diff options
Diffstat (limited to 'poky/meta/recipes-connectivity')
27 files changed, 513 insertions, 838 deletions
diff --git a/poky/meta/recipes-connectivity/avahi/avahi.inc b/poky/meta/recipes-connectivity/avahi/avahi.inc index 8339e451f..94fe6a16b 100644 --- a/poky/meta/recipes-connectivity/avahi/avahi.inc +++ b/poky/meta/recipes-connectivity/avahi/avahi.inc @@ -36,6 +36,7 @@ PACKAGECONFIG ??= "dbus ${AVAHI_GTK}" PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+" PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3" +PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus" inherit autotools pkgconfig gettext gobject-introspection @@ -77,3 +78,9 @@ do_install() { test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 rm -rf ${D}${libdir}/avahi } + +PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}" + +FILES_libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*" + +RPROVIDES_libavahi-compat-libdnssd = "libdns-sd" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc index aaf2af975..8f321638c 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc @@ -6,7 +6,7 @@ LICENSE = "GPLv2+ & LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ file://COPYING.LIB;md5=fb504b67c50331fc78734fed90fb0e09 \ file://src/main.c;beginline=1;endline=24;md5=9bc54b93cd7e17bf03f52513f39f926e" -DEPENDS = "udev dbus-glib glib-2.0" +DEPENDS = "dbus-glib glib-2.0" PROVIDES += "bluez-hcidump" RPROVIDES_${PN} += "bluez-hcidump" @@ -22,6 +22,7 @@ PACKAGECONFIG ??= "obex-profiles \ hog-profiles \ tools \ deprecated \ + udev \ " PACKAGECONFIG[obex-profiles] = "--enable-obex,--disable-obex,libical" PACKAGECONFIG[readline] = "--enable-client,--disable-client,readline," @@ -43,6 +44,7 @@ PACKAGECONFIG[threads] = "--enable-threads,--disable-threads" PACKAGECONFIG[deprecated] = "--enable-deprecated,--disable-deprecated" PACKAGECONFIG[mesh] = "--enable-mesh,--disable-mesh, json-c ell" PACKAGECONFIG[btpclient] = "--enable-btpclient,--disable-btpclient, ell" +PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,udev" SRC_URI = "\ ${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ @@ -54,6 +56,7 @@ SRC_URI = "\ file://0001-test-gatt-Fix-hung-issue.patch \ file://0001-Makefile.am-Fix-a-race-issue-for-tools.patch \ file://CVE-2018-10910.patch \ + file://gcc9-fixes.patch \ " S = "${WORKDIR}/bluez-${PV}" @@ -117,7 +120,10 @@ FILES_${PN}-dev += " \ FILES_${PN}-obex = "${libexecdir}/bluetooth/obexd \ ${exec_prefix}/lib/systemd/user/obex.service \ + ${systemd_system_unitdir}/obex.service \ + ${sysconfdir}/systemd/system/multi-user.target.wants/obex.service \ ${datadir}/dbus-1/services/org.bluez.obex.service \ + ${sysconfdir}/dbus-1/system.d/obexd.conf \ " SYSTEMD_SERVICE_${PN}-obex = "obex.service" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/gcc9-fixes.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/gcc9-fixes.patch new file mode 100644 index 000000000..ca678e601 --- /dev/null +++ b/poky/meta/recipes-connectivity/bluez5/bluez5/gcc9-fixes.patch @@ -0,0 +1,301 @@ +Backported commit from upstream master branch (post 5.50 release), which +resolves assertion failures in several unit tests. + +https://git.kernel.org/pub/scm/bluetooth/bluez.git/patch/?id=0be5246170 + +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +diff --git a/unit/test-avctp.c b/unit/test-avctp.c +index 3bc3569..24de663 100644 +--- a/unit/test-avctp.c ++++ b/unit/test-avctp.c +@@ -43,7 +43,7 @@ + + struct test_pdu { + bool valid; +- const uint8_t *data; ++ uint8_t *data; + size_t size; + }; + +@@ -66,7 +66,7 @@ struct context { + #define raw_pdu(args...) \ + { \ + .valid = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -91,6 +91,11 @@ static void test_debug(const char *str, void *user_data) + static void test_free(gconstpointer user_data) + { + const struct test_data *data = user_data; ++ struct test_pdu *pdu; ++ int i; ++ ++ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) ++ g_free(pdu->data); + + g_free(data->test_name); + g_free(data->pdu_list); +diff --git a/unit/test-avdtp.c b/unit/test-avdtp.c +index dd8aed7..e2c951a 100644 +--- a/unit/test-avdtp.c ++++ b/unit/test-avdtp.c +@@ -47,7 +47,7 @@ + struct test_pdu { + bool valid; + bool fragmented; +- const uint8_t *data; ++ uint8_t *data; + size_t size; + }; + +@@ -61,7 +61,7 @@ struct test_data { + #define raw_pdu(args...) \ + { \ + .valid = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -69,7 +69,7 @@ struct test_data { + { \ + .valid = true, \ + .fragmented = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -81,7 +81,7 @@ struct test_data { + static struct test_data data; \ + data.test_name = g_strdup(name); \ + data.pdu_list = g_memdup(pdus, sizeof(pdus)); \ +- tester_add(name, &data, NULL, function, NULL); \ ++ tester_add(name, &data, NULL, function, NULL); \ + } while (0) + + struct context { +@@ -109,6 +109,11 @@ static void test_debug(const char *str, void *user_data) + static void test_free(gconstpointer user_data) + { + const struct test_data *data = user_data; ++ struct test_pdu *pdu; ++ int i; ++ ++ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) ++ g_free(pdu->data); + + g_free(data->test_name); + g_free(data->pdu_list); +diff --git a/unit/test-avrcp.c b/unit/test-avrcp.c +index 01307e6..f1aa353 100644 +--- a/unit/test-avrcp.c ++++ b/unit/test-avrcp.c +@@ -49,7 +49,7 @@ struct test_pdu { + bool fragmented; + bool continuing; + bool browse; +- const uint8_t *data; ++ uint8_t *data; + size_t size; + }; + +@@ -74,7 +74,7 @@ struct context { + #define raw_pdu(args...) \ + { \ + .valid = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -82,7 +82,7 @@ struct context { + { \ + .valid = true, \ + .browse = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -90,7 +90,7 @@ struct context { + { \ + .valid = true, \ + .fragmented = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -98,7 +98,7 @@ struct context { + { \ + .valid = true, \ + .continuing = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -123,6 +123,11 @@ static void test_debug(const char *str, void *user_data) + static void test_free(gconstpointer user_data) + { + const struct test_data *data = user_data; ++ struct test_pdu *pdu; ++ int i; ++ ++ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) ++ g_free(pdu->data); + + g_free(data->test_name); + g_free(data->pdu_list); +diff --git a/unit/test-gatt.c b/unit/test-gatt.c +index c7e28f8..d49f7a0 100644 +--- a/unit/test-gatt.c ++++ b/unit/test-gatt.c +@@ -48,7 +48,7 @@ + + struct test_pdu { + bool valid; +- const uint8_t *data; ++ uint8_t *data; + size_t size; + }; + +@@ -86,7 +86,7 @@ struct context { + #define raw_pdu(args...) \ + { \ + .valid = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -306,6 +306,11 @@ static bt_uuid_t uuid_char_128 = { + static void test_free(gconstpointer user_data) + { + const struct test_data *data = user_data; ++ struct test_pdu *pdu; ++ int i; ++ ++ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) ++ g_free(pdu->data); + + g_free(data->test_name); + g_free(data->pdu_list); +@@ -1911,6 +1916,8 @@ static void test_server(gconstpointer data) + g_assert_cmpint(len, ==, pdu.size); + + util_hexdump('<', pdu.data, len, test_debug, "GATT: "); ++ ++ g_free(pdu.data); + } + + static void test_search_primary(gconstpointer data) +diff --git a/unit/test-hfp.c b/unit/test-hfp.c +index f2b9622..890eee6 100644 +--- a/unit/test-hfp.c ++++ b/unit/test-hfp.c +@@ -43,7 +43,7 @@ struct context { + + struct test_pdu { + bool valid; +- const uint8_t *data; ++ uint8_t *data; + size_t size; + enum hfp_gw_cmd_type type; + bool fragmented; +@@ -63,7 +63,7 @@ struct test_data { + #define raw_pdu(args...) \ + { \ + .valid = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + } + +@@ -75,7 +75,7 @@ struct test_data { + #define type_pdu(cmd_type, args...) \ + { \ + .valid = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + .type = cmd_type, \ + } +@@ -83,7 +83,7 @@ struct test_data { + #define frg_pdu(args...) \ + { \ + .valid = true, \ +- .data = data(args), \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ + .size = sizeof(data(args)), \ + .fragmented = true, \ + } +@@ -119,6 +119,11 @@ struct test_data { + static void test_free(gconstpointer user_data) + { + const struct test_data *data = user_data; ++ struct test_pdu *pdu; ++ int i; ++ ++ for (i = 0; (pdu = &data->pdu_list[i]) && pdu->valid; i++) ++ g_free(pdu->data); + + g_free(data->test_name); + g_free(data->pdu_list); +diff --git a/unit/test-hog.c b/unit/test-hog.c +index d117968..25bdb42 100644 +--- a/unit/test-hog.c ++++ b/unit/test-hog.c +@@ -68,11 +68,11 @@ struct context { + + #define data(args...) ((const unsigned char[]) { args }) + +-#define raw_pdu(args...) \ +-{ \ +- .valid = true, \ +- .data = data(args), \ +- .size = sizeof(data(args)),\ ++#define raw_pdu(args...) \ ++{ \ ++ .valid = true, \ ++ .data = g_memdup(data(args), sizeof(data(args))), \ ++ .size = sizeof(data(args)), \ + } + + #define false_pdu() \ +diff --git a/unit/test-sdp.c b/unit/test-sdp.c +index ac921a9..c71ee1f 100644 +--- a/unit/test-sdp.c ++++ b/unit/test-sdp.c +@@ -59,14 +59,14 @@ struct test_data { + #define raw_pdu(args...) \ + { \ + .valid = true, \ +- .raw_data = raw_data(args), \ ++ .raw_data = g_memdup(raw_data(args), sizeof(raw_data(args))), \ + .raw_size = sizeof(raw_data(args)), \ + } + + #define raw_pdu_cont(cont, args...) \ + { \ + .valid = true, \ +- .raw_data = raw_data(args), \ ++ .raw_data = g_memdup(raw_data(args), sizeof(raw_data(args))), \ + .raw_size = sizeof(raw_data(args)), \ + .cont_len = cont, \ + } +@@ -103,7 +103,7 @@ struct test_data_de { + #define define_test_de_attr(name, input, exp) \ + do { \ + static struct test_data_de data; \ +- data.input_data = input; \ ++ data.input_data = g_memdup(input, sizeof(input)); \ + data.input_size = sizeof(input); \ + data.expected = exp; \ + tester_add("/sdp/DE/ATTR/" name, &data, NULL, \ diff --git a/poky/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch b/poky/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch new file mode 100644 index 000000000..30f1432cd --- /dev/null +++ b/poky/meta/recipes-connectivity/connman/connman/0001-gweb-fix-segfault-with-musl-v1.1.21.patch @@ -0,0 +1,34 @@ +From f0a8c69971b30ea7ca255bb885fdd1179fa5d298 Mon Sep 17 00:00:00 2001 +From: Nicola Lunghi <nick83ola@gmail.com> +Date: Thu, 23 May 2019 07:55:25 +0100 +Subject: [PATCH] gweb: fix segfault with musl v1.1.21 + +In musl > v1.1.21 freeaddrinfo() implementation changed and +was causing a segmentation fault on recent Yocto using musl. + +See this commit: + + https://git.musl-libc.org/cgit/musl/commit/src/network/freeaddrinfo.c?id=d1395c43c019aec6b855cf3c656bf47c8a719e7f + +Upstream-Status: Submitted +--- + gweb/gweb.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/gweb/gweb.c b/gweb/gweb.c +index 393afe0a..12fcb1d8 100644 +--- a/gweb/gweb.c ++++ b/gweb/gweb.c +@@ -1274,7 +1274,8 @@ static bool is_ip_address(const char *host) + addr = NULL; + + result = getaddrinfo(host, NULL, &hints, &addr); +- freeaddrinfo(addr); ++ if(!result) ++ freeaddrinfo(addr); + + return result == 0; + } +-- +2.19.1 + diff --git a/poky/meta/recipes-connectivity/connman/connman_1.37.bb b/poky/meta/recipes-connectivity/connman/connman_1.37.bb index 2cf904cd8..00852bf0d 100644 --- a/poky/meta/recipes-connectivity/connman/connman_1.37.bb +++ b/poky/meta/recipes-connectivity/connman/connman_1.37.bb @@ -3,6 +3,7 @@ require connman.inc SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \ file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ + file://0001-gweb-fix-segfault-with-musl-v1.1.21.patch \ file://connman \ file://no-version-scripts.patch \ " @@ -13,3 +14,4 @@ SRC_URI[md5sum] = "75012084f14fb63a84b116e66c6e94fb" SRC_URI[sha256sum] = "6ce29b3eb0bb16a7387bc609c39455fd13064bdcde5a4d185fab3a0c71946e16" RRECOMMENDS_${PN} = "connman-conf" +RCONFLICTS_${PN} = "networkmanager" diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0006-site.h-enable-gentle-shutdown.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0006-site.h-enable-gentle-shutdown.patch deleted file mode 100644 index 6ef70ccac..000000000 --- a/poky/meta/recipes-connectivity/dhcp/dhcp/0006-site.h-enable-gentle-shutdown.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 01641d146e4e6bea954e4a4ee1f6230b822665b4 Mon Sep 17 00:00:00 2001 -From: Chen Qi <Qi.Chen@windriver.com> -Date: Tue, 15 Aug 2017 15:37:49 +0800 -Subject: [PATCH 06/11] site.h: enable gentle shutdown - -Upstream-Status: Inappropriate [configuration] -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> - -Rebase to 4.3.6 -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - includes/site.