diff options
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-security')
-rw-r--r-- | meta-openembedded/meta-oe/recipes-security/keyutils/files/fix_library_install_path.patch | 28 | ||||
-rw-r--r-- | meta-openembedded/meta-oe/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch | 42 | ||||
-rw-r--r-- | meta-openembedded/meta-oe/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch | 41 | ||||
-rwxr-xr-x | meta-openembedded/meta-oe/recipes-security/keyutils/files/run-ptest | 3 | ||||
-rw-r--r-- | meta-openembedded/meta-oe/recipes-security/keyutils/keyutils_1.6.bb | 65 | ||||
-rw-r--r-- | meta-openembedded/meta-oe/recipes-security/nmap/files/0001-Include-time.h-header-to-pass-clang-compilation.patch (renamed from meta-openembedded/meta-oe/recipes-security/nmap/files/0001-include-time.h-for-time-structure-definition.patch) | 59 | ||||
-rw-r--r-- | meta-openembedded/meta-oe/recipes-security/nmap/nmap_7.80.bb (renamed from meta-openembedded/meta-oe/recipes-security/nmap/nmap_7.70.bb) | 8 |
7 files changed, 210 insertions, 36 deletions
diff --git a/meta-openembedded/meta-oe/recipes-security/keyutils/files/fix_library_install_path.patch b/meta-openembedded/meta-oe/recipes-security/keyutils/files/fix_library_install_path.patch new file mode 100644 index 000000000..938fe2eb5 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-security/keyutils/files/fix_library_install_path.patch @@ -0,0 +1,28 @@ +From b0355cc205543ffd33752874295139d57c4fbc3e Mon Sep 17 00:00:00 2001 +From: Wenzong Fan <wenzong.fan@windriver.com> +Date: Tue, 26 Sep 2017 07:59:51 +0000 +Subject: [PATCH] Subject: [PATCH] keyutils: use relative path for link + +The absolute path of the symlink will be invalid +when populated in sysroot, so use relative path instead. + +Upstream-Status: Pending + +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> +Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> +{rebased for 1.6] +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +Index: keyutils-1.6/Makefile +=================================================================== +--- keyutils-1.6.orig/Makefile ++++ keyutils-1.6/Makefile +@@ -184,7 +184,7 @@ ifeq ($(NO_SOLIB),0) + $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME) + $(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME) + mkdir -p $(DESTDIR)$(USRLIBDIR) +- $(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) ++ $(LNS) $(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) + sed \ + -e 's,@VERSION\@,$(VERSION),g' \ + -e 's,@prefix\@,$(PREFIX),g' \ diff --git a/meta-openembedded/meta-oe/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch b/meta-openembedded/meta-oe/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch new file mode 100644 index 000000000..acd91c01c --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch @@ -0,0 +1,42 @@ +fix keyutils test error report + +Upstream-Status: Pending + +"Permission denied" may be the reason of EKEYEXPIRED and EKEYREVOKED. +"Required key not available" may be the reason of EKEYREVOKED. +EXPIRED and REVOKED are 2 status of kernel security keys features. +But the userspace keyutils lib will output the error message, which may +have several reasons. + +Signed-off-by: Han Chao <chan@windriver.com> + +diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh +index bbca00a..739e9d0 100644 +--- a/tests/toolbox.inc.sh ++++ b/tests/toolbox.inc.sh +@@ -227,11 +227,12 @@ function expect_error () + ;; + EKEYEXPIRED) + my_err="Key has expired" +- alt_err="Unknown error 127" ++ alt_err="Permission denied" + ;; + EKEYREVOKED) + my_err="Key has been revoked" +- alt_err="Unknown error 128" ++ alt_err="Permission denied" ++ alt2_err="Required key not available" + ;; + EKEYREJECTED) + my_err="Key has been rejected" +@@ -249,6 +250,9 @@ function expect_error () + elif [ "x$alt_err" != "x" ] && expr "$my_errmsg" : ".*: $alt_err" >&/dev/null + then + : ++ elif [ "x$alt2_err" != "x" ] && expr "$my_errmsg" : ".*: $alt2_err" >&/dev/null ++ then ++ : + elif [ "x$old_err" != "x" ] && expr "$my_errmsg" : ".