - #include <sys/stat.h> --#include <sys/sysctl.h> - #include <err.h> - #include <netinet/in.h> - #include <net/pfkeyv2.h> --- -2.12.0 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch deleted file mode 100644 index 228274436..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch +++ /dev/null @@ -1,1086 +0,0 @@ -From b572350a922187d43dd4629c3b43e19979fae3ef Mon Sep 17 00:00:00 2001 -From: Eneas U de Queiroz <cote2004-github@yahoo.com> -Date: Tue, 25 Sep 2018 15:30:04 +0800 -Subject: [PATCH] ipsec-tools: add openssl 1.1 support - -To: equeiroz@troianet.com.br - -This patch updates the calls to openssl 1.1 API, and adds a -compatibility layer so it compiles with (at least) openssl 1.0.2, I -haven't tested it with lower versions, but all that's needed is to edit -the openssl_compat.* files and add the missing functions there--they're -usually trivial. - -Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> - -Upstream-Status: Submitted [https://sourceforge.net/p/ipsec-tools/mailman/message/36327963/] -https://github.com/openwrt/packages/blob/master/net/ipsec-tools/patches/015-openssl-1.1.patch - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - src/racoon/Makefile.am | 10 +-- - src/racoon/algorithm.c | 6 +- - src/racoon/crypto_openssl.c | 197 +++++++++++++++++++++------------------- - src/racoon/crypto_openssl.h | 2 +- - src/racoon/eaytest.c | 7 +- - src/racoon/ipsec_doi.c | 2 +- - src/racoon/openssl_compat.c | 213 ++++++++++++++++++++++++++++++++++++++++++++ - src/racoon/openssl_compat.h | 45 ++++++++++ - src/racoon/plainrsa-gen.c | 41 +++++---- - src/racoon/prsa_par.y | 28 ++++-- - src/racoon/rsalist.c | 5 +- - 11 files changed, 430 insertions(+), 126 deletions(-) - create mode 100644 src/racoon/openssl_compat.c - create mode 100644 src/racoon/openssl_compat.h - -diff --git a/src/racoon/Makefile.am b/src/racoon/Makefile.am -index 0662957..272b009 100644 ---- a/src/racoon/Makefile.am -+++ b/src/racoon/Makefile.am -@@ -4,7 +4,7 @@ sbin_PROGRAMS = racoon racoonctl plainrsa-gen - noinst_PROGRAMS = eaytest - include_racoon_HEADERS = racoonctl.h var.h vmbuf.h misc.h gcmalloc.h admin.h \ - schedule.h sockmisc.h isakmp_var.h isakmp.h isakmp_xauth.h \ -- isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h -+ isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h openssl_compat.h - lib_LTLIBRARIES = libracoon.la - - adminsockdir=${localstatedir}/racoon -@@ -32,7 +32,7 @@ racoon_SOURCES = \ - gssapi.c dnssec.c getcertsbyname.c privsep.c \ - pfkey.c admin.c evt.c ipsec_doi.c oakley.c grabmyaddr.c vendorid.c \ - policy.c localconf.c remoteconf.c crypto_openssl.c algorithm.c \ -- proposal.c sainfo.c strnames.c \ -+ openssl_compat.c proposal.c sainfo.c strnames.c \ - plog.c logger.c schedule.c str2val.c \ - safefile.c backupsa.c genlist.c rsalist.c \ - cftoken.l cfparse.y prsa_tok.l prsa_par.y -@@ -51,12 +51,12 @@ libracoon_la_SOURCES = kmpstat.c vmbuf.c sockmisc.c misc.c - libracoon_la_CFLAGS = -DNOUSE_PRIVSEP $(AM_CFLAGS) - - plainrsa_gen_SOURCES = plainrsa-gen.c plog.c \ -- crypto_openssl.c logger.c -+ crypto_openssl.c logger.c openssl_compat.c - EXTRA_plainrsa_gen_SOURCES = $(MISSING_ALGOS) - plainrsa_gen_LDADD = $(CRYPTOBJS) vmbuf.o misc.o - plainrsa_gen_DEPENDENCIES = $(CRYPTOBJS) vmbuf.o misc.o - --eaytest_SOURCES = eaytest.c plog.c logger.c -+eaytest_SOURCES = eaytest.c plog.c logger.c openssl_compat.c - EXTRA_eaytest_SOURCES = missing/crypto/sha2/sha2.c - eaytest_LDADD = crypto_openssl_test.o vmbuf.o str2val.o misc_noplog.o \ - $(CRYPTOBJS) -@@ -75,7 +75,7 @@ noinst_HEADERS = \ - debugrm.h isakmp.h misc.h sainfo.h \ - dhgroup.h isakmp_agg.h netdb_dnssec.h schedule.h \ - isakmp_cfg.h isakmp_xauth.h isakmp_unity.h isakmp_frag.h \ -- throttle.h privsep.h \ -+ throttle.h privsep.h openssl_compat.h \ - cfparse_proto.h cftoken_proto.h genlist.h rsalist.h \ - missing/crypto/sha2/sha2.h missing/crypto/rijndael/rijndael_local.h \ - missing/crypto/rijndael/rijndael-api-fst.h \ -diff --git a/src/racoon/algorithm.c b/src/racoon/algorithm.c -index 3fd50f6..66c874b 100644 ---- a/src/racoon/algorithm.c -+++ b/src/racoon/algorithm.c -@@ -128,7 +128,7 @@ static struct enc_algorithm oakley_encdef[] = { - { "aes", algtype_aes, OAKLEY_ATTR_ENC_ALG_AES, 16, - eay_aes_encrypt, eay_aes_decrypt, - eay_aes_weakkey, eay_aes_keylen, }, --#ifdef HAVE_OPENSSL_CAMELLIA_H -+#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) - { "camellia", algtype_camellia, OAKLEY_ATTR_ENC_ALG_CAMELLIA, 16, - eay_camellia_encrypt, eay_camellia_decrypt, - eay_camellia_weakkey, eay_camellia_keylen, }, -@@ -168,7 +168,7 @@ static struct enc_algorithm ipsec_encdef[] = { - { "twofish", algtype_twofish, IPSECDOI_ESP_TWOFISH, 16, - NULL, NULL, - NULL, eay_twofish_keylen, }, --#ifdef HAVE_OPENSSL_IDEA_H -+#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) - { "3idea", algtype_3idea, IPSECDOI_ESP_3IDEA, 8, - NULL, NULL, - NULL, NULL, }, -@@ -179,7 +179,7 @@ static struct enc_algorithm ipsec_encdef[] = { - { "rc4", algtype_rc4, IPSECDOI_ESP_RC4, 8, - NULL, NULL, - NULL, NULL, }, --#ifdef HAVE_OPENSSL_CAMELLIA_H -+#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) - { "camellia", algtype_camellia, IPSECDOI_ESP_CAMELLIA, 16, - NULL, NULL, - NULL, eay_camellia_keylen, }, -diff --git a/src/racoon/crypto_openssl.c b/src/racoon/crypto_openssl.c -index 55b076a..8fb358f 100644 ---- a/src/racoon/crypto_openssl.c -+++ b/src/racoon/crypto_openssl.c -@@ -90,6 +90,7 @@ - #endif - #endif - #include "plog.h" -+#include "openssl_compat.h" - - #define USE_NEW_DES_API - -@@ -316,9 +317,12 @@ eay_cmp_asn1dn(n1, n2) - i = idx+1; - goto end; - } -- if ((ea->value->length == 1 && ea->value->data[0] == '*') || -- (eb->value->length == 1 && eb->value->data[0] == '*')) { -- if (OBJ_cmp(ea->object,eb->object)) { -+ ASN1_STRING *sa = X509_NAME_ENTRY_get_data(ea); -+ ASN1_STRING *sb = X509_NAME_ENTRY_get_data(eb); -+ if ((ASN1_STRING_length(sa) == 1 && ASN1_STRING_get0_data(sa)[0] == '*') || -+ (ASN1_STRING_length(sb) == 1 && ASN1_STRING_get0_data(sb)[0] == '*')) { -+ if (OBJ_cmp(X509_NAME_ENTRY_get_object(ea), -+ X509_NAME_ENTRY_get_object(eb))) { - i = idx+1; - goto end; - } -@@ -430,7 +434,7 @@ cb_check_cert_local(ok, ctx) - - if (!ok) { - X509_NAME_oneline( -- X509_get_subject_name(ctx->current_cert), -+ X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), - buf, - 256); - /* -@@ -438,7 +442,8 @@ cb_check_cert_local(ok, ctx) - * ok if they are self signed. But we should still warn - * the user. - */ -- switch (ctx->error) { -+ int ctx_error = X509_STORE_CTX_get_error(ctx); -+ switch (ctx_error) { - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: - case X509_V_ERR_INVALID_CA: -@@ -453,9 +458,9 @@ cb_check_cert_local(ok, ctx) - } - plog(log_tag, LOCATION, NULL, - "%s(%d) at depth:%d SubjectName:%s\n", -- X509_verify_cert_error_string(ctx->error), -- ctx->error, -- ctx->error_depth, -+ X509_verify_cert_error_string(ctx_error), -+ ctx_error, -+ X509_STORE_CTX_get_error_depth(ctx), - buf); - } - ERR_clear_error(); -@@ -477,10 +482,11 @@ cb_check_cert_remote(ok, ctx) - - if (!ok) { - X509_NAME_oneline( -- X509_get_subject_name(ctx->current_cert), -+ X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), - buf, - 256); -- switch (ctx->error) { -+ int ctx_error=X509_STORE_CTX_get_error(ctx); -+ switch (ctx_error) { - case X509_V_ERR_UNABLE_TO_GET_CRL: - ok = 1; - log_tag = LLV_WARNING; -@@ -490,9 +496,9 @@ cb_check_cert_remote(ok, ctx) - } - plog(log_tag, LOCATION, NULL, - "%s(%d) at depth:%d SubjectName:%s\n", -- X509_verify_cert_error_string(ctx->error), -- ctx->error, -- ctx->error_depth, -+ X509_verify_cert_error_string(ctx_error), -+ ctx_error, -+ X509_STORE_CTX_get_error_depth(ctx), - buf); - } - ERR_clear_error(); -@@ -516,14 +522,15 @@ eay_get_x509asn1subjectname(cert) - if (x509 == NULL) - goto error; - -+ X509_NAME *subject_name = X509_get_subject_name(x509); - /* get the length of the name */ -- len = i2d_X509_NAME(x509->cert_info->subject, NULL); -+ len = i2d_X509_NAME(subject_name, NULL); - name = vmalloc(len); - if (!name) - goto error; - /* get the name */ - bp = (unsigned char *) name->v; -- len = i2d_X509_NAME(x509->cert_info->subject, &bp); -+ len = i2d_X509_NAME(subject_name, &bp); - - X509_free(x509); - -@@ -661,15 +668,16 @@ eay_get_x509asn1issuername(cert) - if (x509 == NULL) - goto error; - -+ X509_NAME *issuer_name = X509_get_issuer_name(x509); - /* get the length of the name */ -- len = i2d_X509_NAME(x509->cert_info->issuer, NULL); -+ len = i2d_X509_NAME(issuer_name, NULL); - name = vmalloc(len); - if (name == NULL) - goto error; - - /* get the name */ - bp = (unsigned char *) name->v; -- len = i2d_X509_NAME(x509->cert_info->issuer, &bp); -+ len = i2d_X509_NAME(issuer_name, &bp); - - X509_free(x509); - -@@ -850,7 +858,7 @@ eay_check_x509sign(source, sig, cert) - return -1; - } - -- res = eay_rsa_verify(source, sig, evp->pkey.rsa); -+ res = eay_rsa_verify(source, sig, EVP_PKEY_get0_RSA(evp)); - - EVP_PKEY_free(evp); - X509_free(x509); -@@ -992,7 +1000,7 @@ eay_get_x509sign(src, privkey) - if (evp == NULL) - return NULL; - -- sig = eay_rsa_sign(src, evp->pkey.rsa); -+ sig = eay_rsa_sign(src, EVP_PKEY_get0_RSA(evp)); - - EVP_PKEY_free(evp); - -@@ -1079,7 +1087,11 @@ eay_strerror() - int line, flags; - unsigned long es; - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ es = 0; /* even when allowed by OPENSSL_API_COMPAT, it is defined as 0 */ -+#else - es = CRYPTO_thread_id(); -+#endif - - while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){ - n = snprintf(ebuf + len, sizeof(ebuf) - len, -@@ -1100,7 +1112,7 @@ vchar_t * - evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc) - { - vchar_t *res; -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - - if (!e) - return NULL; -@@ -1111,7 +1123,7 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc - if ((res = vmalloc(data->l)) == NULL) - return NULL; - -- EVP_CIPHER_CTX_init(&ctx); -+ ctx = EVP_CIPHER_CTX_new(); - - switch(EVP_CIPHER_nid(e)){ - case NID_bf_cbc: -@@ -1125,54 +1137,41 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc - /* XXX: can we do that also for algos with a fixed key size ? - */ - /* init context without key/iv -- */ -- if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc)) -- { -- OpenSSL_BUG(); -- vfree(res); -- return NULL; -- } -+ */ -+ if (!EVP_CipherInit(ctx, e, NULL, NULL, enc)) -+ goto out; - -- /* update key size -- */ -- if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l)) -- { -- OpenSSL_BUG(); -- vfree(res); -- return NULL; -- } -- -- /* finalize context init with desired key size -- */ -- if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v, -+ /* update key size -+ */ -+ if (!EVP_CIPHER_CTX_set_key_length(ctx, key->l)) -+ goto out; -+ -+ /* finalize context init with desired key size -+ */ -+ if (!EVP_CipherInit(ctx, NULL, (u_char *) key->v, - (u_char *) iv->v, enc)) -- { -- OpenSSL_BUG(); -- vfree(res); -- return NULL; -- } -+ goto out; - break; - default: -- if (!EVP_CipherInit(&ctx, e, (u_char *) key->v, -- (u_char *) iv->v, enc)) { -- OpenSSL_BUG(); -- vfree(res); -- return NULL; -- } -+ if (!EVP_CipherInit(ctx, e, (u_char *) key->v, -+ (u_char *) iv->v, enc)) -+ goto out; - } - - /* disable openssl padding */ -- EVP_CIPHER_CTX_set_padding(&ctx, 0); -+ EVP_CIPHER_CTX_set_padding(ctx, 0); - -- if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) { -- OpenSSL_BUG(); -- vfree(res); -- return NULL; -- } -+ if (!EVP_Cipher(ctx, (u_char *) res->v, (u_char *) data->v, data->l)) -+ goto out; - -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - - return res; -+out: -+ EVP_CIPHER_CTX_free(ctx); -+ OpenSSL_BUG(); -+ vfree(res); -+ return NULL; - } - - int -@@ -1230,7 +1229,7 @@ eay_des_keylen(len) - return evp_keylen(len, EVP_des_cbc()); - } - --#ifdef HAVE_OPENSSL_IDEA_H -+#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) - /* - * IDEA-CBC - */ -@@ -1587,7 +1586,7 @@ eay_aes_keylen(len) - return len; - } - --#if defined(HAVE_OPENSSL_CAMELLIA_H) -+#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) - /* - * CAMELLIA-CBC - */ -@@ -1680,9 +1679,9 @@ eay_hmac_init(key, md) - vchar_t *key; - const EVP_MD *md; - { -- HMAC_CTX *c = racoon_malloc(sizeof(*c)); -+ HMAC_CTX *c = HMAC_CTX_new(); - -- HMAC_Init(c, key->v, key->l, md); -+ HMAC_Init_ex(c, key->v, key->l, md, NULL); - - return (caddr_t)c; - } -@@ -1761,8 +1760,7 @@ eay_hmacsha2_512_final(c) - - HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); - res->l = l; -- HMAC_cleanup((HMAC_CTX *)c); -- (void)racoon_free(c); -+ HMAC_CTX_free((HMAC_CTX *)c); - - if (SHA512_DIGEST_LENGTH != res->l) { - plog(LLV_ERROR, LOCATION, NULL, -@@ -1811,8 +1809,7 @@ eay_hmacsha2_384_final(c) - - HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); - res->l = l; -- HMAC_cleanup((HMAC_CTX *)c); -- (void)racoon_free(c); -+ HMAC_CTX_free((HMAC_CTX *)c); - - if (SHA384_DIGEST_LENGTH != res->l) { - plog(LLV_ERROR, LOCATION, NULL, -@@ -1861,8 +1858,7 @@ eay_hmacsha2_256_final(c) - - HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); - res->l = l; -- HMAC_cleanup((HMAC_CTX *)c); -- (void)racoon_free(c); -+ HMAC_CTX_free((HMAC_CTX *)c); - - if (SHA256_DIGEST_LENGTH != res->l) { - plog(LLV_ERROR, LOCATION, NULL, -@@ -1912,8 +1908,7 @@ eay_hmacsha1_final(c) - - HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); - res->l = l; -- HMAC_cleanup((HMAC_CTX *)c); -- (void)racoon_free(c); -+ HMAC_CTX_free((HMAC_CTX *)c); - - if (SHA_DIGEST_LENGTH != res->l) { - plog(LLV_ERROR, LOCATION, NULL, -@@ -1962,8 +1957,7 @@ eay_hmacmd5_final(c) - - HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); - res->l = l; -- HMAC_cleanup((HMAC_CTX *)c); -- (void)racoon_free(c); -+ HMAC_CTX_free((HMAC_CTX *)c); - - if (MD5_DIGEST_LENGTH != res->l) { - plog(LLV_ERROR, LOCATION, NULL, -@@ -2266,6 +2260,7 @@ eay_dh_generate(prime, g, publen, pub, priv) - u_int32_t g; - { - BIGNUM *p = NULL; -+ BIGNUM *BNg = NULL; - DH *dh = NULL; - int error = -1; - -@@ -2276,25 +2271,28 @@ eay_dh_generate(prime, g, publen, pub, priv) - - if ((dh = DH_new()) == NULL) - goto end; -- dh->p = p; -- p = NULL; /* p is now part of dh structure */ -- dh->g = NULL; -- if ((dh->g = BN_new()) == NULL) -+ if ((BNg = BN_new()) == NULL) - goto end; -- if (!BN_set_word(dh->g, g)) -+ if (!BN_set_word(BNg, g)) - goto end; -+ if (! DH_set0_pqg(dh, p, NULL, BNg)) -+ goto end; -+ BNg = NULL; -+ p = NULL; /* p is now part of dh structure */ - - if (publen != 0) -- dh->length = publen; -+ DH_set_length(dh, publen); - - /* generate public and private number */ - if (!DH_generate_key(dh)) - goto end; - - /* copy results to buffers */ -- if (eay_bn2v(pub, dh->pub_key) < 0) -+ BIGNUM *pub_key, *priv_key; -+ DH_get0_key(dh, (const BIGNUM**) &pub_key, (const BIGNUM**) &priv_key); -+ if (eay_bn2v(pub, pub_key) < 0) - goto end; -- if (eay_bn2v(priv, dh->priv_key) < 0) { -+ if (eay_bn2v(priv, priv_key) < 0) { - vfree(*pub); - goto end; - } -@@ -2306,6 +2304,8 @@ end: - DH_free(dh); - if (p != 0) - BN_free(p); -+ if (BNg != 0) -+ BN_free(BNg); - return(error); - } - -@@ -2319,6 +2319,10 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) - int l; - unsigned char *v = NULL; - int error = -1; -+ BIGNUM *p = BN_new(); -+ BIGNUM *BNg = BN_new(); -+ BIGNUM *pub_key = BN_new(); -+ BIGNUM *priv_key = BN_new(); - - /* make public number to compute */ - if (eay_v2bn(&dh_pub, pub2) < 0) -@@ -2327,19 +2331,21 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) - /* make DH structure */ - if ((dh = DH_new()) == NULL) - goto end; -- if (eay_v2bn(&dh->p, prime) < 0) -+ if (p == NULL || BNg == NULL || pub_key == NULL || priv_key == NULL) - goto end; -- if (eay_v2bn(&dh->pub_key, pub) < 0) -+ -+ if (eay_v2bn(&p, prime) < 0) - goto end; -- if (eay_v2bn(&dh->priv_key, priv) < 0) -+ if (eay_v2bn(&pub_key, pub) < 0) - goto end; -- dh->length = pub2->l * 8; -- -- dh->g = NULL; -- if ((dh->g = BN_new()) == NULL) -+ if (eay_v2bn(&priv_key, priv) < 0) - goto end; -- if (!BN_set_word(dh->g, g)) -+ if (!BN_set_word(BNg, g)) - goto end; -+ DH_set0_key(dh, pub_key, priv_key); -+ DH_set_length(dh, pub2->l * 8); -+ DH_set0_pqg(dh, p, NULL, BNg); -+ pub_key = priv_key = p = BNg = NULL; - - if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL) - goto end; -@@ -2350,6 +2356,14 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) - error = 0; - - end: -+ if (p != NULL) -+ BN_free(p); -+ if (BNg != NULL) -+ BN_free(BNg); -+ if (pub_key != NULL) -+ BN_free(pub_key); -+ if (priv_key != NULL) -+ BN_free(priv_key); - if (dh_pub != NULL) - BN_free(dh_pub); - if (dh != NULL) -@@ -2400,12 +2414,14 @@ eay_bn2v(var, bn) - void - eay_init() - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); - #ifdef HAVE_OPENSSL_ENGINE_H - ENGINE_load_builtin_engines(); - ENGINE_register_all_complete(); - #endif -+#endif - } - - vchar_t * -@@ -2504,8 +2520,7 @@ binbuf_pubkey2rsa(vchar_t *binbuf) - goto out; - } - -- rsa_pub->n = mod; -- rsa_pub->e = exp; -+ RSA_set0_key(rsa_pub, mod, exp, NULL); - - out: - return rsa_pub; -@@ -2582,5 +2597,5 @@ eay_random() - const char * - eay_version() - { -- return SSLeay_version(SSLEAY_VERSION); -+ return OpenSSL_version(OPENSSL_VERSION); - } -diff --git a/src/racoon/crypto_openssl.h b/src/racoon/crypto_openssl.h -index 66fac73..ee5b765 100644 ---- a/src/racoon/crypto_openssl.h -+++ b/src/racoon/crypto_openssl.h -@@ -124,7 +124,7 @@ extern vchar_t *eay_aes_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); - extern int eay_aes_weakkey __P((vchar_t *)); - extern int eay_aes_keylen __P((int)); - --#if defined(HAVE_OPENSSL_CAMELLIA_H) -+#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) - /* Camellia */ - extern vchar_t *eay_camellia_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); - extern vchar_t *eay_camellia_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); -diff --git a/src/racoon/eaytest.c b/src/racoon/eaytest.c -index d609e4f..d2d20da 100644 ---- a/src/racoon/eaytest.c -+++ b/src/racoon/eaytest.c -@@ -62,6 +62,7 @@ - #include "dhgroup.h" - #include "crypto_openssl.h" - #include "gnuc.h" -+#include "openssl_compat.h" - - #include "package_version.h" - -@@ -103,7 +104,7 @@ rsa_verify_with_pubkey(src, sig, pubkey_txt) - printf ("PEM_read_PUBKEY(): %s\n", eay_strerror()); - return -1; - } -- error = eay_check_rsasign(src, sig, evp->pkey.rsa); -+ error = eay_check_rsasign(src, sig, EVP_PKEY_get0_RSA(evp)); - - return error; - } -@@ -698,7 +699,7 @@ ciphertest(ac, av) - eay_cast_encrypt, eay_cast_decrypt) < 0) - return -1; - --#ifdef HAVE_OPENSSL_IDEA_H -+#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) - if (ciphertest_1 ("IDEA", - &data, 8, - &key, key.l, -@@ -715,7 +716,7 @@ ciphertest(ac, av) - eay_rc5_encrypt, eay_rc5_decrypt) < 0) - return -1; - #endif --#if defined(HAVE_OPENSSL_CAMELLIA_H) -+#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) - if (ciphertest_1 ("CAMELLIA", - &data, 16, - &key, key.l, -diff --git a/src/racoon/ipsec_doi.c b/src/racoon/ipsec_doi.c -index 08e4325..7b1604d 100644 ---- a/src/racoon/ipsec_doi.c -+++ b/src/racoon/ipsec_doi.c -@@ -715,7 +715,7 @@ out: - /* key length must not be specified on some algorithms */ - if (keylen) { - if (sa->enctype == OAKLEY_ATTR_ENC_ALG_DES --#ifdef HAVE_OPENSSL_IDEA_H -+#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) - || sa->enctype == OAKLEY_ATTR_ENC_ALG_IDEA - #endif - || sa->enctype == OAKLEY_ATTR_ENC_ALG_3DES) { -diff --git a/src/racoon/openssl_compat.c b/src/racoon/openssl_compat.c -new file mode 100644 -index 0000000..864b5fb ---- /dev/null -+++ b/src/racoon/openssl_compat.c -@@ -0,0 +1,213 @@ -+/* -+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include "openssl_compat.h" -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include <string.h> -+ -+static void *OPENSSL_zalloc(size_t num) -+{ -+ void *ret = OPENSSL_malloc(num); -+ -+ if (ret != NULL) -+ memset(ret, 0, num); -+ return ret; -+} -+ -+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) -+{ -+ /* If the fields n and e in r are NULL, the corresponding input -+ * parameters MUST be non-NULL for n and e. d may be -+ * left NULL (in case only the public key is used). -+ */ -+ if ((r->n == NULL && n == NULL) -+ || (r->e == NULL && e == NULL)) -+ return 0; -+ -+ if (n != NULL) { -+ BN_free(r->n); -+ r->n = n; -+ } -+ if (e != NULL) { -+ BN_free(r->e); -+ r->e = e; -+ } -+ if (d != NULL) { -+ BN_free(r->d); -+ r->d = d; -+ } -+ -+ return 1; -+} -+ -+int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) -+{ -+ /* If the fields p and q in r are NULL, the corresponding input -+ * parameters MUST be non-NULL. -+ */ -+ if ((r->p == NULL && p == NULL) -+ || (r->q == NULL && q == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_free(r->p); -+ r->p = p; -+ } -+ if (q != NULL) { -+ BN_free(r->q); -+ r->q = q; -+ } -+ -+ return 1; -+} -+ -+int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) -+{ -+ /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input -+ * parameters MUST be non-NULL. -+ */ -+ if ((r->dmp1 == NULL && dmp1 == NULL) -+ || (r->dmq1 == NULL && dmq1 == NULL) -+ || (r->iqmp == NULL && iqmp == NULL)) -+ return 0; -+ -+ if (dmp1 != NULL) { -+ BN_free(r->dmp1); -+ r->dmp1 = dmp1; -+ } -+ if (dmq1 != NULL) { -+ BN_free(r->dmq1); -+ r->dmq1 = dmq1; -+ } -+ if (iqmp != NULL) { -+ BN_free(r->iqmp); -+ r->iqmp = iqmp; -+ } -+ -+ return 1; -+} -+ -+void RSA_get0_key(const RSA *r, -+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -+{ -+ if (n != NULL) -+ *n = r->n; -+ if (e != NULL) -+ *e = r->e; -+ if (d != NULL) -+ *d = r->d; -+} -+ -+void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) -+{ -+ if (p != NULL) -+ *p = r->p; -+ if (q != NULL) -+ *q = r->q; -+} -+ -+void RSA_get0_crt_params(const RSA *r, -+ const BIGNUM **dmp1, const BIGNUM **dmq1, -+ const BIGNUM **iqmp) -+{ -+ if (dmp1 != NULL) -+ *dmp1 = r->dmp1; -+ if (dmq1 != NULL) -+ *dmq1 = r->dmq1; -+ if (iqmp != NULL) -+ *iqmp = r->iqmp; -+} -+ -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ /* If the fields p and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. q may remain NULL. -+ */ -+ if ((dh->p == NULL && p == NULL) -+ || (dh->g == NULL && g == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_free(dh->p); -+ dh->p = p; -+ } -+ if (q != NULL) { -+ BN_free(dh->q); -+ dh->q = q; -+ } -+ if (g != NULL) { -+ BN_free(dh->g); -+ dh->g = g; -+ } -+ -+ if (q != NULL) { -+ dh->length = BN_num_bits(q); -+ } -+ -+ return 1; -+} -+ -+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+ if (pub_key != NULL) -+ *pub_key = dh->pub_key; -+ if (priv_key != NULL) -+ *priv_key = dh->priv_key; -+} -+ -+int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) -+{ -+ /* If the field pub_key in dh is NULL, the corresponding input -+ * parameters MUST be non-NULL. The priv_key field may -+ * be left NULL. -+ */ -+ if (dh->pub_key == NULL && pub_key == NULL) -+ return 0; -+ -+ if (pub_key != NULL) { -+ BN_free(dh->pub_key); -+ dh->pub_key = pub_key; -+ } -+ if (priv_key != NULL) { -+ BN_free(dh->priv_key); -+ dh->priv_key = priv_key; -+ } -+ -+ return 1; -+} -+ -+int DH_set_length(DH *dh, long length) -+{ -+ dh->length = length; -+ return 1; -+} -+ -+HMAC_CTX *HMAC_CTX_new(void) -+{ -+ return OPENSSL_zalloc(sizeof(HMAC_CTX)); -+} -+ -+void HMAC_CTX_free(HMAC_CTX *ctx) -+{ -+ HMAC_CTX_cleanup(ctx); -+ OPENSSL_free(ctx); -+} -+ -+RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) -+{ -+ if (pkey->type != EVP_PKEY_RSA) { -+ return NULL; -+ } -+ return pkey->pkey.rsa; -+} -+ -+ -+#endif /* OPENSSL_VERSION_NUMBER */ -diff --git a/src/racoon/openssl_compat.h b/src/racoon/openssl_compat.h -new file mode 100644 -index 0000000..9e152c2 ---- /dev/null -+++ b/src/racoon/openssl_compat.h -@@ -0,0 +1,45 @@ -+#ifndef OPENSSL_COMPAT_H -+#define OPENSSL_COMPAT_H -+ -+#include <openssl/opensslv.h> -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include <openssl/rsa.h> -+#include <openssl/dh.h> -+#include <openssl/evp.h> -+#include <openssl/hmac.h> -+ -+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); -+int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); -+int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); -+void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); -+void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); -+void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); -+ -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); -+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); -+int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); -+int DH_set_length(DH *dh, long length); -+ -+HMAC_CTX *HMAC_CTX_new(void); -+void HMAC_CTX_free(HMAC_CTX* ctx); -+ -+RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); -+ -+#define ASN1_STRING_length(s) s->length -+#define ASN1_STRING_get0_data(s) s->data -+ -+#define X509_get_subject_name(x) x->cert_info->subject -+#define X509_get_issuer_name(x) x->cert_info->issuer -+#define X509_NAME_ENTRY_get_data(n) n->value -+#define X509_NAME_ENTRY_get_object(n) n->object -+#define X509_STORE_CTX_get_current_cert(ctx) ctx->current_cert -+#define X509_STORE_CTX_get_error(ctx) ctx->error -+#define X509_STORE_CTX_get_error_depth(ctx) ctx->error_depth -+ -+#define OPENSSL_VERSION SSLEAY_VERSION -+#define OpenSSL_version SSLeay_version -+ -+#endif /* OPENSSL_VERSION_NUMBER */ -+ -+#endif /* OPENSSL_COMPAT_H */ -diff --git a/src/racoon/plainrsa-gen.c b/src/racoon/plainrsa-gen.c -index cad1861..b949b08 100644 ---- a/src/racoon/plainrsa-gen.c -+++ b/src/racoon/plainrsa-gen.c -@@ -60,6 +60,7 @@ - #include "vmbuf.h" - #include "plog.h" - #include "crypto_openssl.h" -+#include "openssl_compat.h" - - #include "package_version.h" - -@@ -90,12 +91,14 @@ mix_b64_pubkey(const RSA *key) - char *binbuf; - long binlen, ret; - vchar_t *res; -- -- binlen = 1 + BN_num_bytes(key->e) + BN_num_bytes(key->n); -+ const BIGNUM *e, *n; -+ -+ RSA_get0_key(key, &n, &e, NULL); -+ binlen = 1 + BN_num_bytes(e) + BN_num_bytes(n); - binbuf = malloc(binlen); - memset(binbuf, 0, binlen); -- binbuf[0] = BN_bn2bin(key->e, (unsigned char *) &binbuf[1]); -- ret = BN_bn2bin(key->n, (unsigned char *) (&binbuf[binbuf[0] + 1])); -+ binbuf[0] = BN_bn2bin(e, (unsigned char *) &binbuf[1]); -+ ret = BN_bn2bin(n, (unsigned char *) (&binbuf[binbuf[0] + 1])); - if (1 + binbuf[0] + ret != binlen) { - plog(LLV_ERROR, LOCATION, NULL, - "Pubkey generation failed. This is really strange...\n"); -@@ -131,16 +134,20 @@ print_rsa_key(FILE *fp, const RSA *key) - - fprintf(fp, "# : PUB 0s%s\n", pubkey64->v); - fprintf(fp, ": RSA\t{\n"); -- fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(key->n)); -+ const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp; -+ RSA_get0_key(key, &n, &e, &d); -+ RSA_get0_factors(key, &p, &q); -+ RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp); -+ fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(n)); - fprintf(fp, "\t# pubkey=0s%s\n", pubkey64->v); -- fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(key->n))); -- fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(key->e))); -- fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(key->d))); -- fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(key->p))); -- fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(key->q))); -- fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(key->dmp1))); -- fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(key->dmq1))); -- fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(key->iqmp))); -+ fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(n))); -+ fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(e))); -+ fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(d))); -+ fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(p))); -+ fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(q))); -+ fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(dmp1))); -+ fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(dmq1))); -+ fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(iqmp))); - fprintf(fp, " }\n"); - - vfree(pubkey64); -@@ -203,11 +210,13 @@ int - gen_rsa_key(FILE *fp, size_t bits, unsigned long exp) - { - int ret; -- RSA *key; -+ RSA *key = RSA_new(); -+ BIGNUM *e = BN_new(); - -- key = RSA_generate_key(bits, exp, NULL, NULL); -- if (!key) { -+ BN_set_word(e, exp); -+ if (! RSA_generate_key_ex(key, bits, e, NULL)) { - fprintf(stderr, "RSA_generate_key(): %s\n", eay_strerror()); -+ RSA_free(key); - return -1; - } - -diff --git a/src/racoon/prsa_par.y b/src/racoon/prsa_par.y -index 1987e4d..27ce4c6 100644 ---- a/src/racoon/prsa_par.y -+++ b/src/racoon/prsa_par.y -@@ -68,6 +68,7 @@ - #include "isakmp_var.h" - #include "handler.h" - #include "crypto_openssl.h" -+#include "openssl_compat.h" - #include "sockmisc.h" - #include "rsalist.h" - -@@ -85,7 +86,18 @@ char *prsa_cur_fname = NULL; - struct genlist *prsa_cur_list = NULL; - enum rsa_key_type prsa_cur_type = RSA_TYPE_ANY; - --static RSA *rsa_cur; -+struct my_rsa_st { -+ BIGNUM *n; -+ BIGNUM *e; -+ BIGNUM *d; -+ BIGNUM *p; -+ BIGNUM *q; -+ BIGNUM *dmp1; -+ BIGNUM *dmq1; -+ BIGNUM *iqmp; -+}; -+ -+static struct my_rsa_st *rsa_cur; - - void - prsaerror(const char *s, ...) -@@ -201,8 +213,12 @@ rsa_statement: - rsa_cur->iqmp = NULL; - } - } -- $$ = rsa_cur; -- rsa_cur = RSA_new(); -+ RSA * rsa_tmp = RSA_new(); -+ RSA_set0_key(rsa_tmp, rsa_cur->n, rsa_cur->e, rsa_cur->d); -+ RSA_set0_factors(rsa_tmp, rsa_cur->p, rsa_cur->q); -+ RSA_set0_crt_params(rsa_tmp, rsa_cur->dmp1, rsa_cur->dmq1, rsa_cur->iqmp); -+ $$ = rsa_tmp; -+ memset(rsa_cur, 0, sizeof(struct my_rsa_st)); - } - | TAG_PUB BASE64 - { -@@ -351,10 +367,12 @@ prsa_parse_file(struct genlist *list, char *fname, enum rsa_key_type type) - prsa_cur_fname = fname; - prsa_cur_list = list; - prsa_cur_type = type; -- rsa_cur = RSA_new(); -+ rsa_cur = malloc(sizeof(struct my_rsa_st)); -+ memset(rsa_cur, 0, sizeof(struct my_rsa_st)); - ret = prsaparse(); - if (rsa_cur) { -- RSA_free(rsa_cur); -+ memset(rsa_cur, 0, sizeof(struct my_rsa_st)); -+ free(rsa_cur); - rsa_cur = NULL; - } - fclose (fp); -diff --git a/src/racoon/rsalist.c b/src/racoon/rsalist.c -index f152c82..96e8363 100644 ---- a/src/racoon/rsalist.c -+++ b/src/racoon/rsalist.c -@@ -52,6 +52,7 @@ - #include "genlist.h" - #include "remoteconf.h" - #include "crypto_openssl.h" -+#include "openssl_compat.h" - - #ifndef LIST_FIRST - #define LIST_FIRST(head) ((head)->lh_first) -@@ -98,7 +99,9 @@ rsa_key_dup(struct rsa_key *key) - return NULL; - - if (key->rsa) { -- new->rsa = key->rsa->d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa); -+ const BIGNUM *d; -+ RSA_get0_key(key->rsa, NULL, NULL, &d); -+ new->rsa = (d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa)); - if (new->rsa == NULL) - goto dup_error; - } --- -2.7.4 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-racoon-pfkey-avoid-potential-null-pointer-dereferenc.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-racoon-pfkey-avoid-potential-null-pointer-dereferenc.patch deleted file mode 100644 index d5602c03d..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-racoon-pfkey-avoid-potential-null-pointer-dereferenc.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 738a9857be9c92ad2f70be88ccee238e3154a936 Mon Sep 17 00:00:00 2001 -From: Joe MacDonald <joe.macdonald@windriver.com> -Date: Wed, 2 Oct 2013 14:20:37 -0400 -Subject: [PATCH] racoon/pfkey: avoid potential null-pointer dereference - -Building with -Werror=maybe-uninitialized revealed that 'remote' from -pk_recvmigrate() could be used with uninitialized data in -migrate_sp_ike_addresses(). Ensure it is always at a minimum assigned -NULL. - -Upstream-Status: Pending - -Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com> ---- - src/racoon/pfkey.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/racoon/pfkey.c b/src/racoon/pfkey.c -index d00b166..e0dc1db 100644 ---- a/src/racoon/pfkey.c -+++ b/src/racoon/pfkey.c -@@ -3352,7 +3352,7 @@ pk_recvmigrate(mhp) - struct sockaddr *old_saddr, *new_saddr; - struct sockaddr *old_daddr, *new_daddr; - struct sockaddr *old_local, *old_remote; -- struct sockaddr *local, *remote; -+ struct sockaddr *local, *remote = NULL; - struct sadb_x_kmaddress *kmaddr; - struct sadb_x_policy *xpl; - struct sadb_x_ipsecrequest *xisr_list; --- -1.7.9.5 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0002-Don-t-link-against-libfl.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0002-Don-t-link-against-libfl.patch deleted file mode 100644 index 13e9d73fc..