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: dhcp-4.4.1/includes/site.h -=================================================================== ---- dhcp-4.4.1.orig/includes/site.h -+++ dhcp-4.4.1/includes/site.h -@@ -295,7 +295,7 @@ - situations. We plan to revisit this feature and may - make non-backwards compatible changes including the - removal of this define. Use at your own risk. */ --/* #define ENABLE_GENTLE_SHUTDOWN */ -+#define ENABLE_GENTLE_SHUTDOWN - - /* Include old error codes. This is provided in case you - are building an external program similar to omshell for diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb b/poky/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb index 19524cb3c..275961a60 100644 --- a/poky/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb +++ b/poky/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb @@ -5,7 +5,6 @@ SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.pat file://0003-link-with-lcrypto.patch \ file://0004-Fix-out-of-tree-builds.patch \ file://0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch \ - file://0006-site.h-enable-gentle-shutdown.patch \ file://0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch \ file://0009-remove-dhclient-script-bash-dependency.patch \ file://0012-dhcp-correct-the-intention-for-xml2-lib-search.patch \ diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb b/poky/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb index ec1384eab..ac2e017d8 100644 --- a/poky/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb +++ b/poky/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb @@ -200,7 +200,7 @@ RDEPENDS_${PN}-tftpd += "xinetd" FILES_${PN}-telnetd = "${sbindir}/in.telnetd ${sysconfdir}/xinetd.d/telnet" FILES_${PN}-telnetd-dbg = "${sbindir}/.debug/in.telnetd" -RCONFLICTS_${PN}-telnetd += "netkit-telnetd" +RCONFLICTS_${PN}-telnetd += "netkit-telnet" RPROVIDES_${PN}-telnetd = "telnetd" RDEPENDS_${PN}-telnetd += "xinetd" diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2_5.0.0.bb b/poky/meta/recipes-connectivity/iproute2/iproute2_5.1.0.bb index 8f33c7fe1..6854a1300 100644 --- a/poky/meta/recipes-connectivity/iproute2/iproute2_5.0.0.bb +++ b/poky/meta/recipes-connectivity/iproute2/iproute2_5.1.0.bb @@ -5,8 +5,8 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ file://0001-libc-compat.h-add-musl-workaround.patch \ " -SRC_URI[md5sum] = "d22107b4d7cfb999eeb8ad8a0aec1124" -SRC_URI[sha256sum] = "df047302a39650ef832c07e8dab5df7a23218cd398bd310c8628e386161d20ba" +SRC_URI[md5sum] = "a2b8349abf4ae00e92155fda22de4d5e" +SRC_URI[sha256sum] = "dc5a980873eabf6b00c0be976b6e5562b1400d47d1d07d2ac35d5e5acbcf7bcf" # CFLAGS are computed in Makefile and reference CCOPTS # diff --git a/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch b/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch deleted file mode 100644 index f63eb90cd..000000000 --- a/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch +++ /dev/null @@ -1,56 +0,0 @@ -From bdf01a581d58eb5340e9238d143dbcac9db5b11c Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sat, 30 Jan 2016 19:29:45 +0000 -Subject: [PATCH] check for nss.h - -nss.h may not available on all libc implementations, e.g. musl does not -have this header, this patch detects nss.h presence and defines the data -types that are required if nss.h is missing on platform - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending - - configure.ac | 2 +- - src/nss.c | 11 +++++++++++ - 2 files changed, 12 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index aa66bc6..ce19b07 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -71,7 +71,7 @@ AC_PROG_LIBTOOL - - # Checks for header files. - AC_HEADER_STDC --AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h]) -+AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h nss.h]) - - # Checks for typedefs, structures, and compiler characteristics. - AC_C_CONST -diff --git a/src/nss.c b/src/nss.c -index e48e315..406733b 100644 ---- a/src/nss.c -+++ b/src/nss.c -@@ -29,7 +29,18 @@ - #include <assert.h> - #include <netdb.h> - #include <sys/socket.h> -+#ifdef HAVE_NSS_H - #include <nss.h> -+#else -+enum nss_status { -+ NSS_STATUS_TRYAGAIN = -2, -+ NSS_STATUS_UNAVAIL, -+ NSS_STATUS_NOTFOUND, -+ NSS_STATUS_SUCCESS, -+ NSS_STATUS_RETURN -+}; -+#endif -+ - #include <stdio.h> - #include <stdlib.h> - --- -2.7.0 - diff --git a/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb b/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb index d0eb2768d..953505971 100644 --- a/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb +++ b/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb @@ -9,7 +9,6 @@ DEPENDS = "avahi" PR = "r7" SRC_URI = "http://0pointer.de/lennart/projects/nss-mdns/nss-mdns-${PV}.tar.gz \ - file://0001-check-for-nss.h.patch \ " SRC_URI[md5sum] = "03938f17646efbb50aa70ba5f99f51d7" @@ -21,6 +20,8 @@ localstatedir = "/" inherit autotools +COMPATIBLE_HOST_libc-musl = 'null' + EXTRA_OECONF = "--libdir=${base_libdir} --disable-lynx --enable-avahi" # suppress warning, but don't bother with autonamer diff --git a/poky/meta/recipes-connectivity/ofono/ofono.inc b/poky/meta/recipes-connectivity/ofono/ofono.inc index 0472414b1..e1185c6e6 100644 --- a/poky/meta/recipes-connectivity/ofono/ofono.inc +++ b/poky/meta/recipes-connectivity/ofono/ofono.inc @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ inherit autotools pkgconfig update-rc.d systemd bluetooth gobject-introspection-data -DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info" +DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ell" INITSCRIPT_NAME = "ofono" INITSCRIPT_PARAMS = "defaults 22" @@ -19,7 +19,7 @@ PACKAGECONFIG ??= "\ PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir=" PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, ${BLUEZ}" -EXTRA_OECONF += "--enable-test" +EXTRA_OECONF += "--enable-test --enable-external-ell" SYSTEMD_SERVICE_${PN} = "ofono.service" diff --git a/poky/meta/recipes-connectivity/ofono/ofono/0001-Makefile.am-Don-t-overwrite-src_ofonod_DEPENDENCIES.patch b/poky/meta/recipes-connectivity/ofono/ofono/0001-Makefile.am-Don-t-overwrite-src_ofonod_DEPENDENCIES.patch new file mode 100644 index 000000000..77073ddb1 --- /dev/null +++ b/poky/meta/recipes-connectivity/ofono/ofono/0001-Makefile.am-Don-t-overwrite-src_ofonod_DEPENDENCIES.patch @@ -0,0 +1,50 @@ +From eeaf8dac80f15a2b7c18d1d4ee63106973a6a873 Mon Sep 17 00:00:00 2001 +From: Adrian Bunk <bunk@kernel.org> +Date: Tue, 21 May 2019 14:13:35 +0300 +Subject: Makefile.am: Don't overwrite src_ofonod_DEPENDENCIES + +src_ofonod_DEPENDENCIES did overwrite the dependencies +automatically generated from src_ofonod_LDADD with +incomplete dependencies. + +This fixes the following build error: +... + CCLD src/ofonod +libtool: error: cannot find the library 'gdbus/libgdbus-internal.la' or unhandled argument 'gdbus/libgdbus-internal.la' +make: *** [Makefile:3448: src/ofonod] Error 1 + +Upstream-Status: Submitted +Signed-off-by: Adrian Bunk <bunk@stusta.de> +--- + Makefile.am | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index d2e310d5..5edc4488 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -6,12 +6,10 @@ noinst_LTLIBRARIES = + if EXTERNAL_ELL + ell_cflags = @ELL_CFLAGS@ + ell_ldadd = @ELL_LIBS@ +-ell_dependencies = + ell_built_sources = + else + ell_cflags = + ell_ldadd = ell/libell-internal.la +-ell_dependencies = $(ell_ldadd) + ell_built_sources = ell/internal ell/ell.h + + noinst_LTLIBRARIES += ell/libell-internal.la +@@ -729,8 +727,6 @@ src_ofonod_LDADD = gdbus/libgdbus-internal.la $(builtin_libadd) $(ell_ldadd) \ + src_ofonod_LDFLAGS = -Wl,--export-dynamic \ + -Wl,--version-script=$(srcdir)/src/ofono.ver + +-src_ofonod_DEPENDENCIES = $(ell_dependencies) +- + BUILT_SOURCES = $(local_headers) $(ell_built_sources) src/builtin.h + + CLEANFILES = $(BUILT_SOURCES) $(rules_DATA) +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/ofono/ofono/0001-main-Quiet-ld-errors-with-external-ell.patch b/poky/meta/recipes-connectivity/ofono/ofono/0001-main-Quiet-ld-errors-with-external-ell.patch new file mode 100644 index 000000000..f9858e7f2 --- /dev/null +++ b/poky/meta/recipes-connectivity/ofono/ofono/0001-main-Quiet-ld-errors-with-external-ell.patch @@ -0,0 +1,36 @@ +From 48e31f9fc3cf3c486c3d27a67b2687f6df0c5c71 Mon Sep 17 00:00:00 2001 +From: Denis Kenzior <denkenz@gmail.com> +Date: Thu, 16 May 2019 15:10:53 -0500 +Subject: main: Quiet ld errors with external ell + +When oFono is built with --enable-external-ell, the compiler for some +reason does not generate a debug section on some systems. This is due +to the fact that l_debug is never called. However, ell also does not +call l_debug, yet when built-in ell is used, the section is created by +the compiler. + +For now work around this by adding a no-op l_debug() call in main.c. +The real fix is to migrate all of the oFono logging functionality to use +ell instead. + +Upstream-Status: Backport +Signed-off-by: Adrian Bunk <bunk@stusta.de> +--- + src/main.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/main.c b/src/main.c +index 8623a060..4529cde1 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -236,6 +236,7 @@ int main(int argc, char **argv) + event_loop = g_main_loop_new(NULL, FALSE); + + l_log_set_stderr(); ++ l_debug(""); + l_debug_enable("*"); + l_main_init(); + +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch b/poky/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch new file mode 100644 index 000000000..8a5a300ad --- /dev/null +++ b/poky/meta/recipes-connectivity/ofono/ofono/0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch @@ -0,0 +1,36 @@ +From 22b52db4842611ac31a356f023fc09595384e2ad Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Thu, 23 May 2019 18:11:22 -0700 +Subject: [PATCH] mbim: add an optional TEMP_FAILURE_RETRY macro copy + +Fixes build on musl which does not provide this macro + +Upstream-Status: Submitted [https://lists.ofono.org/pipermail/ofono/2019-May/019370.html] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + drivers/mbimmodem/mbim-private.h | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/drivers/mbimmodem/mbim-private.h b/drivers/mbimmodem/mbim-private.h +index e159235..51693ea 100644 +--- a/drivers/mbimmodem/mbim-private.h ++++ b/drivers/mbimmodem/mbim-private.h +@@ -21,6 +21,15 @@ + + #define align_len(len, boundary) (((len)+(boundary)-1) & ~((boundary)-1)) + ++#ifndef TEMP_FAILURE_RETRY ++#define TEMP_FAILURE_RETRY(expression) ({ \ ++ __typeof(expression) __result; \ ++ do { \ ++ __result = (expression); \ ++ } while (__result == -1 && errno == EINTR); \ ++ __result; }) ++#endif ++ + enum mbim_control_message { + MBIM_OPEN_MSG = 0x1, + MBIM_CLOSE_MSG = 0x2, +-- +2.21.0 + diff --git a/poky/meta/recipes-connectivity/ofono/ofono_1.29.bb b/poky/meta/recipes-connectivity/ofono/ofono_1.29.bb index a22b99a72..900a6d26d 100644 --- a/poky/meta/recipes-connectivity/ofono/ofono_1.29.bb +++ b/poky/meta/recipes-connectivity/ofono/ofono_1.29.bb @@ -5,6 +5,9 @@ SRC_URI = "\ file://ofono \ file://0001-build-Fix-a-race-condition.patch \ file://0001-build-Add-check-for-explicit_bzero-support.patch \ + file://0001-main-Quiet-ld-errors-with-external-ell.patch \ + file://0001-Makefile.am-Don-t-overwrite-src_ofonod_DEPENDENCIES.patch \ + file://0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch \ " SRC_URI[md5sum] = "4fa0372630ff03f223452e4d05efa8f8" SRC_URI[sha256sum] = "67f0f8e5740dea5b46309e40667d1e560be39c90ef08dd01ff9e9ce8e61f0679" diff --git a/poky/meta/recipes-connectivity/openssh/openssh/0001-upstream-Have-progressmeter-force-an-update-at-the-b.patch b/poky/meta/recipes-connectivity/openssh/openssh/0001-upstream-Have-progressmeter-force-an-update-at-the-b.patch deleted file mode 100644 index 4c9d57442..000000000 --- a/poky/meta/recipes-connectivity/openssh/openssh/0001-upstream-Have-progressmeter-force-an-update-at-the-b.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 5df934e2279e8ed1f07b990f4b2b3baf6470f7e5 Mon Sep 17 00:00:00 2001 -From: "dtucker@openbsd.org" <dtucker@openbsd.org> -Date: Thu, 24 Jan 2019 16:52:17 +0000 -Subject: [PATCH] upstream: Have progressmeter force an update at the beginning - and - -end of each transfer. Fixes the problem recently introduces where very quick -transfers do not display the progressmeter at all. Spotted by naddy@ - -OpenBSD-Commit-ID: 68dc46c259e8fdd4f5db3ec2a130f8e4590a7a9a -Upstream-Status: Backport -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - progressmeter.c | 13 +++++-------- - progressmeter.h | 4 ++-- - scp.c | 2 +- - sftp-client.c | 2 +- - 4 files changed, 9 insertions(+), 12 deletions(-) - -diff --git a/progressmeter.c b/progressmeter.c -index add462d..e385c12 100644 ---- a/progressmeter.c -+++ b/progressmeter.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: progressmeter.c,v 1.46 2019/01/23 08:01:46 dtucker Exp $ */ -+/* $OpenBSD: progressmeter.c,v 1.47 2019/01/24 16:52:17 dtucker Exp $ */ - /* - * Copyright (c) 2003 Nils Nordman. All rights reserved. - * -@@ -59,9 +59,6 @@ static void format_rate(char *, int, off_t); - static void sig_winch(int); - static void setscreensize(void); - --/* updates the progressmeter to reflect the current state of the transfer */ --void refresh_progress_meter(void); -- - /* signal handler for updating the progress meter */ - static void sig_alarm(int); - -@@ -120,7 +117,7 @@ format_size(char *buf, int size, off_t bytes) - } - - void --refresh_progress_meter(void) -+refresh_progress_meter(int force_update) - { - char buf[MAX_WINSIZE + 1]; - off_t transferred; -@@ -131,7 +128,7 @@ refresh_progress_meter(void) - int hours, minutes, seconds; - int file_len; - -- if ((!alarm_fired && !win_resized) || !can_output()) -+ if ((!force_update && !alarm_fired && !win_resized) || !can_output()) - return; - alarm_fired = 0; - -@@ -254,7 +251,7 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr) - bytes_per_second = 0; - - setscreensize(); -- refresh_progress_meter(); -+ refresh_progress_meter(1); - - signal(SIGALRM, sig_alarm); - signal(SIGWINCH, sig_winch); -@@ -271,7 +268,7 @@ stop_progress_meter(void) - - /* Ensure we complete the progress */ - if (cur_pos != end_pos) -- refresh_progress_meter(); -+ refresh_progress_meter(1); - - atomicio(vwrite, STDOUT_FILENO, "\n", 1); - } -diff --git a/progressmeter.h b/progressmeter.h -index 8f66780..1703ea7 100644 ---- a/progressmeter.h -+++ b/progressmeter.h -@@ -1,4 +1,4 @@ --/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */ -+/* $OpenBSD: progressmeter.h,v 1.5 2019/01/24 16:52:17 dtucker Exp $ */ - /* - * Copyright (c) 2002 Nils Nordman. All rights reserved. - * -@@ -24,5 +24,5 @@ - */ - - void start_progress_meter(const char *, off_t, off_t *); --void refresh_progress_meter(void); -+void refresh_progress_meter(int); - void stop_progress_meter(void); -diff --git a/scp.c b/scp.c -index 4a342a6..0587cec 100644 ---- a/scp.c -+++ b/scp.c -@@ -585,7 +585,7 @@ scpio(void *_cnt, size_t s) - off_t *cnt = (off_t *)_cnt; - - *cnt += s; -- refresh_progress_meter(); -+ refresh_progress_meter(0); - if (limit_kbps > 0) - bandwidth_limit(&bwlimit, s); - return 0; -diff --git a/sftp-client.c b/sftp-client.c -index 2bc698f..cf2887a 100644 ---- a/sftp-client.c -+++ b/sftp-client.c -@@ -101,7 +101,7 @@ sftpio(void *_bwlimit, size_t amount) - { - struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; - -- refresh_progress_meter(); -+ refresh_progress_meter(0); - if (bwlimit != NULL) - bandwidth_limit(bwlimit, amount); - return 0; --- -2.7.4 - diff --git a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2018-20685.patch b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2018-20685.patch deleted file mode 100644 index c5b3baece..000000000 --- a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2018-20685.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 6010c0303a422a9c5fa8860c061bf7105eb7f8b2 Mon Sep 17 00:00:00 2001 -From: "djm@openbsd.org" <djm@openbsd.org> -Date: Fri, 16 Nov 2018 03:03:10 +0000 -Subject: [PATCH] upstream: disallow empty incoming filename or ones that refer - to the - -current directory; based on report/patch from Harry Sintonen - -OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9 - -CVE: CVE-2018-20685 -Upstream-Status: Backport -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - scp.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/scp.c b/scp.c -index 60682c6..4f3fdcd 100644 ---- a/scp.c -+++ b/scp.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */ -+/* $OpenBSD: scp.c,v 1.198 2018/11/16 03:03:10 djm Exp $ */ - /* - * scp - secure remote copy. This is basically patched BSD rcp which - * uses ssh to do the data transfer (instead of using rcmd). -@@ -1106,7 +1106,8 @@ sink(int argc, char **argv) - SCREWUP("size out of range"); - size = (off_t)ull; - -- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { -+ if (*cp == '\0' || strchr(cp, '/') != NULL || -+ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { - run_err("error: unexpected filename: %s", cp); - exit(1); - } --- -2.7.4 - diff --git a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2019-6109.patch b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2019-6109.patch deleted file mode 100644 index dabe4a6c9..000000000 --- a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2019-6109.patch +++ /dev/null @@ -1,275 +0,0 @@ -From 15d47c3bd8551521240bc459fc004c280daef817 Mon Sep 17 00:00:00 2001 -From: "dtucker@openbsd.org" <dtucker@openbsd.org> -Date: Wed, 23 Jan 2019 08:01:46 +0000 -Subject: [PATCH] upstream: Sanitize scp filenames via snmprintf. To do this we - move - -the progressmeter formatting outside of signal handler context and have the -atomicio callback called for EINTR too. bz#2434 with contributions from djm -and jjelen at redhat.com, ok djm@ - -OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8 -CVE: CVE-2019-6109 -Upstream-Status: Backport -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - atomicio.c | 20 +++++++++++++++----- - progressmeter.c | 53 ++++++++++++++++++++++++----------------------------- - progressmeter.h | 3 ++- - scp.c | 1 + - sftp-client.c | 16 +++++++++------- - 5 files changed, 51 insertions(+), 42 deletions(-) - -diff --git a/atomicio.c b/atomicio.c -index f854a06..d91bd76 100644 ---- a/atomicio.c -+++ b/atomicio.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: atomicio.c,v 1.28 2016/07/27 23:18:12 djm Exp $ */ -+/* $OpenBSD: atomicio.c,v 1.29 2019/01/23 08:01:46 dtucker Exp $ */ - /* - * Copyright (c) 2006 Damien Miller. All rights reserved. - * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. -@@ -65,9 +65,14 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, - res = (f) (fd, s + pos, n - pos); - switch (res) { - case -1: -- if (errno == EINTR) -+ if (errno == EINTR) { -+ /* possible SIGALARM, update callback */ -+ if (cb != NULL && cb(cb_arg, 0) == -1) { -+ errno = EINTR; -+ return pos; -+ } - continue; -- if (errno == EAGAIN || errno == EWOULDBLOCK) { -+ } else if (errno == EAGAIN || errno == EWOULDBLOCK) { - #ifndef BROKEN_READ_COMPARISON - (void)poll(&pfd, 1, -1); - #endif -@@ -122,9 +127,14 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, - res = (f) (fd, iov, iovcnt); - switch (res) { - case -1: -- if (errno == EINTR) -+ if (errno == EINTR) { -+ /* possible SIGALARM, update callback */ -+ if (cb != NULL && cb(cb_arg, 0) == -1) { -+ errno = EINTR; -+ return pos; -+ } - continue; -- if (errno == EAGAIN || errno == EWOULDBLOCK) { -+ } else if (errno == EAGAIN || errno == EWOULDBLOCK) { - #ifndef BROKEN_READV_COMPARISON - (void)poll(&pfd, 1, -1); - #endif -diff --git a/progressmeter.c b/progressmeter.c -index fe9bf52..add462d 100644 ---- a/progressmeter.c -+++ b/progressmeter.c -@@ -1,4 +1,4 @@ --/* $OpenBSD: progressmeter.c,v 1.45 2016/06/30 05:17:05 dtucker Exp $ */ -+/* $OpenBSD: progressmeter.c,v 1.46 2019/01/23 08:01:46 dtucker Exp $ */ - /* - * Copyright (c) 2003 Nils Nordman. All rights reserved. - * -@@ -31,6 +31,7 @@ - - #include <errno.h> - #include <signal.h> -+#include <stdarg.h> - #include <stdio.h> - #include <string.h> - #include <time.h> -@@ -39,6 +40,7 @@ - #include "progressmeter.h" - #include "atomicio.h" - #include "misc.h" -+#include "utf8.h" - - #define DEFAULT_WINSIZE 80 - #define MAX_WINSIZE 512 -@@ -61,7 +63,7 @@ static void setscreensize(void); - void refresh_progress_meter(void); - - /* signal handler for updating the progress meter */ --static void update_progress_meter(int); -+static void sig_alarm(int); - - static double start; /* start progress */ - static double last_update; /* last progress update */ -@@ -74,6 +76,7 @@ static long stalled; /* how long we have been stalled */ - static int bytes_per_second; /* current speed in bytes per second */ - static int win_size; /* terminal window size */ - static volatile sig_atomic_t win_resized; /* for window resizing */ -+static volatile sig_atomic_t alarm_fired; - - /* units for format_size */ - static const char unit[] = " KMGT"; -@@ -126,9 +129,17 @@ refresh_progress_meter(void) - off_t bytes_left; - int cur_speed; - int hours, minutes, seconds; -- int i, len; - int file_len; - -+ if ((!alarm_fired && !win_resized) || !can_output()) -+ return; -+ alarm_fired = 0; -+ -+ if (win_resized) { -+ setscreensize(); -+ win_resized = 0; -+ } -+ - transferred = *counter - (cur_pos ? cur_pos : start_pos); - cur_pos = *counter; - now = monotime_double(); -@@ -158,16 +169,11 @@ refresh_progress_meter(void) - - /* filename */ - buf[0] = '\0'; -- file_len = win_size - 35; -+ file_len = win_size - 36; - if (file_len > 0) { -- len = snprintf(buf, file_len + 1, "\r%s", file); -- if (len < 0) -- len = 0; -- if (len >= file_len + 1) -- len = file_len; -- for (i = len; i < file_len; i++) -- buf[i] = ' '; -- buf[file_len] = '\0'; -+ buf[0] = '\r'; -+ snmprintf(buf+1, sizeof(buf)-1 , &file_len, "%*s", -+ file_len * -1, file); - } - - /* percent of transfer done */ -@@ -228,22 +234,11 @@ refresh_progress_meter(void) - - /*ARGSUSED*/ - static void --update_progress_meter(int ignore) -+sig_alarm(int ignore) - { -- int save_errno; -- -- save_errno = errno; -- -- if (win_resized) { -- setscreensize(); -- win_resized = 0; -- } -- if (can_output()) -- refresh_progress_meter(); -- -- signal(SIGALRM, update_progress_meter); -+ signal(SIGALRM, sig_alarm); -+ alarm_fired = 1; - alarm(UPDATE_INTERVAL); -- errno = save_errno; - } - - void -@@ -259,10 +254,9 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr) - bytes_per_second = 0; - - setscreensize(); -- if (can_output()) -- refresh_progress_meter(); -+ refresh_progress_meter(); - -- signal(SIGALRM, update_progress_meter); -+ signal(SIGALRM, sig_alarm); - signal(SIGWINCH, sig_winch); - alarm(UPDATE_INTERVAL); - } -@@ -286,6 +280,7 @@ stop_progress_meter(void) - static void - sig_winch(int sig) - { -+ signal(SIGWINCH, sig_winch); - win_resized = 1; - } - -diff --git a/progressmeter.h b/progressmeter.h -index bf179dc..8f66780 100644 ---- a/progressmeter.h -+++ b/progressmeter.h -@@ -1,4 +1,4 @@ --/* $OpenBSD: progressmeter.h,v 1.3 2015/01/14 13:54:13 djm Exp $ */ -+/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */ - /* - * Copyright (c) 2002 Nils Nordman. All rights reserved. - * -@@ -24,4 +24,5 @@ - */ - - void start_progress_meter(const char *, off_t, off_t *); -+void refresh_progress_meter(void); - void stop_progress_meter(void); -diff --git a/scp.c b/scp.c -index 4f3fdcd..4a342a6 100644 ---- a/scp.c -+++ b/scp.c -@@ -585,6 +585,7 @@ scpio(void *_cnt, size_t s) - off_t *cnt = (off_t *)_cnt; - - *cnt += s; -+ refresh_progress_meter(); - if (limit_kbps > 0) - bandwidth_limit(&bwlimit, s); - return 0; -diff --git a/sftp-client.c b/sftp-client.c -index 4986d6d..2bc698f 100644 ---- a/sftp-client.c -+++ b/sftp-client.c -@@ -101,7 +101,9 @@ sftpio(void *_bwlimit, size_t amount) - { - struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; - -- bandwidth_limit(bwlimit, amount); -+ refresh_progress_meter(); -+ if (bwlimit != NULL) -+ bandwidth_limit(bwlimit, amount); - return 0; - } - -@@ -121,8 +123,8 @@ send_msg(struct sftp_conn *conn, struct sshbuf *m) - iov[1].iov_base = (u_char *)sshbuf_ptr(m); - iov[1].iov_len = sshbuf_len(m); - -- if (atomiciov6(writev, conn->fd_out, iov, 2, -- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != -+ if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio, -+ conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) != - sshbuf_len(m) + sizeof(mlen)) - fatal("Couldn't send packet: %s", strerror(errno)); - -@@ -138,8 +140,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) - - if ((r = sshbuf_reserve(m, 4, &p)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); -- if (atomicio6(read, conn->fd_in, p, 4, -- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) != 4) { -+ if (atomicio6(read, conn->fd_in, p, 4, sftpio, -+ conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) { - if (errno == EPIPE || errno == ECONNRESET) - fatal("Connection closed"); - else -@@ -157,8 +159,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) - - if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); -- if (atomicio6(read, conn->fd_in, p, msg_len, -- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) -+ if (atomicio6(read, conn->fd_in, p, msg_len, sftpio, -+ conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) - != msg_len) { - if (errno == EPIPE) - fatal("Connection closed"); --- -2.7.4 - diff --git a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2019-6111.patch b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2019-6111.patch deleted file mode 100644 index e498da381..000000000 --- a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2019-6111.patch +++ /dev/null @@ -1,187 +0,0 @@ -From 15cc3497367d2e9729353b3df75518548e845c82 Mon Sep 17 00:00:00 2001 -From: "djm@openbsd.org" <djm@openbsd.org> -Date: Sat, 26 Jan 2019 22:41:28 +0000 -Subject: [PATCH] upstream: check in scp client that filenames sent during - -remote->local directory copies satisfy the wildcard specified by the user. - -This checking provides some protection against a malicious server -sending unexpected filenames, but it comes at a risk of rejecting wanted -files due to differences between client and server wildcard expansion rules. - -For this reason, this also adds a new -T flag to disable the check. - -reported by Harry Sintonen -fix approach suggested by markus@; -has been in snaps for ~1wk courtesy deraadt@ - -OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda - -CVE: CVE-2019-6111 -Upstream-Status: Backport -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - scp.1 | 12 +++++++++++- - scp.c | 37 +++++++++++++++++++++++++++++-------- - 2 files changed, 40 insertions(+), 9 deletions(-) - -diff --git a/scp.1 b/scp.1 -index 0e5cc1b..397e770 100644 ---- a/scp.1 -+++ b/scp.1 -@@ -18,7 +18,7 @@ - .Nd secure copy (remote file copy program) - .Sh SYNOPSIS - .Nm scp --.Op Fl 346BCpqrv -+.Op Fl 346BCpqrTv - .Op Fl c Ar cipher - .Op Fl F Ar ssh_config - .Op Fl i Ar identity_file -@@ -208,6 +208,16 @@ to use for the encrypted connection. - The program must understand - .Xr ssh 1 - options. -+.It Fl T -+Disable strict filename checking. -+By default when copying files from a remote host to a local directory -+.Nm -+checks that the received filenames match those requested on the command-line -+to prevent the remote end from sending unexpected or unwanted files. -+Because of differences in how various operating systems and shells interpret -+filename wildcards, these checks may cause wanted files to be rejected. -+This option disables these