*: $old_err" >&/dev/null + then + : + diff --git a/meta-openembedded/meta-oe/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch b/meta-openembedded/meta-oe/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch new file mode 100644 index 000000000..a4ffd50ce --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch @@ -0,0 +1,41 @@ +From 49b6321368e4bd3cd233d045cd09004ddd7968b2 Mon Sep 17 00:00:00 2001 +From: Jackie Huang <jackie.huang@windriver.com> +Date: Mon, 15 May 2017 14:52:00 +0800 +Subject: [PATCH] keyutils: fix output format + +keyutils ptest output format is incorrect, according to yocto +Development Manual +(http://www.yoctoproject.org/docs/latest/dev-manual/dev-manual.html#testing-packages-with-ptest) +5.10.6. Testing Packages With ptestThe test generates output in the format used by Automake: +<result>: <testname> +where the result can be PASS, FAIL, or SKIP, and the testname can be any +identifying string. +So we should change the test result format to match yocto ptest rules. + +Upstream-Status: Inappropriate [OE ptest specific] + +Signed-off-by: Li Wang <li.wang@windriver.com> +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> +--- + tests/runtest.sh | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tests/runtest.sh b/tests/runtest.sh +index b6eaa7c..84263fb 100644 +--- a/tests/runtest.sh ++++ b/tests/runtest.sh +@@ -21,6 +21,11 @@ for i in ${TESTS}; do + echo "### RUNNING TEST $i" + if [[ $AUTOMATED != 0 ]] ; then + bash ./runtest.sh ++ if [ $? != 0 ]; then ++ echo "FAIL: $i" ++ else ++ echo "PASS: $i" ++ fi + else + bash ./runtest.sh || exit 1 + fi +-- +2.11.0 + diff --git a/meta-openembedded/meta-oe/recipes-security/keyutils/files/run-ptest b/meta-openembedded/meta-oe/recipes-security/keyutils/files/run-ptest new file mode 100755 index 000000000..305707f65 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-security/keyutils/files/run-ptest @@ -0,0 +1,3 @@ +#!/bin/sh +export AUTOMATED=1 +make -C tests run diff --git a/meta-openembedded/meta-oe/recipes-security/keyutils/keyutils_1.6.bb b/meta-openembedded/meta-oe/recipes-security/keyutils/keyutils_1.6.bb new file mode 100644 index 000000000..572143a5a --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-security/keyutils/keyutils_1.6.bb @@ -0,0 +1,65 @@ +SUMMARY = "Linux Key Management Utilities" +DESCRIPTION = "\ + Utilities to control the kernel key management facility and to provide \ + a mechanism by which the kernel call back to userspace to get a key \ + instantiated. \ + " +HOMEPAGE = "http://people.redhat.com/dhowells/keyutils" +SECTION = "base" + +LICENSE = "LGPLv2.1+ & GPLv2.0+" + +LIC_FILES_CHKSUM = "file://LICENCE.GPL;md5=5f6e72824f5da505c1f4a7197f004b45 \ + file://LICENCE.LGPL;md5=7d1cacaa3ea752b72ea5e525df54a21f" + +inherit siteinfo autotools-brokensep ptest + +SRC_URI = "http://people.redhat.com/dhowells/keyutils/${BP}.tar.bz2 \ + file://keyutils-test-fix-output-format.patch \ + file://keyutils-fix-error-report-by-adding-default-message.patch \ + file://run-ptest \ + file://fix_library_install_path.patch \ + " + +SRC_URI[md5sum] = "191987b0ab46bb5b50efd70a6e6ce808" +SRC_URI[sha256sum] = "d3aef20cec0005c0fa6b4be40079885567473185b1a57b629b030e67942c7115" + +EXTRA_OEMAKE = "'CFLAGS=${CFLAGS} -Wall' \ + NO_ARLIB=1 \ + BINDIR=${base_bindir} \ + SBINDIR=${base_sbindir} \ + LIBDIR=${libdir} \ + USRLIBDIR=${libdir} \ + INCLUDEDIR=${includedir} \ + BUILDFOR=${SITEINFO_BITS}-bit \ + NO_GLIBC_KEYERR=1 \ + " + +do_install () { + install -d ${D}/${libdir}/pkgconfig + oe_runmake DESTDIR=${D} install +} + +do_install_append_class-nativesdk() { + install -d ${D}${datadir} + src_dir="${D}${target_datadir}" + mv $src_dir/* ${D}${datadir} + par_dir=`dirname $src_dir` + rmdir $src_dir $par_dir + + install -d ${D}${sysconfdir} + mv ${D}/etc/* ${D}${sysconfdir}/ + rmdir ${D}/etc +} + +do_install_ptest () { + cp -r ${S}/tests ${D}${PTEST_PATH}/ + sed -i -e 's/OSDIST=Unknown/OSDIST=${DISTRO}/' ${D}${PTEST_PATH}/tests/prepare.inc.sh +} + + +RDEPENDS_${PN}-ptest += "lsb-release" +RDEPENDS_${PN}-ptest_append_libc-glibc = " glibc-utils" +RDEPENDS_${PN}-ptest_append_libc-musl = " musl-utils" + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-oe/recipes-security/nmap/files/0001-include-time.h-for-time-structure-definition.patch