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0002-Don-t-link-against-libfl.patch +++ /dev/null @@ -1,87 +0,0 @@ -From e48b9097dce7bc2bfbb9e9c542124d3b5cebab39 Mon Sep 17 00:00:00 2001 -From: Paul Barker <paul@paulbarker.me.uk> -Date: Wed, 5 Mar 2014 13:39:14 +0000 -Subject: [PATCH] Don't link against libfl - -We can remove all references to yywrap by adding "%option noyywrap" statements -to each flex source file that doesn't override yywrap. After this, we no longer -need to link against libfl and so no longer get errors about undefined -references to yylex. - -Signed-off-by: Paul Barker <paul@paulbarker.me.uk> -Upstream-status: Submitted 2014-03-11 - see http://sourceforge.net/p/ipsec-tools/mailman/ipsec-tools-devel/thread/CANyK_8ewmxGA3vBVJW6s1APXPmxPR%2BDFWZ61EL8pCt288aKQ6w%40mail.gmail.com/#msg32088797 ---- - src/libipsec/Makefile.am | 1 - - src/racoon/Makefile.am | 2 +- - src/racoon/cftoken.l | 2 ++ - src/setkey/Makefile.am | 1 - - src/setkey/token.l | 2 ++ - 5 files changed, 5 insertions(+), 3 deletions(-) - -diff --git a/src/libipsec/Makefile.am b/src/libipsec/Makefile.am -index 6a4e3b3..df1e106 100644 ---- a/src/libipsec/Makefile.am -+++ b/src/libipsec/Makefile.am -@@ -26,7 +26,6 @@ libipsec_la_SOURCES = \ - # version is current:revision:age. - # See: http://www.gnu.org/manual/libtool-1.4.2/html_chapter/libtool_6.html#SEC32 - libipsec_la_LDFLAGS = -version-info 0:1:0 --libipsec_la_LIBADD = $(LEXLIB) - - noinst_HEADERS = ipsec_strerror.h - -diff --git a/src/racoon/Makefile.am b/src/racoon/Makefile.am -index dbaded9..0662957 100644 ---- a/src/racoon/Makefile.am -+++ b/src/racoon/Makefile.am -@@ -38,7 +38,7 @@ racoon_SOURCES = \ - cftoken.l cfparse.y prsa_tok.l prsa_par.y - EXTRA_racoon_SOURCES = isakmp_xauth.c isakmp_cfg.c isakmp_unity.c throttle.c \ - isakmp_frag.c nattraversal.c security.c $(MISSING_ALGOS) --racoon_LDADD = $(CRYPTOBJS) $(HYBRID_OBJS) $(NATT_OBJS) $(FRAG_OBJS) $(LEXLIB) \ -+racoon_LDADD = $(CRYPTOBJS) $(HYBRID_OBJS) $(NATT_OBJS) $(FRAG_OBJS) \ - $(SECCTX_OBJS) vmbuf.o sockmisc.o misc.o ../libipsec/libipsec.la - racoon_DEPENDENCIES = \ - $(CRYPTOBJS) $(HYBRID_OBJS) $(NATT_OBJS) $(FRAG_OBJS) $(SECCTX_OBJS) \ -diff --git a/src/racoon/cftoken.l b/src/racoon/cftoken.l -index 490242c..1701922 100644 ---- a/src/racoon/cftoken.l -+++ b/src/racoon/cftoken.l -@@ -106,6 +106,8 @@ static int incstackp = 0; - static int yy_first_time = 1; - %} - -+%option noyywrap -+ - /* common seciton */ - nl \n - ws [ \t]+ -diff --git a/src/setkey/Makefile.am b/src/setkey/Makefile.am -index 746c1f1..389e6cf 100644 ---- a/src/setkey/Makefile.am -+++ b/src/setkey/Makefile.am -@@ -13,7 +13,6 @@ setkey_SOURCES = \ - - setkey_LDFLAGS = ../libipsec/libipsec.la - setkey_DEPENDENCIES = ../libipsec/libipsec.la --setkey_LDADD = $(LEXLIB) - - noinst_HEADERS = vchar.h extern.h - man8_MANS = setkey.8 -diff --git a/src/setkey/token.l b/src/setkey/token.l -index ad3d843..eb23b76 100644 ---- a/src/setkey/token.l -+++ b/src/setkey/token.l -@@ -88,6 +88,8 @@ - #endif - %} - -+%option noyywrap -+ - /* common section */ - nl \n - ws [ \t]+ --- -1.9.0 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0002-cfparse-clear-memory-equal-to-size-of-array.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0002-cfparse-clear-memory-equal-to-size-of-array.patch deleted file mode 100644 index e9dd84aaa..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0002-cfparse-clear-memory-equal-to-size-of-array.patch +++ /dev/null @@ -1,30 +0,0 @@ -From a5c59f6a1479947d33dba5191724cc5fc88a614b Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sat, 22 Apr 2017 10:39:57 -0700 -Subject: [PATCH 2/2] cfparse: clear memory equal to size of array - -Fixes compiler error -cfparse.y: In function 'set_isakmp_proposal': -cfparse.y:2567:3: error: 'memset' used with length equal to number of elements without multiplication by element size [-Werror=memset-elt-size] - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/racoon/cfparse.y | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/racoon/cfparse.y b/src/racoon/cfparse.y -index 0d9bd67..5d9c67b 100644 ---- a/src/racoon/cfparse.y -+++ b/src/racoon/cfparse.y -@@ -2564,7 +2564,7 @@ set_isakmp_proposal(rmconf) - plog(LLV_DEBUG2, LOCATION, NULL, - "encklen=%d\n", s->encklen); - -- memset(types, 0, ARRAYLEN(types)); -+ memset(types, 0, sizeof(types)); - types[algclass_isakmp_enc] = s->algclass[algclass_isakmp_enc]; - types[algclass_isakmp_hash] = s->algclass[algclass_isakmp_hash]; - types[algclass_isakmp_dh] = s->algclass[algclass_isakmp_dh]; --- -2.12.2 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/configure.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/configure.patch deleted file mode 100644 index 8d270a62b..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/configure.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: ipsec-tools-0.8.1/configure.ac -=================================================================== ---- ipsec-tools-0.8.1.orig/configure.ac 2013-01-08 12:43:29.000000000 +0000 -+++ ipsec-tools-0.8.1/configure.ac 2014-07-18 07:51:30.045555880 +0000 -@@ -6,7 +6,7 @@ - AC_CONFIG_SRCDIR([configure.ac]) - AC_CONFIG_HEADERS(config.h) - --AM_INIT_AUTOMAKE(dist-bzip2) -+AM_INIT_AUTOMAKE([foreign dist-bzip2]) - - AC_ENABLE_SHARED(no) - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch deleted file mode 100644 index 7e033af5e..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch +++ /dev/null @@ -1,38 +0,0 @@ -[PATCH] fix CVE-2015-4047 - -Upstream-Status: Backport - -CVE: CVE-2015-4047 - -http://www.openwall.com/lists/oss-security/2015/05/20/1 - -racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause -a denial of service (NULL pointer dereference and IKE daemon crash) via -a series of crafted UDP requests. - -https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047 - -Signed-off-by: Roy Li <rongqing.li@windriver.com> ---- - src/racoon/gssapi.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/src/racoon/gssapi.c b/src/racoon/gssapi.c -index e64b201..1ad3b42 100644 ---- a/src/racoon/gssapi.c -+++ b/src/racoon/gssapi.c -@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1) - gss_name_t princ, canon_princ; - OM_uint32 maj_stat, min_stat; - -+ if (iph1->rmconf == NULL) { -+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n"); -+ return -1; -+ } -+ - gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n"); --- -1.9.1 - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2016-10396.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2016-10396.patch deleted file mode 100644 index fec4804c0..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2016-10396.patch +++ /dev/null @@ -1,207 +0,0 @@ -Upstream-Status: Backport [https://anonscm.debian.org/cgit/pkg-ipsec-tools/pkg-ipsec-tools.git/plain/debian/patches/CVE-2016-10396.patch?id=62ac12648a4eb7c5ba5dba0f81998d1acf310d8b] - -CVE: CVE-2016-10396 - -Signed-off-by: Kai Kang <kai.kang@windriver.com> ---- -Description: Fix remotely exploitable DoS. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396 -Source: vendor; https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682 -Bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867986 - -Index: pkg-ipsec-tools/src/racoon/isakmp_frag.c -=================================================================== ---- pkg-ipsec-tools.orig/src/racoon/isakmp_frag.c -+++ pkg-ipsec-tools/src/racoon/isakmp_frag.c -@@ -1,4 +1,4 @@ --/* $NetBSD: isakmp_frag.c,v 1.5 2009/04/22 11:24:20 tteras Exp $ */ -+/* $NetBSD: isakmp_frag.c,v 1.5.36.1 2017/04/21 16:50:42 bouyer Exp $ */ - - /* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */ - -@@ -173,6 +173,43 @@ vendorid_frag_cap(gen) - return ntohl(hp[MD5_DIGEST_LENGTH / sizeof(*hp)]); - } - -+static int -+isakmp_frag_insert(struct ph1handle *iph1, struct isakmp_frag_item *item) -+{ -+ struct isakmp_frag_item *pitem = NULL; -+ struct isakmp_frag_item *citem = iph1->frag_chain; -+ -+ /* no frag yet, just insert at beginning of list */ -+ if (iph1->frag_chain == NULL) { -+ iph1->frag_chain = item; -+ return 0; -+ } -+ -+ do { -+ /* duplicate fragment number, abort (CVE-2016-10396) */ -+ if (citem->frag_num == item->frag_num) -+ return -1; -+ -+ /* need to insert before current item */ -+ if (citem->frag_num > item->frag_num) { -+ if (pitem != NULL) -+ pitem->frag_next = item; -+ else -+ /* insert at the beginning of the list */ -+ iph1->frag_chain = item; -+ item->frag_next = citem; -+ return 0; -+ } -+ -+ pitem = citem; -+ citem = citem->frag_next; -+ } while (citem != NULL); -+ -+ /* we reached the end of the list, insert */ -+ pitem->frag_next = item; -+ return 0; -+} -+ - int - isakmp_frag_extract(iph1, msg) - struct ph1handle *iph1; -@@ -224,39 +261,43 @@ isakmp_frag_extract(iph1, msg) - item->frag_next = NULL; - item->frag_packet = buf; - -- /* Look for the last frag while inserting the new item in the chain */ -- if (item->frag_last) -- last_frag = item->frag_num; -+ /* Check for the last frag before inserting the new item in the chain */ -+ if (item->frag_last) { -+ /* if we have the last fragment, indices must match */ -+ if (iph1->frag_last_index != 0 && -+ item->frag_last != iph1->frag_last_index) { -+ plog(LLV_ERROR, LOCATION, NULL, -+ "Repeated last fragment index mismatch\n"); -+ racoon_free(item); -+ vfree(buf); -+ return -1; -+ } - -- if (iph1->frag_chain == NULL) { -- iph1->frag_chain = item; -- } else { -- struct isakmp_frag_item *current; -+ last_frag = iph1->frag_last_index = item->frag_num; -+ } - -- current = iph1->frag_chain; -- while (current->frag_next) { -- if (current->frag_last) -- last_frag = item->frag_num; -- current = current->frag_next; -- } -- current->frag_next = item; -+ /* insert fragment into chain */ -+ if (isakmp_frag_insert(iph1, item) == -1) { -+ plog(LLV_ERROR, LOCATION, NULL, -+ "Repeated fragment index mismatch\n"); -+ racoon_free(item); -+ vfree(buf); -+ return -1; - } - -- /* If we saw the last frag, check if the chain is complete */ -+ /* If we saw the last frag, check if the chain is complete -+ * we have a sorted list now, so just walk through */ - if (last_frag != 0) { -+ item = iph1->frag_chain; - for (i = 1; i <= last_frag; i++) { -- item = iph1->frag_chain; -- do { -- if (item->frag_num == i) -- break; -- item = item->frag_next; -- } while (item != NULL); -- -+ if (item->frag_num != i) -+ break; -+ item = item->frag_next; - if (item == NULL) /* Not found */ - break; - } - -- if (item != NULL) /* It is complete */ -+ if (i > last_frag) /* It is complete */ - return 1; - } - -@@ -291,15 +332,9 @@ isakmp_frag_reassembly(iph1) - } - data = buf->v; - -+ item = iph1->frag_chain; - for (i = 1; i <= frag_count; i++) { -- item = iph1->frag_chain; -- do { -- if (item->frag_num == i) -- break; -- item = item->frag_next; -- } while (item != NULL); -- -- if (item == NULL) { -+ if (item->frag_num != i) { - plog(LLV_ERROR, LOCATION, NULL, - "Missing fragment #%d\n", i); - vfree(buf); -@@ -308,6 +343,7 @@ isakmp_frag_reassembly(iph1) - } - memcpy(data, item->frag_packet->v, item->frag_packet->l); - data += item->frag_packet->l; -+ item = item->frag_next; - } - - out: -Index: pkg-ipsec-tools/src/racoon/isakmp_inf.c -=================================================================== ---- pkg-ipsec-tools.orig/src/racoon/isakmp_inf.c -+++ pkg-ipsec-tools/src/racoon/isakmp_inf.c -@@ -720,6 +720,7 @@ isakmp_info_send_nx(isakmp, remote, loca - #endif - #ifdef ENABLE_FRAG - iph1->frag = 0; -+ iph1->frag_last_index = 0; - iph1->frag_chain = NULL; - #endif - -Index: pkg-ipsec-tools/src/racoon/isakmp.c -=================================================================== ---- pkg-ipsec-tools.orig/src/racoon/isakmp.c -+++ pkg-ipsec-tools/src/racoon/isakmp.c -@@ -1072,6 +1072,7 @@ isakmp_ph1begin_i(rmconf, remote, local) - iph1->frag = 1; - else - iph1->frag = 0; -+ iph1->frag_last_index = 0; - iph1->frag_chain = NULL; - #endif - iph1->approval = NULL; -@@ -1176,6 +1177,7 @@ isakmp_ph1begin_r(msg, remote, local, et - #endif - #ifdef ENABLE_FRAG - iph1->frag = 0; -+ iph1->frag_last_index = 0; - iph1->frag_chain = NULL; - #endif - iph1->approval = NULL; -Index: pkg-ipsec-tools/src/racoon/handler.h -=================================================================== ---- pkg-ipsec-tools.orig/src/racoon/handler.h -+++ pkg-ipsec-tools/src/racoon/handler.h -@@ -1,4 +1,4 @@ --/* $NetBSD: handler.h,v 1.25 2010/11/17 10:40:41 tteras Exp $ */ -+/* $NetBSD: handler.h,v 1.26 2017/01/24 19:23:56 christos Exp $ */ - - /* Id: handler.h,v 1.19 2006/02/25 08:25:12 manubsd Exp */ - -@@ -141,6 +141,7 @@ struct ph1handle { - #endif - #ifdef ENABLE_FRAG - int frag; /* IKE phase 1 fragmentation */ -+ int frag_last_index; - struct isakmp_frag_item *frag_chain; /* Received fragments */ - #endif - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/glibc-2.20.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/glibc-2.20.patch deleted file mode 100644 index 36efc4917..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/glibc-2.20.patch +++ /dev/null @@ -1,23 +0,0 @@ -squahes below warning - warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" - -Seen with glibc 2.20 - -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Upstream-Status: Pending -Index: ipsec-tools-0.8.2/src/include-glibc/glibc-bugs.h -=================================================================== ---- ipsec-tools-0.8.2.orig/src/include-glibc/glibc-bugs.h 2006-09-09 09:22:08.000000000 -0700 -+++ ipsec-tools-0.8.2/src/include-glibc/glibc-bugs.h 2014-09-03 22:27:22.551563888 -0700 -@@ -4,7 +4,11 @@ - #define __GLIBC_BUGS_H__ 1 - - #define _XOPEN_SOURCE 500 -+/* Legacy feature macro.*/ - #define _BSD_SOURCE -+/* New feature macro that provides everything _BSD_SOURCE and -+ * _SVID_SOURCE provided and possibly more. */ -+#define _DEFAULT_SOURCE - - #include <features.h> - #include <sys/types.h> diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-Resend-UPDATE-message-when-received-EINTR-message.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-Resend-UPDATE-message-when-received-EINTR-message.patch deleted file mode 100644 index e82db087c..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-Resend-UPDATE-message-when-received-EINTR-message.patch +++ /dev/null @@ -1,220 +0,0 @@ -racoon: Resend UPDATE message when received EINTR message - -Upstream-Status: Pending - -While kernel is processing the UPDATE message which is sent from racoon, -it maybe interrupted by system signal and if this case happens, -kernel responds with an EINTR message to racoon and kernel fails to -establish the corresponding SA. -Fix this problem by resend the UPDATE message when EINTR(Interrupted -system call) error happens. - -Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> ---- ---- a/src/libipsec/libpfkey.h -+++ b/src/libipsec/libpfkey.h -@@ -92,6 +92,12 @@ - u_int16_t ctxstrlen; /* length of security context string */ - }; - -+struct update_msg_info { -+ struct sadb_msg *update_msg; -+ int so; -+ int len; -+}; -+ - /* The options built into libipsec */ - extern int libipsec_opt; - #define LIBIPSEC_OPT_NATT 0x01 ---- a/src/libipsec/pfkey.c -+++ b/src/libipsec/pfkey.c -@@ -1219,7 +1219,8 @@ - } - #endif - -- -+struct update_msg_info update_msg_send = {NULL, 0, 0}; -+ - /* sending SADB_ADD or SADB_UPDATE message to the kernel */ - static int - pfkey_send_x1(struct pfkey_send_sa_args *sa_parms) -@@ -1483,10 +1484,24 @@ - - /* send message */ - len = pfkey_send(sa_parms->so, newmsg, len); -- free(newmsg); - -- if (len < 0) -- return -1; -+ if (newmsg->sadb_msg_type == SADB_UPDATE) { -+ if (update_msg_send.update_msg) -+ free(update_msg_send.update_msg); -+ update_msg_send.update_msg = newmsg; -+ update_msg_send.so = sa_parms->so; -+ update_msg_send.len = len; -+ -+ if (len < 0) { -+ free(update_msg_send.update_msg); -+ update_msg_send.update_msg = NULL; -+ return -1; -+ } -+ } else { -+ free(newmsg); -+ if (len < 0) -+ return -1; -+ } - - __ipsec_errcode = EIPSEC_NO_ERROR; - return len; ---- a/src/racoon/session.c -+++ b/src/racoon/session.c -@@ -100,6 +100,8 @@ - - #include "sainfo.h" - -+extern struct update_msg_info update_msg_send; -+ - struct fd_monitor { - int (*callback)(void *ctx, int fd); - void *ctx; -@@ -348,6 +350,11 @@ - close_sockets(); - backupsa_clean(); - -+ if (update_msg_send.update_msg) { -+ free(update_msg_send.update_msg); -+ update_msg_send.update_msg = NULL; -+ } -+ - plog(LLV_INFO, LOCATION, NULL, "racoon process %d shutdown\n", getpid()); - - exit(0); ---- a/src/racoon/pfkey.c -+++ b/src/racoon/pfkey.c -@@ -103,10 +103,12 @@ - #include "crypto_openssl.h" - #include "grabmyaddr.h" -+#include "../libipsec/libpfkey.h" - - #if defined(SADB_X_EALG_RIJNDAELCBC) && !defined(SADB_X_EALG_AESCBC) - #define SADB_X_EALG_AESCBC SADB_X_EALG_RIJNDAELCBC - #endif - -+extern struct update_msg_info update_msg_send; - /* prototype */ - static u_int ipsecdoi2pfkey_aalg __P((u_int)); - static u_int ipsecdoi2pfkey_ealg __P((u_int)); -@@ -253,6 +255,13 @@ - s_pfkey_type(msg->sadb_msg_type), - strerror(msg->sadb_msg_errno)); - -+ if (msg->sadb_msg_errno == EINTR && -+ update_msg_send.update_msg) { -+ plog(LLV_DEBUG, LOCATION, NULL, -+ "pfkey update resend\n"); -+ send(update_msg_send.so, (void *)update_msg_send.update_msg, (socklen_t)update_msg_send.len, 0); -+ } -+ - goto end; - } - -@@ -498,6 +507,11 @@ - { - flushsp(); - -+ if (update_msg_send.update_msg) { -+ free(update_msg_send.update_msg); -+ update_msg_send.update_msg = NULL; -+ } -+ - if (pfkey_send_spddump(lcconf->sock_pfkey) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "libipsec sending spddump failed: %s\n", -@@ -1295,6 +1309,8 @@ - return 0; - } - -+int update_received = 0; -+ - static int - pk_recvupdate(mhp) - caddr_t *mhp; -@@ -1307,6 +1323,13 @@ - int incomplete = 0; - struct saproto *pr; - -+ update_received = 1; -+ -+ if (update_msg_send.update_msg) { -+ free(update_msg_send.update_msg); -+ update_msg_send.update_msg = NULL; -+ } -+ - /* ignore this message because of local test mode. */ - if (f_local) - return 0; -@@ -4163,3 +4186,8 @@ - - return buf; - } -+ -+int receive_from_isakmp() -+{ -+ return pfkey_handler(NULL, lcconf->sock_pfkey); -+} ---- a/src/racoon/pfkey.h -+++ b/src/racoon/pfkey.h -@@ -71,5 +71,6 @@ - extern u_int32_t pk_getseq __P((void)); - extern const char *sadbsecas2str - __P((struct sockaddr *, struct sockaddr *, int, u_int32_t, int)); -+extern int receive_from_isakmp __P((void)); - - #endif /* _PFKEY_H */ ---- a/src/racoon/isakmp_quick.c -+++ b/src/racoon/isakmp_quick.c -@@ -774,6 +774,8 @@ - return error; - } - -+extern int update_received; -+ - /* - * send to responder - * HDR*, HASH(3) -@@ -892,6 +894,11 @@ - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey update sent.\n"); - -+ while (!update_received) -+ receive_from_isakmp(); -+ -+ update_received = 0; -+ - /* Do ADD for responder */ - if (pk_sendadd(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey add failed.\n"); -@@ -1035,6 +1042,11 @@ - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey update sent.\n"); - -+ while (!update_received) -+ receive_from_isakmp(); -+ -+ update_received = 0; -+ - /* Do ADD for responder */ - if (pk_sendadd(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey add failed.\n"); -@@ -1989,6 +2001,11 @@ - } - plog(LLV_DEBUG, LOCATION, NULL, "pfkey update sent.\n"); - -+ while (!update_received) -+ receive_from_isakmp(); -+ -+ update_received = 0; -+ - /* Do ADD for responder */ - if (pk_sendadd(iph2) < 0) { - plog(LLV_ERROR, LOCATION, NULL, "pfkey add failed.\n"); diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch deleted file mode 100644 index e272bc20f..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch +++ /dev/null @@ -1,26 +0,0 @@ -Subject: [PATCH] ipsec-tools: racoon: check several invalid ivm - -Upstream-Status: Pending - -Add checking for invalid ivm, or it will crash racoon. - -Signed-off-by: Ming Liu <ming.liu@windriver.com> ---- - isakmp_cfg.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff -urpN a/src/racoon/isakmp_cfg.c b/src/racoon/isakmp_cfg.c ---- a/src/racoon/isakmp_cfg.c -+++ b/src/racoon/isakmp_cfg.c -@@ -171,6 +171,11 @@ isakmp_cfg_r(iph1, msg) - iph1->mode_cfg->last_msgid != packet->msgid ) - iph1->mode_cfg->ivm = - isakmp_cfg_newiv(iph1, packet->msgid); -+ if(iph1->mode_cfg->ivm == NULL) { -+ plog(LLV_ERROR, LOCATION, NULL, -+ "failed to create new IV\n"); -+ return; -+ } - ivm = iph1->mode_cfg->ivm; - - dmsg = oakley_do_decrypt(iph1, msg, ivm->iv, ivm->ive); diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-pointers.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-pointers.patch deleted file mode 100644 index de1bdb407..