checks at the expense of fully trusting that -+the server will not send unexpected filenames. - .It Fl v - Verbose mode. - Causes -diff --git a/scp.c b/scp.c -index 0587cec..b2d331e 100644 ---- a/scp.c -+++ b/scp.c -@@ -94,6 +94,7 @@ - #include <dirent.h> - #include <errno.h> - #include <fcntl.h> -+#include <fnmatch.h> - #include <limits.h> - #include <locale.h> - #include <pwd.h> -@@ -375,14 +376,14 @@ void verifydir(char *); - struct passwd *pwd; - uid_t userid; - int errs, remin, remout; --int pflag, iamremote, iamrecursive, targetshouldbedirectory; -+int Tflag, pflag, iamremote, iamrecursive, targetshouldbedirectory; - - #define CMDNEEDS 64 - char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ - - int response(void); - void rsource(char *, struct stat *); --void sink(int, char *[]); -+void sink(int, char *[], const char *); - void source(int, char *[]); - void tolocal(int, char *[]); - void toremote(int, char *[]); -@@ -421,8 +422,9 @@ main(int argc, char **argv) - addargs(&args, "-oRemoteCommand=none"); - addargs(&args, "-oRequestTTY=no"); - -- fflag = tflag = 0; -- while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1) -+ fflag = Tflag = tflag = 0; -+ while ((ch = getopt(argc, argv, -+ "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) { - switch (ch) { - /* User-visible flags. */ - case '1': -@@ -501,9 +503,13 @@ main(int argc, char **argv) - setmode(0, O_BINARY); - #endif - break; -+ case 'T': -+ Tflag = 1; -+ break; - default: - usage(); - } -+ } - argc -= optind; - argv += optind; - -@@ -534,7 +540,7 @@ main(int argc, char **argv) - } - if (tflag) { - /* Receive data. */ -- sink(argc, argv); -+ sink(argc, argv, NULL); - exit(errs != 0); - } - if (argc < 2) -@@ -792,7 +798,7 @@ tolocal(int argc, char **argv) - continue; - } - free(bp); -- sink(1, argv + argc - 1); -+ sink(1, argv + argc - 1, src); - (void) close(remin); - remin = remout = -1; - } -@@ -968,7 +974,7 @@ rsource(char *name, struct stat *statp) - (sizeof(type) != 4 && sizeof(type) != 8)) - - void --sink(int argc, char **argv) -+sink(int argc, char **argv, const char *src) - { - static BUF buffer; - struct stat stb; -@@ -984,6 +990,7 @@ sink(int argc, char **argv) - unsigned long long ull; - int setimes, targisdir, wrerrno = 0; - char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; -+ char *src_copy = NULL, *restrict_pattern = NULL; - struct timeval tv[2]; - - #define atime tv[0] -@@ -1008,6 +1015,17 @@ sink(int argc, char **argv) - (void) atomicio(vwrite, remout, "", 1); - if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) - targisdir = 1; -+ if (src != NULL && !iamrecursive && !Tflag) { -+ /* -+ * Prepare to try to restrict incoming filenames to match -+ * the requested destination file glob. -+ */ -+ if ((src_copy = strdup(src)) == NULL) -+ fatal("strdup failed"); -+ if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) { -+ *restrict_pattern++ = '\0'; -+ } -+ } - for (first = 1;; first = 0) { - cp = buf; - if (atomicio(read, remin, cp, 1) != 1) -@@ -1112,6 +1130,9 @@ sink(int argc, char **argv) - run_err("error: unexpected filename: %s", cp); - exit(1); - } -+ if (restrict_pattern != NULL && -+ fnmatch(restrict_pattern, cp, 0) != 0) -+ SCREWUP("filename does not match request"); - if (targisdir) { - static char *namebuf; - static size_t cursize; -@@ -1149,7 +1170,7 @@ sink(int argc, char **argv) - goto bad; - } - vect[0] = xstrdup(np); -- sink(1, vect); -+ sink(1, vect, src); - if (setimes) { - setimes = 0; - if (utimes(vect[0], tv) < 0) --- -2.7.4 - diff --git a/poky/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch b/poky/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch index 7e043a2db..20036da93 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch +++ b/poky/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch @@ -11,14 +11,17 @@ would lead to program abort. Upstream-Status: Submitted [http://bugzilla.mindrot.org/show_bug.cgi?id=2608] Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> + +Complete the fix +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> --- - openbsd-compat/strlcat.c | 8 ++++++-- - openbsd-compat/strlcpy.c | 8 ++++++-- - openbsd-compat/strnlen.c | 8 ++++++-- - 3 files changed, 18 insertions(+), 6 deletions(-) + openbsd-compat/strlcat.c | 10 +++++++--- + openbsd-compat/strlcpy.c | 8 ++++++-- + openbsd-compat/strnlen.c | 8 ++++++-- + 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/openbsd-compat/strlcat.c b/openbsd-compat/strlcat.c -index bcc1b61..e758ebf 100644 +index bcc1b61..124e1e3 100644 --- a/openbsd-compat/strlcat.c +++ b/openbsd-compat/strlcat.c @@ -23,6 +23,7 @@ @@ -29,6 +32,15 @@ index bcc1b61..e758ebf 100644 /* * Appends src to string dst of size siz (unlike strncat, siz is the +@@ -42,7 +43,7 @@ strlcat(char *dst, const char *src, size_t siz) + /* Find the end of dst and adjust bytes left but don't go past end */ + while (n-- != 0 && *d != '\0') + d++; +- dlen = d - dst; ++ dlen = (uintptr_t)d - (uintptr_t)dst; + n = siz - dlen; + + if (n == 0) @@ -55,8 +56,11 @@ strlcat(char *dst, const char *src, size_t siz) s++; } @@ -70,7 +82,7 @@ index b4b1b60..b06f374 100644 #endif /* !HAVE_STRLCPY */ diff --git a/openbsd-compat/strnlen.c b/openbsd-compat/strnlen.c -index 93d5155..9b8de5d 100644 +index 7ad3573..7040f1f 100644 --- a/openbsd-compat/strnlen.c +++ b/openbsd-compat/strnlen.c @@ -23,6 +23,7 @@ @@ -95,5 +107,5 @@ index 93d5155..9b8de5d 100644 } #endif -- -1.9.1 +2.17.1 diff --git a/poky/meta/recipes-connectivity/openssh/openssh_7.9p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_8.0p1.bb index 3b4ed7223..0a5c2ffae 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh_7.9p1.bb +++ b/poky/meta/recipes-connectivity/openssh/openssh_8.0p1.bb @@ -24,13 +24,9 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ - file://CVE-2018-20685.patch \ - file://CVE-2019-6109.patch \ - file://0001-upstream-Have-progressmeter-force-an-update-at-the-b.patch \ - file://CVE-2019-6111.patch \ " -SRC_URI[md5sum] = "c6af50b7a474d04726a5aa747a5dce8f" -SRC_URI[sha256sum] = "6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad" +SRC_URI[md5sum] = "bf050f002fe510e1daecd39044e1122d" +SRC_URI[sha256sum] = "bd943879e69498e8031eb6b7f44d08cdc37d59a7ab689aa0b437320c3481fd68" PAM_SRC_URI = "file://sshd" @@ -149,7 +145,8 @@ FILES_${PN}-keygen = "${bindir}/ssh-keygen" RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" RDEPENDS_${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" RRECOMMENDS_${PN}-sshd_append_class-target = " rng-tools" -RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed" +# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies +RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils" RPROVIDES_${PN}-ssh = "ssh" RPROVIDES_${PN}-sshd = "sshd" diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch deleted file mode 100644 index 900ef97fc..000000000 --- a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch +++ /dev/null @@ -1,69 +0,0 @@ -Upstream-Status: Backport [https://github.com/openssl/openssl/commit/f426625b6ae9a7831010750490a5f0ad689c5ba3] -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From f426625b6ae9a7831010750490a5f0ad689c5ba3 Mon Sep 17 00:00:00 2001 -From: Matt Caswell <matt@openssl.org> -Date: Tue, 5 Mar 2019 14:39:15 +0000 -Subject: [PATCH] Prevent over long nonces in ChaCha20-Poly1305 - -ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for -every encryption operation. RFC 7539 specifies that the nonce value (IV) -should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and -front pads the nonce with 0 bytes if it is less than 12 bytes. However it -also incorrectly allows a nonce to be set of up to 16 bytes. In this case -only the last 12 bytes are significant and any additional leading bytes are -ignored. - -It is a requirement of using this cipher that nonce values are unique. -Messages encrypted using a reused nonce value are susceptible to serious -confidentiality and integrity attacks. If an application changes the -default nonce length to be longer than 12 bytes and then makes a change to -the leading bytes of the nonce expecting the new value to be a new unique -nonce then such an application could inadvertently encrypt messages with a -reused nonce. - -Additionally the ignored bytes in a long nonce are not covered by the -integrity guarantee of this cipher. Any application that relies on the -integrity of these ignored leading bytes of a long nonce may be further -affected. - -Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe -because no such use sets such a long nonce value. However user -applications that use this cipher directly and set a non-default nonce -length to be longer than 12 bytes may be vulnerable. - -CVE: CVE-2019-1543 - -Fixes #8345 - -Reviewed-by: Paul Dale <paul.dale@oracle.com> -Reviewed-by: Richard Levitte <levitte@openssl.org> -(Merged from https://github.com/openssl/openssl/pull/8406) - -(cherry picked from commit 2a3d0ee9d59156c48973592331404471aca886d6) ---- - crypto/evp/e_chacha20_poly1305.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c -index c1917bb86a6..d3e2c622a1b 100644 ---- a/crypto/evp/e_chacha20_poly1305.c -+++ b/crypto/evp/e_chacha20_poly1305.c -@@ -30,6 +30,8 @@ typedef struct { - - #define data(ctx) ((EVP_CHACHA_KEY *)(ctx)->cipher_data) - -+#define CHACHA20_POLY1305_MAX_IVLEN 12 -+ - static int chacha_init_key(EVP_CIPHER_CTX *ctx, - const unsigned char user_key[CHACHA_KEY_SIZE], - const unsigned char iv[CHACHA_CTR_SIZE], int enc) -@@ -533,7 +535,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: -- if (arg <= 0 || arg > CHACHA_CTR_SIZE) -+ if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN) - return 0; - actx->nonce_len = arg; - return 1; diff --git a/poky/meta/recipes-connectivity/openssl/openssl/afalg.patch b/poky/meta/recipes-connectivity/openssl/openssl/afalg.patch index 7c4b084f3..b7c0e9697 100644 --- a/poky/meta/recipes-connectivity/openssl/openssl/afalg.patch +++ b/poky/meta/recipes-connectivity/openssl/openssl/afalg.patch @@ -18,14 +18,14 @@ index 3baa8ce..9ef52ed 100755 - ($mi2) = $mi2 =~ /(\d+)/; - my $ver = $ma*10000 + $mi1*100 + $mi2; - if ($ver < $minver) { -- $disabled{afalgeng} = "too-old-kernel"; +- disable('too-old-kernel', 'afalgeng'); - } else { - push @{$config{engdirs}}, "afalg"; - } - } else { -- $disabled{afalgeng} = "cross-compiling"; +- disable('cross-compiling', 'afalgeng'); - } + push @{$config{engdirs}}, "afalg"; } else { - $disabled{afalgeng} = "not-linux"; + disable('not-linux', 'afalgeng'); } diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1b.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb index 8bb3a309a..534be5754 100644 --- a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1b.bb +++ b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb @@ -16,15 +16,14 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-skip-test_symbol_presence.patch \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://afalg.patch \ - file://CVE-2019-1543.patch \ " SRC_URI_append_class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[md5sum] = "4532712e7bcc9414f5bce995e4e13930" -SRC_URI[sha256sum] = "5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b" +SRC_URI[md5sum] = "15e21da6efe8aa0e0768ffd8cd37a5f6" +SRC_URI[sha256sum] = "f6fb3079ad15076154eda9413fed42877d668e7069d9b87396d0804fdb3f4c90" inherit lib_package multilib_header ptest @@ -167,8 +166,8 @@ do_install_ptest () { cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} # For test_shlibload - ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/libcrypto.so - ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/libssl.so + ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/ + ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/ install -d ${D}${PTEST_PATH}/apps ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps diff --git a/poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch b/poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch deleted file mode 100644 index 4bbd36766..000000000 --- a/poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch +++ /dev/null @@ -1,32 +0,0 @@ -From e6a7d96fa3675bdd3f4d7a3d7682381789eef22f Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 15 Feb 2016 20:25:34 +0000 -Subject: [PATCH] define NETDB_INTERNAL to -1 if not available - -helps build with musl - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending - - compat.h | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/compat.h b/compat.h -index c8bee4d..bfb013a 100644 ---- a/compat.h -+++ b/compat.h -@@ -666,6 +666,10 @@ typedef int sig_atomic_t; - # define NETDB_INTERNAL h_NETDB_INTERNAL - #endif - -+#if !defined(NETDB_INTERNAL) -+# define NETDB_INTERNAL (-1) -+#endif -+ - #ifndef INET_ADDRSTRLEN - # define INET_ADDRSTRLEN sizeof(struct sockaddr_in) - #endif --- -2.7.1 - diff --git a/poky/meta/recipes-connectivity/socat/socat_1.7.3.3.bb b/poky/meta/recipes-connectivity/socat/socat_1.7.3.3.bb index 7a889a380..067f7c644 100644 --- a/poky/meta/recipes-connectivity/socat/socat_1.7.3.3.bb +++ b/poky/meta/recipes-connectivity/socat/socat_1.7.3.3.bb @@ -12,7 +12,6 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://README;beginline=257;endline=287;md5=338c05eadd013872abb1d6e198e10a3f" SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \ - file://0001-define-NETDB_INTERNAL-to-1-if-not-available.patch \ " SRC_URI[md5sum] = "b2a032a47b8b89a18485697fa975154f" |