b/meta-openembedded/meta-oe/recipes-security/nmap/files/0001-Include-time.h-header-to-pass-clang-compilation.patch index 561c8c82c..f93af2d79 100644 --- a/meta-openembedded/meta-oe/recipes-security/nmap/files/0001-include-time.h-for-time-structure-definition.patch +++ b/meta-openembedded/meta-oe/recipes-security/nmap/files/0001-Include-time.h-header-to-pass-clang-compilation.patch @@ -1,35 +1,39 @@ -From c774f2b129fd5acd5647d92c57a2079ae638a62b Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sun, 20 Jan 2019 23:07:39 -0800 -Subject: [PATCH] include time.h for time structure definition +From a068952a20880fc864e8cb8b49f8a6b143a5ac30 Mon Sep 17 00:00:00 2001 +From: Peiran Hong <peiran.hong@windriver.com> +Date: Fri, 20 Sep 2019 15:02:45 -0400 +Subject: [PATCH] Include time.h header to pass clang compilation -Exposed by musl/clang - -Upstream-Status: Pending - -Signed-off-by: Khem Raj <raj.khem@gmail.com> --- - nmap_error.cc | 1 + - nping/EchoServer.cc | 1 + - osscan.cc | 1 + - osscan2.cc | 1 + - service_scan.cc | 1 + - 5 files changed, 5 insertions(+) + nmap_error.cc | 11 +---------- + nping/EchoServer.cc | 1 + + osscan2.cc | 1 + + service_scan.cc | 1 + + 4 files changed, 4 insertions(+), 10 deletions(-) diff --git a/nmap_error.cc b/nmap_error.cc -index 19beafb..ea14e08 100644 +index 588b13c33..254107ff5 100644 --- a/nmap_error.cc +++ b/nmap_error.cc -@@ -135,6 +135,7 @@ +@@ -135,16 +135,7 @@ #include "xml.h" #include <errno.h> +-#if TIME_WITH_SYS_TIME +-# include <sys/time.h> +-# include <time.h> +-#else +-# if HAVE_SYS_TIME_H +-# include <sys/time.h> +-# else +-# include <time.h> +-# endif +-#endif +#include <time.h> extern NmapOps o; diff --git a/nping/EchoServer.cc b/nping/EchoServer.cc -index 70f39b0..40cd4d6 100644 +index ccdcf9c2d..c403aeda5 100644 --- a/nping/EchoServer.cc +++ b/nping/EchoServer.cc @@ -137,6 +137,7 @@ @@ -40,20 +44,8 @@ index 70f39b0..40cd4d6 100644 extern NpingOps o; extern EchoServer es; -diff --git a/osscan.cc b/osscan.cc -index f851f60..6ae0c83 100644 ---- a/osscan.cc -+++ b/osscan.cc -@@ -149,6 +149,7 @@ - # include <time.h> - # endif - #endif -+#include <time.h> - - #include <algorithm> - #include <list> diff --git a/osscan2.cc b/osscan2.cc -index e341947..887fbd2 100644 +index aa31feb12..89673e108 100644 --- a/osscan2.cc +++ b/osscan2.cc @@ -147,6 +147,7 @@ @@ -65,7 +57,7 @@ index e341947..887fbd2 100644 extern NmapOps o; #ifdef WIN32 diff --git a/service_scan.cc b/service_scan.cc -index 9780ae3..e07b940 100644 +index 57a92ed28..ef277bb1f 100644 --- a/service_scan.cc +++ b/service_scan.cc @@ -145,6 +145,7 @@ @@ -76,3 +68,6 @@ index 9780ae3..e07b940 100644 #if HAVE_OPENSSL /* OpenSSL 1.0.0 needs _WINSOCKAPI_ to be defined, otherwise it loads +-- +2.21.0 + diff --git a/meta-openembedded/meta-oe/recipes-security/nmap/nmap_7.70.bb b/meta-openembedded/meta-oe/recipes-security/nmap/nmap_7.80.bb index b1b150a7d..f24194da7 100644 --- a/meta-openembedded/meta-oe/recipes-security/nmap/nmap_7.70.bb +++ b/meta-openembedded/meta-oe/recipes-security/nmap/nmap_7.80.bb @@ -3,17 +3,17 @@ DESCRIPTION = "Nmap ("Network Mapper") is a free and open source (license) utili SECTION = "security" LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://COPYING;beginline=7;endline=12;md5=1489288f46af415fadc4e8b6345ab9f4" +LIC_FILES_CHKSUM = "file://COPYING;beginline=7;endline=12;md5=66938a7e5b4c118eda78271de14874c2" SRC_URI = "http://nmap.org/dist/${BP}.tar.bz2 \ file://nmap-redefine-the-python-library-dir.patch \ file://nmap-replace-shtool-mkdir-with-coreutils-mkdir-command.patch \ - file://0001-include-time.h-for-time-structure-definition.patch \ + file://0001-Include-time.h-header-to-pass-clang-compilation.patch \ file://0002-Fix-building-with-libc.patch \ " -SRC_URI[md5sum] = "84eb6fbe788e0d4918c2b1e39421bf79" -SRC_URI[sha256sum] = "847b068955f792f4cc247593aca6dc3dc4aae12976169873247488de147a6e18" +SRC_URI[md5sum] = "d37b75b06d1d40f27b76d60db420a1f5" +SRC_URI[sha256sum] = "fcfa5a0e42099e12e4bf7a68ebe6fde05553383a682e816a7ec9256ab4773faa" inherit autotools-brokensep pkgconfig pythonnative |