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-pointers.patch +++ /dev/null @@ -1,61 +0,0 @@ -Subject: [PATCH] ipsec-tools: racoon: check several invalid pointers - -Upstream-Status: Pending - -Add checking for invalid pointers, or it will crash racoon. - -Signed-off-by: Ming Liu <ming.liu@windriver.com> ---- - ipsec_doi.c | 5 +++-- - isakmp_cfg.c | 7 +++++++ - isakmp_quick.c | 6 ++++-- - 3 files changed, 14 insertions(+), 4 deletions(-) - -diff -urpN a/src/racoon/ipsec_doi.c b/src/racoon/ipsec_doi.c ---- a/src/racoon/ipsec_doi.c -+++ b/src/racoon/ipsec_doi.c -@@ -3374,8 +3374,9 @@ ipsecdoi_chkcmpids( idt, ids, exact ) - - /* handle wildcard IDs */ - -- if (idt == NULL || ids == NULL) -- { -+ if (idt == NULL || ids == NULL || -+ idt->v == NULL || idt->l == 0 || -+ ids->v == NULL || ids->l == 0) { - if( !exact ) - { - plog(LLV_DEBUG, LOCATION, NULL, -diff -urpN a/src/racoon/isakmp_cfg.c b/src/racoon/isakmp_cfg.c ---- a/src/racoon/isakmp_cfg.c -+++ b/src/racoon/isakmp_cfg.c -@@ -1138,6 +1138,13 @@ isakmp_cfg_newiv(iph1, msgid) - return NULL; - } - -+ if (iph1->ivm == NULL || iph1->ivm->iv == NULL || -+ iph1->ivm->iv->v == NULL || iph1->ivm->iv->l == 0) { -+ plog(LLV_ERROR, LOCATION, NULL, -+ "isakmp_cfg_newiv called with invalid IV management\n"); -+ return NULL; -+ } -+ - if (ics->ivm != NULL) - oakley_delivm(ics->ivm); - -diff -urpN a/src/racoon/isakmp_quick.c b/src/racoon/isakmp_quick.c ---- a/src/racoon/isakmp_quick.c -+++ b/src/racoon/isakmp_quick.c -@@ -2243,8 +2243,10 @@ get_proposal_r(iph2) - int error = ISAKMP_INTERNAL_ERROR; - - /* check the existence of ID payload */ -- if ((iph2->id_p != NULL && iph2->id == NULL) -- || (iph2->id_p == NULL && iph2->id != NULL)) { -+ if ((iph2->id_p != NULL && -+ (iph2->id == NULL || iph2->id->v == NULL || iph2->id->l == 0)) || -+ (iph2->id != NULL && -+ (iph2->id_p == NULL || iph2->id_p->v == NULL || iph2->id_p->l == 0))) { - plog(LLV_ERROR, LOCATION, NULL, - "Both IDs wasn't found in payload.\n"); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf deleted file mode 100644 index 6b507508b..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf +++ /dev/null @@ -1,8 +0,0 @@ -# Defaults for racoon service -# sourced by racoon.service -# installed at /etc/default/racoon by the maintainer scripts -# -# This is a POSIX shell fragment -# -# Arguments to pass to racoon -RACOON_ARGS="" diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf.sample b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf.sample deleted file mode 100644 index 2948a4a35..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf.sample +++ /dev/null @@ -1,40 +0,0 @@ -# -# NOTE: This file will not be used if you use racoon-tool(8) to manage your -# IPsec connections. racoon-tool will process racoon-tool.conf(5) and -# generate a configuration (/var/lib/racoon/racoon.conf) and use it, instead -# of this file. -# -# Simple racoon.conf -# -# -# Please look in /usr/share/doc/racoon/examples for -# examples that come with the source. -# -# Please read racoon.conf(5) for details, and alsoread setkey(8). -# -# -# Also read the Linux IPSEC Howto up at -# http://www.ipsec-howto.org/t1.html -# -log notify; -path pre_shared_key "/etc/racoon/psk.txt"; -path certificate "/etc/racoon/certs"; - -#remote 172.31.1.1 { -# exchange_mode main,aggressive; -# proposal { -# encryption_algorithm 3des; -# hash_algorithm sha1; -# authentication_method pre_shared_key; -# dh_group modp1024; -# } -# generate_policy off; -#} -# -#sainfo address 192.168.203.10[any] any address 192.168.22.0/24[any] any { -# pfs_group modp768; -# encryption_algorithm 3des; -# authentication_algorithm hmac_md5; -# compression_algorithm deflate; -#} - diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.service b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.service deleted file mode 100644 index a10e77027..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Racoon IKEv1 key management daemon for IPSEC -After=syslog.target network.target - -[Service] -Type=forking -EnvironmentFile=-@SYSCONFDIR@/default/racoon -ExecStart=@SBINDIR@/racoon $RACOON_ARGS - -[Install] -WantedBy=multi-user.target diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb deleted file mode 100644 index a6d473b59..000000000 --- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb +++ /dev/null @@ -1,98 +0,0 @@ -DESCRIPTION = "IPsec-Tools is a port of KAME's IPsec utilities to the \ -Linux-2.6 IPsec implementation." -HOMEPAGE = "http://ipsec-tools.sourceforge.net/" -SECTION = "net" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://src/libipsec/pfkey.c;beginline=6;endline=31;md5=bc9b7ff40beff19fe6bc6aef26bd2b24" - -DEPENDS = "virtual/kernel openssl readline flex-native bison-native" - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -SRC_URI = "http://ftp.netbsd.org/pub/NetBSD/misc/ipsec-tools/0.8/ipsec-tools-${PV}.tar.bz2 \ - file://0002-Don-t-link-against-libfl.patch \ - file://configure.patch \ - file://0001-racoon-pfkey-avoid-potential-null-pointer-dereferenc.patch \ - file://racoon-check-invalid-pointers.patch \ - file://racoon-check-invalid-ivm.patch \ - file://glibc-2.20.patch \ - file://racoon-Resend-UPDATE-message-when-received-EINTR-message.patch \ - file://racoon.conf.sample \ - file://racoon.conf \ - file://racoon.service \ - file://fix-CVE-2015-4047.patch \ - file://0001-Fix-build-with-clang.patch \ - file://0001-Fix-header-issues-found-with-musl-libc.patch \ - file://0002-cfparse-clear-memory-equal-to-size-of-array.patch \ - file://fix-CVE-2016-10396.patch \ - file://0001-Disable-gcc8-specific-warnings.patch \ - file://0001-ipsec-tools-add-openssl-1.1-support.patch \ - " -SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41" -SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d" - -inherit autotools systemd - -# Options: -# --enable-adminport enable admin port -# --enable-rc5 enable RC5 encryption (patented) -# --enable-idea enable IDEA encryption (patented) -# --enable-gssapi enable GSS-API authentication -# --enable-hybrid enable hybrid, both mode-cfg and xauth support -# --enable-frag enable IKE fragmentation payload support -# --enable-stats enable statistics logging function -# --enable-dpd enable dead peer detection -# --enable-samode-unspec enable to use unspecified a mode of SA -# --disable-ipv6 disable ipv6 support -# --enable-natt enable NAT-Traversal (yes/no/kernel) -# --enable-natt-versions=list list of supported NAT-T versions delimited by coma. -# --with-kernel-headers=/lib/modules/<uname>/build/include -# where your Linux Kernel headers are installed -# --with-readline support readline input (yes by default) -# --with-flex use directiory (default: no) -# --with-flexlib=<LIB> specify flex library. -# --with-openssl=DIR specify OpenSSL directory -# --with-libradius=DIR specify libradius path (like/usr/pkg) -# --with-libpam=DIR specify libpam path (like/usr/pkg) -# -# Note: if you give it the actual kernel headers it won't build, it actually -# needs to point at the linux-libc-headers version of the kernel headers. -# -EXTRA_OECONF = "--with-kernel-headers=${STAGING_INCDIR} \ - --with-readline \ - --with-openssl=${STAGING_LIBDIR}/.. \ - --without-libradius \ - --disable-security-context \ - --enable-shared \ - --enable-dpd \ - --enable-natt=yes \ - --sysconfdir=${sysconfdir}/racoon \ - ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '--enable-ipv6=yes', '', d)}" - -# See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530527 -CFLAGS += "-fno-strict-aliasing" - -PACKAGECONFIG ??= "" -PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam," -PACKAGECONFIG[selinux] = "--enable-security-context,--disable-security-context,libselinux," - -SYSTEMD_SERVICE_${PN} = "racoon.service" - -do_install_append() { - install -d ${D}${sysconfdir}/racoon - install -m 0644 ${WORKDIR}/racoon.conf.sample ${D}${sysconfdir}/racoon/racoon.conf - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/racoon.service ${D}${systemd_unitdir}/system - - sed -i -e 's#@SYSCONFDIR@#${sysconfdir}#g' ${D}${systemd_unitdir}/system/racoon.service - sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/racoon.service - - install -d ${D}${sysconfdir}/default/ - install -m 0644 ${WORKDIR}/racoon.conf ${D}${sysconfdir}/default/racoon - fi -} - -FILES_${PN} += "${sysconfdir}/racoon/racoon.conf \ - ${sysconfdir}/default/racoon" diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb index 3c7e5455e..f3608c6ab 100644 --- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb @@ -5,6 +5,8 @@ LICENSE = "LGPL-3.0+ & LGPL-2.1+ & GPL-3.0+" DEPENDS += "libtdb libtalloc libtevent popt" RDEPENDS_pyldb += "python samba" +RCONFLICTS_${PN} = "samba" +RCONFLICTS_pyldb = "samba-python" SRC_URI = "http://samba.org/ftp/ldb/ldb-${PV}.tar.gz \ file://do-not-import-target-module-while-cross-compile.patch \ diff --git a/meta-openembedded/meta-networking/recipes-support/mtr/mtr_0.87.bb b/meta-openembedded/meta-networking/recipes-support/mtr/mtr_0.92.bb index 9d3275e2d..2bc7d9787 100644 --- a/meta-openembedded/meta-networking/recipes-support/mtr/mtr_0.87.bb +++ b/meta-openembedded/meta-networking/recipes-support/mtr/mtr_0.92.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ PV .= "+git${SRCPV}" -SRCREV = "e6d0a7e93129e8023654ebf58dfa8135d1b1af56" +SRCREV = "6cddfc6e8f0e20af4af218b545f83d43b3f9a387" SRC_URI = "git://github.com/traviscross/mtr" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.17.bb b/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.19.bb index 356023681..a6da18ea7 100644 --- a/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.17.bb +++ b/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.19.bb @@ -7,8 +7,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS = "glib-2.0" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz" -SRC_URI[md5sum] = "98b74c655ed94a66686c5ba19480d98e" -SRC_URI[sha256sum] = "d95c6bb1a3ab33b953af99b73fb4833e123bd25433513b32d57dbeb1a0a0d189" +SRC_URI[md5sum] = "162da84302abb5b9be06143c7943a642" +SRC_URI[sha256sum] = "b4466412f13e057659f25d35e1e8e181afd62c7179bff22a6add81445ecb8690" inherit autotools pkgconfig diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/do-not-install-pyc-and-pyo.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/do-not-install-pyc-and-pyo.patch deleted file mode 100644 index d4e02be45..000000000 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/do-not-install-pyc-and-pyo.patch +++ /dev/null @@ -1,25 +0,0 @@ -Do not install pyc and pyo for python module - -Upstream-Status: Inappropriate [embedded specific] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - swig/python/Makefile.am | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/swig/python/Makefile.am b/swig/python/Makefile.am -index da95a81..97a62bf 100644 ---- a/swig/python/Makefile.am -+++ b/swig/python/Makefile.am -@@ -33,8 +33,6 @@ CLEANFILES = OpenIPMI_wrap.c OpenIPMI.py OpenIPMI.pyo OpenIPMI.pyc - install-exec-local: _OpenIPMI.la OpenIPMI.py OpenIPMI.pyc OpenIPMI.pyo - $(INSTALL) -d $(DESTDIR)$(PYTHON_INSTALL_DIR) - $(INSTALL_DATA) OpenIPMI.py "$(DESTDIR)$(PYTHON_INSTALL_DIR)" -- $(INSTALL_DATA) OpenIPMI.pyc "$(DESTDIR)$(PYTHON_INSTALL_DIR)" -- $(INSTALL_DATA) OpenIPMI.pyo "$(DESTDIR)$(PYTHON_INSTALL_DIR)" - if test "x$(PYTHON_GUI_DIR)" = "xopenipmigui"; then \ - $(INSTALL) -d $(DESTDIR)$(bindir); \ - $(INSTALL_SCRIPT) $(srcdir)/openipmigui.py "$(DESTDIR)$(bindir)/openipmigui";\ --- -1.9.1 - diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/fix-symlink-install-error-in-cmdlang.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/fix-symlink-install-error-in-cmdlang.patch index 449142fcf..243488424 100644 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/fix-symlink-install-error-in-cmdlang.patch +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/files/fix-symlink-install-error-in-cmdlang.patch @@ -1,18 +1,23 @@ -Author: Aws Ismail <aws.ismail@windriver.com> -Date: Thu Jun 7 16:00:13 2012 -0400 +From 7854c60c92243adb14ea89e16fc226d2e47dd4f9 Mon Sep 17 00:00:00 2001 +From: Aws Ismail <aws.ismail@windriver.com> +Date: Thu, 7 Jun 2012 16:00:13 -0400 +Subject: [PATCH] Fix symlink install error in cmdlang - This patch fixes the error during the install stage when - creating a symbolic link for opeipmish in openipmi/cmdlang - - Upstream-Status: Pending - - Signed-off-by: Aws Ismail <aws.ismail@windriver.com> +This patch fixes the error during the install stage when +creating a symbolic link for opeipmish in openipmi/cmdlang -Index: OpenIPMI-2.0.24/cmdlang/Makefile.am -=================================================================== ---- OpenIPMI-2.0.24.orig/cmdlang/Makefile.am -+++ OpenIPMI-2.0.24/cmdlang/Makefile.am -@@ -35,6 +35,7 @@ openipmish_LDADD = libOpenIPMIcmdlang.l +Upstream-Status: Pending + +Signed-off-by: Aws Ismail <aws.ismail@windriver.com> +--- + cmdlang/Makefile.am | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/cmdlang/Makefile.am b/cmdlang/Makefile.am +index 0ca3827..d9a941f 100644 +--- a/cmdlang/Makefile.am ++++ b/cmdlang/Makefile.am +@@ -35,6 +35,7 @@ openipmish_LDADD = libOpenIPMIcmdlang.la \ # compatability. install-data-local: rm -f $(DESTDIR)$(bindir)/ipmish diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/include_sys_types.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/include_sys_types.patch index 082511a67..61b39995a 100644 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/include_sys_types.patch +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/files/include_sys_types.patch @@ -1,12 +1,25 @@ +From 4f41e090e33a00117a27f0c77b6338fb8b495f37 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 2 Jun 2017 21:58:32 -0700 +Subject: [PATCH] openipmi: Fix build with musl + include sys/types.h for u_int32_t ui.c:340:5: error: unknown type name 'u_int32_t'; did you mean 'uint32_t'? u_int32_t addr; ^~~~~~~~~ -Index: OpenIPMI-2.0.24/ui/ui.c -=================================================================== ---- OpenIPMI-2.0.24.orig/ui/ui.c -+++ OpenIPMI-2.0.24/ui/ui.c + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + ui/ui.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/ui/ui.c b/ui/ui.c +index 529ff22..066d118 100644 +--- a/ui/ui.c ++++ b/ui/ui.c @@ -42,6 +42,7 @@ #include <fcntl.h> #include <time.h> diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/ipmi-init-fix-the-arguments.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/ipmi-init-fix-the-arguments.patch index 51a398ba5..c4559c97b 100644 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/ipmi-init-fix-the-arguments.patch +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/files/ipmi-init-fix-the-arguments.patch @@ -1,3 +1,6 @@ +From 6542ebe7a0d37dee8e9afb856feb8f6c3d334632 Mon Sep 17 00:00:00 2001 +From: Jackie Huang <jackie.huang@windriver.com> +Date: Mon, 29 Dec 2014 18:16:04 +0800 Subject: [PATCH] ipmi-init: fix the arguments The functions success/failure/warning defined in /etc/init.d/functions @@ -12,7 +15,7 @@ Signed-off-by: Jackie Huang <jackie.huang@windriver.com> 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ipmi.init b/ipmi.init -index 2ebcd94..d8161c5 100644 +index ea10b11..aac9f83 100644 --- a/ipmi.init +++ b/ipmi.init @@ -45,17 +45,17 @@ elif [ -r /etc/init.d/functions ]; then @@ -36,6 +39,4 @@ index 2ebcd94..d8161c5 100644 echo ;; *) --- -1.9.1 diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/ipmi_serial_bmc_emu.c-include-readline.h-from-readli.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/ipmi_serial_bmc_emu.c-include-readline.h-from-readli.patch new file mode 100644 index 000000000..e208de8b2 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/files/ipmi_serial_bmc_emu.c-include-readline.h-from-readli.patch @@ -0,0 +1,31 @@ +From bebfb3c24582ec4e45d79c5b52135197bf7373da Mon Sep 17 00:00:00 2001 +From: Yi Zhao <yi.zhao@windriver.com> +Date: Fri, 14 Jun 2019 14:17:34 +0800 +Subject: [PATCH] ipmi_serial_bmc_emu.c: include readline.h from readline + +The libedit had been removed and swithed to readline. +We need to include readline.h from readline rather than editline. + +Upstream-Status: Pending + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + sample/ipmi_serial_bmc_emu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sample/ipmi_serial_bmc_emu.c b/sample/ipmi_serial_bmc_emu.c +index e0ae019..1b8bb9a 100644 +--- a/sample/ipmi_serial_bmc_emu.c ++++ b/sample/ipmi_serial_bmc_emu.c +@@ -42,7 +42,7 @@ + #include <unistd.h> + #include <stdlib.h> + #include <sys/select.h> +-#include <editline/readline.h> ++#include <readline/readline.h> + + #define _GNU_SOURCE + #include <getopt.h> +-- +2.7.4 + diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmi-no-openipmigui-man.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmi-no-openipmigui-man.patch index 1fa68f9ba..858adc50a 100644 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmi-no-openipmigui-man.patch +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmi-no-openipmigui-man.patch @@ -1,16 +1,19 @@ -Author: Aws Ismail <aws.ismail@windriver.com> -Date: Thu Jun 7 12:28:34 2012 -0400 +From a6ffa3939a3ab2ad6a8d277cd8292b7dad6469c6 Mon Sep 17 00:00:00 2001 +From: Aws Ismail <aws.ismail@windriver.com> +Date: Thu, 7 Jun 2012 12:28:34 -0400 +Subject: [PATCH] Do not build openipmigui man page - This patch was carried over from WRL4.3 (openipmi v2.0.16) - - It was updated for openipmi v2.0.19 - - Disable making openipmigui man page since we don't need it - - Upstream-Status: Pending - - Signed-off-by: Aws Ismail <aws.ismail@windriver.com> - Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +This patch was carried over from WRL4.3 (openipmi v2.0.16) +It was updated for openipmi v2.0.19 +Disable making openipmigui man page since we don't need it + +Upstream-Status: Pending + +Signed-off-by: Aws Ismail <aws.ismail@windriver.com> +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + man/Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/man/Makefile.am b/man/Makefile.am index 632f55b..5ce79f5 100644 diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmi-remove-host-path-from-la_LDFLAGS.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmi-remove-host-path-from-la_LDFLAGS.patch index 83485a9e6..ce37d5eb2 100644 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmi-remove-host-path-from-la_LDFLAGS.patch +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmi-remove-host-path-from-la_LDFLAGS.patch @@ -1,4 +1,4 @@ -From aa0dc0783a6ff5fb56c914b640836223e3c192bb Mon Sep 17 00:00:00 2001 +From 6395659ca6d64b20bf78bb640c2cc523d6c1d9c2 Mon Sep 17 00:00:00 2001 From: Jackie Huang <jackie.huang@windriver.com> Date: Mon, 29 Dec 2014 18:16:04 +0800 Subject: [PATCH] remove host path from la_LDFLAGS @@ -7,17 +7,15 @@ Upstream-Status: Inappropriate [ cross compile specific ] Signed-off-by: Jackie Huang <jackie.huang@windriver.com> --- - cmdlang/Makefile.am | 2 +- - glib/Makefile.am | 4 ++-- - tcl/Makefile.am | 2 +- - unix/Makefile.am | 4 ++-- - 4 files changed, 6 insertions(+), 6 deletions(-) + cmdlang/Makefile.am | 3 +-- + unix/Makefile.am | 6 ++---- + 2 files changed, 3 insertions(+), 6 deletions(-) -Index: OpenIPMI-2.0.24/cmdlang/Makefile.am -=================================================================== ---- OpenIPMI-2.0.24.orig/cmdlang/Makefile.am -+++ OpenIPMI-2.0.24/cmdlang/Makefile.am -@@ -15,8 +15,7 @@ libOpenIPMIcmdlang_la_SOURCES = cmdlang. +diff --git a/cmdlang/Makefile.am b/cmdlang/Makefile.am +index d9a941f..21b9531 100644 +--- a/cmdlang/Makefile.am ++++ b/cmdlang/Makefile.am +@@ -15,8 +15,7 @@ libOpenIPMIcmdlang_la_SOURCES = cmdlang.c cmd_domain.c cmd_entity.c cmd_mc.c \ libOpenIPMIcmdlang_la_LIBADD = -lm \ $(top_builddir)/utils/libOpenIPMIutils.la \ $(top_builddir)/lib/libOpenIPMI.la @@ -27,11 +25,11 @@ Index: OpenIPMI-2.0.24/cmdlang/Makefile.am bin_PROGRAMS = openipmish -Index: OpenIPMI-2.0.24/unix/Makefile.am -=================================================================== ---- OpenIPMI-2.0.24.orig/unix/Makefile.am -+++ OpenIPMI-2.0.24/unix/Makefile.am -@@ -10,14 +10,12 @@ lib_LTLIBRARIES = libOpenIPMIposix.la li +diff --git a/unix/Makefile.am b/unix/Makefile.am +index 5128839..bd0f897 100644 +--- a/unix/Makefile.am ++++ b/unix/Makefile.am +@@ -10,14 +10,12 @@ lib_LTLIBRARIES = libOpenIPMIposix.la libOpenIPMIpthread.la libOpenIPMIpthread_la_SOURCES = posix_thread_os_hnd.c selector.c libOpenIPMIpthread_la_LIBADD = -lpthread $(GDBM_LIB) \ $(top_builddir)/utils/libOpenIPMIutils.la $(RT_LIB) diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch deleted file mode 100644 index 389407590..000000000 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch +++ /dev/null @@ -1,26 +0,0 @@ -openipmi load swig/python/.libs/_OpenIPMI.so to create .pyc and .pyo files. -It fails when multilib is enable: - -| ImportError: .../lib32-openipmi/2.0.25-r0/OpenIPMI-2.0.25/swig/python/.libs/_OpenIPMI.so: wrong ELF class: ELFCLASS32 - -Don't compile and install .pyc and .pyo files to fix the failure. - -Upstream-Status: Inappropriate [OE specific] - -Signed-off-by: Kai Kang <kai.kang@windriver.com> -diff --git a/swig/python/openipmigui/Makefile.am b/swig/python/openipmigui/Makefile.am -index 570e7b9..88258bf 100644 ---- a/swig/python/openipmigui/Makefile.am -+++ b/swig/python/openipmigui/Makefile.am -@@ -34,9 +34,9 @@ localcopy: - fi \ - done - --all-local: localcopy $(PYC_FILES) $(PYO_FILES) -+all-local: localcopy - --install-exec-local: $(EXTRA_DIST) $(PYC_FILES) $(PYO_FILES) -+install-exec-local: $(EXTRA_DIST) - $(INSTALL) -d $(DESTDIR)$(PYTHON_INSTALL_DIR)/openipmigui - $(INSTALL_DATA) $^ $(DESTDIR)$(PYTHON_INSTALL_DIR)/openipmigui - diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.25.bb b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.27.bb index f0426ce36..51cc25689 100644 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.25.bb +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.27.bb @@ -13,6 +13,7 @@ DEPENDS = " \ popt \ python \ swig-native \ + readline \ " LICENSE = "GPLv2 & LGPLv2.1 & BSD" @@ -27,16 +28,16 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/openipmi/OpenIPMI-${PV}.tar.gz \ file://openipmi-no-openipmigui-man.patch \ file://openipmi-remove-host-path-from-la_LDFLAGS.patch \ file://ipmi-init-fix-the-arguments.patch \ - file://do-not-install-pyc-and-pyo.patch \ file://include_sys_types.patch \ - file://openipmigui-not-compile-pyc-pyo.patch \ + file://ipmi_serial_bmc_emu.c-include-readline.h-from-readli.patch \ file://openipmi-helper \ file://ipmi.service \ " S = "${WORKDIR}/OpenIPMI-${PV}" -SRC_URI[md5sum] = "1461ac4d78fc516646fd0a6e605a8b05" -SRC_URI[sha256sum] = "f0f1a0ec732409930b7a31a6daa6cf39b585f52059b62a5f092b7ece21aa75a5" + +SRC_URI[md5sum] = "d525ceaa07df5440674e7e68a6772fe7" +SRC_URI[sha256sum] = "f3b1fafaaec2e2bac32fec5a86941ad8b8cb64543470bd6d819d7b166713d20b" inherit autotools-brokensep pkgconfig pythonnative perlnative update-rc.d systemd cpan-base diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb index 30d0a7675..be9dba32f 100644 --- a/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb @@ -13,9 +13,9 @@ architectures." LICENSE = "BSD" LIC_FILES_CHKSUM = "file://COPYING;md5=b37311cb5604f3e5cc2fb0fd23527e95" -PV = "0.12.13+git${SRCPV}" +PV = "0.14.0+git${SRCPV}" -SRCREV = "87441524f4e7b79658e42bd8f1f6c3e3c8649aa5" +SRCREV = "f72ece993aeaf23f77e2845562b20e5563e52ba0" SRC_URI = " \ git://anongit.freedesktop.org/spice/spice-protocol \ diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch index 505b7c890..e63cbe3b7 100644 --- a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch @@ -14,21 +14,19 @@ Upstream-Status: Pending server/red-client.c | 6 +++--- 2 files changed, 6 insertions(+), 5 deletions(-) -diff --git a/server/red-channel.c b/server/red-channel.c -index 1b38f04d..11dc667b 100644 --- a/server/red-channel.c +++ b/server/red-channel.c -@@ -192,7 +192,7 @@ red_channel_constructed(GObject *object) +@@ -204,7 +204,7 @@ red_channel_constructed(GObject *object) { RedChannel *self = RED_CHANNEL(object); -- red_channel_debug(self, "thread_id 0x%lx", self->priv->thread_id); -+ red_channel_debug(self, "thread_id 0x%lx", (unsigned long)self->priv->thread_id); +- red_channel_debug(self, "thread_id 0x%" G_GSIZE_MODIFIER "x", self->priv->thread_id); ++ red_channel_debug(self, "thread_id 0x%" G_GSIZE_MODIFIER "x", (unsigned long)self->priv->thread_id); RedChannelClass *klass = RED_CHANNEL_GET_CLASS(self); -@@ -475,7 +475,8 @@ void red_channel_remove_client(RedChannel *channel, RedChannelClient *rcc) - red_channel_warning(channel, "channel->thread_id (0x%lx) != pthread_self (0x%lx)." +@@ -479,7 +479,8 @@ void red_channel_remove_client(RedChanne + "pthread_self (0x%" G_GSIZE_MODIFIER "x)." "If one of the threads is != io-thread && != vcpu-thread, " "this might be a BUG", - channel->priv->thread_id, pthread_self()); @@ -37,12 +35,10 @@ index 1b38f04d..11dc667b 100644 } spice_return_if_fail(channel); link = g_list_find(channel->priv->clients, rcc); -diff --git a/server/red-client.c b/server/red-client.c -index ddfc5400..76986640 100644 --- a/server/red-client.c +++ b/server/red-client.c -@@ -180,7 +180,7 @@ void red_client_migrate(RedClient *client) - spice_warning("client->thread_id (0x%lx) != pthread_self (0x%lx)." +@@ -180,7 +180,7 @@ void red_client_migrate(RedClient *clien + "pthread_self (0x%" G_GSIZE_MODIFIER "x)." "If one of the threads is != io-thread && != vcpu-thread," " this might be a BUG", - client->thread_id, pthread_self()); @@ -50,8 +46,8 @@ index ddfc5400..76986640 100644 } FOREACH_CHANNEL_CLIENT(client, rcc) { if (red_channel_client_is_connected(rcc)) { -@@ -199,8 +199,8 @@ void red_client_destroy(RedClient *client) - spice_warning("client->thread_id (0x%lx) != pthread_self (0x%lx)." +@@ -199,8 +199,8 @@ void red_client_destroy(RedClient *clien + "pthread_self (0x%" G_GSIZE_MODIFIER "x)." "If one of the threads is != io-thread && != vcpu-thread," " this might be a BUG", - client->thread_id, @@ -61,6 +57,3 @@ index ddfc5400..76986640 100644 } red_client_set_disconnecting(client); FOREACH_CHANNEL_CLIENT(client, rcc) { --- -2.17.1 - diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Fix-compile-errors-on-Linux-32bit-system.patch b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Fix-compile-errors-on-Linux-32bit-system.patch new file mode 100644 index 000000000..d04bee95f --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Fix-compile-errors-on-Linux-32bit-system.patch @@ -0,0 +1,96 @@ +From a2af005b5d4a62839e56f42a43df793356e78f58 Mon Sep 17 00:00:00 2001 +From: "Hongzhi.Song" <hongzhi.song@windriver.com> +Date: Tue, 4 Jun 2019 03:58:17 -0400 +Subject: [PATCH] Fix compile errors on Linux 32bit system + +There are folowing compile errors on Linux 32bit system: + +red-channel.c:207:73: error: format '%x' expects argument of type +'unsigned int', but argument 7 has type 'long unsigned int' [-Werror=format=] +|207| red_channel_debug(self, "thread_id 0x%" G_GSIZE_MODIFIER "x", + ~~~~~~~~~~~~~~~~~~~~~^ + self->priv->thread_id); + ~~~~~~~~~~~~~~~~~~~~~^ + +On 32bit system, #define G_GSIZE_MODIFIER "". But the type of +'self->priv->thread_id' is 'unsigned long int' which should match '%lx' +not '%x'. + +So we should recovery the <0x%" G_GSIZE_MODIFIER "x"> to <0x%lx">. +And others files modification are similar to G_GSIZE_MODIFIER. + +Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com> +--- +Upstream-Status: Submitted [https://lists.freedesktop.org/archives/spice-devel/2019-June/049285.html] + + server/red-channel.c | 6 +++--- + server/red-client.c | 8 ++++---- + server/red-replay-qxl.c | 2 +- + 3 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/server/red-channel.c b/server/red-channel.c +index f81142d..6a03ec2 100644 +--- a/server/red-channel.c ++++ b/server/red-channel.c +@@ -202,7 +202,7 @@ red_channel_constructed(GObject *object) + { + RedChannel *self = RED_CHANNEL(object); + +- red_channel_debug(self, "thread_id 0x%" G_GSIZE_MODIFIER "x", (unsigned long)self->priv->thread_id); ++ red_channel_debug(self, "thread_id 0x%lx", (unsigned long)self->priv->thread_id); + + RedChannelClass *klass = RED_CHANNEL_GET_CLASS(self); + +@@ -473,8 +473,8 @@ void red_channel_remove_client(RedChannel *channel, RedChannelClient *rcc) + + if (!pthread_equal(pthread_self(), channel->priv->thread_id)) { + red_channel_warning(channel, +- "channel->thread_id (0x%" G_GSIZE_MODIFIER "x) != " +- "pthread_self (0x%" G_GSIZE_MODIFIER "x)." ++ "channel->thread_id (0x%lx) != " ++ "pthread_self (0x%lx)." + "If one of the threads is != io-thread && != vcpu-thread, " + "this might be a BUG", + (unsigned long)channel->priv->thread_id, +diff --git a/server/red-client.c b/server/red-client.c +index 2b859cb..ff4da2a 100644 +--- a/server/red-client.c ++++ b/server/red-client.c +@@ -174,8 +174,8 @@ void red_client_migrate(RedClient *client) + RedChannel *channel; + + if (!pthread_equal(pthread_self(), client->thread_id)) { +- spice_warning("client->thread_id (0x%" G_GSIZE_MODIFIER "x) != " +- "pthread_self (0x%" G_GSIZE_MODIFIER "x)." ++ spice_warning("client->thread_id (0x%lx) != " ++ "pthread_self (0x%lx)." + "If one of the threads is != io-thread && != vcpu-thread," + " this might be a BUG", + (unsigned long)client->thread_id, (unsigned long)pthread_self()); +@@ -193,8 +193,8 @@ void red_client_destroy(RedClient *client) + RedChannelClient *rcc; + + if (!pthread_equal(pthread_self(), client->thread_id)) { +- spice_warning("client->thread_id (0x%" G_GSIZE_MODIFIER "x) != " +- "pthread_self (0x%" G_GSIZE_MODIFIER "x)." ++ spice_warning("client->thread_id (0x%lx) != " ++ "pthread_self (0x%lx)." + "If one of the threads is != io-thread && != vcpu-thread," + " this might be a BUG", + (unsigned long)client->thread_id, +diff --git a/server/red-replay-qxl.c b/server/red-replay-qxl.c +index 6d34818..0deb406 100644 +--- a/server/red-replay-qxl.c ++++ b/server/red-replay-qxl.c +@@ -264,7 +264,7 @@ static replay_t read_binary(SpiceReplay *replay, const char *prefix, size_t *siz + exit(1); + } + if ((ret = inflate(&strm, Z_NO_FLUSH)) != Z_STREAM_END) { +- spice_error("inflate error %d (disc: %" G_GSSIZE_FORMAT ")", ++ spice_error("inflate error %d (disc: %li)", + ret, *size - strm.total_out); + if (ret == Z_DATA_ERROR) { + /* last operation may be wrong. since we do the recording +-- +2.8.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch deleted file mode 100644 index 1f9d5fdd7..000000000 --- a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 7023732c65b4dc509c46a54fb7715da275b5597f Mon Sep 17 00:00:00 2001 -From: Changqing Li <changqing.li@windriver.com> -Date: Thu, 13 Sep 2018 12:39:44 +0800 -Subject: [PATCH] spice: fix compile fail problem - -compile error: -format '%d' expects argument of type 'int', but argument 6 has -type 'long unsigned int' [-Werror=format=] - -spice compile failed on 32bit system, since upstream commit -9541cd2fe(in V0.14.1) change %ld to %PRIdPTR, %PRIdPTR is %d, but argument -strm.total_out is uLong. - -Upstream-Status: Submitted[https://github.com/freedesktop/spice/pull/1] - -Signed-off-by: Changqing Li <changqing.li@windriver.com> ---- - server/red-replay-qxl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/server/red-replay-qxl.c b/server/red-replay-qxl.c -index 1fce76c..bd33b58 100644 ---- a/server/red-replay-qxl.c -+++ b/server/red-replay-qxl.c -@@ -266,7 +266,7 @@ static replay_t read_binary(SpiceReplay *replay, const char *prefix, size_t *siz - exit(1); - } - if ((ret = inflate(&strm, Z_NO_FLUSH)) != Z_STREAM_END) { -- spice_error("inflate error %d (disc: %" PRIdPTR ")", ret, *size - strm.total_out); -+ spice_error("inflate error %d (disc: %ld)", ret, *size - strm.total_out); - if (ret == Z_DATA_ERROR) { - /* last operation may be wrong. since we do the recording - * in red_worker, when there is a shutdown from the vcpu/io thread --- -2.7.4 - diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb index 1ad46c2c3..552f81df0 100644 --- a/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb @@ -13,10 +13,10 @@ architectures." LICENSE = "BSD & LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" -PV = "0.14.1+git${SRCPV}" +PV = "0.14.2+git${SRCPV}" -SRCREV_spice = "eaa07ef15cfc3bf57a69da2576af66f028787774" -SRCREV_spice-common = "6b93b3fce8909b836ef1d1434d191900d8aa00be" +SRCREV_spice = "7cbd70b931db76c69c89c2d9d5d704f67381a81b" +SRCREV_spice-common = "4fc4c2db36c7f07b906e9a326a9d3dc0ae6a2671" SRCREV_FORMAT = "spice_spice-common" @@ -24,7 +24,7 @@ SRC_URI = " \ git://anongit.freedesktop.org/spice/spice;name=spice \ git://anongit.freedesktop.org/spice/spice-common;destsuffix=git/subprojects/spice-common;name=spice-common \ file://0001-Convert-pthread_t-to-be-numeric.patch \ - file://0001-spice-fix-compile-fail-problem.patch \ + file://0001-Fix-compile-errors-on-Linux-32bit-system.patch \ " S = "${WORKDIR}/git" @@ -37,6 +37,8 @@ DEPENDS_append_class-nativesdk = "nativesdk-openssl" export PYTHON="${STAGING_BINDIR_NATIVE}/python-native/python" export PYTHONPATH="${PKG_CONFIG_SYSROOT_DIR}${libdir}/python2.7/site-packages" +CFLAGS_append = " -Wno-error=address-of-packed-member" + PACKAGECONFIG_class-native = "" PACKAGECONFIG_class-nativesdk = "" PACKAGECONFIG ?= "sasl" @@ -54,4 +56,4 @@ COMPATIBLE_HOST = '(x86_64|i.86).*-linux' BBCLASSEXTEND = "native nativesdk" -EXTRA_OECONF_toolchain-clang += "--disable-werror" +EXTRA_OECONF_append_toolchain-clang = " --disable-werror" |